diff --git a/IDEAS.mk b/IDEAS.mk
index b31e521..b93f65f 100644
--- a/IDEAS.mk
+++ b/IDEAS.mk
@@ -37,8 +37,13 @@ endif
 
 EVALUATION_TEST ?= test_cases
 TEST_FILES := $(wildcard test_vectors/*.json)
+ifeq ($(LARGE_PROJECT),1)
+TARGETS_LIB ?=
+TARGETS_BIN ?= $(shell [ -d build-ninja ] && find build-ninja -maxdepth 1 -name '*.sources' ! -name '*.so.sources' -exec basename {} .sources \; )
+else
 TARGETS_LIB ?= $(shell [ -d build-ninja ] && find build-ninja -maxdepth 1 -name 'lib*.so.sources' -exec basename {} .so.sources \; | sed -e "s/^lib//gi")
 TARGETS_BIN ?= $(shell [ -d build-ninja ] && find build-ninja -maxdepth 1 -name '*.sources' ! -name 'lib*.so.sources' -exec basename {} .sources \; )
+endif
 TARGETS ?= $(TARGETS_BIN) $(TARGETS_LIB)
 ifeq (${TARGETS},)
 ifeq ($(filter cmake clean,$(MAKECMDGOALS)),)
@@ -122,6 +127,33 @@ translate: $(patsubst %,${TRANSLATION_DIR}/%/translate,${TARGETS}) ;
 ${TRANSLATION_DIR}/%/translate: ${TRANSLATION_DIR}/%/src/lib.rs | build-ninja/lib%.so.sources ;
 ${TRANSLATION_DIR}/%/translate: ${TRANSLATION_DIR}/%/src/main.rs | build-ninja/%.sources ;
 
+ifeq ($(LARGE_PROJECT),1)
+.PRECIOUS: ${TRANSLATION_DIR}/%/src/lib.rs
+${TRANSLATION_DIR}/%/src/lib.rs: | ${TRANSLATION_DIR}/%/Cargo.toml ${TRANSLATION_DIR}/%/tests/${TRANSLATION_TEST}.rs build-ninja/compile_commands.json
+	-uv run python -m ideas.translate model.name=${PROVIDER}/${MODEL} \
+                                 filename=build-ninja/compile_commands.json \
+                                 cargo_toml=${TRANSLATION_DIR}/$*/Cargo.toml \
+                                 source_priority=build-ninja/lib$*.so.sources \
+                                 tests=${TRANSLATION_TEST} \
+                                 vcs=${VCS} \
+                                 hydra.output_subdir=.translate \
+                                 hydra.job.name=translate \
+                                 hydra.run.dir=${TRANSLATION_DIR}/$* ${TRANSLATE_ARGS}
+	@touch $@
+
+.PRECIOUS: ${TRANSLATION_DIR}/%/src/main.rs
+${TRANSLATION_DIR}/%/src/main.rs: | ${TRANSLATION_DIR}/%/Cargo.toml ${TRANSLATION_DIR}/%/tests/${TRANSLATION_TEST}.rs build-ninja/compile_commands.json
+	-uv run python -m ideas.translate model.name=${PROVIDER}/${MODEL} \
+                                 filename=build-ninja/compile_commands.json \
+                                 cargo_toml=${TRANSLATION_DIR}/$*/Cargo.toml \
+                                 source_priority=build-ninja/$*.sources \
+                                 tests=${TRANSLATION_TEST} \
+                                 vcs=${VCS} \
+                                 hydra.output_subdir=.translate \
+                                 hydra.job.name=translate \
+                                 hydra.run.dir=${TRANSLATION_DIR}/$* ${TRANSLATE_ARGS}
+	@touch $@
+else
 .PRECIOUS: ${TRANSLATION_DIR}/%/src/lib.rs
 ${TRANSLATION_DIR}/%/src/lib.rs: ${TRANSLATION_DIR}/%/src/lib.c | ${TRANSLATION_DIR}/%/Cargo.toml ${TRANSLATION_DIR}/%/tests/${TRANSLATION_TEST}.rs
 	-uv run python -m ideas.translate model.name=${PROVIDER}/${MODEL} \
@@ -145,6 +177,7 @@ ${TRANSLATION_DIR}/%/src/main.rs: ${TRANSLATION_DIR}/%/src/main.c | ${TRANSLATIO
                                  hydra.job.name=translate \
                                  hydra.run.dir=${TRANSLATION_DIR}/$* ${TRANSLATE_ARGS}
 	@touch $@
+endif
 
 # build
 .PHONY: build
diff --git a/Makefile b/Makefile
index df83e8d..107a267 100644
--- a/Makefile
+++ b/Makefile
@@ -85,7 +85,7 @@ install-clang:## Install Clang-21, must be sudo
 
 .PHONY: install-sys-deps
 install-sys-deps:## Install system dependencies, must be sudo
-	apt install libpcre3-dev
+	apt install libpcre3-dev libpcre2-dev
 
