diff --git a/ci_config.json b/ci_config.json
index f5bcc7611..04331629f 100644
--- a/ci_config.json
+++ b/ci_config.json
@@ -1292,6 +1292,19 @@
       "libjack-dev"
     ]
   },
+  "s2n-bignum": {
+    "build_on": {
+      "windows": false,
+      "msys2": false
+    },
+    "build_options": [
+      "s2n-bignum:tests=enabled"
+    ],
+    "_comment": "Math heavy tests can take a long time to complete.",
+    "test_options": [
+      "--timeout-multiplier=2"
+    ]
+  },
   "s2n-tls": {
     "_comment": "- No upstream windows support",
     "build_on": {
diff --git a/releases.json b/releases.json
index a93f05bc8..c1386f801 100644
--- a/releases.json
+++ b/releases.json
@@ -3806,6 +3806,14 @@
       "4.1.0-1"
     ]
   },
+  "s2n-bignum": {
+    "dependency_names": [
+      "s2n-bignum"
+    ],
+    "versions": [
+      "1.0.0-1"
+    ]
+  },
   "s2n-tls": {
     "dependency_names": [
       "s2n-tls"
diff --git a/subprojects/packagefiles/s2n-bignum/arm/meson.build b/subprojects/packagefiles/s2n-bignum/arm/meson.build
new file mode 100644
index 000000000..065077d8f
--- /dev/null
+++ b/subprojects/packagefiles/s2n-bignum/arm/meson.build
@@ -0,0 +1,318 @@
+unprocessed_src = [
+  'arm/curve25519/bignum_add_p25519.S',
+  'arm/curve25519/bignum_cmul_p25519.S',
+  'arm/curve25519/bignum_double_p25519.S',
+  'arm/curve25519/bignum_inv_p25519.S',
+  'arm/curve25519/bignum_invsqrt_p25519.S',
+  'arm/curve25519/bignum_invsqrt_p25519_alt.S',
+  'arm/curve25519/bignum_madd_n25519.S',
+  'arm/curve25519/bignum_madd_n25519_alt.S',
+  'arm/curve25519/bignum_mod_m25519_4.S',
+  'arm/curve25519/bignum_mod_n25519.S',
+  'arm/curve25519/bignum_mod_n25519_4.S',
+  'arm/curve25519/bignum_mod_p25519_4.S',
+  'arm/curve25519/bignum_mul_p25519.S',
+  'arm/curve25519/bignum_mul_p25519_alt.S',
+  'arm/curve25519/bignum_neg_p25519.S',
+  'arm/curve25519/bignum_optneg_p25519.S',
+  'arm/curve25519/bignum_sqr_p25519.S',
+  'arm/curve25519/bignum_sqr_p25519_alt.S',
+  'arm/curve25519/bignum_sqrt_p25519.S',
+  'arm/curve25519/bignum_sqrt_p25519_alt.S',
+  'arm/curve25519/bignum_sub_p25519.S',
+  'arm/curve25519/curve25519_ladderstep.S',
+  'arm/curve25519/curve25519_ladderstep_alt.S',
+  'arm/curve25519/curve25519_pxscalarmul.S',
+  'arm/curve25519/curve25519_pxscalarmul_alt.S',
+  'arm/curve25519/curve25519_x25519.S',
+  'arm/curve25519/curve25519_x25519_alt.S',
+  'arm/curve25519/curve25519_x25519_byte.S',
+  'arm/curve25519/curve25519_x25519_byte_alt.S',
+  'arm/curve25519/curve25519_x25519base.S',
+  'arm/curve25519/curve25519_x25519base_alt.S',
+  'arm/curve25519/curve25519_x25519base_byte.S',
+  'arm/curve25519/curve25519_x25519base_byte_alt.S',
+  'arm/curve25519/edwards25519_decode.S',
+  'arm/curve25519/edwards25519_decode_alt.S',
+  'arm/curve25519/edwards25519_encode.S',
+  'arm/curve25519/edwards25519_epadd.S',
+  'arm/curve25519/edwards25519_epadd_alt.S',
+  'arm/curve25519/edwards25519_epdouble.S',
+  'arm/curve25519/edwards25519_epdouble_alt.S',
+  'arm/curve25519/edwards25519_pdouble.S',
+  'arm/curve25519/edwards25519_pdouble_alt.S',
+  'arm/curve25519/edwards25519_pepadd.S',
+  'arm/curve25519/edwards25519_pepadd_alt.S',
+  'arm/curve25519/edwards25519_scalarmulbase.S',
+  'arm/curve25519/edwards25519_scalarmulbase_alt.S',
+  'arm/curve25519/edwards25519_scalarmuldouble.S',
+  'arm/curve25519/edwards25519_scalarmuldouble_alt.S',
+  'arm/fastmul/bignum_emontredc_8n.S',
+  'arm/fastmul/bignum_emontredc_8n_cdiff.S',
+  'arm/fastmul/bignum_kmul_16_32.S',
+  'arm/fastmul/bignum_kmul_32_64.S',
+  'arm/fastmul/bignum_ksqr_16_32.S',
+  'arm/fastmul/bignum_ksqr_32_64.S',
+  'arm/fastmul/bignum_mul_4_8.S',
+  'arm/fastmul/bignum_mul_4_8_alt.S',
+  'arm/fastmul/bignum_mul_6_12.S',
