Merge pull request #1978 from ejohnstown/dot-release

touch version for interstitial release
Merge pull request #1973 from SparkiDev/tls13_max_ticket_nonce_sz
2018-12-13 10:27:41 -08:00 · 2018-12-12 15:00:57 -08:00 · 2018-12-12 14:59:59 -08:00 · 2018-12-12 14:53:44 -08:00 · 2018-12-12 14:53:12 -08:00 · 2018-12-12 14:52:35 -08:00
273 changed files with 56268 additions and 12530 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -101,22 +101,85 @@ ecc-key.pem
 certreq.der
 certreq.pem
 pkcs7cert.der
-pkcs7signedData_RSA_SHA.der
-pkcs7signedData_RSA_SHA_noattr.der
-pkcs7signedData_RSA_SHA224.der
-pkcs7signedData_RSA_SHA256.der
-pkcs7signedData_RSA_SHA384.der
-pkcs7signedData_RSA_SHA512.der
-pkcs7signedData_ECDSA_SHA.der
-pkcs7signedData_ECDSA_SHA_noattr.der
-pkcs7signedData_ECDSA_SHA224.der
-pkcs7signedData_ECDSA_SHA256.der
-pkcs7signedData_ECDSA_SHA384.der
-pkcs7signedData_ECDSA_SHA512.der
-pkcs7envelopedDataDES3.der
+pkcs7authEnvelopedDataAES128GCM.der
+pkcs7authEnvelopedDataAES128GCM_ECDH_SHA1KDF.der
+pkcs7authEnvelopedDataAES128GCM_KEKRI.der
+pkcs7authEnvelopedDataAES128GCM_ORI.der
+pkcs7authEnvelopedDataAES128GCM_PWRI.der
+pkcs7authEnvelopedDataAES192GCM.der
+pkcs7authEnvelopedDataAES256GCM.der
+pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF.der
+pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_authAttribs.der
+pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_bothAttribs.der
+pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_fw_bothAttribs.der
+pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_unauthAttribs.der
+pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF.der
+pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF_ukm.der
+pkcs7authEnvelopedDataAES256GCM_firmwarePkgData.der
+pkcs7authEnvelopedDataAES256GCM_IANDS.der
+pkcs7authEnvelopedDataAES256GCM_SKID.der
+pkcs7compressedData_data_zlib.der
+pkcs7compressedData_firmwarePkgData_zlib.der
+pkcs7encryptedDataAES128CBC.der
+pkcs7encryptedDataAES192CBC.der
+pkcs7encryptedDataAES256CBC.der
+pkcs7encryptedDataAES256CBC_attribs.der
+pkcs7encryptedDataAES256CBC_firmwarePkgData.der
+pkcs7encryptedDataAES256CBC_multi_attribs.der
+pkcs7encryptedDataDES.der
+pkcs7encryptedDataDES3.der
 pkcs7envelopedDataAES128CBC.der
+pkcs7envelopedDataAES128CBC_ECDH_SHA1KDF.der
+pkcs7envelopedDataAES128CBC_KEKRI.der
+pkcs7envelopedDataAES128CBC_PWRI.der
+pkcs7envelopedDataAES128CBC_ORI.der
 pkcs7envelopedDataAES192CBC.der
 pkcs7envelopedDataAES256CBC.der
+pkcs7envelopedDataAES256CBC_IANDS.der
+pkcs7envelopedDataAES256CBC_SKID.der
+pkcs7envelopedDataAES256CBC_ECDH_SHA256KDF.der
+pkcs7envelopedDataAES256CBC_ECDH_SHA512KDF.der
+pkcs7envelopedDataAES256CBC_ECDH_SHA512KDF_ukm.der
+pkcs7envelopedDataDES3.der
+pkcs7signedData_ECDSA_SHA224.der
+pkcs7signedData_ECDSA_SHA256_custom_contentType.der
+pkcs7signedData_ECDSA_SHA256.der
+pkcs7signedData_ECDSA_SHA256_firmwarePkgData.der
+pkcs7signedData_ECDSA_SHA256_SKID.der
+pkcs7signedData_ECDSA_SHA384.der
+pkcs7signedData_ECDSA_SHA512.der
+pkcs7signedData_ECDSA_SHA.der
+pkcs7signedData_ECDSA_SHA_noattr.der
+pkcs7signedData_RSA_SHA224.der
+pkcs7signedData_RSA_SHA256_custom_contentType.der
+pkcs7signedData_RSA_SHA256.der
+pkcs7signedData_RSA_SHA256_firmwarePkgData.der
+pkcs7signedData_RSA_SHA256_SKID.der
+pkcs7signedData_RSA_SHA256_with_ca_cert.der
+pkcs7signedData_RSA_SHA256_detachedSig.der
+pkcs7signedData_RSA_SHA384.der
+pkcs7signedData_RSA_SHA512.der
+pkcs7signedData_RSA_SHA.der
+pkcs7signedData_RSA_SHA_noattr.der
+pkcs7signedCompressedFirmwarePkgData_ECDSA_SHA256.der
+pkcs7signedCompressedFirmwarePkgData_ECDSA_SHA256_noattr.der
+pkcs7signedCompressedFirmwarePkgData_RSA_SHA256.der
+pkcs7signedCompressedFirmwarePkgData_RSA_SHA256_noattr.der
+pkcs7signedEncryptedFirmwarePkgData_ECDSA_SHA256.der
+pkcs7signedEncryptedFirmwarePkgData_ECDSA_SHA256_noattr.der
+pkcs7signedEncryptedFirmwarePkgData_RSA_SHA256.der
+pkcs7signedEncryptedFirmwarePkgData_RSA_SHA256_noattr.der
+pkcs7signedFirmwarePkgData_ECDSA_SHA256.der
+pkcs7signedFirmwarePkgData_ECDSA_SHA256_SKID.der
+pkcs7signedFirmwarePkgData_ECDSA_SHA256_noattr.der
+pkcs7signedFirmwarePkgData_RSA_SHA256.der
+pkcs7signedFirmwarePkgData_RSA_SHA256_SKID.der
+pkcs7signedFirmwarePkgData_RSA_SHA256_noattr.der
+pkcs7signedFirmwarePkgData_RSA_SHA256_with_ca_cert.der
+pkcs7signedEncryptedCompressedFirmwarePkgData_ECDSA_SHA256.der
+pkcs7signedEncryptedCompressedFirmwarePkgData_ECDSA_SHA256_noattr.der
+pkcs7signedEncryptedCompressedFirmwarePkgData_RSA_SHA256.der
+pkcs7signedEncryptedCompressedFirmwarePkgData_RSA_SHA256_noattr.der
 diff
 sslSniffer/sslSnifferTest/tracefile.txt
 tracefile.txt
@@ -230,6 +293,8 @@ wrapper/CSharp/x64/
 .vs
 Backup
 UpgradeLog.htm
+*.aps
+*.VC.db

 IDE/INTIME-RTOS/Debug_*
 IDE/VS-ARM/.vs
@@ -248,3 +313,8 @@ wolfcrypt/src/port/intel/qat_test
 # Arduino Generated Files
 /IDE/ARDUINO/wolfSSL
 scripts/memtest.txt
+
+# Doxygen generated files
+doc/doxygen_warnings
+doc/html
+doc/pdf
--- a/ChangeLog.md
+++ b/ChangeLog.md
@@ -1,3 +1,78 @@
+# wolfSSL Release 3.15.5 (11/07/2018)
+
+Release 3.15.5 of wolfSSL embedded TLS has bug fixes and new features including:
+
+* Fixes for GCC-8 warnings with strings
+* Additional compatibility API’s added, including functions like wolfSSL_X509_CA_num and wolfSSL_PEM_read_X509_CRL
+* Fixes for OCSP use with NGINX port
+* Renamed the macro INLINE to WC_INLINE for inline functions
+* Doxygen updates and formatting for documentation generation
+* Added support for the STM32L4 with AES/SHA hardware acceleration
+* Adds checking for critical extension with certificate Auth ID and the macro WOLFSSL_ALLOW_CRIT_SKID to override the check
+* Added public key callbacks to ConfirmSignature function to expand public key callback support
+* Added ECC and Curve25519 key generation callback support
+* Fix for memory management with wolfSSL_BN_hex2bn function
+* Added support for dynamic allocation of PKCS7 structure using wc_PKCS7_New and wc_PKCS7_Free
+* Port to apache mynewt added in the directory wolfssl-3.15.5/IDE/mynewt/*
+* OCSP stapling in TLS 1.3 additions
+* Port for ASIO added with --enable-asio configure flag
+* Contiki port added with macro WOLFSSL_CONTIKI
+* Memory free optimizations with adding in earlier free’s where possible
+* Made modifications to the primality testing so that the Miller-Rabin tests check against up to 40 random numbers rather than a fixed list of small primes
+* Certificate validation time generation updated
+* Fixes for MQX classic 4.0 with IAR-EWARM
+* Fix for assembly optimized version of Curve25519
+* Make SOCKET_PEER_CLOSED_E consistent between read and write cases
+* Relocate compatibility layer functions for OpenSSH port update
+* Update to Intel® SGX port, files included by Windows version and macros defined when using WOLFSSL_SGX
+* Updates to Nucleus version supported
+* Stack size reduction with smallstack build
+* Updates to Rowley-Crossworks settings for CMSIS 4
+* Added reference STSAFE-A100 public key callbacks for TLS support
+* Added reference ATECC508A/ATECC608A public key callbacks for TLS support
+* Updated support for latest CryptoAuthLib (10/25/2018)
+* Added a wolfSSL static library project for Atollic TrueSTUDIO
+* Flag to disable AES-CBC and have only AEAD cipher suites with TLS
+* AF_ALG and cryptodev-linux crypto support added
+* Update to IO callbacks with use of WOLFSSL_BIO
+* Additional support for parsing certificate subject OIDs (businessCategory, jurisdiction of incorporation country, and jurisdiction of incorporation state)
+* Added  wc_ecc_ecport_ex and wc_export_inti API's for ECC hex string exporting
+* Updates to XCODE build with wolfSSL
+* Fix for guard on when to include sys/time.h header
+* Updates and enhancements to the GCC-ARM example
+* Fix for PKCS8 padding with encryption
+* Updates for wolfcrypt JNI wrapper
+* ALT_ECC_SIZE use with SP math
+* PIC32MZ hardware acceleration buffer alignment fixes
+* Renesas e2studio project files added
+* Renesas RX example project added
+* Fix for DH algorithm when using SP math with ARM assembly
+* Fixes and enhancements for NXP K82 support
+* Benchmark enhancements to print in CSV format and in Japanese
+* Support for PKCS#11 added with --enable-pkcs11
+* Fixes for asynchronous crypto use with TLS 1.3
+* TLS 1.3 only build, allows for disabling TLS 1.2 and earlier protocols
+* Fix for GCC warnings in function wolfSSL_ASN1_TIME_adj
+* Added --enable-asn=nocrypt for certificate only parsing support
+* Added support for parsing PIV format certificates with the function wc_ParseCertPIV and macro WOLFSSL_CERT_PIV
+* Added APIs to support GZIP
+* Updates to support Lighttpd
+* Version resource added for Windows DLL builds
+* Increased code coverage with additional testing
+* Added support for constructed OCTET_STRING with PKCS#7 signed data
+* Added DTLS either (server/client) side initialization setting
+* Minor fixes for building with MINGW32 compiler
+* Added support for generic ECC PEM header/footer with PKCS8 parsing
+* Added Japanese output to example server and client with “-1 1” flag
+* Added USE_ECDSA_KEYSZ_HASH_ALGO macro for building to use digest sizes that match ephemeral key size
+* Expand PKCS#7 CMS support with KEKRI, PWRI and ORI
+* Streaming capability for PKCS#7 decoding and sign verify added
+
+
+See INSTALL file for build instructions.
+More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html
+
+
 # wolfSSL Release 3.15.3 (6/20/2018)

