Merge pull request #2165 from ejohnstown/version-update

Version Update v4.0.0

.gitignore

@@ -101,22 +101,85 @@ ecc-key.pem
 certreq.der
 certreq.pem
 pkcs7cert.der
-pkcs7signedData_RSA_SHA.der
-pkcs7signedData_RSA_SHA_noattr.der
-pkcs7signedData_RSA_SHA224.der
-pkcs7signedData_RSA_SHA256.der
-pkcs7signedData_RSA_SHA384.der
-pkcs7signedData_RSA_SHA512.der
-pkcs7signedData_ECDSA_SHA.der
-pkcs7signedData_ECDSA_SHA_noattr.der
-pkcs7signedData_ECDSA_SHA224.der
-pkcs7signedData_ECDSA_SHA256.der
-pkcs7signedData_ECDSA_SHA384.der
-pkcs7signedData_ECDSA_SHA512.der
-pkcs7envelopedDataDES3.der
+pkcs7authEnvelopedDataAES128GCM.der
+pkcs7authEnvelopedDataAES128GCM_ECDH_SHA1KDF.der
+pkcs7authEnvelopedDataAES128GCM_KEKRI.der
+pkcs7authEnvelopedDataAES128GCM_ORI.der
+pkcs7authEnvelopedDataAES128GCM_PWRI.der
+pkcs7authEnvelopedDataAES192GCM.der
+pkcs7authEnvelopedDataAES256GCM.der
+pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF.der
+pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_authAttribs.der
+pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_bothAttribs.der
+pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_fw_bothAttribs.der
+pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_unauthAttribs.der
+pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF.der
+pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF_ukm.der
+pkcs7authEnvelopedDataAES256GCM_firmwarePkgData.der
+pkcs7authEnvelopedDataAES256GCM_IANDS.der
+pkcs7authEnvelopedDataAES256GCM_SKID.der
+pkcs7compressedData_data_zlib.der
+pkcs7compressedData_firmwarePkgData_zlib.der
+pkcs7encryptedDataAES128CBC.der
+pkcs7encryptedDataAES192CBC.der
+pkcs7encryptedDataAES256CBC.der
+pkcs7encryptedDataAES256CBC_attribs.der
+pkcs7encryptedDataAES256CBC_firmwarePkgData.der
+pkcs7encryptedDataAES256CBC_multi_attribs.der
+pkcs7encryptedDataDES.der
+pkcs7encryptedDataDES3.der
 pkcs7envelopedDataAES128CBC.der
+pkcs7envelopedDataAES128CBC_ECDH_SHA1KDF.der
+pkcs7envelopedDataAES128CBC_KEKRI.der
+pkcs7envelopedDataAES128CBC_PWRI.der
+pkcs7envelopedDataAES128CBC_ORI.der
 pkcs7envelopedDataAES192CBC.der
 pkcs7envelopedDataAES256CBC.der
+pkcs7envelopedDataAES256CBC_IANDS.der
+pkcs7envelopedDataAES256CBC_SKID.der
+pkcs7envelopedDataAES256CBC_ECDH_SHA256KDF.der
+pkcs7envelopedDataAES256CBC_ECDH_SHA512KDF.der
+pkcs7envelopedDataAES256CBC_ECDH_SHA512KDF_ukm.der
+pkcs7envelopedDataDES3.der
+pkcs7signedData_ECDSA_SHA224.der
+pkcs7signedData_ECDSA_SHA256_custom_contentType.der
+pkcs7signedData_ECDSA_SHA256.der
+pkcs7signedData_ECDSA_SHA256_firmwarePkgData.der
+pkcs7signedData_ECDSA_SHA256_SKID.der
+pkcs7signedData_ECDSA_SHA384.der
+pkcs7signedData_ECDSA_SHA512.der
+pkcs7signedData_ECDSA_SHA.der
+pkcs7signedData_ECDSA_SHA_noattr.der
+pkcs7signedData_RSA_SHA224.der
+pkcs7signedData_RSA_SHA256_custom_contentType.der
+pkcs7signedData_RSA_SHA256.der
+pkcs7signedData_RSA_SHA256_firmwarePkgData.der
+pkcs7signedData_RSA_SHA256_SKID.der
+pkcs7signedData_RSA_SHA256_with_ca_cert.der
+pkcs7signedData_RSA_SHA256_detachedSig.der
+pkcs7signedData_RSA_SHA384.der
+pkcs7signedData_RSA_SHA512.der
+pkcs7signedData_RSA_SHA.der
+pkcs7signedData_RSA_SHA_noattr.der
+pkcs7signedCompressedFirmwarePkgData_ECDSA_SHA256.der
+pkcs7signedCompressedFirmwarePkgData_ECDSA_SHA256_noattr.der
+pkcs7signedCompressedFirmwarePkgData_RSA_SHA256.der
+pkcs7signedCompressedFirmwarePkgData_RSA_SHA256_noattr.der
+pkcs7signedEncryptedFirmwarePkgData_ECDSA_SHA256.der
+pkcs7signedEncryptedFirmwarePkgData_ECDSA_SHA256_noattr.der
+pkcs7signedEncryptedFirmwarePkgData_RSA_SHA256.der
+pkcs7signedEncryptedFirmwarePkgData_RSA_SHA256_noattr.der
+pkcs7signedFirmwarePkgData_ECDSA_SHA256.der
+pkcs7signedFirmwarePkgData_ECDSA_SHA256_SKID.der
+pkcs7signedFirmwarePkgData_ECDSA_SHA256_noattr.der
+pkcs7signedFirmwarePkgData_RSA_SHA256.der
+pkcs7signedFirmwarePkgData_RSA_SHA256_SKID.der
+pkcs7signedFirmwarePkgData_RSA_SHA256_noattr.der
+pkcs7signedFirmwarePkgData_RSA_SHA256_with_ca_cert.der
+pkcs7signedEncryptedCompressedFirmwarePkgData_ECDSA_SHA256.der
+pkcs7signedEncryptedCompressedFirmwarePkgData_ECDSA_SHA256_noattr.der
+pkcs7signedEncryptedCompressedFirmwarePkgData_RSA_SHA256.der
+pkcs7signedEncryptedCompressedFirmwarePkgData_RSA_SHA256_noattr.der
 diff
 sslSniffer/sslSnifferTest/tracefile.txt
 tracefile.txt
@@ -230,6 +293,8 @@ wrapper/CSharp/x64/
 .vs
 Backup
 UpgradeLog.htm
+*.aps
+*.VC.db
 
 IDE/INTIME-RTOS/Debug_*
 IDE/VS-ARM/.vs
@@ -248,3 +313,11 @@ wolfcrypt/src/port/intel/qat_test
 # Arduino Generated Files
 /IDE/ARDUINO/wolfSSL
 scripts/memtest.txt
+
+# Doxygen generated files
+doc/doxygen_warnings
+doc/html
+doc/pdf
+
+# XCODE Index
+IDE/XCODE/Index

ChangeLog.md

@@ -1,3 +1,174 @@
+# wolfSSL Release 4.0.0 (03/20/2019)
+
+Release 4.0.0 of wolfSSL embedded TLS has bug fixes and new features including:
+
+* Support for wolfCrypt FIPS v4.0.0, certificate #3389
+* FIPS Ready Initiative
+* Compatibility fixes for secure renegotiation with Chrome
+* Better size check for TLS record fragment reassembly
+* Improvements to non-blocking and handshake message retry support for DTLS
+* Improvements to OCSP with ECDSA signers
+* Added TLS server side secure renegotiation
+* Added TLS Trusted CA extension
+* Add support for the Deos Safety Critical RTOS
+* OCSP fixes for memory management and initializations
+* Fixes for EVP Cipher decryption padding checks
+* Removal of null terminators on `wolfSSL_X509_print` substrings
+* `wolfSSL_sk_ASN1_OBJCET_pop` function renamed to `wolfSSL_sk_ASN1_OBJECT_pop`
+* Adjustment to include path in compatibility layer for evp.h and objects.h
+* Fixes for decoding BER encoded PKCS7 contents
+* TLS handshake now supports using PKCS #11 for private keys
+* PKCS #11 support of HMAC, AES-CBC and random seeding/generation
+* Support for named FFDHE parameters in TLS 1.2 (RFC 7919)
+* Port to Zephyr Project
+* Move the TLS PRF to wolfCrypt.
+* Update to CMS KARI support
+* Added ESP32 WROOM support
+* Fixes and additions to the OpenSSL compatibility layer
+* Added WICED Studio Support
+* MDK CMSIS RTOS v2
+* Xcode project file update
+* Fixes for ATECC508A/ATECC608A
+* Fixes issue with CA path length for self signed root CA's
+* Fixes for Single Precision (SP) ASM when building sources directly
+* Fixes for STM32 AES GCM
+* Fixes for ECC sign with hardware to ensure the input is truncated
+* Fixes for proper detection of PKCS7 buffer overflow case
+* Fixes to handle degenerate PKCS 7 with BER encoding
+* Fixes for TLS v1.3 handling of 6144 and 8192 bit keys
+* Fixes for possible build issues with SafeRTOS
+* Added `ECC_PUBLICKEY_TYPE` to the support PEM header types
+* Added strict checking of the ECDSA signature DER encoding length
+* Added ECDSA option to limit sig/algos in client_hello to key size with
+  `USE_ECDSA_KEYSZ_HASH_ALGO`
+* Added Cortex-M support for Single Precision (SP) math
+* Added wolfCrypt RSA non-blocking time support
+* Added 16-bit compiler support using --enable-16bit option
+* Improved Arduino sketch example
+* Improved crypto callback features
+* Improved TLS benchmark tool
+* Added new wrapper for snprintf for use with certain Visual Studio builds,
+  thanks to David Parnell (Cambridge Consultants)
+
+This release of wolfSSL includes a fix for 1 security vulnerability.
+
+* Fixed a bug in tls_bench.c example test application unrelated to the crypto
+  or TLS portions of the library. (CVE-2019-6439)
+
+
+# wolfSSL Release 3.15.7 (12/26/2018)
+
+Release 3.15.7 of wolfSSL embedded TLS has bug fixes and new features including:
+
+* Support for Espressif ESP-IDF development framework
+* Fix for XCode build with iPhone simulator on i386
+* PKCS7 support for generating and verify bundles using a detached signature
+* Fix for build disabling AES-CBC and enabling opensslextra compatibility layer
+* Updates to sniffer for showing session information and handling split messages across records
+* Port update for Micrium uC/OS-III
+* Feature to adjust max fragment size post handshake when compiled with the macro WOLFSSL_ALLOW_MAX_FRAGMENT_ADJUST
+* Adding the macro NO_MULTIBYTE_PRINT for compiling out special characters that embedded devices may have problems with
+* Updates for Doxygen documentation, including PKCS #11 API and more
+* Adding Intel QuickAssist v1.7 driver support for asynchronous crypto
+* Adding Intel QuickAssist RSA key generation and SHA-3 support
+* RSA verify only (--enable-rsavfy) and RSA public only (--enable-rsapub) builds added
+* Enhancements to test cases for increased code coverage
+* Updates to VxWorks port for use with Mongoose, including updates to the OpenSSL compatibility layer
+* Yocto Project ease of use improvements along with many updates and build instructions added to the INSTALL file
+* Maximum ticket nonce size was increased to 8
+* Updating --enable-armasm build for ease of use with autotools
+* Updates to internal code checking TLS 1.3 version with a connection
+* Removing unnecessary extended master secret from ServerHello if using TLS 1.3
+* Fix for TLS v1.3 HelloRetryRequest to be sent immediately and not grouped
+
+
+
+This release of wolfSSL includes a fix for 1 security vulnerability.
+
+Medium level fix for potential cache attack with a variant of Bleichenbacher’s attack. Earlier versions of wolfSSL leaked PKCS #1 v1.5 padding information during private key decryption that could lead to a potential padding oracle attack. It is recommended that users update to the latest version of wolfSSL if they have RSA cipher suites enabled and have the potential for malicious software to be ran on the same system that is performing RSA operations. Users that have only ECC cipher suites enabled and are not performing RSA PKCS #1 v1.5 Decryption operations are not vulnerable. Also users with TLS 1.3 only connections are not vulnerable to this attack. Thanks to Eyal Ronen (Weizmann Institute), Robert Gillham (University of Adelaide), Daniel Genkin (University of Michigan), Adi Shamir (Weizmann Institute), David Wong (NCC Group), and Yuval Yarom (University of Adelaide and Data61) for the report.
+
+The paper for further reading on the attack details can be found at http://cat.eyalro.net/cat.pdf.
+
+
+See INSTALL file for build instructions.
+More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html
+
+
+# wolfSSL Release 3.15.5 (11/07/2018)
+
+Release 3.15.5 of wolfSSL embedded TLS has bug fixes and new features including:
+
+* Fixes for GCC-8 warnings with strings
+* Additional compatibility API’s added, including functions like wolfSSL_X509_CA_num and wolfSSL_PEM_read_X509_CRL
+* Fixes for OCSP use with NGINX port
+* Renamed the macro INLINE to WC_INLINE for inline functions
+* Doxygen updates and formatting for documentation generation
+* Added support for the STM32L4 with AES/SHA hardware acceleration
+* Adds checking for critical extension with certificate Auth ID and the macro WOLFSSL_ALLOW_CRIT_SKID to override the check
+* Added public key callbacks to ConfirmSignature function to expand public key callback support
+* Added ECC and Curve25519 key generation callback support
+* Fix for memory management with wolfSSL_BN_hex2bn function
+* Added support for dynamic allocation of PKCS7 structure using wc_PKCS7_New and wc_PKCS7_Free
+* Port to apache mynewt added in the directory wolfssl-3.15.5/IDE/mynewt/*
+* OCSP stapling in TLS 1.3 additions
+* Port for ASIO added with --enable-asio configure flag
+* Contiki port added with macro WOLFSSL_CONTIKI
+* Memory free optimizations with adding in earlier free’s where possible
+* Made modifications to the primality testing so that the Miller-Rabin tests check against up to 40 random numbers rather than a fixed list of small primes
+* Certificate validation time generation updated
+* Fixes for MQX classic 4.0 with IAR-EWARM
+* Fix for assembly optimized version of Curve25519
+* Make SOCKET_PEER_CLOSED_E consistent between read and write cases
+* Relocate compatibility layer functions for OpenSSH port update
+* Update to Intel® SGX port, files included by Windows version and macros defined when using WOLFSSL_SGX
+* Updates to Nucleus version supported
+* Stack size reduction with smallstack build
+* Updates to Rowley-Crossworks settings for CMSIS 4
+* Added reference STSAFE-A100 public key callbacks for TLS support
+* Added reference ATECC508A/ATECC608A public key callbacks for TLS support
+* Updated support for latest CryptoAuthLib (10/25/2018)
+* Added a wolfSSL static library project for Atollic TrueSTUDIO
+* Flag to disable AES-CBC and have only AEAD cipher suites with TLS
+* AF_ALG and cryptodev-linux crypto support added
+* Update to IO callbacks with use of WOLFSSL_BIO
+* Additional support for parsing certificate subject OIDs (businessCategory, jurisdiction of incorporation country, and jurisdiction of incorporation state)
+* Added  wc_ecc_ecport_ex and wc_export_inti API's for ECC hex string exporting
+* Updates to XCODE build with wolfSSL
+* Fix for guard on when to include sys/time.h header
+* Updates and enhancements to the GCC-ARM example
+* Fix for PKCS8 padding with encryption
+* Updates for wolfcrypt JNI wrapper
+* ALT_ECC_SIZE use with SP math
+* PIC32MZ hardware acceleration buffer alignment fixes
+* Renesas e2studio project files added
+* Renesas RX example project added
+* Fix for DH algorithm when using SP math with ARM assembly
+* Fixes and enhancements for NXP K82 support
+* Benchmark enhancements to print in CSV format and in Japanese
+* Support for PKCS#11 added with --enable-pkcs11
+* Fixes for asynchronous crypto use with TLS 1.3
+* TLS 1.3 only build, allows for disabling TLS 1.2 and earlier protocols
+* Fix for GCC warnings in function wolfSSL_ASN1_TIME_adj
+* Added --enable-asn=nocrypt for certificate only parsing support
+* Added support for parsing PIV format certificates with the function wc_ParseCertPIV and macro WOLFSSL_CERT_PIV
+* Added APIs to support GZIP
+* Updates to support Lighttpd
+* Version resource added for Windows DLL builds
+* Increased code coverage with additional testing
+* Added support for constructed OCTET_STRING with PKCS#7 signed data
+* Added DTLS either (server/client) side initialization setting
+* Minor fixes for building with MINGW32 compiler
+* Added support for generic ECC PEM header/footer with PKCS8 parsing
+* Added Japanese output to example server and client with “-1 1” flag
+* Added USE_ECDSA_KEYSZ_HASH_ALGO macro for building to use digest sizes that match ephemeral key size
+* Expand PKCS#7 CMS support with KEKRI, PWRI and ORI
+* Streaming capability for PKCS#7 decoding and sign verify added
+
+
+See INSTALL file for build instructions.
+More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html
+
+
 # wolfSSL Release 3.15.3 (6/20/2018)
 
 Release 3.15.3 of wolfSSL embedded TLS has bug fixes and new features including:

IDE/ARDUINO/README.md

@@ -16,11 +16,13 @@ wolfssl/IDE/ARDUINO directory:
 Step 2: Edit `<wolfssl-root>/IDE/ARDUINO/wolfSSL/wolfssl/wolfcrypt/settings.h` uncomment the define for `WOLFSSL_ARDUINO`
 If building for Intel Galileo platform also uncomment the define for `INTEL_GALILEO`.
 
-#####Including wolfSSL in Arduino Libraries (for Arduino version 1.6.6)
+##### Including wolfSSL in Arduino Libraries (for Arduino version 1.6.6)
 
 1. In the Arduino IDE:
     - In `Sketch -> Include Library -> Add .ZIP Library...` and choose the
         `IDE/ARDUNIO/wolfSSL` folder.
     - In `Sketch -> Include Library` choose wolfSSL.
 
-An example wolfSSL client INO sketch exists here: `sketches/wolfssl_client/wolfssl_client.ino`
+2. Open an example Arduino sketch for wolfSSL:
+	- wolfSSL Client INO sketch: `sketches/wolfssl_client/wolfssl_client.ino`
+	- wolfSSL Server INO sketch: `sketches/wolfssl_server/wolfssl_server.ino`

IDE/ARDUINO/include.am

@@ -4,5 +4,5 @@
 
 EXTRA_DIST+= IDE/ARDUINO/README.md
 EXTRA_DIST+= IDE/ARDUINO/sketches/wolfssl_client/wolfssl_client.ino
+EXTRA_DIST+= IDE/ARDUINO/sketches/wolfssl_server/wolfssl_server.ino
 EXTRA_DIST+= IDE/ARDUINO/wolfssl-arduino.sh
-

IDE/ARDUINO/sketches/wolfssl_client/wolfssl_client.ino

@@ -1,6 +1,6 @@
 /* wolfssl_client.ino
  *
- * Copyright (C) 2006-2018 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -25,7 +25,7 @@
 #include <Ethernet.h>
 
 const char host[] = "192.168.1.148"; // server to connect to
-int port = 11111; // port on server to connect to
+const int port = 11111; // port on server to connect to
 
 int EthernetSend(WOLFSSL* ssl, char* msg, int sz, void* ctx);
 int EthernetReceive(WOLFSSL* ssl, char* reply, int sz, void* ctx);
@@ -33,11 +33,12 @@ int reconnect = 10;
 
 EthernetClient client;
 
-WOLFSSL_CTX* ctx = 0;
-WOLFSSL* ssl = 0;
-WOLFSSL_METHOD* method = 0;
+WOLFSSL_CTX* ctx = NULL;
+WOLFSSL* ssl = NULL;
 
 void setup() {
+  WOLFSSL_METHOD* method;
+
   Serial.begin(9600);
 
   method = wolfTLSv1_2_client_method();
@@ -79,65 +80,76 @@ int EthernetReceive(WOLFSSL* ssl, char* reply, int sz, void* ctx) {
 void loop() {
   int err            = 0;
   int input          = 0;
-  int sent           = 0;
   int total_input    = 0;
   char msg[32]       = "hello wolfssl!";
   int msgSz          = (int)strlen(msg);
   char errBuf[80];
   char reply[80];
-  WOLFSSL_CIPHER* cipher;
+  const char* cipherName;
     
   if (reconnect) {
     reconnect--;
+    
     if (client.connect(host, port)) {
 
       Serial.print("Connected to ");
       Serial.println(host);
+
       ssl = wolfSSL_new(ctx);
       if (ssl == NULL) {
+        Serial.println("Unable to allocate SSL object");
+        return;
+      }
+
+      err = wolfSSL_connect(ssl);
+      if (err != WOLFSSL_SUCCESS) {
         err = wolfSSL_get_error(ssl, 0);
         wolfSSL_ERR_error_string(err, errBuf);
-        Serial.print("Unable to get SSL object. Error = ");
+        Serial.print("TLS Connect Error: ");
         Serial.println(errBuf);
       }
-      
+
       Serial.print("SSL version is ");
       Serial.println(wolfSSL_get_version(ssl));
       
-
-      
-      if ((wolfSSL_write(ssl, msg, strlen(msg))) == msgSz) {
-      cipher = wolfSSL_get_current_cipher(ssl);
+      cipherName = wolfSSL_get_cipher(ssl);
       Serial.print("SSL cipher suite is ");
-      Serial.println(wolfSSL_CIPHER_get_name(cipher));                
+      Serial.println(cipherName);
+
+      if ((wolfSSL_write(ssl, msg, msgSz)) == msgSz) {
+        
         Serial.print("Server response: ");
         while (client.available() || wolfSSL_pending(ssl)) {
           input = wolfSSL_read(ssl, reply, sizeof(reply) - 1);
           total_input += input;
-          if ( input > 0 ) {
-            reply[input] = '\0';
-            Serial.print(reply);
-          } else if (input < 0) {
+          if (input < 0) {
             err = wolfSSL_get_error(ssl, 0);
             wolfSSL_ERR_error_string(err, errBuf);
-            Serial.print("wolfSSL_read failed. Error: ");
+            Serial.print("TLS Read Error: ");
             Serial.println(errBuf);
+            break;
+          } else if (input > 0) {
+            reply[input] = '\0';
+            Serial.print(reply);
           } else {
             Serial.println();
           }
         } 
       } else {
-        Serial.println("SSL_write failed");
+        err = wolfSSL_get_error(ssl, 0);
+        wolfSSL_ERR_error_string(err, errBuf);
+        Serial.print("TLS Write Error: ");
+        Serial.println(errBuf);
       }
       
-      if (ssl != NULL) 
-        wolfSSL_free(ssl);
+      wolfSSL_shutdown(ssl);
+      wolfSSL_free(ssl);
 
       client.stop();
       Serial.println("Connection complete.");
       reconnect = 0;
     } else {
-      Serial.println("Trying to reconnect...");       
+      Serial.println("Trying to reconnect...");
     }
   }
   delay(1000);

IDE/ARDUINO/sketches/wolfssl_server/wolfssl_server.ino

@@ -0,0 +1,176 @@
+/* wolfssl_server.ino
+ *
+ * Copyright (C) 2006-2019 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+#include <wolfssl.h>
+#include <wolfssl/ssl.h>
+#include <Ethernet.h>
+
+#define USE_CERT_BUFFERS_256
+#include <wolfssl/certs_test.h>
+
+#ifdef NO_WOLFSSL_SERVER
+  #error Please undefine NO_WOLFSSL_SERVER for this example
+#endif
+
+const int port = 11111; // port to listen on
+
+int EthernetSend(WOLFSSL* ssl, char* msg, int sz, void* ctx);
+int EthernetReceive(WOLFSSL* ssl, char* reply, int sz, void* ctx);
+
+EthernetServer server(port);
+EthernetClient client;
+
+WOLFSSL_CTX* ctx = NULL;
+WOLFSSL* ssl = NULL;
+
+void setup() {
+  int err;
+  WOLFSSL_METHOD* method;
+
+  Serial.begin(9600);
+
+  method = wolfTLSv1_2_server_method();
+  if (method == NULL) {
+    Serial.println("unable to get method");
+    return;
+  }
+  ctx = wolfSSL_CTX_new(method);
+  if (ctx == NULL) {
+    Serial.println("unable to get ctx");
+    return;
+  }
+
+  // initialize wolfSSL using callback functions
+  wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
+  wolfSSL_SetIOSend(ctx, EthernetSend);
+  wolfSSL_SetIORecv(ctx, EthernetReceive);
+
+  // setup the private key and certificate
+  err = wolfSSL_CTX_use_PrivateKey_buffer(ctx, ecc_key_der_256, 
+    sizeof_ecc_key_der_256, WOLFSSL_FILETYPE_ASN1);
+  if (err != WOLFSSL_SUCCESS) {
+    Serial.println("error setting key");
+    return;
+  }
+  err = wolfSSL_CTX_use_certificate_buffer(ctx, serv_ecc_der_256, 
+    sizeof_serv_ecc_der_256, WOLFSSL_FILETYPE_ASN1);
+  if (err != WOLFSSL_SUCCESS) {
+    Serial.println("error setting certificate");
+    return;
+  }
+
+  // Start the server
+  server.begin();
+  
+  return;
+}
+
+int EthernetSend(WOLFSSL* ssl, char* msg, int sz, void* ctx) {
+  int sent = 0;
+
+  sent = client.write((byte*)msg, sz);
+
+  return sent;
+}
+
+int EthernetReceive(WOLFSSL* ssl, char* reply, int sz, void* ctx) {
+  int ret = 0;
+
+  while (client.available() > 0 && ret < sz) {
+    reply[ret++] = client.read();
+  }
+
+  return ret;
+}
+
+void loop() {
+  int err = 0;
+  int input = 0;
+  char errBuf[80];
+  char reply[80];
+  int replySz = 0;
+  const char* cipherName;
+
+  // Listen for incoming client requests.
+  client = server.available();
+  if (!client) {
+    return;
+  }
+
+  if (client.connected()) {
+
+    Serial.println("Client connected");
+
+    ssl = wolfSSL_new(ctx);
+    if (ssl == NULL) {
+      Serial.println("Unable to allocate SSL object");
+      return;
+    }
+
+    err = wolfSSL_accept(ssl);
+    if (err != WOLFSSL_SUCCESS) {
+      err = wolfSSL_get_error(ssl, 0);
+      wolfSSL_ERR_error_string(err, errBuf);
+      Serial.print("TLS Accept Error: ");
+      Serial.println(errBuf);
+    }
+
+    Serial.print("SSL version is ");
+    Serial.println(wolfSSL_get_version(ssl));
+    
+    cipherName = wolfSSL_get_cipher(ssl);
+    Serial.print("SSL cipher suite is ");
+    Serial.println(cipherName);
+
+    Serial.print("Server Read: ");
+    while (client.available() || wolfSSL_pending(ssl)) {
+      input = wolfSSL_read(ssl, reply, sizeof(reply) - 1);
+      if (input < 0) {
+        err = wolfSSL_get_error(ssl, 0);
+        wolfSSL_ERR_error_string(err, errBuf);
+        Serial.print("TLS Read Error: ");
+        Serial.println(errBuf);
+        break;
+      } else if (input > 0) {
+        replySz = input;
+        reply[input] = '\0';
+        Serial.print(reply);
+      } else {
+        Serial.println();
+      }
+    }
+
+    // echo data
+    if ((wolfSSL_write(ssl, reply, replySz)) != replySz) {
+      err = wolfSSL_get_error(ssl, 0);
+      wolfSSL_ERR_error_string(err, errBuf);
+      Serial.print("TLS Write Error: ");
+      Serial.println(errBuf);
+    }
+    
+    wolfSSL_shutdown(ssl);
+    wolfSSL_free(ssl);
+  }
+
+  client.stop();
+  Serial.println("Connection complete");
+}

