Merge pull request #9719 from dgarske/usersettings_expand

Improve user_settings.h examples and add validation rules

.codespellexcludelines

@@ -13,6 +13,9 @@ rsource "Kconfig.tls-generic"
     const uint8_t* hashIn, int hashSz)
     XMEMCPY(hash + (curveSz - hashSz), hashIn, hashSz);
         0x63, 0x72, 0x65, 0x65, 0x6e, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x62, 0x65, 0x20, 0x69, /* creen would be i */
+        0x75, 0x6c, 0x64, 0x20, 0x62, 0x65, 0x20, 0x69, /* creen would be i */
 \pagenumbering{alph}
     DES3_KEY_SIZE       = 24,  /* 3 des ede               */
 /* functions added to support above needed, removed TOOM and KARATSUBA */
+#include <sys/systm.h>
+ * extern global version from /usr/src/sys/sys/systm.h */

.github/renode-test/stm32h753/CMakeLists.txt

@@ -0,0 +1,108 @@
+cmake_minimum_required(VERSION 3.18)
+project(wolfcrypt_stm32h753 LANGUAGES C ASM)
+
+set(WOLFSSL_ROOT "/opt/wolfssl" CACHE PATH "wolfSSL source")
+
+set(CMAKE_TRY_COMPILE_TARGET_TYPE STATIC_LIBRARY)
+enable_language(ASM)
+
+# Include paths for CMSIS device headers and STM32 HAL
+# Order matters: CMSIS must come before HAL
+include_directories(BEFORE
+    ${CMAKE_SOURCE_DIR}
+    /opt/CMSIS_5/CMSIS/Core/Include  # Core CMSIS (core_cm7.h, etc.) - must be first
+    /opt/cmsis-device-h7/Include     # Device-specific CMSIS (stm32h7xx.h)
+    /opt/STM32CubeH7/Drivers/STM32H7xx_HAL_Driver/Inc/Legacy
+    /opt/STM32CubeH7/Drivers/STM32H7xx_HAL_Driver/Inc
+)
+
+# STM32 HAL source files (minimal set for CRYP and HASH)
+# Note: These files are cloned in the Dockerfile before CMake runs
+set(HAL_SRC_DIR /opt/STM32CubeH7/Drivers/STM32H7xx_HAL_Driver/Src)
+
+# Check if HAL directory exists, then add source files
+if(EXISTS ${HAL_SRC_DIR})
+    set(HAL_SOURCES
+        ${HAL_SRC_DIR}/stm32h7xx_hal.c
+        ${HAL_SRC_DIR}/stm32h7xx_hal_rcc.c
+        ${HAL_SRC_DIR}/stm32h7xx_hal_rcc_ex.c
+        ${HAL_SRC_DIR}/stm32h7xx_hal_cortex.c
+        ${HAL_SRC_DIR}/stm32h7xx_hal_dma.c
+        ${HAL_SRC_DIR}/stm32h7xx_hal_dma_ex.c
+        ${HAL_SRC_DIR}/stm32h7xx_hal_rng.c
+        # CRYP HAL files enabled for AES_GCM only
+        ${HAL_SRC_DIR}/stm32h7xx_hal_cryp.c
+        ${HAL_SRC_DIR}/stm32h7xx_hal_cryp_ex.c
+        # HASH HAL files disabled - Renode doesn't implement HASH peripheral
+        # ${HAL_SRC_DIR}/stm32h7xx_hal_hash.c
+        # ${HAL_SRC_DIR}/stm32h7xx_hal_hash_ex.c
+    )
+else()
+    message(WARNING "HAL source directory not found: ${HAL_SRC_DIR}")
+    set(HAL_SOURCES "")
+endif()
+
+# wolfSSL build options
+set(WOLFSSL_USER_SETTINGS ON CACHE BOOL "Use user_settings.h")
+set(WOLFSSL_CRYPT_TESTS OFF CACHE BOOL "")
+set(WOLFSSL_EXAMPLES OFF CACHE BOOL "")
+set(BUILD_SHARED_LIBS OFF CACHE BOOL "")
+
+add_subdirectory(${WOLFSSL_ROOT} ${CMAKE_BINARY_DIR}/wolfssl-build EXCLUDE_FROM_ALL)
+target_include_directories(wolfssl PRIVATE
+    /opt/CMSIS_5/CMSIS/Core/Include  # Core CMSIS first
+    /opt/cmsis-device-h7/Include     # Device CMSIS
+    /opt/STM32CubeH7/Drivers/STM32H7xx_HAL_Driver/Inc/Legacy
+    /opt/STM32CubeH7/Drivers/STM32H7xx_HAL_Driver/Inc
+    ${CMAKE_SOURCE_DIR}  # For stm32h7xx_hal_conf.h
+)
+# Suppress the GENSEED_FORTEST warning (expected for emulation/test builds)
+target_compile_options(wolfssl PRIVATE -Wno-cpp)
+
+# wolfSSL STM32 port source file (needed for HASH and CRYPTO hardware acceleration)
+set(WOLFSSL_STM32_PORT_SRC ${WOLFSSL_ROOT}/wolfcrypt/src/port/st/stm32.c)
+
+add_executable(wolfcrypt_test.elf
+    startup_stm32h753.c
+    main.c
+    ${WOLFSSL_ROOT}/wolfcrypt/test/test.c
+    ${HAL_SOURCES}
+    ${WOLFSSL_STM32_PORT_SRC}
+)
+
+target_include_directories(wolfcrypt_test.elf PRIVATE
+    ${CMAKE_SOURCE_DIR}
+    ${WOLFSSL_ROOT}
+    /opt/STM32CubeH7/Drivers/STM32H7xx_HAL_Driver/Inc
+    /opt/STM32CubeH7/Drivers/STM32H7xx_HAL_Driver/Inc/Legacy
+)
+
+target_compile_definitions(wolfcrypt_test.elf PRIVATE
+    WOLFSSL_USER_SETTINGS
+    STM32H753xx
+    USE_HAL_DRIVER
+    USE_HAL_CONF  # Enable HAL configuration
+    # NO_AES_CBC is defined in user_settings.h, no need to define it here
+)
+
+# HAL source files need the same compile options and must include stdint.h
+# Disable all warnings for HAL files (third-party code we don't control)
+set_source_files_properties(${HAL_SOURCES} PROPERTIES
+    COMPILE_FLAGS "-mcpu=cortex-m7 -mthumb -mfpu=fpv5-d16 -mfloat-abi=hard -ffunction-sections -fdata-sections -Os -include stdint.h -w"
+)
+
+target_compile_options(wolfcrypt_test.elf PRIVATE
+    -mcpu=cortex-m7 -mthumb -mfpu=fpv5-d16 -mfloat-abi=hard
+    -ffunction-sections -fdata-sections -Os
+)
+
+target_link_options(wolfcrypt_test.elf PRIVATE
+    -T${CMAKE_SOURCE_DIR}/stm32h753.ld
+    -Wl,--gc-sections
+    -nostartfiles
+    -specs=nano.specs
+    -specs=nosys.specs
+)
+
+target_link_libraries(wolfcrypt_test.elf PRIVATE wolfssl m c gcc nosys)
+

.github/renode-test/stm32h753/entrypoint.sh

@@ -0,0 +1,194 @@
+#!/bin/bash
+set -euo pipefail
+
+LOG=/tmp/wolfcrypt-renode.log
+TIMEOUT=300  # Maximum 5 minutes
+
+echo "Running wolfCrypt test in Renode..."
+
+# Try to find Renode binary in common installation locations
+# When installed via .deb package, Renode is typically in /usr/bin/renode
+RENODE_BIN="${RENODE_BIN:-$(command -v renode 2>/dev/null || true)}"
+if [ -z "$RENODE_BIN" ]; then
+    # Check common installation paths (order matters - check standard locations first)
+    for path in /usr/bin/renode /usr/local/bin/renode /opt/renode/renode; do
+        if [ -x "$path" ]; then
+            RENODE_BIN="$path"
+            break
+        fi
+    done
+fi
+
+if [ -z "$RENODE_BIN" ] || [ ! -x "$RENODE_BIN" ]; then
+    echo "Renode binary not found in image."
+    echo "Checked paths: /usr/bin/renode, /usr/local/bin/renode, /opt/renode/renode"
+    echo "PATH: $PATH"
+    which renode || echo "renode not in PATH"
+    exit 2
+fi
+
+echo "Using Renode binary: $RENODE_BIN"
+
+# Determine Renode root directory (where platforms/ directory is located)
+if [ -d "/opt/renode/platforms" ]; then
+    RENODE_ROOT="/opt/renode"
+elif [ -d "/usr/lib/renode/platforms" ]; then
+    RENODE_ROOT="/usr/lib/renode"
+elif [ -d "/usr/share/renode/platforms" ]; then
+    RENODE_ROOT="/usr/share/renode"
+else
+    # Try to find Renode root by checking where the binary is
+    RENODE_DIR=$(dirname "$(readlink -f "${RENODE_BIN}" 2>/dev/null || echo "${RENODE_BIN}")")
+    if [ -d "${RENODE_DIR}/../platforms" ]; then
+        RENODE_ROOT=$(readlink -f "${RENODE_DIR}/.." 2>/dev/null || echo "${RENODE_DIR}/..")
+    else
+        echo "Warning: Could not determine Renode root directory"
+        RENODE_ROOT=""
+    fi
+fi
+
+# Set RENODE_ROOT environment variable (Renode uses this to find platform files)
+if [ -n "$RENODE_ROOT" ]; then
+    export RENODE_ROOT
+    echo "Using Renode root: ${RENODE_ROOT}"
+    # Also create .renode-root file in firmware directory as backup
+    echo "${RENODE_ROOT}" > /opt/firmware/.renode-root
+    chmod 644 /opt/firmware/.renode-root
+else
+    echo "ERROR: Could not determine Renode root directory"
+    exit 1
+fi
+
+# Verify platform file exists
+PLATFORM_FILE="${RENODE_ROOT}/platforms/cpus/stm32h753.repl"
+if [ ! -f "${PLATFORM_FILE}" ]; then
+    echo "ERROR: Platform file not found at ${PLATFORM_FILE}"
+    echo "Searching for platform files..."
+    find "${RENODE_ROOT}" -name "stm32h753.repl" 2>/dev/null | head -5 || true
+    exit 1
+fi
+
+echo "Platform file found at: ${PLATFORM_FILE}"
+
+# Change to firmware directory
+cd /opt/firmware
+
+# Create a modified Renode script with absolute path to platform file
+# This avoids the .renode-root file lookup issue
+cat > /opt/firmware/run-renode-absolute.resc <<EOF
+# Renode test script for STM32H753 (with absolute platform path)
+using sysbus
+
+mach create "stm32h753"
+
+# Use absolute path to platform file to avoid .renode-root lookup issues
+machine LoadPlatformDescription @${PLATFORM_FILE}
+
+sysbus LoadELF @/opt/firmware/wolfcrypt_test.elf
+
+# Connect USART3 to the console for wolfCrypt output
+showAnalyzer usart3
+
+# Start emulation and run for a long time
+# The entrypoint script will kill Renode when test completes
+emulation RunFor "600s"
+EOF
+
+# Start Renode in background, output to log (unbuffered)
+# Use the modified script with absolute path
+echo "Starting Renode with command: ${RENODE_BIN} --disable-xwt --console -e \"i @/opt/firmware/run-renode-absolute.resc\""
+stdbuf -oL -eL "${RENODE_BIN}" --disable-xwt --console -e "i @/opt/firmware/run-renode-absolute.resc" > "${LOG}" 2>&1 &
+RENODE_PID=$!
+echo "Renode PID: $RENODE_PID"
+
+# Monitor the log for completion, errors, and flush output frequently
+START_TIME=$(date +%s)
+RESULT=""
+LAST_LOG_SIZE=0
+
+while true; do
+    # Check if Renode is still running
+    if ! kill -0 "$RENODE_PID" 2>/dev/null; then
+        break
+    fi
+
+    # Flush new log content to stdout (unbuffered)
+    if [ -f "${LOG}" ]; then
+        CURRENT_LOG_SIZE=$(stat -f%z "${LOG}" 2>/dev/null || stat -c%s "${LOG}" 2>/dev/null || echo 0)
+        if [ "$CURRENT_LOG_SIZE" -gt "$LAST_LOG_SIZE" ]; then
+            # Output new lines
+            tail -c +$((LAST_LOG_SIZE + 1)) "${LOG}" 2>/dev/null | head -c $((CURRENT_LOG_SIZE - LAST_LOG_SIZE))
+            LAST_LOG_SIZE=$CURRENT_LOG_SIZE
+        fi
+    fi
+
+    # Check for Renode errors (must check before completion to catch errors early)
+    if grep -q "\[ERROR\]" "${LOG}" 2>/dev/null; then
+        echo ""
+        echo "ERROR: Renode reported an error!"
+        RESULT="renode_error"
+        break
+    fi
+
+    # Check for completion messages
+    if grep -q "=== wolfCrypt test passed! ===" "${LOG}" 2>/dev/null; then
+        RESULT="passed"
+        break
+    fi
+
+    if grep -q "=== wolfCrypt test FAILED ===" "${LOG}" 2>/dev/null; then
+        RESULT="failed"
+        break
+    fi
+
+    # Check timeout
+    CURRENT_TIME=$(date +%s)
+    ELAPSED=$((CURRENT_TIME - START_TIME))
+    if [ "$ELAPSED" -ge "$TIMEOUT" ]; then
+        echo ""
+        echo "Timeout after ${TIMEOUT} seconds"
+        RESULT="timeout"
+        break
+    fi
+
+    sleep 0.5
+done
+
+# Kill Renode if still running
+if kill -0 "$RENODE_PID" 2>/dev/null; then
+    kill "$RENODE_PID" 2>/dev/null || true
+    wait "$RENODE_PID" 2>/dev/null || true
+fi
+
+# Show the log output
+cat "${LOG}"
+
+# Report result
+case "$RESULT" in
+    passed)
+        echo ""
+        echo "wolfCrypt tests completed successfully."
+        exit 0
+        ;;
+    failed)
+        echo ""
+        echo "wolfCrypt tests FAILED."
+        exit 1
+        ;;
+    renode_error)
+        echo ""
+        echo "Renode reported an error - test aborted."
+        exit 1
+        ;;
+    timeout)
+        echo ""
+        echo "wolfCrypt tests timed out after ${TIMEOUT} seconds."
+        exit 1
+        ;;
+    *)
+        echo ""
+        echo "wolfCrypt tests did not report a result."
+        exit 1
+        ;;
+esac
+

.github/renode-test/stm32h753/main.c

@@ -0,0 +1,137 @@
+/* main.c - Entry point for wolfCrypt test on STM32H753 under Renode
+ *
+ * Runs the wolfCrypt test suite with output via USART3.
+ */
+
+#include <stdint.h>
+#include <stddef.h>
+#include <stdio.h>
+
+/* wolfCrypt test entry point */
+extern int wolfcrypt_test(void *args);
+
+/* USART3 registers (STM32H7) */
+#define USART3_BASE     0x40004800UL
+#define USART3_CR1      (*(volatile uint32_t *)(USART3_BASE + 0x00))
+#define USART3_BRR      (*(volatile uint32_t *)(USART3_BASE + 0x0C))
+#define USART3_ISR      (*(volatile uint32_t *)(USART3_BASE + 0x1C))
+#define USART3_TDR      (*(volatile uint32_t *)(USART3_BASE + 0x28))
+
+#define USART_CR1_UE    (1 << 0)
+#define USART_CR1_TE    (1 << 3)
+#define USART_ISR_TXE   (1 << 7)
+
+/* RCC registers for enabling USART3 clock */
+#define RCC_BASE        0x58024400UL
+#define RCC_APB1LENR    (*(volatile uint32_t *)(RCC_BASE + 0xE8))
+#define RCC_APB1LENR_USART3EN (1 << 18)
+
+static void uart_init(void)
+{
+    /* Enable USART3 clock */
+    RCC_APB1LENR |= RCC_APB1LENR_USART3EN;
+
+    /* Configure USART3: 115200 baud at 64MHz HSI */
+    USART3_BRR = 64000000 / 115200;
+    USART3_CR1 = USART_CR1_UE | USART_CR1_TE;
+}
+
+static void uart_putc(char c)
+{
+    while (!(USART3_ISR & USART_ISR_TXE))
+        ;
+    USART3_TDR = c;
+}
+
+static void uart_puts(const char *s)
+{
+    while (*s) {
+        if (*s == '\n')
+            uart_putc('\r');
+        uart_putc(*s++);
+    }
+}
+
+/* newlib _write syscall - redirects printf to UART */
+int _write(int fd, const char *buf, int len)
+{
+    (void)fd;
+    for (int i = 0; i < len; i++) {
+        if (buf[i] == '\n')
+            uart_putc('\r');
+        uart_putc(buf[i]);
+    }
+    return len;
+}
+
+/* Heap management for malloc - required by printf with format strings */
+extern char __heap_start__;
+extern char __heap_end__;
+
+void *_sbrk(ptrdiff_t incr)
+{
+    static char *heap_ptr = NULL;
+    char *prev_heap_ptr;
+
+    if (heap_ptr == NULL) {
+        heap_ptr = &__heap_start__;
+    }
+
+    prev_heap_ptr = heap_ptr;
+
+    if (heap_ptr + incr > &__heap_end__) {
+        /* Out of heap memory */
+        return (void *)-1;
+    }
+
+    heap_ptr += incr;
+    return prev_heap_ptr;
+}
+
+/* Simple counter for time - used by GENSEED_FORTEST */
+static volatile uint32_t tick_counter = 0;
+
+/* time() stub for wolfSSL GENSEED_FORTEST */
+#include <time.h>
+time_t time(time_t *t)
+{
+    tick_counter += 12345;  /* Simple pseudo-random increment */
+    time_t val = (time_t)tick_counter;
+    if (t)
+        *t = val;
+    return val;
+}
+
+/* Result variable - can be monitored by Renode at fixed address */
+volatile int test_result __attribute__((section(".data"))) = -1;
+volatile int test_complete __attribute__((section(".data"))) = 0;
+
+
+int main(int argc, char **argv)
+{
+    (void)argc;
+    (void)argv;
+
+    setvbuf(stdin, NULL, _IONBF, 0);
+    setvbuf(stdout, NULL, _IONBF, 0);
+    setvbuf(stderr, NULL, _IONBF, 0);
+    uart_init();
+    uart_puts("\n\n=== Starting wolfCrypt test ===\n\n");
+
+    test_result = wolfcrypt_test(NULL);
+    test_complete = 1;
+
+    if (test_result == 0) {
+        uart_puts("\n\n=== wolfCrypt test passed! ===\n");
+    } else {
+        uart_puts("\n\n=== wolfCrypt test FAILED ===\n");
+    }
+
+    /* Spin forever after the test completes */
+    while (1) {
+        __asm__ volatile ("wfi");
+    }
+
+    return test_result;
+}
+

.github/renode-test/stm32h753/run-renode.resc

@@ -0,0 +1,20 @@
+# Renode test script for STM32H753
+# Note: @platforms/cpus/stm32h753.repl is relative to Renode root
+# If RENODE_ROOT is set, Renode will use it; otherwise it looks for .renode-root file
+using sysbus
+
+mach create "stm32h753"
+
+# Try relative path first (works if RENODE_ROOT or .renode-root is set correctly)
+# If this fails, the absolute path will be tried in entrypoint.sh
+machine LoadPlatformDescription @platforms/cpus/stm32h753.repl
+
+sysbus LoadELF @/opt/firmware/wolfcrypt_test.elf
+
+# Connect USART3 to the console for wolfCrypt output
+showAnalyzer usart3
+
+# Start emulation and run for a long time
+# The entrypoint script will kill Renode when test completes
+emulation RunFor "600s"
+

.github/renode-test/stm32h753/startup_stm32h753.c

@@ -0,0 +1,101 @@
+/* Minimal startup code for STM32H753 running under Renode */
+
+#include <stdint.h>
+#include <stddef.h>
+
+extern int main(int argc, char** argv);
+
+void Default_Handler(void);
+void Reset_Handler(void);
+
+/* Symbols provided by the linker script */
+extern unsigned long _estack;
+extern unsigned long __data_start__;
+extern unsigned long __data_end__;
+extern unsigned long __bss_start__;
+extern unsigned long __bss_end__;
+extern unsigned long _sidata; /* start of .data in flash */
+
+/* Minimal init_array support */
+extern void (*__preinit_array_start[])(void);
+extern void (*__preinit_array_end[])(void);
+extern void (*__init_array_start[])(void);
+extern void (*__init_array_end[])(void);
+
+static void call_init_array(void)
+{
+    size_t count, i;
+
+    count = __preinit_array_end - __preinit_array_start;
+    for (i = 0; i < count; i++)
+        __preinit_array_start[i]();
+
+    count = __init_array_end - __init_array_start;
+    for (i = 0; i < count; i++)
+        __init_array_start[i]();
+}
+
+void Reset_Handler(void)
+{
+    unsigned long *src, *dst;
+
+    /* Copy .data from flash to RAM */
+    src = &_sidata;
+    for (dst = &__data_start__; dst < &__data_end__;)
+        *dst++ = *src++;
+
+    /* Zero .bss */
+    for (dst = &__bss_start__; dst < &__bss_end__;)
+        *dst++ = 0;
+
+    /* Call static constructors */
+    call_init_array();
+
+    /* Call main */
+    (void)main(0, (char**)0);
+
+    /* Infinite loop after main returns */
+    while (1) {
+        __asm__ volatile ("wfi");
+    }
+}
+
+void Default_Handler(void)
+{
+    while (1) {
+        __asm__ volatile ("wfi");
+    }
+}
+
+/* Exception handlers - all weak aliases to Default_Handler */
+void NMI_Handler(void) __attribute__((weak, alias("Default_Handler")));
+void HardFault_Handler(void) __attribute__((weak, alias("Default_Handler")));
+void MemManage_Handler(void) __attribute__((weak, alias("Default_Handler")));
+void BusFault_Handler(void) __attribute__((weak, alias("Default_Handler")));
+void UsageFault_Handler(void) __attribute__((weak, alias("Default_Handler")));
+void SVC_Handler(void) __attribute__((weak, alias("Default_Handler")));
+void DebugMon_Handler(void) __attribute__((weak, alias("Default_Handler")));
+void PendSV_Handler(void) __attribute__((weak, alias("Default_Handler")));
+void SysTick_Handler(void) __attribute__((weak, alias("Default_Handler")));
+
+/* Vector table */
+__attribute__ ((section(".isr_vector"), used))
+void (* const g_pfnVectors[])(void) = {
+    (void (*)(void))(&_estack), /* Initial stack pointer */
+    Reset_Handler,              /* Reset Handler */
+    NMI_Handler,                /* NMI Handler */
+    HardFault_Handler,          /* Hard Fault Handler */
+    MemManage_Handler,          /* MPU Fault Handler */
+    BusFault_Handler,           /* Bus Fault Handler */
+    UsageFault_Handler,         /* Usage Fault Handler */
+    0,                          /* Reserved */
+    0,                          /* Reserved */
+    0,                          /* Reserved */
+    0,                          /* Reserved */
+    SVC_Handler,                /* SVCall Handler */
+    DebugMon_Handler,           /* Debug Monitor Handler */
+    0,                          /* Reserved */
+    PendSV_Handler,             /* PendSV Handler */
+    SysTick_Handler             /* SysTick Handler */
+    /* IRQ vectors would continue here */
+};

.github/renode-test/stm32h753/stm32h753.ld

@@ -0,0 +1,109 @@
+/* Minimal STM32H753 memory map for Renode run */
+MEMORY
+{
+  FLASH (rx)  : ORIGIN = 0x08000000, LENGTH = 2048K
+  DTCM  (xrw) : ORIGIN = 0x20000000, LENGTH = 128K
+  RAM   (xrw) : ORIGIN = 0x24000000, LENGTH = 512K
+}
+
+_estack = ORIGIN(RAM) + LENGTH(RAM);
+_Min_Heap_Size = 128K;
+_Min_Stack_Size = 128K;
+
+ENTRY(Reset_Handler)
+
+SECTIONS
+{
+  .isr_vector :
+  {
+    . = ALIGN(4);
+    KEEP(*(.isr_vector))
+    . = ALIGN(4);
+  } > FLASH
+
+  .text :
+  {
+    . = ALIGN(4);
+    *(.text*)
+    *(.rodata*)
+    *(.glue_7)
+    *(.glue_7t)
+    *(.eh_frame)
+    . = ALIGN(4);
+    _etext = .;
+  } > FLASH
+
+  .ARM.extab :
+  {
+    *(.ARM.extab* .gnu.linkonce.armextab.*)
+  } > FLASH
+
+  .ARM.exidx :
+  {
+    __exidx_start = .;
+    *(.ARM.exidx*)
+    __exidx_end = .;
+  } > FLASH
+
+  .preinit_array :
+  {
+    PROVIDE_HIDDEN(__preinit_array_start = .);
+    KEEP(*(.preinit_array*))
+    PROVIDE_HIDDEN(__preinit_array_end = .);
+  } > FLASH
+
+  .init_array :
+  {
+    PROVIDE_HIDDEN(__init_array_start = .);
+    KEEP(*(SORT(.init_array.*)))
+    KEEP(*(.init_array*))
+    PROVIDE_HIDDEN(__init_array_end = .);
+  } > FLASH
+
+  .fini_array :
+  {
+    PROVIDE_HIDDEN(__fini_array_start = .);
+    KEEP(*(SORT(.fini_array.*)))
+    KEEP(*(.fini_array*))
+    PROVIDE_HIDDEN(__fini_array_end = .);
+  } > FLASH
+
+  /* Location in flash where .data will be stored */
+  _sidata = LOADADDR(.data);
+
+  .data :
+  {
+    . = ALIGN(4);
+    __data_start__ = .;
+    *(.data*)
+    . = ALIGN(4);
+    __data_end__ = .;
+  } > RAM AT> FLASH
+
+  .bss :
+  {
+    . = ALIGN(4);
+    __bss_start__ = .;
+    *(.bss*)
+    *(COMMON)
+    . = ALIGN(4);
+    __bss_end__ = .;
+  } > RAM
+
+  .heap_stack (NOLOAD):
+  {
+    . = ALIGN(8);
+    PROVIDE(__heap_start__ = .);
+    . = . + _Min_Heap_Size;
+    PROVIDE(__heap_end__ = .);
+    PROVIDE(end = __heap_end__);
+    . = ALIGN(8);
+    PROVIDE(__stack_start__ = .);
+    . = . + _Min_Stack_Size;
+    PROVIDE(__stack_end__ = .);
+  } > RAM
+}
+
+PROVIDE(_init = 0);
+PROVIDE(_fini = 0);
+

.github/renode-test/stm32h753/stm32h7xx_hal_conf.h

@@ -0,0 +1,208 @@
+/* Minimal HAL configuration for STM32H753 wolfCrypt build under Renode.
+ * RNG and CRYP HAL are enabled. CRYP is used for AES_GCM only (other AES modes disabled).
+ * HASH is disabled as Renode doesn't implement it.
+ */
+
+#ifndef STM32H7xx_HAL_CONF_H
+#define STM32H7xx_HAL_CONF_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* -------------------------  Module Selection  ----------------------------- */
+#define HAL_MODULE_ENABLED
+#define HAL_CORTEX_MODULE_ENABLED
+#define HAL_RCC_MODULE_ENABLED
+#define HAL_GPIO_MODULE_ENABLED
+#define HAL_RNG_MODULE_ENABLED
+#define HAL_CRYP_MODULE_ENABLED  /* Enabled for AES_GCM only */
+/* #define HAL_HASH_MODULE_ENABLED */  /* Disabled - Renode doesn't implement HASH */
+#define HAL_DMA_MODULE_ENABLED
+#define HAL_FLASH_MODULE_ENABLED
+#define HAL_PWR_MODULE_ENABLED
+#define HAL_EXTI_MODULE_ENABLED
+
+/* Disabled modules (explicit for clarity) */
+/* #define HAL_SDRAM_MODULE_ENABLED */
+
+/* -------------------------  Oscillator Values  ---------------------------- */
+#if !defined(HSE_VALUE)
+#define HSE_VALUE    25000000UL  /* External oscillator frequency in Hz */
+#endif
+
+#if !defined(HSE_STARTUP_TIMEOUT)
+#define HSE_STARTUP_TIMEOUT  100UL  /* Time out for HSE start up in ms */
+#endif
+
+#if !defined(CSI_VALUE)
+#define CSI_VALUE    4000000UL   /* Internal oscillator CSI in Hz */
+#endif
+
+#if !defined(HSI_VALUE)
+#define HSI_VALUE    64000000UL  /* Internal oscillator HSI in Hz */
+#endif
+
+#if !defined(HSI48_VALUE)
+#define HSI48_VALUE  48000000UL  /* Value of the Internal High Speed oscillator for USB in Hz */
+#endif
+
+#if !defined(LSE_VALUE)
+#define LSE_VALUE    32768UL     /* External low speed oscillator in Hz */
+#endif
+
+#if !defined(LSE_STARTUP_TIMEOUT)
+#define LSE_STARTUP_TIMEOUT  5000UL  /* Time out for LSE start up in ms */
+#endif
+
+#if !defined(LSI_VALUE)
+#define LSI_VALUE    32000UL     /* Internal low speed oscillator in Hz */
+#endif
+
+#if !defined(EXTERNAL_CLOCK_VALUE)
+#define EXTERNAL_CLOCK_VALUE  12288000UL  /* External audio clock in Hz */
+#endif
+
+/* -------------------------  System Configuration  -------------------------- */
+#define VDD_VALUE                  3300UL  /* Value of VDD in mV */
+#define TICK_INT_PRIORITY          0x0FUL  /* Tick interrupt priority */
+#define USE_RTOS                   0U
+#define PREFETCH_ENABLE            0U
+#define USE_HAL_ADC_REGISTER_CALLBACKS         0U
+#define USE_HAL_CEC_REGISTER_CALLBACKS         0U
+#define USE_HAL_COMP_REGISTER_CALLBACKS        0U
+#define USE_HAL_CORDIC_REGISTER_CALLBACKS      0U
+#define USE_HAL_CRYP_REGISTER_CALLBACKS        0U
+#define USE_HAL_DAC_REGISTER_CALLBACKS         0U
+#define USE_HAL_DCMI_REGISTER_CALLBACKS         0U
+#define USE_HAL_DFSDM_REGISTER_CALLBACKS       0U
+#define USE_HAL_DMA_REGISTER_CALLBACKS         0U
+#define USE_HAL_DMA2D_REGISTER_CALLBACKS       0U
+#define USE_HAL_DSI_REGISTER_CALLBACKS         0U
+#define USE_HAL_DTS_REGISTER_CALLBACKS         0U
+#define USE_HAL_ETH_REGISTER_CALLBACKS         0U
+#define USE_HAL_FDCAN_REGISTER_CALLBACKS       0U
+#define USE_HAL_FMAC_REGISTER_CALLBACKS        0U
+#define USE_HAL_GFXMMU_REGISTER_CALLBACKS      0U
+#define USE_HAL_HASH_REGISTER_CALLBACKS        0U
+#define USE_HAL_HCD_REGISTER_CALLBACKS         0U
+#define USE_HAL_HRTIM_REGISTER_CALLBACKS       0U
+#define USE_HAL_I2C_REGISTER_CALLBACKS         0U
+#define USE_HAL_I2S_REGISTER_CALLBACKS         0U
+#define USE_HAL_IRDA_REGISTER_CALLBACKS        0U
+#define USE_HAL_JPEG_REGISTER_CALLBACKS        0U
+#define USE_HAL_LPTIM_REGISTER_CALLBACKS       0U
+#define USE_HAL_LTDC_REGISTER_CALLBACKS        0U
+#define USE_HAL_MDIOS_REGISTER_CALLBACKS       0U
+#define USE_HAL_MMC_REGISTER_CALLBACKS         0U
+#define USE_HAL_NAND_REGISTER_CALLBACKS        0U
+#define USE_HAL_NOR_REGISTER_CALLBACKS         0U
+#define USE_HAL_OPAMP_REGISTER_CALLBACKS       0U
+#define USE_HAL_OSPI_REGISTER_CALLBACKS        0U
+#define USE_HAL_OTFDEC_REGISTER_CALLBACKS      0U
+#define USE_HAL_PCD_REGISTER_CALLBACKS         0U
+#define USE_HAL_PSSI_REGISTER_CALLBACKS        0U
+#define USE_HAL_QSPI_REGISTER_CALLBACKS        0U
+#define USE_HAL_RNG_REGISTER_CALLBACKS         0U
+#define USE_HAL_RTC_REGISTER_CALLBACKS         0U
+#define USE_HAL_SAI_REGISTER_CALLBACKS         0U
+#define USE_HAL_SD_REGISTER_CALLBACKS          0U
+#define USE_HAL_SDRAM_REGISTER_CALLBACKS       0U
+#define USE_HAL_SMARTCARD_REGISTER_CALLBACKS   0U
+#define USE_HAL_SMBUS_REGISTER_CALLBACKS       0U
+#define USE_HAL_SPDIFRX_REGISTER_CALLBACKS     0U
+#define USE_HAL_SPI_REGISTER_CALLBACKS         0U
+#define USE_HAL_SRAM_REGISTER_CALLBACKS         0U
+#define USE_HAL_SWPMI_REGISTER_CALLBACKS       0U
+#define USE_HAL_TIM_REGISTER_CALLBACKS         0U
+#define USE_HAL_UART_REGISTER_CALLBACKS        0U
+#define USE_HAL_USART_REGISTER_CALLBACKS       0U
+#define USE_HAL_WWDG_REGISTER_CALLBACKS        0U
+#define USE_HAL_XSPI_REGISTER_CALLBACKS        0U
+
+/* -------------------------  SPI peripheral configuration  ------------------ */
+#define USE_SPI_CRC  0U
+
+/* -------------------------  Assertion  ------------------------------------- */
+/* #define USE_FULL_ASSERT  1U */
+#define assert_param(expr)  ((void)0U)
+
+/* -------------------------  Ethernet Configuration  ------------------------ */
+#define ETH_TX_DESC_CNT  4U
+#define ETH_RX_DESC_CNT  4U
+#define ETH_MAC_ADDR0    0x02U
+#define ETH_MAC_ADDR1    0x00U
+#define ETH_MAC_ADDR2    0x00U
+#define ETH_MAC_ADDR3    0x00U
+#define ETH_MAC_ADDR4    0x00U
+#define ETH_MAC_ADDR5    0x00U
+
+/* -------------------------  Include HAL headers  --------------------------- */
+/**
+  * @brief Include module's header file
+  */
+
+#ifdef HAL_RCC_MODULE_ENABLED
+  #include "stm32h7xx_hal_rcc.h"
+#endif /* HAL_RCC_MODULE_ENABLED */
+
+#ifdef HAL_GPIO_MODULE_ENABLED
+  #include "stm32h7xx_hal_gpio.h"
+#endif /* HAL_GPIO_MODULE_ENABLED */
+
+#ifdef HAL_DMA_MODULE_ENABLED
+  #include "stm32h7xx_hal_dma.h"
+#endif /* HAL_DMA_MODULE_ENABLED */
+
+#ifdef HAL_CORTEX_MODULE_ENABLED
+  #include "stm32h7xx_hal_cortex.h"
+#endif /* HAL_CORTEX_MODULE_ENABLED */
+
+#ifdef HAL_EXTI_MODULE_ENABLED
+  #include "stm32h7xx_hal_exti.h"
+#endif /* HAL_EXTI_MODULE_ENABLED */
+
+#ifdef HAL_FLASH_MODULE_ENABLED
+  #include "stm32h7xx_hal_flash.h"
+#endif /* HAL_FLASH_MODULE_ENABLED */
+
+#ifdef HAL_PWR_MODULE_ENABLED
+  #include "stm32h7xx_hal_pwr.h"
+#endif /* HAL_PWR_MODULE_ENABLED */
+
+#ifdef HAL_RNG_MODULE_ENABLED
+  #include "stm32h7xx_hal_rng.h"
+#endif /* HAL_RNG_MODULE_ENABLED */
+
+/* CRYP enabled for AES_GCM only */
+#ifdef HAL_CRYP_MODULE_ENABLED
+  #include "stm32h7xx_hal_cryp.h"
+#endif
+
+/* #ifdef HAL_HASH_MODULE_ENABLED
+  #include "stm32h7xx_hal_hash.h"
+#endif */
+
+/* Exported macro ------------------------------------------------------------*/
+#ifdef  USE_FULL_ASSERT
+/**
+  * @brief  The assert_param macro is used for function's parameters check.
+  * @param  expr: If expr is false, it calls assert_failed function
+  *         which reports the name of the source file and the source
+  *         line number of the call that failed.
+  *         If expr is true, it returns no value.
+  * @retval None
+  */
+  #define assert_param(expr) ((expr) ? (void)0U : assert_failed((uint8_t *)__FILE__, __LINE__))
+/* Exported functions ------------------------------------------------------- */
+  void assert_failed(uint8_t *file, uint32_t line);
+#else
+  #define assert_param(expr) ((void)0U)
+#endif /* USE_FULL_ASSERT */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* STM32H7xx_HAL_CONF_H */
+

.github/renode-test/stm32h753/toolchain-arm-none-eabi.cmake

@@ -0,0 +1,24 @@
+set(CMAKE_SYSTEM_NAME Generic)
+set(CMAKE_SYSTEM_PROCESSOR arm)
+
+set(CMAKE_TRY_COMPILE_TARGET_TYPE STATIC_LIBRARY)
+
+set(CMAKE_C_COMPILER arm-none-eabi-gcc)
+set(CMAKE_CXX_COMPILER arm-none-eabi-g++)
+set(CMAKE_ASM_COMPILER arm-none-eabi-gcc)
+
+set(CMAKE_AR arm-none-eabi-ar)
+set(CMAKE_RANLIB arm-none-eabi-ranlib)
+
+set(CMAKE_C_STANDARD 11)
+
+set(CPU_FLAGS "-mcpu=cortex-m7 -mthumb -mfpu=fpv5-d16 -mfloat-abi=hard")
+set(OPT_FLAGS "-Os -ffunction-sections -fdata-sections")
+set(CMSIS_INCLUDES "-I/opt/cmsis-device-h7/Include -I/opt/CMSIS_5/CMSIS/Core/Include -I/opt/firmware")
+
+set(CMAKE_C_FLAGS_INIT "${CPU_FLAGS} ${OPT_FLAGS} ${CMSIS_INCLUDES} -DSTM32H753xx")
+set(CMAKE_CXX_FLAGS_INIT "${CPU_FLAGS} ${OPT_FLAGS} ${CMSIS_INCLUDES} -DSTM32H753xx")
+set(CMAKE_ASM_FLAGS_INIT "${CPU_FLAGS}")
+
+set(CMAKE_EXE_LINKER_FLAGS_INIT "-Wl,--gc-sections -static")
+

.github/renode-test/stm32h753/user_settings.h

@@ -0,0 +1,95 @@
+/* user_settings_renode.h - wolfSSL/wolfCrypt configuration for STM32H753 under Renode
+ *
+ * Minimal, semihosting-friendly build for Cortex-M7 / STM32H753.
+ * Hardware RNG and CRYPTO (AES-GCM only) are enabled via Renode's STM32H753 emulation.
+ * HASH is disabled as Renode doesn't implement the HASH peripheral.
+ */
+
+#ifndef USER_SETTINGS_RENODE_H
+#define USER_SETTINGS_RENODE_H
+
+/* -------------------------  Platform  ------------------------------------- */
+#define WOLFSSL_ARM_CORTEX_M
+#define WOLFSSL_STM32H7  /* STM32H7 series (includes H753) */
+#define WOLFSSL_STM32_CUBEMX  /* Use STM32 HAL for CRYPTO */
+/* NO_STM32_CRYPTO is NOT defined, so CRYPTO will be enabled */
+/* Disable HASH - Renode doesn't implement HASH peripheral */
+#define NO_STM32_HASH
+
+/* Required for consistent math library settings (CTC_SETTINGS) */
+#define SIZEOF_LONG 4
+#define SIZEOF_LONG_LONG 8
+
+/* -------------------------  Threading / OS  ------------------------------- */
+#define SINGLE_THREADED
+
+/* -------------------------  Filesystem / I/O  ----------------------------- */
+#define WOLFSSL_NO_CURRDIR
+#define NO_FILESYSTEM
+#define NO_WRITEV
+
+/* -------------------------  wolfCrypt Only  ------------------------------- */
+#define WOLFCRYPT_ONLY
+#define NO_DH
+#define NO_DSA
+/* Disable DES/3DES - Renode CRYPTO only supports AES_GCM */
+#define NO_DES
+#define NO_DES3
+
+/* -------------------------  AES Mode Configuration  ----------------------- */
+/* Disable all AES modes except GCM - Renode CRYPTO only supports AES_GCM */
+/* NO_AES_CBC prevents HAVE_AES_CBC from being defined in settings.h */
+#define NO_AES_CBC
+
+/* -------------------------  RNG Configuration  ---------------------------- */
+/* Enable STM32 hardware RNG (emulated by Renode) using direct register access */
+#define WOLFSSL_STM32_RNG_NOLIB
+/* NO_STM32_RNG is NOT defined, so STM32_RNG will be auto-enabled */
+#define NO_DEV_RANDOM
+#define HAVE_HASHDRBG
+
+/* -------------------------  Math Library  --------------------------------- */
+/* Use SP Math (Single Precision) - modern, efficient, and secure */
+#define WOLFSSL_SP_MATH_ALL
+#define WOLFSSL_HAVE_SP_RSA
+#define WOLFSSL_HAVE_SP_DH
+#define WOLFSSL_HAVE_SP_ECC
+#define WOLFSSL_SP_ARM_CORTEX_M_ASM
+#define SP_WORD_SIZE 32
+
+/* -------------------------  Crypto Hardening  ----------------------------- */
+#define WC_RSA_BLINDING
+#define ECC_TIMING_RESISTANT
+
+/* -------------------------  Size Optimization  ---------------------------- */
+#define WOLFSSL_SMALL_STACK
+
+/* -------------------------  Test Configuration  --------------------------- */
+/* Use smaller key sizes for faster test runs in emulation */
+#define BENCH_EMBEDDED
+
+/* Use our own main() instead of the one in test.c */
+#define NO_MAIN_DRIVER
+
+/* -------------------------  Post-options.h cleanup  ----------------------- */
+/* Ensure unsupported AES modes stay disabled even after options.h processing */
+/* These undefs will be processed after options.h includes, preventing
+ * Renode-unsupported modes from being used */
+#ifdef HAVE_AES_CBC
+#undef HAVE_AES_CBC
+#endif
+#ifdef HAVE_AES_ECB
+#undef HAVE_AES_ECB
+#endif
+#ifdef HAVE_AES_CTR
+#undef HAVE_AES_CTR
+#endif
+#ifdef HAVE_AES_CFB
+#undef HAVE_AES_CFB
+#endif
+#ifdef HAVE_AES_OFB
+#undef HAVE_AES_OFB
+#endif
+
+#endif /* USER_SETTINGS_RENODE_H */
+