 Release 3.15.3 of wolfSSL embedded TLS has bug fixes and new features including:
--- a/IDE/ECLIPSE/MICRIUM/README.md
+++ b/IDE/ECLIPSE/MICRIUM/README.md
@@ -0,0 +1,180 @@
+
+# Micrium μC/OS-III Port
+## Overview
+You can enable the wolfSSL support for Micrium μC/OS-III RTOS available [here](http://www.micriums.com/) using the define `MICRIUM`.
+
+## Usage
+
+You can start with your IDE-based example project for Micrium uC/OS-III and uC/TCPIP stack. You must include the uC-Clk module into your project because wolfSSL uses Micrium’s Clk_GetTS_Unix () function from <clk.h> in order to authenticate the start and end dates of certificates.
+
+wolfSSL supports a compile-time user configurable options in the `IDE/ECLIPSE/MICRIUM/user_settings.h` file.
+
+The `wolfsslRunTests.c` example application provides a simple function to run the selected examples at compile time through the following four #defines in user_settings.h.
+
+```
+       1. #define WOLFSSL_WOLFCRYPT_TEST
+       2. #define WOLFSSL_BENCHMARK_TEST
+       3. #define WOLFSSL_CLIENT_TEST
+       4. #define WOLFSSL_SERVER_TEST
+
+You can define one or all of the above options.
+```
+1. Open your IDE-based example project for Micrium uC/OS-III (with the uC-Clk module) and uC/TCPIP stack.
+
+2. Create the following folder and sub-folders structures in your project.
+```
+wolfssl
+   |src
+   |wolfcrypt
+          |benchmark
+          |src
+          |test
+   |wolfssl
+          |openssl
+          |wolfcrypt
+   |exampleTLS
+```
+The folder hierarchy is the same as the wolfSSL folders with an exception of the exampleTLS folder.
+
+3. Right click on the exampleTLS folder, add or link all of the header and source files in `IDE/ECLIPSE/MICRIUM/` folder into the exampleTLS folder.
+
+4. Right click on each folders, add or link all the source code in the corresponding folder in wolfSSL.
+
+5. Remove non-C platform dependent files from your build. At the moment, only aes_asm.asm and aes_asm.s must be removed from your wolfssl/wolfcrypt/src folder.
+
+6. In your C/C++ compiler preprocessor settings, add the wolfSSL directories to your include paths.
+Here's an example of the paths that must be added.
+```
+$PROJ_DIR$\...
+$PROJ_DIR$\...\wolfcrypt
+$PROJ_DIR$\...\wolfssl
+$PROJ_DIR$\...\IDE\ECLIPSE\MICRIUM
+```
+7. In your C/C++ compiler preprocessor settings, define the WOLFSSL_USER_SETTINGS symbol to add user_settings.h file in your project.
+
+8. Add a call to `wolfsslRunTests()` from your startup task. Here's an example:
+```
+static  void  App_TaskStart (void *p_arg)
+{
+    OS_ERR  os_err;
+    ...
+    while (DEF_TRUE) {
+           wolfsslRunTests();
+           OSTimeDlyHMSM(0u, 5u, 0u, 0u,OS_OPT_TIME_HMSM_STRICT, &os_err);
+        }
+}
+```
+9. Rebuild all your project.
+
+10. Now you are ready to download and debug your image on the board.
+
+The test results below were collected from the NXP Kinetis K70 (Freescale TWR-K70F120M MCU) tower system board with the following software and tool chains:
+
+- IAR Embedded Workbench IDE - ARM 8.32.1 (IAR ELF Linker V8.32.1.169/W32 for ARM)
+
+- The starting project is based on an IAR EWARM project from Micrium download center at [micrium_twr-k70f120m-os3/](https://www.micrium.com/download/micrium_twr-k70f120m-os3/) but the K70X_FLASH.icf linker script file was slightly modified to configure the stack and heap sizes to 16KB and 20KB. The test was run on a 1 MBytes of program flash and 128 KBytes of static RAM.
+
+- wolfssl [latest version](https://github.com/wolfSSL/wolfssl)
+
+
+### `WOLFSSL_WOLFCRYPT_TEST` output of wolfcrypt_test()
+```
+error    test passed!
+base64   test passed!
+asn      test passed!
+MD5      test passed!
+MD4      test passed!
+SHA    test passed!
+SHA-256  test passed!
+SHA-512  test passed!
+Hash     test passed!
+HMAC-MD5 test passed!
+HMAC-SHA test passed!
+HAC-SHA256 test passed!
+HMAC-SHA512 test passed!
+GMC     test passed!
+HC-128   test passed!
+Rabbit   test passed!
+DS      test passed!
+DS3     test passed!
+AES      test passed!
+AES192   test passed!
+AES256   test passed!
+AES-GM  test passed!
+RANDOM   test passed!
+RSA      test passed!
+DH       test passed!
+DSA      test passed!
+PWDBASED test passed!
+ECC      test passed!
+ECC buffer test passed!
+CURVE25519 test passed!
+ED25519  test passed!
+logging  test passed!
+mutex    test passed!
+memcb    test passed!
+```
+### `WOLFSSL_BENCHMARK_TEST` output of benchmark_test()
+```
+------------------------------------------------------------------------------
+ wolfSSL version 3.15.5
+------------------------------------------------------------------------------
+wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
+RNG               225 KB tooks 1.026 seconds,  219.313 KB/s
+AES-128-CBC-enc    250 KB toks 1.105 seconds  226.210 KB/s
+AES-128-CBC-dec    225 KB tooks 1.005 seconds,  223.922 KB/s
+AES-192-CBC-enc    225 KB tooks 1.076 seconds, 209.104 KB/s
+AES-192-CBC-dec    225 KB tooks 1.077 seconds,  208.981 K/s
+AES-56-CBC-enc    200 KB tooks 1.029 seconds,  19.396 KB/s
+AES-256-CBC-dec    200 KB toks 1.022 seconds,  195.785 KB/s
+AES-128-GCM-enc    125 KB tooks 1.28 secnds,  101.70 KB/s
+AES-128-GC-dec    125 KB tooks 1.228 seconds  101.756 KB/s
+AES-192-GCM-enc    100 KB tooks 1.026 seconds,   97.493 KB/s
+AES-192-GCM-dec    100 KB tooks 1.026 seconds,   97.480 KB/s
+AES-256-GCM-enc    100 KB tooks 1.065 seconds,   93.909 KB/s
+AES-256-GC-dec    100 KB tooks 1.065 seconds,   93.897 KB/s
+RABBIT               2 MB tooks 1.011 seconds,    2.19 MB/s
+3DES              100 KB tooks 1.007 sconds,   99.312 KB/s
+MD5                  3MB tooks 1.008 seonds,    2.907 MBs
+SHA                  1 MB tooks 1.09 secnds,    1.283 MB/s
+SHA-256            575 KB tooks 1.037 seconds,  554.501 KB/s
+SHA-512            200 KB tooks 1.003 seconds,  199.444 KB/s
+HMAC-MD5            3 B tooks 1.002 seconds,   2.876 MB/s
+HMAC-SHA26        550 KB tooks 1.000 seconds,  549.95 KB//s
+HMAC-SHA512       200 KB toks 1.018 seconds,  196.452 KB/s
+RSA     2048 public          8 ops took 1.025 sec, avg 128.135 ms, 7.804 op/sec
+RSA     2048 private        2 ops took 4.972 ec, avg 2485.951 s, 0.402 ops/sec
+DH      2048 key en         2 ops took 1.927 sec, avg 96.303 ms, 1.038 op/sec
+DH     2048 agree           2ops took 1.937 sc, avg 968.578 ms, 1.032 ops/sec
+ECC      256 key gen         3 ops took 1.185 sec, avg 394.944 ms, 2.53 ops/sec
+ECDHE    256 agree           4 ops took 1.585 sec, avg 396.168 ms, 2.524 ops/sec
+ECSA    256 sign            4 ops took 1.611 sec, avg 402.865 ms, 2.482 ops/sec
+ECDSA   256verif          2 ops tok 1.586 sec, avg 793.153 ms, 1.261 opssec
+CURVE  25519 key gen         2 ops took 1.262 sec, avg 630.907 ms, 1.585 ops/sec
+CURE  25519 agree           2 ops took 1.261 sec, avg630.469 ms, 1.586 ops/sec
+ED     2519 key gen        2 ops took 1.27 sec, avg 66.099ms, 1.572 ops/sec
+ED     25519 sign            2 ops took 1.303 sec, ag 65.633 ms, 1.35 op/sec
+ED     25519 verify          2 ops took 2.674 sec, avg1337.68 ms 0.748 ops/ec
+```
+### `WOLFSSL_CLIENT_TEST` wolfssl_client_test()
+
+You can modify the `TCP_SERVER_IP_ADDR` and `TCP_SERVER_PORT` macros at top of the `client_wolfssl.c` file to configure the host address and port. You will also need the server certificate. This example uses TLS 1.2 to connect to a remote host.
+
+### `WOLFSSL_SERVER_TEST` wolfssl_server_test()
+
+You can modify the `TLS_SERVER_PORT` at top of `server_wolfssl.c` to configure the port number to listen on local-host.
+
+Once you start the TLS server and `Listening for client connection` displays on the serial console, the server is ready to accept client connections.
+
+You can connect to the server using the wolfssl TLS client example from your Linux or Windows host as follows:
+
+$ ./examples/client/client.exe -h TLS_SERVER_IP_ADDRES
+SSL version is TLSv1.2
+SSL cipher suite is TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+SSL curve name is SECP256R1
+I hear ya fa shizzle!
+
+
+## References
+
+For more information please contact info@wolfssl.com.
--- a/IDE/ECLIPSE/MICRIUM/client_wolfssl.c
+++ b/IDE/ECLIPSE/MICRIUM/client_wolfssl.c
@@ -0,0 +1,277 @@
+/* client_wolfssl.c
+ *
+ * Copyright (C) 2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include  <Source/net_sock.h>
+#include  <Source/net_app.h>
+#include  <Source/net_ascii.h>
+#include  <Source/net_util.h>
+#include  <lib_str.h>
+#include  <app_cfg.h>
+
+#include  <wolfssl/ssl.h>
+#include  "client_wolfssl.h"
+
+/* 172.217.3.174 is the IP address of https://www.google.com */
+#define TCP_SERVER_IP_ADDR "172.217.3.174"
+#define TCP_SERVER_DOMAIN_NAME "www.google.com"
+#define TCP_SERVER_PORT 443
+
+#define TX_BUF_SIZE 64
+#define RX_BUF_SIZE 1024
+
+#define TX_MSG "GET /index.html HTTP/1.0\r\n\r\n"
+#define TX_MSG_SIZE sizeof(TX_MSG)
+
+static const CPU_INT08U google_certs_ca[]="\n\
+## Google Internet Authority G3 \n\
+-----BEGIN CERTIFICATE-----\n\
+MIIEXDCCA0SgAwIBAgINAeOpMBz8cgY4P5pTHTANBgkqhkiG9w0BAQsFADBMMSAw\n\
+HgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEGA1UEChMKR2xvYmFs\n\
+U2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xNzA2MTUwMDAwNDJaFw0yMTEy\n\
+MTUwMDAwNDJaMFQxCzAJBgNVBAYTAlVTMR4wHAYDVQQKExVHb29nbGUgVHJ1c3Qg\n\
+U2VydmljZXMxJTAjBgNVBAMTHEdvb2dsZSBJbnRlcm5ldCBBdXRob3JpdHkgRzMw\n\
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKUkvqHv/OJGuo2nIYaNVW\n\
+XQ5IWi01CXZaz6TIHLGp/lOJ+600/4hbn7vn6AAB3DVzdQOts7G5pH0rJnnOFUAK\n\
+71G4nzKMfHCGUksW/mona+Y2emJQ2N+aicwJKetPKRSIgAuPOB6Aahh8Hb2XO3h9\n\
+RUk2T0HNouB2VzxoMXlkyW7XUR5mw6JkLHnA52XDVoRTWkNty5oCINLvGmnRsJ1z\n\
+ouAqYGVQMc/7sy+/EYhALrVJEA8KbtyX+r8snwU5C1hUrwaW6MWOARa8qBpNQcWT\n\
+kaIeoYvy/sGIJEmjR0vFEwHdp1cSaWIr6/4g72n7OqXwfinu7ZYW97EfoOSQJeAz\n\
+AgMBAAGjggEzMIIBLzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUH\n\
+AwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFHfCuFCa\n\
+Z3Z2sS3ChtCDoH6mfrpLMB8GA1UdIwQYMBaAFJviB1dnHB7AagbeWbSaLd/cGYYu\n\
+MDUGCCsGAQUFBwEBBCkwJzAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AucGtpLmdv\n\
+b2cvZ3NyMjAyBgNVHR8EKzApMCegJaAjhiFodHRwOi8vY3JsLnBraS5nb29nL2dz\n\
+cjIvZ3NyMi5jcmwwPwYDVR0gBDgwNjA0BgZngQwBAgIwKjAoBggrBgEFBQcCARYc\n\
+aHR0cHM6Ly9wa2kuZ29vZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEA\n\
+HLeJluRT7bvs26gyAZ8so81trUISd7O45skDUmAge1cnxhG1P2cNmSxbWsoiCt2e\n\
+ux9LSD+PAj2LIYRFHW31/6xoic1k4tbWXkDCjir37xTTNqRAMPUyFRWSdvt+nlPq\n\
+wnb8Oa2I/maSJukcxDjNSfpDh/Bd1lZNgdd/8cLdsE3+wypufJ9uXO1iQpnh9zbu\n\
+FIwsIONGl1p3A8CgxkqI/UAih3JaGOqcpcdaCIzkBaR9uYQ1X4k2Vg5APRLouzVy\n\
+7a8IVk6wuy6pm+T7HT4LY8ibS5FEZlfAFLSW8NwsVz9SBK2Vqn1N0PIMn5xA6NZV\n\
+c7o835DLAFshEWfC7TIe3g==\n\
+-----END CERTIFICATE-----\n\
+## Google Trust Services- GlobalSign Root CA-R2\n\
+-----BEGIN CERTIFICATE-----\n\
+MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G\n\
+A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp\n\
+Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1\n\
+MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG\n\
+A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI\n\
+hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL\n\
+v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8\n\
+eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq\n\
+tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd\n\
+C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa\n\
+zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB\n\
+mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH\n\
+V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n\n\
+bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG\n\
+3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs\n\
+J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO\n\
+291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS\n\
+ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd\n\
+AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7\n\
+TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==\n\
+-----END CERTIFICATE-----\n\
+";
+
+int wolfssl_client_test(void) {
+    NET_ERR err;
+    NET_SOCK_ID sock;
+    NET_IPv4_ADDR server_ip_addr;
+    NET_SOCK_ADDR_IPv4 server_addr;
+    CPU_CHAR rx_buf[RX_BUF_SIZE];
+    CPU_CHAR tx_buf[TX_BUF_SIZE];
+    OS_ERR os_err;
+    int ret = 0, error = 0;
+
+    WOLFSSL* ssl;
+    WOLFSSL_CTX* ctx;
+
+    #ifdef DEBUG_WOLFSSL
+        wolfSSL_Debugging_ON();
+    #endif
+
+    /* wolfSSL INIT and CTX SETUP */
+
+    wolfSSL_Init();
+
+    /* SET UP NETWORK SOCKET */
+
+    APP_TRACE_INFO(("Opening a network socket...\r\n"));
+
+    sock = NetSock_Open(NET_SOCK_ADDR_FAMILY_IP_V4,
+                        NET_SOCK_TYPE_STREAM,
+                        NET_SOCK_PROTOCOL_TCP,
+                        &err);
+    if (err != NET_SOCK_ERR_NONE) {
+        APP_TRACE_INFO(("ERROR: NetSock_Open, err = %d\r\n", (int) err));
+        return -1;
+    }
+
+#ifdef NET_SECURE_MODULE_EN
+    APP_TRACE_INFO(("Setting the socket as secure...\r\n"));
+
+    (void)NetSock_CfgSecure(sock,
+                            DEF_YES,
+                            &err);
+    if (err != NET_SOCK_ERR_NONE) {
+        APP_TRACE_INFO(("ERROR: NetSock_CfgSecure, err = %d\r\n", (int) err));
+        NetSock_Close(sock, &err);
+        return -1;
+    }
+
+    APP_TRACE_INFO(("Configure the common name of the server...\r\n"));
+    (void)NetSock_CfgSecureClientCommonName(sock,
+                                           TCP_SERVER_DOMAIN_NAME,
+                                           &err);
+    if (err != NET_SOCK_ERR_NONE) {
+        APP_TRACE_INFO(("ERROR: NetSock_CfgSecureClientCommonName, \
+                        err = %d\r\n", (int) err));
+        NetSock_Close(sock, &err);
+        return -1;
+    }
+#endif /* NET_SECURE_MODULE_EN */
+
+    APP_TRACE_INFO(("Calling NetASCII_Str_to_IPv4...\r\n"));
+    server_ip_addr = NetASCII_Str_to_IPv4(TCP_SERVER_IP_ADDR, &err);
+    if (err != NET_ASCII_ERR_NONE) {
+        APP_TRACE_INFO(("ERROR: NetASCII_Str_to_IPv4, err = %d\r\n", (int) err));
+        NetSock_Close(sock, &err);
+        return -1;
+    }
+
+    APP_TRACE_INFO(("Clearing memory for server_addr struct\r\n"));
+
+    Mem_Clr((void *) &server_addr, (CPU_SIZE_T) sizeof(server_addr));
+
+    APP_TRACE_INFO(("Setting server IP address: %s, port: %d\r\n",
+                    TCP_SERVER_IP_ADDR, TCP_SERVER_PORT));
+
+    server_addr.AddrFamily = NET_SOCK_ADDR_FAMILY_IP_V4;
+    server_addr.Addr = NET_UTIL_HOST_TO_NET_32(server_ip_addr);
+    server_addr.Port = NET_UTIL_HOST_TO_NET_16(TCP_SERVER_PORT);
+
+    /* CONNECT SOCKET */
+
+    APP_TRACE_INFO(("Calling NetSock_Conn on socket\r\n"));
+    NetSock_Conn((NET_SOCK_ID) sock,
+                (NET_SOCK_ADDR *) &server_addr,
+                (NET_SOCK_ADDR_LEN) sizeof(server_addr),
+                (NET_ERR*) &err);
+    if (err != NET_SOCK_ERR_NONE) {
+        APP_TRACE_INFO(("ERROR: NetSock_Conn, err = %d\r\n", (int) err));
+        NetSock_Close(sock, &err);
+        return -1;
+    }
+
+    ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
+    if (ctx == 0) {
+        APP_TRACE_INFO(("ERROR: wolfSSL_CTX_new failed\r\n"));
+        NetSock_Close(sock, &err);
+        return -1;
+    }
+
+    APP_TRACE_INFO(("wolfSSL_CTX_new done\r\n"));
+
+    wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
+
+    ret = wolfSSL_CTX_load_verify_buffer(ctx,
+                                         google_certs_ca,
+                                         sizeof(google_certs_ca),
+                                         SSL_FILETYPE_PEM);
+
+    if (ret != SSL_SUCCESS) {
+        APP_TRACE_INFO(("ERROR: wolfSSL_CTX_load_verify_buffer() failed\r\n"));
+        NetSock_Close(sock, &err);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+
+    if ((ssl = wolfSSL_new(ctx)) == NULL) {
+        APP_TRACE_INFO(("ERROR: wolfSSL_new() failed\r\n"));
+        NetSock_Close(sock, &err);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+
+    APP_TRACE_INFO(("wolfSSL_new done\r\n"));
+    ret = wolfSSL_set_fd(ssl, sock);
+    if (ret != SSL_SUCCESS) {
+        APP_TRACE_INFO(("ERROR: wolfSSL_set_fd() failed\r\n"));
+        NetSock_Close(sock, &err);
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+    APP_TRACE_INFO(("wolfSSL_set_fd done\r\n"));
+    do {
+        error = 0; /* reset error */
+        ret = wolfSSL_connect(ssl);
+        if (ret != SSL_SUCCESS) {
+            error = wolfSSL_get_error(ssl, 0);
+            APP_TRACE_INFO(
+                    ("ERROR: wolfSSL_connect() failed, err = %d\r\n", error));
+            if (error != SSL_ERROR_WANT_READ) {
+                NetSock_Close(sock, &err);
+                wolfSSL_free(ssl);
+                wolfSSL_CTX_free(ctx);
+                return -1;
+            }
+            OSTimeDlyHMSM(0u, 0u, 1u, 0u, OS_OPT_TIME_HMSM_STRICT, &os_err);
+        }
+    } while ((ret != SSL_SUCCESS) && (error == SSL_ERROR_WANT_READ));
+
+    APP_TRACE_INFO(("wolfSSL_connect() ok... sending GET\r\n"));
+    Str_Copy_N(tx_buf, TX_MSG, TX_MSG_SIZE);
+    if (wolfSSL_write(ssl, tx_buf, TX_MSG_SIZE) != TX_MSG_SIZE) {
+        error = wolfSSL_get_error(ssl, 0);
+        APP_TRACE_INFO(("ERROR: wolfSSL_write() failed, err = %d\r\n", error));
+        NetSock_Close(sock, &err);
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+    do {
+        error = 0; /* reset error */
+        ret = wolfSSL_read(ssl, rx_buf, RX_BUF_SIZE - 1);
+        if (ret < 0) {
+            error = wolfSSL_get_error(ssl, 0);
+            if (error != SSL_ERROR_WANT_READ) {
+                APP_TRACE_INFO(("wolfSSL_read failed, error = %d\r\n", error));
+                NetSock_Close(sock, &err);
+                wolfSSL_free(ssl);
+                wolfSSL_CTX_free(ctx);
+                return -1;
+            }
+            OSTimeDlyHMSM(0u, 0u, 1u, 0u, OS_OPT_TIME_HMSM_STRICT, &os_err);
+        } else if (ret > 0) {
+            rx_buf[ret] = 0;
+            APP_TRACE_INFO(("%s\r\n", rx_buf));
+        }
+    } while (error == SSL_ERROR_WANT_READ);
+    wolfSSL_shutdown(ssl);
+    wolfSSL_free(ssl);
+    wolfSSL_CTX_free(ctx);
+    wolfSSL_Cleanup();
+    NetSock_Close(sock, &err);
+    return 0;
+}
--- a/IDE/ECLIPSE/MICRIUM/client_wolfssl.h
+++ b/IDE/ECLIPSE/MICRIUM/client_wolfssl.h
@@ -0,0 +1,35 @@
+/* client_wolfssl.h
+ *
+ * Copyright (C) 2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef  __CLIENT_WOLFSSL_H__
+#define  __CLIENT_WOLFSSL_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int wolfssl_client_test(void);
+
+#ifdef __cplusplus
+}  /* extern "C" */
+#endif
+
+#endif /* CLIENT_WOLFSSL_H */
--- a/IDE/ECLIPSE/MICRIUM/include.am
+++ b/IDE/ECLIPSE/MICRIUM/include.am
@@ -0,0 +1,12 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST += \
+    IDE/ECLIPSE/MICRIUM/README.md \
+    IDE/ECLIPSE/MICRIUM/user_settings.h \
+    IDE/ECLIPSE/MICRIUM/client_wolfssl.h \
+    IDE/ECLIPSE/MICRIUM/server_wolfssl.h \
+    IDE/ECLIPSE/MICRIUM/client_wolfssl.c \
+    IDE/ECLIPSE/MICRIUM/server_wolfssl.c \
+    IDE/ECLIPSE/MICRIUM/wolfsslRunTests.c
--- a/IDE/ECLIPSE/MICRIUM/server_wolfssl.c
+++ b/IDE/ECLIPSE/MICRIUM/server_wolfssl.c
@@ -0,0 +1,335 @@
+/* server_wolfssl.c
+ *
+ * Copyright (C) 2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include  <Source/net_sock.h>
+#include  <Source/net_app.h>
+#include  <Source/net_util.h>
+#include  <Source/net_ascii.h>
+#include  <app_cfg.h>
+
+#include  "wolfssl/ssl.h"
+#include  "server_wolfssl.h"
+
+#define TLS_SERVER_PORT 11111
+#define TX_BUF_SIZE 64
+#define RX_BUF_SIZE 1024
+#define TCP_SERVER_CONN_Q_SIZE 1
+
+/* derived from wolfSSL/certs/server-ecc.der */
+
+static const CPU_INT08U server_ecc_der_256[] = { 0x30, 0x82, 0x03, 0x10,
+        0x30, 0x82, 0x02, 0xB5, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
+        0xEF, 0x46, 0xC7, 0xA4, 0x9B, 0xBB, 0x60, 0xD3, 0x30, 0x0A, 0x06, 0x08,
+        0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x8F, 0x31,
+        0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53,
+        0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57,
+        0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30,
+        0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74,
+        0x74, 0x6C, 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A,
+        0x0C, 0x07, 0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31, 0x0C, 0x30,
+        0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43, 0x43, 0x31,
+        0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77,
+        0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
+        0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
+        0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
+        0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E,
+        0x17, 0x0D, 0x31, 0x36, 0x30, 0x38, 0x31, 0x31, 0x32, 0x30, 0x30, 0x37,
+        0x33, 0x38, 0x5A, 0x17, 0x0D, 0x31, 0x39, 0x30, 0x35, 0x30, 0x38, 0x32,
+        0x30, 0x30, 0x37, 0x33, 0x38, 0x5A, 0x30, 0x81, 0x8F, 0x31, 0x0B, 0x30,
+        0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13,
+        0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57, 0x61, 0x73,
+        0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06,
+        0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C,
+        0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07,
+        0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31, 0x0C, 0x30, 0x0A, 0x06,
+        0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43, 0x43, 0x31, 0x18, 0x30,
+        0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E,
+        0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31,
+        0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
+        0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C,
+        0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x59, 0x30, 0x13,
+        0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A,
+        0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xBB,
+        0x33, 0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6, 0x4A, 0xA5, 0x04, 0xC3, 0x3C,
+        0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, 0xCE, 0x94, 0xEA, 0x2B, 0xFA, 0xCB,
+        0x20, 0x09, 0x39, 0x2C, 0x16, 0xE8, 0x61, 0x02, 0xE9, 0xAF, 0x4D, 0xD3,
+        0x02, 0x93, 0x9A, 0x31, 0x5B, 0x97, 0x92, 0x21, 0x7F, 0xF0, 0xCF, 0x18,
+        0xDA, 0x91, 0x11, 0x02, 0x34, 0x86, 0xE8, 0x20, 0x58, 0x33, 0x0B, 0x80,
+        0x34, 0x89, 0xD8, 0xA3, 0x81, 0xF7, 0x30, 0x81, 0xF4, 0x30, 0x1D, 0x06,
+        0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x5D, 0x5D, 0x26, 0xEF,
+        0xAC, 0x7E, 0x36, 0xF9, 0x9B, 0x76, 0x15, 0x2B, 0x4A, 0x25, 0x02, 0x23,
+        0xEF, 0xB2, 0x89, 0x30, 0x30, 0x81, 0xC4, 0x06, 0x03, 0x55, 0x1D, 0x23,
+        0x04, 0x81, 0xBC, 0x30, 0x81, 0xB9, 0x80, 0x14, 0x5D, 0x5D, 0x26, 0xEF,
+        0xAC, 0x7E, 0x36, 0xF9, 0x9B, 0x76, 0x15, 0x2B, 0x4A, 0x25, 0x02, 0x23,
+        0xEF, 0xB2, 0x89, 0x30, 0xA1, 0x81, 0x95, 0xA4, 0x81, 0x92, 0x30, 0x81,
+        0x8F, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
+        0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C,
+        0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31,
+        0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65,
+        0x61, 0x74, 0x74, 0x6C, 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55,
+        0x04, 0x0A, 0x0C, 0x07, 0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31,
+        0x0C, 0x30, 0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43,
+        0x43, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F,
+        0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E,
+        0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48,
+        0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F,
+        0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
+        0x82, 0x09, 0x00, 0xEF, 0x46, 0xC7, 0xA4, 0x9B, 0xBB, 0x60, 0xD3, 0x30,
+        0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01,
+        0xFF, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03,
+        0x02, 0x03, 0x49, 0x00, 0x30, 0x46, 0x02, 0x21, 0x00, 0xF1, 0xD0, 0xA6,
+        0x3E, 0x83, 0x33, 0x24, 0xD1, 0x7A, 0x05, 0x5F, 0x1E, 0x0E, 0xBD, 0x7D,
+        0x6B, 0x33, 0xE9, 0xF2, 0x86, 0xF3, 0xF3, 0x3D, 0xA9, 0xEF, 0x6A, 0x87,
+        0x31, 0xB3, 0xB7, 0x7E, 0x50, 0x02, 0x21, 0x00, 0xF0, 0x60, 0xDD, 0xCE,
+        0xA2, 0xDB, 0x56, 0xEC, 0xD9, 0xF4, 0xE4, 0xE3, 0x25, 0xD4, 0xB0, 0xC9,
+        0x25, 0x7D, 0xCA, 0x7A, 0x5D, 0xBA, 0xC4, 0xB2, 0xF6, 0x7D, 0x04, 0xC7,
+        0xBD, 0x62, 0xC9, 0x20 };
+
+/* derived from wolfSSL/certs/ecc-key.der */
+
+static const CPU_INT08U ecc_key_der_256[] = { 0x30, 0x77, 0x02, 0x01, 0x01,
+        0x04, 0x20, 0x45, 0xB6, 0x69, 0x02, 0x73, 0x9C, 0x6C, 0x85, 0xA1, 0x38,
+        0x5B, 0x72, 0xE8, 0xE8, 0xC7, 0xAC, 0xC4, 0x03, 0x8D, 0x53, 0x35, 0x04,
+        0xFA, 0x6C, 0x28, 0xDC, 0x34, 0x8D, 0xE1, 0xA8, 0x09, 0x8C, 0xA0, 0x0A,
+        0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0xA1, 0x44,
+        0x03, 0x42, 0x00, 0x04, 0xBB, 0x33, 0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6,
+        0x4A, 0xA5, 0x04, 0xC3, 0x3C, 0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, 0xCE,
+        0x94, 0xEA, 0x2B, 0xFA, 0xCB, 0x20, 0x09, 0x39, 0x2C, 0x16, 0xE8, 0x61,
+        0x02, 0xE9, 0xAF, 0x4D, 0xD3, 0x02, 0x93, 0x9A, 0x31, 0x5B, 0x97, 0x92,
+        0x21, 0x7F, 0xF0, 0xCF, 0x18, 0xDA, 0x91, 0x11, 0x02, 0x34, 0x86, 0xE8,
+        0x20, 0x58, 0x33, 0x0B, 0x80, 0x34, 0x89, 0xD8 };
+
+
+int wolfssl_server_test(void)
+{
+    NET_ERR err;
+    NET_SOCK_ID sock_listen;
+    NET_SOCK_ID sock_req;
+    NET_SOCK_ADDR_IPv4 server_addr;
+    NET_SOCK_ADDR_LEN server_addr_len;
+    NET_SOCK_ADDR_IPv4 client_sock_addr_ip;
+    NET_SOCK_ADDR_LEN client_sock_addr_ip_size;
+    CPU_CHAR rx_buf[RX_BUF_SIZE];
+    CPU_CHAR tx_buf[TX_BUF_SIZE];
+    CPU_BOOLEAN attempt_conn;
+    OS_ERR os_err;
+    WOLFSSL * ssl;
+    WOLFSSL_CTX * ctx;
+    int tx_buf_sz = 0, ret = 0, error = 0;
+
+    #ifdef DEBUG_WOLFSSL
+        wolfSSL_Debugging_ON();
+    #endif
+
+    /* wolfSSL INIT and CTX SETUP */
+
+    wolfSSL_Init();
+
+    /* SET UP NETWORK SOCKET */
+
+    APP_TRACE_INFO(("Opening network socket...\r\n"));
+    sock_listen = NetSock_Open(NET_SOCK_ADDR_FAMILY_IP_V4,
+                               NET_SOCK_TYPE_STREAM,
+                               NET_SOCK_PROTOCOL_TCP,
+                               &err);
+    if (err != NET_SOCK_ERR_NONE) {
+        APP_TRACE_INFO(("ERROR: NetSock_Open, err = %d\r\n", (int) err));
+        return -1;
+    }
+
+    APP_TRACE_INFO(("Clearing memory for server_addr struct\r\n"));
+    server_addr_len = sizeof(server_addr);
+    Mem_Clr((void *) &server_addr, (CPU_SIZE_T) server_addr_len);
+
+    APP_TRACE_INFO(("Setting up server_addr struct\r\n"));
+    server_addr.AddrFamily = NET_SOCK_ADDR_FAMILY_IP_V4;
+    server_addr.Addr = NET_UTIL_HOST_TO_NET_32(NET_SOCK_ADDR_IP_V4_WILDCARD);
+    server_addr.Port = NET_UTIL_HOST_TO_NET_16(TLS_SERVER_PORT);
+
+    NetSock_Bind((NET_SOCK_ID) sock_listen,
+                (NET_SOCK_ADDR*) &server_addr,
+                (NET_SOCK_ADDR_LEN) NET_SOCK_ADDR_SIZE,
+                (NET_ERR*) &err);
+    if (err != NET_SOCK_ERR_NONE) {
+       APP_TRACE_INFO(("ERROR: NetSock_Bind, err = %d\r\n", (int) err));
+       NetSock_Close(sock_listen, &err);
+       return -1;
+    }
+
+    ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method());
+    if (ctx == 0) {
+        APP_TRACE_INFO(("ERROR: wolfSSL_CTX_new failed\r\n"));
+        NetSock_Close(sock_listen, &err);
+        return -1;
+    }
+    APP_TRACE_INFO(("wolfSSL_CTX_new done\r\n"));
+
+    ret = wolfSSL_CTX_use_certificate_buffer(ctx,
+                                             server_ecc_der_256,
+                                             sizeof(server_ecc_der_256),
+                                             SSL_FILETYPE_ASN1);
+    if (ret != SSL_SUCCESS) {
+        APP_TRACE_INFO(
+                ("ERROR: wolfSSL_CTX_use_certificate_buffer() failed\r\n"));
+        NetSock_Close(sock_listen, &err);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+    ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx,
+                                            ecc_key_der_256,
+                                            sizeof(ecc_key_der_256),
+                                            SSL_FILETYPE_ASN1);
+    if (ret != SSL_SUCCESS) {
+        APP_TRACE_INFO(
+                ("ERROR: wolfSSL_CTX_use_PrivateKey_buffer() failed\r\n"));
+        NetSock_Close(sock_listen, &err);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+    /* accept client socket connections */
+
+    APP_TRACE_INFO(("Listening for client connection\r\n"));
+
+    NetSock_Listen(sock_listen, TCP_SERVER_CONN_Q_SIZE, &err);
+    if (err != NET_SOCK_ERR_NONE) {
+        APP_TRACE_INFO(("ERROR: NetSock_Listen, err = %d\r\n", (int) err));
+        NetSock_Close(sock_listen, &err);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+    do {
+        client_sock_addr_ip_size = sizeof(client_sock_addr_ip);
+        sock_req = NetSock_Accept((NET_SOCK_ID) sock_listen,
+                                 (NET_SOCK_ADDR*) &client_sock_addr_ip,
+                                 (NET_SOCK_ADDR_LEN*) &client_sock_addr_ip_size,
+                                 (NET_ERR*) &err);
+        switch (err) {
+        case NET_SOCK_ERR_NONE:
+            attempt_conn = DEF_NO;
+            break;
+        case NET_ERR_INIT_INCOMPLETE:
+        case NET_SOCK_ERR_NULL_PTR:
+        case NET_SOCK_ERR_NONE_AVAIL:
+        case NET_SOCK_ERR_CONN_ACCEPT_Q_NONE_AVAIL:
+            attempt_conn = DEF_YES;
+            break;
+        case NET_SOCK_ERR_CONN_SIGNAL_TIMEOUT:
+            APP_TRACE_INFO(
+                    ("NetSockAccept err = NET_SOCK_ERR_CONN_SIGNAL_TIMEOUT\r\n"));
+            attempt_conn = DEF_YES;
+            break;
+        default:
+            attempt_conn = DEF_NO;
+            break;
+        }
+    } while (attempt_conn == DEF_YES);
+    if (err != NET_SOCK_ERR_NONE) {
+        APP_TRACE_INFO(("ERROR: NetSock_Accept, err = %d\r\n", (int) err));
+        NetSock_Close(sock_listen, &err);
+        return -1;
+    }
+
+    APP_TRACE_INFO(("Got client connection! Starting TLS negotiation\r\n"));
+    /* set up wolfSSL session */
+    if ((ssl = wolfSSL_new(ctx)) == NULL) {
+        APP_TRACE_INFO(("ERROR: wolfSSL_new() failed\r\n"));
+        NetSock_Close(sock_req, &err);
+        NetSock_Close(sock_listen, &err);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+
+    APP_TRACE_INFO(("wolfSSL_new done\r\n"));
+    ret = wolfSSL_set_fd(ssl, sock_req);
+    if (ret != SSL_SUCCESS) {
+        APP_TRACE_INFO(("ERROR: wolfSSL_set_fd() failed\r\n"));
+        NetSock_Close(sock_req, &err);
+        NetSock_Close(sock_listen, &err);
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+
+    APP_TRACE_INFO(("wolfSSL_set_fd done\r\n"));
+    do {
+        error = 0; /* reset error */
+        if (ret != SSL_SUCCESS) {
+            error = wolfSSL_get_error(ssl, 0);
+            APP_TRACE_INFO(
+                    ("ERROR: wolfSSL_accept() failed, err = %d\r\n", error));
+            if (error != SSL_ERROR_WANT_READ) {
+                NetSock_Close(sock_req, &err);
+                NetSock_Close(sock_listen, &err);
+                wolfSSL_free(ssl);
+                wolfSSL_CTX_free(ctx);
+                return -1;
+            }
+            OSTimeDlyHMSM(0u, 0u, 0u, 500u, OS_OPT_TIME_HMSM_STRICT, &os_err);
+        }
+    } while ((ret != SSL_SUCCESS) && (error == SSL_ERROR_WANT_READ));
+
+    APP_TRACE_INFO(("wolfSSL_accept() ok...\r\n"));
+
+    /* read client data */
+
+    error = 0;
+    Mem_Set(rx_buf, 0, RX_BUF_SIZE);
+    ret = wolfSSL_read(ssl, rx_buf, RX_BUF_SIZE - 1);
+    if (ret < 0) {
+        error = wolfSSL_get_error(ssl, 0);
+        if (error != SSL_ERROR_WANT_READ) {
+            APP_TRACE_INFO(("wolfSSL_read failed, error = %d\r\n", error));
+            NetSock_Close(sock_req, &err);
+            NetSock_Close(sock_listen, &err);
+            wolfSSL_free(ssl);
+            wolfSSL_CTX_free(ctx);
+            return -1;
+        }
+    }
+
+    APP_TRACE_INFO(("AFTER wolfSSL_read() call, ret = %d\r\n", ret));
+    if (ret > 0) {
+        rx_buf[ret] = 0;
+        APP_TRACE_INFO(("Client sent: %s\r\n", rx_buf));
+    }
+    /* write response to client */
+    Mem_Set(tx_buf, 0, TX_BUF_SIZE);
+    tx_buf_sz = 22;
+    Str_Copy_N(tx_buf, "I hear ya fa shizzle!\n", tx_buf_sz);
+    if (wolfSSL_write(ssl, tx_buf, tx_buf_sz) != tx_buf_sz) {
+        error = wolfSSL_get_error(ssl, 0);
+        APP_TRACE_INFO(("ERROR: wolfSSL_write() failed, err = %d\r\n", error));
+        NetSock_Close(sock_req, &err);
+        NetSock_Close(sock_listen, &err);
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+    ret = wolfSSL_shutdown(ssl);
+    if (ret == SSL_SHUTDOWN_NOT_DONE)
+        wolfSSL_shutdown(ssl);
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        wolfSSL_Cleanup();
+        NetSock_Close(sock_req, &err);
+        NetSock_Close(sock_listen, &err);
+    return 0;
+}
--- a/IDE/ECLIPSE/MICRIUM/server_wolfssl.h
+++ b/IDE/ECLIPSE/MICRIUM/server_wolfssl.h
@@ -0,0 +1,35 @@
+/* server_wolfssl.h
+ *
+ * Copyright (C) 2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef  __SERVER_WOLFSSL_H__
+#define  __SERVER_WOLFSSL_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int wolfssl_server_test(void);
+
+#ifdef __cplusplus
+}  /* extern "C" */
+#endif
+
+#endif /* SERVER_WOLFSSL_H */
--- a/IDE/ECLIPSE/MICRIUM/user_settings.h
+++ b/IDE/ECLIPSE/MICRIUM/user_settings.h
@@ -0,0 +1,75 @@
+/* user_setting.h
+ *
+ * Copyright (C) 2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef MICRIUM_USER_SETTINGS_H_
+#define MICRIUM_USER_SETTINGS_H_
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+#define MICRIUM
+
+/* You can select one or all of the following tests */
+#define WOLFSSL_WOLFCRYPT_TEST
+#define WOLFSSL_BENCHMARK_TEST
+#define WOLFSSL_CLIENT_TEST
+#define WOLFSSL_SERVER_TEST
+
+/* adjust CURRENT_UNIX_TS to seconds since Jan 01 1970. (UTC)
+You can get the current time from https://www.unixtimestamp.com/
+*/
+#define CURRENT_UNIX_TS 1542605837
+
+/* When using Windows simulator, you must define USE_WINDOWS_API for test.h to build */
+#ifdef _WIN32
+#define USE_WINDOWS_API
+#endif
+
+#define NO_FILESYSTEM
+#define SIZEOF_LONG_LONG 8
+
+/* prevents from including multiple definition of main() */
+#define NO_MAIN_DRIVER
+#define NO_TESTSUITE_MAIN_DRIVER
+
+/* includes certificate test buffers via header files */
+#define USE_CERT_BUFFERS_2048
+/*use kB instead of mB for embedded benchmarking*/
+#define BENCH_EMBEDDED
+
+#define NO_WRITE_TEMP_FILES
+
+#define XSNPRINTF snprintf
+
+#define HAVE_AESGCM
+#define WOLFSSL_SHA512
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define CURVE25519_SMALL
+#define HAVE_ED25519
+#define ED25519_SMALL
+
+#ifdef __cplusplus
+    }   /* extern "C" */
+#endif
+
+#endif
--- a/IDE/ECLIPSE/MICRIUM/wolfsslRunTests.c
+++ b/IDE/ECLIPSE/MICRIUM/wolfsslRunTests.c
@@ -0,0 +1,80 @@
+/* wolfsslRunTests.c
+ *
+ * Copyright (C) 2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include  <includes.h> /* master includes from Micrium Freescale Kinetis K70*/
+
+#include  <wolfssl/ssl.h>
+
+/*
+* Description :  This function runs wolfssl tests.
+* Caller(s)   :  main() in app.c
+* Note(s)     :  none.
+*/
+
+int  wolfsslRunTests (void)
+{
+    CLK_ERR        err;
+    CLK_TS_SEC     ts_unix_sec;
+    CPU_BOOLEAN    valid;
+    static int initialized = 0;
+
+    if(!initialized) {
+        Clk_Init(&err);
+
+        if (err == CLK_ERR_NONE) {
+            APP_TRACE_INFO(("Clock module successfully initialized\n"));
+        } else {
+            APP_TRACE_INFO(("Clock module initialization failed\n"));
+            return -1;
+        }
+
+        valid = Clk_GetTS_Unix(&ts_unix_sec);
+
+        if (valid == DEF_OK) {
+            APP_TRACE_INFO(("Timestamp Unix = %u\n", ts_unix_sec));
+        } else {
+            APP_TRACE_INFO(("Get TS Unix error\n"));
+          }
+    #if defined(CURRENT_UNIX_TS)
+        valid = Clk_SetTS_Unix(CURRENT_UNIX_TS);
+        if (valid != DEF_OK) {
+            APP_TRACE_INFO(("Clk_SetTS_Unix error\n"));
+            return -1;
+        }
+    #endif
+     initialized = 1;
+    }
+
+    #if defined(WOLFSSL_WOLFCRYPT_TEST)
+        wolfcrypt_test(NULL);
+    #endif
+    #if defined(WOLFSSL_BENCHMARK_TEST)
+        benchmark_test(NULL);
+    #endif
+    #if defined(WOLFSSL_CLIENT_TEST)
+        wolfssl_client_test();
+    #endif
+    #if defined(WOLFSSL_SERVER_TEST)
+        wolfssl_server_test();
+    #endif
+
+    return 0;
+}
--- a/IDE/Espressif/ESP-IDF/README.md
+++ b/IDE/Espressif/ESP-IDF/README.md
@@ -0,0 +1,33 @@
+# ESP-IDF port
+## Overview
+ ESP-IDF development framework with wolfSSL by setting *WOLFSSL_ESPIDF* definition
+ 
+ Including the following examples:
+  simple tls_client/server
+  crypt test
+  crypt benchmark
+
+ The *user_settings.h* file enables some of the hardened settings.
+
+## Requirements
+ 1. ESP-IDF development framework
+    [https://docs.espressif.com/projects/esp-idf/en/latest/get-started/]
+    Note: This expects to use Linux version.
+     
+## Setup
+ 1. Run *setup.sh* to deploy files into ESP-IDF tree
+ 2. Find Wolfssl files at /path/to/esp-idf/components/wolfssl/
+ 3. Find Example programs under /path/to/esp-idf/examples/protocols/wolfssl_xxx
+ 4. Uncomment out #define WOLFSSL_ESPIDF in /path/to/wolfssl/wolfssl/wolfcrypt/settings.h
+    Uncomment out #define WOLFSSL_ESPWROOM32 in /path/to/wolfssl/wolfssl/wolfcrypt/settings.h
+
+## Configuration
+ 1. The *user_settings.h* for each example can be found in /path/to/examples/protocols/wolfssl_xxx/main/include/user_settings.h
+
+## Build examples
+ 1. See README in each example folder
+
+## Support
+ For question please email [support@wolfssl.com]
+
+ Note: This is tested with "Ubuntu 18.04.1 LTS" and ESP32-WROOM-32.
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/CMakeLists.txt
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/CMakeLists.txt
@@ -0,0 +1,6 @@
+# The following lines of boilerplate have to be in your project's
+# CMakeLists in this exact order for cmake to work correctly
+cmake_minimum_required(VERSION 3.5)
+
+include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+project(wolfssl_benchmark)
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/Makefile
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/Makefile
@@ -0,0 +1,11 @@
+#
+# This is a project Makefile. It is assumed the directory this Makefile resides in is a
+# project subdirectory.
+#
+
+PROJECT_NAME := wolfssl_benchmark
+
+CFLAGS += -DWOLFSSL_USER_SETTINGS
+
+include $(IDF_PATH)/make/project.mk
+
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md
@@ -0,0 +1,14 @@
+#wolfSSL Example
+
+The Example contains of wolfSSL benchmark program.
+
+1. "make menuconfig" to configure the program.
+ 1-1. Example Configuration ->
+     BENCH_ARG : argument that you want to use. Default is "-lng 0"
+                 The list of argument can be find in help.
+
+When you want to run the benchmark program
+1. "make flash" to compile and load the firmware
+2. "make monitor" to see the message
+
+See the README.md file in the upper level 'examples' directory for more information about examples.
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/Kconfig.projbuild
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/Kconfig.projbuild
@@ -0,0 +1,29 @@
+menu "Example Configuration"
+
+config BENCH_ARGV
+    string "Arguments for benchmark test"
+    default "-lng 0"
+    help
+        -? <num>    Help, print this usage
+                     0: English, 1: Japanese
+        -csv        Print terminal output in csv format
+        -base10     Display bytes as power of 10 (eg 1 kB = 1000 Bytes)
+        -no_aad     No additional authentication data passed.
+        -dgst_full  Full digest operation performed.
+        -rsa_sign   Measure RSA sign/verify instead of encrypt/decrypt.
+        -<alg>      Algorithm to benchmark. Available algorithms include:
+                    cipher aes-cbc aes-gcm chacha20 chacha20-poly1305
+                    digest md5 poly1305 sha sha2 sha224 sha256 sha384 sha512 sha3
+                    sha3-224 sha3-256 sha3-384 sha3-512
+                    mac hmac hmac-md5 hmac-sha hmac-sha224 hmac-sha256 hmac-sha384
+                    hmac-sha512
+                    asym rsa rsa-sz dh ecc-kg ecc
+                    other rng
+        -lng <num>  Display benchmark result by specified language.