IDE/ECLIPSE/DEOS/README.md

@@ -0,0 +1,225 @@
+
+
+# Deos Port
+## Overview
+You can enable the wolfSSL support for Deos RTOS available [here](https://www.ddci.com/products_deos_do_178c_arinc_653/) using the `#define WOLFSSL_DEOS`.
+Deos is a time & space partitioned, multi-core enabled, DO-178C DAL A certifiable RTOS.
+## Usage
+
+You can start with your OpenArbor IDE-based example project for Deos with the network stack (lwip) to integrate wolfSSL source code.
+
+wolfSSL supports a compile-time user configurable options in the `IDE/ECLIPSE/DEOS/user_settings.h` file.
+
+The `tls_wolfssl.c` example application provides a simple function to run the selected examples at compile time through the following four #defines in user_settings.h. You can undefine any of these macro options to run a test.
+```
+       1. #undef NO_CRYPT_TEST
+       2. #undef NO_CRYPT_BENCHMARK
+       3. #undef NO_WOLFSSL_CLIENT
+       4. #undef NO_WOLFSSL_SERVER
+```
+Do one of the following steps for building and running wolfSSL with the Deos kernel examples, which are included in the DDS release:
+If you want to create a project from scratch, skip the Importing the project section and follow the steps in the other sections.
+
+If you want to use an pre-configured example project, go to the Importing the project section, skip the other sections and follow the Building and Running section.
+
+#### Importing the project
+In this section you will import a pre-configured example project.
+1. Launch the OpenArbor IDE as an administrator
+2. In the Workspace Launcher dialog, in the Workspace field, enter your
+workspace
+3. Right-click in the Project Explorer view and select Import
+4. In the Import dialog, select General > Existing Projects into Workspace, then click Next.
+5. In the Import Projects dialog, select Select archive file, then browse to `IDE/ECLIPSE/DEOS/` and double-click `deosWolfssl.zip` file
+6. In the Import Projects dialog, click Finish
+
+
+#### Setting up a Deos project with wolfSSL
+ 1. Download the wolfSSL source code or a zip file from GitHub. You can remove all of the files except for these folders and its contents. The top folder for this example is wolfsslPort.
+```
+wolfsslPort
+      |-- IDE
+          | -- ECLIPSE
+               | -- DEOS
+      |-- src
+      |-- wolfcrypt
+          | -- benchmark
+          | -- src
+          | -- test
+      |-- wolfssl
+          |-- openssl
+          |-- wolfcrypt
+              |-- port
+```
+ 2. Remove these two platform specific assembly source files:
+    -   wolfsslPort/wolfcrypt/src/aes_asm.asm
+    -   wolfsslPort/wolfcrypt/src/aes_asm.S
+
+ 3. Launch the OpenArbor IDE as an administrator
+ 4. Create a DDC-I Deos example project. In the main menu, go to File >DDC-I Deos example project > socket > udp-vs-tcp
+ 5. Import the `wolfSSLPort` source code into your project.
+    -   Right-click the ` udp-vs-tcp` project and choose File -> Import.
+    -   Expand the General folder and select File System, then click Next. You should now see the Import File system dialog.
+    -   Browse to the location containing the wolfSSL code and choose OK. Select the `wolfsslPort` folder and check the `Create top-level folder` button, then select Finish. You should see the folder hierarchy the same as wolfSSL folder structures.
+6. Review the configuration in $(PROJECT_DIR)/wolfsslPort/IDE/ECLIPSE/DEOS/user_setting.h
+
+7.  Review the custom malloc/realloc/free configuration $(PROJECT_DIR)/wolfsslPort/IDE/ECLIPSE/DEOS/deos_malloc.c . Memory allocated with malloc() is never freed.
+
+#### Configuring the Deos Project
+ 1. Customize your config/udp-vs-tcp.pd.xml with the following changes:
+```
+<processTemplate
+     mutexQuota = "5"
+   >
+
+   <logicalMemoryPools>
+           pagesNeeded = "500"
+      ></pool>
+   </logicalMemoryPools>
+
+   <threadTemplate
+      stackSizeInPages = "20"
+    ></threadTemplate>
+
+   <mutexTemplates>
+      <mutexTemplate
+           name = "protectWolfSSLTemp"
+           lockTimeInUsec = "40"
+           priority = "fastest"
+      ></mutexTemplate>
+   </mutexTemplates>
+
+</processTemplate>
+```
+Depending on your configuration, wolfSSL uses upto four mutexes. You also need to configure enough memory for the stack of each threads and the process logical memory pool.
+
+
+ 2. Right click on the `udp-vs-tcp` project, select properties and add the following macros in the DDC-I Options > C Compile > Preprocessor
+      -   DEOS_ALLOW_OBSOLETE_DEFINITIONS
+      -   WOLFSSL_USER_SETTINGS
+ 3.  Add the following directory paths in the DDC-I Options > C Compile > Directories and in the DDC-I Options > C++ Compile > Directories
+      -   $(PROJECT_DIR)/wolfsslPort
+      -   $(PROJECT_DIR)/wolfsslPort/wolfssl
+      -   $(PROJECT_DIR)/wolfsslPort/IDE/ECLIPSE/DEOS
+      -   $(PROJECT_DIR.printx)/code
+ 4.  Change the optimization level in the DDC-I Options > C Compile > Code Generation > Optimization level:g
+      -   g
+ 5.  Add the following library dependencies in the DDC-I Options > Deos > Dependencies
+      -   math
+      -   dart
+      -   ansi
+      -   printx
+          - You must add printx into your workspace, File >DDC-I Deos example project > training > printx
+ 6.  Edit $(PROJECT_DIR)/wolfsslPort/IDE/ECLIPSE/DEOS/user_setting.h to customize your configuration. For example, you can undef or define these tests.
+      -   #undef NO_CRYPT_TEST
+      -   #undef NO_CRYPT_BENCHMARK
+      -   #undef NO_WOLFSSL_CLIENT
+      -   #undef NO_WOLFSSL_SERVER
+ 7.  Edit your application source file where main() thread is defined and add the following:
+      -   #include "printx.h"
+      -   #include "tls_wolfssl.h"
+      -   and a call to `wolfsslRunTests()`
+Here's an example:
+```
+#include <deos.h>
+#include <printx.h>
+#include <tls_wolfssl.h>
+#include <user_settings.h>
+
+int main(void)
+{
+  initPrintx("");
+  printf("TLS wolfssl example!\n");
+
+  (void) waitUntilNextPeriod();
+   wolfsslRunTests();
+
+  deleteThread(currentThreadHandle());
+}
+
+```
+ 8.  Review $(PROJECT_DIR)/udp-vs-tcp/mailbox-transport.config configuration.
+```
+transportConfigurationId
+2                              # Client thread quota - for client and server TCP
+2                              # Client connection quota - one for client and one for server
+0                              # Server startup quota
+0                              # Server connection quota
+transportMemoryObject          # Name of memory object used for managing connections
+/
+
+connectionId1                  # TCP client connection
+Network                        # Server process name
+defaultMailbox                 # Server connection request mailbox name
+0                              # Server connection mailbox queue size (unused by Network process)
+userServiceThread              # Server thread template name
+*                              # Error timeout
+1                              # Client connection mailbox queue size
+/
+
+connectionId2                  # TCP connection
+Network                        # Server process name
+defaultMailbox                 # Server connection request mailbox name
+0                              # Server connection mailbox queue size (unused by Network process)
+userServiceThread              # Server thread template name
+*                              # Error timeout
+1                              # Client connection mailbox queue size
+/
+```
+
+   #### Building and Running
+ 1.  Build your project, then load and run your image on a target platform. Review the test results on the console output.
+
+
+### `wolfcrypt_test()`
+wolfcrypt_test() prints a message on the target console similar to the following output:
+```
+error    test passed!
+base64   test passed!
+asn      test passed!
+...
+```
+This example doesn't show the whole output.
+
+### `benchmark_test()`
+benchmark_test() prints a message on the target console similar to the following output.
+
+```
+------------------------------------------------------------------------------
+ wolfSSL version 3.15.5
+------------------------------------------------------------------------------
+wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
+RNG               225 KB tooks 1.026 seconds,  219.313 KB/s
+AES-128-CBC-enc    250 KB toks 1.105 seconds  226.210 KB/s
+AES-128-CBC-dec    225 KB tooks 1.005 seconds,  223.922 KB/s
+...
+```
+This example doesn't show the whole output.
+
+### `wolfssl_client_test()`
+
+You can modify the `TCP_SERVER_IP_ADDR` and `TCP_SERVER_PORT` macros in the `tls_wolfssl.c` file to configure the host address and port. You will also need to define the server certificate. The example client uses the GET request to get a web resource from the server at https://google.com.
+
+### `wolfssl_server_test()`
+
+You can modify the `TLS_SERVER_PORT` in the `tls_wolfssl.c` file to configure the port number to listen on a local-host.
+Once you start the TLS server and `Listening for client connection` displays on the serial console, the server is ready to accept client connections.
+
+You can connect to the server using the wolfssl TLS client example from your Linux or Windows host as follows:
+```
+$ ./examples/client/client.exe -h TLS_SERVER_IP_ADDRESS
+
+The client outputs messages similar to the following:
+
+SSL version is TLSv1.2
+SSL cipher suite is TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+SSL curve name is SECP256R1
+I hear ya fa shizzle!
+```
+
+## References
+
+The test results were collected from the qemu-x86 reference platform target with the following software and tool chains:
+- OpenArbor, eclipse based IDE, toolVersion = "3.31.0"
+- wolfssl [latest version](https://github.com/wolfSSL/wolfssl)
+
+For more information or questions, please email [support@wolfssl.com](mailto:support@wolfssl.com)

IDE/ECLIPSE/DEOS/deos_malloc.c

@@ -0,0 +1,108 @@
+/* deos_malloc.c
+ *
+ * Copyright (C) 2006-2019 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/ssl.h>
+
+#define ROUND_UP(x, align)  (((int) (x) + (align - 1)) & ~(align - 1))
+#define SIZEOF_HEADER sizeof(size_t)  /* tracks size of allocated block */
+
+#define HEAP_SIZE_MAX   (1*1024*1024)
+
+static size_t allocatedMemory = 0;
+
+size_t getMemAllocatedSize_deos(size_t* size){
+
+    if (size)
+        *size = allocatedMemory;
+
+    return allocatedMemory;
+}
+
+/* Simply returns without freeing any memory. */
+
+void free_deos(void *ptr) {
+    //printf("fake free_deos()\n");
+    return;
+}
+
+void *realloc_deos(void *ptr, size_t size) {
+    void *newptr;
+
+    if (size == 0)
+        return ptr;
+    newptr = malloc_deos(size);
+
+    if (ptr != NULL && newptr != NULL) {
+
+        if ( *((char *)ptr - SIZEOF_HEADER) < *((char *)newptr - SIZEOF_HEADER))
+            size = *((char *)ptr - SIZEOF_HEADER);
+
+        XMEMCPY((char *) newptr, (const char *) ptr, size);
+        free_deos(ptr);
+    }
+
+    return newptr;
+}
+
+void *malloc_deos(size_t size) {
+    PDEOS_SYSTEM_INFO systemInfoPtr;
+    static VirtualAddressTYP heapAddr = NULL;
+    static VirtualAddressTYP freeAddr = NULL;
+    VirtualAddressTYP retAddr = NULL;
+    DWORD allocationSize = 0;
+    static int initialized = 0;
+
+    if (size <= 0)
+        return NULL;
+
+    if (!initialized) {
+        systemInfoPtr = (PDEOS_SYSTEM_INFO)getSystemInfoDEOS();
+        freeAddr = (VirtualAddressTYP)getNextLibraryStartAddress();
+        allocationSize = (((HEAP_SIZE_MAX - 1) / systemInfoPtr->dwPageSize) + 1) *
+                         systemInfoPtr->dwPageSize;
+
+        if (virtualAllocDEOS(freeAddr, allocationSize) != allocSuccess){
+            printf("ERROR: virtualAllocDEOS failed\n");
+            return NULL;
+        }
+
+        setNextLibraryStartAddress(freeAddr + allocationSize);
+        heapAddr = freeAddr;
+
+        initialized = 1;
+    }
+
+    size = ROUND_UP(size, sizeof(size_t));
+
+    if ((size + SIZEOF_HEADER) > (HEAP_SIZE_MAX - (freeAddr - heapAddr))){
+        printf("ERROR: malloc_deos cannot allocate from heap memory anymore\n");
+        return NULL;
+    }
+
+    *freeAddr = size;
+    freeAddr += SIZEOF_HEADER;
+    retAddr = freeAddr;
+    XMEMSET(retAddr, 0, size);
+    freeAddr += size;
+    allocatedMemory += size;
+
+    return retAddr;
+}

IDE/ECLIPSE/DEOS/include.am

@@ -0,0 +1,10 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST += \
+    IDE/ECLIPSE/DEOS/README.md \
+    IDE/ECLIPSE/DEOS/user_settings.h \
+    IDE/ECLIPSE/DEOS/tls_wolfssl.h \
+    IDE/ECLIPSE/DEOS/tls_wolfssl.c \
+    IDE/ECLIPSE/DEOS/deos_malloc.c

IDE/ECLIPSE/DEOS/tls_wolfssl.c

@@ -0,0 +1,599 @@
+/* tls_wolfssl.c
+ *
+ * Copyright (C) 2006-2019 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/ssl.h>
+#include <wolfcrypt/test/test.h>
+#include <wolfcrypt/benchmark/benchmark.h>
+#include <wolfssl/wolfcrypt/logging.h> /* to use WOLFSSL_MSG */
+#include <tls_wolfssl.h>
+
+
+int setupTransport(clientConnectionHandleType* connectionHandle,
+                   char* connectionId) {
+    int ret, error;
+    void * sendBuffer;
+    DWORD bufferSizeInBytes;
+
+    if ((ret = socketTransportInitialize("mailbox-transport.config",
+                                         "transportConfigurationId",
+                                         (DWORD)waitIndefinitely,&error)) != transportSuccess)
+        printf("Initialize 0x%x, error=%d\n", ret, error);
+
+    else if ((ret = socketTransportClientInitialize((DWORD)waitIndefinitely,
+                                                    &error)) != transportSuccess)
+        printf("ClientInitialize 0x%x, error=%d\n", ret, error);
+
+    else if ((ret = socketTransportCreateConnection(connectionId,
+                                                    (DWORD)waitIndefinitely,
+                                                    COMPATIBILITY_ID_2,
+                                                    connectionHandle,
+                                                    &sendBuffer,
+                                                    &bufferSizeInBytes,
+                                                    &error)) != transportSuccess)
+        printf("CreateConnection 0x%x, error=%d\n", ret, error);
+
+    else if ((ret = socketTransportSetConnectionForThread(currentThreadHandle(),
+                                                          *connectionHandle,
+                                                          (DWORD)waitIndefinitely,
+                                                          &error)) != transportSuccess)
+        printf("SetConnectionForThread 0x%x, error=%d\n", ret, error);
+
+    return ret;
+}
+
+#if !defined(NO_WOLFSSL_CLIENT )
+
+/* 172.217.3.174 is the IP address of https://www.google.com */
+#define TCP_SERVER_IP_ADDR "172.217.3.174"
+#define TCP_SERVER_DOMAIN_NAME "www.google.com"
+#define TCP_SERVER_PORT 443
+
+#define TX_BUF_SIZE 64
+#define RX_BUF_SIZE 1024
+
+#define TX_MSG "GET /index.html HTTP/1.0\n\n"
+#define TX_MSG_SIZE sizeof(TX_MSG)
+
+static const unsigned char google_certs_ca[]="\n\
+## Google Internet Authority G3 \n\
+-----BEGIN CERTIFICATE-----\n\
+MIIEXDCCA0SgAwIBAgINAeOpMBz8cgY4P5pTHTANBgkqhkiG9w0BAQsFADBMMSAw\n\
+HgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEGA1UEChMKR2xvYmFs\n\
+U2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xNzA2MTUwMDAwNDJaFw0yMTEy\n\
+MTUwMDAwNDJaMFQxCzAJBgNVBAYTAlVTMR4wHAYDVQQKExVHb29nbGUgVHJ1c3Qg\n\
+U2VydmljZXMxJTAjBgNVBAMTHEdvb2dsZSBJbnRlcm5ldCBBdXRob3JpdHkgRzMw\n\
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKUkvqHv/OJGuo2nIYaNVW\n\
+XQ5IWi01CXZaz6TIHLGp/lOJ+600/4hbn7vn6AAB3DVzdQOts7G5pH0rJnnOFUAK\n\
+71G4nzKMfHCGUksW/mona+Y2emJQ2N+aicwJKetPKRSIgAuPOB6Aahh8Hb2XO3h9\n\
+RUk2T0HNouB2VzxoMXlkyW7XUR5mw6JkLHnA52XDVoRTWkNty5oCINLvGmnRsJ1z\n\
+ouAqYGVQMc/7sy+/EYhALrVJEA8KbtyX+r8snwU5C1hUrwaW6MWOARa8qBpNQcWT\n\
+kaIeoYvy/sGIJEmjR0vFEwHdp1cSaWIr6/4g72n7OqXwfinu7ZYW97EfoOSQJeAz\n\
+AgMBAAGjggEzMIIBLzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUH\n\
+AwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFHfCuFCa\n\
+Z3Z2sS3ChtCDoH6mfrpLMB8GA1UdIwQYMBaAFJviB1dnHB7AagbeWbSaLd/cGYYu\n\
+MDUGCCsGAQUFBwEBBCkwJzAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AucGtpLmdv\n\
+b2cvZ3NyMjAyBgNVHR8EKzApMCegJaAjhiFodHRwOi8vY3JsLnBraS5nb29nL2dz\n\
+cjIvZ3NyMi5jcmwwPwYDVR0gBDgwNjA0BgZngQwBAgIwKjAoBggrBgEFBQcCARYc\n\
+aHR0cHM6Ly9wa2kuZ29vZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEA\n\
+HLeJluRT7bvs26gyAZ8so81trUISd7O45skDUmAge1cnxhG1P2cNmSxbWsoiCt2e\n\
+ux9LSD+PAj2LIYRFHW31/6xoic1k4tbWXkDCjir37xTTNqRAMPUyFRWSdvt+nlPq\n\
+wnb8Oa2I/maSJukcxDjNSfpDh/Bd1lZNgdd/8cLdsE3+wypufJ9uXO1iQpnh9zbu\n\
+FIwsIONGl1p3A8CgxkqI/UAih3JaGOqcpcdaCIzkBaR9uYQ1X4k2Vg5APRLouzVy\n\
+7a8IVk6wuy6pm+T7HT4LY8ibS5FEZlfAFLSW8NwsVz9SBK2Vqn1N0PIMn5xA6NZV\n\
+c7o835DLAFshEWfC7TIe3g==\n\
+-----END CERTIFICATE-----\n\
+## Google Trust Services- GlobalSign Root CA-R2\n\
+-----BEGIN CERTIFICATE-----\n\
+MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G\n\
+A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp\n\
+Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1\n\
+MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG\n\
+A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI\n\
+hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL\n\
+v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8\n\
+eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq\n\
+tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd\n\
+C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa\n\
+zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB\n\
+mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH\n\
+V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n\n\
+bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG\n\
+3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs\n\
+J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO\n\
+291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS\n\
+ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd\n\
+AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7\n\
+TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==\n\
+-----END CERTIFICATE-----\n\
+";
+
+void wolfssl_client_test(uintData_t statusPtr) {
+    int sock;
+    char rx_buf[RX_BUF_SIZE];
+    char tx_buf[TX_BUF_SIZE];
+    int ret = 0, error = 0;
+
+    sockaddr_in server_addr;
+    clientConnectionHandleType TCPclientHandle;
+
+    WOLFSSL* ssl;
+    WOLFSSL_CTX* ctx;
+
+    /* set up the mailbox transport */
+
+    if (setupTransport(&TCPclientHandle, (char*)"connectionId1") != transportSuccess){
+        printf("TCP transport set up failed \n");
+        return;
+      }
+
+    printf("Creating a network socket...\n");
+
+    sock = socket(AF_INET, SOCK_STREAM, 0);
+
+    if (sock == SOCKET_ERROR) {
+        printf("ERROR: Failed to create socket, err = %d\n", errno);
+        return;
+    }
+
+    printf("Clearing memory for server_addr struct\n");
+
+    XMEMSET((char *) &server_addr, 0u, sizeof(server_addr));
+
+    printf("Connecting to server IP address: %s, port: %d\n",
+                    TCP_SERVER_IP_ADDR, TCP_SERVER_PORT);
+
+    server_addr.sin_family = AF_INET;
+    server_addr.sin_addr = inet_addr(TCP_SERVER_IP_ADDR);
+    server_addr.sin_port = htons(TCP_SERVER_PORT);
+
+    printf("Calling connect on socket\n");
+    if (connect(sock, (sockaddr *) &server_addr, sizeof(server_addr)) < 0 ) {
+        printf("ERROR: connect, err = %d\n", errno);
+        closesocket(sock);
+        return;
+    }
+
+    #ifdef DEBUG_WOLFSSL
+        wolfSSL_Debugging_ON();
+    #endif
+
+    /* wolfSSL INIT and CTX SETUP */
+
+    wolfSSL_Init();
+
+    /* chooses the highest possible TLS version */
+
+    ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
+
+    /* SET UP NETWORK SOCKET */
+    if (ctx == 0) {
+        printf("ERROR: wolfSSL_CTX_new failed\n");
+        closesocket(sock);
+        return;
+    }
+
+    WOLFSSL_MSG("wolfSSL_CTX_new done");
+
+    wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
+
+    ret = wolfSSL_CTX_load_verify_buffer(ctx,
+                                         google_certs_ca,
+                                         sizeof(google_certs_ca),
+                                         SSL_FILETYPE_PEM);
+
+    if (ret != SSL_SUCCESS) {
+        printf("ERROR: wolfSSL_CTX_load_verify_buffer() failed\n");
+        closesocket(sock);
+        wolfSSL_CTX_free(ctx);
+        return;
+    }
+    ssl = wolfSSL_new(ctx);
+    if (ssl == NULL) {
+        printf("ERROR: wolfSSL_new() failed\n");
+        closesocket(sock);
+        wolfSSL_CTX_free(ctx);
+        return;
+    }
+
+    WOLFSSL_MSG("wolfSSL_new done");
+    ret = wolfSSL_set_fd(ssl, sock);
+    if (ret != SSL_SUCCESS) {
+        printf("ERROR: wolfSSL_set_fd() failed\n");
+        closesocket(sock);
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        return;
+    }
+    WOLFSSL_MSG("wolfSSL_set_fd done");
+    do {
+        error = 0; /* reset error */
+        ret = wolfSSL_connect(ssl);
+        if (ret != SSL_SUCCESS) {
+            error = wolfSSL_get_error(ssl, 0);
+            printf("ERROR: wolfSSL_connect() failed, err = %d\n", error);
+            if (error != SSL_ERROR_WANT_READ) {
+                closesocket(sock);
+                wolfSSL_free(ssl);
+                wolfSSL_CTX_free(ctx);
+                return;
+            }
+            /* goToSleep() for 1 sec*/
+        }
+    } while ((ret != SSL_SUCCESS) && (error == SSL_ERROR_WANT_READ));
+
+    printf("wolfSSL_connect() ok... sending GET\n");
+    XSTRNCPY(tx_buf, TX_MSG, TX_MSG_SIZE);
+    if (wolfSSL_write(ssl, tx_buf, TX_MSG_SIZE) != TX_MSG_SIZE) {
+        error = wolfSSL_get_error(ssl, 0);
+        printf("ERROR: wolfSSL_write() failed, err = %d\n", error);
+        closesocket(sock);
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        return;
+    }
+    do {
+        error = 0; /* reset error */
+        ret = wolfSSL_read(ssl, rx_buf, RX_BUF_SIZE - 1);
+        if (ret < 0) {
+            error = wolfSSL_get_error(ssl, 0);
+            if (error != SSL_ERROR_WANT_READ) {
+                printf("wolfSSL_read failed, error = %d\n", error);
+                closesocket(sock);
+                wolfSSL_free(ssl);
+                wolfSSL_CTX_free(ctx);
+                return;
+            }
+            /* goToSleep() for 1 second*/
+        } else if (ret > 0) {
+            rx_buf[ret] = 0;
+            printf("%s\n", rx_buf);
+        }
+    } while (error == SSL_ERROR_WANT_READ);
+    wolfSSL_shutdown(ssl);
+    wolfSSL_free(ssl);
+    wolfSSL_CTX_free(ctx);
+    wolfSSL_Cleanup();
+    closesocket(sock);
+    return;
+}
+
+#endif /* NO_WOLFSSL_CLIENT */
+
+#if !defined(NO_WOLFSSL_SERVER)
+
+#define TLS_SERVER_PORT 11111
+#define TX_BUF_SIZE 64
+#define RX_BUF_SIZE 1024
+#define TCP_SERVER_CONN_Q_SIZE 1
+
+/* derived from wolfSSL/certs/server-ecc.der */
+
+static const unsigned char server_ecc_der_256[] = { 0x30, 0x82, 0x03, 0x10,
+        0x30, 0x82, 0x02, 0xB5, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
+        0xEF, 0x46, 0xC7, 0xA4, 0x9B, 0xBB, 0x60, 0xD3, 0x30, 0x0A, 0x06, 0x08,
+        0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x8F, 0x31,
+        0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53,
+        0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57,
+        0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30,
+        0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74,
+        0x74, 0x6C, 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A,
+        0x0C, 0x07, 0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31, 0x0C, 0x30,
+        0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43, 0x43, 0x31,
+        0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77,
+        0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
+        0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
+        0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
+        0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E,
+        0x17, 0x0D, 0x31, 0x36, 0x30, 0x38, 0x31, 0x31, 0x32, 0x30, 0x30, 0x37,
+        0x33, 0x38, 0x5A, 0x17, 0x0D, 0x31, 0x39, 0x30, 0x35, 0x30, 0x38, 0x32,
+        0x30, 0x30, 0x37, 0x33, 0x38, 0x5A, 0x30, 0x81, 0x8F, 0x31, 0x0B, 0x30,
+        0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13,
+        0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57, 0x61, 0x73,
+        0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06,
+        0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C,
+        0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07,
+        0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31, 0x0C, 0x30, 0x0A, 0x06,
+        0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43, 0x43, 0x31, 0x18, 0x30,
+        0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E,
+        0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31,
+        0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
+        0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C,
+        0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x59, 0x30, 0x13,
+        0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A,
+        0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xBB,
+        0x33, 0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6, 0x4A, 0xA5, 0x04, 0xC3, 0x3C,
+        0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, 0xCE, 0x94, 0xEA, 0x2B, 0xFA, 0xCB,
+        0x20, 0x09, 0x39, 0x2C, 0x16, 0xE8, 0x61, 0x02, 0xE9, 0xAF, 0x4D, 0xD3,
+        0x02, 0x93, 0x9A, 0x31, 0x5B, 0x97, 0x92, 0x21, 0x7F, 0xF0, 0xCF, 0x18,
+        0xDA, 0x91, 0x11, 0x02, 0x34, 0x86, 0xE8, 0x20, 0x58, 0x33, 0x0B, 0x80,
+        0x34, 0x89, 0xD8, 0xA3, 0x81, 0xF7, 0x30, 0x81, 0xF4, 0x30, 0x1D, 0x06,
+        0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x5D, 0x5D, 0x26, 0xEF,
+        0xAC, 0x7E, 0x36, 0xF9, 0x9B, 0x76, 0x15, 0x2B, 0x4A, 0x25, 0x02, 0x23,
+        0xEF, 0xB2, 0x89, 0x30, 0x30, 0x81, 0xC4, 0x06, 0x03, 0x55, 0x1D, 0x23,
+        0x04, 0x81, 0xBC, 0x30, 0x81, 0xB9, 0x80, 0x14, 0x5D, 0x5D, 0x26, 0xEF,
+        0xAC, 0x7E, 0x36, 0xF9, 0x9B, 0x76, 0x15, 0x2B, 0x4A, 0x25, 0x02, 0x23,
+        0xEF, 0xB2, 0x89, 0x30, 0xA1, 0x81, 0x95, 0xA4, 0x81, 0x92, 0x30, 0x81,
+        0x8F, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
+        0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C,
+        0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31,
+        0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65,
+        0x61, 0x74, 0x74, 0x6C, 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55,
+        0x04, 0x0A, 0x0C, 0x07, 0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31,
+        0x0C, 0x30, 0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43,
+        0x43, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F,
+        0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E,
+        0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48,
+        0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F,
+        0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
+        0x82, 0x09, 0x00, 0xEF, 0x46, 0xC7, 0xA4, 0x9B, 0xBB, 0x60, 0xD3, 0x30,
+        0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01,
+        0xFF, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03,
+        0x02, 0x03, 0x49, 0x00, 0x30, 0x46, 0x02, 0x21, 0x00, 0xF1, 0xD0, 0xA6,
+        0x3E, 0x83, 0x33, 0x24, 0xD1, 0x7A, 0x05, 0x5F, 0x1E, 0x0E, 0xBD, 0x7D,
+        0x6B, 0x33, 0xE9, 0xF2, 0x86, 0xF3, 0xF3, 0x3D, 0xA9, 0xEF, 0x6A, 0x87,
+        0x31, 0xB3, 0xB7, 0x7E, 0x50, 0x02, 0x21, 0x00, 0xF0, 0x60, 0xDD, 0xCE,
+        0xA2, 0xDB, 0x56, 0xEC, 0xD9, 0xF4, 0xE4, 0xE3, 0x25, 0xD4, 0xB0, 0xC9,
+        0x25, 0x7D, 0xCA, 0x7A, 0x5D, 0xBA, 0xC4, 0xB2, 0xF6, 0x7D, 0x04, 0xC7,
+        0xBD, 0x62, 0xC9, 0x20 };
+
+/* derived from wolfSSL/certs/ecc-key.der */
+
+static const unsigned char ecc_key_der_256[] = { 0x30, 0x77, 0x02, 0x01, 0x01,
+        0x04, 0x20, 0x45, 0xB6, 0x69, 0x02, 0x73, 0x9C, 0x6C, 0x85, 0xA1, 0x38,
+        0x5B, 0x72, 0xE8, 0xE8, 0xC7, 0xAC, 0xC4, 0x03, 0x8D, 0x53, 0x35, 0x04,
+        0xFA, 0x6C, 0x28, 0xDC, 0x34, 0x8D, 0xE1, 0xA8, 0x09, 0x8C, 0xA0, 0x0A,
+        0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0xA1, 0x44,
+        0x03, 0x42, 0x00, 0x04, 0xBB, 0x33, 0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6,
+        0x4A, 0xA5, 0x04, 0xC3, 0x3C, 0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, 0xCE,
+        0x94, 0xEA, 0x2B, 0xFA, 0xCB, 0x20, 0x09, 0x39, 0x2C, 0x16, 0xE8, 0x61,
+        0x02, 0xE9, 0xAF, 0x4D, 0xD3, 0x02, 0x93, 0x9A, 0x31, 0x5B, 0x97, 0x92,
+        0x21, 0x7F, 0xF0, 0xCF, 0x18, 0xDA, 0x91, 0x11, 0x02, 0x34, 0x86, 0xE8,
+        0x20, 0x58, 0x33, 0x0B, 0x80, 0x34, 0x89, 0xD8 };
+
+
+void wolfssl_server_test(uintData_t statusPtr)
+{
+    int sock_listen;
+    int bindStatus;
+    int sock_req;
+    sockaddr_in socketAddr;
+    sockaddr_in server_addr;
+    int  socketAddrLen=sizeof(sockaddr);
+    char rx_buf[RX_BUF_SIZE];
+    char tx_buf[TX_BUF_SIZE];
+    unsigned  char attempt_conn;
+    clientConnectionHandleType TCPserverHandle;
+    void * sendBuffer;
+    DWORD bufferSizeInBytes;
+
+    WOLFSSL * ssl;
+    WOLFSSL_CTX * ctx;
+    int tx_buf_sz = 0, ret = 0, error = 0;
+
+    /* set up the mailbox transport */
+    /* connectionId2 is defined in the mailbox-transport.config*/
+    if (setupTransport(&TCPserverHandle, (char*)"connectionId2") != transportSuccess){
+        printf("TCP transport set up failed \n");
+        return;
+      }
+
+    /* SET UP NETWORK SOCKET */
+
+    printf("Opening network socket...\n");
+    sock_listen = socket(AF_INET, SOCK_STREAM, 0);
+    if (sock_listen == SOCKET_ERROR) {
+        printf("ERROR: socket, err = %d\n", errno);
+        return;
+    }
+
+    printf("Clearing memory for server_addr struct\n");
+    XMEMSET((char *) &server_addr, 0u, sizeof(server_addr));
+
+    printf("Setting up server_addr struct\n");
+    server_addr.sin_family = AF_INET;
+    server_addr.sin_addr = INADDR_ANY;
+    server_addr.sin_port = htons(TLS_SERVER_PORT);
+
+    bindStatus = bind(sock_listen, (sockaddr *) &server_addr, sizeof(server_addr));
+    if (bindStatus == SOCKET_ERROR) {
+       printf("ERROR: bind, err = %d\n", errno);
+       closesocket(sock_listen);
+       return;
+    }
+
+    /* wolfSSL INIT and CTX SETUP */
+
+    wolfSSL_Init();
+
+    /* chooses the highest possible TLS version */
+
+    ctx = wolfSSL_CTX_new(wolfSSLv23_server_method());
+
+    if (ctx == 0) {
+        printf("ERROR: wolfSSL_CTX_new failed\n");
+        closesocket(sock_listen);
+        return;
+    }
+    WOLFSSL_MSG("wolfSSL_CTX_new done");
+
+    ret = wolfSSL_CTX_use_certificate_buffer(ctx,
+                                             server_ecc_der_256,
+                                             sizeof(server_ecc_der_256),
+                                             SSL_FILETYPE_ASN1);
+    if (ret != SSL_SUCCESS) {
+        printf("ERROR: wolfSSL_CTX_use_certificate_buffer() failed, \
+                err = %d\n", ret);
+        closesocket(sock_listen);
+        wolfSSL_CTX_free(ctx);
+        return;
+    }
+    ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx,
+                                            ecc_key_der_256,
+                                            sizeof(ecc_key_der_256),
+                                            SSL_FILETYPE_ASN1);
+    if (ret != SSL_SUCCESS) {
+        printf("ERROR: wolfSSL_CTX_use_PrivateKey_buffer() failed\n");
+        closesocket(sock_listen);
+        wolfSSL_CTX_free(ctx);
+        return;
+    }
+    /* accept client socket connections */
+    printf("Listening for client connection\n");
+    printf("E.g, you can use ./examples/client/client.exe -h 192.168.219.100\n");
+    printf("    \n");
+
+    listen(sock_listen, TCP_SERVER_CONN_Q_SIZE);
+
+    sock_req = accept(sock_listen,
+                     (sockaddr *) &socketAddr,
+                     &socketAddrLen);
+
+    if (sock_req == -1) {
+        printf("ERROR: accept, err = %d\n", errno);
+        closesocket(sock_listen);
+        return;
+    }
+
+    printf("Got client connection! Starting TLS negotiation\n");
+
+    #ifdef DEBUG_WOLFSSL
+        wolfSSL_Debugging_ON();
+    #endif
+
+    /* set up wolfSSL session */
+    ssl = wolfSSL_new(ctx);
+    if (ssl == NULL) {
+        printf("ERROR: wolfSSL_new() failed\n");
+        closesocket(sock_req);
+        closesocket(sock_listen);
+        wolfSSL_CTX_free(ctx);
+        return;
+    }
+
+    WOLFSSL_MSG("wolfSSL_new done");
+    ret = wolfSSL_set_fd(ssl, sock_req);
+    if (ret != SSL_SUCCESS) {
+        printf("ERROR: wolfSSL_set_fd() failed\n");
+        closesocket(sock_req);
+        closesocket(sock_listen);
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        return;
+    }
+
+    WOLFSSL_MSG("wolfSSL_set_fd done");
+    do {
+        error = 0; /* reset error */
+        if (ret != SSL_SUCCESS) {
+            error = wolfSSL_get_error(ssl, 0);
+            printf("ERROR: wolfSSL_accept() failed, err = %d\n", error);
+            if (error != SSL_ERROR_WANT_READ) {
+                closesocket(sock_req);
+                closesocket(sock_listen);
+                wolfSSL_free(ssl);
+                wolfSSL_CTX_free(ctx);
+                return;
+            }
+            /* goToSleep() for 500 milli sec*/
+        }
+    } while ((ret != SSL_SUCCESS) && (error == SSL_ERROR_WANT_READ));
+
+    printf("wolfSSL_accept() ok...\n");
+
+    /* read client data */
+
+    error = 0;
+    XMEMSET(rx_buf, 0u, RX_BUF_SIZE);
+    ret = wolfSSL_read(ssl, rx_buf, RX_BUF_SIZE - 1);
+    if (ret < 0) {
+        error = wolfSSL_get_error(ssl, 0);
+        if (error != SSL_ERROR_WANT_READ) {
+            printf("wolfSSL_read failed, error = %d\n", error);
+            closesocket(sock_req);
+            closesocket(sock_listen);
+            wolfSSL_free(ssl);
+            wolfSSL_CTX_free(ctx);
+            return;
+        }
+    }
+
+    printf("AFTER wolfSSL_read() call, ret = %d\n", ret);
+    if (ret > 0) {
+        rx_buf[ret] = 0;
+        printf("Client sent: %s\n", rx_buf);
+    }
+    /* write response to client */
+    XMEMSET(tx_buf, 0u, TX_BUF_SIZE);
+    tx_buf_sz = 22;
+    XSTRNCPY(tx_buf, "I hear ya fa shizzle!\n", tx_buf_sz);
+    if (wolfSSL_write(ssl, tx_buf, tx_buf_sz) != tx_buf_sz) {
+        error = wolfSSL_get_error(ssl, 0);
+        printf("ERROR: wolfSSL_write() failed, err = %d\n", error);
+        closesocket(sock_req);
+        closesocket(sock_listen);
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        return;
+    }
+    ret = wolfSSL_shutdown(ssl);
+    if (ret == SSL_SHUTDOWN_NOT_DONE)
+        wolfSSL_shutdown(ssl);
+
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        wolfSSL_Cleanup();
+        closesocket(sock_req);
+        closesocket(sock_listen);
+    return;
+}
+
+#endif /* NO_WOLFSSL_SERVER */
+
+int  wolfsslRunTests (void)
+{
+    thread_handle_t TCPhandle;
+    threadStatus ts;
+    int ret;
+
+    #if !defined(NO_CRYPT_TEST)
+        wolfcrypt_test(NULL);
+    #endif
+    #if !defined(NO_CRYPT_BENCHMARK)
+        benchmark_test(NULL);
+    #endif
+    #if !defined(NO_WOLFSSL_CLIENT)
+        ts = createThread("TCPclient", "TCPThreadTemplate", wolfssl_client_test,
+                          0, &TCPhandle );
+        if (ts != threadSuccess) {
+            printf("Unable to create TCP client thread, %i ", (DWORD)ts);
+        }
+    #endif
+    #if !defined(NO_WOLFSSL_SERVER)
+        ts = createThread("TCPserver", "TCPThreadTemplate", wolfssl_server_test,
+                          0, &TCPhandle );
+        if (ts != threadSuccess) {
+            printf("Unable to create TCP server thread, %i ", (DWORD)ts);
+        }
+    #endif
+
+    return 0;
+}