.github/workflows/arduino.yml

@@ -38,7 +38,7 @@ name: Arduino CI Build (1 of 4) wolfssl
 #
 # To test locally:
 # cd [your WOLFSSL_ROOT], e.g. cd /mnt/c/workspace/wolfssl-$USER
-# [optional checkout]     e.g. git checkout tags/v5.8.2-stable
+# [optional checkout]     e.g. git checkout tags/v5.8.4-stable
 # pushd ./IDE/ARDUINO
 # export ARDUINO_ROOT="$HOME/Arduino/libraries"
 # ./wolfssl-arduino.sh INSTALL
@@ -50,6 +50,7 @@ on:
   push:
     branches: [ '**', 'master', 'main', 'release/**' ]
     paths:
+      # Specific to this Arduino CI Build (1 of 4)
       - '.github/workflows/arduino.yml'
       - 'IDE/ARDUINO/**'
       - 'src/**'
@@ -58,7 +59,7 @@ on:
   pull_request:
     branches: [ '**' ]
     paths:
-      - 'github/workflows/arduino.yml'
+      - '.github/workflows/arduino.yml'
       - 'IDE/ARDUINO/**'
       - 'src/**'
       - 'wolfcrypt/**'
@@ -66,17 +67,70 @@ on:
   workflow_dispatch:
 
 concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
+  # Same branch push cancels other jobs. Other PR branches untouched
+
+  group: ${{ github.workflow }}-${{ github.ref_name }}
   cancel-in-progress: true
+
 # END OF COMMON SECTION
 
 jobs:
   build:
     if: github.repository_owner == 'wolfssl'
     runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        fqbn:
+          # When editing this list, be sure to also edit file: board_list.txt
+          #   The compile-all-examples.sh optionally takes a FQBN parameter to
+          #   optionally compile all examples ONLY for the respective fully qualified board name.
+          # See https://github.com/wolfSSL/wolfssl-examples/blob/master/Arduino/sketches/board_list.txt
+
+          - arduino:avr:ethernet
+          - arduino:avr:leonardoeth
+          - arduino:avr:mega
+          - arduino:avr:nano
+          - arduino:avr:uno
+          - arduino:avr:yun
+          - arduino:samd:mkrwifi1010
+          - arduino:samd:mkr1000
+          - arduino:samd:mkrfox1200
+          - arduino:mbed_edge:edge_control
+          - arduino:mbed_nano:nanorp2040connect
+          - arduino:mbed_portenta:envie_m7
+          - arduino:mbed_portenta:portenta_x8
+          - arduino:renesas_uno:unor4wifi
+          - arduino:sam:arduino_due_x
+          - arduino:samd:arduino_zero_native
+          - arduino:samd:tian
+          - esp32:esp32:esp32
+          - esp32:esp32:esp32s2
+          - esp32:esp32:esp32s3
+          - esp32:esp32:esp32c3
+          - esp32:esp32:esp32c6
+          - esp32:esp32:esp32h2
+          - esp8266:esp8266:generic
+          - teensy:avr:teensy40
+
+          # Not yet supported, not in standard library
+          # - esp32:esp32:nano_nora
+
+          # End strategy matrix
     env:
       REPO_OWNER: ${{ github.repository_owner }}
+
     steps:
+      - name: Free disk space
+        run: |
+          sudo rm -rf /usr/share/dotnet
+          sudo rm -rf /usr/local/lib/android
+          sudo rm -rf /opt/ghc
+          sudo rm -rf /opt/hostedtoolcache/CodeQL
+          sudo apt-get clean
+          df -h
+
       - name: Checkout Repository
         uses: actions/checkout@v4
 
@@ -84,7 +138,7 @@ jobs:
         run: |
           # Script to fetch and run install.sh from arduino/arduino-cli
 
-          # The install script will test to see if the recently installed apps in in the path
+          # The install script will test to see if the recently installed apps in the path
           # So set it up in advance:
           mkdir -p "${PWD}/bin"
           echo "${PWD}/bin" >> $GITHUB_PATH
@@ -95,7 +149,7 @@ jobs:
           # Ensures that BINDIR exists before the installer runs
           mkdir -p "$ROOT_BIN"
 
-          # Save as a lobal environment variable
+          # Save as a global environment variable
           echo "$ROOT_BIN" >> "$GITHUB_PATH"
 
           # Download and run install script from Arduino:
@@ -126,34 +180,53 @@ jobs:
             echo "Alternative install script not needed."
           fi
 
-      - name: Confirm Arduino CLI install
+      - name: Confirm Arduino CLI Install
         run: arduino-cli version
 
+      - name: Derive CORE_ID (vendor:arch from FQBN)
+        run: |
+          CORE_ID="$(echo '${{ matrix.fqbn }}' | cut -d: -f1-2)"
+          echo "CORE_ID=$CORE_ID" >> "$GITHUB_ENV"
+
       - name: Setup Arduino CLI
         run: |
           arduino-cli config init
-          arduino-cli core update-index
+
+          # wait 10 minutes for big downloads (or use 0 for no limit)
+          arduino-cli config set network.connection_timeout 600s
+
           arduino-cli config add board_manager.additional_urls https://www.pjrc.com/teensy/package_teensy_index.json
-          arduino-cli core update-index
           arduino-cli config add board_manager.additional_urls https://arduino.esp8266.com/stable/package_esp8266com_index.json
           arduino-cli core update-index
-          arduino-cli core install esp32:esp32            # ESP32
-          arduino-cli core install arduino:avr            # Arduino Uno, Mega, Nano
-          arduino-cli core install arduino:sam            # Arduino Due
-          arduino-cli core install arduino:samd           # Arduino Zero
-          arduino-cli core install teensy:avr             # PJRC Teensy
-          arduino-cli core install esp8266:esp8266        # ESP8266
-          arduino-cli core install arduino:mbed_nano      # nanorp2040connect
-          arduino-cli core install arduino:mbed_portenta  # portenta_h7_m7
-          arduino-cli core install arduino:mbed_edge
+
+          echo "CORE_ID: $CORE_ID"
+          arduino-cli core install "$CORE_ID"
+
+          # The above is instead of:
+          # arduino-cli core install esp32:esp32            # ESP32
+          # arduino-cli core install arduino:avr            # Arduino Uno, Mega, Nano
+          # arduino-cli core install arduino:sam            # Arduino Due
+          # arduino-cli core install arduino:samd           # Arduino Zero
+          # arduino-cli core install teensy:avr             # PJRC Teensy
+          # arduino-cli core install esp8266:esp8266        # ESP8266
+          # arduino-cli core install arduino:mbed_nano      # nanorp2040connect
+          # arduino-cli core install arduino:mbed_portenta  # portenta_h7_m7
+          # arduino-cli core install arduino:mbed_edge
+          # arduino-cli core install arduino:renesas_uno
+
+          # For reference:
+
+          # mbed nano not yet tested
           # sudo "/home/$USER/.arduino15/packages/arduino/hardware/mbed_nano/4.2.4/post_install.sh"
-          arduino-cli core install arduino:renesas_uno
+
+          # Always install networking (not part of FQBN matrix)
+          # The first one also creates directory: /home/runner/Arduino/libraries
           arduino-cli lib install "ArduinoJson"           # Example dependency
           arduino-cli lib install "WiFiNINA"              # ARDUINO_SAMD_NANO_33_IOT
           arduino-cli lib install "Ethernet"              # Install Ethernet library
           arduino-cli lib install "Bridge"                # Pseudo-network for things like arduino:samd:tian
 
-      - name: Set job environment variables
+      - name: Set Job Environment Variables
         run: |
           # Script to assign some common environment variables after everything is installed
 
@@ -178,6 +251,27 @@ jobs:
           # WOLFSSL_EXAMPLES_ROOT is the repo root, not example location
           echo "WOLFSSL_EXAMPLES_ROOT = $WOLFSSL_EXAMPLES_ROOT"
 
+      - name: Cache Arduino Packages
+        uses: actions/cache@v4
+        with:
+          path: |
+            ~/.arduino15
+            ~/.cache/arduino
+            # Exclude staging directory from cache to save space
+            !~/.arduino15/staging
+
+            # Arduino libraries
+            # Specific to Arduino CI Build (2 of 4) Arduinbo Release wolfSSL for Local Examples
+            # Include all libraries, as the latest Arduino-wolfSSL will only change upon release.
+            ~/Arduino/libraries
+            # Ensure wolfssl is not cached, we're always using the latest. See separate cache.
+            !~/Arduino/libraries/wolfssl
+          key: arduino-${{ runner.os }}-${{ env.CORE_ID }}-${{ hashFiles('Arduino/sketches/board_list.txt') }}
+
+          restore-keys: |
+               arduino-${{ runner.os }}-${{ env.CORE_ID }}-
+               arduino-${{ runner.os }}-
+
       - name: Get wolfssl-examples
         run: |
           # Fetch Arduino examples from the wolfssl-examples repo
@@ -211,6 +305,9 @@ jobs:
         run: |
           # Run the local wolfssl-arduino.sh install script to install wolfssl Arduino library.
 
+          echo "Installing wolfSSL Arduino library (no cache hit)."
+          rm -rf "$ARDUINO_ROOT/wolfssl"
+
           # Methods of installing Arduino library:
           #   1) arduino-cli lib install "wolfSSL"
           #   2) manual copy of files (typical of the Arduino-wolfssl repo)
@@ -253,7 +350,8 @@ jobs:
 
           # Fetch script and board list into WOLFSSL_EXAMPLES_DIRECTORY
           echo "Fetching board_list.txt from REPO_OWNER=$REPO_OWNER"
-          curl -L "https://raw.githubusercontent.com/$REPO_OWNER/wolfssl-examples/master/Arduino/sketches/board_list.txt"          -o "$WOLFSSL_EXAMPLES_DIRECTORY/$THIS_BOARD_LIST"
+          curl -L "https://raw.githubusercontent.com/$REPO_OWNER/wolfssl-examples/master/Arduino/sketches/board_list.txt"  \
+               -o "$WOLFSSL_EXAMPLES_DIRECTORY/$THIS_BOARD_LIST"
 
           # Check if the first line is "404: Not Found" - which would indicate the curl path above is bad.
           FILE="$WOLFSSL_EXAMPLES_DIRECTORY/board_list.txt"
@@ -272,7 +370,8 @@ jobs:
 
           # Fetch the compile script from repo: https://github.com/[$USER]/wolfssl-examples/
           echo "Fetching compile-all-examples.sh from REPO_OWNER=$REPO_OWNER"
-          curl -L "https://raw.githubusercontent.com/$REPO_OWNER/wolfssl-examples/master/Arduino/sketches/compile-all-examples.sh" -o "$WOLFSSL_EXAMPLES_DIRECTORY/compile-all-examples.sh"
+          curl -L "https://raw.githubusercontent.com/$REPO_OWNER/wolfssl-examples/master/Arduino/sketches/compile-all-examples.sh"  \
+               -o "$WOLFSSL_EXAMPLES_DIRECTORY/compile-all-examples.sh"
 
           # Check if the first line is "404: Not Found" - which would indicate the curl path above is bad.
           FILE="$WOLFSSL_EXAMPLES_DIRECTORY/compile-all-examples.sh"
@@ -316,10 +415,51 @@ jobs:
           WOLFSSL_EXAMPLES_DIRECTORY="$ARDUINO_ROOT/wolfssl/examples"
           echo "WOLFSSL_EXAMPLES_DIRECTORY:  $WOLFSSL_EXAMPLES_DIRECTORY"
 
+          # Limit the number of jobs to 1 to avoid running out of memory
+          export ARDUINO_CLI_MAX_JOBS=1
+
           echo "Change directory to Arduino examples..."
           pushd "$WOLFSSL_EXAMPLES_DIRECTORY"
+            chmod +x ./compile-all-examples.sh
+
+            # The script expects all the examples to be in the current directory.
+            # Along with ./board_list.txt from examples repo
             echo "Current directory:           $PWD"
             echo "Calling ./compile-all-examples.sh"
-            bash ./compile-all-examples.sh
+            bash ./compile-all-examples.sh  ./board_list.txt "${{ matrix.fqbn }}"
           popd
           # End Compile Arduino Sketches for Various Boards
+
+      - name: Cleanup to Save Disk Space
+        if: always()
+        run: |
+          echo "Disk usage before cleanup:"
+          df -h
+          echo ""
+          echo "Cleaning up build artifacts and temporary files..."
+
+          # Clean up Arduino build artifacts
+          find ~/Arduino -name "*.hex" -delete 2>/dev/null || true
+          find ~/Arduino -name "*.elf" -delete 2>/dev/null || true
+          find ~/Arduino -name "*.bin" -delete 2>/dev/null || true
+          find ~/Arduino -name "build" -type d -exec rm -rf {} + 2>/dev/null || true
+
+          rm -rf ~/.arduino15/packages/esp32/tools || true
+          rm -rf ~/.arduino15/packages/esp32/hardware || true
+          rm -rf ~/.espressif || true
+
+          # Clean up staging directories
+          rm -rf ~/.arduino15/staging/* || true
+          rm -rf ~/.cache/arduino/* || true
+
+          # Clean up git clone of wolfssl-examples
+          GITHUB_WORK=$(realpath "$GITHUB_WORKSPACE/../..")
+          rm -rf "$GITHUB_WORK/wolfssl-examples-publish" || true
+
+          # Clean up any temporary files in workspace
+          find "$GITHUB_WORKSPACE" -name "*.o" -delete 2>/dev/null || true
+          find "$GITHUB_WORKSPACE" -name "*.a" -delete 2>/dev/null || true
+
+          echo ""
+          echo "Disk usage after cleanup:"
+          df -h

.github/workflows/async.yml

@@ -24,7 +24,7 @@ jobs:
         ]
     name: make check
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 6
     steps:
@@ -33,7 +33,7 @@ jobs:
 
       - name: Test wolfSSL async
         run: |
-          ./async-check.sh install
+          ./autogen.sh
           ./configure ${{ matrix.config }}
           make check
 

.github/workflows/bind.yml

@@ -17,7 +17,7 @@ jobs:
     name: Build wolfSSL
     if: github.repository_owner == 'wolfssl'
     # Just to keep it the same as the testing target
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     steps:
@@ -47,7 +47,7 @@ jobs:
         ref: [ 9.18.0, 9.18.28, 9.18.33 ]
     name: ${{ matrix.ref }}
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 10
     needs: build_wolfssl

.github/workflows/cmake.yml

@@ -78,7 +78,8 @@ jobs:
             -DWOLFSSL_TLSX:BOOL=yes -DWOLFSSL_TPM:BOOL=yes -DWOLFSSL_CLU:BOOL=yes -DWOLFSSL_USER_SETTINGS:BOOL=no \
             -DWOLFSSL_USER_SETTINGS_ASM:BOOL=no -DWOLFSSL_WOLFSSH:BOOL=ON -DWOLFSSL_X86_64_BUILD_ASM:BOOL=yes \
             -DWOLFSSL_MLKEM=1 -DWOLFSSL_LMS=1 -DWOLFSSL_LMSSHA256192=1 -DWOLFSSL_EXPERIMENTAL=1 \
-            -DWOLFSSL_X963KDF:BOOL=yes \
+            -DWOLFSSL_X963KDF:BOOL=yes -DWOLFSSL_DILITHIUM:BOOL=yes -DWOLFSSL_PKCS11:BOOL=yes \
+            -DWOLFSSL_ECCSI:BOOL=yes -DWOLFSSL_SAKKE:BOOL=yes -DWOLFSSL_SIPHASH:BOOL=yes \
             -DCMAKE_C_FLAGS="-DWOLFSSL_DTLS_CH_FRAG" \
             ..
         cmake --build .
@@ -89,9 +90,6 @@ jobs:
         cd ..
         rm -rf build
 
-        # Kyber Cmake broken
-        # -DWOLFSSL_KYBER:BOOL=yes
-
 # build "lean-tls" wolfssl
     - name: Build wolfssl with lean-tls
       working-directory: ./wolfssl
@@ -107,3 +105,22 @@ jobs:
         # clean up
         cd ..
         rm -rf build
+
+# CMake build with user_settings.h
+    - name: Build wolfssl with user_settings.h
+      working-directory: ./wolfssl
+      run: |
+        mkdir build
+        cp examples/configs/user_settings_all.h ./build/user_settings.h
+        cd build
+        cmake -DCMAKE_VERBOSE_MAKEFILE:BOOL=ON -DWOLFSSL_INSTALL=yes -DCMAKE_INSTALL_PREFIX="$GITHUB_WORKSPACE/install" \
+            -DWOLFSSL_USER_SETTINGS=ON -DWOLFSSL_USER_SETTINGS_ASM=ON -DWOLFSSL_EXAMPLES=ON -DWOLFSSL_CRYPT_TESTS=ON \
+            -DCMAKE_C_FLAGS="${CMAKE_C_FLAGS} -I ." \
+            ..
+        cmake --build .
+        ctest -j $(nproc)
+        cmake --install .
+
+        # clean up
+        cd ..
+        rm -rf build

.github/workflows/codespell.yml

@@ -14,7 +14,7 @@ concurrency:
 jobs:
   codespell:
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     steps:
     - uses: actions/checkout@v4
 
@@ -23,7 +23,7 @@ jobs:
         check_filenames: true
         check_hidden: true
           # Add comma separated list of words that occur multiple times that should be ignored (sorted alphabetically, case sensitive)
-        ignore_words_list: adin,aNULL,brunch,carryIn,chainG,ciph,cLen,cliKs,dout,haveA,inCreated,inOut,inout,larg,LEAPYEAR,Merget,optionA,parm,parms,repid,rIn,userA,ser,siz,te,Te,
+        ignore_words_list: adin,aNULL,brunch,carryIn,chainG,ciph,cLen,cliKs,dout,haveA,inCreated,inOut,inout,larg,LEAPYEAR,Merget,optionA,parm,parms,repid,rIn,userA,ser,siz,te,Te,HSI,failT,
           # The exclude_file contains lines of code that should be ignored. This is useful for individual lines which have non-words that can safely be ignored.
         exclude_file: '.codespellexcludelines'
           # To skip files entirely from being processed, add it to the following list:

.github/workflows/coverity-scan-fixes.yml

@@ -10,7 +10,7 @@ on:
 jobs:
   coverity:
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     steps:
     - uses: actions/checkout@v4
       with:

.github/workflows/curl.yml

@@ -16,7 +16,7 @@ jobs:
   build_wolfssl:
     name: Build wolfSSL
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     steps:
@@ -40,7 +40,7 @@ jobs:
   test_curl:
     name: ${{ matrix.curl_ref }}
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 15
     needs: build_wolfssl

.github/workflows/cyrus-sasl.yml

@@ -17,7 +17,7 @@ jobs:
     name: Build wolfSSL
     if: github.repository_owner == 'wolfssl'
     # Just to keep it the same as the testing target
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     steps:
@@ -48,7 +48,7 @@ jobs:
         ref: [ 2.1.28 ]
     name: ${{ matrix.ref }}
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     needs: build_wolfssl

.github/workflows/disable-pk-algs.yml

@@ -36,7 +36,7 @@ jobs:
         ]
     name: make check
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 6
     steps:

.github/workflows/docker-Espressif.yml

@@ -15,7 +15,7 @@ jobs:
   espressif_latest:
     name: latest Docker container
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 12
     container:
@@ -29,7 +29,7 @@ jobs:
   espressif_v4_4:
     name: v4.4 Docker container
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     container:
       image: espressif/idf:release-v4.4
     steps:
@@ -39,7 +39,7 @@ jobs:
   espressif_v5_0:
     name: v5.0 Docker container
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     container:
       image: espressif/idf:release-v5.0
     steps:

.github/workflows/docker-OpenWrt.yml

@@ -18,7 +18,7 @@ jobs:
     build_library:
         name: Compile libwolfssl.so
         if: github.repository_owner == 'wolfssl'
-        runs-on: ubuntu-22.04
+        runs-on: ubuntu-24.04
         # This should be a safe limit for the tests to run.
         timeout-minutes: 4
         container:
@@ -42,7 +42,7 @@ jobs:
     compile_container:
         name: Compile container
         if: github.repository_owner == 'wolfssl'
-        runs-on: ubuntu-22.04
+        runs-on: ubuntu-24.04
         # This should be a safe limit for the tests to run.
         timeout-minutes: 2
         needs: build_library

.github/workflows/fil-c.yml

@@ -28,7 +28,7 @@ jobs:
     # This should be a safe limit for the tests to run.
     timeout-minutes: 30
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     name: ${{ matrix.config }}
     steps:
     - name: Download fil-c release

.github/workflows/grpc.yml

@@ -17,7 +17,7 @@ jobs:
     name: Build wolfSSL
     if: github.repository_owner == 'wolfssl'
     # Just to keep it the same as the testing target
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 10
     steps:
@@ -52,7 +52,7 @@ jobs:
               h2_ssl_cert_test h2_ssl_session_reuse_test
     name: ${{ matrix.ref }}
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 30
     needs: build_wolfssl

.github/workflows/haproxy.yml

@@ -16,7 +16,7 @@ jobs:
   build_wolfssl:
     name: Build wolfSSL
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     steps:
@@ -40,7 +40,7 @@ jobs:
   test_haproxy:
     name: ${{ matrix.haproxy_ref }}
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 15
     needs: build_wolfssl

.github/workflows/hostap-vm.yml

@@ -2,10 +2,14 @@ name: hostap and wpa-supplicant Tests
 
 # START OF COMMON SECTION
 on:
-  push:
-    branches: [ 'master', 'main', 'release/**' ]
-  pull_request:
-    branches: [ '*' ]
+    workflow_dispatch: # Allows people to run it manually if they want but
+                       # disables it from running automatically when broken
+# To restore this to an auto test delete the above workflow_dispatch line and
+# comments and uncomment the below lines for push and pull_request
+#  push:
+#    branches: [ 'master', 'main', 'release/**' ]
+#  pull_request:
+#    branches: [ '*' ]
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
@@ -80,7 +84,7 @@ jobs:
 
       - name: Checkout hostap
         if: steps.cache.outputs.cache-hit != 'true'
-        run: git clone git://w1.fi/hostap.git hostap
+        run: git clone https://w1.fi/hostap.git hostap
 
   build_uml_linux:
     name: Build UML (UserMode Linux)
@@ -232,6 +236,7 @@ jobs:
         working-directory: hostap/tests/hwsim/auth_serv
         run: |
           ./update.sh
+          ./sha512-generate.sh
           # Force regeneration of rsa3072-ca.key to get rsa3072-generate.sh to
           # correctly update all the certs
           rm rsa3072-ca.key
@@ -331,6 +336,10 @@ jobs:
             rm -r /tmp/hwsim-test-logs
           done < $GITHUB_WORKSPACE/wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/tests
 
+      - name: show errors
+        if: ${{ failure() && steps.testing.outcome == 'failure' }}
+        run: grep -riP 'fail|error' /tmp/hwsim-test-logs/latest
+
       # The logs are quite big. It hasn't been useful so far so let's not waste
       # precious gh space.
       #- name: zip logs

.github/workflows/intelasm-c-fallback.yml

@@ -22,7 +22,7 @@ jobs:
         ]
     name: make check
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 6
     steps:

.github/workflows/ipmitool.yml

@@ -18,7 +18,7 @@ jobs:
     name: Build wolfSSL
     if: github.repository_owner == 'wolfssl'
     # Just to keep it the same as the testing target
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     steps:
@@ -48,11 +48,11 @@ jobs:
         git_ref: [ c3939dac2c060651361fc71516806f9ab8c38901 ]
     name: ${{ matrix.git_ref }}
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     needs: build_wolfssl
     steps:
       - name: Install dependencies
-        run: export DEBIAN_FRONTEND=noninteractive && sudo apt-get update && sudo apt-get install -y libreadline8
+        run: export DEBIAN_FRONTEND=noninteractive && sudo apt-get update && sudo apt-get install -y libreadline-dev
       - name: Download lib
         uses: actions/download-artifact@v4
         with:

.github/workflows/jwt-cpp.yml

@@ -17,7 +17,7 @@ jobs:
     name: Build wolfSSL
     # Just to keep it the same as the testing target
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     steps:
@@ -47,9 +47,9 @@ jobs:
       matrix:
         config:
           - ref: 0.7.0
-            runner: ubuntu-22.04
+            runner: ubuntu-24.04
           - ref: 0.6.0
-            runner: ubuntu-22.04
+            runner: ubuntu-24.04
     name: ${{ matrix.config.ref }}
     runs-on: ${{ matrix.config.runner }}
     needs: build_wolfssl

.github/workflows/libspdm.yml

@@ -17,7 +17,7 @@ jobs:
     name: Build wolfSSL
     if: github.repository_owner == 'wolfssl'
     # Just to keep it the same as the testing target
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     steps:
@@ -46,7 +46,7 @@ jobs:
         ref: [ 3.7.0 ]
     name: ${{ matrix.ref }}
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     needs: build_wolfssl

.github/workflows/libvncserver.yml

@@ -17,7 +17,7 @@ jobs:
     name: Build wolfSSL
     # Just to keep it the same as the testing target
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     steps:
@@ -47,7 +47,7 @@ jobs:
         ref: [ 0.9.13, 0.9.14 ]
     name: ${{ matrix.ref }}
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     needs: build_wolfssl
     steps:
       - name: Download lib

.github/workflows/memcached.yml

@@ -17,7 +17,7 @@ jobs:
     name: Build wolfSSL
     # Just to keep it the same as the testing target
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     steps:
       - name: Build wolfSSL
         uses: wolfSSL/actions-build-autotools-project@v1
@@ -48,7 +48,7 @@ jobs:
           - ref: 1.6.22
     name: ${{ matrix.ref }}
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     needs: build_wolfssl
     steps:
       - name: Download lib

.github/workflows/mosquitto.yml

@@ -17,7 +17,7 @@ jobs:
     name: Build wolfSSL
     # Just to keep it the same as the testing target
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     steps:
@@ -45,7 +45,7 @@ jobs:
         ref: [ 2.0.18 ]
     name: ${{ matrix.ref }}
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     needs: build_wolfssl

.github/workflows/multi-compiler.yml

@@ -31,18 +31,12 @@ jobs:
           - CC: gcc-12
             CXX: g++-12
             OS: ubuntu-24.04
-          - CC: clang-11
-            CXX: clang++-11
-            OS: ubuntu-22.04
-          - CC: clang-12
-            CXX: clang++-12
-            OS: ubuntu-22.04
-          - CC: clang-13
-            CXX: clang++-13
-            OS: ubuntu-22.04
           - CC: clang-14
             CXX: clang++-14
             OS: ubuntu-24.04
+          - CC: clang-19
+            CXX: clang++-19
+            OS: ubuntu-24.04
     if: github.repository_owner == 'wolfssl'
     runs-on: ${{ matrix.OS }}
     # This should be a safe limit for the tests to run.

.github/workflows/net-snmp.yml

@@ -17,7 +17,7 @@ jobs:
     name: Build wolfSSL
     if: github.repository_owner == 'wolfssl'
     # Just to keep it the same as the testing target
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     steps:
@@ -48,7 +48,7 @@ jobs:
             test_opts: -e 'agentxperl'
     name: ${{ matrix.ref }}
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     needs: build_wolfssl

.github/workflows/nginx.yml

@@ -17,7 +17,7 @@ jobs:
     name: Build wolfSSL
     if: github.repository_owner == 'wolfssl'
     # Just to keep it the same as the testing target
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     steps:
@@ -107,7 +107,7 @@ jobs:
               stream_proxy_ssl_verify.t
     name: ${{ matrix.ref }}
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 6
     needs: build_wolfssl

.github/workflows/no-malloc.yml

@@ -22,7 +22,7 @@ jobs:
         ]
     name: make check
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 6
     steps:

.github/workflows/no-tls.yml

@@ -22,7 +22,7 @@ jobs:
         ]
     name: make check
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 6
     steps:

.github/workflows/nss.yml

@@ -21,7 +21,7 @@ jobs:
   build_nss:
     name: Build nss
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 30
     steps:
@@ -60,7 +60,7 @@ jobs:
   nss_test:
     name: Test interop with nss
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     needs: build_nss
     timeout-minutes: 10
     steps:

.github/workflows/ntp.yml

@@ -17,7 +17,7 @@ jobs:
     name: Build wolfSSL
     if: github.repository_owner == 'wolfssl'
     # Just to keep it the same as the testing target
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     steps:
@@ -47,7 +47,7 @@ jobs:
         ref: [ 4.2.8p15, 4.2.8p17 ]
     name: ${{ matrix.ref }}
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 10
     needs: build_wolfssl

.github/workflows/ocsp.yml

@@ -16,7 +16,7 @@ jobs:
   ocsp_stapling:
     name: ocsp stapling
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     timeout-minutes: 10
     steps:
       - name: Checkout wolfSSL

.github/workflows/openldap.yml

@@ -17,7 +17,7 @@ jobs:
     name: Build wolfSSL
     if: github.repository_owner == 'wolfssl'
     # Just to keep it the same as the testing target
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     steps:
@@ -51,7 +51,7 @@ jobs:
             git_ref: OPENLDAP_REL_ENG_2_6_7
     name: ${{ matrix.osp_ref }}
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 20
     needs: build_wolfssl

.github/workflows/openssh.yml

@@ -17,7 +17,7 @@ jobs:
     name: Build wolfSSL
     if: github.repository_owner == 'wolfssl'
     # Just to keep it the same as the testing target
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     steps:
@@ -71,7 +71,7 @@ jobs:
               connection-timeout
     name: ${{ matrix.osp_ver }}
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     needs: build_wolfssl
     steps:
       - name: Download lib

.github/workflows/opensslcoexist.yml

@@ -23,7 +23,7 @@ jobs:
         ]
     name: make check
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 6
     steps:

.github/workflows/openvpn.yml

@@ -17,7 +17,7 @@ jobs:
     name: Build wolfSSL
     if: github.repository_owner == 'wolfssl'
     # Just to keep it the same as the testing target
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     steps:
@@ -46,7 +46,7 @@ jobs:
         ref: [ release/2.6, master ]
     name: ${{ matrix.ref }}
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 10
     needs: build_wolfssl

.github/workflows/os-check.yml

@@ -17,7 +17,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ ubuntu-22.04, macos-latest ]
+        os: [ ubuntu-24.04, macos-latest ]
         config: [
           # Add new configs here
           '',
@@ -59,11 +59,28 @@ jobs:
           '--enable-lms=small,verify-only --enable-xmss=small,verify-only',
           '--disable-sys-ca-certs',
           '--enable-all CPPFLAGS=-DWOLFSSL_DEBUG_CERTS ',
-          '--enable-all CFLAGS="-DWOLFSSL_CHECK_MEM_ZERO"',
+          '--enable-all CPPFLAGS="-DWOLFSSL_CHECK_MEM_ZERO"',
           '--enable-coding=no',
           '--enable-dtls --enable-dtls13 --enable-ocspstapling --enable-ocspstapling2
            --enable-cert-setup-cb --enable-sessioncerts',
+          '--enable-dtls --enable-dtls13 --enable-tls13
+           CPPFLAGS=-DWOLFSSL_TLS13_IGNORE_PT_ALERT_ON_ENC',
           '--disable-sni --disable-ecc --disable-tls13 --disable-secure-renegotiation-info',
+          'CPPFLAGS=-DWOLFSSL_BLIND_PRIVATE_KEY',
+          '--enable-all --enable-certgencache',
+          '--enable-sessionexport --enable-dtls --enable-dtls13',
+          '--enable-sessionexport',
+          '--disable-examples CPPFLAGS=-DWOLFSSL_NO_MALLOC',
+          'CPPFLAGS=-DNO_WOLFSSL_CLIENT',
+          'CPPFLAGS=-DNO_WOLFSSL_SERVER',
+          'CPPFLAGS=-DWOLFSSL_NO_CLIENT_AUTH',
+          'CPPFLAGS=''-DNO_WOLFSSL_CLIENT -DWOLFSSL_NO_CLIENT_AUTH''',
+          'CPPFLAGS=''-DNO_WOLFSSL_SERVER -DWOLFSSL_NO_CLIENT_AUTH''',
+          '--enable-all CPPFLAGS=-DNO_WOLFSSL_CLIENT',
+          '--enable-all CPPFLAGS=-DNO_WOLFSSL_SERVER',
+          '--enable-all CPPFLAGS=-DWOLFSSL_NO_CLIENT_AUTH',
+          '--enable-all CPPFLAGS=''-DNO_WOLFSSL_CLIENT -DWOLFSSL_NO_CLIENT_AUTH''',
+          '--enable-all CPPFLAGS=''-DNO_WOLFSSL_SERVER -DWOLFSSL_NO_CLIENT_AUTH''',
         ]
     name: make check
     if: github.repository_owner == 'wolfssl'
@@ -81,7 +98,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ ubuntu-22.04, macos-latest ]
+        os: [ ubuntu-24.04, macos-latest ]
         user-settings: [
           # Add new user_settings.h here
           'examples/configs/user_settings_all.h',
@@ -103,15 +120,26 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ ubuntu-22.04, macos-latest ]
+        os: [ ubuntu-24.04, macos-latest ]
         user-settings: [
-          # Add new user_settings.h here
+          # Add new user_settings.h here (alphabetical order)
+          'examples/configs/user_settings_ca.h',
+          'examples/configs/user_settings_dtls13.h',
+          'examples/configs/user_settings_EBSnet.h',
           'examples/configs/user_settings_eccnonblock.h',
           'examples/configs/user_settings_min_ecc.h',
-          'examples/configs/user_settings_wolfboot_keytools.h',
-          'examples/configs/user_settings_wolftpm.h',
-          'examples/configs/user_settings_wolfssh.h',
+          'examples/configs/user_settings_openssl_compat.h',
+          'examples/configs/user_settings_pkcs7.h',
+          'examples/configs/user_settings_rsa_only.h',
+          'examples/configs/user_settings_template.h',
           'examples/configs/user_settings_tls12.h',
+          'examples/configs/user_settings_tls13.h',
+          'examples/configs/user_settings_wolfboot_keytools.h',
+          'examples/configs/user_settings_wolfssh.h',
+          'examples/configs/user_settings_wolftpm.h',
+          # Not included (require special setup):
+          # - user_settings_pq.h: Requires --enable-experimental
+          # - user_settings_baremetal.h: Requires static memory, custom platform
         ]
     name: make user_setting.h (testwolfcrypt only)
     if: github.repository_owner == 'wolfssl'
@@ -134,7 +162,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ ubuntu-22.04, macos-latest ]
+        os: [ ubuntu-24.04, macos-latest ]
     name: make user_setting.h (with sed)
     if: github.repository_owner == 'wolfssl'
     runs-on: ${{ matrix.os }}

.github/workflows/packaging.yml

@@ -16,7 +16,7 @@ jobs:
   build_wolfssl:
     name: Package wolfSSL
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 10
     steps:

.github/workflows/pam-ipmi.yml

@@ -18,7 +18,7 @@ jobs:
     name: Build wolfSSL
     if: github.repository_owner == 'wolfssl'
     # Just to keep it the same as the testing target
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     steps:
@@ -48,7 +48,7 @@ jobs:
         git_ref: [ e4b13e6725abb178f62ee897fe1c0e81b06a9431 ]
     name: ${{ matrix.git_ref }}
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     needs: build_wolfssl
     steps:
       - name: Install dependencies

.github/workflows/pq-all.yml

@@ -19,13 +19,18 @@ jobs:
         config: [
           # Add new configs here
           '--enable-intelasm --enable-sp-asm --enable-mlkem=yes,kyber,ml-kem CPPFLAGS="-DWOLFSSL_ML_KEM_USE_OLD_IDS"',
-          '--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-kyber=yes,original --enable-lms --enable-xmss --enable-dilithium --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
-          '--enable-smallstack --enable-smallstackcache --enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-kyber=yes,original --enable-lms --enable-xmss --enable-dilithium --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
-          '--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-kyber=yes,original --enable-lms --enable-xmss --enable-dilithium --enable-dual-alg-certs --disable-qt CPPFLAGS="-Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE" CC=c++'
+          '--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem --enable-lms --enable-xmss --enable-dilithium --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
+          '--enable-smallstack --enable-smallstackcache --enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem --enable-lms --enable-xmss --enable-dilithium --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE"',
+          '--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem --enable-lms --enable-xmss --enable-dilithium --enable-dual-alg-certs --disable-qt CPPFLAGS="-Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE" CC=c++',
+          '--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem --enable-lms --enable-xmss --enable-dilithium --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFSSL_BLIND_PRIVATE_KEY"',
+          '--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem --enable-lms --enable-xmss --enable-dilithium --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFSSL_BLIND_PRIVATE_KEY"',
+          '--enable-intelasm --enable-sp-asm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem --enable-lms --enable-xmss --enable-dilithium --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFSSL_TLSX_PQC_MLKEM_STORE_OBJ"',
+          '--disable-intelasm --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem,small --enable-lms=yes,small --enable-xmss=yes,small --enable-dilithium=yes,small --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFSSL_MLKEM_MAKEKEY_SMALL_MEM -DWOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM -DWOLFSSL_MLKEM_NO_LARGE_CODE -DWOLFSSL_DILITHIUM_SIGN_SMALL_MEM -DWOLFSSL_DILITHIUM_VERIFY_SMALL_MEM -DWOLFSSL_DILITHIUM_MAKE_KEY_SMALL_MEM -DWOLFSSL_DILITHIUM_NO_LARGE_CODE"',
+          '--disable-intelasm --enable-smallstack --enable-smallstackcache --enable-all --enable-testcert --enable-acert --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtlscid --enable-quic --with-sys-crypto-policy --enable-experimental --enable-mlkem=yes,kyber,ml-kem,small --enable-lms=yes,small --enable-xmss=yes,small --enable-dilithium=yes,small --enable-dual-alg-certs --disable-qt CPPFLAGS="-pedantic -Wdeclaration-after-statement -DWOLFCRYPT_TEST_LINT -DNO_WOLFSSL_CIPHER_SUITE_TEST -DTEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE -DWOLFSSL_MLKEM_MAKEKEY_SMALL_MEM -DWOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM -DWOLFSSL_MLKEM_NO_LARGE_CODE -DWOLFSSL_DILITHIUM_SIGN_SMALL_MEM -DWOLFSSL_DILITHIUM_VERIFY_SMALL_MEM -DWOLFSSL_DILITHIUM_MAKE_KEY_SMALL_MEM -DWOLFSSL_DILITHIUM_NO_LARGE_CODE"',
         ]
     name: make check
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 6
     steps:

.github/workflows/psk.yml

@@ -24,7 +24,7 @@ jobs:
         ]
     name: make check
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 6
     steps:

.github/workflows/renode-stm32h753.yml

@@ -0,0 +1,271 @@
+name: Renode STM32H753 Test
+
+# Platform-specific configuration
+# To add a new platform, create a new workflow file based on this template
+# and update these variables for the target MCU
+env:
+  PLATFORM_NAME: stm32h753
+  PLATFORM_DISPLAY_NAME: STM32H753
+  CMSIS_DEVICE_REPO: cmsis-device-h7
+  CMSIS_DEVICE_PATH: /opt/cmsis-device-h7
+  CMSIS_DEVICE_CACHE_KEY: cmsis-device-h7-v1
+  STM32CUBE_REPO: STM32CubeH7
+  STM32CUBE_BRANCH: v1.11.2
+  STM32CUBE_PATH: /opt/STM32CubeH7
+  STM32CUBE_CACHE_KEY: stm32cubeh7-v1.11.2-v1
+  HAL_CONFIG_FILE: stm32h7xx_hal_conf.h
+  HAL_DRIVER_INC_PATH: STM32H7xx_HAL_Driver/Inc
+  HAL_DRIVER_SRC_PATH: STM32H7xx_HAL_Driver/Src
+  RENODE_PLATFORM_NAME: stm32h753
+  RENODE_REPL_PATH: platforms/cpus/stm32h753.repl
+  RENODE_TEST_DIR: .github/renode-test/stm32h753
+
+on:
+  push:
+    branches: [ main, master, develop ]
+  pull_request:
+    branches: [ main, master, develop ]
+  workflow_dispatch:
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+
+    steps:
+    - name: Checkout wolfSSL
+      uses: actions/checkout@v4
+
+    - name: Set up build environment
+      run: |
+        sudo apt-get update
+        sudo apt-get install -y --no-install-recommends \
+          build-essential \
+          ca-certificates \
+          cmake \
+          ninja-build \
+          python3 \
+          git \
+          gcc-arm-none-eabi \
+          libnewlib-arm-none-eabi \
+          libstdc++-arm-none-eabi-newlib \
+          wget \
+          unzip
+
+    - name: Cache CMSIS Device
+      id: cache-cmsis-device
+      uses: actions/cache@v4
+      with:
+        path: ${{ env.CMSIS_DEVICE_PATH }}
+        key: ${{ env.CMSIS_DEVICE_CACHE_KEY }}
+        restore-keys: |
+          ${{ env.CMSIS_DEVICE_CACHE_KEY }}-
+
+    - name: Cache CMSIS 5
+      id: cache-cmsis-5
+      uses: actions/cache@v4
+      with:
+        path: /opt/CMSIS_5
+        key: cmsis-5-v1
+        restore-keys: |
+          cmsis-5-
+
+    - name: Cache STM32Cube
+      id: cache-stm32cube
+      uses: actions/cache@v4
+      with:
+        path: ${{ env.STM32CUBE_PATH }}
+        key: ${{ env.STM32CUBE_CACHE_KEY }}
+        restore-keys: |
+          ${{ env.STM32CUBE_CACHE_KEY }}-
+
+    - name: Cache Renode
+      id: cache-renode
+      uses: actions/cache@v4
+      with:
+        path: /opt/renode
+        key: renode-1.15.3-v1
+        restore-keys: |
+          renode-1.15.3-
+
+    - name: Install Renode dependencies
+      run: |
+        # Install Mono and other dependencies needed for Renode (always needed, even when cached)
+        sudo apt-get install -y --no-install-recommends \
+          mono-runtime \
+          libmono-cil-dev \
+          screen \
+          policykit-1 || true
+
+    - name: Install Renode (if not cached)
+      if: steps.cache-renode.outputs.cache-hit != 'true'
+      run: |
+        # Install Renode by extracting .deb (avoids GUI dependency issues for headless use)
+        cd /tmp
+        wget -q https://github.com/renode/renode/releases/download/v1.15.3/renode_1.15.3_amd64.deb
+        # Extract the .deb file
+        dpkg-deb -x renode_1.15.3_amd64.deb /tmp/renode-extract
+        # Copy Renode files to system locations
+        sudo mkdir -p /opt/renode
+        sudo cp -r /tmp/renode-extract/opt/renode/* /opt/renode/ || true
+        sudo cp -r /tmp/renode-extract/usr/* /usr/ || true
+        # Create symlink for easy access
+        if [ -f /opt/renode/renode ]; then
+          sudo ln -sf /opt/renode/renode /usr/local/bin/renode
+        elif [ -f /usr/bin/renode ]; then
+          echo "Renode already in PATH at /usr/bin/renode"
+        fi
+        # Cleanup
+        rm -rf /tmp/renode-extract renode_1.15.3_amd64.deb
+
+    - name: Setup Renode symlinks and permissions
+      run: |
+        # When Renode is cached, we need to recreate /usr/bin/renode wrapper script
+        # The /usr/bin/renode is a wrapper that checks Mono and calls /opt/renode/bin/Renode.exe
+        if [ -d /opt/renode ] && [ ! -x /usr/bin/renode ]; then
+          echo "Renode cached but /usr/bin/renode wrapper missing, recreating..."
+          # Create the wrapper script
+          sudo bash -c 'cat > /usr/bin/renode << '\''SCRIPT_EOF'\''
+        #!/bin/sh
+        MONOVERSION=5.20
+        REQUIRED_MAJOR=5
+        REQUIRED_MINOR=20
+
+        LAUNCHER=mono
+
+        if ! [ -x "$(command -v $LAUNCHER)" ]
+        then
+            echo "$LAUNCHER not found. Renode requires Mono $MONOVERSION or newer. Please refer to documentation for installation instructions. Exiting!"
+            exit 1
+        fi
+
+        # Check installed mono version
+        INSTALLED_MONO=`$LAUNCHER --version | head -n1 | cut -d'\'' '\'' -f5`
+        INSTALLED_MONO_MAJOR=`echo $INSTALLED_MONO | cut -d'\''.'\'' -f1`
+        INSTALLED_MONO_MINOR=`echo $INSTALLED_MONO | cut -d'\''.'\'' -f2`
+
+        if [ $INSTALLED_MONO_MAJOR -lt $REQUIRED_MAJOR ] || [ $INSTALLED_MONO_MAJOR -eq $REQUIRED_MAJOR -a $INSTALLED_MONO_MINOR -lt $REQUIRED_MINOR ]
+        then
+            echo "Wrong Mono version detected: $INSTALLED_MONO. Renode requires Mono $MONOVERSION or newer. Please refer to documentation for installation instructions. Exiting!"
+            exit 1
+        fi
+
+        exec $LAUNCHER $MONO_OPTIONS /opt/renode/bin/Renode.exe "$@"
+        SCRIPT_EOF'
+          sudo chmod +x /usr/bin/renode
+          echo "Created /usr/bin/renode wrapper script"
+        fi
+
+        # Also ensure /usr/local/bin/renode symlink exists
+        if [ -x /usr/bin/renode ] && [ ! -x /usr/local/bin/renode ]; then
+          sudo ln -sf /usr/bin/renode /usr/local/bin/renode
+          echo "Created symlink: /usr/local/bin/renode -> /usr/bin/renode"
+        fi
+
+    - name: Verify Renode installation
+      run: |
+        # Verify Renode is installed and accessible
+        RENODE_FOUND=false
+        RENODE_BIN=""
+
+        # Check various possible locations
+        for path in /opt/renode/renode /opt/renode/bin/renode /usr/local/bin/renode /usr/bin/renode; do
+          if [ -x "$path" ]; then
+            echo "Renode found at $path"
+            "$path" --version || true
+            RENODE_BIN="$path"
+            RENODE_FOUND=true
+            break
+          fi
+        done
+
+        if [ "$RENODE_FOUND" != "true" ]; then
+          echo "ERROR: Renode binary not found or not executable!"
+          echo "Searching for renode..."
+          find /opt /usr -name renode -type f 2>/dev/null | head -10 || true
+          echo "Checking /opt/renode contents:"
+          ls -la /opt/renode/ 2>/dev/null | head -10 || true
+          if [ -d /opt/renode ]; then
+            echo "Checking /opt/renode subdirectories:"
+            find /opt/renode -type f -name "*renode*" 2>/dev/null | head -10 || true
+          fi
+          exit 1
+        fi
+
+
+    - name: Clone CMSIS Device (if not cached)
+      if: steps.cache-cmsis-device.outputs.cache-hit != 'true'
+      run: |
+        sudo mkdir -p /opt
+        sudo git clone --depth 1 https://github.com/STMicroelectronics/${{ env.CMSIS_DEVICE_REPO }}.git ${{ env.CMSIS_DEVICE_PATH }}
+
+    - name: Clone CMSIS 5 (if not cached)
+      if: steps.cache-cmsis-5.outputs.cache-hit != 'true'
+      run: |
+        sudo mkdir -p /opt
+        sudo git clone --depth 1 https://github.com/ARM-software/CMSIS_5.git /opt/CMSIS_5
+
+    - name: Clone STM32Cube (if not cached)
+      if: steps.cache-stm32cube.outputs.cache-hit != 'true'
+      run: |
+        sudo mkdir -p /opt
+        sudo git clone --depth 1 --branch ${{ env.STM32CUBE_BRANCH }} --recurse-submodules https://github.com/STMicroelectronics/${{ env.STM32CUBE_REPO }}.git ${{ env.STM32CUBE_PATH }} || \
+          (sudo git clone --depth 1 --branch ${{ env.STM32CUBE_BRANCH }} https://github.com/STMicroelectronics/${{ env.STM32CUBE_REPO }}.git ${{ env.STM32CUBE_PATH }} && \
+           cd ${{ env.STM32CUBE_PATH }} && sudo git submodule update --init --recursive --depth 1)
+
+    - name: Setup firmware build directory and helper files
+      run: |
+        sudo mkdir -p /opt/firmware
+        # Copy helper files from repository
+        sudo cp -r ${{ github.workspace }}/${{ env.RENODE_TEST_DIR }}/* /opt/firmware/
+        # Copy HAL config to STM32Cube directory
+        sudo cp /opt/firmware/${{ env.HAL_CONFIG_FILE }} ${{ env.STM32CUBE_PATH }}/Drivers/${{ env.HAL_DRIVER_INC_PATH }}/ 2>/dev/null || true
+        sudo chmod +x /opt/firmware/entrypoint.sh
+        # Create .renode-root file so Renode can find platform files
+        # Try to find Renode installation directory and create .renode-root with proper permissions
+        if [ -d "/opt/renode/platforms" ]; then
+          echo "/opt/renode" | sudo tee /opt/firmware/.renode-root > /dev/null
+          sudo chmod 644 /opt/firmware/.renode-root
+        elif [ -d "/usr/lib/renode/platforms" ]; then
+          echo "/usr/lib/renode" | sudo tee /opt/firmware/.renode-root > /dev/null
+          sudo chmod 644 /opt/firmware/.renode-root
+        elif [ -d "/usr/share/renode/platforms" ]; then
+          echo "/usr/share/renode" | sudo tee /opt/firmware/.renode-root > /dev/null
+          sudo chmod 644 /opt/firmware/.renode-root
+        fi
+
+    - name: Build wolfSSL firmware (NOT CACHED - rebuilds on every run)
+      env:
+        WOLFSSL_ROOT: /opt/wolfssl
+      run: |
+        # Copy wolfSSL source (this is NOT cached - fresh checkout each time)
+        sudo cp -r ${{ github.workspace }} /opt/wolfssl
+        # Build with CMake
+        cd /opt/firmware
+        sudo cmake -G Ninja \
+          -DWOLFSSL_USER_SETTINGS=ON \
+          -DUSER_SETTINGS_FILE=/opt/firmware/user_settings.h \
+          -DCMAKE_TOOLCHAIN_FILE=/opt/firmware/toolchain-arm-none-eabi.cmake \
+          -DCMAKE_BUILD_TYPE=Release \
+          -DWOLFSSL_CRYPT_TESTS=OFF \
+          -DWOLFSSL_EXAMPLES=OFF \
+          -B /opt/firmware/build \
+          -S /opt/firmware
+        sudo cmake --build /opt/firmware/build
+        # Verify ELF file was created and copy it to expected location
+        if [ -f "/opt/firmware/build/wolfcrypt_test.elf" ]; then
+          sudo cp /opt/firmware/build/wolfcrypt_test.elf /opt/firmware/wolfcrypt_test.elf
+          echo "ELF file copied to /opt/firmware/wolfcrypt_test.elf"
+          ls -lh /opt/firmware/wolfcrypt_test.elf
+        else
+          echo "ERROR: ELF file not found at /opt/firmware/build/wolfcrypt_test.elf"
+          echo "Searching for ELF files..."
+          find /opt/firmware/build -name "*.elf" 2>/dev/null || true
+          exit 1
+        fi
+
+    - name: Run Renode test
+      run: |
+        # Ensure PATH includes standard binary locations for sudo
+        sudo env PATH="$PATH" /opt/firmware/entrypoint.sh
+

