Revert "Aarch64: make code compile when no hardware crypto avail"

Merge pull request #8264 from dgarske/various_20241206
Various cleanups and fixes
2024-12-13 13:52:53 -08:00 · 2024-12-13 13:48:10 -07:00 · 2024-12-13 13:35:49 -07:00 · 2024-12-13 13:32:47 -07:00 · 2024-12-12 15:49:57 -08:00 · 2024-12-13 09:16:11 +10:00
363 changed files with 21335 additions and 9971 deletions
--- a/.codespellexcludelines
+++ b/.codespellexcludelines
@@ -0,0 +1,18 @@
+###############################################################################
+# In this file, you should add the line of the file that needs to be ignored.
+# The line should be exactly as it appears in the file.
+###############################################################################
+        0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, /* .Enginee */
+        0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, /* fo@wolfs */
+        0x0a, 0x8b, 0x98, 0xf3, 0xe3, 0xff, 0x4e, 0x44, /* ......ND */
+ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd\n\
+static const byte plaintext[] = "Lorem ipsum dolor sit amet, consectetur adipiscing elit. Cras lacus odio, pretium vel sagittis ac, facilisis quis diam. Vivamus condimentum velit sed dolor consequat interdum. Etiam eleifend ornare felis, eleifend egestas odio vulputate eu. Sed nec orci nunc. Etiam quis mi augue. Donec ullamcorper suscipit lorem, vel luctus augue cursus fermentum. Etiam a porta arcu, in convallis sem. Integer efficitur elementum diam, vel scelerisque felis posuere placerat. Donec vestibulum sit amet leo sit amet tincidunt. Etiam et vehicula turpis. Phasellus quis finibus sapien. Sed et tristique turpis. Nullam vitae sagittis tortor, et aliquet lorem. Cras a leo scelerisque, convallis lacus ut, fermentum urna. Mauris quis urna diam. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. Nam aliquam vehicula orci id pulvinar. Proin mollis, libero sollicitudin tempor ultrices, massa augue tincidunt turpis, sit amet aliquam neque nibh nec dui. Fusce finibus massa quis rutrum suscipit cras amet";
+rsource "Kconfig.tls-generic"
+        /* Loop over authenticated associated data AD1..ADn */
+  /* no easy answer [c'est la vie].  Just division */
+    const uint8_t* hashIn, int hashSz)
+    XMEMCPY(hash + (curveSz - hashSz), hashIn, hashSz);
+        0x63, 0x72, 0x65, 0x65, 0x6e, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x62, 0x65, 0x20, 0x69, /* creen would be i */
+\pagenumbering{alph}
+    DES3_KEY_SIZE       = 24,  /* 3 des ede               */
+/* functions added to support above needed, removed TOOM and KARATSUBA */
--- a/.github/workflows/codespell.yml
+++ b/.github/workflows/codespell.yml
@@ -0,0 +1,30 @@
+name: Codespell test
+
+on:
+  push:
+    branches: [ 'master', 'main', 'release/**' ]
+  pull_request:
+    branches: [ '*' ]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+# END OF COMMON SECTION
+
+jobs:
+  codespell:
+    if: github.repository_owner == 'wolfssl'
+    runs-on: ubuntu-22.04
+    steps:
+    - uses: actions/checkout@v4
+
+    - uses: codespell-project/actions-codespell@v2.1
+      with:
+        check_filenames: true
+        check_hidden: true
+          # Add comma separated list of words that occur multiple times that should be ignored (sorted alphabetically, case sensitive)
+        ignore_words_list: adin,aNULL,carryIn,chainG,ciph,cLen,cliKs,dout,haveA,inCreated,inOut,inout,larg,LEAPYEAR,Merget,optionA,parm,parms,repid,rIn,userA,ser,siz,te,Te
+          # The exclude_file contains lines of code that should be ignored. This is useful for individual lines which have non-words that can safely be ignored.
+        exclude_file: '.codespellexcludelines'
+          # To skip files entirely from being processed, add it to the following list:
+        skip: '*.cproject,*.der,*.mtpj,*.pem,*.vcxproj,.git,*.launch,*.scfg'
--- a/.github/workflows/coverity-scan-fixes.yml
+++ b/.github/workflows/coverity-scan-fixes.yml
@@ -1,9 +1,11 @@
-name: Coverity Scan master branch on a daily basis
+name: Coverity Scan master branch

 on:
  workflow_dispatch:
  schedule:
-    - cron: "0 0 * * *"
+    - cron: '0 0 * * 1-5'
+    - cron: '0 0 * * 0'
+    - cron: '0 12 * * 0'

 jobs:
  coverity:
@@ -14,11 +16,24 @@ jobs:
      with:
        ref: master

-    - name: Configure wolfSSL
+    - name: Configure wolfSSL with enable-all M-F
+      if: github.event.schedule == '0 0 * * 1-5'
      run: |
        ./autogen.sh
        ./configure --enable-all

+    - name: Configure wolfSSL with enable-all enable-smallstack Sun at 00:00
+      if: github.event.schedule == '0 0 * * 0'
+      run: |
+        ./autogen.sh
+        ./configure --enable-all --enable-smallstack
+
+    - name: Configure wolfSSL with bigendian Sun at 12:00
+      if: github.event.schedule == '0 12 * * 0'
+      run: |
+        ./autogen.sh
+        ./configure --enable-all CFLAGS="-DBIG_ENDIAN_ORDER"
+
    - name: Check secrets
      env:
        token_var: ${{ secrets.COVERITY_SCAN_TOKEN }}
--- a/.github/workflows/curl.yml
+++ b/.github/workflows/curl.yml
@@ -52,8 +52,7 @@ jobs:
    - name: Install test dependencies
      run: |
        sudo apt-get update
-        sudo apt-get install nghttp2 libpsl5 libpsl-dev
-        sudo pip install impacket
+        sudo apt-get install nghttp2 libpsl5 libpsl-dev python3-impacket

    - name: Download lib
      uses: actions/download-artifact@v4
--- a/.github/workflows/disabled/haproxy.yml
+++ b/.github/workflows/disabled/haproxy.yml
@@ -21,7 +21,7 @@ jobs:
        ref: [ master ]
    name: ${{ matrix.ref }}
    if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-latest
    steps:
      - name: Build wolfSSL
        uses: wolfSSL/actions-build-autotools-project@v1
--- a/.github/workflows/disabled/hitch.yml
+++ b/.github/workflows/disabled/hitch.yml
@@ -17,7 +17,7 @@ jobs:
    name: Build wolfSSL
    if: github.repository_owner == 'wolfssl'
    # Just to keep it the same as the testing target
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-latest
    # This should be a safe limit for the tests to run.
    timeout-minutes: 4
    steps:
@@ -49,7 +49,7 @@ jobs:
              test13-r82.sh test15-proxy-v2-npn.sh test39-client-cert-proxy.sh
    name: ${{ matrix.ref }}
    if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-latest
    # This should be a safe limit for the tests to run.
    timeout-minutes: 4
    needs: build_wolfssl
--- a/.github/workflows/docker-Espressif.yml
+++ b/.github/workflows/docker-Espressif.yml
@@ -23,7 +23,7 @@ jobs:
    steps:
      - uses: actions/checkout@v4
      - name: Initialize Espressif IDE and build examples
-        run: . /opt/esp/idf/export.sh; IDE/Espressif/ESP-IDF/compileAllExamples.sh
+        run: cd /opt/esp/idf && . ./export.sh && cd $GITHUB_WORKSPACE; IDE/Espressif/ESP-IDF/compileAllExamples.sh
  espressif_v4_4:
    name: v4.4 Docker container
    if: github.repository_owner == 'wolfssl'
@@ -33,7 +33,7 @@ jobs:
    steps:
      - uses: actions/checkout@v4
      - name: Initialize Espressif IDE and build examples
-        run: . /opt/esp/idf/export.sh; IDE/Espressif/ESP-IDF/compileAllExamples.sh
+        run: cd /opt/esp/idf && . ./export.sh && cd $GITHUB_WORKSPACE; IDE/Espressif/ESP-IDF/compileAllExamples.sh
  espressif_v5_0:
    name: v5.0 Docker container
    if: github.repository_owner == 'wolfssl'
@@ -43,4 +43,4 @@ jobs:
    steps:
      - uses: actions/checkout@v4
      - name: Initialize Espressif IDE and build examples
-        run: . /opt/esp/idf/export.sh; IDE/Espressif/ESP-IDF/compileAllExamples.sh
+        run: cd /opt/esp/idf && . ./export.sh && cd $GITHUB_WORKSPACE; IDE/Espressif/ESP-IDF/compileAllExamples.sh
--- a/.github/workflows/hostap-vm.yml
+++ b/.github/workflows/hostap-vm.yml
@@ -75,7 +75,7 @@ jobs:
        id: cache
        with:
          path: linux/linux
-          key: ${{ env.LINUX_REF }}
+          key: hostap-linux-${{ env.LINUX_REF }}
          lookup-only: true

      - name: Checkout hostap
@@ -153,7 +153,7 @@ jobs:
        id: cache
        with:
          path: linux/linux
-          key: ${{ env.LINUX_REF }}
+          key: hostap-linux-${{ env.LINUX_REF }}
          fail-on-cache-miss: true

      - name: show file structure
@@ -196,8 +196,7 @@ jobs:
          # hostap dependencies
          sudo apt-get install -y libpcap0.8 libpcap-dev curl libcurl4-openssl-dev \
            libnl-3-dev binutils-dev libssl-dev libiberty-dev libnl-genl-3-dev \
-            libnl-route-3-dev libdbus-1-dev bridge-utils tshark
-          sudo pip3 install pycryptodome
+            libnl-route-3-dev libdbus-1-dev bridge-utils tshark python3-pycryptodome

      - name: Checkout hostap
        uses: actions/checkout@v4
--- a/.github/workflows/ipmitool.yml
+++ b/.github/workflows/ipmitool.yml
@@ -51,6 +51,8 @@ jobs:
    runs-on: ubuntu-22.04
    needs: build_wolfssl
    steps:
+      - name: Install dependencies
+        run: export DEBIAN_FRONTEND=noninteractive && sudo apt-get update && sudo apt-get install -y libreadline8
      - name: Download lib
        uses: actions/download-artifact@v4
        with:
--- a/.github/workflows/jwt-cpp.yml
+++ b/.github/workflows/jwt-cpp.yml
@@ -41,13 +41,17 @@ jobs:
          retention-days: 5

  build_pam-ipmi:
+    if: github.repository_owner == 'wolfssl'
    strategy:
      fail-fast: false
      matrix:
-        ref: [ 0.6.0 ]
-    name: ${{ matrix.ref }}
-    if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+        config:
+          - ref: 0.7.0
+            runner: ubuntu-22.04
+          - ref: 0.6.0
+            runner: ubuntu-22.04
+    name: ${{ matrix.config.ref }}
+    runs-on: ${{ matrix.config.runner }}
    needs: build_wolfssl
    steps:
      - name: Install dependencies
@@ -76,12 +80,12 @@ jobs:
        with:
          repository: Thalhammer/jwt-cpp
          path: jwt-cpp
-          ref: v${{ matrix.ref }}
+          ref: v${{ matrix.config.ref }}

      - name: Build pam-ipmi
        working-directory: jwt-cpp
        run: |
-          patch -p1 < ../osp/jwt-cpp/${{ matrix.ref }}.patch
+          patch -p1 < ../osp/jwt-cpp/${{ matrix.config.ref }}.patch
          PKG_CONFIG_PATH=$GITHUB_WORKSPACE/build-dir/lib/pkgconfig \
            cmake -B build -DJWT_SSL_LIBRARY:STRING=wolfSSL -DJWT_BUILD_TESTS=ON .
          make -j -C build
--- a/.github/workflows/libspdm.yml
+++ b/.github/workflows/libspdm.yml
@@ -0,0 +1,91 @@
+name: libspdm Tests
+
+# START OF COMMON SECTION
+on:
+  push:
+    branches: [ 'master', 'main', 'release/**' ]
+  pull_request:
+    branches: [ '*' ]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+# END OF COMMON SECTION
+
+jobs:
+  build_wolfssl:
+    name: Build wolfSSL
+    if: github.repository_owner == 'wolfssl'
+    # Just to keep it the same as the testing target
+    runs-on: ubuntu-22.04
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
+    steps:
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-all --enable-static CFLAGS='-DRSA_MIN_SIZE=512'
+          install: true
+
+      - name: tar build-dir
+        run: tar -zcf build-dir.tgz build-dir
+
+      - name: Upload built lib
+        uses: actions/upload-artifact@v4
+        with:
+          name: wolf-install-libspdm
+          path: build-dir.tgz
+          retention-days: 5
+
+  libspdm_check:
+    strategy:
+      fail-fast: false
+      matrix:
+        # List of releases to test
+        ref: [ 3.3.0 ]
+    name: ${{ matrix.ref }}
+    if: github.repository_owner == 'wolfssl'
+    runs-on: ubuntu-22.04
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
+    needs: build_wolfssl
+    steps:
+      - name: Download lib
+        uses: actions/download-artifact@v4
+        with:
+          name: wolf-install-libspdm
+
+      - name: untar build-dir
+        run: tar -xf build-dir.tgz
+
+      - name: Checkout OSP
+        uses: actions/checkout@v4
+        with:
+          repository: wolfssl/osp
+          path: osp
+
+      - name: Checkout libspdm
+        uses: actions/checkout@v4
+        with:
+          repository: DMTF/libspdm
+          path: libspdm
+          ref: ${{ matrix.ref }}
+
+      - name: Build and test libspdm
+        working-directory: libspdm
+        run: |
+          patch -p1 < ../osp/libspdm/${{ matrix.ref }}/libspdm-${{ matrix.ref }}.patch
+          git submodule update --init --recursive
+          # Silence cmake version warnings
+          find -name CMakeLists.txt -exec sed -i 's/cmake_minimum_required.*/cmake_minimum_required(VERSION 3.10)/g' {} \;
+          mkdir build
+          cd build
+          cmake -DARCH=x64 -DTOOLCHAIN=GCC -DTARGET=Debug -DCRYPTO=wolfssl -DENABLE_BINARY_BUILD=1 \
+            -DCOMPILED_LIBWOLFSSL_PATH=$GITHUB_WORKSPACE/build-dir/lib/libwolfssl.a \
+            -DWOLFSSL_INCDIR=$GITHUB_WORKSPACE/build-dir/include ..
+          make -j
+          cd ../unit_test/sample_key
+          ../../build/bin/test_crypt
+          ../../build/bin/test_spdm_secured_message
+          ../../build/bin/test_spdm_crypt
--- a/.github/workflows/mosquitto.yml
+++ b/.github/workflows/mosquitto.yml
@@ -68,8 +68,7 @@ jobs:
        run: |
            export DEBIAN_FRONTEND=noninteractive
            sudo apt-get update
-            sudo apt-get install -y build-essential libev-dev libssl-dev automake python3-docutils libcunit1 libcunit1-doc libcunit1-dev pkg-config make
-            sudo pip install --upgrade psutil
+            sudo apt-get install -y build-essential libev-dev libssl-dev automake python3-docutils libcunit1 libcunit1-doc libcunit1-dev pkg-config make python3-psutil

      - name: Checkout mosquitto
        uses: actions/checkout@v4
--- a/.github/workflows/multi-compiler.yml
+++ b/.github/workflows/multi-compiler.yml
@@ -51,6 +51,8 @@ jobs:
    # This should be a safe limit for the tests to run.
    timeout-minutes: 4
    steps:
+      - name: Install dependencies
+        run: export DEBIAN_FRONTEND=noninteractive && sudo apt-get update && sudo apt-get install -y ${{ matrix.CC }}
      - uses: actions/checkout@v4
      - name: Build
        env:
--- a/.github/workflows/nss.sh
+++ b/.github/workflows/nss.sh
@@ -0,0 +1,27 @@
+#!/usr/bin/env bash
+
+set -e
+set -x
+
+# Setup nss cert db
+mkdir nssdb
+./dist/Debug/bin/certutil -d nssdb -N --empty-password
+./dist/Debug/bin/certutil -d nssdb  -A -a -i  wolfssl/certs/test/server-localhost.pem \
+    -t TCP -n 'wolf localhost'
+
+# App data for nss
+echo Hello from nss > /tmp/in
+
+# TLS 1.3 test
+env -C wolfssl ./examples/server/server -v 4 -p 4433 \
+    -c certs/test/server-localhost.pem -d -w > /tmp/server.log 2>&1 &
+sleep 0.1
+./dist/Debug/bin/tstclnt -V tls1.3: -h localhost -p 4433 -d nssdb -C -4 -A /tmp/in -v
+sleep 0.1
+
+# DTLS 1.3 test
+env -C wolfssl ./examples/server/server -v 4 -p 4433 -u \
+    -c certs/test/server-localhost.pem -d -w > /tmp/server.log 2>&1 &
+sleep 0.1
+./dist/Debug/bin/tstclnt -V tls1.3: -P client -h localhost -p 4433 -d nssdb -C -4 -A /tmp/in -v
+sleep 0.1
--- a/.github/workflows/nss.yml
+++ b/.github/workflows/nss.yml
@@ -0,0 +1,89 @@
+name: nss interop Tests
+
+### TODO uncomment stuff
+
+# START OF COMMON SECTION
+on:
+  push:
+    branches: [ 'master', 'main', 'release/**' ]
+  pull_request:
+    branches: [ '*' ]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+# END OF COMMON SECTION
+
+env:
+  NSS_REF: NSS_3_107_RTM
+
+jobs:
+  build_nss:
+    name: Build nss
+    if: github.repository_owner == 'wolfssl'
+    runs-on: ubuntu-22.04
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 30
+    steps:
+      - name: Checking if we have nss in cache
+        uses: actions/cache@v4
+        id: cache
+        with:
+          path: dist
+          key: nss-${{ env.NSS_REF }}
+          lookup-only: true
+
+      - name: Install dependencies
+        if: steps.cache.outputs.cache-hit != 'true'
+        run: |
+          # Don't prompt for anything
+          export DEBIAN_FRONTEND=noninteractive
+          sudo apt-get update
+          # hostap dependencies
+          sudo apt-get install -y gyp ninja-build
+
+      - name: Checkout nss
+        if: steps.cache.outputs.cache-hit != 'true'
+        uses: actions/checkout@v4
+        with:
+          repository: nss-dev/nss
+          ref: ${{ env.NSS_REF }}
+          path: nss
+
+      - name: Compile nss
+        if: steps.cache.outputs.cache-hit != 'true'
+        run: |
+          hg clone https://hg.mozilla.org/projects/nspr
+          cd nss
+          ./build.sh
+
+  nss_test:
+    name: Test interop with nss
+    runs-on: ubuntu-22.04
+    needs: build_nss
+    timeout-minutes: 10
+    if: github.repository_owner == 'wolfssl'
+    steps:
+      - name: Checking if we have nss in cache
+        uses: actions/cache/restore@v4
+        id: cache
+        with:
+          path: dist
+          key: nss-${{ env.NSS_REF }}
+          fail-on-cache-miss: true
+
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-dtls --enable-dtls13
+          install: false
+          check: false
+
+      - name: Test interop
+        run: bash wolfssl/.github/workflows/nss.sh
+
+      - name: print server logs
+        if: ${{ failure() }}
+        run: |
+          cat /tmp/server.log
--- a/.github/workflows/pam-ipmi.yml
+++ b/.github/workflows/pam-ipmi.yml
@@ -56,8 +56,7 @@ jobs:
          # Don't prompt for anything
          export DEBIAN_FRONTEND=noninteractive
          sudo apt-get update
-          sudo apt-get install libpam-dev ninja-build
-          sudo pip3 install meson
+          sudo apt-get install libpam-dev ninja-build meson

      - name: Download lib
        uses: actions/download-artifact@v4
--- a/.github/workflows/socat.yml
+++ b/.github/workflows/socat.yml
@@ -70,7 +70,7 @@ jobs:
        run: |
          patch -p1 < ../osp/socat/1.8.0.0/socat-1.8.0.0.patch
          autoreconf -vfi
-          ./configure --with-wolfssl=$GITHUB_WORKSPACE/build-dir
+          ./configure --with-wolfssl=$GITHUB_WORKSPACE/build-dir --enable-default-ipv=4
          make

      - name: Run socat tests
@@ -78,4 +78,4 @@ jobs:
        run: |
          export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH
          export SHELL=/bin/bash
-          SOCAT=$GITHUB_WORKSPACE/socat-1.8.0.0/socat ./test.sh -t 0.5 --expect-fail 146,216,309,310,386,399,402,459,460,467,468,478,492,528,530
+          SOCAT=$GITHUB_WORKSPACE/socat-1.8.0.0/socat ./test.sh -t 0.5 --expect-fail 36,64,146,214,216,217,309,310,386,399,402,403,459,460,467,468,478,492,528,530
--- a/.github/workflows/softhsm.yml
+++ b/.github/workflows/softhsm.yml
@@ -17,7 +17,7 @@ jobs:
    name: Build wolfSSL
    if: github.repository_owner == 'wolfssl'
    # Just to keep it the same as the testing target
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
    # This should be a safe limit for the tests to run.
    timeout-minutes: 10
    steps:
@@ -47,7 +47,7 @@ jobs:
        ref: [ 2.6.1 ]
    name: ${{ matrix.ref }}
    if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
    # This should be a safe limit for the tests to run.
    timeout-minutes: 20
    needs: build_wolfssl
--- a/.github/workflows/sssd.yml
+++ b/.github/workflows/sssd.yml
@@ -14,6 +14,7 @@ concurrency:

 jobs:
  build_wolfssl:
+    if: github.repository_owner == 'wolfssl'
    name: Build wolfSSL
    # Just to keep it the same as the testing target
    runs-on: ubuntu-22.04
@@ -39,6 +40,7 @@ jobs:
          retention-days: 5

  sssd_check:
+    if: github.repository_owner == 'wolfssl'
    strategy:
      fail-fast: false
      matrix:
--- a/.github/workflows/zephyr.yml
+++ b/.github/workflows/zephyr.yml
@@ -46,7 +46,7 @@ jobs:
            libglib2.0-dev libgtk2.0-0 liblocale-gettext-perl libncurses5-dev libpcap-dev \
            libpopt0 libsdl1.2-dev libsdl2-dev libssl-dev libtool libtool-bin locales make \
            net-tools ninja-build openssh-client parallel pkg-config python3-dev python3-pip \
-            python3-ply python3-setuptools python-is-python3 qemu rsync socat srecord sudo \
+            python3-ply python3-setuptools python-is-python3 qemu-kvm rsync socat srecord sudo \
            texinfo unzip wget ovmf xz-utils

