Merge pull request #1090 from JacobBarthelmeh/Release

update readme for known issue

.cproject

@@ -66,7 +66,7 @@
 						</toolChain>
 					</folderInfo>
 					<sourceEntries>
-						<entry excluding="wolfcrypt/src/misc.c|IDE/LPCXPRESSO/wolf_example|tirtos|testsuite|tests|swig|support|sslSniffer|scripts|rpm|mqx|mplabx|mcapi|m4|IDE/WORKBENCH|IDE/WIN|IDE/ROWLEY-CROSSWORKS-ARM|IDE/MYSQL|IDE/MDK-ARM|IDE/MDK5-ARM|IDE/LPCXPRESSO/wolf_demo|IDE/LPCXPRESSO/lpc_chip_18xx|IDE/LPCXPRESSO/lpc_board_nxp_lpcxpresso_1837|IDE/iOS|IDE/IAR-EWARM|examples|Debug|certs|build-aux|Backup|autom4te.cache|wolfcrypt/src/aes_asm.s|wolfcrypt/src/aes_asm.asm|wolfcrypt/user-crypto" flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name=""/>
+						<entry excluding="src/bio.c|wolfcrypt/src/evp.c|wolfcrypt/src/misc.c|IDE/LPCXPRESSO/wolf_example|tirtos|testsuite|tests|swig|support|sslSniffer|scripts|rpm|mqx|mplabx|mcapi|m4|IDE/WORKBENCH|IDE/WIN|IDE/ROWLEY-CROSSWORKS-ARM|IDE/MYSQL|IDE/MDK-ARM|IDE/MDK5-ARM|IDE/LPCXPRESSO/wolf_demo|IDE/LPCXPRESSO/lpc_chip_18xx|IDE/LPCXPRESSO/lpc_board_nxp_lpcxpresso_1837|IDE/iOS|IDE/IAR-EWARM|examples|Debug|certs|build-aux|Backup|autom4te.cache|wolfcrypt/src/aes_asm.s|wolfcrypt/src/aes_asm.asm|wolfcrypt/user-crypto" flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name=""/>
 					</sourceEntries>
 				</configuration>
 			</storageModule>

.gitignore

@@ -9,7 +9,8 @@ ctaocrypt/src/src/
 *.cache
 .dirstamp
 *.user
-config*
+configure
+config.*
 *Debug/
 *Release/
 *.ncb
@@ -44,6 +45,12 @@ src/async.c
 wolfssl/async.h
 wolfcrypt/src/async.c
 wolfssl/wolfcrypt/async.h
+wolfcrypt/src/port/intel/quickassist.c
+wolfcrypt/src/port/intel/quickassist_mem.c
+wolfcrypt/src/port/cavium/cavium_nitrox.c
+wolfssl/wolfcrypt/port/intel/quickassist.h
+wolfssl/wolfcrypt/port/intel/quickassist_mem.h
+wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h
 ctaocrypt/benchmark/benchmark
 ctaocrypt/test/testctaocrypt
 wolfcrypt/benchmark/benchmark
@@ -85,7 +92,18 @@ ecc-key.pem
 certreq.der
 certreq.pem
 pkcs7cert.der
-pkcs7signedData.der
+pkcs7signedData_RSA_SHA.der
+pkcs7signedData_RSA_SHA_noattr.der
+pkcs7signedData_RSA_SHA224.der
+pkcs7signedData_RSA_SHA256.der
+pkcs7signedData_RSA_SHA384.der
+pkcs7signedData_RSA_SHA512.der
+pkcs7signedData_ECDSA_SHA.der
+pkcs7signedData_ECDSA_SHA_noattr.der
+pkcs7signedData_ECDSA_SHA224.der
+pkcs7signedData_ECDSA_SHA256.der
+pkcs7signedData_ECDSA_SHA384.der
+pkcs7signedData_ECDSA_SHA512.der
 pkcs7envelopedDataDES3.der
 pkcs7envelopedDataAES128CBC.der
 pkcs7envelopedDataAES192CBC.der
@@ -110,6 +128,7 @@ autoscan.log
 TAGS
 .DS_Store
 support/cyassl.pc
+support/wolfssl.pc
 cyassl/ctaocrypt/stamp-h1
 swig/_cyassl.so
 swig/_wolfssl.so
@@ -150,6 +169,12 @@ mplabx/wolfcrypt_test.X/nbproject/Makefile-*
 mplabx/wolfcrypt_test.X/nbproject/Package-default.bash
 mplabx/wolfssl.X/nbproject/Makefile-*
 mplabx/wolfssl.X/nbproject/Package-default.bash
+mplabx/wolfssl.X/nbproject/private
+mplabx/wolfcrypt_test.X/nbproject/private
+mplabx/wolfcrypt_benchmark.X/nbproject/private
+mplabx/wolfssl.X/dist/default/
+mplabx/wolfcrypt_test.X/dist/default/
+mplabx/wolfcrypt_benchmark.X/dist/default/
 *.dSYM
 
 # Vagrant folder
@@ -190,3 +215,16 @@ wrapper/CSharp/x64/
 
 # Visual Studio Code Workspace Files
 *.vscode
+
+IDE/INTIME-RTOS/Debug_*
+
+# Hexiwear
+IDE/HEXIWEAR/wolfSSL_HW/Debug
+
+# Linux-SGX
+IDE/LINUX-SGX/*.a
+
+# Binaries
+wolfcrypt/src/port/intel/qat_test
+/mplabx/wolfssl.X/dist/default/
+/mplabx/wolfcrypt_test.X/dist/default/

IDE/ARDUINO/wolfssl-arduino.sh

@@ -13,3 +13,14 @@ if [ "$DIR" = "ARDUINO" ]; then
 else
     echo "ERROR: You must be in the IDE/ARDUINO directory to run this script"
 fi
+
+#UPDATED: 19 Apr 2017 to remove bio.c and evp.c from the root directory since
+#         they are included inline and should not be compiled directly
+
+ARDUINO_DIR=${PWD}
+cd ../../
+rm bio.c
+rm evp.c
+cd $ARDUINO_DIR
+# end script in the origin directory for any future functionality that may be added.
+#End UPDATE: 19 Apr 2017

IDE/HEXIWEAR/wolfSSL_HW/.cproject

@@ -0,0 +1,143 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<?fileVersion 4.0.0?><cproject storage_type_id="org.eclipse.cdt.core.XmlProjectDescriptionStorage">
+	<storageModule moduleId="org.eclipse.cdt.core.settings">
+		<cconfiguration id="ilg.gnuarmeclipse.managedbuild.cross.config.elf.debug.170735395">
+			<storageModule buildSystemId="org.eclipse.cdt.managedbuilder.core.configurationDataProvider" id="ilg.gnuarmeclipse.managedbuild.cross.config.elf.debug.170735395" moduleId="org.eclipse.cdt.core.settings" name="Debug">
+				<macros>
+					<stringMacro name="PROJECT_KSDK_PATH" type="VALUE_TEXT" value="~/Work/KSDK_1.3.0"/>
+				</macros>
+				<externalSettings>
+					<externalSetting>
+						<entry flags="VALUE_WORKSPACE_PATH" kind="includePath" name="/wolfSSL_HW"/>
+						<entry flags="VALUE_WORKSPACE_PATH" kind="libraryPath" name="/wolfSSL_HW/Debug"/>
+						<entry flags="RESOLVED" kind="libraryFile" name="wolfssl_hw" srcPrefixMapping="" srcRootPath=""/>
+					</externalSetting>
+				</externalSettings>
+				<extensions>
+					<extension id="org.eclipse.cdt.managedbuilder.core.ManagedBuildManager" point="org.eclipse.cdt.core.ScannerInfoProvider"/>
+					<extension id="org.eclipse.cdt.core.ELF" point="org.eclipse.cdt.core.BinaryParser"/>
+					<extension id="org.eclipse.cdt.core.GmakeErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.CWDLocator" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GCCErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GASErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GLDErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+				</extensions>
+			</storageModule>
+			<storageModule moduleId="cdtBuildSystem" version="4.0.0">
+				<configuration artifactExtension="a" artifactName="wolfssl_hw" buildArtefactType="org.eclipse.cdt.build.core.buildArtefactType.staticLib" buildProperties="org.eclipse.cdt.build.core.buildType=org.eclipse.cdt.build.core.buildType.debug,org.eclipse.cdt.build.core.buildArtefactType=org.eclipse.cdt.build.core.buildArtefactType.staticLib" cleanCommand="${cross_rm} -rf" description="" id="ilg.gnuarmeclipse.managedbuild.cross.config.elf.debug.170735395" name="Debug" parent="ilg.gnuarmeclipse.managedbuild.cross.config.elf.debug">
+					<folderInfo id="ilg.gnuarmeclipse.managedbuild.cross.config.elf.debug.170735395." name="/" resourcePath="">
+						<toolChain id="ilg.gnuarmeclipse.managedbuild.cross.toolchain.elf.debug.955851768" name="Cross ARM GCC" superClass="ilg.gnuarmeclipse.managedbuild.cross.toolchain.elf.debug">
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.1637878147" name="Optimization Level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level" value="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.none" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength.596937133" name="Message length (-fmessage-length=0)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar.412948756" name="'char' is signed (-fsigned-char)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections.1412387181" name="Function sections (-ffunction-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections.1877241998" name="Data sections (-fdata-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.2038051180" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level" value="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.max" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1062002269" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.1592667634" name="ARM family" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-m4" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.1112951710" name="Float ABI" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.hard" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.1079530716" name="FPU Type" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.fpv4spd16" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.192917244" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name" value="GNU Tools for ARM Embedded Processors" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.2108482930" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix" value="arm-none-eabi-" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.500222702" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c" value="gcc" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.175873499" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp" value="g++" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.1700937041" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy" value="objcopy" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1874549763" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump" value="objdump" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.178137928" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size" value="size" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1274071175" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make" value="make" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.655658023" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm" value="rm" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.1937238341" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar" value="ar" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.1476617138" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1035232247" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.lto.8601271" name="Link-time optimizer (-flto)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.lto" value="false" valueType="boolean"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform.817253425" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+							<builder buildPath="${workspace_loc:/wolfSSL_HW}/Debug" id="ilg.gnuarmeclipse.managedbuild.cross.builder.2043375702" keepEnvironmentInBuildfile="false" name="Gnu Make Builder" superClass="ilg.gnuarmeclipse.managedbuild.cross.builder"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.1135882719" name="Cross ARM GNU Assembler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor.369489760" name="Use preprocessor" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor" value="true" valueType="boolean"/>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.1086496768" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.1696761989" name="Cross ARM GNU C Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std.9643995" name="Language standard" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std" useByScannerDiscovery="true" value="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std.c99" valueType="enumerated"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.include.paths.349147702" name="Include paths (-I)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.include.paths" useByScannerDiscovery="false" valueType="includePath">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}}/../../../&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${PROJECT_KSDK_PATH}/platform/devices&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${PROJECT_KSDK_PATH}/platform/CMSIS/Include&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${PROJECT_KSDK_PATH}/platform/devices/MK64F12/startup&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${PROJECT_KSDK_PATH}/platform/drivers/inc&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${PROJECT_KSDK_PATH}/platform/hal/inc&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${PROJECT_KSDK_PATH}/platform/osa/inc&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${PROJECT_KSDK_PATH}/platform/utilities/inc&quot;"/>
+								</option>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs.1294205548" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs" useByScannerDiscovery="true" valueType="definedSymbols">
+									<listOptionValue builtIn="false" value="&quot;CPU_MK64FN1M0VMD12&quot;"/>
+									<listOptionValue builtIn="false" value="WOLFSSL_USER_SETTINGS"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.817994152" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.234608726" name="Cross ARM GNU C++ Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.include.paths.1452713629" name="Include paths (-I)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.include.paths" useByScannerDiscovery="false"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.defs.497680378" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.defs" useByScannerDiscovery="true" valueType="definedSymbols">
+									<listOptionValue builtIn="false" value="&quot;CPU_MK64FN1M0VMD12&quot;"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.input.909966654" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.input"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.506002589" name="Cross ARM GNU C Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.gcsections.1489822225" name="Remove unused sections (-Xlinker --gc-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.gcsections" value="true" valueType="boolean"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.575756954" name="Cross ARM GNU C++ Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.gcsections.11344634" name="Remove unused sections (-Xlinker --gc-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.gcsections" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.paths.1878565771" name="Library search path (-L)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.paths" valueType="libPaths">
+									<listOptionValue builtIn="false" value="&quot;${ProjDirPath}/Project_Settings/Linker_Files&quot;"/>
+								</option>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.other.1517060693" name="Other linker flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.other" value="-specs=nosys.specs -specs=nano.specs -Xlinker -z -Xlinker muldefs" valueType="string"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.scriptfile.468376236" name="Script files (-T)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.scriptfile" valueType="stringList">
+									<listOptionValue builtIn="false" value="&quot;MK64FN1M0xxx12_flash.ld&quot;"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.input.955790366" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.input">
+									<additionalInput kind="additionalinputdependency" paths="$(USER_OBJS)"/>
+									<additionalInput kind="additionalinput" paths="$(LIBS)"/>
+								</inputType>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver.1962941231" name="Cross ARM GNU Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash.1365673947" name="Cross ARM GNU Create Flash Image" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting.790507756" name="Cross ARM GNU Create Listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.source.1929510617" name="Display source (--source|-S)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.source" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.allheaders.573901902" name="Display all headers (--all-headers|-x)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.allheaders" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.demangle.2051558160" name="Demangle names (--demangle|-C)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.demangle" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.linenumbers.851594065" name="Display line numbers (--line-numbers|-l)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.linenumbers" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.wide.1352373056" name="Wide lines (--wide|-w)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.wide" value="true" valueType="boolean"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize.934998862" name="Cross ARM GNU Print Size" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.printsize.format.1738611770" name="Size format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.printsize.format"/>
+							</tool>
+						</toolChain>
+					</folderInfo>
+					<sourceEntries>
+						<entry excluding="wolfcrypt/src/integer.c|wolfcrypt/src/misc.c|src/bio.c|wolfcrypt/src/evp.c|wolfcrypt/src/aes_asm.s|wolfcrypt/src/aes_asm.asm|SDK|wolfssl/wolfcrypt/port|wolfcrypt/src/port|wolfcrypt/user-crypto" flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name=""/>
+					</sourceEntries>
+				</configuration>
+			</storageModule>
+			<storageModule moduleId="org.eclipse.cdt.core.externalSettings"/>
+		</cconfiguration>
+	</storageModule>
+	<storageModule moduleId="org.eclipse.cdt.core.LanguageSettingsProviders"/>
+	<storageModule moduleId="cdtBuildSystem" version="4.0.0">
+		<project id="wolfSSL_HW.ilg.gnuarmeclipse.managedbuild.cross.target.elf.1053752509" name="Executable" projectType="ilg.gnuarmeclipse.managedbuild.cross.target.elf"/>
+	</storageModule>
+	<storageModule moduleId="scannerConfiguration">
+		<autodiscovery enabled="true" problemReportingEnabled="true" selectedProfileId=""/>
+		<scannerConfigBuildInfo instanceId="ilg.gnuarmeclipse.managedbuild.cross.config.elf.debug.170735395;ilg.gnuarmeclipse.managedbuild.cross.config.elf.debug.170735395.;ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.234608726;ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.input.909966654">
+			<autodiscovery enabled="true" problemReportingEnabled="true" selectedProfileId=""/>
+		</scannerConfigBuildInfo>
+		<scannerConfigBuildInfo instanceId="ilg.gnuarmeclipse.managedbuild.cross.config.elf.debug.170735395;ilg.gnuarmeclipse.managedbuild.cross.config.elf.debug.170735395.;ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.1696761989;ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.817994152">
+			<autodiscovery enabled="true" problemReportingEnabled="true" selectedProfileId=""/>
+		</scannerConfigBuildInfo>
+	</storageModule>
+	<storageModule moduleId="refreshScope" versionNumber="2">
+		<configuration configurationName="Debug">
+			<resource resourceType="PROJECT" workspacePath="/wolfSSL_HW"/>
+		</configuration>
+	</storageModule>
+	<storageModule moduleId="org.eclipse.cdt.internal.ui.text.commentOwnerProjectMappings"/>
+</cproject>

IDE/HEXIWEAR/wolfSSL_HW/.cwGeneratedFileSetLog

@@ -0,0 +1,19 @@
+Sources/main.c
+Project_Settings/Linker_Files/MK64FN1M0xxx12_flash.ld
+SDK/platform/CMSIS/Include/core_cmSimd.h
+SDK/platform/devices/MK64F12/include/MK64F12.h
+SDK/platform/CMSIS/Include/arm_common_tables.h
+SDK/platform/CMSIS/Include/arm_const_structs.h
+SDK/platform/devices/MK64F12/include/MK64F12_features.h
+SDK/platform/CMSIS/Include/core_cm4.h
+SDK/platform/CMSIS/Include/core_cmFunc.h
+SDK/platform/CMSIS/Include/core_cmInstr.h
+SDK/platform/devices/fsl_device_registers.h
+SDK/platform/devices/MK64F12/include/fsl_bitaccess.h
+SDK/platform/CMSIS/Include/arm_math.h
+SDK/platform/devices/MK64F12/include/MK64F12_extension.h
+Project_Settings/Startup_Code/startup.c
+Project_Settings/Startup_Code/system_MK64F12.c
+Project_Settings/Startup_Code/startup.h
+Project_Settings/Startup_Code/startup_MK64F12.S
+Project_Settings/Startup_Code/system_MK64F12.h

IDE/HEXIWEAR/wolfSSL_HW/.project

@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+	<name>wolfSSL_HW</name>
+	<comment></comment>
+	<projects>
+	</projects>
+	<buildSpec>
+		<buildCommand>
+			<name>org.eclipse.cdt.managedbuilder.core.genmakebuilder</name>
+			<triggers>clean,full,incremental,</triggers>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.cdt.managedbuilder.core.ScannerConfigBuilder</name>
+			<triggers>full,incremental,</triggers>
+			<arguments>
+			</arguments>
+		</buildCommand>
+	</buildSpec>
+	<natures>
+		<nature>org.eclipse.cdt.core.cnature</nature>
+		<nature>org.eclipse.cdt.core.ccnature</nature>
+		<nature>org.eclipse.cdt.managedbuilder.core.managedBuildNature</nature>
+		<nature>org.eclipse.cdt.managedbuilder.core.ScannerConfigNature</nature>
+	</natures>
+	<linkedResources>
+		<link>
+			<name>src</name>
+			<type>2</type>
+			<locationURI>$%7BPARENT-3-PROJECT_LOC%7D/src</locationURI>
+		</link>
+		<link>
+			<name>wolfcrypt</name>
+			<type>2</type>
+			<locationURI>$%7BPARENT-3-PROJECT_LOC%7D/wolfcrypt</locationURI>
+		</link>
+		<link>
+			<name>wolfssl</name>
+			<type>2</type>
+			<locationURI>$%7BPARENT-3-PROJECT_LOC%7D/wolfssl</locationURI>
+		</link>
+	</linkedResources>
+	<variableList>
+		<variable>
+			<name>PROJECT_KSDK_PATH</name>
+			<value>file:/.KSDK_1.3.0</value>
+		</variable>
+	</variableList>
+</projectDescription>

IDE/HEXIWEAR/wolfSSL_HW/.settings/com.freescale.processorexpert.derivative.prefs

@@ -0,0 +1,2 @@
+eclipse.preferences.version=1
+versionGenerated/versionGenerated=1.0.0.RT7_b1550-0615

IDE/HEXIWEAR/wolfSSL_HW/user_settings.h

@@ -0,0 +1,6 @@
+#define FREESCALE_KSDK_BM
+#define FREESCALE_KSDK_1_3
+#define FSL_HW_CRYPTO_MANUAL_SELECTION
+#define NO_MAIN_DRIVER
+#define USE_CERT_BUFFERS_1024
+#define ECC_USER_CURVES

IDE/INTIME-RTOS/README.md

@@ -0,0 +1,158 @@
+# tenAsys INtime RTOS Port
+
+## Overview
+
+This port is for the tenAsys INtime RTOS available [here](http://www.tenasys.com/intime).
+
+To enable use the define `INTIME_RTOS`.
+
+## Usage
+
+The wolfExamples.sln is a Visual Studio 2015 project. You must have the INtime SDK installed and an INtime RTOS agent running.
+
+The default configuration is set inside the `IDE/INTIME-RTOS/user_settings.h` file.
+
+The example application provides a simple menu interface to select difference application functions to test.
+
+```
+wolfExamples started
+wolfExamples finished initialization
+
+                                MENU
+
+        t. WolfCrypt Test
+        b. WolfCrypt Benchmark
+        c. WolfSSL Client Example
+        s. WolfSSL Server Example
+        l. WolfSSL Localhost Client/Server Example
+Please select one of the above options:
+```
+
+### `t`wolfCrypt Test
+
+Performs testing of all crypto algorithms.
+
+```
+Crypt Test
+error    test passed!
+base64   test passed!
+base64   test passed!
+MD5      test passed!
+SHA      test passed!
+SHA-256  test passed!
+SHA-384  test passed!
+SHA-512  test passed!
+Hash     test passed!
+HMAC-MD5 test passed!
+HMAC-SHA test passed!
+HMAC-SHA256 test passed!
+HMAC-SHA384 test passed!
+HMAC-SHA512 test passed!
+HMAC-KDF    test passed!
+X963-KDF    test passed!
+GMAC     test passed!
+Chacha   test passed!
+POLY1305 test passed!
+ChaCha20-Poly1305 AEAD test passed!
+DES      test passed!
+DES3     test passed!
+AES      test passed!
+AES-GCM  test passed!
+AES-CCM  test passed!
+AES Key Wrap test passed!
+RANDOM   test passed!
+RSA      test passed!
+DH       test passed!
+DSA      test passed!
+SRP      test passed!
+PWDBASED test passed!
+openSSL extra test
+OPENSSL  test passed!
+ECC      test passed!
+ECC Enc  test passed!
+ECC buffer test passed!
+CURVE25519 test passed!
+ED25519  test passed!
+CMAC     test passed!
+PKCS7enveloped test passed!
+PKCS7signed    test passed!
+PKCS7encrypted test passed!
+mutex    test passed!
+memcb    test passed!
+Crypt Test: Return code 0
+```
+
+### `b` wolfCrypt Benchmark
+
+Performs benchmark of crypto algorithms.
+
+```
+Benchmark Test
+RNG      25 kB took 0.002 seconds,   11.017 MB/s
+AES enc  25 kB took 0.002 seconds,   15.090 MB/s
+AES dec  25 kB took 0.002 seconds,   15.119 MB/s
+AES-GCM  25 kB took 0.003 seconds,    9.433 MB/s
+AES-CTR  25 kB took 0.001 seconds,   22.378 MB/s
+AES-CCM  25 kB took 0.002 seconds,   15.306 MB/s
+CHACHA   25 kB took 0.002 seconds,   16.063 MB/s
+CHA-POLY 25 kB took 0.001 seconds,   20.447 MB/s
+3DES     25 kB took 0.002 seconds,   10.717 MB/s
+
+MD5      25 kB took  0.00 seconds,   31.576 MB/s
+POLY1305 25 kB took 0.000 seconds,  201.575 MB/s
+SHA      25 kB took  0.00 seconds,   43.761 MB/s
+SHA-256  25 kB took 0.001 seconds,   19.299 MB/s
+SHA-384  25 kB took 0.002 seconds,   14.577 MB/s
+SHA-512  25 kB took 0.001 seconds,   21.718 MB/s
+AES-CMAC 25 kB took  0.00 seconds,   34.925 MB/s
+
+RSA 2048 public           2.445 milliseconds, avg over 1 iterations
+RSA 2048 private         64.711 milliseconds, avg over 1 iterations
+
+RSA 1024 key generation  318.755 milliseconds, avg over 5 iterations
+RSA 2048 key generation  22648.396 milliseconds, avg over 5 iterations
+DH  2048 key generation  23.119 milliseconds, avg over 1 iterations
+DH  2048 key agreement   26.756 milliseconds, avg over 1 iterations
+
+ECC  256 key generation   2.984 milliseconds, avg over 5 iterations
+EC-DHE   key agreement    2.967 milliseconds, avg over 5 iterations
+EC-DSA   sign   time      1.448 milliseconds, avg over 5 iterations
+EC-DSA   verify time      3.304 milliseconds, avg over 5 iterations
+ECC      encrypt          5.860 milliseconds, avg over 1 iterations
+ECC      decrypt          6.360 milliseconds, avg over 1 iterations
+
+CURVE25519 256 key generation  1.416 milliseconds, avg over 5 iterations
+CURVE25519 key agreement       1.332 milliseconds, avg over 5 iterations
+
+ED25519  key generation   0.320 milliseconds, avg over 5 iterations
+ED25519  sign   time      0.595 milliseconds, avg over 5 iterations
+ED25519  verify time      1.310 milliseconds, avg over 5 iterations
+Benchmark Test: Return code 0
+```
+
+### `c` wolfSSL Client
+
+To configure the host address and port modify the `TLS_HOST_REMOTE` and `TLS_PORT` macros at top of `wolfExamples.c`. This example uses TLS 1.2 to connect to a remote host.
+
+### `s` wolfSSL Server
+
+To configure the port to listen on modify `TLS_PORT` at top of `wolfExamples.c`.
+
+### `l` wolfSSL Localhost Server/Client
+
+Starts a TLS server thread listening on localhost. Starts the TLS client and performs connect, exchanges some data and disconnects.
+
+```
+Waiting for a connection...
+Client connected successfully
+Using Non-Blocking I/O: 0
+Message for server:     Client:
+
+Received:       I hear ya fa shizzle!
+
+The client has closed the connection.
+```
+
+## References
+
+For more information please contact info@wolfssl.com.

IDE/INTIME-RTOS/include.am

@@ -0,0 +1,13 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST += \
+    IDE/INTIME-RTOS/README.md \
+    IDE/INTIME-RTOS/user_settings.h \
+    IDE/INTIME-RTOS/libwolfssl.c \
+    IDE/INTIME-RTOS/libwolfssl.vcxproj \
+    IDE/INTIME-RTOS/wolfExamples.c \
+    IDE/INTIME-RTOS/wolfExamples.h \
+    IDE/INTIME-RTOS/wolfExamples.vcxproj \
+    IDE/INTIME-RTOS/wolfExamples.sln

IDE/INTIME-RTOS/libwolfssl.c

@@ -0,0 +1,20 @@
+// libwolfssl.c
+// Defines the entry point for the DLL application
+
+#include <rt.h>
+
+BOOLEAN __stdcall RslMain( RTHANDLE hModule,
+                        DWORD  ul_reason_for_call,  
+                        LPVOID lpReserved
+                       )
+{
+  switch (ul_reason_for_call) {
+    case RSL_PROCESS_ATTACH:
+    case RSL_THREAD_ATTACH:
+    case RSL_THREAD_DETACH:
+    case RSL_PROCESS_DETACH:
+    break;
+  }
+
+  return TRUE;
+}

IDE/INTIME-RTOS/libwolfssl.vcxproj

@@ -0,0 +1,225 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="14.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup Label="ProjectConfigurations">
+    <ProjectConfiguration Include="Debug|INtime">
+      <Configuration>Debug</Configuration>
+      <Platform>INtime</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|INtime">
+      <Configuration>Release</Configuration>
+      <Platform>INtime</Platform>
+    </ProjectConfiguration>
+  </ItemGroup>
+  <ItemGroup>
+    <Text Include="README.md" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="libwolfssl.c" />
+    <ClCompile Include="..\..\src\crl.c" />
+    <ClCompile Include="..\..\src\internal.c" />
+    <ClCompile Include="..\..\src\io.c" />
+    <ClCompile Include="..\..\src\keys.c" />
+    <ClCompile Include="..\..\src\ocsp.c" />
+    <ClCompile Include="..\..\src\sniffer.c" />
+    <ClCompile Include="..\..\src\ssl.c" />
+    <ClCompile Include="..\..\src\tls.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\aes.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\arc4.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\asm.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\asn.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\async.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\blake2b.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\camellia.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\chacha.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\chacha20_poly1305.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\cmac.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\coding.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\compress.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\curve25519.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\des3.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\dh.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\dsa.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\ecc.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\ecc_fp.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\ed25519.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\error.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\fe_low_mem.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\fe_operations.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\ge_low_mem.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\ge_operations.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\hash.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\hc128.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\hmac.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\idea.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\integer.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\logging.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\md2.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\md4.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\md5.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\memory.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\pkcs12.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\pkcs7.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\poly1305.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\pwdbased.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\rabbit.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\random.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\ripemd.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\rsa.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\sha.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\sha256.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\sha512.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\signature.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\srp.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\tfm.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\wc_encrypt.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\wc_port.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\wolfevent.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\wolfmath.c" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="user_settings.h" />
+    <ClInclude Include="..\..\wolfssl\callbacks.h" />
+    <ClInclude Include="..\..\wolfssl\certs_test.h" />
+    <ClInclude Include="..\..\wolfssl\crl.h" />
+    <ClInclude Include="..\..\wolfssl\error-ssl.h" />
+    <ClInclude Include="..\..\wolfssl\internal.h" />
+    <ClInclude Include="..\..\wolfssl\ocsp.h" />
+    <ClInclude Include="..\..\wolfssl\options.h" />
+    <ClInclude Include="..\..\wolfssl\sniffer.h" />
+    <ClInclude Include="..\..\wolfssl\sniffer_error.h" />
+    <ClInclude Include="..\..\wolfssl\ssl.h" />
+    <ClInclude Include="..\..\wolfssl\test.h" />
+    <ClInclude Include="..\..\wolfssl\version.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\aes.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\arc4.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\asn.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\asn_public.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\async.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\blake2-impl.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\blake2-int.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\blake2.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\camellia.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\chacha.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\chacha20_poly1305.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\cmac.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\coding.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\compress.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\curve25519.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\des3.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\dh.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\dsa.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\ecc.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\ed25519.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\error-crypt.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\fe_operations.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\fips_test.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\ge_operations.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\hash.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\hc128.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\hmac.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\idea.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\integer.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\logging.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\md2.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\md4.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\md5.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\memory.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\mem_track.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\misc.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\mpi_class.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\mpi_superclass.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\pkcs12.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\pkcs7.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\poly1305.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\pwdbased.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\rabbit.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\random.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\ripemd.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\rsa.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\settings.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\sha.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\sha256.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\sha512.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\signature.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\srp.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\tfm.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\types.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\visibility.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\wc_encrypt.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\wc_port.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\wolfevent.h" />
+    <ClInclude Include="..\..\wolfssl\wolfcrypt\wolfmath.h" />
+  </ItemGroup>
+  <PropertyGroup Label="Globals">
+    <ProjectGuid>{1731767D-573F-45C9-A466-191DA0D180CF}</ProjectGuid>
+    <WindowsTargetPlatformVersion>8.1</WindowsTargetPlatformVersion>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|INtime'" Label="Configuration">
+    <ConfigurationType>StaticLibrary</ConfigurationType>
+    <CharacterSet>NotSet</CharacterSet>
+    <PlatformToolset>v140</PlatformToolset>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|INtime'" Label="Configuration">
+    <ConfigurationType>StaticLibrary</ConfigurationType>
+    <WholeProgramOptimization>false</WholeProgramOptimization>
+    <CharacterSet>NotSet</CharacterSet>
+    <PlatformToolset>v140</PlatformToolset>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+  <ImportGroup Label="ExtensionSettings">
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|INtime'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|INtime'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|INtime'">
+    <IntDir>$(Configuration)_$(ProjectName)\</IntDir>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|INtime'">
+    <IntDir>$(Configuration)_$(ProjectName)\</IntDir>
+  </PropertyGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|INtime'">
+    <ClCompile>
+    </ClCompile>
+    <Link>
+      <Version>21076.20052</Version>
+      <AdditionalOptions>/SAFESEH:NO %(AdditionalOptions)</AdditionalOptions>
+      <AdditionalDependencies>rt.lib;pcibus.lib;netlib.lib;clib.lib;vshelper.lib</AdditionalDependencies>
+      <OutputFile>$(SolutionDir)$(Configuration)\\libwolfssl.rsl</OutputFile>
+    </Link>
+    <ClCompile>
+      <ExceptionHandling>Async</ExceptionHandling>
+      <PreprocessorDefinitions>_USRDLL;WOLFSSL_DLL;BUILDING_WOLFSSL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <AdditionalIncludeDirectories>$(ProjectDir);$(ProjectDir)..\..\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AssemblerListingLocation>$(IntDir)</AssemblerListingLocation>
+      <ObjectFileName>$(IntDir)</ObjectFileName>
+      <XMLDocumentationFileName>$(IntDir)</XMLDocumentationFileName>
+      <ProgramDataBaseFileName>$(IntDir)vc$(PlatformToolsetVersion).pdb</ProgramDataBaseFileName>
+    </ClCompile>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|INtime'">
+    <ClCompile>
+    </ClCompile>
+    <Link>
+      <Version>21076.20052</Version>
+      <AdditionalOptions>/SAFESEH:NO %(AdditionalOptions)</AdditionalOptions>
+      <AdditionalDependencies>rt.lib;pcibus.lib;netlib.lib;clib.lib;vshelper.lib</AdditionalDependencies>
+      <OutputFile>$(SolutionDir)$(Configuration)\\libwolfssl.rsl</OutputFile>
+    </Link>
+    <ClCompile>
+      <ExceptionHandling>Async</ExceptionHandling>
+      <PreprocessorDefinitions>_USRDLL;WOLFSSL_DLL;BUILDING_WOLFSSL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <AdditionalIncludeDirectories>$(ProjectDir);$(ProjectDir)..\..\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AssemblerListingLocation>$(IntDir)</AssemblerListingLocation>
+      <ObjectFileName>$(IntDir)</ObjectFileName>
+      <XMLDocumentationFileName>$(IntDir)</XMLDocumentationFileName>
+      <ProgramDataBaseFileName>$(IntDir)vc$(PlatformToolsetVersion).pdb</ProgramDataBaseFileName>
+    </ClCompile>
+  </ItemDefinitionGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+  <ImportGroup Label="ExtensionTargets">
+  </ImportGroup>
+</Project>

