Merge pull request #1090 from JacobBarthelmeh/Release

update readme for known issue

.cproject

@@ -66,7 +66,7 @@
 						</toolChain>
 					</folderInfo>
 					<sourceEntries>
-						<entry excluding="wolfcrypt/src/misc.c|IDE/LPCXPRESSO/wolf_example|tirtos|testsuite|tests|swig|support|sslSniffer|scripts|rpm|mqx|mplabx|mcapi|m4|IDE/WORKBENCH|IDE/WIN|IDE/ROWLEY-CROSSWORKS-ARM|IDE/MYSQL|IDE/MDK-ARM|IDE/MDK5-ARM|IDE/LPCXPRESSO/wolf_demo|IDE/LPCXPRESSO/lpc_chip_18xx|IDE/LPCXPRESSO/lpc_board_nxp_lpcxpresso_1837|IDE/iOS|IDE/IAR-EWARM|examples|Debug|certs|build-aux|Backup|autom4te.cache|wolfcrypt/src/aes_asm.s|wolfcrypt/src/aes_asm.asm|wolfcrypt/user-crypto" flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name=""/>
+						<entry excluding="src/bio.c|wolfcrypt/src/evp.c|wolfcrypt/src/misc.c|IDE/LPCXPRESSO/wolf_example|tirtos|testsuite|tests|swig|support|sslSniffer|scripts|rpm|mqx|mplabx|mcapi|m4|IDE/WORKBENCH|IDE/WIN|IDE/ROWLEY-CROSSWORKS-ARM|IDE/MYSQL|IDE/MDK-ARM|IDE/MDK5-ARM|IDE/LPCXPRESSO/wolf_demo|IDE/LPCXPRESSO/lpc_chip_18xx|IDE/LPCXPRESSO/lpc_board_nxp_lpcxpresso_1837|IDE/iOS|IDE/IAR-EWARM|examples|Debug|certs|build-aux|Backup|autom4te.cache|wolfcrypt/src/aes_asm.s|wolfcrypt/src/aes_asm.asm|wolfcrypt/user-crypto" flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name=""/>
 					</sourceEntries>
 				</configuration>
 			</storageModule>

.gitignore

@@ -9,7 +9,8 @@ ctaocrypt/src/src/
 *.cache
 .dirstamp
 *.user
-config*
+configure
+config.*
 *Debug/
 *Release/
 *.ncb
@@ -44,6 +45,12 @@ src/async.c
 wolfssl/async.h
 wolfcrypt/src/async.c
 wolfssl/wolfcrypt/async.h
+wolfcrypt/src/port/intel/quickassist.c
+wolfcrypt/src/port/intel/quickassist_mem.c
+wolfcrypt/src/port/cavium/cavium_nitrox.c
+wolfssl/wolfcrypt/port/intel/quickassist.h
+wolfssl/wolfcrypt/port/intel/quickassist_mem.h
+wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h
 ctaocrypt/benchmark/benchmark
 ctaocrypt/test/testctaocrypt
 wolfcrypt/benchmark/benchmark
@@ -85,7 +92,18 @@ ecc-key.pem
 certreq.der
 certreq.pem
 pkcs7cert.der
-pkcs7signedData.der
+pkcs7signedData_RSA_SHA.der
+pkcs7signedData_RSA_SHA_noattr.der
+pkcs7signedData_RSA_SHA224.der
+pkcs7signedData_RSA_SHA256.der
+pkcs7signedData_RSA_SHA384.der
+pkcs7signedData_RSA_SHA512.der
+pkcs7signedData_ECDSA_SHA.der
+pkcs7signedData_ECDSA_SHA_noattr.der
+pkcs7signedData_ECDSA_SHA224.der
+pkcs7signedData_ECDSA_SHA256.der
+pkcs7signedData_ECDSA_SHA384.der
+pkcs7signedData_ECDSA_SHA512.der
 pkcs7envelopedDataDES3.der
 pkcs7envelopedDataAES128CBC.der
 pkcs7envelopedDataAES192CBC.der
@@ -110,6 +128,7 @@ autoscan.log
 TAGS
 .DS_Store
 support/cyassl.pc
+support/wolfssl.pc
 cyassl/ctaocrypt/stamp-h1
 swig/_cyassl.so
 swig/_wolfssl.so
@@ -150,6 +169,12 @@ mplabx/wolfcrypt_test.X/nbproject/Makefile-*
 mplabx/wolfcrypt_test.X/nbproject/Package-default.bash
 mplabx/wolfssl.X/nbproject/Makefile-*
 mplabx/wolfssl.X/nbproject/Package-default.bash
+mplabx/wolfssl.X/nbproject/private
+mplabx/wolfcrypt_test.X/nbproject/private
+mplabx/wolfcrypt_benchmark.X/nbproject/private
+mplabx/wolfssl.X/dist/default/
+mplabx/wolfcrypt_test.X/dist/default/
+mplabx/wolfcrypt_benchmark.X/dist/default/
 *.dSYM
 
 # Vagrant folder
@@ -190,4 +215,16 @@ wrapper/CSharp/x64/
 
 # Visual Studio Code Workspace Files
 *.vscode
+
 IDE/INTIME-RTOS/Debug_*
+
+# Hexiwear
+IDE/HEXIWEAR/wolfSSL_HW/Debug
+
+# Linux-SGX
+IDE/LINUX-SGX/*.a
+
+# Binaries
+wolfcrypt/src/port/intel/qat_test
+/mplabx/wolfssl.X/dist/default/
+/mplabx/wolfcrypt_test.X/dist/default/

IDE/ARDUINO/wolfssl-arduino.sh

@@ -13,3 +13,14 @@ if [ "$DIR" = "ARDUINO" ]; then
 else
     echo "ERROR: You must be in the IDE/ARDUINO directory to run this script"
 fi
+
+#UPDATED: 19 Apr 2017 to remove bio.c and evp.c from the root directory since
+#         they are included inline and should not be compiled directly
+
+ARDUINO_DIR=${PWD}
+cd ../../
+rm bio.c
+rm evp.c
+cd $ARDUINO_DIR
+# end script in the origin directory for any future functionality that may be added.
+#End UPDATE: 19 Apr 2017

IDE/HEXIWEAR/wolfSSL_HW/.cproject

@@ -0,0 +1,143 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<?fileVersion 4.0.0?><cproject storage_type_id="org.eclipse.cdt.core.XmlProjectDescriptionStorage">
+	<storageModule moduleId="org.eclipse.cdt.core.settings">
+		<cconfiguration id="ilg.gnuarmeclipse.managedbuild.cross.config.elf.debug.170735395">
+			<storageModule buildSystemId="org.eclipse.cdt.managedbuilder.core.configurationDataProvider" id="ilg.gnuarmeclipse.managedbuild.cross.config.elf.debug.170735395" moduleId="org.eclipse.cdt.core.settings" name="Debug">
+				<macros>
+					<stringMacro name="PROJECT_KSDK_PATH" type="VALUE_TEXT" value="~/Work/KSDK_1.3.0"/>
+				</macros>
+				<externalSettings>
+					<externalSetting>
+						<entry flags="VALUE_WORKSPACE_PATH" kind="includePath" name="/wolfSSL_HW"/>
+						<entry flags="VALUE_WORKSPACE_PATH" kind="libraryPath" name="/wolfSSL_HW/Debug"/>
+						<entry flags="RESOLVED" kind="libraryFile" name="wolfssl_hw" srcPrefixMapping="" srcRootPath=""/>
+					</externalSetting>
+				</externalSettings>
+				<extensions>
+					<extension id="org.eclipse.cdt.managedbuilder.core.ManagedBuildManager" point="org.eclipse.cdt.core.ScannerInfoProvider"/>
+					<extension id="org.eclipse.cdt.core.ELF" point="org.eclipse.cdt.core.BinaryParser"/>
+					<extension id="org.eclipse.cdt.core.GmakeErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.CWDLocator" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GCCErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GASErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GLDErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+				</extensions>
+			</storageModule>
+			<storageModule moduleId="cdtBuildSystem" version="4.0.0">
+				<configuration artifactExtension="a" artifactName="wolfssl_hw" buildArtefactType="org.eclipse.cdt.build.core.buildArtefactType.staticLib" buildProperties="org.eclipse.cdt.build.core.buildType=org.eclipse.cdt.build.core.buildType.debug,org.eclipse.cdt.build.core.buildArtefactType=org.eclipse.cdt.build.core.buildArtefactType.staticLib" cleanCommand="${cross_rm} -rf" description="" id="ilg.gnuarmeclipse.managedbuild.cross.config.elf.debug.170735395" name="Debug" parent="ilg.gnuarmeclipse.managedbuild.cross.config.elf.debug">
+					<folderInfo id="ilg.gnuarmeclipse.managedbuild.cross.config.elf.debug.170735395." name="/" resourcePath="">
+						<toolChain id="ilg.gnuarmeclipse.managedbuild.cross.toolchain.elf.debug.955851768" name="Cross ARM GCC" superClass="ilg.gnuarmeclipse.managedbuild.cross.toolchain.elf.debug">
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.1637878147" name="Optimization Level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level" value="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.none" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength.596937133" name="Message length (-fmessage-length=0)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar.412948756" name="'char' is signed (-fsigned-char)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections.1412387181" name="Function sections (-ffunction-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections.1877241998" name="Data sections (-fdata-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.2038051180" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level" value="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.max" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1062002269" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.1592667634" name="ARM family" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-m4" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.1112951710" name="Float ABI" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.hard" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.1079530716" name="FPU Type" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.fpv4spd16" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.192917244" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name" value="GNU Tools for ARM Embedded Processors" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.2108482930" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix" value="arm-none-eabi-" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.500222702" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c" value="gcc" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.175873499" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp" value="g++" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.1700937041" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy" value="objcopy" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1874549763" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump" value="objdump" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.178137928" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size" value="size" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1274071175" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make" value="make" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.655658023" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm" value="rm" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.1937238341" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar" value="ar" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.1476617138" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1035232247" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.lto.8601271" name="Link-time optimizer (-flto)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.lto" value="false" valueType="boolean"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform.817253425" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+							<builder buildPath="${workspace_loc:/wolfSSL_HW}/Debug" id="ilg.gnuarmeclipse.managedbuild.cross.builder.2043375702" keepEnvironmentInBuildfile="false" name="Gnu Make Builder" superClass="ilg.gnuarmeclipse.managedbuild.cross.builder"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.1135882719" name="Cross ARM GNU Assembler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor.369489760" name="Use preprocessor" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor" value="true" valueType="boolean"/>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.1086496768" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.1696761989" name="Cross ARM GNU C Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std.9643995" name="Language standard" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std" useByScannerDiscovery="true" value="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std.c99" valueType="enumerated"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.include.paths.349147702" name="Include paths (-I)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.include.paths" useByScannerDiscovery="false" valueType="includePath">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}}/../../../&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${PROJECT_KSDK_PATH}/platform/devices&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${PROJECT_KSDK_PATH}/platform/CMSIS/Include&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${PROJECT_KSDK_PATH}/platform/devices/MK64F12/startup&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${PROJECT_KSDK_PATH}/platform/drivers/inc&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${PROJECT_KSDK_PATH}/platform/hal/inc&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${PROJECT_KSDK_PATH}/platform/osa/inc&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${PROJECT_KSDK_PATH}/platform/utilities/inc&quot;"/>
+								</option>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs.1294205548" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs" useByScannerDiscovery="true" valueType="definedSymbols">
+									<listOptionValue builtIn="false" value="&quot;CPU_MK64FN1M0VMD12&quot;"/>
+									<listOptionValue builtIn="false" value="WOLFSSL_USER_SETTINGS"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.817994152" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.234608726" name="Cross ARM GNU C++ Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.include.paths.1452713629" name="Include paths (-I)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.include.paths" useByScannerDiscovery="false"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.defs.497680378" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.defs" useByScannerDiscovery="true" valueType="definedSymbols">
+									<listOptionValue builtIn="false" value="&quot;CPU_MK64FN1M0VMD12&quot;"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.input.909966654" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.input"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.506002589" name="Cross ARM GNU C Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.gcsections.1489822225" name="Remove unused sections (-Xlinker --gc-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.gcsections" value="true" valueType="boolean"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.575756954" name="Cross ARM GNU C++ Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.gcsections.11344634" name="Remove unused sections (-Xlinker --gc-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.gcsections" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.paths.1878565771" name="Library search path (-L)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.paths" valueType="libPaths">
+									<listOptionValue builtIn="false" value="&quot;${ProjDirPath}/Project_Settings/Linker_Files&quot;"/>
+								</option>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.other.1517060693" name="Other linker flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.other" value="-specs=nosys.specs -specs=nano.specs -Xlinker -z -Xlinker muldefs" valueType="string"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.scriptfile.468376236" name="Script files (-T)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.scriptfile" valueType="stringList">
+									<listOptionValue builtIn="false" value="&quot;MK64FN1M0xxx12_flash.ld&quot;"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.input.955790366" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.input">
+									<additionalInput kind="additionalinputdependency" paths="$(USER_OBJS)"/>
+									<additionalInput kind="additionalinput" paths="$(LIBS)"/>
+								</inputType>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver.1962941231" name="Cross ARM GNU Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash.1365673947" name="Cross ARM GNU Create Flash Image" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting.790507756" name="Cross ARM GNU Create Listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.source.1929510617" name="Display source (--source|-S)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.source" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.allheaders.573901902" name="Display all headers (--all-headers|-x)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.allheaders" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.demangle.2051558160" name="Demangle names (--demangle|-C)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.demangle" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.linenumbers.851594065" name="Display line numbers (--line-numbers|-l)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.linenumbers" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.wide.1352373056" name="Wide lines (--wide|-w)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.wide" value="true" valueType="boolean"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize.934998862" name="Cross ARM GNU Print Size" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.printsize.format.1738611770" name="Size format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.printsize.format"/>
+							</tool>
+						</toolChain>
+					</folderInfo>
+					<sourceEntries>
+						<entry excluding="wolfcrypt/src/integer.c|wolfcrypt/src/misc.c|src/bio.c|wolfcrypt/src/evp.c|wolfcrypt/src/aes_asm.s|wolfcrypt/src/aes_asm.asm|SDK|wolfssl/wolfcrypt/port|wolfcrypt/src/port|wolfcrypt/user-crypto" flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name=""/>
+					</sourceEntries>
+				</configuration>
+			</storageModule>
+			<storageModule moduleId="org.eclipse.cdt.core.externalSettings"/>
+		</cconfiguration>
+	</storageModule>
+	<storageModule moduleId="org.eclipse.cdt.core.LanguageSettingsProviders"/>
+	<storageModule moduleId="cdtBuildSystem" version="4.0.0">
+		<project id="wolfSSL_HW.ilg.gnuarmeclipse.managedbuild.cross.target.elf.1053752509" name="Executable" projectType="ilg.gnuarmeclipse.managedbuild.cross.target.elf"/>
+	</storageModule>
+	<storageModule moduleId="scannerConfiguration">
+		<autodiscovery enabled="true" problemReportingEnabled="true" selectedProfileId=""/>
+		<scannerConfigBuildInfo instanceId="ilg.gnuarmeclipse.managedbuild.cross.config.elf.debug.170735395;ilg.gnuarmeclipse.managedbuild.cross.config.elf.debug.170735395.;ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.234608726;ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.input.909966654">
+			<autodiscovery enabled="true" problemReportingEnabled="true" selectedProfileId=""/>
+		</scannerConfigBuildInfo>
+		<scannerConfigBuildInfo instanceId="ilg.gnuarmeclipse.managedbuild.cross.config.elf.debug.170735395;ilg.gnuarmeclipse.managedbuild.cross.config.elf.debug.170735395.;ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.1696761989;ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.817994152">
+			<autodiscovery enabled="true" problemReportingEnabled="true" selectedProfileId=""/>
+		</scannerConfigBuildInfo>
+	</storageModule>
+	<storageModule moduleId="refreshScope" versionNumber="2">
+		<configuration configurationName="Debug">
+			<resource resourceType="PROJECT" workspacePath="/wolfSSL_HW"/>
+		</configuration>
+	</storageModule>
+	<storageModule moduleId="org.eclipse.cdt.internal.ui.text.commentOwnerProjectMappings"/>
+</cproject>

IDE/HEXIWEAR/wolfSSL_HW/.cwGeneratedFileSetLog

@@ -0,0 +1,19 @@
+Sources/main.c
+Project_Settings/Linker_Files/MK64FN1M0xxx12_flash.ld
+SDK/platform/CMSIS/Include/core_cmSimd.h
+SDK/platform/devices/MK64F12/include/MK64F12.h
+SDK/platform/CMSIS/Include/arm_common_tables.h
+SDK/platform/CMSIS/Include/arm_const_structs.h
+SDK/platform/devices/MK64F12/include/MK64F12_features.h
+SDK/platform/CMSIS/Include/core_cm4.h
+SDK/platform/CMSIS/Include/core_cmFunc.h
+SDK/platform/CMSIS/Include/core_cmInstr.h
+SDK/platform/devices/fsl_device_registers.h
+SDK/platform/devices/MK64F12/include/fsl_bitaccess.h
+SDK/platform/CMSIS/Include/arm_math.h
+SDK/platform/devices/MK64F12/include/MK64F12_extension.h
+Project_Settings/Startup_Code/startup.c
+Project_Settings/Startup_Code/system_MK64F12.c
+Project_Settings/Startup_Code/startup.h
+Project_Settings/Startup_Code/startup_MK64F12.S
+Project_Settings/Startup_Code/system_MK64F12.h

IDE/HEXIWEAR/wolfSSL_HW/.project

@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+	<name>wolfSSL_HW</name>
+	<comment></comment>
+	<projects>
+	</projects>
+	<buildSpec>
+		<buildCommand>
+			<name>org.eclipse.cdt.managedbuilder.core.genmakebuilder</name>
+			<triggers>clean,full,incremental,</triggers>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.cdt.managedbuilder.core.ScannerConfigBuilder</name>
+			<triggers>full,incremental,</triggers>
+			<arguments>
+			</arguments>
+		</buildCommand>
+	</buildSpec>
+	<natures>
+		<nature>org.eclipse.cdt.core.cnature</nature>
+		<nature>org.eclipse.cdt.core.ccnature</nature>
+		<nature>org.eclipse.cdt.managedbuilder.core.managedBuildNature</nature>
+		<nature>org.eclipse.cdt.managedbuilder.core.ScannerConfigNature</nature>
+	</natures>
+	<linkedResources>
+		<link>
+			<name>src</name>
+			<type>2</type>
+			<locationURI>$%7BPARENT-3-PROJECT_LOC%7D/src</locationURI>
+		</link>
+		<link>
+			<name>wolfcrypt</name>
+			<type>2</type>
+			<locationURI>$%7BPARENT-3-PROJECT_LOC%7D/wolfcrypt</locationURI>
+		</link>
+		<link>
+			<name>wolfssl</name>
+			<type>2</type>
+			<locationURI>$%7BPARENT-3-PROJECT_LOC%7D/wolfssl</locationURI>
+		</link>
+	</linkedResources>
+	<variableList>
+		<variable>
+			<name>PROJECT_KSDK_PATH</name>
+			<value>file:/.KSDK_1.3.0</value>
+		</variable>
+	</variableList>
+</projectDescription>

IDE/HEXIWEAR/wolfSSL_HW/.settings/com.freescale.processorexpert.derivative.prefs

@@ -0,0 +1,2 @@
+eclipse.preferences.version=1
+versionGenerated/versionGenerated=1.0.0.RT7_b1550-0615

IDE/HEXIWEAR/wolfSSL_HW/user_settings.h

@@ -0,0 +1,6 @@
+#define FREESCALE_KSDK_BM
+#define FREESCALE_KSDK_1_3
+#define FSL_HW_CRYPTO_MANUAL_SELECTION
+#define NO_MAIN_DRIVER
+#define USE_CERT_BUFFERS_1024
+#define ECC_USER_CURVES

IDE/INTIME-RTOS/README.md

@@ -2,7 +2,7 @@
 
 ## Overview
 
-This port is for the tenAsys INtime RTOS available [here](http://www.tenasys.com/tenasys-products/intime-rtos-family/overview-rtos).
+This port is for the tenAsys INtime RTOS available [here](http://www.tenasys.com/intime).
 
 To enable use the define `INTIME_RTOS`.
 
@@ -148,7 +148,7 @@ Client connected successfully
 Using Non-Blocking I/O: 0
 Message for server:     Client:
 
-Recieved:       I hear ya fa shizzle!
+Received:       I hear ya fa shizzle!
 