 .PHONY: serve
 serve:## Start vLLM server
diff --git a/examples/hello_world/test_vectors/test.json b/examples/hello_world/test_vectors/test.json
deleted file mode 100644
index 09d7944..0000000
--- a/examples/hello_world/test_vectors/test.json
+++ /dev/null
@@ -1,7 +0,0 @@
-{
-  "argv": [],
-  "stdin": "",
-  "stdout": {
-    "pattern": "*****\nHello World!\n*****"
-  }
-}
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/CMakeLists.txt b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/CMakeLists.txt
deleted file mode 100644
index d907ec6..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/CMakeLists.txt
+++ /dev/null
@@ -1,18 +0,0 @@
-cmake_minimum_required(VERSION 3.10)
-project(SPHINCS_PLUS C)
-
-# Parameters for hash backend
-set(HASH_BACKEND "haraka" CACHE STRING "Hash backend (haraka, sha2, shake256, blake)")
-set(THASH "robust" CACHE STRING "thash variant (robust, simple)")
-set(SECPAR "128s" CACHE STRING "hash parameters (secpar(s|f)")
-
-set(CMAKE_C_STANDARD 99)
-find_program(CLANG_EXECUTABLE clang)
-if(CLANG_EXECUTABLE)
-    set(CMAKE_C_COMPILER ${CLANG_EXECUTABLE})
-endif()
-set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -O3")
-
-# Add subdirectories
-add_subdirectory(lib)
-add_subdirectory(app)
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/LICENSE b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/LICENSE
deleted file mode 100644
index 670154e..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/LICENSE
+++ /dev/null
@@ -1,116 +0,0 @@
-CC0 1.0 Universal
-
-Statement of Purpose
-
-The laws of most jurisdictions throughout the world automatically confer
-exclusive Copyright and Related Rights (defined below) upon the creator and
-subsequent owner(s) (each and all, an "owner") of an original work of
-authorship and/or a database (each, a "Work").
-
-Certain owners wish to permanently relinquish those rights to a Work for the
-purpose of contributing to a commons of creative, cultural and scientific
-works ("Commons") that the public can reliably and without fear of later
-claims of infringement build upon, modify, incorporate in other works, reuse
-and redistribute as freely as possible in any form whatsoever and for any
-purposes, including without limitation commercial purposes. These owners may
-contribute to the Commons to promote the ideal of a free culture and the
-further production of creative, cultural and scientific works, or to gain
-reputation or greater distribution for their Work in part through the use and
-efforts of others.
-
-For these and/or other purposes and motivations, and without any expectation
-of additional consideration or compensation, the person associating CC0 with a
-Work (the "Affirmer"), to the extent that he or she is an owner of Copyright
-and Related Rights in the Work, voluntarily elects to apply CC0 to the Work
-and publicly distribute the Work under its terms, with knowledge of his or her
-Copyright and Related Rights in the Work and the meaning and intended legal
-effect of CC0 on those rights.
-
-1. Copyright and Related Rights. A Work made available under CC0 may be
-protected by copyright and related or neighboring rights ("Copyright and
-Related Rights"). Copyright and Related Rights include, but are not limited
-to, the following:
-
-  i. the right to reproduce, adapt, distribute, perform, display, communicate,
-  and translate a Work;
-
-  ii. moral rights retained by the original author(s) and/or performer(s);
-
-  iii. publicity and privacy rights pertaining to a person's image or likeness
-  depicted in a Work;
-
-  iv. rights protecting against unfair competition in regards to a Work,
-  subject to the limitations in paragraph 4(a), below;
-
-  v. rights protecting the extraction, dissemination, use and reuse of data in
-  a Work;
-
-  vi. database rights (such as those arising under Directive 96/9/EC of the
-  European Parliament and of the Council of 11 March 1996 on the legal
-  protection of databases, and under any national implementation thereof,
-  including any amended or successor version of such directive); and
-
-  vii. other similar, equivalent or corresponding rights throughout the world
-  based on applicable law or treaty, and any national implementations thereof.
-
-2. Waiver. To the greatest extent permitted by, but not in contravention of,
-applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and
-unconditionally waives, abandons, and surrenders all of Affirmer's Copyright
-and Related Rights and associated claims and causes of action, whether now
-known or unknown (including existing as well as future claims and causes of
-action), in the Work (i) in all territories worldwide, (ii) for the maximum
-duration provided by applicable law or treaty (including future time
-extensions), (iii) in any current or future medium and for any number of
-copies, and (iv) for any purpose whatsoever, including without limitation
-commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes
-the Waiver for the benefit of each member of the public at large and to the
-detriment of Affirmer's heirs and successors, fully intending that such Waiver
-shall not be subject to revocation, rescission, cancellation, termination, or
-any other legal or equitable action to disrupt the quiet enjoyment of the Work
-by the public as contemplated by Affirmer's express Statement of Purpose.
-
-3. Public License Fallback. Should any part of the Waiver for any reason be
-judged legally invalid or ineffective under applicable law, then the Waiver
-shall be preserved to the maximum extent permitted taking into account
-Affirmer's express Statement of Purpose. In addition, to the extent the Waiver
-is so judged Affirmer hereby grants to each affected person a royalty-free,
-non transferable, non sublicensable, non exclusive, irrevocable and
-unconditional license to exercise Affirmer's Copyright and Related Rights in
-the Work (i) in all territories worldwide, (ii) for the maximum duration
-provided by applicable law or treaty (including future time extensions), (iii)
-in any current or future medium and for any number of copies, and (iv) for any
-purpose whatsoever, including without limitation commercial, advertising or
-promotional purposes (the "License"). The License shall be deemed effective as
-of the date CC0 was applied by Affirmer to the Work. Should any part of the
-License for any reason be judged legally invalid or ineffective under
-applicable law, such partial invalidity or ineffectiveness shall not
-invalidate the remainder of the License, and in such case Affirmer hereby
-affirms that he or she will not (i) exercise any of his or her remaining
-Copyright and Related Rights in the Work or (ii) assert any associated claims
-and causes of action with respect to the Work, in either case contrary to
-Affirmer's express Statement of Purpose.
-
-4. Limitations and Disclaimers.
-
-  a. No trademark or patent rights held by Affirmer are waived, abandoned,
-  surrendered, licensed or otherwise affected by this document.
-
-  b. Affirmer offers the Work as-is and makes no representations or warranties
-  of any kind concerning the Work, express, implied, statutory or otherwise,
-  including without limitation warranties of title, merchantability, fitness
-  for a particular purpose, non infringement, or the absence of latent or
-  other defects, accuracy, or the present or absence of errors, whether or not
-  discoverable, all to the greatest extent permissible under applicable law.
-
-  c. Affirmer disclaims responsibility for clearing rights of other persons
-  that may apply to the Work or any use thereof, including without limitation
-  any person's Copyright and Related Rights in the Work. Further, Affirmer
-  disclaims responsibility for obtaining any necessary consents, permissions
-  or other rights required for any use of the Work.
-
-  d. Affirmer understands and acknowledges that Creative Commons is not a
-  party to this document and has no duty or obligation with respect to this
-  CC0 or use of the Work.
-
-For more information, please see
-<http://creativecommons.org/publicdomain/zero/1.0/>
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/README.md b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/README.md
deleted file mode 100644
index f265f00..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/README.md
+++ /dev/null
@@ -1,36 +0,0 @@
-SPHINCS+
-==========
-This repository contains a modified version of the [SPHINCS+ scheme reference](https://github.com/eyalr0/sphincsplusc/) including Jean-Philippe Aumasson's reference implementation of BLAKE.
-
-SPHINCS+ is a plausibly quantum resilient hash-based signature scheme which was selected by NIST for the [FIPS 205](https://csrc.nist.gov/pubs/fips/205/final) SLH-DSA "Stateless Hash-Based Digital Signature Standard" for post-quantum signatures.
-The SPHINCS+ construction combines multiple layers: Winternitz one-time signatures (WOTS+), a few-time signature scheme (FORS), Merkle trees, and a hypertree structure to enable scalable signing without state management.
-
-## Build Instructions
-Prerequisites: 
-- libcrypto
-
-### Parameters
-CMake requires three arguments to build the libraries.
-- `HASH_BACKEND` Defining which underlying hash function to use `(blake, sha2, shake, haraka)` 
-- `THASH` Determining whether to use the robust or simple construction `(robust, simple)`
-- `SECPAR` Determining the security parameter and whether to use short or fast signatures `(128f, 128s, 192f, 192s, 256f, 256s)`
-
-The possible values are all listed in `CMakeLists.txt` with the exception of 
-`SECPAR`, which are formatted as the integer parameter with an appended character `s` or `f` indicating whether the signatures should prioritize length (short) or speed (fast). The integer parameter can either be 128, 192 or 256. An example `SECPAR` value is `128s`.
-
-### Build Commands
-To build for a particular set of parameters in a subdirectory `build`:
-```
-mdkir build
-cmake -B build -DHASH_BACKEND=sha2 -DTHASH=robust -DSECPAR=192f
-cmake --build build
-```
-
-## Associated Executable
-For testing purposes, there is a provided executable whose main function can be found in [PQCgenKAT_sign.c](./app/src/PQCgenKAT_sign.c). 
-This executable performs an in-memory test of signing and verification capabilities before producing a shake256 digest of the signature transcripts.
-
-PQCgenKAT_sign.c links against the underlying hash backend with parameters defined by the CMake arguments `HASH_BACKEND`, `THASH`, and `SECPAR` described earlier.
-
-## License
-Following the original code from the [SPHINCS+ submission repository](https://github.com/sphincs/sphincsplus), the [SPHINCS+ reference implementation](https://github.com/eyalr0/sphincsplusc/), and Jean-Philippe's BLAKE implementation, all included code is available under the CC0 1.0 Universal Public Domain Dedication, with the exception of rng.c and rng.h which were provided by NIST, and PQCgenKAT_sign.c which was originally provided by NIST, but we have altered to no longer perform file IO.
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/CMakeLists.txt b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/CMakeLists.txt
deleted file mode 100644
index fe1de99..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/CMakeLists.txt
+++ /dev/null
@@ -1,47 +0,0 @@
-# Core sources that are common to both variants --- NO random source here
-set(SPHINCS_CORE_COMMON
-    src/address.c
-    src/fors.c
-    src/merkle.c
-    src/sign.c
-    src/utils.c
-    src/utilsx1.c
-    src/wots.c
-    src/wotsx1.c
-)
-
-set(PARAMS "sphincs-${HASH_BACKEND}-${SECPAR}")
-set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DPARAMS=${PARAMS}")
-if(${HASH_BACKEND} STREQUAL "blake")
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DBLAKE_TR=1")
-elseif(${HASH_BACKEND} STREQUAL "haraka")
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DHARAKA_TR=1")
-elseif(${HASH_BACKEND} STREQUAL "sha2")
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DSHA2_TR=1")
-elseif(${HASH_BACKEND} STREQUAL "shake")
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DSHAKE_TR=1")
-endif()
-
-# Build once as an OBJECT library (so tests and apps reuse the same objects)
-add_library(sphincs_obj SHARED OBJECT ${SPHINCS_CORE_COMMON})
-target_include_directories(sphincs_obj PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/include)
-
-# Normal core (uses randombytes.c)
-add_library(sphincs_core SHARED
-    $<TARGET_OBJECTS:sphincs_obj>
-    src/randombytes.c
-)
-target_include_directories(sphincs_core PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/include)
-
-# Deterministic core (uses rng.c)
-add_library(sphincs_core_det SHARED
-    $<TARGET_OBJECTS:sphincs_obj>
-    src/rng.c
-)
-target_include_directories(sphincs_core_det PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/include)
-
-# Main executable uses the deterministic core (no randombytes.c)
-add_executable(driver src/PQCgenKAT_sign.c)
-
-# Link correct hash backend based on parameter
-target_link_libraries(driver sphincs_core_det ${HASH_BACKEND} crypto)
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/address.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/address.h
deleted file mode 100644
index 24a84eb..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/address.h
+++ /dev/null
@@ -1,52 +0,0 @@
-#ifndef SPX_ADDRESS_H
-#define SPX_ADDRESS_H
-
-#include <stdint.h>
-
-#include "params.h"
-
-/* The hash types that are passed to set_type */
-#define SPX_ADDR_TYPE_WOTS 0
-#define SPX_ADDR_TYPE_WOTSPK 1
-#define SPX_ADDR_TYPE_HASHTREE 2
-#define SPX_ADDR_TYPE_FORSTREE 3
-#define SPX_ADDR_TYPE_FORSPK 4
-#define SPX_ADDR_TYPE_WOTSPRF 5
-#define SPX_ADDR_TYPE_FORSPRF 6
-
-#define set_layer_addr SPX_NAMESPACE(set_layer_addr)
-void set_layer_addr(uint32_t addr[8], uint32_t layer);
-
-#define set_tree_addr SPX_NAMESPACE(set_tree_addr)
-void set_tree_addr(uint32_t addr[8], uint64_t tree);
-
-#define set_type SPX_NAMESPACE(set_type)
-void set_type(uint32_t addr[8], uint32_t type);
-
-/* Copies the layer and tree part of one address into the other */
-#define copy_subtree_addr SPX_NAMESPACE(copy_subtree_addr)
-void copy_subtree_addr(uint32_t out[8], const uint32_t in[8]);
-
-/* These functions are used for WOTS and FORS addresses. */
-
-#define set_keypair_addr SPX_NAMESPACE(set_keypair_addr)
-void set_keypair_addr(uint32_t addr[8], uint32_t keypair);
-
-#define set_chain_addr SPX_NAMESPACE(set_chain_addr)
-void set_chain_addr(uint32_t addr[8], uint32_t chain);
-
-#define set_hash_addr SPX_NAMESPACE(set_hash_addr)
-void set_hash_addr(uint32_t addr[8], uint32_t hash);
-
-#define copy_keypair_addr SPX_NAMESPACE(copy_keypair_addr)
-void copy_keypair_addr(uint32_t out[8], const uint32_t in[8]);
-
-/* These functions are used for all hash tree addresses (including FORS). */
-
-#define set_tree_height SPX_NAMESPACE(set_tree_height)
-void set_tree_height(uint32_t addr[8], uint32_t tree_height);
-
-#define set_tree_index SPX_NAMESPACE(set_tree_index)
-void set_tree_index(uint32_t addr[8], uint32_t tree_index);
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/api.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/api.h
deleted file mode 100644
index 9e01b41..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/api.h
+++ /dev/null
@@ -1,79 +0,0 @@
-#ifndef SPX_API_H
-#define SPX_API_H
-
-#include <stddef.h>
-#include <stdint.h>
-
-#include "params.h"
-
-#ifndef CRYPTO_ALGNAME
-#define CRYPTO_ALGNAME "SPHINCS+"
-#endif
-
-#define CRYPTO_SECRETKEYBYTES SPX_SK_BYTES
-#define CRYPTO_PUBLICKEYBYTES SPX_PK_BYTES
-#define CRYPTO_BYTES SPX_BYTES
-#define CRYPTO_SEEDBYTES 3*SPX_N
-
-/*
- * Returns the length of a secret key, in bytes
- */
-unsigned long long crypto_sign_secretkeybytes(void);
-
-/*
- * Returns the length of a public key, in bytes
- */
-unsigned long long crypto_sign_publickeybytes(void);
-
-/*
- * Returns the length of a signature, in bytes
- */
-unsigned long long crypto_sign_bytes(void);
-
-/*
- * Returns the length of the seed required to generate a key pair, in bytes
- */
-unsigned long long crypto_sign_seedbytes(void);
-
-/*
- * Generates a SPHINCS+ key pair given a seed.
- * Format sk: [SK_SEED || SK_PRF || PUB_SEED || root]
- * Format pk: [root || PUB_SEED]
- */
-int crypto_sign_seed_keypair(unsigned char *pk, unsigned char *sk,
-                             const unsigned char *seed);
-
-/*
- * Generates a SPHINCS+ key pair.
- * Format sk: [SK_SEED || SK_PRF || PUB_SEED || root]
- * Format pk: [root || PUB_SEED]
- */
-int crypto_sign_keypair(unsigned char *pk, unsigned char *sk);
-
-/**
- * Returns an array containing a detached signature.
- */
-int crypto_sign_signature(uint8_t *sig, size_t *siglen,
-                          const uint8_t *m, size_t mlen, const uint8_t *sk);
-
-/**
- * Verifies a detached signature and message under a given public key.
- */
-int crypto_sign_verify(const uint8_t *sig, size_t siglen,
-                       const uint8_t *m, size_t mlen, const uint8_t *pk);
-
-/**
- * Returns an array containing the signature followed by the message.
- */
-int crypto_sign(unsigned char *sm, unsigned long long *smlen,
-                const unsigned char *m, unsigned long long mlen,
-                const unsigned char *sk);
-
-/**
- * Verifies a given signature-message pair under a given public key.
- */
-int crypto_sign_open(unsigned char *m, unsigned long long *mlen,
-                     const unsigned char *sm, unsigned long long smlen,
-                     const unsigned char *pk);
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/context.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/context.h
deleted file mode 100644
index aded564..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/context.h
+++ /dev/null
@@ -1,28 +0,0 @@
-#ifndef SPX_CONTEXT_H
-#define SPX_CONTEXT_H
-
-#include <stdint.h>
-
-#include "params.h"
-
-typedef struct {
-    uint8_t pub_seed[SPX_N];
-    uint8_t sk_seed[SPX_N];
-
-#ifdef SPX_SHA2
-    // sha256 state that absorbed pub_seed
-    uint8_t state_seeded[40];
-
-# if SPX_SHA512
-    // sha512 state that absorbed pub_seed
-    uint8_t state_seeded_512[72];
-# endif
-#endif
-
-#ifdef SPX_HARAKA
-    uint64_t tweaked512_rc64[10][8];
-    uint32_t tweaked256_rc32[10][8];
-#endif
-} spx_ctx;
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/fors.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/fors.h
deleted file mode 100644
index ede956f..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/fors.h
+++ /dev/null
@@ -1,36 +0,0 @@
-#ifndef SPX_FORS_H
-#define SPX_FORS_H
-
-#include <stdint.h>
-
-#include "context.h"
-#include "params.h"
-
-typedef struct fors_gen_leaf_info {
-    uint32_t leaf_addrx[8];
-} fors_gen_leaf_info;
-
-/**
- * Signs a message m, deriving the secret key from sk_seed and the FTS address.
- * Assumes m contains at least SPX_FORS_HEIGHT * SPX_FORS_TREES bits.
- */
-#define fors_sign SPX_NAMESPACE(fors_sign)
-void fors_sign(unsigned char *sig, unsigned char *pk,
-               const unsigned char *m,
-               const spx_ctx* ctx,
-               const uint32_t fors_addr[8]);
-
-/**
- * Derives the FORS public key from a signature.
- * This can be used for verification by comparing to a known public key, or to
- * subsequently verify a signature on the derived public key. The latter is the
- * typical use-case when used as an FTS below an OTS in a hypertree.
- * Assumes m contains at least SPX_FORS_HEIGHT * SPX_FORS_TREES bits.
- */
-#define fors_pk_from_sig SPX_NAMESPACE(fors_pk_from_sig)
-void fors_pk_from_sig(unsigned char *pk,
-                      const unsigned char *sig, const unsigned char *m,
-                      const spx_ctx* ctx,
-                      const uint32_t fors_addr[8]);
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/forsx1.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/forsx1.h
deleted file mode 100644
index f40a13c..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/forsx1.h
+++ /dev/null
@@ -1,12 +0,0 @@
-#if !defined( FORSX1_H_ )
-#define FORSX1_H_ 
-
-#include "context.h"
-#include "fors.h"
-
-#define fors_gen_leafx1 SPX_NAMESPACE(fors_gen_leafx1)
-void fors_gen_leafx1(unsigned char *leaf,
-		     const spx_ctx *ctx,
-		     uint32_t addr_idx, fors_gen_leaf_info *info);
-
-#endif /* FORSX1_H_ */
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/hash.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/hash.h
deleted file mode 100644
index c8fb569..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/hash.h
+++ /dev/null
@@ -1,28 +0,0 @@
-#ifndef SPX_HASH_H
-#define SPX_HASH_H
-
-#include <stdint.h>
-
-#include "context.h"
-#include "params.h"
-
-#define initialize_hash_function SPX_NAMESPACE(initialize_hash_function)
-void initialize_hash_function(spx_ctx *ctx);
-
-#define prf_addr SPX_NAMESPACE(prf_addr)
-void prf_addr(unsigned char *out, const spx_ctx *ctx,
-              const uint32_t addr[8]);
-
-#define gen_message_random SPX_NAMESPACE(gen_message_random)
-void gen_message_random(unsigned char *R, const unsigned char *sk_prf,
-                        const unsigned char *optrand,
-                        const unsigned char *m, unsigned long long mlen,
-                        const spx_ctx *ctx);
-
-#define hash_message SPX_NAMESPACE(hash_message)
-void hash_message(unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx,
-                  const unsigned char *R, const unsigned char *pk,
-                  const unsigned char *m, unsigned long long mlen,
-                  const spx_ctx *ctx);
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/merkle.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/merkle.h
deleted file mode 100644
index 3ca3160..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/merkle.h
+++ /dev/null
@@ -1,19 +0,0 @@
-#if !defined( MERKLE_H_ )
-#define MERKLE_H_
-
-#include <stdint.h>
-#include "context.h"
-
-/* Generate a Merkle signature (WOTS signature followed by the Merkle */
-/* authentication path) */
-#define merkle_sign SPX_NAMESPACE(merkle_sign)
-void merkle_sign(uint8_t *sig, unsigned char *root,
-        const spx_ctx* ctx,
-        uint32_t wots_addr[8], uint32_t tree_addr[8],
-        uint32_t idx_leaf);
-
-/* Compute the root node of the top-most subtree. */
-#define merkle_gen_root SPX_NAMESPACE(merkle_gen_root)
-void merkle_gen_root(unsigned char *root, const spx_ctx* ctx);
-
-#endif /* MERKLE_H_ */
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/params.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/params.h
deleted file mode 100644
index e4653b7..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/params.h
+++ /dev/null
@@ -1,5 +0,0 @@
-#define str(s) #s
-#define xstr(s) str(s)
-
-#include xstr(../params/params-PARAMS.h)
-
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/randombytes.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/randombytes.h
deleted file mode 100644
index 671c1b1..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/randombytes.h
+++ /dev/null
@@ -1,6 +0,0 @@
-#ifndef SPX_RANDOMBYTES_H
-#define SPX_RANDOMBYTES_H
-
-extern void randombytes(unsigned char * x,unsigned long long xlen);
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/rng.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/rng.h
deleted file mode 100644
index c4f1c60..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/rng.h
+++ /dev/null
@@ -1,54 +0,0 @@
-//
-//  rng.h
-//
-//  Created by Bassham, Lawrence E (Fed) on 8/29/17.
-//  Copyright © 2017 Bassham, Lawrence E (Fed). All rights reserved.
-//
-
-#ifndef rng_h
-#define rng_h
-
-#include <stdio.h>
-
-#define RNG_SUCCESS      0
-#define RNG_BAD_MAXLEN  -1
-#define RNG_BAD_OUTBUF  -2
-#define RNG_BAD_REQ_LEN -3
-
-typedef struct {
-    unsigned char   buffer[16];
-    unsigned long   buffer_pos;
-    unsigned long   length_remaining;
-    unsigned char   key[32];
-    unsigned char   ctr[16];
-} AES_XOF_struct;
-
-typedef struct {
-    unsigned char   Key[32];
-    unsigned char   V[16];
-    int             reseed_counter;
-} AES256_CTR_DRBG_struct;
-
-
-void
-AES256_CTR_DRBG_Update(unsigned char *provided_data,
-                       unsigned char *Key,
-                       unsigned char *V);
-
-int
-seedexpander_init(AES_XOF_struct *ctx,
-                  unsigned char *seed,
-                  unsigned char *diversifier,
-                  unsigned long maxlen);
-
-int
-seedexpander(AES_XOF_struct *ctx, unsigned char *x, unsigned long xlen);
-
-void
-randombytes_init(unsigned char *entropy_input,
-                 unsigned char *personalization_string);
-
-int
-randombytes(unsigned char *x, unsigned long long xlen);
-
-#endif /* rng_h */
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/thash.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/thash.h
deleted file mode 100644
index 53b27d2..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/thash.h
+++ /dev/null
@@ -1,13 +0,0 @@
-#ifndef SPX_THASH_H
-#define SPX_THASH_H
-
-#include <stdint.h>
-
-#include "context.h"
-#include "params.h"
-
-#define thash SPX_NAMESPACE(thash)
-void thash(unsigned char *out, const unsigned char *in, unsigned int inblocks,
-           const spx_ctx *ctx, uint32_t addr[8]);
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/utils.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/utils.h
deleted file mode 100644
index 1f9efe2..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/utils.h
+++ /dev/null
@@ -1,55 +0,0 @@
-#ifndef SPX_UTILS_H
-#define SPX_UTILS_H
-
-#include <stdint.h>
-
-#include "context.h"
-#include "params.h"
-
-# define SPX_VLA(__t,__x,__s) __t __x[__s]
-
-/**
- * Converts the value of 'in' to 'outlen' bytes in big-endian byte order.
- */
-#define ull_to_bytes SPX_NAMESPACE(ull_to_bytes)
-void ull_to_bytes(unsigned char *out, unsigned int outlen,
-                  unsigned long long in);
-#define u32_to_bytes SPX_NAMESPACE(u32_to_bytes)
-void u32_to_bytes(unsigned char *out, uint32_t in);
-
-/**
- * Converts the inlen bytes in 'in' from big-endian byte order to an integer.
- */
-#define bytes_to_ull SPX_NAMESPACE(bytes_to_ull)
-unsigned long long bytes_to_ull(const unsigned char *in, unsigned int inlen);
-
-/**
- * Computes a root node given a leaf and an auth path.
- * Expects address to be complete other than the tree_height and tree_index.
- */
-#define compute_root SPX_NAMESPACE(compute_root)
-void compute_root(unsigned char *root, const unsigned char *leaf,
-                  uint32_t leaf_idx, uint32_t idx_offset,
-                  const unsigned char *auth_path, uint32_t tree_height,
-                  const spx_ctx *ctx, uint32_t addr[8]);
-
-/**
- * For a given leaf index, computes the authentication path and the resulting
- * root node using Merkle's TreeHash algorithm.
- * Expects the layer and tree parts of the tree_addr to be set, as well as the
- * tree type (i.e. SPX_ADDR_TYPE_HASHTREE or SPX_ADDR_TYPE_FORSTREE).
- * Applies the offset idx_offset to indices before building addresses, so that
- * it is possible to continue counting indices across trees.
- */
-#define treehash SPX_NAMESPACE(treehash)
-void treehash(unsigned char *root, unsigned char *auth_path,
-              const spx_ctx* ctx,
-              uint32_t leaf_idx, uint32_t idx_offset, uint32_t tree_height,
-              void (*gen_leaf)(
-                 unsigned char* /* leaf */,
-                 const spx_ctx* ctx /* ctx */,
-                 uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */),
-              uint32_t tree_addr[8]);
-
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/utilsx1.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/utilsx1.h
deleted file mode 100644
index 14c98d0..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/utilsx1.h
+++ /dev/null
@@ -1,30 +0,0 @@
-#ifndef SPX_UTILSX4_H
-#define SPX_UTILSX4_H
-
-#include <stdint.h>
-
-#include "context.h"
-#include "fors.h"
-#include "params.h"
-#include "wotsx1.h"
-
-/**
- * For a given leaf index, computes the authentication path and the resulting
- * root node using Merkle's TreeHash algorithm.
- * Expects the layer and tree parts of the tree_addr to be set, as well as the
- * tree type (i.e. SPX_ADDR_TYPE_HASHTREE or SPX_ADDR_TYPE_FORSTREE).
- * Applies the offset idx_offset to indices before building addresses, so that
- * it is possible to continue counting indices across trees.
- */
-#define wots_treehashx1 SPX_NAMESPACE(wots_treehashx1)
-void wots_treehashx1(unsigned char *root, unsigned char *auth_path,
-		     const spx_ctx* ctx,
-		     uint32_t leaf_idx, uint32_t idx_offset, uint32_t tree_height,
-		     uint32_t tree_addrx4[8], leaf_info_x1 *info);
-
-#define fors_treehashx1 SPX_NAMESPACE(fors_treehashx1)
-void fors_treehashx1(unsigned char *root, unsigned char *auth_path,
-		     const spx_ctx* ctx,
-		     uint32_t leaf_idx, uint32_t idx_offset, uint32_t tree_height,
-		     uint32_t tree_addrx4[8], fors_gen_leaf_info *info);
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/wots.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/wots.h
deleted file mode 100644
index 4e7692e..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/wots.h
+++ /dev/null
@@ -1,25 +0,0 @@
-#ifndef SPX_WOTS_H
-#define SPX_WOTS_H
-
-#include <stdint.h>
-
-#include "context.h"
-#include "params.h"
-
-/**
- * Takes a WOTS signature and an n-byte message, computes a WOTS public key.
- *
- * Writes the computed public key to 'pk'.
- */
-#define wots_pk_from_sig SPX_NAMESPACE(wots_pk_from_sig)
-void wots_pk_from_sig(unsigned char *pk,
-                      const unsigned char *sig, const unsigned char *msg,
-                      const spx_ctx *ctx, uint32_t addr[8]);
-
-/*
- * Compute the chain lengths needed for a given message hash
- */
-#define chain_lengths SPX_NAMESPACE(chain_lengths)
-void chain_lengths(unsigned int *lengths, const unsigned char *msg);
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/wotsx1.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/wotsx1.h
deleted file mode 100644
index 411fa8e..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/include/wotsx1.h
+++ /dev/null
@@ -1,36 +0,0 @@
-#if !defined( WOTSX1_H_ )
-#define WOTSX1_H_ 
-
-#include <string.h>
-
-/*
- * This is here to provide an interface to the internal wots_gen_leafx1
- * routine.  While this routine is not referenced in the package outside of
- * wots.c, it is called from the stand-alone benchmark code to characterize
- * the performance
- */
-typedef struct leaf_info_x1 {
-    unsigned char *wots_sig;
-    uint32_t wots_sign_leaf; /* The index of the WOTS we're using to sign */
-    uint32_t *wots_steps;
-    uint32_t leaf_addr[8];
-    uint32_t pk_addr[8];
-} leaf_info_x1;
-
-/* Macro to set the leaf_info to something 'benign', that is, it would */
-/* run with the same time as it does during the real signing process */
-/* Used only by the benchmark code */
-#define INITIALIZE_LEAF_INFO_X1(info, addr, step_buffer) { \
-    info.wots_sig = 0;             \
-    info.wots_sign_leaf = ~0u;      \
-    info.wots_steps = step_buffer; \
-    memcpy( &info.leaf_addr[0], addr, 32 ); \
-    memcpy( &info.pk_addr[0], addr, 32 ); \
-}
-
-#define wots_gen_leafx1 SPX_NAMESPACE(wots_gen_leafx1)
-void wots_gen_leafx1(unsigned char *dest,
-                   const spx_ctx *ctx,
-                   uint32_t leaf_idx, leaf_info_x1 *v_info);
-
-#endif /* WOTSX1_H_ */
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-blake-128f.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-blake-128f.h
deleted file mode 100644
index 9c1f370..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-blake-128f.h
+++ /dev/null
@@ -1,85 +0,0 @@
-#ifndef SPX_PARAMS_H
-#define SPX_PARAMS_H
-
-#define SPX_NAMESPACE(s) SPX_##s
-
-/* Hash output length in bytes. */
-#define SPX_N 16
-/* Height of the hypertree. */
-#define SPX_FULL_HEIGHT 66
-/* Number of subtree layer. */
-#define SPX_D 22
-/* FORS tree dimensions. */
-#define SPX_FORS_HEIGHT 6
-#define SPX_FORS_TREES 33
-/* Winternitz parameter, */
-#define SPX_WOTS_W 16
-
-/* The hash function is defined by linking a different hash.c file, as opposed
-   to setting a #define constant. */
-
-/* This is a BLAKE-based parameter set, hence whether we use BLAKE-256
- * exclusively or we use both BLAKE-256 and BLAKE-512 is controlled by
- * the following #define */
-#define SPX_BLAKE512 0  /* Use BLAKE-256 for all hashes */
-
-/* For clarity */
-#define SPX_ADDR_BYTES 32
-
-/* WOTS parameters. */
-#if SPX_WOTS_W == 256
-    #define SPX_WOTS_LOGW 8
-#elif SPX_WOTS_W == 16
-    #define SPX_WOTS_LOGW 4
-#else
-    #error SPX_WOTS_W assumed 16 or 256
-#endif
-
-#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW)
-
-/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */
-#if SPX_WOTS_W == 256
-    #if SPX_N <= 1
-        #define SPX_WOTS_LEN2 1
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 2
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#elif SPX_WOTS_W == 16
-    #if SPX_N <= 8
-        #define SPX_WOTS_LEN2 2
-    #elif SPX_N <= 136
-        #define SPX_WOTS_LEN2 3
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 4
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#endif
-
-#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2)
-#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N)
-#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES
-
-/* Subtree size. */
-#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D)
-
-#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT
-    #error SPX_D should always divide SPX_FULL_HEIGHT
-#endif
-
-/* FORS parameters. */
-#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8)
-#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N)
-#define SPX_FORS_PK_BYTES SPX_N
-
-/* Resulting SPX sizes. */
-#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\
-                   SPX_FULL_HEIGHT * SPX_N)
-#define SPX_PK_BYTES (2 * SPX_N)
-#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
-
-#include "../../lib/blake/include/blake_offsets.h"
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-blake-128s.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-blake-128s.h
deleted file mode 100644
index 7f59db4..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-blake-128s.h
+++ /dev/null
@@ -1,85 +0,0 @@
-#ifndef SPX_PARAMS_H
-#define SPX_PARAMS_H
-
-#define SPX_NAMESPACE(s) SPX_##s
-
-/* Hash output length in bytes. */
-#define SPX_N 16
-/* Height of the hypertree. */
-#define SPX_FULL_HEIGHT 63
-/* Number of subtree layer. */
-#define SPX_D 7
-/* FORS tree dimensions. */
-#define SPX_FORS_HEIGHT 12
-#define SPX_FORS_TREES 14
-/* Winternitz parameter, */
-#define SPX_WOTS_W 16
-
-/* The hash function is defined by linking a different hash.c file, as opposed
-   to setting a #define constant. */
-
-/* This is a BLAKE-based parameter set, hence whether we use BLAKE-256
- * exclusively or we use both BLAKE-256 and BLAKE-512 is controlled by
- * the following #define */
-#define SPX_BLAKE512 0  /* Use BLAKE-256 for all hashes */
-
-/* For clarity */
-#define SPX_ADDR_BYTES 32
-
-/* WOTS parameters. */
-#if SPX_WOTS_W == 256
-    #define SPX_WOTS_LOGW 8
-#elif SPX_WOTS_W == 16
-    #define SPX_WOTS_LOGW 4
-#else
-    #error SPX_WOTS_W assumed 16 or 256
-#endif
-
-#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW)
-
-/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */
-#if SPX_WOTS_W == 256
-    #if SPX_N <= 1
-        #define SPX_WOTS_LEN2 1
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 2
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#elif SPX_WOTS_W == 16
-    #if SPX_N <= 8
-        #define SPX_WOTS_LEN2 2
-    #elif SPX_N <= 136
-        #define SPX_WOTS_LEN2 3
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 4
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#endif
-
-#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2)
-#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N)
-#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES
-
-/* Subtree size. */
-#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D)
-
-#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT
-    #error SPX_D should always divide SPX_FULL_HEIGHT
-#endif
-
-/* FORS parameters. */
-#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8)
-#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N)
-#define SPX_FORS_PK_BYTES SPX_N
-
-/* Resulting SPX sizes. */
-#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\
-                   SPX_FULL_HEIGHT * SPX_N)
-#define SPX_PK_BYTES (2 * SPX_N)
-#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
-
-#include "../../lib/blake/include/blake_offsets.h"
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-blake-192f.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-blake-192f.h
deleted file mode 100644
index 430fdd2..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-blake-192f.h
+++ /dev/null
@@ -1,85 +0,0 @@
-#ifndef SPX_PARAMS_H
-#define SPX_PARAMS_H
-
-#define SPX_NAMESPACE(s) SPX_##s
-
-/* Hash output length in bytes. */
-#define SPX_N 24
-/* Height of the hypertree. */
-#define SPX_FULL_HEIGHT 66
-/* Number of subtree layer. */
-#define SPX_D 22
-/* FORS tree dimensions. */
-#define SPX_FORS_HEIGHT 8
-#define SPX_FORS_TREES 33
-/* Winternitz parameter, */
-#define SPX_WOTS_W 16
-
-/* The hash function is defined by linking a different hash.c file, as opposed
-   to setting a #define constant. */
-
-/* This is a BLAKE-based parameter set, hence whether we use BLAKE-256
- * exclusively or we use both BLAKE-256 and BLAKE-512 is controlled by
- * the following #define */
-#define SPX_BLAKE512 1  /* Use BLAKE-512 */
-
-/* For clarity */
-#define SPX_ADDR_BYTES 32
-
-/* WOTS parameters. */
-#if SPX_WOTS_W == 256
-    #define SPX_WOTS_LOGW 8
-#elif SPX_WOTS_W == 16
-    #define SPX_WOTS_LOGW 4
-#else
-    #error SPX_WOTS_W assumed 16 or 256
-#endif
-
-#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW)
-
-/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */
-#if SPX_WOTS_W == 256
-    #if SPX_N <= 1
-        #define SPX_WOTS_LEN2 1
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 2
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#elif SPX_WOTS_W == 16
-    #if SPX_N <= 8
-        #define SPX_WOTS_LEN2 2
-    #elif SPX_N <= 136
-        #define SPX_WOTS_LEN2 3
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 4
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#endif
-
-#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2)
-#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N)
-#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES
-
-/* Subtree size. */
-#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D)
-
-#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT
-    #error SPX_D should always divide SPX_FULL_HEIGHT
-#endif
-
-/* FORS parameters. */
-#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8)
-#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N)
-#define SPX_FORS_PK_BYTES SPX_N
-
-/* Resulting SPX sizes. */
-#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\
-                   SPX_FULL_HEIGHT * SPX_N)
-#define SPX_PK_BYTES (2 * SPX_N)
-#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
-
-#include "../../lib/blake/include/blake_offsets.h"
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-blake-192s.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-blake-192s.h
deleted file mode 100644
index 3f5d9fe..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-blake-192s.h
+++ /dev/null
@@ -1,85 +0,0 @@
-#ifndef SPX_PARAMS_H
-#define SPX_PARAMS_H
-
-#define SPX_NAMESPACE(s) SPX_##s
-
-/* Hash output length in bytes. */
-#define SPX_N 24
-/* Height of the hypertree. */
-#define SPX_FULL_HEIGHT 63
-/* Number of subtree layer. */
-#define SPX_D 7
-/* FORS tree dimensions. */
-#define SPX_FORS_HEIGHT 14
-#define SPX_FORS_TREES 17
-/* Winternitz parameter, */
-#define SPX_WOTS_W 16
-
-/* The hash function is defined by linking a different hash.c file, as opposed
-   to setting a #define constant. */
-
-/* This is a BLAKE-based parameter set, hence whether we use BLAKE-256
- * exclusively or we use both BLAKE-256 and BLAKE-512 is controlled by
- * the following #define */
-#define SPX_BLAKE512 1  /* Use BLAKE-512 */
-
-/* For clarity */
-#define SPX_ADDR_BYTES 32
-
-/* WOTS parameters. */
-#if SPX_WOTS_W == 256
-    #define SPX_WOTS_LOGW 8
-#elif SPX_WOTS_W == 16
-    #define SPX_WOTS_LOGW 4
-#else
-    #error SPX_WOTS_W assumed 16 or 256
-#endif
-
-#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW)
-
-/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */
-#if SPX_WOTS_W == 256
-    #if SPX_N <= 1
-        #define SPX_WOTS_LEN2 1
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 2
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#elif SPX_WOTS_W == 16
-    #if SPX_N <= 8
-        #define SPX_WOTS_LEN2 2
-    #elif SPX_N <= 136
-        #define SPX_WOTS_LEN2 3
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 4
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#endif
-
-#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2)
-#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N)
-#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES
-
-/* Subtree size. */
-#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D)
-
-#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT
-    #error SPX_D should always divide SPX_FULL_HEIGHT
-#endif
-
-/* FORS parameters. */
-#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8)
-#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N)
-#define SPX_FORS_PK_BYTES SPX_N
-
-/* Resulting SPX sizes. */
-#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\
-                   SPX_FULL_HEIGHT * SPX_N)
-#define SPX_PK_BYTES (2 * SPX_N)
-#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
-
-#include "../../lib/blake/include/blake_offsets.h"
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-blake-256f.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-blake-256f.h
deleted file mode 100644
index 5d257c0..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-blake-256f.h
+++ /dev/null
@@ -1,85 +0,0 @@
-#ifndef SPX_PARAMS_H
-#define SPX_PARAMS_H
-
-#define SPX_NAMESPACE(s) SPX_##s
-
-/* Hash output length in bytes. */
-#define SPX_N 32
-/* Height of the hypertree. */
-#define SPX_FULL_HEIGHT 68
-/* Number of subtree layer. */
-#define SPX_D 17
-/* FORS tree dimensions. */
-#define SPX_FORS_HEIGHT 9
-#define SPX_FORS_TREES 35
-/* Winternitz parameter, */
-#define SPX_WOTS_W 16
-
-/* The hash function is defined by linking a different hash.c file, as opposed
-   to setting a #define constant. */
-
-/* This is a BLAKE-based parameter set, hence whether we use BLAKE-256
- * exclusively or we use both BLAKE-256 and BLAKE-512 is controlled by
- * the following #define */
-#define SPX_BLAKE512 1  /* Use BLAKE-512 */
-
-/* For clarity */
-#define SPX_ADDR_BYTES 32
-
-/* WOTS parameters. */
-#if SPX_WOTS_W == 256
-    #define SPX_WOTS_LOGW 8
-#elif SPX_WOTS_W == 16
-    #define SPX_WOTS_LOGW 4
-#else
-    #error SPX_WOTS_W assumed 16 or 256
-#endif
-
-#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW)
-
-/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */
-#if SPX_WOTS_W == 256
-    #if SPX_N <= 1
-        #define SPX_WOTS_LEN2 1
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 2
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#elif SPX_WOTS_W == 16
-    #if SPX_N <= 8
-        #define SPX_WOTS_LEN2 2
-    #elif SPX_N <= 136
-        #define SPX_WOTS_LEN2 3
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 4
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#endif
-
-#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2)
-#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N)
-#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES
-
-/* Subtree size. */
-#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D)
-
-#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT
-    #error SPX_D should always divide SPX_FULL_HEIGHT
-#endif
-
-/* FORS parameters. */
-#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8)
-#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N)
-#define SPX_FORS_PK_BYTES SPX_N
-
-/* Resulting SPX sizes. */
-#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\
-                   SPX_FULL_HEIGHT * SPX_N)
-#define SPX_PK_BYTES (2 * SPX_N)
-#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
-
-#include "../../lib/blake/include/blake_offsets.h"
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-blake-256s.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-blake-256s.h
deleted file mode 100644
index 9c242f8..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-blake-256s.h
+++ /dev/null
@@ -1,85 +0,0 @@
-#ifndef SPX_PARAMS_H
-#define SPX_PARAMS_H
-
-#define SPX_NAMESPACE(s) SPX_##s
-
-/* Hash output length in bytes. */
-#define SPX_N 32
-/* Height of the hypertree. */
-#define SPX_FULL_HEIGHT 64
-/* Number of subtree layer. */
-#define SPX_D 8
-/* FORS tree dimensions. */
-#define SPX_FORS_HEIGHT 14
-#define SPX_FORS_TREES 22
-/* Winternitz parameter, */
-#define SPX_WOTS_W 16
-
-/* The hash function is defined by linking a different hash.c file, as opposed
-   to setting a #define constant. */
-
-/* This is a BLAKE-based parameter set, hence whether we use BLAKE-256
- * exclusively or we use both BLAKE-256 and BLAKE-512 is controlled by
- * the following #define */
-#define SPX_BLAKE512 1  /* Use BLAKE-512 */
-
-/* For clarity */
-#define SPX_ADDR_BYTES 32
-
-/* WOTS parameters. */
-#if SPX_WOTS_W == 256
-    #define SPX_WOTS_LOGW 8
-#elif SPX_WOTS_W == 16
-    #define SPX_WOTS_LOGW 4
-#else
-    #error SPX_WOTS_W assumed 16 or 256
-#endif
-
-#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW)
-
-/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */
-#if SPX_WOTS_W == 256
-    #if SPX_N <= 1
-        #define SPX_WOTS_LEN2 1
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 2
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#elif SPX_WOTS_W == 16
-    #if SPX_N <= 8
-        #define SPX_WOTS_LEN2 2
-    #elif SPX_N <= 136
-        #define SPX_WOTS_LEN2 3
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 4
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#endif
-
-#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2)
-#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N)
-#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES
-
-/* Subtree size. */
-#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D)
-
-#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT
-    #error SPX_D should always divide SPX_FULL_HEIGHT
-#endif
-
-/* FORS parameters. */
-#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8)
-#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N)
-#define SPX_FORS_PK_BYTES SPX_N
-
-/* Resulting SPX sizes. */
-#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\
-                   SPX_FULL_HEIGHT * SPX_N)
-#define SPX_PK_BYTES (2 * SPX_N)
-#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
-
-#include "../../lib/blake/include/blake_offsets.h"
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-haraka-128f.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-haraka-128f.h
deleted file mode 100644
index 6ff36d0..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-haraka-128f.h
+++ /dev/null
@@ -1,80 +0,0 @@
-#ifndef SPX_PARAMS_H
-#define SPX_PARAMS_H
-
-#define SPX_NAMESPACE(s) SPX_##s
-
-/* Hash output length in bytes. */
-#define SPX_N 16
-/* Height of the hypertree. */
-#define SPX_FULL_HEIGHT 66
-/* Number of subtree layer. */
-#define SPX_D 22
-/* FORS tree dimensions. */
-#define SPX_FORS_HEIGHT 6
-#define SPX_FORS_TREES 33
-/* Winternitz parameter, */
-#define SPX_WOTS_W 16
-
-/* The hash function is defined by linking a different hash.c file, as opposed
-   to setting a #define constant. */
-
-/* For clarity */
-#define SPX_ADDR_BYTES 32
-
-/* WOTS parameters. */
-#if SPX_WOTS_W == 256
-    #define SPX_WOTS_LOGW 8
-#elif SPX_WOTS_W == 16
-    #define SPX_WOTS_LOGW 4
-#else
-    #error SPX_WOTS_W assumed 16 or 256
-#endif
-
-#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW)
-
-/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */
-#if SPX_WOTS_W == 256
-    #if SPX_N <= 1
-        #define SPX_WOTS_LEN2 1
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 2
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#elif SPX_WOTS_W == 16
-    #if SPX_N <= 8
-        #define SPX_WOTS_LEN2 2
-    #elif SPX_N <= 136
-        #define SPX_WOTS_LEN2 3
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 4
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#endif
-
-#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2)
-#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N)
-#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES
-
-/* Subtree size. */
-#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D)
-
-#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT
-    #error SPX_D should always divide SPX_FULL_HEIGHT
-#endif
-
-/* FORS parameters. */
-#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8)
-#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N)
-#define SPX_FORS_PK_BYTES SPX_N
-
-/* Resulting SPX sizes. */
-#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\
-                   SPX_FULL_HEIGHT * SPX_N)
-#define SPX_PK_BYTES (2 * SPX_N)
-#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
-
-#include "../../lib/haraka/include/haraka_offsets.h"
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-haraka-128s.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-haraka-128s.h
deleted file mode 100644
index a84eec9..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-haraka-128s.h
+++ /dev/null
@@ -1,80 +0,0 @@
-#ifndef SPX_PARAMS_H
-#define SPX_PARAMS_H
-
-#define SPX_NAMESPACE(s) SPX_##s
-
-/* Hash output length in bytes. */
-#define SPX_N 16
-/* Height of the hypertree. */
-#define SPX_FULL_HEIGHT 63
-/* Number of subtree layer. */
-#define SPX_D 7
-/* FORS tree dimensions. */
-#define SPX_FORS_HEIGHT 12
-#define SPX_FORS_TREES 14
-/* Winternitz parameter, */
-#define SPX_WOTS_W 16
-
-/* The hash function is defined by linking a different hash.c file, as opposed
-   to setting a #define constant. */
-
-/* For clarity */
-#define SPX_ADDR_BYTES 32
-
-/* WOTS parameters. */
-#if SPX_WOTS_W == 256
-    #define SPX_WOTS_LOGW 8
-#elif SPX_WOTS_W == 16
-    #define SPX_WOTS_LOGW 4
-#else
-    #error SPX_WOTS_W assumed 16 or 256
-#endif
-
-#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW)
-
-/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */
-#if SPX_WOTS_W == 256
-    #if SPX_N <= 1
-        #define SPX_WOTS_LEN2 1
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 2
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#elif SPX_WOTS_W == 16
-    #if SPX_N <= 8
-        #define SPX_WOTS_LEN2 2
-    #elif SPX_N <= 136
-        #define SPX_WOTS_LEN2 3
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 4
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#endif
-
-#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2)
-#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N)
-#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES
-
-/* Subtree size. */
-#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D)
-
-#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT
-    #error SPX_D should always divide SPX_FULL_HEIGHT
-#endif
-
-/* FORS parameters. */
-#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8)
-#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N)
-#define SPX_FORS_PK_BYTES SPX_N
-
-/* Resulting SPX sizes. */
-#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\
-                   SPX_FULL_HEIGHT * SPX_N)
-#define SPX_PK_BYTES (2 * SPX_N)
-#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
-
-#include "../../lib/haraka/include/haraka_offsets.h"
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-haraka-192f.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-haraka-192f.h
deleted file mode 100644
index 50a6730..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-haraka-192f.h
+++ /dev/null
@@ -1,80 +0,0 @@
-#ifndef SPX_PARAMS_H
-#define SPX_PARAMS_H
-
-#define SPX_NAMESPACE(s) SPX_##s
-
-/* Hash output length in bytes. */
-#define SPX_N 24
-/* Height of the hypertree. */
-#define SPX_FULL_HEIGHT 66
-/* Number of subtree layer. */
-#define SPX_D 22
-/* FORS tree dimensions. */
-#define SPX_FORS_HEIGHT 8
-#define SPX_FORS_TREES 33
-/* Winternitz parameter, */
-#define SPX_WOTS_W 16
-
-/* The hash function is defined by linking a different hash.c file, as opposed
-   to setting a #define constant. */
-
-/* For clarity */
-#define SPX_ADDR_BYTES 32
-
-/* WOTS parameters. */
-#if SPX_WOTS_W == 256
-    #define SPX_WOTS_LOGW 8
-#elif SPX_WOTS_W == 16
-    #define SPX_WOTS_LOGW 4
-#else
-    #error SPX_WOTS_W assumed 16 or 256
-#endif
-
-#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW)
-
-/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */
-#if SPX_WOTS_W == 256
-    #if SPX_N <= 1
-        #define SPX_WOTS_LEN2 1
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 2
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#elif SPX_WOTS_W == 16
-    #if SPX_N <= 8
-        #define SPX_WOTS_LEN2 2
-    #elif SPX_N <= 136
-        #define SPX_WOTS_LEN2 3
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 4
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#endif
-
-#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2)
-#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N)
-#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES
-
-/* Subtree size. */
-#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D)
-
-#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT
-    #error SPX_D should always divide SPX_FULL_HEIGHT
-#endif
-
-/* FORS parameters. */
-#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8)
-#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N)
-#define SPX_FORS_PK_BYTES SPX_N
-
-/* Resulting SPX sizes. */
-#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\
-                   SPX_FULL_HEIGHT * SPX_N)
-#define SPX_PK_BYTES (2 * SPX_N)
-#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
-
-#include "../../lib/haraka/include/haraka_offsets.h"
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-haraka-192s.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-haraka-192s.h
deleted file mode 100644
index 61dcd25..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-haraka-192s.h
+++ /dev/null
@@ -1,80 +0,0 @@
-#ifndef SPX_PARAMS_H
-#define SPX_PARAMS_H
-
-#define SPX_NAMESPACE(s) SPX_##s
-
-/* Hash output length in bytes. */
-#define SPX_N 24
-/* Height of the hypertree. */
-#define SPX_FULL_HEIGHT 63
-/* Number of subtree layer. */
-#define SPX_D 7
-/* FORS tree dimensions. */
-#define SPX_FORS_HEIGHT 14
-#define SPX_FORS_TREES 17
-/* Winternitz parameter, */
-#define SPX_WOTS_W 16
-
-/* The hash function is defined by linking a different hash.c file, as opposed
-   to setting a #define constant. */
-
-/* For clarity */
-#define SPX_ADDR_BYTES 32
-
-/* WOTS parameters. */
-#if SPX_WOTS_W == 256
-    #define SPX_WOTS_LOGW 8
-#elif SPX_WOTS_W == 16
-    #define SPX_WOTS_LOGW 4
-#else
-    #error SPX_WOTS_W assumed 16 or 256
-#endif
-
-#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW)
-
-/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */
-#if SPX_WOTS_W == 256
-    #if SPX_N <= 1
-        #define SPX_WOTS_LEN2 1
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 2
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#elif SPX_WOTS_W == 16
-    #if SPX_N <= 8
-        #define SPX_WOTS_LEN2 2
-    #elif SPX_N <= 136
-        #define SPX_WOTS_LEN2 3
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 4
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#endif
-
-#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2)
-#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N)
-#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES
-
-/* Subtree size. */
-#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D)
-
-#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT
-    #error SPX_D should always divide SPX_FULL_HEIGHT
-#endif
-
-/* FORS parameters. */
-#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8)
-#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N)
-#define SPX_FORS_PK_BYTES SPX_N
-
-/* Resulting SPX sizes. */
-#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\
-                   SPX_FULL_HEIGHT * SPX_N)
-#define SPX_PK_BYTES (2 * SPX_N)
-#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
-
-#include "../../lib/haraka/include/haraka_offsets.h"
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-haraka-256f.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-haraka-256f.h
deleted file mode 100644
index d2cab73..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-haraka-256f.h
+++ /dev/null
@@ -1,80 +0,0 @@
-#ifndef SPX_PARAMS_H
-#define SPX_PARAMS_H
-
-#define SPX_NAMESPACE(s) SPX_##s
-
-/* Hash output length in bytes. */
-#define SPX_N 32
-/* Height of the hypertree. */
-#define SPX_FULL_HEIGHT 68
-/* Number of subtree layer. */
-#define SPX_D 17
-/* FORS tree dimensions. */
-#define SPX_FORS_HEIGHT 9
-#define SPX_FORS_TREES 35
-/* Winternitz parameter, */
-#define SPX_WOTS_W 16
-
-/* The hash function is defined by linking a different hash.c file, as opposed
-   to setting a #define constant. */
-
-/* For clarity */
-#define SPX_ADDR_BYTES 32
-
-/* WOTS parameters. */
-#if SPX_WOTS_W == 256
-    #define SPX_WOTS_LOGW 8
-#elif SPX_WOTS_W == 16
-    #define SPX_WOTS_LOGW 4
-#else
-    #error SPX_WOTS_W assumed 16 or 256
-#endif
-
-#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW)
-
-/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */
-#if SPX_WOTS_W == 256
-    #if SPX_N <= 1
-        #define SPX_WOTS_LEN2 1
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 2
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#elif SPX_WOTS_W == 16
-    #if SPX_N <= 8
-        #define SPX_WOTS_LEN2 2
-    #elif SPX_N <= 136
-        #define SPX_WOTS_LEN2 3
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 4
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#endif
-
-#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2)
-#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N)
-#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES
-
-/* Subtree size. */
-#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D)
-
-#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT
-    #error SPX_D should always divide SPX_FULL_HEIGHT
-#endif
-
-/* FORS parameters. */
-#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8)
-#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N)
-#define SPX_FORS_PK_BYTES SPX_N
-
-/* Resulting SPX sizes. */
-#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\
-                   SPX_FULL_HEIGHT * SPX_N)
-#define SPX_PK_BYTES (2 * SPX_N)
-#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
-
-#include "../../lib/haraka/include/haraka_offsets.h"
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-haraka-256s.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-haraka-256s.h
deleted file mode 100644
index 40a5145..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-haraka-256s.h
+++ /dev/null
@@ -1,80 +0,0 @@
-#ifndef SPX_PARAMS_H
-#define SPX_PARAMS_H
-
-#define SPX_NAMESPACE(s) SPX_##s
-
-/* Hash output length in bytes. */
-#define SPX_N 32
-/* Height of the hypertree. */
-#define SPX_FULL_HEIGHT 64
-/* Number of subtree layer. */
-#define SPX_D 8
-/* FORS tree dimensions. */
-#define SPX_FORS_HEIGHT 14
-#define SPX_FORS_TREES 22
-/* Winternitz parameter, */
-#define SPX_WOTS_W 16
-
-/* The hash function is defined by linking a different hash.c file, as opposed
-   to setting a #define constant. */
-
-/* For clarity */
-#define SPX_ADDR_BYTES 32
-
-/* WOTS parameters. */
-#if SPX_WOTS_W == 256
-    #define SPX_WOTS_LOGW 8
-#elif SPX_WOTS_W == 16
-    #define SPX_WOTS_LOGW 4
-#else
-    #error SPX_WOTS_W assumed 16 or 256
-#endif
-
-#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW)
-
-/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */
-#if SPX_WOTS_W == 256
-    #if SPX_N <= 1
-        #define SPX_WOTS_LEN2 1
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 2
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#elif SPX_WOTS_W == 16
-    #if SPX_N <= 8
-        #define SPX_WOTS_LEN2 2
-    #elif SPX_N <= 136
-        #define SPX_WOTS_LEN2 3
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 4
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#endif
-
-#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2)
-#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N)