IDE/ECLIPSE/DEOS/tls_wolfssl.h

@@ -0,0 +1,37 @@
+/* tls_wolfssl.h
+ *
+ * Copyright (C) 2006-2019 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef  __TLS_WOLFSSL_H__
+#define  __TLS_WOLFSSL_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int wolfsslRunTests(void);
+void wolfssl_client_test(uintData_t);
+void wolfssl_server_test(uintData_t);
+
+#ifdef __cplusplus
+}  /* extern "C" */
+#endif
+
+#endif /* TLS_WOLFSSL_H */

IDE/ECLIPSE/DEOS/user_settings.h

@@ -0,0 +1,112 @@
+/* user_setting.h
+ *
+ * Copyright (C) 2006-2019 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef DEOS_USER_SETTINGS_H_
+#define DEOS_USER_SETTINGS_H_
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+#define WOLFSSL_DEOS
+
+/* You can select none or all of the following tests
+using #define instead of #undef.
+By default, all four tests run*/
+
+#undef NO_CRYPT_TEST
+#undef NO_CRYPT_BENCHMARK
+#undef NO_WOLFSSL_CLIENT
+#undef NO_WOLFSSL_SERVER
+
+/* adjust CURRENT_UNIX_TIMESTAMP to seconds since Jan 01 1970. (UTC)
+You can get the current time from https://www.unixtimestamp.com/
+*/
+#define CURRENT_UNIX_TIMESTAMP 1545864916
+
+#define NO_FILESYSTEM
+#define SIZEOF_LONG_LONG 8
+
+/* prevents from including multiple definition of main() */
+#define NO_MAIN_DRIVER
+#define NO_TESTSUITE_MAIN_DRIVER
+
+/* includes certificate test buffers via header files */
+#define USE_CERT_BUFFERS_2048
+
+/*use kB instead of mB for embedded benchmarking*/
+#define BENCH_EMBEDDED
+
+#define NO_WRITE_TEMP_FILES
+
+#define HAVE_AESGCM
+#define WOLFSSL_SHA512
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define CURVE25519_SMALL
+#define HAVE_ED25519
+#define ED25519_SMALL
+
+/* TLS 1.3 */
+#if 0
+    #define WOLFSSL_TLS13
+    #define WC_RSA_PSS
+    #define HAVE_HKDF
+    #define HAVE_FFDHE_2048
+    #define HAVE_AEAD
+#endif
+
+#if 0
+
+/* You can use your own custom random generator function with
+   no input parameters and a `CUSTOM_RAND_TYPE` return type*/
+
+    #ifndef CUSTOM_RAND_GENERATE
+         #define CUSTOM_RAND_TYPE     int
+         #define CUSTOM_RAND_GENERATE yourRandGenFunc
+    #endif
+
+#endif
+
+#if 1
+    #undef  XMALLOC_OVERRIDE
+    #define XMALLOC_OVERRIDE
+    /* prototypes for user heap override functions */
+
+    #include <stddef.h>  /* for size_t */
+
+    extern void *malloc_deos(size_t size);
+    extern void  free_deos(void *ptr);
+    extern void *realloc_deos(void *ptr, size_t size);
+
+    #define XMALLOC(n, h, t)     malloc_deos(n)
+    #define XFREE(p, h, t)       free_deos(p)
+    #define XREALLOC(p, n, h, t) realloc_deos(p, n)
+
+#endif
+
+#define printf printx
+
+#ifdef __cplusplus
+    }   /* extern "C" */
+#endif
+
+#endif

IDE/ECLIPSE/MICRIUM/README.md

@@ -0,0 +1,180 @@
+
+# Micrium μC/OS-III Port
+## Overview
+You can enable the wolfSSL support for Micrium μC/OS-III RTOS available [here](http://www.micriums.com/) using the define `MICRIUM`.
+
+## Usage
+
+You can start with your IDE-based example project for Micrium uC/OS-III and uC/TCPIP stack. You must include the uC-Clk module into your project because wolfSSL uses Micrium’s Clk_GetTS_Unix () function from <clk.h> in order to authenticate the start and end dates of certificates.
+
+wolfSSL supports a compile-time user configurable options in the `IDE/ECLIPSE/MICRIUM/user_settings.h` file.
+
+The `wolfsslRunTests.c` example application provides a simple function to run the selected examples at compile time through the following four #defines in user_settings.h.
+
+```
+       1. #define WOLFSSL_WOLFCRYPT_TEST
+       2. #define WOLFSSL_BENCHMARK_TEST
+       3. #define WOLFSSL_CLIENT_TEST
+       4. #define WOLFSSL_SERVER_TEST
+
+You can define one or all of the above options.
+```
+1. Open your IDE-based example project for Micrium uC/OS-III (with the uC-Clk module) and uC/TCPIP stack.
+
+2. Create the following folder and sub-folders structures in your project.
+```
+wolfssl
+   |src
+   |wolfcrypt
+          |benchmark
+          |src
+          |test
+   |wolfssl
+          |openssl
+          |wolfcrypt
+   |exampleTLS
+```
+The folder hierarchy is the same as the wolfSSL folders with an exception of the exampleTLS folder.
+
+3. Right click on the exampleTLS folder, add or link all of the header and source files in `IDE/ECLIPSE/MICRIUM/` folder into the exampleTLS folder.
+
+4. Right click on each folders, add or link all the source code in the corresponding folder in wolfSSL.
+
+5. Remove non-C platform dependent files from your build. At the moment, only aes_asm.asm and aes_asm.s must be removed from your wolfssl/wolfcrypt/src folder.
+
+6. In your C/C++ compiler preprocessor settings, add the wolfSSL directories to your include paths.
+Here's an example of the paths that must be added.
+```
+$PROJ_DIR$\...
+$PROJ_DIR$\...\wolfcrypt
+$PROJ_DIR$\...\wolfssl
+$PROJ_DIR$\...\IDE\ECLIPSE\MICRIUM
+```
+7. In your C/C++ compiler preprocessor settings, define the WOLFSSL_USER_SETTINGS symbol to add user_settings.h file in your project.
+
+8. Add a call to `wolfsslRunTests()` from your startup task. Here's an example:
+```
+static  void  App_TaskStart (void *p_arg)
+{
+    OS_ERR  os_err;
+    ...
+    while (DEF_TRUE) {
+           wolfsslRunTests();
+           OSTimeDlyHMSM(0u, 5u, 0u, 0u,OS_OPT_TIME_HMSM_STRICT, &os_err);
+        }
+}
+```
+9. Rebuild all your project.
+
+10. Now you are ready to download and debug your image on the board.
+
+The test results below were collected from the NXP Kinetis K70 (Freescale TWR-K70F120M MCU) tower system board with the following software and tool chains:
+
+- IAR Embedded Workbench IDE - ARM 8.32.1 (IAR ELF Linker V8.32.1.169/W32 for ARM)
+
+- The starting project is based on an IAR EWARM project from Micrium download center at [micrium_twr-k70f120m-os3/](https://www.micrium.com/download/micrium_twr-k70f120m-os3/) but the K70X_FLASH.icf linker script file was slightly modified to configure the stack and heap sizes to 16KB and 20KB. The test was run on a 1 MBytes of program flash and 128 KBytes of static RAM.
+
+- wolfssl [latest version](https://github.com/wolfSSL/wolfssl)
+
+
+### `WOLFSSL_WOLFCRYPT_TEST` output of wolfcrypt_test()
+```
+error    test passed!
+base64   test passed!
+asn      test passed!
+MD5      test passed!
+MD4      test passed!
+SHA    test passed!
+SHA-256  test passed!
+SHA-512  test passed!
+Hash     test passed!
+HMAC-MD5 test passed!
+HMAC-SHA test passed!
+HAC-SHA256 test passed!
+HMAC-SHA512 test passed!
+GMC     test passed!
+HC-128   test passed!
+Rabbit   test passed!
+DS      test passed!
+DS3     test passed!
+AES      test passed!
+AES192   test passed!
+AES256   test passed!
+AES-GM  test passed!
+RANDOM   test passed!
+RSA      test passed!
+DH       test passed!
+DSA      test passed!
+PWDBASED test passed!
+ECC      test passed!
+ECC buffer test passed!
+CURVE25519 test passed!
+ED25519  test passed!
+logging  test passed!
+mutex    test passed!
+memcb    test passed!
+```
+### `WOLFSSL_BENCHMARK_TEST` output of benchmark_test()
+```
+------------------------------------------------------------------------------
+ wolfSSL version 3.15.5
+------------------------------------------------------------------------------
+wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
+RNG               225 KB tooks 1.026 seconds,  219.313 KB/s
+AES-128-CBC-enc    250 KB toks 1.105 seconds  226.210 KB/s
+AES-128-CBC-dec    225 KB tooks 1.005 seconds,  223.922 KB/s
+AES-192-CBC-enc    225 KB tooks 1.076 seconds, 209.104 KB/s
+AES-192-CBC-dec    225 KB tooks 1.077 seconds,  208.981 K/s
+AES-56-CBC-enc    200 KB tooks 1.029 seconds,  19.396 KB/s
+AES-256-CBC-dec    200 KB toks 1.022 seconds,  195.785 KB/s
+AES-128-GCM-enc    125 KB tooks 1.28 secnds,  101.70 KB/s
+AES-128-GC-dec    125 KB tooks 1.228 seconds  101.756 KB/s
+AES-192-GCM-enc    100 KB tooks 1.026 seconds,   97.493 KB/s
+AES-192-GCM-dec    100 KB tooks 1.026 seconds,   97.480 KB/s
+AES-256-GCM-enc    100 KB tooks 1.065 seconds,   93.909 KB/s
+AES-256-GC-dec    100 KB tooks 1.065 seconds,   93.897 KB/s
+RABBIT               2 MB tooks 1.011 seconds,    2.19 MB/s
+3DES              100 KB tooks 1.007 sconds,   99.312 KB/s
+MD5                  3MB tooks 1.008 seonds,    2.907 MBs
+SHA                  1 MB tooks 1.09 secnds,    1.283 MB/s
+SHA-256            575 KB tooks 1.037 seconds,  554.501 KB/s
+SHA-512            200 KB tooks 1.003 seconds,  199.444 KB/s
+HMAC-MD5            3 B tooks 1.002 seconds,   2.876 MB/s
+HMAC-SHA26        550 KB tooks 1.000 seconds,  549.95 KB//s
+HMAC-SHA512       200 KB toks 1.018 seconds,  196.452 KB/s
+RSA     2048 public          8 ops took 1.025 sec, avg 128.135 ms, 7.804 op/sec
+RSA     2048 private        2 ops took 4.972 ec, avg 2485.951 s, 0.402 ops/sec
+DH      2048 key en         2 ops took 1.927 sec, avg 96.303 ms, 1.038 op/sec
+DH     2048 agree           2ops took 1.937 sc, avg 968.578 ms, 1.032 ops/sec
+ECC      256 key gen         3 ops took 1.185 sec, avg 394.944 ms, 2.53 ops/sec
+ECDHE    256 agree           4 ops took 1.585 sec, avg 396.168 ms, 2.524 ops/sec
+ECSA    256 sign            4 ops took 1.611 sec, avg 402.865 ms, 2.482 ops/sec
+ECDSA   256verif          2 ops tok 1.586 sec, avg 793.153 ms, 1.261 opssec
+CURVE  25519 key gen         2 ops took 1.262 sec, avg 630.907 ms, 1.585 ops/sec
+CURE  25519 agree           2 ops took 1.261 sec, avg630.469 ms, 1.586 ops/sec
+ED     2519 key gen        2 ops took 1.27 sec, avg 66.099ms, 1.572 ops/sec
+ED     25519 sign            2 ops took 1.303 sec, ag 65.633 ms, 1.35 op/sec
+ED     25519 verify          2 ops took 2.674 sec, avg1337.68 ms 0.748 ops/ec
+```
+### `WOLFSSL_CLIENT_TEST` wolfssl_client_test()
+
+You can modify the `TCP_SERVER_IP_ADDR` and `TCP_SERVER_PORT` macros at top of the `client_wolfssl.c` file to configure the host address and port. You will also need the server certificate. This example uses TLS 1.2 to connect to a remote host.
+
+### `WOLFSSL_SERVER_TEST` wolfssl_server_test()
+
+You can modify the `TLS_SERVER_PORT` at top of `server_wolfssl.c` to configure the port number to listen on local-host.
+
+Once you start the TLS server and `Listening for client connection` displays on the serial console, the server is ready to accept client connections.
+
+You can connect to the server using the wolfssl TLS client example from your Linux or Windows host as follows:
+
+$ ./examples/client/client.exe -h TLS_SERVER_IP_ADDRES
+SSL version is TLSv1.2
+SSL cipher suite is TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+SSL curve name is SECP256R1
+I hear ya fa shizzle!
+
+
+## References
+
+For more information please contact info@wolfssl.com.

IDE/ECLIPSE/MICRIUM/client_wolfssl.c

@@ -0,0 +1,277 @@
+/* client_wolfssl.c
+ *
+ * Copyright (C) 2006-2019 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include  <Source/net_sock.h>
+#include  <Source/net_app.h>
+#include  <Source/net_ascii.h>
+#include  <Source/net_util.h>
+#include  <lib_str.h>
+#include  <app_cfg.h>
+
+#include  <wolfssl/ssl.h>
+#include  "client_wolfssl.h"
+
+/* 172.217.3.174 is the IP address of https://www.google.com */
+#define TCP_SERVER_IP_ADDR "172.217.3.174"
+#define TCP_SERVER_DOMAIN_NAME "www.google.com"
+#define TCP_SERVER_PORT 443
+
+#define TX_BUF_SIZE 64
+#define RX_BUF_SIZE 1024
+
+#define TX_MSG "GET /index.html HTTP/1.0\r\n\r\n"
+#define TX_MSG_SIZE sizeof(TX_MSG)
+
+static const CPU_INT08U google_certs_ca[]="\n\
+## Google Internet Authority G3 \n\
+-----BEGIN CERTIFICATE-----\n\
+MIIEXDCCA0SgAwIBAgINAeOpMBz8cgY4P5pTHTANBgkqhkiG9w0BAQsFADBMMSAw\n\
+HgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEGA1UEChMKR2xvYmFs\n\
+U2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xNzA2MTUwMDAwNDJaFw0yMTEy\n\
+MTUwMDAwNDJaMFQxCzAJBgNVBAYTAlVTMR4wHAYDVQQKExVHb29nbGUgVHJ1c3Qg\n\
+U2VydmljZXMxJTAjBgNVBAMTHEdvb2dsZSBJbnRlcm5ldCBBdXRob3JpdHkgRzMw\n\
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKUkvqHv/OJGuo2nIYaNVW\n\
+XQ5IWi01CXZaz6TIHLGp/lOJ+600/4hbn7vn6AAB3DVzdQOts7G5pH0rJnnOFUAK\n\
+71G4nzKMfHCGUksW/mona+Y2emJQ2N+aicwJKetPKRSIgAuPOB6Aahh8Hb2XO3h9\n\
+RUk2T0HNouB2VzxoMXlkyW7XUR5mw6JkLHnA52XDVoRTWkNty5oCINLvGmnRsJ1z\n\
+ouAqYGVQMc/7sy+/EYhALrVJEA8KbtyX+r8snwU5C1hUrwaW6MWOARa8qBpNQcWT\n\
+kaIeoYvy/sGIJEmjR0vFEwHdp1cSaWIr6/4g72n7OqXwfinu7ZYW97EfoOSQJeAz\n\
+AgMBAAGjggEzMIIBLzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUH\n\
+AwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFHfCuFCa\n\
+Z3Z2sS3ChtCDoH6mfrpLMB8GA1UdIwQYMBaAFJviB1dnHB7AagbeWbSaLd/cGYYu\n\
+MDUGCCsGAQUFBwEBBCkwJzAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AucGtpLmdv\n\
+b2cvZ3NyMjAyBgNVHR8EKzApMCegJaAjhiFodHRwOi8vY3JsLnBraS5nb29nL2dz\n\
+cjIvZ3NyMi5jcmwwPwYDVR0gBDgwNjA0BgZngQwBAgIwKjAoBggrBgEFBQcCARYc\n\
+aHR0cHM6Ly9wa2kuZ29vZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEA\n\
+HLeJluRT7bvs26gyAZ8so81trUISd7O45skDUmAge1cnxhG1P2cNmSxbWsoiCt2e\n\
+ux9LSD+PAj2LIYRFHW31/6xoic1k4tbWXkDCjir37xTTNqRAMPUyFRWSdvt+nlPq\n\
+wnb8Oa2I/maSJukcxDjNSfpDh/Bd1lZNgdd/8cLdsE3+wypufJ9uXO1iQpnh9zbu\n\
+FIwsIONGl1p3A8CgxkqI/UAih3JaGOqcpcdaCIzkBaR9uYQ1X4k2Vg5APRLouzVy\n\
+7a8IVk6wuy6pm+T7HT4LY8ibS5FEZlfAFLSW8NwsVz9SBK2Vqn1N0PIMn5xA6NZV\n\
+c7o835DLAFshEWfC7TIe3g==\n\
+-----END CERTIFICATE-----\n\
+## Google Trust Services- GlobalSign Root CA-R2\n\
+-----BEGIN CERTIFICATE-----\n\
+MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G\n\
+A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp\n\
+Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1\n\
+MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG\n\
+A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI\n\
+hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL\n\
+v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8\n\
+eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq\n\
+tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd\n\
+C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa\n\
+zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB\n\
+mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH\n\
+V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n\n\
+bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG\n\
+3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs\n\
+J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO\n\
+291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS\n\
+ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd\n\
+AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7\n\
+TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==\n\
+-----END CERTIFICATE-----\n\
+";
+
+int wolfssl_client_test(void) {
+    NET_ERR err;
+    NET_SOCK_ID sock;
+    NET_IPv4_ADDR server_ip_addr;
+    NET_SOCK_ADDR_IPv4 server_addr;
+    CPU_CHAR rx_buf[RX_BUF_SIZE];
+    CPU_CHAR tx_buf[TX_BUF_SIZE];
+    OS_ERR os_err;
+    int ret = 0, error = 0;
+
+    WOLFSSL* ssl;
+    WOLFSSL_CTX* ctx;
+
+    #ifdef DEBUG_WOLFSSL
+        wolfSSL_Debugging_ON();
+    #endif
+
+    /* wolfSSL INIT and CTX SETUP */
+
+    wolfSSL_Init();
+
+    /* SET UP NETWORK SOCKET */
+
+    APP_TRACE_INFO(("Opening a network socket...\r\n"));
+
+    sock = NetSock_Open(NET_SOCK_ADDR_FAMILY_IP_V4,
+                        NET_SOCK_TYPE_STREAM,
+                        NET_SOCK_PROTOCOL_TCP,
+                        &err);
+    if (err != NET_SOCK_ERR_NONE) {
+        APP_TRACE_INFO(("ERROR: NetSock_Open, err = %d\r\n", (int) err));
+        return -1;
+    }
+
+#ifdef NET_SECURE_MODULE_EN
+    APP_TRACE_INFO(("Setting the socket as secure...\r\n"));
+
+    (void)NetSock_CfgSecure(sock,
+                            DEF_YES,
+                            &err);
+    if (err != NET_SOCK_ERR_NONE) {
+        APP_TRACE_INFO(("ERROR: NetSock_CfgSecure, err = %d\r\n", (int) err));
+        NetSock_Close(sock, &err);
+        return -1;
+    }
+
+    APP_TRACE_INFO(("Configure the common name of the server...\r\n"));
+    (void)NetSock_CfgSecureClientCommonName(sock,
+                                           TCP_SERVER_DOMAIN_NAME,
+                                           &err);
+    if (err != NET_SOCK_ERR_NONE) {
+        APP_TRACE_INFO(("ERROR: NetSock_CfgSecureClientCommonName, \
+                        err = %d\r\n", (int) err));
+        NetSock_Close(sock, &err);
+        return -1;
+    }
+#endif /* NET_SECURE_MODULE_EN */
+
+    APP_TRACE_INFO(("Calling NetASCII_Str_to_IPv4...\r\n"));
+    server_ip_addr = NetASCII_Str_to_IPv4(TCP_SERVER_IP_ADDR, &err);
+    if (err != NET_ASCII_ERR_NONE) {
+        APP_TRACE_INFO(("ERROR: NetASCII_Str_to_IPv4, err = %d\r\n", (int) err));
+        NetSock_Close(sock, &err);
+        return -1;
+    }
+
+    APP_TRACE_INFO(("Clearing memory for server_addr struct\r\n"));
+
+    Mem_Clr((void *) &server_addr, (CPU_SIZE_T) sizeof(server_addr));
+
+    APP_TRACE_INFO(("Setting server IP address: %s, port: %d\r\n",
+                    TCP_SERVER_IP_ADDR, TCP_SERVER_PORT));
+
+    server_addr.AddrFamily = NET_SOCK_ADDR_FAMILY_IP_V4;
+    server_addr.Addr = NET_UTIL_HOST_TO_NET_32(server_ip_addr);
+    server_addr.Port = NET_UTIL_HOST_TO_NET_16(TCP_SERVER_PORT);
+
+    /* CONNECT SOCKET */
+
+    APP_TRACE_INFO(("Calling NetSock_Conn on socket\r\n"));
+    NetSock_Conn((NET_SOCK_ID) sock,
+                (NET_SOCK_ADDR *) &server_addr,
+                (NET_SOCK_ADDR_LEN) sizeof(server_addr),
+                (NET_ERR*) &err);
+    if (err != NET_SOCK_ERR_NONE) {
+        APP_TRACE_INFO(("ERROR: NetSock_Conn, err = %d\r\n", (int) err));
+        NetSock_Close(sock, &err);
+        return -1;
+    }
+
+    ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
+    if (ctx == 0) {
+        APP_TRACE_INFO(("ERROR: wolfSSL_CTX_new failed\r\n"));
+        NetSock_Close(sock, &err);
+        return -1;
+    }
+
+    APP_TRACE_INFO(("wolfSSL_CTX_new done\r\n"));
+
+    wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
+
+    ret = wolfSSL_CTX_load_verify_buffer(ctx,
+                                         google_certs_ca,
+                                         sizeof(google_certs_ca),
+                                         SSL_FILETYPE_PEM);
+
+    if (ret != SSL_SUCCESS) {
+        APP_TRACE_INFO(("ERROR: wolfSSL_CTX_load_verify_buffer() failed\r\n"));
+        NetSock_Close(sock, &err);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+
+    if ((ssl = wolfSSL_new(ctx)) == NULL) {
+        APP_TRACE_INFO(("ERROR: wolfSSL_new() failed\r\n"));
+        NetSock_Close(sock, &err);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+
+    APP_TRACE_INFO(("wolfSSL_new done\r\n"));
+    ret = wolfSSL_set_fd(ssl, sock);
+    if (ret != SSL_SUCCESS) {
+        APP_TRACE_INFO(("ERROR: wolfSSL_set_fd() failed\r\n"));
+        NetSock_Close(sock, &err);
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+    APP_TRACE_INFO(("wolfSSL_set_fd done\r\n"));
+    do {
+        error = 0; /* reset error */
+        ret = wolfSSL_connect(ssl);
+        if (ret != SSL_SUCCESS) {
+            error = wolfSSL_get_error(ssl, 0);
+            APP_TRACE_INFO(
+                    ("ERROR: wolfSSL_connect() failed, err = %d\r\n", error));
+            if (error != SSL_ERROR_WANT_READ) {
+                NetSock_Close(sock, &err);
+                wolfSSL_free(ssl);
+                wolfSSL_CTX_free(ctx);
+                return -1;
+            }
+            OSTimeDlyHMSM(0u, 0u, 1u, 0u, OS_OPT_TIME_HMSM_STRICT, &os_err);
+        }
+    } while ((ret != SSL_SUCCESS) && (error == SSL_ERROR_WANT_READ));
+
+    APP_TRACE_INFO(("wolfSSL_connect() ok... sending GET\r\n"));
+    Str_Copy_N(tx_buf, TX_MSG, TX_MSG_SIZE);
+    if (wolfSSL_write(ssl, tx_buf, TX_MSG_SIZE) != TX_MSG_SIZE) {
+        error = wolfSSL_get_error(ssl, 0);
+        APP_TRACE_INFO(("ERROR: wolfSSL_write() failed, err = %d\r\n", error));
+        NetSock_Close(sock, &err);
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+    do {
+        error = 0; /* reset error */
+        ret = wolfSSL_read(ssl, rx_buf, RX_BUF_SIZE - 1);
+        if (ret < 0) {
+            error = wolfSSL_get_error(ssl, 0);
+            if (error != SSL_ERROR_WANT_READ) {
+                APP_TRACE_INFO(("wolfSSL_read failed, error = %d\r\n", error));
+                NetSock_Close(sock, &err);
+                wolfSSL_free(ssl);
+                wolfSSL_CTX_free(ctx);
+                return -1;
+            }
+            OSTimeDlyHMSM(0u, 0u, 1u, 0u, OS_OPT_TIME_HMSM_STRICT, &os_err);
+        } else if (ret > 0) {
+            rx_buf[ret] = 0;
+            APP_TRACE_INFO(("%s\r\n", rx_buf));
+        }
+    } while (error == SSL_ERROR_WANT_READ);
+    wolfSSL_shutdown(ssl);
+    wolfSSL_free(ssl);
+    wolfSSL_CTX_free(ctx);
+    wolfSSL_Cleanup();
+    NetSock_Close(sock, &err);
+    return 0;
+}