 The client has closed the connection.
 ```

IDE/INTIME-RTOS/user_settings.h

@@ -13,9 +13,6 @@ extern "C" {
 #undef  INTIME_RTOS
 #define INTIME_RTOS
 
-#undef  INTIME_RTOS_MUTEX_MAX
-#define INTIME_RTOS_MUTEX_MAX       10
-
 #undef  WOLF_EXAMPLES_STACK
 #define WOLF_EXAMPLES_STACK         65536
 

IDE/INTIME-RTOS/wolfExamples.c

@@ -122,7 +122,7 @@ int wolfExample_TLSClient(const char* ip, int port)
             printf("Read error. Error: %d\n", ret);
             goto exit;
         }
-        printf("Recieved: \t%s\n", rcvBuff);
+        printf("Received: \t%s\n", rcvBuff);
     }
 
 exit:

IDE/LINUX-SGX/README.md

@@ -0,0 +1,25 @@
+# Static Library: Building libwolfssl.sgx.static.lib.a for use with SGX Enclaves
+
+### Requirements:
+This code was created to use Intel's SGX hardware. It is expected that the user has gone through the steps of both turning on the hardware in bios if needed and has installed the necesary software from Intel to make use of the hardware. (https://software.intel.com/en-us/sgx) If these steps have not been done then it is expected that the user is familure with simulation software being used in place of hardware.
+
+### Overview and Build:
+This project creates a static library to then link with Enclaves. A simple example of an Enclave linking to the created wolfSSL library can be found in wolfssl-examples on github. This project has been tested with gcc 5.4.0 on Ubuntu 16.04.
+
+To create the static library, simply call make:
+
+`make -f sgx_t_static.mk all`
+
+This will create a local static library, libwolfssl.sgx.static.lib.a, that can be linked with SGX enclaves to access wolfSSL APIs using SGX hardware.
+
+### Customization:
+    To enable wolfssl debug, add CFLAGS=-DDEBUG_WOLFSSL.
+    To enable wolfssl benchmark tests with enclave, specify: HAVE_WOLFSSL_BENCHMARK at build
+    To enable wolfcrypt testsuite with enclave, specify: HAVE_WOLFSSL_TEST at build
+
+For example, to enable all three:
+`make -f sgx_t_static.mk CFLAGS=-DDEBUG_WOLFSSL HAVE_WOLFSSL_BENCHMARK=1 HAVE_WOLFSSL_TEST=1`
+
+### Limitations:
+    Single Threaded (multiple threaded applications have not been tested)
+    AES-NI use with SGX has not been added in yet

IDE/LINUX-SGX/include.am

@@ -0,0 +1,6 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST+= IDE/LINUX-SGX/README.md
+EXTRA_DIST+= IDE/LINUX-SGX/sgx_t_static.mk

IDE/LINUX-SGX/sgx_t_static.mk

@@ -0,0 +1,145 @@
+######## Intel(R) SGX SDK Settings ########
+SGX_SDK ?= /opt/intel/sgxsdk
+SGX_MODE ?= SIM
+SGX_ARCH ?= x64
+WOLFSSL_ROOT ?= $(shell readlink -f ../..)
+
+ifeq ($(shell getconf LONG_BIT), 32)
+	SGX_ARCH := x86
+else ifeq ($(findstring -m32, $(CXXFLAGS)), -m32)
+	SGX_ARCH := x86
+endif
+
+ifeq ($(SGX_ARCH), x86)
+	SGX_COMMON_CFLAGS := -m32
+	SGX_LIBRARY_PATH := $(SGX_SDK)/lib
+	SGX_ENCLAVE_SIGNER := $(SGX_SDK)/bin/x86/sgx_sign
+	SGX_EDGER8R := $(SGX_SDK)/bin/x86/sgx_edger8r
+else
+	SGX_COMMON_CFLAGS := -m64
+	SGX_LIBRARY_PATH := $(SGX_SDK)/lib64
+	SGX_ENCLAVE_SIGNER := $(SGX_SDK)/bin/x64/sgx_sign
+	SGX_EDGER8R := $(SGX_SDK)/bin/x64/sgx_edger8r
+endif
+
+ifeq ($(SGX_DEBUG), 1)
+ifeq ($(SGX_PRERELEASE), 1)
+$(error Cannot set SGX_DEBUG and SGX_PRERELEASE at the same time!!)
+endif
+endif
+
+ifeq ($(SGX_DEBUG), 1)
+        SGX_COMMON_CFLAGS += -O0 -g
+else
+        SGX_COMMON_CFLAGS += -O2
+endif
+
+ifneq ($(SGX_MODE), HW)
+	Trts_Library_Name := sgx_trts_sim
+	Service_Library_Name := sgx_tservice_sim
+else
+	Trts_Library_Name := sgx_trts
+	Service_Library_Name := sgx_tservice
+endif
+
+Crypto_Library_Name := sgx_tcrypto
+
+Wolfssl_C_Extra_Flags := -DWOLFSSL_SGX
+Wolfssl_C_Files :=$(WOLFSSL_ROOT)/wolfcrypt/src/aes.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/arc4.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/asn.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/blake2b.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/camellia.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/coding.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/chacha.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/chacha20_poly1305.c\
+					$(WOLFSSL_ROOT)/src/crl.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/des3.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/dh.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/tfm.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/ecc.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/error.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/hash.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/hc128.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/hmac.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/integer.c\
+					$(WOLFSSL_ROOT)/src/internal.c\
+					$(WOLFSSL_ROOT)/src/io.c\
+					$(WOLFSSL_ROOT)/src/keys.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/logging.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/md4.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/md5.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/memory.c\
+					$(WOLFSSL_ROOT)/src/ocsp.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/pkcs7.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/pkcs12.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/poly1305.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/wc_port.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/wolfmath.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/pwdbased.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/rabbit.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/random.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/ripemd.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/rsa.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/dsa.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/sha.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/sha256.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/sha512.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/signature.c\
+					$(WOLFSSL_ROOT)/src/ssl.c\
+					$(WOLFSSL_ROOT)/src/tls.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/wc_encrypt.c\
+					$(WOLFSSL_ROOT)/wolfcrypt/src/wolfevent.c\
+
+Wolfssl_Include_Paths := -I$(WOLFSSL_ROOT)/ \
+						 -I$(WOLFSSL_ROOT)/wolfcrypt/ \
+						 -I$(SGX_SDK)/include -I$(SGX_SDK)/include/tlibc -I$(SGX_SDK)/include/stlport
+
+ifeq ($(HAVE_WOLFSSL_TEST), 1)
+	Wolfssl_Include_Paths += -I$(WOLFSSL_ROOT)/wolfcrypt/test
+	Wolfssl_C_Files += $(WOLFSSL_ROOT)/wolfcrypt/test/test.c
+endif
+
+ifeq ($(HAVE_WOLFSSL_BENCHMARK), 1)
+	Wolfssl_C_Files += $(WOLFSSL_ROOT)/wolfcrypt/benchmark/benchmark.c
+	Wolfssl_Include_Paths += -I$(WOLFSSL_ROOT)/wolfcrypt/benchmark/
+endif
+
+
+
+Flags_Just_For_C := -Wno-implicit-function-declaration -std=c11
+Common_C_Cpp_Flags := $(SGX_COMMON_CFLAGS) -nostdinc -fvisibility=hidden -fpie -fstack-protector $(Wolfssl_Include_Paths) -fno-builtin-printf -I.
+Wolfssl_C_Flags := $(Flags_Just_For_C) $(Common_C_Cpp_Flags) $(Wolfssl_C_Extra_Flags)
+
+Wolfssl_Link_Flags := $(SGX_COMMON_CFLAGS) -Wl,--no-undefined -nostdlib -nodefaultlibs -nostartfiles -L$(SGX_LIBRARY_PATH) \
+	-Wl,--whole-archive -l$(Trts_Library_Name) -Wl,--no-whole-archive \
+	-Wl,--start-group -lsgx_tstdc -lsgx_tstdcxx -l$(Crypto_Library_Name) -l$(Service_Library_Name) -Wl,--end-group \
+	-Wl,-Bstatic -Wl,-Bsymbolic -Wl,--no-undefined \
+	-Wl,-pie,-eenclave_entry -Wl,--export-dynamic  \
+	-Wl,--defsym,__ImageBase=0 \
+	-Wl,--version-script=trusted/wolfcrypt.lds
+
+Wolfssl_C_Objects := $(Wolfssl_C_Files:.c=.o)
+
+ifeq ($(SGX_MODE), HW)
+ifneq ($(SGX_DEBUG), 1)
+ifneq ($(SGX_PRERELEASE), 1)
+Build_Mode = HW_RELEASE
+endif
+endif
+endif
+
+override CFLAGS += $(Wolfssl_C_Flags)
+
+.PHONY: all run
+
+all: libwolfssl.sgx.static.lib.a
+
+######## WolfSSL Objects ########
+
+libwolfssl.sgx.static.lib.a: $(Wolfssl_C_Objects)
+	ar rcs libwolfssl.sgx.static.lib.a $(Wolfssl_C_Objects)
+	@echo "LINK =>  $@"
+
+clean:
+	@rm -f wolfcrypt.* static_trusted/wolfssl_t.* libwolfssl.sgx.static.lib.a  $(Wolfssl_C_Objects)

IDE/MYSQL/CMakeLists_wolfCrypt.txt

@@ -27,9 +27,9 @@ SET(WOLFCRYPT_SOURCES		src/aes.c src/arc4.c src/asn.c src/blake2b.c
         src/camellia.c src/chacha.c src/coding.c src/compress.c src/des3.c
         src/dh.c src/dsa.c src/ecc.c src/error.c src/hc128.c src/hmac.c
         src/integer.c src/logging.c src/md2.c src/md4.c src/md5.c src/memory.c
-        src/pkcs7.c src/poly1305.c src/pwdbased.c src/rabbit.c
+        src/pkcs7.c src/pkcs12.c src/poly1305.c src/pwdbased.c src/rabbit.c
         src/random.c src/ripemd.c src/rsa.c src/sha.c src/sha256.c src/sha512.c
-        src/tfm.c src/wc_port.c src/wc_encrypt.c src/hash.c
+        src/tfm.c src/wc_port.c src/wc_encrypt.c src/hash.c src/wolfmath.c
         ../wolfssl/wolfcrypt/aes.h ../wolfssl/wolfcrypt/arc4.h ../wolfssl/wolfcrypt/asn.h ../wolfssl/wolfcrypt/blake2.h
         ../wolfssl/wolfcrypt/camellia.h ../wolfssl/wolfcrypt/chacha.h ../wolfssl/wolfcrypt/coding.h ../wolfssl/wolfcrypt/compress.h ../wolfssl/wolfcrypt/des3.h
         ../wolfssl/wolfcrypt/dh.h ../wolfssl/wolfcrypt/dsa.h ../wolfssl/wolfcrypt/ecc.h ../wolfssl/wolfcrypt/error-crypt.h ../wolfssl/wolfcrypt/hc128.h ../wolfssl/wolfcrypt/hmac.h
@@ -42,7 +42,6 @@ SET(WOLFCRYPT_SOURCES		src/aes.c src/arc4.c src/asn.c src/blake2b.c
 # misc.c is not compiled in since using INLINE
 
 ADD_CONVENIENCE_LIBRARY(wolfcrypt ${WOLFCRYPT_SOURCES})
-RESTRICT_SYMBOL_EXPORTS(wolfcrypt)
 
 IF(MSVC)
    INSTALL_DEBUG_TARGET(wolfcrypt DESTINATION ${INSTALL_LIBDIR}/debug)

IDE/MYSQL/CMakeLists_wolfSSL.txt

@@ -35,7 +35,6 @@ SET(WOLFSSL_SOURCES  src/crl.c src/internal.c src/keys.c src/sniffer.c
                                 ../../client/get_password.c )
 
 ADD_CONVENIENCE_LIBRARY(wolfssl ${WOLFSSL_SOURCES})
-RESTRICT_SYMBOL_EXPORTS(wolfssl)
 
 IF(MSVC)
    INSTALL_DEBUG_TARGET(wolfssl DESTINATION ${INSTALL_LIBDIR}/debug)

IDE/OPENSTM32/.cproject

@@ -0,0 +1,148 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<?fileVersion 4.0.0?><cproject storage_type_id="org.eclipse.cdt.core.XmlProjectDescriptionStorage">
+	<storageModule moduleId="org.eclipse.cdt.core.settings">
+		<cconfiguration id="fr.ac6.managedbuild.config.gnu.cross.exe.debug.333134738">
+			<storageModule buildSystemId="org.eclipse.cdt.managedbuilder.core.configurationDataProvider" id="fr.ac6.managedbuild.config.gnu.cross.exe.debug.333134738" moduleId="org.eclipse.cdt.core.settings" name="Debug">
+				<externalSettings/>
+				<extensions>
+					<extension id="org.eclipse.cdt.core.GASErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GmakeErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GLDErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.CWDLocator" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GCCErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.ELF" point="org.eclipse.cdt.core.BinaryParser"/>
+				</extensions>
+			</storageModule>
+			<storageModule moduleId="cdtBuildSystem" version="4.0.0">
+				<configuration artifactExtension="elf" artifactName="wolfSTM32" buildArtefactType="org.eclipse.cdt.build.core.buildArtefactType.exe" buildProperties="org.eclipse.cdt.build.core.buildType=org.eclipse.cdt.build.core.buildType.debug,org.eclipse.cdt.build.core.buildArtefactType=org.eclipse.cdt.build.core.buildArtefactType.exe" cleanCommand="rm -rf" description="" id="fr.ac6.managedbuild.config.gnu.cross.exe.debug.333134738" name="Debug" parent="fr.ac6.managedbuild.config.gnu.cross.exe.debug" postannouncebuildStep="Generating binary and Printing size information:" postbuildStep="arm-none-eabi-objcopy -O binary &quot;${BuildArtifactFileBaseName}.elf&quot; &quot;${BuildArtifactFileBaseName}.bin&quot; &amp;&amp; arm-none-eabi-size &quot;${BuildArtifactFileName}&quot;">
+					<folderInfo id="fr.ac6.managedbuild.config.gnu.cross.exe.debug.333134738." name="/" resourcePath="">
+						<toolChain id="fr.ac6.managedbuild.toolchain.gnu.cross.exe.debug.843637882" name="Ac6 STM32 MCU GCC" superClass="fr.ac6.managedbuild.toolchain.gnu.cross.exe.debug">
+							<option id="fr.ac6.managedbuild.option.gnu.cross.prefix.1949238642" name="Prefix" superClass="fr.ac6.managedbuild.option.gnu.cross.prefix" value="arm-none-eabi-" valueType="string"/>
+							<option id="fr.ac6.managedbuild.option.gnu.cross.mcu.376579966" name="Mcu" superClass="fr.ac6.managedbuild.option.gnu.cross.mcu" value="STM32F437IIHx" valueType="string"/>
+							<option id="fr.ac6.managedbuild.option.gnu.cross.board.1728284212" name="Board" superClass="fr.ac6.managedbuild.option.gnu.cross.board" value="wolfSTM32" valueType="string"/>
+							<option id="fr.ac6.managedbuild.option.gnu.cross.instructionSet.1788799131" name="Instruction Set" superClass="fr.ac6.managedbuild.option.gnu.cross.instructionSet" value="fr.ac6.managedbuild.option.gnu.cross.instructionSet.thumbII" valueType="enumerated"/>
+							<option id="fr.ac6.managedbuild.option.gnu.cross.fpu.1457764954" name="Floating point hardware" superClass="fr.ac6.managedbuild.option.gnu.cross.fpu" value="fr.ac6.managedbuild.option.gnu.cross.fpu.fpv4-sp-d16" valueType="enumerated"/>
+							<option id="fr.ac6.managedbuild.option.gnu.cross.floatabi.1684707596" name="Floating-point ABI" superClass="fr.ac6.managedbuild.option.gnu.cross.floatabi" value="fr.ac6.managedbuild.option.gnu.cross.floatabi.hard" valueType="enumerated"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="fr.ac6.managedbuild.targetPlatform.gnu.cross.774322166" isAbstract="false" osList="all" superClass="fr.ac6.managedbuild.targetPlatform.gnu.cross"/>
+							<builder buildPath="${workspace_loc:/wolfSTM32}/Debug" id="fr.ac6.managedbuild.builder.gnu.cross.847313553" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="Gnu Make Builder" superClass="fr.ac6.managedbuild.builder.gnu.cross">
+								<outputEntries>
+									<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="outputPath" name="Debug"/>
+									<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="outputPath" name="Release"/>
+								</outputEntries>
+							</builder>
+							<tool id="fr.ac6.managedbuild.tool.gnu.cross.c.compiler.758134809" name="MCU GCC Compiler" superClass="fr.ac6.managedbuild.tool.gnu.cross.c.compiler">
+								<option defaultValue="gnu.c.optimization.level.none" id="fr.ac6.managedbuild.gnu.c.compiler.option.optimization.level.2077803707" name="Optimization Level" superClass="fr.ac6.managedbuild.gnu.c.compiler.option.optimization.level" useByScannerDiscovery="false" value="fr.ac6.managedbuild.gnu.c.optimization.level.size" valueType="enumerated"/>
+								<option id="gnu.c.compiler.option.debugging.level.256754301" name="Debug Level" superClass="gnu.c.compiler.option.debugging.level" useByScannerDiscovery="false" value="gnu.c.debugging.level.max" valueType="enumerated"/>
+								<option id="gnu.c.compiler.option.include.paths.32506161" name="Include paths (-I)" superClass="gnu.c.compiler.option.include.paths" useByScannerDiscovery="false" valueType="includePath">
+									<listOptionValue builtIn="false" value="../Inc"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/LwIP/src/include"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/LwIP/system"/>
+									<listOptionValue builtIn="false" value="../Drivers/STM32F4xx_HAL_Driver/Inc"/>
+									<listOptionValue builtIn="false" value="../Drivers/STM32F4xx_HAL_Driver/Inc/Legacy"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/FreeRTOS/Source/portable/GCC/ARM_CM4F"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/FreeRTOS/Source/include"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/FreeRTOS/Source/CMSIS_RTOS"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/LwIP/src/include/lwip"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/LwIP/src/include/lwip/apps"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/LwIP/src/include/lwip/priv"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/LwIP/src/include/netif"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/LwIP/src/include/netif/ppp"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/LwIP/src/include/netif/ppp/polarssl"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/LwIP/src/include/posix"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/LwIP/src/include/posix/sys"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/LwIP/system/arch"/>
+									<listOptionValue builtIn="false" value="../Drivers/CMSIS/Include"/>
+									<listOptionValue builtIn="false" value="../Drivers/CMSIS/Device/ST/STM32F4xx/Include"/>
+									<listOptionValue builtIn="false" value="../Middlewares/Third_Party/wolfSSL"/>
+									<listOptionValue builtIn="false" value="&quot;${ProjDirPath}/../..&quot;"/>
+								</option>
+								<option id="gnu.c.compiler.option.preprocessor.def.symbols.1556589411" name="Defined symbols (-D)" superClass="gnu.c.compiler.option.preprocessor.def.symbols" useByScannerDiscovery="false" valueType="definedSymbols">
+									<listOptionValue builtIn="false" value="__weak=&quot;__attribute__((weak))&quot;"/>
+									<listOptionValue builtIn="false" value="__packed=&quot;__attribute__((__packed__))&quot;"/>
+									<listOptionValue builtIn="false" value="USE_HAL_DRIVER"/>
+									<listOptionValue builtIn="false" value="STM32F437xx"/>
+									<listOptionValue builtIn="false" value="WOLFSSL_USER_SETTINGS"/>
+								</option>
+								<option id="fr.ac6.managedbuild.gnu.c.compiler.option.misc.other.220656184" superClass="fr.ac6.managedbuild.gnu.c.compiler.option.misc.other" useByScannerDiscovery="false" value="-fmessage-length=0" valueType="string"/>
+								<inputType id="fr.ac6.managedbuild.tool.gnu.cross.c.compiler.input.c.1396985810" superClass="fr.ac6.managedbuild.tool.gnu.cross.c.compiler.input.c"/>
+								<inputType id="fr.ac6.managedbuild.tool.gnu.cross.c.compiler.input.s.982473797" superClass="fr.ac6.managedbuild.tool.gnu.cross.c.compiler.input.s"/>
+							</tool>
+							<tool id="fr.ac6.managedbuild.tool.gnu.cross.cpp.compiler.126736225" name="MCU G++ Compiler" superClass="fr.ac6.managedbuild.tool.gnu.cross.cpp.compiler">
+								<option id="gnu.cpp.compiler.option.optimization.level.1227596527" name="Optimization Level" superClass="gnu.cpp.compiler.option.optimization.level" useByScannerDiscovery="false" value="gnu.cpp.compiler.optimization.level.none" valueType="enumerated"/>
+								<option id="gnu.cpp.compiler.option.debugging.level.681841413" name="Debug Level" superClass="gnu.cpp.compiler.option.debugging.level" useByScannerDiscovery="false" value="gnu.cpp.compiler.debugging.level.max" valueType="enumerated"/>
+							</tool>
+							<tool id="fr.ac6.managedbuild.tool.gnu.cross.c.linker.839339759" name="MCU GCC Linker" superClass="fr.ac6.managedbuild.tool.gnu.cross.c.linker">
+								<option id="fr.ac6.managedbuild.tool.gnu.cross.c.linker.script.1396145839" name="Linker Script (-T)" superClass="fr.ac6.managedbuild.tool.gnu.cross.c.linker.script" value="../STM32F437IIHx_FLASH.ld" valueType="string"/>
+								<option id="gnu.c.link.option.libs.1850337364" name="Libraries (-l)" superClass="gnu.c.link.option.libs"/>
+								<option id="gnu.c.link.option.paths.1061728683" name="Library search path (-L)" superClass="gnu.c.link.option.paths"/>
+								<option id="gnu.c.link.option.ldflags.484312202" name="Linker flags" superClass="gnu.c.link.option.ldflags" value="--specs=nosys.specs --specs=nano.specs -u _printf_float" valueType="string"/>
+								<inputType id="cdt.managedbuild.tool.gnu.c.linker.input.210434878" superClass="cdt.managedbuild.tool.gnu.c.linker.input">
+									<additionalInput kind="additionalinputdependency" paths="$(USER_OBJS)"/>
+									<additionalInput kind="additionalinput" paths="$(LIBS)"/>
+								</inputType>
+							</tool>
+							<tool id="fr.ac6.managedbuild.tool.gnu.cross.cpp.linker.1401311113" name="MCU G++ Linker" superClass="fr.ac6.managedbuild.tool.gnu.cross.cpp.linker"/>
+							<tool id="fr.ac6.managedbuild.tool.gnu.archiver.801849405" name="MCU GCC Archiver" superClass="fr.ac6.managedbuild.tool.gnu.archiver"/>
+							<tool id="fr.ac6.managedbuild.tool.gnu.cross.assembler.1576695062" name="MCU GCC Assembler" superClass="fr.ac6.managedbuild.tool.gnu.cross.assembler">
+								<option id="gnu.both.asm.option.include.paths.2012591676" name="Include paths (-I)" superClass="gnu.both.asm.option.include.paths" valueType="includePath">
+									<listOptionValue builtIn="false" value=""/>
+								</option>
+								<inputType id="cdt.managedbuild.tool.gnu.assembler.input.1181863627" superClass="cdt.managedbuild.tool.gnu.assembler.input"/>
+								<inputType id="fr.ac6.managedbuild.tool.gnu.cross.assembler.input.1455097577" superClass="fr.ac6.managedbuild.tool.gnu.cross.assembler.input"/>
+							</tool>
+						</toolChain>
+					</folderInfo>
+					<folderInfo id="fr.ac6.managedbuild.config.gnu.cross.exe.debug.333134738.1915068927" name="/" resourcePath="Middlewares/Third_Party/wolfMQTT/examples/aws">
+						<toolChain id="fr.ac6.managedbuild.toolchain.gnu.cross.exe.debug.173956589" name="Ac6 STM32 MCU GCC" superClass="fr.ac6.managedbuild.toolchain.gnu.cross.exe.debug" unusedChildren="">
+							<option id="fr.ac6.managedbuild.option.gnu.cross.prefix.1949238642.698225202" name="Prefix" superClass="fr.ac6.managedbuild.option.gnu.cross.prefix.1949238642"/>
+							<option id="fr.ac6.managedbuild.option.gnu.cross.mcu.376579966.2068115060" name="Mcu" superClass="fr.ac6.managedbuild.option.gnu.cross.mcu.376579966"/>
+							<option id="fr.ac6.managedbuild.option.gnu.cross.board.1728284212.1905622558" name="Board" superClass="fr.ac6.managedbuild.option.gnu.cross.board.1728284212"/>
+							<option id="fr.ac6.managedbuild.option.gnu.cross.instructionSet.1788799131.1271602884" name="Instruction Set" superClass="fr.ac6.managedbuild.option.gnu.cross.instructionSet.1788799131"/>
+							<option id="fr.ac6.managedbuild.option.gnu.cross.fpu.1457764954.1755766601" name="Floating point hardware" superClass="fr.ac6.managedbuild.option.gnu.cross.fpu.1457764954"/>
+							<option id="fr.ac6.managedbuild.option.gnu.cross.floatabi.1684707596.2053579499" name="Floating-point ABI" superClass="fr.ac6.managedbuild.option.gnu.cross.floatabi.1684707596"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="fr.ac6.managedbuild.targetPlatform.gnu.cross" isAbstract="false" osList="all" superClass="fr.ac6.managedbuild.targetPlatform.gnu.cross"/>
+							<tool id="fr.ac6.managedbuild.tool.gnu.cross.c.compiler.542548012" name="MCU GCC Compiler" superClass="fr.ac6.managedbuild.tool.gnu.cross.c.compiler.758134809">
+								<inputType id="fr.ac6.managedbuild.tool.gnu.cross.c.compiler.input.c.603917146" superClass="fr.ac6.managedbuild.tool.gnu.cross.c.compiler.input.c"/>
+								<inputType id="fr.ac6.managedbuild.tool.gnu.cross.c.compiler.input.s.834662647" superClass="fr.ac6.managedbuild.tool.gnu.cross.c.compiler.input.s"/>
+							</tool>
+							<tool id="fr.ac6.managedbuild.tool.gnu.cross.cpp.compiler.1959620380" name="MCU G++ Compiler" superClass="fr.ac6.managedbuild.tool.gnu.cross.cpp.compiler.126736225"/>
+							<tool id="fr.ac6.managedbuild.tool.gnu.cross.c.linker.625780673" name="MCU GCC Linker" superClass="fr.ac6.managedbuild.tool.gnu.cross.c.linker.839339759"/>
+							<tool id="fr.ac6.managedbuild.tool.gnu.cross.cpp.linker.2035924639" name="MCU G++ Linker" superClass="fr.ac6.managedbuild.tool.gnu.cross.cpp.linker.1401311113"/>
+							<tool id="fr.ac6.managedbuild.tool.gnu.archiver.859849169" name="MCU GCC Archiver" superClass="fr.ac6.managedbuild.tool.gnu.archiver.801849405"/>
+							<tool id="fr.ac6.managedbuild.tool.gnu.cross.assembler.322401756" name="MCU GCC Assembler" superClass="fr.ac6.managedbuild.tool.gnu.cross.assembler.1576695062">
+								<inputType id="cdt.managedbuild.tool.gnu.assembler.input.1288485713" superClass="cdt.managedbuild.tool.gnu.assembler.input"/>
+								<inputType id="fr.ac6.managedbuild.tool.gnu.cross.assembler.input.1780998132" superClass="fr.ac6.managedbuild.tool.gnu.cross.assembler.input"/>
+							</tool>
+						</toolChain>
+					</folderInfo>
+					<sourceEntries>
+						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="Drivers"/>
+						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="Inc"/>
+						<entry excluding="Third_Party/wolfSSL/src/bio.c|Third_Party/wolfSSL/wolfcrypt/src/evp.c|Third_Party/wolfSSL/wolfcrypt/src/misc.c|Third_Party/wolfSSL/wrapper|Third_Party/wolfSSL/support|Third_Party/wolfSSL/sslSniffer|Third_Party/wolfSSL/scripts|Third_Party/wolfSSL/rpm|Third_Party/wolfSSL/mcapi|Third_Party/wolfSSL/m4|Third_Party/wolfSSL/lib|Third_Party/wolfSSL/IPP|Third_Party/wolfSSL/examples|Third_Party/wolfSSL/doc|Third_Party/wolfSSL/cyassl|Third_Party/wolfSSL/ctaocrypt|Third_Party/wolfSSL/certs|Third_Party/wolfSSL/build-aux|Third_Party/wolfSSL/autom4te.cache|Third_Party/wolfSSL/IDE|Third_Party/wolfSSL/mplabx|Third_Party/wolfSSL/mqx|Third_Party/wolfSSL/swig|Third_Party/wolfSSL/tests|Third_Party/wolfSSL/testsuite|Third_Party/wolfSSL/tirtos|Third_Party/wolfSSL/wolfcrypt/src/aes_asm.s|Third_Party/wolfSSL/wolfcrypt/src/aes_asm.asm|Third_Party/wolfSSL/wolfcrypt/user-crypto" flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="Middlewares"/>
+						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="Src"/>
+					</sourceEntries>
+				</configuration>
+			</storageModule>
+			<storageModule moduleId="org.eclipse.cdt.core.externalSettings"/>
+		</cconfiguration>
+	</storageModule>
+	<storageModule moduleId="cdtBuildSystem" version="4.0.0">
+		<project id="wolfSTM32.fr.ac6.managedbuild.target.gnu.cross.exe.1782078835" name="Executable" projectType="fr.ac6.managedbuild.target.gnu.cross.exe"/>
+	</storageModule>
+	<storageModule moduleId="scannerConfiguration">
+		<autodiscovery enabled="true" problemReportingEnabled="true" selectedProfileId=""/>
+		<scannerConfigBuildInfo instanceId="fr.ac6.managedbuild.config.gnu.cross.exe.debug.333134738;fr.ac6.managedbuild.config.gnu.cross.exe.debug.333134738.;fr.ac6.managedbuild.tool.gnu.cross.c.compiler.758134809;fr.ac6.managedbuild.tool.gnu.cross.c.compiler.input.c.1396985810">
+			<autodiscovery enabled="false" problemReportingEnabled="true" selectedProfileId=""/>
+		</scannerConfigBuildInfo>
+		<!--scannerConfigBuildInfo instanceId="fr.ac6.managedbuild.config.gnu.cross.exe.release.$(RELEASE_CONFIG_UID);fr.ac6.managedbuild.config.gnu.cross.exe.release.$(RELEASE_CONFIG_UID).;fr.ac6.managedbuild.tool.gnu.cross.c.compiler.$(RELEASE_TOOL_COMPILER_UID);cdt.managedbuild.tool.gnu.c.compiler.input.$(RELEASE_TOOL_COMPILER_INPUT_UID)">
+			<autodiscovery enabled="false" problemReportingEnabled="true" selectedProfileId=""/>
+		</scannerConfigBuildInfo-->
+	</storageModule>
+	<storageModule moduleId="org.eclipse.cdt.core.LanguageSettingsProviders"/>
+	<storageModule moduleId="refreshScope" versionNumber="2">
+		<configuration configurationName="Debug">
+			<resource resourceType="PROJECT" workspacePath="/wolfSTM32"/>
+		</configuration>
+	</storageModule>
+	<storageModule moduleId="org.eclipse.cdt.internal.ui.text.commentOwnerProjectMappings"/>
+</cproject>