.github/workflows/rng-tools.yml

@@ -17,7 +17,7 @@ jobs:
     name: Build wolfSSL
     if: github.repository_owner == 'wolfssl'
     # Just to keep it the same as the testing target
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     steps:
@@ -47,7 +47,7 @@ jobs:
         ref: [ 6.16 ]
     name: ${{ matrix.ref }}
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     needs: build_wolfssl
@@ -101,7 +101,7 @@ jobs:
           # Retry up to five times
           for i in {1..5}; do
             TEST_RES=0
-            LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib make check || TEST_RES=$?
+            LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib RNGD_JITTER_TIMEOUT=100 make check || TEST_RES=$?
             if [ "$TEST_RES" -eq "0" ]; then
                break
             fi

.github/workflows/rust-wrapper.yml

@@ -16,7 +16,7 @@ jobs:
   build_wolfssl:
     name: Build wolfSSL Rust Wrapper
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-24.04
+    runs-on: ${{ matrix.os }}
     # This should be a safe limit for the tests to run.
     timeout-minutes: 10
     steps:
@@ -24,10 +24,51 @@ jobs:
       uses: wolfSSL/actions-build-autotools-project@v1
       with:
         path: wolfssl
-        configure: --enable-all
+        configure: ${{ matrix.config }}
     - name: Build Rust Wrapper
       working-directory: wolfssl
       run: make -C wrapper/rust
     - name: Run Rust Wrapper Tests
       working-directory: wolfssl
       run: make -C wrapper/rust test
+    strategy:
+      matrix:
+        os: [ ubuntu-24.04, ubuntu-24.04-arm ]
+        config: [
+          # Add new configs here
+          '',
+          '--enable-all',
+          '--enable-cryptonly --disable-examples',
+          '--enable-cryptonly --disable-examples --disable-aes --disable-aesgcm',
+          '--enable-cryptonly --disable-examples --disable-aescbc',
+          '--enable-cryptonly --disable-examples --disable-aeseax',
+          '--enable-cryptonly --disable-examples --disable-aesecb',
+          '--enable-cryptonly --disable-examples --disable-aesccm',
+          '--enable-cryptonly --disable-examples --disable-aescfb',
+          '--enable-cryptonly --disable-examples --disable-aesctr',
+          '--enable-cryptonly --disable-examples --disable-aescts',
+          '--enable-cryptonly --disable-examples --disable-aesgcm',
+          '--enable-cryptonly --disable-examples --disable-aesgcm-stream',
+          '--enable-cryptonly --disable-examples --disable-aesofb',
+          '--enable-cryptonly --disable-examples --disable-aesxts',
+          '--enable-cryptonly --disable-examples --disable-cmac',
+          '--enable-cryptonly --disable-examples --disable-dh',
+          '--enable-cryptonly --disable-examples --disable-ecc',
+          '--enable-cryptonly --disable-examples --disable-ed25519',
+          '--enable-cryptonly --disable-examples --disable-ed25519-stream',
+          '--enable-cryptonly --disable-examples --disable-ed448',
+          '--enable-cryptonly --disable-examples --disable-ed448-stream',
+          '--enable-cryptonly --disable-examples --disable-hkdf',
+          '--enable-cryptonly --disable-examples --disable-hmac',
+          '--enable-cryptonly --disable-examples --disable-rng',
+          '--enable-cryptonly --disable-examples --disable-rsa',
+          '--enable-cryptonly --disable-examples --disable-rsapss',
+          '--enable-cryptonly --disable-examples --disable-sha224',
+          '--enable-cryptonly --disable-examples --disable-sha3',
+          '--enable-cryptonly --disable-examples --disable-sha384',
+          '--enable-cryptonly --disable-examples --disable-sha512',
+          '--enable-cryptonly --disable-examples --disable-shake128',
+          '--enable-cryptonly --disable-examples --disable-shake256',
+          '--enable-cryptonly --disable-examples --disable-srtp-kdf',
+          '--enable-cryptonly --disable-examples --disable-x963kdf',
+        ]

.github/workflows/smallStackSize.yml

@@ -37,7 +37,7 @@ jobs:
         ]
     name: build library
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 6
     steps:

.github/workflows/socat.yml

@@ -16,7 +16,7 @@ jobs:
   build_wolfssl:
     name: Build wolfSSL
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     timeout-minutes: 4
     steps:
       - name: Build wolfSSL
@@ -39,7 +39,7 @@ jobs:
 
   socat_check:
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 30
     needs: build_wolfssl

.github/workflows/softhsm.yml

@@ -17,7 +17,7 @@ jobs:
     name: Build wolfSSL
     if: github.repository_owner == 'wolfssl'
     # Just to keep it the same as the testing target
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 10
     steps:
@@ -47,7 +47,7 @@ jobs:
         ref: [ 2.6.1 ]
     name: ${{ matrix.ref }}
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 20
     needs: build_wolfssl

.github/workflows/sssd.yml

@@ -17,7 +17,7 @@ jobs:
     if: github.repository_owner == 'wolfssl'
     name: Build wolfSSL
     # Just to keep it the same as the testing target
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     steps:
@@ -47,7 +47,7 @@ jobs:
         ref: [ 2.9.1 ]
     name: ${{ matrix.ref }}
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     container:
       image: quay.io/sssd/ci-client-devel:ubuntu-latest
       env:

.github/workflows/stunnel.yml

@@ -17,7 +17,7 @@ jobs:
     name: Build wolfSSL
     if: github.repository_owner == 'wolfssl'
     # Just to keep it the same as the testing target
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     steps:
@@ -46,7 +46,7 @@ jobs:
         ref: [ 5.67 ]
     name: ${{ matrix.ref }}
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     needs: build_wolfssl

.github/workflows/symbol-prefixes.yml

@@ -21,7 +21,7 @@ jobs:
         ]
     name: make and analyze
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 6
     steps:

.github/workflows/threadx.yml

@@ -9,7 +9,7 @@ on:
 jobs:
   build:
 
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     timeout-minutes: 10
 
     steps:

.github/workflows/trackmemory.yml

@@ -0,0 +1,60 @@
+name: WOLFSSL_TRACK_MEMORY Tests
+
+# START OF COMMON SECTION
+on:
+  push:
+    branches: [ 'master', 'main', 'release/**' ]
+  pull_request:
+    branches: [ '*' ]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+# END OF COMMON SECTION
+
+jobs:
+  make_check:
+    strategy:
+      matrix:
+        config: [
+          # Add new configs here
+          '--enable-all CFLAGS="-DWC_RNG_SEED_CB -DWOLFSSL_TRACK_MEMORY -DWOLFSSL_DEBUG_MEMORY"',
+          '--enable-smallstack --enable-all CFLAGS="-DWC_RNG_SEED_CB  -DWOLFSSL_TRACK_MEMORY -DWOLFSSL_DEBUG_MEMORY"',
+          '--enable-smallstackcache --enable-smallstack --enable-all CFLAGS="-DWC_RNG_SEED_CB  -DWOLFSSL_TRACK_MEMORY -DWOLFSSL_DEBUG_MEMORY"',
+# Note the below smallstackcache tests are crucial coverage for the Linux kernel
+# module, when targeting a kernel with the randomness patch (linuxkm/patches/)
+# applied.
+#
+# Note, don't combine wolfEntropy with the full TLS cipher suite test -- the implicit wc_InitRng()s in each suite have an enormous CPU footprint.
+          '--enable-wolfEntropy --enable-smallstackcache --enable-smallstack --enable-all CFLAGS="-DWC_RNG_SEED_CB -DWOLFSSL_TRACK_MEMORY -DWOLFSSL_DEBUG_MEMORY -DNO_WOLFSSL_CIPHER_SUITE_TEST"',
+          '--enable-intelrdseed --enable-smallstackcache --enable-smallstack --enable-all CFLAGS="-DWC_RNG_SEED_CB -DWOLFSSL_TRACK_MEMORY -DWOLFSSL_DEBUG_MEMORY -DNO_WOLFSSL_CIPHER_SUITE_TEST"',
+          '--enable-amdrand --enable-smallstackcache --enable-smallstack --enable-all CFLAGS="-DWC_RNG_SEED_CB -DWOLFSSL_TRACK_MEMORY -DWOLFSSL_DEBUG_MEMORY -DNO_WOLFSSL_CIPHER_SUITE_TEST"',
+          '--disable-asm --enable-wolfEntropy --enable-smallstackcache --enable-smallstack --enable-all CFLAGS="-DWC_RNG_SEED_CB -DWOLFSSL_TRACK_MEMORY -DWOLFSSL_DEBUG_MEMORY -DNO_WOLFSSL_CIPHER_SUITE_TEST"'
+        ]
+    name: make check
+    if: github.repository_owner == 'wolfssl'
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 6
+    steps:
+      - uses: actions/checkout@v4
+        name: Checkout wolfSSL
+
+      - name: Test wolfSSL
+        run: |
+          ./autogen.sh
+          ./configure ${{ matrix.config }}
+          make -j 4
+          make check
+
+      - name: Print errors
+        if: ${{ failure() }}
+        run: |
+          for file in scripts/*.log
+          do
+              if [ -f "$file" ]; then
+                  echo "${file}:"
+                  cat "$file"
+                  echo "========================================================================"
+              fi
+          done

.github/workflows/wolfCrypt-Wconversion.yml

@@ -27,7 +27,7 @@ jobs:
         ]
     name: build library
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 6
     steps:

.github/workflows/xcode.yml

@@ -0,0 +1,89 @@
+name: Xcode Build Tests
+
+# START OF COMMON SECTION
+on:
+  push:
+    branches: [ 'master', 'main', 'release/**' ]
+  pull_request:
+    branches: [ '*' ]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+# END OF COMMON SECTION
+
+jobs:
+  build:
+    if: github.repository_owner == 'wolfssl'
+    runs-on: macos-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 10
+    strategy:
+      matrix:
+        include:
+          # macOS builds
+          - target: wolfssl_osx
+            arch: arm64
+            config: Release
+            sdk: macosx
+            name: macOS (ARM64, Release)
+          - target: wolfssl_osx
+            arch: x86_64
+            config: Release
+            sdk: macosx
+            name: macOS (x86_64, Release)
+          - target: wolfssl_osx
+            arch: arm64
+            config: Debug
+            sdk: macosx
+            name: macOS (ARM64, Debug)
+          - target: wolfssl_osx
+            arch: x86_64
+            config: Debug
+            sdk: macosx
+            name: macOS (x86_64, Debug)
+          # Universal build (both architectures)
+          - target: wolfssl_osx
+            arch: arm64
+            arch2: x86_64
+            config: Release
+            sdk: macosx
+            name: macOS (Universal, Release)
+            universal: true
+          # tvOS builds
+          - target: wolfssl_tvos
+            arch: arm64
+            config: Release
+            sdk: appletvos
+            name: tvOS (ARM64, Release)
+          - target: wolfssl_tvos
+            arch: arm64
+            config: Release
+            sdk: appletvsimulator
+            name: tvOS Simulator (ARM64, Release)
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Build wolfSSL with Xcode (${{ matrix.name }})
+        working-directory: ./IDE/XCODE
+        run: |
+          if [ "${{ matrix.universal }}" == "true" ]; then
+            xcodebuild -project wolfssl.xcodeproj \
+                       -target ${{ matrix.target }} \
+                       -configuration ${{ matrix.config }} \
+                       -arch ${{ matrix.arch }} \
+                       -arch ${{ matrix.arch2 }} \
+                       -sdk ${{ matrix.sdk }} \
+                       SYMROOT=build \
+                       OBJROOT=build \
+                       build
+          else
+            xcodebuild -project wolfssl.xcodeproj \
+                       -target ${{ matrix.target }} \
+                       -configuration ${{ matrix.config }} \
+                       -arch ${{ matrix.arch }} \
+                       -sdk ${{ matrix.sdk }} \
+                       SYMROOT=build \
+                       OBJROOT=build \
+                       build
+          fi

.github/workflows/zephyr.yml

@@ -42,7 +42,7 @@ jobs:
             make gcc gcc-multilib g++-multilib libsdl2-dev libmagic1 \
             autoconf automake bison build-essential ca-certificates cargo ccache chrpath cmake \
             cpio device-tree-compiler dfu-util diffstat dos2unix doxygen file flex g++ gawk gcc \
-            gcovr git git-core gnupg gperf gtk-sharp2 help2man iproute2 lcov libcairo2-dev \
+            gcovr git git-core gnupg gperf gtk-sharp3 help2man iproute2 lcov libcairo2-dev \
             libglib2.0-dev libgtk2.0-0 liblocale-gettext-perl libncurses5-dev libpcap-dev \
             libpopt0 libsdl1.2-dev libsdl2-dev libssl-dev libtool libtool-bin locales make \
             net-tools ninja-build openssh-client parallel pkg-config python3-dev python3-pip \

.gitignore

@@ -50,16 +50,6 @@ wolfcrypt_first.c
 wolfcrypt_last.c
 selftest.c
 fipsv2.c
-src/async.c
-wolfssl/async.h
-wolfcrypt/src/async.c
-wolfssl/wolfcrypt/async.h
-wolfcrypt/src/port/intel/quickassist.c
-wolfcrypt/src/port/intel/quickassist_mem.c
-wolfcrypt/src/port/cavium/cavium_nitrox.c
-wolfssl/wolfcrypt/port/intel/quickassist.h
-wolfssl/wolfcrypt/port/intel/quickassist_mem.h
-wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h
 ctaocrypt/benchmark/benchmark
 ctaocrypt/test/testctaocrypt
 wolfcrypt/benchmark/benchmark
@@ -249,6 +239,12 @@ linuxkm/linuxkm
 linuxkm/src
 linuxkm/patches/src
 *.nds
+bsdkm/export_syms
+bsdkm/i386
+bsdkm/libwolfssl.ko
+bsdkm/machine
+bsdkm/opt_global.h
+bsdkm/x86
 
 # autotools generated
 scripts/unit.test
@@ -472,3 +468,5 @@ wrapper/Ada/obj/
 # Autogenerated debug trace headers
 wolfssl/debug-trace-error-codes.h
 wolfssl/debug-untrace-error-codes.h
+
+AGENTS.md

.wolfssl_known_macro_extras

@@ -35,6 +35,7 @@ BASE64_NO_TABLE
 BLAKE2B_SELFTEST
 BLAKE2S_SELFTEST
 BLOCKING
+BSDKM_EXPORT_SYMS
 BSP_DEFAULT_IO_CHANNEL_DEFINED
 BSP_LED_0
 BSP_LED_1
@@ -51,6 +52,7 @@ CONFIG_ARCH_CHIP_STM32F746ZG
 CONFIG_ARCH_CHIP_STM32H743ZI
 CONFIG_ARCH_CHIP_STM32L552ZE
 CONFIG_ARCH_POSIX
+CONFIG_ARCH_TEGRA
 CONFIG_ARM
 CONFIG_ARM64
 CONFIG_BOARD_NATIVE_POSIX
@@ -63,6 +65,7 @@ CONFIG_CRYPTO_CBC
 CONFIG_CRYPTO_CTR
 CONFIG_CRYPTO_DH
 CONFIG_CRYPTO_DH_RFC7919_GROUPS
+CONFIG_CRYPTO_DRBG
 CONFIG_CRYPTO_ECB
 CONFIG_CRYPTO_ECDH
 CONFIG_CRYPTO_ECDSA
@@ -133,6 +136,7 @@ CONFIG_PICOLIBC
 CONFIG_POSIX_API
 CONFIG_POSIX_THREADS
 CONFIG_PREEMPT_COUNT
+CONFIG_PREEMPT_RT
 CONFIG_PTHREAD_IPC
 CONFIG_SCHED_INFO
 CONFIG_SMP
@@ -180,6 +184,7 @@ CONFIG_WOLFTPM_EXAMPLE_NAME_ESPRESSIF
 CONFIG_X86
 CONV_WITH_DIV
 CPA_CY_API_VERSION_NUM_MAJOR
+CPA_CY_API_VERSION_NUM_MINOR
 CPU_MIMXRT1176DVMAA_cm7
 CPU_MK82FN256VLL15
 CRLDP_VALIDATE_DATA
@@ -305,6 +310,7 @@ INTIMEVER
 IOTSAFE_NO_GETDATA
 IOTSAFE_SIG_8BIT_LENGTH
 KCAPI_USE_XMALLOC
+KERNEL_ROOT
 K_SERIES
 LIBWOLFSSL_VERSION_GIT_BRANCH
 LIBWOLFSSL_VERSION_GIT_HASH
@@ -412,6 +418,7 @@ NO_PKCS7_STREAM
 NO_POLY1305_ASM
 NO_PUBLIC_CCM_SET_NONCE
 NO_PUBLIC_GCM_SET_IV
+NO_QAT_RNG
 NO_RESUME_SUITE_CHECK
 NO_RNG
 NO_RNG_MUTEX
@@ -471,10 +478,12 @@ REDIRECTION_OUT2_KEYELMID
 REDIRECTION_OUT2_KEYID
 RENESAS_T4_USE
 RHEL_MAJOR
+RHEL_RELEASE_CODE
 RTC_ALARMSUBSECONDMASK_ALL
 RTE_CMSIS_RTOS_RTX
 RTOS_MODULE_NET_AVAIL
 RTPLATFORM
+SAL_IOMMU_CODE
 SA_INTERRUPT
 SCEKEY_INSTALLED
 SHA256_MANY_REGISTERS
@@ -536,6 +545,11 @@ STM32WL55xx
 STM32_AESGCM_PARTIAL
 STM32_HW_CLOCK_AUTO
 STM32_NUTTX_RNG
+STSAFE_HOST_KEY_CIPHER
+STSAFE_HOST_KEY_MAC
+STSAFE_I2C_BUS
+STSE_CONF_ECC_BRAINPOOL_P_256
+STSE_CONF_ECC_BRAINPOOL_P_384
 TASK_EXTRA_STACK_SIZE
 TCP_NODELAY
 TFM_ALREADY_SET
@@ -565,8 +579,10 @@ USE_CONTESTMUTEX
 USE_ECDSA_KEYSZ_HASH_ALGO
 USE_FULL_ASSERT
 USE_HAL_DRIVER
+USE_LAC_SESSION_FOR_STRUCT_OFFSET
 USE_NXP_LTC
 USE_NXP_MMCAU
+USE_QAE_STATIC_MEM
 USE_QAE_THREAD_LS
 USE_SECRET_CALLBACK
 USE_STSAFE_RNG_SEED
@@ -580,24 +596,26 @@ WC_AES_BS_WORD_SIZE
 WC_AES_GCM_DEC_AUTH_EARLY
 WC_ASN_HASH_SHA256
 WC_ASN_RUNTIME_DATE_CHECK_CONTROL
-WC_ASYNC_ENABLE_3DES
-WC_ASYNC_ENABLE_AES
-WC_ASYNC_ENABLE_ARC4
-WC_ASYNC_ENABLE_DH
-WC_ASYNC_ENABLE_ECC
 WC_ASYNC_ENABLE_ECC_KEYGEN
-WC_ASYNC_ENABLE_HMAC
-WC_ASYNC_ENABLE_MD5
-WC_ASYNC_ENABLE_RSA
-WC_ASYNC_ENABLE_RSA_KEYGEN
-WC_ASYNC_ENABLE_SHA
-WC_ASYNC_ENABLE_SHA224
-WC_ASYNC_ENABLE_SHA256
-WC_ASYNC_ENABLE_SHA3
-WC_ASYNC_ENABLE_SHA384
-WC_ASYNC_ENABLE_SHA512
+WC_ASYNC_NO_3DES
+WC_ASYNC_NO_AES
+WC_ASYNC_NO_ARC4
 WC_ASYNC_NO_CRYPT
-WC_ASYNC_NO_HASH
+WC_ASYNC_NO_DH
+WC_ASYNC_NO_ECC
+WC_ASYNC_NO_HMAC
+WC_ASYNC_NO_MD5
+WC_ASYNC_NO_PKI
+WC_ASYNC_NO_RNG
+WC_ASYNC_NO_RSA
+WC_ASYNC_NO_RSA_KEYGEN
+WC_ASYNC_NO_SHA
+WC_ASYNC_NO_SHA224
+WC_ASYNC_NO_SHA256
+WC_ASYNC_NO_SHA3
+WC_ASYNC_NO_SHA384
+WC_ASYNC_NO_SHA512
+WC_ASYNC_THREAD_BIND
 WC_CACHE_RESISTANT_BASE64_TABLE
 WC_DILITHIUM_CACHE_PRIV_VECTORS
 WC_DILITHIUM_CACHE_PUB_VECTORS
@@ -607,8 +625,10 @@ WC_ECC_NONBLOCK_ONLY
 WC_FLAG_DONT_USE_AESNI
 WC_FORCE_LINUXKM_FORTIFY_SOURCE
 WC_LMS_FULL_HASH
+WC_NO_ASYNC_SLEEP
 WC_NO_RNG_SIMPLE
 WC_NO_STATIC_ASSERT
+WC_NO_VERBOSE_RNG
 WC_PKCS11_FIND_WITH_ID_ONLY
 WC_PROTECT_ENCRYPTED_MEM
 WC_RNG_BLOCKING
@@ -640,6 +660,7 @@ WOLFSSL_AESNI_BY6
 WOLFSSL_AES_CTR_EXAMPLE
 WOLFSSL_AFTER_DATE_CLOCK_SKEW
 WOLFSSL_ALGO_HW_MUTEX
+WOLFSSL_ALLOW_AKID_SKID_MATCH
 WOLFSSL_ALLOW_BAD_TLS_LEGACY_VERSION
 WOLFSSL_ALLOW_CRIT_AIA
 WOLFSSL_ALLOW_CRIT_AKID
@@ -651,6 +672,7 @@ WOLFSSL_ALLOW_SERVER_SC_EXT
 WOLFSSL_ALLOW_TLS_SHA1
 WOLFSSL_ALTERNATIVE_DOWNGRADE
 WOLFSSL_ALT_NAMES_NO_REV
+WOLFSSL_ARMASM_NEON_NO_TABLE_LOOKUP
 WOLFSSL_ARM_ARCH_NEON_64BIT
 WOLFSSL_ASCON_UNROLL
 WOLFSSL_ASNC_CRYPT
@@ -673,7 +695,6 @@ WOLFSSL_BIGINT_TYPES
 WOLFSSL_BIO_NO_FLOW_STATS
 WOLFSSL_BLAKE2B_INIT_EACH_FIELD
 WOLFSSL_BLAKE2S_INIT_EACH_FIELD
-WOLFSSL_BLIND_PRIVATE_KEY
 WOLFSSL_BYTESWAP32_ASM
 WOLFSSL_CAAM_BLACK_KEY_AESCCM
 WOLFSSL_CAAM_BLACK_KEY_SM
@@ -686,10 +707,8 @@ WOLFSSL_CLIENT_EXAMPLE
 WOLFSSL_CONTIKI
 WOLFSSL_CRL_ALLOW_MISSING_CDP
 WOLFSSL_DILITHIUM_ASSIGN_KEY
-WOLFSSL_DILITHIUM_MAKE_KEY_SMALL_MEM
 WOLFSSL_DILITHIUM_NO_ASN1
 WOLFSSL_DILITHIUM_NO_CHECK_KEY
-WOLFSSL_DILITHIUM_NO_LARGE_CODE
 WOLFSSL_DILITHIUM_NO_MAKE
 WOLFSSL_DILITHIUM_REVERSE_HASH_OID
 WOLFSSL_DILITHIUM_SIGN_CHECK_W0
@@ -697,7 +716,6 @@ WOLFSSL_DILITHIUM_SIGN_CHECK_Y
 WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC
 WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC_A
 WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
-WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM
 WOLFSSL_DISABLE_EARLY_SANITY_CHECKS
 WOLFSSL_DTLS_DISALLOW_FUTURE
 WOLFSSL_DTLS_RECORDS_CAN_SPAN_DATAGRAMS
@@ -763,16 +781,14 @@ WOLFSSL_MAKE_SYSTEM_NAME_LINUX
 WOLFSSL_MAKE_SYSTEM_NAME_WSL
 WOLFSSL_MDK5
 WOLFSSL_MEM_FAIL_COUNT
-WOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM
 WOLFSSL_MLKEM_INVNTT_UNROLL
-WOLFSSL_MLKEM_MAKEKEY_SMALL_MEM
-WOLFSSL_MLKEM_NO_LARGE_CODE
 WOLFSSL_MLKEM_NO_MALLOC
 WOLFSSL_MLKEM_NTT_UNROLL
 WOLFSSL_MONT_RED_CT
 WOLFSSL_MP_COND_COPY
 WOLFSSL_MP_INVMOD_CONSTANT_TIME
 WOLFSSL_MULTICIRCULATE_ALTNAMELIST
+WOLFSSL_NEW_PRIME_CHECK
 WOLFSSL_NONBLOCK_OCSP
 WOLFSSL_NOSHA3_384
 WOLFSSL_NOT_WINDOWS_API
@@ -784,6 +800,7 @@ WOLFSSL_NO_COPY_KEY
 WOLFSSL_NO_CRL_DATE_CHECK
 WOLFSSL_NO_CRL_NEXT_DATE
 WOLFSSL_NO_CT_MAX_MIN
+WOLFSSL_NO_DEBUG_CERTS
 WOLFSSL_NO_DECODE_EXTRA
 WOLFSSL_NO_DER_TO_PEM
 WOLFSSL_NO_DH186
@@ -844,6 +861,7 @@ WOLFSSL_RENESAS_RZN2L
 WOLFSSL_RENESAS_TLS
 WOLFSSL_RENESAS_TSIP_IAREWRX
 WOLFSSL_REQUIRE_TCA
+WOLFSSL_RNG_USE_FULL_SEED
 WOLFSSL_RSA_CHECK_D_ON_DECRYPT
 WOLFSSL_RSA_DECRYPT_TO_0_LEN
 WOLFSSL_RW_THREADED
@@ -871,7 +889,6 @@ WOLFSSL_SP_INT_SQR_VOLATILE
 WOLFSSL_STACK_CHECK
 WOLFSSL_STM32F427_RNG
 WOLFSSL_STM32U5_DHUK
-WOLFSSL_STM32_RNG_NOLIB
 WOLFSSL_STRONGEST_HASH_SIG
 WOLFSSL_STSAFE_TAKES_SLOT
 WOLFSSL_TELIT_M2MB
@@ -888,6 +905,7 @@ WOLFSSL_TICKET_ENC_HMAC_SHA512
 WOLFSSL_TI_CURRTIME
 WOLFSSL_TLS13_DRAFT
 WOLFSSL_TLS13_IGNORE_AEAD_LIMITS
+WOLFSSL_TLS13_IGNORE_PT_ALERT_ON_ENC
 WOLFSSL_TLS13_SHA512
 WOLFSSL_TLS13_TICKET_BEFORE_FINISHED
 WOLFSSL_TLSX_PQC_MLKEM_STORE_PRIV_KEY
@@ -969,6 +987,7 @@ __ARCH_STRSTR_NO_REDIRECT
 __ARM_ARCH_7M__
 __ARM_FEATURE_CRYPTO
 __ASSEMBLER__
+__ATOMIC_CONSUME
 __ATOMIC_RELAXED
 __AVR_ARCH__
 __AVR__
@@ -976,6 +995,7 @@ __BCPLUSPLUS__
 __BIG_ENDIAN__
 __BORLANDC__
 __CCRX__
+__CC_ARM
 __COMPILER_VER__
 __COUNTER__
 __CYGWIN__
@@ -1012,6 +1032,7 @@ __MWERKS__
 __NT__
 __OS2__
 __OpenBSD__
+__PIC__
 __PIE__
 __POWERPC__
 __PPC__
@@ -1052,6 +1073,7 @@ __WATCOMC__
 __WATCOM_INT64__
 __XC32
 __XTENSA__
+__ZEPHYR__
 __aarch64__
 __alpha__
 __arch64__

CMakeLists.txt

@@ -34,7 +34,7 @@ if("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_BINARY_DIR}")
      You must delete them, or cmake will refuse to work.")
 endif()
 
-project(wolfssl VERSION 5.8.2 LANGUAGES C ASM)
+project(wolfssl VERSION 5.8.4 LANGUAGES C ASM)
 
 # Set WOLFSSL_ROOT if not already defined
 if ("${WOLFSSL_ROOT}" STREQUAL "")
@@ -58,7 +58,7 @@ set(WOLFSSL_LIBRARY_VERSION_SECOND 0)
 # increment if source code has changed
 # set to zero if WOLFSSL_LIBRARY_VERSION_FIRST is incremented or
 # WOLFSSL_LIBRARY_VERSION_SECOND is incremented
-set(WOLFSSL_LIBRARY_VERSION_THIRD 0)
+set(WOLFSSL_LIBRARY_VERSION_THIRD 1)
 
 set(LIBTOOL_FULL_VERSION ${WOLFSSL_LIBRARY_VERSION_FIRST}.${WOLFSSL_LIBRARY_VERSION_SECOND}.${WOLFSSL_LIBRARY_VERSION_THIRD})
 
@@ -603,6 +603,11 @@ add_option(WOLFSSL_MLKEM
     "Enable the wolfSSL PQ ML-KEM library (default: disabled)"
     "no" "yes;no")
 
+# Dilithium
+add_option(WOLFSSL_DILITHIUM
+    "Enable the wolfSSL PQ Dilithium (ML-DSA) implementation (default: disabled)"
+    "no" "yes;no")
+
 # LMS
 add_option(WOLFSSL_LMS
     "Enable the PQ LMS Stateful Hash-based Signature Scheme (default: disabled)"
@@ -700,6 +705,29 @@ if (WOLFSSL_EXPERIMENTAL)
         message(STATUS "Looking for WOLFSSL_LMS - not found")
     endif()
 
+    # Checking for experimental feature: Dilithium
+    message(STATUS "Looking for WOLFSSL_DILITHIUM")
+    if (WOLFSSL_DILITHIUM)
+        set(WOLFSSL_FOUND_EXPERIMENTAL_FEATURE 1)
+
+        message(STATUS "Automatically set related requirements for Dilithium:")
+        add_definitions("-DHAVE_DILITHIUM")
+        add_definitions("-DWOLFSSL_WC_DILITHIUM")
+        add_definitions("-DWOLFSSL_SHA3")
+        add_definitions("-DWOLFSSL_SHAKE128")
+        add_definitions("-DWOLFSSL_SHAKE256")
+
+        message(STATUS "Automatically set related requirements for Dilithium:")
+        set_wolfssl_definitions("HAVE_DILITHIUM"       RESULT)
+        set_wolfssl_definitions("WOLFSSL_WC_DILITHIUM" RESULT)
+        set_wolfssl_definitions("WOLFSSL_SHA3"         RESULT)
+        set_wolfssl_definitions("WOLFSSL_SHAKE128"     RESULT)
+        set_wolfssl_definitions("WOLFSSL_SHAKE256"     RESULT)
+        message(STATUS "Looking for WOLFSSL_DILITHIUM - found")
+    else()
+        message(STATUS "Looking for WOLFSSL_DILITHIUM - not found")
+    endif()
+
     # Other experimental feature detection can be added here...
 
     # Were any experimental features found? Display a message.
@@ -713,7 +741,9 @@ if (WOLFSSL_EXPERIMENTAL)
     if(WOLFSSL_OQS AND WOLFSSL_MLKEM)
         message(FATAL_ERROR "Error: cannot enable both WOLFSSL_OQS and WOLFSSL_MLKEM at the same time.")
     endif()
-
+    if(WOLFSSL_OQS AND WOLFSSL_DILITHIUM)
+        message(FATAL_ERROR "Error: cannot enable both WOLFSSL_OQS and WOLFSSL_DILITHIUM at the same time.")
+    endif()
 else()
     # Experimental mode not enabled, but were any experimental features enabled? Error out if so:
     message(STATUS "Looking for WOLFSSL_EXPERIMENTAL - not found")
@@ -723,6 +753,9 @@ else()
     if(WOLFSSL_MLKEM)
         message(FATAL_ERROR "Error: WOLFSSL_MLKEM requires WOLFSSL_EXPERIMENTAL at this time.")
     endif()
+    if(WOLFSSL_DILITHIUM)
+        message(FATAL_ERROR "Error: WOLFSSL_DILITHIUM requires WOLFSSL_EXPERIMENTAL at this time.")
+    endif()
 endif()
 
 # LMS
@@ -1037,6 +1070,41 @@ if(WOLFSSL_ECC)
     endif()
 endif()
 
+# ECCSI
+add_option("WOLFSSL_ECCSI"
+    "Enable ECCSI (default: disabled)"
+    "no" "yes;no")
+
+if(WOLFSSL_ECCSI)
+    if (NOT WOLFSSL_ECC)
+        message(FATAL_ERROR "cannot enable ECCSI without enabling ECC.")
+    endif()
+
+    list(APPEND WOLFSSL_DEFINITIONS "-DWOLFCRYPT_HAVE_ECCSI -DWOLFSSL_PUBLIC_MP")
+endif()
+
+# SAKKE
+add_option("WOLFSSL_SAKKE"
+    "Enable SAKKE (default: disabled)"
+    "no" "yes;no")
+
+if(WOLFSSL_SAKKE)
+    if (NOT WOLFSSL_ECC)
+        message(FATAL_ERROR "cannot enable SAKKE without enabling ECC.")
+    endif()
+
+    list(APPEND WOLFSSL_DEFINITIONS "-DWOLFCRYPT_HAVE_SAKKE")
+endif()
+
+# SipHash
+add_option("WOLFSSL_SIPHASH"
+    "Enable SipHash (default: disabled)"
+    "no" "yes;no")
+
+if(WOLFSSL_SIPHASH)
+    list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_SIPHASH")
+endif()
+
 # TODO: - Compressed key
 #       - FP ECC, fixed point cache ECC
 #       - ECC encrypt
@@ -1866,6 +1934,16 @@ if(NOT WOLFSSL_PKCS12)
   list(APPEND WOLFSSL_DEFINITIONS "-DNO_PKCS12")
 endif()
 
+# PKCS#11
+add_option("WOLFSSL_PKCS11"
+    "Enable PKCS#11 (default: disabled)"
+    "no" "yes;no")
+
+if(WOLFSSL_PKCS11 AND NOT WIN32)
+    list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_PKCS11 -DHAVE_WOLF_BIGINT")
+    list(APPEND WOLFSSL_LINK_LIBS ${CMAKE_DL_LIBS})
+endif()
+
 
 # PWDBASED has to come after certservice since we want it on w/o explicit on
 # PWDBASED
@@ -1964,7 +2042,6 @@ add_option("WOLFSSL_CRYPT_TESTS_HELP"
     "no" "yes;no")
 
 # TODO: - LIBZ
-#       - PKCS#11
 #       - Cavium
 #       - Cavium V
 #       - Cavium Octeon
@@ -2063,10 +2140,7 @@ add_option("WOLFSSL_SYS_CA_CERTS"
     "yes" "yes;no")
 
 if(WOLFSSL_SYS_CA_CERTS)
-    if(NOT WOLFSSL_FILESYSTEM)
-        message("Can't enable system CA certs without a filesystem.")
-        override_cache(WOLFSSL_SYS_CA_CERTS "no")
-    elseif(APPLE)
+    if(APPLE)
         # Headers used for MacOS default system CA certs behavior. Only MacOS SDK will have this header
         check_include_file("Security/SecTrustSettings.h" HAVE_SECURITY_SECTRUSTSETTINGS_H)
         # Headers used for Apple native cert validation. All device SDKs should have these headers
@@ -2100,6 +2174,9 @@ if(WOLFSSL_SYS_CA_CERTS)
         else()
             message(FATAL_ERROR "Can't enable system CA certs without Apple Security.framework headers.")
         endif()
+    elseif(NOT WIN32 AND NOT WOLFSSL_FILESYSTEM)
+        message("Can't enable system CA certs without a filesystem.")
+        override_cache(WOLFSSL_SYS_CA_CERTS "no")
     endif()
 
 
@@ -2693,6 +2770,25 @@ if(WOLFSSL_EXAMPLES)
         tests/api/test_ossl_mac.c
         tests/api/test_ossl_rsa.c
         tests/api/test_ossl_sk.c
+        tests/api/test_ossl_x509.c
+        tests/api/test_ossl_x509_ext.c
+        tests/api/test_ossl_x509_name.c
+        tests/api/test_ossl_x509_pk.c
+        tests/api/test_ossl_x509_vp.c
+        tests/api/test_ossl_x509_io.c
+        tests/api/test_ossl_x509_crypto.c
+        tests/api/test_ossl_x509_acert.c
+        tests/api/test_ossl_x509_info.c
+        tests/api/test_ossl_x509_str.c
+        tests/api/test_ossl_x509_lu.c
+        tests/api/test_ossl_pem.c
+        tests/api/test_ossl_rand.c
+        tests/api/test_ossl_obj.c
+        tests/api/test_ossl_p7p12.c
+        tests/api/test_evp_digest.c
+        tests/api/test_evp_cipher.c
+        tests/api/test_evp_pkey.c
+        tests/api/test_certman.c
         tests/api/test_tls13.c
         tests/srp.c
         tests/suites.c