+  'arm/fastmul/bignum_mul_6_12_alt.S',
+  'arm/fastmul/bignum_mul_8_16.S',
+  'arm/fastmul/bignum_mul_8_16_alt.S',
+  'arm/fastmul/bignum_sqr_4_8.S',
+  'arm/fastmul/bignum_sqr_4_8_alt.S',
+  'arm/fastmul/bignum_sqr_6_12.S',
+  'arm/fastmul/bignum_sqr_6_12_alt.S',
+  'arm/fastmul/bignum_sqr_8_16.S',
+  'arm/fastmul/bignum_sqr_8_16_alt.S',
+  'arm/generic/bignum_add.S',
+  'arm/generic/bignum_amontifier.S',
+  'arm/generic/bignum_amontmul.S',
+  'arm/generic/bignum_amontredc.S',
+  'arm/generic/bignum_amontsqr.S',
+  'arm/generic/bignum_bitfield.S',
+  'arm/generic/bignum_bitsize.S',
+  'arm/generic/bignum_cdiv.S',
+  'arm/generic/bignum_cdiv_exact.S',
+  'arm/generic/bignum_cld.S',
+  'arm/generic/bignum_clz.S',
+  'arm/generic/bignum_cmadd.S',
+  'arm/generic/bignum_cmnegadd.S',
+  'arm/generic/bignum_cmod.S',
+  'arm/generic/bignum_cmul.S',
+  'arm/generic/bignum_coprime.S',
+  'arm/generic/bignum_copy.S',
+  'arm/generic/bignum_copy_row_from_table.S',
+  'arm/generic/bignum_copy_row_from_table_16.S',
+  'arm/generic/bignum_copy_row_from_table_32.S',
+  'arm/generic/bignum_copy_row_from_table_8n.S',
+  'arm/generic/bignum_ctd.S',
+  'arm/generic/bignum_ctz.S',
+  'arm/generic/bignum_demont.S',
+  'arm/generic/bignum_digit.S',
+  'arm/generic/bignum_digitsize.S',
+  'arm/generic/bignum_divmod10.S',
+  'arm/generic/bignum_emontredc.S',
+  'arm/generic/bignum_eq.S',
+  'arm/generic/bignum_even.S',
+  'arm/generic/bignum_ge.S',
+  'arm/generic/bignum_gt.S',
+  'arm/generic/bignum_iszero.S',
+  'arm/generic/bignum_le.S',
+  'arm/generic/bignum_lt.S',
+  'arm/generic/bignum_madd.S',
+  'arm/generic/bignum_modadd.S',
+  'arm/generic/bignum_moddouble.S',
+  'arm/generic/bignum_modexp.S',
+  'arm/generic/bignum_modifier.S',
+  'arm/generic/bignum_modinv.S',
+  'arm/generic/bignum_modoptneg.S',
+  'arm/generic/bignum_modsub.S',
+  'arm/generic/bignum_montifier.S',
+  'arm/generic/bignum_montmul.S',
+  'arm/generic/bignum_montredc.S',
+  'arm/generic/bignum_montsqr.S',
+  'arm/generic/bignum_mul.S',
+  'arm/generic/bignum_muladd10.S',
+  'arm/generic/bignum_mux.S',
+  'arm/generic/bignum_mux16.S',
+  'arm/generic/bignum_negmodinv.S',
+  'arm/generic/bignum_nonzero.S',
+  'arm/generic/bignum_normalize.S',
+  'arm/generic/bignum_odd.S',
+  'arm/generic/bignum_of_word.S',
+  'arm/generic/bignum_optadd.S',
+  'arm/generic/bignum_optneg.S',
+  'arm/generic/bignum_optsub.S',
+  'arm/generic/bignum_optsubadd.S',
+  'arm/generic/bignum_pow2.S',
+  'arm/generic/bignum_shl_small.S',
+  'arm/generic/bignum_shr_small.S',
+  'arm/generic/bignum_sqr.S',
+  'arm/generic/bignum_sub.S',
+  'arm/generic/word_bytereverse.S',
+  'arm/generic/word_clz.S',
+  'arm/generic/word_ctz.S',
+  'arm/generic/word_divstep59.S',
+  'arm/generic/word_max.S',
+  'arm/generic/word_min.S',
+  'arm/generic/word_negmodinv.S',
+  'arm/generic/word_popcount.S',
+  'arm/generic/word_recip.S',
+  'arm/mlkem/mlkem_basemul_k2.S',
+  'arm/mlkem/mlkem_basemul_k3.S',
+  'arm/mlkem/mlkem_basemul_k4.S',
+  'arm/mlkem/mlkem_intt.S',
+  'arm/mlkem/mlkem_mulcache_compute.S',
+  'arm/mlkem/mlkem_ntt.S',
+  'arm/mlkem/mlkem_reduce.S',
+  'arm/mlkem/mlkem_rej_uniform_VARIABLE_TIME.S',
+  'arm/mlkem/mlkem_tobytes.S',
+  'arm/mlkem/mlkem_tomont.S',
+  'arm/p256/bignum_add_p256.S',
+  'arm/p256/bignum_bigendian_4.S',
+  'arm/p256/bignum_cmul_p256.S',
+  'arm/p256/bignum_deamont_p256.S',
+  'arm/p256/bignum_demont_p256.S',
+  'arm/p256/bignum_double_p256.S',
+  'arm/p256/bignum_half_p256.S',
+  'arm/p256/bignum_inv_p256.S',
+  'arm/p256/bignum_littleendian_4.S',
+  'arm/p256/bignum_mod_n256.S',
+  'arm/p256/bignum_mod_n256_4.S',
+  'arm/p256/bignum_mod_p256.S',
+  'arm/p256/bignum_mod_p256_4.S',
