diff --git a/trial3/layer1.c b/trial3/layer1.c
index a489eaf..5c979ed 100644
--- a/trial3/layer1.c
+++ b/trial3/layer1.c
@@ -207,6 +207,11 @@ int deriveECCKeyPair(mbedtls_mpi * SK, mbedtls_ecp_point * PK)
     size_t pubkeysize;
     char privkeybuf[100];
     size_t privkeysize;
+    char privkeybuf2[100];
+    size_t privkey2size;
+
+
+
 
 	mbedtls_ecp_group ecpGrp;
     mbedtls_ecp_group_init(&ecpGrp);
@@ -253,36 +258,59 @@ int deriveECCKeyPair(mbedtls_mpi * SK, mbedtls_ecp_point * PK)
 		printf("%hhx",pubkeybuf[i]);
 	printf(" :  PubKey\n");
 
-	// ret = mbedtls_mpi_write_binary(&secret, privkeybuf, 100);
- //    if(ret < 0)
- //    {
- //    	printf("%d\n", ret);
- //    	perror("MPI write point failure\n");
- //    	return RIOTFAILURE;
- //    }
-
-	// for(int i = 0; i < 100; i++)
-	// 	printf("%x",privkeybuf[i]);
-	// printf(" :  PrivKey\n\n\n");
 
     ret = mbedtls_mpi_write_string(&secret, 16, privkeybuf, sizeof(privkeybuf), &privkeysize);
-     if(ret < 0)
+    if(ret < 0)
     {
     	printf("%d\n", ret);
     	perror("MPI write point to string failure\n");
     	return RIOTFAILURE;
     }
 
-  	//printf("%zu : privkeysize\n", privkeysize);
-	//for(int i = 0; i < privkeysize; i++)
 	printf("%s :  PrivKey\n",privkeybuf);
 
-
+	//copy keys to parent function
     mbedtls_ecp_copy(PK, &Public);
     mbedtls_mpi_copy(SK, &secret);
 
     //what now? how to obtain the keys in PEM/DER/bin format?
 
+    //following experiment better documented in ECC_trial/PKtoPEM.c
+    /**
+    mbedtls_pk_context ec_pkCtx;
+    mbedtls_pk_init(&ec_pkCtx);
+
+    mbedtls_pk_setup(&ec_pkCtx, mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY));
+    mbedtls_ecp_keypair *pk_ecp = mbedtls_pk_ec( ec_pkCtx );
+
+	mbedtls_ecp_copy(&pk_ecp->Q, &Public);
+	mbedtls_mpi_copy(&pk_ecp->d, &secret);    
+
+	mbedtls_mpi_write_string(&pk_ecp->d, 16, privkeybuf2, sizeof(privkeybuf2), &privkey2size);
+	printf("%s :  wrapped PrivKey\n",privkeybuf2);
+
+
+
+	ret = 0;
+	unsigned char privBuf[16000];
+    unsigned char * d_b = privBuf;
+    memset(privBuf, 0, 16000);
+    unsigned char pubBuf[16000];
+    unsigned char * Q_b = pubBuf;
+    memset(pubBuf, 0, 16000);
+    ret = mbedtls_pk_write_key_pem(&ec_pkCtx, privBuf, 16000);
+    printf("write priv pem ret value = %d\n", ret);
+
+    printf("%s\n", privBuf);
+
+    ret = mbedtls_pk_write_pubkey_pem(&ec_pkCtx, pubBuf, 16000);
+    printf("write pub pem ret value = %d\n", ret);
+
+    printf("%s\n", pubBuf);    
+
+	**/
+
+
     mbedtls_mpi_free(&secret);
     mbedtls_ecp_point_free(&Public);
     mbedtls_ecp_group_free(&ecpGrp);
diff --git a/trial3/layer1.h b/trial3/layer1.h
index 8cf389c..597c0b0 100644
--- a/trial3/layer1.h
+++ b/trial3/layer1.h
@@ -1,5 +1,6 @@
 #include <stdio.h>
 #include <stdlib.h>
+#include <string.h>
 
 #include <mbedtls/bignum.h>
 #include <mbedtls/entropy.h>
@@ -12,6 +13,7 @@
 #include <mbedtls/md.h>
 #include <mbedtls/aes.h>
 #include <mbedtls/rsa.h>
+#include <mbedtls/pk.h>
 #include <mbedtls/sha1.h>
 #include <mbedtls/sha256.h>
 
@@ -21,8 +23,14 @@
 //int createUDS();					//create rand file. to be replaced with real fuse pointer
 
 int readUDS(uint8_t* UDSdigest);
+
 int readFWID(uint8_t * FW_M);
+
 int _calcCDID(uint8_t * CDID);
+
 int _calcCDIKEY(uint8_t * CDIKEY);
+
 int deriveECCKeyPair(mbedtls_mpi * SK, mbedtls_ecp_point * PK);
-int deriveRSAKeyPair(void);
\ No newline at end of file
+
+int deriveRSAKeyPair(void);
+
diff --git a/trial3/layer2.c b/trial3/layer2.c
index 5501e49..16f0907 100644
--- a/trial3/layer2.c
+++ b/trial3/layer2.c
@@ -57,6 +57,10 @@ void deriveDeviceIDKeyPair(uint8_t * CDIKEY, int isECC)
   //init
   //gen keypair
 
+
+  //return pubkey and privkey both to L2?
+
+
   if(isECC)
   { 
 
@@ -66,7 +70,12 @@ void deriveDeviceIDKeyPair(uint8_t * CDIKEY, int isECC)
     mbedtls_ecp_point Public;
     mbedtls_ecp_point_init(&Public);
 
-    deriveECCKeyPair(&secret, &Public);
+    //return pubkey and privkey both to L2?
+    deriveECCKeyPair(&secret, &Public);		
+
+    //secret and Public contain raw key inormation of generated keys
+    //Public also needs group and context to handle ECP
+    //Converting raw info to PEM is not easible like this
 
     return;
   }
diff --git a/trial3/layer2.h b/trial3/layer2.h
index 18e2ceb..9453b8c 100644
--- a/trial3/layer2.h
+++ b/trial3/layer2.h
@@ -22,5 +22,15 @@
 
 
 void ROMprotocol(void);
+
+void seedRNGSource(uint8_t * CDIKEY);
+
 void deriveDeviceIDKeyPair(uint8_t * CDIKEY, int isECC);
-void seedRNGSource(uint8_t * CDIKEY);
\ No newline at end of file
+
+void deriveAliasKeyPair(uint8_t * ALIKEY, int isECC);
+
+void writePrivKeytoFile(char * filename, int isPEM);
+
+void writePubKeytoFile(char* filename, int isPEM);
+
+void genCertiicate();
\ No newline at end of file
diff --git a/trial3/out/main b/trial3/out/main
index 0024400..1f933d9 100755
Binary files a/trial3/out/main and b/trial3/out/main differ