IDE/INTIME-RTOS/user_settings.h

@@ -0,0 +1,511 @@
+/* Example custom user settings for wolfSSL and INtime RTOS port */
+
+#ifndef WOLFSSL_USER_SETTINGS_H
+#define WOLFSSL_USER_SETTINGS_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* ------------------------------------------------------------------------- */
+/* Port - Platform */
+/* ------------------------------------------------------------------------- */
+#undef  INTIME_RTOS
+#define INTIME_RTOS
+
+#undef  WOLF_EXAMPLES_STACK
+#define WOLF_EXAMPLES_STACK         65536
+
+#undef  WOLFSSL_GENERAL_ALIGNMENT
+#define WOLFSSL_GENERAL_ALIGNMENT   4
+
+/* platform already has min()/max() */
+#undef  WOLFSSL_HAVE_MIN
+#define WOLFSSL_HAVE_MIN
+#undef  WOLFSSL_HAVE_MAX
+#define WOLFSSL_HAVE_MAX
+
+/* disable directory support */
+#undef  NO_WOLFSSL_DIR
+#define NO_WOLFSSL_DIR
+
+/* disable writev */
+#undef  NO_WRITEV
+#define NO_WRITEV
+
+/* we provide main entry point */
+#undef  NO_MAIN_DRIVER
+#define NO_MAIN_DRIVER
+
+/* if using in single threaded mode */
+#undef  SINGLE_THREADED
+//#define SINGLE_THREADED
+/* Note: HAVE_THREAD_LS is not support for INtime RTOS */
+
+/* reduces stack usage, by using malloc/free for stack variables over 100 bytes */
+#undef  WOLFSSL_SMALL_STACK
+//#define WOLFSSL_SMALL_STACK
+
+
+/* ------------------------------------------------------------------------- */
+/* Math Configuration */
+/* ------------------------------------------------------------------------- */
+/* fast math uses stack and inline assembly to speed up math */
+#undef  USE_FAST_MATH
+#define USE_FAST_MATH
+
+#ifdef USE_FAST_MATH
+    /* timing resistance for side-channel attack protection */
+    #undef  TFM_TIMING_RESISTANT
+    #define TFM_TIMING_RESISTANT
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Crypto */
+/* ------------------------------------------------------------------------- */
+/* ECC */
+#if 1
+    #undef  HAVE_ECC
+    #define HAVE_ECC
+
+    /* Support for custom curves */
+    #define WOLFSSL_CUSTOM_CURVES
+
+    /* Curve types */
+    //#define NO_ECC_SECP
+    #define HAVE_ECC_SECPR2
+    #define HAVE_ECC_SECPR3
+    #define HAVE_ECC_BRAINPOOL
+    #define HAVE_ECC_KOBLITZ
+
+    /* Curve sizes */
+    #undef  HAVE_ALL_CURVES
+    //#define HAVE_ALL_CURVES
+    #ifndef HAVE_ALL_CURVES
+        /* allows enabling custom curve sizes */
+        #undef  ECC_USER_CURVES
+        #define ECC_USER_CURVES
+
+        //#define HAVE_ECC112
+        //#define HAVE_ECC128
+        //#define HAVE_ECC160
+        #define HAVE_ECC192
+        #define HAVE_ECC224
+        //#define NO_ECC256
+        #define HAVE_ECC384
+        #define HAVE_ECC521
+    #endif
+
+    /* Fixed point cache (speeds repeated operations against same private key) */
+    #undef  FP_ECC
+    #define FP_ECC
+    #ifdef FP_ECC
+        /* Bits / Entries */
+        #undef  FP_ENTRIES
+        #define FP_ENTRIES  2
+        #undef  FP_LUT
+        #define FP_LUT      4
+    #endif
+
+    /* Optional ECC calculation method */
+    /* Note: doubles heap usage, but slightly faster */
+    #undef  ECC_SHAMIR
+    #define ECC_SHAMIR
+
+    /* Reduces heap usage, but slower */
+    /* timing resistance for side-channel attack protection */
+    #undef  ECC_TIMING_RESISTANT
+    #define ECC_TIMING_RESISTANT
+
+    #ifdef USE_FAST_MATH
+        /* use reduced size math buffers for ecc points */
+        #undef  ALT_ECC_SIZE
+        #define ALT_ECC_SIZE
+
+        /* Enable TFM optimizations for ECC */
+        #if defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES)
+            #define TFM_ECC192
+        #endif
+        #if defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES)
+            #define TFM_ECC224
+        #endif
+        #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)
+            #define TFM_ECC256
+        #endif
+        #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)
+            #define TFM_ECC384
+        #endif
+        #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)
+            #define TFM_ECC521
+        #endif
+    #endif
+#endif
+
+/* RSA */
+#undef NO_RSA
+#if 1
+    #ifdef USE_FAST_MATH
+        /* Maximum math bits (Max RSA key bits * 2) */
+        #undef  FP_MAX_BITS
+        #define FP_MAX_BITS     4096
+    #endif
+
+    /* half as much memory but twice as slow */
+    #undef  RSA_LOW_MEM
+    //#define RSA_LOW_MEM
+
+    /* RSA blinding countermeasures */
+    #undef  WC_RSA_BLINDING
+    #define WC_RSA_BLINDING
+#else
+    #define NO_RSA
+#endif
+
+/* AES */
+#undef NO_AES
+#if 1
+    #undef  HAVE_AESGCM
+    #define HAVE_AESGCM
+
+    #ifdef HAVE_AESGCM
+        /* GCM Method: GCM_SMALL, GCM_WORD32 or GCM_TABLE */
+        //#define GCM_SMALL
+        #define GCM_TABLE
+    #endif
+
+    #undef  WOLFSSL_AES_COUNTER
+    #define WOLFSSL_AES_COUNTER
+
+    #undef  HAVE_AESCCM
+    #define HAVE_AESCCM
+
+    #undef  WOLFSSL_AES_DIRECT
+    #define WOLFSSL_AES_DIRECT
+
+    #undef  HAVE_AES_KEYWRAP
+    #define HAVE_AES_KEYWRAP
+#else
+    #define NO_AES
+#endif
+
+/* ChaCha20 / Poly1305 */
+#undef HAVE_CHACHA
+#undef HAVE_POLY1305
+#if 1
+    #define HAVE_CHACHA
+    #define HAVE_POLY1305
+
+    /* Needed for Poly1305 */
+    #undef  HAVE_ONE_TIME_AUTH
+    #define HAVE_ONE_TIME_AUTH
+#endif
+
+/* Ed25519 / Curve25519 */
+#undef HAVE_CURVE25519
+#undef HAVE_ED25519
+#if 1
+    #define HAVE_CURVE25519
+    #define HAVE_ED25519
+
+    /* Optionally use small math (less flash usage, but much slower) */
+    #if 0
+        #define CURVED25519_SMALL
+    #endif
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Hashing */
+/* ------------------------------------------------------------------------- */
+/* Sha */
+#undef NO_SHA
+#if 1
+    /* 1k smaller, but 25% slower */
+    //#define USE_SLOW_SHA
+#else
+    #define NO_SHA
+#endif
+
+/* Sha256 */
+#undef NO_SHA256
+#if 1
+#else
+    #define NO_SHA256
+#endif
+
+/* Sha512 */
+#undef WOLFSSL_SHA512
+#if 1
+    #define WOLFSSL_SHA512
+
+    /* Sha384 */
+    #undef  WOLFSSL_SHA384
+    #if 1
+        #define WOLFSSL_SHA384
+    #endif
+
+    /* over twice as small, but 50% slower */
+    //#define USE_SLOW_SHA2
+#endif
+
+/* MD5 */
+#undef  NO_MD5
+#if 1
+#else
+    #define NO_MD5
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Enable Features */
+/* ------------------------------------------------------------------------- */
+#undef  KEEP_PEER_CERT
+#define KEEP_PEER_CERT
+
+#undef  HAVE_COMP_KEY
+#define HAVE_COMP_KEY
+
+#undef  HAVE_ECC_ENCRYPT
+#define HAVE_ECC_ENCRYPT
+
+#undef  HAVE_TLS_EXTENSIONS
+#define HAVE_TLS_EXTENSIONS
+
+#undef  HAVE_SUPPORTED_CURVES
+#define HAVE_SUPPORTED_CURVES
+
+#undef  HAVE_EXTENDED_MASTER
+#define HAVE_EXTENDED_MASTER
+
+#undef  WOLFSSL_DTLS
+#define WOLFSSL_DTLS
+
+#undef  OPENSSL_EXTRA
+#define OPENSSL_EXTRA
+
+#undef  WOLFSSL_BASE64_ENCODE
+#define WOLFSSL_BASE64_ENCODE
+
+#undef  HAVE_HKDF
+#define HAVE_HKDF
+
+#undef  WOLFSSL_CMAC
+#define WOLFSSL_CMAC
+
+#undef  WOLFSSL_KEY_GEN
+#define WOLFSSL_KEY_GEN
+
+#undef  WOLFSSL_CERT_GEN
+#define WOLFSSL_CERT_GEN
+
+#undef  WOLFSSL_CERT_REQ
+#define WOLFSSL_CERT_REQ
+
+#undef  WOLFSSL_CERT_EXT
+#define WOLFSSL_CERT_EXT
+
+#undef  HAVE_PK_CALLBACKS
+#define HAVE_PK_CALLBACKS
+
+#undef  HAVE_ALPN
+#define HAVE_ALPN
+
+#undef  HAVE_SNI
+#define HAVE_SNI
+
+#undef  HAVE_MAX_FRAGMENT
+#define HAVE_MAX_FRAGMENT
+
+#undef  HAVE_TRUNCATED_HMAC
+#define HAVE_TRUNCATED_HMAC
+
+#undef  SESSION_CERTS
+#define SESSION_CERTS
+
+#undef  HAVE_SESSION_TICKET
+#define HAVE_SESSION_TICKET
+
+#undef  WOLFCRYPT_HAVE_SRP
+#define WOLFCRYPT_HAVE_SRP
+
+#undef  WOLFSSL_HAVE_CERT_SERVICE
+#define WOLFSSL_HAVE_CERT_SERVICE
+
+#undef  HAVE_PKCS7
+#define HAVE_PKCS7
+
+#undef  HAVE_X963_KDF
+#define HAVE_X963_KDF
+
+#undef  WOLFSSL_HAVE_WOLFSCEP
+#define WOLFSSL_HAVE_WOLFSCEP
+
+#undef  WOLFSSL_ALWAYS_KEEP_SNI
+#define WOLFSSL_ALWAYS_KEEP_SNI
+
+#undef  WOLFSSL_ALWAYS_VERIFY_CB
+#define WOLFSSL_ALWAYS_VERIFY_CB
+
+#undef  WOLFSSL_SEP
+#define WOLFSSL_SEP
+
+#undef  ATOMIC_USER
+#define ATOMIC_USER
+
+#undef  HAVE_OCSP
+#define HAVE_OCSP
+
+#undef  HAVE_CERTIFICATE_STATUS_REQUEST
+#define HAVE_CERTIFICATE_STATUS_REQUEST
+
+#undef  HAVE_CERTIFICATE_STATUS_REQUEST_V2
+#define HAVE_CERTIFICATE_STATUS_REQUEST_V2
+
+#undef  HAVE_CRL
+#define HAVE_CRL
+
+#undef  PERSIST_CERT_CACHE
+//#define PERSIST_CERT_CACHE
+
+#undef  PERSIST_SESSION_CACHE
+//#define PERSIST_SESSION_CACHE
+
+#undef  WOLFSSL_DER_LOAD
+//#define WOLFSSL_DER_LOAD
+
+#undef  WOLFSSL_DES_ECB
+//#define WOLFSSL_DES_ECB
+
+#undef  HAVE_CAMELLIA
+//#define HAVE_CAMELLIA
+
+#undef  HAVE_NULL_CIPHER
+//#define HAVE_NULL_CIPHER
+
+#undef  WOLFSSL_RIPEMD
+//#define WOLFSSL_RIPEMD
+
+
+/* TLS Session Cache */
+#if 1
+    #define SMALL_SESSION_CACHE
+    //#define MEDIUM_SESSION_CACHE
+    //#define BIG_SESSION_CACHE
+    //#define HUGE_SESSION_CACHE
+#else
+    #define NO_SESSION_CACHE
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Disable Features */
+/* ------------------------------------------------------------------------- */
+#undef  NO_WOLFSSL_SERVER
+//#define NO_WOLFSSL_SERVER
+
+#undef  NO_WOLFSSL_CLIENT
+//#define NO_WOLFSSL_CLIENT
+
+/* disables TLS 1.0/1.1 support */
+#undef  NO_OLD_TLS
+//#define NO_OLD_TLS
+
+/* disable access to filesystem */
+#undef  NO_FILESYSTEM
+//#define NO_FILESYSTEM
+
+#undef  NO_RC4
+#define NO_RC4
+
+#undef  NO_HC128
+#define NO_HC128
+
+#undef  NO_RABBIT
+#define NO_RABBIT
+
+#undef  NO_MD4
+#define NO_MD4
+
+/* Pre-shared keys */
+#undef  NO_PSK
+//#define NO_PSK
+
+#undef  NO_DSA
+//#define NO_DSA
+
+#undef  NO_DH
+//#define NO_DH
+
+#undef  NO_DES3
+//#define NO_DES3
+
+#undef  NO_PWDBASED
+//#define NO_PWDBASED
+
+/* encoding/decoding support */
+#undef  NO_CODING
+//#define NO_CODING
+
+/* memory wrappers and memory callbacks */
+#undef  NO_WOLFSSL_MEMORY
+//#define NO_WOLFSSL_MEMORY
+
+/* In-lining of misc.c functions */
+/* If defined, must include wolfcrypt/src/misc.c in build */
+/* Slower, but about 1k smaller */
+#undef  NO_INLINE
+//#define NO_INLINE
+
+
+
+/* ------------------------------------------------------------------------- */
+/* Benchmark / Test */
+/* ------------------------------------------------------------------------- */
+#undef  NO_CRYPT_TEST
+//#define NO_CRYPT_TEST
+
+#undef  NO_CRYPT_BENCHMARK
+//#define NO_CRYPT_BENCHMARK
+
+/* Use reduced benchmark / test sizes */
+#undef  BENCH_EMBEDDED
+#define BENCH_EMBEDDED
+
+#undef  USE_CERT_BUFFERS_2048
+#define USE_CERT_BUFFERS_2048
+
+#undef  USE_CERT_BUFFERS_256
+#define USE_CERT_BUFFERS_256
+
+
+
+/* ------------------------------------------------------------------------- */
+/* Debugging */
+/* ------------------------------------------------------------------------- */
+#undef  DEBUG_WOLFSSL
+//#define DEBUG_WOLFSSL
+#ifdef DEBUG_WOLFSSL
+    /* Use this to measure / print heap usage */
+    #if 0
+        #undef  USE_WOLFSSL_MEMORY
+        #define USE_WOLFSSL_MEMORY
+
+        #undef  WOLFSSL_TRACK_MEMORY
+        #define WOLFSSL_TRACK_MEMORY
+    #endif
+
+    /* Math debugging (adds support for mp_dump) */
+    #undef  WOLFSSL_DEBUG_MATH
+    //#define WOLFSSL_DEBUG_MATH
+#else
+    #undef  NO_ERROR_STRINGS
+    //#define NO_ERROR_STRINGS
+#endif
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* WOLFSSL_USER_SETTINGS_H */

IDE/INTIME-RTOS/wolfExamples.c

@@ -0,0 +1,619 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stdarg.h>
+#include <rt.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netdb.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <io.h>
+
+#include "wolfExamples.h"
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/ssl.h>
+#include <wolfssl/certs_test.h>
+#include <wolfcrypt/test/test.h>
+#include <wolfcrypt/benchmark/benchmark.h>
+
+
+/*****************************************************************************
+ * Globals
+ ****************************************************************************/
+RTHANDLE            hRootProcess;
+DWORD               dwKtickInUsecs;
+INIT_STRUCT         gInit;
+static int gServerExit = 0;
+static int gServerReady = 0;
+
+static const char menu1[] = "\r\n"
+    "\tt. WolfCrypt Test\r\n"
+    "\tb. WolfCrypt Benchmark\r\n"
+    "\tc. WolfSSL Client Example\r\n"
+    "\ts. WolfSSL Server Example\r\n"
+    "\tl. WolfSSL Localhost Client/Server Example\r\n";
+
+
+/*****************************************************************************
+ * Configuration
+ ****************************************************************************/
+
+#define TLS_MAXDATASIZE 4096           /* maximum acceptable amount of data */
+#define TLS_PORT        11111          /* define default port number */
+#define TLS_HOST_LOCAL  "127.0.0.1"
+#define TLS_HOST_REMOTE "192.168.0.112"
+#define SOCK_MAX_PENDING 5
+#define THREAD_BASE_PRIO 150
+
+
+/*****************************************************************************
+ * TLS Client
+ ****************************************************************************/
+int wolfExample_TLSClient(const char* ip, int port)
+{
+    int          ret = 0;
+    WOLFSSL_CTX* ctx = NULL;
+    WOLFSSL*     ssl = NULL;        /* create WOLFSSL object */
+    int                sockFd = -1; /* socket file descriptor */
+    struct sockaddr_in servAddr;    /* struct for server address */
+    char sendBuff[TLS_MAXDATASIZE], rcvBuff[TLS_MAXDATASIZE];
+
+    sockFd = socket(AF_INET, SOCK_STREAM, 0);
+    if (sockFd < 0) {
+        printf("Failed to create socket. Error: %d\n", errno);
+        return errno;
+    }
+
+    memset(&servAddr, 0, sizeof(servAddr)); /* clears memory block for use */
+    servAddr.sin_family = AF_INET;          /* sets addressfamily to internet*/
+    servAddr.sin_port = htons(port);    /* sets port to defined port */
+
+    /* looks for the server at the entered address (ip in the command line) */
+    if (inet_pton(AF_INET, ip, &servAddr.sin_addr) < 1) {
+        /* checks validity of address */
+        ret = errno;
+        printf("Invalid Address. Error: %d\n", ret);
+        goto exit;
+    }
+
+    if (connect(sockFd, (struct sockaddr *)&servAddr, sizeof(servAddr)) < 0) {
+        /* if socket fails to connect to the server*/
+        ret = errno;
+        printf("Connect error. Error: %d\n", ret);
+        goto exit;
+    }
+
+    /* create and initialize WOLFSSL_CTX structure */
+    if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())) == NULL) {
+        printf("SSL_CTX_new error.\n");
+        goto exit;
+    }
+
+    /* load CA certificates into wolfSSL_CTX. which will verify the server */
+    ret = wolfSSL_CTX_load_verify_buffer(ctx, ca_cert_der_2048,
+        sizeof_ca_cert_der_2048, SSL_FILETYPE_ASN1);
+    if (ret != SSL_SUCCESS) {
+        printf("Error %d loading CA cert\n", ret);
+        goto exit;
+    }
+    if ((ssl = wolfSSL_new(ctx)) == NULL) {
+        printf("wolfSSL_new error.\n");
+        goto exit;
+    }
+    wolfSSL_set_fd(ssl, sockFd);
+
+    ret = wolfSSL_connect(ssl);
+    if (ret == SSL_SUCCESS) {
+        printf("Message for server:\t");
+        fgets(sendBuff, TLS_MAXDATASIZE, stdin);
+
+        if (wolfSSL_write(ssl, sendBuff, strlen(sendBuff)) != strlen(sendBuff)) {
+            /* the message is not able to send, or error trying */
+            ret = wolfSSL_get_error(ssl, 0);
+            printf("Write error: Error: %d\n", ret);
+            goto exit;
+        }
+
+        memset(rcvBuff, 0, TLS_MAXDATASIZE);
+        if (wolfSSL_read(ssl, rcvBuff, TLS_MAXDATASIZE) < 0) {
+            /* the server failed to send data, or error trying */
+            ret = wolfSSL_get_error(ssl, 0);
+            printf("Read error. Error: %d\n", ret);
+            goto exit;
+        }
+        printf("Received: \t%s\n", rcvBuff);
+    }
+
+exit:
+    /* frees all data before client termination */
+    if (sockFd != -1)
+        close(sockFd);
+    wolfSSL_free(ssl);
+    wolfSSL_CTX_free(ctx);
+    gServerExit = 1;
+
+    return ret;
+}
+
+/*****************************************************************************
+ * TLS Server
+ ****************************************************************************/
+int wolfExample_TLSServer(int port)
+{
+    int ret = 0;
+    WOLFSSL_CTX* ctx = NULL;
+    WOLFSSL* ssl = NULL;
+    int sockFd = -1, clientFd = -1;
+    struct sockaddr_in serverAddr = {0}, clientAddr = {0};
+    const char reply[]  = "I hear ya fa shizzle!\n";
+    int addrSize        = sizeof(clientAddr);
+    char buff[256];
+
+	sockFd = socket(AF_INET, SOCK_STREAM, 0);
+    if (sockFd < 0) {
+        printf("Failed to create socket. Error: %d\n", errno);
+        return errno;
+    }
+
+    /* create and initialize WOLFSSL_CTX structure */
+    if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method())) == NULL) {
+        fprintf(stderr, "wolfSSL_CTX_new error.\n");
+        goto exit;
+    }
+
+    /* Load server certificate into WOLFSSL_CTX */
+    ret = wolfSSL_CTX_use_certificate_buffer(ctx, server_cert_der_2048,
+        sizeof_server_cert_der_2048, SSL_FILETYPE_ASN1);
+    if (ret != SSL_SUCCESS) {
+        fprintf(stderr, "Error %d loading server-cert!\n", ret);
+        goto exit;
+    }
+
+    /* Load server key into WOLFSSL_CTX */
+    ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx, server_key_der_2048,
+        sizeof_server_key_der_2048, SSL_FILETYPE_ASN1);
+    if (ret != SSL_SUCCESS) {
+        fprintf(stderr, "Error %d loading server-key!\n", ret);
+        goto exit;
+    }
+
+    /* Initialize the server address struct to zero */
+    memset((char *)&serverAddr, 0, sizeof(serverAddr));
+
+    /* Fill the server's address family */
+    serverAddr.sin_family      = AF_INET;
+    serverAddr.sin_addr.s_addr = INADDR_ANY;
+    serverAddr.sin_port        = htons(port);
+
+    /* Attach the server socket to our port */
+    if (bind(sockFd, (struct sockaddr *)&serverAddr, sizeof(serverAddr)) < 0) {
+        printf("ERROR: failed to bind\n");
+        goto exit;
+    }
+
+    printf("Waiting for a connection...\n");
+    gServerReady = 1;
+
+    /* Continuously accept connects while not in an active connection */
+    while (gServerExit == 0) {
+        /* listen for a new connection */
+        ret = listen(sockFd, SOCK_MAX_PENDING);
+        if (ret == 0) {
+            /* Wait until a client connects */
+            clientFd = accept(sockFd, (struct sockaddr*)&clientAddr, &addrSize);
+
+            /* If fails to connect, loop back up and wait for a new connection */
+            if (clientFd == -1) {
+                printf("failed to accept the connection..\n");
+            }
+            /* If it connects, read in and reply to the client */
+            else {
+                printf("Client connected successfully\n");
+
+                ssl = wolfSSL_new(ctx);
+                if (ssl == NULL) {
+                    fprintf(stderr, "wolfSSL_new error.\n");
+                    break;
+                }
+
+                /* direct our ssl to our clients connection */
+                wolfSSL_set_fd(ssl, clientFd);
+
+                printf("Using Non-Blocking I/O: %d\n",
+                    wolfSSL_get_using_nonblock(ssl));
+
+                for ( ; ; ) {
+                    /* Clear the buffer memory for anything  possibly left over */
+                    memset(&buff, 0, sizeof(buff));
+
+                    /* Read the client data into our buff array */
+					ret = wolfSSL_read(ssl, buff, sizeof(buff) - 1);
+                    if (ret > 0) {
+                        /* Print any data the client sends to the console */
+                        printf("Client: %s\n", buff);
+
+                        /* Reply back to the client */
+						ret = wolfSSL_write(ssl, reply, sizeof(reply) - 1);
+                        if (ret < 0) {
+                            printf("wolfSSL_write error = %d\n",
+                                wolfSSL_get_error(ssl, ret));
+                            gServerExit = 1;
+                            break;
+                        }
+                    }
+                    /* if the client disconnects break the loop */
+                    else {
+                        if (ret < 0)
+                            printf("wolfSSL_read error = %d\n",
+                                wolfSSL_get_error(ssl, ret));
+                        else if (ret == 0)
+                            printf("The client has closed the connection.\n");
+                        gServerExit = 1;
+                        break;
+                    }
+                }
+                wolfSSL_free(ssl);           /* Free the WOLFSSL object */
+                ssl = NULL;
+            }
+            close(clientFd);               /* close the connected socket */
+            clientFd = -1;
+        }
+    } /* while */
+
+exit:
+    if (clientFd != -1)
+        close(clientFd);
+    if (sockFd != -1)
+        close(sockFd);
+    wolfSSL_free(ssl);       /* Free the WOLFSSL object */
+    wolfSSL_CTX_free(ctx);   /* Free WOLFSSL_CTX */
+
+    return ret;
+}
+
+/*****************************************************************************
+ * TLS Local Test
+ ****************************************************************************/
+static void wolfSSLLocalServerThread(void* param)
+{
+    int port = (int)((int*)param);
+    wolfExample_TLSServer(port);
+}
+
+int wolfExample_TLSLocal(int port)
+{
+    int ret;
+    RTHANDLE srvHandle;
+
+    /* start server thread */
+    srvHandle = CreateRtThread(THREAD_BASE_PRIO + 10,
+        (LPPROC)wolfSSLLocalServerThread, WOLF_EXAMPLES_STACK, (void*)port);
+    if (srvHandle == BAD_RTHANDLE) {
+        Fail("Cannot create server thread");
+        return -1;
+    }
+
+    /* wait for server to be ready */
+    while (gServerReady != 1) {
+        RtSleep(0);
+    }
+
+    /* run client */
+    ret = wolfExample_TLSClient(TLS_HOST_LOCAL, port);
+
+    return ret;
+}
+
+
+/*****************************************************************************
+ * Thread
+        memset(&args, 0, sizeof(args));
+ ****************************************************************************/
+typedef struct func_args {
+    int    argc;
+    char** argv;
+    int    return_code;
+} func_args;
+
+static void wolfExampleThread(void* param)
+{
+    func_args args;
+
+#ifdef DEBUG_WOLFSSL
+    wolfSSL_Debugging_ON();
+#endif
+
+    /* initialize wolfSSL */
+    wolfSSL_Init();
+
+    while (1) {
+        char rc;
+
+        gServerExit = 0;
+        gServerReady = 0;
+
+        printf("\r\n\t\t\t\tMENU\r\n");
+        printf(menu1);
+        printf("Please select one of the above options: ");
+
+        rc = getchar();
+        switch (rc) {
+            case 't':
+                printf("\nCrypt Test\n");
+                wolfcrypt_test(&args);
+                printf("Crypt Test: Return code %d\n", args.return_code);
+                break;
+
+            case 'b':
+                printf("\nBenchmark Test\n");
+                benchmark_test(&args);
+                printf("Benchmark Test: Return code %d\n", args.return_code);
+                break;
+
+            case 'c':
+                wolfExample_TLSClient(TLS_HOST_REMOTE, TLS_PORT);
+                break;
+
+            case 's':
+                wolfExample_TLSServer(TLS_PORT);
+                break;
+
+            case 'l':
+                wolfExample_TLSLocal(TLS_PORT);
+                break;
+
+            // All other cases go here
+            default:
+                if (rc != '\r' && rc != '\n')
+                    printf("\r\nSelection %c out of range\r\n", rc);
+                break;
+        }
+    }
+
+    wolfSSL_Cleanup();
+}
+
+
+/*****************************************************************************
+* FUNCTION:		Catalog
+*
+* PARAMETERS:	1. handle of the process whose object directory must be used
+*				2. the object whose handle must be cataloged
+*				3. the name to be used (upto 14 characters)
+*
+* RETURNS:		TRUE on success
+*
+* DESCRIPTION:	If the given name already exists,
+*				and the existing name refers to a non-existing object,
+*				then the existing name is removed before cataloging.
+\*****************************************************************************/
+BOOLEAN Catalog(
+	RTHANDLE			hProcess,
+	RTHANDLE			hObject,
+	LPSTR				lpszName)
+{
+	RTHANDLE		hOld;
+
+	if (CatalogRtHandle(hProcess, hObject, lpszName))
+		return TRUE;
+
+	// something wrong: check for the case mentioned above
+	if (((hOld = LookupRtHandle(hProcess, lpszName, NO_WAIT)) != BAD_RTHANDLE) &&
+		(GetRtHandleType(hOld) == INVALID_TYPE))
+	{
+		// this is the case mentioned above: remove the old entry and try again
+		if (UncatalogRtHandle(hProcess, lpszName))
+			return (CatalogRtHandle(hProcess, hObject, lpszName));
+	}
+	return FALSE;
+}
+
+/*****************************************************************************
+* FUNCTION:   Cleanup (local function)
+*
+* DESCRIPTION:
+*  Tell threads to delete themselves and wait a while;
+*  if any thread still exists, kill it.
+*  Remove all other objects as far as they have been created.
+\*****************************************************************************/
+void Cleanup(void)
+{
+	// indicate that we are cleaning up
+	gInit.state		= CLEANUP_BUSY;
+	gInit.bShutdown = TRUE;
+
+#ifdef _DEBUG
+  fprintf(stderr, "wolfExamples started cleaning up\n");
+#endif
+
+	// remove our name from the root process
+	if (gInit.bCataloged) {
+		if (!UncatalogRtHandle(hRootProcess, "wolfExample"))
+			Fail("Cannot remove my own name");
+    }
+
+#ifdef _DEBUG
+	fprintf(stderr, "wolfExamples finished cleaning up\n");
+#endif
+
+	// lie down
+	exit(0);
+}
+
+/*****************************************************************************
+* FUNCTION:     	Fail
+*
+* PARAMETERS:   	same parameters as expected by printf
+*
+* DESCRIPTION:
+*  If in debug mode, prints the message, appending a new line and the error number.
+*  Then the current process is killed graciously:
+*  If the current thread is the main thread, this is done directly.
+*  if the current thread is another one, a terminate request is sent and
+*  the function returns to the calling thread.
+\*****************************************************************************/
+void Fail(LPSTR lpszMessage, ...)
+{
+	EXCEPTION		eh;
+	RTHANDLE		hDelMbx;
+	DWORD			dwTerminate;
+
+#ifdef _DEBUG
+	va_list			ap;
+
+	va_start(ap, lpszMessage);
+	vfprintf(stderr, lpszMessage, ap);
+	va_end(ap);
+	fprintf(stderr, "\nError nr=%x %s\n", GetLastRtError(), GetRtErrorText(GetLastRtError()));
+#endif
+
+	// make sure that exceptions are returned for inline handling
+	GetRtExceptionHandlerInfo(THREAD_HANDLER, &eh);
+	eh.ExceptionMode = 0;
+	SetRtExceptionHandler(&eh);
+
+	// if we had not started initializing yet, just get out
+	if (BEFORE_INIT == gInit.state)
+		exit(0);
+
+	if (gInit.hMain == GetRtThreadHandles(THIS_THREAD))
+	{
+		// this is the main thread:
+		// if we are busy initializing, then do Cleanup
+		if (INIT_BUSY == gInit.state)
+			Cleanup();  // does not return
+
+		// this is the main thread, but we are not initializing: just return
+		return;
+	}
+
+	// this is not the main thread:
+	// ask main thread to do cleanup
+	// (allow some time to setup the deletion mailbox, ignore errors)
+	hDelMbx			= LookupRtHandle(NULL_RTHANDLE, "R?EXIT_MBOX", 5000);
+	dwTerminate		= TERMINATE;
+	SendRtData(hDelMbx, &dwTerminate, 4);
+}
+
+/*****************************************************************************
+*
+* FUNCTION:		UsecsToKticks
+*
+* PARAMETERS:	1. number of usecs
+*
+* RETURNS:		number of low level ticks
+*
+* DESCRIPTION:	returns the parameter if it is WAIT_FOREVER
+*				otherwise rounds up to number of low level ticks
+\*****************************************************************************/
+DWORD UsecsToKticks(DWORD dwUsecs)
+{
+	if (dwUsecs == WAIT_FOREVER)
+		return WAIT_FOREVER;
+
+	return (dwUsecs + dwKtickInUsecs - 1) / dwKtickInUsecs;
+}
+
+
+/*****************************************************************************
+* FUNCTION:         main
+*
+* DESCRIPTION:
+*  This is the main program module.
+*  It creates global objects  and all threads.
+*  The main thread then waits for notifications and acts accordingly
+\*****************************************************************************/
+int main(int argc, char* argv[])
+{
+    SYSINFO         sysinfo;
+    EVENTINFO       eiEventInfo;
+    RTHANDLE        taskHandle;
+
+#ifdef _DEBUG
+    fprintf(stderr, "wolfExamples started\n");
+#endif
+
+    // obtain handle of root process (cannot fail)
+    hRootProcess    = GetRtThreadHandles(ROOT_PROCESS);
+
+    // initialize the structure for cleaning up
+    memset(&gInit, 0, sizeof(gInit));
+    gInit.state     = BEFORE_INIT;
+
+    // get low level tick length in usecs
+    if (!CopyRtSystemInfo(&sysinfo))
+        Fail("Cannot copy system info");
+    dwKtickInUsecs  = 10000 / sysinfo.KernelTickRatio;
+    if (dwKtickInUsecs == 0)
+        Fail("Invalid low level tick length");
+
+    // adjust process max priority (ignore error)
+    // TODO adjust the 2nd parameter to a value closer to zero if you want to allow more priorities
+    SetRtProcessMaxPriority(NULL_RTHANDLE, THREAD_BASE_PRIO);
+
+    // obtain main thread's handle
+    gInit.hMain     = GetRtThreadHandles(THIS_THREAD);
+    gInit.state     = INIT_BUSY;
+
+    // attempt to catalog the thread but ignore error
+    Catalog(NULL_RTHANDLE, gInit.hMain, "TMain");
+
+    // catalog the handle of this process in the root process
+    if (!Catalog(hRootProcess, GetRtThreadHandles(THIS_PROCESS), "wolfExample")) {
+        Fail("Cannot catalog process name");
+    }
+    gInit.bCataloged = TRUE;
+
+    // create thread
+    taskHandle = CreateRtThread(THREAD_BASE_PRIO + 20,
+        (LPPROC)wolfExampleThread, WOLF_EXAMPLES_STACK, 0);
+    if (taskHandle == BAD_RTHANDLE) {
+        Fail("Cannot create thread");
+    }
+
+    // indicate that initialization has finished
+    gInit.state     = INIT_DONE;
+#ifdef _DEBUG
+    fprintf(stderr, "wolfExamples finished initialization\n");
+#endif
+
+    // wait for notifications
+    while (RtNotifyEvent(RT_SYSTEM_NOTIFICATIONS | RT_EXIT_NOTIFICATIONS,
+        WAIT_FOREVER, &eiEventInfo))
+    {
+        switch(eiEventInfo.dwNotifyType)
+        {
+        case TERMINATE:
+            // TODO: this process should terminate
+            // cleanup the environment
+            Cleanup();  // does not return
+
+        case NT_HOST_UP:
+            // TODO: react to a Windows host that has come back
+            break;
+
+        case NT_BLUESCREEN:
+            // TODO: react to a Windows blue screen
+            break;
+
+        case KERNEL_STOPPING:
+            // TODO: react to the INtime kernel stopping
+            break;
+
+        case NT_HOST_HIBERNATE:
+            // TODO: react to the Windows host going in hibernation
+            break;
+
+        case NT_HOST_STANDBY:
+            // TODO: react to the Windows host going in standby mode
+            break;
+
+        case NT_HOST_SHUTDOWN_PENDING:
+            // TODO: react to a Windows host that is about to shutdown
+            break;
+        }
+    }
+    Fail("Notify failed");
+    return 0;
+}