+  'arm/p256/bignum_montinv_p256.S',
+  'arm/p256/bignum_montmul_p256.S',
+  'arm/p256/bignum_montmul_p256_alt.S',
+  'arm/p256/bignum_montsqr_p256.S',
+  'arm/p256/bignum_montsqr_p256_alt.S',
+  'arm/p256/bignum_mux_4.S',
+  'arm/p256/bignum_neg_p256.S',
+  'arm/p256/bignum_nonzero_4.S',
+  'arm/p256/bignum_optneg_p256.S',
+  'arm/p256/bignum_sub_p256.S',
+  'arm/p256/bignum_tomont_p256.S',
+  'arm/p256/bignum_triple_p256.S',
+  'arm/p256/p256_montjadd.S',
+  'arm/p256/p256_montjadd_alt.S',
+  'arm/p256/p256_montjdouble.S',
+  'arm/p256/p256_montjdouble_alt.S',
+  'arm/p256/p256_montjmixadd.S',
+  'arm/p256/p256_montjmixadd_alt.S',
+  'arm/p256/p256_montjscalarmul.S',
+  'arm/p256/p256_montjscalarmul_alt.S',
+  'arm/p256/p256_scalarmul.S',
+  'arm/p256/p256_scalarmul_alt.S',
+  'arm/p256/p256_scalarmulbase.S',
+  'arm/p256/p256_scalarmulbase_alt.S',
+  'arm/p384/bignum_add_p384.S',
+  'arm/p384/bignum_bigendian_6.S',
+  'arm/p384/bignum_cmul_p384.S',
+  'arm/p384/bignum_deamont_p384.S',
+  'arm/p384/bignum_demont_p384.S',
+  'arm/p384/bignum_double_p384.S',
+  'arm/p384/bignum_half_p384.S',
+  'arm/p384/bignum_inv_p384.S',
+  'arm/p384/bignum_littleendian_6.S',
+  'arm/p384/bignum_mod_n384.S',
+  'arm/p384/bignum_mod_n384_6.S',
+  'arm/p384/bignum_mod_p384.S',
+  'arm/p384/bignum_mod_p384_6.S',
+  'arm/p384/bignum_montinv_p384.S',
+  'arm/p384/bignum_montmul_p384.S',
+  'arm/p384/bignum_montmul_p384_alt.S',
+  'arm/p384/bignum_montsqr_p384.S',
+  'arm/p384/bignum_montsqr_p384_alt.S',
+  'arm/p384/bignum_mux_6.S',
+  'arm/p384/bignum_neg_p384.S',
+  'arm/p384/bignum_nonzero_6.S',
+  'arm/p384/bignum_optneg_p384.S',
+  'arm/p384/bignum_sub_p384.S',
+  'arm/p384/bignum_tomont_p384.S',
+  'arm/p384/bignum_triple_p384.S',
+  'arm/p384/p384_montjadd.S',
+  'arm/p384/p384_montjadd_alt.S',
+  'arm/p384/p384_montjdouble.S',
+  'arm/p384/p384_montjdouble_alt.S',
+  'arm/p384/p384_montjmixadd.S',
+  'arm/p384/p384_montjmixadd_alt.S',
+  'arm/p384/p384_montjscalarmul.S',
+  'arm/p384/p384_montjscalarmul_alt.S',
+  'arm/p521/bignum_add_p521.S',
+  'arm/p521/bignum_cmul_p521.S',
+  'arm/p521/bignum_deamont_p521.S',
+  'arm/p521/bignum_demont_p521.S',
+  'arm/p521/bignum_double_p521.S',
+  'arm/p521/bignum_fromlebytes_p521.S',
+  'arm/p521/bignum_half_p521.S',
+  'arm/p521/bignum_inv_p521.S',
+  'arm/p521/bignum_mod_n521_9.S',
+  'arm/p521/bignum_mod_p521_9.S',
+  'arm/p521/bignum_montmul_p521.S',
+  'arm/p521/bignum_montmul_p521_alt.S',
+  'arm/p521/bignum_montsqr_p521.S',
+  'arm/p521/bignum_montsqr_p521_alt.S',
+  'arm/p521/bignum_mul_p521.S',
+  'arm/p521/bignum_mul_p521_alt.S',
+  'arm/p521/bignum_neg_p521.S',
+  'arm/p521/bignum_optneg_p521.S',
+  'arm/p521/bignum_sqr_p521.S',
+  'arm/p521/bignum_sqr_p521_alt.S',
+  'arm/p521/bignum_sub_p521.S',
+  'arm/p521/bignum_tolebytes_p521.S',
+  'arm/p521/bignum_tomont_p521.S',
+  'arm/p521/bignum_triple_p521.S',
+  'arm/p521/p521_jadd.S',
+  'arm/p521/p521_jadd_alt.S',
+  'arm/p521/p521_jdouble.S',
+  'arm/p521/p521_jdouble_alt.S',
+  'arm/p521/p521_jmixadd.S',
+  'arm/p521/p521_jmixadd_alt.S',
+  'arm/p521/p521_jscalarmul.S',
+  'arm/p521/p521_jscalarmul_alt.S',
+  'arm/secp256k1/bignum_add_p256k1.S',
+  'arm/secp256k1/bignum_cmul_p256k1.S',
+  'arm/secp256k1/bignum_deamont_p256k1.S',
+  'arm/secp256k1/bignum_demont_p256k1.S',
+  'arm/secp256k1/bignum_double_p256k1.S',
+  'arm/secp256k1/bignum_half_p256k1.S',
+  'arm/secp256k1/bignum_mod_n256k1_4.S',
+  'arm/secp256k1/bignum_mod_p256k1_4.S',
+  'arm/secp256k1/bignum_montmul_p256k1.S',
+  'arm/secp256k1/bignum_montmul_p256k1_alt.S',
+  'arm/secp256k1/bignum_montsqr_p256k1.S',
+  'arm/secp256k1/bignum_montsqr_p256k1_alt.S',
+  'arm/secp256k1/bignum_mul_p256k1.S',
