321 files changed, 9222 insertions, 6540 deletions

diff --git a/src/Makefile.am b/src/Makefile.am
index 7d11893d1..93da4893f 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -73,7 +73,7 @@ if USE_UPDOWN
 endif
 
 if USE_TOOLS
-  SUBDIRS += openac scepclient pki
+  SUBDIRS += scepclient pki
 endif
 
 if USE_CONFTEST
diff --git a/src/Makefile.in b/src/Makefile.in
index 1c2a427f7..d1950d13d 100644
--- a/src/Makefile.in
+++ b/src/Makefile.in
@@ -95,7 +95,7 @@ host_triplet = @host@
 @USE_NM_TRUE@am__append_16 = charon-nm
 @USE_STROKE_TRUE@am__append_17 = stroke
 @USE_UPDOWN_TRUE@am__append_18 = _updown _updown_espmark
-@USE_TOOLS_TRUE@am__append_19 = openac scepclient pki
+@USE_TOOLS_TRUE@am__append_19 = scepclient pki
 @USE_CONFTEST_TRUE@am__append_20 = conftest
 @USE_DUMM_TRUE@am__append_21 = dumm
 @USE_FAST_TRUE@am__append_22 = libfast
@@ -183,9 +183,9 @@ CTAGS = ctags
 DIST_SUBDIRS = . include libstrongswan libhydra libipsec libsimaka \
 	libtls libradius libtncif libtnccs libpttls libimcv libpts \
 	libcharon starter ipsec _copyright charon charon-nm stroke \
-	_updown _updown_espmark openac scepclient pki conftest dumm \
-	libfast manager medsrv pool charon-tkm charon-cmd \
-	pt-tls-client checksum
+	_updown _updown_espmark scepclient pki conftest dumm libfast \
+	manager medsrv pool charon-tkm charon-cmd pt-tls-client \
+	checksum
 DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
 am__relativize = \
   dir0=`pwd`; \
@@ -381,7 +381,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/_copyright/Makefile.in b/src/_copyright/Makefile.in
index 0783f9e7b..4377ca0ac 100644
--- a/src/_copyright/Makefile.in
+++ b/src/_copyright/Makefile.in
@@ -339,7 +339,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/_updown/Makefile.in b/src/_updown/Makefile.in
index e77049543..b015e3d96 100644
--- a/src/_updown/Makefile.in
+++ b/src/_updown/Makefile.in
@@ -320,7 +320,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/_updown_espmark/Makefile.in b/src/_updown_espmark/Makefile.in
index 918bd6a89..ee814a4eb 100644
--- a/src/_updown_espmark/Makefile.in
+++ b/src/_updown_espmark/Makefile.in
@@ -320,7 +320,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/charon-cmd/Makefile.in b/src/charon-cmd/Makefile.in
index 62d6cd725..0e5c00a14 100644
--- a/src/charon-cmd/Makefile.in
+++ b/src/charon-cmd/Makefile.in
@@ -376,7 +376,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/charon-nm/Makefile.in b/src/charon-nm/Makefile.in
index 955d15313..edc3d7743 100644
--- a/src/charon-nm/Makefile.in
+++ b/src/charon-nm/Makefile.in
@@ -347,7 +347,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/charon-nm/nm/nm_service.c b/src/charon-nm/nm/nm_service.c
index f0daff61e..67366a067 100644
--- a/src/charon-nm/nm/nm_service.c
+++ b/src/charon-nm/nm/nm_service.c
@@ -329,7 +329,6 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
 	{
 		g_set_error(err, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_LAUNCH_FAILED,
 					"Failed to create dummy TUN device.");
-		gateway->destroy(gateway);
 		return FALSE;
 	}
 	address = nm_setting_vpn_get_data_item(vpn, "address");
@@ -660,6 +659,10 @@ static gboolean need_secrets(NMVPNPlugin *plugin, NMConnection *connection,
 					key->destroy(key);
 					return FALSE;
 				}
+				else if (nm_setting_vpn_get_secret(settings, "password"))
+				{
+					return FALSE;
+				}
 			}
 		}
 		else if (streq(method, "smartcard"))
diff --git a/src/charon-tkm/Makefile.in b/src/charon-tkm/Makefile.in
index 15e654d00..8005d076b 100644
--- a/src/charon-tkm/Makefile.in
+++ b/src/charon-tkm/Makefile.in
@@ -286,7 +286,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/charon/Makefile.in b/src/charon/Makefile.in
index f3b7cfd56..f808ce0d7 100644
--- a/src/charon/Makefile.in
+++ b/src/charon/Makefile.in
@@ -343,7 +343,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/checksum/Makefile.am b/src/checksum/Makefile.am
index d172b1545..82bbadcf1 100644
--- a/src/checksum/Makefile.am
+++ b/src/checksum/Makefile.am
@@ -100,7 +100,6 @@ if USE_CMD
 endif
 
 if USE_TOOLS
-  exes += $(DESTDIR)$(ipsecdir)/openac
   exes += $(DESTDIR)$(ipsecdir)/scepclient
   exes += $(DESTDIR)$(bindir)/pki
 endif
diff --git a/src/checksum/Makefile.in b/src/checksum/Makefile.in
index cdfbf1016..d798d315e 100644
--- a/src/checksum/Makefile.in
+++ b/src/checksum/Makefile.in
@@ -105,8 +105,7 @@ EXTRA_PROGRAMS = checksum_builder$(EXEEXT)
 @USE_CHARON_TRUE@am__append_24 = $(DESTDIR)$(ipsecdir)/charon
 @MONOLITHIC_FALSE@@USE_CHARON_TRUE@am__append_25 = -DC_PLUGINS=\""${c_plugins}\""
 @USE_CMD_TRUE@am__append_26 = $(DESTDIR)$(sbindir)/charon-cmd
-@USE_TOOLS_TRUE@am__append_27 = $(DESTDIR)$(ipsecdir)/openac \
-@USE_TOOLS_TRUE@	$(DESTDIR)$(ipsecdir)/scepclient \
+@USE_TOOLS_TRUE@am__append_27 = $(DESTDIR)$(ipsecdir)/scepclient \
 @USE_TOOLS_TRUE@	$(DESTDIR)$(bindir)/pki
 @USE_ATTR_SQL_TRUE@am__append_28 = $(DESTDIR)$(ipsecdir)/pool
 @USE_IMV_ATTESTATION_TRUE@am__append_29 = $(DESTDIR)$(ipsecdir)/attest
@@ -412,7 +411,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/conftest/Makefile.in b/src/conftest/Makefile.in
index ee6bf57f5..453e8f827 100644
--- a/src/conftest/Makefile.in
+++ b/src/conftest/Makefile.in
@@ -357,7 +357,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/dumm/Makefile.in b/src/dumm/Makefile.in
index f1628ef69..2f7b2ea9c 100644
--- a/src/dumm/Makefile.in
+++ b/src/dumm/Makefile.in
@@ -378,7 +378,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/include/Makefile.in b/src/include/Makefile.in
index 1987dbde5..f5277e314 100644
--- a/src/include/Makefile.in
+++ b/src/include/Makefile.in
@@ -286,7 +286,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/ipsec/Makefile.in b/src/ipsec/Makefile.in
index 69b736a7a..545123bfd 100644
--- a/src/ipsec/Makefile.in
+++ b/src/ipsec/Makefile.in
@@ -320,7 +320,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/ipsec/_ipsec.8 b/src/ipsec/_ipsec.8
index b7d820e21..17010608f 100644
--- a/src/ipsec/_ipsec.8
+++ b/src/ipsec/_ipsec.8
@@ -1,4 +1,4 @@
-.TH IPSEC 8 "2013-10-29" "5.1.2rc2" "strongSwan"
+.TH IPSEC 8 "2013-10-29" "5.2.0dr1" "strongSwan"
 .
 .SH NAME
 .
diff --git a/src/ipsec/_ipsec.in b/src/ipsec/_ipsec.in
index 3c1f99825..61632188a 100644
--- a/src/ipsec/_ipsec.in
+++ b/src/ipsec/_ipsec.in
@@ -70,7 +70,6 @@ case "$1" in
 	echo "	rereadcacerts|rereadaacerts|rereadocspcerts"
 	echo "	rereadacerts|rereadcrls|rereadall"
 	echo "	purgeocsp|purgecrls|purgecerts|purgeike"
-	echo "	openac"
 	echo "	scepclient"
 	echo "	secrets"
 	echo "	starter"
diff --git a/src/libcharon/Makefile.in b/src/libcharon/Makefile.in
index 5f8453616..b300df3b2 100644
--- a/src/libcharon/Makefile.in
+++ b/src/libcharon/Makefile.in
@@ -870,7 +870,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/config/ike_cfg.c b/src/libcharon/config/ike_cfg.c
index c74daa0cc..e08bb3f67 100644
--- a/src/libcharon/config/ike_cfg.c
+++ b/src/libcharon/config/ike_cfg.c
@@ -385,7 +385,7 @@ METHOD(ike_cfg_t, equals, bool,
 		return FALSE;
 	}
 	e1 = this->proposals->create_enumerator(this->proposals);
-	e2 = this->proposals->create_enumerator(this->proposals);
+	e2 = other->proposals->create_enumerator(other->proposals);
 	while (e1->enumerate(e1, &p1) && e2->enumerate(e2, &p2))
 	{
 		if (!p1->equals(p1, p2))
diff --git a/src/libcharon/config/proposal.c b/src/libcharon/config/proposal.c
index 891d1be84..2ecdb4f2e 100644
--- a/src/libcharon/config/proposal.c
+++ b/src/libcharon/config/proposal.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2008-2012 Tobias Brunner
+ * Copyright (C) 2008-2014 Tobias Brunner
  * Copyright (C) 2006-2010 Martin Willi
  * Hochschule fuer Technik Rapperswil
  *
@@ -193,7 +193,7 @@ static bool select_algo(private_proposal_t *this, proposal_t *other,
 {
 	enumerator_t *e1, *e2;
 	u_int16_t alg1, alg2, ks1, ks2;
-	bool found = FALSE;
+	bool found = FALSE, optional = FALSE;
 
 	if (type == INTEGRITY_ALGORITHM &&
 		selected->get_algorithm(selected, ENCRYPTION_ALGORITHM, &alg1, NULL) &&
@@ -202,12 +202,27 @@ static bool select_algo(private_proposal_t *this, proposal_t *other,
 		/* no integrity algorithm required, we have an AEAD */
 		return TRUE;
 	}
+	if (type == DIFFIE_HELLMAN_GROUP)
+	{
+		optional = this->protocol == PROTO_ESP || this->protocol == PROTO_AH;
+	}
 
 	e1 = create_enumerator(this, type);
 	e2 = other->create_enumerator(other, type);
-	if (!e1->enumerate(e1, NULL, NULL) && !e2->enumerate(e2, NULL, NULL))
+	if (!e1->enumerate(e1, NULL, NULL))
 	{
-		found = TRUE;
+		if (!e2->enumerate(e2, &alg2, NULL))
+		{
+			found = TRUE;
+		}
+		else if (optional)
+		{
+			do
+			{	/* if the other peer proposes NONE, we accept the proposal */
+				found = !alg2;
+			}
+			while (!found && e2->enumerate(e2, &alg2, NULL));
+		}
 	}
 
 	e1->destroy(e1);
diff --git a/src/libcharon/encoding/payloads/cert_payload.c b/src/libcharon/encoding/payloads/cert_payload.c
index a32f5705d..05d41051b 100644
--- a/src/libcharon/encoding/payloads/cert_payload.c
+++ b/src/libcharon/encoding/payloads/cert_payload.c
@@ -224,6 +224,9 @@ METHOD(cert_payload_t, get_cert, certificate_t*,
 		case ENC_X509_SIGNATURE:
 			type = CERT_X509;
 			break;
+		case ENC_X509_ATTRIBUTE:
+			type = CERT_X509_AC;
+			break;
 		case ENC_CRL:
 			type = CERT_X509_CRL;
 			break;
@@ -333,6 +336,9 @@ cert_payload_t *cert_payload_create_from_cert(payload_type_t type,
 		case CERT_X509:
 			this->encoding = ENC_X509_SIGNATURE;
 			break;
+		case CERT_X509_AC:
+			this->encoding = ENC_X509_ATTRIBUTE;
+			break;
 		default:
 			DBG1(DBG_ENC, "embedding %N certificate in payload failed",
 				 certificate_type_names, cert->get_type(cert));
@@ -380,4 +386,3 @@ cert_payload_t *cert_payload_create_custom(payload_type_t type,
 
 	return &this->public;
 }
-
diff --git a/src/libcharon/encoding/payloads/proposal_substructure.c b/src/libcharon/encoding/payloads/proposal_substructure.c
index cb9b359b3..3e35b75c6 100644
--- a/src/libcharon/encoding/payloads/proposal_substructure.c
+++ b/src/libcharon/encoding/payloads/proposal_substructure.c
@@ -361,12 +361,20 @@ METHOD(payload_t, verify, status_t,
 			}
 			break;
 		case PROTO_IKE:
-			if (this->spi.len != 0 && this->spi.len  != 8)
+			if (this->type == PROPOSAL_SUBSTRUCTURE_V1)
 			{
-				DBG1(DBG_ENC, "invalid SPI length in IKE proposal");
-				return FAILED;
+				if (this->spi.len <= 16)
+				{	/* according to RFC 2409, section 3.5 anything between
+					 * 0 and 16 is fine */
+					break;
+				}
 			}
-			break;
+			else if (this->spi.len == 0 || this->spi.len  == 8)
+			{
+				break;
+			}
+			DBG1(DBG_ENC, "invalid SPI length in IKE proposal");
+			return FAILED;
 		default:
 			break;
 	}
diff --git a/src/libcharon/plugins/addrblock/Makefile.in b/src/libcharon/plugins/addrblock/Makefile.in
index bc32b5ade..0aa635a43 100644
--- a/src/libcharon/plugins/addrblock/Makefile.in
+++ b/src/libcharon/plugins/addrblock/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/android_dns/Makefile.in b/src/libcharon/plugins/android_dns/Makefile.in
index 6278a6234..f44734cc6 100644
--- a/src/libcharon/plugins/android_dns/Makefile.in
+++ b/src/libcharon/plugins/android_dns/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/android_log/Makefile.in b/src/libcharon/plugins/android_log/Makefile.in
index ae64a8758..361b36187 100644
--- a/src/libcharon/plugins/android_log/Makefile.in
+++ b/src/libcharon/plugins/android_log/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/certexpire/Makefile.in b/src/libcharon/plugins/certexpire/Makefile.in
index f812770f3..e218c8a4f 100644
--- a/src/libcharon/plugins/certexpire/Makefile.in
+++ b/src/libcharon/plugins/certexpire/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/coupling/Makefile.in b/src/libcharon/plugins/coupling/Makefile.in
index d8eb802b7..bb951264f 100644
--- a/src/libcharon/plugins/coupling/Makefile.in
+++ b/src/libcharon/plugins/coupling/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/dhcp/Makefile.in b/src/libcharon/plugins/dhcp/Makefile.in
index 395cd76ea..81f2b7868 100644
--- a/src/libcharon/plugins/dhcp/Makefile.in
+++ b/src/libcharon/plugins/dhcp/Makefile.in
@@ -371,7 +371,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/dhcp/dhcp_provider.c b/src/libcharon/plugins/dhcp/dhcp_provider.c
index e092771f4..f5325b566 100644
--- a/src/libcharon/plugins/dhcp/dhcp_provider.c
+++ b/src/libcharon/plugins/dhcp/dhcp_provider.c
@@ -47,22 +47,6 @@ struct private_dhcp_provider_t {
 };
 
 /**
- * Hashtable hash function
- */
-static u_int hash(void *key)
-{
-	return (uintptr_t)key;
-}
-
-/**
- * Hashtable equals function
- */
-static bool equals(void *a, void *b)
-{
-	return a == b;
-}
-
-/**
  * Hash ID and host to a key
  */
 static uintptr_t hash_id_host(identification_t *id, host_t *host)
@@ -226,7 +210,8 @@ dhcp_provider_t *dhcp_provider_create(dhcp_socket_t *socket)
 		},
 		.socket = socket,
 		.mutex = mutex_create(MUTEX_TYPE_DEFAULT),
-		.transactions = hashtable_create(hash, equals, 8),
+		.transactions = hashtable_create(hashtable_hash_ptr,
+										 hashtable_equals_ptr, 8),
 	);
 
 	return &this->public;
diff --git a/src/libcharon/plugins/dnscert/Makefile.in b/src/libcharon/plugins/dnscert/Makefile.in
index 4be453ea8..d9eeddf70 100644
--- a/src/libcharon/plugins/dnscert/Makefile.in
+++ b/src/libcharon/plugins/dnscert/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/duplicheck/Makefile.in b/src/libcharon/plugins/duplicheck/Makefile.in
index e9da68ee8..0b12cf320 100644
--- a/src/libcharon/plugins/duplicheck/Makefile.in
+++ b/src/libcharon/plugins/duplicheck/Makefile.in
@@ -380,7 +380,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/eap_aka/Makefile.in b/src/libcharon/plugins/eap_aka/Makefile.in
index 67cf66720..9e771ae46 100644
--- a/src/libcharon/plugins/eap_aka/Makefile.in
+++ b/src/libcharon/plugins/eap_aka/Makefile.in
@@ -374,7 +374,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/eap_aka_3gpp2/Makefile.in b/src/libcharon/plugins/eap_aka_3gpp2/Makefile.in
index 7d6ae956c..91c4bb10b 100644
--- a/src/libcharon/plugins/eap_aka_3gpp2/Makefile.in
+++ b/src/libcharon/plugins/eap_aka_3gpp2/Makefile.in
@@ -375,7 +375,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/eap_dynamic/Makefile.in b/src/libcharon/plugins/eap_dynamic/Makefile.in
index 6ff0acb32..16d0b4203 100644
--- a/src/libcharon/plugins/eap_dynamic/Makefile.in
+++ b/src/libcharon/plugins/eap_dynamic/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/eap_gtc/Makefile.in b/src/libcharon/plugins/eap_gtc/Makefile.in
index 99ae94e37..1c8d51b94 100644
--- a/src/libcharon/plugins/eap_gtc/Makefile.in
+++ b/src/libcharon/plugins/eap_gtc/Makefile.in
@@ -372,7 +372,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/eap_identity/Makefile.in b/src/libcharon/plugins/eap_identity/Makefile.in
index 688879a82..4c536b2a0 100644
--- a/src/libcharon/plugins/eap_identity/Makefile.in
+++ b/src/libcharon/plugins/eap_identity/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/eap_md5/Makefile.in b/src/libcharon/plugins/eap_md5/Makefile.in
index 150b131f0..d9938dd00 100644
--- a/src/libcharon/plugins/eap_md5/Makefile.in
+++ b/src/libcharon/plugins/eap_md5/Makefile.in
@@ -372,7 +372,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/eap_mschapv2/Makefile.in b/src/libcharon/plugins/eap_mschapv2/Makefile.in
index d52f26a9a..7caac9c76 100644
--- a/src/libcharon/plugins/eap_mschapv2/Makefile.in
+++ b/src/libcharon/plugins/eap_mschapv2/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c b/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
index 49e3dd142..511506869 100644
--- a/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
+++ b/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
@@ -792,12 +792,14 @@ static status_t process_peer_success(private_eap_mschapv2_t *this,
 					 "invalid auth string");
 				goto error;
 			}
+			chunk_free(&auth_string);
 			hex = chunk_create(token, AUTH_RESPONSE_LEN - 2);
 			auth_string = chunk_from_hex(hex, NULL);
 		}
 		else if (strpfx(token, "M="))
 		{
 			token += 2;
+			free(msg);
 			msg = strdup(token);
 		}
 	}
@@ -883,6 +885,7 @@ static status_t process_peer_failure(private_eap_mschapv2_t *this,
 					 "invalid challenge");
 				goto error;
 			}
+			chunk_free(&challenge);
 			hex = chunk_create(token, 2 * CHALLENGE_LEN);
 			challenge = chunk_from_hex(hex, NULL);
 		}
@@ -893,6 +896,7 @@ static status_t process_peer_failure(private_eap_mschapv2_t *this,
 		else if (strpfx(token, "M="))
 		{
 			token += 2;
+			free(msg);
 			msg = strdup(token);
 		}
 	}
diff --git a/src/libcharon/plugins/eap_peap/Makefile.in b/src/libcharon/plugins/eap_peap/Makefile.in
index 7ac4a6edf..29d8c8bb0 100644
--- a/src/libcharon/plugins/eap_peap/Makefile.in
+++ b/src/libcharon/plugins/eap_peap/Makefile.in
@@ -374,7 +374,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/eap_radius/Makefile.in b/src/libcharon/plugins/eap_radius/Makefile.in
index 3e2bf046d..fbce3127f 100644
--- a/src/libcharon/plugins/eap_radius/Makefile.in
+++ b/src/libcharon/plugins/eap_radius/Makefile.in
@@ -375,7 +375,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/eap_radius/eap_radius_accounting.c b/src/libcharon/plugins/eap_radius/eap_radius_accounting.c
index 8c780e78d..5fb1bbb75 100644
--- a/src/libcharon/plugins/eap_radius/eap_radius_accounting.c
+++ b/src/libcharon/plugins/eap_radius/eap_radius_accounting.c
@@ -410,7 +410,12 @@ static job_requeue_t send_interim(interim_data_t *data)
 	{
 		if (!send_message(this, message))
 		{
-			eap_radius_handle_timeout(data->id);
+			if (lib->settings->get_bool(lib->settings,
+							"%s.plugins.eap-radius.accounting_close_on_timeout",
+							TRUE, lib->ns))
+			{
+				eap_radius_handle_timeout(data->id);
+			}
 		}
 		message->destroy(message);
 	}
diff --git a/src/libcharon/plugins/eap_radius/eap_radius_forward.c b/src/libcharon/plugins/eap_radius/eap_radius_forward.c
index b873e1d69..54d52a98c 100644
--- a/src/libcharon/plugins/eap_radius/eap_radius_forward.c
+++ b/src/libcharon/plugins/eap_radius/eap_radius_forward.c
@@ -74,22 +74,6 @@ typedef struct {
 static private_eap_radius_forward_t *singleton = NULL;
 
 /**
- * Hashtable hash function
- */
-static u_int hash(uintptr_t key)
-{
-	return key;
-}
-
-/**
- * Hashtable equals function
- */
-static bool equals(uintptr_t a, uintptr_t b)
-{
-	return a == b;
-}
-
-/**
  * Free a queue entry
  */
 static void free_attribute(chunk_t *chunk)
@@ -442,10 +426,8 @@ eap_radius_forward_t *eap_radius_forward_create()
 		.to_attr = parse_selector(lib->settings->get_str(lib->settings,
 							"%s.plugins.eap-radius.forward.radius_to_ike", "",
 							lib->ns)),
-		.from = hashtable_create((hashtable_hash_t)hash,
-						(hashtable_equals_t)equals, 8),
-		.to = hashtable_create((hashtable_hash_t)hash,
-						(hashtable_equals_t)equals, 8),
+		.from = hashtable_create(hashtable_hash_ptr, hashtable_equals_ptr, 8),
+		.to = hashtable_create(hashtable_hash_ptr, hashtable_equals_ptr, 8),
 		.mutex = mutex_create(MUTEX_TYPE_DEFAULT),
 	);
 
diff --git a/src/libcharon/plugins/eap_sim/Makefile.in b/src/libcharon/plugins/eap_sim/Makefile.in
index 3707f64f3..10b881f59 100644
--- a/src/libcharon/plugins/eap_sim/Makefile.in
+++ b/src/libcharon/plugins/eap_sim/Makefile.in
@@ -374,7 +374,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/eap_sim_file/Makefile.in b/src/libcharon/plugins/eap_sim_file/Makefile.in
index 05bbc3129..e4552d196 100644
--- a/src/libcharon/plugins/eap_sim_file/Makefile.in
+++ b/src/libcharon/plugins/eap_sim_file/Makefile.in
@@ -375,7 +375,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/eap_sim_pcsc/Makefile.in b/src/libcharon/plugins/eap_sim_pcsc/Makefile.in
index a22a5c355..628f5372a 100644
--- a/src/libcharon/plugins/eap_sim_pcsc/Makefile.in
+++ b/src/libcharon/plugins/eap_sim_pcsc/Makefile.in
@@ -376,7 +376,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/eap_simaka_pseudonym/Makefile.in b/src/libcharon/plugins/eap_simaka_pseudonym/Makefile.in
index 189baacbc..4a8127fc1 100644
--- a/src/libcharon/plugins/eap_simaka_pseudonym/Makefile.in
+++ b/src/libcharon/plugins/eap_simaka_pseudonym/Makefile.in
@@ -376,7 +376,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/eap_simaka_reauth/Makefile.in b/src/libcharon/plugins/eap_simaka_reauth/Makefile.in
index 33443a1d2..8ac480d48 100644
--- a/src/libcharon/plugins/eap_simaka_reauth/Makefile.in
+++ b/src/libcharon/plugins/eap_simaka_reauth/Makefile.in
@@ -375,7 +375,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/eap_simaka_sql/Makefile.in b/src/libcharon/plugins/eap_simaka_sql/Makefile.in
index 02cf1532c..79b45a9c1 100644
--- a/src/libcharon/plugins/eap_simaka_sql/Makefile.in
+++ b/src/libcharon/plugins/eap_simaka_sql/Makefile.in
@@ -374,7 +374,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/eap_tls/Makefile.in b/src/libcharon/plugins/eap_tls/Makefile.in
index ec189f895..c2b8b4feb 100644
--- a/src/libcharon/plugins/eap_tls/Makefile.in
+++ b/src/libcharon/plugins/eap_tls/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/eap_tnc/Makefile.in b/src/libcharon/plugins/eap_tnc/Makefile.in
index 6d4ff8756..1f2ace21d 100644
--- a/src/libcharon/plugins/eap_tnc/Makefile.in
+++ b/src/libcharon/plugins/eap_tnc/Makefile.in
@@ -374,7 +374,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/eap_ttls/Makefile.in b/src/libcharon/plugins/eap_ttls/Makefile.in
index a22b1e220..b6937877d 100644
--- a/src/libcharon/plugins/eap_ttls/Makefile.in
+++ b/src/libcharon/plugins/eap_ttls/Makefile.in
@@ -375,7 +375,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/error_notify/Makefile.in b/src/libcharon/plugins/error_notify/Makefile.in
index d8a135cc1..8dd787569 100644
--- a/src/libcharon/plugins/error_notify/Makefile.in
+++ b/src/libcharon/plugins/error_notify/Makefile.in
@@ -381,7 +381,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/farp/Makefile.in b/src/libcharon/plugins/farp/Makefile.in
index 60c55f01e..13f0e5260 100644
--- a/src/libcharon/plugins/farp/Makefile.in
+++ b/src/libcharon/plugins/farp/Makefile.in
@@ -371,7 +371,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/ha/Makefile.in b/src/libcharon/plugins/ha/Makefile.in
index 2f3263064..d7a77ee17 100644
--- a/src/libcharon/plugins/ha/Makefile.in
+++ b/src/libcharon/plugins/ha/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/ha/ha_cache.c b/src/libcharon/plugins/ha/ha_cache.c
index ce1afe6f9..60e75fc7e 100644
--- a/src/libcharon/plugins/ha/ha_cache.c
+++ b/src/libcharon/plugins/ha/ha_cache.c
@@ -59,22 +59,6 @@ struct private_ha_cache_t {
 };
 
 /**
- * Hashtable hash function
- */
-static u_int hash(void *key)
-{
-	return (uintptr_t)key;
-}
-
-/**
- * Hashtable equals function
- */
-static bool equals(void *a, void *b)
-{
-	return a == b;
-}
-
-/**
  * Cache entry for an IKE_SA
  */
 typedef struct {
@@ -380,7 +364,7 @@ ha_cache_t *ha_cache_create(ha_kernel_t *kernel, ha_socket_t *socket,
 		.count = count,
 		.kernel = kernel,
 		.socket = socket,
-		.cache = hashtable_create(hash, equals, 8),
+		.cache = hashtable_create(hashtable_hash_ptr, hashtable_equals_ptr, 8),
 		.mutex = mutex_create(MUTEX_TYPE_DEFAULT),
 	);
 
diff --git a/src/libcharon/plugins/ipseckey/Makefile.in b/src/libcharon/plugins/ipseckey/Makefile.in
index 2ee5a49f1..1f62f4026 100644
--- a/src/libcharon/plugins/ipseckey/Makefile.in
+++ b/src/libcharon/plugins/ipseckey/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/kernel_libipsec/Makefile.in b/src/libcharon/plugins/kernel_libipsec/Makefile.in
index 1726c689c..3bc289d22 100644
--- a/src/libcharon/plugins/kernel_libipsec/Makefile.in
+++ b/src/libcharon/plugins/kernel_libipsec/Makefile.in
@@ -375,7 +375,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/led/Makefile.in b/src/libcharon/plugins/led/Makefile.in
index 48163aff2..f7179cfe8 100644
--- a/src/libcharon/plugins/led/Makefile.in
+++ b/src/libcharon/plugins/led/Makefile.in
@@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/load_tester/Makefile.in b/src/libcharon/plugins/load_tester/Makefile.in
index 2369044dd..561d69a23 100644
--- a/src/libcharon/plugins/load_tester/Makefile.in
+++ b/src/libcharon/plugins/load_tester/Makefile.in
@@ -383,7 +383,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/lookip/Makefile.in b/src/libcharon/plugins/lookip/Makefile.in
index 4b6d214de..57aaeeaeb 100644
--- a/src/libcharon/plugins/lookip/Makefile.in
+++ b/src/libcharon/plugins/lookip/Makefile.in
@@ -379,7 +379,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/maemo/Makefile.in b/src/libcharon/plugins/maemo/Makefile.in
index 314088a25..e1d4ee301 100644
--- a/src/libcharon/plugins/maemo/Makefile.in
+++ b/src/libcharon/plugins/maemo/Makefile.in
@@ -375,7 +375,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/medcli/Makefile.in b/src/libcharon/plugins/medcli/Makefile.in
index 8d7ca04e6..b6a04dfe7 100644
--- a/src/libcharon/plugins/medcli/Makefile.in
+++ b/src/libcharon/plugins/medcli/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/medsrv/Makefile.in b/src/libcharon/plugins/medsrv/Makefile.in
index 7abc23e50..82d985e57 100644
--- a/src/libcharon/plugins/medsrv/Makefile.in
+++ b/src/libcharon/plugins/medsrv/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/osx_attr/Makefile.in b/src/libcharon/plugins/osx_attr/Makefile.in
index b891f55f1..ce8d67c53 100644
--- a/src/libcharon/plugins/osx_attr/Makefile.in
+++ b/src/libcharon/plugins/osx_attr/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/radattr/Makefile.in b/src/libcharon/plugins/radattr/Makefile.in
index bf85d5713..3dbebd807 100644
--- a/src/libcharon/plugins/radattr/Makefile.in
+++ b/src/libcharon/plugins/radattr/Makefile.in
@@ -374,7 +374,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/smp/Makefile.in b/src/libcharon/plugins/smp/Makefile.in
index 43f3c6fbf..e0134e7a2 100644
--- a/src/libcharon/plugins/smp/Makefile.in
+++ b/src/libcharon/plugins/smp/Makefile.in
@@ -371,7 +371,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/socket_default/Makefile.in b/src/libcharon/plugins/socket_default/Makefile.in
index 155113e48..894c1f9dc 100644
--- a/src/libcharon/plugins/socket_default/Makefile.in
+++ b/src/libcharon/plugins/socket_default/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/socket_dynamic/Makefile.in b/src/libcharon/plugins/socket_dynamic/Makefile.in
index da40a433b..a0e2d2d93 100644
--- a/src/libcharon/plugins/socket_dynamic/Makefile.in
+++ b/src/libcharon/plugins/socket_dynamic/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/sql/Makefile.in b/src/libcharon/plugins/sql/Makefile.in
index 963804932..02967d0dd 100644
--- a/src/libcharon/plugins/sql/Makefile.in
+++ b/src/libcharon/plugins/sql/Makefile.in
@@ -371,7 +371,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/stroke/Makefile.in b/src/libcharon/plugins/stroke/Makefile.in
index 11a8771cc..253203de7 100644
--- a/src/libcharon/plugins/stroke/Makefile.in
+++ b/src/libcharon/plugins/stroke/Makefile.in
@@ -375,7 +375,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/stroke/stroke_list.c b/src/libcharon/plugins/stroke/stroke_list.c
index ea168058f..1aa49ce0d 100644
--- a/src/libcharon/plugins/stroke/stroke_list.c
+++ b/src/libcharon/plugins/stroke/stroke_list.c
@@ -31,8 +31,9 @@
 #include <credentials/certificates/ac.h>
 #include <credentials/certificates/crl.h>
 #include <credentials/certificates/pgp_certificate.h>
-#include <credentials/ietf_attributes/ietf_attributes.h>
 #include <config/peer_cfg.h>
+#include <asn1/asn1.h>
+#include <asn1/oid.h>
 
 /* warning intervals for list functions */
 #define CERT_WARNING_INTERVAL  30	/* days */
@@ -1027,16 +1028,19 @@ static void stroke_list_certs(linked_list_t *list, char *label,
 static void stroke_list_acerts(linked_list_t *list, bool utc, FILE *out)
 {
 	bool first = TRUE;
-	time_t thisUpdate, nextUpdate, now = time(NULL);
-	enumerator_t *enumerator = list->create_enumerator(list);
+	time_t notBefore, notAfter, now = time(NULL);
+	enumerator_t *enumerator;
 	certificate_t *cert;
 
-	while (enumerator->enumerate(enumerator, (void**)&cert))
+	enumerator = list->create_enumerator(list);
+	while (enumerator->enumerate(enumerator, &cert))
 	{
 		ac_t *ac = (ac_t*)cert;
+		ac_group_type_t type;
 		identification_t *id;
-		ietf_attributes_t *groups;
+		enumerator_t *groups;
 		chunk_t chunk;
+		bool firstgroup = TRUE;
 
 		if (first)
 		{
@@ -1061,30 +1065,79 @@ static void stroke_list_acerts(linked_list_t *list, bool utc, FILE *out)
 		{
 			fprintf(out, "  hserial:   %#B\n", &chunk);
 		}
-		groups = ac->get_groups(ac);
-		if (groups)
+		groups = ac->create_group_enumerator(ac);
+		while (groups->enumerate(groups, &type, &chunk))
 		{
-			fprintf(out, "  groups:    %s\n", groups->get_string(groups));
-			groups->destroy(groups);
+			int oid;
+			char *str;
+
+			if (firstgroup)
+			{
+				fprintf(out, "  groups:    ");
+				firstgroup = FALSE;
+			}
+			else
+			{
+				fprintf(out, "             ");
+			}
+			switch (type)
+			{
+				case AC_GROUP_TYPE_STRING:
+					fprintf(out, "%.*s", (int)chunk.len, chunk.ptr);
+					break;
+				case AC_GROUP_TYPE_OID:
+					oid = asn1_known_oid(chunk);
+					if (oid == OID_UNKNOWN)
+					{
+						str = asn1_oid_to_string(chunk);
+						if (str)
+						{
+							fprintf(out, "%s", str);
+							free(str);
+						}
+						else
+						{
+							fprintf(out, "OID:%#B", &chunk);
+						}
+					}
+					else
+					{
+						fprintf(out, "%s", oid_names[oid].name);
+					}
+					break;
+				case AC_GROUP_TYPE_OCTETS:
+					fprintf(out, "%#B", &chunk);
+					break;
+			}
+			fprintf(out, "\n");
 		}
+		groups->destroy(groups);
 		fprintf(out, "  issuer:   \"%Y\"\n", cert->get_issuer(cert));
 		chunk  = chunk_skip_zero(ac->get_serial(ac));
 		fprintf(out, "  serial:    %#B\n", &chunk);
 
 		/* list validity */
-		cert->get_validity(cert, &now, &thisUpdate, &nextUpdate);
-		fprintf(out, "  updates:   this %T\n",  &thisUpdate, utc);
-		fprintf(out, "             next %T, ", &nextUpdate, utc);
-		if (now > nextUpdate)
+		cert->get_validity(cert, &now, &notBefore, &notAfter);
+		fprintf(out, "  validity:  not before %T, ", &notBefore, utc);
+		if (now < notBefore)
 		{
-			fprintf(out, "expired (%V ago)\n", &now, &nextUpdate);
+			fprintf(out, "not valid yet (valid in %V)\n", &now, &notBefore);
+		}
+		else
+		{
+			fprintf(out, "ok\n");
+		}
+		fprintf(out, "             not after  %T, ", &notAfter, utc);
+		if (now > notAfter)
+		{
+			fprintf(out, "expired (%V ago)\n", &now, &notAfter);
 		}
 		else
 		{
 			fprintf(out, "ok");
-			if (now > nextUpdate - AC_WARNING_INTERVAL * 60 * 60 * 24)
+			if (now > notAfter - AC_WARNING_INTERVAL * 60 * 60 * 24)
 			{
-				fprintf(out, " (expires in %V)", &now, &nextUpdate);
+				fprintf(out, " (expires in %V)", &now, &notAfter);
 			}
 			fprintf(out, " \n");
 		}
diff --git a/src/libcharon/plugins/systime_fix/Makefile.in b/src/libcharon/plugins/systime_fix/Makefile.in
index 63724728a..76b2c5703 100644
--- a/src/libcharon/plugins/systime_fix/Makefile.in
+++ b/src/libcharon/plugins/systime_fix/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/tnc_ifmap/Makefile.in b/src/libcharon/plugins/tnc_ifmap/Makefile.in
index ace18e77c..194113088 100644
--- a/src/libcharon/plugins/tnc_ifmap/Makefile.in
+++ b/src/libcharon/plugins/tnc_ifmap/Makefile.in
@@ -376,7 +376,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.c b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.c
index 8f24daea3..a652e7067 100644
--- a/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.c
+++ b/src/libcharon/plugins/tnc_ifmap/tnc_ifmap_soap.c
@@ -779,7 +779,7 @@ static bool soap_init(private_tnc_ifmap_soap_t *this)
 			return FALSE;
 		}
 		DBG1(DBG_TNC, "loaded MAP client certificate from '%s'", client_cert);
-		this->creds->add_cert(this->creds, TRUE, cert);
+		cert = this->creds->add_cert_ref(this->creds, TRUE, cert);
 
 		/* load MAP client private key */
 		if (client_key)
@@ -876,7 +876,8 @@ static bool soap_init(private_tnc_ifmap_soap_t *this)
 	}
 
 	/* open TLS socket */
-	this->tls = tls_socket_create(FALSE, server_id, client_id, this->fd, NULL);
+	this->tls = tls_socket_create(FALSE, server_id, client_id, this->fd,
+								  NULL, TLS_1_2, FALSE);
 	if (!this->tls)
 	{
 		DBG1(DBG_TNC, "creating TLS socket failed");
@@ -923,4 +924,3 @@ tnc_ifmap_soap_t *tnc_ifmap_soap_create()
 
 	return &this->public;
 }
-
diff --git a/src/libcharon/plugins/tnc_pdp/Makefile.am b/src/libcharon/plugins/tnc_pdp/Makefile.am
index cc7c934d8..48de82571 100644
--- a/src/libcharon/plugins/tnc_pdp/Makefile.am
+++ b/src/libcharon/plugins/tnc_pdp/Makefile.am
@@ -15,12 +15,13 @@ if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-tnc-pdp.la
 else
 plugin_LTLIBRARIES = libstrongswan-tnc-pdp.la
+endif
+
 libstrongswan_tnc_pdp_la_LIBADD = \
 	$(top_builddir)/src/libradius/libradius.la \
 	$(top_builddir)/src/libpttls/libpttls.la \
 	$(top_builddir)/src/libtls/libtls.la \
 	$(top_builddir)/src/libtnccs/libtnccs.la
-endif
 
 libstrongswan_tnc_pdp_la_SOURCES = \
 	tnc_pdp_plugin.h tnc_pdp_plugin.c \
diff --git a/src/libcharon/plugins/tnc_pdp/Makefile.in b/src/libcharon/plugins/tnc_pdp/Makefile.in
index b2958efdb..875aa99d1 100644
--- a/src/libcharon/plugins/tnc_pdp/Makefile.in
+++ b/src/libcharon/plugins/tnc_pdp/Makefile.in
@@ -127,11 +127,11 @@ am__uninstall_files_from_dir = { \
   }
 am__installdirs = "$(DESTDIR)$(plugindir)"
 LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
-@MONOLITHIC_FALSE@libstrongswan_tnc_pdp_la_DEPENDENCIES =  \
-@MONOLITHIC_FALSE@	$(top_builddir)/src/libradius/libradius.la \
-@MONOLITHIC_FALSE@	$(top_builddir)/src/libpttls/libpttls.la \
-@MONOLITHIC_FALSE@	$(top_builddir)/src/libtls/libtls.la \
-@MONOLITHIC_FALSE@	$(top_builddir)/src/libtnccs/libtnccs.la
+libstrongswan_tnc_pdp_la_DEPENDENCIES =  \
+	$(top_builddir)/src/libradius/libradius.la \
+	$(top_builddir)/src/libpttls/libpttls.la \
+	$(top_builddir)/src/libtls/libtls.la \
+	$(top_builddir)/src/libtnccs/libtnccs.la
 am_libstrongswan_tnc_pdp_la_OBJECTS = tnc_pdp_plugin.lo tnc_pdp.lo \
 	tnc_pdp_connections.lo
 libstrongswan_tnc_pdp_la_OBJECTS =  \
@@ -377,7 +377,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
@@ -432,11 +431,11 @@ AM_CFLAGS = \
 
 @MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-tnc-pdp.la
 @MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-tnc-pdp.la
-@MONOLITHIC_FALSE@libstrongswan_tnc_pdp_la_LIBADD = \
-@MONOLITHIC_FALSE@	$(top_builddir)/src/libradius/libradius.la \
-@MONOLITHIC_FALSE@	$(top_builddir)/src/libpttls/libpttls.la \
-@MONOLITHIC_FALSE@	$(top_builddir)/src/libtls/libtls.la \
-@MONOLITHIC_FALSE@	$(top_builddir)/src/libtnccs/libtnccs.la
+libstrongswan_tnc_pdp_la_LIBADD = \
+	$(top_builddir)/src/libradius/libradius.la \
+	$(top_builddir)/src/libpttls/libpttls.la \
+	$(top_builddir)/src/libtls/libtls.la \
+	$(top_builddir)/src/libtnccs/libtnccs.la
 
 libstrongswan_tnc_pdp_la_SOURCES = \
 	tnc_pdp_plugin.h tnc_pdp_plugin.c \
diff --git a/src/libcharon/plugins/uci/Makefile.in b/src/libcharon/plugins/uci/Makefile.in
index b2b473c32..8c38ceade 100644
--- a/src/libcharon/plugins/uci/Makefile.in
+++ b/src/libcharon/plugins/uci/Makefile.in
@@ -371,7 +371,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/unit_tester/Makefile.in b/src/libcharon/plugins/unit_tester/Makefile.in
index 2d9f59678..165590dee 100644
--- a/src/libcharon/plugins/unit_tester/Makefile.in
+++ b/src/libcharon/plugins/unit_tester/Makefile.in
@@ -376,7 +376,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/unity/Makefile.in b/src/libcharon/plugins/unity/Makefile.in
index 65fe14e1d..efb7e958d 100644
--- a/src/libcharon/plugins/unity/Makefile.in
+++ b/src/libcharon/plugins/unity/Makefile.in
@@ -372,7 +372,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/updown/Makefile.in b/src/libcharon/plugins/updown/Makefile.in
index e2d6d32fb..36cf78eca 100644
--- a/src/libcharon/plugins/updown/Makefile.in
+++ b/src/libcharon/plugins/updown/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/whitelist/Makefile.in b/src/libcharon/plugins/whitelist/Makefile.in
index aa8ad2e10..e3588ad7d 100644
--- a/src/libcharon/plugins/whitelist/Makefile.in
+++ b/src/libcharon/plugins/whitelist/Makefile.in
@@ -380,7 +380,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/xauth_eap/Makefile.in b/src/libcharon/plugins/xauth_eap/Makefile.in
index cf0c326e3..b78a91764 100644
--- a/src/libcharon/plugins/xauth_eap/Makefile.in
+++ b/src/libcharon/plugins/xauth_eap/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/xauth_generic/Makefile.in b/src/libcharon/plugins/xauth_generic/Makefile.in
index 2d18f60df..e4d96a954 100644
--- a/src/libcharon/plugins/xauth_generic/Makefile.in
+++ b/src/libcharon/plugins/xauth_generic/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/xauth_noauth/Makefile.in b/src/libcharon/plugins/xauth_noauth/Makefile.in
index 8173631ae..5fe4c064f 100644
--- a/src/libcharon/plugins/xauth_noauth/Makefile.in
+++ b/src/libcharon/plugins/xauth_noauth/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/plugins/xauth_pam/Makefile.in b/src/libcharon/plugins/xauth_pam/Makefile.in
index 1ee269e04..2a6aec0c3 100644
--- a/src/libcharon/plugins/xauth_pam/Makefile.in
+++ b/src/libcharon/plugins/xauth_pam/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libcharon/sa/ikev2/keymat_v2.c b/src/libcharon/sa/ikev2/keymat_v2.c
index 8c7ba8d55..88ad14faf 100644
--- a/src/libcharon/sa/ikev2/keymat_v2.c
+++ b/src/libcharon/sa/ikev2/keymat_v2.c
@@ -97,10 +97,35 @@ static bool derive_ike_aead(private_keymat_v2_t *this, u_int16_t alg,
 {
 	aead_t *aead_i, *aead_r;
 	chunk_t key = chunk_empty;
+	u_int salt_size;
+
+	switch (alg)
+	{
+		case ENCR_AES_GCM_ICV8:
+		case ENCR_AES_GCM_ICV12:
+		case ENCR_AES_GCM_ICV16:
+			/* RFC 4106 */
+			salt_size = 4;
+			break;
+		case ENCR_AES_CCM_ICV8:
+		case ENCR_AES_CCM_ICV12:
+		case ENCR_AES_CCM_ICV16:
+			/* RFC 4309 */
+		case ENCR_CAMELLIA_CCM_ICV8:
+		case ENCR_CAMELLIA_CCM_ICV12:
+		case ENCR_CAMELLIA_CCM_ICV16:
+			/* RFC 5529 */
+			salt_size = 3;
+			break;
+		default:
+			DBG1(DBG_IKE, "nonce size for %N unknown!",
+				 encryption_algorithm_names, alg);
+			return FALSE;
+	}
 
 	/* SK_ei/SK_er used for encryption */
-	aead_i = lib->crypto->create_aead(lib->crypto, alg, key_size / 8);
-	aead_r = lib->crypto->create_aead(lib->crypto, alg, key_size / 8);
+	aead_i = lib->crypto->create_aead(lib->crypto, alg, key_size / 8, salt_size);
+	aead_r = lib->crypto->create_aead(lib->crypto, alg, key_size / 8, salt_size);
 	if (aead_i == NULL || aead_r == NULL)
 	{
 		DBG1(DBG_IKE, "%N %N (key size %d) not supported!",
diff --git a/src/libcharon/sa/ikev2/task_manager_v2.c b/src/libcharon/sa/ikev2/task_manager_v2.c
index ac3be900f..a5252ab70 100644
--- a/src/libcharon/sa/ikev2/task_manager_v2.c
+++ b/src/libcharon/sa/ikev2/task_manager_v2.c
@@ -778,6 +778,15 @@ static status_t process_request(private_task_manager_t *this,
 			case CREATE_CHILD_SA:
 			{	/* FIXME: we should prevent this on mediation connections */
 				bool notify_found = FALSE, ts_found = FALSE;
+
+				if (this->ike_sa->get_state(this->ike_sa) == IKE_CREATED ||
+					this->ike_sa->get_state(this->ike_sa) == IKE_CONNECTING)
+				{
+					DBG1(DBG_IKE, "received CREATE_CHILD_SA request for "
+						 "unestablished IKE_SA, rejected");
+					return FAILED;
+				}
+
 				enumerator = message->create_payload_enumerator(message);
 				while (enumerator->enumerate(enumerator, &payload))
 				{
diff --git a/src/libcharon/sa/ikev2/tasks/child_delete.c b/src/libcharon/sa/ikev2/tasks/child_delete.c
index e898efc88..88b032c8b 100644
--- a/src/libcharon/sa/ikev2/tasks/child_delete.c
+++ b/src/libcharon/sa/ikev2/tasks/child_delete.c
@@ -17,6 +17,7 @@
 
 #include <daemon.h>
 #include <encoding/payloads/delete_payload.h>
+#include <sa/ikev2/tasks/child_create.h>
 
 
 typedef struct private_child_delete_t private_child_delete_t;
@@ -313,6 +314,17 @@ METHOD(task_t, build_i, status_t,
 	}
 	log_children(this);
 	build_payloads(this, message);
+
+	if (!this->rekeyed && this->expired)
+	{
+		child_cfg_t *child_cfg;
+
+		DBG1(DBG_IKE, "scheduling CHILD_SA recreate after hard expire");
+		child_cfg = child_sa->get_config(child_sa);
+		this->ike_sa->queue_task(this->ike_sa, (task_t*)
+				child_create_create(this->ike_sa, child_cfg->get_ref(child_cfg),
+									FALSE, NULL, NULL));
+	}
 	return NEED_MORE;
 }
 
diff --git a/src/libcharon/sa/ikev2/tasks/ike_cert_post.c b/src/libcharon/sa/ikev2/tasks/ike_cert_post.c
index a93e5137e..6dbc4dec3 100644
--- a/src/libcharon/sa/ikev2/tasks/ike_cert_post.c
+++ b/src/libcharon/sa/ikev2/tasks/ike_cert_post.c
@@ -22,6 +22,7 @@
 #include <encoding/payloads/certreq_payload.h>
 #include <encoding/payloads/auth_payload.h>
 #include <credentials/certificates/x509.h>
+#include <credentials/certificates/ac.h>
 
 
 typedef struct private_ike_cert_post_t private_ike_cert_post_t;
@@ -105,12 +106,109 @@ static cert_payload_t *build_cert_payload(private_ike_cert_post_t *this,
 }
 
 /**
+ * Add subject certificate to message
+ */
+static bool add_subject_cert(private_ike_cert_post_t *this, auth_cfg_t *auth,
+							 message_t *message)
+{
+	cert_payload_t *payload;
+	certificate_t *cert;
+
+	cert = auth->get(auth, AUTH_RULE_SUBJECT_CERT);
+	if (!cert)
+	{
+		return FALSE;
+	}
+	payload = build_cert_payload(this, cert);
+	if (!payload)
+	{
+		return FALSE;
+	}
+	DBG1(DBG_IKE, "sending end entity cert \"%Y\"", cert->get_subject(cert));
+	message->add_payload(message, (payload_t*)payload);
+	return TRUE;
+}
+
+/**
+ * Add intermediate CA certificates to message
+ */
+static void add_im_certs(private_ike_cert_post_t *this, auth_cfg_t *auth,
+						 message_t *message)
+{
+	cert_payload_t *payload;
+	enumerator_t *enumerator;
+	certificate_t *cert;
+	auth_rule_t type;
+
+	enumerator = auth->create_enumerator(auth);
+	while (enumerator->enumerate(enumerator, &type, &cert))
+	{
+		if (type == AUTH_RULE_IM_CERT)
+		{
+			payload = cert_payload_create_from_cert(CERTIFICATE, cert);
+			if (payload)
+			{
+				DBG1(DBG_IKE, "sending issuer cert \"%Y\"",
+					 cert->get_subject(cert));
+				message->add_payload(message, (payload_t*)payload);
+			}
+		}
+	}
+	enumerator->destroy(enumerator);
+}
+
+/**
+ * Add any valid attribute certificates of subject to message
+ */
+static void add_attribute_certs(private_ike_cert_post_t *this,
+								auth_cfg_t *auth, message_t *message)
+{
+	certificate_t *subject, *cert;
+
+	subject = auth->get(auth, AUTH_RULE_SUBJECT_CERT);
+	if (subject && subject->get_type(subject) == CERT_X509)
+	{
+		x509_t *x509 = (x509_t*)subject;
+		identification_t *id, *serial;
+		enumerator_t *enumerator;
+		cert_payload_t *payload;
+		ac_t *ac;
+
+		/* we look for attribute certs having our serial and holder issuer,
+		 * which is recommended by RFC 5755 */
+		serial = identification_create_from_encoding(ID_KEY_ID,
+													 x509->get_serial(x509));
+		enumerator = lib->credmgr->create_cert_enumerator(lib->credmgr,
+										CERT_X509_AC, KEY_ANY, serial, FALSE);
+		while (enumerator->enumerate(enumerator, &ac))
+		{
+			cert = &ac->certificate;
+			id = ac->get_holderIssuer(ac);
+			if (id && id->equals(id, subject->get_issuer(subject)) &&
+				cert->get_validity(cert, NULL, NULL, NULL))
+			{
+				payload = cert_payload_create_from_cert(CERTIFICATE, cert);
+				if (payload)
+				{
+					DBG1(DBG_IKE, "sending attribute certificate "
+						 "issued by \"%Y\"", cert->get_issuer(cert));
+					message->add_payload(message, (payload_t*)payload);
+				}
+			}
+		}
+		enumerator->destroy(enumerator);
+		serial->destroy(serial);
+	}
+}
+
+/**
  * add certificates to message
  */
 static void build_certs(private_ike_cert_post_t *this, message_t *message)
 {
 	peer_cfg_t *peer_cfg;
 	auth_payload_t *payload;
+	auth_cfg_t *auth;
 
 	payload = (auth_payload_t*)message->get_payload(message, AUTHENTICATION);
 	peer_cfg = this->ike_sa->get_peer_cfg(this->ike_sa);
@@ -130,46 +228,13 @@ static void build_certs(private_ike_cert_post_t *this, message_t *message)
 			}
 			/* FALL */
 		case CERT_ALWAYS_SEND:
-		{
-			cert_payload_t *payload;
-			enumerator_t *enumerator;
-			certificate_t *cert;
-			auth_rule_t type;
-			auth_cfg_t *auth;
-
 			auth = this->ike_sa->get_auth_cfg(this->ike_sa, TRUE);
-
-			/* get subject cert first, then issuing certificates */
-			cert = auth->get(auth, AUTH_RULE_SUBJECT_CERT);
-			if (!cert)
+			if (add_subject_cert(this, auth, message))
 			{
-				break;
+				add_im_certs(this, auth, message);
+				add_attribute_certs(this, auth, message);
 			}
-			payload = build_cert_payload(this, cert);
-			if (!payload)
-			{
-				break;
-			}
-			DBG1(DBG_IKE, "sending end entity cert \"%Y\"",
-				 cert->get_subject(cert));
-			message->add_payload(message, (payload_t*)payload);
-
-			enumerator = auth->create_enumerator(auth);
-			while (enumerator->enumerate(enumerator, &type, &cert))
-			{
-				if (type == AUTH_RULE_IM_CERT)
-				{
-					payload = cert_payload_create_from_cert(CERTIFICATE, cert);
-					if (payload)
-					{
-						DBG1(DBG_IKE, "sending issuer cert \"%Y\"",
-							 cert->get_subject(cert));
-						message->add_payload(message, (payload_t*)payload);
-					}
-				}
-			}
-			enumerator->destroy(enumerator);
-		}
+			break;
 	}
 }
 
diff --git a/src/libcharon/sa/ikev2/tasks/ike_cert_pre.c b/src/libcharon/sa/ikev2/tasks/ike_cert_pre.c
index bd28b29d7..558b1e914 100644
--- a/src/libcharon/sa/ikev2/tasks/ike_cert_pre.c
+++ b/src/libcharon/sa/ikev2/tasks/ike_cert_pre.c
@@ -260,6 +260,30 @@ static void process_crl(cert_payload_t *payload, auth_cfg_t *auth)
 }
 
 /**
+ * Process an attribute certificate payload
+ */
+static void process_ac(cert_payload_t *payload, auth_cfg_t *auth)
+{
+	certificate_t *cert;
+
+	cert = payload->get_cert(payload);
+	if (cert)
+	{
+		if (cert->get_issuer(cert))
+		{
+			DBG1(DBG_IKE, "received attribute certificate issued by \"%Y\"",
+				 cert->get_issuer(cert));
+		}
+		else if (cert->get_subject(cert))
+		{
+			DBG1(DBG_IKE, "received attribute certificate for \"%Y\"",
+				 cert->get_subject(cert));
+		}
+		auth->add(auth, AUTH_HELPER_AC_CERT, cert);
+	}
+}
+
+/**
  * Process certificate payloads
  */
 static void process_certs(private_ike_cert_pre_t *this, message_t *message)
@@ -298,13 +322,15 @@ static void process_certs(private_ike_cert_pre_t *this, message_t *message)
 				case ENC_CRL:
 					process_crl(cert_payload, auth);
 					break;
+				case ENC_X509_ATTRIBUTE:
+					process_ac(cert_payload, auth);
+					break;
 				case ENC_PKCS7_WRAPPED_X509:
 				case ENC_PGP:
 				case ENC_DNS_SIGNED_KEY:
 				case ENC_KERBEROS_TOKEN:
 				case ENC_ARL:
 				case ENC_SPKI:
-				case ENC_X509_ATTRIBUTE:
 				case ENC_RAW_RSA_KEY:
 				case ENC_X509_HASH_AND_URL_BUNDLE:
 				case ENC_OCSP_CONTENT:
diff --git a/src/libfast/Makefile.in b/src/libfast/Makefile.in
index dbfb9889b..f4405ae09 100644
--- a/src/libfast/Makefile.in
+++ b/src/libfast/Makefile.in
@@ -374,7 +374,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libhydra/Makefile.in b/src/libhydra/Makefile.in
index 5e0bf3f17..be3e36c48 100644
--- a/src/libhydra/Makefile.in
+++ b/src/libhydra/Makefile.in
@@ -430,7 +430,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libhydra/plugins/attr/Makefile.in b/src/libhydra/plugins/attr/Makefile.in
index e762b7757..ed13f1eaa 100644
--- a/src/libhydra/plugins/attr/Makefile.in
+++ b/src/libhydra/plugins/attr/Makefile.in
@@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libhydra/plugins/attr/attr_provider.c b/src/libhydra/plugins/attr/attr_provider.c
index a27fd57b1..c1788df94 100644
--- a/src/libhydra/plugins/attr/attr_provider.c
+++ b/src/libhydra/plugins/attr/attr_provider.c
@@ -242,10 +242,13 @@ static void load_entries(private_attr_provider_t *this)
 				{
 					if (family == AF_INET)
 					{	/* IPv4 attributes contain a subnet mask */
-						u_int32_t netmask;
+						u_int32_t netmask = 0;
 
-						mask = 32 - mask;
-						netmask = htonl((0xFFFFFFFF >> mask) << mask);
+						if (mask)
+						{	/* shifting u_int32_t by 32 or more is undefined */
+							mask = 32 - mask;
+							netmask = htonl((0xFFFFFFFF >> mask) << mask);
+						}
 						data = chunk_cat("cc", host->get_address(host),
 										 chunk_from_thing(netmask));
 					}
diff --git a/src/libhydra/plugins/attr_sql/Makefile.in b/src/libhydra/plugins/attr_sql/Makefile.in
index 1d258f2fb..5d88c771e 100644
--- a/src/libhydra/plugins/attr_sql/Makefile.in
+++ b/src/libhydra/plugins/attr_sql/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libhydra/plugins/kernel_klips/Makefile.in b/src/libhydra/plugins/kernel_klips/Makefile.in
index c804c8e81..f20ceb44b 100644
--- a/src/libhydra/plugins/kernel_klips/Makefile.in
+++ b/src/libhydra/plugins/kernel_klips/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libhydra/plugins/kernel_netlink/Makefile.in b/src/libhydra/plugins/kernel_netlink/Makefile.in
index 5910cfd92..26cde7cbf 100644
--- a/src/libhydra/plugins/kernel_netlink/Makefile.in
+++ b/src/libhydra/plugins/kernel_netlink/Makefile.in
@@ -374,7 +374,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libhydra/plugins/kernel_pfkey/Makefile.in b/src/libhydra/plugins/kernel_pfkey/Makefile.in
index 5d0e927de..658ec7bc9 100644
--- a/src/libhydra/plugins/kernel_pfkey/Makefile.in
+++ b/src/libhydra/plugins/kernel_pfkey/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libhydra/plugins/kernel_pfroute/Makefile.in b/src/libhydra/plugins/kernel_pfroute/Makefile.in
index 8e01d2992..cdb09b106 100644
--- a/src/libhydra/plugins/kernel_pfroute/Makefile.in
+++ b/src/libhydra/plugins/kernel_pfroute/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libhydra/plugins/kernel_pfroute/kernel_pfroute_net.c b/src/libhydra/plugins/kernel_pfroute/kernel_pfroute_net.c
index a8a57a5a2..63c38bb7c 100644
--- a/src/libhydra/plugins/kernel_pfroute/kernel_pfroute_net.c
+++ b/src/libhydra/plugins/kernel_pfroute/kernel_pfroute_net.c
@@ -1576,16 +1576,20 @@ retry:
 		}
 		DBG1(DBG_KNL, "PF_ROUTE lookup failed: %s", strerror(errno));
 	}
-	if (!host)
+	if (nexthop)
 	{
-		return NULL;
+		host = host ?: dest->clone(dest);
 	}
-	if (!nexthop)
+	else
 	{	/* make sure the source address is not virtual and usable */
 		addr_entry_t *entry, lookup = {
 			.ip = host,
 		};
 
+		if (!host)
+		{
+			return NULL;
+		}
 		this->lock->read_lock(this->lock);
 		entry = this->addrs->get_match(this->addrs, &lookup,
 									(void*)addr_map_entry_match_up_and_usable);
diff --git a/src/libhydra/plugins/resolve/Makefile.in b/src/libhydra/plugins/resolve/Makefile.in
index 0e520f126..e76ba577d 100644
--- a/src/libhydra/plugins/resolve/Makefile.in
+++ b/src/libhydra/plugins/resolve/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libimcv/Makefile.in b/src/libimcv/Makefile.in
index 4c8287b70..9d8d86358 100644
--- a/src/libimcv/Makefile.in
+++ b/src/libimcv/Makefile.in
@@ -450,7 +450,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libimcv/imv/data.sql b/src/libimcv/imv/data.sql
index 9d938b9b8..7f3bae813 100644
--- a/src/libimcv/imv/data.sql
+++ b/src/libimcv/imv/data.sql
@@ -204,6 +204,18 @@ INSERT INTO products (			/* 34 */
  'Android 4.4.2'
 );
 
+INSERT INTO products (			/* 35 */
+  name
+) VALUES (
+ 'Ubuntu 14.04 i686'
+);
+
+INSERT INTO products (			/* 36 */
+  name
+) VALUES (
+ 'Ubuntu 14.04 x86_64'
+);
+
 /* Directories */
 
 INSERT INTO directories (		/*  1 */
@@ -729,6 +741,12 @@ INSERT INTO groups_product_defaults (
 INSERT INTO groups_product_defaults (
   group_id, product_id
 ) VALUES (
+  6, 35
+);
+
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
   7, 8
 );
 
@@ -777,6 +795,12 @@ INSERT INTO groups_product_defaults (
 INSERT INTO groups_product_defaults (
   group_id, product_id
 ) VALUES (
+  7, 36
+);
+
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
   3, 21
 );
 
diff --git a/src/libimcv/plugins/imc_os/Makefile.in b/src/libimcv/plugins/imc_os/Makefile.in
index bfb3f0022..7b25614f3 100644
--- a/src/libimcv/plugins/imc_os/Makefile.in
+++ b/src/libimcv/plugins/imc_os/Makefile.in
@@ -368,7 +368,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libimcv/plugins/imc_scanner/Makefile.in b/src/libimcv/plugins/imc_scanner/Makefile.in
index 3db0f2ba2..afcaf1ac3 100644
--- a/src/libimcv/plugins/imc_scanner/Makefile.in
+++ b/src/libimcv/plugins/imc_scanner/Makefile.in
@@ -369,7 +369,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libimcv/plugins/imc_test/Makefile.in b/src/libimcv/plugins/imc_test/Makefile.in
index 64e1c271c..1c3065456 100644
--- a/src/libimcv/plugins/imc_test/Makefile.in
+++ b/src/libimcv/plugins/imc_test/Makefile.in
@@ -368,7 +368,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libimcv/plugins/imv_os/Makefile.in b/src/libimcv/plugins/imv_os/Makefile.in
index 856ced897..044175029 100644
--- a/src/libimcv/plugins/imv_os/Makefile.in
+++ b/src/libimcv/plugins/imv_os/Makefile.in
@@ -376,7 +376,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libimcv/plugins/imv_scanner/Makefile.in b/src/libimcv/plugins/imv_scanner/Makefile.in
index 748b9a72d..525f445ef 100644
--- a/src/libimcv/plugins/imv_scanner/Makefile.in
+++ b/src/libimcv/plugins/imv_scanner/Makefile.in
@@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libimcv/plugins/imv_test/Makefile.in b/src/libimcv/plugins/imv_test/Makefile.in
index 3c73e8f95..3724cc582 100644
--- a/src/libimcv/plugins/imv_test/Makefile.in
+++ b/src/libimcv/plugins/imv_test/Makefile.in
@@ -369,7 +369,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libipsec/Makefile.in b/src/libipsec/Makefile.in
index 737edad3f..f1a099e2f 100644
--- a/src/libipsec/Makefile.in
+++ b/src/libipsec/Makefile.in
@@ -410,7 +410,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libipsec/esp_context.c b/src/libipsec/esp_context.c
index 66e14f98b..5e58f66da 100644
--- a/src/libipsec/esp_context.c
+++ b/src/libipsec/esp_context.c
@@ -216,7 +216,8 @@ static bool create_aead(private_esp_context_t *this, int alg,
 		case ENCR_AES_GCM_ICV12:
 		case ENCR_AES_GCM_ICV16:
 			/* the key includes a 4 byte salt */
-			this->aead = lib->crypto->create_aead(lib->crypto, alg, key.len-4);
+			this->aead = lib->crypto->create_aead(lib->crypto, alg,
+												  key.len - 4, 4);
 			break;
 		default:
 			break;
diff --git a/src/libpts/Makefile.in b/src/libpts/Makefile.in
index 05c27d9cb..af5eafd7f 100644
--- a/src/libpts/Makefile.in
+++ b/src/libpts/Makefile.in
@@ -448,7 +448,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libpts/plugins/imc_attestation/Makefile.in b/src/libpts/plugins/imc_attestation/Makefile.in
index 7a539ef22..dd347d2d8 100644
--- a/src/libpts/plugins/imc_attestation/Makefile.in
+++ b/src/libpts/plugins/imc_attestation/Makefile.in
@@ -372,7 +372,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libpts/plugins/imc_attestation/imc_attestation.c b/src/libpts/plugins/imc_attestation/imc_attestation.c
index 467b998c8..c71b21666 100644
--- a/src/libpts/plugins/imc_attestation/imc_attestation.c
+++ b/src/libpts/plugins/imc_attestation/imc_attestation.c
@@ -66,6 +66,8 @@ TNC_Result TNC_IMC_Initialize(TNC_IMCID imc_id,
 							  TNC_Version max_version,
 							  TNC_Version *actual_version)
 {
+	bool mandatory_dh_groups;
+
 	if (imc_attestation)
 	{
 		DBG1(DBG_IMC, "IMC \"%s\" has already been initialized", imc_name);
@@ -78,8 +80,11 @@ TNC_Result TNC_IMC_Initialize(TNC_IMCID imc_id,
 		return TNC_RESULT_FATAL;
 	}
 
+	mandatory_dh_groups = lib->settings->get_bool(lib->settings,
+			"%s.plugins.imc-attestation.mandatory_dh_groups", TRUE, lib->ns);
+
 	if (!pts_meas_algo_probe(&supported_algorithms) ||
-		!pts_dh_group_probe(&supported_dh_groups))
+		!pts_dh_group_probe(&supported_dh_groups, mandatory_dh_groups))
 	{
 		imc_attestation->destroy(imc_attestation);
 		imc_attestation = NULL;
diff --git a/src/libpts/plugins/imc_swid/Makefile.in b/src/libpts/plugins/imc_swid/Makefile.in
index e1c932e45..58402636f 100644
--- a/src/libpts/plugins/imc_swid/Makefile.in
+++ b/src/libpts/plugins/imc_swid/Makefile.in
@@ -372,7 +372,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libpts/plugins/imv_attestation/Makefile.in b/src/libpts/plugins/imv_attestation/Makefile.in
index c1c14d476..ff94363bf 100644
--- a/src/libpts/plugins/imv_attestation/Makefile.in
+++ b/src/libpts/plugins/imv_attestation/Makefile.in
@@ -382,7 +382,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libpts/plugins/imv_attestation/attest.c b/src/libpts/plugins/imv_attestation/attest.c
index b8a6854cb..8f4df39e7 100644
--- a/src/libpts/plugins/imv_attestation/attest.c
+++ b/src/libpts/plugins/imv_attestation/attest.c
@@ -278,12 +278,14 @@ static void do_args(int argc, char *argv[])
 						exit(EXIT_FAILURE);
 					}
 				}
-				free(file);
 				free(dir);
+
 				if (!attest->set_file(attest, file, op == OP_ADD))
 				{
+					free(file);
 					exit(EXIT_FAILURE);
 				}
+				free(file);
 				continue;
 			}
 			case 'G':
diff --git a/src/libpts/plugins/imv_attestation/imv_attestation_agent.c b/src/libpts/plugins/imv_attestation/imv_attestation_agent.c
index e8c3c5e40..ae2660bae 100644
--- a/src/libpts/plugins/imv_attestation/imv_attestation_agent.c
+++ b/src/libpts/plugins/imv_attestation/imv_attestation_agent.c
@@ -482,6 +482,22 @@ METHOD(imv_agent_if_t, batch_ending, TNC_Result,
 							}
 						}
 
+						/* do TPM TRUSTED BOOT measurements */
+						if (strchr(workitem->get_arg_str(workitem), 'T'))
+						{
+							comp_name = pts_comp_func_name_create(PEN_ITA,
+											 PTS_ITA_COMP_FUNC_NAME_TBOOT,
+											PTS_ITA_QUALIFIER_FLAG_KERNEL |
+											PTS_ITA_QUALIFIER_TYPE_TRUSTED);
+							comp = attestation_state->create_component(
+											attestation_state, comp_name,
+											0, this->pts_db);
+							if (!comp)
+							{
+								comp_name->log(comp_name, "unregistered ");
+								comp_name->destroy(comp_name);
+							}
+						}
 						attestation_state->set_handshake_state(attestation_state,
 											IMV_ATTESTATION_STATE_NONCE_REQ);
 						continue;
@@ -706,6 +722,7 @@ imv_agent_if_t *imv_attestation_agent_create(const char *name, TNC_IMVID id,
 	private_imv_attestation_agent_t *this;
 	imv_agent_t *agent;
 	char *hash_alg, *dh_group, *cadir;
+	bool mandatory_dh_groups;
 
 	agent = imv_agent_create(name, msg_types, countof(msg_types), id,
 							 actual_version);
@@ -718,6 +735,8 @@ imv_agent_if_t *imv_attestation_agent_create(const char *name, TNC_IMVID id,
 				"%s.plugins.imv-attestation.hash_algorithm", "sha256", lib->ns);
 	dh_group = lib->settings->get_str(lib->settings,
 				"%s.plugins.imv-attestation.dh_group", "ecp256", lib->ns);
+	mandatory_dh_groups = lib->settings->get_bool(lib->settings,
+				"%s.plugins.imv-attestation.mandatory_dh_groups", TRUE, lib->ns);
 	cadir = lib->settings->get_str(lib->settings,
 				"%s.plugins.imv-attestation.cadir", NULL, lib->ns);
 
@@ -742,7 +761,7 @@ imv_agent_if_t *imv_attestation_agent_create(const char *name, TNC_IMVID id,
 	libpts_init();
 
 	if (!pts_meas_algo_probe(&this->supported_algorithms) ||
-		!pts_dh_group_probe(&this->supported_dh_groups) ||
+		!pts_dh_group_probe(&this->supported_dh_groups, mandatory_dh_groups) ||
 		!pts_meas_algo_update(hash_alg, &this->supported_algorithms) ||
 		!pts_dh_group_update(dh_group, &this->supported_dh_groups))
 	{
diff --git a/src/libpts/plugins/imv_swid/Makefile.in b/src/libpts/plugins/imv_swid/Makefile.in
index b92f7d4d0..f9bd93ce0 100644
--- a/src/libpts/plugins/imv_swid/Makefile.in
+++ b/src/libpts/plugins/imv_swid/Makefile.in
@@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libpts/pts/pts.c b/src/libpts/pts/pts.c
index 8699282f0..3ab9b92e6 100644
--- a/src/libpts/pts/pts.c
+++ b/src/libpts/pts/pts.c
@@ -393,7 +393,7 @@ static void load_aik_blob(private_pts_t *this)
 		fseek(fp, 0L, SEEK_SET);
 
 		this->aik_blob = chunk_alloc(aikBlobLen);
-		if (fread(this->aik_blob.ptr, 1, aikBlobLen, fp))
+		if (fread(this->aik_blob.ptr, 1, aikBlobLen, fp) == aikBlobLen)
 		{
 			DBG2(DBG_PTS, "loaded AIK Blob from '%s'", blob_path);
 			DBG3(DBG_PTS, "AIK Blob: %B", &this->aik_blob);
@@ -401,6 +401,7 @@ static void load_aik_blob(private_pts_t *this)
 		else
 		{
 			DBG1(DBG_PTS, "unable to read AIK Blob file '%s'", blob_path);
+			chunk_free(&this->aik_blob);
 		}
 		fclose(fp);
 		return;
diff --git a/src/libpts/pts/pts_database.c b/src/libpts/pts/pts_database.c
index 07e8ae1da..fda644a6a 100644
--- a/src/libpts/pts/pts_database.c
+++ b/src/libpts/pts/pts_database.c
@@ -280,20 +280,17 @@ METHOD(pts_database_t, check_file_measurement, status_t,
 				DB_TEXT, dir, DB_INT);
 		if (!e)
 		{
-			free(file);
-			free(dir);
-			return FAILED;
+			status = FAILED;
+			goto err;
 		}
 		dir_found = e->enumerate(e, &did);
 		e->destroy(e);
 
 		if (!dir_found)
 		{
-			free(file);
-			free(dir);
-			return NOT_FOUND;
+			status = NOT_FOUND;
+			goto err;
 		}
-
 		e = this->db->query(this->db,
 				"SELECT fh.hash FROM file_hashes AS fh "
 				"JOIN files AS f ON f.id = fh.file "
@@ -302,12 +299,10 @@ METHOD(pts_database_t, check_file_measurement, status_t,
 				DB_TEXT, product, DB_INT, did, DB_TEXT, file, DB_INT, algo,
 				DB_BLOB);
 	}
-	free(file);
-	free(dir);
-
 	if (!e)
 	{
-		return FAILED;
+		status = FAILED;
+		goto err;
 	}
 	while (e->enumerate(e, &hash))
 	{
@@ -324,6 +319,10 @@ METHOD(pts_database_t, check_file_measurement, status_t,
 	}
 	e->destroy(e);
 
+err:
+	free(file);
+	free(dir);
+
 	return status;
 }
 
diff --git a/src/libpts/pts/pts_dh_group.c b/src/libpts/pts/pts_dh_group.c
index 41a436036..305b4ec4f 100644
--- a/src/libpts/pts/pts_dh_group.c
+++ b/src/libpts/pts/pts_dh_group.c
@@ -20,7 +20,7 @@
 /**
  * Described in header.
  */
-bool pts_dh_group_probe(pts_dh_group_t *dh_groups)
+bool pts_dh_group_probe(pts_dh_group_t *dh_groups, bool mandatory_dh_groups)
 {
 	enumerator_t *enumerator;
 	diffie_hellman_group_t dh_group;
@@ -68,14 +68,23 @@ bool pts_dh_group_probe(pts_dh_group_t *dh_groups)
 
 	if (*dh_groups & PTS_DH_GROUP_IKE19)
 	{
+		/* mandatory PTS DH group is available */
 		return TRUE;
 	}
-	else
+	if (*dh_groups == PTS_DH_GROUP_NONE)
+	{
+		DBG1(DBG_PTS, "no PTS DH group available");
+		return FALSE;
+	}
+	if (mandatory_dh_groups)
 	{
 		DBG1(DBG_PTS, format2, "mandatory", diffie_hellman_group_names,
 											ECP_256_BIT);
+		return FALSE;
 	}
-	return FALSE;
+
+	/* at least one optional PTS DH group is available */
+	return TRUE;
 }
 
 /**
diff --git a/src/libpts/pts/pts_dh_group.h b/src/libpts/pts/pts_dh_group.h
index 2aab90263..f5d951e9a 100644
--- a/src/libpts/pts/pts_dh_group.h
+++ b/src/libpts/pts/pts_dh_group.h
@@ -59,10 +59,13 @@ enum pts_dh_group_t {
 /**
  * Probe available PTS Diffie-Hellman groups
  *
- * @param dh_groups			returns set of available DH groups
- * @return					TRUE if mandatory DH groups are available
+ * @param dh_groups				returns set of available DH groups
+ * @param mandatory_dh_groups	if TRUE enforce mandatory PTS DH groups
+ * @return						TRUE if mandatory DH groups are available
+ *								or at least one optional DH group if 
+ *								mandatory_dh_groups is set to FALSE.
  */
-bool pts_dh_group_probe(pts_dh_group_t *dh_groups);
+bool pts_dh_group_probe(pts_dh_group_t *dh_groups, bool mandatory_dh_groups);
 
 /**
  * Update supported Diffie-Hellman groups according to configuration
diff --git a/src/libpttls/Makefile.in b/src/libpttls/Makefile.in
index c827cb598..788c8caca 100644
--- a/src/libpttls/Makefile.in
+++ b/src/libpttls/Makefile.in
@@ -369,7 +369,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libpttls/pt_tls_client.c b/src/libpttls/pt_tls_client.c
index 01a84cd14..315129d7e 100644
--- a/src/libpttls/pt_tls_client.c
+++ b/src/libpttls/pt_tls_client.c
@@ -84,7 +84,8 @@ static bool make_connection(private_pt_tls_client_t *this)
 		return FALSE;
 	}
 
-	this->tls = tls_socket_create(FALSE, this->server, this->client, fd, NULL);
+	this->tls = tls_socket_create(FALSE, this->server, this->client, fd,
+								  NULL, TLS_1_2, FALSE);
 	if (!this->tls)
 	{
 		close(fd);
diff --git a/src/libpttls/pt_tls_server.c b/src/libpttls/pt_tls_server.c
index 9af00e7c2..cedc2632c 100644
--- a/src/libpttls/pt_tls_server.c
+++ b/src/libpttls/pt_tls_server.c
@@ -532,7 +532,7 @@ pt_tls_server_t *pt_tls_server_create(identification_t *server, int fd,
 			.destroy = _destroy,
 		},
 		.state = PT_TLS_SERVER_VERSION,
-		.tls = tls_socket_create(TRUE, server, NULL, fd, NULL),
+		.tls = tls_socket_create(TRUE, server, NULL, fd, NULL, TLS_1_2, FALSE),
 		.tnccs = (tls_t*)tnccs,
 		.auth = auth,
 	);
diff --git a/src/libradius/Makefile.in b/src/libradius/Makefile.in
index d903de883..6e687a310 100644
--- a/src/libradius/Makefile.in
+++ b/src/libradius/Makefile.in
@@ -366,7 +366,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libsimaka/Makefile.in b/src/libsimaka/Makefile.in
index ee824abdb..cb27f0535 100644
--- a/src/libsimaka/Makefile.in
+++ b/src/libsimaka/Makefile.in
@@ -366,7 +366,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/Android.mk b/src/libstrongswan/Android.mk
index 440913071..2b58db554 100644
--- a/src/libstrongswan/Android.mk
+++ b/src/libstrongswan/Android.mk
@@ -20,7 +20,7 @@ credentials/keys/public_key.c credentials/keys/shared_key.c \
 credentials/certificates/certificate.c credentials/certificates/crl.c \
 credentials/certificates/ocsp_response.c \
 credentials/containers/container.c credentials/containers/pkcs12.c \
-credentials/ietf_attributes/ietf_attributes.c credentials/credential_manager.c \
+credentials/credential_manager.c \
 credentials/sets/auth_cfg_wrapper.c credentials/sets/ocsp_response_wrapper.c \
 credentials/sets/cert_cache.c credentials/sets/mem_cred.c \
 credentials/sets/callback_cred.c credentials/auth_cfg.c database/database.c \
diff --git a/src/libstrongswan/Makefile.am b/src/libstrongswan/Makefile.am
index b3a4eda99..3462d2ffc 100644
--- a/src/libstrongswan/Makefile.am
+++ b/src/libstrongswan/Makefile.am
@@ -18,7 +18,7 @@ credentials/keys/public_key.c credentials/keys/shared_key.c \
 credentials/certificates/certificate.c credentials/certificates/crl.c \
 credentials/certificates/ocsp_response.c \
 credentials/containers/container.c credentials/containers/pkcs12.c \
-credentials/ietf_attributes/ietf_attributes.c credentials/credential_manager.c \
+credentials/credential_manager.c \
 credentials/sets/auth_cfg_wrapper.c credentials/sets/ocsp_response_wrapper.c \
 credentials/sets/cert_cache.c credentials/sets/mem_cred.c \
 credentials/sets/callback_cred.c credentials/auth_cfg.c database/database.c \
@@ -61,7 +61,6 @@ credentials/certificates/ocsp_response.h \
 credentials/certificates/pgp_certificate.h \
 credentials/containers/container.h credentials/containers/pkcs7.h \
 credentials/containers/pkcs12.h \
-credentials/ietf_attributes/ietf_attributes.h \
 credentials/credential_manager.h credentials/sets/auth_cfg_wrapper.h \
 credentials/sets/ocsp_response_wrapper.h credentials/sets/cert_cache.h \
 credentials/sets/mem_cred.h credentials/sets/callback_cred.h \
@@ -308,6 +307,13 @@ if MONOLITHIC
 endif
 endif
 
+if USE_ACERT
+  SUBDIRS += plugins/acert
+if MONOLITHIC
+  libstrongswan_la_LIBADD += plugins/acert/libstrongswan-acert.la
+endif
+endif
+
 if USE_PUBKEY
   SUBDIRS += plugins/pubkey
 if MONOLITHIC
diff --git a/src/libstrongswan/Makefile.in b/src/libstrongswan/Makefile.in
index 64396b51f..af5ea402b 100644
--- a/src/libstrongswan/Makefile.in
+++ b/src/libstrongswan/Makefile.in
@@ -128,60 +128,62 @@ host_triplet = @host@
 @MONOLITHIC_TRUE@@USE_REVOCATION_TRUE@am__append_47 = plugins/revocation/libstrongswan-revocation.la
 @USE_CONSTRAINTS_TRUE@am__append_48 = plugins/constraints
 @MONOLITHIC_TRUE@@USE_CONSTRAINTS_TRUE@am__append_49 = plugins/constraints/libstrongswan-constraints.la
-@USE_PUBKEY_TRUE@am__append_50 = plugins/pubkey
-@MONOLITHIC_TRUE@@USE_PUBKEY_TRUE@am__append_51 = plugins/pubkey/libstrongswan-pubkey.la
-@USE_PKCS1_TRUE@am__append_52 = plugins/pkcs1
-@MONOLITHIC_TRUE@@USE_PKCS1_TRUE@am__append_53 = plugins/pkcs1/libstrongswan-pkcs1.la
-@USE_PKCS7_TRUE@am__append_54 = plugins/pkcs7
-@MONOLITHIC_TRUE@@USE_PKCS7_TRUE@am__append_55 = plugins/pkcs7/libstrongswan-pkcs7.la
-@USE_PKCS8_TRUE@am__append_56 = plugins/pkcs8
-@MONOLITHIC_TRUE@@USE_PKCS8_TRUE@am__append_57 = plugins/pkcs8/libstrongswan-pkcs8.la
-@USE_PKCS12_TRUE@am__append_58 = plugins/pkcs12
-@MONOLITHIC_TRUE@@USE_PKCS12_TRUE@am__append_59 = plugins/pkcs12/libstrongswan-pkcs12.la
-@USE_PGP_TRUE@am__append_60 = plugins/pgp
-@MONOLITHIC_TRUE@@USE_PGP_TRUE@am__append_61 = plugins/pgp/libstrongswan-pgp.la
-@USE_DNSKEY_TRUE@am__append_62 = plugins/dnskey
-@MONOLITHIC_TRUE@@USE_DNSKEY_TRUE@am__append_63 = plugins/dnskey/libstrongswan-dnskey.la
-@USE_SSHKEY_TRUE@am__append_64 = plugins/sshkey
-@MONOLITHIC_TRUE@@USE_SSHKEY_TRUE@am__append_65 = plugins/sshkey/libstrongswan-sshkey.la
-@USE_PEM_TRUE@am__append_66 = plugins/pem
-@MONOLITHIC_TRUE@@USE_PEM_TRUE@am__append_67 = plugins/pem/libstrongswan-pem.la
-@USE_CURL_TRUE@am__append_68 = plugins/curl
-@MONOLITHIC_TRUE@@USE_CURL_TRUE@am__append_69 = plugins/curl/libstrongswan-curl.la
-@USE_UNBOUND_TRUE@am__append_70 = plugins/unbound
-@MONOLITHIC_TRUE@@USE_UNBOUND_TRUE@am__append_71 = plugins/unbound/libstrongswan-unbound.la
-@USE_SOUP_TRUE@am__append_72 = plugins/soup
-@MONOLITHIC_TRUE@@USE_SOUP_TRUE@am__append_73 = plugins/soup/libstrongswan-soup.la
-@USE_LDAP_TRUE@am__append_74 = plugins/ldap
-@MONOLITHIC_TRUE@@USE_LDAP_TRUE@am__append_75 = plugins/ldap/libstrongswan-ldap.la
-@USE_MYSQL_TRUE@am__append_76 = plugins/mysql
-@MONOLITHIC_TRUE@@USE_MYSQL_TRUE@am__append_77 = plugins/mysql/libstrongswan-mysql.la
-@USE_SQLITE_TRUE@am__append_78 = plugins/sqlite
-@MONOLITHIC_TRUE@@USE_SQLITE_TRUE@am__append_79 = plugins/sqlite/libstrongswan-sqlite.la
-@USE_PADLOCK_TRUE@am__append_80 = plugins/padlock
-@MONOLITHIC_TRUE@@USE_PADLOCK_TRUE@am__append_81 = plugins/padlock/libstrongswan-padlock.la
-@USE_OPENSSL_TRUE@am__append_82 = plugins/openssl
-@MONOLITHIC_TRUE@@USE_OPENSSL_TRUE@am__append_83 = plugins/openssl/libstrongswan-openssl.la
-@USE_GCRYPT_TRUE@am__append_84 = plugins/gcrypt
-@MONOLITHIC_TRUE@@USE_GCRYPT_TRUE@am__append_85 = plugins/gcrypt/libstrongswan-gcrypt.la
-@USE_FIPS_PRF_TRUE@am__append_86 = plugins/fips_prf
-@MONOLITHIC_TRUE@@USE_FIPS_PRF_TRUE@am__append_87 = plugins/fips_prf/libstrongswan-fips-prf.la
-@USE_AGENT_TRUE@am__append_88 = plugins/agent
-@MONOLITHIC_TRUE@@USE_AGENT_TRUE@am__append_89 = plugins/agent/libstrongswan-agent.la
-@USE_KEYCHAIN_TRUE@am__append_90 = plugins/keychain
-@MONOLITHIC_TRUE@@USE_KEYCHAIN_TRUE@am__append_91 = plugins/keychain/libstrongswan-keychain.la
-@USE_PKCS11_TRUE@am__append_92 = plugins/pkcs11
-@MONOLITHIC_TRUE@@USE_PKCS11_TRUE@am__append_93 = plugins/pkcs11/libstrongswan-pkcs11.la
-@USE_CTR_TRUE@am__append_94 = plugins/ctr
-@MONOLITHIC_TRUE@@USE_CTR_TRUE@am__append_95 = plugins/ctr/libstrongswan-ctr.la
-@USE_CCM_TRUE@am__append_96 = plugins/ccm
-@MONOLITHIC_TRUE@@USE_CCM_TRUE@am__append_97 = plugins/ccm/libstrongswan-ccm.la
-@USE_GCM_TRUE@am__append_98 = plugins/gcm
-@MONOLITHIC_TRUE@@USE_GCM_TRUE@am__append_99 = plugins/gcm/libstrongswan-gcm.la
-@USE_NTRU_TRUE@am__append_100 = plugins/ntru
-@MONOLITHIC_TRUE@@USE_NTRU_TRUE@am__append_101 = plugins/ntru/libstrongswan-ntru.la
-@USE_TEST_VECTORS_TRUE@am__append_102 = plugins/test_vectors
-@MONOLITHIC_TRUE@@USE_TEST_VECTORS_TRUE@am__append_103 = plugins/test_vectors/libstrongswan-test-vectors.la
+@USE_ACERT_TRUE@am__append_50 = plugins/acert
+@MONOLITHIC_TRUE@@USE_ACERT_TRUE@am__append_51 = plugins/acert/libstrongswan-acert.la
+@USE_PUBKEY_TRUE@am__append_52 = plugins/pubkey
+@MONOLITHIC_TRUE@@USE_PUBKEY_TRUE@am__append_53 = plugins/pubkey/libstrongswan-pubkey.la
+@USE_PKCS1_TRUE@am__append_54 = plugins/pkcs1
+@MONOLITHIC_TRUE@@USE_PKCS1_TRUE@am__append_55 = plugins/pkcs1/libstrongswan-pkcs1.la
+@USE_PKCS7_TRUE@am__append_56 = plugins/pkcs7
+@MONOLITHIC_TRUE@@USE_PKCS7_TRUE@am__append_57 = plugins/pkcs7/libstrongswan-pkcs7.la
+@USE_PKCS8_TRUE@am__append_58 = plugins/pkcs8
+@MONOLITHIC_TRUE@@USE_PKCS8_TRUE@am__append_59 = plugins/pkcs8/libstrongswan-pkcs8.la
+@USE_PKCS12_TRUE@am__append_60 = plugins/pkcs12
+@MONOLITHIC_TRUE@@USE_PKCS12_TRUE@am__append_61 = plugins/pkcs12/libstrongswan-pkcs12.la
+@USE_PGP_TRUE@am__append_62 = plugins/pgp
+@MONOLITHIC_TRUE@@USE_PGP_TRUE@am__append_63 = plugins/pgp/libstrongswan-pgp.la
+@USE_DNSKEY_TRUE@am__append_64 = plugins/dnskey
+@MONOLITHIC_TRUE@@USE_DNSKEY_TRUE@am__append_65 = plugins/dnskey/libstrongswan-dnskey.la
+@USE_SSHKEY_TRUE@am__append_66 = plugins/sshkey
+@MONOLITHIC_TRUE@@USE_SSHKEY_TRUE@am__append_67 = plugins/sshkey/libstrongswan-sshkey.la
+@USE_PEM_TRUE@am__append_68 = plugins/pem
+@MONOLITHIC_TRUE@@USE_PEM_TRUE@am__append_69 = plugins/pem/libstrongswan-pem.la
+@USE_CURL_TRUE@am__append_70 = plugins/curl
+@MONOLITHIC_TRUE@@USE_CURL_TRUE@am__append_71 = plugins/curl/libstrongswan-curl.la
+@USE_UNBOUND_TRUE@am__append_72 = plugins/unbound
+@MONOLITHIC_TRUE@@USE_UNBOUND_TRUE@am__append_73 = plugins/unbound/libstrongswan-unbound.la
+@USE_SOUP_TRUE@am__append_74 = plugins/soup
+@MONOLITHIC_TRUE@@USE_SOUP_TRUE@am__append_75 = plugins/soup/libstrongswan-soup.la
+@USE_LDAP_TRUE@am__append_76 = plugins/ldap
+@MONOLITHIC_TRUE@@USE_LDAP_TRUE@am__append_77 = plugins/ldap/libstrongswan-ldap.la
+@USE_MYSQL_TRUE@am__append_78 = plugins/mysql
+@MONOLITHIC_TRUE@@USE_MYSQL_TRUE@am__append_79 = plugins/mysql/libstrongswan-mysql.la
+@USE_SQLITE_TRUE@am__append_80 = plugins/sqlite
+@MONOLITHIC_TRUE@@USE_SQLITE_TRUE@am__append_81 = plugins/sqlite/libstrongswan-sqlite.la
+@USE_PADLOCK_TRUE@am__append_82 = plugins/padlock
+@MONOLITHIC_TRUE@@USE_PADLOCK_TRUE@am__append_83 = plugins/padlock/libstrongswan-padlock.la
+@USE_OPENSSL_TRUE@am__append_84 = plugins/openssl
+@MONOLITHIC_TRUE@@USE_OPENSSL_TRUE@am__append_85 = plugins/openssl/libstrongswan-openssl.la
+@USE_GCRYPT_TRUE@am__append_86 = plugins/gcrypt
+@MONOLITHIC_TRUE@@USE_GCRYPT_TRUE@am__append_87 = plugins/gcrypt/libstrongswan-gcrypt.la
+@USE_FIPS_PRF_TRUE@am__append_88 = plugins/fips_prf
+@MONOLITHIC_TRUE@@USE_FIPS_PRF_TRUE@am__append_89 = plugins/fips_prf/libstrongswan-fips-prf.la
+@USE_AGENT_TRUE@am__append_90 = plugins/agent
+@MONOLITHIC_TRUE@@USE_AGENT_TRUE@am__append_91 = plugins/agent/libstrongswan-agent.la
+@USE_KEYCHAIN_TRUE@am__append_92 = plugins/keychain
+@MONOLITHIC_TRUE@@USE_KEYCHAIN_TRUE@am__append_93 = plugins/keychain/libstrongswan-keychain.la
+@USE_PKCS11_TRUE@am__append_94 = plugins/pkcs11
+@MONOLITHIC_TRUE@@USE_PKCS11_TRUE@am__append_95 = plugins/pkcs11/libstrongswan-pkcs11.la
+@USE_CTR_TRUE@am__append_96 = plugins/ctr
+@MONOLITHIC_TRUE@@USE_CTR_TRUE@am__append_97 = plugins/ctr/libstrongswan-ctr.la
+@USE_CCM_TRUE@am__append_98 = plugins/ccm
+@MONOLITHIC_TRUE@@USE_CCM_TRUE@am__append_99 = plugins/ccm/libstrongswan-ccm.la
+@USE_GCM_TRUE@am__append_100 = plugins/gcm
+@MONOLITHIC_TRUE@@USE_GCM_TRUE@am__append_101 = plugins/gcm/libstrongswan-gcm.la
+@USE_NTRU_TRUE@am__append_102 = plugins/ntru
+@MONOLITHIC_TRUE@@USE_NTRU_TRUE@am__append_103 = plugins/ntru/libstrongswan-ntru.la
+@USE_TEST_VECTORS_TRUE@am__append_104 = plugins/test_vectors
+@MONOLITHIC_TRUE@@USE_TEST_VECTORS_TRUE@am__append_105 = plugins/test_vectors/libstrongswan-test-vectors.la
 subdir = src/libstrongswan
 DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
 	$(top_srcdir)/depcomp \
@@ -254,7 +256,7 @@ libstrongswan_la_DEPENDENCIES = $(am__DEPENDENCIES_1) \
 	$(am__append_83) $(am__append_85) $(am__append_87) \
 	$(am__append_89) $(am__append_91) $(am__append_93) \
 	$(am__append_95) $(am__append_97) $(am__append_99) \
-	$(am__append_101) $(am__append_103)
+	$(am__append_101) $(am__append_103) $(am__append_105)
 am__libstrongswan_la_SOURCES_DIST = library.c asn1/asn1.c \
 	asn1/asn1_parser.c asn1/oid.c bio/bio_reader.c \
 	bio/bio_writer.c collections/blocking_queue.c \
@@ -277,7 +279,6 @@ am__libstrongswan_la_SOURCES_DIST = library.c asn1/asn1.c \
 	credentials/certificates/ocsp_response.c \
 	credentials/containers/container.c \
 	credentials/containers/pkcs12.c \
-	credentials/ietf_attributes/ietf_attributes.c \
 	credentials/credential_manager.c \
 	credentials/sets/auth_cfg_wrapper.c \
 	credentials/sets/ocsp_response_wrapper.c \
@@ -332,7 +333,6 @@ am_libstrongswan_la_OBJECTS = library.lo asn1/asn1.lo \
 	credentials/certificates/ocsp_response.lo \
 	credentials/containers/container.lo \
 	credentials/containers/pkcs12.lo \
-	credentials/ietf_attributes/ietf_attributes.lo \
 	credentials/credential_manager.lo \
 	credentials/sets/auth_cfg_wrapper.lo \
 	credentials/sets/ocsp_response_wrapper.lo \
@@ -438,7 +438,6 @@ am__nobase_strongswan_include_HEADERS_DIST = library.h asn1/asn1.h \
 	credentials/certificates/pgp_certificate.h \
 	credentials/containers/container.h \
 	credentials/containers/pkcs7.h credentials/containers/pkcs12.h \
-	credentials/ietf_attributes/ietf_attributes.h \
 	credentials/credential_manager.h \
 	credentials/sets/auth_cfg_wrapper.h \
 	credentials/sets/ocsp_response_wrapper.h \
@@ -502,11 +501,11 @@ DIST_SUBDIRS = . plugins/af_alg plugins/aes plugins/des \
 	plugins/sha1 plugins/sha2 plugins/gmp plugins/rdrand \
 	plugins/random plugins/nonce plugins/hmac plugins/cmac \
 	plugins/xcbc plugins/x509 plugins/revocation \
-	plugins/constraints plugins/pubkey plugins/pkcs1 plugins/pkcs7 \
-	plugins/pkcs8 plugins/pkcs12 plugins/pgp plugins/dnskey \
-	plugins/sshkey plugins/pem plugins/curl plugins/unbound \
-	plugins/soup plugins/ldap plugins/mysql plugins/sqlite \
-	plugins/padlock plugins/openssl plugins/gcrypt \
+	plugins/constraints plugins/acert plugins/pubkey plugins/pkcs1 \
+	plugins/pkcs7 plugins/pkcs8 plugins/pkcs12 plugins/pgp \
+	plugins/dnskey plugins/sshkey plugins/pem plugins/curl \
+	plugins/unbound plugins/soup plugins/ldap plugins/mysql \
+	plugins/sqlite plugins/padlock plugins/openssl plugins/gcrypt \
 	plugins/fips_prf plugins/agent plugins/keychain plugins/pkcs11 \
 	plugins/ctr plugins/ccm plugins/gcm plugins/ntru \
 	plugins/test_vectors tests
@@ -705,7 +704,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
@@ -767,7 +765,6 @@ libstrongswan_la_SOURCES = library.c asn1/asn1.c asn1/asn1_parser.c \
 	credentials/certificates/ocsp_response.c \
 	credentials/containers/container.c \
 	credentials/containers/pkcs12.c \
-	credentials/ietf_attributes/ietf_attributes.c \
 	credentials/credential_manager.c \
 	credentials/sets/auth_cfg_wrapper.c \
 	credentials/sets/ocsp_response_wrapper.c \
@@ -816,7 +813,6 @@ libstrongswan_la_SOURCES = library.c asn1/asn1.c asn1/asn1_parser.c \
 @USE_DEV_HEADERS_TRUE@credentials/certificates/pgp_certificate.h \
 @USE_DEV_HEADERS_TRUE@credentials/containers/container.h credentials/containers/pkcs7.h \
 @USE_DEV_HEADERS_TRUE@credentials/containers/pkcs12.h \
-@USE_DEV_HEADERS_TRUE@credentials/ietf_attributes/ietf_attributes.h \
 @USE_DEV_HEADERS_TRUE@credentials/credential_manager.h credentials/sets/auth_cfg_wrapper.h \
 @USE_DEV_HEADERS_TRUE@credentials/sets/ocsp_response_wrapper.h credentials/sets/cert_cache.h \
 @USE_DEV_HEADERS_TRUE@credentials/sets/mem_cred.h credentials/sets/callback_cred.h \
@@ -858,7 +854,8 @@ libstrongswan_la_LIBADD = $(PTHREADLIB) $(DLLIB) $(BTLIB) $(SOCKLIB) \
 	$(am__append_81) $(am__append_83) $(am__append_85) \
 	$(am__append_87) $(am__append_89) $(am__append_91) \
 	$(am__append_93) $(am__append_95) $(am__append_97) \
-	$(am__append_99) $(am__append_101) $(am__append_103)
+	$(am__append_99) $(am__append_101) $(am__append_103) \
+	$(am__append_105)
 AM_CPPFLAGS = -I$(top_srcdir)/src/libstrongswan \
 	-DIPSEC_DIR=\"${ipsecdir}\" -DIPSEC_LIB_DIR=\"${ipseclibdir}\" \
 	-DPLUGINDIR=\"${plugindir}\" \
@@ -905,7 +902,8 @@ $(srcdir)/crypto/proposal/proposal_keywords_static.c
 @MONOLITHIC_FALSE@	$(am__append_88) $(am__append_90) \
 @MONOLITHIC_FALSE@	$(am__append_92) $(am__append_94) \
 @MONOLITHIC_FALSE@	$(am__append_96) $(am__append_98) \
-@MONOLITHIC_FALSE@	$(am__append_100) $(am__append_102) tests
+@MONOLITHIC_FALSE@	$(am__append_100) $(am__append_102) \
+@MONOLITHIC_FALSE@	$(am__append_104) tests
 
 # build plugins with their own Makefile
 #######################################
@@ -931,7 +929,8 @@ $(srcdir)/crypto/proposal/proposal_keywords_static.c
 @MONOLITHIC_TRUE@	$(am__append_88) $(am__append_90) \
 @MONOLITHIC_TRUE@	$(am__append_92) $(am__append_94) \
 @MONOLITHIC_TRUE@	$(am__append_96) $(am__append_98) \
-@MONOLITHIC_TRUE@	$(am__append_100) $(am__append_102) . tests
+@MONOLITHIC_TRUE@	$(am__append_100) $(am__append_102) \
+@MONOLITHIC_TRUE@	$(am__append_104) . tests
 all: $(BUILT_SOURCES)
 	$(MAKE) $(AM_MAKEFLAGS) all-recursive
 