IDE/INTIME-RTOS/wolfExamples.h

@@ -0,0 +1,47 @@
+#ifndef _WOLFEXAMPLES_H_
+#define _WOLFEXAMPLES_H_
+
+#include <rt.h>
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+// support functions for all threads
+BOOLEAN				Catalog(RTHANDLE hProcess, RTHANDLE hObject, LPSTR lpszName);
+void				Cleanup(void);
+void				Fail(LPSTR lpszMessage, ...);
+DWORD				UsecsToKticks(DWORD dwUsecs);
+
+
+/* Example API's */
+int wolfExample_TLSServer(int port);
+int wolfExample_TLSClient(const char* ip, int port);
+int wolfExample_TLSLocal(int port);
+
+
+// global type definitions
+typedef enum {
+	BEFORE_INIT,
+	INIT_BUSY,
+	INIT_DONE,
+	CLEANUP_BUSY
+}					INIT_STATE;
+
+typedef struct {
+	RTHANDLE			hMain;		// RTHANDLE of main thread
+	INIT_STATE			state;		// main thread state
+	BOOLEAN				bCataloged;	// TRUE if we cataloged process name in root
+	BOOLEAN				bShutdown;	// TRUE if all threads have to terminate
+}					INIT_STRUCT;
+
+// global variables
+extern RTHANDLE		hRootProcess;	// RTHANDLE of root process
+extern DWORD		dwKtickInUsecs;	// length of one low level tick in usecs
+extern INIT_STRUCT	gInit;			// structure describing all global objects
+
+#ifdef __cplusplus
+    }    /* extern "C" */
+#endif
+
+#endif /* _WOLFEXAMPLES_H_ */

IDE/INTIME-RTOS/wolfExamples.sln

@@ -0,0 +1,31 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio 14
+VisualStudioVersion = 14.0.23107.0
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "wolfExamples", "wolfExamples.vcxproj", "{557A7EFD-2627-478A-A855-50F518DD13EE}"
+	ProjectSection(ProjectDependencies) = postProject
+		{1731767D-573F-45C9-A466-191DA0D180CF} = {1731767D-573F-45C9-A466-191DA0D180CF}
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "libwolfssl", "libwolfssl.vcxproj", "{1731767D-573F-45C9-A466-191DA0D180CF}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|INtime = Debug|INtime
+		Release|INtime = Release|INtime
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{557A7EFD-2627-478A-A855-50F518DD13EE}.Debug|INtime.ActiveCfg = Debug|INtime
+		{557A7EFD-2627-478A-A855-50F518DD13EE}.Debug|INtime.Build.0 = Debug|INtime
+		{557A7EFD-2627-478A-A855-50F518DD13EE}.Release|INtime.ActiveCfg = Release|INtime
+		{557A7EFD-2627-478A-A855-50F518DD13EE}.Release|INtime.Build.0 = Release|INtime
+		{1731767D-573F-45C9-A466-191DA0D180CF}.Debug|INtime.ActiveCfg = Debug|INtime
+		{1731767D-573F-45C9-A466-191DA0D180CF}.Debug|INtime.Build.0 = Debug|INtime
+		{1731767D-573F-45C9-A466-191DA0D180CF}.Release|INtime.ActiveCfg = Release|INtime
+		{1731767D-573F-45C9-A466-191DA0D180CF}.Release|INtime.Build.0 = Release|INtime
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal

IDE/INTIME-RTOS/wolfExamples.vcxproj

@@ -0,0 +1,100 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="14.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup Label="ProjectConfigurations">
+    <ProjectConfiguration Include="Debug|INtime">
+      <Configuration>Debug</Configuration>
+      <Platform>INtime</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|INtime">
+      <Configuration>Release</Configuration>
+      <Platform>INtime</Platform>
+    </ProjectConfiguration>
+  </ItemGroup>
+  <ItemGroup>
+    <Text Include="README.md" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="wolfExamples.c" />
+    <ClCompile Include="..\..\wolfcrypt\test\test.c" />
+    <ClCompile Include="..\..\wolfcrypt\benchmark\benchmark.c" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="user_settings.h" />
+    <ClInclude Include="wolfExamples.h" />
+  </ItemGroup>
+  <PropertyGroup Label="Globals">
+    <ProjectGuid>{557A7EFD-2627-478A-A855-50F518DD13EE}</ProjectGuid>
+    <ProjectName>wolfExamples</ProjectName>
+    <WindowsTargetPlatformVersion>8.1</WindowsTargetPlatformVersion>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|INtime'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <CharacterSet>NotSet</CharacterSet>
+    <PlatformToolset>v140</PlatformToolset>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|INtime'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <WholeProgramOptimization>false</WholeProgramOptimization>
+    <CharacterSet>NotSet</CharacterSet>
+    <PlatformToolset>v140</PlatformToolset>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+  <ImportGroup Label="ExtensionSettings">
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|INtime'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|INtime'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|INtime'">
+    <IntDir>$(Configuration)_$(ProjectName)\</IntDir>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|INtime'">
+    <IntDir>$(Configuration)_$(ProjectName)\</IntDir>
+  </PropertyGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|INtime'">
+    <ClCompile>
+    </ClCompile>
+    <Link>
+      <Version>21076.20053</Version>
+      <AdditionalOptions>/SAFESEH:NO %(AdditionalOptions)</AdditionalOptions>
+      <AdditionalDependencies>rt.lib;pcibus.lib;netlib.lib;clib.lib;vshelper.lib;libwolfssl.lib</AdditionalDependencies>
+      <OutputFile>$(SolutionDir)$(Configuration)\\wolfExamples.rta</OutputFile>
+      <AdditionalLibraryDirectories>$(ProjectDir)$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
+    </Link>
+    <ClCompile>
+      <ExceptionHandling>Async</ExceptionHandling>
+      <PreprocessorDefinitions>WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <AdditionalIncludeDirectories>$(ProjectDir);$(ProjectDir)..\..\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AssemblerListingLocation>$(IntDir)</AssemblerListingLocation>
+      <ObjectFileName>$(IntDir)</ObjectFileName>
+      <ProgramDataBaseFileName>$(IntDir)vc$(PlatformToolsetVersion).pdb</ProgramDataBaseFileName>
+      <XMLDocumentationFileName>$(IntDir)</XMLDocumentationFileName>
+    </ClCompile>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|INtime'">
+    <ClCompile>
+    </ClCompile>
+    <Link>
+      <Version>21076.20053</Version>
+      <AdditionalOptions>/SAFESEH:NO %(AdditionalOptions)</AdditionalOptions>
+      <AdditionalDependencies>rt.lib;pcibus.lib;netlib.lib;clib.lib;vshelper.lib;libwolfssl.lib</AdditionalDependencies>
+      <OutputFile>$(SolutionDir)$(Configuration)\\wolfExamples.rta</OutputFile>
+      <AdditionalLibraryDirectories>$(ProjectDir)$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
+    </Link>
+    <ClCompile>
+      <ExceptionHandling>Async</ExceptionHandling>
+      <PreprocessorDefinitions>WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <AdditionalIncludeDirectories>$(ProjectDir);$(ProjectDir)..\..\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AssemblerListingLocation>$(IntDir)</AssemblerListingLocation>
+      <ObjectFileName>$(IntDir)</ObjectFileName>
+      <ProgramDataBaseFileName>$(IntDir)vc$(PlatformToolsetVersion).pdb</ProgramDataBaseFileName>
+      <XMLDocumentationFileName>$(IntDir)</XMLDocumentationFileName>
+    </ClCompile>
+  </ItemDefinitionGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+  <ImportGroup Label="ExtensionTargets">
+  </ImportGroup>
+</Project>

IDE/LINUX-SGX/README.md

@@ -0,0 +1,25 @@
+# Static Library: Building libwolfssl.sgx.static.lib.a for use with SGX Enclaves
+
+### Requirements:
+This code was created to use Intel's SGX hardware. It is expected that the user has gone through the steps of both turning on the hardware in bios if needed and has installed the necesary software from Intel to make use of the hardware. (https://software.intel.com/en-us/sgx) If these steps have not been done then it is expected that the user is familure with simulation software being used in place of hardware.
+
+### Overview and Build:
+This project creates a static library to then link with Enclaves. A simple example of an Enclave linking to the created wolfSSL library can be found in wolfssl-examples on github. This project has been tested with gcc 5.4.0 on Ubuntu 16.04.
+
+To create the static library, simply call make:
+
+`make -f sgx_t_static.mk all`
+
+This will create a local static library, libwolfssl.sgx.static.lib.a, that can be linked with SGX enclaves to access wolfSSL APIs using SGX hardware.
+
+### Customization:
+    To enable wolfssl debug, add CFLAGS=-DDEBUG_WOLFSSL.
+    To enable wolfssl benchmark tests with enclave, specify: HAVE_WOLFSSL_BENCHMARK at build
+    To enable wolfcrypt testsuite with enclave, specify: HAVE_WOLFSSL_TEST at build
+
+For example, to enable all three:
+`make -f sgx_t_static.mk CFLAGS=-DDEBUG_WOLFSSL HAVE_WOLFSSL_BENCHMARK=1 HAVE_WOLFSSL_TEST=1`
+
+### Limitations:
+    Single Threaded (multiple threaded applications have not been tested)
+    AES-NI use with SGX has not been added in yet

IDE/LINUX-SGX/include.am

@@ -0,0 +1,6 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST+= IDE/LINUX-SGX/README.md
+EXTRA_DIST+= IDE/LINUX-SGX/sgx_t_static.mk

IDE/LINUX-SGX/sgx_t_static.mk

@@ -0,0 +1,145 @@
+######## Intel(R) SGX SDK Settings ########
+SGX_SDK ?= /opt/intel/sgxsdk
+SGX_MODE ?= SIM
+SGX_ARCH ?= x64
+WOLFSSL_ROOT ?= $(shell readlink -f ../..)
+
+ifeq ($(shell getconf LONG_BIT), 32)
+	SGX_ARCH := x86
+else ifeq ($(findstring -m32, $(CXXFLAGS)), -m32)
+	SGX_ARCH := x86
+endif
+
+ifeq ($(SGX_ARCH), x86)
+	SGX_COMMON_CFLAGS := -m32
+	SGX_LIBRARY_PATH := $(SGX_SDK)/lib
+	SGX_ENCLAVE_SIGNER := $(SGX_SDK)/bin/x86/sgx_sign
+	SGX_EDGER8R := $(SGX_SDK)/bin/x86/sgx_edger8r
+else
+	SGX_COMMON_CFLAGS := -m64
+	SGX_LIBRARY_PATH := $(SGX_SDK)/lib64
+	SGX_ENCLAVE_SIGNER := $(SGX_SDK)/bin/x64/sgx_sign
+	SGX_EDGER8R := $(SGX_SDK)/bin/x64/sgx_edger8r
+endif
+
+ifeq ($(SGX_DEBUG), 1)
+ifeq ($(SGX_PRERELEASE), 1)
+$(error Cannot set SGX_DEBUG and SGX_PRERELEASE at the same time!!)
+endif
+endif
+
+ifeq ($(SGX_DEBUG), 1)
+        SGX_COMMON_CFLAGS += -O0 -g
+else
+        SGX_COMMON_CFLAGS += -O2
+endif
+
+ifneq ($(SGX_MODE), HW)
+	Trts_Library_Name := sgx_trts_sim
+	Service_Library_Name := sgx_tservice_sim
+else
+	Trts_Library_Name := sgx_trts
+	Service_Library_Name := sgx_tservice
+endif
+
+Crypto_Library_Name := sgx_tcrypto
+
+Wolfssl_C_Extra_Flags := -DWOLFSSL_SGX
+Wolfssl_C_Files :=$(WOLFSSL_ROOT)/wolfcrypt/src/aes.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/arc4.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/asn.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/blake2b.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/camellia.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/coding.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/chacha.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/chacha20_poly1305.c\
+					$(WOLFSSL_ROOT)/src/crl.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/des3.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/dh.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/tfm.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/ecc.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/error.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/hash.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/hc128.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/hmac.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/integer.c\
+					$(WOLFSSL_ROOT)/src/internal.c\
+					$(WOLFSSL_ROOT)/src/io.c\
+					$(WOLFSSL_ROOT)/src/keys.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/logging.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/md4.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/md5.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/memory.c\
+					$(WOLFSSL_ROOT)/src/ocsp.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/pkcs7.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/pkcs12.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/poly1305.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/wc_port.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/wolfmath.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/pwdbased.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/rabbit.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/random.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/ripemd.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/rsa.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/dsa.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/sha.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/sha256.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/sha512.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/signature.c\
+					$(WOLFSSL_ROOT)/src/ssl.c\
+					$(WOLFSSL_ROOT)/src/tls.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/wc_encrypt.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/wolfevent.c\
+
+Wolfssl_Include_Paths := -I$(WOLFSSL_ROOT)/ \
+						 -I$(WOLFSSL_ROOT)/wolfcrypt/ \
+						 -I$(SGX_SDK)/include -I$(SGX_SDK)/include/tlibc -I$(SGX_SDK)/include/stlport
+
+ifeq ($(HAVE_WOLFSSL_TEST), 1)
+	Wolfssl_Include_Paths += -I$(WOLFSSL_ROOT)/wolfcrypt/test
+	Wolfssl_C_Files += $(WOLFSSL_ROOT)/wolfcrypt/test/test.c
+endif
+
+ifeq ($(HAVE_WOLFSSL_BENCHMARK), 1)
+	Wolfssl_C_Files += $(WOLFSSL_ROOT)/wolfcrypt/benchmark/benchmark.c
+	Wolfssl_Include_Paths += -I$(WOLFSSL_ROOT)/wolfcrypt/benchmark/
+endif
+
+
+
+Flags_Just_For_C := -Wno-implicit-function-declaration -std=c11
+Common_C_Cpp_Flags := $(SGX_COMMON_CFLAGS) -nostdinc -fvisibility=hidden -fpie -fstack-protector $(Wolfssl_Include_Paths) -fno-builtin-printf -I.
+Wolfssl_C_Flags := $(Flags_Just_For_C) $(Common_C_Cpp_Flags) $(Wolfssl_C_Extra_Flags)
+
+Wolfssl_Link_Flags := $(SGX_COMMON_CFLAGS) -Wl,--no-undefined -nostdlib -nodefaultlibs -nostartfiles -L$(SGX_LIBRARY_PATH) \
+	-Wl,--whole-archive -l$(Trts_Library_Name) -Wl,--no-whole-archive \
+	-Wl,--start-group -lsgx_tstdc -lsgx_tstdcxx -l$(Crypto_Library_Name) -l$(Service_Library_Name) -Wl,--end-group \
+	-Wl,-Bstatic -Wl,-Bsymbolic -Wl,--no-undefined \
+	-Wl,-pie,-eenclave_entry -Wl,--export-dynamic  \
+	-Wl,--defsym,__ImageBase=0 \
+	-Wl,--version-script=trusted/wolfcrypt.lds
+
+Wolfssl_C_Objects := $(Wolfssl_C_Files:.c=.o)
+
+ifeq ($(SGX_MODE), HW)
+ifneq ($(SGX_DEBUG), 1)
+ifneq ($(SGX_PRERELEASE), 1)
+Build_Mode = HW_RELEASE
+endif
+endif
+endif
+
+override CFLAGS += $(Wolfssl_C_Flags)
+
+.PHONY: all run
+
+all: libwolfssl.sgx.static.lib.a
+
+######## WolfSSL Objects ########
+
+libwolfssl.sgx.static.lib.a: $(Wolfssl_C_Objects)
+	ar rcs libwolfssl.sgx.static.lib.a $(Wolfssl_C_Objects)
+	@echo "LINK =>  $@"
+
+clean:
+	@rm -f wolfcrypt.* static_trusted/wolfssl_t.* libwolfssl.sgx.static.lib.a  $(Wolfssl_C_Objects)

IDE/MYSQL/CMakeLists_wolfCrypt.txt

@@ -27,9 +27,9 @@ SET(WOLFCRYPT_SOURCES		src/aes.c src/arc4.c src/asn.c src/blake2b.c
         src/camellia.c src/chacha.c src/coding.c src/compress.c src/des3.c
         src/dh.c src/dsa.c src/ecc.c src/error.c src/hc128.c src/hmac.c
         src/integer.c src/logging.c src/md2.c src/md4.c src/md5.c src/memory.c
-        src/pkcs7.c src/poly1305.c src/pwdbased.c src/rabbit.c
+        src/pkcs7.c src/pkcs12.c src/poly1305.c src/pwdbased.c src/rabbit.c
         src/random.c src/ripemd.c src/rsa.c src/sha.c src/sha256.c src/sha512.c
-        src/tfm.c src/wc_port.c src/wc_encrypt.c src/hash.c
+        src/tfm.c src/wc_port.c src/wc_encrypt.c src/hash.c src/wolfmath.c
         ../wolfssl/wolfcrypt/aes.h ../wolfssl/wolfcrypt/arc4.h ../wolfssl/wolfcrypt/asn.h ../wolfssl/wolfcrypt/blake2.h
         ../wolfssl/wolfcrypt/camellia.h ../wolfssl/wolfcrypt/chacha.h ../wolfssl/wolfcrypt/coding.h ../wolfssl/wolfcrypt/compress.h ../wolfssl/wolfcrypt/des3.h
         ../wolfssl/wolfcrypt/dh.h ../wolfssl/wolfcrypt/dsa.h ../wolfssl/wolfcrypt/ecc.h ../wolfssl/wolfcrypt/error-crypt.h ../wolfssl/wolfcrypt/hc128.h ../wolfssl/wolfcrypt/hmac.h
@@ -42,7 +42,6 @@ SET(WOLFCRYPT_SOURCES		src/aes.c src/arc4.c src/asn.c src/blake2b.c
 # misc.c is not compiled in since using INLINE
 
 ADD_CONVENIENCE_LIBRARY(wolfcrypt ${WOLFCRYPT_SOURCES})
-RESTRICT_SYMBOL_EXPORTS(wolfcrypt)
 
 IF(MSVC)
    INSTALL_DEBUG_TARGET(wolfcrypt DESTINATION ${INSTALL_LIBDIR}/debug)

IDE/MYSQL/CMakeLists_wolfSSL.txt

@@ -35,7 +35,6 @@ SET(WOLFSSL_SOURCES  src/crl.c src/internal.c src/keys.c src/sniffer.c
                                 ../../client/get_password.c )
 
 ADD_CONVENIENCE_LIBRARY(wolfssl ${WOLFSSL_SOURCES})
-RESTRICT_SYMBOL_EXPORTS(wolfssl)
 
 IF(MSVC)
    INSTALL_DEBUG_TARGET(wolfssl DESTINATION ${INSTALL_LIBDIR}/debug)