IDE/OPENSTM32/Inc/lwipopts.h

@@ -0,0 +1,105 @@
+/* Define to prevent recursive inclusion --------------------------------------*/
+#ifndef __LWIPOPTS__H__
+#define __LWIPOPTS__H__
+
+#include "stm32f4xx_hal.h"
+
+/*-----------------------------------------------------------------------------*/
+/* Current version of LwIP supported by CubeMx: 1.5.0_RC0_20160211 -*/
+/*-----------------------------------------------------------------------------*/
+
+/* Within 'USER CODE' section, code will be kept by default at each generation */
+/* USER CODE BEGIN 0 */
+
+/* USER CODE END 0 */
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/* STM32CubeMX Specific Parameters (not defined in opt.h) ---------------------*/
+/* Parameters set in STM32CubeMX LwIP Configuration GUI -*/
+/*----- WITH_RTOS enabled (Since FREERTOS is set) -----*/
+#define WITH_RTOS 1
+/*----- CHECKSUM_BY_HARDWARE disabled -----*/
+#define CHECKSUM_BY_HARDWARE 0
+/*-----------------------------------------------------------------------------*/
+
+/* LwIP Stack Parameters (modified compared to initialization value in opt.h) -*/
+/* Parameters set in STM32CubeMX LwIP Configuration GUI -*/
+/*----- Value in opt.h for LWIP_DHCP: 0 -----*/
+#define LWIP_DHCP 1
+/*----- Value in opt.h for MEM_ALIGNMENT: 1 -----*/
+#define MEM_ALIGNMENT 4
+/*----- Value in opt.h for MEMP_NUM_SYS_TIMEOUT: (LWIP_TCP + IP_REASSEMBLY + LWIP_ARP + (2*LWIP_DHCP) + LWIP_AUTOIP + LWIP_IGMP + LWIP_DNS + (PPP_SUPPORT*6*MEMP_NUM_PPP_PCB) + (LWIP_IPV6 ? (1 + LWIP_IPV6_REASS + LWIP_IPV6_MLD) : 0)) -*/
+//#define MEMP_NUM_SYS_TIMEOUT 5
+/*----- Value in opt.h for LWIP_ETHERNET: LWIP_ARP || PPPOE_SUPPORT -*/
+#define LWIP_ETHERNET 1
+/*----- Value in opt.h for LWIP_DNS_SECURE: (LWIP_DNS_SECURE_RAND_XID | LWIP_DNS_SECURE_NO_MULTIPLE_OUTSTANDING | LWIP_DNS_SECURE_RAND_SRC_PORT) -*/
+#define LWIP_DNS_SECURE 7
+/*----- Value in opt.h for TCP_SND_QUEUELEN: (4*TCP_SND_BUF + (TCP_MSS - 1))/TCP_MSS -----*/
+#define TCP_SND_QUEUELEN 9
+/*----- Value in opt.h for TCP_SNDLOWAT: LWIP_MIN(LWIP_MAX(((TCP_SND_BUF)/2), (2 * TCP_MSS) + 1), (TCP_SND_BUF) - 1) -*/
+#define TCP_SNDLOWAT 1071
+/*----- Value in opt.h for TCP_SNDQUEUELOWAT: LWIP_MAX(TCP_SND_QUEUELEN)/2, 5) -*/
+#define TCP_SNDQUEUELOWAT 5
+/*----- Value in opt.h for TCP_WND_UPDATE_THRESHOLD: LWIP_MIN(TCP_WND/4, TCP_MSS*4) -----*/
+#define TCP_WND_UPDATE_THRESHOLD 536
+/*----- Value in opt.h for TCPIP_THREAD_STACKSIZE: 0 -----*/
+#define TCPIP_THREAD_STACKSIZE 1024
+/*----- Value in opt.h for TCPIP_THREAD_PRIO: 1 -----*/
+#define TCPIP_THREAD_PRIO 3
+/*----- Value in opt.h for SLIPIF_THREAD_STACKSIZE: 0 -----*/
+#define SLIPIF_THREAD_STACKSIZE 1024
+/*----- Value in opt.h for SLIPIF_THREAD_PRIO: 1 -----*/
+#define SLIPIF_THREAD_PRIO 3
+/*----- Value in opt.h for DEFAULT_THREAD_STACKSIZE: 0 -----*/
+#define DEFAULT_THREAD_STACKSIZE 1024
+/*----- Value in opt.h for DEFAULT_THREAD_PRIO: 1 -----*/
+#define DEFAULT_THREAD_PRIO 3
+/*----- Value in opt.h for LWIP_STATS: 1 -----*/
+#define LWIP_STATS 0
+/*----- Value in opt.h for CHECKSUM_GEN_IP: 1 -----*/
+#define CHECKSUM_GEN_IP 0
+/*----- Value in opt.h for CHECKSUM_GEN_UDP: 1 -----*/
+#define CHECKSUM_GEN_UDP 0
+/*----- Value in opt.h for CHECKSUM_GEN_TCP: 1 -----*/
+#define CHECKSUM_GEN_TCP 0
+/*----- Value in opt.h for CHECKSUM_GEN_ICMP: 1 -----*/
+#define CHECKSUM_GEN_ICMP 0
+/*----- Value in opt.h for CHECKSUM_GEN_ICMP6: 1 -----*/
+#define CHECKSUM_GEN_ICMP6 0
+/*----- Value in opt.h for CHECKSUM_CHECK_IP: 1 -----*/
+#define CHECKSUM_CHECK_IP 0
+/*----- Value in opt.h for CHECKSUM_CHECK_UDP: 1 -----*/
+#define CHECKSUM_CHECK_UDP 0
+/*----- Value in opt.h for CHECKSUM_CHECK_TCP: 1 -----*/
+#define CHECKSUM_CHECK_TCP 0
+/*----- Value in opt.h for CHECKSUM_CHECK_ICMP: 1 -----*/
+#define CHECKSUM_CHECK_ICMP 0
+/*----- Value in opt.h for CHECKSUM_CHECK_ICMP6: 1 -----*/
+#define CHECKSUM_CHECK_ICMP6 0
+/*-----------------------------------------------------------------------------*/
+
+/* Parameter(s) not set in STM32CubeMX LwIP Configuration GUI -*/
+/* LwIP Parameter(s) not in opt.h -----------------------------*/
+#define LWIP_PROVIDE_ERRNO  1
+
+
+#define LWIP_TIMEVAL_PRIVATE 0
+
+#define LWIP_DEBUG 1
+
+#define LWIP_DNS 1
+#define LWIP_SOCKET 1
+#define LWIP_RAW 1
+#define LWIP_NETCONN 1
+
+/* USER CODE BEGIN 1 */
+
+/* USER CODE END 1 */
+
+#ifdef __cplusplus
+}
+#endif
+#endif /*__LWIPOPTS__H_H */

IDE/OPENSTM32/Inc/user_settings.h

@@ -0,0 +1,401 @@
+/* Example wolfSSL user settings for STM32F4 with CubeMX */
+
+#ifndef WOLFSSL_USER_SETTINGS_H
+#define WOLFSSL_USER_SETTINGS_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* ------------------------------------------------------------------------- */
+/* Platform */
+/* ------------------------------------------------------------------------- */
+#undef  WOLFSSL_GENERAL_ALIGNMENT
+#define WOLFSSL_GENERAL_ALIGNMENT   4
+
+#undef  SINGLE_THREADED
+#define SINGLE_THREADED
+
+#undef  WOLFSSL_SMALL_STACK
+#define WOLFSSL_SMALL_STACK
+
+#undef  WOLFSSL_STM32F4
+#define WOLFSSL_STM32F4
+
+#undef  WOLFSSL_STM32_CUBEMX
+#define WOLFSSL_STM32_CUBEMX
+
+#undef  FREERTOS
+//#define FREERTOS
+
+#undef  WOLFSSL_LWIP
+//#define WOLFSSL_LWIP
+
+#define HAVE_LWIP_NATIVE
+
+
+/* ------------------------------------------------------------------------- */
+/* Math Configuration */
+/* ------------------------------------------------------------------------- */
+#undef  USE_FAST_MATH
+#define USE_FAST_MATH
+
+#ifdef USE_FAST_MATH
+    #undef  TFM_TIMING_RESISTANT
+    #define TFM_TIMING_RESISTANT
+
+    #undef  TFM_NO_ASM
+    //#define TFM_NO_ASM
+
+    /* Optimizations (TFM_ARM, TFM_ASM or none) */
+    //#define TFM_ASM
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Crypto */
+/* ------------------------------------------------------------------------- */
+/* ECC */
+#if 1
+    #undef  HAVE_ECC
+    #define HAVE_ECC
+
+    /* Manually define enabled curves */
+    #undef  ECC_USER_CURVES
+    #define ECC_USER_CURVES
+
+    //#define HAVE_ECC192
+    //#define HAVE_ECC224
+    #undef NO_ECC256
+    //#define HAVE_ECC384
+    //#define HAVE_ECC521
+
+    /* Fixed point cache (speeds repeated operations against same private key) */
+    #undef  FP_ECC
+    //#define FP_ECC
+    #ifdef FP_ECC
+        /* Bits / Entries */
+        #undef  FP_ENTRIES
+        #define FP_ENTRIES  2
+        #undef  FP_LUT
+        #define FP_LUT      4
+    #endif
+
+    /* Optional ECC calculation method */
+    /* Note: doubles heap usage, but slightly faster */
+    #undef  ECC_SHAMIR
+    #define ECC_SHAMIR
+
+    /* Reduces heap usage, but slower */
+    #undef  ECC_TIMING_RESISTANT
+    #define ECC_TIMING_RESISTANT
+
+    #ifdef USE_FAST_MATH
+        /* use reduced size math buffers for ecc points */
+        #undef  ALT_ECC_SIZE
+        #define ALT_ECC_SIZE
+
+        /* optionally override the default max ecc bits */
+        //#undef  FP_MAX_BITS_ECC
+        //#define FP_MAX_BITS_ECC     512
+
+        /* Enable TFM optimizations for ECC */
+        //#define TFM_ECC192
+        //#define TFM_ECC224
+        //#define TFM_ECC256
+        //#define TFM_ECC384
+        //#define TFM_ECC521
+    #endif
+#endif
+
+/* RSA */
+#undef NO_RSA
+#if 1
+    #ifdef USE_FAST_MATH
+        /* Maximum math bits (Max RSA key bits * 2) */
+        #undef  FP_MAX_BITS
+        #define FP_MAX_BITS     4096
+    #endif
+
+    /* half as much memory but twice as slow */
+    #undef  RSA_LOW_MEM
+    //#define RSA_LOW_MEM
+
+	/* Enables blinding mode, to prevent timing attacks */
+	#undef  WC_RSA_BLINDING
+	#define WC_RSA_BLINDING
+
+#else
+    #define NO_RSA
+#endif
+
+/* AES */
+#undef NO_AES
+#if 1
+    #undef  HAVE_AESGCM
+    #define HAVE_AESGCM
+
+    #ifdef HAVE_AESGCM
+        /* GCM with hardware acceleration requires AES counter/direct for unaligned sizes */
+        #undef  WOLFSSL_AES_COUNTER
+        #define WOLFSSL_AES_COUNTER
+
+        #undef  WOLFSSL_AES_DIRECT
+        #define WOLFSSL_AES_DIRECT
+    #endif
+
+    /* GCM Method: GCM_SMALL, GCM_WORD32 or GCM_TABLE */
+    #undef  GCM_SMALL
+    #define GCM_SMALL
+#else
+    #define NO_AES
+#endif
+
+/* ChaCha20 / Poly1305 */
+#undef HAVE_CHACHA
+#undef HAVE_POLY1305
+#if 0
+    #define HAVE_CHACHA
+    #define HAVE_POLY1305
+
+    /* Needed for Poly1305 */
+    #undef  HAVE_ONE_TIME_AUTH
+    #define HAVE_ONE_TIME_AUTH
+#endif
+
+/* Ed25519 / Curve25519 */
+#undef HAVE_CURVE25519
+#undef HAVE_ED25519
+#if 0
+    #define HAVE_CURVE25519
+    #define HAVE_ED25519
+
+    /* Optionally use small math (less flash usage, but much slower) */
+    #if 0
+        #define CURVED25519_SMALL
+    #endif
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Hashing */
+/* ------------------------------------------------------------------------- */
+/* Sha */
+#undef NO_SHA
+#if 1
+    /* 1k smaller, but 25% slower */
+    //#define USE_SLOW_SHA
+#else
+    #define NO_SHA
+#endif
+
+/* Sha256 */
+#undef NO_SHA256
+#if 1
+#else
+    #define NO_SHA256
+#endif
+
+/* Sha512 */
+#undef WOLFSSL_SHA512
+#if 1
+    #define WOLFSSL_SHA512
+
+    /* Sha384 */
+    #undef  WOLFSSL_SHA384
+    #if 1
+        #define WOLFSSL_SHA384
+    #endif
+
+    /* over twice as small, but 50% slower */
+    //#define USE_SLOW_SHA2
+#endif
+
+/* MD5 */
+#undef  NO_MD5
+#if 1
+	/* enabled */
+#else
+    #define NO_MD5
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* HW Crypto Acceleration */
+/* ------------------------------------------------------------------------- */
+// See settings.h STM32F4 section
+
+
+/* ------------------------------------------------------------------------- */
+/* Benchmark / Test */
+/* ------------------------------------------------------------------------- */
+/* Use reduced benchmark / test sizes */
+#undef  BENCH_EMBEDDED
+#define BENCH_EMBEDDED
+
+#undef  USE_CERT_BUFFERS_2048
+#define USE_CERT_BUFFERS_2048
+
+#undef  USE_CERT_BUFFERS_256
+#define USE_CERT_BUFFERS_256
+
+
+/* ------------------------------------------------------------------------- */
+/* Debugging */
+/* ------------------------------------------------------------------------- */
+#undef  WOLFSSL_DEBUG
+//#define WOLFSSL_DEBUG
+
+#ifdef WOLFSSL_DEBUG
+    /* Use this to measure / print heap usage */
+    #if 0
+        #undef  USE_WOLFSSL_MEMORY
+        #define USE_WOLFSSL_MEMORY
+
+        #undef  WOLFSSL_TRACK_MEMORY
+        #define WOLFSSL_TRACK_MEMORY
+    #endif
+#else
+    #undef  NO_WOLFSSL_MEMORY
+    #define NO_WOLFSSL_MEMORY
+
+    #undef  NO_ERROR_STRINGS
+    //#define NO_ERROR_STRINGS
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Port */
+/* ------------------------------------------------------------------------- */
+
+/* Override Current Time */
+/* Allows custom "custom_time()" function to be used for benchmark */
+#define WOLFSSL_USER_CURRTIME
+
+
+/* ------------------------------------------------------------------------- */
+/* RNG */
+/* ------------------------------------------------------------------------- */
+/* Size of returned HW RNG value */
+#define CUSTOM_RAND_TYPE      unsigned int
+
+#define NO_OLD_RNGNAME
+
+/* Choose RNG method */
+#if 0
+#if 1
+    /* Use built-in P-RNG (SHA256 based) with HW RNG */
+    /* P-RNG + HW RNG (P-RNG is ~8K) */
+    #undef  HAVE_HASHDRBG
+    #define HAVE_HASHDRBG
+
+    extern unsigned int custom_rand_generate(void);
+    #undef  CUSTOM_RAND_GENERATE
+    #define CUSTOM_RAND_GENERATE  custom_rand_generate
+#else
+    /* Bypass P-RNG and use only HW RNG */
+    extern int custom_rand_generate_block(unsigned char* output, unsigned int sz);
+    #undef  CUSTOM_RAND_GENERATE_BLOCK
+    #define CUSTOM_RAND_GENERATE_BLOCK  custom_rand_generate_block
+#endif
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Enable Features */
+/* ------------------------------------------------------------------------- */
+#undef  KEEP_PEER_CERT
+//#define KEEP_PEER_CERT
+
+#undef  HAVE_COMP_KEY
+//#define HAVE_COMP_KEY
+
+#undef  HAVE_TLS_EXTENSIONS
+#define HAVE_TLS_EXTENSIONS
+
+#undef  HAVE_SUPPORTED_CURVES
+#define HAVE_SUPPORTED_CURVES
+
+#undef  WOLFSSL_BASE64_ENCODE
+//#define WOLFSSL_BASE64_ENCODE
+
+/* TLS Session Cache */
+#if 0
+    #define SMALL_SESSION_CACHE
+#else
+    #define NO_SESSION_CACHE
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Disable Features */
+/* ------------------------------------------------------------------------- */
+#undef  NO_WOLFSSL_SERVER
+//#define NO_WOLFSSL_SERVER
+
+#undef  NO_WOLFSSL_CLIENT
+//#define NO_WOLFSSL_CLIENT
+
+#undef  NO_CRYPT_TEST
+//#define NO_CRYPT_TEST
+
+#undef  NO_CRYPT_BENCHMARK
+//#define NO_CRYPT_BENCHMARK
+
+/* In-lining of misc.c functions */
+/* If defined, must include wolfcrypt/src/misc.c in build */
+/* Slower, but about 1k smaller */
+#undef  NO_INLINE
+//#define NO_INLINE
+
+#undef  NO_FILESYSTEM
+#define NO_FILESYSTEM
+
+#undef  NO_WRITEV
+#define NO_WRITEV
+
+#undef  NO_MAIN_DRIVER
+#define NO_MAIN_DRIVER
+
+#undef  NO_DEV_RANDOM
+#define NO_DEV_RANDOM
+
+#undef  NO_DSA
+#define NO_DSA
+
+#undef  NO_DH
+#define NO_DH
+
+#undef  NO_DES3
+#define NO_DES3
+
+#undef  NO_RC4
+#define NO_RC4
+
+#undef  NO_OLD_TLS
+#define NO_OLD_TLS
+
+#undef  NO_HC128
+#define NO_HC128
+
+#undef  NO_RABBIT
+#define NO_RABBIT
+
+#undef  NO_PSK
+#define NO_PSK
+
+#undef  NO_MD4
+#define NO_MD4
+
+#undef  NO_PWDBASED
+#define NO_PWDBASED
+
+#undef  NO_CODING
+#define NO_CODING
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* WOLFSSL_USER_SETTINGS_H */

IDE/OPENSTM32/Inc/wolfssl_example.h

@@ -0,0 +1,14 @@
+/*
+ * wolfssl_example.h
+ *
+ *  Created on: Oct 3, 2016
+ *      Author: davidgarske
+ */
+
+#ifndef WOLFSSL_EXAMPLE_H_
+#define WOLFSSL_EXAMPLE_H_
+
+void wolfCryptDemo(void const * argument);
+
+
+#endif /* WOLFSSL_EXAMPLE_H_ */

IDE/OPENSTM32/README.md

@@ -0,0 +1,27 @@
+# wolfSSL STM32F2/F4 Example for Open STM32 Tools System Workbench
+
+
+## Requirements
+
+* STM32CubeMX: STM32 CubeMX HAL code generation tool - [http://www.st.com/en/development-tools/stm32cubemx.html](http://www.st.com/en/development-tools/stm32cubemx.html)
+* SystemWorkbench for STM32 - [http://www.st.com/en/development-tools/sw4stm32.html](http://www.st.com/en/development-tools/sw4stm32.html)
+
+## Setup
+
+1. Using the STM32CubeMX tool, load the `<wolfssl-root>/IDE/OPENSTM32/wolfSTM32.ino` file.
+2. Adjust the HAL options based on your specific micro-controller.
+3. Generate source code.
+4. Run `SystemWorkbench` and choose a new workspace location for this project.
+5. Import `wolfSTM32' project from `<wolfssl-root>/IDE/OPENSTM32/`.
+6. Adjust the micro-controller define in `Project Settings -> C/C++ General -> Paths and Symbols -> Symbols -> GNU C`. Example uses `STM32F437xx`, but should be changed to reflect your micro-controller type.
+7. Build and Run
+
+Note: You may need to manually copy over the CubeMX HAL files for `stm32f4xx_hal_cryp.c`, `stm32f4xx_hal_cryp_ex.c`, `stm32f4xx_hal_cryp.h`, `stm32f4xx_hal_cryp_ex.h`. Also uncomment the `#define HAL_CRYP_MODULE_ENABLED` line in `stm32f4xx_hal_conf.h`.
+
+## Configuration
+
+The settings for the wolfSTM32 project are located in `<wolfssl-root>/IDE/OPENSTM32/Inc/user_settings.h`.
+
+## Support
+
+For questions please email [support@wolfssl.com](mailto:support@wolfssl.com)

IDE/OPENSTM32/Src/main.c

@@ -0,0 +1,384 @@
+/* Includes ------------------------------------------------------------------*/
+#include "stm32f4xx.h"
+#include "cmsis_os.h"
+#include "lwip.h"
+#include "wolfssl_example.h"
+
+/* USER CODE BEGIN Includes */
+
+/* USER CODE END Includes */
+
+/* Private variables ---------------------------------------------------------*/
+CRC_HandleTypeDef hcrc;
+
+RNG_HandleTypeDef hrng;
+
+RTC_HandleTypeDef hrtc;
+
+UART_HandleTypeDef huart4;
+
+osThreadId defaultTaskHandle;
+
+/* USER CODE BEGIN PV */
+/* Private variables ---------------------------------------------------------*/
+
+/* USER CODE END PV */
+
+/* Private function prototypes -----------------------------------------------*/
+void SystemClock_Config(void);
+void Error_Handler(void);
+static void MX_GPIO_Init(void);
+static void MX_CRC_Init(void);
+static void MX_RNG_Init(void);
+static void MX_UART4_Init(void);
+static void MX_RTC_Init(void);
+
+/* USER CODE BEGIN PFP */
+/* Private function prototypes -----------------------------------------------*/
+
+/* USER CODE END PFP */
+
+/* USER CODE BEGIN 0 */
+
+/* USER CODE END 0 */
+
+int main(void)
+{
+
+  /* USER CODE BEGIN 1 */
+
+  /* USER CODE END 1 */
+
+  /* MCU Configuration----------------------------------------------------------*/
+
+  /* Reset of all peripherals, Initializes the Flash interface and the Systick. */
+  HAL_Init();
+
+  /* Configure the system clock */
+  SystemClock_Config();
+
+  /* Initialize all configured peripherals */
+  MX_GPIO_Init();
+  MX_CRC_Init();
+  MX_RNG_Init();
+  MX_UART4_Init();
+  MX_RTC_Init();
+
+  /* USER CODE BEGIN 2 */
+
+  /* USER CODE END 2 */
+
+  /* USER CODE BEGIN RTOS_MUTEX */
+  /* add mutexes, ... */
+  /* USER CODE END RTOS_MUTEX */
+
+  /* USER CODE BEGIN RTOS_SEMAPHORES */
+  /* add semaphores, ... */
+  /* USER CODE END RTOS_SEMAPHORES */
+
+  /* USER CODE BEGIN RTOS_TIMERS */
+  /* start timers, add new ones, ... */
+  /* USER CODE END RTOS_TIMERS */
+
+  /* Create the thread(s) */
+  /* definition and creation of defaultTask */
+  osThreadDef(defaultTask, wolfCryptDemo, osPriorityNormal, 0, 24000);
+  defaultTaskHandle = osThreadCreate(osThread(defaultTask), NULL);
+
+  /* USER CODE BEGIN RTOS_THREADS */
+  /* add threads, ... */
+  /* USER CODE END RTOS_THREADS */
+
+  /* USER CODE BEGIN RTOS_QUEUES */
+  /* add queues, ... */
+  /* USER CODE END RTOS_QUEUES */
+
+
+  /* Start scheduler */
+  osKernelStart();
+
+  /* We should never get here as control is now taken by the scheduler */
+
+  /* Infinite loop */
+  /* USER CODE BEGIN WHILE */
+  while (1)
+  {
+  /* USER CODE END WHILE */
+
+  /* USER CODE BEGIN 3 */
+
+  }
+  /* USER CODE END 3 */
+
+}
+
+/** System Clock Configuration
+*/
+#define SysTick_IRQn -1
+
+void SystemClock_Config(void)
+{
+
+  RCC_OscInitTypeDef RCC_OscInitStruct;
+  RCC_ClkInitTypeDef RCC_ClkInitStruct;
+  RCC_PeriphCLKInitTypeDef PeriphClkInitStruct;
+
+  __HAL_RCC_PWR_CLK_ENABLE();
+
+  __HAL_PWR_VOLTAGESCALING_CONFIG(PWR_REGULATOR_VOLTAGE_SCALE3);
+
+  RCC_OscInitStruct.OscillatorType = RCC_OSCILLATORTYPE_HSE|RCC_OSCILLATORTYPE_LSE;
+  RCC_OscInitStruct.HSEState = RCC_HSE_ON;
+  RCC_OscInitStruct.LSEState = RCC_LSE_ON;
+  RCC_OscInitStruct.PLL.PLLState = RCC_PLL_ON;
+  RCC_OscInitStruct.PLL.PLLSource = RCC_PLLSOURCE_HSE;
+  RCC_OscInitStruct.PLL.PLLM = 15;
+  RCC_OscInitStruct.PLL.PLLN = 144;
+  RCC_OscInitStruct.PLL.PLLP = RCC_PLLP_DIV2;
+  RCC_OscInitStruct.PLL.PLLQ = 5;
+  if (HAL_RCC_OscConfig(&RCC_OscInitStruct) != HAL_OK)
+  {
+    Error_Handler();
+  }
+
+  RCC_ClkInitStruct.ClockType = RCC_CLOCKTYPE_HCLK|RCC_CLOCKTYPE_SYSCLK
+                              |RCC_CLOCKTYPE_PCLK1|RCC_CLOCKTYPE_PCLK2;
+  RCC_ClkInitStruct.SYSCLKSource = RCC_SYSCLKSOURCE_PLLCLK;
+  RCC_ClkInitStruct.AHBCLKDivider = RCC_SYSCLK_DIV1;
+  RCC_ClkInitStruct.APB1CLKDivider = RCC_HCLK_DIV4;
+  RCC_ClkInitStruct.APB2CLKDivider = RCC_HCLK_DIV2;
+  if (HAL_RCC_ClockConfig(&RCC_ClkInitStruct, FLASH_LATENCY_3) != HAL_OK)
+  {
+    Error_Handler();
+  }
+
+  PeriphClkInitStruct.PeriphClockSelection = RCC_PERIPHCLK_RTC;
+  PeriphClkInitStruct.RTCClockSelection = RCC_RTCCLKSOURCE_LSE;
+  if (HAL_RCCEx_PeriphCLKConfig(&PeriphClkInitStruct) != HAL_OK)
+  {
+    Error_Handler();
+  }
+
+  HAL_SYSTICK_Config(HAL_RCC_GetHCLKFreq()/1000);
+
+  HAL_SYSTICK_CLKSourceConfig(SYSTICK_CLKSOURCE_HCLK);
+
+  /* SysTick_IRQn interrupt configuration */
+  HAL_NVIC_SetPriority(SysTick_IRQn, 15, 0);
+}
+
+/* CRC init function */
+static void MX_CRC_Init(void)
+{
+
+  hcrc.Instance = CRC;
+  if (HAL_CRC_Init(&hcrc) != HAL_OK)
+  {
+    Error_Handler();
+  }
+
+}
+
+/* RNG init function */
+static void MX_RNG_Init(void)
+{
+
+  hrng.Instance = RNG;
+  if (HAL_RNG_Init(&hrng) != HAL_OK)
+  {
+    Error_Handler();
+  }
+
+}
+
+/* RTC init function */
+#define RTC_ASYNCH_PREDIV  0x7F   /* LSE as RTC clock */
+#define RTC_SYNCH_PREDIV   0x00FF /* LSE as RTC clock */
+static void MX_RTC_Init(void)
+{
+
+  RTC_TimeTypeDef sTime;
+  RTC_DateTypeDef sDate;
+
+    /**Initialize RTC and set the Time and Date
+    */
+  hrtc.Instance = RTC;
+  hrtc.Init.HourFormat = RTC_HOURFORMAT_24;
+  hrtc.Init.AsynchPrediv = RTC_ASYNCH_PREDIV;
+  hrtc.Init.SynchPrediv = RTC_SYNCH_PREDIV;
+  hrtc.Init.OutPut = RTC_OUTPUT_DISABLE;
+  hrtc.Init.OutPutPolarity = RTC_OUTPUT_POLARITY_HIGH;
+  hrtc.Init.OutPutType = RTC_OUTPUT_TYPE_OPENDRAIN;
+  if (HAL_RTC_Init(&hrtc) != HAL_OK)
+  {
+    Error_Handler();
+  }
+
+  sTime.Hours = 0x0;
+  sTime.Minutes = 0x0;
+  sTime.Seconds = 0x0;
+  sTime.DayLightSaving = RTC_DAYLIGHTSAVING_NONE;
+  sTime.StoreOperation = RTC_STOREOPERATION_RESET;
+  if (HAL_RTC_SetTime(&hrtc, &sTime, RTC_FORMAT_BCD) != HAL_OK)
+  {
+    Error_Handler();
+  }
+
+  sDate.WeekDay = RTC_WEEKDAY_MONDAY;
+  sDate.Month = RTC_MONTH_JANUARY;
+  sDate.Date = 0x1;
+  sDate.Year = 0x0;
+
+  if (HAL_RTC_SetDate(&hrtc, &sDate, RTC_FORMAT_BCD) != HAL_OK)
+  {
+    Error_Handler();
+  }
+
+    /**Enable the TimeStamp
+    */
+  if (HAL_RTCEx_SetTimeStamp(&hrtc, RTC_TIMESTAMPEDGE_RISING, RTC_TIMESTAMPPIN_DEFAULT) != HAL_OK)
+  {
+    Error_Handler();
+  }
+
+    /**Enable the reference Clock input
+    */
+  if (HAL_RTCEx_SetRefClock(&hrtc) != HAL_OK)
+  {
+    Error_Handler();
+  }
+
+}
+
+/* UART4 init function */
+static void MX_UART4_Init(void)
+{
+
+  huart4.Instance = UART4;
+  huart4.Init.BaudRate = 115200;
+  huart4.Init.WordLength = UART_WORDLENGTH_8B;
+  huart4.Init.StopBits = UART_STOPBITS_1;
+  huart4.Init.Parity = UART_PARITY_NONE;
+  huart4.Init.Mode = UART_MODE_TX_RX;
+  huart4.Init.HwFlowCtl = UART_HWCONTROL_NONE;
+  huart4.Init.OverSampling = UART_OVERSAMPLING_16;
+  if (HAL_UART_Init(&huart4) != HAL_OK)
+  {
+    Error_Handler();
+  }
+
+  // Turn off buffers, so I/O occurs immediately
+  setvbuf(stdin, NULL, _IONBF, 0);
+  setvbuf(stdout, NULL, _IONBF, 0);
+  setvbuf(stderr, NULL, _IONBF, 0);
+}
+
+int _write (int fd, char *ptr, int len)
+{
+	(void)fd;
+
+  /* Write "len" of char from "ptr" to file id "fd"
+   * Return number of char written.
+   * Need implementing with UART here. */
+	HAL_UART_Transmit(&huart4, (uint8_t *)ptr, len, 0xFFFF);
+
+  return len;
+}
+
+int _read (int fd, char *ptr, int len)
+{
+  /* Read "len" of char to "ptr" from file id "fd"
+   * Return number of char read.
+   * Need implementing with UART here. */
+	(void)fd;
+
+	return HAL_UART_Receive(&huart4, (uint8_t*)ptr, len, 0xFFFF);
+}
+
+void _ttywrch(int ch) {
+  /* Write one char "ch" to the default console
+   * Need implementing with UART here. */
+	_write(0, (char*)&ch, 1);
+}
+
+
+
+/** Configure pins as
+        * Analog
+        * Input
+        * Output
+        * EVENT_OUT
+        * EXTI
+*/
+static void MX_GPIO_Init(void)
+{
+
+  /* GPIO Ports Clock Enable */
+  __HAL_RCC_GPIOE_CLK_ENABLE();
+  __HAL_RCC_GPIOG_CLK_ENABLE();
+  __HAL_RCC_GPIOB_CLK_ENABLE();
+  __HAL_RCC_GPIOA_CLK_ENABLE();
+  __HAL_RCC_GPIOC_CLK_ENABLE();
+  __HAL_RCC_GPIOH_CLK_ENABLE();
+
+}
+
+/* USER CODE BEGIN 4 */
+
+/* USER CODE END 4 */
+
+/**
+  * @brief  Period elapsed callback in non blocking mode
+  * @note   This function is called  when TIM1 interrupt took place, inside
+  * HAL_TIM_IRQHandler(). It makes a direct call to HAL_IncTick() to increment
+  * a global variable "uwTick" used as application time base.
+  * @param  htim : TIM handle
+  * @retval None
+  */
+void HAL_TIM_PeriodElapsedCallback(TIM_HandleTypeDef *htim)
+{
+/* USER CODE BEGIN Callback 0 */
+
+/* USER CODE END Callback 0 */
+  if (htim->Instance == TIM1) {
+    HAL_IncTick();
+  }
+/* USER CODE BEGIN Callback 1 */
+
+/* USER CODE END Callback 1 */
+}
+
+/**
+  * @brief  This function is executed in case of error occurrence.
+  * @param  None
+  * @retval None
+  */
+void Error_Handler(void)
+{
+  /* USER CODE BEGIN Error_Handler */
+  /* User can add his own implementation to report the HAL error return state */
+  while(1)
+  {
+  }
+  /* USER CODE END Error_Handler */
+}
+
+#ifdef USE_FULL_ASSERT
+
+/**
+   * @brief Reports the name of the source file and the source line number
+   * where the assert_param error has occurred.
+   * @param file: pointer to the source file name
+   * @param line: assert_param error line source number
+   * @retval None
+   */
+void assert_failed(uint8_t* file, uint32_t line)
+{
+  /* USER CODE BEGIN 6 */
+  /* User can add his own implementation to report the file name and line number,
+    ex: printf("Wrong parameters value: file %s on line %d\r\n", file, line) */
+  /* USER CODE END 6 */
+
+}
+
+#endif

IDE/OPENSTM32/Src/wolfssl_example.c

@@ -0,0 +1,101 @@
+#include <string.h>
+#include "stm32f4xx_hal.h"
+#include "cmsis_os.h"
+#include "lwip.h"
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/ssl.h>
+#include <wolfcrypt/test/test.h>
+#include <wolfcrypt/benchmark/benchmark.h>
+
+
+/*****************************************************************************
+ * Private types/enumerations/variables
+ ****************************************************************************/
+
+/* UART definitions */
+extern UART_HandleTypeDef huart4;
+
+
+/*****************************************************************************
+ * Public types/enumerations/variables
+ ****************************************************************************/
+typedef struct func_args {
+    int    argc;
+    char** argv;
+    int    return_code;
+} func_args;
+
+const char menu1[] = "\r\n"
+    "\tt. WolfSSL Test\r\n"
+    "\tb. WolfSSL Benchmark\r\n";
+
+/*****************************************************************************
+ * Private functions
+ ****************************************************************************/
+
+
+/*****************************************************************************
+ * Public functions
+ ****************************************************************************/
+void wolfCryptDemo(void const * argument)
+{
+    uint8_t buffer[1] = {'t'};
+    func_args args;
+
+    /* init code for LWIP */
+    MX_LWIP_Init();
+
+    while (1) {
+        printf("\r\n\t\t\t\tMENU\r\n");
+        printf(menu1);
+        printf("Please select one of the above options: ");
+
+        HAL_UART_Receive(&huart4, buffer, sizeof(buffer), 1000);
+
+        switch (buffer[0]) {
+
+        case 't':
+            memset(&args, 0, sizeof(args));
+            printf("\nCrypt Test\n");
+            wolfcrypt_test(&args);
+            printf("Crypt Test: Return code %d\n", args.return_code);
+            break;
+
+        case 'b':
+            memset(&args, 0, sizeof(args));
+            printf("\nBenchmark Test\n");
+            benchmark_test(&args);
+            printf("Benchmark Test: Return code %d\n", args.return_code);
+            break;