-#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES
-
-/* Subtree size. */
-#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D)
-
-#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT
-    #error SPX_D should always divide SPX_FULL_HEIGHT
-#endif
-
-/* FORS parameters. */
-#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8)
-#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N)
-#define SPX_FORS_PK_BYTES SPX_N
-
-/* Resulting SPX sizes. */
-#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\
-                   SPX_FULL_HEIGHT * SPX_N)
-#define SPX_PK_BYTES (2 * SPX_N)
-#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
-
-#include "../../lib/haraka/include/haraka_offsets.h"
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-sha2-128f.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-sha2-128f.h
deleted file mode 100644
index 1392097..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-sha2-128f.h
+++ /dev/null
@@ -1,85 +0,0 @@
-#ifndef SPX_PARAMS_H
-#define SPX_PARAMS_H
-
-#define SPX_NAMESPACE(s) SPX_##s
-
-/* Hash output length in bytes. */
-#define SPX_N 16
-/* Height of the hypertree. */
-#define SPX_FULL_HEIGHT 66
-/* Number of subtree layer. */
-#define SPX_D 22
-/* FORS tree dimensions. */
-#define SPX_FORS_HEIGHT 6
-#define SPX_FORS_TREES 33
-/* Winternitz parameter, */
-#define SPX_WOTS_W 16
-
-/* The hash function is defined by linking a different hash.c file, as opposed
-   to setting a #define constant. */
-
-/* This is a SHA2-based parameter set, hence whether we use SHA-256
- * exclusively or we use both SHA-256 and SHA-512 is controlled by
- * the following #define */
-#define SPX_SHA512 0  /* Use SHA-256 for all hashes */
-
-/* For clarity */
-#define SPX_ADDR_BYTES 32
-
-/* WOTS parameters. */
-#if SPX_WOTS_W == 256
-    #define SPX_WOTS_LOGW 8
-#elif SPX_WOTS_W == 16
-    #define SPX_WOTS_LOGW 4
-#else
-    #error SPX_WOTS_W assumed 16 or 256
-#endif
-
-#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW)
-
-/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */
-#if SPX_WOTS_W == 256
-    #if SPX_N <= 1
-        #define SPX_WOTS_LEN2 1
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 2
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#elif SPX_WOTS_W == 16
-    #if SPX_N <= 8
-        #define SPX_WOTS_LEN2 2
-    #elif SPX_N <= 136
-        #define SPX_WOTS_LEN2 3
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 4
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#endif
-
-#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2)
-#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N)
-#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES
-
-/* Subtree size. */
-#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D)
-
-#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT
-    #error SPX_D should always divide SPX_FULL_HEIGHT
-#endif
-
-/* FORS parameters. */
-#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8)
-#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N)
-#define SPX_FORS_PK_BYTES SPX_N
-
-/* Resulting SPX sizes. */
-#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\
-                   SPX_FULL_HEIGHT * SPX_N)
-#define SPX_PK_BYTES (2 * SPX_N)
-#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
-
-#include "../../lib/sha2/include/sha2_offsets.h"
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-sha2-128s.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-sha2-128s.h
deleted file mode 100644
index 4a672d9..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-sha2-128s.h
+++ /dev/null
@@ -1,85 +0,0 @@
-#ifndef SPX_PARAMS_H
-#define SPX_PARAMS_H
-
-#define SPX_NAMESPACE(s) SPX_##s
-
-/* Hash output length in bytes. */
-#define SPX_N 16
-/* Height of the hypertree. */
-#define SPX_FULL_HEIGHT 63
-/* Number of subtree layer. */
-#define SPX_D 7
-/* FORS tree dimensions. */
-#define SPX_FORS_HEIGHT 12
-#define SPX_FORS_TREES 14
-/* Winternitz parameter, */
-#define SPX_WOTS_W 16
-
-/* The hash function is defined by linking a different hash.c file, as opposed
-   to setting a #define constant. */
-
-/* This is a SHA2-based parameter set, hence whether we use SHA-256
- * exclusively or we use both SHA-256 and SHA-512 is controlled by
- * the following #define */
-#define SPX_SHA512 0  /* Use SHA-256 for all hashes */
-
-/* For clarity */
-#define SPX_ADDR_BYTES 32
-
-/* WOTS parameters. */
-#if SPX_WOTS_W == 256
-    #define SPX_WOTS_LOGW 8
-#elif SPX_WOTS_W == 16
-    #define SPX_WOTS_LOGW 4
-#else
-    #error SPX_WOTS_W assumed 16 or 256
-#endif
-
-#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW)
-
-/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */
-#if SPX_WOTS_W == 256
-    #if SPX_N <= 1
-        #define SPX_WOTS_LEN2 1
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 2
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#elif SPX_WOTS_W == 16
-    #if SPX_N <= 8
-        #define SPX_WOTS_LEN2 2
-    #elif SPX_N <= 136
-        #define SPX_WOTS_LEN2 3
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 4
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#endif
-
-#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2)
-#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N)
-#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES
-
-/* Subtree size. */
-#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D)
-
-#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT
-    #error SPX_D should always divide SPX_FULL_HEIGHT
-#endif
-
-/* FORS parameters. */
-#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8)
-#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N)
-#define SPX_FORS_PK_BYTES SPX_N
-
-/* Resulting SPX sizes. */
-#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\
-                   SPX_FULL_HEIGHT * SPX_N)
-#define SPX_PK_BYTES (2 * SPX_N)
-#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
-
-#include "../../lib/sha2/include/sha2_offsets.h"
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-sha2-192f.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-sha2-192f.h
deleted file mode 100644
index 710de5f..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-sha2-192f.h
+++ /dev/null
@@ -1,85 +0,0 @@
-#ifndef SPX_PARAMS_H
-#define SPX_PARAMS_H
-
-#define SPX_NAMESPACE(s) SPX_##s
-
-/* Hash output length in bytes. */
-#define SPX_N 24
-/* Height of the hypertree. */
-#define SPX_FULL_HEIGHT 66
-/* Number of subtree layer. */
-#define SPX_D 22
-/* FORS tree dimensions. */
-#define SPX_FORS_HEIGHT 8
-#define SPX_FORS_TREES 33
-/* Winternitz parameter, */
-#define SPX_WOTS_W 16
-
-/* The hash function is defined by linking a different hash.c file, as opposed
-   to setting a #define constant. */
-
-/* This is a SHA2-based parameter set, hence whether we use SHA-256
- * exclusively or we use both SHA-256 and SHA-512 is controlled by
- * the following #define */
-#define SPX_SHA512 1  /* Use SHA-512 for H and T_l, l >= 2 */
-
-/* For clarity */
-#define SPX_ADDR_BYTES 32
-
-/* WOTS parameters. */
-#if SPX_WOTS_W == 256
-    #define SPX_WOTS_LOGW 8
-#elif SPX_WOTS_W == 16
-    #define SPX_WOTS_LOGW 4
-#else
-    #error SPX_WOTS_W assumed 16 or 256
-#endif
-
-#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW)
-
-/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */
-#if SPX_WOTS_W == 256
-    #if SPX_N <= 1
-        #define SPX_WOTS_LEN2 1
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 2
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#elif SPX_WOTS_W == 16
-    #if SPX_N <= 8
-        #define SPX_WOTS_LEN2 2
-    #elif SPX_N <= 136
-        #define SPX_WOTS_LEN2 3
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 4
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#endif
-
-#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2)
-#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N)
-#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES
-
-/* Subtree size. */
-#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D)
-
-#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT
-    #error SPX_D should always divide SPX_FULL_HEIGHT
-#endif
-
-/* FORS parameters. */
-#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8)
-#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N)
-#define SPX_FORS_PK_BYTES SPX_N
-
-/* Resulting SPX sizes. */
-#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\
-                   SPX_FULL_HEIGHT * SPX_N)
-#define SPX_PK_BYTES (2 * SPX_N)
-#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
-
-#include "../../lib/sha2/include/sha2_offsets.h"
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-sha2-192s.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-sha2-192s.h
deleted file mode 100644
index eb8000a..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-sha2-192s.h
+++ /dev/null
@@ -1,85 +0,0 @@
-#ifndef SPX_PARAMS_H
-#define SPX_PARAMS_H
-
-#define SPX_NAMESPACE(s) SPX_##s
-
-/* Hash output length in bytes. */
-#define SPX_N 24
-/* Height of the hypertree. */
-#define SPX_FULL_HEIGHT 63
-/* Number of subtree layer. */
-#define SPX_D 7
-/* FORS tree dimensions. */
-#define SPX_FORS_HEIGHT 14
-#define SPX_FORS_TREES 17
-/* Winternitz parameter, */
-#define SPX_WOTS_W 16
-
-/* The hash function is defined by linking a different hash.c file, as opposed
-   to setting a #define constant. */
-
-/* This is a SHA2-based parameter set, hence whether we use SHA-256
- * exclusively or we use both SHA-256 and SHA-512 is controlled by
- * the following #define */
-#define SPX_SHA512 1  /* Use SHA-512 for H and T_l, l >= 2 */
-
-/* For clarity */
-#define SPX_ADDR_BYTES 32
-
-/* WOTS parameters. */
-#if SPX_WOTS_W == 256
-    #define SPX_WOTS_LOGW 8
-#elif SPX_WOTS_W == 16
-    #define SPX_WOTS_LOGW 4
-#else
-    #error SPX_WOTS_W assumed 16 or 256
-#endif
-
-#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW)
-
-/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */
-#if SPX_WOTS_W == 256
-    #if SPX_N <= 1
-        #define SPX_WOTS_LEN2 1
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 2
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#elif SPX_WOTS_W == 16
-    #if SPX_N <= 8
-        #define SPX_WOTS_LEN2 2
-    #elif SPX_N <= 136
-        #define SPX_WOTS_LEN2 3
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 4
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#endif
-
-#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2)
-#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N)
-#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES
-
-/* Subtree size. */
-#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D)
-
-#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT
-    #error SPX_D should always divide SPX_FULL_HEIGHT
-#endif
-
-/* FORS parameters. */
-#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8)
-#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N)
-#define SPX_FORS_PK_BYTES SPX_N
-
-/* Resulting SPX sizes. */
-#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\
-                   SPX_FULL_HEIGHT * SPX_N)
-#define SPX_PK_BYTES (2 * SPX_N)
-#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
-
-#include "../../lib/sha2/include/sha2_offsets.h"
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-sha2-256f.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-sha2-256f.h
deleted file mode 100644
index 77ab162..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-sha2-256f.h
+++ /dev/null
@@ -1,85 +0,0 @@
-#ifndef SPX_PARAMS_H
-#define SPX_PARAMS_H
-
-#define SPX_NAMESPACE(s) SPX_##s
-
-/* Hash output length in bytes. */
-#define SPX_N 32
-/* Height of the hypertree. */
-#define SPX_FULL_HEIGHT 68
-/* Number of subtree layer. */
-#define SPX_D 17
-/* FORS tree dimensions. */
-#define SPX_FORS_HEIGHT 9
-#define SPX_FORS_TREES 35
-/* Winternitz parameter, */
-#define SPX_WOTS_W 16
-
-/* The hash function is defined by linking a different hash.c file, as opposed
-   to setting a #define constant. */
-
-/* This is a SHA2-based parameter set, hence whether we use SHA-256
- * exclusively or we use both SHA-256 and SHA-512 is controlled by
- * the following #define */
-#define SPX_SHA512 1  /* Use SHA-512 for H and T_l, l >= 2 */
-
-/* For clarity */
-#define SPX_ADDR_BYTES 32
-
-/* WOTS parameters. */
-#if SPX_WOTS_W == 256
-    #define SPX_WOTS_LOGW 8
-#elif SPX_WOTS_W == 16
-    #define SPX_WOTS_LOGW 4
-#else
-    #error SPX_WOTS_W assumed 16 or 256
-#endif
-
-#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW)
-
-/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */
-#if SPX_WOTS_W == 256
-    #if SPX_N <= 1
-        #define SPX_WOTS_LEN2 1
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 2
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#elif SPX_WOTS_W == 16
-    #if SPX_N <= 8
-        #define SPX_WOTS_LEN2 2
-    #elif SPX_N <= 136
-        #define SPX_WOTS_LEN2 3
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 4
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#endif
-
-#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2)
-#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N)
-#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES
-
-/* Subtree size. */
-#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D)
-
-#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT
-    #error SPX_D should always divide SPX_FULL_HEIGHT
-#endif
-
-/* FORS parameters. */
-#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8)
-#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N)
-#define SPX_FORS_PK_BYTES SPX_N
-
-/* Resulting SPX sizes. */
-#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\
-                   SPX_FULL_HEIGHT * SPX_N)
-#define SPX_PK_BYTES (2 * SPX_N)
-#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
-
-#include "../../lib/sha2/include/sha2_offsets.h"
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-sha2-256s.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-sha2-256s.h
deleted file mode 100644
index 15d140d..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-sha2-256s.h
+++ /dev/null
@@ -1,85 +0,0 @@
-#ifndef SPX_PARAMS_H
-#define SPX_PARAMS_H
-
-#define SPX_NAMESPACE(s) SPX_##s
-
-/* Hash output length in bytes. */
-#define SPX_N 32
-/* Height of the hypertree. */
-#define SPX_FULL_HEIGHT 64
-/* Number of subtree layer. */
-#define SPX_D 8
-/* FORS tree dimensions. */
-#define SPX_FORS_HEIGHT 14
-#define SPX_FORS_TREES 22
-/* Winternitz parameter, */
-#define SPX_WOTS_W 16
-
-/* The hash function is defined by linking a different hash.c file, as opposed
-   to setting a #define constant. */
-
-/* This is a SHA2-based parameter set, hence whether we use SHA-256
- * exclusively or we use both SHA-256 and SHA-512 is controlled by
- * the following #define */
-#define SPX_SHA512 1  /* Use SHA-512 for H and T_l, l >= 2 */
-
-/* For clarity */
-#define SPX_ADDR_BYTES 32
-
-/* WOTS parameters. */
-#if SPX_WOTS_W == 256
-    #define SPX_WOTS_LOGW 8
-#elif SPX_WOTS_W == 16
-    #define SPX_WOTS_LOGW 4
-#else
-    #error SPX_WOTS_W assumed 16 or 256
-#endif
-
-#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW)
-
-/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */
-#if SPX_WOTS_W == 256
-    #if SPX_N <= 1
-        #define SPX_WOTS_LEN2 1
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 2
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#elif SPX_WOTS_W == 16
-    #if SPX_N <= 8
-        #define SPX_WOTS_LEN2 2
-    #elif SPX_N <= 136
-        #define SPX_WOTS_LEN2 3
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 4
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#endif
-
-#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2)
-#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N)
-#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES
-
-/* Subtree size. */
-#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D)
-
-#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT
-    #error SPX_D should always divide SPX_FULL_HEIGHT
-#endif
-
-/* FORS parameters. */
-#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8)
-#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N)
-#define SPX_FORS_PK_BYTES SPX_N
-
-/* Resulting SPX sizes. */
-#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\
-                   SPX_FULL_HEIGHT * SPX_N)
-#define SPX_PK_BYTES (2 * SPX_N)
-#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
-
-#include "../../lib/sha2/include/sha2_offsets.h"
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-shake-128f.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-shake-128f.h
deleted file mode 100644
index 478aff8..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-shake-128f.h
+++ /dev/null
@@ -1,80 +0,0 @@
-#ifndef SPX_PARAMS_H
-#define SPX_PARAMS_H
-
-#define SPX_NAMESPACE(s) SPX_##s
-
-/* Hash output length in bytes. */
-#define SPX_N 16
-/* Height of the hypertree. */
-#define SPX_FULL_HEIGHT 66
-/* Number of subtree layer. */
-#define SPX_D 22
-/* FORS tree dimensions. */
-#define SPX_FORS_HEIGHT 6
-#define SPX_FORS_TREES 33
-/* Winternitz parameter, */
-#define SPX_WOTS_W 16
-
-/* The hash function is defined by linking a different hash.c file, as opposed
-   to setting a #define constant. */
-
-/* For clarity */
-#define SPX_ADDR_BYTES 32
-
-/* WOTS parameters. */
-#if SPX_WOTS_W == 256
-    #define SPX_WOTS_LOGW 8
-#elif SPX_WOTS_W == 16
-    #define SPX_WOTS_LOGW 4
-#else
-    #error SPX_WOTS_W assumed 16 or 256
-#endif
-
-#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW)
-
-/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */
-#if SPX_WOTS_W == 256
-    #if SPX_N <= 1
-        #define SPX_WOTS_LEN2 1
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 2
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#elif SPX_WOTS_W == 16
-    #if SPX_N <= 8
-        #define SPX_WOTS_LEN2 2
-    #elif SPX_N <= 136
-        #define SPX_WOTS_LEN2 3
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 4
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#endif
-
-#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2)
-#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N)
-#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES
-
-/* Subtree size. */
-#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D)
-
-#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT
-    #error SPX_D should always divide SPX_FULL_HEIGHT
-#endif
-
-/* FORS parameters. */
-#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8)
-#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N)
-#define SPX_FORS_PK_BYTES SPX_N
-
-/* Resulting SPX sizes. */
-#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\
-                   SPX_FULL_HEIGHT * SPX_N)
-#define SPX_PK_BYTES (2 * SPX_N)
-#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
-
-#include "../../lib/shake/include/shake_offsets.h"
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-shake-128s.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-shake-128s.h
deleted file mode 100644
index bf974cf..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-shake-128s.h
+++ /dev/null
@@ -1,80 +0,0 @@
-#ifndef SPX_PARAMS_H
-#define SPX_PARAMS_H
-
-#define SPX_NAMESPACE(s) SPX_##s
-
-/* Hash output length in bytes. */
-#define SPX_N 16
-/* Height of the hypertree. */
-#define SPX_FULL_HEIGHT 63
-/* Number of subtree layer. */
-#define SPX_D 7
-/* FORS tree dimensions. */
-#define SPX_FORS_HEIGHT 12
-#define SPX_FORS_TREES 14
-/* Winternitz parameter, */
-#define SPX_WOTS_W 16
-
-/* The hash function is defined by linking a different hash.c file, as opposed
-   to setting a #define constant. */
-
-/* For clarity */
-#define SPX_ADDR_BYTES 32
-
-/* WOTS parameters. */
-#if SPX_WOTS_W == 256
-    #define SPX_WOTS_LOGW 8
-#elif SPX_WOTS_W == 16
-    #define SPX_WOTS_LOGW 4
-#else
-    #error SPX_WOTS_W assumed 16 or 256
-#endif
-
-#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW)
-
-/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */
-#if SPX_WOTS_W == 256
-    #if SPX_N <= 1
-        #define SPX_WOTS_LEN2 1
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 2
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#elif SPX_WOTS_W == 16
-    #if SPX_N <= 8
-        #define SPX_WOTS_LEN2 2
-    #elif SPX_N <= 136
-        #define SPX_WOTS_LEN2 3
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 4
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#endif
-
-#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2)
-#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N)
-#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES
-
-/* Subtree size. */
-#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D)
-
-#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT
-    #error SPX_D should always divide SPX_FULL_HEIGHT
-#endif
-
-/* FORS parameters. */
-#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8)
-#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N)
-#define SPX_FORS_PK_BYTES SPX_N
-
-/* Resulting SPX sizes. */
-#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\
-                   SPX_FULL_HEIGHT * SPX_N)
-#define SPX_PK_BYTES (2 * SPX_N)
-#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
-
-#include "../../lib/shake/include/shake_offsets.h"
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-shake-192f.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-shake-192f.h
deleted file mode 100644
index 887a886..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-shake-192f.h
+++ /dev/null
@@ -1,80 +0,0 @@
-#ifndef SPX_PARAMS_H
-#define SPX_PARAMS_H
-
-#define SPX_NAMESPACE(s) SPX_##s
-
-/* Hash output length in bytes. */
-#define SPX_N 24
-/* Height of the hypertree. */
-#define SPX_FULL_HEIGHT 66
-/* Number of subtree layer. */
-#define SPX_D 22
-/* FORS tree dimensions. */
-#define SPX_FORS_HEIGHT 8
-#define SPX_FORS_TREES 33
-/* Winternitz parameter, */
-#define SPX_WOTS_W 16
-
-/* The hash function is defined by linking a different hash.c file, as opposed
-   to setting a #define constant. */
-
-/* For clarity */
-#define SPX_ADDR_BYTES 32
-
-/* WOTS parameters. */
-#if SPX_WOTS_W == 256
-    #define SPX_WOTS_LOGW 8
-#elif SPX_WOTS_W == 16
-    #define SPX_WOTS_LOGW 4
-#else
-    #error SPX_WOTS_W assumed 16 or 256
-#endif
-
-#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW)
-
-/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */
-#if SPX_WOTS_W == 256
-    #if SPX_N <= 1
-        #define SPX_WOTS_LEN2 1
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 2
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#elif SPX_WOTS_W == 16
-    #if SPX_N <= 8
-        #define SPX_WOTS_LEN2 2
-    #elif SPX_N <= 136
-        #define SPX_WOTS_LEN2 3
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 4
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#endif
-
-#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2)
-#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N)
-#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES
-
-/* Subtree size. */
-#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D)
-
-#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT
-    #error SPX_D should always divide SPX_FULL_HEIGHT
-#endif
-
-/* FORS parameters. */
-#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8)
-#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N)
-#define SPX_FORS_PK_BYTES SPX_N
-
-/* Resulting SPX sizes. */
-#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\
-                   SPX_FULL_HEIGHT * SPX_N)
-#define SPX_PK_BYTES (2 * SPX_N)
-#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
-
-#include "../../lib/shake/include/shake_offsets.h"
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-shake-192s.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-shake-192s.h
deleted file mode 100644
index f59ebde..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-shake-192s.h
+++ /dev/null
@@ -1,80 +0,0 @@
-#ifndef SPX_PARAMS_H
-#define SPX_PARAMS_H
-
-#define SPX_NAMESPACE(s) SPX_##s
-
-/* Hash output length in bytes. */
-#define SPX_N 24
-/* Height of the hypertree. */
-#define SPX_FULL_HEIGHT 63
-/* Number of subtree layer. */
-#define SPX_D 7
-/* FORS tree dimensions. */
-#define SPX_FORS_HEIGHT 14
-#define SPX_FORS_TREES 17
-/* Winternitz parameter, */
-#define SPX_WOTS_W 16
-
-/* The hash function is defined by linking a different hash.c file, as opposed
-   to setting a #define constant. */
-
-/* For clarity */
-#define SPX_ADDR_BYTES 32
-
-/* WOTS parameters. */
-#if SPX_WOTS_W == 256
-    #define SPX_WOTS_LOGW 8
-#elif SPX_WOTS_W == 16
-    #define SPX_WOTS_LOGW 4
-#else
-    #error SPX_WOTS_W assumed 16 or 256
-#endif
-
-#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW)
-
-/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */
-#if SPX_WOTS_W == 256
-    #if SPX_N <= 1
-        #define SPX_WOTS_LEN2 1
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 2
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#elif SPX_WOTS_W == 16
-    #if SPX_N <= 8
-        #define SPX_WOTS_LEN2 2
-    #elif SPX_N <= 136
-        #define SPX_WOTS_LEN2 3
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 4
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#endif
-
-#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2)
-#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N)
-#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES
-
-/* Subtree size. */
-#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D)
-
-#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT
-    #error SPX_D should always divide SPX_FULL_HEIGHT
-#endif
-
-/* FORS parameters. */
-#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8)
-#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N)
-#define SPX_FORS_PK_BYTES SPX_N
-
-/* Resulting SPX sizes. */
-#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\
-                   SPX_FULL_HEIGHT * SPX_N)
-#define SPX_PK_BYTES (2 * SPX_N)
-#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
-
-#include "../../lib/shake/include/shake_offsets.h"
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-shake-256f.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-shake-256f.h
deleted file mode 100644
index 4305166..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-shake-256f.h
+++ /dev/null
@@ -1,80 +0,0 @@
-#ifndef SPX_PARAMS_H
-#define SPX_PARAMS_H
-
-#define SPX_NAMESPACE(s) SPX_##s
-
-/* Hash output length in bytes. */
-#define SPX_N 32
-/* Height of the hypertree. */
-#define SPX_FULL_HEIGHT 68
-/* Number of subtree layer. */
-#define SPX_D 17
-/* FORS tree dimensions. */
-#define SPX_FORS_HEIGHT 9
-#define SPX_FORS_TREES 35
-/* Winternitz parameter, */
-#define SPX_WOTS_W 16
-
-/* The hash function is defined by linking a different hash.c file, as opposed
-   to setting a #define constant. */
-
-/* For clarity */
-#define SPX_ADDR_BYTES 32
-
-/* WOTS parameters. */
-#if SPX_WOTS_W == 256
-    #define SPX_WOTS_LOGW 8
-#elif SPX_WOTS_W == 16
-    #define SPX_WOTS_LOGW 4
-#else
-    #error SPX_WOTS_W assumed 16 or 256
-#endif
-
-#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW)
-
-/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */
-#if SPX_WOTS_W == 256
-    #if SPX_N <= 1
-        #define SPX_WOTS_LEN2 1
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 2
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#elif SPX_WOTS_W == 16
-    #if SPX_N <= 8
-        #define SPX_WOTS_LEN2 2
-    #elif SPX_N <= 136
-        #define SPX_WOTS_LEN2 3
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 4
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#endif
-
-#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2)
-#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N)
-#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES
-
-/* Subtree size. */
-#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D)
-
-#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT
-    #error SPX_D should always divide SPX_FULL_HEIGHT
-#endif
-
-/* FORS parameters. */
-#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8)
-#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N)
-#define SPX_FORS_PK_BYTES SPX_N
-
-/* Resulting SPX sizes. */
-#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\
-                   SPX_FULL_HEIGHT * SPX_N)
-#define SPX_PK_BYTES (2 * SPX_N)
-#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
-
-#include "../../lib/shake/include/shake_offsets.h"
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-shake-256s.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-shake-256s.h
deleted file mode 100644
index 93ea1d3..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/params/params-sphincs-shake-256s.h
+++ /dev/null
@@ -1,80 +0,0 @@
-#ifndef SPX_PARAMS_H
-#define SPX_PARAMS_H
-
-#define SPX_NAMESPACE(s) SPX_##s
-
-/* Hash output length in bytes. */
-#define SPX_N 32
-/* Height of the hypertree. */
-#define SPX_FULL_HEIGHT 64
-/* Number of subtree layer. */
-#define SPX_D 8
-/* FORS tree dimensions. */
-#define SPX_FORS_HEIGHT 14
-#define SPX_FORS_TREES 22
-/* Winternitz parameter, */
-#define SPX_WOTS_W 16
-
-/* The hash function is defined by linking a different hash.c file, as opposed
-   to setting a #define constant. */
-
-/* For clarity */
-#define SPX_ADDR_BYTES 32
-
-/* WOTS parameters. */
-#if SPX_WOTS_W == 256
-    #define SPX_WOTS_LOGW 8
-#elif SPX_WOTS_W == 16
-    #define SPX_WOTS_LOGW 4
-#else
-    #error SPX_WOTS_W assumed 16 or 256
-#endif
-
-#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW)
-
-/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */
-#if SPX_WOTS_W == 256
-    #if SPX_N <= 1
-        #define SPX_WOTS_LEN2 1
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 2
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#elif SPX_WOTS_W == 16
-    #if SPX_N <= 8
-        #define SPX_WOTS_LEN2 2
-    #elif SPX_N <= 136
-        #define SPX_WOTS_LEN2 3
-    #elif SPX_N <= 256
-        #define SPX_WOTS_LEN2 4
-    #else
-        #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256}
-    #endif
-#endif
-
-#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2)
-#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N)
-#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES
-
-/* Subtree size. */
-#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D)
-
-#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT
-    #error SPX_D should always divide SPX_FULL_HEIGHT
-#endif
-
-/* FORS parameters. */
-#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8)
-#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N)
-#define SPX_FORS_PK_BYTES SPX_N
-
-/* Resulting SPX sizes. */
-#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\
-                   SPX_FULL_HEIGHT * SPX_N)
-#define SPX_PK_BYTES (2 * SPX_N)
-#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES)
-
-#include "../../lib/shake/include/shake_offsets.h"
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/PQCgenKAT_sign.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/PQCgenKAT_sign.c
deleted file mode 100644
index 2dbd1b5..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/PQCgenKAT_sign.c
+++ /dev/null
@@ -1,426 +0,0 @@
-//
-//  PQCgenKAT_sign.c
-//
-//  Created by Bassham, Lawrence E (Fed) on 8/29/17.
-//  Copyright © 2017 Bassham, Lawrence E (Fed). All rights reserved.
-//
-
-#include <stdint.h>
-#include <stdio.h>
-#include <string.h>
-
-#include "../include/api.h"
-#include "../include/rng.h"
-
-#define MAX_MARKER_LEN       50
-#define BASE_MLEN            33
-#define LOOP_COUNT           7
-
-#define KAT_SUCCESS          0
-#define KAT_OVERFLOW        -1
-#define KAT_CRYPTO_FAILURE  -2
-
-#ifdef BLAKE_TR
-#include "../../lib/blake/include/blake.h"
-#if SPX_N >= 24
-#define blakestateX blakestate512
-#define blakeX_init blake512_init
-#define blakeX_update blake512_update
-#define blakeX_final blake512_final
-#define blakeX_output_bytes 64
-#else
-#define blakestateX blakestate256
-#define blakeX_init blake256_init
-#define blakeX_update blake256_update
-#define blakeX_final blake256_final
-#define blakeX_output_bytes 32
-#endif
-
-typedef blakestateX kat_tr_ctx;
-
-static inline void kat_tr_init(kat_tr_ctx *ctx) {
-  blakeX_init(ctx);
-
-  static const uint8_t tag[] = "KAT-TRANSCRIPT-v1-BLAKE";
-  blakeX_update(ctx, tag, sizeof tag - 1);
-
-  const uint8_t sep = 0x00;
-  blakeX_update(ctx, &sep, 1);
-}
-
-static inline void kat_tr_absorb_label(kat_tr_ctx *ctx, const char *label) {
-  const uint8_t *p = (const uint8_t *)label;
-  size_t n = 0; while(p[n]) n++;
-  blakeX_update(ctx, p, n);
-
-  const uint8_t sep = 0x00;
-  blakeX_update(ctx, &sep, 1);
-}
-
-static inline void kat_tr_absorb_u64(kat_tr_ctx *ctx, unsigned long long x) {
-  uint8_t le[8];
-  size_t i;
-  for (i = 0; i < 8; i++) {
-    le[i] = (uint8_t)((x >> (8 * i)) & 0xFF);
-  }
-
-  uint8_t lenle[8];
-  unsigned long long L = 8;
-  for(i = 0; i < 8; i++) {
-    lenle[i] = (uint8_t)((L >> (8 * i)) & 0xFF);
-  }
-
-  blakeX_update(ctx, lenle, 8);
-  blakeX_update(ctx, le, 8);
-}
-
-static inline void kat_tr_absorb_bytes(kat_tr_ctx *ctx, const uint8_t *buf, size_t len) {
-  uint8_t lenle[8];
-  unsigned long long L = (unsigned long long) len;
-  size_t i;
-  for(i = 0; i < 8; i++) {
-    lenle[i] = (uint8_t)((L >> (8 * i)) & 0xFF);
-  }
-  blakeX_update(ctx, lenle, 8);
-  if(len) {
-    blakeX_update(ctx, buf, len);
-  }
-}
-
-static inline void kat_tr_final(kat_tr_ctx *ctx, uint8_t out32[32]) {
-  unsigned char outbuf[blakeX_output_bytes] = {0};
-  blakeX_final(ctx, outbuf);
-  memcpy(out32, outbuf, 32);
-}
-#elif HARAKA_TR
-#include "../../lib/haraka/include/haraka.h"
-
-typedef struct {
-  spx_ctx inner;
-  uint8_t s[65];
-} kat_tr_ctx;
-
-static inline void kat_tr_init(kat_tr_ctx *ctx) {
-  size_t i;
-  for(i = 0; i < SPX_N; ++i) {
-    ctx->inner.pub_seed[i] = 0;
-    ctx->inner.sk_seed[i] = 0;
-  }
-
-  tweak_constants(&ctx->inner);
-  haraka_S_inc_init(ctx->s);
-
-  static const uint8_t tag[] = "KAT-TRANSCRIPT-v1-HARAKA";
-  haraka_S_inc_absorb(ctx->s, tag, sizeof tag - 1, &ctx->inner);
-
-  const uint8_t sep = 0x00;
-  haraka_S_inc_absorb(ctx->s, &sep, 1, &ctx->inner);
-}
-
-static inline void kat_tr_absorb_label(kat_tr_ctx *ctx, const char *label) {
-  const uint8_t *p = (const uint8_t *)label;
-  size_t n = 0; while(p[n]) n++;
-  haraka_S_inc_absorb(ctx->s, p, n, &ctx->inner);
-
-  const uint8_t sep = 0x00;
-  haraka_S_inc_absorb(ctx->s, &sep, 1, &ctx->inner);
-}
-
-static inline void kat_tr_absorb_u64(kat_tr_ctx *ctx, unsigned long long x) {
-  uint8_t le[8];
-  size_t i;
-  for (i = 0; i < 8; i++) {
-    le[i] = (uint8_t)((x >> (8 * i)) & 0xFF);
-  }
-
-  uint8_t lenle[8];
-  unsigned long long L = 8;
-  for(i = 0; i < 8; i++) {
-    lenle[i] = (uint8_t)((L >> (8 * i)) & 0xFF);
-  }
-
-  haraka_S_inc_absorb(ctx->s, lenle, 8, &ctx->inner);
-  haraka_S_inc_absorb(ctx->s, le, 8, &ctx->inner);
-}
-
-static inline void kat_tr_absorb_bytes(kat_tr_ctx *ctx, const uint8_t *buf, size_t len) {
-  uint8_t lenle[8];
-  unsigned long long L = (unsigned long long) len;
-  size_t i;
-  for(i = 0; i < 8; i++) {
-    lenle[i] = (uint8_t)((L >> (8 * i)) & 0xFF);
-  }
-  haraka_S_inc_absorb(ctx->s, lenle, 8, &ctx->inner);
-  if(len) {
-    haraka_S_inc_absorb(ctx->s, buf, len, &ctx->inner);
-  }
-}
-
-static inline void kat_tr_final(kat_tr_ctx *ctx, uint8_t out32[32]) {
-  haraka_S_inc_finalize(ctx->s);
-  haraka_S_inc_squeeze(out32, 32, ctx->s, &ctx->inner);
-}
-#elif SHA2_TR
-#include "../../lib/sha2/include/sha2.h"
-#if SPX_N >= 24
-#define shaX_inc_init sha512_inc_init
-#define shaX_inc_blocks sha512_inc_blocks
-#define shaX_inc_finalize sha512_inc_finalize
-#define shaX_state_len 72
-#define shaX_block_bytes 128
-#define shaX_output_bytes 64
-#else
-#define shaX_inc_init sha256_inc_init
-#define shaX_inc_blocks sha256_inc_blocks
-#define shaX_inc_finalize sha256_inc_finalize
-#define shaX_state_len 40
-#define shaX_block_bytes 64
-#define shaX_output_bytes 32
-#endif
-
-typedef struct {
-  uint8_t s[shaX_state_len];
-} kat_tr_ctx;
-
-static inline void kat_tr_init(kat_tr_ctx *ctx) {
-  static const uint8_t tag[] = "KAT-TRANSCRIPT-v1-SHA2";
-  uint8_t block[shaX_block_bytes];
-  size_t i;
-
-  for (i = 0; i < sizeof tag - 1; ++i) {
-      block[i] = tag[i];
-  }
-  for (i = sizeof tag - 1; i < shaX_block_bytes; ++i) {
-      block[i] = 0;
-  }
-
-  shaX_inc_init(ctx->s);
-  shaX_inc_blocks(ctx->s, block, 1);
-}
-
-static inline void kat_tr_absorb_label(kat_tr_ctx *ctx, const char *label) {
-  const uint8_t *p = (const uint8_t *)label;
-  size_t n = 0; while(p[n]) n++;
-  size_t block_count = (n + 1 + (shaX_block_bytes - 1)) / shaX_block_bytes;
-
-  size_t i;
-  for(i = 0; i < block_count; ++i) {
-    uint8_t block[shaX_block_bytes];
-    size_t j;
-
-    for(j = 0; i * shaX_block_bytes + j < n && j < shaX_block_bytes; ++j) {
-      block[j] = p[i * shaX_block_bytes + j];
-    }
-
-    if(i * shaX_block_bytes + j == n && j < shaX_block_bytes) {
-      block[j] = 0x00;
-      ++j;
-    }
-
-    for(; j < shaX_block_bytes; ++j) {
-      block[j] = 0;
-    }
-
-    shaX_inc_blocks(ctx->s, block, 1);
-  }
-}
-
-static inline void kat_tr_absorb_u64(kat_tr_ctx *ctx, unsigned long long x) {
-  uint8_t block[shaX_block_bytes];
-  uint8_t le[8];
-  size_t i;
-  for (i = 0; i < 8; i++) {
-    le[i] = (uint8_t)((x >> (8 * i)) & 0xFF);
-  }
-
-  uint8_t lenle[8];
-  unsigned long long L = 8;
-  for(i = 0; i < 8; i++) {
-    lenle[i] = (uint8_t)((L >> (8 * i)) & 0xFF);
-  }
-
-  for (i = 0; i < 8; ++i) {
-      block[i] = lenle[i];
-  }
-  for (i = 0; i < 8; ++i) {
-      block[8+i] = le[i];
-  }
-  for (i = 16; i < shaX_block_bytes; ++i) {
-      block[i] = 0;
-  }
-
-  shaX_inc_blocks(ctx->s, block, 1);
-}
-
-static inline void kat_tr_absorb_bytes(kat_tr_ctx *ctx, const uint8_t *buf, size_t len) {
-  uint8_t lenle[shaX_block_bytes] = {0};
-  unsigned long long L = (unsigned long long) len;
-  size_t i;
-  for(i = 0; i < 8; i++) {
-    lenle[i] = (uint8_t)((L >> (8 * i)) & 0xFF);
-  }
-  size_t block_count = (len + (shaX_block_bytes - 1)) / shaX_block_bytes;
-  shaX_inc_blocks(ctx->s, lenle, 1);
-
-  if(len != 0) {
-    for(i = 0; i < block_count; ++i) {
-      uint8_t block[shaX_block_bytes];
-      size_t j;
-
-      for(j = 0; i * shaX_block_bytes + j < len && j < shaX_block_bytes; ++j) {
-        block[j] = buf[i * shaX_block_bytes + j];
-      }
-      for(; j < shaX_block_bytes; ++j) {
-        block[j] = 0;
-      }
-
-      shaX_inc_blocks(ctx->s, block, 1);
-    }
-  }
-}
-
-static inline void kat_tr_final(kat_tr_ctx *ctx, uint8_t out32[32]) {
-  unsigned char outbuf[shaX_output_bytes] = {0};
-  uint8_t final_block[shaX_block_bytes] = {0};
-  shaX_inc_finalize(outbuf, ctx->s, final_block, 1);
-  memcpy(out32, outbuf, 32);
-}
-#elif SHAKE_TR
-#include "../../lib/shake/include/fips202.h"
-typedef struct {
-  uint64_t s[26];
-} kat_tr_ctx;
-
-static inline void kat_tr_init(kat_tr_ctx *ctx) {
-  shake256_inc_init(ctx->s);
-
-  static const uint8_t tag[] = "KAT-TRANSCRIPT-v1-SHAKE";
-  shake256_inc_absorb(ctx->s, tag, sizeof tag - 1);
-
-  const uint8_t sep = 0x00;
-  shake256_inc_absorb(ctx->s, &sep, 1);
-}
-
-static inline void kat_tr_absorb_label(kat_tr_ctx *ctx, const char *label) {
-  const uint8_t *p = (const uint8_t *)label;
-  size_t n = 0; while(p[n]) n++;
-  shake256_inc_absorb(ctx->s, p, n);
-
-  const uint8_t sep = 0x00;
-  shake256_inc_absorb(ctx->s, &sep, 1);
-}
-
-static inline void kat_tr_absorb_u64(kat_tr_ctx *ctx, unsigned long long x) {
-  uint8_t le[8];
-  size_t i;
-  for (i = 0; i < 8; i++) {
-    le[i] = (uint8_t)((x >> (8 * i)) & 0xFF);
-  }
-
-  uint8_t lenle[8];
-  unsigned long long L = 8;
-  for(i = 0; i < 8; i++) {
-    lenle[i] = (uint8_t)((L >> (8 * i)) & 0xFF);
-  }
-
-  shake256_inc_absorb(ctx->s, lenle, 8);
-  shake256_inc_absorb(ctx->s, le, 8);
-}
-
-static inline void kat_tr_absorb_bytes(kat_tr_ctx *ctx, const uint8_t *buf, size_t len) {
-  uint8_t lenle[8];
-  unsigned long long L = (unsigned long long) len;
-  size_t i;
-  for(i = 0; i < 8; i++) {
-    lenle[i] = (uint8_t)((L >> (8 * i)) & 0xFF);
-  }
-  shake256_inc_absorb(ctx->s, lenle, 8);
-  if(len) {
-    shake256_inc_absorb(ctx->s, buf, len);
-  }
-}
-
-static inline void kat_tr_final(kat_tr_ctx *ctx, uint8_t out32[32]) {
-  shake256_inc_finalize(ctx->s);
-  shake256_inc_squeeze(out32, 32, ctx->s);
-}
-#endif
-
-int
-main(void)
-{
-  static unsigned char  m[BASE_MLEN * LOOP_COUNT];
-  static unsigned char  sm[BASE_MLEN * LOOP_COUNT + CRYPTO_BYTES];
-  static unsigned char  m1[BASE_MLEN * LOOP_COUNT + CRYPTO_BYTES];
-  static unsigned char  pk[CRYPTO_PUBLICKEYBYTES];
-  static unsigned char  sk[CRYPTO_SECRETKEYBYTES];
-  static unsigned char  seed[48];
-  static unsigned char  entropy_input[48];
-  static unsigned char  msg[BASE_MLEN * LOOP_COUNT];
-
-  unsigned long long    mlen, smlen, mlen1;
-  int                   ret;
-
-  // Deterministic entropy to seed DRBG to make .req
-  for (int i = 0; i < 48; i++) {
-    entropy_input[i] = (unsigned char)i;
-  }
-  randombytes_init(entropy_input, NULL);
-
-  // Initialize Transcript
-  kat_tr_ctx tctx;
-  kat_tr_init(&tctx);
-  kat_tr_absorb_label(&tctx, "CRYPTO_ALGNAME");
-  kat_tr_absorb_bytes(&tctx, (const uint8_t *)CRYPTO_ALGNAME, strlen(CRYPTO_ALGNAME));
-  kat_tr_absorb_label(&tctx, "SKBYTES"); kat_tr_absorb_u64(&tctx, CRYPTO_SECRETKEYBYTES);
-  kat_tr_absorb_label(&tctx, "PKBYTES"); kat_tr_absorb_u64(&tctx, CRYPTO_PUBLICKEYBYTES);
-  kat_tr_absorb_label(&tctx, "SIGBYTES"); kat_tr_absorb_u64(&tctx, CRYPTO_BYTES);
-
-  for (int i = 0; i < LOOP_COUNT; i++) {
-    randombytes(seed, sizeof seed);
-
-    kat_tr_absorb_label(&tctx, "count"); kat_tr_absorb_u64(&tctx, (unsigned long long) i);
-    kat_tr_absorb_label(&tctx, "seed"); kat_tr_absorb_bytes(&tctx, seed, sizeof seed);
-
-    mlen = (unsigned long long int)(BASE_MLEN * (i + 1));
-    if (mlen > BASE_MLEN * LOOP_COUNT) { fprintf(stderr, "mlen overflow\n"); return KAT_OVERFLOW; }
-
-    kat_tr_absorb_label(&tctx, "mlen"); kat_tr_absorb_u64(&tctx, mlen);
-
-    randombytes(msg, mlen);
-    kat_tr_absorb_label(&tctx, "msg"); kat_tr_absorb_bytes(&tctx, msg, mlen);
-
-    memset(m, 0, mlen);
-    memset(m1, 0, mlen + CRYPTO_BYTES);
-    memset(sm, 0, mlen + CRYPTO_BYTES);
-    memcpy(m, msg, mlen);
-
-    // Keypair
-    ret = crypto_sign_keypair(pk, sk);
-    if (ret) { fprintf(stderr, "crypto_sign_keypair=%d\n", ret); return KAT_CRYPTO_FAILURE; }
-    kat_tr_absorb_label(&tctx, "pk"); kat_tr_absorb_bytes(&tctx, pk, CRYPTO_PUBLICKEYBYTES);
-    kat_tr_absorb_label(&tctx, "sk"); kat_tr_absorb_bytes(&tctx, sk, CRYPTO_SECRETKEYBYTES);
-
-    // Sign
-    ret = crypto_sign(sm, &smlen, m, mlen, sk);
-    if (ret) { fprintf(stderr, "crypto_sign=%d\n", ret); return KAT_CRYPTO_FAILURE; }
-    kat_tr_absorb_label(&tctx, "smlen"); kat_tr_absorb_u64(&tctx, smlen);
-    kat_tr_absorb_label(&tctx, "sm"); kat_tr_absorb_bytes(&tctx, sm, smlen);
-
-    // Verify
-    ret = crypto_sign_open(m1, &mlen1, sm, smlen, pk);
-    if (ret) { fprintf(stderr, "crypto_sign_open=%d\n", ret); return KAT_CRYPTO_FAILURE; }
-    if (mlen1 != mlen) { fprintf(stderr, "mlen mismatch\n"); return KAT_CRYPTO_FAILURE; }
-    if (memcmp(m, m1, mlen) != 0) { fprintf(stderr, "m mismatch\n"); return KAT_CRYPTO_FAILURE; }
-  }
-
-  // Finalize transcript digest
-  uint8_t digest[32] = {0};
-  kat_tr_final(&tctx, digest);
-
-  printf("KAT transcript digest = ");
-  for (size_t i = 0; i < 32; i++) { printf("%02X", digest[i]); }
-  printf("\n");
-
-  return KAT_SUCCESS;
-}
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/address.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/address.c
deleted file mode 100644
index 5be8fca..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/address.c
+++ /dev/null
@@ -1,104 +0,0 @@
-#include <stdint.h>
-#include <string.h>
-
-#include "../include/address.h"
-#include "../include/params.h"
-#include "../include/utils.h"
-
-/*
- * Specify which level of Merkle tree (the "layer") we're working on
- */
-void set_layer_addr(uint32_t addr[8], uint32_t layer)
-{
-    ((unsigned char *)addr)[SPX_OFFSET_LAYER] = (unsigned char)layer;
-}
-
-/*
- * Specify which Merkle tree within the level (the "tree address") we're working on
- */
-void set_tree_addr(uint32_t addr[8], uint64_t tree)
-{
-#if (SPX_TREE_HEIGHT * (SPX_D - 1)) > 64
-    #error Subtree addressing is currently limited to at most 2^64 trees
-#endif
-    ull_to_bytes(&((unsigned char *)addr)[SPX_OFFSET_TREE], 8, tree );
-}
-
-/*
- * Specify the reason we'll use this address structure for, that is, what
- * hash will we compute with it.  This is used so that unrelated types of
- * hashes don't accidentally get the same address structure.  The type will be
- * one of the SPX_ADDR_TYPE constants
- */
-void set_type(uint32_t addr[8], uint32_t type)
-{
-    ((unsigned char *)addr)[SPX_OFFSET_TYPE] = (unsigned char)type;
-}
-
-/*
- * Copy the layer and tree fields of the address structure.  This is used
- * when we're doing multiple types of hashes within the same Merkle tree
- */
-void copy_subtree_addr(uint32_t out[8], const uint32_t in[8])
-{
-    memcpy( out, in, SPX_OFFSET_TREE+8 );
-}
-
-/* These functions are used for OTS addresses. */
-
-/*
- * Specify which Merkle leaf we're working on; that is, which OTS keypair
- * we're talking about.
- */
-void set_keypair_addr(uint32_t addr[8], uint32_t keypair)
-{
-    u32_to_bytes(&((unsigned char *)addr)[SPX_OFFSET_KP_ADDR], keypair);
-}
-
-/*
- * Copy the layer, tree and keypair fields of the address structure.  This is
- * used when we're doing multiple things within the same OTS keypair
- */
-void copy_keypair_addr(uint32_t out[8], const uint32_t in[8])
-{
-    memcpy( out, in, SPX_OFFSET_TREE+8 );
-    memcpy( (unsigned char *)out + SPX_OFFSET_KP_ADDR, (unsigned char *)in + SPX_OFFSET_KP_ADDR, 4); 
-}
-
-/*
- * Specify which Merkle chain within the OTS we're working with
- * (the chain address)
- */
-void set_chain_addr(uint32_t addr[8], uint32_t chain)
-{
-    ((unsigned char *)addr)[SPX_OFFSET_CHAIN_ADDR] = (unsigned char)chain;
-}
-
-/*
- * Specify where in the Merkle chain we are
-* (the hash address)
- */
-void set_hash_addr(uint32_t addr[8], uint32_t hash)
-{
-    ((unsigned char *)addr)[SPX_OFFSET_HASH_ADDR] = (unsigned char)hash;
-}
-
-/* These functions are used for all hash tree addresses (including FORS). */
-
-/*
- * Specify the height of the node in the Merkle/FORS tree we are in
- * (the tree height)
- */
-void set_tree_height(uint32_t addr[8], uint32_t tree_height)
-{
-    ((unsigned char *)addr)[SPX_OFFSET_TREE_HGT] = (unsigned char)tree_height;
-}
-
-/*
- * Specify the distance from the left edge of the node in the Merkle/FORS tree
- * (the tree index)
- */
-void set_tree_index(uint32_t addr[8], uint32_t tree_index)
-{
-    u32_to_bytes(&((unsigned char *)addr)[SPX_OFFSET_TREE_INDEX], tree_index );
-}
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/fors.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/fors.c
deleted file mode 100644
index da07f27..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/fors.c
+++ /dev/null
@@ -1,158 +0,0 @@
-#include <stdlib.h>
-#include <stdint.h>
-#include <string.h>
-
-#include "../include/address.h"
-#include "../include/fors.h"
-#include "../include/forsx1.h"
-#include "../include/hash.h"
-#include "../include/thash.h"
-#include "../include/utils.h"
-#include "../include/utilsx1.h"
-
-static void fors_gen_sk(unsigned char *sk, const spx_ctx *ctx,
-                        uint32_t fors_leaf_addr[8])
-{
-    prf_addr(sk, ctx, fors_leaf_addr);
-}
-
-static void fors_sk_to_leaf(unsigned char *leaf, const unsigned char *sk,
-                            const spx_ctx *ctx,
-                            uint32_t fors_leaf_addr[8])
-{
-    thash(leaf, sk, 1, ctx, fors_leaf_addr);
-}
-
-void fors_gen_leafx1(unsigned char *leaf,
-                            const spx_ctx *ctx,
-                            uint32_t addr_idx, fors_gen_leaf_info *info)
-{
-    struct fors_gen_leaf_info *fors_info = info;
-    uint32_t *fors_leaf_addr = fors_info->leaf_addrx;
-
-    /* Only set the parts that the caller doesn't set */
-    set_tree_index(fors_leaf_addr, addr_idx);
-    set_type(fors_leaf_addr, SPX_ADDR_TYPE_FORSPRF);
-    fors_gen_sk(leaf, ctx, fors_leaf_addr);
-
-    set_type(fors_leaf_addr, SPX_ADDR_TYPE_FORSTREE);
-    fors_sk_to_leaf(leaf, leaf,
-                    ctx, fors_leaf_addr);
-}
-
-/**
- * Interprets m as SPX_FORS_HEIGHT-bit unsigned integers.
- * Assumes m contains at least SPX_FORS_HEIGHT * SPX_FORS_TREES bits.
- * Assumes indices has space for SPX_FORS_TREES integers.
- */
-static void message_to_indices(uint32_t *indices, const unsigned char *m)
-{
-    unsigned int i, j;
-    unsigned int offset = 0;
-
-    for (i = 0; i < SPX_FORS_TREES; i++) {
-        indices[i] = 0;
-        for (j = 0; j < SPX_FORS_HEIGHT; j++) {
-            indices[i] ^= ((m[offset >> 3] >> (offset & 0x7)) & 1u) << j;
-            offset++;
-        }
-    }
-}
-
-/**
- * Signs a message m, deriving the secret key from sk_seed and the FTS address.
- * Assumes m contains at least SPX_FORS_HEIGHT * SPX_FORS_TREES bits.
- */
-void fors_sign(unsigned char *sig, unsigned char *pk,
-               const unsigned char *m,
-               const spx_ctx *ctx,
-               const uint32_t fors_addr[8])
-{
-    uint32_t indices[SPX_FORS_TREES];
-    unsigned char roots[SPX_FORS_TREES * SPX_N];
-    uint32_t fors_tree_addr[8] = {0};
-    struct fors_gen_leaf_info fors_info = {0};
-    uint32_t *fors_leaf_addr = fors_info.leaf_addrx;
-    uint32_t fors_pk_addr[8] = {0};
-    uint32_t idx_offset;
-    unsigned int i;
-
-    copy_keypair_addr(fors_tree_addr, fors_addr);
-    copy_keypair_addr(fors_leaf_addr, fors_addr);
-
-    copy_keypair_addr(fors_pk_addr, fors_addr);
-    set_type(fors_pk_addr, SPX_ADDR_TYPE_FORSPK);
-
-    message_to_indices(indices, m);
-
-    for (i = 0; i < SPX_FORS_TREES; i++) {
-        idx_offset = i * (1 << SPX_FORS_HEIGHT);
-
-        set_tree_height(fors_tree_addr, 0);
-        set_tree_index(fors_tree_addr, indices[i] + idx_offset);
-        set_type(fors_tree_addr, SPX_ADDR_TYPE_FORSPRF);
-
-        /* Include the secret key part that produces the selected leaf node. */
-        fors_gen_sk(sig, ctx, fors_tree_addr);
-        set_type(fors_tree_addr, SPX_ADDR_TYPE_FORSTREE);
-        sig += SPX_N;
-
-        /* Compute the authentication path for this leaf node. */
-        fors_treehashx1(roots + i*SPX_N, sig, ctx,
-                 indices[i], idx_offset, SPX_FORS_HEIGHT,
-                 fors_tree_addr, &fors_info);
-
-        sig += SPX_N * SPX_FORS_HEIGHT;
-    }
-
-    /* Hash horizontally across all tree roots to derive the public key. */
-    thash(pk, roots, SPX_FORS_TREES, ctx, fors_pk_addr);
-}
-
-/**
- * Derives the FORS public key from a signature.
- * This can be used for verification by comparing to a known public key, or to
- * subsequently verify a signature on the derived public key. The latter is the
- * typical use-case when used as an FTS below an OTS in a hypertree.
- * Assumes m contains at least SPX_FORS_HEIGHT * SPX_FORS_TREES bits.
- */
-void fors_pk_from_sig(unsigned char *pk,
-                      const unsigned char *sig, const unsigned char *m,
-                      const spx_ctx* ctx,
-                      const uint32_t fors_addr[8])
-{
-    uint32_t indices[SPX_FORS_TREES];
-    unsigned char roots[SPX_FORS_TREES * SPX_N];
-    unsigned char leaf[SPX_N];
-    uint32_t fors_tree_addr[8] = {0};
-    uint32_t fors_pk_addr[8] = {0};
-    uint32_t idx_offset;
-    unsigned int i;
-
-    copy_keypair_addr(fors_tree_addr, fors_addr);
-    copy_keypair_addr(fors_pk_addr, fors_addr);
-
-    set_type(fors_tree_addr, SPX_ADDR_TYPE_FORSTREE);
-    set_type(fors_pk_addr, SPX_ADDR_TYPE_FORSPK);
-
-    message_to_indices(indices, m);
-
-    for (i = 0; i < SPX_FORS_TREES; i++) {
-        idx_offset = i * (1 << SPX_FORS_HEIGHT);
-
-        set_tree_height(fors_tree_addr, 0);
-        set_tree_index(fors_tree_addr, indices[i] + idx_offset);
-
-        /* Derive the leaf from the included secret key part. */
-        fors_sk_to_leaf(leaf, sig, ctx, fors_tree_addr);
-        sig += SPX_N;
-
-        /* Derive the corresponding root node of this tree. */
-        compute_root(roots + i*SPX_N, leaf, indices[i], idx_offset,
-                     sig, SPX_FORS_HEIGHT, ctx, fors_tree_addr);
-        sig += SPX_N * SPX_FORS_HEIGHT;
-    }
-
-    /* Hash horizontally across all tree roots to derive the public key. */
-    thash(pk, roots, SPX_FORS_TREES, ctx, fors_pk_addr);
-}
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/merkle.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/merkle.c
deleted file mode 100644
index 9630b74..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/merkle.c
+++ /dev/null
@@ -1,60 +0,0 @@
-#include <stdint.h>
-#include <string.h>
-
-#include "../include/address.h"
-#include "../include/merkle.h"
-#include "../include/params.h"
-#include "../include/utils.h"
-#include "../include/utilsx1.h"
-#include "../include/wots.h"
-#include "../include/wotsx1.h"
-
-/*
- * This generates a Merkle signature (WOTS signature followed by the Merkle
- * authentication path).  This is in this file because most of the complexity
- * is involved with the WOTS signature; the Merkle authentication path logic
- * is mostly hidden in treehashx4
- */
-void merkle_sign(uint8_t *sig, unsigned char *root,
-                 const spx_ctx *ctx,
-                 uint32_t wots_addr[8], uint32_t tree_addr[8],
-                 uint32_t idx_leaf)
-{
-    unsigned char *auth_path = sig + SPX_WOTS_BYTES;
-    struct leaf_info_x1 info = { 0 };
-    unsigned steps[ SPX_WOTS_LEN ];
-
-    info.wots_sig = sig;
-    chain_lengths(steps, root);
-    info.wots_steps = steps;
-
-    set_type(&tree_addr[0], SPX_ADDR_TYPE_HASHTREE);
-    set_type(&info.pk_addr[0], SPX_ADDR_TYPE_WOTSPK);
-    copy_subtree_addr(&info.leaf_addr[0], wots_addr);
-    copy_subtree_addr(&info.pk_addr[0], wots_addr);
-
-    info.wots_sign_leaf = idx_leaf;
-
-    wots_treehashx1(root, auth_path, ctx,
-                idx_leaf, 0,
-                SPX_TREE_HEIGHT,
-                tree_addr, &info);
-}
-
-/* Compute root node of the top-most subtree. */
-void merkle_gen_root(unsigned char *root, const spx_ctx *ctx)
-{
-    /* We do not need the auth path in key generation, but it simplifies the
-       code to have just one treehash routine that computes both root and path
-       in one function. */
-    unsigned char auth_path[SPX_TREE_HEIGHT * SPX_N + SPX_WOTS_BYTES];
-    uint32_t top_tree_addr[8] = {0};
-    uint32_t wots_addr[8] = {0};
-
-    set_layer_addr(top_tree_addr, SPX_D - 1);
-    set_layer_addr(wots_addr, SPX_D - 1);
-
-    merkle_sign(auth_path, root, ctx,
-                wots_addr, top_tree_addr,
-                (uint32_t)~0 /* ~0 means "don't bother generating an auth path */ );
-}
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/randombytes.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/randombytes.c
deleted file mode 100644
index ac68df0..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/randombytes.c
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
-This code was taken from the SPHINCS reference implementation and is public domain.
-*/
-
-#include <fcntl.h>
-#include <unistd.h>
-
-#include "../include/randombytes.h"
-
-static int fd = -1;
-
-void randombytes(unsigned char *x, unsigned long long xlen)
-{
-    unsigned long long i;
-
-    if (fd == -1) {
-        for (;;) {
-            fd = open("/dev/urandom", O_RDONLY);
-            if (fd != -1) {
-                break;
-            }
-            sleep(1);
-        }
-    }
-
-    while (xlen > 0) {
-        if (xlen < 1048576) {
-            i = xlen;
-        }
-        else {
-            i = 1048576;
-        }
-
-        i = (unsigned long long)read(fd, x, i);
-        if (i < 1) {
-            sleep(1);
-            continue;
-        }
-
-        x += i;
-        xlen -= i;
-    }
-}
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/rng.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/rng.c
deleted file mode 100644
index 6e65ea0..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/rng.c
+++ /dev/null
@@ -1,219 +0,0 @@
-//
-//  rng.c
-//
-//  Created by Bassham, Lawrence E (Fed) on 8/29/17.
-//  Copyright © 2017 Bassham, Lawrence E (Fed). All rights reserved.
-//
-
-#include <string.h>
-#include <openssl/conf.h>
-#include <openssl/evp.h>
-#include <openssl/err.h>
-
-#include "../include/rng.h"
-
-AES256_CTR_DRBG_struct  DRBG_ctx;
-
-void    AES256_ECB(unsigned char *key, unsigned char *ctr, unsigned char *buffer);
-
-/*
- seedexpander_init()
- ctx            - stores the current state of an instance of the seed expander
- seed           - a 32 byte random value
- diversifier    - an 8 byte diversifier
- maxlen         - maximum number of bytes (less than 2**32) generated under this seed and diversifier
- */
-int
-seedexpander_init(AES_XOF_struct *ctx,
-                  unsigned char *seed,
-                  unsigned char *diversifier,
-                  unsigned long maxlen)
-{
-    if ( maxlen >= 0x100000000 )
-        return RNG_BAD_MAXLEN;
-    
-    ctx->length_remaining = maxlen;
-    
-    memcpy(ctx->key, seed, 32);
-    
-    memcpy(ctx->ctr, diversifier, 8);
-    ctx->ctr[11] = (unsigned char)(maxlen % 256);
-    maxlen >>= 8;
-    ctx->ctr[10] = (unsigned char)(maxlen % 256);
-    maxlen >>= 8;
-    ctx->ctr[9] = (unsigned char)(maxlen % 256);
-    maxlen >>= 8;
-    ctx->ctr[8] = (unsigned char)(maxlen % 256);
-    memset(ctx->ctr+12, 0x00, 4);
-    
-    ctx->buffer_pos = 16;
-    memset(ctx->buffer, 0x00, 16);
-    
-    return RNG_SUCCESS;
-}
-
-/*
- seedexpander()
-    ctx  - stores the current state of an instance of the seed expander
-    x    - returns the XOF data
-    xlen - number of bytes to return
- */
-int
-seedexpander(AES_XOF_struct *ctx, unsigned char *x, unsigned long xlen)
-{
-    unsigned long   offset;
-    
-    if ( x == NULL )
-        return RNG_BAD_OUTBUF;
-    if ( xlen >= ctx->length_remaining )
-        return RNG_BAD_REQ_LEN;
-    
-    ctx->length_remaining -= xlen;
-    
-    offset = 0;
-    while ( xlen > 0 ) {
-        if ( xlen <= (16-ctx->buffer_pos) ) { // buffer has what we need
-            memcpy(x+offset, ctx->buffer+ctx->buffer_pos, xlen);
-            ctx->buffer_pos += xlen;
-            
-            return RNG_SUCCESS;
-        }
-        
-        // take what's in the buffer
-        memcpy(x+offset, ctx->buffer+ctx->buffer_pos, 16-ctx->buffer_pos);
-        xlen -= 16-ctx->buffer_pos;
-        offset += 16-ctx->buffer_pos;
-        
-        AES256_ECB(ctx->key, ctx->ctr, ctx->buffer);
-        ctx->buffer_pos = 0;
-        
-        //increment the counter
-        for (int i=15; i>=12; i--) {
-            if ( ctx->ctr[i] == 0xff )
-                ctx->ctr[i] = 0x00;
-            else {
-                ctx->ctr[i]++;
-                break;
-            }
-        }
-        
-    }
-    
-    return RNG_SUCCESS;
-}
-
-
-static void handleErrors(void)
-{
-    ERR_print_errors_fp(stderr);
-    abort();
-}
-
-// Use whatever AES implementation you have. This uses AES from openSSL library
-//    key - 256-bit AES key
-//    ctr - a 128-bit plaintext value
-//    buffer - a 128-bit ciphertext value
-void
-AES256_ECB(unsigned char *key, unsigned char *ctr, unsigned char *buffer)
-{
-    EVP_CIPHER_CTX *ctx;
-    
-    int len;
-    
-    /* Create and initialise the context */
-    if(!(ctx = EVP_CIPHER_CTX_new())) handleErrors();
-    
-    if(1 != EVP_EncryptInit_ex(ctx, EVP_aes_256_ecb(), NULL, key, NULL))
-        handleErrors();
-    
-    if(1 != EVP_EncryptUpdate(ctx, buffer, &len, ctr, 16))
-        handleErrors();
-    
-    /* Clean up */
-    EVP_CIPHER_CTX_free(ctx);
-}
-
-void
-randombytes_init(unsigned char *entropy_input,
-                 unsigned char *personalization_string)
-{
-    unsigned char   seed_material[48];
-    
-    memcpy(seed_material, entropy_input, 48);
-    if (personalization_string)
-        for (int i=0; i<48; i++)
-            seed_material[i] ^= personalization_string[i];
-    memset(DRBG_ctx.Key, 0x00, 32);
-    memset(DRBG_ctx.V, 0x00, 16);
-    AES256_CTR_DRBG_Update(seed_material, DRBG_ctx.Key, DRBG_ctx.V);
-    DRBG_ctx.reseed_counter = 1;
-}
-
-int
-randombytes(unsigned char *x, unsigned long long xlen)
-{
-    unsigned char   block[16];
-    int             i = 0;
-    
-    while ( xlen > 0 ) {
-        //increment V
-        for (int j=15; j>=0; j--) {
-            if ( DRBG_ctx.V[j] == 0xff )
-                DRBG_ctx.V[j] = 0x00;
-            else {
-                DRBG_ctx.V[j]++;
-                break;
-            }
-        }
-        AES256_ECB(DRBG_ctx.Key, DRBG_ctx.V, block);