@@ -1172,15 +1171,6 @@ credentials/containers/container.lo:  \
 credentials/containers/pkcs12.lo:  \
 	credentials/containers/$(am__dirstamp) \
 	credentials/containers/$(DEPDIR)/$(am__dirstamp)
-credentials/ietf_attributes/$(am__dirstamp):
-	@$(MKDIR_P) credentials/ietf_attributes
-	@: > credentials/ietf_attributes/$(am__dirstamp)
-credentials/ietf_attributes/$(DEPDIR)/$(am__dirstamp):
-	@$(MKDIR_P) credentials/ietf_attributes/$(DEPDIR)
-	@: > credentials/ietf_attributes/$(DEPDIR)/$(am__dirstamp)
-credentials/ietf_attributes/ietf_attributes.lo:  \
-	credentials/ietf_attributes/$(am__dirstamp) \
-	credentials/ietf_attributes/$(DEPDIR)/$(am__dirstamp)
 credentials/credential_manager.lo: credentials/$(am__dirstamp) \
 	credentials/$(DEPDIR)/$(am__dirstamp)
 credentials/sets/$(am__dirstamp):
@@ -1409,8 +1399,6 @@ mostlyclean-compile:
 	-rm -f credentials/certificates/*.lo
 	-rm -f credentials/containers/*.$(OBJEXT)
 	-rm -f credentials/containers/*.lo
-	-rm -f credentials/ietf_attributes/*.$(OBJEXT)
-	-rm -f credentials/ietf_attributes/*.lo
 	-rm -f credentials/keys/*.$(OBJEXT)
 	-rm -f credentials/keys/*.lo
 	-rm -f credentials/sets/*.$(OBJEXT)
@@ -1488,7 +1476,6 @@ distclean-compile:
 @AMDEP_TRUE@@am__include@ @am__quote@credentials/certificates/$(DEPDIR)/ocsp_response.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@credentials/containers/$(DEPDIR)/container.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@credentials/containers/$(DEPDIR)/pkcs12.Plo@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@credentials/ietf_attributes/$(DEPDIR)/ietf_attributes.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@credentials/keys/$(DEPDIR)/private_key.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@credentials/keys/$(DEPDIR)/public_key.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@credentials/keys/$(DEPDIR)/shared_key.Plo@am__quote@
@@ -1598,7 +1585,6 @@ clean-libtool:
 	-rm -rf credentials/.libs credentials/_libs
 	-rm -rf credentials/certificates/.libs credentials/certificates/_libs
 	-rm -rf credentials/containers/.libs credentials/containers/_libs
-	-rm -rf credentials/ietf_attributes/.libs credentials/ietf_attributes/_libs
 	-rm -rf credentials/keys/.libs credentials/keys/_libs
 	-rm -rf credentials/sets/.libs credentials/sets/_libs
 	-rm -rf crypto/.libs crypto/_libs
@@ -1852,8 +1838,6 @@ distclean-generic:
 	-rm -f credentials/certificates/$(am__dirstamp)
 	-rm -f credentials/containers/$(DEPDIR)/$(am__dirstamp)
 	-rm -f credentials/containers/$(am__dirstamp)
-	-rm -f credentials/ietf_attributes/$(DEPDIR)/$(am__dirstamp)
-	-rm -f credentials/ietf_attributes/$(am__dirstamp)
 	-rm -f credentials/keys/$(DEPDIR)/$(am__dirstamp)
 	-rm -f credentials/keys/$(am__dirstamp)
 	-rm -f credentials/sets/$(DEPDIR)/$(am__dirstamp)
@@ -1918,7 +1902,7 @@ clean-am: clean-generic clean-ipseclibLTLIBRARIES clean-libtool \
 	mostlyclean-am
 
 distclean: distclean-recursive
-	-rm -rf ./$(DEPDIR) asn1/$(DEPDIR) bio/$(DEPDIR) collections/$(DEPDIR) credentials/$(DEPDIR) credentials/certificates/$(DEPDIR) credentials/containers/$(DEPDIR) credentials/ietf_attributes/$(DEPDIR) credentials/keys/$(DEPDIR) credentials/sets/$(DEPDIR) crypto/$(DEPDIR) crypto/crypters/$(DEPDIR) crypto/hashers/$(DEPDIR) crypto/iv/$(DEPDIR) crypto/prfs/$(DEPDIR) crypto/proposal/$(DEPDIR) crypto/rngs/$(DEPDIR) crypto/signers/$(DEPDIR) database/$(DEPDIR) eap/$(DEPDIR) fetcher/$(DEPDIR) ipsec/$(DEPDIR) networking/$(DEPDIR) networking/streams/$(DEPDIR) pen/$(DEPDIR) plugins/$(DEPDIR) processing/$(DEPDIR) processing/jobs/$(DEPDIR) resolver/$(DEPDIR) selectors/$(DEPDIR) threading/$(DEPDIR) utils/$(DEPDIR) utils/printf_hook/$(DEPDIR) utils/utils/$(DEPDIR)
+	-rm -rf ./$(DEPDIR) asn1/$(DEPDIR) bio/$(DEPDIR) collections/$(DEPDIR) credentials/$(DEPDIR) credentials/certificates/$(DEPDIR) credentials/containers/$(DEPDIR) credentials/keys/$(DEPDIR) credentials/sets/$(DEPDIR) crypto/$(DEPDIR) crypto/crypters/$(DEPDIR) crypto/hashers/$(DEPDIR) crypto/iv/$(DEPDIR) crypto/prfs/$(DEPDIR) crypto/proposal/$(DEPDIR) crypto/rngs/$(DEPDIR) crypto/signers/$(DEPDIR) database/$(DEPDIR) eap/$(DEPDIR) fetcher/$(DEPDIR) ipsec/$(DEPDIR) networking/$(DEPDIR) networking/streams/$(DEPDIR) pen/$(DEPDIR) plugins/$(DEPDIR) processing/$(DEPDIR) processing/jobs/$(DEPDIR) resolver/$(DEPDIR) selectors/$(DEPDIR) threading/$(DEPDIR) utils/$(DEPDIR) utils/printf_hook/$(DEPDIR) utils/utils/$(DEPDIR)
 	-rm -f Makefile
 distclean-am: clean-am distclean-compile distclean-generic \
 	distclean-tags
@@ -1965,7 +1949,7 @@ install-ps-am:
 installcheck-am:
 
 maintainer-clean: maintainer-clean-recursive
-	-rm -rf ./$(DEPDIR) asn1/$(DEPDIR) bio/$(DEPDIR) collections/$(DEPDIR) credentials/$(DEPDIR) credentials/certificates/$(DEPDIR) credentials/containers/$(DEPDIR) credentials/ietf_attributes/$(DEPDIR) credentials/keys/$(DEPDIR) credentials/sets/$(DEPDIR) crypto/$(DEPDIR) crypto/crypters/$(DEPDIR) crypto/hashers/$(DEPDIR) crypto/iv/$(DEPDIR) crypto/prfs/$(DEPDIR) crypto/proposal/$(DEPDIR) crypto/rngs/$(DEPDIR) crypto/signers/$(DEPDIR) database/$(DEPDIR) eap/$(DEPDIR) fetcher/$(DEPDIR) ipsec/$(DEPDIR) networking/$(DEPDIR) networking/streams/$(DEPDIR) pen/$(DEPDIR) plugins/$(DEPDIR) processing/$(DEPDIR) processing/jobs/$(DEPDIR) resolver/$(DEPDIR) selectors/$(DEPDIR) threading/$(DEPDIR) utils/$(DEPDIR) utils/printf_hook/$(DEPDIR) utils/utils/$(DEPDIR)
+	-rm -rf ./$(DEPDIR) asn1/$(DEPDIR) bio/$(DEPDIR) collections/$(DEPDIR) credentials/$(DEPDIR) credentials/certificates/$(DEPDIR) credentials/containers/$(DEPDIR) credentials/keys/$(DEPDIR) credentials/sets/$(DEPDIR) crypto/$(DEPDIR) crypto/crypters/$(DEPDIR) crypto/hashers/$(DEPDIR) crypto/iv/$(DEPDIR) crypto/prfs/$(DEPDIR) crypto/proposal/$(DEPDIR) crypto/rngs/$(DEPDIR) crypto/signers/$(DEPDIR) database/$(DEPDIR) eap/$(DEPDIR) fetcher/$(DEPDIR) ipsec/$(DEPDIR) networking/$(DEPDIR) networking/streams/$(DEPDIR) pen/$(DEPDIR) plugins/$(DEPDIR) processing/$(DEPDIR) processing/jobs/$(DEPDIR) resolver/$(DEPDIR) selectors/$(DEPDIR) threading/$(DEPDIR) utils/$(DEPDIR) utils/printf_hook/$(DEPDIR) utils/utils/$(DEPDIR)
 	-rm -f Makefile
 maintainer-clean-am: distclean-am maintainer-clean-generic
 
diff --git a/src/libstrongswan/asn1/oid.c b/src/libstrongswan/asn1/oid.c
index 6fa8f4e54..b479b0f4b 100644
--- a/src/libstrongswan/asn1/oid.c
+++ b/src/libstrongswan/asn1/oid.c
@@ -199,243 +199,268 @@ const oid_t oid_names[] = {
  {              0x02,         187, 0,  7, "ecdsa-with-SHA256"              }, /* 186 */
  {              0x03,         188, 0,  7, "ecdsa-with-SHA384"              }, /* 187 */
  {              0x04,           0, 0,  7, "ecdsa-with-SHA512"              }, /* 188 */
- {0x2B,                       372, 1,  0, ""                               }, /* 189 */
- {  0x06,                     286, 1,  1, "dod"                            }, /* 190 */
+ {0x2B,                       391, 1,  0, ""                               }, /* 189 */
+ {  0x06,                     305, 1,  1, "dod"                            }, /* 190 */
  {    0x01,                     0, 1,  2, "internet"                       }, /* 191 */
- {      0x04,                 237, 1,  3, "private"                        }, /* 192 */
+ {      0x04,                 256, 1,  3, "private"                        }, /* 192 */
  {        0x01,                 0, 1,  4, "enterprise"                     }, /* 193 */
- {          0x82,             207, 1,  5, ""                               }, /* 194 */
- {            0x37,           204, 1,  6, "Microsoft"                      }, /* 195 */
+ {          0x82,             210, 1,  5, ""                               }, /* 194 */
+ {            0x37,           207, 1,  6, "Microsoft"                      }, /* 195 */
  {              0x0A,         200, 1,  7, ""                               }, /* 196 */
  {                0x03,         0, 1,  8, ""                               }, /* 197 */
  {                  0x03,     199, 0,  9, "msSGC"                          }, /* 198 */
  {                  0x04,       0, 0,  9, "msEncryptingFileSystem"         }, /* 199 */
- {              0x14,           0, 1,  7, "msEnrollmentInfrastructure"     }, /* 200 */
+ {              0x14,         204, 1,  7, "msEnrollmentInfrastructure"     }, /* 200 */
  {                0x02,         0, 1,  8, "msCertificateTypeExtension"     }, /* 201 */
  {                  0x02,     203, 0,  9, "msSmartcardLogon"               }, /* 202 */
  {                  0x03,       0, 0,  9, "msUPN"                          }, /* 203 */
- {            0xA0,             0, 1,  6, ""                               }, /* 204 */
- {              0x2A,           0, 1,  7, "ITA"                            }, /* 205 */
- {                0x01,         0, 0,  8, "strongSwan"                     }, /* 206 */
- {          0x89,             214, 1,  5, ""                               }, /* 207 */
- {            0x31,             0, 1,  6, ""                               }, /* 208 */
- {              0x01,           0, 1,  7, ""                               }, /* 209 */
- {                0x01,         0, 1,  8, ""                               }, /* 210 */
- {                  0x02,       0, 1,  9, ""                               }, /* 211 */
- {                    0x02,     0, 1, 10, ""                               }, /* 212 */
- {                      0x4B,   0, 0, 11, "TCGID"                          }, /* 213 */
- {          0xc1,               0, 1,  5, ""                               }, /* 214 */
- {            0x16,             0, 1,  6, "ntruCryptosystems"              }, /* 215 */
- {              0x01,           0, 1,  7, "eess"                           }, /* 216 */
- {                0x01,         0, 1,  8, "eess1"                          }, /* 217 */
- {                  0x01,     222, 1,  9, "eess1-algs"                     }, /* 218 */
- {                    0x01,   220, 0, 10, "ntru-EESS1v1-SVES"              }, /* 219 */
- {                    0x02,   221, 0, 10, "ntru-EESS1v1-SVSSA"             }, /* 220 */
- {                    0x03,     0, 0, 10, "ntru-EESS1v1-NTRUSign"          }, /* 221 */
- {                  0x02,     236, 1,  9, "eess1-params"                   }, /* 222 */
- {                    0x01,   224, 0, 10, "ees251ep1"                      }, /* 223 */
- {                    0x02,   225, 0, 10, "ees347ep1"                      }, /* 224 */
- {                    0x03,   226, 0, 10, "ees503ep1"                      }, /* 225 */
- {                    0x07,   227, 0, 10, "ees251sp2"                      }, /* 226 */
- {                    0x0C,   228, 0, 10, "ees251ep4"                      }, /* 227 */
- {                    0x0D,   229, 0, 10, "ees251ep5"                      }, /* 228 */
- {                    0x0E,   230, 0, 10, "ees251sp3"                      }, /* 229 */
- {                    0x0F,   231, 0, 10, "ees251sp4"                      }, /* 230 */
- {                    0x10,   232, 0, 10, "ees251sp5"                      }, /* 231 */
- {                    0x11,   233, 0, 10, "ees251sp6"                      }, /* 232 */
- {                    0x12,   234, 0, 10, "ees251sp7"                      }, /* 233 */
- {                    0x13,   235, 0, 10, "ees251sp8"                      }, /* 234 */
- {                    0x14,     0, 0, 10, "ees251sp9"                      }, /* 235 */
- {                  0x03,       0, 0,  9, "eess1-encodingMethods"          }, /* 236 */
- {      0x05,                   0, 1,  3, "security"                       }, /* 237 */
- {        0x05,                 0, 1,  4, "mechanisms"                     }, /* 238 */
- {          0x07,             283, 1,  5, "id-pkix"                        }, /* 239 */
- {            0x01,           244, 1,  6, "id-pe"                          }, /* 240 */
- {              0x01,         242, 0,  7, "authorityInfoAccess"            }, /* 241 */
- {              0x03,         243, 0,  7, "qcStatements"                   }, /* 242 */
- {              0x07,           0, 0,  7, "ipAddrBlocks"                   }, /* 243 */
- {            0x02,           247, 1,  6, "id-qt"                          }, /* 244 */
- {              0x01,         246, 0,  7, "cps"                            }, /* 245 */
- {              0x02,           0, 0,  7, "unotice"                        }, /* 246 */
- {            0x03,           257, 1,  6, "id-kp"                          }, /* 247 */
- {              0x01,         249, 0,  7, "serverAuth"                     }, /* 248 */
- {              0x02,         250, 0,  7, "clientAuth"                     }, /* 249 */
- {              0x03,         251, 0,  7, "codeSigning"                    }, /* 250 */
- {              0x04,         252, 0,  7, "emailProtection"                }, /* 251 */
- {              0x05,         253, 0,  7, "ipsecEndSystem"                 }, /* 252 */
- {              0x06,         254, 0,  7, "ipsecTunnel"                    }, /* 253 */
- {              0x07,         255, 0,  7, "ipsecUser"                      }, /* 254 */
- {              0x08,         256, 0,  7, "timeStamping"                   }, /* 255 */
- {              0x09,           0, 0,  7, "ocspSigning"                    }, /* 256 */
- {            0x08,           265, 1,  6, "id-otherNames"                  }, /* 257 */
- {              0x01,         259, 0,  7, "personalData"                   }, /* 258 */
- {              0x02,         260, 0,  7, "userGroup"                      }, /* 259 */
- {              0x03,         261, 0,  7, "id-on-permanentIdentifier"      }, /* 260 */
- {              0x04,         262, 0,  7, "id-on-hardwareModuleName"       }, /* 261 */
- {              0x05,         263, 0,  7, "xmppAddr"                       }, /* 262 */
- {              0x06,         264, 0,  7, "id-on-SIM"                      }, /* 263 */
- {              0x07,           0, 0,  7, "id-on-dnsSRV"                   }, /* 264 */
- {            0x0A,           270, 1,  6, "id-aca"                         }, /* 265 */
- {              0x01,         267, 0,  7, "authenticationInfo"             }, /* 266 */
- {              0x02,         268, 0,  7, "accessIdentity"                 }, /* 267 */
- {              0x03,         269, 0,  7, "chargingIdentity"               }, /* 268 */
- {              0x04,           0, 0,  7, "group"                          }, /* 269 */
- {            0x0B,           271, 0,  6, "subjectInfoAccess"              }, /* 270 */
- {            0x30,             0, 1,  6, "id-ad"                          }, /* 271 */
- {              0x01,         280, 1,  7, "ocsp"                           }, /* 272 */
- {                0x01,       274, 0,  8, "basic"                          }, /* 273 */
- {                0x02,       275, 0,  8, "nonce"                          }, /* 274 */
- {                0x03,       276, 0,  8, "crl"                            }, /* 275 */
- {                0x04,       277, 0,  8, "response"                       }, /* 276 */
- {                0x05,       278, 0,  8, "noCheck"                        }, /* 277 */
- {                0x06,       279, 0,  8, "archiveCutoff"                  }, /* 278 */
- {                0x07,         0, 0,  8, "serviceLocator"                 }, /* 279 */
- {              0x02,         281, 0,  7, "caIssuers"                      }, /* 280 */
- {              0x03,         282, 0,  7, "timeStamping"                   }, /* 281 */
- {              0x05,           0, 0,  7, "caRepository"                   }, /* 282 */
- {          0x08,               0, 1,  5, "ipsec"                          }, /* 283 */
- {            0x02,             0, 1,  6, "certificate"                    }, /* 284 */
- {              0x02,           0, 0,  7, "iKEIntermediate"                }, /* 285 */
- {  0x0E,                     292, 1,  1, "oiw"                            }, /* 286 */
- {    0x03,                     0, 1,  2, "secsig"                         }, /* 287 */
- {      0x02,                   0, 1,  3, "algorithms"                     }, /* 288 */
- {        0x07,               290, 0,  4, "des-cbc"                        }, /* 289 */
- {        0x1A,               291, 0,  4, "sha-1"                          }, /* 290 */
- {        0x1D,                 0, 0,  4, "sha-1WithRSASignature"          }, /* 291 */
- {  0x24,                     338, 1,  1, "TeleTrusT"                      }, /* 292 */
- {    0x03,                     0, 1,  2, "algorithm"                      }, /* 293 */
- {      0x03,                   0, 1,  3, "signatureAlgorithm"             }, /* 294 */
- {        0x01,               299, 1,  4, "rsaSignature"                   }, /* 295 */
- {          0x02,             297, 0,  5, "rsaSigWithripemd160"            }, /* 296 */
- {          0x03,             298, 0,  5, "rsaSigWithripemd128"            }, /* 297 */
- {          0x04,               0, 0,  5, "rsaSigWithripemd256"            }, /* 298 */
- {        0x02,                 0, 1,  4, "ecSign"                         }, /* 299 */
- {          0x01,             301, 0,  5, "ecSignWithsha1"                 }, /* 300 */
- {          0x02,             302, 0,  5, "ecSignWithripemd160"            }, /* 301 */
- {          0x03,             303, 0,  5, "ecSignWithmd2"                  }, /* 302 */
- {          0x04,             304, 0,  5, "ecSignWithmd5"                  }, /* 303 */
- {          0x05,             321, 1,  5, "ttt-ecg"                        }, /* 304 */
- {            0x01,           309, 1,  6, "fieldType"                      }, /* 305 */
- {              0x01,           0, 1,  7, "characteristictwoField"         }, /* 306 */
- {                0x01,         0, 1,  8, "basisType"                      }, /* 307 */
- {                  0x01,       0, 0,  9, "ipBasis"                        }, /* 308 */
- {            0x02,           311, 1,  6, "keyType"                        }, /* 309 */
- {              0x01,           0, 0,  7, "ecgPublicKey"                   }, /* 310 */
- {            0x03,           312, 0,  6, "curve"                          }, /* 311 */
- {            0x04,           319, 1,  6, "signatures"                     }, /* 312 */
- {              0x01,         314, 0,  7, "ecgdsa-with-RIPEMD160"          }, /* 313 */
- {              0x02,         315, 0,  7, "ecgdsa-with-SHA1"               }, /* 314 */
- {              0x03,         316, 0,  7, "ecgdsa-with-SHA224"             }, /* 315 */
- {              0x04,         317, 0,  7, "ecgdsa-with-SHA256"             }, /* 316 */
- {              0x05,         318, 0,  7, "ecgdsa-with-SHA384"             }, /* 317 */
- {              0x06,           0, 0,  7, "ecgdsa-with-SHA512"             }, /* 318 */
- {            0x05,             0, 1,  6, "module"                         }, /* 319 */
- {              0x01,           0, 0,  7, "1"                              }, /* 320 */
- {          0x08,               0, 1,  5, "ecStdCurvesAndGeneration"       }, /* 321 */
- {            0x01,             0, 1,  6, "ellipticCurve"                  }, /* 322 */
- {              0x01,           0, 1,  7, "versionOne"                     }, /* 323 */
- {                0x01,       325, 0,  8, "brainpoolP160r1"                }, /* 324 */
- {                0x02,       326, 0,  8, "brainpoolP160t1"                }, /* 325 */
- {                0x03,       327, 0,  8, "brainpoolP192r1"                }, /* 326 */
- {                0x04,       328, 0,  8, "brainpoolP192t1"                }, /* 327 */
- {                0x05,       329, 0,  8, "brainpoolP224r1"                }, /* 328 */
- {                0x06,       330, 0,  8, "brainpoolP224t1"                }, /* 329 */
- {                0x07,       331, 0,  8, "brainpoolP256r1"                }, /* 330 */
- {                0x08,       332, 0,  8, "brainpoolP256t1"                }, /* 331 */
- {                0x09,       333, 0,  8, "brainpoolP320r1"                }, /* 332 */
- {                0x0A,       334, 0,  8, "brainpoolP320t1"                }, /* 333 */
- {                0x0B,       335, 0,  8, "brainpoolP384r1"                }, /* 334 */
- {                0x0C,       336, 0,  8, "brainpoolP384t1"                }, /* 335 */
- {                0x0D,       337, 0,  8, "brainpoolP512r1"                }, /* 336 */
- {                0x0E,         0, 0,  8, "brainpoolP512t1"                }, /* 337 */
- {  0x81,                       0, 1,  1, ""                               }, /* 338 */
- {    0x04,                     0, 1,  2, "Certicom"                       }, /* 339 */
- {      0x00,                   0, 1,  3, "curve"                          }, /* 340 */
- {        0x01,               342, 0,  4, "sect163k1"                      }, /* 341 */
- {        0x02,               343, 0,  4, "sect163r1"                      }, /* 342 */
- {        0x03,               344, 0,  4, "sect239k1"                      }, /* 343 */
- {        0x04,               345, 0,  4, "sect113r1"                      }, /* 344 */
- {        0x05,               346, 0,  4, "sect113r2"                      }, /* 345 */
- {        0x06,               347, 0,  4, "secp112r1"                      }, /* 346 */
- {        0x07,               348, 0,  4, "secp112r2"                      }, /* 347 */
- {        0x08,               349, 0,  4, "secp160r1"                      }, /* 348 */
- {        0x09,               350, 0,  4, "secp160k1"                      }, /* 349 */
- {        0x0A,               351, 0,  4, "secp256k1"                      }, /* 350 */
- {        0x0F,               352, 0,  4, "sect163r2"                      }, /* 351 */
- {        0x10,               353, 0,  4, "sect283k1"                      }, /* 352 */
- {        0x11,               354, 0,  4, "sect283r1"                      }, /* 353 */
- {        0x16,               355, 0,  4, "sect131r1"                      }, /* 354 */
- {        0x17,               356, 0,  4, "sect131r2"                      }, /* 355 */
- {        0x18,               357, 0,  4, "sect193r1"                      }, /* 356 */
- {        0x19,               358, 0,  4, "sect193r2"                      }, /* 357 */
- {        0x1A,               359, 0,  4, "sect233k1"                      }, /* 358 */
- {        0x1B,               360, 0,  4, "sect233r1"                      }, /* 359 */
- {        0x1C,               361, 0,  4, "secp128r1"                      }, /* 360 */
- {        0x1D,               362, 0,  4, "secp128r2"                      }, /* 361 */
- {        0x1E,               363, 0,  4, "secp160r2"                      }, /* 362 */
- {        0x1F,               364, 0,  4, "secp192k1"                      }, /* 363 */
- {        0x20,               365, 0,  4, "secp224k1"                      }, /* 364 */
- {        0x21,               366, 0,  4, "secp224r1"                      }, /* 365 */
- {        0x22,               367, 0,  4, "secp384r1"                      }, /* 366 */
- {        0x23,               368, 0,  4, "secp521r1"                      }, /* 367 */
- {        0x24,               369, 0,  4, "sect409k1"                      }, /* 368 */
- {        0x25,               370, 0,  4, "sect409r1"                      }, /* 369 */
- {        0x26,               371, 0,  4, "sect571k1"                      }, /* 370 */
- {        0x27,                 0, 0,  4, "sect571r1"                      }, /* 371 */
- {0x60,                       420, 1,  0, ""                               }, /* 372 */
- {  0x86,                       0, 1,  1, ""                               }, /* 373 */
- {    0x48,                     0, 1,  2, ""                               }, /* 374 */
- {      0x01,                   0, 1,  3, "organization"                   }, /* 375 */
- {        0x65,               396, 1,  4, "gov"                            }, /* 376 */
- {          0x03,               0, 1,  5, "csor"                           }, /* 377 */
- {            0x04,             0, 1,  6, "nistalgorithm"                  }, /* 378 */
- {              0x01,         389, 1,  7, "aes"                            }, /* 379 */
- {                0x02,       381, 0,  8, "id-aes128-CBC"                  }, /* 380 */
- {                0x06,       382, 0,  8, "id-aes128-GCM"                  }, /* 381 */
- {                0x07,       383, 0,  8, "id-aes128-CCM"                  }, /* 382 */
- {                0x16,       384, 0,  8, "id-aes192-CBC"                  }, /* 383 */
- {                0x1A,       385, 0,  8, "id-aes192-GCM"                  }, /* 384 */
- {                0x1B,       386, 0,  8, "id-aes192-CCM"                  }, /* 385 */
- {                0x2A,       387, 0,  8, "id-aes256-CBC"                  }, /* 386 */
- {                0x2E,       388, 0,  8, "id-aes256-GCM"                  }, /* 387 */
- {                0x2F,         0, 0,  8, "id-aes256-CCM"                  }, /* 388 */
- {              0x02,           0, 1,  7, "hashalgs"                       }, /* 389 */
- {                0x01,       391, 0,  8, "id-SHA-256"                     }, /* 390 */
- {                0x02,       392, 0,  8, "id-SHA-384"                     }, /* 391 */
- {                0x03,       393, 0,  8, "id-SHA-512"                     }, /* 392 */
- {                0x04,       394, 0,  8, "id-SHA-224"                     }, /* 393 */
- {                0x05,       395, 0,  8, "id-SHA-512-224"                 }, /* 394 */
- {                0x06,         0, 0,  8, "id-SHA-512-256"                 }, /* 395 */
- {        0x86,                 0, 1,  4, ""                               }, /* 396 */
- {          0xf8,               0, 1,  5, ""                               }, /* 397 */
- {            0x42,           410, 1,  6, "netscape"                       }, /* 398 */
- {              0x01,         405, 1,  7, ""                               }, /* 399 */
- {                0x01,       401, 0,  8, "nsCertType"                     }, /* 400 */
- {                0x03,       402, 0,  8, "nsRevocationUrl"                }, /* 401 */
- {                0x04,       403, 0,  8, "nsCaRevocationUrl"              }, /* 402 */
- {                0x08,       404, 0,  8, "nsCaPolicyUrl"                  }, /* 403 */
- {                0x0d,         0, 0,  8, "nsComment"                      }, /* 404 */
- {              0x03,         408, 1,  7, "directory"                      }, /* 405 */
- {                0x01,         0, 1,  8, ""                               }, /* 406 */
- {                  0x03,       0, 0,  9, "employeeNumber"                 }, /* 407 */
- {              0x04,           0, 1,  7, "policy"                         }, /* 408 */
- {                0x01,         0, 0,  8, "nsSGC"                          }, /* 409 */
- {            0x45,             0, 1,  6, "verisign"                       }, /* 410 */
- {              0x01,           0, 1,  7, "pki"                            }, /* 411 */
- {                0x09,         0, 1,  8, "attributes"                     }, /* 412 */
- {                  0x02,     414, 0,  9, "messageType"                    }, /* 413 */
- {                  0x03,     415, 0,  9, "pkiStatus"                      }, /* 414 */
- {                  0x04,     416, 0,  9, "failInfo"                       }, /* 415 */
- {                  0x05,     417, 0,  9, "senderNonce"                    }, /* 416 */
- {                  0x06,     418, 0,  9, "recipientNonce"                 }, /* 417 */
- {                  0x07,     419, 0,  9, "transID"                        }, /* 418 */
- {                  0x08,       0, 0,  9, "extensionReq"                   }, /* 419 */
- {0x67,                         0, 1,  0, ""                               }, /* 420 */
- {  0x81,                       0, 1,  1, ""                               }, /* 421 */
- {    0x05,                     0, 1,  2, ""                               }, /* 422 */
- {      0x02,                   0, 1,  3, "tcg-attribute"                  }, /* 423 */
- {        0x01,               425, 0,  4, "tcg-at-tpmManufacturer"         }, /* 424 */
- {        0x02,               426, 0,  4, "tcg-at-tpmModel"                }, /* 425 */
- {        0x03,               427, 0,  4, "tcg-at-tpmVersion"              }, /* 426 */
- {        0x0F,                 0, 0,  4, "tcg-at-tpmIdLabel"              }  /* 427 */
+ {              0x15,           0, 1,  7, "msCertSrvInfrastructure"        }, /* 204 */
+ {                0x07,       206, 0,  8, "msCertTemplate"                 }, /* 205 */
+ {                0x0A,         0, 0,  8, "msApplicationCertPolicies"      }, /* 206 */
+ {            0xA0,             0, 1,  6, ""                               }, /* 207 */
+ {              0x2A,           0, 1,  7, "ITA"                            }, /* 208 */
+ {                0x01,         0, 0,  8, "strongSwan"                     }, /* 209 */
+ {          0x89,             217, 1,  5, ""                               }, /* 210 */
+ {            0x31,             0, 1,  6, ""                               }, /* 211 */
+ {              0x01,           0, 1,  7, ""                               }, /* 212 */
+ {                0x01,         0, 1,  8, ""                               }, /* 213 */
+ {                  0x02,       0, 1,  9, ""                               }, /* 214 */
+ {                    0x02,     0, 1, 10, ""                               }, /* 215 */
+ {                      0x4B,   0, 0, 11, "TCGID"                          }, /* 216 */
+ {          0xC1,               0, 1,  5, ""                               }, /* 217 */
+ {            0x16,             0, 1,  6, "ntruCryptosystems"              }, /* 218 */
+ {              0x01,           0, 1,  7, "eess"                           }, /* 219 */
+ {                0x01,         0, 1,  8, "eess1"                          }, /* 220 */
+ {                  0x01,     225, 1,  9, "eess1-algs"                     }, /* 221 */
+ {                    0x01,   223, 0, 10, "ntru-EESS1v1-SVES"              }, /* 222 */
+ {                    0x02,   224, 0, 10, "ntru-EESS1v1-SVSSA"             }, /* 223 */
+ {                    0x03,     0, 0, 10, "ntru-EESS1v1-NTRUSign"          }, /* 224 */
+ {                  0x02,     255, 1,  9, "eess1-params"                   }, /* 225 */
+ {                    0x01,   227, 0, 10, "ees251ep1"                      }, /* 226 */
+ {                    0x02,   228, 0, 10, "ees347ep1"                      }, /* 227 */
+ {                    0x03,   229, 0, 10, "ees503ep1"                      }, /* 228 */
+ {                    0x07,   230, 0, 10, "ees251sp2"                      }, /* 229 */
+ {                    0x0C,   231, 0, 10, "ees251ep4"                      }, /* 230 */
+ {                    0x0D,   232, 0, 10, "ees251ep5"                      }, /* 231 */
+ {                    0x0E,   233, 0, 10, "ees251sp3"                      }, /* 232 */
+ {                    0x0F,   234, 0, 10, "ees251sp4"                      }, /* 233 */
+ {                    0x10,   235, 0, 10, "ees251sp5"                      }, /* 234 */
+ {                    0x11,   236, 0, 10, "ees251sp6"                      }, /* 235 */
+ {                    0x12,   237, 0, 10, "ees251sp7"                      }, /* 236 */
+ {                    0x13,   238, 0, 10, "ees251sp8"                      }, /* 237 */
+ {                    0x14,   239, 0, 10, "ees251sp9"                      }, /* 238 */
+ {                    0x22,   240, 0, 10, "ees401ep1"                      }, /* 239 */
+ {                    0x23,   241, 0, 10, "ees449ep1"                      }, /* 240 */
+ {                    0x24,   242, 0, 10, "ees677ep1"                      }, /* 241 */
+ {                    0x25,   243, 0, 10, "ees1087ep2"                     }, /* 242 */
+ {                    0x26,   244, 0, 10, "ees541ep1"                      }, /* 243 */
+ {                    0x27,   245, 0, 10, "ees613ep1"                      }, /* 244 */
+ {                    0x28,   246, 0, 10, "ees887ep1"                      }, /* 245 */
+ {                    0x29,   247, 0, 10, "ees1171ep1"                     }, /* 246 */
+ {                    0x2A,   248, 0, 10, "ees659ep1"                      }, /* 247 */
+ {                    0x2B,   249, 0, 10, "ees761ep1"                      }, /* 248 */
+ {                    0x2C,   250, 0, 10, "ees1087ep1"                     }, /* 249 */
+ {                    0x2D,   251, 0, 10, "ees1499ep1"                     }, /* 250 */
+ {                    0x2E,   252, 0, 10, "ees401ep2"                      }, /* 251 */
+ {                    0x2F,   253, 0, 10, "ees439ep1"                      }, /* 252 */
+ {                    0x30,   254, 0, 10, "ees593ep1"                      }, /* 253 */
+ {                    0x31,     0, 0, 10, "ees743ep1"                      }, /* 254 */
+ {                  0x03,       0, 0,  9, "eess1-encodingMethods"          }, /* 255 */
+ {      0x05,                   0, 1,  3, "security"                       }, /* 256 */
+ {        0x05,                 0, 1,  4, "mechanisms"                     }, /* 257 */
+ {          0x07,             302, 1,  5, "id-pkix"                        }, /* 258 */
+ {            0x01,           263, 1,  6, "id-pe"                          }, /* 259 */
+ {              0x01,         261, 0,  7, "authorityInfoAccess"            }, /* 260 */
+ {              0x03,         262, 0,  7, "qcStatements"                   }, /* 261 */
+ {              0x07,           0, 0,  7, "ipAddrBlocks"                   }, /* 262 */
+ {            0x02,           266, 1,  6, "id-qt"                          }, /* 263 */
+ {              0x01,         265, 0,  7, "cps"                            }, /* 264 */
+ {              0x02,           0, 0,  7, "unotice"                        }, /* 265 */
+ {            0x03,           276, 1,  6, "id-kp"                          }, /* 266 */
+ {              0x01,         268, 0,  7, "serverAuth"                     }, /* 267 */
+ {              0x02,         269, 0,  7, "clientAuth"                     }, /* 268 */
+ {              0x03,         270, 0,  7, "codeSigning"                    }, /* 269 */
+ {              0x04,         271, 0,  7, "emailProtection"                }, /* 270 */
+ {              0x05,         272, 0,  7, "ipsecEndSystem"                 }, /* 271 */
+ {              0x06,         273, 0,  7, "ipsecTunnel"                    }, /* 272 */
+ {              0x07,         274, 0,  7, "ipsecUser"                      }, /* 273 */
+ {              0x08,         275, 0,  7, "timeStamping"                   }, /* 274 */
+ {              0x09,           0, 0,  7, "ocspSigning"                    }, /* 275 */
+ {            0x08,           284, 1,  6, "id-otherNames"                  }, /* 276 */
+ {              0x01,         278, 0,  7, "personalData"                   }, /* 277 */
+ {              0x02,         279, 0,  7, "userGroup"                      }, /* 278 */
+ {              0x03,         280, 0,  7, "id-on-permanentIdentifier"      }, /* 279 */
+ {              0x04,         281, 0,  7, "id-on-hardwareModuleName"       }, /* 280 */
+ {              0x05,         282, 0,  7, "xmppAddr"                       }, /* 281 */
+ {              0x06,         283, 0,  7, "id-on-SIM"                      }, /* 282 */
+ {              0x07,           0, 0,  7, "id-on-dnsSRV"                   }, /* 283 */
+ {            0x0A,           289, 1,  6, "id-aca"                         }, /* 284 */
+ {              0x01,         286, 0,  7, "authenticationInfo"             }, /* 285 */
+ {              0x02,         287, 0,  7, "accessIdentity"                 }, /* 286 */
+ {              0x03,         288, 0,  7, "chargingIdentity"               }, /* 287 */
+ {              0x04,           0, 0,  7, "group"                          }, /* 288 */
+ {            0x0B,           290, 0,  6, "subjectInfoAccess"              }, /* 289 */
+ {            0x30,             0, 1,  6, "id-ad"                          }, /* 290 */
+ {              0x01,         299, 1,  7, "ocsp"                           }, /* 291 */
+ {                0x01,       293, 0,  8, "basic"                          }, /* 292 */
+ {                0x02,       294, 0,  8, "nonce"                          }, /* 293 */
+ {                0x03,       295, 0,  8, "crl"                            }, /* 294 */
+ {                0x04,       296, 0,  8, "response"                       }, /* 295 */
+ {                0x05,       297, 0,  8, "noCheck"                        }, /* 296 */
+ {                0x06,       298, 0,  8, "archiveCutoff"                  }, /* 297 */
+ {                0x07,         0, 0,  8, "serviceLocator"                 }, /* 298 */
+ {              0x02,         300, 0,  7, "caIssuers"                      }, /* 299 */
+ {              0x03,         301, 0,  7, "timeStamping"                   }, /* 300 */
+ {              0x05,           0, 0,  7, "caRepository"                   }, /* 301 */
+ {          0x08,               0, 1,  5, "ipsec"                          }, /* 302 */
+ {            0x02,             0, 1,  6, "certificate"                    }, /* 303 */
+ {              0x02,           0, 0,  7, "iKEIntermediate"                }, /* 304 */
+ {  0x0E,                     311, 1,  1, "oiw"                            }, /* 305 */
+ {    0x03,                     0, 1,  2, "secsig"                         }, /* 306 */
+ {      0x02,                   0, 1,  3, "algorithms"                     }, /* 307 */
+ {        0x07,               309, 0,  4, "des-cbc"                        }, /* 308 */
+ {        0x1A,               310, 0,  4, "sha-1"                          }, /* 309 */
+ {        0x1D,                 0, 0,  4, "sha-1WithRSASignature"          }, /* 310 */
+ {  0x24,                     357, 1,  1, "TeleTrusT"                      }, /* 311 */
+ {    0x03,                     0, 1,  2, "algorithm"                      }, /* 312 */
+ {      0x03,                   0, 1,  3, "signatureAlgorithm"             }, /* 313 */
+ {        0x01,               318, 1,  4, "rsaSignature"                   }, /* 314 */
+ {          0x02,             316, 0,  5, "rsaSigWithripemd160"            }, /* 315 */
+ {          0x03,             317, 0,  5, "rsaSigWithripemd128"            }, /* 316 */
+ {          0x04,               0, 0,  5, "rsaSigWithripemd256"            }, /* 317 */
+ {        0x02,                 0, 1,  4, "ecSign"                         }, /* 318 */
+ {          0x01,             320, 0,  5, "ecSignWithsha1"                 }, /* 319 */
+ {          0x02,             321, 0,  5, "ecSignWithripemd160"            }, /* 320 */
+ {          0x03,             322, 0,  5, "ecSignWithmd2"                  }, /* 321 */
+ {          0x04,             323, 0,  5, "ecSignWithmd5"                  }, /* 322 */
+ {          0x05,             340, 1,  5, "ttt-ecg"                        }, /* 323 */
+ {            0x01,           328, 1,  6, "fieldType"                      }, /* 324 */
+ {              0x01,           0, 1,  7, "characteristictwoField"         }, /* 325 */
+ {                0x01,         0, 1,  8, "basisType"                      }, /* 326 */
+ {                  0x01,       0, 0,  9, "ipBasis"                        }, /* 327 */
+ {            0x02,           330, 1,  6, "keyType"                        }, /* 328 */
+ {              0x01,           0, 0,  7, "ecgPublicKey"                   }, /* 329 */
+ {            0x03,           331, 0,  6, "curve"                          }, /* 330 */
+ {            0x04,           338, 1,  6, "signatures"                     }, /* 331 */
+ {              0x01,         333, 0,  7, "ecgdsa-with-RIPEMD160"          }, /* 332 */
+ {              0x02,         334, 0,  7, "ecgdsa-with-SHA1"               }, /* 333 */
+ {              0x03,         335, 0,  7, "ecgdsa-with-SHA224"             }, /* 334 */
+ {              0x04,         336, 0,  7, "ecgdsa-with-SHA256"             }, /* 335 */
+ {              0x05,         337, 0,  7, "ecgdsa-with-SHA384"             }, /* 336 */
+ {              0x06,           0, 0,  7, "ecgdsa-with-SHA512"             }, /* 337 */
+ {            0x05,             0, 1,  6, "module"                         }, /* 338 */
+ {              0x01,           0, 0,  7, "1"                              }, /* 339 */
+ {          0x08,               0, 1,  5, "ecStdCurvesAndGeneration"       }, /* 340 */
+ {            0x01,             0, 1,  6, "ellipticCurve"                  }, /* 341 */
+ {              0x01,           0, 1,  7, "versionOne"                     }, /* 342 */
+ {                0x01,       344, 0,  8, "brainpoolP160r1"                }, /* 343 */
+ {                0x02,       345, 0,  8, "brainpoolP160t1"                }, /* 344 */
+ {                0x03,       346, 0,  8, "brainpoolP192r1"                }, /* 345 */
+ {                0x04,       347, 0,  8, "brainpoolP192t1"                }, /* 346 */
+ {                0x05,       348, 0,  8, "brainpoolP224r1"                }, /* 347 */
+ {                0x06,       349, 0,  8, "brainpoolP224t1"                }, /* 348 */
+ {                0x07,       350, 0,  8, "brainpoolP256r1"                }, /* 349 */
+ {                0x08,       351, 0,  8, "brainpoolP256t1"                }, /* 350 */
+ {                0x09,       352, 0,  8, "brainpoolP320r1"                }, /* 351 */
+ {                0x0A,       353, 0,  8, "brainpoolP320t1"                }, /* 352 */
+ {                0x0B,       354, 0,  8, "brainpoolP384r1"                }, /* 353 */
+ {                0x0C,       355, 0,  8, "brainpoolP384t1"                }, /* 354 */
+ {                0x0D,       356, 0,  8, "brainpoolP512r1"                }, /* 355 */
+ {                0x0E,         0, 0,  8, "brainpoolP512t1"                }, /* 356 */
+ {  0x81,                       0, 1,  1, ""                               }, /* 357 */
+ {    0x04,                     0, 1,  2, "Certicom"                       }, /* 358 */
+ {      0x00,                   0, 1,  3, "curve"                          }, /* 359 */
+ {        0x01,               361, 0,  4, "sect163k1"                      }, /* 360 */
+ {        0x02,               362, 0,  4, "sect163r1"                      }, /* 361 */
+ {        0x03,               363, 0,  4, "sect239k1"                      }, /* 362 */
+ {        0x04,               364, 0,  4, "sect113r1"                      }, /* 363 */
+ {        0x05,               365, 0,  4, "sect113r2"                      }, /* 364 */
+ {        0x06,               366, 0,  4, "secp112r1"                      }, /* 365 */
+ {        0x07,               367, 0,  4, "secp112r2"                      }, /* 366 */
+ {        0x08,               368, 0,  4, "secp160r1"                      }, /* 367 */
+ {        0x09,               369, 0,  4, "secp160k1"                      }, /* 368 */
+ {        0x0A,               370, 0,  4, "secp256k1"                      }, /* 369 */
+ {        0x0F,               371, 0,  4, "sect163r2"                      }, /* 370 */
+ {        0x10,               372, 0,  4, "sect283k1"                      }, /* 371 */
+ {        0x11,               373, 0,  4, "sect283r1"                      }, /* 372 */
+ {        0x16,               374, 0,  4, "sect131r1"                      }, /* 373 */
+ {        0x17,               375, 0,  4, "sect131r2"                      }, /* 374 */
+ {        0x18,               376, 0,  4, "sect193r1"                      }, /* 375 */
+ {        0x19,               377, 0,  4, "sect193r2"                      }, /* 376 */
+ {        0x1A,               378, 0,  4, "sect233k1"                      }, /* 377 */
+ {        0x1B,               379, 0,  4, "sect233r1"                      }, /* 378 */
+ {        0x1C,               380, 0,  4, "secp128r1"                      }, /* 379 */
+ {        0x1D,               381, 0,  4, "secp128r2"                      }, /* 380 */
+ {        0x1E,               382, 0,  4, "secp160r2"                      }, /* 381 */
+ {        0x1F,               383, 0,  4, "secp192k1"                      }, /* 382 */
+ {        0x20,               384, 0,  4, "secp224k1"                      }, /* 383 */
+ {        0x21,               385, 0,  4, "secp224r1"                      }, /* 384 */
+ {        0x22,               386, 0,  4, "secp384r1"                      }, /* 385 */
+ {        0x23,               387, 0,  4, "secp521r1"                      }, /* 386 */
+ {        0x24,               388, 0,  4, "sect409k1"                      }, /* 387 */
+ {        0x25,               389, 0,  4, "sect409r1"                      }, /* 388 */
+ {        0x26,               390, 0,  4, "sect571k1"                      }, /* 389 */
+ {        0x27,                 0, 0,  4, "sect571r1"                      }, /* 390 */
+ {0x60,                       445, 1,  0, ""                               }, /* 391 */
+ {  0x86,                       0, 1,  1, ""                               }, /* 392 */
+ {    0x48,                     0, 1,  2, ""                               }, /* 393 */
+ {      0x01,                   0, 1,  3, "organization"                   }, /* 394 */
+ {        0x65,               421, 1,  4, "gov"                            }, /* 395 */
+ {          0x03,               0, 1,  5, "csor"                           }, /* 396 */
+ {            0x04,             0, 1,  6, "nistalgorithm"                  }, /* 397 */
+ {              0x01,         408, 1,  7, "aes"                            }, /* 398 */
+ {                0x02,       400, 0,  8, "id-aes128-CBC"                  }, /* 399 */
+ {                0x06,       401, 0,  8, "id-aes128-GCM"                  }, /* 400 */
+ {                0x07,       402, 0,  8, "id-aes128-CCM"                  }, /* 401 */
+ {                0x16,       403, 0,  8, "id-aes192-CBC"                  }, /* 402 */
+ {                0x1A,       404, 0,  8, "id-aes192-GCM"                  }, /* 403 */
+ {                0x1B,       405, 0,  8, "id-aes192-CCM"                  }, /* 404 */
+ {                0x2A,       406, 0,  8, "id-aes256-CBC"                  }, /* 405 */
+ {                0x2E,       407, 0,  8, "id-aes256-GCM"                  }, /* 406 */
+ {                0x2F,         0, 0,  8, "id-aes256-CCM"                  }, /* 407 */
+ {              0x02,           0, 1,  7, "hashalgs"                       }, /* 408 */
+ {                0x01,       410, 0,  8, "id-sha256"                      }, /* 409 */
+ {                0x02,       411, 0,  8, "id-sha384"                      }, /* 410 */
+ {                0x03,       412, 0,  8, "id-sha512"                      }, /* 411 */
+ {                0x04,       413, 0,  8, "id-sha224"                      }, /* 412 */
+ {                0x05,       414, 0,  8, "id-sha512-224"                  }, /* 413 */
+ {                0x06,       415, 0,  8, "id-sha512-256"                  }, /* 414 */
+ {                0x07,       416, 0,  8, "id-sha3-224"                    }, /* 415 */
+ {                0x08,       417, 0,  8, "id-sha3-256"                    }, /* 416 */
+ {                0x09,       418, 0,  8, "id-sha3-384"                    }, /* 417 */
+ {                0x0A,       419, 0,  8, "id-sha3-512"                    }, /* 418 */
+ {                0x0B,       420, 0,  8, "id-shake128"                    }, /* 419 */
+ {                0x0C,         0, 0,  8, "id-shake256"                    }, /* 420 */
+ {        0x86,                 0, 1,  4, ""                               }, /* 421 */
+ {          0xf8,               0, 1,  5, ""                               }, /* 422 */
+ {            0x42,           435, 1,  6, "netscape"                       }, /* 423 */
+ {              0x01,         430, 1,  7, ""                               }, /* 424 */
+ {                0x01,       426, 0,  8, "nsCertType"                     }, /* 425 */
+ {                0x03,       427, 0,  8, "nsRevocationUrl"                }, /* 426 */
+ {                0x04,       428, 0,  8, "nsCaRevocationUrl"              }, /* 427 */
+ {                0x08,       429, 0,  8, "nsCaPolicyUrl"                  }, /* 428 */
+ {                0x0d,         0, 0,  8, "nsComment"                      }, /* 429 */
+ {              0x03,         433, 1,  7, "directory"                      }, /* 430 */
+ {                0x01,         0, 1,  8, ""                               }, /* 431 */
+ {                  0x03,       0, 0,  9, "employeeNumber"                 }, /* 432 */
+ {              0x04,           0, 1,  7, "policy"                         }, /* 433 */
+ {                0x01,         0, 0,  8, "nsSGC"                          }, /* 434 */
+ {            0x45,             0, 1,  6, "verisign"                       }, /* 435 */
+ {              0x01,           0, 1,  7, "pki"                            }, /* 436 */
+ {                0x09,         0, 1,  8, "attributes"                     }, /* 437 */
+ {                  0x02,     439, 0,  9, "messageType"                    }, /* 438 */
+ {                  0x03,     440, 0,  9, "pkiStatus"                      }, /* 439 */
+ {                  0x04,     441, 0,  9, "failInfo"                       }, /* 440 */
+ {                  0x05,     442, 0,  9, "senderNonce"                    }, /* 441 */
+ {                  0x06,     443, 0,  9, "recipientNonce"                 }, /* 442 */
+ {                  0x07,     444, 0,  9, "transID"                        }, /* 443 */
+ {                  0x08,       0, 0,  9, "extensionReq"                   }, /* 444 */
+ {0x67,                         0, 1,  0, ""                               }, /* 445 */
+ {  0x81,                       0, 1,  1, ""                               }, /* 446 */
+ {    0x05,                     0, 1,  2, ""                               }, /* 447 */
+ {      0x02,                   0, 1,  3, "tcg-attribute"                  }, /* 448 */
+ {        0x01,               450, 0,  4, "tcg-at-tpmManufacturer"         }, /* 449 */
+ {        0x02,               451, 0,  4, "tcg-at-tpmModel"                }, /* 450 */
+ {        0x03,               452, 0,  4, "tcg-at-tpmVersion"              }, /* 451 */
+ {        0x0F,                 0, 0,  4, "tcg-at-tpmIdLabel"              }  /* 452 */
 };
diff --git a/src/libstrongswan/asn1/oid.h b/src/libstrongswan/asn1/oid.h
index 14f774adb..d72d986c5 100644
--- a/src/libstrongswan/asn1/oid.h
+++ b/src/libstrongswan/asn1/oid.h
@@ -138,101 +138,102 @@ extern const oid_t oid_names[];
 #define OID_ECDSA_WITH_SHA256				186
 #define OID_ECDSA_WITH_SHA384				187
 #define OID_ECDSA_WITH_SHA512				188
+#define OID_MS_SMARTCARD_LOGON				202
 #define OID_USER_PRINCIPAL_NAME				203
-#define OID_STRONGSWAN						206
-#define OID_TCGID							213
-#define OID_AUTHORITY_INFO_ACCESS			241
-#define OID_IP_ADDR_BLOCKS					243
-#define OID_POLICY_QUALIFIER_CPS			245
-#define OID_POLICY_QUALIFIER_UNOTICE		246
-#define OID_SERVER_AUTH						248
-#define OID_CLIENT_AUTH						249
-#define OID_OCSP_SIGNING					256
-#define OID_XMPP_ADDR						262
-#define OID_AUTHENTICATION_INFO				266
-#define OID_ACCESS_IDENTITY					267
-#define OID_CHARGING_IDENTITY				268
-#define OID_GROUP							269
-#define OID_OCSP							272
-#define OID_BASIC							273
-#define OID_NONCE							274
-#define OID_CRL								275
-#define OID_RESPONSE						276
-#define OID_NO_CHECK						277
-#define OID_ARCHIVE_CUTOFF					278
-#define OID_SERVICE_LOCATOR					279
-#define OID_CA_ISSUERS						280
-#define OID_IKE_INTERMEDIATE				285
-#define OID_DES_CBC							289
-#define OID_SHA1							290
-#define OID_SHA1_WITH_RSA_OIW				291
-#define OID_ECGDSA_PUBKEY					310
-#define OID_ECGDSA_SIG_WITH_RIPEMD160		313
-#define OID_ECGDSA_SIG_WITH_SHA1			314
-#define OID_ECGDSA_SIG_WITH_SHA224			315
-#define OID_ECGDSA_SIG_WITH_SHA256			316
-#define OID_ECGDSA_SIG_WITH_SHA384			317
-#define OID_ECGDSA_SIG_WITH_SHA512			318
-#define OID_SECT163K1						341
-#define OID_SECT163R1						342
-#define OID_SECT239K1						343
-#define OID_SECT113R1						344
-#define OID_SECT113R2						345
-#define OID_SECT112R1						346
-#define OID_SECT112R2						347
-#define OID_SECT160R1						348
-#define OID_SECT160K1						349
-#define OID_SECT256K1						350
-#define OID_SECT163R2						351
-#define OID_SECT283K1						352
-#define OID_SECT283R1						353
-#define OID_SECT131R1						354
-#define OID_SECT131R2						355
-#define OID_SECT193R1						356
-#define OID_SECT193R2						357
-#define OID_SECT233K1						358
-#define OID_SECT233R1						359
-#define OID_SECT128R1						360
-#define OID_SECT128R2						361
-#define OID_SECT160R2						362
-#define OID_SECT192K1						363
-#define OID_SECT224K1						364
-#define OID_SECT224R1						365
-#define OID_SECT384R1						366
-#define OID_SECT521R1						367
-#define OID_SECT409K1						368
-#define OID_SECT409R1						369
-#define OID_SECT571K1						370
-#define OID_SECT571R1						371
-#define OID_AES128_CBC						380
-#define OID_AES128_GCM						381
-#define OID_AES128_CCM						382
-#define OID_AES192_CBC						383
-#define OID_AES192_GCM						384
-#define OID_AES192_CCM						385
-#define OID_AES256_CBC						386
-#define OID_AES256_GCM						387
-#define OID_AES256_CCM						388
-#define OID_SHA256							390
-#define OID_SHA384							391
-#define OID_SHA512							392
-#define OID_SHA224							393
-#define OID_NS_REVOCATION_URL				401
-#define OID_NS_CA_REVOCATION_URL			402
-#define OID_NS_CA_POLICY_URL				403
-#define OID_NS_COMMENT						404
-#define OID_EMPLOYEE_NUMBER					407
-#define OID_PKI_MESSAGE_TYPE				413
-#define OID_PKI_STATUS						414
-#define OID_PKI_FAIL_INFO					415
-#define OID_PKI_SENDER_NONCE				416
-#define OID_PKI_RECIPIENT_NONCE				417
-#define OID_PKI_TRANS_ID					418
-#define OID_TPM_MANUFACTURER				424
-#define OID_TPM_MODEL						425
-#define OID_TPM_VERSION						426
-#define OID_TPM_ID_LABEL					427
+#define OID_STRONGSWAN						209
+#define OID_TCGID							216
+#define OID_AUTHORITY_INFO_ACCESS			260
+#define OID_IP_ADDR_BLOCKS					262
+#define OID_POLICY_QUALIFIER_CPS			264
+#define OID_POLICY_QUALIFIER_UNOTICE		265
+#define OID_SERVER_AUTH						267
+#define OID_CLIENT_AUTH						268
+#define OID_OCSP_SIGNING					275
+#define OID_XMPP_ADDR						281
+#define OID_AUTHENTICATION_INFO				285
+#define OID_ACCESS_IDENTITY					286
+#define OID_CHARGING_IDENTITY				287
+#define OID_GROUP							288
+#define OID_OCSP							291
+#define OID_BASIC							292
+#define OID_NONCE							293
+#define OID_CRL								294
+#define OID_RESPONSE						295
+#define OID_NO_CHECK						296
+#define OID_ARCHIVE_CUTOFF					297
+#define OID_SERVICE_LOCATOR					298
+#define OID_CA_ISSUERS						299
+#define OID_IKE_INTERMEDIATE				304
+#define OID_DES_CBC							308
+#define OID_SHA1							309
+#define OID_SHA1_WITH_RSA_OIW				310
+#define OID_ECGDSA_PUBKEY					329
+#define OID_ECGDSA_SIG_WITH_RIPEMD160		332
+#define OID_ECGDSA_SIG_WITH_SHA1			333
+#define OID_ECGDSA_SIG_WITH_SHA224			334
+#define OID_ECGDSA_SIG_WITH_SHA256			335
+#define OID_ECGDSA_SIG_WITH_SHA384			336
+#define OID_ECGDSA_SIG_WITH_SHA512			337
+#define OID_SECT163K1						360
+#define OID_SECT163R1						361
+#define OID_SECT239K1						362
+#define OID_SECT113R1						363
+#define OID_SECT113R2						364
+#define OID_SECT112R1						365
+#define OID_SECT112R2						366
+#define OID_SECT160R1						367
+#define OID_SECT160K1						368
+#define OID_SECT256K1						369
+#define OID_SECT163R2						370
+#define OID_SECT283K1						371
+#define OID_SECT283R1						372
+#define OID_SECT131R1						373
+#define OID_SECT131R2						374
+#define OID_SECT193R1						375
+#define OID_SECT193R2						376
+#define OID_SECT233K1						377
+#define OID_SECT233R1						378
+#define OID_SECT128R1						379
+#define OID_SECT128R2						380
+#define OID_SECT160R2						381
+#define OID_SECT192K1						382
+#define OID_SECT224K1						383
+#define OID_SECT224R1						384
+#define OID_SECT384R1						385
+#define OID_SECT521R1						386
+#define OID_SECT409K1						387
+#define OID_SECT409R1						388
+#define OID_SECT571K1						389
+#define OID_SECT571R1						390
+#define OID_AES128_CBC						399
+#define OID_AES128_GCM						400
+#define OID_AES128_CCM						401
+#define OID_AES192_CBC						402
+#define OID_AES192_GCM						403
+#define OID_AES192_CCM						404
+#define OID_AES256_CBC						405
+#define OID_AES256_GCM						406
+#define OID_AES256_CCM						407
+#define OID_SHA256							409
+#define OID_SHA384							410
+#define OID_SHA512							411
+#define OID_SHA224							412
+#define OID_NS_REVOCATION_URL				426
+#define OID_NS_CA_REVOCATION_URL			427
+#define OID_NS_CA_POLICY_URL				428
+#define OID_NS_COMMENT						429
+#define OID_EMPLOYEE_NUMBER					432
+#define OID_PKI_MESSAGE_TYPE				438
+#define OID_PKI_STATUS						439
+#define OID_PKI_FAIL_INFO					440
+#define OID_PKI_SENDER_NONCE				441
+#define OID_PKI_RECIPIENT_NONCE				442
+#define OID_PKI_TRANS_ID					443
+#define OID_TPM_MANUFACTURER				449
+#define OID_TPM_MODEL						450
+#define OID_TPM_VERSION						451
+#define OID_TPM_ID_LABEL					452
 
-#define OID_MAX								428
+#define OID_MAX								453
 
 #endif /* OID_H_ */
diff --git a/src/libstrongswan/asn1/oid.txt b/src/libstrongswan/asn1/oid.txt
index c15a1cc2a..e545188d4 100644
--- a/src/libstrongswan/asn1/oid.txt
+++ b/src/libstrongswan/asn1/oid.txt
@@ -200,8 +200,11 @@
                   0x04       "msEncryptingFileSystem"
               0x14           "msEnrollmentInfrastructure"
                 0x02         "msCertificateTypeExtension"
-                  0x02       "msSmartcardLogon"
+                  0x02       "msSmartcardLogon"			OID_MS_SMARTCARD_LOGON
                   0x03       "msUPN"					OID_USER_PRINCIPAL_NAME
+              0x15           "msCertSrvInfrastructure"
+                0x07         "msCertTemplate"
+                0x0A         "msApplicationCertPolicies"
             0xA0             ""
               0x2A           "ITA"
                 0x01         "strongSwan"				OID_STRONGSWAN
@@ -212,7 +215,7 @@
                   0x02       ""
                     0x02     ""
                       0x4B   "TCGID"					OID_TCGID
-          0xc1               ""
+          0xC1               ""
             0x16             "ntruCryptosystems"
               0x01           "eess"
                 0x01         "eess1"
@@ -234,6 +237,22 @@
                     0x12     "ees251sp7"
                     0x13     "ees251sp8"
                     0x14     "ees251sp9"
+                    0x22     "ees401ep1"
+                    0x23     "ees449ep1"
+                    0x24     "ees677ep1"
+                    0x25     "ees1087ep2"
+                    0x26     "ees541ep1"
+                    0x27     "ees613ep1"
+                    0x28     "ees887ep1"
+                    0x29     "ees1171ep1"
+                    0x2A     "ees659ep1"
+                    0x2B     "ees761ep1"
+                    0x2C     "ees1087ep1"
+                    0x2D     "ees1499ep1"
+                    0x2E     "ees401ep2"
+                    0x2F     "ees439ep1"
+                    0x30     "ees593ep1"
+                    0x31     "ees743ep1"
                   0x03       "eess1-encodingMethods"
       0x05                   "security"
         0x05                 "mechanisms"
@@ -388,12 +407,18 @@
                 0x2E         "id-aes256-GCM"			OID_AES256_GCM
                 0x2F         "id-aes256-CCM"			OID_AES256_CCM
               0x02           "hashalgs"
-                0x01         "id-SHA-256"				OID_SHA256
-                0x02         "id-SHA-384"				OID_SHA384
-                0x03         "id-SHA-512"				OID_SHA512
-                0x04         "id-SHA-224"				OID_SHA224
-                0x05         "id-SHA-512-224"
-                0x06         "id-SHA-512-256"
+                0x01         "id-sha256"				OID_SHA256
+                0x02         "id-sha384"				OID_SHA384
+                0x03         "id-sha512"				OID_SHA512
+                0x04         "id-sha224"				OID_SHA224
+                0x05         "id-sha512-224"
+                0x06         "id-sha512-256"
+                0x07         "id-sha3-224"
+                0x08         "id-sha3-256"
+                0x09         "id-sha3-384"
+                0x0A         "id-sha3-512"
+                0x0B         "id-shake128"
+                0x0C         "id-shake256"
         0x86                 ""
           0xf8               ""
             0x42             "netscape"
diff --git a/src/libstrongswan/collections/array.c b/src/libstrongswan/collections/array.c
index 314e8e916..75efb85bf 100644
--- a/src/libstrongswan/collections/array.c
+++ b/src/libstrongswan/collections/array.c
@@ -141,7 +141,7 @@ static void remove_tail(array_t *array, int idx)
 	/* move all items after idx one down */
 	memmove(array->data + get_size(array, idx + array->head),
 			array->data + get_size(array, idx + array->head + 1),
-			get_size(array, array->count - idx));
+			get_size(array, array->count - 1 - idx));
 	array->count--;
 	array->tail++;
 }
diff --git a/src/libstrongswan/collections/hashtable.c b/src/libstrongswan/collections/hashtable.c
index 1003aa0fa..ca31d8361 100644
--- a/src/libstrongswan/collections/hashtable.c
+++ b/src/libstrongswan/collections/hashtable.c
@@ -30,7 +30,7 @@ struct pair_t {
 	/**
 	 * Key of a hash table item.
 	 */
-	void *key;
+	const void *key;
 
 	/**
 	 * Value of a hash table item.
@@ -51,7 +51,7 @@ struct pair_t {
 /**
  * Creates an empty pair object.
  */
-static inline pair_t *pair_create(void *key, void *value, u_int hash)
+static inline pair_t *pair_create(const void *key, void *value, u_int hash)
 {
 	pair_t *this;
 
@@ -153,7 +153,7 @@ struct private_enumerator_t {
 /*
  * See header.
  */
-u_int hashtable_hash_ptr(void *key)
+u_int hashtable_hash_ptr(const void *key)
 {
 	return chunk_hash(chunk_from_thing(key));
 }
@@ -161,7 +161,7 @@ u_int hashtable_hash_ptr(void *key)
 /*
  * See header.
  */
-u_int hashtable_hash_str(void *key)
+u_int hashtable_hash_str(const void *key)
 {
 	return chunk_hash(chunk_from_str((char*)key));
 }
@@ -169,7 +169,7 @@ u_int hashtable_hash_str(void *key)
 /*
  * See header.
  */
-bool hashtable_equals_ptr(void *key, void *other_key)
+bool hashtable_equals_ptr(const void *key, const void *other_key)
 {
 	return key == other_key;
 }
@@ -177,7 +177,7 @@ bool hashtable_equals_ptr(void *key, void *other_key)
 /*
  * See header.
  */
-bool hashtable_equals_str(void *key, void *other_key)
+bool hashtable_equals_str(const void *key, const void *other_key)
 {
 	return streq(key, other_key);
 }
@@ -250,7 +250,7 @@ static void rehash(private_hashtable_t *this)
 }
 
 METHOD(hashtable_t, put, void*,
-	   private_hashtable_t *this, void *key, void *value)
+	   private_hashtable_t *this, const void *key, void *value)
 {
 	void *old_value = NULL;
 	pair_t *pair;
@@ -284,7 +284,7 @@ METHOD(hashtable_t, put, void*,
 	return old_value;
 }
 
-static void *get_internal(private_hashtable_t *this, void *key,
+static void *get_internal(private_hashtable_t *this, const void *key,
 						  hashtable_equals_t equals)
 {
 	void *value = NULL;
@@ -309,19 +309,19 @@ static void *get_internal(private_hashtable_t *this, void *key,
 }
 
 METHOD(hashtable_t, get, void*,
-	   private_hashtable_t *this, void *key)
+	   private_hashtable_t *this, const void *key)
 {
 	return get_internal(this, key, this->equals);
 }
 
 METHOD(hashtable_t, get_match, void*,
-	   private_hashtable_t *this, void *key, hashtable_equals_t match)
+	   private_hashtable_t *this, const void *key, hashtable_equals_t match)
 {
 	return get_internal(this, key, match);
 }
 
 METHOD(hashtable_t, remove_, void*,
-	   private_hashtable_t *this, void *key)
+	   private_hashtable_t *this, const void *key)
 {
 	void *value = NULL;
 	pair_t *pair, *prev = NULL;
@@ -379,7 +379,7 @@ METHOD(hashtable_t, get_count, u_int,
 }
 
 METHOD(enumerator_t, enumerate, bool,
-	   private_enumerator_t *this, void **key, void **value)
+	   private_enumerator_t *this, const void **key, void **value)
 {
 	while (this->count && this->row < this->table->capacity)
 	{
diff --git a/src/libstrongswan/collections/hashtable.h b/src/libstrongswan/collections/hashtable.h
index 520a86c90..0a7ebeb65 100644
--- a/src/libstrongswan/collections/hashtable.h
+++ b/src/libstrongswan/collections/hashtable.h
@@ -31,7 +31,7 @@ typedef struct hashtable_t hashtable_t;
  * @param key			key to hash
  * @return				hash code
  */
-typedef u_int (*hashtable_hash_t)(void *key);
+typedef u_int (*hashtable_hash_t)(const void *key);
 
 /**
  * Hashtable hash function calculation the hash solely based on the key pointer.
@@ -39,7 +39,7 @@ typedef u_int (*hashtable_hash_t)(void *key);
  * @param key			key to hash
  * @return				hash of key
  */
-u_int hashtable_hash_ptr(void *key);
+u_int hashtable_hash_ptr(const void *key);
 
 /**
  * Hashtable hash function calculation the hash for char* keys.
@@ -47,7 +47,7 @@ u_int hashtable_hash_ptr(void *key);
  * @param key			key to hash, a char*
  * @return				hash of key
  */
-u_int hashtable_hash_str(void *key);
+u_int hashtable_hash_str(const void *key);
 
 /**
  * Prototype for a function that compares the two keys for equality.
@@ -56,7 +56,7 @@ u_int hashtable_hash_str(void *key);
  * @param other_key		second key
  * @return				TRUE if the keys are equal
  */
-typedef bool (*hashtable_equals_t)(void *key, void *other_key);
+typedef bool (*hashtable_equals_t)(const void *key, const void *other_key);
 
 /**
  * Hashtable equals function comparing pointers.
@@ -65,7 +65,7 @@ typedef bool (*hashtable_equals_t)(void *key, void *other_key);
  * @param other_key		other key to compare
  * @return				TRUE if key == other_key
  */
-bool hashtable_equals_ptr(void *key, void *other_key);
+bool hashtable_equals_ptr(const void *key, const void *other_key);
 
 /**
  * Hashtable equals function comparing char* keys.
@@ -74,7 +74,7 @@ bool hashtable_equals_ptr(void *key, void *other_key);
  * @param other_key		other key to compare
  * @return				TRUE if streq(key, other_key)
  */
-bool hashtable_equals_str(void *key, void *other_key);
+bool hashtable_equals_str(const void *key, const void *other_key);
 
 /**
  * Class implementing a hash table.
@@ -100,7 +100,7 @@ struct hashtable_t {
 	 * @param value		the value to store
 	 * @return			NULL if no item was replaced, the old value otherwise
 	 */
-	void *(*put) (hashtable_t *this, void *key, void *value);
+	void *(*put) (hashtable_t *this, const void *key, void *value);
 
 	/**
 	 * Returns the value with the given key, if the hash table contains such an
@@ -109,7 +109,7 @@ struct hashtable_t {
 	 * @param key		the key of the requested value
 	 * @return			the value, NULL if not found
 	 */
-	void *(*get) (hashtable_t *this, void *key);
+	void *(*get) (hashtable_t *this, const void *key);
 
 	/**
 	 * Returns the value with a matching key, if the hash table contains such an
@@ -125,7 +125,8 @@ struct hashtable_t {
 	 * @param match		match function to be used when comparing keys
 	 * @return			the value, NULL if not found
 	 */
-	void *(*get_match) (hashtable_t *this, void *key, hashtable_equals_t match);
+	void *(*get_match) (hashtable_t *this, const void *key,
+						hashtable_equals_t match);
 
 	/**
 	 * Removes the value with the given key from the hash table and returns the
@@ -134,7 +135,7 @@ struct hashtable_t {
 	 * @param key		the key of the value to remove
 	 * @return			the removed value, NULL if not found
 	 */
-	void *(*remove) (hashtable_t *this, void *key);
+	void *(*remove) (hashtable_t *this, const void *key);
 
 	/**
 	 * Removes the key and value pair from the hash table at which the given
diff --git a/src/libstrongswan/credentials/auth_cfg.c b/src/libstrongswan/credentials/auth_cfg.c
index 2203519e2..4ff9aa6dd 100644
--- a/src/libstrongswan/credentials/auth_cfg.c
+++ b/src/libstrongswan/credentials/auth_cfg.c
@@ -31,7 +31,7 @@ ENUM(auth_class_names, AUTH_CLASS_ANY, AUTH_CLASS_XAUTH,
 	"XAuth",
 );
 
-ENUM(auth_rule_names, AUTH_RULE_IDENTITY, AUTH_HELPER_REVOCATION_CERT,
+ENUM(auth_rule_names, AUTH_RULE_IDENTITY, AUTH_HELPER_AC_CERT,
 	"RULE_IDENTITY",
 	"RULE_IDENTITY_LOOSE",
 	"RULE_AUTH_CLASS",
@@ -56,6 +56,7 @@ ENUM(auth_rule_names, AUTH_RULE_IDENTITY, AUTH_HELPER_REVOCATION_CERT,
 	"HELPER_IM_HASH_URL",
 	"HELPER_SUBJECT_HASH_URL",
 	"HELPER_REVOCATION_CERT",
+	"HELPER_AC_CERT",
 );
 
 /**
@@ -91,6 +92,7 @@ static inline bool is_multi_value_rule(auth_rule_t type)
 		case AUTH_HELPER_IM_CERT:
 		case AUTH_HELPER_IM_HASH_URL:
 		case AUTH_HELPER_REVOCATION_CERT:
+		case AUTH_HELPER_AC_CERT:
 			return TRUE;
 	}
 	return FALSE;
@@ -224,6 +226,7 @@ static void init_entry(entry_t *this, auth_rule_t type, va_list args)
 		case AUTH_HELPER_IM_HASH_URL:
 		case AUTH_HELPER_SUBJECT_HASH_URL:
 		case AUTH_HELPER_REVOCATION_CERT:
+		case AUTH_HELPER_AC_CERT:
 			/* pointer type */
 			this->value = va_arg(args, void*);
 			break;
@@ -262,6 +265,7 @@ static bool entry_equals(entry_t *e1, entry_t *e2)
 		case AUTH_HELPER_IM_CERT:
 		case AUTH_HELPER_SUBJECT_CERT:
 		case AUTH_HELPER_REVOCATION_CERT:
+		case AUTH_HELPER_AC_CERT:
 		{
 			certificate_t *c1, *c2;
 
@@ -319,6 +323,7 @@ static void destroy_entry_value(entry_t *entry)
 		case AUTH_HELPER_IM_CERT:
 		case AUTH_HELPER_SUBJECT_CERT:
 		case AUTH_HELPER_REVOCATION_CERT:
+		case AUTH_HELPER_AC_CERT:
 		{
 			certificate_t *cert = (certificate_t*)entry->value;
 			cert->destroy(cert);
@@ -390,6 +395,7 @@ static void replace(private_auth_cfg_t *this, entry_enumerator_t *enumerator,
 			case AUTH_HELPER_IM_HASH_URL:
 			case AUTH_HELPER_SUBJECT_HASH_URL:
 			case AUTH_HELPER_REVOCATION_CERT:
+			case AUTH_HELPER_AC_CERT:
 				/* pointer type */
 				entry->value = va_arg(args, void*);
 				break;
@@ -467,6 +473,7 @@ METHOD(auth_cfg_t, get, void*,
 		case AUTH_HELPER_IM_HASH_URL:
 		case AUTH_HELPER_SUBJECT_HASH_URL:
 		case AUTH_HELPER_REVOCATION_CERT:
+		case AUTH_HELPER_AC_CERT:
 		case AUTH_RULE_MAX:
 			break;
 	}
@@ -736,6 +743,7 @@ METHOD(auth_cfg_t, complies, bool,
 			case AUTH_HELPER_IM_HASH_URL:
 			case AUTH_HELPER_SUBJECT_HASH_URL:
 			case AUTH_HELPER_REVOCATION_CERT:
+			case AUTH_HELPER_AC_CERT:
 			case AUTH_RULE_MAX:
 				/* skip helpers */
 				continue;
@@ -868,6 +876,7 @@ static void merge(private_auth_cfg_t *this, private_auth_cfg_t *other, bool copy
 				case AUTH_HELPER_IM_CERT:
 				case AUTH_HELPER_SUBJECT_CERT:
 				case AUTH_HELPER_REVOCATION_CERT:
+				case AUTH_HELPER_AC_CERT:
 				{
 					certificate_t *cert = (certificate_t*)value;
 
@@ -1029,6 +1038,7 @@ METHOD(auth_cfg_t, clone_, auth_cfg_t*,
 			case AUTH_HELPER_IM_CERT:
 			case AUTH_HELPER_SUBJECT_CERT:
 			case AUTH_HELPER_REVOCATION_CERT:
+			case AUTH_HELPER_AC_CERT:
 			{
 				certificate_t *cert = (certificate_t*)value;
 				clone->add(clone, type, cert->get_ref(cert));
diff --git a/src/libstrongswan/credentials/auth_cfg.h b/src/libstrongswan/credentials/auth_cfg.h
index d87935589..95b36d706 100644
--- a/src/libstrongswan/credentials/auth_cfg.h
+++ b/src/libstrongswan/credentials/auth_cfg.h
@@ -117,6 +117,8 @@ enum auth_rule_t {
 	AUTH_HELPER_SUBJECT_HASH_URL,
 	/** revocation certificate (CRL, OCSP), certificate_t* */
 	AUTH_HELPER_REVOCATION_CERT,
+	/** attribute certificate for authorization decisions, certificate_t */
+	AUTH_HELPER_AC_CERT,
 
 	/** helper to determine the number of elements in this enum */
 	AUTH_RULE_MAX,
diff --git a/src/libstrongswan/credentials/builder.c b/src/libstrongswan/credentials/builder.c
index 4e52272a7..ddb64ef88 100644
--- a/src/libstrongswan/credentials/builder.c
+++ b/src/libstrongswan/credentials/builder.c
@@ -38,7 +38,7 @@ ENUM(builder_part_names, BUILD_FROM_FILE, BUILD_END,
 	"BUILD_SERIAL",
 	"BUILD_DIGEST_ALG",
 	"BUILD_ENCRYPTION_ALG",
-	"BUILD_IETF_GROUP_ATTR",
+	"BUILD_AC_GROUP_STRINGS",
 	"BUILD_CA_CERT",
 	"BUILD_CERT",
 	"BUILD_CRL_DISTRIBUTION_POINTS",
@@ -72,4 +72,3 @@ ENUM(builder_part_names, BUILD_FROM_FILE, BUILD_END,
 	"BUILD_THRESHOLD",
 	"BUILD_END",
 );
-
diff --git a/src/libstrongswan/credentials/builder.h b/src/libstrongswan/credentials/builder.h
index 103b823c0..627e0934d 100644
--- a/src/libstrongswan/credentials/builder.h
+++ b/src/libstrongswan/credentials/builder.h
@@ -87,8 +87,8 @@ enum builder_part_t {
 	BUILD_DIGEST_ALG,
 	/** encryption algorithm to use, encryption_algorithm_t */
 	BUILD_ENCRYPTION_ALG,
-	/** a comma-separated list of ietf group attributes, char* */
-	BUILD_IETF_GROUP_ATTR,
+	/** list of AC group memberships, linked_list_t* with char* */
+	BUILD_AC_GROUP_STRINGS,
 	/** a ca certificate, certificate_t* */
 	BUILD_CA_CERT,
 	/** a certificate, certificate_t* */
diff --git a/src/libstrongswan/credentials/certificates/ac.h b/src/libstrongswan/credentials/certificates/ac.h
index 57b44adca..9a3d8f0b9 100644
--- a/src/libstrongswan/credentials/certificates/ac.h
+++ b/src/libstrongswan/credentials/certificates/ac.h
@@ -24,9 +24,18 @@
 
 #include <library.h>
 #include <credentials/certificates/certificate.h>
-#include <credentials/ietf_attributes/ietf_attributes.h>
 
 typedef struct ac_t ac_t;
+typedef enum ac_group_type_t ac_group_type_t;
+
+/**
+ * Common group types, from IETF Attributes Syntax
+ */
+enum ac_group_type_t {
+	AC_GROUP_TYPE_OCTETS,
+	AC_GROUP_TYPE_STRING,
+	AC_GROUP_TYPE_OID,
+};
 
 /**
  * X.509 attribute certificate interface.
@@ -70,19 +79,11 @@ struct ac_t {
 	chunk_t (*get_authKeyIdentifier)(ac_t *this);
 
 	/**
-	 * Get the group memberships as a list of IETF attributes
-	 *
-	 * @return			object containing a list of IETF attributes
-	 */
-	ietf_attributes_t* (*get_groups)(ac_t *this);
-
-	/**
-	 * @brief Checks if two attribute certificates belong to the same holder
+	 * Create an enumerator of contained Group memberships.
 	 *
-	 * @param that			other attribute certificate
-	 * @return				TRUE if same holder
+	 * @return			enumerator over (ac_group_type_t, chunk_t)
 	 */
-	bool (*equals_holder) (ac_t *this, ac_t *other);
+	enumerator_t* (*create_group_enumerator)(ac_t *this);
 };
 
 #endif /** AC_H_ @}*/
diff --git a/src/libstrongswan/credentials/certificates/x509.h b/src/libstrongswan/credentials/certificates/x509.h
index 4e8d4317f..6cbfcdeed 100644
--- a/src/libstrongswan/credentials/certificates/x509.h
+++ b/src/libstrongswan/credentials/certificates/x509.h
@@ -39,25 +39,27 @@ typedef enum x509_constraint_t x509_constraint_t;
  */
 enum x509_flag_t {
 	/** cert has no constraints */
-	X509_NONE =				0,
+	X509_NONE =	               0,
 	/** cert has CA constraint */
-	X509_CA =				(1<<0),
+	X509_CA =                 (1<<0),
 	/** cert has AA constraint */
-	X509_AA =				(1<<1),
+	X509_AA =                 (1<<1),
 	/** cert has OCSP signer constraint */
-	X509_OCSP_SIGNER =		(1<<2),
+	X509_OCSP_SIGNER =        (1<<2),
 	/** cert has serverAuth key usage */
-	X509_SERVER_AUTH =		(1<<3),
+	X509_SERVER_AUTH =        (1<<3),
 	/** cert has clientAuth key usage */
-	X509_CLIENT_AUTH =		(1<<4),
+	X509_CLIENT_AUTH =        (1<<4),
 	/** cert is self-signed */
-	X509_SELF_SIGNED =		(1<<5),
+	X509_SELF_SIGNED =        (1<<5),
 	/** cert has an ipAddrBlocks extension */
-	X509_IP_ADDR_BLOCKS =	(1<<6),
+	X509_IP_ADDR_BLOCKS =     (1<<6),
 	/** cert has CRL sign key usage */
-	X509_CRL_SIGN =			(1<<7),
+	X509_CRL_SIGN =           (1<<7),
 	/** cert has iKEIntermediate key usage */
-	X509_IKE_INTERMEDIATE =	(1<<8),
+	X509_IKE_INTERMEDIATE =   (1<<8),
+	/** cert has Microsoft Smartcard Logon usage */
+	X509_MS_SMARTCARD_LOGON = (1<<9),
 };
 
 /**
diff --git a/src/libstrongswan/credentials/cred_encoding.c b/src/libstrongswan/credentials/cred_encoding.c
index 53ac13cbb..303816391 100644
--- a/src/libstrongswan/credentials/cred_encoding.c
+++ b/src/libstrongswan/credentials/cred_encoding.c
@@ -94,22 +94,6 @@ bool cred_encoding_args(va_list args, ...)
 	return !failed;
 }
 
-/**
- * hashtable hash() function
- */
-static u_int hash(void *key)
-{
-	return (uintptr_t)key;
-}
-
-/**
- * hashtable equals() function
- */
-static bool equals(void *key1, void *key2)
-{
-	return key1 == key2;
-}
-
 METHOD(cred_encoding_t, get_cache, bool,
 	private_cred_encoding_t *this, cred_encoding_type_t type, void *cache,
 	chunk_t *encoding)
@@ -289,7 +273,8 @@ cred_encoding_t *cred_encoding_create()
 
 	for (type = 0; type < CRED_ENCODING_MAX; type++)
 	{
-		this->cache[type] = hashtable_create(hash, equals, 8);
+		this->cache[type] = hashtable_create(hashtable_hash_ptr,
+											 hashtable_equals_ptr, 8);
 	}
 
 	return &this->public;
diff --git a/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c b/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c
deleted file mode 100644
index 49af5a079..000000000
--- a/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c
+++ /dev/null
@@ -1,534 +0,0 @@
-/*
- * Copyright (C) 2007-2009 Andreas Steffen
- *
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-#include <asn1/oid.h>
-#include <asn1/asn1.h>
-#include <asn1/asn1_parser.h>
-#include <collections/linked_list.h>
-#include <utils/lexparser.h>
-
-#include "ietf_attributes.h"
-
-/**
- * Private definition of IETF attribute types
- */
-typedef enum {
-	IETF_ATTRIBUTE_OCTETS =	0,
-	IETF_ATTRIBUTE_OID =	1,
-	IETF_ATTRIBUTE_STRING =	2
-} ietf_attribute_type_t;
-
-typedef struct ietf_attr_t ietf_attr_t;
-
-/**
- * Private definition of an IETF attribute
- */
-struct ietf_attr_t {
-	/**
-	 * IETF attribute type
-	 */
-	ietf_attribute_type_t type;
-
-	/**
-	 * IETF attribute value
-	 */
-	chunk_t value;
-
-	/**
-	 * Compares two IETF attributes
-	 *
-	 * return -1 if this is earlier in the alphabet than other
-	 * return  0 if this equals other
-	 * return +1 if this is later in the alphabet than other
-	 *
-	 * @param other		other object
-	 */
-	int (*compare) (ietf_attr_t *this, ietf_attr_t *other);
-
-	/**
-	 * Destroys an ietf_attr_t object.
-	 */
-	void (*destroy) (ietf_attr_t *this);
-};
-
-/**
- * Implements ietf_attr_t.compare.
- */
-static int ietf_attr_compare(ietf_attr_t *this, ietf_attr_t *other)
-{
-	int cmp_len, len, cmp_value;
-
-	/* OID attributes are appended after STRING and OCTETS attributes */
-	if (this->type != IETF_ATTRIBUTE_OID && other->type == IETF_ATTRIBUTE_OID)
-	{
-		return -1;
-	}
-	if (this->type == IETF_ATTRIBUTE_OID && other->type != IETF_ATTRIBUTE_OID)
-	{
-		return 1;
-	}
-
-	cmp_len = this->value.len - other->value.len;
-	len = (cmp_len < 0) ? this->value.len : other->value.len;
-	cmp_value = memcmp(this->value.ptr, other->value.ptr, len);
-
-	return (cmp_value == 0) ? cmp_len : cmp_value;
-}
-
-/**
- * Implements ietf_attr_t.destroy.
- */
-static void ietf_attr_destroy(ietf_attr_t *this)
-{
-	free(this->value.ptr);
-	free(this);
-}
-
-/**
- * Creates an ietf_attr_t object.
- */
-static ietf_attr_t* ietf_attr_create(ietf_attribute_type_t type, chunk_t value)
-{
-	ietf_attr_t *this;
-
-	INIT(this,
-		.compare = ietf_attr_compare,
-		.destroy = ietf_attr_destroy,
-		.type = type,
-		.value = chunk_clone(value),
-	);
-
-	return this;
-}
-
-typedef struct private_ietf_attributes_t private_ietf_attributes_t;
-
-/**
- * Private data of an ietf_attributes_t object.
- */
-struct private_ietf_attributes_t {
-	/**
-	 * Public interface.
-	 */
-	ietf_attributes_t public;
-
-	/**
-	 * Printable representation of the IETF attributes
-	 */
-	char *string;
-
-	/**
-	 * Linked list of IETF attributes.
-	 */
-	linked_list_t *list;
-
-	/**
-	 * reference count
-	 */
-	refcount_t ref;
-};
-
-METHOD(ietf_attributes_t, get_string, char*,
-	private_ietf_attributes_t *this)
-{
-	if (this->string == NULL)
-	{
-		char buf[BUF_LEN];
-		char *pos = buf;
-		int len = BUF_LEN;
-		bool first = TRUE;
-		ietf_attr_t *attr;
-		enumerator_t *enumerator;
-
-		enumerator = this->list->create_enumerator(this->list);
-		while (enumerator->enumerate(enumerator, &attr))
-		{
-			int written;
-
-			if (first)
-			{
-				first = FALSE;
-			}
-			else
-			{
-				written = snprintf(pos, len, ", ");
-				if (written < 0 || written >= len)
-				{
-					break;
-				}
-				pos += written;
-				len -= written;
-			}
-
-			switch (attr->type)
-			{
-				case IETF_ATTRIBUTE_OCTETS:
-				case IETF_ATTRIBUTE_STRING:
-					written = snprintf(pos, len, "%.*s", (int)attr->value.len,
-														 attr->value.ptr);
-					break;
-				case IETF_ATTRIBUTE_OID:
-				{
-					int oid = asn1_known_oid(attr->value);
-
-					if (oid == OID_UNKNOWN)
-					{
-						written = snprintf(pos, len, "0x%#B", &attr->value);
-					}
-					else
-					{
-						written = snprintf(pos, len, "%s", oid_names[oid].name);
-					}
-					break;
-				}
-				default:
-					written = 0;
-					break;
-			}
-			if (written < 0 || written >= len)
-			{
-				break;
-			}
-			pos += written;
-			len -= written;
-		}
-		enumerator->destroy(enumerator);
-		if (len < BUF_LEN)
-		{
-			this->string = strdup(buf);
-		}
-	}
-	return this->string;
-}
-
-METHOD(ietf_attributes_t, get_encoding, chunk_t,
-	private_ietf_attributes_t *this)
-{
-	chunk_t values;
-	size_t size = 0;
-	u_char *pos;
-	ietf_attr_t *attr;
-	enumerator_t *enumerator;
-
-	/* precalculate the total size of all values */
-	enumerator = this->list->create_enumerator(this->list);
-	while (enumerator->enumerate(enumerator, &attr))
-	{
-		size_t len = attr->value.len;
-
-		size += 1 + (len > 0) + (len >= 128) + (len >= 256) + (len >= 65536) + len;
-	}
-	enumerator->destroy(enumerator);
-
-	pos = asn1_build_object(&values, ASN1_SEQUENCE, size);
-
-	enumerator = this->list->create_enumerator(this->list);
-	while (enumerator->enumerate(enumerator, &attr))
-	{
-		chunk_t ietfAttribute;
-		asn1_t type = ASN1_NULL;
-
-		switch (attr->type)
-		{
-			case IETF_ATTRIBUTE_OCTETS:
-				type = ASN1_OCTET_STRING;
-				break;
-			case IETF_ATTRIBUTE_STRING:
-				type = ASN1_UTF8STRING;
-				break;
-			case IETF_ATTRIBUTE_OID:
-				type = ASN1_OID;
-				break;
-		}
-		ietfAttribute = asn1_simple_object(type, attr->value);
-
-		/* copy ietfAttribute into values chunk */
-		memcpy(pos, ietfAttribute.ptr, ietfAttribute.len);
-		pos += ietfAttribute.len;
-		free(ietfAttribute.ptr);
-	}
-	enumerator->destroy(enumerator);
-
-	return asn1_wrap(ASN1_SEQUENCE, "m", values);
-}
-
-/**
- * Implementation of ietf_attributes_t.equals.
- */
-static bool equals(private_ietf_attributes_t *this,
-				   private_ietf_attributes_t *other)
-{
-	 bool result = TRUE;
-
-	/* lists must have the same number of attributes */
-	if (other == NULL ||
-		this->list->get_count(this->list) != other->list->get_count(other->list))
-	{
-		return FALSE;
-	}
-
-	/* compare two alphabetically-sorted lists */
-	{
-		ietf_attr_t *attr_a, *attr_b;
-		enumerator_t *enum_a, *enum_b;
-
-		enum_a = this->list->create_enumerator(this->list);
-		enum_b = other->list->create_enumerator(other->list);
-		while (enum_a->enumerate(enum_a, &attr_a) &&
-			   enum_b->enumerate(enum_b, &attr_b))
-		{
-			if (attr_a->compare(attr_a, attr_b) != 0)
-			{
-				/* we have a mismatch */
-				result = FALSE;
-				break;
-			}
-		}
-		enum_a->destroy(enum_a);
-		enum_b->destroy(enum_b);
-	}
-	return result;
-}
-
-/**
- * Implementation of ietf_attributes_t.matches.
- */
-static bool matches(private_ietf_attributes_t *this,
-					private_ietf_attributes_t *other)
-{
-	bool result = FALSE;
-	ietf_attr_t *attr_a, *attr_b;
-	enumerator_t *enum_a, *enum_b;
-
-	/* always match if this->list does not contain any attributes */
-	if (this->list->get_count(this->list) == 0)
-	{
-		return TRUE;
-	}
-
-	/* never match if other->list does not contain any attributes */
-	if (other == NULL || other->list->get_count(other->list) == 0)
-	{
-		return FALSE;
-	}
-
-	/* get first attribute from both lists */
-	enum_a = this->list->create_enumerator(this->list);
-	enum_a->enumerate(enum_a, &attr_a);
-	enum_b = other->list->create_enumerator(other->list);
-	enum_b->enumerate(enum_b, &attr_b);
-
-	/* look for at least one common attribute */
-	while (TRUE)
-	{
-		int cmp = attr_a->compare(attr_a, attr_b);
-
-		if (cmp == 0)
-		{
-			/* we have a match */
-			result = TRUE;
-			break;
-		}
-		if (cmp == -1)
-		{
-			/* attr_a is earlier in the alphabet, get next attr_a */
-			if (!enum_a->enumerate(enum_a, &attr_a))
-			{
-				/* we have reached the end of enum_a */
-				break;
-			}
-		}
-		else
-		{
-			/* attr_a is later in the alphabet, get next attr_b */
-			if (!enum_b->enumerate(enum_b, &attr_b))
-			{
-				/* we have reached the end of enum_b */
-				break;
-			}
-		}
-	}
-	enum_a->destroy(enum_a);
-	enum_b->destroy(enum_b);
-
-	return result;
-}
-
-METHOD(ietf_attributes_t, get_ref, ietf_attributes_t*,
-	private_ietf_attributes_t *this)
-{
-	ref_get(&this->ref);
-	return &this->public;
-}
-
-METHOD(ietf_attributes_t, destroy, void,
-	private_ietf_attributes_t *this)
-{
-	if (ref_put(&this->ref))
-	{
-		this->list->destroy_offset(this->list, offsetof(ietf_attr_t, destroy));
-		free(this->string);
-		free(this);
-	}
-}
-
-static private_ietf_attributes_t* create_empty(void)
-{
-	private_ietf_attributes_t *this;
-
-	INIT(this,
-		.public = {
-			.get_string = _get_string,
-			.get_encoding = _get_encoding,
-			.equals = (bool (*)(ietf_attributes_t*,ietf_attributes_t*))equals,
-			.matches = (bool (*)(ietf_attributes_t*,ietf_attributes_t*))matches,
-			.get_ref = _get_ref,
-			.destroy = _destroy,
-		},
-		.list = linked_list_create(),
-		.ref = 1,
-	);
-
-	return this;
-}
-
-/**
- * Adds an ietf_attr_t object to a sorted linked list
- */
-static void ietf_attributes_add(private_ietf_attributes_t *this,
-								ietf_attr_t *attr)
-{
-	ietf_attr_t *current_attr;
-	enumerator_t *enumerator;
-	int cmp = -1;
-
-	enumerator = this->list->create_enumerator(this->list);
-	while (enumerator->enumerate(enumerator, (void **)&current_attr) &&
-		  (cmp = attr->compare(attr, current_attr)) > 0)
-	{
-		continue;
-	}
-	if (cmp == 0)
-	{
-		attr->destroy(attr);
-	}
-	else
-	{	/* the enumerator either points to the end or to the attribute > attr */
-		this->list->insert_before(this->list, enumerator, attr);
-	}
-	enumerator->destroy(enumerator);
-}
-
-/*
- * Described in header.
- */
-ietf_attributes_t *ietf_attributes_create_from_string(char *string)
-{
-	private_ietf_attributes_t *this = create_empty();
-
-	chunk_t line = { string, strlen(string) };
-
-	while (eat_whitespace(&line))
-	{
-		chunk_t group;
-
-		/* extract the next comma-separated group attribute */
-		if (!extract_token(&group, ',', &line))
-		{
-			group = line;
-			line.len = 0;
-		}
-
-		/* remove any trailing spaces */
-		while (group.len > 0 && *(group.ptr + group.len - 1) == ' ')
-		{
-			group.len--;
-		}
-
-		/* add the group attribute to the list */
-		if (group.len > 0)
-		{
-			ietf_attr_t *attr = ietf_attr_create(IETF_ATTRIBUTE_STRING, group);
-
-			ietf_attributes_add(this, attr);
-		}
-	}
-
-	return &(this->public);
-}
-
-/**
- * ASN.1 definition of ietfAttrSyntax
- */
-static const asn1Object_t ietfAttrSyntaxObjects[] =
-{
-	{ 0, "ietfAttrSyntax",		ASN1_SEQUENCE,		ASN1_NONE }, /*  0 */
-	{ 1,   "policyAuthority",	ASN1_CONTEXT_C_0,	ASN1_OPT |
-													ASN1_BODY }, /*  1 */
-	{ 1,   "end opt",			ASN1_EOC,			ASN1_END  }, /*  2 */
-	{ 1,   "values",			ASN1_SEQUENCE,		ASN1_LOOP }, /*  3 */
-	{ 2,     "octets",			ASN1_OCTET_STRING,	ASN1_OPT |
-													ASN1_BODY }, /*  4 */
-	{ 2,     "end choice",		ASN1_EOC,			ASN1_END  }, /*  5 */
-	{ 2,     "oid",				ASN1_OID,			ASN1_OPT |
-													ASN1_BODY }, /*  6 */
-	{ 2,     "end choice",		ASN1_EOC,			ASN1_END  }, /*  7 */
-	{ 2,     "string",			ASN1_UTF8STRING,	ASN1_OPT |
-													ASN1_BODY }, /*  8 */
-	{ 2,     "end choice",		ASN1_EOC,			ASN1_END  }, /*  9 */
-	{ 1,   "end loop",			ASN1_EOC,			ASN1_END  }, /* 10 */
-	{ 0, "exit",				ASN1_EOC,			ASN1_EXIT }
-};
-#define IETF_ATTR_OCTETS	 4
-#define IETF_ATTR_OID		 6
-#define IETF_ATTR_STRING	 8
-
-/*
- * Described in header.
- */
-ietf_attributes_t *ietf_attributes_create_from_encoding(chunk_t encoded)
-{
-	private_ietf_attributes_t *this = create_empty();
-	asn1_parser_t *parser;
-	chunk_t object;
-	int objectID;
-
-	parser = asn1_parser_create(ietfAttrSyntaxObjects, encoded);
-	while (parser->iterate(parser, &objectID, &object))
-	{
-		switch (objectID)
-		{
-			case IETF_ATTR_OCTETS:
-			case IETF_ATTR_OID:
-			case IETF_ATTR_STRING:
-				{
-					ietf_attribute_type_t type;
-					ietf_attr_t *attr;
-
-					type = (objectID - IETF_ATTR_OCTETS) / 2;
-					attr = ietf_attr_create(type, object);
-					ietf_attributes_add(this, attr);
-				}
-				break;
-			default:
-				break;
-		}
-	}
-	parser->destroy(parser);
-
-	return &(this->public);
-}
-
diff --git a/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.h b/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.h
deleted file mode 100644
index ab6bae984..000000000
--- a/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.h
+++ /dev/null
@@ -1,92 +0,0 @@
-/*
- * Copyright (C) 2007-2009 Andreas Steffen
- *
- * HSR Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup ietf_attributes ietf_attributes
- * @{ @ingroup credentials
- */
-
-#ifndef IETF_ATTRIBUTES_H_
-#define IETF_ATTRIBUTES_H_
-
-typedef struct ietf_attributes_t ietf_attributes_t;
-
-#include <library.h>
-
-/**
- *
- */
-struct ietf_attributes_t {
-
-	/**
-	 * Get the an alphabetically sorted list of printable IETF attributes.
-	 *
-	 * Result points to internal data, do not free.
-	 *
-	 * @return 			a string containing printable attributes
-	 */
-	char* (*get_string) (ietf_attributes_t *this);
-
-	/**
-	 * Get the ASN.1 encoding of the IETF attributes.
-	 *
-	 * @return 			allocated chunk containing the encoded bytes
-	 */
-	chunk_t (*get_encoding) (ietf_attributes_t *this);
-
-	/**
-	 * Check for equality between two lists.
-	 *
-	 * @param other		attribute list to be checked for equality
-	 * @return 			TRUE if equal
-	 */
-	bool (*equals) (ietf_attributes_t *this, ietf_attributes_t *other);
-
-	/**
-	 * Check for common attributes between two lists.
-	 *
-	 * @param other		attribute list to be matched 
-	 * @return 			TRUE if there is at least a common attribute
-	 */
-	bool (*matches) (ietf_attributes_t *this, ietf_attributes_t *other);
-
-	/**
-	 * Get a new reference to the IETF attributes.
-	 *
-	 * @return			this, with an increased refcount
-	 */
-	ietf_attributes_t* (*get_ref)(ietf_attributes_t *this);
-
-	/**
-	 * Destroys an ietf_attributes_t object.
-	 */
-	void (*destroy) (ietf_attributes_t *this);
-};
-
-/**
- * @param string	input string, which will be converted
- * @return			ietf_attributes_t
- */
-ietf_attributes_t *ietf_attributes_create_from_string(char *string);
-
-/**
- * @param encoded	ASN.1 encoded bytes, such as from ietf_attributes.get_encoding
- * @return			ietf_attributes_t
- */
-ietf_attributes_t *ietf_attributes_create_from_encoding(chunk_t encoded);
-
-#endif /** IETF_ATTRIBUTES_H_ @}*/
-
diff --git a/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c b/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c
index 46bfb5c6e..c6b8d0c7e 100644
--- a/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c
+++ b/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c
@@ -133,7 +133,8 @@ static bool enumerate(wrapper_enumerator_t *this, certificate_t **cert)
 		}
 		else if (rule != AUTH_HELPER_SUBJECT_CERT &&
 				 rule != AUTH_HELPER_IM_CERT &&
-				 rule != AUTH_HELPER_REVOCATION_CERT)
+				 rule != AUTH_HELPER_REVOCATION_CERT &&
+				 rule != AUTH_HELPER_AC_CERT)
 		{	/* handle only HELPER certificates */
 			continue;
 		}
diff --git a/src/libstrongswan/crypto/aead.h b/src/libstrongswan/crypto/aead.h
index c887f53bb..43f71b65e 100644
--- a/src/libstrongswan/crypto/aead.h
+++ b/src/libstrongswan/crypto/aead.h
@@ -102,6 +102,10 @@ struct aead_t {
 	/**
 	 * Get the size of the key material (for encryption and authentication).
 	 *
+	 * This includes any additional bytes requires for the implicit nonce part.
+	 * For AEADs based on traditional ciphers, the length is for both
+	 * the integrity and the encryption key in total.
+	 *
 	 * @return				key size in bytes
 	 */
 	size_t (*get_key_size)(aead_t *this);
@@ -109,6 +113,11 @@ struct aead_t {
 	/**
 	 * Set the key for encryption and authentication.
 	 *
+	 * If the AEAD uses an implicit nonce, the last part of the key shall
+	 * be the implicit nonce. For AEADs based on traditional ciphers, the
+	 * key shall include both integrity and encryption keys, concatenated
+	 * in that order.
+	 *
 	 * @param key			encryption and authentication key
 	 * @return				TRUE if key set successfully
 	 */
diff --git a/src/libstrongswan/crypto/crypto_factory.c b/src/libstrongswan/crypto/crypto_factory.c
index dba3f6f6d..6dea30ee3 100644
--- a/src/libstrongswan/crypto/crypto_factory.c
+++ b/src/libstrongswan/crypto/crypto_factory.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2013 Tobias Brunner
+ * Copyright (C) 2013-2014 Tobias Brunner
  * Copyright (C) 2008 Martin Willi
  * Hochschule fuer Technik Rapperswil
  *
@@ -20,6 +20,7 @@
 #include <threading/rwlock.h>
 #include <collections/linked_list.h>
 #include <crypto/crypto_tester.h>
+#include <utils/test.h>
 
 const char *default_plugin_name = "default";
 
@@ -175,7 +176,7 @@ METHOD(crypto_factory_t, create_crypter, crypter_t*,
 
 METHOD(crypto_factory_t, create_aead, aead_t*,
 	private_crypto_factory_t *this, encryption_algorithm_t algo,
-	size_t key_size)
+	size_t key_size, size_t salt_size)
 {
 	enumerator_t *enumerator;
 	entry_t *entry;
@@ -189,12 +190,12 @@ METHOD(crypto_factory_t, create_aead, aead_t*,
 		{
 			if (this->test_on_create &&
 				!this->tester->test_aead(this->tester, algo, key_size,
-										 entry->create_aead, NULL,
+										 salt_size, entry->create_aead, NULL,
 										 default_plugin_name))
 			{
 				continue;
 			}
-			aead = entry->create_aead(algo, key_size);
+			aead = entry->create_aead(algo, key_size, salt_size);
 			if (aead)
 			{
 				break;
@@ -473,7 +474,7 @@ METHOD(crypto_factory_t, add_aead, bool,
 	u_int speed = 0;
 
 	if (!this->test_on_add ||
-		this->tester->test_aead(this->tester, algo, 0, create,
+		this->tester->test_aead(this->tester, algo, 0, 0, create,
 								this->bench ? &speed : NULL, plugin_name))
 	{
 		add_entry(this, this->aeads, algo, plugin_name, speed, create);
@@ -976,3 +977,39 @@ crypto_factory_t *crypto_factory_create()
 
 	return &this->public;
 }
+
+/**
+ * Manually verify all registered algorithms against test vectors
+ */
+static u_int verify_registered_algorithms(crypto_factory_t *factory)
+{
+	private_crypto_factory_t *this = (private_crypto_factory_t*)factory;
+	enumerator_t *enumerator;
+	entry_t *entry;
+	u_int failures = 0;
+
+#define TEST_ALGORITHMS(test, ...) do { \
+	enumerator = this->test##s->create_enumerator(this->test##s); \
+	while (enumerator->enumerate(enumerator, &entry)) \
+	{ \
+		if (!this->tester->test_##test(this->tester, entry->algo, ##__VA_ARGS__, \
+							entry->create_##test, NULL, entry->plugin_name)) \
+		{ \
+			failures++; \
+		} \
+	} \
+	enumerator->destroy(enumerator); \
+} while (0)
+
+	this->lock->read_lock(this->lock);
+	TEST_ALGORITHMS(crypter, 0);
+	TEST_ALGORITHMS(aead, 0, 0);
+	TEST_ALGORITHMS(signer);
+	TEST_ALGORITHMS(hasher);
+	TEST_ALGORITHMS(prf);
+	TEST_ALGORITHMS(rng);
+	this->lock->unlock(this->lock);
+	return failures;
+}
+
+EXPORT_FUNCTION_FOR_TESTS(crypto, verify_registered_algorithms);
diff --git a/src/libstrongswan/crypto/crypto_factory.h b/src/libstrongswan/crypto/crypto_factory.h
index 281dc256f..7865bcb15 100644
--- a/src/libstrongswan/crypto/crypto_factory.h
+++ b/src/libstrongswan/crypto/crypto_factory.h
@@ -46,7 +46,7 @@ typedef crypter_t* (*crypter_constructor_t)(encryption_algorithm_t algo,
  * Constructor function for aead transforms
  */
 typedef aead_t* (*aead_constructor_t)(encryption_algorithm_t algo,
-									  size_t key_size);
+									  size_t key_size, size_t salt_size);
 /**
  * Constructor function for signers
  */
@@ -100,10 +100,12 @@ struct crypto_factory_t {
 	 *
 	 * @param algo			encryption algorithm
 	 * @param key_size		length of the key in bytes
+	 * @param salt_size		size of salt, implicit part of the nonce
 	 * @return				aead_t instance, NULL if not supported
 	 */
 	aead_t* (*create_aead)(crypto_factory_t *this,
-						   encryption_algorithm_t algo, size_t key_size);
+						   encryption_algorithm_t algo,
+						   size_t key_size, size_t salt_size);
 
 	/**
 	 * Create a symmetric signer instance.
diff --git a/src/libstrongswan/crypto/crypto_tester.c b/src/libstrongswan/crypto/crypto_tester.c
index 30724b16d..c6780daf1 100644
--- a/src/libstrongswan/crypto/crypto_tester.c
+++ b/src/libstrongswan/crypto/crypto_tester.c
@@ -204,16 +204,13 @@ METHOD(crypto_tester_t, test_crypter, bool,
 			continue;
 		}
 
-		tested++;
-		failed = TRUE;
 		crypter = create(alg, vector->key_size);
 		if (!crypter)
-		{
-			DBG1(DBG_LIB, "%N[%s]: %u bit key size not supported",
-				 encryption_algorithm_names, alg, plugin_name,
-				 BITS_PER_BYTE * vector->key_size);
+		{	/* key size not supported */
 			continue;
 		}
+		tested++;
+		failed = TRUE;
 
 		key = chunk_create(vector->key, crypter->get_key_size(crypter));
 		if (!crypter->set_key(crypter, key))
@@ -318,7 +315,7 @@ static u_int bench_aead(private_crypto_tester_t *this,
 {
 	aead_t *aead;
 
-	aead = create(alg, 0);
+	aead = create(alg, 0, 0);
 	if (aead)
 	{
 		char iv[aead->get_iv_size(aead)];
@@ -367,7 +364,8 @@ static u_int bench_aead(private_crypto_tester_t *this,
 
 METHOD(crypto_tester_t, test_aead, bool,
 	private_crypto_tester_t *this, encryption_algorithm_t alg, size_t key_size,
-	aead_constructor_t create, u_int *speed, const char *plugin_name)
+	size_t salt_size, aead_constructor_t create,
+	u_int *speed, const char *plugin_name)
 {
 	enumerator_t *enumerator;
 	aead_test_vector_t *vector;
@@ -389,10 +387,14 @@ METHOD(crypto_tester_t, test_aead, bool,
 		{	/* test only vectors with a specific key size, if key size given */
 			continue;
 		}
+		if (salt_size && salt_size != vector->salt_size)
+		{
+			continue;
+		}
 
 		tested++;
 		failed = TRUE;
-		aead = create(alg, vector->key_size);
+		aead = create(alg, vector->key_size, vector->salt_size);
 		if (!aead)
 		{
 			DBG1(DBG_LIB, "%N[%s]: %u bit key size not supported",
@@ -1221,4 +1223,3 @@ crypto_tester_t *crypto_tester_create()
 
 	return &this->public;
 }
-
diff --git a/src/libstrongswan/crypto/crypto_tester.h b/src/libstrongswan/crypto/crypto_tester.h
index 9ac665929..add3b1cdf 100644
--- a/src/libstrongswan/crypto/crypto_tester.h
+++ b/src/libstrongswan/crypto/crypto_tester.h
@@ -54,6 +54,8 @@ struct aead_test_vector_t {
 	encryption_algorithm_t alg;
 	/** key length to use, in bytes */
 	size_t key_size;
+	/** salt length to use, in bytes */
+	size_t salt_size;
 	/** encryption key of test vector */
 	u_char *key;
 	/** initialization vector, using crypters blocksize bytes */
@@ -150,13 +152,15 @@ struct crypto_tester_t {
 	 *
 	 * @param alg			algorithm to test
 	 * @param key_size		key size to test, 0 for default
+	 * @param salt_size		salt length to test, 0 for default
 	 * @param create		constructor function for the aead transform
 	 * @param speed			speed test result, NULL to omit
 	 * @return				TRUE if test passed
 	 */
 	bool (*test_aead)(crypto_tester_t *this, encryption_algorithm_t alg,
-						 size_t key_size, aead_constructor_t create,
-						 u_int *speed, const char *plugin_name);
+					  size_t key_size, size_t salt_size,
+					  aead_constructor_t create,
+					  u_int *speed, const char *plugin_name);
 	/**
 	 * Test a signer algorithm.
 	 *
diff --git a/src/libstrongswan/library.c b/src/libstrongswan/library.c
index 8472c30a5..c5bb4cd93 100644
--- a/src/libstrongswan/library.c
+++ b/src/libstrongswan/library.c
@@ -265,8 +265,11 @@ bool library_init(char *settings, const char *namespace)
 