ChangeLog.md

@@ -1,3 +1,89 @@
+# wolfSSL Release 5.8.4 (Nov. 20, 2025)
+
+Release 5.8.4 has been developed according to wolfSSL's development and QA
+process (see link below) and successfully passed the quality criteria.
+https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
+
+NOTE: * --enable-heapmath is deprecated
+            * MD5 is now disabled by default
+
+PR stands for Pull Request, and PR <NUMBER> references a GitHub pull request number where the code change was added.
+
+## Vulnerabilities
+* [Low CVE-2025-12888] Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels introduced by compiler optimizations and CPU architecture limitations, specifically with the Xtensa-based ESP32 chips. If targeting Xtensa it is recommended to use the low memory implementations of X25519, which is now turned on as the default for Xtensa. Thanks to Adrian Cinal for the report. Fixed in PR 9275.
+
+
+* [Med. CVE-2025-11936] Potential DoS vulnerability due to a memory leak through multiple KeyShareEntry with the same group in malicious TLS 1.3 ClientHello messages. This affects users who are running wolfSSL on the server side with TLS 1.3. Thanks to Jaehun Lee and Kyungmin Bae, Pohang University of Science and Technology (POSTECH) for the report. Fixed in PR 9117.
+
+* [Low CVE-2025-11935] PSK with PFS (Perfect Forward Secrecy) downgrades to PSK without PFS during TLS 1.3 handshake. If the client sends a ClientHello that has a key share extension and the server responds with a ServerHello that does not have a key share extension the connection would previously continue on without using PFS. Thanks to Jaehun Lee from Pohang University of Science and Technology (POSTECH) for the report. Fixed in PR 9112.
+
+* [Low CVE-2025-11934] Signature Algorithm downgrade from ECDSA P521 to P256 during TLS 1.3 handshake. When a client sends ECDSA P521 as the supported signature algorithm the server previously could respond as ECDSA P256 being the accepted signature algorithm and the connection would continue with using ECDSA P256. Thanks to Jaehun Lee from Pohang University of Science and Technology (POSTECH) for the report. Fixed in PR 9113.
+
+
+* [Low CVE-2025-11933] DoS Vulnerability in wolfSSL TLS 1.3 CKS extension parsing. Previously duplicate CKS extensions were not rejected leading to a potential memory leak when processing a ClientHello. Thanks to Jaehun Lee from Pohang University of Science and Technology (POSTECH) for the report. Fixed in PR 9132.
+
+
+* [Low CVE-2025-11931] Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wc_XChaCha20Poly1305_Decrypt() which is not used with TLS connections, only from direct calls from an application. Thanks to Luigino Camastra from Aisle Research for the report. Fixed in PR 9223.
+
+* [Low CVE-2025-11932] Timing Side-Channel in PSK Binder Verification. The server previously verified the TLS 1.3 PSK binder using a non-constant time method which could potentially leak information about the PSK binder. Thanks to Luigino Camastra from Aisle Research for the report. Fixed in PR 9223.
+
+* [Low CVE-2025-12889] With TLS 1.2 connections a client can use any digest, specifically a weaker digest, rather than those in the CertificateRequest. Thanks to Jaehun Lee from Pohang University of Science and Technology (POSTECH) for the report. Fixed in PR 9395
+
+* [Low CVE-2025-13912] When using the Clang compiler, various optimization levels or flags could result in non-constant-time compiled code. Assembly implementations of the functions in wolfSSL were not affected. The report was done specifically with Clang version 18 but there was shown to be similarities in timing variations when using the optimization levels with Clang 14 and Clang 20.
+
+On the following architectures, the expected constant-time functions were found to have potential timing variations when specific compiler flags or optimization levels were used.
+
+AArch64: Using O3, Ofast, or --enable-nontrivial-unswitch with O1/O2 flags leads to possible timing variations with the software implementations of sp_read_radix, sp_div_2_mod_ct, and sp_addmod_ct. Using O3, O2, Ofast, Os, or Oz with --unroll-force-peel-count=50 leads to possible timing variations with wc_AesGcmDecrypt.
+
+RISC-V: TLS HMAC update/final operations, RSA unpad operations, and DH key pair generation with O1, O2, O3, Ofast, Oz, or Os. wc_AesGcmDecrypt and wc_Chacha_Process with O1, O2, O3, Os, or Ofast. Also SP software operations sp_div_2_mod_ct and sp_addmod_ct using O3 or Ofast.
+
+
+X86_64: TLS HMAC update/final operations and TimingVerifyPad used with verifying the TLS MAC with --fast-isel or --x86-cmov-converter-force-all compile flags. RSA unpad operations, ECC mulmod, and wc_Chacha_Process with the --x86-cmov-converter-force-all flag. DH key agreement, sp_div_2_mod_ct and sp_addmod_ct with O1, O2, O3, Os, or Ofast. wc_AesGcmDecrypt with the compiler flags O2, O3, Os, Ofast, Oz --x86-cmov-converter-force-all | --unroll-force-peel-count=50, or O1 --x86-cmov-converter-force-all.
+
+Thanks to Jing Liu, Zhiyuan Zhang, LUCÍA MARTÍNEZ GAVIER, Gilles Barthe, Marcel Böhme from Max Planck Institute for Security and Privacy (MPI-SP) for the report. Fixed in PR 9148.
+
+## New Features
+* New ML-KEM / ML-DSA APIs and seed/import PKCS8 support; added _new/_delete APIs for ML-KEM/ML-DSA. (PR 9039, 9000, 9049)
+* Initial wolfCrypt FreeBSD kernel module support (PR 9392)
+* Expanded PKCS7/CMS capabilities: decode SymmetricKeyPackage / OneSymmetricKey, add wc_PKCS7_GetEnvelopedDataKariRid, and allow PKCS7 builds with AES keywrap unset. (PR 9018, 9029, 9032)
+* Add custom AES key wrap/unwrap callbacks and crypto callback copy/free operations. (PR 9002, 9309)
+* Add support for certificate_authorities extension in ClientHello and certificate manager CA-type selection/unloading. (PR 9209, 9046)
+* Large expansion of Rust wrapper modules: random, aes, rsa, ecc, dh, sha, hmac, cmac, ed25519/ed448, pbkdf2/PKCS#12, kdf/prf, SRTP KDFs, and conditional compilation options. (PR 9191, 9212, 9273, 9306, 9320, 9328, 9368, 9389, 9357, 9433)
+* Rust: support optional heap and dev_id parameters and enable conditional compilation based on C build options. (PR 9407, 9433)
+* STM32 fixes (benchmarking and platform fixes) and PSoC6 hardware acceleration additions. (PR 9228, 9256, 9185)
+* STM32U5 added support for SAES and DHUK. (PR 9087)
+* Add --enable-curl=tiny option for a smaller build when used with cURL. (PR 9174)
+
+## Improvements / Optimizations
+* Regression test fixes and expansion: TLS 1.3/1.2 tests, ARDUINO examples, libssh2 tests, hostap workflows, and nightly test improvements. (PR 9096, 9141, 9091, 9122, 9388)
+* Improved test ordering and CI test stability (random tests run order changes, FIPS test fixes). (PR 9204, 9257)
+* Docs and readme fixes, docstring updates, AsconAEAD comment placement, and example certificate renewals. (PR 9131, 9293, 9262, 9429)
+* Updated GPL exception lists (GPLv2 and GPLv3 exception updates: add Fetchmail and OpenVPN). (PR 9398, 9413)
+* Introduced WOLFSSL_DEBUG_CERTS and additional debug/logging refinements. (PR 8902, 9055)
+* Expanded crypto-callback support (SHA family, HKDF, SHA-224, sha512_family digest selection) and improved crypto-only build cases. (PR 9070, 9252, 9271, 9100, 9194)
+* AES & HW offload improvements including AES-CTR support in PKCS11 driver and AES ECB offload sizing fix. (PR 9277, 9364)
+* ESP32: PSRAM allocator support and SHA HW fixes for ESP-IDF v6/v5. (PR 8987, 9225, 9264)
+* Renesas FSP / RA examples updated and security-module TLS context improvements. (PR 9047, 9010, 9158, 9150)
+* Broad configure/CMake/Autotools workflow improvements (Apple options tracking, Watcom pinning, Debian packaging, ESP-IDF pinning). (PR 9037, 9167, 9161, 9264)
+* New assembly introspection / performance helpers for RISC-V and PPC32; benchmarking enhancements (cycle counts). (PR 9101, 9317)
+* Update to SGX build for using assembly optimizations. (PR 8463, 9138)
+* Testing with Fil-C compiler version to 0.674 (PR 9396)
+* Refactors and compressing of small stack code (PR 9153)
+
+## Bug Fixes
+* Removed the test feature using popen when defining the macro WOLFSSL_USE_POPEN_HOST and not having HAVE_GETADDRINFO defined, along with having the macro HAVE_HTTP_CLIENT set. There was the potential for vulnerable behavior with the use of popen when the API wolfSSL_BIO_new_connect() was called with this specific build. This exact build configuration is only intended for testing with QEMU and is not enabled with any autoconf/cmake flags. Thanks to linraymond2006 for the report. (PR 9038)
+* Fix for C# wrapper Ed25519 potential crash and heap overwrite with raw public key import when using the API Ed25519ImportPublic.This was a broken API with the C# wrapper that would crash on use. Thanks to Luigino Camastra from Aisle Research for the bug report. (PR 9291)
+* Coverity, cppcheck, MISRA, clang-tidy, ZeroPath and other static-analysis driven fixes across the codebase. (PR 9006, 9078, 9068, 9265, 9324)
+* TLS 1.2/DTLS improvements: client message order checks, DTLS cookie/exchange and replay protections, better DTLS early-data handling. (PR 9387, 9253, 9205, 9367)
+* Improved X.509 & cert handling: allow larger pathLen in Basic Constraints, restore inner server name for ECH, retrying cert candidate chains. (PR 8890, 9234, 8692)
+* Sniffer robustness: fix infinite recursion, better handling of OOO appData and partial overlaps, and improved retransmission detection. (PR 9051, 9106, 9140, 9094)
+* Numerous linuxkm (kernel-mode) fixes, relocation/PIE normalization, and FIPS-related build tweaks across many iterations. (PR 9025, 9035, 9067, 9111, 9121)
+* ML-KEM/Kyber and ML-DSA fixes for out-of-bounds and seed-import correctness; multiple ML-related safety fixes. (PR 9142, 9105, 9439)
+* Avoid uninitialized-variable and GCC warnings; several fixes for undefined-shift/overflow issues. (PR 9020, 9372, 9195)
+* Memory & leak fixes in X509 verification and various struct sizing fixes for WOLFSSL_NO_MALLOC usage. (PR 9258, 9036)
+* Fixed RSA / signing / verify-only warnings allowing WOLFSSL_NO_CT_OPS when WOLFSSL_RSA_VERIFY_ONLY is used and API cleanups for using const. (PR 9031, 9263)
+
+
 # wolfSSL Release 5.8.2 (July 17, 2025)
 
 Release 5.8.2 has been developed according to wolfSSL's development and QA

IDE/Renesas/e2studio/DK-S7G2/benchmark-template/src/app_entry.c

@@ -18,8 +18,8 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
-
-
+
+
 
 #include "app.h"
 #include "stdio.h"
@@ -37,9 +37,9 @@ extern void initialise_monitor_handles(void);
 
 #include "nx_api.h"
 #define CONNECTION_TIMES 100
-#define SERVER_IP IP_ADDRESS(10,22,73,128)
-#define TLS_PORT 11111
-#define TCP_PORT 11112
+#define SERVER_IP IP_ADDRESS(192,168,3,10)
+#define TLS_PORT 11112
+#define TCP_PORT 11111
 
 static double milliseconds = 0;
 void  timer_callback(timer_callback_args_t * args)

IDE/Renesas/e2studio/RA6M4/include.am

@@ -17,3 +17,7 @@ EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/test/key_data/key_data_sce.c
 EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/test/key_data/key_data.h
 EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/common/wolfssl_demo.h
 EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/common/user_settings.h
+EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/tools/README.md
+EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/tools/example_keys/generate_SignedCA.sh
+EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/tools/example_keys/rsa_private.pem
+EXTRA_DIST+= IDE/Renesas/e2studio/RA6M4/tools/example_keys/rsa_public.pem

IDE/Renesas/e2studio/SK-S7G2/.gitignore

@@ -0,0 +1,6 @@
+.settings/
+Debug/
+synergy/
+synergy_cfg/
+wolfssl_lib/src/synergy_gen/
+synergy_cfg.txt

IDE/Renesas/e2studio/SK-S7G2/README.md

@@ -0,0 +1,193 @@
+wolfSSL simple application projects for SK-S7G2 board
+======
+
+## 1. Overview
+-----
+
+This repository provides simple sample applications for evaluating wolfSSL on the SK-S7G2 evaluation board (R7FS7G27H3A01CFC, S7G2 MCU). The samples run on Express Logic ThreadX (a real-time operating system) and use NetX/NetX Driver for networking and the SSP-provided drivers for the SK-S7G2 board.
+
+The sample package includes applications that demonstrate the following functions:
+
+- Crypto Test: Automatically runs tests for various cryptographic operations.
+- Benchmark: Measures execution speed for various cryptographic operations. The benchmark also includes TCP and TLS client tests against a peer server.
+
+Because the required hardware and software configurations for the evaluation board are already prepared, only minimal setup is needed to run the samples.
+
+The following sections will walk you through the steps leading up to running the sample application.
+
+## 2. Target H/W, components and libraries
+-----
+
+This sample program uses the following hardware and software libraries. If a new version of any component is available, update it as appropriate.
+
+| item | name & version |
+|:--|:--|
+| Board | SK-S7G2 Starter Kit |
+| Device | R7FS7G27H3A01CFC |
+| IDE | Renesas e2Studio — Version: 2025-01 (25.1.0) |
+| Toolchain | GNU Arm Embedded Toolchain (arm-none-eabi-gcc), e.g. Arm GNU Toolchain 13.3.Rel1 (build arm-13.24) |
+| SSP | 2.7.0 |
+
+The project includes a configuration file that references the following software components. These components are not bundled with this sample; you must download or install them via the e2studio Smart Configurator.
+
+| Component | version |
+|:--|:--|
+| Board support package for R7FS7G27H3A01CFC | 2.7.0 |
+| Board Support Packages | 2.7.0 |
+| SSP Common Code | 2.7.0 |
+| Clock Generation Circuit: Provides=[CGC] | 2.7.0 |
+| Event Link Controller: Provides=[ELC] | 2.7.0 |
+| Factory MCU Information Module: Provides=[FMI] | 2.7.0 |
+| I/O Port: Provides=[IO Port] | 2.7.0 |
+| S7G2_SK Board Support Files | 2.7.0 |
+| Express Logic ThreadX: Provides=[ThreadX] | 2.7.0 |
+| Secure Cryptography Engine: Provides=[TRNG, AES, HASH, RSA, DSA, TDES, ARC4, ECC, KEY_INSTALLATION] | 2.7.0 |
+| Express Logic NetX Synergy Port: Provides=[NetX Driver], Requires=[NetX] | 2.7.0 |
+| General Purpose Timer: Provides=[Timer, GPT] | 2.7.0 |
+| Real Time Clock: Provides=[RTC] | 2.7.0 |
+| Express Logic NetX: Provides=[NetX], Requires=[ThreadX, NetX Driver] | 2.7.0 |
+
+> Note: Hardware-accelerated algorithms supported on this board (via the Secure Cryptography Engine / SSP):
+>
+> - True Random Number Generator (TRNG)
+> - SHA-256
+> - AES in ECB mode: AES-128, AES-192, AES-256
+>
+> To use the hardware accelerators, enable the "Secure Cryptography Engine" component in the e2studio Smart Configurator and click "Generate Code". On the wolfSSL side, hardware SCE support is enabled with the `WOLFSSL_SCE` compile-time option. In this sample, `WOLFSSL_SCE` is defined in the `user_settings.h` file included in the `wolfSSL_SKS7G2` project (for example: `#define WOLFSSL_SCE`), so the sample will use the Secure Cryptography Engine for the primitives listed above. To force software fallbacks for testing, remove the `WOLFSSL_SCE` define from `user_settings.h` or disable the Secure Cryptography Engine component.
+
+## 3. Importing sample application project into e2Studio
+----
+There is no need to create a new project. Since the project file is already prepared, import the project from the IDE by following the steps below.
+
+- In e2studio: File > Open Project from File System... > Directory (R) ... Click the import source button and select the folder containing the project to import.
+- Four projects are listed for import. Select only the three projects: `wolfbenchmark_test`, `wolfcrypt_test`, and `wolfssl_SKS7G2`, then click Finish.
+
+You should see the `wolfbenchmark_test`, `wolfcrypt_test`, and `wolfssl_SKS7G2` projects in Project Explorer.
+
+## 4. Smart configurator file generation
+----
+Follow the steps below:
+
+1. Open the `wolfssl_SKS7G2` project in Project Explorer and double-click the `configuration.xml` file to open the Smart Configurator perspective.
+2. Click the "Generate Code" button in the Smart Configurator (top-right of the component settings pane) to generate the required source files. This creates a `src/synergy_gen` folder under the project.
+
+## 5. Build and run wolfcrypt_test application
+-----
+1. Build the `wolfssl_SKS7G2` project in Project Explorer, then build the `wolfcrypt_test` project.
+2. After a successful build, connect the target board to your PC via USB.
+3. Select Run > Debug to open the Debug perspective.
+4. The application outputs operating status to standard output. Keep the "Renesas Debug Virtual Console" open to view this output.
+5. Press the Run button to start the application.
+6. After displaying the crypto test result, the application enters an infinite loop. If output stops, stop debugging.
+
+## 7. Running benchmark application
+-----
+
+### 7.1 Prepare TCP server as a peer
+The benchmark application includes a TCP client. You can use [this TCP server application](https://github.com/wolfSSL/wolfssl-examples/blob/master/tls/server-tcp.c) as the peer server.
+
+```
+$ gcc server-tcp.c -o server-tcp
+$ ./server-tcp
+```
+
+You can modify the server IP address and port. Those are defined in `app_entry.c` based on your environment:
+
+```
+#define SERVER_IP IP_ADDRESS(192,168,3,10)
+#define TLS_PORT 11112
+#define TCP_PORT 11111
+```
+
+### 7.2 Prepare TLS server as a peer
+The benchmark application also includes a TLS client. You can use the wolfSSL example TLS server as the peer server:
+
+```
+$ git clone https://github.com/wolfSSL/wolfssl.git
+$ cd wolfssl
+$ ./autogen.sh
+$ ./configure
+$ make
+$ ./examples/server/server -bdi -p 11112 -v d
+```
+
+The `-b` option binds the server to all network interfaces (instead of localhost only).
+The `-d` option disables client authentication.
+The `-i` option makes the server loop indefinitely (allow repeated connections).
+The `-p` option sets the port number.
+The `-v` option sets the TLS version. The `d` value allows a downgrade to TLS 1.2 if a TLS 1.3 connection cannot be established.
+
+### 7.3 Run benchmark application on the board
+After building and running the benchmark on the board, the client connects to the server over TCP, exchanges a simple string, and prints output to the Renesas Debug Virtual Console similar to:
+
+```
+Pinging server to see if up .. got response from server
+Benchmarking client TCP connection
+Trying to connect to 0xC0A8030A on port 11111
+100 TCP connections took 0.XXXXXX seconds
+```
+
+You will also see messages on the server console:
+
+```
+$ ./server-tcp
+Waiting for a connection...
+Client connected successfully
+Client: Hello Server
+
+Waiting for a connection...
+```
+
+For TLS benchmark, you will see messages like:
+
+```
+Benchmarking client TLSv1.2 connection using ECDHE-RSA-AES128-GCM-SHA256
+Trying to connect to 0xC0A8030A on port 11112
+100 TLS connections took YYY.XXXXXX seconds (and ZZZ.XXXXXX tx_time ticks)
+
+Benchmarking client TLSv1.3 WOLFSSL_ECC_X25519 connection using TLS13_AES128_GCM_SHA256
+Trying to connect to 0xC0A8030A on port 11112
+100 TLS connections took YYY.XXXXXX seconds (and ZZZ.XXXXXX tx_time ticks)
+
+Benchmarking client TLSv1.3 WOLFSSL_ECC_SECP256R1 connection using TLS13_AES128_GCM_SHA256
+Trying to connect to 0xC0A8030A on port 11112
+100 TLS connections took YYY.XXXXXX seconds (and ZZZ.XXXXXX tx_time ticks)
+
+Benchmarking client TLSv1.3 WOLFSSL_FFDHE_2048 connection using TLS13_AES128_GCM_SHA256
+Trying to connect to 0xC0A8030A on port 11112
+100 TLS connections took YYY.XXXXXX seconds (and ZZZ.XXXXXX tx_time ticks)
+```
+
+On the server console you may see:
+
+```
+$ ./examples/server/server -bdi -p 11112 -v d
+listening on port 11112
+SSL version is TLSv1.2
+SSL cipher suite is TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+SSL curve name is SECP256R1
+...
+SSL version is TLSv1.3
+SSL cipher suite is TLS_AES_128_GCM_SHA256
+SSL curve name is X25519
+...
+SSL version is TLSv1.3
+SSL cipher suite is TLS_AES_128_GCM_SHA256
+SSL curve name is SECP256R1
+...
+SSL version is TLSv1.3
+SSL cipher suite is TLS_AES_128_GCM_SHA256
+SSL curve name is FFDHE_2048
+```
+
+Finally, the application runs cryptographic benchmarks. You will see output like:
+
+```
+wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
+...
+Benchmark complete
+```
+
+# 8. Support
+----
+For support inquiries, email support@wolfssl.com. For Japanese support, contact info@wolfssl.jp.

IDE/Renesas/e2studio/SK-S7G2/benchmark_test/.cproject

@@ -0,0 +1,358 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<?fileVersion 4.0.0?><cproject storage_type_id="org.eclipse.cdt.core.XmlProjectDescriptionStorage">
+	<storageModule moduleId="org.eclipse.cdt.core.settings">
+		<cconfiguration id="com.renesas.cdt.managedbuild.gnuarm.config.elf.debug.495713966">
+			<storageModule buildSystemId="org.eclipse.cdt.managedbuilder.core.configurationDataProvider" id="com.renesas.cdt.managedbuild.gnuarm.config.elf.debug.495713966" moduleId="org.eclipse.cdt.core.settings" name="Debug">
+				<externalSettings/>
+				<extensions>
+					<extension id="org.eclipse.cdt.core.GNU_ELF" point="org.eclipse.cdt.core.BinaryParser"/>
+					<extension id="org.eclipse.cdt.core.GASErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GmakeErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GLDErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.CWDLocator" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GCCErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+				</extensions>
+			</storageModule>
+			<storageModule moduleId="cdtBuildSystem" version="4.0.0">
+				<configuration artifactName="${ProjName}" buildArtefactType="org.eclipse.cdt.build.core.buildArtefactType.exe" buildProperties="org.eclipse.cdt.build.core.buildArtefactType=org.eclipse.cdt.build.core.buildArtefactType.exe,org.eclipse.cdt.build.core.buildType=org.eclipse.cdt.build.core.buildType.debug" cleanCommand="${cross_rm} -rf" description="" id="com.renesas.cdt.managedbuild.gnuarm.config.elf.debug.495713966" name="Debug" parent="com.renesas.cdt.managedbuild.gnuarm.config.elf.debug">
+					<folderInfo id="com.renesas.cdt.managedbuild.gnuarm.config.elf.debug.495713966." name="/" resourcePath="">
+						<toolChain id="com.renesas.cdt.managedbuild.gnuarm.toolchain.elf.debug.1369556004" name="GCC ARM Embedded" superClass="com.renesas.cdt.managedbuild.gnuarm.toolchain.elf.debug">
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1738166029" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.1906190122" name="Create extended listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.1128291884" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.1896908621" name="Echo tool command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.1047445582" name="Optimization Level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level" value="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.more" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength.611739348" name="Message length (-fmessage-length=0)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar.1032527477" name="'char' is signed (-fsigned-char)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections.794846697" name="Function sections (-ffunction-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections.681291178" name="Data sections (-fdata-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.2049619094" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.2070621529" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.851348329" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.87152070" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.334310470" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.428646674" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.1124861416" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1759041382" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.738457001" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.2062331401" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.101770566" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1019309365" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.470451144" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.219665038" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name" value="GNU Tools for ARM Embedded Processors" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.116617750" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture" value="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.arm" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.762658249" name="Arm family (-mcpu)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-m4" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.586738225" name="Instruction set" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.thumb" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1941153126" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix" value="arm-none-eabi-" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.2024990039" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c" value="gcc" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.1038166903" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp" value="g++" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.nostrictaliasing.1326385305" name="Disable optimizations based on the type of expressions (-fno-strict-aliasing)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.nostrictaliasing" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.975204031" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar" value="ar" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.462504948" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy" value="objcopy" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1381119870" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump" value="objdump" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.1716870018" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size" value="size" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1573280524" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make" value="make" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.31958859" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm" value="rm" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.727604522" name="FPU Type" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.fpv4spd16" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.1692650207" name="Float ABI" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.hard" valueType="enumerated"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.GNU_ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform.128243661" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+							<builder buildPath="${workspace_loc:/wolfbenchmark_test}/Debug" id="com.renesas.cdt.managedbuild.gnuarm.builder.968395951" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="Gnu Make Builder" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gnuarm.builder"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.1473143270" name="GNU Arm Cross Assembler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor.1932997753" name="Use preprocessor" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor" value="true" valueType="boolean"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths.470162742" name="Include paths (-I)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths" valueType="includePath">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/common&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/driver}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/bsp/cmsis/Include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/driver/api}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/driver/instances}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/src/synergy_gen}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/framework/el}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/framework/el}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/el/tx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/sf_el_nx/phy}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/framework/el/nx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/el/nx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/framework}&quot;"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs.1510266857" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs" valueType="definedSymbols">
+									<listOptionValue builtIn="false" value="_RENESAS_SYNERGY_"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.265731786" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+							</tool>
+							<tool commandLinePattern="${COMMAND} ${cross_toolchain_flags} ${FLAGS} -c ${OUTPUT_FLAG} ${OUTPUT_PREFIX}${OUTPUT} -x c ${INPUTS}" id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.355253890" name="GNU Arm Cross C Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std.61940515" name="Language standard" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std" useByScannerDiscovery="true" value="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std.c99" valueType="enumerated"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.include.paths.1453106276" name="Include paths (-I)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.include.paths" useByScannerDiscovery="true" valueType="includePath">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}}/../../../../../&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}}/../common&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/driver}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/bsp/cmsis/Include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/driver/api}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/driver/instances}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/src/synergy_gen}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/framework/el}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/framework/el}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/el/tx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/sf_el_nx/phy}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/framework/el/nx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/el/nx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/framework}&quot;"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs.188657556" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs" useByScannerDiscovery="true" valueType="definedSymbols">
+									<listOptionValue builtIn="false" value="_RENESAS_SYNERGY_"/>
+									<listOptionValue builtIn="false" value="WOLFSSL_USER_SETTINGS"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1740536557" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+							</tool>
+							<tool commandLinePattern="${COMMAND} ${cross_toolchain_flags} ${FLAGS} -c ${OUTPUT_FLAG} ${OUTPUT_PREFIX}${OUTPUT} -x c++ ${INPUTS}" id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.1287925510" name="GNU Arm Cross C++ Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.603425280" name="GNU Arm Cross C Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.gcsections.981888107" name="Remove unused sections (-Xlinker --gc-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.gcsections" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.usenewlibnano.1448163139" name="Use newlib-nano (--specs=nano.specs)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.usenewlibnano" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.other.701685867" name="Other linker flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.other" value="--specs=rdimon.specs -Wl,--whole-archive -lwolfssl_SKS7G2 -Wl,--no-whole-archive" valueType="string"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.paths.155510805" name="Library search path (-L)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.paths" valueType="libPaths">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/Debug}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/bsp/mcu/s7g2}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/bsp/cmsis/DSP_Lib/cm4_gcc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/bsp/cmsis/NN_Lib/cm4_gcc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/driver/r_fmi/libs}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/el/tx/cm4_gcc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/driver/r_sce/libs}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/el/nx/cm4_gcc}&quot;"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.libs.1977483284" name="Libraries (-l)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.libs" valueType="libs">
+									<listOptionValue builtIn="false" value="fmi_cm4_s7g2_gcc"/>
+									<listOptionValue builtIn="false" value="fmi_R7FS7G27H3A01CFC_gcc"/>
+									<listOptionValue builtIn="false" value="nx"/>
+									<listOptionValue builtIn="false" value="DSP_Lib"/>
+									<listOptionValue builtIn="false" value="NN_Lib"/>
+									<listOptionValue builtIn="false" value="tx"/>
+									<listOptionValue builtIn="false" value="crypto_cm4_s7g2_gcc"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.scriptfile.2029889651" name="Script files (-T)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.scriptfile" valueType="stringList">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/script/r7fs7g27h3a01cfc.ld}&quot;"/>
+								</option>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.useprintffloat.2026756849" name="Use float with nano printf (-u _printf_float)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.useprintffloat" value="true" valueType="boolean"/>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.input.1341964677" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.input">
+									<additionalInput kind="additionalinputdependency" paths="$(USER_OBJS)"/>
+									<additionalInput kind="additionalinput" paths="$(LIBS)"/>
+									<additionalInput kind="additionaldependency" paths="$(LINKER_SCRIPT)"/>
+								</inputType>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.623535917" name="GNU Arm Cross C++ Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.gcsections.1247984137" name="Remove unused sections (-Xlinker --gc-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.gcsections" value="true" valueType="boolean"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.scriptfile.113428057" name="Script files (-T)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.scriptfile" valueType="stringList">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/script/r7fs7g27h3a01cfc.ld}&quot;"/>
+								</option>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver.710182368" name="GNU Arm Cross Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash.2019744122" name="GNU Arm Cross Create Flash Image" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createflash.choice.833314388" name="Output file format (-O)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createflash.choice" value="ilg.gnuarmeclipse.managedbuild.cross.option.createflash.choice.srec" valueType="enumerated"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting.2029949528" name="GNU Arm Cross Create Listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.source.133802282" name="Display source (--source|-S)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.source" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.allheaders.35339034" name="Display all headers (--all-headers|-x)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.allheaders" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.demangle.1926529705" name="Demangle names (--demangle|-C)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.demangle" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.linenumbers.334298414" name="Display line numbers (--line-numbers|-l)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.linenumbers" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.wide.66209668" name="Wide lines (--wide|-w)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.wide" value="true" valueType="boolean"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize.1353672992" name="GNU Arm Cross Print Size" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.printsize.format.2127020743" name="Size format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.printsize.format"/>
+							</tool>
+						</toolChain>
+					</folderInfo>
+				</configuration>
+			</storageModule>
+			<storageModule moduleId="org.eclipse.cdt.core.externalSettings"/>
+			<storageModule moduleId="com.renesas.cdt.managedbuild.core.toolchainInfo"/>
+		</cconfiguration>
+		<cconfiguration id="com.renesas.cdt.managedbuild.gnuarm.config.elf.release.525899663">
+			<storageModule buildSystemId="org.eclipse.cdt.managedbuilder.core.configurationDataProvider" id="com.renesas.cdt.managedbuild.gnuarm.config.elf.release.525899663" moduleId="org.eclipse.cdt.core.settings" name="Release">
+				<externalSettings/>
+				<extensions>
+					<extension id="org.eclipse.cdt.core.GNU_ELF" point="org.eclipse.cdt.core.BinaryParser"/>
+					<extension id="org.eclipse.cdt.core.GASErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GmakeErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GLDErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.CWDLocator" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GCCErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+				</extensions>
+			</storageModule>
+			<storageModule moduleId="cdtBuildSystem" version="4.0.0">
+				<configuration artifactName="${ProjName}" buildArtefactType="org.eclipse.cdt.build.core.buildArtefactType.exe" buildProperties="org.eclipse.cdt.build.core.buildArtefactType=org.eclipse.cdt.build.core.buildArtefactType.exe,org.eclipse.cdt.build.core.buildType=org.eclipse.cdt.build.core.buildType.release" cleanCommand="${cross_rm} -rf" description="" id="com.renesas.cdt.managedbuild.gnuarm.config.elf.release.525899663" name="Release" parent="com.renesas.cdt.managedbuild.gnuarm.config.elf.release">
+					<folderInfo id="com.renesas.cdt.managedbuild.gnuarm.config.elf.release.525899663." name="/" resourcePath="">
+						<toolChain id="com.renesas.cdt.managedbuild.gnuarm.toolchain.elf.release.1196203160" name="GCC ARM Embedded" superClass="com.renesas.cdt.managedbuild.gnuarm.toolchain.elf.release">
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.283368688" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.1748671462" name="Create extended listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.381084180" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.105460421" name="Echo tool command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.953807980" name="Optimization Level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level" value="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.more" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength.2032734499" name="Message length (-fmessage-length=0)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar.456443289" name="'char' is signed (-fsigned-char)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections.1236328855" name="Function sections (-ffunction-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections.582848857" name="Data sections (-fdata-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.959938409" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1564343251" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.1020288953" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.533544056" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.753372006" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.612264361" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.1999173655" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.265877922" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.632963450" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.214755968" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.1274743931" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1735041781" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.491526550" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.335436861" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name" value="GNU Tools for ARM Embedded Processors" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.905005047" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture" value="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.arm" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.351174452" name="Arm family (-mcpu)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-m4" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.164994421" name="Instruction set" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.thumb" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.518349518" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix" value="arm-none-eabi-" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.975803762" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c" value="gcc" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.1669475553" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp" value="g++" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.nostrictaliasing.1733579138" name="Disable optimizations based on the type of expressions (-fno-strict-aliasing)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.nostrictaliasing" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.927595910" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar" value="ar" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.1707569625" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy" value="objcopy" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1826880024" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump" value="objdump" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.1147356706" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size" value="size" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.680530888" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make" value="make" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.514116309" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm" value="rm" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.26858048" name="FPU Type" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.fpv4spd16" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.1470359884" name="Float ABI" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.hard" valueType="enumerated"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.GNU_ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform.31280103" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+							<builder buildPath="${workspace_loc:/wolfbenchmark_test}/Release" id="com.renesas.cdt.managedbuild.gnuarm.builder.551532719" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="Gnu Make Builder" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gnuarm.builder"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.1970889392" name="GNU Arm Cross Assembler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor.299396240" name="Use preprocessor" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor" value="true" valueType="boolean"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths.2134477029" name="Include paths (-I)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths" valueType="includePath">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/driver}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/bsp/cmsis/Include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/driver/api}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/driver/instances}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/src/synergy_gen}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/framework/el}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/framework/el}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/el/tx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/sf_el_nx/phy}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/framework/el/nx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/el/nx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/framework}&quot;"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs.1798663397" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs" valueType="definedSymbols">
+									<listOptionValue builtIn="false" value="_RENESAS_SYNERGY_"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.1269089926" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+							</tool>
+							<tool commandLinePattern="${COMMAND} ${cross_toolchain_flags} ${FLAGS} -c ${OUTPUT_FLAG} ${OUTPUT_PREFIX}${OUTPUT} -x c ${INPUTS}" id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.1090017327" name="GNU Arm Cross C Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std.2070135708" name="Language standard" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std" useByScannerDiscovery="true" value="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std.c99" valueType="enumerated"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.include.paths.367417636" name="Include paths (-I)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.include.paths" useByScannerDiscovery="true" valueType="includePath">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/driver}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/bsp/cmsis/Include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/driver/api}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/driver/instances}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/src/synergy_gen}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/framework/el}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/framework/el}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/el/tx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/sf_el_nx/phy}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/framework/el/nx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/el/nx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/framework}&quot;"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs.81606790" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs" useByScannerDiscovery="true" valueType="definedSymbols">
+									<listOptionValue builtIn="false" value="_RENESAS_SYNERGY_"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.684425821" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+							</tool>
+							<tool commandLinePattern="${COMMAND} ${cross_toolchain_flags} ${FLAGS} -c ${OUTPUT_FLAG} ${OUTPUT_PREFIX}${OUTPUT} -x c++ ${INPUTS}" id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.701547664" name="GNU Arm Cross C++ Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.1017602964" name="GNU Arm Cross C Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.gcsections.785043006" name="Remove unused sections (-Xlinker --gc-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.gcsections" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.usenewlibnano.1568526553" name="Use newlib-nano (--specs=nano.specs)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.usenewlibnano" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.other.1242818577" name="Other linker flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.other" value="--specs=rdimon.specs -Wl,--whole-archive -lwolfssl_SKS7G2 -Wl,--no-whole-archive" valueType="string"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.paths.384169351" name="Library search path (-L)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.paths" valueType="libPaths">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/Release}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/bsp/mcu/s7g2}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/bsp/cmsis/DSP_Lib/cm4_gcc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/bsp/cmsis/NN_Lib/cm4_gcc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/driver/r_fmi/libs}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/el/tx/cm4_gcc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/driver/r_sce/libs}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/el/nx/cm4_gcc}&quot;"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.libs.1334507325" name="Libraries (-l)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.libs" valueType="libs">
+									<listOptionValue builtIn="false" value="fmi_R7FS7G27H3A01CFC_gcc"/>
+									<listOptionValue builtIn="false" value="DSP_Lib"/>
+									<listOptionValue builtIn="false" value="NN_Lib"/>
+									<listOptionValue builtIn="false" value="fmi_cm4_s7g2_gcc"/>
+									<listOptionValue builtIn="false" value="tx"/>
+									<listOptionValue builtIn="false" value="crypto_cm4_s7g2_gcc"/>
+									<listOptionValue builtIn="false" value="nx"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.scriptfile.1420627266" name="Script files (-T)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.scriptfile" valueType="stringList">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/script/r7fs7g27h3a01cfc.ld}&quot;"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.input.1959632352" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.input">
+									<additionalInput kind="additionalinputdependency" paths="$(USER_OBJS)"/>
+									<additionalInput kind="additionalinput" paths="$(LIBS)"/>
+									<additionalInput kind="additionaldependency" paths="$(LINKER_SCRIPT)"/>
+								</inputType>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.2013225510" name="GNU Arm Cross C++ Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.gcsections.789689841" name="Remove unused sections (-Xlinker --gc-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.gcsections" value="true" valueType="boolean"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.scriptfile.852466996" name="Script files (-T)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.scriptfile" valueType="stringList">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/script/r7fs7g27h3a01cfc.ld}&quot;"/>
+								</option>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver.728996657" name="GNU Arm Cross Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash.1466233860" name="GNU Arm Cross Create Flash Image" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createflash.choice.136238543" name="Output file format (-O)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createflash.choice" value="ilg.gnuarmeclipse.managedbuild.cross.option.createflash.choice.srec" valueType="enumerated"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting.2809955" name="GNU Arm Cross Create Listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.source.847758853" name="Display source (--source|-S)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.source" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.allheaders.50161215" name="Display all headers (--all-headers|-x)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.allheaders" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.demangle.1654846572" name="Demangle names (--demangle|-C)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.demangle" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.linenumbers.473304420" name="Display line numbers (--line-numbers|-l)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.linenumbers" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.wide.679797200" name="Wide lines (--wide|-w)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.wide" value="true" valueType="boolean"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize.774124352" name="GNU Arm Cross Print Size" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.printsize.format.1688826275" name="Size format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.printsize.format"/>
+							</tool>
+						</toolChain>
+					</folderInfo>
+				</configuration>
+			</storageModule>
+			<storageModule moduleId="org.eclipse.cdt.core.externalSettings"/>
+			<storageModule moduleId="com.renesas.cdt.managedbuild.core.toolchainInfo"/>
+		</cconfiguration>
+	</storageModule>
+	<storageModule moduleId="cdtBuildSystem" version="4.0.0">
+		<project id="wolfbenchmark_test.com.renesas.cdt.managedbuild.gnuarm.target.elf.2107363220" name="Executable" projectType="com.renesas.cdt.managedbuild.gnuarm.target.elf"/>
+	</storageModule>
+	<storageModule moduleId="scannerConfiguration">
+		<autodiscovery enabled="true" problemReportingEnabled="true" selectedProfileId=""/>
+		<scannerConfigBuildInfo instanceId="com.renesas.cdt.managedbuild.gnuarm.config.elf.debug.495713966;com.renesas.cdt.managedbuild.gnuarm.config.elf.debug.495713966.;ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.355253890;ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1740536557">
+			<autodiscovery enabled="true" problemReportingEnabled="true" selectedProfileId=""/>
+		</scannerConfigBuildInfo>
+		<scannerConfigBuildInfo instanceId="com.renesas.cdt.managedbuild.gnuarm.config.elf.release.525899663;com.renesas.cdt.managedbuild.gnuarm.config.elf.release.525899663.;ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.1090017327;ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.684425821">
+			<autodiscovery enabled="true" problemReportingEnabled="true" selectedProfileId=""/>
+		</scannerConfigBuildInfo>
+	</storageModule>
+	<storageModule moduleId="org.eclipse.cdt.core.LanguageSettingsProviders"/>
+	<storageModule moduleId="refreshScope"/>
+	<storageModule moduleId="org.eclipse.cdt.make.core.buildtargets"/>
+</cproject>

IDE/Renesas/e2studio/SK-S7G2/benchmark_test/.project

@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+	<name>wolfbenchmark_test</name>
+	<comment></comment>
+	<projects>
+	</projects>
+	<buildSpec>
+		<buildCommand>
+			<name>org.eclipse.cdt.managedbuilder.core.genmakebuilder</name>
+			<triggers>clean,full,incremental,</triggers>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.cdt.managedbuilder.core.ScannerConfigBuilder</name>
+			<triggers>full,incremental,</triggers>
+			<arguments>
+			</arguments>
+		</buildCommand>
+	</buildSpec>
+	<natures>
+		<nature>org.eclipse.cdt.core.cnature</nature>
+		<nature>com.renesas.cdt.synergy.contentgen.synergyExecutableNature</nature>
+		<nature>org.eclipse.cdt.managedbuilder.core.managedBuildNature</nature>
+		<nature>org.eclipse.cdt.managedbuilder.core.ScannerConfigNature</nature>
+	</natures>
+	<linkedResources>
+		<link>
+			<name>src/app_entry.c</name>
+			<type>1</type>
+			<locationURI>PARENT-2-PROJECT_LOC/DK-S7G2/benchmark-template/src/app_entry.c</locationURI>
+		</link>
+		<link>
+			<name>src/benchmark.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/benchmark/benchmark.c</locationURI>
+		</link>
+	</linkedResources>
+</projectDescription>

IDE/Renesas/e2studio/SK-S7G2/common/user_settings.h

@@ -0,0 +1,108 @@
+
+#ifndef USER_SETTINGS_H
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2025 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#define USER_SETTINGS_H
+
+/*#define DEBUG_WOLFSSL*/
+
+#define NO_MAIN_DRIVER
+#define USE_CERT_BUFFERS_2048
+#define USE_CERT_BUFFERS_256
+
+/* print out cycles per byte with benchmark
+ * when component r_wdt WDT is enabled
+ */
+#define SYNERGY_CYCLE_COUNT
+#define BENCH_EMBEDDED
+
+/* Use turn on all SCE acceleration */
+#define WOLFSSL_SCE
+
+/* Used to turn off TRNG */
+/* #define WOLFSSL_SCE_NO_TRNG */
+
+/* Used to turn off AES hardware acc. */
+/* #define WOLFSSL_SCE_NO_AES */
+
+/* Used to turn off HASH hardware acc. */
+/* #define WOLFSSL_SCE_NO_HASH */
+
+#if defined(WOLFSSL_SCE_NO_TRNG)
+    /* use unsafe test seed if TRNG not used (not for production) */
+    #define WOLFSSL_GENSEED_FORTEST
+#endif
+
+#define HAVE_ECC
+#define ALT_ECC_SIZE
+
+#define HAVE_CHACHA
+#define HAVE_POLY1305
+#define HAVE_ONE_TIME_AUTH
+#define HAVE_AESGCM
+
+#define HAVE_AES_ECB
+#define WOLFSSL_AES_DIRECT
+
+#define TFM_TIMING_RESISTANT
+#define WC_RSA_BLINDING
+#define ECC_TIMING_RESISTANT
+
+#define NO_WOLFSSL_DIR
+
+#define HAVE_NETX
+#define THREADX
+#define THREADX_NO_DC_PRINTF
+#define NO_WRITEV
+#define SIZEOF_LONG 4
+#define SIZEOF_LONG_LONG 8
+
+#define SP_WORD_SIZE 32
+#define WOLFSSL_SP_NO_DYN_STACK
+#define WOLFSSL_SP_NO_3072
+#define WOLFSSL_SP_MATH
+#define WOLFSSL_SP_SMALL
+#define WOLFSSL_SP_NO_MALLOC
+/*#define WOLFSSL_SP_NONBLOCK*/
+#define WOLFSSL_HAVE_SP_DH
+#define WOLFSSL_HAVE_SP_ECC
+#define WOLFSSL_HAVE_SP_RSA
+#define WOLFSSL_SP_ARM_CORTEX_M_ASM
+
+/* TLS 1.3 */
+#define WOLFSSL_TLS13
+#define HAVE_TLS_EXTENSIONS
+#define HAVE_SUPPORTED_CURVES
+#define HAVE_FFDHE_2048
+#define HAVE_HKDF
+#define WC_RSA_PSS
+
+#define HAVE_CURVE25519
+#define HAVE_ED25519
+#define WOLFSSL_SHA512
+
+/* NETX Duo BSD manual lists the socket len type as an INT */
+#undef  XSOCKLENT
+#define XSOCKLENT int
+
+#define USE_WOLF_TIMEVAL_T
+
+#endif

IDE/Renesas/e2studio/SK-S7G2/include.am

@@ -0,0 +1,14 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST+= IDE/Renesas/e2studio/SK-S7G2/.gitignore
+EXTRA_DIST+= IDE/Renesas/e2studio/SK-S7G2/README.md
+EXTRA_DIST+= IDE/Renesas/e2studio/SK-S7G2/wolfssl_lib/.cproject
+EXTRA_DIST+= IDE/Renesas/e2studio/SK-S7G2/wolfssl_lib/.project
+EXTRA_DIST+= IDE/Renesas/e2studio/SK-S7G2/wolfssl_lib/configuration.xml
+EXTRA_DIST+= IDE/Renesas/e2studio/SK-S7G2/wolfcrypt_test/.cproject
+EXTRA_DIST+= IDE/Renesas/e2studio/SK-S7G2/wolfcrypt_test/.project
+EXTRA_DIST+= IDE/Renesas/e2studio/SK-S7G2/benchmark_test/.cproject
+EXTRA_DIST+= IDE/Renesas/e2studio/SK-S7G2/benchmark_test/.project
+EXTRA_DIST+= IDE/Renesas/e2studio/SK-S7G2/common/user_settings.h