-        if ( xlen > 15 ) {
-            memcpy(x+i, block, 16);
-            i += 16;
-            xlen -= 16;
-        }
-        else {
-            memcpy(x+i, block, xlen);
-            xlen = 0;
-        }
-    }
-    AES256_CTR_DRBG_Update(NULL, DRBG_ctx.Key, DRBG_ctx.V);
-    DRBG_ctx.reseed_counter++;
-    
-    return RNG_SUCCESS;
-}
-
-void
-AES256_CTR_DRBG_Update(unsigned char *provided_data,
-                       unsigned char *Key,
-                       unsigned char *V)
-{
-    unsigned char   temp[48];
-    
-    for (int i=0; i<3; i++) {
-        //increment V
-        for (int j=15; j>=0; j--) {
-            if ( V[j] == 0xff )
-                V[j] = 0x00;
-            else {
-                V[j]++;
-                break;
-            }
-        }
-        
-        AES256_ECB(Key, V, temp+16*i);
-    }
-    if ( provided_data != NULL )
-        for (int i=0; i<48; i++)
-            temp[i] ^= provided_data[i];
-    memcpy(Key, temp, 32);
-    memcpy(V, temp+32, 16);
-}
-
-
-
-
-
-
-
-
-
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/sign.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/sign.c
deleted file mode 100644
index 4a2fdc6..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/sign.c
+++ /dev/null
@@ -1,287 +0,0 @@
-#include <stddef.h>
-#include <string.h>
-#include <stdint.h>
-
-#include "../include/address.h"
-#include "../include/api.h"
-#include "../include/fors.h"
-#include "../include/hash.h"
-#include "../include/merkle.h"
-#include "../include/params.h"
-#include "../include/randombytes.h"
-#include "../include/thash.h"
-#include "../include/utils.h"
-#include "../include/wots.h"
-
-/*
- * Returns the length of a secret key, in bytes
- */
-unsigned long long crypto_sign_secretkeybytes(void)
-{
-    return CRYPTO_SECRETKEYBYTES;
-}
-
-/*
- * Returns the length of a public key, in bytes
- */
-unsigned long long crypto_sign_publickeybytes(void)
-{
-    return CRYPTO_PUBLICKEYBYTES;
-}
-
-/*
- * Returns the length of a signature, in bytes
- */
-unsigned long long crypto_sign_bytes(void)
-{
-    return CRYPTO_BYTES;
-}
-
-/*
- * Returns the length of the seed required to generate a key pair, in bytes
- */
-unsigned long long crypto_sign_seedbytes(void)
-{
-    return CRYPTO_SEEDBYTES;
-}
-
-/*
- * Generates an SPX key pair given a seed of length
- * Format sk: [SK_SEED || SK_PRF || PUB_SEED || root]
- * Format pk: [PUB_SEED || root]
- */
-int crypto_sign_seed_keypair(unsigned char *pk, unsigned char *sk,
-                             const unsigned char *seed)
-{
-    spx_ctx ctx;
-
-    /* Initialize SK_SEED, SK_PRF and PUB_SEED from seed. */
-    memcpy(sk, seed, CRYPTO_SEEDBYTES);
-
-    memcpy(pk, sk + 2*SPX_N, SPX_N);
-
-    memcpy(ctx.pub_seed, pk, SPX_N);
-    memcpy(ctx.sk_seed, sk, SPX_N);
-
-    /* This hook allows the hash function instantiation to do whatever
-       preparation or computation it needs, based on the public seed. */
-    initialize_hash_function(&ctx);
-
-    /* Compute root node of the top-most subtree. */
-    merkle_gen_root(sk + 3*SPX_N, &ctx);
-
-    memcpy(pk + SPX_N, sk + 3*SPX_N, SPX_N);
-
-    return 0;
-}
-
-/*
- * Generates an SPX key pair.
- * Format sk: [SK_SEED || SK_PRF || PUB_SEED || root]
- * Format pk: [PUB_SEED || root]
- */
-int crypto_sign_keypair(unsigned char *pk, unsigned char *sk)
-{
-  unsigned char seed[CRYPTO_SEEDBYTES];
-  randombytes(seed, CRYPTO_SEEDBYTES);
-  crypto_sign_seed_keypair(pk, sk, seed);
-
-  return 0;
-}
-
-/**
- * Returns an array containing a detached signature.
- */
-int crypto_sign_signature(uint8_t *sig, size_t *siglen,
-                          const uint8_t *m, size_t mlen, const uint8_t *sk)
-{
-    spx_ctx ctx;
-
-    const unsigned char *sk_prf = sk + SPX_N;
-    const unsigned char *pk = sk + 2*SPX_N;
-
-    unsigned char optrand[SPX_N];
-    unsigned char mhash[SPX_FORS_MSG_BYTES];
-    unsigned char root[SPX_N];
-    uint32_t i;
-    uint64_t tree;
-    uint32_t idx_leaf;
-    uint32_t wots_addr[8] = {0};
-    uint32_t tree_addr[8] = {0};
-
-    memcpy(ctx.sk_seed, sk, SPX_N);
-    memcpy(ctx.pub_seed, pk, SPX_N);
-
-    /* This hook allows the hash function instantiation to do whatever
-       preparation or computation it needs, based on the public seed. */
-    initialize_hash_function(&ctx);
-
-    set_type(wots_addr, SPX_ADDR_TYPE_WOTS);
-    set_type(tree_addr, SPX_ADDR_TYPE_HASHTREE);
-
-    /* Optionally, signing can be made non-deterministic using optrand.
-       This can help counter side-channel attacks that would benefit from
-       getting a large number of traces when the signer uses the same nodes. */
-    randombytes(optrand, SPX_N);
-    /* Compute the digest randomization value. */
-    gen_message_random(sig, sk_prf, optrand, m, mlen, &ctx);
-
-    /* Derive the message digest and leaf index from R, PK and M. */
-    hash_message(mhash, &tree, &idx_leaf, sig, pk, m, mlen, &ctx);
-    sig += SPX_N;
-
-    set_tree_addr(wots_addr, tree);
-    set_keypair_addr(wots_addr, idx_leaf);
-
-    /* Sign the message hash using FORS. */
-    fors_sign(sig, root, mhash, &ctx, wots_addr);
-    sig += SPX_FORS_BYTES;
-
-    for (i = 0; i < SPX_D; i++) {
-        set_layer_addr(tree_addr, i);
-        set_tree_addr(tree_addr, tree);
-
-        copy_subtree_addr(wots_addr, tree_addr);
-        set_keypair_addr(wots_addr, idx_leaf);
-
-        merkle_sign(sig, root, &ctx, wots_addr, tree_addr, idx_leaf);
-        sig += SPX_WOTS_BYTES + SPX_TREE_HEIGHT * SPX_N;
-
-        /* Update the indices for the next layer. */
-        idx_leaf = (tree & ((1 << SPX_TREE_HEIGHT)-1));
-        tree = tree >> SPX_TREE_HEIGHT;
-    }
-
-    *siglen = SPX_BYTES;
-
-    return 0;
-}
-
-/**
- * Verifies a detached signature and message under a given public key.
- */
-int crypto_sign_verify(const uint8_t *sig, size_t siglen,
-                       const uint8_t *m, size_t mlen, const uint8_t *pk)
-{
-    spx_ctx ctx;
-    const unsigned char *pub_root = pk + SPX_N;
-    unsigned char mhash[SPX_FORS_MSG_BYTES];
-    unsigned char wots_pk[SPX_WOTS_BYTES];
-    unsigned char root[SPX_N];
-    unsigned char leaf[SPX_N];
-    unsigned int i;
-    uint64_t tree;
-    uint32_t idx_leaf;
-    uint32_t wots_addr[8] = {0};
-    uint32_t tree_addr[8] = {0};
-    uint32_t wots_pk_addr[8] = {0};
-
-    if (siglen != SPX_BYTES) {
-        return -1;
-    }
-
-    memcpy(ctx.pub_seed, pk, SPX_N);
-
-    /* This hook allows the hash function instantiation to do whatever
-       preparation or computation it needs, based on the public seed. */
-    initialize_hash_function(&ctx);
-
-    set_type(wots_addr, SPX_ADDR_TYPE_WOTS);
-    set_type(tree_addr, SPX_ADDR_TYPE_HASHTREE);
-    set_type(wots_pk_addr, SPX_ADDR_TYPE_WOTSPK);
-
-    /* Derive the message digest and leaf index from R || PK || M. */
-    /* The additional SPX_N is a result of the hash domain separator. */
-    hash_message(mhash, &tree, &idx_leaf, sig, pk, m, mlen, &ctx);
-    sig += SPX_N;
-
-    /* Layer correctly defaults to 0, so no need to set_layer_addr */
-    set_tree_addr(wots_addr, tree);
-    set_keypair_addr(wots_addr, idx_leaf);
-
-    fors_pk_from_sig(root, sig, mhash, &ctx, wots_addr);
-    sig += SPX_FORS_BYTES;
-
-    /* For each subtree.. */
-    for (i = 0; i < SPX_D; i++) {
-        set_layer_addr(tree_addr, i);
-        set_tree_addr(tree_addr, tree);
-
-        copy_subtree_addr(wots_addr, tree_addr);
-        set_keypair_addr(wots_addr, idx_leaf);
-
-        copy_keypair_addr(wots_pk_addr, wots_addr);
-
-        /* The WOTS public key is only correct if the signature was correct. */
-        /* Initially, root is the FORS pk, but on subsequent iterations it is
-           the root of the subtree below the currently processed subtree. */
-        wots_pk_from_sig(wots_pk, sig, root, &ctx, wots_addr);
-        sig += SPX_WOTS_BYTES;
-
-        /* Compute the leaf node using the WOTS public key. */
-        thash(leaf, wots_pk, SPX_WOTS_LEN, &ctx, wots_pk_addr);
-
-        /* Compute the root node of this subtree. */
-        compute_root(root, leaf, idx_leaf, 0, sig, SPX_TREE_HEIGHT,
-                     &ctx, tree_addr);
-        sig += SPX_TREE_HEIGHT * SPX_N;
-
-        /* Update the indices for the next layer. */
-        idx_leaf = (tree & ((1 << SPX_TREE_HEIGHT)-1));
-        tree = tree >> SPX_TREE_HEIGHT;
-    }
-
-    /* Check if the root node equals the root node in the public key. */
-    if (memcmp(root, pub_root, SPX_N)) {
-        return -1;
-    }
-
-    return 0;
-}
-
-
-/**
- * Returns an array containing the signature followed by the message.
- */
-int crypto_sign(unsigned char *sm, unsigned long long *smlen,
-                const unsigned char *m, unsigned long long mlen,
-                const unsigned char *sk)
-{
-    size_t siglen;
-
-    crypto_sign_signature(sm, &siglen, m, (size_t)mlen, sk);
-
-    memmove(sm + SPX_BYTES, m, mlen);
-    *smlen = siglen + mlen;
-
-    return 0;
-}
-
-/**
- * Verifies a given signature-message pair under a given public key.
- */
-int crypto_sign_open(unsigned char *m, unsigned long long *mlen,
-                     const unsigned char *sm, unsigned long long smlen,
-                     const unsigned char *pk)
-{
-    /* The API caller does not necessarily know what size a signature should be
-       but SPHINCS+ signatures are always exactly SPX_BYTES. */
-    if (smlen < SPX_BYTES) {
-        memset(m, 0, smlen);
-        *mlen = 0;
-        return -1;
-    }
-
-    *mlen = smlen - SPX_BYTES;
-
-    if (crypto_sign_verify(sm, SPX_BYTES, sm + SPX_BYTES, (size_t)*mlen, pk)) {
-        memset(m, 0, smlen);
-        *mlen = 0;
-        return -1;
-    }
-
-    /* If verification was successful, move the message to the right place. */
-    memmove(m, sm + SPX_BYTES, *mlen);
-
-    return 0;
-}
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/utils.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/utils.c
deleted file mode 100644
index 7f55917..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/utils.c
+++ /dev/null
@@ -1,154 +0,0 @@
-#include <string.h>
-
-#include "../include/address.h"
-#include "../include/hash.h"
-#include "../include/params.h"
-#include "../include/thash.h"
-#include "../include/utils.h"
-
-/**
- * Converts the value of 'in' to 'outlen' bytes in big-endian byte order.
- */
-void ull_to_bytes(unsigned char *out, unsigned int outlen,
-                  unsigned long long in)
-{
-    int i;
-
-    /* Iterate over out in decreasing order, for big-endianness. */
-    for (i = (signed int)outlen - 1; i >= 0; i--) {
-        out[i] = in & 0xff;
-        in = in >> 8;
-    }
-}
-
-void u32_to_bytes(unsigned char *out, uint32_t in)
-{
-    out[0] = (unsigned char)(in >> 24);
-    out[1] = (unsigned char)(in >> 16);
-    out[2] = (unsigned char)(in >> 8);
-    out[3] = (unsigned char)in;
-}
-
-/**
- * Converts the inlen bytes in 'in' from big-endian byte order to an integer.
- */
-unsigned long long bytes_to_ull(const unsigned char *in, unsigned int inlen)
-{
-    unsigned long long retval = 0;
-    unsigned int i;
-
-    for (i = 0; i < inlen; i++) {
-        retval |= ((unsigned long long)in[i]) << (8*(inlen - 1 - i));
-    }
-    return retval;
-}
-
-/**
- * Computes a root node given a leaf and an auth path.
- * Expects address to be complete other than the tree_height and tree_index.
- */
-void compute_root(unsigned char *root, const unsigned char *leaf,
-                  uint32_t leaf_idx, uint32_t idx_offset,
-                  const unsigned char *auth_path, uint32_t tree_height,
-                  const spx_ctx *ctx, uint32_t addr[8])
-{
-    uint32_t i;
-    unsigned char buffer[2 * SPX_N];
-
-    /* If leaf_idx is odd (last bit = 1), current path element is a right child
-       and auth_path has to go left. Otherwise it is the other way around. */
-    if (leaf_idx & 1) {
-        memcpy(buffer + SPX_N, leaf, SPX_N);
-        memcpy(buffer, auth_path, SPX_N);
-    }
-    else {
-        memcpy(buffer, leaf, SPX_N);
-        memcpy(buffer + SPX_N, auth_path, SPX_N);
-    }
-    auth_path += SPX_N;
-
-    for (i = 0; i < tree_height - 1; i++) {
-        leaf_idx >>= 1;
-        idx_offset >>= 1;
-        /* Set the address of the node we're creating. */
-        set_tree_height(addr, i + 1);
-        set_tree_index(addr, leaf_idx + idx_offset);
-
-        /* Pick the right or left neighbor, depending on parity of the node. */
-        if (leaf_idx & 1) {
-            thash(buffer + SPX_N, buffer, 2, ctx, addr);
-            memcpy(buffer, auth_path, SPX_N);
-        }
-        else {
-            thash(buffer, buffer, 2, ctx, addr);
-            memcpy(buffer + SPX_N, auth_path, SPX_N);
-        }
-        auth_path += SPX_N;
-    }
-
-    /* The last iteration is exceptional; we do not copy an auth_path node. */
-    leaf_idx >>= 1;
-    idx_offset >>= 1;
-    set_tree_height(addr, tree_height);
-    set_tree_index(addr, leaf_idx + idx_offset);
-    thash(root, buffer, 2, ctx, addr);
-}
-
-/**
- * For a given leaf index, computes the authentication path and the resulting
- * root node using Merkle's TreeHash algorithm.
- * Expects the layer and tree parts of the tree_addr to be set, as well as the
- * tree type (i.e. SPX_ADDR_TYPE_HASHTREE or SPX_ADDR_TYPE_FORSTREE).
- * Applies the offset idx_offset to indices before building addresses, so that
- * it is possible to continue counting indices across trees.
- */
-void treehash(unsigned char *root, unsigned char *auth_path, const spx_ctx* ctx,
-              uint32_t leaf_idx, uint32_t idx_offset, uint32_t tree_height,
-              void (*gen_leaf)(
-                 unsigned char* /* leaf */,
-                 const spx_ctx* /* ctx */,
-                 uint32_t /* addr_idx */, const uint32_t[8] /* tree_addr */),
-              uint32_t tree_addr[8])
-{
-    SPX_VLA(uint8_t, stack, (tree_height+1)*SPX_N);
-    SPX_VLA(unsigned int, heights, tree_height+1);
-    unsigned int offset = 0;
-    uint32_t idx;
-    uint32_t tree_idx;
-
-    for (idx = 0; idx < (uint32_t)(1 << tree_height); idx++) {
-        /* Add the next leaf node to the stack. */
-        gen_leaf(stack + offset*SPX_N, ctx, idx + idx_offset, tree_addr);
-        offset++;
-        heights[offset - 1] = 0;
-
-        /* If this is a node we need for the auth path.. */
-        if ((leaf_idx ^ 0x1) == idx) {
-            memcpy(auth_path, stack + (offset - 1)*SPX_N, SPX_N);
-        }
-
-        /* While the top-most nodes are of equal height.. */
-        while (offset >= 2 && heights[offset - 1] == heights[offset - 2]) {
-            /* Compute index of the new node, in the next layer. */
-            tree_idx = (idx >> (heights[offset - 1] + 1));
-
-            /* Set the address of the node we're creating. */
-            set_tree_height(tree_addr, heights[offset - 1] + 1);
-            set_tree_index(tree_addr,
-                           tree_idx + (idx_offset >> (heights[offset-1] + 1)));
-            /* Hash the top-most nodes from the stack together. */
-            thash(stack + (offset - 2)*SPX_N,
-                  stack + (offset - 2)*SPX_N, 2, ctx, tree_addr);
-            offset--;
-            /* Note that the top-most node is now one layer higher. */
-            heights[offset - 1]++;
-
-            /* If this is a node we need for the auth path.. */
-            if (((leaf_idx >> heights[offset - 1]) ^ 0x1) == tree_idx) {
-                memcpy(auth_path + heights[offset - 1]*SPX_N,
-                       stack + (offset - 1)*SPX_N, SPX_N);
-            }
-        }
-    }
-    memcpy(root, stack, SPX_N);
-}
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/utilsx1.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/utilsx1.c
deleted file mode 100644
index e5449b4..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/utilsx1.c
+++ /dev/null
@@ -1,174 +0,0 @@
-#include <string.h>
-
-#include "../include/address.h"
-#include "../include/params.h"
-#include "../include/forsx1.h"
-#include "../include/thash.h"
-#include "../include/utils.h"
-#include "../include/fors.h"
-#include "../include/utilsx1.h"
-
-/*
- * Generate the entire Merkle tree, computing the authentication path for
- * leaf_idx, and the resulting root node using Merkle's TreeHash algorithm.
- * Expects the layer and tree parts of the tree_addr to be set, as well as the
- * tree type (i.e. SPX_ADDR_TYPE_HASHTREE or SPX_ADDR_TYPE_FORSTREE)
- *
- * This expects tree_addr to be initialized to the addr structures for the
- * Merkle tree nodes
- *
- * Applies the offset idx_offset to indices before building addresses, so that
- * it is possible to continue counting indices across trees.
- *
- * This works by using the standard Merkle tree building algorithm,
- */
-void wots_treehashx1(unsigned char *root, unsigned char *auth_path,
-		     const spx_ctx* ctx,
-		     uint32_t leaf_idx, uint32_t idx_offset,
-		     uint32_t tree_height,
-		     uint32_t tree_addr[8],
-		     leaf_info_x1 *info)
-{
-    /* This is where we keep the intermediate nodes */
-    SPX_VLA(uint8_t, stack, tree_height*SPX_N);
-
-    uint32_t idx;
-    uint32_t max_idx = (uint32_t)((1 << tree_height) - 1);
-    for (idx = 0;; idx++) {
-        unsigned char current[2*SPX_N];   /* Current logical node is at */
-            /* index[SPX_N].  We do this to minimize the number of copies */
-            /* needed during a thash */
-        wots_gen_leafx1( &current[SPX_N], ctx, idx + idx_offset,
-			 info );
-
-        /* Now combine the freshly generated right node with previously */
-        /* generated left ones */
-        uint32_t internal_idx_offset = idx_offset;
-        uint32_t internal_idx = idx;
-        uint32_t internal_leaf = leaf_idx;
-        uint32_t h;     /* The height we are in the Merkle tree */
-        for (h=0;; h++, internal_idx >>= 1, internal_leaf >>= 1) {
-
-            /* Check if we hit the top of the tree */
-            if (h == tree_height) {
-                /* We hit the root; return it */
-                memcpy( root, &current[SPX_N], SPX_N );
-                return;
-            }
-
-            /*
-             * Check if the node we have is a part of the
-             * authentication path; if it is, write it out
-             */
-            if ((internal_idx ^ internal_leaf) == 0x01) {
-                memcpy( &auth_path[ h * SPX_N ],
-                        &current[SPX_N],
-                        SPX_N );
-            }
-
-            /*
-             * Check if we're at a left child; if so, stop going up the stack
-             * Exception: if we've reached the end of the tree, keep on going
-             * (so we combine the last 4 nodes into the one root node in two
-             * more iterations)
-             */
-            if ((internal_idx & 1) == 0 && idx < max_idx) {
-                break;
-            }
-
-            /* Ok, we're at a right node */
-            /* Now combine the left and right logical nodes together */
-
-            /* Set the address of the node we're creating. */
-            internal_idx_offset >>= 1;
-            set_tree_height(tree_addr, h + 1);
-            set_tree_index(tree_addr, internal_idx/2 + internal_idx_offset );
-
-            unsigned char *left = &stack[h * SPX_N];
-            memcpy( &current[0], left, SPX_N );
-            thash( &current[1 * SPX_N],
-                   &current[0 * SPX_N],
-                   2, ctx, tree_addr);
-        }
-
-        /* We've hit a left child; save the current for when we get the */
-        /* corresponding right right */
-        memcpy( &stack[h * SPX_N], &current[SPX_N], SPX_N);
-    }
-}
-
-void fors_treehashx1(unsigned char *root, unsigned char *auth_path,
-		     const spx_ctx* ctx,
-		     uint32_t leaf_idx, uint32_t idx_offset,
-		     uint32_t tree_height,
-		     uint32_t tree_addr[8],
-		     fors_gen_leaf_info *info)
-{
-    /* This is where we keep the intermediate nodes */
-    SPX_VLA(uint8_t, stack, tree_height*SPX_N);
-
-    uint32_t idx;
-    uint32_t max_idx = (uint32_t)((1 << tree_height) - 1);
-    for (idx = 0;; idx++) {
-        unsigned char current[2*SPX_N];   /* Current logical node is at */
-            /* index[SPX_N].  We do this to minimize the number of copies */
-            /* needed during a thash */
-
-        fors_gen_leafx1( &current[SPX_N], ctx, idx + idx_offset,
-			 info );
-
-        /* Now combine the freshly generated right node with previously */
-        /* generated left ones */
-        uint32_t internal_idx_offset = idx_offset;
-        uint32_t internal_idx = idx;
-        uint32_t internal_leaf = leaf_idx;
-        uint32_t h;     /* The height we are in the Merkle tree */
-        for (h=0;; h++, internal_idx >>= 1, internal_leaf >>= 1) {
-
-            /* Check if we hit the top of the tree */
-            if (h == tree_height) {
-                /* We hit the root; return it */
-                memcpy( root, &current[SPX_N], SPX_N );
-                return;
-            }
-
-            /*
-             * Check if the node we have is a part of the
-             * authentication path; if it is, write it out
-             */
-            if ((internal_idx ^ internal_leaf) == 0x01) {
-                memcpy( &auth_path[ h * SPX_N ],
-                        &current[SPX_N],
-                        SPX_N );
-            }
-
-            /*
-             * Check if we're at a left child; if so, stop going up the stack
-             * Exception: if we've reached the end of the tree, keep on going
-             * (so we combine the last 4 nodes into the one root node in two
-             * more iterations)
-             */
-            if ((internal_idx & 1) == 0 && idx < max_idx) {
-                break;
-            }
-
-            /* Ok, we're at a right node */
-            /* Now combine the left and right logical nodes together */
-
-            /* Set the address of the node we're creating. */
-            internal_idx_offset >>= 1;
-            set_tree_height(tree_addr, h + 1);
-            set_tree_index(tree_addr, internal_idx/2 + internal_idx_offset );
-
-            unsigned char *left = &stack[h * SPX_N];
-            memcpy( &current[0], left, SPX_N );
-            thash( &current[1 * SPX_N],
-                   &current[0 * SPX_N],
-                   2, ctx, tree_addr);
-        }
-
-        /* We've hit a left child; save the current for when we get the */
-        /* corresponding right right */
-        memcpy( &stack[h * SPX_N], &current[SPX_N], SPX_N);
-    }
-}
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/wots.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/wots.c
deleted file mode 100644
index aa413a8..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/wots.c
+++ /dev/null
@@ -1,112 +0,0 @@
-#include <stdint.h>
-#include <string.h>
-
-#include "../include/address.h"
-#include "../include/hash.h"
-#include "../include/params.h"
-#include "../include/thash.h"
-#include "../include/utils.h"
-#include "../include/utilsx1.h"
-#include "../include/wots.h"
-#include "../include/wotsx1.h"
-
-// TODO clarify address expectations, and make them more uniform.
-// TODO i.e. do we expect types to be set already?
-// TODO and do we expect modifications or copies?
-
-/**
- * Computes the chaining function.
- * out and in have to be n-byte arrays.
- *
- * Interprets in as start-th value of the chain.
- * addr has to contain the address of the chain.
- */
-static void gen_chain(unsigned char *out, const unsigned char *in,
-                      unsigned int start, unsigned int steps,
-                      const spx_ctx *ctx, uint32_t addr[8])
-{
-    uint32_t i;
-
-    /* Initialize out with the value at position 'start'. */
-    memcpy(out, in, SPX_N);
-
-    /* Iterate 'steps' calls to the hash function. */
-    for (i = start; i < (start+steps) && i < SPX_WOTS_W; i++) {
-        set_hash_addr(addr, i);
-        thash(out, out, 1, ctx, addr);
-    }
-}
-
-/**
- * base_w algorithm as described in draft.
- * Interprets an array of bytes as integers in base w.
- * This only works when log_w is a divisor of 8.
- */
-static void base_w(unsigned int *output, const int out_len,
-                   const unsigned char *input)
-{
-    int in = 0;
-    int out = 0;
-    unsigned char total;
-    int bits = 0;
-    int consumed;
-
-    for (consumed = 0; consumed < out_len; consumed++) {
-        if (bits == 0) {
-            total = input[in];
-            in++;
-            bits += 8;
-        }
-        bits -= SPX_WOTS_LOGW;
-        output[out] = (total >> bits) & (SPX_WOTS_W - 1);
-        out++;
-    }
-}
-
-/* Computes the WOTS+ checksum over a message (in base_w). */
-static void wots_checksum(unsigned int *csum_base_w,
-                          const unsigned int *msg_base_w)
-{
-    unsigned int csum = 0;
-    unsigned char csum_bytes[(SPX_WOTS_LEN2 * SPX_WOTS_LOGW + 7) / 8];
-    unsigned int i;
-
-    /* Compute checksum. */
-    for (i = 0; i < SPX_WOTS_LEN1; i++) {
-        csum += SPX_WOTS_W - 1 - msg_base_w[i];
-    }
-
-    /* Convert checksum to base_w. */
-    /* Make sure expected empty zero bits are the least significant bits. */
-    csum = csum << ((8 - ((SPX_WOTS_LEN2 * SPX_WOTS_LOGW) % 8)) % 8);
-    ull_to_bytes(csum_bytes, sizeof(csum_bytes), csum);
-    base_w(csum_base_w, SPX_WOTS_LEN2, csum_bytes);
-}
-
-/* Takes a message and derives the matching chain lengths. */
-void chain_lengths(unsigned int *lengths, const unsigned char *msg)
-{
-    base_w(lengths, SPX_WOTS_LEN1, msg);
-    wots_checksum(lengths + SPX_WOTS_LEN1, lengths);
-}
-
-/**
- * Takes a WOTS signature and an n-byte message, computes a WOTS public key.
- *
- * Writes the computed public key to 'pk'.
- */
-void wots_pk_from_sig(unsigned char *pk,
-                      const unsigned char *sig, const unsigned char *msg,
-                      const spx_ctx *ctx, uint32_t addr[8])
-{
-    unsigned int lengths[SPX_WOTS_LEN];
-    uint32_t i;
-
-    chain_lengths(lengths, msg);
-
-    for (i = 0; i < SPX_WOTS_LEN; i++) {
-        set_chain_addr(addr, i);
-        gen_chain(pk + i*SPX_N, sig + i*SPX_N,
-                  lengths[i], SPX_WOTS_W - 1 - lengths[i], ctx, addr);
-    }
-}
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/wotsx1.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/wotsx1.c
deleted file mode 100644
index f6d44fe..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/app/src/wotsx1.c
+++ /dev/null
@@ -1,73 +0,0 @@
-#include <stdint.h>
-#include <string.h>
-
-#include "../include/address.h"
-#include "../include/hash.h"
-#include "../include/params.h"
-#include "../include/thash.h"
-#include "../include/utils.h"
-#include "../include/wots.h"
-#include "../include/wotsx1.h"
-
-/*
- * This generates a WOTS public key
- * It also generates the WOTS signature if leaf_info indicates
- * that we're signing with this WOTS key
- */
-void wots_gen_leafx1(unsigned char *dest,
-                   const spx_ctx *ctx,
-                   uint32_t leaf_idx, leaf_info_x1 *v_info) {
-    struct leaf_info_x1 *info = v_info;
-    uint32_t *leaf_addr = info->leaf_addr;
-    uint32_t *pk_addr = info->pk_addr;
-    unsigned int i, k;
-    unsigned char pk_buffer[ SPX_WOTS_BYTES ];
-    unsigned char *buffer;
-    uint32_t wots_k_mask;
-
-    if (leaf_idx == info->wots_sign_leaf) {
-        /* We're traversing the leaf that's signing; generate the WOTS */
-        /* signature */
-        wots_k_mask = 0;
-    } else {
-        /* Nope, we're just generating pk's; turn off the signature logic */
-        wots_k_mask = (uint32_t)~0;
-    }
-
-    set_keypair_addr( leaf_addr, leaf_idx );
-    set_keypair_addr( pk_addr, leaf_idx );
-
-    for (i = 0, buffer = pk_buffer; i < SPX_WOTS_LEN; i++, buffer += SPX_N) {
-        uint32_t wots_k = info->wots_steps[i] | wots_k_mask; /* Set wots_k to */
-            /* the step if we're generating a signature, ~0 if we're not */
-
-        /* Start with the secret seed */
-        set_chain_addr(leaf_addr, i);
-        set_hash_addr(leaf_addr, 0);
-        set_type(leaf_addr, SPX_ADDR_TYPE_WOTSPRF);
-
-        prf_addr(buffer, ctx, leaf_addr);
-
-        set_type(leaf_addr, SPX_ADDR_TYPE_WOTS);
-
-        /* Iterate down the WOTS chain */
-        for (k=0;; k++) {
-            /* Check if this is the value that needs to be saved as a */
-            /* part of the WOTS signature */
-            if (k == wots_k) {
-                memcpy( info->wots_sig + i * SPX_N, buffer, SPX_N );
-            }
-
-            /* Check if we hit the top of the chain */
-            if (k == SPX_WOTS_W - 1) break;
-
-            /* Iterate one step on the chain */
-            set_hash_addr(leaf_addr, k);
-
-            thash(buffer, buffer, 1, ctx, leaf_addr);
-        }
-    }
-
-    /* Do the final thash to generate the public keys */
-    thash(dest, pk_buffer, SPX_WOTS_LEN, ctx, pk_addr);
-}
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/CMakeLists.txt b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/CMakeLists.txt
deleted file mode 100644
index 6beebc8..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/CMakeLists.txt
+++ /dev/null
@@ -1 +0,0 @@
-add_subdirectory(${HASH_BACKEND})
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/blake/CMakeLists.txt b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/blake/CMakeLists.txt
deleted file mode 100644
index 2ffb071..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/blake/CMakeLists.txt
+++ /dev/null
@@ -1,13 +0,0 @@
-set(BLAKE_SOURCES
-    src/blake256.c
-    src/blake512.c
-    src/hash_blake.c
-    ../../app/src/utils.c
-    src/thash_blake_${THASH}.c
-)
-
-set(PARAMS "sphincs-blake-${SECPAR}")
-set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DPARAMS=${PARAMS}")
-
-add_library(blake SHARED ${BLAKE_SOURCES})
-target_include_directories(blake PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/include)
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/blake/include/blake.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/blake/include/blake.h
deleted file mode 100644
index fe7508e..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/blake/include/blake.h
+++ /dev/null
@@ -1,51 +0,0 @@
-#ifndef SPX_BLAKE_H
-#define SPX_BLAKE_H
-
-#include <stdint.h>
-
-#define SPX_BLAKE256_OUTPUT_BYTES 32  /* This does not necessarily equal SPX_N */
-#define SPX_BLAKE512_OUTPUT_BYTES 64
-
-#if SPX_BLAKE256_OUTPUT_BYTES < SPX_N
-    #error Linking against BLAKE-256 with N larger than 32 bytes is not supported
-#endif
-
-typedef struct
-{
-  unsigned int h[8], s[4], t[2];
-  int buflen, nullt;
-  unsigned char buf[64];
-} blakestate256;
-
-typedef struct
-{
-  unsigned long long h[8], s[4], t[2];
-  int buflen, nullt;
-  unsigned char buf[128];
-} blakestate512;
-
-/* Implementation of Blake-512 */
-int blake512(uint8_t *out, const unsigned char *in, unsigned long long inlen);
-
-void blake512_init(blakestate512 *S);
-void blake512_compress(blakestate512 *S, const unsigned char *block);
-void blake512_update(blakestate512 *S, const unsigned char *in, unsigned long long inlen);
-void blake512_final(blakestate512 *S, unsigned char *out);
-
-/* Implementation of Blake-256 */
-int blake256(unsigned char *out, const unsigned char *in, unsigned long long inlen);
-
-void blake256_init(blakestate256 *S);
-void blake256_compress(blakestate256 *S, const unsigned char *block);
-void blake256_update(blakestate256 *S, const unsigned char *in, unsigned long long inlen);
-void blake256_final(blakestate256 *S, unsigned char *out);
-
-#define blake256_mgf1 SPX_NAMESPACE(blake256_mgf1)
-void blake256_mgf1(unsigned char *out, unsigned long outlen,
-		   const unsigned char *in, unsigned long inlen);
-
-#define blake512_mgf1 SPX_NAMESPACE(blake512_mgf1)
-void blake512_mgf1(unsigned char *out, unsigned long outlen,
-		   const unsigned char *in, unsigned long inlen);
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/blake/include/blake_offsets.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/blake/include/blake_offsets.h
deleted file mode 100644
index 5f08e03..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/blake/include/blake_offsets.h
+++ /dev/null
@@ -1,20 +0,0 @@
-#if !defined( BLAKE_OFFSETS_H_ )
-#define BLAKE_OFFSETS_H_
-
-/*
- * Offsets of various fields in the address structure when we use BLAKE as
- * the Sphincs+ hash function
- */
-
-#define SPX_OFFSET_LAYER     3   /* The byte used to specify the Merkle tree layer */
-#define SPX_OFFSET_TREE      8   /* The start of the 8 byte field used to specify the tree */
-#define SPX_OFFSET_TYPE      19  /* The byte used to specify the hash type (reason) */
-#define SPX_OFFSET_KP_ADDR   20  /* The start of the 4 byte field used to specify the key pair address */
-#define SPX_OFFSET_CHAIN_ADDR 27  /* The byte used to specify the chain address (which Winternitz chain) */
-#define SPX_OFFSET_HASH_ADDR 31  /* The byte used to specify the hash address (where in the Winternitz chain) */
-#define SPX_OFFSET_TREE_HGT  27  /* The byte used to specify the height of this node in the FORS or Merkle tree */
-#define SPX_OFFSET_TREE_INDEX 28 /* The start of the 4 byte field used to specify the node in the FORS or Merkle tree */
-
-#define SPX_BLAKE 1
-
-#endif /* BLAKE_OFFSETS_H_ */
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/blake/src/blake256.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/blake/src/blake256.c
deleted file mode 100644
index 9e05a43..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/blake/src/blake256.c
+++ /dev/null
@@ -1,402 +0,0 @@
-// supercop-20140525/crypto_hash/blake256/sandy
-
-/*
-   BLAKE reference C implementation
-
-   Copyright (c) 2012 Jean-Philippe Aumasson <jeanphilippe.aumasson@gmail.com>
-
-   To the extent possible under law, the author(s) have dedicated all copyright
-   and related and neighboring rights to this software to the public domain
-   worldwide. This software is distributed without any warranty.
-
-   You should have received a copy of the CC0 Public Domain Dedication along
-   with this software. If not, see
-   <http://creativecommons.org/publicdomain/zero/1.0/>.
- */
-
-#include <string.h>
-#include <stdio.h>
-
-#include "../../../app/include/utils.h"
-
-#include "../include/blake.h"
-
-typedef unsigned long long crypto_uint64;
-typedef unsigned int crypto_uint32;
-typedef unsigned char crypto_uint8;
-
-typedef crypto_uint64 u64;
-typedef crypto_uint32 u32;
-typedef crypto_uint8 u8; 
-
-#define U8TO32(p)					      \
-  (((uint32_t)((p)[0]) << 24) | ((uint32_t)((p)[1]) << 16) |  \
-   ((uint32_t)((p)[2]) <<  8) | ((uint32_t)((p)[3])      ))
-#define U32TO8(p, v)         \
-  (p)[0] = (uint8_t)((v) >> 24); \
-  (p)[1] = (uint8_t)((v) >> 16); \
-  (p)[2] = (uint8_t)((v) >> 8);  \
-  (p)[3] = (uint8_t)((v));
-
-static const u32 cst[16] = {
-  0x243F6A88,0x85A308D3,0x13198A2E,0x03707344,
-  0xA4093822,0x299F31D0,0x082EFA98,0xEC4E6C89,
-  0x452821E6,0x38D01377,0xBE5466CF,0x34E90C6C,
-  0xC0AC29B7,0xC97C50DD,0x3F84D5B5,0xB5470917};
-
-static const u8 padding[] =
-  {0x80,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-   0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
-
-#define BLAKE256_ROT(x,n) (((x)<<(32-n))|( (x)>>(n)))
-
-void blake256_compress( blakestate256 *S, const unsigned char *block )
-{
-  u32 m0;
-  u32 m1;
-  u32 m2;
-  u32 m3;
-  u32 m4;
-  u32 m5;
-  u32 m6;
-  u32 m7;
-  u32 m8;
-  u32 m9;
-  u32 m10;
-  u32 m11;
-  u32 m12;
-  u32 m13;
-  u32 m14;
-  u32 m15;
-  u32 v0;
-  u32 v1;
-  u32 v2;
-  u32 v3;
-  u32 v4;
-  u32 v5;
-  u32 v6;
-  u32 v7;
-  u32 v8;
-  u32 v9;
-  u32 v10;
-  u32 v11;
-  u32 v12;
-  u32 v13;
-  u32 v14;
-  u32 v15;
-
-  m0 = U8TO32(block + 0);
-  m1 = U8TO32(block + 4);
-  m2 = U8TO32(block + 8);
-  m3 = U8TO32(block + 12);
-  m4 = U8TO32(block + 16);
-  m5 = U8TO32(block + 20);
-  m6 = U8TO32(block + 24);
-  m7 = U8TO32(block + 28);
-  m8 = U8TO32(block + 32);
-  m9 = U8TO32(block + 36);
-  m10 = U8TO32(block + 40);
-  m11 = U8TO32(block + 44);
-  m12 = U8TO32(block + 48);
-  m13 = U8TO32(block + 52);
-  m14 = U8TO32(block + 56);
-  m15 = U8TO32(block + 60);
-  v0 = S->h[0];
-  v1 = S->h[1];
-  v2 = S->h[2];
-  v3 = S->h[3];
-  v4 = S->h[4];
-  v5 = S->h[5];
-  v6 = S->h[6];
-  v7 = S->h[7];
-  v8 = S->s[0] ^ 0x243F6A88;
-  v9 = S->s[1] ^ 0x85A308D3;
-  v10 = S->s[2] ^ 0x13198A2E;
-  v11 = S->s[3] ^ 0x03707344;
-  v12 = 0xA4093822;
-  v13 = 0x299F31D0;
-  v14 = 0x082EFA98;
-  v15 = 0xEC4E6C89;
-  if (S->nullt == 0) { 
-    v12 ^= S->t[0];
-    v13 ^= S->t[0];
-    v14 ^= S->t[1];
-    v15 ^= S->t[1];
-  }
-
-#define ROUND(m0,c0,m1,c1,m2,c2,m3,c3,m4,c4,m5,c5,m6,c6,m7,c7,m8,c8,m9,c9,m10,c10,m11,c11,m12,c12,m13,c13,m14,c14,m15,c15) \
-    v0 += m0 ^ c0; \
-    v0 += v4; \
-    v12 ^= v0; \
-    v12 = BLAKE256_ROT( v12,16); \
-    v8 += v12; \
-    v4 ^= v8; \
-    v4 = BLAKE256_ROT( v4,12); \
-      v1 += m2 ^ c2; \
-      v1 += v5; \
-      v13 ^= v1; \
-      v13 = BLAKE256_ROT( v13,16); \
-      v9 += v13; \
-      v5 ^= v9; \
-      v5 = BLAKE256_ROT( v5,12); \
-        v2 += m4 ^ c4; \
-        v2 += v6; \
-        v14 ^= v2; \
-        v14 = BLAKE256_ROT( v14,16); \
-        v10 += v14; \
-        v6 ^= v10; \
-        v6 = BLAKE256_ROT( v6,12); \
-          v3 += m6 ^ c6; \
-          v3 += v7; \
-          v15 ^= v3; \
-          v15 = BLAKE256_ROT( v15,16); \
-          v11 += v15; \
-          v7 ^= v11; \
-          v7 = BLAKE256_ROT( v7,12); \
-        v2 += m5 ^ c5; \
-        v2 += v6; \
-        v14 ^= v2; \
-        v14 = BLAKE256_ROT( v14, 8); \
-        v10 += v14; \
-        v6 ^= v10; \
-        v6 = BLAKE256_ROT( v6, 7); \
-          v3 += m7 ^ c7; \
-          v3 += v7; \
-          v15 ^= v3; \
-          v15 = BLAKE256_ROT( v15, 8); \
-          v11 += v15; \
-          v7 ^= v11; \
-          v7 = BLAKE256_ROT( v7, 7); \
-      v1 += m3 ^ c3; \
-      v1 += v5; \
-      v13 ^= v1; \
-      v13 = BLAKE256_ROT( v13, 8); \
-      v9 += v13; \
-      v5 ^= v9; \
-      v5 = BLAKE256_ROT( v5, 7); \
-    v0 += m1 ^ c1; \
-    v0 += v4; \
-    v12 ^= v0; \
-    v12 = BLAKE256_ROT( v12, 8); \
-    v8 += v12; \
-    v4 ^= v8; \
-    v4 = BLAKE256_ROT( v4, 7); \
-            v0 += m8 ^ c8; \
-            v0 += v5; \
-            v15 ^= v0; \
-            v15 = BLAKE256_ROT( v15,16); \
-            v10 += v15; \
-            v5 ^= v10; \
-            v5 = BLAKE256_ROT( v5,12); \
-              v1 += m10 ^ c10; \
-              v1 += v6; \
-              v12 ^= v1; \
-              v12 = BLAKE256_ROT( v12,16); \
-              v11 += v12; \
-              v6 ^= v11; \
-              v6 = BLAKE256_ROT( v6,12); \
-                v2 += m12 ^ c12; \
-                v2 += v7; \
-                v13 ^= v2; \
-                v13 = BLAKE256_ROT( v13,16); \
-                v8 += v13; \
-                v7 ^= v8; \
-                v7 = BLAKE256_ROT( v7,12); \
-                  v3 += m14 ^ c14; \
-                  v3 += v4; \
-                  v14 ^= v3; \
-                  v14 = BLAKE256_ROT( v14,16); \
-                  v9 += v14; \
-                  v4 ^= v9; \
-                  v4 = BLAKE256_ROT( v4,12); \
-                v2 += m13 ^ c13; \
-                v2 += v7; \
-                v13 ^= v2; \
-                v13 = BLAKE256_ROT( v13, 8); \
-                v8 += v13; \
-                v7 ^= v8; \
-                v7 = BLAKE256_ROT( v7, 7); \
-                  v3 += m15 ^ c15; \
-                  v3 += v4; \
-                  v14 ^= v3; \
-                  v14 = BLAKE256_ROT( v14, 8); \
-                  v9 += v14; \
-                  v4 ^= v9; \
-                  v4 = BLAKE256_ROT( v4, 7); \
-              v1 += m11 ^ c11; \
-              v1 += v6; \
-              v12 ^= v1; \
-              v12 = BLAKE256_ROT( v12, 8); \
-              v11 += v12; \
-              v6 ^= v11; \
-              v6 = BLAKE256_ROT( v6, 7); \
-            v0 += m9 ^ c9; \
-            v0 += v5; \
-            v15 ^= v0; \
-            v15 = BLAKE256_ROT( v15, 8); \
-            v10 += v15; \
-            v5 ^= v10; \
-            v5 = BLAKE256_ROT( v5, 7); \
-
-  ROUND(m0,cst[1],m1,cst[0],m2,cst[3],m3,cst[2],m4,cst[5],m5,cst[4],m6,cst[7],m7,cst[6],m8,cst[9],m9,cst[8],m10,cst[11],m11,cst[10],m12,cst[13],m13,cst[12],m14,cst[15],m15,cst[14])
-  ROUND(m14,cst[10],m10,cst[14],m4,cst[8],m8,cst[4],m9,cst[15],m15,cst[9],m13,cst[6],m6,cst[13],m1,cst[12],m12,cst[1],m0,cst[2],m2,cst[0],m11,cst[7],m7,cst[11],m5,cst[3],m3,cst[5])
-  ROUND(m11,cst[8],m8,cst[11],m12,cst[0],m0,cst[12],m5,cst[2],m2,cst[5],m15,cst[13],m13,cst[15],m10,cst[14],m14,cst[10],m3,cst[6],m6,cst[3],m7,cst[1],m1,cst[7],m9,cst[4],m4,cst[9])
-  ROUND(m7,cst[9],m9,cst[7],m3,cst[1],m1,cst[3],m13,cst[12],m12,cst[13],m11,cst[14],m14,cst[11],m2,cst[6],m6,cst[2],m5,cst[10],m10,cst[5],m4,cst[0],m0,cst[4],m15,cst[8],m8,cst[15])
-  ROUND(m9,cst[0],m0,cst[9],m5,cst[7],m7,cst[5],m2,cst[4],m4,cst[2],m10,cst[15],m15,cst[10],m14,cst[1],m1,cst[14],m11,cst[12],m12,cst[11],m6,cst[8],m8,cst[6],m3,cst[13],m13,cst[3])
-  ROUND(m2,cst[12],m12,cst[2],m6,cst[10],m10,cst[6],m0,cst[11],m11,cst[0],m8,cst[3],m3,cst[8],m4,cst[13],m13,cst[4],m7,cst[5],m5,cst[7],m15,cst[14],m14,cst[15],m1,cst[9],m9,cst[1])
-  ROUND(m12,cst[5],m5,cst[12],m1,cst[15],m15,cst[1],m14,cst[13],m13,cst[14],m4,cst[10],m10,cst[4],m0,cst[7],m7,cst[0],m6,cst[3],m3,cst[6],m9,cst[2],m2,cst[9],m8,cst[11],m11,cst[8])
-  ROUND(m13,cst[11],m11,cst[13],m7,cst[14],m14,cst[7],m12,cst[1],m1,cst[12],m3,cst[9],m9,cst[3],m5,cst[0],m0,cst[5],m15,cst[4],m4,cst[15],m8,cst[6],m6,cst[8],m2,cst[10],m10,cst[2])
-  ROUND(m6,cst[15],m15,cst[6],m14,cst[9],m9,cst[14],m11,cst[3],m3,cst[11],m0,cst[8],m8,cst[0],m12,cst[2],m2,cst[12],m13,cst[7],m7,cst[13],m1,cst[4],m4,cst[1],m10,cst[5],m5,cst[10])
-  ROUND(m10,cst[2],m2,cst[10],m8,cst[4],m4,cst[8],m7,cst[6],m6,cst[7],m1,cst[5],m5,cst[1],m15,cst[11],m11,cst[15],m9,cst[14],m14,cst[9],m3,cst[12],m12,cst[3],m13,cst[0],m0,cst[13])
-  ROUND(m0,cst[1],m1,cst[0],m2,cst[3],m3,cst[2],m4,cst[5],m5,cst[4],m6,cst[7],m7,cst[6],m8,cst[9],m9,cst[8],m10,cst[11],m11,cst[10],m12,cst[13],m13,cst[12],m14,cst[15],m15,cst[14])
-  ROUND(m14,cst[10],m10,cst[14],m4,cst[8],m8,cst[4],m9,cst[15],m15,cst[9],m13,cst[6],m6,cst[13],m1,cst[12],m12,cst[1],m0,cst[2],m2,cst[0],m11,cst[7],m7,cst[11],m5,cst[3],m3,cst[5])
-  ROUND(m11,cst[8],m8,cst[11],m12,cst[0],m0,cst[12],m5,cst[2],m2,cst[5],m15,cst[13],m13,cst[15],m10,cst[14],m14,cst[10],m3,cst[6],m6,cst[3],m7,cst[1],m1,cst[7],m9,cst[4],m4,cst[9])
-  ROUND(m7,cst[9],m9,cst[7],m3,cst[1],m1,cst[3],m13,cst[12],m12,cst[13],m11,cst[14],m14,cst[11],m2,cst[6],m6,cst[2],m5,cst[10],m10,cst[5],m4,cst[0],m0,cst[4],m15,cst[8],m8,cst[15])
-
-  v0 ^= v8;
-  v1 ^= v9;
-  v2 ^= v10;
-  v3 ^= v11;
-  v4 ^= v12;
-  v5 ^= v13;
-  v6 ^= v14;
-  v7 ^= v15;
-
-  v0 ^= S->s[0];
-  v1 ^= S->s[1];
-  v2 ^= S->s[2];
-  v3 ^= S->s[3];
-  v4 ^= S->s[0];
-  v5 ^= S->s[1];
-  v6 ^= S->s[2];
-  v7 ^= S->s[3];
-
-  S->h[0] ^= v0;
-  S->h[1] ^= v1;
-  S->h[2] ^= v2;
-  S->h[3] ^= v3;
-  S->h[4] ^= v4;
-  S->h[5] ^= v5;
-  S->h[6] ^= v6;
-  S->h[7] ^= v7;
-}
-
-
-void blake256_init( blakestate256 *S ) {
-
-  S->h[0]=0x6A09E667;
-  S->h[1]=0xBB67AE85;
-  S->h[2]=0x3C6EF372;
-  S->h[3]=0xA54FF53A;
-  S->h[4]=0x510E527F;
-  S->h[5]=0x9B05688C;
-  S->h[6]=0x1F83D9AB;
-  S->h[7]=0x5BE0CD19;
-  S->t[0]=S->t[1]=S->buflen=S->nullt=0;
-  S->s[0]=S->s[1]=S->s[2]=S->s[3] =0;
-}
-
-
-void blake256_update( blakestate256 *S, const u8 *data, u64 datalen ) {
-
-  int left=S->buflen >> 3; 
-  int fill=64 - left;
-   
-  if( left && ( ((datalen >> 3) & 0x3F) >= fill ) ) {
-    memcpy( (void*) (S->buf + left), (void*) data, fill );
-    S->t[0] += 512;
-    if (S->t[0] == 0) S->t[1]++;      
-    blake256_compress( S, S->buf );
-    data += fill;
-    datalen  -= (fill << 3);       
-    left = 0;
-  }
-
-  while( datalen >= 512 ) {
-    S->t[0] += 512;
-    if (S->t[0] == 0) S->t[1]++;
-    blake256_compress( S, data );
-    data += 64;
-    datalen -= 512;
-  }
-  
-  if( datalen > 0 ) {
-    memcpy( (void*) (S->buf + left), (void*) data, datalen>>3 );
-    S->buflen = (left<<3) + datalen;
-  }
-  else S->buflen=0;
-}
-
-
-void blake256_final( blakestate256 *S, u8 *digest ) {
-  
-  u8 msglen[8], zo=0x01, oo=0x81;
-  u32 lo=S->t[0] + S->buflen, hi=S->t[1];
-  if ( lo < S->buflen ) hi++;
-  U32TO8(  msglen + 0, hi );
-  U32TO8(  msglen + 4, lo );
-
-  if ( S->buflen == 440 ) { /* one padding byte */
-    S->t[0] -= 8;
-    blake256_update( S, &oo, 8 );
-  }
-  else {
-    if ( S->buflen < 440 ) { /* enough space to fill the block  */
-      if ( !S->buflen ) S->nullt=1;
-      S->t[0] -= 440 - S->buflen;
-      blake256_update( S, padding, 440 - S->buflen );
-    }
-    else { /* need 2 compressions */
-      S->t[0] -= 512 - S->buflen; 
-      blake256_update( S, padding, 512 - S->buflen );
-      S->t[0] -= 440;
-      blake256_update( S, padding+1, 440 );
-      S->nullt = 1;
-    }
-    blake256_update( S, &zo, 8 );
-    S->t[0] -= 8;
-  }
-  S->t[0] -= 64;
-  blake256_update( S, msglen, 64 );    
-  
-  U32TO8( digest + 0, S->h[0]);
-  U32TO8( digest + 4, S->h[1]);
-  U32TO8( digest + 8, S->h[2]);
-  U32TO8( digest +12, S->h[3]);
-  U32TO8( digest +16, S->h[4]);
-  U32TO8( digest +20, S->h[5]);
-  U32TO8( digest +24, S->h[6]);
-  U32TO8( digest +28, S->h[7]);
-}
-
-void blake256_mgf1(unsigned char *out, unsigned long outlen,
-		   const unsigned char *in, unsigned long inlen)
-{
-    SPX_VLA(uint8_t, inbuf, inlen+4);
-    unsigned char outbuf[SPX_BLAKE256_OUTPUT_BYTES];
-    unsigned long i;
-
-    memcpy(inbuf, in, inlen);
-
-    /* While we can fit in at least another full block of BLAKE256 output.. */
-    for (i = 0; (i+1)*SPX_BLAKE256_OUTPUT_BYTES <= outlen; i++) {
-        u32_to_bytes(inbuf + inlen, i);
-        blake256(out, inbuf, inlen + 4);
-        out += SPX_BLAKE256_OUTPUT_BYTES;
-    }
-    /* Until we cannot anymore, and we fill the remainder. */
-    if (outlen > i*SPX_BLAKE256_OUTPUT_BYTES) {
-        u32_to_bytes(inbuf + inlen, i);
-        blake256(outbuf, inbuf, inlen + 4);
-        memcpy(out, outbuf, outlen - i*SPX_BLAKE256_OUTPUT_BYTES);
-    }
-}
-
-int blake256( unsigned char *out, const unsigned char *in, unsigned long long inlen )
-{
-  blakestate256 S;  
-  blake256_init( &S );
-  blake256_update( &S, in, inlen*8 );
-  blake256_final( &S, out );
-  return 0;
-}
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/blake/src/blake512.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/blake/src/blake512.c
deleted file mode 100644
index 2983a72..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/blake/src/blake512.c
+++ /dev/null
@@ -1,409 +0,0 @@
-// supercop-20140525/crypto_hash/blake512/sandy
-
-/*
-   BLAKE reference C implementation
-
-   Copyright (c) 2012 Jean-Philippe Aumasson <jeanphilippe.aumasson@gmail.com>
-
-   To the extent possible under law, the author(s) have dedicated all copyright
-   and related and neighboring rights to this software to the public domain
-   worldwide. This software is distributed without any warranty.
-
-   You should have received a copy of the CC0 Public Domain Dedication along
-   with this software. If not, see
-   <http://creativecommons.org/publicdomain/zero/1.0/>.
- */
-
-#include <string.h>
-#include <stdio.h>
-
-#include "../../../app/include/utils.h"
-
-#include "../include/blake.h"
-
-typedef unsigned long long crypto_uint64;
-typedef unsigned int crypto_uint32;
-typedef unsigned char crypto_uint8;
-
-typedef crypto_uint64 u64;
-typedef crypto_uint32 u32;
-typedef crypto_uint8 u8; 
-
-#define U8TO32(p)					      \
-  (((uint32_t)((p)[0]) << 24) | ((uint32_t)((p)[1]) << 16) |  \
-   ((uint32_t)((p)[2]) <<  8) | ((uint32_t)((p)[3])      ))
-#define U32TO8(p, v)         \
-  (p)[0] = (uint8_t)((v) >> 24); \
-  (p)[1] = (uint8_t)((v) >> 16); \
-  (p)[2] = (uint8_t)((v) >> 8);  \
-  (p)[3] = (uint8_t)((v));
-#define U8TO64(p) (((uint64_t)U8TO32(p) << 32) | ((uint64_t)U8TO32(p + 4)))
-#define U64TO8(p, v)         \
-  U32TO8((p),     (uint32_t)((v) >> 32)); \
-  U32TO8((p) + 4, (uint32_t)((v)      ));
-
-const u64 cst[16] = {
-  0x243F6A8885A308D3ULL,0x13198A2E03707344ULL,0xA4093822299F31D0ULL,0x082EFA98EC4E6C89ULL,
-  0x452821E638D01377ULL,0xBE5466CF34E90C6CULL,0xC0AC29B7C97C50DDULL,0x3F84D5B5B5470917ULL,
-  0x9216D5D98979FB1BULL,0xD1310BA698DFB5ACULL,0x2FFD72DBD01ADFB7ULL,0xB8E1AFED6A267E96ULL,
-  0xBA7C9045F12C7F99ULL,0x24A19947B3916CF7ULL,0x0801F2E2858EFC16ULL,0x636920D871574E69ULL
-};
-
-static const u8 padding[129] =
-{0x80,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-    0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-    0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-    0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
-
-#define BLAKE512_ROT(x,n) (((x)<<(64-n))|( (x)>>(n)))
-
-void blake512_compress( blakestate512 *S, const u8 *block )
-{
-  u64 m0;
-  u64 m1;
-  u64 m2;
-  u64 m3;
-  u64 m4;
-  u64 m5;
-  u64 m6;
-  u64 m7;
-  u64 m8;
-  u64 m9;
-  u64 m10;
-  u64 m11;
-  u64 m12;
-  u64 m13;
-  u64 m14;
-  u64 m15;
-  u64 v0;
-  u64 v1;
-  u64 v2;
-  u64 v3;
-  u64 v4;
-  u64 v5;
-  u64 v6;
-  u64 v7;
-  u64 v8;
-  u64 v9;
-  u64 v10;
-  u64 v11;
-  u64 v12;
-  u64 v13;
-  u64 v14;
-  u64 v15;
-
-  m0 = U8TO64(block + 0);
-  m1 = U8TO64(block + 8);
-  m2 = U8TO64(block + 16);
-  m3 = U8TO64(block + 24);
-  m4 = U8TO64(block + 32);
-  m5 = U8TO64(block + 40);
-  m6 = U8TO64(block + 48);
-  m7 = U8TO64(block + 56);
-  m8 = U8TO64(block + 64);
-  m9 = U8TO64(block + 72);
-  m10 = U8TO64(block + 80);
-  m11 = U8TO64(block + 88);
-  m12 = U8TO64(block + 96);
-  m13 = U8TO64(block + 104);
-  m14 = U8TO64(block + 112);
-  m15 = U8TO64(block + 120);
-  v0 = S->h[0];
-  v1 = S->h[1];
-  v2 = S->h[2];
-  v3 = S->h[3];
-  v4 = S->h[4];
-  v5 = S->h[5];
-  v6 = S->h[6];
-  v7 = S->h[7];
-  v8 = S->s[0] ^ 0x243F6A8885A308D3ULL;
-  v9 = S->s[1] ^ 0x13198A2E03707344ULL;
-  v10 = S->s[2] ^ 0xA4093822299F31D0ULL;
-  v11 = S->s[3] ^ 0x082EFA98EC4E6C89ULL;
-  v12 = 0x452821E638D01377ULL;
-  v13 = 0xBE5466CF34E90C6CULL;
-  v14 = 0xC0AC29B7C97C50DDULL;
-  v15 = 0x3F84D5B5B5470917ULL;
-
-  if (S->nullt == 0) { 
-    v12 ^= S->t[0];
-    v13 ^= S->t[0];
-    v14 ^= S->t[1];
-    v15 ^= S->t[1];
-  }
-
-#define ROUND(m0,c0,m1,c1,m2,c2,m3,c3,m4,c4,m5,c5,m6,c6,m7,c7,m8,c8,m9,c9,m10,c10,m11,c11,m12,c12,m13,c13,m14,c14,m15,c15) \
-    v0 += m0 ^ c0; \
-    v0 += v4; \
-    v12 ^= v0; \
-    v12 = BLAKE512_ROT( v12,32); \
-    v8 += v12; \
-    v4 ^= v8; \
-    v4 = BLAKE512_ROT( v4,25); \
-      v1 += m2 ^ c2; \
-      v1 += v5; \
-      v13 ^= v1; \
-      v13 = BLAKE512_ROT( v13,32); \
-      v9 += v13; \
-      v5 ^= v9; \
-      v5 = BLAKE512_ROT( v5,25); \
-        v2 += m4 ^ c4; \
-        v2 += v6; \
-        v14 ^= v2; \
-        v14 = BLAKE512_ROT( v14,32); \
-        v10 += v14; \
-        v6 ^= v10; \
-        v6 = BLAKE512_ROT( v6,25); \
-          v3 += m6 ^ c6; \
-          v3 += v7; \
-          v15 ^= v3; \
-          v15 = BLAKE512_ROT( v15,32); \
-          v11 += v15; \
-          v7 ^= v11; \
-          v7 = BLAKE512_ROT( v7,25); \
-        v2 += m5 ^ c5; \
-        v2 += v6; \
-        v14 ^= v2; \
-        v14 = BLAKE512_ROT( v14,16); \
-        v10 += v14; \
-        v6 ^= v10; \
-        v6 = BLAKE512_ROT( v6,11); \
-          v3 += m7 ^ c7; \
-          v3 += v7; \
-          v15 ^= v3; \
-          v15 = BLAKE512_ROT( v15,16); \
-          v11 += v15; \
-          v7 ^= v11; \
-          v7 = BLAKE512_ROT( v7,11); \
-      v1 += m3 ^ c3; \
-      v1 += v5; \
-      v13 ^= v1; \
-      v13 = BLAKE512_ROT( v13,16); \
-      v9 += v13; \
-      v5 ^= v9; \
-      v5 = BLAKE512_ROT( v5,11); \
-    v0 += m1 ^ c1; \
-    v0 += v4; \
-    v12 ^= v0; \
-    v12 = BLAKE512_ROT( v12,16); \
-    v8 += v12; \
-    v4 ^= v8; \
-    v4 = BLAKE512_ROT( v4,11); \
-            v0 += m8 ^ c8; \
-            v0 += v5; \
-            v15 ^= v0; \
-            v15 = BLAKE512_ROT( v15,32); \
-            v10 += v15; \
-            v5 ^= v10; \
-            v5 = BLAKE512_ROT( v5,25); \
-              v1 += m10 ^ c10; \
-              v1 += v6; \
-              v12 ^= v1; \
-              v12 = BLAKE512_ROT( v12,32); \
-              v11 += v12; \
-              v6 ^= v11; \
-              v6 = BLAKE512_ROT( v6,25); \
-                v2 += m12 ^ c12; \
-                v2 += v7; \
-                v13 ^= v2; \
-                v13 = BLAKE512_ROT( v13,32); \
-                v8 += v13; \
-                v7 ^= v8; \
-                v7 = BLAKE512_ROT( v7,25); \
-                  v3 += m14 ^ c14; \
-                  v3 += v4; \
-                  v14 ^= v3; \
-                  v14 = BLAKE512_ROT( v14,32); \
-                  v9 += v14; \
-                  v4 ^= v9; \
-                  v4 = BLAKE512_ROT( v4,25); \
-                v2 += m13 ^ c13; \
-                v2 += v7; \
-                v13 ^= v2; \
-                v13 = BLAKE512_ROT( v13,16); \
-                v8 += v13; \
-                v7 ^= v8; \
-                v7 = BLAKE512_ROT( v7,11); \
-                  v3 += m15 ^ c15; \
-                  v3 += v4; \
-                  v14 ^= v3; \
-                  v14 = BLAKE512_ROT( v14,16); \
-                  v9 += v14; \
-                  v4 ^= v9; \
-                  v4 = BLAKE512_ROT( v4,11); \
-              v1 += m11 ^ c11; \
-              v1 += v6; \
-              v12 ^= v1; \
-              v12 = BLAKE512_ROT( v12,16); \
-              v11 += v12; \
-              v6 ^= v11; \
-              v6 = BLAKE512_ROT( v6,11); \
-            v0 += m9 ^ c9; \
-            v0 += v5; \
-            v15 ^= v0; \
-            v15 = BLAKE512_ROT( v15,16); \
-            v10 += v15; \
-            v5 ^= v10; \
-            v5 = BLAKE512_ROT( v5,11); \
-
-  ROUND(m0,cst[1],m1,cst[0],m2,cst[3],m3,cst[2],m4,cst[5],m5,cst[4],m6,cst[7],m7,cst[6],m8,cst[9],m9,cst[8],m10,cst[11],m11,cst[10],m12,cst[13],m13,cst[12],m14,cst[15],m15,cst[14])
-  ROUND(m14,cst[10],m10,cst[14],m4,cst[8],m8,cst[4],m9,cst[15],m15,cst[9],m13,cst[6],m6,cst[13],m1,cst[12],m12,cst[1],m0,cst[2],m2,cst[0],m11,cst[7],m7,cst[11],m5,cst[3],m3,cst[5])
-  ROUND(m11,cst[8],m8,cst[11],m12,cst[0],m0,cst[12],m5,cst[2],m2,cst[5],m15,cst[13],m13,cst[15],m10,cst[14],m14,cst[10],m3,cst[6],m6,cst[3],m7,cst[1],m1,cst[7],m9,cst[4],m4,cst[9])
-  ROUND(m7,cst[9],m9,cst[7],m3,cst[1],m1,cst[3],m13,cst[12],m12,cst[13],m11,cst[14],m14,cst[11],m2,cst[6],m6,cst[2],m5,cst[10],m10,cst[5],m4,cst[0],m0,cst[4],m15,cst[8],m8,cst[15])
-  ROUND(m9,cst[0],m0,cst[9],m5,cst[7],m7,cst[5],m2,cst[4],m4,cst[2],m10,cst[15],m15,cst[10],m14,cst[1],m1,cst[14],m11,cst[12],m12,cst[11],m6,cst[8],m8,cst[6],m3,cst[13],m13,cst[3])
-  ROUND(m2,cst[12],m12,cst[2],m6,cst[10],m10,cst[6],m0,cst[11],m11,cst[0],m8,cst[3],m3,cst[8],m4,cst[13],m13,cst[4],m7,cst[5],m5,cst[7],m15,cst[14],m14,cst[15],m1,cst[9],m9,cst[1])
-  ROUND(m12,cst[5],m5,cst[12],m1,cst[15],m15,cst[1],m14,cst[13],m13,cst[14],m4,cst[10],m10,cst[4],m0,cst[7],m7,cst[0],m6,cst[3],m3,cst[6],m9,cst[2],m2,cst[9],m8,cst[11],m11,cst[8])
-  ROUND(m13,cst[11],m11,cst[13],m7,cst[14],m14,cst[7],m12,cst[1],m1,cst[12],m3,cst[9],m9,cst[3],m5,cst[0],m0,cst[5],m15,cst[4],m4,cst[15],m8,cst[6],m6,cst[8],m2,cst[10],m10,cst[2])
-  ROUND(m6,cst[15],m15,cst[6],m14,cst[9],m9,cst[14],m11,cst[3],m3,cst[11],m0,cst[8],m8,cst[0],m12,cst[2],m2,cst[12],m13,cst[7],m7,cst[13],m1,cst[4],m4,cst[1],m10,cst[5],m5,cst[10])
-  ROUND(m10,cst[2],m2,cst[10],m8,cst[4],m4,cst[8],m7,cst[6],m6,cst[7],m1,cst[5],m5,cst[1],m15,cst[11],m11,cst[15],m9,cst[14],m14,cst[9],m3,cst[12],m12,cst[3],m13,cst[0],m0,cst[13])
-  ROUND(m0,cst[1],m1,cst[0],m2,cst[3],m3,cst[2],m4,cst[5],m5,cst[4],m6,cst[7],m7,cst[6],m8,cst[9],m9,cst[8],m10,cst[11],m11,cst[10],m12,cst[13],m13,cst[12],m14,cst[15],m15,cst[14])
-  ROUND(m14,cst[10],m10,cst[14],m4,cst[8],m8,cst[4],m9,cst[15],m15,cst[9],m13,cst[6],m6,cst[13],m1,cst[12],m12,cst[1],m0,cst[2],m2,cst[0],m11,cst[7],m7,cst[11],m5,cst[3],m3,cst[5])
-  ROUND(m11,cst[8],m8,cst[11],m12,cst[0],m0,cst[12],m5,cst[2],m2,cst[5],m15,cst[13],m13,cst[15],m10,cst[14],m14,cst[10],m3,cst[6],m6,cst[3],m7,cst[1],m1,cst[7],m9,cst[4],m4,cst[9])
-  ROUND(m7,cst[9],m9,cst[7],m3,cst[1],m1,cst[3],m13,cst[12],m12,cst[13],m11,cst[14],m14,cst[11],m2,cst[6],m6,cst[2],m5,cst[10],m10,cst[5],m4,cst[0],m0,cst[4],m15,cst[8],m8,cst[15])
-  ROUND(m9,cst[0],m0,cst[9],m5,cst[7],m7,cst[5],m2,cst[4],m4,cst[2],m10,cst[15],m15,cst[10],m14,cst[1],m1,cst[14],m11,cst[12],m12,cst[11],m6,cst[8],m8,cst[6],m3,cst[13],m13,cst[3])
-  ROUND(m2,cst[12],m12,cst[2],m6,cst[10],m10,cst[6],m0,cst[11],m11,cst[0],m8,cst[3],m3,cst[8],m4,cst[13],m13,cst[4],m7,cst[5],m5,cst[7],m15,cst[14],m14,cst[15],m1,cst[9],m9,cst[1])
-
-  v0 ^= v8;
-  v1 ^= v9;
-  v2 ^= v10;
-  v3 ^= v11;
-  v4 ^= v12;
-  v5 ^= v13;
-  v6 ^= v14;
-  v7 ^= v15;
-
-  v0 ^= S->s[0];
-  v1 ^= S->s[1];
-  v2 ^= S->s[2];
-  v3 ^= S->s[3];
-  v4 ^= S->s[0];
-  v5 ^= S->s[1];
-  v6 ^= S->s[2];
-  v7 ^= S->s[3];
-
-  S->h[0] ^= v0;
-  S->h[1] ^= v1;
-  S->h[2] ^= v2;
-  S->h[3] ^= v3;
-  S->h[4] ^= v4;
-  S->h[5] ^= v5;
-  S->h[6] ^= v6;
-  S->h[7] ^= v7;
-}
-
-
-void blake512_init( blakestate512 *S ) {
-  S->h[0]=0x6A09E667F3BCC908ULL;
-  S->h[1]=0xBB67AE8584CAA73BULL;
-  S->h[2]=0x3C6EF372FE94F82BULL;
-  S->h[3]=0xA54FF53A5F1D36F1ULL;
-  S->h[4]=0x510E527FADE682D1ULL;
-  S->h[5]=0x9B05688C2B3E6C1FULL;
-  S->h[6]=0x1F83D9ABFB41BD6BULL;
-  S->h[7]=0x5BE0CD19137E2179ULL;
-  S->t[0]=S->t[1]=S->buflen=S->nullt=0;
-  S->s[0]=S->s[1]=S->s[2]=S->s[3] =0;
-}
-
-
-void blake512_update( blakestate512 * S, const u8 * data, u64 datalen ) {
-
-  int left = (S->buflen >> 3); 
-  int fill = 128 - left;
-
-  if( left && ( ((datalen >> 3) & 0x7F) >= fill ) ) {
-    memcpy( (void *) (S->buf + left), (void *) data, fill );
-    S->t[0] += 1024;
-    blake512_compress( S, S->buf );
-    data += fill;
-    datalen  -= (fill << 3);       
-    left = 0;
-  }
-
-  while( datalen >= 1024 ) {  
-    S->t[0] += 1024;
-    blake512_compress( S, data );
-    data += 128;
-    datalen  -= 1024;
-  }
-
-  if( datalen > 0 ) {
-    memcpy( (void *) (S->buf + left), (void *) data, ( datalen>>3 ) & 0x7F );
-    S->buflen = (left<<3) + datalen;
-  }
-  else S->buflen=0;
-}
-
-
-void blake512_final( blakestate512 * S, u8 * digest ) {
-
-  u8 msglen[16], zo=0x01,oo=0x81;
-  u64 lo=S->t[0] + S->buflen, hi = S->t[1];
-  if ( lo < S->buflen ) hi++;
-  U64TO8(  msglen + 0, hi );
-  U64TO8(  msglen + 8, lo );
-
-  if ( S->buflen == 888 ) { /* one padding byte */
-    S->t[0] -= 8; 
-    blake512_update( S, &oo, 8 );
-  }
-  else {
-    if ( S->buflen < 888 ) { /* enough space to fill the block */
-      if ( S->buflen == 0 ) S->nullt=1;
-      S->t[0] -= 888 - S->buflen;
-      blake512_update( S, padding, 888 - S->buflen );
-    }
-    else { /* NOT enough space, need 2 compressions */ 
-      S->t[0] -= 1024 - S->buflen; 
-      blake512_update( S, padding, 1024 - S->buflen );
-      S->t[0] -= 888;
-      blake512_update( S, padding+1, 888 );
-      S->nullt = 1;
-    }
-    blake512_update( S, &zo, 8 );
-    S->t[0] -= 8;
-  }
-  S->t[0] -= 128;
-  blake512_update( S, msglen, 128 );    
-
-  U64TO8( digest + 0, S->h[0]);
-  U64TO8( digest + 8, S->h[1]);
-  U64TO8( digest +16, S->h[2]);
-  U64TO8( digest +24, S->h[3]);
-  U64TO8( digest +32, S->h[4]);
-  U64TO8( digest +40, S->h[5]);
-  U64TO8( digest +48, S->h[6]);
-  U64TO8( digest +56, S->h[7]);
-}
-
-void blake512_mgf1(unsigned char *out, unsigned long outlen,
-		   const unsigned char *in, unsigned long inlen)
-{
-    SPX_VLA(uint8_t, inbuf, inlen+4);
-    unsigned char outbuf[SPX_BLAKE512_OUTPUT_BYTES];
-    unsigned long i;
-
-    memcpy(inbuf, in, inlen);
-
-    /* While we can fit in at least another full block of BLAKE512 output.. */
-    for (i = 0; (i+1)*SPX_BLAKE512_OUTPUT_BYTES <= outlen; i++) {
-        u32_to_bytes(inbuf + inlen, i);
-        blake512(out, inbuf, inlen + 4);
-        out += SPX_BLAKE512_OUTPUT_BYTES;
-    }
-    /* Until we cannot anymore, and we fill the remainder. */
-    if (outlen > i*SPX_BLAKE512_OUTPUT_BYTES) {
-        u32_to_bytes(inbuf + inlen, i);
-        blake512(outbuf, inbuf, inlen + 4);
-        memcpy(out, outbuf, outlen - i*SPX_BLAKE512_OUTPUT_BYTES);
-    }
-}
-
-int blake512( unsigned char *out, const unsigned char *in, unsigned long long inlen ) {
-
-  blakestate512 S;
-  blake512_init( &S );
-  blake512_update( &S, in, inlen*8 );
-  blake512_final( &S, out );
-  return 0;
-}
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/blake/src/hash_blake.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/blake/src/hash_blake.c
deleted file mode 100644
index 5df5960..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/blake/src/hash_blake.c
+++ /dev/null
@@ -1,123 +0,0 @@
-#include <stdint.h>
-#include <string.h>
-