 #ifdef LEAK_DETECTIVE
 	lib->leak_detective = leak_detective_create();
-	lib->leak_detective->set_report_cb(lib->leak_detective,
-									   report_leaks, sum_leaks, NULL);
+	if (lib->leak_detective)
+	{
+		lib->leak_detective->set_report_cb(lib->leak_detective,
+										   report_leaks, sum_leaks, NULL);
+	}
 #endif /* LEAK_DETECTIVE */
 
 	pfh = printf_hook_create();
diff --git a/src/libstrongswan/plugins/acert/Makefile.am b/src/libstrongswan/plugins/acert/Makefile.am
new file mode 100644
index 000000000..ba16f413a
--- /dev/null
+++ b/src/libstrongswan/plugins/acert/Makefile.am
@@ -0,0 +1,17 @@
+AM_CPPFLAGS = \
+	-I$(top_srcdir)/src/libstrongswan
+
+AM_CFLAGS = \
+	-rdynamic
+
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-acert.la
+else
+plugin_LTLIBRARIES = libstrongswan-acert.la
+endif
+
+libstrongswan_acert_la_SOURCES = \
+	acert_validator.h acert_validator.c \
+	acert_plugin.h acert_plugin.c
+
+libstrongswan_acert_la_LDFLAGS = -module -avoid-version
diff --git a/src/openac/Makefile.in b/src/libstrongswan/plugins/acert/Makefile.in
index b5e00bee6..3dd650d4b 100644
--- a/src/openac/Makefile.in
+++ b/src/libstrongswan/plugins/acert/Makefile.in
@@ -78,10 +78,9 @@ PRE_UNINSTALL = :
 POST_UNINSTALL = :
 build_triplet = @build@
 host_triplet = @host@
-ipsec_PROGRAMS = openac$(EXEEXT)
-subdir = src/openac
+subdir = src/libstrongswan/plugins/acert
 DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
-	$(top_srcdir)/depcomp $(dist_man_MANS)
+	$(top_srcdir)/depcomp
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
 am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
 	$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -99,16 +98,49 @@ mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES =
 CONFIG_CLEAN_VPATH_FILES =
-am__installdirs = "$(DESTDIR)$(ipsecdir)" "$(DESTDIR)$(man8dir)"
-PROGRAMS = $(ipsec_PROGRAMS)
-am_openac_OBJECTS = openac.$(OBJEXT)
-openac_OBJECTS = $(am_openac_OBJECTS)
-openac_DEPENDENCIES =  \
-	$(top_builddir)/src/libstrongswan/libstrongswan.la
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+    $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+    *) f=$$p;; \
+  esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+  srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+  for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+  for p in $$list; do echo "$$p $$p"; done | \
+  sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+  $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+    if (++n[$$2] == $(am__install_max)) \
+      { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+    END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+  sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+  sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+  test -z "$$files" \
+    || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+    || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+         $(am__cd) "$$dir" && rm -f $$files; }; \
+  }
+am__installdirs = "$(DESTDIR)$(plugindir)"
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
+libstrongswan_acert_la_LIBADD =
+am_libstrongswan_acert_la_OBJECTS = acert_validator.lo acert_plugin.lo
+libstrongswan_acert_la_OBJECTS = $(am_libstrongswan_acert_la_OBJECTS)
 AM_V_lt = $(am__v_lt_@AM_V@)
 am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
 am__v_lt_0 = --silent
 am__v_lt_1 = 
+libstrongswan_acert_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
+	$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
+	$(AM_CFLAGS) $(CFLAGS) $(libstrongswan_acert_la_LDFLAGS) \
+	$(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_acert_la_rpath = -rpath \
+@MONOLITHIC_FALSE@	$(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_acert_la_rpath =
 AM_V_P = $(am__v_P_@AM_V@)
 am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
 am__v_P_0 = false
@@ -143,43 +175,13 @@ AM_V_CCLD = $(am__v_CCLD_@AM_V@)
 am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
 am__v_CCLD_0 = @echo "  CCLD    " $@;
 am__v_CCLD_1 = 
-SOURCES = $(openac_SOURCES)
-DIST_SOURCES = $(openac_SOURCES)
+SOURCES = $(libstrongswan_acert_la_SOURCES)
+DIST_SOURCES = $(libstrongswan_acert_la_SOURCES)
 am__can_run_installinfo = \
   case $$AM_UPDATE_INFO_DIR in \
     n|no|NO) false;; \
     *) (install-info --version) >/dev/null 2>&1;; \
   esac
-am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
-am__vpath_adj = case $$p in \
-    $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
-    *) f=$$p;; \
-  esac;
-am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
-am__install_max = 40
-am__nobase_strip_setup = \
-  srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
-am__nobase_strip = \
-  for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
-am__nobase_list = $(am__nobase_strip_setup); \
-  for p in $$list; do echo "$$p $$p"; done | \
-  sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
-  $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
-    if (++n[$$2] == $(am__install_max)) \
-      { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
-    END { for (dir in files) print dir, files[dir] }'
-am__base_list = \
-  sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
-  sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
-am__uninstall_files_from_dir = { \
-  test -z "$$files" \
-    || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
-    || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
-         $(am__cd) "$$dir" && rm -f $$files; }; \
-  }
-man8dir = $(mandir)/man8
-NROFF = nroff
-MANS = $(dist_man_MANS)
 am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
 # Read a list of newline-separated strings from the standard input,
 # and print each of them once, without duplicates.  Input order is
@@ -369,7 +371,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
@@ -409,14 +410,19 @@ top_srcdir = @top_srcdir@
 urandom_device = @urandom_device@
 xml_CFLAGS = @xml_CFLAGS@
 xml_LIBS = @xml_LIBS@
-openac_SOURCES = openac.c
-dist_man_MANS = openac.8
 AM_CPPFLAGS = \
-	-I$(top_srcdir)/src/libstrongswan \
-	-DIPSEC_CONFDIR=\"${sysconfdir}\" \
-	-DPLUGINS=\""${openac_plugins}\""
+	-I$(top_srcdir)/src/libstrongswan
+
+AM_CFLAGS = \
+	-rdynamic
 
-openac_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-acert.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-acert.la
+libstrongswan_acert_la_SOURCES = \
+	acert_validator.h acert_validator.c \
+	acert_plugin.h acert_plugin.c
+
+libstrongswan_acert_la_LDFLAGS = -module -avoid-version
 all: all-am
 
 .SUFFIXES:
@@ -430,9 +436,9 @@ $(srcdir)/Makefile.in:  $(srcdir)/Makefile.am  $(am__configure_deps)
 	      exit 1;; \
 	  esac; \
 	done; \
-	echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/openac/Makefile'; \
+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/acert/Makefile'; \
 	$(am__cd) $(top_srcdir) && \
-	  $(AUTOMAKE) --gnu src/openac/Makefile
+	  $(AUTOMAKE) --gnu src/libstrongswan/plugins/acert/Makefile
 .PRECIOUS: Makefile
 Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
 	@case '$?' in \
@@ -451,59 +457,55 @@ $(top_srcdir)/configure:  $(am__configure_deps)
 $(ACLOCAL_M4):  $(am__aclocal_m4_deps)
 	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
 $(am__aclocal_m4_deps):
-install-ipsecPROGRAMS: $(ipsec_PROGRAMS)
+
+clean-noinstLTLIBRARIES:
+	-test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+	@list='$(noinst_LTLIBRARIES)'; \
+	locs=`for p in $$list; do echo $$p; done | \
+	      sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+	      sort -u`; \
+	test -z "$$locs" || { \
+	  echo rm -f $${locs}; \
+	  rm -f $${locs}; \
+	}
+
+install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
 	@$(NORMAL_INSTALL)
-	@list='$(ipsec_PROGRAMS)'; test -n "$(ipsecdir)" || list=; \
-	if test -n "$$list"; then \
-	  echo " $(MKDIR_P) '$(DESTDIR)$(ipsecdir)'"; \
-	  $(MKDIR_P) "$(DESTDIR)$(ipsecdir)" || exit 1; \
-	fi; \
-	for p in $$list; do echo "$$p $$p"; done | \
-	sed 's/$(EXEEXT)$$//' | \
-	while read p p1; do if test -f $$p \
-	 || test -f $$p1 \
-	  ; then echo "$$p"; echo "$$p"; else :; fi; \
-	done | \
-	sed -e 'p;s,.*/,,;n;h' \
-	    -e 's|.*|.|' \
-	    -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \
-	sed 'N;N;N;s,\n, ,g' | \
-	$(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \
-	  { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \
-	    if ($$2 == $$4) files[d] = files[d] " " $$1; \
-	    else { print "f", $$3 "/" $$4, $$1; } } \
-	  END { for (d in files) print "f", d, files[d] }' | \
-	while read type dir files; do \
-	    if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \
-	    test -z "$$files" || { \
-	    echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(ipsecdir)$$dir'"; \
-	    $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(ipsecdir)$$dir" || exit $$?; \
-	    } \
-	; done
-
-uninstall-ipsecPROGRAMS:
+	@list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \
+	list2=; for p in $$list; do \
+	  if test -f $$p; then \
+	    list2="$$list2 $$p"; \
+	  else :; fi; \
+	done; \
+	test -z "$$list2" || { \
+	  echo " $(MKDIR_P) '$(DESTDIR)$(plugindir)'"; \
+	  $(MKDIR_P) "$(DESTDIR)$(plugindir)" || exit 1; \
+	  echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(plugindir)'"; \
+	  $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(plugindir)"; \
+	}
+
+uninstall-pluginLTLIBRARIES:
 	@$(NORMAL_UNINSTALL)
-	@list='$(ipsec_PROGRAMS)'; test -n "$(ipsecdir)" || list=; \
-	files=`for p in $$list; do echo "$$p"; done | \
-	  sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \
-	      -e 's/$$/$(EXEEXT)/' \
-	`; \
-	test -n "$$list" || exit 0; \
-	echo " ( cd '$(DESTDIR)$(ipsecdir)' && rm -f" $$files ")"; \
-	cd "$(DESTDIR)$(ipsecdir)" && rm -f $$files
-
-clean-ipsecPROGRAMS:
-	@list='$(ipsec_PROGRAMS)'; test -n "$$list" || exit 0; \
-	echo " rm -f" $$list; \
-	rm -f $$list || exit $$?; \
-	test -n "$(EXEEXT)" || exit 0; \
-	list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \
-	echo " rm -f" $$list; \
-	rm -f $$list
-
-openac$(EXEEXT): $(openac_OBJECTS) $(openac_DEPENDENCIES) $(EXTRA_openac_DEPENDENCIES) 
-	@rm -f openac$(EXEEXT)
-	$(AM_V_CCLD)$(LINK) $(openac_OBJECTS) $(openac_LDADD) $(LIBS)
+	@list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \
+	for p in $$list; do \
+	  $(am__strip_dir) \
+	  echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(plugindir)/$$f'"; \
+	  $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(plugindir)/$$f"; \
+	done
+
+clean-pluginLTLIBRARIES:
+	-test -z "$(plugin_LTLIBRARIES)" || rm -f $(plugin_LTLIBRARIES)
+	@list='$(plugin_LTLIBRARIES)'; \
+	locs=`for p in $$list; do echo $$p; done | \
+	      sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+	      sort -u`; \
+	test -z "$$locs" || { \
+	  echo rm -f $${locs}; \
+	  rm -f $${locs}; \
+	}
+
+libstrongswan-acert.la: $(libstrongswan_acert_la_OBJECTS) $(libstrongswan_acert_la_DEPENDENCIES) $(EXTRA_libstrongswan_acert_la_DEPENDENCIES) 
+	$(AM_V_CCLD)$(libstrongswan_acert_la_LINK) $(am_libstrongswan_acert_la_rpath) $(libstrongswan_acert_la_OBJECTS) $(libstrongswan_acert_la_LIBADD) $(LIBS)
 
 mostlyclean-compile:
 	-rm -f *.$(OBJEXT)
@@ -511,7 +513,8 @@ mostlyclean-compile:
 distclean-compile:
 	-rm -f *.tab.c
 
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openac.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/acert_plugin.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/acert_validator.Plo@am__quote@
 
 .c.o:
 @am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
@@ -542,49 +545,6 @@ mostlyclean-libtool:
 
 clean-libtool:
 	-rm -rf .libs _libs
-install-man8: $(dist_man_MANS)
-	@$(NORMAL_INSTALL)
-	@list1=''; \
-	list2='$(dist_man_MANS)'; \
-	test -n "$(man8dir)" \
-	  && test -n "`echo $$list1$$list2`" \
-	  || exit 0; \
-	echo " $(MKDIR_P) '$(DESTDIR)$(man8dir)'"; \
-	$(MKDIR_P) "$(DESTDIR)$(man8dir)" || exit 1; \
-	{ for i in $$list1; do echo "$$i"; done;  \
-	if test -n "$$list2"; then \
-	  for i in $$list2; do echo "$$i"; done \
-	    | sed -n '/\.8[a-z]*$$/p'; \
-	fi; \
-	} | while read p; do \
-	  if test -f $$p; then d=; else d="$(srcdir)/"; fi; \
-	  echo "$$d$$p"; echo "$$p"; \
-	done | \
-	sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \
-	      -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \
-	sed 'N;N;s,\n, ,g' | { \
-	list=; while read file base inst; do \
-	  if test "$$base" = "$$inst"; then list="$$list $$file"; else \
-	    echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
-	    $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \
-	  fi; \
-	done; \
-	for i in $$list; do echo "$$i"; done | $(am__base_list) | \
-	while read files; do \
-	  test -z "$$files" || { \
-	    echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \
-	    $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \
-	done; }
-
-uninstall-man8:
-	@$(NORMAL_UNINSTALL)
-	@list=''; test -n "$(man8dir)" || exit 0; \
-	files=`{ for i in $$list; do echo "$$i"; done; \
-	l2='$(dist_man_MANS)'; for i in $$l2; do echo "$$i"; done | \
-	  sed -n '/\.8[a-z]*$$/p'; \
-	} | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \
-	      -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \
-	dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir)
 
 ID: $(am__tagged_files)
 	$(am__define_uniq_tagged_files); mkid -fID $$unique
@@ -670,9 +630,9 @@ distdir: $(DISTFILES)
 	done
 check-am: all-am
 check: check-am
-all-am: Makefile $(PROGRAMS) $(MANS)
+all-am: Makefile $(LTLIBRARIES)
 installdirs:
-	for dir in "$(DESTDIR)$(ipsecdir)" "$(DESTDIR)$(man8dir)"; do \
+	for dir in "$(DESTDIR)$(plugindir)"; do \
 	  test -z "$$dir" || $(MKDIR_P) "$$dir"; \
 	done
 install: install-am
@@ -707,8 +667,8 @@ maintainer-clean-generic:
 	@echo "it deletes files that may require special tools to rebuild."
 clean: clean-am
 
-clean-am: clean-generic clean-ipsecPROGRAMS clean-libtool \
-	mostlyclean-am
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+	clean-pluginLTLIBRARIES mostlyclean-am
 
 distclean: distclean-am
 	-rm -rf ./$(DEPDIR)
@@ -728,7 +688,7 @@ info: info-am
 
 info-am:
 
-install-data-am: install-ipsecPROGRAMS install-man
+install-data-am: install-pluginLTLIBRARIES
 
 install-dvi: install-dvi-am
 
@@ -744,7 +704,7 @@ install-info: install-info-am
 
 install-info-am:
 
-install-man: install-man8
+install-man:
 
 install-pdf: install-pdf-am
 
@@ -774,28 +734,25 @@ ps: ps-am
 
 ps-am:
 
-uninstall-am: uninstall-ipsecPROGRAMS uninstall-man
-
-uninstall-man: uninstall-man8
+uninstall-am: uninstall-pluginLTLIBRARIES
 
 .MAKE: install-am install-strip
 
 .PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \
-	clean-ipsecPROGRAMS clean-libtool cscopelist-am ctags ctags-am \
-	distclean distclean-compile distclean-generic \
-	distclean-libtool distclean-tags distdir dvi dvi-am html \
-	html-am info info-am install install-am install-data \
-	install-data-am install-dvi install-dvi-am install-exec \
-	install-exec-am install-html install-html-am install-info \
-	install-info-am install-ipsecPROGRAMS install-man install-man8 \
-	install-pdf install-pdf-am install-ps install-ps-am \
-	install-strip installcheck installcheck-am installdirs \
-	maintainer-clean maintainer-clean-generic mostlyclean \
-	mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
-	pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am \
-	uninstall-ipsecPROGRAMS uninstall-man uninstall-man8
-
-openac.o :		$(top_builddir)/config.status
+	clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+	cscopelist-am ctags ctags-am distclean distclean-compile \
+	distclean-generic distclean-libtool distclean-tags distdir dvi \
+	dvi-am html html-am info info-am install install-am \
+	install-data install-data-am install-dvi install-dvi-am \
+	install-exec install-exec-am install-html install-html-am \
+	install-info install-info-am install-man install-pdf \
+	install-pdf-am install-pluginLTLIBRARIES install-ps \
+	install-ps-am install-strip installcheck installcheck-am \
+	installdirs maintainer-clean maintainer-clean-generic \
+	mostlyclean mostlyclean-compile mostlyclean-generic \
+	mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
+	uninstall-am uninstall-pluginLTLIBRARIES
+
 
 # Tell versions [3.59,3.63) of GNU make to not export all variables.
 # Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/src/libstrongswan/plugins/acert/acert_plugin.c b/src/libstrongswan/plugins/acert/acert_plugin.c
new file mode 100644
index 000000000..01d9ae3b8
--- /dev/null
+++ b/src/libstrongswan/plugins/acert/acert_plugin.c
@@ -0,0 +1,99 @@
+/*
+ * Copyright (C) 2014 Martin Willi
+ * Copyright (C) 2014 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "acert_plugin.h"
+#include "acert_validator.h"
+
+#include <library.h>
+
+typedef struct private_acert_plugin_t private_acert_plugin_t;
+
+/**
+ * private data of acert_plugin
+ */
+struct private_acert_plugin_t {
+
+	/**
+	 * public functions
+	 */
+	acert_plugin_t public;
+
+	/**
+	 * Validator implementation instance.
+	 */
+	acert_validator_t *validator;
+};
+
+METHOD(plugin_t, get_name, char*,
+	private_acert_plugin_t *this)
+{
+	return "acert";
+}
+
+/**
+ * Register validator
+ */
+static bool plugin_cb(private_acert_plugin_t *this,
+					  plugin_feature_t *feature, bool reg, void *cb_data)
+{
+	if (reg)
+	{
+		lib->credmgr->add_validator(lib->credmgr, &this->validator->validator);
+	}
+	else
+	{
+		lib->credmgr->remove_validator(lib->credmgr, &this->validator->validator);
+	}
+	return TRUE;
+}
+
+METHOD(plugin_t, get_features, int,
+	private_acert_plugin_t *this, plugin_feature_t *features[])
+{
+	static plugin_feature_t f[] = {
+		PLUGIN_CALLBACK((plugin_feature_callback_t)plugin_cb, NULL),
+			PLUGIN_PROVIDE(CUSTOM, "acert"),
+	};
+	*features = f;
+	return countof(f);
+}
+
+METHOD(plugin_t, destroy, void,
+	private_acert_plugin_t *this)
+{
+	this->validator->destroy(this->validator);
+	free(this);
+}
+
+/*
+ * see header file
+ */
+plugin_t *acert_plugin_create()
+{
+	private_acert_plugin_t *this;
+
+	INIT(this,
+		.public = {
+			.plugin = {
+				.get_name = _get_name,
+				.get_features = _get_features,
+				.destroy = _destroy,
+			},
+		},
+		.validator = acert_validator_create(),
+	);
+
+	return &this->public.plugin;
+}
diff --git a/src/libstrongswan/plugins/acert/acert_plugin.h b/src/libstrongswan/plugins/acert/acert_plugin.h
new file mode 100644
index 000000000..97d12936d
--- /dev/null
+++ b/src/libstrongswan/plugins/acert/acert_plugin.h
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2014 Martin Willi
+ * Copyright (C) 2014 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup acert acert
+ * @ingroup plugins
+ *
+ * @defgroup acert_plugin acert_plugin
+ * @{ @ingroup acert
+ */
+
+#ifndef ACERT_PLUGIN_H_
+#define ACERT_PLUGIN_H_
+
+#include <plugins/plugin.h>
+
+typedef struct acert_plugin_t acert_plugin_t;
+
+/**
+ * X.509 attribute certificate group membership checking.
+ */
+struct acert_plugin_t {
+
+	/**
+	 * Implements plugin_t. interface.
+	 */
+	plugin_t plugin;
+};
+
+#endif /** ACERT_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/acert/acert_validator.c b/src/libstrongswan/plugins/acert/acert_validator.c
new file mode 100644
index 000000000..ab15dba98
--- /dev/null
+++ b/src/libstrongswan/plugins/acert/acert_validator.c
@@ -0,0 +1,149 @@
+/*
+ * Copyright (C) 2014 Martin Willi
+ * Copyright (C) 2014 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#define _GNU_SOURCE
+#include <library.h>
+
+#include "acert_validator.h"
+
+#include <credentials/certificates/x509.h>
+#include <credentials/certificates/ac.h>
+
+typedef struct private_acert_validator_t private_acert_validator_t;
+
+/**
+ * Private data of an acert_validator_t object.
+ */
+struct private_acert_validator_t {
+
+	/**
+	 * Public acert_validator_t interface.
+	 */
+	acert_validator_t public;
+};
+
+/**
+ * Check if an AC can be trusted
+ */
+static bool verify(private_acert_validator_t *this, certificate_t *ac)
+{
+	certificate_t *issuer;
+	enumerator_t *enumerator;
+	bool verified = FALSE;
+
+	if (!ac->get_validity(ac, NULL, NULL, NULL))
+	{
+		return FALSE;
+	}
+	DBG1(DBG_CFG, "verifying attribute certificate issued by \"%Y\"",
+		 ac->get_issuer(ac));
+	enumerator = lib->credmgr->create_trusted_enumerator(lib->credmgr, KEY_ANY,
+													ac->get_issuer(ac), TRUE);
+	while (enumerator->enumerate(enumerator, &issuer, NULL))
+	{
+		if (issuer->get_validity(issuer, NULL, NULL, NULL))
+		{
+			if (lib->credmgr->issued_by(lib->credmgr, ac, issuer, NULL))
+			{
+				verified = TRUE;
+				break;
+			}
+		}
+	}
+	enumerator->destroy(enumerator);
+
+	return verified;
+}
+
+/**
+ * Apply AC group membership to auth config
+ */
+static void apply(private_acert_validator_t *this, ac_t *ac, auth_cfg_t *auth)
+{
+	enumerator_t *enumerator;
+	ac_group_type_t type;
+	chunk_t chunk;
+
+	enumerator = ac->create_group_enumerator(ac);
+	while (enumerator->enumerate(enumerator, &type, &chunk))
+	{
+		if (type == AC_GROUP_TYPE_STRING)
+		{
+			auth->add(auth, AUTH_RULE_GROUP,
+					  identification_create_from_data(chunk));
+		}
+	}
+	enumerator->destroy(enumerator);
+}
+
+METHOD(cert_validator_t, validate, bool,
+	private_acert_validator_t *this, certificate_t *subject,
+	certificate_t *issuer, bool online, u_int pathlen, bool anchor,
+	auth_cfg_t *auth)
+{
+	/* for X.509 end entity certs only */
+	if (pathlen == 0 && subject->get_type(subject) == CERT_X509)
+	{
+		x509_t *x509 = (x509_t*)subject;
+		enumerator_t *enumerator;
+		identification_t *id, *serial;
+		ac_t *ac;
+
+		/* find attribute certificates by serial and issuer. A lookup by
+		 * the holder DN would work as well, but RFC 5755 recommends the use
+		 * of baseCertificateID. */
+		serial = identification_create_from_encoding(ID_KEY_ID,
+													 x509->get_serial(x509));
+		enumerator = lib->credmgr->create_cert_enumerator(lib->credmgr,
+										CERT_X509_AC, KEY_ANY, serial, FALSE);
+		while (enumerator->enumerate(enumerator, &ac))
+		{
+			id = ac->get_holderIssuer(ac);
+			if (id && id->equals(id, subject->get_issuer(subject)))
+			{
+				if (verify(this, &ac->certificate))
+				{
+					apply(this, ac, auth);
+				}
+			}
+		}
+		enumerator->destroy(enumerator);
+		serial->destroy(serial);
+	}
+	return TRUE;
+}
+
+METHOD(acert_validator_t, destroy, void,
+	private_acert_validator_t *this)
+{
+	free(this);
+}
+
+/**
+ * See header
+ */
+acert_validator_t *acert_validator_create()
+{
+	private_acert_validator_t *this;
+
+	INIT(this,
+		.public = {
+			.validator.validate = _validate,
+			.destroy = _destroy,
+		},
+	);
+
+	return &this->public;
+}
diff --git a/src/libstrongswan/plugins/acert/acert_validator.h b/src/libstrongswan/plugins/acert/acert_validator.h
new file mode 100644
index 000000000..507776f18
--- /dev/null
+++ b/src/libstrongswan/plugins/acert/acert_validator.h
@@ -0,0 +1,49 @@
+/*
+ * Copyright (C) 2014 Martin Willi
+ * Copyright (C) 2014 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup acert_validator acert_validator
+ * @{ @ingroup acert
+ */
+
+#ifndef ACERT_VALIDATOR_H_
+#define ACERT_VALIDATOR_H_
+
+#include <credentials/cert_validator.h>
+
+typedef struct acert_validator_t acert_validator_t;
+
+/**
+ * Attribute certificate group membership checking
+ */
+struct acert_validator_t {
+
+	/**
+	 * Implements cert_validator_t interface.
+	 */
+	cert_validator_t validator;
+
+	/**
+	 * Destroy a acert_validator_t.
+	 */
+	void (*destroy)(acert_validator_t *this);
+};
+
+/**
+ * Create a acert_validator instance.
+ */
+acert_validator_t *acert_validator_create();
+
+#endif /** ACERT_VALIDATOR_H_ @}*/
diff --git a/src/libstrongswan/plugins/aes/Makefile.in b/src/libstrongswan/plugins/aes/Makefile.in
index 9e91e8671..f9c0750ed 100644
--- a/src/libstrongswan/plugins/aes/Makefile.in
+++ b/src/libstrongswan/plugins/aes/Makefile.in
@@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/af_alg/Makefile.in b/src/libstrongswan/plugins/af_alg/Makefile.in
index 4ea1e8f36..08f5e9453 100644
--- a/src/libstrongswan/plugins/af_alg/Makefile.in
+++ b/src/libstrongswan/plugins/af_alg/Makefile.in
@@ -374,7 +374,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/agent/Makefile.in b/src/libstrongswan/plugins/agent/Makefile.in
index 150e8d4d4..bfd9f2b6c 100644
--- a/src/libstrongswan/plugins/agent/Makefile.in
+++ b/src/libstrongswan/plugins/agent/Makefile.in
@@ -372,7 +372,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/blowfish/Makefile.in b/src/libstrongswan/plugins/blowfish/Makefile.in
index f13a96421..1e3f69f96 100644
--- a/src/libstrongswan/plugins/blowfish/Makefile.in
+++ b/src/libstrongswan/plugins/blowfish/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/ccm/Makefile.in b/src/libstrongswan/plugins/ccm/Makefile.in
index ed3f05681..b1e0f160b 100644
--- a/src/libstrongswan/plugins/ccm/Makefile.in
+++ b/src/libstrongswan/plugins/ccm/Makefile.in
@@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/ccm/ccm_aead.c b/src/libstrongswan/plugins/ccm/ccm_aead.c
index 65eccb2db..6d4b2e13c 100644
--- a/src/libstrongswan/plugins/ccm/ccm_aead.c
+++ b/src/libstrongswan/plugins/ccm/ccm_aead.c
@@ -343,7 +343,8 @@ METHOD(aead_t, destroy, void,
 /**
  * See header
  */
-ccm_aead_t *ccm_aead_create(encryption_algorithm_t algo, size_t key_size)
+ccm_aead_t *ccm_aead_create(encryption_algorithm_t algo,
+							size_t key_size, size_t salt_size)
 {
 	private_ccm_aead_t *this;
 	size_t icv_size;
@@ -360,6 +361,11 @@ ccm_aead_t *ccm_aead_create(encryption_algorithm_t algo, size_t key_size)
 		default:
 			return NULL;
 	}
+	if (salt_size && salt_size != SALT_SIZE)
+	{
+		/* currently not supported */
+		return NULL;
+	}
 	switch (algo)
 	{
 		case ENCR_AES_CCM_ICV8:
diff --git a/src/libstrongswan/plugins/ccm/ccm_aead.h b/src/libstrongswan/plugins/ccm/ccm_aead.h
index 79ab31804..0f1ec09a7 100644
--- a/src/libstrongswan/plugins/ccm/ccm_aead.h
+++ b/src/libstrongswan/plugins/ccm/ccm_aead.h
@@ -44,8 +44,10 @@ struct ccm_aead_t {
  *
  * @param algo			algorithm to implement, a CCM mode
  * @param key_size		key size in bytes
+ * @param salt_size		size of implicit salt length
  * @return				aead, NULL if not supported
  */
-ccm_aead_t *ccm_aead_create(encryption_algorithm_t algo, size_t key_size);
+ccm_aead_t *ccm_aead_create(encryption_algorithm_t algo, size_t key_size,
+							size_t salt_size);
 
 #endif /** CCM_AEAD_H_ @}*/
diff --git a/src/libstrongswan/plugins/cmac/Makefile.in b/src/libstrongswan/plugins/cmac/Makefile.in
index 620d8359f..a609e7177 100644
--- a/src/libstrongswan/plugins/cmac/Makefile.in
+++ b/src/libstrongswan/plugins/cmac/Makefile.in
@@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/constraints/Makefile.in b/src/libstrongswan/plugins/constraints/Makefile.in
index 060287d1c..654800b65 100644
--- a/src/libstrongswan/plugins/constraints/Makefile.in
+++ b/src/libstrongswan/plugins/constraints/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/ctr/Makefile.in b/src/libstrongswan/plugins/ctr/Makefile.in
index ff34435a2..b6789e76d 100644
--- a/src/libstrongswan/plugins/ctr/Makefile.in
+++ b/src/libstrongswan/plugins/ctr/Makefile.in
@@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/curl/Makefile.in b/src/libstrongswan/plugins/curl/Makefile.in
index a756a0a7e..67a92b3c2 100644
--- a/src/libstrongswan/plugins/curl/Makefile.in
+++ b/src/libstrongswan/plugins/curl/Makefile.in
@@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/des/Makefile.in b/src/libstrongswan/plugins/des/Makefile.in
index ca79430c9..fb38b0738 100644
--- a/src/libstrongswan/plugins/des/Makefile.in
+++ b/src/libstrongswan/plugins/des/Makefile.in
@@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/dnskey/Makefile.in b/src/libstrongswan/plugins/dnskey/Makefile.in
index b94b644c0..6986a8156 100644
--- a/src/libstrongswan/plugins/dnskey/Makefile.in
+++ b/src/libstrongswan/plugins/dnskey/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/fips_prf/Makefile.in b/src/libstrongswan/plugins/fips_prf/Makefile.in
index 3bb540d90..71a61f617 100644
--- a/src/libstrongswan/plugins/fips_prf/Makefile.in
+++ b/src/libstrongswan/plugins/fips_prf/Makefile.in
@@ -372,7 +372,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/gcm/Makefile.in b/src/libstrongswan/plugins/gcm/Makefile.in
index 7bce3c983..dbf9d1169 100644
--- a/src/libstrongswan/plugins/gcm/Makefile.in
+++ b/src/libstrongswan/plugins/gcm/Makefile.in
@@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/gcm/gcm_aead.c b/src/libstrongswan/plugins/gcm/gcm_aead.c
index ba5f2e4b3..4ab17017f 100644
--- a/src/libstrongswan/plugins/gcm/gcm_aead.c
+++ b/src/libstrongswan/plugins/gcm/gcm_aead.c
@@ -375,7 +375,8 @@ METHOD(aead_t, destroy, void,
 /**
  * See header
  */
-gcm_aead_t *gcm_aead_create(encryption_algorithm_t algo, size_t key_size)
+gcm_aead_t *gcm_aead_create(encryption_algorithm_t algo,
+							size_t key_size, size_t salt_size)
 {
 	private_gcm_aead_t *this;
 	size_t icv_size;
@@ -392,6 +393,11 @@ gcm_aead_t *gcm_aead_create(encryption_algorithm_t algo, size_t key_size)
 		default:
 			return NULL;
 	}
+	if (salt_size && salt_size != SALT_SIZE)
+	{
+		/* currently not supported */
+		return NULL;
+	}
 	switch (algo)
 	{
 		case ENCR_AES_GCM_ICV8:
diff --git a/src/libstrongswan/plugins/gcm/gcm_aead.h b/src/libstrongswan/plugins/gcm/gcm_aead.h
index 846c3c76c..5c09477c3 100644
--- a/src/libstrongswan/plugins/gcm/gcm_aead.h
+++ b/src/libstrongswan/plugins/gcm/gcm_aead.h
@@ -44,8 +44,10 @@ struct gcm_aead_t {
  *
  * @param algo			algorithm to implement, a gcm mode
  * @param key_size		key size in bytes
+ * @param salt_size		size of implicit salt length
  * @return				aead, NULL if not supported
  */
-gcm_aead_t *gcm_aead_create(encryption_algorithm_t algo, size_t key_size);
+gcm_aead_t *gcm_aead_create(encryption_algorithm_t algo, size_t key_size,
+							size_t salt_size);
 
 #endif /** GCM_AEAD_H_ @}*/
diff --git a/src/libstrongswan/plugins/gcrypt/Makefile.in b/src/libstrongswan/plugins/gcrypt/Makefile.in
index 4ce3cf919..731375dcd 100644
--- a/src/libstrongswan/plugins/gcrypt/Makefile.in
+++ b/src/libstrongswan/plugins/gcrypt/Makefile.in
@@ -374,7 +374,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/gmp/Makefile.in b/src/libstrongswan/plugins/gmp/Makefile.in
index 73e0645b0..6b63e192d 100644
--- a/src/libstrongswan/plugins/gmp/Makefile.in
+++ b/src/libstrongswan/plugins/gmp/Makefile.in
@@ -371,7 +371,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/hmac/Makefile.in b/src/libstrongswan/plugins/hmac/Makefile.in
index f5e38fa90..d255cc95d 100644
--- a/src/libstrongswan/plugins/hmac/Makefile.in
+++ b/src/libstrongswan/plugins/hmac/Makefile.in
@@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/keychain/Makefile.in b/src/libstrongswan/plugins/keychain/Makefile.in
index 42093e413..38a478b77 100644
--- a/src/libstrongswan/plugins/keychain/Makefile.in
+++ b/src/libstrongswan/plugins/keychain/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/ldap/Makefile.in b/src/libstrongswan/plugins/ldap/Makefile.in
index 7f14fbf8e..bd5bd43f2 100644
--- a/src/libstrongswan/plugins/ldap/Makefile.in
+++ b/src/libstrongswan/plugins/ldap/Makefile.in
@@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/md4/Makefile.in b/src/libstrongswan/plugins/md4/Makefile.in
index bdd446cd3..a5caf8df5 100644
--- a/src/libstrongswan/plugins/md4/Makefile.in
+++ b/src/libstrongswan/plugins/md4/Makefile.in
@@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/md5/Makefile.in b/src/libstrongswan/plugins/md5/Makefile.in
index 32aac7bfa..c44893149 100644
--- a/src/libstrongswan/plugins/md5/Makefile.in
+++ b/src/libstrongswan/plugins/md5/Makefile.in
@@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/mysql/Makefile.in b/src/libstrongswan/plugins/mysql/Makefile.in
index a35f8051b..fb36d16a2 100644
--- a/src/libstrongswan/plugins/mysql/Makefile.in
+++ b/src/libstrongswan/plugins/mysql/Makefile.in
@@ -372,7 +372,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/nonce/Makefile.in b/src/libstrongswan/plugins/nonce/Makefile.in
index 25437bdb8..60e45db7c 100644
--- a/src/libstrongswan/plugins/nonce/Makefile.in
+++ b/src/libstrongswan/plugins/nonce/Makefile.in
@@ -371,7 +371,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/ntru/Makefile.am b/src/libstrongswan/plugins/ntru/Makefile.am
index b33cbc8c9..e241554b5 100644
--- a/src/libstrongswan/plugins/ntru/Makefile.am
+++ b/src/libstrongswan/plugins/ntru/Makefile.am
@@ -12,21 +12,15 @@ endif
 
 libstrongswan_ntru_la_SOURCES = \
 	ntru_plugin.h ntru_plugin.c \
+	ntru_convert.h ntru_convert.c \
 	ntru_drbg.h ntru_drbg.c \
 	ntru_ke.h ntru_ke.c \
 	ntru_mgf1.h ntru_mgf1.c \
+	ntru_param_set.h ntru_param_set.c \
 	ntru_poly.h ntru_poly.c \
-	ntru_trits.h ntru_trits.c \
-	ntru_crypto/ntru_crypto.h \
-	ntru_crypto/ntru_crypto_ntru_convert.h \
-	ntru_crypto/ntru_crypto_ntru_convert.c \
-	ntru_crypto/ntru_crypto_ntru_encrypt.c \
-	ntru_crypto/ntru_crypto_ntru_encrypt_key.h \
-	ntru_crypto/ntru_crypto_ntru_encrypt_key.c \
-	ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.h \
-	ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.c \
-	ntru_crypto/ntru_crypto_ntru_poly.h \
-	ntru_crypto/ntru_crypto_ntru_poly.c
+	ntru_public_key.h ntru_public_key.c \
+	ntru_private_key.h ntru_private_key.c \
+	ntru_trits.h ntru_trits.c
 
 libstrongswan_ntru_la_LDFLAGS = -module -avoid-version
 
diff --git a/src/libstrongswan/plugins/ntru/Makefile.in b/src/libstrongswan/plugins/ntru/Makefile.in
index af192d203..38258048f 100644
--- a/src/libstrongswan/plugins/ntru/Makefile.in
+++ b/src/libstrongswan/plugins/ntru/Makefile.in
@@ -128,14 +128,10 @@ am__uninstall_files_from_dir = { \
 am__installdirs = "$(DESTDIR)$(plugindir)"
 LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
 libstrongswan_ntru_la_LIBADD =
-am__dirstamp = $(am__leading_dot)dirstamp
-am_libstrongswan_ntru_la_OBJECTS = ntru_plugin.lo ntru_drbg.lo \
-	ntru_ke.lo ntru_mgf1.lo ntru_poly.lo ntru_trits.lo \
-	ntru_crypto/ntru_crypto_ntru_convert.lo \
-	ntru_crypto/ntru_crypto_ntru_encrypt.lo \
-	ntru_crypto/ntru_crypto_ntru_encrypt_key.lo \
-	ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.lo \
-	ntru_crypto/ntru_crypto_ntru_poly.lo
+am_libstrongswan_ntru_la_OBJECTS = ntru_plugin.lo ntru_convert.lo \
+	ntru_drbg.lo ntru_ke.lo ntru_mgf1.lo ntru_param_set.lo \
+	ntru_poly.lo ntru_public_key.lo ntru_private_key.lo \
+	ntru_trits.lo
 libstrongswan_ntru_la_OBJECTS = $(am_libstrongswan_ntru_la_OBJECTS)
 AM_V_lt = $(am__v_lt_@AM_V@)
 am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
@@ -377,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
@@ -427,21 +422,15 @@ AM_CFLAGS = \
 @MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-ntru.la
 libstrongswan_ntru_la_SOURCES = \
 	ntru_plugin.h ntru_plugin.c \
+	ntru_convert.h ntru_convert.c \
 	ntru_drbg.h ntru_drbg.c \
 	ntru_ke.h ntru_ke.c \
 	ntru_mgf1.h ntru_mgf1.c \
+	ntru_param_set.h ntru_param_set.c \
 	ntru_poly.h ntru_poly.c \
-	ntru_trits.h ntru_trits.c \
-	ntru_crypto/ntru_crypto.h \
-	ntru_crypto/ntru_crypto_ntru_convert.h \
-	ntru_crypto/ntru_crypto_ntru_convert.c \
-	ntru_crypto/ntru_crypto_ntru_encrypt.c \
-	ntru_crypto/ntru_crypto_ntru_encrypt_key.h \
-	ntru_crypto/ntru_crypto_ntru_encrypt_key.c \
-	ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.h \
-	ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.c \
-	ntru_crypto/ntru_crypto_ntru_poly.h \
-	ntru_crypto/ntru_crypto_ntru_poly.c
+	ntru_public_key.h ntru_public_key.c \
+	ntru_private_key.h ntru_private_key.c \
+	ntru_trits.h ntru_trits.c
 
 libstrongswan_ntru_la_LDFLAGS = -module -avoid-version
 all: all-am
@@ -524,47 +513,26 @@ clean-pluginLTLIBRARIES:
 	  echo rm -f $${locs}; \
 	  rm -f $${locs}; \
 	}
-ntru_crypto/$(am__dirstamp):
-	@$(MKDIR_P) ntru_crypto
-	@: > ntru_crypto/$(am__dirstamp)
-ntru_crypto/$(DEPDIR)/$(am__dirstamp):
-	@$(MKDIR_P) ntru_crypto/$(DEPDIR)
-	@: > ntru_crypto/$(DEPDIR)/$(am__dirstamp)
-ntru_crypto/ntru_crypto_ntru_convert.lo: ntru_crypto/$(am__dirstamp) \
-	ntru_crypto/$(DEPDIR)/$(am__dirstamp)
-ntru_crypto/ntru_crypto_ntru_encrypt.lo: ntru_crypto/$(am__dirstamp) \
-	ntru_crypto/$(DEPDIR)/$(am__dirstamp)
-ntru_crypto/ntru_crypto_ntru_encrypt_key.lo:  \
-	ntru_crypto/$(am__dirstamp) \
-	ntru_crypto/$(DEPDIR)/$(am__dirstamp)
-ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.lo:  \
-	ntru_crypto/$(am__dirstamp) \
-	ntru_crypto/$(DEPDIR)/$(am__dirstamp)
-ntru_crypto/ntru_crypto_ntru_poly.lo: ntru_crypto/$(am__dirstamp) \
-	ntru_crypto/$(DEPDIR)/$(am__dirstamp)
 
 libstrongswan-ntru.la: $(libstrongswan_ntru_la_OBJECTS) $(libstrongswan_ntru_la_DEPENDENCIES) $(EXTRA_libstrongswan_ntru_la_DEPENDENCIES) 
 	$(AM_V_CCLD)$(libstrongswan_ntru_la_LINK) $(am_libstrongswan_ntru_la_rpath) $(libstrongswan_ntru_la_OBJECTS) $(libstrongswan_ntru_la_LIBADD) $(LIBS)
 
 mostlyclean-compile:
 	-rm -f *.$(OBJEXT)
-	-rm -f ntru_crypto/*.$(OBJEXT)
-	-rm -f ntru_crypto/*.lo
 
 distclean-compile:
 	-rm -f *.tab.c
 
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_convert.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_drbg.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_ke.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_mgf1.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_param_set.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_plugin.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_poly.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_private_key.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_public_key.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_trits.Plo@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@ntru_crypto/$(DEPDIR)/ntru_crypto_ntru_convert.Plo@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@ntru_crypto/$(DEPDIR)/ntru_crypto_ntru_encrypt.Plo@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@ntru_crypto/$(DEPDIR)/ntru_crypto_ntru_encrypt_key.Plo@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@ntru_crypto/$(DEPDIR)/ntru_crypto_ntru_encrypt_param_sets.Plo@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@ntru_crypto/$(DEPDIR)/ntru_crypto_ntru_poly.Plo@am__quote@
 
 .c.o:
 @am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
@@ -595,7 +563,6 @@ mostlyclean-libtool:
 
 clean-libtool:
 	-rm -rf .libs _libs
-	-rm -rf ntru_crypto/.libs ntru_crypto/_libs
 
 ID: $(am__tagged_files)
 	$(am__define_uniq_tagged_files); mkid -fID $$unique
@@ -712,8 +679,6 @@ clean-generic:
 distclean-generic:
 	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
 	-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
-	-rm -f ntru_crypto/$(DEPDIR)/$(am__dirstamp)
-	-rm -f ntru_crypto/$(am__dirstamp)
 
 maintainer-clean-generic:
 	@echo "This command is intended for maintainers to use"
@@ -724,7 +689,7 @@ clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
 	clean-pluginLTLIBRARIES mostlyclean-am
 
 distclean: distclean-am
-	-rm -rf ./$(DEPDIR) ntru_crypto/$(DEPDIR)
+	-rm -rf ./$(DEPDIR)
 	-rm -f Makefile
 distclean-am: clean-am distclean-compile distclean-generic \
 	distclean-tags
@@ -770,7 +735,7 @@ install-ps-am:
 installcheck-am:
 
 maintainer-clean: maintainer-clean-am
-	-rm -rf ./$(DEPDIR) ntru_crypto/$(DEPDIR)
+	-rm -rf ./$(DEPDIR)
 	-rm -f Makefile
 maintainer-clean-am: distclean-am maintainer-clean-generic
 
diff --git a/src/libstrongswan/plugins/ntru/ntru_convert.c b/src/libstrongswan/plugins/ntru/ntru_convert.c
new file mode 100644
index 000000000..6330b2e39
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_convert.c
@@ -0,0 +1,452 @@
+/*
+ * Copyright (C) 2014 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * Copyright (C) 2009-2013  Security Innovation
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <stdlib.h>
+#include <string.h>
+
+#include "ntru_convert.h"
+
+/**
+ * 3-bit to 2-trit conversion tables: 2 represents -1
+ */
+static uint8_t const bits_2_trit1[] = {0, 0, 0, 1, 1, 1, 2, 2};
+static uint8_t const bits_2_trit2[] = {0, 1, 2, 0, 1, 2, 0, 1};
+
+/**
+ * See header.
+ */
+void ntru_bits_2_trits(uint8_t const *octets, uint16_t num_trits, uint8_t *trits)
+{
+	uint32_t bits24, bits3, shift;
+
+	while (num_trits >= 16)
+	{
+		/* get next three octets */
+		bits24  = ((uint32_t)(*octets++)) << 16;
+		bits24 |= ((uint32_t)(*octets++)) <<  8;
+		bits24 |=  (uint32_t)(*octets++);
+
+		/* for each 3 bits in the three octets, output 2 trits */
+		bits3 = (bits24 >> 21) & 0x7;
+		*trits++ = bits_2_trit1[bits3];
+		*trits++ = bits_2_trit2[bits3];
+
+		bits3 = (bits24 >> 18) & 0x7;
+		*trits++ = bits_2_trit1[bits3];
+		*trits++ = bits_2_trit2[bits3];
+
+		bits3 = (bits24 >> 15) & 0x7;
+		*trits++ = bits_2_trit1[bits3];
+		*trits++ = bits_2_trit2[bits3];
+
+		bits3 = (bits24 >> 12) & 0x7;
+		*trits++ = bits_2_trit1[bits3];
+		*trits++ = bits_2_trit2[bits3];
+
+		bits3 = (bits24 >>  9) & 0x7;
+		*trits++ = bits_2_trit1[bits3];
+		*trits++ = bits_2_trit2[bits3];
+
+		bits3 = (bits24 >>  6) & 0x7;
+		*trits++ = bits_2_trit1[bits3];
+		*trits++ = bits_2_trit2[bits3];
+
+		bits3 = (bits24 >>  3) & 0x7;
+		*trits++ = bits_2_trit1[bits3];
+		*trits++ = bits_2_trit2[bits3];
+
+		bits3 = bits24 & 0x7;
+		*trits++ = bits_2_trit1[bits3];
+		*trits++ = bits_2_trit2[bits3];
+
+		num_trits -= 16;
+	}
+	if (num_trits == 0)
+	{
+		return;
+	}
+
+	/* get three octets */
+	bits24  = ((uint32_t)(*octets++)) << 16;
+	bits24 |= ((uint32_t)(*octets++)) <<  8;
+	bits24 |=  (uint32_t)(*octets++);
+
+	shift = 21;
+	while (num_trits)
+	{
+		/**
+		 * for each 3 bits in the three octets, output up to 2 trits
+		 * until all trits needed are produced
+		 */
+		bits3 = (bits24 >> shift) & 0x7;
+		shift -= 3;
+		*trits++ = bits_2_trit1[bits3];
+		if (--num_trits)
+		{
+			*trits++ = bits_2_trit2[bits3];
+			--num_trits;
+		}
+	}
+}
+
+/**
+ * See header.
+ */
+bool ntru_trits_2_bits(uint8_t const *trits, uint32_t num_trits, uint8_t *octets)
+{
+	bool all_trits_valid = TRUE;
+	uint32_t bits24, bits3, shift;
+
+	while (num_trits >= 16)
+	{
+		/* convert each 2 trits to 3 bits and pack */
+		bits3  = *trits++ * 3;
+		bits3 += *trits++;
+		if (bits3 > 7)
+		{
+			bits3 = 7;
+			all_trits_valid = FALSE;
+		}
+		bits24 = (bits3 << 21);
+
+		bits3  = *trits++ * 3;
+		bits3 += *trits++;
+		if (bits3 > 7)
+		{
+			bits3 = 7;
+			all_trits_valid = FALSE;
+		}
+		bits24 |= (bits3 << 18);
+
+		bits3  = *trits++ * 3;
+		bits3 += *trits++;
+		if (bits3 > 7)
+		{
+			bits3 = 7;
+			all_trits_valid = FALSE;
+		}
+		bits24 |= (bits3 << 15);
+
+		bits3  = *trits++ * 3;
+		bits3 += *trits++;
+		if (bits3 > 7)
+		{
+			bits3 = 7;
+			all_trits_valid = FALSE;
+		}
+		bits24 |= (bits3 << 12);
+
+		bits3  = *trits++ * 3;
+		bits3 += *trits++;
+		if (bits3 > 7)
+		{
+			bits3 = 7;
+			all_trits_valid = FALSE;
+		}
+		bits24 |= (bits3 <<  9);
+
+		bits3  = *trits++ * 3;
+		bits3 += *trits++;
+		if (bits3 > 7)
+		{
+			bits3 = 7;
+			all_trits_valid = FALSE;
+		}
+		bits24 |= (bits3 <<  6);
+
+		bits3  = *trits++ * 3;
+		bits3 += *trits++;
+		if (bits3 > 7)
+		{
+			bits3 = 7;
+			all_trits_valid = FALSE;
+		}
+		bits24 |= (bits3 <<  3);
+
+		bits3  = *trits++ * 3;
+		bits3 += *trits++;
+		if (bits3 > 7)
+		{
+			bits3 = 7;
+			all_trits_valid = FALSE;
+		}
+		bits24 |= bits3;
+
+		num_trits -= 16;
+
+		/* output three octets */
+		*octets++ = (uint8_t)((bits24 >> 16) & 0xff);
+		*octets++ = (uint8_t)((bits24 >>  8) & 0xff);
+		*octets++ = (uint8_t)(bits24 & 0xff);
+	}
+
+	bits24 = 0;
+	shift = 21;
+	while (num_trits)
+	{
+		/* convert each 2 trits to 3 bits and pack */
+		bits3 = *trits++ * 3;
+		if (--num_trits)
+		{
+			bits3 += *trits++;
+			--num_trits;
+		}
+		if (bits3 > 7)
+		{
+			bits3 = 7;
+			all_trits_valid = FALSE;
+		}
+		bits24 |= (bits3 << shift);
+		shift -= 3;
+	}
+
+	/* output three octets */
+	*octets++ = (uint8_t)((bits24 >> 16) & 0xff);
+	*octets++ = (uint8_t)((bits24 >>  8) & 0xff);
+	*octets++ = (uint8_t)(bits24 & 0xff);
+
+	return all_trits_valid;
+}
+
+/**
+ * See header
+ */
+void ntru_coeffs_mod4_2_octets(uint16_t num_coeffs, uint16_t const *coeffs, uint8_t *octets)
+{
+    uint8_t bits2;
+    int shift, i;
+
+	*octets = 0;
+	shift = 6;
+	for (i = 0; i < num_coeffs; i++)
+	{
+		bits2 = (uint8_t)(coeffs[i] & 0x3);
+		*octets |= bits2 << shift;
+		shift -= 2;
+		if (shift < 0)
+		{
+			++octets;
+			*octets = 0;
+			shift = 6;
+		}
+	}
+}
+
+/**
+ * See header.
+ */
+void ntru_trits_2_octet(uint8_t const *trits, uint8_t *octet)
+{
+	int i;
+
+	*octet = 0;
+	for (i = 4; i >= 0; i--)
+	{
+		*octet = (*octet * 3) + trits[i];
+	}
+}
+
+/**
+ * See header.
+ */
+void ntru_octet_2_trits(uint8_t octet, uint8_t *trits)
+{
+	int i;
+
+	for (i = 0; i < 5; i++)
+	{
+		trits[i] = octet % 3;
+		octet = (octet - trits[i]) / 3;
+	}
+}
+
+/**
+ * See header.
+ */
+void ntru_indices_2_trits(uint16_t in_len, uint16_t const *in, bool plus1,
+						  uint8_t *out)
+{
+	uint8_t trit = plus1 ? 1 : 2;
+	int  i;
+
+    for (i = 0; i < in_len; i++)
+	{
+		out[in[i]] = trit;
+	}
+}
+
+/**
+ * See header.
+ */
+void ntru_packed_trits_2_indices(uint8_t const *in, uint16_t num_trits,
+								 uint16_t *indices_plus1,
+								 uint16_t *indices_minus1)
+{
+	uint8_t trits[5];
+	uint16_t i = 0;
+	int j;
+
+	while (num_trits >= 5)
+	{
+		ntru_octet_2_trits(*in++, trits);
+		num_trits -= 5;
+		for (j = 0; j < 5; j++, i++)
+		{
+			if (trits[j] == 1)
+			{
+				*indices_plus1 = i;
+				++indices_plus1;
+			}
+			else if (trits[j] == 2)
+			{
+				*indices_minus1 = i;
+				++indices_minus1;
+			}
+		}
+    }
+	if (num_trits)
+	{
+		ntru_octet_2_trits(*in, trits);
+		for (j = 0; num_trits && (j < 5); j++, i++)
+		{
+			if (trits[j] == 1)
+			{
+				*indices_plus1 = i;
+				++indices_plus1;
+			}
+			else if (trits[j] == 2)
+			{
+				*indices_minus1 = i;
+				++indices_minus1;
+			}
+			--num_trits;
+		}
+	}
+}
+
+/**
+ * See header.
+ */
+void ntru_indices_2_packed_trits(uint16_t const *indices, uint16_t num_plus1,
+								 uint16_t num_minus1, uint16_t num_trits,
+								 uint8_t *buf, uint8_t *out)
+{
+	/* convert indices to an array of trits */
+	memset(buf, 0, num_trits);
+	ntru_indices_2_trits(num_plus1, indices, TRUE, buf);
+	ntru_indices_2_trits(num_minus1, indices + num_plus1, FALSE, buf);
+
+	/* pack the array of trits */
+	while (num_trits >= 5)
+	{
+		ntru_trits_2_octet(buf, out);
+		num_trits -= 5;
+		buf += 5;
+		++out;
+	}
+	if (num_trits)
+	{
+		uint8_t trits[5];
+
+		memcpy(trits, buf, num_trits);
+		memset(trits + num_trits, 0, sizeof(trits) - num_trits);
+		ntru_trits_2_octet(trits, out);
+	}
+}
+
+/**
+ * See header
+ */
+void ntru_elements_2_octets(uint16_t in_len, uint16_t const *in, uint8_t n_bits,
+							uint8_t *out)
+{
+	uint16_t temp;
+	int shift, i;
+
+	/* pack */
+	temp = 0;
+	shift = n_bits - 8;
+	i = 0;
+	while (i < in_len)
+	{
+		/* add bits to temp to fill an octet and output the octet */
+		temp |= in[i] >> shift;
+		*out++ = (uint8_t)(temp & 0xff);
+		shift = 8 - shift;
+		if (shift < 1)
+		{
+			/* next full octet is in current input word */
+			shift += n_bits;
+			temp = 0;
+		}
+		else
+		{
+			/* put remaining bits of input word in temp as partial octet,
+			 * and increment index to next input word
+			 */
+			temp = in[i] << (uint16_t)shift;
+			++i;
+		}
+		shift = n_bits - shift;
+	}
+
+	/* output any bits remaining in last input word */
+	if (shift != n_bits - 8)
+	{
+		*out++ = (uint8_t)(temp & 0xff);
+	}
+}
+
+
+/**
+ * See header.
+ */
+void ntru_octets_2_elements(uint16_t in_len, uint8_t const *in, uint8_t n_bits,
+							uint16_t *out)
+{
+	uint16_t  temp;
+	uint16_t  mask = (1 << n_bits) - 1;
+	int shift, i;
+
+	/* unpack */
+	temp = 0;
+	shift = n_bits;
+	i = 0;
+	while (i < in_len)
+	{
+		shift = 8 - shift;
+		if (shift < 0)
+		{
+			/* the current octet will not fill the current element */
+			shift += n_bits;
+		}
+		else
+		{
+			/* add bits from the current octet to fill the current element and
+			 * output the element
+			 */
+			temp |= ((uint16_t)in[i]) >> shift;
+			*out++ = temp & mask;
+			temp = 0;
+		}
+
+		/* add the remaining bits of the current octet to start an element */
+		shift = n_bits - shift;
+		temp |= ((uint16_t)in[i]) << shift;
+		++i;
+	}
+}
diff --git a/src/libstrongswan/plugins/ntru/ntru_convert.h b/src/libstrongswan/plugins/ntru/ntru_convert.h
new file mode 100644
index 000000000..31594b1f6
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_convert.h
@@ -0,0 +1,147 @@
+/*
+ * Copyright (C) 2014 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * Copyright (C) 2009-2013  Security Innovation
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup ntru_convert ntru_convert
+ * @{ @ingroup ntru_p
+ */
+
+#ifndef NTRU_CONVERT_H_
+#define NTRU_CONVERT_H_
+
+#include <library.h>
+
+/**
+ * Each 3 bits in an array of octets is converted to 2 trits in an array
+ * of trits.
+ *
+ * @param octets		pointer to array of octets
+ * @param num_trits		number of trits to produce
+ * @param trits			address for array of trits
+ */
+void ntru_bits_2_trits(uint8_t const *octets, uint16_t num_trits,
+					   uint8_t *trits);
+
+/**
+ * Each 2 trits in an array of trits is converted to 3 bits, and the bits
+ * are packed in an array of octets.  A multiple of 3 octets is output.
+ * Any bits in the final octets not derived from trits are zero.
+ *
+ * @param trits				pointer to array of trits
+ * @param num_trits			number of trits to convert
+ * @param octets			address for array of octets
+ * @return					TRUE if all trits were valid
+ *                     		FALSE if invalid trits were found
+ */
+bool ntru_trits_2_bits(uint8_t const *trits, uint32_t num_trits,
+					   uint8_t *octets);
+
+/**
+ * Takes an array of coefficients mod 4 and packs the results into an
+ * octet string.
+ *
+ * @param num_coeffs		number of coefficients
+ * @param coeffs			pointer to coefficients
+ * @param octets			address for octets
+ */
+void ntru_coeffs_mod4_2_octets(uint16_t num_coeffs, uint16_t const *coeffs,
+							   uint8_t *octets);
+
+/**
+ * Packs 5 trits in an octet, where a trit is 0, 1, or 2 (-1).
+ *
+ * @param trits				pointer to trits
+ * @param octet				address for octet
+ */
+void ntru_trits_2_octet(uint8_t const *trits, uint8_t *octet);
+
+/**
+ * Unpacks an octet to 5 trits, where a trit is 0, 1, or 2 (-1).
+ *
+ * @param octet				octet to be unpacked
+ * @param trits				address for trits
+ */
+void ntru_octet_2_trits(uint8_t  octet, uint8_t *trits);
+
+/**
+ *
+ * Converts a list of the nonzero indices of a polynomial into an array of
+ * trits.
+ *
+ * @param in_len			no. of indices
+ * @param in				pointer to list of indices
+ * @param plus1				if list is +1 coefficients
+ * @param out				address of output polynomial
+ */
+void ntru_indices_2_trits(uint16_t in_len, uint16_t const *in, bool plus1,
+						  uint8_t *out);
+
+/**
+ * Unpacks an array of N trits and creates a list of array indices 
+ * corresponding to trits = +1, and list of array indices corresponding to
+ * trits = -1.
+ *
+ * @param in				pointer to packed-trit octets
+ * @param num_trits			no. of packed trits
+ * @param indices_plus1		address for indices of +1 trits
+ * @param indices_minus1	address for indices of -1 trits
+ */
+void ntru_packed_trits_2_indices(uint8_t const *in, uint16_t num_trits,
+								 uint16_t *indices_plus1,
+								 uint16_t *indices_minus1);
+
+/**
+ * Takes a list of array indices corresponding to elements whose values
+ * are +1 or -1, and packs the N-element array of trits described by these
+ * lists into octets, 5 trits per octet.
+ *
+ * @param indices			pointer to indices
+ * @param num_plus1			no. of indices for +1 trits
+ * @param num_minus1		no. of indices for -1 trits
+ * @param num_trits			N, no. of trits in array
+ * @param buf				temp buf, N octets
+ * @param out				address for packed octet
+ */
+void ntru_indices_2_packed_trits(uint16_t const *indices, uint16_t num_plus1,
+								 uint16_t num_minus1, uint16_t num_trits,
+								 uint8_t *buf, uint8_t *out);
+
+/**
+ * Packs an array of n-bit elements into an array of
+ * ((in_len * n_bits) + 7) / 8 octets, 8 < n_bits < 16.
+ *
+ * @param in_len			no. of elements to be packed
+ * @param in				ptr to elements to be packed
+ * @param n_bits			no. of bits in input element
+ * @param out				addr for output octets
+ */
+void ntru_elements_2_octets(uint16_t in_len, uint16_t const *in, uint8_t n_bits,
+							uint8_t *out);
+
+/**
+ * Unpacks an octet string into an array of ((in_len * 8) / n_bits)
+ * n-bit elements, 8 < n < 16.  Any extra bits are discarded.
+ *
+ * @param in_len			no. of octets to be unpacked
+ * @param in				ptr to octets to be unpacked
+ * @param n_bits			no. of bits in output element
+ * @param out				addr for output elements
+ */
+void ntru_octets_2_elements(uint16_t in_len, uint8_t const *in, uint8_t n_bits,
+							uint16_t *out);
+
+#endif /** NTRU_CONVERT_H_ @}*/
diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto.h b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto.h
deleted file mode 100644
index 72f47035e..000000000
--- a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto.h
+++ /dev/null
@@ -1,235 +0,0 @@
-/******************************************************************************
- * NTRU Cryptography Reference Source Code
- * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved. 
- *
- * ntru_crypto.h is a component of ntru-crypto.
- *
- * Copyright (C) 2009-2013  Security Innovation
- * 
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
- * 
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- * 
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- *
- *****************************************************************************/
- 
- 
-/******************************************************************************
- *
- * File: ntru_crypto.h
- *
- * Contents: Public header file for NTRUEncrypt.
- *
- *****************************************************************************/
-
-#ifndef NTRU_CRYPTO_H
-#define NTRU_CRYPTO_H
-
-#include <library.h>
-
-#include "ntru_drbg.h"
-
-#if !defined( NTRUCALL )
-  #if !defined(WIN32) || defined (NTRUCRYPTO_STATIC)
-    // Linux, or a Win32 static library
-    #define NTRUCALL extern uint32_t
-  #elif defined (NTRUCRYPTO_EXPORTS)
-    // Win32 DLL build
-    #define NTRUCALL extern __declspec(dllexport) uint32_t
-  #else
-    // Win32 DLL import
-    #define NTRUCALL extern __declspec(dllimport) uint32_t
-  #endif
-#endif /* NTRUCALL */
-
-/* parameter set ID list */
-
-typedef enum _NTRU_ENCRYPT_PARAM_SET_ID {
-    NTRU_EES401EP1,
-    NTRU_EES449EP1,
-    NTRU_EES677EP1,
-    NTRU_EES1087EP2,
-    NTRU_EES541EP1,
-    NTRU_EES613EP1,
-    NTRU_EES887EP1,
-    NTRU_EES1171EP1,
-    NTRU_EES659EP1,
-    NTRU_EES761EP1,
-    NTRU_EES1087EP1,
-    NTRU_EES1499EP1,
-    NTRU_EES401EP2,
-    NTRU_EES439EP1,
-    NTRU_EES593EP1,
-    NTRU_EES743EP1,
-} NTRU_ENCRYPT_PARAM_SET_ID;
-
-
-/* error codes */
-
-#define NTRU_OK                     0
-#define NTRU_FAIL                   1
-#define NTRU_BAD_PARAMETER          2
-#define NTRU_BAD_LENGTH             3
-#define NTRU_BUFFER_TOO_SMALL       4
-#define NTRU_INVALID_PARAMETER_SET  5
-#define NTRU_BAD_PUBLIC_KEY         6
-#define NTRU_BAD_PRIVATE_KEY        7
-#define NTRU_OUT_OF_MEMORY          8
-#define NTRU_BAD_ENCODING           9
-#define NTRU_OID_NOT_RECOGNIZED    10
-#define NTRU_DRBG_FAIL             11
-#define NTRU_MGF1_FAIL             12
-
-/* function declarations */
-
-/* ntru_crypto_ntru_encrypt
- *
- * Implements NTRU encryption (SVES) for the parameter set specified in
- * the public key blob.
- *
- * Before invoking this function, a DRBG must be instantiated using
- * ntru_crypto_drbg_instantiate() to obtain a DRBG handle, and in that
- * instantiation the requested security strength must be at least as large
- * as the security strength of the NTRU parameter set being used.
- * Failure to instantiate the DRBG with the proper security strength will
- * result in this function returning DRBG_ERROR_BASE + DRBG_BAD_LENGTH.
- *
- * The required minimum size of the output ciphertext buffer (ct) may be
- * queried by invoking this function with ct = NULL.  In this case, no
- * encryption is performed, NTRU_OK is returned, and the required minimum
- * size for ct is returned in ct_len.
- *
- * When ct != NULL, at invocation *ct_len must be the size of the ct buffer.
- * Upon return it is the actual size of the ciphertext.
- *
- * Returns NTRU_OK if successful.
- * Returns NTRU_DRBG_FAIL if the DRBG handle is invalid.
- * Returns NTRU_BAD_PARAMETER if an argument pointer (other than ct) is NULL.
- * Returns NTRU_BAD_LENGTH if a length argument (pubkey_blob_len or pt_len) is
- *  zero, or if pt_len exceeds the maximum plaintext length for the parameter set.
- * Returns NTRU_BAD_PUBLIC_KEY if the public-key blob is invalid
- *  (unknown format, corrupt, bad length).
- * Returns NTRU_BUFFER_TOO_SMALL if the ciphertext buffer is too small.
- * Returns NTRU_NO_MEMORY if memory needed cannot be allocated from the heap.
- */
-
-NTRUCALL
-ntru_crypto_ntru_encrypt(
-    ntru_drbg_t     *drbg      ,     /*     in - handle for DRBG */
-    uint16_t        pubkey_blob_len, /*     in - no. of octets in public key
-                                                 blob */
-    uint8_t const  *pubkey_blob,     /*     in - pointer to public key */
-    uint16_t        pt_len,          /*     in - no. of octets in plaintext */
-    uint8_t const  *pt,              /*     in - pointer to plaintext */
-    uint16_t       *ct_len,          /* in/out - no. of octets in ct, addr for
-                                                 no. of octets in ciphertext */
-    uint8_t        *ct);             /*    out - address for ciphertext */
-
-
-/* ntru_crypto_ntru_decrypt
- *
- * Implements NTRU decryption (SVES) for the parameter set specified in
- * the private key blob.
- *
- * The maximum size of the output plaintext may be queried by invoking
- * this function with pt = NULL.  In this case, no decryption is performed,
- * NTRU_OK is returned, and the maximum size the plaintext could be is
- * returned in pt_len.
- * Note that until the decryption is performed successfully, the actual size
- * of the resulting plaintext cannot be known.
- *
- * When pt != NULL, at invocation *pt_len must be the size of the pt buffer.
- * Upon return it is the actual size of the plaintext.
- *
- * Returns NTRU_OK if successful.
- * Returns NTRU_BAD_PARAMETER if an argument pointer (other than pt) is NULL.
- * Returns NTRU_BAD_LENGTH if a length argument (privkey_blob) is zero, or if
- *  ct_len is invalid for the parameter set.
- * Returns NTRU_BAD_PRIVATE_KEY if the private-key blob is invalid
- *  (unknown format, corrupt, bad length).
- * Returns NTRU_BUFFER_TOO_SMALL if the plaintext buffer is too small.
- * Returns NTRU_NO_MEMORY if memory needed cannot be allocated from the heap.
- * Returns NTRU_FAIL if a decryption error occurs.
- */
-
-NTRUCALL
-ntru_crypto_ntru_decrypt(
-    uint16_t       privkey_blob_len, /*     in - no. of octets in private key
-                                                 blob */
-    uint8_t const *privkey_blob,     /*     in - pointer to private key */
-    uint16_t       ct_len,           /*     in - no. of octets in ciphertext */
-    uint8_t const *ct,               /*     in - pointer to ciphertext */
-    uint16_t      *pt_len,           /* in/out - no. of octets in pt, addr for
-                                                 no. of octets in plaintext */
-    uint8_t       *pt);              /*    out - address for plaintext */
-
-
-/* ntru_crypto_ntru_encrypt_keygen
- *
- * Implements key generation for NTRUEncrypt for the parameter set specified.
- *
- * Before invoking this function, a DRBG must be instantiated using
- * ntru_crypto_drbg_instantiate() to obtain a DRBG handle, and in that
- * instantiation the requested security strength must be at least as large
- * as the security strength of the NTRU parameter set being used.
- * Failure to instantiate the DRBG with the proper security strength will
- * result in this function returning NTRU_DRBG_FAIL.
- *
- * The required minimum size of the output public-key buffer (pubkey_blob)
- * may be queried by invoking this function with pubkey_blob = NULL.
- * In this case, no key generation is performed, NTRU_OK is returned, and
- * the required minimum size for pubkey_blob is returned in pubkey_blob_len.
- *
- * The required minimum size of the output private-key buffer (privkey_blob)
- * may be queried by invoking this function with privkey_blob = NULL.
- * In this case, no key generation is performed, NTRU_OK is returned, and
- * the required minimum size for privkey_blob is returned in privkey_blob_len.
- *
- * The required minimum sizes of both pubkey_blob and privkey_blob may be
- * queried as described above, in a single invocation of this function.
- *
- * When pubkey_blob != NULL and privkey_blob != NULL, at invocation
- * *pubkey_blob_len must be the size of the pubkey_blob buffer and
- * *privkey_blob_len must be the size of the privkey_blob buffer.
- * Upon return, *pubkey_blob_len is the actual size of the public-key blob
- * and *privkey_blob_len is the actual size of the private-key blob.
- *
- * Returns NTRU_OK if successful.
- * Returns NTRU_BAD_PARAMETER if an argument pointer (other than pubkey_blob
- * or privkey_blob) is NULL.
- * Returns NTRU_INVALID_PARAMETER_SET if the parameter-set ID is invalid.
- * Returns NTRU_BAD_LENGTH if a length argument is invalid.
- * Returns NTRU_BUFFER_TOO_SMALL if either the pubkey_blob buffer or the
- *  privkey_blob buffer is too small.
- * Returns NTRU_NO_MEMORY if memory needed cannot be allocated from the heap.
- * Returns NTRU_FAIL if the polynomial generated for f is not invertible in
- *  (Z/qZ)[X]/(X^N - 1), which is extremely unlikely.
- *  Should this occur, this function should simply be invoked again.
- */
-
-NTRUCALL
-ntru_crypto_ntru_encrypt_keygen(
-    ntru_drbg_t               *drbg,             /*     in - handle of DRBG */
-    NTRU_ENCRYPT_PARAM_SET_ID  param_set_id,     /*     in - parameter set ID */
-    uint16_t                  *pubkey_blob_len,  /* in/out - no. of octets in
-                                                             pubkey_blob, addr
-                                                             for no. of octets
-                                                             in pubkey_blob */
-    uint8_t                   *pubkey_blob,      /*    out - address for
-                                                             public key blob */
-    uint16_t                  *privkey_blob_len, /* in/out - no. of octets in
-                                                             privkey_blob, addr
-                                                             for no. of octets
-                                                             in privkey_blob */
-    uint8_t                   *privkey_blob);    /*    out - address for
-                                                             private key blob */
-#endif /* NTRU_CRYPTO_H */
diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_convert.c b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_convert.c
deleted file mode 100644
index 3d6dfde41..000000000
--- a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_convert.c
+++ /dev/null
@@ -1,581 +0,0 @@
-/******************************************************************************
- * NTRU Cryptography Reference Source Code
- * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved. 
- *
- * ntru_crypto_ntru_convert.c is a component of ntru-crypto.
- *
- * Copyright (C) 2009-2013  Security Innovation
- * 
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
- * 
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- * 
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- *
- *****************************************************************************/
- 
-/******************************************************************************
- *
- * File: ntru_crypto_ntru_convert.c
- *
- * Contents: Conversion routines for NTRUEncrypt, including packing, unpacking,
- *           and others.
- *
- *****************************************************************************/
-
-#include <stdlib.h>
-#include <string.h>
-#include <assert.h>
-#include "ntru_crypto_ntru_convert.h"
-
-
-/* 3-bit to 2-trit conversion tables: 2 represents -1 */
-
-static uint8_t const bits_2_trit1[] = {0, 0, 0, 1, 1, 1, 2, 2};
-static uint8_t const bits_2_trit2[] = {0, 1, 2, 0, 1, 2, 0, 1};
-
-
-/* ntru_bits_2_trits
- *
- * Each 3 bits in an array of octets is converted to 2 trits in an array
- * of trits.
- *
- * The octet array may overlap the end of the trit array.
- */
-
-void
-ntru_bits_2_trits(
-    uint8_t const *octets,          /*  in - pointer to array of octets */
-    uint16_t       num_trits,       /*  in - number of trits to produce */
-    uint8_t       *trits)           /* out - address for array of trits */
-{
-    uint32_t bits24;
-    uint32_t bits3;
-    uint32_t shift;
-
-    assert(octets);
-    assert(trits);
-
-    while (num_trits >= 16) {
-
-        /* get next three octets */
-
-        bits24  = ((uint32_t)(*octets++)) << 16;
-        bits24 |= ((uint32_t)(*octets++)) <<  8;
-        bits24 |=  (uint32_t)(*octets++);
-
-        /* for each 3 bits in the three octets, output 2 trits */
-
-        bits3 = (bits24 >> 21) & 0x7;
-        *trits++ = bits_2_trit1[bits3];
-        *trits++ = bits_2_trit2[bits3];
-
-        bits3 = (bits24 >> 18) & 0x7;
-        *trits++ = bits_2_trit1[bits3];
-        *trits++ = bits_2_trit2[bits3];
-
-        bits3 = (bits24 >> 15) & 0x7;
-        *trits++ = bits_2_trit1[bits3];
-        *trits++ = bits_2_trit2[bits3];
-
-        bits3 = (bits24 >> 12) & 0x7;
-        *trits++ = bits_2_trit1[bits3];
-        *trits++ = bits_2_trit2[bits3];
-
-        bits3 = (bits24 >>  9) & 0x7;
-        *trits++ = bits_2_trit1[bits3];
-        *trits++ = bits_2_trit2[bits3];
-
-        bits3 = (bits24 >>  6) & 0x7;
-        *trits++ = bits_2_trit1[bits3];
-        *trits++ = bits_2_trit2[bits3];
-
-        bits3 = (bits24 >>  3) & 0x7;
-        *trits++ = bits_2_trit1[bits3];
-        *trits++ = bits_2_trit2[bits3];
-
-        bits3 = bits24 & 0x7;
-        *trits++ = bits_2_trit1[bits3];
-        *trits++ = bits_2_trit2[bits3];
-
-        num_trits -= 16;
-    }
-    if (num_trits == 0)
-        return;
-
-    /* get three octets */
-
-    bits24  = ((uint32_t)(*octets++)) << 16;
-    bits24 |= ((uint32_t)(*octets++)) <<  8;
-    bits24 |=  (uint32_t)(*octets++);
-
-    shift = 21;
-    while (num_trits) {
-
-        /* for each 3 bits in the three octets, output up to 2 trits
-         * until all trits needed are produced
-         */
-
-        bits3 = (bits24 >> shift) & 0x7;
-        shift -= 3;
-        *trits++ = bits_2_trit1[bits3];
-        if (--num_trits) {
-            *trits++ = bits_2_trit2[bits3];
-            --num_trits;
-        }
-    }
-}
-
-
-/* ntru_trits_2_bits
- *
- * Each 2 trits in an array of trits is converted to 3 bits, and the bits
- * are packed in an array of octets.  A multiple of 3 octets is output.
- * Any bits in the final octets not derived from trits are zero.
- *
- * Returns TRUE if all trits were valid.
- * Returns FALSE if invalid trits were found.
- */
-
-bool
-ntru_trits_2_bits(
-    uint8_t const *trits,           /*  in - pointer to array of trits */
-    uint32_t       num_trits,       /*  in - number of trits to convert */
-    uint8_t       *octets)          /* out - address for array of octets */
-{
-    bool     all_trits_valid = TRUE;
-    uint32_t bits24;
-    uint32_t bits3;
-    uint32_t shift;
-
-    assert(octets);
-    assert(trits);
-
-    while (num_trits >= 16) {
-
-        /* convert each 2 trits to 3 bits and pack */
-
-        bits3  = *trits++ * 3;
-        bits3 += *trits++;
-        if (bits3 > 7) {
-            bits3 = 7;
-            all_trits_valid = FALSE;
-        }
-        bits24 = (bits3 << 21);
-
-        bits3  = *trits++ * 3;
-        bits3 += *trits++;
-        if (bits3 > 7) {
-            bits3 = 7;
-            all_trits_valid = FALSE;
-        }
-        bits24 |= (bits3 << 18);
-
-        bits3  = *trits++ * 3;
-        bits3 += *trits++;
-        if (bits3 > 7) {
-            bits3 = 7;
-            all_trits_valid = FALSE;
-        }
-        bits24 |= (bits3 << 15);
-
-        bits3  = *trits++ * 3;
-        bits3 += *trits++;
-        if (bits3 > 7) {
-            bits3 = 7;
-            all_trits_valid = FALSE;
-        }
-        bits24 |= (bits3 << 12);
-
-        bits3  = *trits++ * 3;
-        bits3 += *trits++;
-        if (bits3 > 7) {
-            bits3 = 7;
-            all_trits_valid = FALSE;
-        }
-        bits24 |= (bits3 <<  9);
-
-        bits3  = *trits++ * 3;
-        bits3 += *trits++;
-        if (bits3 > 7) {
-            bits3 = 7;
-            all_trits_valid = FALSE;
-        }
-        bits24 |= (bits3 <<  6);
-
-        bits3  = *trits++ * 3;
-        bits3 += *trits++;
-        if (bits3 > 7) {
-            bits3 = 7;
-            all_trits_valid = FALSE;
-        }
-        bits24 |= (bits3 <<  3);
-
-        bits3  = *trits++ * 3;
-        bits3 += *trits++;
-        if (bits3 > 7) {
-            bits3 = 7;
-            all_trits_valid = FALSE;
-        }
-        bits24 |= bits3;
-
-        num_trits -= 16;
-
-        /* output three octets */
-
-        *octets++ = (uint8_t)((bits24 >> 16) & 0xff);
-        *octets++ = (uint8_t)((bits24 >>  8) & 0xff);
-        *octets++ = (uint8_t)(bits24 & 0xff);
-    }
-
-    bits24 = 0;
-    shift = 21;
-    while (num_trits) {
-
-        /* convert each 2 trits to 3 bits and pack */
-
-        bits3 = *trits++ * 3;
-        if (--num_trits) {
-            bits3 += *trits++;
-            --num_trits;
-        }
-        if (bits3 > 7) {
-            bits3 = 7;
-            all_trits_valid = FALSE;
-        }
-        bits24 |= (bits3 << shift);
-        shift -= 3;
-    }
-
-    /* output three octets */
-
-    *octets++ = (uint8_t)((bits24 >> 16) & 0xff);
-    *octets++ = (uint8_t)((bits24 >>  8) & 0xff);
-    *octets++ = (uint8_t)(bits24 & 0xff);
-
-    return all_trits_valid;
-}
-
-
-/* ntru_coeffs_mod4_2_octets
- *
- * Takes an array of ring element coefficients mod 4 and packs the
- * results into an octet string.
- */
-
-void
-ntru_coeffs_mod4_2_octets(
-    uint16_t        num_coeffs,     /*  in - number of coefficients */
-    uint16_t const *coeffs,         /*  in - pointer to coefficients */
-    uint8_t        *octets)         /* out - address for octets */
-{
-    uint8_t  bits2;
-    int      shift;
-    uint16_t i;
-
-    assert(coeffs);
-    assert(octets);
-
-    *octets = 0;
-    shift = 6;
-    for (i = 0; i < num_coeffs; i++) {
-        bits2 = (uint8_t)(coeffs[i] & 0x3);
-        *octets |= bits2 << shift;
-        shift -= 2;
-        if (shift < 0) {
-            ++octets;
-            *octets = 0;
-            shift = 6;
-        }
-    }
-}
-
-
-/* ntru_trits_2_octet
- *
- * Packs 5 trits in an octet, where a trit is 0, 1, or 2 (-1).
- */
-
-void
-ntru_trits_2_octet(
-    uint8_t const *trits,           /*  in - pointer to trits */
-    uint8_t *octet)                 /* out - address for octet */
-{
-    int i;
-
-    assert(trits);
-    assert(octet);
-
-    *octet = 0;
-    for (i = 4; i >= 0; i--) {
-        *octet = (*octet * 3) + trits[i];
-    }
-}
-
-
-/* ntru_octet_2_trits
- *
- * Unpacks an octet to 5 trits, where a trit is 0, 1, or 2 (-1).
- */
-
-void
-ntru_octet_2_trits(
-    uint8_t  octet,                 /*  in - octet to be unpacked */
-    uint8_t *trits)                 /* out - address for trits */
-{
-    int i;
-
-    assert(trits);
-
-    for (i = 0; i < 5; i++) {
-        trits[i] = octet % 3;
-        octet = (octet - trits[i]) / 3;
-    }
-}
-
-
-/* ntru_indices_2_trits
- *
- * Converts a list of the nonzero indices of a polynomial into an array of
- * trits.
- */
-
-void
-ntru_indices_2_trits(
-    uint16_t        in_len,         /*  in - no. of indices */
-    uint16_t const *in,             /*  in - pointer to list of indices */
-    bool            plus1,          /*  in - if list is +1 cofficients */
-    uint8_t        *out)            /* out - address of output polynomial */
-{
-    uint8_t     trit = plus1 ? 1 : 2;
-    uint16_t    i;
-
-    assert(in);
-    assert(out);
-
-    for (i = 0; i < in_len; i++) {
-        out[in[i]] = trit;
-    }
-}
-
-
-/* ntru_packed_trits_2_indices
- *
- * Unpacks an array of N trits and creates a list of array indices 
- * corresponding to trits = +1, and list of array indices corresponding to
- * trits = -1.
- */
-
-void
-ntru_packed_trits_2_indices(
-    uint8_t const *in,              /*  in - pointer to packed-trit octets */
-    uint16_t       num_trits,       /*  in - no. of packed trits */
-    uint16_t      *indices_plus1,   /* out - address for indices of +1 trits */
-    uint16_t      *indices_minus1)  /* out - address for indices of -1 trits */
-{
-    uint8_t  trits[5];
-    uint16_t i = 0;
-    int      j;
-
-    assert(in);
-    assert(indices_plus1);
-    assert(indices_minus1);
-
-    while (num_trits >= 5) {
-        ntru_octet_2_trits(*in++, trits);
-        num_trits -= 5;
-        for (j = 0; j < 5; j++, i++) {
-            if (trits[j] == 1) {
-                *indices_plus1 = i;
-                ++indices_plus1;
-            } else if (trits[j] == 2) {
-                *indices_minus1 = i;
-                ++indices_minus1;
-            }
-        }
-    }
-    if (num_trits) {
-        ntru_octet_2_trits(*in, trits);
-        for (j = 0; num_trits && (j < 5); j++, i++) {
-            if (trits[j] == 1) {
-                *indices_plus1 = i;
-                ++indices_plus1;
-            } else if (trits[j] == 2) {
-                *indices_minus1 = i;
-                ++indices_minus1;
-            }
-            --num_trits;
-        }
-    }
-}
-
-
-/* ntru_indices_2_packed_trits
- *
- * Takes a list of array indices corresponding to elements whose values
- * are +1 or -1, and packs the N-element array of trits described by these
- * lists into octets, 5 trits per octet.
- */
-
-void
-ntru_indices_2_packed_trits(
-    uint16_t const *indices,        /*  in - pointer to indices */
-    uint16_t        num_plus1,      /*  in - no. of indices for +1 trits */
-    uint16_t        num_minus1,     /*  in - no. of indices for -1 trits */
-    uint16_t        num_trits,      /*  in - N, no. of trits in array */
-    uint8_t        *buf,            /*  in - temp buf, N octets */
-    uint8_t        *out)            /* out - address for packed octets */
-{
-    assert(indices);
-    assert(buf);
-    assert(out);
-
-    /* convert indices to an array of trits */
-
-    memset(buf, 0, num_trits);
-    ntru_indices_2_trits(num_plus1, indices, TRUE, buf);
-    ntru_indices_2_trits(num_minus1, indices + num_plus1, FALSE, buf);
-
-    /* pack the array of trits */
-
-    while (num_trits >= 5) {
-        ntru_trits_2_octet(buf, out);
-        num_trits -= 5;
-        buf += 5;
-        ++out;
-    }
-    if (num_trits) {
-        uint8_t trits[5];
-
-        memcpy(trits, buf, num_trits);
-        memset(trits + num_trits, 0, sizeof(trits) - num_trits);
-        ntru_trits_2_octet(trits, out);
-    }
-}
-
-
-/* ntru_elements_2_octets
- *
- * Packs an array of n-bit elements into an array of
- * ((in_len * n_bits) + 7) / 8 octets, 8 < n_bits < 16.
- */
-
-void
-ntru_elements_2_octets(
-    uint16_t        in_len,         /*  in - no. of elements to be packed */
-    uint16_t const *in,             /*  in - ptr to elements to be packed */
-    uint8_t         n_bits,         /*  in - no. of bits in input element */
-    uint8_t        *out)            /* out - addr for output octets */
-{
-    uint16_t  temp;
-    int       shift;
-    uint16_t  i;
-
-    assert(in_len);
-    assert(in);
-    assert((n_bits > 8) && (n_bits < 16));
-    assert(out);
-
-    /* pack */
-
-    temp = 0;
-    shift = n_bits - 8;
-    i = 0;
-    while (i < in_len) {
-
-        /* add bits to temp to fill an octet and output the octet */
-
-        temp |= in[i] >> shift;
-        *out++ = (uint8_t)(temp & 0xff);
-        shift = 8 - shift;
-        if (shift < 1) {
-
-            /* next full octet is in current input word */
-
-            shift += n_bits;
-            temp = 0;
-
-        } else {
-
-            /* put remaining bits of input word in temp as partial octet,
-             * and increment index to next input word
-             */
-            temp = in[i] << (uint16_t)shift;
-
-            ++i;
-        }
-        shift = n_bits - shift;
-    }
-
-    /* output any bits remaining in last input word */
-
-    if (shift != n_bits - 8) {
-        *out++ = (uint8_t)(temp & 0xff);
-    }
-}
-
-
-/* ntru_octets_2_elements
- *
- * Unpacks an octet string into an array of ((in_len * 8) / n_bits)
- * n-bit elements, 8 < n_bits < 16.  Any extra bits are discarded.
- */
-
-void
-ntru_octets_2_elements(
-    uint16_t        in_len,         /*  in - no. of octets to be unpacked */
-    uint8_t const  *in,             /*  in - ptr to octets to be unpacked */
-    uint8_t         n_bits,         /*  in - no. of bits in output element */
-    uint16_t       *out)            /* out - addr for output elements */
-{
-    uint16_t  temp;
-    uint16_t  mask = (1 << n_bits) - 1;
-    int       shift;
-    uint16_t  i;
-
-    assert(in_len > 1);
-    assert(in);
-    assert((n_bits > 8) && (n_bits < 16));
-    assert(out);
-
-    /* unpack */
-
-    temp = 0;
-    shift = n_bits;
-    i = 0;
-    while (i < in_len) {
-        shift = 8 - shift;
-        if (shift < 0) {
-
-            /* the current octet will not fill the current element */
-
-            shift += n_bits;
-
-        } else {
-
-            /* add bits from the current octet to fill the current element and
-             * output the element
-             */
-
-            temp |= ((uint16_t)in[i]) >> shift;
-            *out++ = temp & mask;
-            temp = 0;
-        }
-
-        /* add the remaining bits of the current octet to start an element */
-
-        shift = n_bits - shift;
-        temp |= ((uint16_t)in[i]) << shift;
-        ++i;
-    }
-}
-
-
diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_convert.h b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_convert.h
deleted file mode 100644
index 1c4b35b24..000000000
--- a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_convert.h
+++ /dev/null
@@ -1,183 +0,0 @@
-/******************************************************************************
- * NTRU Cryptography Reference Source Code
- * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved. 
- *
- * ntru_crypto_ntru_convert.h is a component of ntru-crypto.
- *
- * Copyright (C) 2009-2013  Security Innovation
- * 
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
- * 
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- * 
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- *
- *****************************************************************************/
- 
-/******************************************************************************
- *
- * File: ntru_crypto_ntru_convert.h
- *
- * Contents: Definitions and declarations for conversion routines
- *           for NTRUEncrypt, including packing, unpacking and others.
- *
- *****************************************************************************/
-
-#ifndef NTRU_CRYPTO_NTRU_CONVERT_H
-#define NTRU_CRYPTO_NTRU_CONVERT_H
-
-#include "ntru_crypto.h"
-
-
-/* function declarations */
-
-/* ntru_bits_2_trits
- *
- * Each 3 bits in an array of octets is converted to 2 trits in an array
- * of trits.
- */
-
-extern void
-ntru_bits_2_trits(
-    uint8_t const *octets,          /*  in - pointer to array of octets */
-    uint16_t       num_trits,       /*  in - number of trits to produce */
-    uint8_t       *trits);          /* out - address for array of trits */
-
-
-/* ntru_trits_2_bits
- *
- * Each 2 trits in an array of trits is converted to 3 bits, and the bits
- * are packed in an array of octets.  A multiple of 3 octets is output.
- * Any bits in the final octets not derived from trits are zero.
- *
- * Returns TRUE if all trits were valid.
- * Returns FALSE if invalid trits were found.
- */
-
-extern bool
-ntru_trits_2_bits(
-    uint8_t const *trits,           /*  in - pointer to array of trits */
-    uint32_t       num_trits,       /*  in - number of trits to convert */
-    uint8_t       *octets);         /* out - address for array of octets */
-
-
-/* ntru_coeffs_mod4_2_octets
- *
- * Takes an array of coefficients mod 4 and packs the results into an
- * octet string.
- */
-
-extern void
-ntru_coeffs_mod4_2_octets(
-    uint16_t        num_coeffs,     /*  in - number of coefficients */
-    uint16_t const *coeffs,         /*  in - pointer to coefficients */
-    uint8_t        *octets);        /* out - address for octets */
-
-
-/* ntru_trits_2_octet
- *
- * Packs 5 trits in an octet, where a trit is 0, 1, or 2 (-1).
- */
-
-extern void
-ntru_trits_2_octet(
-    uint8_t const *trits,           /*  in - pointer to trits */
-    uint8_t *octet);                /* out - address for octet */
-
-
-/* ntru_octet_2_trits
- *
- * Unpacks an octet to 5 trits, where a trit is 0, 1, or 2 (-1).
- */
-
-extern void
-ntru_octet_2_trits(
-    uint8_t  octet,                 /*  in - octet to be unpacked */
-    uint8_t *trits);                /* out - address for trits */
-
-
-/* ntru_indices_2_trits
- *
- * Converts a list of the nonzero indices of a polynomial into an array of
- * trits.
- */
-
-extern void
-ntru_indices_2_trits(
-    uint16_t        in_len,         /*  in - no. of indices */
-    uint16_t const *in,             /*  in - pointer to list of indices */
-    bool            plus1,          /*  in - if list is +1 coefficients */
-    uint8_t        *out);           /* out - address of output polynomial */
-
-
-/* ntru_packed_trits_2_indices
- *
- * Unpacks an array of N trits and creates a list of array indices 
- * corresponding to trits = +1, and list of array indices corresponding to
- * trits = -1.
- */
-
-extern void
-ntru_packed_trits_2_indices(
-    uint8_t const *in,              /*  in - pointer to packed-trit octets */
-    uint16_t       num_trits,       /*  in - no. of packed trits */
-    uint16_t      *indices_plus1,   /* out - address for indices of +1 trits */
-    uint16_t      *indices_minus1); /* out - address for indices of -1 trits */
-
-
-/* ntru_indices_2_packed_trits
- *
- * Takes a list of array indices corresponding to elements whose values
- * are +1 or -1, and packs the N-element array of trits described by these
- * lists into octets, 5 trits per octet.
- */
-
-extern void
-ntru_indices_2_packed_trits(
-    uint16_t const *indices,        /*  in - pointer to indices */
-    uint16_t        num_plus1,      /*  in - no. of indices for +1 trits */
-    uint16_t        num_minus1,     /*  in - no. of indices for -1 trits */
-    uint16_t        num_trits,      /*  in - N, no. of trits in array */
-    uint8_t        *buf,            /*  in - temp buf, N octets */
-    uint8_t        *out);           /* out - address for packed octets */
-
-
-/* ntru_elements_2_octets
- *
- * Packs an array of n-bit elements into an array of
- * ((in_len * n_bits) + 7) / 8 octets, 8 < n_bits < 16.
- */
-
-extern void
-ntru_elements_2_octets(
-    uint16_t        in_len,         /*  in - no. of elements to be packed */
-    uint16_t const *in,             /*  in - ptr to elements to be packed */
-    uint8_t         n_bits,         /*  in - no. of bits in input element */
-    uint8_t        *out);           /* out - addr for output octets */
-
-
-/* ntru_octets_2_elements
- *
- * Unpacks an octet string into an array of ((in_len * 8) / n_bits)
- * n-bit elements, 8 < n < 16.  Any extra bits are discarded.
- */
-
-extern void
-ntru_octets_2_elements(
-    uint16_t        in_len,         /*  in - no. of octets to be unpacked */
-    uint8_t const  *in,             /*  in - ptr to octets to be unpacked */
-    uint8_t         n_bits,         /*  in - no. of bits in output element */
-    uint16_t       *out);           /* out - addr for output elements */
-
-
-#endif /* NTRU_CRYPTO_NTRU_CONVERT_H */
-
-
diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt.c b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt.c
deleted file mode 100644
index dba81915a..000000000
--- a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt.c
+++ /dev/null
@@ -1,1034 +0,0 @@
-/******************************************************************************
- * NTRU Cryptography Reference Source Code
- * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved. 
- *
- * ntru_crypto_ntru_encrypt.c is a component of ntru-crypto.
- *
- * Copyright (C) 2009-2013  Security Innovation
- * 
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
- * 
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- * 
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- *
- *****************************************************************************/
- 
-/******************************************************************************
- *
- * File: ntru_crypto_ntru_encrypt.c
- *
- * Contents: Routines implementing NTRUEncrypt encryption and decryption and
- *           key generation.
- *
- *****************************************************************************/
-
-
-#include <stdlib.h>
-#include <string.h>
-#include <assert.h>
-#include "ntru_crypto.h"
-#include "ntru_crypto_ntru_encrypt_param_sets.h"
-#include "ntru_crypto_ntru_encrypt_key.h"
-#include "ntru_crypto_ntru_convert.h"
-#include "ntru_crypto_ntru_poly.h"
-#
-#include "ntru_trits.h"
-#include "ntru_poly.h"
-
-/* ntru_crypto_ntru_encrypt
- *
- * Implements NTRU encryption (SVES) for the parameter set specified in
- * the public key blob.
- *
- * Before invoking this function, a DRBG must be instantiated using
- * ntru_crypto_drbg_instantiate() to obtain a DRBG handle, and in that
- * instantiation the requested security strength must be at least as large
- * as the security strength of the NTRU parameter set being used.
- * Failure to instantiate the DRBG with the proper security strength will
- * result in this function returning DRBG_ERROR_BASE + DRBG_BAD_LENGTH.
- *
- * The required minimum size of the output ciphertext buffer (ct) may be
- * queried by invoking this function with ct = NULL.  In this case, no
- * encryption is performed, NTRU_OK is returned, and the required minimum
- * size for ct is returned in ct_len.
- *
- * When ct != NULL, at invocation *ct_len must be the size of the ct buffer.
- * Upon return it is the actual size of the ciphertext.
- *
- * Returns NTRU_OK if successful.
- * Returns NTRU_DRBG_FAIL if the DRBG handle is invalid.
- * Returns NTRU_BAD_PARAMETER if an argument pointer (other than ct) is NULL.
- * Returns NTRU_BAD_LENGTH if a length argument (pubkey_blob_len or pt_len) is
-  * zero, or if pt_len exceeds the maximum plaintext length for the parameter set.
- * Returns NTRU_BAD_PUBLIC_KEY if the public-key blob is invalid
- *  (unknown format, corrupt, bad length).
- * Returns NTRU_BUFFER_TOO_SMALL if the ciphertext buffer is too small.
- * Returns NTRU_NO_MEMORY if memory needed cannot be allocated from the heap.
- */
-
-uint32_t
-ntru_crypto_ntru_encrypt(
-    ntru_drbg_t    *drbg,            /*     in - handle of DRBG */
-    uint16_t        pubkey_blob_len, /*     in - no. of octets in public key
-                                                 blob */
-    uint8_t const  *pubkey_blob,     /*     in - pointer to public key */
-    uint16_t        pt_len,          /*     in - no. of octets in plaintext */
-    uint8_t const  *pt,              /*     in - pointer to plaintext */
-    uint16_t       *ct_len,          /* in/out - no. of octets in ct, addr for
-                                                 no. of octets in ciphertext */
-    uint8_t        *ct)              /*    out - address for ciphertext */
-{
-    NTRU_ENCRYPT_PARAM_SET *params = NULL;
-    uint8_t const          *pubkey_packed = NULL;
-    uint8_t                 pubkey_pack_type = 0x00;
-    uint16_t                packed_ct_len;
-    size_t                  scratch_buf_len;
-    uint32_t                dr;
-    uint32_t                dr1 = 0;
-    uint32_t                dr2 = 0;
-    uint32_t                dr3 = 0;
-    uint16_t                ring_mult_tmp_len;
-    int16_t                 m1 = 0;
-    uint16_t               *scratch_buf = NULL;
-    uint16_t               *ringel_buf = NULL;
-    uint8_t                *b_buf = NULL;
-    uint8_t                *tmp_buf = NULL;
-    bool                    msg_rep_good = FALSE;
-    hash_algorithm_t        hash_algid;
-    uint16_t                mprime_len = 0;
-    uint16_t                mod_q_mask;
-    uint32_t                result = NTRU_OK;
-	ntru_trits_t           *mask;
-	uint8_t                *mask_trits;
-	chunk_t                 seed;
-	ntru_poly_t				*r_poly;
-
-    /* check for bad parameters */
-
-	if (!pubkey_blob || !pt || !ct_len)
-	{
-		return NTRU_BAD_PARAMETER;
-	}
-	if ((pubkey_blob_len == 0) || (pt_len == 0))
-	{
-		return NTRU_BAD_LENGTH;
-	}
-
-    /* get a pointer to the parameter-set parameters, the packing type for
-     * the public key, and a pointer to the packed public key
-     */
-
-    if (!ntru_crypto_ntru_encrypt_key_parse(TRUE /* pubkey */, pubkey_blob_len,
-                                            pubkey_blob, &pubkey_pack_type,
-                                            NULL, &params, &pubkey_packed,
-                                            NULL))
-	{
-		return NTRU_BAD_PUBLIC_KEY;
-	}
-
-    /* return the ciphertext size if requested */
-
-    packed_ct_len = (params->N * params->q_bits + 7) >> 3;
-    if (!ct)
-	{
-        *ct_len = packed_ct_len;
-		return NTRU_OK;
-    }
-
-    /* check the ciphertext buffer size */
-
-    if (*ct_len < packed_ct_len)
-	{
-		return NTRU_BUFFER_TOO_SMALL;
-    }
-
-    /* check the plaintext length */
-
-    if (pt_len > params->m_len_max)
-	{
-		return NTRU_BAD_LENGTH;
-    }
-
-    /* allocate memory for all operations */
-
-    if (params->is_product_form)
-	{
-        ring_mult_tmp_len = params->N << 1; /* 2N 16-bit word buffer */
-        dr1 =  params->dF_r & 0xff;
-        dr2 = (params->dF_r >>  8) & 0xff;
-        dr3 = (params->dF_r >> 16) & 0xff;
-        dr = dr1 + dr2 + dr3;
-    }
-	else
-	{
-        ring_mult_tmp_len = params->N;      /* N 16-bit word buffer */
-        dr = params->dF_r;
-    }
-    scratch_buf_len = (ring_mult_tmp_len << 1) +
-                                            /* X-byte temp buf for ring mult and
-                                                other intermediate results */
-                      (params->N << 1) +    /* 2N-byte buffer for ring elements
-                                                and overflow from temp buffer */
-                      (dr << 2) +           /* buffer for r indices */
-                      params->sec_strength_len;
-                                            /* buffer for b */
-    scratch_buf = malloc(scratch_buf_len);
-    if (!scratch_buf)
-	{
-		return NTRU_OUT_OF_MEMORY;
-    }
-    ringel_buf = scratch_buf + ring_mult_tmp_len;
-    b_buf = (uint8_t *)(ringel_buf + params->N);
-    tmp_buf = (uint8_t *)scratch_buf;
-
-	/* set hash algorithm based on security strength */
-	 hash_algid = (params->sec_strength_len <= 20) ? HASH_SHA1 : HASH_SHA256;
-
-    /* set constants */
-	mod_q_mask = params->q - 1;
-
-    /* loop until a message representative with proper weight is achieved */
-
-    do {
-        uint8_t *ptr = tmp_buf;
-
-        /* get b */
-        if (drbg->generate(drbg, params->sec_strength_len * BITS_PER_BYTE,
-                                 params->sec_strength_len, b_buf))
-		{
-			result = NTRU_OK;
-		}
-		else
-		{
-			result = NTRU_FAIL;
-		}
-
-		if (result == NTRU_OK)
-		{
-
-            /* form sData (OID || m || b || hTrunc) */
-            memcpy(ptr, params->OID, 3);
-            ptr += 3;
-            memcpy(ptr, pt, pt_len);
-            ptr += pt_len;
-            memcpy(ptr, b_buf, params->sec_strength_len);
-            ptr += params->sec_strength_len;
-            memcpy(ptr, pubkey_packed, params->sec_strength_len);
-            ptr += params->sec_strength_len;
-
-			DBG2(DBG_LIB, "generate polynomial r");
-
-			seed = chunk_create(tmp_buf, ptr - tmp_buf);
-			r_poly = ntru_poly_create_from_seed(hash_algid, seed, params->c_bits,
-												params->N, params->q,
-												params->dF_r, params->dF_r,
-												params->is_product_form);
-			if (!r_poly)
-			{
-			   result = NTRU_MGF1_FAIL;
-			}
-        }
-
-		if (result == NTRU_OK)
-		{
-			uint16_t pubkey_packed_len;
-
-			/* unpack the public key */
-			assert(pubkey_pack_type == NTRU_ENCRYPT_KEY_PACKED_COEFFICIENTS);
-			pubkey_packed_len = (params->N * params->q_bits + 7) >> 3;
-			ntru_octets_2_elements(pubkey_packed_len, pubkey_packed,
-								   params->q_bits, ringel_buf);
-
-			/* form R = h * r */
-			r_poly->ring_mult(r_poly, ringel_buf, ringel_buf);
-			r_poly->destroy(r_poly);
-
-			/* form R mod 4 */
-			ntru_coeffs_mod4_2_octets(params->N, ringel_buf, tmp_buf);
-
-			/* form mask */
-			seed = chunk_create(tmp_buf, (params->N + 3)/4);
-			mask = ntru_trits_create(params->N, hash_algid, seed);
-			if (!mask)
-			{
-				result = NTRU_MGF1_FAIL;
-			}
-		}
-
-		if (result == NTRU_OK)
-		{
-            uint8_t  *Mtrin_buf = tmp_buf + params->N;
-            uint8_t  *M_buf = Mtrin_buf + params->N -
-                              (params->sec_strength_len + params->m_len_len +
-                               params->m_len_max + 2);
-            uint16_t  i;
-
-            /* form the padded message M */
-            ptr = M_buf;
-            memcpy(ptr, b_buf, params->sec_strength_len);
-            ptr += params->sec_strength_len;
-            if (params->m_len_len == 2)
-                *ptr++ = (uint8_t)((pt_len >> 8) & 0xff);
-            *ptr++ = (uint8_t)(pt_len & 0xff);
-            memcpy(ptr, pt, pt_len);
-            ptr += pt_len;
-
-            /* add an extra zero byte in case without it the bit string
-             * is not a multiple of 3 bits and therefore might not be
-             * able to produce enough trits
-             */
-
-            memset(ptr, 0, params->m_len_max - pt_len + 2);
-
-            /* convert M to trits (Mbin to Mtrin) */
-            mprime_len = params->N;
-			if (params->is_product_form)
-			{
-                --mprime_len;
-			}
-
-            ntru_bits_2_trits(M_buf, mprime_len, Mtrin_buf);
-			mask_trits = mask->get_trits(mask);
-
-			/* form the msg representative m' by adding Mtrin to mask, mod p */
-			if (params->is_product_form)
-			{
-				for (i = 0; i < mprime_len; i++)
-				{
-					tmp_buf[i] = mask_trits[i] + Mtrin_buf[i];
-					if (tmp_buf[i] >= 3)
-					{
-						tmp_buf[i] -= 3;
-					}
-					if (tmp_buf[i] == 1)
-					{
-						++m1;
-					}
-					else if (tmp_buf[i] == 2)
-					{
-						--m1;
-					}
-				}
-			}
-			else
-			{
-				for (i = 0; i < mprime_len; i++)
-				{
-					tmp_buf[i] = mask_trits[i] + Mtrin_buf[i];
-					if (tmp_buf[i] >= 3)
-					{
-						tmp_buf[i] -= 3;
-					}
-				}
-			}
-			mask->destroy(mask);
-
-            /* check that message representative meets minimum weight
-             * requirements
-             */
-
-            if (params->is_product_form)
-                msg_rep_good = m1 < 0 ? (bool)(-m1 <= params->min_msg_rep_wt) : 
-                                        (bool)( m1 <= params->min_msg_rep_wt);
-            else
-                msg_rep_good = ntru_poly_check_min_weight(mprime_len, tmp_buf,
-                                                       params->min_msg_rep_wt);
-            msg_rep_good = TRUE;
-        }
-    } while ((result == NTRU_OK) && !msg_rep_good);
-
-	if (result == NTRU_OK)
-	{
-        uint16_t i;
-
-        /* form ciphertext e by adding m' to R mod q */
-
-        for (i = 0; i < mprime_len; i++) {
-            if (tmp_buf[i] == 1)
-                ringel_buf[i] = (ringel_buf[i] + 1) & mod_q_mask;
-            else if (tmp_buf[i] == 2)
-                ringel_buf[i] = (ringel_buf[i] - 1) & mod_q_mask;
-        }
-        if (params->is_product_form)
-            ringel_buf[i] = (ringel_buf[i] - m1) & mod_q_mask;
-
-        /* pack ciphertext */
-        ntru_elements_2_octets(params->N, ringel_buf, params->q_bits, ct);
-        *ct_len = packed_ct_len;
-    }
-
-    /* cleanup */
-    memset(scratch_buf, 0, scratch_buf_len);
-    free(scratch_buf);
-    
-	return result;
-}
-
-
-/* ntru_crypto_ntru_decrypt
- *
- * Implements NTRU decryption (SVES) for the parameter set specified in
- * the private key blob.
- *
- * The maximum size of the output plaintext may be queried by invoking
- * this function with pt = NULL.  In this case, no decryption is performed,
- * NTRU_OK is returned, and the maximum size the plaintext could be is
- * returned in pt_len.
- * Note that until the decryption is performed successfully, the actual size
- * of the resulting plaintext cannot be known.
- *
- * When pt != NULL, at invocation *pt_len must be the size of the pt buffer.
- * Upon return it is the actual size of the plaintext.
- *
- * Returns NTRU_OK if successful.
- * Returns NTRU_BAD_PARAMETER if an argument pointer (other than pt) is NULL.
- * Returns NTRU_BAD_LENGTH if a length argument (privkey_blob) is zero, or if
- *  ct_len is invalid for the parameter set.
- * Returns NTRU_BAD_PRIVATE_KEY if the private-key blob is invalid
- *  (unknown format, corrupt, bad length).
- * Returns NTRU_BUFFER_TOO_SMALL if the plaintext buffer is too small.
- * Returns NTRU_NO_MEMORY if memory needed cannot be allocated from the heap.
- * Returns NTRU_FAIL if a decryption error occurs.
- */
-
-uint32_t
-ntru_crypto_ntru_decrypt(
-    uint16_t       privkey_blob_len, /*     in - no. of octets in private key
-                                                 blob */
-    uint8_t const *privkey_blob,     /*     in - pointer to private key */
-    uint16_t       ct_len,           /*     in - no. of octets in ciphertext */
-    uint8_t const *ct,               /*     in - pointer to ciphertext */
-    uint16_t      *pt_len,           /* in/out - no. of octets in pt, addr for
-                                                 no. of octets in plaintext */
-    uint8_t       *pt)               /*    out - address for plaintext */
-{
-    NTRU_ENCRYPT_PARAM_SET *params = NULL;
-    uint8_t const          *privkey_packed = NULL;
-    uint8_t const          *pubkey_packed = NULL;
-    uint8_t                 privkey_pack_type = 0x00;
-    uint8_t                 pubkey_pack_type = 0x00;
-    size_t                  scratch_buf_len;
-    uint32_t                dF_r;
-    uint32_t                dF_r1 = 0;
-    uint32_t                dF_r2 = 0;
-    uint32_t                dF_r3 = 0;
-    uint16_t                ring_mult_tmp_len;
-    int16_t                 m1 = 0;
-    uint16_t               *scratch_buf = NULL;
-    uint16_t               *ringel_buf1 = NULL;
-    uint16_t               *ringel_buf2 = NULL;
-    uint16_t               *i_buf = NULL;
-    uint8_t                *m_buf = NULL;
-    uint8_t                *tmp_buf = NULL;
-    uint8_t                *Mtrin_buf = NULL;
-    uint8_t                *M_buf = NULL;
-    uint8_t                *ptr = NULL;
-    hash_algorithm_t        hash_algid;
-    uint16_t                cmprime_len;
-    uint16_t                mod_q_mask;
-    uint16_t                q_mod_p;
-    uint16_t                cm_len = 0;
-    uint16_t                num_zeros;
-    uint16_t                i;
-    bool                    decryption_ok = TRUE;
-    uint32_t                result = NTRU_OK;
-	ntru_trits_t           *mask;
-	uint8_t                *mask_trits;
-	chunk_t                 seed;
-	ntru_poly_t			   *F_poly, *r_poly;
-
-	/* check for bad parameters */
-	if (!privkey_blob || !ct || !pt_len)
-	{
-		return NTRU_BAD_PARAMETER;
-	}
-	if ((privkey_blob_len == 0) || (ct_len == 0))
-	{
-		return NTRU_BAD_LENGTH;
-	}
-
-    /* get a pointer to the parameter-set parameters, the packing types for
-     * the public and private keys, and pointers to the packed public and
-     * private keys
-     */
-
-	if (!ntru_crypto_ntru_encrypt_key_parse(FALSE /* privkey */,
-                                            privkey_blob_len,
-                                            privkey_blob, &pubkey_pack_type,
-                                            &privkey_pack_type, &params,
-                                            &pubkey_packed, &privkey_packed))
-	{
-		return NTRU_BAD_PRIVATE_KEY;
-	}
-
-    /* return the max plaintext size if requested */
-
-	if (!pt)
-	{
-        *pt_len = params->m_len_max;
-		return NTRU_OK;
-    }
-
-    /* cannot check the plaintext buffer size until after the plaintext
-     * is derived, if we allow plaintext buffers only as large as the
-     * actual plaintext
-     */
-
-    /* check the ciphertext length */
-
-	if (ct_len != (params->N * params->q_bits + 7) >> 3)
-	{
-		return NTRU_BAD_LENGTH;
-	}
-
-    /* allocate memory for all operations */
-
-	if (params->is_product_form)
-	{
-        ring_mult_tmp_len = params->N << 1; /* 2N 16-bit word buffer */
-        dF_r1 =  params->dF_r & 0xff;
-        dF_r2 = (params->dF_r >>  8) & 0xff;
-        dF_r3 = (params->dF_r >> 16) & 0xff;
-        dF_r = dF_r1 + dF_r2 + dF_r3;
-    } else {
-        ring_mult_tmp_len = params->N;      /* N 16-bit word buffer */
-        dF_r = params->dF_r;
-    }
-    scratch_buf_len = (ring_mult_tmp_len << 1) +
-                                            /* X-byte temp buf for ring mult and
-                                                other intermediate results */
-                      (params->N << 2) +    /* 2 2N-byte bufs for ring elements
-                                                and overflow from temp buffer */
-                      (dF_r << 2) +         /* buffer for F, r indices */
-                      params->m_len_max;    /* buffer for plaintext */
-    scratch_buf = malloc(scratch_buf_len);
-	if (!scratch_buf)
-	{
-		return NTRU_OUT_OF_MEMORY;
-    }
-    ringel_buf1 = scratch_buf + ring_mult_tmp_len;
-    ringel_buf2 = ringel_buf1 + params->N;
-    i_buf = ringel_buf2 + params->N;
-    m_buf = (uint8_t *)(i_buf + (dF_r << 1));
-    tmp_buf = (uint8_t *)scratch_buf;
-    Mtrin_buf = (uint8_t *)ringel_buf1;
-    M_buf = Mtrin_buf + params->N;
-
-	/* set hash algorithm based on security strength */
-	hash_algid = (params->sec_strength_len <= 20) ? HASH_SHA1 : HASH_SHA256;
-
-    /* set constants */
-    mod_q_mask = params->q - 1;
-    q_mod_p = params->q % 3;
-
-    /* unpack the ciphertext */
-    ntru_octets_2_elements(ct_len, ct, params->q_bits, ringel_buf2);
-
-    /* unpack the private key */
-    if (privkey_pack_type == NTRU_ENCRYPT_KEY_PACKED_TRITS)
-	{
-        ntru_packed_trits_2_indices(privkey_packed, params->N, i_buf,
-                                    i_buf + dF_r);
-
-    }
-	else if (privkey_pack_type == NTRU_ENCRYPT_KEY_PACKED_INDICES)
-	{
-        ntru_octets_2_elements(
-                (((uint16_t)dF_r << 1) * params->N_bits + 7) >> 3,
-                privkey_packed, params->N_bits, i_buf);
-
-    }
-	else
-	{
-        assert(FALSE);
-    }
-
-    /* form cm':
-     *  F * e
-     *  A = e * (1 + pF) mod q = e + pFe mod q
-     *  a = A in the range [-q/2, q/2)
-     *  cm' = a mod p
-     */
-	F_poly = ntru_poly_create_from_data(i_buf, params->N, params->q,
-										params->dF_r, params->dF_r,
-									    params->is_product_form);
-	F_poly->ring_mult(F_poly, ringel_buf2, ringel_buf1);
-	F_poly->destroy(F_poly);
-
-    cmprime_len = params->N;
-    if (params->is_product_form)
-	{
-         --cmprime_len;
-		for (i = 0; i < cmprime_len; i++)
-		{
-			ringel_buf1[i] = (ringel_buf2[i] + 3 * ringel_buf1[i]) & mod_q_mask;
-			if (ringel_buf1[i] >= (params->q >> 1))
-			{
-				ringel_buf1[i] = ringel_buf1[i] - q_mod_p;
-			}
-			Mtrin_buf[i] = (uint8_t)(ringel_buf1[i] % 3);
-			if (Mtrin_buf[i] == 1)
-			{
-				++m1;
-			}
-			else if (Mtrin_buf[i] == 2)
-			{
-				--m1;
-			}
-		}
-	}
-	else
-	{
-		for (i = 0; i < cmprime_len; i++)
-		{
-			ringel_buf1[i] = (ringel_buf2[i] + 3 * ringel_buf1[i]) & mod_q_mask;
-			if (ringel_buf1[i] >= (params->q >> 1))
-			{
-				ringel_buf1[i] = ringel_buf1[i] - q_mod_p;
-			}
-			Mtrin_buf[i] = (uint8_t)(ringel_buf1[i] % 3);
-		}
-	}
-
-    /* check that the candidate message representative meets minimum weight
-     * requirements
-     */
-
-    if (params->is_product_form)
-	{
-	    decryption_ok = m1 < 0 ? (bool)(-m1 <= params->min_msg_rep_wt) : 
-	                             (bool)( m1 <= params->min_msg_rep_wt);
-	}
-	else
-	{
-        decryption_ok = ntru_poly_check_min_weight(cmprime_len, Mtrin_buf,
-												   params->min_msg_rep_wt);
-	}
-
-	/* form cR = e - cm' mod q */
-	for (i = 0; i < cmprime_len; i++)
-	{
-		if (Mtrin_buf[i] == 1)
-		{
-			ringel_buf2[i] = (ringel_buf2[i] - 1) & mod_q_mask;
-		}
-		else if (Mtrin_buf[i] == 2)
-		{
-			ringel_buf2[i] = (ringel_buf2[i] + 1) & mod_q_mask;
-		}
-	}
-	if (params->is_product_form)
-	{
-		ringel_buf2[i] = (ringel_buf2[i] + m1) & mod_q_mask;
-	}
-
-	/* form cR mod 4 */
-	ntru_coeffs_mod4_2_octets(params->N, ringel_buf2, tmp_buf);
-
-	/* form mask */
-	seed = chunk_create(tmp_buf, (params->N + 3)/4);
-	mask = ntru_trits_create(params->N, hash_algid, seed);
-	if (!mask)
-	{
-		result = NTRU_MGF1_FAIL;
-	}
-	else
-	{
-		mask_trits = mask->get_trits(mask);
-
-		/* form cMtrin by subtracting mask from cm', mod p */
-		for (i = 0; i < cmprime_len; i++)
-		{
-			Mtrin_buf[i] = Mtrin_buf[i] - mask_trits[i];
-			if (Mtrin_buf[i] >= 3)
-			{
-				Mtrin_buf[i] += 3;
-			}
-		}
-		mask->destroy(mask);
-
-        if (params->is_product_form)
-
-            /* set the last trit to zero since that's what it was, and
-             * because it can't be calculated from (cm' - mask) since
-             * we don't have the correct value for the last cm' trit
-             */
-
-            Mtrin_buf[i] = 0;
-
-        /* convert cMtrin to cM (Mtrin to Mbin) */
-
-        if (!ntru_trits_2_bits(Mtrin_buf, params->N, M_buf))
-            decryption_ok = FALSE;
-
-        /* validate the padded message cM and copy cm to m_buf */
-
-        ptr = M_buf + params->sec_strength_len;
-        if (params->m_len_len == 2)
-            cm_len = (uint16_t)(*ptr++) << 16;
-        cm_len |= (uint16_t)(*ptr++);
-        if (cm_len > params->m_len_max) {
-            cm_len = params->m_len_max;
-            decryption_ok = FALSE;
-        }
-        memcpy(m_buf, ptr, cm_len);
-        ptr += cm_len;
-        num_zeros = params->m_len_max - cm_len + 1;
-        for (i = 0; i < num_zeros; i++) {
-            if (ptr[i] != 0)
-                decryption_ok = FALSE;
-        }
-
-        /* form sData (OID || m || b || hTrunc) */
-
-        ptr = tmp_buf;
-        memcpy(ptr, params->OID, 3);
-        ptr += 3;
-        memcpy(ptr, m_buf, cm_len);
-        ptr += cm_len;
-        memcpy(ptr, M_buf, params->sec_strength_len);
-        ptr += params->sec_strength_len;
-        memcpy(ptr, pubkey_packed, params->sec_strength_len);
-        ptr += params->sec_strength_len;
-
-        /* generate cr */
-		DBG2(DBG_LIB, "generate polynomial r");
-
-		seed = chunk_create(tmp_buf, ptr - tmp_buf);
-		r_poly = ntru_poly_create_from_seed(hash_algid, seed, params->c_bits,
-											params->N, params->q,
-											params->dF_r, params->dF_r,
-											params->is_product_form);
-		if (!r_poly)
-		{
-		   result = NTRU_MGF1_FAIL;
-		}
-    }
-
-	if (result == NTRU_OK)
-	{
-		/* unpack the public key */
-		{
-            uint16_t pubkey_packed_len;
-
-			assert(pubkey_pack_type == NTRU_ENCRYPT_KEY_PACKED_COEFFICIENTS);
-			pubkey_packed_len = (params->N * params->q_bits + 7) >> 3;
-			ntru_octets_2_elements(pubkey_packed_len, pubkey_packed,
-								   params->q_bits, ringel_buf1);
-		}
-
-		/* form cR' = h * cr */
-		r_poly->ring_mult(r_poly, ringel_buf1, ringel_buf1);
-		r_poly->destroy(r_poly);
-
-		/* compare cR' to cR */
-		for (i = 0; i < params->N; i++)
-		{
-			if (ringel_buf1[i] != ringel_buf2[i])
-			{
-                decryption_ok = FALSE;
-			}
-		}
-
-        /* output plaintext and plaintext length */
-		if (decryption_ok)
-		{
-			if (*pt_len < cm_len)
-			{
-				return NTRU_BUFFER_TOO_SMALL;
-			}
-			memcpy(pt, m_buf, cm_len);
-			*pt_len = cm_len;
-        }
-    }
-
-	/* cleanup */
-	memset(scratch_buf, 0, scratch_buf_len);
-	free(scratch_buf);
-    
-	if (!decryption_ok)
-	{
-		return NTRU_FAIL;
-	}
-
-	return result;
-}
-
-
-/* ntru_crypto_ntru_encrypt_keygen
- *
- * Implements key generation for NTRUEncrypt for the parameter set specified.
- *
- * The required minimum size of the output public-key buffer (pubkey_blob)
- * may be queried by invoking this function with pubkey_blob = NULL.
- * In this case, no key generation is performed, NTRU_OK is returned, and
- * the required minimum size for pubkey_blob is returned in pubkey_blob_len.
- *
- * The required minimum size of the output private-key buffer (privkey_blob)
- * may be queried by invoking this function with privkey_blob = NULL.
- * In this case, no key generation is performed, NTRU_OK is returned, and
- * the required minimum size for privkey_blob is returned in privkey_blob_len.
- *
- * The required minimum sizes of both pubkey_blob and privkey_blob may be
- * queried as described above, in a single invocation of this function.
- *
- * When pubkey_blob != NULL and privkey_blob != NULL, at invocation
- * *pubkey_blob_len must be the size of the pubkey_blob buffer and
- * *privkey_blob_len must be the size of the privkey_blob buffer.
- * Upon return, *pubkey_blob_len is the actual size of the public-key blob
- * and *privkey_blob_len is the actual size of the private-key blob.
- *
- * Returns NTRU_OK if successful.
- * Returns NTRU_BAD_PARAMETER if an argument pointer (other than pubkey_blob or
- *  privkey_blob) is NULL.
- * Returns NTRU_INVALID_PARAMETER_SET if the parameter-set ID is invalid.
- * Returns NTRU_BAD_LENGTH if a length argument is invalid.
- * Returns NTRU_BUFFER_TOO_SMALL if either the pubkey_blob buffer or the
- *  privkey_blob buffer is too small.
- * Returns NTRU_NO_MEMORY if memory needed cannot be allocated from the heap.
- * Returns NTRU_FAIL if the polynomial generated for f is not invertible in
- *  (Z/qZ)[X]/(X^N - 1), which is extremely unlikely.
- *  Should this occur, this function should simply be invoked again.
- */
-
-uint32_t
-ntru_crypto_ntru_encrypt_keygen(
-    ntru_drbg_t               *drbg,             /*     in - handle of DRBG */
-    NTRU_ENCRYPT_PARAM_SET_ID  param_set_id,     /*     in - parameter set ID */
-    uint16_t                  *pubkey_blob_len,  /* in/out - no. of octets in
-                                                             pubkey_blob, addr
-                                                             for no. of octets
-                                                             in pubkey_blob */
-    uint8_t                   *pubkey_blob,      /*    out - address for
-                                                             public key blob */
-    uint16_t                  *privkey_blob_len, /* in/out - no. of octets in
-                                                             privkey_blob, addr
-                                                             for no. of octets
-                                                             in privkey_blob */
-    uint8_t                   *privkey_blob)     /*    out - address for
-                                                             private key blob */
-{
-    NTRU_ENCRYPT_PARAM_SET *params = NULL;
-    uint16_t                public_key_blob_len;
-    uint16_t                private_key_blob_len;
-    uint8_t                 pubkey_pack_type;
-    uint8_t                 privkey_pack_type;
-    size_t                  scratch_buf_len;
-    uint32_t                dF;
-    uint32_t                dF1 = 0;
-    uint32_t                dF2 = 0;
-    uint32_t                dF3 = 0;
-    uint16_t               *scratch_buf = NULL;
-    uint16_t               *ringel_buf1 = NULL;
-    uint16_t               *ringel_buf2 = NULL;
-    uint8_t                *tmp_buf = NULL;
-    uint16_t                mod_q_mask;
-    hash_algorithm_t        hash_algid;
-    uint16_t                seed_len;
-	chunk_t					seed;
-    uint32_t                result = NTRU_OK;
-	ntru_poly_t			   *F_poly = NULL;
-	ntru_poly_t            *g_poly = NULL;
-	uint16_t			   *F_indices;
-
-    /* get a pointer to the parameter-set parameters */
-
-    if ((params = ntru_encrypt_get_params_with_id(param_set_id)) == NULL)
-	{
-		return NTRU_INVALID_PARAMETER_SET;
-	}
-
-    /* check for bad parameters */
-
-    if (!pubkey_blob_len || !privkey_blob_len)
-	{
-		return NTRU_BAD_PARAMETER;
-	}
-
-    /* get public and private key packing types and blob lengths */
-
-    ntru_crypto_ntru_encrypt_key_get_blob_params(params, &pubkey_pack_type,
-                                                 &public_key_blob_len,
-                                                 &privkey_pack_type,
-                                                 &private_key_blob_len);
-
-    /* return the pubkey_blob size and/or privkey_blob size if requested */
-
-    if (!pubkey_blob || !privkey_blob)
-	{
-        if (!pubkey_blob)
-            *pubkey_blob_len = public_key_blob_len;
-        if (!privkey_blob)
-            *privkey_blob_len = private_key_blob_len;
-		return NTRU_OK;
-    }
-
-    /* check size of output buffers */
-
-    if ((*pubkey_blob_len < public_key_blob_len) ||
-            (*privkey_blob_len < private_key_blob_len))
-	{
-		return NTRU_BUFFER_TOO_SMALL;
-	}
-
-    /* allocate memory for all operations */
-    if (params->is_product_form) {
-        dF1 =  params->dF_r & 0xff;
-        dF2 = (params->dF_r >> 8) & 0xff;
-        dF3 = (params->dF_r >> 16) & 0xff;
-        dF = dF1 + dF2 + dF3;
-    } else {
-        dF = params->dF_r;
-    }
-
-    scratch_buf_len = (params->N * 8) +     /* 4N-byte temp buffer for ring inv
-                                                and other intermediate results,
-                                               2N-byte buffer for f, g indices
-                                                and overflow from temp buffer,
-                                               2N-byte buffer for f^-1 */
-                      (dF << 2);            /* buffer for F indices */
-    scratch_buf = malloc(scratch_buf_len);
-	if (!scratch_buf)
-	{
-		return NTRU_OUT_OF_MEMORY;
-    }
-    ringel_buf1 = scratch_buf + (params->N << 1);
-    ringel_buf2 = ringel_buf1 + params->N;
-    tmp_buf = (uint8_t *)scratch_buf;
-
-	/* set hash algorithm and seed length based on security strength */
-    if (params->sec_strength_len <= 20)
-	{
-		hash_algid = HASH_SHA1;
-	}
-	else
-	{
-		hash_algid = HASH_SHA256;
-	}
-	seed_len = params->sec_strength_len + 8;
-
-    /* set constants */
-
-    mod_q_mask = params->q - 1;
-
-    /* get random bytes for seed for generating trinary F
-     * as a list of indices
-     */
-
-    if (drbg->generate(drbg, params->sec_strength_len * BITS_PER_BYTE,
-							 seed_len, tmp_buf))
-	{
-		result = NTRU_OK;
-	}
-	else
-	{
-		result = NTRU_DRBG_FAIL;
-	}
-
-	if (result == NTRU_OK)
-	{
-		DBG2(DBG_LIB, "generate polynomial F");
-
-		seed = chunk_create(tmp_buf, seed_len);
-		F_poly = ntru_poly_create_from_seed(hash_algid, seed, params->c_bits,
-											params->N, params->q,
-											params->dF_r, params->dF_r,
-											params->is_product_form);
-		if (!F_poly)
-		{
-		   result = NTRU_MGF1_FAIL;
-		}
-    }
-
-	if (result == NTRU_OK)
-	{
-		int i;
-
-		F_poly->get_array(F_poly, ringel_buf1);
-
-		/* form f = 1 + pF */
-		for (i = 0; i < params->N; i++)
-		{
-			ringel_buf1[i] = (ringel_buf1[i] * 3) & mod_q_mask;
-		}
-		ringel_buf1[0] = (ringel_buf1[0] + 1) & mod_q_mask;
-
-		/* find f^-1 in (Z/qZ)[X]/(X^N - 1) */
-		if (!ntru_ring_inv(ringel_buf1, params->N, params->q,
-						   scratch_buf, ringel_buf2))
-		{
-			result = NTRU_FAIL;
-		}
-	}
-
-	if (result == NTRU_OK)
-	{
-
-        /* get random bytes for seed for generating trinary polynomial g
-         * as a list of indices
-         */
-        if (!drbg->generate(drbg, params->sec_strength_len * BITS_PER_BYTE,
-								  seed_len, tmp_buf))
-		{
-			result = NTRU_DRBG_FAIL;
-		}
-    }
-
-	if (result == NTRU_OK)
-	{
-		DBG2(DBG_LIB, "generate polynomial g");
-
-		seed = chunk_create(tmp_buf, seed_len);
-		g_poly = ntru_poly_create_from_seed(hash_algid, seed, params->c_bits,
-											params->N, params->q,
-											params->dg + 1, params->dg, FALSE);
-		if (!g_poly)
-		{
-		   result = NTRU_MGF1_FAIL;
-		}
-   }
-
-	if (result == NTRU_OK)
-	{
-		uint16_t i;
-
-		/* compute h = p * (f^-1 * g) mod q */
-		g_poly->ring_mult(g_poly, ringel_buf2, ringel_buf2);
-		g_poly->destroy(g_poly);
-
-		for (i = 0; i < params->N; i++)
-		{
-			ringel_buf2[i] = (ringel_buf2[i] * 3) & mod_q_mask;
-		}
-
-		/* create public key blob */
-		ntru_crypto_ntru_encrypt_key_create_pubkey_blob(params, ringel_buf2,
-													    pubkey_pack_type,
-														pubkey_blob);
-		*pubkey_blob_len = public_key_blob_len;
-
-		/* create private key blob */
-		F_indices = F_poly->get_indices(F_poly);
-		ntru_crypto_ntru_encrypt_key_create_privkey_blob(params, ringel_buf2,
-														 F_indices,
-														 privkey_pack_type,
-														 tmp_buf, privkey_blob);
-		*privkey_blob_len = private_key_blob_len;
-    }
-
-	/* cleanup */
-	DESTROY_IF(F_poly);
-	memset(scratch_buf, 0, scratch_buf_len);
-	free(scratch_buf);
-  
-	return result;
-}
diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_key.c b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_key.c
deleted file mode 100644
index 90baaadf3..000000000
--- a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_key.c
+++ /dev/null
@@ -1,360 +0,0 @@
-/******************************************************************************
- * NTRU Cryptography Reference Source Code
- * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved. 
- *
- * ntru_crypto_ntru_encrypt_key.c is a component of ntru-crypto.
- *
- * Copyright (C) 2009-2013  Security Innovation
- * 
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
- * 
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- * 
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- *
- *****************************************************************************/
- 
-/******************************************************************************
- *
- * File: ntru_crypto_ntru_encrypt_key.c
- *
- * Contents: Routines for exporting and importing public and private keys
- *           for NTRUEncrypt.
- *
- *****************************************************************************/
-
-
-#include <stdlib.h>
-#include <string.h>
-#include <assert.h>
-#include "ntru_crypto_ntru_encrypt_key.h"
-
-
-/* ntru_crypto_ntru_encrypt_key_parse
- *
- * Parses an NTRUEncrypt key blob.
- * If the blob is not corrupt, returns packing types for public and private
- * keys, a pointer to the parameter set, a pointer to the public key, and
- * a pointer to the private key if it exists.
- *
- * Returns TRUE if successful.
- * Returns FALSE if the blob is invalid.
- */
-
-bool
-ntru_crypto_ntru_encrypt_key_parse(
-    bool                     pubkey_parse,      /*  in - if parsing pubkey
-                                                         blob */
-    uint16_t                 key_blob_len,      /*  in - no. octets in key
-                                                         blob */
-    uint8_t const           *key_blob,          /*  in - pointer to key blob */
-    uint8_t                 *pubkey_pack_type,  /* out - addr for pubkey
-                                                         packing type */
-    uint8_t                 *privkey_pack_type, /* out - addr for privkey
-                                                         packing type */
-    NTRU_ENCRYPT_PARAM_SET **params,            /* out - addr for ptr to
-                                                         parameter set */
-    uint8_t const          **pubkey,            /* out - addr for ptr to
-                                                         packed pubkey */
-    uint8_t const          **privkey)           /* out - addr for ptr to
-                                                         packed privkey */
-{
-    uint8_t tag;
-
-    assert(key_blob_len);
-    assert(key_blob);
-    assert(pubkey_pack_type);
-    assert(params);
-    assert(pubkey);
-
-    /* parse key blob based on tag */
-
-    tag = key_blob[0];
-    switch (tag) {
-        case NTRU_ENCRYPT_PUBKEY_TAG:
-            if (!pubkey_parse)
-                return FALSE;
-            break;
-        case NTRU_ENCRYPT_PRIVKEY_DEFAULT_TAG:
-        case NTRU_ENCRYPT_PRIVKEY_TRITS_TAG:
-        case NTRU_ENCRYPT_PRIVKEY_INDICES_TAG:
-            assert(privkey_pack_type);
-            assert(privkey);
-            if (pubkey_parse)
-                return FALSE;
-            break;
-        default:
-            return FALSE;
-    }
-
-    switch (tag) {
-        case NTRU_ENCRYPT_PUBKEY_TAG:
-        case NTRU_ENCRYPT_PRIVKEY_DEFAULT_TAG:
-        case NTRU_ENCRYPT_PRIVKEY_TRITS_TAG:
-        case NTRU_ENCRYPT_PRIVKEY_INDICES_TAG:
-
-            /* Version 0:
-             *  byte  0:   tag
-             *  byte  1:   no. of octets in OID
-             *  bytes 2-4: OID
-             *  bytes 5- : packed pubkey
-             *             [packed privkey]
-             */
-
-        {
-            NTRU_ENCRYPT_PARAM_SET *p = NULL;
-            uint16_t pubkey_packed_len;
-
-            /* check OID length and minimum blob length for tag and OID */
-
-            if ((key_blob_len < 5) || (key_blob[1] != 3))
-                return FALSE;
-
-            /* get a pointer to the parameter set corresponding to the OID */
-
-            if ((p = ntru_encrypt_get_params_with_OID(key_blob + 2)) == NULL)
-                return FALSE;
-
-            /* check blob length and assign pointers to blob fields */
-
-            pubkey_packed_len = (p->N * p->q_bits + 7) / 8;
-            if (pubkey_parse) { /* public-key parsing */
-                if (key_blob_len != 5 + pubkey_packed_len)
-                    return FALSE;
-
-                *pubkey = key_blob + 5;
-
-            } else { /* private-key parsing */
-                uint16_t privkey_packed_len;
-                uint16_t privkey_packed_trits_len = (p->N + 4) / 5;
-                uint16_t privkey_packed_indices_len;
-                uint16_t dF;
-
-                /* check packing type for product-form private keys */
-
-                if (p->is_product_form &&
-                        (tag == NTRU_ENCRYPT_PRIVKEY_TRITS_TAG))
-                    return FALSE;
-
-                /* set packed-key length for packed indices */
-
-                if (p->is_product_form)
-                    dF = (uint16_t)( (p->dF_r & 0xff) +            /* df1 */
-                                    ((p->dF_r >>  8) & 0xff) +     /* df2 */
-                                    ((p->dF_r >> 16) & 0xff));     /* df3 */
-                else
-                    dF = (uint16_t)p->dF_r;
-                privkey_packed_indices_len = ((dF << 1) * p->N_bits + 7) >> 3;
-
-                /* set private-key packing type if defaulted */
-
-                if (tag == NTRU_ENCRYPT_PRIVKEY_DEFAULT_TAG) {
-                    if (p->is_product_form ||
-                            (privkey_packed_indices_len <=
-                             privkey_packed_trits_len))
-                        tag = NTRU_ENCRYPT_PRIVKEY_INDICES_TAG;
-                    else
-                        tag = NTRU_ENCRYPT_PRIVKEY_TRITS_TAG;
-                }
-
-                if (tag == NTRU_ENCRYPT_PRIVKEY_TRITS_TAG)
-                    privkey_packed_len = privkey_packed_trits_len;
-                else
-                    privkey_packed_len = privkey_packed_indices_len;
-
-                if (key_blob_len != 5 + pubkey_packed_len + privkey_packed_len)
-                    return FALSE;
-
-                *pubkey = key_blob + 5;
-                *privkey = *pubkey + pubkey_packed_len;
-                *privkey_pack_type = (tag == NTRU_ENCRYPT_PRIVKEY_TRITS_TAG) ?
-                    NTRU_ENCRYPT_KEY_PACKED_TRITS :
-                    NTRU_ENCRYPT_KEY_PACKED_INDICES;
-            }
-
-            /* return parameter set pointer */
-
-            *pubkey_pack_type = NTRU_ENCRYPT_KEY_PACKED_COEFFICIENTS;
-            *params = p;
-        }
-        default:
-            break;  /* can't get here */
-    }
-    return TRUE;
-}
-
-
-/* ntru_crypto_ntru_encrypt_key_get_blob_params
- *
- * Returns public and private key packing types and blob lengths given
- * a packing format.  For now, only a default packing format exists.
- *
- * Only public-key params may be returned by setting privkey_pack_type
- * and privkey_blob_len to NULL.
- */
-
-void
-ntru_crypto_ntru_encrypt_key_get_blob_params(
-    NTRU_ENCRYPT_PARAM_SET const *params,             /*  in - pointer to
-                                                               param set
-                                                               parameters */
-    uint8_t                      *pubkey_pack_type,   /* out - addr for pubkey
-                                                               packing type */
-    uint16_t                     *pubkey_blob_len,    /* out - addr for no. of
-                                                               bytes in
-                                                               pubkey blob */
-    uint8_t                      *privkey_pack_type,  /* out - addr for privkey
-                                                               packing type */
-    uint16_t                     *privkey_blob_len)   /* out - addr for no. of
-                                                               bytes in
-                                                               privkey blob */
-{
-    uint16_t pubkey_packed_len = (params->N * params->q_bits + 7) >> 3;
-
-    assert(params);
-    assert(pubkey_pack_type);
-    assert(pubkey_blob_len);
-
-    *pubkey_pack_type = NTRU_ENCRYPT_KEY_PACKED_COEFFICIENTS;
-    *pubkey_blob_len = 5 + pubkey_packed_len;
-
-    if (privkey_pack_type && privkey_blob_len) {
-        uint16_t privkey_packed_trits_len = (params->N + 4) / 5;
-        uint16_t privkey_packed_indices_len;
-        uint16_t dF;
-
-        if (params->is_product_form)
-            dF = (uint16_t)( (params->dF_r & 0xff) +            /* df1 */
-                            ((params->dF_r >>  8) & 0xff) +     /* df2 */
-                            ((params->dF_r >> 16) & 0xff));     /* df3 */
-        else
-            dF = (uint16_t)params->dF_r;
-        privkey_packed_indices_len = ((dF << 1) * params->N_bits + 7) >> 3;
-
-        if (params->is_product_form ||
-                (privkey_packed_indices_len <= privkey_packed_trits_len)) {
-            *privkey_pack_type = NTRU_ENCRYPT_KEY_PACKED_INDICES;
-            *privkey_blob_len =
-                5 + pubkey_packed_len + privkey_packed_indices_len;
-        } else {
-            *privkey_pack_type = NTRU_ENCRYPT_KEY_PACKED_TRITS;
-            *privkey_blob_len =
-                5 + pubkey_packed_len + privkey_packed_trits_len;
-        }
-    }
-}
-
-
-/* ntru_crypto_ntru_encrypt_key_create_pubkey_blob
- *
- * Returns a public key blob, packed according to the packing type provided.
- */
-
-void
-ntru_crypto_ntru_encrypt_key_create_pubkey_blob(
-    NTRU_ENCRYPT_PARAM_SET const *params,             /*  in - pointer to
-                                                               param set
-                                                               parameters */
-    uint16_t const               *pubkey,             /*  in - pointer to the
-                                                               coefficients
-                                                               of the pubkey */
-    uint8_t                       pubkey_pack_type,   /* out - pubkey packing
-                                                               type */
-    uint8_t                      *pubkey_blob)        /* out - addr for the
-                                                               pubkey blob */
-{
-    assert(params);
-    assert(pubkey);
-    assert(pubkey_blob);
-
-    switch (pubkey_pack_type) {
-        case NTRU_ENCRYPT_KEY_PACKED_COEFFICIENTS:
-            *pubkey_blob++ = NTRU_ENCRYPT_PUBKEY_TAG;
-            *pubkey_blob++ = (uint8_t)sizeof(params->OID);
-            memcpy(pubkey_blob, params->OID, sizeof(params->OID));
-            pubkey_blob += sizeof(params->OID);
-            ntru_elements_2_octets(params->N, pubkey, params->q_bits,
-                                   pubkey_blob);
-            break;
-        default:
-            assert(FALSE);
-    }
-}
-
-
-/* ntru_crypto_ntru_encrypt_key_create_privkey_blob
- *
- * Returns a private key blob, packed according to the packing type provided.
- */
-
-void
-ntru_crypto_ntru_encrypt_key_create_privkey_blob(
-    NTRU_ENCRYPT_PARAM_SET const *params,             /*  in - pointer to
-                                                               param set
-                                                               parameters */
-    uint16_t const               *pubkey,             /*  in - pointer to the
-                                                               coefficients
-                                                               of the pubkey */
-    uint16_t const               *privkey,            /*  in - pointer to the
-                                                               indices of the
-                                                               privkey */
-    uint8_t                       privkey_pack_type,  /*  in - privkey packing
-                                                               type */
-    uint8_t                      *buf,                /*  in - temp, N bytes */
-    uint8_t                      *privkey_blob)       /* out - addr for the
-                                                               privkey blob */
-{
-    assert(params);
-    assert(pubkey);
-    assert(privkey);
-    assert(privkey_blob);
-
-    switch (privkey_pack_type) {
-        case NTRU_ENCRYPT_KEY_PACKED_TRITS:
-        case NTRU_ENCRYPT_KEY_PACKED_INDICES:
-
-            /* format header and packed public key */
-
-            *privkey_blob++ = NTRU_ENCRYPT_PRIVKEY_DEFAULT_TAG;
-            *privkey_blob++ = (uint8_t)sizeof(params->OID);
-            memcpy(privkey_blob, params->OID, sizeof(params->OID));
-            privkey_blob += sizeof(params->OID);
-            ntru_elements_2_octets(params->N, pubkey, params->q_bits,
-                                   privkey_blob);
-            privkey_blob += (params->N * params->q_bits + 7) >> 3;
-
-            /* add packed private key */
-
-            if (privkey_pack_type == NTRU_ENCRYPT_KEY_PACKED_TRITS) {
-                ntru_indices_2_packed_trits(privkey, (uint16_t)params->dF_r,
-                                            (uint16_t)params->dF_r,
-                                            params->N, buf, privkey_blob);
-            } else {
-                uint32_t dF;
-
-                if (params->is_product_form) {
-                    dF =  (params->dF_r & 0xff) +
-                         ((params->dF_r >> 8) & 0xff) +
-                         ((params->dF_r >> 16) & 0xff);
-                } else {
-                    dF = params->dF_r;
-                }
-                ntru_elements_2_octets((uint16_t)dF << 1, privkey,
-                                       params->N_bits, privkey_blob);
-            }
-            break;
-        default:
-            assert(FALSE);
-            break;
-    }
-}
-
-
diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_key.h b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_key.h
deleted file mode 100644
index 6734f2a4c..000000000
--- a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_key.h
+++ /dev/null
@@ -1,167 +0,0 @@
-/******************************************************************************
- * NTRU Cryptography Reference Source Code
- * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved. 
- *
- * ntru_crypto_ntru_cencrypt_key.h is a component of ntru-crypto.
- *
- * Copyright (C) 2009-2013  Security Innovation
- * 
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
- * 
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- * 
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- *
- *****************************************************************************/
-
-
-#ifndef NTRU_CRYPTO_NTRU_ENCRYPT_KEY_H
-#define NTRU_CRYPTO_NTRU_ENCRYPT_KEY_H
-
-#include "ntru_crypto_ntru_convert.h"
-#include "ntru_crypto_ntru_encrypt_param_sets.h"
-
-
-/* key-blob definitions */
-
-#define NTRU_ENCRYPT_PUBKEY_TAG           0x01
-#define NTRU_ENCRYPT_PRIVKEY_DEFAULT_TAG  0x02
-#define NTRU_ENCRYPT_PRIVKEY_TRITS_TAG    0xfe
-#define NTRU_ENCRYPT_PRIVKEY_INDICES_TAG  0xff
-
-/* packing types */
-
-#define NTRU_ENCRYPT_KEY_PACKED_COEFFICIENTS    0x01
-#define NTRU_ENCRYPT_KEY_PACKED_INDICES         0x02
-#define NTRU_ENCRYPT_KEY_PACKED_TRITS           0x03
-
-/* function declarations */
-
-
-/* ntru_crypto_ntru_encrypt_key_parse
- *
- * Parses an NTRUEncrypt key blob.
- * If the blob is not corrupt, returns packing types for public and private
- * keys, a pointer to the parameter set, a pointer to the public key, and
- * a pointer to the private key if it exists.
- *
- * Returns TRUE if successful.
- * Returns FALSE if the blob is invalid.
- */
-
-extern bool
-ntru_crypto_ntru_encrypt_key_parse(
-    bool                     pubkey_parse,      /*  in - if parsing pubkey
-                                                         blob */
-    uint16_t                 key_blob_len,      /*  in - no. octets in key
-                                                         blob */
-    uint8_t const           *key_blob,          /*  in - pointer to key blob */
-    uint8_t                 *pubkey_pack_type,  /* out - addr for pubkey
-                                                         packing type */
-    uint8_t                 *privkey_pack_type, /* out - addr for privkey
-                                                         packing type */
-    NTRU_ENCRYPT_PARAM_SET **params,            /* out - addr for ptr to
-                                                         parameter set */
-    uint8_t const          **pubkey,            /* out - addr for ptr to
-                                                         packed pubkey */
-    uint8_t const          **privkey);          /* out - addr for ptr to
-                                                         packed privkey */
-
-
-/* ntru_crypto_ntru_encrypt_key_get_blob_params
- *
- * Returns public and private key packing types and blob lengths given
- * a packing format.  For now, only a default packing format exists.
- *
- * Only public-key params may be returned by setting privkey_pack_type
- * and privkey_blob_len to NULL.
- */
-
-extern void
-ntru_crypto_ntru_encrypt_key_get_blob_params(
-    NTRU_ENCRYPT_PARAM_SET const *params,             /*  in - pointer to
-                                                               param set
-                                                               parameters */
-    uint8_t                      *pubkey_pack_type,   /* out - addr for pubkey
-                                                               packing type */
-    uint16_t                     *pubkey_blob_len,    /* out - addr for no. of
-                                                               bytes in
-                                                               pubkey blob */
-    uint8_t                      *privkey_pack_type,  /* out - addr for privkey
-                                                               packing type */
-    uint16_t                     *privkey_blob_len);  /* out - addr for no. of
-                                                               bytes in
-                                                               privkey blob */
-
-
-/* ntru_crypto_ntru_encrypt_key_create_pubkey_blob
- *
- * Returns a public key blob, packed according to the packing type provided.
- */
-
-extern void
-ntru_crypto_ntru_encrypt_key_create_pubkey_blob(
-    NTRU_ENCRYPT_PARAM_SET const *params,             /*  in - pointer to
-                                                               param set
-                                                               parameters */
-    uint16_t const               *pubkey,             /*  in - pointer to the
-                                                               coefficients
-                                                               of the pubkey */
-    uint8_t                       pubkey_pack_type,   /* out - addr for pubkey
-                                                               packing type */
-    uint8_t                      *pubkey_blob);       /* out - addr for the
-                                                               pubkey blob */
-
-
-/* ntru_crypto_ntru_encrypt_key_recreate_pubkey_blob
- *
- * Returns a public key blob, recreated from an already-packed public key.
- */
-
-extern void
-ntru_crypto_ntru_encrypt_key_recreate_pubkey_blob(
-    NTRU_ENCRYPT_PARAM_SET const *params,             /*  in - pointer to
-                                                               param set
-                                                               parameters */
-    uint16_t                      packed_pubkey_len,  /*  in - no. octets in
-                                                               packed pubkey */
-    uint8_t const                *packed_pubkey,      /*  in - pointer to the
-                                                               packed pubkey */
-    uint8_t                       pubkey_pack_type,   /* out - pubkey packing
-                                                               type */
-    uint8_t                      *pubkey_blob);       /* out - addr for the
-                                                               pubkey blob */
-
-
-/* ntru_crypto_ntru_encrypt_key_create_privkey_blob
- *
- * Returns a privlic key blob, packed according to the packing type provided.
- */
-
-extern void
-ntru_crypto_ntru_encrypt_key_create_privkey_blob(
-    NTRU_ENCRYPT_PARAM_SET const *params,             /*  in - pointer to
-                                                               param set
-                                                               parameters */
-    uint16_t const               *pubkey,             /*  in - pointer to the
-                                                               coefficients
-                                                               of the pubkey */
-    uint16_t const               *privkey,            /*  in - pointer to the
-                                                               indices of the
-                                                               privkey */
-    uint8_t                       privkey_pack_type,  /*  in - privkey packing
-                                                               type */
-    uint8_t                      *buf,                /*  in - temp, N bytes */
-    uint8_t                      *privkey_blob);      /* out - addr for the
-                                                               privkey blob */
-
-
-#endif /* NTRU_CRYPTO_NTRU_ENCRYPT_KEY_H */
diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.h b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.h
deleted file mode 100644
index e5e977a0e..000000000
--- a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.h
+++ /dev/null
@@ -1,101 +0,0 @@
-/******************************************************************************
- * NTRU Cryptography Reference Source Code
- * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved. 
- *
- * ntru_crypto_ntru_encrypt_param_sets.h is a component of ntru-crypto.
- *
- * Copyright (C) 2009-2013  Security Innovation
- * 
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
- * 
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- * 
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- *
- *****************************************************************************/
- 
-/******************************************************************************
- *
- * File: ntru_crypto_ntru_encrypt_param_sets.h
- *
- * Contents: Definitions and declarations for the NTRUEncrypt parameter sets.
- *
- *****************************************************************************/
-
-#ifndef NTRU_CRYPTO_NTRU_ENCRYPT_PARAM_SETS_H
-#define NTRU_CRYPTO_NTRU_ENCRYPT_PARAM_SETS_H
-
-#include "ntru_crypto.h"
-
-/* structures */
-
-typedef struct _NTRU_ENCRYPT_PARAM_SET {
-    NTRU_ENCRYPT_PARAM_SET_ID id;                 /* parameter-set ID */
-    uint8_t const             OID[3];             /* pointer to OID */
-    uint8_t                   der_id;             /* parameter-set DER id */
-    uint8_t                   N_bits;             /* no. of bits in N (i.e. in
-                                                     an index */
-    uint16_t                  N;                  /* ring dimension */
-    uint16_t                  sec_strength_len;   /* no. of octets of
-                                                     security strength */
-    uint16_t                  q;                  /* big modulus */
-    uint8_t                   q_bits;             /* no. of bits in q (i.e. in
-                                                     a coefficient */
-    bool                      is_product_form;    /* if product form used */
-    uint32_t                  dF_r;               /* no. of 1 or -1 coefficients
-                                                     in ring elements F, r */
-    uint16_t                  dg;                 /* no. - 1 of 1 coefficients
-                                                     or no. of -1 coefficients
-                                                     in ring element g */
-    uint16_t                  m_len_max;          /* max no. of plaintext
-                                                     octets */
-    uint16_t                  min_msg_rep_wt;     /* min. message
-                                                     representative weight */
-    uint8_t                   c_bits;             /* no. bits in candidate for
-                                                     deriving an index in
-                                                     IGF-2 */
-    uint8_t                   m_len_len;          /* no. of octets to hold
-                                                     mLenOctets */
-} NTRU_ENCRYPT_PARAM_SET;
-
-
-
-/* function declarations */
-
-/* ntru_encrypt_get_params_with_id
- *
- * Looks up a set of NTRU Encrypt parameters based on the id of the
- * parameter set.
- *
- * Returns a pointer to the parameter set parameters if successful.
- * Returns NULL if the parameter set cannot be found.
- */
-
-extern NTRU_ENCRYPT_PARAM_SET *
-ntru_encrypt_get_params_with_id(
-    NTRU_ENCRYPT_PARAM_SET_ID id);  /*  in - parameter-set id */
-
-
-/* ntru_encrypt_get_params_with_OID
- *
- * Looks up a set of NTRU Encrypt parameters based on the OID of the
- * parameter set.
- *
- * Returns a pointer to the parameter set parameters if successful.
- * Returns NULL if the parameter set cannot be found.
- */
-
-extern NTRU_ENCRYPT_PARAM_SET *
-ntru_encrypt_get_params_with_OID(
-    uint8_t const *oid);            /*  in - pointer to parameter-set OID */
-
-#endif /* NTRU_CRYPTO_NTRU_ENCRYPT_PARAM_SETS_H */
-
diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.c b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.c
deleted file mode 100644
index 8e4eede87..000000000
--- a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.c
+++ /dev/null
@@ -1,242 +0,0 @@
-/******************************************************************************
- * NTRU Cryptography Reference Source Code
- * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved. 
- *
- * ntru_crypto_ntru_poly.c is a component of ntru-crypto.
- *
- * Copyright (C) 2009-2013  Security Innovation
- * 
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
- * 
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- * 
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- *
- *****************************************************************************/
- 
-#include <stdlib.h>
-#include <string.h>
-#include "ntru_crypto_ntru_poly.h"
-
-/* ntru_poly_check_min_weight
- *
- * Checks that the number of 0, +1, and -1 trinary ring elements meet or exceed
- * a minimum weight.
- */
-
-bool
-ntru_poly_check_min_weight(
-    uint16_t  num_els,              /*  in - degree of polynomial */
-    uint8_t  *ringels,              /*  in - pointer to trinary ring elements */
-    uint16_t  min_wt)               /*  in - minimum weight */
-{
-    uint16_t wt[3];
-    uint16_t i;
-
-    wt[0] = wt[1] = wt[2] = 0;
-    for (i = 0; i < num_els; i++) {
-       ++wt[ringels[i]];
-    }
-    if ((wt[0] < min_wt) || (wt[1] < min_wt) || (wt[2] < min_wt)) {
-        return FALSE;
-    }
-    return TRUE;
-}
-
-/* ntru_ring_mult_coefficients
- *
- * Multiplies ring element (polynomial) "a" by ring element (polynomial) "b"
- * to produce ring element (polynomial) "c" in (Z/qZ)[X]/(X^N - 1).
- * This is a convolution operation.
- *
- * Ring element "b" has coefficients in the range [0,N).
- *
- * This assumes q is 2^r where 8 < r < 16, so that overflow of the sum
- * beyond 16 bits does not matter.
- */
-
-void
-ntru_ring_mult_coefficients(
-    uint16_t const *a,          /*  in - pointer to polynomial a */
-    uint16_t const *b,          /*  in - pointer to polynomial b */
-    uint16_t        N,          /*  in - no. of coefficients in a, b, c */
-    uint16_t        q,          /*  in - large modulus */
-    uint16_t       *c)          /* out - address for polynomial c */
-{
-    uint16_t const *bptr = b;
-    uint16_t        mod_q_mask = q - 1;
-    uint16_t        i, k;
-
-    /* c[k] = sum(a[i] * b[k-i]) mod q */
-    memset(c, 0, N * sizeof(uint16_t));
-    for (k = 0; k < N; k++) {
-        i = 0;
-        while (i <= k)
-            c[k] += a[i++] * *bptr--;
-        bptr += N;
-        while (i < N)
-            c[k] += a[i++] * *bptr--;
-        c[k] &= mod_q_mask;
-        ++bptr;
-    }
-}
-
-
-/* ntru_ring_inv
- *
- * Finds the inverse of a polynomial, a, in (Z/2^rZ)[X]/(X^N - 1).
- *
- * This assumes q is 2^r where 8 < r < 16, so that operations mod q can
- * wait until the end, and only 16-bit arrays need to be used.
- */
-
-bool
-ntru_ring_inv(
-    uint16_t       *a,          /*  in - pointer to polynomial a */
-    uint16_t        N,          /*  in - no. of coefficients in a */
-    uint16_t        q,          /*  in - large modulus */
-    uint16_t       *t,          /*  in - temp buffer of 2N elements */
-    uint16_t       *a_inv)      /* out - address for polynomial a^-1 */
-{
-    uint8_t  *b = (uint8_t *)t;     /* b cannot be in a_inv since it must be
-                                       rotated and copied there as a^-1 mod 2 */
-    uint8_t  *c = b + N;            /* c cannot be in a_inv since it exchanges
-                                       with b, and b cannot be in a_inv */
-    uint8_t  *f = c + N;
-    uint8_t  *g = (uint8_t *)a_inv; /* g needs N + 1 bytes */
-    uint16_t *t2 = t + N;
-    uint16_t  deg_b;
-    uint16_t  deg_c;
-    uint16_t  deg_f;
-    uint16_t  deg_g;
-    uint16_t  k = 0;
-    bool      done = FALSE;
-    uint16_t  i, j;
-
-    /* form a^-1 in (Z/2Z)[X]/X^N - 1) */
-    memset(b, 0, (N << 1));                /* clear to init b, c */
-
-    /* b(X) = 1 */
-    b[0] = 1;
-    deg_b = 0;
-
-    /* c(X) = 0 (cleared above) */
-    deg_c = 0;
-
-    /* f(X) = a(X) mod 2 */
-    for (i = 0; i < N; i++)
-        f[i] = (uint8_t)(a[i] & 1);
-    deg_f = N - 1;
-
-    /* g(X) = X^N - 1 */
-    g[0] = 1;
-    memset(g + 1, 0, N - 1);
-    g[N] = 1;
-    deg_g = N;
-
-    /* until f(X) = 1 */
-
-	while (!done)
-	{
-
-        /* while f[0] = 0, f(X) /= X, c(X) *= X, k++ */
-
-        for (i = 0; (i <= deg_f) && (f[i] == 0); ++i);
-        if (i > deg_f)
-            return FALSE;
-        if (i) {
-            f = f + i;
-            deg_f = deg_f - i;
-            deg_c = deg_c + i;
-            for (j = deg_c; j >= i; j--)
-                c[j] = c[j-i];
-            for (j = 0; j < i; j++)
-                c[j] = 0;
-            k = k + i;
-        }
-
-        /* adjust degree of f(X) if the highest coefficients are zero
-         * Note: f[0] = 1 from above so the loop will terminate.
-         */
-
-        while (f[deg_f] == 0)
-            --deg_f;
-
-        /* if f(X) = 1, done
-         * Note: f[0] = 1 from above, so only check the x term and up
-         */
-
-        for (i = 1; (i <= deg_f) && (f[i] == 0); ++i);
-        if (i > deg_f) {
-            done = TRUE;
-            break;
-        }
-
-        /* if deg_f < deg_g, f <-> g, b <-> c */
-
-        if (deg_f < deg_g) {
-            uint8_t *x;
-
-            x = f;
-            f = g;
-            g = x;
-            deg_f ^= deg_g;
-            deg_g ^= deg_f;
-            deg_f ^= deg_g;
-            x = b;
-            b = c;
-            c = x;
-            deg_b ^= deg_c;
-            deg_c ^= deg_b;
-            deg_b ^= deg_c;
-        }
-
-        /* f(X) += g(X), b(X) += c(X) */
-
-        for (i = 0; i <= deg_g; i++)
-            f[i] ^= g[i];
-
-        if (deg_c > deg_b)
-            deg_b = deg_c;
-        for (i = 0; i <= deg_c; i++)
-            b[i] ^= c[i];
-    }
-
-    /* a^-1 in (Z/2Z)[X]/(X^N - 1) = b(X) shifted left k coefficients */
-
-    j = 0;
-    if (k >= N)
-        k = k - N;
-    for (i = k; i < N; i++)
-        a_inv[j++] = (uint16_t)(b[i]);
-    for (i = 0; i < k; i++)
-        a_inv[j++] = (uint16_t)(b[i]);
-
-    /* lift a^-1 in (Z/2Z)[X]/(X^N - 1) to a^-1 in (Z/qZ)[X]/(X^N -1) */
-
-    for (j = 0; j < 4; ++j) {       /* assumes 256 < q <= 65536 */
-
-        /* a^-1 = a^-1 * (2 - a * a^-1) mod q */
-
-        memcpy(t2, a_inv, N * sizeof(uint16_t));
-        ntru_ring_mult_coefficients(a, t2, N, q, t);
-        for (i = 0; i < N; ++i)
-            t[i] = q - t[i];
-        t[0] = t[0] + 2;
-        ntru_ring_mult_coefficients(t2, t, N, q, a_inv);
-    }
-
-    return TRUE;
-
-
-}
-
-
diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.h b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.h
deleted file mode 100644
index 1e9d467ed..000000000
--- a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.h
+++ /dev/null
@@ -1,96 +0,0 @@
-/******************************************************************************
- * NTRU Cryptography Reference Source Code
- * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved. 
- *
- * ntru_crypto_ntru_poly.h is a component of ntru-crypto.
- *
- * Copyright (C) 2009-2013  Security Innovation
- * 
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
- * 
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- * 
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- *
- *****************************************************************************/
- 
-/******************************************************************************
- *
- * File:  ntru_crypto_ntru_poly.h
- *
- * Contents: Public header file for generating and operating on polynomials
- *           in the NTRU algorithm.
- *
- *****************************************************************************/
-
-
-#ifndef NTRU_CRYPTO_NTRU_POLY_H
-#define NTRU_CRYPTO_NTRU_POLY_H
-
-
-#include "ntru_crypto.h"
-
-#include <crypto/hashers/hasher.h>
-
-
-/* function declarations */
-
-/* ntru_poly_check_min_weight
- *
- * Checks that the number of 0, +1, and -1 trinary ring elements meet or exceed
- * a minimum weight.
- */
-
-extern bool
-ntru_poly_check_min_weight(
-    uint16_t  num_els,              /*  in - degree of polynomial */
-    uint8_t  *ringels,              /*  in - pointer to trinary ring elements */
-    uint16_t  min_wt);              /*  in - minimum weight */
-
-/* ntru_ring_mult_coefficients
- *
- * Multiplies ring element (polynomial) "a" by ring element (polynomial) "b"
- * to produce ring element (polynomial) "c" in (Z/qZ)[X]/(X^N - 1).
- * This is a convolution operation.
- *
- * Ring element "b" has coefficients in the range [0,N).
- *
- * This assumes q is 2^r where 8 < r < 16, so that overflow of the sum
- * beyond 16 bits does not matter.
- */
-
-extern void
-ntru_ring_mult_coefficients(
-    uint16_t const *a,          /*  in - pointer to polynomial a */
-    uint16_t const *b,          /*  in - pointer to polynomial b */
-    uint16_t        N,          /*  in - no. of coefficients in a, b, c */
-    uint16_t        q,          /*  in - large modulus */
-    uint16_t       *c);         /* out - address for polynomial c */
-
-
-/* ntru_ring_inv
- *
- * Finds the inverse of a polynomial, a, in (Z/2^rZ)[X]/(X^N - 1).
- *
- * This assumes q is 2^r where 8 < r < 16, so that operations mod q can
- * wait until the end, and only 16-bit arrays need to be used.
- */
-
-extern bool
-ntru_ring_inv(
-    uint16_t       *a,          /*  in - pointer to polynomial a */
-    uint16_t        N,          /*  in - no. of coefficients in a */
-    uint16_t        q,          /*  in - large modulus */
-    uint16_t       *t,          /*  in - temp buffer of 2N elements */
-    uint16_t       *a_inv);     /* out - address for polynomial a^-1 */
-
-
-#endif /* NTRU_CRYPTO_NTRU_POLY_H */
diff --git a/src/libstrongswan/plugins/ntru/ntru_drbg.c b/src/libstrongswan/plugins/ntru/ntru_drbg.c
index 181a58939..ef0d3d9c8 100644
--- a/src/libstrongswan/plugins/ntru/ntru_drbg.c
+++ b/src/libstrongswan/plugins/ntru/ntru_drbg.c
@@ -67,6 +67,10 @@ struct private_ntru_drbg_t {
 	 */
 	chunk_t value;
 