+
+        // All other cases go here
+        default: printf("\r\nSelection out of range\r\n"); break;
+        }
+    }
+}
+
+extern RTC_HandleTypeDef hrtc;
+double current_time()
+{
+	RTC_TimeTypeDef time;
+	RTC_DateTypeDef date;
+	uint32_t subsec;
+
+	/* must get time and date here due to STM32 HW bug */
+	HAL_RTC_GetTime(&hrtc, &time, FORMAT_BIN);
+	HAL_RTC_GetDate(&hrtc, &date, FORMAT_BIN);
+	subsec = (255 - time.SubSeconds) * 1000 / 255;
+
+	(void)date;
+
+	/* return seconds.milliseconds */
+	return ((double)time.Hours * 24) +
+		   ((double)time.Minutes * 60) +
+			(double)time.Seconds +
+		   ((double)subsec/1000);
+}

IDE/OPENSTM32/include.am

@@ -0,0 +1,15 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST+= IDE/OPENSTM32/README.md
+EXTRA_DIST+= IDE/OPENSTM32/.cproject
+EXTRA_DIST+= IDE/OPENSTM32/.project
+EXTRA_DIST+= IDE/OPENSTM32/wolfSTM32.cfg
+EXTRA_DIST+= IDE/OPENSTM32/wolfSTM32.ioc
+EXTRA_DIST+= IDE/OPENSTM32/wolfSTM32.xml
+EXTRA_DIST+= IDE/OPENSTM32/Src/main.c
+EXTRA_DIST+= IDE/OPENSTM32/Src/wolfssl_example.c
+EXTRA_DIST+= IDE/OPENSTM32/Inc/user_settings.h
+EXTRA_DIST+= IDE/OPENSTM32/Inc/wolfssl_example.h
+EXTRA_DIST+= IDE/OPENSTM32/Inc/lwipopts.h

IDE/OPENSTM32/wolfSTM32.cfg

@@ -0,0 +1,13 @@
+# This is an wolfSTM32 board with a single STM32F437IIHx chip.
+# Generated by System Workbench for STM32
+
+source [find interface/stlink-v2-1.cfg]
+
+set WORKAREASIZE 0x30000
+transport select "hla_jtag"
+set CPUTAPID 0x4ba00477
+
+source [find target/stm32f4x_stlink.cfg]
+
+# use hardware reset, connect under reset
+reset_config srst_only srst_nogate

IDE/OPENSTM32/wolfSTM32.ioc

@@ -0,0 +1,213 @@
+#MicroXplorer Configuration settings - do not modify
+FREERTOS.IPParameters=Tasks01
+FREERTOS.Tasks01=defaultTask,0,128,StartDefaultTask,Default
+File.Version=6
+KeepUserPlacement=false
+LWIP.Version=v1.5.0_RC0_20160211_Cube
+Mcu.Family=STM32F4
+Mcu.IP0=CRC
+Mcu.IP1=ETH
+Mcu.IP2=FREERTOS
+Mcu.IP3=LWIP
+Mcu.IP4=NVIC
+Mcu.IP5=RCC
+Mcu.IP6=RNG
+Mcu.IP7=RTC
+Mcu.IP8=SYS
+Mcu.IP9=UART4
+Mcu.IPNb=10
+Mcu.Name=STM32F437I(G-I)Hx
+Mcu.Package=UFBGA176
+Mcu.Pin0=PE2
+Mcu.Pin1=PG14
+Mcu.Pin10=PC10
+Mcu.Pin11=PC13
+Mcu.Pin12=PC14/OSC32_IN
+Mcu.Pin13=PC15/OSC32_OUT
+Mcu.Pin14=PH2
+Mcu.Pin15=PH0/OSC_IN
+Mcu.Pin16=PH3
+Mcu.Pin17=PH1/OSC_OUT
+Mcu.Pin18=PC1
+Mcu.Pin19=PC2
+Mcu.Pin2=PG13
+Mcu.Pin20=PC3
+Mcu.Pin21=PH6
+Mcu.Pin22=PA1
+Mcu.Pin23=PC4
+Mcu.Pin24=PH7
+Mcu.Pin25=PA2
+Mcu.Pin26=PC5
+Mcu.Pin27=PA7
+Mcu.Pin28=PB15
+Mcu.Pin29=VP_CRC_VS_CRC
+Mcu.Pin3=PB4
+Mcu.Pin30=VP_FREERTOS_VS_ENABLE
+Mcu.Pin31=VP_LWIP_VS_Enabled
+Mcu.Pin32=VP_RNG_VS_RNG
+Mcu.Pin33=VP_SYS_VS_tim1
+Mcu.Pin4=PB3
+Mcu.Pin5=PA15
+Mcu.Pin6=PA14
+Mcu.Pin7=PA13
+Mcu.Pin8=PG11
+Mcu.Pin9=PC11
+Mcu.PinsNb=34
+Mcu.UserConstants=
+Mcu.UserName=STM32F437IIHx
+MxCube.Version=4.16.1
+MxDb.Version=DB.4.0.161
+NVIC.BusFault_IRQn=true\:0\:0\:false\:false\:true\:false
+NVIC.DebugMonitor_IRQn=true\:0\:0\:false\:false\:true\:false
+NVIC.ETH_IRQn=true\:0\:0\:false\:false\:true\:false
+NVIC.HardFault_IRQn=true\:0\:0\:false\:false\:true\:false
+NVIC.MemoryManagement_IRQn=true\:0\:0\:false\:false\:true\:false
+NVIC.NonMaskableInt_IRQn=true\:0\:0\:false\:false\:true\:false
+NVIC.PendSV_IRQn=true\:15\:0\:false\:false\:false\:true
+NVIC.PriorityGroup=NVIC_PRIORITYGROUP_4
+NVIC.SVCall_IRQn=true\:0\:0\:false\:false\:false\:false
+NVIC.SysTick_IRQn=true\:15\:0\:false\:false\:true\:true
+NVIC.TIM1_UP_TIM10_IRQn=true\:0\:0\:false\:false\:true\:false
+NVIC.TimeBase=TIM1_UP_TIM10_IRQn
+NVIC.TimeBaseIP=TIM1
+NVIC.UsageFault_IRQn=true\:0\:0\:false\:false\:true\:false
+PA1.Mode=MII
+PA1.Signal=ETH_RX_CLK
+PA13.Mode=JTAG_5_pins
+PA13.Signal=SYS_JTMS-SWDIO
+PA14.Mode=JTAG_5_pins
+PA14.Signal=SYS_JTCK-SWCLK
+PA15.Mode=JTAG_5_pins
+PA15.Signal=SYS_JTDI
+PA2.Mode=MII
+PA2.Signal=ETH_MDIO
+PA7.Mode=MII
+PA7.Signal=ETH_RX_DV
+PB15.Mode=Reference_Clock_Detection_Activate
+PB15.Signal=RTC_REFIN
+PB3.Mode=JTAG_5_pins
+PB3.Signal=SYS_JTDO-SWO
+PB4.Mode=JTAG_5_pins
+PB4.Signal=SYS_JTRST
+PC1.Mode=MII
+PC1.Signal=ETH_MDC
+PC10.Mode=Asynchronous
+PC10.Signal=UART4_TX
+PC11.Mode=Asynchronous
+PC11.Signal=UART4_RX
+PC13.Mode=Timestamp enabled - Input Enabled to AF1
+PC13.Signal=RTC_AF1
+PC14/OSC32_IN.Mode=LSE-External-Oscillator
+PC14/OSC32_IN.Signal=RCC_OSC32_IN
+PC15/OSC32_OUT.Mode=LSE-External-Oscillator
+PC15/OSC32_OUT.Signal=RCC_OSC32_OUT
+PC2.Mode=MII
+PC2.Signal=ETH_TXD2
+PC3.Mode=MII
+PC3.Signal=ETH_TX_CLK
+PC4.Mode=MII
+PC4.Signal=ETH_RXD0
+PC5.Mode=MII
+PC5.Signal=ETH_RXD1
+PCC.Checker=false
+PCC.Line=STM32F427/437
+PCC.MCU=STM32F437I(G-I)Hx
+PCC.MXVersion=4.16.1
+PCC.PartNumber=STM32F437IIHx
+PCC.Seq0=0
+PCC.Series=STM32F4
+PCC.Temperature=25
+PCC.Vdd=null
+PE2.Mode=MII
+PE2.Signal=ETH_TXD3
+PG11.Mode=MII
+PG11.Signal=ETH_TX_EN
+PG13.Mode=MII
+PG13.Signal=ETH_TXD0
+PG14.Mode=MII
+PG14.Signal=ETH_TXD1
+PH0/OSC_IN.Mode=HSE-External-Oscillator
+PH0/OSC_IN.Signal=RCC_OSC_IN
+PH1/OSC_OUT.Mode=HSE-External-Oscillator
+PH1/OSC_OUT.Signal=RCC_OSC_OUT
+PH2.Mode=MII
+PH2.Signal=ETH_CRS
+PH3.Mode=MII
+PH3.Signal=ETH_COL
+PH6.Mode=MII
+PH6.Signal=ETH_RXD2
+PH7.Mode=MII
+PH7.Signal=ETH_RXD3
+ProjectManager.AskForMigrate=true
+ProjectManager.BackupPrevious=false
+ProjectManager.CompilerOptimize=2
+ProjectManager.ComputerToolchain=false
+ProjectManager.CoupleFile=false
+ProjectManager.DeletePrevious=true
+ProjectManager.DeviceId=STM32F437IIHx
+ProjectManager.FirmwarePackage=STM32Cube FW_F4 V1.13.0
+ProjectManager.FreePins=false
+ProjectManager.HalAssertFull=false
+ProjectManager.HeapSize=0x10000
+ProjectManager.KeepUserCode=true
+ProjectManager.LastFirmware=true
+ProjectManager.LibraryCopy=1
+ProjectManager.PreviousToolchain=SW4STM32
+ProjectManager.ProjectBuild=false
+ProjectManager.ProjectFileName=wolfSTM32.ioc
+ProjectManager.ProjectName=wolfSTM32
+ProjectManager.StackSize=0x4000
+ProjectManager.TargetToolchain=SW4STM32
+ProjectManager.ToolChainLocation=
+ProjectManager.UnderRoot=true
+ProjectManager.functionlistsort=1-MX_GPIO_Init-GPIO-false,2-MX_CRC_Init-CRC-false,3-MX_RNG_Init-RNG-false,4-MX_UART4_Init-UART4-false,5-MX_LWIP_Init-LWIP-false,6-MX_RTC_Init-RTC-false
+RCC.48MHZClocksFreq_Value=48000000
+RCC.AHBFreq_Value=120000000
+RCC.APB1CLKDivider=RCC_HCLK_DIV4
+RCC.APB1Freq_Value=30000000
+RCC.APB1TimFreq_Value=60000000
+RCC.APB2CLKDivider=RCC_HCLK_DIV2
+RCC.APB2Freq_Value=60000000
+RCC.APB2TimFreq_Value=120000000
+RCC.CortexFreq_Value=120000000
+RCC.EthernetFreq_Value=120000000
+RCC.FCLKCortexFreq_Value=120000000
+RCC.FamilyName=M
+RCC.HCLKFreq_Value=120000000
+RCC.HSE_VALUE=25000000
+RCC.HSI_VALUE=16000000
+RCC.I2SClocksFreq_Value=160000000
+RCC.IPParameters=48MHZClocksFreq_Value,AHBFreq_Value,APB1CLKDivider,APB1Freq_Value,APB1TimFreq_Value,APB2CLKDivider,APB2Freq_Value,APB2TimFreq_Value,CortexFreq_Value,EthernetFreq_Value,FCLKCortexFreq_Value,FamilyName,HCLKFreq_Value,HSE_VALUE,HSI_VALUE,I2SClocksFreq_Value,LSI_VALUE,MCO2PinFreq_Value,PLLCLKFreq_Value,PLLM,PLLN,PLLQ,PLLQCLKFreq_Value,PLLSourceVirtual,RCC_RTC_Clock_Source,RTCFreq_Value,RTCHSEDivFreq_Value,SAI_AClocksFreq_Value,SAI_BClocksFreq_Value,SYSCLKFreq_VALUE,SYSCLKSource,VCOI2SOutputFreq_Value,VCOInputFreq_Value,VCOOutputFreq_Value,VCOSAIOutputFreq_Value,VCOSAIOutputFreq_ValueQ,VcooutputI2S,VcooutputI2SQ
+RCC.LSI_VALUE=32000
+RCC.MCO2PinFreq_Value=120000000
+RCC.PLLCLKFreq_Value=120000000
+RCC.PLLM=15
+RCC.PLLN=144
+RCC.PLLQ=5
+RCC.PLLQCLKFreq_Value=48000000
+RCC.PLLSourceVirtual=RCC_PLLSOURCE_HSE
+RCC.RCC_RTC_Clock_Source=RCC_RTCCLKSOURCE_LSE
+RCC.RTCFreq_Value=32768
+RCC.RTCHSEDivFreq_Value=12500000
+RCC.SAI_AClocksFreq_Value=20416666.666666668
+RCC.SAI_BClocksFreq_Value=20416666.666666668
+RCC.SYSCLKFreq_VALUE=120000000
+RCC.SYSCLKSource=RCC_SYSCLKSOURCE_PLLCLK
+RCC.VCOI2SOutputFreq_Value=320000000
+RCC.VCOInputFreq_Value=1666666.6666666667
+RCC.VCOOutputFreq_Value=240000000
+RCC.VCOSAIOutputFreq_Value=81666666.66666667
+RCC.VCOSAIOutputFreq_ValueQ=20416666.666666668
+RCC.VcooutputI2S=160000000
+RCC.VcooutputI2SQ=160000000
+VP_CRC_VS_CRC.Mode=CRC_Activate
+VP_CRC_VS_CRC.Signal=CRC_VS_CRC
+VP_FREERTOS_VS_ENABLE.Mode=Enabled
+VP_FREERTOS_VS_ENABLE.Signal=FREERTOS_VS_ENABLE
+VP_LWIP_VS_Enabled.Mode=Enabled
+VP_LWIP_VS_Enabled.Signal=LWIP_VS_Enabled
+VP_RNG_VS_RNG.Mode=RNG_Activate
+VP_RNG_VS_RNG.Signal=RNG_VS_RNG
+VP_SYS_VS_tim1.Mode=TIM1
+VP_SYS_VS_tim1.Signal=SYS_VS_tim1
+board=wolfSTM32

IDE/OPENSTM32/wolfSTM32.xml

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<targetDefinitions xmlns="http://openstm32.org/stm32TargetDefinitions" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://openstm32.org/stm32TargetDefinitions stm32TargetDefinitions.xsd">
+  <board id="wolfstm32">
+    <name>wolfSTM32</name>
+    <mcuId>stm32f437iihx</mcuId>
+    <dbgIF>JTAG</dbgIF>
+    <dbgDEV>ST-LinkV2-1</dbgDEV>
+  </board>
+</targetDefinitions>

IDE/ROWLEY-CROSSWORKS-ARM/retarget.c

@@ -29,6 +29,12 @@ void __assert(const char *__expression, const char *__filename, int __line)
     printf("Assert: %s, File %s (%d)\n", __expression, __filename, __line);
 }
 
+unsigned long ksdk_time(unsigned long* timer)
+{
+    (void)timer;
+    return hw_get_time_sec();
+}
+
 unsigned int LowResTimer(void)
 {
     return hw_get_time_sec();

IDE/ROWLEY-CROSSWORKS-ARM/user_settings.h

@@ -7,6 +7,8 @@
 extern "C" {
 #endif
 
+#include <stddef.h> /* for size_t */
+
 /* ------------------------------------------------------------------------- */
 /* Platform */
 /* ------------------------------------------------------------------------- */
@@ -118,6 +120,11 @@ extern "C" {
     /* half as much memory but twice as slow */
     #undef  RSA_LOW_MEM
     //#define RSA_LOW_MEM
+
+    /* Enables blinding mode, to prevent timing attacks */
+    #undef  WC_RSA_BLINDING
+    #define WC_RSA_BLINDING
+
 #else
     #define NO_RSA
 #endif
@@ -270,6 +277,8 @@ extern "C" {
 /* Allows custom "custom_time()" function to be used for benchmark */
 #define WOLFSSL_USER_CURRTIME
 #define USER_TICKS
+extern unsigned long ksdk_time(unsigned long* timer);
+#define XTIME ksdk_time
 
 
 /* ------------------------------------------------------------------------- */

IDE/ROWLEY-CROSSWORKS-ARM/wolfssl_ltc.hzp

@@ -300,12 +300,26 @@
         recurse="Yes" />
       <file file_name="user_settings.h" />
       <file file_name="README.md" />
-      <folder
-        Name="source"
-        exclude=""
-        filter=""
-        path="../../src"
-        recurse="No" />
+      <folder Name="source">
+        <file file_name="../../src/bio.c">
+          <configuration Name="ARM_Debug" build_exclude_from_build="Yes" />
+        </file>
+        <file file_name="../../src/crl.c" />
+        <file file_name="../../src/include.am" />
+        <file file_name="../../src/internal.c" />
+        <file file_name="../../src/io.c" />
+        <file file_name="../../src/keys.c" />
+        <file file_name="../../src/libwolfssl.la" />
+        <file file_name="../../src/ocsp.c" />
+        <file file_name="../../src/sniffer.c" />
+        <file file_name="../../src/src_libwolfssl_la-internal.lo" />
+        <file file_name="../../src/src_libwolfssl_la-io.lo" />
+        <file file_name="../../src/src_libwolfssl_la-keys.lo" />
+        <file file_name="../../src/src_libwolfssl_la-ssl.lo" />
+        <file file_name="../../src/src_libwolfssl_la-tls.lo" />
+        <file file_name="../../src/ssl.c" />
+        <file file_name="../../src/tls.c" />
+      </folder>
     </folder>
   </project>
   <project Name="test_ltc">

IDE/WIN/user_settings.h

@@ -22,20 +22,25 @@
     #define NO_RABBIT
     #define NO_DSA
     #define NO_MD4
-#elif defined(WOLFSSL_LIB)
-    /* The lib */
-    #define OPENSSL_EXTRA
-    #define WOLFSSL_RIPEMD
-    #define WOLFSSL_SHA512
-    #define NO_PSK
-    #define HAVE_EXTENDED_MASTER
-    #define WOLFSSL_SNIFFER
-    #define HAVE_TLS_EXTENSIONS
-    #define HAVE_SECURE_RENEGOTIATION
 #else
-    /* The servers and clients */
-    #define OPENSSL_EXTRA
-    #define NO_PSK
+    /* Enables blinding mode, to prevent timing attacks */
+    #define WC_RSA_BLINDING
+
+    #if defined(WOLFSSL_LIB)
+        /* The lib */
+        #define OPENSSL_EXTRA
+        #define WOLFSSL_RIPEMD
+        #define WOLFSSL_SHA512
+        #define NO_PSK
+        #define HAVE_EXTENDED_MASTER
+        #define WOLFSSL_SNIFFER
+        #define HAVE_TLS_EXTENSIONS
+        #define HAVE_SECURE_RENEGOTIATION
+    #else
+        /* The servers and clients */
+        #define OPENSSL_EXTRA
+        #define NO_PSK
+    #endif
 #endif /* HAVE_FIPS */
 
 #endif /* _WIN_USER_SETTINGS_H_ */

IDE/WORKBENCH/README.md

@@ -1,5 +1,5 @@
 ## Wind River Workbench using VxWorks with wolfSSL
-####1 Steps to Add wolfSSL to Workbench Project
+#### 1 Steps to Add wolfSSL to Workbench Project
 1. Start by creating a new VxWorks image in Workbench by going to File > New >
 Project and then selecting VxWorks Image Project.
 
@@ -52,8 +52,8 @@ workspace folder. This is where the simulator looks for the filesystem.
     new project you created. Click "Ok".
     - Rebuild the project.
 
-####2 Testing wolfSSL with VxWorks:
-#####2.1 wolfCrypt Test and Benchmark Applications
+#### 2 Testing wolfSSL with VxWorks:
+##### 2.1 wolfCrypt Test and Benchmark Applications
 The wolfCrypt test application will test each of the cryptographic algorithms
 and output the status for each as a success or failure. The benchmark application will output the runtime of the cryptographic algorithms in milliseconds.
 
@@ -85,7 +85,7 @@ by adding the following to the usrAppInit() function:
 
 4. To run the VxWorks simulator, click the dropdown list next to "VxWorks Simulator" at the top of Workbench and go to "Open Connection Details". Add the correct Kernel Image file. This will be located in ```workspace/<project_name>/default/vxWorks```. Click Apply. Start the simulator by clicking the green, "Connect 'VxWorks Simulator'" button to the right of the "VxWorks Simulator" dropdown list. Verify in the simulator terminal that all wolfCrypt tests pass.
 
-#####2.2 Example Client
+##### 2.2 Example Client
 The wolfSSL example client.c file can be found in ```<path_to_wolfssl>/wolfssl/examples/client```.
 
 1. Add the following include to usrAppInit.c:
@@ -117,7 +117,7 @@ section, and add a call to the client function:
         SSL cipher suite is TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
         Server response: I hear you fa shizzle!
 
-#####2.3 Example Server
+##### 2.3 Example Server
 The example server requires more configuration than the client if using the
 VxWorks simulator.
 
@@ -164,7 +164,7 @@ Note: The wolfSSL example server and client cannot run at the same time on the V
         SSL cipher suite is TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
         Client message: hello wolfssl!
 
-####3 Necessary Files if Using VxWorks Simulator
+#### 3 Necessary Files if Using VxWorks Simulator
 The following files are required to replicate this build:
 * vxsim\_linux\_1\_0\_2\_2 (directory)
 * compilers/gnu-4.8.1.5/include/c++/4.8

IDE/include.am

@@ -5,9 +5,11 @@
 include IDE/iOS/include.am
 include IDE/WIN/include.am
 include IDE/WIN-SGX/include.am
+include IDE/LINUX-SGX/include.am
 include IDE/WORKBENCH/include.am
 include IDE/ROWLEY-CROSSWORKS-ARM/include.am
 include IDE/ARDUINO/include.am
 include IDE/INTIME-RTOS/include.am
+include IDE/OPENSTM32/include.am
 
-EXTRA_DIST+= IDE/IAR-EWARM IDE/MDK-ARM IDE/MDK5-ARM IDE/MYSQL IDE/LPCXPRESSO
+EXTRA_DIST+= IDE/IAR-EWARM IDE/MDK-ARM IDE/MDK5-ARM IDE/MYSQL IDE/LPCXPRESSO IDE/HEXIWEAR

Makefile.am

@@ -54,7 +54,18 @@ CLEANFILES+= cert.der \
              pkcs7envelopedDataAES128CBC.der \
              pkcs7envelopedDataAES192CBC.der \
              pkcs7envelopedDataAES256CBC.der \
-             pkcs7signedData.der
+             pkcs7signedData_RSA_SHA.der \
+             pkcs7signedData_RSA_SHA_noattr.der \
+             pkcs7signedData_RSA_SHA224.der \
+             pkcs7signedData_RSA_SHA256.der \
+             pkcs7signedData_RSA_SHA384.der \
+             pkcs7signedData_RSA_SHA512.der \
+             pkcs7signedData_ECDSA_SHA.der \
+             pkcs7signedData_ECDSA_SHA_noattr.der \
+             pkcs7signedData_ECDSA_SHA224.der \
+             pkcs7signedData_ECDSA_SHA256.der \
+             pkcs7signedData_ECDSA_SHA384.der \
+             pkcs7signedData_ECDSA_SHA512.der
 
 exampledir = $(docdir)/example
 dist_example_DATA=

README

@@ -3,7 +3,7 @@
 Note 1)
 wolfSSL as of 3.6.6 no longer enables SSLv3 by default.  wolfSSL also no
 longer supports static key cipher suites with PSK, RSA, or ECDH.  This means
-if you plan to use TLS cipher suites you must enable DH (DH is on  by default),
+if you plan to use TLS cipher suites you must enable DH (DH is on by default),
 or enable ECC (ECC is on by default on 64bit systems), or you must enable static
 key cipher suites with
     WOLFSSL_STATIC_DH
@@ -12,11 +12,11 @@ key cipher suites with
     WOLFSSL_STATIC_PSK
 
 though static key cipher suites are deprecated and will be removed from future
-versions of TLS.  They also lower your security by removing PFS. Since current
+versions of TLS.  They also lower your security by removing PFS.  Since current
 NTRU suites available do not use ephemeral keys, WOLFSSL_STATIC_RSA needs to be
 used in order to build with NTRU suites.
 
-When compiling ssl.c wolfSSL will now issue a compiler error if no cipher suites
+When compiling ssl.c, wolfSSL will now issue a compiler error if no cipher suites
 are available.  You can remove this error by defining WOLFSSL_ALLOW_NO_SUITES
 in the event that you desire that, i.e., you're not using TLS cipher suites.
 
@@ -34,6 +34,142 @@ before calling wolfSSL_new();  Though it's not recommended.
 
 *** end Notes ***
 
+********* wolfSSL (Formerly CyaSSL) Release 3.12.0 (8/04/2017)
+
+Release 3.12.0 of wolfSSL has bug fixes and new features including:
+
+- TLS 1.3 with Nginx! TLS 1.3 with ARMv8! TLS 1.3 with Async Crypto! (--enable-tls13)
+- TLS 1.3 0RTT feature added
+- Added port for using Intel SGX with Linux
+- Update and fix PIC32MZ port
+- Additional unit testing for MD5, SHA, SHA224, SHA256, SHA384, SHA512, RipeMd, HMAC, 3DES, IDEA, ChaCha20, ChaCha20Poly1305 AEAD, Camellia, Rabbit, ARC4, AES, RSA, Hc128
+- AVX and AVX2 assembly for improved ChaCha20 performance
+- Intel QAT fixes for when using --disable-fastmath
+- Update how DTLS handles decryption and MAC failures
+- Update DTLS session export version number for --enable-sessionexport feature
+- Add additional input argument sanity checks to ARMv8 assembly port
+- Fix for making PKCS12 dynamic types match
+- Fixes for potential memory leaks when using --enable-fast-rsa
+- Fix for when using custom ECC curves and add BRAINPOOLP256R1 test
+- Update TI-RTOS port for dependency on new wolfSSL source files
+- DTLS multicast feature added, --enable-mcast
+- Fix for Async crypto with GCC 7.1 and HMAC when not using Intel QuickAssist
+- Improvements and enhancements to Intel QuickAssist support
+- Added Xilinx port
+- Added SHA3 Keccak feature, --enable-sha3
+- Expand wolfSSL Python wrapper to now include a client side implementation
+- Adjust example servers to not treat a peer closed error as a hard error
+- Added more sanity checks to fp_read_unsigned_bin function
+- Add SHA224 and AES key wrap to ARMv8 port
+- Update MQX classics and mmCAU ports
+- Fix for potential buffer over read with wolfSSL_CertPemToDer
+- Add PKCS7/CMS decode support for KARI with IssuerAndSerialNumber
+- Fix ThreadX/NetX warning
+- Fixes for OCSP and CRL non blocking sockets and for incomplete cert chain with OCSP
+- Added RSA PSS sign and verify
+- Fix for STM32F4 AES-GCM
+- Added enable all feature (--enable-all)
+- Added trackmemory feature (--enable-trackmemory)
+- Fixes for AES key wrap and PKCS7 on Windows VS
+- Added benchmark block size argument
+- Support use of staticmemory with PKCS7
+- Fix for Blake2b build with GCC 5.4
+- Fixes for compiling wolfSSL with GCC version 7, most dealing with switch statement fall through warnings.
+- Added warning when compiling without hardened math operations
+
+
+Note:
+There is a known issue with using ChaCha20 AVX assembly on versions of GCC earlier than 5.2. This is encountered with using the wolfSSL enable options --enable-intelasm and --enable-chacha. To avoid this issue ChaCha20 can be enabled with --enable-chacha=noasm.
+If using --enable-intelasm and also using --enable-sha224 or --enable-sha256 there is a known issue with trying to use -fsanitize=address.
+
+This release of wolfSSL fixes 1 low level security vulnerability.
+
+Low level fix for a potential DoS attack on a wolfSSL client. Previously a client would accept many warning alert messages without a limit. This fix puts a limit to the number of warning alert messages received and if this limit is reached a fatal error ALERT_COUNT_E is returned. The max number of warning alerts by default is set to 5 and can be adjusted with the macro WOLFSSL_ALERT_COUNT_MAX. Thanks for the report from Tarun Yadav and Koustav Sadhukhan from Defence Research and Development Organization, INDIA.
+
+
+See INSTALL file for build instructions.
+More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html
+
+
+********* wolfSSL (Formerly CyaSSL) Release 3.11.1 (5/11/2017)
+
+Release 3.11.1 of wolfSSL is a TLS 1.3 BETA release, which includes:
+
+- TLS 1.3 client and server support for TLS 1.3 with Draft 18 support
+
+This is strictly a BETA release, and designed for testing and user feedback.
+Please send any comments, testing results, or feedback to wolfSSL at
+support@wolfssl.com.
+
+See INSTALL file for build instructions.
+More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html
+
+
+********* wolfSSL (Formerly CyaSSL) Release 3.11.0 (5/04/2017)
+
+Release 3.11.0 of wolfSSL has bug fixes and new features including:
+
+- Code updates for warnings reported by Coverity scans
+- Testing and warning fixes for FreeBSD on PowerPC
+- Updates and refactoring done to ASN1 parsing functions
+- Change max PSK identity buffer to account for an identity length of 128 characters
+- Update Arduino script to handle recent files and additions
+- Added support for PKCS#7 Signed Data with ECDSA
+- Fix for interoperability with ChaCha20-Poly1305 suites using older draft versions
+- DTLS update to allow multiple handshake messages in one DTLS record. Thanks to Eric Samsel over at Welch Allyn for reporting this bug.
+- Intel QuickAssist asynchronous support (PR #715 - https://www.wolfssl.com/wolfSSL/Blog/Entries/2017/1/18_wolfSSL_Asynchronous_Intel_QuickAssist_Support.html)
+- Added support for HAproxy load balancer
+- Added option to allow SHA1 with TLS 1.2 for IIS compatibility (WOLFSSL_ALLOW_TLS_SHA1)
+- Added Curve25519 51-bit Implementation, increasing performance on systems that have 128 bit types
+- Fix to not send session ID on server side if session cache is off unless we're echoing
+session ID as part of session tickets
+- Fixes for ensuring all default ciphers are setup correctly (see PR #830)
+- Added NXP Hexiwear example in `IDE/HEXIWEAR`.
+- Added wolfSSL_write_dup() to create write only WOLFSSL object for concurrent access
+- Fixes for TLS elliptic curve selection on private key import.
+- Fixes for RNG with Intel rdrand and rdseed speedups.
+- Improved performance with Intel rdrand to use full 64-bit output
+- Added new --enable-intelrand option to indicate use of RDRAND preference for RNG source
+- Removed RNG ARC4 support
+- Added ECC helpers to get size and id from curve name.
+- Added ECC Cofactor DH (ECC-CDH) support
+- Added ECC private key only import / export functions.
+- Added PKCS8 create function
+- Improvements to TLS layer CTX handling for switching keys / certs.
+- Added check for duplicate certificate policy OID in certificates.
+- Normal math speed-up to not allocate on mp_int and defer until mp_grow
+- Reduce heap usage with fast math when not using ALT_ECC_SIZE
+- Fixes for building CRL with Windows
+- Added support for inline CRL lookup when HAVE_CRL_IO is defined
+- Added port for tenAsys INtime RTOS
+- Improvements to uTKernel port (WOLFSSL_uTKERNEL2)
+- Updated WPA Supplicant support
+- Added support for Nginx
+- Update stunnel port for version 5.40
+- Fixes for STM32 hardware crypto acceleration
+- Extended test code coverage in bundled test.c
+- Added a sanity check for minimum authentication tag size with AES-GCM. Thanks to Yueh-Hsun Lin and Peng Li at KNOX Security at Samsung Research America for suggesting this.
+- Added a sanity check that subject key identifier is marked as non-critical and a check that no policy OIDS appear more than once in the cert policies extension. Thanks to the report from Professor Zhenhua Duan, Professor Cong Tian, and Ph.D candidate Chu Chen from Institute of Computing Theory and Technology (ICTT) of Xidian University, China. Profs. Zhenhua Duan and Cong Tian are supervisors of Ph.D candidate Chu Chen.
+
+
+This release of wolfSSL fixes 5 low and 1 medium level security vulnerability.
+
+3 Low level fixes reported by Yueh-Hsun Lin and Peng Li from KNOX Security, Samsung Research America.
+- Fix for out of bounds memory access in wc_DhParamsLoad() when GetLength() returns a zero. Before this fix there is a case where wolfSSL would read out of bounds memory in the function wc_DhParamsLoad.
+- Fix for DH key accepted by wc_DhAgree when the key was malformed.
+- Fix for a double free case when adding CA cert into X509_store.
+
+Low level fix for memory management with static memory feature enabled. By default static memory is disabled. Thanks to GitHub user hajjihraf for reporting this.
+
+Low level fix for out of bounds write in the function wolfSSL_X509_NAME_get_text_by_NID. This function is not used by TLS or crypto operations but could result in a buffer out of bounds write by one if called explicitly in an application. Discovered by Aleksandar Nikolic of Cisco Talos. http://talosintelligence.com/vulnerability-reports/
+
+Medium level fix for check on certificate signature. There is a case in release versions 3.9.10, 3.10.0 and 3.10.2 where a corrupted signature on a peer certificate would not be properly flagged. Thanks to Wens Lo, James Tsai, Kenny Chang, and Oscar Yang at Castles Technology.
+
+
+See INSTALL file for build instructions.
+More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html
+
+
 ********* wolfSSL (Formerly CyaSSL) Release 3.10.2 (2/10/2017)
 
 Release 3.10.2 of wolfSSL has bug fixes and new features including:

README.md

@@ -4,7 +4,7 @@
 ```
 wolfSSL as of 3.6.6 no longer enables SSLv3 by default.  wolfSSL also no
 longer supports static key cipher suites with PSK, RSA, or ECDH.  This means
-if you plan to use TLS cipher suites you must enable DH (DH is on  by default),
+if you plan to use TLS cipher suites you must enable DH (DH is on by default),
 or enable ECC (ECC is on by default on 64bit systems), or you must enable static
 key cipher suites with
     WOLFSSL_STATIC_DH
@@ -13,12 +13,12 @@ key cipher suites with
     WOLFSSL_STATIC_PSK
 