-#include "../../../app/include/address.h"
-#include "../../../app/include/hash.h"
-#include "../../../app/include/params.h"
-#include "../../../app/include/utils.h"
-
-#include "../include/blake.h"
-
-#if SPX_N >= 24
-#define SPX_BLAKEX_OUTPUT_BYTES SPX_BLAKE512_OUTPUT_BYTES
-#define blakeX blake512
-#define blakestateX blakestate512
-#define blakeX_init blake512_init
-#define blakeX_update blake512_update
-#define blakeX_final blake512_final
-#define blakeX_mgf1 blake512_mgf1
-#else
-#define SPX_BLAKEX_OUTPUT_BYTES SPX_BLAKE256_OUTPUT_BYTES
-#define blakeX blake256
-#define blakestateX blakestate256
-#define blakeX_init blake256_init
-#define blakeX_update blake256_update
-#define blakeX_final blake256_final
-#define blakeX_mgf1 blake256_mgf1
-#endif
-
-void initialize_hash_function(spx_ctx *ctx)
-{
-  (void)ctx;
-}
-
-/**
- * Computes PRF(key, addr), given a secret key of SPX_N bytes and an address
- */
-void prf_addr(unsigned char *out, const spx_ctx *ctx,
-	      const uint32_t addr[8])
-{
-  unsigned char buf[2*SPX_N + SPX_ADDR_BYTES] = {0};
-  unsigned char outbuf[SPX_BLAKE256_OUTPUT_BYTES] = {0};
-
-  memcpy(buf, ctx->pub_seed, SPX_N);
-  memcpy(buf + SPX_N, addr, SPX_ADDR_BYTES);
-  memcpy(buf + SPX_N + SPX_ADDR_BYTES, ctx->sk_seed, SPX_N);
-
-  blake256(outbuf, buf, SPX_N + SPX_ADDR_BYTES);
-
-  memcpy(out, outbuf, SPX_N);
-}
-
-/**
- * Computes the message-dependent randomness R, using a secret seed and an
- * optional randomization value as well as the message.
- */
-void gen_message_random(unsigned char *R, const unsigned char *sk_prf,
-			const unsigned char *optrand,
-			const unsigned char *m, unsigned long long mlen,
-			const spx_ctx *ctx)
-{
-  (void)ctx;
-  blakestateX S;
-
-  blakeX_init(&S);
-  blakeX_update(&S, sk_prf, SPX_N);
-  blakeX_update(&S, optrand, SPX_N);
-  blakeX_update(&S, m, mlen);
-  blakeX_final(&S, R);
-}
-
-/**
- * Computes the message hash using R, the public key, and the message.
- * Outputs the message digest and the index of the leaf. The index is split in
- * the tree index and the leaf index, for convenient copying to an address.
- */
-void hash_message(unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx,
-		  const unsigned char *R, const unsigned char *pk,
-		  const unsigned char *m, unsigned long long mlen,
-		  const spx_ctx *ctx)
-{
-  (void)ctx;
-#define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1))
-#define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8)
-#define SPX_LEAF_BITS SPX_TREE_HEIGHT
-#define SPX_LEAF_BYTES ((SPX_LEAF_BITS + 7) / 8)
-#define SPX_DGST_BYTES (SPX_FORS_MSG_BYTES + SPX_TREE_BYTES + SPX_LEAF_BYTES)
-
-  unsigned char buf[SPX_DGST_BYTES];
-  unsigned char *bufp = buf;
-  unsigned char seed[2*SPX_N + SPX_BLAKEX_OUTPUT_BYTES];
-  
-  blakestateX S;
-  blakeX_init(&S);
-  
-  blakeX_update(&S, R, SPX_N);
-  blakeX_update(&S, pk, SPX_PK_BYTES);
-  blakeX_update(&S, m, mlen);
-
-  blakeX_final(&S, seed+ 2 * SPX_N);
-
-  memcpy(seed, R, SPX_N);
-  memcpy(seed + SPX_N, pk, SPX_N);
-  
-  blakeX_mgf1(bufp, SPX_DGST_BYTES, seed, 2*SPX_N + SPX_BLAKEX_OUTPUT_BYTES);
-
-  memcpy(digest, bufp, SPX_FORS_MSG_BYTES);
-  bufp += SPX_FORS_MSG_BYTES;
-
-#if SPX_TREE_BITS > 64
-#error For given height and depth, 64 bits cannot represent all subtrees
-#endif
-
-  if (SPX_D == 1) {
-    *tree = 0;
-  } else {
-    *tree = bytes_to_ull(bufp, SPX_TREE_BYTES);
-    *tree &= (~(uint64_t)0) >> (64 - SPX_TREE_BITS);
-  }
-  bufp += SPX_TREE_BYTES;
-
-  *leaf_idx = (uint32_t)bytes_to_ull(bufp, SPX_LEAF_BYTES);
-  *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS);
-}
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/blake/src/thash_blake_robust.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/blake/src/thash_blake_robust.c
deleted file mode 100644
index 477d206..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/blake/src/thash_blake_robust.c
+++ /dev/null
@@ -1,67 +0,0 @@
-#include <stdint.h>
-#include <string.h>
-
-#include "../../../app/include/address.h"
-#include "../../../app/include/params.h"
-#include "../../../app/include/thash.h"
-#include "../../../app/include/utils.h"
-
-#include "../include/blake.h"
-
-#if SPX_BLAKE512
-static void thash_512(unsigned char *out, const unsigned char *in, unsigned int inblocks,
-		      const spx_ctx *ctx, uint32_t addr[8]);
-#endif
-
-/**
- * Takes an array of inblocks concatenated arrays of SPX_N bytes.
- */
-void thash(unsigned char *out, const unsigned char *in, unsigned int inblocks,
-           const spx_ctx *ctx, uint32_t addr[8])
-{
-#if SPX_BLAKE512
-    if (inblocks > 1) {
-	thash_512(out, in, inblocks, ctx, addr);
-        return;
-    }
-#endif
-    unsigned char outbuf[SPX_BLAKE256_OUTPUT_BYTES];
-    SPX_VLA(uint8_t, bitmask, inblocks * SPX_N);
-    SPX_VLA(uint8_t, buf, SPX_N + SPX_ADDR_BYTES + inblocks*SPX_N);
-    unsigned int i;
-
-    memcpy(buf, ctx->pub_seed, SPX_N);
-    memcpy(buf + SPX_N, addr, SPX_ADDR_BYTES);
-    
-    blake256_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_ADDR_BYTES);
-
-    for (i = 0; i < inblocks * SPX_N; i++) {
-        buf[SPX_N + SPX_ADDR_BYTES + i] = in[i] ^ bitmask[i];
-    }
-
-    blake256(outbuf, buf + SPX_N, SPX_ADDR_BYTES + inblocks*SPX_N);
-    memcpy(out, outbuf, SPX_N);
-}
-
-#if SPX_BLAKE512
-static void thash_512(unsigned char *out, const unsigned char *in, unsigned int inblocks,
-		      const spx_ctx *ctx, uint32_t addr[8])
-{
-    unsigned char outbuf[SPX_BLAKE512_OUTPUT_BYTES];
-    SPX_VLA(uint8_t, bitmask, inblocks * SPX_N);
-    SPX_VLA(uint8_t, buf, SPX_N + SPX_ADDR_BYTES + inblocks*SPX_N);
-    unsigned int i;
-
-    memcpy(buf, ctx->pub_seed, SPX_N);
-    memcpy(buf + SPX_N, addr, SPX_ADDR_BYTES);
-    
-    blake512_mgf1(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_ADDR_BYTES);
-
-    for (i = 0; i < inblocks * SPX_N; i++) {
-        buf[SPX_N + SPX_ADDR_BYTES + i] = in[i] ^ bitmask[i];
-    }
-
-    blake512(outbuf, buf + SPX_N, SPX_ADDR_BYTES + inblocks*SPX_N);
-    memcpy(out, outbuf, SPX_N);
-}
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/blake/src/thash_blake_simple.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/blake/src/thash_blake_simple.c
deleted file mode 100644
index 18636bc..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/blake/src/thash_blake_simple.c
+++ /dev/null
@@ -1,53 +0,0 @@
-#include <stdint.h>
-#include <string.h>
-
-#include "../../../app/include/address.h"
-#include "../../../app/include/params.h"
-#include "../../../app/include/thash.h"
-#include "../../../app/include/utils.h"
-
-#include "../include/blake.h"
-
-#if SPX_BLAKE512
-static void thash_512(unsigned char *out, const unsigned char *in, unsigned int inblocks,
-		      const spx_ctx *ctx, uint32_t addr[8]);
-#endif
-
-/**
- * Takes an array of inblocks concatenated arrays of SPX_N bytes.
- */
-void thash(unsigned char *out, const unsigned char *in, unsigned int inblocks,
-           const spx_ctx *ctx, uint32_t addr[8])
-{
-#if SPX_BLAKE512
-    if (inblocks > 1) {
-	thash_512(out, in, inblocks, ctx, addr);
-        return;
-    }
-#endif
-    unsigned char outbuf[SPX_BLAKE256_OUTPUT_BYTES];
-    SPX_VLA(uint8_t, buf, SPX_N + SPX_ADDR_BYTES + inblocks*SPX_N);
-
-    memcpy(buf, ctx->pub_seed, SPX_N);
-    memcpy(buf + SPX_N, addr, SPX_ADDR_BYTES);
-    memcpy(buf + SPX_N + SPX_ADDR_BYTES, in, inblocks * SPX_N);
-
-    blake256(outbuf, buf, SPX_N + SPX_ADDR_BYTES + inblocks*SPX_N);
-    memcpy(out, outbuf, SPX_N);
-}
-
-#if SPX_BLAKE512
-static void thash_512(unsigned char *out, const unsigned char *in, unsigned int inblocks,
-		      const spx_ctx *ctx, uint32_t addr[8])
-{
-    unsigned char outbuf[SPX_BLAKE512_OUTPUT_BYTES];
-    SPX_VLA(uint8_t, buf, SPX_N + SPX_ADDR_BYTES + inblocks*SPX_N);
-
-    memcpy(buf, ctx->pub_seed, SPX_N);
-    memcpy(buf + SPX_N, addr, SPX_ADDR_BYTES);
-    memcpy(buf + SPX_N + SPX_ADDR_BYTES, in, inblocks * SPX_N);
-
-    blake512(outbuf, buf, SPX_N + SPX_ADDR_BYTES + inblocks*SPX_N);
-    memcpy(out, outbuf, SPX_N);
-}
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/haraka/CMakeLists.txt b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/haraka/CMakeLists.txt
deleted file mode 100644
index f569a03..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/haraka/CMakeLists.txt
+++ /dev/null
@@ -1,11 +0,0 @@
-set(HARAKA_SOURCES
-    src/haraka.c
-    src/hash_haraka.c
-    src/thash_haraka_${THASH}.c
-)
-
-set(PARAMS "sphincs-haraka-${SECPAR}")
-set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DPARAMS=${PARAMS}")
-
-add_library(haraka SHARED ${HARAKA_SOURCES})
-target_include_directories(haraka PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/include)
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/haraka/include/haraka.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/haraka/include/haraka.h
deleted file mode 100644
index 7478222..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/haraka/include/haraka.h
+++ /dev/null
@@ -1,41 +0,0 @@
-#ifndef SPX_HARAKA_H
-#define SPX_HARAKA_H
-
-#include "../../../app/include/context.h"
-
-/* Tweak constants with seed */
-#define tweak_constants SPX_NAMESPACE(tweak_constants)
-void tweak_constants(spx_ctx *ctx);
-
-/* Haraka Sponge */
-#define haraka_S_inc_init SPX_NAMESPACE(haraka_S_inc_init)
-void haraka_S_inc_init(uint8_t *s_inc);
-#define haraka_S_inc_absorb SPX_NAMESPACE(haraka_S_inc_absorb)
-void haraka_S_inc_absorb(uint8_t *s_inc, const uint8_t *m, size_t mlen,
-        const spx_ctx *ctx);
-#define haraka_S_inc_finalize SPX_NAMESPACE(haraka_S_inc_finalize)
-void haraka_S_inc_finalize(uint8_t *s_inc);
-#define haraka_S_inc_squeeze SPX_NAMESPACE(haraka_S_inc_squeeze)
-void haraka_S_inc_squeeze(uint8_t *out, size_t outlen, uint8_t *s_inc,
-        const spx_ctx *ctx);
-#define haraka_S SPX_NAMESPACE(haraka_S)
-void haraka_S(unsigned char *out, unsigned long long outlen,
-              const unsigned char *in, unsigned long long inlen,
-              const spx_ctx *ctx);
-
-/* Applies the 512-bit Haraka permutation to in. */
-#define haraka512_perm SPX_NAMESPACE(haraka512_perm)
-void haraka512_perm(unsigned char *out, const unsigned char *in,
-        const spx_ctx *ctx);
-
-/* Implementation of Haraka-512 */
-#define haraka512 SPX_NAMESPACE(haraka512)
-void haraka512(unsigned char *out, const unsigned char *in,
-        const spx_ctx *ctx);
-
-/* Implementation of Haraka-256 */
-#define haraka256 SPX_NAMESPACE(haraka256)
-void haraka256(unsigned char *out, const unsigned char *in,
-        const spx_ctx *ctx);
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/haraka/include/haraka_offsets.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/haraka/include/haraka_offsets.h
deleted file mode 100644
index 6afa5f8..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/haraka/include/haraka_offsets.h
+++ /dev/null
@@ -1,20 +0,0 @@
-#if !defined( HARAKA_OFFSETS_H_ )
-#define HARAKA_OFFSETS_H_
-
-/*
- * Offsets of various fields in the address structure when we use Haraka as
- * the Sphincs+ hash function
- */
-
-#define SPX_OFFSET_LAYER     3   /* The byte used to specify the Merkle tree layer */
-#define SPX_OFFSET_TREE      8   /* The start of the 8 byte field used to specify the tree */
-#define SPX_OFFSET_TYPE      19  /* The byte used to specify the hash type (reason) */
-#define SPX_OFFSET_KP_ADDR   20  /* The start of the 4 byte field used to specify the key pair address */
-#define SPX_OFFSET_CHAIN_ADDR 27  /* The byte used to specify the chain address (which Winternitz chain) */
-#define SPX_OFFSET_HASH_ADDR 31  /* The byte used to specify the hash address (where in the Winternitz chain) */
-#define SPX_OFFSET_TREE_HGT  27  /* The byte used to specify the height of this node in the FORS or Merkle tree */
-#define SPX_OFFSET_TREE_INDEX 28 /* The start of the 4 byte field used to specify the node in the FORS or Merkle tree */
-
-#define SPX_HARAKA 1
-
-#endif /* HARAKA_OFFSETS_H_ */
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/haraka/src/haraka.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/haraka/src/haraka.c
deleted file mode 100644
index 718908b..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/haraka/src/haraka.c
+++ /dev/null
@@ -1,965 +0,0 @@
-/*
- * Constant time implementation of the Haraka hash function.
- *
- * The bit-sliced implementation of the AES round functions are
- * based on the AES implementation in BearSSL written 
- * by Thomas Pornin <pornin@bolet.org>, licensed as follows:
- *
- * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
- *
- * Permission is hereby granted, free of charge, to any person obtaining 
- * a copy of this software and associated documentation files (the
- * "Software"), to deal in the Software without restriction, including
- * without limitation the rights to use, copy, modify, merge, publish,
- * distribute, sublicense, and/or sell copies of the Software, and to
- * permit persons to whom the Software is furnished to do so, subject to
- * the following conditions:
- *
- * The above copyright notice and this permission notice shall be 
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
- * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
- * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
- * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
- * SOFTWARE.
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdint.h>
-#include <stdlib.h>
-
-#include "../include/haraka.h"
-#include "../../../app/include/utils.h"
-
-#define HARAKAS_RATE 32
-
-static const uint64_t haraka512_rc64[10][8] = {
-    {0x24cf0ab9086f628b, 0xbdd6eeecc83b8382, 0xd96fb0306cdad0a7, 0xaace082ac8f95f89, 0x449d8e8870d7041f, 0x49bb2f80b2b3e2f8, 0x0569ae98d93bb258, 0x23dc9691e7d6a4b1},
-    {0xd8ba10ede0fe5b6e, 0x7ecf7dbe424c7b8e, 0x6ea9949c6df62a31, 0xbf3f3c97ec9c313e, 0x241d03a196a1861e, 0xead3a51116e5a2ea, 0x77d479fcad9574e3, 0x18657a1af894b7a0},
-    {0x10671e1a7f595522, 0xd9a00ff675d28c7b, 0x2f1edf0d2b9ba661, 0xb8ff58b8e3de45f9, 0xee29261da9865c02, 0xd1532aa4b50bdf43, 0x8bf858159b231bb1, 0xdf17439d22d4f599},
-    {0xdd4b2f0870b918c0, 0x757a81f3b39b1bb6, 0x7a5c556898952e3f, 0x7dd70a16d915d87a, 0x3ae61971982b8301, 0xc3ab319e030412be, 0x17c0033ac094a8cb, 0x5a0630fc1a8dc4ef},
-    {0x17708988c1632f73, 0xf92ddae090b44f4f, 0x11ac0285c43aa314, 0x509059941936b8ba, 0xd03e152fa2ce9b69, 0x3fbcbcb63a32998b, 0x6204696d692254f7, 0x915542ed93ec59b4},
-    {0xf4ed94aa8879236e, 0xff6cb41cd38e03c0, 0x069b38602368aeab, 0x669495b820f0ddba, 0xf42013b1b8bf9e3d, 0xcf935efe6439734d, 0xbc1dcf42ca29e3f8, 0x7e6d3ed29f78ad67},
-    {0xf3b0f6837ffcddaa, 0x3a76faef934ddf41, 0xcec7ae583a9c8e35, 0xe4dd18c68f0260af, 0x2c0e5df1ad398eaa, 0x478df5236ae22e8c, 0xfb944c46fe865f39, 0xaa48f82f028132ba},
-    {0x231b9ae2b76aca77, 0x292a76a712db0b40, 0x5850625dc8134491, 0x73137dd469810fb5, 0x8a12a6a202a474fd, 0xd36fd9daa78bdb80, 0xb34c5e733505706f, 0xbaf1cdca818d9d96},
-    {0x2e99781335e8c641, 0xbddfe5cce47d560e, 0xf74e9bf32e5e040c, 0x1d7a709d65996be9, 0x670df36a9cf66cdd, 0xd05ef84a176a2875, 0x0f888e828cb1c44e, 0x1a79e9c9727b052c},
-    {0x83497348628d84de, 0x2e9387d51f22a754, 0xb000068da2f852d6, 0x378c9e1190fd6fe5, 0x870027c316de7293, 0xe51a9d4462e047bb, 0x90ecf7f8c6251195, 0x655953bfbed90a9c},
-};
-
-static inline uint32_t br_dec32le(const unsigned char *src)
-{
-    return (uint32_t)src[0]
-           | ((uint32_t)src[1] << 8)
-           | ((uint32_t)src[2] << 16)
-           | ((uint32_t)src[3] << 24);
-}
-
-static void br_range_dec32le(uint32_t *v, size_t num, const unsigned char *src)
-{
-    while (num-- > 0) {
-        *v ++ = br_dec32le(src);
-        src += 4;
-    }
-}
-
-static inline void br_enc32le(unsigned char *dst, uint32_t x)
-{
-    dst[0] = (unsigned char)x;
-    dst[1] = (unsigned char)(x >> 8);
-    dst[2] = (unsigned char)(x >> 16);
-    dst[3] = (unsigned char)(x >> 24);
-}
-
-
-static void br_range_enc32le(unsigned char *dst, const uint32_t *v, size_t num)
-{
-    while (num-- > 0) {
-        br_enc32le(dst, *v ++);
-        dst += 4;
-    }
-}
-
-static void br_aes_ct64_bitslice_Sbox(uint64_t *q) {
-    /*
-     * This S-box implementation is a straightforward translation of
-     * the circuit described by Boyar and Peralta in "A new
-     * combinational logic minimization technique with applications
-     * to cryptology" (https://eprint.iacr.org/2009/191.pdf).
-     *
-     * Note that variables x* (input) and s* (output) are numbered
-     * in "reverse" order (x0 is the high bit, x7 is the low bit).
-     */
-
-    uint64_t x0, x1, x2, x3, x4, x5, x6, x7;
-    uint64_t y1, y2, y3, y4, y5, y6, y7, y8, y9;
-    uint64_t y10, y11, y12, y13, y14, y15, y16, y17, y18, y19;
-    uint64_t y20, y21;
-    uint64_t z0, z1, z2, z3, z4, z5, z6, z7, z8, z9;
-    uint64_t z10, z11, z12, z13, z14, z15, z16, z17;
-    uint64_t t0, t1, t2, t3, t4, t5, t6, t7, t8, t9;
-    uint64_t t10, t11, t12, t13, t14, t15, t16, t17, t18, t19;
-    uint64_t t20, t21, t22, t23, t24, t25, t26, t27, t28, t29;
-    uint64_t t30, t31, t32, t33, t34, t35, t36, t37, t38, t39;
-    uint64_t t40, t41, t42, t43, t44, t45, t46, t47, t48, t49;
-    uint64_t t50, t51, t52, t53, t54, t55, t56, t57, t58, t59;
-    uint64_t t60, t61, t62, t63, t64, t65, t66, t67;
-    uint64_t s0, s1, s2, s3, s4, s5, s6, s7;
-
-    x0 = q[7];
-    x1 = q[6];
-    x2 = q[5];
-    x3 = q[4];
-    x4 = q[3];
-    x5 = q[2];
-    x6 = q[1];
-    x7 = q[0];
-
-    /*
-     * Top linear transformation.
-     */
-    y14 = x3 ^ x5;
-    y13 = x0 ^ x6;
-    y9 = x0 ^ x3;
-    y8 = x0 ^ x5;
-    t0 = x1 ^ x2;
-    y1 = t0 ^ x7;
-    y4 = y1 ^ x3;
-    y12 = y13 ^ y14;
-    y2 = y1 ^ x0;
-    y5 = y1 ^ x6;
-    y3 = y5 ^ y8;
-    t1 = x4 ^ y12;
-    y15 = t1 ^ x5;
-    y20 = t1 ^ x1;
-    y6 = y15 ^ x7;
-    y10 = y15 ^ t0;
-    y11 = y20 ^ y9;
-    y7 = x7 ^ y11;
-    y17 = y10 ^ y11;
-    y19 = y10 ^ y8;
-    y16 = t0 ^ y11;
-    y21 = y13 ^ y16;
-    y18 = x0 ^ y16;
-
-    /*
-     * Non-linear section.
-     */
-    t2 = y12 & y15;
-    t3 = y3 & y6;
-    t4 = t3 ^ t2;
-    t5 = y4 & x7;
-    t6 = t5 ^ t2;
-    t7 = y13 & y16;
-    t8 = y5 & y1;
-    t9 = t8 ^ t7;
-    t10 = y2 & y7;
-    t11 = t10 ^ t7;
-    t12 = y9 & y11;
-    t13 = y14 & y17;
-    t14 = t13 ^ t12;
-    t15 = y8 & y10;
-    t16 = t15 ^ t12;
-    t17 = t4 ^ t14;
-    t18 = t6 ^ t16;
-    t19 = t9 ^ t14;
-    t20 = t11 ^ t16;
-    t21 = t17 ^ y20;
-    t22 = t18 ^ y19;
-    t23 = t19 ^ y21;
-    t24 = t20 ^ y18;
-
-    t25 = t21 ^ t22;
-    t26 = t21 & t23;
-    t27 = t24 ^ t26;
-    t28 = t25 & t27;
-    t29 = t28 ^ t22;
-    t30 = t23 ^ t24;
-    t31 = t22 ^ t26;
-    t32 = t31 & t30;
-    t33 = t32 ^ t24;
-    t34 = t23 ^ t33;
-    t35 = t27 ^ t33;
-    t36 = t24 & t35;
-    t37 = t36 ^ t34;
-    t38 = t27 ^ t36;
-    t39 = t29 & t38;
-    t40 = t25 ^ t39;
-
-    t41 = t40 ^ t37;
-    t42 = t29 ^ t33;
-    t43 = t29 ^ t40;
-    t44 = t33 ^ t37;
-    t45 = t42 ^ t41;
-    z0 = t44 & y15;
-    z1 = t37 & y6;
-    z2 = t33 & x7;
-    z3 = t43 & y16;
-    z4 = t40 & y1;
-    z5 = t29 & y7;
-    z6 = t42 & y11;
-    z7 = t45 & y17;
-    z8 = t41 & y10;
-    z9 = t44 & y12;
-    z10 = t37 & y3;
-    z11 = t33 & y4;
-    z12 = t43 & y13;
-    z13 = t40 & y5;
-    z14 = t29 & y2;
-    z15 = t42 & y9;
-    z16 = t45 & y14;
-    z17 = t41 & y8;
-
-    /*
-     * Bottom linear transformation.
-     */
-    t46 = z15 ^ z16;
-    t47 = z10 ^ z11;
-    t48 = z5 ^ z13;
-    t49 = z9 ^ z10;
-    t50 = z2 ^ z12;
-    t51 = z2 ^ z5;
-    t52 = z7 ^ z8;
-    t53 = z0 ^ z3;
-    t54 = z6 ^ z7;
-    t55 = z16 ^ z17;
-    t56 = z12 ^ t48;
-    t57 = t50 ^ t53;
-    t58 = z4 ^ t46;
-    t59 = z3 ^ t54;
-    t60 = t46 ^ t57;
-    t61 = z14 ^ t57;
-    t62 = t52 ^ t58;
-    t63 = t49 ^ t58;
-    t64 = z4 ^ t59;
-    t65 = t61 ^ t62;
-    t66 = z1 ^ t63;
-    s0 = t59 ^ t63;
-    s6 = t56 ^ ~t62;
-    s7 = t48 ^ ~t60;
-    t67 = t64 ^ t65;
-    s3 = t53 ^ t66;
-    s4 = t51 ^ t66;
-    s5 = t47 ^ t65;
-    s1 = t64 ^ ~s3;
-    s2 = t55 ^ ~t67;
-
-    q[7] = s0;
-    q[6] = s1;
-    q[5] = s2;
-    q[4] = s3;
-    q[3] = s4;
-    q[2] = s5;
-    q[1] = s6;
-    q[0] = s7;
-}
-
-static void br_aes_ct_bitslice_Sbox(uint32_t *q)
-{
-    /*
-     * This S-box implementation is a straightforward translation of
-     * the circuit described by Boyar and Peralta in "A new
-     * combinational logic minimization technique with applications
-     * to cryptology" (https://eprint.iacr.org/2009/191.pdf).
-     *
-     * Note that variables x* (input) and s* (output) are numbered
-     * in "reverse" order (x0 is the high bit, x7 is the low bit).
-     */
-
-    uint32_t x0, x1, x2, x3, x4, x5, x6, x7;
-    uint32_t y1, y2, y3, y4, y5, y6, y7, y8, y9;
-    uint32_t y10, y11, y12, y13, y14, y15, y16, y17, y18, y19;
-    uint32_t y20, y21;
-    uint32_t z0, z1, z2, z3, z4, z5, z6, z7, z8, z9;
-    uint32_t z10, z11, z12, z13, z14, z15, z16, z17;
-    uint32_t t0, t1, t2, t3, t4, t5, t6, t7, t8, t9;
-    uint32_t t10, t11, t12, t13, t14, t15, t16, t17, t18, t19;
-    uint32_t t20, t21, t22, t23, t24, t25, t26, t27, t28, t29;
-    uint32_t t30, t31, t32, t33, t34, t35, t36, t37, t38, t39;
-    uint32_t t40, t41, t42, t43, t44, t45, t46, t47, t48, t49;
-    uint32_t t50, t51, t52, t53, t54, t55, t56, t57, t58, t59;
-    uint32_t t60, t61, t62, t63, t64, t65, t66, t67;
-    uint32_t s0, s1, s2, s3, s4, s5, s6, s7;
-
-    x0 = q[7];
-    x1 = q[6];
-    x2 = q[5];
-    x3 = q[4];
-    x4 = q[3];
-    x5 = q[2];
-    x6 = q[1];
-    x7 = q[0];
-
-    /*
-     * Top linear transformation.
-     */
-    y14 = x3 ^ x5;
-    y13 = x0 ^ x6;
-    y9 = x0 ^ x3;
-    y8 = x0 ^ x5;
-    t0 = x1 ^ x2;
-    y1 = t0 ^ x7;
-    y4 = y1 ^ x3;
-    y12 = y13 ^ y14;
-    y2 = y1 ^ x0;
-    y5 = y1 ^ x6;
-    y3 = y5 ^ y8;
-    t1 = x4 ^ y12;
-    y15 = t1 ^ x5;
-    y20 = t1 ^ x1;
-    y6 = y15 ^ x7;
-    y10 = y15 ^ t0;
-    y11 = y20 ^ y9;
-    y7 = x7 ^ y11;
-    y17 = y10 ^ y11;
-    y19 = y10 ^ y8;
-    y16 = t0 ^ y11;
-    y21 = y13 ^ y16;
-    y18 = x0 ^ y16;
-
-    /*
-     * Non-linear section.
-     */
-    t2 = y12 & y15;
-    t3 = y3 & y6;
-    t4 = t3 ^ t2;
-    t5 = y4 & x7;
-    t6 = t5 ^ t2;
-    t7 = y13 & y16;
-    t8 = y5 & y1;
-    t9 = t8 ^ t7;
-    t10 = y2 & y7;
-    t11 = t10 ^ t7;
-    t12 = y9 & y11;
-    t13 = y14 & y17;
-    t14 = t13 ^ t12;
-    t15 = y8 & y10;
-    t16 = t15 ^ t12;
-    t17 = t4 ^ t14;
-    t18 = t6 ^ t16;
-    t19 = t9 ^ t14;
-    t20 = t11 ^ t16;
-    t21 = t17 ^ y20;
-    t22 = t18 ^ y19;
-    t23 = t19 ^ y21;
-    t24 = t20 ^ y18;
-
-    t25 = t21 ^ t22;
-    t26 = t21 & t23;
-    t27 = t24 ^ t26;
-    t28 = t25 & t27;
-    t29 = t28 ^ t22;
-    t30 = t23 ^ t24;
-    t31 = t22 ^ t26;
-    t32 = t31 & t30;
-    t33 = t32 ^ t24;
-    t34 = t23 ^ t33;
-    t35 = t27 ^ t33;
-    t36 = t24 & t35;
-    t37 = t36 ^ t34;
-    t38 = t27 ^ t36;
-    t39 = t29 & t38;
-    t40 = t25 ^ t39;
-
-    t41 = t40 ^ t37;
-    t42 = t29 ^ t33;
-    t43 = t29 ^ t40;
-    t44 = t33 ^ t37;
-    t45 = t42 ^ t41;
-    z0 = t44 & y15;
-    z1 = t37 & y6;
-    z2 = t33 & x7;
-    z3 = t43 & y16;
-    z4 = t40 & y1;
-    z5 = t29 & y7;
-    z6 = t42 & y11;
-    z7 = t45 & y17;
-    z8 = t41 & y10;
-    z9 = t44 & y12;
-    z10 = t37 & y3;
-    z11 = t33 & y4;
-    z12 = t43 & y13;
-    z13 = t40 & y5;
-    z14 = t29 & y2;
-    z15 = t42 & y9;
-    z16 = t45 & y14;
-    z17 = t41 & y8;
-
-    /*
-     * Bottom linear transformation.
-     */
-    t46 = z15 ^ z16;
-    t47 = z10 ^ z11;
-    t48 = z5 ^ z13;
-    t49 = z9 ^ z10;
-    t50 = z2 ^ z12;
-    t51 = z2 ^ z5;
-    t52 = z7 ^ z8;
-    t53 = z0 ^ z3;
-    t54 = z6 ^ z7;
-    t55 = z16 ^ z17;
-    t56 = z12 ^ t48;
-    t57 = t50 ^ t53;
-    t58 = z4 ^ t46;
-    t59 = z3 ^ t54;
-    t60 = t46 ^ t57;
-    t61 = z14 ^ t57;
-    t62 = t52 ^ t58;
-    t63 = t49 ^ t58;
-    t64 = z4 ^ t59;
-    t65 = t61 ^ t62;
-    t66 = z1 ^ t63;
-    s0 = t59 ^ t63;
-    s6 = t56 ^ ~t62;
-    s7 = t48 ^ ~t60;
-    t67 = t64 ^ t65;
-    s3 = t53 ^ t66;
-    s4 = t51 ^ t66;
-    s5 = t47 ^ t65;
-    s1 = t64 ^ ~s3;
-    s2 = t55 ^ ~t67;
-
-    q[7] = s0;
-    q[6] = s1;
-    q[5] = s2;
-    q[4] = s3;
-    q[3] = s4;
-    q[2] = s5;
-    q[1] = s6;
-    q[0] = s7;
-}
-
-static void br_aes_ct_ortho(uint32_t *q)
-{
-#define SWAPN_32(cl, ch, s, x, y)   do { \
-        uint32_t a, b; \
-        a = (x); \
-        b = (y); \
-        (x) = (a & (uint32_t)cl) | ((b & (uint32_t)cl) << (s)); \
-        (y) = ((a & (uint32_t)ch) >> (s)) | (b & (uint32_t)ch); \
-    } while (0)
-
-#define SWAP2_32(x, y)   SWAPN_32(0x55555555, 0xAAAAAAAA, 1, x, y)
-#define SWAP4_32(x, y)   SWAPN_32(0x33333333, 0xCCCCCCCC, 2, x, y)
-#define SWAP8_32(x, y)   SWAPN_32(0x0F0F0F0F, 0xF0F0F0F0, 4, x, y)
-
-    SWAP2_32(q[0], q[1]);
-    SWAP2_32(q[2], q[3]);
-    SWAP2_32(q[4], q[5]);
-    SWAP2_32(q[6], q[7]);
-
-    SWAP4_32(q[0], q[2]);
-    SWAP4_32(q[1], q[3]);
-    SWAP4_32(q[4], q[6]);
-    SWAP4_32(q[5], q[7]);
-
-    SWAP8_32(q[0], q[4]);
-    SWAP8_32(q[1], q[5]);
-    SWAP8_32(q[2], q[6]);
-    SWAP8_32(q[3], q[7]);
-}
-
-static inline void add_round_key32(uint32_t *q, const uint32_t *sk)
-{
-    q[0] ^= sk[0];
-    q[1] ^= sk[1];
-    q[2] ^= sk[2];
-    q[3] ^= sk[3];
-    q[4] ^= sk[4];
-    q[5] ^= sk[5];
-    q[6] ^= sk[6];
-    q[7] ^= sk[7];
-}
-
-static inline void shift_rows32(uint32_t *q)
-{
-    int i;
-
-    for (i = 0; i < 8; i++) {
-        uint32_t x;
-
-        x = q[i];
-        q[i] = (x & 0x000000FF)
-            | ((x & 0x0000FC00) >> 2) | ((x & 0x00000300) << 6)
-            | ((x & 0x00F00000) >> 4) | ((x & 0x000F0000) << 4)
-            | ((x & 0xC0000000) >> 6) | ((x & 0x3F000000) << 2);
-    }
-}
-
-static inline uint32_t rotr16(uint32_t x)
-{
-    return (x << 16) | (x >> 16);
-}
-
-static inline void mix_columns32(uint32_t *q)
-{
-    uint32_t q0, q1, q2, q3, q4, q5, q6, q7;
-    uint32_t r0, r1, r2, r3, r4, r5, r6, r7;
-
-    q0 = q[0];
-    q1 = q[1];
-    q2 = q[2];
-    q3 = q[3];
-    q4 = q[4];
-    q5 = q[5];
-    q6 = q[6];
-    q7 = q[7];
-    r0 = (q0 >> 8) | (q0 << 24);
-    r1 = (q1 >> 8) | (q1 << 24);
-    r2 = (q2 >> 8) | (q2 << 24);
-    r3 = (q3 >> 8) | (q3 << 24);
-    r4 = (q4 >> 8) | (q4 << 24);
-    r5 = (q5 >> 8) | (q5 << 24);
-    r6 = (q6 >> 8) | (q6 << 24);
-    r7 = (q7 >> 8) | (q7 << 24);
-
-    q[0] = q7 ^ r7 ^ r0 ^ rotr16(q0 ^ r0);
-    q[1] = q0 ^ r0 ^ q7 ^ r7 ^ r1 ^ rotr16(q1 ^ r1);
-    q[2] = q1 ^ r1 ^ r2 ^ rotr16(q2 ^ r2);
-    q[3] = q2 ^ r2 ^ q7 ^ r7 ^ r3 ^ rotr16(q3 ^ r3);
-    q[4] = q3 ^ r3 ^ q7 ^ r7 ^ r4 ^ rotr16(q4 ^ r4);
-    q[5] = q4 ^ r4 ^ r5 ^ rotr16(q5 ^ r5);
-    q[6] = q5 ^ r5 ^ r6 ^ rotr16(q6 ^ r6);
-    q[7] = q6 ^ r6 ^ r7 ^ rotr16(q7 ^ r7);
-}
-
-static void br_aes_ct64_ortho(uint64_t *q)
-{
-#define SWAPN(cl, ch, s, x, y)   do { \
-        uint64_t a, b; \
-        a = (x); \
-        b = (y); \
-        (x) = (a & (uint64_t)(cl)) | ((b & (uint64_t)(cl)) << (s)); \
-        (y) = ((a & (uint64_t)(ch)) >> (s)) | (b & (uint64_t)(ch)); \
-    } while (0)
-
-#define SWAP2(x, y)    SWAPN(0x5555555555555555, 0xAAAAAAAAAAAAAAAA,  1, x, y)
-#define SWAP4(x, y)    SWAPN(0x3333333333333333, 0xCCCCCCCCCCCCCCCC,  2, x, y)
-#define SWAP8(x, y)    SWAPN(0x0F0F0F0F0F0F0F0F, 0xF0F0F0F0F0F0F0F0,  4, x, y)
-
-    SWAP2(q[0], q[1]);
-    SWAP2(q[2], q[3]);
-    SWAP2(q[4], q[5]);
-    SWAP2(q[6], q[7]);
-
-    SWAP4(q[0], q[2]);
-    SWAP4(q[1], q[3]);
-    SWAP4(q[4], q[6]);
-    SWAP4(q[5], q[7]);
-
-    SWAP8(q[0], q[4]);
-    SWAP8(q[1], q[5]);
-    SWAP8(q[2], q[6]);
-    SWAP8(q[3], q[7]);
-}
-
-
-static void br_aes_ct64_interleave_in(uint64_t *q0, uint64_t *q1, const uint32_t *w)
-{
-    uint64_t x0, x1, x2, x3;
-
-    x0 = w[0];
-    x1 = w[1];
-    x2 = w[2];
-    x3 = w[3];
-    x0 |= (x0 << 16);
-    x1 |= (x1 << 16);
-    x2 |= (x2 << 16);
-    x3 |= (x3 << 16);
-    x0 &= (uint64_t)0x0000FFFF0000FFFF;
-    x1 &= (uint64_t)0x0000FFFF0000FFFF;
-    x2 &= (uint64_t)0x0000FFFF0000FFFF;
-    x3 &= (uint64_t)0x0000FFFF0000FFFF;
-    x0 |= (x0 << 8);
-    x1 |= (x1 << 8);
-    x2 |= (x2 << 8);
-    x3 |= (x3 << 8);
-    x0 &= (uint64_t)0x00FF00FF00FF00FF;
-    x1 &= (uint64_t)0x00FF00FF00FF00FF;
-    x2 &= (uint64_t)0x00FF00FF00FF00FF;
-    x3 &= (uint64_t)0x00FF00FF00FF00FF;
-    *q0 = x0 | (x2 << 8);
-    *q1 = x1 | (x3 << 8);
-}
-
-
-static void br_aes_ct64_interleave_out(uint32_t *w, uint64_t q0, uint64_t q1)
-{
-    uint64_t x0, x1, x2, x3;
-
-    x0 = q0 & (uint64_t)0x00FF00FF00FF00FF;
-    x1 = q1 & (uint64_t)0x00FF00FF00FF00FF;
-    x2 = (q0 >> 8) & (uint64_t)0x00FF00FF00FF00FF;
-    x3 = (q1 >> 8) & (uint64_t)0x00FF00FF00FF00FF;
-    x0 |= (x0 >> 8);
-    x1 |= (x1 >> 8);
-    x2 |= (x2 >> 8);
-    x3 |= (x3 >> 8);
-    x0 &= (uint64_t)0x0000FFFF0000FFFF;
-    x1 &= (uint64_t)0x0000FFFF0000FFFF;
-    x2 &= (uint64_t)0x0000FFFF0000FFFF;
-    x3 &= (uint64_t)0x0000FFFF0000FFFF;
-    w[0] = (uint32_t)x0 | (uint32_t)(x0 >> 16);
-    w[1] = (uint32_t)x1 | (uint32_t)(x1 >> 16);
-    w[2] = (uint32_t)x2 | (uint32_t)(x2 >> 16);
-    w[3] = (uint32_t)x3 | (uint32_t)(x3 >> 16);
-}
-
-static inline void add_round_key(uint64_t *q, const uint64_t *sk)
-{
-    q[0] ^= sk[0];
-    q[1] ^= sk[1];
-    q[2] ^= sk[2];
-    q[3] ^= sk[3];
-    q[4] ^= sk[4];
-    q[5] ^= sk[5];
-    q[6] ^= sk[6];
-    q[7] ^= sk[7];
-}
-
-static inline void shift_rows(uint64_t *q)
-{
-    int i;
-
-    for (i = 0; i < 8; i++) {
-        uint64_t x;
-
-        x = q[i];
-        q[i] = (x & (uint64_t)0x000000000000FFFF)
-               | ((x & (uint64_t)0x00000000FFF00000) >> 4)
-               | ((x & (uint64_t)0x00000000000F0000) << 12)
-               | ((x & (uint64_t)0x0000FF0000000000) >> 8)
-               | ((x & (uint64_t)0x000000FF00000000) << 8)
-               | ((x & (uint64_t)0xF000000000000000) >> 12)
-               | ((x & (uint64_t)0x0FFF000000000000) << 4);
-    }
-}
-
-static inline uint64_t rotr32(uint64_t x)
-{
-    return (x << 32) | (x >> 32);
-}
-
-static inline void mix_columns(uint64_t *q)
-{
-    uint64_t q0, q1, q2, q3, q4, q5, q6, q7;
-    uint64_t r0, r1, r2, r3, r4, r5, r6, r7;
-
-    q0 = q[0];
-    q1 = q[1];
-    q2 = q[2];
-    q3 = q[3];
-    q4 = q[4];
-    q5 = q[5];
-    q6 = q[6];
-    q7 = q[7];
-    r0 = (q0 >> 16) | (q0 << 48);
-    r1 = (q1 >> 16) | (q1 << 48);
-    r2 = (q2 >> 16) | (q2 << 48);
-    r3 = (q3 >> 16) | (q3 << 48);
-    r4 = (q4 >> 16) | (q4 << 48);
-    r5 = (q5 >> 16) | (q5 << 48);
-    r6 = (q6 >> 16) | (q6 << 48);
-    r7 = (q7 >> 16) | (q7 << 48);
-
-    q[0] = q7 ^ r7 ^ r0 ^ rotr32(q0 ^ r0);
-    q[1] = q0 ^ r0 ^ q7 ^ r7 ^ r1 ^ rotr32(q1 ^ r1);
-    q[2] = q1 ^ r1 ^ r2 ^ rotr32(q2 ^ r2);
-    q[3] = q2 ^ r2 ^ q7 ^ r7 ^ r3 ^ rotr32(q3 ^ r3);
-    q[4] = q3 ^ r3 ^ q7 ^ r7 ^ r4 ^ rotr32(q4 ^ r4);
-    q[5] = q4 ^ r4 ^ r5 ^ rotr32(q5 ^ r5);
-    q[6] = q5 ^ r5 ^ r6 ^ rotr32(q6 ^ r6);
-    q[7] = q6 ^ r6 ^ r7 ^ rotr32(q7 ^ r7);
-}
-
-static void interleave_constant(uint64_t *out, const unsigned char *in)
-{
-    uint32_t tmp_32_constant[16];
-    int i;
-
-    br_range_dec32le(tmp_32_constant, 16, in);
-    for (i = 0; i < 4; i++) {
-        br_aes_ct64_interleave_in(&out[i], &out[i + 4], tmp_32_constant + (i << 2));
-    }
-    br_aes_ct64_ortho(out);
-}
-
-static void interleave_constant32(uint32_t *out, const unsigned char *in)
-{
-    int i;
-    for (i = 0; i < 4; i++) {
-        out[2*i] = br_dec32le(in + 4*i);
-        out[2*i + 1] = br_dec32le(in + 4*i + 16);
-    }
-    br_aes_ct_ortho(out);
-}
-
-void tweak_constants(spx_ctx *ctx)
-{
-    unsigned char buf[40*16];
-    int i;
-
-    /* Use the standard constants to generate tweaked ones. */
-    memcpy((uint8_t *)ctx->tweaked512_rc64, (uint8_t *)haraka512_rc64, 40*16);
-
-    /* Constants for pk.seed */
-    haraka_S(buf, 40*16, ctx->pub_seed, SPX_N, ctx);
-    for (i = 0; i < 10; i++) {
-        interleave_constant32(ctx->tweaked256_rc32[i], buf + 32*i);
-        interleave_constant(ctx->tweaked512_rc64[i], buf + 64*i);
-    }
-}
-
-static void haraka_S_absorb(unsigned char *s, unsigned int r,
-                            const unsigned char *m, unsigned long long mlen,
-                            unsigned char p, const spx_ctx *ctx)
-{
-    unsigned long long i;
-    SPX_VLA(uint8_t, t, r);
-
-    while (mlen >= r) {
-        /* XOR block to state */
-        for (i = 0; i < r; ++i) {
-            s[i] ^= m[i];
-        }
-        haraka512_perm(s, s, ctx);
-        mlen -= r;
-        m += r;
-    }
-
-    for (i = 0; i < r; ++i) {
-        t[i] = 0;
-    }
-    for (i = 0; i < mlen; ++i) {
-        t[i] = m[i];
-    }
-    t[i] = p;
-    t[r - 1] |= 128;
-    for (i = 0; i < r; ++i) {
-        s[i] ^= t[i];
-    }
-}
-
-static void haraka_S_squeezeblocks(unsigned char *h, unsigned long long nblocks,
-                                   unsigned char *s, unsigned int r,
-                                   const spx_ctx *ctx)
-{
-    while (nblocks > 0) {
-        haraka512_perm(s, s, ctx);
-        memcpy(h, s, HARAKAS_RATE);
-        h += r;
-        nblocks--;
-    }
-}
-
-void haraka_S_inc_init(uint8_t *s_inc)
-{
-    size_t i;
-
-    for (i = 0; i < 64; i++) {
-        s_inc[i] = 0;
-    }
-    s_inc[64] = 0;
-}
-
-void haraka_S_inc_absorb(uint8_t *s_inc, const uint8_t *m, size_t mlen,
-        const spx_ctx *ctx)
-{
-    size_t i;
-
-    /* Recall that s_inc[64] is the non-absorbed bytes xored into the state */
-    while (mlen + s_inc[64] >= HARAKAS_RATE) {
-        for (i = 0; i < (size_t)(HARAKAS_RATE - s_inc[64]); i++) {
-            /* Take the i'th byte from message
-               xor with the s_inc[64] + i'th byte of the state */
-            s_inc[s_inc[64] + i] ^= m[i];
-        }
-        mlen -= (size_t)(HARAKAS_RATE - s_inc[64]);
-        m += HARAKAS_RATE - (uint8_t)s_inc[64];
-        s_inc[64] = 0;
-
-        haraka512_perm(s_inc, s_inc, ctx);
-    }
-
-    for (i = 0; i < mlen; i++) {
-        s_inc[s_inc[64] + i] ^= m[i];
-    }
-    s_inc[64] += (uint8_t)mlen;
-}
-
-void haraka_S_inc_finalize(uint8_t *s_inc)
-{
-    /* After haraka_S_inc_absorb, we are guaranteed that s_inc[64] < HARAKAS_RATE,
-       so we can always use one more byte for p in the current state. */
-    s_inc[s_inc[64]] ^= 0x1F;
-    s_inc[HARAKAS_RATE - 1] ^= 128;
-    s_inc[64] = 0;
-}
-
-void haraka_S_inc_squeeze(uint8_t *out, size_t outlen, uint8_t *s_inc,
-        const spx_ctx *ctx)
-{
-    size_t i;
-
-    /* First consume any bytes we still have sitting around */
-    for (i = 0; i < outlen && i < s_inc[64]; i++) {
-        /* There are s_inc[64] bytes left, so r - s_inc[64] is the first
-           available byte. We consume from there, i.e., up to r. */
-        out[i] = (uint8_t)s_inc[(HARAKAS_RATE - s_inc[64] + i)];
-    }
-    out += i;
-    outlen -= i;
-    s_inc[64] -= (uint8_t)i;
-
-    /* Then squeeze the remaining necessary blocks */
-    while (outlen > 0) {
-        haraka512_perm(s_inc, s_inc, ctx);
-
-        for (i = 0; i < outlen && i < HARAKAS_RATE; i++) {
-            out[i] = s_inc[i];
-        }
-        out += i;
-        outlen -= i;
-        s_inc[64] = (uint8_t)(HARAKAS_RATE - i);
-    }
-}
-
-void haraka_S(unsigned char *out, unsigned long long outlen,
-              const unsigned char *in, unsigned long long inlen,
-              const spx_ctx *ctx)
-{
-    unsigned long long i;
-    unsigned char s[64];
-    unsigned char d[32];
-
-    for (i = 0; i < 64; i++) {
-        s[i] = 0;
-    }
-    haraka_S_absorb(s, 32, in, inlen, 0x1F, ctx);
-
-    haraka_S_squeezeblocks(out, outlen / 32, s, 32, ctx);
-    out += (outlen / 32) * 32;
-
-    if (outlen % 32) {
-        haraka_S_squeezeblocks(d, 1, s, 32, ctx);
-        for (i = 0; i < outlen % 32; i++) {
-            out[i] = d[i];
-        }
-    }
-}
-
-void haraka512_perm(unsigned char *out, const unsigned char *in,
-        const spx_ctx *ctx)
-{
-    uint32_t w[16];
-    uint64_t q[8], tmp_q;
-    unsigned int i, j;
-
-    br_range_dec32le(w, 16, in);
-    for (i = 0; i < 4; i++) {
-        br_aes_ct64_interleave_in(&q[i], &q[i + 4], w + (i << 2));
-    }
-    br_aes_ct64_ortho(q);
-
-    /* AES rounds */
-    for (i = 0; i < 5; i++) {
-        for (j = 0; j < 2; j++) {
-            br_aes_ct64_bitslice_Sbox(q);
-            shift_rows(q);
-            mix_columns(q);
-            add_round_key(q, ctx->tweaked512_rc64[2*i + j]);
-        }
-        /* Mix states */
-        for (j = 0; j < 8; j++) {
-            tmp_q = q[j];
-            q[j] = (tmp_q & 0x0001000100010001) << 5 |
-                   (tmp_q & 0x0002000200020002) << 12 |
-                   (tmp_q & 0x0004000400040004) >> 1 |
-                   (tmp_q & 0x0008000800080008) << 6 |
-                   (tmp_q & 0x0020002000200020) << 9 |
-                   (tmp_q & 0x0040004000400040) >> 4 |
-                   (tmp_q & 0x0080008000800080) << 3 |
-                   (tmp_q & 0x2100210021002100) >> 5 |
-                   (tmp_q & 0x0210021002100210) << 2 |
-                   (tmp_q & 0x0800080008000800) << 4 |
-                   (tmp_q & 0x1000100010001000) >> 12 |
-                   (tmp_q & 0x4000400040004000) >> 10 |
-                   (tmp_q & 0x8400840084008400) >> 3;
-        }
-    }
-
-    br_aes_ct64_ortho(q);
-    for (i = 0; i < 4; i ++) {
-        br_aes_ct64_interleave_out(w + (i << 2), q[i], q[i + 4]);
-    }
-    br_range_enc32le(out, w, 16);
-}
-
-void haraka512(unsigned char *out, const unsigned char *in, const spx_ctx *ctx)
-{
-    int i;
-
-    unsigned char buf[64];
-
-    haraka512_perm(buf, in, ctx);
-    /* Feed-forward */
-    for (i = 0; i < 64; i++) {
-        buf[i] = buf[i] ^ in[i];
-    }
-
-    /* Truncated */
-    memcpy(out,      buf + 8, 8);
-    memcpy(out + 8,  buf + 24, 8);
-    memcpy(out + 16, buf + 32, 8);
-    memcpy(out + 24, buf + 48, 8);
-}
-
-
-void haraka256(unsigned char *out, const unsigned char *in,
-        const spx_ctx *ctx)
-{
-    uint32_t q[8], tmp_q;
-    int i, j;
-
-    for (i = 0; i < 4; i++) {
-        q[2*i] = br_dec32le(in + 4*i);
-        q[2*i + 1] = br_dec32le(in + 4*i + 16);
-    }
-    br_aes_ct_ortho(q);
-
-    /* AES rounds */
-    for (i = 0; i < 5; i++) {
-        for (j = 0; j < 2; j++) {
-            br_aes_ct_bitslice_Sbox(q);
-            shift_rows32(q);
-            mix_columns32(q);
-            add_round_key32(q, ctx->tweaked256_rc32[2*i + j]);
-        }
-
-        /* Mix states */
-        for (j = 0; j < 8; j++) {
-            tmp_q = q[j];
-            q[j] = (tmp_q & 0x81818181) |
-                   (tmp_q & 0x02020202) << 1 |
-                   (tmp_q & 0x04040404) << 2 |
-                   (tmp_q & 0x08080808) << 3 |
-                   (tmp_q & 0x10101010) >> 3 |
-                   (tmp_q & 0x20202020) >> 2 |
-                   (tmp_q & 0x40404040) >> 1;
-        }
-    }
-
-    br_aes_ct_ortho(q);
-    for (i = 0; i < 4; i++) {
-        br_enc32le(out + 4*i, q[2*i]);
-        br_enc32le(out + 4*i + 16, q[2*i + 1]);
-    }
-
-    for (i = 0; i < 32; i++) {
-        out[i] ^= in[i];
-    }
-}
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/haraka/src/hash_haraka.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/haraka/src/hash_haraka.c
deleted file mode 100644
index cd6beac..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/haraka/src/hash_haraka.c
+++ /dev/null
@@ -1,96 +0,0 @@
-#include <stdint.h>
-#include <string.h>
-
-#include "../../../app/include/address.h"
-#include "../../../app/include/hash.h"
-#include "../../../app/include/params.h"
-#include "../../../app/include/utils.h"
-
-#include "../include/haraka.h"
-
-void initialize_hash_function(spx_ctx* ctx)
-{
-    tweak_constants(ctx);
-}
-
-/*
- * Computes PRF(key, addr), given a secret key of SPX_N bytes and an address
- */
-void prf_addr(unsigned char *out, const spx_ctx *ctx,
-              const uint32_t addr[8])
-{
-    /* Since SPX_N may be smaller than 32, we need temporary buffers. */
-    unsigned char outbuf[32];
-    unsigned char buf[64] = {0};
-
-    memcpy(buf, addr, SPX_ADDR_BYTES);
-    memcpy(buf + SPX_ADDR_BYTES, ctx->sk_seed, SPX_N);
-
-    haraka512(outbuf, buf, ctx);
-    memcpy(out, outbuf, SPX_N);
-}
-
-/**
- * Computes the message-dependent randomness R, using a secret seed and an
- * optional randomization value as well as the message.
- */
-void gen_message_random(unsigned char *R, const unsigned char* sk_prf,
-                        const unsigned char *optrand,
-                        const unsigned char *m, unsigned long long mlen,
-                        const spx_ctx *ctx)
-{
-    uint8_t s_inc[65];
-
-    haraka_S_inc_init(s_inc);
-    haraka_S_inc_absorb(s_inc, sk_prf, SPX_N, ctx);
-    haraka_S_inc_absorb(s_inc, optrand, SPX_N, ctx);
-    haraka_S_inc_absorb(s_inc, m, mlen, ctx);
-    haraka_S_inc_finalize(s_inc);
-    haraka_S_inc_squeeze(R, SPX_N, s_inc, ctx);
-}
-
-/**
- * Computes the message hash using R, the public key, and the message.
- * Outputs the message digest and the index of the leaf. The index is split in
- * the tree index and the leaf index, for convenient copying to an address.
- */
-void hash_message(unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx,
-                  const unsigned char *R, const unsigned char *pk,
-                  const unsigned char *m, unsigned long long mlen,
-                  const spx_ctx *ctx)
-{
-#define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1))
-#define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8)
-#define SPX_LEAF_BITS SPX_TREE_HEIGHT
-#define SPX_LEAF_BYTES ((SPX_LEAF_BITS + 7) / 8)
-#define SPX_DGST_BYTES (SPX_FORS_MSG_BYTES + SPX_TREE_BYTES + SPX_LEAF_BYTES)
-
-    unsigned char buf[SPX_DGST_BYTES];
-    unsigned char *bufp = buf;
-    uint8_t s_inc[65];
-
-    haraka_S_inc_init(s_inc);
-    haraka_S_inc_absorb(s_inc, R, SPX_N, ctx);
-    haraka_S_inc_absorb(s_inc, pk + SPX_N, SPX_N, ctx); // Only absorb root part of pk
-    haraka_S_inc_absorb(s_inc, m, mlen, ctx);
-    haraka_S_inc_finalize(s_inc);
-    haraka_S_inc_squeeze(buf, SPX_DGST_BYTES, s_inc, ctx);
-
-    memcpy(digest, bufp, SPX_FORS_MSG_BYTES);
-    bufp += SPX_FORS_MSG_BYTES;
-
-#if SPX_TREE_BITS > 64
-    #error For given height and depth, 64 bits cannot represent all subtrees
-#endif
-
-    if (SPX_D == 1) {
-	*tree = 0;
-    } else {
-        *tree = bytes_to_ull(bufp, SPX_TREE_BYTES);
-        *tree &= (~(uint64_t)0) >> (64 - SPX_TREE_BITS);
-    }
-    bufp += SPX_TREE_BYTES;
-
-    *leaf_idx = (uint32_t)bytes_to_ull(bufp, SPX_LEAF_BYTES);
-    *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS);
-}
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/haraka/src/thash_haraka_robust.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/haraka/src/thash_haraka_robust.c
deleted file mode 100644
index b540bdc..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/haraka/src/thash_haraka_robust.c
+++ /dev/null
@@ -1,46 +0,0 @@
-#include <stdint.h>
-#include <string.h>
-
-#include "../../../app/include/address.h"
-#include "../../../app/include/thash.h"
-#include "../../../app/include/params.h"
-#include "../../../app/include/utils.h"
-
-#include "../include/haraka.h"
-
-/**
- * Takes an array of inblocks concatenated arrays of SPX_N bytes.
- */
-void thash(unsigned char *out, const unsigned char *in, unsigned int inblocks,
-           const spx_ctx *ctx, uint32_t addr[8])
-{
-    SPX_VLA(uint8_t, buf, SPX_ADDR_BYTES + inblocks*SPX_N);
-    SPX_VLA(uint8_t, bitmask, inblocks*SPX_N);
-    unsigned char outbuf[32];
-    unsigned char buf_tmp[64];
-    unsigned int i;
-
-    if (inblocks == 1) {
-        /* F function */
-        /* Since SPX_N may be smaller than 32, we need a temporary buffer. */
-        memset(buf_tmp, 0, 64);
-        memcpy(buf_tmp, addr, 32);
-
-        haraka256(outbuf, buf_tmp, ctx);
-        for (i = 0; i < inblocks * SPX_N; i++) {
-            buf_tmp[SPX_ADDR_BYTES + i] = in[i] ^ outbuf[i];
-        }
-        haraka512(outbuf, buf_tmp, ctx);
-        memcpy(out, outbuf, SPX_N);
-    } else {
-        /* All other tweakable hashes*/
-        memcpy(buf, addr, 32);
-        haraka_S(bitmask, inblocks * SPX_N, buf, SPX_ADDR_BYTES, ctx);
-
-        for (i = 0; i < inblocks * SPX_N; i++) {
-            buf[SPX_ADDR_BYTES + i] = in[i] ^ bitmask[i];
-        }
-
-        haraka_S(out, SPX_N, buf, SPX_ADDR_BYTES + inblocks*SPX_N, ctx);
-    }
-}
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/haraka/src/thash_haraka_simple.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/haraka/src/thash_haraka_simple.c
deleted file mode 100644
index 43b14c7..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/haraka/src/thash_haraka_simple.c
+++ /dev/null
@@ -1,37 +0,0 @@
-#include <stdint.h>
-#include <string.h>
-
-#include "../../../app/include/address.h"
-#include "../../../app/include/thash.h"
-#include "../../../app/include/params.h"
-#include "../../../app/include/utils.h"
-
-#include "../include/haraka.h"
-
-/**
- * Takes an array of inblocks concatenated arrays of SPX_N bytes.
- */
-void thash(unsigned char *out, const unsigned char *in, unsigned int inblocks,
-           const spx_ctx *ctx, uint32_t addr[8])
-{
-    SPX_VLA(uint8_t, buf, SPX_ADDR_BYTES + inblocks*SPX_N);
-    unsigned char outbuf[32];
-    unsigned char buf_tmp[64];
-
-    if (inblocks == 1) {
-        /* F function */
-        /* Since SPX_N may be smaller than 32, we need a temporary buffer. */
-        memset(buf_tmp, 0, 64);
-        memcpy(buf_tmp, addr, 32);
-        memcpy(buf_tmp + SPX_ADDR_BYTES, in, SPX_N);
-
-        haraka512(outbuf, buf_tmp, ctx);
-        memcpy(out, outbuf, SPX_N);
-    } else {
-        /* All other tweakable hashes*/
-        memcpy(buf, addr, 32);
-        memcpy(buf + SPX_ADDR_BYTES, in, inblocks * SPX_N);
-
-        haraka_S(out, SPX_N, buf, SPX_ADDR_BYTES + inblocks*SPX_N, ctx);
-    }
-}
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/sha2/CMakeLists.txt b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/sha2/CMakeLists.txt
deleted file mode 100644
index bf65803..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/sha2/CMakeLists.txt
+++ /dev/null
@@ -1,12 +0,0 @@
-set(SHA2_SOURCES
-    src/sha2.c
-    src/hash_sha2.c
-    ../../app/src/utils.c
-    src/thash_sha2_${THASH}.c
-)
-
-set(PARAMS "sphincs-sha2-${SECPAR}")
-set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DPARAMS=${PARAMS}")
-
-add_library(sha2 SHARED ${SHA2_SOURCES})
-target_include_directories(sha2 PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/include)
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/sha2/include/sha2.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/sha2/include/sha2.h
deleted file mode 100644
index 83038e2..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/sha2/include/sha2.h
+++ /dev/null
@@ -1,44 +0,0 @@
-#ifndef SPX_SHA2_H
-#define SPX_SHA2_H
-
-#include "../../../app/include/params.h"
-#include "../../../app/include/context.h"
-
-#define SPX_SHA256_BLOCK_BYTES 64
-#define SPX_SHA256_OUTPUT_BYTES 32  /* This does not necessarily equal SPX_N */
-
-#define SPX_SHA512_BLOCK_BYTES 128
-#define SPX_SHA512_OUTPUT_BYTES 64
-
-#if SPX_SHA256_OUTPUT_BYTES < SPX_N
-    #error Linking against SHA-256 with N larger than 32 bytes is not supported
-#endif
-
-#define SPX_SHA256_ADDR_BYTES 22
-
-#include <stddef.h>
-#include <stdint.h>
-
-void sha256_inc_init(uint8_t *state);
-void sha256_inc_blocks(uint8_t *state, const uint8_t *in, size_t inblocks);
-void sha256_inc_finalize(uint8_t *out, uint8_t *state, const uint8_t *in, size_t inlen);
-void sha256(uint8_t *out, const uint8_t *in, size_t inlen);
-
-void sha512_inc_init(uint8_t *state);
-void sha512_inc_blocks(uint8_t *state, const uint8_t *in, size_t inblocks);
-void sha512_inc_finalize(uint8_t *out, uint8_t *state, const uint8_t *in, size_t inlen);
-void sha512(uint8_t *out, const uint8_t *in, size_t inlen);
-
-#define mgf1_256 SPX_NAMESPACE(mgf1_256)
-void mgf1_256(unsigned char *out, unsigned long outlen,
-          const unsigned char *in, unsigned long inlen);
-
-#define mgf1_512 SPX_NAMESPACE(mgf1_512)
-void mgf1_512(unsigned char *out, unsigned long outlen,
-          const unsigned char *in, unsigned long inlen);
-
-#define seed_state SPX_NAMESPACE(seed_state)
-void seed_state(spx_ctx *ctx);
-
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/sha2/include/sha2_offsets.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/sha2/include/sha2_offsets.h
deleted file mode 100644
index 49f7e85..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/sha2/include/sha2_offsets.h
+++ /dev/null
@@ -1,20 +0,0 @@
-#ifndef SHA2_OFFSETS_H_
-#define SHA2_OFFSETS_H_
-
-/*
- * Offsets of various fields in the address structure when we use SHA2 as
- * the Sphincs+ hash function
- */
-
-#define SPX_OFFSET_LAYER     0   /* The byte used to specify the Merkle tree layer */
-#define SPX_OFFSET_TREE      1   /* The start of the 8 byte field used to specify the tree */
-#define SPX_OFFSET_TYPE      9   /* The byte used to specify the hash type (reason) */
-#define SPX_OFFSET_KP_ADDR   10  /* The start of the 4 byte field used to specify the key pair address */ 
-#define SPX_OFFSET_CHAIN_ADDR 17  /* The byte used to specify the chain address (which Winternitz chain) */
-#define SPX_OFFSET_HASH_ADDR 21  /* The byte used to specify the hash address (where in the Winternitz chain) */
-#define SPX_OFFSET_TREE_HGT  17  /* The byte used to specify the height of this node in the FORS or Merkle tree */
-#define SPX_OFFSET_TREE_INDEX 18 /* The start of the 4 byte field used to specify the node in the FORS or Merkle tree */
-
-#define SPX_SHA2 1
-
-#endif /* SHA2_OFFSETS_H_ */
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/sha2/src/hash_sha2.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/sha2/src/hash_sha2.c
deleted file mode 100644
index e84b8a3..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/sha2/src/hash_sha2.c
+++ /dev/null
@@ -1,198 +0,0 @@
-#include <stdint.h>
-#include <string.h>
-
-#include "../../../app/include/address.h"
-#include "../../../app/include/hash.h"
-#include "../../../app/include/params.h"
-#include "../../../app/include/utils.h"
-
-#include "../include/sha2.h"
-
-#if SPX_N >= 24
-#define SPX_SHAX_OUTPUT_BYTES SPX_SHA512_OUTPUT_BYTES
-#define SPX_SHAX_BLOCK_BYTES SPX_SHA512_BLOCK_BYTES
-#define shaX_inc_init sha512_inc_init
-#define shaX_inc_blocks sha512_inc_blocks
-#define shaX_inc_finalize sha512_inc_finalize
-#define shaX sha512
-#define mgf1_X mgf1_512
-#else
-#define SPX_SHAX_OUTPUT_BYTES SPX_SHA256_OUTPUT_BYTES
-#define SPX_SHAX_BLOCK_BYTES SPX_SHA256_BLOCK_BYTES
-#define shaX_inc_init sha256_inc_init
-#define shaX_inc_blocks sha256_inc_blocks
-#define shaX_inc_finalize sha256_inc_finalize
-#define shaX sha256
-#define mgf1_X mgf1_256
-#endif
-
-
-/* For SHA, there is no immediate reason to initialize at the start,
-   so this function is an empty operation. */
-void initialize_hash_function(spx_ctx *ctx)
-{
-    seed_state(ctx);
-}
-
-/*
- * Computes PRF(pk_seed, sk_seed, addr).
- */
-void prf_addr(unsigned char *out, const spx_ctx *ctx,
-              const uint32_t addr[8])
-{
-    uint8_t sha2_state[40];
-    unsigned char buf[SPX_SHA256_ADDR_BYTES + SPX_N];
-    unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES];
-
-    /* Retrieve precomputed state containing pub_seed */
-    memcpy(sha2_state, ctx->state_seeded, 40 * sizeof(uint8_t));
-
-    /* Remainder: ADDR^c ‖ SK.seed */
-    memcpy(buf, addr, SPX_SHA256_ADDR_BYTES);
-    memcpy(buf + SPX_SHA256_ADDR_BYTES, ctx->sk_seed, SPX_N);
-
-    sha256_inc_finalize(outbuf, sha2_state, buf, SPX_SHA256_ADDR_BYTES + SPX_N);
-
-    memcpy(out, outbuf, SPX_N);
-}
-
-/**
- * Computes the message-dependent randomness R, using a secret seed as a key
- * for HMAC, and an optional randomization value prefixed to the message.
- * This requires m to have at least SPX_SHAX_BLOCK_BYTES + SPX_N space
- * available in front of the pointer, i.e. before the message to use for the
- * prefix. This is necessary to prevent having to move the message around (and
- * allocate memory for it).
- */
-void gen_message_random(unsigned char *R, const unsigned char *sk_prf,
-                        const unsigned char *optrand,
-                        const unsigned char *m, unsigned long long mlen,
-                        const spx_ctx *ctx)
-{
-    (void)ctx;
-
-    unsigned char buf[SPX_SHAX_BLOCK_BYTES + SPX_SHAX_OUTPUT_BYTES];
-    uint8_t state[8 + SPX_SHAX_OUTPUT_BYTES];
-    int i;
-
-#if SPX_N > SPX_SHAX_BLOCK_BYTES
-    #error "Currently only supports SPX_N of at most SPX_SHAX_BLOCK_BYTES"
-#endif
-
-    /* This implements HMAC-SHA */
-    for (i = 0; i < SPX_N; i++) {
-        buf[i] = 0x36 ^ sk_prf[i];
-    }
-    memset(buf + SPX_N, 0x36, SPX_SHAX_BLOCK_BYTES - SPX_N);
-
-    shaX_inc_init(state);
-    shaX_inc_blocks(state, buf, 1);
-
-    memcpy(buf, optrand, SPX_N);
-
-    /* If optrand + message cannot fill up an entire block */
-    if (SPX_N + mlen < SPX_SHAX_BLOCK_BYTES) {
-        memcpy(buf + SPX_N, m, mlen);
-        shaX_inc_finalize(buf + SPX_SHAX_BLOCK_BYTES, state,
-                            buf, mlen + SPX_N);
-    }
-    /* Otherwise first fill a block, so that finalize only uses the message */
-    else {
-        memcpy(buf + SPX_N, m, SPX_SHAX_BLOCK_BYTES - SPX_N);
-        shaX_inc_blocks(state, buf, 1);
-
-        m += SPX_SHAX_BLOCK_BYTES - SPX_N;
-        mlen -= SPX_SHAX_BLOCK_BYTES - SPX_N;
-        shaX_inc_finalize(buf + SPX_SHAX_BLOCK_BYTES, state, m, mlen);
-    }
-
-    for (i = 0; i < SPX_N; i++) {
-        buf[i] = 0x5c ^ sk_prf[i];
-    }
-    memset(buf + SPX_N, 0x5c, SPX_SHAX_BLOCK_BYTES - SPX_N);
-
-    shaX(buf, buf, SPX_SHAX_BLOCK_BYTES + SPX_SHAX_OUTPUT_BYTES);
-    memcpy(R, buf, SPX_N);
-}
-
-/**
- * Computes the message hash using R, the public key, and the message.
- * Outputs the message digest and the index of the leaf. The index is split in
- * the tree index and the leaf index, for convenient copying to an address.
- */
-void hash_message(unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx,
-                  const unsigned char *R, const unsigned char *pk,
-                  const unsigned char *m, unsigned long long mlen,
-                  const spx_ctx *ctx)
-{
-    (void)ctx;
-#define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1))
-#define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8)
-#define SPX_LEAF_BITS SPX_TREE_HEIGHT
-#define SPX_LEAF_BYTES ((SPX_LEAF_BITS + 7) / 8)
-#define SPX_DGST_BYTES (SPX_FORS_MSG_BYTES + SPX_TREE_BYTES + SPX_LEAF_BYTES)
-
-    unsigned char seed[2*SPX_N + SPX_SHAX_OUTPUT_BYTES];
-
-    /* Round to nearest multiple of SPX_SHAX_BLOCK_BYTES */
-#if (SPX_SHAX_BLOCK_BYTES & (SPX_SHAX_BLOCK_BYTES-1)) != 0
-    #error "Assumes that SPX_SHAX_BLOCK_BYTES is a power of 2"
-#endif
-#define SPX_INBLOCKS (((SPX_N + SPX_PK_BYTES + SPX_SHAX_BLOCK_BYTES - 1) & \
-                        -SPX_SHAX_BLOCK_BYTES) / SPX_SHAX_BLOCK_BYTES)
-    unsigned char inbuf[SPX_INBLOCKS * SPX_SHAX_BLOCK_BYTES];
-
-    unsigned char buf[SPX_DGST_BYTES];
-    unsigned char *bufp = buf;
-    uint8_t state[8 + SPX_SHAX_OUTPUT_BYTES];
-
-    shaX_inc_init(state);
-
-    // seed: SHA-X(R ‖ PK.seed ‖ PK.root ‖ M)
-    memcpy(inbuf, R, SPX_N);
-    memcpy(inbuf + SPX_N, pk, SPX_PK_BYTES);
-
-    /* If R + pk + message cannot fill up an entire block */
-    if (SPX_N + SPX_PK_BYTES + mlen < SPX_INBLOCKS * SPX_SHAX_BLOCK_BYTES) {
-        memcpy(inbuf + SPX_N + SPX_PK_BYTES, m, mlen);
-        shaX_inc_finalize(seed + 2*SPX_N, state, inbuf, SPX_N + SPX_PK_BYTES + mlen);
-    }
-    /* Otherwise first fill a block, so that finalize only uses the message */
-    else {
-        memcpy(inbuf + SPX_N + SPX_PK_BYTES, m,
-               SPX_INBLOCKS * SPX_SHAX_BLOCK_BYTES - SPX_N - SPX_PK_BYTES);
-        shaX_inc_blocks(state, inbuf, SPX_INBLOCKS);
-
-        m += SPX_INBLOCKS * SPX_SHAX_BLOCK_BYTES - SPX_N - SPX_PK_BYTES;
-        mlen -= SPX_INBLOCKS * SPX_SHAX_BLOCK_BYTES - SPX_N - SPX_PK_BYTES;
-        shaX_inc_finalize(seed + 2*SPX_N, state, m, mlen);
-    }
-
-    // H_msg: MGF1-SHA-X(R ‖ PK.seed ‖ seed)
-    memcpy(seed, R, SPX_N);
-    memcpy(seed + SPX_N, pk, SPX_N);
-
-    /* By doing this in two steps, we prevent hashing the message twice;
-       otherwise each iteration in MGF1 would hash the message again. */
-    mgf1_X(bufp, SPX_DGST_BYTES, seed, 2*SPX_N + SPX_SHAX_OUTPUT_BYTES);
-
-    memcpy(digest, bufp, SPX_FORS_MSG_BYTES);
-    bufp += SPX_FORS_MSG_BYTES;
-
-#if SPX_TREE_BITS > 64
-    #error For given height and depth, 64 bits cannot represent all subtrees
-#endif
-
-    if (SPX_D == 1) {
-	*tree = 0;
-    } else {
-        *tree = bytes_to_ull(bufp, SPX_TREE_BYTES);
-        *tree &= (~(uint64_t)0) >> (64 - SPX_TREE_BITS);
-    }
-    bufp += SPX_TREE_BYTES;
-
-    *leaf_idx = (uint32_t)bytes_to_ull(bufp, SPX_LEAF_BYTES);
-    *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS);
-}
-
-
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/sha2/src/sha2.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/sha2/src/sha2.c
deleted file mode 100644
index 3d311eb..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/sha2/src/sha2.c
+++ /dev/null
@@ -1,701 +0,0 @@
-/* Based on the public domain implementation in
- * crypto_hash/sha512/ref/ from http://bench.cr.yp.to/supercop.html
- * by D. J. Bernstein */
-
-#include <stddef.h>
-#include <stdint.h>
-#include <string.h>
-
-#include "../../../app/include/utils.h"
-
-#include "../include/sha2.h"
-
-static uint32_t load_bigendian_32(const uint8_t *x) {
-    return (uint32_t)(x[3]) | (((uint32_t)(x[2])) << 8) |
-           (((uint32_t)(x[1])) << 16) | (((uint32_t)(x[0])) << 24);
-}
-
-static uint64_t load_bigendian_64(const uint8_t *x) {
-    return (uint64_t)(x[7]) | (((uint64_t)(x[6])) << 8) |
-           (((uint64_t)(x[5])) << 16) | (((uint64_t)(x[4])) << 24) |
-           (((uint64_t)(x[3])) << 32) | (((uint64_t)(x[2])) << 40) |
-           (((uint64_t)(x[1])) << 48) | (((uint64_t)(x[0])) << 56);
-}
-
-static void store_bigendian_32(uint8_t *x, uint64_t u) {
-    x[3] = (uint8_t) u;
-    u >>= 8;
-    x[2] = (uint8_t) u;
-    u >>= 8;
-    x[1] = (uint8_t) u;
-    u >>= 8;
-    x[0] = (uint8_t) u;
-}
-
-static void store_bigendian_64(uint8_t *x, uint64_t u) {
-    x[7] = (uint8_t) u;
-    u >>= 8;
-    x[6] = (uint8_t) u;
-    u >>= 8;
-    x[5] = (uint8_t) u;
-    u >>= 8;
-    x[4] = (uint8_t) u;
-    u >>= 8;
-    x[3] = (uint8_t) u;
-    u >>= 8;
-    x[2] = (uint8_t) u;
-    u >>= 8;
-    x[1] = (uint8_t) u;
-    u >>= 8;
-    x[0] = (uint8_t) u;
-}
-
-#define SHR(x, c) ((x) >> (c))
-#define ROTR_32(x, c) (((x) >> (c)) | ((x) << (32 - (c))))
-#define ROTR_64(x,c) (((x) >> (c)) | ((x) << (64 - (c))))
-
-#define Ch(x, y, z) (((x) & (y)) ^ (~(x) & (z)))
-#define Maj(x, y, z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
-
-#define Sigma0_32(x) (ROTR_32(x, 2) ^ ROTR_32(x,13) ^ ROTR_32(x,22))
-#define Sigma1_32(x) (ROTR_32(x, 6) ^ ROTR_32(x,11) ^ ROTR_32(x,25))
-#define sigma0_32(x) (ROTR_32(x, 7) ^ ROTR_32(x,18) ^ SHR(x, 3))
-#define sigma1_32(x) (ROTR_32(x,17) ^ ROTR_32(x,19) ^ SHR(x,10))
-
-#define Sigma0_64(x) (ROTR_64(x,28) ^ ROTR_64(x,34) ^ ROTR_64(x,39))
-#define Sigma1_64(x) (ROTR_64(x,14) ^ ROTR_64(x,18) ^ ROTR_64(x,41))
-#define sigma0_64(x) (ROTR_64(x, 1) ^ ROTR_64(x, 8) ^ SHR(x,7))
-#define sigma1_64(x) (ROTR_64(x,19) ^ ROTR_64(x,61) ^ SHR(x,6))
-
-#define M_32(w0, w14, w9, w1) w0 = sigma1_32(w14) + (w9) + sigma0_32(w1) + (w0);
-#define M_64(w0, w14, w9, w1) w0 = sigma1_64(w14) + (w9) + sigma0_64(w1) + (w0);
-
-#define EXPAND_32           \
-    M_32(w0, w14, w9, w1)   \
-    M_32(w1, w15, w10, w2)  \
-    M_32(w2, w0, w11, w3)   \
-    M_32(w3, w1, w12, w4)   \
-    M_32(w4, w2, w13, w5)   \
-    M_32(w5, w3, w14, w6)   \
-    M_32(w6, w4, w15, w7)   \
-    M_32(w7, w5, w0, w8)    \
-    M_32(w8, w6, w1, w9)    \
-    M_32(w9, w7, w2, w10)   \
-    M_32(w10, w8, w3, w11)  \
-    M_32(w11, w9, w4, w12)  \
-    M_32(w12, w10, w5, w13) \
-    M_32(w13, w11, w6, w14) \
-    M_32(w14, w12, w7, w15) \
-    M_32(w15, w13, w8, w0)
-
-#define EXPAND_64 \
-  M_64(w0 ,w14,w9 ,w1 ) \
-  M_64(w1 ,w15,w10,w2 ) \
-  M_64(w2 ,w0 ,w11,w3 ) \
-  M_64(w3 ,w1 ,w12,w4 ) \
-  M_64(w4 ,w2 ,w13,w5 ) \
-  M_64(w5 ,w3 ,w14,w6 ) \
-  M_64(w6 ,w4 ,w15,w7 ) \
-  M_64(w7 ,w5 ,w0 ,w8 ) \
-  M_64(w8 ,w6 ,w1 ,w9 ) \
-  M_64(w9 ,w7 ,w2 ,w10) \
-  M_64(w10,w8 ,w3 ,w11) \
-  M_64(w11,w9 ,w4 ,w12) \
-  M_64(w12,w10,w5 ,w13) \
-  M_64(w13,w11,w6 ,w14) \
-  M_64(w14,w12,w7 ,w15) \
-  M_64(w15,w13,w8 ,w0 )
-
-#define F_32(w, k)                                   \
-    T1 = h + Sigma1_32(e) + Ch(e, f, g) + (k) + (w); \
-    T2 = Sigma0_32(a) + Maj(a, b, c);                \
-    h = g;                                           \
-    g = f;                                           \