IDE/ECLIPSE/MICRIUM/client_wolfssl.h

@@ -0,0 +1,35 @@
+/* client_wolfssl.h
+ *
+ * Copyright (C) 2006-2019 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef  __CLIENT_WOLFSSL_H__
+#define  __CLIENT_WOLFSSL_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int wolfssl_client_test(void);
+
+#ifdef __cplusplus
+}  /* extern "C" */
+#endif
+
+#endif /* CLIENT_WOLFSSL_H */

IDE/ECLIPSE/MICRIUM/include.am

@@ -0,0 +1,12 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST += \
+    IDE/ECLIPSE/MICRIUM/README.md \
+    IDE/ECLIPSE/MICRIUM/user_settings.h \
+    IDE/ECLIPSE/MICRIUM/client_wolfssl.h \
+    IDE/ECLIPSE/MICRIUM/server_wolfssl.h \
+    IDE/ECLIPSE/MICRIUM/client_wolfssl.c \
+    IDE/ECLIPSE/MICRIUM/server_wolfssl.c \
+    IDE/ECLIPSE/MICRIUM/wolfsslRunTests.c

IDE/ECLIPSE/MICRIUM/server_wolfssl.c

@@ -0,0 +1,335 @@
+/* server_wolfssl.c
+ *
+ * Copyright (C) 2006-2019 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include  <Source/net_sock.h>
+#include  <Source/net_app.h>
+#include  <Source/net_util.h>
+#include  <Source/net_ascii.h>
+#include  <app_cfg.h>
+
+#include  "wolfssl/ssl.h"
+#include  "server_wolfssl.h"
+
+#define TLS_SERVER_PORT 11111
+#define TX_BUF_SIZE 64
+#define RX_BUF_SIZE 1024
+#define TCP_SERVER_CONN_Q_SIZE 1
+
+/* derived from wolfSSL/certs/server-ecc.der */
+
+static const CPU_INT08U server_ecc_der_256[] = { 0x30, 0x82, 0x03, 0x10,
+        0x30, 0x82, 0x02, 0xB5, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
+        0xEF, 0x46, 0xC7, 0xA4, 0x9B, 0xBB, 0x60, 0xD3, 0x30, 0x0A, 0x06, 0x08,
+        0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x8F, 0x31,
+        0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53,
+        0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57,
+        0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30,
+        0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74,
+        0x74, 0x6C, 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A,
+        0x0C, 0x07, 0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31, 0x0C, 0x30,
+        0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43, 0x43, 0x31,
+        0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77,
+        0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
+        0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
+        0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
+        0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E,
+        0x17, 0x0D, 0x31, 0x36, 0x30, 0x38, 0x31, 0x31, 0x32, 0x30, 0x30, 0x37,
+        0x33, 0x38, 0x5A, 0x17, 0x0D, 0x31, 0x39, 0x30, 0x35, 0x30, 0x38, 0x32,
+        0x30, 0x30, 0x37, 0x33, 0x38, 0x5A, 0x30, 0x81, 0x8F, 0x31, 0x0B, 0x30,
+        0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13,
+        0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57, 0x61, 0x73,
+        0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06,
+        0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C,
+        0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07,
+        0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31, 0x0C, 0x30, 0x0A, 0x06,
+        0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43, 0x43, 0x31, 0x18, 0x30,
+        0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E,
+        0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31,
+        0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
+        0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C,
+        0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x59, 0x30, 0x13,
+        0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A,
+        0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xBB,
+        0x33, 0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6, 0x4A, 0xA5, 0x04, 0xC3, 0x3C,
+        0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, 0xCE, 0x94, 0xEA, 0x2B, 0xFA, 0xCB,
+        0x20, 0x09, 0x39, 0x2C, 0x16, 0xE8, 0x61, 0x02, 0xE9, 0xAF, 0x4D, 0xD3,
+        0x02, 0x93, 0x9A, 0x31, 0x5B, 0x97, 0x92, 0x21, 0x7F, 0xF0, 0xCF, 0x18,
+        0xDA, 0x91, 0x11, 0x02, 0x34, 0x86, 0xE8, 0x20, 0x58, 0x33, 0x0B, 0x80,
+        0x34, 0x89, 0xD8, 0xA3, 0x81, 0xF7, 0x30, 0x81, 0xF4, 0x30, 0x1D, 0x06,
+        0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x5D, 0x5D, 0x26, 0xEF,
+        0xAC, 0x7E, 0x36, 0xF9, 0x9B, 0x76, 0x15, 0x2B, 0x4A, 0x25, 0x02, 0x23,
+        0xEF, 0xB2, 0x89, 0x30, 0x30, 0x81, 0xC4, 0x06, 0x03, 0x55, 0x1D, 0x23,
+        0x04, 0x81, 0xBC, 0x30, 0x81, 0xB9, 0x80, 0x14, 0x5D, 0x5D, 0x26, 0xEF,
+        0xAC, 0x7E, 0x36, 0xF9, 0x9B, 0x76, 0x15, 0x2B, 0x4A, 0x25, 0x02, 0x23,
+        0xEF, 0xB2, 0x89, 0x30, 0xA1, 0x81, 0x95, 0xA4, 0x81, 0x92, 0x30, 0x81,
+        0x8F, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
+        0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C,
+        0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31,
+        0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65,
+        0x61, 0x74, 0x74, 0x6C, 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55,
+        0x04, 0x0A, 0x0C, 0x07, 0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31,
+        0x0C, 0x30, 0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43,
+        0x43, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F,
+        0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E,
+        0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48,
+        0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F,
+        0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
+        0x82, 0x09, 0x00, 0xEF, 0x46, 0xC7, 0xA4, 0x9B, 0xBB, 0x60, 0xD3, 0x30,
+        0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01,
+        0xFF, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03,
+        0x02, 0x03, 0x49, 0x00, 0x30, 0x46, 0x02, 0x21, 0x00, 0xF1, 0xD0, 0xA6,
+        0x3E, 0x83, 0x33, 0x24, 0xD1, 0x7A, 0x05, 0x5F, 0x1E, 0x0E, 0xBD, 0x7D,
+        0x6B, 0x33, 0xE9, 0xF2, 0x86, 0xF3, 0xF3, 0x3D, 0xA9, 0xEF, 0x6A, 0x87,
+        0x31, 0xB3, 0xB7, 0x7E, 0x50, 0x02, 0x21, 0x00, 0xF0, 0x60, 0xDD, 0xCE,
+        0xA2, 0xDB, 0x56, 0xEC, 0xD9, 0xF4, 0xE4, 0xE3, 0x25, 0xD4, 0xB0, 0xC9,
+        0x25, 0x7D, 0xCA, 0x7A, 0x5D, 0xBA, 0xC4, 0xB2, 0xF6, 0x7D, 0x04, 0xC7,
+        0xBD, 0x62, 0xC9, 0x20 };
+
+/* derived from wolfSSL/certs/ecc-key.der */
+
+static const CPU_INT08U ecc_key_der_256[] = { 0x30, 0x77, 0x02, 0x01, 0x01,
+        0x04, 0x20, 0x45, 0xB6, 0x69, 0x02, 0x73, 0x9C, 0x6C, 0x85, 0xA1, 0x38,
+        0x5B, 0x72, 0xE8, 0xE8, 0xC7, 0xAC, 0xC4, 0x03, 0x8D, 0x53, 0x35, 0x04,
+        0xFA, 0x6C, 0x28, 0xDC, 0x34, 0x8D, 0xE1, 0xA8, 0x09, 0x8C, 0xA0, 0x0A,
+        0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0xA1, 0x44,
+        0x03, 0x42, 0x00, 0x04, 0xBB, 0x33, 0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6,
+        0x4A, 0xA5, 0x04, 0xC3, 0x3C, 0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, 0xCE,
+        0x94, 0xEA, 0x2B, 0xFA, 0xCB, 0x20, 0x09, 0x39, 0x2C, 0x16, 0xE8, 0x61,
+        0x02, 0xE9, 0xAF, 0x4D, 0xD3, 0x02, 0x93, 0x9A, 0x31, 0x5B, 0x97, 0x92,
+        0x21, 0x7F, 0xF0, 0xCF, 0x18, 0xDA, 0x91, 0x11, 0x02, 0x34, 0x86, 0xE8,
+        0x20, 0x58, 0x33, 0x0B, 0x80, 0x34, 0x89, 0xD8 };
+
+
+int wolfssl_server_test(void)
+{
+    NET_ERR err;
+    NET_SOCK_ID sock_listen;
+    NET_SOCK_ID sock_req;
+    NET_SOCK_ADDR_IPv4 server_addr;
+    NET_SOCK_ADDR_LEN server_addr_len;
+    NET_SOCK_ADDR_IPv4 client_sock_addr_ip;
+    NET_SOCK_ADDR_LEN client_sock_addr_ip_size;
+    CPU_CHAR rx_buf[RX_BUF_SIZE];
+    CPU_CHAR tx_buf[TX_BUF_SIZE];
+    CPU_BOOLEAN attempt_conn;
+    OS_ERR os_err;
+    WOLFSSL * ssl;
+    WOLFSSL_CTX * ctx;
+    int tx_buf_sz = 0, ret = 0, error = 0;
+
+    #ifdef DEBUG_WOLFSSL
+        wolfSSL_Debugging_ON();
+    #endif
+
+    /* wolfSSL INIT and CTX SETUP */
+
+    wolfSSL_Init();
+
+    /* SET UP NETWORK SOCKET */
+
+    APP_TRACE_INFO(("Opening network socket...\r\n"));
+    sock_listen = NetSock_Open(NET_SOCK_ADDR_FAMILY_IP_V4,
+                               NET_SOCK_TYPE_STREAM,
+                               NET_SOCK_PROTOCOL_TCP,
+                               &err);
+    if (err != NET_SOCK_ERR_NONE) {
+        APP_TRACE_INFO(("ERROR: NetSock_Open, err = %d\r\n", (int) err));
+        return -1;
+    }
+
+    APP_TRACE_INFO(("Clearing memory for server_addr struct\r\n"));
+    server_addr_len = sizeof(server_addr);
+    Mem_Clr((void *) &server_addr, (CPU_SIZE_T) server_addr_len);
+
+    APP_TRACE_INFO(("Setting up server_addr struct\r\n"));
+    server_addr.AddrFamily = NET_SOCK_ADDR_FAMILY_IP_V4;
+    server_addr.Addr = NET_UTIL_HOST_TO_NET_32(NET_SOCK_ADDR_IP_V4_WILDCARD);
+    server_addr.Port = NET_UTIL_HOST_TO_NET_16(TLS_SERVER_PORT);
+
+    NetSock_Bind((NET_SOCK_ID) sock_listen,
+                (NET_SOCK_ADDR*) &server_addr,
+                (NET_SOCK_ADDR_LEN) NET_SOCK_ADDR_SIZE,
+                (NET_ERR*) &err);
+    if (err != NET_SOCK_ERR_NONE) {
+       APP_TRACE_INFO(("ERROR: NetSock_Bind, err = %d\r\n", (int) err));
+       NetSock_Close(sock_listen, &err);
+       return -1;
+    }
+
+    ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method());
+    if (ctx == 0) {
+        APP_TRACE_INFO(("ERROR: wolfSSL_CTX_new failed\r\n"));
+        NetSock_Close(sock_listen, &err);
+        return -1;
+    }
+    APP_TRACE_INFO(("wolfSSL_CTX_new done\r\n"));
+
+    ret = wolfSSL_CTX_use_certificate_buffer(ctx,
+                                             server_ecc_der_256,
+                                             sizeof(server_ecc_der_256),
+                                             SSL_FILETYPE_ASN1);
+    if (ret != SSL_SUCCESS) {
+        APP_TRACE_INFO(
+                ("ERROR: wolfSSL_CTX_use_certificate_buffer() failed\r\n"));
+        NetSock_Close(sock_listen, &err);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+    ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx,
+                                            ecc_key_der_256,
+                                            sizeof(ecc_key_der_256),
+                                            SSL_FILETYPE_ASN1);
+    if (ret != SSL_SUCCESS) {
+        APP_TRACE_INFO(
+                ("ERROR: wolfSSL_CTX_use_PrivateKey_buffer() failed\r\n"));
+        NetSock_Close(sock_listen, &err);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+    /* accept client socket connections */
+
+    APP_TRACE_INFO(("Listening for client connection\r\n"));
+
+    NetSock_Listen(sock_listen, TCP_SERVER_CONN_Q_SIZE, &err);
+    if (err != NET_SOCK_ERR_NONE) {
+        APP_TRACE_INFO(("ERROR: NetSock_Listen, err = %d\r\n", (int) err));
+        NetSock_Close(sock_listen, &err);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+    do {
+        client_sock_addr_ip_size = sizeof(client_sock_addr_ip);
+        sock_req = NetSock_Accept((NET_SOCK_ID) sock_listen,
+                                 (NET_SOCK_ADDR*) &client_sock_addr_ip,
+                                 (NET_SOCK_ADDR_LEN*) &client_sock_addr_ip_size,
+                                 (NET_ERR*) &err);
+        switch (err) {
+        case NET_SOCK_ERR_NONE:
+            attempt_conn = DEF_NO;
+            break;
+        case NET_ERR_INIT_INCOMPLETE:
+        case NET_SOCK_ERR_NULL_PTR:
+        case NET_SOCK_ERR_NONE_AVAIL:
+        case NET_SOCK_ERR_CONN_ACCEPT_Q_NONE_AVAIL:
+            attempt_conn = DEF_YES;
+            break;
+        case NET_SOCK_ERR_CONN_SIGNAL_TIMEOUT:
+            APP_TRACE_INFO(
+                    ("NetSockAccept err = NET_SOCK_ERR_CONN_SIGNAL_TIMEOUT\r\n"));
+            attempt_conn = DEF_YES;
+            break;
+        default:
+            attempt_conn = DEF_NO;
+            break;
+        }
+    } while (attempt_conn == DEF_YES);
+    if (err != NET_SOCK_ERR_NONE) {
+        APP_TRACE_INFO(("ERROR: NetSock_Accept, err = %d\r\n", (int) err));
+        NetSock_Close(sock_listen, &err);
+        return -1;
+    }
+
+    APP_TRACE_INFO(("Got client connection! Starting TLS negotiation\r\n"));
+    /* set up wolfSSL session */
+    if ((ssl = wolfSSL_new(ctx)) == NULL) {
+        APP_TRACE_INFO(("ERROR: wolfSSL_new() failed\r\n"));
+        NetSock_Close(sock_req, &err);
+        NetSock_Close(sock_listen, &err);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+
+    APP_TRACE_INFO(("wolfSSL_new done\r\n"));
+    ret = wolfSSL_set_fd(ssl, sock_req);
+    if (ret != SSL_SUCCESS) {
+        APP_TRACE_INFO(("ERROR: wolfSSL_set_fd() failed\r\n"));
+        NetSock_Close(sock_req, &err);
+        NetSock_Close(sock_listen, &err);
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+
+    APP_TRACE_INFO(("wolfSSL_set_fd done\r\n"));
+    do {
+        error = 0; /* reset error */
+        if (ret != SSL_SUCCESS) {
+            error = wolfSSL_get_error(ssl, 0);
+            APP_TRACE_INFO(
+                    ("ERROR: wolfSSL_accept() failed, err = %d\r\n", error));
+            if (error != SSL_ERROR_WANT_READ) {
+                NetSock_Close(sock_req, &err);
+                NetSock_Close(sock_listen, &err);
+                wolfSSL_free(ssl);
+                wolfSSL_CTX_free(ctx);
+                return -1;
+            }
+            OSTimeDlyHMSM(0u, 0u, 0u, 500u, OS_OPT_TIME_HMSM_STRICT, &os_err);
+        }
+    } while ((ret != SSL_SUCCESS) && (error == SSL_ERROR_WANT_READ));
+
+    APP_TRACE_INFO(("wolfSSL_accept() ok...\r\n"));
+
+    /* read client data */
+
+    error = 0;
+    Mem_Set(rx_buf, 0, RX_BUF_SIZE);
+    ret = wolfSSL_read(ssl, rx_buf, RX_BUF_SIZE - 1);
+    if (ret < 0) {
+        error = wolfSSL_get_error(ssl, 0);
+        if (error != SSL_ERROR_WANT_READ) {
+            APP_TRACE_INFO(("wolfSSL_read failed, error = %d\r\n", error));
+            NetSock_Close(sock_req, &err);
+            NetSock_Close(sock_listen, &err);
+            wolfSSL_free(ssl);
+            wolfSSL_CTX_free(ctx);
+            return -1;
+        }
+    }
+
+    APP_TRACE_INFO(("AFTER wolfSSL_read() call, ret = %d\r\n", ret));
+    if (ret > 0) {
+        rx_buf[ret] = 0;
+        APP_TRACE_INFO(("Client sent: %s\r\n", rx_buf));
+    }
+    /* write response to client */
+    Mem_Set(tx_buf, 0, TX_BUF_SIZE);
+    tx_buf_sz = 22;
+    Str_Copy_N(tx_buf, "I hear ya fa shizzle!\n", tx_buf_sz);
+    if (wolfSSL_write(ssl, tx_buf, tx_buf_sz) != tx_buf_sz) {
+        error = wolfSSL_get_error(ssl, 0);
+        APP_TRACE_INFO(("ERROR: wolfSSL_write() failed, err = %d\r\n", error));
+        NetSock_Close(sock_req, &err);
+        NetSock_Close(sock_listen, &err);
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+    ret = wolfSSL_shutdown(ssl);
+    if (ret == SSL_SHUTDOWN_NOT_DONE)
+        wolfSSL_shutdown(ssl);
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        wolfSSL_Cleanup();
+        NetSock_Close(sock_req, &err);
+        NetSock_Close(sock_listen, &err);
+    return 0;
+}

IDE/ECLIPSE/MICRIUM/server_wolfssl.h

@@ -0,0 +1,35 @@
+/* server_wolfssl.h
+ *
+ * Copyright (C) 2006-2019 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef  __SERVER_WOLFSSL_H__
+#define  __SERVER_WOLFSSL_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int wolfssl_server_test(void);
+
+#ifdef __cplusplus
+}  /* extern "C" */
+#endif
+
+#endif /* SERVER_WOLFSSL_H */

IDE/ECLIPSE/MICRIUM/user_settings.h

@@ -0,0 +1,75 @@
+/* user_setting.h
+ *
+ * Copyright (C) 2006-2019 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef MICRIUM_USER_SETTINGS_H_
+#define MICRIUM_USER_SETTINGS_H_
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+#define MICRIUM
+
+/* You can select one or all of the following tests */
+#define WOLFSSL_WOLFCRYPT_TEST
+#define WOLFSSL_BENCHMARK_TEST
+#define WOLFSSL_CLIENT_TEST
+#define WOLFSSL_SERVER_TEST
+
+/* adjust CURRENT_UNIX_TS to seconds since Jan 01 1970. (UTC)
+You can get the current time from https://www.unixtimestamp.com/
+*/
+#define CURRENT_UNIX_TS 1542605837
+
+/* When using Windows simulator, you must define USE_WINDOWS_API for test.h to build */
+#ifdef _WIN32
+#define USE_WINDOWS_API
+#endif
+
+#define NO_FILESYSTEM
+#define SIZEOF_LONG_LONG 8
+
+/* prevents from including multiple definition of main() */
+#define NO_MAIN_DRIVER
+#define NO_TESTSUITE_MAIN_DRIVER
+
+/* includes certificate test buffers via header files */
+#define USE_CERT_BUFFERS_2048
+/*use kB instead of mB for embedded benchmarking*/
+#define BENCH_EMBEDDED
+
+#define NO_WRITE_TEMP_FILES
+
+#define XSNPRINTF snprintf
+
+#define HAVE_AESGCM
+#define WOLFSSL_SHA512
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define CURVE25519_SMALL
+#define HAVE_ED25519
+#define ED25519_SMALL
+
+#ifdef __cplusplus
+    }   /* extern "C" */
+#endif
+
+#endif

IDE/ECLIPSE/MICRIUM/wolfsslRunTests.c

@@ -0,0 +1,80 @@
+/* wolfsslRunTests.c
+ *
+ * Copyright (C) 2006-2019 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include  <includes.h> /* master includes from Micrium Freescale Kinetis K70*/
+
+#include  <wolfssl/ssl.h>
+
+/*
+* Description :  This function runs wolfssl tests.
+* Caller(s)   :  main() in app.c
+* Note(s)     :  none.
+*/
+
+int  wolfsslRunTests (void)
+{
+    CLK_ERR        err;
+    CLK_TS_SEC     ts_unix_sec;
+    CPU_BOOLEAN    valid;
+    static int initialized = 0;
+
+    if(!initialized) {
+        Clk_Init(&err);
+
+        if (err == CLK_ERR_NONE) {
+            APP_TRACE_INFO(("Clock module successfully initialized\n"));
+        } else {
+            APP_TRACE_INFO(("Clock module initialization failed\n"));
+            return -1;
+        }
+
+        valid = Clk_GetTS_Unix(&ts_unix_sec);
+
+        if (valid == DEF_OK) {
+            APP_TRACE_INFO(("Timestamp Unix = %u\n", ts_unix_sec));
+        } else {
+            APP_TRACE_INFO(("Get TS Unix error\n"));
+          }
+    #if defined(CURRENT_UNIX_TS)
+        valid = Clk_SetTS_Unix(CURRENT_UNIX_TS);
+        if (valid != DEF_OK) {
+            APP_TRACE_INFO(("Clk_SetTS_Unix error\n"));
+            return -1;
+        }
+    #endif
+     initialized = 1;
+    }
+
+    #if defined(WOLFSSL_WOLFCRYPT_TEST)
+        wolfcrypt_test(NULL);
+    #endif
+    #if defined(WOLFSSL_BENCHMARK_TEST)
+        benchmark_test(NULL);
+    #endif
+    #if defined(WOLFSSL_CLIENT_TEST)
+        wolfssl_client_test();
+    #endif
+    #if defined(WOLFSSL_SERVER_TEST)
+        wolfssl_server_test();
+    #endif
+
+    return 0;
+}

IDE/Espressif/ESP-IDF/README.md

@@ -0,0 +1,35 @@
+# ESP-IDF port
+## Overview
+ ESP-IDF development framework with wolfSSL by setting *WOLFSSL_ESPIDF* definition
+
+Including the following examples:
+
+* simple tls_client/server
+* crypt test
+* crypt benchmark
+
+ The *user_settings.h* file enables some of the hardened settings.
+
+## Requirements
+ 1. ESP-IDF development framework  
+    [https://docs.espressif.com/projects/esp-idf/en/latest/get-started/]
+
+    Note: This expects to use Linux version.
+
+## Setup
+ 1. Run *setup.sh* to deploy files into ESP-IDF tree
+ 2. Find Wolfssl files at /path/to/esp-idf/components/wolfssl/
+ 3. Find Example programs under /path/to/esp-idf/examples/protocols/wolfssl_xxx
+ 4. Uncomment out #define WOLFSSL_ESPIDF in /path/to/wolfssl/wolfssl/wolfcrypt/settings.h  
+    Uncomment out #define WOLFSSL_ESPWROOM32 in /path/to/wolfssl/wolfssl/wolfcrypt/settings.h
+
+## Configuration
+ 1. The *user_settings.h* can be found in /path/to/esp-idf/components/wolfssl/include/user_settings.h
+
+## Build examples
+ 1. See README in each example folder
+
+## Support
+ For question please email [support@wolfssl.com]
+
+ Note: This is tested with "Ubuntu 18.04.1 LTS" and ESP32-WROOM-32.