 though static key cipher suites are deprecated and will be removed from future
-versions of TLS.  They also lower your security by removing PFS. Since current
+versions of TLS.  They also lower your security by removing PFS.  Since current
 NTRU suites available do not use ephemeral keys, WOLFSSL_STATIC_RSA needs to be
 used in order to build with NTRU suites.
 
 
-When compiling ssl.c wolfSSL will now issue a compiler error if no cipher suites
+When compiling ssl.c, wolfSSL will now issue a compiler error if no cipher suites
 are available.  You can remove this error by defining WOLFSSL_ALLOW_NO_SUITES
 in the event that you desire that, i.e., you're not using TLS cipher suites.
 ```
@@ -38,6 +38,142 @@ wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
 before calling wolfSSL_new();  Though it's not recommended.
 ```
 
+# wolfSSL (Formerly CyaSSL) Release 3.12.0 (8/04/2017)
+
+## Release 3.12.0 of wolfSSL has bug fixes and new features including:
+
+- TLS 1.3 with Nginx! TLS 1.3 with ARMv8! TLS 1.3 with Async Crypto! (--enable-tls13)
+- TLS 1.3 0RTT feature added
+- Added port for using Intel SGX with Linux
+- Update and fix PIC32MZ port
+- Additional unit testing for MD5, SHA, SHA224, SHA256, SHA384, SHA512, RipeMd, HMAC, 3DES, IDEA, ChaCha20, ChaCha20Poly1305 AEAD, Camellia, Rabbit, ARC4, AES, RSA, Hc128
+- AVX and AVX2 assembly for improved ChaCha20 performance
+- Intel QAT fixes for when using --disable-fastmath
+- Update how DTLS handles decryption and MAC failures
+- Update DTLS session export version number for --enable-sessionexport feature
+- Add additional input argument sanity checks to ARMv8 assembly port
+- Fix for making PKCS12 dynamic types match
+- Fixes for potential memory leaks when using --enable-fast-rsa
+- Fix for when using custom ECC curves and add BRAINPOOLP256R1 test
+- Update TI-RTOS port for dependency on new wolfSSL source files
+- DTLS multicast feature added, --enable-mcast
+- Fix for Async crypto with GCC 7.1 and HMAC when not using Intel QuickAssist
+- Improvements and enhancements to Intel QuickAssist support
+- Added Xilinx port
+- Added SHA3 Keccak feature, --enable-sha3
+- Expand wolfSSL Python wrapper to now include a client side implementation
+- Adjust example servers to not treat a peer closed error as a hard error
+- Added more sanity checks to fp_read_unsigned_bin function
+- Add SHA224 and AES key wrap to ARMv8 port
+- Update MQX classics and mmCAU ports
+- Fix for potential buffer over read with wolfSSL_CertPemToDer
+- Add PKCS7/CMS decode support for KARI with IssuerAndSerialNumber
+- Fix ThreadX/NetX warning
+- Fixes for OCSP and CRL non blocking sockets and for incomplete cert chain with OCSP
+- Added RSA PSS sign and verify
+- Fix for STM32F4 AES-GCM
+- Added enable all feature (--enable-all)
+- Added trackmemory feature (--enable-trackmemory)
+- Fixes for AES key wrap and PKCS7 on Windows VS
+- Added benchmark block size argument
+- Support use of staticmemory with PKCS7
+- Fix for Blake2b build with GCC 5.4
+- Fixes for compiling wolfSSL with GCC version 7, most dealing with switch statement fall through warnings.
+- Added warning when compiling without hardened math operations
+
+
+Note:
+There is a known issue with using ChaCha20 AVX assembly on versions of GCC earlier than 5.2. This is encountered with using the wolfSSL enable options --enable-intelasm and --enable-chacha. To avoid this issue ChaCha20 can be enabled with --enable-chacha=noasm.
+If using --enable-intelasm and also using --enable-sha224 or --enable-sha256 there is a known issue with trying to use -fsanitize=address.
+
+This release of wolfSSL fixes 1 low level security vulnerability.
+
+Low level fix for a potential DoS attack on a wolfSSL client. Previously a client would accept many warning alert messages without a limit. This fix puts a limit to the number of warning alert messages received and if this limit is reached a fatal error ALERT_COUNT_E is returned. The max number of warning alerts by default is set to 5 and can be adjusted with the macro WOLFSSL_ALERT_COUNT_MAX. Thanks for the report from Tarun Yadav and Koustav Sadhukhan from Defence Research and Development Organization, INDIA.
+
+
+See INSTALL file for build instructions.
+More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html
+
+
+# wolfSSL (Formerly CyaSSL) Release 3.11.1 (5/11/2017)
+
+## Release 3.11.1 of wolfSSL is a TLS 1.3 BETA release, which includes:
+
+- TLS 1.3 client and server support for TLS 1.3 with Draft 18 support
+
+This is strictly a BETA release, and designed for testing and user feedback.
+Please send any comments, testing results, or feedback to wolfSSL at
+support@wolfssl.com.
+
+See INSTALL file for build instructions.
+More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html
+
+
+# wolfSSL (Formerly CyaSSL) Release 3.11.0 (5/04/2017)
+
+## Release 3.11.0 of wolfSSL has bug fixes and new features including:
+
+- Code updates for warnings reported by Coverity scans
+- Testing and warning fixes for FreeBSD on PowerPC
+- Updates and refactoring done to ASN1 parsing functions
+- Change max PSK identity buffer to account for an identity length of 128 characters
+- Update Arduino script to handle recent files and additions
+- Added support for PKCS#7 Signed Data with ECDSA
+- Fix for interoperability with ChaCha20-Poly1305 suites using older draft versions
+- DTLS update to allow multiple handshake messages in one DTLS record. Thanks to Eric Samsel over at Welch Allyn for reporting this bug.
+- Intel QuickAssist asynchronous support (PR #715 - https://www.wolfssl.com/wolfSSL/Blog/Entries/2017/1/18_wolfSSL_Asynchronous_Intel_QuickAssist_Support.html)
+- Added support for HAproxy load balancer
+- Added option to allow SHA1 with TLS 1.2 for IIS compatibility (WOLFSSL_ALLOW_TLS_SHA1)
+- Added Curve25519 51-bit Implementation, increasing performance on systems that have 128 bit types
+- Fix to not send session ID on server side if session cache is off unless we're echoing 
+session ID as part of session tickets
+- Fixes for ensuring all default ciphers are setup correctly (see PR #830)
+- Added NXP Hexiwear example in `IDE/HEXIWEAR`.
+- Added wolfSSL_write_dup() to create write only WOLFSSL object for concurrent access
+- Fixes for TLS elliptic curve selection on private key import.
+- Fixes for RNG with Intel rdrand and rdseed speedups.
+- Improved performance with Intel rdrand to use full 64-bit output
+- Added new --enable-intelrand option to indicate use of RDRAND preference for RNG source 
+- Removed RNG ARC4 support
+- Added ECC helpers to get size and id from curve name.
+- Added ECC Cofactor DH (ECC-CDH) support
+- Added ECC private key only import / export functions.
+- Added PKCS8 create function
+- Improvements to TLS layer CTX handling for switching keys / certs.
+- Added check for duplicate certificate policy OID in certificates.
+- Normal math speed-up to not allocate on mp_int and defer until mp_grow
+- Reduce heap usage with fast math when not using ALT_ECC_SIZE
+- Fixes for building CRL with Windows
+- Added support for inline CRL lookup when HAVE_CRL_IO is defined
+- Added port for tenAsys INtime RTOS
+- Improvements to uTKernel port (WOLFSSL_uTKERNEL2)
+- Updated WPA Supplicant support
+- Added support for Nginx
+- Update stunnel port for version 5.40
+- Fixes for STM32 hardware crypto acceleration
+- Extended test code coverage in bundled test.c
+- Added a sanity check for minimum authentication tag size with AES-GCM. Thanks to Yueh-Hsun Lin and Peng Li at KNOX Security at Samsung Research America for suggesting this.
+- Added a sanity check that subject key identifier is marked as non-critical and a check that no policy OIDS appear more than once in the cert policies extension. Thanks to the report from Professor Zhenhua Duan, Professor Cong Tian, and Ph.D candidate Chu Chen from Institute of Computing Theory and Technology (ICTT) of Xidian University, China. Profs. Zhenhua Duan and Cong Tian are supervisors of Ph.D candidate Chu Chen.
+
+This release of wolfSSL fixes 5 low and 1 medium level security vulnerability.
+
+3 Low level fixes reported by Yueh-Hsun Lin and Peng Li from KNOX Security, Samsung Research America.
+- Fix for out of bounds memory access in wc_DhParamsLoad() when GetLength() returns a zero. Before this fix there is a case where wolfSSL would read out of bounds memory in the function wc_DhParamsLoad.
+- Fix for DH key accepted by wc_DhAgree when the key was malformed.
+- Fix for a double free case when adding CA cert into X509_store.
+
+Low level fix for memory management with static memory feature enabled. By default static memory is disabled. Thanks to GitHub user hajjihraf for reporting this.
+
+
+Low level fix for out of bounds write in the function wolfSSL_X509_NAME_get_text_by_NID. This function is not used by TLS or crypto operations but could result in a buffer out of bounds write by one if called explicitly in an application. Discovered by Aleksandar Nikolic of Cisco Talos. http://talosintelligence.com/vulnerability-reports/
+
+Medium level fix for check on certificate signature. There is a case in release versions 3.9.10, 3.10.0 and 3.10.2 where a corrupted signature on a peer certificate would not be properly flagged. Thanks to Wens Lo, James Tsai, Kenny Chang, and Oscar Yang at Castles Technology.
+
+
+See INSTALL file for build instructions.
+More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html
+
+
 # wolfSSL (Formerly CyaSSL) Release 3.10.2 (2/10/2017)
 