IDE/OPENSTM32/.cproject

@@ -0,0 +1,148 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<?fileVersion 4.0.0?><cproject storage_type_id="org.eclipse.cdt.core.XmlProjectDescriptionStorage">
+	<storageModule moduleId="org.eclipse.cdt.core.settings">
+		<cconfiguration id="fr.ac6.managedbuild.config.gnu.cross.exe.debug.333134738">
+			<storageModule buildSystemId="org.eclipse.cdt.managedbuilder.core.configurationDataProvider" id="fr.ac6.managedbuild.config.gnu.cross.exe.debug.333134738" moduleId="org.eclipse.cdt.core.settings" name="Debug">
+				<externalSettings/>
+				<extensions>
+					<extension id="org.eclipse.cdt.core.GASErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GmakeErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GLDErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.CWDLocator" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GCCErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.ELF" point="org.eclipse.cdt.core.BinaryParser"/>
+				</extensions>
+			</storageModule>
+			<storageModule moduleId="cdtBuildSystem" version="4.0.0">
+				<configuration artifactExtension="elf" artifactName="wolfSTM32" buildArtefactType="org.eclipse.cdt.build.core.buildArtefactType.exe" buildProperties="org.eclipse.cdt.build.core.buildType=org.eclipse.cdt.build.core.buildType.debug,org.eclipse.cdt.build.core.buildArtefactType=org.eclipse.cdt.build.core.buildArtefactType.exe" cleanCommand="rm -rf" description="" id="fr.ac6.managedbuild.config.gnu.cross.exe.debug.333134738" name="Debug" parent="fr.ac6.managedbuild.config.gnu.cross.exe.debug" postannouncebuildStep="Generating binary and Printing size information:" postbuildStep="arm-none-eabi-objcopy -O binary &quot;${BuildArtifactFileBaseName}.elf&quot; &quot;${BuildArtifactFileBaseName}.bin&quot; &amp;&amp; arm-none-eabi-size &quot;${BuildArtifactFileName}&quot;">
+					<folderInfo id="fr.ac6.managedbuild.config.gnu.cross.exe.debug.333134738." name="/" resourcePath="">
+						<toolChain id="fr.ac6.managedbuild.toolchain.gnu.cross.exe.debug.843637882" name="Ac6 STM32 MCU GCC" superClass="fr.ac6.managedbuild.toolchain.gnu.cross.exe.debug">
+							<option id="fr.ac6.managedbuild.option.gnu.cross.prefix.1949238642" name="Prefix" superClass="fr.ac6.managedbuild.option.gnu.cross.prefix" value="arm-none-eabi-" valueType="string"/>
+							<option id="fr.ac6.managedbuild.option.gnu.cross.mcu.376579966" name="Mcu" superClass="fr.ac6.managedbuild.option.gnu.cross.mcu" value="STM32F437IIHx" valueType="string"/>
+							<option id="fr.ac6.managedbuild.option.gnu.cross.board.1728284212" name="Board" superClass="fr.ac6.managedbuild.option.gnu.cross.board" value="wolfSTM32" valueType="string"/>
+							<option id="fr.ac6.managedbuild.option.gnu.cross.instructionSet.1788799131" name="Instruction Set" superClass="fr.ac6.managedbuild.option.gnu.cross.instructionSet" value="fr.ac6.managedbuild.option.gnu.cross.instructionSet.thumbII" valueType="enumerated"/>
+							<option id="fr.ac6.managedbuild.option.gnu.cross.fpu.1457764954" name="Floating point hardware" superClass="fr.ac6.managedbuild.option.gnu.cross.fpu" value="fr.ac6.managedbuild.option.gnu.cross.fpu.fpv4-sp-d16" valueType="enumerated"/>
+							<option id="fr.ac6.managedbuild.option.gnu.cross.floatabi.1684707596" name="Floating-point ABI" superClass="fr.ac6.managedbuild.option.gnu.cross.floatabi" value="fr.ac6.managedbuild.option.gnu.cross.floatabi.hard" valueType="enumerated"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="fr.ac6.managedbuild.targetPlatform.gnu.cross.774322166" isAbstract="false" osList="all" superClass="fr.ac6.managedbuild.targetPlatform.gnu.cross"/>
+							<builder buildPath="${workspace_loc:/wolfSTM32}/Debug" id="fr.ac6.managedbuild.builder.gnu.cross.847313553" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="Gnu Make Builder" superClass="fr.ac6.managedbuild.builder.gnu.cross">
+								<outputEntries>
+									<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="outputPath" name="Debug"/>
+									<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="outputPath" name="Release"/>
+								</outputEntries>
+							</builder>
+							<tool id="fr.ac6.managedbuild.tool.gnu.cross.c.compiler.758134809" name="MCU GCC Compiler" superClass="fr.ac6.managedbuild.tool.gnu.cross.c.compiler">
+								<option defaultValue="gnu.c.optimization.level.none" id="fr.ac6.managedbuild.gnu.c.compiler.option.optimization.level.2077803707" name="Optimization Level" superClass="fr.ac6.managedbuild.gnu.c.compiler.option.optimization.level" useByScannerDiscovery="false" value="fr.ac6.managedbuild.gnu.c.optimization.level.size" valueType="enumerated"/>
+								<option id="gnu.c.compiler.option.debugging.level.256754301" name="Debug Level" superClass="gnu.c.compiler.option.debugging.level" useByScannerDiscovery="false" value="gnu.c.debugging.level.max" valueType="enumerated"/>
+								<option id="gnu.c.compiler.option.include.paths.32506161" name="Include paths (-I)" superClass="gnu.c.compiler.option.include.paths" useByScannerDiscovery="false" valueType="includePath">
+									<listOptionValue builtIn="false" value="../Inc"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/LwIP/src/include"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/LwIP/system"/>
+									<listOptionValue builtIn="false" value="../Drivers/STM32F4xx_HAL_Driver/Inc"/>
+									<listOptionValue builtIn="false" value="../Drivers/STM32F4xx_HAL_Driver/Inc/Legacy"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/FreeRTOS/Source/portable/GCC/ARM_CM4F"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/FreeRTOS/Source/include"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/FreeRTOS/Source/CMSIS_RTOS"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/LwIP/src/include/lwip"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/LwIP/src/include/lwip/apps"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/LwIP/src/include/lwip/priv"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/LwIP/src/include/netif"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/LwIP/src/include/netif/ppp"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/LwIP/src/include/netif/ppp/polarssl"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/LwIP/src/include/posix"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/LwIP/src/include/posix/sys"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/LwIP/system/arch"/>
+									<listOptionValue builtIn="false" value="../Drivers/CMSIS/Include"/>
+									<listOptionValue builtIn="false" value="../Drivers/CMSIS/Device/ST/STM32F4xx/Include"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/wolfSSL"/>
+									<listOptionValue builtIn="false" value="&quot;${ProjDirPath}/../..&quot;"/>
+								</option>
+								<option id="gnu.c.compiler.option.preprocessor.def.symbols.1556589411" name="Defined symbols (-D)" superClass="gnu.c.compiler.option.preprocessor.def.symbols" useByScannerDiscovery="false" valueType="definedSymbols">
+									<listOptionValue builtIn="false" value="__weak=&quot;__attribute__((weak))&quot;"/>
+									<listOptionValue builtIn="false" value="__packed=&quot;__attribute__((__packed__))&quot;"/>
+									<listOptionValue builtIn="false" value="USE_HAL_DRIVER"/>
+									<listOptionValue builtIn="false" value="STM32F437xx"/>
+									<listOptionValue builtIn="false" value="WOLFSSL_USER_SETTINGS"/>
+								</option>
+								<option id="fr.ac6.managedbuild.gnu.c.compiler.option.misc.other.220656184" superClass="fr.ac6.managedbuild.gnu.c.compiler.option.misc.other" useByScannerDiscovery="false" value="-fmessage-length=0" valueType="string"/>
+								<inputType id="fr.ac6.managedbuild.tool.gnu.cross.c.compiler.input.c.1396985810" superClass="fr.ac6.managedbuild.tool.gnu.cross.c.compiler.input.c"/>
+								<inputType id="fr.ac6.managedbuild.tool.gnu.cross.c.compiler.input.s.982473797" superClass="fr.ac6.managedbuild.tool.gnu.cross.c.compiler.input.s"/>
+							</tool>
+							<tool id="fr.ac6.managedbuild.tool.gnu.cross.cpp.compiler.126736225" name="MCU G++ Compiler" superClass="fr.ac6.managedbuild.tool.gnu.cross.cpp.compiler">
+								<option id="gnu.cpp.compiler.option.optimization.level.1227596527" name="Optimization Level" superClass="gnu.cpp.compiler.option.optimization.level" useByScannerDiscovery="false" value="gnu.cpp.compiler.optimization.level.none" valueType="enumerated"/>
+								<option id="gnu.cpp.compiler.option.debugging.level.681841413" name="Debug Level" superClass="gnu.cpp.compiler.option.debugging.level" useByScannerDiscovery="false" value="gnu.cpp.compiler.debugging.level.max" valueType="enumerated"/>
+							</tool>
+							<tool id="fr.ac6.managedbuild.tool.gnu.cross.c.linker.839339759" name="MCU GCC Linker" superClass="fr.ac6.managedbuild.tool.gnu.cross.c.linker">
+								<option id="fr.ac6.managedbuild.tool.gnu.cross.c.linker.script.1396145839" name="Linker Script (-T)" superClass="fr.ac6.managedbuild.tool.gnu.cross.c.linker.script" value="../STM32F437IIHx_FLASH.ld" valueType="string"/>
+								<option id="gnu.c.link.option.libs.1850337364" name="Libraries (-l)" superClass="gnu.c.link.option.libs"/>
+								<option id="gnu.c.link.option.paths.1061728683" name="Library search path (-L)" superClass="gnu.c.link.option.paths"/>
+								<option id="gnu.c.link.option.ldflags.484312202" name="Linker flags" superClass="gnu.c.link.option.ldflags" value="--specs=nosys.specs --specs=nano.specs -u _printf_float" valueType="string"/>
+								<inputType id="cdt.managedbuild.tool.gnu.c.linker.input.210434878" superClass="cdt.managedbuild.tool.gnu.c.linker.input">
+									<additionalInput kind="additionalinputdependency" paths="$(USER_OBJS)"/>
+									<additionalInput kind="additionalinput" paths="$(LIBS)"/>
+								</inputType>
+							</tool>
+							<tool id="fr.ac6.managedbuild.tool.gnu.cross.cpp.linker.1401311113" name="MCU G++ Linker" superClass="fr.ac6.managedbuild.tool.gnu.cross.cpp.linker"/>
+							<tool id="fr.ac6.managedbuild.tool.gnu.archiver.801849405" name="MCU GCC Archiver" superClass="fr.ac6.managedbuild.tool.gnu.archiver"/>
+							<tool id="fr.ac6.managedbuild.tool.gnu.cross.assembler.1576695062" name="MCU GCC Assembler" superClass="fr.ac6.managedbuild.tool.gnu.cross.assembler">
+								<option id="gnu.both.asm.option.include.paths.2012591676" name="Include paths (-I)" superClass="gnu.both.asm.option.include.paths" valueType="includePath">
+									<listOptionValue builtIn="false" value=""/>
+								</option>
+								<inputType id="cdt.managedbuild.tool.gnu.assembler.input.1181863627" superClass="cdt.managedbuild.tool.gnu.assembler.input"/>
+								<inputType id="fr.ac6.managedbuild.tool.gnu.cross.assembler.input.1455097577" superClass="fr.ac6.managedbuild.tool.gnu.cross.assembler.input"/>
+							</tool>
+						</toolChain>
+					</folderInfo>
+					<folderInfo id="fr.ac6.managedbuild.config.gnu.cross.exe.debug.333134738.1915068927" name="/" resourcePath="Middlewares/Third_Party/wolfMQTT/examples/aws">
+						<toolChain id="fr.ac6.managedbuild.toolchain.gnu.cross.exe.debug.173956589" name="Ac6 STM32 MCU GCC" superClass="fr.ac6.managedbuild.toolchain.gnu.cross.exe.debug" unusedChildren="">
+							<option id="fr.ac6.managedbuild.option.gnu.cross.prefix.1949238642.698225202" name="Prefix" superClass="fr.ac6.managedbuild.option.gnu.cross.prefix.1949238642"/>
+							<option id="fr.ac6.managedbuild.option.gnu.cross.mcu.376579966.2068115060" name="Mcu" superClass="fr.ac6.managedbuild.option.gnu.cross.mcu.376579966"/>
+							<option id="fr.ac6.managedbuild.option.gnu.cross.board.1728284212.1905622558" name="Board" superClass="fr.ac6.managedbuild.option.gnu.cross.board.1728284212"/>
+							<option id="fr.ac6.managedbuild.option.gnu.cross.instructionSet.1788799131.1271602884" name="Instruction Set" superClass="fr.ac6.managedbuild.option.gnu.cross.instructionSet.1788799131"/>
+							<option id="fr.ac6.managedbuild.option.gnu.cross.fpu.1457764954.1755766601" name="Floating point hardware" superClass="fr.ac6.managedbuild.option.gnu.cross.fpu.1457764954"/>
+							<option id="fr.ac6.managedbuild.option.gnu.cross.floatabi.1684707596.2053579499" name="Floating-point ABI" superClass="fr.ac6.managedbuild.option.gnu.cross.floatabi.1684707596"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="fr.ac6.managedbuild.targetPlatform.gnu.cross" isAbstract="false" osList="all" superClass="fr.ac6.managedbuild.targetPlatform.gnu.cross"/>
+							<tool id="fr.ac6.managedbuild.tool.gnu.cross.c.compiler.542548012" name="MCU GCC Compiler" superClass="fr.ac6.managedbuild.tool.gnu.cross.c.compiler.758134809">
+								<inputType id="fr.ac6.managedbuild.tool.gnu.cross.c.compiler.input.c.603917146" superClass="fr.ac6.managedbuild.tool.gnu.cross.c.compiler.input.c"/>
+								<inputType id="fr.ac6.managedbuild.tool.gnu.cross.c.compiler.input.s.834662647" superClass="fr.ac6.managedbuild.tool.gnu.cross.c.compiler.input.s"/>
+							</tool>
+							<tool id="fr.ac6.managedbuild.tool.gnu.cross.cpp.compiler.1959620380" name="MCU G++ Compiler" superClass="fr.ac6.managedbuild.tool.gnu.cross.cpp.compiler.126736225"/>
+							<tool id="fr.ac6.managedbuild.tool.gnu.cross.c.linker.625780673" name="MCU GCC Linker" superClass="fr.ac6.managedbuild.tool.gnu.cross.c.linker.839339759"/>
+							<tool id="fr.ac6.managedbuild.tool.gnu.cross.cpp.linker.2035924639" name="MCU G++ Linker" superClass="fr.ac6.managedbuild.tool.gnu.cross.cpp.linker.1401311113"/>
+							<tool id="fr.ac6.managedbuild.tool.gnu.archiver.859849169" name="MCU GCC Archiver" superClass="fr.ac6.managedbuild.tool.gnu.archiver.801849405"/>
+							<tool id="fr.ac6.managedbuild.tool.gnu.cross.assembler.322401756" name="MCU GCC Assembler" superClass="fr.ac6.managedbuild.tool.gnu.cross.assembler.1576695062">
+								<inputType id="cdt.managedbuild.tool.gnu.assembler.input.1288485713" superClass="cdt.managedbuild.tool.gnu.assembler.input"/>
+								<inputType id="fr.ac6.managedbuild.tool.gnu.cross.assembler.input.1780998132" superClass="fr.ac6.managedbuild.tool.gnu.cross.assembler.input"/>
+							</tool>
+						</toolChain>
+					</folderInfo>
+					<sourceEntries>
+						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="Drivers"/>
+						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="Inc"/>
+						<entry excluding="Third_Party/wolfSSL/src/bio.c|Third_Party/wolfSSL/wolfcrypt/src/evp.c|Third_Party/wolfSSL/wolfcrypt/src/misc.c|Third_Party/wolfSSL/wrapper|Third_Party/wolfSSL/support|Third_Party/wolfSSL/sslSniffer|Third_Party/wolfSSL/scripts|Third_Party/wolfSSL/rpm|Third_Party/wolfSSL/mcapi|Third_Party/wolfSSL/m4|Third_Party/wolfSSL/lib|Third_Party/wolfSSL/IPP|Third_Party/wolfSSL/examples|Third_Party/wolfSSL/doc|Third_Party/wolfSSL/cyassl|Third_Party/wolfSSL/ctaocrypt|Third_Party/wolfSSL/certs|Third_Party/wolfSSL/build-aux|Third_Party/wolfSSL/autom4te.cache|Third_Party/wolfSSL/IDE|Third_Party/wolfSSL/mplabx|Third_Party/wolfSSL/mqx|Third_Party/wolfSSL/swig|Third_Party/wolfSSL/tests|Third_Party/wolfSSL/testsuite|Third_Party/wolfSSL/tirtos|Third_Party/wolfSSL/wolfcrypt/src/aes_asm.s|Third_Party/wolfSSL/wolfcrypt/src/aes_asm.asm|Third_Party/wolfSSL/wolfcrypt/user-crypto" flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="Middlewares"/>
+						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="Src"/>
+					</sourceEntries>
+				</configuration>
+			</storageModule>
+			<storageModule moduleId="org.eclipse.cdt.core.externalSettings"/>
+		</cconfiguration>
+	</storageModule>
+	<storageModule moduleId="cdtBuildSystem" version="4.0.0">
+		<project id="wolfSTM32.fr.ac6.managedbuild.target.gnu.cross.exe.1782078835" name="Executable" projectType="fr.ac6.managedbuild.target.gnu.cross.exe"/>
+	</storageModule>
+	<storageModule moduleId="scannerConfiguration">
+		<autodiscovery enabled="true" problemReportingEnabled="true" selectedProfileId=""/>
+		<scannerConfigBuildInfo instanceId="fr.ac6.managedbuild.config.gnu.cross.exe.debug.333134738;fr.ac6.managedbuild.config.gnu.cross.exe.debug.333134738.;fr.ac6.managedbuild.tool.gnu.cross.c.compiler.758134809;fr.ac6.managedbuild.tool.gnu.cross.c.compiler.input.c.1396985810">
+			<autodiscovery enabled="false" problemReportingEnabled="true" selectedProfileId=""/>
+		</scannerConfigBuildInfo>
+		<!--scannerConfigBuildInfo instanceId="fr.ac6.managedbuild.config.gnu.cross.exe.release.$(RELEASE_CONFIG_UID);fr.ac6.managedbuild.config.gnu.cross.exe.release.$(RELEASE_CONFIG_UID).;fr.ac6.managedbuild.tool.gnu.cross.c.compiler.$(RELEASE_TOOL_COMPILER_UID);cdt.managedbuild.tool.gnu.c.compiler.input.$(RELEASE_TOOL_COMPILER_INPUT_UID)">
+			<autodiscovery enabled="false" problemReportingEnabled="true" selectedProfileId=""/>
+		</scannerConfigBuildInfo-->
+	</storageModule>
+	<storageModule moduleId="org.eclipse.cdt.core.LanguageSettingsProviders"/>
+	<storageModule moduleId="refreshScope" versionNumber="2">
+		<configuration configurationName="Debug">
+			<resource resourceType="PROJECT" workspacePath="/wolfSTM32"/>
+		</configuration>
+	</storageModule>
+	<storageModule moduleId="org.eclipse.cdt.internal.ui.text.commentOwnerProjectMappings"/>
+</cproject>

IDE/OPENSTM32/Inc/lwipopts.h

@@ -0,0 +1,105 @@
+/* Define to prevent recursive inclusion --------------------------------------*/
+#ifndef __LWIPOPTS__H__
+#define __LWIPOPTS__H__
+
+#include "stm32f4xx_hal.h"
+
+/*-----------------------------------------------------------------------------*/
+/* Current version of LwIP supported by CubeMx: 1.5.0_RC0_20160211 -*/
+/*-----------------------------------------------------------------------------*/
+
+/* Within 'USER CODE' section, code will be kept by default at each generation */
+/* USER CODE BEGIN 0 */
+
+/* USER CODE END 0 */
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/* STM32CubeMX Specific Parameters (not defined in opt.h) ---------------------*/
+/* Parameters set in STM32CubeMX LwIP Configuration GUI -*/
+/*----- WITH_RTOS enabled (Since FREERTOS is set) -----*/
+#define WITH_RTOS 1
+/*----- CHECKSUM_BY_HARDWARE disabled -----*/
+#define CHECKSUM_BY_HARDWARE 0
+/*-----------------------------------------------------------------------------*/
+
+/* LwIP Stack Parameters (modified compared to initialization value in opt.h) -*/
+/* Parameters set in STM32CubeMX LwIP Configuration GUI -*/
+/*----- Value in opt.h for LWIP_DHCP: 0 -----*/
+#define LWIP_DHCP 1
+/*----- Value in opt.h for MEM_ALIGNMENT: 1 -----*/
+#define MEM_ALIGNMENT 4
+/*----- Value in opt.h for MEMP_NUM_SYS_TIMEOUT: (LWIP_TCP + IP_REASSEMBLY + LWIP_ARP + (2*LWIP_DHCP) + LWIP_AUTOIP + LWIP_IGMP + LWIP_DNS + (PPP_SUPPORT*6*MEMP_NUM_PPP_PCB) + (LWIP_IPV6 ? (1 + LWIP_IPV6_REASS + LWIP_IPV6_MLD) : 0)) -*/
+//#define MEMP_NUM_SYS_TIMEOUT 5
+/*----- Value in opt.h for LWIP_ETHERNET: LWIP_ARP || PPPOE_SUPPORT -*/
+#define LWIP_ETHERNET 1
+/*----- Value in opt.h for LWIP_DNS_SECURE: (LWIP_DNS_SECURE_RAND_XID | LWIP_DNS_SECURE_NO_MULTIPLE_OUTSTANDING | LWIP_DNS_SECURE_RAND_SRC_PORT) -*/
+#define LWIP_DNS_SECURE 7
+/*----- Value in opt.h for TCP_SND_QUEUELEN: (4*TCP_SND_BUF + (TCP_MSS - 1))/TCP_MSS -----*/
+#define TCP_SND_QUEUELEN 9
+/*----- Value in opt.h for TCP_SNDLOWAT: LWIP_MIN(LWIP_MAX(((TCP_SND_BUF)/2), (2 * TCP_MSS) + 1), (TCP_SND_BUF) - 1) -*/
+#define TCP_SNDLOWAT 1071
+/*----- Value in opt.h for TCP_SNDQUEUELOWAT: LWIP_MAX(TCP_SND_QUEUELEN)/2, 5) -*/
+#define TCP_SNDQUEUELOWAT 5
+/*----- Value in opt.h for TCP_WND_UPDATE_THRESHOLD: LWIP_MIN(TCP_WND/4, TCP_MSS*4) -----*/
+#define TCP_WND_UPDATE_THRESHOLD 536
+/*----- Value in opt.h for TCPIP_THREAD_STACKSIZE: 0 -----*/
+#define TCPIP_THREAD_STACKSIZE 1024
+/*----- Value in opt.h for TCPIP_THREAD_PRIO: 1 -----*/
+#define TCPIP_THREAD_PRIO 3
+/*----- Value in opt.h for SLIPIF_THREAD_STACKSIZE: 0 -----*/
+#define SLIPIF_THREAD_STACKSIZE 1024
+/*----- Value in opt.h for SLIPIF_THREAD_PRIO: 1 -----*/
+#define SLIPIF_THREAD_PRIO 3
+/*----- Value in opt.h for DEFAULT_THREAD_STACKSIZE: 0 -----*/
+#define DEFAULT_THREAD_STACKSIZE 1024
+/*----- Value in opt.h for DEFAULT_THREAD_PRIO: 1 -----*/
+#define DEFAULT_THREAD_PRIO 3
+/*----- Value in opt.h for LWIP_STATS: 1 -----*/
+#define LWIP_STATS 0
+/*----- Value in opt.h for CHECKSUM_GEN_IP: 1 -----*/
+#define CHECKSUM_GEN_IP 0
+/*----- Value in opt.h for CHECKSUM_GEN_UDP: 1 -----*/
+#define CHECKSUM_GEN_UDP 0
+/*----- Value in opt.h for CHECKSUM_GEN_TCP: 1 -----*/
+#define CHECKSUM_GEN_TCP 0
+/*----- Value in opt.h for CHECKSUM_GEN_ICMP: 1 -----*/
+#define CHECKSUM_GEN_ICMP 0
+/*----- Value in opt.h for CHECKSUM_GEN_ICMP6: 1 -----*/
+#define CHECKSUM_GEN_ICMP6 0
+/*----- Value in opt.h for CHECKSUM_CHECK_IP: 1 -----*/
+#define CHECKSUM_CHECK_IP 0
+/*----- Value in opt.h for CHECKSUM_CHECK_UDP: 1 -----*/
+#define CHECKSUM_CHECK_UDP 0
+/*----- Value in opt.h for CHECKSUM_CHECK_TCP: 1 -----*/
+#define CHECKSUM_CHECK_TCP 0
+/*----- Value in opt.h for CHECKSUM_CHECK_ICMP: 1 -----*/
+#define CHECKSUM_CHECK_ICMP 0
+/*----- Value in opt.h for CHECKSUM_CHECK_ICMP6: 1 -----*/
+#define CHECKSUM_CHECK_ICMP6 0
+/*-----------------------------------------------------------------------------*/
+
+/* Parameter(s) not set in STM32CubeMX LwIP Configuration GUI -*/
+/* LwIP Parameter(s) not in opt.h -----------------------------*/
+#define LWIP_PROVIDE_ERRNO  1
+
+
+#define LWIP_TIMEVAL_PRIVATE 0
+
+#define LWIP_DEBUG 1
+
+#define LWIP_DNS 1
+#define LWIP_SOCKET 1
+#define LWIP_RAW 1
+#define LWIP_NETCONN 1
+
+/* USER CODE BEGIN 1 */
+
+/* USER CODE END 1 */
+
+#ifdef __cplusplus
+}
+#endif
+#endif /*__LWIPOPTS__H_H */

IDE/OPENSTM32/Inc/user_settings.h

@@ -0,0 +1,401 @@
+/* Example wolfSSL user settings for STM32F4 with CubeMX */
+
+#ifndef WOLFSSL_USER_SETTINGS_H
+#define WOLFSSL_USER_SETTINGS_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* ------------------------------------------------------------------------- */
+/* Platform */
+/* ------------------------------------------------------------------------- */
+#undef  WOLFSSL_GENERAL_ALIGNMENT
+#define WOLFSSL_GENERAL_ALIGNMENT   4
+
+#undef  SINGLE_THREADED
+#define SINGLE_THREADED
+
+#undef  WOLFSSL_SMALL_STACK
+#define WOLFSSL_SMALL_STACK
+
+#undef  WOLFSSL_STM32F4
+#define WOLFSSL_STM32F4
+
+#undef  WOLFSSL_STM32_CUBEMX
+#define WOLFSSL_STM32_CUBEMX
+
+#undef  FREERTOS
+//#define FREERTOS
+
+#undef  WOLFSSL_LWIP
+//#define WOLFSSL_LWIP
+
+#define HAVE_LWIP_NATIVE
+
+
+/* ------------------------------------------------------------------------- */
+/* Math Configuration */
+/* ------------------------------------------------------------------------- */
+#undef  USE_FAST_MATH
+#define USE_FAST_MATH
+
+#ifdef USE_FAST_MATH
+    #undef  TFM_TIMING_RESISTANT
+    #define TFM_TIMING_RESISTANT
+
+    #undef  TFM_NO_ASM
+    //#define TFM_NO_ASM
+
+    /* Optimizations (TFM_ARM, TFM_ASM or none) */
+    //#define TFM_ASM
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Crypto */
+/* ------------------------------------------------------------------------- */
+/* ECC */
+#if 1
+    #undef  HAVE_ECC
+    #define HAVE_ECC
+
+    /* Manually define enabled curves */
+    #undef  ECC_USER_CURVES
+    #define ECC_USER_CURVES
+
+    //#define HAVE_ECC192
+    //#define HAVE_ECC224
+    #undef NO_ECC256
+    //#define HAVE_ECC384
+    //#define HAVE_ECC521
+
+    /* Fixed point cache (speeds repeated operations against same private key) */
+    #undef  FP_ECC
+    //#define FP_ECC
+    #ifdef FP_ECC
+        /* Bits / Entries */
+        #undef  FP_ENTRIES
+        #define FP_ENTRIES  2
+        #undef  FP_LUT
+        #define FP_LUT      4
+    #endif
+
+    /* Optional ECC calculation method */
+    /* Note: doubles heap usage, but slightly faster */
+    #undef  ECC_SHAMIR
+    #define ECC_SHAMIR
+
+    /* Reduces heap usage, but slower */
+    #undef  ECC_TIMING_RESISTANT
+    #define ECC_TIMING_RESISTANT
+
+    #ifdef USE_FAST_MATH
+        /* use reduced size math buffers for ecc points */
+        #undef  ALT_ECC_SIZE
+        #define ALT_ECC_SIZE
+
+        /* optionally override the default max ecc bits */
+        //#undef  FP_MAX_BITS_ECC
+        //#define FP_MAX_BITS_ECC     512
+
+        /* Enable TFM optimizations for ECC */
+        //#define TFM_ECC192
+        //#define TFM_ECC224
+        //#define TFM_ECC256
+        //#define TFM_ECC384
+        //#define TFM_ECC521
+    #endif
+#endif
+
+/* RSA */
+#undef NO_RSA
+#if 1
+    #ifdef USE_FAST_MATH
+        /* Maximum math bits (Max RSA key bits * 2) */
+        #undef  FP_MAX_BITS
+        #define FP_MAX_BITS     4096
+    #endif
+
+    /* half as much memory but twice as slow */
+    #undef  RSA_LOW_MEM
+    //#define RSA_LOW_MEM
+
+	/* Enables blinding mode, to prevent timing attacks */
+	#undef  WC_RSA_BLINDING
+	#define WC_RSA_BLINDING
+
+#else
+    #define NO_RSA
+#endif
+
+/* AES */
+#undef NO_AES
+#if 1
+    #undef  HAVE_AESGCM
+    #define HAVE_AESGCM
+
+    #ifdef HAVE_AESGCM
+        /* GCM with hardware acceleration requires AES counter/direct for unaligned sizes */
+        #undef  WOLFSSL_AES_COUNTER
+        #define WOLFSSL_AES_COUNTER
+
+        #undef  WOLFSSL_AES_DIRECT
+        #define WOLFSSL_AES_DIRECT
+    #endif
+
+    /* GCM Method: GCM_SMALL, GCM_WORD32 or GCM_TABLE */
+    #undef  GCM_SMALL
+    #define GCM_SMALL
+#else
+    #define NO_AES
+#endif
+
+/* ChaCha20 / Poly1305 */
+#undef HAVE_CHACHA
+#undef HAVE_POLY1305
+#if 0
+    #define HAVE_CHACHA
+    #define HAVE_POLY1305
+
+    /* Needed for Poly1305 */
+    #undef  HAVE_ONE_TIME_AUTH
+    #define HAVE_ONE_TIME_AUTH
+#endif
+
+/* Ed25519 / Curve25519 */
+#undef HAVE_CURVE25519
+#undef HAVE_ED25519
+#if 0
+    #define HAVE_CURVE25519
+    #define HAVE_ED25519
+
+    /* Optionally use small math (less flash usage, but much slower) */
+    #if 0
+        #define CURVED25519_SMALL
+    #endif
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Hashing */
+/* ------------------------------------------------------------------------- */
+/* Sha */
+#undef NO_SHA
+#if 1
+    /* 1k smaller, but 25% slower */
+    //#define USE_SLOW_SHA
+#else
+    #define NO_SHA
+#endif
+
+/* Sha256 */
+#undef NO_SHA256
+#if 1
+#else
+    #define NO_SHA256
+#endif
+
+/* Sha512 */
+#undef WOLFSSL_SHA512
+#if 1
+    #define WOLFSSL_SHA512
+
+    /* Sha384 */
+    #undef  WOLFSSL_SHA384
+    #if 1
+        #define WOLFSSL_SHA384
+    #endif
+
+    /* over twice as small, but 50% slower */
+    //#define USE_SLOW_SHA2
+#endif
+
+/* MD5 */
+#undef  NO_MD5
+#if 1
+	/* enabled */
+#else
+    #define NO_MD5
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* HW Crypto Acceleration */
+/* ------------------------------------------------------------------------- */
+// See settings.h STM32F4 section
+
+
+/* ------------------------------------------------------------------------- */
+/* Benchmark / Test */
+/* ------------------------------------------------------------------------- */
+/* Use reduced benchmark / test sizes */
+#undef  BENCH_EMBEDDED
+#define BENCH_EMBEDDED
+
+#undef  USE_CERT_BUFFERS_2048
+#define USE_CERT_BUFFERS_2048
+
+#undef  USE_CERT_BUFFERS_256
+#define USE_CERT_BUFFERS_256
+
+
+/* ------------------------------------------------------------------------- */
+/* Debugging */
+/* ------------------------------------------------------------------------- */
+#undef  WOLFSSL_DEBUG
+//#define WOLFSSL_DEBUG
+
+#ifdef WOLFSSL_DEBUG
+    /* Use this to measure / print heap usage */
+    #if 0
+        #undef  USE_WOLFSSL_MEMORY
+        #define USE_WOLFSSL_MEMORY
+
+        #undef  WOLFSSL_TRACK_MEMORY
+        #define WOLFSSL_TRACK_MEMORY
+    #endif
+#else
+    #undef  NO_WOLFSSL_MEMORY
+    #define NO_WOLFSSL_MEMORY
+
+    #undef  NO_ERROR_STRINGS
+    //#define NO_ERROR_STRINGS
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Port */
+/* ------------------------------------------------------------------------- */
+
+/* Override Current Time */
+/* Allows custom "custom_time()" function to be used for benchmark */
+#define WOLFSSL_USER_CURRTIME
+
+
+/* ------------------------------------------------------------------------- */
+/* RNG */
+/* ------------------------------------------------------------------------- */
+/* Size of returned HW RNG value */
+#define CUSTOM_RAND_TYPE      unsigned int
+
+#define NO_OLD_RNGNAME
+
+/* Choose RNG method */
+#if 0
+#if 1
+    /* Use built-in P-RNG (SHA256 based) with HW RNG */
+    /* P-RNG + HW RNG (P-RNG is ~8K) */
+    #undef  HAVE_HASHDRBG
+    #define HAVE_HASHDRBG
+
+    extern unsigned int custom_rand_generate(void);
+    #undef  CUSTOM_RAND_GENERATE
+    #define CUSTOM_RAND_GENERATE  custom_rand_generate
+#else
+    /* Bypass P-RNG and use only HW RNG */
+    extern int custom_rand_generate_block(unsigned char* output, unsigned int sz);
+    #undef  CUSTOM_RAND_GENERATE_BLOCK
+    #define CUSTOM_RAND_GENERATE_BLOCK  custom_rand_generate_block
+#endif
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Enable Features */
+/* ------------------------------------------------------------------------- */
+#undef  KEEP_PEER_CERT
+//#define KEEP_PEER_CERT
+
+#undef  HAVE_COMP_KEY
+//#define HAVE_COMP_KEY
+
+#undef  HAVE_TLS_EXTENSIONS
+#define HAVE_TLS_EXTENSIONS
+
+#undef  HAVE_SUPPORTED_CURVES
+#define HAVE_SUPPORTED_CURVES
+
+#undef  WOLFSSL_BASE64_ENCODE
+//#define WOLFSSL_BASE64_ENCODE
+
+/* TLS Session Cache */
+#if 0
+    #define SMALL_SESSION_CACHE
+#else
+    #define NO_SESSION_CACHE
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Disable Features */
+/* ------------------------------------------------------------------------- */
+#undef  NO_WOLFSSL_SERVER
+//#define NO_WOLFSSL_SERVER
+
+#undef  NO_WOLFSSL_CLIENT
+//#define NO_WOLFSSL_CLIENT
+
+#undef  NO_CRYPT_TEST
+//#define NO_CRYPT_TEST
+
+#undef  NO_CRYPT_BENCHMARK
+//#define NO_CRYPT_BENCHMARK
+
+/* In-lining of misc.c functions */
+/* If defined, must include wolfcrypt/src/misc.c in build */
+/* Slower, but about 1k smaller */
+#undef  NO_INLINE
+//#define NO_INLINE
+
+#undef  NO_FILESYSTEM
+#define NO_FILESYSTEM
+
+#undef  NO_WRITEV
+#define NO_WRITEV
+
+#undef  NO_MAIN_DRIVER
+#define NO_MAIN_DRIVER
+
+#undef  NO_DEV_RANDOM
+#define NO_DEV_RANDOM
+
+#undef  NO_DSA
+#define NO_DSA
+
+#undef  NO_DH
+#define NO_DH
+
+#undef  NO_DES3
+#define NO_DES3
+
+#undef  NO_RC4
+#define NO_RC4
+
+#undef  NO_OLD_TLS
+#define NO_OLD_TLS
+
+#undef  NO_HC128
+#define NO_HC128
+
+#undef  NO_RABBIT
+#define NO_RABBIT
+
+#undef  NO_PSK
+#define NO_PSK
+
+#undef  NO_MD4
+#define NO_MD4
+
+#undef  NO_PWDBASED
+#define NO_PWDBASED
+
+#undef  NO_CODING
+#define NO_CODING
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* WOLFSSL_USER_SETTINGS_H */