IDE/Renesas/e2studio/SK-S7G2/wolfcrypt_test/.cproject

@@ -0,0 +1,355 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<?fileVersion 4.0.0?><cproject storage_type_id="org.eclipse.cdt.core.XmlProjectDescriptionStorage">
+	<storageModule moduleId="org.eclipse.cdt.core.settings">
+		<cconfiguration id="com.renesas.cdt.managedbuild.gnuarm.config.elf.debug.428777857">
+			<storageModule buildSystemId="org.eclipse.cdt.managedbuilder.core.configurationDataProvider" id="com.renesas.cdt.managedbuild.gnuarm.config.elf.debug.428777857" moduleId="org.eclipse.cdt.core.settings" name="Debug">
+				<externalSettings/>
+				<extensions>
+					<extension id="org.eclipse.cdt.core.GNU_ELF" point="org.eclipse.cdt.core.BinaryParser"/>
+					<extension id="org.eclipse.cdt.core.GASErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GmakeErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GLDErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.CWDLocator" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GCCErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+				</extensions>
+			</storageModule>
+			<storageModule moduleId="cdtBuildSystem" version="4.0.0">
+				<configuration artifactName="${ProjName}" buildArtefactType="org.eclipse.cdt.build.core.buildArtefactType.exe" buildProperties="org.eclipse.cdt.build.core.buildArtefactType=org.eclipse.cdt.build.core.buildArtefactType.exe,org.eclipse.cdt.build.core.buildType=org.eclipse.cdt.build.core.buildType.debug" cleanCommand="${cross_rm} -rf" description="" id="com.renesas.cdt.managedbuild.gnuarm.config.elf.debug.428777857" name="Debug" parent="com.renesas.cdt.managedbuild.gnuarm.config.elf.debug">
+					<folderInfo id="com.renesas.cdt.managedbuild.gnuarm.config.elf.debug.428777857." name="/" resourcePath="">
+						<toolChain id="com.renesas.cdt.managedbuild.gnuarm.toolchain.elf.debug.1682746887" name="GCC ARM Embedded" superClass="com.renesas.cdt.managedbuild.gnuarm.toolchain.elf.debug">
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.744676672" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.1183655423" name="Create extended listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.1828592404" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.1408237735" name="Echo tool command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.2091700220" name="Optimization Level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level" value="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.more" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength.1702246737" name="Message length (-fmessage-length=0)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar.2144882157" name="'char' is signed (-fsigned-char)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections.777309793" name="Function sections (-ffunction-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections.1261110386" name="Data sections (-fdata-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.865747947" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.934496162" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.498915022" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.657341596" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1116362729" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.873766475" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.10650385" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1521777246" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.801777725" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.654257374" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.220760962" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1082612192" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.2132686965" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.1769907235" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name" value="GNU Tools for ARM Embedded Processors" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.1561211149" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture" value="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.arm" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.882310718" name="Arm family (-mcpu)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-m4" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.1512263999" name="Instruction set" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.thumb" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.806881826" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix" value="arm-none-eabi-" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1520588502" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c" value="gcc" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.1017165600" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp" value="g++" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.nostrictaliasing.2058312517" name="Disable optimizations based on the type of expressions (-fno-strict-aliasing)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.nostrictaliasing" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.28028755" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar" value="ar" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.1219608451" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy" value="objcopy" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1677001743" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump" value="objdump" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.9413515" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size" value="size" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.222280119" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make" value="make" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1491211548" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm" value="rm" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.517525491" name="FPU Type" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.fpv4spd16" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.1628568464" name="Float ABI" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.hard" valueType="enumerated"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.GNU_ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform.735292678" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+							<builder buildPath="${workspace_loc:/wolfcrpt_test}/Debug" id="com.renesas.cdt.managedbuild.gnuarm.builder.838178570" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="Gnu Make Builder" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gnuarm.builder"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.1957527742" name="GNU Arm Cross Assembler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor.2077731008" name="Use preprocessor" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor" value="true" valueType="boolean"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths.531998869" name="Include paths (-I)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths" valueType="includePath">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/driver}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/bsp/cmsis/Include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/driver/api}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/driver/instances}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/src/synergy_gen}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/framework/el}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/framework/el}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/el/tx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/sf_el_nx/phy}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/framework/el/nx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/el/nx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/framework}&quot;"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs.871832194" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs" valueType="definedSymbols">
+									<listOptionValue builtIn="false" value="_RENESAS_SYNERGY_"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.536182394" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+							</tool>
+							<tool commandLinePattern="${COMMAND} ${cross_toolchain_flags} ${FLAGS} -c ${OUTPUT_FLAG} ${OUTPUT_PREFIX}${OUTPUT} -x c ${INPUTS}" id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.1203271430" name="GNU Arm Cross C Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std.366647645" name="Language standard" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std" useByScannerDiscovery="true" value="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std.c99" valueType="enumerated"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.include.paths.638660606" name="Include paths (-I)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.include.paths" useByScannerDiscovery="true" valueType="includePath">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}}/../../../../../&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}}/../common&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/driver}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/bsp/cmsis/Include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/driver/api}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/driver/instances}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/src/synergy_gen}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/framework/el}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/framework/el}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/el/tx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/sf_el_nx/phy}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/framework/el/nx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/el/nx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/framework}&quot;"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs.931674224" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs" useByScannerDiscovery="true" valueType="definedSymbols">
+									<listOptionValue builtIn="false" value="_RENESAS_SYNERGY_"/>
+									<listOptionValue builtIn="false" value="WOLFSSL_USER_SETTINGS"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1239251688" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+							</tool>
+							<tool commandLinePattern="${COMMAND} ${cross_toolchain_flags} ${FLAGS} -c ${OUTPUT_FLAG} ${OUTPUT_PREFIX}${OUTPUT} -x c++ ${INPUTS}" id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.1346808108" name="GNU Arm Cross C++ Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.978903566" name="GNU Arm Cross C Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.gcsections.442199623" name="Remove unused sections (-Xlinker --gc-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.gcsections" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.usenewlibnano.453990316" name="Use newlib-nano (--specs=nano.specs)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.usenewlibnano" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.other.893914281" name="Other linker flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.other" value="--specs=rdimon.specs -Wl,--whole-archive -lwolfssl_SKS7G2 -Wl,--no-whole-archive" valueType="string"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.paths.79925329" name="Library search path (-L)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.paths" valueType="libPaths">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/Debug}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/bsp/mcu/s7g2}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/bsp/cmsis/DSP_Lib/cm4_gcc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/bsp/cmsis/NN_Lib/cm4_gcc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/driver/r_fmi/libs}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/el/tx/cm4_gcc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/driver/r_sce/libs}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/el/nx/cm4_gcc}&quot;"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.libs.762604780" name="Libraries (-l)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.libs" valueType="libs">
+									<listOptionValue builtIn="false" value="nx"/>
+									<listOptionValue builtIn="false" value="fmi_cm4_s7g2_gcc"/>
+									<listOptionValue builtIn="false" value="fmi_R7FS7G27H3A01CFC_gcc"/>
+									<listOptionValue builtIn="false" value="DSP_Lib"/>
+									<listOptionValue builtIn="false" value="NN_Lib"/>
+									<listOptionValue builtIn="false" value="tx"/>
+									<listOptionValue builtIn="false" value="crypto_cm4_s7g2_gcc"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.scriptfile.1244565282" name="Script files (-T)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.scriptfile" valueType="stringList">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/script/r7fs7g27h3a01cfc.ld}&quot;"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.input.1300345505" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.input">
+									<additionalInput kind="additionalinputdependency" paths="$(USER_OBJS)"/>
+									<additionalInput kind="additionalinput" paths="$(LIBS)"/>
+									<additionalInput kind="additionaldependency" paths="$(LINKER_SCRIPT)"/>
+								</inputType>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.1588053315" name="GNU Arm Cross C++ Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.gcsections.1280704583" name="Remove unused sections (-Xlinker --gc-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.gcsections" value="true" valueType="boolean"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.scriptfile.1778832855" name="Script files (-T)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.scriptfile" valueType="stringList">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/script/r7fs7g27h3a01cfc.ld}&quot;"/>
+								</option>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver.853751551" name="GNU Arm Cross Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash.1514346420" name="GNU Arm Cross Create Flash Image" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createflash.choice.120455899" name="Output file format (-O)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createflash.choice" value="ilg.gnuarmeclipse.managedbuild.cross.option.createflash.choice.srec" valueType="enumerated"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting.604126940" name="GNU Arm Cross Create Listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.source.891773834" name="Display source (--source|-S)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.source" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.allheaders.180254566" name="Display all headers (--all-headers|-x)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.allheaders" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.demangle.1187131244" name="Demangle names (--demangle|-C)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.demangle" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.linenumbers.218100529" name="Display line numbers (--line-numbers|-l)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.linenumbers" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.wide.131830189" name="Wide lines (--wide|-w)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.wide" value="true" valueType="boolean"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize.203064581" name="GNU Arm Cross Print Size" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.printsize.format.1296722795" name="Size format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.printsize.format"/>
+							</tool>
+						</toolChain>
+					</folderInfo>
+				</configuration>
+			</storageModule>
+			<storageModule moduleId="org.eclipse.cdt.core.externalSettings"/>
+			<storageModule moduleId="com.renesas.cdt.managedbuild.core.toolchainInfo"/>
+		</cconfiguration>
+		<cconfiguration id="com.renesas.cdt.managedbuild.gnuarm.config.elf.release.283004201">
+			<storageModule buildSystemId="org.eclipse.cdt.managedbuilder.core.configurationDataProvider" id="com.renesas.cdt.managedbuild.gnuarm.config.elf.release.283004201" moduleId="org.eclipse.cdt.core.settings" name="Release">
+				<externalSettings/>
+				<extensions>
+					<extension id="org.eclipse.cdt.core.GNU_ELF" point="org.eclipse.cdt.core.BinaryParser"/>
+					<extension id="org.eclipse.cdt.core.GASErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GmakeErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GLDErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.CWDLocator" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GCCErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+				</extensions>
+			</storageModule>
+			<storageModule moduleId="cdtBuildSystem" version="4.0.0">
+				<configuration artifactName="${ProjName}" buildArtefactType="org.eclipse.cdt.build.core.buildArtefactType.exe" buildProperties="org.eclipse.cdt.build.core.buildArtefactType=org.eclipse.cdt.build.core.buildArtefactType.exe,org.eclipse.cdt.build.core.buildType=org.eclipse.cdt.build.core.buildType.release" cleanCommand="${cross_rm} -rf" description="" id="com.renesas.cdt.managedbuild.gnuarm.config.elf.release.283004201" name="Release" parent="com.renesas.cdt.managedbuild.gnuarm.config.elf.release">
+					<folderInfo id="com.renesas.cdt.managedbuild.gnuarm.config.elf.release.283004201." name="/" resourcePath="">
+						<toolChain id="com.renesas.cdt.managedbuild.gnuarm.toolchain.elf.release.1169729789" name="GCC ARM Embedded" superClass="com.renesas.cdt.managedbuild.gnuarm.toolchain.elf.release">
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1360658226" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.281486810" name="Create extended listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.691009761" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.893864835" name="Echo tool command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.597494299" name="Optimization Level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level" value="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.more" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength.42557680" name="Message length (-fmessage-length=0)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar.1633268317" name="'char' is signed (-fsigned-char)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections.1229694518" name="Function sections (-ffunction-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections.2119282304" name="Data sections (-fdata-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.203104389" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1681884039" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.1751246242" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.1371895404" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1661271311" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.2021115173" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.340688686" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1148997742" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.967434034" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.1095997674" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.250818346" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.107293953" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1711684698" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.1153349174" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name" value="GNU Tools for ARM Embedded Processors" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.1062217966" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture" value="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.arm" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.1196368619" name="Arm family (-mcpu)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-m4" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.1693564686" name="Instruction set" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.thumb" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.401983477" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix" value="arm-none-eabi-" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.212593702" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c" value="gcc" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.1566378817" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp" value="g++" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.nostrictaliasing.1260310997" name="Disable optimizations based on the type of expressions (-fno-strict-aliasing)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.nostrictaliasing" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.2098440717" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar" value="ar" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.1462153302" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy" value="objcopy" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1781656393" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump" value="objdump" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.63130251" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size" value="size" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1524969807" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make" value="make" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.576307055" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm" value="rm" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.1665103186" name="FPU Type" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.fpv4spd16" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.97111024" name="Float ABI" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.hard" valueType="enumerated"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.GNU_ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform.421531798" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+							<builder buildPath="${workspace_loc:/wolfcrpt_test}/Release" id="com.renesas.cdt.managedbuild.gnuarm.builder.1110528617" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="Gnu Make Builder" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gnuarm.builder"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.1796498016" name="GNU Arm Cross Assembler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor.1824763152" name="Use preprocessor" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor" value="true" valueType="boolean"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths.1740267120" name="Include paths (-I)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths" valueType="includePath">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/driver}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/bsp/cmsis/Include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/driver/api}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/driver/instances}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/src/synergy_gen}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/framework/el}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/framework/el}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/el/tx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/sf_el_nx/phy}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/framework/el/nx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/el/nx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/framework}&quot;"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs.1182714442" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs" valueType="definedSymbols">
+									<listOptionValue builtIn="false" value="_RENESAS_SYNERGY_"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.973484810" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+							</tool>
+							<tool commandLinePattern="${COMMAND} ${cross_toolchain_flags} ${FLAGS} -c ${OUTPUT_FLAG} ${OUTPUT_PREFIX}${OUTPUT} -x c ${INPUTS}" id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.557996161" name="GNU Arm Cross C Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std.1058025274" name="Language standard" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std" useByScannerDiscovery="true" value="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std.c99" valueType="enumerated"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.include.paths.1923750623" name="Include paths (-I)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.include.paths" useByScannerDiscovery="true" valueType="includePath">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/driver}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/bsp/cmsis/Include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/driver/api}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/driver/instances}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/src/synergy_gen}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/framework/el}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/framework/el}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/el/tx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/sf_el_nx/phy}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/inc/framework/el/nx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/el/nx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy_cfg/ssp_cfg/framework}&quot;"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs.758895767" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs" useByScannerDiscovery="true" valueType="definedSymbols">
+									<listOptionValue builtIn="false" value="_RENESAS_SYNERGY_"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1209803555" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+							</tool>
+							<tool commandLinePattern="${COMMAND} ${cross_toolchain_flags} ${FLAGS} -c ${OUTPUT_FLAG} ${OUTPUT_PREFIX}${OUTPUT} -x c++ ${INPUTS}" id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.294097588" name="GNU Arm Cross C++ Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.21789163" name="GNU Arm Cross C Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.gcsections.807551950" name="Remove unused sections (-Xlinker --gc-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.gcsections" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.usenewlibnano.2110449638" name="Use newlib-nano (--specs=nano.specs)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.usenewlibnano" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.other.1881839404" name="Other linker flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.other" value="--specs=rdimon.specs -Wl,--whole-archive -lwolfssl_SKS7G2 -Wl,--no-whole-archive" valueType="string"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.paths.1493254275" name="Library search path (-L)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.paths" valueType="libPaths">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/Release}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/bsp/mcu/s7g2}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/bsp/cmsis/DSP_Lib/cm4_gcc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/bsp/cmsis/NN_Lib/cm4_gcc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/driver/r_fmi/libs}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/el/tx/cm4_gcc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/driver/r_sce/libs}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfssl_SKS7G2/synergy/ssp/src/framework/el/nx/cm4_gcc}&quot;"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.libs.1218913624" name="Libraries (-l)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.libs" valueType="libs">
+									<listOptionValue builtIn="false" value="fmi_R7FS7G27H3A01CFC_gcc"/>
+									<listOptionValue builtIn="false" value="DSP_Lib"/>
+									<listOptionValue builtIn="false" value="NN_Lib"/>
+									<listOptionValue builtIn="false" value="fmi_cm4_s7g2_gcc"/>
+									<listOptionValue builtIn="false" value="tx"/>
+									<listOptionValue builtIn="false" value="crypto_cm4_s7g2_gcc"/>
+									<listOptionValue builtIn="false" value="nx"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.scriptfile.1988842485" name="Script files (-T)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.scriptfile" valueType="stringList">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/script/r7fs7g27h3a01cfc.ld}&quot;"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.input.1109807962" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.input">
+									<additionalInput kind="additionalinputdependency" paths="$(USER_OBJS)"/>
+									<additionalInput kind="additionalinput" paths="$(LIBS)"/>
+									<additionalInput kind="additionaldependency" paths="$(LINKER_SCRIPT)"/>
+								</inputType>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.1273228139" name="GNU Arm Cross C++ Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.gcsections.1837491818" name="Remove unused sections (-Xlinker --gc-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.gcsections" value="true" valueType="boolean"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.scriptfile.1076731438" name="Script files (-T)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.scriptfile" valueType="stringList">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/script/r7fs7g27h3a01cfc.ld}&quot;"/>
+								</option>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver.1202564780" name="GNU Arm Cross Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash.2052339625" name="GNU Arm Cross Create Flash Image" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createflash.choice.691007095" name="Output file format (-O)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createflash.choice" value="ilg.gnuarmeclipse.managedbuild.cross.option.createflash.choice.srec" valueType="enumerated"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting.1761304036" name="GNU Arm Cross Create Listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.source.1807779323" name="Display source (--source|-S)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.source" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.allheaders.2026083860" name="Display all headers (--all-headers|-x)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.allheaders" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.demangle.229201836" name="Demangle names (--demangle|-C)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.demangle" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.linenumbers.622033935" name="Display line numbers (--line-numbers|-l)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.linenumbers" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.wide.870743635" name="Wide lines (--wide|-w)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.wide" value="true" valueType="boolean"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize.1313534041" name="GNU Arm Cross Print Size" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.printsize.format.170973766" name="Size format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.printsize.format"/>
+							</tool>
+						</toolChain>
+					</folderInfo>
+				</configuration>
+			</storageModule>
+			<storageModule moduleId="org.eclipse.cdt.core.externalSettings"/>
+			<storageModule moduleId="com.renesas.cdt.managedbuild.core.toolchainInfo"/>
+		</cconfiguration>
+	</storageModule>
+	<storageModule moduleId="cdtBuildSystem" version="4.0.0">
+		<project id="wolfcrpt_test.com.renesas.cdt.managedbuild.gnuarm.target.elf.887419563" name="Executable" projectType="com.renesas.cdt.managedbuild.gnuarm.target.elf"/>
+	</storageModule>
+	<storageModule moduleId="scannerConfiguration">
+		<autodiscovery enabled="true" problemReportingEnabled="true" selectedProfileId=""/>
+		<scannerConfigBuildInfo instanceId="com.renesas.cdt.managedbuild.gnuarm.config.elf.debug.428777857;com.renesas.cdt.managedbuild.gnuarm.config.elf.debug.428777857.;ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.1203271430;ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1239251688">
+			<autodiscovery enabled="true" problemReportingEnabled="true" selectedProfileId=""/>
+		</scannerConfigBuildInfo>
+		<scannerConfigBuildInfo instanceId="com.renesas.cdt.managedbuild.gnuarm.config.elf.release.283004201;com.renesas.cdt.managedbuild.gnuarm.config.elf.release.283004201.;ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.557996161;ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1209803555">
+			<autodiscovery enabled="true" problemReportingEnabled="true" selectedProfileId=""/>
+		</scannerConfigBuildInfo>
+	</storageModule>
+	<storageModule moduleId="org.eclipse.cdt.core.LanguageSettingsProviders"/>
+	<storageModule moduleId="refreshScope"/>
+	<storageModule moduleId="org.eclipse.cdt.make.core.buildtargets"/>
+</cproject>

IDE/Renesas/e2studio/SK-S7G2/wolfcrypt_test/.project

@@ -0,0 +1,34 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+	<name>wolfcrpt_test</name>
+	<comment></comment>
+	<projects>
+	</projects>
+	<buildSpec>
+		<buildCommand>
+			<name>org.eclipse.cdt.managedbuilder.core.genmakebuilder</name>
+			<triggers>clean,full,incremental,</triggers>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.cdt.managedbuilder.core.ScannerConfigBuilder</name>
+			<triggers>full,incremental,</triggers>
+			<arguments>
+			</arguments>
+		</buildCommand>
+	</buildSpec>
+	<natures>
+		<nature>org.eclipse.cdt.core.cnature</nature>
+		<nature>com.renesas.cdt.synergy.contentgen.synergyExecutableNature</nature>
+		<nature>org.eclipse.cdt.managedbuilder.core.managedBuildNature</nature>
+		<nature>org.eclipse.cdt.managedbuilder.core.ScannerConfigNature</nature>
+	</natures>
+	<linkedResources>
+		<link>
+			<name>src/test.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/test/test.c</locationURI>
+		</link>
+	</linkedResources>
+</projectDescription>

IDE/Renesas/e2studio/SK-S7G2/wolfssl_lib/.cproject

@@ -0,0 +1,341 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<?fileVersion 4.0.0?><cproject storage_type_id="org.eclipse.cdt.core.XmlProjectDescriptionStorage">
+	<storageModule moduleId="org.eclipse.cdt.core.settings">
+		<cconfiguration id="com.renesas.cdt.managedbuild.gnuarm.config.lib.debug.1242078064">
+			<storageModule buildSystemId="org.eclipse.cdt.managedbuilder.core.configurationDataProvider" id="com.renesas.cdt.managedbuild.gnuarm.config.lib.debug.1242078064" moduleId="org.eclipse.cdt.core.settings" name="Debug">
+				<externalSettings>
+					<externalSetting>
+						<entry flags="VALUE_WORKSPACE_PATH" kind="includePath" name="/wolfssl_SKS7G2"/>
+						<entry flags="VALUE_WORKSPACE_PATH" kind="libraryPath" name="/wolfssl_SKS7G2/Debug"/>
+						<entry flags="RESOLVED" kind="libraryFile" name="wolfssl_SKS7G2" srcPrefixMapping="" srcRootPath=""/>
+					</externalSetting>
+				</externalSettings>
+				<extensions>
+					<extension id="org.eclipse.cdt.core.GNU_ELF" point="org.eclipse.cdt.core.BinaryParser"/>
+					<extension id="org.eclipse.cdt.core.GASErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GmakeErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GLDErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.CWDLocator" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GCCErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+				</extensions>
+			</storageModule>
+			<storageModule moduleId="cdtBuildSystem" version="4.0.0">
+				<configuration artifactExtension="a" artifactName="${ProjName}" buildArtefactType="org.eclipse.cdt.build.core.buildArtefactType.staticLib" buildProperties="org.eclipse.cdt.build.core.buildArtefactType=org.eclipse.cdt.build.core.buildArtefactType.staticLib,org.eclipse.cdt.build.core.buildType=org.eclipse.cdt.build.core.buildType.debug" cleanCommand="${cross_rm} -rf" description="" id="com.renesas.cdt.managedbuild.gnuarm.config.lib.debug.1242078064" name="Debug" parent="com.renesas.cdt.managedbuild.gnuarm.config.lib.debug">
+					<folderInfo id="com.renesas.cdt.managedbuild.gnuarm.config.lib.debug.1242078064." name="/" resourcePath="">
+						<toolChain id="com.renesas.cdt.managedbuild.gnuarm.toolchain.lib.debug.1511742653" name="GCC ARM Embedded" superClass="com.renesas.cdt.managedbuild.gnuarm.toolchain.lib.debug">
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.100288357" name="Optimization Level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level" value="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.more" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength.1391511037" name="Message length (-fmessage-length=0)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar.1615560434" name="'char' is signed (-fsigned-char)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections.648488677" name="Function sections (-ffunction-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections.435623349" name="Data sections (-fdata-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1361250228" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1983153956" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.190628454" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name" value="GNU Tools for ARM Embedded Processors" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.1636781302" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture" value="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.arm" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.112462958" name="Arm family (-mcpu)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-m4" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.543192194" name="Instruction set" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.thumb" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1114639152" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix" value="arm-none-eabi-" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1344095917" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c" value="gcc" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.490971720" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp" value="g++" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.nostrictaliasing.363954488" name="Disable optimizations based on the type of expressions (-fno-strict-aliasing)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.nostrictaliasing" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.134606409" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar" value="ar" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.288774584" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy" value="objcopy" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.709058754" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump" value="objdump" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.373624898" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size" value="size" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1303737342" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make" value="make" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1145584801" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm" value="rm" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.256255971" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.786834291" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.1144698552" name="FPU Type" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.fpv4spd16" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.750270024" name="Float ABI" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.hard" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.813795085" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.2138119156" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1762699348" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.322278785" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.570175934" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.55044712" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.874589967" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.226170474" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.771997151" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.413748755" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.949747958" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal" value="true" valueType="boolean"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.GNU_ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform.735767044" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+							<builder buildPath="${workspace_loc:/wolfssl_SKS7G2}/Debug" id="com.renesas.cdt.managedbuild.gnuarm.builder.1241238603" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="Gnu Make Builder" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gnuarm.builder"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.1007889329" name="GNU Arm Cross Assembler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor.1004700476" name="Use preprocessor" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor" value="true" valueType="boolean"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs.1904398125" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs" valueType="definedSymbols">
+									<listOptionValue builtIn="false" value="_RENESAS_SYNERGY_"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths.1183659283" name="Include paths (-I)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths" valueType="includePath">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy_cfg/ssp_cfg/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy_cfg/ssp_cfg/driver}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc/bsp/cmsis/Include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc/driver/api}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc/driver/instances}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/synergy_gen}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy_cfg/ssp_cfg/framework/el}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc/framework/el}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/src/framework/el/tx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/src/framework/sf_el_nx/phy}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc/framework/el/nx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/src/framework/el/nx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy_cfg/ssp_cfg/framework}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/src/framework/el/nx/nx_src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/src/framework/el/tx/tx_src}&quot;"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.922313648" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+							</tool>
+							<tool commandLinePattern="${COMMAND} ${cross_toolchain_flags} ${FLAGS} -c ${OUTPUT_FLAG} ${OUTPUT_PREFIX}${OUTPUT} -x c ${INPUTS}" id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.1661654507" name="GNU Arm Cross C Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler">
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs.63889244" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs" useByScannerDiscovery="true" valueType="definedSymbols">
+									<listOptionValue builtIn="false" value="_RENESAS_SYNERGY_"/>
+									<listOptionValue builtIn="false" value="WOLFSSL_USER_SETTINGS"/>
+								</option>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std.2127016367" name="Language standard" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std" useByScannerDiscovery="true" value="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std.c99" valueType="enumerated"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.include.paths.175770968" name="Include paths (-I)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.include.paths" useByScannerDiscovery="true" valueType="includePath">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}}/../../../../..&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}}/../common&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy_cfg/ssp_cfg/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy_cfg/ssp_cfg/driver}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc/bsp/cmsis/Include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc/driver/api}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc/driver/instances}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/synergy_gen}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy_cfg/ssp_cfg/framework/el}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc/framework/el}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/src/framework/el/tx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/src/framework/sf_el_nx/phy}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc/framework/el/nx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/src/framework/el/nx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy_cfg/ssp_cfg/framework}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/src/framework/el/nx/nx_src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/src/framework/el/tx/tx_src}&quot;"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1060597291" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+							</tool>
+							<tool commandLinePattern="${COMMAND} ${cross_toolchain_flags} ${FLAGS} -c ${OUTPUT_FLAG} ${OUTPUT_PREFIX}${OUTPUT} -x c++ ${INPUTS}" id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.1930058598" name="GNU Arm Cross C++ Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.std.194995673" name="Language standard" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.std" useByScannerDiscovery="true" value="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.std.cpp11" valueType="enumerated"/>
+							</tool>
+							<tool commandLinePattern="${COMMAND} ${cross_toolchain_flags} ${FLAGS} ${OUTPUT_FLAG} ${OUTPUT_PREFIX}${OUTPUT} -Wl,--start-group ${INPUTS} -Wl,--end-group" id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.1526974620" name="GNU Arm Cross C Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.gcsections.1263352978" name="Remove unused sections (-Xlinker --gc-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.gcsections" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.other.1322745036" name="Other linker flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.other" value="--specs=rdimon.specs" valueType="string"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.usenewlibnano.1560525269" name="Use newlib-nano (--specs=nano.specs)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.usenewlibnano" value="true" valueType="boolean"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.scriptfile.2141325646" name="Script files (-T)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.scriptfile" valueType="stringList">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/script}/r7fs7g27h3a01cfc.ld&quot;"/>
+								</option>
+							</tool>
+							<tool commandLinePattern="${COMMAND} ${cross_toolchain_flags} ${FLAGS} ${OUTPUT_FLAG} ${OUTPUT_PREFIX}${OUTPUT} -Wl,--start-group ${INPUTS} -Wl,--end-group" id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.404233471" name="GNU Arm Cross C++ Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.gcsections.1453064053" name="Remove unused sections (-Xlinker --gc-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.gcsections" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.other.2088261293" name="Other linker flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.other" value="--specs=rdimon.specs" valueType="string"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.usenewlibnano.943886657" name="Use newlib-nano (--specs=nano.specs)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.usenewlibnano" value="true" valueType="boolean"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.scriptfile.1832477959" name="Script files (-T)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.scriptfile" valueType="stringList">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/script}/r7fs7g27h3a01cfc.ld&quot;"/>
+								</option>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver.881509745" name="GNU Arm Cross Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash.421806192" name="GNU Arm Cross Create Flash Image" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createflash.choice.783788869" name="Output file format (-O)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createflash.choice" value="ilg.gnuarmeclipse.managedbuild.cross.option.createflash.choice.srec" valueType="enumerated"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting.1008360005" name="GNU Arm Cross Create Listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.source.1738348974" name="Display source (--source|-S)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.source" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.allheaders.178386390" name="Display all headers (--all-headers|-x)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.allheaders" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.demangle.1782077509" name="Demangle names (--demangle|-C)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.demangle" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.linenumbers.234787342" name="Display line numbers (--line-numbers|-l)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.linenumbers" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.wide.1977806497" name="Wide lines (--wide|-w)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.wide" value="true" valueType="boolean"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize.1495231332" name="GNU Arm Cross Print Size" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.printsize.format.856673707" name="Size format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.printsize.format"/>
+							</tool>
+						</toolChain>
+					</folderInfo>
+					<sourceEntries>
+						<entry excluding="synergy_gen" flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src"/>
+						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src/synergy_gen"/>
+						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="synergy"/>
+					</sourceEntries>
+				</configuration>
+			</storageModule>
+			<storageModule moduleId="org.eclipse.cdt.core.externalSettings"/>
+			<storageModule moduleId="com.renesas.cdt.managedbuild.core.toolchainInfo"/>
+		</cconfiguration>
+		<cconfiguration id="com.renesas.cdt.managedbuild.gnuarm.config.lib.release.1569961958">
+			<storageModule buildSystemId="org.eclipse.cdt.managedbuilder.core.configurationDataProvider" id="com.renesas.cdt.managedbuild.gnuarm.config.lib.release.1569961958" moduleId="org.eclipse.cdt.core.settings" name="Release">
+				<externalSettings>
+					<externalSetting>
+						<entry flags="VALUE_WORKSPACE_PATH" kind="includePath" name="/wolfssl_SKS7G2"/>
+						<entry flags="VALUE_WORKSPACE_PATH" kind="libraryPath" name="/wolfssl_SKS7G2/Release"/>
+						<entry flags="RESOLVED" kind="libraryFile" name="wolfssl_SKS7G2" srcPrefixMapping="" srcRootPath=""/>
+					</externalSetting>
+				</externalSettings>
+				<extensions>
+					<extension id="org.eclipse.cdt.core.GNU_ELF" point="org.eclipse.cdt.core.BinaryParser"/>
+					<extension id="org.eclipse.cdt.core.GASErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GmakeErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GLDErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.CWDLocator" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GCCErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+				</extensions>
+			</storageModule>
+			<storageModule moduleId="cdtBuildSystem" version="4.0.0">
+				<configuration artifactExtension="a" artifactName="${ProjName}" buildArtefactType="org.eclipse.cdt.build.core.buildArtefactType.staticLib" buildProperties="org.eclipse.cdt.build.core.buildArtefactType=org.eclipse.cdt.build.core.buildArtefactType.staticLib,org.eclipse.cdt.build.core.buildType=org.eclipse.cdt.build.core.buildType.release" cleanCommand="${cross_rm} -rf" description="" id="com.renesas.cdt.managedbuild.gnuarm.config.lib.release.1569961958" name="Release" parent="com.renesas.cdt.managedbuild.gnuarm.config.lib.release">
+					<folderInfo id="com.renesas.cdt.managedbuild.gnuarm.config.lib.release.1569961958." name="/" resourcePath="">
+						<toolChain id="com.renesas.cdt.managedbuild.gnuarm.toolchain.lib.release.663524412" name="GCC ARM Embedded" superClass="com.renesas.cdt.managedbuild.gnuarm.toolchain.lib.release">
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.1386347473" name="Optimization Level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level" value="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.more" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength.381625315" name="Message length (-fmessage-length=0)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar.1268628335" name="'char' is signed (-fsigned-char)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections.1080558852" name="Function sections (-ffunction-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections.1773042216" name="Data sections (-fdata-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1535193485" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1452755448" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.1090224378" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name" value="GNU Tools for ARM Embedded Processors" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.1340890731" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture" value="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.arm" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.390714893" name="Arm family (-mcpu)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-m4" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.1303228098" name="Instruction set" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.thumb" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1309142512" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix" value="arm-none-eabi-" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.421432743" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c" value="gcc" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.986783693" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp" value="g++" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.nostrictaliasing.1690418934" name="Disable optimizations based on the type of expressions (-fno-strict-aliasing)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.nostrictaliasing" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.1254004077" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar" value="ar" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.563982437" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy" value="objcopy" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1379082647" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump" value="objdump" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.721487697" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size" value="size" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1444679733" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make" value="make" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.139932616" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm" value="rm" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.895760049" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.1539576921" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.1792285685" name="FPU Type" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.fpv4spd16" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.1172845636" name="Float ABI" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.hard" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.1446296560" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.1737729467" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.551786619" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.988163390" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.513226400" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1221778222" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1352104813" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.1673743720" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.1420419683" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1493746126" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1264296751" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal" value="true" valueType="boolean"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.GNU_ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform.2010966780" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+							<builder buildPath="${workspace_loc:/wolfssl_SKS7G2}/Release" id="com.renesas.cdt.managedbuild.gnuarm.builder.1019580902" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="Gnu Make Builder" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gnuarm.builder"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.744184833" name="GNU Arm Cross Assembler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor.1965225310" name="Use preprocessor" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor" value="true" valueType="boolean"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs.588413244" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs" valueType="definedSymbols">
+									<listOptionValue builtIn="false" value="_RENESAS_SYNERGY_"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths.267544438" name="Include paths (-I)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths" valueType="includePath">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy_cfg/ssp_cfg/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy_cfg/ssp_cfg/driver}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc/bsp/cmsis/Include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc/driver/api}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc/driver/instances}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/synergy_gen}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy_cfg/ssp_cfg/framework/el}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc/framework/el}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/src/framework/el/tx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/src/framework/sf_el_nx/phy}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc/framework/el/nx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/src/framework/el/nx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy_cfg/ssp_cfg/framework}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/src/framework/el/nx/nx_src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/src/framework/el/tx/tx_src}&quot;"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.1236384676" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+							</tool>
+							<tool commandLinePattern="${COMMAND} ${cross_toolchain_flags} ${FLAGS} -c ${OUTPUT_FLAG} ${OUTPUT_PREFIX}${OUTPUT} -x c ${INPUTS}" id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.1596516700" name="GNU Arm Cross C Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler">
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs.337896479" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs" useByScannerDiscovery="true" valueType="definedSymbols">
+									<listOptionValue builtIn="false" value="_RENESAS_SYNERGY_"/>
+								</option>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std.1350787055" name="Language standard" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std" useByScannerDiscovery="true" value="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std.c99" valueType="enumerated"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.include.paths.599973995" name="Include paths (-I)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.include.paths" useByScannerDiscovery="true" valueType="includePath">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy_cfg/ssp_cfg/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy_cfg/ssp_cfg/driver}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc/bsp/cmsis/Include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc/driver/api}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc/driver/instances}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/synergy_gen}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy_cfg/ssp_cfg/framework/el}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc/framework/el}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/src/framework/el/tx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/src/framework/sf_el_nx/phy}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/inc/framework/el/nx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/src/framework/el/nx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy_cfg/ssp_cfg/framework}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/src/framework/el/nx/nx_src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/synergy/ssp/src/framework/el/tx/tx_src}&quot;"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.528464296" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+							</tool>
+							<tool commandLinePattern="${COMMAND} ${cross_toolchain_flags} ${FLAGS} -c ${OUTPUT_FLAG} ${OUTPUT_PREFIX}${OUTPUT} -x c++ ${INPUTS}" id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.1521059340" name="GNU Arm Cross C++ Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.std.79399729" name="Language standard" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.std" useByScannerDiscovery="true" value="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.std.cpp11" valueType="enumerated"/>
+							</tool>
+							<tool commandLinePattern="${COMMAND} ${cross_toolchain_flags} ${FLAGS} ${OUTPUT_FLAG} ${OUTPUT_PREFIX}${OUTPUT} -Wl,--start-group ${INPUTS} -Wl,--end-group" id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.295071873" name="GNU Arm Cross C Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.gcsections.1224282567" name="Remove unused sections (-Xlinker --gc-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.gcsections" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.other.1495056035" name="Other linker flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.other" value="--specs=rdimon.specs" valueType="string"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.usenewlibnano.1018033198" name="Use newlib-nano (--specs=nano.specs)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.usenewlibnano" value="true" valueType="boolean"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.scriptfile.1812529865" name="Script files (-T)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.scriptfile" valueType="stringList">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/script}/r7fs7g27h3a01cfc.ld&quot;"/>
+								</option>
+							</tool>
+							<tool commandLinePattern="${COMMAND} ${cross_toolchain_flags} ${FLAGS} ${OUTPUT_FLAG} ${OUTPUT_PREFIX}${OUTPUT} -Wl,--start-group ${INPUTS} -Wl,--end-group" id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.1555110188" name="GNU Arm Cross C++ Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.gcsections.1906793996" name="Remove unused sections (-Xlinker --gc-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.gcsections" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.other.1368951783" name="Other linker flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.other" value="--specs=rdimon.specs" valueType="string"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.usenewlibnano.819158536" name="Use newlib-nano (--specs=nano.specs)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.usenewlibnano" value="true" valueType="boolean"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.scriptfile.1260008127" name="Script files (-T)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.scriptfile" valueType="stringList">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/script}/r7fs7g27h3a01cfc.ld&quot;"/>
+								</option>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver.1201806576" name="GNU Arm Cross Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash.1922975494" name="GNU Arm Cross Create Flash Image" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createflash.choice.569586317" name="Output file format (-O)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createflash.choice" value="ilg.gnuarmeclipse.managedbuild.cross.option.createflash.choice.srec" valueType="enumerated"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting.744604101" name="GNU Arm Cross Create Listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.source.308823709" name="Display source (--source|-S)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.source" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.allheaders.1774907574" name="Display all headers (--all-headers|-x)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.allheaders" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.demangle.411684340" name="Demangle names (--demangle|-C)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.demangle" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.linenumbers.724360183" name="Display line numbers (--line-numbers|-l)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.linenumbers" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.wide.2024512590" name="Wide lines (--wide|-w)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.wide" value="true" valueType="boolean"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize.86402338" name="GNU Arm Cross Print Size" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.printsize.format.1243187347" name="Size format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.printsize.format"/>
+							</tool>
+						</toolChain>
+					</folderInfo>
+					<sourceEntries>
+						<entry excluding="synergy_gen" flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src"/>
+						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src/synergy_gen"/>
+						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="synergy"/>
+					</sourceEntries>
+				</configuration>
+			</storageModule>
+			<storageModule moduleId="com.renesas.cdt.managedbuild.core.toolchainInfo"/>
+			<storageModule moduleId="org.eclipse.cdt.core.externalSettings"/>
+		</cconfiguration>
+	</storageModule>
+	<storageModule moduleId="cdtBuildSystem" version="4.0.0">
+		<project id="wolfssl_SKS7G2.com.renesas.cdt.managedbuild.gnuarm.target.lib.786985763" name="Static Library" projectType="com.renesas.cdt.managedbuild.gnuarm.target.lib"/>
+	</storageModule>
+	<storageModule moduleId="scannerConfiguration">
+		<autodiscovery enabled="true" problemReportingEnabled="true" selectedProfileId=""/>
+		<scannerConfigBuildInfo instanceId="com.renesas.cdt.managedbuild.gnuarm.config.lib.debug.1242078064;com.renesas.cdt.managedbuild.gnuarm.config.lib.debug.1242078064.;ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.1661654507;ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1060597291">
+			<autodiscovery enabled="true" problemReportingEnabled="true" selectedProfileId=""/>
+		</scannerConfigBuildInfo>
+		<scannerConfigBuildInfo instanceId="com.renesas.cdt.managedbuild.gnuarm.config.lib.release.1569961958;com.renesas.cdt.managedbuild.gnuarm.config.lib.release.1569961958.;ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.1596516700;ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.528464296">
+			<autodiscovery enabled="true" problemReportingEnabled="true" selectedProfileId=""/>
+		</scannerConfigBuildInfo>
+	</storageModule>
+	<storageModule moduleId="org.eclipse.cdt.core.LanguageSettingsProviders"/>
+	<storageModule moduleId="refreshScope"/>
+	<storageModule moduleId="org.eclipse.cdt.make.core.buildtargets"/>
+</cproject>

IDE/Renesas/e2studio/SK-S7G2/wolfssl_lib/.project

@@ -0,0 +1,579 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+	<name>wolfssl_SKS7G2</name>
+	<comment></comment>
+	<projects>
+	</projects>
+	<buildSpec>
+		<buildCommand>
+			<name>com.renesas.cdt.synergy.contentgen.synergyBuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.cdt.managedbuilder.core.genmakebuilder</name>
+			<triggers>clean,full,incremental,</triggers>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.cdt.managedbuilder.core.ScannerConfigBuilder</name>
+			<triggers>full,incremental,</triggers>
+			<arguments>
+			</arguments>
+		</buildCommand>
+	</buildSpec>
+	<natures>
+		<nature>org.eclipse.cdt.core.cnature</nature>
+		<nature>org.eclipse.cdt.managedbuilder.core.managedBuildNature</nature>
+		<nature>org.eclipse.cdt.managedbuilder.core.ScannerConfigNature</nature>
+		<nature>com.renesas.cdt.synergy.contentgen.synergyNature</nature>
+	</natures>
+	<linkedResources>
+		<link>
+			<name>user_settings.h</name>
+			<type>1</type>
+			<locationURI>PARENT-1-PROJECT_LOC/common/user_settings.h</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/aes.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/aes.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/arc4.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/arc4.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/ascon.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/ascon.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/asm.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/asm.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/asn.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/asn.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/blake2b.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/blake2b.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/blake2s.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/blake2s.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/camellia.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/camellia.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/chacha.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/chacha.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/chacha20_poly1305.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/chacha20_poly1305.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/cmac.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/cmac.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/coding.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/coding.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/compress.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/compress.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/cpuid.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/cpuid.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/cryptocb.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/cryptocb.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/curve25519.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/curve25519.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/curve448.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/curve448.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/des3.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/des3.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/dh.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/dh.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/dilithium.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/dilithium.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/dsa.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/dsa.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/ecc.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/ecc.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/ecc_fp.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/ecc_fp.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/eccsi.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/eccsi.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/ed25519.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/ed25519.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/ed448.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/ed448.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/error.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/error.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/ext_lms.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/ext_lms.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/ext_mlkem.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/ext_mlkem.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/ext_xmss.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/ext_xmss.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/falcon.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/falcon.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/fe_448.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/fe_448.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/fe_low_mem.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/fe_low_mem.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/fe_operations.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/fe_operations.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/ge_448.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/ge_448.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/ge_low_mem.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/ge_low_mem.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/ge_operations.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/ge_operations.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/hash.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/hash.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/hmac.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/hmac.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/hpke.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/hpke.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/integer.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/integer.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/kdf.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/kdf.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/logging.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/logging.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/md2.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/md2.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/md4.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/md4.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/md5.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/md5.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/memory.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/memory.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/pkcs12.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/pkcs12.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/pkcs7.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/pkcs7.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/poly1305.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/poly1305.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/pwdbased.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/pwdbased.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/random.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/random.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/rc2.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/rc2.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/ripemd.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/ripemd.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/rsa.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/rsa.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/sakke.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sakke.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/sha.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sha.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/sha256.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sha256.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/sha3.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sha3.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/sha512.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sha512.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/signature.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/signature.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/siphash.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/siphash.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/sm2.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sm2.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/sm3.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sm3.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/sm4.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sm4.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/sp_arm32.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_arm32.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/sp_arm64.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_arm64.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/sp_armthumb.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_armthumb.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/sp_c32.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_c32.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/sp_c64.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_c64.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/sp_cortexm.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_cortexm.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/sp_dsp32.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_dsp32.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/sp_int.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_int.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/sp_sm2_arm32.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_sm2_arm32.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/sp_sm2_arm64.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_sm2_arm64.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/sp_sm2_armthumb.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_sm2_armthumb.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/sp_sm2_c32.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_sm2_c32.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/sp_sm2_c64.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_sm2_c64.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/sp_sm2_cortexm.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_sm2_cortexm.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/sp_sm2_x86_64.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_sm2_x86_64.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/sp_x86_64.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_x86_64.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/sphincs.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sphincs.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/srp.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/srp.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/tfm.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/tfm.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/wc_dsp.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wc_dsp.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/wc_encrypt.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wc_encrypt.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/wc_lms.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wc_lms.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/wc_lms_impl.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wc_lms_impl.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/wc_mlkem.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wc_mlkem.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/wc_mlkem_poly.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wc_mlkem_poly.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/wc_pkcs11.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wc_pkcs11.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/wc_port.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wc_port.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/wc_xmss.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wc_xmss.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/wc_xmss_impl.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wc_xmss_impl.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/wolfevent.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wolfevent.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfcrypt/wolfmath.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wolfmath.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfssl/crl.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/src/crl.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfssl/dtls.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/src/dtls.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfssl/dtls13.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/src/dtls13.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfssl/internal.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/src/internal.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfssl/keys.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/src/keys.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfssl/ocsp.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/src/ocsp.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfssl/quic.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/src/quic.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfssl/sniffer.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/src/sniffer.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfssl/ssl.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/src/ssl.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfssl/tls.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/src/tls.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfssl/tls13.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/src/tls13.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfssl/wolfio.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/src/wolfio.c</locationURI>
+		</link>
+	</linkedResources>
+</projectDescription>