-    f = e;                                           \
-    e = d + T1;                                      \
-    d = c;                                           \
-    c = b;                                           \
-    b = a;                                           \
-    a = T1 + T2;
-
-#define F_64(w,k) \
-    T1 = h + Sigma1_64(e) + Ch(e,f,g) + k + w; \
-    T2 = Sigma0_64(a) + Maj(a,b,c); \
-    h = g; \
-    g = f; \
-    f = e; \
-    e = d + T1; \
-    d = c; \
-    c = b; \
-    b = a; \
-    a = T1 + T2;
-
-static size_t crypto_hashblocks_sha256(uint8_t *statebytes,
-                                       const uint8_t *in, size_t inlen) {
-    uint32_t state[8];
-    uint32_t a;
-    uint32_t b;
-    uint32_t c;
-    uint32_t d;
-    uint32_t e;
-    uint32_t f;
-    uint32_t g;
-    uint32_t h;
-    uint32_t T1;
-    uint32_t T2;
-
-    a = load_bigendian_32(statebytes + 0);
-    state[0] = a;
-    b = load_bigendian_32(statebytes + 4);
-    state[1] = b;
-    c = load_bigendian_32(statebytes + 8);
-    state[2] = c;
-    d = load_bigendian_32(statebytes + 12);
-    state[3] = d;
-    e = load_bigendian_32(statebytes + 16);
-    state[4] = e;
-    f = load_bigendian_32(statebytes + 20);
-    state[5] = f;
-    g = load_bigendian_32(statebytes + 24);
-    state[6] = g;
-    h = load_bigendian_32(statebytes + 28);
-    state[7] = h;
-
-    while (inlen >= 64) {
-        uint32_t w0  = load_bigendian_32(in + 0);
-        uint32_t w1  = load_bigendian_32(in + 4);
-        uint32_t w2  = load_bigendian_32(in + 8);
-        uint32_t w3  = load_bigendian_32(in + 12);
-        uint32_t w4  = load_bigendian_32(in + 16);
-        uint32_t w5  = load_bigendian_32(in + 20);
-        uint32_t w6  = load_bigendian_32(in + 24);
-        uint32_t w7  = load_bigendian_32(in + 28);
-        uint32_t w8  = load_bigendian_32(in + 32);
-        uint32_t w9  = load_bigendian_32(in + 36);
-        uint32_t w10 = load_bigendian_32(in + 40);
-        uint32_t w11 = load_bigendian_32(in + 44);
-        uint32_t w12 = load_bigendian_32(in + 48);
-        uint32_t w13 = load_bigendian_32(in + 52);
-        uint32_t w14 = load_bigendian_32(in + 56);
-        uint32_t w15 = load_bigendian_32(in + 60);
-
-        F_32(w0, 0x428a2f98)
-        F_32(w1, 0x71374491)
-        F_32(w2, 0xb5c0fbcf)
-        F_32(w3, 0xe9b5dba5)
-        F_32(w4, 0x3956c25b)
-        F_32(w5, 0x59f111f1)
-        F_32(w6, 0x923f82a4)
-        F_32(w7, 0xab1c5ed5)
-        F_32(w8, 0xd807aa98)
-        F_32(w9, 0x12835b01)
-        F_32(w10, 0x243185be)
-        F_32(w11, 0x550c7dc3)
-        F_32(w12, 0x72be5d74)
-        F_32(w13, 0x80deb1fe)
-        F_32(w14, 0x9bdc06a7)
-        F_32(w15, 0xc19bf174)
-
-        EXPAND_32
-
-        F_32(w0, 0xe49b69c1)
-        F_32(w1, 0xefbe4786)
-        F_32(w2, 0x0fc19dc6)
-        F_32(w3, 0x240ca1cc)
-        F_32(w4, 0x2de92c6f)
-        F_32(w5, 0x4a7484aa)
-        F_32(w6, 0x5cb0a9dc)
-        F_32(w7, 0x76f988da)
-        F_32(w8, 0x983e5152)
-        F_32(w9, 0xa831c66d)
-        F_32(w10, 0xb00327c8)
-        F_32(w11, 0xbf597fc7)
-        F_32(w12, 0xc6e00bf3)
-        F_32(w13, 0xd5a79147)
-        F_32(w14, 0x06ca6351)
-        F_32(w15, 0x14292967)
-
-        EXPAND_32
-
-        F_32(w0, 0x27b70a85)
-        F_32(w1, 0x2e1b2138)
-        F_32(w2, 0x4d2c6dfc)
-        F_32(w3, 0x53380d13)
-        F_32(w4, 0x650a7354)
-        F_32(w5, 0x766a0abb)
-        F_32(w6, 0x81c2c92e)
-        F_32(w7, 0x92722c85)
-        F_32(w8, 0xa2bfe8a1)
-        F_32(w9, 0xa81a664b)
-        F_32(w10, 0xc24b8b70)
-        F_32(w11, 0xc76c51a3)
-        F_32(w12, 0xd192e819)
-        F_32(w13, 0xd6990624)
-        F_32(w14, 0xf40e3585)
-        F_32(w15, 0x106aa070)
-
-        EXPAND_32
-
-        F_32(w0, 0x19a4c116)
-        F_32(w1, 0x1e376c08)
-        F_32(w2, 0x2748774c)
-        F_32(w3, 0x34b0bcb5)
-        F_32(w4, 0x391c0cb3)
-        F_32(w5, 0x4ed8aa4a)
-        F_32(w6, 0x5b9cca4f)
-        F_32(w7, 0x682e6ff3)
-        F_32(w8, 0x748f82ee)
-        F_32(w9, 0x78a5636f)
-        F_32(w10, 0x84c87814)
-        F_32(w11, 0x8cc70208)
-        F_32(w12, 0x90befffa)
-        F_32(w13, 0xa4506ceb)
-        F_32(w14, 0xbef9a3f7)
-        F_32(w15, 0xc67178f2)
-
-        a += state[0];
-        b += state[1];
-        c += state[2];
-        d += state[3];
-        e += state[4];
-        f += state[5];
-        g += state[6];
-        h += state[7];
-
-        state[0] = a;
-        state[1] = b;
-        state[2] = c;
-        state[3] = d;
-        state[4] = e;
-        state[5] = f;
-        state[6] = g;
-        state[7] = h;
-
-        in += 64;
-        inlen -= 64;
-    }
-
-    store_bigendian_32(statebytes + 0, state[0]);
-    store_bigendian_32(statebytes + 4, state[1]);
-    store_bigendian_32(statebytes + 8, state[2]);
-    store_bigendian_32(statebytes + 12, state[3]);
-    store_bigendian_32(statebytes + 16, state[4]);
-    store_bigendian_32(statebytes + 20, state[5]);
-    store_bigendian_32(statebytes + 24, state[6]);
-    store_bigendian_32(statebytes + 28, state[7]);
-
-    return inlen;
-}
-
-static int crypto_hashblocks_sha512(unsigned char *statebytes,const unsigned char *in,unsigned long long inlen)
-{
-  uint64_t state[8];
-  uint64_t a;
-  uint64_t b;
-  uint64_t c;
-  uint64_t d;
-  uint64_t e;
-  uint64_t f;
-  uint64_t g;
-  uint64_t h;
-  uint64_t T1;
-  uint64_t T2;
-
-  a = load_bigendian_64(statebytes +  0); state[0] = a;
-  b = load_bigendian_64(statebytes +  8); state[1] = b;
-  c = load_bigendian_64(statebytes + 16); state[2] = c;
-  d = load_bigendian_64(statebytes + 24); state[3] = d;
-  e = load_bigendian_64(statebytes + 32); state[4] = e;
-  f = load_bigendian_64(statebytes + 40); state[5] = f;
-  g = load_bigendian_64(statebytes + 48); state[6] = g;
-  h = load_bigendian_64(statebytes + 56); state[7] = h;
-
-  while (inlen >= 128) {
-    uint64_t w0  = load_bigendian_64(in +   0);
-    uint64_t w1  = load_bigendian_64(in +   8);
-    uint64_t w2  = load_bigendian_64(in +  16);
-    uint64_t w3  = load_bigendian_64(in +  24);
-    uint64_t w4  = load_bigendian_64(in +  32);
-    uint64_t w5  = load_bigendian_64(in +  40);
-    uint64_t w6  = load_bigendian_64(in +  48);
-    uint64_t w7  = load_bigendian_64(in +  56);
-    uint64_t w8  = load_bigendian_64(in +  64);
-    uint64_t w9  = load_bigendian_64(in +  72);
-    uint64_t w10 = load_bigendian_64(in +  80);
-    uint64_t w11 = load_bigendian_64(in +  88);
-    uint64_t w12 = load_bigendian_64(in +  96);
-    uint64_t w13 = load_bigendian_64(in + 104);
-    uint64_t w14 = load_bigendian_64(in + 112);
-    uint64_t w15 = load_bigendian_64(in + 120);
-
-    F_64(w0 ,0x428a2f98d728ae22ULL)
-    F_64(w1 ,0x7137449123ef65cdULL)
-    F_64(w2 ,0xb5c0fbcfec4d3b2fULL)
-    F_64(w3 ,0xe9b5dba58189dbbcULL)
-    F_64(w4 ,0x3956c25bf348b538ULL)
-    F_64(w5 ,0x59f111f1b605d019ULL)
-    F_64(w6 ,0x923f82a4af194f9bULL)
-    F_64(w7 ,0xab1c5ed5da6d8118ULL)
-    F_64(w8 ,0xd807aa98a3030242ULL)
-    F_64(w9 ,0x12835b0145706fbeULL)
-    F_64(w10,0x243185be4ee4b28cULL)
-    F_64(w11,0x550c7dc3d5ffb4e2ULL)
-    F_64(w12,0x72be5d74f27b896fULL)
-    F_64(w13,0x80deb1fe3b1696b1ULL)
-    F_64(w14,0x9bdc06a725c71235ULL)
-    F_64(w15,0xc19bf174cf692694ULL)
-
-    EXPAND_64
-
-    F_64(w0 ,0xe49b69c19ef14ad2ULL)
-    F_64(w1 ,0xefbe4786384f25e3ULL)
-    F_64(w2 ,0x0fc19dc68b8cd5b5ULL)
-    F_64(w3 ,0x240ca1cc77ac9c65ULL)
-    F_64(w4 ,0x2de92c6f592b0275ULL)
-    F_64(w5 ,0x4a7484aa6ea6e483ULL)
-    F_64(w6 ,0x5cb0a9dcbd41fbd4ULL)
-    F_64(w7 ,0x76f988da831153b5ULL)
-    F_64(w8 ,0x983e5152ee66dfabULL)
-    F_64(w9 ,0xa831c66d2db43210ULL)
-    F_64(w10,0xb00327c898fb213fULL)
-    F_64(w11,0xbf597fc7beef0ee4ULL)
-    F_64(w12,0xc6e00bf33da88fc2ULL)
-    F_64(w13,0xd5a79147930aa725ULL)
-    F_64(w14,0x06ca6351e003826fULL)
-    F_64(w15,0x142929670a0e6e70ULL)
-
-    EXPAND_64
-
-    F_64(w0 ,0x27b70a8546d22ffcULL)
-    F_64(w1 ,0x2e1b21385c26c926ULL)
-    F_64(w2 ,0x4d2c6dfc5ac42aedULL)
-    F_64(w3 ,0x53380d139d95b3dfULL)
-    F_64(w4 ,0x650a73548baf63deULL)
-    F_64(w5 ,0x766a0abb3c77b2a8ULL)
-    F_64(w6 ,0x81c2c92e47edaee6ULL)
-    F_64(w7 ,0x92722c851482353bULL)
-    F_64(w8 ,0xa2bfe8a14cf10364ULL)
-    F_64(w9 ,0xa81a664bbc423001ULL)
-    F_64(w10,0xc24b8b70d0f89791ULL)
-    F_64(w11,0xc76c51a30654be30ULL)
-    F_64(w12,0xd192e819d6ef5218ULL)
-    F_64(w13,0xd69906245565a910ULL)
-    F_64(w14,0xf40e35855771202aULL)
-    F_64(w15,0x106aa07032bbd1b8ULL)
-
-    EXPAND_64
-
-    F_64(w0 ,0x19a4c116b8d2d0c8ULL)
-    F_64(w1 ,0x1e376c085141ab53ULL)
-    F_64(w2 ,0x2748774cdf8eeb99ULL)
-    F_64(w3 ,0x34b0bcb5e19b48a8ULL)
-    F_64(w4 ,0x391c0cb3c5c95a63ULL)
-    F_64(w5 ,0x4ed8aa4ae3418acbULL)
-    F_64(w6 ,0x5b9cca4f7763e373ULL)
-    F_64(w7 ,0x682e6ff3d6b2b8a3ULL)
-    F_64(w8 ,0x748f82ee5defb2fcULL)
-    F_64(w9 ,0x78a5636f43172f60ULL)
-    F_64(w10,0x84c87814a1f0ab72ULL)
-    F_64(w11,0x8cc702081a6439ecULL)
-    F_64(w12,0x90befffa23631e28ULL)
-    F_64(w13,0xa4506cebde82bde9ULL)
-    F_64(w14,0xbef9a3f7b2c67915ULL)
-    F_64(w15,0xc67178f2e372532bULL)
-
-    EXPAND_64
-
-    F_64(w0 ,0xca273eceea26619cULL)
-    F_64(w1 ,0xd186b8c721c0c207ULL)
-    F_64(w2 ,0xeada7dd6cde0eb1eULL)
-    F_64(w3 ,0xf57d4f7fee6ed178ULL)
-    F_64(w4 ,0x06f067aa72176fbaULL)
-    F_64(w5 ,0x0a637dc5a2c898a6ULL)
-    F_64(w6 ,0x113f9804bef90daeULL)
-    F_64(w7 ,0x1b710b35131c471bULL)
-    F_64(w8 ,0x28db77f523047d84ULL)
-    F_64(w9 ,0x32caab7b40c72493ULL)
-    F_64(w10,0x3c9ebe0a15c9bebcULL)
-    F_64(w11,0x431d67c49c100d4cULL)
-    F_64(w12,0x4cc5d4becb3e42b6ULL)
-    F_64(w13,0x597f299cfc657e2aULL)
-    F_64(w14,0x5fcb6fab3ad6faecULL)
-    F_64(w15,0x6c44198c4a475817ULL)
-
-    a += state[0];
-    b += state[1];
-    c += state[2];
-    d += state[3];
-    e += state[4];
-    f += state[5];
-    g += state[6];
-    h += state[7];
-  
-    state[0] = a;
-    state[1] = b;
-    state[2] = c;
-    state[3] = d;
-    state[4] = e;
-    state[5] = f;
-    state[6] = g;
-    state[7] = h;
-
-    in += 128;
-    inlen -= 128;
-  }
-
-  store_bigendian_64(statebytes +  0,state[0]);
-  store_bigendian_64(statebytes +  8,state[1]);
-  store_bigendian_64(statebytes + 16,state[2]);
-  store_bigendian_64(statebytes + 24,state[3]);
-  store_bigendian_64(statebytes + 32,state[4]);
-  store_bigendian_64(statebytes + 40,state[5]);
-  store_bigendian_64(statebytes + 48,state[6]);
-  store_bigendian_64(statebytes + 56,state[7]);
-
-  return inlen;
-}
-
-
-static const uint8_t iv_256[32] = {
-    0x6a, 0x09, 0xe6, 0x67, 0xbb, 0x67, 0xae, 0x85,
-    0x3c, 0x6e, 0xf3, 0x72, 0xa5, 0x4f, 0xf5, 0x3a,
-    0x51, 0x0e, 0x52, 0x7f, 0x9b, 0x05, 0x68, 0x8c,
-    0x1f, 0x83, 0xd9, 0xab, 0x5b, 0xe0, 0xcd, 0x19
-};
-
-static const uint8_t iv_512[64] = {
-    0x6a, 0x09, 0xe6, 0x67, 0xf3, 0xbc, 0xc9, 0x08, 0xbb, 0x67, 0xae,
-    0x85, 0x84, 0xca, 0xa7, 0x3b, 0x3c, 0x6e, 0xf3, 0x72, 0xfe, 0x94,
-    0xf8, 0x2b, 0xa5, 0x4f, 0xf5, 0x3a, 0x5f, 0x1d, 0x36, 0xf1, 0x51,
-    0x0e, 0x52, 0x7f, 0xad, 0xe6, 0x82, 0xd1, 0x9b, 0x05, 0x68, 0x8c,
-    0x2b, 0x3e, 0x6c, 0x1f, 0x1f, 0x83, 0xd9, 0xab, 0xfb, 0x41, 0xbd,
-    0x6b, 0x5b, 0xe0, 0xcd, 0x19, 0x13, 0x7e, 0x21, 0x79
-};
-
-void sha256_inc_init(uint8_t *state) {
-    for (size_t i = 0; i < 32; ++i) {
-        state[i] = iv_256[i];
-    }
-    for (size_t i = 32; i < 40; ++i) {
-        state[i] = 0;
-    }
-}
-
-void sha512_inc_init(uint8_t *state) {
-    for (size_t i = 0; i < 64; ++i) {
-        state[i] = iv_512[i];
-    }
-    for (size_t i = 64; i < 72; ++i) {
-        state[i] = 0;
-    }
-}
-
-void sha256_inc_blocks(uint8_t *state, const uint8_t *in, size_t inblocks) {
-    uint64_t bytes = load_bigendian_64(state + 32);
-
-    crypto_hashblocks_sha256(state, in, 64 * inblocks);
-    bytes += 64 * inblocks;
-
-    store_bigendian_64(state + 32, bytes);
-}
-
-void sha512_inc_blocks(uint8_t *state, const uint8_t *in, size_t inblocks) {
-    uint64_t bytes = load_bigendian_64(state + 64);
-
-    crypto_hashblocks_sha512(state, in, 128 * inblocks);
-    bytes += 128 * inblocks;
-
-    store_bigendian_64(state + 64, bytes);
-}
-
-void sha256_inc_finalize(uint8_t *out, uint8_t *state, const uint8_t *in, size_t inlen) {
-    uint8_t padded[128];
-    uint64_t bytes = load_bigendian_64(state + 32) + inlen;
-
-    crypto_hashblocks_sha256(state, in, inlen);
-    in += inlen;
-    inlen &= 63;
-    in -= inlen;
-
-    for (size_t i = 0; i < inlen; ++i) {
-        padded[i] = in[i];
-    }
-    padded[inlen] = 0x80;
-
-    if (inlen < 56) {
-        for (size_t i = inlen + 1; i < 56; ++i) {
-            padded[i] = 0;
-        }
-        padded[56] = (uint8_t) (bytes >> 53);
-        padded[57] = (uint8_t) (bytes >> 45);
-        padded[58] = (uint8_t) (bytes >> 37);
-        padded[59] = (uint8_t) (bytes >> 29);
-        padded[60] = (uint8_t) (bytes >> 21);
-        padded[61] = (uint8_t) (bytes >> 13);
-        padded[62] = (uint8_t) (bytes >> 5);
-        padded[63] = (uint8_t) (bytes << 3);
-        crypto_hashblocks_sha256(state, padded, 64);
-    } else {
-        for (size_t i = inlen + 1; i < 120; ++i) {
-            padded[i] = 0;
-        }
-        padded[120] = (uint8_t) (bytes >> 53);
-        padded[121] = (uint8_t) (bytes >> 45);
-        padded[122] = (uint8_t) (bytes >> 37);
-        padded[123] = (uint8_t) (bytes >> 29);
-        padded[124] = (uint8_t) (bytes >> 21);
-        padded[125] = (uint8_t) (bytes >> 13);
-        padded[126] = (uint8_t) (bytes >> 5);
-        padded[127] = (uint8_t) (bytes << 3);
-        crypto_hashblocks_sha256(state, padded, 128);
-    }
-
-    for (size_t i = 0; i < 32; ++i) {
-        out[i] = state[i];
-    }
-
-}
-
-void sha512_inc_finalize(uint8_t *out, uint8_t *state, const uint8_t *in, size_t inlen) {
-    uint8_t padded[256];
-    uint64_t bytes = load_bigendian_64(state + 64) + inlen;
-
-    crypto_hashblocks_sha512(state, in, inlen);
-    in += inlen;
-    inlen &= 127;
-    in -= inlen;
-
-    for (size_t i = 0; i < inlen; ++i) {
-        padded[i] = in[i];
-    }
-    padded[inlen] = 0x80;
-
-    if (inlen < 112) {
-        for (size_t i = inlen + 1; i < 119; ++i) {
-            padded[i] = 0;
-        }
-        padded[119] = (uint8_t) (bytes >> 61);
-        padded[120] = (uint8_t) (bytes >> 53);
-        padded[121] = (uint8_t) (bytes >> 45);
-        padded[122] = (uint8_t) (bytes >> 37);
-        padded[123] = (uint8_t) (bytes >> 29);
-        padded[124] = (uint8_t) (bytes >> 21);
-        padded[125] = (uint8_t) (bytes >> 13);
-        padded[126] = (uint8_t) (bytes >> 5);
-        padded[127] = (uint8_t) (bytes << 3);
-        crypto_hashblocks_sha512(state, padded, 128);
-    } else {
-        for (size_t i = inlen + 1; i < 247; ++i) {
-            padded[i] = 0;
-        }
-        padded[247] = (uint8_t) (bytes >> 61);
-        padded[248] = (uint8_t) (bytes >> 53);
-        padded[249] = (uint8_t) (bytes >> 45);
-        padded[250] = (uint8_t) (bytes >> 37);
-        padded[251] = (uint8_t) (bytes >> 29);
-        padded[252] = (uint8_t) (bytes >> 21);
-        padded[253] = (uint8_t) (bytes >> 13);
-        padded[254] = (uint8_t) (bytes >> 5);
-        padded[255] = (uint8_t) (bytes << 3);
-        crypto_hashblocks_sha512(state, padded, 256);
-    }
-
-    for (size_t i = 0; i < 64; ++i) {
-        out[i] = state[i];
-    }
-}
-
-void sha256(uint8_t *out, const uint8_t *in, size_t inlen) {
-    uint8_t state[40];
-
-    sha256_inc_init(state);
-    sha256_inc_finalize(out, state, in, inlen);
-}
-
-void sha512(uint8_t *out, const uint8_t *in, size_t inlen) {
-    uint8_t state[72];
-
-    sha512_inc_init(state);
-    sha512_inc_finalize(out, state, in, inlen);
-}
-
-/**
- * mgf1 function based on the SHA-256 hash function
- * Note that inlen should be sufficiently small that it still allows for
- * an array to be allocated on the stack. Typically 'in' is merely a seed.
- * Outputs outlen number of bytes
- */
-void mgf1_256(unsigned char *out, unsigned long outlen,
-          const unsigned char *in, unsigned long inlen)
-{
-    SPX_VLA(uint8_t, inbuf, inlen+4);
-    unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES];
-    unsigned long i;
-
-    memcpy(inbuf, in, inlen);
-
-    /* While we can fit in at least another full block of SHA256 output.. */
-    for (i = 0; (i+1)*SPX_SHA256_OUTPUT_BYTES <= outlen; i++) {
-        u32_to_bytes(inbuf + inlen, i);
-        sha256(out, inbuf, inlen + 4);
-        out += SPX_SHA256_OUTPUT_BYTES;
-    }
-    /* Until we cannot anymore, and we fill the remainder. */
-    if (outlen > i*SPX_SHA256_OUTPUT_BYTES) {
-        u32_to_bytes(inbuf + inlen, i);
-        sha256(outbuf, inbuf, inlen + 4);
-        memcpy(out, outbuf, outlen - i*SPX_SHA256_OUTPUT_BYTES);
-    }
-}
-
-/*
- * mgf1 function based on the SHA-512 hash function
- */
-void mgf1_512(unsigned char *out, unsigned long outlen,
-          const unsigned char *in, unsigned long inlen)
-{
-    SPX_VLA(uint8_t, inbuf, inlen+4);
-    unsigned char outbuf[SPX_SHA512_OUTPUT_BYTES];
-    unsigned long i;
-
-    memcpy(inbuf, in, inlen);
-
-    /* While we can fit in at least another full block of SHA512 output.. */
-    for (i = 0; (i+1)*SPX_SHA512_OUTPUT_BYTES <= outlen; i++) {
-        u32_to_bytes(inbuf + inlen, i);
-        sha512(out, inbuf, inlen + 4);
-        out += SPX_SHA512_OUTPUT_BYTES;
-    }
-    /* Until we cannot anymore, and we fill the remainder. */
-    if (outlen > i*SPX_SHA512_OUTPUT_BYTES) {
-        u32_to_bytes(inbuf + inlen, i);
-        sha512(outbuf, inbuf, inlen + 4);
-        memcpy(out, outbuf, outlen - i*SPX_SHA512_OUTPUT_BYTES);
-    }
-}
-
-
-/**
- * Absorb the constant pub_seed using one round of the compression function
- * This initializes state_seeded and state_seeded_512, which can then be
- * reused in thash
- **/
-void seed_state(spx_ctx *ctx) {
-    uint8_t block[SPX_SHA512_BLOCK_BYTES];
-    size_t i;
-
-    for (i = 0; i < SPX_N; ++i) {
-        block[i] = ctx->pub_seed[i];
-    }
-    for (i = SPX_N; i < SPX_SHA512_BLOCK_BYTES; ++i) {
-        block[i] = 0;
-    }
-    /* block has been properly initialized for both SHA-256 and SHA-512 */
-
-    sha256_inc_init(ctx->state_seeded);
-    sha256_inc_blocks(ctx->state_seeded, block, 1);
-#if SPX_SHA512
-    sha512_inc_init(ctx->state_seeded_512);
-    sha512_inc_blocks(ctx->state_seeded_512, block, 1);
-#endif
-}
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/sha2/src/thash_sha2_robust.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/sha2/src/thash_sha2_robust.c
deleted file mode 100644
index 1918bab..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/sha2/src/thash_sha2_robust.c
+++ /dev/null
@@ -1,75 +0,0 @@
-#include <stdint.h>
-#include <string.h>
-
-#include "../../../app/include/address.h"
-#include "../../../app/include/thash.h"
-#include "../../../app/include/params.h"
-#include "../../../app/include/utils.h"
-
-#include "../include/sha2.h"
-
-#if SPX_SHA512
-static void thash_512(unsigned char *out, const unsigned char *in, unsigned int inblocks,
-           const spx_ctx *ctx, uint32_t addr[8]);
-#endif
-
-/**
- * Takes an array of inblocks concatenated arrays of SPX_N bytes.
- */
-void thash(unsigned char *out, const unsigned char *in, unsigned int inblocks,
-           const spx_ctx *ctx, uint32_t addr[8])
-{
-#if SPX_SHA512
-    if (inblocks > 1) {
-	thash_512(out, in, inblocks, ctx, addr);
-        return;
-    }
-#endif
-    unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES];
-    SPX_VLA(uint8_t, bitmask, inblocks * SPX_N);
-    SPX_VLA(uint8_t, buf, SPX_N + SPX_SHA256_OUTPUT_BYTES + inblocks*SPX_N);
-    uint8_t sha2_state[40];
-    unsigned int i;
-
-    memcpy(buf, ctx->pub_seed, SPX_N);
-    memcpy(buf + SPX_N, addr, SPX_SHA256_ADDR_BYTES);
-    mgf1_256(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES);
-
-    /* Retrieve precomputed state containing pub_seed */
-    memcpy(sha2_state, ctx->state_seeded, 40 * sizeof(uint8_t));
-
-    for (i = 0; i < inblocks * SPX_N; i++) {
-        buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i];
-    }
-
-    sha256_inc_finalize(outbuf, sha2_state, buf + SPX_N,
-                        SPX_SHA256_ADDR_BYTES + inblocks*SPX_N);
-    memcpy(out, outbuf, SPX_N);
-}
-
-#if SPX_SHA512
-static void thash_512(unsigned char *out, const unsigned char *in, unsigned int inblocks,
-           const spx_ctx *ctx, uint32_t addr[8])
-{
-    unsigned char outbuf[SPX_SHA512_OUTPUT_BYTES];
-    SPX_VLA(uint8_t, bitmask, inblocks * SPX_N);
-    SPX_VLA(uint8_t, buf, SPX_N + SPX_SHA256_ADDR_BYTES + inblocks*SPX_N);
-    uint8_t sha2_state[72];
-    unsigned int i;
-
-    memcpy(buf, ctx->pub_seed, SPX_N);
-    memcpy(buf + SPX_N, addr, SPX_SHA256_ADDR_BYTES);
-    mgf1_512(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_SHA256_ADDR_BYTES);
-
-    /* Retrieve precomputed state containing pub_seed */
-    memcpy(sha2_state, ctx->state_seeded_512, 72 * sizeof(uint8_t));
-
-    for (i = 0; i < inblocks * SPX_N; i++) {
-        buf[SPX_N + SPX_SHA256_ADDR_BYTES + i] = in[i] ^ bitmask[i];
-    }
-
-    sha512_inc_finalize(outbuf, sha2_state, buf + SPX_N,
-                        SPX_SHA256_ADDR_BYTES + inblocks*SPX_N);
-    memcpy(out, outbuf, SPX_N);
-}
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/sha2/src/thash_sha2_simple.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/sha2/src/thash_sha2_simple.c
deleted file mode 100644
index 7c22884..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/sha2/src/thash_sha2_simple.c
+++ /dev/null
@@ -1,60 +0,0 @@
-#include <stdint.h>
-#include <string.h>
-
-#include "../../../app/include/address.h"
-#include "../../../app/include/params.h"
-#include "../../../app/include/thash.h"
-#include "../../../app/include/utils.h"
-
-#include "../include/sha2.h"
-
-#if SPX_SHA512
-static void thash_512(unsigned char *out, const unsigned char *in, unsigned int inblocks,
-           const spx_ctx *ctx, uint32_t addr[8]);
-#endif
-
-/**
- * Takes an array of inblocks concatenated arrays of SPX_N bytes.
- */
-void thash(unsigned char *out, const unsigned char *in, unsigned int inblocks,
-           const spx_ctx *ctx, uint32_t addr[8])
-{
-#if SPX_SHA512
-    if (inblocks > 1) {
-	thash_512(out, in, inblocks, ctx, addr);
-        return;
-    }
-#endif
-
-    unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES];
-    uint8_t sha2_state[40];
-    SPX_VLA(uint8_t, buf, SPX_SHA256_ADDR_BYTES + inblocks*SPX_N);
-
-    /* Retrieve precomputed state containing pub_seed */
-    memcpy(sha2_state, ctx->state_seeded, 40 * sizeof(uint8_t));
-
-    memcpy(buf, addr, SPX_SHA256_ADDR_BYTES);
-    memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N);
-
-    sha256_inc_finalize(outbuf, sha2_state, buf, SPX_SHA256_ADDR_BYTES + inblocks*SPX_N);
-    memcpy(out, outbuf, SPX_N);
-}
-
-#if SPX_SHA512
-static void thash_512(unsigned char *out, const unsigned char *in, unsigned int inblocks,
-           const spx_ctx *ctx, uint32_t addr[8])
-{
-    unsigned char outbuf[SPX_SHA512_OUTPUT_BYTES];
-    uint8_t sha2_state[72];
-    SPX_VLA(uint8_t, buf, SPX_SHA256_ADDR_BYTES + inblocks*SPX_N);
-
-    /* Retrieve precomputed state containing pub_seed */
-    memcpy(sha2_state, ctx->state_seeded_512, 72 * sizeof(uint8_t));
-
-    memcpy(buf, addr, SPX_SHA256_ADDR_BYTES);
-    memcpy(buf + SPX_SHA256_ADDR_BYTES, in, inblocks * SPX_N);
-
-    sha512_inc_finalize(outbuf, sha2_state, buf, SPX_SHA256_ADDR_BYTES + inblocks*SPX_N);
-    memcpy(out, outbuf, SPX_N);
-}
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/shake/CMakeLists.txt b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/shake/CMakeLists.txt
deleted file mode 100644
index 1ccfe5b..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/shake/CMakeLists.txt
+++ /dev/null
@@ -1,11 +0,0 @@
-set(SHAKE_SOURCES
-    src/fips202.c
-    src/hash_shake.c
-    src/thash_shake_${THASH}.c
-)
-
-set(PARAMS "sphincs-shake-${SECPAR}")
-set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DPARAMS=${PARAMS}")
-
-add_library(shake SHARED ${SHAKE_SOURCES})
-target_include_directories(shake PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/include)
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/shake/include/fips202.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/shake/include/fips202.h
deleted file mode 100644
index e11cb7f..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/shake/include/fips202.h
+++ /dev/null
@@ -1,47 +0,0 @@
-#ifndef SPX_FIPS202_H
-#define SPX_FIPS202_H
-
-#include <stddef.h>
-#include <stdint.h>
-
-#define SHAKE128_RATE 168
-#define SHAKE256_RATE 136
-#define SHA3_256_RATE 136
-#define SHA3_512_RATE 72
-
-void shake128_absorb(uint64_t *s, const uint8_t *input, size_t inlen);
-
-void shake128_squeezeblocks(uint8_t *output, size_t nblocks, uint64_t *s);
-
-void shake128_inc_init(uint64_t *s_inc);
-void shake128_inc_absorb(uint64_t *s_inc, const uint8_t *input, size_t inlen);
-void shake128_inc_finalize(uint64_t *s_inc);
-void shake128_inc_squeeze(uint8_t *output, size_t outlen, uint64_t *s_inc);
-
-void shake256_absorb(uint64_t *s, const uint8_t *input, size_t inlen);
-void shake256_squeezeblocks(uint8_t *output, size_t nblocks, uint64_t *s);
-
-void shake256_inc_init(uint64_t *s_inc);
-void shake256_inc_absorb(uint64_t *s_inc, const uint8_t *input, size_t inlen);
-void shake256_inc_finalize(uint64_t *s_inc);
-void shake256_inc_squeeze(uint8_t *output, size_t outlen, uint64_t *s_inc);
-
-void shake128(uint8_t *output, size_t outlen,
-              const uint8_t *input, size_t inlen);
-
-void shake256(uint8_t *output, size_t outlen,
-              const uint8_t *input, size_t inlen);
-
-void sha3_256_inc_init(uint64_t *s_inc);
-void sha3_256_inc_absorb(uint64_t *s_inc, const uint8_t *input, size_t inlen);
-void sha3_256_inc_finalize(uint8_t *output, uint64_t *s_inc);
-
-void sha3_256(uint8_t *output, const uint8_t *input, size_t inlen);
-
-void sha3_512_inc_init(uint64_t *s_inc);
-void sha3_512_inc_absorb(uint64_t *s_inc, const uint8_t *input, size_t inlen);
-void sha3_512_inc_finalize(uint8_t *output, uint64_t *s_inc);
-
-void sha3_512(uint8_t *output, const uint8_t *input, size_t inlen);
-
-#endif
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/shake/include/shake_offsets.h b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/shake/include/shake_offsets.h
deleted file mode 100644
index 0407bdf..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/shake/include/shake_offsets.h
+++ /dev/null
@@ -1,20 +0,0 @@
-#if !defined( SHAKE_OFFSETS_H_ )
-#define SHAKE_OFFSETS_H_
-
-/*
- * Offsets of various fields in the address structure when we use SHAKE as
- * the Sphincs+ hash function
- */
-
-#define SPX_OFFSET_LAYER     3   /* The byte used to specify the Merkle tree layer */
-#define SPX_OFFSET_TREE      8   /* The start of the 8 byte field used to specify the tree */
-#define SPX_OFFSET_TYPE      19  /* The byte used to specify the hash type (reason) */
-#define SPX_OFFSET_KP_ADDR   20  /* The start of the 4 byte field used to specify the key pair address */ 
-#define SPX_OFFSET_CHAIN_ADDR 27  /* The byte used to specify the chain address (which Winternitz chain) */
-#define SPX_OFFSET_HASH_ADDR 31  /* The byte used to specify the hash address (where in the Winternitz chain) */
-#define SPX_OFFSET_TREE_HGT  27  /* The byte used to specify the height of this node in the FORS or Merkle tree */
-#define SPX_OFFSET_TREE_INDEX 28 /* The start of the 4 byte field used to specify the node in the FORS or Merkle tree */
-
-#define SPX_SHAKE 1
-
-#endif /* SHAKE_OFFSETS_H_ */
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/shake/src/fips202.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/shake/src/fips202.c
deleted file mode 100644
index 3e73f09..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/shake/src/fips202.c
+++ /dev/null
@@ -1,598 +0,0 @@
-/* Based on the public domain implementation in
- * crypto_hash/keccakc512/simple/ from http://bench.cr.yp.to/supercop.html
- * by Ronny Van Keer
- * and the public domain "TweetFips202" implementation
- * from https://twitter.com/tweetfips202
- * by Gilles Van Assche, Daniel J. Bernstein, and Peter Schwabe */
-
-#include <stddef.h>
-#include <stdint.h>
-
-#include "../include/fips202.h"
-
-#define NROUNDS 24
-#define ROL(a, offset) (((a) << (offset)) ^ ((a) >> (64 - (offset))))
-
-/*************************************************
- * Name:        load64
- *
- * Description: Load 8 bytes into uint64_t in little-endian order
- *
- * Arguments:   - const uint8_t *x: pointer to input byte array
- *
- * Returns the loaded 64-bit unsigned integer
- **************************************************/
-static uint64_t load64(const uint8_t *x) {
-    uint64_t r = 0;
-    for (size_t i = 0; i < 8; ++i) {
-        r |= (uint64_t)x[i] << 8 * i;
-    }
-
-    return r;
-}
-
-/*************************************************
- * Name:        store64
- *
- * Description: Store a 64-bit integer to a byte array in little-endian order
- *
- * Arguments:   - uint8_t *x: pointer to the output byte array
- *              - uint64_t u: input 64-bit unsigned integer
- **************************************************/
-static void store64(uint8_t *x, uint64_t u) {
-    for (size_t i = 0; i < 8; ++i) {
-        x[i] = (uint8_t) (u >> 8 * i);
-    }
-}
-
-/* Keccak round constants */
-static const uint64_t KeccakF_RoundConstants[NROUNDS] = {
-    0x0000000000000001ULL, 0x0000000000008082ULL,
-    0x800000000000808aULL, 0x8000000080008000ULL,
-    0x000000000000808bULL, 0x0000000080000001ULL,
-    0x8000000080008081ULL, 0x8000000000008009ULL,
-    0x000000000000008aULL, 0x0000000000000088ULL,
-    0x0000000080008009ULL, 0x000000008000000aULL,
-    0x000000008000808bULL, 0x800000000000008bULL,
-    0x8000000000008089ULL, 0x8000000000008003ULL,
-    0x8000000000008002ULL, 0x8000000000000080ULL,
-    0x000000000000800aULL, 0x800000008000000aULL,
-    0x8000000080008081ULL, 0x8000000000008080ULL,
-    0x0000000080000001ULL, 0x8000000080008008ULL
-};
-
-/*************************************************
- * Name:        KeccakF1600_StatePermute
- *
- * Description: The Keccak F1600 Permutation
- *
- * Arguments:   - uint64_t *state: pointer to input/output Keccak state
- **************************************************/
-static void KeccakF1600_StatePermute(uint64_t *state) {
-    int round;
-
-    uint64_t Aba, Abe, Abi, Abo, Abu;
-    uint64_t Aga, Age, Agi, Ago, Agu;
-    uint64_t Aka, Ake, Aki, Ako, Aku;
-    uint64_t Ama, Ame, Ami, Amo, Amu;
-    uint64_t Asa, Ase, Asi, Aso, Asu;
-    uint64_t BCa, BCe, BCi, BCo, BCu;
-    uint64_t Da, De, Di, Do, Du;
-    uint64_t Eba, Ebe, Ebi, Ebo, Ebu;
-    uint64_t Ega, Ege, Egi, Ego, Egu;
-    uint64_t Eka, Eke, Eki, Eko, Eku;
-    uint64_t Ema, Eme, Emi, Emo, Emu;
-    uint64_t Esa, Ese, Esi, Eso, Esu;
-
-    // copyFromState(A, state)
-    Aba = state[0];
-    Abe = state[1];
-    Abi = state[2];
-    Abo = state[3];
-    Abu = state[4];
-    Aga = state[5];
-    Age = state[6];
-    Agi = state[7];
-    Ago = state[8];
-    Agu = state[9];
-    Aka = state[10];
-    Ake = state[11];
-    Aki = state[12];
-    Ako = state[13];
-    Aku = state[14];
-    Ama = state[15];
-    Ame = state[16];
-    Ami = state[17];
-    Amo = state[18];
-    Amu = state[19];
-    Asa = state[20];
-    Ase = state[21];
-    Asi = state[22];
-    Aso = state[23];
-    Asu = state[24];
-
-    for (round = 0; round < NROUNDS; round += 2) {
-        //    prepareTheta
-        BCa = Aba ^ Aga ^ Aka ^ Ama ^ Asa;
-        BCe = Abe ^ Age ^ Ake ^ Ame ^ Ase;
-        BCi = Abi ^ Agi ^ Aki ^ Ami ^ Asi;
-        BCo = Abo ^ Ago ^ Ako ^ Amo ^ Aso;
-        BCu = Abu ^ Agu ^ Aku ^ Amu ^ Asu;
-
-        // thetaRhoPiChiIotaPrepareTheta(round  , A, E)
-        Da = BCu ^ ROL(BCe, 1);
-        De = BCa ^ ROL(BCi, 1);
-        Di = BCe ^ ROL(BCo, 1);
-        Do = BCi ^ ROL(BCu, 1);
-        Du = BCo ^ ROL(BCa, 1);
-
-        Aba ^= Da;
-        BCa = Aba;
-        Age ^= De;
-        BCe = ROL(Age, 44);
-        Aki ^= Di;
-        BCi = ROL(Aki, 43);
-        Amo ^= Do;
-        BCo = ROL(Amo, 21);
-        Asu ^= Du;
-        BCu = ROL(Asu, 14);
-        Eba = BCa ^ ((~BCe) & BCi);
-        Eba ^= KeccakF_RoundConstants[round];
-        Ebe = BCe ^ ((~BCi) & BCo);
-        Ebi = BCi ^ ((~BCo) & BCu);
-        Ebo = BCo ^ ((~BCu) & BCa);
-        Ebu = BCu ^ ((~BCa) & BCe);
-
-        Abo ^= Do;
-        BCa = ROL(Abo, 28);
-        Agu ^= Du;
-        BCe = ROL(Agu, 20);
-        Aka ^= Da;
-        BCi = ROL(Aka, 3);
-        Ame ^= De;
-        BCo = ROL(Ame, 45);
-        Asi ^= Di;
-        BCu = ROL(Asi, 61);
-        Ega = BCa ^ ((~BCe) & BCi);
-        Ege = BCe ^ ((~BCi) & BCo);
-        Egi = BCi ^ ((~BCo) & BCu);
-        Ego = BCo ^ ((~BCu) & BCa);
-        Egu = BCu ^ ((~BCa) & BCe);
-
-        Abe ^= De;
-        BCa = ROL(Abe, 1);
-        Agi ^= Di;
-        BCe = ROL(Agi, 6);
-        Ako ^= Do;
-        BCi = ROL(Ako, 25);
-        Amu ^= Du;
-        BCo = ROL(Amu, 8);
-        Asa ^= Da;
-        BCu = ROL(Asa, 18);
-        Eka = BCa ^ ((~BCe) & BCi);
-        Eke = BCe ^ ((~BCi) & BCo);
-        Eki = BCi ^ ((~BCo) & BCu);
-        Eko = BCo ^ ((~BCu) & BCa);
-        Eku = BCu ^ ((~BCa) & BCe);
-
-        Abu ^= Du;
-        BCa = ROL(Abu, 27);
-        Aga ^= Da;
-        BCe = ROL(Aga, 36);
-        Ake ^= De;
-        BCi = ROL(Ake, 10);
-        Ami ^= Di;
-        BCo = ROL(Ami, 15);
-        Aso ^= Do;
-        BCu = ROL(Aso, 56);
-        Ema = BCa ^ ((~BCe) & BCi);
-        Eme = BCe ^ ((~BCi) & BCo);
-        Emi = BCi ^ ((~BCo) & BCu);
-        Emo = BCo ^ ((~BCu) & BCa);
-        Emu = BCu ^ ((~BCa) & BCe);
-
-        Abi ^= Di;
-        BCa = ROL(Abi, 62);
-        Ago ^= Do;
-        BCe = ROL(Ago, 55);
-        Aku ^= Du;
-        BCi = ROL(Aku, 39);
-        Ama ^= Da;
-        BCo = ROL(Ama, 41);
-        Ase ^= De;
-        BCu = ROL(Ase, 2);
-        Esa = BCa ^ ((~BCe) & BCi);
-        Ese = BCe ^ ((~BCi) & BCo);
-        Esi = BCi ^ ((~BCo) & BCu);
-        Eso = BCo ^ ((~BCu) & BCa);
-        Esu = BCu ^ ((~BCa) & BCe);
-
-        //    prepareTheta
-        BCa = Eba ^ Ega ^ Eka ^ Ema ^ Esa;
-        BCe = Ebe ^ Ege ^ Eke ^ Eme ^ Ese;
-        BCi = Ebi ^ Egi ^ Eki ^ Emi ^ Esi;
-        BCo = Ebo ^ Ego ^ Eko ^ Emo ^ Eso;
-        BCu = Ebu ^ Egu ^ Eku ^ Emu ^ Esu;
-
-        // thetaRhoPiChiIotaPrepareTheta(round+1, E, A)
-        Da = BCu ^ ROL(BCe, 1);
-        De = BCa ^ ROL(BCi, 1);
-        Di = BCe ^ ROL(BCo, 1);
-        Do = BCi ^ ROL(BCu, 1);
-        Du = BCo ^ ROL(BCa, 1);
-
-        Eba ^= Da;
-        BCa = Eba;
-        Ege ^= De;
-        BCe = ROL(Ege, 44);
-        Eki ^= Di;
-        BCi = ROL(Eki, 43);
-        Emo ^= Do;
-        BCo = ROL(Emo, 21);
-        Esu ^= Du;
-        BCu = ROL(Esu, 14);
-        Aba = BCa ^ ((~BCe) & BCi);
-        Aba ^= KeccakF_RoundConstants[round + 1];
-        Abe = BCe ^ ((~BCi) & BCo);
-        Abi = BCi ^ ((~BCo) & BCu);
-        Abo = BCo ^ ((~BCu) & BCa);
-        Abu = BCu ^ ((~BCa) & BCe);
-
-        Ebo ^= Do;
-        BCa = ROL(Ebo, 28);
-        Egu ^= Du;
-        BCe = ROL(Egu, 20);
-        Eka ^= Da;
-        BCi = ROL(Eka, 3);
-        Eme ^= De;
-        BCo = ROL(Eme, 45);
-        Esi ^= Di;
-        BCu = ROL(Esi, 61);
-        Aga = BCa ^ ((~BCe) & BCi);
-        Age = BCe ^ ((~BCi) & BCo);
-        Agi = BCi ^ ((~BCo) & BCu);
-        Ago = BCo ^ ((~BCu) & BCa);
-        Agu = BCu ^ ((~BCa) & BCe);
-
-        Ebe ^= De;
-        BCa = ROL(Ebe, 1);
-        Egi ^= Di;
-        BCe = ROL(Egi, 6);
-        Eko ^= Do;
-        BCi = ROL(Eko, 25);
-        Emu ^= Du;
-        BCo = ROL(Emu, 8);
-        Esa ^= Da;
-        BCu = ROL(Esa, 18);
-        Aka = BCa ^ ((~BCe) & BCi);
-        Ake = BCe ^ ((~BCi) & BCo);
-        Aki = BCi ^ ((~BCo) & BCu);
-        Ako = BCo ^ ((~BCu) & BCa);
-        Aku = BCu ^ ((~BCa) & BCe);
-
-        Ebu ^= Du;
-        BCa = ROL(Ebu, 27);
-        Ega ^= Da;
-        BCe = ROL(Ega, 36);
-        Eke ^= De;
-        BCi = ROL(Eke, 10);
-        Emi ^= Di;
-        BCo = ROL(Emi, 15);
-        Eso ^= Do;
-        BCu = ROL(Eso, 56);
-        Ama = BCa ^ ((~BCe) & BCi);
-        Ame = BCe ^ ((~BCi) & BCo);
-        Ami = BCi ^ ((~BCo) & BCu);
-        Amo = BCo ^ ((~BCu) & BCa);
-        Amu = BCu ^ ((~BCa) & BCe);
-
-        Ebi ^= Di;
-        BCa = ROL(Ebi, 62);
-        Ego ^= Do;
-        BCe = ROL(Ego, 55);
-        Eku ^= Du;
-        BCi = ROL(Eku, 39);
-        Ema ^= Da;
-        BCo = ROL(Ema, 41);
-        Ese ^= De;
-        BCu = ROL(Ese, 2);
-        Asa = BCa ^ ((~BCe) & BCi);
-        Ase = BCe ^ ((~BCi) & BCo);
-        Asi = BCi ^ ((~BCo) & BCu);
-        Aso = BCo ^ ((~BCu) & BCa);
-        Asu = BCu ^ ((~BCa) & BCe);
-    }
-
-    // copyToState(state, A)
-    state[0] = Aba;
-    state[1] = Abe;
-    state[2] = Abi;
-    state[3] = Abo;
-    state[4] = Abu;
-    state[5] = Aga;
-    state[6] = Age;
-    state[7] = Agi;
-    state[8] = Ago;
-    state[9] = Agu;
-    state[10] = Aka;
-    state[11] = Ake;
-    state[12] = Aki;
-    state[13] = Ako;
-    state[14] = Aku;
-    state[15] = Ama;
-    state[16] = Ame;
-    state[17] = Ami;
-    state[18] = Amo;
-    state[19] = Amu;
-    state[20] = Asa;
-    state[21] = Ase;
-    state[22] = Asi;
-    state[23] = Aso;
-    state[24] = Asu;
-}
-
-/*************************************************
- * Name:        keccak_absorb
- *
- * Description: Absorb step of Keccak;
- *              non-incremental, starts by zeroeing the state.
- *
- * Arguments:   - uint64_t *s: pointer to (uninitialized) output Keccak state
- *              - uint32_t r: rate in bytes (e.g., 168 for SHAKE128)
- *              - const uint8_t *m: pointer to input to be absorbed into s
- *              - size_t mlen: length of input in bytes
- *              - uint8_t p: domain-separation byte for different
- *                                 Keccak-derived functions
- **************************************************/
-static void keccak_absorb(uint64_t *s, uint32_t r, const uint8_t *m,
-                          size_t mlen, uint8_t p) {
-    size_t i;
-    uint8_t t[200];
-
-    /* Zero state */
-    for (i = 0; i < 25; ++i) {
-        s[i] = 0;
-    }
-
-    while (mlen >= r) {
-        for (i = 0; i < r / 8; ++i) {
-            s[i] ^= load64(m + 8 * i);
-        }
-
-        KeccakF1600_StatePermute(s);
-        mlen -= r;
-        m += r;
-    }
-
-    for (i = 0; i < r; ++i) {
-        t[i] = 0;
-    }
-    for (i = 0; i < mlen; ++i) {
-        t[i] = m[i];
-    }
-    t[i] = p;
-    t[r - 1] |= 128;
-    for (i = 0; i < r / 8; ++i) {
-        s[i] ^= load64(t + 8 * i);
-    }
-}
-
-/*************************************************
- * Name:        keccak_squeezeblocks
- *
- * Description: Squeeze step of Keccak. Squeezes full blocks of r bytes each.
- *              Modifies the state. Can be called multiple times to keep
- *              squeezing, i.e., is incremental.
- *
- * Arguments:   - uint8_t *h: pointer to output blocks
- *              - size_t nblocks: number of blocks to be
- *                                                squeezed (written to h)
- *              - uint64_t *s: pointer to input/output Keccak state
- *              - uint32_t r: rate in bytes (e.g., 168 for SHAKE128)
- **************************************************/
-static void keccak_squeezeblocks(uint8_t *h, size_t nblocks,
-                                 uint64_t *s, uint32_t r) {
-    while (nblocks > 0) {
-        KeccakF1600_StatePermute(s);
-        for (size_t i = 0; i < (r >> 3); i++) {
-            store64(h + 8 * i, s[i]);
-        }
-        h += r;
-        nblocks--;
-    }
-}
-
-/*************************************************
- * Name:        keccak_inc_init
- *
- * Description: Initializes the incremental Keccak state to zero.
- *
- * Arguments:   - uint64_t *s_inc: pointer to input/output incremental state
- *                First 25 values represent Keccak state.
- *                26th value represents either the number of absorbed bytes
- *                that have not been permuted, or not-yet-squeezed bytes.
- **************************************************/
-static void keccak_inc_init(uint64_t *s_inc) {
-    size_t i;
-
-    for (i = 0; i < 25; ++i) {
-        s_inc[i] = 0;
-    }
-    s_inc[25] = 0;
-}
-
-/*************************************************
- * Name:        keccak_inc_absorb
- *
- * Description: Incremental keccak absorb
- *              Preceded by keccak_inc_init, succeeded by keccak_inc_finalize
- *
- * Arguments:   - uint64_t *s_inc: pointer to input/output incremental state
- *                First 25 values represent Keccak state.
- *                26th value represents either the number of absorbed bytes
- *                that have not been permuted, or not-yet-squeezed bytes.
- *              - uint32_t r: rate in bytes (e.g., 168 for SHAKE128)
- *              - const uint8_t *m: pointer to input to be absorbed into s
- *              - size_t mlen: length of input in bytes
- **************************************************/
-static void keccak_inc_absorb(uint64_t *s_inc, uint32_t r, const uint8_t *m,
-                              size_t mlen) {
-    size_t i;
-
-    /* Recall that s_inc[25] is the non-absorbed bytes xored into the state */
-    while (mlen + s_inc[25] >= r) {
-        for (i = 0; i < r - s_inc[25]; i++) {
-            /* Take the i'th byte from message
-               xor with the s_inc[25] + i'th byte of the state; little-endian */
-            s_inc[(s_inc[25] + i) >> 3] ^= (uint64_t)m[i] << (8 * ((s_inc[25] + i) & 0x07));
-        }
-        mlen -= (size_t)(r - s_inc[25]);
-        m += r - s_inc[25];
-        s_inc[25] = 0;
-
-        KeccakF1600_StatePermute(s_inc);
-    }
-
-    for (i = 0; i < mlen; i++) {
-        s_inc[(s_inc[25] + i) >> 3] ^= (uint64_t)m[i] << (8 * ((s_inc[25] + i) & 0x07));
-    }
-    s_inc[25] += mlen;
-}
-
-/*************************************************
- * Name:        keccak_inc_finalize
- *
- * Description: Finalizes Keccak absorb phase, prepares for squeezing
- *
- * Arguments:   - uint64_t *s_inc: pointer to input/output incremental state
- *                First 25 values represent Keccak state.
- *                26th value represents either the number of absorbed bytes
- *                that have not been permuted, or not-yet-squeezed bytes.
- *              - uint32_t r: rate in bytes (e.g., 168 for SHAKE128)
- *              - uint8_t p: domain-separation byte for different
- *                                 Keccak-derived functions
- **************************************************/
-static void keccak_inc_finalize(uint64_t *s_inc, uint32_t r, uint8_t p) {
-    /* After keccak_inc_absorb, we are guaranteed that s_inc[25] < r,
-       so we can always use one more byte for p in the current state. */
-    s_inc[s_inc[25] >> 3] ^= (uint64_t)p << (8 * (s_inc[25] & 0x07));
-    s_inc[(r - 1) >> 3] ^= (uint64_t)128 << (8 * ((r - 1) & 0x07));
-    s_inc[25] = 0;
-}
-
-/*************************************************
- * Name:        keccak_inc_squeeze
- *
- * Description: Incremental Keccak squeeze; can be called on byte-level
- *
- * Arguments:   - uint8_t *h: pointer to output bytes
- *              - size_t outlen: number of bytes to be squeezed
- *              - uint64_t *s_inc: pointer to input/output incremental state
- *                First 25 values represent Keccak state.
- *                26th value represents either the number of absorbed bytes
- *                that have not been permuted, or not-yet-squeezed bytes.
- *              - uint32_t r: rate in bytes (e.g., 168 for SHAKE128)
- **************************************************/
-static void keccak_inc_squeeze(uint8_t *h, size_t outlen,
-                               uint64_t *s_inc, uint32_t r) {
-    size_t i;
-
-    /* First consume any bytes we still have sitting around */
-    for (i = 0; i < outlen && i < s_inc[25]; i++) {
-        /* There are s_inc[25] bytes left, so r - s_inc[25] is the first
-           available byte. We consume from there, i.e., up to r. */
-        h[i] = (uint8_t)(s_inc[(r - s_inc[25] + i) >> 3] >> (8 * ((r - s_inc[25] + i) & 0x07)));
-    }
-    h += i;
-    outlen -= i;
-    s_inc[25] -= i;
-
-    /* Then squeeze the remaining necessary blocks */
-    while (outlen > 0) {
-        KeccakF1600_StatePermute(s_inc);
-
-        for (i = 0; i < outlen && i < r; i++) {
-            h[i] = (uint8_t)(s_inc[i >> 3] >> (8 * (i & 0x07)));
-        }
-        h += i;
-        outlen -= i;
-        s_inc[25] = r - i;
-    }
-}
-
-void shake256_inc_init(uint64_t *s_inc) {
-    keccak_inc_init(s_inc);
-}
-
-void shake256_inc_absorb(uint64_t *s_inc, const uint8_t *input, size_t inlen) {
-    keccak_inc_absorb(s_inc, SHAKE256_RATE, input, inlen);
-}
-
-void shake256_inc_finalize(uint64_t *s_inc) {
-    keccak_inc_finalize(s_inc, SHAKE256_RATE, 0x1F);
-}
-
-void shake256_inc_squeeze(uint8_t *output, size_t outlen, uint64_t *s_inc) {
-    keccak_inc_squeeze(output, outlen, s_inc, SHAKE256_RATE);
-}
-
-/*************************************************
- * Name:        shake256_absorb
- *
- * Description: Absorb step of the SHAKE256 XOF.
- *              non-incremental, starts by zeroeing the state.
- *
- * Arguments:   - uint64_t *s: pointer to (uninitialized) output Keccak state
- *              - const uint8_t *input: pointer to input to be absorbed
- *                                            into s
- *              - size_t inlen: length of input in bytes
- **************************************************/
-void shake256_absorb(uint64_t *s, const uint8_t *input, size_t inlen) {
-    keccak_absorb(s, SHAKE256_RATE, input, inlen, 0x1F);
-}
-
-/*************************************************
- * Name:        shake256_squeezeblocks
- *
- * Description: Squeeze step of SHAKE256 XOF. Squeezes full blocks of
- *              SHAKE256_RATE bytes each. Modifies the state. Can be called
- *              multiple times to keep squeezing, i.e., is incremental.
- *
- * Arguments:   - uint8_t *output: pointer to output blocks
- *              - size_t nblocks: number of blocks to be squeezed
- *                                (written to output)
- *              - uint64_t *s: pointer to input/output Keccak state
- **************************************************/
-void shake256_squeezeblocks(uint8_t *output, size_t nblocks, uint64_t *s) {
-    keccak_squeezeblocks(output, nblocks, s, SHAKE256_RATE);
-}
-
-/*************************************************
- * Name:        shake256
- *
- * Description: SHAKE256 XOF with non-incremental API
- *
- * Arguments:   - uint8_t *output: pointer to output
- *              - size_t outlen: requested output length in bytes
- *              - const uint8_t *input: pointer to input
- *              - size_t inlen: length of input in bytes
- **************************************************/
-void shake256(uint8_t *output, size_t outlen,
-              const uint8_t *input, size_t inlen) {
-    size_t nblocks = outlen / SHAKE256_RATE;
-    uint8_t t[SHAKE256_RATE];
-    uint64_t s[25];
-
-    shake256_absorb(s, input, inlen);
-    shake256_squeezeblocks(output, nblocks, s);
-
-    output += nblocks * SHAKE256_RATE;
-    outlen -= nblocks * SHAKE256_RATE;
-
-    if (outlen) {
-        shake256_squeezeblocks(t, 1, s);
-        for (size_t i = 0; i < outlen; ++i) {
-            output[i] = t[i];
-        }
-    }
-}
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/shake/src/hash_shake.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/shake/src/hash_shake.c
deleted file mode 100644
index 87e8992..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/shake/src/hash_shake.c
+++ /dev/null
@@ -1,98 +0,0 @@
-#include <stdint.h>
-#include <string.h>
-
-#include "../../../app/include/address.h"
-#include "../../../app/include/hash.h"
-#include "../../../app/include/params.h"
-#include "../../../app/include/utils.h"
-
-#include "../include/fips202.h"
-
-/* For SHAKE256, there is no immediate reason to initialize at the start,
-   so this function is an empty operation. */
-void initialize_hash_function(spx_ctx* ctx)
-{
-    (void)ctx; /* Suppress an 'unused parameter' warning. */
-}
-
-/*
- * Computes PRF(pk_seed, sk_seed, addr)
- */
-void prf_addr(unsigned char *out, const spx_ctx *ctx,
-              const uint32_t addr[8])
-{
-    unsigned char buf[2*SPX_N + SPX_ADDR_BYTES];
-
-    memcpy(buf, ctx->pub_seed, SPX_N);
-    memcpy(buf + SPX_N, addr, SPX_ADDR_BYTES);
-    memcpy(buf + SPX_N + SPX_ADDR_BYTES, ctx->sk_seed, SPX_N);
-
-    shake256(out, SPX_N, buf, 2*SPX_N + SPX_ADDR_BYTES);
-}
-
-/**
- * Computes the message-dependent randomness R, using a secret seed and an
- * optional randomization value as well as the message.
- */
-void gen_message_random(unsigned char *R, const unsigned char *sk_prf,
-                        const unsigned char *optrand,
-                        const unsigned char *m, unsigned long long mlen,
-                        const spx_ctx *ctx)
-{
-    (void)ctx;
-    uint64_t s_inc[26];
-
-    shake256_inc_init(s_inc);
-    shake256_inc_absorb(s_inc, sk_prf, SPX_N);
-    shake256_inc_absorb(s_inc, optrand, SPX_N);
-    shake256_inc_absorb(s_inc, m, mlen);
-    shake256_inc_finalize(s_inc);
-    shake256_inc_squeeze(R, SPX_N, s_inc);
-}
-
-/**
- * Computes the message hash using R, the public key, and the message.
- * Outputs the message digest and the index of the leaf. The index is split in
- * the tree index and the leaf index, for convenient copying to an address.
- */
-void hash_message(unsigned char *digest, uint64_t *tree, uint32_t *leaf_idx,
-                  const unsigned char *R, const unsigned char *pk,
-                  const unsigned char *m, unsigned long long mlen,
-                  const spx_ctx *ctx)
-{
-    (void)ctx;
-#define SPX_TREE_BITS (SPX_TREE_HEIGHT * (SPX_D - 1))
-#define SPX_TREE_BYTES ((SPX_TREE_BITS + 7) / 8)
-#define SPX_LEAF_BITS SPX_TREE_HEIGHT
-#define SPX_LEAF_BYTES ((SPX_LEAF_BITS + 7) / 8)
-#define SPX_DGST_BYTES (SPX_FORS_MSG_BYTES + SPX_TREE_BYTES + SPX_LEAF_BYTES)
-
-    unsigned char buf[SPX_DGST_BYTES];
-    unsigned char *bufp = buf;
-    uint64_t s_inc[26];
-
-    shake256_inc_init(s_inc);
-    shake256_inc_absorb(s_inc, R, SPX_N);
-    shake256_inc_absorb(s_inc, pk, SPX_PK_BYTES);
-    shake256_inc_absorb(s_inc, m, mlen);
-    shake256_inc_finalize(s_inc);
-    shake256_inc_squeeze(buf, SPX_DGST_BYTES, s_inc);
-
-    memcpy(digest, bufp, SPX_FORS_MSG_BYTES);
-    bufp += SPX_FORS_MSG_BYTES;
-
-#if SPX_TREE_BITS > 64
-    #error For given height and depth, 64 bits cannot represent all subtrees
-#endif
-
-    if (SPX_D == 1) {
-        *tree = 0;
-    } else {
-        *tree = bytes_to_ull(bufp, SPX_TREE_BYTES);
-        *tree &= (~(uint64_t)0) >> (64 - SPX_TREE_BITS);
-    }
-    bufp += SPX_TREE_BYTES;
-
-    *leaf_idx = (uint32_t)bytes_to_ull(bufp, SPX_LEAF_BYTES);
-    *leaf_idx &= (~(uint32_t)0) >> (32 - SPX_LEAF_BITS);
-}
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/shake/src/thash_shake_robust.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/shake/src/thash_shake_robust.c
deleted file mode 100644
index fb22444..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/shake/src/thash_shake_robust.c
+++ /dev/null
@@ -1,31 +0,0 @@
-#include <stdint.h>
-#include <string.h>
-
-#include "../../../app/include/address.h"
-#include "../../../app/include/params.h"
-#include "../../../app/include/thash.h"
-#include "../../../app/include/utils.h"
-
-#include "../include/fips202.h"
-
-/**
- * Takes an array of inblocks concatenated arrays of SPX_N bytes.
- */
-void thash(unsigned char *out, const unsigned char *in, unsigned int inblocks,
-           const spx_ctx *ctx, uint32_t addr[8])
-{
-    SPX_VLA(uint8_t, buf, SPX_N + SPX_ADDR_BYTES + inblocks*SPX_N);
-    SPX_VLA(uint8_t, bitmask, inblocks * SPX_N);
-    unsigned int i;
-
-    memcpy(buf, ctx->pub_seed, SPX_N);
-    memcpy(buf + SPX_N, addr, SPX_ADDR_BYTES);
-
-    shake256(bitmask, inblocks * SPX_N, buf, SPX_N + SPX_ADDR_BYTES);
-
-    for (i = 0; i < inblocks * SPX_N; i++) {
-        buf[SPX_N + SPX_ADDR_BYTES + i] = in[i] ^ bitmask[i];
-    }
-
-    shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES + inblocks*SPX_N);
-}
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/shake/src/thash_shake_simple.c b/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/shake/src/thash_shake_simple.c
deleted file mode 100644
index 71bedab..0000000
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/test_case/lib/shake/src/thash_shake_simple.c
+++ /dev/null
@@ -1,24 +0,0 @@
-#include <stdint.h>
-#include <string.h>
-
-#include "../../../app/include/address.h"
-#include "../../../app/include/params.h"
-#include "../../../app/include/thash.h"
-#include "../../../app/include/utils.h"
-
-#include "../include/fips202.h"
-
-/**
- * Takes an array of inblocks concatenated arrays of SPX_N bytes.
- */
-void thash(unsigned char *out, const unsigned char *in, unsigned int inblocks,
-           const spx_ctx *ctx, uint32_t addr[8])
-{
-    SPX_VLA(uint8_t, buf, SPX_N + SPX_ADDR_BYTES + inblocks*SPX_N);
-
-    memcpy(buf, ctx->pub_seed, SPX_N);
-    memcpy(buf + SPX_N, addr, SPX_ADDR_BYTES);
-    memcpy(buf + SPX_N + SPX_ADDR_BYTES, in, inblocks * SPX_N);
-
-    shake256(out, SPX_N, buf, SPX_N + SPX_ADDR_BYTES + inblocks*SPX_N);
-}
diff --git a/examples/hello_world/test_case/CMakeLists.txt b/examples/templates/hello_world/test_case/CMakeLists.txt
similarity index 100%
rename from examples/hello_world/test_case/CMakeLists.txt
rename to examples/templates/hello_world/test_case/CMakeLists.txt
diff --git a/examples/hello_world/test_case/include/constants.h b/examples/templates/hello_world/test_case/include/constants.h
similarity index 100%
rename from examples/hello_world/test_case/include/constants.h
rename to examples/templates/hello_world/test_case/include/constants.h
diff --git a/examples/hello_world/test_case/src/main.c b/examples/templates/hello_world/test_case/src/main.c
similarity index 100%
rename from examples/hello_world/test_case/src/main.c
rename to examples/templates/hello_world/test_case/src/main.c
diff --git a/examples/templates/hello_world_lib/test_case/CMakeLists.txt b/examples/templates/hello_world_lib/test_case/CMakeLists.txt
new file mode 100644
index 0000000..fc35e57
--- /dev/null
+++ b/examples/templates/hello_world_lib/test_case/CMakeLists.txt
@@ -0,0 +1,13 @@
+#
+# Copyright (C) 2026 Intel Corporation
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+
+cmake_minimum_required(VERSION 3.10)
+cmake_path(GET CMAKE_CURRENT_SOURCE_DIR PARENT_PATH parent)
+cmake_path(GET parent FILENAME project_name)
+project(${project_name})
+
+add_library(${project_name} SHARED src/hello.c)
+target_include_directories(${project_name} PUBLIC include)
diff --git a/examples/templates/hello_world_lib/test_case/include/constants.h b/examples/templates/hello_world_lib/test_case/include/constants.h
new file mode 100644
index 0000000..c93b448
--- /dev/null
+++ b/examples/templates/hello_world_lib/test_case/include/constants.h
@@ -0,0 +1,14 @@
+//
+// Copyright (C) 2026 Intel Corporation
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+#ifndef CONSTANTS_H
+#define CONSTANTS_H
+
+#define GREETING "Hello World!"
+#define BORDER_CHAR '*'
+#define BORDER_LENGTH 5
+
+#endif
diff --git a/examples/templates/hello_world_lib/test_case/src/hello.c b/examples/templates/hello_world_lib/test_case/src/hello.c
new file mode 100644
index 0000000..801cc4a
--- /dev/null
+++ b/examples/templates/hello_world_lib/test_case/src/hello.c
@@ -0,0 +1,20 @@
+//
+// Copyright (C) 2026 Intel Corporation
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+#include <stdio.h>
+#include "constants.h"
+
+void hello_print(void) {
+    for (int i = 0; i < BORDER_LENGTH; i++) {
+        printf("%c", BORDER_CHAR);
+    }
+
+    printf("\n%s\n", GREETING);
+
+    for (int i = 0; i < BORDER_LENGTH; i++) {
+        printf("%c", BORDER_CHAR);
+    }
+}
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/CMakeLists.txt b/examples/templates/hello_world_preset/CMakeLists.txt
similarity index 100%
rename from examples/sphincs_PQCgenKAT_sign_blake_128f_simple/CMakeLists.txt
rename to examples/templates/hello_world_preset/CMakeLists.txt
diff --git a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/CMakePresets.json b/examples/templates/hello_world_preset/CMakePresets.json
similarity index 76%
rename from examples/sphincs_PQCgenKAT_sign_blake_128f_simple/CMakePresets.json
rename to examples/templates/hello_world_preset/CMakePresets.json
index 323c68f..b97115c 100644
--- a/examples/sphincs_PQCgenKAT_sign_blake_128f_simple/CMakePresets.json
+++ b/examples/templates/hello_world_preset/CMakePresets.json
@@ -18,12 +18,7 @@
         },
         {
             "name": "test",
-            "inherits": "base",
-            "cacheVariables": {
-                "HASH_BACKEND": "blake",
-                "SECPAR": "128f",
-                "THASH": "simple"
-            }
+            "inherits": "base"
         }
     ],
     "buildPresets": [
diff --git a/examples/templates/hello_world_preset/test_case/CMakeLists.txt b/examples/templates/hello_world_preset/test_case/CMakeLists.txt
new file mode 100644
index 0000000..80ff95a
--- /dev/null
+++ b/examples/templates/hello_world_preset/test_case/CMakeLists.txt
@@ -0,0 +1,5 @@
+cmake_minimum_required(VERSION 3.10)
+project(hello_world_preset C)
+
+add_subdirectory(lib)
+add_subdirectory(app)
diff --git a/examples/templates/hello_world_preset/test_case/app/CMakeLists.txt b/examples/templates/hello_world_preset/test_case/app/CMakeLists.txt
new file mode 100644
index 0000000..984ae00
--- /dev/null
+++ b/examples/templates/hello_world_preset/test_case/app/CMakeLists.txt
@@ -0,0 +1,2 @@
+add_executable(hello_world src/main.c)
+target_link_libraries(hello_world PRIVATE hello_world_lib)
diff --git a/examples/templates/hello_world_preset/test_case/app/src/main.c b/examples/templates/hello_world_preset/test_case/app/src/main.c
new file mode 100644
index 0000000..6f4feb8
--- /dev/null
+++ b/examples/templates/hello_world_preset/test_case/app/src/main.c
@@ -0,0 +1,12 @@
+//
+// Copyright (C) 2026 Intel Corporation
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+#include "hello.h"
+
+int main(void) {
+    hello_print();
+    return 0;
+}
diff --git a/examples/templates/hello_world_preset/test_case/lib/CMakeLists.txt b/examples/templates/hello_world_preset/test_case/lib/CMakeLists.txt
new file mode 100644
index 0000000..b558f79
--- /dev/null
+++ b/examples/templates/hello_world_preset/test_case/lib/CMakeLists.txt
@@ -0,0 +1,2 @@
+add_library(hello_world_lib SHARED src/hello.c)
+target_include_directories(hello_world_lib PUBLIC include)
diff --git a/examples/templates/hello_world_preset/test_case/lib/include/hello.h b/examples/templates/hello_world_preset/test_case/lib/include/hello.h
new file mode 100644
index 0000000..6fba946
--- /dev/null
+++ b/examples/templates/hello_world_preset/test_case/lib/include/hello.h
@@ -0,0 +1,12 @@
+//
+// Copyright (C) 2026 Intel Corporation
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+#ifndef HELLO_H
+#define HELLO_H
+
+void hello_print(void);
+
+#endif
diff --git a/examples/templates/hello_world_preset/test_case/lib/src/hello.c b/examples/templates/hello_world_preset/test_case/lib/src/hello.c
new file mode 100644
index 0000000..21ace1b
--- /dev/null
+++ b/examples/templates/hello_world_preset/test_case/lib/src/hello.c
@@ -0,0 +1,24 @@
+//
+// Copyright (C) 2026 Intel Corporation
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+#include <stdio.h>
+#include "hello.h"
+
+#define GREETING "Hello World!"
+#define BORDER_CHAR '*'
+#define BORDER_LENGTH 5
+
+void hello_print(void) {
+    for (int i = 0; i < BORDER_LENGTH; i++) {
+        printf("%c", BORDER_CHAR);
+    }
+
+    printf("\n%s\n", GREETING);
+
+    for (int i = 0; i < BORDER_LENGTH; i++) {
+        printf("%c", BORDER_CHAR);
+    }
+}
diff --git a/src/ideas/cmake.py b/src/ideas/cmake.py
index cca4d34..6cdbe16 100644
--- a/src/ideas/cmake.py
+++ b/src/ideas/cmake.py
@@ -69,7 +69,17 @@ def configure(
     if not preset:
         cmd = ["cmake", "-S", str(source_dir), "-B", str(build_dir), "-G", "Ninja"] + flags
     else:
-        cmd = ["cmake", "-S", ".", "--preset", preset] + flags
+        cmd = [
+            "cmake",
+            "-S",
+            ".",
+            "--preset",
+            preset,
+            "-B",
+            str(build_dir),
+            "-G",
+            "Ninja",
+        ] + flags
 