      - name: Install west
--- a/.gitignore
+++ b/.gitignore
@@ -457,3 +457,7 @@ wrapper/Ada/obj/
 /**/.vscode/launch.json
 /**/.vscode/ipch
 /**/sdkconfig.esp32dev
+
+# Autogenerated debug trace headers
+wolfssl/debug-trace-error-codes.h
+wolfssl/debug-untrace-error-codes.h
--- a/.wolfssl_known_macro_extras
+++ b/.wolfssl_known_macro_extras
@@ -0,0 +1,979 @@
+AES_GCM_GMULT_NCT
+AFX_RESOURCE_DLL
+AFX_TARG_ENU
+ALLOW_BINARY_MISMATCH_INTROSPECTION
+ALLOW_V1_EXTENSIONS
+ANDROID
+APP_ESP_HTTP_CLIENT
+APP_ESP_HTTP_CLIENT_EXAMPLE
+APSTUDIO_INVOKED
+ARCH_sim
+ARDUINO
+ARDUINO_ARCH_RP2040
+ARDUINO_SAMD_NANO_33_IOT
+ARDUINO_SAM_DUE
+ASN_DUMP_OID
+ASN_TEMPLATE_SKIP_ISCA_CHECK
+ATCAPRINTF
+ATCA_ENABLE_DEPRECATED
+AVR
+BASE64_NO_TABLE
+BLAKE2B_SELFTEST
+BLAKE2S_SELFTEST
+BLOCKING
+BSP_DEFAULT_IO_CHANNEL_DEFINED
+BSP_LED_0
+BSP_LED_1
+BSP_SDCARD_ESDHC_CHANNEL
+BSP_SDCARD_SDHC_CHANNEL
+BSP_SDCARD_SPI_CHANNEL
+CAAM_OUT_INVALIDATE
+CIOCASYMFEAT
+CIOCGSESSINFO
+CMSIS_OS2_H_
+COMPONENT_WOLFSSL
+CONFIG_ARCH_CHIP_STM32F746ZG
+CONFIG_ARCH_CHIP_STM32H743ZI
+CONFIG_ARCH_CHIP_STM32L552ZE
+CONFIG_ARCH_POSIX
+CONFIG_ARM
+CONFIG_ARM64
+CONFIG_BOARD_NATIVE_POSIX
+CONFIG_COMPILER_OPTIMIZATION_DEFAULT
+CONFIG_COMPILER_OPTIMIZATION_NONE
+CONFIG_COMPILER_OPTIMIZATION_PERF
+CONFIG_COMPILER_OPTIMIZATION_SIZE
+CONFIG_CRYPTO_FIPS
+CONFIG_CRYPTO_MANAGER
+CONFIG_CSPRNG_ENABLED
+CONFIG_ESP32C2_DEFAULT_CPU_FREQ_MHZ
+CONFIG_ESP32C3_DEFAULT_CPU_FREQ_MHZ
+CONFIG_ESP32H2_DEFAULT_CPU_FREQ_MHZ
+CONFIG_ESP32S2_DEFAULT_CPU_FREQ_MHZ
+CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
+CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ
+CONFIG_ESP8266_XTAL_FREQ_26
+CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_160
+CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240
+CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_80
+CONFIG_ESP_ENABLE_WOLFSSH
+CONFIG_ESP_MAIN_TASK_STACK_SIZE
+CONFIG_ESP_TLS_USING_WOLFSSL
+CONFIG_ESP_WIFI_PASSWORD
+CONFIG_ESP_WIFI_SSID
+CONFIG_ESP_WOLFSSL_ENABLE_KYBER
+CONFIG_ESP_WOLFSSL_ENABLE_WOLFSSH
+CONFIG_ESP_WOLFSSL_NO_ESP32_CRYPT
+CONFIG_ESP_WOLFSSL_NO_HW_AES
+CONFIG_ESP_WOLFSSL_NO_HW_HASH
+CONFIG_ESP_WOLFSSL_NO_HW_RSA_PRI
+CONFIG_ESP_WOLFSSL_NO_HW_RSA_PRI_EXPTMOD
+CONFIG_ESP_WOLFSSL_NO_HW_RSA_PRI_MP_MUL
+CONFIG_ESP_WOLFSSL_NO_HW_RSA_PRI_MULMOD
+CONFIG_FREERTOS_HZ
+CONFIG_FREERTOS_UNICORE
+CONFIG_IDF_TARGET
+CONFIG_IDF_TARGET_ARCH_RISCV
+CONFIG_IDF_TARGET_ARCH_XTENSA
+CONFIG_IDF_TARGET_ESP32
+CONFIG_IDF_TARGET_ESP32C2
+CONFIG_IDF_TARGET_ESP32C3
+CONFIG_IDF_TARGET_ESP32C6
+CONFIG_IDF_TARGET_ESP32H2
+CONFIG_IDF_TARGET_ESP32S2
+CONFIG_IDF_TARGET_ESP32S3
+CONFIG_IDF_TARGET_ESP8266
+CONFIG_IDF_TARGET_ESP8684
+CONFIG_MAIN_TASK_STACK_SIZE
+CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
+CONFIG_MBEDTLS_PSA_CRYPTO_C
+CONFIG_MIPS
+CONFIG_MODULE_SIG
+CONFIG_NET_SOCKETS_SOCKOPT_TLS
+CONFIG_NEWLIB_LIBC
+CONFIG_NEWLIB_NANO_FORMAT
+CONFIG_PICOLIBC
+CONFIG_POSIX_API
+CONFIG_POSIX_THREADS
+CONFIG_PREEMPT_COUNT
+CONFIG_PTHREAD_IPC
+CONFIG_SMP
+CONFIG_SNTP_TIME_SYNC_METHOD_SMOOTH
+CONFIG_TIMER_TASK_STACK_DEPTH
+CONFIG_TIMER_TASK_STACK_SIZE
+CONFIG_TLS_STACK_WOLFSSL
+CONFIG_USE_WOLFSSL_ESP_SDK_TIME
+CONFIG_USE_WOLFSSL_ESP_SDK_WIFI
+CONFIG_WOLFCRYPT_ARMASM
+CONFIG_WOLFCRYPT_FIPS
+CONFIG_WOLFCRYPT_INTELASM
+CONFIG_WOLFSSL
+CONFIG_WOLFSSL_ALLOW_TLS13
+CONFIG_WOLFSSL_ALPN
+CONFIG_WOLFSSL_ALT_CERT_CHAINS
+CONFIG_WOLFSSL_APPLE_HOMEKIT
+CONFIG_WOLFSSL_ASN_ALLOW_0_SERIAL
+CONFIG_WOLFSSL_CERTIFICATE_BUNDLE
+CONFIG_WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_NONE
+CONFIG_WOLFSSL_DTLS
+CONFIG_WOLFSSL_ENABLE_KYBER
+CONFIG_WOLFSSL_EXAMPLE_NAME_ESP32_SSH_SERVER
+CONFIG_WOLFSSL_EXAMPLE_NAME_ESP8266_SSH_SERVER
+CONFIG_WOLFSSL_EXAMPLE_NAME_NONE
+CONFIG_WOLFSSL_EXAMPLE_NAME_TEMPLATE
+CONFIG_WOLFSSL_EXAMPLE_NAME_TLS_CLIENT
+CONFIG_WOLFSSL_EXAMPLE_NAME_TLS_SERVER
+CONFIG_WOLFSSL_EXAMPLE_NAME_WOLFMQTT_AWS_IOT_MQTT
+CONFIG_WOLFSSL_EXAMPLE_NAME_WOLFMQTT_TEMPLATE
+CONFIG_WOLFSSL_EXAMPLE_NAME_WOLFSSH_ECHOSERVER
+CONFIG_WOLFSSL_EXAMPLE_NAME_WOLFSSH_TEMPLATE
+CONFIG_WOLFSSL_HKDF
+CONFIG_WOLFSSL_MAX_FRAGMENT_LEN
+CONFIG_WOLFSSL_NO_ASN_STRICT
+CONFIG_WOLFSSL_PSK
+CONFIG_WOLFSSL_RSA_PSS
+CONFIG_WOLFSSL_TARGET_HOST
+CONFIG_WOLFSSL_TARGET_PORT
+CONFIG_WOLFSSL_TLS13_ENABLED
+CONFIG_WOLFSSL_TLS_VERSION_1_2
+CONFIG_WOLFSSL_TLS_VERSION_1_3
+CONFIG_WOLFTPM_EXAMPLE_NAME_ESPRESSIF
+CONFIG_X86
+CONV_WITH_DIV
+CPA_CY_API_VERSION_NUM_MAJOR
+CPU_MIMXRT1176DVMAA_cm7
+CPU_MK82FN256VLL15
+CRLDP_VALIDATE_DATA
+CRL_REPORT_LOAD_ERRORS
+CRL_STATIC_REVOKED_LIST
+CRYPTOCELL_KEY_SIZE
+CRYP_HEADERWIDTHUNIT_BYTE
+CRYP_KEYIVCONFIG_ONCE
+CRYP_KEYSIZE_192B
+CSM_UNSUPPORTED_ALGS
+CTYPE_USER
+CURVED448_SMALL
+CY_USING_HAL
+DCP_USE_DCACHE
+DILITHIUM_MUL_11_SLOW
+DILITHIUM_MUL_44_SLOW
+DILITHIUM_MUL_QINV_SLOW
+DILITHIUM_MUL_Q_SLOW
+DILITHIUM_MUL_SLOW
+DILITHIUM_USE_HINT_CT
+DTLS_RECEIVEFROM_NO_TIMEOUT_ON_INVALID_PEER
+ECCSI_ORDER_MORE_BITS_THAN_PRIME
+ECC_DUMP_OID
+ECDHE_SIZE
+ENABLE_SECURE_SOCKETS_LOGS
+ESP32
+ESP8266
+ESP_ENABLE_WOLFSSH
+ESP_IDF_VERSION_MAJOR
+ESP_IDF_VERSION_MINOR
+ESP_PLATFORM
+ESP_TASK_MAIN_STACK
+EV_TRIGGER
+FP_ECC_CONTROL
+FREERTOS_TCP_WINSIM
+FREESCALE
+FREESCALE_RNGB
+FREESCALE_USE_MMCAU_CLASSIC
+FSL_FEATURE_HAS_L1CACHE
+FSL_FEATURE_LTC_HAS_DES
+FSL_FEATURE_LTC_HAS_GCM
+FSL_FEATURE_LTC_HAS_PKHA
+FSL_FEATURE_LTC_HAS_SHA
+FSL_FEATURE_SOC_LTC_COUNT
+FSL_FEATURE_SOC_MMCAU_COUNT
+FSL_FEATURE_SOC_RNG_COUNT
+FSL_FEATURE_SOC_TRNG_COUNT
+FUSION_RTOS
+GENERATE_MACHINE_PARSEABLE_REPORT
+GE_P3_TOBYTES_IMPL
+GOAHEAD_WS
+HAL_RTC_MODULE_ENABLED
+HARDWARE_CACHE_COHERENCY
+HASH_AlgoMode_HASH
+HASH_BYTE_SWAP
+HASH_CR_LKEY
+HASH_DIGEST
+HASH_DataType_8b
+HASH_IMR_DCIE
+HASH_IMR_DINIE
+HAVE_AESGCM_DECRYPT
+HAVE_BYTEREVERSE64
+HAVE_CERTIFICATE_STATUS_V2
+HAVE_COLDFIRE_SEC
+HAVE_CRL_UPDATE_CB
+HAVE_CSHARP
+HAVE_CURL
+HAVE_CURVE22519
+HAVE_DANE
+HAVE_ECC239
+HAVE_ECC320
+HAVE_ECC512
+HAVE_ECC_CDH_CAST
+HAVE_ECC_SM2
+HAVE_ESP_CLK
+HAVE_FACON
+HAVE_FIPS_VERSION_PORT
+HAVE_FUZZER
+HAVE_INTEL_MULX
+HAVE_INTEL_QAT_SYNC
+HAVE_INTEL_SPEEDUP
+HAVE_MDK_RTX
+HAVE_NETX_BSD
+HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK
+HAVE_POCO_LIB
+HAVE_RTP_SYS
+HAVE_SECURE_GETENV
+HAVE_STACK_SIZE_VERBOSE_LOG
+HAVE_THREADX
+HAVE_TM_TYPE
+HAVE_VALIDATE_DATE
+HAVE_VA_COPY
+HAVE_X448
+HONOR_MATH_USED_LENGTH
+HSM_KEY_TYPE_HMAC_224
+HSM_KEY_TYPE_HMAC_256
+HSM_KEY_TYPE_HMAC_384
+HSM_KEY_TYPE_HMAC_512
+HSM_OP_KEY_GENERATION_FLAGS_CREATE
+HSM_OP_KEY_GENERATION_FLAGS_UPDATE
+HSM_SVC_KEY_STORE_FLAGS_UPDATE
+IDIRECT_DEV_RANDOM
+IDIRECT_DEV_TIME
+ID_TRNG
+IGNORE_KEY_EXTENSIONS
+IGNORE_NETSCAPE_CERT_TYPE
+INCLUDE_uxTaskGetStackHighWaterMark
+INTEGRITY
+INTIMEVER
+IOTSAFE_NO_GETDATA
+IOTSAFE_SIG_8BIT_LENGTH
+KCAPI_USE_XMALLOC
+KYBER_NONDETERMINISTIC
+K_SERIES
+LIBWOLFSSL_VERSION_GIT_BRANCH
+LIBWOLFSSL_VERSION_GIT_HASH
+LIBWOLFSSL_VERSION_GIT_HASH_DATE
+LIBWOLFSSL_VERSION_GIT_ORIGIN
+LIBWOLFSSL_VERSION_GIT_SHORT_HASH
+LIBWOLFSSL_VERSION_GIT_TAG
+LINUXKM_FPU_STATES_FOLLOW_THREADS
+LINUXKM_LKCAPI_PRIORITY_ALLOW_MASKING
+LINUX_CYCLE_COUNT
+LINUX_RUSAGE_UTIME
+LP64
+MAX3266X_AESGCM
+MAX3266X_RSA
+MAXQ10XX_PRODUCTION_KEY
+MAXQ_EXPORT_TLS_KEYS
+MAXQ_SHA1
+MAXSEG_64K
+MAX_WOLFSSL_FILE_SIZE
+MDK_CONF_BARE_METAL
+MDK_CONF_FS
+MDK_CONF_RTX_TCP_FS
+MDK_CONF_TCP_FS
+MDK_WOLFLIB
+MICRIUM_MALLOC
+MICROCHIP_MPLAB_HARMONY
+MICROCHIP_MPLAB_HARMONY_3
+MICRO_SESSION_CACHEx
+MODULE_SOCK_TCP
+MP_31BIT
+MP_8BIT
+MQX_USE_IO_OLD
+MULTI_VALUE_STATISTICS
+MUTEX_DURING_INIT
+NEED_THREADX_TYPES
+NETX_DUO
+NET_SECURE_MODULE_EN
+NOTE_TRIGGER
+NO_AES_DECRYPT
+NO_ARDUINO_DEFAULT
+NO_ASM
+NO_ASN_OLD_TYPE_NAMES
+NO_CAMELLIA_CBC
+NO_CERT
+NO_CIPHER_SUITE_ALIASES
+NO_CLIENT_CACHE
+NO_CLOCK_SPEEDUP
+NO_CURVE25519_KEY_EXPORT
+NO_CURVE25519_KEY_IMPORT
+NO_CURVE25519_SHARED_SECRET
+NO_CURVE448_KEY_EXPORT
+NO_CURVE448_KEY_IMPORT
+NO_CURVE448_SHARED_SECRET
+NO_DEV_URANDOM
+NO_ECC384
+NO_ECC521
+NO_ECC_CACHE_CURVE
+NO_ECC_CHECK_KEY
+NO_ECC_KEY_IMPORT
+NO_ECC_MAKE_PUB
+NO_ED25519_CLIENT_AUTH
+NO_ED25519_KEY_EXPORT
+NO_ED25519_KEY_IMPORT
+NO_ED25519_MAKE_KEY
+NO_ED25519_SIGN
+NO_ED25519_VERIFY
+NO_ED448_CLIENT_AUTH
+NO_ED448_KEY_EXPORT
+NO_ED448_KEY_IMPORT
+NO_ED448_SIGN
+NO_ED448_VERIFY
+NO_ESP_MP_MUL_EVEN_ALT_CALC
+NO_FORCE_SCR_SAME_SUITE
+NO_GCM_ENCRYPT_EXTRA
+NO_GETENV
+NO_HANDSHAKE_DONE_CB
+NO_IMX6_CAAM_AES
+NO_IMX6_CAAM_HASH
+NO_OLD_NAMES
+NO_OLD_POLY1305
+NO_OLD_TIMEVAL_NAME
+NO_PBKDF1
+NO_PIC32MZ_CRYPT
+NO_PIC32MZ_HASH
+NO_PIC32MZ_RNG
+NO_PKCS11_AES
+NO_PKCS11_AESCBC
+NO_PKCS11_AESGCM
+NO_PKCS11_ECC
+NO_PKCS11_ECDH
+NO_PKCS11_EC_KEYGEN
+NO_PKCS11_HMAC
+NO_PKCS11_RNG
+NO_PKCS11_RSA
+NO_PKCS11_RSA_PKCS
+NO_PKCS7
+NO_PKCS7_COMPRESSED_DATA
+NO_PKCS7_ENCRYPTED_DATA
+NO_PKCS7_STREAM
+NO_POLY1305_ASM
+NO_PUBLIC_CCM_SET_NONCE
+NO_PUBLIC_GCM_SET_IV
+NO_RESUME_SUITE_CHECK
+NO_RNG
+NO_RNG_MUTEX
+NO_SESSION_CACHE_ROW_LOCK
+NO_SKID
+NO_SKIP_PREVIEW
+NO_STDIO_FGETS_REMAP
+NO_TKERNEL_MEM_POOL
+NO_TLSX_PSKKEM_PLAIN_ANNOUNCE
+NO_VERIFY_OID
+NO_WC_SSIZE_TYPE
+NO_WOLFSSL_ALLOC_ALIGN
+NO_WOLFSSL_AUTOSAR_CRYIF
+NO_WOLFSSL_AUTOSAR_CRYPTO
+NO_WOLFSSL_AUTOSAR_CSM
+NO_WOLFSSL_BASE64_DECODE
+NO_WOLFSSL_MSG_EX
+NO_WOLFSSL_RENESAS_FSPSM_AES
+NO_WOLFSSL_RENESAS_FSPSM_HASH
+NO_WOLFSSL_RENESAS_TSIP_CRYPT_AES
+NO_WOLFSSL_SHA256
+NO_WOLFSSL_SHA256_INTERLEAVE
+NO_WOLFSSL_SHA512_INTERLEAVE
+NO_WOLFSSL_SKIP_TRAILING_PAD
+NO_WOLFSSL_SMALL_STACK_STATIC
+NO_WOLFSSL_XILINX_TAG_MALLOC
+NRF52
+NRF52_SERIES
+NRF_ERROR_MODULE_ALREADY_INITIALIZED
+OLD_HELLO_ALLOWED
+OPENSSL_EXTRA_BSD
+OPENSSL_EXTRA_NO_ASN1
+OPENSSL_EXTRA_NO_BN
+OPENSSL_NO_PK
+OS_WINDOWS
+OTHERBOARD
+OTHER_BOARD
+PEER_INFO
+PKA_ECC_SCALAR_MUL_IN_B_COEFF
+PLATFORMIO
+PLUTON_CRYPTO_ECC
+PRINT_SESSION_STATS
+PTHREAD_STACK_MIN
+QAT_ENABLE_HASH
+QAT_ENABLE_RNG
+QAT_USE_POLLING_CHECK
+RC_NO_RNG
+REDIRECTION_IN3_KEYELMID
+REDIRECTION_IN3_KEYID
+REDIRECTION_OUT1_KEYELMID
+REDIRECTION_OUT1_KEYID
+REDIRECTION_OUT2_KEYELMID
+REDIRECTION_OUT2_KEYID
+RENESAS_T4_USE
+RTC_ALARMSUBSECONDMASK_ALL
+RTE_CMSIS_RTOS_RTX
+RTOS_MODULE_NET_AVAIL
+RTPLATFORM
+SA_INTERRUPT
+SCEKEY_INSTALLED
+SHA256_MANY_REGISTERS
+SHA3_BY_SPEC
+SHOW_CERTS
+SHOW_GEN
+SHOW_SIZES
+SHOW_SSID_AND_PASSWORD
+SIM_SCGC3_RNGA_MASK
+SIM_SCGC5_PORTC_MASK
+SIM_SCGC5_PORTD_MASK
+SIM_SCGC5_PORTE_MASK
+SIM_SCGC6_RNGA_MASK
+SL_SE_KEY_TYPE_ECC_P384
+SL_SE_KEY_TYPE_ECC_P521
+SL_SE_KEY_TYPE_ECC_X25519
+SL_SE_KEY_TYPE_ECC_X448
+SL_SE_PRF_HMAC_SHA1
+SOFTDEVICE_PRESENT
+SO_NOSIGPIPE
+SO_REUSEPORT
+SP_INT_NO_ASM
+SP_MATH_NEED_ADD_OFF
+SP_USE_DIVTI3
+SQRTMOD_USE_MOD_EXP
+SSL_SNIFFER_EXPORTS
+SSN_BUILDING_LIBYASSL
+STATIC_CHUNKS_ONLY
+STM32F107xC
+STM32F207xx
+STM32F217xx
+STM32F401xE
+STM32F407xx
+STM32F437xx
+STM32F756xx
+STM32F777xx
+STM32G071xx
+STM32G491xx
+STM32H563xx
+STM32H723xx
+STM32H725xx
+STM32H743xx
+STM32H753xx
+STM32L475xx
+STM32L4A6xx
+STM32L552xx
+STM32L562xx
+STM32MP135Fxx
+STM32U575xx
+STM32U585xx
+STM32U5A9xx
+STM32WB55xx
+STM32WL55xx
+STM32_AESGCM_PARTIAL
+STM32_HW_CLOCK_AUTO
+STM32_NUTTX_RNG
+TASK_EXTRA_STACK_SIZE
+TCP_NODELAY
+TFM_ALREADY_SET
+TFM_SMALL_MONT_SET
+THREADED_SNIFFTEST
+TIME_T_NOT_LONG
+TI_DUMMY_BUILD
+TLS13_RSA_PSS_SIGN_CB_NO_PREHASH
+UNICODE
+USER_CA_CB
+USER_CUSTOM_SNIFFX
+USER_MATH_LIB
+USE_ALT_MPRIME
+USE_ANY_ADDR
+USE_CERT_BUFFERS_25519
+USE_CERT_BUFFERS_3072
+USE_ECDSA_KEYSZ_HASH_ALGO
+USE_FULL_ASSERT
+USE_HAL_DRIVER
+USE_NXP_LTC
+USE_NXP_MMCAU
+USE_QAE_THREAD_LS
+USE_SECRET_CALLBACK
+USE_STSAFE_RNG_SEED
+USE_STSAFE_VERBOSE
+USE_TLSV13
+USE_WOLF_STRNSTR
+USS_API
+WC_AESXTS_STREAM_NO_REQUEST_ACCOUNTING
+WC_AES_BS_WORD_SIZE
+WC_AES_GCM_DEC_AUTH_EARLY
+WC_ASN_HASH_SHA256
+WC_ASYNC_ENABLE_3DES
+WC_ASYNC_ENABLE_AES