IDE/OPENSTM32/Inc/wolfssl_example.h

@@ -0,0 +1,14 @@
+/*
+ * wolfssl_example.h
+ *
+ *  Created on: Oct 3, 2016
+ *      Author: davidgarske
+ */
+
+#ifndef WOLFSSL_EXAMPLE_H_
+#define WOLFSSL_EXAMPLE_H_
+
+void wolfCryptDemo(void const * argument);
+
+
+#endif /* WOLFSSL_EXAMPLE_H_ */

IDE/OPENSTM32/README.md

@@ -0,0 +1,27 @@
+# wolfSSL STM32F2/F4 Example for Open STM32 Tools System Workbench
+
+
+## Requirements
+
+* STM32CubeMX: STM32 CubeMX HAL code generation tool - [http://www.st.com/en/development-tools/stm32cubemx.html](http://www.st.com/en/development-tools/stm32cubemx.html)
+* SystemWorkbench for STM32 - [http://www.st.com/en/development-tools/sw4stm32.html](http://www.st.com/en/development-tools/sw4stm32.html)
+
+## Setup
+
+1. Using the STM32CubeMX tool, load the `<wolfssl-root>/IDE/OPENSTM32/wolfSTM32.ino` file.
+2. Adjust the HAL options based on your specific micro-controller.
+3. Generate source code.
+4. Run `SystemWorkbench` and choose a new workspace location for this project.
+5. Import `wolfSTM32' project from `<wolfssl-root>/IDE/OPENSTM32/`.
+6. Adjust the micro-controller define in `Project Settings -> C/C++ General -> Paths and Symbols -> Symbols -> GNU C`. Example uses `STM32F437xx`, but should be changed to reflect your micro-controller type.
+7. Build and Run
+
+Note: You may need to manually copy over the CubeMX HAL files for `stm32f4xx_hal_cryp.c`, `stm32f4xx_hal_cryp_ex.c`, `stm32f4xx_hal_cryp.h`, `stm32f4xx_hal_cryp_ex.h`. Also uncomment the `#define HAL_CRYP_MODULE_ENABLED` line in `stm32f4xx_hal_conf.h`.
+
+## Configuration
+
+The settings for the wolfSTM32 project are located in `<wolfssl-root>/IDE/OPENSTM32/Inc/user_settings.h`.
+
+## Support
+
+For questions please email [support@wolfssl.com](mailto:support@wolfssl.com)

IDE/OPENSTM32/Src/main.c

@@ -0,0 +1,384 @@
+/* Includes ------------------------------------------------------------------*/
+#include "stm32f4xx.h"
+#include "cmsis_os.h"
+#include "lwip.h"
+#include "wolfssl_example.h"
+
+/* USER CODE BEGIN Includes */
+
+/* USER CODE END Includes */
+
+/* Private variables ---------------------------------------------------------*/
+CRC_HandleTypeDef hcrc;
+
+RNG_HandleTypeDef hrng;
+
+RTC_HandleTypeDef hrtc;
+
+UART_HandleTypeDef huart4;
+
+osThreadId defaultTaskHandle;
+
+/* USER CODE BEGIN PV */
+/* Private variables ---------------------------------------------------------*/
+
+/* USER CODE END PV */
+
+/* Private function prototypes -----------------------------------------------*/
+void SystemClock_Config(void);
+void Error_Handler(void);
+static void MX_GPIO_Init(void);
+static void MX_CRC_Init(void);
+static void MX_RNG_Init(void);
+static void MX_UART4_Init(void);
+static void MX_RTC_Init(void);
+
+/* USER CODE BEGIN PFP */
+/* Private function prototypes -----------------------------------------------*/
+
+/* USER CODE END PFP */
+
+/* USER CODE BEGIN 0 */
+
+/* USER CODE END 0 */
+
+int main(void)
+{
+
+  /* USER CODE BEGIN 1 */
+
+  /* USER CODE END 1 */
+
+  /* MCU Configuration----------------------------------------------------------*/
+
+  /* Reset of all peripherals, Initializes the Flash interface and the Systick. */
+  HAL_Init();
+
+  /* Configure the system clock */
+  SystemClock_Config();
+
+  /* Initialize all configured peripherals */
+  MX_GPIO_Init();
+  MX_CRC_Init();
+  MX_RNG_Init();
+  MX_UART4_Init();
+  MX_RTC_Init();
+
+  /* USER CODE BEGIN 2 */
+
+  /* USER CODE END 2 */
+
+  /* USER CODE BEGIN RTOS_MUTEX */
+  /* add mutexes, ... */
+  /* USER CODE END RTOS_MUTEX */
+
+  /* USER CODE BEGIN RTOS_SEMAPHORES */
+  /* add semaphores, ... */
+  /* USER CODE END RTOS_SEMAPHORES */
+
+  /* USER CODE BEGIN RTOS_TIMERS */
+  /* start timers, add new ones, ... */
+  /* USER CODE END RTOS_TIMERS */
+
+  /* Create the thread(s) */
+  /* definition and creation of defaultTask */
+  osThreadDef(defaultTask, wolfCryptDemo, osPriorityNormal, 0, 24000);
+  defaultTaskHandle = osThreadCreate(osThread(defaultTask), NULL);
+
+  /* USER CODE BEGIN RTOS_THREADS */
+  /* add threads, ... */
+  /* USER CODE END RTOS_THREADS */
+
+  /* USER CODE BEGIN RTOS_QUEUES */
+  /* add queues, ... */
+  /* USER CODE END RTOS_QUEUES */
+
+
+  /* Start scheduler */
+  osKernelStart();
+
+  /* We should never get here as control is now taken by the scheduler */
+
+  /* Infinite loop */
+  /* USER CODE BEGIN WHILE */
+  while (1)
+  {
+  /* USER CODE END WHILE */
+
+  /* USER CODE BEGIN 3 */
+
+  }
+  /* USER CODE END 3 */
+
+}
+
+/** System Clock Configuration
+*/
+#define SysTick_IRQn -1
+
+void SystemClock_Config(void)
+{
+
+  RCC_OscInitTypeDef RCC_OscInitStruct;
+  RCC_ClkInitTypeDef RCC_ClkInitStruct;
+  RCC_PeriphCLKInitTypeDef PeriphClkInitStruct;
+
+  __HAL_RCC_PWR_CLK_ENABLE();
+
+  __HAL_PWR_VOLTAGESCALING_CONFIG(PWR_REGULATOR_VOLTAGE_SCALE3);
+
+  RCC_OscInitStruct.OscillatorType = RCC_OSCILLATORTYPE_HSE|RCC_OSCILLATORTYPE_LSE;
+  RCC_OscInitStruct.HSEState = RCC_HSE_ON;
+  RCC_OscInitStruct.LSEState = RCC_LSE_ON;
+  RCC_OscInitStruct.PLL.PLLState = RCC_PLL_ON;
+  RCC_OscInitStruct.PLL.PLLSource = RCC_PLLSOURCE_HSE;
+  RCC_OscInitStruct.PLL.PLLM = 15;
+  RCC_OscInitStruct.PLL.PLLN = 144;
+  RCC_OscInitStruct.PLL.PLLP = RCC_PLLP_DIV2;
+  RCC_OscInitStruct.PLL.PLLQ = 5;
+  if (HAL_RCC_OscConfig(&RCC_OscInitStruct) != HAL_OK)
+  {
+    Error_Handler();
+  }
+
+  RCC_ClkInitStruct.ClockType = RCC_CLOCKTYPE_HCLK|RCC_CLOCKTYPE_SYSCLK
+                              |RCC_CLOCKTYPE_PCLK1|RCC_CLOCKTYPE_PCLK2;
+  RCC_ClkInitStruct.SYSCLKSource = RCC_SYSCLKSOURCE_PLLCLK;
+  RCC_ClkInitStruct.AHBCLKDivider = RCC_SYSCLK_DIV1;
+  RCC_ClkInitStruct.APB1CLKDivider = RCC_HCLK_DIV4;
+  RCC_ClkInitStruct.APB2CLKDivider = RCC_HCLK_DIV2;
+  if (HAL_RCC_ClockConfig(&RCC_ClkInitStruct, FLASH_LATENCY_3) != HAL_OK)
+  {
+    Error_Handler();
+  }
+
+  PeriphClkInitStruct.PeriphClockSelection = RCC_PERIPHCLK_RTC;
+  PeriphClkInitStruct.RTCClockSelection = RCC_RTCCLKSOURCE_LSE;
+  if (HAL_RCCEx_PeriphCLKConfig(&PeriphClkInitStruct) != HAL_OK)
+  {
+    Error_Handler();
+  }
+
+  HAL_SYSTICK_Config(HAL_RCC_GetHCLKFreq()/1000);
+
+  HAL_SYSTICK_CLKSourceConfig(SYSTICK_CLKSOURCE_HCLK);
+
+  /* SysTick_IRQn interrupt configuration */
+  HAL_NVIC_SetPriority(SysTick_IRQn, 15, 0);
+}
+
+/* CRC init function */
+static void MX_CRC_Init(void)
+{
+
+  hcrc.Instance = CRC;
+  if (HAL_CRC_Init(&hcrc) != HAL_OK)
+  {
+    Error_Handler();
+  }
+
+}
+
+/* RNG init function */
+static void MX_RNG_Init(void)
+{
+
+  hrng.Instance = RNG;
+  if (HAL_RNG_Init(&hrng) != HAL_OK)
+  {
+    Error_Handler();
+  }
+
+}
+
+/* RTC init function */
+#define RTC_ASYNCH_PREDIV  0x7F   /* LSE as RTC clock */
+#define RTC_SYNCH_PREDIV   0x00FF /* LSE as RTC clock */
+static void MX_RTC_Init(void)
+{
+
+  RTC_TimeTypeDef sTime;
+  RTC_DateTypeDef sDate;
+
+    /**Initialize RTC and set the Time and Date
+    */
+  hrtc.Instance = RTC;
+  hrtc.Init.HourFormat = RTC_HOURFORMAT_24;
+  hrtc.Init.AsynchPrediv = RTC_ASYNCH_PREDIV;
+  hrtc.Init.SynchPrediv = RTC_SYNCH_PREDIV;
+  hrtc.Init.OutPut = RTC_OUTPUT_DISABLE;
+  hrtc.Init.OutPutPolarity = RTC_OUTPUT_POLARITY_HIGH;
+  hrtc.Init.OutPutType = RTC_OUTPUT_TYPE_OPENDRAIN;
+  if (HAL_RTC_Init(&hrtc) != HAL_OK)
+  {
+    Error_Handler();
+  }
+
+  sTime.Hours = 0x0;
+  sTime.Minutes = 0x0;
+  sTime.Seconds = 0x0;
+  sTime.DayLightSaving = RTC_DAYLIGHTSAVING_NONE;
+  sTime.StoreOperation = RTC_STOREOPERATION_RESET;
+  if (HAL_RTC_SetTime(&hrtc, &sTime, RTC_FORMAT_BCD) != HAL_OK)
+  {
+    Error_Handler();
+  }
+
+  sDate.WeekDay = RTC_WEEKDAY_MONDAY;
+  sDate.Month = RTC_MONTH_JANUARY;
+  sDate.Date = 0x1;
+  sDate.Year = 0x0;
+
+  if (HAL_RTC_SetDate(&hrtc, &sDate, RTC_FORMAT_BCD) != HAL_OK)
+  {
+    Error_Handler();
+  }
+
+    /**Enable the TimeStamp
+    */
+  if (HAL_RTCEx_SetTimeStamp(&hrtc, RTC_TIMESTAMPEDGE_RISING, RTC_TIMESTAMPPIN_DEFAULT) != HAL_OK)
+  {
+    Error_Handler();
+  }
+
+    /**Enable the reference Clock input
+    */
+  if (HAL_RTCEx_SetRefClock(&hrtc) != HAL_OK)
+  {
+    Error_Handler();
+  }
+
+}
+
+/* UART4 init function */
+static void MX_UART4_Init(void)
+{
+
+  huart4.Instance = UART4;
+  huart4.Init.BaudRate = 115200;
+  huart4.Init.WordLength = UART_WORDLENGTH_8B;
+  huart4.Init.StopBits = UART_STOPBITS_1;
+  huart4.Init.Parity = UART_PARITY_NONE;
+  huart4.Init.Mode = UART_MODE_TX_RX;
+  huart4.Init.HwFlowCtl = UART_HWCONTROL_NONE;
+  huart4.Init.OverSampling = UART_OVERSAMPLING_16;
+  if (HAL_UART_Init(&huart4) != HAL_OK)
+  {
+    Error_Handler();
+  }
+
+  // Turn off buffers, so I/O occurs immediately
+  setvbuf(stdin, NULL, _IONBF, 0);
+  setvbuf(stdout, NULL, _IONBF, 0);
+  setvbuf(stderr, NULL, _IONBF, 0);
+}
+
+int _write (int fd, char *ptr, int len)
+{
+	(void)fd;
+
+  /* Write "len" of char from "ptr" to file id "fd"
+   * Return number of char written.
+   * Need implementing with UART here. */
+	HAL_UART_Transmit(&huart4, (uint8_t *)ptr, len, 0xFFFF);
+
+  return len;
+}
+
+int _read (int fd, char *ptr, int len)
+{
+  /* Read "len" of char to "ptr" from file id "fd"
+   * Return number of char read.
+   * Need implementing with UART here. */
+	(void)fd;
+
+	return HAL_UART_Receive(&huart4, (uint8_t*)ptr, len, 0xFFFF);
+}
+
+void _ttywrch(int ch) {
+  /* Write one char "ch" to the default console
+   * Need implementing with UART here. */
+	_write(0, (char*)&ch, 1);
+}
+
+
+
+/** Configure pins as
+        * Analog
+        * Input
+        * Output
+        * EVENT_OUT
+        * EXTI
+*/
+static void MX_GPIO_Init(void)
+{
+
+  /* GPIO Ports Clock Enable */
+  __HAL_RCC_GPIOE_CLK_ENABLE();
+  __HAL_RCC_GPIOG_CLK_ENABLE();
+  __HAL_RCC_GPIOB_CLK_ENABLE();
+  __HAL_RCC_GPIOA_CLK_ENABLE();
+  __HAL_RCC_GPIOC_CLK_ENABLE();
+  __HAL_RCC_GPIOH_CLK_ENABLE();
+
+}
+
+/* USER CODE BEGIN 4 */
+
+/* USER CODE END 4 */
+
+/**
+  * @brief  Period elapsed callback in non blocking mode
+  * @note   This function is called  when TIM1 interrupt took place, inside
+  * HAL_TIM_IRQHandler(). It makes a direct call to HAL_IncTick() to increment
+  * a global variable "uwTick" used as application time base.
+  * @param  htim : TIM handle
+  * @retval None
+  */
+void HAL_TIM_PeriodElapsedCallback(TIM_HandleTypeDef *htim)
+{
+/* USER CODE BEGIN Callback 0 */
+
+/* USER CODE END Callback 0 */
+  if (htim->Instance == TIM1) {
+    HAL_IncTick();
+  }
+/* USER CODE BEGIN Callback 1 */
+
+/* USER CODE END Callback 1 */
+}
+
+/**
+  * @brief  This function is executed in case of error occurrence.
+  * @param  None
+  * @retval None
+  */
+void Error_Handler(void)
+{
+  /* USER CODE BEGIN Error_Handler */
+  /* User can add his own implementation to report the HAL error return state */
+  while(1)
+  {
+  }
+  /* USER CODE END Error_Handler */
+}
+
+#ifdef USE_FULL_ASSERT
+
+/**
+   * @brief Reports the name of the source file and the source line number
+   * where the assert_param error has occurred.
+   * @param file: pointer to the source file name
+   * @param line: assert_param error line source number
+   * @retval None
+   */
+void assert_failed(uint8_t* file, uint32_t line)
+{
+  /* USER CODE BEGIN 6 */
+  /* User can add his own implementation to report the file name and line number,
+    ex: printf("Wrong parameters value: file %s on line %d\r\n", file, line) */
+  /* USER CODE END 6 */
+
+}
+
+#endif

IDE/OPENSTM32/Src/wolfssl_example.c

@@ -0,0 +1,101 @@
+#include <string.h>
+#include "stm32f4xx_hal.h"
+#include "cmsis_os.h"
+#include "lwip.h"
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/ssl.h>
+#include <wolfcrypt/test/test.h>
+#include <wolfcrypt/benchmark/benchmark.h>
+
+
+/*****************************************************************************
+ * Private types/enumerations/variables
+ ****************************************************************************/
+
+/* UART definitions */
+extern UART_HandleTypeDef huart4;
+
+
+/*****************************************************************************
+ * Public types/enumerations/variables
+ ****************************************************************************/
+typedef struct func_args {
+    int    argc;
+    char** argv;
+    int    return_code;
+} func_args;
+
+const char menu1[] = "\r\n"
+    "\tt. WolfSSL Test\r\n"
+    "\tb. WolfSSL Benchmark\r\n";
+
+/*****************************************************************************
+ * Private functions
+ ****************************************************************************/
+
+
+/*****************************************************************************
+ * Public functions
+ ****************************************************************************/
+void wolfCryptDemo(void const * argument)
+{
+    uint8_t buffer[1] = {'t'};
+    func_args args;
+
+    /* init code for LWIP */
+    MX_LWIP_Init();
+
+    while (1) {
+        printf("\r\n\t\t\t\tMENU\r\n");
+        printf(menu1);
+        printf("Please select one of the above options: ");
+
+        HAL_UART_Receive(&huart4, buffer, sizeof(buffer), 1000);
+
+        switch (buffer[0]) {
+
+        case 't':
+            memset(&args, 0, sizeof(args));
+            printf("\nCrypt Test\n");
+            wolfcrypt_test(&args);
+            printf("Crypt Test: Return code %d\n", args.return_code);
+            break;
+
+        case 'b':
+            memset(&args, 0, sizeof(args));
+            printf("\nBenchmark Test\n");
+            benchmark_test(&args);
+            printf("Benchmark Test: Return code %d\n", args.return_code);
+            break;
+
+        // All other cases go here
+        default: printf("\r\nSelection out of range\r\n"); break;
+        }
+    }
+}
+
+extern RTC_HandleTypeDef hrtc;
+double current_time()
+{
+	RTC_TimeTypeDef time;
+	RTC_DateTypeDef date;
+	uint32_t subsec;
+
+	/* must get time and date here due to STM32 HW bug */
+	HAL_RTC_GetTime(&hrtc, &time, FORMAT_BIN);
+	HAL_RTC_GetDate(&hrtc, &date, FORMAT_BIN);
+	subsec = (255 - time.SubSeconds) * 1000 / 255;
+
+	(void)date;
+
+	/* return seconds.milliseconds */
+	return ((double)time.Hours * 24) +
+		   ((double)time.Minutes * 60) +
+			(double)time.Seconds +
+		   ((double)subsec/1000);
+}

IDE/OPENSTM32/include.am

@@ -0,0 +1,15 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST+= IDE/OPENSTM32/README.md
+EXTRA_DIST+= IDE/OPENSTM32/.cproject
+EXTRA_DIST+= IDE/OPENSTM32/.project
+EXTRA_DIST+= IDE/OPENSTM32/wolfSTM32.cfg
+EXTRA_DIST+= IDE/OPENSTM32/wolfSTM32.ioc
+EXTRA_DIST+= IDE/OPENSTM32/wolfSTM32.xml
+EXTRA_DIST+= IDE/OPENSTM32/Src/main.c
+EXTRA_DIST+= IDE/OPENSTM32/Src/wolfssl_example.c
+EXTRA_DIST+= IDE/OPENSTM32/Inc/user_settings.h
+EXTRA_DIST+= IDE/OPENSTM32/Inc/wolfssl_example.h
+EXTRA_DIST+= IDE/OPENSTM32/Inc/lwipopts.h

IDE/OPENSTM32/wolfSTM32.cfg

@@ -0,0 +1,13 @@
+# This is an wolfSTM32 board with a single STM32F437IIHx chip.
+# Generated by System Workbench for STM32
+
+source [find interface/stlink-v2-1.cfg]
+
+set WORKAREASIZE 0x30000
+transport select "hla_jtag"
+set CPUTAPID 0x4ba00477
+
+source [find target/stm32f4x_stlink.cfg]
+
+# use hardware reset, connect under reset
+reset_config srst_only srst_nogate

IDE/OPENSTM32/wolfSTM32.ioc

@@ -0,0 +1,213 @@
+#MicroXplorer Configuration settings - do not modify
+FREERTOS.IPParameters=Tasks01
+FREERTOS.Tasks01=defaultTask,0,128,StartDefaultTask,Default
+File.Version=6
+KeepUserPlacement=false
+LWIP.Version=v1.5.0_RC0_20160211_Cube
+Mcu.Family=STM32F4
+Mcu.IP0=CRC
+Mcu.IP1=ETH
+Mcu.IP2=FREERTOS
+Mcu.IP3=LWIP
+Mcu.IP4=NVIC
+Mcu.IP5=RCC
+Mcu.IP6=RNG
+Mcu.IP7=RTC
+Mcu.IP8=SYS
+Mcu.IP9=UART4
+Mcu.IPNb=10
+Mcu.Name=STM32F437I(G-I)Hx
+Mcu.Package=UFBGA176
+Mcu.Pin0=PE2
+Mcu.Pin1=PG14
+Mcu.Pin10=PC10
+Mcu.Pin11=PC13
+Mcu.Pin12=PC14/OSC32_IN
+Mcu.Pin13=PC15/OSC32_OUT
+Mcu.Pin14=PH2
+Mcu.Pin15=PH0/OSC_IN
+Mcu.Pin16=PH3
+Mcu.Pin17=PH1/OSC_OUT
+Mcu.Pin18=PC1
+Mcu.Pin19=PC2
+Mcu.Pin2=PG13
+Mcu.Pin20=PC3
+Mcu.Pin21=PH6
+Mcu.Pin22=PA1
+Mcu.Pin23=PC4
+Mcu.Pin24=PH7
+Mcu.Pin25=PA2
+Mcu.Pin26=PC5
+Mcu.Pin27=PA7
+Mcu.Pin28=PB15
+Mcu.Pin29=VP_CRC_VS_CRC
+Mcu.Pin3=PB4
+Mcu.Pin30=VP_FREERTOS_VS_ENABLE
+Mcu.Pin31=VP_LWIP_VS_Enabled
+Mcu.Pin32=VP_RNG_VS_RNG
+Mcu.Pin33=VP_SYS_VS_tim1
+Mcu.Pin4=PB3
+Mcu.Pin5=PA15
+Mcu.Pin6=PA14
+Mcu.Pin7=PA13
+Mcu.Pin8=PG11
+Mcu.Pin9=PC11
+Mcu.PinsNb=34
+Mcu.UserConstants=
+Mcu.UserName=STM32F437IIHx
+MxCube.Version=4.16.1
+MxDb.Version=DB.4.0.161
+NVIC.BusFault_IRQn=true\:0\:0\:false\:false\:true\:false
+NVIC.DebugMonitor_IRQn=true\:0\:0\:false\:false\:true\:false
+NVIC.ETH_IRQn=true\:0\:0\:false\:false\:true\:false
+NVIC.HardFault_IRQn=true\:0\:0\:false\:false\:true\:false
+NVIC.MemoryManagement_IRQn=true\:0\:0\:false\:false\:true\:false
+NVIC.NonMaskableInt_IRQn=true\:0\:0\:false\:false\:true\:false
+NVIC.PendSV_IRQn=true\:15\:0\:false\:false\:false\:true
+NVIC.PriorityGroup=NVIC_PRIORITYGROUP_4
+NVIC.SVCall_IRQn=true\:0\:0\:false\:false\:false\:false
+NVIC.SysTick_IRQn=true\:15\:0\:false\:false\:true\:true
+NVIC.TIM1_UP_TIM10_IRQn=true\:0\:0\:false\:false\:true\:false
+NVIC.TimeBase=TIM1_UP_TIM10_IRQn
+NVIC.TimeBaseIP=TIM1
+NVIC.UsageFault_IRQn=true\:0\:0\:false\:false\:true\:false
+PA1.Mode=MII
+PA1.Signal=ETH_RX_CLK
+PA13.Mode=JTAG_5_pins
+PA13.Signal=SYS_JTMS-SWDIO
+PA14.Mode=JTAG_5_pins
+PA14.Signal=SYS_JTCK-SWCLK
+PA15.Mode=JTAG_5_pins
+PA15.Signal=SYS_JTDI
+PA2.Mode=MII
+PA2.Signal=ETH_MDIO
+PA7.Mode=MII
+PA7.Signal=ETH_RX_DV
+PB15.Mode=Reference_Clock_Detection_Activate
+PB15.Signal=RTC_REFIN
+PB3.Mode=JTAG_5_pins
+PB3.Signal=SYS_JTDO-SWO
+PB4.Mode=JTAG_5_pins
+PB4.Signal=SYS_JTRST
+PC1.Mode=MII
+PC1.Signal=ETH_MDC
+PC10.Mode=Asynchronous
+PC10.Signal=UART4_TX
+PC11.Mode=Asynchronous
+PC11.Signal=UART4_RX
+PC13.Mode=Timestamp enabled - Input Enabled to AF1
+PC13.Signal=RTC_AF1
+PC14/OSC32_IN.Mode=LSE-External-Oscillator
+PC14/OSC32_IN.Signal=RCC_OSC32_IN
+PC15/OSC32_OUT.Mode=LSE-External-Oscillator
+PC15/OSC32_OUT.Signal=RCC_OSC32_OUT
+PC2.Mode=MII
+PC2.Signal=ETH_TXD2
+PC3.Mode=MII
+PC3.Signal=ETH_TX_CLK
+PC4.Mode=MII
+PC4.Signal=ETH_RXD0
+PC5.Mode=MII
+PC5.Signal=ETH_RXD1
+PCC.Checker=false
+PCC.Line=STM32F427/437
+PCC.MCU=STM32F437I(G-I)Hx
+PCC.MXVersion=4.16.1
+PCC.PartNumber=STM32F437IIHx
+PCC.Seq0=0
+PCC.Series=STM32F4
+PCC.Temperature=25
+PCC.Vdd=null
+PE2.Mode=MII
+PE2.Signal=ETH_TXD3
+PG11.Mode=MII
+PG11.Signal=ETH_TX_EN
+PG13.Mode=MII
+PG13.Signal=ETH_TXD0
+PG14.Mode=MII
+PG14.Signal=ETH_TXD1
+PH0/OSC_IN.Mode=HSE-External-Oscillator
+PH0/OSC_IN.Signal=RCC_OSC_IN
+PH1/OSC_OUT.Mode=HSE-External-Oscillator
+PH1/OSC_OUT.Signal=RCC_OSC_OUT
+PH2.Mode=MII
+PH2.Signal=ETH_CRS
+PH3.Mode=MII
+PH3.Signal=ETH_COL
+PH6.Mode=MII
+PH6.Signal=ETH_RXD2
+PH7.Mode=MII
+PH7.Signal=ETH_RXD3
+ProjectManager.AskForMigrate=true
+ProjectManager.BackupPrevious=false
+ProjectManager.CompilerOptimize=2
+ProjectManager.ComputerToolchain=false
+ProjectManager.CoupleFile=false
+ProjectManager.DeletePrevious=true
+ProjectManager.DeviceId=STM32F437IIHx
+ProjectManager.FirmwarePackage=STM32Cube FW_F4 V1.13.0
+ProjectManager.FreePins=false
+ProjectManager.HalAssertFull=false
+ProjectManager.HeapSize=0x10000
+ProjectManager.KeepUserCode=true
+ProjectManager.LastFirmware=true
+ProjectManager.LibraryCopy=1
+ProjectManager.PreviousToolchain=SW4STM32
+ProjectManager.ProjectBuild=false
+ProjectManager.ProjectFileName=wolfSTM32.ioc
+ProjectManager.ProjectName=wolfSTM32
+ProjectManager.StackSize=0x4000
+ProjectManager.TargetToolchain=SW4STM32
+ProjectManager.ToolChainLocation=
+ProjectManager.UnderRoot=true
+ProjectManager.functionlistsort=1-MX_GPIO_Init-GPIO-false,2-MX_CRC_Init-CRC-false,3-MX_RNG_Init-RNG-false,4-MX_UART4_Init-UART4-false,5-MX_LWIP_Init-LWIP-false,6-MX_RTC_Init-RTC-false
+RCC.48MHZClocksFreq_Value=48000000
+RCC.AHBFreq_Value=120000000
+RCC.APB1CLKDivider=RCC_HCLK_DIV4
+RCC.APB1Freq_Value=30000000
+RCC.APB1TimFreq_Value=60000000
+RCC.APB2CLKDivider=RCC_HCLK_DIV2
+RCC.APB2Freq_Value=60000000
+RCC.APB2TimFreq_Value=120000000
+RCC.CortexFreq_Value=120000000
+RCC.EthernetFreq_Value=120000000
+RCC.FCLKCortexFreq_Value=120000000
+RCC.FamilyName=M
+RCC.HCLKFreq_Value=120000000
+RCC.HSE_VALUE=25000000
+RCC.HSI_VALUE=16000000
+RCC.I2SClocksFreq_Value=160000000
+RCC.IPParameters=48MHZClocksFreq_Value,AHBFreq_Value,APB1CLKDivider,APB1Freq_Value,APB1TimFreq_Value,APB2CLKDivider,APB2Freq_Value,APB2TimFreq_Value,CortexFreq_Value,EthernetFreq_Value,FCLKCortexFreq_Value,FamilyName,HCLKFreq_Value,HSE_VALUE,HSI_VALUE,I2SClocksFreq_Value,LSI_VALUE,MCO2PinFreq_Value,PLLCLKFreq_Value,PLLM,PLLN,PLLQ,PLLQCLKFreq_Value,PLLSourceVirtual,RCC_RTC_Clock_Source,RTCFreq_Value,RTCHSEDivFreq_Value,SAI_AClocksFreq_Value,SAI_BClocksFreq_Value,SYSCLKFreq_VALUE,SYSCLKSource,VCOI2SOutputFreq_Value,VCOInputFreq_Value,VCOOutputFreq_Value,VCOSAIOutputFreq_Value,VCOSAIOutputFreq_ValueQ,VcooutputI2S,VcooutputI2SQ
+RCC.LSI_VALUE=32000
+RCC.MCO2PinFreq_Value=120000000
+RCC.PLLCLKFreq_Value=120000000
+RCC.PLLM=15
+RCC.PLLN=144
+RCC.PLLQ=5
+RCC.PLLQCLKFreq_Value=48000000
+RCC.PLLSourceVirtual=RCC_PLLSOURCE_HSE
+RCC.RCC_RTC_Clock_Source=RCC_RTCCLKSOURCE_LSE
+RCC.RTCFreq_Value=32768
+RCC.RTCHSEDivFreq_Value=12500000
+RCC.SAI_AClocksFreq_Value=20416666.666666668
+RCC.SAI_BClocksFreq_Value=20416666.666666668
+RCC.SYSCLKFreq_VALUE=120000000
+RCC.SYSCLKSource=RCC_SYSCLKSOURCE_PLLCLK
+RCC.VCOI2SOutputFreq_Value=320000000
+RCC.VCOInputFreq_Value=1666666.6666666667
+RCC.VCOOutputFreq_Value=240000000
+RCC.VCOSAIOutputFreq_Value=81666666.66666667
+RCC.VCOSAIOutputFreq_ValueQ=20416666.666666668
+RCC.VcooutputI2S=160000000
+RCC.VcooutputI2SQ=160000000
+VP_CRC_VS_CRC.Mode=CRC_Activate
+VP_CRC_VS_CRC.Signal=CRC_VS_CRC
+VP_FREERTOS_VS_ENABLE.Mode=Enabled
+VP_FREERTOS_VS_ENABLE.Signal=FREERTOS_VS_ENABLE
+VP_LWIP_VS_Enabled.Mode=Enabled
+VP_LWIP_VS_Enabled.Signal=LWIP_VS_Enabled
+VP_RNG_VS_RNG.Mode=RNG_Activate
+VP_RNG_VS_RNG.Signal=RNG_VS_RNG
+VP_SYS_VS_tim1.Mode=TIM1
+VP_SYS_VS_tim1.Signal=SYS_VS_tim1
+board=wolfSTM32