+	/**
+	 * reference count
+	 */
+	refcount_t ref;
 };
 
 /**
@@ -180,13 +184,23 @@ METHOD(ntru_drbg_t, generate, bool,
 	return TRUE;
 }
 
+METHOD(ntru_drbg_t, get_ref, ntru_drbg_t*,
+	private_ntru_drbg_t *this)
+{
+	ref_get(&this->ref);
+	return &this->public;
+}
+
 METHOD(ntru_drbg_t, destroy, void,
 	private_ntru_drbg_t *this)
 {
-	this->hmac->destroy(this->hmac);
-	chunk_clear(&this->key);
-	chunk_clear(&this->value);
-	free(this);
+	if (ref_put(&this->ref))
+	{
+		this->hmac->destroy(this->hmac);
+		chunk_clear(&this->key);
+		chunk_clear(&this->value);
+		free(this);
+	}
 }
 
 /*
@@ -238,6 +252,7 @@ ntru_drbg_t *ntru_drbg_create(u_int32_t strength, chunk_t pers_str,
 			.get_strength = _get_strength,
 			.reseed = _reseed,
 			.generate = _generate,
+			.get_ref = _get_ref,
 			.destroy = _destroy,
 		},
 		.strength = strength,
@@ -247,6 +262,7 @@ ntru_drbg_t *ntru_drbg_create(u_int32_t strength, chunk_t pers_str,
 		.value = chunk_alloc(hmac->get_block_size(hmac)),
 		.max_requests = max_requests,
 		.reseed_counter = 1,
+		.ref = 1,
 	);
 
 	memset(this->key.ptr, 0x00, this->key.len);
diff --git a/src/libstrongswan/plugins/ntru/ntru_drbg.h b/src/libstrongswan/plugins/ntru/ntru_drbg.h
index 38ac718ae..83cef11be 100644
--- a/src/libstrongswan/plugins/ntru/ntru_drbg.h
+++ b/src/libstrongswan/plugins/ntru/ntru_drbg.h
@@ -58,6 +58,13 @@ struct ntru_drbg_t {
 										u_int8_t *out);
 
 	/**
+	 * Get a reference on an ntru_drbg_t object increasing the count by one
+	 *
+	 * @return			reference to the ntru_drbg_t object
+	 */
+	ntru_drbg_t* (*get_ref)(ntru_drbg_t *this);
+
+	/**
 	 * Uninstantiate and destroy the DRBG object
 	 */
 	void (*destroy)(ntru_drbg_t *this);
diff --git a/src/libstrongswan/plugins/ntru/ntru_ke.c b/src/libstrongswan/plugins/ntru/ntru_ke.c
index 39fb261cd..abaa22336 100644
--- a/src/libstrongswan/plugins/ntru/ntru_ke.c
+++ b/src/libstrongswan/plugins/ntru/ntru_ke.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2013 Andreas Steffen
+ * Copyright (C) 2013-2014 Andreas Steffen
  * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -15,54 +15,33 @@
 
 #include "ntru_ke.h"
 #include "ntru_drbg.h"
-
-#include "ntru_crypto/ntru_crypto.h"
+#include "ntru_param_set.h"
+#include "ntru_private_key.h"
+#include "ntru_public_key.h"
 
 #include <crypto/diffie_hellman.h>
 #include <utils/debug.h>
 
 typedef struct private_ntru_ke_t private_ntru_ke_t;
-typedef struct param_set_t param_set_t;
-
-/**
- * Defines an NTRU parameter set by ID or OID
- */
-struct param_set_t {
-	NTRU_ENCRYPT_PARAM_SET_ID id;
-	char oid[3];
-	char *name;
-};
 
 /* Best bandwidth and speed, no X9.98 compatibility */
-static param_set_t param_sets_optimum[] = {
-	{ NTRU_EES401EP2,  {0x00, 0x02, 0x10}, "ees401ep2"  },
-	{ NTRU_EES439EP1,  {0x00, 0x03, 0x10}, "ees439ep1"  },
-	{ NTRU_EES593EP1,  {0x00, 0x05, 0x10}, "ees593ep1"  },
-	{ NTRU_EES743EP1,  {0x00, 0x06, 0x10}, "ees743ep1"  }
+static ntru_param_set_id_t param_sets_optimum[] = {
+	NTRU_EES401EP2, NTRU_EES439EP1, NTRU_EES593EP1, NTRU_EES743EP1
 };
 
 /* X9.98/IEEE 1363.1 parameter sets for best speed */
-static param_set_t param_sets_x9_98_speed[] = {
-	{ NTRU_EES659EP1,  {0x00, 0x02, 0x06}, "ees659ep1"  },
-	{ NTRU_EES761EP1,  {0x00, 0x03, 0x05}, "ees761ep1"  },
-	{ NTRU_EES1087EP1, {0x00, 0x05, 0x05}, "ees1087ep1" },
-	{ NTRU_EES1499EP1, {0x00, 0x06, 0x05}, "ees1499ep1" }
+static ntru_param_set_id_t param_sets_x9_98_speed[] = {
+	NTRU_EES659EP1, NTRU_EES761EP1, NTRU_EES1087EP1, NTRU_EES1499EP1
 };
 
 /* X9.98/IEEE 1363.1 parameter sets for best bandwidth (smallest size) */
-static param_set_t param_sets_x9_98_bandwidth[] = {
-	{ NTRU_EES401EP1,  {0x00, 0x02, 0x04}, "ees401ep1"  },
-	{ NTRU_EES449EP1,  {0x00, 0x03, 0x03}, "ees449ep1"  },
-	{ NTRU_EES677EP1,  {0x00, 0x05, 0x03}, "ees677ep1"  },
-	{ NTRU_EES1087EP2, {0x00, 0x06, 0x03}, "ees1087ep2" }
+static ntru_param_set_id_t param_sets_x9_98_bandwidth[] = {
+	NTRU_EES401EP1, NTRU_EES449EP1, NTRU_EES677EP1, NTRU_EES1087EP2
 };
 
 /* X9.98/IEEE 1363.1 parameter sets balancing speed and bandwidth */
-static param_set_t param_sets_x9_98_balance[] = {
-	{ NTRU_EES541EP1,  {0x00, 0x02, 0x05}, "ees541ep1"  },
-	{ NTRU_EES613EP1,  {0x00, 0x03, 0x04}, "ees613ep1"  },
-	{ NTRU_EES887EP1,  {0x00, 0x05, 0x04}, "ees887ep1"  },
-	{ NTRU_EES1171EP1, {0x00, 0x06, 0x04}, "ees1171ep1" }
+static ntru_param_set_id_t param_sets_x9_98_balance[] = {
+	NTRU_EES541EP1, NTRU_EES613EP1, NTRU_EES887EP1, NTRU_EES1171EP1
 };
 
 /**
@@ -82,7 +61,7 @@ struct private_ntru_ke_t {
 	/**
 	 * NTRU Parameter Set
 	 */
-	param_set_t *param_set;
+	ntru_param_set_t *param_set;
 
 	/**
 	 * Cryptographical strength in bits of the NTRU Parameter Set
@@ -92,12 +71,12 @@ struct private_ntru_ke_t {
 	/**
 	 * NTRU Public Key
 	 */
-	chunk_t pub_key;
+	ntru_public_key_t *pubkey;
 
 	/**
 	 * NTRU Private Key
 	 */
-	chunk_t priv_key;
+	ntru_private_key_t *privkey;
 
 	/**
 	 * NTRU encrypted shared secret
@@ -133,8 +112,6 @@ struct private_ntru_ke_t {
 METHOD(diffie_hellman_t, get_my_public_value, void,
 	private_ntru_ke_t *this, chunk_t *value)
 {
-    uint16_t pub_key_len, priv_key_len;
-
 	*value = chunk_empty;
 
 	if (this->responder)
@@ -146,34 +123,19 @@ METHOD(diffie_hellman_t, get_my_public_value, void,
 	}
 	else
 	{
-		if (this->pub_key.len == 0)
+		if (!this->pubkey)
 		{
-			/* determine the NTRU public and private key sizes */
-			if (ntru_crypto_ntru_encrypt_keygen(this->drbg, this->param_set->id,
-								&pub_key_len, NULL,
-				 				&priv_key_len, NULL) != NTRU_OK)
-			{
-				DBG1(DBG_LIB, "error determining NTRU public and private key "
-							  "sizes");
-				return;
-			}
-			this->pub_key  = chunk_alloc(pub_key_len);
-			this->priv_key = chunk_alloc(priv_key_len);
-
 			/* generate a random NTRU public/private key pair */
-		    if (ntru_crypto_ntru_encrypt_keygen(this->drbg, this->param_set->id,
-								&pub_key_len, this->pub_key.ptr,
-				 				&priv_key_len, this->priv_key.ptr) != NTRU_OK)
+			this->privkey = ntru_private_key_create(this->drbg, this->param_set);
+			if (!this->privkey)
 			{
 				DBG1(DBG_LIB, "NTRU keypair generation failed");
-				chunk_free(&this->priv_key);
-				chunk_free(&this->pub_key);
 				return;
 			}
-			DBG3(DBG_LIB, "NTRU public key: %B", &this->pub_key);
-			DBG4(DBG_LIB, "NTRU private key: %B", &this->priv_key);
+			this->pubkey = this->privkey->get_public_key(this->privkey);
 		}
-		*value = chunk_clone(this->pub_key);
+		*value = chunk_clone(this->pubkey->get_encoding(this->pubkey));
+		DBG3(DBG_LIB, "NTRU public key: %B", value);
 	}
 }
 
@@ -194,9 +156,7 @@ METHOD(diffie_hellman_t, get_shared_secret, status_t,
 METHOD(diffie_hellman_t, set_other_public_value, void,
 	private_ntru_ke_t *this, chunk_t value)
 {
-	u_int16_t plaintext_len, ciphertext_len;
-
-	if (this->priv_key.len)
+	if (this->privkey)
 	{
 		/* initiator decrypting shared secret */
 		if (value.len == 0)
@@ -204,48 +164,36 @@ METHOD(diffie_hellman_t, set_other_public_value, void,
 			DBG1(DBG_LIB, "empty NTRU ciphertext");
 			return;
 		}
-		this->ciphertext = chunk_clone(value);
-		DBG3(DBG_LIB, "NTRU ciphertext: %B", &this->ciphertext);
-
-		/* determine the size of the maximum plaintext */
-    	if (ntru_crypto_ntru_decrypt(this->priv_key.len, this->priv_key.ptr,
-								this->ciphertext.len, this->ciphertext.ptr,
-								&plaintext_len, NULL) != NTRU_OK)
-		{
-			DBG1(DBG_LIB, "error determining maximum plaintext size");
-			return;
-		}
-		this->shared_secret = chunk_alloc(plaintext_len);
+		DBG3(DBG_LIB, "NTRU ciphertext: %B", &value);
 
 		/* decrypt the shared secret */
-    	if (ntru_crypto_ntru_decrypt(this->priv_key.len, this->priv_key.ptr,
-						this->ciphertext.len, this->ciphertext.ptr,
-						&plaintext_len, this->shared_secret.ptr) != NTRU_OK)
+ 		if (!this->privkey->decrypt(this->privkey, value, &this->shared_secret))
 		{
 			DBG1(DBG_LIB, "NTRU decryption of shared secret failed");
-			chunk_free(&this->shared_secret);
 			return;
 		}
-		this->shared_secret.len = plaintext_len;
 		this->computed = TRUE;
 	}
 	else
 	{
+		ntru_public_key_t *pubkey;
+
 		/* responder generating and encrypting the shared secret */
 		this->responder = TRUE;
 
-		/* check the NTRU public key format */
-		if (value.len < 5 || value.ptr[0] != 1 || value.ptr[1] != 3)
+		DBG3(DBG_LIB, "NTRU public key: %B", &value);
+		pubkey = ntru_public_key_create_from_data(this->drbg, value);
+		if (!pubkey)
 		{
-			DBG1(DBG_LIB, "received NTRU public key with invalid header");
 			return;
 		}
-		if (!memeq(value.ptr + 2, this->param_set->oid, 3))
+		if (pubkey->get_id(pubkey) != this->param_set->id)
 		{
-			DBG1(DBG_LIB, "received NTRU public key with wrong OID");
+			DBG1(DBG_LIB, "received NTRU public key with wrong OUI");
+			pubkey->destroy(pubkey);
 			return;
 		}
-		this->pub_key = chunk_clone(value);
+		this->pubkey = pubkey;
 
 		/* shared secret size is chosen as twice the cryptographical strength */
 		this->shared_secret = chunk_alloc(2 * this->strength / BITS_PER_BYTE);
@@ -260,25 +208,10 @@ METHOD(diffie_hellman_t, set_other_public_value, void,
 		}
 		this->computed = TRUE;
 
-		/* determine the size of the ciphertext */
-		if (ntru_crypto_ntru_encrypt(this->drbg,
-							this->pub_key.len,	this->pub_key.ptr,
-							this->shared_secret.len, this->shared_secret.ptr,
-                            &ciphertext_len, NULL) != NTRU_OK)
-		{
-			DBG1(DBG_LIB, "error determining ciphertext size");
-			return;
-		}
-		this->ciphertext = chunk_alloc(ciphertext_len);
-
 		/* encrypt the shared secret */
-		if (ntru_crypto_ntru_encrypt(this->drbg,
-							this->pub_key.len,	this->pub_key.ptr,
-							this->shared_secret.len, this->shared_secret.ptr,
-                            &ciphertext_len, this->ciphertext.ptr) != NTRU_OK)
+		if (!pubkey->encrypt(pubkey, this->shared_secret, &this->ciphertext))
 		{
 			DBG1(DBG_LIB, "NTRU encryption of shared secret failed");
-			chunk_free(&this->ciphertext);
 			return;
 		}
 		DBG3(DBG_LIB, "NTRU ciphertext: %B", &this->ciphertext);
@@ -294,11 +227,11 @@ METHOD(diffie_hellman_t, get_dh_group, diffie_hellman_group_t,
 METHOD(diffie_hellman_t, destroy, void,
 	private_ntru_ke_t *this)
 {
+	DESTROY_IF(this->privkey);
+	DESTROY_IF(this->pubkey);
 	this->drbg->destroy(this->drbg);
 	this->entropy->destroy(this->entropy);
-	chunk_free(&this->pub_key);
 	chunk_free(&this->ciphertext);
-	chunk_clear(&this->priv_key);
 	chunk_clear(&this->shared_secret);
 	free(this);
 }
@@ -309,7 +242,7 @@ METHOD(diffie_hellman_t, destroy, void,
 ntru_ke_t *ntru_ke_create(diffie_hellman_group_t group, chunk_t g, chunk_t p)
 {
 	private_ntru_ke_t *this;
-	param_set_t *param_sets, *param_set;
+	ntru_param_set_id_t *param_sets, param_set_id;
 	rng_t *entropy;
 	ntru_drbg_t *drbg;
 	char *parameter_set;
@@ -339,25 +272,25 @@ ntru_ke_t *ntru_ke_create(diffie_hellman_group_t group, chunk_t g, chunk_t p)
 	{
 		case NTRU_112_BIT:
 			strength = 112;
-			param_set = &param_sets[0];
+			param_set_id = param_sets[0];
 			break;
 		case NTRU_128_BIT:
 			strength = 128;
-			param_set = &param_sets[1];
+			param_set_id = param_sets[1];
 			break;
 		case NTRU_192_BIT:
 			strength = 192;
-			param_set = &param_sets[2];
+			param_set_id = param_sets[2];
 			break;
 		case NTRU_256_BIT:
 			strength = 256;
-			param_set = &param_sets[3];
+			param_set_id = param_sets[3];
 			break;
 		default:
 			return NULL;
 	}
-	DBG1(DBG_LIB, "%u bit %s NTRU parameter set %s selected", strength,
-				   parameter_set, param_set->name);
+	DBG1(DBG_LIB, "%u bit %s NTRU parameter set %N selected", strength,
+				   parameter_set, ntru_param_set_id_names, param_set_id);
 
 	entropy = lib->crypto->create_rng(lib->crypto, RNG_TRUE);
 	if (!entropy)
@@ -385,7 +318,7 @@ ntru_ke_t *ntru_ke_create(diffie_hellman_group_t group, chunk_t g, chunk_t p)
 			},
 		},
 		.group = group,
-		.param_set = param_set,
+		.param_set = ntru_param_set_get_by_id(param_set_id),
 		.strength = strength,
 		.entropy = entropy,
 		.drbg = drbg,
diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.c b/src/libstrongswan/plugins/ntru/ntru_param_set.c
index 5ddf91d2a..4af1e3091 100644
--- a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.c
+++ b/src/libstrongswan/plugins/ntru/ntru_param_set.c
@@ -1,44 +1,49 @@
-/******************************************************************************
- * NTRU Cryptography Reference Source Code
- * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved. 
- *
- * ntru_crypto_ntru_param_sets.c is a component of ntru-crypto.
+/*
+ * Copyright (C) 2014 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
  *
  * Copyright (C) 2009-2013  Security Innovation
- * 
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
- * 
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- * 
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- *
- *****************************************************************************/
- 
-/******************************************************************************
- *
- * File: ntru_crypto_ntru_encrypt_param_sets.c
  *
- * Contents: Defines the NTRUEncrypt parameter sets.
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
  *
- *****************************************************************************/
-
-#include <stdlib.h>
-#include <string.h>
-#include "ntru_crypto_ntru_encrypt_param_sets.h"
-
-
-/* parameter sets */
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
 
-static NTRU_ENCRYPT_PARAM_SET ntruParamSets[] = {
+#include "ntru_param_set.h"
+
+#include <utils/test.h>
+
+ENUM(ntru_param_set_id_names, NTRU_EES401EP1, NTRU_EES743EP1,
+	"ees401ep1",
+	"ees449ep1",
+	"ees677ep1",
+	"ees1087ep2",
+	"ees541ep1",
+	"ees613ep1",
+	"ees887ep1",
+	"ees1171ep1",
+	"ees659ep1",
+	"ees761ep1",
+	"ees1087ep1",
+	"ees1499ep1",
+	"ees401ep2",
+	"ees439ep1",
+	"ees593ep1",
+	"ees743ep1"
+);
+
+/**
+ * NTRU encryption parameter set definitions
+ */
+static ntru_param_set_t ntru_param_sets[] = {
 
+	/* X9.98/IEEE 1363.1 parameter sets for best bandwidth (smallest size) */
     {
         NTRU_EES401EP1,              /* parameter-set id */
         {0x00, 0x02, 0x04},          /* OID */
@@ -97,7 +102,7 @@ static NTRU_ENCRYPT_PARAM_SET ntruParamSets[] = {
         NTRU_EES1087EP2,             /* parameter-set id */
         {0x00, 0x06, 0x03},          /* OID */
         0x25,                        /* DER id */
-        10,                          /* no. of bits in N (i.e., in an index) */
+        11,                          /* no. of bits in N (i.e., in an index) */
         1087,                        /* N */
         32,                          /* security strength in octets */
         2048,                        /* q */
@@ -111,6 +116,7 @@ static NTRU_ENCRYPT_PARAM_SET ntruParamSets[] = {
         1,                           /* lLen */
     },
 
+	/* X9.98/IEEE 1363.1 parameter sets balancing speed and bandwidth */
     {
         NTRU_EES541EP1,              /* parameter-set id */
         {0x00, 0x02, 0x05},          /* OID */
@@ -183,6 +189,7 @@ static NTRU_ENCRYPT_PARAM_SET ntruParamSets[] = {
         1,                           /* lLen */
     },
 
+	/* X9.98/IEEE 1363.1 parameter sets for best speed */
     {
         NTRU_EES659EP1,              /* parameter-set id */
         {0x00, 0x02, 0x06},          /* OID */
@@ -255,6 +262,7 @@ static NTRU_ENCRYPT_PARAM_SET ntruParamSets[] = {
         1,                           /* lLen */
     },
 
+	/* Best bandwidth and speed, no X9.98 compatibility */
     {
         NTRU_EES401EP2,              /* parameter-set id */
         {0x00, 0x02, 0x10},          /* OID */
@@ -329,56 +337,39 @@ static NTRU_ENCRYPT_PARAM_SET ntruParamSets[] = {
 
 };
 
-static size_t numParamSets =
-                sizeof(ntruParamSets)/sizeof(NTRU_ENCRYPT_PARAM_SET);
-
-
-/* functions */
-
-/* ntru_encrypt_get_params_with_id
- *
- * Looks up a set of NTRUEncrypt parameters based on the id of the
- * parameter set.
- *
- * Returns a pointer to the parameter set parameters if successful.
- * Returns NULL if the parameter set cannot be found.
+/**
+ * See header.
  */
-
-NTRU_ENCRYPT_PARAM_SET *
-ntru_encrypt_get_params_with_id(
-    NTRU_ENCRYPT_PARAM_SET_ID id)   /*  in - parameter-set id */
+ntru_param_set_t* ntru_param_set_get_by_id(ntru_param_set_id_t id)
 {
-    size_t i;
-
-    for (i = 0; i < numParamSets; i++) {
-        if (ntruParamSets[i].id == id) {
-            return &(ntruParamSets[i]);
-        }
-    }
-    return NULL;
+	int i;
+
+	for (i = 0; i < countof(ntru_param_sets); i++)
+	{
+		if (ntru_param_sets[i].id == id)
+		{
+			return &ntru_param_sets[i];
+		}
+	}
+	return NULL;
 }
 
 
-/* ntru_encrypt_get_params_with_OID
- *
- * Looks up a set of NTRUEncrypt parameters based on the OID of the
- * parameter set.
- *
- * Returns a pointer to the parameter set parameters if successful.
- * Returns NULL if the parameter set cannot be found.
+/**
+ * See header.
  */
-
-NTRU_ENCRYPT_PARAM_SET *
-ntru_encrypt_get_params_with_OID(
-    uint8_t const *oid)             /*  in - pointer to parameter-set OID */
+ntru_param_set_t* ntru_param_set_get_by_oid(uint8_t const *oid)
 {
-    size_t i;
-
-    for (i = 0; i < numParamSets; i++) {
-        if (!memcmp(ntruParamSets[i].OID, oid, 3)) {
-            return &(ntruParamSets[i]);
-        }
-    }
-    return NULL;
+	int i;
+
+	for (i = 0; i < countof(ntru_param_sets); i++)
+	{
+		if (memeq(ntru_param_sets[i].oid, oid, 3))
+		{
+			return &ntru_param_sets[i];
+		}
+	}
+	return NULL;
 }
 
+EXPORT_FUNCTION_FOR_TESTS(ntru, ntru_param_set_get_by_id);
diff --git a/src/libstrongswan/plugins/ntru/ntru_param_set.h b/src/libstrongswan/plugins/ntru/ntru_param_set.h
new file mode 100644
index 000000000..df4e55333
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_param_set.h
@@ -0,0 +1,118 @@
+/*
+ * Copyright (C) 2014 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * Copyright (C) 2009-2013  Security Innovation
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup ntru_param_set ntru_param_set
+ * @{ @ingroup ntru_p
+ */
+
+#ifndef NTRU_PARAM_SET_H_
+#define NTRU_PARAM_SET_H_
+
+typedef enum ntru_param_set_id_t ntru_param_set_id_t;
+typedef struct ntru_param_set_t ntru_param_set_t;
+
+#include <library.h>
+
+/**
+ * Encoding types for NTRU encryption public/private key blobs
+ */
+#define NTRU_PUBKEY_TAG           0x01
+#define NTRU_PRIVKEY_DEFAULT_TAG  0x02
+#define NTRU_PRIVKEY_TRITS_TAG    0xfe
+#define NTRU_PRIVKEY_INDICES_TAG  0xff
+
+/**
+ * Size in octets of the OID designating the NTRU encryption parameter set
+ */
+#define NTRU_OID_LEN	3
+
+/**
+ * Packing types for NTRU encryption public/private keys
+ */
+#define NTRU_KEY_PACKED_COEFFICIENTS    0x01
+#define NTRU_KEY_PACKED_INDICES         0x02
+#define NTRU_KEY_PACKED_TRITS           0x03
+
+/**
+ * NTRU encryption parameter set ID list
+ */
+enum ntru_param_set_id_t {
+	/* X9.98/IEEE 1363.1 parameter sets for best bandwidth (smallest size) */
+	NTRU_EES401EP1,
+	NTRU_EES449EP1,
+	NTRU_EES677EP1,
+	NTRU_EES1087EP2,
+	/* X9.98/IEEE 1363.1 parameter sets balancing speed and bandwidth */
+	NTRU_EES541EP1,
+	NTRU_EES613EP1,
+	NTRU_EES887EP1,
+	NTRU_EES1171EP1,
+	/* X9.98/IEEE 1363.1 parameter sets for best speed */
+	NTRU_EES659EP1,
+	NTRU_EES761EP1,
+	NTRU_EES1087EP1,
+	NTRU_EES1499EP1,
+	/* Best bandwidth and speed, no X9.98 compatibility */
+	NTRU_EES401EP2,
+	NTRU_EES439EP1,
+	NTRU_EES593EP1,
+	NTRU_EES743EP1,
+};
+
+extern enum_name_t *ntru_param_set_id_names;
+
+/**
+ * NTRU encryption parameter set definitions
+ */
+struct ntru_param_set_t {
+	ntru_param_set_id_t id;     /* NTRU parameter set ID */
+	uint8_t  oid[NTRU_OID_LEN]; /* pointer to OID */
+	uint8_t  der_id;            /* parameter-set DER id */
+	uint8_t  N_bits;            /* no. of bits in N (i.e. in an index */
+	uint16_t N;                 /* ring dimension */
+	uint16_t sec_strength_len;  /* no. of octets of security strength */
+	uint16_t q;                 /* big modulus */
+	uint8_t  q_bits;            /* no. of bits in q (i.e. in a coefficient */
+	bool     is_product_form;   /* if product form used */
+	uint32_t dF_r;              /* no. of +1 or -1 coefficients in ring elements
+                                   F, r */
+	uint16_t dg;                /* no. - 1 of +1 coefficients or
+                                   no. of -1 coefficients in ring element g */
+	uint16_t m_len_max;         /* max no. of plaintext octets */
+	uint16_t min_msg_rep_wt;    /* min. message representative weight */
+	uint8_t  c_bits;            /* no. bits in candidate for deriving an index */
+	uint8_t  m_len_len;         /* no. of octets to hold mLenOctets */
+};
+
+/**
+ * Get NTRU encryption parameter set by NTRU parameter set ID
+ *
+ * @param id	NTRU parameter set ID
+ * @return		NTRU parameter set
+*/
+ntru_param_set_t* ntru_param_set_get_by_id(ntru_param_set_id_t id);
+
+/**
+ * Get NTRU encryption parameter set by NTRU parameter set OID
+ *
+ * @param oid	NTRU parameter set OID
+ * @return		NTRU parameter set
+*/
+ntru_param_set_t* ntru_param_set_get_by_oid(uint8_t const *oid);
+
+#endif /** NTRU_PARAM_SET_H_ @}*/
diff --git a/src/libstrongswan/plugins/ntru/ntru_poly.c b/src/libstrongswan/plugins/ntru/ntru_poly.c
index 3f754f2a0..77ab54a5c 100644
--- a/src/libstrongswan/plugins/ntru/ntru_poly.c
+++ b/src/libstrongswan/plugins/ntru/ntru_poly.c
@@ -239,11 +239,29 @@ METHOD(ntru_poly_t, destroy, void,
 	free(this);
 }
 
-static void init_indices(private_ntru_poly_t *this, bool is_product_form,
-						 uint32_t indices_len_p, uint32_t indices_len_m)
+/**
+ * Creates an empty ntru_poly_t object with space allocated for indices
+ */
+static private_ntru_poly_t* ntru_poly_create(uint16_t N, uint16_t q,
+											 uint32_t indices_len_p,
+											 uint32_t indices_len_m,
+											 bool is_product_form)
 {
+	private_ntru_poly_t *this;
 	int n;
 
+	INIT(this,
+		.public = {
+			.get_size = _get_size,
+			.get_indices = _get_indices,
+			.get_array = _get_array,
+			.ring_mult = _ring_mult,
+			.destroy = _destroy,
+		},
+		.N = N,
+		.q = q,
+	);
+
 	if (is_product_form)
 	{
 		this->num_polynomials = 3;
@@ -265,6 +283,8 @@ static void init_indices(private_ntru_poly_t *this, bool is_product_form,
 		this->num_indices = indices_len_p + indices_len_m;
 	}
 	this->indices = malloc(sizeof(uint16_t) * this->num_indices);
+
+	return this;
 }
 
 /*
@@ -291,19 +311,8 @@ ntru_poly_t *ntru_poly_create_from_seed(hash_algorithm_t alg, chunk_t seed,
 	}
 	i = hash_len = mgf1->get_hash_size(mgf1);
 
-	INIT(this,
-		.public = {
-			.get_size = _get_size,
-			.get_indices = _get_indices,
-			.get_array = _get_array,
-			.ring_mult = _ring_mult,
-			.destroy = _destroy,
-		},
-		.N = N,
-		.q = q,
-	);
+	this = ntru_poly_create(N, q, indices_len_p, indices_len_m, is_product_form);
 
-	init_indices(this, is_product_form, indices_len_p, indices_len_m);
 	used = malloc(N);
 	limit = N * ((1 << c_bits) / N);
 
@@ -390,19 +399,8 @@ ntru_poly_t *ntru_poly_create_from_data(uint16_t *data, uint16_t N, uint16_t q,
 	private_ntru_poly_t *this;
 	int i;
 
-	INIT(this,
-		.public = {
-			.get_size = _get_size,
-			.get_indices = _get_indices,
-			.get_array = _get_array,
-			.ring_mult = _ring_mult,
-			.destroy = _destroy,
-		},
-		.N = N,
-		.q = q,
-	);
+	this = ntru_poly_create(N, q, indices_len_p, indices_len_m, is_product_form);
 