 ## Release 3.10.2 of wolfSSL has bug fixes and new features including:

autogen.sh

@@ -22,6 +22,20 @@ if test -e .git; then
   # touch async crypt files
   touch ./wolfcrypt/src/async.c
   touch ./wolfssl/wolfcrypt/async.h
+
+  # touch async port files
+  touch ./wolfcrypt/src/port/intel/quickassist.c
+  touch ./wolfcrypt/src/port/intel/quickassist_mem.c
+  touch ./wolfcrypt/src/port/cavium/cavium_nitrox.c
+  if [ ! -d ./wolfssl/wolfcrypt/port/intel ]; then
+    mkdir ./wolfssl/wolfcrypt/port/intel
+  fi
+  touch ./wolfssl/wolfcrypt/port/intel/quickassist.h
+  touch ./wolfssl/wolfcrypt/port/intel/quickassist_mem.h
+  if [ ! -d ./wolfssl/wolfcrypt/port/cavium ]; then
+    mkdir ./wolfssl/wolfcrypt/port/cavium
+  fi
+  touch ./wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h
 else
   WARNINGS="all"
 fi

certs/crl/crl2.pem

@@ -0,0 +1,80 @@
+Certificate Revocation List (CRL):
+        Version 2 (0x1)
+    Signature Algorithm: sha256WithRSAEncryption
+        Issuer: /C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+        Last Update: Aug 11 20:07:38 2016 GMT
+        Next Update: May  8 20:07:38 2019 GMT
+        CRL extensions:
+            X509v3 CRL Number: 
+                1
+Revoked Certificates:
+    Serial Number: 02
+        Revocation Date: Aug 11 20:07:38 2016 GMT
+    Signature Algorithm: sha256WithRSAEncryption
+         35:c6:7f:57:9a:e5:86:5a:15:1a:e2:e5:2b:9f:54:79:2a:58:
+         51:a2:12:0c:4e:53:58:eb:99:e3:c2:ee:2b:d7:23:e4:3c:4d:
+         0a:ab:ae:71:9b:ce:b1:c1:75:a1:b6:e5:32:5f:10:b0:72:28:
+         2e:74:b1:99:dd:47:53:20:f6:9a:83:5c:bd:20:b0:aa:df:32:
+         f6:95:54:98:9e:59:96:55:7b:0a:74:be:94:66:44:b7:32:82:
+         f0:eb:16:f8:30:86:16:9f:73:43:98:82:b5:5e:ad:58:c0:c8:
+         79:da:ad:b1:b4:d7:fb:34:c1:cc:3a:67:af:a4:56:5a:70:5c:
+         2d:1f:73:16:78:92:01:06:e3:2c:fb:f1:ba:d5:8f:f9:be:dd:
+         e1:4a:ce:de:ca:e6:2d:96:09:24:06:40:9e:10:15:2e:f2:cd:
+         85:d6:84:88:db:9c:4a:7b:75:7a:06:0e:40:02:20:60:7e:91:
+         f7:92:53:1e:34:7a:ea:ee:df:e7:cd:a8:9e:a6:61:b4:56:50:
+         4d:dc:b1:78:0d:86:cf:45:c3:a6:0a:b9:88:2c:56:a7:b1:d3:
+         d3:0d:44:aa:93:a4:05:4d:ce:9f:01:b0:c6:1e:e4:ea:6b:92:
+         6f:93:dd:98:cf:fb:1d:06:72:ac:d4:99:e7:f2:b4:11:57:bd:
+         9d:63:e5:dc
+-----BEGIN X509 CRL-----
+MIICBDCB7QIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMxEDAOBgNV
+BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3Ro
+MRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x
+HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTE2MDgxMTIwMDczOFoX
+DTE5MDUwODIwMDczOFowFDASAgECFw0xNjA4MTEyMDA3MzhaoA4wDDAKBgNVHRQE
+AwIBATANBgkqhkiG9w0BAQsFAAOCAQEANcZ/V5rlhloVGuLlK59UeSpYUaISDE5T
+WOuZ48LuK9cj5DxNCquucZvOscF1obblMl8QsHIoLnSxmd1HUyD2moNcvSCwqt8y
+9pVUmJ5ZllV7CnS+lGZEtzKC8OsW+DCGFp9zQ5iCtV6tWMDIedqtsbTX+zTBzDpn
+r6RWWnBcLR9zFniSAQbjLPvxutWP+b7d4UrO3srmLZYJJAZAnhAVLvLNhdaEiNuc
+Snt1egYOQAIgYH6R95JTHjR66u7f582onqZhtFZQTdyxeA2Gz0XDpgq5iCxWp7HT
+0w1EqpOkBU3OnwGwxh7k6muSb5PdmM/7HQZyrNSZ5/K0EVe9nWPl3A==
+-----END X509 CRL-----
+Certificate Revocation List (CRL):
+        Version 2 (0x1)
+    Signature Algorithm: sha256WithRSAEncryption
+        Issuer: /C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=Programming-2048/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+        Last Update: Aug 11 20:07:38 2016 GMT
+        Next Update: May  8 20:07:38 2019 GMT
+        CRL extensions:
+            X509v3 CRL Number: 
+                3
+No Revoked Certificates.
+    Signature Algorithm: sha256WithRSAEncryption
+         14:85:d5:c8:db:62:74:48:94:5e:dc:52:0f:5e:43:8b:29:83:
+         32:e0:7a:4c:5c:76:e3:7e:c1:87:74:40:b2:6f:f8:33:4c:2c:
+         32:08:f0:5f:d9:85:b3:20:05:34:5d:15:4d:ba:45:bc:2d:9c:
+         ae:40:d0:d8:9a:b3:a1:4f:0b:94:ce:c4:23:c6:bf:a2:f8:a6:
+         02:4c:6d:ad:5a:59:b3:83:55:dd:37:91:f6:75:d4:6f:83:5f:
+         1c:29:94:cd:01:09:dc:38:d8:6c:c0:9f:1e:76:9d:f9:8f:70:
+         0d:48:e5:99:82:90:3a:36:f1:33:17:69:73:8a:ee:a7:22:4c:
+         58:93:a1:dc:59:b9:44:8f:88:99:0b:c4:d3:74:aa:02:9a:84:
+         36:48:d8:a0:05:73:bc:14:32:1e:76:23:85:c5:94:56:b2:2c:
+         61:3b:07:d7:bd:0c:27:f7:d7:23:40:bd:0c:6c:c7:e0:f7:28:
+         74:67:98:20:93:72:16:b6:6e:67:3f:9e:c9:34:c5:64:09:bf:
+         b1:ab:87:0c:80:b6:1f:89:d8:0e:67:c2:c7:19:df:ee:9f:b2:
+         e6:fb:64:3d:82:7a:47:e2:8d:a3:93:1d:29:f6:94:db:83:2f:
+         b6:0a:a0:da:77:e3:56:ec:d7:d2:22:3c:88:4d:4a:87:de:b5:
+         1c:eb:7b:08
+-----BEGIN X509 CRL-----
+MIIB+DCB4QIBATANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCVVMxEDAOBgNV
+BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZTU0xf
+MjA0ODEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMjA0ODEYMBYGA1UEAwwPd3d3Lndv
+bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0xNjA4
+MTEyMDA3MzhaFw0xOTA1MDgyMDA3MzhaoA4wDDAKBgNVHRQEAwIBAzANBgkqhkiG
+9w0BAQsFAAOCAQEAFIXVyNtidEiUXtxSD15DiymDMuB6TFx2437Bh3RAsm/4M0ws
+MgjwX9mFsyAFNF0VTbpFvC2crkDQ2JqzoU8LlM7EI8a/ovimAkxtrVpZs4NV3TeR
+9nXUb4NfHCmUzQEJ3DjYbMCfHnad+Y9wDUjlmYKQOjbxMxdpc4rupyJMWJOh3Fm5
+RI+ImQvE03SqApqENkjYoAVzvBQyHnYjhcWUVrIsYTsH170MJ/fXI0C9DGzH4Pco
+dGeYIJNyFrZuZz+eyTTFZAm/sauHDIC2H4nYDmfCxxnf7p+y5vtkPYJ6R+KNo5Md
+KfaU24Mvtgqg2nfjVuzX0iI8iE1Kh961HOt7CA==
+-----END X509 CRL-----

certs/crl/include.am

@@ -6,7 +6,8 @@ EXTRA_DIST += \
 	     certs/crl/crl.pem \
 	     certs/crl/cliCrl.pem \
 	     certs/crl/eccSrvCRL.pem \
-	     certs/crl/eccCliCRL.pem
+	     certs/crl/eccCliCRL.pem \
+	     certs/crl/crl2.pem
 
 EXTRA_DIST += \
 	     certs/crl/crl.revoked

certs/ecc-privOnlyCert.pem

@@ -0,0 +1,8 @@
+-----BEGIN CERTIFICATE-----
+MIIBJDCByaADAgECAgEAMAwGCCqGSM49BAMCBQAwGjELMAkGA1UEChMCV1IxCzAJBgNVBAYTAkRF
+MB4XDTE3MDIwNjE0NTY0MVoXDTE4MDIwNjE0NTY0MVowGjELMAkGA1UEChMCV1IxCzAJBgNVBAYT
+AkRFMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEJcD9Frgr8rgKHt2szmJSfFgKYH1Xddq9EcHV
+KupUa3bmPTb33VGXa6gm/numvZZVhVCdmn5pAdhDRYnZ/korJjAMBggqhkjOPQQDAgUAA0gAMEUC
+IDnBQOHgHIudh7nFB0wG/WFMoUutVFN0uQPbVJSWwbQHAiEAmw25n+eEMgMK4Gi7qH1lzxm11WX0
+jM1gxQSGZTaja8s=
+-----END CERTIFICATE-----

certs/ecc-privOnlyKey.pem

@@ -0,0 +1,4 @@
+-----BEGIN PRIVATE KEY-----
+MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCBmlE/nixmHCpmplUopbqNEo+jJE40p
+wfkxzH01tAWqcQ==
+-----END PRIVATE KEY-----

certs/ecc-privkey.pem

@@ -0,0 +1,4 @@
+-----BEGIN EC PRIVATE KEY-----
+MDECAQEEIEW2aQJznGyFoThbcujox6zEA41TNQT6bCjcNI3hqAmMoAoGCCqGSM49
+AwEH
+-----END EC PRIVATE KEY-----

certs/ed25519/ca-ed25519-key.pem

@@ -0,0 +1,4 @@
+-----BEGIN EDDSA PRIVATE KEY-----
+MFICAQAwBQYDK2VwBCIEIE3EyZVR/gbofvUgIsCeuA3yZ9E7DbTQxW7HMDYQhbxl
+oSIEIEEH7HUMaHISPASCB24Wb0BBbaSPCPLinadDwiQomH6s
+-----END EDDSA PRIVATE KEY-----

certs/ed25519/ca-ed25519.pem

@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICWTCCAgugAwIBAgIIAfbhPrx5oYUwBQYDK2VwMIGfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjENMAsGA1UEBAwEUm9v
+dDEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYGA1UEAwwP
+d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
+MCIYDzIwMTcwNTI4MjMyNjI5WhgPMjAxOTA1MjkyMzI2MjlaMIGdMQswCQYDVQQG
+EwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjELMAkGA1UE
+BAwCQ0ExEDAOBgNVBAoMB3dvbGZTU0wxEDAOBgNVBAsMB0VEMjU1MTkxGDAWBgNV
+BAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
+LmNvbTAqMAUGAytlcAMhAEEH7HUMaHISPASCB24Wb0BBbaSPCPLinadDwiQomH6s
+o2EwXzAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBSS1Qva8QSLuaGLAwKfWAA1Ngd6
+yTAfBgNVHSMEGDAWgBSGwCfpnvqFwf3jb/xUWXI3xzOSuzAPBgNVHQ8BAf8EBQMC
+AcYAMAUGAytlcANBACIbBhfAEXQfZNGj9nsGABoLUI7rsWOSRbrc4sFoFCMMbiyV
+PLEcGSeYUD5VUczESVivuUZP7ZxXOAQp1KkS/gg=
+-----END CERTIFICATE-----

certs/ed25519/client-ed25519-key.pem

@@ -0,0 +1,4 @@
+-----BEGIN EDDSA PRIVATE KEY-----
+MFICAQAwBQYDK2VwBCIEIBGdNYxa3ommO8aYO1oGaGSRQBqDYB0sKOdR3bqejqIQ
+oSIEIDY9UZ60w5FgsDoJuIdapQUPW1PlZBc+cLkNZhKk5fFR
+-----END EDDSA PRIVATE KEY-----