IDE/OPENSTM32/wolfSTM32.xml

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<targetDefinitions xmlns="http://openstm32.org/stm32TargetDefinitions" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://openstm32.org/stm32TargetDefinitions stm32TargetDefinitions.xsd">
+  <board id="wolfstm32">
+    <name>wolfSTM32</name>
+    <mcuId>stm32f437iihx</mcuId>
+    <dbgIF>JTAG</dbgIF>
+    <dbgDEV>ST-LinkV2-1</dbgDEV>
+  </board>
+</targetDefinitions>

IDE/ROWLEY-CROSSWORKS-ARM/retarget.c

@@ -29,6 +29,12 @@ void __assert(const char *__expression, const char *__filename, int __line)
     printf("Assert: %s, File %s (%d)\n", __expression, __filename, __line);
 }
 
+unsigned long ksdk_time(unsigned long* timer)
+{
+    (void)timer;
+    return hw_get_time_sec();
+}
+
 unsigned int LowResTimer(void)
 {
     return hw_get_time_sec();

IDE/ROWLEY-CROSSWORKS-ARM/user_settings.h

@@ -7,6 +7,8 @@
 extern "C" {
 #endif
 
+#include <stddef.h> /* for size_t */
+
 /* ------------------------------------------------------------------------- */
 /* Platform */
 /* ------------------------------------------------------------------------- */
@@ -118,6 +120,11 @@ extern "C" {
     /* half as much memory but twice as slow */
     #undef  RSA_LOW_MEM
     //#define RSA_LOW_MEM
+
+    /* Enables blinding mode, to prevent timing attacks */
+    #undef  WC_RSA_BLINDING
+    #define WC_RSA_BLINDING
+
 #else
     #define NO_RSA
 #endif
@@ -216,6 +223,8 @@ extern "C" {
             #define FREESCALE_USE_LTC
             #define LTC_MAX_ECC_BITS    (512)
             #define LTC_MAX_INT_BYTES   (256)
+
+            //#define FREESCALE_LTC_TFM_RSA_4096_ENABLE
         #endif
     #endif
 #endif
@@ -230,14 +239,17 @@ extern "C" {
 #undef  USE_CERT_BUFFERS_2048
 #define USE_CERT_BUFFERS_2048
 
+#undef  USE_CERT_BUFFERS_256
+#define USE_CERT_BUFFERS_256
+
 
 /* ------------------------------------------------------------------------- */
 /* Debugging */
 /* ------------------------------------------------------------------------- */
-#undef  WOLFSSL_DEBUG
-//#define WOLFSSL_DEBUG
+#undef  DEBUG_WOLFSSL
+//#define DEBUG_WOLFSSL
 
-#ifdef WOLFSSL_DEBUG
+#ifdef DEBUG_WOLFSSL
     #define fprintf(file, format, ...)   printf(format, ##__VA_ARGS__)
 
     /* Use this to measure / print heap usage */
@@ -253,7 +265,7 @@ extern "C" {
     #define NO_WOLFSSL_MEMORY
 
     #undef  NO_ERROR_STRINGS
-    #define NO_ERROR_STRINGS
+    //#define NO_ERROR_STRINGS
 #endif
 
 
@@ -265,6 +277,8 @@ extern "C" {
 /* Allows custom "custom_time()" function to be used for benchmark */
 #define WOLFSSL_USER_CURRTIME
 #define USER_TICKS
+extern unsigned long ksdk_time(unsigned long* timer);
+#define XTIME ksdk_time
 
 
 /* ------------------------------------------------------------------------- */
@@ -273,17 +287,21 @@ extern "C" {
 /* Size of returned HW RNG value */
 #define CUSTOM_RAND_TYPE      unsigned int
 
+/* Seed source */
+extern unsigned int custom_rand_generate(void);
+#undef  CUSTOM_RAND_GENERATE
+#define CUSTOM_RAND_GENERATE  custom_rand_generate
+
 /* Choose RNG method */
 #if 1
     /* Use built-in P-RNG (SHA256 based) with HW RNG */
     /* P-RNG + HW RNG (P-RNG is ~8K) */
     #undef  HAVE_HASHDRBG
     #define HAVE_HASHDRBG
-
-    extern unsigned int custom_rand_generate(void);
-    #undef  CUSTOM_RAND_GENERATE
-    #define CUSTOM_RAND_GENERATE  custom_rand_generate
 #else
+    #undef  WC_NO_HASHDRBG
+    #define WC_NO_HASHDRBG
+
     /* Bypass P-RNG and use only HW RNG */
     extern int custom_rand_generate_block(unsigned char* output, unsigned int sz);
     #undef  CUSTOM_RAND_GENERATE_BLOCK

IDE/ROWLEY-CROSSWORKS-ARM/wolfssl.hzp

@@ -122,12 +122,26 @@
         recurse="Yes" />
       <file file_name="user_settings.h" />
       <file file_name="README.md" />
-      <folder
-        Name="source"
-        exclude=""
-        filter=""
-        path="../../src"
-        recurse="No" />
+      <folder Name="source">
+        <file file_name="../../src/bio.c">
+          <configuration Name="ARM_Debug" build_exclude_from_build="Yes" />
+        </file>
+        <file file_name="../../src/crl.c" />
+        <file file_name="../../src/include.am" />
+        <file file_name="../../src/internal.c" />
+        <file file_name="../../src/io.c" />
+        <file file_name="../../src/keys.c" />
+        <file file_name="../../src/libwolfssl.la" />
+        <file file_name="../../src/ocsp.c" />
+        <file file_name="../../src/sniffer.c" />
+        <file file_name="../../src/src_libwolfssl_la-internal.lo" />
+        <file file_name="../../src/src_libwolfssl_la-io.lo" />
+        <file file_name="../../src/src_libwolfssl_la-keys.lo" />
+        <file file_name="../../src/src_libwolfssl_la-ssl.lo" />
+        <file file_name="../../src/src_libwolfssl_la-tls.lo" />
+        <file file_name="../../src/ssl.c" />
+        <file file_name="../../src/tls.c" />
+      </folder>
     </folder>
   </project>
   <project Name="test">

IDE/ROWLEY-CROSSWORKS-ARM/wolfssl_ltc.hzp

@@ -300,12 +300,26 @@
         recurse="Yes" />
       <file file_name="user_settings.h" />
       <file file_name="README.md" />
-      <folder
-        Name="source"
-        exclude=""
-        filter=""
-        path="../../src"
-        recurse="No" />
+      <folder Name="source">
+        <file file_name="../../src/bio.c">
+          <configuration Name="ARM_Debug" build_exclude_from_build="Yes" />
+        </file>
+        <file file_name="../../src/crl.c" />
+        <file file_name="../../src/include.am" />
+        <file file_name="../../src/internal.c" />
+        <file file_name="../../src/io.c" />
+        <file file_name="../../src/keys.c" />
+        <file file_name="../../src/libwolfssl.la" />
+        <file file_name="../../src/ocsp.c" />
+        <file file_name="../../src/sniffer.c" />
+        <file file_name="../../src/src_libwolfssl_la-internal.lo" />
+        <file file_name="../../src/src_libwolfssl_la-io.lo" />
+        <file file_name="../../src/src_libwolfssl_la-keys.lo" />
+        <file file_name="../../src/src_libwolfssl_la-ssl.lo" />
+        <file file_name="../../src/src_libwolfssl_la-tls.lo" />
+        <file file_name="../../src/ssl.c" />
+        <file file_name="../../src/tls.c" />
+      </folder>
     </folder>
   </project>
   <project Name="test_ltc">

IDE/WIN/user_settings.h

@@ -22,20 +22,25 @@
     #define NO_RABBIT
     #define NO_DSA
     #define NO_MD4
-#elif defined(WOLFSSL_LIB)
-    /* The lib */
-    #define OPENSSL_EXTRA
-    #define WOLFSSL_RIPEMD
-    #define WOLFSSL_SHA512
-    #define NO_PSK
-    #define HAVE_EXTENDED_MASTER
-    #define WOLFSSL_SNIFFER
-    #define HAVE_TLS_EXTENSIONS
-    #define HAVE_SECURE_RENEGOTIATION
 #else
-    /* The servers and clients */
-    #define OPENSSL_EXTRA
-    #define NO_PSK
+    /* Enables blinding mode, to prevent timing attacks */
+    #define WC_RSA_BLINDING
+
+    #if defined(WOLFSSL_LIB)
+        /* The lib */
+        #define OPENSSL_EXTRA
+        #define WOLFSSL_RIPEMD
+        #define WOLFSSL_SHA512
+        #define NO_PSK
+        #define HAVE_EXTENDED_MASTER
+        #define WOLFSSL_SNIFFER
+        #define HAVE_TLS_EXTENSIONS
+        #define HAVE_SECURE_RENEGOTIATION
+    #else
+        /* The servers and clients */
+        #define OPENSSL_EXTRA
+        #define NO_PSK
+    #endif
 #endif /* HAVE_FIPS */
 
 #endif /* _WIN_USER_SETTINGS_H_ */

IDE/WORKBENCH/README.md

@@ -1,5 +1,5 @@
 ## Wind River Workbench using VxWorks with wolfSSL
-####1 Steps to Add wolfSSL to Workbench Project
+#### 1 Steps to Add wolfSSL to Workbench Project
 1. Start by creating a new VxWorks image in Workbench by going to File > New >
 Project and then selecting VxWorks Image Project.
 
@@ -52,8 +52,8 @@ workspace folder. This is where the simulator looks for the filesystem.
     new project you created. Click "Ok".
     - Rebuild the project.
 
-####2 Testing wolfSSL with VxWorks:
-#####2.1 wolfCrypt Test and Benchmark Applications
+#### 2 Testing wolfSSL with VxWorks:
+##### 2.1 wolfCrypt Test and Benchmark Applications
 The wolfCrypt test application will test each of the cryptographic algorithms
 and output the status for each as a success or failure. The benchmark application will output the runtime of the cryptographic algorithms in milliseconds.
 
@@ -85,7 +85,7 @@ by adding the following to the usrAppInit() function:
 
 4. To run the VxWorks simulator, click the dropdown list next to "VxWorks Simulator" at the top of Workbench and go to "Open Connection Details". Add the correct Kernel Image file. This will be located in ```workspace/<project_name>/default/vxWorks```. Click Apply. Start the simulator by clicking the green, "Connect 'VxWorks Simulator'" button to the right of the "VxWorks Simulator" dropdown list. Verify in the simulator terminal that all wolfCrypt tests pass.
 
-#####2.2 Example Client
+##### 2.2 Example Client
 The wolfSSL example client.c file can be found in ```<path_to_wolfssl>/wolfssl/examples/client```.
 
 1. Add the following include to usrAppInit.c:
@@ -117,7 +117,7 @@ section, and add a call to the client function:
         SSL cipher suite is TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
         Server response: I hear you fa shizzle!
 
-#####2.3 Example Server
+##### 2.3 Example Server
 The example server requires more configuration than the client if using the
 VxWorks simulator.
 
@@ -164,7 +164,7 @@ Note: The wolfSSL example server and client cannot run at the same time on the V
         SSL cipher suite is TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
         Client message: hello wolfssl!
 
-####3 Necessary Files if Using VxWorks Simulator
+#### 3 Necessary Files if Using VxWorks Simulator
 The following files are required to replicate this build:
 * vxsim\_linux\_1\_0\_2\_2 (directory)
 * compilers/gnu-4.8.1.5/include/c++/4.8

IDE/include.am

@@ -5,8 +5,11 @@
 include IDE/iOS/include.am
 include IDE/WIN/include.am
 include IDE/WIN-SGX/include.am
+include IDE/LINUX-SGX/include.am
 include IDE/WORKBENCH/include.am
 include IDE/ROWLEY-CROSSWORKS-ARM/include.am
 include IDE/ARDUINO/include.am
+include IDE/INTIME-RTOS/include.am
+include IDE/OPENSTM32/include.am
 
-EXTRA_DIST+= IDE/IAR-EWARM IDE/MDK-ARM IDE/MDK5-ARM IDE/MYSQL IDE/LPCXPRESSO
+EXTRA_DIST+= IDE/IAR-EWARM IDE/MDK-ARM IDE/MDK5-ARM IDE/MYSQL IDE/LPCXPRESSO IDE/HEXIWEAR

Makefile.am

@@ -54,7 +54,18 @@ CLEANFILES+= cert.der \
              pkcs7envelopedDataAES128CBC.der \
              pkcs7envelopedDataAES192CBC.der \
              pkcs7envelopedDataAES256CBC.der \
-             pkcs7signedData.der
+             pkcs7signedData_RSA_SHA.der \
+             pkcs7signedData_RSA_SHA_noattr.der \
+             pkcs7signedData_RSA_SHA224.der \
+             pkcs7signedData_RSA_SHA256.der \
+             pkcs7signedData_RSA_SHA384.der \
+             pkcs7signedData_RSA_SHA512.der \
+             pkcs7signedData_ECDSA_SHA.der \
+             pkcs7signedData_ECDSA_SHA_noattr.der \
+             pkcs7signedData_ECDSA_SHA224.der \
+             pkcs7signedData_ECDSA_SHA256.der \
+             pkcs7signedData_ECDSA_SHA384.der \
+             pkcs7signedData_ECDSA_SHA512.der
 
 exampledir = $(docdir)/example
 dist_example_DATA=

README

@@ -3,7 +3,7 @@
 Note 1)
 wolfSSL as of 3.6.6 no longer enables SSLv3 by default.  wolfSSL also no
 longer supports static key cipher suites with PSK, RSA, or ECDH.  This means
-if you plan to use TLS cipher suites you must enable DH (DH is on  by default),
+if you plan to use TLS cipher suites you must enable DH (DH is on by default),
 or enable ECC (ECC is on by default on 64bit systems), or you must enable static
 key cipher suites with
     WOLFSSL_STATIC_DH
@@ -12,11 +12,11 @@ key cipher suites with
     WOLFSSL_STATIC_PSK
 
 though static key cipher suites are deprecated and will be removed from future
-versions of TLS.  They also lower your security by removing PFS. Since current
+versions of TLS.  They also lower your security by removing PFS.  Since current
 NTRU suites available do not use ephemeral keys, WOLFSSL_STATIC_RSA needs to be
 used in order to build with NTRU suites.
 
-When compiling ssl.c wolfSSL will now issue a compiler error if no cipher suites
+When compiling ssl.c, wolfSSL will now issue a compiler error if no cipher suites
 are available.  You can remove this error by defining WOLFSSL_ALLOW_NO_SUITES
 in the event that you desire that, i.e., you're not using TLS cipher suites.
 
@@ -34,6 +34,175 @@ before calling wolfSSL_new();  Though it's not recommended.
 
 *** end Notes ***
 
+********* wolfSSL (Formerly CyaSSL) Release 3.12.0 (8/04/2017)
+
+Release 3.12.0 of wolfSSL has bug fixes and new features including:
+
+- TLS 1.3 with Nginx! TLS 1.3 with ARMv8! TLS 1.3 with Async Crypto! (--enable-tls13)
+- TLS 1.3 0RTT feature added
+- Added port for using Intel SGX with Linux
+- Update and fix PIC32MZ port
+- Additional unit testing for MD5, SHA, SHA224, SHA256, SHA384, SHA512, RipeMd, HMAC, 3DES, IDEA, ChaCha20, ChaCha20Poly1305 AEAD, Camellia, Rabbit, ARC4, AES, RSA, Hc128
+- AVX and AVX2 assembly for improved ChaCha20 performance
+- Intel QAT fixes for when using --disable-fastmath
+- Update how DTLS handles decryption and MAC failures
+- Update DTLS session export version number for --enable-sessionexport feature
+- Add additional input argument sanity checks to ARMv8 assembly port
+- Fix for making PKCS12 dynamic types match
+- Fixes for potential memory leaks when using --enable-fast-rsa
+- Fix for when using custom ECC curves and add BRAINPOOLP256R1 test
+- Update TI-RTOS port for dependency on new wolfSSL source files
+- DTLS multicast feature added, --enable-mcast
+- Fix for Async crypto with GCC 7.1 and HMAC when not using Intel QuickAssist
+- Improvements and enhancements to Intel QuickAssist support
+- Added Xilinx port
+- Added SHA3 Keccak feature, --enable-sha3
+- Expand wolfSSL Python wrapper to now include a client side implementation
+- Adjust example servers to not treat a peer closed error as a hard error
+- Added more sanity checks to fp_read_unsigned_bin function
+- Add SHA224 and AES key wrap to ARMv8 port
+- Update MQX classics and mmCAU ports
+- Fix for potential buffer over read with wolfSSL_CertPemToDer
+- Add PKCS7/CMS decode support for KARI with IssuerAndSerialNumber
+- Fix ThreadX/NetX warning
+- Fixes for OCSP and CRL non blocking sockets and for incomplete cert chain with OCSP
+- Added RSA PSS sign and verify
+- Fix for STM32F4 AES-GCM
+- Added enable all feature (--enable-all)
+- Added trackmemory feature (--enable-trackmemory)
+- Fixes for AES key wrap and PKCS7 on Windows VS
+- Added benchmark block size argument
+- Support use of staticmemory with PKCS7
+- Fix for Blake2b build with GCC 5.4
+- Fixes for compiling wolfSSL with GCC version 7, most dealing with switch statement fall through warnings.
+- Added warning when compiling without hardened math operations
+
+
+Note:
+There is a known issue with using ChaCha20 AVX assembly on versions of GCC earlier than 5.2. This is encountered with using the wolfSSL enable options --enable-intelasm and --enable-chacha. To avoid this issue ChaCha20 can be enabled with --enable-chacha=noasm.
+If using --enable-intelasm and also using --enable-sha224 or --enable-sha256 there is a known issue with trying to use -fsanitize=address.
+
+This release of wolfSSL fixes 1 low level security vulnerability.
+
+Low level fix for a potential DoS attack on a wolfSSL client. Previously a client would accept many warning alert messages without a limit. This fix puts a limit to the number of warning alert messages received and if this limit is reached a fatal error ALERT_COUNT_E is returned. The max number of warning alerts by default is set to 5 and can be adjusted with the macro WOLFSSL_ALERT_COUNT_MAX. Thanks for the report from Tarun Yadav and Koustav Sadhukhan from Defence Research and Development Organization, INDIA.
+
+
+See INSTALL file for build instructions.
+More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html
+
+
+********* wolfSSL (Formerly CyaSSL) Release 3.11.1 (5/11/2017)
+
+Release 3.11.1 of wolfSSL is a TLS 1.3 BETA release, which includes:
+
+- TLS 1.3 client and server support for TLS 1.3 with Draft 18 support
+
+This is strictly a BETA release, and designed for testing and user feedback.
+Please send any comments, testing results, or feedback to wolfSSL at
+support@wolfssl.com.
+
+See INSTALL file for build instructions.
+More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html
+
+
+********* wolfSSL (Formerly CyaSSL) Release 3.11.0 (5/04/2017)
+
+Release 3.11.0 of wolfSSL has bug fixes and new features including:
+
+- Code updates for warnings reported by Coverity scans
+- Testing and warning fixes for FreeBSD on PowerPC
+- Updates and refactoring done to ASN1 parsing functions
+- Change max PSK identity buffer to account for an identity length of 128 characters
+- Update Arduino script to handle recent files and additions
+- Added support for PKCS#7 Signed Data with ECDSA
+- Fix for interoperability with ChaCha20-Poly1305 suites using older draft versions
+- DTLS update to allow multiple handshake messages in one DTLS record. Thanks to Eric Samsel over at Welch Allyn for reporting this bug.
+- Intel QuickAssist asynchronous support (PR #715 - https://www.wolfssl.com/wolfSSL/Blog/Entries/2017/1/18_wolfSSL_Asynchronous_Intel_QuickAssist_Support.html)
+- Added support for HAproxy load balancer
+- Added option to allow SHA1 with TLS 1.2 for IIS compatibility (WOLFSSL_ALLOW_TLS_SHA1)
+- Added Curve25519 51-bit Implementation, increasing performance on systems that have 128 bit types
+- Fix to not send session ID on server side if session cache is off unless we're echoing
+session ID as part of session tickets
+- Fixes for ensuring all default ciphers are setup correctly (see PR #830)
+- Added NXP Hexiwear example in `IDE/HEXIWEAR`.
+- Added wolfSSL_write_dup() to create write only WOLFSSL object for concurrent access
+- Fixes for TLS elliptic curve selection on private key import.
+- Fixes for RNG with Intel rdrand and rdseed speedups.
+- Improved performance with Intel rdrand to use full 64-bit output
+- Added new --enable-intelrand option to indicate use of RDRAND preference for RNG source
+- Removed RNG ARC4 support
+- Added ECC helpers to get size and id from curve name.
+- Added ECC Cofactor DH (ECC-CDH) support
+- Added ECC private key only import / export functions.
+- Added PKCS8 create function
+- Improvements to TLS layer CTX handling for switching keys / certs.
+- Added check for duplicate certificate policy OID in certificates.
+- Normal math speed-up to not allocate on mp_int and defer until mp_grow
+- Reduce heap usage with fast math when not using ALT_ECC_SIZE
+- Fixes for building CRL with Windows
+- Added support for inline CRL lookup when HAVE_CRL_IO is defined
+- Added port for tenAsys INtime RTOS
+- Improvements to uTKernel port (WOLFSSL_uTKERNEL2)
+- Updated WPA Supplicant support
+- Added support for Nginx
+- Update stunnel port for version 5.40
+- Fixes for STM32 hardware crypto acceleration
+- Extended test code coverage in bundled test.c
+- Added a sanity check for minimum authentication tag size with AES-GCM. Thanks to Yueh-Hsun Lin and Peng Li at KNOX Security at Samsung Research America for suggesting this.
+- Added a sanity check that subject key identifier is marked as non-critical and a check that no policy OIDS appear more than once in the cert policies extension. Thanks to the report from Professor Zhenhua Duan, Professor Cong Tian, and Ph.D candidate Chu Chen from Institute of Computing Theory and Technology (ICTT) of Xidian University, China. Profs. Zhenhua Duan and Cong Tian are supervisors of Ph.D candidate Chu Chen.
+
+
+This release of wolfSSL fixes 5 low and 1 medium level security vulnerability.
+
+3 Low level fixes reported by Yueh-Hsun Lin and Peng Li from KNOX Security, Samsung Research America.
+- Fix for out of bounds memory access in wc_DhParamsLoad() when GetLength() returns a zero. Before this fix there is a case where wolfSSL would read out of bounds memory in the function wc_DhParamsLoad.
+- Fix for DH key accepted by wc_DhAgree when the key was malformed.
+- Fix for a double free case when adding CA cert into X509_store.
+
+Low level fix for memory management with static memory feature enabled. By default static memory is disabled. Thanks to GitHub user hajjihraf for reporting this.
+
+Low level fix for out of bounds write in the function wolfSSL_X509_NAME_get_text_by_NID. This function is not used by TLS or crypto operations but could result in a buffer out of bounds write by one if called explicitly in an application. Discovered by Aleksandar Nikolic of Cisco Talos. http://talosintelligence.com/vulnerability-reports/
+
+Medium level fix for check on certificate signature. There is a case in release versions 3.9.10, 3.10.0 and 3.10.2 where a corrupted signature on a peer certificate would not be properly flagged. Thanks to Wens Lo, James Tsai, Kenny Chang, and Oscar Yang at Castles Technology.
+
+
+See INSTALL file for build instructions.
+More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html
+
+
+********* wolfSSL (Formerly CyaSSL) Release 3.10.2 (2/10/2017)
+
+Release 3.10.2 of wolfSSL has bug fixes and new features including:
+
+- Poly1305 Windows macros fix. Thanks to GitHub user Jay Satiro
+- Compatibility layer expanded with multiple functions added
+- Improve fp_copy performance with ALT_ECC_SIZE
+- OCSP updates and improvements
+- Fixes for IAR EWARM 8 compiler warnings
+- Reduce stack usage with ECC_CACHE_CURVE disabled
+- Added ECC export raw for public and private key
+- Fix for NO_ASN_TIME build
+- Supported curves extensions now populated by default
+- Add DTLS build without big integer math
+- Fix for static memory feature with wc_ecc_verify_hash_ex and not SHAMIR
+- Added PSK interoperability testing to script bundled with wolfSSL
+- Fix for Python wrapper random number generation. Compiler optimizations with Python could place the random number in same buffer location each time. Thanks to GitHub user Erik Bray (embray)
+- Fix for tests on unaligned memory with static memory feature
+- Add macro WOLFSSL_NO_OCSP_OPTIONAL_CERTS to skip optional OCSP certificates
+- Sanity checks on NULL arguments added to wolfSSL_set_fd and wolfSSL_DTLS_SetCookieSecret
+- mp_jacobi stack use reduced, thanks to Szabi Tolnai for providing a solution to reduce stack usage
+
+
+This release of wolfSSL fixes 2 low and 1 medium level security vulnerability.
+
+Low level fix of buffer overflow for when loading in a malformed temporary DH file. Thanks to Yueh-Hsun Lin and Peng Li from KNOX Security, Samsung Research America for the report.
+
+Medium level fix for processing of OCSP response. If using OCSP without hard faults enforced and no alternate revocation checks like OCSP stapling then it is recommended to update.
+
+Low level fix for potential cache attack on RSA operations. If using wolfSSL RSA on a server that other users can have access to monitor the cache, then it is recommended to update wolfSSL. Thanks to Andreas Zankl, Johann Heyszl and Georg Sigl at Fraunhofer AISEC for the initial report.
+
+See INSTALL file for build instructions.
+More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html
 