IDE/Espressif/ESP-IDF/README_32se.md

@@ -0,0 +1,58 @@
+# DEMO program with ATECC608A on ESP-WROOM-32SE
+## Overview
+ Running demo programs with ATECC608A on 32SE by setting *WOLFSSL_ESPWROOM32SE* definition
+
+Including the following examples:
+
+* simple tls_client/tls_server
+* crypt benchmark
+
+ The *user_settings.h* file enables some of the hardened settings. 
+ 
+## Requirements
+ 1. ESP-IDF development framework  
+    [https://docs.espressif.com/projects/esp-idf/en/latest/get-started/]
+
+ 2. Microchip CryptoAuthentication Library  
+    [https://github.com/MicrochipTech/cryptoauthlib]
+    
+## Setup
+ 1. wolfSSL under ESP-IDF. Please see [README.md](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/README.md)
+ 2. CryptoAuthentication Library under ESP-IDF. Please see [README.md](https://github.com/miyazakh/cryptoauthlib_esp_idf/blob/master/README.md)
+ 
+ 3. Uncomment out #define WOLFSSL_ESPWROOM32SE in /path/to/wolfssl/wolfssl/wolfcrypt/settings.h
+ 
+    Note : Need to enable WOLFSSL_ESPIDF  
+    Note : crypt test will fail if enabled WOLFSSL_ESPWROOM32SE
+ 
+## Configuration
+ 1. The *user_settings.h* can be found in /path/to/esp-idf/components/wolfssl/include/user_settings.h
+
+## Build examples
+ 1. See README in each example folder
+
+## Benchmark
+w/o atecc608a
+```
+ECC      256 key gen         4 ops took 1.092 sec, avg 273.000 ms, 3.663 ops/sec
+ECDHE    256 agree           4 ops took 1.091 sec, avg 272.750 ms, 3.666 ops/sec
+ECDSA    256 sign            4 ops took 1.102 sec, avg 275.500 ms, 3.630 ops/sec
+ECDSA    256 verify          2 ops took 1.091 sec, avg 545.500 ms, 1.833 ops/sec
+```
+w/ atecc608a
+```
+ECC      256 key gen        11 ops took 1.074 sec, avg 97.636 ms, 10.242 ops/sec
+ECDHE    256 agree           6 ops took 1.068 sec, avg 178.000 ms, 5.618 ops/sec
+ECDSA    256 sign            8 ops took 1.009 sec, avg 126.125 ms, 7.929 ops/sec
+ECDSA    256 verify         14 ops took 1.079 sec, avg 77.071 ms, 12.975 ops/sec
+```
+
+## Support
+ For question please email [support@wolfssl.com]
+
+ Note: This is tested with the following condition:
+ 
+- Model    : ESP32-WROOM-32SE  
+- ESP-IDF  : v3.3-beta1-39-g6cb37ecc5(commit hash : 6cb37ecc5)  
+- CryptAuthLib: commit hash : c6b176e
+- OS       : Ubuntu 18.04.1 LTS (Bionic Beaver)

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/CMakeLists.txt

@@ -0,0 +1,6 @@
+# The following lines of boilerplate have to be in your project's
+# CMakeLists in this exact order for cmake to work correctly
+cmake_minimum_required(VERSION 3.5)
+
+include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+project(wolfssl_benchmark)

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/Makefile

@@ -0,0 +1,11 @@
+#
+# This is a project Makefile. It is assumed the directory this Makefile resides in is a
+# project subdirectory.
+#
+
+PROJECT_NAME := wolfssl_benchmark
+
+CFLAGS += -DWOLFSSL_USER_SETTINGS
+
+include $(IDF_PATH)/make/project.mk
+

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md

@@ -0,0 +1,16 @@
+#wolfSSL Example
+
+The Example contains of wolfSSL benchmark program.
+
+1. "make menuconfig" to configure the program.  
+    1-1. Example Configuration ->
+
+    BENCH_ARG : argument that you want to use. Default is "-lng 0"  
+    The list of argument can be find in help.
+
+When you want to run the benchmark program
+
+1. "make flash" to compile and load the firmware
+2. "make monitor" to see the message
+
+See the README.md file in the upper level 'examples' directory for more information about examples.

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/CMakeLists.txt

@@ -0,0 +1,10 @@
+
+#
+# wolfssl benchmark test
+#
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+
+set(COMPONENT_SRCS "benchmark.c" "helper.c")
+set(COMPONENT_ADD_INCLUDEDIRS ".")
+
+register_component()

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/Kconfig.projbuild

@@ -0,0 +1,29 @@
+menu "Example Configuration"
+
+config BENCH_ARGV
+    string "Arguments for benchmark test"
+    default "-lng 0"
+    help
+        -? <num>    Help, print this usage
+                     0: English, 1: Japanese
+        -csv        Print terminal output in csv format
+        -base10     Display bytes as power of 10 (eg 1 kB = 1000 Bytes)
+        -no_aad     No additional authentication data passed.
+        -dgst_full  Full digest operation performed.
+        -rsa_sign   Measure RSA sign/verify instead of encrypt/decrypt.
+        -<alg>      Algorithm to benchmark. Available algorithms include:
+                    cipher aes-cbc aes-gcm chacha20 chacha20-poly1305
+                    digest md5 poly1305 sha sha2 sha224 sha256 sha384 sha512 sha3
+                    sha3-224 sha3-256 sha3-384 sha3-512
+                    mac hmac hmac-md5 hmac-sha hmac-sha224 hmac-sha256 hmac-sha384
+                    hmac-sha512
+                    asym rsa rsa-sz dh ecc-kg ecc
+                    other rng
+        -lng <num>  Display benchmark result by specified language.
+                    0: English, 1: Japanese
+        <num>       Size of block in bytes
+        
+        e.g -lng 1
+        e.g sha
+
+endmenu

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/component.mk

@@ -0,0 +1,8 @@
+#
+# Main component makefile.
+#
+# This Makefile can be left empty. By default, it will take the sources in the 
+# src/ directory, compile them and link them into lib(subdirectory_name).a 
+# in the build directory. This behaviour is entirely configurable,
+# please read the ESP-IDF documents if you need to do this.
+#

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/helper.c

@@ -0,0 +1,171 @@
+/* helper.c
+ *
+ * Copyright (C) 2006-2019 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfcrypt/benchmark/benchmark.h>
+
+#include "sdkconfig.h"
+#include "esp_log.h"
+
+#define WOLFSSL_BENCH_ARGV                 CONFIG_BENCH_ARGV
+
+/* proto-type */
+extern void wolf_benchmark_task();
+static const char* const TAG = "wolfbenchmark";
+char* __argv[22];
+
+#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
+                                  && defined(WOLFSSL_ATECC508A)
+
+#include "wolfssl/wolfcrypt/port/atmel/atmel.h"
+
+/* when you need to use a custom slot allocation, */
+/* enable the definition CUSTOM_SLOT_ALLOCAION.   */
+#if defined(CUSTOM_SLOT_ALLOCATION)
+
+static byte mSlotList[ATECC_MAX_SLOT];
+
+/* initialize slot array */
+void my_atmel_slotInit()
+{
+    int i;
+    for(i = 0;i < ATECC_MAX_SLOT;i++) {
+        mSlotList[i] = ATECC_INVALID_SLOT;
+    }
+}
+
+/* allocate slot depending on slotType */
+int my_atmel_alloc(int slotType)
+{
+    int i, slot = -1;
+
+    switch(slotType){
+        case ATMEL_SLOT_ENCKEY:
+            slot = 4;
+            break;
+        case ATMEL_SLOT_DEVICE:
+            slot = 0;
+            break;
+        case ATMEL_SLOT_ECDHE:
+            slot = 0;
+            break;
+        case ATMEL_SLOT_ECDHE_ENC:
+            slot = 4;
+            break;
+        case ATMEL_SLOT_ANY:
+            for(i = 0;i < ATECC_MAX_SLOT;i++){
+                if(mSlotList[i] == ATECC_INVALID_SLOT){
+                    slot = i;
+                    break;
+                }
+            }
+    }
+
+    return slot;
+}
+
+/* free slot array       */
+void my_atmel_free(int slotId)
+{
+    if(slotId >= 0 && slotId < ATECC_MAX_SLOT){
+        mSlotList[slotId] = ATECC_INVALID_SLOT;
+    }
+}
+
+#endif /* CUSTOM_SLOT_ALLOCATION                                       */
+#endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */
+
+int construct_argv()
+{
+    int cnt = 0;
+    int i = 0;
+    int len = 0;
+    char *_argv;            /* buffer for copying the string    */
+    char *ch;               /* char pointer to trace the string */
+    char buff[16] = { 0 };  /* buffer for a argument copy       */
+
+    printf("arg:%s\n", CONFIG_BENCH_ARGV);
+    len = strlen(CONFIG_BENCH_ARGV);
+    _argv = (char*)malloc(len + 1);
+    if (!_argv) {
+        return -1;
+    }
+    memset(_argv, 0, len+1);
+    memcpy(_argv, CONFIG_BENCH_ARGV, len);
+    _argv[len] = '\0';
+    ch = _argv;
+
+    __argv[cnt] = malloc(10);
+    sprintf(__argv[cnt], "benchmark");
+    __argv[9] = '\0';
+    cnt = 1;
+
+    while (*ch != '\0')
+    {
+        /* skip white-space */
+        while (*ch == ' ') { ++ch; }
+
+        memset(buff, 0, sizeof(buff));
+        /* copy each args into buffer */
+        i = 0;
+        while ((*ch != ' ') && (*ch != '\0') && (i < 16)) {
+            buff[i] = *ch;
+            ++i;
+            ++ch;
+        }
+        /* copy the string into argv */
+        __argv[cnt] = (char*)malloc(i + 1);
+        memset(__argv[cnt], 0, i + 1);
+        memcpy(__argv[cnt], buff, i + 1);
+        /* next args */
+        ++cnt;
+    }
+
+    free(_argv);
+
+    return (cnt);
+}
+
+/* entry point */
+void app_main(void)
+{
+#ifndef NO_CRYPT_BENCHMARK
+
+/* when using atecc608a on esp32-wroom-32se */
+#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
+                                  && defined(WOLFSSL_ATECC508A)
+    #if defined(CUSTOM_SLOT_ALLOCATION)
+    my_atmel_slotInit();
+    /* to register the callback, it needs to be initialized. */
+    if ((wolfCrypt_Init()) != 0) {
+       ESP_LOGE(TAG, "wolfCrypt_Init failed");
+       return;
+    }
+    atmel_set_slot_allocator(my_atmel_alloc, my_atmel_free);
+    #endif
+#endif
+    wolf_benchmark_task();
+#else
+#endif /* NO_CRYPT_BENCHMARK */
+}

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/sdkconfig.defaults

@@ -0,0 +1,6 @@
+CONFIG_BENCH_ARGV="-lng 0"
+CONFIG_MAIN_TASK_STACK_SIZE=7000
+CONFIG_FREERTOS_HZ=1000
+CONFIG_TASK_WDT_CHECK_IDLE_TASK_CPU0=
+CONFIG_ESP32_DEFAULT_CPU_FREQ_240=y
+170 CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ=240

IDE/Espressif/ESP-IDF/examples/wolfssl_client/CMakeLists.txt

@@ -0,0 +1,6 @@
+# The following lines of boilerplate have to be in your project's
+# CMakeLists in this exact order for cmake to work correctly
+cmake_minimum_required(VERSION 3.5)
+
+include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+project(wolfssl_client)

IDE/Espressif/ESP-IDF/examples/wolfssl_client/Makefile

@@ -0,0 +1,11 @@
+#
+# This is a project Makefile. It is assumed the directory this Makefile resides in is a
+# project subdirectory.
+#
+
+PROJECT_NAME := wolfssl_client
+
+CFLAGS += -DWOLFSSL_USER_SETTINGS
+
+include $(IDF_PATH)/make/project.mk
+

IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md

@@ -0,0 +1,22 @@
+#wolfSSL Example
+
+The Example contains of wolfSSL tls client demo.
+
+1. "make menuconfig" to config the project  
+    1-1. Example Configuration ->
+
+          WIFI SSID: your own WIFI, which is connected to the Internet.(default is "myssid")  
+          WIFI Password: WIFI password, and default is "mypassword"  
+          Target host ip address : the host that you want to connect to.(default is 127.0.0.1)
+    
+    Note: the example program uses 11111 port. If you want to use different port  
+        , you need to modify DEFAULT_PORT definition in the code.
+
+When you want to test the wolfSSL client
+
+1. "make flash monitor" to load the firmware and see the context  
+2. You can use <wolfssl>/examples/server/server program for test.  
+
+         e.g. Launch ./examples/server/server -v 4 -b -i
+
+See the README.md file in the upper level 'examples' directory for more information about examples.

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/CMakeLists.txt

@@ -0,0 +1,10 @@
+
+#
+# wolfssl client test
+#
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+
+set(COMPONENT_SRCS "client-tls.c" "wifi_connect.c")
+set(COMPONENT_ADD_INCLUDEDIRS "." "./include")
+
+register_component()

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/Kconfig.projbuild

@@ -0,0 +1,21 @@
+menu "Example Configuration"
+
+config WIFI_SSID
+    string "WiFi SSID"
+    default "myssid"
+    help
+        SSID (network name) for the example to connect to.
+
+config WIFI_PASSWORD
+    string "WiFi Password"
+    default "mypassword"
+    help
+        WiFi password (WPA or WPA2) for the example to use.
+
+config TARGET_HOST
+    string "Target host"
+    default "127.0.01.1"
+    help
+        host address for the example to connect
+        
+endmenu

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c

@@ -0,0 +1,290 @@
+/* client-tls-callback.c
+ *
+ * Copyright (C) 2006-2019 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+/* the usual suspects */
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+
+/* ESP specific */
+#include "wifi_connect.h"
+
+/* socket includes */
+#include "lwip/netdb.h"
+#include "lwip/sockets.h"
+
+/* wolfSSL */
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/ssl.h>
+#include <wolfssl/certs_test.h>
+
+#ifdef WOLFSSL_TRACK_MEMORY
+    #include <wolfssl/wolfcrypt/mem_track.h>
+#endif
+
+static const char* const TAG = "tls_client";
+
+#if defined(DEBUG_WOLFSSL)
+
+static void ShowCiphers(void)
+{
+    char ciphers[4096];
+
+    int ret = wolfSSL_get_ciphers(ciphers, (int)sizeof(ciphers));
+
+    if (ret == WOLFSSL_SUCCESS)
+        printf("%s\n", ciphers);
+}
+
+#endif
+
+#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
+                                  && defined(WOLFSSL_ATECC508A)
+
+#include "wolfssl/wolfcrypt/port/atmel/atmel.h"
+
+/* when you want to use custom slot allocation */
+/* enable the definition CUSTOM_SLOT_ALLOCATION.*/
+
+#if defined(CUSTOM_SLOT_ALLOCATION)
+
+static byte mSlotList[ATECC_MAX_SLOT];
+
+int atmel_set_slot_allocator(atmel_slot_alloc_cb alloc,
+                                                atmel_slot_dealloc_cb dealloc);
+/* initialize slot array */
+void my_atmel_slotInit()
+{
+    int i;
+
+    for(i=0;i<ATECC_MAX_SLOT; i++) {
+        mSlotList[i] = ATECC_INVALID_SLOT;
+    }
+}
+/* allocate slot depending on slotType */
+int my_atmel_alloc(int slotType)
+{
+    int i, slot = -1;
+
+    switch(slotType){
+        case ATMEL_SLOT_ENCKEY:
+            slot = 2;
+            break;
+        case ATMEL_SLOT_DEVICE:
+            slot = 0;
+            break;
+        case ATMEL_SLOT_ECDHE:
+            slot = 0;
+            break;
+        case ATMEL_SLOT_ECDHE_ENC:
+            slot = 4;
+            break;
+        case ATMEL_SLOT_ANY:
+            for(i=0;i<ATECC_MAX_SLOT;i++){
+                if(mSlotList[i] == ATECC_INVALID_SLOT){
+                    slot = i;
+                    break;
+                }
+            }
+    }
+
+    return slot;
+}
+/* free slot array       */
+void my_atmel_free(int slotId)
+{
+    if(slotId >= 0 && slotId < ATECC_MAX_SLOT){
+        mSlotList[slotId] = ATECC_INVALID_SLOT;
+    }
+}
+#endif /* CUSTOM_SLOT_ALLOCATION                                       */
+#endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */
+
+/* client task */
+void tls_smp_client_task()
+{
+    int ret;
+    int sockfd;
+    int doPeerCheck;
+    int sendGet;
+    struct sockaddr_in servAddr;
+    char buff[256];
+    const char* ch = TLS_SMP_TARGET_HOST;
+    size_t len;
+    struct hostent *hp;
+    struct ip4_addr *ip4_addr;
+
+    /* declare wolfSSL objects */
+    WOLFSSL_CTX *ctx;
+    WOLFSSL *ssl;
+
+    WOLFSSL_ENTER("tls_smp_client_task");
+
+    doPeerCheck = 0;
+    sendGet = 0;
+
+#ifdef DEBUG_WOLFSSL
+    WOLFSSL_MSG("Debug ON");
+    wolfSSL_Debugging_ON();
+    ShowCiphers();
+#endif
+    /* Initialize wolfSSL */
+    wolfSSL_Init();
+
+    /* Create a socket that uses an internet IPv4 address,
+     * Sets the socket to be stream based (TCP),
+     * 0 means choose the default protocol. */
+    if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
+        ESP_LOGE(TAG,"ERROR: failed to create the socket\n");
+    }
+
+    ESP_LOGI(TAG, "get target IP address");
+
+    hp = gethostbyname(TLS_SMP_TARGET_HOST);
+    if (!hp) {
+         ESP_LOGE(TAG, "Failed to get host name.");
+         ip4_addr = NULL;
+    } else {
+
+         ip4_addr = (struct ip4_addr *)hp->h_addr;
+         ESP_LOGI(TAG, IPSTR, IP2STR(ip4_addr));
+    }
+    /* Create and initialize WOLFSSL_CTX */
+    if ((ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())) == NULL) {
+        ESP_LOGE(TAG,"ERROR: failed to create WOLFSSL_CTX\n");
+    }
+    WOLFSSL_MSG("Loading...cert");
+    /* Load client certificates into WOLFSSL_CTX */
+    if ((ret = wolfSSL_CTX_load_verify_buffer(ctx, ca_cert_der_2048,
+        sizeof_ca_cert_der_2048, WOLFSSL_FILETYPE_ASN1)) != SSL_SUCCESS) {
+        ESP_LOGE(TAG,"ERROR: failed to load %d, please check the file.\n",ret);
+    }
+    /* not peer check */
+    if( doPeerCheck == 0 ){
+        wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, 0);
+    } else {
+        WOLFSSL_MSG("Loading... our cert");
+        /* load our certificate */
+   	    if ((ret = wolfSSL_CTX_use_certificate_chain_buffer_format(ctx, client_cert_der_2048,
+            sizeof_client_cert_der_2048, WOLFSSL_FILETYPE_ASN1)) != SSL_SUCCESS) {
+            ESP_LOGE(TAG,"ERROR: failed to load chain %d, please check the file.\n",ret);
+        }
+
+        if ((ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx, client_key_der_2048,
+            sizeof_client_key_der_2048, WOLFSSL_FILETYPE_ASN1))  != SSL_SUCCESS) {
+            wolfSSL_CTX_free(ctx); ctx = NULL;
+            ESP_LOGE(TAG,"ERROR: failed to load key %d, please check the file.\n", ret);
+        }
+
+        wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, 0);
+    }
+
+    /* Initialize the server address struct with zeros */
+    memset(&servAddr, 0, sizeof(servAddr));
+
+    /* Fill in the server address */
+    servAddr.sin_family = AF_INET;           /* using IPv4      */
+    servAddr.sin_port = htons(DEFAULT_PORT); /* on DEFAULT_PORT */
+
+    if(*ch >= '1' && *ch <= '9') {
+        /* Get the server IPv4 address from the command line call */
+        WOLFSSL_MSG("inet_pton");
+        if ((ret = inet_pton(AF_INET, TLS_SMP_TARGET_HOST,
+                 &servAddr.sin_addr)) != 1) {
+            ESP_LOGE(TAG,"ERROR: invalid address ret=%d\n", ret);
+        }
+    } else {
+        servAddr.sin_addr.s_addr = ip4_addr->addr;
+    }
+
+    /* Connect to the server */
+    sprintf(buff, "Connecting to server....%s(port:%d)", TLS_SMP_TARGET_HOST
+                                                      , DEFAULT_PORT);
+    WOLFSSL_MSG(buff);
+    printf("%s\n",buff);
+    if ((ret = connect(sockfd, (struct sockaddr *)&servAddr,
+                                    sizeof(servAddr))) == -1){
+        ESP_LOGE(TAG,"ERROR: failed to connect ret=%d\n", ret);
+    }
+
+    WOLFSSL_MSG("Create a WOLFSSL object");
+    /* Create a WOLFSSL object */
+    if ((ssl = wolfSSL_new(ctx)) == NULL) {
+        ESP_LOGE(TAG,"ERROR: failed to create WOLFSSL object\n");
+    }
+
+    /* when using atecc608a on esp32-wroom-32se */
+#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
+                                  && defined(WOLFSSL_ATECC508A)
+    atcatls_set_callbacks(ctx);
+    /* when using custom slot-allocation */
+    #if defined(CUSTOM_SLOT_ALLOCATION)
+    my_atmel_slotInit();
+    atmel_set_slot_allocator(my_atmel_alloc, my_atmel_free);
+    #endif
+#endif
+
+    /* Attach wolfSSL to the socket */
+    wolfSSL_set_fd(ssl, sockfd);
+
+    WOLFSSL_MSG("Connect to wolfSSL on the server side");
+    /* Connect to wolfSSL on the server side */
+    if (wolfSSL_connect(ssl) != SSL_SUCCESS) {
+        ESP_LOGE(TAG,"ERROR: failed to connect to wolfSSL\n");
+    }
+
+    /* Get a message for the server from stdin */
+    WOLFSSL_MSG("Message for server: ");
+    memset(buff, 0, sizeof(buff));
+
+    if(sendGet){
+        printf("SSL connect ok, sending GET...\n");
+        len = 28;
+        strncpy(buff, "GET /index.html HTTP/1.0\r\n\r\n", 28);
+        buff[len] = '\0';
+    } else {
+        sprintf(buff, "message from esp32 tls client\n");
+        len = strnlen(buff, sizeof(buff));
+    }
+    /* Send the message to the server */
+    if (wolfSSL_write(ssl, buff, len) != len) {
+        ESP_LOGE(TAG,"ERROR: failed to write\n");
+    }
+
+    /* Read the server data into our buff array */
+    memset(buff, 0, sizeof(buff));
+    if (wolfSSL_read(ssl, buff, sizeof(buff) - 1) == -1) {
+        ESP_LOGE(TAG,"ERROR: failed to read\n");
+    }
+
+    /* Print to stdout any data the server sends */
+    printf("Server:");
+    printf("%s", buff);
+    /* Cleanup and return */
+    wolfSSL_free(ssl);     /* Free the wolfSSL object                  */
+    wolfSSL_CTX_free(ctx); /* Free the wolfSSL context object          */
+    wolfSSL_Cleanup();     /* Cleanup the wolfSSL environment          */
+    close(sockfd);         /* Close the connection to the server       */
+
+    vTaskDelete(NULL);
+
+    return;                /* Return reporting a success               */
+}

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/component.mk

@@ -0,0 +1,8 @@
+#
+# Main component makefile.
+#
+# This Makefile can be left empty. By default, it will take the sources in the 
+# src/ directory, compile them and link them into lib(subdirectory_name).a 
+# in the build directory. This behaviour is entirely configurable,
+# please read the ESP-IDF documents if you need to do this.
+#

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h

@@ -0,0 +1,38 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2019 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#ifndef _TLS_WIFI_H_
+#define _TLS_WIFI_H_
+
+#include "esp_log.h"
+#include "esp_wifi.h"
+#include "esp_event_loop.h"
+
+#define DEFAULT_PORT                     11111
+
+#define TLS_SMP_CLIENT_TASK_NAME         "tls_client_example"
+#define TLS_SMP_CLIENT_TASK_WORDS        10240
+#define TLS_SMP_CLIENT_TASK_PRIORITY     8
+
+#define TLS_SMP_WIFI_SSID                CONFIG_WIFI_SSID
+#define TLS_SMP_WIFI_PASS                CONFIG_WIFI_PASSWORD
+#define TLS_SMP_TARGET_HOST              CONFIG_TARGET_HOST
+
+#endif

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c

@@ -0,0 +1,146 @@
+/* wifi_connect.c
+ *
+ * Copyright (C) 2006-2019 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+/*ESP specific */
+#include "freertos/FreeRTOS.h"
+#include "freertos/task.h"
+#include "freertos/event_groups.h"
+#include "wifi_connect.h"
+#include "lwip/sockets.h"
+#include "lwip/netdb.h"
+#include "lwip/apps/sntp.h"
+#include "nvs_flash.h"
+
+const static int CONNECTED_BIT = BIT0;
+static EventGroupHandle_t wifi_event_group;
+/* proto-type */
+extern void tls_smp_client_task();
+static void tls_smp_client_init();
+
+const static char *TAG = "tls_client";
+
+static EventGroupHandle_t wifi_event_group;
+extern void tls_smp_client_task();
+
+static void set_time()
+{
+    /* set dummy wallclock time. */
+    struct timeval utctime;
+    struct timezone tz;
+    struct strftime_buf;
+    time_t now;
+    struct tm timeinfo;
+    char strftime_buf[64];
+
+    utctime.tv_sec = 1542008020; /* dummy time: Mon Nov 12 07:33:40 2018 */
+    utctime.tv_usec = 0;
+    tz.tz_minuteswest = 0;
+    tz.tz_dsttime = 0;
+    
+    settimeofday(&utctime, &tz);
+
+    time(&now);
+    localtime_r(&now, &timeinfo);
+
+    strftime(strftime_buf, sizeof(strftime_buf), "%c", &timeinfo);
+    ESP_LOGI(TAG, "The current date/time is: %s", strftime_buf);
+
+    /* wait until wifi connect */
+    xEventGroupWaitBits(wifi_event_group, CONNECTED_BIT,
+                                            false, true, portMAX_DELAY);
+    /* now we start client tasks. */
+    tls_smp_client_init();
+}
+
+/* create task */
+static void tls_smp_client_init(void)
+{
+    int ret;
+    xTaskHandle _handle;
+    /* http://esp32.info/docs/esp_idf/html/dd/d3c/group__xTaskCreate.html */
+    ret = xTaskCreate(tls_smp_client_task,
+                      TLS_SMP_CLIENT_TASK_NAME,
+                      TLS_SMP_CLIENT_TASK_WORDS,
+                      NULL,
+                      TLS_SMP_CLIENT_TASK_PRIORITY,
+                      &_handle);
+
+    if (ret != pdPASS) {
+        ESP_LOGI(TAG, "create thread %s failed", TLS_SMP_CLIENT_TASK_NAME);
+    }
+}
+/* event hander for wifi events */
+static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
+{
+    switch (event->event_id)
+    {
+    case SYSTEM_EVENT_STA_START:
+        esp_wifi_connect();
+        break;
+    case SYSTEM_EVENT_STA_GOT_IP:
+        ESP_LOGI(TAG, "got ip:%s",
+                 ip4addr_ntoa(&event->event_info.got_ip.ip_info.ip));
+        /* http://esp32.info/docs/esp_idf/html/dd/d08/group__xEventGroupSetBits.html */
+        xEventGroupSetBits(wifi_event_group, CONNECTED_BIT);
+        break;
+    case SYSTEM_EVENT_STA_DISCONNECTED:
+        esp_wifi_connect();
+        xEventGroupClearBits(wifi_event_group, CONNECTED_BIT);
+        break;
+    default:
+        break;
+    }
+    return ESP_OK;
+}
+/* entry point */
+void app_main(void)
+{
+    ESP_LOGI(TAG, "Start app_main...");
+    ESP_ERROR_CHECK(nvs_flash_init());
+
+    ESP_LOGI(TAG, "Initialize wifi");
+    /* TCP/IP adapter initialization */
+    tcpip_adapter_init();
+
+    /* */
+    wifi_event_group = xEventGroupCreate();
+    ESP_ERROR_CHECK(esp_event_loop_init(wifi_event_handler, NULL));
+    wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
+    ESP_ERROR_CHECK(esp_wifi_init(&cfg));
+
+    wifi_config_t wifi_config = {
+        .sta = {
+            .ssid = TLS_SMP_WIFI_SSID,
+            .password = TLS_SMP_WIFI_PASS,
+        },
+    };
+    /* WiFi station mode */
+    ESP_ERROR_CHECK(esp_wifi_set_mode(WIFI_MODE_STA) );
+    /* Wifi Set the configuration of the ESP32 STA or AP */ 
+    ESP_ERROR_CHECK(esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) );
+    /* Start Wifi */
+    ESP_ERROR_CHECK(esp_wifi_start() );
+
+    ESP_LOGI(TAG, "wifi_init_sta finished.");
+    ESP_LOGI(TAG, "connect to ap SSID:%s password:%s",
+                                        TLS_SMP_WIFI_SSID, TLS_SMP_WIFI_PASS);
+    ESP_LOGI(TAG, "Set dummy time...");
+    set_time();
+}