+  'arm/secp256k1/bignum_mul_p256k1_alt.S',
+  'arm/secp256k1/bignum_neg_p256k1.S',
+  'arm/secp256k1/bignum_optneg_p256k1.S',
+  'arm/secp256k1/bignum_sqr_p256k1.S',
+  'arm/secp256k1/bignum_sqr_p256k1_alt.S',
+  'arm/secp256k1/bignum_sub_p256k1.S',
+  'arm/secp256k1/bignum_tomont_p256k1.S',
+  'arm/secp256k1/bignum_triple_p256k1.S',
+  'arm/secp256k1/secp256k1_jadd.S',
+  'arm/secp256k1/secp256k1_jadd_alt.S',
+  'arm/secp256k1/secp256k1_jdouble.S',
+  'arm/secp256k1/secp256k1_jdouble_alt.S',
+  'arm/secp256k1/secp256k1_jmixadd.S',
+  'arm/secp256k1/secp256k1_jmixadd_alt.S',
+  'arm/sha3/sha3_keccak2_f1600.S',
+  'arm/sha3/sha3_keccak2_f1600_alt.S',
+  'arm/sha3/sha3_keccak4_f1600.S',
+  'arm/sha3/sha3_keccak4_f1600_alt.S',
+  'arm/sha3/sha3_keccak4_f1600_alt2.S',
+  'arm/sha3/sha3_keccak_f1600.S',
+  'arm/sha3/sha3_keccak_f1600_alt.S',
+  'arm/sha3/sha3_keccak_f1600_alt2.S',
+  'arm/sm2/bignum_add_sm2.S',
+  'arm/sm2/bignum_cmul_sm2.S',
+  'arm/sm2/bignum_deamont_sm2.S',
+  'arm/sm2/bignum_demont_sm2.S',
+  'arm/sm2/bignum_double_sm2.S',
+  'arm/sm2/bignum_half_sm2.S',
+  'arm/sm2/bignum_inv_sm2.S',
+  'arm/sm2/bignum_mod_nsm2.S',
+  'arm/sm2/bignum_mod_nsm2_4.S',
+  'arm/sm2/bignum_mod_sm2.S',
+  'arm/sm2/bignum_mod_sm2_4.S',
+  'arm/sm2/bignum_montinv_sm2.S',
+  'arm/sm2/bignum_montmul_sm2.S',
+  'arm/sm2/bignum_montmul_sm2_alt.S',
+  'arm/sm2/bignum_montsqr_sm2.S',
+  'arm/sm2/bignum_montsqr_sm2_alt.S',
+  'arm/sm2/bignum_neg_sm2.S',
+  'arm/sm2/bignum_optneg_sm2.S',
+  'arm/sm2/bignum_sub_sm2.S',
+  'arm/sm2/bignum_tomont_sm2.S',
+  'arm/sm2/bignum_triple_sm2.S',
+  'arm/sm2/sm2_montjadd.S',
+  'arm/sm2/sm2_montjadd_alt.S',
+  'arm/sm2/sm2_montjdouble.S',
+  'arm/sm2/sm2_montjdouble_alt.S',
+  'arm/sm2/sm2_montjmixadd.S',
+  'arm/sm2/sm2_montjmixadd_alt.S',
+  'arm/sm2/sm2_montjscalarmul.S',
+  'arm/sm2/sm2_montjscalarmul_alt.S',
+]
diff --git a/subprojects/packagefiles/s2n-bignum/meson.build b/subprojects/packagefiles/s2n-bignum/meson.build
new file mode 100644
index 000000000..e2f0b45d1
--- /dev/null
+++ b/subprojects/packagefiles/s2n-bignum/meson.build
@@ -0,0 +1,103 @@
+project(
+  's2n-bignum',
+  'c',
+  version: '1.0.0',
+  license: 'Apache-2.0 OR ISC or MIT-0',
+  meson_version: '>=1.3.2',
+)
+
+pkg = import('pkgconfig')
+
+cpu = host_machine.cpu_family()
+cc = meson.get_compiler('c')
+
+inc = include_directories('include')
+
+tests_opt = get_option('tests').disable_auto_if(meson.is_subproject())
+
+c_args = []
+
+# Only 64 bit architectures are supported
+if cpu == 'x86_64'
+  subdir('x86')
+elif cpu == 'aarch64'
+  subdir('arm')
+else
+  error('unsupported architecture @0@'.format(host_machine.cpu_family()))
+endif
+
+src = []
+
+tr = find_program('tr')
+
+preprocess_args = ['-xassembler-with-cpp']
+preprocess_args += cc.get_supported_arguments(
+  '-Wno-unused-command-line-argument',
+  '-DWINDOWS_ABI=0',
+)
+
+# Source files need to be preprocessed before compiling
+foreach asm : unprocessed_src
+  # First fed through the preprocessor to expand macros and includes
+  name = asm.replace('/', '_').replace('.S', '')
+  preprocessed = cc.preprocess(
+    asm,
+    output: '@PLAINNAME@',
+    include_directories: inc,
+    compile_args: preprocess_args,
+  )
+  # Then fed into 'tr' to convert ';' to newlines, some assemblers require this
+  finalized = custom_target(
+    'finalize_' + name,
+    command: [tr, ';', '\n'],
+    feed: true,
+    capture: true,
+    input: preprocessed,
+    output: asm.replace('/', '_'),
+  )
+
+  src += [finalized]
+endforeach
+
+if host_machine.system() == 'darwin' and cc.get_id() == 'clang' and host_machine.cpu_family() == 'aarch64'
+  c_args += ['-arch', 'arm64', '-march=armv8.2-a+sha3']
+endif