-	init_indices(this, is_product_form, indices_len_p, indices_len_m);
 	for (i = 0; i < this->num_indices; i++)
 	{
 		this->indices[i] = data[i];
diff --git a/src/libstrongswan/plugins/ntru/ntru_private_key.c b/src/libstrongswan/plugins/ntru/ntru_private_key.c
new file mode 100644
index 000000000..fa87fe9c3
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_private_key.c
@@ -0,0 +1,892 @@
+/*
+ * Copyright (C) 2014 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * Copyright (C) 2009-2013  Security Innovation
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "ntru_private_key.h"
+#include "ntru_trits.h"
+#include "ntru_poly.h"
+#include "ntru_convert.h"
+
+#include <utils/debug.h>
+#include <utils/test.h>
+
+typedef struct private_ntru_private_key_t private_ntru_private_key_t;
+
+/**
+ * Private data of an ntru_private_key_t object.
+ */
+struct private_ntru_private_key_t {
+
+	/**
+	 * Public ntru_private_key_t interface.
+	 */
+	ntru_private_key_t public;
+
+	/**
+	 * NTRU Parameter Set
+	 */
+	ntru_param_set_t *params;
+
+	/**
+	 * Polynomial F which is the private key
+	 */
+	ntru_poly_t *privkey;
+
+	/**
+	 * Polynomial h which is the public key
+	 */
+	uint16_t *pubkey;
+
+	/**
+	 * Encoding of the private key
+	 */
+	chunk_t encoding;
+
+	/**
+	 * Deterministic Random Bit Generator
+	 */
+	ntru_drbg_t *drbg;
+
+};
+
+METHOD(ntru_private_key_t, get_id, ntru_param_set_id_t,
+	private_ntru_private_key_t *this)
+{
+	return this->params->id;
+}
+
+METHOD(ntru_private_key_t, get_public_key, ntru_public_key_t*,
+	private_ntru_private_key_t *this)
+{
+	return ntru_public_key_create(this->drbg, this->params, this->pubkey);
+}
+
+/**
+ * Generate NTRU encryption private key encoding
+ */
+static void generate_encoding(private_ntru_private_key_t *this)
+{
+	size_t pubkey_len, privkey_len, privkey_trits_len, privkey_indices_len;
+	int privkey_pack_type;
+	uint16_t *indices;
+	uint8_t *trits;
+	u_char *enc;
+
+	/* compute public key length encoded as packed coefficients */
+	pubkey_len =  (this->params->N * this->params->q_bits + 7) / 8;
+
+	/* compute private key length encoded as packed trits coefficients */
+	privkey_trits_len = (this->params->N + 4) / 5;
+
+	/* compute private key length encoded as packed indices */
+	privkey_indices_len = (this->privkey->get_size(this->privkey) *
+						   this->params->N_bits + 7) / 8;
+
+	if (this->params->is_product_form ||
+		privkey_indices_len <= privkey_trits_len)
+	{
+		privkey_pack_type = NTRU_KEY_PACKED_INDICES;
+		privkey_len = privkey_indices_len;
+	}
+	else
+	{
+		privkey_pack_type = NTRU_KEY_PACKED_TRITS;
+		privkey_len = privkey_trits_len;
+       }
+
+	/* allocate memory for private key encoding */
+	this->encoding = chunk_alloc(2 + NTRU_OID_LEN + pubkey_len + privkey_len);
+	enc = this->encoding.ptr;
+
+	/* format header and packed public key */
+	*enc++ = NTRU_PRIVKEY_DEFAULT_TAG;
+	*enc++ = NTRU_OID_LEN;
+	memcpy(enc, this->params->oid, NTRU_OID_LEN);
+	enc += NTRU_OID_LEN;
+	ntru_elements_2_octets(this->params->N, this->pubkey,
+						   this->params->q_bits, enc);
+	enc += pubkey_len;
+
+	/* add packed private key */
+	indices = this->privkey->get_indices(this->privkey);
+
+	if (privkey_pack_type == NTRU_KEY_PACKED_TRITS)
+	{
+		/* encode private key as packed trits */
+		trits = malloc(this->params->N);
+		ntru_indices_2_packed_trits(indices, this->params->dF_r,
+							this->params->dF_r, this->params->N, trits, enc);
+		memwipe(trits, this->params->N);
+		free(trits);
+	}
+	else
+	{
+		/* encode private key as packed indices */
+		ntru_elements_2_octets(this->privkey->get_size(this->privkey),
+							   indices, this->params->N_bits, enc);
+	}
+}
+
+METHOD(ntru_private_key_t, get_encoding, chunk_t,
+	private_ntru_private_key_t *this)
+{
+	return this->encoding;
+}
+
+/** 
+ * Checks that the number of 0, +1, and -1 trinary ring elements meet or exceed
+ * a minimum weight.
+ *
+ * @param N			degree of polynomial
+ * @param t			array of trinary ring elements
+ * @param min_wt	minimum weight
+ * @return			TRUE if minimum weight met or exceeded
+ */
+bool ntru_check_min_weight(uint16_t N, uint8_t  *t, uint16_t min_wt)
+{
+	uint16_t wt[3];
+	bool success;
+	int i;
+
+	wt[0] = wt[1] = wt[2] = 0;
+
+	for (i = 0; i < N; i++)
+	{
+		++wt[t[i]];
+	}
+	success = (wt[0] >= min_wt) && (wt[1] >= min_wt) && (wt[2] >= min_wt);
+
+	DBG2(DBG_LIB, "minimum weight = %u, so -1: %u, 0: %u, +1: %u is %sok",
+				   min_wt, wt[2], wt[0], wt[1], success ? "" : "not ");
+
+	return success;
+}
+
+METHOD(ntru_private_key_t, decrypt, bool,
+	private_ntru_private_key_t *this, chunk_t ciphertext, chunk_t *plaintext)
+{
+	hash_algorithm_t hash_algid;
+	size_t t_len, seed1_len, seed2_len;
+	uint16_t *t1, *t2, *t = NULL;
+    uint16_t mod_q_mask, q_mod_p, cmprime_len, cm_len = 0, num_zeros;
+	uint8_t *Mtrin, *M, *cm, *mask_trits, *ptr;
+	int16_t m1 = 0;
+	chunk_t seed = chunk_empty;
+	ntru_trits_t *mask;
+	ntru_poly_t *r_poly;
+	bool msg_rep_good, success = TRUE;
+	int i;
+
+	*plaintext = chunk_empty;
+
+	if (ciphertext.len != (this->params->N * this->params->q_bits + 7) / 8)
+	{
+		DBG1(DBG_LIB, "wrong NTRU ciphertext length");
+		return FALSE;
+	}
+
+	/* allocate temporary array t */
+	t_len  = 2 * this->params->N * sizeof(uint16_t);
+	t = malloc(t_len);
+	t1 = t;
+	t2 = t + this->params->N;
+	Mtrin = (uint8_t *)t1;
+	M = Mtrin + this->params->N;
+
+	/* set hash algorithm based on security strength */
+	hash_algid = (this->params->sec_strength_len <= 20) ? HASH_SHA1 :
+														  HASH_SHA256;
+
+	/* set constants */
+	mod_q_mask = this->params->q - 1;
+	q_mod_p = this->params->q % 3;
+
+    /* unpack the ciphertext */
+    ntru_octets_2_elements(ciphertext.len, ciphertext.ptr,
+						   this->params->q_bits, t2);
+
+	/* form cm':
+	 *  F * e
+	 *  A = e * (1 + pF) mod q = e + pFe mod q
+	 *  a = A in the range [-q/2, q/2)
+	 *  cm' = a mod p
+	 */
+	this->privkey->ring_mult(this->privkey, t2, t1);
+
+	cmprime_len = this->params->N;
+	if (this->params->is_product_form)
+	{
+		--cmprime_len;
+		for (i = 0; i < cmprime_len; i++)
+		{
+			t1[i] = (t2[i] + 3 * t1[i]) & mod_q_mask;
+			if (t1[i] >= (this->params->q / 2))
+			{
+				t1[i] -= q_mod_p;
+			}
+			Mtrin[i] = (uint8_t)(t1[i] % 3);
+			if (Mtrin[i] == 1)
+			{
+				++m1;
+			}
+			else if (Mtrin[i] == 2)
+			{
+				--m1;
+			}
+		}
+	}
+	else
+	{
+		for (i = 0; i < cmprime_len; i++)
+		{
+			t1[i] = (t2[i] + 3 * t1[i]) & mod_q_mask;
+			if (t1[i] >= (this->params->q / 2))
+			{
+				t1[i] -= q_mod_p;
+			}
+			Mtrin[i] = (uint8_t)(t1[i] % 3);
+		}
+	}
+
+    /**
+	 * check that the candidate message representative meets
+     * minimum weight requirements
+     */
+	if (this->params->is_product_form)
+	{
+		msg_rep_good = (abs(m1) <= this->params->min_msg_rep_wt);
+	}
+	else
+	{
+		msg_rep_good = ntru_check_min_weight(cmprime_len, Mtrin,
+											 this->params->min_msg_rep_wt);
+	}
+	if (!msg_rep_good)
+	{
+		DBG1(DBG_LIB, "decryption failed due to unsufficient minimum weight");
+		success = FALSE;
+	}
+
+	/* form cR = e - cm' mod q */
+	for (i = 0; i < cmprime_len; i++)
+	{
+		if (Mtrin[i] == 1)
+		{
+			t2[i] = (t2[i] - 1) & mod_q_mask;
+		}
+		else if (Mtrin[i] == 2)
+		{
+			t2[i] = (t2[i] + 1) & mod_q_mask;
+		}
+	}
+	if (this->params->is_product_form)
+	{
+		t2[i] = (t2[i] + m1) & mod_q_mask;
+	}
+
+	/* allocate memory for the larger of the two seeds */
+	seed1_len = (this->params->N + 3)/4;
+	seed2_len = 3 + 2*this->params->sec_strength_len + this->params->m_len_max;
+	seed = chunk_alloc(max(seed1_len, seed2_len));
+	seed.len = seed1_len;
+
+	/* form cR mod 4 */
+	ntru_coeffs_mod4_2_octets(this->params->N, t2, seed.ptr);
+
+	/* form mask */
+	mask = ntru_trits_create(this->params->N, hash_algid, seed);
+	if (!mask)
+	{
+		DBG1(DBG_LIB, "mask creation failed");
+		success = FALSE;
+		goto err;
+	}
+
+	mask_trits = mask->get_trits(mask);
+
+	/* form cMtrin by subtracting mask from cm', mod p */
+	for (i = 0; i < cmprime_len; i++)
+	{
+		Mtrin[i] -=  mask_trits[i];
+		if (Mtrin[i] >= 3)
+		{
+			Mtrin[i] += 3;
+		}
+	}
+	mask->destroy(mask);
+
+	if (this->params->is_product_form)
+	{
+		/* set the last trit to zero since that's what it was, and
+		 * because it can't be calculated from (cm' - mask) since
+		 * we don't have the correct value for the last cm' trit
+		 */
+		Mtrin[i] = 0;
+	}
+
+	/* convert cMtrin to cM (Mtrin to Mbin) */
+	if (!ntru_trits_2_bits(Mtrin, this->params->N, M))
+	{
+		success = FALSE;
+		goto err;
+	}
+
+	/* skip the random padding */
+       ptr = M + this->params->sec_strength_len;
+
+	/* validate the padded message cM and copy cm to m_buf */
+	if (this->params->m_len_len == 2)
+	{
+		cm_len = (uint16_t)(*ptr++) << 16;
+	}
+	cm_len |= (uint16_t)(*ptr++);
+
+	if (cm_len > this->params->m_len_max)
+	{
+		cm_len = this->params->m_len_max;
+		DBG1(DBG_LIB, "NTRU message length is larger than maximum length");
+		success = FALSE;
+	}
+	cm = ptr;
+	ptr += cm_len;
+
+	/* check if the remaining padding consists of zeros */
+	num_zeros = this->params->m_len_max - cm_len + 1;
+	for (i = 0; i < num_zeros; i++)
+	{
+		if (ptr[i] != 0)
+		{
+			DBG1(DBG_LIB, "non-zero trailing padding detected");
+			success = FALSE;
+			break;
+		}
+	}
+
+	/* form sData (OID || m || b || hTrunc) */
+	ptr = seed.ptr;
+	memcpy(ptr, this->params->oid, 3);
+	ptr += 3;
+	memcpy(ptr, cm, cm_len);
+	ptr += cm_len;
+	memcpy(ptr, M, this->params->sec_strength_len);
+	ptr += this->params->sec_strength_len;
+	memcpy(ptr, this->encoding.ptr + 2 + NTRU_OID_LEN,
+		   this->params->sec_strength_len);
+	ptr += this->params->sec_strength_len;
+	seed.len = ptr - seed.ptr;
+
+	/* generate cr */
+	DBG2(DBG_LIB, "generate polynomial r");
+	r_poly = ntru_poly_create_from_seed(hash_algid, seed,
+						this->params->c_bits, this->params->N,
+						this->params->q, this->params->dF_r,
+						this->params->dF_r, this->params->is_product_form);
+	if (!r_poly)
+	{
+		success = FALSE;
+		goto err;
+	}
+
+	/* output plaintext in allocated chunk */
+	*plaintext = chunk_clone(chunk_create(cm, cm_len));
+
+	/* form cR' = h * cr */
+	r_poly->ring_mult(r_poly, this->pubkey, t1);
+	r_poly->destroy(r_poly);
+
+	/* compare cR' to cR */
+	for (i = 0; i < this->params->N; i++)
+	{
+		if (t[i] != t2[i])
+		{
+			DBG1(DBG_LIB, "cR' does not equal cR'");
+			chunk_clear(plaintext);
+			success = FALSE;
+			break;
+		}
+	}
+	memwipe(t, t_len);
+
+err:
+	/* cleanup */
+	chunk_clear(&seed);
+	free(t);
+
+	return success;
+}
+
+METHOD(ntru_private_key_t, destroy, void,
+	private_ntru_private_key_t *this)
+{
+	DESTROY_IF(this->privkey);
+	this->drbg->destroy(this->drbg);
+	chunk_clear(&this->encoding);
+	free(this->pubkey);
+	free(this);
+}
+
+/**
+ * Multiplies ring element (polynomial) "a" by ring element (polynomial) "b"
+ * to produce ring element (polynomial) "c" in (Z/qZ)[X]/(X^N - 1).
+ * This is a convolution operation.
+ *
+ * Ring element "b" has coefficients in the range [0,N).
+ *
+ * This assumes q is 2^r where 8 < r < 16, so that overflow of the sum
+ * beyond 16 bits does not matter.
+ *
+ * @param a		polynomial a
+ * @param b		polynomial b
+ * @param N		no. of coefficients in a, b, c
+ * @param q		large modulus
+ * @param c		polynomial c = a * b
+ */
+static void ring_mult_c(uint16_t *a, uint16_t *b, uint16_t N, uint16_t q,
+					    uint16_t *c)
+{
+	uint16_t *bptr = b;
+	uint16_t mod_q_mask = q - 1;
+	int i, k;
+
+	/* c[k] = sum(a[i] * b[k-i]) mod q */
+	memset(c, 0, N * sizeof(uint16_t));
+	for (k = 0; k < N; k++)
+	{
+		i = 0;
+		while (i <= k)
+		{
+			c[k] += a[i++] * *bptr--;
+		}
+		bptr += N;
+		while (i < N)
+		{
+			c[k] += a[i++] * *bptr--;
+		}
+		c[k] &= mod_q_mask;
+		++bptr;
+	}
+}
+
+/**
+ * Finds the inverse of a polynomial a in (Z/2^rZ)[X]/(X^N - 1).
+ *
+ * This assumes q is 2^r where 8 < r < 16, so that operations mod q can
+ * wait until the end, and only 16-bit arrays need to be used.
+ *
+ * @param a			polynomial a
+ * @param N			no. of coefficients in a
+ * @param q			large modulus
+ * @param t			temporary buffer of size 2N elements
+ * @param a_inv 	polynomial for inverse of a
+ */
+static bool ring_inv(uint16_t *a, uint16_t N, uint16_t q, uint16_t *t,
+					 uint16_t *a_inv)
+{
+	uint8_t *b = (uint8_t *)t;
+	uint8_t *c = b + N;
+	uint8_t *f = c + N;
+	uint8_t *g = (uint8_t *)a_inv;
+	uint16_t *t2 = t + N;
+	uint16_t deg_b, deg_c, deg_f, deg_g;
+    bool done = FALSE;
+    int i, j, k = 0;
+
+	/* form a^-1 in (Z/2Z)[X]/X^N - 1) */
+	memset(b, 0, 2 * N);					/* clear to init b, c */
+
+	/* b(X) = 1 */
+	b[0] = 1;
+	deg_b = 0;
+
+	/* c(X) = 0 (cleared above) */
+	deg_c = 0;
+
+	/* f(X) = a(X) mod 2 */
+	for (i = 0; i < N; i++)
+	{
+		f[i] = (uint8_t)(a[i] & 1);
+	}
+	deg_f = N - 1;
+
+	/* g(X) = X^N - 1 */
+	g[0] = 1;
+	memset(g + 1, 0, N - 1);
+	g[N] = 1;
+	deg_g = N;
+
+	/* until f(X) = 1 */
+	while (!done)
+	{
+		/* while f[0] = 0, f(X) /= X, c(X) *= X, k++ */
+		for (i = 0; (i <= deg_f) && (f[i] == 0); ++i);
+
+		if (i > deg_f)
+		{
+			return FALSE;
+		}
+		if (i)
+		{
+			f = f + i;
+			deg_f = deg_f - i;
+			deg_c = deg_c + i;
+			for (j = deg_c; j >= i; j--)
+			{
+				c[j] = c[j-i];
+			}
+			for (j = 0; j < i; j++)
+			{
+				c[j] = 0;
+			}
+			k = k + i;
+		}
+
+		/* adjust degree of f(X) if the highest coefficients are zero
+		 * Note: f[0] = 1 from above so the loop will terminate.
+		 */
+		while (f[deg_f] == 0)
+		{
+			--deg_f;
+		}
+
+		/* if f(X) = 1, done
+		 * Note: f[0] = 1 from above, so only check the x term and up
+		 */
+		for (i = 1; (i <= deg_f) && (f[i] == 0); ++i);
+
+		if (i > deg_f)
+		{
+			done = TRUE;
+			break;
+		}
+
+		/* if deg_f < deg_g, f <-> g, b <-> c */
+		if (deg_f < deg_g)
+		{
+			uint8_t *x;
+
+			x = f;
+			f = g;
+			g = x;
+			deg_f ^= deg_g;
+			deg_g ^= deg_f;
+			deg_f ^= deg_g;
+			x = b;
+			b = c;
+			c = x;
+			deg_b ^= deg_c;
+			deg_c ^= deg_b;
+			deg_b ^= deg_c;
+		}
+
+		/* f(X) += g(X), b(X) += c(X) */
+		for (i = 0; i <= deg_g; i++)
+		{
+			f[i] ^= g[i];
+		}
+		if (deg_c > deg_b)
+		{	
+			deg_b = deg_c;
+		}
+		for (i = 0; i <= deg_c; i++)
+		{
+			b[i] ^= c[i];
+		}
+	}
+
+	/* a^-1 in (Z/2Z)[X]/(X^N - 1) = b(X) shifted left k coefficients */
+	j = 0;
+	if (k >= N)
+	{
+		k = k - N;
+	}
+	for (i = k; i < N; i++)
+	{
+		a_inv[j++] = (uint16_t)(b[i]);
+	}
+	for (i = 0; i < k; i++)
+	{
+		a_inv[j++] = (uint16_t)(b[i]);
+	}
+
+	/* lift a^-1 in (Z/2Z)[X]/(X^N - 1) to a^-1 in (Z/qZ)[X]/(X^N -1) */
+    for (j = 0; j < 4; ++j)				/* assumes 256 < q <= 65536 */
+	{
+		/* a^-1 = a^-1 * (2 - a * a^-1) mod q */
+		memcpy(t2, a_inv, N * sizeof(uint16_t));
+		ring_mult_c(a, t2, N, q, t);
+		for (i = 0; i < N; ++i)
+		{
+			t[i] = q - t[i];
+		}
+		t[0] = t[0] + 2;
+		ring_mult_c(t2, t, N, q, a_inv);
+	}
+	
+	return TRUE;
+}
+
+/*
+ * Described in header.
+ */
+ntru_private_key_t *ntru_private_key_create(ntru_drbg_t *drbg,
+											ntru_param_set_t *params)
+{
+	private_ntru_private_key_t *this;
+	size_t t_len;
+	uint16_t *t1, *t2, *t = NULL;
+	uint16_t mod_q_mask;
+    hash_algorithm_t hash_algid;
+	ntru_poly_t *g_poly;
+	chunk_t	seed;
+	int i;
+
+	INIT(this,
+		.public = {
+			.get_id = _get_id,
+			.get_public_key = _get_public_key,
+			.get_encoding = _get_encoding,
+			.decrypt = _decrypt,
+			.destroy = _destroy,
+		},
+		.params = params,
+		.pubkey = malloc(params->N * sizeof(uint16_t)),
+		.drbg = drbg->get_ref(drbg),
+	);
+
+	/* set hash algorithm and seed length based on security strength */
+	if (params->sec_strength_len <= 20)
+	{
+		hash_algid = HASH_SHA1;
+	}
+	else
+	{
+		hash_algid = HASH_SHA256;
+	}
+	seed =chunk_alloc(params->sec_strength_len + 8);
+
+	/* get random seed for generating trinary F as a list of indices */
+	if (!drbg->generate(drbg, params->sec_strength_len * BITS_PER_BYTE,
+							  seed.len, seed.ptr))
+	{
+		goto err;
+	}
+
+	DBG2(DBG_LIB, "generate polynomial F");
+	this->privkey = ntru_poly_create_from_seed(hash_algid, seed, params->c_bits,
+											   params->N, params->q,
+											   params->dF_r, params->dF_r,
+											   params->is_product_form);
+	if (!this->privkey)
+	{
+		goto err;
+	}
+
+	/* allocate temporary array t */
+	t_len = 3 * params->N * sizeof(uint16_t);
+	t = malloc(t_len);
+	t1 = t + 2 * params->N;
+
+	/* extend sparse private key polynomial f to N array elements */ 
+	this->privkey->get_array(this->privkey, t1);
+
+	/* set mask for large modulus */
+	mod_q_mask = params->q - 1;
+
+	/* form f = 1 + pF */
+	for (i = 0; i < params->N; i++)
+	{
+		t1[i] = (t1[i] * 3) & mod_q_mask;
+	}
+	t1[0] = (t1[0] + 1) & mod_q_mask;
+
+	/* use the public key array as a temporary buffer */
+	t2 = this->pubkey;
+ 
+	/* find f^-1 in (Z/qZ)[X]/(X^N - 1) */
+	if (!ring_inv(t1, params->N, params->q, t, t2))
+	{
+		goto err;
+	}
+
+	/* get random seed for generating trinary g as a list of indices */
+ 	if (!drbg->generate(drbg, params->sec_strength_len * BITS_PER_BYTE,
+							  seed.len, seed.ptr))
+	{
+		goto err;
+	}
+
+	DBG2(DBG_LIB, "generate polynomial g");
+	g_poly = ntru_poly_create_from_seed(hash_algid, seed, params->c_bits,
+										params->N, params->q, params->dg + 1,
+										params->dg, FALSE);
+	if (!g_poly)
+	{
+		goto err;
+	}
+
+	/* compute public key polynomial h = p * (f^-1 * g) mod q */
+	g_poly->ring_mult(g_poly, t2, t2);
+	g_poly->destroy(g_poly);
+
+	for (i = 0; i < params->N; i++)
+	{
+		this->pubkey[i] = (t2[i] * 3) & mod_q_mask;
+	}
+
+	/* cleanup temporary storage */
+	chunk_clear(&seed);
+	memwipe(t, t_len);
+	free(t);
+	
+	/* generate private key encoding */
+	generate_encoding(this);
+
+	return &this->public;
+
+err:
+	chunk_free(&seed);
+	free(t);
+	destroy(this);
+
+	return NULL;
+}
+
+/*
+ * Described in header.
+ */
+ntru_private_key_t *ntru_private_key_create_from_data(ntru_drbg_t *drbg,
+													  chunk_t data)
+{
+	private_ntru_private_key_t *this;
+	size_t header_len, pubkey_packed_len, privkey_packed_len;
+	size_t privkey_packed_trits_len, privkey_packed_indices_len;
+	uint8_t *privkey_packed, tag;
+	uint16_t *indices, dF;
+	ntru_param_set_t *params;
+
+	header_len = 2 + NTRU_OID_LEN;
+
+	/* check the NTRU public key header format */
+	if (data.len < header_len ||
+		!(data.ptr[0] == NTRU_PRIVKEY_DEFAULT_TAG ||
+		  data.ptr[0] == NTRU_PRIVKEY_TRITS_TAG ||
+		  data.ptr[0] == NTRU_PRIVKEY_INDICES_TAG) ||
+		data.ptr[1] != NTRU_OID_LEN)
+	{
+		DBG1(DBG_LIB, "loaded NTRU private key with invalid header");
+		return NULL;
+	}
+	tag = data.ptr[0];
+	params = ntru_param_set_get_by_oid(data.ptr + 2);
+
+	if (!params)
+	{
+		DBG1(DBG_LIB, "loaded NTRU private key with unknown OID");
+		return NULL;
+	}
+
+	pubkey_packed_len = (params->N * params->q_bits + 7) / 8;
+	privkey_packed_trits_len = (params->N + 4) / 5;
+
+	/* check packing type for product-form private keys */
+	if (params->is_product_form &&  tag == NTRU_PRIVKEY_TRITS_TAG)
+	{
+		DBG1(DBG_LIB, "a product-form NTRU private key cannot be trits-encoded");
+		return NULL;
+	}
+
+	/* set packed-key length for packed indices */
+	if (params->is_product_form)
+	{
+		dF = (uint16_t)((params->dF_r & 0xff) +           /* df1 */
+					   ((params->dF_r >>  8) & 0xff) +    /* df2 */
+					   ((params->dF_r >> 16) & 0xff));    /* df3 */
+	}
+	else
+	{
+		dF = (uint16_t)params->dF_r;
+	}
+	privkey_packed_indices_len = (2 * dF * params->N_bits + 7) / 8;
+
+	/* set private-key packing type if defaulted */
+	if (tag == NTRU_PRIVKEY_DEFAULT_TAG)
+	{
+		if (params->is_product_form ||
+            privkey_packed_indices_len <= privkey_packed_trits_len)
+		{
+			tag = NTRU_PRIVKEY_INDICES_TAG;
+		}		
+		else
+		{
+			tag = NTRU_PRIVKEY_TRITS_TAG;
+		}
+	}
+	privkey_packed_len = (tag == NTRU_PRIVKEY_TRITS_TAG) ?
+                		 privkey_packed_trits_len : privkey_packed_indices_len;
+
+	if (data.len < header_len + pubkey_packed_len + privkey_packed_len)
+	{
+		DBG1(DBG_LIB, "loaded NTRU private key with wrong packed key size");
+		return NULL;
+	}
+
+	INIT(this,
+		.public = {
+			.get_id = _get_id,
+			.get_public_key = _get_public_key,
+			.get_encoding = _get_encoding,
+			.decrypt = _decrypt,
+			.destroy = _destroy,
+		},
+		.params = params,
+		.pubkey = malloc(params->N * sizeof(uint16_t)),
+		.encoding = chunk_clone(data),
+		.drbg = drbg->get_ref(drbg),
+	);
+
+	/* unpack the encoded public key */
+	ntru_octets_2_elements(pubkey_packed_len, data.ptr + header_len,
+						   params->q_bits, this->pubkey);
+
+	/* allocate temporary memory for indices */
+	indices = malloc(2 * dF * sizeof(uint16_t));
+
+	/* unpack the private key */
+	privkey_packed = data.ptr + header_len + pubkey_packed_len;	
+	if (tag == NTRU_PRIVKEY_TRITS_TAG)
+	{
+		ntru_packed_trits_2_indices(privkey_packed, params->N,
+									indices, indices + dF);
+    }
+	else
+	{
+        ntru_octets_2_elements(privkey_packed_indices_len, privkey_packed,
+							   params->N_bits, indices);
+    }
+	this->privkey = ntru_poly_create_from_data(indices, params->N, params->q,
+											   params->dF_r, params->dF_r,
+											   params->is_product_form);
+
+	/* cleanup */
+	memwipe(indices, 2 * dF * sizeof(uint16_t));
+	free(indices);
+
+	return &this->public;
+}
+
+EXPORT_FUNCTION_FOR_TESTS(ntru, ntru_private_key_create);
+
+EXPORT_FUNCTION_FOR_TESTS(ntru, ntru_private_key_create_from_data);
diff --git a/src/libstrongswan/plugins/ntru/ntru_private_key.h b/src/libstrongswan/plugins/ntru/ntru_private_key.h
new file mode 100644
index 000000000..c6f08440f
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_private_key.h
@@ -0,0 +1,92 @@
+/*
+ * Copyright (C) 2014 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup ntru_private_key ntru_private_key
+ * @{ @ingroup ntru_p
+ */
+
+#ifndef NTRU_PRIVATE_KEY_H_
+#define NTRU_PRIVATE_KEY_H_
+
+typedef struct ntru_private_key_t ntru_private_key_t;
+
+#include "ntru_drbg.h"
+#include "ntru_param_set.h"
+#include "ntru_public_key.h"
+
+#include <library.h>
+
+/**
+ * Implements an NTRU encryption public/private key pair
+ */
+struct ntru_private_key_t {
+
+	/**
+	 * Returns NTRU parameter set ID of the private key
+	 *
+	 * @return			NTRU parameter set ID
+	 */
+	ntru_param_set_id_t (*get_id)(ntru_private_key_t *this);
+
+	/**
+	 * Returns the NTRU encryption public key as an encoded binary blob
+	 *
+	 * @return				NTRU encryption public key (must be freed after use)
+	 */
+	ntru_public_key_t* (*get_public_key)(ntru_private_key_t *this);
+
+	/**
+	 * Returns the packed encoding of the NTRU encryption private key
+	 *
+	 * @return				Packed encoding of NTRU encryption private key
+	 */
+	chunk_t (*get_encoding)(ntru_private_key_t *this);
+
+	/**
+	 * Decrypts an NTRU ciphertext
+	 *
+	 * @param ciphertext	NTRU Ciphertext
+	 * @param plaintext		Plaintext
+	 * @return				TRUE if decryption was successful
+	 */
+	bool (*decrypt)(ntru_private_key_t *this, chunk_t ciphertext,
+					chunk_t *plaintext);
+
+	/**
+	 * Destroy ntru_private_key_t object
+	 */
+	void (*destroy)(ntru_private_key_t *this);
+};
+
+/**
+ * Creates an NTRU encryption public/private key pair using a NIST DRBG
+ *
+ * @param drbg			Digital Random Bit Generator used for key generation
+ * @param params		NTRU encryption parameter set to be used
+ */
+ntru_private_key_t *ntru_private_key_create(ntru_drbg_t *drbg, ntru_param_set_t *params);
+
+/**
+ * Creates an NTRU encryption private key from encoding
+ *
+ * @param drbg			Deterministic random bit generator
+ * @param data			Encoded NTRU private key
+ */
+ntru_private_key_t *ntru_private_key_create_from_data(ntru_drbg_t *drbg,
+													  chunk_t data);
+
+#endif /** NTRU_PRIVATE_KEY_H_ @}*/
+
diff --git a/src/libstrongswan/plugins/ntru/ntru_public_key.c b/src/libstrongswan/plugins/ntru/ntru_public_key.c
new file mode 100644
index 000000000..a2ff1b2b0
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_public_key.c
@@ -0,0 +1,408 @@
+/*
+ * Copyright (C) 2014 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * Copyright (C) 2009-2013  Security Innovation
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "ntru_public_key.h"
+#include "ntru_trits.h"
+#include "ntru_poly.h"
+#include "ntru_convert.h"
+
+#include <utils/debug.h>
+#include <utils/test.h>
+
+typedef struct private_ntru_public_key_t private_ntru_public_key_t;
+
+/**
+ * Private data of an ntru_public_key_t object.
+ */
+struct private_ntru_public_key_t {
+	/**
+	 * Public ntru_public_key_t interface.
+	 */
+	ntru_public_key_t public;
+
+	/**
+	 * NTRU Parameter Set
+	 */
+	ntru_param_set_t *params;
+
+	/**
+	 * Polynomial h which is the public key
+	 */
+	uint16_t *pubkey;
+
+	/**
+	 * Encoding of the public key
+	 */
+	chunk_t encoding;
+
+	/**
+	 * Deterministic Random Bit Generator
+	 */
+	ntru_drbg_t *drbg;
+
+};
+
+METHOD(ntru_public_key_t, get_id, ntru_param_set_id_t,
+	private_ntru_public_key_t *this)
+{
+	return this->params->id;
+}
+
+/**
+ * Generate NTRU encryption public key encoding
+ */
+static void generate_encoding(private_ntru_public_key_t *this)
+{
+	size_t pubkey_len;
+	u_char *enc;
+
+	/* compute public key length encoded as packed coefficients */
+	pubkey_len =  (this->params->N * this->params->q_bits + 7) / 8;
+
+	/* allocate memory for public key encoding */
+	this->encoding = chunk_alloc(2 + NTRU_OID_LEN + pubkey_len);
+	enc = this->encoding.ptr;
+
+	/* format header and packed public key */
+	*enc++ = NTRU_PUBKEY_TAG;
+	*enc++ = NTRU_OID_LEN;
+	memcpy(enc, this->params->oid, NTRU_OID_LEN);
+	enc += NTRU_OID_LEN;
+	ntru_elements_2_octets(this->params->N, this->pubkey,
+						   this->params->q_bits, enc);
+}
+
+METHOD(ntru_public_key_t, get_encoding, chunk_t,
+	private_ntru_public_key_t *this)
+{
+	return this->encoding;
+}
+
+#define MAX_SEC_STRENGTH_LEN	32 /* bytes */
+
+/**
+ * Shared with ntru_private_key.c
+ */
+extern bool ntru_check_min_weight(uint16_t N, uint8_t  *t, uint16_t min_wt);
+
+METHOD(ntru_public_key_t, encrypt, bool,
+	private_ntru_public_key_t *this, chunk_t plaintext, chunk_t *ciphertext)
+{
+	hash_algorithm_t hash_algid;
+	size_t t_len, seed1_len, seed2_len;
+	uint16_t *t1, *t = NULL;
+	uint8_t b[MAX_SEC_STRENGTH_LEN];
+	uint8_t *t2, *Mtrin, *M, *mask_trits, *ptr;
+	uint16_t mod_q_mask, mprime_len = 0;
+	int16_t m1 = 0;
+	chunk_t seed = chunk_empty;
+	ntru_trits_t *mask;
+	ntru_poly_t *r_poly;
+	bool msg_rep_good, success = FALSE;
+	int i;
+
+	*ciphertext = chunk_empty;
+
+	if (plaintext.len > this->params->m_len_max)
+	{
+		DBG1(DBG_LIB, "plaintext exceeds maximum size");
+		return FALSE;
+	}
+
+	if (this->params->sec_strength_len > MAX_SEC_STRENGTH_LEN)
+	{
+		DBG1(DBG_LIB, "required security strength exceeds %d bits",
+			 MAX_SEC_STRENGTH_LEN * BITS_PER_BYTE);
+		return FALSE;
+	}
+
+	/* allocate temporary array t */
+	t_len  = (sizeof(uint16_t) + 3*sizeof(uint8_t)) * this->params->N;
+	t = malloc(t_len);
+	t1 = t;
+	t2 = (uint8_t *)(t1 + this->params->N);
+	Mtrin = t2 + this->params->N;
+	M = Mtrin + this->params->N;
+
+	/* set hash algorithm based on security strength */
+	hash_algid = (this->params->sec_strength_len <= 20) ? HASH_SHA1 :
+														  HASH_SHA256;
+	/* set constants */
+	mod_q_mask = this->params->q - 1;
+
+	/* allocate memory for the larger of the two seeds */
+	seed1_len = (this->params->N + 3)/4;
+	seed2_len = 3 + 2*this->params->sec_strength_len + plaintext.len;
+	seed = chunk_alloc(max(seed1_len, seed2_len));
+
+	/* loop until a message representative with proper weight is achieved */
+	do
+	{
+		if (!this->drbg->generate(this->drbg,
+								  this->params->sec_strength_len * BITS_PER_BYTE,
+								  this->params->sec_strength_len, b))
+		{
+			goto err;
+		}
+
+		/* form sData (OID || m || b || hTrunc) */
+		ptr = seed.ptr;
+		memcpy(ptr, this->params->oid, NTRU_OID_LEN);
+		ptr += NTRU_OID_LEN;
+		memcpy(ptr, plaintext.ptr, plaintext.len);
+		ptr += plaintext.len;
+		memcpy(ptr, b, this->params->sec_strength_len);
+		ptr += this->params->sec_strength_len;
+		memcpy(ptr, this->encoding.ptr + 2 + NTRU_OID_LEN,
+			   this->params->sec_strength_len);
+		ptr += this->params->sec_strength_len;
+		seed.len = seed2_len;
+
+		DBG2(DBG_LIB, "generate polynomial r");
+		r_poly = ntru_poly_create_from_seed(hash_algid, seed, this->params->c_bits,
+											this->params->N, this->params->q,
+											this->params->dF_r, this->params->dF_r,
+											this->params->is_product_form);
+		if (!r_poly)
+		{
+		   goto err;
+		}
+
+		/* form R = h * r */
+		r_poly->ring_mult(r_poly, this->pubkey, t1);
+		r_poly->destroy(r_poly);
+
+		/* form R mod 4 */
+		ntru_coeffs_mod4_2_octets(this->params->N, t1, seed.ptr);
+		seed.len = seed1_len;
+
+		/* form mask */
+		mask = ntru_trits_create(this->params->N, hash_algid, seed);
+		if (!mask)
+		{
+			DBG1(DBG_LIB, "mask creation failed");
+			goto err;
+		}
+
+		/* form the padded message M */
+		ptr = M;
+		memcpy(ptr, b, this->params->sec_strength_len);
+		ptr += this->params->sec_strength_len;
+		if (this->params->m_len_len == 2)
+		{
+			*ptr++ = (uint8_t)((plaintext.len >> 8) & 0xff);
+		}
+		*ptr++ = (uint8_t)(plaintext.len & 0xff);
+		memcpy(ptr, plaintext.ptr, plaintext.len);
+		ptr += plaintext.len;
+
+		/* add an extra zero byte in case without it the bit string
+		 * is not a multiple of 3 bits and therefore might not be
+		 * able to produce enough trits
+		 */
+		memset(ptr, 0, this->params->m_len_max - plaintext.len + 2);
+
+		/* convert M to trits (Mbin to Mtrin) */
+		mprime_len = this->params->N;
+		if (this->params->is_product_form)
+		{
+			--mprime_len;
+		}
+		ntru_bits_2_trits(M, mprime_len, Mtrin);
+		mask_trits = mask->get_trits(mask);
+
+
+		/* form the msg representative m' by adding Mtrin to mask, mod p */
+		if (this->params->is_product_form)
+		{
+			m1 = 0;
+			for (i = 0; i < mprime_len; i++)
+			{
+				t2[i] = mask_trits[i] + Mtrin[i];
+				if (t2[i] >= 3)
+				{
+					t2[i] -= 3;
+				}
+				if (t2[i] == 1)
+				{
+					++m1;
+				}
+				else if (t2[i] == 2)
+				{
+					--m1;
+				}
+			}
+		}
+		else
+		{
+			for (i = 0; i < mprime_len; i++)
+			{
+				t2[i] = mask_trits[i] + Mtrin[i];
+				if (t2[i] >= 3)
+				{
+					t2[i] -= 3;
+				}
+			}
+		}
+		mask->destroy(mask);
+
+		/* check that message representative meets minimum weight
+		 * requirements
+		 */
+		if (this->params->is_product_form)
+		{
+			msg_rep_good = (abs(m1) <= this->params->min_msg_rep_wt);
+		}
+		else
+		{
+			msg_rep_good = ntru_check_min_weight(mprime_len, t2,
+												 this->params->min_msg_rep_wt);
+		}
+	}
+	while (!msg_rep_good);
+
+	/* form ciphertext e by adding m' to R mod q */
+	for (i = 0; i < mprime_len; i++)
+	{
+		if (t2[i] == 1)
+		{
+			t1[i] = (t1[i] + 1) & mod_q_mask;
+		}
+		else if (t2[i] == 2)
+		{
+			t1[i] = (t1[i] - 1) & mod_q_mask;
+		}
+	}
+	if (this->params->is_product_form)
+	{
+		t1[i] = (t1[i] - m1) & mod_q_mask;
+	}
+
+	/* pack ciphertext */
+	*ciphertext = chunk_alloc((this->params->N * this->params->q_bits + 7) / 8);
+	ntru_elements_2_octets(this->params->N, t1, this->params->q_bits,
+						   ciphertext->ptr);
+
+	memwipe(t, t_len);
+	success = TRUE;
+
+err:
+	/* cleanup */
+	chunk_clear(&seed);
+	free(t);
+
+	return success;
+}
+METHOD(ntru_public_key_t, destroy, void,
+	private_ntru_public_key_t *this)
+{
+	this->drbg->destroy(this->drbg);
+	chunk_clear(&this->encoding);
+	free(this->pubkey);
+	free(this);
+}
+
+/*
+ * Described in header.
+ */
+ntru_public_key_t *ntru_public_key_create(ntru_drbg_t *drbg,
+										  ntru_param_set_t *params,
+										  uint16_t *pubkey)
+{
+	private_ntru_public_key_t *this;
+	int i;
+
+	INIT(this,
+		.public = {
+			.get_id = _get_id,
+			.get_encoding = _get_encoding,
+			.encrypt = _encrypt,
+			.destroy = _destroy,
+		},
+		.params = params,
+		.pubkey = malloc(params->N * sizeof(uint16_t)),
+		.drbg = drbg->get_ref(drbg),
+	);
+
+	for (i = 0; i < params->N; i++)
+	{
+		this->pubkey[i] = pubkey[i];
+	}
+
+	/* generate public key encoding */
+	generate_encoding(this);
+
+	return &this->public;
+}
+
+/*
+ * Described in header.
+ */
+ntru_public_key_t *ntru_public_key_create_from_data(ntru_drbg_t *drbg,
+													chunk_t data)
+{
+	private_ntru_public_key_t *this;
+	size_t header_len, pubkey_packed_len;
+	ntru_param_set_t *params;
+
+	header_len = 2 + NTRU_OID_LEN;
+
+	/* check the NTRU public key header format */
+	if (data.len < header_len ||
+		data.ptr[0] != NTRU_PUBKEY_TAG ||
+		data.ptr[1] != NTRU_OID_LEN)
+	{
+		DBG1(DBG_LIB, "received NTRU public key with invalid header");
+		return NULL;
+	}
+	params =  ntru_param_set_get_by_oid(data.ptr + 2);
+
+	if (!params)
+	{
+		DBG1(DBG_LIB, "received NTRU public key with unknown OID");
+		return NULL;
+	}
+
+	pubkey_packed_len = (params->N * params->q_bits + 7) / 8;
+
+	if (data.len < header_len + pubkey_packed_len)
+	{
+		DBG1(DBG_LIB, "received NTRU public key with wrong packed key size");
+		return NULL;
+	}
+
+	INIT(this,
+		.public = {
+			.get_id = _get_id,
+			.get_encoding = _get_encoding,
+			.encrypt = _encrypt,
+			.destroy = _destroy,
+		},
+		.params = params,
+		.pubkey = malloc(params->N * sizeof(uint16_t)),
+		.encoding = chunk_clone(data),
+		.drbg = drbg->get_ref(drbg),
+	);
+
+	/* unpack the encoded public key */
+	ntru_octets_2_elements(pubkey_packed_len, data.ptr + header_len,
+						   params->q_bits, this->pubkey);
+
+	return &this->public;
+}
+
+EXPORT_FUNCTION_FOR_TESTS(ntru, ntru_public_key_create_from_data);
diff --git a/src/libstrongswan/plugins/ntru/ntru_public_key.h b/src/libstrongswan/plugins/ntru/ntru_public_key.h
new file mode 100644
index 000000000..baa8eabcd
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_public_key.h
@@ -0,0 +1,88 @@
+/*
+ * Copyright (C) 2014 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup ntru_public_key ntru_public_key
+ * @{ @ingroup ntru_p
+ */
+
+#ifndef NTRU_PUBLIC_KEY_H_
+#define NTRU_PUBLIC_KEY_H_
+
+typedef struct ntru_public_key_t ntru_public_key_t;
+
+#include "ntru_param_set.h"
+#include "ntru_drbg.h"
+
+#include <library.h>
+
+/**
+ * Implements an NTRU encryption public key
+ */
+struct ntru_public_key_t {
+
+	/**
+	 * Returns NTRU parameter set ID of the public key
+	 *
+	 * @return			NTRU parameter set ID
+	 */
+	ntru_param_set_id_t (*get_id)(ntru_public_key_t *this);
+
+	/**
+	 * Returns the packed encoding of the NTRU encryption public key
+	 *
+	 * @return			Packed encoding of NTRU encryption public key
+	 */
+	chunk_t (*get_encoding)(ntru_public_key_t *this);
+
+	/**
+	 * Encrypts a plaintext with the NTRU public key
+	 *
+	 * @param ciphertext	Plaintext
+	 * @param plaintext		Ciphertext
+	 * @return				TRUE if encryption was successful
+	 */
+	bool (*encrypt)(ntru_public_key_t *this, chunk_t plaintext,
+					chunk_t *ciphertext);
+
+	/**
+	 * Destroy ntru_public_key_t object
+	 */
+	void (*destroy)(ntru_public_key_t *this);
+};
+
+/**
+ * Creates an NTRU encryption public key from coefficients
+ *
+ * @param drbg			Deterministic random bit generator
+ * @param params		NTRU encryption parameter set to be used
+ * @param pubkey		Coefficients of public key polynomial h
+ */
+ntru_public_key_t *ntru_public_key_create(ntru_drbg_t *drbg,
+										  ntru_param_set_t *params,
+										  uint16_t *pubkey);
+
+/**
+ * Creates an NTRU encryption public key from encoding
+ *
+ * @param drbg			Deterministic random bit generator
+ * @param data			Encoded NTRU public key
+ */
+ntru_public_key_t *ntru_public_key_create_from_data(ntru_drbg_t *drbg,
+													chunk_t data);
+
+
+#endif /** NTRU_PUBLIC_KEY_H_ @}*/
+
diff --git a/src/libstrongswan/plugins/ntru/ntru_trits.c b/src/libstrongswan/plugins/ntru/ntru_trits.c
index f82501629..1abb7671c 100644
--- a/src/libstrongswan/plugins/ntru/ntru_trits.c
+++ b/src/libstrongswan/plugins/ntru/ntru_trits.c
@@ -15,8 +15,7 @@
 
 #include "ntru_trits.h"
 #include "ntru_mgf1.h"
-
-#include "ntru_crypto/ntru_crypto_ntru_convert.h"
+#include "ntru_convert.h"
 
 #include <utils/debug.h>
 #include <utils/test.h>
diff --git a/src/libstrongswan/plugins/openssl/Makefile.in b/src/libstrongswan/plugins/openssl/Makefile.in
index f0735294b..5d8ada2fa 100644
--- a/src/libstrongswan/plugins/openssl/Makefile.in
+++ b/src/libstrongswan/plugins/openssl/Makefile.in
@@ -379,7 +379,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/openssl/openssl_gcm.c b/src/libstrongswan/plugins/openssl/openssl_gcm.c
index 842111bd3..147e4afb4 100644
--- a/src/libstrongswan/plugins/openssl/openssl_gcm.c
+++ b/src/libstrongswan/plugins/openssl/openssl_gcm.c
@@ -202,7 +202,8 @@ METHOD(aead_t, destroy, void,
 /*
  * Described in header
  */
-aead_t *openssl_gcm_create(encryption_algorithm_t algo, size_t key_size)
+aead_t *openssl_gcm_create(encryption_algorithm_t algo,
+						   size_t key_size, size_t salt_size)
 {
 	private_aead_t *this;
 
@@ -236,6 +237,13 @@ aead_t *openssl_gcm_create(encryption_algorithm_t algo, size_t key_size)
 			return NULL;
 	}
 
+	if (salt_size && salt_size != SALT_LEN)
+	{
+		/* currently not supported */
+		free(this);
+		return NULL;
+	}
+
 	switch (algo)
 	{
 		case ENCR_AES_GCM_ICV8:
diff --git a/src/libstrongswan/plugins/openssl/openssl_gcm.h b/src/libstrongswan/plugins/openssl/openssl_gcm.h
index 12d2e8ab6..4ae268bd6 100644
--- a/src/libstrongswan/plugins/openssl/openssl_gcm.h
+++ b/src/libstrongswan/plugins/openssl/openssl_gcm.h
@@ -30,8 +30,10 @@
  *
  * @param algo			algorithm to implement
  * @param key_size		key size in bytes
+ * @param salt_size		size of implicit salt length
  * @return				aead_t object, NULL if not supported
  */
-aead_t *openssl_gcm_create(encryption_algorithm_t algo, size_t key_size);
+aead_t *openssl_gcm_create(encryption_algorithm_t algo, size_t key_size,
+							size_t salt_size);
 
 #endif /** OPENSSL_GCM_H_ @}*/
diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
index f0c172629..9748e28f2 100644
--- a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
@@ -222,7 +222,21 @@ bool openssl_rsa_fingerprint(RSA *rsa, cred_encoding_type_t type, chunk_t *fp)
 			i2d_RSA_PUBKEY(rsa, &p);
 			break;
 		default:
-			return FALSE;
+		{
+			chunk_t n = chunk_empty, e = chunk_empty;
+			bool success = FALSE;
+
+			if (openssl_bn2chunk(rsa->n, &n) &&
+				openssl_bn2chunk(rsa->e, &e))
+			{
+				success = lib->encoding->encode(lib->encoding, type, rsa, fp,
+									CRED_PART_RSA_MODULUS, n,
+									CRED_PART_RSA_PUB_EXP, e, CRED_PART_END);
+			}
+			chunk_free(&n);
+			chunk_free(&e);
+			return success;
+		}
 	}
 	hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
 	if (!hasher || !hasher->allocate_hash(hasher, key, fp))
diff --git a/src/libstrongswan/plugins/padlock/Makefile.in b/src/libstrongswan/plugins/padlock/Makefile.in
index 55c0271ce..0450ab053 100644
--- a/src/libstrongswan/plugins/padlock/Makefile.in
+++ b/src/libstrongswan/plugins/padlock/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/pem/Makefile.in b/src/libstrongswan/plugins/pem/Makefile.in
index 22c33b0c8..300615eb7 100644
--- a/src/libstrongswan/plugins/pem/Makefile.in
+++ b/src/libstrongswan/plugins/pem/Makefile.in
@@ -371,7 +371,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/pem/pem_encoder.c b/src/libstrongswan/plugins/pem/pem_encoder.c
index 9c8237e4d..df4b77cc3 100644
--- a/src/libstrongswan/plugins/pem/pem_encoder.c
+++ b/src/libstrongswan/plugins/pem/pem_encoder.c
@@ -106,6 +106,12 @@ bool pem_encoder_encode(cred_encoding_type_t type, chunk_t *encoding,
 				label = "CERTIFICATE REQUEST";
 				break;
 			}
+			if (cred_encoding_args(args, CRED_PART_X509_AC_ASN1_DER,
+								   &asn1, CRED_PART_END))
+			{
+				label = "ATTRIBUTE CERTIFICATE";
+				break;
+			}
 		default:
 			return FALSE;
 	}
@@ -154,4 +160,3 @@ bool pem_encoder_encode(cred_encoding_type_t type, chunk_t *encoding,
 	encoding->len = pos - encoding->ptr;
 	return TRUE;
 }
-
diff --git a/src/libstrongswan/plugins/pgp/Makefile.in b/src/libstrongswan/plugins/pgp/Makefile.in
index e2491f5a4..ca8743bc0 100644
--- a/src/libstrongswan/plugins/pgp/Makefile.in
+++ b/src/libstrongswan/plugins/pgp/Makefile.in
@@ -371,7 +371,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/pkcs1/Makefile.in b/src/libstrongswan/plugins/pkcs1/Makefile.in
index d3f3fdf49..c563806ee 100644
--- a/src/libstrongswan/plugins/pkcs1/Makefile.in
+++ b/src/libstrongswan/plugins/pkcs1/Makefile.in
@@ -372,7 +372,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c b/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c
index b304a5101..eb0903d47 100644
--- a/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c
+++ b/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c
@@ -46,6 +46,9 @@ METHOD(plugin_t, get_features, int,
 			PLUGIN_PROVIDE(PRIVKEY, KEY_RSA),
 		PLUGIN_REGISTER(PUBKEY, pkcs1_public_key_load, FALSE),
 			PLUGIN_PROVIDE(PUBKEY, KEY_ANY),
+				PLUGIN_SDEPEND(PUBKEY, KEY_RSA),
+				PLUGIN_SDEPEND(PUBKEY, KEY_ECDSA),
+				PLUGIN_SDEPEND(PUBKEY, KEY_DSA),
 		PLUGIN_REGISTER(PUBKEY, pkcs1_public_key_load, FALSE),
 			PLUGIN_PROVIDE(PUBKEY, KEY_RSA),
 	};
diff --git a/src/libstrongswan/plugins/pkcs11/Makefile.in b/src/libstrongswan/plugins/pkcs11/Makefile.in
index c8cec3771..5d2f39c9e 100644
--- a/src/libstrongswan/plugins/pkcs11/Makefile.in
+++ b/src/libstrongswan/plugins/pkcs11/Makefile.in
@@ -375,7 +375,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/pkcs12/Makefile.in b/src/libstrongswan/plugins/pkcs12/Makefile.in
index 67b1f4f57..f398652d5 100644
--- a/src/libstrongswan/plugins/pkcs12/Makefile.in
+++ b/src/libstrongswan/plugins/pkcs12/Makefile.in
@@ -372,7 +372,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/pkcs7/Makefile.in b/src/libstrongswan/plugins/pkcs7/Makefile.in
index feff6e5b0..7d1c65538 100644
--- a/src/libstrongswan/plugins/pkcs7/Makefile.in
+++ b/src/libstrongswan/plugins/pkcs7/Makefile.in
@@ -374,7 +374,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/pkcs8/Makefile.in b/src/libstrongswan/plugins/pkcs8/Makefile.in
index 35a5c9a35..fca8fd1f9 100644
--- a/src/libstrongswan/plugins/pkcs8/Makefile.in
+++ b/src/libstrongswan/plugins/pkcs8/Makefile.in
@@ -371,7 +371,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/plugin_feature.c b/src/libstrongswan/plugins/plugin_feature.c
index 8a1958be5..65cdbe9d9 100644
--- a/src/libstrongswan/plugins/plugin_feature.c
+++ b/src/libstrongswan/plugins/plugin_feature.c
@@ -73,25 +73,55 @@ u_int32_t plugin_feature_hash(plugin_feature_t *feature)
 			data = chunk_empty;
 			break;
 		case FEATURE_CRYPTER:
+			data = chunk_from_thing(feature->arg.crypter);
+			break;
 		case FEATURE_AEAD:
+			data = chunk_from_thing(feature->arg.aead);
+			break;
 		case FEATURE_SIGNER:
+			data = chunk_from_thing(feature->arg.signer);
+			break;
 		case FEATURE_HASHER:
+			data = chunk_from_thing(feature->arg.hasher);
+			break;
 		case FEATURE_PRF:
+			data = chunk_from_thing(feature->arg.prf);
+			break;
 		case FEATURE_DH:
+			data = chunk_from_thing(feature->arg.dh_group);
+			break;
 		case FEATURE_PRIVKEY:
+			data = chunk_from_thing(feature->arg.privkey);
+			break;
 		case FEATURE_PRIVKEY_GEN:
+			data = chunk_from_thing(feature->arg.privkey_gen);
+			break;
 		case FEATURE_PUBKEY:
+			data = chunk_from_thing(feature->arg.pubkey);
+			break;
 		case FEATURE_PRIVKEY_SIGN:
+			data = chunk_from_thing(feature->arg.privkey_sign);
+			break;
 		case FEATURE_PUBKEY_VERIFY:
+			data = chunk_from_thing(feature->arg.pubkey_verify);
+			break;
 		case FEATURE_PRIVKEY_DECRYPT:
+			data = chunk_from_thing(feature->arg.privkey_decrypt);
+			break;
 		case FEATURE_PUBKEY_ENCRYPT:
+			data = chunk_from_thing(feature->arg.pubkey_encrypt);
+			break;
 		case FEATURE_CERT_DECODE:
 		case FEATURE_CERT_ENCODE:
+			data = chunk_from_thing(feature->arg.cert);
+			break;
 		case FEATURE_CONTAINER_DECODE:
 		case FEATURE_CONTAINER_ENCODE:
+			data = chunk_from_thing(feature->arg.container);
+			break;
 		case FEATURE_EAP_SERVER:
 		case FEATURE_EAP_PEER:
-			data = chunk_from_thing(feature->arg);
+			data = chunk_from_thing(feature->arg.eap);
 			break;
 		case FEATURE_CUSTOM:
 			data = chunk_create(feature->arg.custom,
diff --git a/src/libstrongswan/plugins/plugin_loader.c b/src/libstrongswan/plugins/plugin_loader.c
index 08a8442ea..487fafa01 100644
--- a/src/libstrongswan/plugins/plugin_loader.c
+++ b/src/libstrongswan/plugins/plugin_loader.c
@@ -1047,6 +1047,7 @@ static char *modular_pluginlist(char *list)
 
 	array_sort(final, (void*)plugin_priority_cmp, NULL);
 
+	plugins = strdup("");
 	enumerator = array_create_enumerator(final);
 	while (enumerator->enumerate(enumerator, &current))
 	{
diff --git a/src/libstrongswan/plugins/pubkey/Makefile.in b/src/libstrongswan/plugins/pubkey/Makefile.in
index 803eeab44..6f00e7eb1 100644
--- a/src/libstrongswan/plugins/pubkey/Makefile.in
+++ b/src/libstrongswan/plugins/pubkey/Makefile.in
@@ -372,7 +372,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/random/Makefile.in b/src/libstrongswan/plugins/random/Makefile.in
index 0efe24cb7..59f062dd2 100644
--- a/src/libstrongswan/plugins/random/Makefile.in
+++ b/src/libstrongswan/plugins/random/Makefile.in
@@ -372,7 +372,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/rc2/Makefile.in b/src/libstrongswan/plugins/rc2/Makefile.in
index afcbc07eb..b820d1211 100644
--- a/src/libstrongswan/plugins/rc2/Makefile.in
+++ b/src/libstrongswan/plugins/rc2/Makefile.in
@@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/rdrand/Makefile.in b/src/libstrongswan/plugins/rdrand/Makefile.in
index 88b283e87..db926c545 100644
--- a/src/libstrongswan/plugins/rdrand/Makefile.in
+++ b/src/libstrongswan/plugins/rdrand/Makefile.in
@@ -372,7 +372,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/revocation/Makefile.in b/src/libstrongswan/plugins/revocation/Makefile.in
index 745ee83e7..cfdd7e8b6 100644
--- a/src/libstrongswan/plugins/revocation/Makefile.in
+++ b/src/libstrongswan/plugins/revocation/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/revocation/revocation_validator.c b/src/libstrongswan/plugins/revocation/revocation_validator.c
index c8ec3f723..9fd5b2a22 100644
--- a/src/libstrongswan/plugins/revocation/revocation_validator.c
+++ b/src/libstrongswan/plugins/revocation/revocation_validator.c
@@ -93,40 +93,92 @@ static certificate_t *fetch_ocsp(char *url, certificate_t *subject,
 /**
  * check the signature of an OCSP response
  */
-static bool verify_ocsp(ocsp_response_t *response, auth_cfg_t *auth)
+static bool verify_ocsp(ocsp_response_t *response, certificate_t *ca)
 {
 	certificate_t *issuer, *subject;
 	identification_t *responder;
 	ocsp_response_wrapper_t *wrapper;
 	enumerator_t *enumerator;
-	auth_cfg_t *current;
-	bool verified = FALSE;
+	x509_t *x509;
+	bool verified = FALSE, found = FALSE;
 
 	wrapper = ocsp_response_wrapper_create((ocsp_response_t*)response);
 	lib->credmgr->add_local_set(lib->credmgr, &wrapper->set, FALSE);
 
 	subject = &response->certificate;
 	responder = subject->get_issuer(subject);
-	enumerator = lib->credmgr->create_trusted_enumerator(lib->credmgr,
+
+	/* check OCSP response using CA or directly delegated OCSP signer */
+	enumerator = lib->credmgr->create_cert_enumerator(lib->credmgr, CERT_X509,
 													KEY_ANY, responder, FALSE);
-	while (enumerator->enumerate(enumerator, &issuer, &current))
+	while (enumerator->enumerate(enumerator, &issuer))
 	{
+		x509 = (x509_t*)issuer;
+		if (!issuer->get_validity(issuer, NULL, NULL, NULL))
+		{	/* OCSP signer currently invalid */
+			continue;
+		}
+		if (!ca->equals(ca, issuer))
+		{	/* delegated OCSP signer? */
+			if (!lib->credmgr->issued_by(lib->credmgr, issuer, ca, NULL))
+			{	/* OCSP response not signed by CA, nor delegated OCSP signer */
+				continue;
+			}
+			if (!(x509->get_flags(x509) & X509_OCSP_SIGNER))
+			{	/* delegated OCSP signer does not have OCSP signer flag */
+				continue;
+			}
+		}
+		found = TRUE;
 		if (lib->credmgr->issued_by(lib->credmgr, subject, issuer, NULL))
 		{
 			DBG1(DBG_CFG, "  ocsp response correctly signed by \"%Y\"",
-							 issuer->get_subject(issuer));
-			if (auth)
-			{
-				auth->merge(auth, current, FALSE);
-			}
+				 issuer->get_subject(issuer));
 			verified = TRUE;
 			break;
 		}
+		DBG1(DBG_CFG, "ocsp response verification failed, "
+			 "invalid signature");
 	}
 	enumerator->destroy(enumerator);
 
+	if (!verified)
+	{
+		/* as fallback, use any locally installed OCSP signer certificate */
+		enumerator = lib->credmgr->create_cert_enumerator(lib->credmgr,
+										CERT_X509, KEY_ANY, responder, TRUE);
+		while (enumerator->enumerate(enumerator, &issuer))
+		{
+			x509 = (x509_t*)issuer;
+			/* while issued_by() accepts both OCSP signer or CA basic
+			 * constraint flags to verify OCSP responses, unrelated but trusted
+			 * OCSP signers must explicitly have the OCSP signer flag set. */
+			if ((x509->get_flags(x509) & X509_OCSP_SIGNER) &&
+				issuer->get_validity(issuer, NULL, NULL, NULL))
+			{
+				found = TRUE;
+				if (lib->credmgr->issued_by(lib->credmgr, subject, issuer, NULL))
+				{
+					DBG1(DBG_CFG, "  ocsp response correctly signed by \"%Y\"",
+						 issuer->get_subject(issuer));
+					verified = TRUE;
+					break;
+				}
+				DBG1(DBG_CFG, "ocsp response verification failed, "
+					 "invalid signature");
+			}
+		}
+		enumerator->destroy(enumerator);
+	}
+
 	lib->credmgr->remove_local_set(lib->credmgr, &wrapper->set);
 	wrapper->destroy(wrapper);
+
+	if (!found)
+	{
+		DBG1(DBG_CFG, "ocsp response verification failed, "
+			 "no signer certificate '%Y' found", responder);
+	}
 	return verified;
 }
 
@@ -134,8 +186,8 @@ static bool verify_ocsp(ocsp_response_t *response, auth_cfg_t *auth)
  * Get the better of two OCSP responses, and check for usable OCSP info
  */
 static certificate_t *get_better_ocsp(certificate_t *cand, certificate_t *best,
-					x509_t *subject, x509_t *issuer, cert_validation_t *valid,
-					auth_cfg_t *auth, bool cache)
+									  x509_t *subject, x509_t *issuer,
+									  cert_validation_t *valid, bool cache)
 {
 	ocsp_response_t *response;
 	time_t revocation, this_update, next_update, valid_until;
@@ -145,9 +197,8 @@ static certificate_t *get_better_ocsp(certificate_t *cand, certificate_t *best,
 	response = (ocsp_response_t*)cand;
 
 	/* check ocsp signature */
-	if (!verify_ocsp(response, auth))
+	if (!verify_ocsp(response, &issuer->interface))
 	{
-		DBG1(DBG_CFG, "ocsp response verification failed");
 		cand->destroy(cand);
 		return best;
 	}
@@ -226,8 +277,7 @@ static cert_validation_t check_ocsp(x509_t *subject, x509_t *issuer,
 	while (enumerator->enumerate(enumerator, &current))
 	{
 		current->get_ref(current);
-		best = get_better_ocsp(current, best, subject, issuer,
-							   &valid, auth, FALSE);
+		best = get_better_ocsp(current, best, subject, issuer, &valid, FALSE);
 		if (best && valid != VALIDATION_STALE)
 		{
 			DBG1(DBG_CFG, "  using cached ocsp response");
@@ -254,7 +304,7 @@ static cert_validation_t check_ocsp(x509_t *subject, x509_t *issuer,
 			if (current)
 			{
 				best = get_better_ocsp(current, best, subject, issuer,
-									   &valid, auth, TRUE);
+									   &valid, TRUE);
 				if (best && valid != VALIDATION_STALE)
 				{
 					break;
@@ -276,7 +326,7 @@ static cert_validation_t check_ocsp(x509_t *subject, x509_t *issuer,
 			if (current)
 			{
 				best = get_better_ocsp(current, best, subject, issuer,
-									   &valid, auth, TRUE);
+									   &valid, TRUE);
 				if (best && valid != VALIDATION_STALE)
 				{
 					break;
@@ -330,25 +380,20 @@ static certificate_t* fetch_crl(char *url)
 /**
  * check the signature of an CRL
  */
-static bool verify_crl(certificate_t *crl, auth_cfg_t *auth)
+static bool verify_crl(certificate_t *crl)
 {
 	certificate_t *issuer;
 	enumerator_t *enumerator;
 	bool verified = FALSE;
-	auth_cfg_t *current;
 
 	enumerator = lib->credmgr->create_trusted_enumerator(lib->credmgr,
 										KEY_ANY, crl->get_issuer(crl), FALSE);
-	while (enumerator->enumerate(enumerator, &issuer, &current))
+	while (enumerator->enumerate(enumerator, &issuer, NULL))
 	{
 		if (lib->credmgr->issued_by(lib->credmgr, crl, issuer, NULL))
 		{
 			DBG1(DBG_CFG, "  crl correctly signed by \"%Y\"",
 						   issuer->get_subject(issuer));
-			if (auth)
-			{
-				auth->merge(auth, current, FALSE);
-			}
 			verified = TRUE;
 			break;
 		}
@@ -362,7 +407,7 @@ static bool verify_crl(certificate_t *crl, auth_cfg_t *auth)
  * Get the better of two CRLs, and check for usable CRL info
  */
 static certificate_t *get_better_crl(certificate_t *cand, certificate_t *best,
-					x509_t *subject, cert_validation_t *valid, auth_cfg_t *auth,
+					x509_t *subject, cert_validation_t *valid,
 					bool cache, crl_t *base)
 {
 	enumerator_t *enumerator;
@@ -390,7 +435,7 @@ static certificate_t *get_better_crl(certificate_t *cand, certificate_t *best,
 	}
 
 	/* check CRL signature */
-	if (!verify_crl(cand, auth))
+	if (!verify_crl(cand))
 	{
 		DBG1(DBG_CFG, "crl response verification failed");
 		cand->destroy(cand);
@@ -452,8 +497,8 @@ static certificate_t *get_better_crl(certificate_t *cand, certificate_t *best,
  * Find or fetch a certificate for a given crlIssuer
  */
 static cert_validation_t find_crl(x509_t *subject, identification_t *issuer,
-								  auth_cfg_t *auth, crl_t *base,
-								  certificate_t **best, bool *uri_found)
+								  crl_t *base, certificate_t **best,
+								  bool *uri_found)
 {
 	cert_validation_t valid = VALIDATION_SKIPPED;
 	enumerator_t *enumerator;
@@ -466,8 +511,7 @@ static cert_validation_t find_crl(x509_t *subject, identification_t *issuer,
 	while (enumerator->enumerate(enumerator, &current))
 	{
 		current->get_ref(current);
-		*best = get_better_crl(current, *best, subject, &valid,
-							   auth, FALSE, base);
+		*best = get_better_crl(current, *best, subject, &valid, FALSE, base);
 		if (*best && valid != VALIDATION_STALE)
 		{
 			DBG1(DBG_CFG, "  using cached crl");
@@ -495,7 +539,7 @@ static cert_validation_t find_crl(x509_t *subject, identification_t *issuer,
 					continue;
 				}
 				*best = get_better_crl(current, *best, subject,
-									   &valid, auth, TRUE, base);
+									   &valid, TRUE, base);
 				if (*best && valid != VALIDATION_STALE)
 				{
 					break;
@@ -511,7 +555,7 @@ static cert_validation_t find_crl(x509_t *subject, identification_t *issuer,
  * Look for a delta CRL for a given base CRL
  */
 static cert_validation_t check_delta_crl(x509_t *subject, x509_t *issuer,
-					crl_t *base, cert_validation_t base_valid, auth_cfg_t *auth)
+									crl_t *base, cert_validation_t base_valid)
 {
 	cert_validation_t valid = VALIDATION_SKIPPED;
 	certificate_t *best = NULL, *current;
@@ -526,7 +570,7 @@ static cert_validation_t check_delta_crl(x509_t *subject, x509_t *issuer,
 	if (chunk.len)
 	{
 		id = identification_create_from_encoding(ID_KEY_ID, chunk);
-		valid = find_crl(subject, id, auth, base, &best, &uri);
+		valid = find_crl(subject, id, base, &best, &uri);
 		id->destroy(id);
 	}
 
@@ -537,7 +581,7 @@ static cert_validation_t check_delta_crl(x509_t *subject, x509_t *issuer,
 	{
 		if (cdp->issuer)
 		{
-			valid = find_crl(subject, cdp->issuer, auth, base, &best, &uri);
+			valid = find_crl(subject, cdp->issuer, base, &best, &uri);
 		}
 	}
 	enumerator->destroy(enumerator);
@@ -558,8 +602,7 @@ static cert_validation_t check_delta_crl(x509_t *subject, x509_t *issuer,
 				current->destroy(current);
 				continue;
 			}
-			best = get_better_crl(current, best, subject, &valid,
-								  auth, TRUE, base);
+			best = get_better_crl(current, best, subject, &valid, TRUE, base);
 			if (best && valid != VALIDATION_STALE)
 			{
 				break;
@@ -576,7 +619,6 @@ static cert_validation_t check_delta_crl(x509_t *subject, x509_t *issuer,
 	return base_valid;
 }
 
-
 /**
  * validate a x509 certificate using CRL
  */
@@ -597,7 +639,7 @@ static cert_validation_t check_crl(x509_t *subject, x509_t *issuer,
 	if (chunk.len)
 	{
 		id = identification_create_from_encoding(ID_KEY_ID, chunk);
-		valid = find_crl(subject, id, auth, NULL, &best, &uri_found);
+		valid = find_crl(subject, id, NULL, &best, &uri_found);
 		id->destroy(id);
 	}
 
@@ -608,8 +650,7 @@ static cert_validation_t check_crl(x509_t *subject, x509_t *issuer,
 	{
 		if (cdp->issuer)
 		{
-			valid = find_crl(subject, cdp->issuer, auth, NULL,
-							 &best, &uri_found);
+			valid = find_crl(subject, cdp->issuer, NULL, &best, &uri_found);
 		}
 	}
 	enumerator->destroy(enumerator);
@@ -633,7 +674,7 @@ static cert_validation_t check_crl(x509_t *subject, x509_t *issuer,
 					continue;
 				}
 				best = get_better_crl(current, best, subject, &valid,
-									  auth, TRUE, NULL);
+									  TRUE, NULL);
 				if (best && valid != VALIDATION_STALE)
 				{
 					break;
@@ -646,7 +687,7 @@ static cert_validation_t check_crl(x509_t *subject, x509_t *issuer,
 	/* look for delta CRLs */
 	if (best && (valid == VALIDATION_GOOD || valid == VALIDATION_STALE))
 	{
-		valid = check_delta_crl(subject, issuer, (crl_t*)best, valid, auth);
+		valid = check_delta_crl(subject, issuer, (crl_t*)best, valid);
 	}
 
 	/* an uri was found, but no result. switch validation state to failed */
diff --git a/src/libstrongswan/plugins/sha1/Makefile.in b/src/libstrongswan/plugins/sha1/Makefile.in
index e57eb78ab..4f9d24a7e 100644
--- a/src/libstrongswan/plugins/sha1/Makefile.in
+++ b/src/libstrongswan/plugins/sha1/Makefile.in
@@ -371,7 +371,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/sha2/Makefile.in b/src/libstrongswan/plugins/sha2/Makefile.in
index c044178b9..ddc287522 100644
--- a/src/libstrongswan/plugins/sha2/Makefile.in
+++ b/src/libstrongswan/plugins/sha2/Makefile.in
@@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/soup/Makefile.in b/src/libstrongswan/plugins/soup/Makefile.in
index cc16ef5cb..2ba05f71e 100644
--- a/src/libstrongswan/plugins/soup/Makefile.in
+++ b/src/libstrongswan/plugins/soup/Makefile.in
@@ -371,7 +371,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/sqlite/Makefile.in b/src/libstrongswan/plugins/sqlite/Makefile.in
index c428b883f..2cbacddf1 100644
--- a/src/libstrongswan/plugins/sqlite/Makefile.in
+++ b/src/libstrongswan/plugins/sqlite/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/sshkey/Makefile.in b/src/libstrongswan/plugins/sshkey/Makefile.in
index 3c9926acc..6bd82503d 100644
--- a/src/libstrongswan/plugins/sshkey/Makefile.in
+++ b/src/libstrongswan/plugins/sshkey/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/test_vectors/Makefile.in b/src/libstrongswan/plugins/test_vectors/Makefile.in
index a1439f6ea..7443f531c 100644
--- a/src/libstrongswan/plugins/test_vectors/Makefile.in
+++ b/src/libstrongswan/plugins/test_vectors/Makefile.in
@@ -387,7 +387,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors.h b/src/libstrongswan/plugins/test_vectors/test_vectors.h
index 788baae57..33c13d9f4 100644
--- a/src/libstrongswan/plugins/test_vectors/test_vectors.h
+++ b/src/libstrongswan/plugins/test_vectors/test_vectors.h
@@ -88,11 +88,18 @@ TEST_VECTOR_AEAD(aes_ccm10)
 TEST_VECTOR_AEAD(aes_ccm11)
 TEST_VECTOR_AEAD(aes_gcm1)
 TEST_VECTOR_AEAD(aes_gcm2)
-TEST_VECTOR_AEAD(aes_gcm3)
+TEST_VECTOR_AEAD(aes_gcm3_1)
+TEST_VECTOR_AEAD(aes_gcm3_2)
+TEST_VECTOR_AEAD(aes_gcm3_3)
 TEST_VECTOR_AEAD(aes_gcm4)
-TEST_VECTOR_AEAD(aes_gcm5)
-TEST_VECTOR_AEAD(aes_gcm6)
 TEST_VECTOR_AEAD(aes_gcm7)
+TEST_VECTOR_AEAD(aes_gcm8)
+TEST_VECTOR_AEAD(aes_gcm9)
+TEST_VECTOR_AEAD(aes_gcm10)
+TEST_VECTOR_AEAD(aes_gcm13)
+TEST_VECTOR_AEAD(aes_gcm14)
+TEST_VECTOR_AEAD(aes_gcm15)
+TEST_VECTOR_AEAD(aes_gcm16)
 
 TEST_VECTOR_SIGNER(aes_xcbc_s1)
 TEST_VECTOR_SIGNER(aes_xcbc_s2)
diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/aes_ccm.c b/src/libstrongswan/plugins/test_vectors/test_vectors/aes_ccm.c
index 8de180ad5..95c41ecbc 100644
--- a/src/libstrongswan/plugins/test_vectors/test_vectors/aes_ccm.c
+++ b/src/libstrongswan/plugins/test_vectors/test_vectors/aes_ccm.c
@@ -21,7 +21,8 @@
  * originally from "fips cavs fax files on hand at Red Hat".
  */
 aead_test_vector_t aes_ccm1 = {
-	.alg = ENCR_AES_CCM_ICV16, .key_size = 16, .len = 32, .alen = 0,
+	.alg = ENCR_AES_CCM_ICV16, .key_size = 16, .salt_size = 3,
+	.len = 32, .alen = 0,
 	.key	= "\x83\xac\x54\x66\xc2\xeb\xe5\x05\x2e\x01\xd1\xfc\x5d\x82\x66\x2e"
 			  "\x96\xac\x59",
 	.iv		= "\x30\x07\xa1\xe2\xa2\xc7\x55\x24",
@@ -33,7 +34,8 @@ aead_test_vector_t aes_ccm1 = {
 };
 
 aead_test_vector_t aes_ccm2 = {
-	.alg = ENCR_AES_CCM_ICV16, .key_size = 16, .len = 32, .alen = 32,
+	.alg = ENCR_AES_CCM_ICV16, .key_size = 16, .salt_size = 3,
+	.len = 32, .alen = 32,
 	.key	= "\x1e\x2c\x7e\x01\x41\x9a\xef\xc0\x0d\x58\x96\x6e\x5c\xa2\x4b\xd3"
 			  "\x4f\xa3\x19",
 	.iv		= "\xd3\x01\x5a\xd8\x30\x60\x15\x56",
@@ -47,7 +49,8 @@ aead_test_vector_t aes_ccm2 = {
 };
 
 aead_test_vector_t aes_ccm3 = {
-	.alg = ENCR_AES_CCM_ICV16, .key_size = 24, .len = 0, .alen = 32,
+	.alg = ENCR_AES_CCM_ICV16, .key_size = 24, .salt_size = 3,
+	.len = 0, .alen = 32,
 	.key	= "\xf4\x6b\xc2\x75\x62\xfe\xb4\xe1\xa3\xf0\xff\xdd\x4e\x4b\x12\x75"
 			  "\x53\x14\x73\x66\x8d\x88\xf6\x80\xa0\x20\x35",
 	.iv		= "\x26\xf2\x21\x8d\x50\x20\xda\xe2",
@@ -57,7 +60,8 @@ aead_test_vector_t aes_ccm3 = {
 };
 
 aead_test_vector_t aes_ccm4 = {
-	.alg = ENCR_AES_CCM_ICV16, .key_size = 24, .len = 32, .alen = 32,
+	.alg = ENCR_AES_CCM_ICV16, .key_size = 24, .salt_size = 3,
+	.len = 32, .alen = 32,
 	.key	= "\x56\xdf\x5c\x8f\x26\x3f\x0e\x42\xef\x7a\xd3\xce\xfc\x84\x60\x62"
 			  "\xca\xb4\x40\xaf\x5f\xc9\xc9\x01\xd6\x3c\x8c",
 	.iv		= "\x86\x84\xb6\xcd\xef\x09\x2e\x94",
@@ -71,7 +75,8 @@ aead_test_vector_t aes_ccm4 = {
 };
 
 aead_test_vector_t aes_ccm5 = {
-	.alg = ENCR_AES_CCM_ICV8, .key_size = 32, .len = 32, .alen = 32,
+	.alg = ENCR_AES_CCM_ICV8, .key_size = 32, .salt_size = 3,
+	.len = 32, .alen = 32,
 	.key	= "\xe0\x8d\x99\x71\x60\xd7\x97\x1a\xbd\x01\x99\xd5\x8a\xdf\x71\x3a"
 			  "\xd3\xdf\x24\x4b\x5e\x3d\x4b\x4e\x30\x7a\xb9\xd8\x53\x0a\x5e\x2b"
 			  "\x1e\x29\x91",
@@ -86,7 +91,8 @@ aead_test_vector_t aes_ccm5 = {
 };
 
 aead_test_vector_t aes_ccm6 = {
-	.alg = ENCR_AES_CCM_ICV12, .key_size = 32, .len = 32, .alen = 32,
+	.alg = ENCR_AES_CCM_ICV12, .key_size = 32, .salt_size = 3,
+	.len = 32, .alen = 32,
 	.key	= "\x7c\xc8\x18\x3b\x8d\x99\xe0\x7c\x45\x41\xb8\xbd\x5c\xa7\xc2\x32"
 			  "\x8a\xb8\x02\x59\xa4\xfe\xa9\x2c\x09\x75\x9a\x9b\x3c\x9b\x27\x39"
 			  "\xf9\xd9\x4e",
@@ -101,7 +107,8 @@ aead_test_vector_t aes_ccm6 = {
 };
 
 aead_test_vector_t aes_ccm7 = {
-	.alg = ENCR_AES_CCM_ICV16, .key_size = 32, .len = 32, .alen = 32,
+	.alg = ENCR_AES_CCM_ICV16, .key_size = 32, .salt_size = 3,
+	.len = 32, .alen = 32,
 	.key	= "\xab\xd0\xe9\x33\x07\x26\xe5\x83\x8c\x76\x95\xd4\xb6\xdc\xf3\x46"
 			  "\xf9\x8f\xad\xe3\x02\x13\x83\x77\x3f\xb0\xf1\xa1\xa1\x22\x0f\x2b"
 			  "\x24\xa7\x8b",
@@ -116,7 +123,8 @@ aead_test_vector_t aes_ccm7 = {
 };
 
 aead_test_vector_t aes_ccm8 = {
-	.alg = ENCR_AES_CCM_ICV8, .key_size = 16, .len = 0, .alen = 0,
+	.alg = ENCR_AES_CCM_ICV8, .key_size = 16, .salt_size = 3,
+	.len = 0, .alen = 0,
 	.key	= "\xab\x2f\x8a\x74\xb7\x1c\xd2\xb1\xff\x80\x2e\x48\x7d\x82\xf8\xb9"
 			  "\xaf\x94\x87",
 	.iv		= "\x78\x35\x82\x81\x7f\x88\x94\x68",
@@ -124,7 +132,8 @@ aead_test_vector_t aes_ccm8 = {
 };
 
 aead_test_vector_t aes_ccm9 = {
-	.alg = ENCR_AES_CCM_ICV8, .key_size = 24, .len = 0, .alen = 32,
+	.alg = ENCR_AES_CCM_ICV8, .key_size = 24, .salt_size = 3,
+	.len = 0, .alen = 32,
 	.key	= "\x39\xbb\xa7\xbe\x59\x97\x9e\x73\xa2\xbc\x6b\x98\xd7\x75\x7f\xe3"
 			  "\xa4\x48\x93\x39\x26\x71\x4a\xc6\xee\x49\x83",
 	.iv		= "\xe9\xa9\xff\xe9\x57\xba\xfd\x9e",
@@ -134,7 +143,8 @@ aead_test_vector_t aes_ccm9 = {
 };
 
 aead_test_vector_t aes_ccm10 = {
-	.alg = ENCR_AES_CCM_ICV8, .key_size = 32, .len = 0, .alen = 0,
+	.alg = ENCR_AES_CCM_ICV8, .key_size = 32, .salt_size = 3,
+	.len = 0, .alen = 0,
 	.key	= "\xa4\x4b\x54\x29\x0a\xb8\x6d\x01\x5b\x80\x2a\xcf\x25\xc4\xb7\x5c"
 			  "\x20\x2c\xad\x30\xc2\x2b\x41\xfb\x0e\x85\xbc\x33\xad\x0f\x2b\xff"
 			  "\xee\x49\x83",
@@ -143,7 +153,8 @@ aead_test_vector_t aes_ccm10 = {
 };
 
 aead_test_vector_t aes_ccm11 = {
-	.alg = ENCR_AES_CCM_ICV8, .key_size = 24, .len = 32, .alen = 32,
+	.alg = ENCR_AES_CCM_ICV8, .key_size = 24, .salt_size = 3,
+	.len = 32, .alen = 32,
 	.key	= "\x58\x5d\xa0\x96\x65\x1a\x04\xd7\x96\xe5\xc5\x68\xaa\x95\x35\xe0"
 			  "\x29\xa0\xba\x9e\x48\x78\xd1\xba\xee\x49\x83",
 	.iv		= "\xe9\xa9\xff\xe9\x57\xba\xfd\x9e",
diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/aes_gcm.c b/src/libstrongswan/plugins/test_vectors/test_vectors/aes_gcm.c
index 7534633e1..1f33bcbd5 100644
--- a/src/libstrongswan/plugins/test_vectors/test_vectors/aes_gcm.c
+++ b/src/libstrongswan/plugins/test_vectors/test_vectors/aes_gcm.c
@@ -16,11 +16,37 @@
 #include <crypto/crypto_tester.h>
 
 /**
- * From the Linux kernel, those with an IV. Originally from
- * McGrew & Viega - http://citeseer.ist.psu.edu/656989.html
+ * From McGrew & Viega
+ * http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf
+ * Formatted to match our API which expects the first four bytes (salt) of the
+ * IV as part of the key and writes/expects the ICV at the end of the cipher
+ * text.
+ * Since our implementations are currently limited to IV lengths of 12 (IV=8,
+ * SALT=4 as per RFC 4106/5282) the test cases 5/6, 11/12 and 17/18 aren't
+ * compatible.
  */
 aead_test_vector_t aes_gcm1 = {
-	.alg = ENCR_AES_GCM_ICV8, .key_size = 16, .len = 64, .alen = 0,
+	.alg = ENCR_AES_GCM_ICV16, .key_size = 16, .salt_size = 4,
+	.len = 0, .alen = 0,
+	.key	= "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+			  "\x00\x00\x00\x00",
+	.iv		= "\x00\x00\x00\x00\x00\x00\x00\x00",
+	.plain	= "",
+	.cipher	= "\x58\xe2\xfc\xce\xfa\x7e\x30\x61\x36\x7f\x1d\x57\xa4\xe7\x45\x5a",
+};
+aead_test_vector_t aes_gcm2 = {
+	.alg = ENCR_AES_GCM_ICV16, .key_size = 16, .salt_size = 4,
+	.len = 16, .alen = 0,
+	.key	= "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+			  "\x00\x00\x00\x00",
+	.iv		= "\x00\x00\x00\x00\x00\x00\x00\x00",
+	.plain	= "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+	.cipher	= "\x03\x88\xda\xce\x60\xb6\xa3\x92\xf3\x28\xc2\xb9\x71\xb2\xfe\x78"
+			  "\xab\x6e\x47\xd4\x2c\xec\x13\xbd\xf5\x3a\x67\xb2\x12\x57\xbd\xdf",
+};
+aead_test_vector_t aes_gcm3_1 = {
+	.alg = ENCR_AES_GCM_ICV8, .key_size = 16, .salt_size = 4,
+	.len = 64, .alen = 0,
 	.key	= "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08"
 			  "\xca\xfe\xba\xbe",
 	.iv		= "\xfa\xce\xdb\xad\xde\xca\xf8\x88",
@@ -34,9 +60,9 @@ aead_test_vector_t aes_gcm1 = {
 			  "\x1b\xa3\x0b\x39\x6a\x0a\xac\x97\x3d\x58\xe0\x91\x47\x3f\x59\x85"
 			  "\x4d\x5c\x2a\xf3\x27\xcd\x64\xa6",
 };
-
-aead_test_vector_t aes_gcm2 = {
-	.alg = ENCR_AES_GCM_ICV12, .key_size = 16, .len = 64, .alen = 0,
+aead_test_vector_t aes_gcm3_2 = {
+	.alg = ENCR_AES_GCM_ICV12, .key_size = 16, .salt_size = 4,
+	.len = 64, .alen = 0,
 	.key	= "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08"
 			  "\xca\xfe\xba\xbe",
 	.iv		= "\xfa\xce\xdb\xad\xde\xca\xf8\x88",
@@ -50,9 +76,9 @@ aead_test_vector_t aes_gcm2 = {
 			  "\x1b\xa3\x0b\x39\x6a\x0a\xac\x97\x3d\x58\xe0\x91\x47\x3f\x59\x85"
 			  "\x4d\x5c\x2a\xf3\x27\xcd\x64\xa6\x2c\xf3\x5a\xbd",
 };
-
-aead_test_vector_t aes_gcm3 = {
-	.alg = ENCR_AES_GCM_ICV16, .key_size = 16, .len = 64, .alen = 0,
+aead_test_vector_t aes_gcm3_3 = {
+	.alg = ENCR_AES_GCM_ICV16, .key_size = 16, .salt_size = 4,
+	.len = 64, .alen = 0,
 	.key	= "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08"
 			  "\xca\xfe\xba\xbe",
 	.iv		= "\xfa\xce\xdb\xad\xde\xca\xf8\x88",
@@ -66,9 +92,9 @@ aead_test_vector_t aes_gcm3 = {
 			  "\x1b\xa3\x0b\x39\x6a\x0a\xac\x97\x3d\x58\xe0\x91\x47\x3f\x59\x85"
 			  "\x4d\x5c\x2a\xf3\x27\xcd\x64\xa6\x2c\xf3\x5a\xbd\x2b\xa6\xfa\xb4",
 };
-
 aead_test_vector_t aes_gcm4 = {
-	.alg = ENCR_AES_GCM_ICV16, .key_size = 16, .len = 60, .alen = 20,
+	.alg = ENCR_AES_GCM_ICV16, .key_size = 16, .salt_size = 4,
+	.len = 60, .alen = 20,
 	.key	= "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08"
 			  "\xca\xfe\xba\xbe",
 	.iv		= "\xfa\xce\xdb\xad\xde\xca\xf8\x88",
@@ -84,9 +110,28 @@ aead_test_vector_t aes_gcm4 = {
 			  "\x1b\xa3\x0b\x39\x6a\x0a\xac\x97\x3d\x58\xe0\x91\x5b\xc9\x4f\xbc"
 			  "\x32\x21\xa5\xdb\x94\xfa\xe9\x5a\xe7\x12\x1a\x47",
 };
-
-aead_test_vector_t aes_gcm5 = {
-	.alg = ENCR_AES_GCM_ICV16, .key_size = 24, .len = 64, .alen = 0,
+aead_test_vector_t aes_gcm7 = {
+	.alg = ENCR_AES_GCM_ICV16, .key_size = 24, .salt_size = 4,
+	.len = 0, .alen = 0,
+	.key	= "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+			  "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+	.iv		= "\x00\x00\x00\x00\x00\x00\x00\x00",
+	.plain	= "",
+	.cipher	= "\xcd\x33\xb2\x8a\xc7\x73\xf7\x4b\xa0\x0e\xd1\xf3\x12\x57\x24\x35",
+};
+aead_test_vector_t aes_gcm8 = {
+	.alg = ENCR_AES_GCM_ICV16, .key_size = 24, .salt_size = 4,
+	.len = 16, .alen = 0,
+	.key	= "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+			  "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+	.iv		= "\x00\x00\x00\x00\x00\x00\x00\x00",
+	.plain	= "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+	.cipher	= "\x98\xe7\x24\x7c\x07\xf0\xfe\x41\x1c\x26\x7e\x43\x84\xb0\xf6\x00"
+			  "\x2f\xf5\x8d\x80\x03\x39\x27\xab\x8e\xf4\xd4\x58\x75\x14\xf0\xfb",
+};
+aead_test_vector_t aes_gcm9 = {
+	.alg = ENCR_AES_GCM_ICV16, .key_size = 24, .salt_size = 4,
+	.len = 64, .alen = 0,
 	.key	= "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08"
 			  "\xfe\xff\xe9\x92\x86\x65\x73\x1c\xca\xfe\xba\xbe",
 	.iv		= "\xfa\xce\xdb\xad\xde\xca\xf8\x88",
@@ -100,9 +145,48 @@ aead_test_vector_t aes_gcm5 = {
 			  "\x18\xe2\x44\x8b\x2f\xe3\x24\xd9\xcc\xda\x27\x10\xac\xad\xe2\x56"
 			  "\x99\x24\xa7\xc8\x58\x73\x36\xbf\xb1\x18\x02\x4d\xb8\x67\x4a\x14",
 };
-
-aead_test_vector_t aes_gcm6 = {
-	.alg = ENCR_AES_GCM_ICV16, .key_size = 32, .len = 64, .alen = 0,
+aead_test_vector_t aes_gcm10 = {
+	.alg = ENCR_AES_GCM_ICV16, .key_size = 24, .salt_size = 4,
+	.len = 60, .alen = 20,
+	.key	= "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08"
+			  "\xfe\xff\xe9\x92\x86\x65\x73\x1c\xca\xfe\xba\xbe",
+	.iv		= "\xfa\xce\xdb\xad\xde\xca\xf8\x88",
+	.plain	= "\xd9\x31\x32\x25\xf8\x84\x06\xe5\xa5\x59\x09\xc5\xaf\xf5\x26\x9a"
+			  "\x86\xa7\xa9\x53\x15\x34\xf7\xda\x2e\x4c\x30\x3d\x8a\x31\x8a\x72"
+			  "\x1c\x3c\x0c\x95\x95\x68\x09\x53\x2f\xcf\x0e\x24\x49\xa6\xb5\x25"
+			  "\xb1\x6a\xed\xf5\xaa\x0d\xe6\x57\xba\x63\x7b\x39",
+	.adata	= "\xfe\xed\xfa\xce\xde\xad\xbe\xef\xfe\xed\xfa\xce\xde\xad\xbe\xef"
+			  "\xab\xad\xda\xd2",
+	.cipher = "\x39\x80\xca\x0b\x3c\x00\xe8\x41\xeb\x06\xfa\xc4\x87\x2a\x27\x57"
+			  "\x85\x9e\x1c\xea\xa6\xef\xd9\x84\x62\x85\x93\xb4\x0c\xa1\xe1\x9c"
+			  "\x7d\x77\x3d\x00\xc1\x44\xc5\x25\xac\x61\x9d\x18\xc8\x4a\x3f\x47"
+			  "\x18\xe2\x44\x8b\x2f\xe3\x24\xd9\xcc\xda\x27\x10\x25\x19\x49\x8e"
+			  "\x80\xf1\x47\x8f\x37\xba\x55\xbd\x6d\x27\x61\x8c",
+};
+aead_test_vector_t aes_gcm13 = {
+	.alg = ENCR_AES_GCM_ICV16, .key_size = 32, .salt_size = 4,
+	.len = 0, .alen = 0,
+	.key	= "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+			  "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+			  "\x00\x00\x00\x00",
+	.iv		= "\x00\x00\x00\x00\x00\x00\x00\x00",
+	.plain	= "",
+	.cipher	= "\x53\x0f\x8a\xfb\xc7\x45\x36\xb9\xa9\x63\xb4\xf1\xc4\xcb\x73\x8b",
+};
+aead_test_vector_t aes_gcm14 = {
+	.alg = ENCR_AES_GCM_ICV16, .key_size = 32, .salt_size = 4,
+	.len = 16, .alen = 0,
+	.key	= "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+			  "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
+			  "\x00\x00\x00\x00",
+	.iv		= "\x00\x00\x00\x00\x00\x00\x00\x00",
+	.plain	= "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+	.cipher	= "\xce\xa7\x40\x3d\x4d\x60\x6b\x6e\x07\x4e\xc5\xd3\xba\xf3\x9d\x18"
+			  "\xd0\xd1\xc8\xa7\x99\x99\x6b\xf0\x26\x5b\x98\xb5\xd4\x8a\xb9\x19",
+};
+aead_test_vector_t aes_gcm15 = {
+	.alg = ENCR_AES_GCM_ICV16, .key_size = 32, .salt_size = 4,
+	.len = 64, .alen = 0,
 	.key	= "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08"
 			  "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08"
 			  "\xca\xfe\xba\xbe",
@@ -117,9 +201,9 @@ aead_test_vector_t aes_gcm6 = {
 			  "\xc5\xf6\x1e\x63\x93\xba\x7a\x0a\xbc\xc9\xf6\x62\x89\x80\x15\xad"
 			  "\xb0\x94\xda\xc5\xd9\x34\x71\xbd\xec\x1a\x50\x22\x70\xe3\xcc\x6c",
 };
-
-aead_test_vector_t aes_gcm7 = {
-	.alg = ENCR_AES_GCM_ICV16, .key_size = 32, .len = 60, .alen = 20,
+aead_test_vector_t aes_gcm16 = {
+	.alg = ENCR_AES_GCM_ICV16, .key_size = 32, .salt_size = 4,
+	.len = 60, .alen = 20,
 	.key	= "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08"
 			  "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08"
 			  "\xca\xfe\xba\xbe",
@@ -136,4 +220,3 @@ aead_test_vector_t aes_gcm7 = {
 			  "\xc5\xf6\x1e\x63\x93\xba\x7a\x0a\xbc\xc9\xf6\x62\x76\xfc\x6e\xce"
 			  "\x0f\x4e\x17\x68\xcd\xdf\x88\x53\xbb\x2d\x55\x1b",
 };
-
diff --git a/src/libstrongswan/plugins/unbound/Makefile.in b/src/libstrongswan/plugins/unbound/Makefile.in
index 961311eb0..c3c6ed6a7 100644
--- a/src/libstrongswan/plugins/unbound/Makefile.in
+++ b/src/libstrongswan/plugins/unbound/Makefile.in
@@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/x509/Makefile.in b/src/libstrongswan/plugins/x509/Makefile.in
index 74552e00b..154fc5ccd 100644
--- a/src/libstrongswan/plugins/x509/Makefile.in
+++ b/src/libstrongswan/plugins/x509/Makefile.in
@@ -372,7 +372,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/plugins/x509/x509_ac.c b/src/libstrongswan/plugins/x509/x509_ac.c
index 7d83e48ea..30b871d42 100644
--- a/src/libstrongswan/plugins/x509/x509_ac.c
+++ b/src/libstrongswan/plugins/x509/x509_ac.c
@@ -29,7 +29,6 @@
 #include <utils/identification.h>
 #include <collections/linked_list.h>
 #include <credentials/certificates/x509.h>
-#include <credentials/ietf_attributes/ietf_attributes.h>
 #include <credentials/keys/private_key.h>
 
 extern chunk_t x509_parse_authorityKeyIdentifier(chunk_t blob,
@@ -75,7 +74,7 @@ struct private_x509_ac_t {
 	/**
 	 * Serial number of the holder certificate
 	 */
-	chunk_t holderSerial;
+	identification_t *holderSerial;
 
 	/**
 	 * ID representing the holder
@@ -98,14 +97,9 @@ struct private_x509_ac_t {
 	time_t notAfter;
 
 	/**
-	 * List of charging attributes
+	 * List of group attributes, as group_t
 	 */
-	ietf_attributes_t *charging;
-
-	/**
-	 * List of groub attributes
-	 */
-	ietf_attributes_t *groups;
+	linked_list_t *groups;
 
 	/**
 	 * Authority Key Identifier
@@ -153,6 +147,25 @@ struct private_x509_ac_t {
 	refcount_t ref;
 };
 
+/**
+ * Group definition, an IETF attribute
+ */
+typedef struct {
+	/** Attribute type */
+	ac_group_type_t type;
+	/* attribute value */
+	chunk_t value;
+} group_t;
+
+/**
+ * Clean up a group entry
+ */
+static void group_destroy(group_t *group)
+{
+	free(group->value.ptr);
+	free(group);
+}
+
 static chunk_t ASN1_noRevAvail_ext = chunk_from_chars(
 	0x30, 0x09,
 		  0x06, 0x03,
@@ -169,42 +182,41 @@ extern void x509_parse_generalNames(chunk_t blob, int level0, bool implicit,
 /**
  * parses a directoryName
  */
-static bool parse_directoryName(chunk_t blob, int level, bool implicit, identification_t **name)
+static bool parse_directoryName(chunk_t blob, int level, bool implicit,
+								identification_t **name)
 {
-	bool has_directoryName;
-	linked_list_t *list = linked_list_create();
+	identification_t *directoryName;
+	enumerator_t *enumerator;
+	bool first = TRUE;
+	linked_list_t *list;
 
+	list = linked_list_create();
 	x509_parse_generalNames(blob, level, implicit, list);
-	has_directoryName = list->get_count(list) > 0;
 
-	if (has_directoryName)
+	enumerator = list->create_enumerator(list);
+	while (enumerator->enumerate(enumerator, &directoryName))
 	{
-		enumerator_t *enumerator = list->create_enumerator(list);
-		identification_t *directoryName;
-		bool first = TRUE;
-
-		while (enumerator->enumerate(enumerator, (void**)&directoryName))
+		if (first)
 		{
-			if (first)
-			{
-				*name = directoryName;
-				first = FALSE;
-			}
-			else
-			{
-				DBG1(DBG_ASN, "more than one directory name - first selected");
-				directoryName->destroy(directoryName);
-			}
+			*name = directoryName;
+			first = FALSE;
+		}
+		else
+		{
+			DBG1(DBG_ASN, "more than one directory name - first selected");
+			directoryName->destroy(directoryName);
+			break;
 		}
-		enumerator->destroy(enumerator);
 	}
-	else
+	enumerator->destroy(enumerator);
+	list->destroy(list);
+
+	if (first)
 	{
 		DBG1(DBG_ASN, "no directoryName found");
+		return FALSE;
 	}
-
-	list->destroy(list);
-	return has_directoryName;
+	return TRUE;
 }
 
 /**
@@ -244,63 +256,131 @@ static void parse_roleSyntax(chunk_t blob, int level0)
 }
 
 /**
+ * ASN.1 definition of ietfAttrSyntax
+ */
+static const asn1Object_t ietfAttrSyntaxObjects[] =
+{
+	{ 0, "ietfAttrSyntax",		ASN1_SEQUENCE,		ASN1_NONE }, /*  0 */
+	{ 1,   "policyAuthority",	ASN1_CONTEXT_C_0,	ASN1_OPT |
+													ASN1_BODY }, /*  1 */
+	{ 1,   "end opt",			ASN1_EOC,			ASN1_END  }, /*  2 */
+	{ 1,   "values",			ASN1_SEQUENCE,		ASN1_LOOP }, /*  3 */
+	{ 2,     "octets",			ASN1_OCTET_STRING,	ASN1_OPT |
+													ASN1_BODY }, /*  4 */
+	{ 2,     "end choice",		ASN1_EOC,			ASN1_END  }, /*  5 */
+	{ 2,     "oid",				ASN1_OID,			ASN1_OPT |
+													ASN1_BODY }, /*  6 */
+	{ 2,     "end choice",		ASN1_EOC,			ASN1_END  }, /*  7 */
+	{ 2,     "string",			ASN1_UTF8STRING,	ASN1_OPT |
+													ASN1_BODY }, /*  8 */
+	{ 2,     "end choice",		ASN1_EOC,			ASN1_END  }, /*  9 */
+	{ 1,   "end loop",			ASN1_EOC,			ASN1_END  }, /* 10 */
+	{ 0, "exit",				ASN1_EOC,			ASN1_EXIT }
+};
+#define IETF_ATTR_OCTETS	 4
+#define IETF_ATTR_OID		 6
+#define IETF_ATTR_STRING	 8
+
+/**
+ * Parse group memberships, IETF attributes
+ */
+static bool parse_groups(private_x509_ac_t *this, chunk_t encoded, int level0)
+{
+	ac_group_type_t type;
+	group_t *group;
+	asn1_parser_t *parser;
+	chunk_t object;
+	int objectID;
+	bool success;
+
+	parser = asn1_parser_create(ietfAttrSyntaxObjects, encoded);
+	parser->set_top_level(parser, level0);
+	while (parser->iterate(parser, &objectID, &object))
+	{
+		switch (objectID)
+		{
+			case IETF_ATTR_OCTETS:
+				type = AC_GROUP_TYPE_OCTETS;
+				break;
+			case IETF_ATTR_OID:
+				type = AC_GROUP_TYPE_OID;
+				break;
+			case IETF_ATTR_STRING:
+				type = AC_GROUP_TYPE_STRING;
+				break;
+			default:
+				continue;
+		}
+		INIT(group,
+			.type = type,
+			.value = chunk_clone(object),
+		);
+		this->groups->insert_last(this->groups, group);
+	}
+	success = parser->success(parser);
+	parser->destroy(parser);
+
+	return success;
+}
+
+/**
  * ASN.1 definition of an X509 attribute certificate
  */
 static const asn1Object_t acObjects[] =
 {
 	{ 0, "AttributeCertificate",			ASN1_SEQUENCE,		  ASN1_OBJ  }, /*  0 */
 	{ 1,   "AttributeCertificateInfo",		ASN1_SEQUENCE,		  ASN1_OBJ  }, /*  1 */
-	{ 2,	   "version",					ASN1_INTEGER,		  ASN1_DEF |
+	{ 2,       "version",					ASN1_INTEGER,		  ASN1_DEF |
 																  ASN1_BODY }, /*  2 */
-	{ 2,	   "holder",					ASN1_SEQUENCE,		  ASN1_NONE }, /*  3 */
-	{ 3,	     "baseCertificateID",		ASN1_CONTEXT_C_0,	  ASN1_OPT  }, /*  4 */
-	{ 4,	       "issuer",				ASN1_SEQUENCE,		  ASN1_OBJ  }, /*  5 */
-	{ 4,	       "serial",				ASN1_INTEGER,		  ASN1_BODY }, /*  6 */
+	{ 2,       "holder",					ASN1_SEQUENCE,		  ASN1_NONE }, /*  3 */
+	{ 3,         "baseCertificateID",		ASN1_CONTEXT_C_0,	  ASN1_OPT  }, /*  4 */
+	{ 4,           "issuer",				ASN1_SEQUENCE,		  ASN1_OBJ  }, /*  5 */
+	{ 4,           "serial",				ASN1_INTEGER,		  ASN1_BODY }, /*  6 */
 	{ 4,         "issuerUID",				ASN1_BIT_STRING,	  ASN1_OPT |
 																  ASN1_BODY }, /*  7 */
 	{ 4,         "end opt",					ASN1_EOC,			  ASN1_END  }, /*  8 */
 	{ 3,       "end opt",					ASN1_EOC,			  ASN1_END  }, /*  9 */
-	{ 3,	   "entityName",				ASN1_CONTEXT_C_1,	  ASN1_OPT |
+	{ 3,       "entityName",				ASN1_CONTEXT_C_1,	  ASN1_OPT |
 																  ASN1_OBJ  }, /* 10 */
 	{ 3,       "end opt",					ASN1_EOC,			  ASN1_END  }, /* 11 */
-	{ 3,	     "objectDigestInfo",		ASN1_CONTEXT_C_2,	  ASN1_OPT  }, /* 12 */
-	{ 4,	       "digestedObjectType",	ASN1_ENUMERATED,	  ASN1_BODY }, /* 13 */
-	{ 4,	       "otherObjectTypeID",		ASN1_OID,			  ASN1_OPT |
+	{ 3,         "objectDigestInfo",		ASN1_CONTEXT_C_2,	  ASN1_OPT  }, /* 12 */
+	{ 4,           "digestedObjectType",	ASN1_ENUMERATED,	  ASN1_BODY }, /* 13 */
+	{ 4,           "otherObjectTypeID",		ASN1_OID,			  ASN1_OPT |
 																  ASN1_BODY }, /* 14 */
 	{ 4,         "end opt",					ASN1_EOC,			  ASN1_END  }, /* 15 */
 	{ 4,         "digestAlgorithm",			ASN1_EOC,			  ASN1_RAW  }, /* 16 */
 	{ 3,       "end opt",					ASN1_EOC,			  ASN1_END  }, /* 17 */
-	{ 2,	   "v2Form",					ASN1_CONTEXT_C_0,	  ASN1_NONE }, /* 18 */
-	{ 3,	     "issuerName",				ASN1_SEQUENCE,		  ASN1_OPT |
+	{ 2,       "v2Form",					ASN1_CONTEXT_C_0,	  ASN1_NONE }, /* 18 */
+	{ 3,         "issuerName",				ASN1_SEQUENCE,		  ASN1_OPT |
 																  ASN1_OBJ  }, /* 19 */
 	{ 3,       "end opt",					ASN1_EOC,			  ASN1_END  }, /* 20 */
-	{ 3,	     "baseCertificateID",		ASN1_CONTEXT_C_0,	  ASN1_OPT  }, /* 21 */
-	{ 4,	       "issuerSerial",			ASN1_SEQUENCE,		  ASN1_NONE }, /* 22 */
-	{ 5,	         "issuer",				ASN1_SEQUENCE,		  ASN1_OBJ  }, /* 23 */
-	{ 5,		 "serial",					ASN1_INTEGER,		  ASN1_BODY }, /* 24 */
+	{ 3,         "baseCertificateID",		ASN1_CONTEXT_C_0,	  ASN1_OPT  }, /* 21 */
+	{ 4,           "issuerSerial",			ASN1_SEQUENCE,		  ASN1_NONE }, /* 22 */
+	{ 5,             "issuer",				ASN1_SEQUENCE,		  ASN1_OBJ  }, /* 23 */
+	{ 5,         "serial",					ASN1_INTEGER,		  ASN1_BODY }, /* 24 */
 	{ 5,           "issuerUID",				ASN1_BIT_STRING,	  ASN1_OPT |
 																  ASN1_BODY }, /* 25 */
 	{ 5,           "end opt",				ASN1_EOC,			  ASN1_END  }, /* 26 */
 	{ 3,       "end opt",					ASN1_EOC,			  ASN1_END  }, /* 27 */
 	{ 3,       "objectDigestInfo",			ASN1_CONTEXT_C_1,	  ASN1_OPT  }, /* 28 */
-	{ 4,	       "digestInfo",			ASN1_SEQUENCE,		  ASN1_OBJ  }, /* 29 */
-	{ 5,  	 "digestedObjectType",			ASN1_ENUMERATED,	  ASN1_BODY }, /* 30 */
-	{ 5,		 "otherObjectTypeID",		ASN1_OID,			  ASN1_OPT |
+	{ 4,           "digestInfo",			ASN1_SEQUENCE,		  ASN1_OBJ  }, /* 29 */
+	{ 5,     "digestedObjectType",			ASN1_ENUMERATED,	  ASN1_BODY }, /* 30 */
+	{ 5,         "otherObjectTypeID",		ASN1_OID,			  ASN1_OPT |
 																  ASN1_BODY }, /* 31 */
 	{ 5,           "end opt",				ASN1_EOC,			  ASN1_END  }, /* 32 */
 	{ 5,           "digestAlgorithm",		ASN1_EOC,			  ASN1_RAW  }, /* 33 */
 	{ 3,       "end opt",					ASN1_EOC,			  ASN1_END  }, /* 34 */
-	{ 2,	   "signature",					ASN1_EOC,			  ASN1_RAW  }, /* 35 */
-	{ 2,	   "serialNumber",				ASN1_INTEGER,		  ASN1_BODY }, /* 36 */
-	{ 2,	   "attrCertValidityPeriod",	ASN1_SEQUENCE,		  ASN1_NONE }, /* 37 */
-	{ 3,	     "notBeforeTime",			ASN1_GENERALIZEDTIME, ASN1_BODY }, /* 38 */
-	{ 3,	     "notAfterTime",			ASN1_GENERALIZEDTIME, ASN1_BODY }, /* 39 */
-	{ 2,	   "attributes",				ASN1_SEQUENCE,		  ASN1_LOOP }, /* 40 */
+	{ 2,       "signature",					ASN1_EOC,			  ASN1_RAW  }, /* 35 */
+	{ 2,       "serialNumber",				ASN1_INTEGER,		  ASN1_BODY }, /* 36 */
+	{ 2,       "attrCertValidityPeriod",	ASN1_SEQUENCE,		  ASN1_NONE }, /* 37 */
+	{ 3,         "notBeforeTime",			ASN1_GENERALIZEDTIME, ASN1_BODY }, /* 38 */
+	{ 3,         "notAfterTime",			ASN1_GENERALIZEDTIME, ASN1_BODY }, /* 39 */
+	{ 2,       "attributes",				ASN1_SEQUENCE,		  ASN1_LOOP }, /* 40 */
 	{ 3,       "attribute",					ASN1_SEQUENCE,		  ASN1_NONE }, /* 41 */
 	{ 4,         "type",					ASN1_OID,			  ASN1_BODY }, /* 42 */
 	{ 4,         "values",					ASN1_SET, 			  ASN1_LOOP }, /* 43 */
 	{ 5,           "value",					ASN1_EOC, 			  ASN1_RAW  }, /* 44 */
-	{ 4, 	       "end loop",				ASN1_EOC,			  ASN1_END  }, /* 45 */
+	{ 4,           "end loop",				ASN1_EOC,			  ASN1_END  }, /* 45 */
 	{ 2,     "end loop",					ASN1_EOC,			  ASN1_END  }, /* 46 */
 	{ 2,     "extensions",					ASN1_SEQUENCE,		  ASN1_LOOP }, /* 47 */
 	{ 3,       "extension",					ASN1_SEQUENCE,		  ASN1_NONE }, /* 48 */
@@ -368,22 +448,26 @@ static bool parse_certificate(private_x509_ac_t *this)
 				}
 				break;
 			case AC_OBJ_HOLDER_ISSUER:
-				if (!parse_directoryName(object, level, FALSE, &this->holderIssuer))
+				if (!parse_directoryName(object, level, FALSE,
+										 &this->holderIssuer))
 				{
 					goto end;
 				}
 				break;
 			case AC_OBJ_HOLDER_SERIAL:
-				this->holderSerial = object;
+				this->holderSerial = identification_create_from_encoding(
+															ID_KEY_ID, object);
 				break;
 			case AC_OBJ_ENTITY_NAME:
-				if (!parse_directoryName(object, level, TRUE, &this->entityName))
+				if (!parse_directoryName(object, level, TRUE,
+										 &this->entityName))
 				{
 					goto end;
 				}
 				break;
 			case AC_OBJ_ISSUER_NAME:
-				if (!parse_directoryName(object, level, FALSE, &this->issuerName))
+				if (!parse_directoryName(object, level, FALSE,
+										 &this->issuerName))
 				{
 					goto end;
 				}
@@ -414,13 +498,14 @@ static bool parse_certificate(private_x509_ac_t *this)
 						DBG2(DBG_ASN, "  need to parse accessIdentity");
 						break;
 					case OID_CHARGING_IDENTITY:
-						DBG2(DBG_ASN, "-- > --");
-						this->charging = ietf_attributes_create_from_encoding(object);
-						DBG2(DBG_ASN, "-- < --");
+						DBG2(DBG_ASN, "  need to parse chargingIdentity");
 						break;
 					case OID_GROUP:
 						DBG2(DBG_ASN, "-- > --");
-						this->groups = ietf_attributes_create_from_encoding(object);
+						if (!parse_groups(this, object, level))
+						{
+							goto end;
+						}
 						DBG2(DBG_ASN, "-- < --");
 						break;
 					case OID_ROLE:
@@ -446,8 +531,9 @@ static bool parse_certificate(private_x509_ac_t *this)
 						DBG2(DBG_ASN, "  need to parse crlDistributionPoints");
 						break;
 					case OID_AUTHORITY_KEY_ID:
-						this->authKeyIdentifier = x509_parse_authorityKeyIdentifier(object,
-													level, &this->authKeySerialNumber);
+						this->authKeyIdentifier =
+								x509_parse_authorityKeyIdentifier(object,
+											level, &this->authKeySerialNumber);
 						break;
 					case OID_TARGET_INFORMATION:
 						DBG2(DBG_ASN, "  need to parse targetInformation");
@@ -490,7 +576,7 @@ end:
 static chunk_t build_directoryName(asn1_t tag, chunk_t name)
 {
 	return asn1_wrap(tag, "m",
-		asn1_simple_object(ASN1_CONTEXT_C_4, name));
+				asn1_simple_object(ASN1_CONTEXT_C_4, name));
 }
 
 /**
@@ -499,14 +585,15 @@ static chunk_t build_directoryName(asn1_t tag, chunk_t name)
 static chunk_t build_holder(private_x509_ac_t *this)
 {
 	x509_t* x509 = (x509_t*)this->holderCert;
-	identification_t *issuer = this->holderCert->get_issuer(this->holderCert);
-	identification_t *subject = this->holderCert->get_subject(this->holderCert);
+	identification_t *issuer, *subject;
+
+	issuer = this->holderCert->get_issuer(this->holderCert);
+	subject = this->holderCert->get_subject(this->holderCert);
 
 	return asn1_wrap(ASN1_SEQUENCE, "mm",
 		asn1_wrap(ASN1_CONTEXT_C_0, "mm",
 			build_directoryName(ASN1_SEQUENCE, issuer->get_encoding(issuer)),
-			asn1_simple_object(ASN1_INTEGER, x509->get_serial(x509))
-		),
+			asn1_simple_object(ASN1_INTEGER, x509->get_serial(x509))),
 		build_directoryName(ASN1_CONTEXT_C_1, subject->get_encoding(subject)));
 }
 
@@ -515,10 +602,12 @@ static chunk_t build_holder(private_x509_ac_t *this)
  */
 static chunk_t build_v2_form(private_x509_ac_t *this)
 {
-	identification_t *subject = this->signerCert->get_subject(this->signerCert);
+	identification_t *subject;
 
+	subject = this->signerCert->get_subject(this->signerCert);
 	return asn1_wrap(ASN1_CONTEXT_C_0, "m",
-		build_directoryName(ASN1_SEQUENCE, subject->get_encoding(subject)));
+				build_directoryName(ASN1_SEQUENCE,
+					subject->get_encoding(subject)));
 }
 
 /**
@@ -531,7 +620,6 @@ static chunk_t build_attr_cert_validity(private_x509_ac_t *this)
 				asn1_from_time(&this->notAfter, ASN1_GENERALIZEDTIME));
 }
 
-
 /**
  * build attribute type
  */
@@ -547,8 +635,55 @@ static chunk_t build_attribute_type(int type, chunk_t content)
  */
 static chunk_t build_attributes(private_x509_ac_t *this)
 {
+	enumerator_t *enumerator;
+	group_t *group;
+	chunk_t values;
+	size_t size = 0, len;
+	u_char *pos;
+
+	/* precalculate the total size of all values */
+	enumerator = this->groups->create_enumerator(this->groups);
+	while (enumerator->enumerate(enumerator, &group))
+	{
+		len = group->value.len;
+		size += 1 + (len > 0) + (len >= 128) +
+				(len >= 256) + (len >= 65536) + len;
+	}
+	enumerator->destroy(enumerator);
+
+	pos = asn1_build_object(&values, ASN1_SEQUENCE, size);
+
+	enumerator = this->groups->create_enumerator(this->groups);
+	while (enumerator->enumerate(enumerator, &group))
+	{
+		chunk_t attr;
+		asn1_t type;
+
+		switch (group->type)
+		{
+			case AC_GROUP_TYPE_OCTETS:
+				type = ASN1_OCTET_STRING;
+				break;
+			case AC_GROUP_TYPE_STRING:
+				type = ASN1_UTF8STRING;
+				break;
+			case AC_GROUP_TYPE_OID:
+				type = ASN1_OID;
+				break;
+			default:
+				continue;
+		}
+		attr = asn1_simple_object(type, group->value);
+
+		memcpy(pos, attr.ptr, attr.len);
+		pos += attr.len;
+		free(attr.ptr);
+	}
+	enumerator->destroy(enumerator);
+
 	return asn1_wrap(ASN1_SEQUENCE, "m",
-		build_attribute_type(OID_GROUP, this->groups->get_encoding(this->groups)));
+				build_attribute_type(OID_GROUP,
+					asn1_wrap(ASN1_SEQUENCE, "m", values)));
 }
 
 /**
@@ -621,14 +756,11 @@ static chunk_t build_attr_cert_info(private_x509_ac_t *this)
  */
 static chunk_t build_ac(private_x509_ac_t *this)
 {
-	chunk_t signatureValue;
-	chunk_t attributeCertificateInfo;
+	chunk_t signatureValue, attributeCertificateInfo;
 
 	attributeCertificateInfo = build_attr_cert_info(this);
-
 	this->signerKey->sign(this->signerKey, SIGN_RSA_EMSA_PKCS1_SHA1,
 						  attributeCertificateInfo, &signatureValue);
-
 	return asn1_wrap(ASN1_SEQUENCE, "mmm",
 				attributeCertificateInfo,
 				asn1_algorithmIdentifier(OID_SHA1_WITH_RSA),
@@ -644,7 +776,11 @@ METHOD(ac_t, get_serial, chunk_t,
 METHOD(ac_t, get_holderSerial, chunk_t,
 	private_x509_ac_t *this)
 {
-	return this->holderSerial;
+	if (this->holderSerial)
+	{
+		return this->holderSerial->get_encoding(this->holderSerial);
+	}
+	return chunk_empty;
 }
 
 METHOD(ac_t, get_holderIssuer, identification_t*,
@@ -659,10 +795,28 @@ METHOD(ac_t, get_authKeyIdentifier, chunk_t,
 	return this->authKeyIdentifier;
 }
 
-METHOD(ac_t, get_groups, ietf_attributes_t*,
+/**
+ * Filter function for attribute enumeration
+ */
+static bool attr_filter(void *null, group_t **in, ac_group_type_t *type,
+						void *in2, chunk_t *out)
+{
+	if ((*in)->type == AC_GROUP_TYPE_STRING &&
+		!chunk_printable((*in)->value, NULL, 0))
+	{	/* skip non-printable strings */
+		return FALSE;
+	}
+	*type = (*in)->type;
+	*out = (*in)->value;
+	return TRUE;
+}
+
+METHOD(ac_t, create_group_enumerator, enumerator_t*,
 	private_x509_ac_t *this)
 {
-	return this->groups ? this->groups->get_ref(this->groups) : NULL;
+	return enumerator_create_filter(
+							this->groups->create_enumerator(this->groups),
+							(void*)attr_filter, NULL, NULL);
 }
 
 METHOD(certificate_t, get_type, certificate_type_t,
@@ -674,7 +828,11 @@ METHOD(certificate_t, get_type, certificate_type_t,
 METHOD(certificate_t, get_subject, identification_t*,
 	private_x509_ac_t *this)
 {
-	return this->entityName;
+	if (this->entityName)
+	{
+		return this->entityName;
+	}
+	return this->holderSerial;
 }
 
 METHOD(certificate_t, get_issuer, identification_t*,
@@ -686,13 +844,24 @@ METHOD(certificate_t, get_issuer, identification_t*,
 METHOD(certificate_t, has_subject, id_match_t,
 	private_x509_ac_t *this, identification_t *subject)
 {
-	return ID_MATCH_NONE;
+	id_match_t entity = ID_MATCH_NONE, serial = ID_MATCH_NONE;
+
+	if (this->entityName)
+	{
+		entity = this->entityName->matches(this->entityName, subject);
+	}
+	if (this->holderSerial)
+	{
+		serial = this->holderSerial->matches(this->holderSerial, subject);
+	}
+	return max(entity, serial);
 }
 
 METHOD(certificate_t, has_issuer, id_match_t,
 	private_x509_ac_t *this, identification_t *issuer)
 {
-	if (issuer->get_type(issuer) == ID_KEY_ID && this->authKeyIdentifier.ptr &&
+	if (issuer->get_type(issuer) == ID_KEY_ID &&
+		this->authKeyIdentifier.ptr &&
 		chunk_equals(this->authKeyIdentifier, issuer->get_encoding(issuer)))
 	{
 		return ID_MATCH_PERFECT;
@@ -808,9 +977,10 @@ METHOD(certificate_t, equals, bool,
 	{
 		return TRUE;
 	}
-	if (other->equals == (void*)equals)
+	if (other->equals == _equals)
 	{	/* skip allocation if we have the same implementation */
-		return chunk_equals(this->encoding, ((private_x509_ac_t*)other)->encoding);
+		return chunk_equals(this->encoding,
+							((private_x509_ac_t*)other)->encoding);
 	}
 	if (!other->get_encoding(other, CERT_ASN1_DER, &encoding))
 	{
@@ -827,13 +997,13 @@ METHOD(certificate_t, destroy, void,
 	if (ref_put(&this->ref))
 	{
 		DESTROY_IF(this->holderIssuer);
+		DESTROY_IF(this->holderSerial);
 		DESTROY_IF(this->entityName);
 		DESTROY_IF(this->issuerName);
 		DESTROY_IF(this->holderCert);
 		DESTROY_IF(this->signerCert);
 		DESTROY_IF(this->signerKey);
-		DESTROY_IF(this->charging);
-		DESTROY_IF(this->groups);
+		this->groups->destroy_function(this->groups, (void*)group_destroy);
 		free(this->serialNumber.ptr);
 		free(this->authKeyIdentifier.ptr);
 		free(this->encoding.ptr);
@@ -869,9 +1039,10 @@ static private_x509_ac_t *create_empty(void)
 				.get_holderSerial = _get_holderSerial,
 				.get_holderIssuer = _get_holderIssuer,
 				.get_authKeyIdentifier = _get_authKeyIdentifier,
-				.get_groups = _get_groups,
+				.create_group_enumerator = _create_group_enumerator,
 			},
 		},
+		.groups = linked_list_create(),
 		.ref = 1,
 	);
 