     success, output, error, _ = run_subprocess(cmd)
     if not success:
@@ -95,10 +105,27 @@ def build(build_dir: Path, preset: str | None = None) -> None:
         raise RuntimeError(f"CMake build failed: {' '.join(cmd)}\n{output + error}")
 
 
+def patch_preset_binary_dir(preset_path: Path, build_dir: Path) -> None:
+    """Ensure binaryDir and generator in all configure presets are set to ninja."""
+    data = json.loads(preset_path.read_text())
+    for preset in data.get("configurePresets", []):
+        if "binaryDir" in preset and preset["binaryDir"] != str(build_dir):
+            preset["binaryDir"] = str(build_dir)
+
+        if "generator" in preset and preset["generator"] != "Ninja":
+            preset["generator"] = "Ninja"
+
+    preset_path.write_text(json.dumps(data, indent=2))
+
+
 def _main(cfg: CmakeConfig) -> None:
     # Determine Cmake preset
     preset = "test" if os.path.exists("CMakePresets.json") else None
 
+    # Patch binaryDir in presets to match our expected build directory
+    if preset:
+        patch_preset_binary_dir(Path("CMakePresets.json"), cfg.build_dir)
+
     # Configure Cmake
     configure(
         source_dir=cfg.source_dir,
diff --git a/src/ideas/init/consolidate.py b/src/ideas/init/consolidate.py
index f048596..b0cccd7 100644
--- a/src/ideas/init/consolidate.py
+++ b/src/ideas/init/consolidate.py
@@ -629,6 +629,10 @@ def merge_symbols(
 