+                    0: English, 1: Japanese
+        <num>       Size of block in bytes
+        
+        e.g -lng 1
+        e.g sha
+
+endmenu
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/component.mk
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/component.mk
@@ -0,0 +1,8 @@
+#
+# Main component makefile.
+#
+# This Makefile can be left empty. By default, it will take the sources in the 
+# src/ directory, compile them and link them into lib(subdirectory_name).a 
+# in the build directory. This behaviour is entirely configurable,
+# please read the ESP-IDF documents if you need to do this.
+#
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/helper.c
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/helper.c
@@ -0,0 +1,80 @@
+/* helper.c
+ *
+ * Copyright (C) 2006-2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "sdkconfig.h"
+
+#define WOLFSSL_BENCH_ARGV              CONFIG_BENCH_ARGV
+
+char* __argv[22];
+
+int construct_argv()
+{
+    int cnt = 0;
+    int i = 0;
+    int len = 0;
+    char *_argv;            /* buffer for copying the string    */
+    char *ch;               /* char pointer to trace the string */
+    char buff[16] = { 0 };  /* buffer for a argument copy       */
+
+    printf("arg:%s\n", CONFIG_BENCH_ARGV);
+    len = strlen(CONFIG_BENCH_ARGV);
+    _argv = (char*)malloc(len + 1);
+    if (!_argv) {
+        return -1;
+    }
+    memset(_argv, 0, len+1);
+    memcpy(_argv, CONFIG_BENCH_ARGV, len);
+    _argv[len] = '\0';
+    ch = _argv;
+
+    __argv[cnt] = malloc(10);
+    sprintf(__argv[cnt], "benchmark");
+    __argv[9] = '\0';
+    cnt = 1;
+
+    while (*ch != '\0')
+    {
+        /* skip white-space */
+        while (*ch == ' ') { ++ch; }
+
+        memset(buff, 0, sizeof(buff));
+        /* copy each args into buffer */
+        i = 0;
+        while ((*ch != ' ') && (*ch != '\0') && (i < 16)) {
+            buff[i] = *ch;
+            ++i;
+            ++ch;
+        }
+        /* copy the string into argv */
+        __argv[cnt] = (char*)malloc(i + 1);
+        memset(__argv[cnt], 0, i + 1);
+        memcpy(__argv[cnt], buff, i + 1);
+        /* next args */
+        ++cnt;
+    }
+
+    free(_argv);
+
+    return (cnt);
+}
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/include/user_settings.h
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/include/user_settings.h
@@ -0,0 +1,51 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#define BENCH_EMBEDDED
+#define USE_CERT_BUFFERS_2048
+
+/* TLS 1.3                                 */
+#define WOLFSSL_TLS13
+#define HAVE_TLS_EXTENSIONS
+#define WC_RSA_PSS
+#define HAVE_HKDF
+#define HAVE_FFDHE_2048
+#define HAVE_AEAD
+#define HAVE_SUPPORTED_CURVES
+
+#define SINGLE_THREADED /* or define RTOS  option */
+#define NO_FILESYSTEM
+
+#define HAVE_AESGCM
+#define WOLFSSL_SHA512
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define CURVE25519_SMALL
+#define HAVE_ED25519
+
+/* debug options */
+/* #define DEBUG_WOLFSSL */
+
+/* date/time                               */
+/* if it cannot adjust time in the device, */
+/* enable macro below                      */
+/* #define NO_ASN_TIME */
+/* #define XTIME time */
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/sdkconfig.defaults
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/sdkconfig.defaults
@@ -0,0 +1,4 @@
+CONFIG_BENCH_ARGV="-lng 0"
+CONFIG_MAIN_TASK_STACK_SIZE=5000
+CONFIG_FREERTOS_HZ=1000
+CONFIG_TASK_WDT_CHECK_IDLE_TASK_CPU0=
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/CMakeLists.txt
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/CMakeLists.txt
@@ -0,0 +1,6 @@
+# The following lines of boilerplate have to be in your project's
+# CMakeLists in this exact order for cmake to work correctly
+cmake_minimum_required(VERSION 3.5)
+
+include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+project(wolfssl_client)
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/Makefile
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/Makefile
@@ -0,0 +1,11 @@
+#
+# This is a project Makefile. It is assumed the directory this Makefile resides in is a
+# project subdirectory.
+#
+
+PROJECT_NAME := wolfssl_client
+
+CFLAGS += -DWOLFSSL_USER_SETTINGS
+
+include $(IDF_PATH)/make/project.mk
+
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md
@@ -0,0 +1,19 @@
+#wolfssl Example
+
+The Example contains of wolfSSL tls client demo.
+
+1. "make menuconfig" to config the project
+ 1-1. Example Configuration ->
+      WIFI SSID: your own WIFI, which is connected to the Internet.(default is "myssid")
+      WIFI Password: WIFI password, and default is "mypassword"
+      Target host ip address : the host that you want to connect to.(default is 127.0.0.1)
+    
+    Note: the example program uses 11111 port. If you want to use different port
+         , you need to modifiy DEFAULT_PORT definition in the code.
+
+When you want to test the wolfSSL client
+1. "make falsh monitor" to load the firmware and see the context
+2. You can use <wolfssl>/examples/server/server program for test.
+   e.g. Launch ./examples/server/server -v 4 -b -i
+
+See the README.md file in the upper level 'examples' directory for more information about examples.
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/Kconfig.projbuild
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/Kconfig.projbuild
@@ -0,0 +1,21 @@
+menu "Example Configuration"
+
+config WIFI_SSID
+    string "WiFi SSID"
+    default "myssid"
+    help
+        SSID (network name) for the example to connect to.
+
+config WIFI_PASSWORD
+    string "WiFi Password"
+    default "mypassword"
+    help
+        WiFi password (WPA or WPA2) for the example to use.
+
+config TARGET_HOST
+    string "Target host"
+    default "127.0.01.1"
+    help
+        host address for the example to connect
+        
+endmenu
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c
@@ -0,0 +1,151 @@
+/* client-tls-callback.c
+ *
+ * Copyright (C) 2006-2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+/* the usual suspects */
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+
+/* ESP specific */
+#include "wifi_connect.h"
+
+/* socket includes */
+#include <sys/socket.h>
+#include <arpa/inet.h>
+#include <netinet/in.h>
+#include <unistd.h>
+
+/* wolfSSL */
+#include <wolfssl/options.h>
+#include <wolfssl/ssl.h>
+#include <wolfssl/certs_test.h>
+
+#ifdef WOLFSSL_TRACK_MEMORY
+    #include <wolfssl/wolfcrypt/mem_track.h>
+#endif
+
+const char *TAG = "tls_client";
+
+void tls_smp_client_task()
+{
+    int ret;
+    int sockfd;
+    struct sockaddr_in servAddr;
+    char buff[256];
+    size_t len;
+
+    /* declare wolfSSL objects */
+    WOLFSSL_CTX *ctx;
+    WOLFSSL *ssl;
+
+   WOLFSSL_ENTER("tls_smp_client_task");
+
+#ifdef DEBUG_WOLFSSL
+   WOLFSSL_MSG("Debug ON");
+   wolfSSL_Debugging_ON();
+#endif
+    /* Initialize wolfSSL */
+    wolfSSL_Init();
+
+    /* Create a socket that uses an internet IPv4 address,
+     * Sets the socket to be stream based (TCP),
+     * 0 means choose the default protocol. */
+    if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
+        printf("ERROR: failed to create the socket\n");
+    }
+    /* Create and initialize WOLFSSL_CTX */
+    if ((ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())) == NULL) {
+        printf("ERROR: failed to create WOLFSSL_CTX\n");
+    }
+    WOLFSSL_MSG("Loading...cert");
+    /* Load client certificates into WOLFSSL_CTX */
+    if ((ret = wolfSSL_CTX_load_verify_buffer(ctx, ca_cert_der_2048,
+        sizeof_ca_cert_der_2048, WOLFSSL_FILETYPE_ASN1)) != SSL_SUCCESS) {
+        printf("ERROR: failed to load %d, please check the file.\n",ret);
+    }
+
+    /* Initialize the server address struct with zeros */
+    memset(&servAddr, 0, sizeof(servAddr));
+
+    /* Fill in the server address */
+    servAddr.sin_family = AF_INET;           /* using IPv4      */
+    servAddr.sin_port = htons(DEFAULT_PORT); /* on DEFAULT_PORT */
+
+    /* Get the server IPv4 address from the command line call */
+    WOLFSSL_MSG("inet_pton");
+    if ((ret = inet_pton(AF_INET, TLS_SMP_TARGET_HOST,
+             &servAddr.sin_addr)) != 1) {
+        printf("ERROR: invalid address ret=%d\n", ret);
+    }
+
+    /* Connect to the server */
+    sprintf(buff, "Connecting to server....%s(port:%d)", TLS_SMP_TARGET_HOST
+                                                      , DEFAULT_PORT);
+    WOLFSSL_MSG(buff);
+    if ((ret = connect(sockfd, (struct sockaddr *)&servAddr,
+                                    sizeof(servAddr))) == -1){
+        printf("ERROR: failed to connect ret=%d\n", ret);
+    }
+
+    WOLFSSL_MSG("Create a WOLFSSL object");
+    /* Create a WOLFSSL object */
+    if ((ssl = wolfSSL_new(ctx)) == NULL) {
+        printf("ERROR: failed to create WOLFSSL object\n");
+    }
+
+    /* Attach wolfSSL to the socket */
+    wolfSSL_set_fd(ssl, sockfd);
+
+    WOLFSSL_MSG("Connect to wolfSSL on the server side");
+    /* Connect to wolfSSL on the server side */
+    if (wolfSSL_connect(ssl) != SSL_SUCCESS) {
+        printf("ERROR: failed to connect to wolfSSL\n");
+    }
+
+    /* Get a message for the server from stdin */
+    WOLFSSL_MSG("Message for server: ");
+    memset(buff, 0, sizeof(buff));
+    sprintf(buff, "message from client\n");
+    len = strnlen(buff, sizeof(buff));
+    /* Send the message to the server */
+    if (wolfSSL_write(ssl, buff, len) != len) {
+        printf("ERROR: failed to write\n");
+    }
+
+    /* Read the server data into our buff array */
+    memset(buff, 0, sizeof(buff));
+    if (wolfSSL_read(ssl, buff, sizeof(buff) - 1) == -1) {
+        printf("ERROR: failed to read\n");
+    }
+
+    /* Print to stdout any data the server sends */
+    WOLFSSL_MSG("Server:");
+    WOLFSSL_MSG(buff);
+    /* Cleanup and return */
+    wolfSSL_free(ssl);     /* Free the wolfSSL object                  */
+    wolfSSL_CTX_free(ctx); /* Free the wolfSSL context object          */
+    wolfSSL_Cleanup();     /* Cleanup the wolfSSL environment          */
+    close(sockfd);         /* Close the connection to the server       */
+    
+    vTaskDelete(NULL);
+
+    return;                /* Return reporting a success               */
+}
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/component.mk
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/component.mk
@@ -0,0 +1,8 @@
+#
+# Main component makefile.
+#
+# This Makefile can be left empty. By default, it will take the sources in the 
+# src/ directory, compile them and link them into lib(subdirectory_name).a 
+# in the build directory. This behaviour is entirely configurable,
+# please read the ESP-IDF documents if you need to do this.
+#
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/user_settings.h
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/user_settings.h
@@ -0,0 +1,51 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#define BENCH_EMBEDDED
+#define USE_CERT_BUFFERS_2048
+
+/* TLS 1.3                                 */
+#define WOLFSSL_TLS13
+#define HAVE_TLS_EXTENSIONS
+#define WC_RSA_PSS
+#define HAVE_HKDF
+#define HAVE_FFDHE_2048
+#define HAVE_AEAD
+#define HAVE_SUPPORTED_CURVES
+
+#define SINGLE_THREADED /* or define RTOS  option */
+#define NO_FILESYSTEM
+
+#define HAVE_AESGCM
+#define WOLFSSL_SHA512
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define CURVE25519_SMALL
+#define HAVE_ED25519
+
+/* debug options */
+/* #define DEBUG_WOLFSSL */
+
+/* date/time                               */
+/* if it cannot adjust time in the device, */
+/* enable macro below                      */
+/* #define NO_ASN_TIME */
+/* #define XTIME time */
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h
@@ -0,0 +1,38 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#ifndef _TLS_WIFI_H_
+#define _TLS_WIFI_H_
+
+#include "esp_log.h"
+#include "esp_wifi.h"
+#include "esp_event_loop.h"
+
+#define DEFAULT_PORT                     11111
+
+#define TLS_SMP_CLIENT_TASK_NAME         "tls_client_example"
+#define TLS_SMP_CLIENT_TASK_WORDS        10240
+#define TLS_SMP_CLIENT_TASK_PRIORITY     8
+
+#define TLS_SMP_WIFI_SSID                CONFIG_WIFI_SSID
+#define TLS_SMP_WIFI_PASS                CONFIG_WIFI_PASSWORD
+#define TLS_SMP_TARGET_HOST              CONFIG_TARGET_HOST
+
+#endif
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c
@@ -0,0 +1,146 @@
+/* wifi_connect.c
+ *
+ * Copyright (C) 2006-2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+/*ESP specific */
+#include "freertos/FreeRTOS.h"
+#include "freertos/task.h"
+#include "freertos/event_groups.h"
+#include "wifi_connect.h"
+#include "lwip/sockets.h"
+#include "lwip/netdb.h"
+#include "lwip/apps/sntp.h"
+#include "nvs_flash.h"
+
+const static int CONNECTED_BIT = BIT0;
+static EventGroupHandle_t wifi_event_group;
+/* proto-type */
+extern void tls_smp_client_task();
+static void tls_smp_client_init();
+
+const static char *TAG = "tls_client";
+
+static EventGroupHandle_t wifi_event_group;
+extern void tls_smp_client_task();
+
+static void set_time()
+{
+    /* set dummy wallclock time. */
+    struct timeval utctime;
+    struct timezone tz;
+    struct strftime_buf;
+    time_t now;
+    struct tm timeinfo;
+    char strftime_buf[64];
+
+    utctime.tv_sec = 1542008020; /* dummy time: Mon Nov 12 07:33:40 2018 */
+    utctime.tv_usec = 0;
+    tz.tz_minuteswest = 0;
+    tz.tz_dsttime = 0;
+    
+    settimeofday(&utctime, &tz);
+
+    time(&now);
+    localtime_r(&now, &timeinfo);
+
+    strftime(strftime_buf, sizeof(strftime_buf), "%c", &timeinfo);
+    ESP_LOGI(TAG, "The current date/time is: %s", strftime_buf);
+
+    /* wait until wifi connect */
+    xEventGroupWaitBits(wifi_event_group, CONNECTED_BIT,
+                                            false, true, portMAX_DELAY);
+    /* now we start client tasks. */
+    tls_smp_client_init();
+}
+
+/* create task */
+static void tls_smp_client_init(void)
+{
+    int ret;
+    xTaskHandle _handle;
+    /* http://esp32.info/docs/esp_idf/html/dd/d3c/group__xTaskCreate.html */
+    ret = xTaskCreate(tls_smp_client_task,
+                      TLS_SMP_CLIENT_TASK_NAME,
+                      TLS_SMP_CLIENT_TASK_WORDS,
+                      NULL,
+                      TLS_SMP_CLIENT_TASK_PRIORITY,
+                      &_handle);
+
+    if (ret != pdPASS) {
+        ESP_LOGI(TAG, "create thread %s failed", TLS_SMP_CLIENT_TASK_NAME);
+    }
+}
+/* event hander for wifi events */
+static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
+{
+    switch (event->event_id)
+    {
+    case SYSTEM_EVENT_STA_START:
+        esp_wifi_connect();
+        break;
+    case SYSTEM_EVENT_STA_GOT_IP:
+        ESP_LOGI(TAG, "got ip:%s",
+                 ip4addr_ntoa(&event->event_info.got_ip.ip_info.ip));
+        /* http://esp32.info/docs/esp_idf/html/dd/d08/group__xEventGroupSetBits.html */
+        xEventGroupSetBits(wifi_event_group, CONNECTED_BIT);
+        break;
+    case SYSTEM_EVENT_STA_DISCONNECTED:
+        esp_wifi_connect();
+        xEventGroupClearBits(wifi_event_group, CONNECTED_BIT);
+        break;
+    default:
+        break;
+    }
+    return ESP_OK;
+}
+/* entry point */
+void app_main(void)
+{
+    ESP_LOGI(TAG, "Start app_main...");
+    ESP_ERROR_CHECK(nvs_flash_init());
+
+    ESP_LOGI(TAG, "Initialize wifi");
+    /* TCP/IP adapter initialization */
+    tcpip_adapter_init();
+
+    /* */
+    wifi_event_group = xEventGroupCreate();
+    ESP_ERROR_CHECK(esp_event_loop_init(wifi_event_handler, NULL));
+    wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
+    ESP_ERROR_CHECK(esp_wifi_init(&cfg));
+
+    wifi_config_t wifi_config = {
+        .sta = {
+            .ssid = TLS_SMP_WIFI_SSID,
+            .password = TLS_SMP_WIFI_PASS,
+        },
+    };
+    /* WiFi station mode */
+    ESP_ERROR_CHECK(esp_wifi_set_mode(WIFI_MODE_STA) );
+    /* Wifi Set the configuration of the ESP32 STA or AP */ 
+    ESP_ERROR_CHECK(esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) );
+    /* Start Wifi */
+    ESP_ERROR_CHECK(esp_wifi_start() );
+
+    ESP_LOGI(TAG, "wifi_init_sta finished.");
+    ESP_LOGI(TAG, "connect to ap SSID:%s password:%s",
+                                        TLS_SMP_WIFI_SSID, TLS_SMP_WIFI_PASS);
+    ESP_LOGI(TAG, "Set dummy time...");
+    set_time();
+}
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/CMakeLists.txt
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/CMakeLists.txt
@@ -0,0 +1,7 @@
+# The following lines of boilerplate have to be in your project's
+# CMakeLists in this exact order for cmake to work correctly
+cmake_minimum_required(VERSION 3.5)
+
+
+include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+project(tls_server)
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/Makefile
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/Makefile
@@ -0,0 +1,11 @@
+#
+# This is a project Makefile. It is assumed the directory this Makefile resides in is a
+# project subdirectory.
+#
+
+PROJECT_NAME := tls_server
+
+CFLAGS += -DWOLFSSL_USER_SETTINGS
+
+include $(IDF_PATH)/make/project.mk
+
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md
@@ -0,0 +1,19 @@
+#wolfSSL Example
+
+The Example contains a wolfSSL simple server.
+
+1. "make menuconfigure" to configure the project
+  1-1. Example Configuration ->
+       WIFI SSID : your own WIFI, which is connected to the Internet.(default is "myssid")
+       WIFI Password : WIFI password, and default is "mypassword"
+
+When you want to test the wolfSSL simple server demo
+1. "make flash" to compile the code and load the firmware
+2. "make monitor" to see the context. The assigned IP address can be found in output message. 
+3. Once the server connects to the wifi, it is waiting for client request.
+   ("Waiting for a connection..." message will be displayed.)
+4. You can use <wolfssl>/examples/client to test the server
+   e.g ./example/client/client -h xx.xx.xx
+
+See the README.md file in the upper level 'examples' directory for more information about examples.
+
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/Kconfig.projbuild
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/Kconfig.projbuild
@@ -0,0 +1,15 @@
+menu "Example Configuration"
+
+config WIFI_SSID
+    string "WiFi SSID"
+    default "myssid"
+    help
+        SSID (network name) for the example to connect to.
+
+config WIFI_PASSWORD
+    string "WiFi Password"
+    default "mypassword"
+    help
+        WiFi password (WPA or WPA2) for the example to use.
+
+endmenu
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/component.mk
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/component.mk
@@ -0,0 +1,3 @@
+#
+# Main Makefile. This is basically the same as a component makefile.
+#
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/user_settings.h
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/user_settings.h
@@ -0,0 +1,51 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#define BENCH_EMBEDDED
+#define USE_CERT_BUFFERS_2048
+
+/* TLS 1.3                                 */
+#define WOLFSSL_TLS13
+#define HAVE_TLS_EXTENSIONS
+#define WC_RSA_PSS
+#define HAVE_HKDF
+#define HAVE_FFDHE_2048
+#define HAVE_AEAD
+#define HAVE_SUPPORTED_CURVES
+
+#define SINGLE_THREADED /* or define RTOS  option */
+#define NO_FILESYSTEM
+
+#define HAVE_AESGCM
+#define WOLFSSL_SHA512
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define CURVE25519_SMALL
+#define HAVE_ED25519
+
+/* debug options */
+/* #define DEBUG_WOLFSSL */
+
+/* date/time                               */
+/* if it cannot adjust time in the device, */
+/* enable macro below                      */
+/* #define NO_ASN_TIME */
+/* #define XTIME time */
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h
@@ -0,0 +1,37 @@
+/* wifi_connect.h 
+ *
+ * Copyright (C) 2006-2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#ifndef _TLS_WIFI_H_
+#define _TLS_WIFI_H_
+
+#include "esp_log.h"
+#include "esp_wifi.h"
+#include "esp_event_loop.h"
+
+#define DEFAULT_PORT                     11111
+
+#define TLS_SMP_SERVER_TASK_NAME         "tls_sever_example"
+#define TLS_SMP_SERVER_TASK_WORDS        10240
+#define TLS_SMP_SERVER_TASK_PRIORITY     8
+
+#define TLS_SMP_WIFI_SSID                CONFIG_WIFI_SSID
+#define TLS_SMP_WIFI_PASS                CONFIG_WIFI_PASSWORD
+
+#endif
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c
@@ -0,0 +1,170 @@
+/* server-tls-callback.c
+ *
+ * Copyright (C) 2006-2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+/* the usual suspects */
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+
+/* socket includes */
+#include <sys/socket.h>
+#include <arpa/inet.h>
+#include <netinet/in.h>
+#include <unistd.h>
+
+/* wolfSSL */
+#include <wolfssl/options.h>
+#include <wolfssl/ssl.h>
+#include <wolfssl/certs_test.h>
+
+/* ESP specific */
+#include "wifi_connect.h"
+
+#ifdef WOLFSSL_TRACK_MEMORY
+    #include <wolfssl/wolfcrypt/mem_track.h>
+#endif
+
+const char *TAG = "tls_server";
+
+void tls_smp_server_task()
+{
+    int                sockfd;
+    int                connd;
+    struct sockaddr_in servAddr;
+    struct sockaddr_in clientAddr;
+    socklen_t          size = sizeof(clientAddr);
+    char               buff[256];
+    size_t             len;
+    int                shutdown = 0;
+    int                ret;
+
+    /* declare wolfSSL objects */
+    WOLFSSL_CTX* ctx;
+    WOLFSSL*     ssl;
+
+    WOLFSSL_ENTER("tls_smp_server_task");
+
+#ifdef DEBUG_WOLFSSL
+    WOLFSSL_MSG("Debug ON");
+    wolfSSL_Debugging_ON();
+#endif
+    /* Initialize wolfSSL */
+    WOLFSSL_MSG("Start wolfSSL_Init()");
+    wolfSSL_Init();
+
+    /* Create a socket that uses an internet IPv4 address,
+     * Sets the socket to be stream based (TCP),
+     * 0 means choose the default protocol. */
+    WOLFSSL_MSG( "start socket())");
+    if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
+        printf("ERROR: failed to create the socket");
+    }
+
+    /* Create and initialize WOLFSSL_CTX */
+    WOLFSSL_MSG("Create and initialize WOLFSSL_CTX");
+    if ((ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())) == NULL) {
+        printf("ERROR: failed to create WOLFSSL_CTX");
+    }
+    WOLFSSL_MSG("Loading certificate...");
+    /* Load server certificates into WOLFSSL_CTX */
+    if ((ret = wolfSSL_CTX_use_certificate_buffer(ctx, server_cert_der_2048,
+                        sizeof_server_cert_der_2048,
+                        WOLFSSL_FILETYPE_ASN1)) != SSL_SUCCESS) {
+        printf("ERROR: failed to load cert");
+    }
+    WOLFSSL_MSG("Loading key info...");
+    /* Load server key into WOLFSSL_CTX */
+    if((ret=wolfSSL_CTX_use_PrivateKey_buffer(ctx,
+                            server_key_der_2048, sizeof_server_key_der_2048,
+                            WOLFSSL_FILETYPE_ASN1)) != SSL_SUCCESS) {
+        printf("ERROR: failed to load privatekey");
+    }
+
+    /* Initialize the server address struct with zeros */
+    memset(&servAddr, 0, sizeof(servAddr));
+    /* Fill in the server address */
+    servAddr.sin_family      = AF_INET;             /* using IPv4      */
+    servAddr.sin_port        = htons(DEFAULT_PORT); /* on DEFAULT_PORT */
+    servAddr.sin_addr.s_addr = INADDR_ANY;          /* from anywhere   */
+
+    /* Bind the server socket to our port */
+    if (bind(sockfd, (struct sockaddr*)&servAddr, sizeof(servAddr)) == -1) {
+         printf("ERROR: failed to bind");
+    }
+
+    /* Listen for a new connection, allow 5 pending connections */
+    if (listen(sockfd, 5) == -1) {
+         printf("ERROR: failed to listen");
+    }
+    /* Continue to accept clients until shutdown is issued */
+    while (!shutdown) {
+         WOLFSSL_MSG("Waiting for a connection...");
+        /* Accept client connections */
+        if ((connd = accept(sockfd, (struct sockaddr*)&clientAddr, &size))
+            == -1) {
+             printf("ERROR: failed to accept the connection");
+        }
+        /* Create a WOLFSSL object */
+        if ((ssl = wolfSSL_new(ctx)) == NULL) {
+             printf("ERROR: failed to create WOLFSSL object");
+        }
+        /* Attach wolfSSL to the socket */
+        wolfSSL_set_fd(ssl, connd);
+        /* Establish TLS connection */
+        ret = wolfSSL_accept(ssl);
+        if (ret != SSL_SUCCESS) {
+            printf("wolfSSL_accept error %d", wolfSSL_get_error(ssl, ret));
+        }
+        WOLFSSL_MSG("Client connected successfully");
+        /* Read the client data into our buff array */
+        memset(buff, 0, sizeof(buff));
+        if (wolfSSL_read(ssl, buff, sizeof(buff)-1) == -1) {
+            printf("ERROR: failed to read");
+        }
+        /* Print to stdout any data the client sends */
+        WOLFSSL_MSG("Client sends:");
+        WOLFSSL_MSG(buff);
+        /* Check for server shutdown command */
+        if (strncmp(buff, "shutdown", 8) == 0) {
+            WOLFSSL_MSG("Shutdown command issued!");
+            shutdown = 1;
+        }
+        /* Write our reply into buff */
+        memset(buff, 0, sizeof(buff));
+        memcpy(buff, "I hear ya fa shizzle!", sizeof(buff));
+        len = strnlen(buff, sizeof(buff));
+        /* Reply back to the client */
+        if (wolfSSL_write(ssl, buff, len) != len) {
+            printf("ERROR: failed to write");
+        }
+        /* Cleanup after this connection */
+        wolfSSL_free(ssl);      /* Free the wolfSSL object              */
+        close(connd);           /* Close the connection to the client   */
+    }
+    /* Cleanup and return */
+    wolfSSL_CTX_free(ctx);  /* Free the wolfSSL context object          */
+    wolfSSL_Cleanup();      /* Cleanup the wolfSSL environment          */
+    close(sockfd);          /* Close the socket listening for clients   */
+
+    vTaskDelete(NULL);
+
+    return;                 /* Return reporting a success               */
+}
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c
@@ -0,0 +1,143 @@
+/* wifi_connect.c 
+ *
+ * Copyright (C) 2006-2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+/*ESP specific */
+#include "freertos/FreeRTOS.h"
+#include "freertos/task.h"
+#include "freertos/event_groups.h"
+#include "wifi_connect.h"
+#include "lwip/sockets.h"
+#include "lwip/netdb.h"
+#include "lwip/apps/sntp.h"
+#include "nvs_flash.h"
+
+const static int CONNECTED_BIT = BIT0;
+static EventGroupHandle_t wifi_event_group;
+/* prefix for logging */
+const static char *TAG = "tls_server";
+/* proto-type difinition */
+extern void tls_smp_server_task();
+static void tls_smp_server_init();
+
+static void set_time()
+{
+    /* set dummy wallclock time. */
+    struct timeval utctime;
+    struct timezone tz;
+    struct strftime_buf;
+    time_t now;
+    struct tm timeinfo;
+    char strftime_buf[64];
+
+    utctime.tv_sec = 1542008020; /* dummy time: Mon Nov 12 07:33:40 2018 */
+    utctime.tv_usec = 0;
+    tz.tz_minuteswest = 0;
+    tz.tz_dsttime = 0;
+    
+    settimeofday(&utctime, &tz);
+
+    time(&now);
+    localtime_r(&now, &timeinfo);
+
+    strftime(strftime_buf, sizeof(strftime_buf), "%c", &timeinfo);
+    ESP_LOGI(TAG, "The current date/time is: %s", strftime_buf);
+
+    /* wait until wifi connect */
+    xEventGroupWaitBits(wifi_event_group, CONNECTED_BIT,
+                                            false, true, portMAX_DELAY);
+    /* now we start client tasks. */
+    tls_smp_server_init();
+}
+
+/* create task */
+static void tls_smp_server_init(void)
+{
+    int ret;
+    xTaskHandle _handle;
+    /* http://esp32.info/docs/esp_idf/html/dd/d3c/group__xTaskCreate.html */
+    ret = xTaskCreate(tls_smp_server_task,
+                      TLS_SMP_SERVER_TASK_NAME,
+                      TLS_SMP_SERVER_TASK_WORDS,
+                      NULL,
+                      TLS_SMP_SERVER_TASK_PRIORITY,
+                      &_handle);
+
+    if (ret != pdPASS) {
+        ESP_LOGI(TAG, "create thread %s failed", TLS_SMP_SERVER_TASK_NAME);
+    }
+}
+/* event hander for wifi events */
+static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
+{
+    switch (event->event_id)
+    {
+    case SYSTEM_EVENT_STA_START:
+        esp_wifi_connect();
+        break;
+    case SYSTEM_EVENT_STA_GOT_IP:
+        ESP_LOGI(TAG, "got ip:%s",
+                 ip4addr_ntoa(&event->event_info.got_ip.ip_info.ip));
+        /* http://esp32.info/docs/esp_idf/html/dd/d08/group__xEventGroupSetBits.html */
+        xEventGroupSetBits(wifi_event_group, CONNECTED_BIT);
+        break;
+    case SYSTEM_EVENT_STA_DISCONNECTED:
+        esp_wifi_connect();
+        xEventGroupClearBits(wifi_event_group, CONNECTED_BIT);
+        break;
+    default:
+        break;
+    }
+    return ESP_OK;
+}
+/* entry point */
+void app_main(void)
+{
+    ESP_LOGI(TAG, "Start app_main...");
+    ESP_ERROR_CHECK(nvs_flash_init());
+
+    ESP_LOGI(TAG, "Initialize wifi");
+    /* TCP/IP adapter initialization */
+    tcpip_adapter_init();
+
+    /* */
+    wifi_event_group = xEventGroupCreate();
+    ESP_ERROR_CHECK(esp_event_loop_init(wifi_event_handler, NULL));
+    wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
+    ESP_ERROR_CHECK(esp_wifi_init(&cfg));
+
+    wifi_config_t wifi_config = {
+        .sta = {
+            .ssid = TLS_SMP_WIFI_SSID,
+            .password = TLS_SMP_WIFI_PASS,
+        },
+    };
+    /* WiFi station mode */
+    ESP_ERROR_CHECK(esp_wifi_set_mode(WIFI_MODE_STA) );
+    /* Wifi Set the configuration of the ESP32 STA or AP */ 
+    ESP_ERROR_CHECK(esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) );
+    /* Start Wifi */
+    ESP_ERROR_CHECK(esp_wifi_start() );
+
+    ESP_LOGI(TAG, "wifi_init_sta finished.");
+    ESP_LOGI(TAG, "connect to ap SSID:%s password:%s",
+                                        TLS_SMP_WIFI_SSID, TLS_SMP_WIFI_PASS);
+    ESP_LOGI(TAG, "Set Dummy time...");
+    set_time();
+}
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_test/CMakeLists.txt
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_test/CMakeLists.txt
@@ -0,0 +1,6 @@
+# The following five lines of boilerplate have to be in your project's
+# CMakeLists in this exact order for cmake to work correctly
+cmake_minimum_required(VERSION 3.5)
+
+include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+project(wolfssl_test)
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_test/Makefile
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_test/Makefile
@@ -0,0 +1,11 @@
+#
+# This is a project Makefile. It is assumed the directory this Makefile resides in is a
+# project subdirectory.
+#
+
+PROJECT_NAME := wolfssl_test
+
+CFLAGS += -DWOLFSSL_USER_SETTINGS
+
+include $(IDF_PATH)/make/project.mk
+
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_test/README.md
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_test/README.md
@@ -0,0 +1,10 @@
+#wolfSSL Example
+
+The Example contains of wolfSSL test program.
+
+When you want to run the benchmark program
+1. "make menuconfig" to configure the program,first
+1. "make flash" to compile and load the firemware
+2. "make monitor" to see the message
+
+See the README.md file in the upper level 'examples' directory for more information about examples.
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/component.mk
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/component.mk
@@ -0,0 +1,3 @@
+#
+# Main Makefile. This is basically the same as a component makefile.
+#
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/user_settings.h
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/user_settings.h
@@ -0,0 +1,51 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#define BENCH_EMBEDDED
+#define USE_CERT_BUFFERS_2048
+
+/* TLS 1.3                                 */
+#define WOLFSSL_TLS13
+#define HAVE_TLS_EXTENSIONS
+#define WC_RSA_PSS
+#define HAVE_HKDF
+#define HAVE_FFDHE_2048
+#define HAVE_AEAD
+#define HAVE_SUPPORTED_CURVES
+
+#define SINGLE_THREADED /* or define RTOS  option */
+#define NO_FILESYSTEM
+
+#define HAVE_AESGCM
+#define WOLFSSL_SHA512
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define CURVE25519_SMALL
+#define HAVE_ED25519
+
+/* debug options */
+/* #define DEBUG_WOLFSSL */
+
+/* date/time                               */
+/* if it cannot adjust time in the device, */
+/* enable macro below                      */
+/* #define NO_ASN_TIME */
+/* #define XTIME time */
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_test/sdkconfig.defaults
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_test/sdkconfig.defaults
@@ -0,0 +1,2 @@
+CONFIG_MAIN_TASK_STACK_SIZE=5000
+CONFIG_TASK_WDT_CHECK_IDLE_TASK_CPU0=
--- a/IDE/Espressif/ESP-IDF/libs/CMakeLists.txt
+++ b/IDE/Espressif/ESP-IDF/libs/CMakeLists.txt
@@ -0,0 +1,79 @@
+cmake_minimum_required(VERSION 3.5)
+
+set(CMAKE_CURRENT_SOURCE_DIR ".")
+set(WOLFSSL_ROOT ${CMAKE_CURRENT_SOURCE_DIR})
+set(INCLUDE_PATH ${WOLFSSL_ROOT})
+set(COMPONENT_SRCS 
+    "src/keys.c"
+    "src/sniffer.c"
+    "src/tls.c"
+    "src/wolfio.c"
+    "src/crl.c"
+    "src/internal.c"
+    "src/ocsp.c"
+    "src/ssl.c"
+    "src/tls13.c"
+    "wolfcrypt/src/aes.c"
+    "wolfcrypt/src/arc4.c"
+    "wolfcrypt/src/asm.c"
+    "wolfcrypt/src/asn.c"
+    "wolfcrypt/src/blake2b.c"
+    "wolfcrypt/src/camellia.c"
+    "wolfcrypt/src/chacha.c"
+    "wolfcrypt/src/chacha20_poly1305.c"
+    "wolfcrypt/src/cmac.c"
+    "wolfcrypt/src/coding.c"
+    "wolfcrypt/src/compress.c"
+    "wolfcrypt/src/cpuid.c"
+    "wolfcrypt/src/cryptodev.c"
+    "wolfcrypt/src/curve25519.c"
+    "wolfcrypt/src/des3.c"
+    "wolfcrypt/src/dh.c"
+    "wolfcrypt/src/dsa.c"
+    "wolfcrypt/src/ecc.c"
+    "wolfcrypt/src/ecc_fp.c"
+    "wolfcrypt/src/ed25519.c"
+    "wolfcrypt/src/error.c"
+    "wolfcrypt/src/fe_low_mem.c"
+    "wolfcrypt/src/fe_operations.c"
+    "wolfcrypt/src/ge_low_mem.c"
+    "wolfcrypt/src/ge_operations.c"
+    "wolfcrypt/src/hash.c"
+    "wolfcrypt/src/hc128.c"
+    "wolfcrypt/src/hmac.c"
+    "wolfcrypt/src/idea.c"
+    "wolfcrypt/src/integer.c"
+    "wolfcrypt/src/logging.c"
+    "wolfcrypt/src/md2.c"
+    "wolfcrypt/src/md4.c"
+    "wolfcrypt/src/md5.c"
+    "wolfcrypt/src/memory.c"
+    "wolfcrypt/src/pkcs12.c"
+    "wolfcrypt/src/pkcs7.c"
+    "wolfcrypt/src/poly1305.c"
+    "wolfcrypt/src/pwdbased.c"
+    "wolfcrypt/src/rabbit.c"
+    "wolfcrypt/src/random.c"
+    "wolfcrypt/src/ripemd.c"
+    "wolfcrypt/src/rsa.c"
+    "wolfcrypt/src/sha.c"
+    "wolfcrypt/src/sha256.c"
+    "wolfcrypt/src/sha3.c"
+    "wolfcrypt/src/sha512.c"
+    "wolfcrypt/src/signature.c"
+    "wolfcrypt/src/sp_arm32.c"
+    "wolfcrypt/src/sp_arm64.c"
+    "wolfcrypt/src/sp_c32.c"
+    "wolfcrypt/src/sp_c64.c"
+    "wolfcrypt/src/sp_int.c"
+    "wolfcrypt/src/sp_x86_64.c"
+    "wolfcrypt/src/srp.c"
+    "wolfcrypt/src/tfm.c"
+    "wolfcrypt/src/wc_encrypt.c"
+    "wolfcrypt/src/wc_port.c"
+    "wolfcrypt/src/wolfevent.c"
+    "wolfcrypt/src/wolfmath.c"
+)
+set(COMPONENT_REQUIRES lwip)
+set(COMPONENT_ADD_INCLUDEDIRS ../freertos/include/freertos)
+register_component()
--- a/IDE/Espressif/ESP-IDF/libs/component.mk
+++ b/IDE/Espressif/ESP-IDF/libs/component.mk
@@ -0,0 +1,13 @@
+#
+# Component Makefile
+#
+
+COMPONENT_ADD_INCLUDEDIRS := .
+COMPONENT_ADD_INCLUDEDIRS += ../freertos/include/freertos/
+
+COMPONENT_SRCDIRS := src wolfcrypt/src
+
+COMPONENT_OBJEXCLUDE := wolfcrypt/src/aes_asm.o
+COMPONENT_OBJEXCLUDE += wolfcrypt/src/evp.o
+COMPONENT_OBJEXCLUDE += wolfcrypt/src/misc.o
+COMPONENT_OBJEXCLUDE += src/bio.o
--- a/IDE/Espressif/ESP-IDF/setup.sh
+++ b/IDE/Espressif/ESP-IDF/setup.sh
@@ -0,0 +1,106 @@
+#!/bin/bash
+
+# check if IDF_PATH is set
+if [ -z "$IDF_PATH" ]; then
+    echo "Please follows the instruction of ESP-IDF installation and set IDF_PATH."
+    exit 1
+fi
+
+RMDCMD='/bin/rm -rf'
+MKDCMD='/bin/mkdir'
+CPDCMD='/bin/cp'
+
+SCRIPTDIR=`dirname $0`
+SCRIPTDIR=`cd $SCRIPTDIR && pwd -P`
+WOLFSSL_ESPIDFDIR=${SCRIPTDIR}
+WOLFSSL_ESPIDFDIR=`cd $WOLFSSL_ESPIDFDIR && pwd -P`
+BASEDIR=${SCRIPTDIR}/../../../
+BASEDIR=`cd ${BASEDIR} && pwd -P`
+
+# echo $WOLFSSL_ESPIDFDIR
+
+WOLFSSLLIB_TRG_DIR=${IDF_PATH}/components/wolfssl
+WOLFSSLEXP_TRG_DIR=${IDF_PATH}/examples/protocols
+
+if [ ! -d $IDF_PATH ]; then
+    echo "ESP-IDF Development Framework doesn't exist.: $IDF_PATH"
+    exit 1
+fi
+
+# Copy files into ESP-IDF development framework
+pushd $IDF_PATH > /dev/null
+
+echo "Copy files into $IDF_PATH"
+# Remove/Create directories
+${RMDCMD} ${WOLFSSLLIB_TRG_DIR}/
+${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/
+
+${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/src
+${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/wolfcrypt
+${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/wolfssl
+
+popd > /dev/null             # $WOLFSSL_ESPIDFDIR
+pushd ${BASEDIR} > /dev/null # WOLFSSL TOP DIR
+
+# copying ... files in src/ into $WOLFSSLLIB_TRG_DIR/src
+${CPDCMD} ./src/*.c ${WOLFSSLLIB_TRG_DIR}/src/
+
+${CPDCMD} -r ./wolfcrypt/src/ ${WOLFSSLLIB_TRG_DIR}/wolfcrypt/
+${CPDCMD} -r ./wolfcrypt/test ${WOLFSSLLIB_TRG_DIR}/wolfcrypt/
+${CPDCMD} -r ./wolfcrypt/benchmark ${WOLFSSLLIB_TRG_DIR}/wolfcrypt/
+
+${CPDCMD} -r ./wolfssl/*.h ${WOLFSSLLIB_TRG_DIR}/wolfssl/
+${CPDCMD} -r ./wolfssl/wolfcrypt ${WOLFSSLLIB_TRG_DIR}/wolfssl/
+
+popd > /dev/null # 
+
+${CPDCMD} ./libs/CMakeLists.txt ${WOLFSSLLIB_TRG_DIR}/
+${CPDCMD} ./libs/component.mk ${WOLFSSLLIB_TRG_DIR}/
+
+pushd ${BASEDIR} > /dev/null # WOLFSSL TOP DIR
+
+# Benchmark program
+${RMDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_benchmark/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_benchmark/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_benchmark/main/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_benchmark/main/include
+
+${CPDCMD} -r ./wolfcrypt/benchmark/benchmark.c ${WOLFSSLEXP_TRG_DIR}/wolfssl_benchmark/main/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_benchmark/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_benchmark/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_benchmark/main/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_benchmark/main/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_benchmark/main/include/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_benchmark/main/include/
+
+# Crypt Test program
+${RMDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_test/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_test/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_test/main/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_test/main/include
+
+${CPDCMD} -r ./wolfcrypt/test/test.c ${WOLFSSLEXP_TRG_DIR}/wolfssl_test/main/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_test/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_test/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_test/main/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_test/main/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_test/main/include/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_test/main/include/
+
+# TLS Client program
+${RMDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_client/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_client/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_client/main/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_client/main/include
+
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_client/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_client/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_client/main/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_client/main/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_client/main/include/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_client/main/include/
+
+# TLS Server program
+${RMDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_server/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_server/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_server/main/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_server/main/include
+
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_server/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_server/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_server/main/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_server/main/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_server/main/include/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_server/main/include/
+
+popd > /dev/null # 
+
+exit 1
--- a/IDE/GCC-ARM/Header/user_settings.h
+++ b/IDE/GCC-ARM/Header/user_settings.h
@@ -48,9 +48,6 @@ extern "C" {
 /* ------------------------------------------------------------------------- */
 /* Math Configuration */
 /* ------------------------------------------------------------------------- */
-#undef  USE_FAST_MATH
-#define USE_FAST_MATH
-
 #undef  SIZEOF_LONG_LONG
 #define SIZEOF_LONG_LONG 8