@@ -914,6 +1085,27 @@ x509_ac_t *x509_ac_load(certificate_type_t type, va_list args)
 }
 
 /**
+ * Add groups from a list into AC group memberships
+ */
+static void add_groups_from_list(private_x509_ac_t *this, linked_list_t *list)
+{
+	enumerator_t *enumerator;
+	group_t *group;
+	char *name;
+
+	enumerator = list->create_enumerator(list);
+	while (enumerator->enumerate(enumerator, &name))
+	{
+		INIT(group,
+			.type = AC_GROUP_TYPE_STRING,
+			.value = chunk_clone(chunk_from_str(name)),
+		);
+		this->groups->insert_last(this->groups, group);
+	}
+	enumerator->destroy(enumerator);
+}
+
+/**
  * See header.
  */
 x509_ac_t *x509_ac_gen(certificate_type_t type, va_list args)
@@ -934,8 +1126,8 @@ x509_ac_t *x509_ac_gen(certificate_type_t type, va_list args)
 			case BUILD_SERIAL:
 				ac->serialNumber = chunk_clone(va_arg(args, chunk_t));
 				continue;
-			case BUILD_IETF_GROUP_ATTR:
-				ac->groups = ietf_attributes_create_from_string(va_arg(args, char*));
+			case BUILD_AC_GROUP_STRINGS:
+				add_groups_from_list(ac, va_arg(args, linked_list_t*));
 				continue;
 			case BUILD_CERT:
 				ac->holderCert = va_arg(args, certificate_t*);
@@ -968,4 +1160,3 @@ x509_ac_t *x509_ac_gen(certificate_type_t type, va_list args)
 	destroy(ac);
 	return NULL;
 }
-
diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c
index ed850e8f5..9fd869e77 100644
--- a/src/libstrongswan/plugins/x509/x509_cert.c
+++ b/src/libstrongswan/plugins/x509/x509_cert.c
@@ -758,6 +758,9 @@ static void parse_extendedKeyUsage(chunk_t blob, int level0,
 				case OID_OCSP_SIGNING:
 					this->flags |= X509_OCSP_SIGNER;
 					break;
+				case OID_MS_SMARTCARD_LOGON:
+					this->flags |= X509_MS_SMARTCARD_LOGON;
+					break;
 				default:
 					break;
 			}
@@ -2008,7 +2011,7 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
 	chunk_t subjectKeyIdentifier = chunk_empty, authKeyIdentifier = chunk_empty;
 	chunk_t crlDistributionPoints = chunk_empty, authorityInfoAccess = chunk_empty;
 	chunk_t policyConstraints = chunk_empty, inhibitAnyPolicy = chunk_empty;
-	chunk_t ikeIntermediate = chunk_empty;
+	chunk_t ikeIntermediate = chunk_empty, msSmartcardLogon = chunk_empty;
 	identification_t *issuer, *subject;
 	chunk_t key_info;
 	signature_scheme_t scheme;
@@ -2139,6 +2142,10 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
 	{
 		ocspSigning = asn1_build_known_oid(OID_OCSP_SIGNING);
 	}
+	if (cert->flags & X509_MS_SMARTCARD_LOGON)
+	{
+		msSmartcardLogon = asn1_build_known_oid(OID_MS_SMARTCARD_LOGON);
+	}
 
 	if (serverAuth.ptr || clientAuth.ptr || ikeIntermediate.ptr ||
 		ocspSigning.ptr)
@@ -2146,9 +2153,9 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
 		extendedKeyUsage = asn1_wrap(ASN1_SEQUENCE, "mm",
 								asn1_build_known_oid(OID_EXTENDED_KEY_USAGE),
 								asn1_wrap(ASN1_OCTET_STRING, "m",
-									asn1_wrap(ASN1_SEQUENCE, "mmmm",
+									asn1_wrap(ASN1_SEQUENCE, "mmmmm",
 										serverAuth, clientAuth, ikeIntermediate,
-										ocspSigning)));
+										ocspSigning, msSmartcardLogon)));
 	}
 
 	/* add subjectKeyIdentifier to CA and OCSP signer certificates */
@@ -2167,7 +2174,7 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
 	}
 
 	/* add the keyid authKeyIdentifier for non self-signed certificates */
-	if (sign_key)
+	if (sign_cert)
 	{
 		chunk_t keyid;
 
diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_request.c b/src/libstrongswan/plugins/x509/x509_ocsp_request.c
index 09c5a8539..ff0f0231f 100644
--- a/src/libstrongswan/plugins/x509/x509_ocsp_request.c
+++ b/src/libstrongswan/plugins/x509/x509_ocsp_request.c
@@ -252,7 +252,7 @@ static chunk_t build_optionalSignature(private_x509_ocsp_request_t *this,
 {
 	int oid;
 	signature_scheme_t scheme;
-	chunk_t certs, signature, encoding;
+	chunk_t certs = chunk_empty, signature, encoding;
 
 	switch (this->key->get_type(this->key))
 	{
diff --git a/src/libstrongswan/plugins/x509/x509_plugin.c b/src/libstrongswan/plugins/x509/x509_plugin.c
index 15fea7ee0..54bef7357 100644
--- a/src/libstrongswan/plugins/x509/x509_plugin.c
+++ b/src/libstrongswan/plugins/x509/x509_plugin.c
@@ -52,9 +52,7 @@ METHOD(plugin_t, get_features, int,
 		PLUGIN_REGISTER(CERT_DECODE, x509_cert_load, TRUE),
 			PLUGIN_PROVIDE(CERT_DECODE, CERT_X509),
 				PLUGIN_DEPENDS(HASHER, HASH_SHA1),
-				PLUGIN_SDEPEND(PUBKEY, KEY_RSA),
-				PLUGIN_SDEPEND(PUBKEY, KEY_ECDSA),
-				PLUGIN_SDEPEND(PUBKEY, KEY_DSA),
+				PLUGIN_DEPENDS(PUBKEY, KEY_ANY),
 
 		PLUGIN_REGISTER(CERT_ENCODE, x509_ac_gen, FALSE),
 			PLUGIN_PROVIDE(CERT_ENCODE, CERT_X509_AC),
diff --git a/src/libstrongswan/plugins/xcbc/Makefile.in b/src/libstrongswan/plugins/xcbc/Makefile.in
index c8f886c60..ca6164371 100644
--- a/src/libstrongswan/plugins/xcbc/Makefile.in
+++ b/src/libstrongswan/plugins/xcbc/Makefile.in
@@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/tests/Makefile.in b/src/libstrongswan/tests/Makefile.in
index 656be4efb..e58831c5b 100644
--- a/src/libstrongswan/tests/Makefile.in
+++ b/src/libstrongswan/tests/Makefile.in
@@ -402,7 +402,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libstrongswan/tests/suites/test_chunk.c b/src/libstrongswan/tests/suites/test_chunk.c
index e373fbdb6..34ace2894 100644
--- a/src/libstrongswan/tests/suites/test_chunk.c
+++ b/src/libstrongswan/tests/suites/test_chunk.c
@@ -117,10 +117,13 @@ START_TEST(test_chunk_clear)
 	}
 	chunk_clear(&chunk);
 	/* check memory area of freed chunk. We can't use ck_assert() for this
-	 * test directly, as it might allocate data at the freed area. */
-	for (i = 0; i < 64; i++)
+	 * test directly, as it might allocate data at the freed area.  comparing
+	 * two bytes at once reduces the chances of conflicts if memory got
+	 * overwritten already */
+	for (i = 0; i < 64; i += 2)
 	{
-		if (ptr[i] != 0 && ptr[i] == i)
+		if (ptr[i] != 0 && ptr[i] == i &&
+			ptr[i+1] != 0 && ptr[i+1] == i+1)
 		{
 			cleared = FALSE;
 			break;
diff --git a/src/libstrongswan/tests/suites/test_enumerator.c b/src/libstrongswan/tests/suites/test_enumerator.c
index b5dde4650..9bd6d24f2 100644
--- a/src/libstrongswan/tests/suites/test_enumerator.c
+++ b/src/libstrongswan/tests/suites/test_enumerator.c
@@ -104,10 +104,10 @@ static void destroy_data(void *data)
  * filtered test
  */
 
-static bool filter(void *data, int *v, int *vo, int *w, int *wo,
-				   int *x, int *xo, int *y, int *yo, int *z, int *zo)
+static bool filter(int *data, int **v, int *vo, int **w, int *wo,
+				   int **x, int *xo, int **y, int *yo, int **z, int *zo)
 {
-	int val = *v;
+	int val = **v;
 
 	*vo = val++;
 	*wo = val++;
@@ -118,21 +118,21 @@ static bool filter(void *data, int *v, int *vo, int *w, int *wo,
 	return TRUE;
 }
 
-static bool filter_odd(void *data, int *item, int *out)
+static bool filter_odd(void *data, int **item, int *out)
 {
 	fail_if(data != (void*)101, "data does not match '101' in filter function");
-	*out = *item;
-	return *item % 2 == 0;
+	*out = **item;
+	return **item % 2 == 0;
 }
 
 START_TEST(test_filtered)
 {
-	int round, v, w, x, y, z;
+	int data[5] = {1,2,3,4,5}, round, v, w, x, y, z;
 	linked_list_t *list;
 	enumerator_t *enumerator;
 
-	list = linked_list_create_with_items((void*)1, (void*)2, (void*)3, (void*)4,
-										 (void*)5, NULL);
+	list = linked_list_create_with_items(&data[0], &data[1], &data[2], &data[3],
+										 &data[4], NULL);
 
 	round = 1;
 	enumerator = enumerator_create_filter(list->create_enumerator(list),
@@ -155,12 +155,12 @@ END_TEST
 
 START_TEST(test_filtered_filter)
 {
-	int count, x;
+	int data[5] = {1,2,3,4,5}, count, x;
 	linked_list_t *list;
 	enumerator_t *enumerator;
 
-	list = linked_list_create_with_items((void*)1, (void*)2, (void*)3, (void*)4,
-										 (void*)5, NULL);
+	list = linked_list_create_with_items(&data[0], &data[1], &data[2], &data[3],
+										 &data[4], NULL);
 
 	count = 0;
 	/* should also work without destructor, so set this manually */
diff --git a/src/libstrongswan/tests/suites/test_ntru.c b/src/libstrongswan/tests/suites/test_ntru.c
index a46f5742c..7c0cb81bf 100644
--- a/src/libstrongswan/tests/suites/test_ntru.c
+++ b/src/libstrongswan/tests/suites/test_ntru.c
@@ -20,6 +20,8 @@
 #include <plugins/ntru/ntru_mgf1.h>
 #include <plugins/ntru/ntru_trits.h>
 #include <plugins/ntru/ntru_poly.h>
+#include <plugins/ntru/ntru_param_set.h>
+#include <plugins/ntru/ntru_private_key.h>
 #include <utils/test.h>
 
 IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_drbg_create, ntru_drbg_t*,
@@ -41,6 +43,18 @@ IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_poly_create_from_data, ntru_poly_t*,
 						  uint32_t indices_len_p, uint32_t indices_len_m,
 						  bool is_product_form)
 
+IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_param_set_get_by_id,  ntru_param_set_t* ,
+						  ntru_param_set_id_t id)
+
+IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_private_key_create, ntru_private_key_t*,
+						  ntru_drbg_t *drbg, ntru_param_set_t *params)
+
+IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_private_key_create_from_data, ntru_private_key_t*,
+						  ntru_drbg_t *drbg, chunk_t data)
+
+IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_public_key_create_from_data, ntru_public_key_t*,
+						  ntru_drbg_t *drbg, chunk_t data)
+
 /**
  * NTRU parameter sets to test
  */
@@ -86,7 +100,8 @@ START_TEST(test_ntru_drbg_strength)
 	entropy = lib->crypto->create_rng(lib->crypto, RNG_STRONG);
 	ck_assert(entropy != NULL);
 
-	drbg = ntru_drbg_create(strengths[_i].requested, chunk_empty, entropy);
+	drbg = TEST_FUNCTION(ntru, ntru_drbg_create, strengths[_i].requested,
+						 chunk_empty, entropy);
 	if (strengths[_i].standard)
 	{
 		ck_assert(drbg != NULL);
@@ -243,7 +258,8 @@ START_TEST(test_ntru_drbg)
 
 	out = chunk_alloc(128);
 	entropy = test_rng_create(drbg_tests[_i].entropy);
-	drbg = ntru_drbg_create(256, drbg_tests[_i].pers_str, entropy);
+	drbg = TEST_FUNCTION(ntru, ntru_drbg_create, 256, drbg_tests[_i].pers_str,
+						 entropy);
 	ck_assert(drbg != NULL);
 	ck_assert(drbg->reseed(drbg));
 	ck_assert(drbg->generate(drbg, 256, 128, out.ptr));
@@ -265,7 +281,7 @@ START_TEST(test_ntru_drbg_reseed)
 						  "libstrongswan.plugins.ntru.max_drbg_requests", 2);
 	out = chunk_alloc(128);
 	entropy = test_rng_create(drbg_tests[0].entropy);
-	drbg = ntru_drbg_create(256, chunk_empty, entropy);
+	drbg = TEST_FUNCTION(ntru, ntru_drbg_create, 256, chunk_empty, entropy);
 
 	/* bad output parameters */
 	ck_assert(!drbg->generate(drbg, 256, 0, out.ptr));
@@ -283,13 +299,13 @@ START_TEST(test_ntru_drbg_reseed)
 	drbg->destroy(drbg);
 
 	/* no entropy available for DRBG instantiation */
-	drbg = ntru_drbg_create(256, chunk_empty, entropy);
+	drbg = TEST_FUNCTION(ntru, ntru_drbg_create, 256, chunk_empty, entropy);
 	ck_assert(drbg == NULL);
 	entropy->destroy(entropy);
 
 	/* one automatic reseeding occurs */
 	entropy = test_rng_create(drbg_tests[0].entropy);
-	drbg = ntru_drbg_create(256, chunk_empty, entropy);
+	drbg = TEST_FUNCTION(ntru, ntru_drbg_create, 256, chunk_empty, entropy);
 	ck_assert(drbg->generate(drbg, 256, 128, out.ptr));
 	ck_assert(drbg->generate(drbg, 256, 128, out.ptr));
 	ck_assert(drbg->generate(drbg, 256, 128, out.ptr));
@@ -374,7 +390,7 @@ uint16_t indices_ees1171ep1[] = {
  */
 mgf1_test_t mgf1_tests[] = {
 	{	HASH_SHA1, 20, 60, 20, 15, 24,
-		chunk_from_chars( 
+		chunk_from_chars(
 						0xED, 0xA5, 0xC3, 0xBC, 0xAF, 0xB3, 0x20, 0x7D,
 						0x14, 0xA1, 0x54, 0xF7, 0x8B, 0x37, 0xF2, 0x8D,
 						0x8C, 0x9B, 0xD5, 0x63, 0x57, 0x38, 0x11, 0xC2,
@@ -408,7 +424,7 @@ mgf1_test_t mgf1_tests[] = {
 						0x40, 0x4B, 0xE7, 0x22, 0x3A, 0x56, 0x10, 0x6D,
 						0x4D, 0x29, 0x0B, 0xCE, 0xA6, 0x21, 0xB5, 0x5C,
 						0x71, 0x66, 0x2F, 0x70, 0x35, 0xD8, 0x8A, 0x92,
-						0x33, 0xF0, 0x16, 0xD4, 0x0E, 0x43, 0x8A, 0x14), 
+						0x33, 0xF0, 0x16, 0xD4, 0x0E, 0x43, 0x8A, 0x14),
 		chunk_from_chars(
 				1, 2, 1, 0, 0,  1, 1, 1, 2, 0,  1, 0, 1, 1, 1,  0, 2, 0, 1, 1,
 				0, 0, 0, 1, 1,  0, 2, 0, 2, 2,	1, 2, 2, 2, 1,  2, 1, 1, 0, 0,
@@ -466,7 +482,7 @@ mgf1_test_t mgf1_tests[] = {
 						0x76, 0x89, 0x8B, 0x1B, 0x60, 0xEC, 0x10, 0x9D,
 						0x8F, 0x13, 0xF2, 0xFE, 0xD9, 0x85, 0xC1, 0xAB,
 						0x7E, 0xEE, 0xB1, 0x31, 0xDD, 0xF7, 0x7F, 0x0C,
-						0x7D, 0xF9, 0x6B, 0x7B, 0x19, 0x80, 0xBD, 0x28), 
+						0x7D, 0xF9, 0x6B, 0x7B, 0x19, 0x80, 0xBD, 0x28),
 		chunk_from_chars(
 						0xF1, 0x19, 0x02, 0x4F, 0xDA, 0x58, 0x05, 0x9A,
 						0x07, 0xDF, 0x61, 0x81, 0x22, 0x0E, 0x15, 0x46,
@@ -542,14 +558,17 @@ START_TEST(test_ntru_mgf1)
 	mask2.len = mgf1_tests[_i].ml2;
 	mask3.len = mgf1_tests[_i].ml3;
 
-	mgf1 = ntru_mgf1_create(HASH_UNKNOWN, mgf1_tests[_i].seed, TRUE);
+	mgf1 = TEST_FUNCTION(ntru, ntru_mgf1_create, HASH_UNKNOWN,
+						 mgf1_tests[_i].seed, TRUE);
 	ck_assert(mgf1 == NULL);
 
-	mgf1 = ntru_mgf1_create(mgf1_tests[_i].alg, chunk_empty, TRUE);
+	mgf1 = TEST_FUNCTION(ntru, ntru_mgf1_create, mgf1_tests[_i].alg,
+						 chunk_empty, TRUE);
 	ck_assert(mgf1 == NULL);
 
 	/* return mask in allocated chunk */
-	mgf1 = ntru_mgf1_create(mgf1_tests[_i].alg, mgf1_tests[_i].seed, TRUE);
+	mgf1 = TEST_FUNCTION(ntru, ntru_mgf1_create, mgf1_tests[_i].alg,
+						 mgf1_tests[_i].seed, TRUE);
 	ck_assert(mgf1);
 
 	/* check hash size */
@@ -565,14 +584,16 @@ START_TEST(test_ntru_mgf1)
 	mgf1->destroy(mgf1);
 
 	/* copy mask to pre-allocated buffer */
-	mgf1 = ntru_mgf1_create(mgf1_tests[_i].alg, mgf1_tests[_i].seed, TRUE);
+	mgf1 = TEST_FUNCTION(ntru, ntru_mgf1_create, mgf1_tests[_i].alg,
+						 mgf1_tests[_i].seed, TRUE);
 	ck_assert(mgf1);
 	ck_assert(mgf1->get_mask(mgf1, mgf1_tests[_i].mask.len, mask.ptr));
 	ck_assert(chunk_equals(mask, mgf1_tests[_i].mask));
 	mgf1->destroy(mgf1);
 
 	/* get mask in batches without hashing the seed */
-	mgf1 = ntru_mgf1_create(mgf1_tests[_i].alg, mgf1_tests[_i].hashed_seed, FALSE);
+	mgf1 = TEST_FUNCTION(ntru, ntru_mgf1_create, mgf1_tests[_i].alg,
+						 mgf1_tests[_i].hashed_seed, FALSE);
 	ck_assert(mgf1);
 
 	/* first batch */
@@ -600,16 +621,16 @@ START_TEST(test_ntru_trits)
 	ntru_trits_t *mask;
 	chunk_t trits;
 
-	mask = ntru_trits_create(mgf1_tests[_i].trits.len, HASH_UNKNOWN,
-							 mgf1_tests[_i].seed);
+	mask = TEST_FUNCTION(ntru, ntru_trits_create, mgf1_tests[_i].trits.len,
+						 HASH_UNKNOWN, mgf1_tests[_i].seed);
 	ck_assert(mask == NULL);
 
-	mask = ntru_trits_create(mgf1_tests[_i].trits.len, mgf1_tests[_i].alg,
-							 chunk_empty);
+	mask = TEST_FUNCTION(ntru, ntru_trits_create, mgf1_tests[_i].trits.len,
+						 mgf1_tests[_i].alg, chunk_empty);
 	ck_assert(mask == NULL);
 
-	mask = ntru_trits_create(mgf1_tests[_i].trits.len, mgf1_tests[_i].alg,
-							 mgf1_tests[_i].seed);
+	mask = TEST_FUNCTION(ntru, ntru_trits_create, mgf1_tests[_i].trits.len,
+						 mgf1_tests[_i].alg, mgf1_tests[_i].seed);
 	ck_assert(mask);
 
 	trits = chunk_create(mask->get_trits(mask), mask->get_size(mask));
@@ -617,7 +638,8 @@ START_TEST(test_ntru_trits)
 	mask->destroy(mask);
 
 	/* generate a multiple of 5 trits */
-	mask = ntru_trits_create(10, mgf1_tests[_i].alg, mgf1_tests[_i].seed);
+	mask = TEST_FUNCTION(ntru, ntru_trits_create, 10, mgf1_tests[_i].alg,
+						 mgf1_tests[_i].seed);
 	ck_assert(mask);
 
 	trits = chunk_create(mask->get_trits(mask), mask->get_size(mask));
@@ -638,17 +660,17 @@ START_TEST(test_ntru_poly)
 	seed.len = mgf1_tests[_i].seed_len;
 
 	p = &mgf1_tests[_i].poly_test[0];
-	poly = ntru_poly_create_from_seed(HASH_UNKNOWN, seed, p->c_bits, p->N, p->q,
-									  p->indices_len, p->indices_len,
-									  p->is_product_form);
+	poly = TEST_FUNCTION(ntru, ntru_poly_create_from_seed, HASH_UNKNOWN, seed,
+						 p->c_bits, p->N, p->q, p->indices_len, p->indices_len,
+						 p->is_product_form);
 	ck_assert(poly == NULL);
 
 	for (n = 0; n < 2; n++)
 	{
 		p = &mgf1_tests[_i].poly_test[n];
-		poly = ntru_poly_create_from_seed(mgf1_tests[_i].alg, seed, p->c_bits,
-										  p->N, p->q, p->indices_len,
-										  p->indices_len, p->is_product_form);
+		poly = TEST_FUNCTION(ntru, ntru_poly_create_from_seed,
+							mgf1_tests[_i].alg, seed, p->c_bits, p->N, p->q,
+							p->indices_len, p->indices_len, p->is_product_form);
 		ck_assert(poly != NULL && poly->get_size(poly) == p->indices_size);
 
 		indices = poly->get_indices(poly);
@@ -748,8 +770,9 @@ START_TEST(test_ntru_ring_mult)
 	int i;
 
 	t = &ring_mult_tests[_i];
-	poly = ntru_poly_create_from_data(t->indices, t->N, t->q, t->indices_len_p,
-									  t->indices_len_m, t->is_product_form);
+	poly = TEST_FUNCTION(ntru, ntru_poly_create_from_data, t->indices, t->N,
+						 t->q, t->indices_len_p, t->indices_len_m,
+						 t->is_product_form);
 	ck_assert(poly != NULL);
 
 	c = malloc(t->N * sizeof(uint16_t));
@@ -776,8 +799,9 @@ START_TEST(test_ntru_array)
 
 	t = &ring_mult_tests[array_tests[_i]];
 
-	poly = ntru_poly_create_from_data(t->indices, t->N, t->q, t->indices_len_p,
-									  t->indices_len_m, t->is_product_form);
+	poly = TEST_FUNCTION(ntru, ntru_poly_create_from_data, t->indices, t->N,
+						 t->q, t->indices_len_p, t->indices_len_m,
+						 t->is_product_form);
 	ck_assert(poly != NULL);
 
 	c = malloc(t->N * sizeof(uint16_t));
@@ -793,62 +817,413 @@ START_TEST(test_ntru_array)
 }
 END_TEST
 
+START_TEST(test_ntru_param_set)
+{
+	ck_assert(TEST_FUNCTION(ntru, ntru_param_set_get_by_id, -1) == NULL);
+	ck_assert(TEST_FUNCTION(ntru, ntru_param_set_get_by_id, 16) == NULL);
+}
+END_TEST
+
+typedef struct {
+	ntru_param_set_id_t id;
+	chunk_t entropy;
+	chunk_t encoding;
+} privkey_test_t;
+
+privkey_test_t privkey_tests[] = {
+	{
+		NTRU_EES401EP1,
+		chunk_from_chars(
+						0x0C, 0x2F, 0x24, 0xE1, 0xA4, 0x81, 0x26, 0xA2,
+						0x6C, 0xEA, 0xCD, 0x1A, 0xF3, 0xEB, 0x3D, 0xBF,
+						0xEA, 0xAE, 0xC3, 0x0D, 0xC1),
+		chunk_from_chars(
+						0x02, 0x03, 0x00, 0x02, 0x04, 0x3E, 0xF3, 0xCB,
+						0x7A, 0x58, 0x13, 0x75, 0xBB, 0x87, 0xF5, 0xBF,
+						0x2E, 0x18, 0xAE, 0x03, 0xAF, 0xB8, 0x33, 0x85,
+						0xD8, 0xBF, 0x8A, 0xB5, 0x8C, 0xA6, 0xDF, 0x03,
+						0x90, 0x1E, 0xE4, 0x83, 0xA4, 0x95, 0x40, 0xB5,
+						0x08, 0x92, 0x29, 0xD8, 0x83, 0xA8, 0x42, 0xB2,
+						0x69, 0xC2, 0x00, 0x8B, 0xAE, 0x80, 0x00, 0x4F,
+						0x3D, 0xDD, 0xFB, 0xDB, 0x9A, 0xD8, 0x0F, 0xFF,
+						0xBC, 0x21, 0xD5, 0xE6, 0x04, 0x9C, 0xDD, 0x3B,
+						0x2D, 0x16, 0x4B, 0xC7, 0x3D, 0xBE, 0xDE, 0xBB,
+						0x6F, 0xF4, 0x8A, 0x31, 0xCD, 0x23, 0x19, 0xC2,
+						0x3C, 0xE1, 0xE2, 0xEE, 0xE4, 0xE7, 0x2E, 0xFC,
+						0x5C, 0xDD, 0xAD, 0x0C, 0x9D, 0x98, 0xC5, 0x18,
+						0x2A, 0x80, 0x21, 0x93, 0x61, 0xC4, 0x9A, 0x16,
+						0xE8, 0x9B, 0xF7, 0x3B, 0x6D, 0x06, 0x91, 0x9E,
+						0x71, 0x59, 0xBE, 0x8E, 0x65, 0x61, 0xB2, 0x69,
+						0x9C, 0x82, 0x58, 0x0D, 0x63, 0x7A, 0x1F, 0x2A,
+						0x1C, 0x2C, 0x92, 0x8C, 0x8D, 0xCA, 0x2B, 0x45,
+						0x24, 0x79, 0xDB, 0x7F, 0x1D, 0x2F, 0xAB, 0x88,
+						0x8C, 0x1D, 0xE3, 0x15, 0x8F, 0xCD, 0x46, 0x8C,
+						0x45, 0x20, 0x88, 0x1C, 0x17, 0xE0, 0xE5, 0x89,
+						0xF4, 0x60, 0x56, 0x3C, 0x6B, 0x9F, 0x2A, 0xD9,
+						0xD0, 0xAE, 0x3B, 0xB6, 0xC2, 0xB7, 0x58, 0xC6,
+						0x6E, 0x09, 0x36, 0x21, 0x0B, 0xDD, 0xE9, 0x52,
+						0x33, 0x27, 0x39, 0xC8, 0x51, 0x59, 0x69, 0x25,
+						0xC6, 0x3D, 0x19, 0x5C, 0x5E, 0x74, 0xD0, 0x62,
+						0xD9, 0x26, 0x90, 0xC7, 0x64, 0x92, 0xA8, 0x72,
+						0xD1, 0x77, 0x1F, 0x78, 0xC5, 0x11, 0xBD, 0x5D,
+						0x3C, 0x1B, 0x1F, 0x8B, 0x5B, 0xE4, 0x5D, 0xA1,
+						0x27, 0x6D, 0x20, 0x24, 0x32, 0x53, 0xF3, 0xB0,
+						0xE6, 0x71, 0x61, 0xCC, 0xFC, 0x4A, 0x06, 0xDA,
+						0xBE, 0xD7, 0x9F, 0x2F, 0xEB, 0x44, 0xD0, 0x8A,
+						0x7D, 0x8E, 0x82, 0xF5, 0x84, 0xCF, 0x8E, 0xE5,
+						0x4B, 0xA4, 0x30, 0x77, 0xBD, 0x14, 0xB9, 0x75,
+						0x02, 0x68, 0xDF, 0x71, 0x89, 0x81, 0xF2, 0x95,
+						0xC3, 0x67, 0x6E, 0x37, 0xE4, 0xD0, 0xC9, 0x1E,
+						0x02, 0xDE, 0x2D, 0x79, 0x99, 0xE8, 0x7D, 0x5C,
+						0x99, 0xF2, 0x1A, 0xDE, 0x12, 0x9B, 0xD1, 0x83,
+						0x9B, 0x01, 0xD3, 0xEB, 0x2B, 0x8E, 0x9C, 0xA5,
+						0x19, 0xE8, 0x2E, 0xFE, 0x23, 0x6E, 0xAD, 0x8F,
+						0x3C, 0xAF, 0xB9, 0xE6, 0xDB, 0x07, 0xA4, 0x31,
+						0x02, 0x2B, 0x6A, 0xA0, 0xFB, 0x51, 0x6C, 0xD0,
+						0x26, 0xD5, 0xAD, 0x29, 0x65, 0x10, 0xCE, 0xF8,
+						0x84, 0x4D, 0x1E, 0x37, 0x92, 0xA2, 0xD1, 0xFA,
+						0xF6, 0xC0, 0x36, 0x4C, 0x23, 0x3A, 0x42, 0xAA,
+						0xB8, 0x0D, 0x4E, 0xD4, 0x40, 0x61, 0xD5, 0x36,
+						0x62, 0x23, 0x7C, 0x1C, 0x5E, 0xEA, 0x16, 0xAD,
+						0x4F, 0x30, 0xF9, 0x16, 0x99, 0xCE, 0xC5, 0x50,
+						0xAC, 0x8F, 0x6F, 0x98, 0xD7, 0xE3, 0x89, 0x6E,
+						0x3A, 0x12, 0xCE, 0xA7, 0xA4, 0x17, 0x74, 0xDC,
+						0xDB, 0xFA, 0xFF, 0xF9, 0x35, 0xD7, 0xF5, 0x77,
+						0x03, 0xF5, 0xBF, 0x81, 0x6C, 0x9F, 0x62, 0xA6,
+						0x8A, 0x5B, 0xA3, 0xEF, 0x9D, 0xC3, 0xF6, 0x3A,
+						0x6A, 0xC0, 0x42, 0x71, 0xAF, 0x90, 0xCA, 0x1D,
+						0x86, 0x78, 0xD7, 0x2C, 0xFE, 0xB6, 0x99, 0x15,
+						0x8C, 0x10, 0x42, 0x92, 0x2C, 0x05, 0x43, 0x92,
+						0x69, 0x05, 0x8D, 0x9E, 0xBC, 0xAB, 0x8F, 0x28,
+						0xAA, 0x4B, 0xFB, 0x25, 0xD9, 0xAD, 0x29, 0xFF,
+						0x33, 0x65, 0x14, 0xC3, 0x75, 0x1F, 0xCF, 0xFC,
+						0x20, 0x83, 0xBF, 0xB9, 0xA5, 0x4B, 0x7B, 0xD9,
+						0x07, 0x5C, 0xA1, 0xD1, 0x5A, 0x3E, 0x94, 0xF8,
+						0x03, 0xDE, 0xB8, 0x94, 0x11, 0x92, 0x80, 0x77,
+						0x57, 0x45, 0x1E, 0x6B, 0xA5, 0x15, 0xDB, 0x48,
+						0xB6, 0x9E, 0x02, 0xF1, 0x61, 0x4A, 0xAC, 0x1D,
+						0x49, 0xBC, 0xA9, 0x3F, 0x03, 0x50, 0xAC, 0x02,
+						0x8E, 0x84, 0xE0, 0x12, 0x37, 0x76, 0xBC, 0x4A,
+						0xF9, 0xC6, 0x74, 0x36, 0xFC, 0x92, 0x1D, 0x59,
+						0x0C, 0x04, 0xD2, 0x14, 0xB7, 0x11, 0xE9, 0xE2,
+						0xFE, 0x0C, 0xE1, 0xDA, 0x8B, 0xCA, 0x10, 0xA1,
+						0x60, 0xB6, 0x57, 0x51, 0x00, 0xD6, 0x5B, 0x55,
+						0x09, 0x60, 0xE8, 0x00, 0x40, 0x45, 0x56, 0xBA,
+						0x83, 0x1E, 0x36, 0x12, 0x59, 0x4B, 0x19, 0x00,
+						0x53, 0xAE, 0x62, 0xA6, 0x29, 0x39, 0xED, 0x87,
+						0x24, 0x37, 0x1E, 0x1B, 0xCF, 0x3F, 0x3A, 0x71,
+						0x31, 0xB5, 0x50, 0x8D, 0x4B, 0x53, 0x53, 0x75,
+						0x3F, 0x33, 0x39, 0x09, 0x2A, 0x78, 0xA8, 0x71,
+						0x3E, 0x63, 0xC5, 0x61, 0x73, 0xB6, 0xE1, 0x71,
+						0x16, 0xDA, 0x06, 0xBF, 0x3F, 0x22, 0x74, 0x89,
+						0x08, 0xD2, 0x05, 0x0B, 0x16, 0xC8, 0xF0, 0x17,
+						0x4E, 0xA2, 0x65, 0x67, 0x6D, 0x02)
+	},
+	{
+		NTRU_EES743EP1,
+		chunk_from_chars(
+						0x9B, 0xAB, 0x57, 0xDB, 0x2C, 0x60, 0x83, 0x48,
+						0x9F, 0xC9, 0x70, 0x8F, 0x69, 0xF7, 0xB4, 0xBB,
+						0x63, 0x5C, 0x9A, 0x63, 0x07, 0x80, 0x17, 0xD3,
+						0xCD, 0xB1, 0x57, 0x79, 0xFE, 0x8D, 0x81, 0x70,
+						0xEB, 0x50, 0xFA, 0x05, 0xFB, 0x97, 0xB2, 0xAB,
+						0x25, 0xED, 0xD8, 0x18, 0x1C, 0xFE, 0x96, 0x7D),
+		chunk_from_chars(
+						0x02, 0x03, 0x00, 0x06, 0x10, 0x14, 0x53, 0x73,
+						0x56, 0xF5, 0xA9, 0x34, 0xDE, 0xA6, 0x4D, 0x46,
+						0x05, 0x9E, 0x80, 0xAE, 0xB6, 0x74, 0x91, 0xFF,
+						0xFB, 0x48, 0xD3, 0x5C, 0x61, 0x12, 0x46, 0x02,
+						0x9F, 0x53, 0x45, 0x87, 0x47, 0xBD, 0x6B, 0x26,
+						0xF7, 0x36, 0xD3, 0x99, 0x1B, 0xD7, 0xEA, 0xA3,
+						0xA8, 0x94, 0xFF, 0x93, 0x46, 0x7C, 0x2C, 0x5F,
+						0x87, 0x8C, 0x38, 0xB3, 0x7B, 0xC6, 0x49, 0xE2,
+						0x88, 0xCA, 0x67, 0x89, 0xD0, 0x6D, 0x7C, 0xAE,
+						0x7C, 0x98, 0x84, 0xDA, 0x6B, 0x93, 0x92, 0xEF,
+						0x4A, 0xD1, 0x4A, 0xD2, 0x5B, 0x13, 0xF8, 0x59,
+						0x15, 0x2E, 0xBC, 0x70, 0x8D, 0x2D, 0xA9, 0x47,
+						0xA1, 0x99, 0x19, 0x3F, 0x67, 0xE8, 0x18, 0xA7,
+						0x17, 0x07, 0xB3, 0x14, 0xF6, 0x20, 0xA1, 0xD8,
+						0x33, 0xE8, 0x08, 0x6A, 0xC1, 0x39, 0x99, 0x08,
+						0xB4, 0x88, 0xEB, 0x48, 0x7D, 0xFB, 0xF5, 0xEF,
+						0x03, 0x0D, 0x25, 0xB7, 0x98, 0xF3, 0xF1, 0x15,
+						0x63, 0xE4, 0x0F, 0xFD, 0x54, 0x9F, 0x56, 0xE9,
+						0xD1, 0x44, 0xE5, 0x89, 0x66, 0x14, 0x91, 0x1C,
+						0xFD, 0xD6, 0xFD, 0x38, 0xAE, 0x39, 0xE3, 0xF7,
+						0xCD, 0x77, 0xC2, 0xEA, 0x2E, 0xE4, 0xB7, 0x2B,
+						0xBA, 0x7A, 0xD1, 0x75, 0xB8, 0x28, 0x65, 0x18,
+						0xF4, 0xC6, 0xBD, 0xD0, 0x17, 0x7E, 0xEA, 0x86,
+						0x7E, 0xFC, 0x95, 0xD6, 0x4C, 0x92, 0x01, 0xC3,
+						0xFF, 0x04, 0x9B, 0xF8, 0xD6, 0xB3, 0x8F, 0x72,
+						0xEF, 0x64, 0x09, 0x61, 0xF8, 0xE4, 0x48, 0xFC,
+						0x0D, 0xEE, 0xEF, 0xA2, 0x9F, 0x3A, 0x2B, 0x1A,
+						0xFB, 0x8B, 0xA0, 0x9C, 0x11, 0x0B, 0x97, 0x75,
+						0x30, 0x7C, 0xB8, 0x9F, 0xEE, 0x3B, 0x53, 0x85,
+						0x7D, 0xE9, 0xCB, 0xC4, 0x4D, 0xD7, 0x7F, 0x59,
+						0x10, 0x72, 0x19, 0x3A, 0xC9, 0x38, 0xFE, 0xE8,
+						0xB3, 0x06, 0x55, 0x8D, 0xA2, 0x5A, 0x3D, 0x79,
+						0x67, 0x0E, 0x90, 0xC9, 0x25, 0x6D, 0x45, 0x9C,
+						0x39, 0x79, 0x5F, 0x18, 0x35, 0x9F, 0xC1, 0x49,
+						0x08, 0x6F, 0x1C, 0x47, 0x09, 0x0D, 0x49, 0x7C,
+						0x3C, 0x7B, 0xB1, 0x09, 0x92, 0x1C, 0x4E, 0x5A,
+						0xDA, 0x74, 0x9E, 0xBB, 0x55, 0x9D, 0xBB, 0x1E,
+						0x43, 0x28, 0x62, 0xAF, 0x02, 0xB0, 0x1A, 0xEA,
+						0x13, 0x0A, 0x70, 0x0F, 0x60, 0x0F, 0x62, 0xA2,
+						0x4E, 0x1F, 0xB2, 0xEA, 0x06, 0xDD, 0x18, 0x02,
+						0x6C, 0xF3, 0x82, 0xF1, 0x80, 0x7F, 0xA7, 0x2F,
+						0xCC, 0xC6, 0x18, 0xEA, 0xFF, 0x1F, 0xAD, 0xC6,
+						0xBA, 0x0C, 0x0E, 0x04, 0xB2, 0x58, 0x1D, 0xB6,
+						0x01, 0xA3, 0x97, 0xDF, 0x7D, 0x9B, 0xB5, 0x0A,
+						0xAD, 0x30, 0x2B, 0xC5, 0x67, 0x40, 0x07, 0xF1,
+						0xD5, 0x6C, 0x11, 0x10, 0xE1, 0x69, 0x30, 0xAD,
+						0x90, 0x06, 0xDB, 0xF8, 0xEA, 0x92, 0x9B, 0x39,
+						0x57, 0x38, 0x7B, 0xE4, 0xB2, 0xA2, 0x89, 0xFD,
+						0xB1, 0x6D, 0x88, 0x41, 0x62, 0x4D, 0x18, 0xB6,
+						0x3F, 0x12, 0x81, 0xDE, 0xE6, 0xDC, 0x4A, 0x31,
+						0x61, 0x26, 0xB1, 0x4B, 0x95, 0xC1, 0x69, 0xDC,
+						0xDC, 0xAC, 0xD0, 0x15, 0xFC, 0x21, 0xC5, 0x20,
+						0x5F, 0x97, 0x76, 0x41, 0xC1, 0xF2, 0xD7, 0x95,
+						0x1D, 0x25, 0x23, 0x36, 0x86, 0xFA, 0x7E, 0xF4,
+						0x14, 0x9F, 0x9D, 0x9F, 0xB2, 0xBB, 0x25, 0x1D,
+						0xD5, 0x7A, 0x6F, 0x9E, 0xF7, 0xEF, 0x9D, 0x63,
+						0x1E, 0xD5, 0xDE, 0x6A, 0xE6, 0x46, 0x48, 0x1F,
+						0xE1, 0x0C, 0x4D, 0x82, 0xC9, 0x19, 0x3B, 0x65,
+						0xA4, 0x06, 0x13, 0xB7, 0x04, 0xB1, 0x62, 0xF7,
+						0x08, 0xAE, 0xED, 0x42, 0x6D, 0xCC, 0x6C, 0xA6,
+						0x06, 0x06, 0x41, 0x3E, 0x0C, 0x89, 0x4C, 0xBD,
+						0x00, 0x4F, 0x0E, 0xA9, 0x72, 0x06, 0x21, 0x82,
+						0xD2, 0xB6, 0x6C, 0xB0, 0xB0, 0x01, 0x5B, 0xDD,
+						0x05, 0xCE, 0x71, 0x6E, 0x00, 0x58, 0xC7, 0xA6,
+						0x5B, 0xF6, 0xFB, 0x6B, 0x62, 0xB1, 0xE8, 0x4D,
+						0xAC, 0xC0, 0x6B, 0xF4, 0x40, 0x69, 0xEE, 0x0D,
+						0xE7, 0x82, 0x61, 0x8D, 0x35, 0x01, 0x97, 0x4E,
+						0xF2, 0xCC, 0xF5, 0x7F, 0xBF, 0xE4, 0xEC, 0x9C,
+						0xC4, 0xD2, 0xD9, 0x65, 0x78, 0x98, 0xD8, 0xB0,
+						0xFA, 0xA8, 0xFB, 0xB0, 0xCE, 0x22, 0x5D, 0x0B,
+						0x27, 0xDF, 0x0E, 0x63, 0x42, 0xFE, 0x89, 0x13,
+						0x99, 0xB2, 0x02, 0x0B, 0xF6, 0x04, 0xB6, 0xAF,
+						0x9F, 0x8C, 0xA6, 0x17, 0x0D, 0xD9, 0x5B, 0x45,
+						0xE4, 0x08, 0x53, 0x51, 0xE0, 0xD5, 0x22, 0x72,
+						0xBE, 0xAD, 0x74, 0x69, 0xB9, 0xFB, 0x91, 0xF8,
+						0xC1, 0x89, 0x28, 0x71, 0x27, 0x62, 0xB1, 0xF0,
+						0xFD, 0x78, 0xBC, 0x82, 0xFE, 0x76, 0xBE, 0x7B,
+						0x47, 0x79, 0x32, 0x71, 0xAD, 0xD6, 0x76, 0x46,
+						0xFB, 0x32, 0xE8, 0x4B, 0x98, 0x9A, 0xC6, 0x85,
+						0xF2, 0xF1, 0x8A, 0xEC, 0xC2, 0x4E, 0x9B, 0x2F,
+						0x2D, 0x6F, 0xC9, 0x9B, 0xB6, 0x14, 0x35, 0x6D,
+						0xD6, 0x5B, 0xF3, 0x02, 0x5A, 0xE5, 0xBD, 0x00,
+						0xF7, 0x6E, 0x51, 0xA7, 0xDB, 0x19, 0xAE, 0x01,
+						0x01, 0x05, 0x94, 0x23, 0xF7, 0x5B, 0x07, 0x79,
+						0xFF, 0x39, 0x58, 0x9C, 0x2A, 0xF7, 0x7E, 0x5D,
+						0x81, 0xF9, 0x59, 0xFE, 0xB9, 0x9A, 0x96, 0x63,
+						0x1F, 0x65, 0xF6, 0xF0, 0x3D, 0xEA, 0xD7, 0xC2,
+						0x8A, 0xCF, 0xB5, 0x58, 0x74, 0x77, 0x23, 0xD6,
+						0x72, 0x58, 0xA8, 0xAE, 0x31, 0x8A, 0x59, 0xEA,
+						0x69, 0x14, 0x6A, 0x20, 0x78, 0x79, 0x28, 0x5A,
+						0xE1, 0x76, 0x6F, 0xA6, 0x1A, 0x9E, 0x47, 0xD2,
+						0xAF, 0x63, 0xF8, 0x06, 0xF6, 0xD8, 0xD5, 0x14,
+						0xA8, 0xD1, 0xEE, 0x96, 0xCE, 0xBB, 0x8E, 0x22,
+						0x69, 0x2F, 0x52, 0x06, 0xB6, 0x6F, 0xC8, 0x99,
+						0x96, 0xEA, 0xC6, 0x1D, 0x96, 0x4C, 0x69, 0x95,
+						0xFE, 0x74, 0x04, 0x3C, 0x55, 0xD9, 0x5F, 0xE0,
+						0x41, 0x21, 0x43, 0x21, 0x5A, 0x50, 0x5D, 0x8B,
+						0xE8, 0xB2, 0x51, 0x1B, 0x7C, 0x63, 0x50, 0xAE,
+						0x97, 0x4F, 0xBA, 0x7D, 0xF2, 0xB6, 0xB6, 0x16,
+						0x1D, 0x47, 0x9E, 0x19, 0x68, 0xD4, 0x6B, 0x2B,
+						0x75, 0xCD, 0xAE, 0x65, 0x33, 0x38, 0xF6, 0x6D,
+						0xC7, 0x3E, 0x46, 0x98, 0x9E, 0x98, 0x8B, 0x45,
+						0x11, 0xA7, 0x12, 0x05, 0xB0, 0x01, 0xC3, 0x51,
+						0xA0, 0xEE, 0x7C, 0x16, 0xD1, 0x42, 0x96, 0xC4,
+						0xF0, 0x7B, 0x71, 0xCD, 0x50, 0x38, 0xA4, 0xB0,
+						0x6E, 0x6F, 0xE0, 0xBD, 0xC4, 0xF7, 0x96, 0x2B,
+						0xF1, 0x6D, 0x9F, 0xF3, 0x71, 0x89, 0xFA, 0xB4,
+						0x44, 0xA4, 0x32, 0xDC, 0xB2, 0x55, 0x13, 0x31,
+						0x83, 0x29, 0x66, 0x21, 0x3E, 0x89, 0xF8, 0x78,
+						0x97, 0x9C, 0x64, 0xF9, 0x2C, 0x0A, 0x88, 0xBC,
+						0xCA, 0x6F, 0x83, 0x42, 0xF6, 0xD7, 0x00, 0xC4,
+						0x19, 0x52, 0xB0, 0x31, 0xA8, 0xBA, 0xE8, 0xD4,
+						0xAD, 0x4B, 0x5D, 0xC0, 0x01, 0x20, 0x6C, 0xBB,
+						0x1D, 0x9A, 0x1D, 0xD4, 0x19, 0xFD, 0x33, 0xAB,
+						0xA0, 0x54, 0x50, 0x91, 0xE9, 0x75, 0x5C, 0x7E,
+						0x7E, 0xB3, 0x24, 0x79, 0xAE, 0x10, 0x3C, 0xB4,
+						0xB7, 0x0A, 0x1D, 0x86, 0xAD, 0x06, 0x95, 0xCB,
+						0x84, 0x9B, 0x0E, 0x8B, 0x77, 0x7E, 0x3E, 0xD2,
+						0xA6, 0xDF, 0xAD, 0x4E, 0xFB, 0x69, 0x23, 0xAC,
+						0x7A, 0xCB, 0xAA, 0xB0, 0x22, 0xDD, 0xD2, 0xC6,
+						0xC7, 0xAD, 0xD7, 0xDE, 0xEC, 0x6F, 0x08, 0x41,
+						0x54, 0xD5, 0x52, 0xDC, 0x77, 0xE4, 0x72, 0xF9,
+						0x16, 0xB1, 0xC9, 0xAF, 0xB1, 0x3B, 0x18, 0x99,
+						0x20, 0x9F, 0x79, 0x63, 0x7B, 0x07, 0xC7, 0x35,
+						0xDF, 0xBB, 0xCE, 0x66, 0x93, 0x1B, 0xF5, 0x82,
+						0x25, 0x67, 0xC1, 0xF2, 0xF0, 0x89, 0x0F, 0xEF,
+						0x84, 0x0D, 0x63, 0xB6, 0x7B, 0xD0, 0x40, 0x8E,
+						0xDB, 0x94, 0xCC, 0x71, 0x3C, 0xDB, 0x36, 0x14,
+						0x34, 0xFD, 0xA0, 0xB0, 0xC1, 0x45, 0x31, 0xF8,
+						0x8D, 0xD8, 0x23, 0xB1, 0x05, 0x14, 0xA9, 0x55,
+						0x3A, 0x1A, 0x37, 0x48, 0x68, 0x89, 0x3F, 0x15,
+						0x25, 0xD4, 0x99, 0x53, 0x4C, 0x85, 0x98, 0x78,
+						0x1D, 0x35, 0x4A, 0x83, 0x79, 0x9A, 0x29, 0x90,
+						0x2B, 0x45, 0x76, 0x0C, 0x13, 0x80, 0x4A, 0xE0,
+						0x40, 0xED, 0x6B, 0x2E, 0x2A, 0x43, 0xA9, 0x28,
+						0xB0, 0x2F, 0x89, 0x01, 0x6B, 0x39, 0x8C, 0x5E,
+						0x80, 0x61, 0xD9, 0xEE, 0x0F, 0x41, 0x75, 0xB5,
+						0xAE, 0xB6, 0xC2, 0x42, 0x49, 0x8D, 0x89, 0xD8,
+						0xF4, 0x78, 0x1D, 0x90, 0x46, 0x26, 0x4C, 0x56,
+						0xB7, 0xC0, 0xD9, 0x98, 0x7B, 0x07, 0xA1, 0x20)
+	}
+};
+
+START_TEST(test_ntru_privkey)
+{
+	rng_t *entropy;
+	ntru_drbg_t *drbg;
+	ntru_private_key_t *privkey;
+	ntru_public_key_t *pubkey;
+	ntru_param_set_t *params;
+	uint32_t strength;
+	chunk_t encoding, privkey_encoding, pubkey_encoding;
+
+	params = TEST_FUNCTION(ntru, ntru_param_set_get_by_id,
+						   privkey_tests[_i].id);
+	strength = params->sec_strength_len * BITS_PER_BYTE;
+	entropy = test_rng_create(privkey_tests[_i].entropy);
+	drbg = TEST_FUNCTION(ntru, ntru_drbg_create, strength,
+						 chunk_from_str("IKE NTRU-KE"), entropy);
+	ck_assert(drbg != NULL);
+
+	privkey = TEST_FUNCTION(ntru, ntru_private_key_create, drbg, params);
+	ck_assert(privkey);
+	ck_assert(privkey->get_id(privkey) == privkey_tests[_i].id);
+
+	privkey_encoding = privkey->get_encoding(privkey);
+	encoding = privkey_tests[_i].encoding;
+	ck_assert(chunk_equals(privkey_encoding, encoding));
+
+	/* load private key as a packed blob */
+	privkey->destroy(privkey);
+	privkey = TEST_FUNCTION(ntru, ntru_private_key_create_from_data,
+							drbg, chunk_empty);
+	ck_assert(privkey == NULL);
+
+	encoding = chunk_clone(encoding);
+	encoding.ptr[0] = NTRU_PUBKEY_TAG;
+	privkey = TEST_FUNCTION(ntru, ntru_private_key_create_from_data,
+							drbg, encoding);
+	ck_assert(privkey == NULL);
+
+	encoding.ptr[0] = NTRU_PRIVKEY_TRITS_TAG;
+	privkey = TEST_FUNCTION(ntru, ntru_private_key_create_from_data,
+							drbg, encoding);
+	if (params->is_product_form)
+	{
+		ck_assert(privkey == NULL);
+	}
+	else
+	{
+		ck_assert(privkey != NULL);
+		privkey->destroy(privkey);
+	}
+
+	encoding.ptr[0] = NTRU_PRIVKEY_INDICES_TAG;
+	privkey = TEST_FUNCTION(ntru, ntru_private_key_create_from_data,
+							drbg, encoding);
+	if (params->is_product_form)
+	{
+		ck_assert(privkey != NULL);
+		privkey->destroy(privkey);
+	}
+	else
+	{
+		ck_assert(privkey == NULL);
+	}
+
+	encoding.ptr[0] = NTRU_PRIVKEY_DEFAULT_TAG;
+	encoding.ptr[1] = NTRU_OID_LEN - 1;
+	privkey = TEST_FUNCTION(ntru, ntru_private_key_create_from_data,
+							drbg, encoding);
+	ck_assert(privkey == NULL);
+
+	encoding.ptr[1] = NTRU_OID_LEN;
+	encoding.ptr[2] = 0xff;
+	privkey = TEST_FUNCTION(ntru, ntru_private_key_create_from_data,
+							drbg, encoding);
+	ck_assert(privkey == NULL);
+
+	encoding.ptr[2] = params->oid[0];
+	privkey = TEST_FUNCTION(ntru, ntru_private_key_create_from_data,
+							drbg, encoding);
+	privkey_encoding = privkey->get_encoding(privkey);
+	ck_assert(chunk_equals(privkey_encoding, encoding));
+
+	pubkey = privkey->get_public_key(privkey);
+	pubkey_encoding = pubkey->get_encoding(pubkey);
+
+	encoding.ptr[0] = NTRU_PUBKEY_TAG;
+	encoding.len = pubkey_encoding.len;
+	ck_assert(chunk_equals(pubkey_encoding, encoding));
+
+	/* load public key as a packed blob */
+	pubkey->destroy(pubkey);
+	pubkey = TEST_FUNCTION(ntru, ntru_public_key_create_from_data,
+						   drbg, encoding);
+	pubkey_encoding = pubkey->get_encoding(pubkey);
+	ck_assert(chunk_equals(pubkey_encoding, encoding));
+
+	chunk_free(&encoding);
+	privkey->destroy(privkey);
+	pubkey->destroy(pubkey);
+	drbg->destroy(drbg);
+	entropy->destroy(entropy);
+}
+END_TEST
+
 START_TEST(test_ntru_ke)
 {
 	chunk_t pub_key, cipher_text, i_shared_secret, r_shared_secret;
 	diffie_hellman_t *i_ntru, *r_ntru;
 	char buf[10];
-	int n, len;
+	int k, n, len;
 	status_t status;
 
+	k = (_i) / countof(parameter_sets);
+	n = (_i) % countof(parameter_sets);
+
 	len = snprintf(buf, sizeof(buf), "%N", diffie_hellman_group_names,
-				   params[_i].group);
+				   params[k].group);
 	ck_assert(len == 8);
-	ck_assert(streq(buf, params[_i].group_name));
-
-	for (n = 0; n < countof(parameter_sets); n++)
-	{
-		lib->settings->set_str(lib->settings,
-							  "libstrongswan.plugins.ntru.parameter_set",
-							   parameter_sets[n]);
+	ck_assert(streq(buf, params[k].group_name));
 
-		i_ntru = lib->crypto->create_dh(lib->crypto, params[_i].group);
-		ck_assert(i_ntru != NULL);
-		ck_assert(i_ntru->get_dh_group(i_ntru) == params[_i].group);
+	lib->settings->set_str(lib->settings,
+				"libstrongswan.plugins.ntru.parameter_set", parameter_sets[n]);
 
-		i_ntru->get_my_public_value(i_ntru, &pub_key);
-		ck_assert(pub_key.len > 0);
+	i_ntru = lib->crypto->create_dh(lib->crypto, params[k].group);
+	ck_assert(i_ntru != NULL);
+	ck_assert(i_ntru->get_dh_group(i_ntru) == params[k].group);
 
-		r_ntru = lib->crypto->create_dh(lib->crypto, params[_i].group);
-		ck_assert(r_ntru != NULL);
+	i_ntru->get_my_public_value(i_ntru, &pub_key);
+	ck_assert(pub_key.len > 0);
 
-		r_ntru->set_other_public_value(r_ntru, pub_key);
-		r_ntru->get_my_public_value(r_ntru, &cipher_text);
-		ck_assert(cipher_text.len > 0);
+	r_ntru = lib->crypto->create_dh(lib->crypto, params[k].group);
+	ck_assert(r_ntru != NULL);
 
-		status = r_ntru->get_shared_secret(r_ntru, &r_shared_secret);
-		ck_assert(status == SUCCESS);
-		ck_assert(r_shared_secret.len > 0);
+	r_ntru->set_other_public_value(r_ntru, pub_key);
+	r_ntru->get_my_public_value(r_ntru, &cipher_text);
+	ck_assert(cipher_text.len > 0);
 
-		i_ntru->set_other_public_value(i_ntru, cipher_text);
-		status = i_ntru->get_shared_secret(i_ntru, &i_shared_secret);
+	status = r_ntru->get_shared_secret(r_ntru, &r_shared_secret);
+	ck_assert(status == SUCCESS);
+	ck_assert(r_shared_secret.len > 0);
 
-		if (status == SUCCESS)
-		{
-			ck_assert(chunk_equals(i_shared_secret, r_shared_secret));
-		}
-		else
-		{
-			ck_assert(i_shared_secret.len == 0);
-		}
+	i_ntru->set_other_public_value(i_ntru, cipher_text);
+	status = i_ntru->get_shared_secret(i_ntru, &i_shared_secret);
+	ck_assert(status == SUCCESS);
+	ck_assert(chunk_equals(i_shared_secret, r_shared_secret));
 
-		chunk_clear(&i_shared_secret);
-		chunk_clear(&r_shared_secret);
-		chunk_free(&pub_key);
-		chunk_free(&cipher_text);
-		i_ntru->destroy(i_ntru);
-		r_ntru->destroy(r_ntru);
-	}
+	chunk_clear(&i_shared_secret);
+	chunk_clear(&r_shared_secret);
+	chunk_free(&pub_key);
+	chunk_free(&cipher_text);
+	i_ntru->destroy(i_ntru);
+	r_ntru->destroy(r_ntru);
 }
 END_TEST
 
@@ -1015,8 +1390,17 @@ Suite *ntru_suite_create()
 	tcase_add_loop_test(tc, test_ntru_array, 0, countof(array_tests));
 	suite_add_tcase(s, tc);
 
+	tc = tcase_create("param_set");
+	tcase_add_test(tc, test_ntru_param_set);
+	suite_add_tcase(s, tc);
+
+	tc = tcase_create("privkey");
+	tcase_add_loop_test(tc, test_ntru_privkey, 0, countof(privkey_tests));
+	suite_add_tcase(s, tc);
+
 	tc = tcase_create("ke");
-	tcase_add_loop_test(tc, test_ntru_ke, 0, countof(params));
+	tcase_add_loop_test(tc, test_ntru_ke, 0,
+						countof(params) * countof(parameter_sets));
 	suite_add_tcase(s, tc);
 
 	tc = tcase_create("retransmission");
diff --git a/src/libstrongswan/tests/suites/test_vectors.c b/src/libstrongswan/tests/suites/test_vectors.c
index 242ac9d09..a1205d0be 100644
--- a/src/libstrongswan/tests/suites/test_vectors.c
+++ b/src/libstrongswan/tests/suites/test_vectors.c
@@ -1,4 +1,7 @@
 /*
+ * Copyright (C) 2014 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
  * Copyright (C) 2013 Martin Willi
  * Copyright (C) 2013 revosec AG
  *
@@ -15,13 +18,15 @@
 
 #include "test_suite.h"
 
-/*******************************************************************************
- * Check if test vectors have been successful during transform registration
- */
+#include <utils/test.h>
+
+IMPORT_FUNCTION_FOR_TESTS(crypto, verify_registered_algorithms, u_int,
+						  crypto_factory_t *factory);
 
 START_TEST(test_vectors)
 {
-	u_int failed = lib->crypto->get_test_vector_failures(lib->crypto);
+	u_int failed = TEST_FUNCTION(crypto, verify_registered_algorithms,
+								 lib->crypto);
 	fail_if(failed > 0, "%u test vectors failed", failed);
 }
 END_TEST
diff --git a/src/libstrongswan/tests/test_runner.c b/src/libstrongswan/tests/test_runner.c
index 0b26ee128..5ec4198e7 100644
--- a/src/libstrongswan/tests/test_runner.c
+++ b/src/libstrongswan/tests/test_runner.c
@@ -22,6 +22,7 @@
 #include <collections/array.h>
 #include <utils/test.h>
 
+#include <stdlib.h>
 #include <dirent.h>
 #include <unistd.h>
 #include <limits.h>
@@ -32,31 +33,85 @@
 #define TTY(color) tty_escape_get(2, TTY_FG_##color)
 
 /**
- * Initialize the lookup table for testable functions (defined in libstrongswan)
+ * Initialize the lookup table for testable functions (defined in
+ * libstrongswan).  We don't use the constructor attribute as the order can't
+ * really be defined (clang does not support it and gcc does not adhere to it in
+ * the monolithic build).  The function here is a weak symbol in libstrongswan.
  */
-static void testable_functions_create() __attribute__ ((constructor(1000)));
-static void testable_functions_create()
+void testable_functions_create()
 {
-	testable_functions = hashtable_create(hashtable_hash_str,
-										  hashtable_equals_str, 8);
+	if (!testable_functions)
+	{
+		testable_functions = hashtable_create(hashtable_hash_str,
+											  hashtable_equals_str, 8);
+	}
 }
 
 /**
  * Destroy the lookup table for testable functions
  */
-static void testable_functions_destroy() __attribute__ ((destructor(1000)));
+static void testable_functions_destroy() __attribute__ ((destructor));
 static void testable_functions_destroy()
 {
-	testable_functions->destroy(testable_functions);
+	DESTROY_IF(testable_functions);
 	/* if leak detective is enabled plugins are not actually unloaded, which
 	 * means their destructor is called AFTER this one when the process
-	 * terminates, even though the priority says differently, make sure this
-	 * does not crash */
+	 * terminates, make sure this does not crash */
 	testable_functions = NULL;
 }
 
 /**
- * Load all available test suites
+ * Destroy a single test suite and associated data
+ */
+static void destroy_suite(test_suite_t *suite)
+{
+	test_case_t *tcase;
+
+	while (array_remove(suite->tcases, 0, &tcase))
+	{
+		array_destroy(tcase->functions);
+		array_destroy(tcase->fixtures);
+	}
+	free(suite);
+}
+
+/**
+ * Removes and destroys test suites that are not selected.
+ */
+static void filter_suites(array_t *loaded)
+{
+	enumerator_t *enumerator, *names;
+	hashtable_t *selected;
+	test_suite_t *suite;
+	char *suites, *name;
+
+	suites = getenv("TESTS_SUITES");
+	if (!suites)
+	{
+		return;
+	}
+	selected = hashtable_create(hashtable_hash_str, hashtable_equals_str, 8);
+	names = enumerator_create_token(suites, ",", " ");
+	while (names->enumerate(names, &name))
+	{
+		selected->put(selected, name, name);
+	}
+	enumerator = array_create_enumerator(loaded);
+	while (enumerator->enumerate(enumerator, &suite))
+	{
+		if (!selected->get(selected, suite->name))
+		{
+			array_remove_at(loaded, enumerator);
+			destroy_suite(suite);
+		}
+	}
+	enumerator->destroy(enumerator);
+	selected->destroy(selected);
+	names->destroy(names);
+}
+
+/**
+ * Load all available test suites, or optionally only selected ones.
  */
 static array_t *load_suites(test_configuration_t configs[],
 							test_runner_init_t init)
@@ -91,6 +146,7 @@ static array_t *load_suites(test_configuration_t configs[],
 			array_insert(suites, -1, configs[i].suite());
 		}
 	}
+	filter_suites(suites);
 
 	if (lib->leak_detective)
 	{
@@ -112,16 +168,10 @@ static array_t *load_suites(test_configuration_t configs[],
 static void unload_suites(array_t *suites)
 {
 	test_suite_t *suite;
-	test_case_t *tcase;
 
 	while (array_remove(suites, 0, &suite))
 	{
-		while (array_remove(suite->tcases, 0, &tcase))
-		{
-			array_destroy(tcase->functions);
-			array_destroy(tcase->fixtures);
-		}
-		free(suite);
+		destroy_suite(suite);
 	}
 	array_destroy(suites);
 }
@@ -178,6 +228,9 @@ static bool call_fixture(test_case_t *tcase, bool up)
  */
 static bool pre_test(test_runner_init_t init)
 {
+	level_t level = LEVEL_SILENT;
+	char *verbosity;
+
 	library_init(NULL, "test-runner");
 
 	/* use non-blocking RNG to generate keys fast */
@@ -185,6 +238,9 @@ static bool pre_test(test_runner_init_t init)
 			"libstrongswan.plugins.random.random",
 			lib->settings->get_str(lib->settings,
 				"libstrongswan.plugins.random.urandom", "/dev/urandom"));
+	/* same for the gcrypt plugin */
+	lib->settings->set_default_str(lib->settings,
+			"libstrongswan.plugins.gcrypt.quick_random", "yes");
 
 	if (lib->leak_detective)
 	{
@@ -197,7 +253,12 @@ static bool pre_test(test_runner_init_t init)
 		library_deinit();
 		return FALSE;
 	}
-	dbg_default_set_level(LEVEL_SILENT);
+	verbosity = getenv("TESTS_VERBOSITY");
+	if (verbosity)
+	{
+		level = atoi(verbosity);
+	}
+	dbg_default_set_level(level);
 	return TRUE;
 }
 
@@ -254,7 +315,7 @@ static void sum_leaks(report_data_t *data, int count, size_t bytes,
  * Do library cleanup and optionally check for memory leaks
  */
 static bool post_test(test_runner_init_t init, bool check_leaks,
-					  array_t *failures, char *name, int i)
+					  array_t *failures, char *name, int i, int *leaks)
 {
 	report_data_t data = {
 		.failures = failures,
@@ -264,7 +325,15 @@ static bool post_test(test_runner_init_t init, bool check_leaks,
 
 	if (init)
 	{
-		init(FALSE);
+		if (test_restore_point())
+		{
+			init(FALSE);
+		}
+		else
+		{
+			library_deinit();
+			return FALSE;
+		}
 	}
 	if (check_leaks && lib->leak_detective)
 	{
@@ -274,7 +343,8 @@ static bool post_test(test_runner_init_t init, bool check_leaks,
 	}
 	library_deinit();
 
-	return data.leaks != 0;
+	*leaks = data.leaks;
+	return TRUE;
 }
 
 /**
@@ -346,7 +416,8 @@ static bool run_case(test_case_t *tcase, test_runner_init_t init)
 		{
 			if (pre_test(init))
 			{
-				bool ok = FALSE, leaks = FALSE;
+				bool ok = FALSE;
+				int leaks = 0;
 
 				test_setup_timeout(tcase->timeout);
 
@@ -363,9 +434,11 @@ static bool run_case(test_case_t *tcase, test_runner_init_t init)
 					{
 						call_fixture(tcase, FALSE);
 					}
-
 				}
-				leaks = post_test(init, ok, failures, tfun->name, i);
+				if (!post_test(init, ok, failures, tfun->name, i, &leaks))
+				{
+					ok = FALSE;
+				}
 
 				test_setup_timeout(0);
 
diff --git a/src/libstrongswan/tests/test_suite.c b/src/libstrongswan/tests/test_suite.c
index 0f2e74b7c..fb40b05c1 100644
--- a/src/libstrongswan/tests/test_suite.c
+++ b/src/libstrongswan/tests/test_suite.c
@@ -136,7 +136,8 @@ static inline void test_failure()
 	else
 	{
 		pthread_kill(main_thread, SIGUSR1);
-		/* how can we stop just the thread? longjmp to a restore point? */
+		/* terminate thread to prevent it from going wild */
+		pthread_exit(NULL);
 	}
 }
 
diff --git a/src/libstrongswan/threading/thread.c b/src/libstrongswan/threading/thread.c
index eb167d6a4..0adfb31d0 100644
--- a/src/libstrongswan/threading/thread.c
+++ b/src/libstrongswan/threading/thread.c
@@ -496,6 +496,8 @@ void threads_deinit()
 	dummy1->destroy(dummy1);
 
 	main_thread->mutex->lock(main_thread->mutex);
+	main_thread->terminated = TRUE;
+	main_thread->detached_or_joined = TRUE;
 	thread_destroy(main_thread);
 	current_thread->destroy(current_thread);
 	id_mutex->destroy(id_mutex);
diff --git a/src/libstrongswan/utils/leak_detective.c b/src/libstrongswan/utils/leak_detective.c
index 82eadcb97..af29e2100 100644
--- a/src/libstrongswan/utils/leak_detective.c
+++ b/src/libstrongswan/utils/leak_detective.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2013 Tobias Brunner
+ * Copyright (C) 2013-2014 Tobias Brunner
  * Copyright (C) 2006-2013 Martin Willi
  * Hochschule fuer Technik Rapperswil
  *
@@ -973,17 +973,20 @@ leak_detective_t *leak_detective_create()
 		},
 	);
 
+	if (getenv("LEAK_DETECTIVE_DISABLE") != NULL)
+	{
+		free(this);
+		return NULL;
+	}
+
 	lock = spinlock_create();
 	thread_disabled = thread_value_create(NULL);
 
 	init_static_allocations();
 
-	if (getenv("LEAK_DETECTIVE_DISABLE") == NULL)
+	if (register_hooks())
 	{
-		if (register_hooks())
-		{
-			enable_leak_detective();
-		}
+		enable_leak_detective();
 	}
 	return &this->public;
 }
diff --git a/src/libstrongswan/utils/leak_detective.h b/src/libstrongswan/utils/leak_detective.h
index 3fd0b8c93..ca70067d4 100644
--- a/src/libstrongswan/utils/leak_detective.h
+++ b/src/libstrongswan/utils/leak_detective.h
@@ -50,9 +50,7 @@ typedef void (*leak_detective_summary_cb_t)(void* user, int count, size_t bytes,
 										    int whitelisted);
 
 /**
- * Leak detective finds leaks and bad frees using malloc hooks.
- *
- * Currently leaks are reported to stderr on destruction.
+ * Leak detective finds leaks and invalid frees using malloc hooks.
  *
  * @todo Build an API for leak detective, allowing leak enumeration, statistics
  * and dynamic whitelisting.
@@ -62,13 +60,12 @@ struct leak_detective_t {
 	/**
 	 * Report leaks to the registered callback functions.
 	 *
-	 * @param detailed 		TRUE to resolve line/filename of leak (slow)
+	 * @param detailed 		TRUE to resolve line/filename of leaks (slow)
 	 */
 	void (*report)(leak_detective_t *this, bool detailed);
 
 	/**
-	 * Report current memory usage to out.
-	 * Set callback functions invoked during a report().
+	 * Set callback functions invoked when report() is called.
 	 *
 	 * @param cb			callback invoked for each detected leak
 	 * @param scb			summary callback invoked at end of report
@@ -78,11 +75,11 @@ struct leak_detective_t {
 						  leak_detective_summary_cb_t scb, void *user);
 
 	/**
-	 * Report current memory usage using a callbacks.
+	 * Report current memory usage using callback functions.
 	 *
 	 * @param cb			callback invoked for each allocation
 	 * @param scb			summary callback invoked at end of usage report
-	 * @param user			user data supplied to callbacks
+	 * @param user			user data to supply to callbacks
 	 */
 	void (*usage)(leak_detective_t *this, leak_detective_report_cb_t cb,
 				  leak_detective_summary_cb_t scb, void *user);
@@ -109,7 +106,10 @@ struct leak_detective_t {
 };
 
 /**
- * Create a leak_detective instance.
+ * Create a leak_detective instance, unless the LEAK_DETECTIVE_DISABLE
+ * environment variable is set.
+ *
+ * @return					leak detective instance
  */
 leak_detective_t *leak_detective_create();
 
diff --git a/src/libstrongswan/utils/settings.c b/src/libstrongswan/utils/settings.c
index 490490a1e..cf34fd1cf 100644
--- a/src/libstrongswan/utils/settings.c
+++ b/src/libstrongswan/utils/settings.c
@@ -1224,7 +1224,16 @@ static bool parse_file(linked_list_t *contents, char *file, int level,
 	{
 		if (errno == ENOENT)
 		{
-			DBG2(DBG_LIB, "'%s' does not exist, ignored", file);
+#ifdef STRONGSWAN_CONF
+			if (streq(file, STRONGSWAN_CONF))
+			{
+				DBG2(DBG_LIB, "'%s' does not exist, ignored", file);
+			}
+			else
+#endif
+			{
+				DBG1(DBG_LIB, "'%s' does not exist, ignored", file);
+			}
 			return TRUE;
 		}
 		DBG1(DBG_LIB, "failed to stat '%s': %s", file, strerror(errno));
@@ -1244,8 +1253,8 @@ static bool parse_file(linked_list_t *contents, char *file, int level,
 	fseek(fd, 0, SEEK_END);
 	len = ftell(fd);
 	rewind(fd);
-	text = malloc(len + 1);
-	text[len] = '\0';
+	text = malloc(len + 2);
+	text[len] = text[len + 1] = '\0';
 	if (fread(text, 1, len, fd) != len)
 	{
 		free(text);
@@ -1287,7 +1296,7 @@ static bool parse_files(linked_list_t *contents, char *file, int level,
 
 	if (!strlen(pattern))
 	{
-		DBG2(DBG_LIB, "empty include pattern, ignored");
+		DBG1(DBG_LIB, "empty include pattern, ignored");
 		return TRUE;
 	}
 
@@ -1318,7 +1327,7 @@ static bool parse_files(linked_list_t *contents, char *file, int level,
 		status = glob(pat, GLOB_ERR, NULL, &buf);
 		if (status == GLOB_NOMATCH)
 		{
-			DBG2(DBG_LIB, "no files found matching '%s', ignored", pat);
+			DBG1(DBG_LIB, "no files found matching '%s', ignored", pat);
 		}
 		else if (status != 0)
 		{
@@ -1509,4 +1518,3 @@ settings_t *settings_create(char *file)
 
 	return &this->public;
 }
-
diff --git a/src/libstrongswan/utils/test.c b/src/libstrongswan/utils/test.c
index 7de5a7661..624ac4b34 100644
--- a/src/libstrongswan/utils/test.c
+++ b/src/libstrongswan/utils/test.c
@@ -22,29 +22,46 @@
  */
 hashtable_t *testable_functions;
 
+/**
+ * The function that actually initializes the hash table above.  Provided
+ * by the test runner.
+ */
+void testable_functions_create() __attribute__((weak));
+
 /*
  * Described in header.
  */
 void testable_function_register(char *name, void *fn)
 {
-	if (testable_functions)
+	bool old = FALSE;
+
+	if (!testable_functions_create)
+	{	/* not linked to the test runner */
+		return;
+	}
+	else if (!fn && !testable_functions)
+	{	/* ignore as testable_functions has already been destroyed */
+		return;
+	}
+
+	if (lib && lib->leak_detective)
+	{
+		old = lib->leak_detective->set_state(lib->leak_detective, FALSE);
+	}
+	if (!testable_functions)
+	{
+		testable_functions_create();
+	}
+	if (fn)
+	{
+		testable_functions->put(testable_functions, name, fn);
+	}
+	else
+	{
+		testable_functions->remove(testable_functions, name);
+	}
+	if (lib && lib->leak_detective)
 	{
-		bool old = FALSE;
-		if (lib->leak_detective)
-		{
-			old = lib->leak_detective->set_state(lib->leak_detective, FALSE);
-		}
-		if (fn)
-		{
-			testable_functions->put(testable_functions, name, fn);
-		}
-		else
-		{
-			testable_functions->remove(testable_functions, name);
-		}
-		if (lib->leak_detective)
-		{
-			lib->leak_detective->set_state(lib->leak_detective, old);
-		}
+		lib->leak_detective->set_state(lib->leak_detective, old);
 	}
 }
diff --git a/src/libstrongswan/utils/test.h b/src/libstrongswan/utils/test.h
index 5b7289244..a1b2a2d9b 100644
--- a/src/libstrongswan/utils/test.h
+++ b/src/libstrongswan/utils/test.h
@@ -51,7 +51,7 @@ void testable_function_register(char *name, void *fn);
  * @param fn		function to register
  */
 #define EXPORT_FUNCTION_FOR_TESTS(ns, fn) \
-static void testable_function_register_##fn() __attribute__ ((constructor(2000))); \
+static void testable_function_register_##fn() __attribute__ ((constructor)); \
 static void testable_function_register_##fn() \
 { \
 	testable_function_register(#ns "/" #fn, fn); \
@@ -65,32 +65,32 @@ static void testable_function_unregister_##fn() \
 /**
  * Import a registered function so that it can be called from tests.
  *
- * @note If the imported function is static (or no conflicting header files
- * are included) ret can be prefixed with static to declare the function static.
- *
- * @note We allocate an arbitrary amount of stack space, hopefully enough for
- * all arguments.
- *
  * @param ns		namespace of the function
  * @param name		name of the function
  * @param ret		return type of the function
  * @param ...		arguments of the function
  */
 #define IMPORT_FUNCTION_FOR_TESTS(ns, name, ret, ...) \
-ret name(__VA_ARGS__) \
-{ \
-	void (*fn)() = NULL; \
+static ret (*TEST_##ns##name)(__VA_ARGS__);
+
+/**
+ * Call a registered function from tests.
+ *
+ * @param ns		namespace of the function
+ * @param name		name of the function
+ * @param ...		arguments for the function
+ */
+#define TEST_FUNCTION(ns, name, ...) \
+({ \
 	if (testable_functions) \
 	{ \
-		fn = testable_functions->get(testable_functions, #ns "/" #name); \
+		TEST_##ns##name = testable_functions->get(testable_functions, #ns "/" #name); \
 	} \
-	if (fn) \
+	if (!TEST_##ns##name) \
 	{ \
-		void *args = __builtin_apply_args(); \
-		__builtin_return(__builtin_apply(fn, args, 16*sizeof(void*))); \
+		test_fail_msg(__FILE__, __LINE__, "function " #name " (" #ns ") not found"); \
 	} \
-	test_fail_msg(__FILE__, __LINE__, "function " #name " (" #ns ") not found"); \
-	__builtin_return(NULL); \
-}
+	TEST_##ns##name(__VA_ARGS__); \
+})
 
 #endif /** TEST_H_ @}*/
diff --git a/src/libtls/Makefile.am b/src/libtls/Makefile.am
index b83ea8eba..d565a1479 100644
--- a/src/libtls/Makefile.am
+++ b/src/libtls/Makefile.am
@@ -8,6 +8,7 @@ ipseclib_LTLIBRARIES = libtls.la
 libtls_la_SOURCES = \
 	tls_protection.c tls_compression.c tls_fragmentation.c tls_alert.c \
 	tls_crypto.c tls_prf.c tls_socket.c tls_eap.c tls_cache.c tls_peer.c \
+	tls_aead_expl.c tls_aead_impl.c tls_aead_null.c tls_aead.c \
 	tls_server.c tls.c
 
 libtls_la_LIBADD = \
@@ -18,5 +19,7 @@ tls_includedir = ${dev_headers}/tls
 nobase_tls_include_HEADERS = \
 	tls_protection.h tls_compression.h tls_fragmentation.h tls_alert.h \
 	tls_crypto.h tls_prf.h tls_socket.h tls_eap.h tls_cache.h tls_peer.h \
-	tls_server.h tls_handshake.h tls_application.h tls.h
+	tls_server.h tls_handshake.h tls_application.h tls_aead.h tls.h
 endif
+
+SUBDIRS = . tests
diff --git a/src/libtls/Makefile.in b/src/libtls/Makefile.in
index 87ae2a63d..b6abd1eac 100644
--- a/src/libtls/Makefile.in
+++ b/src/libtls/Makefile.in
@@ -134,6 +134,7 @@ libtls_la_DEPENDENCIES =  \
 am_libtls_la_OBJECTS = tls_protection.lo tls_compression.lo \
 	tls_fragmentation.lo tls_alert.lo tls_crypto.lo tls_prf.lo \
 	tls_socket.lo tls_eap.lo tls_cache.lo tls_peer.lo \
+	tls_aead_expl.lo tls_aead_impl.lo tls_aead_null.lo tls_aead.lo \
 	tls_server.lo tls.lo
 libtls_la_OBJECTS = $(am_libtls_la_OBJECTS)
 AM_V_lt = $(am__v_lt_@AM_V@)
@@ -176,6 +177,14 @@ am__v_CCLD_0 = @echo "  CCLD    " $@;
 am__v_CCLD_1 = 
 SOURCES = $(libtls_la_SOURCES)
 DIST_SOURCES = $(libtls_la_SOURCES)
+RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \
+	ctags-recursive dvi-recursive html-recursive info-recursive \
+	install-data-recursive install-dvi-recursive \
+	install-exec-recursive install-html-recursive \
+	install-info-recursive install-pdf-recursive \
+	install-ps-recursive install-recursive installcheck-recursive \
+	installdirs-recursive pdf-recursive ps-recursive \
+	tags-recursive uninstall-recursive
 am__can_run_installinfo = \
   case $$AM_UPDATE_INFO_DIR in \
     n|no|NO) false;; \
@@ -184,8 +193,17 @@ am__can_run_installinfo = \
 am__nobase_tls_include_HEADERS_DIST = tls_protection.h \
 	tls_compression.h tls_fragmentation.h tls_alert.h tls_crypto.h \
 	tls_prf.h tls_socket.h tls_eap.h tls_cache.h tls_peer.h \
-	tls_server.h tls_handshake.h tls_application.h tls.h
+	tls_server.h tls_handshake.h tls_application.h tls_aead.h \
+	tls.h
 HEADERS = $(nobase_tls_include_HEADERS)
+RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive	\
+  distclean-recursive maintainer-clean-recursive
+am__recursive_targets = \
+  $(RECURSIVE_TARGETS) \
+  $(RECURSIVE_CLEAN_TARGETS) \
+  $(am__extra_recursive_targets)
+AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \
+	distdir
 am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
 # Read a list of newline-separated strings from the standard input,
 # and print each of them once, without duplicates.  Input order is
@@ -205,7 +223,33 @@ am__define_uniq_tagged_files = \
   done | $(am__uniquify_input)`
 ETAGS = etags
 CTAGS = ctags
+DIST_SUBDIRS = $(SUBDIRS)
 DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+am__relativize = \
+  dir0=`pwd`; \
+  sed_first='s,^\([^/]*\)/.*$$,\1,'; \
+  sed_rest='s,^[^/]*/*,,'; \
+  sed_last='s,^.*/\([^/]*\)$$,\1,'; \
+  sed_butlast='s,/*[^/]*$$,,'; \
+  while test -n "$$dir1"; do \
+    first=`echo "$$dir1" | sed -e "$$sed_first"`; \
+    if test "$$first" != "."; then \
+      if test "$$first" = ".."; then \
+        dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \
+        dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \
+      else \
+        first2=`echo "$$dir2" | sed -e "$$sed_first"`; \
+        if test "$$first2" = "$$first"; then \
+          dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \
+        else \
+          dir2="../$$dir2"; \
+        fi; \
+        dir0="$$dir0"/"$$first"; \
+      fi; \
+    fi; \
+    dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \
+  done; \
+  reldir="$$dir2"
 ACLOCAL = @ACLOCAL@
 ALLOCA = @ALLOCA@
 AMTAR = @AMTAR@
@@ -375,7 +419,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
@@ -425,6 +468,7 @@ ipseclib_LTLIBRARIES = libtls.la
 libtls_la_SOURCES = \
 	tls_protection.c tls_compression.c tls_fragmentation.c tls_alert.c \
 	tls_crypto.c tls_prf.c tls_socket.c tls_eap.c tls_cache.c tls_peer.c \
+	tls_aead_expl.c tls_aead_impl.c tls_aead_null.c tls_aead.c \
 	tls_server.c tls.c
 
 libtls_la_LIBADD = \
@@ -434,9 +478,10 @@ libtls_la_LIBADD = \
 @USE_DEV_HEADERS_TRUE@nobase_tls_include_HEADERS = \
 @USE_DEV_HEADERS_TRUE@	tls_protection.h tls_compression.h tls_fragmentation.h tls_alert.h \
 @USE_DEV_HEADERS_TRUE@	tls_crypto.h tls_prf.h tls_socket.h tls_eap.h tls_cache.h tls_peer.h \
-@USE_DEV_HEADERS_TRUE@	tls_server.h tls_handshake.h tls_application.h tls.h
+@USE_DEV_HEADERS_TRUE@	tls_server.h tls_handshake.h tls_application.h tls_aead.h tls.h
 
-all: all-am
+SUBDIRS = . tests
+all: all-recursive
 
 .SUFFIXES:
 .SUFFIXES: .c .lo .o .obj
@@ -516,6 +561,10 @@ distclean-compile:
 	-rm -f *.tab.c
 
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tls.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tls_aead.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tls_aead_expl.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tls_aead_impl.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tls_aead_null.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tls_alert.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tls_cache.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tls_compression.Plo@am__quote@
@@ -582,14 +631,61 @@ uninstall-nobase_tls_includeHEADERS:
 	$(am__nobase_strip_setup); files=`$(am__nobase_strip)`; \
 	dir='$(DESTDIR)$(tls_includedir)'; $(am__uninstall_files_from_dir)
 
+# This directory's subdirectories are mostly independent; you can cd
+# into them and run 'make' without going through this Makefile.
+# To change the values of 'make' variables: instead of editing Makefiles,
+# (1) if the variable is set in 'config.status', edit 'config.status'
+#     (which will cause the Makefiles to be regenerated when you run 'make');
+# (2) otherwise, pass the desired values on the 'make' command line.
+$(am__recursive_targets):
+	@fail=; \
+	if $(am__make_keepgoing); then \
+	  failcom='fail=yes'; \
+	else \
+	  failcom='exit 1'; \
+	fi; \
+	dot_seen=no; \
+	target=`echo $@ | sed s/-recursive//`; \
+	case "$@" in \
+	  distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
+	  *) list='$(SUBDIRS)' ;; \
+	esac; \
+	for subdir in $$list; do \
+	  echo "Making $$target in $$subdir"; \
+	  if test "$$subdir" = "."; then \
+	    dot_seen=yes; \
+	    local_target="$$target-am"; \
+	  else \
+	    local_target="$$target"; \
+	  fi; \
+	  ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+	  || eval $$failcom; \
+	done; \
+	if test "$$dot_seen" = "no"; then \
+	  $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
+	fi; test -z "$$fail"
+
 ID: $(am__tagged_files)
 	$(am__define_uniq_tagged_files); mkid -fID $$unique
-tags: tags-am
+tags: tags-recursive
 TAGS: tags
 
 tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
 	set x; \
 	here=`pwd`; \
+	if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \
+	  include_option=--etags-include; \
+	  empty_fix=.; \
+	else \
+	  include_option=--include; \
+	  empty_fix=; \
+	fi; \
+	list='$(SUBDIRS)'; for subdir in $$list; do \
+	  if test "$$subdir" = .; then :; else \
+	    test ! -f $$subdir/TAGS || \
+	      set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \
+	  fi; \
+	done; \
 	$(am__define_uniq_tagged_files); \
 	shift; \
 	if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
@@ -602,7 +698,7 @@ tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
 	      $$unique; \
 	  fi; \
 	fi
-ctags: ctags-am
+ctags: ctags-recursive
 
 CTAGS: ctags
 ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
@@ -615,7 +711,7 @@ GTAGS:
 	here=`$(am__cd) $(top_builddir) && pwd` \
 	  && $(am__cd) $(top_srcdir) \
 	  && gtags -i $(GTAGS_ARGS) "$$here"
-cscopelist: cscopelist-am
+cscopelist: cscopelist-recursive
 
 cscopelist-am: $(am__tagged_files)
 	list='$(am__tagged_files)'; \
@@ -664,22 +760,48 @@ distdir: $(DISTFILES)
 	    || exit 1; \
 	  fi; \
 	done
+	@list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
+	  if test "$$subdir" = .; then :; else \
+	    $(am__make_dryrun) \
+	      || test -d "$(distdir)/$$subdir" \
+	      || $(MKDIR_P) "$(distdir)/$$subdir" \
+	      || exit 1; \
+	    dir1=$$subdir; dir2="$(distdir)/$$subdir"; \
+	    $(am__relativize); \
+	    new_distdir=$$reldir; \
+	    dir1=$$subdir; dir2="$(top_distdir)"; \
+	    $(am__relativize); \
+	    new_top_distdir=$$reldir; \
+	    echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \
+	    echo "     am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \
+	    ($(am__cd) $$subdir && \
+	      $(MAKE) $(AM_MAKEFLAGS) \
+	        top_distdir="$$new_top_distdir" \
+	        distdir="$$new_distdir" \
+		am__remove_distdir=: \
+		am__skip_length_check=: \
+		am__skip_mode_fix=: \
+	        distdir) \
+	      || exit 1; \
+	  fi; \
+	done
 check-am: all-am
-check: check-am
+check: check-recursive
 all-am: Makefile $(LTLIBRARIES) $(HEADERS)
-installdirs:
+installdirs: installdirs-recursive
+installdirs-am:
 	for dir in "$(DESTDIR)$(ipseclibdir)" "$(DESTDIR)$(tls_includedir)"; do \
 	  test -z "$$dir" || $(MKDIR_P) "$$dir"; \
 	done
-install: install-am
-install-exec: install-exec-am
-install-data: install-data-am
-uninstall: uninstall-am
+install: install-recursive
+install-exec: install-exec-recursive
+install-data: install-data-recursive
+uninstall: uninstall-recursive
 
 install-am: all-am
 	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
 
-installcheck: installcheck-am
+installcheck: installcheck-recursive
 install-strip:
 	if test -z '$(STRIP)'; then \
 	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
@@ -701,92 +823,93 @@ distclean-generic:
 maintainer-clean-generic:
 	@echo "This command is intended for maintainers to use"
 	@echo "it deletes files that may require special tools to rebuild."
-clean: clean-am
+clean: clean-recursive
 
 clean-am: clean-generic clean-ipseclibLTLIBRARIES clean-libtool \
 	mostlyclean-am
 
-distclean: distclean-am
+distclean: distclean-recursive
 	-rm -rf ./$(DEPDIR)
 	-rm -f Makefile
 distclean-am: clean-am distclean-compile distclean-generic \
 	distclean-tags
 
-dvi: dvi-am
+dvi: dvi-recursive
 
 dvi-am:
 
-html: html-am
+html: html-recursive
 
 html-am:
 
-info: info-am
+info: info-recursive
 
 info-am:
 
 install-data-am: install-ipseclibLTLIBRARIES \
 	install-nobase_tls_includeHEADERS
 
-install-dvi: install-dvi-am
+install-dvi: install-dvi-recursive
 
 install-dvi-am:
 
 install-exec-am:
 
-install-html: install-html-am
+install-html: install-html-recursive
 
 install-html-am:
 
-install-info: install-info-am
+install-info: install-info-recursive
 
 install-info-am:
 
 install-man:
 
-install-pdf: install-pdf-am
+install-pdf: install-pdf-recursive
 
 install-pdf-am:
 
-install-ps: install-ps-am
+install-ps: install-ps-recursive
 
 install-ps-am:
 
 installcheck-am:
 
-maintainer-clean: maintainer-clean-am
+maintainer-clean: maintainer-clean-recursive
 	-rm -rf ./$(DEPDIR)
 	-rm -f Makefile
 maintainer-clean-am: distclean-am maintainer-clean-generic
 
-mostlyclean: mostlyclean-am
+mostlyclean: mostlyclean-recursive
 
 mostlyclean-am: mostlyclean-compile mostlyclean-generic \
 	mostlyclean-libtool
 
-pdf: pdf-am
+pdf: pdf-recursive
 
 pdf-am:
 
-ps: ps-am
+ps: ps-recursive
 
 ps-am:
 
 uninstall-am: uninstall-ipseclibLTLIBRARIES \
 	uninstall-nobase_tls_includeHEADERS
 