 ********* wolfSSL (Formerly CyaSSL) Release 3.10.0 (12/21/2016)
 

README.md

@@ -4,7 +4,7 @@
 ```
 wolfSSL as of 3.6.6 no longer enables SSLv3 by default.  wolfSSL also no
 longer supports static key cipher suites with PSK, RSA, or ECDH.  This means
-if you plan to use TLS cipher suites you must enable DH (DH is on  by default),
+if you plan to use TLS cipher suites you must enable DH (DH is on by default),
 or enable ECC (ECC is on by default on 64bit systems), or you must enable static
 key cipher suites with
     WOLFSSL_STATIC_DH
@@ -13,12 +13,12 @@ key cipher suites with
     WOLFSSL_STATIC_PSK
 
 though static key cipher suites are deprecated and will be removed from future
-versions of TLS.  They also lower your security by removing PFS. Since current
+versions of TLS.  They also lower your security by removing PFS.  Since current
 NTRU suites available do not use ephemeral keys, WOLFSSL_STATIC_RSA needs to be
 used in order to build with NTRU suites.
 
 
-When compiling ssl.c wolfSSL will now issue a compiler error if no cipher suites
+When compiling ssl.c, wolfSSL will now issue a compiler error if no cipher suites
 are available.  You can remove this error by defining WOLFSSL_ALLOW_NO_SUITES
 in the event that you desire that, i.e., you're not using TLS cipher suites.
 ```
@@ -38,6 +38,177 @@ wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
 before calling wolfSSL_new();  Though it's not recommended.
 ```
 
+# wolfSSL (Formerly CyaSSL) Release 3.12.0 (8/04/2017)
+
+## Release 3.12.0 of wolfSSL has bug fixes and new features including:
+
+- TLS 1.3 with Nginx! TLS 1.3 with ARMv8! TLS 1.3 with Async Crypto! (--enable-tls13)
+- TLS 1.3 0RTT feature added
+- Added port for using Intel SGX with Linux
+- Update and fix PIC32MZ port
+- Additional unit testing for MD5, SHA, SHA224, SHA256, SHA384, SHA512, RipeMd, HMAC, 3DES, IDEA, ChaCha20, ChaCha20Poly1305 AEAD, Camellia, Rabbit, ARC4, AES, RSA, Hc128
+- AVX and AVX2 assembly for improved ChaCha20 performance
+- Intel QAT fixes for when using --disable-fastmath
+- Update how DTLS handles decryption and MAC failures
+- Update DTLS session export version number for --enable-sessionexport feature
+- Add additional input argument sanity checks to ARMv8 assembly port
+- Fix for making PKCS12 dynamic types match
+- Fixes for potential memory leaks when using --enable-fast-rsa
+- Fix for when using custom ECC curves and add BRAINPOOLP256R1 test
+- Update TI-RTOS port for dependency on new wolfSSL source files
+- DTLS multicast feature added, --enable-mcast
+- Fix for Async crypto with GCC 7.1 and HMAC when not using Intel QuickAssist
+- Improvements and enhancements to Intel QuickAssist support
+- Added Xilinx port
+- Added SHA3 Keccak feature, --enable-sha3
+- Expand wolfSSL Python wrapper to now include a client side implementation
+- Adjust example servers to not treat a peer closed error as a hard error
+- Added more sanity checks to fp_read_unsigned_bin function
+- Add SHA224 and AES key wrap to ARMv8 port
+- Update MQX classics and mmCAU ports
+- Fix for potential buffer over read with wolfSSL_CertPemToDer
+- Add PKCS7/CMS decode support for KARI with IssuerAndSerialNumber
+- Fix ThreadX/NetX warning
+- Fixes for OCSP and CRL non blocking sockets and for incomplete cert chain with OCSP
+- Added RSA PSS sign and verify
+- Fix for STM32F4 AES-GCM
+- Added enable all feature (--enable-all)
+- Added trackmemory feature (--enable-trackmemory)
+- Fixes for AES key wrap and PKCS7 on Windows VS
+- Added benchmark block size argument
+- Support use of staticmemory with PKCS7
+- Fix for Blake2b build with GCC 5.4
+- Fixes for compiling wolfSSL with GCC version 7, most dealing with switch statement fall through warnings.
+- Added warning when compiling without hardened math operations
+
+
+Note:
+There is a known issue with using ChaCha20 AVX assembly on versions of GCC earlier than 5.2. This is encountered with using the wolfSSL enable options --enable-intelasm and --enable-chacha. To avoid this issue ChaCha20 can be enabled with --enable-chacha=noasm.
+If using --enable-intelasm and also using --enable-sha224 or --enable-sha256 there is a known issue with trying to use -fsanitize=address.
+
+This release of wolfSSL fixes 1 low level security vulnerability.
+
+Low level fix for a potential DoS attack on a wolfSSL client. Previously a client would accept many warning alert messages without a limit. This fix puts a limit to the number of warning alert messages received and if this limit is reached a fatal error ALERT_COUNT_E is returned. The max number of warning alerts by default is set to 5 and can be adjusted with the macro WOLFSSL_ALERT_COUNT_MAX. Thanks for the report from Tarun Yadav and Koustav Sadhukhan from Defence Research and Development Organization, INDIA.
+
+
+See INSTALL file for build instructions.
+More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html
+
+
+# wolfSSL (Formerly CyaSSL) Release 3.11.1 (5/11/2017)
+
+## Release 3.11.1 of wolfSSL is a TLS 1.3 BETA release, which includes:
+
+- TLS 1.3 client and server support for TLS 1.3 with Draft 18 support
+
+This is strictly a BETA release, and designed for testing and user feedback.
+Please send any comments, testing results, or feedback to wolfSSL at
+support@wolfssl.com.
+
+See INSTALL file for build instructions.
+More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html
+
+
+# wolfSSL (Formerly CyaSSL) Release 3.11.0 (5/04/2017)
+
+## Release 3.11.0 of wolfSSL has bug fixes and new features including:
+
+- Code updates for warnings reported by Coverity scans
+- Testing and warning fixes for FreeBSD on PowerPC
+- Updates and refactoring done to ASN1 parsing functions
+- Change max PSK identity buffer to account for an identity length of 128 characters
+- Update Arduino script to handle recent files and additions
+- Added support for PKCS#7 Signed Data with ECDSA
+- Fix for interoperability with ChaCha20-Poly1305 suites using older draft versions
+- DTLS update to allow multiple handshake messages in one DTLS record. Thanks to Eric Samsel over at Welch Allyn for reporting this bug.
+- Intel QuickAssist asynchronous support (PR #715 - https://www.wolfssl.com/wolfSSL/Blog/Entries/2017/1/18_wolfSSL_Asynchronous_Intel_QuickAssist_Support.html)
+- Added support for HAproxy load balancer
+- Added option to allow SHA1 with TLS 1.2 for IIS compatibility (WOLFSSL_ALLOW_TLS_SHA1)
+- Added Curve25519 51-bit Implementation, increasing performance on systems that have 128 bit types
+- Fix to not send session ID on server side if session cache is off unless we're echoing 
+session ID as part of session tickets
+- Fixes for ensuring all default ciphers are setup correctly (see PR #830)
+- Added NXP Hexiwear example in `IDE/HEXIWEAR`.
+- Added wolfSSL_write_dup() to create write only WOLFSSL object for concurrent access
+- Fixes for TLS elliptic curve selection on private key import.
+- Fixes for RNG with Intel rdrand and rdseed speedups.
+- Improved performance with Intel rdrand to use full 64-bit output
+- Added new --enable-intelrand option to indicate use of RDRAND preference for RNG source 
+- Removed RNG ARC4 support
+- Added ECC helpers to get size and id from curve name.
+- Added ECC Cofactor DH (ECC-CDH) support
+- Added ECC private key only import / export functions.
+- Added PKCS8 create function
+- Improvements to TLS layer CTX handling for switching keys / certs.
+- Added check for duplicate certificate policy OID in certificates.
+- Normal math speed-up to not allocate on mp_int and defer until mp_grow
+- Reduce heap usage with fast math when not using ALT_ECC_SIZE
+- Fixes for building CRL with Windows
+- Added support for inline CRL lookup when HAVE_CRL_IO is defined
+- Added port for tenAsys INtime RTOS
+- Improvements to uTKernel port (WOLFSSL_uTKERNEL2)
+- Updated WPA Supplicant support
+- Added support for Nginx
+- Update stunnel port for version 5.40
+- Fixes for STM32 hardware crypto acceleration
+- Extended test code coverage in bundled test.c
+- Added a sanity check for minimum authentication tag size with AES-GCM. Thanks to Yueh-Hsun Lin and Peng Li at KNOX Security at Samsung Research America for suggesting this.
+- Added a sanity check that subject key identifier is marked as non-critical and a check that no policy OIDS appear more than once in the cert policies extension. Thanks to the report from Professor Zhenhua Duan, Professor Cong Tian, and Ph.D candidate Chu Chen from Institute of Computing Theory and Technology (ICTT) of Xidian University, China. Profs. Zhenhua Duan and Cong Tian are supervisors of Ph.D candidate Chu Chen.
+
+This release of wolfSSL fixes 5 low and 1 medium level security vulnerability.
+
+3 Low level fixes reported by Yueh-Hsun Lin and Peng Li from KNOX Security, Samsung Research America.
+- Fix for out of bounds memory access in wc_DhParamsLoad() when GetLength() returns a zero. Before this fix there is a case where wolfSSL would read out of bounds memory in the function wc_DhParamsLoad.
+- Fix for DH key accepted by wc_DhAgree when the key was malformed.
+- Fix for a double free case when adding CA cert into X509_store.
+
+Low level fix for memory management with static memory feature enabled. By default static memory is disabled. Thanks to GitHub user hajjihraf for reporting this.
+
+
+Low level fix for out of bounds write in the function wolfSSL_X509_NAME_get_text_by_NID. This function is not used by TLS or crypto operations but could result in a buffer out of bounds write by one if called explicitly in an application. Discovered by Aleksandar Nikolic of Cisco Talos. http://talosintelligence.com/vulnerability-reports/
+
+Medium level fix for check on certificate signature. There is a case in release versions 3.9.10, 3.10.0 and 3.10.2 where a corrupted signature on a peer certificate would not be properly flagged. Thanks to Wens Lo, James Tsai, Kenny Chang, and Oscar Yang at Castles Technology.
+
+
+See INSTALL file for build instructions.
+More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html
+
+
+# wolfSSL (Formerly CyaSSL) Release 3.10.2 (2/10/2017)
+
+## Release 3.10.2 of wolfSSL has bug fixes and new features including:
+
+- Poly1305 Windows macros fix. Thanks to GitHub user Jay Satiro
+- Compatibility layer expanded with multiple functions added
+- Improve fp_copy performance with ALT_ECC_SIZE
+- OCSP updates and improvements
+- Fixes for IAR EWARM 8 compiler warnings
+- Reduce stack usage with ECC_CACHE_CURVE disabled
+- Added ECC export raw for public and private key
+- Fix for NO_ASN_TIME build
+- Supported curves extensions now populated by default
+- Add DTLS build without big integer math
+- Fix for static memory feature with wc_ecc_verify_hash_ex and not SHAMIR
+- Added PSK interoperability testing to script bundled with wolfSSL
+- Fix for Python wrapper random number generation. Compiler optimizations with Python could place the random number in same buffer location each time. Thanks to GitHub user Erik Bray (embray)
+- Fix for tests on unaligned memory with static memory feature
+- Add macro WOLFSSL_NO_OCSP_OPTIONAL_CERTS to skip optional OCSP certificates
+- Sanity checks on NULL arguments added to wolfSSL_set_fd and wolfSSL_DTLS_SetCookieSecret
+- mp_jacobi stack use reduced, thanks to Szabi Tolnai for providing a solution to reduce stack usage
+
+
+This release of wolfSSL fixes 2 low and 1 medium level security vulnerability.
+
+Low level fix of buffer overflow for when loading in a malformed temporary DH file. Thanks to Yueh-Hsun Lin and Peng Li from KNOX Security, Samsung Research America for the report.
+
+Medium level fix for processing of OCSP response. If using OCSP without hard faults enforced and no alternate revocation checks like OCSP stapling then it is recommended to update.
+
+Low level fix for potential cache attack on RSA operations. If using wolfSSL RSA on a server that other users can have access to monitor the cache, then it is recommended to update wolfSSL. Thanks to Andreas Zankl, Johann Heyszl and Georg Sigl at Fraunhofer AISEC for the initial report.
+
+See INSTALL file for build instructions.
+More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html
+
+
 # wolfSSL (Formerly CyaSSL) Release 3.10.0 (12/21/2016)
 
 ## Release 3.10.0 of wolfSSL has bug fixes and new features including:

autogen.sh

@@ -22,6 +22,20 @@ if test -e .git; then
   # touch async crypt files
   touch ./wolfcrypt/src/async.c
   touch ./wolfssl/wolfcrypt/async.h
+
+  # touch async port files
+  touch ./wolfcrypt/src/port/intel/quickassist.c
+  touch ./wolfcrypt/src/port/intel/quickassist_mem.c
+  touch ./wolfcrypt/src/port/cavium/cavium_nitrox.c
+  if [ ! -d ./wolfssl/wolfcrypt/port/intel ]; then
+    mkdir ./wolfssl/wolfcrypt/port/intel
+  fi
+  touch ./wolfssl/wolfcrypt/port/intel/quickassist.h
+  touch ./wolfssl/wolfcrypt/port/intel/quickassist_mem.h
+  if [ ! -d ./wolfssl/wolfcrypt/port/cavium ]; then
+    mkdir ./wolfssl/wolfcrypt/port/cavium
+  fi
+  touch ./wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h
 else
   WARNINGS="all"
 fi

certs/crl/crl2.pem

@@ -0,0 +1,80 @@
+Certificate Revocation List (CRL):
+        Version 2 (0x1)
+    Signature Algorithm: sha256WithRSAEncryption
+        Issuer: /C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+        Last Update: Aug 11 20:07:38 2016 GMT
+        Next Update: May  8 20:07:38 2019 GMT
+        CRL extensions:
+            X509v3 CRL Number: 
+                1
+Revoked Certificates:
+    Serial Number: 02
+        Revocation Date: Aug 11 20:07:38 2016 GMT
+    Signature Algorithm: sha256WithRSAEncryption
+         35:c6:7f:57:9a:e5:86:5a:15:1a:e2:e5:2b:9f:54:79:2a:58:
+         51:a2:12:0c:4e:53:58:eb:99:e3:c2:ee:2b:d7:23:e4:3c:4d:
+         0a:ab:ae:71:9b:ce:b1:c1:75:a1:b6:e5:32:5f:10:b0:72:28:
+         2e:74:b1:99:dd:47:53:20:f6:9a:83:5c:bd:20:b0:aa:df:32:
+         f6:95:54:98:9e:59:96:55:7b:0a:74:be:94:66:44:b7:32:82:
+         f0:eb:16:f8:30:86:16:9f:73:43:98:82:b5:5e:ad:58:c0:c8:
+         79:da:ad:b1:b4:d7:fb:34:c1:cc:3a:67:af:a4:56:5a:70:5c:
+         2d:1f:73:16:78:92:01:06:e3:2c:fb:f1:ba:d5:8f:f9:be:dd:
+         e1:4a:ce:de:ca:e6:2d:96:09:24:06:40:9e:10:15:2e:f2:cd:
+         85:d6:84:88:db:9c:4a:7b:75:7a:06:0e:40:02:20:60:7e:91:
+         f7:92:53:1e:34:7a:ea:ee:df:e7:cd:a8:9e:a6:61:b4:56:50:
+         4d:dc:b1:78:0d:86:cf:45:c3:a6:0a:b9:88:2c:56:a7:b1:d3:
+         d3:0d:44:aa:93:a4:05:4d:ce:9f:01:b0:c6:1e:e4:ea:6b:92:
+         6f:93:dd:98:cf:fb:1d:06:72:ac:d4:99:e7:f2:b4:11:57:bd:
+         9d:63:e5:dc
+-----BEGIN X509 CRL-----
+MIICBDCB7QIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMxEDAOBgNV
+BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3Ro
+MRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x
+HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTE2MDgxMTIwMDczOFoX
+DTE5MDUwODIwMDczOFowFDASAgECFw0xNjA4MTEyMDA3MzhaoA4wDDAKBgNVHRQE
+AwIBATANBgkqhkiG9w0BAQsFAAOCAQEANcZ/V5rlhloVGuLlK59UeSpYUaISDE5T
+WOuZ48LuK9cj5DxNCquucZvOscF1obblMl8QsHIoLnSxmd1HUyD2moNcvSCwqt8y
+9pVUmJ5ZllV7CnS+lGZEtzKC8OsW+DCGFp9zQ5iCtV6tWMDIedqtsbTX+zTBzDpn
+r6RWWnBcLR9zFniSAQbjLPvxutWP+b7d4UrO3srmLZYJJAZAnhAVLvLNhdaEiNuc
+Snt1egYOQAIgYH6R95JTHjR66u7f582onqZhtFZQTdyxeA2Gz0XDpgq5iCxWp7HT
+0w1EqpOkBU3OnwGwxh7k6muSb5PdmM/7HQZyrNSZ5/K0EVe9nWPl3A==
+-----END X509 CRL-----
+Certificate Revocation List (CRL):
+        Version 2 (0x1)
+    Signature Algorithm: sha256WithRSAEncryption
+        Issuer: /C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=Programming-2048/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+        Last Update: Aug 11 20:07:38 2016 GMT
+        Next Update: May  8 20:07:38 2019 GMT
+        CRL extensions:
+            X509v3 CRL Number: 
+                3
+No Revoked Certificates.
+    Signature Algorithm: sha256WithRSAEncryption
+         14:85:d5:c8:db:62:74:48:94:5e:dc:52:0f:5e:43:8b:29:83:
+         32:e0:7a:4c:5c:76:e3:7e:c1:87:74:40:b2:6f:f8:33:4c:2c:
+         32:08:f0:5f:d9:85:b3:20:05:34:5d:15:4d:ba:45:bc:2d:9c:
+         ae:40:d0:d8:9a:b3:a1:4f:0b:94:ce:c4:23:c6:bf:a2:f8:a6:
+         02:4c:6d:ad:5a:59:b3:83:55:dd:37:91:f6:75:d4:6f:83:5f:
+         1c:29:94:cd:01:09:dc:38:d8:6c:c0:9f:1e:76:9d:f9:8f:70:
+         0d:48:e5:99:82:90:3a:36:f1:33:17:69:73:8a:ee:a7:22:4c:
+         58:93:a1:dc:59:b9:44:8f:88:99:0b:c4:d3:74:aa:02:9a:84:
+         36:48:d8:a0:05:73:bc:14:32:1e:76:23:85:c5:94:56:b2:2c:
+         61:3b:07:d7:bd:0c:27:f7:d7:23:40:bd:0c:6c:c7:e0:f7:28:
+         74:67:98:20:93:72:16:b6:6e:67:3f:9e:c9:34:c5:64:09:bf:
+         b1:ab:87:0c:80:b6:1f:89:d8:0e:67:c2:c7:19:df:ee:9f:b2:
+         e6:fb:64:3d:82:7a:47:e2:8d:a3:93:1d:29:f6:94:db:83:2f:
+         b6:0a:a0:da:77:e3:56:ec:d7:d2:22:3c:88:4d:4a:87:de:b5:
+         1c:eb:7b:08
+-----BEGIN X509 CRL-----
+MIIB+DCB4QIBATANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCVVMxEDAOBgNV
+BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZTU0xf
+MjA0ODEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMjA0ODEYMBYGA1UEAwwPd3d3Lndv
+bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0xNjA4
+MTEyMDA3MzhaFw0xOTA1MDgyMDA3MzhaoA4wDDAKBgNVHRQEAwIBAzANBgkqhkiG
+9w0BAQsFAAOCAQEAFIXVyNtidEiUXtxSD15DiymDMuB6TFx2437Bh3RAsm/4M0ws
+MgjwX9mFsyAFNF0VTbpFvC2crkDQ2JqzoU8LlM7EI8a/ovimAkxtrVpZs4NV3TeR
+9nXUb4NfHCmUzQEJ3DjYbMCfHnad+Y9wDUjlmYKQOjbxMxdpc4rupyJMWJOh3Fm5
+RI+ImQvE03SqApqENkjYoAVzvBQyHnYjhcWUVrIsYTsH170MJ/fXI0C9DGzH4Pco
+dGeYIJNyFrZuZz+eyTTFZAm/sauHDIC2H4nYDmfCxxnf7p+y5vtkPYJ6R+KNo5Md
+KfaU24Mvtgqg2nfjVuzX0iI8iE1Kh961HOt7CA==
+-----END X509 CRL-----

certs/crl/include.am

@@ -6,7 +6,8 @@ EXTRA_DIST += \
 	     certs/crl/crl.pem \
 	     certs/crl/cliCrl.pem \
 	     certs/crl/eccSrvCRL.pem \
-	     certs/crl/eccCliCRL.pem
+	     certs/crl/eccCliCRL.pem \
+	     certs/crl/crl2.pem
 
 EXTRA_DIST += \
 	     certs/crl/crl.revoked

certs/ecc-privOnlyCert.pem

@@ -0,0 +1,8 @@
+-----BEGIN CERTIFICATE-----
+MIIBJDCByaADAgECAgEAMAwGCCqGSM49BAMCBQAwGjELMAkGA1UEChMCV1IxCzAJBgNVBAYTAkRF
+MB4XDTE3MDIwNjE0NTY0MVoXDTE4MDIwNjE0NTY0MVowGjELMAkGA1UEChMCV1IxCzAJBgNVBAYT
+AkRFMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEJcD9Frgr8rgKHt2szmJSfFgKYH1Xddq9EcHV
+KupUa3bmPTb33VGXa6gm/numvZZVhVCdmn5pAdhDRYnZ/korJjAMBggqhkjOPQQDAgUAA0gAMEUC
+IDnBQOHgHIudh7nFB0wG/WFMoUutVFN0uQPbVJSWwbQHAiEAmw25n+eEMgMK4Gi7qH1lzxm11WX0
+jM1gxQSGZTaja8s=
+-----END CERTIFICATE-----

certs/ecc-privOnlyKey.pem

@@ -0,0 +1,4 @@
+-----BEGIN PRIVATE KEY-----
+MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCBmlE/nixmHCpmplUopbqNEo+jJE40p
+wfkxzH01tAWqcQ==
+-----END PRIVATE KEY-----

certs/ecc-privkey.pem

@@ -0,0 +1,4 @@
+-----BEGIN EC PRIVATE KEY-----
+MDECAQEEIEW2aQJznGyFoThbcujox6zEA41TNQT6bCjcNI3hqAmMoAoGCCqGSM49
+AwEH
+-----END EC PRIVATE KEY-----

certs/ed25519/ca-ed25519-key.pem

@@ -0,0 +1,4 @@
+-----BEGIN EDDSA PRIVATE KEY-----
+MFICAQAwBQYDK2VwBCIEIE3EyZVR/gbofvUgIsCeuA3yZ9E7DbTQxW7HMDYQhbxl
+oSIEIEEH7HUMaHISPASCB24Wb0BBbaSPCPLinadDwiQomH6s
+-----END EDDSA PRIVATE KEY-----

certs/ed25519/ca-ed25519.pem

@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICWTCCAgugAwIBAgIIAfbhPrx5oYUwBQYDK2VwMIGfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjENMAsGA1UEBAwEUm9v
+dDEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYGA1UEAwwP
+d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
+MCIYDzIwMTcwNTI4MjMyNjI5WhgPMjAxOTA1MjkyMzI2MjlaMIGdMQswCQYDVQQG
+EwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjELMAkGA1UE
+BAwCQ0ExEDAOBgNVBAoMB3dvbGZTU0wxEDAOBgNVBAsMB0VEMjU1MTkxGDAWBgNV
+BAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
+LmNvbTAqMAUGAytlcAMhAEEH7HUMaHISPASCB24Wb0BBbaSPCPLinadDwiQomH6s
+o2EwXzAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBSS1Qva8QSLuaGLAwKfWAA1Ngd6
+yTAfBgNVHSMEGDAWgBSGwCfpnvqFwf3jb/xUWXI3xzOSuzAPBgNVHQ8BAf8EBQMC
+AcYAMAUGAytlcANBACIbBhfAEXQfZNGj9nsGABoLUI7rsWOSRbrc4sFoFCMMbiyV
+PLEcGSeYUD5VUczESVivuUZP7ZxXOAQp1KkS/gg=
+-----END CERTIFICATE-----

certs/ed25519/client-ed25519-key.pem

@@ -0,0 +1,4 @@
+-----BEGIN EDDSA PRIVATE KEY-----
+MFICAQAwBQYDK2VwBCIEIBGdNYxa3ommO8aYO1oGaGSRQBqDYB0sKOdR3bqejqIQ
+oSIEIDY9UZ60w5FgsDoJuIdapQUPW1PlZBc+cLkNZhKk5fFR
+-----END EDDSA PRIVATE KEY-----

certs/ed25519/client-ed25519.pem

@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICUTCCAgOgAwIBAgIIAckQps/YSE8wBQYDK2VwMIGhMQswCQYDVQQGEwJVUzEQ
+MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEPMA0GA1UEBAwGY2xp
+ZW50MRAwDgYDVQQKDAd3b2xmU1NMMRAwDgYDVQQLDAdFRDI1NTE5MRgwFgYDVQQD
+DA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
+b20wIhgPMjAxNzA1MjgyMzI2MjlaGA8yMDE5MDUyOTIzMjYyOVowgaExCzAJBgNV
+BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQ8wDQYD
+VQQEDAZjbGllbnQxEDAOBgNVBAoMB3dvbGZTU0wxEDAOBgNVBAsMB0VEMjU1MTkx
+GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
+b2xmc3NsLmNvbTAqMAUGAytlcAMhADY9UZ60w5FgsDoJuIdapQUPW1PlZBc+cLkN
+ZhKk5fFRo1MwUTAdBgNVHQ4EFgQUppdwk1xpkyuWMh6Heza6k5opV/EwHwYDVR0j
+BBgwFoAUppdwk1xpkyuWMh6Heza6k5opV/EwDwYDVR0PAQH/BAUDAgbAADAFBgMr
+ZXADQQCUo3bb4Zv2vjs09vniOoogAIHBlj4tOdodJ/vVfSFRGfo5MTbFOa4RmAvZ
+kz+W324RkBsIl8R8ksENe87bJwAP
+-----END CERTIFICATE-----

certs/ed25519/root-ed25519-key.pem

@@ -0,0 +1,4 @@
+-----BEGIN EDDSA PRIVATE KEY-----
+MFICAQAwBQYDK2VwBCIEIFwOftlJ9QL4yEBIBh9UmTRwCu+A6puPK9OFmVk0A19P
+oSIEIKZgKbt92EfL1B7QbQ9XANgqH1BqQrxd5bgZZbLfJK9Q
+-----END EDDSA PRIVATE KEY-----

certs/ed25519/root-ed25519.pem

@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICWzCCAg2gAwIBAgIIAcUx7uhNOB4wBQYDK2VwMIGfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjENMAsGA1UEBAwEUm9v
+dDEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYGA1UEAwwP
+d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
+MCIYDzIwMTcwNTI4MjMyNjI5WhgPMjAxOTA1MjkyMzI2MjlaMIGfMQswCQYDVQQG
+EwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjENMAsGA1UE
+BAwEUm9vdDEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYG
+A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz
+c2wuY29tMCowBQYDK2VwAyEApmApu33YR8vUHtBtD1cA2CofUGpCvF3luBllst8k
+r1CjYTBfMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFIbAJ+me+oXB/eNv/FRZcjfH
+M5K7MB8GA1UdIwQYMBaAFIbAJ+me+oXB/eNv/FRZcjfHM5K7MA8GA1UdDwEB/wQF
+AwIBxgAwBQYDK2VwA0EAGj129Ed4mXezQYuGBMzeglOtvFvz3UqPLBGTRI49gqqw
+2/VnVoX532VvhensyCrk3/tRluh1wMnenEQlncm/CQ==
+-----END CERTIFICATE-----

certs/ed25519/server-ed25519-key.pem

@@ -0,0 +1,4 @@
+-----BEGIN EDDSA PRIVATE KEY-----
+MFICAQAwBQYDK2VwBCIEINjpdrI/H/eIdfXd+HrGSTBu6Z/LnR4rwBjvu3WJ5ndn
+oSIEIBowiBhHL5faBPSk471sDBa5SMHRQteOkoSgdCpDng4p
+-----END EDDSA PRIVATE KEY-----

certs/ed25519/server-ed25519.pem

@@ -0,0 +1,30 @@
+-----BEGIN CERTIFICATE-----
+MIICSzCCAf2gAwIBAgIIAdCSEGpaRlcwBQYDK2VwMIGdMQswCQYDVQQGEwJVUzEQ
+MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjELMAkGA1UEBAwCQ0Ex
+EDAOBgNVBAoMB3dvbGZTU0wxEDAOBgNVBAsMB0VEMjU1MTkxGDAWBgNVBAMMD3d3
+dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAi
+GA8yMDE3MDUyODIzMjYyOVoYDzIwMTkwNTI5MjMyNjI5WjCBnzELMAkGA1UEBhMC
+VVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xDTALBgNVBAQM
+BExlYWYxEDAOBgNVBAoMB3dvbGZTU0wxEDAOBgNVBAsMB0VEMjU1MTkxGDAWBgNV
+BAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
+LmNvbTAqMAUGAytlcAMhABowiBhHL5faBPSk471sDBa5SMHRQteOkoSgdCpDng4p
+o1MwUTAdBgNVHQ4EFgQU9rKEGpW0cDJT/tnrmymAS9a18cAwHwYDVR0jBBgwFoAU
+ktUL2vEEi7mhiwMCn1gANTYHeskwDwYDVR0PAQH/BAUDAgbAADAFBgMrZXADQQAS
+VncMlkKY2skVbE5IlQUd0Hgy+IZGmkabZIsxsBlrd5mL//wCNgULaTeHYnXaUCwt
+XVKUPwCdGEVvNxKO9OQA
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICWTCCAgugAwIBAgIIAfbhPrx5oYUwBQYDK2VwMIGfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjENMAsGA1UEBAwEUm9v
+dDEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYGA1UEAwwP
+d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
+MCIYDzIwMTcwNTI4MjMyNjI5WhgPMjAxOTA1MjkyMzI2MjlaMIGdMQswCQYDVQQG
+EwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjELMAkGA1UE
+BAwCQ0ExEDAOBgNVBAoMB3dvbGZTU0wxEDAOBgNVBAsMB0VEMjU1MTkxGDAWBgNV
+BAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
+LmNvbTAqMAUGAytlcAMhAEEH7HUMaHISPASCB24Wb0BBbaSPCPLinadDwiQomH6s
+o2EwXzAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBSS1Qva8QSLuaGLAwKfWAA1Ngd6
+yTAfBgNVHSMEGDAWgBSGwCfpnvqFwf3jb/xUWXI3xzOSuzAPBgNVHQ8BAf8EBQMC
+AcYAMAUGAytlcANBACIbBhfAEXQfZNGj9nsGABoLUI7rsWOSRbrc4sFoFCMMbiyV
+PLEcGSeYUD5VUczESVivuUZP7ZxXOAQp1KkS/gg=
+-----END CERTIFICATE-----

certs/external/ca-digicert-ev.pem

@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAwMFoXDTMxMTExMDAwMDAwMFowbDEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
+LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug
+RVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm
++9S75S0tMqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTW
+PNt0OKRKzE0lgvdKpVMSOO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEM
+xChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFB
+Ik5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQNAQTXKFx01p8VdteZOE3
+hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUeh10aUAsg
+EsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQF
+MAMBAf8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaA
+FLE+w2kD+L9HAdSYJhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3Nec
+nzyIZgYIVyHbIUf4KmeqvxgydkAQV8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6z
+eM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFpmyPInngiK3BD41VHMWEZ71jF
+hS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkKmNEVX58Svnw2
+Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
+vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
++OkuE6N36B9K
+-----END CERTIFICATE-----

certs/external/ca-verisign-g5.pem

@@ -26,3 +26,17 @@ WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ
 4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N
 hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq
 -----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICPDCCAaUCEDyRMcsf9tAbDpq40ES/Er4wDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
+cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
+MDEyOTAwMDAwMFoXDTI4MDgwMjIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
+BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt
+YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
+ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE
+BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is
+I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G
+CSqGSIb3DQEBBQUAA4GBABByUqkFFBkyCEHwxWsKzH4PIRnN5GfcX6kb5sroc50i
+2JhucwNhkcV8sEVAbkSdjbCxlnRhLQ2pRdKkkirWmnWXbj9T/UWZYB2oK0z5XqcJ
+2HUw19JlYD1n1khVdWk/kfVIC0dpImmClr7JyDiGSnoscxlIaU5rfGW/D/xwzoiQ
+-----END CERTIFICATE-----

certs/include.am

@@ -9,6 +9,7 @@ EXTRA_DIST += \
 	     certs/client-keyEnc.pem \
 	     certs/client-key.pem \
 	     certs/ecc-key.pem \
+	     certs/ecc-privkey.pem \
 	     certs/ecc-keyPkcs8Enc.pem \
 	     certs/ecc-key-comp.pem \
 	     certs/ecc-keyPkcs8.pem \
@@ -24,6 +25,7 @@ EXTRA_DIST += \
 	     certs/server-ecc-rsa.pem \
 	     certs/server-keyEnc.pem \
 	     certs/server-key.pem \
+	     certs/server-keyPkcs8.der \
 	     certs/server-keyPkcs8Enc12.pem \
 	     certs/server-keyPkcs8Enc2.pem \
 	     certs/server-keyPkcs8Enc.pem \
@@ -32,7 +34,9 @@ EXTRA_DIST += \