certs/ed25519/client-ed25519.pem

@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICUTCCAgOgAwIBAgIIAckQps/YSE8wBQYDK2VwMIGhMQswCQYDVQQGEwJVUzEQ
+MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEPMA0GA1UEBAwGY2xp
+ZW50MRAwDgYDVQQKDAd3b2xmU1NMMRAwDgYDVQQLDAdFRDI1NTE5MRgwFgYDVQQD
+DA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
+b20wIhgPMjAxNzA1MjgyMzI2MjlaGA8yMDE5MDUyOTIzMjYyOVowgaExCzAJBgNV
+BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQ8wDQYD
+VQQEDAZjbGllbnQxEDAOBgNVBAoMB3dvbGZTU0wxEDAOBgNVBAsMB0VEMjU1MTkx
+GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
+b2xmc3NsLmNvbTAqMAUGAytlcAMhADY9UZ60w5FgsDoJuIdapQUPW1PlZBc+cLkN
+ZhKk5fFRo1MwUTAdBgNVHQ4EFgQUppdwk1xpkyuWMh6Heza6k5opV/EwHwYDVR0j
+BBgwFoAUppdwk1xpkyuWMh6Heza6k5opV/EwDwYDVR0PAQH/BAUDAgbAADAFBgMr
+ZXADQQCUo3bb4Zv2vjs09vniOoogAIHBlj4tOdodJ/vVfSFRGfo5MTbFOa4RmAvZ
+kz+W324RkBsIl8R8ksENe87bJwAP
+-----END CERTIFICATE-----

certs/ed25519/root-ed25519-key.pem

@@ -0,0 +1,4 @@
+-----BEGIN EDDSA PRIVATE KEY-----
+MFICAQAwBQYDK2VwBCIEIFwOftlJ9QL4yEBIBh9UmTRwCu+A6puPK9OFmVk0A19P
+oSIEIKZgKbt92EfL1B7QbQ9XANgqH1BqQrxd5bgZZbLfJK9Q
+-----END EDDSA PRIVATE KEY-----

certs/ed25519/root-ed25519.pem

@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICWzCCAg2gAwIBAgIIAcUx7uhNOB4wBQYDK2VwMIGfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjENMAsGA1UEBAwEUm9v
+dDEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYGA1UEAwwP
+d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
+MCIYDzIwMTcwNTI4MjMyNjI5WhgPMjAxOTA1MjkyMzI2MjlaMIGfMQswCQYDVQQG
+EwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjENMAsGA1UE
+BAwEUm9vdDEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYG
+A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz
+c2wuY29tMCowBQYDK2VwAyEApmApu33YR8vUHtBtD1cA2CofUGpCvF3luBllst8k
+r1CjYTBfMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFIbAJ+me+oXB/eNv/FRZcjfH
+M5K7MB8GA1UdIwQYMBaAFIbAJ+me+oXB/eNv/FRZcjfHM5K7MA8GA1UdDwEB/wQF
+AwIBxgAwBQYDK2VwA0EAGj129Ed4mXezQYuGBMzeglOtvFvz3UqPLBGTRI49gqqw
+2/VnVoX532VvhensyCrk3/tRluh1wMnenEQlncm/CQ==
+-----END CERTIFICATE-----

certs/ed25519/server-ed25519-key.pem

@@ -0,0 +1,4 @@
+-----BEGIN EDDSA PRIVATE KEY-----
+MFICAQAwBQYDK2VwBCIEINjpdrI/H/eIdfXd+HrGSTBu6Z/LnR4rwBjvu3WJ5ndn
+oSIEIBowiBhHL5faBPSk471sDBa5SMHRQteOkoSgdCpDng4p
+-----END EDDSA PRIVATE KEY-----

certs/ed25519/server-ed25519.pem

@@ -0,0 +1,30 @@
+-----BEGIN CERTIFICATE-----
+MIICSzCCAf2gAwIBAgIIAdCSEGpaRlcwBQYDK2VwMIGdMQswCQYDVQQGEwJVUzEQ
+MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjELMAkGA1UEBAwCQ0Ex
+EDAOBgNVBAoMB3dvbGZTU0wxEDAOBgNVBAsMB0VEMjU1MTkxGDAWBgNVBAMMD3d3
+dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAi
+GA8yMDE3MDUyODIzMjYyOVoYDzIwMTkwNTI5MjMyNjI5WjCBnzELMAkGA1UEBhMC
+VVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xDTALBgNVBAQM
+BExlYWYxEDAOBgNVBAoMB3dvbGZTU0wxEDAOBgNVBAsMB0VEMjU1MTkxGDAWBgNV
+BAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
+LmNvbTAqMAUGAytlcAMhABowiBhHL5faBPSk471sDBa5SMHRQteOkoSgdCpDng4p
+o1MwUTAdBgNVHQ4EFgQU9rKEGpW0cDJT/tnrmymAS9a18cAwHwYDVR0jBBgwFoAU
+ktUL2vEEi7mhiwMCn1gANTYHeskwDwYDVR0PAQH/BAUDAgbAADAFBgMrZXADQQAS
+VncMlkKY2skVbE5IlQUd0Hgy+IZGmkabZIsxsBlrd5mL//wCNgULaTeHYnXaUCwt
+XVKUPwCdGEVvNxKO9OQA
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICWTCCAgugAwIBAgIIAfbhPrx5oYUwBQYDK2VwMIGfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjENMAsGA1UEBAwEUm9v
+dDEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYGA1UEAwwP
+d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
+MCIYDzIwMTcwNTI4MjMyNjI5WhgPMjAxOTA1MjkyMzI2MjlaMIGdMQswCQYDVQQG
+EwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjELMAkGA1UE
+BAwCQ0ExEDAOBgNVBAoMB3dvbGZTU0wxEDAOBgNVBAsMB0VEMjU1MTkxGDAWBgNV
+BAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
+LmNvbTAqMAUGAytlcAMhAEEH7HUMaHISPASCB24Wb0BBbaSPCPLinadDwiQomH6s
+o2EwXzAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBSS1Qva8QSLuaGLAwKfWAA1Ngd6
+yTAfBgNVHSMEGDAWgBSGwCfpnvqFwf3jb/xUWXI3xzOSuzAPBgNVHQ8BAf8EBQMC
+AcYAMAUGAytlcANBACIbBhfAEXQfZNGj9nsGABoLUI7rsWOSRbrc4sFoFCMMbiyV
+PLEcGSeYUD5VUczESVivuUZP7ZxXOAQp1KkS/gg=
+-----END CERTIFICATE-----

certs/external/ca-digicert-ev.pem

@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAwMFoXDTMxMTExMDAwMDAwMFowbDEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
+LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug
+RVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm
++9S75S0tMqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTW
+PNt0OKRKzE0lgvdKpVMSOO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEM
+xChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFB
+Ik5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQNAQTXKFx01p8VdteZOE3
+hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUeh10aUAsg
+EsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQF
+MAMBAf8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaA
+FLE+w2kD+L9HAdSYJhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3Nec
+nzyIZgYIVyHbIUf4KmeqvxgydkAQV8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6z
+eM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFpmyPInngiK3BD41VHMWEZ71jF
+hS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkKmNEVX58Svnw2
+Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
+vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
++OkuE6N36B9K
+-----END CERTIFICATE-----

certs/include.am

@@ -9,6 +9,7 @@ EXTRA_DIST += \
 	     certs/client-keyEnc.pem \
 	     certs/client-key.pem \
 	     certs/ecc-key.pem \
+	     certs/ecc-privkey.pem \
 	     certs/ecc-keyPkcs8Enc.pem \
 	     certs/ecc-key-comp.pem \
 	     certs/ecc-keyPkcs8.pem \
@@ -33,7 +34,9 @@ EXTRA_DIST += \
 	     certs/server-revoked-key.pem \
 	     certs/wolfssl-website-ca.pem \
 	     certs/test-servercert.p12 \
-	     certs/dsaparams.pem
+	     certs/dsaparams.pem \
+             certs/ecc-privOnlyKey.pem \
+             certs/ecc-privOnlyCert.pem
 EXTRA_DIST += \
 	     certs/ca-key.der \
 	     certs/ca-cert.der \
@@ -53,7 +56,24 @@ EXTRA_DIST += \
 	     certs/server-ecc-comp.der \
 	     certs/server-ecc.der \
 	     certs/server-ecc-rsa.der \
-         certs/server-cert-chain.der
+	     certs/server-cert-chain.der
+EXTRA_DIST += \
+             certs/ed25519/ca-ed25519.der \
+             certs/ed25519/ca-ed25519-key.der \
+             certs/ed25519/ca-ed25519-key.pem \
+             certs/ed25519/ca-ed25519.pem \
+             certs/ed25519/client-ed25519.der \
+             certs/ed25519/client-ed25519-key.der \
+             certs/ed25519/client-ed25519-key.pem \
+             certs/ed25519/client-ed25519.pem \
+             certs/ed25519/root-ed25519.der \
+             certs/ed25519/root-ed25519-key.der \
+             certs/ed25519/root-ed25519-key.pem \
+             certs/ed25519/root-ed25519.pem \
+             certs/ed25519/server-ed25519.der \
+             certs/ed25519/server-ed25519-key.der \
+             certs/ed25519/server-ed25519-key.pem \
+             certs/ed25519/server-ed25519.pem
 
 dist_doc_DATA+= certs/taoCert.txt
 

certs/ocsp/include.am

@@ -3,15 +3,11 @@
 #
 
 EXTRA_DIST += \
-        certs/ocsp/index0.txt \
-        certs/ocsp/index1.txt \
-        certs/ocsp/index2.txt \
-        certs/ocsp/index3.txt \
+        certs/ocsp/index-ca-and-intermediate-cas.txt \
+        certs/ocsp/index-intermediate1-ca-issued-certs.txt \
+        certs/ocsp/index-intermediate3-ca-issued-certs.txt \
+        certs/ocsp/index-intermediate3-ca-issued-certs.txt \
         certs/ocsp/openssl.cnf \
-        certs/ocsp/ocspd0.sh \
-        certs/ocsp/ocspd1.sh \
-        certs/ocsp/ocspd2.sh \
-        certs/ocsp/ocspd3.sh \
         certs/ocsp/intermediate1-ca-key.pem \
         certs/ocsp/intermediate1-ca-cert.pem \
         certs/ocsp/intermediate2-ca-key.pem \

certs/ocsp/ocspd-intermediate1-ca-issued-certs-with-ca-as-responder.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+openssl ocsp -port 22221 -nmin 1                                \
+    -index   certs/ocsp/index-intermediate1-ca-issued-certs.txt \
+    -rsigner certs/ocsp/intermediate1-ca-cert.pem               \
+    -rkey    certs/ocsp/intermediate1-ca-key.pem                \
+    -CA      certs/ocsp/intermediate1-ca-cert.pem               \
+    $@

certs/ocsp/ocspd-intermediate1-ca-issued-certs.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+openssl ocsp -port 22221 -nmin 1                                \
+    -index   certs/ocsp/index-intermediate1-ca-issued-certs.txt \
+    -rsigner certs/ocsp/ocsp-responder-cert.pem                 \
+    -rkey    certs/ocsp/ocsp-responder-key.pem                  \
+    -CA      certs/ocsp/intermediate1-ca-cert.pem               \
+    $@

certs/ocsp/ocspd-intermediate2-ca-issued-certs.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+openssl ocsp -port 22222 -nmin 1                                \
+    -index   certs/ocsp/index-intermediate2-ca-issued-certs.txt \
+    -rsigner certs/ocsp/ocsp-responder-cert.pem                 \
+    -rkey    certs/ocsp/ocsp-responder-key.pem                  \
+    -CA      certs/ocsp/intermediate2-ca-cert.pem               \
+    $@

certs/ocsp/ocspd-intermediate3-ca-issued-certs.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+openssl ocsp -port 22223 -nmin 1                                \
+    -index   certs/ocsp/index-intermediate3-ca-issued-certs.txt \
+    -rsigner certs/ocsp/ocsp-responder-cert.pem                 \
+    -rkey    certs/ocsp/ocsp-responder-key.pem                  \
+    -CA      certs/ocsp/intermediate3-ca-cert.pem               \
+    $@

certs/ocsp/ocspd-root-ca-and-intermediate-cas.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+openssl ocsp -port 22220 -nmin 1                          \
+    -index   certs/ocsp/index-ca-and-intermediate-cas.txt \
+    -rsigner certs/ocsp/ocsp-responder-cert.pem           \
+    -rkey    certs/ocsp/ocsp-responder-key.pem            \
+    -CA      certs/ocsp/root-ca-cert.pem                  \
+    $@

certs/ocsp/ocspd0.sh

@@ -1,8 +0,0 @@
-#!/bin/sh
-
-openssl ocsp -port 22220 -nmin 1                \
-    -index   certs/ocsp/index0.txt              \
-    -rsigner certs/ocsp/ocsp-responder-cert.pem \
-    -rkey    certs/ocsp/ocsp-responder-key.pem  \
-    -CA      certs/ocsp/root-ca-cert.pem        \
-    $@

certs/ocsp/ocspd1.sh

@@ -1,8 +0,0 @@
-#!/bin/sh
-
-openssl ocsp -port 22221 -nmin 1                  \
-    -index   certs/ocsp/index1.txt                \
-    -rsigner certs/ocsp/ocsp-responder-cert.pem   \
-    -rkey    certs/ocsp/ocsp-responder-key.pem    \
-    -CA      certs/ocsp/intermediate1-ca-cert.pem \
-    $@

certs/ocsp/ocspd2.sh

@@ -1,8 +0,0 @@
-#!/bin/sh
-
-openssl ocsp -port 22222 -nmin 1                  \
-    -index   certs/ocsp/index2.txt                \
-    -rsigner certs/ocsp/ocsp-responder-cert.pem   \
-    -rkey    certs/ocsp/ocsp-responder-key.pem    \
-    -CA      certs/ocsp/intermediate2-ca-cert.pem \
-    $@

certs/ocsp/ocspd3.sh

@@ -1,8 +0,0 @@
-#!/bin/sh
-
-openssl ocsp -port 22223 -nmin 1                  \
-    -index   certs/ocsp/index3.txt                \
-    -rsigner certs/ocsp/ocsp-responder-cert.pem   \
-    -rkey    certs/ocsp/ocsp-responder-key.pem    \
-    -CA      certs/ocsp/intermediate3-ca-cert.pem \
-    $@

certs/renewcerts.sh

@@ -16,6 +16,7 @@
 #                       1024/client-cert.pem
 #                       server-ecc-comp.pem
 #                       client-ca.pem
+#                       test/digsigku.pem
 # updates the following crls:
 #                       crl/cliCrl.pem
 #                       crl/crl.pem
@@ -225,6 +226,22 @@ function run_renewcerts(){
     echo ""
     cat client-cert.pem client-ecc-cert.pem > client-ca.pem
 
+    ############################################################
+    ###### update the self-signed test/digsigku.pem   ##########
+    ############################################################
+    echo "Updating test/digsigku.pem"
+    echo ""
+    #pipe the following arguments to openssl req...
+    echo -e "US\nWashington\nSeattle\nFoofarah\nArglebargle\nfoobarbaz\ninfo@worlss.com\n.\n.\n" | openssl req -new -key ecc-key.pem -nodes -sha1 -out digsigku.csr
+
+
+    openssl x509 -req -in digsigku.csr -days 1000 -extfile wolfssl.cnf -extensions digsigku -signkey ecc-key.pem -sha1 -set_serial 16393466893990650224 -out digsigku.pem
+    rm digsigku.csr
+
+    openssl x509 -in digsigku.pem -text > tmp.pem
+    mv tmp.pem digsigku.pem
+    mv digsigku.pem test/digsigku.pem
+
     ############################################################
     ########## make .der files from .pem files #################
     ############################################################

certs/renewcerts/wolfssl.cnf

@@ -163,6 +163,13 @@ userNotice.1=@policy_usr
 [ policy_usr ]
 explicitText="Test of duplicate OIDs with different qualifiers"
 
+# create certificate without the digitalSignature bit set and uses sha1 sig
+[ digsigku ]
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always
+basicConstraints=critical, CA:TRUE
+keyUsage=critical, nonRepudiation, keyEncipherment
+
 #tsa default
 [ tsa ]
 default_tsa = tsa_config1

certs/test/digsigku.pem

@@ -1,17 +1,16 @@
 Certificate:
     Data:
         Version: 3 (0x2)
-        Serial Number:
-            e3:81:4b:48:a5:70:61:70
-        Signature Algorithm: ecdsa-with-SHA1
+        Serial Number: 16393466893990650224 (0xe3814b48a5706170)
+    Signature Algorithm: ecdsa-with-SHA1
         Issuer: C=US, ST=Washington, L=Seattle, O=Foofarah, OU=Arglebargle, CN=foobarbaz/emailAddress=info@worlss.com
         Validity
-            Not Before: Sep 10 00:45:36 2014 GMT
-            Not After : Jun  6 00:45:36 2017 GMT
+            Not Before: May  3 00:07:20 2017 GMT
+            Not After : Jan 28 00:07:20 2020 GMT
         Subject: C=US, ST=Washington, L=Seattle, O=Foofarah, OU=Arglebargle, CN=foobarbaz/emailAddress=info@worlss.com
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
-            EC Public Key:
+                Public-Key: (256 bit)
                 pub: 
                     04:bb:33:ac:4c:27:50:4a:c6:4a:a5:04:c3:3c:de:
                     9f:36:db:72:2d:ce:94:ea:2b:fa:cb:20:09:39:2c:
@@ -19,34 +18,40 @@ Certificate:
                     21:7f:f0:cf:18:da:91:11:02:34:86:e8:20:58:33:
                     0b:80:34:89:d8
                 ASN1 OID: prime256v1
+                NIST CURVE: P-256
         X509v3 extensions:
             X509v3 Subject Key Identifier: 
                 5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30
             X509v3 Authority Key Identifier: 
                 keyid:5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30
+                DirName:/C=US/ST=Washington/L=Seattle/O=Foofarah/OU=Arglebargle/CN=foobarbaz/emailAddress=info@worlss.com
+                serial:E3:81:4B:48:A5:70:61:70
 
             X509v3 Basic Constraints: critical
                 CA:TRUE
             X509v3 Key Usage: critical
                 Non Repudiation, Key Encipherment
     Signature Algorithm: ecdsa-with-SHA1
-        30:46:02:21:00:f4:36:ee:86:21:d5:c7:1f:2d:0d:bb:29:ae:
-        c1:74:ff:a3:ce:41:fe:cb:93:eb:ff:ef:fe:e3:4d:20:e5:18:
-        65:02:21:00:b1:39:13:12:e2:b5:19:f2:8f:5b:40:ac:7a:5c:
-        e2:a6:e3:d3:e6:9f:79:3c:29:d8:c6:7d:88:f4:60:0c:48:00
+         30:46:02:21:00:fe:d6:30:36:fb:43:39:51:d7:4a:02:24:5e:
+         b4:b1:11:e3:83:66:00:fc:24:12:1a:7e:a8:05:77:ca:f7:24:
+         2d:02:21:00:fb:59:c3:e9:6e:9b:f6:a2:46:0b:d8:ad:33:fb:
+         89:2d:80:d6:1d:68:1f:f7:d7:93:f1:0b:7a:6b:81:f5:af:62
 -----BEGIN CERTIFICATE-----
-MIICfTCCAiOgAwIBAgIJAOOBS0ilcGFwMAkGByqGSM49BAEwgZExCzAJBgNVBAYT
+MIIDKTCCAs+gAwIBAgIJAOOBS0ilcGFwMAkGByqGSM49BAEwgZExCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMREwDwYD
 VQQKDAhGb29mYXJhaDEUMBIGA1UECwwLQXJnbGViYXJnbGUxEjAQBgNVBAMMCWZv
-b2JhcmJhejEeMBwGCSqGSIb3DQEJARYPaW5mb0B3b3Jsc3MuY29tMB4XDTE0MDkx
-MDAwNDUzNloXDTE3MDYwNjAwNDUzNlowgZExCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+b2JhcmJhejEeMBwGCSqGSIb3DQEJARYPaW5mb0B3b3Jsc3MuY29tMB4XDTE3MDUw
+MzAwMDcyMFoXDTIwMDEyODAwMDcyMFowgZExCzAJBgNVBAYTAlVTMRMwEQYDVQQI
 DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMREwDwYDVQQKDAhGb29mYXJh
 aDEUMBIGA1UECwwLQXJnbGViYXJnbGUxEjAQBgNVBAMMCWZvb2JhcmJhejEeMBwG
 CSqGSIb3DQEJARYPaW5mb0B3b3Jsc3MuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0D
 AQcDQgAEuzOsTCdQSsZKpQTDPN6fNttyLc6U6iv6yyAJOSwW6GEC6a9N0wKTmjFb
-l5Ihf/DPGNqREQI0huggWDMLgDSJ2KNjMGEwHQYDVR0OBBYEFF1dJu+sfjb5m3YV
-K0olAiPvsokwMB8GA1UdIwQYMBaAFF1dJu+sfjb5m3YVK0olAiPvsokwMA8GA1Ud
-EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgVgMAkGByqGSM49BAEDSQAwRgIhAPQ2
-7oYh1ccfLQ27Ka7BdP+jzkH+y5Pr/+/+400g5RhlAiEAsTkTEuK1GfKPW0Cselzi
-puPT5p95PCnYxn2I9GAMSAA=
+l5Ihf/DPGNqREQI0huggWDMLgDSJ2KOCAQ0wggEJMB0GA1UdDgQWBBRdXSbvrH42
++Zt2FStKJQIj77KJMDCBxgYDVR0jBIG+MIG7gBRdXSbvrH42+Zt2FStKJQIj77KJ
+MKGBl6SBlDCBkTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAO
+BgNVBAcMB1NlYXR0bGUxETAPBgNVBAoMCEZvb2ZhcmFoMRQwEgYDVQQLDAtBcmds
+ZWJhcmdsZTESMBAGA1UEAwwJZm9vYmFyYmF6MR4wHAYJKoZIhvcNAQkBFg9pbmZv
+QHdvcmxzcy5jb22CCQDjgUtIpXBhcDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB
+/wQEAwIFYDAJBgcqhkjOPQQBA0kAMEYCIQD+1jA2+0M5UddKAiRetLER44NmAPwk
+Ehp+qAV3yvckLQIhAPtZw+lum/aiRgvYrTP7iS2A1h1oH/fXk/ELemuB9a9i
 -----END CERTIFICATE-----

examples/echoclient/echoclient.c

@@ -23,19 +23,21 @@
 #ifdef HAVE_CONFIG_H
     #include <config.h>
 #endif
- 
-#include <cyassl/ctaocrypt/settings.h>
 
+#include <cyassl/ctaocrypt/settings.h>
 /* let's use cyassl layer AND cyassl openssl layer */
 #include <cyassl/ssl.h>
 #include <cyassl/openssl/ssl.h>
+#ifdef CYASSL_DTLS
+    #include <cyassl/error-ssl.h>
+#endif
 
 #if defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET)
         #include <stdio.h>
         #include <string.h>
 
         #if !defined(WOLFSSL_MDK_ARM)
-            #include "cmsis_os.h" 
+            #include "cmsis_os.h"
             #include "rl_net.h"
         #else
             #include "rtl.h"
@@ -52,6 +54,8 @@
 
 #include "examples/echoclient/echoclient.h"
 
+#ifndef NO_WOLFSSL_CLIENT
+
 #ifdef WOLFSSL_ASYNC_CRYPT
     static int devId = INVALID_DEVID;
 #endif
@@ -81,16 +85,17 @@ void echoclient_test(void* args)
     int argc    = 0;
     char** argv = 0;
     word16 port = yasslPort;
+    char buffer[CYASSL_MAX_ERROR_SZ];
 
     ((func_args*)args)->return_code = -1; /* error state */
-    
+
 #ifndef WOLFSSL_MDK_SHELL
     argc = ((func_args*)args)->argc;
     argv = ((func_args*)args)->argv;
 #endif
 
     if (argc >= 2) {
-        fin  = fopen(argv[1], "r"); 
+        fin  = fopen(argv[1], "r");
         inCreated = 1;
     }
     if (argc >= 3) {
@@ -105,7 +110,7 @@ void echoclient_test(void* args)
     doDTLS  = 1;
 #endif
 
-#ifdef CYASSL_LEANPSK 
+#ifdef CYASSL_LEANPSK
     doPSK = 1;
 #endif
 
@@ -130,16 +135,16 @@ void echoclient_test(void* args)
 