IDE/WIN-SRTP-KDF-140-3/wolfssl-fips.rc

@@ -51,8 +51,8 @@ END
 //
 
 VS_VERSION_INFO VERSIONINFO
- FILEVERSION 5,8,2,0
- PRODUCTVERSION 5,8,2,0
+ FILEVERSION 5,8,4,0
+ PRODUCTVERSION 5,8,4,0
  FILEFLAGSMASK 0x3fL
 #ifdef _DEBUG
  FILEFLAGS 0x1L
@@ -69,12 +69,12 @@ BEGIN
         BEGIN
             VALUE "CompanyName", "wolfSSL Inc."
             VALUE "FileDescription", "The wolfSSL FIPS embedded SSL library is a lightweight, portable, C-language-based SSL/TLS library targeted at IoT, embedded, and RTOS environments primarily because of its size, speed, and feature set."
-            VALUE "FileVersion", "5.8.2.0"
+            VALUE "FileVersion", "5.8.4.0"
             VALUE "InternalName", "wolfssl-fips"
             VALUE "LegalCopyright", "Copyright (C) 2023"
             VALUE "OriginalFilename", "wolfssl-fips.dll"
             VALUE "ProductName", "wolfSSL FIPS"
-            VALUE "ProductVersion", "5.8.2.0"
+            VALUE "ProductVersion", "5.8.4.0"
         END
     END
     BLOCK "VarFileInfo"

IDE/WIN10/wolfssl-fips.rc

@@ -51,8 +51,8 @@ END
 //
 
 VS_VERSION_INFO VERSIONINFO
- FILEVERSION 5,8,2,0
- PRODUCTVERSION 5,8,2,0
+ FILEVERSION 5,8,4,0
+ PRODUCTVERSION 5,8,4,0
  FILEFLAGSMASK 0x3fL
 #ifdef _DEBUG
  FILEFLAGS 0x1L
@@ -69,12 +69,12 @@ BEGIN
         BEGIN
             VALUE "CompanyName", "wolfSSL Inc."
             VALUE "FileDescription", "The wolfSSL FIPS embedded SSL library is a lightweight, portable, C-language-based SSL/TLS library targeted at IoT, embedded, and RTOS environments primarily because of its size, speed, and feature set."
-            VALUE "FileVersion", "5.8.2.0"
+            VALUE "FileVersion", "5.8.4.0"
             VALUE "InternalName", "wolfssl-fips"
             VALUE "LegalCopyright", "Copyright (C) 2025"
             VALUE "OriginalFilename", "wolfssl-fips.dll"
             VALUE "ProductName", "wolfSSL FIPS"
-            VALUE "ProductVersion", "5.8.2.0"
+            VALUE "ProductVersion", "5.8.4.0"
         END
     END
     BLOCK "VarFileInfo"

IDE/XCODE/Benchmark/wolfBench.xcodeproj/project.pbxproj

@@ -112,7 +112,7 @@
 		9D2E31E3291CE4800082B941 /* dtls.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = dtls.c; path = ../../../src/dtls.c; sourceTree = "<group>"; };
 		9D2E31E6291CE4AC0082B941 /* dtls13.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = dtls13.c; path = ../../../src/dtls13.c; sourceTree = "<group>"; };
 		9D2E31E8291CE5CB0082B941 /* kdf.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = kdf.c; path = ../../../wolfcrypt/src/kdf.c; sourceTree = "<group>"; };
-		A46FE14C2493E8F500A25BE7 /* armv8-chacha-asm.S */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = "armv8-chacha-asm.S"; path = "../../../wolfcrypt/src/port/arm/armv8-chacha-asm.S"; sourceTree = "<group>"; };
+		A46FE14C2493E8F500A25BE7 /* armv8-chacha-asm.S */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.asm; name = "armv8-chacha-asm.S"; path = "../../../wolfcrypt/src/port/arm/armv8-chacha-asm.S"; sourceTree = "<group>"; };
 		A46FE14D2493E8F600A25BE7 /* sp_int.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sp_int.c; path = ../../../wolfcrypt/src/sp_int.c; sourceTree = "<group>"; };
 		A46FE1512493E8F600A25BE7 /* sp_cortexm.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sp_cortexm.c; path = ../../../wolfcrypt/src/sp_cortexm.c; sourceTree = "<group>"; };
 		A46FE1522493E8F600A25BE7 /* blake2s.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = blake2s.c; path = ../../../wolfcrypt/src/blake2s.c; sourceTree = "<group>"; };
@@ -201,10 +201,10 @@
 		A4ADF8CE1FCE0C5500A06E90 /* coding.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = coding.c; path = ../../../wolfcrypt/src/coding.c; sourceTree = "<group>"; };
 		A4ADF8D01FCE0C5500A06E90 /* ge_low_mem.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = ge_low_mem.c; path = ../../../wolfcrypt/src/ge_low_mem.c; sourceTree = "<group>"; };
 		A4DFEC0C1FD4CAA300A7BB33 /* benchmark.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = benchmark.c; path = ../../../wolfcrypt/benchmark/benchmark.c; sourceTree = "<group>"; };
-		A4DFEC0E1FD4CB8500A7BB33 /* armv8-sha256-asm.S */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = "armv8-sha256-asm.S"; path = "../../../wolfcrypt/src/port/arm/armv8-sha256-asm.S"; sourceTree = "<group>"; };
-		A4DFEC0F1FD4CB8500A7BB33 /* armv8-aes-asm.S */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = "armv8-aes-asm.S"; path = "../../../wolfcrypt/src/port/arm/armv8-aes-asm.S"; sourceTree = "<group>"; };
+		A4DFEC0E1FD4CB8500A7BB33 /* armv8-sha256-asm.S */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.asm; name = "armv8-sha256-asm.S"; path = "../../../wolfcrypt/src/port/arm/armv8-sha256-asm.S"; sourceTree = "<group>"; };
+		A4DFEC0F1FD4CB8500A7BB33 /* armv8-aes-asm.S */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.asm; name = "armv8-aes-asm.S"; path = "../../../wolfcrypt/src/port/arm/armv8-aes-asm.S"; sourceTree = "<group>"; };
 		A4DFEC3B1FD6B9CC00A7BB33 /* test.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = test.c; path = ../../../wolfcrypt/test/test.c; sourceTree = "<group>"; };
-		CB81DE1C24C9284700B98DA6 /* armv8-poly1305-asm.S */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = "armv8-poly1305-asm.S"; path = "../../../wolfcrypt/src/port/arm/armv8-poly1305-asm.S"; sourceTree = "<group>"; };
+		CB81DE1C24C9284700B98DA6 /* armv8-poly1305-asm.S */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.asm; name = "armv8-poly1305-asm.S"; path = "../../../wolfcrypt/src/port/arm/armv8-poly1305-asm.S"; sourceTree = "<group>"; };
 		CB81DE1E24C93EC000B98DA6 /* armv8-curve25519.S */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.asm; name = "armv8-curve25519.S"; path = "../../../wolfcrypt/src/port/arm/armv8-curve25519.S"; sourceTree = "<group>"; };
 		CB81DE2224C93FB300B98DA6 /* armv8-sha512-asm.S */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.asm; name = "armv8-sha512-asm.S"; path = "../../../wolfcrypt/src/port/arm/armv8-sha512-asm.S"; sourceTree = "<group>"; };
 /* End PBXFileReference section */

IDE/XCODE/wolfssl.xcodeproj/project.pbxproj

@@ -1069,11 +1069,11 @@
 		700F0C892A2FBE8200755BA7 /* ssl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ssl.h; path = ../../wolfssl/openssl/ssl.h; sourceTree = "<group>"; };
 		700F0C8A2A2FBE8200755BA7 /* rsa.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = rsa.h; path = ../../wolfssl/openssl/rsa.h; sourceTree = "<group>"; };
 		9D01058F291CEA4F00A854D3 /* armv8-sha512-asm.S */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.asm; name = "armv8-sha512-asm.S"; path = "../../wolfcrypt/src/port/arm/armv8-sha512-asm.S"; sourceTree = "<group>"; };
-		9D010591291CEA4F00A854D3 /* armv8-sha256-asm.S */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = "armv8-sha256-asm.S"; path = "../../wolfcrypt/src/port/arm/armv8-sha256-asm.S"; sourceTree = "<group>"; };
-		9D010593291CEA4F00A854D3 /* armv8-poly1305-asm.S */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = "armv8-poly1305-asm.S"; path = "../../wolfcrypt/src/port/arm/armv8-poly1305-asm.S"; sourceTree = "<group>"; };
+		9D010591291CEA4F00A854D3 /* armv8-sha256-asm.S */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.asm; name = "armv8-sha256-asm.S"; path = "../../wolfcrypt/src/port/arm/armv8-sha256-asm.S"; sourceTree = "<group>"; };
+		9D010593291CEA4F00A854D3 /* armv8-poly1305-asm.S */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.asm; name = "armv8-poly1305-asm.S"; path = "../../wolfcrypt/src/port/arm/armv8-poly1305-asm.S"; sourceTree = "<group>"; };
 		9D010595291CEA4F00A854D3 /* armv8-sha3-asm.S */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.asm; name = "armv8-sha3-asm.S"; path = "../../wolfcrypt/src/port/arm/armv8-sha3-asm.S"; sourceTree = "<group>"; };
-		9D010596291CEA4F00A854D3 /* armv8-chacha-asm.S */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = "armv8-chacha-asm.S"; path = "../../wolfcrypt/src/port/arm/armv8-chacha-asm.S"; sourceTree = "<group>"; };
-		9D010598291CEA4F00A854D3 /* armv8-aes-asm.S */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = "armv8-aes-asm.S"; path = "../../wolfcrypt/src/port/arm/armv8-aes-asm.S"; sourceTree = "<group>"; };
+		9D010596291CEA4F00A854D3 /* armv8-chacha-asm.S */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.asm; name = "armv8-chacha-asm.S"; path = "../../wolfcrypt/src/port/arm/armv8-chacha-asm.S"; sourceTree = "<group>"; };
+		9D010598291CEA4F00A854D3 /* armv8-aes-asm.S */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.asm; name = "armv8-aes-asm.S"; path = "../../wolfcrypt/src/port/arm/armv8-aes-asm.S"; sourceTree = "<group>"; };
 		9D010599291CEA4F00A854D3 /* armv8-curve25519.S */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.asm; name = "armv8-curve25519.S"; path = "../../wolfcrypt/src/port/arm/armv8-curve25519.S"; sourceTree = "<group>"; };
 		9D2E31CA291CDF120082B941 /* quic.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = quic.c; path = ../../src/quic.c; sourceTree = "<group>"; };
 		9D2E31CB291CDF120082B941 /* dtls.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = dtls.c; path = ../../src/dtls.c; sourceTree = "<group>"; };

IDE/include.am

@@ -43,6 +43,7 @@ include IDE/Renesas/e2studio/RX65N/GR-ROSE/include.am
 include IDE/Renesas/e2studio/RX65N/RSK/include.am
 include IDE/Renesas/e2studio/RX72N/EnvisionKit/include.am
 include IDE/Renesas/e2studio/RZN2L/include.am
+include IDE/Renesas/e2studio/SK-S7G2/include.am
 include IDE/RISCV/include.am
 include IDE/ROWLEY-CROSSWORKS-ARM/include.am
 include IDE/SimplicityStudio/include.am

LICENSING

@@ -17,6 +17,10 @@ Fetchmail
 
 OpenVPN
 
+SWUpdate
+
+RPCS3
+
 For our users who cannot use wolfSSL under GPLv3, a commercial license to
 wolfSSL and wolfCrypt is available.
 

Makefile.am

@@ -148,6 +148,7 @@ EXTRA_DIST+= valgrind-bash.supp
 EXTRA_DIST+= fips-hash.sh
 EXTRA_DIST+= gencertbuf.pl
 EXTRA_DIST+= README.md
+EXTRA_DIST+= README-async.md
 EXTRA_DIST+= README
 EXTRA_DIST+= ChangeLog.md
 EXTRA_DIST+= LICENSING
@@ -179,6 +180,7 @@ include sslSniffer/sslSnifferTest/include.am
 include debian/include.am
 include rpm/include.am
 include linuxkm/include.am
+include bsdkm/include.am
 include zephyr/include.am
 include RTOS/nuttx/include.am
 
@@ -220,7 +222,7 @@ if BUILD_LINUXKM
         CFLAGS_FPU_DISABLE CFLAGS_FPU_ENABLE CFLAGS_SIMD_DISABLE CFLAGS_SIMD_ENABLE \
         CFLAGS_AUTO_VECTORIZE_DISABLE CFLAGS_AUTO_VECTORIZE_ENABLE \
         ASFLAGS_FPU_DISABLE_SIMD_ENABLE ASFLAGS_FPU_ENABLE_SIMD_DISABLE \
-        ASFLAGS_FPUSIMD_DISABLE ASFLAGS_FPUSIMD_ENABLE ENABLED_LINUXKM_BENCHMARKS
+        ASFLAGS_FPUSIMD_DISABLE ASFLAGS_FPUSIMD_ENABLE ENABLED_KERNEL_BENCHMARKS
 
 module:
 	+$(MAKE) -C linuxkm libwolfssl.ko
@@ -236,6 +238,20 @@ install_module modules_install:
 
 endif
 
+if BUILD_BSDKM
+    SUBDIRS_OPT += bsdkm
+    DIST_SUBDIRS_OPT += bsdkm
+
+.MAKE.EXPORTED = build_triplet host_triplet CC AS LD \
+        KERNEL_ROOT BSDKM_EXPORT_SYMS KERNEL_EXTRA_CFLAGS \
+        EXTRA_CFLAGS EXTRA_CPPFLAGS EXTRA_CCASFLAGS EXTRA_LDFLAGS \
+        AM_CPPFLAGS CPPFLAGS AM_CFLAGS CFLAGS \
+        AM_CCASFLAGS CCASFLAGS \
+        src_libwolfssl_la_OBJECTS ENABLED_CRYPT_TESTS
+
+endif
+
+
 if USE_VALGRIND
 TESTS_ENVIRONMENT=./valgrind-error.sh
 endif

README

@@ -7,8 +7,9 @@ and feature set.  It is commonly used in standard operating environments as well
 because of its royalty-free pricing and excellent cross platform support.
 wolfSSL supports industry standards up to the current TLS 1.3 and DTLS 1.3
 levels, is up to 20 times smaller than OpenSSL, and offers progressive ciphers
-such as ChaCha20, Curve25519, and Blake2b. User benchmarking and feedback
-reports dramatically better performance when using wolfSSL over OpenSSL.
+such as ChaCha20, Curve25519, BLAKE2b/BLAKE2s and Post-Quantum TLS 1.3 groups.
+User benchmarking and feedback reports dramatically better performance when
+using wolfSSL over OpenSSL.
 
 wolfSSL is powered by the wolfCrypt library. Two versions of the wolfCrypt
 cryptography library have been FIPS 140-2 validated (Certificate #2425 and
@@ -75,206 +76,90 @@ should be used for the enum name.
 
 *** end Notes ***
 
-# wolfSSL Release 5.8.2 (July 17, 2025)
+# wolfSSL Release 5.8.4 (Nov. 20, 2025)
 
-Release 5.8.2 has been developed according to wolfSSL's development and QA
+Release 5.8.4 has been developed according to wolfSSL's development and QA
 process (see link below) and successfully passed the quality criteria.
 https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
 
-NOTE: * wolfSSL is now GPLv3 instead of GPLv2
-            * --enable-heapmath is deprecated
+NOTE: * --enable-heapmath is deprecated
             * MD5 is now disabled by default
 
-
 PR stands for Pull Request, and PR <NUMBER> references a GitHub pull request number where the code change was added.
 
 ## Vulnerabilities
-
-* [Low] There is the potential for a fault injection attack on ECC and Ed25519 verify operations. In versions of wolfSSL 5.7.6 and later the --enable-faultharden option is available to help mitigate against potential fault injection attacks. The mitigation added in wolfSSL version 5.7.6 is to help harden applications relying on the results of the verify operations, such as when used with wolfBoot. If doing ECC or Ed25519 verify operations on a device at risk for fault injection attacks then --enable-faultharden could be used to help mitigate it. Thanks to Kevin from Fraunhofer AISEC for the report.
-
-Hardening option added in PR https://github.com/wolfSSL/wolfssl/pull/8289
+* [Low CVE-2025-12888] Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels introduced by compiler optimizations and CPU architecture limitations, specifically with the Xtensa-based ESP32 chips. If targeting Xtensa it is recommended to use the low memory implementations of X25519, which is now turned on as the default for Xtensa. Thanks to Adrian Cinal for the report. Fixed in PR 9275.
 
 
-* [High CVE-2025-7395] When using WOLFSSL_SYS_CA_CERTS and WOLFSSL_APPLE_NATIVE_CERT_VALIDATION on an Apple platform, the native trust store verification routine overrides errors produced elsewhere in the wolfSSL certificate verification process including failures due to hostname matching/SNI, OCSP, CRL, etc. This allows any trusted cert chain to override other errors detected during chain verification that should have resulted in termination of the TLS connection. If building wolfSSL on versions after 5.7.6 and before 5.8.2 with use of the system CA support and the apple native cert validation feature enabled on Apple devices (on by default for non-macOS Apple targets when using autotools or CMake) we recommend updating to the latest version of wolfSSL. Thanks to Thomas Leong from ExpressVPN for the report.
+* [Med. CVE-2025-11936] Potential DoS vulnerability due to a memory leak through multiple KeyShareEntry with the same group in malicious TLS 1.3 ClientHello messages. This affects users who are running wolfSSL on the server side with TLS 1.3. Thanks to Jaehun Lee and Kyungmin Bae, Pohang University of Science and Technology (POSTECH) for the report. Fixed in PR 9117.
 
-Fixed in PR https://github.com/wolfSSL/wolfssl/pull/8833
+* [Low CVE-2025-11935] PSK with PFS (Perfect Forward Secrecy) downgrades to PSK without PFS during TLS 1.3 handshake. If the client sends a ClientHello that has a key share extension and the server responds with a ServerHello that does not have a key share extension the connection would previously continue on without using PFS. Thanks to Jaehun Lee from Pohang University of Science and Technology (POSTECH) for the report. Fixed in PR 9112.
+
+* [Low CVE-2025-11934] Signature Algorithm downgrade from ECDSA P521 to P256 during TLS 1.3 handshake. When a client sends ECDSA P521 as the supported signature algorithm the server previously could respond as ECDSA P256 being the accepted signature algorithm and the connection would continue with using ECDSA P256. Thanks to Jaehun Lee from Pohang University of Science and Technology (POSTECH) for the report. Fixed in PR 9113.
 
 
-* [Med. CVE-2025-7394] In the OpenSSL compatibility layer implementation, the function RAND_poll() was not behaving as expected and leading to the potential for predictable values returned from RAND_bytes() after fork() is called. This can lead to weak or predictable random numbers generated in applications that are both using RAND_bytes() and doing fork() operations. This only affects applications explicitly calling RAND_bytes() after fork() and does not affect any internal TLS operations. Although RAND_bytes() documentation in OpenSSL calls out not being safe for use with fork() without first calling RAND_poll(), an additional code change was also made in wolfSSL to make RAND_bytes() behave similar to OpenSSL after a fork() call without calling RAND_poll(). Now the Hash-DRBG used gets reseeded after detecting running in a new process. If making use of RAND_bytes() and calling fork() we recommend updating to the latest version of wolfSSL. Thanks to Per Allansson from Appgate for the report.
-
-Fixed in the following PR’s
-https://github.com/wolfSSL/wolfssl/pull/8849
-https://github.com/wolfSSL/wolfssl/pull/8867
-https://github.com/wolfSSL/wolfssl/pull/8898
+* [Low CVE-2025-11933] DoS Vulnerability in wolfSSL TLS 1.3 CKS extension parsing. Previously duplicate CKS extensions were not rejected leading to a potential memory leak when processing a ClientHello. Thanks to Jaehun Lee from Pohang University of Science and Technology (POSTECH) for the report. Fixed in PR 9132.
 
 
+* [Low CVE-2025-11931] Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wc_XChaCha20Poly1305_Decrypt() which is not used with TLS connections, only from direct calls from an application. Thanks to Luigino Camastra from Aisle Research for the report. Fixed in PR 9223.
 
-* [Low CVE-2025-7396] In wolfSSL 5.8.0 the option of hardening the C implementation of Curve25519 private key operations was added with the addition of blinding support (https://www.wolfssl.com/curve25519-blinding-support-added-in-wolfssl-5-8-0/). In wolfSSL release 5.8.2 that blinding support is turned on by default in applicable builds. The blinding configure option is only for the base C implementation of Curve25519. It is not needed, or available with; ARM assembly builds, Intel assembly builds, and the small Curve25519 feature. While the attack would be very difficult to execute in practice, enabling blinding provides an additional layer of protection for devices that may be more susceptible to physical access or side-channel observation. Thanks to Arnaud Varillon, Laurent Sauvage, and Allan Delautre from Telecom Paris for the report.
+* [Low CVE-2025-11932] Timing Side-Channel in PSK Binder Verification. The server previously verified the TLS 1.3 PSK binder using a non-constant time method which could potentially leak information about the PSK binder. Thanks to Luigino Camastra from Aisle Research for the report. Fixed in PR 9223.
 
-Blinding enabled by default in PR https://github.com/wolfSSL/wolfssl/pull/8736
+* [Low CVE-2025-12889] With TLS 1.2 connections a client can use any digest, specifically a weaker digest, rather than those in the CertificateRequest. Thanks to Jaehun Lee from Pohang University of Science and Technology (POSTECH) for the report. Fixed in PR 9395
 
+* [Low CVE-2025-13912] When using the Clang compiler, various optimization levels or flags could result in non-constant-time compiled code. Assembly implementations of the functions in wolfSSL were not affected. The report was done specifically with Clang version 18 but there was shown to be similarities in timing variations when using the optimization levels with Clang 14 and Clang 20.
+
+On the following architectures, the expected constant-time functions were found to have potential timing variations when specific compiler flags or optimization levels were used.
+
+AArch64: Using O3, Ofast, or --enable-nontrivial-unswitch with O1/O2 flags leads to possible timing variations with the software implementations of sp_read_radix, sp_div_2_mod_ct, and sp_addmod_ct. Using O3, O2, Ofast, Os, or Oz with --unroll-force-peel-count=50 leads to possible timing variations with wc_AesGcmDecrypt.
+
+RISC-V: TLS HMAC update/final operations, RSA unpad operations, and DH key pair generation with O1, O2, O3, Ofast, Oz, or Os. wc_AesGcmDecrypt and wc_Chacha_Process with O1, O2, O3, Os, or Ofast. Also SP software operations sp_div_2_mod_ct and sp_addmod_ct using O3 or Ofast.
+
+
+X86_64: TLS HMAC update/final operations and TimingVerifyPad used with verifying the TLS MAC with --fast-isel or --x86-cmov-converter-force-all compile flags. RSA unpad operations, ECC mulmod, and wc_Chacha_Process with the --x86-cmov-converter-force-all flag. DH key agreement, sp_div_2_mod_ct and sp_addmod_ct with O1, O2, O3, Os, or Ofast. wc_AesGcmDecrypt with the compiler flags O2, O3, Os, Ofast, Oz --x86-cmov-converter-force-all | --unroll-force-peel-count=50, or O1 --x86-cmov-converter-force-all.
+
+Thanks to Jing Liu, Zhiyuan Zhang, LUCÍA MARTÍNEZ GAVIER, Gilles Barthe, Marcel Böhme from Max Planck Institute for Security and Privacy (MPI-SP) for the report. Fixed in PR 9148.
 
 ## New Features
-* Multiple sessions are now supported in the sniffer due to the removal of a cached check. (PR #8723)
-* New API ssl_RemoveSession() has been implemented for sniffer cleanup operations. (PR #8768)
-* The new ASN X509 API, `wc_GetSubjectPubKeyInfoDerFromCert`, has been introduced for retrieving public key information from certificates. (PR #8758)
-* `wc_PKCS12_create()` has been enhanced to support PBE_AES(256|128)_CBC key and certificate encryptions. (PR #8782, PR #8822, PR #8859)
-* `wc_PKCS7_DecodeEncryptedKeyPackage()` has been added for decoding encrypted key packages. (PR #8976)
-* All AES, SHA, and HMAC functionality has been implemented within the Linux Kernel Module. (PR #8998)
-* Additions to the compatibility layer have been introduced for X.509 extensions and RSA PSS. Adding the API i2d_PrivateKey_bio, BN_ucmp and X509v3_get_ext_by_NID. (PR #8897)
-* Added support for STM32N6. (PR #8914)
-* Implemented SHA-256 for PPC 32 assembly. (PR #8894)
+* New ML-KEM / ML-DSA APIs and seed/import PKCS8 support; added _new/_delete APIs for ML-KEM/ML-DSA. (PR 9039, 9000, 9049)
+* Initial wolfCrypt FreeBSD kernel module support (PR 9392)
+* Expanded PKCS7/CMS capabilities: decode SymmetricKeyPackage / OneSymmetricKey, add wc_PKCS7_GetEnvelopedDataKariRid, and allow PKCS7 builds with AES keywrap unset. (PR 9018, 9029, 9032)
+* Add custom AES key wrap/unwrap callbacks and crypto callback copy/free operations. (PR 9002, 9309)
+* Add support for certificate_authorities extension in ClientHello and certificate manager CA-type selection/unloading. (PR 9209, 9046)
+* Large expansion of Rust wrapper modules: random, aes, rsa, ecc, dh, sha, hmac, cmac, ed25519/ed448, pbkdf2/PKCS#12, kdf/prf, SRTP KDFs, and conditional compilation options. (PR 9191, 9212, 9273, 9306, 9320, 9328, 9368, 9389, 9357, 9433)
+* Rust: support optional heap and dev_id parameters and enable conditional compilation based on C build options. (PR 9407, 9433)
+* STM32 fixes (benchmarking and platform fixes) and PSoC6 hardware acceleration additions. (PR 9228, 9256, 9185)
+* STM32U5 added support for SAES and DHUK. (PR 9087)
+* Add --enable-curl=tiny option for a smaller build when used with cURL. (PR 9174)
 
 ## Improvements / Optimizations
-
-### Linux Kernel Module (LinuxKM) Enhancements
-* Registered DH and FFDHE for the Linux Kernel Module. (PR #8707)
-* Implemented fixes for standard RNG in the Linux Kernel Module. (PR #8718)
-* Added an ECDSA workaround for the Linux Kernel Module. (PR #8727)
-* Added more PKCS1 pad SHA variants for RSA in the Linux Kernel Module. (PR #8730)
-* Set default priority to 100000 for LKCAPI in the Linux Kernel Module. (PR #8740)
-* Ensured ECDH never has FIPS enabled in the Linux Kernel Module. (PR #8751)
-* Implemented further Linux Kernel Module and SP tweaks. (PR #8773)
-* Added sig_alg support for Linux 6.13 RSA in the Linux Kernel Module. (PR #8796)
-* Optimized wc_linuxkm_fpu_state_assoc. (PR #8828)
-* Ensured DRBG is multithread-round-1 in the Linux Kernel Module. (PR #8840)
-* Prevented toggling of fips_enabled in the Linux Kernel Module. (PR #8873)
-* Refactored drbg_ctx clear in the Linux Kernel Module. (PR #8876)
-* Set sig_alg max_size and digest_size callbacks for RSA in the Linux Kernel Module. (PR #8915)
-* Added get_random_bytes for the Linux Kernel Module. (PR #8943)
-* Implemented distro fix for the Linux Kernel Module. (PR #8994)
-* Fixed page-flags-h in the Linux Kernel Module. (PR #9001)
-* Added MODULE_LICENSE for the Linux Kernel Module. (PR #9005)
-
-### Post-Quantum Cryptography (PQC) & Asymmetric Algorithms
-* Kyber has been updated to the MLKEM ARM file for Zephyr (PR #8781)
-* Backward compatibility has been implemented for ML_KEM IDs (PR #8827)
-* ASN.1 is now ensured to be enabled when only building PQ algorithms (PR #8884)
-* Building LMS with verify-only has been fixed (PR #8913)
-* Parameters for LMS SHA-256_192 have been corrected (PR #8912)
-* State can now be saved with the private key for LMS (PR #8836)
-* Support for OpenSSL format has been added for ML-DSA/Dilithium (PR #8947)
-* `dilithium_coeff_eta2[]` has been explicitly declared as signed (PR #8955)
-
-### Build System & Portability
-* Prepared for the inclusion of v5.8.0 in the Ada Alire index. (PR #8714)
-* Introduced a new build option to allow reuse of the Windows crypt provider handle. (PR #8706)
-* Introduced general fixes for various build configurations. (PR #8763)
-* Made improvements for portability using older GCC 4.8.2. (PR #8753)
-* Macro guards updated to allow tests to build with opensslall and no server. (PR #8776)
-* Added a check for STDC_NO_ATOMICS macro before use of atomics. (PR #8885)
-* Introduced CMakePresets.json and CMakeSettings.json. (PR #8905)
-* Added an option to not use constant time code with min/max. (PR #8830)
-* Implemented proper MacOS dispatch for conditional signal/wait. (PR #8928)
-* Disabled MD5 by default for both general and CMake builds. (PR #8895, PR #8948)
-* Improved to allow building OPENSSL_EXTRA without KEEP_PEER_CERT. (PR #8926)
-* Added introspection for Intel and ARM assembly speedups. (PR #8954)
-* Fixed cURL config to set HAVE_EX_DATA and HAVE_ALPN. (PR #8973)
-* Moved FREESCALE forced algorithm HAVE_ECC to IDE/MQX/user_settings.h. (PR #8977)
-
-### Testing & Debugging
-* Fixed the exit status for testwolfcrypt. (PR #8762)
-* Added WOLFSSL_DEBUG_PRINTF and WOLFSSL_DEBUG_CERTIFICATE_LOADS for improved debugging output. (PR #8769, PR #8770)
-* Guarded some benchmark tests with NO_SW_BENCH. (PR #8760)
-* Added an additional unit test for wolfcrypt PKCS12 file to improve code coverage. (PR #8831)
-* Added an additional unit test for increased DH code coverage. (PR #8837)
-* Adjusted for warnings with NO_TLS build and added GitHub actions test. (PR #8851)
-* Added additional compatibility layer RAND tests. (PR #8852)
-* Added an API unit test for checking domain name. (PR #8863)
-* Added bind v9.18.33 testing. (PR #8888)
-* Fixed issue with benchmark help options and descriptions not lining up. (PR #8957)
-
-### Certificates & ASN.1
-* Changed the algorithm for sum in ASN.1 OIDs. (PR #8655)
-* Updated PKCS7 to use X509 STORE for internal verification. (PR #8748)
-* Improved handling of temporary buffer size for X509 extension printing. (PR #8710)
-* Marked IP address as WOLFSSL_V_ASN1_OCTET_STRING for ALT_NAMES_OID. (PR #8842)
-* Fixed printing empty names in certificates. (PR #8880)
-* Allowed CA:FALSE on wolftpm. (PR #8925)
-* Fixed several inconsistent function prototype parameter names in wc/asn. (PR #8949)
-* Accounted for custom extensions when creating a Cert from a WOLFSSL_X509. (PR #8960)
-
-### TLS/DTLS & Handshake
-* Checked group correctness outside of TLS 1.3 too for TLSX_UseSupportedCurve. (PR #8785)
-* Dropped records that span datagrams in DTLS. (PR #8642)
-* Implemented WC_NID_netscape_cert_type. (PR #8800)
-* Refactored GetHandshakeHeader/GetHandShakeHeader into one function. (PR #8787)
-* Correctly set the current peer in dtlsProcessPendingPeer. (PR #8848)
-* Fixed set_groups for TLS. (PR #8824)
-* Allowed trusted_ca_keys with TLSv1.3. (PR #8860)
-* Moved Dtls13NewEpoch into DeriveTls13Keys. (PR #8858)
-* Cleared tls1_3 on downgrade. (PR #8861)
-* Always sent ACKs on detected retransmission for DTLS1.3. (PR #8882)
-* Removed DTLS from echo examples. (PR #8889)
-* Recalculated suites at SSL initialization. (PR #8757)
-* No longer using BIO for ALPN. (PR #8969)
-* Fixed wolfSSL_BIO_new_connect's handling of IPV6 addresses. (PR #8815)
-* Memory Management & Optimizations
-* Performed small stack refactors, improved stack size with mlkem and dilithium, and added additional tests. (PR #8779)
-* Implemented FREE_MP_INT_SIZE in heap math. (PR #8881)
-* Detected correct MAX_ENCODED_SIG_SZ based on max support in math lib. (PR #8931)
-* Fixed improper access of sp_int_minimal using sp_int. (PR #8985)
-
-### Cryptography & Hash Functions
-* Implemented WC_SIPHASH_NO_ASM for not using assembly optimizations with siphash. (PR #8789, PR #8791)
-* Added missing DH_MAX_SIZE define for FIPS and corrected wolfssl.rc FILETYPE to VFT_DLL. (PR #8794)
-* Implemented WC_SHA3_NO_ASM for not using assembly with SHA3. (PR #8817)
-* Improved Aarch64 XFENCE. (PR #8832)
-* Omitted frame pointer for ARM32/Thumb2/RISC-V 64 assembly. (PR #8893)
-* Fixed branch instruction in ARMv7a ASM. (PR #8933)
-* Enabled EVP HMAC to work with WOLFSSL_HMAC_COPY_HASH. (PR #8944)
-* Platform-Specific & Hardware Integration
-* Added HAVE_HKDF for wolfssl_test and explicit support for ESP32P4. (PR #8742)
-* Corrected Espressif default time setting. (PR #8829)
-* Made wc_tsip_* APIs public. (PR #8717)
-* Improved PlatformIO Certificate Bundle Support. (PR #8847)
-* Fixed the TSIP TLS example program. (PR #8857)
-* Added crypto callback functions for TROPIC01 secure element. (PR #8812)
-* Added Renesas RX TSIP AES CTR support. (PR #8854)
-* Fixed TSIP port using crypto callback. (PR #8937)
-
-### General Improvements & Refactoring
-* Attempted wolfssl_read_bio_file in read_bio even when XFSEEK is available. (PR #8703)
-* Refactored GetHandshakeHeader/GetHandShakeHeader into one function. (PR #8787)
-* Updated libspdm from 3.3.0 to 3.7.0. (PR #8906)
-* Fixed missing dashes on the end of header and footer for Falcon PEM key. (PR #8904)
-* Fixed minor code typos for macos signal and types.h max block size. (PR #8934)
-* Make the API wolfSSL_X509_STORE_CTX_get_error accessible to more build configurations for ease of getting the "store" error code and depth with certificate failure callback implementations. (PR #8903)
+* Regression test fixes and expansion: TLS 1.3/1.2 tests, ARDUINO examples, libssh2 tests, hostap workflows, and nightly test improvements. (PR 9096, 9141, 9091, 9122, 9388)
+* Improved test ordering and CI test stability (random tests run order changes, FIPS test fixes). (PR 9204, 9257)
+* Docs and readme fixes, docstring updates, AsconAEAD comment placement, and example certificate renewals. (PR 9131, 9293, 9262, 9429)
+* Updated GPL exception lists (GPLv2 and GPLv3 exception updates: add Fetchmail and OpenVPN). (PR 9398, 9413)
+* Introduced WOLFSSL_DEBUG_CERTS and additional debug/logging refinements. (PR 8902, 9055)
+* Expanded crypto-callback support (SHA family, HKDF, SHA-224, sha512_family digest selection) and improved crypto-only build cases. (PR 9070, 9252, 9271, 9100, 9194)
+* AES & HW offload improvements including AES-CTR support in PKCS11 driver and AES ECB offload sizing fix. (PR 9277, 9364)
+* ESP32: PSRAM allocator support and SHA HW fixes for ESP-IDF v6/v5. (PR 8987, 9225, 9264)
+* Renesas FSP / RA examples updated and security-module TLS context improvements. (PR 9047, 9010, 9158, 9150)
+* Broad configure/CMake/Autotools workflow improvements (Apple options tracking, Watcom pinning, Debian packaging, ESP-IDF pinning). (PR 9037, 9167, 9161, 9264)
+* New assembly introspection / performance helpers for RISC-V and PPC32; benchmarking enhancements (cycle counts). (PR 9101, 9317)
+* Update to SGX build for using assembly optimizations. (PR 8463, 9138)
+* Testing with Fil-C compiler version to 0.674 (PR 9396)
+* Refactors and compressing of small stack code (PR 9153)
 
 ## Bug Fixes
-* Fixed issues to support _WIN32_WCE (VS 2008 with WinCE 6.0/7.0). (PR #8709)
-* Fixed STM32 Hash with IRQ enabled. (PR #8705)
-* Fixed raw hash when using crypto instructions on RISC-V 64-bit. (PR #8733)
-* Fixed ECDH decode secret in the Linux Kernel Module. (PR #8729)
-* Passed in the correct hash type to wolfSSL_RSA_verify_ex. (PR #8726)
-* Fixed issues for Intel QuickAssist latest driver (4.28). (PR #8728)
-* Speculative fix for CodeSonar overflow issue in ssl_certman.c. (PR #8715)
-* Fixed Arduino progmem print and AVR WOLFSSL_USER_IO. (PR #8668)
-* Correctly advanced the index in wc_HKDF_Expand_ex. (PR #8737)
-* Fixed STM32 hash status check logic, including NO_AES_192 and NO_AES_256. (PR #8732)
-* Added missing call to wolfSSL_RefFree in FreeCRL to prevent memory leaks. (PR #8750)
-* Fixed sanity check on --group with unit test app and null sanity check with des decrypt. (PR #8711)
-* Fixed Curve25519 and static ephemeral issue with blinding. (PR #8766)
-* Fixed edge case issue with STM32 AES GCM auth padding. (PR #8745)
-* Removed redefinition of MlKemKey and fixed build issue in benchmark. (PR #8755)
-* Used proper heap hint when freeing CRL in error case. (PR #8713)
-* Added support for no malloc with wc_CheckCertSigPubKey. (PR #8725)
-* Fixed C# wrapper Release build. (PR #8802)
-* Handled malformed CCS and CCS before CH in TLS1.3. (PR #8788)
-* Fixed ML-DSA with WOLFSSL_DILITHIUM_NO_SIGN. (PR #8798)
-* Fixed AesGcmCrypt_1 no-stream in the Linux Kernel Module. (PR #8814)
-* Fixed return value usage for crypto_sig_sign in the Linux Kernel Module. (PR #8816)
-* Fixed issue with CSharp and Windows CE with conversion of ASCII and Unicode. (PR #8799)
-* Fixed Renesas SCE on RA6M4. (PR #8838)
-* Fixed tests for different configs for ML-DSA. (PR #8865)
-* Fixed bug in ParseCRL_Extensions around the size of a CRL number handled and CRL number OID. (PR #8587)
-* Fixed uninitialized wc_FreeRng in prime_test. (PR #8886)
-* Fixed ECC configuration issues with ECC verify only and no RNG. (PR #8901)
-* Fixed issues with max size, openssl.test netcat, and clang-tidy. (PR #8909)
-* Fixed for casting down and uninit issues in Dilithium/ML-DSA. (PR #8868)
-* Fixed memory allocation failure testing and related unit test cases. (PR #8945, PR #8952)
-* Fixed build issue with ML-DSA 44 only. (PR #8981)
-* Fixed possible memory leak with X509 reference counter when using x509small. (PR #8982)
+* Removed the test feature using popen when defining the macro WOLFSSL_USE_POPEN_HOST and not having HAVE_GETADDRINFO defined, along with having the macro HAVE_HTTP_CLIENT set. There was the potential for vulnerable behavior with the use of popen when the API wolfSSL_BIO_new_connect() was called with this specific build. This exact build configuration is only intended for testing with QEMU and is not enabled with any autoconf/cmake flags. Thanks to linraymond2006 for the report. (PR 9038)
+* Fix for C# wrapper Ed25519 potential crash and heap overwrite with raw public key import when using the API Ed25519ImportPublic.This was a broken API with the C# wrapper that would crash on use. Thanks to Luigino Camastra from Aisle Research for the bug report. (PR 9291)
+* Coverity, cppcheck, MISRA, clang-tidy, ZeroPath and other static-analysis driven fixes across the codebase. (PR 9006, 9078, 9068, 9265, 9324)
+* TLS 1.2/DTLS improvements: client message order checks, DTLS cookie/exchange and replay protections, better DTLS early-data handling. (PR 9387, 9253, 9205, 9367)
+* Improved X.509 & cert handling: allow larger pathLen in Basic Constraints, restore inner server name for ECH, retrying cert candidate chains. (PR 8890, 9234, 8692)
+* Sniffer robustness: fix infinite recursion, better handling of OOO appData and partial overlaps, and improved retransmission detection. (PR 9051, 9106, 9140, 9094)
+* Numerous linuxkm (kernel-mode) fixes, relocation/PIE normalization, and FIPS-related build tweaks across many iterations. (PR 9025, 9035, 9067, 9111, 9121)
+* ML-KEM/Kyber and ML-DSA fixes for out-of-bounds and seed-import correctness; multiple ML-related safety fixes. (PR 9142, 9105, 9439)
+* Avoid uninitialized-variable and GCC warnings; several fixes for undefined-shift/overflow issues. (PR 9020, 9372, 9195)
+* Memory & leak fixes in X509 verification and various struct sizing fixes for WOLFSSL_NO_MALLOC usage. (PR 9258, 9036)
+* Fixed RSA / signing / verify-only warnings allowing WOLFSSL_NO_CT_OPS when WOLFSSL_RSA_VERIFY_ONLY is used and API cleanups for using const. (PR 9031, 9263)
 
 For additional vulnerability information visit the vulnerability page at:
 https://www.wolfssl.com/docs/security-vulnerabilities/