+WC_ASYNC_ENABLE_ARC4
+WC_ASYNC_ENABLE_DH
+WC_ASYNC_ENABLE_ECC
+WC_ASYNC_ENABLE_ECC_KEYGEN
+WC_ASYNC_ENABLE_HMAC
+WC_ASYNC_ENABLE_MD5
+WC_ASYNC_ENABLE_RSA
+WC_ASYNC_ENABLE_RSA_KEYGEN
+WC_ASYNC_ENABLE_SHA
+WC_ASYNC_ENABLE_SHA224
+WC_ASYNC_ENABLE_SHA256
+WC_ASYNC_ENABLE_SHA3
+WC_ASYNC_ENABLE_SHA384
+WC_ASYNC_ENABLE_SHA512
+WC_ASYNC_NO_CRYPT
+WC_ASYNC_NO_HASH
+WC_DILITHIUM_CACHE_PRIV_VECTORS
+WC_DILITHIUM_CACHE_PUB_VECTORS
+WC_DILITHIUM_FIXED_ARRAY
+WC_DISABLE_RADIX_ZERO_PAD
+WC_ECC_NONBLOCK_ONLY
+WC_KDF_NIST_SP_800_56C
+WC_LMS_FULL_HASH
+WC_NO_RNG_SIMPLE
+WC_NO_STATIC_ASSERT
+WC_PKCS11_FIND_WITH_ID_ONLY
+WC_PROTECT_ENCRYPTED_MEM
+WC_RNG_BLOCKING
+WC_RSA_DIRECT
+WC_RSA_NONBLOCK
+WC_RSA_NONBLOCK_TIME
+WC_RSA_NO_FERMAT_CHECK
+WC_SHA384
+WC_SHA384_DIGEST_SIZE
+WC_SHA512
+WC_SSIZE_TYPE
+WC_STRICT_SIG
+WC_XMSS_FULL_HASH
+WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE
+WOLFSENTRY_H
+WOLFSENTRY_NO_JSON
+WOLFSSL_32BIT_MILLI_TIME
+WOLFSSL_AESNI_BY4
+WOLFSSL_AESNI_BY6
+WOLFSSL_AFTER_DATE_CLOCK_SKEW
+WOLFSSL_ALGO_HW_MUTEX
+WOLFSSL_ALLOW_CRIT_AIA
+WOLFSSL_ALLOW_CRIT_AKID
+WOLFSSL_ALLOW_CRIT_SKID
+WOLFSSL_ALLOW_ENCODING_CA_FALSE
+WOLFSSL_ALLOW_MAX_FRAGMENT_ADJUST
+WOLFSSL_ALLOW_NO_CN_IN_SAN
+WOLFSSL_ALLOW_NO_SUITES
+WOLFSSL_ALLOW_SERVER_SC_EXT
+WOLFSSL_ALLOW_TLS_SHA1
+WOLFSSL_ALTERNATIVE_DOWNGRADE
+WOLFSSL_ALT_NAMES_NO_REV
+WOLFSSL_ARM_ARCH_NEON_64BIT
+WOLFSSL_ASNC_CRYPT
+WOLFSSL_ASN_EXTRA
+WOLFSSL_ASN_INT_LEAD_0_ANY
+WOLFSSL_ASN_TEMPLATE_NEED_SET_INT32
+WOLFSSL_ASN_TEMPLATE_TYPE_CHECK
+WOLFSSL_ATECC508
+WOLFSSL_ATECC508A_NOIDLE
+WOLFSSL_ATECC508A_NOSOFTECC
+WOLFSSL_ATECC508A_TLS
+WOLFSSL_ATECC_ECDH_IOENC
+WOLFSSL_ATECC_NO_ECDH_ENC
+WOLFSSL_ATECC_RNG
+WOLFSSL_ATECC_TFLXTLS
+WOLFSSL_ATECC_TNGTLS
+WOLFSSL_ATMEL
+WOLFSSL_ATMEL_TIME
+WOLFSSL_BEFORE_DATE_CLOCK_SKEW
+WOLFSSL_BIGINT_TYPES
+WOLFSSL_BIO_NO_FLOW_STATS
+WOLFSSL_BLAKE2B_INIT_EACH_FIELD
+WOLFSSL_BLAKE2S_INIT_EACH_FIELD
+WOLFSSL_BLIND_PRIVATE_KEY
+WOLFSSL_BYTESWAP32_ASM
+WOLFSSL_CAAM_BLACK_KEY_AESCCM
+WOLFSSL_CAAM_BLACK_KEY_SM
+WOLFSSL_CAAM_NO_BLACK_KEY
+WOLFSSL_CALLBACKS
+WOLFSSL_CHECK_DESKEY
+WOLFSSL_CHECK_MEM_ZERO
+WOLFSSL_CHIBIOS
+WOLFSSL_CLANG_TIDY
+WOLFSSL_COMMERCIAL_LICENSE
+WOLFSSL_CONTIKI
+WOLFSSL_CRL_ALLOW_MISSING_CDP
+WOLFSSL_CUSTOM_CONFIG
+WOLFSSL_DILITHIUM_ASSIGN_KEY
+WOLFSSL_DILITHIUM_MAKE_KEY_SMALL_MEM
+WOLFSSL_DILITHIUM_NO_ASN1
+WOLFSSL_DILITHIUM_NO_CHECK_KEY
+WOLFSSL_DILITHIUM_NO_LARGE_CODE
+WOLFSSL_DILITHIUM_NO_MAKE
+WOLFSSL_DILITHIUM_REVERSE_HASH_OID
+WOLFSSL_DILITHIUM_SIGN_CHECK_W0
+WOLFSSL_DILITHIUM_SIGN_CHECK_Y
+WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC
+WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC_A
+WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
+WOLFSSL_DILITHIUM_VERIFY_NO_MALLOC
+WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM
+WOLFSSL_DISABLE_EARLY_SANITY_CHECKS
+WOLFSSL_DTLS_DISALLOW_FUTURE
+WOLFSSL_DTLS_DROP_STATS
+WOLFSSL_DTLS_RESEND_ONLY_TIMEOUT
+WOLFSSL_DUMP_MEMIO_STREAM
+WOLFSSL_DUP_CERTPOL
+WOLFSSL_ECC_BLIND_K
+WOLFSSL_ECC_GEN_REJECT_SAMPLING
+WOLFSSL_ECC_NO_SMALL_STACK
+WOLFSSL_ECC_SIGALG_PARAMS_NULL_ALLOWED
+WOLFSSL_ECDHX_SHARED_NOT_ZERO
+WOLFSSL_ECDSA_MATCH_HASH
+WOLFSSL_ECDSA_SET_K_ONE_LOOP
+WOLFSSL_EC_POINT_CMP_JACOBIAN
+WOLFSSL_EDDSA_CHECK_PRIV_ON_SIGN
+WOLFSSL_EMNET
+WOLFSSL_ESPWROOM32
+WOLFSSL_EVP_PRINT
+WOLFSSL_EXPORT_INT
+WOLFSSL_EXPORT_SPC_SZ
+WOLFSSL_EXTRA
+WOLFSSL_FORCE_OCSP_NONCE_CHECK
+WOLFSSL_FRDM_K64
+WOLFSSL_FRDM_K64_JENKINS
+WOLFSSL_FUNC_TIME
+WOLFSSL_FUNC_TIME_LOG
+WOLFSSL_GEN_CERT
+WOLFSSL_GETRANDOM
+WOLFSSL_GNRC
+WOLFSSL_HARDEN_TLS_ALLOW_ALL_CIPHERSUITES
+WOLFSSL_HARDEN_TLS_ALLOW_OLD_TLS
+WOLFSSL_HARDEN_TLS_ALLOW_TRUNCATED_HMAC
+WOLFSSL_HARDEN_TLS_NO_PKEY_CHECK
+WOLFSSL_HARDEN_TLS_NO_SCR_CHECK
+WOLFSSL_HOSTNAME_VERIFY_ALT_NAME_ONLY
+WOLFSSL_I2D_ECDSA_SIG_ALLOC
+WOLFSSL_IAR_ARM_TIME
+WOLFSSL_IGNORE_BAD_CERT_PATH
+WOLFSSL_IMX6
+WOLFSSL_IMX6_CAAM
+WOLFSSL_IMX6_CAAM_BLOB
+WOLFSSL_IMX6_CAAM_RNG
+WOLFSSL_IMXRT_DCP
+WOLFSSL_ISOTP
+WOLFSSL_KEIL
+WOLFSSL_KEIL_NET
+WOLFSSL_KYBER_INVNTT_UNROLL
+WOLFSSL_KYBER_NO_LARGE_CODE
+WOLFSSL_KYBER_NTT_UNROLL
+WOLFSSL_LIB
+WOLFSSL_LMS_CACHE_BITS
+WOLFSSL_LMS_FULL_HASH
+WOLFSSL_LMS_LARGE_CACHES
+WOLFSSL_LMS_MAX_HEIGHT
+WOLFSSL_LMS_MAX_LEVELS
+WOLFSSL_LMS_NO_SIG_CACHE
+WOLFSSL_LMS_ROOT_LEVELS
+WOLFSSL_LPC43xx
+WOLFSSL_MAKE_SYSTEM_NAME_LINUX
+WOLFSSL_MAKE_SYSTEM_NAME_WSL
+WOLFSSL_MDK5
+WOLFSSL_MEM_FAIL_COUNT
+WOLFSSL_MONT_RED_CT
+WOLFSSL_MP_COND_COPY
+WOLFSSL_MP_INVMOD_CONSTANT_TIME
+WOLFSSL_MULTICIRCULATE_ALTNAMELIST
+WOLFSSL_NONBLOCK_OCSP
+WOLFSSL_NOSHA3_384
+WOLFSSL_NOT_WINDOWS_API
+WOLFSSL_NO_AES_CFB_1_8
+WOLFSSL_NO_BIO_ADDR_IN
+WOLFSSL_NO_CLIENT
+WOLFSSL_NO_CLIENT_CERT_ERROR
+WOLFSSL_NO_COPY_CERT
+WOLFSSL_NO_COPY_KEY
+WOLFSSL_NO_CRL_DATE_CHECK
+WOLFSSL_NO_CRL_NEXT_DATE
+WOLFSSL_NO_DECODE_EXTRA
+WOLFSSL_NO_DER_TO_PEM
+WOLFSSL_NO_DH186
+WOLFSSL_NO_DTLS_SIZE_CHECK
+WOLFSSL_NO_ETM_ALERT
+WOLFSSL_NO_FENCE
+WOLFSSL_NO_FSEEK
+WOLFSSL_NO_INIT_CTX_KEY
+WOLFSSL_NO_ISSUERHASH_TDPEER
+WOLFSSL_NO_KCAPI_AES_CBC
+WOLFSSL_NO_KCAPI_HMAC_SHA1
+WOLFSSL_NO_KCAPI_HMAC_SHA224
+WOLFSSL_NO_KCAPI_HMAC_SHA256
+WOLFSSL_NO_KCAPI_HMAC_SHA384
+WOLFSSL_NO_KCAPI_HMAC_SHA512
+WOLFSSL_NO_KCAPI_SHA224
+WOLFSSL_NO_OCSP_DATE_CHECK
+WOLFSSL_NO_OCSP_ISSUER_CHAIN_CHECK
+WOLFSSL_NO_OCSP_OPTIONAL_CERTS
+WOLFSSL_NO_PUBLIC_FFDHE
+WOLFSSL_NO_RSA_KEY_CHECK
+WOLFSSL_NO_SERVER_GROUPS_EXT
+WOLFSSL_NO_SESSION_STATS
+WOLFSSL_NO_SIGALG
+WOLFSSL_NO_SOCKADDR_UN
+WOLFSSL_NO_SPHINCS
+WOLFSSL_NO_STRICT_CIPHER_SUITE
+WOLFSSL_NO_TICKET_EXPIRE
+WOLFSSL_NO_TRUSTED_CERTS_VERIFY
+WOLFSSL_NO_XOR_OPS
+WOLFSSL_NRF51_AES
+WOLFSSL_OLDTLS_AEAD_CIPHERSUITES
+WOLFSSL_OLDTLS_SHA2_CIPHERSUITES
+WOLFSSL_OLD_SET_CURVES_LIST
+WOLFSSL_OLD_TIMINGPADVERIFY
+WOLFSSL_OLD_UNSUPPORTED_EXTENSION
+WOLFSSL_OPTIONS_IGNORE_SYS
+WOLFSSL_PASSTHRU_ERR
+WOLFSSL_PB
+WOLFSSL_PEER_ADDRESS_CHANGES
+WOLFSSL_PKCS11_RW_TOKENS
+WOLFSSL_PRCONNECT_PRO
+WOLFSSL_PREFIX
+WOLFSSL_PSA_NO_AES
+WOLFSSL_PSA_NO_HASH
+WOLFSSL_PSA_NO_PKCB
+WOLFSSL_PSA_NO_PKCBS
+WOLFSSL_PSA_NO_RNG
+WOLFSSL_PSK_IDENTITY_ALERT
+WOLFSSL_PSK_ID_PROTECTION
+WOLFSSL_PSK_MULTI_ID_PER_CS
+WOLFSSL_PSK_TLS13_CB
+WOLFSSL_PSOC6_CRYPTO
+WOLFSSL_PYTHON
+WOLFSSL_RENESAS_FSPSM_CRYPT_ONLY
+WOLFSSL_RENESAS_RA6M3
+WOLFSSL_RENESAS_RA6M3G
+WOLFSSL_RENESAS_RSIP
+WOLFSSL_RENESAS_RZN2L
+WOLFSSL_RENESAS_TLS
+WOLFSSL_RENESAS_TSIP_IAREWRX
+WOLFSSL_RSA_CHECK_D_ON_DECRYPT
+WOLFSSL_RSA_DECRYPT_TO_0_LEN
+WOLFSSL_RW_THREADED
+WOLFSSL_SAKKE_SMALL
+WOLFSSL_SAKKE_SMALL_MODEXP
+WOLFSSL_SE050_CRYPT
+WOLFSSL_SE050_HASH
+WOLFSSL_SE050_INIT
+WOLFSSL_SE050_NO_TRNG
+WOLFSSL_SECURE_RENEGOTIATION_ON_BY_DEFAULT
+WOLFSSL_SETTINGS_FILE
+WOLFSSL_SH224
+WOLFSSL_SHA256_ALT_CH_MAJ
+WOLFSSL_SHUTDOWNONCE
+WOLFSSL_SILABS_TRNG
+WOLFSSL_SM4_EBC
+WOLFSSL_SNIFFER_NO_RECOVERY
+WOLFSSL_SP_ARM32_UDIV
+WOLFSSL_SP_DH
+WOLFSSL_SP_FAST_NCT_EXPTMOD
+WOLFSSL_SP_INT_SQR_VOLATILE
+WOLFSSL_STACK_CHECK
+WOLFSSL_STM32F427_RNG
+WOLFSSL_STM32_RNG_NOLIB
+WOLFSSL_STRONGEST_HASH_SIG
+WOLFSSL_STSAFE_TAKES_SLOT
+WOLFSSL_TELIT_M2MB
+WOLFSSL_THREADED_CRYPT
+WOLFSSL_TICKET_DECRYPT_NO_CREATE
+WOLFSSL_TICKET_ENC_AES128_GCM
+WOLFSSL_TICKET_ENC_AES256_CBC
+WOLFSSL_TICKET_ENC_AES256_GCM
+WOLFSSL_TICKET_ENC_CBC_HMAC
+WOLFSSL_TICKET_ENC_CHACHA20_POLY1305
+WOLFSSL_TICKET_ENC_HMAC_SHA384
+WOLFSSL_TICKET_ENC_HMAC_SHA512
+WOLFSSL_TI_CURRTIME
+WOLFSSL_TLS13_DRAFT
+WOLFSSL_TLS13_IGNORE_AEAD_LIMITS
+WOLFSSL_TLS13_MIDDLEBOX_COMPAT
+WOLFSSL_TLS13_SHA512
+WOLFSSL_TLS13_TICKET_BEFORE_FINISHED
+WOLFSSL_TRACK_MEMORY_FULL
+WOLFSSL_TRAP_MALLOC_SZ
+WOLFSSL_UNALIGNED_64BIT_ACCESS
+WOLFSSL_USER_FILESYSTEM
+WOLFSSL_USER_LOG
+WOLFSSL_USER_MUTEX
+WOLFSSL_USER_THREADING
+WOLFSSL_USE_ESP32C3_CRYPT_HASH_HW
+WOLFSSL_USE_FLASHMEM
+WOLFSSL_USE_OPTIONS_H
+WOLFSSL_USE_POPEN_HOST
+WOLFSSL_VALIDATE_DH_KEYGEN
+WOLFSSL_WC_XMSS_NO_SHA256
+WOLFSSL_WC_XMSS_NO_SHAKE256
+WOLFSSL_WICED_PSEUDO_UNIX_EPOCH_TIME
+WOLFSSL_X509_STORE_CERTS
+WOLFSSL_X509_TRUSTED_CERTIFICATE_CALLBACK
+WOLFSSL_XFREE_NO_NULLNESS_CHECK
+WOLFSSL_XILINX_CRYPTO_OLD
+WOLFSSL_XILINX_PATCH
+WOLFSSL_XIL_MSG_NO_SLEEP
+WOLFSSL_XMSS_LARGE_SECRET_KEY
+WOLFSSL_ZEPHYR
+WOLF_ALLOW_BUILTIN
+WOLF_CONF_IO
+WOLF_CONF_KYBER
+WOLF_CONF_PK
+WOLF_CONF_RESUMPTION
+WOLF_CONF_TPM
+WOLF_CRYPTO_CB_CMD
+WOLF_CRYPTO_CB_FIND
+WOLF_CRYPTO_CB_ONLY_ECC
+WOLF_CRYPTO_CB_ONLY_RSA
+WOLF_CRYPTO_DEV
+WOLF_NO_TRAILING_ENUM_COMMAS
+XGETPASSWD
+XMSS_CALL_PRF_KEYGEN
+XPAR_VERSAL_CIPS_0_PSPMC_0_PSV_CORTEXA72_0_TIMESTAMP_CLK_FREQ
+XSECURE_CACHE_DISABLE
+_ABI64
+_ABIO64
+_ARCH_PPC64
+_COMPILER_VERSION
+_INTPTR_T_DECLARED
+_LP64
+_MSC_VER
+_MSVC_LANG
+_M_ARM64
+_M_X64
+_NETOS
+_POSIX_C_SOURCE
+_SDCC_VERSION_PATCHLEVEL
+_SH3
+_SILICON_LABS_SECURITY_FEATURE
+_SOCKLEN_T
+_SYS_DEVCON_LOCAL_H
+_TIME_HELPER_H
+_UINTPTR_T_DECLARED
+_WIN32
+_WIN32_WCE
+_WIN64
+_XOPEN_SOURCE_EXTENDED
+__32MZ2048ECH144__
+__32MZ2048ECM144__
+__32MZ2048EFM144__
+__ANDROID__
+__APPLE__
+__ARCH_STRCASECMP_NO_REDIRECT
+__ARCH_STRCMP_NO_REDIRECT
+__ARCH_STRNCASECMP_NO_REDIRECT
+__ARCH_STRNCAT_NO_REDIRECT
+__ARCH_STRNCMP_NO_REDIRECT
+__ARCH_STRNCPY_NO_REDIRECT
+__ARCH_STRSTR_NO_REDIRECT
+__ARM_ARCH_7M__
+__ARM_FEATURE_CRYPTO
+__ASSEMBLER__
+__ATOMIC_RELAXED
+__AVR__
+__BCPLUSPLUS__
+__BIG_ENDIAN__
+__BORLANDC__
+__CCRX__
+__COMPILER_VER__
+__CYGWIN__
+__DATE__
+__DCACHE_PRESENT
+__DCC__
+__DECC_VER
+__ELF__
+__EMSCRIPTEN__
+__FPU_PRESENT
+__FreeBSD__
+__GLIBC__
+__GNUC_MINOR__
+__GNUC__
+__HP_cc
+__IAR_SYSTEMS_ICC__
+__ICCARM__
+__ILP32__
+__INCLUDE_NUTTX_CONFIG_H
+__INTEGRITY
+__INTEL_COMPILER
+__KEIL__
+__KEY_DATA_H__
+__LP64
+__LP64__
+__MACH__
+__MICROBLAZE__
+__MINGW32__
+__MINGW64_VERSION_MAJOR
+__MINGW64__
+__MWERKS__
+__PIE__
+__POWERPC__
+__PPC__
+__PPU
+__QNXNTO__
+__QNX__
+__ROPI__
+__SAM3A4C__
+__SAM3A8C__
+__SAM3A8H__
+__SAM3X4C__
+__SAM3X4E__
+__SAM3X8C__
+__SAM3X8E__
+__SANITIZE_ADDRESS__
+__SDCC_VERSION_MAJOR
+__SDCC_VERSION_MINOR
+__SDCC_VERSION_PATCH
+__SIZEOF_INT128__
+__SIZEOF_LONG_LONG__
+__STDC_VERSION__
+__STDC__
+__STM32__
+__STRICT_ANSI__
+__SUNPRO_C
+__SUNPRO_CC
+__SVR4
+__TI_COMPILER_VERSION__
+__TURBOC__
+__USE_GNU
+__USE_MISC
+__USE_XOPEN2K
+__WATCOMC__
+__WATCOM_INT64__
+__XC32
+__XTENSA__
+__aarch64__
+__alpha__
+__arch64__
+__arm__
+__clang__
+__clang_major__
+__cplusplus
+__ghc__
+__ghs__
+__hpux__
+__i386
+__i386__
+__ia64__
+__linux__
+__llvm__
+__mips
+__mips64
+__must_check
+__ppc64__
+__ppc__
+__riscv
+__riscv_xlen
+__s390x__
+__sparc64__
+__sun
+__svr4__
+__thumb__
+__ti__
+__x86_64__
+byte
+configTICK_RATE_HZ
+fallthrough
+noinline
+ssize_t
+sun
+versal
+wc_Tls13_HKDF_Expand_Label
--- a/Docker/Dockerfile
+++ b/Docker/Dockerfile
@@ -10,7 +10,7 @@ ARG DEPS_WOLFSSL="build-essential autoconf libtool clang clang-tools zlib1g-dev
 ARG DEPS_LIBOQS="astyle cmake gcc ninja-build libssl-dev python3-pytest python3-pytest-xdist unzip xsltproc doxygen graphviz python3-yaml valgrind git"
 ARG DEPS_UDP_PROXY="wget libevent-dev"
 ARG DEPS_TESTS="abi-dumper libcurl4-openssl-dev tcpdump libpsl-dev python3-pandas python3-tabulate libnl-genl-3-dev libcap-ng-dev python3-virtualenv curl jq"
-ARG DEPS_TOOLS="ccache clang-tidy maven libfile-util-perl"
+ARG DEPS_TOOLS="ccache clang-tidy maven libfile-util-perl android-tools-adb usbutils shellcheck"
 RUN DEBIAN_FRONTEND=noninteractive apt update && apt install -y apt-utils \
                    && apt install -y ${DEPS_WOLFSSL} ${DEPS_LIBOQS} ${DEPS_UDP_PROXY} ${DEPS_TESTS} ${DEPS_TOOLS} \
                    && apt clean -y && rm -rf /var/lib/apt/lists/*
--- a/Docker/wolfCLU/Dockerfile
+++ b/Docker/wolfCLU/Dockerfile
@@ -1,5 +1,5 @@
 ARG DOCKER_BASE_IMAGE=ubuntu
-FROM ubuntu as BUILDER
+FROM ubuntu AS builder