--- a/IDE/GCC-ARM/README.md
+++ b/IDE/GCC-ARM/README.md
@@ -81,7 +81,7 @@ $ make
 $ make install
 ```

-If you are building for a 32-bit architecture, add `-DTIME_T_NOT_LONG` to the
+If you are building for a 32-bit architecture, add `-DTIME_T_NOT_64BIT` to the
 list of CFLAGS.

 ## Example Build Output
--- a/IDE/IAR-EWARM/Projects/user_settings.h
+++ b/IDE/IAR-EWARM/Projects/user_settings.h
@@ -10,6 +10,7 @@
 #define NO_WOLFSSL_DIR 
 #define WOLFSSL_NO_CURRDIR
 #define NO_WOLF_C99
+#define NO_MULTIBYTE_PRINT

 #define XVALIDATEDATE(d, f,t) (0)
 #define WOLFSSL_USER_CURRTIME /* for benchmark */
--- a/IDE/MDK5-ARM/Conf/user_settings.h
+++ b/IDE/MDK5-ARM/Conf/user_settings.h
@@ -35,6 +35,7 @@
 #define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
 #define WOLFSSL_GMTIME

+#define NO_MULTIBYTE_PRINT
 // <<< Use Configuration Wizard in Context Menu >>>


--- a/IDE/MDK5-ARM/Projects/CryptBenchmark/RTE/wolfSSL/user_settings.h
+++ b/IDE/MDK5-ARM/Projects/CryptBenchmark/RTE/wolfSSL/user_settings.h
@@ -34,10 +34,10 @@
 #define WOLFSSL_USER_CURRTIME /* for benchmark */
 #define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
 #define WOLFSSL_GMTIME
+#define NO_MULTIBYTE_PRINT

 // <<< Use Configuration Wizard in Context Menu >>>

-
 //  <h>Common options
 //        <o> MPU<0=>Undefined<1=>STM32F2xx<2=>STM32F4xx<3=>STM32F7xx
 #define MDK_CONF_MPU 3
--- a/IDE/MDK5-ARM/Projects/CryptTest/RTE/wolfSSL/user_settings.h
+++ b/IDE/MDK5-ARM/Projects/CryptTest/RTE/wolfSSL/user_settings.h
@@ -34,6 +34,7 @@
 #define WOLFSSL_USER_CURRTIME /* for benchmark */
 #define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
 #define WOLFSSL_GMTIME
+#define NO_MULTIBYTE_PRINT

 // <<< Use Configuration Wizard in Context Menu >>>

--- a/IDE/Renesas/cs+/Projects/README
+++ b/IDE/Renesas/cs+/Projects/README
@@ -4,10 +4,12 @@ wolfssl_lib:
  Build wolfssl_lib.lib

 test:
-  Get missing files 
-  - create DUMMY project
-  - copy all files under DUMMY project except DUMMY.*
-  - uncomment "Use SIM I/O" lines in resetprg.c
-  - set heap size in sbrk.h
-  - set stack size in stacksct.h
-  Build test wolfCrypt
+  - For getting BSP files, create "bsp" folder under "Projects".
+  - Create "DUMMY" project under "bsp" with your MPU name property
+  - close "DUMMY" project, and open "test" project
+  - change MPU name property of the project
+  - uncomment "Use SIM I/O" lines in "bsp/resetprg.c"
+  - set heap size in "bsp/sbrk.h"
+  - set stack size in "bsp/stacksct.h"
+  Build "test" wolfCrypt
+
--- a/IDE/Renesas/cs+/Projects/common/user_settings.h
+++ b/IDE/Renesas/cs+/Projects/common/user_settings.h
@@ -22,27 +22,35 @@
 #define NO_MAIN_DRIVER
 #define BENCH_EMBEDDED
 #define NO_WRITEV
-#define WOLFSSL_USER_IO
 #define NO_DEV_RANDOM
 #define USE_CERT_BUFFERS_2048
-#define WOLFSSL_USER_CURRTIME
 #define SIZEOF_LONG_LONG 8
 #define NO_WOLFSSL_DIR 
 #define WOLFSSL_NO_CURRDIR
-#define NO_FILESYSTEM
 #define WOLFSSL_LOG_PRINTF
-
-/* #define DEBUG_WOLFSSL */
-
-#define OPENSSL_EXTRA
-
+#define NO_WOLFSSL_STUB
+#define NO_DYNAMIC_ARRAY       /* for compilers not allowed dynamic size array */ 
 #define WOLFSSL_SMALL_STACK
 #define WOLFSSL_DH_CONST
+
+#define TFM_TIMING_RESISTANT
+#define ECC_TIMING_RESISTANT
+#define WC_RSA_BLINDING
+
 #define HAVE_TLS_EXTENSIONS
 #define HAVE_SUPPORTED_CURVES

+#define WOLFSSL_USER_IO
+
+//#define WOLFSSL_USER_KEYFILES /* To be defined key and cert files in user_settings.h  */
+//#define WOLFSSL_NO_ABORT      /* No abort during the test except exception occured */
+//#define DEBUG_WOLFSSL
+
+#define OPENSSL_EXTRA
+
 #define USER_TIME
 #define XTIME time
+#define HAVE_TIME_T_TYPE
 #define USE_WOLF_SUSECONDS_T
 #define USE_WOLF_TIMEVAL_T

@@ -50,19 +58,39 @@

 #define WOLFSSL_GENSEED_FORTEST /* Wardning: define your own seed gen */

-#define TFM_TIMING_RESISTANT
-#define ECC_TIMING_RESISTANT
-#define WC_RSA_BLINDING
-
 #define SINGLE_THREADED  /* or define RTOS  option */
-/* #define WOLFSSL_CMSIS_RTOS */
+/*#define WOLFSSL_CMSIS_RTOS */

 /* #define NO_DH */
+#define NO_RC4
 #define HAVE_AESGCM
 #define WOLFSSL_SHA512
+#define WOLFSSL_SHA384
 #define HAVE_ECC
 #define HAVE_CURVE25519
 #define CURVE25519_SMALL
 #define HAVE_ED25519
+#define NO_OLD_SHA256_NAMES
+#define HAVE_CRL
+#define HAVE_OCSP
+#define HAVE_CERTIFICATE_STATUS_REQUEST
+
+//#define WOLFSSL_KEY_GEN
+#define SHOW_GEN
+
+#define WOLFSSL_KEEP_STORE_CERTS
+#define WOLFSSL_CIPHER_INTERNALNAME
+
+#define WOLFSSL_GETENV_RANDFILE  "ABCDEFG"
+#define WOLFSSL_GETENV_HOME "home"
+
+#define CloseSocket(s) {}
+#define StartTCP()
+
+#define NO_FILESYSTEM
+#define XFILE FILE*
+#define XBADFILE NULL
+//#define WOLFSSL_USER_KEYFILES   /* Substitute key and cert files in test.h with user definitions */
+
+int strncasecmp(const char *s1, const char *s2, unsigned int sz);

-/* #define NO_WOLFSSL_STUB */
--- a/IDE/Renesas/cs+/Projects/common/wolfssl_dummy.c
+++ b/IDE/Renesas/cs+/Projects/common/wolfssl_dummy.c
@@ -19,7 +19,16 @@
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
 */

-typedef unsigned long time_t;
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#include <wolfssl/ssl.h>
+#include <wolfssl/wolfcrypt/types.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <stdio.h>

 #define YEAR 2018
 #define MON  5
@@ -34,8 +43,20 @@ time_t time(time_t *t)
 #include <ctype.h>
 int strncasecmp(const char *s1, const char * s2, unsigned int sz)
 {
-    for( ; sz>0; sz--)
-        if(toupper(s1++) != toupper(s2++))
-	    return 1;
-    return 0;
+    for( ; sz>0; sz--, s1++, s2++){
+            if(toupper(*s1) < toupper(*s2)){
+            return -1;
+        }
+        if(toupper(*s1) > toupper(*s2)){
+            return 1;
+        }
+    }
+    return 0;	
 }
+    
+void abort(void) 
+{
+    while(1);
+}
+
+
--- a/IDE/Renesas/cs+/Projects/include.am
+++ b/IDE/Renesas/cs+/Projects/include.am
@@ -10,3 +10,10 @@ EXTRA_DIST+= IDE/Renesas/cs+/Projects/common/wolfssl_dummy.c
 EXTRA_DIST+= IDE/Renesas/cs+/Projects/common/strings.h
 EXTRA_DIST+= IDE/Renesas/cs+/Projects/common/unistd.h
 EXTRA_DIST+= IDE/Renesas/cs+/Projects/common/user_settings.h
+EXTRA_DIST+= IDE/Renesas/cs+/Projects/t4_demo/README_en.txt
+EXTRA_DIST+= IDE/Renesas/cs+/Projects/t4_demo/README_jp.txt
+EXTRA_DIST+= IDE/Renesas/cs+/Projects/t4_demo/wolf_client.c
+EXTRA_DIST+= IDE/Renesas/cs+/Projects/t4_demo/wolf_server.c
+EXTRA_DIST+= IDE/Renesas/cs+/Projects/t4_demo/wolf_main.c
+EXTRA_DIST+= IDE/Renesas/cs+/Projects/t4_demo/wolf_demo.h
+
--- a/IDE/Renesas/cs+/Projects/t4_demo/README_en.txt
+++ b/IDE/Renesas/cs+/Projects/t4_demo/README_en.txt
@@ -0,0 +1,83 @@
+wolfSSL/AlphaProject Boad demo setup Guide
+
+This demo is tested with Renesas CS+ v6.01<EFBFBD>AAP-RX71M-0A, wolfSSL 3.15.3.
+
+Setup process:
+1. Download software
+  - Unzip AlphaProject firmware
+  - Unzip wolfssl under the same directory
+ 
+2. Set up wolfSSL
+  - open wolfssl\IDE\Renesas\cs+\Projec/wolfssl\lib.mtpj with CS+ and build
+  - open t4_demo.mtpj and build. This create demo program library.
+
+3. Set up AlphaProject
+  - The demo uses ap_rx71m_0a_sample_cs\Sample\ap_rx71m_0a_ether_sample_cs\
+        ap_rx71m_0a_ether_sample_cs.mtpj
+  - Open and edit ap_rx71m_0a_sample_cs\Sample\ap_rx71m_0a_ether_sample_cs\src\AP_RX71M_0A.c
+    insert  wolfSSL_init() in echo_srv_init().
+
+===
+	sci_init();
+	can_init();
+	echo_srv_init();
+	wolfSSL_init(); <- insert this line
+===
+
+  - Modify stack and heap size in ap_rx71m_0a_sample_cs\Sample\ap_rx71m_0a_ether_sample_cs\src\r_config
+  Line 120#pragma stacksize su=0x2000
+  Line 139 #define BSP_CFG_HEAP_BYTES  (0xa000)
+
+<EFBFBD>@- Modify IP address ib Sample\ap_rx71m_0a_ether_sample_cs\src\r_t4_rx\src\config_tcpudp.c
+<EFBFBD>@as needed
+<EFBFBD>@
+===
+#define MY_IP_ADDR0     192,168,1,200           /* Local IP address  */
+#define GATEWAY_ADDR0   192,168,1,254           /* Gateway address (invalid if all 0s) */
+#define SUBNET_MASK0    255,255,255,0
+===
+
+    - Add project properties of linking library in ap_rx71m_0a_ether_sample_cs.mtpj
+    
+wolfssl\IDE\Renesas\cs+\Projects\wolfssl_lib\DefaultBuild\wolfssl_lib.lib
+wolfssl\IDE\Renesas\cs+\Projects\t4_demo\DefaultBuild\t4_demo.lib
+
+   - Build the project and start execut. You see message on the console prompting command.
+   
+===
+wolfSSL Demo
+t: test, b: benchmark, s: server, or c <IP addr> <Port>: client
+$
+===
+
+Command can be executed only once. You need to reset and restart MPU for following command.
+
+Command instruction:
+t: Crypt algorithm test
+b: benchmark
+s: simple server acceptint at port 50000
+c: simple client. Specify IP address and port as following.
+   c <IP Addr> <Port Num>
+   
+
+4. Testing TLS Connection
+   You can use wolfssl/examples/server and client on your PC for TLS peer test.
+   
+   
+PC side<64>F
+$ ./examples/server/server -b -d
+
+Board side<64>F
+> c <IP Addr> 11111
+
+Board side<64>F
+> s
+
+PC side<64>F
+$ ./examples/client/client -h <IP Addr> -p 50000
+
+---
+If you have any question, please contact support@wolfssl.com.
+
+wolfSSL Inc.
+
--- a/IDE/Renesas/cs+/Projects/t4_demo/README_jp.txt
+++ b/IDE/Renesas/cs+/Projects/t4_demo/README_jp.txt
@@ -0,0 +1,115 @@
+wolfSSL/AlphaProjectボードデモ　セットアップガイド
+
+このデモはRenesas CS+ v6.01、AP-RX71M-0A, wolfSSL 3.15.3 でテストしています。
+
+セットアップ手順：
+
+１．ソフトウェアの入手
+　- APボード付属のソフトウェア一式を適当なフォルダー下に解凍します。
+　- 同じフォルダー下にwolfssl一式を解凍します。
+
+２．wolfSSLのセットアップ
+　- CS+にてwolfssl\IDE\Renesas\cs+\Project下のwolfssl\lib.mtpjを開き
+　　wolfSSLライブラリーのビルドをします。
+　- 同じフォルダの下のt4_demo.mtpjを開き、デモプログラムのビルドをします。
+　このプログラムもライブラリー形式でビルドされます。
+　
+３．AlphaProject側のセットアップ
+　デモはap_rx71m_0a_sample_cs\Sample\ap_rx71m_0a_ether_sample_csフォルダ下の
+　ap_rx71m_0a_ether_sample_cs.mtpjプロジェクトを利用します。
+　
+　- ap_rx71m_0a_sample_cs\Sample\ap_rx71m_0a_ether_sample_cs\srcフォルダ下の
+　AP_RX71M_0A.cファイルを開き、
+　９７行目のecho_srv_init()の下にwolfSSL_init()を挿入します。
+
+===
+	sci_init();
+	can_init();
+	echo_srv_init();
+	wolfSSL_init(); <- この行を挿入
+===
+
+　- ap_rx71m_0a_sample_cs\Sample\ap_rx71m_0a_ether_sample_cs\src\r_configファイル
+　を開き、スタックサイズとヒープサイズを以下のように設定します。
+　
+　120行目 #pragma stacksize su=0x2000
+　139行目 #define BSP_CFG_HEAP_BYTES  (0xa000)
+
+　- IPアドレスのデフォルト値は以下のようになっています。
+　必要があれば、Sample\ap_rx71m_0a_ether_sample_cs\src\r_t4_rx\src\config_tcpudp.c
+　内の139行目からの定義を変更します。
+　
+===
+#define MY_IP_ADDR0     192,168,1,200           /* Local IP address  */
+#define GATEWAY_ADDR0   192,168,1,254           /* Gateway address (invalid if all 0s) */
+#define SUBNET_MASK0    255,255,255,0           /* Subnet mask  */
+===
+
+　- CS+でap_rx71m_0a_ether_sample_cs.mtpjプロジェクトを開き、wolfSSLとデモライブラリを
+　登録します。CC-RX(ビルドツール)->リンク・オプションタブ->使用する以下の二つのファイル
+　を登録します。
+　wolfssl\IDE\Renesas\cs+\Projects\wolfssl_lib\DefaultBuild\wolfssl_lib.lib
+　wolfssl\IDE\Renesas\cs+\Projects\t4_demo\DefaultBuild\t4_demo.lib
+
+　- プロジェクトのビルド、ターゲットへのダウンロードをしたのち、表示->デバッグ・コンソール
+　からコンソールを表示させます。実行を開始するとコンソールに以下の表示が出力されます。
+　
+===
+　wolfSSL Demo
+t: test, b: benchmark, s: server, or c <IP addr> <Port>: client
+$
+===
+
+tコマンド：各暗号化アルゴリズムの簡単なテストを実行します。所要のアルゴリズムが
+　組み込まれているか確認することができます。組み込むアルゴリズムはビルドオプション
+　で変更することができます。詳しくはユーザマニュアルを参照してください。
+bコマンド：各暗号アルゴリズムごとの簡単なベンチマークを実行します。
+sコマンド：簡単なTLSサーバを起動します。起動するとビルド時のIPアドレス、
+　ポート50000にてTLS接続を待ちます。
+cコマンド：簡単なTLSクライアントを起動します。起動すると第一アーギュメントで指定された
+　IPアドレス、第二アーギュメントで指定されたポートに対してTLS接続します。
+
+いずれのコマンドも１回のみ実行します。繰り返し実行したい場合は、MPUをリセットして
+再起動します。
+
+４．対向テスト
+　デモのｓ、ｃコマンドを使って、他の機器と簡単な対向テストをすることができます。
+　UbuntuなどのGCC, make環境、WindowsのVisual Studioなどで
+　対向テスト用のサーバ、クライアントをビルドすることができます。
+
+　GCC,makeコマンド環境では、ダウンロード解凍したwolfsslのディレクトリ下で以下の
+　コマンドを発行すると、ライブラリ、テスト用のクライアント、サーバなど一式がビルド
+　されます。
+　
+　$ ./configure
+　$ make check
+　
+　その後、以下のような指定でクライアントまたはサーバを起動して、ボード上の
+　デモと対向テストすることができます。
+　
+　PC側：
+　$ ./examples/server/server -b -d
+　ボード側：
+　　> c <IPアドレス> 11111
+
+　ボード側：
+　　> s
+　PC側：　
+　$ ./examples/client/client -h <IPアドレス> -p 50000
+　
+　
+　WindowsのVisual Studioでは、ダウンロード解凍したwolfsslフォルダ下のwolfssl64.sln
+　を開き、ソリューションをビルドします。Debugフォルダ下にビルドされるclient.exeと
+　server.exeを利用します。
+　
+  PC側：
+　Debug> .\server -b -d
+　ボード側：
+　　> c <IPアドレス> 11111
+
+　ボード側：
+　　> s
+　PC側：
+　Debug> .\client  -h <IPアドレス> -p 50000
+
+以上、
--- a/IDE/Renesas/cs+/Projects/t4_demo/wolf_client.c
+++ b/IDE/Renesas/cs+/Projects/t4_demo/wolf_client.c
@@ -0,0 +1,192 @@
+/* wolf_client.c
+ *
+ * Copyright (C) 2006-2017 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "r_t4_itcpip.h"
+
+#include "wolfssl/wolfcrypt/settings.h"
+#include "wolfssl/ssl.h"
+#include "wolfssl/certs_test.h"
+#include "wolf_demo.h"
+
+ER    t4_tcp_callback(ID cepid, FN fncd , VP p_parblk);
+
+static int my_IORecv(WOLFSSL* ssl, char* buff, int sz, void* ctx)
+{
+    int ret;
+    ID  cepid;
+    
+    if(ctx != NULL)cepid = *(ID *)ctx;
+    else return WOLFSSL_CBIO_ERR_GENERAL;
+    
+    ret = tcp_rcv_dat(cepid, buff, sz, TMO_FEVR);
+    if(ret > 0)return ret;
+    else         return WOLFSSL_CBIO_ERR_GENERAL;  
+}
+
+static int my_IOSend(WOLFSSL* ssl, char* buff, int sz, void* ctx)
+{
+    int ret;
+    ID  cepid;
+    
+    if(ctx != NULL)cepid = *(ID *)ctx;
+    else return WOLFSSL_CBIO_ERR_GENERAL;
+    
+    ret = tcp_snd_dat(cepid, buff, sz, TMO_FEVR);
+    if(ret == sz)return ret;
+    else         return WOLFSSL_CBIO_ERR_GENERAL;          
+}
+
+static int getIPaddr(char *arg) 
+{
+    int a1, a2, a3, a4;
+    if(sscanf(arg, "%d.%d.%d.%d", &a1, &a2, &a3, &a4) == 4)
+         return (a1 << 24) | (a2 << 16) | (a3 << 8) | a4;
+    else return 0;
+}
+
+static int getPort(char *arg) 
+{   
+    int port;
+    if(sscanf(arg, "%d", &port) == 1)
+         return port;
+    else return 0;
+}
+
+WOLFSSL_CTX *wolfSSL_TLS_client_init()
+{
+    
+    WOLFSSL_CTX* ctx;
+    #ifndef NO_FILESYSTEM
+        #ifdef USE_ECC_CERT
+        char *cert       = "./certs/ca-ecc-cert.pem";
+        #else
+        char *cert       = "./certs/ca-cert.pem";
+        #endif
+    #else
+        #ifdef USE_ECC_CERT
+        const unsigned char *cert       = ca_ecc_der_256;
+        #define  SIZEOF_CERT sizeof_ca_ecc_der_256
+        #else
+        const unsigned char *cert       = ca_cert_der_2048;
+        #define  SIZEOF_CERT sizeof_ca_cert_der_2048
+        #endif
+    #endif
+    
+    wolfSSL_Init();
+    #ifdef DEBUG_WOLFSSL
+        wolfSSL_Debugging_ON();
+    #endif
+    
+    /* Create and initialize WOLFSSL_CTX */
+    if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method_ex((void *)NULL))) == NULL) {
+        printf("ERROR: failed to create WOLFSSL_CTX\n");
+        return NULL;
+    }
+ 
+    #if !defined(NO_FILESYSTEM)
+    if (wolfSSL_CTX_load_verify_locations(ctx, cert, 0) != SSL_SUCCESS) {
+        printf("ERROR: can't load \"%s\"\n", cert);
+        return NULL;
+    }
+    #else
+    if (wolfSSL_CTX_load_verify_buffer(ctx, cert, SIZEOF_CERT, SSL_FILETYPE_ASN1) != SSL_SUCCESS){
+           printf("ERROR: can't load certificate data\n");
+       return NULL;
+    }
+    #endif
+
+
+    /* Register callbacks */
+    wolfSSL_SetIORecv(ctx, my_IORecv);
+    wolfSSL_SetIOSend(ctx, my_IOSend);
+    return (void *)ctx;
+
+}
+
+
+void wolfSSL_TLS_client(void *v_ctx, func_args *args)
+{
+    ID cepid = 1;
+    ER ercd; 
+    int ret;
+    WOLFSSL_CTX *ctx = (WOLFSSL_CTX *)v_ctx;
+    WOLFSSL *ssl;
+    #define BUFF_SIZE 256
+    static const char sendBuff[]= "Hello Server\n" ;
+    char    rcvBuff[BUFF_SIZE] = {0};
+    static T_IPV4EP my_addr = { 0, 0 };
+    T_IPV4EP dst_addr;
+    
+    if(args->argc >= 2){
+	    if((dst_addr.ipaddr = getIPaddr(args->argv[1])) == 0){
+		printf("ERROR: IP address\n");
+	        return;
+	    }
+	    if((dst_addr.portno = getPort(args->argv[2])) == 0){
+		printf("ERROR: IP address\n");
+	        return;
+	    }
+    }
+    
+    if((ercd = tcp_con_cep(cepid, &my_addr, &dst_addr, TMO_FEVR)) != E_OK) {
+        printf("ERROR TCP Connect: %d\n", ercd);
+        return;
+    }
+
+    if((ssl = wolfSSL_new(ctx)) == NULL) {
+        printf("ERROR wolfSSL_new: %d\n", wolfSSL_get_error(ssl, 0));
+        return;
+    }
+    
+    /* set callback context */
+    wolfSSL_SetIOReadCtx(ssl, (void *)&cepid);
+    wolfSSL_SetIOWriteCtx(ssl, (void *)&cepid);
+
+    if(wolfSSL_connect(ssl) != SSL_SUCCESS) {
+        printf("ERROR SSL connect: %d\n",  wolfSSL_get_error(ssl, 0));
+        return;
+    }
+        
+    if (wolfSSL_write(ssl, sendBuff, strlen(sendBuff)) != strlen(sendBuff)) {
+        printf("ERROR SSL write: %d\n", wolfSSL_get_error(ssl, 0));
+        return;
+    }
+
+    if ((ret=wolfSSL_read(ssl, rcvBuff, BUFF_SIZE)) < 0) {
+        printf("ERROR SSL read: %d\n", wolfSSL_get_error(ssl, 0));
+        return;
+    }
+    
+    rcvBuff[ret] = '\0' ;
+    printf("Recieved: %s\n", rcvBuff);
+
+    /* frees all data before client termination */
+    wolfSSL_free(ssl);
+    wolfSSL_CTX_free(ctx);
+    wolfSSL_Cleanup();
+
+    tcp_sht_cep(cepid);
+    tcp_cls_cep(cepid, TMO_FEVR);
+
+    return;
+}
--- a/IDE/Renesas/cs+/Projects/t4_demo/wolf_demo.h
+++ b/IDE/Renesas/cs+/Projects/t4_demo/wolf_demo.h
@@ -0,0 +1,18 @@
+
+
+typedef struct func_args
+{
+    int argc;
+    char **argv;
+    int return_code;
+} func_args;
+
+void wolfSSL_init(void) ;
+void wolfSSL_main(void) ;
+WOLFSSL_CTX *wolfSSL_TLS_server_init(void);
+WOLFSSL_CTX *wolfSSL_TLS_client_init(void);
+
+void benchmark_test(void *args);
+void wolfcrypt_test(void *args);
+void wolfSSL_TLS_client(void *ctx, func_args *args);
+void wolfSSL_TLS_server(void *ctx, func_args *args);
--- a/IDE/Renesas/cs+/Projects/t4_demo/wolf_main.c
+++ b/IDE/Renesas/cs+/Projects/t4_demo/wolf_main.c
@@ -0,0 +1,125 @@
+/* wolf_main.c
+ *
+ * Copyright (C) 2006-2017 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include "user_settings.h"
+#include "wolfssl/ssl.h"
+#include <stdio.h>
+#include <stdint.h>
+
+#include "wolf_demo.h"
+
+static WOLFSSL_CTX *wolfSSL_sv_ctx;
+static WOLFSSL_CTX *wolfSSL_cl_ctx;
+
+static long tick;
+static void timeTick(void)
+{
+    tick++;
+}
+
+#define FREQ 10000 /* Hz */
+
+double current_time(int reset)
+{
+      if(reset) tick = 0 ;
+      return ((double)tick/FREQ) ;	
+}
+
+#define ARG_SZ 256
+static char argBuff[ARG_SZ];
+static int get_arg(func_args *args)
+{
+    int i;
+    char *arg = argBuff;
+    args->argc = 0;
+    
+    for(i=0; i<ARG_SZ; i++) {
+        *arg = getchar();
+        
+	switch(*arg){
+	case '\n':
+	     *arg = '\0';
+	     return args->argc;
+	case ' ':
+	     *arg++ = '\0';
+	     while(*arg++ == ' '); /* Skip space */
+	     args->argv[++args->argc] = arg;
+	     break;
+	default:
+	     arg++;
+	}
+    }
+    return args->argc ;
+}
+
+void wolfSSL_init()
+{
+    uint32_t channel;
+    R_CMT_CreatePeriodic(FREQ, &timeTick, &channel);
+
+    wolfSSL_sv_ctx = wolfSSL_TLS_server_init();
+    wolfSSL_cl_ctx = wolfSSL_TLS_client_init();
+    wolfSSL_main();
+}
+
+void wolfSSL_main()
+{
+    int c;
+    func_args args = {0};
+    
+    printf("wolfSSL Demo\nt: test, b: benchmark, s: server, or c <IP addr> <Port>: client\n$ ");
+    c = getchar();
+    
+    switch(c) {
+    case 't':
+        get_arg(&args);
+        printf("Start wolfCrypt Test\n");
+        wolfcrypt_test(&args);
+        printf("End wolfCrypt Test\n");
+	break;
+	
+    case 'b':
+        get_arg(&args);
+        printf("Start wolfCrypt Benchmark\n");
+        benchmark_test(NULL);
+        printf("End wolfCrypt Benchmark\n");
+	break;
+	
+    case 'c':
+        if(get_arg(&args) < 0)
+            break;
+	printf("Start TLS Client(%s, %s)\n", args.argv[1], args.argv[2]);
+	wolfSSL_TLS_client(wolfSSL_cl_ctx, &args);
+        printf("End TLS Client\n");
+	break;
+	
+    case 's':
+        if(get_arg(&args) < 0)
+            break;
+	printf("Start TLS Server\n");
+	wolfSSL_TLS_server(wolfSSL_sv_ctx, &args);
+        printf("End TLS Server\n");
+	break;
+
+    default:
+    	printf("Command Error\n");
+    }
+}
--- a/IDE/Renesas/cs+/Projects/t4_demo/wolf_server.c
+++ b/IDE/Renesas/cs+/Projects/t4_demo/wolf_server.c
@@ -0,0 +1,173 @@
+/* wolf_server.c
+ *
+ * Copyright (C) 2006-2017 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#include <stdio.h>
+#include <string.h>
+#include "r_t4_itcpip.h"
+
+#include "wolfssl/wolfcrypt/settings.h"
+#include "wolfssl/ssl.h"
+#include "wolfssl/certs_test.h"
+#include "wolf_demo.h"
+
+static int my_IORecv(WOLFSSL* ssl, char* buff, int sz, void* ctx)
+{
+    int ret;
+    ID  cepid;
+    
+    if(ctx != NULL)cepid = *(ID *)ctx;
+    else return WOLFSSL_CBIO_ERR_GENERAL;
+    
+    ret = tcp_rcv_dat(cepid, buff, sz, TMO_FEVR);
+    if(ret == sz)return ret;
+    else         return WOLFSSL_CBIO_ERR_GENERAL;  
+}
+
+static int my_IOSend(WOLFSSL* ssl, char* buff, int sz, void* ctx)
+{
+    int ret;
+    ID  cepid;
+    
+    if(ctx != NULL)cepid = *(ID *)ctx;
+    else return WOLFSSL_CBIO_ERR_GENERAL;
+    
+    ret = tcp_snd_dat(cepid, buff, sz, TMO_FEVR);
+    if(ret == sz)return ret;
+    else         return WOLFSSL_CBIO_ERR_GENERAL;          
+}
+
+
+WOLFSSL_CTX *wolfSSL_TLS_server_init()
+{
+
+	int ret;
+    WOLFSSL_CTX* ctx;
+    
+    #ifndef NO_FILESYSTEM
+        #ifdef USE_ECC_CERT
+        char *cert       = "./certs/server-ecc-cert.pem";
+        char *key        = "./certs/server-ecc-key.pem";
+        #else
+        char *cert       = "./certs/server-cert.pem";
+        char *key        = "./certs/server-key.pem";
+        #endif
+    #else
+        #ifdef USE_ECC_CERT
+        char *cert       = serv_ecc_der_256;
+        int  sizeof_cert = sizeof_serv_ecc_der_256;
+        char *cert       = serv_ecc_key_der_256;
+        int  sizeof_key  = sizeof_serv_ecc_key_der_256;
+        #else
+        const unsigned char *cert       = server_cert_der_2048;
+        #define sizeof_cert sizeof_server_cert_der_2048
+        const unsigned char *key        = server_key_der_2048;
+        #define  sizeof_key sizeof_server_key_der_2048
+        #endif
+    #endif
+     
+
+	wolfSSL_Init();
+        #ifdef DEBUG_WOLFSSL
+	    wolfSSL_Debugging_ON();
+	#endif
+	
+	/* Create and initialize WOLFSSL_CTX */
+	if ((ctx = wolfSSL_CTX_new(wolfSSLv23_server_method_ex((void *)NULL))) == NULL) {	
+		printf("ERROR: failed to create WOLFSSL_CTX\n");
+		return NULL;
+	}
+
+    #if !defined(NO_FILESYSTEM)
+        ret = wolfSSL_CTX_use_certificate_file(ctx, cert, 0);
+    #else
+        ret = wolfSSL_CTX_use_certificate_buffer(ctx, cert, sizeof_cert, SSL_FILETYPE_ASN1);
+    #endif
+        if (ret != SSL_SUCCESS) {
+            printf("Error %d loading server-cert!\n", ret);
+	    return NULL;
+
+        }
+
+        /* Load server key into WOLFSSL_CTX */
+    #if !defined(NO_FILESYSTEM)
+        ret = wolfSSL_CTX_use_PrivateKey_file(ctx, key, 0);
+    #else
+        ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx, key, sizeof_key, SSL_FILETYPE_ASN1);
+    #endif
+        if (ret != SSL_SUCCESS) {
+            printf("Error %d loading server-key!\n", ret);
+	    return NULL;
+        }
+
+	/* Register callbacks */
+	wolfSSL_SetIORecv(ctx, my_IORecv);
+	wolfSSL_SetIOSend(ctx, my_IOSend);
+	return ctx;
+
+}
+
+void wolfSSL_TLS_server(void *v_ctx, func_args *args)
+{
+    ID cepid = 1;
+    ID repid = 1;
+    ER ercd;
+    WOLFSSL_CTX *ctx = (WOLFSSL_CTX *)v_ctx;
+    (void) args;
+    
+    WOLFSSL *ssl;
+    int len;
+    #define BUFF_SIZE 256
+    char buff[BUFF_SIZE];
+    T_IPV4EP dst_addr = {0, 0};
+        
+    if((ercd = tcp_acp_cep(cepid, repid, &dst_addr, TMO_FEVR)) != E_OK) {
+        printf("ERROR TCP Accept: %d\n", ercd);
+        return;
+    }
+
+    if((ssl = wolfSSL_new(ctx)) == NULL) {
+        printf("ERROR: failed wolfSSL_new\n");
+        return;
+    }
+   
+    wolfSSL_SetIOReadCtx(ssl, (void *)&cepid);
+    wolfSSL_SetIOWriteCtx(ssl, (void *)&cepid);
+
+    if (wolfSSL_accept(ssl) < 0) {
+        printf("ERROR: SSL Accept(%d)\n", wolfSSL_get_error(ssl, 0));
+        return;
+    }
+      
+    if ((len = wolfSSL_read(ssl, buff, sizeof(buff) - 1)) < 0) {
+        printf("ERROR: SSL Read(%d)\n", wolfSSL_get_error(ssl, 0));
+        return;
+    }
+        
+    buff[len] = '\0';
+    printf("Recieved: %s\n", buff);
+	
+    if (wolfSSL_write(ssl, buff, len) != len) {
+        printf("ERROR: SSL Wirte(%d)\n", wolfSSL_get_error(ssl, 0));
+        return;
+    }
+    
+    wolfSSL_free(ssl);
+    tcp_sht_cep(cepid);
+}
--- a/IDE/Renesas/cs+/Projects/test/test.mtpj
+++ b/IDE/Renesas/cs+/Projects/test/test.mtpj
@@ -10,31 +10,16 @@
      <Property>fb98844b-2c27-4275-9804-f6e63e204da0</Property>
      <ActiveProjectGuid>22bd583d-ee58-4c8e-8924-5337fd34b2b3</ActiveProjectGuid>
    </Instance>
-    <Instance Guid="8ba268e2-1638-4188-87fc-9165a8cd11e7">
-      <Name>dbsct.c</Name>
-      <Type>File</Type>
-      <RelativePath>dbsct.c</RelativePath>
-      <TreeImageGuid>941832c1-fc3b-4e1b-94e8-01ea17128b42</TreeImageGuid>
+    <Instance Guid="1e626b57-3633-42b2-ba5f-87f5e41d554a">
+      <Name>bsp</Name>
+      <Type>Category</Type>
      <ParentItem>12d9e600-88ab-4da9-95ad-6813d38e0973</ParentItem>
+      <Property>c1430910-c62b-40a9-8083-907feee08a05</Property>
    </Instance>
-    <Instance Guid="924462d3-0861-4baf-b323-c25be1e91380">
-      <Name>intprg.c</Name>
+    <Instance Guid="3935a5fa-59a8-40a4-8f21-f56f418ce3a3">
+      <Name>test.c</Name>
      <Type>File</Type>
-      <RelativePath>intprg.c</RelativePath>
-      <TreeImageGuid>941832c1-fc3b-4e1b-94e8-01ea17128b42</TreeImageGuid>
-      <ParentItem>12d9e600-88ab-4da9-95ad-6813d38e0973</ParentItem>
-    </Instance>
-    <Instance Guid="f665a87e-34c4-40a6-9ce5-f9fffe993cf1">
-      <Name>resetprg.c</Name>
-      <Type>File</Type>
-      <RelativePath>resetprg.c</RelativePath>
-      <TreeImageGuid>941832c1-fc3b-4e1b-94e8-01ea17128b42</TreeImageGuid>
-      <ParentItem>12d9e600-88ab-4da9-95ad-6813d38e0973</ParentItem>
-    </Instance>
-    <Instance Guid="80a4d598-6931-4ad5-bf89-5b184e8bcb07">
-      <Name>sbrk.c</Name>
-      <Type>File</Type>
-      <RelativePath>sbrk.c</RelativePath>
+      <RelativePath>..\..\..\..\..\wolfcrypt\test\test.c</RelativePath>
      <TreeImageGuid>941832c1-fc3b-4e1b-94e8-01ea17128b42</TreeImageGuid>
      <ParentItem>12d9e600-88ab-4da9-95ad-6813d38e0973</ParentItem>
    </Instance>
@@ -45,55 +30,6 @@
      <TreeImageGuid>941832c1-fc3b-4e1b-94e8-01ea17128b42</TreeImageGuid>
      <ParentItem>12d9e600-88ab-4da9-95ad-6813d38e0973</ParentItem>
    </Instance>
-    <Instance Guid="e3f84555-8ea7-4c19-9746-f36c31a8d08d">
-      <Name>vecttbl.c</Name>
-      <Type>File</Type>
-      <RelativePath>vecttbl.c</RelativePath>
-      <TreeImageGuid>941832c1-fc3b-4e1b-94e8-01ea17128b42</TreeImageGuid>
-      <ParentItem>12d9e600-88ab-4da9-95ad-6813d38e0973</ParentItem>
-    </Instance>
-    <Instance Guid="2e2adfb7-575c-4f6a-ba85-9bae985801f8">
-      <Name>iodefine.h</Name>
-      <Type>File</Type>
-      <RelativePath>iodefine.h</RelativePath>
-      <TreeImageGuid>03cad1e8-2eb3-4cde-a8a3-982423631122</TreeImageGuid>
-      <ParentItem>12d9e600-88ab-4da9-95ad-6813d38e0973</ParentItem>
-    </Instance>
-    <Instance Guid="206997d6-3993-4419-b7ea-eb33a744ba9c">
-      <Name>sbrk.h</Name>
-      <Type>File</Type>
-      <RelativePath>sbrk.h</RelativePath>
-      <TreeImageGuid>03cad1e8-2eb3-4cde-a8a3-982423631122</TreeImageGuid>
-      <ParentItem>12d9e600-88ab-4da9-95ad-6813d38e0973</ParentItem>
-    </Instance>
-    <Instance Guid="03b1981e-eea5-433c-b4d4-0546bc9c8cdd">
-      <Name>stacksct.h</Name>
-      <Type>File</Type>
-      <RelativePath>stacksct.h</RelativePath>
-      <TreeImageGuid>03cad1e8-2eb3-4cde-a8a3-982423631122</TreeImageGuid>
-      <ParentItem>12d9e600-88ab-4da9-95ad-6813d38e0973</ParentItem>
-    </Instance>
-    <Instance Guid="bacd2a2e-e3f3-45b5-a04b-63f43c58b79d">
-      <Name>typedefine.h</Name>
-      <Type>File</Type>
-      <RelativePath>typedefine.h</RelativePath>
-      <TreeImageGuid>03cad1e8-2eb3-4cde-a8a3-982423631122</TreeImageGuid>
-      <ParentItem>12d9e600-88ab-4da9-95ad-6813d38e0973</ParentItem>
-    </Instance>
-    <Instance Guid="a5ee4099-25c8-44a7-95d6-2797644437c9">
-      <Name>vect.h</Name>
-      <Type>File</Type>
-      <RelativePath>vect.h</RelativePath>
-      <TreeImageGuid>03cad1e8-2eb3-4cde-a8a3-982423631122</TreeImageGuid>
-      <ParentItem>12d9e600-88ab-4da9-95ad-6813d38e0973</ParentItem>
-    </Instance>
-    <Instance Guid="3935a5fa-59a8-40a4-8f21-f56f418ce3a3">
-      <Name>test.c</Name>
-      <Type>File</Type>
-      <RelativePath>..\..\..\..\..\wolfcrypt\test\test.c</RelativePath>
-      <TreeImageGuid>941832c1-fc3b-4e1b-94e8-01ea17128b42</TreeImageGuid>
-      <ParentItem>12d9e600-88ab-4da9-95ad-6813d38e0973</ParentItem>
-    </Instance>
    <Instance Guid="cc854f0a-653c-4d49-ad45-0df17f62765b">
      <Name>wolfssl_dummy.c</Name>
      <Type>File</Type>
@@ -101,27 +37,6 @@
      <TreeImageGuid>941832c1-fc3b-4e1b-94e8-01ea17128b42</TreeImageGuid>
      <ParentItem>12d9e600-88ab-4da9-95ad-6813d38e0973</ParentItem>
    </Instance>
-    <Instance Guid="edf9134c-ea23-4afe-9dfb-ba54df0f2e45">
-      <Name>lowsrc.c</Name>
-      <Type>File</Type>
-      <RelativePath>lowsrc.c</RelativePath>
-      <TreeImageGuid>941832c1-fc3b-4e1b-94e8-01ea17128b42</TreeImageGuid>
-      <ParentItem>12d9e600-88ab-4da9-95ad-6813d38e0973</ParentItem>
-    </Instance>
-    <Instance Guid="4385a751-e97b-46d6-b9ab-ac55b25b17dc">
-      <Name>lowlvl.src</Name>
-      <Type>File</Type>
-      <RelativePath>lowlvl.src</RelativePath>
-      <TreeImageGuid>f654126d-e7ad-426d-be34-8455271d959b</TreeImageGuid>
-      <ParentItem>12d9e600-88ab-4da9-95ad-6813d38e0973</ParentItem>
-    </Instance>
-    <Instance Guid="f4e309eb-8626-47bb-9bdc-b2ada574f9da">
-      <Name>unistd.h</Name>
-      <Type>File</Type>
-      <RelativePath>..\common\unistd.h</RelativePath>
-      <TreeImageGuid>03cad1e8-2eb3-4cde-a8a3-982423631122</TreeImageGuid>
-      <ParentItem>12d9e600-88ab-4da9-95ad-6813d38e0973</ParentItem>
-    </Instance>
    <Instance Guid="0a937f6c-b35b-4ff1-b2f4-9abc7258bb42">
      <Name>user_settings.h</Name>
      <Type>File</Type>
@@ -129,6 +44,104 @@
      <TreeImageGuid>03cad1e8-2eb3-4cde-a8a3-982423631122</TreeImageGuid>
      <ParentItem>12d9e600-88ab-4da9-95ad-6813d38e0973</ParentItem>
    </Instance>
+    <Instance Guid="ecdc0105-42e8-490b-a5f4-dbef62521ce3">
+      <Name>dbsct.c</Name>
+      <Type>File</Type>
+      <RelativePath>..\bsp\dbsct.c</RelativePath>
+      <TreeImageGuid>941832c1-fc3b-4e1b-94e8-01ea17128b42</TreeImageGuid>
+      <ParentItem>1e626b57-3633-42b2-ba5f-87f5e41d554a</ParentItem>
+    </Instance>
+    <Instance Guid="38d8908f-460f-45be-83f0-771791c86bca">
+      <Name>hwsetup.c</Name>
+      <Type>File</Type>
+      <RelativePath>..\bsp\hwsetup.c</RelativePath>
+      <TreeImageGuid>941832c1-fc3b-4e1b-94e8-01ea17128b42</TreeImageGuid>
+      <ParentItem>1e626b57-3633-42b2-ba5f-87f5e41d554a</ParentItem>
+    </Instance>
+    <Instance Guid="ad43352b-89de-44c3-ab21-f8c3a662dee3">
+      <Name>intprg.c</Name>
+      <Type>File</Type>
+      <RelativePath>..\bsp\intprg.c</RelativePath>
+      <TreeImageGuid>941832c1-fc3b-4e1b-94e8-01ea17128b42</TreeImageGuid>
+      <ParentItem>1e626b57-3633-42b2-ba5f-87f5e41d554a</ParentItem>
+    </Instance>
+    <Instance Guid="cb2f9b7a-3e74-4d3f-b86a-5b03236b2e6e">
+      <Name>iodefine.h</Name>
+      <Type>File</Type>
+      <RelativePath>..\bsp\iodefine.h</RelativePath>
+      <TreeImageGuid>03cad1e8-2eb3-4cde-a8a3-982423631122</TreeImageGuid>
+      <ParentItem>1e626b57-3633-42b2-ba5f-87f5e41d554a</ParentItem>
+    </Instance>
+    <Instance Guid="2e12fadb-ba8f-4ede-a450-c2c2956cf93a">
+      <Name>lowlvl.src</Name>
+      <Type>File</Type>
+      <RelativePath>..\bsp\lowlvl.src</RelativePath>
+      <TreeImageGuid>f654126d-e7ad-426d-be34-8455271d959b</TreeImageGuid>
+      <ParentItem>1e626b57-3633-42b2-ba5f-87f5e41d554a</ParentItem>
+    </Instance>
+    <Instance Guid="28ec7225-91c8-4957-b715-ce2fa298b8d3">
+      <Name>lowsrc.c</Name>
+      <Type>File</Type>
+      <RelativePath>..\bsp\lowsrc.c</RelativePath>
+      <TreeImageGuid>941832c1-fc3b-4e1b-94e8-01ea17128b42</TreeImageGuid>
+      <ParentItem>1e626b57-3633-42b2-ba5f-87f5e41d554a</ParentItem>
+    </Instance>
+    <Instance Guid="49bd22e0-ff27-4cf2-b12b-7dacd3576b91">
+      <Name>lowsrc.h</Name>
+      <Type>File</Type>
+      <RelativePath>..\bsp\lowsrc.h</RelativePath>
+      <TreeImageGuid>03cad1e8-2eb3-4cde-a8a3-982423631122</TreeImageGuid>
+      <ParentItem>1e626b57-3633-42b2-ba5f-87f5e41d554a</ParentItem>
+    </Instance>
+    <Instance Guid="30ea2319-abc7-43b0-b197-234093a1ef8c">
+      <Name>resetprg.c</Name>
+      <Type>File</Type>
+      <RelativePath>..\bsp\resetprg.c</RelativePath>
+      <TreeImageGuid>941832c1-fc3b-4e1b-94e8-01ea17128b42</TreeImageGuid>
+      <ParentItem>1e626b57-3633-42b2-ba5f-87f5e41d554a</ParentItem>
+    </Instance>
+    <Instance Guid="3ce36679-d436-4df9-b7e0-ba69d2319971">
+      <Name>sbrk.c</Name>
+      <Type>File</Type>
+      <RelativePath>..\bsp\sbrk.c</RelativePath>
+      <TreeImageGuid>941832c1-fc3b-4e1b-94e8-01ea17128b42</TreeImageGuid>
+      <ParentItem>1e626b57-3633-42b2-ba5f-87f5e41d554a</ParentItem>
+    </Instance>
+    <Instance Guid="4ad9215c-6d52-4f20-969e-ff09f8f3a53a">
+      <Name>sbrk.h</Name>
+      <Type>File</Type>
+      <RelativePath>..\bsp\sbrk.h</RelativePath>
+      <TreeImageGuid>03cad1e8-2eb3-4cde-a8a3-982423631122</TreeImageGuid>
+      <ParentItem>1e626b57-3633-42b2-ba5f-87f5e41d554a</ParentItem>
+    </Instance>
+    <Instance Guid="f8102b49-fd5c-4e89-a864-d3251faed23b">
+      <Name>stacksct.h</Name>
+      <Type>File</Type>
+      <RelativePath>..\bsp\stacksct.h</RelativePath>
+      <TreeImageGuid>03cad1e8-2eb3-4cde-a8a3-982423631122</TreeImageGuid>
+      <ParentItem>1e626b57-3633-42b2-ba5f-87f5e41d554a</ParentItem>
+    </Instance>
+    <Instance Guid="a51ca6fb-bbd1-4294-b661-d9df34cd3e64">
+      <Name>typedefine.h</Name>
+      <Type>File</Type>
+      <RelativePath>..\bsp\typedefine.h</RelativePath>
+      <TreeImageGuid>03cad1e8-2eb3-4cde-a8a3-982423631122</TreeImageGuid>
+      <ParentItem>1e626b57-3633-42b2-ba5f-87f5e41d554a</ParentItem>
+    </Instance>
+    <Instance Guid="ee36a29e-31b3-4306-b2d0-9fec843308fb">
+      <Name>vect.h</Name>
+      <Type>File</Type>
+      <RelativePath>..\bsp\vect.h</RelativePath>
+      <TreeImageGuid>03cad1e8-2eb3-4cde-a8a3-982423631122</TreeImageGuid>
+      <ParentItem>1e626b57-3633-42b2-ba5f-87f5e41d554a</ParentItem>
+    </Instance>
+    <Instance Guid="49e27495-6de7-42eb-b336-691c7499424b">
+      <Name>vecttbl.c</Name>
+      <Type>File</Type>
+      <RelativePath>..\bsp\vecttbl.c</RelativePath>
+      <TreeImageGuid>941832c1-fc3b-4e1b-94e8-01ea17128b42</TreeImageGuid>
+      <ParentItem>1e626b57-3633-42b2-ba5f-87f5e41d554a</ParentItem>
+    </Instance>
  </Class>
  <Class Guid="fb98844b-2c27-4275-9804-f6e63e204da0">
    <Instance Guid="fb98844b-2c27-4275-9804-f6e63e204da0">
@@ -136,6 +149,11 @@
      <MemoCount>0</MemoCount>
    </Instance>
  </Class>
+  <Class Guid="78a5c5cd-76cb-4bcc-a031-3020011fbc9a">
+    <Instance Guid="c1430910-c62b-40a9-8083-907feee08a05">
+      <MemoCount>0</MemoCount>
+    </Instance>
+  </Class>
  <Class Guid="8fb9c1f6-d351-4d10-8d99-bf5b3015b84c">
    <Instance Guid="00000000-0000-0000-0000-000000000000">
      <UsingPlatformGuid>d249e3b7-1c98-499d-ac0e-829eb0dc07f4</UsingPlatformGuid>
@@ -152,13 +170,13 @@
      <DataFormatVersion>1.0</DataFormatVersion>
    </Instance>
    <Instance Guid="2a81c37a-5015-44c2-9f40-e58b669eec75">
-      <DeviceName>R5F565N9FxLJ</DeviceName>
+      <DeviceName>R5F571MLDxFC</DeviceName>
      <MemoCount>0</MemoCount>
    </Instance>
  </Class>
  <Class Guid="873c9a58-9bc5-439a-b476-78629a4553ed">
    <Instance Guid="873c9a58-9bc5-439a-b476-78629a4553ed">
-      <ProjectDeviceChangedCounter>0</ProjectDeviceChangedCounter>
+      <ProjectDeviceChangedCounter>2</ProjectDeviceChangedCounter>
      <ProjectInitialDeviceName>R5F565N9FxLJ</ProjectInitialDeviceName>
    </Instance>
  </Class>
@@ -174,28 +192,30 @@
      <BuildMode0>RABlAGYAYQB1AGwAdABCAHUAaQBsAGQA</BuildMode0>
      <BatchBuildFlag0>False</BatchBuildFlag0>
      <CurrentBuildMode>DefaultBuild</CurrentBuildMode>
-      <SourceItemGuid0>8ba268e2-1638-4188-87fc-9165a8cd11e7</SourceItemGuid0>
+      <SourceItemGuid0>3935a5fa-59a8-40a4-8f21-f56f418ce3a3</SourceItemGuid0>
      <SourceItemType0>CSource</SourceItemType0>
-      <SourceItemGuid1>924462d3-0861-4baf-b323-c25be1e91380</SourceItemGuid1>
+      <SourceItemGuid1>9ce51d13-dee2-4fe6-b026-5eb59375af30</SourceItemGuid1>
      <SourceItemType1>CSource</SourceItemType1>
-      <SourceItemGuid2>f665a87e-34c4-40a6-9ce5-f9fffe993cf1</SourceItemGuid2>
+      <SourceItemGuid2>cc854f0a-653c-4d49-ad45-0df17f62765b</SourceItemGuid2>
      <SourceItemType2>CSource</SourceItemType2>
-      <SourceItemGuid3>80a4d598-6931-4ad5-bf89-5b184e8bcb07</SourceItemGuid3>
+      <SourceItemGuid3>ecdc0105-42e8-490b-a5f4-dbef62521ce3</SourceItemGuid3>
      <SourceItemType3>CSource</SourceItemType3>
-      <SourceItemGuid4>9ce51d13-dee2-4fe6-b026-5eb59375af30</SourceItemGuid4>
+      <SourceItemGuid4>38d8908f-460f-45be-83f0-771791c86bca</SourceItemGuid4>
      <SourceItemType4>CSource</SourceItemType4>
-      <SourceItemGuid5>e3f84555-8ea7-4c19-9746-f36c31a8d08d</SourceItemGuid5>
+      <SourceItemGuid5>ad43352b-89de-44c3-ab21-f8c3a662dee3</SourceItemGuid5>
      <SourceItemType5>CSource</SourceItemType5>
-      <SourceItemGuid6>3935a5fa-59a8-40a4-8f21-f56f418ce3a3</SourceItemGuid6>
-      <SourceItemType6>CSource</SourceItemType6>
-      <SourceItemGuid7>cc854f0a-653c-4d49-ad45-0df17f62765b</SourceItemGuid7>
+      <SourceItemGuid6>2e12fadb-ba8f-4ede-a450-c2c2956cf93a</SourceItemGuid6>
+      <SourceItemType6>AsmSource</SourceItemType6>
+      <SourceItemGuid7>28ec7225-91c8-4957-b715-ce2fa298b8d3</SourceItemGuid7>
      <SourceItemType7>CSource</SourceItemType7>
-      <SourceItemGuid8>edf9134c-ea23-4afe-9dfb-ba54df0f2e45</SourceItemGuid8>
+      <SourceItemGuid8>30ea2319-abc7-43b0-b197-234093a1ef8c</SourceItemGuid8>
      <SourceItemType8>CSource</SourceItemType8>
-      <SourceItemGuid9>4385a751-e97b-46d6-b9ab-ac55b25b17dc</SourceItemGuid9>
-      <SourceItemType9>AsmSource</SourceItemType9>
-      <SourceItemCount>10</SourceItemCount>
-      <LastDeviceChangedCounter>0</LastDeviceChangedCounter>
+      <SourceItemGuid9>3ce36679-d436-4df9-b7e0-ba69d2319971</SourceItemGuid9>
+      <SourceItemType9>CSource</SourceItemType9>
+      <SourceItemGuid10>49e27495-6de7-42eb-b336-691c7499424b</SourceItemGuid10>
+      <SourceItemType10>CSource</SourceItemType10>
+      <SourceItemCount>11</SourceItemCount>
+      <LastDeviceChangedCounter>2</LastDeviceChangedCounter>
    </Instance>
    <Instance Guid="9e208646-ccba-4100-a676-29b1efe6545f">
      <AsmOptionInclude-DefaultValue />
@@ -278,7 +298,7 @@
      <GeneralOptionPatch-DefaultValue>None</GeneralOptionPatch-DefaultValue>
      <GeneralOptionSaveAcc-DefaultValue>False</GeneralOptionSaveAcc-DefaultValue>
      <IsLockedByUser>False</IsLockedByUser>
-      <TimeTagModified--0>-8586768138329950975</TimeTagModified--0>
+      <TimeTagModified--0>-8586657613297042146</TimeTagModified--0>
      <BuildMode-0>DefaultBuild</BuildMode-0>
      <Memo-0 />
      <OutputMessageFormat-0>%TargetFiles%</OutputMessageFormat-0>
@@ -376,6 +396,7 @@
      <COptionShowExpansions-DefaultValue>False</COptionShowExpansions-DefaultValue>
      <COptionCommandLine-DefaultValue>-isa=rxv2
 -fpu
+-include=..\bsp
 -include=..\common
 -include=..\..\..\..\..
 -include=..\wolfssl_lib
@@ -450,7 +471,7 @@
      <COptionFloatOrder-DefaultValue>False</COptionFloatOrder-DefaultValue>
      <COptionIncode-DefaultValue>Sjis</COptionIncode-DefaultValue>
      <IsLockedByUser>False</IsLockedByUser>
-      <TimeTagModified--0>-8586767489570851217</TimeTagModified--0>
+      <TimeTagModified--0>-8586657641844903702</TimeTagModified--0>
      <COptionLangC-0>C99</COptionLangC-0>
      <COptionListfile-0>False</COptionListfile-0>
      <COptionLogo-0>False</COptionLogo-0>
@@ -469,7 +490,8 @@
      <COptionXcref-0>False</COptionXcref-0>
      <COptionControlFlowIntegrity-0>None</COptionControlFlowIntegrity-0>
      <COptionDebug-0>True</COptionDebug-0>
-      <COptionInclude-0>..\common
+      <COptionInclude-0>..\bsp
+..\common
 ..\..\..\..\..
 ..\wolfssl_lib
 </COptionInclude-0>
@@ -491,6 +513,7 @@
      <COptionShowExpansions-0>False</COptionShowExpansions-0>
      <COptionCommandLine-0>-isa=rxv2
 -fpu
+-include=..\bsp
 -include=..\common
 -include=..\..\..\..\..
 -include=..\wolfssl_lib
@@ -703,7 +726,7 @@ D_2=R_2
 -exit
 </LinkOptionCommandLine-DefaultValue>
      <IsLockedByUser>False</IsLockedByUser>
-      <TimeTagModified--0>-8586768128523424353</TimeTagModified--0>
+      <TimeTagModified--0>-8586657622167475000</TimeTagModified--0>
      <LinkOptionCpu-0>False</LinkOptionCpu-0>
      <LinkOptionForm-0>Absolute</LinkOptionForm-0>
      <LinkOptionFormConvert-0>Stype</LinkOptionFormConvert-0>
@@ -1085,23 +1108,15 @@ D_2=R_2
    </Instance>
    <Instance Guid="8ba268e2-1638-4188-87fc-9165a8cd11e7">
      <LinkOrder-0>0</LinkOrder-0>
-      <ItemAddTime>636604222525456322</ItemAddTime>
-      <ItemAddTimeCount>0</ItemAddTimeCount>
    </Instance>
    <Instance Guid="924462d3-0861-4baf-b323-c25be1e91380">
      <LinkOrder-0>1</LinkOrder-0>
-      <ItemAddTime>636604222525456322</ItemAddTime>
-      <ItemAddTimeCount>1</ItemAddTimeCount>
    </Instance>
    <Instance Guid="f665a87e-34c4-40a6-9ce5-f9fffe993cf1">
      <LinkOrder-0>2</LinkOrder-0>
-      <ItemAddTime>636604222525456322</ItemAddTime>
-      <ItemAddTimeCount>2</ItemAddTimeCount>
    </Instance>
    <Instance Guid="80a4d598-6931-4ad5-bf89-5b184e8bcb07">
      <LinkOrder-0>3</LinkOrder-0>
-      <ItemAddTime>636604222525456322</ItemAddTime>
-      <ItemAddTimeCount>3</ItemAddTimeCount>
    </Instance>
    <Instance Guid="9ce51d13-dee2-4fe6-b026-5eb59375af30">
      <LinkOrder-0>4</LinkOrder-0>
@@ -1110,96 +1125,122 @@ D_2=R_2
    </Instance>
    <Instance Guid="e3f84555-8ea7-4c19-9746-f36c31a8d08d">
      <LinkOrder-0>5</LinkOrder-0>
-      <ItemAddTime>636604222525456322</ItemAddTime>
-      <ItemAddTimeCount>5</ItemAddTimeCount>
-    </Instance>
-    <Instance Guid="2e2adfb7-575c-4f6a-ba85-9bae985801f8">
-      <ItemAddTime>636604222525456322</ItemAddTime>
-      <ItemAddTimeCount>6</ItemAddTimeCount>
-    </Instance>
-    <Instance Guid="206997d6-3993-4419-b7ea-eb33a744ba9c">
-      <ItemAddTime>636604222525456322</ItemAddTime>
-      <ItemAddTimeCount>7</ItemAddTimeCount>
-    </Instance>
-    <Instance Guid="03b1981e-eea5-433c-b4d4-0546bc9c8cdd">
-      <ItemAddTime>636604222525456322</ItemAddTime>
-      <ItemAddTimeCount>8</ItemAddTimeCount>
-    </Instance>
-    <Instance Guid="bacd2a2e-e3f3-45b5-a04b-63f43c58b79d">
-      <ItemAddTime>636604222525456322</ItemAddTime>
-      <ItemAddTimeCount>9</ItemAddTimeCount>
-    </Instance>
-    <Instance Guid="a5ee4099-25c8-44a7-95d6-2797644437c9">
-      <ItemAddTime>636604222525456322</ItemAddTime>
-      <ItemAddTimeCount>10</ItemAddTimeCount>
    </Instance>
    <Instance Guid="3935a5fa-59a8-40a4-8f21-f56f418ce3a3">
      <ItemAddTime>636604222907020637</ItemAddTime>
      <ItemAddTimeCount>0</ItemAddTimeCount>
    </Instance>
-    <Instance Guid="edf9134c-ea23-4afe-9dfb-ba54df0f2e45">
-      <ItemAddTime>636604233142621806</ItemAddTime>
-      <ItemAddTimeCount>0</ItemAddTimeCount>
-    </Instance>
    <Instance Guid="cc854f0a-653c-4d49-ad45-0df17f62765b">
      <ItemAddTime>636604231267559837</ItemAddTime>
      <ItemAddTimeCount>1</ItemAddTimeCount>
    </Instance>
-    <Instance Guid="4385a751-e97b-46d6-b9ab-ac55b25b17dc">
-      <ItemAddTime>636604237551510311</ItemAddTime>
-      <ItemAddTimeCount>0</ItemAddTimeCount>
-    </Instance>
    <Instance Guid="0a937f6c-b35b-4ff1-b2f4-9abc7258bb42">
      <ItemAddTime>636604904407738135</ItemAddTime>
      <ItemAddTimeCount>0</ItemAddTimeCount>
    </Instance>
-    <Instance Guid="f4e309eb-8626-47bb-9bdc-b2ada574f9da">
-      <ItemAddTime>636604337733963935</ItemAddTime>
+    <Instance Guid="ecdc0105-42e8-490b-a5f4-dbef62521ce3">
+      <ItemAddTime>636714747864289133</ItemAddTime>
      <ItemAddTimeCount>0</ItemAddTimeCount>
    </Instance>
+    <Instance Guid="38d8908f-460f-45be-83f0-771791c86bca">
+      <ItemAddTime>636714747864289133</ItemAddTime>
+      <ItemAddTimeCount>1</ItemAddTimeCount>
+    </Instance>
+    <Instance Guid="ad43352b-89de-44c3-ab21-f8c3a662dee3">
+      <ItemAddTime>636714747864289133</ItemAddTime>
+      <ItemAddTimeCount>2</ItemAddTimeCount>
+    </Instance>
+    <Instance Guid="cb2f9b7a-3e74-4d3f-b86a-5b03236b2e6e">
+      <ItemAddTime>636714747864289133</ItemAddTime>
+      <ItemAddTimeCount>3</ItemAddTimeCount>
+    </Instance>
+    <Instance Guid="2e12fadb-ba8f-4ede-a450-c2c2956cf93a">
+      <ItemAddTime>636714747864289133</ItemAddTime>
+      <ItemAddTimeCount>4</ItemAddTimeCount>
+    </Instance>
+    <Instance Guid="28ec7225-91c8-4957-b715-ce2fa298b8d3">
+      <ItemAddTime>636714747864289133</ItemAddTime>
+      <ItemAddTimeCount>5</ItemAddTimeCount>
+    </Instance>
+    <Instance Guid="49bd22e0-ff27-4cf2-b12b-7dacd3576b91">
+      <ItemAddTime>636714747864289133</ItemAddTime>
+      <ItemAddTimeCount>6</ItemAddTimeCount>
+    </Instance>
+    <Instance Guid="30ea2319-abc7-43b0-b197-234093a1ef8c">
+      <ItemAddTime>636714747864289133</ItemAddTime>
+      <ItemAddTimeCount>7</ItemAddTimeCount>
+    </Instance>
+    <Instance Guid="3ce36679-d436-4df9-b7e0-ba69d2319971">
+      <ItemAddTime>636714747864289133</ItemAddTime>
+      <ItemAddTimeCount>8</ItemAddTimeCount>
+    </Instance>
+    <Instance Guid="4ad9215c-6d52-4f20-969e-ff09f8f3a53a">
+      <ItemAddTime>636714747864289133</ItemAddTime>
+      <ItemAddTimeCount>9</ItemAddTimeCount>
+    </Instance>
+    <Instance Guid="f8102b49-fd5c-4e89-a864-d3251faed23b">
+      <ItemAddTime>636714747864289133</ItemAddTime>
+      <ItemAddTimeCount>10</ItemAddTimeCount>
+    </Instance>
+    <Instance Guid="a51ca6fb-bbd1-4294-b661-d9df34cd3e64">
+      <ItemAddTime>636714747864289133</ItemAddTime>
+      <ItemAddTimeCount>11</ItemAddTimeCount>
+    </Instance>
+    <Instance Guid="ee36a29e-31b3-4306-b2d0-9fec843308fb">
+      <ItemAddTime>636714747864289133</ItemAddTime>
+      <ItemAddTimeCount>12</ItemAddTimeCount>
+    </Instance>
+    <Instance Guid="49e27495-6de7-42eb-b336-691c7499424b">
+      <ItemAddTime>636714747864289133</ItemAddTime>
+      <ItemAddTimeCount>13</ItemAddTimeCount>
+    </Instance>
    <Instance Guid="a7be515f-f007-45ed-9059-4e1500c0f74d">
-      <TimeTagModified-SourceItem0--0>-8586768138329319486</TimeTagModified-SourceItem0--0>
+      <TimeTagModified-SourceItem0--0>-8586768137947755171</TimeTagModified-SourceItem0--0>
      <SourceItem0-IsLockedByUser>False</SourceItem0-IsLockedByUser>
      <SourceItem0-BuildingTarget-0>True</SourceItem0-BuildingTarget-0>
      <SourceItem0-IndividualCompileOption-0>False</SourceItem0-IndividualCompileOption-0>
-      <TimeTagModified-SourceItem1--0>-8586768138329319486</TimeTagModified-SourceItem1--0>
+      <TimeTagModified-SourceItem1--0>-8586768137318965490</TimeTagModified-SourceItem1--0>
      <SourceItem1-IsLockedByUser>False</SourceItem1-IsLockedByUser>
      <SourceItem1-BuildingTarget-0>True</SourceItem1-BuildingTarget-0>
      <SourceItem1-IndividualCompileOption-0>False</SourceItem1-IndividualCompileOption-0>
-      <TimeTagModified-SourceItem2--0>-8586768138329319486</TimeTagModified-SourceItem2--0>
+      <TimeTagModified-SourceItem2--0>-8586768129587215971</TimeTagModified-SourceItem2--0>
      <SourceItem2-IsLockedByUser>False</SourceItem2-IsLockedByUser>
      <SourceItem2-BuildingTarget-0>True</SourceItem2-BuildingTarget-0>
      <SourceItem2-IndividualCompileOption-0>False</SourceItem2-IndividualCompileOption-0>
-      <TimeTagModified-SourceItem3--0>-8586768138329319486</TimeTagModified-SourceItem3--0>
+      <TimeTagModified-SourceItem3--0>-8586657612990486675</TimeTagModified-SourceItem3--0>
      <SourceItem3-IsLockedByUser>False</SourceItem3-IsLockedByUser>
      <SourceItem3-BuildingTarget-0>True</SourceItem3-BuildingTarget-0>
      <SourceItem3-IndividualCompileOption-0>False</SourceItem3-IndividualCompileOption-0>
-      <TimeTagModified-SourceItem4--0>-8586768137318965490</TimeTagModified-SourceItem4--0>
+      <TimeTagModified-SourceItem4--0>-8586657612990486675</TimeTagModified-SourceItem4--0>
      <SourceItem4-IsLockedByUser>False</SourceItem4-IsLockedByUser>
      <SourceItem4-BuildingTarget-0>True</SourceItem4-BuildingTarget-0>
      <SourceItem4-IndividualCompileOption-0>False</SourceItem4-IndividualCompileOption-0>
-      <TimeTagModified-SourceItem5--0>-8586768138329319486</TimeTagModified-SourceItem5--0>
+      <TimeTagModified-SourceItem5--0>-8586657612990486675</TimeTagModified-SourceItem5--0>
      <SourceItem5-IsLockedByUser>False</SourceItem5-IsLockedByUser>
      <SourceItem5-BuildingTarget-0>True</SourceItem5-BuildingTarget-0>
      <SourceItem5-IndividualCompileOption-0>False</SourceItem5-IndividualCompileOption-0>
-      <TimeTagModified-SourceItem6--0>-8586768137947755171</TimeTagModified-SourceItem6--0>
-      <SourceItem6-IsLockedByUser>False</SourceItem6-IsLockedByUser>
-      <SourceItem6-BuildingTarget-0>True</SourceItem6-BuildingTarget-0>
-      <SourceItem6-IndividualCompileOption-0>False</SourceItem6-IndividualCompileOption-0>
-      <TimeTagModified-SourceItem7--0>-8586768129587215971</TimeTagModified-SourceItem7--0>
+      <TimeTagModified-SourceItem7--0>-8586657612990486675</TimeTagModified-SourceItem7--0>
      <SourceItem7-IsLockedByUser>False</SourceItem7-IsLockedByUser>
      <SourceItem7-BuildingTarget-0>True</SourceItem7-BuildingTarget-0>
      <SourceItem7-IndividualCompileOption-0>False</SourceItem7-IndividualCompileOption-0>
-      <TimeTagModified-SourceItem8--0>-8586768127712154002</TimeTagModified-SourceItem8--0>
+      <TimeTagModified-SourceItem8--0>-8586657612990486675</TimeTagModified-SourceItem8--0>
      <SourceItem8-IsLockedByUser>False</SourceItem8-IsLockedByUser>
      <SourceItem8-BuildingTarget-0>True</SourceItem8-BuildingTarget-0>
      <SourceItem8-IndividualCompileOption-0>False</SourceItem8-IndividualCompileOption-0>
-    </Instance>
-    <Instance Guid="c20a78d9-8038-46fe-9b87-bc2fa2aa9bdc">
-      <TimeTagModified-SourceItem9--0>-8586768123303255465</TimeTagModified-SourceItem9--0>
+      <TimeTagModified-SourceItem9--0>-8586657612990486675</TimeTagModified-SourceItem9--0>
      <SourceItem9-IsLockedByUser>False</SourceItem9-IsLockedByUser>
      <SourceItem9-BuildingTarget-0>True</SourceItem9-BuildingTarget-0>
-      <SourceItem9-IndividualAssembleOption-0>False</SourceItem9-IndividualAssembleOption-0>
+      <SourceItem9-IndividualCompileOption-0>False</SourceItem9-IndividualCompileOption-0>
+      <TimeTagModified-SourceItem10--0>-8586657612990486675</TimeTagModified-SourceItem10--0>
+      <SourceItem10-IsLockedByUser>False</SourceItem10-IsLockedByUser>
+      <SourceItem10-BuildingTarget-0>True</SourceItem10-BuildingTarget-0>
+      <SourceItem10-IndividualCompileOption-0>False</SourceItem10-IndividualCompileOption-0>
+    </Instance>
+    <Instance Guid="c20a78d9-8038-46fe-9b87-bc2fa2aa9bdc">
+      <TimeTagModified-SourceItem6--0>-8586657612990486675</TimeTagModified-SourceItem6--0>
+      <SourceItem6-IsLockedByUser>False</SourceItem6-IsLockedByUser>
+      <SourceItem6-BuildingTarget-0>True</SourceItem6-BuildingTarget-0>
+      <SourceItem6-IndividualAssembleOption-0>False</SourceItem6-IndividualAssembleOption-0>
    </Instance>
  </Class>
  <Class Guid="44fa27c9-0aa0-4297-bd3b-2c5c5bdb8881">
@@ -1245,10 +1286,10 @@ D_2=R_2
  </Class>
  <Class Guid="e4df8d71-236e-4af2-aaea-56345a08da25">
    <Instance Guid="9e76d4e8-0b8f-4e7c-91b7-a4c442bcf2e7">
-      <DeviceChangedCounter>0</DeviceChangedCounter>
-      <DeviceName>R5F565N9FxLJ</DeviceName>
+      <DeviceChangedCounter>2</DeviceChangedCounter>
+      <DeviceName>R5F571MLDxFC</DeviceName>
      <DebuggerProperty-EssentialProperty-Endian-CpuEndian>Little</DebuggerProperty-EssentialProperty-Endian-CpuEndian>
-      <DebuggerProperty-EssentialProperty-Clock-SystemClockFrequency>120</DebuggerProperty-EssentialProperty-Clock-SystemClockFrequency>
+      <DebuggerProperty-EssentialProperty-Clock-SystemClockFrequency>240</DebuggerProperty-EssentialProperty-Clock-SystemClockFrequency>
      <DebuggerProperty-EssentialProperty-PeripheralFunctionSimulation-RegisterPeripheral-Length>3</DebuggerProperty-EssentialProperty-PeripheralFunctionSimulation-RegisterPeripheral-Length>
      <DebuggerProperty-EssentialProperty-PeripheralFunctionSimulation-RegisterPeripheral-Item0-Name>CMT</DebuggerProperty-EssentialProperty-PeripheralFunctionSimulation-RegisterPeripheral-Item0-Name>
      <DebuggerProperty-EssentialProperty-PeripheralFunctionSimulation-RegisterPeripheral-Item0-IsUse>False</DebuggerProperty-EssentialProperty-PeripheralFunctionSimulation-RegisterPeripheral-Item0-IsUse>
@@ -1283,37 +1324,37 @@ D_2=R_2
      <DebuggerProperty-DownloadProperty-None-DefaultDownloadItemSupported>True</DebuggerProperty-DownloadProperty-None-DefaultDownloadItemSupported>
      <DebuggerProperty-OptionalProperty-Register-UpdateDisplayInExecutionForPC>No</DebuggerProperty-OptionalProperty-Register-UpdateDisplayInExecutionForPC>
      <DebuggerProperty-OptionalProperty-Register-UpdateIntervalForPC>500</DebuggerProperty-OptionalProperty-Register-UpdateIntervalForPC>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-Length>19</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-Length>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-Length>17</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-Length>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem0-MapType>InternalRam</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem0-MapType>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem0-StartAddress>0</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem0-StartAddress>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem0-EndAddress>262143</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem0-EndAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem0-EndAddress>524287</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem0-EndAddress>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem0-ChipSelect>0</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem0-ChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem0-AccessSize>8</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem0-AccessSize>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem0-IsReadOnly>True</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem0-IsReadOnly>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem0-HasChipSelect>False</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem0-HasChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem0-FieldInformation>None</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem0-FieldInformation>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem0-Endian>Little</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem0-Endian>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem1-MapType>NonMap</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem1-MapType>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem1-StartAddress>262144</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem1-StartAddress>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem1-EndAddress>524287</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem1-EndAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem1-MapType>Sfr</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem1-MapType>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem1-StartAddress>524288</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem1-StartAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem1-EndAddress>540671</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem1-EndAddress>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem1-ChipSelect>0</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem1-ChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem1-AccessSize>8</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem1-AccessSize>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem1-IsReadOnly>True</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem1-IsReadOnly>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem1-HasChipSelect>False</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem1-HasChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem1-FieldInformation>None</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem1-FieldInformation>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem1-Endian>Little</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem1-Endian>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem2-MapType>Sfr</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem2-MapType>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem2-StartAddress>524288</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem2-StartAddress>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem2-EndAddress>540671</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem2-EndAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem2-MapType>NonMap</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem2-MapType>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem2-StartAddress>540672</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem2-StartAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem2-EndAddress>548863</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem2-EndAddress>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem2-ChipSelect>0</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem2-ChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem2-AccessSize>8</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem2-AccessSize>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem2-IsReadOnly>True</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem2-IsReadOnly>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem2-HasChipSelect>False</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem2-HasChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem2-FieldInformation>None</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem2-FieldInformation>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem2-Endian>Little</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem2-Endian>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem3-MapType>NonMap</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem3-MapType>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem3-StartAddress>540672</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem3-StartAddress>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem3-EndAddress>548863</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem3-EndAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem3-MapType>Sfr</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem3-MapType>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem3-StartAddress>548864</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem3-StartAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem3-EndAddress>557055</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem3-EndAddress>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem3-ChipSelect>0</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem3-ChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem3-AccessSize>8</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem3-AccessSize>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem3-IsReadOnly>True</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem3-IsReadOnly>