README-async.md

@@ -0,0 +1,558 @@
+# wolfSSL / wolfCrypt Asynchronous Support
+
+The asynchronous code was previously maintained at https://github.com/wolfSSL/wolfAsyncCrypt but was integrated into wolfSSL proper starting with release v5.8.4.
+
+This feature is enabled using:
+`./configure --enable-asynccrypt` or `#define WOLFSSL_ASYNC_CRYPT`.
+
+If async crypto is enabled but no hardware backend is enabled or if `WOLFSSL_ASYNC_CRYPT_SW` is defined, a software backend using wolfCrypt is used instead. This software backend can simulate periodic hardware delays using the macro `WOLF_ASYNC_SW_SKIP_MOD`, which is on by default if `DEBUG_WOLFSSL` is defined.
+
+## Design
+
+Each crypto algorithm has its own `WC_ASYNC_DEV` structure, which contains a `WOLF_EVENT`, local crypto context and local hardware context.
+
+For SSL/TLS the `WOLF_EVENT` context is the `WOLFSSL*` and the type is `WOLF_EVENT_TYPE_ASYNC_WOLFSSL`. For wolfCrypt operations the `WOLF_EVENT` context is the `WC_ASYNC_DEV*` and the type is `WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT`.
+
+A generic event system has been created using a `WOLF_EVENT` structure when `HAVE_WOLF_EVENT` is defined. The event structure resides in the `WC_ASYNC_DEV`.
+
+The asynchronous crypto system is modeled after epoll. The implementation uses `wolfSSL_AsyncPoll` or `wolfSSL_CTX_AsyncPoll` to check if any async operations are complete.
+
+## Hardware Backends
+
+Supported hardware backends:
+
+* Intel QuickAssist with QAT 1.6 or QAT 1.7 driver. See README.md in `wolfcrypt/src/port/intel/README.md`.
+* Cavium Nitrox III and V. See README.md in `wolfcrypt/src/port/cavium/README.md`.
+
+## wolfCrypt Backend
+
+The wolfCrypt backend uses the same API as the hardware backends do. Once an asynchronous operation is initiated with the software backend, subsequent calls to `wolfSSL_AsyncPoll` will call into wolfCrypt to complete the operation. If non-blocking is enabled, for example, for ECC (via `WC_ECC_NONBLOCK`), each `wolfSSL_AsyncPoll` will do a chunk of work for the operation and return, to minimize blocking time.
+
+## API's
+
+### ```wolfSSL_AsyncPoll```
+```
+int wolfSSL_AsyncPoll(WOLFSSL* ssl, WOLF_EVENT_FLAG flags);
+```
+
+Polls the provided WOLFSSL object's reference to the WOLFSSL_CTX's event queue to see if any operations outstanding for the WOLFSSL object are done. Return the completed event count on success.
+
+### ```wolfSSL_CTX_AsyncPoll```
+```
+int wolfSSL_CTX_AsyncPoll(WOLFSSL_CTX* ctx, WOLF_EVENT** events, int maxEvents, WOLF_EVENT_FLAG flags, int* eventCount)
+```
+
+Polls the provided WOLFSSL_CTX context event queue to see if any pending events are done. If the `events` argument is provided then a pointer to the `WOLF_EVENT` will be returned up to `maxEvents`. If `eventCount` is provided then the number of events populated will be returned. The `flags` allows for `WOLF_POLL_FLAG_CHECK_HW` to indicate if the crypto backend (i.e. hardware or wolfCrypt, if the software implementation is being used) should be polled again or just return more events.
+
+### ```wolfAsync_DevOpen```
+```
+int wolfAsync_DevOpen(int *devId);
+```
+
+Open the async device and returns an `int` device id for it.
+
+### ```wolfAsync_DevOpenThread```
+```
+int wolfAsync_DevOpenThread(int *devId, void* threadId);
+```
+Opens the async device for a specific thread. A crypto instance is assigned and thread affinity set.
+
+### ```wolfAsync_DevClose```
+```
+void wolfAsync_DevClose(int *devId)
+```
+
+Closes the async device.
+
+### ```wolfAsync_DevCopy```
+```
+int wolfAsync_DevCopy(WC_ASYNC_DEV* src, WC_ASYNC_DEV* dst);
+```
+
+Copy async device memory safe (not pointers to old device).
+
+### ```wolfAsync_DevCtxInit```
+```
+int wolfAsync_DevCtxInit(WC_ASYNC_DEV* asyncDev, word32 marker, void* heap, int devId);
+```
+
+Initialize the device context and open the device hardware using the provided `WC_ASYNC_DEV ` pointer, marker and device id (from wolfAsync_DevOpen).
+
+### ```wolfAsync_DevCtxFree```
+```
+void wolfAsync_DevCtxFree(WC_ASYNC_DEV* asyncDev);
+```
+
+Closes and free's the device context.
+
+
+### ```wolfAsync_EventInit```
+```
+int wolfAsync_EventInit(WOLF_EVENT* event, enum WOLF_EVENT_TYPE type, void* context, word32 flags);
+```
+
+Initialize an event structure with provided type and context. Sets the pending flag and the status code to `WC_PENDING_E`. Current flag options are `WC_ASYNC_FLAG_NONE` and `WC_ASYNC_FLAG_CALL_AGAIN` (indicates crypto needs called again after WC_PENDING_E).
+
+### ```wolfAsync_EventWait ```
+```
+int wolfAsync_EventWait(WOLF_EVENT* event);
+```
+
+Waits for the provided event to complete.
+
+### ```wolfAsync_EventPoll```
+```
+int wolfAsync_EventPoll(WOLF_EVENT* event, WOLF_EVENT_FLAG event_flags);
+```
+
+Polls the provided event to determine if its done.
+
+### ```wolfAsync_EventPop ```
+
+```
+int wolfAsync_EventPop(WOLF_EVENT* event, enum WOLF_EVENT_TYPE event_type);
+```
+
+This will check the event to see if the event type matches and the event is complete. If it is then the async return code is returned. If not then `WC_NOT_PENDING_E` is returned.
+
+
+### ```wolfAsync_EventQueuePush```
+```
+int wolfAsync_EventQueuePush(WOLF_EVENT_QUEUE* queue, WOLF_EVENT* event);
+```
+
+Pushes an event to the provided event queue and assigns the provided event.
+
+### ```wolfAsync_EventQueuePoll```
+```
+int wolfAsync_EventQueuePoll(WOLF_EVENT_QUEUE* queue, void* context_filter,
+    WOLF_EVENT** events, int maxEvents, WOLF_EVENT_FLAG event_flags, int* eventCount);
+```
+
+Polls all events in the provided event queue. Optionally filters by context. Will return pointers to the done events.
+
+### ```wc_AsyncHandle```
+```
+int wc_AsyncHandle(WC_ASYNC_DEV* asyncDev, WOLF_EVENT_QUEUE* queue, word32 flags);
+```
+
+This will push the event inside asyncDev into the provided queue.
+
+### ```wc_AsyncWait```
+```
+int wc_AsyncWait(int ret, WC_ASYNC_DEV* asyncDev, word32 flags);
+```
+
+This will wait until the provided asyncDev is done (or error).
+
+### ```wolfAsync_HardwareStart```
+```
+int wolfAsync_HardwareStart(void);
+```
+
+If using multiple threads this allows a way to start the hardware before using `wolfAsync_DevOpen` to ensure the memory system is setup. Ensure that `wolfAsync_HardwareStop` is called on exit. Internally there is a start/stop counter, so this can be called multiple times, but stop must also be called the same number of times to shutdown the hardware.
+
+### ```wolfAsync_HardwareStop```
+```
+void wolfAsync_HardwareStop(void);
+```
+
+Stops hardware if internal `--start_count == 0`.
+
+## Examples
+
+### TLS Server Example
+
+```c
+int devId = INVALID_DEVID;
+
+ret = wolfAsync_DevOpen(&devId);
+if (ret != 0) {
+    err_sys("Async device open failed");
+}
+wolfSSL_CTX_SetDevId(ctx, devId);
+
+do {
+    err = 0; /* reset error */
+    ret = wolfSSL_accept(ssl, msg, msgSz, &msgSz);
+    if (ret <= 0) {
+        err = wolfSSL_get_error(ssl, 0);
+        if (err == WC_PENDING_E) {
+            ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
+            if (ret < 0) break;
+        }
+    }
+} while (err == WC_PENDING_E);
+if (ret != WOLFSSL_SUCCESS) {
+    err_sys("SSL_connect failed");
+}
+
+wolfAsync_DevClose(&devId);
+```
+
+### wolfCrypt RSA Example
+
+```c
+static int devId = INVALID_DEVID;
+RsaKey key;
+
+ret = wolfAsync_DevOpen(&devId);
+if (ret != 0)
+    err_sys("Async device open failed");
+
+wc_InitRsaKey_ex(&key, HEAP_HINT, devId);
+if (ret == 0) {
+    ret = wc_RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes);
+    do {
+        ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
+        if (ret >= 0)
+            ret = wc_RsaPublicEncrypt(in, inLen, out, outSz, &key, &rng);
+    } while (ret == WC_PENDING_E);
+    wc_FreeRsaKey(&key);
+}
+
+wolfAsync_DevClose(&devId);
+```
+
+## Build Options
+
+1. Async multi-threading can be disabled by defining `WC_NO_ASYNC_THREADING`. This only disables internal async threading functions. You are free to use other threading APIs or paradigms in your application.
+2. Software benchmarks can be disabled by defining `NO_SW_BENCH`.
+3. The `WC_ASYNC_THRESH_NONE` define can be used to disable the cipher thresholds, which are tunable values to determine at what size hardware should be used vs. software.
+4. Use `WOLFSSL_DEBUG_MEMORY` and `WOLFSSL_TRACK_MEMORY` to help debug memory issues. QAT also supports `WOLFSSL_DEBUG_MEMORY_PRINT`.
+
+
+## References
+
+### TLS Client/Server Async Example
+
+We have a full TLS client/server async examples here:
+
+* [https://github.com/wolfSSL/wolfssl-examples/blob/master/tls/server-tls-epoll-perf.c](https://github.com/wolfSSL/wolfssl-examples/blob/master/tls/server-tls-epoll-perf.c)
+
+* [https://github.com/wolfSSL/wolfssl-examples/blob/master/tls/client-tls-perf.c](https://github.com/wolfSSL/wolfssl-examples/blob/master/tls/client-tls-perf.c)
+
+#### TLS Threaded epoll Example Building
+
+```sh
+git clone git@github.com:wolfSSL/wolfssl-examples.git
+cd wolfssl-examples
+cd tls
+# For QuickAssist: Uncomment QAT lines at top of Makefile
+make
+```
+
+#### TLS Threaded epoll Example Usage
+
+```sh
+$ ./client-tls-perf -?
+perf 4.5.0 (NOTE: All files relative to wolfSSL home dir)
+-?          Help, print this usage
+-p <num>    Port to listen on, not 0, default 11111
+-v <num>    SSL version [0-3], SSLv3(0) - TLS1.2(3)), default 3
+-l <str>    Cipher suite list (: delimited)
+-c <file>   Certificate file,           default ../certs/client-cert.pem
+-k <file>   Key file,                   default ../certs/client-key.pem
+-A <file>   Certificate Authority file, default ../certs/ca-cert.pem
+-r          Resume session
+-n <num>    Benchmark <num> connections
+-N <num>    <num> concurrent connections
+-R <num>    <num> bytes read from client
+-W <num>    <num> bytes written to client
+-B <num>    Benchmark <num> written bytes
+```
+
+#### TLS Threaded epoll Example Output
+
+```sh
+$ sudo ./server-tls-epoll-threaded -n 10000
+$ sudo ./client-tls-perf -n 10000
+
+wolfSSL Server Benchmark 16384 bytes
+    Num Conns         :     10000
+    Total             : 18575.800 ms
+    Total Avg         :     1.858 ms
+    t/s               :   538.335
+    Accept            : 35848.428 ms
+    Accept Avg        :     3.585 ms
+    Total Read bytes  : 163840000 bytes
+    Total Write bytes : 163840000 bytes
+    Read              :   402.212 ms (  388.476 MBps)
+    Write             :   591.469 ms (  264.173 MBps)
+```
+
+## Change Log
+
+### wolfSSL Async Release v5.8.0 (May 01, 2025)
+* Includes all wolfSSL v5.8.0 fixes. See ChangeLog.md here: https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-580-apr-24-2025
+* Update for libwolfssl_sources.h refactor. (https://github.com/wolfSSL/wolfAsyncCrypt/pull/77)
+
+### wolfSSL Async Release v5.7.4 (Oct 29, 2024)
+* Includes all wolfSSL v5.7.4 fixes. See ChangeLog.md here: https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-574-oct-24-2024
+ - Plus fixes for asynchronous release - SHA3/HMAC devId (https://github.com/wolfSSL/wolfssl/pull/8119)
+* Fix for Intel QuickAssist RSA Key generation exponent result. (https://github.com/wolfSSL/wolfAsyncCrypt/pull/75)
+
+### wolfSSL Async Release v5.7.0 (Mar 21, 2023)
+* Includes all wolfSSL v5.7.0 fixes. See ChangeLog.md here: https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-570-mar-20-2024
+
+### wolfSSL Async Release v5.6.6 (Dec 20, 2023)
+* Includes all wolfSSL v5.6.6 fixes. See ChangeLog.md here: https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-566-dec-19-2023
+ - Plus wolfSSL PR 7085 fix for invalid `dh_ffdhe_test` for even P when using Intel QuickAssist. https://github.com/wolfSSL/wolfssl/pull/7085
+* Fix for missing `IntelQaFreeFlatBuffer` with DH enabled and no keygen. (broken in PR #71)
+* Add return code checking for wc_AsyncThreadCreate_ex in exit_fail section for pthread_attr_destroy. (PR #72)
+
+### wolfSSL Async Release v5.6.4 (Oct 30, 2023)
+* Fixes for support async with crypto or pk callbacks.
+* Rename `WC_NOT_PENDING_E` -> `WC_NO_PENDING_E`
+
+### wolfSSL Async Release v5.6.3 (June 16, 2023)
+* Includes all wolfSSL v5.6.3 fixes. See ChangeLog.md here: https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-563-jun-16-2023
+* Add sanity check of index devId before accessing array
+* Use the blocking call from the async test
+
+### wolfSSL Async Release v5.6.0 (Mar 29, 2023)
+* Includes all wolfSSL v5.6.0 fixes. See ChangeLog.md here: https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-560-mar-24-2023
+* wolfAsyncCrypt github repository became public.
+
+### wolfSSL Async Release v5.5.4 (Dec 22, 2022)
+
+* Includes all wolfSSL v5.5.4 fixes. See ChangeLog.md here: https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-554-dec-21-2022
+* Use the `wc_ecc_shared_secret_ex` version for async test. Requires https://github.com/wolfSSL/wolfssl/pull/5868
+
+### wolfSSL Async Release v5.5.3 (Nov 8, 2022)
+
+* Includes all wolfSSL v5.5.1-v5.5.3 fixes. See ChangeLog.md here: https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-553-nov-2-2022
+* Fix for Intel QAT handling of sign R when cofactor is not 1. https://github.com/wolfSSL/wolfssl/pull/5737 and https://github.com/wolfSSL/wolfAsyncCrypt/pull/54
+* Fix check scalar bits for ECC cofactor. https://github.com/wolfSSL/wolfssl/pull/5737
+* Fixes for async sniffer: https://github.com/wolfSSL/wolfssl/pull/5734
+  - Handling of packets with multiple TLS messages.
+  - Multiple back to back sessions.
+  - Ensure all pending queued packets are finished before ending pcap processing.
+* Fix for various tests that do not properly handle `WC_PENDING_E`. https://github.com/wolfSSL/wolfssl/pull/5773
+* Revert "Fix for sniffer to decode out of order packets". https://github.com/wolfSSL/wolfssl/pull/5771
+
+### wolfSSL Async Release v5.5.0 (Sep 2, 2022)
+
+* Includes all wolfSSL v5.5.0 fixes. See ChangeLog.md here: https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-550-aug-30-2022
+* Fix for handling return codes from `pthread_attr_destroy`.
+* Fix for async session tickets. https://github.com/wolfSSL/wolfssl/pull/5534
+* Fix for async with OCSP non-blocking in ProcessPeerCerts. https://github.com/wolfSSL/wolfssl/pull/5539
+
+### wolfSSL Async Release v5.4.0 (July 11, 2022)
+* Fix for DH trim of leading zeros to use memmove.
+* Fix to print errors to stderr.
+* Fix to consistently return the status of failed pthreads funcs.
+* Move async device pointer (https://github.com/wolfSSL/wolfssl/pull/5149)
+
+### wolfSSL Async Release v5.3.0 (May 5, 2022)
+
+* Added Intel QuickAssist ECC Key Generation acceleration. Specifically point multiplication similar to our `wc_ecc_mulmod_ex2`.
+* Fix for building Intel QAT with SP math all
+* Fix for `error: unused function 'IntelQaFreeFlatBuffer'`.
+* Fix for handling the Koblitz curve param "a", which is all zeros.
+* Fixes for scan-build warnings.
+* Includes wolfSSL PR https://github.com/wolfSSL/wolfssl/pull/5101
+
+### wolfSSL Async Release v5.2.0 (Feb 21, 2022)
+
+* Adds `WC_NO_ASYNC_SLEEP` option to hide wc_AsyncSleep for platforms that do not need it.
+* Fix for async test anonymous union on some platforms (`#pragma anon_unions` and `HAVE_ANONYMOUS_INLINE_AGGREGATES`)
+* Fixes for invalidPrintfArgType_sint (cppcheck) and readability-redundant-preprocessor (clang-tidy).
+
+### wolfSSL Async Release v5.1.0 (Jan 3rd, 2022)
+
+
+### wolfSSL Async Release v5.0.0 (11/01/2021)
+
+* Fix for issue with QAT AES GCM input buffer already NUMA and not aligned.
+
+### wolfSSL Async Release v4.8.0 (07/14/2021)
+
+* Fix for new QAT 1.7 hash types warning.
+* Updated Intel QAT 1.7 build instructions.
+* Includes possible HAVE_WOLF_BIGINT leaks in PR https://github.com/wolfSSL/wolfssl/pull/4208
+
+### wolfSSL Async Release v4.7.0 (02/20/2021)
+
+* Fix for ARC4 macro typo
+
+### wolfSSL Async Release v4.6.0 (12/21/2020)
+
+* Documentation updates.
+* Fixes for Cavium Nitrox and Intel Quick Assist (wolfSSL/wolfssl#3577) with TLS v1.3
+
+### wolfSSL Async Release v4.4.0 (04/24/2020)
+
+* Fix for uninitialized `supSha3` warning.
+* Fix for use of incorrect devId for wolfSSL_SHA3_256_Init.
+* Fix for QAT with Shake256.
+* Fix for QAT example `./build.sh`.
+
+### wolfSSL Async Release v4.3.0 (12/20/2019)
+
+* Fix for async date override callback issue.
+* Updates to Octeon README.
+
+### wolfSSL Async Release v4.2.0 (10/22/2019)
+
+* Fix for QuickAssist DH Agree issue with leading zero bytes.
+* Fix for QuickAssist AES CBC issue with previous IV on back-to-back operations.
+* Updates to QuickAssist README.md for latest QAT v1.7 driver.
+* Instructions for Octeon III (CN7300) use.
+
+### wolfSSL Async Release v4.0.0 (03/25/2019)
+
+* Fix for building with QuickAssist v1.7 driver (4.4.0-00023) (was missing usdm_drv during configure with check).
+* Fix for building async with file system disabled.
+* Fix for SHA-3 runtime detection for not supported in hardware.
+
+### wolfSSL Async Release v3.15.8 (03/01/2019) - Intermediate release
+
+* Performance improvements for QuickAssist.
+* Added new build option `QAT_POLL_RESP_QUOTA` to indicate maximum number of callbacks to service per poll. The default is 0 (all), was previously 8.
+* Added useful QAT_DEBUG logging for ECC and DH operations.
+* Cleanup whitespace in quickassist.c.
+* Enhanced the Cavium macros for `CAVIUM_MAX_PENDING` and `CAVIUM_MAX_POLL` over-ridable.
+* Added build-time override for benchmark thread count `WC_ASYNC_BENCH_THREAD_COUNT`.
+* Fixes for wolfCrypt test with asynchronous support enabled and `--enable-nginx`.
+* Fix to use QAT for ECC sign and verify when SP is enabled and key was initialized with devId.
+* Fixes issues with wolfCrypt test and QAT not properly calling "again" for the ECC sign, verify and shared secret.
+* Correct the output for multi-threaded benchmark using `-base10` option.
+* Fixes to QAT HMAC enables in benchmark tool.
+* Adds new `NO_HW_BENCH` to support using multi-threaded software only benchmarks.
+
+### wolfSSL Async Release v3.15.7 (12/27/2018)
+
+* Fixes for various analysis warnings (https://github.com/wolfSSL/wolfssl/pull/2003).
+* Added QAT v1.7 driver support.
+* Added QAT SHA-3 support.
+* Added QAT RSA Key Generation support.
+* Added support for new usdm memory driver.
+* Added support for detecting QAT version and features.
+* Added `QAT_ENABLE_RNG` option to disable QAT TRNG/DRBG.
+* Added alternate hashing method to cache all updates (avoids using partial updates).
+
+### wolfSSL Async Release v3.15.5 (11/09/2018)
+
+* Fixes for various analysis warnings (https://github.com/wolfSSL/wolfssl/pull/1918).
+* Fix for QAT possible double free case where `ctx->symCtx` is not trapped.
+* Improved QAT debug messages when using `QAT_DEBUG`.
+* Fix for QAT RNG to allow zero length. This resolves PSS case where `wc_RNG_GenerateBlock` is called for saltLen == 0.
+
+
+### wolfSSL Async Release v3.15.3 (06/20/2018)
+
+* Fixes for fsantize tests with Cavium Nitrox V.
+* Removed typedef for `CspHandle`, since its already defined.
+* Fixes for a couple of fsanitize warnings.
+* Fix for possible leak with large request to `IntelQaDrbg`.
+
+### wolfSSL Async Release v3.14.4 (04/13/2018)
+
+* Added Nitrox V ECC.
+* Added Nitrox V SHA-224 and SHA-3
+* Added Nitrox V AES GCM
+* Added Nitrox III SHA2 384/512 support for HMAC.
+* Added error code handling for signature check failure.
+* Added error translate for `ERR_PKCS_DECRYPT_INCORRECT`
+* Added useful `WOLFSSL_NITROX_DEBUG` and show count for pending checks.
+* Cleanup of Nitrox symmetric processing to use single while loops.
+* Cleanup to only include some headers in cavium_nitrox.c port.
+* Fixes for building against Nitrox III and V SDK.
+* Updates to README.md with required CFLAGS/LDFLAGS when building without ./configure.
+* Fix for Intel QuickAssist HMAC to use software for unsupported hash algorithms.
+
+
+### wolfSSL Async Release v3.12.2 (10/22/2017)
+
+* Fix for HMAC QAT when block size aligned. The QAT HMAC final without any buffers will fail incorrectly (bug in QAT 1.6).
+* Nitrox fix for rename of `ContextType` to `context_type_t`. Updates to Nitrox README.md.
+* Workaround for `USE_QAE_THREAD_LS` issue with realloc from a different thread.
+* Fix for hashing to allow zero length. This resolves issue with new empty hash tests.
+* Fix bug with blocking async where operation was being free'd before completion. Set freeFunc prior to performing operation and check ret code in poll.
+* Fix leak with cipher symmetric context close.
+* Fix QAT_DEBUG partialState offset.
+* Fixes for symmetric context caching.
+* Refactored async event initialization so its done prior to making possible async calls.
+* Fix to resolve issue with QAT callbacks and multi-threading.
+* The cleanup is now handled in polling function and the event is only marked done from the polling thread that matches the originating thread.
+* Fix possible mem leak with multiple threads `g_qatEcdhY` and `g_qatEcdhCofactor1`.
+* Fix the block polling to use `ret` instead of `status`.
+* Change order of `IntelQaDevClear` and setting `event->ret`.
+* Fixes to better handle threading with async.
+* Refactor of async event state.
+* Refactor to initialize event prior to operation (in case it finishes before adding to queue).
+* Fixes issues with AES GCM decrypt that can corrupt up to authTag bytes at end of output buffer provided.
+* Optimize the Hmac struct to replace keyRaw with ipad.
+* Enhancement to allow reuse of the symmetric context for ciphers.
+* Fixes for QuickAssist (QAT) multi-threading. Fix to not set return code until after callback cleanup.
+* Disable thread binding to specific CPU by default (enabled now with `WC_ASYNC_THREAD_BIND`).
+* Added optional define `QAT_USE_POLLING_CHECK ` to have only one thread polling at a time (not required and doesn't improve performance).
+* Reduced default QAT_MAX_PENDING for benchmark to 15 (120/num_threads).
+* Fix for IntelQaDrbg to handle buffer over 0xFFFF in length.
+* Added working DRBG and TRNG implementations for QAT.
+* Fix to set callback status after ret and output have been set. Cleanup of the symmetric context.
+* Updates to support refactored dynamic types.
+* Fix for QAT symmetric to allow NULL authTag.
+* Fix GCC 7 build warning with braces.
+* Cleanup formatting.
+
+### wolfSSL Async Release v3.11.0 (05/05/2017)
+
+* Fixes for Cavium Nitrox III/V.
+    - Fix with possible crash when using a request Id that is already complete, due to partial submissions not marking event done.
+    - Improvements to max buffer lengths.
+    - Fixes to handle various return code patterns with CNN55XX-SDK.
+    - All Nitrox V tests and benchmarks pass. Bench: RSA 2048-bit public 336,674 ops/sec and private (CRT) 66,524 ops/sec.
+
+* Intel QuickAssist support and various async fixes/improvements:
+    - Added support for Intel QuickAssist v1.6 driver with QuickAssist 8950 hardware
+    - Added QAE memory option to use static memory list instead of dynamic list using `USE_QAE_STATIC_MEM`.
+    - Added tracking of deallocs and made the values signed long.
+    - Improved code for wolf header check and expanded to 16-byte alignment for performance improvement with TLS.
+    - Added ability to override limit dev access parameters and all configurable QAT fields.
+    - Added async simulator tests for DH, DES3 CBC and AES CBC/GCM.
+    - Rename AsyncCryptDev to WC_ASYNC_DEV.
+    - Refactor to move WOLF_EVENT into WC_ASYNC_DEV.
+    - Refactor the async struct/enum names to use WC_ naming.
+    - Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL or WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT to indicate the type of context pointer.
+    - Added flag to WOLF_EVENT which is used to determine if the async complete should call into operation again or goto next `WC_ASYNC_FLAG_CALL_AGAIN`.
+    - Cleanup of the "wolfAsync_DevCtxInit" calls to make sure asyncDev is always cleared if invalid device id is used.
+    - Eliminated WOLFSSL_ASYNC_CRYPT_STATE.
+    - Removed async event type WOLF_EVENT_TYPE_ASYNC_ANY.
+    - Enable the random extra delay option by default for simulator as it helps catch bugs.
+    - Cleanup for async free to also check marker.
+    - Refactor of the async wait and handle to reduce duplicate code.
+    - Added async simulator test for RSA make key.
+    - Added WC_ASYNC_THRESH_NONE to allow bypass of threshold for testing
+    - Added static numbers for the async sim test types, for easier debugging of the “testDev->type” value.
+    - Populate heap hint into asyncDev struct.
+    - Enhancement to cache the asyncDev to improve poll performance.
+    - Added async threading helpers and new wolfAsync_DevOpenThread.
+    - Added WC_NO_ASYNC_THREADING to prevent async threading.
+    - Added new API “wc_AsyncGetNumberOfCpus” for getting number of CPU’s.
+    - Added new “wc_AsyncThreadYield” API.
+    - Added WOLF_ASYNC_MAX_THREADS.
+    - Added new API for wolfAsync_DevCopy.
+    - Fix to make sure an async init failure sets the deviceId to INVALID_DEVID.
+    - Fix for building with async threading support on Mac.
+    - Fix for using simulator so it supports multiple threads.
+
+* Moved Intel QuickAssist and Cavium Nitrox III/V code into async repo.
+* Added new WC_ASYNC_NO_* options to allow disabling of individual async algorithms.
+    - New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH.
+    - Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
+
+
+### wolfSSL Async Release v3.9.8 (07/25/2016)
+
+* Asynchronous wolfCrypt and Cavium Nitrox V support.
+
+### wolfSSL Async Release v3.9.0 (03/04/2016)
+
+* Initial version with async simulator and README.md.
+
+
+## Support
+
+For questions email wolfSSL support at support@wolfssl.com

README.md

@@ -8,8 +8,8 @@ standard operating environments as well because of its royalty-free pricing
 and excellent cross platform support. wolfSSL supports industry standards up
 to the current [TLS 1.3](https://www.wolfssl.com/tls13) and DTLS 1.3, is up to
 20 times smaller than OpenSSL, and offers progressive ciphers such as ChaCha20,
-Curve25519, Blake2b and Post-Quantum TLS 1.3 groups. User benchmarking and
-feedback reports dramatically better performance when using wolfSSL over
+Curve25519, BLAKE2b/BLAKE2s and Post-Quantum TLS 1.3 groups. User benchmarking
+and feedback reports dramatically better performance when using wolfSSL over
 OpenSSL.
 
 wolfSSL is powered by the wolfCrypt cryptography library. Two versions of
@@ -80,206 +80,90 @@ single call hash function. Instead the name `WC_SHA`, `WC_SHA256`, `WC_SHA384` a
 `WC_SHA512` should be used for the enum name.
 
 
-# wolfSSL Release 5.8.2 (July 17, 2025)
+# wolfSSL Release 5.8.4 (Nov. 20, 2025)
 
-Release 5.8.2 has been developed according to wolfSSL's development and QA
+Release 5.8.4 has been developed according to wolfSSL's development and QA
 process (see link below) and successfully passed the quality criteria.
 https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
 
-NOTE: * wolfSSL is now GPLv3 instead of GPLv2
-            * --enable-heapmath is deprecated
+NOTE: * --enable-heapmath is deprecated
             * MD5 is now disabled by default
 
-
-PR stands for Pull Request, and PR (NUMBER) references a GitHub pull request number where the code change was added.
+PR stands for Pull Request, and PR <NUMBER> references a GitHub pull request number where the code change was added.
 
 ## Vulnerabilities
-
-* [Low] There is the potential for a fault injection attack on ECC and Ed25519 verify operations. In versions of wolfSSL 5.7.6 and later the --enable-faultharden option is available to help mitigate against potential fault injection attacks. The mitigation added in wolfSSL version 5.7.6 is to help harden applications relying on the results of the verify operations, such as when used with wolfBoot. If doing ECC or Ed25519 verify operations on a device at risk for fault injection attacks then --enable-faultharden could be used to help mitigate it. Thanks to Kevin from Fraunhofer AISEC for the report.
-
-Hardening option added in PR https://github.com/wolfSSL/wolfssl/pull/8289
+* [Low CVE-2025-12888] Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels introduced by compiler optimizations and CPU architecture limitations, specifically with the Xtensa-based ESP32 chips. If targeting Xtensa it is recommended to use the low memory implementations of X25519, which is now turned on as the default for Xtensa. Thanks to Adrian Cinal for the report. Fixed in PR 9275.
 
 
-* [High CVE-2025-7395] When using WOLFSSL_SYS_CA_CERTS and WOLFSSL_APPLE_NATIVE_CERT_VALIDATION on an Apple platform, the native trust store verification routine overrides errors produced elsewhere in the wolfSSL certificate verification process including failures due to hostname matching/SNI, OCSP, CRL, etc. This allows any trusted cert chain to override other errors detected during chain verification that should have resulted in termination of the TLS connection. If building wolfSSL on versions after 5.7.6 and before 5.8.2 with use of the system CA support and the apple native cert validation feature enabled on Apple devices (on by default for non-macOS Apple targets when using autotools or CMake) we recommend updating to the latest version of wolfSSL. Thanks to Thomas Leong from ExpressVPN for the report.
+* [Med. CVE-2025-11936] Potential DoS vulnerability due to a memory leak through multiple KeyShareEntry with the same group in malicious TLS 1.3 ClientHello messages. This affects users who are running wolfSSL on the server side with TLS 1.3. Thanks to Jaehun Lee and Kyungmin Bae, Pohang University of Science and Technology (POSTECH) for the report. Fixed in PR 9117.
 
-Fixed in PR https://github.com/wolfSSL/wolfssl/pull/8833
+* [Low CVE-2025-11935] PSK with PFS (Perfect Forward Secrecy) downgrades to PSK without PFS during TLS 1.3 handshake. If the client sends a ClientHello that has a key share extension and the server responds with a ServerHello that does not have a key share extension the connection would previously continue on without using PFS. Thanks to Jaehun Lee from Pohang University of Science and Technology (POSTECH) for the report. Fixed in PR 9112.
+
+* [Low CVE-2025-11934] Signature Algorithm downgrade from ECDSA P521 to P256 during TLS 1.3 handshake. When a client sends ECDSA P521 as the supported signature algorithm the server previously could respond as ECDSA P256 being the accepted signature algorithm and the connection would continue with using ECDSA P256. Thanks to Jaehun Lee from Pohang University of Science and Technology (POSTECH) for the report. Fixed in PR 9113.
 
 
-* [Med. CVE-2025-7394] In the OpenSSL compatibility layer implementation, the function RAND_poll() was not behaving as expected and leading to the potential for predictable values returned from RAND_bytes() after fork() is called. This can lead to weak or predictable random numbers generated in applications that are both using RAND_bytes() and doing fork() operations. This only affects applications explicitly calling RAND_bytes() after fork() and does not affect any internal TLS operations. Although RAND_bytes() documentation in OpenSSL calls out not being safe for use with fork() without first calling RAND_poll(), an additional code change was also made in wolfSSL to make RAND_bytes() behave similar to OpenSSL after a fork() call without calling RAND_poll(). Now the Hash-DRBG used gets reseeded after detecting running in a new process. If making use of RAND_bytes() and calling fork() we recommend updating to the latest version of wolfSSL. Thanks to Per Allansson from Appgate for the report.
-
-Fixed in the following PR’s
-https://github.com/wolfSSL/wolfssl/pull/8849
-https://github.com/wolfSSL/wolfssl/pull/8867
-https://github.com/wolfSSL/wolfssl/pull/8898
+* [Low CVE-2025-11933] DoS Vulnerability in wolfSSL TLS 1.3 CKS extension parsing. Previously duplicate CKS extensions were not rejected leading to a potential memory leak when processing a ClientHello. Thanks to Jaehun Lee from Pohang University of Science and Technology (POSTECH) for the report. Fixed in PR 9132.
 
 
+* [Low CVE-2025-11931] Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wc_XChaCha20Poly1305_Decrypt() which is not used with TLS connections, only from direct calls from an application. Thanks to Luigino Camastra from Aisle Research for the report. Fixed in PR 9223.
 
-* [Low CVE-2025-7396] In wolfSSL 5.8.0 the option of hardening the C implementation of Curve25519 private key operations was added with the addition of blinding support (https://www.wolfssl.com/curve25519-blinding-support-added-in-wolfssl-5-8-0/). In wolfSSL release 5.8.2 that blinding support is turned on by default in applicable builds. The blinding configure option is only for the base C implementation of Curve25519. It is not needed, or available with; ARM assembly builds, Intel assembly builds, and the small Curve25519 feature. While the attack would be very difficult to execute in practice, enabling blinding provides an additional layer of protection for devices that may be more susceptible to physical access or side-channel observation. Thanks to Arnaud Varillon, Laurent Sauvage, and Allan Delautre from Telecom Paris for the report.
+* [Low CVE-2025-11932] Timing Side-Channel in PSK Binder Verification. The server previously verified the TLS 1.3 PSK binder using a non-constant time method which could potentially leak information about the PSK binder. Thanks to Luigino Camastra from Aisle Research for the report. Fixed in PR 9223.
 
-Blinding enabled by default in PR https://github.com/wolfSSL/wolfssl/pull/8736
+* [Low CVE-2025-12889] With TLS 1.2 connections a client can use any digest, specifically a weaker digest, rather than those in the CertificateRequest. Thanks to Jaehun Lee from Pohang University of Science and Technology (POSTECH) for the report. Fixed in PR 9395
 
+* [Low CVE-2025-13912] When using the Clang compiler, various optimization levels or flags could result in non-constant-time compiled code. Assembly implementations of the functions in wolfSSL were not affected. The report was done specifically with Clang version 18 but there was shown to be similarities in timing variations when using the optimization levels with Clang 14 and Clang 20.
+
+On the following architectures, the expected constant-time functions were found to have potential timing variations when specific compiler flags or optimization levels were used.
+
+AArch64: Using O3, Ofast, or --enable-nontrivial-unswitch with O1/O2 flags leads to possible timing variations with the software implementations of sp_read_radix, sp_div_2_mod_ct, and sp_addmod_ct. Using O3, O2, Ofast, Os, or Oz with --unroll-force-peel-count=50 leads to possible timing variations with wc_AesGcmDecrypt.
+
+RISC-V: TLS HMAC update/final operations, RSA unpad operations, and DH key pair generation with O1, O2, O3, Ofast, Oz, or Os. wc_AesGcmDecrypt and wc_Chacha_Process with O1, O2, O3, Os, or Ofast. Also SP software operations sp_div_2_mod_ct and sp_addmod_ct using O3 or Ofast.
+
+
+X86_64: TLS HMAC update/final operations and TimingVerifyPad used with verifying the TLS MAC with --fast-isel or --x86-cmov-converter-force-all compile flags. RSA unpad operations, ECC mulmod, and wc_Chacha_Process with the --x86-cmov-converter-force-all flag. DH key agreement, sp_div_2_mod_ct and sp_addmod_ct with O1, O2, O3, Os, or Ofast. wc_AesGcmDecrypt with the compiler flags O2, O3, Os, Ofast, Oz --x86-cmov-converter-force-all | --unroll-force-peel-count=50, or O1 --x86-cmov-converter-force-all.
+
+Thanks to Jing Liu, Zhiyuan Zhang, LUCÍA MARTÍNEZ GAVIER, Gilles Barthe, Marcel Böhme from Max Planck Institute for Security and Privacy (MPI-SP) for the report. Fixed in PR 9148.
 
 ## New Features
-* Multiple sessions are now supported in the sniffer due to the removal of a cached check. (PR #8723)
-* New API ssl_RemoveSession() has been implemented for sniffer cleanup operations. (PR #8768)
-* The new ASN X509 API, `wc_GetSubjectPubKeyInfoDerFromCert`, has been introduced for retrieving public key information from certificates. (PR #8758)
-* `wc_PKCS12_create()` has been enhanced to support PBE_AES(256|128)_CBC key and certificate encryptions. (PR #8782, PR #8822, PR #8859)
-* `wc_PKCS7_DecodeEncryptedKeyPackage()` has been added for decoding encrypted key packages. (PR #8976)
-* All AES, SHA, and HMAC functionality has been implemented within the Linux Kernel Module. (PR #8998)
-* Additions to the compatibility layer have been introduced for X.509 extensions and RSA PSS. Adding the API i2d_PrivateKey_bio, BN_ucmp and X509v3_get_ext_by_NID. (PR #8897)
-* Added support for STM32N6. (PR #8914)
-* Implemented SHA-256 for PPC 32 assembly. (PR #8894)
+* New ML-KEM / ML-DSA APIs and seed/import PKCS8 support; added _new/_delete APIs for ML-KEM/ML-DSA. (PR 9039, 9000, 9049)
+* Initial wolfCrypt FreeBSD kernel module support (PR 9392)
+* Expanded PKCS7/CMS capabilities: decode SymmetricKeyPackage / OneSymmetricKey, add wc_PKCS7_GetEnvelopedDataKariRid, and allow PKCS7 builds with AES keywrap unset. (PR 9018, 9029, 9032)
+* Add custom AES key wrap/unwrap callbacks and crypto callback copy/free operations. (PR 9002, 9309)
+* Add support for certificate_authorities extension in ClientHello and certificate manager CA-type selection/unloading. (PR 9209, 9046)
+* Large expansion of Rust wrapper modules: random, aes, rsa, ecc, dh, sha, hmac, cmac, ed25519/ed448, pbkdf2/PKCS#12, kdf/prf, SRTP KDFs, and conditional compilation options. (PR 9191, 9212, 9273, 9306, 9320, 9328, 9368, 9389, 9357, 9433)
+* Rust: support optional heap and dev_id parameters and enable conditional compilation based on C build options. (PR 9407, 9433)
+* STM32 fixes (benchmarking and platform fixes) and PSoC6 hardware acceleration additions. (PR 9228, 9256, 9185)
+* STM32U5 added support for SAES and DHUK. (PR 9087)
+* Add --enable-curl=tiny option for a smaller build when used with cURL. (PR 9174)
 