+
+if host_machine.system() == 'windows'
+  error('s2n-bignum does not support Windows builds')
+endif
+
+s2n_bignum_lib = library(
+  's2nbignum',
+  src,
+  c_args: c_args,
+  include_directories: inc,
+  install: true,
+)
+
+s2n_bignum_dep = declare_dependency(
+  include_directories: inc,
+  link_with: s2n_bignum_lib,
+)
+
+meson.override_dependency('s2n-bignum', s2n_bignum_dep)
+
+install_headers('include/s2n-bignum.h')
+
+pkg.generate(s2n_bignum_lib)
+
+if tests_opt.allowed()
+  m_dep = cc.find_library(
+    'm',
+    required: false,
+  )
+
+  test_exe = executable(
+    's2n-bignum-tests',
+    'tests/test.c',
+    dependencies: [s2n_bignum_dep, m_dep],
+    build_by_default: false,
+  )
+
+  test('s2n-bignum tests', test_exe)
+endif
diff --git a/subprojects/packagefiles/s2n-bignum/meson_options.txt b/subprojects/packagefiles/s2n-bignum/meson_options.txt
new file mode 100644
index 000000000..c41975244
--- /dev/null
+++ b/subprojects/packagefiles/s2n-bignum/meson_options.txt
@@ -0,0 +1,5 @@
+option(
+    'tests',
+    type: 'feature',
+    description: 'Build tests for s2n-bignum',
+)
diff --git a/subprojects/packagefiles/s2n-bignum/x86/meson.build b/subprojects/packagefiles/s2n-bignum/x86/meson.build
new file mode 100644
index 000000000..371b6c520
--- /dev/null
+++ b/subprojects/packagefiles/s2n-bignum/x86/meson.build
@@ -0,0 +1,323 @@
+unprocessed_src = [
+  'x86/curve25519/bignum_add_p25519.S',
+  'x86/curve25519/bignum_cmul_p25519.S',
+  'x86/curve25519/bignum_cmul_p25519_alt.S',
+  'x86/curve25519/bignum_double_p25519.S',
+  'x86/curve25519/bignum_inv_p25519.S',
+  'x86/curve25519/bignum_invsqrt_p25519.S',
+  'x86/curve25519/bignum_invsqrt_p25519_alt.S',
+  'x86/curve25519/bignum_madd_n25519.S',
+  'x86/curve25519/bignum_madd_n25519_alt.S',
+  'x86/curve25519/bignum_mod_m25519_4.S',
+  'x86/curve25519/bignum_mod_n25519.S',
+  'x86/curve25519/bignum_mod_n25519_4.S',
+  'x86/curve25519/bignum_mod_p25519_4.S',
+  'x86/curve25519/bignum_mul_p25519.S',
+  'x86/curve25519/bignum_mul_p25519_alt.S',
+  'x86/curve25519/bignum_neg_p25519.S',
+  'x86/curve25519/bignum_optneg_p25519.S',
+  'x86/curve25519/bignum_sqr_p25519.S',
+  'x86/curve25519/bignum_sqr_p25519_alt.S',
+  'x86/curve25519/bignum_sqrt_p25519.S',
+  'x86/curve25519/bignum_sqrt_p25519_alt.S',
+  'x86/curve25519/bignum_sub_p25519.S',
+  'x86/curve25519/curve25519_ladderstep.S',
+  'x86/curve25519/curve25519_ladderstep_alt.S',
+  'x86/curve25519/curve25519_pxscalarmul.S',
+  'x86/curve25519/curve25519_pxscalarmul_alt.S',
+  'x86/curve25519/curve25519_x25519.S',
+  'x86/curve25519/curve25519_x25519_alt.S',
+  'x86/curve25519/curve25519_x25519base.S',
+  'x86/curve25519/curve25519_x25519base_alt.S',
+  'x86/curve25519/edwards25519_decode.S',
+  'x86/curve25519/edwards25519_decode_alt.S',
+  'x86/curve25519/edwards25519_encode.S',
+  'x86/curve25519/edwards25519_epadd.S',
+  'x86/curve25519/edwards25519_epadd_alt.S',
+  'x86/curve25519/edwards25519_epdouble.S',
+  'x86/curve25519/edwards25519_epdouble_alt.S',
+  'x86/curve25519/edwards25519_pdouble.S',
+  'x86/curve25519/edwards25519_pdouble_alt.S',
+  'x86/curve25519/edwards25519_pepadd.S',
+  'x86/curve25519/edwards25519_pepadd_alt.S',
+  'x86/curve25519/edwards25519_scalarmulbase.S',
+  'x86/curve25519/edwards25519_scalarmulbase_alt.S',
+  'x86/curve25519/edwards25519_scalarmuldouble.S',
+  'x86/curve25519/edwards25519_scalarmuldouble_alt.S',
+  'x86/fastmul/bignum_emontredc_8n.S',
+  'x86/fastmul/bignum_kmul_16_32.S',
+  'x86/fastmul/bignum_kmul_32_64.S',
+  'x86/fastmul/bignum_ksqr_16_32.S',
+  'x86/fastmul/bignum_ksqr_32_64.S',
+  'x86/fastmul/bignum_mul_4_8.S',
+  'x86/fastmul/bignum_mul_4_8_alt.S',
+  'x86/fastmul/bignum_mul_6_12.S',