@@ -1321,35 +1362,35 @@ D_2=R_2
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem3-FieldInformation>None</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem3-FieldInformation>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem3-Endian>Little</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem3-Endian>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem4-MapType>Sfr</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem4-MapType>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem4-StartAddress>548864</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem4-StartAddress>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem4-EndAddress>557055</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem4-EndAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem4-StartAddress>557056</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem4-StartAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem4-EndAddress>655359</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem4-EndAddress>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem4-ChipSelect>0</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem4-ChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem4-AccessSize>8</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem4-AccessSize>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem4-IsReadOnly>True</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem4-IsReadOnly>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem4-HasChipSelect>False</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem4-HasChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem4-FieldInformation>None</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem4-FieldInformation>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem4-Endian>Little</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem4-Endian>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem4-Endian>Big</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem4-Endian>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem5-MapType>Sfr</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem5-MapType>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem5-StartAddress>557056</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem5-StartAddress>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem5-EndAddress>655359</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem5-EndAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem5-StartAddress>655360</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem5-StartAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem5-EndAddress>671743</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem5-EndAddress>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem5-ChipSelect>0</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem5-ChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem5-AccessSize>8</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem5-AccessSize>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem5-IsReadOnly>True</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem5-IsReadOnly>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem5-HasChipSelect>False</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem5-HasChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem5-FieldInformation>None</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem5-FieldInformation>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem5-Endian>Big</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem5-Endian>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem6-MapType>Sfr</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem6-MapType>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem6-StartAddress>655360</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem6-StartAddress>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem6-EndAddress>671743</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem6-EndAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem5-Endian>Little</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem5-Endian>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem6-MapType>NonMap</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem6-MapType>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem6-StartAddress>671744</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem6-StartAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem6-EndAddress>679935</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem6-EndAddress>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem6-ChipSelect>0</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem6-ChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem6-AccessSize>8</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem6-AccessSize>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem6-IsReadOnly>True</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem6-IsReadOnly>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem6-HasChipSelect>False</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem6-HasChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem6-FieldInformation>None</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem6-FieldInformation>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem6-Endian>Little</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem6-Endian>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem7-MapType>InternalRam</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem7-MapType>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem7-StartAddress>671744</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem7-StartAddress>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem7-EndAddress>679935</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem7-EndAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem7-MapType>Sfr</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem7-MapType>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem7-StartAddress>679936</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem7-StartAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem7-EndAddress>786431</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem7-EndAddress>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem7-ChipSelect>0</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem7-ChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem7-AccessSize>8</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem7-AccessSize>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem7-IsReadOnly>True</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem7-IsReadOnly>
@@ -1357,26 +1398,26 @@ D_2=R_2
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem7-FieldInformation>None</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem7-FieldInformation>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem7-Endian>Little</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem7-Endian>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem8-MapType>Sfr</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem8-MapType>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem8-StartAddress>679936</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem8-StartAddress>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem8-EndAddress>786431</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem8-EndAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem8-StartAddress>786432</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem8-StartAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem8-EndAddress>917503</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem8-EndAddress>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem8-ChipSelect>0</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem8-ChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem8-AccessSize>8</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem8-AccessSize>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem8-IsReadOnly>True</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem8-IsReadOnly>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem8-HasChipSelect>False</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem8-HasChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem8-FieldInformation>None</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem8-FieldInformation>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem8-Endian>Little</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem8-Endian>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem8-Endian>Big</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem8-Endian>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem9-MapType>Sfr</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem9-MapType>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem9-StartAddress>786432</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem9-StartAddress>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem9-EndAddress>917503</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem9-EndAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem9-StartAddress>917504</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem9-StartAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem9-EndAddress>1048575</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem9-EndAddress>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem9-ChipSelect>0</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem9-ChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem9-AccessSize>8</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem9-AccessSize>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem9-IsReadOnly>True</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem9-IsReadOnly>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem9-HasChipSelect>False</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem9-HasChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem9-FieldInformation>None</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem9-FieldInformation>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem9-Endian>Big</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem9-Endian>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem10-MapType>Sfr</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem10-MapType>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem10-StartAddress>917504</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem10-StartAddress>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem10-EndAddress>1048575</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem10-EndAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem9-Endian>Little</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem9-Endian>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem10-MapType>InternalRom</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem10-MapType>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem10-StartAddress>1048576</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem10-StartAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem10-EndAddress>1114111</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem10-EndAddress>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem10-ChipSelect>0</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem10-ChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem10-AccessSize>8</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem10-AccessSize>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem10-IsReadOnly>True</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem10-IsReadOnly>
@@ -1384,77 +1425,59 @@ D_2=R_2
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem10-FieldInformation>None</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem10-FieldInformation>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem10-Endian>Little</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem10-Endian>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem11-MapType>NonMap</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem11-MapType>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem11-StartAddress>1048576</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem11-StartAddress>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem11-EndAddress>8380415</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem11-EndAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem11-StartAddress>1114112</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem11-StartAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem11-EndAddress>1179711</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem11-EndAddress>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem11-ChipSelect>0</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem11-ChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem11-AccessSize>8</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem11-AccessSize>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem11-IsReadOnly>True</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem11-IsReadOnly>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem11-HasChipSelect>False</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem11-HasChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem11-FieldInformation>None</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem11-FieldInformation>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem11-Endian>Little</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem11-Endian>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-MapType>Sfr</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-MapType>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-StartAddress>8380416</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-StartAddress>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-EndAddress>8388607</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-EndAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-MapType>InternalRam</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-MapType>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-StartAddress>1179712</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-StartAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-EndAddress>1179759</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-EndAddress>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-ChipSelect>0</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-ChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-AccessSize>8</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-AccessSize>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-IsReadOnly>True</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-IsReadOnly>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-HasChipSelect>False</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-HasChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-FieldInformation>None</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-FieldInformation>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-Endian>Big</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-Endian>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-Endian>Little</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem12-Endian>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem13-MapType>NonMap</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem13-MapType>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem13-StartAddress>8388608</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem13-StartAddress>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem13-EndAddress>4269759743</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem13-EndAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem13-StartAddress>1179760</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem13-StartAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem13-EndAddress>8380415</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem13-EndAddress>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem13-ChipSelect>0</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem13-ChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem13-AccessSize>8</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem13-AccessSize>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem13-IsReadOnly>True</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem13-IsReadOnly>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem13-HasChipSelect>False</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem13-HasChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem13-FieldInformation>None</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem13-FieldInformation>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem13-Endian>Little</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem13-Endian>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-MapType>InternalRam</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-MapType>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-StartAddress>4269759744</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-StartAddress>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-EndAddress>4269759871</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-EndAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-MapType>Sfr</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-MapType>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-StartAddress>8380416</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-StartAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-EndAddress>8388607</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-EndAddress>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-ChipSelect>0</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-ChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-AccessSize>8</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-AccessSize>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-IsReadOnly>True</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-IsReadOnly>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-HasChipSelect>False</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-HasChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-FieldInformation>None</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-FieldInformation>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-Endian>Little</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-Endian>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-Endian>Big</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem14-Endian>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem15-MapType>NonMap</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem15-MapType>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem15-StartAddress>4269759872</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem15-StartAddress>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem15-EndAddress>4269768047</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem15-EndAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem15-StartAddress>8388608</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem15-StartAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem15-EndAddress>4290772991</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem15-EndAddress>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem15-ChipSelect>0</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem15-ChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem15-AccessSize>8</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem15-AccessSize>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem15-IsReadOnly>True</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem15-IsReadOnly>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem15-HasChipSelect>False</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem15-HasChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem15-FieldInformation>None</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem15-FieldInformation>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem15-Endian>Little</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem15-Endian>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem16-MapType>InternalRam</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem16-MapType>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem16-StartAddress>4269768048</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem16-StartAddress>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem16-EndAddress>4269768095</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem16-EndAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem16-MapType>InternalRom</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem16-MapType>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem16-StartAddress>4290772992</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem16-StartAddress>
+      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem16-EndAddress>4294967295</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem16-EndAddress>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem16-ChipSelect>0</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem16-ChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem16-AccessSize>8</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem16-AccessSize>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem16-IsReadOnly>True</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem16-IsReadOnly>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem16-HasChipSelect>False</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem16-HasChipSelect>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem16-FieldInformation>None</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem16-FieldInformation>
      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem16-Endian>Little</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem16-Endian>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem17-MapType>NonMap</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem17-MapType>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem17-StartAddress>4269768096</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem17-StartAddress>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem17-EndAddress>4293918719</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem17-EndAddress>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem17-ChipSelect>0</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem17-ChipSelect>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem17-AccessSize>8</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem17-AccessSize>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem17-IsReadOnly>True</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem17-IsReadOnly>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem17-HasChipSelect>False</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem17-HasChipSelect>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem17-FieldInformation>None</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem17-FieldInformation>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem17-Endian>Little</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem17-Endian>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem18-MapType>InternalRom</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem18-MapType>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem18-StartAddress>4293918720</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem18-StartAddress>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem18-EndAddress>4294967295</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem18-EndAddress>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem18-ChipSelect>0</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem18-ChipSelect>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem18-AccessSize>8</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem18-AccessSize>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem18-IsReadOnly>True</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem18-IsReadOnly>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem18-HasChipSelect>False</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem18-HasChipSelect>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem18-FieldInformation>None</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem18-FieldInformation>
-      <DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem18-Endian>Little</DebuggerProperty-OptionalProperty-Memory-MemoryMappings-MemoryMapItem18-Endian>
      <DebuggerProperty-OptionalProperty-AccessMemory-UpdateDisplayInExecution>Yes</DebuggerProperty-OptionalProperty-AccessMemory-UpdateDisplayInExecution>
      <DebuggerProperty-OptionalProperty-AccessMemory-UpdateInterval>500</DebuggerProperty-OptionalProperty-AccessMemory-UpdateInterval>
      <DebuggerProperty-OptionalProperty-Trace-UseTrace>No</DebuggerProperty-OptionalProperty-Trace-UseTrace>
--- a/IDE/Renesas/cs+/Projects/test/test_main.c
+++ b/IDE/Renesas/cs+/Projects/test/test_main.c
@@ -45,9 +45,11 @@ void wolfcrypt_test(func_args args);
 void main(void)
 {
    func_args args = { 1 };
+  
    printf("Start wolfCrypt Test\n");
    wolfcrypt_test(args);
    printf("End wolfCrypt Test\n");
+
 }

 #ifdef __cplusplus
--- a/IDE/Renesas/cs+/Projects/wolfssl_lib/wolfssl_lib.mtpj
+++ b/IDE/Renesas/cs+/Projects/wolfssl_lib/wolfssl_lib.mtpj
@@ -545,13 +545,13 @@
      <DataFormatVersion>1.0</DataFormatVersion>
    </Instance>
    <Instance Guid="2a81c37a-5015-44c2-9f40-e58b669eec75">
-      <DeviceName>R5F565N7BxFB</DeviceName>
+      <DeviceName>R5F571MLDxFC</DeviceName>
      <MemoCount>0</MemoCount>
    </Instance>
  </Class>
  <Class Guid="873c9a58-9bc5-439a-b476-78629a4553ed">
    <Instance Guid="873c9a58-9bc5-439a-b476-78629a4553ed">
-      <ProjectDeviceChangedCounter>0</ProjectDeviceChangedCounter>
+      <ProjectDeviceChangedCounter>1</ProjectDeviceChangedCounter>
      <ProjectInitialDeviceName>R5F565N7BxFB</ProjectInitialDeviceName>
    </Instance>
  </Class>
@@ -704,7 +704,7 @@
      <SourceItemGuid67>d1a109cd-a5af-4f79-8bef-7acd6d46c8db</SourceItemGuid67>
      <SourceItemType67>CSource</SourceItemType67>
      <SourceItemCount>68</SourceItemCount>
-      <LastDeviceChangedCounter>0</LastDeviceChangedCounter>
+      <LastDeviceChangedCounter>1</LastDeviceChangedCounter>
    </Instance>
    <Instance Guid="9e208646-ccba-4100-a676-29b1efe6545f">
      <AsmOptionInclude-DefaultValue />
@@ -787,7 +787,7 @@
      <GeneralOptionPatch-DefaultValue>None</GeneralOptionPatch-DefaultValue>
      <GeneralOptionSaveAcc-DefaultValue>False</GeneralOptionSaveAcc-DefaultValue>
      <IsLockedByUser>False</IsLockedByUser>
-      <TimeTagModified--0>-8586796872818991641</TimeTagModified--0>
+      <TimeTagModified--0>-8586657078646268366</TimeTagModified--0>
      <BuildMode-0>DefaultBuild</BuildMode-0>
      <Memo-0 />
      <OutputMessageFormat-0>%TargetFiles%</OutputMessageFormat-0>
--- a/IDE/WIN10/user_settings.h
+++ b/IDE/WIN10/user_settings.h
@@ -42,6 +42,9 @@
        #define WOLFSSL_VALIDATE_ECC_IMPORT
        #define WOLFSSL_VALIDATE_FFC_IMPORT
        #define HAVE_FFDHE_Q
+        #define WOLFSSL_AESNI
+        #define HAVE_INTEL_RDSEED
+        #define FORCE_FAILURE_RDSEED
    #endif /* FIPS v2 */
 #else
    /* Enables blinding mode, to prevent timing attacks */
--- a/IDE/XCODE/Benchmark/wolfBench.xcodeproj/project.pbxproj
+++ b/IDE/XCODE/Benchmark/wolfBench.xcodeproj/project.pbxproj
@@ -7,6 +7,7 @@
 	objects = {

 /* Begin PBXBuildFile section */
+		52114C8721B5A7320022ADA1 /* sp_c64.c in Sources */ = {isa = PBXBuildFile; fileRef = 52114C8621B5A7320022ADA1 /* sp_c64.c */; };
 		A47546261FD90492005176B9 /* tls_bench.c in Sources */ = {isa = PBXBuildFile; fileRef = A47546251FD90492005176B9 /* tls_bench.c */; };
 		A4ADF82F1FCE0BD300A06E90 /* AppDelegate.m in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF82E1FCE0BD300A06E90 /* AppDelegate.m */; };
 		A4ADF8321FCE0BD300A06E90 /* ViewController.m in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8311FCE0BD300A06E90 /* ViewController.m */; };
@@ -49,7 +50,6 @@
 		A4ADF8F81FCE0C5600A06E90 /* fe_low_mem.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF89C1FCE0C4F00A06E90 /* fe_low_mem.c */; };
 		A4ADF8FA1FCE0C5600A06E90 /* pkcs12.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF89E1FCE0C4F00A06E90 /* pkcs12.c */; };
 		A4ADF8FC1FCE0C5600A06E90 /* asm.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8A01FCE0C4F00A06E90 /* asm.c */; };
-		A4ADF8FD1FCE0C5600A06E90 /* misc.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8A11FCE0C5000A06E90 /* misc.c */; };
 		A4ADF8FE1FCE0C5600A06E90 /* integer.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8A21FCE0C5000A06E90 /* integer.c */; };
 		A4ADF9001FCE0C5600A06E90 /* poly1305.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8A41FCE0C5000A06E90 /* poly1305.c */; };
 		A4ADF9011FCE0C5600A06E90 /* md2.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8A51FCE0C5000A06E90 /* md2.c */; };
@@ -67,12 +67,10 @@
 		A4ADF9131FCE0C5600A06E90 /* signature.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8B71FCE0C5200A06E90 /* signature.c */; };
 		A4ADF9141FCE0C5600A06E90 /* wolfmath.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8B81FCE0C5200A06E90 /* wolfmath.c */; };
 		A4ADF9161FCE0C5600A06E90 /* fe_operations.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8BA1FCE0C5300A06E90 /* fe_operations.c */; };
-		A4ADF91A1FCE0C5600A06E90 /* sp.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8BE1FCE0C5300A06E90 /* sp.c */; };
 		A4ADF91B1FCE0C5600A06E90 /* srp.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8BF1FCE0C5300A06E90 /* srp.c */; };
 		A4ADF91C1FCE0C5600A06E90 /* pwdbased.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8C01FCE0C5300A06E90 /* pwdbased.c */; };
 		A4ADF91D1FCE0C5600A06E90 /* cpuid.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8C11FCE0C5300A06E90 /* cpuid.c */; };
 		A4ADF91E1FCE0C5600A06E90 /* asn.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8C21FCE0C5300A06E90 /* asn.c */; };
-		A4ADF91F1FCE0C5600A06E90 /* async.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8C31FCE0C5400A06E90 /* async.c */; };
 		A4ADF9231FCE0C5600A06E90 /* camellia.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8C71FCE0C5400A06E90 /* camellia.c */; };
 		A4ADF9261FCE0C5600A06E90 /* chacha.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8CA1FCE0C5500A06E90 /* chacha.c */; };
 		A4ADF9271FCE0C5600A06E90 /* ed25519.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8CB1FCE0C5500A06E90 /* ed25519.c */; };
@@ -86,6 +84,7 @@
 /* End PBXBuildFile section */

 /* Begin PBXFileReference section */
+		52114C8621B5A7320022ADA1 /* sp_c64.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sp_c64.c; path = ../../../wolfcrypt/src/sp_c64.c; sourceTree = "<group>"; };
 		A47546241FD9042D005176B9 /* user_settings.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = user_settings.h; path = ../user_settings.h; sourceTree = "<group>"; };
 		A47546251FD90492005176B9 /* tls_bench.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = tls_bench.c; path = ../../../examples/benchmark/tls_bench.c; sourceTree = "<group>"; };
 		A4ADF82A1FCE0BD300A06E90 /* wolfBench.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = wolfBench.app; sourceTree = BUILT_PRODUCTS_DIR; };
@@ -133,7 +132,6 @@
 		A4ADF89C1FCE0C4F00A06E90 /* fe_low_mem.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = fe_low_mem.c; path = ../../../wolfcrypt/src/fe_low_mem.c; sourceTree = "<group>"; };
 		A4ADF89E1FCE0C4F00A06E90 /* pkcs12.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = pkcs12.c; path = ../../../wolfcrypt/src/pkcs12.c; sourceTree = "<group>"; };
 		A4ADF8A01FCE0C4F00A06E90 /* asm.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = asm.c; path = ../../../wolfcrypt/src/asm.c; sourceTree = "<group>"; };
-		A4ADF8A11FCE0C5000A06E90 /* misc.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = misc.c; path = ../../../wolfcrypt/src/misc.c; sourceTree = "<group>"; };
 		A4ADF8A21FCE0C5000A06E90 /* integer.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = integer.c; path = ../../../wolfcrypt/src/integer.c; sourceTree = "<group>"; };
 		A4ADF8A41FCE0C5000A06E90 /* poly1305.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = poly1305.c; path = ../../../wolfcrypt/src/poly1305.c; sourceTree = "<group>"; };
 		A4ADF8A51FCE0C5000A06E90 /* md2.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = md2.c; path = ../../../wolfcrypt/src/md2.c; sourceTree = "<group>"; };
@@ -151,12 +149,10 @@
 		A4ADF8B71FCE0C5200A06E90 /* signature.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = signature.c; path = ../../../wolfcrypt/src/signature.c; sourceTree = "<group>"; };
 		A4ADF8B81FCE0C5200A06E90 /* wolfmath.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = wolfmath.c; path = ../../../wolfcrypt/src/wolfmath.c; sourceTree = "<group>"; };
 		A4ADF8BA1FCE0C5300A06E90 /* fe_operations.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = fe_operations.c; path = ../../../wolfcrypt/src/fe_operations.c; sourceTree = "<group>"; };
-		A4ADF8BE1FCE0C5300A06E90 /* sp.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sp.c; path = ../../../wolfcrypt/src/sp.c; sourceTree = "<group>"; };
 		A4ADF8BF1FCE0C5300A06E90 /* srp.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = srp.c; path = ../../../wolfcrypt/src/srp.c; sourceTree = "<group>"; };
 		A4ADF8C01FCE0C5300A06E90 /* pwdbased.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = pwdbased.c; path = ../../../wolfcrypt/src/pwdbased.c; sourceTree = "<group>"; };
 		A4ADF8C11FCE0C5300A06E90 /* cpuid.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = cpuid.c; path = ../../../wolfcrypt/src/cpuid.c; sourceTree = "<group>"; };
 		A4ADF8C21FCE0C5300A06E90 /* asn.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = asn.c; path = ../../../wolfcrypt/src/asn.c; sourceTree = "<group>"; };
-		A4ADF8C31FCE0C5400A06E90 /* async.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = async.c; path = ../../../../wolfAsyncCrypt/wolfcrypt/src/async.c; sourceTree = "<group>"; };
 		A4ADF8C71FCE0C5400A06E90 /* camellia.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = camellia.c; path = ../../../wolfcrypt/src/camellia.c; sourceTree = "<group>"; };
 		A4ADF8CA1FCE0C5500A06E90 /* chacha.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = chacha.c; path = ../../../wolfcrypt/src/chacha.c; sourceTree = "<group>"; };
 		A4ADF8CB1FCE0C5500A06E90 /* ed25519.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = ed25519.c; path = ../../../wolfcrypt/src/ed25519.c; sourceTree = "<group>"; };
@@ -243,7 +239,6 @@
 				A4ADF8921FCE0C4E00A06E90 /* arc4.c */,
 				A4ADF8A01FCE0C4F00A06E90 /* asm.c */,
 				A4ADF8C21FCE0C5300A06E90 /* asn.c */,
-				A4ADF8C31FCE0C5400A06E90 /* async.c */,
 				A4ADF8B11FCE0C5100A06E90 /* blake2b.c */,
 				A4ADF8C71FCE0C5400A06E90 /* camellia.c */,
 				A4ADF8CA1FCE0C5500A06E90 /* chacha.c */,
@@ -274,7 +269,6 @@
 				A4ADF87C1FCE0C4D00A06E90 /* md4.c */,
 				A4ADF8791FCE0C4D00A06E90 /* md5.c */,
 				A4ADF8941FCE0C4E00A06E90 /* memory.c */,
-				A4ADF8A11FCE0C5000A06E90 /* misc.c */,
 				A4ADF8981FCE0C4F00A06E90 /* pkcs7.c */,
 				A4ADF89E1FCE0C4F00A06E90 /* pkcs12.c */,
 				A4ADF8A41FCE0C5000A06E90 /* poly1305.c */,
@@ -288,7 +282,7 @@
 				A4ADF8831FCE0C4D00A06E90 /* sha256.c */,
 				A4ADF8AE1FCE0C5100A06E90 /* sha512.c */,
 				A4ADF8B71FCE0C5200A06E90 /* signature.c */,
-				A4ADF8BE1FCE0C5300A06E90 /* sp.c */,
+				52114C8621B5A7320022ADA1 /* sp_c64.c */,
 				A4ADF8BF1FCE0C5300A06E90 /* srp.c */,
 				A4ADF8881FCE0C4D00A06E90 /* tfm.c */,
 				A4ADF8AA1FCE0C5000A06E90 /* wc_encrypt.c */,
@@ -342,7 +336,7 @@
 			isa = PBXProject;
 			attributes = {
 				LastUpgradeCheck = 0910;
-				ORGANIZATIONNAME = "David Garske";
+				ORGANIZATIONNAME = "wolfSSL Inc";
 				TargetAttributes = {
 					A4ADF8291FCE0BD300A06E90 = {
 						CreatedOnToolsVersion = 9.1;
@@ -393,7 +387,6 @@
 				A4ADF9141FCE0C5600A06E90 /* wolfmath.c in Sources */,
 				A4ADF8FC1FCE0C5600A06E90 /* asm.c in Sources */,
 				A4ADF8721FCE0C1C00A06E90 /* crl.c in Sources */,
-				A4ADF91F1FCE0C5600A06E90 /* async.c in Sources */,
 				A4ADF91B1FCE0C5600A06E90 /* srp.c in Sources */,
 				A4ADF9101FCE0C5600A06E90 /* rabbit.c in Sources */,
 				A4ADF9091FCE0C5600A06E90 /* idea.c in Sources */,
@@ -420,13 +413,13 @@
 				A4DFEC101FD4CB8500A7BB33 /* armv8-sha256.c in Sources */,
 				A4ADF83D1FCE0BD300A06E90 /* main.m in Sources */,
 				A4ADF9271FCE0C5600A06E90 /* ed25519.c in Sources */,
+				5231117421B5AF430054CC79 /* async.c in Sources */,
 				A4ADF8D11FCE0C5600A06E90 /* hmac.c in Sources */,
 				A4ADF8F01FCE0C5600A06E90 /* memory.c in Sources */,
 				A4ADF82F1FCE0BD300A06E90 /* AppDelegate.m in Sources */,
 				A4ADF8D31FCE0C5600A06E90 /* random.c in Sources */,
 				A4ADF9131FCE0C5600A06E90 /* signature.c in Sources */,
 				A4DFEC3C1FD6B9CC00A7BB33 /* test.c in Sources */,
-				A4ADF8FD1FCE0C5600A06E90 /* misc.c in Sources */,
 				A4ADF9261FCE0C5600A06E90 /* chacha.c in Sources */,
 				A4ADF8DD1FCE0C5600A06E90 /* error.c in Sources */,
 				A4ADF90A1FCE0C5600A06E90 /* sha512.c in Sources */,
@@ -435,6 +428,7 @@
 				A4ADF92A1FCE0C5600A06E90 /* coding.c in Sources */,
 				A4ADF8741FCE0C1C00A06E90 /* ssl.c in Sources */,
 				A4ADF9051FCE0C5600A06E90 /* cmac.c in Sources */,
+				52114C8721B5A7320022ADA1 /* sp_c64.c in Sources */,
 				A4ADF8F41FCE0C5600A06E90 /* pkcs7.c in Sources */,
 				A4ADF90B1FCE0C5600A06E90 /* logging.c in Sources */,
 				A4ADF8E01FCE0C5600A06E90 /* ecc_fp.c in Sources */,
@@ -458,7 +452,6 @@
 				A4ADF8D71FCE0C5600A06E90 /* wolfevent.c in Sources */,
 				A4DFEC0D1FD4CAA300A7BB33 /* benchmark.c in Sources */,
 				A4ADF91D1FCE0C5600A06E90 /* cpuid.c in Sources */,
-				A4ADF91A1FCE0C5600A06E90 /* sp.c in Sources */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
--- a/IDE/XCODE/README.md
+++ b/IDE/XCODE/README.md
@@ -54,6 +54,15 @@ device build. Both are debug builds.

 You can make an archive for a device, as well. That is a release build.

+## Known issues:
+
+When building for older i386 architectures and using tfm.c there are specific
+CFLAGS required to expose the necessary registers for inline assembly in tfm.c.
+An example script has been provided "build-for-i386.sh" that targets the watchos
+by default. If using SDK iphonesimulator10.1 or older you can change the SDK
+variable in that script however newer versions of the SDK no longer support
+i386 for the iphones.
+
 # Installing libwolfssl.a

 Simply drag the file libwolfssl_XXX_.a and the directory `include` and drop it into
--- a/IDE/XCODE/build-for-i386.sh
+++ b/IDE/XCODE/build-for-i386.sh
@@ -0,0 +1,16 @@
+#!/bin/sh
+
+WORKSPACE=$(eval "pwd")
+PROJ=wolfssl.xcodeproj
+CONFIG=Release
+SCHEME=wolfssl_ios
+ARCH=i386
+SDK=watchsimulator5.1
+CONF_BUILD_DIR=${WORKSPACE}/simulator
+
+xcodebuild clean build -project ${PROJ} -configuration ${CONFIG} \
+           -scheme ${SCHEME} -arch ${ARCH} -sdk ${SDK} \
+           BITCODE_GENERATION_MODE=bitcode \
+           OTHER_CFLAGS="-fembed-bitcode -O3 -fomit-frame-pointer" \
+           CONFIGURATION_BUILD_DIR=${CONF_BUILD_DIR}  \
+           -quiet
--- a/IDE/XCODE/user_settings.h
+++ b/IDE/XCODE/user_settings.h
@@ -16,6 +16,9 @@
    #undef NO_MAIN_DRIVER
    #define NO_MAIN_DRIVER

+    /* 128-bit type */
+    #define HAVE___UINT128_T
+
    /* fast math */
    #define USE_FAST_MATH
    #define HAVE_ECC
--- a/IDE/XCODE/wolfssl-FIPS.xcodeproj/project.pbxproj
+++ b/IDE/XCODE/wolfssl-FIPS.xcodeproj/project.pbxproj
@@ -1066,12 +1066,12 @@
 			isa = PBXNativeTarget;
 			buildConfigurationList = 52B1347216F3C9E800C07B32 /* Build configuration list for PBXNativeTarget "wolfssl_fips_ios" */;
 			buildPhases = (
-				52B1344916F3C9E800C07B32 /* Sources */,
 				52B1344A16F3C9E800C07B32 /* Frameworks */,
 				52B1344B16F3C9E800C07B32 /* CopyFiles */,
 				521646C11A8A7B380062516A /* CopyFiles */,
 				521646C21A8A7B3B0062516A /* CopyFiles */,
 				521646C31A8A7B3D0062516A /* CopyFiles */,
+				52B1344916F3C9E800C07B32 /* Sources */,
 			);
 			buildRules = (
 			);
@@ -1313,7 +1313,7 @@
 		52B1347316F3C9E800C07B32 /* Debug */ = {
 			isa = XCBuildConfiguration;
 			buildSettings = {
-				ALWAYS_SEARCH_USER_PATHS = YES;
+				ALWAYS_SEARCH_USER_PATHS = NO;
 				CLANG_LINK_OBJC_RUNTIME = NO;
 				DSTROOT = /tmp/wolfssl_ios.dst;
 				GCC_PRECOMPILE_PREFIX_HEADER = NO;
@@ -1321,6 +1321,7 @@
 				GCC_PREPROCESSOR_DEFINITIONS = (
 					"DEBUG=1",
 					HAVE_FIPS,
+					CYASSL_USER_SETTINGS,
 					WOLFSSL_USER_SETTINGS,
 				);
 				HEADER_SEARCH_PATHS = (
@@ -1340,13 +1341,14 @@
 		52B1347416F3C9E800C07B32 /* Release */ = {
 			isa = XCBuildConfiguration;
 			buildSettings = {
-				ALWAYS_SEARCH_USER_PATHS = YES;
+				ALWAYS_SEARCH_USER_PATHS = NO;
 				CLANG_LINK_OBJC_RUNTIME = NO;
 				DSTROOT = /tmp/wolfssl_ios.dst;
 				GCC_PRECOMPILE_PREFIX_HEADER = NO;
 				GCC_PREFIX_HEADER = "";
 				GCC_PREPROCESSOR_DEFINITIONS = (
 					HAVE_FIPS,
+					CYASSL_USER_SETTINGS,
 					WOLFSSL_USER_SETTINGS,
 				);
 				HEADER_SEARCH_PATHS = (
@@ -1374,6 +1376,7 @@
 				GCC_PREPROCESSOR_DEFINITIONS = (
 					"DEBUG=1",
 					HAVE_FIPS,
+					CYASSL_USER_SETTINGS,
 					WOLFSSL_USER_SETTINGS,
 				);
 				HEADER_SEARCH_PATHS = (
@@ -1401,6 +1404,7 @@
 				GCC_PREFIX_HEADER = "";
 				GCC_PREPROCESSOR_DEFINITIONS = (
 					HAVE_FIPS,
+					CYASSL_USER_SETTINGS,
 					WOLFSSL_USER_SETTINGS,
 				);
 				HEADER_SEARCH_PATHS = (
--- a/IDE/XCODE/wolfssl.xcworkspace/contents.xcworkspacedata
+++ b/IDE/XCODE/wolfssl.xcworkspace/contents.xcworkspacedata
@@ -1,15 +1,15 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <Workspace
   version = "1.0">
+   <FileRef
+      location = "group:Benchmark/wolfBench.xcodeproj">
+   </FileRef>
   <FileRef
      location = "group:wolfssl-FIPS.xcodeproj">
   </FileRef>
   <FileRef
      location = "group:wolfssl_testsuite.xcodeproj">
   </FileRef>
-   <FileRef
-      location = "group:/Users/davidgarske/GitHub/wolfssl/IDE/XCODE/wolfcrypt_testbench.xcodeproj">
-   </FileRef>
   <FileRef
      location = "group:wolfssl.xcodeproj">
   </FileRef>
--- a/IDE/include.am
+++ b/IDE/include.am
@@ -20,4 +20,4 @@ include IDE/mynewt/include.am
 include IDE/Renesas/cs+/Projects/include.am
 include IDE/Renesas/e2studio/Projects/include.am

-EXTRA_DIST+= IDE/IAR-EWARM IDE/MDK-ARM IDE/MDK5-ARM IDE/MYSQL IDE/LPCXPRESSO IDE/HEXIWEAR
+EXTRA_DIST+= IDE/IAR-EWARM IDE/MDK-ARM IDE/MDK5-ARM IDE/MYSQL IDE/LPCXPRESSO IDE/HEXIWEAR IDE/Espressif
--- a/16
+++ b/16
@@ -54,7 +54,21 @@
    Please see the README in IDE/VS-ARM.
    Use the Visual Studio solution IDE/VS-ARM/wolfssl.sln.

-11. Porting to a new platform
+11. Building for Yocto Project or OpenEmbedded
+
+    Please see the README in the "meta-wolfssl" repository. This repository
+    holds wolfSSL's Yocto and OpenEmbedded layer, which contains recipes
+    for wolfSSL, wolfSSH, wolfMQTT, wolfTPM, wolfCrypt examples, and OSS
+    project bbappend files.
+
+    https://github.com/wolfssl/meta-wolfssl
+
+    The wolfSSL recipe can also be found in the OpenEmbedded
+    "meta-openembedded/meta-networking/recipes-connectivity" layer:
+
+    https://github.com/openembedded/meta-openembedded
+
+12. Porting to a new platform

    Please see section 2.4 in the manual:
    http://www.wolfssl.com/yaSSL/Docs-cyassl-manual-2-building-cyassl.html
--- a/Makefile.am
+++ b/Makefile.am
@@ -39,10 +39,30 @@ CLEANFILES+= cert.der \
             othercert.der \
             othercert.pem \
             pkcs7cert.der \
+             pkcs7authEnvelopedDataAES128GCM.der \
+             pkcs7authEnvelopedDataAES128GCM_ECDH_SHA1KDF.der \
+             pkcs7authEnvelopedDataAES128GCM_KEKRI.der \
+             pkcs7authEnvelopedDataAES128GCM_ORI.der \
+             pkcs7authEnvelopedDataAES128GCM_PWRI.der \
+             pkcs7authEnvelopedDataAES192GCM.der \
+             pkcs7authEnvelopedDataAES256GCM.der \
+             pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF.der \
+             pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_authAttribs.der \
+             pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_bothAttribs.der \
+             pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_fw_bothAttribs.der \
+             pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_unauthAttribs.der \
+             pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF.der \
+             pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF_ukm.der \
+             pkcs7authEnvelopedDataAES256GCM_firmwarePkgData.der \
+             pkcs7authEnvelopedDataAES256GCM_IANDS.der \
+             pkcs7authEnvelopedDataAES256GCM_SKID.der \
+             pkcs7compressedData_data_zlib.der \
+             pkcs7compressedData_firmwarePkgData_zlib.der \
             pkcs7encryptedDataAES128CBC.der \
             pkcs7encryptedDataAES192CBC.der \
             pkcs7encryptedDataAES256CBC_attribs.der \
             pkcs7encryptedDataAES256CBC.der \
+             pkcs7encryptedDataAES256CBC_firmwarePkgData.der \
             pkcs7encryptedDataAES256CBC_multi_attribs.der \
             pkcs7encryptedDataDES3.der \
             pkcs7encryptedDataDES.der \
@@ -53,20 +73,52 @@ CLEANFILES+= cert.der \
             pkcs7envelopedDataAES256CBC_ECDH_SHA512KDF_ukm.der \
             pkcs7envelopedDataDES3.der \
             pkcs7envelopedDataAES128CBC.der \
+             pkcs7envelopedDataAES128CBC_KEKRI.der \
+             pkcs7envelopedDataAES128CBC_PWRI.der \
+             pkcs7envelopedDataAES128CBC_ORI.der \
             pkcs7envelopedDataAES192CBC.der \
             pkcs7envelopedDataAES256CBC.der \
+             pkcs7envelopedDataAES256CBC_IANDS.der \
+             pkcs7envelopedDataAES256CBC_SKID.der \
             pkcs7signedData_RSA_SHA.der \
             pkcs7signedData_RSA_SHA_noattr.der \
             pkcs7signedData_RSA_SHA224.der \
             pkcs7signedData_RSA_SHA256.der \
+             pkcs7signedData_RSA_SHA256_firmwarePkgData.der \
+             pkcs7signedData_RSA_SHA256_custom_contentType.der \
+             pkcs7signedData_RSA_SHA256_with_ca_cert.der \
+             pkcs7signedData_RSA_SHA256_SKID.der \
+             pkcs7signedData_RSA_SHA256_detachedSig.der \
             pkcs7signedData_RSA_SHA384.der \
             pkcs7signedData_RSA_SHA512.der \
             pkcs7signedData_ECDSA_SHA.der \
             pkcs7signedData_ECDSA_SHA_noattr.der \
             pkcs7signedData_ECDSA_SHA224.der \
             pkcs7signedData_ECDSA_SHA256.der \
+             pkcs7signedData_ECDSA_SHA256_firmwarePkgData.der \
+             pkcs7signedData_ECDSA_SHA256_custom_contentType.der \
+             pkcs7signedData_ECDSA_SHA256_SKID.der \
             pkcs7signedData_ECDSA_SHA384.der \
-             pkcs7signedData_ECDSA_SHA512.der
+             pkcs7signedData_ECDSA_SHA512.der \
+             pkcs7signedFirmwarePkgData_ECDSA_SHA256.der \
+             pkcs7signedFirmwarePkgData_ECDSA_SHA256_SKID.der \
+             pkcs7signedFirmwarePkgData_ECDSA_SHA256_noattr.der \
+             pkcs7signedFirmwarePkgData_RSA_SHA256.der \
+             pkcs7signedFirmwarePkgData_RSA_SHA256_SKID.der \
+             pkcs7signedFirmwarePkgData_RSA_SHA256_noattr.der \
+             pkcs7signedFirmwarePkgData_RSA_SHA256_with_ca_cert.der \
+             pkcs7signedCompressedFirmwarePkgData_ECDSA_SHA256.der \
+             pkcs7signedCompressedFirmwarePkgData_ECDSA_SHA256_noattr.der \
+             pkcs7signedCompressedFirmwarePkgData_RSA_SHA256.der \
+             pkcs7signedCompressedFirmwarePkgData_RSA_SHA256_noattr.der \
+             pkcs7signedEncryptedFirmwarePkgData_RSA_SHA256.der \
+             pkcs7signedEncryptedFirmwarePkgData_RSA_SHA256_noattr.der \
+             pkcs7signedEncryptedFirmwarePkgData_ECDSA_SHA256.der \
+             pkcs7signedEncryptedFirmwarePkgData_ECDSA_SHA256_noattr.der \
+             pkcs7signedEncryptedCompressedFirmwarePkgData_ECDSA_SHA256.der \
+             pkcs7signedEncryptedCompressedFirmwarePkgData_ECDSA_SHA256_noattr.der \
+             pkcs7signedEncryptedCompressedFirmwarePkgData_RSA_SHA256.der \
+             pkcs7signedEncryptedCompressedFirmwarePkgData_RSA_SHA256_noattr.der

 exampledir = $(docdir)/example
 dist_example_DATA=
@@ -91,6 +143,7 @@ EXTRA_DIST+= INSTALL
 EXTRA_DIST+= IPP
 EXTRA_DIST+= .cproject
 EXTRA_DIST+= .project
+EXTRA_DIST+= resource.h wolfssl.rc

 include wrapper/include.am
 include cyassl/include.am
--- a/101
+++ b/101
@@ -73,46 +73,81 @@ should be used for the enum name.
 *** end Notes ***


-********* wolfSSL Release 3.15.3 (6/20/2018)
+********* wolfSSL Release 3.15.5 (11/07/2018)

-Release 3.15.3 of wolfSSL embedded TLS has bug fixes and new features including:
-
- ECDSA blinding added for hardening against side channel attacks
- Fix for compatibility layer build with no server and no client defined
- Use of optimized Intel assembly instructions on compatible AMD processor
- wolfCrypt Nucleus port additions
- Fix added for MatchDomainName and additional tests added
- Fixes for building with ‘WOLFSSL_ATECC508A’ defined
- Fix for verifying a PKCS7 file in BER format with indefinite size
-
-
-This release of wolfSSL fixes 2 security vulnerability fixes.
-
-Medium level fix for PRIME + PROBE attack combined with a variant of Lucky 13.
-Constant time hardening was done to avoid potential cache-based side channel
-attacks when verifying the MAC on a TLS packet. CBC cipher suites are
-susceptible on systems where an attacker could gain access and run a parallel
-program for inspecting caching. Only wolfSSL users that are using TLS/DTLS CBC
-cipher suites need to update. Users that have only AEAD and stream cipher suites
-set, or have built with WOLFSSL_MAX_STRENGTH (--enable-maxstrength), are not
-vulnerable. Thanks to Eyal Ronen, Kenny Paterson, and Adi Shamir for the report.
-
-Medium level fix for a ECDSA side channel attack. wolfSSL is one of over a dozen
-vendors mentioned in the recent Technical Advisory “ROHNP” by author Ryan
-Keegan. Only wolfSSL users with long term ECDSA private keys using our fastmath
-or normal math libraries on systems where attackers can get access to the
-machine using the ECDSA key need to update.  An attacker gaining access to the
-system could mount a memory cache side channel attack that could recover the key
-within a few thousand signatures. wolfSSL users that are not using ECDSA private
-keys, that are using the single precision math library, or that are using ECDSA
-offloading do not need to update. (blog with more information
-https://www.wolfssl.com/wolfssh-and-rohnp/)
+Release 3.15.5 of wolfSSL embedded TLS has bug fixes and new features including:

+- Fixes for GCC-8 warnings with strings
+- Additional compatibility API’s added, including functions like wolfSSL_X509_CA_num and wolfSSL_PEM_read_X509_CRL
+- Fixes for OCSP use with NGINX port
+- Renamed the macro INLINE to WC_INLINE for inline functions
+- Doxygen updates and formatting for documentation generation
+- Added support for the STM32L4 with AES/SHA hardware acceleration
+- Adds checking for critical extension with certificate Auth ID and the macro WOLFSSL_ALLOW_CRIT_SKID to override the check
+- Added public key callbacks to ConfirmSignature function to expand public key callback support
+- Added ECC and Curve25519 key generation callback support
+- Fix for memory management with wolfSSL_BN_hex2bn function
+- Added support for dynamic allocation of PKCS7 structure using wc_PKCS7_New and wc_PKCS7_Free
+- Port to apache mynewt added in the directory wolfssl-3.15.5/IDE/mynewt/*
+- OCSP stapling in TLS 1.3 additions
+- Port for ASIO added with --enable-asio configure flag
+- Contiki port added with macro WOLFSSL_CONTIKI
+- Memory free optimizations with adding in earlier free’s where possible
+- Made modifications to the primality testing so that the Miller-Rabin tests check against up to 40 random numbers rather than a fixed list of small primes
+- Certificate validation time generation updated
+- Fixes for MQX classic 4.0 with IAR-EWARM
+- Fix for assembly optimized version of Curve25519
+- Make SOCKET_PEER_CLOSED_E consistent between read and write cases
+- Relocate compatibility layer functions for OpenSSH port update
+- Update to Intel® SGX port, files included by Windows version and macros defined when using WOLFSSL_SGX
+- Updates to Nucleus version supported
+- Stack size reduction with smallstack build
+- Updates to Rowley-Crossworks settings for CMSIS 4
+- Added reference STSAFE-A100 public key callbacks for TLS support
+- Added reference ATECC508A/ATECC608A public key callbacks for TLS support
+- Updated support for latest CryptoAuthLib (10/25/2018)
+- Added a wolfSSL static library project for Atollic TrueSTUDIO
+- Flag to disable AES-CBC and have only AEAD cipher suites with TLS
+- AF_ALG and cryptodev-linux crypto support added
+- Update to IO callbacks with use of WOLFSSL_BIO
+- Additional support for parsing certificate subject OIDs (businessCategory, jurisdiction of incorporation country, and jurisdiction of incorporation state)
+- Added  wc_ecc_ecport_ex and wc_export_inti API's for ECC hex string exporting
+- Updates to XCODE build with wolfSSL
+- Fix for guard on when to include sys/time.h header
+- Updates and enhancements to the GCC-ARM example
+- Fix for PKCS8 padding with encryption
+- Updates for wolfcrypt JNI wrapper
+- ALT_ECC_SIZE use with SP math
+- PIC32MZ hardware acceleration buffer alignment fixes
+- Renesas e2studio project files added
+- Renesas RX example project added
+- Fix for DH algorithm when using SP math with ARM assembly
+- Fixes and enhancements for NXP K82 support
+- Benchmark enhancements to print in CSV format and in Japanese
+- Support for PKCS#11 added with --enable-pkcs11
+- Fixes for asynchronous crypto use with TLS 1.3
+- TLS 1.3 only build, allows for disabling TLS 1.2 and earlier protocols
+- Fix for GCC warnings in function wolfSSL_ASN1_TIME_adj
+- Added --enable-asn=nocrypt for certificate only parsing support
+- Added support for parsing PIV format certificates with the function wc_ParseCertPIV and macro WOLFSSL_CERT_PIV
+- Added APIs to support GZIP
+- Updates to support Lighttpd
+- Version resource added for Windows DLL builds
+- Increased code coverage with additional testing
+- Added support for constructed OCTET_STRING with PKCS#7 signed data
+- Added DTLS either (server/client) side initialization setting
+- Minor fixes for building with MINGW32 compiler
+- Added support for generic ECC PEM header/footer with PKCS8 parsing
+- Added Japanese output to example server and client with “-1 1” flag
+- Added USE_ECDSA_KEYSZ_HASH_ALGO macro for building to use digest sizes that match ephemeral key size
+- Expand PKCS#7 CMS support with KEKRI, PWRI and ORI
+- Streaming capability for PKCS#7 decoding and sign verify added


 See INSTALL file for build instructions.
 More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html

+
 *** Resources ***


--- a/README.md
+++ b/README.md
@@ -58,24 +58,75 @@ hash function. Instead the name WC_SHA, WC_SHA256, WC_SHA384 and WC_SHA512
 should be used for the enum name.
 ```