 ARG DEPS_WOLFSSL="build-essential autoconf libtool zlib1g-dev libuv1-dev libpam0g-dev git libpcap-dev libcurl4-openssl-dev bsdmainutils netcat-traditional iputils-ping bubblewrap"
 RUN DEBIAN_FRONTEND=noninteractive apt update && apt install -y apt-utils \
@@ -18,8 +18,8 @@ RUN git clone --depth=1 --single-branch --branch=main http://github.com/wolfssl/

 FROM ${DOCKER_BASE_IMAGE}
 USER root
-COPY --from=BUILDER /usr/local/lib/libwolfssl.so /usr/local/lib/
-COPY --from=BUILDER /usr/local/bin/wolfssl* /usr/local/bin/
+COPY --from=builder /usr/local/lib/libwolfssl.so /usr/local/lib/
+COPY --from=builder /usr/local/bin/wolfssl* /usr/local/bin/
 RUN ldconfig
 ENTRYPOINT ["/usr/local/bin/wolfssl"]
 LABEL org.opencontainers.image.source=https://github.com/wolfssl/wolfssl
--- a/IDE/ARDUINO/Arduino_README_prepend.md
+++ b/IDE/ARDUINO/Arduino_README_prepend.md
@@ -8,8 +8,12 @@ See the [Arduino-wolfSSL logs](https://downloads.arduino.cc/libraries/logs/githu

 ## Arduino Releases

-The first Official wolfSSL Arduino Library is `5.6.6-Arduino.1`: a slightly modified, post [release 5.6.6](https://github.com/wolfSSL/wolfssl/releases/tag/v5.6.6-stable) version update.
+This release of wolfSSL is version [5.7.4](https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.4-stable).

-The next Official wolfSSL Arduino Library is [5.7.0](https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.0-stable)
+Version [5.7.2](https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.2-stable) of the Arduino wolfSSL was published August 3, 2024.
+
+The next Official wolfSSL Arduino Library was [5.7.0](https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.0-stable)
+
+The first Official wolfSSL Arduino Library was `5.6.6-Arduino.1`: a slightly modified, post [release 5.6.6](https://github.com/wolfSSL/wolfssl/releases/tag/v5.6.6-stable) version update.

 See other [wolfSSL releases versions](https://github.com/wolfSSL/wolfssl/releases). The `./wolfssl-arduino.sh INSTALL` [script](https://github.com/wolfSSL/wolfssl/tree/master/IDE/ARDUINO) can be used to install specific GitHub versions as needed.
--- a/IDE/ARDUINO/wolfssl-arduino.sh
+++ b/IDE/ARDUINO/wolfssl-arduino.sh
@@ -106,10 +106,10 @@ if [ $# -gt 0 ]; then
        else
            echo "Installing to $THIS_INSTALL_DIR"
            if [ -d "$THIS_INSTALL_DIR/.git" ];then
-                echo "Target is a GitHub repository."
+                echo "Target is a GitHub root repository."
                THIS_INSTALL_IS_GITHUB="true"
            else
-                echo "Target is NOT a GitHub repository."
+                echo "Target is NOT a GitHub root directory repository. (e.g. not wolfssl/Arduino-wolfssl)"
            fi
        fi
    else
@@ -325,11 +325,18 @@ if [ "$THIS_OPERATION" = "INSTALL" ]; then
        echo "Removing workspace library directory: .$ROOT_DIR"
        rm -rf ".$ROOT_DIR"
    else
-        echo "Installing to local directory:"
-        echo "mv .$ROOT_DIR $ARDUINO_ROOT"
-        mv  ."$ROOT_DIR" "$ARDUINO_ROOT" || exit 1

-        echo "Arduino wolfSSL Version: $WOLFSSL_VERSION$WOLFSSL_VERSION_ARUINO_SUFFIX"
+        echo "Installing to local directory:"
+        if [ "$THIS_INSTALL_DIR" = "" ]; then
+            echo "mv .$ROOT_DIR $ARDUINO_ROOT"
+            mv  ."$ROOT_DIR" "$ARDUINO_ROOT" || exit 1
+
+            echo "Arduino wolfSSL Version: $WOLFSSL_VERSION$WOLFSSL_VERSION_ARUINO_SUFFIX"
+        else
+            echo "cp -r .\"$ROOT_DIR\"/* \"$THIS_INSTALL_DIR\""
+            mkdir -p "$THIS_INSTALL_DIR" || exit 1
+            cp -r ."$ROOT_DIR"/* "$THIS_INSTALL_DIR" || exit 1
+        fi
    fi
 fi

--- a/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/Kconfig
+++ b/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/Kconfig
@@ -41,7 +41,7 @@
 # The maximum length of options is NOT 50 characters as documented.
 #   kconfcheck will complain that options should be 40 at most.
 #
-# Fix option lengths first. Superflous errors on other lines may occur.
+# Fix option lengths first. Superfluous errors on other lines may occur.
 #
 # The maximum length of lines is 120 characters.
 #
--- a/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/component.mk
+++ b/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/component.mk
@@ -82,7 +82,7 @@ WOLFSSL_ROOT := ../../../../../../..
 # "/mnt/c" is 4 directories up:
 #             2 for `./test/demo` from where we run `make`, plus
 #             2 more from the location of `component.mk` located
-#               in `[currect directory]/components/wolfssl`.
+#               in `[current directory]/components/wolfssl`.
 #
 # Thus we need 4 parent reference to find the relative path to wolfSSL:
 # WOLFSSL_ROOT := ../../../../workspace/wolfssl-master
--- a/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h
+++ b/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h
@@ -786,7 +786,7 @@
    /***** END CONFIG_IDF_TARGET_ESP8684 *****/

 #else
-    /* Anything else encountered, disable HW accleration */
+    /* Anything else encountered, disable HW acceleration */
    #warning "Unexpected CONFIG_IDF_TARGET_NN value"
    #define NO_ESP32_CRYPT
    #define NO_WOLFSSL_ESP32_CRYPT_HASH
--- a/IDE/Espressif/ESP-IDF/examples/template/main/Kconfig.projbuild
+++ b/IDE/Espressif/ESP-IDF/examples/template/main/Kconfig.projbuild
@@ -57,7 +57,7 @@ choice WOLFSSL_EXAMPLE_CHOOSE
    config WOLFSSL_EXAMPLE_NAME_WOLFSSH_TEMPLATE
        bool "SSH Template App"
        help
-            Bare-bones Hellow World app that only compiles in wolfSSL and wolfSSH.
+            Bare-bones Hello World app that only compiles in wolfSSL and wolfSSH.
            See wolfSSL/wolfssh on GitHub.

    config WOLFSSL_EXAMPLE_NAME_WOLFSSH_ECHOSERVER
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/Kconfig
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/Kconfig
@@ -41,7 +41,7 @@
 # The maximum length of options is NOT 50 characters as documented.
 #   kconfcheck will complain that options should be 40 at most.
 #
-# Fix option lengths first. Superflous errors on other lines may occur.
+# Fix option lengths first. Superfluous errors on other lines may occur.
 #
 # The maximum length of lines is 120 characters.
 #
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/component.mk
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/component.mk
@@ -82,7 +82,7 @@ WOLFSSL_ROOT := ../../../../../../..
 # "/mnt/c" is 4 directories up:
 #             2 for `./test/demo` from where we run `make`, plus
 #             2 more from the location of `component.mk` located
-#               in `[currect directory]/components/wolfssl`.
+#               in `[current directory]/components/wolfssl`.
 #
 # Thus we need 4 parent reference to find the relative path to wolfSSL:
 # WOLFSSL_ROOT := ../../../../workspace/wolfssl-master
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/include/user_settings.h
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/include/user_settings.h
@@ -786,7 +786,7 @@
    /***** END CONFIG_IDF_TARGET_ESP8684 *****/

 #else
-    /* Anything else encountered, disable HW accleration */
+    /* Anything else encountered, disable HW acceleration */
    #warning "Unexpected CONFIG_IDF_TARGET_NN value"
    #define NO_ESP32_CRYPT
    #define NO_WOLFSSL_ESP32_CRYPT_HASH
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README_server_sm.md
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README_server_sm.md
@@ -167,7 +167,7 @@ I (735) system_api: read default base MAC address from EFUSE
 I (755) wifi:wifi firmware version: 0d470ef
 I (755) wifi:wifi certification version: v7.0
 I (755) wifi:config NVS flash: enabled
-I (755) wifi:config nano formating: disabled
+I (755) wifi:config nano formatting: disabled
 I (755) wifi:Init data frame dynamic rx buffer num: 32
 I (765) wifi:Init management frame dynamic rx buffer num: 32
 I (765) wifi:Init management short buffer num: 32
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/Kconfig
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/Kconfig
@@ -41,7 +41,7 @@
 # The maximum length of options is NOT 50 characters as documented.
 #   kconfcheck will complain that options should be 40 at most.
 #
-# Fix option lengths first. Superflous errors on other lines may occur.
+# Fix option lengths first. Superfluous errors on other lines may occur.
 #
 # The maximum length of lines is 120 characters.
 #
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/component.mk
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/component.mk
@@ -82,7 +82,7 @@ WOLFSSL_ROOT := ../../../../../../..
 # "/mnt/c" is 4 directories up:
 #             2 for `./test/demo` from where we run `make`, plus
 #             2 more from the location of `component.mk` located
-#               in `[currect directory]/components/wolfssl`.
+#               in `[current directory]/components/wolfssl`.
 #
 # Thus we need 4 parent reference to find the relative path to wolfSSL:
 # WOLFSSL_ROOT := ../../../../workspace/wolfssl-master
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include/user_settings.h
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include/user_settings.h
@@ -786,7 +786,7 @@
    /***** END CONFIG_IDF_TARGET_ESP8684 *****/

 #else
-    /* Anything else encountered, disable HW accleration */
+    /* Anything else encountered, disable HW acceleration */
    #warning "Unexpected CONFIG_IDF_TARGET_NN value"
    #define NO_ESP32_CRYPT
    #define NO_WOLFSSL_ESP32_CRYPT_HASH
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/Kconfig.projbuild
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/Kconfig.projbuild
@@ -34,7 +34,7 @@ choice WOLFSSL_EXAMPLE_CHOOSE
    config WOLFSSL_EXAMPLE_NAME_WOLFSSH_TEMPLATE
        bool "SSH Template App"
        help
-            Bare-bones Hellow World app that only compiles in wolfSSL and wolfSSH.
+            Bare-bones Hello World app that only compiles in wolfSSL and wolfSSH.
            See wolfSSL/wolfssh on GitHub.

    config WOLFSSL_EXAMPLE_NAME_WOLFSSH_ECHOSERVER
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/client-tls.h
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/client-tls.h
@@ -87,7 +87,7 @@ WOLFSSL_ESP_TASK tls_smp_client_task(void* args);

 /* init will create an RTOS task, otherwise server is simply function call. */
 #if defined(SINGLE_THREADED)
-    /* no init neded */
+    /* no init needed */
 #else
    WOLFSSL_ESP_TASK tls_smp_client_init(void* args);
 #endif
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h
@@ -103,7 +103,7 @@
    ** the config you want - ie #define EXAMPLE_WIFI_SSID "mywifissid"
    */
    #if defined(CONFIG_ESP_WIFI_SSID)
-        /* tyically from ESP32 with ESP-IDF v4 ot v5 */
+        /* tyically from ESP32 with ESP-IDF v4 to v5 */
        #define EXAMPLE_ESP_WIFI_SSID CONFIG_ESP_WIFI_SSID
    #elif defined(CONFIG_EXAMPLE_WIFI_SSID)
        /* typically from ESP8266 rtos-sdk/v3.4 */
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/time_helper.c
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/time_helper.c
@@ -204,7 +204,7 @@ int set_time_from_string(const char* time_buffer)
    int quote_offset = 0;
    int ret = 0;

-    /* perform some basic sanity checkes */
+    /* perform some basic sanity checks */
    ret = probably_valid_time_string(time_buffer);
    if (ret == ESP_OK) {
        /* we are expecting the string to be encapsulated in single quotes */
@@ -218,7 +218,7 @@ int set_time_from_string(const char* time_buffer)
                    &day, &hour, &minute, &second, &year, &offset);

        if (ret == 8) {
-            /* we found a match for all componets */
+            /* we found a match for all components */

            const char *months[] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun",
                                     "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"
@@ -282,7 +282,7 @@ int set_time(void)
    esp_show_current_datetime();

 #ifdef LIBWOLFSSL_VERSION_GIT_HASH_DATE
-    /* initialy set a default approximate time from recent git commit */
+    /* initially set a default approximate time from recent git commit */
    ESP_LOGI(TAG, "Found git hash date, attempting to set system date: %s",
                   LIBWOLFSSL_VERSION_GIT_HASH_DATE);
    set_time_from_string(LIBWOLFSSL_VERSION_GIT_HASH_DATE"\0");
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c
@@ -147,7 +147,7 @@ int wifi_init_sta(void)
    };

    /* Setting a password implies station will connect to all security modes including WEP/WPA.
-        * However these modes are deprecated and not advisable to be used. Incase your Access point
+        * However these modes are deprecated and not advisable to be used. In case your Access point
        * doesn't support WPA2, these mode can be enabled by commenting below line */

    if (strlen((char *)wifi_config.sta.password)) {
@@ -325,7 +325,7 @@ int wifi_init_sta(void)
            .ssid = EXAMPLE_ESP_WIFI_SSID,
            .password = EXAMPLE_ESP_WIFI_PASS,
            /* Authmode threshold resets to WPA2 as default if password matches
-             * WPA2 standards (pasword len => 8). If you want to connect the
+             * WPA2 standards (password len => 8). If you want to connect the
             * device to deprecated WEP/WPA networks, Please set the threshold
             * value WIFI_AUTH_WEP/WIFI_AUTH_WPA_PSK and set the password with
             * length and format matching to WIFI_AUTH_WEP/WIFI_AUTH_WPA_PSK
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md
@@ -82,7 +82,7 @@ After the server exits, remove the port proxy forward:
 netsh interface portproxy delete v4tov4 listenport=11111 listenaddress=0.0.0.0
 ```

-Cipers to consider
+Ciphers to consider

 ```
 TLS13-AES128-GCM-SHA256:
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README_server_sm.md
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README_server_sm.md
@@ -167,7 +167,7 @@ I (735) system_api: read default base MAC address from EFUSE
 I (755) wifi:wifi firmware version: 0d470ef
 I (755) wifi:wifi certification version: v7.0
 I (755) wifi:config NVS flash: enabled
-I (755) wifi:config nano formating: disabled
+I (755) wifi:config nano formatting: disabled
 I (755) wifi:Init data frame dynamic rx buffer num: 32
 I (765) wifi:Init management frame dynamic rx buffer num: 32
 I (765) wifi:Init management short buffer num: 32
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/Kconfig
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/Kconfig
@@ -41,7 +41,7 @@
 # The maximum length of options is NOT 50 characters as documented.
 #   kconfcheck will complain that options should be 40 at most.
 #
-# Fix option lengths first. Superflous errors on other lines may occur.
+# Fix option lengths first. Superfluous errors on other lines may occur.
 #
 # The maximum length of lines is 120 characters.
 #
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/component.mk
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/component.mk
@@ -82,7 +82,7 @@ WOLFSSL_ROOT := ../../../../../../..
 # "/mnt/c" is 4 directories up:
 #             2 for `./test/demo` from where we run `make`, plus
 #             2 more from the location of `component.mk` located
-#               in `[currect directory]/components/wolfssl`.
+#               in `[current directory]/components/wolfssl`.
 #
 # Thus we need 4 parent reference to find the relative path to wolfSSL:
 # WOLFSSL_ROOT := ../../../../workspace/wolfssl-master
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/include/user_settings.h
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/include/user_settings.h
@@ -786,7 +786,7 @@
    /***** END CONFIG_IDF_TARGET_ESP8684 *****/

 #else
-    /* Anything else encountered, disable HW accleration */
+    /* Anything else encountered, disable HW acceleration */
    #warning "Unexpected CONFIG_IDF_TARGET_NN value"
    #define NO_ESP32_CRYPT
    #define NO_WOLFSSL_ESP32_CRYPT_HASH
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/Kconfig.projbuild
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/Kconfig.projbuild
@@ -34,7 +34,7 @@ choice WOLFSSL_EXAMPLE_CHOOSE
    config WOLFSSL_EXAMPLE_NAME_WOLFSSH_TEMPLATE
        bool "SSH Template App"
        help
-            Bare-bones Hellow World app that only compiles in wolfSSL and wolfSSH.
+            Bare-bones Hello World app that only compiles in wolfSSL and wolfSSH.
            See wolfSSL/wolfssh on GitHub.

    config WOLFSSL_EXAMPLE_NAME_WOLFSSH_ECHOSERVER
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/server-tls.h
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/server-tls.h
@@ -53,7 +53,7 @@ WOLFSSL_ESP_TASK tls_smp_server_task(void *args);

 /* init will create an RTOS task, otherwise server is simply function call. */
 #if defined(SINGLE_THREADED)
-    /* no init neded */
+    /* no init needed */
 #else
    WOLFSSL_ESP_TASK tls_smp_server_init(void* args);
 #endif
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h
@@ -109,7 +109,7 @@
    ** the config you want - ie #define EXAMPLE_WIFI_SSID "mywifissid"
    */
    #if defined(CONFIG_ESP_WIFI_SSID)
-        /* tyically from ESP32 with ESP-IDF v4 ot v5 */
+        /* tyically from ESP32 with ESP-IDF v4 to v5 */
        #define EXAMPLE_ESP_WIFI_SSID CONFIG_ESP_WIFI_SSID
    #elif defined(CONFIG_EXAMPLE_WIFI_SSID)
        /* typically from ESP8266 rtos-sdk/v3.4 */
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/time_helper.c
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/time_helper.c
@@ -185,7 +185,7 @@ int set_time_from_string(const char* time_buffer)
    int quote_offset = 0;
    int ret = 0;

-    /* perform some basic sanity checkes */
+    /* perform some basic sanity checks */
    ret = probably_valid_time_string(time_buffer);
    if (ret == ESP_OK) {
        /* we are expecting the string to be encapsulated in single quotes */
@@ -199,7 +199,7 @@ int set_time_from_string(const char* time_buffer)
                    &day, &hour, &minute, &second, &year, &offset);

        if (ret == 8) {
-            /* we found a match for all componets */
+            /* we found a match for all components */

            const char *months[] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun",
                                     "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"
@@ -263,7 +263,7 @@ int set_time(void)
    esp_show_current_datetime();

 #ifdef LIBWOLFSSL_VERSION_GIT_HASH_DATE
-    /* initialy set a default approximate time from recent git commit */
+    /* initially set a default approximate time from recent git commit */
    ESP_LOGI(TAG, "Found git hash date, attempting to set system date: %s",
                   LIBWOLFSSL_VERSION_GIT_HASH_DATE);
    set_time_from_string(LIBWOLFSSL_VERSION_GIT_HASH_DATE"\0");
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c
@@ -146,7 +146,7 @@ int wifi_init_sta(void)
    };

    /* Setting a password implies station will connect to all security modes including WEP/WPA.
-        * However these modes are deprecated and not advisable to be used. Incase your Access point
+        * However these modes are deprecated and not advisable to be used. In case your Access point
        * doesn't support WPA2, these mode can be enabled by commenting below line */

    if (strlen((char *)wifi_config.sta.password)) {
@@ -324,7 +324,7 @@ int wifi_init_sta(void)
            .ssid = EXAMPLE_ESP_WIFI_SSID,
            .password = EXAMPLE_ESP_WIFI_PASS,
            /* Authmode threshold resets to WPA2 as default if password matches
-             * WPA2 standards (pasword len => 8). If you want to connect the
+             * WPA2 standards (password len => 8). If you want to connect the
             * device to deprecated WEP/WPA networks, Please set the threshold
             * value WIFI_AUTH_WEP/WIFI_AUTH_WPA_PSK and set the password with
             * length and format matching to WIFI_AUTH_WEP/WIFI_AUTH_WPA_PSK
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/Kconfig
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/Kconfig
@@ -41,7 +41,7 @@
 # The maximum length of options is NOT 50 characters as documented.
 #   kconfcheck will complain that options should be 40 at most.
 #
-# Fix option lengths first. Superflous errors on other lines may occur.
+# Fix option lengths first. Superfluous errors on other lines may occur.
 #
 # The maximum length of lines is 120 characters.
 #
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/component.mk
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/component.mk
@@ -82,7 +82,7 @@ WOLFSSL_ROOT := ../../../../../../..
 # "/mnt/c" is 4 directories up:
 #             2 for `./test/demo` from where we run `make`, plus
 #             2 more from the location of `component.mk` located
-#               in `[currect directory]/components/wolfssl`.
+#               in `[current directory]/components/wolfssl`.
 #
 # Thus we need 4 parent reference to find the relative path to wolfSSL:
 # WOLFSSL_ROOT := ../../../../workspace/wolfssl-master
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/include/user_settings.h
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/include/user_settings.h
@@ -786,7 +786,7 @@
    /***** END CONFIG_IDF_TARGET_ESP8684 *****/