+  'x86/fastmul/bignum_mul_6_12_alt.S',
+  'x86/fastmul/bignum_mul_8_16.S',
+  'x86/fastmul/bignum_mul_8_16_alt.S',
+  'x86/fastmul/bignum_sqr_4_8.S',
+  'x86/fastmul/bignum_sqr_4_8_alt.S',
+  'x86/fastmul/bignum_sqr_6_12.S',
+  'x86/fastmul/bignum_sqr_6_12_alt.S',
+  'x86/fastmul/bignum_sqr_8_16.S',
+  'x86/fastmul/bignum_sqr_8_16_alt.S',
+  'x86/generic/bignum_add.S',
+  'x86/generic/bignum_amontifier.S',
+  'x86/generic/bignum_amontmul.S',
+  'x86/generic/bignum_amontredc.S',
+  'x86/generic/bignum_amontsqr.S',
+  'x86/generic/bignum_bitfield.S',
+  'x86/generic/bignum_bitsize.S',
+  'x86/generic/bignum_cdiv.S',
+  'x86/generic/bignum_cdiv_exact.S',
+  'x86/generic/bignum_cld.S',
+  'x86/generic/bignum_clz.S',
+  'x86/generic/bignum_cmadd.S',
+  'x86/generic/bignum_cmnegadd.S',
+  'x86/generic/bignum_cmod.S',
+  'x86/generic/bignum_cmul.S',
+  'x86/generic/bignum_coprime.S',
+  'x86/generic/bignum_copy.S',
+  'x86/generic/bignum_copy_row_from_table.S',
+  'x86/generic/bignum_ctd.S',
+  'x86/generic/bignum_ctz.S',
+  'x86/generic/bignum_demont.S',
+  'x86/generic/bignum_digit.S',
+  'x86/generic/bignum_digitsize.S',
+  'x86/generic/bignum_divmod10.S',
+  'x86/generic/bignum_emontredc.S',
+  'x86/generic/bignum_eq.S',
+  'x86/generic/bignum_even.S',
+  'x86/generic/bignum_ge.S',
+  'x86/generic/bignum_gt.S',
+  'x86/generic/bignum_iszero.S',
+  'x86/generic/bignum_le.S',
+  'x86/generic/bignum_lt.S',
+  'x86/generic/bignum_madd.S',
+  'x86/generic/bignum_modadd.S',
+  'x86/generic/bignum_moddouble.S',
+  'x86/generic/bignum_modexp.S',
+  'x86/generic/bignum_modifier.S',
+  'x86/generic/bignum_modinv.S',
+  'x86/generic/bignum_modoptneg.S',
+  'x86/generic/bignum_modsub.S',
+  'x86/generic/bignum_montifier.S',
+  'x86/generic/bignum_montmul.S',
+  'x86/generic/bignum_montredc.S',
+  'x86/generic/bignum_montsqr.S',
+  'x86/generic/bignum_mul.S',
+  'x86/generic/bignum_muladd10.S',
+  'x86/generic/bignum_mux.S',
+  'x86/generic/bignum_mux16.S',
+  'x86/generic/bignum_negmodinv.S',
+  'x86/generic/bignum_nonzero.S',
+  'x86/generic/bignum_normalize.S',
+  'x86/generic/bignum_odd.S',
+  'x86/generic/bignum_of_word.S',
+  'x86/generic/bignum_optadd.S',
+  'x86/generic/bignum_optneg.S',
+  'x86/generic/bignum_optsub.S',
+  'x86/generic/bignum_optsubadd.S',
+  'x86/generic/bignum_pow2.S',
+  'x86/generic/bignum_shl_small.S',
+  'x86/generic/bignum_shr_small.S',
+  'x86/generic/bignum_sqr.S',
+  'x86/generic/bignum_sub.S',
+  'x86/generic/word_bytereverse.S',
+  'x86/generic/word_clz.S',
+  'x86/generic/word_ctz.S',
+  'x86/generic/word_divstep59.S',
+  'x86/generic/word_max.S',
+  'x86/generic/word_min.S',
+  'x86/generic/word_negmodinv.S',
+  'x86/generic/word_popcount.S',
+  'x86/generic/word_recip.S',
+  'x86/mldsa/mldsa_ntt.S',
+  'x86/mldsa/mldsa_poly_reduce.S',
+  'x86/mlkem/mlkem_basemul_k2.S',
+  'x86/mlkem/mlkem_basemul_k3.S',
+  'x86/mlkem/mlkem_basemul_k4.S',
+  'x86/mlkem/mlkem_reduce.S',
+  'x86/p256/bignum_add_p256.S',
+  'x86/p256/bignum_bigendian_4.S',
+  'x86/p256/bignum_cmul_p256.S',
+  'x86/p256/bignum_cmul_p256_alt.S',
+  'x86/p256/bignum_deamont_p256.S',
+  'x86/p256/bignum_deamont_p256_alt.S',
+  'x86/p256/bignum_demont_p256.S',
+  'x86/p256/bignum_demont_p256_alt.S',
+  'x86/p256/bignum_double_p256.S',
+  'x86/p256/bignum_half_p256.S',
+  'x86/p256/bignum_inv_p256.S',
+  'x86/p256/bignum_littleendian_4.S',
+  'x86/p256/bignum_mod_n256.S',
+  'x86/p256/bignum_mod_n256_4.S',
+  'x86/p256/bignum_mod_n256_alt.S',
+  'x86/p256/bignum_mod_p256.S',
+  'x86/p256/bignum_mod_p256_4.S',
+  'x86/p256/bignum_mod_p256_alt.S',
+  'x86/p256/bignum_montinv_p256.S',
+  'x86/p256/bignum_montmul_p256.S',
+  'x86/p256/bignum_montmul_p256_alt.S',