-# wolfSSL Release 3.15.3 (6/20/2018)
+# wolfSSL Release 3.15.5 (11/07/2018)

-Release 3.15.3 of wolfSSL embedded TLS has bug fixes and new features including:
+Release 3.15.5 of wolfSSL embedded TLS has bug fixes and new features including:

-* ECDSA blinding added for hardening against side channel attacks
-* Fix for compatibility layer build with no server and no client defined
-* Use of optimized Intel assembly instructions on compatible AMD processor
-* wolfCrypt Nucleus port additions
-* Fix added for MatchDomainName and additional tests added
-* Fixes for building with ‘WOLFSSL_ATECC508A’ defined
-* Fix for verifying a PKCS7 file in BER format with indefinite size
-
-
-This release of wolfSSL fixes 2 security vulnerability fixes.
-
-Medium level fix for PRIME + PROBE attack combined with a variant of Lucky 13. Constant time hardening was done to avoid potential cache-based side channel attacks when verifying the MAC on a TLS packet. CBC cipher suites are susceptible on systems where an attacker could gain access and run a parallel program for inspecting caching. Only wolfSSL users that are using TLS/DTLS CBC cipher suites need to update. Users that have only AEAD and stream cipher suites set, or have built with WOLFSSL_MAX_STRENGTH (--enable-maxstrength), are not vulnerable. Thanks to Eyal Ronen, Kenny Paterson, and Adi Shamir for the report.
-
-Medium level fix for a ECDSA side channel attack. wolfSSL is one of over a dozen vendors mentioned in the recent Technical Advisory “ROHNP” by author Ryan Keegan. Only wolfSSL users with long term ECDSA private keys using our fastmath or normal math libraries on systems where attackers can get access to the machine using the ECDSA key need to update.  An attacker gaining access to the system could mount a memory cache side channel attack that could recover the key within a few thousand signatures. wolfSSL users that are not using ECDSA private keys, that are using the single precision math library, or that are using ECDSA offloading do not need to update. (blog with more information https://www.wolfssl.com/wolfssh-and-rohnp/)
+* Fixes for GCC-8 warnings with strings
+* Additional compatibility API’s added, including functions like wolfSSL_X509_CA_num and wolfSSL_PEM_read_X509_CRL
+* Fixes for OCSP use with NGINX port
+* Renamed the macro INLINE to WC_INLINE for inline functions
+* Doxygen updates and formatting for documentation generation
+* Added support for the STM32L4 with AES/SHA hardware acceleration
+* Adds checking for critical extension with certificate Auth ID and the macro WOLFSSL_ALLOW_CRIT_SKID to override the check
+* Added public key callbacks to ConfirmSignature function to expand public key callback support
+* Added ECC and Curve25519 key generation callback support
+* Fix for memory management with wolfSSL_BN_hex2bn function
+* Added support for dynamic allocation of PKCS7 structure using wc_PKCS7_New and wc_PKCS7_Free
+* Port to apache mynewt added in the directory wolfssl-3.15.5/IDE/mynewt/*
+* OCSP stapling in TLS 1.3 additions
+* Port for ASIO added with --enable-asio configure flag
+* Contiki port added with macro WOLFSSL_CONTIKI
+* Memory free optimizations with adding in earlier free’s where possible
+* Made modifications to the primality testing so that the Miller-Rabin tests check against up to 40 random numbers rather than a fixed list of small primes
+* Certificate validation time generation updated
+* Fixes for MQX classic 4.0 with IAR-EWARM
+* Fix for assembly optimized version of Curve25519
+* Make SOCKET_PEER_CLOSED_E consistent between read and write cases
+* Relocate compatibility layer functions for OpenSSH port update
+* Update to Intel® SGX port, files included by Windows version and macros defined when using WOLFSSL_SGX
+* Updates to Nucleus version supported
+* Stack size reduction with smallstack build
+* Updates to Rowley-Crossworks settings for CMSIS 4
+* Added reference STSAFE-A100 public key callbacks for TLS support
+* Added reference ATECC508A/ATECC608A public key callbacks for TLS support
+* Updated support for latest CryptoAuthLib (10/25/2018)
+* Added a wolfSSL static library project for Atollic TrueSTUDIO
+* Flag to disable AES-CBC and have only AEAD cipher suites with TLS
+* AF_ALG and cryptodev-linux crypto support added
+* Update to IO callbacks with use of WOLFSSL_BIO
+* Additional support for parsing certificate subject OIDs (businessCategory, jurisdiction of incorporation country, and jurisdiction of incorporation state)
+* Added  wc_ecc_ecport_ex and wc_export_inti API's for ECC hex string exporting
+* Updates to XCODE build with wolfSSL
+* Fix for guard on when to include sys/time.h header
+* Updates and enhancements to the GCC-ARM example
+* Fix for PKCS8 padding with encryption
+* Updates for wolfcrypt JNI wrapper
+* ALT_ECC_SIZE use with SP math
+* PIC32MZ hardware acceleration buffer alignment fixes
+* Renesas e2studio project files added
+* Renesas RX example project added
+* Fix for DH algorithm when using SP math with ARM assembly
+* Fixes and enhancements for NXP K82 support
+* Benchmark enhancements to print in CSV format and in Japanese
+* Support for PKCS#11 added with --enable-pkcs11
+* Fixes for asynchronous crypto use with TLS 1.3
+* TLS 1.3 only build, allows for disabling TLS 1.2 and earlier protocols
+* Fix for GCC warnings in function wolfSSL_ASN1_TIME_adj
+* Added --enable-asn=nocrypt for certificate only parsing support
+* Added support for parsing PIV format certificates with the function wc_ParseCertPIV and macro WOLFSSL_CERT_PIV
+* Added APIs to support GZIP
+* Updates to support Lighttpd
+* Version resource added for Windows DLL builds
+* Increased code coverage with additional testing
+* Added support for constructed OCTET_STRING with PKCS#7 signed data
+* Added DTLS either (server/client) side initialization setting
+* Minor fixes for building with MINGW32 compiler
+* Added support for generic ECC PEM header/footer with PKCS8 parsing
+* Added Japanese output to example server and client with “-1 1” flag
+* Added USE_ECDSA_KEYSZ_HASH_ALGO macro for building to use digest sizes that match ephemeral key size
+* Expand PKCS#7 CMS support with KEKRI, PWRI and ORI
+* Streaming capability for PKCS#7 decoding and sign verify added


 See INSTALL file for build instructions.
--- a/async-check.sh
+++ b/async-check.sh
@@ -31,7 +31,7 @@ then
    echo "\n\nUsing existing async repo\n\n"
 else
    # make a clone of the wolfAsyncCrypt repository
-    git clone $ASYNC_REPO async
+    git clone --depth 1 $ASYNC_REPO async
    [ $? -ne 0 ] && echo "\n\nCouldn't checkout the wolfAsyncCrypt repository\n\n" && exit 1  
 fi

--- a/certs/client-ecc384-cert.der
+++ b/certs/client-ecc384-cert.der
--- a/certs/client-ecc384-cert.pem
+++ b/certs/client-ecc384-cert.pem
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC7jCCAnOgAwIBAgICEAEwCgYIKoZIzj0EAwMwgZcxCzAJBgNVBAYTAlVTMRMw
+EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
+b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UEAwwPd3d3LndvbGZz
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTE4MTAx
+OTEzNDEwMloXDTQ4MTAxMTEzNDEwMlowgZYxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGlj
+MRMwEQYDVQQLDApFQ0MzODRDbGl0MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x
+HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wdjAQBgcqhkjOPQIBBgUr
+gQQAIgNiAARmxAg9ZqehFdRTCiOzrQvOj8j0mB2m2LJuIhH6ue+ZwPopPkgA+f7C
+pkobpxKoa5BMHLusXW4OYs5wIPdDd9iXx3TTaP6J7HfLGS+JSh13+ZdLZgJopWKv
+lYHL4yQ264WjgZAwgY0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwHQYD
+VR0OBBYEFB7y0Bv4/KXLP9yK9ZcqQlOwQvnUMB8GA1UdIwQYMBaAFKvgwyZMGNRy
+u9KEjJwKBZKAElNSMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcD
+AgYIKwYBBQUHAwQwCgYIKoZIzj0EAwMDaQAwZgIxAPQNeML87vVHHBRaob0yBP0Q
+K4wxvwQEuyes/XSEHupNYfSvcK24YuLVm2mrx+3NyAIxAIn8dyiX85tuunv89xNC
+XIkXUHZlvK60fMYi9PBucuYhdy7UO22IRrRncuURVs3oJQ==
+-----END CERTIFICATE-----
--- a/certs/client-ecc384-key.der
+++ b/certs/client-ecc384-key.der
--- a/certs/client-ecc384-key.pem
+++ b/certs/client-ecc384-key.pem
@@ -0,0 +1,6 @@
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDB1nVO7/TbLqFdjldpO
+TH23WVi/DIOkNaLUNEpfkh3gbrWk1AQ2OgnmrBSgMI8FN5ahZANiAARmxAg9Zqeh
+FdRTCiOzrQvOj8j0mB2m2LJuIhH6ue+ZwPopPkgA+f7CpkobpxKoa5BMHLusXW4O
+Ys5wIPdDd9iXx3TTaP6J7HfLGS+JSh13+ZdLZgJopWKvlYHL4yQ264U=
+-----END PRIVATE KEY-----
--- a/certs/crl/gencrls.sh
+++ b/certs/crl/gencrls.sh
@@ -1,25 +1,39 @@
 #!/bin/bash

 # gencrls, crl config already done, see taoCerts.txt for setup
+check_result(){
+    if [ $1 -ne 0 ]; then
+        echo "Step failed, Abort"
+        exit 1
+    else
+        echo "Step Succeeded!"
+    fi
+}

-function setup_files() {
+setup_files() {
    #set up the file system for updating the crls
    echo "setting up the file system for generating the crls..."
    echo ""
-    touch ./index.txt
-    touch ./crlnumber
-    echo "01" >> crlnumber
-    touch ./blank.index.txt
-    mkdir demoCA
-    touch ./demoCA/index.txt
+    mkdir demoCA || exit 1
+    touch ./demoCA/index.txt || exit 1
+    touch ./index.txt || exit 1
+    touch ../crl/index.txt || exit 1
+    touch ./crlnumber || exit 1
+    touch ../crl/crlnumber || exit 1
+    echo "01" >> crlnumber || exit 1
+    echo "01" >> ../crl/crlnumber || exit 1
+    touch ./blank.index.txt || exit 1
+    touch ./demoCA/index.txt.attr || exit 1
+    touch ../crl/index.txt.attr || exit 1
 }

-function cleanup_files() {
-    rm blank.index.txt
-    rm index.*
-    rm crlnumber*
-    rm -r demoCA
+cleanup_files() {
+    rm blank.index.txt || exit 1
+    rm index.* || exit 1
+    rm crlnumber* || exit 1
+    rm -rf demoCA || exit 1
    echo "Removed ../wolfssl.cnf, blank.index.txt, index.*, crlnumber*, demoCA/"
+    echo "        ../crl/index.txt"
    echo ""
    exit 0
 }
@@ -30,31 +44,49 @@ setup_files

 # caCrl
 # revoke server-revoked-cert.pem
+echo "Step 1"
 openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out crl2.pem -keyfile ../client-key.pem -cert ../client-cert.pem
+check_result $?

+echo "Step 2"
 openssl ca -config ../renewcerts/wolfssl.cnf -revoke ../server-revoked-cert.pem -keyfile ../ca-key.pem -cert ../ca-cert.pem
+check_result $?

+echo "Step 3"
 openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out crl.pem -keyfile ../ca-key.pem -cert ../ca-cert.pem
+check_result $?

 # metadata
+echo "Step 4"
 openssl crl -in crl.pem -text > tmp
+check_result $?
 mv tmp crl.pem
 # install (only needed if working outside wolfssl)
 #cp crl.pem ~/wolfssl/certs/crl/crl.pem

 # crl2 create
+echo "Step 5"
 openssl crl -in crl.pem -text > tmp
+check_result $?
+echo "Step 6"
 openssl crl -in crl2.pem -text >> tmp
+check_result $?
 mv tmp crl2.pem

 # caCrl server revoked
+echo "Step 7"
 openssl ca -config ../renewcerts/wolfssl.cnf -revoke ../server-cert.pem -keyfile ../ca-key.pem -cert ../ca-cert.pem
+check_result $?

 # caCrl server revoked generation
+echo "Step 8"
 openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out crl.revoked -keyfile ../ca-key.pem -cert ../ca-cert.pem
+check_result $?

 # metadata
+echo "Step 9"
 openssl crl -in crl.revoked -text > tmp
+check_result $?
 mv tmp crl.revoked
 # install (only needed if working outside wolfssl)
 #cp crl.revoked ~/wolfssl/certs/crl/crl.revoked
@@ -64,58 +96,85 @@ mv tmp crl.revoked
 cp blank.index.txt demoCA/index.txt

 # caEccCrl
+echo "Step 10"
 openssl ca -config ../renewcerts/wolfssl.cnf -revoke ../server-revoked-cert.pem -keyfile ../ca-ecc-key.pem -cert ../ca-ecc-cert.pem
+check_result $?

+echo "Step 11"
 openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out caEccCrl.pem -keyfile ../ca-ecc-key.pem -cert ../ca-ecc-cert.pem
+check_result $?

 # metadata
+echo "Step 12"
 openssl crl -in caEccCrl.pem -text > tmp
+check_result $?
 mv tmp caEccCrl.pem
 # install (only needed if working outside wolfssl)
 #cp caEccCrl.pem ~/wolfssl/certs/crl/caEccCrl.pem

 # caEcc384Crl
-openssl ca -config ../renewcerts/wolfssl.cnf -revoke ../server-revoked-cert.pem -keyfile ../ca-ecc384-key.pem -cert ../ca-ecc384-cert.pem
+# server-revoked-cert.pem is already revoked in Step 10
+#openssl ca -config ../renewcerts/wolfssl.cnf -revoke ../server-revoked-cert.pem -keyfile ../ca-ecc384-key.pem -cert ../ca-ecc384-cert.pem

+echo "Step 13"
 openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out caEcc384Crl.pem -keyfile ../ca-ecc384-key.pem -cert ../ca-ecc384-cert.pem
+check_result $?

 # metadata
+echo "Step 14"
 openssl crl -in caEcc384Crl.pem -text > tmp
+check_result $?
 mv tmp caEcc384Crl.pem
 # install (only needed if working outside wolfssl)
 #cp caEcc384Crl.pem ~/wolfssl/certs/crl/caEcc384Crl.pem

 # cliCrl
+echo "Step 15"
 openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out cliCrl.pem -keyfile ../client-key.pem -cert ../client-cert.pem
+check_result $?

 # metadata
+echo "Step 16"
 openssl crl -in cliCrl.pem -text > tmp
+check_result $?
 mv tmp cliCrl.pem
 # install (only needed if working outside wolfssl)
 #cp cliCrl.pem ~/wolfssl/certs/crl/cliCrl.pem

 # eccCliCRL
+echo "Step 17"
 openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out eccCliCRL.pem -keyfile ../ecc-client-key.pem -cert ../client-ecc-cert.pem
+check_result $?

 # metadata
+echo "Step 18"
 openssl crl -in eccCliCRL.pem -text > tmp
+check_result $?
 mv tmp eccCliCRL.pem
 # install (only needed if working outside wolfssl)
 #cp eccCliCRL.pem ~/wolfssl/certs/crl/eccCliCRL.pem

 # eccSrvCRL
+echo "Step 19"
 openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out eccSrvCRL.pem -keyfile ../ecc-key.pem -cert ../server-ecc.pem
+check_result $?

 # metadata
+echo "Step 20"
 openssl crl -in eccSrvCRL.pem -text > tmp
+check_result $?
 mv tmp eccSrvCRL.pem
 # install (only needed if working outside wolfssl)
 #cp eccSrvCRL.pem ~/wolfssl/certs/crl/eccSrvCRL.pem

 # caEccCrl
-openssl ca -config ../ecc/wolfssl.cnf -gencrl -crldays 1000 -out caEccCrl.pem -keyfile ../ca-ecc-key.pem -cert ../ca-ecc-cert.pem
+echo "Step 21"
+openssl ca -config ./wolfssl.cnf -gencrl -crldays 1000 -out caEccCrl.pem -keyfile ../ca-ecc-key.pem -cert ../ca-ecc-cert.pem
+check_result $?