 ## Improvements / Optimizations
-
-### Linux Kernel Module (LinuxKM) Enhancements
-* Registered DH and FFDHE for the Linux Kernel Module. (PR #8707)
-* Implemented fixes for standard RNG in the Linux Kernel Module. (PR #8718)
-* Added an ECDSA workaround for the Linux Kernel Module. (PR #8727)
-* Added more PKCS1 pad SHA variants for RSA in the Linux Kernel Module. (PR #8730)
-* Set default priority to 100000 for LKCAPI in the Linux Kernel Module. (PR #8740)
-* Ensured ECDH never has FIPS enabled in the Linux Kernel Module. (PR #8751)
-* Implemented further Linux Kernel Module and SP tweaks. (PR #8773)
-* Added sig_alg support for Linux 6.13 RSA in the Linux Kernel Module. (PR #8796)
-* Optimized wc_linuxkm_fpu_state_assoc. (PR #8828)
-* Ensured DRBG is multithread-round-1 in the Linux Kernel Module. (PR #8840)
-* Prevented toggling of fips_enabled in the Linux Kernel Module. (PR #8873)
-* Refactored drbg_ctx clear in the Linux Kernel Module. (PR #8876)
-* Set sig_alg max_size and digest_size callbacks for RSA in the Linux Kernel Module. (PR #8915)
-* Added get_random_bytes for the Linux Kernel Module. (PR #8943)
-* Implemented distro fix for the Linux Kernel Module. (PR #8994)
-* Fixed page-flags-h in the Linux Kernel Module. (PR #9001)
-* Added MODULE_LICENSE for the Linux Kernel Module. (PR #9005)
-
-### Post-Quantum Cryptography (PQC) & Asymmetric Algorithms
-* Kyber has been updated to the MLKEM ARM file for Zephyr (PR #8781)
-* Backward compatibility has been implemented for ML_KEM IDs (PR #8827)
-* ASN.1 is now ensured to be enabled when only building PQ algorithms (PR #8884)
-* Building LMS with verify-only has been fixed (PR #8913)
-* Parameters for LMS SHA-256_192 have been corrected (PR #8912)
-* State can now be saved with the private key for LMS (PR #8836)
-* Support for OpenSSL format has been added for ML-DSA/Dilithium (PR #8947)
-* `dilithium_coeff_eta2[]` has been explicitly declared as signed (PR #8955)
-
-### Build System & Portability
-* Prepared for the inclusion of v5.8.0 in the Ada Alire index. (PR #8714)
-* Introduced a new build option to allow reuse of the Windows crypt provider handle. (PR #8706)
-* Introduced general fixes for various build configurations. (PR #8763)
-* Made improvements for portability using older GCC 4.8.2. (PR #8753)
-* Macro guards updated to allow tests to build with opensslall and no server. (PR #8776)
-* Added a check for STDC_NO_ATOMICS macro before use of atomics. (PR #8885)
-* Introduced CMakePresets.json and CMakeSettings.json. (PR #8905)
-* Added an option to not use constant time code with min/max. (PR #8830)
-* Implemented proper MacOS dispatch for conditional signal/wait. (PR #8928)
-* Disabled MD5 by default for both general and CMake builds. (PR #8895, PR #8948)
-* Improved to allow building OPENSSL_EXTRA without KEEP_PEER_CERT. (PR #8926)
-* Added introspection for Intel and ARM assembly speedups. (PR #8954)
-* Fixed cURL config to set HAVE_EX_DATA and HAVE_ALPN. (PR #8973)
-* Moved FREESCALE forced algorithm HAVE_ECC to IDE/MQX/user_settings.h. (PR #8977)
-
-### Testing & Debugging
-* Fixed the exit status for testwolfcrypt. (PR #8762)
-* Added WOLFSSL_DEBUG_PRINTF and WOLFSSL_DEBUG_CERTIFICATE_LOADS for improved debugging output. (PR #8769, PR #8770)
-* Guarded some benchmark tests with NO_SW_BENCH. (PR #8760)
-* Added an additional unit test for wolfcrypt PKCS12 file to improve code coverage. (PR #8831)
-* Added an additional unit test for increased DH code coverage. (PR #8837)
-* Adjusted for warnings with NO_TLS build and added GitHub actions test. (PR #8851)
-* Added additional compatibility layer RAND tests. (PR #8852)
-* Added an API unit test for checking domain name. (PR #8863)
-* Added bind v9.18.33 testing. (PR #8888)
-* Fixed issue with benchmark help options and descriptions not lining up. (PR #8957)
-
-### Certificates & ASN.1
-* Changed the algorithm for sum in ASN.1 OIDs. (PR #8655)
-* Updated PKCS7 to use X509 STORE for internal verification. (PR #8748)
-* Improved handling of temporary buffer size for X509 extension printing. (PR #8710)
-* Marked IP address as WOLFSSL_V_ASN1_OCTET_STRING for ALT_NAMES_OID. (PR #8842)
-* Fixed printing empty names in certificates. (PR #8880)
-* Allowed CA:FALSE on wolftpm. (PR #8925)
-* Fixed several inconsistent function prototype parameter names in wc/asn. (PR #8949)
-* Accounted for custom extensions when creating a Cert from a WOLFSSL_X509. (PR #8960)
-
-### TLS/DTLS & Handshake
-* Checked group correctness outside of TLS 1.3 too for TLSX_UseSupportedCurve. (PR #8785)
-* Dropped records that span datagrams in DTLS. (PR #8642)
-* Implemented WC_NID_netscape_cert_type. (PR #8800)
-* Refactored GetHandshakeHeader/GetHandShakeHeader into one function. (PR #8787)
-* Correctly set the current peer in dtlsProcessPendingPeer. (PR #8848)
-* Fixed set_groups for TLS. (PR #8824)
-* Allowed trusted_ca_keys with TLSv1.3. (PR #8860)
-* Moved Dtls13NewEpoch into DeriveTls13Keys. (PR #8858)
-* Cleared tls1_3 on downgrade. (PR #8861)
-* Always sent ACKs on detected retransmission for DTLS1.3. (PR #8882)
-* Removed DTLS from echo examples. (PR #8889)
-* Recalculated suites at SSL initialization. (PR #8757)
-* No longer using BIO for ALPN. (PR #8969)
-* Fixed wolfSSL_BIO_new_connect's handling of IPV6 addresses. (PR #8815)
-* Memory Management & Optimizations
-* Performed small stack refactors, improved stack size with mlkem and dilithium, and added additional tests. (PR #8779)
-* Implemented FREE_MP_INT_SIZE in heap math. (PR #8881)
-* Detected correct MAX_ENCODED_SIG_SZ based on max support in math lib. (PR #8931)
-* Fixed improper access of sp_int_minimal using sp_int. (PR #8985)
-
-### Cryptography & Hash Functions
-* Implemented WC_SIPHASH_NO_ASM for not using assembly optimizations with siphash. (PR #8789, PR #8791)
-* Added missing DH_MAX_SIZE define for FIPS and corrected wolfssl.rc FILETYPE to VFT_DLL. (PR #8794)
-* Implemented WC_SHA3_NO_ASM for not using assembly with SHA3. (PR #8817)
-* Improved Aarch64 XFENCE. (PR #8832)
-* Omitted frame pointer for ARM32/Thumb2/RISC-V 64 assembly. (PR #8893)
-* Fixed branch instruction in ARMv7a ASM. (PR #8933)
-* Enabled EVP HMAC to work with WOLFSSL_HMAC_COPY_HASH. (PR #8944)
-* Platform-Specific & Hardware Integration
-* Added HAVE_HKDF for wolfssl_test and explicit support for ESP32P4. (PR #8742)
-* Corrected Espressif default time setting. (PR #8829)
-* Made wc_tsip_* APIs public. (PR #8717)
-* Improved PlatformIO Certificate Bundle Support. (PR #8847)
-* Fixed the TSIP TLS example program. (PR #8857)
-* Added crypto callback functions for TROPIC01 secure element. (PR #8812)
-* Added Renesas RX TSIP AES CTR support. (PR #8854)
-* Fixed TSIP port using crypto callback. (PR #8937)
-
-### General Improvements & Refactoring
-* Attempted wolfssl_read_bio_file in read_bio even when XFSEEK is available. (PR #8703)
-* Refactored GetHandshakeHeader/GetHandShakeHeader into one function. (PR #8787)
-* Updated libspdm from 3.3.0 to 3.7.0. (PR #8906)
-* Fixed missing dashes on the end of header and footer for Falcon PEM key. (PR #8904)
-* Fixed minor code typos for macos signal and types.h max block size. (PR #8934)
-* Make the API wolfSSL_X509_STORE_CTX_get_error accessible to more build configurations for ease of getting the "store" error code and depth with certificate failure callback implementations. (PR #8903)
+* Regression test fixes and expansion: TLS 1.3/1.2 tests, ARDUINO examples, libssh2 tests, hostap workflows, and nightly test improvements. (PR 9096, 9141, 9091, 9122, 9388)
+* Improved test ordering and CI test stability (random tests run order changes, FIPS test fixes). (PR 9204, 9257)
+* Docs and readme fixes, docstring updates, AsconAEAD comment placement, and example certificate renewals. (PR 9131, 9293, 9262, 9429)
+* Updated GPL exception lists (GPLv2 and GPLv3 exception updates: add Fetchmail and OpenVPN). (PR 9398, 9413)
+* Introduced WOLFSSL_DEBUG_CERTS and additional debug/logging refinements. (PR 8902, 9055)
+* Expanded crypto-callback support (SHA family, HKDF, SHA-224, sha512_family digest selection) and improved crypto-only build cases. (PR 9070, 9252, 9271, 9100, 9194)
+* AES & HW offload improvements including AES-CTR support in PKCS11 driver and AES ECB offload sizing fix. (PR 9277, 9364)
+* ESP32: PSRAM allocator support and SHA HW fixes for ESP-IDF v6/v5. (PR 8987, 9225, 9264)
+* Renesas FSP / RA examples updated and security-module TLS context improvements. (PR 9047, 9010, 9158, 9150)
+* Broad configure/CMake/Autotools workflow improvements (Apple options tracking, Watcom pinning, Debian packaging, ESP-IDF pinning). (PR 9037, 9167, 9161, 9264)
+* New assembly introspection / performance helpers for RISC-V and PPC32; benchmarking enhancements (cycle counts). (PR 9101, 9317)
+* Update to SGX build for using assembly optimizations. (PR 8463, 9138)
+* Testing with Fil-C compiler version to 0.674 (PR 9396)
+* Refactors and compressing of small stack code (PR 9153)
 
 ## Bug Fixes
-* Fixed issues to support _WIN32_WCE (VS 2008 with WinCE 6.0/7.0). (PR #8709)
-* Fixed STM32 Hash with IRQ enabled. (PR #8705)
-* Fixed raw hash when using crypto instructions on RISC-V 64-bit. (PR #8733)
-* Fixed ECDH decode secret in the Linux Kernel Module. (PR #8729)
-* Passed in the correct hash type to wolfSSL_RSA_verify_ex. (PR #8726)
-* Fixed issues for Intel QuickAssist latest driver (4.28). (PR #8728)
-* Speculative fix for CodeSonar overflow issue in ssl_certman.c. (PR #8715)
-* Fixed Arduino progmem print and AVR WOLFSSL_USER_IO. (PR #8668)
-* Correctly advanced the index in wc_HKDF_Expand_ex. (PR #8737)
-* Fixed STM32 hash status check logic, including NO_AES_192 and NO_AES_256. (PR #8732)
-* Added missing call to wolfSSL_RefFree in FreeCRL to prevent memory leaks. (PR #8750)
-* Fixed sanity check on --group with unit test app and null sanity check with des decrypt. (PR #8711)
-* Fixed Curve25519 and static ephemeral issue with blinding. (PR #8766)
-* Fixed edge case issue with STM32 AES GCM auth padding. (PR #8745)
-* Removed redefinition of MlKemKey and fixed build issue in benchmark. (PR #8755)
-* Used proper heap hint when freeing CRL in error case. (PR #8713)
-* Added support for no malloc with wc_CheckCertSigPubKey. (PR #8725)
-* Fixed C# wrapper Release build. (PR #8802)
-* Handled malformed CCS and CCS before CH in TLS1.3. (PR #8788)
-* Fixed ML-DSA with WOLFSSL_DILITHIUM_NO_SIGN. (PR #8798)
-* Fixed AesGcmCrypt_1 no-stream in the Linux Kernel Module. (PR #8814)
-* Fixed return value usage for crypto_sig_sign in the Linux Kernel Module. (PR #8816)
-* Fixed issue with CSharp and Windows CE with conversion of ASCII and Unicode. (PR #8799)
-* Fixed Renesas SCE on RA6M4. (PR #8838)
-* Fixed tests for different configs for ML-DSA. (PR #8865)
-* Fixed bug in ParseCRL_Extensions around the size of a CRL number handled and CRL number OID. (PR #8587)
-* Fixed uninitialized wc_FreeRng in prime_test. (PR #8886)
-* Fixed ECC configuration issues with ECC verify only and no RNG. (PR #8901)
-* Fixed issues with max size, openssl.test netcat, and clang-tidy. (PR #8909)
-* Fixed for casting down and uninit issues in Dilithium/ML-DSA. (PR #8868)
-* Fixed memory allocation failure testing and related unit test cases. (PR #8945, PR #8952)
-* Fixed build issue with ML-DSA 44 only. (PR #8981)
-* Fixed possible memory leak with X509 reference counter when using x509small. (PR #8982)
+* Removed the test feature using popen when defining the macro WOLFSSL_USE_POPEN_HOST and not having HAVE_GETADDRINFO defined, along with having the macro HAVE_HTTP_CLIENT set. There was the potential for vulnerable behavior with the use of popen when the API wolfSSL_BIO_new_connect() was called with this specific build. This exact build configuration is only intended for testing with QEMU and is not enabled with any autoconf/cmake flags. Thanks to linraymond2006 for the report. (PR 9038)
+* Fix for C# wrapper Ed25519 potential crash and heap overwrite with raw public key import when using the API Ed25519ImportPublic.This was a broken API with the C# wrapper that would crash on use. Thanks to Luigino Camastra from Aisle Research for the bug report. (PR 9291)
+* Coverity, cppcheck, MISRA, clang-tidy, ZeroPath and other static-analysis driven fixes across the codebase. (PR 9006, 9078, 9068, 9265, 9324)
+* TLS 1.2/DTLS improvements: client message order checks, DTLS cookie/exchange and replay protections, better DTLS early-data handling. (PR 9387, 9253, 9205, 9367)
+* Improved X.509 & cert handling: allow larger pathLen in Basic Constraints, restore inner server name for ECH, retrying cert candidate chains. (PR 8890, 9234, 8692)
+* Sniffer robustness: fix infinite recursion, better handling of OOO appData and partial overlaps, and improved retransmission detection. (PR 9051, 9106, 9140, 9094)
+* Numerous linuxkm (kernel-mode) fixes, relocation/PIE normalization, and FIPS-related build tweaks across many iterations. (PR 9025, 9035, 9067, 9111, 9121)
+* ML-KEM/Kyber and ML-DSA fixes for out-of-bounds and seed-import correctness; multiple ML-related safety fixes. (PR 9142, 9105, 9439)
+* Avoid uninitialized-variable and GCC warnings; several fixes for undefined-shift/overflow issues. (PR 9020, 9372, 9195)
+* Memory & leak fixes in X509 verification and various struct sizing fixes for WOLFSSL_NO_MALLOC usage. (PR 9258, 9036)
+* Fixed RSA / signing / verify-only warnings allowing WOLFSSL_NO_CT_OPS when WOLFSSL_RSA_VERIFY_ONLY is used and API cleanups for using const. (PR 9031, 9263)
 
 For additional vulnerability information visit the vulnerability page at:
 https://www.wolfssl.com/docs/security-vulnerabilities/

SCRIPTS-LIST

@@ -11,8 +11,6 @@ fips-hash.sh - updates the verifyCore hash in fips_test.c
 fips-check.sh - checks if current wolfSSL version works against FIPS wolfCrypt
                 comment out last line to leave working directory
 
-async-check.sh - internal script for validating wolfSSL Async using the simulator.
-
 gencertbuf.pl - creates certs_test.h, our certs / keys C array for easy non
                 filesystem testing
 

async-check.sh

@@ -1,104 +0,0 @@
-#!/usr/bin/env bash
-
-# This script creates symbolic links to the required asynchronous
-# file for using the asynchronous simulator and make check
-
-# Fail on any error in script
-set -e
-
-ASYNC_REPO=https://github.com/wolfSSL/wolfAsyncCrypt.git
-ASYNC_DIR=${ASYNC_DIR:-wolfAsyncCrypt}
-
-function Usage() {
-    printf "Usage: $0 [install|uninstall|test|remove]\n"
-    printf "\tinstall   - get and set up links to wolfAsyncCrypt files\n"
-    printf "\tuninstall - remove the links to wolfAsyncCrypt\n"
-    printf "\ttest      - install and run 'make check'\n"
-    printf "\tremove    - uninstall and remove wolfAsyncCrypt\n"
-}
-
-function UnlinkFiles() {
-    unlink ./wolfcrypt/src/async.c
-    unlink ./wolfssl/wolfcrypt/async.h
-    unlink ./wolfcrypt/src/port/intel/quickassist.c
-    unlink ./wolfcrypt/src/port/intel/quickassist_mem.c
-    unlink ./wolfcrypt/src/port/intel/README.md
-    unlink ./wolfssl/wolfcrypt/port/intel/quickassist.h
-    unlink ./wolfssl/wolfcrypt/port/intel/quickassist_mem.h
-    unlink ./wolfcrypt/src/port/cavium/cavium_nitrox.c
-    unlink ./wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h
-    unlink ./wolfcrypt/src/port/cavium/README.md
-
-    # restore original README.md files
-    git checkout -- wolfcrypt/src/port/cavium/README.md
-    git checkout -- wolfcrypt/src/port/intel/README.md
-}
-
-function LinkFiles() {
-    # link files
-    ln -s -f ../../${ASYNC_DIR}/wolfcrypt/src/async.c ./wolfcrypt/src/async.c
-    ln -s -f ../../${ASYNC_DIR}/wolfssl/wolfcrypt/async.h ./wolfssl/wolfcrypt/async.h
-    ln -s -f ../../../../${ASYNC_DIR}/wolfcrypt/src/port/intel/quickassist.c ./wolfcrypt/src/port/intel/quickassist.c
-    ln -s -f ../../../../${ASYNC_DIR}/wolfcrypt/src/port/intel/quickassist_mem.c ./wolfcrypt/src/port/intel/quickassist_mem.c
-    ln -s -f ../../../../${ASYNC_DIR}/wolfcrypt/src/port/intel/README.md ./wolfcrypt/src/port/intel/README.md
-    ln -s -f ../../../../${ASYNC_DIR}/wolfssl/wolfcrypt/port/intel/quickassist.h ./wolfssl/wolfcrypt/port/intel/quickassist.h
-    ln -s -f ../../../../${ASYNC_DIR}/wolfssl/wolfcrypt/port/intel/quickassist_mem.h ./wolfssl/wolfcrypt/port/intel/quickassist_mem.h
-    ln -s -f ../../../../${ASYNC_DIR}/wolfcrypt/src/port/cavium/cavium_nitrox.c ./wolfcrypt/src/port/cavium/cavium_nitrox.c
-    ln -s -f ../../../../${ASYNC_DIR}/wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h ./wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h
-    ln -s -f ../../../../${ASYNC_DIR}/wolfcrypt/src/port/cavium/README.md ./wolfcrypt/src/port/cavium/README.md
-}
-
-function Install() {
-    if [ -d $ASYNC_DIR ];
-    then
-        echo "Using existing async repo"
-    else
-        # make a clone of the wolfAsyncCrypt repository
-        git clone --depth 1 $ASYNC_REPO $ASYNC_DIR
-    fi
-
-# setup auto-conf
-    ./autogen.sh
-    LinkFiles
-}
-
-function Uninstall() {
-    UnlinkFiles
-}
-
-function Test() {
-    Install
-    ./configure --enable-asynccrypt --enable-all
-    make check
-}
-
-function Remove() {
-    UnlinkFiles
-
-    rm -rf ${ASYNC_DIR}
-}
-
-if [ "$#" -gt 1 ]; then
-    Usage
-    exit 1
-fi
-
-case "x$1" in
-    "xinstall")
-        Install
-        ;;
-    "xuninstall")
-        Uninstall
-        ;;
-    "xremove")
-        Remove
-        ;;
-    "xtest")
-        Test
-        ;;
-    *)
-        Usage
-        exit 1
-        ;;
-esac
-

autogen.sh

@@ -17,7 +17,7 @@ if [ -n "$WSL_DISTRO_NAME" ]; then
 fi
 
 # if and as needed, create empty dummy versions of various files, mostly
-# associated with fips/self-test and asynccrypt:
+# associated with fips/self-test:
 
 for dir in \
         ./wolfssl/wolfcrypt/port/intel \
@@ -35,15 +35,7 @@ for file in \
         ./wolfcrypt/src/wolfcrypt_first.c \
         ./wolfcrypt/src/wolfcrypt_last.c \
         ./wolfssl/wolfcrypt/fips.h \
-        ./wolfcrypt/src/selftest.c \
-        ./wolfcrypt/src/async.c \
-        ./wolfssl/wolfcrypt/async.h \
-        ./wolfcrypt/src/port/intel/quickassist.c \
-        ./wolfcrypt/src/port/intel/quickassist_mem.c \
-        ./wolfcrypt/src/port/cavium/cavium_nitrox.c \
-        ./wolfssl/wolfcrypt/port/intel/quickassist.h \
-        ./wolfssl/wolfcrypt/port/intel/quickassist_mem.h \
-        ./wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h
+        ./wolfcrypt/src/selftest.c
 do
     if [ ! -e "$file" ]; then
         > "$file" || exit $?

bsdkm/Makefile

@@ -0,0 +1,56 @@
+# wolfssl kernel module name and source, and root dir.
+KMOD=libwolfssl
+SRCS=wolfkmod.c
+WOLFSSL_DIR=../
+
+CFLAGS+=-I${WOLFSSL_DIR}
+CFLAGS+=-DWOLFSSL_IGNORE_FILE_WARN -DHAVE_CONFIG_H -DNO_MAIN_DRIVER
+#
+# debug options
+#   verbose printing:
+#   CFLAGS+=-DWOLFSSL_BSDKM_VERBOSE_DEBUG
+#
+#   print memory mallocs / frees:
+#   CFLAGS+=-DWOLFSSL_BSDKM_MEMORY_DEBUG
+#
+CFLAGS+=$(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS)
+
+# FreeBSD make does not support GNU make's patsubst and related. Filter
+# through sed instead.
+WOLFSSL_OBJS != echo ${src_libwolfssl_la_OBJECTS} | \
+  sed 's|src_libwolfssl_la-||g' | sed 's|\.lo|.o|g' | \
+  sed 's|wolfcrypt/src/|${WOLFSSL_DIR}/wolfcrypt/src/|g'
+
+.if ${ENABLED_CRYPT_TESTS} == "yes"
+    WOLFSSL_OBJS += ${WOLFSSL_DIR}/wolfcrypt/test/test.o
+.else
+    CFLAGS+=-DNO_CRYPT_TEST
+.endif
+
+OBJS += ${WOLFSSL_OBJS}
+
+# Export no public symbols by default.
+.if !defined(BSDKM_EXPORT_SYMS)
+    EXPORT_SYMS=NO
+.else
+    EXPORT_SYMS=${BSDKM_EXPORT_SYMS}
+.endif
+
+# Default to live kernel src tree makefile at
+# /usr/src/sys/conf/kmod.mk
+.if !defined(KERNEL_ROOT)
+    SYSDIR?= /usr/src/sys
+.else
+    SYSDIR?= ${KERNEL_ROOT}
+.endif
+.include "${SYSDIR}/conf/kmod.mk"
+
+# Smooth out a few inconsistencies between FreeBSD default compiler flags
+# in /usr/src/sys/conf/kern.mk, vs wolfssl harden flags in
+# m4/ax_harden_compiler_flags.m4. E.g. some FreeBSD header files shorten
+# 64 to 32 bit, and some wolfcrypt functions cast away const.
+CFLAGS+= -Wno-unused-function
+CFLAGS+= -Wno-cast-qual
+CFLAGS+= -Wno-error=cast-qual
+CFLAGS+= -Wno-shorten-64-to-32
+CFLAGS+= -DLIBWOLFSSL_GLOBAL_EXTRA_CFLAGS="\" $(KERNEL_EXTRA_CFLAGS)\""

bsdkm/README.md

@@ -0,0 +1,102 @@
+# wolfSSL bsdkm (bsd kernel module)
+
+libwolfssl supports building as a FreeBSD kernel module (`libwolfssl.ko`).
+When loaded, wolfCrypt is made available to the rest of the kernel, allowing
+other loadable modules to link to wolfCrypt.
+
+Supported features:
+- wolfCrypt in kernel.
+- FIPS-wolfcrypt.
+
+Planned features:
+- crypto acceleration: AES-NI, AVX, etc.
+- kernel opencrypto driver registration.
+- full wolfSSL in kernel (kernel TLS).
+
+## Building and Installing
+
+Build bsdkm with:
+
+```sh
+./configure --enable-freebsdkm --enable-cryptonly && make
+```
+
+The default freebsdkm build assumes kernel source tree root at `/usr/src/sys/`.
+Use `--with-kernel-source=PATH` to configure a different path.
+
+Assuming you are targeting your native system, install with:
+
+```sh
+sudo kldload bsdkm/libwolfssl.ko
+```
+
+You should see it now:
+```sh
+kldstat -m libwolfssl
+Id  Refs Name
+509    1 libwolfssl
+```
+
+Unload with:
+```sh
+sudo kldunload libwolfssl
+```
+
+### options
+
+| freebsdkm option                 | description                              |
+| :------------------------------- | :--------------------------------------- |
+| --with-bsd-export-syms=LIST      | Export list of symbols as global. <br>. Options are 'all', 'none', or <br> comma separated list of symbols. |
+| --with-kernel-source=PATH        | Path to kernel tree root (default `/usr/src/sys`) |
+
+### FIPS
+
+Building with FIPS is largely the same, with the additional step of
+configuring a fips hash.
+
+1. Build bsdkm (the `fips_hash` here is a placeholder):
+
+```sh
+fips_hash=0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
+./configure --enable-freebsdkm --enable-cryptonly --enable-fips=v6 \
+  CFLAGS="-DWOLFCRYPT_FIPS_CORE_HASH_VALUE=$fips_hash" && make
+```
+
+2. Attempt first install. This is expected to fail, because the hash was a
+placeholder.
+```sh
+$ sudo kldload bsdkm/libwolfssl.ko
+kldload: an error occurred while loading module bsdkm/libwolfssl.ko. Please check dmesg(8) for more details.
+```
+
+3. Check dmesg output for the updated hash value (yours will be different).
+```sh
+$ dmesg | tail -n5
+In-core integrity hash check failure.
+Rebuild with "WOLFCRYPT_FIPS_CORE_HASH_VALUE=3B144A08F291DBA536324646BBD127447B8F222D29A135780E330351E0DF9F0F".
+error: wc_RunAllCast_fips failed at shutdown with return value 19
+info: libwolfssl unloaded
+module_register_init: MOD_LOAD (libwolfssl_fips, 0xffffffff842c28d0, 0) error 85
+```
+
+4. Repeat steps 1-2 with the new hash value. The load should succeed now.
+
+```
+$ kldstat -m libwolfssl_fips
+Id  Refs Name
+523    1 libwolfssl_fips
+```
+
+Unload with
+```
+sudo kldunload libwolfssl
+```
+
+On unload, the FIPS self-test will run a final time and print its status
+to system message buffer:
+
+```
+info: wolfCrypt FIPS re-self-test succeeded at unload: all algorithms re-verified.
+info: libwolfssl unloaded
+```
+

bsdkm/bsdkm_wc_port.h

@@ -0,0 +1,164 @@
+/* bsdkm_wc_port.h
+ *
+ * Copyright (C) 2006-2025 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* included by wolfssl/wolfcrypt/wc_port.h */
+
+#ifndef BSDKM_WC_PORT_H
+#define BSDKM_WC_PORT_H
+
+#ifdef WOLFSSL_BSDKM
+
+#include <sys/ctype.h>
+#include <sys/types.h>
+#include <sys/malloc.h>
+#include <sys/systm.h>
+#if !defined(SINGLE_THREADED)
+    #include <sys/mutex.h>
+#endif /* !SINGLE_THREADED */
+#ifndef CHAR_BIT
+    #include <sys/limits.h>
+#endif /* !CHAR_BIT*/
+
+#define NO_THREAD_LS
+#define NO_ATTRIBUTE_CONSTRUCTOR
+
+/* <time.h> and TIME(3) are userspace only in FreeBSD.
+ * Use a small wrapper around <sys/time.h> time_second instead. */
+#include <sys/time.h>
+static inline time_t wolfkmod_time(time_t * tloc) {
+    time_t _now = time_second;
+    if (tloc) {
+        *tloc = _now;
+    }
+    return _now;
+}
+#define XTIME wolfkmod_time
+
+/* needed to prevent wolfcrypt/src/asn.c version shadowing
+ * extern global version from /usr/src/sys/sys/systm.h */
+#define version wc_version
+
+/* printf and logging defines */
+#define wc_km_printf            printf
+#define WOLFSSL_DEBUG_PRINTF_FN printf
+
+/* str and char utility functions */
+#define XATOI(s) ({                                         \
+      char * endptr = NULL;                                 \
+      long   _xatoi_ret = strtol(s, &endptr, 10);           \
+      if ((s) == endptr || *endptr != '\0') {               \
+        _xatoi_ret = 0;                                     \
+      }                                                     \
+      (int)_xatoi_ret;                                      \
+})
+
+#if !defined(XMALLOC_OVERRIDE)
+    #error bsdkm requires XMALLOC_OVERRIDE
+#endif /* !XMALLOC_OVERRIDE */
+
+/* use malloc and free from /usr/include/sys/malloc.h */
+extern struct malloc_type M_WOLFSSL[1];
+
+#if defined(WOLFSSL_BSDKM_MEMORY_DEBUG)
+    #define XMALLOC(s, h, t) ({                                              \
+        (void)(h); (void)(t);                                                \
+        void * _ptr = malloc(s, M_WOLFSSL, M_WAITOK | M_ZERO);               \
+        printf("info: malloc: %p, M_WOLFSSL, %zu\n", _ptr, (size_t) s);      \
+        (void *)_ptr;                                                        \
+    })
+
+    #define XFREE(p, h, t) ({                                                \
+        void* _xp; (void)(h); (void)(t); _xp = (p);                          \
+        printf("info: free: %p, M_WOLFSSL\n", p);                            \
+        if(_xp) free(_xp, M_WOLFSSL);                                        \
+    })
+#else
+    #define XMALLOC(s, h, t) ({                                              \
+        (void)(h); (void)(t);                                                \
+        void * _ptr = malloc(s, M_WOLFSSL, M_WAITOK | M_ZERO);               \
+        (void *)_ptr;                                                        \
+    })
+
+    #define XFREE(p, h, t) ({                                                \
+        void* _xp; (void)(h); (void)(t); _xp = (p);                          \
+        if(_xp) free(_xp, M_WOLFSSL);                                        \
+    })
+#endif /* WOLFSSL_BSDKM_DEBUG_MEMORY */
+
+#if !defined(SINGLE_THREADED)
+    #define WC_MUTEX_OPS_INLINE
+
+    /* Copied from wc_port.h */
+    #if defined(HAVE_FIPS) && !defined(WOLFSSL_API_PREFIX_MAP)
+        /* For FIPS keep the function names the same */
+        #define wc_InitMutex   InitMutex
+        #define wc_FreeMutex   FreeMutex
+        #define wc_LockMutex   LockMutex
+        #define wc_UnLockMutex UnLockMutex
+    #endif /* HAVE_FIPS */
+
+    typedef struct wolfSSL_Mutex {
+        struct mtx lock;
+    } wolfSSL_Mutex;
+
+    static __always_inline int wc_InitMutex(wolfSSL_Mutex * m)
+    {
+        mtx_init(&m->lock, "wolfssl spinlock", NULL, MTX_SPIN);
+        return 0;
+    }
+
+    static __always_inline int wc_FreeMutex(wolfSSL_Mutex * m)
+    {
+        mtx_destroy(&m->lock);
+        return 0;
+    }
+
+    static __always_inline int wc_LockMutex(wolfSSL_Mutex *m)
+    {
+        mtx_lock_spin(&m->lock);
+        return 0;
+    }
+
+    static __always_inline int wc_UnLockMutex(wolfSSL_Mutex* m)
+    {
+        mtx_unlock_spin(&m->lock);
+        return 0;
+    }
+#endif /* !SINGLE_THREADED */
+
+#if defined(WOLFSSL_HAVE_ATOMIC_H) && !defined(WOLFSSL_NO_ATOMICS)
+    #include <machine/atomic.h>
+    typedef volatile int          wolfSSL_Atomic_Int;
+    typedef volatile unsigned int wolfSSL_Atomic_Uint;
+    #define WOLFSSL_ATOMIC_INITIALIZER(x) (x)
+    #define WOLFSSL_ATOMIC_LOAD(x)  (int)atomic_load_acq_int(&(x))
+    #define WOLFSSL_ATOMIC_STORE(x, v)  atomic_store_rel_int(&(x), (v))
+    #define WOLFSSL_ATOMIC_OPS
+
+    #if defined(HAVE_FIPS)
+        /* There is no corresponding ATOMIC_INIT macro in FreeBSD.
+         * The FreeBSD equivalent is just an integer initialization. */
+        #define ATOMIC_INIT(x) (x)
+    #endif
+#endif /* WOLFSSL_HAVE_ATOMIC_H && !WOLFSSL_NO_ATOMICS */
+
+#endif /* WOLFSSL_BSDKM */
+#endif /* BSDKM_WC_PORT_H */

bsdkm/include.am

@@ -0,0 +1,9 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST += m4/ax_bsdkm.m4 \
+	      bsdkm/Makefile \
+	      bsdkm/README.md \
+	      bsdkm/wolfkmod.c \
+	      bsdkm/bsdkm_wc_port.h

bsdkm/wolfkmod.c

@@ -0,0 +1,310 @@
+/* wolfkmod.c -- wolfssl FreeBSD kernel module.
+ *
+ * Copyright (C) 2006-2025 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef WOLFSSL_BSDKM
+
+/* freebsd system includes */
+#include <sys/param.h>
+#include <sys/module.h>
+#include <sys/kernel.h>
+
+/* wolf includes */
+#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
+#ifdef WOLFCRYPT_ONLY
+    #include <wolfssl/version.h>
+#else
+    #include <wolfssl/ssl.h>
+#endif
+
+#ifdef HAVE_FIPS
+    #ifdef USE_CONTESTMUTEX
+        #error USE_CONTESTMUTEX is incompatible with WOLFSSL_BSDKM
+    #endif
+    #include <wolfssl/wolfcrypt/fips_test.h>
+#endif /* HAVE_FIPS */
+
+#if !defined(NO_CRYPT_TEST)
+    #include <wolfcrypt/test/test.h>
+#endif
+
+#include <wolfssl/wolfcrypt/random.h>
+
+MALLOC_DEFINE(M_WOLFSSL, "libwolfssl", "wolfSSL kernel memory");
+
+static int wolfkmod_init(void);
+static int wolfkmod_cleanup(void);
+static int wolfkmod_load(void);
+static int wolfkmod_unload(void);
+
+#ifdef HAVE_FIPS
+    #define WOLFKMOD_FIPS_ERR_MSG(hash) ({                                   \
+        printf("In-core integrity hash check failure.\n");                   \
+        if ((hash))                                                          \
+            printf("Rebuild with \"WOLFCRYPT_FIPS_CORE_HASH_VALUE=%s\".\n",  \
+                   hash);                                                    \
+        else                                                                 \
+            printf("error: could not compute new hash. "                     \
+                   "Contact customer support.\n");                           \
+    })
+
+    static void wolfkmod_fips_cb(int ok, int err, const char * hash)
+    {
+        if ((!ok) || (err != 0)) {
+            printf("error: libwolfssl FIPS error: %s\n",
+                   wc_GetErrorString(err));
+        }
+
+        if (err == WC_NO_ERR_TRACE(IN_CORE_FIPS_E)) {
+            WOLFKMOD_FIPS_ERR_MSG(hash);
+        }
+    }
+#endif /* HAVE_FIPS */
+
+static int wolfkmod_init(void)
+{
+    int error = 0;
+
+    #ifdef HAVE_FIPS
+    error = wolfCrypt_SetCb_fips(wolfkmod_fips_cb);
+    if (error != 0) {
+        printf("error: wolfCrypt_SetCb_fips failed: %s\n",
+               wc_GetErrorString(error));
+        return (ECANCELED);
+    }
+
+    fipsEntry();
+
+    error = wolfCrypt_GetStatus_fips();
+    if (error != 0) {
+        printf("error: wolfCrypt_GetStatus_fips failed: %d: %s\n",
+               error, wc_GetErrorString(error));
+        if (error == WC_NO_ERR_TRACE(IN_CORE_FIPS_E)) {
+            const char *newhash = wolfCrypt_GetCoreHash_fips();
+            WOLFKMOD_FIPS_ERR_MSG(newhash);
+        }
+        return (ECANCELED);
+    }
+    #endif /* HAVE_FIPS */
+
+    #ifdef WC_RNG_SEED_CB
+    error = wc_SetSeed_Cb(WC_GENERATE_SEED_DEFAULT);
+    if (error < 0) {
+        printf("error: wc_SetSeed_Cb failed: %d\n", error);
+        return (ECANCELED);
+    }
+    #endif /* WC_RNG_SEED_CB */
+
+    #ifdef WOLFCRYPT_ONLY
+    error = wolfCrypt_Init();
+    if (error != 0) {
+        printf("error: wolfCrypt_Init failed: %s\n", wc_GetErrorString(error));
+        return (ECANCELED);
+    }
+    #else
+    error = wolfSSL_Init();
+    if (error != WOLFSSL_SUCCESS) {
+        printf("error: wolfSSL_Init failed: %s\n", wc_GetErrorString(error));
+        return (ECANCELED);
+    }
+    #endif /* WOLFCRYPT_ONLY */
+
+    #ifdef HAVE_FIPS
+    error = wc_RunAllCast_fips();
+    if (error != 0) {
+        printf("error: wc_RunAllCast_fips failed with "
+               "return value %d\n", error);
+        return (ECANCELED);
+    }
+    else {
+        printf("info: FIPS 140-3 wolfCrypt-fips v%d.%d.%d%s%s startup "
+               "self-test succeeded.\n",
+    #ifdef HAVE_FIPS_VERSION_MAJOR
+            HAVE_FIPS_VERSION_MAJOR,
+    #else
+            HAVE_FIPS_VERSION,
+    #endif
+    #ifdef HAVE_FIPS_VERSION_MINOR
+            HAVE_FIPS_VERSION_MINOR,
+    #else
+            0,
+    #endif
+    #ifdef HAVE_FIPS_VERSION_PATCH
+            HAVE_FIPS_VERSION_PATCH,
+    #else
+            0,
+    #endif
+    #ifdef HAVE_FIPS_VERSION_PORT
+            "-",
+            HAVE_FIPS_VERSION_PORT
+    #else
+            "",
+            ""
+    #endif
+        );
+    }
+    #endif /* HAVE_FIPS */
+
+    return (0);
+}
+
+static int wolfkmod_cleanup(void)
+{
+    int error = 0;
+
+    #ifdef WOLFCRYPT_ONLY
+    error = wolfCrypt_Cleanup();
+    if (error != 0) {
+        printf("error: wolfCrypt_Cleanup failed: %s\n",
+               wc_GetErrorString(error));
+        return (ECANCELED);
+    }
+    #else
+    error = wolfSSL_Cleanup();
+    if (error != WOLFSSL_SUCCESS) {
+        printf("error: wolfSSL_Cleanup failed: %s\n",
+               wc_GetErrorString(error));
+        return (ECANCELED);
+    }
+    #endif /* WOLFCRYPT_ONLY */
+
+    #if defined(WOLFSSL_BSDKM_VERBOSE_DEBUG)
+    printf("info: libwolfssl " LIBWOLFSSL_VERSION_STRING
+           " cleanup complete.\n");
+    #endif /* WOLFSSL_BSDKM_VERBOSE_DEBUG */
+
+    return (0);
+}
+
+static int wolfkmod_load(void)
+{
+    int error = 0;
+
+    error = wolfkmod_init();
+    if (error != 0) {
+        return (ECANCELED);
+    }
+
+    #ifndef NO_CRYPT_TEST
+    error = wolfcrypt_test(NULL);
+    if (error != 0) {
+        printf("error: wolfcrypt test failed: %d\n", error);
+        (void)wolfkmod_cleanup();
+        return (ECANCELED);
+    }
+    printf("info: wolfCrypt self-test passed.\n");
+    #endif /* NO_CRYPT_TEST */
+
+    /**
+     * todo: register wolfcrypt algs here with crypto_get_driverid
+     * and related.
+     * */
+
+    printf("info: libwolfssl loaded\n");
+
+    return (0);
+}
+
+static int wolfkmod_unload(void)
+{
+    int error = 0;
+
+    #ifdef HAVE_FIPS
+    error = wc_RunAllCast_fips();
+    if (error != 0) {
+        printf("error: wc_RunAllCast_fips failed at shutdown with "
+               "return value %d\n", error);
+    }
+    else
+        printf("info: wolfCrypt FIPS re-self-test succeeded at unload: "
+               "all algorithms re-verified.\n");
+    #endif
+
+    error = wolfkmod_cleanup();
+
+    /**
+     * todo: unregister wolfcrypt algs here with crypto_unregister_all
+     * and related.
+     * */
+
+    if (error == 0) {
+        printf("info: libwolfssl unloaded\n");
+    }
+
+    return (error);
+}
+
+#if defined(WOLFSSL_BSDKM_VERBOSE_DEBUG)
+static const char * wolfkmod_event_to_str(modeventtype_t what)
+{
+    switch (what) {
+    case MOD_LOAD:
+        return "MOD_LOAD";
+    case MOD_UNLOAD:
+        return "MOD_UNLOAD";
+    case MOD_SHUTDOWN:
+        return "MOD_SHUTDOWN";
+    case MOD_QUIESCE:
+        return "MOD_QUIESCE";
+    }
+}
+#endif /* WOLFSSL_BSDKM_VERBOSE_DEBUG */
+
+/* see /usr/include/sys/module.h for more info. */
+static int
+wolfkmod_event(struct module * m, int what, void * arg)
+{
+    int error = 0;
+    #if defined(WOLFSSL_BSDKM_VERBOSE_DEBUG)
+    printf("info: wolfkmod_event: %s\n", wolfkmod_event_to_str(what));
+    #endif /* WOLFSSL_BSDKM_VERBOSE_DEBUG */
+
+    switch (what) {
+    case MOD_LOAD:
+        error = wolfkmod_load();
+        break;
+    case MOD_UNLOAD:
+        error = wolfkmod_unload();
+        break;
+    case MOD_SHUTDOWN:
+    case MOD_QUIESCE:
+    default:
+        error = EOPNOTSUPP;
+    }
+
+    (void)m;
+    (void)arg;
+
+    return (error);
+}
+
+static moduledata_t libwolfmod = {
+    #ifdef HAVE_FIPS
+    "libwolfssl_fips",   /* module name */
+    #else
+    "libwolfssl",   /* module name */
+    #endif /* HAVE_FIPS */
+    wolfkmod_event, /* module event handler */
+    NULL            /* extra data, unused */
+};
+
+MODULE_VERSION(libwolfssl, 1);
+DECLARE_MODULE(libwolfssl, libwolfmod, SI_SUB_DRIVERS, SI_ORDER_MIDDLE);
+#endif /* WOLFSSL_BSDKM */

certs/1024/ca-cert.pem

@@ -2,13 +2,13 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            59:52:6b:92:1a:25:8f:1b:ee:4c:51:9c:47:2f:ff:ff:9d:43:29:47
+            08:d0:2b:7a:1b:56:df:8d:65:af:8d:4a:a6:ed:f4:75:93:0b:fe:02
         Signature Algorithm: sha256WithRSAEncryption
-        Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting_1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+        Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting_1024, CN=www.wolfssl.com, emailAddress=info@wolfssl.com
         Validity
-            Not Before: Dec 18 21:25:29 2024 GMT
-            Not After : Sep 14 21:25:29 2027 GMT
-        Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting_1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+            Not Before: Nov 13 20:41:12 2025 GMT
+            Not After : Aug  9 20:41:12 2028 GMT
+        Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting_1024, CN=www.wolfssl.com, emailAddress=info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
                 Public-Key: (1024 bit)
@@ -29,7 +29,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:D3:22:8F:28:2C:E0:05:EE:D3:ED:C3:71:3D:C9:B2:36:3A:1D:BF:A8
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting_1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:59:52:6B:92:1A:25:8F:1B:EE:4C:51:9C:47:2F:FF:FF:9D:43:29:47
+                serial:08:D0:2B:7A:1B:56:DF:8D:65:AF:8D:4A:A6:ED:F4:75:93:0B:FE:02
             X509v3 Basic Constraints: 
                 CA:TRUE
             X509v3 Subject Alternative Name: 
@@ -38,20 +38,20 @@ Certificate:
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: sha256WithRSAEncryption
     Signature Value:
-        09:c6:da:fe:2a:45:83:9e:8b:66:cf:63:1f:11:cb:d9:b4:eb:
-        b0:97:3d:33:d4:b9:27:56:46:14:3c:fe:2b:b2:36:6e:38:7f:
-        08:f5:37:3c:f2:a2:6a:8a:c7:a0:be:0f:ac:dd:f4:f0:97:b3:
-        03:a6:70:48:44:fc:ef:ef:7a:c6:1a:8d:3f:19:f6:71:92:7e:
-        3a:00:95:f2:b6:57:40:77:c2:80:4e:61:f2:71:56:22:a0:1e:
-        a9:dd:5c:54:80:ad:e4:27:f2:17:20:9b:5b:89:30:6e:6a:31:
-        2a:4e:43:52:f8:8a:51:b7:ed:3a:aa:78:41:90:95:e8:40:2e:
-        66:fc
+        87:59:f3:a3:10:39:da:48:d6:31:4b:d8:eb:77:33:da:d9:a9:
+        67:34:04:e8:fe:e3:10:c6:d7:c6:58:80:d3:5c:b7:15:ad:7e:
+        18:8e:ff:2e:7e:f6:05:da:cf:7f:6a:58:d5:c2:88:84:6c:44:
+        51:0f:0a:6f:0a:bd:7e:87:6c:0d:4c:40:b5:d5:28:f3:09:c6:
+        43:7e:69:3b:c7:04:8a:f5:5f:90:a8:ed:e6:10:34:6c:fb:76:
+        32:23:fe:d1:db:c5:36:17:88:de:19:06:d2:7f:5e:56:b2:7c:
+        e2:54:48:01:ee:c1:c1:c1:92:05:34:1c:7d:9c:af:0c:ec:70:
+        39:75
 -----BEGIN CERTIFICATE-----
-MIIECTCCA3KgAwIBAgIUWVJrkholjxvuTFGcRy///51DKUcwDQYJKoZIhvcNAQEL
+MIIECTCCA3KgAwIBAgIUCNArehtW341lr41Kpu30dZML/gIwDQYJKoZIhvcNAQEL
 BQAwgZkxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDEYMBYGA1UECwwPQ29uc3VsdGluZ18x
 MDI0MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGlu
-Zm9Ad29sZnNzbC5jb20wHhcNMjQxMjE4MjEyNTI5WhcNMjcwOTE0MjEyNTI5WjCB
+Zm9Ad29sZnNzbC5jb20wHhcNMjUxMTEzMjA0MTEyWhcNMjgwODA5MjA0MTEyWjCB
 mTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt
 YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRgwFgYDVQQLDA9Db25zdWx0aW5nXzEwMjQx
 GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
@@ -63,10 +63,10 @@ Io8oLOAF7tPtw3E9ybI2Oh2/qDCB2QYDVR0jBIHRMIHOgBTTIo8oLOAF7tPtw3E9
 ybI2Oh2/qKGBn6SBnDCBmTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmEx
 EDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRgwFgYDVQQLDA9D
 b25zdWx0aW5nXzEwMjQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
-SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUWVJrkholjxvuTFGcRy///51DKUcw
+SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUCNArehtW341lr41Kpu30dZML/gIw
 DAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxlLmNvbYcEfwAAATAdBgNV
-HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADgYEACcba
-/ipFg56LZs9jHxHL2bTrsJc9M9S5J1ZGFDz+K7I2bjh/CPU3PPKiaorHoL4PrN30
-8JezA6ZwSET87+96xhqNPxn2cZJ+OgCV8rZXQHfCgE5h8nFWIqAeqd1cVICt5Cfy
-FyCbW4kwbmoxKk5DUviKUbftOqp4QZCV6EAuZvw=
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADgYEAh1nz
+oxA52kjWMUvY63cz2tmpZzQE6P7jEMbXxliA01y3Fa1+GI7/Ln72BdrPf2pY1cKI
+hGxEUQ8Kbwq9fodsDUxAtdUo8wnGQ35pO8cEivVfkKjt5hA0bPt2MiP+0dvFNheI
+3hkG0n9eVrJ84lRIAe7BwcGSBTQcfZyvDOxwOXU=
 -----END CERTIFICATE-----