IDE/Espressif/ESP-IDF/examples/wolfssl_server/CMakeLists.txt

@@ -0,0 +1,7 @@
+# The following lines of boilerplate have to be in your project's
+# CMakeLists in this exact order for cmake to work correctly
+cmake_minimum_required(VERSION 3.5)
+
+
+include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+project(wolfssl_server)

IDE/Espressif/ESP-IDF/examples/wolfssl_server/Makefile

@@ -0,0 +1,11 @@
+#
+# This is a project Makefile. It is assumed the directory this Makefile resides in is a
+# project subdirectory.
+#
+
+PROJECT_NAME := tls_server
+
+CFLAGS += -DWOLFSSL_USER_SETTINGS
+
+include $(IDF_PATH)/make/project.mk
+

IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md

@@ -0,0 +1,22 @@
+#wolfSSL Example
+
+The Example contains a wolfSSL simple server.
+
+1. "make menuconfigure" to configure the project
+
+    1-1. Example Configuration ->
+           WIFI SSID : your own WIFI, which is connected to the Internet.(default is "myssid")  
+           WIFI Password : WIFI password, and default is "mypassword"
+
+When you want to test the wolfSSL simple server demo
+
+1. "make flash" to compile the code and load the firmware
+2. "make monitor" to see the context. The assigned IP address can be found in output message.
+3. Once the server connects to the wifi, it is waiting for client request.  
+    ("Waiting for a connection..." message will be displayed.)
+   
+4. You can use <wolfssl>/examples/client to test the server  
+    e.g ./example/client/client -h xx.xx.xx
+
+See the README.md file in the upper level 'examples' directory for more information about examples.
+

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/CMakeLists.txt

@@ -0,0 +1,10 @@
+
+#
+# wolfssl server test
+#
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+
+set(COMPONENT_SRCS "server-tls.c" "wifi_connect.c")
+set(COMPONENT_ADD_INCLUDEDIRS "." "./include")
+
+register_component()

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/Kconfig.projbuild

@@ -0,0 +1,15 @@
+menu "Example Configuration"
+
+config WIFI_SSID
+    string "WiFi SSID"
+    default "myssid"
+    help
+        SSID (network name) for the example to connect to.
+
+config WIFI_PASSWORD
+    string "WiFi Password"
+    default "mypassword"
+    help
+        WiFi password (WPA or WPA2) for the example to use.
+
+endmenu

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/component.mk

@@ -0,0 +1,3 @@
+#
+# Main Makefile. This is basically the same as a component makefile.
+#

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h

@@ -0,0 +1,37 @@
+/* wifi_connect.h 
+ *
+ * Copyright (C) 2006-2019 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#ifndef _TLS_WIFI_H_
+#define _TLS_WIFI_H_
+
+#include "esp_log.h"
+#include "esp_wifi.h"
+#include "esp_event_loop.h"
+
+#define DEFAULT_PORT                     11111
+
+#define TLS_SMP_SERVER_TASK_NAME         "tls_sever_example"
+#define TLS_SMP_SERVER_TASK_WORDS        10240
+#define TLS_SMP_SERVER_TASK_PRIORITY     8
+
+#define TLS_SMP_WIFI_SSID                CONFIG_WIFI_SSID
+#define TLS_SMP_WIFI_PASS                CONFIG_WIFI_PASSWORD
+
+#endif

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c

@@ -0,0 +1,266 @@
+/* server-tls-callback.c
+ *
+ * Copyright (C) 2006-2019 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+/* the usual suspects */
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+
+/* socket includes */
+#include <sys/socket.h>
+#include <arpa/inet.h>
+#include <netinet/in.h>
+#include <unistd.h>
+
+/* wolfSSL */
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/ssl.h>
+#include <wolfssl/certs_test.h>
+
+/* ESP specific */
+#include "wifi_connect.h"
+
+#ifdef WOLFSSL_TRACK_MEMORY
+    #include <wolfssl/wolfcrypt/mem_track.h>
+#endif
+
+static const char* const TAG = "tls_server";
+
+#if defined(DEBUG_WOLFSSL)
+
+static void ShowCiphers(void)
+{
+    char ciphers[4096];
+
+    int ret = wolfSSL_get_ciphers(ciphers, (int)sizeof(ciphers));
+
+    if (ret == WOLFSSL_SUCCESS)
+        printf("%s\n", ciphers);
+}
+
+#endif
+
+#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
+                                  && defined(WOLFSSL_ATECC508A)
+
+#include "wolfssl/wolfcrypt/port/atmel/atmel.h"
+
+/* when you want to use a custom slot allocation */
+/* enable the difinition CUSTOM_SLOT_ALLOCATION. */
+
+#if defined(CUSTOM_SLOT_ALLOCATION)
+
+static byte mSlotList[ATECC_MAX_SLOT];
+
+int atmel_set_slot_allocator(atmel_slot_alloc_cb alloc, atmel_slot_dealloc_cb dealloc);
+
+/* initialize slot array */
+void my_atmel_slotInit()
+{
+    int i;
+
+    for(i=0;i<ATECC_MAX_SLOT; i++) {
+        mSlotList[i] = ATECC_INVALID_SLOT;
+    }
+}
+
+/* allocate slot depending on slotType */
+int my_atmel_alloc(int slotType)
+{
+    int i, slot = -1;
+
+    switch(slotType){
+        case ATMEL_SLOT_ENCKEY:
+            slot = 4;
+            break;
+        case ATMEL_SLOT_DEVICE:
+            slot = 0;
+            break;
+        case ATMEL_SLOT_ECDHE:
+            slot = 0;
+            break;
+        case ATMEL_SLOT_ECDHE_ENC:
+            slot = 4;
+            break;
+        case ATMEL_SLOT_ANY:
+            for(i=0;i<ATECC_MAX_SLOT;i++){
+                if(mSlotList[i] == ATECC_INVALID_SLOT){
+                    slot = i;
+                    break;
+                }
+            }
+    }
+
+    return slot;
+}
+
+/* free slot array       */
+void my_atmel_free(int slotId)
+{
+    if(slotId >= 0 && slotId < ATECC_MAX_SLOT){
+        mSlotList[slotId] = ATECC_INVALID_SLOT;
+    }
+}
+#endif /* CUSTOM_SLOT_ALLOCATION                                       */
+#endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */
+
+void tls_smp_server_task()
+{
+    int                sockfd;
+    int                connd;
+    struct sockaddr_in servAddr;
+    struct sockaddr_in clientAddr;
+    socklen_t          size = sizeof(clientAddr);
+    char               buff[256];
+    size_t             len;
+    int                shutdown = 0;
+    int                ret;
+
+    /* declare wolfSSL objects */
+    WOLFSSL_CTX* ctx;
+    WOLFSSL*     ssl;
+
+    WOLFSSL_ENTER("tls_smp_server_task");
+
+#ifdef DEBUG_WOLFSSL
+    WOLFSSL_MSG("Debug ON");
+    wolfSSL_Debugging_ON();
+    ShowCiphers();
+#endif
+
+    /* Initialize wolfSSL */
+    WOLFSSL_MSG("Start wolfSSL_Init()");
+    wolfSSL_Init();
+
+    /* Create a socket that uses an internet IPv4 address,
+     * Sets the socket to be stream based (TCP),
+     * 0 means choose the default protocol. */
+    WOLFSSL_MSG( "start socket())");
+    if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
+        ESP_LOGE(TAG, "ERROR: failed to create the socket");
+    }
+
+    /* Create and initialize WOLFSSL_CTX */
+    WOLFSSL_MSG("Create and initialize WOLFSSL_CTX");
+    if ((ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())) == NULL) {
+        ESP_LOGE(TAG, "ERROR: failed to create WOLFSSL_CTX");
+    }
+    WOLFSSL_MSG("Loading certificate...");
+    /* Load server certificates into WOLFSSL_CTX */
+
+    if ((ret = wolfSSL_CTX_use_certificate_buffer(ctx, server_cert_der_2048,
+                        sizeof_server_cert_der_2048,
+                        WOLFSSL_FILETYPE_ASN1)) != SSL_SUCCESS) {
+        ESP_LOGE(TAG, "ERROR: failed to load cert");
+    }
+    WOLFSSL_MSG("Loading key info...");
+    /* Load server key into WOLFSSL_CTX */
+
+    if((ret=wolfSSL_CTX_use_PrivateKey_buffer(ctx,
+                            server_key_der_2048, sizeof_server_key_der_2048,
+                            WOLFSSL_FILETYPE_ASN1)) != SSL_SUCCESS) {
+        ESP_LOGE(TAG, "ERROR: failed to load privatekey");
+    }
+
+    /* TO DO when using ECDSA, it loads the provisioned certificate and present it.*/
+    /* TO DO when using ECDSA, it uses the generated key instead of loading key    */
+
+    /* Initialize the server address struct with zeros */
+    memset(&servAddr, 0, sizeof(servAddr));
+    /* Fill in the server address */
+    servAddr.sin_family      = AF_INET;             /* using IPv4      */
+    servAddr.sin_port        = htons(DEFAULT_PORT); /* on DEFAULT_PORT */
+    servAddr.sin_addr.s_addr = INADDR_ANY;          /* from anywhere   */
+
+    /* Bind the server socket to our port */
+    if (bind(sockfd, (struct sockaddr*)&servAddr, sizeof(servAddr)) == -1) {
+         ESP_LOGE(TAG, "ERROR: failed to bind");
+    }
+
+    /* Listen for a new connection, allow 5 pending connections */
+    if (listen(sockfd, 5) == -1) {
+         ESP_LOGE(TAG, "ERROR: failed to listen");
+    }
+
+#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
+                                  && defined(WOLFSSL_ATECC508A)
+    atcatls_set_callbacks(ctx);
+    /* when using a custom slot allocation */
+    #if defined(CUSTOM_SLOT_ALLOCATION)
+    my_atmel_slotInit();
+    atmel_set_slot_allocator(my_atmel_alloc, my_atmel_free);
+    #endif
+#endif
+
+    /* Continue to accept clients until shutdown is issued */
+    while (!shutdown) {
+         WOLFSSL_MSG("Waiting for a connection...");
+        /* Accept client connections */
+        if ((connd = accept(sockfd, (struct sockaddr*)&clientAddr, &size))
+            == -1) {
+             ESP_LOGE(TAG, "ERROR: failed to accept the connection");
+        }
+        /* Create a WOLFSSL object */
+        if ((ssl = wolfSSL_new(ctx)) == NULL) {
+             ESP_LOGE(TAG, "ERROR: failed to create WOLFSSL object");
+        }
+        /* Attach wolfSSL to the socket */
+        wolfSSL_set_fd(ssl, connd);
+        /* Establish TLS connection */
+        ret = wolfSSL_accept(ssl);
+        if (ret != SSL_SUCCESS) {
+            ESP_LOGE(TAG, "wolfSSL_accept error %d", wolfSSL_get_error(ssl, ret));
+        }
+        WOLFSSL_MSG("Client connected successfully");
+        /* Read the client data into our buff array */
+        memset(buff, 0, sizeof(buff));
+        if (wolfSSL_read(ssl, buff, sizeof(buff)-1) == -1) {
+            ESP_LOGE(TAG, "ERROR: failed to read");
+        }
+        /* Print to stdout any data the client sends */
+        WOLFSSL_MSG("Client sends:");
+        WOLFSSL_MSG(buff);
+        /* Check for server shutdown command */
+        if (strncmp(buff, "shutdown", 8) == 0) {
+            WOLFSSL_MSG("Shutdown command issued!");
+            shutdown = 1;
+        }
+        /* Write our reply into buff */
+        memset(buff, 0, sizeof(buff));
+        memcpy(buff, "I hear ya fa shizzle!", sizeof(buff));
+        len = strnlen(buff, sizeof(buff));
+        /* Reply back to the client */
+        if (wolfSSL_write(ssl, buff, len) != len) {
+            ESP_LOGE(TAG, "ERROR: failed to write");
+        }
+        /* Cleanup after this connection */
+        wolfSSL_free(ssl);      /* Free the wolfSSL object              */
+        close(connd);           /* Close the connection to the client   */
+    }
+    /* Cleanup and return */
+    wolfSSL_CTX_free(ctx);  /* Free the wolfSSL context object          */
+    wolfSSL_Cleanup();      /* Cleanup the wolfSSL environment          */
+    close(sockfd);          /* Close the socket listening for clients   */
+
+    vTaskDelete(NULL);
+
+    return;                 /* Return reporting a success               */
+}

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c

@@ -0,0 +1,143 @@
+/* wifi_connect.c 
+ *
+ * Copyright (C) 2006-2019 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+/*ESP specific */
+#include "freertos/FreeRTOS.h"
+#include "freertos/task.h"
+#include "freertos/event_groups.h"
+#include "wifi_connect.h"
+#include "lwip/sockets.h"
+#include "lwip/netdb.h"
+#include "lwip/apps/sntp.h"
+#include "nvs_flash.h"
+
+const static int CONNECTED_BIT = BIT0;
+static EventGroupHandle_t wifi_event_group;
+/* prefix for logging */
+const static char *TAG = "tls_server";
+/* proto-type difinition */
+extern void tls_smp_server_task();
+static void tls_smp_server_init();
+
+static void set_time()
+{
+    /* set dummy wallclock time. */
+    struct timeval utctime;
+    struct timezone tz;
+    struct strftime_buf;
+    time_t now;
+    struct tm timeinfo;
+    char strftime_buf[64];
+
+    utctime.tv_sec = 1542008020; /* dummy time: Mon Nov 12 07:33:40 2018 */
+    utctime.tv_usec = 0;
+    tz.tz_minuteswest = 0;
+    tz.tz_dsttime = 0;
+    
+    settimeofday(&utctime, &tz);
+
+    time(&now);
+    localtime_r(&now, &timeinfo);
+
+    strftime(strftime_buf, sizeof(strftime_buf), "%c", &timeinfo);
+    ESP_LOGI(TAG, "The current date/time is: %s", strftime_buf);
+
+    /* wait until wifi connect */
+    xEventGroupWaitBits(wifi_event_group, CONNECTED_BIT,
+                                            false, true, portMAX_DELAY);
+    /* now we start client tasks. */
+    tls_smp_server_init();
+}
+
+/* create task */
+static void tls_smp_server_init(void)
+{
+    int ret;
+    xTaskHandle _handle;
+    /* http://esp32.info/docs/esp_idf/html/dd/d3c/group__xTaskCreate.html */
+    ret = xTaskCreate(tls_smp_server_task,
+                      TLS_SMP_SERVER_TASK_NAME,
+                      TLS_SMP_SERVER_TASK_WORDS,
+                      NULL,
+                      TLS_SMP_SERVER_TASK_PRIORITY,
+                      &_handle);
+
+    if (ret != pdPASS) {
+        ESP_LOGI(TAG, "create thread %s failed", TLS_SMP_SERVER_TASK_NAME);
+    }
+}
+/* event hander for wifi events */
+static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
+{
+    switch (event->event_id)
+    {
+    case SYSTEM_EVENT_STA_START:
+        esp_wifi_connect();
+        break;
+    case SYSTEM_EVENT_STA_GOT_IP:
+        ESP_LOGI(TAG, "got ip:%s",
+                 ip4addr_ntoa(&event->event_info.got_ip.ip_info.ip));
+        /* http://esp32.info/docs/esp_idf/html/dd/d08/group__xEventGroupSetBits.html */
+        xEventGroupSetBits(wifi_event_group, CONNECTED_BIT);
+        break;
+    case SYSTEM_EVENT_STA_DISCONNECTED:
+        esp_wifi_connect();
+        xEventGroupClearBits(wifi_event_group, CONNECTED_BIT);
+        break;
+    default:
+        break;
+    }
+    return ESP_OK;
+}
+/* entry point */
+void app_main(void)
+{
+    ESP_LOGI(TAG, "Start app_main...");
+    ESP_ERROR_CHECK(nvs_flash_init());
+
+    ESP_LOGI(TAG, "Initialize wifi");
+    /* TCP/IP adapter initialization */
+    tcpip_adapter_init();
+
+    /* */
+    wifi_event_group = xEventGroupCreate();
+    ESP_ERROR_CHECK(esp_event_loop_init(wifi_event_handler, NULL));
+    wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
+    ESP_ERROR_CHECK(esp_wifi_init(&cfg));
+
+    wifi_config_t wifi_config = {
+        .sta = {
+            .ssid = TLS_SMP_WIFI_SSID,
+            .password = TLS_SMP_WIFI_PASS,
+        },
+    };
+    /* WiFi station mode */
+    ESP_ERROR_CHECK(esp_wifi_set_mode(WIFI_MODE_STA) );
+    /* Wifi Set the configuration of the ESP32 STA or AP */ 
+    ESP_ERROR_CHECK(esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) );
+    /* Start Wifi */
+    ESP_ERROR_CHECK(esp_wifi_start() );
+
+    ESP_LOGI(TAG, "wifi_init_sta finished.");
+    ESP_LOGI(TAG, "connect to ap SSID:%s password:%s",
+                                        TLS_SMP_WIFI_SSID, TLS_SMP_WIFI_PASS);
+    ESP_LOGI(TAG, "Set Dummy time...");
+    set_time();
+}

IDE/Espressif/ESP-IDF/examples/wolfssl_test/CMakeLists.txt

@@ -0,0 +1,6 @@
+# The following five lines of boilerplate have to be in your project's
+# CMakeLists in this exact order for cmake to work correctly
+cmake_minimum_required(VERSION 3.5)
+
+include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+project(wolfssl_test)

IDE/Espressif/ESP-IDF/examples/wolfssl_test/Makefile

@@ -0,0 +1,11 @@
+#
+# This is a project Makefile. It is assumed the directory this Makefile resides in is a
+# project subdirectory.
+#
+
+PROJECT_NAME := wolfssl_test
+
+CFLAGS += -DWOLFSSL_USER_SETTINGS
+
+include $(IDF_PATH)/make/project.mk
+

IDE/Espressif/ESP-IDF/examples/wolfssl_test/README.md

@@ -0,0 +1,10 @@
+#wolfSSL Example
+
+The Example contains of wolfSSL test program.
+
+When you want to run the benchmark program
+1. "make menuconfig" to configure the program,first
+2. "make flash" to compile and load the firmware
+3. "make monitor" to see the message
+
+See the README.md file in the upper level 'examples' directory for more information about examples.

IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/CMakeLists.txt

@@ -0,0 +1,10 @@
+
+#
+# wolfssl crypt test
+#
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+
+set(COMPONENT_SRCS "test.c")
+set(COMPONENT_ADD_INCLUDEDIRS ".")
+
+register_component()

IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/component.mk

@@ -0,0 +1,3 @@
+#
+# Main Makefile. This is basically the same as a component makefile.
+#

IDE/Espressif/ESP-IDF/examples/wolfssl_test/sdkconfig.defaults

@@ -0,0 +1,2 @@
+CONFIG_MAIN_TASK_STACK_SIZE=9000
+CONFIG_TASK_WDT_CHECK_IDLE_TASK_CPU0=

IDE/Espressif/ESP-IDF/libs/CMakeLists.txt

@@ -0,0 +1,37 @@
+#
+# cmake for wolfssl
+# 
+cmake_minimum_required(VERSION 3.5)
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+
+set(CMAKE_CURRENT_SOURCE_DIR ".")
+set(WOLFSSL_ROOT ${CMAKE_CURRENT_SOURCE_DIR})
+set(INCLUDE_PATH ${WOLFSSL_ROOT})
+
+set(COMPONENT_SRCDIRS "./src/"
+                      "./wolfcrypt/src/"
+                      "./wolfcrypt/src/port/Espressif/"
+                      "./wolfcrypt/src/port/atmel/"
+                      )
+
+set(COMPONENT_REQUIRES lwip)
+
+set(COMPONENT_ADD_INCLUDEDIRS
+    "."
+    "./include"
+    "../freertos/include/freertos" 
+    "${WOLFSSL_ROOT}"
+    )
+
+if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
+    list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
+endif()
+
+set(COMPONENT_SRCEXCLUDE
+    "wolfcrypt/src/aes_asm.S"
+    "wolfcrypt/src/evp.c"
+    "wolfcrypt/src/misc.c"
+    "src/bio.c"
+    )
+
+register_component()

IDE/Espressif/ESP-IDF/libs/component.mk

@@ -0,0 +1,17 @@
+#
+# Component Makefile
+#
+
+COMPONENT_ADD_INCLUDEDIRS := . ./include
+COMPONENT_ADD_INCLUDEDIRS += ../freertos/include/freertos/
+
+COMPONENT_SRCDIRS := src wolfcrypt/src
+COMPONENT_SRCDIRS += wolfcrypt/src/port/Espressif
+COMPONENT_SRCDIRS += wolfcrypt/src/port/atmel
+
+CFLAGS +=-DWOLFSSL_USER_SETTINGS
+
+COMPONENT_OBJEXCLUDE := wolfcrypt/src/aes_asm.o
+COMPONENT_OBJEXCLUDE += wolfcrypt/src/evp.o
+COMPONENT_OBJEXCLUDE += wolfcrypt/src/misc.o
+COMPONENT_OBJEXCLUDE += src/bio.o

IDE/Espressif/ESP-IDF/setup.sh

@@ -0,0 +1,112 @@
+#!/bin/bash
+
+# check if IDF_PATH is set
+if [ -z "$IDF_PATH" ]; then
+    echo "Please follows the instruction of ESP-IDF installation and set IDF_PATH."
+    exit 1
+fi
+
+RMDCMD='/bin/rm -rf'
+MKDCMD='/bin/mkdir'
+CPDCMD='/bin/cp'
+
+SCRIPTDIR=`dirname $0`
+SCRIPTDIR=`cd $SCRIPTDIR && pwd -P`
+WOLFSSL_ESPIDFDIR=${SCRIPTDIR}
+WOLFSSL_ESPIDFDIR=`cd $WOLFSSL_ESPIDFDIR && pwd -P`
+BASEDIR=${SCRIPTDIR}/../../../
+BASEDIR=`cd ${BASEDIR} && pwd -P`
+
+# echo $WOLFSSL_ESPIDFDIR
+
+WOLFSSLLIB_TRG_DIR=${IDF_PATH}/components/wolfssl
+WOLFSSLEXP_TRG_DIR=${IDF_PATH}/examples/protocols
+
+if [ ! -d $IDF_PATH ]; then
+    echo "ESP-IDF Development Framework doesn't exist.: $IDF_PATH"
+    exit 1
+fi
+
+# Copy files into ESP-IDF development framework
+pushd $IDF_PATH > /dev/null
+
+echo "Copy files into $IDF_PATH"
+# Remove/Create directories
+${RMDCMD} ${WOLFSSLLIB_TRG_DIR}/
+${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/
+
+${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/src
+${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/wolfcrypt
+${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/wolfcrypt/src
+${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/wolfssl
+${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/test
+${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/include
+
+popd > /dev/null             # $WOLFSSL_ESPIDFDIR
+pushd ${BASEDIR} > /dev/null # WOLFSSL TOP DIR
+
+# copying ... files in src/ into $WOLFSSLLIB_TRG_DIR/src
+${CPDCMD} ./src/*.c ${WOLFSSLLIB_TRG_DIR}/src/
+
+
+${CPDCMD} -r ./wolfcrypt/src/*.{c,i} ${WOLFSSLLIB_TRG_DIR}/wolfcrypt/src/
+${CPDCMD} -r ./wolfcrypt/src/port  ${WOLFSSLLIB_TRG_DIR}/wolfcrypt/src/port/
+${CPDCMD} -r ./wolfcrypt/test ${WOLFSSLLIB_TRG_DIR}/wolfcrypt/
+${CPDCMD} -r ./wolfcrypt/benchmark ${WOLFSSLLIB_TRG_DIR}/wolfcrypt/
+
+${CPDCMD} -r ./wolfssl/*.h ${WOLFSSLLIB_TRG_DIR}/wolfssl/
+${CPDCMD} -r ./wolfssl/wolfcrypt ${WOLFSSLLIB_TRG_DIR}/wolfssl/
+# user_settings.h
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/user_settings.h ${WOLFSSLLIB_TRG_DIR}/include/
+
+# unit test app
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/test/* ${WOLFSSLLIB_TRG_DIR}/test/
+
+popd > /dev/null # 
+
+${CPDCMD} ./libs/CMakeLists.txt ${WOLFSSLLIB_TRG_DIR}/
+${CPDCMD} ./libs/component.mk ${WOLFSSLLIB_TRG_DIR}/
+
+pushd ${BASEDIR} > /dev/null # WOLFSSL TOP DIR
+
+# Benchmark program
+${RMDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_benchmark/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_benchmark/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_benchmark/main/
+
+${CPDCMD} -r ./wolfcrypt/benchmark/benchmark.c ${WOLFSSLEXP_TRG_DIR}/wolfssl_benchmark/main/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_benchmark/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_benchmark/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_benchmark/main/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_benchmark/main/
+
+# Crypt Test program
+${RMDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_test/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_test/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_test/main/
+
+${CPDCMD} -r ./wolfcrypt/test/test.c ${WOLFSSLEXP_TRG_DIR}/wolfssl_test/main/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_test/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_test/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_test/main/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_test/main/
+
+# TLS Client program
+${RMDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_client/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_client/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_client/main/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_client/main/include
+
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_client/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_client/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_client/main/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_client/main/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_client/main/include/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_client/main/include/
+
+# TLS Server program
+${RMDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_server/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_server/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_server/main/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_server/main/include
+
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_server/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_server/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_server/main/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_server/main/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_server/main/include/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_server/main/include/
+
+popd > /dev/null # 
+
+exit 1

IDE/Espressif/ESP-IDF/test/CMakeLists.txt

@@ -0,0 +1,6 @@
+set(COMPONENT_SRCDIRS ".")
+set(COMPONENT_ADD_INCLUDEDIRS ".")
+
+set(COMPONENT_REQUIRES unity test_utils wolfssl)
+
+register_component()

IDE/Espressif/ESP-IDF/test/README.md

@@ -0,0 +1,11 @@
+# wolfSSL unit-test app
+
+The test contains of wolfSSL unit-test app on Unity.
+
+When you want to run the app  
+1. Copy *test.c* file at /path/to/esp-idf/components/wolfssl/wolfcrypt/test/ folder to the  wolfssl/test folder  
+2. Go to /esp-idf/tools/unit-test-app/ folder  
+3. "make menuconfig" to configure unit test app.  
+4. "make TEST_COMPONENTS=wolfssl" to build wolfssl unit test app.  
+
+See [https://docs.espressif.com/projects/esp-idf/en/latest/api-guides/unit-tests.html] for more information about unit test app.