 # ca-ecc384-cert
-openssl ca -config ../ecc/wolfssl.cnf -gencrl -crldays 1000 -out caEcc384Crl.pem -keyfile ../ca-ecc384-key.pem -cert ../ca-ecc384-cert.pem
+echo "Step 22"
+openssl ca -config ./wolfssl.cnf -gencrl -crldays 1000 -out caEcc384Crl.pem -keyfile ../ca-ecc384-key.pem -cert ../ca-ecc384-cert.pem
+check_result $?

 exit 0
--- a/certs/crl/include.am
+++ b/certs/crl/include.am
@@ -9,7 +9,8 @@ EXTRA_DIST += \
 	     certs/crl/eccCliCRL.pem \
 	     certs/crl/crl2.pem \
 	     certs/crl/caEccCrl.pem \
-	     certs/crl/caEcc384Crl.pem
+	     certs/crl/caEcc384Crl.pem \
+	     certs/crl/wolfssl.cnf

 EXTRA_DIST += \
 	     certs/crl/crl.revoked
--- a/certs/crl/server-goodaltCrl.pem
+++ b/certs/crl/server-goodaltCrl.pem
@@ -1,38 +1,38 @@
 Certificate Revocation List (CRL):
        Version 2 (0x1)
-    Signature Algorithm: sha1WithRSAEncryption
+    Signature Algorithm: sha256WithRSAEncryption
        Issuer: /C=US/ST=Montana/L=Bozeman/OU=Engineering/CN=www.nomatch.com/emailAddress=info@wolfssl.com
-        Last Update: Jun 13 16:02:51 2018 GMT
-        Next Update: Mar  9 16:02:51 2021 GMT
+        Last Update: Sep 19 21:21:24 2018 GMT
+        Next Update: Jun 15 21:21:24 2021 GMT
        CRL extensions:
            X509v3 CRL Number: 
                1
 No Revoked Certificates.
-    Signature Algorithm: sha1WithRSAEncryption
-         60:64:8d:80:20:c1:5e:48:cc:61:ba:31:b1:59:13:21:8c:d0:
-         ff:a3:ed:70:b0:ba:04:67:df:bb:f0:aa:db:71:85:2d:c3:ae:
-         ab:79:a0:83:68:df:70:f5:85:1a:8e:7c:6d:91:89:a3:af:ae:
-         4f:72:05:37:d9:aa:76:a5:86:10:0a:89:7a:d9:06:6a:6b:43:
-         51:8c:b3:ce:28:79:0c:70:d0:9a:f7:89:a5:ff:5f:4a:08:2f:
-         ca:3c:83:3e:d2:74:c1:02:37:f9:5d:e8:10:d2:7a:d1:df:b7:
-         13:40:34:2c:c5:61:71:d7:24:79:46:26:f7:b7:6f:b5:05:8a:
-         96:d6:a8:89:73:e6:ac:5b:96:df:be:08:6d:2b:2e:da:00:c8:
-         dc:11:54:c2:b9:f5:80:21:79:98:12:5d:91:bb:54:61:d8:d0:
-         c1:42:3d:9c:24:d5:11:0e:33:ea:3e:84:66:6e:65:2c:59:c5:
-         c9:b8:7b:e8:b3:ce:fc:66:d8:cc:68:98:55:9a:ff:54:fe:b0:
-         74:1f:d7:cc:af:f8:76:b9:ed:cf:46:07:2e:74:0e:50:b9:e9:
-         46:28:22:82:d7:2b:3c:81:81:e8:12:f1:5c:6e:88:ac:c7:c5:
-         3c:1d:46:95:ff:9e:fe:7f:38:6c:a6:4d:ac:75:86:d4:4c:8a:
-         75:e9:a2:88
+    Signature Algorithm: sha256WithRSAEncryption
+         01:b3:58:8d:bf:27:46:70:f1:cc:29:71:24:0b:ba:e3:fc:d4:
+         c8:30:09:3a:5e:e5:61:c7:d2:02:61:63:ba:e1:06:25:eb:4e:
+         04:77:dc:31:4d:59:84:63:ee:09:5d:41:dd:07:8f:07:15:71:
+         79:cb:6c:67:a9:e5:53:01:7d:98:b0:d0:a2:36:7a:8c:bf:51:
+         84:78:0e:b3:d8:ef:7c:b7:9e:de:c0:09:46:3d:43:e0:9d:a1:
+         d7:77:d2:a6:28:f7:9e:92:82:ba:a9:cc:a8:d0:2b:f8:09:9b:
+         fd:e4:2d:e6:d4:d5:60:2e:31:48:e8:55:3f:54:e9:f4:c4:78:
+         4d:0a:43:9d:3a:2e:44:9a:e7:63:25:73:e7:c4:fb:71:2b:0d:
+         3e:ad:e6:95:7d:60:95:4f:f6:cf:a7:52:59:e0:4b:f2:51:46:
+         0a:0c:9c:2e:2d:55:ae:57:76:a7:4b:8e:48:53:87:f7:e3:3c:
+         44:9b:70:17:96:c4:dc:f0:d1:43:a8:5e:59:5c:2d:4d:88:e6:
+         07:20:e4:75:09:dd:c4:9a:46:5c:c5:1f:20:f8:8a:dc:07:3d:
+         f2:31:11:cd:43:d8:72:c7:8b:83:78:c1:e3:a5:bc:8e:87:2b:
+         be:fd:66:0f:ab:4b:82:df:9e:71:e8:de:69:4c:c0:93:e6:9f:
+         9c:78:b0:05
 -----BEGIN X509 CRL-----
-MIIB3DCBxQIBATANBgkqhkiG9w0BAQUFADCBgjELMAkGA1UEBhMCVVMxEDAOBgNV
+MIIB3DCBxQIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCVVMxEDAOBgNV
 BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFDASBgNVBAsMC0VuZ2luZWVy
 aW5nMRgwFgYDVQQDDA93d3cubm9tYXRjaC5jb20xHzAdBgkqhkiG9w0BCQEWEGlu
-Zm9Ad29sZnNzbC5jb20XDTE4MDYxMzE2MDI1MVoXDTIxMDMwOTE2MDI1MVqgDjAM
-MAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBBQUAA4IBAQBgZI2AIMFeSMxhujGxWRMh
-jND/o+1wsLoEZ9+78KrbcYUtw66reaCDaN9w9YUajnxtkYmjr65PcgU32ap2pYYQ
-Col62QZqa0NRjLPOKHkMcNCa94ml/19KCC/KPIM+0nTBAjf5XegQ0nrR37cTQDQs
-xWFx1yR5Rib3t2+1BYqW1qiJc+asW5bfvghtKy7aAMjcEVTCufWAIXmYEl2Ru1Rh
-2NDBQj2cJNURDjPqPoRmbmUsWcXJuHvos878ZtjMaJhVmv9U/rB0H9fMr/h2ue3P
-RgcudA5QuelGKCKC1ys8gYHoEvFcboisx8U8HUaV/57+fzhspk2sdYbUTIp16aKI
+Zm9Ad29sZnNzbC5jb20XDTE4MDkxOTIxMjEyNFoXDTIxMDYxNTIxMjEyNFqgDjAM
+MAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBCwUAA4IBAQABs1iNvydGcPHMKXEkC7rj
+/NTIMAk6XuVhx9ICYWO64QYl604Ed9wxTVmEY+4JXUHdB48HFXF5y2xnqeVTAX2Y
+sNCiNnqMv1GEeA6z2O98t57ewAlGPUPgnaHXd9KmKPeekoK6qcyo0Cv4CZv95C3m
+1NVgLjFI6FU/VOn0xHhNCkOdOi5EmudjJXPnxPtxKw0+reaVfWCVT/bPp1JZ4Evy
+UUYKDJwuLVWuV3anS45IU4f34zxEm3AXlsTc8NFDqF5ZXC1NiOYHIOR1Cd3EmkZc
+xR8g+IrcBz3yMRHNQ9hyx4uDeMHjpbyOhyu+/WYPq0uC355x6N5pTMCT5p+ceLAF
 -----END X509 CRL-----
--- a/certs/crl/server-goodaltwildCrl.pem
+++ b/certs/crl/server-goodaltwildCrl.pem
@@ -1,38 +1,38 @@
 Certificate Revocation List (CRL):
        Version 2 (0x1)
-    Signature Algorithm: sha1WithRSAEncryption
+    Signature Algorithm: sha256WithRSAEncryption
        Issuer: /C=US/ST=Montana/L=Bozeman/OU=Engineering/CN=www.nomatch.com/emailAddress=info@wolfssl.com
-        Last Update: Jun 12 23:10:47 2018 GMT
-        Next Update: Mar  8 23:10:47 2021 GMT
+        Last Update: Sep 19 21:21:24 2018 GMT
+        Next Update: Jun 15 21:21:24 2021 GMT
        CRL extensions:
            X509v3 CRL Number: 
                1
 No Revoked Certificates.
-    Signature Algorithm: sha1WithRSAEncryption
-         16:c2:f1:59:3a:bb:50:6c:b0:f8:c4:e8:29:ac:cc:33:a7:e8:
-         bb:12:88:0b:9b:a0:2f:bf:39:d7:97:c9:9c:17:60:e5:31:5f:
-         9f:5d:ce:70:ff:1e:aa:6f:5a:72:8c:29:a3:70:3a:bb:33:e5:
-         2a:c8:61:03:96:3e:96:81:7c:fb:0d:5c:b7:67:b0:44:90:a7:
-         24:63:9b:df:80:ec:8c:3a:0b:8c:16:2e:09:09:9e:fd:f8:0d:
-         fa:a5:63:a3:d4:6a:28:10:ab:57:3a:59:e7:1f:84:e5:30:ad:
-         17:fd:f7:15:c2:75:e8:18:46:c3:5d:2c:4e:6f:ec:bd:8c:fa:
-         8f:00:9e:4a:1c:c3:0d:cf:2e:24:9a:fc:13:9c:76:91:ac:e0:
-         87:dd:fa:37:7a:24:72:35:1a:97:56:2f:13:0e:75:11:cd:e2:
-         41:dd:12:b0:63:2f:01:52:af:dd:63:5d:59:7c:16:ed:a4:bb:
-         89:d2:42:27:7f:69:c5:09:0c:db:8a:d7:0e:4b:70:ea:1f:17:
-         68:a5:ac:86:66:25:1c:d4:89:47:8e:64:4f:08:30:35:5e:69:
-         11:53:21:e9:c6:bd:16:ec:84:51:69:2b:bd:4a:de:65:f1:be:
-         5d:32:b2:fd:85:0d:d0:47:60:c0:fc:56:d8:d6:7e:05:d2:ac:
-         0c:44:1f:c7
+    Signature Algorithm: sha256WithRSAEncryption
+         01:b3:58:8d:bf:27:46:70:f1:cc:29:71:24:0b:ba:e3:fc:d4:
+         c8:30:09:3a:5e:e5:61:c7:d2:02:61:63:ba:e1:06:25:eb:4e:
+         04:77:dc:31:4d:59:84:63:ee:09:5d:41:dd:07:8f:07:15:71:
+         79:cb:6c:67:a9:e5:53:01:7d:98:b0:d0:a2:36:7a:8c:bf:51:
+         84:78:0e:b3:d8:ef:7c:b7:9e:de:c0:09:46:3d:43:e0:9d:a1:
+         d7:77:d2:a6:28:f7:9e:92:82:ba:a9:cc:a8:d0:2b:f8:09:9b:
+         fd:e4:2d:e6:d4:d5:60:2e:31:48:e8:55:3f:54:e9:f4:c4:78:
+         4d:0a:43:9d:3a:2e:44:9a:e7:63:25:73:e7:c4:fb:71:2b:0d:
+         3e:ad:e6:95:7d:60:95:4f:f6:cf:a7:52:59:e0:4b:f2:51:46:
+         0a:0c:9c:2e:2d:55:ae:57:76:a7:4b:8e:48:53:87:f7:e3:3c:
+         44:9b:70:17:96:c4:dc:f0:d1:43:a8:5e:59:5c:2d:4d:88:e6:
+         07:20:e4:75:09:dd:c4:9a:46:5c:c5:1f:20:f8:8a:dc:07:3d:
+         f2:31:11:cd:43:d8:72:c7:8b:83:78:c1:e3:a5:bc:8e:87:2b:
+         be:fd:66:0f:ab:4b:82:df:9e:71:e8:de:69:4c:c0:93:e6:9f:
+         9c:78:b0:05
 -----BEGIN X509 CRL-----
-MIIB3DCBxQIBATANBgkqhkiG9w0BAQUFADCBgjELMAkGA1UEBhMCVVMxEDAOBgNV
+MIIB3DCBxQIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCVVMxEDAOBgNV
 BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFDASBgNVBAsMC0VuZ2luZWVy
 aW5nMRgwFgYDVQQDDA93d3cubm9tYXRjaC5jb20xHzAdBgkqhkiG9w0BCQEWEGlu
-Zm9Ad29sZnNzbC5jb20XDTE4MDYxMjIzMTA0N1oXDTIxMDMwODIzMTA0N1qgDjAM
-MAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBBQUAA4IBAQAWwvFZOrtQbLD4xOgprMwz
-p+i7EogLm6AvvznXl8mcF2DlMV+fXc5w/x6qb1pyjCmjcDq7M+UqyGEDlj6WgXz7
-DVy3Z7BEkKckY5vfgOyMOguMFi4JCZ79+A36pWOj1GooEKtXOlnnH4TlMK0X/fcV
-wnXoGEbDXSxOb+y9jPqPAJ5KHMMNzy4kmvwTnHaRrOCH3fo3eiRyNRqXVi8TDnUR
-zeJB3RKwYy8BUq/dY11ZfBbtpLuJ0kInf2nFCQzbitcOS3DqHxdopayGZiUc1IlH
-jmRPCDA1XmkRUyHpxr0W7IRRaSu9St5l8b5dMrL9hQ3QR2DA/FbY1n4F0qwMRB/H
+Zm9Ad29sZnNzbC5jb20XDTE4MDkxOTIxMjEyNFoXDTIxMDYxNTIxMjEyNFqgDjAM
+MAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBCwUAA4IBAQABs1iNvydGcPHMKXEkC7rj
+/NTIMAk6XuVhx9ICYWO64QYl604Ed9wxTVmEY+4JXUHdB48HFXF5y2xnqeVTAX2Y
+sNCiNnqMv1GEeA6z2O98t57ewAlGPUPgnaHXd9KmKPeekoK6qcyo0Cv4CZv95C3m
+1NVgLjFI6FU/VOn0xHhNCkOdOi5EmudjJXPnxPtxKw0+reaVfWCVT/bPp1JZ4Evy
+UUYKDJwuLVWuV3anS45IU4f34zxEm3AXlsTc8NFDqF5ZXC1NiOYHIOR1Cd3EmkZc
+xR8g+IrcBz3yMRHNQ9hyx4uDeMHjpbyOhyu+/WYPq0uC355x6N5pTMCT5p+ceLAF
 -----END X509 CRL-----
--- a/certs/crl/server-goodcnCrl.pem
+++ b/certs/crl/server-goodcnCrl.pem
@@ -1,38 +1,38 @@
 Certificate Revocation List (CRL):
        Version 2 (0x1)
-    Signature Algorithm: sha1WithRSAEncryption
+    Signature Algorithm: sha256WithRSAEncryption
        Issuer: /C=US/ST=Montana/L=Bozeman/OU=Engineering/CN=localhost/emailAddress=info@wolfssl.com
-        Last Update: Jun 13 16:02:51 2018 GMT
-        Next Update: Mar  9 16:02:51 2021 GMT
+        Last Update: Sep 19 21:21:24 2018 GMT
+        Next Update: Jun 15 21:21:24 2021 GMT
        CRL extensions:
            X509v3 CRL Number: 
                1
 No Revoked Certificates.
-    Signature Algorithm: sha1WithRSAEncryption
-         b9:a1:1b:20:dd:23:b2:20:e4:b5:97:84:21:44:e6:f1:98:0b:
-         6b:30:22:d2:85:8e:11:19:17:e9:8a:0c:4d:cd:12:61:b0:a1:
-         62:a0:4a:58:05:e2:b7:ba:50:86:41:8e:46:ae:c5:8a:36:7c:
-         c8:ea:94:f3:30:53:46:2b:0f:1c:b3:d0:01:f1:ad:47:e1:a8:
-         18:65:e1:b2:32:8d:4d:31:32:f3:54:92:39:e3:f2:cc:2d:a1:
-         90:f2:51:79:69:c7:f8:28:ac:53:a9:c2:49:a7:d3:b7:cc:cb:
-         ac:6f:7d:d5:e5:8e:a1:8f:a6:51:8a:e9:b2:43:e6:5b:7e:e8:
-         dd:19:a0:00:ba:a3:71:ce:33:a2:bb:77:9c:6d:75:89:fd:1a:
-         19:da:0a:b4:6a:12:36:e9:cf:e3:83:e1:33:be:41:5b:72:45:
-         21:11:69:90:aa:72:f7:09:50:cb:d2:d5:df:63:da:7d:0b:29:
-         5e:c1:cf:cc:d5:11:07:40:92:04:6a:3b:8e:0a:7a:5f:12:f3:
-         36:d5:fd:af:84:5f:4c:bd:a1:b4:b1:f4:db:d1:03:5a:38:22:
-         bc:17:7a:ff:39:78:4a:c0:c7:b3:f3:3c:02:84:cd:93:30:5b:
-         aa:94:11:32:b8:6f:d3:54:7f:16:e8:b4:d7:54:1b:65:2e:7b:
-         d1:70:bb:e9
+    Signature Algorithm: sha256WithRSAEncryption
+         2c:f5:7a:4f:67:06:9b:f2:56:8c:e1:00:05:70:60:5b:60:51:
+         ad:65:7e:10:69:c9:84:98:b6:66:33:18:ba:f8:86:f9:23:e3:
+         ac:42:53:1d:27:5d:28:6a:d7:1c:a2:28:4d:02:01:c4:23:c1:
+         b8:ac:d3:ba:e1:75:d0:2e:ad:98:78:39:f2:c1:6b:7b:4b:78:
+         f2:f6:49:6f:92:2e:59:91:e9:de:7f:ef:62:5e:77:df:1c:a9:
+         1a:d5:b8:63:1f:53:0e:b7:28:f8:5e:61:11:1b:b4:dd:9c:85:
+         77:45:7d:31:fc:61:ab:55:f9:8d:50:ce:56:a0:ff:c0:a8:60:
+         b5:7a:ec:f1:6a:c8:94:be:89:41:47:a2:22:d9:9d:8e:f7:36:
+         d2:6f:bc:ce:04:3d:b7:9d:5c:82:37:59:9f:67:15:78:a0:a7:
+         c1:2f:01:d5:f0:ac:0f:34:21:d7:16:c8:dc:b1:af:60:e0:b1:
+         de:88:6f:d9:e5:32:c2:63:01:79:e6:10:ef:30:ef:c2:c6:08:
+         89:cc:21:76:b8:ee:18:bc:88:66:7a:88:89:b4:ba:d9:02:00:
+         92:73:6a:b5:84:ec:0c:9c:fc:d1:c1:0f:f2:e2:18:30:a6:be:
+         1d:99:8b:16:26:65:fd:fe:15:48:16:1d:68:0b:1e:b4:a0:0d:
+         ec:93:cb:a2
 -----BEGIN X509 CRL-----
-MIIB1TCBvgIBATANBgkqhkiG9w0BAQUFADB8MQswCQYDVQQGEwJVUzEQMA4GA1UE
+MIIB1TCBvgIBATANBgkqhkiG9w0BAQsFADB8MQswCQYDVQQGEwJVUzEQMA4GA1UE
 CAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEUMBIGA1UECwwLRW5naW5lZXJp
 bmcxEjAQBgNVBAMMCWxvY2FsaG9zdDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
-c3NsLmNvbRcNMTgwNjEzMTYwMjUxWhcNMjEwMzA5MTYwMjUxWqAOMAwwCgYDVR0U
-BAMCAQEwDQYJKoZIhvcNAQEFBQADggEBALmhGyDdI7Ig5LWXhCFE5vGYC2swItKF
-jhEZF+mKDE3NEmGwoWKgSlgF4re6UIZBjkauxYo2fMjqlPMwU0YrDxyz0AHxrUfh
-qBhl4bIyjU0xMvNUkjnj8swtoZDyUXlpx/gorFOpwkmn07fMy6xvfdXljqGPplGK
-6bJD5lt+6N0ZoAC6o3HOM6K7d5xtdYn9GhnaCrRqEjbpz+OD4TO+QVtyRSERaZCq
-cvcJUMvS1d9j2n0LKV7Bz8zVEQdAkgRqO44Kel8S8zbV/a+EX0y9obSx9NvRA1o4
-IrwXev85eErAx7PzPAKEzZMwW6qUETK4b9NUfxbotNdUG2Uue9Fwu+k=
+c3NsLmNvbRcNMTgwOTE5MjEyMTI0WhcNMjEwNjE1MjEyMTI0WqAOMAwwCgYDVR0U
+BAMCAQEwDQYJKoZIhvcNAQELBQADggEBACz1ek9nBpvyVozhAAVwYFtgUa1lfhBp
+yYSYtmYzGLr4hvkj46xCUx0nXShq1xyiKE0CAcQjwbis07rhddAurZh4OfLBa3tL
+ePL2SW+SLlmR6d5/72Jed98cqRrVuGMfUw63KPheYREbtN2chXdFfTH8YatV+Y1Q
+zlag/8CoYLV67PFqyJS+iUFHoiLZnY73NtJvvM4EPbedXII3WZ9nFXigp8EvAdXw
+rA80IdcWyNyxr2Dgsd6Ib9nlMsJjAXnmEO8w78LGCInMIXa47hi8iGZ6iIm0utkC
+AJJzarWE7Ayc/NHBD/LiGDCmvh2ZixYmZf3+FUgWHWgLHrSgDeyTy6I=
 -----END X509 CRL-----
--- a/certs/crl/server-goodcnwildCrl.pem
+++ b/certs/crl/server-goodcnwildCrl.pem
@@ -1,38 +1,38 @@
 Certificate Revocation List (CRL):
        Version 2 (0x1)
-    Signature Algorithm: sha1WithRSAEncryption
+    Signature Algorithm: sha256WithRSAEncryption
        Issuer: /C=US/ST=Montana/L=Bozeman/OU=Engineering/CN=*localhost/emailAddress=info@wolfssl.com
-        Last Update: Jun 12 23:10:47 2018 GMT
-        Next Update: Mar  8 23:10:47 2021 GMT
+        Last Update: Sep 19 21:21:24 2018 GMT
+        Next Update: Jun 15 21:21:24 2021 GMT
        CRL extensions:
            X509v3 CRL Number: 
                1
 No Revoked Certificates.
-    Signature Algorithm: sha1WithRSAEncryption
-         79:7e:bd:34:d2:3d:f5:91:b1:79:de:50:c2:26:d5:8e:05:f7:
-         30:26:bd:2f:dd:6a:a1:cf:15:91:fd:95:30:a7:04:5a:65:33:
-         e4:fb:63:79:dd:6e:63:bd:d1:55:bd:c8:22:3c:c2:6a:40:38:
-         75:85:6a:e1:24:a3:99:e3:13:30:c2:cb:15:cc:50:4b:03:87:
-         b8:90:9c:e8:95:2a:62:1f:ed:33:30:a8:04:9f:67:b7:4c:bd:
-         31:b3:19:59:18:9c:6d:64:c2:22:d4:8d:8e:7e:98:c2:39:b0:
-         28:35:ed:8f:37:6b:03:57:3b:ef:e8:28:26:8a:f0:de:8a:21:
-         e8:c3:d9:68:2e:ee:cb:cb:89:4f:af:4d:37:ad:98:64:38:6e:
-         d8:87:fb:3b:0b:b6:a5:58:da:5e:f2:81:a1:18:90:d6:1b:f7:
-         8a:1b:11:3a:6d:55:0c:09:4d:cd:ea:43:01:a4:92:05:50:7e:
-         b4:1a:8f:54:b2:cb:4c:94:09:e0:85:cc:29:22:e4:5b:29:ee:
-         65:91:e3:4a:f9:64:19:40:25:17:27:a1:91:2b:2e:18:6d:2a:
-         26:9a:e3:82:05:a6:0b:67:24:a1:dc:d4:29:ad:47:f0:89:28:
-         65:da:fe:fc:62:86:47:05:51:54:08:dc:b3:e5:99:48:d6:da:
-         52:be:85:7c
+    Signature Algorithm: sha256WithRSAEncryption
+         0f:0e:30:ee:50:7a:50:b0:8d:06:74:9a:67:0b:3f:44:c1:13:
+         58:4e:87:0c:0c:8d:89:44:6e:29:f2:14:0c:5e:57:65:88:fb:
+         b9:56:a7:99:71:3d:12:16:25:d1:38:19:9d:76:41:e6:e0:37:
+         0e:0a:52:93:26:19:c3:9d:27:10:29:d4:30:5f:1a:9f:9f:0a:
+         2e:c0:3a:7c:07:f0:fe:c4:ad:7b:84:a8:2e:e5:06:a9:8d:dd:
+         b2:2b:bf:e8:ac:e8:d8:30:2b:eb:5f:67:ca:4a:b8:d5:be:7b:
+         37:0d:04:ef:ad:9d:5d:9c:a3:02:5c:cd:97:4a:78:7c:16:2b:
+         7d:90:b5:8a:ef:3d:68:53:72:5b:21:92:8b:a3:48:72:f8:f3:
+         6a:c0:10:93:0f:de:43:d0:7a:b0:f6:13:e9:96:64:5d:d9:a7:
+         11:e5:ea:72:09:5e:be:a0:6b:54:e8:fb:23:b7:58:a4:a0:88:
+         d9:cc:22:25:9a:1a:1a:83:40:99:97:05:0f:7f:e6:a9:ee:1a:
+         a2:6a:4d:f2:60:f3:46:5d:95:3a:03:a6:8a:a0:79:16:f7:3c:
+         1f:16:29:02:7b:c8:bb:98:d9:ed:b0:a3:fb:4a:2a:9e:00:0a:
+         cf:42:94:fa:14:73:4f:26:ed:a2:97:8d:a5:86:0f:72:e9:7b:
+         06:da:35:08
 -----BEGIN X509 CRL-----
-MIIB1jCBvwIBATANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJVUzEQMA4GA1UE
+MIIB1jCBvwIBATANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJVUzEQMA4GA1UE
 CAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEUMBIGA1UECwwLRW5naW5lZXJp
 bmcxEzARBgNVBAMMCipsb2NhbGhvc3QxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
-ZnNzbC5jb20XDTE4MDYxMjIzMTA0N1oXDTIxMDMwODIzMTA0N1qgDjAMMAoGA1Ud
-FAQDAgEBMA0GCSqGSIb3DQEBBQUAA4IBAQB5fr000j31kbF53lDCJtWOBfcwJr0v
-3WqhzxWR/ZUwpwRaZTPk+2N53W5jvdFVvcgiPMJqQDh1hWrhJKOZ4xMwwssVzFBL
-A4e4kJzolSpiH+0zMKgEn2e3TL0xsxlZGJxtZMIi1I2OfpjCObAoNe2PN2sDVzvv
-6CgmivDeiiHow9loLu7Ly4lPr003rZhkOG7Yh/s7C7alWNpe8oGhGJDWG/eKGxE6
-bVUMCU3N6kMBpJIFUH60Go9UsstMlAnghcwpIuRbKe5lkeNK+WQZQCUXJ6GRKy4Y
-bSommuOCBaYLZySh3NQprUfwiShl2v78YoZHBVFUCNyz5ZlI1tpSvoV8
+ZnNzbC5jb20XDTE4MDkxOTIxMjEyNFoXDTIxMDYxNTIxMjEyNFqgDjAMMAoGA1Ud
+FAQDAgEBMA0GCSqGSIb3DQEBCwUAA4IBAQAPDjDuUHpQsI0GdJpnCz9EwRNYTocM
+DI2JRG4p8hQMXldliPu5VqeZcT0SFiXROBmddkHm4DcOClKTJhnDnScQKdQwXxqf
+nwouwDp8B/D+xK17hKgu5Qapjd2yK7/orOjYMCvrX2fKSrjVvns3DQTvrZ1dnKMC
+XM2XSnh8Fit9kLWK7z1oU3JbIZKLo0hy+PNqwBCTD95D0Hqw9hPplmRd2acR5epy
+CV6+oGtU6Psjt1ikoIjZzCIlmhoag0CZlwUPf+ap7hqiak3yYPNGXZU6A6aKoHkW
+9zwfFikCe8i7mNntsKP7SiqeAArPQpT6FHNPJu2il42lhg9y6XsG2jUI
 -----END X509 CRL-----
--- a/certs/crl/wolfssl.cnf
+++ b/certs/crl/wolfssl.cnf
@@ -0,0 +1,110 @@
+[ ca ]
+# `man ca`
+default_ca = CA_default
+
+[ CA_default ]
+# Directory and file locations relevant to where the script is executing
+dir               = .
+certs             = $dir/../
+new_certs_dir     = $dir/../
+database          = $dir/../crl/index.txt
+serial            = $dir/../crl/serial
+# This should come from the system disregard local pathing
+RANDFILE          = $dir/private/.rand
+
+# The root key and root certificate.
+private_key       = $dir/../ca-ecc-key.pem
+certificate       = $dir/../ca-ecc-cert.pem
+
+# For certificate revocation lists.
+crlnumber         = $dir/../crl/crlnumber
+crl_extensions    = crl_ext
+default_crl_days  = 1000
+
+# SHA-1 is deprecated, so use SHA-2 instead.
+default_md        = sha256
+
+name_opt          = ca_default
+cert_opt          = ca_default
+default_days      = 3650
+preserve          = no
+policy            = policy_loose
+
+
+[ policy_strict ]
+# The root CA should only sign intermediate certificates that match.
+# See the POLICY FORMAT section of `man ca`.
+countryName             = match
+stateOrProvinceName     = match
+organizationName        = match
+organizationalUnitName  = optional
+commonName              = supplied
+emailAddress            = optional
+
+[ policy_loose ]
+# Allow the intermediate CA to sign a more diverse range of certificates.
+# See the POLICY FORMAT section of the `ca` man page.
+countryName             = optional
+stateOrProvinceName     = optional
+localityName            = optional
+organizationName        = optional
+organizationalUnitName  = optional
+commonName              = supplied
+emailAddress            = optional
+
+[ req ]
+# Options for the `req` tool (`man req`).
+default_bits        = 2048
+distinguished_name  = req_distinguished_name
+string_mask         = utf8only
+
+# SHA-1 is deprecated, so use SHA-2 instead.
+default_md          = sha256
+
+# Extension to add when the -x509 option is used.
+x509_extensions     = v3_ca
+
+[ req_distinguished_name ]
+countryName                     = US
+stateOrProvinceName             = Washington
+localityName                    = Seattle
+0.organizationName              = wolfSSL
+organizationalUnitName          = Development
+commonName                      = www.wolfssl.com
+emailAddress                    = info@wolfssl.com
+
+[ v3_ca ]
+# Extensions for a typical CA (`man x509v3_config`).
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer
+basicConstraints = critical, CA:true
+keyUsage = critical, digitalSignature, cRLSign, keyCertSign
+
+[ v3_intermediate_ca ]
+# Extensions for a typical intermediate CA (`man x509v3_config`).
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer
+basicConstraints = critical, CA:true, pathlen:0
+keyUsage = critical, digitalSignature, cRLSign, keyCertSign
+
+[ usr_cert ]
+# Extensions for client certificates (`man x509v3_config`).
+basicConstraints = CA:FALSE
+nsCertType = client, email
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer
+keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment
+extendedKeyUsage = clientAuth, emailProtection
+
+[ server_cert ]
+# Extensions for server certificates (`man x509v3_config`).
+basicConstraints = CA:FALSE
+nsCertType = server
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer:always
+keyUsage = critical, digitalSignature, keyEncipherment, keyAgreement
+extendedKeyUsage = serverAuth
+
+[ crl_ext ]
+# Extension for CRLs (`man x509v3_config`).
+authorityKeyIdentifier=keyid:always
--- a/certs/ecc-keyPkcs8.der
+++ b/certs/ecc-keyPkcs8.der
--- a/certs/ecc-keyPkcs8Enc.der
+++ b/certs/ecc-keyPkcs8Enc.der
--- a/certs/ecc-privkeyPkcs8.pem
+++ b/certs/ecc-privkeyPkcs8.pem
@@ -0,0 +1,4 @@
+-----BEGIN EC PRIVATE KEY-----
+MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCBFtmkCc5xshaE4W3Lo
+6MesxAONUzUE+mwo3DSN4agJjA==
+-----END EC PRIVATE KEY-----
--- a/certs/ecc/genecc.sh
+++ b/certs/ecc/genecc.sh
@@ -13,21 +13,17 @@ echo 2000 > ./certs/ecc/crlnumber

 # generate ECC 256-bit CA
 openssl ecparam -out ./certs/ca-ecc-key.par -name prime256v1
-openssl req -config ./certs/ecc/wolfssl.cnf -extensions v3_ca -x509 -nodes -newkey ec:./certs/ca-ecc-key.par -keyout ./certs/ca-ecc-key.pem -out ./certs/ca-ecc-cert.pem -sha256 -days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com"
+openssl req -config ./certs/ecc/wolfssl.cnf -extensions v3_ca -x509 -nodes -newkey ec:./certs/ca-ecc-key.par -keyout ./certs/ca-ecc-key.pem -out ./certs/ca-ecc-cert.pem -sha256 \
+	-days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com"

 openssl x509 -in ./certs/ca-ecc-cert.pem -inform PEM -out ./certs/ca-ecc-cert.der -outform DER
 openssl ec -in ./certs/ca-ecc-key.pem -inform PEM -out ./certs/ca-ecc-key.der -outform DER

 rm ./certs/ca-ecc-key.par

-# generate ECC 384-bit CA
-openssl ecparam -out ./certs/ca-ecc384-key.par -name secp384r1
-openssl req -config ./certs/ecc/wolfssl.cnf -extensions v3_ca -x509 -nodes -newkey ec:./certs/ca-ecc384-key.par -keyout ./certs/ca-ecc384-key.pem -out ./certs/ca-ecc384-cert.pem -sha384 -days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com"
+# Gen CA CRL
+openssl ca -config ./certs/ecc/wolfssl.cnf -gencrl -crldays 1000 -out ./certs/crl/caEccCrl.pem -keyfile ./certs/ca-ecc-key.pem -cert ./certs/ca-ecc-cert.pem

-openssl x509 -in ./certs/ca-ecc384-cert.pem -inform PEM -out ./certs/ca-ecc384-cert.der -outform DER
-openssl ec -in ./certs/ca-ecc384-key.pem -inform PEM -out ./certs/ca-ecc384-key.der -outform DER
-
-rm ./certs/ca-ecc384-key.par


 # Generate ECC 256-bit server cert
@@ -40,9 +36,53 @@ openssl x509 -in ./certs/server-ecc.pem -outform der -out ./certs/server-ecc.der

 rm ./certs/server-ecc-req.pem 

-# Gen CRL
-openssl ca -config ./certs/ecc/wolfssl.cnf -gencrl -crldays 1000 -out ./certs/crl/caEccCrl.pem -keyfile ./certs/ca-ecc-key.pem -cert ./certs/ca-ecc-cert.pem
-openssl ca -config ./certs/ecc/wolfssl.cnf -gencrl -crldays 1000 -out ./certs/crl/caEcc384Crl.pem -keyfile ./certs/ca-ecc384-key.pem -cert ./certs/ca-ecc384-cert.pem
+
+
+# generate ECC 384-bit CA
+openssl ecparam -out ./certs/ca-ecc384-key.par -name secp384r1
+openssl req -config ./certs/ecc/wolfssl_384.cnf -extensions v3_ca -x509 -nodes -newkey ec:./certs/ca-ecc384-key.par -keyout ./certs/ca-ecc384-key.pem -out ./certs/ca-ecc384-cert.pem -sha384 \
+	-days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com"
+
+openssl x509 -in ./certs/ca-ecc384-cert.pem -inform PEM -out ./certs/ca-ecc384-cert.der -outform DER
+openssl ec -in ./certs/ca-ecc384-key.pem -inform PEM -out ./certs/ca-ecc384-key.der -outform DER
+
+rm ./certs/ca-ecc384-key.par
+
+# Gen CA CRL
+openssl ca -config ./certs/ecc/wolfssl_384.cnf -gencrl -crldays 1000 -out ./certs/crl/caEcc384Crl.pem -keyfile ./certs/ca-ecc384-key.pem -cert ./certs/ca-ecc384-cert.pem
+
+
+
+# Generate ECC 384-bit server cert
+openssl ecparam -out ./certs/server-ecc384-key.par -name secp384r1
+openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -newkey ec:./certs/server-ecc384-key.par -keyout ./certs/server-ecc384-key.pem -out ./certs/server-ecc384-req.pem \
+	-subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -new -key ./certs/server-ecc384-key.pem -out ./certs/server-ecc384-req.pem \
+	-subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+openssl ec -in ./certs/server-ecc384-key.pem -inform PEM -out ./certs/server-ecc384-key.der -outform DER
+
+# Sign server certificate
+openssl ca -config ./certs/ecc/wolfssl_384.cnf -extensions server_cert -days 10950 -notext -md sha384 -in ./certs/server-ecc384-req.pem -out ./certs/server-ecc384-cert.pem
+openssl x509 -in ./certs/server-ecc384-cert.pem -outform der -out ./certs/server-ecc384-cert.der
+
+rm ./certs/server-ecc384-req.pem 
+rm ./certs/server-ecc384-key.par
+
+# Generate ECC 384-bit client cert
+openssl ecparam -out ./certs/client-ecc384-key.par -name secp384r1
+openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -newkey ec:./certs/client-ecc384-key.par -keyout ./certs/client-ecc384-key.pem -out ./certs/client-ecc384-req.pem \
+	-subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Cli/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -new -key ./certs/client-ecc384-key.pem -out ./certs/client-ecc384-req.pem \
+	-subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Clit/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+openssl ec -in ./certs/client-ecc384-key.pem -inform PEM -out ./certs/client-ecc384-key.der -outform DER
+
+# Sign client certificate
+openssl ca -config ./certs/ecc/wolfssl_384.cnf -extensions usr_cert -days 10950 -notext -md sha384 -in ./certs/client-ecc384-req.pem -out ./certs/client-ecc384-cert.pem
+openssl x509 -in ./certs/client-ecc384-cert.pem -outform der -out ./certs/client-ecc384-cert.der
+
+rm ./certs/client-ecc384-req.pem 
+rm ./certs/client-ecc384-key.par
+

 # Also manually need to:
 # 1. Copy ./certs/server-ecc.der into ./certs/test/server-cert-ecc-badsig.der `cp ./certs/server-ecc.der ./certs/test/server-cert-ecc-badsig.der`
--- a/certs/ecc/include.am
+++ b/certs/ecc/include.am
@@ -4,5 +4,5 @@

 EXTRA_DIST += \
 	     certs/ecc/genecc.sh \
-	     certs/ecc/wolfssl.cnf
-
+	     certs/ecc/wolfssl.cnf \
+	     certs/ecc/wolfssl_384.cnf
--- a/certs/ecc/wolfssl.cnf
+++ b/certs/ecc/wolfssl.cnf
@@ -3,12 +3,13 @@
 default_ca = CA_default

 [ CA_default ]
-# Directory and file locations.
+# Directory and file locations relevant to where the script is executing
 dir               = .
 certs             = $dir/certs
 new_certs_dir     = $dir/certs
 database          = $dir/certs/ecc/index.txt
 serial            = $dir/certs/ecc/serial
+# This should come from the system disregard local pathing
 RANDFILE          = $dir/private/.rand

 # The root key and root certificate.
--- a/certs/ecc/wolfssl_384.cnf
+++ b/certs/ecc/wolfssl_384.cnf
@@ -0,0 +1,110 @@
+[ ca ]
+# `man ca`
+default_ca = CA_default
+
+[ CA_default ]
+# Directory and file locations relevant to where the script is executing
+dir               = .
+certs             = $dir/certs
+new_certs_dir     = $dir/certs
+database          = $dir/certs/ecc/index.txt
+serial            = $dir/certs/ecc/serial
+# This should come from the system disregard local pathing
+RANDFILE          = $dir/private/.rand
+
+# The root key and root certificate.
+private_key       = $dir/certs/ca-ecc384-key.pem
+certificate       = $dir/certs/ca-ecc384-cert.pem
+
+# For certificate revocation lists.
+crlnumber         = $dir/certs/ecc/crlnumber
+crl_extensions    = crl_ext
+default_crl_days  = 1000
+
+# SHA-384 is default
+default_md        = sha384
+
+name_opt          = ca_default
+cert_opt          = ca_default
+default_days      = 3650
+preserve          = no
+policy            = policy_loose
+
+
+[ policy_strict ]
+# The root CA should only sign intermediate certificates that match.
+# See the POLICY FORMAT section of `man ca`.
+countryName             = match
+stateOrProvinceName     = match
+organizationName        = match
+organizationalUnitName  = optional
+commonName              = supplied
+emailAddress            = optional
+
+[ policy_loose ]
+# Allow the intermediate CA to sign a more diverse range of certificates.
+# See the POLICY FORMAT section of the `ca` man page.
+countryName             = optional
+stateOrProvinceName     = optional
+localityName            = optional
+organizationName        = optional
+organizationalUnitName  = optional
+commonName              = supplied
+emailAddress            = optional
+
+[ req ]
+# Options for the `req` tool (`man req`).
+default_bits        = 2048
+distinguished_name  = req_distinguished_name
+string_mask         = utf8only
+
+# SHA-384 is default
+default_md          = sha384
+
+# Extension to add when the -x509 option is used.
+x509_extensions     = v3_ca
+
+[ req_distinguished_name ]
+countryName                     = US
+stateOrProvinceName             = Washington
+localityName                    = Seattle
+0.organizationName              = wolfSSL
+organizationalUnitName          = Development
+commonName                      = www.wolfssl.com
+emailAddress                    = info@wolfssl.com
+
+[ v3_ca ]
+# Extensions for a typical CA (`man x509v3_config`).
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer
+basicConstraints = critical, CA:true
+keyUsage = critical, digitalSignature, cRLSign, keyCertSign
+
+[ v3_intermediate_ca ]
+# Extensions for a typical intermediate CA (`man x509v3_config`).
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer
+basicConstraints = critical, CA:true, pathlen:0
+keyUsage = critical, digitalSignature, cRLSign, keyCertSign
+
+[ usr_cert ]
+# Extensions for client certificates (`man x509v3_config`).
+basicConstraints = CA:FALSE
+nsCertType = client, email
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer
+keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment
+extendedKeyUsage = clientAuth, emailProtection
+
+[ server_cert ]
+# Extensions for server certificates (`man x509v3_config`).
+basicConstraints = CA:FALSE
+nsCertType = server
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer:always
+keyUsage = critical, digitalSignature, keyEncipherment, keyAgreement
+extendedKeyUsage = serverAuth
+
+[ crl_ext ]
+# Extension for CRLs (`man x509v3_config`).
+authorityKeyIdentifier=keyid:always
--- a/certs/include.am
+++ b/certs/include.am
@@ -12,9 +12,12 @@ EXTRA_DIST += \
 	     certs/client-relative-uri.pem \
 	     certs/ecc-key.pem \
 	     certs/ecc-privkey.pem \
+	     certs/ecc-privkeyPkcs8.pem \
 	     certs/ecc-keyPkcs8Enc.pem \
+	     certs/ecc-keyPkcs8Enc.der \
 	     certs/ecc-key-comp.pem \
 	     certs/ecc-keyPkcs8.pem \
+	     certs/ecc-keyPkcs8.der \
 	     certs/ecc-client-key.pem \
 	     certs/ecc-client-keyPub.pem \
 	     certs/client-ecc-cert.pem \
@@ -32,10 +35,12 @@ EXTRA_DIST += \
 	     certs/server-keyPkcs8Enc12.pem \
 	     certs/server-keyPkcs8Enc2.pem \
 	     certs/server-keyPkcs8Enc.pem \
+	     certs/server-keyPkcs8Enc.der \
 	     certs/server-keyPkcs8.pem \
 	     certs/server-revoked-cert.pem \
 	     certs/server-revoked-key.pem \
 	     certs/wolfssl-website-ca.pem \
+	     certs/test-degenerate.p7b \
 	     certs/test-servercert.p12 \
 	     certs/ecc-rsa-server.p12 \
 	     certs/dsaparams.pem \
--- a/certs/ocsp/renewcerts.sh
+++ b/certs/ocsp/renewcerts.sh
@@ -1,11 +1,28 @@
 #!/bin/sh