 #else
-    /* Anything else encountered, disable HW accleration */
+    /* Anything else encountered, disable HW acceleration */
    #warning "Unexpected CONFIG_IDF_TARGET_NN value"
    #define NO_ESP32_CRYPT
    #define NO_WOLFSSL_ESP32_CRYPT_HASH
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_test/partitions_singleapp_large.csv
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_test/partitions_singleapp_large.csv
@@ -13,7 +13,7 @@ factory, app,  factory, 0x10000, 1500K,
 # For other settings, see:
 # https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/partition-tables.html#creating-custom-tables
 #
-# Here is the summary printed for the “Single factory app, no OTA” configuration:
+# Here is the summary printed for the "Single factory app, no OTA" configuration:
 #
 # # ESP-IDF Partition Table
 # # Name,   Type, SubType, Offset,  Size, Flags
@@ -22,7 +22,7 @@ factory, app,  factory, 0x10000, 1500K,
 # factory,  app,  factory, 0x10000, 1M,
 #
 #
-# Here is the summary printed for the “Factory app, two OTA definitions” configuration:
+# Here is the summary printed for the "Factory app, two OTA definitions" configuration:
 #
 # # ESP-IDF Partition Table
 # # Name,   Type, SubType, Offset,  Size, Flags
--- a/IDE/Espressif/ESP-IDF/setup.sh
+++ b/IDE/Espressif/ESP-IDF/setup.sh
@@ -159,4 +159,3 @@ if [ "${WOLFSSL_SETUP_VERBOSE}" == "true" ]; then
  echo "Copy complete!"
 fi

-exit 1
--- a/IDE/Espressif/ESP-IDF/user_settings.h
+++ b/IDE/Espressif/ESP-IDF/user_settings.h
@@ -331,7 +331,7 @@
    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
    /***** END CONFIG_IDF_TARGET_ESP266 *****/
 #else
-    /* Anything else encountered, disable HW accleration */
+    /* Anything else encountered, disable HW acceleration */
    #define NO_ESP32_CRYPT
    #define NO_WOLFSSL_ESP32_CRYPT_HASH
    #define NO_WOLFSSL_ESP32_CRYPT_AES
@@ -359,7 +359,7 @@

 /* #define HASH_SIZE_LIMIT */ /* for test.c */

-/* #define NO_HW_MATH_TEST */ /* Optionall turn off HW math checks */
+/* #define NO_HW_MATH_TEST */ /* Optionally turn off HW math checks */

 /* Optionally include alternate HW test library: alt_hw_test.h */
 /* When enabling, the ./components/wolfssl/CMakeLists.txt file
--- a/IDE/GCC-ARM/Source/benchmark_main.c
+++ b/IDE/GCC-ARM/Source/benchmark_main.c
@@ -39,16 +39,16 @@ int main(void)
 {
    int ret;
 #ifndef NO_CRYPT_BENCHMARK
-	wolfCrypt_Init();
+    wolfCrypt_Init();

-	printf("\nBenchmark Test\n");
-	benchmark_test(&args);
+    printf("\nBenchmark Test\n");
+    benchmark_test(&args);
    ret = args.return_code;
-	printf("Benchmark Test: Return code %d\n", ret);
+    printf("Benchmark Test: Return code %d\n", ret);

-	wolfCrypt_Cleanup();
+    wolfCrypt_Cleanup();
 #else
    ret = NOT_COMPILED_IN;
 #endif
-	return ret;
+    return ret;
 }
--- a/IDE/GCC-ARM/Source/test_main.c
+++ b/IDE/GCC-ARM/Source/test_main.c
@@ -40,16 +40,16 @@ int main(void)
 {
    int ret;
 #ifndef NO_CRYPT_TEST
-	wolfCrypt_Init();
+    wolfCrypt_Init();

-	printf("\nCrypt Test\n");
-	wolfcrypt_test(&args);
+    printf("\nCrypt Test\n");
+    wolfcrypt_test(&args);
    ret = args.return_code;
-	printf("Crypt Test: Return code %d\n", ret);
+    printf("Crypt Test: Return code %d\n", ret);

-	wolfCrypt_Cleanup();
+    wolfCrypt_Cleanup();
 #else
    ret = NOT_COMPILED_IN;
 #endif
-	return ret;
+    return ret;
 }
--- a/IDE/IAR-EWARM/Projects/benchmark/wolfCrypt-benchmark.ewp
+++ b/IDE/IAR-EWARM/Projects/benchmark/wolfCrypt-benchmark.ewp
@@ -937,7 +937,7 @@
        </option>
        <option>
          <name>IarchiveOutput</name>
-          <state>###Unitialized###</state>
+          <state>###Uninitialized###</state>
        </option>
      </data>
    </settings>
--- a/IDE/IAR-EWARM/Projects/lib/wolfSSL-Lib.ewp
+++ b/IDE/IAR-EWARM/Projects/lib/wolfSSL-Lib.ewp
@@ -1593,7 +1593,7 @@
        </option>
        <option>
          <name>IlinkOutputFile</name>
-          <state>###Unitialized###</state>
+          <state>###Uninitialized###</state>
        </option>
        <option>
          <name>IlinkDebugInfoEnable</name>
@@ -1879,7 +1879,7 @@
        </option>
        <option>
          <name>IarchiveOutput</name>
-          <state>###Unitialized###</state>
+          <state>###Uninitialized###</state>
        </option>
      </data>
    </settings>
--- a/IDE/IAR-EWARM/Projects/test/wolfCrypt-test.ewp
+++ b/IDE/IAR-EWARM/Projects/test/wolfCrypt-test.ewp
@@ -937,7 +937,7 @@
        </option>
        <option>
          <name>IarchiveOutput</name>
-          <state>###Unitialized###</state>
+          <state>###Uninitialized###</state>
        </option>
      </data>
    </settings>
--- a/IDE/IAR-EWARM/embOS/SAMV71_XULT/embOS_wolfcrypt_benchmark_SAMV71_XULT/wolfcrypt_benchmark.ewp
+++ b/IDE/IAR-EWARM/embOS/SAMV71_XULT/embOS_wolfcrypt_benchmark_SAMV71_XULT/wolfcrypt_benchmark.ewp
@@ -958,7 +958,7 @@
        </option>
        <option>
          <name>IarchiveOutput</name>
-          <state>###Unitialized###</state>
+          <state>###Uninitialized###</state>
        </option>
      </data>
    </settings>
@@ -1627,7 +1627,7 @@
        </option>
        <option>
          <name>IlinkOutputFile</name>
-          <state>###Unitialized###</state>
+          <state>###Uninitialized###</state>
        </option>
        <option>
          <name>IlinkDebugInfoEnable</name>
@@ -1917,7 +1917,7 @@
        </option>
        <option>
          <name>IarchiveOutput</name>
-          <state>###Unitialized###</state>
+          <state>###Uninitialized###</state>
        </option>
      </data>
    </settings>
--- a/IDE/IAR-EWARM/embOS/SAMV71_XULT/embOS_wolfcrypt_lib_SAMV71_XULT/wolfcrypt_lib.ewp
+++ b/IDE/IAR-EWARM/embOS/SAMV71_XULT/embOS_wolfcrypt_lib_SAMV71_XULT/wolfcrypt_lib.ewp
@@ -1624,7 +1624,7 @@
        </option>
        <option>
          <name>IlinkOutputFile</name>
-          <state>###Unitialized###</state>
+          <state>###Uninitialized###</state>
        </option>
        <option>
          <name>IlinkDebugInfoEnable</name>
@@ -1914,7 +1914,7 @@
        </option>
        <option>
          <name>IarchiveOutput</name>
-          <state>###Unitialized###</state>
+          <state>###Uninitialized###</state>
        </option>
      </data>
    </settings>
--- a/IDE/IAR-EWARM/embOS/SAMV71_XULT/embOS_wolfcrypt_test_SAMV71_XULT/wolfcrypt_test.ewp
+++ b/IDE/IAR-EWARM/embOS/SAMV71_XULT/embOS_wolfcrypt_test_SAMV71_XULT/wolfcrypt_test.ewp
@@ -958,7 +958,7 @@
        </option>
        <option>
          <name>IarchiveOutput</name>
-          <state>###Unitialized###</state>
+          <state>###Uninitialized###</state>
        </option>
      </data>
    </settings>
@@ -1627,7 +1627,7 @@
        </option>
        <option>
          <name>IlinkOutputFile</name>
-          <state>###Unitialized###</state>
+          <state>###Uninitialized###</state>
        </option>
        <option>
          <name>IlinkDebugInfoEnable</name>
@@ -1917,7 +1917,7 @@
        </option>
        <option>
          <name>IarchiveOutput</name>
-          <state>###Unitialized###</state>
+          <state>###Uninitialized###</state>
        </option>
      </data>
    </settings>
--- a/IDE/MPLABX16/README.md
+++ b/IDE/MPLABX16/README.md
@@ -38,7 +38,7 @@ steps below to generate that code.
 2. Set the Project path to the wolfSSL/IDE/MPLABX16 and enter your PIC device
 into the interface.

-3. Select MCC Clasic as the content type and click `Finish`.
+3. Select MCC Classic as the content type and click `Finish`.

 4. Under the Device Resources section, find the UART entry and add the UART1
 peripheral.
--- a/IDE/MPLABX16/wolfcrypt_test.X/Makefile
+++ b/IDE/MPLABX16/wolfcrypt_test.X/Makefile
@@ -22,7 +22,7 @@
 #     clean                    remove built files from a configuration
 #     clobber                  remove all built files
 #     all                      build all configurations
-#     help                     print help mesage
+#     help                     print help message
 #  
 #  Targets .build-impl, .clean-impl, .clobber-impl, .all-impl, and
 #  .help-impl are implemented in nbproject/makefile-impl.mk.
--- a/IDE/MPLABX16/wolfssl.X/Makefile
+++ b/IDE/MPLABX16/wolfssl.X/Makefile
@@ -22,7 +22,7 @@
 #     clean                    remove built files from a configuration
 #     clobber                  remove all built files
 #     all                      build all configurations
-#     help                     print help mesage
+#     help                     print help message
 #  
 #  Targets .build-impl, .clean-impl, .clobber-impl, .all-impl, and
 #  .help-impl are implemented in nbproject/makefile-impl.mk.
--- a/IDE/NDS/README.md
+++ b/IDE/NDS/README.md
@@ -2,11 +2,34 @@

 ## Requirements

-[Devkitpro](https://devkitpro.org/wiki/Getting_Started) with libnds.
+[Devkitpro](https://devkitpro.org/wiki/Getting_Started) with libnds, nds-tool and nds-dev.