-.MAKE: install-am install-strip
-
-.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \
-	clean-ipseclibLTLIBRARIES clean-libtool cscopelist-am ctags \
-	ctags-am distclean distclean-compile distclean-generic \
-	distclean-libtool distclean-tags distdir dvi dvi-am html \
-	html-am info info-am install install-am install-data \
-	install-data-am install-dvi install-dvi-am install-exec \
-	install-exec-am install-html install-html-am install-info \
-	install-info-am install-ipseclibLTLIBRARIES install-man \
+.MAKE: $(am__recursive_targets) install-am install-strip
+
+.PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am check \
+	check-am clean clean-generic clean-ipseclibLTLIBRARIES \
+	clean-libtool cscopelist-am ctags ctags-am distclean \
+	distclean-compile distclean-generic distclean-libtool \
+	distclean-tags distdir dvi dvi-am html html-am info info-am \
+	install install-am install-data install-data-am install-dvi \
+	install-dvi-am install-exec install-exec-am install-html \
+	install-html-am install-info install-info-am \
+	install-ipseclibLTLIBRARIES install-man \
 	install-nobase_tls_includeHEADERS install-pdf install-pdf-am \
 	install-ps install-ps-am install-strip installcheck \
-	installcheck-am installdirs maintainer-clean \
+	installcheck-am installdirs installdirs-am maintainer-clean \
 	maintainer-clean-generic mostlyclean mostlyclean-compile \
 	mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
 	tags tags-am uninstall uninstall-am \
diff --git a/src/libtls/tests/Makefile.am b/src/libtls/tests/Makefile.am
new file mode 100644
index 000000000..1c0e2f941
--- /dev/null
+++ b/src/libtls/tests/Makefile.am
@@ -0,0 +1,22 @@
+TESTS = tls_tests
+
+check_PROGRAMS = $(TESTS)
+
+tls_tests_SOURCES = \
+	suites/test_socket.c \
+	suites/test_suites.c \
+	tls_tests.h tls_tests.c
+
+tls_tests_CFLAGS = \
+	-I$(top_srcdir)/src/libtls \
+	-I$(top_srcdir)/src/libstrongswan \
+	-I$(top_srcdir)/src/libstrongswan/tests \
+	-DPLUGINDIR=\""$(top_builddir)/src/libstrongswan/plugins\"" \
+	-DPLUGINS=\""${s_plugins}\"" \
+	@COVERAGE_CFLAGS@
+
+tls_tests_LDFLAGS = @COVERAGE_LDFLAGS@
+tls_tests_LDADD = \
+	$(top_builddir)/src/libtls/libtls.la \
+	$(top_builddir)/src/libstrongswan/libstrongswan.la \
+	$(top_builddir)/src/libstrongswan/tests/libtest.la
diff --git a/src/libtls/tests/Makefile.in b/src/libtls/tests/Makefile.in
new file mode 100644
index 000000000..0b8ba33c4
--- /dev/null
+++ b/src/libtls/tests/Makefile.in
@@ -0,0 +1,872 @@
+# Makefile.in generated by automake 1.13.3 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+VPATH = @srcdir@
+am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__make_running_with_option = \
+  case $${target_option-} in \
+      ?) ;; \
+      *) echo "am__make_running_with_option: internal error: invalid" \
+              "target option '$${target_option-}' specified" >&2; \
+         exit 1;; \
+  esac; \
+  has_opt=no; \
+  sane_makeflags=$$MAKEFLAGS; \
+  if $(am__is_gnu_make); then \
+    sane_makeflags=$$MFLAGS; \
+  else \
+    case $$MAKEFLAGS in \
+      *\\[\ \	]*) \
+        bs=\\; \
+        sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+          | sed "s/$$bs$$bs[$$bs $$bs	]*//g"`;; \
+    esac; \
+  fi; \
+  skip_next=no; \
+  strip_trailopt () \
+  { \
+    flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+  }; \
+  for flg in $$sane_makeflags; do \
+    test $$skip_next = yes && { skip_next=no; continue; }; \
+    case $$flg in \
+      *=*|--*) continue;; \
+        -*I) strip_trailopt 'I'; skip_next=yes;; \
+      -*I?*) strip_trailopt 'I';; \
+        -*O) strip_trailopt 'O'; skip_next=yes;; \
+      -*O?*) strip_trailopt 'O';; \
+        -*l) strip_trailopt 'l'; skip_next=yes;; \
+      -*l?*) strip_trailopt 'l';; \
+      -[dEDm]) skip_next=yes;; \
+      -[JT]) skip_next=yes;; \
+    esac; \
+    case $$flg in \
+      *$$target_option*) has_opt=yes; break;; \
+    esac; \
+  done; \
+  test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+TESTS = tls_tests$(EXEEXT)
+check_PROGRAMS = $(am__EXEEXT_1)
+subdir = src/libtls/tests
+DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
+	$(top_srcdir)/depcomp
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
+	$(top_srcdir)/m4/config/ltoptions.m4 \
+	$(top_srcdir)/m4/config/ltsugar.m4 \
+	$(top_srcdir)/m4/config/ltversion.m4 \
+	$(top_srcdir)/m4/config/lt~obsolete.m4 \
+	$(top_srcdir)/m4/macros/split-package-version.m4 \
+	$(top_srcdir)/m4/macros/with.m4 \
+	$(top_srcdir)/m4/macros/enable-disable.m4 \
+	$(top_srcdir)/m4/macros/add-plugin.m4 \
+	$(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+	$(ACLOCAL_M4)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+am__EXEEXT_1 = tls_tests$(EXEEXT)
+am__dirstamp = $(am__leading_dot)dirstamp
+am_tls_tests_OBJECTS = suites/tls_tests-test_socket.$(OBJEXT) \
+	suites/tls_tests-test_suites.$(OBJEXT) \
+	tls_tests-tls_tests.$(OBJEXT)
+tls_tests_OBJECTS = $(am_tls_tests_OBJECTS)
+tls_tests_DEPENDENCIES = $(top_builddir)/src/libtls/libtls.la \
+	$(top_builddir)/src/libstrongswan/libstrongswan.la \
+	$(top_builddir)/src/libstrongswan/tests/libtest.la
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 = 
+tls_tests_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(tls_tests_CFLAGS) \
+	$(CFLAGS) $(tls_tests_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN     " $@;
+am__v_GEN_1 = 
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 = 
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+	$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+	$(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo "  CC      " $@;
+am__v_CC_1 = 
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+	$(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo "  CCLD    " $@;
+am__v_CCLD_1 = 
+SOURCES = $(tls_tests_SOURCES)
+DIST_SOURCES = $(tls_tests_SOURCES)
+am__can_run_installinfo = \
+  case $$AM_UPDATE_INFO_DIR in \
+    n|no|NO) false;; \
+    *) (install-info --version) >/dev/null 2>&1;; \
+  esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates.  Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+  BEGIN { nonempty = 0; } \
+  { items[$$0] = 1; nonempty = 1; } \
+  END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique.  This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+  list='$(am__tagged_files)'; \
+  unique=`for i in $$list; do \
+    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+  done | $(am__uniquify_input)`
+ETAGS = etags
+CTAGS = ctags
+am__tty_colors_dummy = \
+  mgn= red= grn= lgn= blu= brg= std=; \
+  am__color_tests=no
+am__tty_colors = { \
+  $(am__tty_colors_dummy); \
+  if test "X$(AM_COLOR_TESTS)" = Xno; then \
+    am__color_tests=no; \
+  elif test "X$(AM_COLOR_TESTS)" = Xalways; then \
+    am__color_tests=yes; \
+  elif test "X$$TERM" != Xdumb && { test -t 1; } 2>/dev/null; then \
+    am__color_tests=yes; \
+  fi; \
+  if test $$am__color_tests = yes; then \
+    red=''; \
+    grn=''; \
+    lgn=''; \
+    blu=''; \
+    mgn=''; \
+    brg=''; \
+    std=''; \
+  fi; \
+}
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BFDLIB = @BFDLIB@
+BTLIB = @BTLIB@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
+COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+GENHTML = @GENHTML@
+GPERF = @GPERF@
+GPRBUILD = @GPRBUILD@
+GREP = @GREP@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LCOV = @LCOV@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MYSQLCFLAG = @MYSQLCFLAG@
+MYSQLCONFIG = @MYSQLCONFIG@
+MYSQLLIB = @MYSQLLIB@
+NM = @NM@
+NMEDIT = @NMEDIT@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PACKAGE_VERSION_BUILD = @PACKAGE_VERSION_BUILD@
+PACKAGE_VERSION_MAJOR = @PACKAGE_VERSION_MAJOR@
+PACKAGE_VERSION_MINOR = @PACKAGE_VERSION_MINOR@
+PACKAGE_VERSION_REVIEW = @PACKAGE_VERSION_REVIEW@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
+RANLIB = @RANLIB@
+RTLIB = @RTLIB@
+RUBY = @RUBY@
+RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
+STRIP = @STRIP@
+UNWINDLIB = @UNWINDLIB@
+VERSION = @VERSION@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+attest_plugins = @attest_plugins@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+c_plugins = @c_plugins@
+charon_natt_port = @charon_natt_port@
+charon_plugins = @charon_plugins@
+charon_udp_port = @charon_udp_port@
+clearsilver_LIBS = @clearsilver_LIBS@
+cmd_plugins = @cmd_plugins@
+datadir = @datadir@
+datarootdir = @datarootdir@
+dbusservicedir = @dbusservicedir@
+dev_headers = @dev_headers@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+fips_mode = @fips_mode@
+gtk_CFLAGS = @gtk_CFLAGS@
+gtk_LIBS = @gtk_LIBS@
+h_plugins = @h_plugins@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+imcvdir = @imcvdir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+ipsec_script = @ipsec_script@
+ipsec_script_upper = @ipsec_script_upper@
+ipsecdir = @ipsecdir@
+ipsecgroup = @ipsecgroup@
+ipseclibdir = @ipseclibdir@
+ipsecuser = @ipsecuser@
+libdir = @libdir@
+libexecdir = @libexecdir@
+linux_headers = @linux_headers@
+localedir = @localedir@
+localstatedir = @localstatedir@
+maemo_CFLAGS = @maemo_CFLAGS@
+maemo_LIBS = @maemo_LIBS@
+manager_plugins = @manager_plugins@
+mandir = @mandir@
+medsrv_plugins = @medsrv_plugins@
+mkdir_p = @mkdir_p@
+nm_CFLAGS = @nm_CFLAGS@
+nm_LIBS = @nm_LIBS@
+nm_ca_dir = @nm_ca_dir@
+nm_plugins = @nm_plugins@
+oldincludedir = @oldincludedir@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
+pdfdir = @pdfdir@
+piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
+pki_plugins = @pki_plugins@
+plugindir = @plugindir@
+pool_plugins = @pool_plugins@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
+random_device = @random_device@
+resolv_conf = @resolv_conf@
+routing_table = @routing_table@
+routing_table_prio = @routing_table_prio@
+s_plugins = @s_plugins@
+sbindir = @sbindir@
+scepclient_plugins = @scepclient_plugins@
+scripts_plugins = @scripts_plugins@
+sharedstatedir = @sharedstatedir@
+soup_CFLAGS = @soup_CFLAGS@
+soup_LIBS = @soup_LIBS@
+srcdir = @srcdir@
+starter_plugins = @starter_plugins@
+strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
+sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
+t_plugins = @t_plugins@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+urandom_device = @urandom_device@
+xml_CFLAGS = @xml_CFLAGS@
+xml_LIBS = @xml_LIBS@
+tls_tests_SOURCES = \
+	suites/test_socket.c \
+	suites/test_suites.c \
+	tls_tests.h tls_tests.c
+
+tls_tests_CFLAGS = \
+	-I$(top_srcdir)/src/libtls \
+	-I$(top_srcdir)/src/libstrongswan \
+	-I$(top_srcdir)/src/libstrongswan/tests \
+	-DPLUGINDIR=\""$(top_builddir)/src/libstrongswan/plugins\"" \
+	-DPLUGINS=\""${s_plugins}\"" \
+	@COVERAGE_CFLAGS@
+
+tls_tests_LDFLAGS = @COVERAGE_LDFLAGS@
+tls_tests_LDADD = \
+	$(top_builddir)/src/libtls/libtls.la \
+	$(top_builddir)/src/libstrongswan/libstrongswan.la \
+	$(top_builddir)/src/libstrongswan/tests/libtest.la
+
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in:  $(srcdir)/Makefile.am  $(am__configure_deps)
+	@for dep in $?; do \
+	  case '$(am__configure_deps)' in \
+	    *$$dep*) \
+	      ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+	        && { if test -f $@; then exit 0; else break; fi; }; \
+	      exit 1;; \
+	  esac; \
+	done; \
+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libtls/tests/Makefile'; \
+	$(am__cd) $(top_srcdir) && \
+	  $(AUTOMAKE) --gnu src/libtls/tests/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+	@case '$?' in \
+	  *config.status*) \
+	    cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+	  *) \
+	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+	esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure:  $(am__configure_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4):  $(am__aclocal_m4_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+clean-checkPROGRAMS:
+	@list='$(check_PROGRAMS)'; test -n "$$list" || exit 0; \
+	echo " rm -f" $$list; \
+	rm -f $$list || exit $$?; \
+	test -n "$(EXEEXT)" || exit 0; \
+	list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \
+	echo " rm -f" $$list; \
+	rm -f $$list
+suites/$(am__dirstamp):
+	@$(MKDIR_P) suites
+	@: > suites/$(am__dirstamp)
+suites/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) suites/$(DEPDIR)
+	@: > suites/$(DEPDIR)/$(am__dirstamp)
+suites/tls_tests-test_socket.$(OBJEXT): suites/$(am__dirstamp) \
+	suites/$(DEPDIR)/$(am__dirstamp)
+suites/tls_tests-test_suites.$(OBJEXT): suites/$(am__dirstamp) \
+	suites/$(DEPDIR)/$(am__dirstamp)
+
+tls_tests$(EXEEXT): $(tls_tests_OBJECTS) $(tls_tests_DEPENDENCIES) $(EXTRA_tls_tests_DEPENDENCIES) 
+	@rm -f tls_tests$(EXEEXT)
+	$(AM_V_CCLD)$(tls_tests_LINK) $(tls_tests_OBJECTS) $(tls_tests_LDADD) $(LIBS)
+
+mostlyclean-compile:
+	-rm -f *.$(OBJEXT)
+	-rm -f suites/*.$(OBJEXT)
+
+distclean-compile:
+	-rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tls_tests-tls_tests.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tls_tests-test_socket.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tls_tests-test_suites.Po@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@	$(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+suites/tls_tests-test_socket.o: suites/test_socket.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tls_tests_CFLAGS) $(CFLAGS) -MT suites/tls_tests-test_socket.o -MD -MP -MF suites/$(DEPDIR)/tls_tests-test_socket.Tpo -c -o suites/tls_tests-test_socket.o `test -f 'suites/test_socket.c' || echo '$(srcdir)/'`suites/test_socket.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) suites/$(DEPDIR)/tls_tests-test_socket.Tpo suites/$(DEPDIR)/tls_tests-test_socket.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='suites/test_socket.c' object='suites/tls_tests-test_socket.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tls_tests_CFLAGS) $(CFLAGS) -c -o suites/tls_tests-test_socket.o `test -f 'suites/test_socket.c' || echo '$(srcdir)/'`suites/test_socket.c
+
+suites/tls_tests-test_socket.obj: suites/test_socket.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tls_tests_CFLAGS) $(CFLAGS) -MT suites/tls_tests-test_socket.obj -MD -MP -MF suites/$(DEPDIR)/tls_tests-test_socket.Tpo -c -o suites/tls_tests-test_socket.obj `if test -f 'suites/test_socket.c'; then $(CYGPATH_W) 'suites/test_socket.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_socket.c'; fi`
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) suites/$(DEPDIR)/tls_tests-test_socket.Tpo suites/$(DEPDIR)/tls_tests-test_socket.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='suites/test_socket.c' object='suites/tls_tests-test_socket.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tls_tests_CFLAGS) $(CFLAGS) -c -o suites/tls_tests-test_socket.obj `if test -f 'suites/test_socket.c'; then $(CYGPATH_W) 'suites/test_socket.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_socket.c'; fi`
+
+suites/tls_tests-test_suites.o: suites/test_suites.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tls_tests_CFLAGS) $(CFLAGS) -MT suites/tls_tests-test_suites.o -MD -MP -MF suites/$(DEPDIR)/tls_tests-test_suites.Tpo -c -o suites/tls_tests-test_suites.o `test -f 'suites/test_suites.c' || echo '$(srcdir)/'`suites/test_suites.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) suites/$(DEPDIR)/tls_tests-test_suites.Tpo suites/$(DEPDIR)/tls_tests-test_suites.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='suites/test_suites.c' object='suites/tls_tests-test_suites.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tls_tests_CFLAGS) $(CFLAGS) -c -o suites/tls_tests-test_suites.o `test -f 'suites/test_suites.c' || echo '$(srcdir)/'`suites/test_suites.c
+
+suites/tls_tests-test_suites.obj: suites/test_suites.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tls_tests_CFLAGS) $(CFLAGS) -MT suites/tls_tests-test_suites.obj -MD -MP -MF suites/$(DEPDIR)/tls_tests-test_suites.Tpo -c -o suites/tls_tests-test_suites.obj `if test -f 'suites/test_suites.c'; then $(CYGPATH_W) 'suites/test_suites.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_suites.c'; fi`
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) suites/$(DEPDIR)/tls_tests-test_suites.Tpo suites/$(DEPDIR)/tls_tests-test_suites.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='suites/test_suites.c' object='suites/tls_tests-test_suites.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tls_tests_CFLAGS) $(CFLAGS) -c -o suites/tls_tests-test_suites.obj `if test -f 'suites/test_suites.c'; then $(CYGPATH_W) 'suites/test_suites.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_suites.c'; fi`
+
+tls_tests-tls_tests.o: tls_tests.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tls_tests_CFLAGS) $(CFLAGS) -MT tls_tests-tls_tests.o -MD -MP -MF $(DEPDIR)/tls_tests-tls_tests.Tpo -c -o tls_tests-tls_tests.o `test -f 'tls_tests.c' || echo '$(srcdir)/'`tls_tests.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/tls_tests-tls_tests.Tpo $(DEPDIR)/tls_tests-tls_tests.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='tls_tests.c' object='tls_tests-tls_tests.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tls_tests_CFLAGS) $(CFLAGS) -c -o tls_tests-tls_tests.o `test -f 'tls_tests.c' || echo '$(srcdir)/'`tls_tests.c
+
+tls_tests-tls_tests.obj: tls_tests.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tls_tests_CFLAGS) $(CFLAGS) -MT tls_tests-tls_tests.obj -MD -MP -MF $(DEPDIR)/tls_tests-tls_tests.Tpo -c -o tls_tests-tls_tests.obj `if test -f 'tls_tests.c'; then $(CYGPATH_W) 'tls_tests.c'; else $(CYGPATH_W) '$(srcdir)/tls_tests.c'; fi`
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/tls_tests-tls_tests.Tpo $(DEPDIR)/tls_tests-tls_tests.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='tls_tests.c' object='tls_tests-tls_tests.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tls_tests_CFLAGS) $(CFLAGS) -c -o tls_tests-tls_tests.obj `if test -f 'tls_tests.c'; then $(CYGPATH_W) 'tls_tests.c'; else $(CYGPATH_W) '$(srcdir)/tls_tests.c'; fi`
+
+mostlyclean-libtool:
+	-rm -f *.lo
+
+clean-libtool:
+	-rm -rf .libs _libs
+
+ID: $(am__tagged_files)
+	$(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	set x; \
+	here=`pwd`; \
+	$(am__define_uniq_tagged_files); \
+	shift; \
+	if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+	  test -n "$$unique" || unique=$$empty_fix; \
+	  if test $$# -gt 0; then \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      "$$@" $$unique; \
+	  else \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      $$unique; \
+	  fi; \
+	fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	$(am__define_uniq_tagged_files); \
+	test -z "$(CTAGS_ARGS)$$unique" \
+	  || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+	     $$unique
+
+GTAGS:
+	here=`$(am__cd) $(top_builddir) && pwd` \
+	  && $(am__cd) $(top_srcdir) \
+	  && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+	list='$(am__tagged_files)'; \
+	case "$(srcdir)" in \
+	  [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+	  *) sdir=$(subdir)/$(srcdir) ;; \
+	esac; \
+	for i in $$list; do \
+	  if test -f "$$i"; then \
+	    echo "$(subdir)/$$i"; \
+	  else \
+	    echo "$$sdir/$$i"; \
+	  fi; \
+	done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+	-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+	@failed=0; all=0; xfail=0; xpass=0; skip=0; \
+	srcdir=$(srcdir); export srcdir; \
+	list=' $(TESTS) '; \
+	$(am__tty_colors); \
+	if test -n "$$list"; then \
+	  for tst in $$list; do \
+	    if test -f ./$$tst; then dir=./; \
+	    elif test -f $$tst; then dir=; \
+	    else dir="$(srcdir)/"; fi; \
+	    if $(TESTS_ENVIRONMENT) $${dir}$$tst $(AM_TESTS_FD_REDIRECT); then \
+	      all=`expr $$all + 1`; \
+	      case " $(XFAIL_TESTS) " in \
+	      *[\ \	]$$tst[\ \	]*) \
+		xpass=`expr $$xpass + 1`; \
+		failed=`expr $$failed + 1`; \
+		col=$$red; res=XPASS; \
+	      ;; \
+	      *) \
+		col=$$grn; res=PASS; \
+	      ;; \
+	      esac; \
+	    elif test $$? -ne 77; then \
+	      all=`expr $$all + 1`; \
+	      case " $(XFAIL_TESTS) " in \
+	      *[\ \	]$$tst[\ \	]*) \
+		xfail=`expr $$xfail + 1`; \
+		col=$$lgn; res=XFAIL; \
+	      ;; \
+	      *) \
+		failed=`expr $$failed + 1`; \
+		col=$$red; res=FAIL; \
+	      ;; \
+	      esac; \
+	    else \
+	      skip=`expr $$skip + 1`; \
+	      col=$$blu; res=SKIP; \
+	    fi; \
+	    echo "$${col}$$res$${std}: $$tst"; \
+	  done; \
+	  if test "$$all" -eq 1; then \
+	    tests="test"; \
+	    All=""; \
+	  else \
+	    tests="tests"; \
+	    All="All "; \
+	  fi; \
+	  if test "$$failed" -eq 0; then \
+	    if test "$$xfail" -eq 0; then \
+	      banner="$$All$$all $$tests passed"; \
+	    else \
+	      if test "$$xfail" -eq 1; then failures=failure; else failures=failures; fi; \
+	      banner="$$All$$all $$tests behaved as expected ($$xfail expected $$failures)"; \
+	    fi; \
+	  else \
+	    if test "$$xpass" -eq 0; then \
+	      banner="$$failed of $$all $$tests failed"; \
+	    else \
+	      if test "$$xpass" -eq 1; then passes=pass; else passes=passes; fi; \
+	      banner="$$failed of $$all $$tests did not behave as expected ($$xpass unexpected $$passes)"; \
+	    fi; \
+	  fi; \
+	  dashes="$$banner"; \
+	  skipped=""; \
+	  if test "$$skip" -ne 0; then \
+	    if test "$$skip" -eq 1; then \
+	      skipped="($$skip test was not run)"; \
+	    else \
+	      skipped="($$skip tests were not run)"; \
+	    fi; \
+	    test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+	      dashes="$$skipped"; \
+	  fi; \
+	  report=""; \
+	  if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+	    report="Please report to $(PACKAGE_BUGREPORT)"; \
+	    test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+	      dashes="$$report"; \
+	  fi; \
+	  dashes=`echo "$$dashes" | sed s/./=/g`; \
+	  if test "$$failed" -eq 0; then \
+	    col="$$grn"; \
+	  else \
+	    col="$$red"; \
+	  fi; \
+	  echo "$${col}$$dashes$${std}"; \
+	  echo "$${col}$$banner$${std}"; \
+	  test -z "$$skipped" || echo "$${col}$$skipped$${std}"; \
+	  test -z "$$report" || echo "$${col}$$report$${std}"; \
+	  echo "$${col}$$dashes$${std}"; \
+	  test "$$failed" -eq 0; \
+	else :; fi
+
+distdir: $(DISTFILES)
+	@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	list='$(DISTFILES)'; \
+	  dist_files=`for file in $$list; do echo $$file; done | \
+	  sed -e "s|^$$srcdirstrip/||;t" \
+	      -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+	case $$dist_files in \
+	  */*) $(MKDIR_P) `echo "$$dist_files" | \
+			   sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+			   sort -u` ;; \
+	esac; \
+	for file in $$dist_files; do \
+	  if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+	  if test -d $$d/$$file; then \
+	    dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+	    if test -d "$(distdir)/$$file"; then \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+	      cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+	  else \
+	    test -f "$(distdir)/$$file" \
+	    || cp -p $$d/$$file "$(distdir)/$$file" \
+	    || exit 1; \
+	  fi; \
+	done
+check-am: all-am
+	$(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS)
+	$(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: check-am
+all-am: Makefile
+installdirs:
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+	-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+	-rm -f suites/$(DEPDIR)/$(am__dirstamp)
+	-rm -f suites/$(am__dirstamp)
+
+maintainer-clean-generic:
+	@echo "This command is intended for maintainers to use"
+	@echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-checkPROGRAMS clean-generic clean-libtool \
+	mostlyclean-am
+
+distclean: distclean-am
+	-rm -rf ./$(DEPDIR) suites/$(DEPDIR)
+	-rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+	distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+	-rm -rf ./$(DEPDIR) suites/$(DEPDIR)
+	-rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+	mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am:
+
+.MAKE: check-am install-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am check check-TESTS check-am clean \
+	clean-checkPROGRAMS clean-generic clean-libtool cscopelist-am \
+	ctags ctags-am distclean distclean-compile distclean-generic \
+	distclean-libtool distclean-tags distdir dvi dvi-am html \
+	html-am info info-am install install-am install-data \
+	install-data-am install-dvi install-dvi-am install-exec \
+	install-exec-am install-html install-html-am install-info \
+	install-info-am install-man install-pdf install-pdf-am \
+	install-ps install-ps-am install-strip installcheck \
+	installcheck-am installdirs maintainer-clean \
+	maintainer-clean-generic mostlyclean mostlyclean-compile \
+	mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+	tags tags-am uninstall uninstall-am
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/src/libtls/tests/suites/test_socket.c b/src/libtls/tests/suites/test_socket.c
new file mode 100644
index 000000000..42a4607b7
--- /dev/null
+++ b/src/libtls/tests/suites/test_socket.c
@@ -0,0 +1,524 @@
+/*
+ * Copyright (C) 2014 Martin Willi
+ * Copyright (C) 2014 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <test_suite.h>
+
+#include <unistd.h>
+#include <errno.h>
+
+#include <processing/jobs/callback_job.h>
+#include <credentials/sets/mem_cred.h>
+
+#include "tls_socket.h"
+
+/**
+ * Credentials for authentication
+ */
+static mem_cred_t *creds;
+
+/**
+ * RSA private key, 2048 bit
+ */
+static char rsa[] = {
+	0x30,0x82,0x04,0xa4,0x02,0x01,0x00,0x02,0x82,0x01,0x01,0x00,0xee,0xa3,0x28,0xcc,
+	0x48,0xca,0x37,0xfc,0xb6,0xfa,0xfc,0x18,0x0d,0xa2,0x28,0x44,0xb4,0x16,0x56,0xf7,
+	0x97,0x5f,0x38,0x83,0xfc,0xd4,0x30,0xea,0xf7,0x5e,0xaa,0xd4,0x21,0x0e,0x71,0x49,
+	0x13,0x39,0xaf,0x89,0xa1,0x1d,0x1b,0x9a,0x08,0x44,0xff,0x0b,0xeb,0x4b,0xad,0x8e,
+	0xc4,0x6d,0x1e,0x0c,0x02,0xbb,0x17,0x59,0xc7,0x66,0xc7,0xff,0x4c,0x3c,0x11,0x40,
+	0x1a,0xe3,0xca,0x34,0xf8,0x41,0xe0,0x39,0x3e,0xce,0x72,0x9f,0x56,0x9e,0x69,0xad,
+	0x98,0x43,0x5f,0x35,0xc2,0xd0,0xd9,0xbc,0x8b,0xed,0xc6,0xc7,0x74,0x73,0x74,0x30,
+	0x92,0x86,0x39,0x26,0x3d,0xf1,0xd5,0x16,0x45,0x7d,0xcc,0x90,0x54,0xff,0x44,0x74,
+	0xf3,0xba,0x41,0x5c,0x58,0xa4,0x66,0xe6,0x9d,0x58,0xbe,0x7e,0x89,0xe1,0x7c,0xf7,
+	0x28,0xb0,0xde,0xe2,0x01,0x0a,0x89,0xc7,0x63,0x3f,0xef,0x2b,0xcb,0xef,0x65,0x89,
+	0x82,0x23,0x32,0xa7,0xa3,0x1c,0x0d,0xc6,0x8f,0x76,0x59,0x8b,0x55,0x65,0x9c,0x91,
+	0xd4,0x93,0x89,0xad,0x37,0x47,0x23,0x25,0xb3,0x53,0xea,0xef,0x73,0xeb,0x97,0xd3,
+	0xd7,0x74,0x38,0x73,0x8d,0x16,0x0d,0x6f,0xae,0x59,0x33,0x4e,0x24,0xe9,0x52,0xf6,
+	0x6f,0x8c,0x5c,0x13,0xcf,0x1d,0x0a,0xcc,0xb7,0x6a,0x88,0xce,0x91,0xe2,0xe0,0xcb,
+	0xc6,0xd2,0xfb,0x81,0xf6,0xd2,0x9f,0x0a,0x82,0x70,0x80,0xbf,0x93,0x70,0xc0,0x57,
+	0x23,0x6e,0x97,0x1c,0x9d,0x7d,0xf0,0xa3,0x54,0x86,0xec,0x40,0xae,0x09,0x20,0xed,
+	0x02,0x43,0xa3,0xf8,0x7e,0x0e,0x5b,0xd0,0x22,0x7b,0x74,0x39,0x02,0x03,0x01,0x00,
+	0x01,0x02,0x82,0x01,0x01,0x00,0xd9,0x5b,0x99,0x74,0x80,0xb4,0x57,0xcc,0x82,0x2a,
+	0x17,0x66,0x1d,0x3c,0xde,0xea,0xbd,0x11,0x40,0x03,0x62,0x47,0xe3,0xe5,0x2c,0x6b,
+	0x65,0x67,0x0f,0x0b,0x96,0x13,0x83,0x4c,0x71,0x58,0xfa,0xfe,0xe6,0xe9,0x37,0xeb,
+	0x98,0x51,0x73,0x48,0xcc,0xf9,0xe1,0x46,0x5b,0xfe,0x16,0xe1,0xc0,0xa5,0x75,0xf3,
+	0x4d,0x30,0x84,0x14,0x15,0x04,0x6f,0x3e,0xa3,0x03,0xbd,0xba,0x4f,0x5a,0x71,0xe9,
+	0x26,0xbf,0x5d,0x7a,0x93,0x22,0x98,0xb5,0xcf,0x51,0xc3,0xc7,0x51,0xb8,0x59,0x0a,
+	0xfb,0xd7,0xe5,0xa8,0x1d,0x0f,0x5c,0xfd,0x30,0x0e,0x71,0xd7,0x79,0xc4,0x60,0x55,
+	0x9e,0x1e,0x1c,0x0b,0x9a,0x40,0xb8,0x7a,0x8d,0xb2,0xec,0xb0,0x70,0x8a,0x19,0x5f,
+	0x1d,0x2e,0xde,0x90,0x8f,0x68,0x56,0x08,0xce,0x0c,0x08,0xde,0xc7,0xf8,0x13,0xef,
+	0xd2,0xbc,0x92,0xb6,0xfb,0xec,0xb6,0x04,0xf6,0x8f,0x7d,0x95,0xe9,0xeb,0xc7,0xfb,
+	0xcc,0x4f,0xad,0x41,0xf1,0x4c,0x79,0x07,0xdd,0x4b,0x40,0xb4,0x74,0x44,0x9a,0x06,
+	0x0a,0x0f,0xb2,0xda,0x12,0x46,0xe5,0xee,0x01,0x64,0xe5,0xf0,0x82,0x69,0xf9,0xf1,
+	0xe9,0x41,0x13,0x5a,0xee,0xc0,0x37,0x9a,0xbe,0x9a,0x9a,0x06,0x4b,0x52,0xd6,0xf3,
+	0x1b,0x30,0x64,0x93,0x3a,0x97,0xe1,0xdc,0x50,0x1f,0x46,0xc4,0x81,0x6a,0x17,0x52,
+	0x49,0x85,0xc6,0x85,0xb7,0x60,0xd4,0xf0,0xd1,0x6a,0xeb,0x50,0x8c,0xb7,0xeb,0x1f,
+	0x17,0x0e,0xf0,0xfd,0x67,0x03,0x7c,0x74,0x1a,0xac,0x66,0x81,0x00,0x45,0x5e,0xf3,
+	0xd9,0x9d,0x22,0x99,0xc4,0x11,0x02,0x81,0x81,0x00,0xfa,0x44,0x32,0x14,0xb2,0x82,
+	0x28,0x02,0x46,0x05,0xdd,0x8d,0xb1,0x9f,0x9e,0x6f,0x61,0xf2,0x01,0xa0,0x2b,0x76,
+	0xee,0x46,0xaa,0x2d,0x2d,0x5b,0xd2,0x67,0x90,0x36,0xbb,0xa0,0x07,0xdf,0x9b,0xad,
+	0x18,0x1e,0xa7,0xe6,0x36,0xc6,0x49,0xda,0xc5,0x0d,0x52,0x29,0x5a,0x40,0xcf,0xdf,
+	0x8d,0xd0,0xa3,0xc2,0x34,0x17,0x9f,0xb5,0xf1,0x67,0xac,0x29,0x10,0xc2,0x5c,0x62,
+	0xe3,0xe2,0x5c,0x9f,0x93,0xcc,0xb5,0xeb,0x16,0x64,0x44,0x9f,0x6b,0x5a,0xac,0x19,
+	0x09,0xff,0x4b,0x78,0x7f,0xec,0x5a,0xbd,0xe9,0xcb,0x74,0xbb,0x30,0x13,0xc5,0x25,
+	0x8b,0xac,0x8d,0xf9,0xa9,0x99,0x25,0xf5,0xce,0x07,0xb6,0x2b,0x1b,0x42,0xed,0x3a,
+	0x30,0x4a,0xfc,0x5f,0xf0,0xe2,0x26,0xa6,0x60,0x5d,0x02,0x81,0x81,0x00,0xf4,0x1a,
+	0xc2,0x7e,0xa0,0xa0,0xad,0x20,0x65,0x04,0xe8,0xf7,0xb0,0xb1,0x76,0x79,0x08,0x18,
+	0x58,0x93,0x21,0xf1,0x56,0x58,0x58,0x18,0x4a,0x5c,0x59,0x08,0x27,0x64,0x09,0xcb,
+	0x0b,0x0b,0x4e,0x26,0xc8,0x0b,0x87,0x67,0x40,0xc1,0xab,0x31,0x60,0xa6,0x78,0xdd,
+	0x78,0xc8,0x86,0x38,0xbd,0x19,0xde,0x0b,0x70,0x72,0xec,0x36,0x88,0x39,0x69,0x70,
+	0xda,0xa6,0x2e,0xf9,0x5c,0xd8,0x17,0xc5,0xfa,0xf8,0xa5,0xc9,0x9b,0xf0,0xfe,0x03,
+	0x71,0x57,0xfa,0x58,0x0f,0x33,0xc3,0xab,0xce,0xb0,0x5d,0xd0,0x40,0x07,0x9a,0x0b,
+	0xff,0xb9,0xaa,0x9d,0xc5,0x33,0x7f,0x5f,0x48,0x7e,0x54,0x82,0xd1,0xdf,0x75,0x69,
+	0xee,0xe5,0xf5,0x80,0x44,0xce,0x52,0x72,0x14,0x2c,0xe6,0xa7,0xd5,0x8d,0x02,0x81,
+	0x81,0x00,0xb8,0xf7,0x70,0x20,0x35,0xf2,0xd6,0x89,0x1f,0xa1,0xb4,0x26,0xc6,0x51,
+	0xd7,0xb2,0x30,0xac,0xc1,0xa0,0xd4,0x9e,0xf8,0xea,0x87,0x5a,0x0e,0x7d,0x1f,0xdb,
+	0xe5,0x0d,0x5e,0xcc,0x9f,0x25,0x18,0x14,0xed,0x8f,0xb2,0xbe,0x06,0x5b,0xb5,0x38,
+	0x18,0x8d,0x88,0xdd,0x01,0x54,0x87,0x8e,0x8d,0x6c,0xd7,0xab,0x6f,0xfe,0xc9,0xce,
+	0x9a,0x15,0xea,0x7b,0x0b,0x64,0xeb,0x0d,0x37,0xaa,0x14,0x94,0xe8,0x92,0xd3,0x1d,
+	0x66,0x16,0x43,0x55,0xa3,0xed,0x86,0xe6,0x96,0xa9,0xf5,0xe8,0xa0,0x7b,0x5a,0x71,
+	0xa4,0x7a,0xf7,0xd2,0x65,0x6d,0x27,0x37,0x61,0xac,0xed,0xdd,0xc9,0x08,0x64,0xb2,
+	0xf0,0x4c,0x68,0xca,0x21,0x42,0xec,0xbc,0x25,0xf7,0x35,0xe1,0xde,0xd1,0xf6,0x88,
+	0xdf,0x0d,0x02,0x81,0x80,0x44,0xb0,0xcb,0x0e,0x6b,0x11,0x0b,0xe6,0xd3,0xc6,0x7f,
+	0xf0,0x43,0x6e,0x8c,0xd2,0x1e,0x2f,0x0b,0xad,0xcb,0x9d,0x68,0x18,0xd0,0x21,0x75,
+	0xbb,0x6a,0xea,0x5a,0x7b,0x52,0x2e,0x2a,0xdb,0x71,0x90,0x84,0x36,0x8a,0x51,0xc9,
+	0xed,0x35,0xc9,0x5d,0x53,0x3b,0x2b,0xc7,0x73,0x56,0x21,0xdd,0x44,0xcc,0x31,0x17,
+	0xe1,0x9f,0x0a,0xf1,0x66,0x86,0x7f,0x55,0x67,0xf2,0x4c,0x05,0x8e,0x61,0x92,0x3a,
+	0xbf,0x81,0x97,0xac,0x24,0x32,0xb6,0xb1,0x4c,0x7a,0x8c,0x11,0x2b,0x15,0xe2,0xe0,
+	0xf4,0xcc,0x51,0x6f,0xd3,0x33,0xcc,0x30,0x98,0x04,0xa5,0x04,0xfb,0x2a,0xda,0x9b,
+	0x41,0xc1,0x72,0x56,0xb0,0xb5,0x0f,0xac,0x44,0x55,0xc3,0x54,0x99,0x62,0xa5,0xeb,
+	0x7b,0x7f,0x24,0xb7,0x79,0x02,0x81,0x80,0x0a,0x3b,0x9b,0x91,0x1d,0x9b,0x04,0x4e,
+	0xdf,0xd9,0xe6,0x47,0xf3,0x79,0xb7,0x17,0xcf,0x42,0xa5,0xde,0x94,0xf0,0xfe,0xed,
+	0x46,0xf6,0xaf,0x3e,0x6c,0x91,0x01,0x89,0x79,0x81,0xea,0x2b,0x82,0x68,0x0e,0xd8,
+	0x25,0xaf,0x79,0x8b,0x14,0xfd,0xf2,0x29,0x20,0x34,0x2d,0x0b,0x08,0x8c,0x3b,0x2b,
+	0xfc,0x75,0xe9,0x4e,0x21,0xa6,0xb2,0x35,0x67,0x8d,0x4c,0x90,0x94,0x02,0xd5,0x32,
+	0x23,0xc6,0xa0,0x92,0x2e,0xfa,0x97,0x48,0x5b,0x95,0xc3,0xf1,0xbc,0x6b,0xe8,0x4c,
+	0x92,0x6f,0x5e,0x3d,0xf9,0xbd,0x2c,0xf0,0x83,0x1c,0xe6,0xb3,0x45,0x68,0x32,0x8d,
+	0x85,0x20,0xcb,0x9d,0xd2,0x30,0x5a,0x57,0xa4,0x6e,0x27,0xb5,0x29,0x14,0xdb,0xf1,
+	0x4b,0x9a,0xc3,0xc1,0xc5,0x37,0x6d,0x1b,
+};
+
+/**
+ * ECDSA private key
+ */
+static char ecdsa[] = {
+	0x30,0x81,0xa4,0x02,0x01,0x01,0x04,0x30,0xc0,0x1f,0xfd,0x65,0xc6,0xc4,0x4c,0xb8,
+	0xff,0x56,0x08,0xb5,0xbd,0xb8,0xf5,0x93,0xf7,0x51,0x0e,0x92,0x1f,0x06,0xbf,0xa6,
+	0xd9,0x1d,0xae,0xa3,0x16,0x0d,0x0f,0xc9,0xd5,0x97,0x90,0x46,0xf1,0x98,0xa8,0x18,
+	0x07,0xba,0xcf,0x91,0x8e,0x07,0xed,0x88,0xa0,0x07,0x06,0x05,0x2b,0x81,0x04,0x00,
+	0x22,0xa1,0x64,0x03,0x62,0x00,0x04,0xd6,0xba,0xe1,0xf0,0x09,0x22,0x21,0x12,0x69,
+	0xed,0x0e,0xd5,0x02,0x8c,0xb8,0x52,0xbb,0x57,0x68,0x0e,0xf3,0xdb,0xb9,0xb1,0xee,
+	0x9c,0x67,0xa0,0xb8,0xdc,0x13,0x1e,0x5b,0x44,0x71,0x04,0xef,0x4e,0xe3,0xdd,0xf4,
+	0xa6,0xc3,0xba,0x77,0x53,0xb8,0x28,0x5f,0xd2,0x97,0x05,0xa3,0x5b,0xe6,0xde,0x0a,
+	0xce,0x11,0xa8,0xaf,0x02,0xbd,0xfa,0x17,0xf9,0xa7,0x38,0x3e,0x5b,0x57,0xb0,0x01,
+	0xb3,0xc6,0x09,0x29,0x65,0xae,0xfb,0x87,0x92,0xa3,0xd7,0x3d,0x9a,0x1c,0x52,0x09,
+	0xb1,0x47,0xc8,0xf6,0x18,0xbb,0x97,
+};
+
+/**
+ * TLS certificate for RSA key
+ */
+static char rsa_crt[] = {
+	0x30,0x82,0x03,0x1f,0x30,0x82,0x02,0x07,0xa0,0x03,0x02,0x01,0x02,0x02,0x09,0x00,
+	0xf0,0xbb,0xac,0xc3,0xa1,0x6b,0xf3,0x1c,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,
+	0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x30,0x34,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,
+	0x04,0x06,0x13,0x02,0x43,0x48,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x0a,0x13,
+	0x0a,0x73,0x74,0x72,0x6f,0x6e,0x67,0x53,0x77,0x61,0x6e,0x31,0x10,0x30,0x0e,0x06,
+	0x03,0x55,0x04,0x03,0x13,0x07,0x74,0x6c,0x73,0x2d,0x72,0x73,0x61,0x30,0x1e,0x17,
+	0x0d,0x31,0x34,0x30,0x33,0x32,0x34,0x31,0x36,0x32,0x37,0x32,0x36,0x5a,0x17,0x0d,
+	0x31,0x37,0x30,0x33,0x32,0x33,0x31,0x36,0x32,0x37,0x32,0x36,0x5a,0x30,0x34,0x31,
+	0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x43,0x48,0x31,0x13,0x30,0x11,
+	0x06,0x03,0x55,0x04,0x0a,0x13,0x0a,0x73,0x74,0x72,0x6f,0x6e,0x67,0x53,0x77,0x61,
+	0x6e,0x31,0x10,0x30,0x0e,0x06,0x03,0x55,0x04,0x03,0x13,0x07,0x74,0x6c,0x73,0x2d,
+	0x72,0x73,0x61,0x30,0x82,0x01,0x22,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,
+	0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x82,0x01,0x0f,0x00,0x30,0x82,0x01,0x0a,0x02,
+	0x82,0x01,0x01,0x00,0xee,0xa3,0x28,0xcc,0x48,0xca,0x37,0xfc,0xb6,0xfa,0xfc,0x18,
+	0x0d,0xa2,0x28,0x44,0xb4,0x16,0x56,0xf7,0x97,0x5f,0x38,0x83,0xfc,0xd4,0x30,0xea,
+	0xf7,0x5e,0xaa,0xd4,0x21,0x0e,0x71,0x49,0x13,0x39,0xaf,0x89,0xa1,0x1d,0x1b,0x9a,
+	0x08,0x44,0xff,0x0b,0xeb,0x4b,0xad,0x8e,0xc4,0x6d,0x1e,0x0c,0x02,0xbb,0x17,0x59,
+	0xc7,0x66,0xc7,0xff,0x4c,0x3c,0x11,0x40,0x1a,0xe3,0xca,0x34,0xf8,0x41,0xe0,0x39,
+	0x3e,0xce,0x72,0x9f,0x56,0x9e,0x69,0xad,0x98,0x43,0x5f,0x35,0xc2,0xd0,0xd9,0xbc,
+	0x8b,0xed,0xc6,0xc7,0x74,0x73,0x74,0x30,0x92,0x86,0x39,0x26,0x3d,0xf1,0xd5,0x16,
+	0x45,0x7d,0xcc,0x90,0x54,0xff,0x44,0x74,0xf3,0xba,0x41,0x5c,0x58,0xa4,0x66,0xe6,
+	0x9d,0x58,0xbe,0x7e,0x89,0xe1,0x7c,0xf7,0x28,0xb0,0xde,0xe2,0x01,0x0a,0x89,0xc7,
+	0x63,0x3f,0xef,0x2b,0xcb,0xef,0x65,0x89,0x82,0x23,0x32,0xa7,0xa3,0x1c,0x0d,0xc6,
+	0x8f,0x76,0x59,0x8b,0x55,0x65,0x9c,0x91,0xd4,0x93,0x89,0xad,0x37,0x47,0x23,0x25,
+	0xb3,0x53,0xea,0xef,0x73,0xeb,0x97,0xd3,0xd7,0x74,0x38,0x73,0x8d,0x16,0x0d,0x6f,
+	0xae,0x59,0x33,0x4e,0x24,0xe9,0x52,0xf6,0x6f,0x8c,0x5c,0x13,0xcf,0x1d,0x0a,0xcc,
+	0xb7,0x6a,0x88,0xce,0x91,0xe2,0xe0,0xcb,0xc6,0xd2,0xfb,0x81,0xf6,0xd2,0x9f,0x0a,
+	0x82,0x70,0x80,0xbf,0x93,0x70,0xc0,0x57,0x23,0x6e,0x97,0x1c,0x9d,0x7d,0xf0,0xa3,
+	0x54,0x86,0xec,0x40,0xae,0x09,0x20,0xed,0x02,0x43,0xa3,0xf8,0x7e,0x0e,0x5b,0xd0,
+	0x22,0x7b,0x74,0x39,0x02,0x03,0x01,0x00,0x01,0xa3,0x34,0x30,0x32,0x30,0x1f,0x06,
+	0x03,0x55,0x1d,0x23,0x04,0x18,0x30,0x16,0x80,0x14,0x96,0x0e,0xc8,0xd3,0xb3,0x3f,
+	0xd1,0x11,0xb6,0x36,0x70,0xdb,0x37,0x98,0x3c,0xab,0x69,0x03,0x69,0x56,0x30,0x0f,
+	0x06,0x03,0x55,0x1d,0x11,0x04,0x08,0x30,0x06,0x87,0x04,0x7f,0x00,0x00,0x01,0x30,
+	0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x82,
+	0x01,0x01,0x00,0x94,0x1d,0x08,0xda,0x7b,0xc4,0xa3,0xf4,0x40,0x54,0xae,0x45,0x6a,
+	0xb3,0x62,0xb6,0x0b,0x35,0xc7,0x5f,0xed,0xb9,0x42,0x33,0xd5,0x32,0x80,0x23,0x76,
+	0x87,0xae,0x59,0xbb,0x77,0x00,0xc4,0xbf,0x60,0x3b,0x9b,0x04,0x46,0x52,0xde,0x9f,
+	0x16,0xc6,0x96,0x5e,0x7a,0xb5,0xbb,0x49,0x6a,0x89,0x4a,0x60,0x0b,0x85,0x15,0xec,
+	0xbb,0x83,0x79,0x01,0xfa,0x3c,0xd5,0x1e,0x6a,0x75,0xe7,0x93,0xc9,0xc4,0xbb,0xea,
+	0xad,0xa2,0x23,0x32,0xc5,0x57,0x4c,0x41,0xb2,0x41,0x91,0x53,0x5e,0xaf,0x98,0x83,
+	0xcb,0x6b,0xa8,0x2f,0xc8,0x06,0x16,0x18,0x5a,0x75,0xe1,0xee,0xac,0xc0,0x28,0x08,
+	0x0a,0x09,0xd1,0x03,0xba,0x65,0xf1,0x89,0xcc,0x63,0x6f,0xb2,0x70,0xdc,0x46,0x2b,
+	0x62,0x5b,0x64,0xd4,0x7a,0xc4,0x12,0xe2,0x88,0x3a,0x54,0x0a,0xf5,0x1e,0x1c,0x9e,
+	0x9a,0xb2,0x62,0xf9,0xd3,0x02,0xf0,0xc1,0xf0,0x7b,0x4d,0xf3,0x44,0xd8,0x3c,0x13,
+	0x1d,0xfc,0x78,0xa3,0x54,0x68,0xce,0x43,0x31,0x78,0x58,0x2f,0x5d,0xb8,0xa7,0xff,
+	0x54,0xae,0x6e,0x25,0xd7,0x40,0x6c,0x59,0x7b,0x5f,0x18,0x31,0xe9,0xfc,0x53,0x34,
+	0xb2,0xb0,0x18,0xd4,0x2c,0x85,0x9d,0xad,0x2d,0xd2,0x05,0x5d,0x2e,0x47,0xee,0x09,
+	0x3d,0x05,0x2e,0x46,0x66,0xea,0x09,0xb2,0x81,0xd3,0x9b,0x28,0xbf,0xf9,0x9c,0x54,
+	0x98,0xb7,0x2d,0x38,0xd8,0xae,0x03,0x70,0xae,0x1e,0xd4,0xa9,0xb7,0x2e,0xdb,0x02,
+	0x6a,0x84,0x0f,0x6c,0xe8,0xb8,0x25,0x73,0x84,0x13,0x9f,0x34,0x24,0xb8,0xfc,0x96,
+	0x4c,0x91,0xfa,
+};
+
+/**
+ * TLS certificate for ECDSA key
+ */
+static char ecdsa_crt[] = {
+	0x30,0x82,0x01,0xd3,0x30,0x82,0x01,0x59,0xa0,0x03,0x02,0x01,0x02,0x02,0x09,0x00,
+	0xaa,0x92,0xf5,0x39,0x85,0xf5,0xd5,0xa3,0x30,0x09,0x06,0x07,0x2a,0x86,0x48,0xce,
+	0x3d,0x04,0x01,0x30,0x36,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,
+	0x43,0x48,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x0a,0x13,0x0a,0x73,0x74,0x72,
+	0x6f,0x6e,0x67,0x53,0x77,0x61,0x6e,0x31,0x12,0x30,0x10,0x06,0x03,0x55,0x04,0x03,
+	0x13,0x09,0x74,0x6c,0x73,0x2d,0x65,0x63,0x64,0x73,0x61,0x30,0x1e,0x17,0x0d,0x31,
+	0x34,0x30,0x33,0x32,0x34,0x31,0x36,0x32,0x39,0x33,0x34,0x5a,0x17,0x0d,0x31,0x37,
+	0x30,0x33,0x32,0x33,0x31,0x36,0x32,0x39,0x33,0x34,0x5a,0x30,0x36,0x31,0x0b,0x30,
+	0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x43,0x48,0x31,0x13,0x30,0x11,0x06,0x03,
+	0x55,0x04,0x0a,0x13,0x0a,0x73,0x74,0x72,0x6f,0x6e,0x67,0x53,0x77,0x61,0x6e,0x31,
+	0x12,0x30,0x10,0x06,0x03,0x55,0x04,0x03,0x13,0x09,0x74,0x6c,0x73,0x2d,0x65,0x63,
+	0x64,0x73,0x61,0x30,0x76,0x30,0x10,0x06,0x07,0x2a,0x86,0x48,0xce,0x3d,0x02,0x01,
+	0x06,0x05,0x2b,0x81,0x04,0x00,0x22,0x03,0x62,0x00,0x04,0xd6,0xba,0xe1,0xf0,0x09,
+	0x22,0x21,0x12,0x69,0xed,0x0e,0xd5,0x02,0x8c,0xb8,0x52,0xbb,0x57,0x68,0x0e,0xf3,
+	0xdb,0xb9,0xb1,0xee,0x9c,0x67,0xa0,0xb8,0xdc,0x13,0x1e,0x5b,0x44,0x71,0x04,0xef,
+	0x4e,0xe3,0xdd,0xf4,0xa6,0xc3,0xba,0x77,0x53,0xb8,0x28,0x5f,0xd2,0x97,0x05,0xa3,
+	0x5b,0xe6,0xde,0x0a,0xce,0x11,0xa8,0xaf,0x02,0xbd,0xfa,0x17,0xf9,0xa7,0x38,0x3e,
+	0x5b,0x57,0xb0,0x01,0xb3,0xc6,0x09,0x29,0x65,0xae,0xfb,0x87,0x92,0xa3,0xd7,0x3d,
+	0x9a,0x1c,0x52,0x09,0xb1,0x47,0xc8,0xf6,0x18,0xbb,0x97,0xa3,0x34,0x30,0x32,0x30,
+	0x1f,0x06,0x03,0x55,0x1d,0x23,0x04,0x18,0x30,0x16,0x80,0x14,0x4f,0x1e,0x5d,0x94,
+	0x85,0xe2,0xbc,0x86,0x0e,0x80,0xce,0x17,0x92,0x42,0xb4,0xb8,0x19,0x67,0xb8,0xfe,
+	0x30,0x0f,0x06,0x03,0x55,0x1d,0x11,0x04,0x08,0x30,0x06,0x87,0x04,0x7f,0x00,0x00,
+	0x01,0x30,0x09,0x06,0x07,0x2a,0x86,0x48,0xce,0x3d,0x04,0x01,0x03,0x69,0x00,0x30,
+	0x66,0x02,0x31,0x00,0xdc,0x6e,0x3b,0xe4,0x9f,0x36,0xa5,0xa8,0x88,0x8d,0xcf,0x2d,
+	0xa1,0x6e,0x33,0x68,0x73,0xd6,0x6a,0xd6,0x1d,0x00,0xe5,0x5c,0x76,0x09,0x5e,0xe9,
+	0x7a,0x3a,0x00,0x5e,0xbc,0xef,0x0d,0x8d,0x95,0x5c,0x2b,0xfc,0xa4,0xe3,0xe3,0xcf,
+	0x74,0x95,0x00,0x21,0x02,0x31,0x00,0x8f,0x40,0x3e,0xfc,0xe9,0xae,0x17,0x9b,0x36,
+	0x39,0xe2,0x79,0xa5,0x7b,0x5d,0xe3,0xe0,0x84,0x68,0x7e,0x00,0x57,0xbe,0x4d,0xe3,
+	0x0e,0xff,0x20,0x9c,0xce,0xd1,0x43,0x76,0x00,0x6e,0x59,0x7b,0xac,0x94,0x05,0xef,
+	0xed,0xca,0x8b,0xe5,0x7f,0xa5,0xd7,
+};
+
+START_SETUP(setup_creds)
+{
+	private_key_t *key;
+	certificate_t *cert;
+
+	creds = mem_cred_create();
+
+	key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_RSA,
+							 BUILD_BLOB, chunk_from_thing(rsa), BUILD_END);
+	if (key)
+	{
+		creds->add_key(creds, key);
+	}
+	key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_ECDSA,
+							 BUILD_BLOB, chunk_from_thing(ecdsa), BUILD_END);
+	if (key)
+	{
+		creds->add_key(creds, key);
+	}
+	cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
+							  BUILD_BLOB, chunk_from_thing(rsa_crt), BUILD_END);
+	if (cert)
+	{
+		creds->add_cert(creds, TRUE, cert);
+	}
+	cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
+							  BUILD_BLOB, chunk_from_thing(ecdsa_crt), BUILD_END);
+	if (cert)
+	{
+		creds->add_cert(creds, TRUE, cert);
+	}
+
+	lib->credmgr->add_set(lib->credmgr, &creds->set);
+}
+END_SETUP
+
+START_TEARDOWN(teardown_creds)
+{
+	lib->credmgr->remove_set(lib->credmgr, &creds->set);
+	creds->destroy(creds);
+}
+END_TEARDOWN
+
+/**
+ * Configuration for an echo server
+ */
+typedef struct {
+	tls_version_t version;
+	u_int16_t port;
+	char *addr;
+	chunk_t data;
+	int fd;
+	bool cauth;
+} echo_server_config_t;
+
+/**
+ * Run an echo server
+ */
+static job_requeue_t serve_echo(echo_server_config_t *config)
+{
+	tls_socket_t *tls;
+	int sfd, cfd;
+	identification_t *server, *client = NULL;
+	ssize_t len, total, done;
+	char buf[128];
+
+	server = identification_create_from_string(config->addr);
+	if (config->cauth)
+	{
+		client = server;
+	}
+	sfd = config->fd;
+	while (TRUE)
+	{
+		cfd = accept(sfd, NULL, NULL);
+		if (cfd < 0)
+		{
+			break;
+		}
+
+		tls = tls_socket_create(TRUE, server, client, cfd, NULL,
+								config->version, TRUE);
+		ck_assert(tls != NULL);
+
+		while (TRUE)
+		{
+			len = tls->read(tls, buf, sizeof(buf), TRUE);
+			if (len <= 0)
+			{
+				break;
+			}
+			total = 0;
+			while (total < len)
+			{
+				done = tls->write(tls, buf + total, len - total);
+				ck_assert_msg(done > 0, "%s", strerror(errno));
+				total += done;
+			}
+		}
+
+		tls->destroy(tls);
+		close(cfd);
+	}
+	server->destroy(server);
+
+	return JOB_REQUEUE_NONE;
+}
+
+/**
+ * Start a echo server using config
+ */
+static void start_echo_server(echo_server_config_t *config)
+{
+	host_t *host;
+	int on = 1;
+
+	host = host_create_from_string(config->addr, config->port);
+
+	config->fd = socket(AF_INET, SOCK_STREAM, 0);
+	ck_assert(config->fd != -1);
+	ck_assert(setsockopt(config->fd, SOL_SOCKET, SO_REUSEADDR,
+						 (void*)&on, sizeof(on)) != -1);
+	ck_assert_msg(bind(config->fd, host->get_sockaddr(host),
+				  *host->get_sockaddr_len(host)) != -1, "%s", strerror(errno));
+	host->destroy(host);
+	ck_assert(listen(config->fd, 1) != -1);
+
+	lib->processor->set_threads(lib->processor, 8);
+
+	lib->processor->queue_job(lib->processor, (job_t*)
+				callback_job_create((void*)serve_echo, config, NULL, NULL));
+}
+
+/**
+ * Run client to perform echo test
+ */
+static void run_echo_client(echo_server_config_t *config)
+{
+	tls_socket_t *tls;
+	ssize_t len, rd, wr;
+	int fd;
+	host_t *host;
+	identification_t *server, *client = NULL;
+	char buf[128];
+
+	host = host_create_from_string(config->addr, config->port);
+	server = identification_create_from_string(config->addr);
+	if (config->cauth)
+	{
+		client = server;
+	}
+
+	fd = socket(AF_INET, SOCK_STREAM, 0);
+	ck_assert(fd != -1);
+	ck_assert(connect(fd, host->get_sockaddr(host),
+					  *host->get_sockaddr_len(host)) != -1);
+	tls = tls_socket_create(FALSE, server, client, fd, NULL,
+							config->version, TRUE);
+	ck_assert(tls != NULL);
+
+	wr = rd = 0;
+	while (rd < config->data.len)
+	{
+		len = tls->write(tls, config->data.ptr + wr, config->data.len - wr);
+		ck_assert(len >= 0);
+		wr += len;
+
+		len = tls->read(tls, buf, sizeof(buf), FALSE);
+		if (len == -1 && errno == EWOULDBLOCK)
+		{
+			continue;
+		}
+		if (len == 0)
+		{
+			ck_assert_int_eq(rd, config->data.len);
+			break;
+		}
+		ck_assert(len > 0);
+		ck_assert(rd + len <= config->data.len);
+		ck_assert(memeq(buf, config->data.ptr + rd, len));
+		rd += len;
+	}
+
+	tls->destroy(tls);
+	close(fd);
+	host->destroy(host);
+	server->destroy(server);
+}
+
+/**
+ * Common test wrapper function for different test variants
+ */
+static void test_tls(tls_version_t version, u_int16_t port, bool cauth, u_int i)
+{
+	echo_server_config_t *config;
+	tls_cipher_suite_t *suites;
+	char suite[128];
+	int count;
+
+	INIT(config,
+		.version = version,
+		.addr = "127.0.0.1",
+		.port = port,
+		.cauth = cauth,
+		.data = chunk_from_chars(0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08),
+	);
+
+	start_echo_server(config);
+
+	count = tls_crypto_get_supported_suites(TRUE, &suites);
+
+	ck_assert(i < count);
+	snprintf(suite, sizeof(suite), "%N", tls_cipher_suite_names, suites[i]);
+	lib->settings->set_str(lib->settings, "%s.tls.suites", suite, lib->ns);
+
+	run_echo_client(config);
+
+	free(suites);
+
+	shutdown(config->fd, SHUT_RDWR);
+	close(config->fd);
+
+	free(config);
+}
+
+START_TEST(test_tls12)
+{
+	test_tls(TLS_1_2, 5671, FALSE, _i);
+}
+END_TEST
+
+START_TEST(test_tls12_mutual)
+{
+	test_tls(TLS_1_2, 5672, TRUE, _i);
+}
+END_TEST
+
+START_TEST(test_tls11)
+{
+	test_tls(TLS_1_1, 5673, FALSE, _i);
+}
+END_TEST
+
+START_TEST(test_tls11_mutual)
+{
+	test_tls(TLS_1_1, 5674, TRUE, _i);
+}
+END_TEST
+
+START_TEST(test_tls10)
+{
+	test_tls(TLS_1_0, 5675, FALSE, _i);
+}
+END_TEST
+
+START_TEST(test_tls10_mutual)
+{
+	test_tls(TLS_1_0, 5676, TRUE, _i);
+}
+END_TEST
+
+Suite *socket_suite_create()
+{
+	Suite *s;
+	TCase *tc;
+	int count;
+
+	count = tls_crypto_get_supported_suites(TRUE, NULL);
+
+	s = suite_create("socket");
+
+	tc = tcase_create("TLS 1.2/anon");
+	tcase_add_checked_fixture(tc, setup_creds, teardown_creds);
+	tcase_add_loop_test(tc, test_tls12, 0, count);
+	suite_add_tcase(s, tc);
+
+	tc = tcase_create("TLS 1.2/mutl");
+	tcase_add_checked_fixture(tc, setup_creds, teardown_creds);
+	tcase_add_loop_test(tc, test_tls12_mutual, 0, count);
+	suite_add_tcase(s, tc);
+
+	tc = tcase_create("TLS 1.1/anon");
+	tcase_add_checked_fixture(tc, setup_creds, teardown_creds);
+	tcase_add_loop_test(tc, test_tls11, 0, count);
+	suite_add_tcase(s, tc);
+
+	tc = tcase_create("TLS 1.1/mutl");
+	tcase_add_checked_fixture(tc, setup_creds, teardown_creds);
+	tcase_add_loop_test(tc, test_tls11_mutual, 0, count);
+	suite_add_tcase(s, tc);
+
+	tc = tcase_create("TLS 1.0/anon");
+	tcase_add_checked_fixture(tc, setup_creds, teardown_creds);
+	tcase_add_loop_test(tc, test_tls10, 0, count);
+	suite_add_tcase(s, tc);
+
+	tc = tcase_create("TLS 1.0/mutl");
+	tcase_add_checked_fixture(tc, setup_creds, teardown_creds);
+	tcase_add_loop_test(tc, test_tls10_mutual, 0, count);
+	suite_add_tcase(s, tc);
+
+	return s;
+}
diff --git a/src/libtls/tests/suites/test_suites.c b/src/libtls/tests/suites/test_suites.c
new file mode 100644
index 000000000..f8ae12eb3
--- /dev/null
+++ b/src/libtls/tests/suites/test_suites.c
@@ -0,0 +1,247 @@
+/*
+ * Copyright (C) 2014 Martin Willi
+ * Copyright (C) 2014 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <test_suite.h>
+
+#include <unistd.h>
+
+#include "tls_crypto.h"
+
+START_TEST(test_cipher_names)
+{
+	char buf[128];
+
+#define CHECK_NAME(x) { \
+	snprintf(buf, sizeof(buf), "%N", tls_cipher_suite_names, x); \
+	ck_assert_str_eq(#x, buf); }
+
+	CHECK_NAME(TLS_NULL_WITH_NULL_NULL);
+	CHECK_NAME(TLS_RSA_WITH_NULL_MD5);
+	CHECK_NAME(TLS_RSA_WITH_NULL_SHA);
+	CHECK_NAME(TLS_RSA_EXPORT_WITH_RC4_40_MD5);
+	CHECK_NAME(TLS_RSA_WITH_RC4_128_MD5);
+	CHECK_NAME(TLS_RSA_WITH_RC4_128_SHA);
+	CHECK_NAME(TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5);
+	CHECK_NAME(TLS_RSA_WITH_IDEA_CBC_SHA);
+	CHECK_NAME(TLS_RSA_EXPORT_WITH_DES40_CBC_SHA);
+	CHECK_NAME(TLS_RSA_WITH_DES_CBC_SHA);
+	CHECK_NAME(TLS_RSA_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA);
+	CHECK_NAME(TLS_DH_DSS_WITH_DES_CBC_SHA);
+	CHECK_NAME(TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA);
+	CHECK_NAME(TLS_DH_RSA_WITH_DES_CBC_SHA);
+	CHECK_NAME(TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA);
+	CHECK_NAME(TLS_DHE_DSS_WITH_DES_CBC_SHA);
+	CHECK_NAME(TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA);
+	CHECK_NAME(TLS_DHE_RSA_WITH_DES_CBC_SHA);
+	CHECK_NAME(TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_DH_anon_EXPORT_WITH_RC4_40_MD5);
+	CHECK_NAME(TLS_DH_anon_WITH_RC4_128_MD5);
+	CHECK_NAME(TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA);
+	CHECK_NAME(TLS_DH_anon_WITH_DES_CBC_SHA);
+	CHECK_NAME(TLS_DH_anon_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_KRB5_WITH_DES_CBC_SHA);
+	CHECK_NAME(TLS_KRB5_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_KRB5_WITH_RC4_128_SHA);
+	CHECK_NAME(TLS_KRB5_WITH_IDEA_CBC_SHA);
+	CHECK_NAME(TLS_KRB5_WITH_DES_CBC_MD5);
+	CHECK_NAME(TLS_KRB5_WITH_3DES_EDE_CBC_MD5);
+	CHECK_NAME(TLS_KRB5_WITH_RC4_128_MD5);
+	CHECK_NAME(TLS_KRB5_WITH_IDEA_CBC_MD5);
+	CHECK_NAME(TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA);
+	CHECK_NAME(TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA);
+	CHECK_NAME(TLS_KRB5_EXPORT_WITH_RC4_40_SHA);
+	CHECK_NAME(TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5);
+	CHECK_NAME(TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5);
+	CHECK_NAME(TLS_KRB5_EXPORT_WITH_RC4_40_MD5);
+	CHECK_NAME(TLS_PSK_WITH_NULL_SHA);
+	CHECK_NAME(TLS_DHE_PSK_WITH_NULL_SHA);
+	CHECK_NAME(TLS_RSA_PSK_WITH_NULL_SHA);
+	CHECK_NAME(TLS_RSA_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_DH_DSS_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_DH_RSA_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_DHE_DSS_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_DHE_RSA_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_DH_anon_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_RSA_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_DH_DSS_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_DH_RSA_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_DHE_DSS_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_DHE_RSA_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_DH_anon_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_RSA_WITH_NULL_SHA256);
+	CHECK_NAME(TLS_RSA_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_RSA_WITH_AES_256_CBC_SHA256);
+	CHECK_NAME(TLS_DH_DSS_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_DH_RSA_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_DHE_DSS_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_RSA_WITH_CAMELLIA_128_CBC_SHA);
+	CHECK_NAME(TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA);
+	CHECK_NAME(TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA);
+	CHECK_NAME(TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA);
+	CHECK_NAME(TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA);
+	CHECK_NAME(TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA);
+	CHECK_NAME(TLS_DHE_RSA_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_DH_DSS_WITH_AES_256_CBC_SHA256);
+	CHECK_NAME(TLS_DH_RSA_WITH_AES_256_CBC_SHA256);
+	CHECK_NAME(TLS_DHE_DSS_WITH_AES_256_CBC_SHA256);
+	CHECK_NAME(TLS_DHE_RSA_WITH_AES_256_CBC_SHA256);
+	CHECK_NAME(TLS_DH_anon_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_DH_anon_WITH_AES_256_CBC_SHA256);
+	CHECK_NAME(TLS_RSA_WITH_CAMELLIA_256_CBC_SHA);
+	CHECK_NAME(TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA);
+	CHECK_NAME(TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA);
+	CHECK_NAME(TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA);
+	CHECK_NAME(TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA);
+	CHECK_NAME(TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA);
+	CHECK_NAME(TLS_PSK_WITH_RC4_128_SHA);
+	CHECK_NAME(TLS_PSK_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_PSK_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_PSK_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_DHE_PSK_WITH_RC4_128_SHA);
+	CHECK_NAME(TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_DHE_PSK_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_DHE_PSK_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_RSA_PSK_WITH_RC4_128_SHA);
+	CHECK_NAME(TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_RSA_PSK_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_RSA_PSK_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_RSA_WITH_SEED_CBC_SHA);
+	CHECK_NAME(TLS_DH_DSS_WITH_SEED_CBC_SHA);
+	CHECK_NAME(TLS_DH_RSA_WITH_SEED_CBC_SHA);
+	CHECK_NAME(TLS_DHE_DSS_WITH_SEED_CBC_SHA);
+	CHECK_NAME(TLS_DHE_RSA_WITH_SEED_CBC_SHA);
+	CHECK_NAME(TLS_DH_anon_WITH_SEED_CBC_SHA);
+	CHECK_NAME(TLS_RSA_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_RSA_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_DHE_RSA_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_DHE_RSA_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_DH_RSA_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_DH_RSA_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_DHE_DSS_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_DHE_DSS_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_DH_DSS_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_DH_DSS_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_DH_anon_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_DH_anon_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_PSK_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_PSK_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_DHE_PSK_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_DHE_PSK_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_RSA_PSK_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_RSA_PSK_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_PSK_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_PSK_WITH_AES_256_CBC_SHA384);
+	CHECK_NAME(TLS_PSK_WITH_NULL_SHA256);
+	CHECK_NAME(TLS_PSK_WITH_NULL_SHA384);
+	CHECK_NAME(TLS_DHE_PSK_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_DHE_PSK_WITH_AES_256_CBC_SHA384);
+	CHECK_NAME(TLS_DHE_PSK_WITH_NULL_SHA256);
+	CHECK_NAME(TLS_DHE_PSK_WITH_NULL_SHA384);
+	CHECK_NAME(TLS_RSA_PSK_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_RSA_PSK_WITH_AES_256_CBC_SHA384);
+	CHECK_NAME(TLS_RSA_PSK_WITH_NULL_SHA256);
+	CHECK_NAME(TLS_RSA_PSK_WITH_NULL_SHA384);
+	CHECK_NAME(TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256);
+	CHECK_NAME(TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256);
+	CHECK_NAME(TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256);
+	CHECK_NAME(TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256);
+	CHECK_NAME(TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256);
+	CHECK_NAME(TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256);
+	CHECK_NAME(TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256);
+	CHECK_NAME(TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256);
+	CHECK_NAME(TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256);
+	CHECK_NAME(TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256);
+	CHECK_NAME(TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256);
+	CHECK_NAME(TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256);
+	CHECK_NAME(TLS_EMPTY_RENEGOTIATION_INFO_SCSV);
+	CHECK_NAME(TLS_ECDH_ECDSA_WITH_NULL_SHA);
+	CHECK_NAME(TLS_ECDH_ECDSA_WITH_RC4_128_SHA);
+	CHECK_NAME(TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_ECDHE_ECDSA_WITH_NULL_SHA);
+	CHECK_NAME(TLS_ECDHE_ECDSA_WITH_RC4_128_SHA);
+	CHECK_NAME(TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_ECDH_RSA_WITH_NULL_SHA);
+	CHECK_NAME(TLS_ECDH_RSA_WITH_RC4_128_SHA);
+	CHECK_NAME(TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_ECDH_RSA_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_ECDH_RSA_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_ECDHE_RSA_WITH_NULL_SHA);
+	CHECK_NAME(TLS_ECDHE_RSA_WITH_RC4_128_SHA);
+	CHECK_NAME(TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_ECDH_anon_WITH_NULL_SHA);
+	CHECK_NAME(TLS_ECDH_anon_WITH_RC4_128_SHA);
+	CHECK_NAME(TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_ECDH_anon_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_ECDH_anon_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_SRP_SHA_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_SRP_SHA_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384);
+	CHECK_NAME(TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384);
+	CHECK_NAME(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384);
+	CHECK_NAME(TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384);
+	CHECK_NAME(TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256);
+	CHECK_NAME(TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384);
+	CHECK_NAME(TLS_ECDHE_PSK_WITH_RC4_128_SHA);
+	CHECK_NAME(TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA);
+	CHECK_NAME(TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA);
+	CHECK_NAME(TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA);
+	CHECK_NAME(TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256);
+	CHECK_NAME(TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384);
+	CHECK_NAME(TLS_ECDHE_PSK_WITH_NULL_SHA);
+	CHECK_NAME(TLS_ECDHE_PSK_WITH_NULL_SHA256);
+	CHECK_NAME(TLS_ECDHE_PSK_WITH_NULL_SHA384);
+}
+END_TEST
+
+Suite *suites_suite_create()
+{
+	Suite *s;
+	TCase *tc;
+
+	s = suite_create("suites");
+
+	tc = tcase_create("cipher-names");
+	tcase_add_test(tc, test_cipher_names);
+	suite_add_tcase(s, tc);
+
+	return s;
+}
diff --git a/src/libtls/tests/tls_tests.c b/src/libtls/tests/tls_tests.c
new file mode 100644
index 000000000..2c2c5bacc
--- /dev/null
+++ b/src/libtls/tests/tls_tests.c
@@ -0,0 +1,57 @@
+/*
+ * Copyright (C) 2014 Martin Willi
+ * Copyright (C) 2014 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <test_runner.h>
+
+/* declare test suite constructors */
+#define TEST_SUITE(x) test_suite_t* x();
+#define TEST_SUITE_DEPEND(x, ...) TEST_SUITE(x)
+#include "tls_tests.h"
+#undef TEST_SUITE
+#undef TEST_SUITE_DEPEND
+
+static test_configuration_t tests[] = {
+#define TEST_SUITE(x) \
+	{ .suite = x, },
+#define TEST_SUITE_DEPEND(x, type, args) \
+	{ .suite = x, .feature = PLUGIN_DEPENDS(type, args) },
+#include "tls_tests.h"
+	{ .suite = NULL, }
+};
+
+static bool test_runner_init(bool init)
+{
+	if (init)
+	{
+		plugin_loader_add_plugindirs(PLUGINDIR, PLUGINS);
+		if (!lib->plugins->load(lib->plugins, PLUGINS))
+		{
+			return FALSE;
+		}
+	}
+	else
+	{
+		lib->credmgr->flush_cache(lib->credmgr, CERT_ANY);
+		lib->processor->set_threads(lib->processor, 0);
+		lib->processor->cancel(lib->processor);
+		lib->plugins->unload(lib->plugins);
+	}
+	return TRUE;
+}
+
+int main(int argc, char *argv[])
+{
+	return test_runner_run("libtls", tests, test_runner_init);
+}
diff --git a/src/libtls/tests/tls_tests.h b/src/libtls/tests/tls_tests.h
new file mode 100644
index 000000000..489b2ddb1
--- /dev/null
+++ b/src/libtls/tests/tls_tests.h
@@ -0,0 +1,17 @@
+/*
+ * Copyright (C) 2014 Martin Willi
+ * Copyright (C) 2014 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+TEST_SUITE(socket_suite_create)
+TEST_SUITE(suites_suite_create)
diff --git a/src/libtls/tls.c b/src/libtls/tls.c
index 6b51e7593..6e2955814 100644
--- a/src/libtls/tls.c
+++ b/src/libtls/tls.c
@@ -218,14 +218,7 @@ METHOD(tls_t, process, status_t,
 	{
 		if (this->input.len == 0)
 		{
-			if (buflen < sizeof(tls_record_t))
-			{
-				DBG2(DBG_TLS, "received incomplete TLS record header");
-				memcpy(&this->head, buf, buflen);
-				this->headpos = buflen;
-				break;
-			}
-			while (TRUE)
+			while (buflen >= sizeof(tls_record_t))
 			{
 				/* try to process records inline */
 				record = buf;
@@ -252,6 +245,13 @@ METHOD(tls_t, process, status_t,
 					return NEED_MORE;
 				}
 			}
+			if (buflen < sizeof(tls_record_t))
+			{
+				DBG2(DBG_TLS, "received incomplete TLS record header");
+				memcpy(&this->head, buf, buflen);
+				this->headpos = buflen;
+				break;
+			}
 		}
 		len = min(buflen, this->input.len - this->inpos);
 		memcpy(this->input.ptr + this->inpos, buf, len);
@@ -447,6 +447,7 @@ tls_t *tls_create(bool is_server, identification_t *server,
 		case TLS_PURPOSE_EAP_TTLS:
 		case TLS_PURPOSE_EAP_PEAP:
 		case TLS_PURPOSE_GENERIC:
+		case TLS_PURPOSE_GENERIC_NULLOK:
 			break;
 		default:
 			return NULL;
diff --git a/src/libtls/tls.h b/src/libtls/tls.h
index db332fbbf..fc1d9b9fd 100644
--- a/src/libtls/tls.h
+++ b/src/libtls/tls.h
@@ -107,6 +107,8 @@ enum tls_purpose_t {
 	TLS_PURPOSE_EAP_PEAP,
 	/** non-EAP TLS */
 	TLS_PURPOSE_GENERIC,
+	/** non-EAP TLS accepting NULL encryption */
+	TLS_PURPOSE_GENERIC_NULLOK,
 	/** EAP binding for TNC */
 	TLS_PURPOSE_EAP_TNC
 };
diff --git a/src/libtls/tls_aead.c b/src/libtls/tls_aead.c
new file mode 100644
index 000000000..1d0779dc0
--- /dev/null
+++ b/src/libtls/tls_aead.c
@@ -0,0 +1,217 @@
+/*
+ * Copyright (C) 2014 Martin Willi
+ * Copyright (C) 2014 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "tls_aead.h"
+
+#include <crypto/iv/iv_gen_rand.h>
+
+typedef struct private_tls_aead_t private_tls_aead_t;
+
+/**
+ * Private data of an tls_aead_t object.
+ */
+struct private_tls_aead_t {
+
+	/**
+	 * Public tls_aead_t interface.
+	 */
+	tls_aead_t public;
+
+	/**
+	 * AEAD transform
+	 */
+	aead_t *aead;
+
+	/**
+	 * Size of salt, the implicit nonce
+	 */
+	size_t salt;
+};
+
+/**
+ * Associated header data to create signature over
+ */
+typedef struct __attribute__((__packed__)) {
+	u_int64_t seq;
+	u_int8_t type;
+	u_int16_t version;
+	u_int16_t length;
+} sigheader_t;
+
+METHOD(tls_aead_t, encrypt, bool,
+	private_tls_aead_t *this, tls_version_t version, tls_content_type_t type,
+	u_int64_t seq, chunk_t *data)
+{
+	chunk_t assoc, encrypted, iv, plain;
+	u_int8_t icvlen;
+	sigheader_t hdr;
+	iv_gen_t *gen;
+
+	gen = this->aead->get_iv_gen(this->aead);
+	iv.len = this->aead->get_iv_size(this->aead);
+	icvlen = this->aead->get_icv_size(this->aead);
+
+	encrypted = chunk_alloc(iv.len + data->len + icvlen);
+	iv.ptr = encrypted.ptr;
+	if (!gen->get_iv(gen, seq, iv.len, iv.ptr))
+	{
+		chunk_free(&encrypted);
+		return FALSE;
+	}
+	memcpy(encrypted.ptr + iv.len, data->ptr, data->len);
+	plain = chunk_skip(encrypted, iv.len);
+	plain.len -= icvlen;
+
+	hdr.type = type;
+	htoun64(&hdr.seq, seq);
+	htoun16(&hdr.version, version);
+	htoun16(&hdr.length, plain.len);
+
+	assoc = chunk_from_thing(hdr);
+	if (!this->aead->encrypt(this->aead, plain, assoc, iv, NULL))
+	{
+		return FALSE;
+	}
+	chunk_free(data);
+	*data = encrypted;
+	return TRUE;
+}
+
+METHOD(tls_aead_t, decrypt, bool,
+	private_tls_aead_t *this, tls_version_t version, tls_content_type_t type,
+	u_int64_t seq, chunk_t *data)
+{
+	chunk_t assoc, iv;
+	u_int8_t icvlen;
+	sigheader_t hdr;
+
+	iv.len = this->aead->get_iv_size(this->aead);
+	if (data->len < iv.len)
+	{
+		return FALSE;
+	}
+	iv.ptr = data->ptr;
+	*data = chunk_skip(*data, iv.len);
+	icvlen = this->aead->get_icv_size(this->aead);
+	if (data->len < icvlen)
+	{
+		return FALSE;
+	}
+
+	hdr.type = type;
+	htoun64(&hdr.seq, seq);
+	htoun16(&hdr.version, version);
+	htoun16(&hdr.length, data->len - icvlen);
+
+	assoc = chunk_from_thing(hdr);
+	if (!this->aead->decrypt(this->aead, *data, assoc, iv, NULL))
+	{
+		return FALSE;
+	}
+	data->len -= icvlen;
+	return TRUE;
+}
+
+METHOD(tls_aead_t, get_mac_key_size, size_t,
+	private_tls_aead_t *this)
+{
+	return 0;
+}
+
+METHOD(tls_aead_t, get_encr_key_size, size_t,
+	private_tls_aead_t *this)
+{
+	return this->aead->get_key_size(this->aead) - this->salt;
+}
+
+METHOD(tls_aead_t, get_iv_size, size_t,
+	private_tls_aead_t *this)
+{
+	return this->salt;
+}
+
+METHOD(tls_aead_t, set_keys, bool,
+	private_tls_aead_t *this, chunk_t mac, chunk_t encr, chunk_t iv)
+{
+	chunk_t key;
+
+	if (mac.len)
+	{
+		return FALSE;
+	}
+	key = chunk_cata("cc", encr, iv);
+	return this->aead->set_key(this->aead, key);
+}
+
+METHOD(tls_aead_t, destroy, void,
+	private_tls_aead_t *this)
+{
+	this->aead->destroy(this->aead);
+	free(this);
+}
+
+/**
+ * See header
+ */
+tls_aead_t *tls_aead_create_aead(encryption_algorithm_t encr, size_t encr_size)
+{
+	private_tls_aead_t *this;
+	size_t salt;
+
+	switch (encr)
+	{
+		case ENCR_AES_GCM_ICV8:
+		case ENCR_AES_GCM_ICV12:
+		case ENCR_AES_GCM_ICV16:
+		case ENCR_AES_CCM_ICV8:
+		case ENCR_AES_CCM_ICV12:
+		case ENCR_AES_CCM_ICV16:
+		case ENCR_CAMELLIA_CCM_ICV8:
+		case ENCR_CAMELLIA_CCM_ICV12:
+		case ENCR_CAMELLIA_CCM_ICV16:
+			salt = 4;
+			break;
+		default:
+			return NULL;
+	}
+
+	INIT(this,
+		.public = {
+			.encrypt = _encrypt,
+			.decrypt = _decrypt,
+			.get_mac_key_size = _get_mac_key_size,
+			.get_encr_key_size = _get_encr_key_size,
+			.get_iv_size = _get_iv_size,
+			.set_keys = _set_keys,
+			.destroy = _destroy,
+		},
+		.aead = lib->crypto->create_aead(lib->crypto, encr, encr_size, salt),
+		.salt = salt,
+	);
+
+	if (!this->aead)
+	{
+		free(this);
+		return NULL;
+	}
+
+	if (this->aead->get_block_size(this->aead) != 1)
+	{	/* TLS does not define any padding scheme for AEAD */
+		destroy(this);
+		return NULL;
+	}
+
+	return &this->public;
+}
diff --git a/src/libtls/tls_aead.h b/src/libtls/tls_aead.h
new file mode 100644
index 000000000..1d5ba92b5
--- /dev/null
+++ b/src/libtls/tls_aead.h
@@ -0,0 +1,156 @@
+/*
+ * Copyright (C) 2014 Martin Willi
+ * Copyright (C) 2014 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup tls_aead tls_aead
+ * @{ @ingroup tls
+ */
+
+#ifndef TLS_AEAD_H_
+#define TLS_AEAD_H_
+
+typedef struct tls_aead_t tls_aead_t;
+
+#include "tls.h"
+
+/**
+ * TLS specific AEAD interface, includes padding.
+ *
+ * As TLS uses sign-then-encrypt instead of the more modern encrypt-then-sign,
+ * we can't directly abstract traditional transforms using our aead_t interface.
+ * With traditional transforms, the AEAD operation has to manage padding, as
+ * the MAC is calculated over unpadded data.
+ */
+struct tls_aead_t {
+
+	/**
+	 * Encrypt and sign a TLS record.
+	 *
+	 * The plain data chunk gets freed on success, and the data chunk
+	 * gets updated with a new allocation of the encrypted data.
+	 * If next_iv is given, it must contain the IV for this operation. It
+	 * gets updated to the IV for the next record.
+	 *
+	 * @param version		TLS version
+	 * @param type			TLS content type
+	 * @param seq			record sequence number
+	 * @param data			data to encrypt, encryption result
+	 * @return				TRUE if successfully encrypted
+	 */
+	bool (*encrypt)(tls_aead_t *this, tls_version_t version,
+					tls_content_type_t type, u_int64_t seq, chunk_t *data);
+
+	/**
+	 * Decrypt and verify a TLS record.
+	 *
+	 * The passed encrypted data chunk gets updated to the decrypted record
+	 * length, decryption is done inline.
+	 *
+	 * @param version		TLS version
+	 * @param type			TLS content type
+	 * @param seq			record sequence number
+	 * @param data			data to decrypt, decrypted result
+	 * @return				TRUE if successfully decrypted
+	 */
+	bool (*decrypt)(tls_aead_t *this, tls_version_t version,
+					tls_content_type_t type, u_int64_t seq, chunk_t *data);
+
+	/**
+	 * Get the authentication key size.
+	 *
+	 * @return		key size, in bytes, 0 if not used
+	 */
+	size_t (*get_mac_key_size)(tls_aead_t *this);
+
+	/**
+	 * Get the encrytion key size, if used.
+	 *
+	 * @return		key size, in bytes, 0 if not used
+	 */
+	size_t (*get_encr_key_size)(tls_aead_t *this);
+
+	/**
+	 * Get the size of implicit IV (or AEAD salt), if used.
+	 *
+	 * @return		IV/salt size, in bytes, 0 if not used
+	 */
+	size_t (*get_iv_size)(tls_aead_t *this);
+
+	/**
+	 * Set the keys used by an AEAD transform.
+	 *
+	 * @param mac		authentication key, if used
+	 * @param encr		encryption key, if used
+	 * @param iv		initial implicit IV or AEAD salt, if any
+	 * @return			TRUE if key valid and set
+	 */
+	bool (*set_keys)(tls_aead_t *this, chunk_t mac, chunk_t ecnr, chunk_t iv);
+
+	/**
+	 * Destroy a tls_aead_t.
+	 */
+	void (*destroy)(tls_aead_t *this);
+};
+
+/**
+ * Create a tls_aead instance using traditional transforms, explicit IV.
+ *
+ * An explicit IV means that the IV is prepended to each TLS record. This is
+ * the mechanism used in TLS 1.1 and newer.
+ *
+ * @param mac			integrity protection algorithm
+ * @param encr			encryption algorithm
+ * @param encr_size		encryption key size, in bytes
+ * @return				TLS AEAD transform
+ */
+tls_aead_t *tls_aead_create_explicit(integrity_algorithm_t mac,
+								encryption_algorithm_t encr, size_t encr_size);
+
+/**
+ * Create a tls_aead instance using traditional transforms, implicit IV.
+ *
+ * An implicit IV uses a first IV derived from the TLS keymat, which then
+ * gets replaced by the last encrypted records tail. This is the mechanism
+ * used for TLS 1.0 and older.
+ *
+ * @param mac			integrity protection algorithm
+ * @param encr			encryption algorithm
+ * @param encr_size		encryption key size, in bytes
+ * @return				TLS AEAD transform
+ */
+tls_aead_t *tls_aead_create_implicit(integrity_algorithm_t mac,
+								encryption_algorithm_t encr, size_t encr_size);
+
+/**
+ * Create a tls_aead instance using NULL encryption.
+ *
+ * As no IV is involved with null encryption, this AEAD works with any
+ * version of TLS.
+ *
+ * @param mac			integrity protection algorithm
+ * @return				TLS AEAD transform
+ */
+tls_aead_t *tls_aead_create_null(integrity_algorithm_t mac);
+
+/**
+ * Create a tls_aead instance using real a AEAD cipher.
+ *
+ * @param encr			AEAD encryption algorithm
+ * @param encr_size		encryption key size, in bytes
+ * @return				TLS AEAD transform
+ */
+tls_aead_t *tls_aead_create_aead(encryption_algorithm_t encr, size_t encr_size);
+
+#endif /** TLS_AEAD_H_ @}*/
diff --git a/src/libtls/tls_aead_expl.c b/src/libtls/tls_aead_expl.c
new file mode 100644
index 000000000..5e4d33e14
--- /dev/null
+++ b/src/libtls/tls_aead_expl.c
@@ -0,0 +1,222 @@
+/*
+ * Copyright (C) 2014 Martin Willi
+ * Copyright (C) 2014 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "tls_aead.h"
+
+#include <crypto/iv/iv_gen_rand.h>
+
+typedef struct private_tls_aead_t private_tls_aead_t;
+
+/**
+ * Private data of an tls_aead_t object.
+ */
+struct private_tls_aead_t {
+
+	/**
+	 * Public tls_aead_t interface.
+	 */
+	tls_aead_t public;
+
+	/**
+	 * traditional crypter
+	 */
+	crypter_t *crypter;
+
+	/**
+	 * traditional signer
+	 */
+	signer_t *signer;
+
+	/**
+	 * IV generator
+	 */
+	iv_gen_t *iv_gen;
+};
+
+/**
+ * Associated header data to create signature over
+ */
+typedef struct __attribute__((__packed__)) {
+	u_int64_t seq;
+	u_int8_t type;
+	u_int16_t version;
+	u_int16_t length;
+} sigheader_t;
+
+METHOD(tls_aead_t, encrypt, bool,
+	private_tls_aead_t *this, tls_version_t version, tls_content_type_t type,
+	u_int64_t seq, chunk_t *data)
+{
+	chunk_t assoc, mac, padding, iv;
+	u_int8_t bs, padlen;
+	sigheader_t hdr;
+
+	hdr.type = type;
+	htoun64(&hdr.seq, seq);
+	htoun16(&hdr.version, version);
+	htoun16(&hdr.length, data->len);
+
+	assoc = chunk_from_thing(hdr);
+	if (!this->signer->get_signature(this->signer, assoc, NULL) ||
+		!this->signer->allocate_signature(this->signer, *data, &mac))
+	{
+		return FALSE;
+	}
+	bs = this->crypter->get_block_size(this->crypter);
+	padlen = pad_len(data->len + mac.len + 1, bs);
+
+	padding = chunk_alloca(padlen);
+	memset(padding.ptr, padlen, padding.len);
+
+	/* TLSv1.1 uses random IVs, prepended to record */
+	iv.len = this->crypter->get_iv_size(this->crypter);
+	iv = chunk_alloca(iv.len);
+	if (!this->iv_gen->get_iv(this->iv_gen, seq, iv.len, iv.ptr))
+	{
+		return FALSE;
+	}
+	*data = chunk_cat("mmcc", *data, mac, padding, chunk_from_thing(padlen));
+	/* encrypt inline */
+	if (!this->crypter->encrypt(this->crypter, *data, iv, NULL))
+	{
+		free(data->ptr);
+		return FALSE;
+	}
+	/* prepend IV */
+	*data = chunk_cat("cm", iv, *data);
+	return TRUE;
+}
+
+METHOD(tls_aead_t, decrypt, bool,
+	private_tls_aead_t *this, tls_version_t version, tls_content_type_t type,
+	u_int64_t seq, chunk_t *data)
+{
+	chunk_t assoc, mac, iv;
+	u_int8_t bs, padlen;
+	sigheader_t hdr;
+
+	iv.len = this->crypter->get_iv_size(this->crypter);
+	if (data->len < iv.len)
+	{
+		return FALSE;
+	}
+	iv.ptr = data->ptr;
+	*data = chunk_skip(*data, iv.len);
+	bs = this->crypter->get_block_size(this->crypter);
+	if (data->len < bs || data->len % bs)
+	{
+		return FALSE;
+	}
+	if (!this->crypter->decrypt(this->crypter, *data, iv, NULL))
+	{
+		return FALSE;
+	}
+	padlen = data->ptr[data->len - 1];
+	if (padlen < data->len)
+	{	/* If padding looks valid, remove it */
+		data->len -= padlen + 1;
+	}
+
+	bs = this->signer->get_block_size(this->signer);
+	if (data->len < bs)
+	{
+		return FALSE;
+	}
+	mac = chunk_skip(*data, data->len - bs);
+	data->len -= bs;
+
+	hdr.type = type;
+	htoun64(&hdr.seq, seq);
+	htoun16(&hdr.version, version);
+	htoun16(&hdr.length, data->len);
+
+	assoc = chunk_from_thing(hdr);
+	if (!this->signer->get_signature(this->signer, assoc, NULL) ||
+		!this->signer->verify_signature(this->signer, *data, mac))
+	{
+		return FALSE;
+	}
+	return TRUE;
+}
+
+METHOD(tls_aead_t, get_mac_key_size, size_t,
+	private_tls_aead_t *this)
+{
+	return this->signer->get_key_size(this->signer);
+}
+
+METHOD(tls_aead_t, get_encr_key_size, size_t,
+	private_tls_aead_t *this)
+{
+	return this->crypter->get_key_size(this->crypter);
+}
+
+METHOD(tls_aead_t, get_iv_size, size_t,
+	private_tls_aead_t *this)
+{
+	return 0;
+}
+
+METHOD(tls_aead_t, set_keys, bool,
+	private_tls_aead_t *this, chunk_t mac, chunk_t encr, chunk_t iv)
+{
+	if (iv.len)
+	{
+		return FALSE;
+	}
+	return this->signer->set_key(this->signer, mac) &&
+		   this->crypter->set_key(this->crypter, encr);
+}
+
+METHOD(tls_aead_t, destroy, void,
+	private_tls_aead_t *this)
+{
+	this->iv_gen->destroy(this->iv_gen);
+	DESTROY_IF(this->crypter);
+	DESTROY_IF(this->signer);
+	free(this);
+}
+
+/**
+ * See header
+ */
+tls_aead_t *tls_aead_create_explicit(integrity_algorithm_t mac,
+								encryption_algorithm_t encr, size_t encr_size)
+{
+	private_tls_aead_t *this;
+
+	INIT(this,
+		.public = {
+			.encrypt = _encrypt,
+			.decrypt = _decrypt,
+			.get_mac_key_size = _get_mac_key_size,
+			.get_encr_key_size = _get_encr_key_size,
+			.get_iv_size = _get_iv_size,
+			.set_keys = _set_keys,
+			.destroy = _destroy,
+		},
+		.crypter = lib->crypto->create_crypter(lib->crypto, encr, encr_size),
+		.signer = lib->crypto->create_signer(lib->crypto, mac),
+		.iv_gen = iv_gen_rand_create(),
+	);
+
+	if (!this->crypter || !this->signer)
+	{
+		destroy(this);
+		return NULL;
+	}
+
+	return &this->public;
+}
diff --git a/src/libtls/tls_aead_impl.c b/src/libtls/tls_aead_impl.c
new file mode 100644
index 000000000..fb14026e0
--- /dev/null
+++ b/src/libtls/tls_aead_impl.c
@@ -0,0 +1,214 @@
+/*
+ * Copyright (C) 2014 Martin Willi
+ * Copyright (C) 2014 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "tls_aead.h"
+
+typedef struct private_tls_aead_t private_tls_aead_t;
+
+/**
+ * Private data of an tls_aead_t object.
+ */
+struct private_tls_aead_t {
+
+	/**
+	 * Public tls_aead_t interface.
+	 */
+	tls_aead_t public;
+
+	/**
+	 * traditional crypter
+	 */
+	crypter_t *crypter;
+
+	/**
+	 * traditional signer
+	 */
+	signer_t *signer;
+
+	/**
+	 * Next implicit IV
+	 */
+	chunk_t iv;
+};
+
+/**
+ * Associated header data to create signature over
+ */
+typedef struct __attribute__((__packed__)) {
+	u_int64_t seq;
+	u_int8_t type;
+	u_int16_t version;
+	u_int16_t length;
+} sigheader_t;
+
+METHOD(tls_aead_t, encrypt, bool,
+	private_tls_aead_t *this, tls_version_t version,
+	tls_content_type_t type, u_int64_t seq, chunk_t *data)
+{
+	chunk_t assoc, mac, padding;
+	u_int8_t bs, padlen;
+	sigheader_t hdr;
+
+	hdr.type = type;
+	htoun64(&hdr.seq, seq);
+	htoun16(&hdr.version, version);
+	htoun16(&hdr.length, data->len);
+
+	assoc = chunk_from_thing(hdr);
+	if (!this->signer->get_signature(this->signer, assoc, NULL) ||
+		!this->signer->allocate_signature(this->signer, *data, &mac))
+	{
+		return FALSE;
+	}
+	bs = this->crypter->get_block_size(this->crypter);
+	padlen = pad_len(data->len + mac.len + 1, bs);
+
+	padding = chunk_alloca(padlen);
+	memset(padding.ptr, padlen, padding.len);
+
+	*data = chunk_cat("mmcc", *data, mac, padding, chunk_from_thing(padlen));
+	/* encrypt inline */
+	if (!this->crypter->encrypt(this->crypter, *data, this->iv, NULL))
+	{
+		return FALSE;
+	}
+	if (data->len < this->iv.len)
+	{
+		return FALSE;
+	}
+	/* next record IV is last ciphertext block of this record */
+	memcpy(this->iv.ptr, data->ptr + data->len - this->iv.len, this->iv.len);
+	return TRUE;
+}
+
+METHOD(tls_aead_t, decrypt, bool,
+	private_tls_aead_t *this, tls_version_t version,
+	tls_content_type_t type, u_int64_t seq, chunk_t *data)
+{
+	chunk_t assoc, mac, iv;
+	u_int8_t bs, padlen;
+	sigheader_t hdr;
+
+	bs = this->crypter->get_block_size(this->crypter);
+	if (data->len < bs || data->len < this->iv.len || data->len % bs)
+	{
+		return FALSE;
+	}
+	iv = chunk_alloca(this->iv.len);
+	memcpy(iv.ptr, this->iv.ptr, this->iv.len);
+	memcpy(this->iv.ptr, data->ptr + data->len - this->iv.len, this->iv.len);
+	if (!this->crypter->decrypt(this->crypter, *data, iv, NULL))
+	{
+		return FALSE;
+	}
+	padlen = data->ptr[data->len - 1];
+	if (padlen < data->len)
+	{	/* If padding looks valid, remove it */
+		data->len -= padlen + 1;
+	}
+
+	bs = this->signer->get_block_size(this->signer);
+	if (data->len < bs)
+	{
+		return FALSE;
+	}
+	mac = chunk_skip(*data, data->len - bs);
+	data->len -= bs;
+
+	hdr.type = type;
+	htoun64(&hdr.seq, seq);
+	htoun16(&hdr.version, version);
+	htoun16(&hdr.length, data->len);
+
+	assoc = chunk_from_thing(hdr);
+	if (!this->signer->get_signature(this->signer, assoc, NULL) ||
+		!this->signer->verify_signature(this->signer, *data, mac))
+	{
+		return FALSE;
+	}
+	return TRUE;
+}
+
+METHOD(tls_aead_t, get_mac_key_size, size_t,
+	private_tls_aead_t *this)
+{
+	return this->signer->get_key_size(this->signer);
+}
+
+METHOD(tls_aead_t, get_encr_key_size, size_t,
+	private_tls_aead_t *this)
+{
+	return this->crypter->get_key_size(this->crypter);
+}
+
+METHOD(tls_aead_t, get_iv_size, size_t,
+	private_tls_aead_t *this)
+{
+	return this->iv.len;
+}
+
+METHOD(tls_aead_t, set_keys, bool,
+	private_tls_aead_t *this, chunk_t mac, chunk_t encr, chunk_t iv)
+{
+	if (iv.len != this->iv.len)
+	{
+		return FALSE;
+	}
+	memcpy(this->iv.ptr, iv.ptr, this->iv.len);
+	return this->signer->set_key(this->signer, mac) &&
+		   this->crypter->set_key(this->crypter, encr);
+}
+
+METHOD(tls_aead_t, destroy, void,
+	private_tls_aead_t *this)
+{
+	DESTROY_IF(this->crypter);
+	DESTROY_IF(this->signer);
+	chunk_free(&this->iv);
+	free(this);
+}
+
+/**
+ * See header
+ */
+tls_aead_t *tls_aead_create_implicit(integrity_algorithm_t mac,
+								encryption_algorithm_t encr, size_t encr_size)
+{
+	private_tls_aead_t *this;
+
+	INIT(this,
+		.public = {
+			.encrypt = _encrypt,
+			.decrypt = _decrypt,
+			.get_mac_key_size = _get_mac_key_size,
+			.get_encr_key_size = _get_encr_key_size,
+			.get_iv_size = _get_iv_size,
+			.set_keys = _set_keys,
+			.destroy = _destroy,
+		},
+		.crypter = lib->crypto->create_crypter(lib->crypto, encr, encr_size),
+		.signer = lib->crypto->create_signer(lib->crypto, mac),
+	);
+
+	if (!this->crypter || !this->signer)
+	{
+		destroy(this);
+		return NULL;
+	}
+
+	this->iv = chunk_alloc(this->crypter->get_iv_size(this->crypter));
+
+	return &this->public;
+}
diff --git a/src/libtls/tls_aead_null.c b/src/libtls/tls_aead_null.c
new file mode 100644
index 000000000..595b64000
--- /dev/null
+++ b/src/libtls/tls_aead_null.c
@@ -0,0 +1,159 @@
+/*
+ * Copyright (C) 2014 Martin Willi
+ * Copyright (C) 2014 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "tls_aead.h"
+
+typedef struct private_tls_aead_t private_tls_aead_t;
+
+/**
+ * Private data of an tls_aead_t object.
+ */
+struct private_tls_aead_t {
+
+	/**
+	 * Public tls_aead_t interface.
+	 */
+	tls_aead_t public;
+
+	/**
+	 * traditional signer
+	 */
+	signer_t *signer;
+};
+
+/**
+ * Associated header data to create signature over
+ */
+typedef struct __attribute__((__packed__)) {
+	u_int64_t seq;
+	u_int8_t type;
+	u_int16_t version;
+	u_int16_t length;
+} sigheader_t;
+
+METHOD(tls_aead_t, encrypt, bool,
+	private_tls_aead_t *this, tls_version_t version,
+	tls_content_type_t type, u_int64_t seq, chunk_t *data)
+{
+	chunk_t assoc, mac;
+	sigheader_t hdr;
+
+	hdr.type = type;
+	htoun64(&hdr.seq, seq);
+	htoun16(&hdr.version, version);
+	htoun16(&hdr.length, data->len);
+
+	assoc = chunk_from_thing(hdr);
+	if (!this->signer->get_signature(this->signer, assoc, NULL) ||
+		!this->signer->allocate_signature(this->signer, *data, &mac))
+	{
+		return FALSE;
+	}
+	*data = chunk_cat("mm", *data, mac);
+	return TRUE;
+}
+
+METHOD(tls_aead_t, decrypt, bool,
+	private_tls_aead_t *this, tls_version_t version,
+	tls_content_type_t type, u_int64_t seq, chunk_t *data)
+{
+	chunk_t assoc, mac;
+	sigheader_t hdr;
+
+	mac.len = this->signer->get_block_size(this->signer);
+	if (data->len < mac.len)
+	{
+		return FALSE;
+	}
+	mac = chunk_skip(*data, data->len - mac.len);
+	data->len -= mac.len;
+
+	hdr.type = type;
+	htoun64(&hdr.seq, seq);
+	htoun16(&hdr.version, version);
+	htoun16(&hdr.length, data->len);
+
+	assoc = chunk_from_thing(hdr);
+	if (!this->signer->get_signature(this->signer, assoc, NULL) ||
+		!this->signer->verify_signature(this->signer, *data, mac))
+	{
+		return FALSE;
+	}
+	return TRUE;
+}
+
+METHOD(tls_aead_t, get_mac_key_size, size_t,
+	private_tls_aead_t *this)
+{
+	return this->signer->get_key_size(this->signer);
+}
+
+METHOD(tls_aead_t, get_encr_key_size, size_t,
+	private_tls_aead_t *this)
+{
+	return 0;
+}
+
+METHOD(tls_aead_t, get_iv_size, size_t,
+	private_tls_aead_t *this)
+{
+	return 0;
+}
+
+METHOD(tls_aead_t, set_keys, bool,
+	private_tls_aead_t *this, chunk_t mac, chunk_t encr, chunk_t iv)
+{
+	if (iv.len || encr.len)
+	{
+		return FALSE;
+	}
+	return this->signer->set_key(this->signer, mac);
+}
+
+METHOD(tls_aead_t, destroy, void,
+	private_tls_aead_t *this)
+{
+	this->signer->destroy(this->signer);
+	free(this);
+}
+
+/**
+ * See header
+ */
+tls_aead_t *tls_aead_create_null(integrity_algorithm_t alg)
+{
+	private_tls_aead_t *this;
+
+	INIT(this,
+		.public = {
+			.encrypt = _encrypt,
+			.decrypt = _decrypt,
+			.get_mac_key_size = _get_mac_key_size,
+			.get_encr_key_size = _get_encr_key_size,
+			.get_iv_size = _get_iv_size,
+			.set_keys = _set_keys,
+			.destroy = _destroy,
+		},
+		.signer = lib->crypto->create_signer(lib->crypto, alg),
+	);
+
+	if (!this->signer)
+	{
+		free(this);
+		return NULL;
+	}
+
+	return &this->public;
+}
diff --git a/src/libtls/tls_crypto.c b/src/libtls/tls_crypto.c
index cc73ebaeb..4f67b20d6 100644
--- a/src/libtls/tls_crypto.c
+++ b/src/libtls/tls_crypto.c
@@ -1,6 +1,6 @@
 /*
- * Copyright (C) 2010 Martin Willi
- * Copyright (C) 2010 revosec AG
+ * Copyright (C) 2010-2014 Martin Willi
+ * Copyright (C) 2010-2014 revosec AG
  *
  * This program is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License as published by the
@@ -16,6 +16,7 @@
 #include "tls_crypto.h"
 
 #include <utils/debug.h>
+#include <plugins/plugin_feature.h>
 
 ENUM_BEGIN(tls_cipher_suite_names, TLS_NULL_WITH_NULL_NULL,
 								   TLS_DH_anon_WITH_3DES_EDE_CBC_SHA,
@@ -80,7 +81,7 @@ ENUM_NEXT(tls_cipher_suite_names, TLS_KRB5_WITH_DES_CBC_SHA,
 	"TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
 	"TLS_DH_anon_WITH_AES_256_CBC_SHA",
 	"TLS_RSA_WITH_NULL_SHA256",
-	"TLS_RSA_WITH_AES_128_CBC_SHA256 ",
+	"TLS_RSA_WITH_AES_128_CBC_SHA256",
 	"TLS_RSA_WITH_AES_256_CBC_SHA256",
 	"TLS_DH_DSS_WITH_AES_128_CBC_SHA256",
 	"TLS_DH_RSA_WITH_AES_128_CBC_SHA256",
@@ -111,13 +112,13 @@ ENUM_NEXT(tls_cipher_suite_names, TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
 	"TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA",
 	"TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA",
 	"TLS_PSK_WITH_RC4_128_SHA",
-	"TLS_PSK_WITH_3DES_EDE_CBC_SHA2",
+	"TLS_PSK_WITH_3DES_EDE_CBC_SHA",
 	"TLS_PSK_WITH_AES_128_CBC_SHA",
 	"TLS_PSK_WITH_AES_256_CBC_SHA",
 	"TLS_DHE_PSK_WITH_RC4_128_SHA",
 	"TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA",
 	"TLS_DHE_PSK_WITH_AES_128_CBC_SHA",
-	"TLS_DHE_PSK_WITH_AES_256_CBC_SHA2",
+	"TLS_DHE_PSK_WITH_AES_256_CBC_SHA",
 	"TLS_RSA_PSK_WITH_RC4_128_SHA",
 	"TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA",
 	"TLS_RSA_PSK_WITH_AES_128_CBC_SHA",
@@ -385,34 +386,14 @@ struct private_tls_crypto_t {
 	tls_prf_t *prf;
 
 	/**
-	 * Signer instance for inbound traffic
+	 * AEAD transform for inbound traffic
 	 */
-	signer_t *signer_in;
+	tls_aead_t *aead_in;
 
 	/**
-	 * Signer instance for outbound traffic
+	 * AEAD transform for outbound traffic
 	 */
-	signer_t *signer_out;
-
-	/**
-	 * Crypter instance for inbound traffic
-	 */
-	crypter_t *crypter_in;
-
-	/**
-	 * Crypter instance for outbound traffic
-	 */
-	crypter_t *crypter_out;
-
-	/**
-	 * IV for input decryption, if < TLSv1.2
-	 */
-	chunk_t iv_in;
-
-	/**
-	 * IV for output decryption, if < TLSv1.2
-	 */
-	chunk_t iv_out;
+	tls_aead_t *aead_out;
 
 	/**
 	 * EAP-[T]TLS MSK
@@ -460,6 +441,16 @@ static suite_algs_t suite_algs[] = {
 		HASH_SHA384, PRF_HMAC_SHA2_384,
 		AUTH_HMAC_SHA2_384_384, ENCR_AES_CBC, 32
 	},
+	{ TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+		KEY_ECDSA, ECP_256_BIT,
+		HASH_SHA256, PRF_HMAC_SHA2_256,
+		AUTH_UNDEFINED, ENCR_AES_GCM_ICV16, 16
+	},
+	{ TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+		KEY_ECDSA, ECP_384_BIT,
+		HASH_SHA384, PRF_HMAC_SHA2_384,
+		AUTH_UNDEFINED, ENCR_AES_GCM_ICV16, 32
+	},
 	{ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
 		KEY_RSA, ECP_256_BIT,
 		HASH_SHA256, PRF_HMAC_SHA2_256,
@@ -480,6 +471,16 @@ static suite_algs_t suite_algs[] = {
 		HASH_SHA384, PRF_HMAC_SHA2_384,
 		AUTH_HMAC_SHA2_384_384, ENCR_AES_CBC, 32
 	},
+	{ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+		KEY_RSA, ECP_256_BIT,
+		HASH_SHA256, PRF_HMAC_SHA2_256,
+		AUTH_UNDEFINED, ENCR_AES_GCM_ICV16, 16
+	},
+	{ TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+		KEY_RSA, ECP_384_BIT,
+		HASH_SHA384, PRF_HMAC_SHA2_384,
+		AUTH_UNDEFINED, ENCR_AES_GCM_ICV16, 32
+	},
 	{ TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
 		KEY_RSA, MODP_2048_BIT,
 		HASH_SHA256,PRF_HMAC_SHA2_256,
@@ -500,6 +501,16 @@ static suite_algs_t suite_algs[] = {
 		HASH_SHA256, PRF_HMAC_SHA2_256,
 		AUTH_HMAC_SHA2_256_256, ENCR_AES_CBC, 32
 	},
+	{ TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
+		KEY_RSA, MODP_3072_BIT,
+		HASH_SHA256, PRF_HMAC_SHA2_256,
+		AUTH_UNDEFINED, ENCR_AES_GCM_ICV16, 16
+	},
+	{ TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
+		KEY_RSA, MODP_4096_BIT,
+		HASH_SHA384, PRF_HMAC_SHA2_384,
+		AUTH_UNDEFINED, ENCR_AES_GCM_ICV16, 32
+	},
 	{ TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
 		KEY_RSA, MODP_2048_BIT,
 		HASH_SHA256, PRF_HMAC_SHA2_256,
@@ -545,6 +556,16 @@ static suite_algs_t suite_algs[] = {
 		HASH_SHA256, PRF_HMAC_SHA2_256,
 		AUTH_HMAC_SHA2_256_256, ENCR_AES_CBC, 32
 	},
+	{ TLS_RSA_WITH_AES_128_GCM_SHA256,
+		KEY_RSA, MODP_NONE,
+		HASH_SHA256, PRF_HMAC_SHA2_256,
+		AUTH_UNDEFINED, ENCR_AES_GCM_ICV16, 16
+	},
+	{ TLS_RSA_WITH_AES_256_GCM_SHA384,
+		KEY_RSA, MODP_NONE,
+		HASH_SHA384, PRF_HMAC_SHA2_384,
+		AUTH_UNDEFINED, ENCR_AES_GCM_ICV16, 32
+	},
 	{ TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
 		KEY_RSA, MODP_NONE,
 		HASH_SHA256, PRF_HMAC_SHA2_256,
@@ -627,8 +648,7 @@ static suite_algs_t *find_suite(tls_cipher_suite_t suite)
 /**
  * Filter a suite list using a transform enumerator
  */
-static void filter_suite(private_tls_crypto_t *this,
-						 suite_algs_t suites[], int *count, int offset,
+static void filter_suite(suite_algs_t suites[], int *count, int offset,
 						 enumerator_t*(*create_enumerator)(crypto_factory_t*))
 {
 	const char *plugin_name;
@@ -641,21 +661,56 @@ static void filter_suite(private_tls_crypto_t *this,
 
 	for (i = 0; i < *count; i++)
 	{
+		if (create_enumerator == lib->crypto->create_crypter_enumerator &&
+			encryption_algorithm_is_aead(suites[i].encr))
+		{	/* filtering crypters, but current suite uses an AEAD, apply */
+			suites[remaining] = suites[i];
+			remaining++;
+			continue;
+		}
+		if (create_enumerator == lib->crypto->create_aead_enumerator &&
+			!encryption_algorithm_is_aead(suites[i].encr))
+		{	/* filtering AEADs, but current suite doesn't use one, apply */
+			suites[remaining] = suites[i];
+			remaining++;
+			continue;
+		}
 		enumerator = create_enumerator(lib->crypto);
 		while (enumerator->enumerate(enumerator, current_alg, &plugin_name))
 		{
-			if ((suites[i].encr == ENCR_NULL ||
-				 !current.encr || current.encr == suites[i].encr) &&
-				(!current.mac  || current.mac  == suites[i].mac) &&
-				(!current.prf  || current.prf  == suites[i].prf) &&
-				(!current.hash || current.hash == suites[i].hash) &&
-				(suites[i].dh == MODP_NONE ||
-				 !current.dh   || current.dh   == suites[i].dh))
+			if (current.encr && current.encr != suites[i].encr)
 			{
-				suites[remaining] = suites[i];
-				remaining++;
-				break;
+				if (suites[i].encr != ENCR_NULL)
+				{	/* skip, ENCR does not match nor is NULL */
+					continue;
+				}
 			}
+			if (current.mac && current.mac != suites[i].mac)
+			{
+				if (suites[i].mac != AUTH_UNDEFINED)
+				{	/* skip, MAC does not match nor is it undefined */
+					continue;
+				}
+			}
+			if (current.prf && current.prf != suites[i].prf)
+			{	/* skip, PRF does not match */
+				continue;
+			}
+			if (current.hash && current.hash != suites[i].hash)
+			{	/* skip, hash does not match */
+				continue;
+			}
+			if (current.dh && current.dh != suites[i].dh)
+			{
+				if (suites[i].dh != MODP_NONE)
+				{	/* skip DH group, does not match nor NONE */
+					continue;
+				}
+			}
+			/* suite supported, apply */
+			suites[remaining] = suites[i];
+			remaining++;
+			break;
 		}
 		enumerator->destroy(enumerator);
 	}
@@ -665,8 +720,7 @@ static void filter_suite(private_tls_crypto_t *this,
 /**
  * Purge NULL encryption cipher suites from list
  */
-static void filter_null_suites(private_tls_crypto_t *this,
-							   suite_algs_t suites[], int *count)
+static void filter_null_suites(suite_algs_t suites[], int *count)
 {
 	int i, remaining = 0;
 
@@ -789,6 +843,20 @@ static void filter_cipher_config_suites(private_tls_crypto_t *this,
 					suites[remaining++] = suites[i];
 					break;
 				}
+				if (strcaseeq(token, "aes128gcm") &&
+					suites[i].encr == ENCR_AES_GCM_ICV16 &&
+					suites[i].encr_size == 16)
+				{
+					suites[remaining++] = suites[i];
+					break;
+				}
+				if (strcaseeq(token, "aes256gcm") &&
+					suites[i].encr == ENCR_AES_GCM_ICV16 &&
+					suites[i].encr_size == 32)
+				{
+					suites[remaining++] = suites[i];
+					break;
+				}
 				if (strcaseeq(token, "camellia128") &&
 					suites[i].encr == ENCR_CAMELLIA_CBC &&
 					suites[i].encr_size == 16)
@@ -905,6 +973,26 @@ static void filter_specific_config_suites(private_tls_crypto_t *this,
 }
 
 /**
+ * Filter out unsupported suites on given suite array
+ */
+static void filter_unsupported_suites(suite_algs_t suites[], int *count)
+{
+	/* filter suite list by each algorithm */
+	filter_suite(suites, count, offsetof(suite_algs_t, encr),
+				 lib->crypto->create_crypter_enumerator);
+	filter_suite(suites, count, offsetof(suite_algs_t, encr),
+				 lib->crypto->create_aead_enumerator);
+	filter_suite(suites, count, offsetof(suite_algs_t, mac),
+				 lib->crypto->create_signer_enumerator);
+	filter_suite(suites, count, offsetof(suite_algs_t, prf),
+				 lib->crypto->create_prf_enumerator);
+	filter_suite(suites, count, offsetof(suite_algs_t, hash),
+				 lib->crypto->create_hasher_enumerator);
+	filter_suite(suites, count, offsetof(suite_algs_t, dh),
+				 lib->crypto->create_dh_enumerator);
+}
+
+/**
  * Initialize the cipher suite list
  */
 static void build_cipher_suite_list(private_tls_crypto_t *this,
@@ -918,9 +1006,10 @@ static void build_cipher_suite_list(private_tls_crypto_t *this,
 	{
 		suites[i] = suite_algs[i];
 	}
+
 	if (require_encryption)
 	{
-		filter_null_suites(this, suites, &count);
+		filter_null_suites(suites, &count);
 	}
 	if (!this->rsa)
 	{
@@ -931,17 +1020,7 @@ static void build_cipher_suite_list(private_tls_crypto_t *this,
 		filter_key_suites(this, suites, &count, KEY_ECDSA);
 	}
 
-	/* filter suite list by each algorithm */
-	filter_suite(this, suites, &count, offsetof(suite_algs_t, encr),
-				 lib->crypto->create_crypter_enumerator);
-	filter_suite(this, suites, &count, offsetof(suite_algs_t, mac),
-				 lib->crypto->create_signer_enumerator);
-	filter_suite(this, suites, &count, offsetof(suite_algs_t, prf),
-				 lib->crypto->create_prf_enumerator);
-	filter_suite(this, suites, &count, offsetof(suite_algs_t, hash),
-				 lib->crypto->create_hasher_enumerator);
-	filter_suite(this, suites, &count, offsetof(suite_algs_t, dh),
-				 lib->crypto->create_dh_enumerator);
+	filter_unsupported_suites(suites, &count);
 