+  'x86/p256/bignum_montsqr_p256.S',
+  'x86/p256/bignum_montsqr_p256_alt.S',
+  'x86/p256/bignum_mux_4.S',
+  'x86/p256/bignum_neg_p256.S',
+  'x86/p256/bignum_nonzero_4.S',
+  'x86/p256/bignum_optneg_p256.S',
+  'x86/p256/bignum_sub_p256.S',
+  'x86/p256/bignum_tomont_p256.S',
+  'x86/p256/bignum_tomont_p256_alt.S',
+  'x86/p256/bignum_triple_p256.S',
+  'x86/p256/bignum_triple_p256_alt.S',
+  'x86/p256/p256_montjadd.S',
+  'x86/p256/p256_montjadd_alt.S',
+  'x86/p256/p256_montjdouble.S',
+  'x86/p256/p256_montjdouble_alt.S',
+  'x86/p256/p256_montjmixadd.S',
+  'x86/p256/p256_montjmixadd_alt.S',
+  'x86/p256/p256_montjscalarmul.S',
+  'x86/p256/p256_montjscalarmul_alt.S',
+  'x86/p256/p256_scalarmul.S',
+  'x86/p256/p256_scalarmul_alt.S',
+  'x86/p256/p256_scalarmulbase.S',
+  'x86/p256/p256_scalarmulbase_alt.S',
+  'x86/p384/bignum_add_p384.S',
+  'x86/p384/bignum_bigendian_6.S',
+  'x86/p384/bignum_cmul_p384.S',
+  'x86/p384/bignum_cmul_p384_alt.S',
+  'x86/p384/bignum_deamont_p384.S',
+  'x86/p384/bignum_deamont_p384_alt.S',
+  'x86/p384/bignum_demont_p384.S',
+  'x86/p384/bignum_demont_p384_alt.S',
+  'x86/p384/bignum_double_p384.S',
+  'x86/p384/bignum_half_p384.S',
+  'x86/p384/bignum_inv_p384.S',
+  'x86/p384/bignum_littleendian_6.S',
+  'x86/p384/bignum_mod_n384.S',
+  'x86/p384/bignum_mod_n384_6.S',
+  'x86/p384/bignum_mod_n384_alt.S',
+  'x86/p384/bignum_mod_p384.S',
+  'x86/p384/bignum_mod_p384_6.S',
+  'x86/p384/bignum_mod_p384_alt.S',
+  'x86/p384/bignum_montinv_p384.S',
+  'x86/p384/bignum_montmul_p384.S',
+  'x86/p384/bignum_montmul_p384_alt.S',
+  'x86/p384/bignum_montsqr_p384.S',
+  'x86/p384/bignum_montsqr_p384_alt.S',
+  'x86/p384/bignum_mux_6.S',
+  'x86/p384/bignum_neg_p384.S',
+  'x86/p384/bignum_nonzero_6.S',
+  'x86/p384/bignum_optneg_p384.S',
+  'x86/p384/bignum_sub_p384.S',
+  'x86/p384/bignum_tomont_p384.S',
+  'x86/p384/bignum_tomont_p384_alt.S',
+  'x86/p384/bignum_triple_p384.S',
+  'x86/p384/bignum_triple_p384_alt.S',
+  'x86/p384/p384_montjadd.S',
+  'x86/p384/p384_montjadd_alt.S',
+  'x86/p384/p384_montjdouble.S',
+  'x86/p384/p384_montjdouble_alt.S',
+  'x86/p384/p384_montjmixadd.S',
+  'x86/p384/p384_montjmixadd_alt.S',
+  'x86/p384/p384_montjscalarmul.S',
+  'x86/p384/p384_montjscalarmul_alt.S',
+  'x86/p521/bignum_add_p521.S',
+  'x86/p521/bignum_cmul_p521.S',
+  'x86/p521/bignum_cmul_p521_alt.S',
+  'x86/p521/bignum_deamont_p521.S',
+  'x86/p521/bignum_demont_p521.S',
+  'x86/p521/bignum_double_p521.S',
+  'x86/p521/bignum_fromlebytes_p521.S',
+  'x86/p521/bignum_half_p521.S',
+  'x86/p521/bignum_inv_p521.S',
+  'x86/p521/bignum_mod_n521_9.S',
+  'x86/p521/bignum_mod_n521_9_alt.S',
+  'x86/p521/bignum_mod_p521_9.S',
+  'x86/p521/bignum_montmul_p521.S',
+  'x86/p521/bignum_montmul_p521_alt.S',
+  'x86/p521/bignum_montsqr_p521.S',
+  'x86/p521/bignum_montsqr_p521_alt.S',
+  'x86/p521/bignum_mul_p521.S',
+  'x86/p521/bignum_mul_p521_alt.S',
+  'x86/p521/bignum_neg_p521.S',
+  'x86/p521/bignum_optneg_p521.S',
+  'x86/p521/bignum_sqr_p521.S',
+  'x86/p521/bignum_sqr_p521_alt.S',
+  'x86/p521/bignum_sub_p521.S',
+  'x86/p521/bignum_tolebytes_p521.S',
+  'x86/p521/bignum_tomont_p521.S',
+  'x86/p521/bignum_triple_p521.S',
+  'x86/p521/bignum_triple_p521_alt.S',
+  'x86/p521/p521_jadd.S',
+  'x86/p521/p521_jadd_alt.S',
+  'x86/p521/p521_jdouble.S',
+  'x86/p521/p521_jdouble_alt.S',
+  'x86/p521/p521_jmixadd.S',
+  'x86/p521/p521_jmixadd_alt.S',
+  'x86/p521/p521_jscalarmul.S',
+  'x86/p521/p521_jscalarmul_alt.S',
+  'x86/secp256k1/bignum_add_p256k1.S',
+  'x86/secp256k1/bignum_cmul_p256k1.S',
+  'x86/secp256k1/bignum_cmul_p256k1_alt.S',
+  'x86/secp256k1/bignum_deamont_p256k1.S',
+  'x86/secp256k1/bignum_demont_p256k1.S',