 ## Building

+For MelonDS
+```
+$ ./configure \
+    --host=arm-none-eabi \
+    CC=$DEVKITARM/bin/arm-none-eabi-g++ \
+    AR=$DEVKITARM/bin/arm-none-eabi-ar \
+    STRIP=$DEVKITARM/bin/arm-none-eabi-strip \
+    RANLIB=$DEVKITARM/bin/arm-none-eabi-ranlib \
+    LIBS="-lfat -lnds9" \
+    LDFLAGS="-L/opt/devkitpro/libnds/lib" \
+    --prefix=$DEVKITPRO/portlibs/nds \
+    CFLAGS="-march=armv5te -mtune=arm946e-s \
+        --specs=ds_arm9.specs -DARM9 -DWOLFSSL_NDS \
+        -DWOLFSSL_MELONDS \
+        -DWOLFSSL_USER_IO \
+        -I$DEVKITPRO/libnds/include" \
+    --enable-fastmath --disable-benchmark \
+    --disable-shared --disable-examples --disable-ecc
+$ make
+$ sudo make install
+```
+
+For Hardware
 ```
 $ ./configure \
    --host=arm-none-eabi \
@@ -30,7 +53,58 @@ $ sudo make install
 ## Run the Tests

 To run the Crypttests type the following.
-1. Run `$ ndstool -9 ./wolfcrypt/test/testwolfcrypt  -c ./wolfcrypt/test/testwolfcrypt.nds`
-2. copy `./certs` to `your_nds_sd_card/_nds/certs`
+Run `$ ndstool -9 ./wolfcrypt/test/testwolfcrypt  -c ./wolfcrypt/test/testwolfcrypt.nds`

-3. Run the Rom (located in ./wolfcrypt/test/testwolfcrypt.nds) in an Emulator or real Hardware.
+copy `./certs` to `your_nds_sd_card/_nds/certs` (Follow Virtual SD card steps below for Emulator)
+
+Run the Rom (located in ./wolfcrypt/test/testwolfcrypt.nds) in an Emulator or real Hardware.
+
+If running on MelonDS it must be using the DSi mode in order to use certs from an SD card.
+
+## Making a virtual SD card (MacOS)
+
+```
+Create Virtual SD card image
+
+$ dd if=/dev/zero of=~/my_sd_card.img bs=1M count=64
+
+Format image to FAT32
+
+$ hdiutil attach -imagekey diskimage-class=CRawDiskImage -nomount ~/my_sd_card.img
+$ diskutil eraseDisk FAT32 MYSDCARD MBRFormat /dev/diskX
+$ hdiutil detach /dev/diskX
+
+Mount to Create Folder Structure and Copy Certs
+
+$ mkdir -p /Volumes/MYSDCARD/_nds
+$ cp -r ~/wolfssl/certs /Volumes/MYSDCARD/_nds/
+
+Unmount
+
+hdiutil detach /dev/diskX
+```
+
+## Making a virtual SD card (Linux)
+
+```
+Create Virtual SD card image
+
+$ dd if=/dev/zero of=~/my_sd_card.img bs=1M count=64
+
+Format image to FAT32
+
+$ sudo losetup -fP ~/my_sd_card.img
+$ sudo losetup -l
+$ sudo mkfs.vfat -F 32 /dev/loop0
+$ sudo losetup -d /dev/loop0
+
+Mount to Create Folder Structure and Copy Certs
+
+$ sudo mount ~/my_sd_card.img /mnt
+$ sudo mkdir -p /mnt/_nds
+$ sudo cp -r ~/wolfssl/certs /mnt/_nds/
+
+Unmount
+
+hdiutil detach /dev/diskX
+```
--- a/IDE/Renesas/cs+/Projects/t4_demo/README_jp.txt
+++ b/IDE/Renesas/cs+/Projects/t4_demo/README_jp.txt
@@ -1,71 +1,71 @@
-wolfSSL/AlphaProjectボードデモ　セットアップガイド
+wolfSSL/AlphaProjectボードデモ　セットアップガイド

-このデモは以下の環境でテストしています。
+このデモは以下の環境でテストしています。

  Renesas : CS+ v6.01, v8.01
  Board   : AP-RX71M-0A
  wolfSSL : 3.15.3, 4.0.0

-セットアップ手順：
+セットアップ手順：

-１．ソフトウェアの入手
-　- APボード付属のソフトウェア一式を適当なフォルダー下に解凍します。
-　- 同じフォルダー下にwolfssl一式を解凍します。
+１．ソフトウェアの入手
+　- APボード付属のソフトウェア一式を適当なフォルダー下に解凍します。
+　- 同じフォルダー下にwolfssl一式を解凍します。

-２．wolfSSLのセットアップ
-　- CS+にてwolfssl\IDE\Renesas\cs+\Project下のwolfssl\wolfssl_lib.mtpjを開き
-　　wolfSSLライブラリーのビルドをします。
-　- 同じフォルダの下のt4_demo.mtpjを開き、デモプログラムのビルドをします。
-　このプログラムもライブラリー形式でビルドされます。
+２．wolfSSLのセットアップ
+　- CS+にてwolfssl¥IDE¥Renesas¥cs+¥Project下のwolfssl¥wolfssl_lib.mtpjを開き
+　　wolfSSLライブラリーのビルドをします。
+　- 同じフォルダの下のt4_demo.mtpjを開き、デモプログラムのビルドをします。
+　このプログラムもライブラリー形式でビルドされます。

-３．AlphaProject側のセットアップ
+３．AlphaProject側のセットアップ
  
-  !!** サンプルプログラム v2.0 を使用する場合は、_ether_ => _usbfunc_ **!!
-  !!** と置き換えてください                                           **!!
+  !!** サンプルプログラム v2.0 を使用する場合は、_ether_ => _usbfunc_ **!!
+  !!** と置き換えてください                                           **!!

-　デモはap_rx71m_0a_sample_cs\Sample\ap_rx71m_0a_ether_sample_csフォルダ下の
-　ap_rx71m_0a_ether_sample_cs.mtpjプロジェクトを利用します。
-　
-　- ap_rx71m_0a_sample_cs\Sample\ap_rx71m_0a_ether_sample_cs\srcフォルダ下の
-　AP_RX71M_0A.cファイルを開き、
-　９７行目のecho_srv_init()の下にwolfSSL_init()を挿入します。
+　デモはap_rx71m_0a_sample_cs¥Sample¥ap_rx71m_0a_ether_sample_csフォルダ下の
+　ap_rx71m_0a_ether_sample_cs.mtpjプロジェクトを利用します。
+　
+　- ap_rx71m_0a_sample_cs¥Sample¥ap_rx71m_0a_ether_sample_cs¥srcフォルダ下の
+　AP_RX71M_0A.cファイルを開き、
+　９７行目のecho_srv_init()の下にwolfSSL_init()を挿入します。

 ===
        sci_init();
        can_init();
        echo_srv_init();
-        wolfSSL_init(); <- この行を挿入
+        wolfSSL_init(); <- この行を挿入
 ===

-!!** サンプルプログラム v2.0 を使用する場合は、下記                   **!!
+!!** サンプルプログラム v2.0 を使用する場合は、下記                   **!!
 ===
        CanInit();
        SciInit();
        EthernetAppInit();
        UsbfInit();
-        wolfSSL_init(); <- この行を挿入
+        wolfSSL_init(); <- この行を挿入
 ===
 !!**********************************************************************!!

-　- ap_rx71m_0a_sample_cs\Sample\ap_rx71m_0a_ether_sample_cs\src\smc_gen\r_bsp_config.h
-　を開き、スタックサイズとヒープサイズを以下のように設定します。
-　
-　120行目 #pragma stacksize su=0x2000
-　139行目 #define BSP_CFG_HEAP_BYTES  (0xa000)
+　- ap_rx71m_0a_sample_cs¥Sample¥ap_rx71m_0a_ether_sample_cs¥src¥smc_gen¥r_bsp_config.h
+　を開き、スタックサイズとヒープサイズを以下のように設定します。
+　
+　120行目 #pragma stacksize su=0x2000
+　139行目 #define BSP_CFG_HEAP_BYTES  (0xa000)

-!!** サンプルプログラム v2.0 を使用する場合は、下記                   **!!
-　- ap_rx71m_0a_sample_cs\Sample\ap_rx71m_0a_usbfunc_sample_cs\src\smc_gen\r_bsp_config.h
-　を開き、スタックサイズとヒープサイズを以下のように設定します。
-　154行目 #pragma stacksize su=0x2000
-　175行目 #define BSP_CFG_HEAP_BYTES  (0xa000)
+!!** サンプルプログラム v2.0 を使用する場合は、下記                   **!!
+　- ap_rx71m_0a_sample_cs¥Sample¥ap_rx71m_0a_usbfunc_sample_cs¥src¥smc_gen¥r_bsp_config.h
+　を開き、スタックサイズとヒープサイズを以下のように設定します。
+　154行目 #pragma stacksize su=0x2000
+　175行目 #define BSP_CFG_HEAP_BYTES  (0xa000)
 !!**********************************************************************!!

-　- IPアドレスのデフォルト値は以下のようになっています。
-　必要があれば、Sample\ap_rx71m_0a_ether_sample_cs\src\r_t4_rx\src\config_tcpudp.c
-　内の139行目からの定義を変更します。
-　!!** サンプルプログラム v2.0 を使用する場合は、下記                   **!!
-  Sample\ap_rx71m_0a_usbfunc_sample_cs\src\tcp_sample\src\config_tcpudp.c
-  内の166行目からの定義を変更します。
+　- IPアドレスのデフォルト値は以下のようになっています。
+　必要があれば、Sample¥ap_rx71m_0a_ether_sample_cs¥src¥r_t4_rx¥src¥config_tcpudp.c
+　内の139行目からの定義を変更します。
+　!!** サンプルプログラム v2.0 を使用する場合は、下記                   **!!
+  Sample¥ap_rx71m_0a_usbfunc_sample_cs¥src¥tcp_sample¥src¥config_tcpudp.c
+  内の166行目からの定義を変更します。
  !!**********************************************************************!!

 ===
@@ -75,74 +75,74 @@ wolfSSL/AlphaProject
 ===


-　- CS+でap_rx71m_0a_ether_sample_cs.mtpjプロジェクトを開き、wolfSSLとデモライブラリを
-　登録します。CC-RX(ビルドツール)->リンク・オプションタブ->使用するライブラリに
-　以下の二つのファイルを登録します。
-　wolfssl\IDE\Renesas\cs+\Projects\wolfssl_lib\DefaultBuild\wolfssl_lib.lib
-　wolfssl\IDE\Renesas\cs+\Projects\t4_demo\DefaultBuild\t4_demo.lib
+　- CS+でap_rx71m_0a_ether_sample_cs.mtpjプロジェクトを開き、wolfSSLとデモライブラリを
+　登録します。CC-RX(ビルドツール)->リンク・オプションタブ->使用するライブラリに
+　以下の二つのファイルを登録します。
+　wolfssl¥IDE¥Renesas¥cs+¥Projects¥wolfssl_lib¥DefaultBuild¥wolfssl_lib.lib
+　wolfssl¥IDE¥Renesas¥cs+¥Projects¥t4_demo¥DefaultBuild¥t4_demo.lib

- CC-RX(ビルドツール)->ライブラリージェネレーションタブ->ライブラリー構成を「C99」に、
-ctype.hを有効にするを「はい」に設定します。
+- CC-RX(ビルドツール)->ライブラリージェネレーションタブ->ライブラリー構成を「C99」に、
+ctype.hを有効にするを「はい」に設定します。

-　- プロジェクトのビルド、ターゲットへのダウンロードをしたのち、表示->デバッグ・コンソール
-　からコンソールを表示させます。実行を開始するとコンソールに以下の表示が出力されます。
-　
+　- プロジェクトのビルド、ターゲットへのダウンロードをしたのち、表示->デバッグ・コンソール
+　からコンソールを表示させます。実行を開始するとコンソールに以下の表示が出力されます。
+　
 ===
-　wolfSSL Demo
+　wolfSSL Demo
 t: test, b: benchmark, s: server, or c <IP addr> <Port>: client
 $
 ===

-tコマンド：各暗号化アルゴリズムの簡単なテストを実行します。所要のアルゴリズムが
-　組み込まれているか確認することができます。組み込むアルゴリズムはビルドオプション
-　で変更することができます。詳しくはユーザマニュアルを参照してください。
-bコマンド：各暗号アルゴリズムごとの簡単なベンチマークを実行します。
-sコマンド：簡単なTLSサーバを起動します。起動するとビルド時のIPアドレス、
-　ポート50000にてTLS接続を待ちます。
-cコマンド：簡単なTLSクライアントを起動します。起動すると第一アーギュメントで指定された
-　IPアドレス、第二アーギュメントで指定されたポートに対してTLS接続します。
+tコマンド：各暗号化アルゴリズムの簡単なテストを実行します。所要のアルゴリズムが
+　組み込まれているか確認することができます。組み込むアルゴリズムはビルドオプション
+　で変更することができます。詳しくはユーザマニュアルを参照してください。
+bコマンド：各暗号アルゴリズムごとの簡単なベンチマークを実行します。
+sコマンド：簡単なTLSサーバを起動します。起動するとビルド時のIPアドレス、
+　ポート50000にてTLS接続を待ちます。
+cコマンド：簡単なTLSクライアントを起動します。起動すると第一アーギュメントで指定された
+　IPアドレス、第二アーギュメントで指定されたポートに対してTLS接続します。

-いずれのコマンドも１回のみ実行します。繰り返し実行したい場合は、MPUをリセットして
-再起動します。
+いずれのコマンドも１回のみ実行します。繰り返し実行したい場合は、MPUをリセットして
+再起動します。

-４．対向テスト
-　デモのｓ、ｃコマンドを使って、他の機器と簡単な対向テストをすることができます。
-　UbuntuなどのGCC, make環境、WindowsのVisual Studioなどで
-　対向テスト用のサーバ、クライアントをビルドすることができます。
+４．対向テスト
+　デモのｓ、ｃコマンドを使って、他の機器と簡単な対向テストをすることができます。
+　UbuntuなどのGCC, make環境、WindowsのVisual Studioなどで
+　対向テスト用のサーバ、クライアントをビルドすることができます。

-　GCC,makeコマンド環境では、ダウンロード解凍したwolfsslのディレクトリ下で以下の
-　コマンドを発行すると、ライブラリ、テスト用のクライアント、サーバなど一式がビルド
-　されます。
-　
-　$ ./configure
-　$ make check
-　
-　その後、以下のような指定でクライアントまたはサーバを起動して、ボード上の
-　デモと対向テストすることができます。
-　
-　PC側：
-　$ ./examples/server/server -b -d
-　ボード側：
-　　> c <IPアドレス> 11111
+　GCC,makeコマンド環境では、ダウンロード解凍したwolfsslのディレクトリ下で以下の
+　コマンドを発行すると、ライブラリ、テスト用のクライアント、サーバなど一式がビルド
+　されます。
+　
+　$ ./configure
+　$ make check
+　
+　その後、以下のような指定でクライアントまたはサーバを起動して、ボード上の
+　デモと対向テストすることができます。
+　
+　PC側：
+　$ ./examples/server/server -b -d
+　ボード側：
+　　> c <IPアドレス> 11111

-　ボード側：
-　　> s
-　PC側：　
-　$ ./examples/client/client -h <IPアドレス> -p 50000
-　
-　
-　WindowsのVisual Studioでは、ダウンロード解凍したwolfsslフォルダ下のwolfssl64.sln
-　を開き、ソリューションをビルドします。Debugフォルダ下にビルドされるclient.exeと
-　server.exeを利用します。
-　
-  PC側：
-　Debug> .\server -b -d
-　ボード側：
-　　> c <IPアドレス> 11111
+　ボード側：
+　　> s
+　PC側：　
+　$ ./examples/client/client -h <IPアドレス> -p 50000
+　
+　
+　WindowsのVisual Studioでは、ダウンロード解凍したwolfsslフォルダ下のwolfssl64.sln
+　を開き、ソリューションをビルドします。Debugフォルダ下にビルドされるclient.exeと
+　server.exeを利用します。
+　
+  PC側：
+　Debug> .¥server -b -d
+　ボード側：
+　　> c <IPアドレス> 11111

-　ボード側：
-　　> s
-　PC側：
-　Debug> .\client  -h <IPアドレス> -p 50000
+　ボード側：
+　　> s
+　PC側：
+　Debug> .¥client  -h <IPアドレス> -p 50000

-以上、
+以上、
--- a/IDE/Renesas/e2studio/RA6M3/README.md
+++ b/IDE/Renesas/e2studio/RA6M3/README.md
@@ -67,7 +67,7 @@ The following steps explain how to generate the missing files and where to place
 |Thread Symbol|wolfssl_tst_thread|
 |Thread Name|wolf_tst_thread|
 |Thread Stack size|increase depending on your environment<br> e.g. 0xA000|
-|Thread MemoryAllocation|Dyamic|
+|Thread MemoryAllocation|Dynamic|
 |Common General Use Mutexes|Enabled|
 |Common General Enable Backward Compatibility|Enabled|
 |Common Memory Allocation Support Dynamic Allocation|Enabled|
--- a/IDE/Renesas/e2studio/RA6M4/README.md
+++ b/IDE/Renesas/e2studio/RA6M4/README.md
@@ -74,7 +74,7 @@ The wolfssl Project Summary is listed below and is relevant for every project.
 |Thread Symbol|sce_tst_thread|
 |Thread Name|sce_tst_thread|
 |Thread Stack size|increase depending on your environment<br> e.g. 0xA000|
-|Thread MemoryAllocation|Dyamic|
+|Thread MemoryAllocation|Dynamic|
 |Common General Use Mutexes|Enabled|
 |Common General Enable Backward Compatibility|Enabled|
 |Common Memory Allocation Support Dynamic Allocation|Enabled|
--- a/IDE/Renesas/e2studio/RA6M4/test/src/SEGGER_RTT/myprint.c
+++ b/IDE/Renesas/e2studio/RA6M4/test/src/SEGGER_RTT/myprint.c
@@ -18,6 +18,8 @@
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
 */
+
+#include <stdarg.h>
 #include "SEGGER_RTT.h"

 #define SEGGER_INDEX            (0)
--- a/IDE/Renesas/e2studio/RA6M4/test/src/wolf_client.c
+++ b/IDE/Renesas/e2studio/RA6M4/test/src/wolf_client.c
@@ -23,6 +23,7 @@

 #include <stdio.h>
 #include <string.h>
+#include <stdarg.h> /* var_arg */
 #include <sys/time.h>
 #include "wolfssl/wolfcrypt/settings.h"
 #include "wolfssl/ssl.h"
--- a/IDE/Renesas/e2studio/RA6M4/tools/README.md
+++ b/IDE/Renesas/e2studio/RA6M4/tools/README.md
@@ -1,7 +1,7 @@
 # Create/Update Signed CA
 This document describes how to create/update Signed CA data that is used at an example program.

-## Signed CA Creatation
+## Signed CA Creation
 ### Generate RSA Key pair
 ```
 2048 bit RSA key pair
@@ -35,5 +35,5 @@ There are multiple example keys for testing in the `example_keys` folder.
 |
 +----+ rsa_private.pem  an example 2048-bit rsa private key for signing CA cert
     + rsa_public.pem   an example 2048-bit rsa public key for verifying CA cert
-     + generate_signCA.sh an example script to genearte signed-certificate data for the example program
+     + generate_signCA.sh an example script to generate signed-certificate data for the example program
 ```
--- a/IDE/Renesas/e2studio/RA6M4/tools/example_keys/generate_SignedCA.sh
+++ b/IDE/Renesas/e2studio/RA6M4/tools/example_keys/generate_SignedCA.sh
@@ -37,7 +37,7 @@ openssl dgst -sha256 -sign $1 -sigopt $SIGOPT -sigopt $SIGOPT2 -out ${CURRENT}/$

 echo Verify by private key
 openssl dgst -sha256 -prverify $1 -sigopt $SIGOPT -sigopt $SIGOPT2 -signature ${CURRENT}/${signed_file}.sign $3
-echo Verifiy by public key
+echo Verify by public key
 openssl dgst -sha256 -verify $2 -sigopt $SIGOPT -sigopt $SIGOPT2 -signature ${CURRENT}/${signed_file}.sign $3

 # Convert Signed CA to c source
--- a/IDE/Renesas/e2studio/RX65N/GR-ROSE/tools/README.md
+++ b/IDE/Renesas/e2studio/RX65N/GR-ROSE/tools/README.md
@@ -1,7 +1,7 @@
 # Create/Update Signed CA
 This document describes how to create/update Signed CA data that is used at an example program.

-## Signed CA Creatation
+## Signed CA Creation
 ### Generate RSA Key pair
 ```
 2048 bit RSA key pair
@@ -35,5 +35,5 @@ There are multiple example keys for testing in the `example_keys` folder.
 |
 +----+ rsa_private.pem  an example 2048-bit rsa private key for signing CA cert
     + rsa_public.pem   an example 2048-bit rsa public key for verifying CA cert
-     + generate_signCA.sh an example script to genearte signed-certificate data for the example program
+     + generate_signCA.sh an example script to generate signed-certificate data for the example program
 ```
--- a/IDE/Renesas/e2studio/RX65N/GR-ROSE/tools/example_keys/generate_SignedCA.sh
+++ b/IDE/Renesas/e2studio/RX65N/GR-ROSE/tools/example_keys/generate_SignedCA.sh
@@ -37,7 +37,7 @@ openssl dgst -sha256 -sign $1 -sigopt $SIGOPT -sigopt $SIGOPT2 -out ${CURRENT}/$

 echo Verify by private key
 openssl dgst -sha256 -prverify $1 -sigopt $SIGOPT -sigopt $SIGOPT2 -signature ${CURRENT}/${signed_file}.sign $3
-echo Verifiy by public key
+echo Verify by public key
 openssl dgst -sha256 -verify $2 -sigopt $SIGOPT -sigopt $SIGOPT2 -signature ${CURRENT}/${signed_file}.sign $3

 # Convert Signed CA to c source
--- a/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/common/wolfssl_dummy.c
+++ b/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/common/wolfssl_dummy.c
@@ -21,15 +21,32 @@

 #include <wolfssl/wolfcrypt/wc_port.h>

-#define YEAR 2024
-#define MON  7
-
 static int tick = 0;

+#define YEAR  ( \
+    ((__DATE__)[7]  - '0') * 1000 + \
+    ((__DATE__)[8]  - '0') * 100  + \
+    ((__DATE__)[9]  - '0') * 10   + \
+    ((__DATE__)[10] - '0') * 1      \
+)
+
+#define MONTH ( \
+    __DATE__[2] == 'n' ? (__DATE__[1] == 'a' ? 1 : 6) \
+  : __DATE__[2] == 'b' ? 2 \
+  : __DATE__[2] == 'r' ? (__DATE__[0] == 'M' ? 3 : 4) \
+  : __DATE__[2] == 'y' ? 5 \
+  : __DATE__[2] == 'l' ? 7 \
+  : __DATE__[2] == 'g' ? 8 \
+  : __DATE__[2] == 'p' ? 9 \
+  : __DATE__[2] == 't' ? 10 \
+  : __DATE__[2] == 'v' ? 11 \
+  : 12 \
+	)
+
 time_t time(time_t *t)
 {
    (void)t;
-    return ((YEAR-1970)*365+30*MON)*24*60*60 + tick++;
+    return ((YEAR-1970)*365+30*MONTH)*24*60*60 + tick++;
 }

 #include <ctype.h>
--- a/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/test_main.c
+++ b/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/test_main.c
@@ -65,6 +65,7 @@ extern "C" {
 static long tick;
 static void timeTick(void *pdata)
 {
+	(void)pdata;
    tick++;
 }

--- a/IDE/Renesas/e2studio/RX72N/EnvisionKit/tools/README.md
+++ b/IDE/Renesas/e2studio/RX72N/EnvisionKit/tools/README.md
@@ -1,7 +1,7 @@
 # Create/Update Signed CA
 This document describes how to create/update Signed CA data that is used at an example program.

-## Signed CA Creatation
+## Signed CA Creation
 ### Generate RSA Key pair
 ```
 2048 bit RSA key pair
@@ -35,5 +35,5 @@ There are multiple example keys for testing in the `example_keys` folder.
 |
 +----+ rsa_private.pem  an example 2048-bit rsa private key for signing CA cert
     + rsa_public.pem   an example 2048-bit rsa public key for verifying CA cert
-     + generate_signCA.sh an example script to genearte signed-certificate data for the example program
+     + generate_signCA.sh an example script to generate signed-certificate data for the example program
 ```
--- a/IDE/Renesas/e2studio/RX72N/EnvisionKit/tools/example_keys/generate_SignedCA.sh
+++ b/IDE/Renesas/e2studio/RX72N/EnvisionKit/tools/example_keys/generate_SignedCA.sh
@@ -37,7 +37,7 @@ openssl dgst -sha256 -sign $1 -sigopt $SIGOPT -sigopt $SIGOPT2 -out ${CURRENT}/$

 echo Verify by private key
 openssl dgst -sha256 -prverify $1 -sigopt $SIGOPT -sigopt $SIGOPT2 -signature ${CURRENT}/${signed_file}.sign $3
-echo Verifiy by public key
+echo Verify by public key
 openssl dgst -sha256 -verify $2 -sigopt $SIGOPT -sigopt $SIGOPT2 -signature ${CURRENT}/${signed_file}.sign $3

 # Convert Signed CA to c source
--- a/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/user_settings.h
+++ b/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/user_settings.h
@@ -240,12 +240,17 @@
 #if defined(WOLFSSL_RENESAS_TSIP)
    /*-- TSIP TLS and/or CRYPTONLY Definition --------------------------------*/
    /* Enable TSIP TLS (default)
-     *   TSIP CRYPTONLY is also enabled.
+     *   TSIP CRYPT is also enabled.
     * Disable TSIP TLS
+     *   TSIP CRYPT is also disabled
     *   TSIP CRYPTONLY is only enabled.
     */
    #define WOLFSSL_RENESAS_TSIP_TLS

+    /* #define WOLFSSL_RENESAS_TSIP_CRYPTONLY */
+    /* #define WOLFSSL_KEY_GEN                */
+    /* #define RSA_MIN_SIZE 1024              */
+
    #if !defined(NO_RENESAS_TSIP_CRYPT)
        #define HAVE_PK_CALLBACKS
        #define WOLF_CRYPTO_CB
@@ -267,13 +272,13 @@