 
 def _main(cfg: ConsolidateConfig):
+    if LARGE_PROJECT:
+        logger.info("LARGE_PROJECT mode enabled: consolidation is disabled!")
+        return
+
     output_dir = Path(HydraConfig.get().runtime.output_dir)
 
     # Get crate information
diff --git a/src/ideas/translate.py b/src/ideas/translate.py
index 86326ec..d2638ef 100644
--- a/src/ideas/translate.py
+++ b/src/ideas/translate.py
@@ -18,8 +18,7 @@
 from ideas import adapters, model, ModelConfig, GenerateConfig
 from ideas import SnippetTranslator, RecurrentTranslator, WrapperGenerator, SymbolTester
 from ideas import create_translation_unit, extract_info_c
-from ideas.ast_rust import mangle
-from ideas.init.consolidate import get_symbols_and_dependencies
+from ideas.init.consolidate import get_symbols_and_dependencies, get_asts, create_ast_order
 from .tools import Crate, LARGE_PROJECT
 
 logger = logging.getLogger("ideas.translate")
@@ -34,6 +33,8 @@ class TranslateConfig:
     cargo_toml: Path = MISSING
     tests: str = MISSING
 
+    source_priority: Path | None = None
+
     translator: str = "ChainOfThought"
     translator_max_iters: int = 5
     wrapper_max_iters: int = 5
@@ -51,7 +52,15 @@ def _main(cfg: TranslateConfig) -> None:
     logger.info(f"Saving results to {output_dir}")
     crate = Crate(cargo_toml=cfg.cargo_toml.resolve(), vcs=cfg.vcs)  # type: ignore[reportArgumentType]
 
+    # Resolve source priority
+    source_priority: list[Path] = []
+    if cfg.source_priority:
+        lines = cfg.source_priority.read_text().splitlines()
+        source_priority = [Path(line.strip()).resolve() for line in lines if line.strip()]
+
     # Save C source since it will be modified by the agent
+    if LARGE_PROJECT:
+        crate.c_src_path.write_text("")
     orig_c_src = crate.c_src_path.read_bytes()
 
     # Make sure Rust source is in known state (i.e., empty)
@@ -61,11 +70,21 @@ def _main(cfg: TranslateConfig) -> None:
         crate.vcs.rm(crate.cargo_toml.parent / "build.rs", force=True)
 
     # Get global symbol table
-    tu = create_translation_unit(cfg.filename)
-    asts = [extract_info_c(tu)]
-    symbols, dependencies = get_symbols_and_dependencies(
-        asts, external_symbol_names=["c:@F@main"] if crate.is_bin else None
-    )
+    if cfg.filename.suffix == ".c":
+        tu = create_translation_unit(cfg.filename)
+        asts = [extract_info_c(tu)]
+        ast_order = None
+        symbols, dependencies = get_symbols_and_dependencies(
+            asts, external_symbol_names=["c:@F@main"] if crate.is_bin else None
+        )
+    else:
+        asts = get_asts(cfg.filename, source_priority)
+        ast_order = create_ast_order(source_priority, asts)
+        symbols, dependencies = get_symbols_and_dependencies(
+            asts,
+            external_symbol_names=["c:@F@main"] if crate.is_bin else None,
+            ast_order=ast_order,
+        )
 
     # Create translation agent
     model.configure(cfg.model, cfg.generate)
@@ -81,7 +100,7 @@ def _main(cfg: TranslateConfig) -> None:
     )
 
     # Run translation agent and write it to disk
-    pred = agent(symbols, dependencies)
+    pred = agent(symbols, dependencies, ast_order)
     crate.rust_src_path.write_text(pred.translation.text)
     usage = model.format_usage(pred)
     if pred.success:
@@ -113,30 +132,10 @@ def _cleanup(crate: Crate, symbols: dict) -> None:
     )
     logger.info("Removed bindgen artifacts")
 
-    # Remove wrappers for symbols that are not globally linked
-    keepers = {
-        mangle(s.spelling)
-        for s in symbols.values()
-        if s.is_global
-        and not crate.is_bin
-        and (s.is_variable or (s.is_function and s.is_definition))
-    }
-    wrapper_dir = crate.rust_src_path.parent / "wrapper"
-    wrapper_module = crate.rust_src_path.parent / "wrapper.rs"
-
-    lines = wrapper_module.read_text().splitlines() if wrapper_module.exists() else []
-    if wrapper_dir.exists():
-        for wrapper_file in wrapper_dir.glob("*.rs"):
-            if wrapper_file.stem not in keepers:
-                crate.vcs.rm(wrapper_file, force=True)
-                logger.info(f"Removed non-global wrapper: {wrapper_file.name}")
-                mod_line = f"pub mod {wrapper_file.stem};"
-                if mod_line in lines:
-                    lines.remove(mod_line)
-    if lines:
-        wrapper_module.write_text("\n".join(lines) + "\n")
-        crate.vcs.add(wrapper_module)
-    else:
+    # For binaries, delete wrappers
+    if crate.is_bin:
+        wrapper_dir = crate.rust_src_path.parent / "wrapper"
+        wrapper_module = crate.rust_src_path.parent / "wrapper.rs"
         crate.vcs.rm(wrapper_module, wrapper_dir, force=True)
 
 
diff --git a/src/ideas/translate_recurrent.py b/src/ideas/translate_recurrent.py
index 9c7671b..e908eca 100644
--- a/src/ideas/translate_recurrent.py
+++ b/src/ideas/translate_recurrent.py
@@ -11,7 +11,7 @@
 import dspy
 import networkx as nx
 
-from .ast import CodeC, Symbol
+from .ast import CodeC, Symbol, TreeResult
 from .ast_rust import CodeRust, get_signatures
 from .tools import Crate, LARGE_PROJECT
 from .init.consolidate import create_symbol_lexical_key_fn
@@ -43,6 +43,7 @@ def forward(
         self,
         symbols: dict[SymbolName, Symbol],
         dependencies: dict[SymbolGroup, Iterable[SymbolGroup]],
+        ast_order: dict[Path, TreeResult] | None = None,
     ) -> dspy.Prediction:
         # We always start with an empty crate
         self.crate.rust_src_path.write_text("")
@@ -53,7 +54,7 @@ def forward(
         assert isinstance(G, nx.DiGraph)
         groups = list(
             nx.lexicographical_topological_sort(
-                G.reverse(copy=False), key=create_symbol_lexical_key_fn(symbols)
+                G.reverse(copy=False), key=create_symbol_lexical_key_fn(symbols, ast_order)
             )
         )
 
@@ -276,14 +277,13 @@ def translate(
         with self.crate.rust_src_path.open("a") as f:
             f.write(translation.text + "\n")
 
-        if self.wrap_symbol is None:
-            # If we don't want a wrapper, then we are done
-            return pred
-
         # Generate wrapper, that may modify the translation, for each symbol
         unsafe_translation = translation
         wrappers: dict[str, dspy.Prediction] = {}
         for symbol in symbols:
+            # If we don't have a wrapper function, then skip the symbol
+            if self.wrap_symbol is None:
+                continue
             # We can only hybrid build-test functions and variables
             if not (symbol.is_function and symbol.is_definition) and not symbol.is_variable:
                 continue
@@ -330,8 +330,9 @@ def translate(
         # Cache successful translation and wrappers
         if pred.success:
             self.translate_symbol.write_cache(pred)
-            for wrapper in wrappers.values():
-                self.wrap_symbol.write_cache(wrapper)
+            if self.wrap_symbol is not None:
+                for wrapper in wrappers.values():
+                    self.wrap_symbol.write_cache(wrapper)
 
         # Return wrappers for next retry
         pred.wrappers = {name: wrapper.wrapper for name, wrapper in wrappers.items()}
diff --git a/test/fixtures/isystem_inline_dep/test_case/CMakeLists.txt b/test/fixtures/isystem_inline_dep/test_case/CMakeLists.txt
deleted file mode 100644
index 4a0d24e..0000000
--- a/test/fixtures/isystem_inline_dep/test_case/CMakeLists.txt
+++ /dev/null
@@ -1,18 +0,0 @@
-cmake_minimum_required(VERSION 3.10)
-project(isystem_inline_dep C)
-
-# util shared library - includes util/ with regular -I
-add_library(util SHARED util/user.c)
-target_include_directories(util PRIVATE util)
-
-# ext shared library - includes util/ with SYSTEM (generates -isystem)
-# This is the pattern that causes the bug: same header directory included
-# as SYSTEM in one target but regular in another.
-add_library(ext SHARED ext/caller.c)
-target_include_directories(ext SYSTEM PRIVATE util)
-target_include_directories(ext PRIVATE ext)
-
-# Main executable links both
-add_executable(isystem_inline_dep main.c)
-target_include_directories(isystem_inline_dep PRIVATE util)
-target_link_libraries(isystem_inline_dep util ext)
diff --git a/test/fixtures/isystem_inline_dep/test_case/ext/bridge.h b/test/fixtures/isystem_inline_dep/test_case/ext/bridge.h
deleted file mode 100644
index 1f0772a..0000000
--- a/test/fixtures/isystem_inline_dep/test_case/ext/bridge.h
+++ /dev/null
@@ -1,8 +0,0 @@
-#ifndef BRIDGE_H
-#define BRIDGE_H
-
-#include "alloc.h"
-
-#define ext_malloc(x) my_alloc(x)
-
-#endif
diff --git a/test/fixtures/isystem_inline_dep/test_case/ext/caller.c b/test/fixtures/isystem_inline_dep/test_case/ext/caller.c
deleted file mode 100644
index ebb1865..0000000
--- a/test/fixtures/isystem_inline_dep/test_case/ext/caller.c
+++ /dev/null
@@ -1,19 +0,0 @@
-#include "bridge.h"
-
-typedef struct {
-    int val;
-} item_t;
-
-static item_t *make_item(int val) {
-    item_t *p;
-    if (!(p = (item_t *)ext_malloc(sizeof(item_t))))
-        return (void *)0;
-    p->val = val;
-    return p;
-}
-
-int do_work(int x) {
-    item_t *item = make_item(x);
-    if (item) return item->val;
-    return -1;
-}
diff --git a/test/fixtures/isystem_inline_dep/test_case/main.c b/test/fixtures/isystem_inline_dep/test_case/main.c
deleted file mode 100644
index 2d3f860..0000000
--- a/test/fixtures/isystem_inline_dep/test_case/main.c
+++ /dev/null
@@ -1,10 +0,0 @@
-#include "alloc.h"
-
-int do_work(int x);
-void *my_calloc(size_t n, size_t sz);
-
-int main(void) {
-    void *p = my_calloc(4, sizeof(int));
-    if (p) free(p);
-    return do_work(42);
-}
diff --git a/test/fixtures/isystem_inline_dep/test_case/util/alloc.h b/test/fixtures/isystem_inline_dep/test_case/util/alloc.h
deleted file mode 100644
index dc8fa4d..0000000
--- a/test/fixtures/isystem_inline_dep/test_case/util/alloc.h
+++ /dev/null
@@ -1,10 +0,0 @@
-#ifndef ALLOC_H
-#define ALLOC_H
-
-#include <stdlib.h>
-
-static inline void *my_alloc(size_t len) {
-    return malloc(len);
-}
-
-#endif
diff --git a/test/fixtures/isystem_inline_dep/test_case/util/user.c b/test/fixtures/isystem_inline_dep/test_case/util/user.c
deleted file mode 100644
index a727564..0000000
--- a/test/fixtures/isystem_inline_dep/test_case/util/user.c
+++ /dev/null
@@ -1,6 +0,0 @@
-#include "alloc.h"
-
-void *my_calloc(size_t n, size_t sz) {
-    void *p = my_alloc(n * sz);
-    return p;
-}
diff --git a/test/fixtures/isystem_inline_dep/test_case/xdiff/bridge.h b/test/fixtures/isystem_inline_dep/test_case/xdiff/bridge.h
deleted file mode 100644
index a884876..0000000
--- a/test/fixtures/isystem_inline_dep/test_case/xdiff/bridge.h
+++ /dev/null
@@ -1,8 +0,0 @@
-#ifndef BRIDGE_H
-#define BRIDGE_H
-
-#include "alloc.h"
-
-#define xdl_malloc(x) my_alloc(x)
-
-#endif
diff --git a/test/fixtures/isystem_inline_dep/test_case/xdiff/caller.c b/test/fixtures/isystem_inline_dep/test_case/xdiff/caller.c
deleted file mode 100644
index 16d4caf..0000000
--- a/test/fixtures/isystem_inline_dep/test_case/xdiff/caller.c
+++ /dev/null
@@ -1,19 +0,0 @@
-#include "bridge.h"
-
-typedef struct {
-    int val;
-} item_t;
-
-static item_t *make_item(int val) {
-    item_t *p;
-    if (!(p = (item_t *)xdl_malloc(sizeof(item_t))))
-        return (void *)0;
-    p->val = val;
-    return p;
-}
-
-int do_work(int x) {
-    item_t *item = make_item(x);
-    if (item) return item->val;
-    return -1;
-}
diff --git a/test/fixtures/scc_ordering_bug/test_case/CMakeLists.txt b/test/fixtures/scc_ordering_bug/test_case/CMakeLists.txt
deleted file mode 100644
index 4b9c9a5..0000000
--- a/test/fixtures/scc_ordering_bug/test_case/CMakeLists.txt
+++ /dev/null
@@ -1,17 +0,0 @@
-cmake_minimum_required(VERSION 3.10)
-project(scc_ordering_bug)
-
-# Reproduces SCC ordering bug in consolidation:
-#   caller.c (rank 1) defines compute() which calls helper().
-#   state.c (rank 2) defines helper() (inline) and vtable = { .fn = compute }.
-#   Cycle: compute -> helper -> vtable -> compute.
-#   merge_symbols picks helper from state.c (definition beats declaration).
-#   Within the SCC, compute (rank 1) is emitted before helper (rank 2).
-#   helper has declaration=None (inline) so no forward decl is emitted.
-#   Result: "call to undeclared function 'helper'"
-add_executable(scc_ordering_bug
-    src/main.c
-    src/caller.c
-    src/state.c
-)
-target_include_directories(scc_ordering_bug PRIVATE include)
diff --git a/test/fixtures/scc_ordering_bug/test_case/include/fwd.h b/test/fixtures/scc_ordering_bug/test_case/include/fwd.h
deleted file mode 100644
index 4d8dd85..0000000
--- a/test/fixtures/scc_ordering_bug/test_case/include/fwd.h
+++ /dev/null
@@ -1,13 +0,0 @@
-#ifndef FWD_H
-#define FWD_H
-
-struct vtable_t {
-    int (*fn)(int);
-};
-
-extern struct vtable_t vtable;
-
-/* Forward declaration only — no definition of helper here. */
-int helper(int x);
-
-#endif
diff --git a/test/fixtures/scc_ordering_bug/test_case/include/header.h b/test/fixtures/scc_ordering_bug/test_case/include/header.h
deleted file mode 100644
index 51b2257..0000000
--- a/test/fixtures/scc_ordering_bug/test_case/include/header.h
+++ /dev/null
@@ -1,15 +0,0 @@
-#ifndef HEADER_H
-#define HEADER_H
-
-struct vtable_t {
-    int (*fn)(int);
-};
-
-extern struct vtable_t vtable;
-
-/* Full definition of helper — only included by state.c */
-inline int helper(int x) {
-    return vtable.fn(x);
-}
-
-#endif
diff --git a/test/fixtures/scc_ordering_bug/test_case/src/caller.c b/test/fixtures/scc_ordering_bug/test_case/src/caller.c
deleted file mode 100644
index 42f15e8..0000000
--- a/test/fixtures/scc_ordering_bug/test_case/src/caller.c
+++ /dev/null
@@ -1,5 +0,0 @@
-#include "fwd.h"
-
-int compute(int x) {
-    return helper(x) + 1;
-}
diff --git a/test/fixtures/scc_ordering_bug/test_case/src/main.c b/test/fixtures/scc_ordering_bug/test_case/src/main.c
deleted file mode 100644
index 8585358..0000000
--- a/test/fixtures/scc_ordering_bug/test_case/src/main.c
+++ /dev/null
@@ -1,9 +0,0 @@
-#include <stdio.h>
-
-int helper(int x);
-int compute(int x);
-
-int main(void) {
-    printf("%d\n", compute(42));
-    return 0;
-}
diff --git a/test/fixtures/scc_ordering_bug/test_case/src/state.c b/test/fixtures/scc_ordering_bug/test_case/src/state.c
deleted file mode 100644
index d9afdb2..0000000
--- a/test/fixtures/scc_ordering_bug/test_case/src/state.c
+++ /dev/null
@@ -1,8 +0,0 @@
-#include "header.h"
-
-int compute(int x);
-
-/* Provide external definition of helper for callers that only see the declaration */
-extern inline int helper(int x);
-
-struct vtable_t vtable = { .fn = compute };
diff --git a/test/fixtures/typedef_cross_tu/test_case/CMakeLists.txt b/test/fixtures/typedef_cross_tu/test_case/CMakeLists.txt
deleted file mode 100644
index d0769f5..0000000
--- a/test/fixtures/typedef_cross_tu/test_case/CMakeLists.txt
+++ /dev/null
@@ -1,16 +0,0 @@
-cmake_minimum_required(VERSION 3.10)
-project(typedef_cross_tu)
-
-# Library with b.c and c.c — these get parsed from compile_commands.json
-# before a.c (because library objects are built first). merge_symbols
-# processes b.c first → retains typedef X cursor from b.c.
-add_library(xlib SHARED src/b.c src/c.c)
-target_include_directories(xlib PRIVATE include)
-
-# Executable links against xlib; its .sources lists a.c first (from
-# add_executable sources) then lib sources appended via LINK_LIBRARIES.
-# So source_priority = [a.c, b.c, c.c] → ast_order rank: a.c=0, b.c=1, c.c=2
-# This gives struct X (from a.c) rank 0 < typedef X (from b.c) rank 1.
-add_executable(typedef_cross_tu src/a.c)
-target_include_directories(typedef_cross_tu PRIVATE include)
-target_link_libraries(typedef_cross_tu xlib)
diff --git a/test/fixtures/typedef_cross_tu/test_case/include/types.h b/test/fixtures/typedef_cross_tu/test_case/include/types.h
deleted file mode 100644
index d1659f4..0000000
--- a/test/fixtures/typedef_cross_tu/test_case/include/types.h
+++ /dev/null
@@ -1,4 +0,0 @@
-#ifndef TYPES_H
-#define TYPES_H
-typedef struct X X;
-#endif
diff --git a/test/fixtures/typedef_cross_tu/test_case/src/a.c b/test/fixtures/typedef_cross_tu/test_case/src/a.c
deleted file mode 100644
index 3f493a9..0000000
--- a/test/fixtures/typedef_cross_tu/test_case/src/a.c
+++ /dev/null
@@ -1,17 +0,0 @@
-#include "types.h"
-
-struct X {
-    X *self;
-    int val;
-};
-
-X *create_x(int v) {
-    (void)v;
-    return (X *)0;
-}
-
-int main(void) {
-    X *x = create_x(42);
-    (void)x;
-    return 0;
-}
diff --git a/test/fixtures/typedef_cross_tu/test_case/src/b.c b/test/fixtures/typedef_cross_tu/test_case/src/b.c
deleted file mode 100644
index af2d9c2..0000000
--- a/test/fixtures/typedef_cross_tu/test_case/src/b.c
+++ /dev/null
@@ -1,5 +0,0 @@
-#include "types.h"
-
-void consume_x(X *p) {
-    (void)p;
-}
diff --git a/test/fixtures/typedef_cross_tu/test_case/src/c.c b/test/fixtures/typedef_cross_tu/test_case/src/c.c
deleted file mode 100644
index 2ef9bea..0000000
--- a/test/fixtures/typedef_cross_tu/test_case/src/c.c
+++ /dev/null
@@ -1,10 +0,0 @@
-#include "types.h"
-
-struct Y {
-    X *member;
-    int id;
-};
-
-struct Y *alloc_y(void) {
-    return (struct Y *)0;
-}
diff --git a/test/fixtures/typedef_cross_tu/test_vectors/test.json b/test/fixtures/typedef_cross_tu/test_vectors/test.json
deleted file mode 100644
index 2748f42..0000000
--- a/test/fixtures/typedef_cross_tu/test_vectors/test.json
+++ /dev/null
@@ -1,8 +0,0 @@
-{
-    "test_cases": [
-        {
-            "input": "",
-            "expected_output": ""
-        }
-    ]
-}
diff --git a/test/test_consolidate.py b/test/test_consolidate.py
index 613ea36..9febcc4 100644
--- a/test/test_consolidate.py
+++ b/test/test_consolidate.py
@@ -11,6 +11,8 @@
 import pytest
 import json
 
+from clang.cindex import TranslationUnit as TU
+
 from ideas import ast
 from ideas.init.consolidate import (
     create_ast_order,
@@ -204,14 +206,6 @@ def test_nested_include_symbols_do_not_tie(tmp_path: Path):
 
 
 def test_consolidation_places_typedef_before_struct_definition(tmp_path: Path):
-    """
-      - types.h: typedef struct X X;
-      - thing.h: includes types.h, defines struct X { fields };
-      - thing.c: includes thing.h, uses X in function signatures
-
-    Consolidation must place the typedef before the struct definition so
-    that uses of 'X' as a bare type name compile correctly.
-    """
     types_h = tmp_path / "types.h"
     thing_h = tmp_path / "thing.h"
     thing_c = tmp_path / "thing.c"
@@ -219,27 +213,21 @@ def test_consolidation_places_typedef_before_struct_definition(tmp_path: Path):
     types_h.write_text(
         dedent(
             """\
-            #ifndef TYPES_H
-            #define TYPES_H
-            typedef struct git_callbacks git_callbacks;
-            #endif
+            typedef struct X X;
             """
         )
     )
     thing_h.write_text(
         dedent(
             """\
-            #ifndef THING_H
-            #define THING_H
             #include "types.h"
 
-            struct git_callbacks {
-                int (*notify)(git_callbacks *self, int status);
+            struct X {
+                int (*notify)(X *self, int status);
                 void *payload;
             };
 
-            int git_callbacks_init(git_callbacks *out);
-            #endif
+            int X_init(X *out);
             """
         )
     )
@@ -248,7 +236,7 @@ def test_consolidation_places_typedef_before_struct_definition(tmp_path: Path):
             """\
             #include "thing.h"
 
-            int git_callbacks_init(git_callbacks *out) {
+            int X_init(X *out) {
                 out->notify = 0;
                 out->payload = 0;
                 return 0;
@@ -261,8 +249,6 @@ def test_consolidation_places_typedef_before_struct_definition(tmp_path: Path):
     compile_commands = _write_compile_commands(tmp_path, [thing_c])
     consolidated = consolidate_init(compile_commands, source_priority=[])
 
-    # The consolidated code must compile — the typedef must appear before
-    # the struct definition and function that use 'git_callbacks' as a type name.
     success, error = check_c(consolidated, flags=["-fsyntax-only", "-Wall"])
     assert success, (
         f"Consolidated code does not compile:\n{error}\n\nConsolidated output:\n{consolidated}"
@@ -270,22 +256,6 @@ def test_consolidation_places_typedef_before_struct_definition(tmp_path: Path):
 
 
 def test_consolidation_typedef_before_struct_cross_tu(tmp_path: Path):
-    """
-    Cross-TU corner case: when the struct does NOT use the typedef name internally,
-    the typedef and struct can end up in the same SCC with cursors from different TUs.
-    clang_isBeforeInTranslationUnit returns 0 for both directions (undefined cross-TU),
-    so order depends on sort stability.
-
-    In valid C, if a struct body uses the typedef name, the typedef must be included
-    before it — meaning both symbols always appear in the same TU. So cross-TU
-    comparison can only happen when the struct does NOT reference the typedef,
-    in which case ordering doesn't affect compilability.
-
-      - types.h: typedef struct Node Node;
-      - node.h: struct Node { int val; struct Node *next; }; (struct tag only)
-      - api.c: includes types.h + node.h, uses Node * in function
-      - internal.c: includes node.h only, uses struct Node *
-    """
     types_h = tmp_path / "types.h"
     node_h = tmp_path / "node.h"
     api_c = tmp_path / "api.c"
@@ -294,23 +264,17 @@ def test_consolidation_typedef_before_struct_cross_tu(tmp_path: Path):
     types_h.write_text(
         dedent(
             """\
-            #ifndef TYPES_H
-            #define TYPES_H
             typedef struct Node Node;
-            #endif
             """
         )
     )
     node_h.write_text(
         dedent(
             """\
-            #ifndef NODE_H
-            #define NODE_H
             struct Node {
                 int val;
                 struct Node *next;
             };
-            #endif
             """
         )
     )
@@ -374,20 +338,14 @@ def test_consolidation_mutual_cross_tu_typedefs(tmp_path: Path):
     a_types_h.write_text(
         dedent(
             """\
-            #ifndef A_TYPES_H
-            #define A_TYPES_H
             typedef struct A A;
-            #endif
             """
         )
     )
     b_types_h.write_text(
         dedent(
             """\
-            #ifndef B_TYPES_H
-            #define B_TYPES_H
             typedef struct B B;
-            #endif
             """
         )
     )
@@ -490,7 +448,6 @@ def test_macro_wrapped_declaration(tmp_path: Path):
         f"Consolidated output contains unexpanded macro 'LIB_EXPORT':\n{consolidated}"
     )
 
-    # It must still compile
     success, error = check_c(consolidated, flags=["-fsyntax-only", "-Wall"])
     assert success, (
         f"Consolidated code does not compile:\n{error}\n\nConsolidated output:\n{consolidated}"
@@ -499,11 +456,6 @@ def test_macro_wrapped_declaration(tmp_path: Path):
 
 def test_typedef_after_struct_cross_tu_three_tus(tmp_path: Path):
     """
-    Three-TU corner case exposing invalid ordering when typedef and struct
-    definition form a cycle (same SCC) but their cursors come from different TUs
-    after merge_symbols.
-
-    Setup:
       - types.h: typedef struct X X;   (forward-declares struct X via typedef)
       - TU1 (a.c): #include "types.h", defines struct X { X *self; int val; };
                     The struct body uses the typedef name 'X' → creates cycle:
@@ -535,10 +487,7 @@ def test_typedef_after_struct_cross_tu_three_tus(tmp_path: Path):
     types_h.write_text(
         dedent(
             """\
-            #ifndef TYPES_H
-            #define TYPES_H
             typedef struct X X;
-            #endif
             """
         )
     )
@@ -824,29 +773,6 @@ def test_isystem_inline_function_dependency_not_lost(tmp_path: Path):
 
 
 def test_static_inline_in_scc_emitted_before_caller(tmp_path: Path):
-    """
-    When a static inline function from a header participates in a dependency
-    cycle (via a global variable whose initializer references its caller),
-    all participants collapse into one SCC. The lexical sort within that SCC
-    uses TU rank. If the caller's TU has a LOWER rank than the inline's TU,
-    the caller is emitted first — before the inline is defined — causing:
-      "call to undeclared function"
-
-    The static inline has declaration=None (the definition IS the declaration),
-    so the SCC emission logic cannot emit a forward declaration for it.
-
-    Setup:
-      header.h: struct vtable_t, extern vtable, static inline helper()
-      caller.c: #include "header.h", defines compute() which calls helper()
-      state.c:  #include "header.h", defines vtable = { .fn = compute }
-
-    Cycle: compute -> helper -> vtable -> compute
-    merge_symbols picks helper from state.c (processed first in asts).
-    ast_order = [caller.c, state.c] => caller.c rank 0, state.c rank 1.
-    SCC sort: compute(rank 0) before helper(rank 1) => BUG.
-    """
-    from clang.cindex import TranslationUnit as TU
-
     # header.h: static inline helper reads extern vtable
     header_h = tmp_path / "header.h"
     header_h.write_text(