+  'x86/secp256k1/bignum_double_p256k1.S',
+  'x86/secp256k1/bignum_half_p256k1.S',
+  'x86/secp256k1/bignum_mod_n256k1_4.S',
+  'x86/secp256k1/bignum_mod_p256k1_4.S',
+  'x86/secp256k1/bignum_montmul_p256k1.S',
+  'x86/secp256k1/bignum_montmul_p256k1_alt.S',
+  'x86/secp256k1/bignum_montsqr_p256k1.S',
+  'x86/secp256k1/bignum_montsqr_p256k1_alt.S',
+  'x86/secp256k1/bignum_mul_p256k1.S',
+  'x86/secp256k1/bignum_mul_p256k1_alt.S',
+  'x86/secp256k1/bignum_neg_p256k1.S',
+  'x86/secp256k1/bignum_optneg_p256k1.S',
+  'x86/secp256k1/bignum_sqr_p256k1.S',
+  'x86/secp256k1/bignum_sqr_p256k1_alt.S',
+  'x86/secp256k1/bignum_sub_p256k1.S',
+  'x86/secp256k1/bignum_tomont_p256k1.S',
+  'x86/secp256k1/bignum_tomont_p256k1_alt.S',
+  'x86/secp256k1/bignum_triple_p256k1.S',
+  'x86/secp256k1/bignum_triple_p256k1_alt.S',
+  'x86/secp256k1/secp256k1_jadd.S',
+  'x86/secp256k1/secp256k1_jadd_alt.S',
+  'x86/secp256k1/secp256k1_jdouble.S',
+  'x86/secp256k1/secp256k1_jdouble_alt.S',
+  'x86/secp256k1/secp256k1_jmixadd.S',
+  'x86/secp256k1/secp256k1_jmixadd_alt.S',
+  'x86/sha3/sha3_keccak_f1600.S',
+  'x86/sm2/bignum_add_sm2.S',
+  'x86/sm2/bignum_cmul_sm2.S',
+  'x86/sm2/bignum_cmul_sm2_alt.S',
+  'x86/sm2/bignum_deamont_sm2.S',
+  'x86/sm2/bignum_demont_sm2.S',
+  'x86/sm2/bignum_double_sm2.S',
+  'x86/sm2/bignum_half_sm2.S',
+  'x86/sm2/bignum_inv_sm2.S',
+  'x86/sm2/bignum_mod_nsm2.S',
+  'x86/sm2/bignum_mod_nsm2_4.S',
+  'x86/sm2/bignum_mod_nsm2_alt.S',
+  'x86/sm2/bignum_mod_sm2.S',
+  'x86/sm2/bignum_mod_sm2_4.S',
+  'x86/sm2/bignum_montinv_sm2.S',
+  'x86/sm2/bignum_montmul_sm2.S',
+  'x86/sm2/bignum_montmul_sm2_alt.S',
+  'x86/sm2/bignum_montsqr_sm2.S',
+  'x86/sm2/bignum_montsqr_sm2_alt.S',
+  'x86/sm2/bignum_neg_sm2.S',
+  'x86/sm2/bignum_optneg_sm2.S',
+  'x86/sm2/bignum_sub_sm2.S',
+  'x86/sm2/bignum_tomont_sm2.S',
+  'x86/sm2/bignum_triple_sm2.S',
+  'x86/sm2/bignum_triple_sm2_alt.S',
+  'x86/sm2/sm2_montjadd.S',
+  'x86/sm2/sm2_montjadd_alt.S',
+  'x86/sm2/sm2_montjdouble.S',
+  'x86/sm2/sm2_montjdouble_alt.S',
+  'x86/sm2/sm2_montjmixadd.S',
+  'x86/sm2/sm2_montjmixadd_alt.S',
+  'x86/sm2/sm2_montjscalarmul.S',
+  'x86/sm2/sm2_montjscalarmul_alt.S',
+]
diff --git a/subprojects/s2n-bignum.wrap b/subprojects/s2n-bignum.wrap
new file mode 100644
index 000000000..dbba7b6d0
--- /dev/null
+++ b/subprojects/s2n-bignum.wrap
@@ -0,0 +1,9 @@
+[wrap-file]
+directory = s2n-bignum-34cc34d0e60ae7fd5e703434fe6c87b0fcdb607e
+source_url = https://github.com/awslabs/s2n-bignum/archive/34cc34d0e60ae7fd5e703434fe6c87b0fcdb607e.tar.gz
+source_filename = s2n-bignum-1.0.0.tar.gz
+source_hash = 8281652e582db9d503c101378b15dfe45f4aa846e98effd253b1ad9b758789fe
+patch_directory = s2n-bignum
+
+[provide]
+dependency_names = s2n-bignum
diff --git a/tools/sanity_checks.py b/tools/sanity_checks.py
index d157c6bb2..a8ff576d3 100755
--- a/tools/sanity_checks.py
+++ b/tools/sanity_checks.py
@@ -450,10 +450,11 @@ def check_source_url(self, name: str, wrap_section: configparser.SectionProxy, v
             segs = version.split('.')
             self.assertEqual(len(segs), 3)
             version = segs[0] + segs[1] + segs[2]
-        elif name in {'netstring-c', 'directxmath', 'luajit'}:
+        elif name in {'netstring-c', 'directxmath', 'luajit', 's2n-bignum'}:
             # There is no specific version for netstring-c
             # DirectXMath source url contains only tag name without version
             # LuaJIT source URL does not contain the version number.
+            # s2n-bignum has no versioned releases.
             return
         version_ = version.replace('.', '_')
         self.assertTrue(version in source_url or version_ in source_url,