     * directly. Comment out the macro will generate random number by
     * wolfSSL Hash DRBG by using a seed which is generated by TSIP API.
     *-----------------------------------------------------------------------*/
-	#define CUSTOM_RAND_GENERATE_BLOCK wc_tsip_GenerateRandBlock
+    #define CUSTOM_RAND_GENERATE_BLOCK wc_tsip_GenerateRandBlock
 #else
    #define OPENSSL_EXTRA
    #define WOLFSSL_GENSEED_FORTEST /* Warning: define your own seed gen */
-	#if !defined(min)
-    	#define min(data1, data2)    _builtin_min(data1, data2)
-	#endif
+    #if !defined(min)
+        #define min(data1, data2)    _builtin_min(data1, data2)
+    #endif
 #endif


--- a/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_demo.c
+++ b/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_demo.c
@@ -23,9 +23,7 @@
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
-
-
-
+#include <stdarg.h>

 #include <wolfssl/wolfcrypt/settings.h>
 #include "wolfssl/ssl.h"
--- a/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_tsip_unit_test.c
+++ b/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_tsip_unit_test.c
@@ -56,11 +56,11 @@
 #endif

 #ifndef NO_SHA
- int sha_test();
+ int sha_test(void);
 #endif

 #ifndef NO_SHA256
- int sha256_test();
+ int sha256_test(void);
 #endif

 #define SMALL_STACK_SIZE (1 * 1024)
@@ -408,10 +408,10 @@ static int tsip_aesgcm256_test(int prnt, tsip_aes_key_index_t* aes256_key)
        printf(" tsip_aes256_gcm_test() ");
    }

-    ForceZero(resultT, sizeof(resultT));
-    ForceZero(resultC, sizeof(resultC));
-    ForceZero(resultP, sizeof(resultP));
-    ForceZero(&userContext, sizeof(TsipUserCtx));
+    XMEMSET(resultT, 0, sizeof(resultT));
+    XMEMSET(resultC, 0, sizeof(resultC));
+    XMEMSET(resultP, 0, sizeof(resultP));
+    XMEMSET(&userContext, 0, sizeof(TsipUserCtx));

    if (wc_AesInit(enc, NULL, INVALID_DEVID) != 0) {
        ret = -1;
@@ -434,10 +434,11 @@ static int tsip_aesgcm256_test(int prnt, tsip_aes_key_index_t* aes256_key)
    }

    /* AES-GCM encrypt and decrypt both use AES encrypt internally */
-    result = wc_tsip_AesGcmEncrypt(enc, resultC, p, sizeof(p),
-                        (byte*)iv1, sizeof(iv1), resultT, sizeof(resultT),
-                        a, sizeof(a), &userContext);
-
+    result = wc_tsip_AesGcmEncrypt(enc,
+        resultC, p, sizeof(p),
+        (byte*)iv1, sizeof(iv1), resultT, sizeof(resultT),
+        a, sizeof(a), &userContext
+    );
    if (result != 0) {
        ret = -4;
        goto out;
@@ -451,9 +452,11 @@ static int tsip_aesgcm256_test(int prnt, tsip_aes_key_index_t* aes256_key)
        dec->ctx.keySize = enc->keylen;
    }

-    result = wc_tsip_AesGcmDecrypt(dec, resultP, resultC, sizeof(c1),
-                        iv1, sizeof(iv1), resultT, sizeof(resultT),
-                        a, sizeof(a), &userContext);
+    result = wc_tsip_AesGcmDecrypt(dec,
+        resultP, resultC, sizeof(c1),
+        iv1, sizeof(iv1), resultT, sizeof(resultT),
+        a, sizeof(a), &userContext
+    );
    if (result != 0){
        ret = -8;
        goto out;
@@ -469,18 +472,21 @@ static int tsip_aesgcm256_test(int prnt, tsip_aes_key_index_t* aes256_key)

    wc_AesGcmSetKey(enc, k1, sizeof(k1));
    /* AES-GCM encrypt and decrypt both use AES encrypt internally */
-    result = wc_tsip_AesGcmEncrypt(enc, resultC, p, sizeof(p), iv1, sizeof(iv1),
-                                resultT + 1, sizeof(resultT) - 1,
-                                a, sizeof(a), &userContext);
+    result = wc_tsip_AesGcmEncrypt(enc,
+        resultC, p, sizeof(p), iv1, sizeof(iv1),
+        resultT + 1, sizeof(resultT) - 1,
+        a, sizeof(a), &userContext
+    );
    if (result != 0) {
        ret = -10;
        goto out;
    }

-    result = wc_tsip_AesGcmDecrypt(enc, resultP, resultC, sizeof(p),
-                            iv1, sizeof(iv1), resultT + 1, sizeof(resultT) - 1,
-                            a, sizeof(a), &userContext);
-
+    result = wc_tsip_AesGcmDecrypt(enc,
+        resultP, resultC, sizeof(p),
+        iv1, sizeof(iv1), resultT + 1, sizeof(resultT) - 1,
+        a, sizeof(a), &userContext
+    );
    if (result != 0) {
        ret = -11;
        goto out;
@@ -523,7 +529,7 @@ static void tskAes256_Gcm_Test(void *pvParam)
 #endif /* FREERTOS */
 #endif

-#if defined(WOLFSSL_AES_128)
+#if defined(WOLFSSL_AES_128) && defined(HAVE_AESGCM)

 static int tsip_aesgcm128_test(int prnt, tsip_aes_key_index_t* aes128_key)
 {
@@ -568,9 +574,9 @@ static int tsip_aesgcm128_test(int prnt, tsip_aes_key_index_t* aes128_key)
        0x31, 0x2e, 0x2a, 0xf9, 0x57, 0x7a, 0x1e, 0xa6
    };

-    byte resultT[16];
-    byte resultP[60 + AES_BLOCK_SIZE];
-    byte resultC[60 + AES_BLOCK_SIZE];
+    byte resultT[sizeof(t3)];
+    byte resultP[sizeof(p3) + AES_BLOCK_SIZE];
+    byte resultC[sizeof(p3) + AES_BLOCK_SIZE];
    int  result = 0;
    int ret;

@@ -581,10 +587,10 @@ static int tsip_aesgcm128_test(int prnt, tsip_aes_key_index_t* aes128_key)
        printf(" tsip_aes128_gcm_test() ");
    }

-    ForceZero(resultT, sizeof(resultT));
-    ForceZero(resultC, sizeof(resultC));
-    ForceZero(resultP, sizeof(resultP));
-    ForceZero(&userContext, sizeof(TsipUserCtx));
+    XMEMSET(resultT, 0, sizeof(resultT));
+    XMEMSET(resultC, 0, sizeof(resultC));
+    XMEMSET(resultP, 0, sizeof(resultP));
+    XMEMSET(&userContext, 0, sizeof(TsipUserCtx));

    if (wc_AesInit(enc, NULL, INVALID_DEVID) != 0) {
        ret = -1;
@@ -607,21 +613,27 @@ static int tsip_aesgcm128_test(int prnt, tsip_aes_key_index_t* aes128_key)
        enc->ctx.keySize = enc->keylen;
    }
    /* AES-GCM encrypt and decrypt both use AES encrypt internally */
-    result = wc_tsip_AesGcmEncrypt(enc, resultC, p3, sizeof(p3),
-                                        iv3, sizeof(iv3),
-                                        resultT, sizeof(t3),
-                                        a3, sizeof(a3), &userContext);
+    result = wc_tsip_AesGcmEncrypt(enc,
+        resultC, p3, sizeof(p3),
+        iv3, sizeof(iv3),
+        resultT, sizeof(t3),
+        a3, sizeof(a3), &userContext
+    );
    if (result != 0) {
        ret = -4;
        goto out;
    }
-    result = wc_tsip_AesGcmDecrypt(enc, resultP, resultC, sizeof(c3),
-                                iv3, sizeof(iv3), resultT, sizeof(resultT),
-                                a3, sizeof(a3), &userContext);
+
+    result = wc_tsip_AesGcmDecrypt(enc,
+        resultP, resultC, sizeof(c3),
+        iv3, sizeof(iv3), resultT, sizeof(resultT),
+        a3, sizeof(a3), &userContext
+    );
    if (result != 0) {
        ret = -5;
        goto out;
    }
+
    if (XMEMCMP(p3, resultP, sizeof(p3))) {
        ret = -6;
        goto out;
@@ -711,41 +723,44 @@ static void tskSha256_Test(void *pvParam)
 #define TEST_STRING_SZ   25
 #define RSA_TEST_BYTES   256 /* up to 2048-bit key */

-static int tsip_rsa_SignVerify_test(int prnt, int keySize)
+static int tsip_rsa_test(int prnt, int keySize)
 {
    int ret = 0;

-    RsaKey *key = (RsaKey *)XMALLOC(sizeof *key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    RsaKey *key = NULL;
    WC_RNG rng;
    const char inStr [] = TEST_STRING;
-    const char inStr2[] = TEST_STRING2;
    const word32 inLen = (word32)TEST_STRING_SZ;
    const word32 outSz = RSA_TEST_BYTES;
-
+    word32 out_actual_len = 0;
    byte *in = NULL;
-    byte *in2 = NULL;
    byte *out= NULL;
+    byte *outplain = NULL;
+    int initRsa = 0;
+    int devId = 7890; /* fixed devid for TSIP/SCE */

+    XMEMSET(&rng, 0, sizeof(rng));
+
+    key = (RsaKey *)XMALLOC(sizeof(*key), NULL, DYNAMIC_TYPE_TMP_BUFFER);
    in = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    in2 = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    out= (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    out = (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    outplain = (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);

-    (void) prnt;
-
-    if (key == NULL || in == NULL || out == NULL) {
+    if (key == NULL || in == NULL || out == NULL || outplain == NULL) {
        ret = -1;
        goto out;
    }

-    XMEMSET(&rng, 0, sizeof(rng));
-    XMEMSET(key, 0, sizeof *key);
+    XMEMSET(key, 0, sizeof(*key));
    XMEMCPY(in, inStr, inLen);
-    XMEMCPY(in2, inStr2, inLen);
+    XMEMSET(out,  0, outSz);
+    XMEMSET(outplain, 0, outSz);

-    ret = wc_InitRsaKey_ex(key, NULL, 7890/* fixed devid for TSIP/SCE*/);
+    ret = wc_InitRsaKey_ex(key, NULL, devId);
    if (ret != 0) {
        goto out;
    }
+    initRsa = 1;

    if ((ret = wc_InitRng(&rng)) != 0)
        goto out;
@@ -753,7 +768,91 @@ static int tsip_rsa_SignVerify_test(int prnt, int keySize)
    if ((ret = wc_RsaSetRNG(key, &rng)) != 0)
        goto out;

-    /* make rsa key by SCE */
+    /* Generate a new RSA key to use with TSIP/SCE */
+    if ((ret = wc_MakeRsaKey(key, keySize, 65537, &rng)) != 0) {
+        goto out;
+    }
+
+    ret = wc_RsaPublicEncrypt(in, inLen, out, outSz, key, &rng);
+    if (ret < 0) {
+        goto out;
+    }
+
+    ret = wc_RsaPrivateDecrypt(out, (word32)(keySize/8), outplain, outSz, key);
+    if (ret < 0) {
+        ret = -1;
+        goto out;
+    }
+
+    if (XMEMCMP(in, outplain, inLen) != 0) {
+        ret = -2;
+        goto out;
+    }
+
+    ret = 0;
+out:
+
+    wc_FreeRng(&rng);
+    if (key != NULL) {
+        if (initRsa)
+            wc_FreeRsaKey(key);
+        XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    }
+    XFREE(in, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(outplain, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+    (void)prnt;
+    return ret;
+}
+
+
+static int tsip_rsa_SignVerify_test(int prnt, int keySize)
+{
+    int ret = 0;
+
+    RsaKey *key = NULL;
+    WC_RNG rng;
+    const char inStr [] = TEST_STRING;
+    const char inStr2[] = TEST_STRING2;
+    const word32 inLen = (word32)TEST_STRING_SZ;
+    const word32 outSz = RSA_TEST_BYTES;
+    word32 signSz = 0;
+    byte *in = NULL;
+    byte *in2 = NULL;
+    byte *out= NULL;
+    int initRsa = 0;
+    int devId = 7890; /* fixed devid for TSIP/SCE */
+
+    XMEMSET(&rng, 0, sizeof(rng));
+
+    key = (RsaKey *)XMALLOC(sizeof(*key), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    in = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    in2 = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    out = (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+    if (key == NULL || in == NULL || out == NULL) {
+        ret = -1;
+        goto out;
+    }
+
+    XMEMSET(key, 0, sizeof(*key));
+    XMEMCPY(in, inStr, inLen);
+    XMEMCPY(in2, inStr2, inLen);
+
+    ret = wc_InitRsaKey_ex(key, NULL, devId);
+    if (ret != 0) {
+        goto out;
+    }
+    initRsa = 1;
+
+    if ((ret = wc_InitRng(&rng)) != 0)
+        goto out;
+
+    if ((ret = wc_RsaSetRNG(key, &rng)) != 0)
+        goto out;
+
+    /* Generate a new RSA key to use with TSIP/SCE */
    if ((ret = wc_MakeRsaKey(key, keySize, 65537, &rng)) != 0) {
        goto out;
    }
@@ -762,36 +861,42 @@ static int tsip_rsa_SignVerify_test(int prnt, int keySize)
    if (ret < 0) {
        goto out;
    }
+    signSz = ret;

    /* this should fail */
-    ret = wc_RsaSSL_Verify(in2, inLen, out, keySize/8, key);
+    ret = wc_RsaSSL_Verify(out, signSz, in2, inLen, key);
    if (ret != SIG_VERIFY_E) {
        ret = -1;
        goto out;
    }
    /* this should succeed */
-    ret = wc_RsaSSL_Verify(in, inLen, out, keySize/8, key);
+    ret = wc_RsaSSL_Verify(out, signSz, in, inLen, key);
    if (ret < 0) {
        ret = -1;
        goto out;
    }
    ret = 0;
+
  out:
+
+    wc_FreeRng(&rng);
    if (key != NULL) {
-        wc_FreeRsaKey(key);
+        if (initRsa)
+            wc_FreeRsaKey(key);
        XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
    }
    XFREE(in, NULL, DYNAMIC_TYPE_TMP_BUFFER);
    XFREE(in2, NULL, DYNAMIC_TYPE_TMP_BUFFER);
    XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);

+    (void)prnt;
    return ret;
 }
 #endif /* NO_RSA */


 #ifdef TSIP_MULTIUNIT_TEST
-int tsip_crypt_sha_multitest()
+int tsip_crypt_sha_multitest(void)
 {
    int ret = 0;
    int num = 0;
@@ -849,7 +954,7 @@ int tsip_crypt_sha_multitest()
 }


-int tsip_crypt_AesCbc_multitest()
+int tsip_crypt_AesCbc_multitest(void)
 {
    int ret = 0;
    int num = 0;
@@ -930,7 +1035,7 @@ int tsip_crypt_AesCbc_multitest()
 }


-int tsip_crypt_AesGcm_multitest()
+int tsip_crypt_AesGcm_multitest(void)
 {
    int ret = 0;
    int num = 0;
@@ -1009,7 +1114,7 @@ int tsip_crypt_AesGcm_multitest()
    return ret;
 }

-int tsip_crypt_Sha_AesCbcGcm_multitest()
+int tsip_crypt_Sha_AesCbcGcm_multitest(void)
 {
    int ret = 0;
    int num = 0;
@@ -1089,7 +1194,7 @@ int tsip_crypt_Sha_AesCbcGcm_multitest()
 #endif


-int tsip_crypt_test()
+int tsip_crypt_test(void)
 {
    int ret = 0;
    e_tsip_err_t tsip_error_code;
@@ -1132,6 +1237,7 @@ int tsip_crypt_test()

        }

+#ifdef HAVE_AESGCM
        if (ret == 0) {

            ret = tsip_aesgcm128_test(1, &g_user_aes128_key_index1);
@@ -1143,8 +1249,10 @@ int tsip_crypt_test()
            ret = tsip_aesgcm256_test(1, &g_user_aes256_key_index1);

        }
-   #if defined(WOLFSSL_KEY_GEN) && \
-       defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+#endif
+
+#if defined(WOLFSSL_KEY_GEN) && \
+    defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)

        if (ret == 0) {
            Clr_CallbackCtx(&userContext);
@@ -1155,6 +1263,23 @@ int tsip_crypt_test()
                ret = 0;
        }

+#if RSA_MIN_SIZE <= 1024
+        if (ret == 0) {
+            userContext.wrappedKeyType = TSIP_KEY_TYPE_RSA1024;
+            printf(" tsip_rsa_test(1024)");
+            ret = tsip_rsa_test(1, 1024);
+            RESULT_STR(ret)
+        }
+#endif
+        if (ret == 0) {
+            userContext.wrappedKeyType = TSIP_KEY_TYPE_RSA2048;
+            printf(" tsip_rsa_test(2048)");
+            ret = tsip_rsa_test(1, 2048);
+            RESULT_STR(ret)
+        }
+
+
+#if RSA_MIN_SIZE <= 1024
        if (ret == 0) {
            printf(" tsip_rsa_SignVerify_test(1024)");

@@ -1167,6 +1292,7 @@ int tsip_crypt_test()
        }

        Clr_CallbackCtx(&userContext);
+#endif

        if (ret == 0) {
            printf(" tsip_rsa_SignVerify_test(2048)");
@@ -1180,12 +1306,11 @@ int tsip_crypt_test()
        }

        Clr_CallbackCtx(&userContext);
-   #endif
+#endif /* WOLFSSL_KEY_GEN && WOLFSSL_RENESAS_TSIP_CRYPTONLY */
    }
-    else
+    else {
        ret = -1;
-
-
+    }
    return ret;
 }

--- a/IDE/STM32Cube/README.md
+++ b/IDE/STM32Cube/README.md
@@ -37,6 +37,9 @@ You need both the STM32 IDE and the STM32 initialization code generator (STM32Cu
 8. The Benchmark example uses float. To enable go to "Project Properties" -> "C/C++ Build" -> "Settings" -> "Tool Settings" -> "MCU Settings" -> Check "Use float with printf".
 9. To enable printf make the `main.c` changes below in the [STM32 Printf](#stm32-printf) section.

+
+**Note:** The STM32MP13 will likely require you to use DDR RAM, as well as enabling MMU and caches for optimum performance. Please see the `STM32MP13.md` file in `wolfcrypt/src/port/st` for more information on how to do this.
+
 ### Creating your own STM32CubeMX configuration

 If none of the examples fit your STM32 type then you can create your own in STM32CubeMX by doing the following:
@@ -90,10 +93,11 @@ The section for "Hardware platform" may need to be adjusted depending on your pr
 * To enable STM32WL support define `WOLFSSL_STM32WL`.
 * To enable STM32U5 support define `WOLFSSL_STM32U5`.
 * To enable STM32H5 support define `WOLFSSL_STM32H5`.
+* To enable STM32MP13 support define `WOLFSSL_STM32MP13`.

 To use the STM32 Cube HAL support make sure `WOLFSSL_STM32_CUBEMX` is defined.

-The PKA acceleration for ECC is available on some U5, L5 and WB55 chips.
+The PKA acceleration for ECC is available on some U5, L5, WB55 and MP13 chips.
 This is enabled with `WOLFSSL_STM32_PKA`. You can see some of the benchmarks [here](STM32_Benchmarks.md).

 To disable hardware crypto acceleration you can define:
--- a/IDE/STM32Cube/default_conf.ftl
+++ b/IDE/STM32Cube/default_conf.ftl
@@ -165,14 +165,22 @@ extern ${variable.value} ${variable.name};
    #define HAL_CONSOLE_UART huart3
    #define STM32_HAL_V2
    #undef  NO_STM32_HASH
-
+#elif defined(STM32MP135Fxx)
+    #define WOLFSSL_STM32MP13
+    #define HAL_CONSOLE_UART huart4
+    #define STM32_HAL_V2
+    #undef NO_STM32_HASH
+    #undef NO_STM32_CRYPTO
+    #define WOLFSSL_STM32_PKA
+    #define WOLFSSL_STM32_PKA_V2
 #else
    #warning Please define a hardware platform!
    /* This means there is not a pre-defined platform for your board/CPU */
    /* You need to define a CPU type, HW crypto and debug UART */
    /* CPU Type: WOLFSSL_STM32F1, WOLFSSL_STM32F2, WOLFSSL_STM32F4,
        WOLFSSL_STM32F7, WOLFSSL_STM32H7, WOLFSSL_STM32L4, WOLFSSL_STM32L5,
-        WOLFSSL_STM32G0, WOLFSSL_STM32G4, WOLFSSL_STM32WB and WOLFSSL_STM32U5 */
+        WOLFSSL_STM32G0, WOLFSSL_STM32G4, WOLFSSL_STM32WB, WOLFSSL_STM32U5 and
+        WOLFSSL_STM32MP13 */
    #define WOLFSSL_STM32F4

    /* Debug UART used for printf */
--- a/IDE/STM32Cube/wolfssl_example.c
+++ b/IDE/STM32Cube/wolfssl_example.c
@@ -1751,9 +1751,15 @@ static int tls13_uart_client(void)
    wolfSSL_SetIOReadCtx(ssl, tbuf);

 #ifdef WOLFSSL_HAVE_KYBER
+#ifndef WOLFSSL_NO_ML_KEM
+    if (wolfSSL_UseKeyShare(ssl, WOLFSSL_ML_KEM_512) != WOLFSSL_SUCCESS) {
+        printf("wolfSSL_UseKeyShare Error!!");
+    }
+#else
    if (wolfSSL_UseKeyShare(ssl, WOLFSSL_KYBER_LEVEL1) != WOLFSSL_SUCCESS) {
        printf("wolfSSL_UseKeyShare Error!!");
    }
+#endif
 #endif

    do {