 	     certs/server-revoked-key.pem \
 	     certs/wolfssl-website-ca.pem \
 	     certs/test-servercert.p12 \
-	     certs/dsaparams.pem
+	     certs/dsaparams.pem \
+             certs/ecc-privOnlyKey.pem \
+             certs/ecc-privOnlyCert.pem
 EXTRA_DIST += \
 	     certs/ca-key.der \
 	     certs/ca-cert.der \
@@ -52,10 +56,29 @@ EXTRA_DIST += \
 	     certs/server-ecc-comp.der \
 	     certs/server-ecc.der \
 	     certs/server-ecc-rsa.der \
-         certs/server-cert-chain.der
+	     certs/server-cert-chain.der
+EXTRA_DIST += \
+             certs/ed25519/ca-ed25519.der \
+             certs/ed25519/ca-ed25519-key.der \
+             certs/ed25519/ca-ed25519-key.pem \
+             certs/ed25519/ca-ed25519.pem \
+             certs/ed25519/client-ed25519.der \
+             certs/ed25519/client-ed25519-key.der \
+             certs/ed25519/client-ed25519-key.pem \
+             certs/ed25519/client-ed25519.pem \
+             certs/ed25519/root-ed25519.der \
+             certs/ed25519/root-ed25519-key.der \
+             certs/ed25519/root-ed25519-key.pem \
+             certs/ed25519/root-ed25519.pem \
+             certs/ed25519/server-ed25519.der \
+             certs/ed25519/server-ed25519-key.der \
+             certs/ed25519/server-ed25519-key.pem \
+             certs/ed25519/server-ed25519.pem
 
 dist_doc_DATA+= certs/taoCert.txt
 
 EXTRA_DIST+= certs/ntru-key.raw
 
+include certs/test/include.am
 include certs/test-pathlen/include.am
+include certs/test/include.am

certs/ocsp/include.am

@@ -3,15 +3,11 @@
 #
 
 EXTRA_DIST += \
-        certs/ocsp/index0.txt \
-        certs/ocsp/index1.txt \
-        certs/ocsp/index2.txt \
-        certs/ocsp/index3.txt \
+        certs/ocsp/index-ca-and-intermediate-cas.txt \
+        certs/ocsp/index-intermediate1-ca-issued-certs.txt \
+        certs/ocsp/index-intermediate3-ca-issued-certs.txt \
+        certs/ocsp/index-intermediate3-ca-issued-certs.txt \
         certs/ocsp/openssl.cnf \
-        certs/ocsp/ocspd0.sh \
-        certs/ocsp/ocspd1.sh \
-        certs/ocsp/ocspd2.sh \
-        certs/ocsp/ocspd3.sh \
         certs/ocsp/intermediate1-ca-key.pem \
         certs/ocsp/intermediate1-ca-cert.pem \
         certs/ocsp/intermediate2-ca-key.pem \

certs/ocsp/ocspd-intermediate1-ca-issued-certs-with-ca-as-responder.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+openssl ocsp -port 22221 -nmin 1                                \
+    -index   certs/ocsp/index-intermediate1-ca-issued-certs.txt \
+    -rsigner certs/ocsp/intermediate1-ca-cert.pem               \
+    -rkey    certs/ocsp/intermediate1-ca-key.pem                \
+    -CA      certs/ocsp/intermediate1-ca-cert.pem               \
+    $@

certs/ocsp/ocspd-intermediate1-ca-issued-certs.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+openssl ocsp -port 22221 -nmin 1                                \
+    -index   certs/ocsp/index-intermediate1-ca-issued-certs.txt \
+    -rsigner certs/ocsp/ocsp-responder-cert.pem                 \
+    -rkey    certs/ocsp/ocsp-responder-key.pem                  \
+    -CA      certs/ocsp/intermediate1-ca-cert.pem               \
+    $@

certs/ocsp/ocspd-intermediate2-ca-issued-certs.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+openssl ocsp -port 22222 -nmin 1                                \
+    -index   certs/ocsp/index-intermediate2-ca-issued-certs.txt \
+    -rsigner certs/ocsp/ocsp-responder-cert.pem                 \
+    -rkey    certs/ocsp/ocsp-responder-key.pem                  \
+    -CA      certs/ocsp/intermediate2-ca-cert.pem               \
+    $@

certs/ocsp/ocspd-intermediate3-ca-issued-certs.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+openssl ocsp -port 22223 -nmin 1                                \
+    -index   certs/ocsp/index-intermediate3-ca-issued-certs.txt \
+    -rsigner certs/ocsp/ocsp-responder-cert.pem                 \
+    -rkey    certs/ocsp/ocsp-responder-key.pem                  \
+    -CA      certs/ocsp/intermediate3-ca-cert.pem               \
+    $@

certs/ocsp/ocspd-root-ca-and-intermediate-cas.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+openssl ocsp -port 22220 -nmin 1                          \
+    -index   certs/ocsp/index-ca-and-intermediate-cas.txt \
+    -rsigner certs/ocsp/ocsp-responder-cert.pem           \
+    -rkey    certs/ocsp/ocsp-responder-key.pem            \
+    -CA      certs/ocsp/root-ca-cert.pem                  \
+    $@

certs/ocsp/ocspd0.sh

@@ -1,8 +0,0 @@
-#!/bin/sh
-
-openssl ocsp -port 22220 -nmin 1                \
-    -index   certs/ocsp/index0.txt              \
-    -rsigner certs/ocsp/ocsp-responder-cert.pem \
-    -rkey    certs/ocsp/ocsp-responder-key.pem  \
-    -CA      certs/ocsp/root-ca-cert.pem        \
-    $@

certs/ocsp/ocspd1.sh

@@ -1,8 +0,0 @@
-#!/bin/sh
-
-openssl ocsp -port 22221 -nmin 1                  \
-    -index   certs/ocsp/index1.txt                \
-    -rsigner certs/ocsp/ocsp-responder-cert.pem   \
-    -rkey    certs/ocsp/ocsp-responder-key.pem    \
-    -CA      certs/ocsp/intermediate1-ca-cert.pem \
-    $@

certs/ocsp/ocspd2.sh

@@ -1,8 +0,0 @@
-#!/bin/sh
-
-openssl ocsp -port 22222 -nmin 1                  \
-    -index   certs/ocsp/index2.txt                \
-    -rsigner certs/ocsp/ocsp-responder-cert.pem   \
-    -rkey    certs/ocsp/ocsp-responder-key.pem    \
-    -CA      certs/ocsp/intermediate2-ca-cert.pem \
-    $@

certs/ocsp/ocspd3.sh

@@ -1,8 +0,0 @@
-#!/bin/sh
-
-openssl ocsp -port 22223 -nmin 1                  \
-    -index   certs/ocsp/index3.txt                \
-    -rsigner certs/ocsp/ocsp-responder-cert.pem   \
-    -rkey    certs/ocsp/ocsp-responder-key.pem    \
-    -CA      certs/ocsp/intermediate3-ca-cert.pem \
-    $@

certs/renewcerts.sh

@@ -16,6 +16,7 @@
 #                       1024/client-cert.pem
 #                       server-ecc-comp.pem
 #                       client-ca.pem
+#                       test/digsigku.pem
 # updates the following crls:
 #                       crl/cliCrl.pem
 #                       crl/crl.pem
@@ -128,6 +129,23 @@ function run_renewcerts(){
     cat ca_tmp.pem >> server-revoked-cert.pem
     rm ca_tmp.pem
     ###########################################################
+    ########## update and sign server-duplicate-policy.pem ####
+    ###########################################################
+    echo "Updating server-duplicate-policy.pem"
+    echo ""
+    #pipe the following arguments to openssl req...
+    echo -e "US\nMontana\nBozeman\nwolfSSL\ntesting duplicate policy\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key server-key.pem -nodes > ./test/server-duplicate-policy-req.pem
+
+    openssl x509 -req -in ./test/server-duplicate-policy-req.pem -extfile wolfssl.cnf -extensions policy_test -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 02 > ./test/server-duplicate-policy.pem
+
+    rm ./test/server-duplicate-policy-req.pem
+
+    openssl x509 -in ca-cert.pem -text > ca_tmp.pem
+    openssl x509 -in ./test/server-duplicate-policy.pem -text > srv_tmp.pem
+    mv srv_tmp.pem ./test/server-duplicate-policy.pem
+    cat ca_tmp.pem >> ./test/server-duplicate-policy.pem
+    rm ca_tmp.pem
+    ###########################################################
     #### update and sign (1024-bit) server-cert.pem ###########
     ###########################################################
     echo "Updating 1024-bit server-cert.pem"
@@ -208,6 +226,22 @@ function run_renewcerts(){
     echo ""
     cat client-cert.pem client-ecc-cert.pem > client-ca.pem
 
+    ############################################################
+    ###### update the self-signed test/digsigku.pem   ##########
+    ############################################################
+    echo "Updating test/digsigku.pem"
+    echo ""
+    #pipe the following arguments to openssl req...
+    echo -e "US\nWashington\nSeattle\nFoofarah\nArglebargle\nfoobarbaz\ninfo@worlss.com\n.\n.\n" | openssl req -new -key ecc-key.pem -nodes -sha1 -out digsigku.csr
+
+
+    openssl x509 -req -in digsigku.csr -days 1000 -extfile wolfssl.cnf -extensions digsigku -signkey ecc-key.pem -sha1 -set_serial 16393466893990650224 -out digsigku.pem
+    rm digsigku.csr
+
+    openssl x509 -in digsigku.pem -text > tmp.pem
+    mv tmp.pem digsigku.pem
+    mv digsigku.pem test/digsigku.pem
+
     ############################################################
     ########## make .der files from .pem files #################
     ############################################################

certs/renewcerts/wolfssl.cnf

@@ -148,6 +148,28 @@ subjectKeyIdentifier=hash
 authorityKeyIdentifier=keyid,issuer
 proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
 
+# Test of rejecting duplicate policy extension OIDs
+[ policy_test ]
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always
+basicConstraints=CA:FALSE
+certificatePolicies=1.2.3.4,@policy_add
+
+[ policy_add ]
+policyIdentifier=1.2.3.4
+CPS.1="www.wolfssl.com"
+userNotice.1=@policy_usr
+
+[ policy_usr ]
+explicitText="Test of duplicate OIDs with different qualifiers"
+
+# create certificate without the digitalSignature bit set and uses sha1 sig
+[ digsigku ]
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always
+basicConstraints=critical, CA:TRUE
+keyUsage=critical, nonRepudiation, keyEncipherment
+
 #tsa default
 [ tsa ]
 default_tsa = tsa_config1

certs/test/cert-ext-ia.cfg

@@ -0,0 +1,18 @@
+[ req ]
+distinguished_name = req_distinguished_name
+prompt             = no
+x509_extensions    = v3_ca
+
+[ req_distinguished_name ]
+C             = AU
+ST            = Queensland
+L             = Brisbane
+O             = wolfSSL Inc
+OU            = Engineering
+CN            = www.wolfssl.com
+emailAddress  = support@www.wolfsssl.com
+
+[ v3_ca ]
+inhibitAnyPolicy = critical,1
+nsComment        = "Testing inhibit any"
+

certs/test/cert-ext-nc.cfg

@@ -0,0 +1,18 @@
+[ req ]
+distinguished_name = req_distinguished_name
+prompt             = no
+x509_extensions    = v3_ca
+
+[ req_distinguished_name ]
+C             = AU
+ST            = Queensland
+L             = Brisbane
+O             = wolfSSL Inc
+OU            = Engineering
+CN            = www.wolfssl.com
+emailAddress  = support@www.wolfsssl.com
+
+[ v3_ca ]
+nameConstraints = critical,permitted;email:.wolfssl.com
+nsComment       = "Testing name constraints"
+

certs/test/digsigku.pem

@@ -1,17 +1,16 @@
 Certificate:
     Data:
         Version: 3 (0x2)
-        Serial Number:
-            e3:81:4b:48:a5:70:61:70
-        Signature Algorithm: ecdsa-with-SHA1
+        Serial Number: 16393466893990650224 (0xe3814b48a5706170)
+    Signature Algorithm: ecdsa-with-SHA1
         Issuer: C=US, ST=Washington, L=Seattle, O=Foofarah, OU=Arglebargle, CN=foobarbaz/emailAddress=info@worlss.com
         Validity
-            Not Before: Sep 10 00:45:36 2014 GMT
-            Not After : Jun  6 00:45:36 2017 GMT
+            Not Before: May  3 00:07:20 2017 GMT
+            Not After : Jan 28 00:07:20 2020 GMT
         Subject: C=US, ST=Washington, L=Seattle, O=Foofarah, OU=Arglebargle, CN=foobarbaz/emailAddress=info@worlss.com
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
-            EC Public Key:
+                Public-Key: (256 bit)
                 pub: 
                     04:bb:33:ac:4c:27:50:4a:c6:4a:a5:04:c3:3c:de:
                     9f:36:db:72:2d:ce:94:ea:2b:fa:cb:20:09:39:2c:
@@ -19,34 +18,40 @@ Certificate:
                     21:7f:f0:cf:18:da:91:11:02:34:86:e8:20:58:33:
                     0b:80:34:89:d8
                 ASN1 OID: prime256v1
+                NIST CURVE: P-256
         X509v3 extensions:
             X509v3 Subject Key Identifier: 
                 5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30
             X509v3 Authority Key Identifier: 
                 keyid:5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30
+                DirName:/C=US/ST=Washington/L=Seattle/O=Foofarah/OU=Arglebargle/CN=foobarbaz/emailAddress=info@worlss.com
+                serial:E3:81:4B:48:A5:70:61:70
 
             X509v3 Basic Constraints: critical
                 CA:TRUE
             X509v3 Key Usage: critical
                 Non Repudiation, Key Encipherment
     Signature Algorithm: ecdsa-with-SHA1
-        30:46:02:21:00:f4:36:ee:86:21:d5:c7:1f:2d:0d:bb:29:ae:
-        c1:74:ff:a3:ce:41:fe:cb:93:eb:ff:ef:fe:e3:4d:20:e5:18:
-        65:02:21:00:b1:39:13:12:e2:b5:19:f2:8f:5b:40:ac:7a:5c:
-        e2:a6:e3:d3:e6:9f:79:3c:29:d8:c6:7d:88:f4:60:0c:48:00
+         30:46:02:21:00:fe:d6:30:36:fb:43:39:51:d7:4a:02:24:5e:
+         b4:b1:11:e3:83:66:00:fc:24:12:1a:7e:a8:05:77:ca:f7:24:
+         2d:02:21:00:fb:59:c3:e9:6e:9b:f6:a2:46:0b:d8:ad:33:fb:
+         89:2d:80:d6:1d:68:1f:f7:d7:93:f1:0b:7a:6b:81:f5:af:62
 -----BEGIN CERTIFICATE-----
-MIICfTCCAiOgAwIBAgIJAOOBS0ilcGFwMAkGByqGSM49BAEwgZExCzAJBgNVBAYT
+MIIDKTCCAs+gAwIBAgIJAOOBS0ilcGFwMAkGByqGSM49BAEwgZExCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMREwDwYD
 VQQKDAhGb29mYXJhaDEUMBIGA1UECwwLQXJnbGViYXJnbGUxEjAQBgNVBAMMCWZv
-b2JhcmJhejEeMBwGCSqGSIb3DQEJARYPaW5mb0B3b3Jsc3MuY29tMB4XDTE0MDkx
-MDAwNDUzNloXDTE3MDYwNjAwNDUzNlowgZExCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+b2JhcmJhejEeMBwGCSqGSIb3DQEJARYPaW5mb0B3b3Jsc3MuY29tMB4XDTE3MDUw
+MzAwMDcyMFoXDTIwMDEyODAwMDcyMFowgZExCzAJBgNVBAYTAlVTMRMwEQYDVQQI
 DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMREwDwYDVQQKDAhGb29mYXJh
 aDEUMBIGA1UECwwLQXJnbGViYXJnbGUxEjAQBgNVBAMMCWZvb2JhcmJhejEeMBwG
 CSqGSIb3DQEJARYPaW5mb0B3b3Jsc3MuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0D
 AQcDQgAEuzOsTCdQSsZKpQTDPN6fNttyLc6U6iv6yyAJOSwW6GEC6a9N0wKTmjFb
-l5Ihf/DPGNqREQI0huggWDMLgDSJ2KNjMGEwHQYDVR0OBBYEFF1dJu+sfjb5m3YV
-K0olAiPvsokwMB8GA1UdIwQYMBaAFF1dJu+sfjb5m3YVK0olAiPvsokwMA8GA1Ud
-EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgVgMAkGByqGSM49BAEDSQAwRgIhAPQ2
-7oYh1ccfLQ27Ka7BdP+jzkH+y5Pr/+/+400g5RhlAiEAsTkTEuK1GfKPW0Cselzi
-puPT5p95PCnYxn2I9GAMSAA=
+l5Ihf/DPGNqREQI0huggWDMLgDSJ2KOCAQ0wggEJMB0GA1UdDgQWBBRdXSbvrH42
++Zt2FStKJQIj77KJMDCBxgYDVR0jBIG+MIG7gBRdXSbvrH42+Zt2FStKJQIj77KJ
+MKGBl6SBlDCBkTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAO
+BgNVBAcMB1NlYXR0bGUxETAPBgNVBAoMCEZvb2ZhcmFoMRQwEgYDVQQLDAtBcmds
+ZWJhcmdsZTESMBAGA1UEAwwJZm9vYmFyYmF6MR4wHAYJKoZIhvcNAQkBFg9pbmZv
+QHdvcmxzcy5jb22CCQDjgUtIpXBhcDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB
+/wQEAwIFYDAJBgcqhkjOPQQBA0kAMEYCIQD+1jA2+0M5UddKAiRetLER44NmAPwk
+Ehp+qAV3yvckLQIhAPtZw+lum/aiRgvYrTP7iS2A1h1oH/fXk/ELemuB9a9i
 -----END CERTIFICATE-----

certs/test/gen-ext-certs.sh

@@ -0,0 +1,69 @@
+#!/bin/sh
+
+TMP="/tmp/`basename $0`"
+
+gen_cert() {
+    openssl req -x509 -keyform DER -key certs/server-key.der \
+                      -outform DER -out $OUT -config $CONFIG \
+        >$TMP 2>&1
+
+    if [ "$?" = "0" -a -f $OUT ]; then
+        echo "Created: $OUT"
+    else
+        cat $TMP
+        echo "Failed:  $OUT"
+    fi
+
+    rm $TMP
+}
+
+OUT=certs/test/cert-ext-nc.der
+KEYFILE=certs/test/cert-ext-nc-key.der
+CONFIG=certs/test/cert-ext-nc.cfg
+tee >$CONFIG <<EOF
+[ req ]
+distinguished_name = req_distinguished_name
+prompt             = no
+x509_extensions    = v3_ca
+
+[ req_distinguished_name ]
+C             = AU
+ST            = Queensland
+L             = Brisbane
+O             = wolfSSL Inc
+OU            = Engineering
+CN            = www.wolfssl.com
+emailAddress  = support@www.wolfsssl.com
+
+[ v3_ca ]
+nameConstraints = critical,permitted;email:.wolfssl.com
+nsComment       = "Testing name constraints"
+
+EOF
+gen_cert
+
+OUT=certs/test/cert-ext-ia.der
+KEYFILE=certs/test/cert-ext-ia-key.der
+CONFIG=certs/test/cert-ext-ia.cfg
+tee >$CONFIG <<EOF
+[ req ]
+distinguished_name = req_distinguished_name
+prompt             = no
+x509_extensions    = v3_ca
+
+[ req_distinguished_name ]
+C             = AU
+ST            = Queensland
+L             = Brisbane
+O             = wolfSSL Inc
+OU            = Engineering
+CN            = www.wolfssl.com
+emailAddress  = support@www.wolfsssl.com
+
+[ v3_ca ]
+inhibitAnyPolicy = critical,1
+nsComment        = "Testing inhibit any"
+
+EOF
+gen_cert
+

certs/test/include.am

@@ -0,0 +1,13 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+EXTRA_DIST += \
+	     certs/test/cert-ext-ia.cfg \
+	     certs/test/cert-ext-ia.der \
+	     certs/test/cert-ext-nc.cfg \
+	     certs/test/cert-ext-nc.der \
+	     certs/test/cert-ext-ns.der \
+	     certs/test/gen-ext-certs.sh \
+         certs/test/server-duplicate-policy.pem
+

certs/test/server-duplicate-policy.pem

@@ -0,0 +1,182 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 2 (0x2)
+    Signature Algorithm: sha256WithRSAEncryption
+        Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+        Validity
+            Not Before: Mar 10 20:37:22 2017 GMT
+            Not After : Dec  5 20:37:22 2019 GMT
+        Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=testing duplicate policy, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (2048 bit)
+                Modulus:
+                    00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27:
+                    01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6:
+                    f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75:
+                    f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab:
+                    64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e:
+                    86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25:
+                    4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c:
+                    34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6:
+                    8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc:
+                    40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8:
+                    dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3:
+                    e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9:
+                    64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0:
+                    c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77:
+                    ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4:
+                    b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22:
+                    a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f:
+                    ad:d7
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C
+            X509v3 Authority Key Identifier: 
+                keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
+                DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+                serial:9C:86:DC:5C:A7:73:35:83
+
+            X509v3 Basic Constraints: 
+                CA:FALSE
+            X509v3 Certificate Policies: 
+                Policy: 1.2.3.4
+                Policy: 1.2.3.4
+                  CPS: www.wolfssl.com
+                  User Notice:
+                    Explicit Text: Test of duplicate OIDs with different qualifiers
+
+    Signature Algorithm: sha256WithRSAEncryption
+         82:59:1f:4c:a7:19:9f:e7:ab:cc:51:21:da:ef:4f:73:75:22:
+         6c:db:55:83:c4:35:c7:40:69:49:46:45:56:78:06:03:76:d8:
+         3b:6c:75:aa:2c:a5:c0:61:e8:5c:c0:2b:ed:66:a9:66:c0:b3:
+         37:83:23:c5:2c:b2:45:59:61:84:be:dd:44:72:00:7a:6b:f9:
+         50:89:31:66:a7:84:46:74:0f:bb:5b:05:0d:1f:2d:4d:b4:dc:
+         69:2c:e2:a0:fd:5e:93:14:c7:ce:a2:6e:50:61:8f:73:94:a0:
+         7a:65:e5:9d:76:f0:1b:1c:da:da:72:3e:f9:8c:4d:c0:4a:cb:
+         24:e8:40:51:a1:37:9c:e7:87:1a:0e:cd:a6:7f:54:39:65:5f:
+         63:64:04:60:5e:cc:1d:a6:71:78:1f:44:32:32:f9:27:0d:23:
+         75:95:01:0b:0d:f3:90:ec:e2:7e:df:0f:43:96:e4:32:c3:b4:
+         e2:df:87:12:97:a1:1e:f1:c8:73:fe:5e:ea:55:5c:f7:4b:88:
+         2e:31:6c:52:ff:b3:05:85:f7:fe:e7:ac:f6:74:a8:4f:8e:96:
+         88:5f:73:5a:f1:77:9d:b9:16:a3:53:e2:4a:5b:e2:5e:2b:88:
+         1c:a8:b8:ee:e2:ee:72:cb:b2:51:ab:c2:90:5f:15:df:1c:ff:
+         fd:0d:95:20
+-----BEGIN CERTIFICATE-----
+MIIFJjCCBA6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
+EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
+d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTcwMzEw
+MjAzNzIyWhcNMTkxMjA1MjAzNzIyWjCBoTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
+B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wxITAf
+BgNVBAsMGHRlc3RpbmcgZHVwbGljYXRlIHBvbGljeTEYMBYGA1UEAwwPd3d3Lndv
+bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI4VdB8nFtt9JFQScBZcZFrvK8
+JDC4lc4vTtb2HIi8fJ/7qGd//lycUXX3isoH5zUvj+G9e8AvfKtkqBf8yl17uuAh
+5XIuby6G2JVz2qwbU7lfP9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF9n8LWWh4
+c6aMGKkCba/DGQEuuBDjxsxAtGmjRjNph27Euxem8+jdrXO8ey8htf1mUQy9VLPh
+bV8cvCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOVoXe6E9KX
+c+JdJclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t1wIDAQAB
+o4IBcjCCAW4wHQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MIHJBgNVHSME
+gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
+UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
+U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAJyG3Fyn
+czWDMAkGA1UdEwQCMAAwdgYDVR0gBG8wbTAFBgMqAwQwZAYDKgMEMF0wGwYIKwYB
+BQUHAgEWD3d3dy53b2xmc3NsLmNvbTA+BggrBgEFBQcCAjAyGjBUZXN0IG9mIGR1
+cGxpY2F0ZSBPSURzIHdpdGggZGlmZmVyZW50IHF1YWxpZmllcnMwDQYJKoZIhvcN
+AQELBQADggEBAIJZH0ynGZ/nq8xRIdrvT3N1ImzbVYPENcdAaUlGRVZ4BgN22Dts
+daospcBh6FzAK+1mqWbAszeDI8UsskVZYYS+3URyAHpr+VCJMWanhEZ0D7tbBQ0f
+LU203Gks4qD9XpMUx86iblBhj3OUoHpl5Z128Bsc2tpyPvmMTcBKyyToQFGhN5zn
+hxoOzaZ/VDllX2NkBGBezB2mcXgfRDIy+ScNI3WVAQsN85Ds4n7fD0OW5DLDtOLf
+hxKXoR7xyHP+XupVXPdLiC4xbFL/swWF9/7nrPZ0qE+Olohfc1rxd525FqNT4kpb
+4l4riByouO7i7nLLslGrwpBfFd8c//0NlSA=
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 11278944607300433283 (0x9c86dc5ca7733583)
+    Signature Algorithm: sha256WithRSAEncryption
+        Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+        Validity
+            Not Before: Mar 10 20:37:22 2017 GMT
+            Not After : Dec  5 20:37:22 2019 GMT
+        Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (2048 bit)
+                Modulus:
+                    00:bf:0c:ca:2d:14:b2:1e:84:42:5b:cd:38:1f:4a:
+                    f2:4d:75:10:f1:b6:35:9f:df:ca:7d:03:98:d3:ac:
+                    de:03:66:ee:2a:f1:d8:b0:7d:6e:07:54:0b:10:98:
+                    21:4d:80:cb:12:20:e7:cc:4f:de:45:7d:c9:72:77:
+                    32:ea:ca:90:bb:69:52:10:03:2f:a8:f3:95:c5:f1:
+                    8b:62:56:1b:ef:67:6f:a4:10:41:95:ad:0a:9b:e3:
+                    a5:c0:b0:d2:70:76:50:30:5b:a8:e8:08:2c:7c:ed:
+                    a7:a2:7a:8d:38:29:1c:ac:c7:ed:f2:7c:95:b0:95:
+                    82:7d:49:5c:38:cd:77:25:ef:bd:80:75:53:94:3c:
+                    3d:ca:63:5b:9f:15:b5:d3:1d:13:2f:19:d1:3c:db:
+                    76:3a:cc:b8:7d:c9:e5:c2:d7:da:40:6f:d8:21:dc:
+                    73:1b:42:2d:53:9c:fe:1a:fc:7d:ab:7a:36:3f:98:
+                    de:84:7c:05:67:ce:6a:14:38:87:a9:f1:8c:b5:68:
+                    cb:68:7f:71:20:2b:f5:a0:63:f5:56:2f:a3:26:d2:
+                    b7:6f:b1:5a:17:d7:38:99:08:fe:93:58:6f:fe:c3:
+                    13:49:08:16:0b:a7:4d:67:00:52:31:67:23:4e:98:
+                    ed:51:45:1d:b9:04:d9:0b:ec:d8:28:b3:4b:bd:ed:
+                    36:79
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
+            X509v3 Authority Key Identifier: 
+                keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
+                DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+                serial:9C:86:DC:5C:A7:73:35:83
+
+            X509v3 Basic Constraints: 
+                CA:TRUE
+    Signature Algorithm: sha256WithRSAEncryption
+         10:6b:75:29:65:17:7e:78:ae:85:2e:b7:a4:50:98:69:74:f9:
+         50:a1:8e:2c:9f:b0:43:66:a1:e0:42:32:38:15:5f:2e:cc:cc:
+         c4:b9:7c:b5:c2:bc:59:24:49:17:ad:1c:e4:6e:dc:70:e3:93:
+         fc:69:dd:04:7b:41:dd:08:f0:13:ee:2a:cb:6f:cf:af:d4:96:
+         3c:44:50:29:45:60:89:cd:ec:5f:c1:bb:b0:03:61:74:b3:29:
+         ad:df:e9:7c:d9:f2:18:22:45:e7:3d:d4:72:37:2c:b4:18:7d:
+         34:ca:55:00:0d:89:d0:f7:3e:81:4d:da:02:4c:2b:a6:61:4b:
+         bf:b1:ec:73:11:6a:53:a3:0a:0f:20:04:5d:17:67:b1:a6:a2:
+         37:a8:f5:ea:78:6d:00:8b:64:16:62:0a:6f:44:94:15:9e:4d:
+         15:0c:33:f0:ba:9d:e2:be:69:6f:12:9f:69:95:39:ba:97:9e:
+         c3:af:22:ad:f2:f2:3b:67:81:1a:99:d2:02:89:86:6d:8f:92:
+         98:32:dd:c1:fa:2e:38:03:2e:fc:02:a5:e7:b8:dc:94:3b:88:
+         15:4a:09:80:98:61:b4:5e:07:b5:87:57:f4:a0:91:5c:7e:89:
+         f5:89:16:f2:7a:15:52:1b:55:26:7c:59:d2:d0:23:e3:0e:12:
+         b1:99:f9:6b
+-----BEGIN CERTIFICATE-----
+MIIEqjCCA5KgAwIBAgIJAJyG3FynczWDMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD
+VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
+A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
+dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe
+Fw0xNzAzMTAyMDM3MjJaFw0xOTEyMDUyMDM3MjJaMIGUMQswCQYDVQQGEwJVUzEQ
+MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3
+dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
+LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAL8Myi0Ush6EQlvNOB9K8k11EPG2NZ/fyn0D
+mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx
+i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J
+XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc
+/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI
+/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOB/DCB
++TAdBgNVHQ4EFgQUJ45nEXTDJh0/7TNjs6TYHTDl6NUwgckGA1UdIwSBwTCBvoAU
+J45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD
+VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290
+aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
+MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAnIbcXKdzNYMwDAYD
+VR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAEGt1KWUXfniuhS63pFCYaXT5
+UKGOLJ+wQ2ah4EIyOBVfLszMxLl8tcK8WSRJF60c5G7ccOOT/GndBHtB3QjwE+4q
+y2/Pr9SWPERQKUVgic3sX8G7sANhdLMprd/pfNnyGCJF5z3UcjcstBh9NMpVAA2J
+0Pc+gU3aAkwrpmFLv7HscxFqU6MKDyAEXRdnsaaiN6j16nhtAItkFmIKb0SUFZ5N
+FQwz8Lqd4r5pbxKfaZU5upeew68irfLyO2eBGpnSAomGbY+SmDLdwfouOAMu/AKl
+57jclDuIFUoJgJhhtF4HtYdX9KCRXH6J9YkW8noVUhtVJnxZ0tAj4w4SsZn5aw==
+-----END CERTIFICATE-----

cyassl/ctaocrypt/settings.h

@@ -246,7 +246,7 @@
 
 /* Micrium will use Visual Studio for compilation but not the Win32 API */
 #if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \
-        && !defined(EBSNET) && !defined(CYASSL_EROAD)
+        && !defined(EBSNET) && !defined(CYASSL_EROAD) && !defined(INTIME_RTOS)
     #define USE_WINDOWS_API
 #endif
 

cyassl/openssl/include.am

@@ -32,6 +32,7 @@ nobase_include_HEADERS+= \
                          cyassl/openssl/rand.h \
                          cyassl/openssl/rsa.h \
                          cyassl/openssl/sha.h \
+                         cyassl/openssl/ssl23.h \
                          cyassl/openssl/ssl.h \
                          cyassl/openssl/stack.h \
                          cyassl/openssl/ui.h \

cyassl/openssl/ssl23.h

@@ -0,0 +1,3 @@
+/* ssl23.h for openssl */
+
+#include <wolfssl/openssl/sssl23.h>