IDE/Espressif/ESP-IDF/test/component.mk

@@ -0,0 +1,10 @@
+#
+#Component Makefile
+#
+
+#CFLAGS := -v
+CFLAGS += -DNO_MAIN_DRIVER
+CFLAGS += -DWOLFSSL_USER_SETTINGS
+#CFLAGS += -DWOLFSSL_ESP32WROOM32_CRYPT_DEBUG
+
+COMPONENT_ADD_LDFLAGS = -Wl,--whole-archive -l$(COMPONENT_NAME) -Wl,--no-whole-archive

IDE/Espressif/ESP-IDF/user_settings.h

@@ -0,0 +1,82 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2019 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#define BENCH_EMBEDDED
+#define USE_CERT_BUFFERS_2048
+
+/* TLS 1.3                                 */
+#define WOLFSSL_TLS13
+#define HAVE_TLS_EXTENSIONS
+#define WC_RSA_PSS
+#define HAVE_HKDF
+#define HAVE_AEAD
+#define HAVE_SUPPORTED_CURVES
+
+/* when you want to use SINGLE THREAD */
+/* #define SINGLE_THREADED */
+#define NO_FILESYSTEM
+
+#define HAVE_AESGCM
+/* when you want to use SHA384 */
+/* #define WOLFSSL_SHA384 */
+#define WOLFSSL_SHA512
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define CURVE25519_SMALL
+#define HAVE_ED25519
+
+/* esp32-wroom-32se specific definition */
+#if defined(WOLFSSL_ESPWROOM32SE)
+    #define WOLFSSL_ATECC508A
+    #define HAVE_PK_CALLBACKS
+    /* when you want to use a custom slot allocation for ATECC608A */
+    /* unless your configuration is unusual, you can use default   */
+    /* implementation.                                             */
+    /* #define CUSTOM_SLOT_ALLOCATION                              */
+#endif
+
+/* rsa primitive specific definition */
+#if defined(WOLFSSL_ESPWROOM32) || defined(WOLFSSL_ESPWROOM32SE)
+    /* Define USE_FAST_MATH and SMALL_STACK                        */
+    #define ESP32_USE_RSA_PRIMITIVE
+    /* threshold for performance adjustment for hw primitive use   */
+    /* X bits of G^X mod P greater than                            */ 
+    #define EPS_RSA_EXPT_XBTIS           36
+    /* X and Y of X * Y mod P greater than                         */
+    #define ESP_RSA_MULM_BITS            2000
+#endif
+
+/* debug options */
+/* #define DEBUG_WOLFSSL */
+/* #define WOLFSSL_ESP32WROOM32_CRYPT_DEBUG */
+/* #define WOLFSSL_ATECC508A_DEBUG          */
+
+/* date/time                               */
+/* if it cannot adjust time in the device, */
+/* enable macro below                      */
+/* #define NO_ASN_TIME */
+/* #define XTIME time */
+
+/* when you want not to use HW acceleration */
+/* #define NO_ESP32WROOM32_CRYPT */
+/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH*/
+/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_AES */
+/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI */

IDE/GCC-ARM/Header/user_settings.h

@@ -1,6 +1,6 @@
 /* user_settings.h
  *
- * Copyright (C) 2006-2018 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -48,9 +48,6 @@ extern "C" {
 /* ------------------------------------------------------------------------- */
 /* Math Configuration */
 /* ------------------------------------------------------------------------- */
-#undef  USE_FAST_MATH
-#define USE_FAST_MATH
-
 #undef  SIZEOF_LONG_LONG
 #define SIZEOF_LONG_LONG 8
 
@@ -69,14 +66,15 @@ extern "C" {
 #undef WOLFSSL_SP
 #if 0
     #define WOLFSSL_SP
-    #define WOLFSSL_SP_SMALL
+    #define WOLFSSL_SP_SMALL      /* use smaller version of code */
     #define WOLFSSL_HAVE_SP_RSA
     #define WOLFSSL_HAVE_SP_DH
     #define WOLFSSL_HAVE_SP_ECC
     #define WOLFSSL_SP_CACHE_RESISTANT
-    //#define WOLFSSL_SP_MATH
+    //#define WOLFSSL_SP_MATH     /* only SP math - eliminates fast math code */
 
     /* 64 or 32 bit version */
+    //#define WOLFSSL_SP_ASM      /* required if using the ASM versions */
     //#define WOLFSSL_SP_ARM32_ASM
     //#define WOLFSSL_SP_ARM64_ASM
 #endif

IDE/GCC-ARM/Makefile.common

@@ -110,7 +110,7 @@ SRC_C += ../../wolfcrypt/src/cmac.c
 SRC_C += ../../wolfcrypt/src/coding.c
 SRC_C += ../../wolfcrypt/src/compress.c
 SRC_C += ../../wolfcrypt/src/cpuid.c
-SRC_C += ../../wolfcrypt/src/cryptodev.c
+SRC_C += ../../wolfcrypt/src/cryptocb.c
 SRC_C += ../../wolfcrypt/src/curve25519.c
 SRC_C += ../../wolfcrypt/src/ed25519.c
 SRC_C += ../../wolfcrypt/src/error.c