--- a/IDE/WIN-SRTP-KDF-140-3/wolfssl-fips.vcxproj
+++ b/IDE/WIN-SRTP-KDF-140-3/wolfssl-fips.vcxproj
@@ -263,6 +263,7 @@
    <ClCompile Include="..\..\wolfcrypt\src\cpuid.c" />
    <ClCompile Include="..\..\wolfcrypt\src\des3.c" />
    <ClCompile Include="..\..\wolfcrypt\src\dh.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\dsa.c" />
    <ClCompile Include="..\..\wolfcrypt\src\ecc.c" />
    <ClCompile Include="..\..\wolfcrypt\src\ed25519.c" />
    <ClCompile Include="..\..\wolfcrypt\src\ed448.c" />
--- a/IDE/WIN/wolfssl-fips.vcxproj
+++ b/IDE/WIN/wolfssl-fips.vcxproj
@@ -298,6 +298,7 @@
    <ClCompile Include="..\..\src\crl.c" />
    <ClCompile Include="..\..\wolfcrypt\src\des3.c" />
    <ClCompile Include="..\..\wolfcrypt\src\dh.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\dsa.c" />
    <ClCompile Include="..\..\wolfcrypt\src\ecc.c" />
    <ClCompile Include="..\..\wolfcrypt\src\error.c" />
    <ClCompile Include="..\..\wolfcrypt\src\hash.c" />
--- a/IDE/WIN10/wolfssl-fips.vcxproj
+++ b/IDE/WIN10/wolfssl-fips.vcxproj
@@ -262,6 +262,7 @@
    <ClCompile Include="..\..\wolfcrypt\src\curve448.c" />
    <ClCompile Include="..\..\wolfcrypt\src\des3.c" />
    <ClCompile Include="..\..\wolfcrypt\src\dh.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\dsa.c" />
    <ClCompile Include="..\..\wolfcrypt\src\ecc.c" />
    <ClCompile Include="..\..\wolfcrypt\src\ed25519.c" />
    <ClCompile Include="..\..\wolfcrypt\src\ed448.c" />
--- a/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/simple_client_example.h
+++ b/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/simple_client_example.h
@@ -19,9 +19,9 @@
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
 */

-#ifndef simple_client_example_h
-#define simple_client_example_h
+#ifndef SIMPLE_CLIENT_EXAMPLE_H
+#define SIMPLE_CLIENT_EXAMPLE_H

 int simple_client_example(void);

-#endif /* simple_client_example_h */
+#endif /* SIMPLE_CLIENT_EXAMPLE_H */
--- a/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_test_driver.h
+++ b/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_test_driver.h
@@ -19,9 +19,9 @@
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
 */

-#ifndef wolfssl_test_driver_h
-#define wolfssl_test_driver_h
+#ifndef WOLFSSL_TEST_DRIVER_H
+#define WOLFSSL_TEST_DRIVER_H

 void wolfssl_test(void);

-#endif /* wolfssl_test_driver_h */
+#endif /* WOLFSSL_TEST_DRIVER_H */
--- a/README.md
+++ b/README.md
@@ -1,4 +1,3 @@
-22-Nov-2024 - This is the SRTP-KDF BASE (WCv6.0.0-RC1)
 # wolfSSL Embedded SSL/TLS Library

 The [wolfSSL embedded SSL library](https://www.wolfssl.com/products/wolfssl/)
--- a/certs/intermediate/ca_false_intermediate/gentestcert.sh
+++ b/certs/intermediate/ca_false_intermediate/gentestcert.sh
@@ -0,0 +1,161 @@
+#!/bin/bash
+
+# Script for generating RSA CA and server certs based on it.
+#
+SERVER_PEM='test_sign_bynoca_srv.pem'
+INTCA_PEM='test_int_not_cacert.pem'
+CA_PEM='test_ca.pem'
+
+CURRENT=$(cd $(dirname $0);pwd)
+# OpenSSL configuration files
+OPENSSL_BASE_CA_CONF='wolfssl_base.conf'
+OPENSSL_CA_CONF='wolfssl_ca.conf'
+OPENSSL_INTCA_CONF='wolfssl_int_ca.conf'
+OPENSSL_SRV_CONF='wolfssl_srv.conf'
+# SEt ver
+CA_NAME="test_ca"
+INTCA_NAME="int_ca"
+SRVCERT_NAME="server_ext"
+CRT_HOSTNAME="WOLFSSL"
+CRT_DN="${CRT_HOSTNAME%% *}"
+CRT_ALT_NAME="$(echo $CRT_HOSTNAME | sed -e "s/^/DNS:/" -e "s/ /,DNS:/g")"
+
+CA_HOME=$(cd $(dirname $0);pwd)/pki/$CA_NAME
+INT_CA_HOME="$CA_HOME/gen_int/$CRT_DN"
+SRV_CRT_HOME="$CA_HOME/gen_srv/$CRT_DN"
+
+Prepare_folder_file(){
+    mkdir -m 700 pki
+
+    # Create folders for CA
+    mkdir "$CA_HOME"/{,certs,db,gen_srv,gen_int}
+    mkdir -m 700 "$CA_HOME/private"
+    # Create folders for Intermediate CA
+    mkdir "$INT_CA_HOME"
+    mkdir "$INT_CA_HOME"/{,certs,db}
+    mkdir -m 700 "$INT_CA_HOME/private"
+    # Create folders for Server
+    mkdir "$SRV_CRT_HOME"
+    mkdir -m 700 "$SRV_CRT_HOME/private"
+
+    # Create and populate openssl CA files
+    touch "$CA_HOME"/db/index
+    openssl rand -hex 16 > "$CA_HOME"/db/serial
+
+    touch "$INT_CA_HOME"/db/index
+    openssl rand -hex 16 > "$INT_CA_HOME"/db/serial
+
+    # Copy openssl config and private key
+    cp "$OPENSSL_CA_CONF" "$CA_HOME"
+    cp ./"$CA_NAME".key ./pki/$CA_NAME/private/"$CA_NAME".key
+
+    cp "$OPENSSL_INTCA_CONF" "$INT_CA_HOME"
+    cp ./"$INTCA_NAME".key "$INT_CA_HOME"/private/"$INTCA_NAME".key
+
+    cp "$OPENSSL_SRV_CONF" "$SRV_CRT_HOME"
+    cp ./server.key "$SRV_CRT_HOME"/private/server.key
+}
+
+Generate_conf(){
+    # copy conf from base
+    cp $OPENSSL_BASE_CA_CONF $OPENSSL_CA_CONF
+    cp $OPENSSL_BASE_CA_CONF $OPENSSL_INTCA_CONF
+    # Replace contents
+    # For CA
+    sed -i "s/_CA_NAME_/$CA_NAME/" "$OPENSSL_CA_CONF"
+    sed -i "s/_CERT_NAME_/$INTCA_NAME/" "$OPENSSL_CA_CONF"
+    sed -i "s/_CA_DEPART_/Development/" "$OPENSSL_CA_CONF"
+    # For Intermediate CA
+    sed -i "s/_CA_NAME_/$INTCA_NAME/" "$OPENSSL_INTCA_CONF"
+    sed -i "s/_CERT_NAME_/$SRVCERT_NAME/" "$OPENSSL_INTCA_CONF"
+    sed -i "s/_CA_DEPART_/Product_Support/" "$OPENSSL_INTCA_CONF"
+}
+
+cleanup_files(){
+    rm -f wolfssl_ca.conf
+    rm -f wolfssl_int_ca.conf
+    rm -rf pki/
+}
+
+# clean up
+if [ "$1" = "clean" ]; then
+    echo "Cleaning temp files"
+    cleanup_files
+    exit 0
+fi
+if [ "$1" = "cleanall" ]; then
+    echo "Cleaning all files"
+    rm -f ./"$SERVER_PEM"
+    rm -f ./"$INTCA_PEM"
+    rm -f ./"$CA_PEM"
+    cleanup_files
+    exit 0
+fi
+# Generate OpenSSL Conf files
+Generate_conf
+# Prepare folders and files
+Prepare_folder_file
+##########################################
+## Create CA, Intermediate and Server Cert
+##########################################
+# Generate CA
+cd "$CA_HOME"
+
+# Generate CA private key and csr - use config file info
+openssl req -new -config "$OPENSSL_CA_CONF" \
+                            -out "$CA_NAME.csr" -key "private/$CA_NAME.key"
+
+# Self-sign CA certificate - use config file info
+# Note: Use extension from config "ca_ext" section
+openssl ca -selfsign -config "$OPENSSL_CA_CONF" \
+        -notext -in "$CA_NAME.csr" -out "$CA_NAME.crt" -extensions ca_ext -batch
+
+# Generate Intermediate CA
+# cd into Cert generation folder
+cd "$INT_CA_HOME"
+
+# Create private key and csr
+openssl req -new -config "$OPENSSL_INTCA_CONF" \
+            -out "$INTCA_NAME.csr" -key "private/$INTCA_NAME.key"
+
+cd "$CA_HOME"
+# Sign certificate with CA
+openssl ca -config "$OPENSSL_CA_CONF" -notext \
+    -in "$INT_CA_HOME/$INTCA_NAME.csr" -out "$INT_CA_HOME/$INTCA_NAME.crt" \
+    -extensions "$INTCA_NAME" -batch
+
+# cd into Cert generation folder
+cd "$SRV_CRT_HOME"
+# Create private key and csr
+openssl req -new -config "$OPENSSL_SRV_CONF" \
+                                    -out server.csr -key private/server.key
+
+# cd into intermediate CA home
+cd "$CA_HOME/gen_int/WOLFSSL/"
+
+# Sign certificate with CA
+openssl ca -config "$OPENSSL_INTCA_CONF" -notext \
+    -in "$SRV_CRT_HOME/server.csr" -out "$SRV_CRT_HOME/server.crt" \
+    -extensions server_ext -batch
+
+
+# cp generate certificates
+cd $CURRENT
+# CA
+openssl x509 -in ./pki/$CA_NAME/$CA_NAME.crt -inform PEM -noout -text > ./pki/$CA_NAME/$CA_NAME.pem
+cat ./pki/$CA_NAME/$CA_NAME.crt >> ./pki/$CA_NAME/$CA_NAME.pem
+mv ./pki/$CA_NAME/$CA_NAME.pem $CA_PEM
+
+# Intermediate CA
+openssl x509 -in $INT_CA_HOME/$INTCA_NAME.crt -inform PEM -noout -text > $INT_CA_HOME/$INTCA_NAME.pem
+cat $INT_CA_HOME/$INTCA_NAME.crt >> $INT_CA_HOME/$INTCA_NAME.pem
+mv $INT_CA_HOME/$INTCA_NAME.pem $INTCA_PEM
+# Server
+openssl x509 -in $SRV_CRT_HOME/server.crt -inform PEM -noout -text > $SRV_CRT_HOME/server.pem
+cat $SRV_CRT_HOME/server.crt >> $SRV_CRT_HOME/server.pem
+mv $SRV_CRT_HOME/server.pem $SERVER_PEM
+
+# clean up
+cleanup_files
+
+echo "Completed"
--- a/certs/intermediate/ca_false_intermediate/int_ca.key
+++ b/certs/intermediate/ca_false_intermediate/int_ca.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC4VOnmv/SyU9w8
+kloGnogOLqerpp0HNI8/fOU3+CYr4M0mETKuBvI7PkXBV0VLNpupt5MmAgi/H1QX
+bejxNiBsQOLo278NgFYPoNm1OdazQ5PeX8+lNFJ7OEq8TBHSriwfJuJRyNaU5Mr+
+qxcTDZx4+Mvr8cZbmVoSK8s5S6DT7CJmYjSdV52aB8ZFOj3psoLnEsavPKi5Wk+O
+BRvQnWNy0yxjZ9k+Md39gZiEbezfQyy3UzHi7aUc6MrfUDOpmAwmuaE6I/caztFP
+HpgZqT7sva20RPvOKtBhuVyxd27h9dzHr+ZD7rc8FohFRg5tVtccDq41/oRvy9CN
+1uM99eyHAgMBAAECggEADBW/wq8caIHy/c2iiq3jbE/xZ4w5iKVmLDAQtHCtH/yn
+C93eHWa7Lth6/kgDH6vph2D6YWg0u+2z4lgEXlFsIsIbnk9PNqAOrwuepQZbuyOt
+Esvj8zLQ+DR37IxthrXV6Aeb7ZIQmhu960sQQjbcPATOacj6IOXsRSYLNtXB1OLu
+Xo4UbjLX3uOrAg5uMsi/Z/2s9jy3eDBf8FWmM6fBDsejRl18MzY2Y7bYS1yL3762
+4ydB4yHJEEkiFurtjgdX2pscF+ftivYrVqZDUWhM7htFLJz6bS4sRpgjfQegYs4f
+RLTuef/+ozFVhpH/HuPrV2jH67T90Z5lHgZ6Nm5qwQKBgQDybcwCKcFFWKac84ln
+JDJuqPHyyRgH09cia6C7Y/t1/caSJvJP6KR4c7TuEvIYpc6hSsO1Pd1k6ajFkDdN
+IWYfOF3R6K3vR956LPWPdxkYWdONjmwBvVaKozWmxR01RHeGXk+VxFb7PBudAvEu
+cGOzDEaTuE5RC1RxNHjZYxZ98QKBgQDCpoljVMR+/7+pwKoIEmw1FmH+DEEgL+so
+U1pBcaPU1poBRYKH+1yah7M+eFhTEzV4XbJCjMYeynSCWMSqGXrHwWq0AmA3jhSM
+OyDuwboTXVHCkqIuAs/Q/8A9dcyTejsgLuU6mLU1eXzNeWm0/0VjfvPgOziM7SHt
+14tip/P59wKBgQDTY74yXKp0h3qw/QLg9wUqzRI8O/FCUgwTrXm4LNSF7EWMB33f
+A+L2TR6FQevsZhgpOIIytcEpTz2lF73A+dCMhJ/6e0O/lBGAw1dUQ+uT+i+oDXpM
+ggbGWM5dnx965Tq75dzLoSqfY6hIXtpjPgkRhTC9ekaAELsPA0wlcmuYYQKBgDVT
+Llw6AsLQCY/Vqj8f3OkGQr44WTcaKZAYladMHJfYWsRyaHocUJg9CMvaaEgKASIC
+eS1mJ3iT+isjam03Ib3LrRG3fOh7UgHAyRrfk7xuWlG1nhyAxLH6/o1X0j2sxLni
+XwYYg7wslhYsZtsg+79wLhuF3c4twJfJ7vOOE3atAoGBAKiH+9h5SdQ2L4gjM+dl
+0dr1fTZpJta+l0FIEiOdQcbGp7ia9G9WglV5HkzyhETG+wTNNuG8GD/jTlg23AVE
+vVf2vPq7La3juAT7oOoEkm13vQ//2VUJum4g34dP4V9FpWP5FLiAAu9H8op5P9Hp
+LqbpMcrAkbexh41ZEZlmzSx5
+-----END PRIVATE KEY-----
--- a/certs/intermediate/ca_false_intermediate/server.key
+++ b/certs/intermediate/ca_false_intermediate/server.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC6IGIrgaxYzvMi
+XZ9GkLfppLP84bdp07YUh8u7MR67YPI/jGoNY1WiyANKjdajY937KO8xlXDMKJUf
+8JyJ9PZWHgCBUxt4G/mf4xBljMZANiHNV1WyFHGaVznu2pgbr4ngwyv5oZM/TWVB
+K2YdZpyVld8Z3I14RvQV62Rclxbs4uzK6+IDuEGBxfTKpOSr3u0a2qONAjmNACxd
+fu+RsdeWumXBQ//UajX6F1DNdj4dvqRp9u5Hw3pJmoBv5puD4OhYcfvNbcG0FtI3
+ZKa8sPT++/Rypjx5MnrAtTAhsTXf2UV/xPbFHJhtU9b/NsE4GLd2ExDIRWpSc2V+
+ublm1DwnAgMBAAECggEAA92CTGb//kQl9nO9SAjfWOHLvxes6Gy2Hk0HpRaLDdcg
+kMNIvIhwkdXXg6fYakI7rOiXtw7kbcj199jWV2MX7ofm+MiSDHeAQprDj2hSAale
+IFaM+ArGpS7kjBpMCF8n3NwQwLljRnBEBwtwrnGgFNcs7+uNoI7QqNffmLCmkDrJ
+BCK3kXXbjENOuzlddgxsb1mipsXot3uwDaByB8Tl2OtI7ezZvhCraeYZMyRXuq2o
+JDPk3FZ9O/mPgULZrqnlvxyJmog2ajgyED4M0mqM29L4YB3MOOz8Wgeksp20VEQJ
+lHJtpHK+zcodnT3rXGMj2A1Qu4HHoYEdKvAb8XzuUQKBgQD/nP7ZFOCJGR+q/Wu1
+CSLYwO9YM8sn7gMy3R1C1Ps7UKvjVWDv9cjsgId7XnYSQQ/52kV8HbIMqr9EOlwS
+pHkHmAbqDNhLY++hhqf9nPHo6e0AiMY4uF/JcfYb8A4PE8/x8Iv5HVjH9WYJFwcL
+UNDgm0ULrSbRR7ULtaSpZjyXfwKBgQC6aHlpNIvqa3+KmFmZFI4Xx5EB6fHBy02R
+PJKk/B2SVsW+kq0kAwsYdnS6rbkYS8ZmfyJKzvacXpDYvUfFV93s+ewoT5J2a4Ab
+WmELmWABqqCwvyT7h2oO+hqLljGNIJxygR0iu9F/fHVYp8G/oHZBeDZEJt+PNR0G
+cuG7/6zvWQKBgF/dforl1Iw2evUDFFkSMxp9yYYX7rJsBpEV8np1LEADsmORSsjU
+MmXYkndHZxrTge1f2j2BWZx8kT1CcfOf8bBSaQ1wgdJMibvXp7trGCMVUIipw0XU
+iEAh2H6D2pH3CT8gyy5Dvl9H/tub4k1xItWKBiwp5WwJ67GXj0jlCgZ7AoGARYmz
+wQtZJpnzekBbLD/+weAwuAYNqb2tsgBmtCVY4r58Bhuxez2nZfjKktk7s1SRLqs+
+n6mVVb/xSOlTXMrqfvy8nE0S1hpEL/AHQ8xzhCuixkyH/00Ew5GJVYkx8vO3aP/B
+XrOx81z6aZgrLtEtTD8L/2CBBWtK6JzymK9IVAECgYAfoFaqRVl0JJlQJttfQtc+
+cYyVzZEBzckIH3BriHuNwDpnPOq6iSx5JUp6mh03G3/3mHx4G45tD6GvsK53WIAH
+TCrHQv6vRjrA2oay/AlO2x/ElBOkdOVo8x20YGAAhIRAh65rwFrdTREnfUwChwSV
+QVeI7CdToIyIiZGhYmmO/g==
+-----END PRIVATE KEY-----
--- a/certs/intermediate/ca_false_intermediate/test_ca.key
+++ b/certs/intermediate/ca_false_intermediate/test_ca.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC8QEMO8Y4eCzs2
+9n6qVnfSp9tVSxQQUtgkAVgmIJX+5g3MZef9vR2ZOSeXVXibOluq2SBjRlzrorJQ
+AXY8r07l1+PNFpf4UQr70yaI1xO8VAlC/zmFqmE5zI8OjqbH4Ck8r6yaM+ZPNM20
+VClvkoIAzlGnVe6vziHpNuGnDXXfMtYOFeNmeCFBe87VnOjFCZR+hHtZKmRrkUtL
+9w30UJKP9QMNcyBMTnugjcpflM82HObhuxRBkBZoAkFTksbEbNOtVgUiSq6aKt78
+6tiZolplL/5DrivplHCuNdyPE3Jhv7r8SLeh7VysXJxLxU1J2oZldzS7uq5uTPl9
+9sKCkJzhAgMBAAECggEABxk4Ph3DMWRUhwnL9HHewlGEjoaOeuAY2OC5GXT0mwBD
+SHAWS6XgMhkq4kS9j8LnVn2qADxUwCjqJuSrN/YXWEjoBOGDeQBbVOwdIZ9Ule8o
+Sz+zBFSMpoCNa2vbI6HTBEAOluD6oAV6dUCQMG4am1usTg5KOhRgiHoCj8lM5s3j
+/f0KWkJReql92o//bLDXDjeGGDtIzaWfIKpsW7gwPe6nHsR7n854sbkdRT9b6BMa
+EZPg17XD8Dg1ZkvUemShrvgPrGFPMH/JFcvpX1s4/l2kM88xQEL+s45E4IyTT2gh
+FlDFC3QXrFI7M7emid3rwXIVEkEIO4Aw4xW34OAVnQKBgQD5cJE/WojeHI3Pyo3L
+sMDaWabzWWAAsev5EpDo41BalPDpBig29qO31afkIwIgCQyLNMXn9VqxoxILOg5d
+uopBaPWHihmME5qgLp6F6nDeOYril1b1LU1/7G2Ehu9lGYLJd6hdQ6tC/iKMfrIz
+fnsHEH/FC4woWmXdFMozujyZNQKBgQDBM7jeBtdIOOZhcwc98y9mQUr+ttlUODC6
+BNI2xAcV6ZJg/y0JXby84jM0fP5MuCkGHdNvufpvT68Dn9NRhrOBz8JyhCy5m4Rz
+/dIr3JUT5Y0r4+2l5MgfZMlcYCWESNcJPwchSstzAthLhtrgP2ZFGfzzZUZGAMxR
+f6sZK7pWfQKBgQCYpp4NAm/eVeUndBNAw4PSXKlCJcENy9TYkdci3vHu7VVdlgoI
+UPoyZ8ueXxpO1prZmks/QDTnnx9MxZPDIoS3sO8JqqclxV2Mh9s1oxq9tMNdFjb+
+RmI2Vk9TmmxpF6qldtgPc3kcv4APMP4Ha3EJCrzWrtFwZJoQKUfxThkFvQKBgQCI
+Scs0XJELMpBZ2AIY0m7ybEbSDfyba5P79SCxX3E8JOuMnxWPEN/uQocqlK3zQso1
+tV6M5x3h3c0w+lLgpOwGO6AIlnLScAFsrXXQWSeUxI7kkkH3j78YXkmpb22ntpZy
+wFJwSsngFPatuLC4FiE3x9Bnhl6fTTrUlwIEnJMzJQKBgFc5ej1NXuPWDlLKjC7w
+0N4YPs5BJRuhoUxyajYC3FxiWvr5bTz7zqc5DAPcH0nGAH/UVWZzWXMUw+Je3dej
+chkmVUuKjfTZTZHOBAqJDCNRfZcfzWnzAcXkcmsAHr53UKYnH8XGuHsPVHujQVu/
+0Hx7AKuJK48fZeo8LTZufg1l
+-----END PRIVATE KEY-----
--- a/certs/intermediate/ca_false_intermediate/test_ca.pem
+++ b/certs/intermediate/ca_false_intermediate/test_ca.pem
@@ -0,0 +1,80 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number:
+            3b:1d:6e:96:2e:32:85:de:99:5a:63:dd:49:1c:eb:cc
+        Signature Algorithm: sha256WithRSAEncryption
+        Issuer: C = US, ST = Wahington, O = Seattle, OU = Development, CN = www.wolfssl.com
+        Validity
+            Not Before: Oct 10 03:44:23 2024 GMT
+            Not After : Oct  8 03:44:23 2034 GMT
+        Subject: C = US, ST = Wahington, O = Seattle, OU = Development, CN = www.wolfssl.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (2048 bit)
+                Modulus:
+                    00:bc:40:43:0e:f1:8e:1e:0b:3b:36:f6:7e:aa:56:
+                    77:d2:a7:db:55:4b:14:10:52:d8:24:01:58:26:20:
+                    95:fe:e6:0d:cc:65:e7:fd:bd:1d:99:39:27:97:55:
+                    78:9b:3a:5b:aa:d9:20:63:46:5c:eb:a2:b2:50:01:
+                    76:3c:af:4e:e5:d7:e3:cd:16:97:f8:51:0a:fb:d3:
+                    26:88:d7:13:bc:54:09:42:ff:39:85:aa:61:39:cc:
+                    8f:0e:8e:a6:c7:e0:29:3c:af:ac:9a:33:e6:4f:34:
+                    cd:b4:54:29:6f:92:82:00:ce:51:a7:55:ee:af:ce:
+                    21:e9:36:e1:a7:0d:75:df:32:d6:0e:15:e3:66:78:
+                    21:41:7b:ce:d5:9c:e8:c5:09:94:7e:84:7b:59:2a:
+                    64:6b:91:4b:4b:f7:0d:f4:50:92:8f:f5:03:0d:73:
+                    20:4c:4e:7b:a0:8d:ca:5f:94:cf:36:1c:e6:e1:bb:
+                    14:41:90:16:68:02:41:53:92:c6:c4:6c:d3:ad:56:
+                    05:22:4a:ae:9a:2a:de:fc:ea:d8:99:a2:5a:65:2f:
+                    fe:43:ae:2b:e9:94:70:ae:35:dc:8f:13:72:61:bf:
+                    ba:fc:48:b7:a1:ed:5c:ac:5c:9c:4b:c5:4d:49:da:
+                    86:65:77:34:bb:ba:ae:6e:4c:f9:7d:f6:c2:82:90:
+                    9c:e1
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Key Usage: critical
+                Digital Signature, Certificate Sign, CRL Sign
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+            X509v3 Subject Key Identifier: 
+                49:CB:00:BF:AC:AD:4B:18:2C:DB:69:21:1E:60:EF:00:4E:FC:69:52
+    Signature Algorithm: sha256WithRSAEncryption
+    Signature Value:
+        24:1c:cf:b6:3e:20:6e:99:e8:36:b3:7e:2d:67:0d:cb:b5:1c:
+        69:ff:5a:bb:0b:2f:52:fd:d6:3e:73:5c:a2:47:8e:8d:1d:fc:
+        96:e7:e0:ca:e6:b6:3d:af:fa:f1:77:77:e6:2e:67:e6:44:d7:
+        84:36:ce:dc:cb:3e:3d:bf:bc:8b:48:53:30:fa:bf:43:81:5b:
+        e0:a3:a7:db:44:c2:29:cd:4c:8a:68:e8:b9:3e:5d:eb:e4:06:
+        17:6d:de:cf:76:e9:5a:6a:16:27:f8:6f:96:43:8a:4f:65:be:
+        3a:f2:7e:fd:ad:55:93:ad:ac:00:b4:b5:f3:85:b0:d7:83:6d:
+        ab:d0:8f:1a:23:36:e1:1f:c4:9d:54:e8:ee:20:cd:b9:da:56:
+        a7:92:5a:a5:bd:36:c5:a2:ea:ac:06:24:98:e5:32:0a:e0:00:
+        64:63:9c:7d:01:18:66:5a:7a:b1:d5:b4:24:9b:5e:8a:6b:a0:
+        25:eb:39:52:cd:12:61:d0:62:6c:19:e7:f5:ae:32:a3:aa:d5:
+        2f:05:fe:6f:cb:47:20:a0:32:1d:cb:88:96:59:ed:8e:69:dd:
+        cf:f0:6f:83:85:ff:0a:59:ef:80:94:16:99:a6:35:ee:a7:b8:
+        d4:e9:3c:4f:56:5b:77:0e:b5:bd:61:21:b9:93:ad:be:2c:55:
+        9b:bf:01:19
+-----BEGIN CERTIFICATE-----
+MIIDkjCCAnqgAwIBAgIQOx1uli4yhd6ZWmPdSRzrzDANBgkqhkiG9w0BAQsFADBj
+MQswCQYDVQQGEwJVUzESMBAGA1UECAwJV2FoaW5ndG9uMRAwDgYDVQQKDAdTZWF0
+dGxlMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UEAwwPd3d3LndvbGZzc2wu
+Y29tMB4XDTI0MTAxMDAzNDQyM1oXDTM0MTAwODAzNDQyM1owYzELMAkGA1UEBhMC
+VVMxEjAQBgNVBAgMCVdhaGluZ3RvbjEQMA4GA1UECgwHU2VhdHRsZTEUMBIGA1UE
+CwwLRGV2ZWxvcG1lbnQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBALxAQw7xjh4LOzb2fqpWd9Kn21VLFBBS
+2CQBWCYglf7mDcxl5/29HZk5J5dVeJs6W6rZIGNGXOuislABdjyvTuXX480Wl/hR
+CvvTJojXE7xUCUL/OYWqYTnMjw6OpsfgKTyvrJoz5k80zbRUKW+SggDOUadV7q/O
+Iek24acNdd8y1g4V42Z4IUF7ztWc6MUJlH6Ee1kqZGuRS0v3DfRQko/1Aw1zIExO
+e6CNyl+UzzYc5uG7FEGQFmgCQVOSxsRs061WBSJKrpoq3vzq2JmiWmUv/kOuK+mU
+cK413I8TcmG/uvxIt6HtXKxcnEvFTUnahmV3NLu6rm5M+X32woKQnOECAwEAAaNC
+MEAwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFEnL
+AL+srUsYLNtpIR5g7wBO/GlSMA0GCSqGSIb3DQEBCwUAA4IBAQAkHM+2PiBumeg2
+s34tZw3LtRxp/1q7Cy9S/dY+c1yiR46NHfyW5+DK5rY9r/rxd3fmLmfmRNeENs7c
+yz49v7yLSFMw+r9DgVvgo6fbRMIpzUyKaOi5Pl3r5AYXbd7PdulaahYn+G+WQ4pP
+Zb468n79rVWTrawAtLXzhbDXg22r0I8aIzbhH8SdVOjuIM252lanklqlvTbFouqs
+BiSY5TIK4ABkY5x9ARhmWnqx1bQkm16Ka6Al6zlSzRJh0GJsGef1rjKjqtUvBf5v
+y0cgoDIdy4iWWe2Oad3P8G+Dhf8KWe+AlBaZpjXup7jU6TxPVlt3DrW9YSG5k62+
+LFWbvwEZ
+-----END CERTIFICATE-----
--- a/Show More
+++ b/Show More