 	/* filter suites with strongswan.conf options */
 	filter_key_exchange_config_suites(this, suites, &count);
@@ -969,10 +1048,82 @@ METHOD(tls_crypto_t, get_cipher_suites, int,
 }
 
 /**
+ * Create NULL encryption transforms
+ */
+static bool create_null(private_tls_crypto_t *this, suite_algs_t *algs)
+{
+	this->aead_in = tls_aead_create_null(algs->mac);
+	this->aead_out = tls_aead_create_null(algs->mac);
+	if (!this->aead_in || !this->aead_out)
+	{
+		DBG1(DBG_TLS, "selected TLS MAC %N not supported",
+			 integrity_algorithm_names, algs->mac);
+		return FALSE;
+	}
+	return TRUE;
+}
+
+/**
+ * Create traditional transforms
+ */
+static bool create_traditional(private_tls_crypto_t *this, suite_algs_t *algs)
+{
+	if (this->tls->get_version(this->tls) < TLS_1_1)
+	{
+		this->aead_in = tls_aead_create_implicit(algs->mac,
+								algs->encr, algs->encr_size);
+		this->aead_out = tls_aead_create_implicit(algs->mac,
+								algs->encr, algs->encr_size);
+	}
+	else
+	{
+		this->aead_in = tls_aead_create_explicit(algs->mac,
+								algs->encr, algs->encr_size);
+		this->aead_out = tls_aead_create_explicit(algs->mac,
+								algs->encr, algs->encr_size);
+	}
+	if (!this->aead_in || !this->aead_out)
+	{
+		DBG1(DBG_TLS, "selected TLS transforms %N-%u-%N not supported",
+			 encryption_algorithm_names, algs->encr, algs->encr_size * 8,
+			 integrity_algorithm_names, algs->mac);
+		return FALSE;
+	}
+	return TRUE;
+}
+
+/**
+ * Create AEAD transforms
+ */
+static bool create_aead(private_tls_crypto_t *this, suite_algs_t *algs)
+{
+	this->aead_in = tls_aead_create_aead(algs->encr, algs->encr_size);
+	this->aead_out = tls_aead_create_aead(algs->encr, algs->encr_size);
+	if (!this->aead_in || !this->aead_out)
+	{
+		DBG1(DBG_TLS, "selected TLS transforms %N-%u not supported",
+			 encryption_algorithm_names, algs->encr, algs->encr_size * 8);
+		return FALSE;
+	}
+	return TRUE;
+}
+
+/**
+ * Clean up and unset AEAD transforms
+ */
+static void destroy_aeads(private_tls_crypto_t *this)
+{
+	DESTROY_IF(this->aead_in);
+	DESTROY_IF(this->aead_out);
+	this->aead_in = this->aead_out = NULL;
+}
+
+/**
  * Create crypto primitives
  */
 static bool create_ciphers(private_tls_crypto_t *this, suite_algs_t *algs)
 {
+	destroy_aeads(this);
 	DESTROY_IF(this->prf);
 	if (this->tls->get_version(this->tls) < TLS_1_2)
 	{
@@ -987,38 +1138,29 @@ static bool create_ciphers(private_tls_crypto_t *this, suite_algs_t *algs)
 		DBG1(DBG_TLS, "selected TLS PRF not supported");
 		return FALSE;
 	}
-
-	DESTROY_IF(this->signer_in);
-	DESTROY_IF(this->signer_out);
-	this->signer_in = lib->crypto->create_signer(lib->crypto, algs->mac);
-	this->signer_out = lib->crypto->create_signer(lib->crypto, algs->mac);
-	if (!this->signer_in || !this->signer_out)
+	if (algs->encr == ENCR_NULL)
 	{
-		DBG1(DBG_TLS, "selected TLS MAC %N not supported",
-			 integrity_algorithm_names, algs->mac);
-		return FALSE;
+		if (create_null(this, algs))
+		{
+			return TRUE;
+		}
 	}
-
-	DESTROY_IF(this->crypter_in);
-	DESTROY_IF(this->crypter_out);
-	if (algs->encr == ENCR_NULL)
+	else if (encryption_algorithm_is_aead(algs->encr))
 	{
-		this->crypter_in = this->crypter_out = NULL;
+		if (create_aead(this, algs))
+		{
+			return TRUE;
+		}
 	}
 	else
 	{
-		this->crypter_in = lib->crypto->create_crypter(lib->crypto,
-												algs->encr, algs->encr_size);
-		this->crypter_out = lib->crypto->create_crypter(lib->crypto,
-												algs->encr, algs->encr_size);
-		if (!this->crypter_in || !this->crypter_out)
+		if (create_traditional(this, algs))
 		{
-			DBG1(DBG_TLS, "selected TLS crypter %N not supported",
-				 encryption_algorithm_names, algs->encr);
-			return FALSE;
+			return TRUE;
 		}
 	}
-	return TRUE;
+	destroy_aeads(this);
+	return FALSE;
 }
 
 METHOD(tls_crypto_t, select_cipher_suite, tls_cipher_suite_t,
@@ -1065,54 +1207,52 @@ METHOD(tls_crypto_t, get_dh_group, diffie_hellman_group_t,
 	return MODP_NONE;
 }
 
+/**
+ * Map signature schemes to TLS key types and hashes, ordered by preference
+ */
+static struct {
+	tls_signature_algorithm_t sig;
+	tls_hash_algorithm_t hash;
+	signature_scheme_t scheme;
+} schemes[] = {
+	{ TLS_SIG_ECDSA,	TLS_HASH_SHA256,	SIGN_ECDSA_WITH_SHA256_DER	},
+	{ TLS_SIG_ECDSA,	TLS_HASH_SHA384,	SIGN_ECDSA_WITH_SHA384_DER	},
+	{ TLS_SIG_ECDSA,	TLS_HASH_SHA512,	SIGN_ECDSA_WITH_SHA512_DER	},
+	{ TLS_SIG_ECDSA,	TLS_HASH_SHA1,		SIGN_ECDSA_WITH_SHA1_DER	},
+	{ TLS_SIG_RSA,		TLS_HASH_SHA256,	SIGN_RSA_EMSA_PKCS1_SHA256	},
+	{ TLS_SIG_RSA,		TLS_HASH_SHA384,	SIGN_RSA_EMSA_PKCS1_SHA384	},
+	{ TLS_SIG_RSA,		TLS_HASH_SHA512,	SIGN_RSA_EMSA_PKCS1_SHA512	},
+	{ TLS_SIG_RSA,		TLS_HASH_SHA224,	SIGN_RSA_EMSA_PKCS1_SHA224	},
+	{ TLS_SIG_RSA,		TLS_HASH_SHA1,		SIGN_RSA_EMSA_PKCS1_SHA1	},
+	{ TLS_SIG_RSA,		TLS_HASH_MD5,		SIGN_RSA_EMSA_PKCS1_MD5		},
+};
+
 METHOD(tls_crypto_t, get_signature_algorithms, void,
 	private_tls_crypto_t *this, bio_writer_t *writer)
 {
 	bio_writer_t *supported;
-	enumerator_t *enumerator;
-	hash_algorithm_t alg;
-	tls_hash_algorithm_t hash;
-	const char *plugin_name;
+	int i;
 
 	supported = bio_writer_create(32);
-	enumerator = lib->crypto->create_hasher_enumerator(lib->crypto);
-	while (enumerator->enumerate(enumerator, &alg, &plugin_name))
+
+	for (i = 0; i < countof(schemes); i++)
 	{
-		switch (alg)
+		if (schemes[i].sig == TLS_SIG_RSA && !this->rsa)
 		{
-			case HASH_MD5:
-				hash = TLS_HASH_MD5;
-				break;
-			case HASH_SHA1:
-				hash = TLS_HASH_SHA1;
-				break;
-			case HASH_SHA224:
-				hash = TLS_HASH_SHA224;
-				break;
-			case HASH_SHA256:
-				hash = TLS_HASH_SHA256;
-				break;
-			case HASH_SHA384:
-				hash = TLS_HASH_SHA384;
-				break;
-			case HASH_SHA512:
-				hash = TLS_HASH_SHA512;
-				break;
-			default:
-				continue;
+			continue;
 		}
-		if (this->rsa)
+		if (schemes[i].sig == TLS_SIG_ECDSA && !this->ecdsa)
 		{
-			supported->write_uint8(supported, hash);
-			supported->write_uint8(supported, TLS_SIG_RSA);
+			continue;
 		}
-		if (this->ecdsa && alg != HASH_MD5 && alg != HASH_SHA224)
-		{	/* currently we have no signature scheme for MD5/SHA224 */
-			supported->write_uint8(supported, hash);
-			supported->write_uint8(supported, TLS_SIG_ECDSA);
+		if (!lib->plugins->has_feature(lib->plugins,
+						PLUGIN_PROVIDE(PUBKEY_VERIFY, schemes[i].scheme)))
+		{
+			continue;
 		}
+		supported->write_uint8(supported, schemes[i].hash);
+		supported->write_uint8(supported, schemes[i].sig);
 	}
-	enumerator->destroy(enumerator);
 
 	supported->wrap16(supported);
 	writer->write_data16(writer, supported->get_buf(supported));
@@ -1120,6 +1260,29 @@ METHOD(tls_crypto_t, get_signature_algorithms, void,
 }
 
 /**
+ * Get the signature scheme from a TLS 1.2 hash/sig algorithm pair
+ */
+static signature_scheme_t hashsig_to_scheme(key_type_t type,
+											tls_hash_algorithm_t hash,
+											tls_signature_algorithm_t sig)
+{
+	int i;
+
+	if ((sig == TLS_SIG_RSA && type == KEY_RSA) ||
+		(sig == TLS_SIG_ECDSA && type == KEY_ECDSA))
+	{
+		for (i = 0; i < countof(schemes); i++)
+		{
+			if (schemes[i].sig == sig && schemes[i].hash == hash)
+			{
+				return schemes[i].scheme;
+			}
+		}
+	}
+	return SIGN_UNKNOWN;
+}
+
+/**
  * Mapping groups to TLS named curves
  */
 static struct {
@@ -1236,59 +1399,6 @@ static bool hash_data(private_tls_crypto_t *this, chunk_t data, chunk_t *hash)
 	return TRUE;
 }
 
-/**
- * Get the signature scheme from a TLS 1.2 hash/sig algorithm pair
- */
-static signature_scheme_t hashsig_to_scheme(key_type_t type,
-					tls_hash_algorithm_t hash, tls_signature_algorithm_t sig)
-{
-	switch (sig)
-	{
-		case TLS_SIG_RSA:
-			if (type != KEY_RSA)
-			{
-				return SIGN_UNKNOWN;
-			}
-			switch (hash)
-			{
-				case TLS_HASH_MD5:
-					return SIGN_RSA_EMSA_PKCS1_MD5;
-				case TLS_HASH_SHA1:
-					return SIGN_RSA_EMSA_PKCS1_SHA1;
-				case TLS_HASH_SHA224:
-					return SIGN_RSA_EMSA_PKCS1_SHA224;
-				case TLS_HASH_SHA256:
-					return SIGN_RSA_EMSA_PKCS1_SHA256;
-				case TLS_HASH_SHA384:
-					return SIGN_RSA_EMSA_PKCS1_SHA384;
-				case TLS_HASH_SHA512:
-					return SIGN_RSA_EMSA_PKCS1_SHA512;
-				default:
-					return SIGN_UNKNOWN;
-			}
-		case TLS_SIG_ECDSA:
-			if (type != KEY_ECDSA)
-			{
-				return SIGN_UNKNOWN;
-			}
-			switch (hash)
-			{
-				case TLS_HASH_SHA224:
-					return SIGN_ECDSA_WITH_SHA1_DER;
-				case TLS_HASH_SHA256:
-					return SIGN_ECDSA_WITH_SHA256_DER;
-				case TLS_HASH_SHA384:
-					return SIGN_ECDSA_WITH_SHA384_DER;
-				case TLS_HASH_SHA512:
-					return SIGN_ECDSA_WITH_SHA512_DER;
-				default:
-					return SIGN_UNKNOWN;
-			}
-		default:
-			return SIGN_UNKNOWN;
-	}
-}
-
 METHOD(tls_crypto_t, sign, bool,
 	private_tls_crypto_t *this, private_key_t *key, bio_writer_t *writer,
 	chunk_t data, chunk_t hashsig)
@@ -1512,93 +1622,63 @@ static bool derive_master(private_tls_crypto_t *this, chunk_t premaster,
 static bool expand_keys(private_tls_crypto_t *this,
 						chunk_t client_random, chunk_t server_random)
 {
-	chunk_t seed, block, client_write, server_write;
-	int mks, eks = 0, ivs = 0;
+	chunk_t seed, block;
+	chunk_t cw_mac, cw, cw_iv;
+	chunk_t sw_mac, sw, sw_iv;
+	int mklen, eklen, ivlen;
 
-	/* derive key block for key expansion */
-	mks = this->signer_out->get_key_size(this->signer_out);
-	if (this->crypter_out)
+	if (!this->aead_in || !this->aead_out)
 	{
-		eks = this->crypter_out->get_key_size(this->crypter_out);
-		if (this->tls->get_version(this->tls) < TLS_1_1)
-		{
-			ivs = this->crypter_out->get_iv_size(this->crypter_out);
-		}
+		return FALSE;
 	}
+
+	/* derive key block for key expansion */
+	mklen = this->aead_in->get_mac_key_size(this->aead_in);
+	eklen = this->aead_in->get_encr_key_size(this->aead_in);
+	ivlen = this->aead_in->get_iv_size(this->aead_in);
 	seed = chunk_cata("cc", server_random, client_random);
-	block = chunk_alloca((mks + eks + ivs) * 2);
+	block = chunk_alloca((mklen + eklen + ivlen) * 2);
 	if (!this->prf->get_bytes(this->prf, "key expansion", seed,
 							  block.len, block.ptr))
 	{
 		return FALSE;
 	}
 
-	/* signer keys */
-	client_write = chunk_create(block.ptr, mks);
-	block = chunk_skip(block, mks);
-	server_write = chunk_create(block.ptr, mks);
-	block = chunk_skip(block, mks);
+	/* client/server write signer keys */
+	cw_mac = chunk_create(block.ptr, mklen);
+	block = chunk_skip(block, mklen);
+	sw_mac = chunk_create(block.ptr, mklen);
+	block = chunk_skip(block, mklen);
+
+	/* client/server write encryption keys */
+	cw = chunk_create(block.ptr, eklen);
+	block = chunk_skip(block, eklen);
+	sw = chunk_create(block.ptr, eklen);
+	block = chunk_skip(block, eklen);
+
+	/* client/server write IV; TLS 1.0 implicit IVs or AEAD salt, if any */
+	cw_iv = chunk_create(block.ptr, ivlen);
+	block = chunk_skip(block, ivlen);
+	sw_iv = chunk_create(block.ptr, ivlen);
+	block = chunk_skip(block, ivlen);
+
 	if (this->tls->is_server(this->tls))
 	{
-		if (!this->signer_in->set_key(this->signer_in, client_write) ||
-			!this->signer_out->set_key(this->signer_out, server_write))
+		if (!this->aead_in->set_keys(this->aead_in, cw_mac, cw, cw_iv) ||
+			!this->aead_out->set_keys(this->aead_out, sw_mac, sw, sw_iv))
 		{
 			return FALSE;
 		}
 	}
 	else
 	{
-		if (!this->signer_out->set_key(this->signer_out, client_write) ||
-			!this->signer_in->set_key(this->signer_in, server_write))
+		if (!this->aead_out->set_keys(this->aead_out, cw_mac, cw, cw_iv) ||
+			!this->aead_in->set_keys(this->aead_in, sw_mac, sw, sw_iv))
 		{
 			return FALSE;
 		}
 	}
 
-	/* crypter keys, and IVs if < TLSv1.2 */
-	if (this->crypter_out && this->crypter_in)
-	{
-		client_write = chunk_create(block.ptr, eks);
-		block = chunk_skip(block, eks);
-		server_write = chunk_create(block.ptr, eks);
-		block = chunk_skip(block, eks);
-
-		if (this->tls->is_server(this->tls))
-		{
-			if (!this->crypter_in->set_key(this->crypter_in, client_write) ||
-				!this->crypter_out->set_key(this->crypter_out, server_write))
-			{
-				return FALSE;
-			}
-		}
-		else
-		{
-			if (!this->crypter_out->set_key(this->crypter_out, client_write) ||
-				!this->crypter_in->set_key(this->crypter_in, server_write))
-			{
-				return FALSE;
-			}
-		}
-		if (ivs)
-		{
-			client_write = chunk_create(block.ptr, ivs);
-			block = chunk_skip(block, ivs);
-			server_write = chunk_create(block.ptr, ivs);
-			block = chunk_skip(block, ivs);
-
-			if (this->tls->is_server(this->tls))
-			{
-				this->iv_in = chunk_clone(client_write);
-				this->iv_out = chunk_clone(server_write);
-			}
-			else
-			{
-				this->iv_out = chunk_clone(client_write);
-				this->iv_in = chunk_clone(server_write);
-			}
-		}
-	}
-
 	/* EAP-MSK */
 	if (this->msk_label)
 	{
@@ -1666,13 +1746,11 @@ METHOD(tls_crypto_t, change_cipher, void,
 	{
 		if (inbound)
 		{
-			this->protection->set_cipher(this->protection, TRUE,
-							this->signer_in, this->crypter_in, this->iv_in);
+			this->protection->set_cipher(this->protection, TRUE, this->aead_in);
 		}
 		else
 		{
-			this->protection->set_cipher(this->protection, FALSE,
-							this->signer_out, this->crypter_out, this->iv_out);
+			this->protection->set_cipher(this->protection, FALSE, this->aead_out);
 		}
 	}
 }
@@ -1686,12 +1764,7 @@ METHOD(tls_crypto_t, get_eap_msk, chunk_t,
 METHOD(tls_crypto_t, destroy, void,
 	private_tls_crypto_t *this)
 {
-	DESTROY_IF(this->signer_in);
-	DESTROY_IF(this->signer_out);
-	DESTROY_IF(this->crypter_in);
-	DESTROY_IF(this->crypter_out);
-	free(this->iv_in.ptr);
-	free(this->iv_out.ptr);
+	destroy_aeads(this);
 	free(this->handshake.ptr);
 	free(this->msk.ptr);
 	DESTROY_IF(this->prf);
@@ -1773,8 +1846,43 @@ tls_crypto_t *tls_crypto_create(tls_t *tls, tls_cache_t *cache)
 		case TLS_PURPOSE_GENERIC:
 			build_cipher_suite_list(this, TRUE);
 			break;
+		case TLS_PURPOSE_GENERIC_NULLOK:
+			build_cipher_suite_list(this, FALSE);
+			break;
 		default:
 			break;
 	}
 	return &this->public;
 }
+
+/**
+ * See header.
+ */
+int tls_crypto_get_supported_suites(bool null, tls_cipher_suite_t **out)
+{
+	suite_algs_t suites[countof(suite_algs)];
+	int count = countof(suite_algs), i;
+
+	/* initialize copy of suite list */
+	for (i = 0; i < count; i++)
+	{
+		suites[i] = suite_algs[i];
+	}
+
+	filter_unsupported_suites(suites, &count);
+
+	if (!null)
+	{
+		filter_null_suites(suites, &count);
+	}
+
+	if (out)
+	{
+		*out = calloc(count, sizeof(tls_cipher_suite_t));
+		for (i = 0; i < count; i++)
+		{
+			(*out)[i] = suites[i].suite;
+		}
+	}
+	return count;
+}
diff --git a/src/libtls/tls_crypto.h b/src/libtls/tls_crypto.h
index 5512b1f48..a42e07bb3 100644
--- a/src/libtls/tls_crypto.h
+++ b/src/libtls/tls_crypto.h
@@ -572,4 +572,13 @@ struct tls_crypto_t {
  */
 tls_crypto_t *tls_crypto_create(tls_t *tls, tls_cache_t *cache);
 
+/**
+ * Get a list of all supported TLS cipher suites.
+ *
+ * @param null			include supported NULL encryption suites
+ * @param suites		pointer to allocated suites array, to free(), or NULL
+ * @return				number of suites supported
+ */
+int tls_crypto_get_supported_suites(bool null, tls_cipher_suite_t **suites);
+
 #endif /** TLS_CRYPTO_H_ @}*/
diff --git a/src/libtls/tls_peer.c b/src/libtls/tls_peer.c
index b429da300..a95b40f55 100644
--- a/src/libtls/tls_peer.c
+++ b/src/libtls/tls_peer.c
@@ -80,6 +80,11 @@ struct private_tls_peer_t {
 	peer_state_t state;
 
 	/**
+	 * TLS version we offered in hello
+	 */
+	tls_version_t hello_version;
+
+	/**
 	 * Hello random data selected by client
 	 */
 	char client_random[32];
@@ -724,6 +729,7 @@ static status_t send_client_hello(private_tls_peer_t *this,
 
 	/* TLS version */
 	version = this->tls->get_version(this->tls);
+	this->hello_version = version;
 	writer->write_uint16(writer, version);
 	writer->write_data(writer, chunk_from_thing(this->client_random));
 
@@ -917,7 +923,7 @@ static status_t send_key_exchange_encrypt(private_tls_peer_t *this,
 		return NEED_MORE;
 	}
 	rng->destroy(rng);
-	htoun16(premaster, TLS_1_2);
+	htoun16(premaster, this->hello_version);
 
 	if (!this->crypto->derive_secrets(this->crypto, chunk_from_thing(premaster),
 									  this->session, this->server,
diff --git a/src/libtls/tls_protection.c b/src/libtls/tls_protection.c
index 0d5df18f7..b016db21f 100644
--- a/src/libtls/tls_protection.c
+++ b/src/libtls/tls_protection.c
@@ -45,74 +45,26 @@ struct private_tls_protection_t {
 	tls_alert_t *alert;
 
 	/**
-	 * RNG if we generate IVs ourself
-	 */
-	rng_t *rng;
-
-	/**
 	 * Sequence number of incoming records
 	 */
-	u_int32_t seq_in;
+	u_int64_t seq_in;
 
 	/**
 	 * Sequence number for outgoing records
 	 */
-	u_int32_t seq_out;
-
-	/**
-	 * Signer instance for inbound traffic
-	 */
-	signer_t *signer_in;
-
-	/**
-	 * Signer instance for outbound traffic
-	 */
-	signer_t *signer_out;
+	u_int64_t seq_out;
 
 	/**
-	 * Crypter instance for inbound traffic
+	 * AEAD transform for inbound traffic
 	 */
-	crypter_t *crypter_in;
+	tls_aead_t *aead_in;
 
 	/**
-	 * Crypter instance for outbound traffic
+	 * AEAD transform for outbound traffic
 	 */
-	crypter_t *crypter_out;
-
-	/**
-	 * Current IV for input decryption
-	 */
-	chunk_t iv_in;
-
-	/**
-	 * Current IV for output decryption
-	 */
-	chunk_t iv_out;
+	tls_aead_t *aead_out;
 };
 
-/**
- * Create the header and feed it into a signer for MAC verification
- */
-static bool sigheader(signer_t *signer, u_int32_t seq, u_int8_t type,
-					  u_int16_t version, u_int16_t length)
-{
-	/* we only support 32 bit sequence numbers, but TLS uses 64 bit */
-	struct __attribute__((__packed__)) {
-		u_int32_t seq_high;
-		u_int32_t seq_low;
-		u_int8_t type;
-		u_int16_t version;
-		u_int16_t length;
-	} header = {
-		.type = type,
-	};
-	htoun32(&header.seq_low, seq);
-	htoun16(&header.version, version);
-	htoun16(&header.length, length);
-
-	return signer->get_signature(signer, chunk_from_thing(header), NULL);
-}
-
 METHOD(tls_protection_t, process, status_t,
 	private_tls_protection_t *this, tls_content_type_t type, chunk_t data)
 {
@@ -121,75 +73,12 @@ METHOD(tls_protection_t, process, status_t,
 		return NEED_MORE;
 	}
 
-	if (this->crypter_in)
-	{
-		chunk_t iv, next_iv = chunk_empty;
-		u_int8_t bs, padding_length;
-
-		bs = this->crypter_in->get_block_size(this->crypter_in);
-		if (this->iv_in.len)
-		{	/* < TLSv1.1 uses IV from key derivation/last block */
-			if (data.len < bs || data.len % bs)
-			{
-				DBG1(DBG_TLS, "encrypted TLS record length invalid");
-				this->alert->add(this->alert, TLS_FATAL, TLS_BAD_RECORD_MAC);
-				return NEED_MORE;
-			}
-			iv = this->iv_in;
-			next_iv = chunk_clone(chunk_create(data.ptr + data.len - bs, bs));
-		}
-		else
-		{	/* TLSv1.1 uses random IVs, prepended to record */
-			iv.len = this->crypter_in->get_iv_size(this->crypter_in);
-			iv = chunk_create(data.ptr, iv.len);
-			data = chunk_skip(data, iv.len);
-			if (data.len < bs || data.len % bs)
-			{
-				DBG1(DBG_TLS, "encrypted TLS record length invalid");
-				this->alert->add(this->alert, TLS_FATAL, TLS_BAD_RECORD_MAC);
-				return NEED_MORE;
-			}
-		}
-		if (!this->crypter_in->decrypt(this->crypter_in, data, iv, NULL))
-		{
-			free(next_iv.ptr);
-			this->alert->add(this->alert, TLS_FATAL, TLS_BAD_RECORD_MAC);
-			return NEED_MORE;
-		}
-
-		if (next_iv.len)
-		{	/* next record IV is last ciphertext block of this record */
-			memcpy(this->iv_in.ptr, next_iv.ptr, next_iv.len);
-			free(next_iv.ptr);
-		}
-
-		padding_length = data.ptr[data.len - 1];
-		if (padding_length < data.len)
-		{	/* remove padding if it looks valid. Continue with no padding, try
-			 * to prevent timing attacks. */
-			data.len -= padding_length + 1;
-		}
-	}
-	if (this->signer_in)
+	if (this->aead_in)
 	{
-		chunk_t mac;
-		u_int8_t bs;
-
-		bs = this->signer_in->get_block_size(this->signer_in);
-		if (data.len < bs)
+		if (!this->aead_in->decrypt(this->aead_in, this->version,
+									type, this->seq_in, &data))
 		{
-			DBG1(DBG_TLS, "TLS record too short to verify MAC");
-			this->alert->add(this->alert, TLS_FATAL, TLS_BAD_RECORD_MAC);
-			return NEED_MORE;
-		}
-		mac = chunk_skip(data, data.len - bs);
-		data.len -= bs;
-
-		if (!sigheader(this->signer_in, this->seq_in, type,
-					   this->version, data.len) ||
-			!this->signer_in->verify_signature(this->signer_in, data, mac))
-		{
-			DBG1(DBG_TLS, "TLS record MAC verification failed");
+			DBG1(DBG_TLS, "TLS record decryption failed");
 			this->alert->add(this->alert, TLS_FATAL, TLS_BAD_RECORD_MAC);
 			return NEED_MORE;
 		}
@@ -220,72 +109,15 @@ METHOD(tls_protection_t, build, status_t,
 
 	if (status == NEED_MORE)
 	{
-		if (this->signer_out)
+		if (this->aead_out)
 		{
-			chunk_t mac;
-
-			if (!sigheader(this->signer_out, this->seq_out, *type,
-						   this->version, data->len) ||
-				!this->signer_out->allocate_signature(this->signer_out,
-						   *data, &mac))
+			if (!this->aead_out->encrypt(this->aead_out, this->version,
+										 *type, this->seq_out, data))
 			{
+				DBG1(DBG_TLS, "TLS record encryption failed");
+				chunk_free(data);
 				return FAILED;
 			}
-			if (this->crypter_out)
-			{
-				chunk_t padding, iv;
-				u_int8_t bs, padding_length;
-
-				bs = this->crypter_out->get_block_size(this->crypter_out);
-				padding_length = bs - ((data->len + mac.len + 1) % bs);
-
-				padding = chunk_alloca(padding_length);
-				memset(padding.ptr, padding_length, padding.len);
-
-				if (this->iv_out.len)
-				{	/* < TLSv1.1 uses IV from key derivation/last block */
-					iv = this->iv_out;
-				}
-				else
-				{	/* TLSv1.1 uses random IVs, prepended to record */
-					iv.len = this->crypter_out->get_iv_size(this->crypter_out);
-					if (!this->rng ||
-						!this->rng->allocate_bytes(this->rng, iv.len, &iv))
-					{
-						DBG1(DBG_TLS, "failed to generate TLS IV");
-						free(data->ptr);
-						return FAILED;
-					}
-				}
-
-				*data = chunk_cat("mmcc", *data, mac, padding,
-								  chunk_from_thing(padding_length));
-				/* encrypt inline */
-				if (!this->crypter_out->encrypt(this->crypter_out, *data,
-												iv, NULL))
-				{
-					if (!this->iv_out.len)
-					{
-						free(iv.ptr);
-					}
-					free(data->ptr);
-					return FAILED;
-				}
-
-				if (this->iv_out.len)
-				{	/* next record IV is last ciphertext block of this record */
-					memcpy(this->iv_out.ptr, data->ptr + data->len -
-						   this->iv_out.len, this->iv_out.len);
-				}
-				else
-				{	/* prepend IV */
-					*data = chunk_cat("mm", iv, *data);
-				}
-			}
-			else
-			{	/* NULL encryption */
-				*data = chunk_cat("mm", *data, mac);
-			}
 		}
 		this->seq_out++;
 	}
@@ -293,24 +125,15 @@ METHOD(tls_protection_t, build, status_t,
 }
 
 METHOD(tls_protection_t, set_cipher, void,
-	private_tls_protection_t *this, bool inbound, signer_t *signer,
-	crypter_t *crypter, chunk_t iv)
+	private_tls_protection_t *this, bool inbound, tls_aead_t *aead)
 {
 	if (inbound)
 	{
-		this->signer_in = signer;
-		this->crypter_in = crypter;
-		this->iv_in = iv;
+		this->aead_in = aead;
 	}
 	else
 	{
-		this->signer_out = signer;
-		this->crypter_out = crypter;
-		this->iv_out = iv;
-		if (!iv.len)
-		{	/* generate IVs if none given */
-			this->rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK);
-		}
+		this->aead_out = aead;
 	}
 }
 
@@ -323,7 +146,6 @@ METHOD(tls_protection_t, set_version, void,
 METHOD(tls_protection_t, destroy, void,
 	private_tls_protection_t *this)
 {
-	DESTROY_IF(this->rng);
 	free(this);
 }
 
diff --git a/src/libtls/tls_protection.h b/src/libtls/tls_protection.h
index 05cf3df45..3280fb5a9 100644
--- a/src/libtls/tls_protection.h
+++ b/src/libtls/tls_protection.h
@@ -26,6 +26,7 @@
 typedef struct tls_protection_t tls_protection_t;
 
 #include "tls.h"
+#include "tls_aead.h"
 #include "tls_alert.h"
 #include "tls_compression.h"
 
@@ -62,15 +63,12 @@ struct tls_protection_t {
 					  tls_content_type_t *type, chunk_t *data);
 
 	/**
-	 * Set a new cipher, including encryption and integrity algorithms.
+	 * Set a new transforms to use at protection layer
 	 *
 	 * @param inbound	TRUE to use cipher for inbound data, FALSE for outbound
-	 * @param signer	new signer to use, gets owned by protection layer
-	 * @param crypter	new crypter to use, gets owned by protection layer
-	 * @param iv		initial IV for crypter, gets owned by protection layer
+	 * @param aead		new AEAD transform
 	 */
-	void (*set_cipher)(tls_protection_t *this, bool inbound, signer_t *signer,
-					   crypter_t *crypter, chunk_t iv);
+	void (*set_cipher)(tls_protection_t *this, bool inbound, tls_aead_t *aead);
 
 	/**
 	 * Set the TLS version negotiated, used for MAC calculation.
diff --git a/src/libtls/tls_socket.c b/src/libtls/tls_socket.c
index 19232750b..648771e75 100644
--- a/src/libtls/tls_socket.c
+++ b/src/libtls/tls_socket.c
@@ -406,9 +406,11 @@ METHOD(tls_socket_t, destroy, void,
  * See header
  */
 tls_socket_t *tls_socket_create(bool is_server, identification_t *server,
-							identification_t *peer, int fd, tls_cache_t *cache)
+							identification_t *peer, int fd, tls_cache_t *cache,
+							tls_version_t max_version, bool nullok)
 {
 	private_tls_socket_t *this;
+	tls_purpose_t purpose;
 
 	INIT(this,
 		.public = {
@@ -430,13 +432,23 @@ tls_socket_t *tls_socket_create(bool is_server, identification_t *server,
 		.fd = fd,
 	);
 
-	this->tls = tls_create(is_server, server, peer, TLS_PURPOSE_GENERIC,
+	if (nullok)
+	{
+		purpose = TLS_PURPOSE_GENERIC_NULLOK;
+	}
+	else
+	{
+		purpose = TLS_PURPOSE_GENERIC;
+	}
+
+	this->tls = tls_create(is_server, server, peer, purpose,
 						   &this->app.application, cache);
 	if (!this->tls)
 	{
 		free(this);
 		return NULL;
 	}
+	this->tls->set_version(this->tls, max_version);
 
 	return &this->public;
 }
diff --git a/src/libtls/tls_socket.h b/src/libtls/tls_socket.h
index 75130a4d3..0d4db3b41 100644
--- a/src/libtls/tls_socket.h
+++ b/src/libtls/tls_socket.h
@@ -104,9 +104,12 @@ struct tls_socket_t {
  * @param peer				client identity, NULL for no client authentication
  * @param fd				socket to read/write from
  * @param cache				session cache to use, or NULL
+ * @param max_version		maximun TLS version to negotiate
+ * @param nullok			accept NULL encryption ciphers
  * @return					TLS socket wrapper
  */
 tls_socket_t *tls_socket_create(bool is_server, identification_t *server,
-							identification_t *peer, int fd, tls_cache_t *cache);
+							identification_t *peer, int fd, tls_cache_t *cache,
+							tls_version_t max_version, bool nullok);
 
 #endif /** TLS_SOCKET_H_ @}*/
diff --git a/src/libtnccs/Makefile.in b/src/libtnccs/Makefile.in
index 745850ac1..bf37bc688 100644
--- a/src/libtnccs/Makefile.in
+++ b/src/libtnccs/Makefile.in
@@ -425,7 +425,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libtnccs/plugins/tnc_imc/Makefile.in b/src/libtnccs/plugins/tnc_imc/Makefile.in
index 1f839853c..11a3952ce 100644
--- a/src/libtnccs/plugins/tnc_imc/Makefile.in
+++ b/src/libtnccs/plugins/tnc_imc/Makefile.in
@@ -375,7 +375,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libtnccs/plugins/tnc_imv/Makefile.in b/src/libtnccs/plugins/tnc_imv/Makefile.in
index 45c3569ac..cef45abc2 100644
--- a/src/libtnccs/plugins/tnc_imv/Makefile.in
+++ b/src/libtnccs/plugins/tnc_imv/Makefile.in
@@ -376,7 +376,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libtnccs/plugins/tnc_tnccs/Makefile.in b/src/libtnccs/plugins/tnc_tnccs/Makefile.in
index 21ed94de2..bba53f53f 100644
--- a/src/libtnccs/plugins/tnc_tnccs/Makefile.in
+++ b/src/libtnccs/plugins/tnc_tnccs/Makefile.in
@@ -375,7 +375,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libtnccs/plugins/tnccs_11/Makefile.in b/src/libtnccs/plugins/tnccs_11/Makefile.in
index 7b4d53ed2..182d1ddce 100644
--- a/src/libtnccs/plugins/tnccs_11/Makefile.in
+++ b/src/libtnccs/plugins/tnccs_11/Makefile.in
@@ -385,7 +385,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libtnccs/plugins/tnccs_20/Makefile.in b/src/libtnccs/plugins/tnccs_20/Makefile.in
index 63010c301..468f21780 100644
--- a/src/libtnccs/plugins/tnccs_20/Makefile.in
+++ b/src/libtnccs/plugins/tnccs_20/Makefile.in
@@ -386,7 +386,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libtnccs/plugins/tnccs_dynamic/Makefile.in b/src/libtnccs/plugins/tnccs_dynamic/Makefile.in
index 6a99188ef..7327202aa 100644
--- a/src/libtnccs/plugins/tnccs_dynamic/Makefile.in
+++ b/src/libtnccs/plugins/tnccs_dynamic/Makefile.in
@@ -375,7 +375,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/libtncif/Makefile.in b/src/libtncif/Makefile.in
index 66ac31127..de76a6eee 100644
--- a/src/libtncif/Makefile.in
+++ b/src/libtncif/Makefile.in
@@ -337,7 +337,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/manager/Makefile.in b/src/manager/Makefile.in
index 08033c461..04db56931 100644
--- a/src/manager/Makefile.in
+++ b/src/manager/Makefile.in
@@ -389,7 +389,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/medsrv/Makefile.in b/src/medsrv/Makefile.in
index 5452a419a..d26237b7b 100644
--- a/src/medsrv/Makefile.in
+++ b/src/medsrv/Makefile.in
@@ -378,7 +378,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/openac/Makefile.am b/src/openac/Makefile.am
deleted file mode 100644
index 78a466bd6..000000000
--- a/src/openac/Makefile.am
+++ /dev/null
@@ -1,11 +0,0 @@
-ipsec_PROGRAMS = openac
-openac_SOURCES = openac.c
-dist_man_MANS = openac.8
-
-AM_CPPFLAGS = \
-	-I$(top_srcdir)/src/libstrongswan \
-	-DIPSEC_CONFDIR=\"${sysconfdir}\" \
-	-DPLUGINS=\""${openac_plugins}\""
-
-openac_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la
-openac.o :		$(top_builddir)/config.status
diff --git a/src/openac/openac.8 b/src/openac/openac.8
deleted file mode 100644
index ed1b8ed6c..000000000
--- a/src/openac/openac.8
+++ /dev/null
@@ -1,165 +0,0 @@
-.TH IPSEC_OPENAC 8 "22 September 2007"
-.SH NAME
-ipsec openac \- Generation of X.509 attribute certificates
-.SH SYNOPSIS
-.B ipsec
-.B openac
-[
-.B \-\-help
-] [
-.B \-\-version
-] [
-.B \-\-optionsfrom
-\fIfilename\fP
-]
-.br
-\ \ \ [
-.B \-\-quiet
-] [
-.B \-\-debug
-\fIlevel\fP
-]
-.br
-\ \ \ [
-.B \-\-days
-\fIdays\fP
-] [
-.B \-\-hours
-\fIhours\fP
-]
-.br
-\ \ \ [
-.B \-\-startdate
-\fIYYYYMMDDHHMMSSZ\fP
-] [
-.B \-\-stopdate
-\fIYYYYMMDDHHMMSSZ\fP
-]
-.br
-.B \ \ \ \-\-cert
-\fIcertfile\fP
-.B \-\-key
-\fIkeyfile\fP
-[
-.B \-\-password
-\fIpassword\fP
-]
-.br
-.B \ \ \ \-\-usercert
-\fIcertfile\fP
-.B \-\-groups
-\fIattr1,attr2,...\fP
-.B \-\-out
-\fIfilename\fP
-.SH DESCRIPTION
-.BR openac
-is intended to be used by an Authorization Authority (AA) to generate and sign
-X.509 attribute certificates. Currently only the inclusion of one ore several group
-attributes is supported. An attribute certificate is linked to a holder by
-including the issuer and serial number of the holder's X.509 certificate.
-.SH OPTIONS
-.TP
-\fB\-\-help\fP
-display the usage message.
-.TP
-\fB\-\-version\fP
-display the version of \fBopenac\fP.
-.TP
-\fB\-\-optionsfrom\fP\ \fIfilename\fP
-adds the contents of the file to the argument list.
-If \fIfilename\fP is a relative path then the file is searched in the directory
-\fI/etc/openac\fP.
-.TP
-\fB\-\-quiet\fP
-By default \fBopenac\fP logs all control output both to syslog and stderr.
-With the \fB\-\-quiet\fP option no output is written to stderr.
-.TP
-\fB\-\-days\fP\ \fIdays\fP
-Validity of the X.509 attribute certificate in days. If neiter the \fB\-\-days\fP\ nor
-the \fB\-\-hours\fP\ option is specified then a default validity interval of 1 day is assumed.
-The \fB\-\-days\fP\ option can be combined with the \fB\-\-hours\fP\ option.
-.TP
-\fB\-\-hours\fP\ \fIhours\fP
-Validity of the X.509 attribute certificate in hours. If neiter the \fB\-\-hours\fP\ nor
-the \fB\-\-days\fP\ option is specified then a default validity interval of 24 hours is assumed.
-The \fB\-\-hours\fP\ option can be combined with the \fB\-\-days\fP\ option.
-.TP
-\fB\-\-startdate\fP\ \fIYYYYMMDDHHMMSSZ\fP
-defines the \fBnotBefore\fP date when the X.509 attribute certificate becomes valid.
-The date \fIYYYYMMDDHHMMSS\fP must be specified in UTC (\fIZ\fPulu time).
-If the \fB\-\-startdate\fP option is not specified then the current date is taken as a default.
-
-.TP
-\fB\-\-stopdate\fP\ \fIYYYYMMDDHHMMSSZ\fP
-defines the \fBnotAfter\fP date when the X.509 attribute certificate will expire.
-The date \fIYYYYMMDDHHMMSS\fP must be specified in UTC (\fIZ\fPulu time).
-If the \fB\-\-stopdate\fP option is not specified then the default \fBnotAfter\fP value is computed
-by adding the validity interval specified by the \fB\-\-days\fP\ and/or \fB\-\-days\fP\ options
-to the \fBnotBefore\fP date.
-.TP
-\fB\-\-cert\fP\ \fIcertfile\fP
-specifies the file containing the X.509 certificate of the Authorization Authority.
-The certificate is stored either in PEM or DER format.
-.TP
-\fB\-\-key\fP\ \fIkeyfile\fP
-specifies the encrypted file containing the private RSA key of the Authoritzation
-Authority. The private key is stored in PKCS#1 format.
-.TP
-\fB\-\-password\fP\ \fIpassword\fP
-specifies the password with which the private RSA keyfile defined by the
-\fB\-\-key\fP option has been protected. If the option is missing then the
-password is prompted for on the command line.
-.TP
-\fB\-\-usercert\fP\ \fIcertfile\fP
-specifies file containing the X.509 certificate of the user to which the generated attribute
-certificate will apply. The certificate file is stored either in PEM or DER format.
-.TP
-\fB\-\-groups\fP\ \fIattr1,attr2\fP
-specifies a comma-separated list of group attributes that will go into the
-X.509 attribute certificate.
-.TP
-\fB\-\-out\fP\ \fIfilename\fP
-specifies the file where the generated X.509 attribute certificate will be stored to.
-.SS Debugging
-.LP
-\fBopenac\fP produces a prodigious amount of debugging information.  To do so,
-it must be compiled with \-DDEBUG.  There are several classes of debugging output,
-and \fBopenac\fP may be directed to produce a selection of them.  All lines of
-debugging output are prefixed with ``|\ '' to distinguish them from error messages.
-.LP
-When \fBopenac\fP is invoked, it may be given arguments to specify
-which classes to output.  The current options are:
-.TP
-\fB\-\-debug\fP\ \fIlevel\fP
-sets the debug level to 0 (none), 1 (normal), 2 (more), 3 (raw), and 4 (private),
-the default level being 1.
-.SH EXIT STATUS
-.LP
-The execution of \fBopenac\fP terminates with one of the following two exit codes:
-.TP
-0
-means that the attribute certificate was successfully generated and stored.
-.TP
-1
-means that something went wrong.
-.SH FILES
-\fI/etc/openac/serial\fP\ \ \ serial number of latest attribute certificate
-.SH SEE ALSO
-.LP
-The X.509 attribute certificates generated with \fBopenac\fP can be used to
-enforce group policies defined by \fIipsec.conf\fP(5). Use \fIipsec_auto\fP(8)
-to load and list X.509 attribute certificates.
-.LP
-For more information on X.509 attribute certificates, refer to the following
-IETF RFC:
-.IP
-RFC 3281 An Internet Attribute Certificate Profile for Authorization
-.SH HISTORY
-The \fBopenac\fP program was originally written by Ariane Seiler and Ueli Galizzi.
-The software was recoded by Andreas Steffen using strongSwan's X.509 library and 
-the ASN.1 code synthesis functions written by Christoph Gysin and Christoph Zwahlen.
-All authors were with the Zurich University of Applied Sciences in Winterthur,
-Switzerland.
-.LP
-.SH BUGS
-Bugs should be reported to the <users@lists.strongswan.org> mailing list.
diff --git a/src/openac/openac.c b/src/openac/openac.c
deleted file mode 100644
index 8862e9ab0..000000000
--- a/src/openac/openac.c
+++ /dev/null
@@ -1,551 +0,0 @@
-/**
- * @file openac.c
- *
- * @brief Generation of X.509 attribute certificates.
- *
- */
-
-/*
- * Copyright (C) 2002  Ueli Galizzi, Ariane Seiler
- * Copyright (C) 2004,2007  Andreas Steffen
- * Hochschule fuer Technik Rapperswil, Switzerland
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <syslog.h>
-#include <unistd.h>
-#include <getopt.h>
-#include <ctype.h>
-#include <time.h>
-#include <errno.h>
-
-#include <library.h>
-#include <utils/debug.h>
-#include <asn1/asn1.h>
-#include <credentials/certificates/x509.h>
-#include <credentials/certificates/ac.h>
-#include <credentials/keys/private_key.h>
-#include <credentials/sets/mem_cred.h>
-#include <utils/optionsfrom.h>
-
-#define OPENAC_PATH			IPSEC_CONFDIR "/openac"
-#define OPENAC_SERIAL		IPSEC_CONFDIR "/openac/serial"
-
-#define DEFAULT_VALIDITY	24*3600		/* seconds */
-
-/**
- * @brief prints the usage of the program to the stderr
- */
-static void usage(const char *message)
-{
-	if (message != NULL && *message != '\0')
-	{
-		fprintf(stderr, "%s\n", message);
-	}
-	fprintf(stderr, "Usage: openac"
-		" [--help]"
-		" [--version]"
-		" [--optionsfrom <filename>]"
-		" [--quiet]"
-		" \\\n\t"
-		"      [--debug <level 0..4>]"
-		" \\\n\t"
-		"      [--days <days>]"
-		" [--hours <hours>]"
-		" \\\n\t"
-		"      [--startdate <YYYYMMDDHHMMSSZ>]"
-		" [--enddate <YYYYMMDDHHMMSSZ>]"
-		" \\\n\t"
-		"      --cert <certfile>"
-		" --key <keyfile>"
-		" [--password <password>]"
-		" \\\n\t"
-		"      --usercert <certfile>"
-		" --groups <attr1,attr2,..>"
-		" --out <filename>"
-		"\n"
-	);
-}
-
-/**
- * read the last serial number from file
- */
-static chunk_t read_serial(void)
-{
-	chunk_t hex, serial = chunk_empty;
-	char one[] = {0x01};
-	FILE *fd;
-
-	fd = fopen(OPENAC_SERIAL, "r");
-	if (fd)
-	{
-		hex = chunk_alloca(64);
-		hex.len = fread(hex.ptr, 1, hex.len, fd);
-		if (hex.len)
-		{
-			/* remove any terminating newline character */
-			if (hex.ptr[hex.len-1] == '\n')
-			{
-				hex.len--;
-			}
-			serial = chunk_alloca((hex.len / 2) + (hex.len % 2));
-			serial = chunk_from_hex(hex, serial.ptr);
-		}
-		fclose(fd);
-	}
-	else
-	{
-		DBG1(DBG_LIB, "  file '%s' does not exist yet - serial number "
-			 "set to 01", OPENAC_SERIAL);
-	}
-	if (!serial.len)
-	{
-		return chunk_clone(chunk_create(one, 1));
-	}
-	if (chunk_increment(serial))
-	{	/* overflow, prepend 0x01 */
-		return chunk_cat("cc", chunk_create(one, 1), serial);
-	}
-	return chunk_clone(serial);
-}
-
-/**
- * write back the last serial number to file
- */
-static void write_serial(chunk_t serial)
-{
-	FILE *fd = fopen(OPENAC_SERIAL, "w");
-
-	if (fd)
-	{
-		chunk_t hex_serial;
-
-		DBG1(DBG_LIB, "  serial number is %#B", &serial);
-		hex_serial = chunk_to_hex(serial, NULL, FALSE);
-		fprintf(fd, "%.*s\n", (int)hex_serial.len, hex_serial.ptr);
-		fclose(fd);
-		free(hex_serial.ptr);
-	}
-	else
-	{
-		DBG1(DBG_LIB, "  could not open file '%s' for writing", OPENAC_SERIAL);
-	}
-}
-
-/**
- * global variables accessible by both main() and build.c
- */
-
-static int debug_level = 1;
-static bool stderr_quiet = FALSE;
-
-/**
- * openac dbg function
- */
-static void openac_dbg(debug_t group, level_t level, char *fmt, ...)
-{
-	int priority = LOG_INFO;
-	char buffer[8192];
-	char *current = buffer, *next;
-	va_list args;
-
-	if (level <= debug_level)
-	{
-		if (!stderr_quiet)
-		{
-			va_start(args, fmt);
-			vfprintf(stderr, fmt, args);
-			fprintf(stderr, "\n");
-			va_end(args);
-		}
-
-		/* write in memory buffer first */
-		va_start(args, fmt);
-		vsnprintf(buffer, sizeof(buffer), fmt, args);
-		va_end(args);
-
-		/* do a syslog with every line */
-		while (current)
-		{
-			next = strchr(current, '\n');
-			if (next)
-			{
-				*(next++) = '\0';
-			}
-			syslog(priority, "%s\n", current);
-			current = next;
-		}
-	}
-}
-
-/**
- * @brief openac main program
- *
- * @param argc number of arguments
- * @param argv pointer to the argument values
- */
-int main(int argc, char **argv)
-{
-	certificate_t *attr_cert   = NULL;
-	certificate_t *userCert   = NULL;
-	certificate_t *signerCert = NULL;
-	private_key_t *signerKey  = NULL;
-
-	time_t notBefore = UNDEFINED_TIME;
-	time_t notAfter  = UNDEFINED_TIME;
-	time_t validity = 0;
-
-	char *keyfile = NULL;
-	char *certfile = NULL;
-	char *usercertfile = NULL;
-	char *outfile = NULL;
-	char *groups = "";
-	char buf[BUF_LEN];
-
-	chunk_t passphrase = { buf, 0 };
-	chunk_t serial = chunk_empty;
-	chunk_t attr_chunk = chunk_empty;
-
-	int status = 1;
-
-	/* enable openac debugging hook */
-	dbg = openac_dbg;
-
-	passphrase.ptr[0] = '\0';
-
-	openlog("openac", 0, LOG_AUTHPRIV);
-
-	/* initialize library */
-	atexit(library_deinit);
-	if (!library_init(NULL, "openac"))
-	{
-		exit(SS_RC_LIBSTRONGSWAN_INTEGRITY);
-	}
-	if (lib->integrity &&
-		!lib->integrity->check_file(lib->integrity, "openac", argv[0]))
-	{
-		fprintf(stderr, "integrity check of openac failed\n");
-		exit(SS_RC_DAEMON_INTEGRITY);
-	}
-	if (!lib->plugins->load(lib->plugins,
-			lib->settings->get_str(lib->settings, "openac.load", PLUGINS)))
-	{
-		exit(SS_RC_INITIALIZATION_FAILED);
-	}
-
-	/* initialize optionsfrom */
-	options_t *options = options_create();
-
-	/* handle arguments */
-	for (;;)
-	{
-		static const struct option long_opts[] = {
-			/* name, has_arg, flag, val */
-			{ "help", no_argument, NULL, 'h' },
-			{ "version", no_argument, NULL, 'v' },
-			{ "optionsfrom", required_argument, NULL, '+' },
-			{ "quiet", no_argument, NULL, 'q' },
-			{ "cert", required_argument, NULL, 'c' },
-			{ "key", required_argument, NULL, 'k' },
-			{ "password", required_argument, NULL, 'p' },
-			{ "usercert", required_argument, NULL, 'u' },
-			{ "groups", required_argument, NULL, 'g' },
-			{ "days", required_argument, NULL, 'D' },
-			{ "hours", required_argument, NULL, 'H' },
-			{ "startdate", required_argument, NULL, 'S' },
-			{ "enddate", required_argument, NULL, 'E' },
-			{ "out", required_argument, NULL, 'o' },
-			{ "debug", required_argument, NULL, 'd' },
-			{ 0,0,0,0 }
-		};
-
-		int c = getopt_long(argc, argv, "hv+:qc:k:p;u:g:D:H:S:E:o:d:", long_opts, NULL);
-
-		/* Note: "breaking" from case terminates loop */
-		switch (c)
-		{
-			case EOF:	/* end of flags */
-				break;
-
-			case 0: /* long option already handled */
-				continue;
-
-			case ':':	/* diagnostic already printed by getopt_long */
-			case '?':	/* diagnostic already printed by getopt_long */
-			case 'h':	/* --help */
-				usage(NULL);
-				status = 1;
-				goto end;
-
-			case 'v':	/* --version */
-				printf("openac (strongSwan %s)\n", VERSION);
-				status = 0;
-				goto end;
-
-			case '+':	/* --optionsfrom <filename> */
-				{
-					char path[BUF_LEN];
-
-					if (*optarg == '/')	/* absolute pathname */
-					{
-						strncpy(path, optarg, BUF_LEN);
-						path[BUF_LEN-1] = '\0';
-					}
-					else			/* relative pathname */
-					{
-						snprintf(path, BUF_LEN, "%s/%s", OPENAC_PATH, optarg);
-					}
-					if (!options->from(options, path, &argc, &argv, optind))
-					{
-						status = 1;
-						goto end;
-					}
-				}
-				continue;
-
-			case 'q':	/* --quiet */
-				stderr_quiet = TRUE;
-				continue;
-
-			case 'c':	/* --cert */
-				certfile = optarg;
-				continue;
-
-			case 'k':	/* --key */
-				keyfile = optarg;
-				continue;
-
-			case 'p':	/* --key */
-				if (strlen(optarg) >= BUF_LEN)
-				{
-					usage("passphrase too long");
-					goto end;
-				}
-				strncpy(passphrase.ptr, optarg, BUF_LEN);
-				passphrase.len = min(strlen(optarg), BUF_LEN);
-				continue;
-
-			case 'u':	/* --usercert */
-				usercertfile = optarg;
-				continue;
-
-			case 'g':	/* --groups */
-				groups = optarg;
-				continue;
-
-			case 'D':	/* --days */
-				if (optarg == NULL || !isdigit(optarg[0]))
-				{
-					usage("missing number of days");
-					goto end;
-				}
-				else
-				{
-					char *endptr;
-					long days = strtol(optarg, &endptr, 0);
-
-					if (*endptr != '\0' || endptr == optarg || days <= 0)
-					{
-						usage("<days> must be a positive number");
-						goto end;
-					}
-					validity += 24*3600*days;
-				}
-				continue;
-
-			case 'H':	/* --hours */
-				if (optarg == NULL || !isdigit(optarg[0]))
-				{
-					usage("missing number of hours");
-					goto end;
-				}
-				else
-				{
-					char *endptr;
-					long hours = strtol(optarg, &endptr, 0);
-
-					if (*endptr != '\0' || endptr == optarg || hours <= 0)
-					{
-						usage("<hours> must be a positive number");
-						goto end;
-					}
-					validity += 3600*hours;
-				}
-				continue;
-
-			case 'S':	/* --startdate */
-				if (optarg == NULL || strlen(optarg) != 15 || optarg[14] != 'Z')
-				{
-					usage("date format must be YYYYMMDDHHMMSSZ");
-					goto end;
-				}
-				else
-				{
-					chunk_t date = { optarg, 15 };
-
-					notBefore = asn1_to_time(&date, ASN1_GENERALIZEDTIME);
-				}
-				continue;
-
-			case 'E':	/* --enddate */
-				if (optarg == NULL || strlen(optarg) != 15 || optarg[14] != 'Z')
-				{
-					usage("date format must be YYYYMMDDHHMMSSZ");
-					goto end;
-				}
-				else
-				{
-					chunk_t date = { optarg, 15 };
-					notAfter = asn1_to_time(&date, ASN1_GENERALIZEDTIME);
-				}
-				continue;
-
-			case 'o':	/* --out */
-				outfile = optarg;
-				continue;
-
-			case 'd':	/* --debug */
-				debug_level = atoi(optarg);
-				continue;
-
-			default:
-				usage("");
-				status = 0;
-				goto end;
-		}
-		/* break from loop */
-		break;
-	}
-
-	if (optind != argc)
-	{
-		usage("unexpected argument");
-		goto end;
-	}
-
-	DBG1(DBG_LIB, "starting openac (strongSwan Version %s)", VERSION);
-
-	/* load the signer's RSA private key */
-	if (keyfile != NULL)
-	{
-		mem_cred_t *mem;
-		shared_key_t *shared;
-
-		mem = mem_cred_create();
-		lib->credmgr->add_set(lib->credmgr, &mem->set);
-		shared = shared_key_create(SHARED_PRIVATE_KEY_PASS,
-								   chunk_clone(passphrase));
-		mem->add_shared(mem, shared, NULL);
-		signerKey = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_RSA,
-									   BUILD_FROM_FILE, keyfile,
-									   BUILD_END);
-		lib->credmgr->remove_set(lib->credmgr, &mem->set);
-		mem->destroy(mem);
-		if (signerKey == NULL)
-		{
-			goto end;
-		}
-		DBG1(DBG_LIB, "  loaded private key file '%s'", keyfile);
-	}
-
-	/* load the signer's X.509 certificate */
-	if (certfile != NULL)
-	{
-		signerCert = lib->creds->create(lib->creds,
-										CRED_CERTIFICATE, CERT_X509,
-										BUILD_FROM_FILE, certfile,
-										BUILD_END);
-		if (signerCert == NULL)
-		{
-			goto end;
-		}
-	}
-
-	/* load the users's X.509 certificate */
-	if (usercertfile != NULL)
-	{
-		userCert = lib->creds->create(lib->creds,
-									  CRED_CERTIFICATE, CERT_X509,
-									  BUILD_FROM_FILE, usercertfile,
-									  BUILD_END);
-		if (userCert == NULL)
-		{
-			goto end;
-		}
-	}
-
-	/* compute validity interval */
-	validity = (validity)? validity : DEFAULT_VALIDITY;
-	notBefore = (notBefore == UNDEFINED_TIME) ? time(NULL) : notBefore;
-	notAfter =  (notAfter  == UNDEFINED_TIME) ? time(NULL) + validity : notAfter;
-
-	/* build and parse attribute certificate */
-	if (userCert != NULL && signerCert != NULL && signerKey != NULL &&
-		outfile != NULL)
-	{
-		/* read the serial number and increment it by one */
-		serial = read_serial();
-
-		attr_cert = lib->creds->create(lib->creds,
-							CRED_CERTIFICATE, CERT_X509_AC,
-							BUILD_CERT, userCert,
-							BUILD_NOT_BEFORE_TIME, notBefore,
-							BUILD_NOT_AFTER_TIME, notAfter,
-							BUILD_SERIAL, serial,
-							BUILD_IETF_GROUP_ATTR, groups,
-							BUILD_SIGNING_CERT, signerCert,
-							BUILD_SIGNING_KEY, signerKey,
-							BUILD_END);
-		if (!attr_cert)
-		{
-			goto end;
-		}
-
-		/* write the attribute certificate to file */
-		if (attr_cert->get_encoding(attr_cert, CERT_ASN1_DER, &attr_chunk))
-		{
-			if (chunk_write(attr_chunk, outfile, 0022, TRUE))
-			{
-				DBG1(DBG_APP, "  written attribute cert file '%s' (%d bytes)",
-						 outfile, attr_chunk.len);
-				write_serial(serial);
-				status = 0;
-			}
-			else
-			{
-				DBG1(DBG_APP, "  writing attribute cert file '%s' failed: %s",
-					 outfile, strerror(errno));
-			}
-		}
-	}
-	else
-	{
-		usage("some of the mandatory parameters --usercert --cert --key --out "
-			  "are missing");
-	}
-
-end:
-	/* delete all dynamically allocated objects */
-	DESTROY_IF(signerKey);
-	DESTROY_IF(signerCert);
-	DESTROY_IF(userCert);
-	DESTROY_IF(attr_cert);
-	free(attr_chunk.ptr);
-	free(serial.ptr);
-	closelog();
-	dbg = dbg_default;
-	options->destroy(options);
-	exit(status);
-}
diff --git a/src/pki/Makefile.am b/src/pki/Makefile.am
index efbed9b2b..266802cf7 100644
--- a/src/pki/Makefile.am
+++ b/src/pki/Makefile.am
@@ -11,6 +11,7 @@ pki_SOURCES = pki.c pki.h command.c command.h \
 	commands/self.c \
 	commands/print.c \
 	commands/signcrl.c \
+	commands/acert.c \
 	commands/pkcs7.c \
 	commands/verify.c
 
diff --git a/src/pki/Makefile.in b/src/pki/Makefile.in
index 461d958da..2dd91e801 100644
--- a/src/pki/Makefile.in
+++ b/src/pki/Makefile.in
@@ -107,7 +107,8 @@ am_pki_OBJECTS = pki.$(OBJEXT) command.$(OBJEXT) \
 	commands/keyid.$(OBJEXT) commands/pub.$(OBJEXT) \
 	commands/req.$(OBJEXT) commands/self.$(OBJEXT) \
 	commands/print.$(OBJEXT) commands/signcrl.$(OBJEXT) \
-	commands/pkcs7.$(OBJEXT) commands/verify.$(OBJEXT)
+	commands/acert.$(OBJEXT) commands/pkcs7.$(OBJEXT) \
+	commands/verify.$(OBJEXT)
 pki_OBJECTS = $(am_pki_OBJECTS)
 pki_DEPENDENCIES = $(top_builddir)/src/libstrongswan/libstrongswan.la
 AM_V_lt = $(am__v_lt_@AM_V@)
@@ -386,7 +387,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
@@ -436,6 +436,7 @@ pki_SOURCES = pki.c pki.h command.c command.h \
 	commands/self.c \
 	commands/print.c \
 	commands/signcrl.c \
+	commands/acert.c \
 	commands/pkcs7.c \
 	commands/verify.c
 
@@ -549,6 +550,8 @@ commands/print.$(OBJEXT): commands/$(am__dirstamp) \
 	commands/$(DEPDIR)/$(am__dirstamp)
 commands/signcrl.$(OBJEXT): commands/$(am__dirstamp) \
 	commands/$(DEPDIR)/$(am__dirstamp)
+commands/acert.$(OBJEXT): commands/$(am__dirstamp) \
+	commands/$(DEPDIR)/$(am__dirstamp)
 commands/pkcs7.$(OBJEXT): commands/$(am__dirstamp) \
 	commands/$(DEPDIR)/$(am__dirstamp)
 commands/verify.$(OBJEXT): commands/$(am__dirstamp) \
@@ -567,6 +570,7 @@ distclean-compile:
 
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/command.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pki.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@commands/$(DEPDIR)/acert.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@commands/$(DEPDIR)/gen.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@commands/$(DEPDIR)/issue.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@commands/$(DEPDIR)/keyid.Po@am__quote@
diff --git a/src/pki/command.c b/src/pki/command.c
index b6966ee0b..075a2279a 100644
--- a/src/pki/command.c
+++ b/src/pki/command.c
@@ -200,7 +200,7 @@ int command_usage(char *error)
 	fprintf(out, "usage:\n");
 	if (active == help_idx)
 	{
-		for (i = 0; cmds[i].cmd; i++)
+		for (i = 0; i < MAX_COMMANDS && cmds[i].cmd; i++)
 		{
 			fprintf(out, "  pki --%-7s (-%c)  %s\n",
 					cmds[i].cmd, cmds[i].op, cmds[i].description);
@@ -263,7 +263,7 @@ int command_dispatch(int c, char *v[])
 
 	build_opts();
 	op = getopt_long(c, v, command_optstring, command_opts, NULL);
-	for (i = 0; cmds[i].cmd; i++)
+	for (i = 0; i < MAX_COMMANDS && cmds[i].cmd; i++)
 	{
 		if (cmds[i].op == op)
 		{
diff --git a/src/pki/command.h b/src/pki/command.h
index 737f4658d..9cf036bf2 100644
--- a/src/pki/command.h
+++ b/src/pki/command.h
@@ -24,12 +24,12 @@
 /**
  * Maximum number of commands (+1).
  */
-#define MAX_COMMANDS 11
+#define MAX_COMMANDS 12
 
 /**
  * Maximum number of options in a command (+3)
  */
-#define MAX_OPTIONS 32
+#define MAX_OPTIONS 36
 
 /**
  * Maximum number of usage summary lines (+1)
diff --git a/src/pki/commands/acert.c b/src/pki/commands/acert.c
new file mode 100644
index 000000000..d49365db5
--- /dev/null
+++ b/src/pki/commands/acert.c
@@ -0,0 +1,292 @@
+/*
+ * Copyright (C) 2009 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <time.h>
+#include <errno.h>
+
+#include "pki.h"
+
+#include <utils/debug.h>
+#include <asn1/asn1.h>
+#include <collections/linked_list.h>
+#include <credentials/certificates/certificate.h>
+#include <credentials/certificates/x509.h>
+#include <credentials/certificates/ac.h>
+
+/**
+ * Issue an attribute certificate
+ */
+static int acert()
+{
+	cred_encoding_type_t form = CERT_ASN1_DER;
+	hash_algorithm_t digest = HASH_SHA1;
+	certificate_t *ac = NULL, *cert = NULL, *issuer =NULL;
+	private_key_t *private = NULL;
+	public_key_t *public = NULL;
+	char *file = NULL, *hex = NULL, *issuercert = NULL, *issuerkey = NULL;
+	char *error = NULL, *keyid = NULL;
+	linked_list_t *groups;
+	chunk_t serial = chunk_empty, encoding = chunk_empty;
+	time_t not_before, not_after, lifetime = 24 * 60 * 60;
+	char *datenb = NULL, *datena = NULL, *dateform = NULL;
+	rng_t *rng;
+	char *arg;
+
+	groups = linked_list_create();
+
+	while (TRUE)
+	{
+		switch (command_getopt(&arg))
+		{
+			case 'h':
+				goto usage;
+			case 'g':
+				digest = enum_from_name(hash_algorithm_short_names, arg);
+				if (digest == -1)
+				{
+					error = "invalid --digest type";
+					goto usage;
+				}
+				continue;
+			case 'i':
+				file = arg;
+				continue;
+			case 'm':
+				groups->insert_last(groups, arg);
+				continue;
+			case 'c':
+				issuercert = arg;
+				continue;
+			case 'k':
+				issuerkey = arg;
+				continue;
+			case 'x':
+				keyid = arg;
+				continue;
+			case 'l':
+				lifetime = atoi(arg) * 60 * 60;
+				if (!lifetime)
+				{
+					error = "invalid --lifetime value";
+					goto usage;
+				}
+				continue;
+			case 'D':
+				dateform = arg;
+				continue;
+			case 'F':
+				datenb = arg;
+				continue;
+			case 'T':
+				datena = arg;
+				continue;
+			case 's':
+				hex = arg;
+				continue;
+			case 'f':
+				if (!get_form(arg, &form, CRED_CERTIFICATE))
+				{
+					error = "invalid output format";
+					goto usage;
+				}
+				continue;
+			case EOF:
+				break;
+			default:
+				error = "invalid --acert option";
+				goto usage;
+		}
+		break;
+	}
+
+	if (!calculate_lifetime(dateform, datenb, datena, lifetime,
+							&not_before, &not_after))
+	{
+		error = "invalid --not-before/after datetime";
+		goto usage;
+	}
+
+	if (!issuercert)
+	{
+		error = "--issuercert is required";
+		goto usage;
+	}
+	if (!issuerkey && !keyid)
+	{
+		error = "--issuerkey or --issuerkeyid is required";
+		goto usage;
+	}
+
+	issuer = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
+								BUILD_FROM_FILE, issuercert, BUILD_END);
+	if (!issuer)
+	{
+		error = "parsing issuer certificate failed";
+		goto end;
+	}
+	public = issuer->get_public_key(issuer);
+	if (!public)
+	{
+		error = "extracting issuer certificate public key failed";
+		goto end;
+	}
+	if (issuerkey)
+	{
+		private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY,
+									 public->get_type(public),
+									 BUILD_FROM_FILE, issuerkey, BUILD_END);
+	}
+	else
+	{
+		chunk_t chunk;
+
+		chunk = chunk_from_hex(chunk_create(keyid, strlen(keyid)), NULL);
+		private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_ANY,
+									 BUILD_PKCS11_KEYID, chunk, BUILD_END);
+		free(chunk.ptr);
+	}
+	if (!private)
+	{
+		error = "loading issuer private key failed";
+		goto end;
+	}
+	if (!private->belongs_to(private, public))
+	{
+		error = "issuer private key does not match issuer certificate";
+		goto end;
+	}
+
+	if (hex)
+	{
+		serial = chunk_from_hex(chunk_create(hex, strlen(hex)), NULL);
+	}
+	else
+	{
+		rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK);
+		if (!rng)
+		{
+			error = "no random number generator found";
+			goto end;
+		}
+		if (!rng_allocate_bytes_not_zero(rng, 8, &serial, FALSE))
+		{
+			error = "failed to generate serial number";
+			rng->destroy(rng);
+			goto end;
+		}
+		serial.ptr[0] &= 0x7F;
+		rng->destroy(rng);
+	}
+
+	if (file)
+	{
+		cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
+								  BUILD_FROM_FILE, file, BUILD_END);
+	}
+	else
+	{
+		if (!chunk_from_fd(0, &encoding))
+		{
+			fprintf(stderr, "%s: ", strerror(errno));
+			error = "reading public key failed";
+			goto end;
+		}
+		cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
+								  BUILD_BLOB, encoding, BUILD_END);
+		chunk_free(&encoding);
+	}
+	if (!cert)
+	{
+		error = "parsing user certificate failed";
+		goto end;
+	}
+
+	ac = lib->creds->create(lib->creds,
+							CRED_CERTIFICATE, CERT_X509_AC,
+							BUILD_CERT, cert,
+							BUILD_NOT_BEFORE_TIME, not_before,
+							BUILD_NOT_AFTER_TIME, not_after,
+							BUILD_SERIAL, serial,
+							BUILD_AC_GROUP_STRINGS, groups,
+							BUILD_SIGNING_CERT, issuer,
+							BUILD_SIGNING_KEY, private,
+							BUILD_END);
+	if (!ac)
+	{
+		error = "generating attribute certificate failed";
+		goto end;
+	}
+	if (!ac->get_encoding(ac, form, &encoding))
+	{
+		error = "encoding attribute certificate failed";
+		goto end;
+	}
+	if (fwrite(encoding.ptr, encoding.len, 1, stdout) != 1)
+	{
+		error = "writing attribute certificate key failed";
+		goto end;
+	}
+
+end:
+	DESTROY_IF(ac);
+	DESTROY_IF(cert);
+	DESTROY_IF(issuer);
+	DESTROY_IF(public);
+	DESTROY_IF(private);
+	groups->destroy(groups);
+	free(encoding.ptr);
+	free(serial.ptr);
+
+	if (error)
+	{
+		fprintf(stderr, "%s\n", error);
+		return 1;
+	}
+	return 0;
+
+usage:
+	groups->destroy(groups);
+	return command_usage(error);
+}
+
+/**
+ * Register the command.
+ */
+static void __attribute__ ((constructor))reg()
+{
+	command_register((command_t) {
+		acert, 'z', "acert",
+		"issue an attribute certificate",
+		{"[--in file] [--group name]* --issuerkey file|--issuerkeyid hex",
+		 " --issuercert file [--serial hex] [--lifetime hours]",
+		 " [--not-before datetime] [--not-after datetime] [--dateform form]",
+		 "[--digest md5|sha1|sha224|sha256|sha384|sha512] [--outform der|pem]"},
+		{
+			{"help",			'h', 0, "show usage information"},
+			{"in",				'i', 1, "holder certificate, default: stdin"},
+			{"group",			'm', 1, "group membership string to include"},
+			{"issuercert",		'c', 1, "issuer certificate file"},
+			{"issuerkey",		'k', 1, "issuer private key file"},
+			{"issuerkeyid",		'x', 1, "keyid on smartcard of issuer private key"},
+			{"serial",			's', 1, "serial number in hex, default: random"},
+			{"lifetime",		'l', 1, "hours the acert is valid, default: 24"},
+			{"not-before",		'F', 1, "date/time the validity of the AC starts"},
+			{"not-after",		'T', 1, "date/time the validity of the AC ends"},
+			{"dateform",		'D', 1, "strptime(3) input format, default: %d.%m.%y %T"},
+			{"digest",			'g', 1, "digest for signature creation, default: sha1"},
+			{"outform",			'f', 1, "encoding of generated cert, default: der"},
+		}
+	});
+}
diff --git a/src/pki/commands/issue.c b/src/pki/commands/issue.c
index d5c33b89f..d03326e3d 100644
--- a/src/pki/commands/issue.c
+++ b/src/pki/commands/issue.c
@@ -72,8 +72,8 @@ static int issue()
 	int inhibit_mapping = X509_NO_CONSTRAINT, require_explicit = X509_NO_CONSTRAINT;
 	chunk_t serial = chunk_empty;
 	chunk_t encoding = chunk_empty;
-	time_t lifetime = 1095;
-	time_t not_before, not_after;
+	time_t not_before, not_after, lifetime = 1095 * 24 * 60 * 60;
+	char *datenb = NULL, *datena = NULL, *dateform = NULL;
 	x509_flag_t flags = 0;
 	x509_t *x509;
 	x509_cdp_t *cdp = NULL;
@@ -132,13 +132,22 @@ static int issue()
 				san->insert_last(san, identification_create_from_string(arg));
 				continue;
 			case 'l':
-				lifetime = atoi(arg);
+				lifetime = atoi(arg) * 24 * 60 * 60;
 				if (!lifetime)
 				{
 					error = "invalid --lifetime value";
 					goto usage;
 				}
 				continue;
+			case 'D':
+				dateform = arg;
+				continue;
+			case 'F':
+				datenb = arg;
+				continue;
+			case 'T':
+				datena = arg;
+				continue;
 			case 's':
 				hex = arg;
 				continue;
@@ -242,6 +251,10 @@ static int issue()
 				{
 					flags |= X509_OCSP_SIGNER;
 				}
+				else if (streq(arg, "msSmartcardLogon"))
+				{
+					flags |= X509_MS_SMARTCARD_LOGON;
+				}
 				continue;
 			case 'f':
 				if (!get_form(arg, &form, CRED_CERTIFICATE))
@@ -285,6 +298,12 @@ static int issue()
 		error = "--cakey or --keyid is required";
 		goto usage;
 	}
+	if (!calculate_lifetime(dateform, datenb, datena, lifetime,
+							&not_before, &not_after))
+	{
+		error = "invalid --not-before/after datetime";
+		goto usage;
+	}
 	if (dn && *dn)
 	{
 		id = identification_create_from_string(dn);
@@ -363,6 +382,7 @@ static int issue()
 			rng->destroy(rng);
 			goto end;
 		}
+		serial.ptr[0] &= 0x7F;
 		rng->destroy(rng);
 	}
 
@@ -454,9 +474,6 @@ static int issue()
 										chunk_from_chars(ASN1_SEQUENCE, 0));
 	}
 
-	not_before = time(NULL);
-	not_after = not_before + lifetime * 24 * 60 * 60;
-
 	cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
 					BUILD_SIGNING_KEY, private, BUILD_SIGNING_CERT, ca,
 					BUILD_PUBLIC_KEY, public, BUILD_SUBJECT, id,
@@ -536,7 +553,7 @@ static void __attribute__ ((constructor))reg()
 		{"[--in file] [--type pub|pkcs10] --cakey file|--cakeyid hex",
 		 " --cacert file [--dn subject-dn] [--san subjectAltName]+",
 		 "[--lifetime days] [--serial hex] [--ca] [--pathlen len]",
-		 "[--flag serverAuth|clientAuth|crlSign|ocspSigning]+",
+		 "[--flag serverAuth|clientAuth|crlSign|ocspSigning|msSmartcardLogon]+",
 		 "[--crl uri [--crlissuer i]]+ [--ocsp uri]+ [--nc-permitted name]",
 		 "[--nc-excluded name] [--policy-mapping issuer-oid:subject-oid]",
 		 "[--policy-explicit len] [--policy-inhibit len] [--policy-any len]",
@@ -552,6 +569,9 @@ static void __attribute__ ((constructor))reg()
 			{"dn",				'd', 1, "distinguished name to include as subject"},
 			{"san",				'a', 1, "subjectAltName to include in certificate"},
 			{"lifetime",		'l', 1, "days the certificate is valid, default: 1095"},
+			{"not-before",		'F', 1, "date/time the validity of the cert starts"},
+			{"not-after",		'T', 1, "date/time the validity of the cert ends"},
+			{"dateform",		'D', 1, "strptime(3) input format, default: %d.%m.%y %T"},
 			{"serial",			's', 1, "serial number in hex, default: random"},
 			{"ca",				'b', 0, "include CA basicConstraint, default: no"},
 			{"pathlen",			'p', 1, "set path length constraint"},
diff --git a/src/pki/commands/print.c b/src/pki/commands/print.c
index 077c1ef3e..15ace035d 100644
--- a/src/pki/commands/print.c
+++ b/src/pki/commands/print.c
@@ -16,9 +16,11 @@
 #include "pki.h"
 
 #include <asn1/asn1.h>
+#include <asn1/oid.h>
 #include <credentials/certificates/certificate.h>
 #include <credentials/certificates/x509.h>
 #include <credentials/certificates/crl.h>
+#include <credentials/certificates/ac.h>
 #include <selectors/traffic_selector.h>
 
 #include <time.h>
@@ -138,6 +140,10 @@ static void print_x509(x509_t *x509)
 	{
 		printf("iKEIntermediate ");
 	}
+	if (flags & X509_MS_SMARTCARD_LOGON)
+	{
+		printf("msSmartcardLogon ");
+	}
 	if (flags & X509_SELF_SIGNED)
 	{
 		printf("self-signed ");
@@ -388,6 +394,85 @@ static void print_crl(crl_t *crl)
 }
 
 /**
+ * Print AC specific information
+ */
+static void print_ac(ac_t *ac)
+{
+	ac_group_type_t type;
+	identification_t *id;
+	enumerator_t *groups;
+	chunk_t chunk;
+	bool first = TRUE;
+
+	chunk = chunk_skip_zero(ac->get_serial(ac));
+	printf("serial:    %#B\n", &chunk);
+
+	id = ac->get_holderIssuer(ac);
+	if (id)
+	{
+		printf("hissuer:  \"%Y\"\n", id);
+	}
+	chunk = chunk_skip_zero(ac->get_holderSerial(ac));
+	if (chunk.ptr)
+	{
+		printf("hserial:   %#B\n", &chunk);
+	}
+	groups = ac->create_group_enumerator(ac);
+	while (groups->enumerate(groups, &type, &chunk))
+	{
+		int oid;
+		char *str;
+
+		if (first)
+		{
+			printf("groups:    ");
+			first = FALSE;
+		}
+		else
+		{
+			printf("           ");
+		}
+		switch (type)
+		{
+			case AC_GROUP_TYPE_STRING:
+				printf("%.*s", (int)chunk.len, chunk.ptr);
+				break;
+			case AC_GROUP_TYPE_OID:
+				oid = asn1_known_oid(chunk);
+				if (oid == OID_UNKNOWN)
+				{
+					str = asn1_oid_to_string(chunk);
+					if (str)
+					{
+						printf("%s", str);
+						free(str);
+					}
+					else
+					{
+						printf("OID:%#B", &chunk);
+					}
+				}
+				else
+				{
+					printf("%s", oid_names[oid].name);
+				}
+				break;
+			case AC_GROUP_TYPE_OCTETS:
+				printf("%#B", &chunk);
+				break;
+		}
+		printf("\n");
+	}
+	groups->destroy(groups);
+
+	chunk = ac->get_authKeyIdentifier(ac);
+	if (chunk.ptr)
+	{
+		printf("authkey:  %#B\n", &chunk);
+	}
+}
+
+/**
  * Print certificate information
  */
 static void print_cert(certificate_t *cert)
@@ -432,6 +517,9 @@ static void print_cert(certificate_t *cert)
 		case CERT_X509_CRL:
 			print_crl((crl_t*)cert);
 			break;
+		case CERT_X509_AC:
+			print_ac((ac_t*)cert);
+			break;
 		default:
 			printf("parsing certificate subtype %N not implemented\n",
 				   certificate_type_names, cert->get_type(cert));
@@ -472,6 +560,11 @@ static int print()
 					type = CRED_CERTIFICATE;
 					subtype = CERT_X509_CRL;
 				}
+				else if (streq(arg, "ac"))
+				{
+					type = CRED_CERTIFICATE;
+					subtype = CERT_X509_AC;
+				}
 				else if (streq(arg, "pub"))
 				{
 					type = CRED_PUBLIC_KEY;
@@ -558,7 +651,7 @@ static void __attribute__ ((constructor))reg()
 	command_register((command_t)
 		{ print, 'a', "print",
 		"print a credential in a human readable form",
-		{"[--in file] [--type rsa-priv|ecdsa-priv|pub|x509|crl]"},
+		{"[--in file] [--type rsa-priv|ecdsa-priv|pub|x509|crl|ac]"},
 		{
 			{"help",	'h', 0, "show usage information"},
 			{"in",		'i', 1, "input file, default: stdin"},
diff --git a/src/pki/commands/self.c b/src/pki/commands/self.c
index c28c9c291..a35a42b89 100644
--- a/src/pki/commands/self.c
+++ b/src/pki/commands/self.c
@@ -60,8 +60,8 @@ static int self()
 	int inhibit_mapping = X509_NO_CONSTRAINT, require_explicit = X509_NO_CONSTRAINT;
 	chunk_t serial = chunk_empty;
 	chunk_t encoding = chunk_empty;
-	time_t lifetime = 1095;
-	time_t not_before, not_after;
+	time_t not_before, not_after, lifetime = 1095 * 24 * 60 * 60;
+	char *datenb = NULL, *datena = NULL, *dateform = NULL;
 	x509_flag_t flags = 0;
 	x509_cert_policy_t *policy = NULL;
 	char *arg;
@@ -115,13 +115,22 @@ static int self()
 				san->insert_last(san, identification_create_from_string(arg));
 				continue;
 			case 'l':
-				lifetime = atoi(arg);
+				lifetime = atoi(arg) * 24 * 60 * 60;
 				if (!lifetime)
 				{
 					error = "invalid --lifetime value";
 					goto usage;
 				}
 				continue;
+			case 'D':
+				dateform = arg;
+				continue;
+			case 'F':
+				datenb = arg;
+				continue;
+			case 'T':
+				datena = arg;
+				continue;
 			case 's':
 				hex = arg;
 				continue;
@@ -225,6 +234,10 @@ static int self()
 				{
 					flags |= X509_OCSP_SIGNER;
 				}
+				else if (streq(arg, "msSmartcardLogon"))
+				{
+					flags |= X509_MS_SMARTCARD_LOGON;
+				}
 				continue;
 			case 'f':
 				if (!get_form(arg, &form, CRED_CERTIFICATE))
@@ -250,6 +263,12 @@ static int self()
 		error = "--dn is required";
 		goto usage;
 	}
+	if (!calculate_lifetime(dateform, datenb, datena, lifetime,
+							&not_before, &not_after))
+	{
+		error = "invalid --not-before/after datetime";
+		goto usage;
+	}
 	id = identification_create_from_string(dn);
 	if (id->get_type(id) != ID_DER_ASN1_DN)
 	{
@@ -314,10 +333,9 @@ static int self()
 			rng->destroy(rng);
 			goto end;
 		}
+		serial.ptr[0] &= 0x7F;
 		rng->destroy(rng);
 	}
-	not_before = time(NULL);
-	not_after = not_before + lifetime * 24 * 60 * 60;
 	cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
 						BUILD_SIGNING_KEY, private, BUILD_PUBLIC_KEY, public,
 						BUILD_SUBJECT, id, BUILD_NOT_BEFORE_TIME, not_before,
@@ -391,7 +409,7 @@ static void __attribute__ ((constructor))reg()
 		{" [--in file|--keyid hex] [--type rsa|ecdsa]",
 		 " --dn distinguished-name [--san subjectAltName]+",
 		 "[--lifetime days] [--serial hex] [--ca] [--ocsp uri]+",
-		 "[--flag serverAuth|clientAuth|crlSign|ocspSigning]+",
+		 "[--flag serverAuth|clientAuth|crlSign|ocspSigning|msSmartcardLogon]+",
 		 "[--nc-permitted name] [--nc-excluded name]",
 		 "[--policy-map issuer-oid:subject-oid]",
 		 "[--policy-explicit len] [--policy-inhibit len] [--policy-any len]",
@@ -405,6 +423,9 @@ static void __attribute__ ((constructor))reg()
 			{"dn",				'd', 1, "subject and issuer distinguished name"},
 			{"san",				'a', 1, "subjectAltName to include in certificate"},
 			{"lifetime",		'l', 1, "days the certificate is valid, default: 1095"},
+			{"not-before",		'F', 1, "date/time the validity of the cert starts"},
+			{"not-after",		'T', 1, "date/time the validity of the cert ends"},
+			{"dateform",		'D', 1, "strptime(3) input format, default: %d.%m.%y %T"},
 			{"serial",			's', 1, "serial number in hex, default: random"},
 			{"ca",				'b', 0, "include CA basicConstraint, default: no"},
 			{"pathlen",			'p', 1, "set path length constraint"},
diff --git a/src/pki/commands/signcrl.c b/src/pki/commands/signcrl.c
index 4f9dd291d..c9eebbf59 100644
--- a/src/pki/commands/signcrl.c
+++ b/src/pki/commands/signcrl.c
@@ -124,7 +124,8 @@ static int sign_crl()
 	int serial_len = 0;
 	crl_reason_t reason = CRL_REASON_UNSPECIFIED;
 	time_t thisUpdate, nextUpdate, date = time(NULL);
-	time_t lifetime = 15;
+	time_t lifetime = 15 * 24 * 60 * 60;
+	char *datetu = NULL, *datenu = NULL, *dateform = NULL;
 	linked_list_t *list, *cdps;
 	enumerator_t *enumerator, *lastenum = NULL;
 	x509_cdp_t *cdp;
@@ -161,13 +162,22 @@ static int sign_crl()
 				lastupdate = arg;
 				continue;
 			case 'l':
-				lifetime = atoi(arg);
+				lifetime = atoi(arg) * 24 * 60 * 60;
 				if (!lifetime)
 				{
-					error = "invalid lifetime";
+					error = "invalid --lifetime value";
 					goto usage;
 				}
 				continue;
+			case 'D':
+				dateform = arg;
+				continue;
+			case 'F':
+				datetu = arg;
+				continue;
+			case 'T':
+				datenu = arg;
+				continue;
 			case 'z':
 				serial_len = read_serial(arg, serial, sizeof(serial));
 				if (serial_len < 0)
@@ -275,6 +285,12 @@ static int sign_crl()
 		error = "--cakey or --keyid is required";
 		goto usage;
 	}
+	if (!calculate_lifetime(dateform, datetu, datenu, lifetime,
+							&thisUpdate, &nextUpdate))
+	{
+		error = "invalid --this/next-update datetime";
+		goto usage;
+	}
 
 	ca = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
 							BUILD_FROM_FILE, cacert, BUILD_END);
@@ -321,9 +337,6 @@ static int sign_crl()
 		goto error;
 	}
 
-	thisUpdate = time(NULL);
-	nextUpdate = thisUpdate + lifetime * 24 * 60 * 60;
-
 	if (basecrl)
 	{
 		lastcrl = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509_CRL,
@@ -442,6 +455,9 @@ static void __attribute__ ((constructor))reg()
 			{"cakey",		'k', 1, "CA private key file"},
 			{"cakeyid",		'x', 1, "keyid on smartcard of CA private key"},
 			{"lifetime",	'l', 1, "days the CRL gets a nextUpdate, default: 15"},
+			{"this-update",	'F', 1, "date/time the validity of the CRL starts"},
+			{"next-update",	'T', 1, "date/time the validity of the CRL ends"},
+			{"dateform",	'D', 1, "strptime(3) input format, default: %d.%m.%y %T"},
 			{"lastcrl",		'a', 1, "CRL of lastUpdate to copy revocations from"},
 			{"basecrl",		'b', 1, "base CRL to create a delta CRL for"},
 			{"crluri",		'u', 1, "freshest delta CRL URI to include"},
diff --git a/src/pki/man/Makefile.am b/src/pki/man/Makefile.am
index 618bd4093..4c901ae3c 100644
--- a/src/pki/man/Makefile.am
+++ b/src/pki/man/Makefile.am
@@ -4,6 +4,7 @@ man1_MANS = \
 	pki---self.1 \
 	pki---issue.1 \
 	pki---signcrl.1 \
+	pki---acert.1 \
 	pki---req.1 \
 	pki---pkcs7.1 \
 	pki---keyid.1 \
diff --git a/src/pki/man/Makefile.in b/src/pki/man/Makefile.in
index edbde85b5..5d901a87e 100644
--- a/src/pki/man/Makefile.in
+++ b/src/pki/man/Makefile.in
@@ -84,7 +84,7 @@ DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
 	$(srcdir)/pki---pkcs7.1.in $(srcdir)/pki---print.1.in \
 	$(srcdir)/pki---pub.1.in $(srcdir)/pki---req.1.in \
 	$(srcdir)/pki---self.1.in $(srcdir)/pki---signcrl.1.in \
-	$(srcdir)/pki---verify.1.in
+	$(srcdir)/pki---acert.1.in $(srcdir)/pki---verify.1.in
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
 am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
 	$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -102,7 +102,7 @@ mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES = pki.1 pki---gen.1 pki---issue.1 pki---keyid.1 \
 	pki---pkcs7.1 pki---print.1 pki---pub.1 pki---req.1 \
-	pki---self.1 pki---signcrl.1 pki---verify.1
+	pki---self.1 pki---signcrl.1 pki---acert.1 pki---verify.1
 CONFIG_CLEAN_VPATH_FILES =
 AM_V_P = $(am__v_P_@AM_V@)
 am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
@@ -325,7 +325,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
@@ -371,6 +370,7 @@ man1_MANS = \
 	pki---self.1 \
 	pki---issue.1 \
 	pki---signcrl.1 \
+	pki---acert.1 \
 	pki---req.1 \
 	pki---pkcs7.1 \
 	pki---keyid.1 \
@@ -432,6 +432,8 @@ pki---self.1: $(top_builddir)/config.status $(srcdir)/pki---self.1.in
 	cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@
 pki---signcrl.1: $(top_builddir)/config.status $(srcdir)/pki---signcrl.1.in
 	cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@
+pki---acert.1: $(top_builddir)/config.status $(srcdir)/pki---acert.1.in
+	cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@
 pki---verify.1: $(top_builddir)/config.status $(srcdir)/pki---verify.1.in
 	cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@
 
diff --git a/src/pki/man/pki---acert.1.in b/src/pki/man/pki---acert.1.in
new file mode 100644
index 000000000..ec1d8be6e
--- /dev/null
+++ b/src/pki/man/pki---acert.1.in
@@ -0,0 +1,130 @@
+.TH "PKI \-\-ACERT" 1 "2014-02-05" "@PACKAGE_VERSION@" "strongSwan"
+.
+.SH "NAME"
+.
+pki \-\-acert \- Issue an attribute certificate
+.
+.SH "SYNOPSIS"
+.
+.SY pki\ \-\-acert
+.OP \-\-in file
+.OP \-\-group membership
+.BI \-\-issuerkey\~ file |\-\-issuerkeyid\~ hex
+.BI \-\-issuercert\~ file
+.OP \-\-lifetime hours
+.OP \-\-not-before datetime
+.OP \-\-not-after datetime
+.OP \-\-serial hex
+.OP \-\-digest digest
+.OP \-\-outform encoding
+.OP \-\-debug level
+.YS
+.
+.SY pki\ \-\-acert
+.BI \-\-options\~ file
+.YS
+.
+.SY "pki \-\-acert"
+.B \-h
+|
+.B \-\-help
+.YS
+.
+.SH "DESCRIPTION"
+.
+This sub-command of
+.BR pki (1)
+is used to issue an attribute certificate using an issuer certificate with its
+private key and the holder certificate.
+.
+.SH "OPTIONS"
+.
+.TP
+.B "\-h, \-\-help"
+Print usage information with a summary of the available options.
+.TP
+.BI "\-v, \-\-debug " level
+Set debug level, default: 1.
+.TP
+.BI "\-+, \-\-options " file
+Read command line options from \fIfile\fR.
+.TP
+.BI "\-i, \-\-in " file
+Holder certificate to issue an attribute certificate for. If not given the
+certificate is read from \fISTDIN\fR.
+.TP
+.BI "\-m, \-\-group " membership
+Group membership the attribute certificate shall certify. The specified group
+is included as a string. To include multiple groups, the option can be repeated.
+.TP
+.BI "\-k, \-\-issuerkey " file
+Issuer private key file. Either this or
+.B \-\-issuerkeyid
+is required.
+.TP
+.BI "\-x, \-\-issuerkeyid " hex
+Key ID of a issuer private key on a smartcard. Either this or
+.B \-\-issuerkey
+is required.
+.TP
+.BI "\-c, \-\-issuercert " file
+Issuer certificate file. Required.
+.TP
+.BI "\-l, \-\-lifetime " hours
+Hours the attribute certificate is valid, default: 24. Ignored if both
+an absolute start and end time are given.
+.TP
+.BI "\-F, \-\-not-before " datetime
+Absolute time when the validity of the AC begins. The datetime format is
+defined by the
+.B \-\-dateform
+option.
+.TP
+.BI "\-T, \-\-not-after " datetime
+Absolute time when the validity of the AC ends. The datetime format is
+defined by the
+.B \-\-dateform
+option.
+.TP
+.BI "\-D, \-\-dateform " form
+strptime(3) format for the
+.B \-\-not\-before
+and
+.B \-\-not\-after
+options, default:
+.B %d.%m.%y %T
+.TP
+.BI "\-s, \-\-serial " hex
+Serial number in hex. It is randomly allocated by default.
+.TP
+.BI "\-g, \-\-digest " digest
+Digest to use for signature creation. One of \fImd5\fR, \fIsha1\fR,
+\fIsha224\fR, \fIsha256\fR, \fIsha384\fR, or \fIsha512\fR. Defaults to
+\fIsha1\fR.
+.TP
+.BI "\-f, \-\-outform " encoding
+Encoding of the created certificate file. Either \fIder\fR (ASN.1 DER) or
+\fIpem\fR (Base64 PEM), defaults to \fIder\fR.
+.
+.SH "EXAMPLES"
+.
+To save repetitive typing, command line options can be stored in files.
+Lets assume
+.I acert.opt
+contains the following contents:
+.PP
+.EX
+  --issuercert aacert.der --issuerkey aakey.der --digest sha256 --lifetime 4
+.EE
+.PP
+Then the following command can be used to issue an attribute certificate based
+on a holder certificate and the options above:
+.PP
+.EX
+  pki --acert --options acert.opt --in holder.der --group sales --group finance -f pem
+.EE
+.PP
+.
+.SH "SEE ALSO"
+.
+.BR pki (1)
diff --git a/src/pki/man/pki---issue.1.in b/src/pki/man/pki---issue.1.in
index 3fad1ae8a..375cb2fe4 100644
--- a/src/pki/man/pki---issue.1.in
+++ b/src/pki/man/pki---issue.1.in
@@ -14,6 +14,8 @@ pki \-\-issue \- Issue a certificate using a CA certificate and key
 .OP \-\-dn subject-dn
 .OP \-\-san subjectAltName
 .OP \-\-lifetime days
+.OP \-\-not-before datetime
+.OP \-\-not-after datetime
 .OP \-\-serial hex
 .OP \-\-flag flag
 .OP \-\-digest digest
@@ -88,7 +90,28 @@ Subject distinguished name (DN) of the issued certificate.
 subjectAltName extension to include in certificate. Can be used multiple times.
 .TP
 .BI "\-l, \-\-lifetime " days
-Days the certificate is valid, default: 1095.
+Days the certificate is valid, default: 1095. Ignored if both
+an absolute start and end time are given.
+.TP
+.BI "\-F, \-\-not-before " datetime
+Absolute time when the validity of the certificate begins. The datetime format
+is defined by the
+.B \-\-dateform
+option.
+.TP
+.BI "\-T, \-\-not-after " datetime
+Absolute time when the validity of the certificate ends. The datetime format is
+defined by the
+.B \-\-dateform
+option.
+.TP
+.BI "\-D, \-\-dateform " form
+strptime(3) format for the
+.B \-\-not\-before
+and
+.B \-\-not\-after
+options, default:
+.B %d.%m.%y %T
 .TP
 .BI "\-s, \-\-serial " hex
 Serial number in hex. It is randomly allocated by default.
@@ -176,4 +199,4 @@ given PKCS#10 certificate request and the options above:
 .
 .SH "SEE ALSO"
 .
-.BR pki (1)
\ No newline at end of file
+.BR pki (1)
diff --git a/src/pki/man/pki---print.1.in b/src/pki/man/pki---print.1.in
index 8d3345edc..434d4ea16 100644
--- a/src/pki/man/pki---print.1.in
+++ b/src/pki/man/pki---print.1.in
@@ -46,8 +46,9 @@ Input file. If not given the input is read from \fISTDIN\fR.
 .BI "\-t, \-\-type " type
 Type of input. One of \fIrsa-priv\fR (RSA private key), \fIecdsa-priv\fR (ECDSA
 private key), \fIpub\fR (public key), \fIx509\fR (X.509 certificate), \fIcrl\fR
-(Certificate Revocation List, CRL), defaults to \fIx509\fR.
+(Certificate Revocation List, CRL), \fIac\fR (Attribute Certificate),
+defaults to \fIx509\fR.
 .
 .SH "SEE ALSO"
 .
-.BR pki (1)
\ No newline at end of file
+.BR pki (1)
diff --git a/src/pki/man/pki---self.1.in b/src/pki/man/pki---self.1.in
index ee42cf9a0..5e6e78bd0 100644
--- a/src/pki/man/pki---self.1.in
+++ b/src/pki/man/pki---self.1.in
@@ -14,6 +14,8 @@ pki \-\-self \- Create a self-signed certificate
 .BI \-\-dn\~ distinguished-name
 .OP \-\-san subjectAltName
 .OP \-\-lifetime days
+.OP \-\-not-before datetime
+.OP \-\-not-after datetime
 .OP \-\-serial hex
 .OP \-\-flag flag
 .OP \-\-digest digest
@@ -75,7 +77,28 @@ Subject and issuer distinguished name (DN). Required.
 subjectAltName extension to include in certificate. Can be used multiple times.
 .TP
 .BI "\-l, \-\-lifetime " days
-Days the certificate is valid, default: 1095.
+Days the certificate is valid, default: 1095. Ignored if both
+an absolute start and end time are given.
+.TP
+.BI "\-F, \-\-not-before " datetime
+Absolute time when the validity of the certificate begins. The datetime format
+is defined by the
+.B \-\-dateform
+option.
+.TP
+.BI "\-T, \-\-not-after " datetime
+Absolute time when the validity of the certificate ends. The datetime format is
+defined by the
+.B \-\-dateform
+option.
+.TP
+.BI "\-D, \-\-dateform " form
+strptime(3) format for the
+.B \-\-not\-before
+and
+.B \-\-not\-after
+options, default:
+.B %d.%m.%y %T
 .TP
 .BI "\-s, \-\-serial " hex
 Serial number in hex. It is randomly allocated by default.
@@ -145,4 +168,4 @@ Generate a self-signed certificate using the given RSA key:
 .
 .SH "SEE ALSO"
 .
-.BR pki (1)
\ No newline at end of file
+.BR pki (1)
diff --git a/src/pki/man/pki---signcrl.1.in b/src/pki/man/pki---signcrl.1.in
index 6ba96f6bc..bd6cba547 100644
--- a/src/pki/man/pki---signcrl.1.in
+++ b/src/pki/man/pki---signcrl.1.in
@@ -10,6 +10,8 @@ pki \-\-signcrl \- Issue a Certificate Revocation List (CRL) using a CA certific
 .BI \-\-cakey\~ file |\-\-cakeyid\~ hex
 .BI \-\-cacert\~ file
 .OP \-\-lifetime days
+.OP \-\-this-update datetime
+.OP \-\-next-update datetime
 .OP \-\-lastcrl crl
 .OP \-\-basecrl crl
 .OP \-\-crluri uri
@@ -62,7 +64,28 @@ is required.
 CA certificate file. Required.
 .TP
 .BI "\-l, \-\-lifetime " days
-Days until the CRL gets a nextUpdate, default: 15.
+Days until the CRL gets a nextUpdate, default: 15. Ignored if both
+an absolute start and end time are given.
+.TP
+.BI "\-F, \-\-this-update " datetime
+Absolute time when the validity of the CRL begins. The datetime format is
+defined by the
+.B \-\-dateform
+option.
+.TP
+.BI "\-T, \-\-next-update " datetime
+Absolute time when the validity of the CRL end. The datetime format is
+defined by the
+.B \-\-dateform
+option.
+.TP
+.BI "\-D, \-\-dateform " form
+strptime(3) format for the
+.B \-\-this\-update
+and
+.B \-\-next\-update
+options, default:
+.B %d.%m.%y %T
 .TP
 .BI "\-a, \-\-lastcrl " crl
 CRL of lastUpdate to copy revocations from.
@@ -121,4 +144,4 @@ number, but no reason:
 .PP
 .SH "SEE ALSO"
 .
-.BR pki (1)
\ No newline at end of file
+.BR pki (1)
diff --git a/src/pki/man/pki.1.in b/src/pki/man/pki.1.in
index 8dfc53af3..f347031b4 100644
--- a/src/pki/man/pki.1.in
+++ b/src/pki/man/pki.1.in
@@ -49,6 +49,9 @@ Issue a certificate using a CA certificate and key.
 .B "\-c, \-\-signcrl"
 Issue a CRL using a CA certificate and key.
 .TP
+.B "\-z, \-\-acert"
+Issue an attribute certificate.
+.TP
 .B "\-r, \-\-req"
 Create a PKCS#10 certificate request.
 .TP
@@ -148,6 +151,7 @@ certificates with the \-\-crl option.
 .BR pki\ \-\-self (1),
 .BR pki\ \-\-issue (1),
 .BR pki\ \-\-signcrl (1),
+.BR pki\ \-\-acert (1),
 .BR pki\ \-\-req (1),
 .BR pki\ \-\-pkcs7 (1),
 .BR pki\ \-\-keyid (1),
diff --git a/src/pki/pki.c b/src/pki/pki.c
index eb614dd7f..ae4ef1cb0 100644
--- a/src/pki/pki.c
+++ b/src/pki/pki.c
@@ -13,9 +13,11 @@
  * for more details.
  */
 
+#define _GNU_SOURCE
 #include "command.h"
 #include "pki.h"
 
+#include <time.h>
 #include <unistd.h>
 
 #include <utils/debug.h>
@@ -102,6 +104,56 @@ bool get_form(char *form, cred_encoding_type_t *enc, credential_type_t type)
 }
 
 /**
+ * See header
+ */
+bool calculate_lifetime(char *format, char *nbstr, char *nastr, time_t span,
+						time_t *nb, time_t *na)
+{
+	struct tm tm;
+	time_t now;
+	char *end;
+
+	if (!format)
+	{
+		format = "%d.%m.%y %T";
+	}
+
+	now = time(NULL);
+
+	localtime_r(&now, &tm);
+	if (nbstr)
+	{
+		end = strptime(nbstr, format, &tm);
+		if (end == NULL || *end != '\0')
+		{
+			return FALSE;
+		}
+	}
+	*nb = mktime(&tm);
+
+	localtime_r(&now, &tm);
+	if (nastr)
+	{
+		end = strptime(nastr, format, &tm);
+		if (end == NULL || *end != '\0')
+		{
+			return FALSE;
+		}
+	}
+	*na = mktime(&tm);
+
+	if (!nbstr && nastr)
+	{
+		*nb = *na - span;
+	}
+	else if (!nastr)
+	{
+		*na = *nb + span;
+	}
+	return TRUE;
+}
+
+/**
  * Callback credential set pki uses
  */
 static callback_cred_t *cb_set;
@@ -188,4 +240,3 @@ int main(int argc, char *argv[])
 	atexit(remove_callback);
 	return command_dispatch(argc, argv);
 }
-
diff --git a/src/pki/pki.h b/src/pki/pki.h
index 09c50c6c2..616fac44a 100644
--- a/src/pki/pki.h
+++ b/src/pki/pki.h
@@ -33,4 +33,21 @@
  */
 bool get_form(char *form, cred_encoding_type_t *enc, credential_type_t type);
 
+/**
+ * Calculate start/end lifetime for certificates.
+ *
+ * If both nbstr and nastr are given, span is ignored. Otherwise missing
+ * arguments are calculated, or assumed to be now.
+ *
+ * @param format	strptime() format, NULL for default: %d.%m.%y %T
+ * @param nbstr		string describing notBefore datetime, or NULL
+ * @param nastr		string describing notAfter datetime, or NULL
+ * @param span		lifetime span, from notBefore to notAfter
+ * @param nb		calculated notBefore time
+ * @param na		calculated notAfter time
+ * @return			TRUE of nb/na calculated successfully
+ */
+bool calculate_lifetime(char *format, char *nbstr, char *nastr, time_t span,
+						time_t *nb, time_t *na);
+
 #endif /** PKI_H_ @}*/
diff --git a/src/pool/Makefile.in b/src/pool/Makefile.in
index 63489034f..e8caddc63 100644
--- a/src/pool/Makefile.in
+++ b/src/pool/Makefile.in
@@ -372,7 +372,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/pt-tls-client/Makefile.in b/src/pt-tls-client/Makefile.in
index 61dff904e..d9a8259e9 100644
--- a/src/pt-tls-client/Makefile.in
+++ b/src/pt-tls-client/Makefile.in
@@ -342,7 +342,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/scepclient/Makefile.in b/src/scepclient/Makefile.in
index 06354da5f..524e05bd7 100644
--- a/src/scepclient/Makefile.in
+++ b/src/scepclient/Makefile.in
@@ -369,7 +369,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/starter/Makefile.in b/src/starter/Makefile.in
index 7a9154d84..3f3200d64 100644
--- a/src/starter/Makefile.in
+++ b/src/starter/Makefile.in
@@ -366,7 +366,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
diff --git a/src/stroke/Makefile.in b/src/stroke/Makefile.in
index 0b285285b..61136e84a 100644
--- a/src/stroke/Makefile.in
+++ b/src/stroke/Makefile.in
@@ -341,7 +341,6 @@ nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
-openac_plugins = @openac_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@