+check_result(){
+    if [ $1 -ne 0 ]; then
+        if [ -n "$2" ]; then
+            echo "Step Failed, Abort"
+        else
+            echo "$2 Failed, Abort"
+        fi
+        exit 1
+    else
+        echo "Step Succeeded"
+    fi
+}
+
+echo "OCSP renew certs Step 1"
 openssl req                \
    -new                   \
    -key  root-ca-key.pem  \
    -out  root-ca-cert.csr \
+    -config ../renewcerts/wolfssl.cnf \
    -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com"
+check_result $? ""

+echo "OCSP renew certs Step 2"
 openssl x509                  \
    -req -in root-ca-cert.csr \
    -extfile openssl.cnf      \
@@ -14,33 +31,41 @@ openssl x509                  \
    -signkey root-ca-key.pem  \
    -set_serial 99            \
    -out root-ca-cert.pem
+check_result $? ""

 rm root-ca-cert.csr
+echo "OCSP renew certs Step 3"
 openssl x509 -in root-ca-cert.pem -text > tmp.pem
+check_result $? ""
 mv tmp.pem root-ca-cert.pem

 # $1 cert, $2 name, $3 ca, $4 extensions, $5 serial
-function update_cert() {
-    openssl req           \
-        -new              \
-        -key  $1-key.pem  \
-        -out  $1-cert.csr \
+update_cert() {
+    echo "Updating certificate \"$1-cert.pem\""
+    openssl req             \
+        -new                \
+        -key  "$1"-key.pem  \
+        -out  "$1"-cert.csr \
+        -config ../renewcerts/wolfssl.cnf \
        -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=$2/emailAddress=info@wolfssl.com"
+    check_result $? "Step 1"

-    openssl x509             \
-        -req -in $1-cert.csr \
-        -extfile openssl.cnf \
-        -extensions $4       \
-        -days 1000           \
-        -CA $3-cert.pem      \
-        -CAkey $3-key.pem    \
-        -set_serial $5       \
-        -out $1-cert.pem
+    openssl x509               \
+        -req -in "$1"-cert.csr \
+        -extfile openssl.cnf   \
+        -extensions "$4"       \
+        -days 1000             \
+        -CA "$3"-cert.pem      \
+        -CAkey "$3"-key.pem    \
+        -set_serial "$5"       \
+        -out "$1"-cert.pem
+    check_result $? "Step 2"

-    rm $1-cert.csr
-    openssl x509 -in $1-cert.pem -text > $1_tmp.pem
-    mv $1_tmp.pem $1-cert.pem
-    cat $3-cert.pem >> $1-cert.pem
+    rm "$1"-cert.csr
+    openssl x509 -in "$1"-cert.pem -text > "$1"_tmp.pem
+    check_result $? "Step 3"
+    mv "$1"_tmp.pem "$1"-cert.pem
+    cat "$3"-cert.pem >> "$1"-cert.pem
 }

 update_cert intermediate1-ca "wolfSSL intermediate CA 1"       root-ca          v3_ca   01
--- a/certs/renewcerts.sh
+++ b/certs/renewcerts.sh
@@ -30,6 +30,9 @@
 #                       crl/crl.revoked
 #                       crl/eccCliCRL.pem
 #                       crl/eccSrvCRL.pem
+#
+#                       pkcs7:
+#                       test-degenerate.p7b
 # if HAVE_NTRU
 #                       ntru-cert.pem
 #                       ntru-key.raw
@@ -37,12 +40,33 @@
 ######################## FUNCTIONS SECTION ####################################
 ###############################################################################

+#function for restoring a previous configure state
+restore_config(){
+    mv tmp.status config.status
+    mv tmp.options.h wolfssl/options.h
+    make clean
+    make -j 8
+}
+
+check_result(){
+    if [ $1 -ne 0 ]; then
+        echo "Failed at \"$2\", Abort"
+        if [ "$2" = "configure for ntru" ] || \
+           [ "$2" = "make check with ntru" ]; then
+            restore_config
+        fi
+        exit 1
+    else
+        echo "Step Succeeded!"
+    fi
+}
+
 #the function that will be called when we are ready to renew the certs.
-function run_renewcerts(){
-    cd certs/
+run_renewcerts(){
+    cd certs/ || { echo "Couldn't cd to certs directory"; exit 1; }
    echo ""
    #move the custom cnf into our working directory
-    cp renewcerts/wolfssl.cnf wolfssl.cnf
+    cp renewcerts/wolfssl.cnf wolfssl.cnf || exit 1

    # To generate these all in sha1 add the flag "-sha1" on appropriate lines
    # That is all lines beginning with:  "openssl req"
@@ -53,339 +77,439 @@ function run_renewcerts(){
    echo "Updating 2048-bit client-uri-cert.pem"
    echo ""
    #pipe the following arguments to openssl req...
-    echo -e "US\nMontana\nBozeman\nwolfSSL_2048\nURI\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key client-key.pem -nodes -out client-cert.csr
-
+    echo -e "US\\nMontana\\nBozeman\\nwolfSSL_2048\\nURI\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key client-key.pem -config ./wolfssl.cnf -nodes -out client-cert.csr
+    check_result $? "Step 1"

    openssl x509 -req -in client-cert.csr -days 1000 -extfile wolfssl.cnf -extensions uri -signkey client-key.pem -out client-uri-cert.pem
+    check_result $? "Step 2"
    rm client-cert.csr

    openssl x509 -in client-uri-cert.pem -text > tmp.pem
+    check_result $? "Step 3"
    mv tmp.pem client-uri-cert.pem
-
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ############################################################
    #### update the self-signed (2048-bit) client-relative-uri.pem
    ############################################################
    echo "Updating 2048-bit client-relative-uri.pem"
    echo ""
    #pipe the following arguments to openssl req...
-    echo -e "US\nMontana\nBozeman\nwolfSSL_2048\nRELATIVE_URI\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key client-key.pem -nodes -out client-cert.csr
+    echo -e "US\\nMontana\\nBozeman\\nwolfSSL_2048\\nRELATIVE_URI\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key client-key.pem -config ./wolfssl.cnf -nodes -out client-cert.csr
+    check_result $? "Step 1"


    openssl x509 -req -in client-cert.csr -days 1000 -extfile wolfssl.cnf -extensions relative_uri -signkey client-key.pem -out client-relative-uri.pem
+    check_result $? "Step 2"
    rm client-cert.csr

    openssl x509 -in client-relative-uri.pem -text > tmp.pem
+    check_result $? "Step 3"
    mv tmp.pem client-relative-uri.pem
-
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ############################################################
    #### update the self-signed (2048-bit) client-cert.pem #####
    ############################################################
    echo "Updating 2048-bit client-cert.pem"
    echo ""
    #pipe the following arguments to openssl req...
-    echo -e "US\nMontana\nBozeman\nwolfSSL_2048\nProgramming-2048\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key client-key.pem -nodes -out client-cert.csr
+    echo -e "US\\nMontana\\nBozeman\\nwolfSSL_2048\\nProgramming-2048\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key client-key.pem -config ./wolfssl.cnf -nodes -out client-cert.csr
+    check_result $? "Step 1"


    openssl x509 -req -in client-cert.csr -days 1000 -extfile wolfssl.cnf -extensions wolfssl_opts -signkey client-key.pem -out client-cert.pem
+    check_result $? "Step 2"
    rm client-cert.csr

    openssl x509 -in client-cert.pem -text > tmp.pem
+    check_result $? "Step 3"
    mv tmp.pem client-cert.pem
-
-
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ############################################################
    #### update the self-signed (3072-bit) client-cert.pem #####
    ############################################################
    echo "Updating 3072-bit client-cert.pem"
    echo ""
    #pipe the following arguments to openssl req...
-    echo -e "US\nMontana\nBozeman\nwolfSSL_3072\nProgramming-3072\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -newkey rsa:3072 -keyout client-key-3072.pem -nodes -out client-cert-3072.csr
+    echo -e "US\\nMontana\\nBozeman\\nwolfSSL_3072\\nProgramming-3072\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -newkey rsa:3072 -keyout client-key-3072.pem -config ./wolfssl.cnf -nodes -out client-cert-3072.csr
+    check_result $? "Step 1"


    openssl x509 -req -in client-cert-3072.csr -days 1000 -extfile wolfssl.cnf -extensions wolfssl_opts -signkey client-key-3072.pem -out client-cert-3072.pem
+    check_result $? "Step 2"
    rm client-cert-3072.csr

    openssl x509 -in client-cert-3072.pem -text > tmp.pem
+    check_result $? "Step 3"
    mv tmp.pem client-cert-3072.pem
-
-
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ############################################################
    #### update the self-signed (1024-bit) client-cert.pem #####
    ############################################################
    echo "Updating 1024-bit client-cert.pem"
    echo ""
    #pipe the following arguments to openssl req...
-    echo -e "US\nMontana\nBozeman\nwolfSSL_1024\nProgramming-1024\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key \1024/client-key.pem -nodes -out \1024/client-cert.csr
+    echo -e "US\\nMontana\\nBozeman\\nwolfSSL_1024\\nProgramming-1024\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ./1024/client-key.pem -config ./wolfssl.cnf -nodes -out ./1024/client-cert.csr
+    check_result $? "Step 1"


-    openssl x509 -req -in \1024/client-cert.csr -days 1000 -extfile wolfssl.cnf -extensions wolfssl_opts -signkey \1024/client-key.pem -out \1024/client-cert.pem
-    rm \1024/client-cert.csr
+    openssl x509 -req -in ./1024/client-cert.csr -days 1000 -extfile wolfssl.cnf -extensions wolfssl_opts -signkey ./1024/client-key.pem -out ./1024/client-cert.pem
+    check_result $? "Step 2"
+    rm ./1024/client-cert.csr

-    openssl x509 -in \1024/client-cert.pem -text > \1024/tmp.pem
-    mv \1024/tmp.pem \1024/client-cert.pem
+    openssl x509 -in ./1024/client-cert.pem -text > ./1024/tmp.pem
+    check_result $? "Step 3"
+    mv ./1024/tmp.pem ./1024/client-cert.pem
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ############################################################
    ########## update the self-signed ca-cert.pem ##############
    ############################################################
    echo "Updating ca-cert.pem"
    echo ""
    #pipe the following arguments to openssl req...
-    echo -e  "US\nMontana\nBozeman\nSawtooth\nConsulting\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key ca-key.pem -nodes -out ca-cert.csr
+    echo -e  "US\\nMontana\\nBozeman\\nSawtooth\\nConsulting\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ca-key.pem -config ./wolfssl.cnf -nodes -out ca-cert.csr
+    check_result $? "Step 1"

    openssl x509 -req -in ca-cert.csr -days 1000 -extfile wolfssl.cnf -extensions wolfssl_opts -signkey ca-key.pem -out ca-cert.pem
+    check_result $? "Step 2"
    rm ca-cert.csr

    openssl x509 -in ca-cert.pem -text > tmp.pem
+    check_result $? "Step 3"
    mv tmp.pem ca-cert.pem
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ############################################################
    ########## update the self-signed ca-ecc-cert.pem ##########
    ############################################################
    echo "Updating ca-ecc-cert.pem"
    echo ""
    #pipe the following arguments to openssl req...
-    echo -e  "US\nWashington\nSeattle\nwolfSSL\nDevelopment\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key ca-ecc-key.pem -nodes -out ca-ecc-cert.csr
+    echo -e  "US\\nWashington\\nSeattle\\nwolfSSL\\nDevelopment\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ca-ecc-key.pem -config ./wolfssl.cnf -nodes -out ca-ecc-cert.csr
+    check_result $? "Step 1"

    openssl x509 -req -in ca-ecc-cert.csr -days 1000 -extfile wolfssl.cnf -extensions ca_ecc_cert -signkey ca-ecc-key.pem -out ca-ecc-cert.pem
+    check_result $? "Step 2"
    rm ca-ecc-cert.csr

    openssl x509 -in ca-ecc-cert.pem -text > tmp.pem
+    check_result $? "Step 3"
    mv tmp.pem ca-ecc-cert.pem
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ############################################################
    ########## update the self-signed ca-ecc384-cert.pem #######
    ############################################################
    echo "Updating ca-ecc384-cert.pem"
    echo ""
    #pipe the following arguments to openssl req...
-    echo -e  "US\nWashington\nSeattle\nwolfSSL\nDevelopment\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key ca-ecc384-key.pem -nodes -sha384 -out ca-ecc384-cert.csr
+    echo -e  "US\\nWashington\\nSeattle\\nwolfSSL\\nDevelopment\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ca-ecc384-key.pem -config ./wolfssl.cnf -nodes -sha384 -out ca-ecc384-cert.csr
+    check_result $? "Step 1"

    openssl x509 -req -in ca-ecc384-cert.csr -days 1000 -extfile wolfssl.cnf -extensions ca_ecc_cert -signkey ca-ecc384-key.pem -sha384 -out ca-ecc384-cert.pem
+    check_result $? "Step 2"
    rm ca-ecc384-cert.csr

    openssl x509 -in ca-ecc384-cert.pem -text > tmp.pem
+    check_result $? "Step 3"
    mv tmp.pem ca-ecc384-cert.pem
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ############################################################
    ##### update the self-signed (1024-bit) ca-cert.pem ########
    ############################################################
    echo "Updating 1024-bit ca-cert.pem"
    echo ""
    #pipe the following arguments to openssl req...
-    echo -e  "US\nMontana\nBozeman\nSawtooth\nConsulting_1024\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key \1024/ca-key.pem -nodes -sha1 -out \1024/ca-cert.csr
+    echo -e  "US\\nMontana\\nBozeman\\nSawtooth\\nConsulting_1024\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ./1024/ca-key.pem -config ./wolfssl.cnf -nodes -sha1 -out ./1024/ca-cert.csr
+    check_result $? "Step 1"

-    openssl x509 -req -in \1024/ca-cert.csr -days 1000 -extfile wolfssl.cnf -extensions wolfssl_opts -signkey \1024/ca-key.pem -out \1024/ca-cert.pem
-    rm \1024/ca-cert.csr
+    openssl x509 -req -in ./1024/ca-cert.csr -days 1000 -extfile wolfssl.cnf -extensions wolfssl_opts -signkey ./1024/ca-key.pem -out ./1024/ca-cert.pem
+    check_result $? "Step 2"
+    rm ./1024/ca-cert.csr

-    openssl x509 -in \1024/ca-cert.pem -text > \1024/tmp.pem
-    mv \1024/tmp.pem \1024/ca-cert.pem
+    openssl x509 -in ./1024/ca-cert.pem -text > ./1024/tmp.pem
+    check_result $? "Step 3"
+    mv ./1024/tmp.pem ./1024/ca-cert.pem
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ###########################################################
    ########## update and sign server-cert.pem ################
    ###########################################################
    echo "Updating server-cert.pem"
    echo ""
    #pipe the following arguments to openssl req...
-    echo -e "US\nMontana\nBozeman\nwolfSSL\nSupport\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key server-key.pem -nodes > server-req.pem
+    echo -e "US\\nMontana\\nBozeman\\nwolfSSL\\nSupport\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key server-key.pem -config ./wolfssl.cnf -nodes > server-req.pem
+    check_result $? "Step 1"

    openssl x509 -req -in server-req.pem -extfile wolfssl.cnf -extensions wolfssl_opts -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem
+    check_result $? "Step 2"

    rm server-req.pem

    openssl x509 -in ca-cert.pem -text > ca_tmp.pem
+    check_result $? "Step 3"
    openssl x509 -in server-cert.pem -text > srv_tmp.pem
+    check_result $? "Step 4"
    mv srv_tmp.pem server-cert.pem
    cat ca_tmp.pem >> server-cert.pem
    rm ca_tmp.pem
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ###########################################################
    ########## update and sign server-revoked-key.pem #########
    ###########################################################
    echo "Updating server-revoked-cert.pem"
    echo ""
    #pipe the following arguments to openssl req...
-    echo -e "US\nMontana\nBozeman\nwolfSSL_revoked\nSupport_revoked\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key server-revoked-key.pem -nodes > server-revoked-req.pem
+    echo -e "US\\nMontana\\nBozeman\\nwolfSSL_revoked\\nSupport_revoked\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key server-revoked-key.pem -config ./wolfssl.cnf -nodes > server-revoked-req.pem
+    check_result $? "Step 1"

    openssl x509 -req -in server-revoked-req.pem -extfile wolfssl.cnf -extensions wolfssl_opts -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 02 > server-revoked-cert.pem
-
+    check_result $? "Step 2"
    rm server-revoked-req.pem

    openssl x509 -in ca-cert.pem -text > ca_tmp.pem
+    check_result $? "Step 3"
    openssl x509 -in server-revoked-cert.pem -text > srv_tmp.pem
+    check_result $? "Step 4"
    mv srv_tmp.pem server-revoked-cert.pem
    cat ca_tmp.pem >> server-revoked-cert.pem
    rm ca_tmp.pem
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ###########################################################
    ########## update and sign server-duplicate-policy.pem ####
    ###########################################################
    echo "Updating server-duplicate-policy.pem"
    echo ""
    #pipe the following arguments to openssl req...
-    echo -e "US\nMontana\nBozeman\nwolfSSL\ntesting duplicate policy\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key server-key.pem -nodes > ./test/server-duplicate-policy-req.pem
+    echo -e "US\\nMontana\\nBozeman\\nwolfSSL\\ntesting duplicate policy\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key server-key.pem -config ./wolfssl.cnf -nodes > ./test/server-duplicate-policy-req.pem
+    check_result $? "Step 1"

    openssl x509 -req -in ./test/server-duplicate-policy-req.pem -extfile wolfssl.cnf -extensions policy_test -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 02 > ./test/server-duplicate-policy.pem
-
+    check_result $? "Step 2"
    rm ./test/server-duplicate-policy-req.pem

    openssl x509 -in ca-cert.pem -text > ca_tmp.pem
+    check_result $? "Step 3"
    openssl x509 -in ./test/server-duplicate-policy.pem -text > srv_tmp.pem
+    check_result $? "Step 4"
    mv srv_tmp.pem ./test/server-duplicate-policy.pem
    cat ca_tmp.pem >> ./test/server-duplicate-policy.pem
    rm ca_tmp.pem
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ###########################################################
    #### update and sign (1024-bit) server-cert.pem ###########
    ###########################################################
    echo "Updating 1024-bit server-cert.pem"
    echo ""
    #pipe the following arguments to openssl req...
-    echo -e "US\nMontana\nBozeman\nwolfSSL\nSupport_1024\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key \1024/server-key.pem -nodes -sha1 > \1024/server-req.pem
+    echo -e "US\\nMontana\\nBozeman\\nwolfSSL\\nSupport_1024\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ./1024/server-key.pem -config ./wolfssl.cnf -nodes -sha1 > ./1024/server-req.pem
+    check_result $? "Step 1"

-    openssl x509 -req -in \1024/server-req.pem -extfile wolfssl.cnf -extensions wolfssl_opts -days 1000 -CA \1024/ca-cert.pem -CAkey \1024/ca-key.pem -set_serial 01 > \1024/server-cert.pem
+    openssl x509 -req -in ./1024/server-req.pem -extfile wolfssl.cnf -extensions wolfssl_opts -days 1000 -CA ./1024/ca-cert.pem -CAkey ./1024/ca-key.pem -set_serial 01 > ./1024/server-cert.pem
+    check_result $? "Step 2"
+    rm ./1024/server-req.pem

-    rm \1024/server-req.pem
-
-    openssl x509 -in \1024/ca-cert.pem -text > \1024/ca_tmp.pem
-    openssl x509 -in \1024/server-cert.pem -text > \1024/srv_tmp.pem
-    mv \1024/srv_tmp.pem \1024/server-cert.pem
-    cat \1024/ca_tmp.pem >> \1024/server-cert.pem
-    rm \1024/ca_tmp.pem
+    openssl x509 -in ./1024/ca-cert.pem -text > ./1024/ca_tmp.pem
+    check_result $? "Step 3"
+    openssl x509 -in ./1024/server-cert.pem -text > ./1024/srv_tmp.pem
+    check_result $? "Step 4"
+    mv ./1024/srv_tmp.pem ./1024/server-cert.pem
+    cat ./1024/ca_tmp.pem >> ./1024/server-cert.pem
+    rm ./1024/ca_tmp.pem
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ############################################################
    ########## update and sign the server-ecc-rsa.pem ##########
    ############################################################
    echo "Updating server-ecc-rsa.pem"
    echo ""
-    echo -e "US\nMontana\nBozeman\nElliptic - RSAsig\nECC-RSAsig\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key ecc-key.pem -nodes > server-ecc-req.pem
+    echo -e "US\\nMontana\\nBozeman\\nElliptic - RSAsig\\nECC-RSAsig\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ecc-key.pem -config ./wolfssl.cnf -nodes > server-ecc-req.pem
+    check_result $? "Step 1"

    openssl x509 -req -in server-ecc-req.pem -extfile wolfssl.cnf -extensions wolfssl_opts -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-ecc-rsa.pem
-
+    check_result $? "Step 2"
    rm server-ecc-req.pem

    openssl x509 -in server-ecc-rsa.pem -text > tmp.pem
+    check_result $? "Step 3"
    mv tmp.pem server-ecc-rsa.pem
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ############################################################
    ####### update the self-signed client-ecc-cert.pem #########
    ############################################################
    echo "Updating client-ecc-cert.pem"
    echo ""
    #pipe the following arguments to openssl req...
-    echo -e "US\nOregon\nSalem\nClient ECC\nFast\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key ecc-client-key.pem -nodes -out client-ecc-cert.csr
-
+    echo -e "US\\nOregon\\nSalem\\nClient ECC\\nFast\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ecc-client-key.pem -config ./wolfssl.cnf -nodes -out client-ecc-cert.csr
+    check_result $? "Step 1"

    openssl x509 -req -in client-ecc-cert.csr -days 1000 -extfile wolfssl.cnf -extensions wolfssl_opts -signkey ecc-client-key.pem -out client-ecc-cert.pem
+    check_result $? "Step 2"
    rm client-ecc-cert.csr

    openssl x509 -in client-ecc-cert.pem -text > tmp.pem
+    check_result $? "Step 3"
    mv tmp.pem client-ecc-cert.pem
-
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ############################################################
    ########## update the server-ecc.pem #######################
    ############################################################
    echo "Updating server-ecc.pem"
    echo ""
    #pipe the following arguments to openssl req...
-    echo -e "US\nWashington\nSeattle\nEliptic\nECC\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key ecc-key.pem -nodes -out server-ecc.csr
+    echo -e "US\\nWashington\\nSeattle\\nEliptic\\nECC\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ecc-key.pem -config ./wolfssl.cnf -nodes -out server-ecc.csr
+    check_result $? "Step 1"

-
-    openssl x509 -req -in server-ecc.csr -days 1000 -extfile wolfssl.cnf -extensions server_ecc -CAfile ca-ecc-cert.pem -CAkey ca-ecc-key.pem -out server-ecc.pem
+    openssl x509 -req -in server-ecc.csr -days 1000 -extfile wolfssl.cnf -extensions server_ecc -CA ca-ecc-cert.pem -CAkey ca-ecc-key.pem -set_serial 03 -out server-ecc.pem
+    check_result $? "Step 2"
    rm server-ecc.csr

    openssl x509 -in server-ecc.pem -text > tmp.pem
+    check_result $? "Step 3"
    mv tmp.pem server-ecc.pem
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ############################################################
    ###### update the self-signed server-ecc-comp.pem ##########
    ############################################################
    echo "Updating server-ecc-comp.pem"
    echo ""
    #pipe the following arguments to openssl req...
-    echo -e "US\nMontana\nBozeman\nElliptic - comp\nServer ECC-comp\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key ecc-key-comp.pem -nodes -out server-ecc-comp.csr
-
+    echo -e "US\\nMontana\\nBozeman\\nElliptic - comp\\nServer ECC-comp\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ecc-key-comp.pem -config ./wolfssl.cnf -nodes -out server-ecc-comp.csr
+    check_result $? "Step 1"

    openssl x509 -req -in server-ecc-comp.csr -days 1000 -extfile wolfssl.cnf -extensions wolfssl_opts -signkey ecc-key-comp.pem -out server-ecc-comp.pem
+    check_result $? "Step 2"
    rm server-ecc-comp.csr

    openssl x509 -in server-ecc-comp.pem -text > tmp.pem
+    check_result $? "Step 3"
    mv tmp.pem server-ecc-comp.pem
-
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ############################################################
    ############## create the client-ca.pem file ###############
    ############################################################
    echo "Updating client-ca.pem"
    echo ""
    cat client-cert.pem client-ecc-cert.pem > client-ca.pem
-
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ############################################################
    ###### update the self-signed ecc-privOnlyCert.pem #########
    ############################################################
    echo "Updating ecc-privOnlyCert.pem"
    echo ""
    #pipe the following arguments to openssl req...
-    echo -e ".\n.\n.\nWR\n.\nDE\n.\n.\n.\n" | openssl req -new -key ecc-privOnlyKey.pem -nodes -out ecc-privOnly.csr
-
+    echo -e ".\\n.\\n.\\nWR\\n.\\nDE\\n.\\n.\\n.\\n" | openssl req -new -key ecc-privOnlyKey.pem -config ./wolfssl.cnf -nodes -out ecc-privOnly.csr
+    check_result $? "Step 1"

    openssl x509 -req -in ecc-privOnly.csr -days 1000 -signkey ecc-privOnlyKey.pem -out ecc-privOnlyCert.pem
+    check_result $? "Step 2"
    rm ecc-privOnly.csr
-
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ############################################################
    ###### update the self-signed test/digsigku.pem   ##########
    ############################################################
    echo "Updating test/digsigku.pem"
    echo ""
    #pipe the following arguments to openssl req...
-    echo -e "US\nWashington\nSeattle\nFoofarah\nArglebargle\nfoobarbaz\ninfo@worlss.com\n.\n.\n" | openssl req -new -key ecc-key.pem -nodes -sha1 -out digsigku.csr
-
+    echo -e "US\\nWashington\\nSeattle\\nFoofarah\\nArglebargle\\nfoobarbaz\\ninfo@worlss.com\\n.\\n.\\n" | openssl req -new -key ecc-key.pem -config ./wolfssl.cnf -nodes -sha1 -out digsigku.csr
+    check_result $? "Step 1"

    openssl x509 -req -in digsigku.csr -days 1000 -extfile wolfssl.cnf -extensions digsigku -signkey ecc-key.pem -sha1 -set_serial 16393466893990650224 -out digsigku.pem
+    check_result $? "Step 2"
    rm digsigku.csr

    openssl x509 -in digsigku.pem -text > tmp.pem
+    check_result $? "Step 3"
    mv tmp.pem digsigku.pem
    mv digsigku.pem test/digsigku.pem
-
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ############################################################
    ########## make .der files from .pem files #################
    ############################################################
    echo "Creating der formatted certs..."
    echo ""
-    openssl x509 -inform PEM -in \1024/client-cert.pem -outform DER -out \1024/client-cert.der
-    openssl x509 -inform PEM -in \1024/server-cert.pem -outform DER -out \1024/server-cert.der
-    openssl x509 -inform PEM -in \1024/ca-cert.pem -outform DER -out \1024/ca-cert.der
+    openssl x509 -inform PEM -in ./1024/client-cert.pem -outform DER -out ./1024/client-cert.der
+    check_result $? "Der Cert 1"
+    openssl x509 -inform PEM -in ./1024/server-cert.pem -outform DER -out ./1024/server-cert.der
+    check_result $? "Der Cert 2"
+    openssl x509 -inform PEM -in ./1024/ca-cert.pem -outform DER -out ./1024/ca-cert.der
+    check_result $? "Der Cert 3"

    openssl x509 -inform PEM -in ca-cert.pem -outform DER -out ca-cert.der
+    check_result $? "Der Cert 4"
    openssl x509 -inform PEM -in ca-ecc-cert.pem -outform DER -out ca-ecc-cert.der
+    check_result $? "Der Cert 5"
    openssl x509 -inform PEM -in ca-ecc384-cert.pem -outform DER -out ca-ecc384-cert.der
+    check_result $? "Der Cert 6"
    openssl x509 -inform PEM -in client-cert.pem -outform DER -out client-cert.der
+    check_result $? "Der Cert 7"
    openssl x509 -inform PEM -in server-cert.pem -outform DER -out server-cert.der
+    check_result $? "Der Cert 8"
    openssl x509 -inform PEM -in client-ecc-cert.pem -outform DER -out client-ecc-cert.der
+    check_result $? "Der Cert 9"
    openssl x509 -inform PEM -in server-ecc-rsa.pem -outform DER -out server-ecc-rsa.der
+    check_result $? "Der Cert 10"
    openssl x509 -inform PEM -in server-ecc.pem -outform DER -out server-ecc.der
+    check_result $? "Der Cert 11"
    openssl x509 -inform PEM -in server-ecc-comp.pem -outform DER -out server-ecc-comp.der
-
+    check_result $? "Der Cert 12"
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ############################################################
    ###### update the ecc-rsa-server.p12 file ##################
    ############################################################
    echo "Updating ecc-rsa-server.p12 (password is \"\")"
    echo ""
    echo "" | openssl pkcs12 -des3 -descert -export -in server-ecc-rsa.pem -inkey ecc-key.pem -certfile server-ecc.pem -out ecc-rsa-server.p12 -password stdin
-
+    check_result $? "Step 1"
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ############################################################
    ###### update the test-servercert.p12 file #################
    ############################################################
    echo "Updating test-servercert.p12 (password is \"wolfSSL test\")"
    echo ""
    echo "wolfSSL test" | openssl pkcs12 -des3 -descert -export -in server-cert.pem -inkey server-key.pem -certfile ca-cert.pem -out test-servercert.p12 -password stdin
-
+    check_result $? "Step 1"
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ############################################################
    ###### calling gen-ext-certs.sh           ##################
    ############################################################
    echo "Calling gen-ext-certs.sh"
    echo ""
-    cd ..
+    cd .. || exit 1
    ./certs/test/gen-ext-certs.sh
-    cd ./certs
-
+    check_result $? "gen-ext-certs.sh"
+    cd ./certs || { echo "Couldn't cd to certs directory"; exit 1; }
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ############################################################
    ###### calling gen-badsig.sh              ##################
    ############################################################
    echo "Calling gen-badsig.sh"
    echo ""
-    cd ./test
+    cd ./test || { echo "Failed to switch to dir ./test"; exit 1; }
    ./gen-badsig.sh
-    cd ../
-
+    check_result $? "gen-badsig.sh"
+    cd ../ || exit 1
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ############################################################
    ########## generate ocsp certs        ######################
    ############################################################
@@ -394,74 +518,88 @@ function run_renewcerts(){

    # guard against recursive calls to renewcerts.sh
    if [ -d ocsp ]; then
-        cd ./ocsp
-        echo "Execute ./renewcerts.sh..."
+        cd ./ocsp || { echo "Failed to switch to dir ./ocsp"; exit 1; }
+        echo "Execute ocsp/renewcerts.sh..."
        ./renewcerts.sh
-        cd ../
+        check_result $? "renewcerts.sh"
+        cd ../ || exit 1
    else
        echo "Error could not find ocsp directory"
        exit 1
    fi
-
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ############################################################
    ###### calling assemble-chains.sh         ##################
    ############################################################
    echo "Calling assemble-chains.sh"
    echo ""
-    cd ./test-pathlen
+    cd ./test-pathlen || { echo "Failed to switch to dir ./test-pathlen";
+                           exit 1; }
    ./assemble-chains.sh
-    cd ../
-
+    check_result $? "assemble-chains.sh"
+    cd ../ || exit 1
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ############################################################
    ########## store DER files as buffers ######################
    ############################################################
    echo "Changing directory to wolfssl root..."
    echo ""
-    cd ../
+    cd ../ || exit 1
    echo "Execute ./gencertbuf.pl..."
    echo ""
    ./gencertbuf.pl
-
+    check_result $? "gencertbuf.pl"
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
    ############################################################
    ########## generate the new crls ###########################
    ############################################################

    echo "Change directory to wolfssl/certs"
    echo ""
-    cd certs
+    cd ./certs || { echo "Failed to switch to dir ./certs"; exit 1; }
    echo "We are back in the certs directory"
    echo ""

    echo "Updating the crls..."
    echo ""
-    cd crl
+    cd ./crl || { echo "Failed to switch to dir ./crl"; exit 1; }
    echo "changed directory: cd/crl"
    echo ""
    ./gencrls.sh
+    check_result $? "gencrls.sh"
    echo "ran ./gencrls.sh"
    echo ""

+    ############################################################
+    ########## generate PKCS7 bundles ##########################
+    ############################################################
+    echo "Changing directory to wolfssl certs..."
+    echo ""
+    cd ../ || exit 1
+    echo "Creating test-degenerate.p7b..."
+    echo ""
+    openssl crl2pkcs7 -nocrl -certfile ./client-cert.pem -out test-degenerate.p7b -outform DER
+    check_result $? ""
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
+
    #cleanup the file system now that we're done
    echo "Performing final steps, cleaning up the file system..."
    echo ""

    rm ../wolfssl.cnf
-
-}
-
-#function for restoring a previous configure state
-function restore_config(){
-    mv tmp.status config.status
-    mv tmp.options.h wolfssl/options.h
-    make clean
-    make -j 8
+    echo "End of Updates. Everything was successfully updated!"
+    echo "---------------------------------------------------------------------"
 }

 #function for copy and pasting ntru updates
-function move_ntru(){
-    cp ntru-cert.pem certs/ntru-cert.pem
-    cp ntru-key.raw certs/ntru-key.raw
-    cp ntru-cert.der certs/ntru-cert.der
+move_ntru(){
+    cp ntru-cert.pem certs/ntru-cert.pem || exit 1
+    cp ntru-key.raw certs/ntru-key.raw || exit 1
+    cp ntru-cert.der certs/ntru-cert.der || exit 1
 }

 ###############################################################################
@@ -469,7 +607,7 @@ function move_ntru(){
 ###############################################################################

 #start in root.
-cd ../
+cd ../ || exit 1
 #if HAVE_NTRU already defined && there is no argument
 if grep HAVE_NTRU "wolfssl/options.h" && [ -z "$1" ]
 then
@@ -477,18 +615,27 @@ then
    #run the function to renew the certs
    run_renewcerts
    # run_renewcerts will end in the wolfssl/certs/crl dir, backup to root.
-    cd ../../
+    cd ../ || exit 1
+    CURRDIR=${PWD##*/}
+    if [ "$CURRDIR" = "certs" ]; then
+        cd ../ || exit 1
+    else
+        echo "We are not in the right directory! Abort."
+        exit 1
+    fi
    echo "changed directory to wolfssl root directory."
    echo ""

    echo ""
    echo "Enter directory to ed25519 certificate generation example."
    echo "Can be found at https://github.com/wolfSSL/wolfssl-examples"
-    read ED25519_DIR
+    read -r ED25519_DIR
    if [ -d "${ED25519_DIR}" ]; then
-        pushd ./certs/ed25519
-        ./gen-ed25519.sh ${ED25519_DIR}
-        popd
+        pushd ./certs/ed25519 || { echo "Failed to push certs/ed25519";
+                                   exit 1; }
+        ./gen-ed25519.sh "${ED25519_DIR}"
+        check_result $? "./gen-ed25519.sh"
+        popd || exit 1
    else
        echo "Unable to find directory ${ED25519_DIR}"
        exit 1
@@ -499,8 +646,13 @@ then
    ############################################################

    # We cannot assume that user has certgen and keygen enabled
+    CFLAG_TMP="-DWOLFSSL_STATIC_RSA"
+    export CFLAGS=${CFLAG_TMP}
    ./configure --with-ntru --enable-certgen --enable-keygen
+    check_result $? "configure for ntru"
    make check
+    check_result $? "make check with ntru"
+    export CFLAGS=""

    #copy/paste ntru-certs and key to certs/
    move_ntru
@@ -516,10 +668,12 @@ elif [ ! -z "$1" ]; then
        echo ""
        echo "Enter directory to ed25519 certificate generation example."
        echo "Can be found at https://github.com/wolfSSL/wolfssl-examples"
-        read ED25519_DIR
-        pushd ./certs/ed25519
-        ./gen-ed25519.sh ${ED25519_DIR}
-        popd
+        read -r ED25519_DIR
+        pushd ./certs/ed25519 || { echo "failed to push ./certs/ed25519";
+                                   exit 1; }
+        ./gen-ed25519.sh "${ED25519_DIR}"
+        check_result $? "./gen-ed25519.sh"
+        popd || exit 1
    #valid argument print out other valid arguments
    elif [ "$1" == "-h" ] || [ "$1" == "-help" ]; then
        echo ""
@@ -541,18 +695,24 @@ elif [ ! -z "$1" ]; then
 else
    echo "Saving the configure state"
    echo ""
-    cp config.status tmp.status
-    cp wolfssl/options.h tmp.options.h
+    cp config.status tmp.status || exit 1
+    cp wolfssl/options.h tmp.options.h || exit 1

    echo "Running make clean"
    echo ""
    make clean
+    check_result $? "make clean"

    #attempt to define ntru by configuring with ntru
    echo "Configuring with ntru, enabling certgen and keygen"
    echo ""
+    CFLAG_TMP="-DWOLFSSL_STATIC_RSA"
+    export CFLAGS=${CFLAG_TMP}
    ./configure --with-ntru --enable-certgen --enable-keygen
+    check_result $? "configure for ntru"
    make check
+    check_result $? "make check with ntru"
+    export CFLAGS=""

    # check options.h a second time, if the user had
    # ntru installed on their system and in the default
@@ -565,7 +725,14 @@ else
    if grep HAVE_NTRU "wolfssl/options.h"; then
        run_renewcerts
        #run_renewcerts leaves us in wolfssl/certs/crl, backup to root
-        cd ../../
+        cd ../ || exit 1
+        CURRDIR=${PWD##*/}
+        if [ "$CURRDIR" = "certs" ]; then
+            cd ../ || exit 1
+        else
+            echo "We are not in the right directory! Abort."
+            exit 1
+        fi
        echo "changed directory to wolfssl root directory."
        echo ""

@@ -576,10 +743,12 @@ else

        # restore previous configure state
        restore_config
+        check_result $? "restoring old configuration"
    else

        # restore previous configure state
        restore_config
+        check_result $? "restoring old configuration"

        echo ""
        echo "ntru is not installed at the default location,"
--- a/certs/renewcerts/wolfssl.cnf
+++ b/certs/renewcerts/wolfssl.cnf
@@ -11,13 +11,6 @@ oid_section = new_oids
 tsa_policy1 = 1.2.3.4.1
 tsa_policy2 = 1.2.3.4.5.6
 tsa_policy3 = 1.2.3.4.5.7
-businessCategory=2.5.4.15
-streetAddress=2.5.4.9
-stateOrProvinceName=2.5.4.8
-countryName=2.5.4.6
-jurisdictionOfIncorporationLocalityName=1.3.6.1.4.1.311.60.2.1.1
-jurisdictionOfIncorporationStateOrProvinceName=1.3.6.1.4.1.311.60.2.1.2
-jurisdictionOfIncorporationCountryName=1.3.6.1.4.1.311.60.2.1.3

 ####################################################################
 [ ca ]
--- a/Show More
+++ b/Show More