IDE/GCC-ARM/README.md

@@ -81,7 +81,7 @@ $ make
 $ make install
 ```
 
-If you are building for a 32-bit architecture, add `-DTIME_T_NOT_LONG` to the
+If you are building for a 32-bit architecture, add `-DTIME_T_NOT_64BIT` to the
 list of CFLAGS.
 
 ## Example Build Output

IDE/GCC-ARM/Source/armtarget.c

@@ -1,6 +1,6 @@
 /* armtarget.c
  *
- * Copyright (C) 2006-2018 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/GCC-ARM/Source/benchmark_main.c

@@ -1,6 +1,6 @@
 /* benchmark_main.c
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/GCC-ARM/Source/test_main.c

@@ -1,6 +1,6 @@
 /* test_main.c
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/GCC-ARM/Source/tls_client.c

@@ -1,6 +1,6 @@
 /* tls_client.c
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/GCC-ARM/Source/wolf_main.c

@@ -1,6 +1,6 @@
 /* wolf_main.c
  *
- * Copyright (C) 2006-2018 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/IAR-EWARM/Projects/benchmark/benchmark-main.c

@@ -1,6 +1,6 @@
 /* benchmark-main.c
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/IAR-EWARM/Projects/benchmark/current_time.c

@@ -1,6 +1,6 @@
 /* current-time.c
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/IAR-EWARM/Projects/common/minimum-startup.c

@@ -1,6 +1,6 @@
 /* minimum-startup.c
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/IAR-EWARM/Projects/test/test-main.c

@@ -1,6 +1,6 @@
 /* test-main.c
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/IAR-EWARM/Projects/user_settings.h

@@ -10,6 +10,7 @@
 #define NO_WOLFSSL_DIR 
 #define WOLFSSL_NO_CURRDIR
 #define NO_WOLF_C99
+#define NO_MULTIBYTE_PRINT
 
 #define XVALIDATEDATE(d, f,t) (0)
 #define WOLFSSL_USER_CURRTIME /* for benchmark */

IDE/LPCXPRESSO/lib_wolfssl/lpc_18xx_port.c

@@ -1,6 +1,6 @@
 /* lpc_18xx_port.c
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/LPCXPRESSO/wolf_example/src/lpc_18xx_startup.c

@@ -1,6 +1,6 @@
 /* lpc_18xx_startup.c
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK-ARM/LPC43xx/time-LCP43xx.c

@@ -1,6 +1,6 @@
 /* time.c
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK-ARM/MDK-ARM/wolfSSL/cert_data.c

@@ -1,6 +1,6 @@
 /* certs_test.c
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK-ARM/MDK-ARM/wolfSSL/config-BARE-METAL.h

@@ -1,6 +1,6 @@
 /* config-BEREFOOT.h
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK-ARM/MDK-ARM/wolfSSL/config-FS.h

@@ -1,6 +1,6 @@
 /* config-FS.h
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK-ARM/MDK-ARM/wolfSSL/config-RTX-TCP-FS.h

@@ -1,6 +1,6 @@
 /* config-RTX-TCP-FS.h
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK-ARM/MDK-ARM/wolfSSL/config.h

@@ -1,6 +1,6 @@
 /* config.h
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK-ARM/MDK-ARM/wolfSSL/main.c

@@ -1,6 +1,6 @@
 /* main.c
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK-ARM/MDK-ARM/wolfSSL/shell.c

@@ -1,6 +1,6 @@
 /*shell.c
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK-ARM/MDK-ARM/wolfSSL/time-CortexM3-4.c

@@ -1,6 +1,6 @@
 /* time-STM32F2.c
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK-ARM/MDK-ARM/wolfSSL/time-dummy.c

@@ -1,6 +1,6 @@
 /* time-dummy.c.c
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK-ARM/MDK-ARM/wolfSSL/wolfssl_MDK_ARM.c

@@ -1,6 +1,6 @@
 /* wolfssl_KEIL_RL.c
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK-ARM/MDK-ARM/wolfSSL/wolfssl_MDK_ARM.h

@@ -1,6 +1,6 @@
 /* wolfssl_KEIL_RL.h
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK-ARM/STM32F2xx_StdPeriph_Lib/time-STM32F2xx.c

@@ -1,6 +1,6 @@
 /* time-STM32F2xx.c
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK5-ARM/Conf/user_settings.h

@@ -1,6 +1,6 @@
 /* user_settings.h
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -35,6 +35,7 @@
 #define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
 #define WOLFSSL_GMTIME
 
+#define NO_MULTIBYTE_PRINT
 // <<< Use Configuration Wizard in Context Menu >>>
 
 
@@ -58,8 +59,8 @@
 //         <4=>PThread <5=>ThreadX<6=> ThreadX/NetX
 //         <7=>Micrium <8=>EBSnet<9=>MQX 
 //         <10=>T-RTOS <11=>uITRON4<12=>uTKERNEL2 
-//         <13=>Frosted <14=>CMSIS RTOS<15=>Others
-#define MDK_CONF_THREAD 14
+//         <13=>Frosted <14=>CMSIS RTOS<15=>CMSIS RTOSv2<16=>Others
+#define MDK_CONF_THREAD 15
 #if MDK_CONF_THREAD== 0
 #define SINGLE_THREADED
 #elif MDK_CONF_THREAD == 1
@@ -91,6 +92,8 @@
 #elif MDK_CONF_THREAD == 14
 #define WOLFSSL_CMSIS_RTOS
 #elif MDK_CONF_THREAD == 15
+#define WOLFSSL_CMSIS_RTOSv2
+#elif MDK_CONF_THREAD == 16
 #define SINGLE_THREADED
 #endif
 
@@ -150,13 +153,13 @@
 //  <h>Hash/Crypt Algrithm
 
 //      <e>MD2
-#define MDK_CONF_MD2 1
+#define MDK_CONF_MD2 0
 #if MDK_CONF_MD2 == 1
 #define WOLFSSL_MD2
 #endif
 //  </e>
 //      <e>MD4
-#define MDK_CONF_MD4 1
+#define MDK_CONF_MD4 0
 #if MDK_CONF_MD4 == 0
 #define NO_MD4
 #endif
@@ -236,7 +239,7 @@
 //  </e>
 
 //      <e>RC4
-#define MDK_CONF_RC4 1
+#define MDK_CONF_RC4 0
 #if MDK_CONF_RC4 == 0
 #define NO_RC4
 #endif
@@ -375,7 +378,7 @@
 
 //  <h>Hardware Crypt (See document for usage)
 //      <e>Hardware RNG
-#define MDK_CONF_STM32F2_RNG 1
+#define MDK_CONF_STM32F2_RNG 0
 #if MDK_CONF_STM32F2_RNG == 1
 #define WOLFSSL_STM32_CUBEMX
 #define STM32_RNG
@@ -393,7 +396,7 @@
 #endif
 //  </e>
 //      <e>Hardware Crypt
-#define MDK_CONF_STM32F2_CRYPTO 1
+#define MDK_CONF_STM32F2_CRYPTO 0
 #if MDK_CONF_STM32F2_CRYPTO == 1
 #define WOLFSSL_STM32_CUBEMX
 #define STM32_CRYPTO
@@ -411,7 +414,7 @@
 #endif
 //  </e>
 //      <e>Hardware Hash
-#define MDK_CONF_STM32F2_HASH 1
+#define MDK_CONF_STM32F2_HASH 0
 #if MDK_CONF_STM32F2_HASH == 1
 #define WOLFSSL_STM32_CUBEMX
 #define STM32_HASH
@@ -461,7 +464,7 @@
 #endif
 //  </e>
 //      <e>Small Stack
-#define MDK_CONF_SmallStack 0
+#define MDK_CONF_SmallStack 1
 #if MDK_CONF_SmallStack == 0
 #define NO_WOLFSSL_SMALL_STACK
 #endif
@@ -475,10 +478,11 @@
 // <h> wolfSSL Configuration
 
 //      <e>TLS 1.3
-#define MDK_CONF_TLS 0
+#define MDK_CONF_TLS 1
 #if MDK_CONF_TLS == 1
 #define WOLFSSL_TLS13
 #define HAVE_TLS_EXTENSIONS
+#define HAVE_SUPPORTED_CURVES
 #define WC_RSA_PSS
 #define HAVE_HKDF
 #define HAVE_FFDHE_2048

IDE/MDK5-ARM/Inc/wolfssl_MDK_ARM.h

@@ -1,6 +1,6 @@
 /* wolfssl_KEIL_ARM.h
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK5-ARM/Projects/CryptBenchmark/Abstract.txt

@@ -1,6 +1,7 @@
 wolfCrypt Benchmark
 
 Use Configuration Wizard tab
+RTE_Device.h: Check SDMMC1 (SD/SDIO/MMC card host interface 1)
 user_settings.h for wolfCrypt options
 
 For further options, details, see wolfSSL User Manual.

IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvoptx

@@ -101,7 +101,7 @@
         <sRunDeb>0</sRunDeb>
         <sLrtime>0</sLrtime>
         <bEvRecOn>1</bEvRecOn>
-        <nTsel>5</nTsel>
+        <nTsel>1</nTsel>
         <sDll></sDll>
         <sDllPa></sDllPa>
         <sDlgDll></sDlgDll>
@@ -112,9 +112,14 @@
         <tDlgDll></tDlgDll>
         <tDlgPa></tDlgPa>
         <tIfile></tIfile>
-        <pMon>STLink\ST-LINKIII-KEIL_SWO.dll</pMon>
+        <pMon>BIN\ULP2CM3.DLL</pMon>
       </DebugOpt>
       <TargetDriverDllRegistry>
+        <SetRegEntry>
+          <Number>0</Number>
+          <Key>ULP2CM3</Key>
+          <Name>-UP1135060 -O207 -S10 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(5BA02477) -L00(0) -TO19 -TC216000000 -TP11 -TDX0 -TDD0 -TDS8001 -TDT0 -TDC1F -TIEFFFFFFFF -TIP8 -FO15 -FD20010000 -FC1000 -FN1 -FF0STM32F7x_1024.FLM -FS08000000 -FL0100000 -FP0($$Device:STM32F756NGHx$CMSIS\Flash\STM32F7x_1024.FLM)</Name>
+        </SetRegEntry>
         <SetRegEntry>
           <Number>0</Number>
           <Key>ST-LINKIII-KEIL_SWO</Key>
@@ -138,7 +143,7 @@
         <SetRegEntry>
           <Number>0</Number>
           <Key>DLGUARM</Key>
-          <Name>(105=-1,-1,-1,-1,0)</Name>
+          <Name></Name>
         </SetRegEntry>
         <SetRegEntry>
           <Number>0</Number>
@@ -155,8 +160,13 @@
         </Ww>
       </WatchWindow1>
       <ScvdPack>
-        <Filename>C:\Keil_v5\ARM\PACK\Keil\MDK-Middleware\7.5.0\FileSystem\FileSystem.scvd</Filename>
-        <Type>Keil.MDK-Middleware.7.5.0</Type>
+        <Filename>C:\Keil_v5\ARM\PACK\Keil\MDK-Middleware\7.7.0\FileSystem\FileSystem.scvd</Filename>
+        <Type>Keil.MDK-Middleware.7.7.0</Type>
+        <SubType>1</SubType>
+      </ScvdPack>
+      <ScvdPack>
+        <Filename>C:\Keil_v5\ARM\PACK\ARM\CMSIS\5.3.0\CMSIS\RTOS2\RTX\RTX5.scvd</Filename>
+        <Type>ARM.CMSIS.5.3.0</Type>
         <SubType>1</SubType>
       </ScvdPack>
       <Tracepoint>
@@ -197,6 +207,10 @@
       <pszMrule></pszMrule>
       <pSingCmds></pSingCmds>
       <pMultCmds></pMultCmds>
+      <pMisraNamep></pMisraNamep>
+      <pszMrulep></pszMrulep>
+      <pSingCmdsp></pSingCmdsp>
+      <pMultCmdsp></pMultCmdsp>
       <DebugDescription>
         <Enable>1</Enable>
         <EnableLog>0</EnableLog>

IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvprojx

@@ -16,7 +16,7 @@
         <TargetCommonOption>
           <Device>STM32F756NGHx</Device>
           <Vendor>STMicroelectronics</Vendor>
-          <PackID>Keil.STM32F7xx_DFP.2.9.0</PackID>
+          <PackID>Keil.STM32F7xx_DFP.2.11.0</PackID>
           <PackURL>http://www.keil.com/pack</PackURL>
           <Cpu>IROM(0x08000000,0x100000) IROM2(0x00200000,0x100000) IRAM(0x20010000,0x40000) IRAM2(0x20000000,0x10000) CPUTYPE("Cortex-M7") FPU3(SFPU) CLOCK(12000000) ELITTLE</Cpu>
           <FlashUtilSpec></FlashUtilSpec>
@@ -176,7 +176,7 @@
             <GenPPlst>0</GenPPlst>
             <AdsCpuType>"Cortex-M7"</AdsCpuType>
             <RvctDeviceName></RvctDeviceName>
-            <mOS>1</mOS>
+            <mOS>0</mOS>
             <uocRom>0</uocRom>
             <uocRam>0</uocRam>
             <hadIROM>1</hadIROM>
@@ -446,6 +446,12 @@
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </api>
+      <api Capiversion="2.1.2" Cclass="CMSIS" Cgroup="RTOS2" exclusive="1">
+        <package name="CMSIS" schemaVersion="1.3" url="http://www.keil.com/pack/" vendor="ARM" version="5.3.0"/>
+        <targetInfos>
+          <targetInfo name="wolfSSL-Benchmark"/>
+        </targetInfos>
+      </api>
       <api Capiversion="1.0.0" Cclass="Device" Cgroup="STM32Cube Framework" exclusive="1">
         <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
         <targetInfos>
@@ -460,8 +466,14 @@
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </component>
-      <component Capiversion="1.0.0" Cclass="CMSIS" Cgroup="RTOS" Csub="Keil RTX" Cvendor="ARM" Cversion="4.81.1" condition="RTOS RTX">
-        <package name="CMSIS" schemaVersion="1.3" url="http://www.keil.com/pack/" vendor="ARM" version="5.1.1"/>
+      <component Capiversion="1.0.0" Cclass="CMSIS" Cgroup="RTOS" Csub="Keil RTX5" Cvendor="ARM" Cversion="5.3.0" condition="RTOS RTX5">
+        <package name="CMSIS" schemaVersion="1.3" url="http://www.keil.com/pack/" vendor="ARM" version="5.3.0"/>
+        <targetInfos>
+          <targetInfo name="wolfSSL-Benchmark"/>
+        </targetInfos>
+      </component>
+      <component Capiversion="2.1.2" Cclass="CMSIS" Cgroup="RTOS2" Csub="Keil RTX5" Cvariant="Library" Cvendor="ARM" Cversion="5.3.0" condition="RTOS2 RTX5 Lib">
+        <package name="CMSIS" schemaVersion="1.3" url="http://www.keil.com/pack/" vendor="ARM" version="5.3.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
@@ -496,14 +508,14 @@
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </component>
-      <component Cbundle="MDK-Pro" Cclass="File System" Cgroup="CORE" Cvariant="LFN" Cvendor="Keil" Cversion="6.10.0" condition="CMSIS Core with RTOS and File System I/O">
-        <package name="MDK-Middleware" schemaVersion="1.4" url="http://www.keil.com/pack/" vendor="Keil" version="7.5.0"/>
+      <component Cbundle="MDK-Pro" Cclass="File System" Cgroup="CORE" Cvariant="LFN" Cvendor="Keil" Cversion="6.10.1" condition="CMSIS Core with RTOS and File System I/O">
+        <package name="MDK-Middleware" schemaVersion="1.4" url="http://www.keil.com/pack/" vendor="Keil" version="7.7.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </component>
-      <component Cbundle="MDK-Pro" Cclass="File System" Cgroup="Drive" Csub="Memory Card" Cvendor="Keil" Cversion="6.10.0" condition="File System and SD/MMC Driver" maxInstances="2">
-        <package name="MDK-Middleware" schemaVersion="1.4" url="http://www.keil.com/pack/" vendor="Keil" version="7.5.0"/>
+      <component Cbundle="MDK-Pro" Cclass="File System" Cgroup="Drive" Csub="Memory Card" Cvendor="Keil" Cversion="6.10.1" condition="File System and SD/MMC Driver" maxInstances="2">
+        <package name="MDK-Middleware" schemaVersion="1.4" url="http://www.keil.com/pack/" vendor="Keil" version="7.7.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
@@ -532,128 +544,128 @@
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </component>
-      <component Capiversion="2.2.0" Cclass="CMSIS Driver" Cgroup="MCI" Cvendor="Keil" Cversion="1.4.0" condition="STM32F7 CMSIS_Driver MCI">
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+      <component Capiversion="2.2.0" Cclass="CMSIS Driver" Cgroup="MCI" Cvendor="Keil" Cversion="1.6.0" condition="STM32F7 CMSIS_Driver MCI">
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </component>
-      <component Capiversion="1.0.0" Cclass="Device" Cgroup="STM32Cube Framework" Csub="Classic" Cvendor="Keil" Cversion="1.2.0" condition="STM32F7 Framework Classic">
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+      <component Capiversion="1.0.0" Cclass="Device" Cgroup="STM32Cube Framework" Csub="Classic" Cvendor="Keil" Cversion="1.2.6" condition="STM32F7 Framework Classic">
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </component>
-      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="ADC" Cvendor="Keil" Cversion="1.2.0" condition="STM32F7 HAL DMA">
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="ADC" Cvendor="Keil" Cversion="1.2.6" condition="STM32F7 HAL DMA">
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </component>
-      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="CRYP" Cvendor="Keil" Cversion="1.2.0" condition="STM32F756_777_779 HAL DMA">
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="CRYP" Cvendor="Keil" Cversion="1.2.6" condition="STM32F756_777_779_750 HAL DMA">
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </component>
-      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="Common" Cvendor="Keil" Cversion="1.2.0" condition="STM32F7 HAL Common">
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="Common" Cvendor="Keil" Cversion="1.2.6" condition="STM32F7 HAL Common">
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </component>
-      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="Cortex" Cvendor="Keil" Cversion="1.2.0" condition="STM32F7 HAL">
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="Cortex" Cvendor="Keil" Cversion="1.2.6" condition="STM32F7 HAL">
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </component>
-      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="DMA" Cvendor="Keil" Cversion="1.2.0" condition="STM32F7 HAL">
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="DMA" Cvendor="Keil" Cversion="1.2.6" condition="STM32F7 HAL">
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </component>
-      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="GPIO" Cvendor="Keil" Cversion="1.2.0" condition="STM32F7 HAL">
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="GPIO" Cvendor="Keil" Cversion="1.2.6" condition="STM32F7 HAL">
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </component>
-      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="HASH" Cvendor="Keil" Cversion="1.2.0" condition="STM32F756_777_779 HAL DMA">
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="HASH" Cvendor="Keil" Cversion="1.2.6" condition="STM32F756_777_779_750 HAL DMA">
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </component>
-      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="I2C" Cvendor="Keil" Cversion="1.2.0" condition="STM32F7 HAL DMA">
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="I2C" Cvendor="Keil" Cversion="1.2.6" condition="STM32F7 HAL DMA">
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </component>
-      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="NOR" Cvendor="Keil" Cversion="1.2.0" condition="STM32F7 HAL">
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="NOR" Cvendor="Keil" Cversion="1.2.6" condition="STM32F7 HAL">
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </component>
-      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="PWR" Cvendor="Keil" Cversion="1.2.0" condition="STM32F7 HAL">
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="PWR" Cvendor="Keil" Cversion="1.2.6" condition="STM32F7 HAL">
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </component>
-      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="RCC" Cvendor="Keil" Cversion="1.2.0" condition="STM32F7 HAL GPIO">
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="RCC" Cvendor="Keil" Cversion="1.2.6" condition="STM32F7x5_7x6_7x7_7x9_750 HAL GPIO">
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </component>
-      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="RNG" Cvendor="Keil" Cversion="1.2.0" condition="STM32F7 HAL">
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="RNG" Cvendor="Keil" Cversion="1.2.6" condition="STM32F7 HAL">
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </component>
-      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="SDRAM" Cvendor="Keil" Cversion="1.2.0" condition="STM32F7 HAL DMA">
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="SDRAM" Cvendor="Keil" Cversion="1.2.6" condition="STM32F7 HAL DMA">
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </component>
-      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="SRAM" Cvendor="Keil" Cversion="1.2.0" condition="STM32F7 HAL DMA">
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="SRAM" Cvendor="Keil" Cversion="1.2.6" condition="STM32F7 HAL DMA">
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </component>
-      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="UART" Cvendor="Keil" Cversion="1.2.0" condition="STM32F7 HAL DMA">
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+      <component Cclass="Device" Cgroup="STM32Cube HAL" Csub="UART" Cvendor="Keil" Cversion="1.2.6" condition="STM32F7 HAL DMA">
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </component>
-      <component Cclass="Device" Cgroup="Startup" Cvendor="Keil" Cversion="1.2.0" condition="STM32F7 CMSIS">
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+      <component Cclass="Device" Cgroup="Startup" Cvendor="Keil" Cversion="1.2.2" condition="STM32F7 CMSIS">
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </component>
-      <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="Benchmark" Cvendor="wolfSSL" Cversion="3.14.0" condition="wolfCrypt-Core">
-        <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.14.0"/>
+      <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="Benchmark" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core">
+        <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </component>
-      <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="CORE" Cvendor="wolfSSL" Cversion="3.14.0" condition="wolfCrypt-Core">
-        <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.14.0"/>
+      <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="CORE" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core">
+        <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </component>
-      <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="Dummy" Cvendor="wolfSSL" Cversion="3.14.0" condition="wolfCrypt-Core">
-        <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.14.0"/>
+      <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="Dummy" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core">
+        <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
@@ -661,57 +673,71 @@
     </components>
     <files>
       <file attr="config" category="source" name="CMSIS\RTOS\RTX\Templates\RTX_Conf_CM.c" version="4.70.1">
-        <instance index="0">RTE\CMSIS\RTX_Conf_CM.c</instance>
+        <instance index="0" removed="1">RTE\CMSIS\RTX_Conf_CM.c</instance>
         <component Capiversion="1.0.0" Cclass="CMSIS" Cgroup="RTOS" Csub="Keil RTX" Cvendor="ARM" Cversion="4.81.1" condition="RTOS RTX" isDefaultVariant="1"/>
         <package name="CMSIS" schemaVersion="1.3" url="http://www.keil.com/pack/" vendor="ARM" version="5.3.0"/>
+        <targetInfos/>
+      </file>
+      <file attr="config" category="source" name="CMSIS\RTOS2\RTX\Config\RTX_Config.c" version="5.1.0">
+        <instance index="0">RTE\CMSIS\RTX_Config.c</instance>
+        <component Capiversion="2.1.2" Cclass="CMSIS" Cgroup="RTOS2" Csub="Keil RTX5" Cvariant="Library" Cvendor="ARM" Cversion="5.3.0" condition="RTOS2 RTX5 Lib"/>
+        <package name="CMSIS" schemaVersion="1.3" url="http://www.keil.com/pack/" vendor="ARM" version="5.3.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </file>
-      <file attr="config" category="header" name="CMSIS\Driver\Config\RTE_Device.h" version="1.4.0">
+      <file attr="config" category="header" name="CMSIS\RTOS2\RTX\Config\RTX_Config.h" version="5.3.0">
+        <instance index="0">RTE\CMSIS\RTX_Config.h</instance>
+        <component Capiversion="2.1.2" Cclass="CMSIS" Cgroup="RTOS2" Csub="Keil RTX5" Cvariant="Library" Cvendor="ARM" Cversion="5.3.0" condition="RTOS2 RTX5 Lib"/>
+        <package name="CMSIS" schemaVersion="1.3" url="http://www.keil.com/pack/" vendor="ARM" version="5.3.0"/>
+        <targetInfos>
+          <targetInfo name="wolfSSL-Benchmark"/>
+        </targetInfos>
+      </file>
+      <file attr="config" category="header" name="CMSIS\Driver\Config\RTE_Device.h" version="1.5.0">
         <instance index="0">RTE\Device\STM32F756NGHx\RTE_Device.h</instance>
-        <component Capiversion="1.0.0" Cclass="Device" Cgroup="STM32Cube Framework" Csub="Classic" Cvendor="Keil" Cversion="1.2.0" condition="STM32F7 Framework Classic"/>
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+        <component Capiversion="1.0.0" Cclass="Device" Cgroup="STM32Cube Framework" Csub="Classic" Cvendor="Keil" Cversion="1.2.6" condition="STM32F7 Framework Classic"/>
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </file>
-      <file attr="config" category="source" condition="STM32F756_ARMCC" name="Drivers\CMSIS\Device\ST\STM32F7xx\Source\Templates\arm\startup_stm32f756xx.s" version="1.2.0">
+      <file attr="config" category="source" condition="STM32F756_ARMCC" name="Drivers\CMSIS\Device\ST\STM32F7xx\Source\Templates\arm\startup_stm32f756xx.s" version="1.2.2">
         <instance index="0">RTE\Device\STM32F756NGHx\startup_stm32f756xx.s</instance>
-        <component Cclass="Device" Cgroup="Startup" Cvendor="Keil" Cversion="1.2.0" condition="STM32F7 CMSIS"/>
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+        <component Cclass="Device" Cgroup="Startup" Cvendor="Keil" Cversion="1.2.2" condition="STM32F7 CMSIS"/>
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </file>
-      <file attr="config" category="header" name="MDK\Templates\Inc\stm32f7xx_hal_conf.h" version="1.2.0">
+      <file attr="config" category="header" name="MDK\Templates\Inc\stm32f7xx_hal_conf.h" version="1.2.6">
         <instance index="0">RTE\Device\STM32F756NGHx\stm32f7xx_hal_conf.h</instance>
-        <component Capiversion="1.0.0" Cclass="Device" Cgroup="STM32Cube Framework" Csub="Classic" Cvendor="Keil" Cversion="1.2.0" condition="STM32F7 Framework Classic"/>
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+        <component Capiversion="1.0.0" Cclass="Device" Cgroup="STM32Cube Framework" Csub="Classic" Cvendor="Keil" Cversion="1.2.6" condition="STM32F7 Framework Classic"/>
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </file>
-      <file attr="config" category="source" name="Drivers\CMSIS\Device\ST\STM32F7xx\Source\Templates\system_stm32f7xx.c" version="1.2.0">
+      <file attr="config" category="source" name="Drivers\CMSIS\Device\ST\STM32F7xx\Source\Templates\system_stm32f7xx.c" version="1.2.2">
         <instance index="0">RTE\Device\STM32F756NGHx\system_stm32f7xx.c</instance>
-        <component Cclass="Device" Cgroup="Startup" Cvendor="Keil" Cversion="1.2.0" condition="STM32F7 CMSIS"/>
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+        <component Cclass="Device" Cgroup="Startup" Cvendor="Keil" Cversion="1.2.2" condition="STM32F7 CMSIS"/>
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </file>
       <file attr="config" category="source" name="FileSystem\Config\FS_Config.c" version="6.2.0">
         <instance index="0">RTE\File_System\FS_Config.c</instance>
-        <component Cbundle="MDK-Pro" Cclass="File System" Cgroup="CORE" Cvariant="LFN" Cvendor="Keil" Cversion="6.10.0" condition="CMSIS Core with RTOS and File System I/O"/>
-        <package name="MDK-Middleware" schemaVersion="1.4" url="http://www.keil.com/pack/" vendor="Keil" version="7.6.0"/>
+        <component Cbundle="MDK-Pro" Cclass="File System" Cgroup="CORE" Cvariant="LFN" Cvendor="Keil" Cversion="6.10.1" condition="CMSIS Core with RTOS and File System I/O"/>
+        <package name="MDK-Middleware" schemaVersion="1.4" url="http://www.keil.com/pack/" vendor="Keil" version="7.7.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
       </file>
       <file attr="config" category="source" name="FileSystem\Config\FS_Config_MC.h" version="6.2.0">
         <instance index="0">RTE\File_System\FS_Config_MC_0.h</instance>
-        <component Cbundle="MDK-Pro" Cclass="File System" Cgroup="Drive" Csub="Memory Card" Cvendor="Keil" Cversion="6.10.0" condition="File System and SD/MMC Driver" maxInstances="2"/>
-        <package name="MDK-Middleware" schemaVersion="1.4" url="http://www.keil.com/pack/" vendor="Keil" version="7.6.0"/>
+        <component Cbundle="MDK-Pro" Cclass="File System" Cgroup="Drive" Csub="Memory Card" Cvendor="Keil" Cversion="6.10.1" condition="File System and SD/MMC Driver" maxInstances="2"/>
+        <package name="MDK-Middleware" schemaVersion="1.4" url="http://www.keil.com/pack/" vendor="Keil" version="7.7.0"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>
@@ -766,8 +792,8 @@
       </file>
       <file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\user_settings.h" version="3.14.0">
         <instance index="0">RTE\wolfSSL\user_settings.h</instance>
-        <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="CORE" Cvendor="wolfSSL" Cversion="3.14.0" condition="wolfCrypt-Core"/>
-        <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.14.0"/>
+        <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="CORE" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core"/>
+        <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
         <targetInfos>
           <targetInfo name="wolfSSL-Benchmark"/>
         </targetInfos>

IDE/MDK5-ARM/Projects/CryptBenchmark/RTE/wolfSSL/user_settings.h

@@ -1,6 +1,6 @@
 /* user_settings.h
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -18,7 +18,8 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
- 
+
+#define WOLFSSL_MDK5_COMPLv5
 #define NO_MAIN_DRIVER
 #define BENCH_EMBEDDED
 #define NO_DEV_RANDOM
@@ -34,10 +35,10 @@
 #define WOLFSSL_USER_CURRTIME /* for benchmark */
 #define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
 #define WOLFSSL_GMTIME
+#define NO_MULTIBYTE_PRINT
 
 // <<< Use Configuration Wizard in Context Menu >>>
 
-
 //  <h>Common options
 //        <o> MPU<0=>Undefined<1=>STM32F2xx<2=>STM32F4xx<3=>STM32F7xx
 #define MDK_CONF_MPU 3
@@ -58,8 +59,8 @@
 //         <4=>PThread <5=>ThreadX<6=> ThreadX/NetX
 //         <7=>Micrium <8=>EBSnet<9=>MQX 
 //         <10=>T-RTOS <11=>uITRON4<12=>uTKERNEL2 
-//         <13=>Frosted <14=>CMSIS RTOS<15=>Others
-#define MDK_CONF_THREAD 14
+//         <13=>Frosted <14=>CMSIS RTOS<15=>CMSIS RTOSv2<16=>Others
+#define MDK_CONF_THREAD 15
 #if MDK_CONF_THREAD== 0
 #define SINGLE_THREADED
 #elif MDK_CONF_THREAD == 1
@@ -91,6 +92,8 @@
 #elif MDK_CONF_THREAD == 14
 #define WOLFSSL_CMSIS_RTOS
 #elif MDK_CONF_THREAD == 15
+#define WOLFSSL_CMSIS_RTOSv2
+#elif MDK_CONF_THREAD == 16
 #define SINGLE_THREADED
 #endif
 
@@ -150,13 +153,13 @@
 //  <h>Hash/Crypt Algrithm
 
 //      <e>MD2
-#define MDK_CONF_MD2 1
+#define MDK_CONF_MD2 0
 #if MDK_CONF_MD2 == 1
 #define WOLFSSL_MD2
 #endif
 //  </e>
 //      <e>MD4
-#define MDK_CONF_MD4 1
+#define MDK_CONF_MD4 0
 #if MDK_CONF_MD4 == 0
 #define NO_MD4
 #endif
@@ -236,7 +239,7 @@
 //  </e>
 
 //      <e>RC4
-#define MDK_CONF_RC4 1
+#define MDK_CONF_RC4 0
 #if MDK_CONF_RC4 == 0
 #define NO_RC4
 #endif
@@ -375,7 +378,7 @@
 
 //  <h>Hardware Crypt (See document for usage)
 //      <e>Hardware RNG
-#define MDK_CONF_STM32F2_RNG 1
+#define MDK_CONF_STM32F2_RNG 0
 #if MDK_CONF_STM32F2_RNG == 1
 #define WOLFSSL_STM32_CUBEMX
 #define STM32_RNG
@@ -393,7 +396,7 @@
 #endif
 //  </e>
 //      <e>Hardware Crypt
-#define MDK_CONF_STM32F2_CRYPTO 1
+#define MDK_CONF_STM32F2_CRYPTO 0
 #if MDK_CONF_STM32F2_CRYPTO == 1
 #define WOLFSSL_STM32_CUBEMX
 #define STM32_CRYPTO
@@ -411,7 +414,7 @@
 #endif
 //  </e>
 //      <e>Hardware Hash
-#define MDK_CONF_STM32F2_HASH 1
+#define MDK_CONF_STM32F2_HASH 0
 #if MDK_CONF_STM32F2_HASH == 1
 #define WOLFSSL_STM32_CUBEMX
 #define STM32_HASH
@@ -461,7 +464,7 @@
 #endif
 //  </e>
 //      <e>Small Stack
-#define MDK_CONF_SmallStack 0
+#define MDK_CONF_SmallStack 1
 #if MDK_CONF_SmallStack == 0
 #define NO_WOLFSSL_SMALL_STACK
 #endif
@@ -475,10 +478,11 @@
 // <h> wolfSSL Configuration
 
 //      <e>TLS 1.3
-#define MDK_CONF_TLS 0
+#define MDK_CONF_TLS 1
 #if MDK_CONF_TLS == 1
 #define WOLFSSL_TLS13
 #define HAVE_TLS_EXTENSIONS
+#define HAVE_SUPPORTED_CURVES
 #define WC_RSA_PSS
 #define HAVE_HKDF
 #define HAVE_FFDHE_2048

IDE/MDK5-ARM/Projects/CryptBenchmark/main.c

@@ -1,6 +1,6 @@
 /* main.c
  *
- * Copyright (C) 2006-2017 wolfSSL Inc.
+ * Copyright (C) 2006-2019 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -30,8 +30,16 @@
 #include <stdio.h>
 #include <time.h>
 
+#if defined(WOLFSSL_CMSIS_RTOS)
+#include "cmsis_os.h"
+#elif defined(WOLFSSL_CMSIS_RTOSv2)
+#include "cmsis_os2.h"
+#endif
+
 /* Dummy definition for test RTC */
-#define RTC_YEAR 2018
+#define RTC_YEAR 2019
+#define RTC_MONTH 1
+#define RTC_DAY 1
 #define RTC_MONTH 1
 #define RTC_DAY 1
 
@@ -56,32 +64,30 @@ static void CPU_CACHE_Enable (void) {
 
 }
 
-#ifdef RTE_CMSIS_RTOS_RTX
+#if defined(WOLFSSL_CMSIS_RTOS) || defined(WOLFSSL_CMSIS_RTOSv2)
+
+#if defined(WOLFSSL_CMSIS_RTOS)
 extern uint32_t os_time;
-static  time_t epochTime;
-
-uint32_t HAL_GetTick(void) {
-    return os_time;
-}
-
-time_t time(time_t *t){
-     return epochTime ;
-}
-
-void setTime(time_t t){
-    epochTime = t;
-}
 #endif
 
-#ifdef WOLFSSL_CURRTIME_OSTICK
-
-#include <stdint.h>
-extern uint32_t os_time;
+uint32_t HAL_GetTick(void)
+{
+    #if defined(WOLFSSL_CMSIS_RTOS)
+        return os_time;
+    #elif defined(WOLFSSL_CMSIS_RTOSv2)
+        return osKernelGetTickCount();
+    #endif
+}
 
 double current_time(int reset)
 {
-      if(reset) os_time = 0 ;
-      return (double)os_time /1000.0;
+    if (reset)
+        return 0;
+    #if defined(WOLFSSL_CMSIS_RTOS)
+        return (double)os_time / 1000.0;
+    #elif defined(WOLFSSL_CMSIS_RTOSv2)
+        return (double)osKernelGetTickCount() / 1000.0;
+    #endif
 }
 
 #else
@@ -103,6 +109,17 @@ double current_time(int reset)
 }
 #endif
 
+static time_t epochTime;
+time_t time(time_t *t)
+{
+  return epochTime;
+}
+
+void setTime(time_t t)
+{
+  epochTime = t;
+}
+
 /*-----------------------------------------------------------------------------
  *        Initialize a Flash Memory Card
  *----------------------------------------------------------------------------*/

IDE/MDK5-ARM/Projects/CryptTest/Abstract.txt

@@ -1,6 +1,7 @@
 wolfCrypt test
 
 Use Configuration Wizard tab
+RTE_Device.h: Check SDMMC1 (SD/SDIO/MMC card host interface 1) 
 user_settings.h for wolfCrypt options
 
 For further options, details, see wolfSSL User Manual.

IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvoptx

@@ -101,7 +101,7 @@
         <sRunDeb>0</sRunDeb>
         <sLrtime>0</sLrtime>
         <bEvRecOn>1</bEvRecOn>
-        <nTsel>5</nTsel>
+        <nTsel>1</nTsel>
         <sDll></sDll>
         <sDllPa></sDllPa>
         <sDlgDll></sDlgDll>
@@ -112,7 +112,7 @@
         <tDlgDll></tDlgDll>
         <tDlgPa></tDlgPa>
         <tIfile>.\STM32_SWO.ini</tIfile>
-        <pMon>STLink\ST-LINKIII-KEIL_SWO.dll</pMon>
+        <pMon>BIN\ULP2CM3.DLL</pMon>
       </DebugOpt>
       <TargetDriverDllRegistry>
         <SetRegEntry>
@@ -128,7 +128,7 @@
         <SetRegEntry>
           <Number>0</Number>
           <Key>ULP2CM3</Key>
-          <Name>-UP0940001 -O207 -S10 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(5BA02477) -L00(0) -TO1 -TC216000000 -TP11 -TDX0 -TDD0 -TDS8001 -TDT0 -TDC1F -TIE1 -TIP1 -FO15 -FD20000000 -FC1000 -FN1 -FF0STM32F7x_1024.FLM -FS08000000 -FL0100000 -FP0($$Device:STM32F756NGHx$CMSIS\Flash\STM32F7x_1024.FLM)</Name>
+          <Name>-UP1135060 -O207 -S10 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(5BA02477) -L00(0) -TO1 -TC216000000 -TP11 -TDX0 -TDD0 -TDS8001 -TDT0 -TDC1F -TIEFFFFFFFF -TIP9 -FO15 -FD20000000 -FC1000 -FN1 -FF0STM32F7x_1024.FLM -FS08000000 -FL0100000 -FP0($$Device:STM32F756NGHx$CMSIS\Flash\STM32F7x_1024.FLM)</Name>
         </SetRegEntry>
         <SetRegEntry>
           <Number>0</Number>
@@ -143,7 +143,7 @@
         <SetRegEntry>
           <Number>0</Number>
           <Key>DLGUARM</Key>
-          <Name>(105=-1,-1,-1,-1,0)</Name>
+          <Name></Name>
         </SetRegEntry>
         <SetRegEntry>
           <Number>0</Number>
@@ -160,13 +160,18 @@
         </Ww>
       </WatchWindow1>
       <ScvdPack>
-        <Filename>C:\Keil_v5\ARM\PACK\Keil\MDK-Middleware\7.5.0\FileSystem\FileSystem.scvd</Filename>
-        <Type>Keil.MDK-Middleware.7.5.0</Type>
+        <Filename>C:\Keil_v5\ARM\PACK\Keil\ARM_Compiler\1.3.3\EventRecorder.scvd</Filename>
+        <Type>Keil.ARM_Compiler.1.3.3</Type>
         <SubType>1</SubType>
       </ScvdPack>
       <ScvdPack>
-        <Filename>C:\Keil_v5\ARM\PACK\Keil\ARM_Compiler\1.3.2\EventRecorder.scvd</Filename>
-        <Type>Keil.ARM_Compiler.1.3.2</Type>
+        <Filename>C:\Keil_v5\ARM\PACK\Keil\MDK-Middleware\7.7.0\FileSystem\FileSystem.scvd</Filename>
+        <Type>Keil.MDK-Middleware.7.7.0</Type>
+        <SubType>1</SubType>
+      </ScvdPack>
+      <ScvdPack>
+        <Filename>C:\Keil_v5\ARM\PACK\ARM\CMSIS\5.3.0\CMSIS\RTOS2\RTX\RTX5.scvd</Filename>
+        <Type>ARM.CMSIS.5.3.0</Type>
         <SubType>1</SubType>
       </ScvdPack>
       <Tracepoint>
@@ -207,6 +212,10 @@
       <pszMrule></pszMrule>
       <pSingCmds></pSingCmds>
       <pMultCmds></pMultCmds>
+      <pMisraNamep></pMisraNamep>
+      <pszMrulep></pszMrulep>
+      <pSingCmdsp></pSingCmdsp>
+      <pMultCmdsp></pMultCmdsp>
       <DebugDescription>
         <Enable>1</Enable>
         <EnableLog>0</EnableLog>

IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvprojx

@@ -16,7 +16,7 @@
         <TargetCommonOption>
           <Device>STM32F756NGHx</Device>
           <Vendor>STMicroelectronics</Vendor>
-          <PackID>Keil.STM32F7xx_DFP.2.9.0</PackID>
+          <PackID>Keil.STM32F7xx_DFP.2.11.0</PackID>
           <PackURL>http://www.keil.com/pack</PackURL>
           <Cpu>IROM(0x08000000,0x100000) IROM2(0x00200000,0x100000) IRAM(0x20010000,0x40000) IRAM2(0x20000000,0x10000) CPUTYPE("Cortex-M7") FPU3(SFPU) CLOCK(12000000) ELITTLE</Cpu>
           <FlashUtilSpec></FlashUtilSpec>
@@ -176,7 +176,7 @@
             <GenPPlst>0</GenPPlst>
             <AdsCpuType>"Cortex-M7"</AdsCpuType>
             <RvctDeviceName></RvctDeviceName>
-            <mOS>1</mOS>
+            <mOS>0</mOS>
             <uocRom>0</uocRom>
             <uocRam>0</uocRam>
             <hadIROM>1</hadIROM>
@@ -456,6 +456,12 @@
           <targetInfo name="CryptTest"/>
         </targetInfos>
       </api>
+      <api Capiversion="2.1.2" Cclass="CMSIS" Cgroup="RTOS2" exclusive="1">
+        <package name="CMSIS" schemaVersion="1.3" url="http://www.keil.com/pack/" vendor="ARM" version="5.3.0"/>
+        <targetInfos>
+          <targetInfo name="CryptTest"/>
+        </targetInfos>
+      </api>
       <api Capiversion="1.1.0" Cclass="Device" Cgroup="STM32Cube Framework" exclusive="1">
         <package name="STM32F4xx_DFP" schemaVersion="1.2" url="http://www.keil.com/pack" vendor="Keil" version="2.0.0"/>
         <targetInfos>
@@ -470,8 +476,14 @@
           <targetInfo name="CryptTest"/>
         </targetInfos>
       </component>
-      <component Capiversion="1.0.0" Cclass="CMSIS" Cgroup="RTOS" Csub="Keil RTX" Cvendor="ARM" Cversion="4.81.1" condition="RTOS RTX">
-        <package name="CMSIS" schemaVersion="1.3" url="http://www.keil.com/pack/" vendor="ARM" version="5.1.1"/>
+      <component Capiversion="1.0.0" Cclass="CMSIS" Cgroup="RTOS" Csub="Keil RTX5" Cvendor="ARM" Cversion="5.3.0" condition="RTOS RTX5">
+        <package name="CMSIS" schemaVersion="1.3" url="http://www.keil.com/pack/" vendor="ARM" version="5.3.0"/>
+        <targetInfos>
+          <targetInfo name="CryptTest"/>
+        </targetInfos>
+      </component>
+      <component Capiversion="2.1.2" Cclass="CMSIS" Cgroup="RTOS2" Csub="Keil RTX5" Cvariant="Library" Cvendor="ARM" Cversion="5.3.0" condition="RTOS2 RTX5 Lib">
+        <package name="CMSIS" schemaVersion="1.3" url="http://www.keil.com/pack/" vendor="ARM" version="5.3.0"/>
         <targetInfos>
           <targetInfo name="CryptTest"/>
         </targetInfos>
@@ -512,14 +524,14 @@
           <targetInfo name="CryptTest"/>
         </targetInfos>
       </component>
-      <component Cbundle="MDK-Pro" Cclass="File System" Cgroup="CORE" Cvariant="LFN Debug" Cvendor="Keil" Cversion="6.10.0" condition="CMSIS Core with RTOS and File System I/O and Event Recorder">
-        <package name="MDK-Middleware" schemaVersion="1.4" url="http://www.keil.com/pack/" vendor="Keil" version="7.5.0"/>
+      <component Cbundle="MDK-Pro" Cclass="File System" Cgroup="CORE" Cvariant="LFN Debug" Cvendor="Keil" Cversion="6.10.1" condition="CMSIS Core with RTOS and File System I/O and Event Recorder">
+        <package name="MDK-Middleware" schemaVersion="1.4" url="http://www.keil.com/pack/" vendor="Keil" version="7.7.0"/>
         <targetInfos>
           <targetInfo name="CryptTest"/>
         </targetInfos>
       </component>
-      <component Cbundle="MDK-Pro" Cclass="File System" Cgroup="Drive" Csub="Memory Card" Cvendor="Keil" Cversion="6.10.0" condition="File System and SD/MMC Driver" maxInstances="2">
-        <package name="MDK-Middleware" schemaVersion="1.4" url="http://www.keil.com/pack/" vendor="Keil" version="7.5.0"/>
+      <component Cbundle="MDK-Pro" Cclass="File System" Cgroup="Drive" Csub="Memory Card" Cvendor="Keil" Cversion="6.10.1" condition="File System and SD/MMC Driver" maxInstances="2">
+        <package name="MDK-Middleware" schemaVersion="1.4" url="http://www.keil.com/pack/" vendor="Keil" version="7.7.0"/>
         <targetInfos>
           <targetInfo name="CryptTest"/>
         </targetInfos>
@@ -644,20 +656,20 @@
           <targetInfo name="CryptTest"/>
         </targetInfos>
       </component>
-      <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="CORE" Cvendor="wolfSSL" Cversion="3.14.0" condition="wolfCrypt-Core">
-        <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.14.0"/>
+      <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="CORE" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core">
+        <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
         <targetInfos>
           <targetInfo name="CryptTest"/>
         </targetInfos>
       </component>
-      <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="Dummy" Cvendor="wolfSSL" Cversion="3.14.0" condition="wolfCrypt-Core">
-        <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.14.0"/>
+      <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="Dummy" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core">
+        <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
         <targetInfos>
           <targetInfo name="CryptTest"/>
         </targetInfos>
       </component>
-      <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="Test" Cvendor="wolfSSL" Cversion="3.14.0" condition="wolfCrypt-Core">
-        <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.14.0"/>
+      <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="Test" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core">
+        <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
         <targetInfos>
           <targetInfo name="CryptTest"/>
         </targetInfos>
@@ -665,9 +677,23 @@
     </components>
     <files>
       <file attr="config" category="source" name="CMSIS\RTOS\RTX\Templates\RTX_Conf_CM.c" version="4.70.1">
-        <instance index="0">RTE\CMSIS\RTX_Conf_CM.c</instance>
+        <instance index="0" removed="1">RTE\CMSIS\RTX_Conf_CM.c</instance>
         <component Capiversion="1.0.0" Cclass="CMSIS" Cgroup="RTOS" Csub="Keil RTX" Cvendor="ARM" Cversion="4.81.1" condition="RTOS RTX" isDefaultVariant="1"/>
         <package name="CMSIS" schemaVersion="1.3" url="http://www.keil.com/pack/" vendor="ARM" version="5.3.0"/>
+        <targetInfos/>
+      </file>
+      <file attr="config" category="source" name="CMSIS\RTOS2\RTX\Config\RTX_Config.c" version="5.1.0">
+        <instance index="0">RTE\CMSIS\RTX_Config.c</instance>
+        <component Capiversion="2.1.2" Cclass="CMSIS" Cgroup="RTOS2" Csub="Keil RTX5" Cvariant="Library" Cvendor="ARM" Cversion="5.3.0" condition="RTOS2 RTX5 Lib"/>
+        <package name="CMSIS" schemaVersion="1.3" url="http://www.keil.com/pack/" vendor="ARM" version="5.3.0"/>
+        <targetInfos>
+          <targetInfo name="CryptTest"/>
+        </targetInfos>
+      </file>
+      <file attr="config" category="header" name="CMSIS\RTOS2\RTX\Config\RTX_Config.h" version="5.3.0">
+        <instance index="0">RTE\CMSIS\RTX_Config.h</instance>
+        <component Capiversion="2.1.2" Cclass="CMSIS" Cgroup="RTOS2" Csub="Keil RTX5" Cvariant="Library" Cvendor="ARM" Cversion="5.3.0" condition="RTOS2 RTX5 Lib"/>
+        <package name="CMSIS" schemaVersion="1.3" url="http://www.keil.com/pack/" vendor="ARM" version="5.3.0"/>
         <targetInfos>
           <targetInfo name="CryptTest"/>
         </targetInfos>
@@ -680,50 +706,50 @@
           <targetInfo name="CryptTest"/>
         </targetInfos>
       </file>
-      <file attr="config" category="header" name="CMSIS\Driver\Config\RTE_Device.h" version="1.4.0">
+      <file attr="config" category="header" name="CMSIS\Driver\Config\RTE_Device.h" version="1.5.0">
         <instance index="0">RTE\Device\STM32F756NGHx\RTE_Device.h</instance>
-        <component Capiversion="1.0.0" Cclass="Device" Cgroup="STM32Cube Framework" Csub="Classic" Cvendor="Keil" Cversion="1.2.0" condition="STM32F7 Framework Classic"/>
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+        <component Capiversion="1.0.0" Cclass="Device" Cgroup="STM32Cube Framework" Csub="Classic" Cvendor="Keil" Cversion="1.2.6" condition="STM32F7 Framework Classic"/>
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="CryptTest"/>
         </targetInfos>
       </file>
-      <file attr="config" category="source" condition="STM32F756_ARMCC" name="Drivers\CMSIS\Device\ST\STM32F7xx\Source\Templates\arm\startup_stm32f756xx.s" version="1.2.0">
+      <file attr="config" category="source" condition="STM32F756_ARMCC" name="Drivers\CMSIS\Device\ST\STM32F7xx\Source\Templates\arm\startup_stm32f756xx.s" version="1.2.2">
         <instance index="0">RTE\Device\STM32F756NGHx\startup_stm32f756xx.s</instance>
-        <component Cclass="Device" Cgroup="Startup" Cvendor="Keil" Cversion="1.2.0" condition="STM32F7 CMSIS"/>
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+        <component Cclass="Device" Cgroup="Startup" Cvendor="Keil" Cversion="1.2.2" condition="STM32F7 CMSIS"/>
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="CryptTest"/>
         </targetInfos>
       </file>
-      <file attr="config" category="header" name="MDK\Templates\Inc\stm32f7xx_hal_conf.h" version="1.2.0">
+      <file attr="config" category="header" name="MDK\Templates\Inc\stm32f7xx_hal_conf.h" version="1.2.6">
         <instance index="0">RTE\Device\STM32F756NGHx\stm32f7xx_hal_conf.h</instance>
-        <component Capiversion="1.0.0" Cclass="Device" Cgroup="STM32Cube Framework" Csub="Classic" Cvendor="Keil" Cversion="1.2.0" condition="STM32F7 Framework Classic"/>
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+        <component Capiversion="1.0.0" Cclass="Device" Cgroup="STM32Cube Framework" Csub="Classic" Cvendor="Keil" Cversion="1.2.6" condition="STM32F7 Framework Classic"/>
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="CryptTest"/>
         </targetInfos>
       </file>
-      <file attr="config" category="source" name="Drivers\CMSIS\Device\ST\STM32F7xx\Source\Templates\system_stm32f7xx.c" version="1.2.0">
+      <file attr="config" category="source" name="Drivers\CMSIS\Device\ST\STM32F7xx\Source\Templates\system_stm32f7xx.c" version="1.2.2">
         <instance index="0">RTE\Device\STM32F756NGHx\system_stm32f7xx.c</instance>
-        <component Cclass="Device" Cgroup="Startup" Cvendor="Keil" Cversion="1.2.0" condition="STM32F7 CMSIS"/>
-        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.9.0"/>
+        <component Cclass="Device" Cgroup="Startup" Cvendor="Keil" Cversion="1.2.2" condition="STM32F7 CMSIS"/>
+        <package name="STM32F7xx_DFP" schemaVersion="1.3" url="http://www.keil.com/pack" vendor="Keil" version="2.11.0"/>
         <targetInfos>
           <targetInfo name="CryptTest"/>
         </targetInfos>
       </file>
       <file attr="config" category="source" name="FileSystem\Config\FS_Config.c" version="6.2.0">
         <instance index="0">RTE\File_System\FS_Config.c</instance>
-        <component Cbundle="MDK-Pro" Cclass="File System" Cgroup="CORE" Cvariant="LFN Debug" Cvendor="Keil" Cversion="6.10.0" condition="CMSIS Core with RTOS and File System I/O and Event Recorder"/>
-        <package name="MDK-Middleware" schemaVersion="1.4" url="http://www.keil.com/pack/" vendor="Keil" version="7.6.0"/>
+        <component Cbundle="MDK-Pro" Cclass="File System" Cgroup="CORE" Cvariant="LFN Debug" Cvendor="Keil" Cversion="6.10.1" condition="CMSIS Core with RTOS and File System I/O and Event Recorder"/>
+        <package name="MDK-Middleware" schemaVersion="1.4" url="http://www.keil.com/pack/" vendor="Keil" version="7.7.0"/>
         <targetInfos>
           <targetInfo name="CryptTest"/>
         </targetInfos>
       </file>
       <file attr="config" category="source" name="FileSystem\Config\FS_Config_MC.h" version="6.2.0">
         <instance index="0">RTE\File_System\FS_Config_MC_0.h</instance>
-        <component Cbundle="MDK-Pro" Cclass="File System" Cgroup="Drive" Csub="Memory Card" Cvendor="Keil" Cversion="6.10.0" condition="File System and SD/MMC Driver" maxInstances="2"/>
-        <package name="MDK-Middleware" schemaVersion="1.4" url="http://www.keil.com/pack/" vendor="Keil" version="7.6.0"/>
+        <component Cbundle="MDK-Pro" Cclass="File System" Cgroup="Drive" Csub="Memory Card" Cvendor="Keil" Cversion="6.10.1" condition="File System and SD/MMC Driver" maxInstances="2"/>
+        <package name="MDK-Middleware" schemaVersion="1.4" url="http://www.keil.com/pack/" vendor="Keil" version="7.7.0"/>
         <targetInfos>
           <targetInfo name="CryptTest"/>
         </targetInfos>
@@ -742,8 +768,8 @@
       </file>
       <file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\user_settings.h" version="3.14.0">
         <instance index="0">RTE\wolfSSL\user_settings.h</instance>
-        <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="CORE" Cvendor="wolfSSL" Cversion="3.14.0" condition="wolfCrypt-Core"/>
-        <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.14.0"/>
+        <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="CORE" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core"/>
+        <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
         <targetInfos>
           <targetInfo name="CryptTest"/>
         </targetInfos>