 #ifndef NO_FILESYSTEM
     #ifndef NO_RSA
-    if (SSL_CTX_load_verify_locations(ctx, caCert, 0) != SSL_SUCCESS)
+    if (SSL_CTX_load_verify_locations(ctx, caCertFile, 0) != SSL_SUCCESS)
         err_sys("can't load ca file, Please run from wolfSSL home dir");
     #endif
     #ifdef HAVE_ECC
-        if (SSL_CTX_load_verify_locations(ctx, eccCert, 0) != SSL_SUCCESS)
+        if (SSL_CTX_load_verify_locations(ctx, eccCertFile, 0) != SSL_SUCCESS)
             err_sys("can't load ca file, Please run from wolfSSL home dir");
     #endif
 #elif !defined(NO_CERTS)
     if (!doPSK)
-        load_buffer(ctx, caCert, WOLFSSL_CA);
+        load_buffer(ctx, caCertFile, WOLFSSL_CA);
 #endif
 
 #if defined(CYASSL_SNIFFER)
@@ -173,15 +178,15 @@ void echoclient_test(void* args)
 
 #ifdef WOLFSSL_ASYNC_CRYPT
     ret = wolfAsync_DevOpen(&devId);
-    if (ret != 0) {
-        err_sys("Async device open failed");
+    if (ret < 0) {
+        printf("Async device open failed\nRunning without async\n");
     }
     wolfSSL_CTX_UseAsync(ctx, devId);
 #endif /* WOLFSSL_ASYNC_CRYPT */
 
     ssl = SSL_new(ctx);
     tcp_connect(&sockfd, yasslIP, port, doDTLS, 0, ssl);
-        
+
     SSL_set_fd(ssl, sockfd);
 #if defined(USE_WINDOWS_API) && defined(CYASSL_DTLS) && defined(NO_MAIN_DRIVER)
     /* let echoserver bind first, TODO: add Windows signal like pthreads does */
@@ -189,31 +194,46 @@ void echoclient_test(void* args)
 #endif
 
     do {
-#ifdef WOLFSSL_ASYNC_CRYPT
-        if (err == WC_PENDING_E) {
-            ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
-            if (ret < 0) { break; } else if (ret == 0) { continue; }
-        }
-#endif
         err = 0; /* Reset error */
         ret = SSL_connect(ssl);
         if (ret != SSL_SUCCESS) {
             err = SSL_get_error(ssl, 0);
+        #ifdef WOLFSSL_ASYNC_CRYPT
+            if (err == WC_PENDING_E) {
+                ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
+                if (ret < 0) break;
+            }
+        #endif
         }
-    } while (ret != SSL_SUCCESS && err == WC_PENDING_E);
-
+    } while (err == WC_PENDING_E);
     if (ret != SSL_SUCCESS) {
-        char buffer[CYASSL_MAX_ERROR_SZ];
-        printf("err = %d, %s\n", err, ERR_error_string(err, buffer));
+        printf("SSL_connect error %d, %s\n", err,
+            ERR_error_string(err, buffer));
         err_sys("SSL_connect failed");
     }
 
     while (fgets(msg, sizeof(msg), fin) != 0) {
-     
+
         sendSz = (int)XSTRLEN(msg);
 
-        if (SSL_write(ssl, msg, sendSz) != sendSz)
+        do {
+            err = 0; /* reset error */
+            ret = SSL_write(ssl, msg, sendSz);
+            if (ret <= 0) {
+                err = SSL_get_error(ssl, 0);
+            #ifdef WOLFSSL_ASYNC_CRYPT
+                if (err == WC_PENDING_E) {
+                    ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
+                    if (ret < 0) break;
+                }
+            #endif
+            }
+        } while (err == WC_PENDING_E);
+        if (ret != sendSz) {
+            printf("SSL_write msg error %d, %s\n", err,
+                ERR_error_string(err, buffer));
             err_sys("SSL_write failed");
+        }
 
         if (strncmp(msg, "quit", 4) == 0) {
             fputs("sending server shutdown command: quit!\n", fout);
@@ -225,29 +245,47 @@ void echoclient_test(void* args)
             break;
         }
 
-        #ifndef WOLFSSL_MDK_SHELL
-        while (sendSz) {
-            int got;
-            if ( (got = SSL_read(ssl, reply, sizeof(reply)-1)) > 0) {
-                reply[got] = 0;
-                fputs(reply, fout);
-                fflush(fout) ;
-                sendSz -= got;
-            }
-            else
-                break;
-        }
-        #else
+    #ifndef WOLFSSL_MDK_SHELL
+        while (sendSz)
+    #endif
         {
-            int got;
-            if ( (got = SSL_read(ssl, reply, sizeof(reply)-1)) > 0) {
-                reply[got] = 0;
+            do {
+                err = 0; /* reset error */
+                ret = SSL_read(ssl, reply, sizeof(reply)-1);
+                if (ret <= 0) {
+                    err = SSL_get_error(ssl, 0);
+                #ifdef WOLFSSL_ASYNC_CRYPT
+                    if (err == WC_PENDING_E) {
+                        ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
+                        if (ret < 0) break;
+                    }
+                #endif
+                }
+            } while (err == WC_PENDING_E);
+            if (ret > 0) {
+                reply[ret] = 0;
                 fputs(reply, fout);
                 fflush(fout) ;
-                sendSz -= got;
+                sendSz -= ret;
+            }
+#ifdef CYASSL_DTLS
+            else if (wolfSSL_dtls(ssl) && err == DECRYPT_ERROR) {
+                /* This condition is OK. The packet should be dropped
+                 * silently when there is a decrypt or MAC error on
+                 * a DTLS record. */
+                sendSz = 0;
+            }
+#endif
+            else {
+                printf("SSL_read msg error %d, %s\n", err,
+                    ERR_error_string(err, buffer));
+                err_sys("SSL_read failed");
+
+            #ifndef WOLFSSL_MDK_SHELL
+                break;
+            #endif
             }
         }
-        #endif
     }
 
 
@@ -255,7 +293,19 @@ void echoclient_test(void* args)
     strncpy(msg, "break", 6);
     sendSz = (int)strlen(msg);
     /* try to tell server done */
-    SSL_write(ssl, msg, sendSz);
+    do {
+        err = 0; /* reset error */
+        ret = SSL_write(ssl, msg, sendSz);
+        if (ret <= 0) {
+            err = SSL_get_error(ssl, 0);
+        #ifdef WOLFSSL_ASYNC_CRYPT
+            if (err == WC_PENDING_E) {
+                ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
+                if (ret < 0) break;
+            }
+        #endif
+        }
+    } while (err == WC_PENDING_E);
 #else
     SSL_shutdown(ssl);
 #endif
@@ -272,9 +322,10 @@ void echoclient_test(void* args)
     if (outCreated) fclose(fout);
 
     CloseSocket(sockfd);
-    ((func_args*)args)->return_code = 0; 
+    ((func_args*)args)->return_code = 0;
 }
 
+#endif /* !NO_WOLFSSL_CLIENT */
 
 /* so overall tests can pull in test function */
 #ifndef NO_MAIN_DRIVER
@@ -300,7 +351,9 @@ void echoclient_test(void* args)
 #ifndef CYASSL_TIRTOS
         ChangeToWolfRoot();
 #endif
+#ifndef NO_WOLFSSL_CLIENT
         echoclient_test(&args);
+#endif
 
         CyaSSL_Cleanup();
 
@@ -311,7 +364,5 @@ void echoclient_test(void* args)
 
         return args.return_code;
     }
-        
+
 #endif /* NO_MAIN_DRIVER */
-
-

examples/echoserver/echoserver.c

@@ -36,8 +36,8 @@
 
         #if !defined(WOLFSSL_MDK_ARM)
             #include "cmsis_os.h"
-            #include "rl_fs.h" 
-            #include "rl_net.h" 
+            #include "rl_fs.h"
+            #include "rl_net.h"
         #else
             #include "rtl.h"
             #include "wolfssl_MDK_ARM.h"
@@ -53,6 +53,8 @@
 
 #include "examples/echoserver/echoserver.h"
 
+#ifndef NO_WOLFSSL_SERVER
+
 #ifdef WOLFSSL_ASYNC_CRYPT
     static int devId = INVALID_DEVID;
 #endif
@@ -91,6 +93,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
     word16 port;
     int    argc = ((func_args*)args)->argc;
     char** argv = ((func_args*)args)->argv;
+    char   buffer[CYASSL_MAX_ERROR_SZ];
 
 #ifdef ECHO_OUT
     FILE* fout = stdout;
@@ -165,23 +168,23 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
     if (doPSK == 0) {
     #if defined(HAVE_NTRU) && defined(WOLFSSL_STATIC_RSA)
         /* ntru */
-        if (CyaSSL_CTX_use_certificate_file(ctx, ntruCert, SSL_FILETYPE_PEM)
+        if (CyaSSL_CTX_use_certificate_file(ctx, ntruCertFile, SSL_FILETYPE_PEM)
                 != SSL_SUCCESS)
             err_sys("can't load ntru cert file, "
                     "Please run from wolfSSL home dir");
 
-        if (CyaSSL_CTX_use_NTRUPrivateKey_file(ctx, ntruKey)
+        if (CyaSSL_CTX_use_NTRUPrivateKey_file(ctx, ntruKeyFile)
                 != SSL_SUCCESS)
             err_sys("can't load ntru key file, "
                     "Please run from wolfSSL home dir");
     #elif defined(HAVE_ECC) && !defined(CYASSL_SNIFFER)
         /* ecc */
-        if (CyaSSL_CTX_use_certificate_file(ctx, eccCert, SSL_FILETYPE_PEM)
+        if (CyaSSL_CTX_use_certificate_file(ctx, eccCertFile, SSL_FILETYPE_PEM)
                 != SSL_SUCCESS)
             err_sys("can't load server cert file, "
                     "Please run from wolfSSL home dir");
 
-        if (CyaSSL_CTX_use_PrivateKey_file(ctx, eccKey, SSL_FILETYPE_PEM)
+        if (CyaSSL_CTX_use_PrivateKey_file(ctx, eccKeyFile, SSL_FILETYPE_PEM)
                 != SSL_SUCCESS)
             err_sys("can't load server key file, "
                     "Please run from wolfSSL home dir");
@@ -189,12 +192,12 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
         /* do nothing, just don't load cert files */
     #else
         /* normal */
-        if (CyaSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM)
+        if (CyaSSL_CTX_use_certificate_file(ctx, svrCertFile, SSL_FILETYPE_PEM)
                 != SSL_SUCCESS)
             err_sys("can't load server cert file, "
                     "Please run from wolfSSL home dir");
 
-        if (CyaSSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM)
+        if (CyaSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM)
                 != SSL_SUCCESS)
             err_sys("can't load server key file, "
                     "Please run from wolfSSL home dir");
@@ -202,8 +205,8 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
     } /* doPSK */
 #elif !defined(NO_CERTS)
     if (!doPSK) {
-        load_buffer(ctx, svrCert, WOLFSSL_CERT);
-        load_buffer(ctx, svrKey,  WOLFSSL_KEY);
+        load_buffer(ctx, svrCertFile, WOLFSSL_CERT);
+        load_buffer(ctx, svrKeyFile,  WOLFSSL_KEY);
     }
 #endif
 
@@ -232,8 +235,8 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
 
 #ifdef WOLFSSL_ASYNC_CRYPT
     ret = wolfAsync_DevOpen(&devId);
-    if (ret != 0) {
-        err_sys("Async device open failed");
+    if (ret < 0) {
+        printf("Async device open failed\nRunning without async\n");
     }
     wolfSSL_CTX_UseAsync(ctx, devId);
 #endif /* WOLFSSL_ASYNC_CRYPT */
@@ -277,29 +280,27 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
             wolfSSL_dtls_set_peer(ssl, &client, client_len);
         #endif
         #if !defined(NO_FILESYSTEM) && !defined(NO_DH) && !defined(NO_ASN)
-            CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM);
+            CyaSSL_SetTmpDH_file(ssl, dhParamFile, SSL_FILETYPE_PEM);
         #elif !defined(NO_DH)
             SetDH(ssl);  /* will repick suites with DHE, higher than PSK */
         #endif
 
         do {
-#ifdef WOLFSSL_ASYNC_CRYPT
-            if (err == WC_PENDING_E) {
-                ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
-                if (ret < 0) { break; } else if (ret == 0) { continue; }
-            }
-#endif
             err = 0; /* Reset error */
             ret = CyaSSL_accept(ssl);
             if (ret != SSL_SUCCESS) {
                 err = CyaSSL_get_error(ssl, 0);
+            #ifdef WOLFSSL_ASYNC_CRYPT
+                if (err == WC_PENDING_E) {
+                    ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
+                    if (ret < 0) break;
+                }
+            #endif
             }
-        } while (ret != SSL_SUCCESS && err == WC_PENDING_E);
-
+        } while (err == WC_PENDING_E);
         if (ret != SSL_SUCCESS) {
-            char buffer[CYASSL_MAX_ERROR_SZ];
-            err = CyaSSL_get_error(ssl, 0);
-            printf("error = %d, %s\n", err, CyaSSL_ERR_error_string(err, buffer));
+            printf("SSL_accept error = %d, %s\n", err,
+                CyaSSL_ERR_error_string(err, buffer));
             printf("SSL_accept failed\n");
             CyaSSL_free(ssl);
             CloseSocket(clientfd);
@@ -321,7 +322,29 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
         write_ssl = ssl;
 #endif
 
-        while ( (echoSz = CyaSSL_read(ssl, command, sizeof(command)-1)) > 0) {
+        while (1) {
+            do {
+                err = 0; /* reset error */
+                ret = CyaSSL_read(ssl, command, sizeof(command)-1);
+                if (ret <= 0) {
+                    err = CyaSSL_get_error(ssl, 0);
+                #ifdef WOLFSSL_ASYNC_CRYPT
+                    if (err == WC_PENDING_E) {
+                        ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
+                        if (ret < 0) break;
+                    }
+                #endif
+                }
+            } while (err == WC_PENDING_E);
+            if (ret <= 0) {
+                if (err != SSL_ERROR_WANT_READ && err != SSL_ERROR_ZERO_RETURN){
+                    printf("SSL_read echo error %d, %s!\n", err,
+                        CyaSSL_ERR_error_string(err, buffer));
+                }
+                break;
+            }
+
+            echoSz = ret;
 
             if (firstRead == 1) {
                 firstRead = 0;  /* browser may send 1 byte 'G' to start */
@@ -334,7 +357,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
                 strncpy(command, "GET", 4);
                 /* fall through to normal GET */
             }
-           
+
             if ( strncmp(command, "quit", 4) == 0) {
                 printf("client sent quit command: shutting down!\n");
                 shutDown = 1;
@@ -356,7 +379,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
                 char header[] = "<html><body BGCOLOR=\"#ffffff\">\n<pre>\n";
                 char body[]   = "greetings from wolfSSL\n";
                 char footer[] = "</body></html>\r\n\r\n";
-            
+
                 strncpy(command, type, sizeof(type));
                 echoSz = sizeof(type) - 1;
 
@@ -367,18 +390,51 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
                 strncpy(&command[echoSz], footer, sizeof(footer));
                 echoSz += (int)sizeof(footer);
 
-                if (CyaSSL_write(write_ssl, command, echoSz) != echoSz)
-                    err_sys("SSL_write failed");
+                do {
+                    err = 0; /* reset error */
+                    ret = CyaSSL_write(write_ssl, command, echoSz);
+                    if (ret <= 0) {
+                        err = CyaSSL_get_error(write_ssl, 0);
+                    #ifdef WOLFSSL_ASYNC_CRYPT
+                        if (err == WC_PENDING_E) {
+                            ret = wolfSSL_AsyncPoll(write_ssl, WOLF_POLL_FLAG_CHECK_HW);
+                            if (ret < 0) break;
+                        }
+                    #endif
+                    }
+                } while (err == WC_PENDING_E);
+                if (ret != echoSz) {
+                    printf("SSL_write get error = %d, %s\n", err,
+                        CyaSSL_ERR_error_string(err, buffer));
+                    err_sys("SSL_write get failed");
+                }
                 break;
             }
             command[echoSz] = 0;
 
-            #ifdef ECHO_OUT
-                fputs(command, fout);
-            #endif
+        #ifdef ECHO_OUT
+            fputs(command, fout);
+        #endif
 
-            if (CyaSSL_write(write_ssl, command, echoSz) != echoSz)
-                err_sys("SSL_write failed");
+            do {
+                err = 0; /* reset error */
+                ret = CyaSSL_write(write_ssl, command, echoSz);
+                if (ret <= 0) {
+                    err = CyaSSL_get_error(write_ssl, 0);
+                #ifdef WOLFSSL_ASYNC_CRYPT
+                    if (err == WC_PENDING_E) {
+                        ret = wolfSSL_AsyncPoll(write_ssl, WOLF_POLL_FLAG_CHECK_HW);
+                        if (ret < 0) break;
+                    }
+                #endif
+                }
+            } while (err == WC_PENDING_E);
+
+            if (ret != echoSz) {
+                printf("SSL_write echo error = %d, %s\n", err,
+                        CyaSSL_ERR_error_string(err, buffer));
+                err_sys("SSL_write echo failed");
+            }
         }
 #ifndef CYASSL_DTLS
         CyaSSL_shutdown(ssl);
@@ -427,6 +483,8 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
 #endif
 }
 
+#endif /* !NO_WOLFSSL_SERVER */
+
 
 /* so overall tests can pull in test function */
 #ifndef NO_MAIN_DRIVER
@@ -450,7 +508,9 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
         CyaSSL_Debugging_ON();
 #endif
         ChangeToWolfRoot();
+#ifndef NO_WOLFSSL_SERVER
         echoserver_test(&args);
+#endif
         CyaSSL_Cleanup();
 
 #ifdef HAVE_WNR
@@ -461,7 +521,4 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
         return args.return_code;
     }
 
-        
 #endif /* NO_MAIN_DRIVER */
-
-

mcapi/PIC32MZ-serial.h

@@ -1,28 +1,75 @@
 void _mon_putc(char c);
 
-static void init_serial() {
-    #ifdef MICROCHIP_PIC32
-#if defined (__32MZ2048ECH144__) || (__32MZ2048ECM144__)
-    /* Set up PB2 divisor for UART2 */
-    SYSKEY = 0x00000000;
-    SYSKEY = 0xAA996655;
-    SYSKEY = 0x556699AA;
-    PB2DIV = 0x00008018;
-    SYSKEY = 0x33333333;
- 
-    /* UART2 Init */
-//    U2BRG = 0x0C;
-    U2BRG = 0x7;
+#define BAUD_GEN(sysclk, baud) ((sysclk / (16 * baud)) - 1)
+
+#ifdef MICROCHIP_PIC32
+#if defined (__32MZ2048ECH144__) || defined(__32MZ2048ECM144__) || defined(__32MZ2048EFM144__)
+    /* Code generated from Harmony example then exported using Window -> PIC32 Memory View -> Configuration Bits into system_config.h */
+    #define SYS_CLK_FREQ                    200000000ul
+    #define SYS_CLK_BUS_PERIPHERAL_2        100000000ul
+
+    // DEVCFG3
+    #pragma config FMIIEN = ON              // Ethernet RMII/MII Enable (MII Enabled)
+    #pragma config FETHIO = ON              // Ethernet I/O Pin Select (Default Ethernet I/O)
+    #pragma config PGL1WAY = ON             // Permission Group Lock One Way Configuration (Allow only one reconfiguration)
+    #pragma config PMDL1WAY = ON            // Peripheral Module Disable Configuration (Allow only one reconfiguration)
+    #pragma config IOL1WAY = ON             // Peripheral Pin Select Configuration (Allow only one reconfiguration)
+    #pragma config FUSBIDIO = ON            // USB USBID Selection (Controlled by the USB Module)
+
+    // DEVCFG2
+    #pragma config FPLLIDIV = DIV_1         // System PLL Input Divider (1x Divider)
+    #pragma config FPLLRNG = RANGE_5_10_MHZ // System PLL Input Range (5-10 MHz Input)
+    #pragma config FPLLICLK = PLL_FRC       // System PLL Input Clock Selection (FRC is input to the System PLL)
+    #pragma config FPLLMULT = MUL_50        // System PLL Multiplier (PLL Multiply by 50)
+    #pragma config FPLLODIV = DIV_2         // System PLL Output Clock Divider (2x Divider)
+    #pragma config UPLLFSEL = FREQ_24MHZ    // USB PLL Input Frequency Selection (USB PLL input is 24 MHz)
+
+    // DEVCFG1
+    #pragma config FNOSC = SPLL             // Oscillator Selection Bits (System PLL)
+    #pragma config DMTINTV = WIN_127_128    // DMT Count Window Interval (Window/Interval value is 127/128 counter value)
+    #pragma config FSOSCEN = OFF            // Secondary Oscillator Enable (Disable SOSC)
+    #pragma config IESO = OFF               // Internal/External Switch Over (Disabled)
+    #pragma config POSCMOD = OFF            // Primary Oscillator Configuration (Primary osc disabled)
+    #pragma config OSCIOFNC = OFF           // CLKO Output Signal Active on the OSCO Pin (Disabled)
+    #pragma config FCKSM = CSECME           // Clock Switching and Monitor Selection (Clock Switch Enabled, FSCM Enabled)
+    #pragma config WDTPS = PS1048576        // Watchdog Timer Postscaler (1:1048576)
+    #pragma config WDTSPGM = STOP           // Watchdog Timer Stop During Flash Programming (WDT stops during Flash programming)
+    #pragma config WINDIS = NORMAL          // Watchdog Timer Window Mode (Watchdog Timer is in non-Window mode)
+    #pragma config FWDTEN = OFF             // Watchdog Timer Enable (WDT Disabled)
+    #pragma config FWDTWINSZ = WINSZ_25     // Watchdog Timer Window Size (Window size is 25%)
+    #pragma config DMTCNT = DMT31           // Deadman Timer Count Selection (2^31 (2147483648))
+    #pragma config FDMTEN = OFF             // Deadman Timer Enable (Deadman Timer is disabled)
+
+    // DEVCFG0
+    #pragma config ICESEL = ICS_PGx2        // ICE/ICD Comm Channel Select (Communicate on PGEC2/PGED2)
+
+    // DEVCP0
+    #pragma config CP = OFF                 // Code Protect (Protection Disabled)
+
+    #include <xc.h>
+#endif
+#endif
+
+static void init_serial(unsigned int sysClk) {
+#ifdef MICROCHIP_PIC32
+#if defined (__32MZ2048ECH144__) || defined(__32MZ2048ECM144__) || defined(__32MZ2048EFM144__)
+    /* This is for pin B14 which is connected to the USB to UART connector J11 located under Ethernet connector */
+
+    /* Setup UART2 */
+#ifdef SYS_CLK_BUS_PERIPHERAL_2
+    U2BRG = BAUD_GEN(SYS_CLK_BUS_PERIPHERAL_2, 115200);
+#else
+    if (sysClk > 100000000)
+        sysClk /= 2;
+    U2BRG = BAUD_GEN(sysClk, 115200);
+#endif
     ANSELBCLR = 0x4000;
     ANSELGCLR = 0x0040;
     RPB14R = 0x02;
     U2RXR = 0x01;
     U2MODE = 0x8000;
     U2STA = 0x400;
-#elif defined __PIC32MX__
-    SYSTEMConfigPerformance(80000000);
-    DBINIT();
 #endif
- 
 #endif
+    (void)sysClk;
 }

mcapi/crypto.c

@@ -20,29 +20,33 @@
  */
 
 
-
 /* Implements Microchip CRYPTO API layer */
+#ifdef HAVE_CONFIG_H
+    #include "config.h"
+#endif
+#ifdef MICROCHIP_MPLAB_HARMONY
+    #include "system_config.h"
+    #include "crypto/crypto.h"
+#else
+    #include "crypto.h"
+#endif
 
+#include <wolfssl/wolfcrypt/settings.h>
 
+#include <wolfssl/wolfcrypt/md5.h>
+#include <wolfssl/wolfcrypt/sha.h>
+#include <wolfssl/wolfcrypt/sha256.h>
+#include <wolfssl/wolfcrypt/sha512.h>
+#include <wolfssl/wolfcrypt/hmac.h>
+#include <wolfssl/wolfcrypt/compress.h>
+#include <wolfssl/wolfcrypt/random.h>
+#include <wolfssl/wolfcrypt/des3.h>
+#include <wolfssl/wolfcrypt/aes.h>
+#include <wolfssl/wolfcrypt/rsa.h>
+#include <wolfssl/wolfcrypt/ecc.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
 
-#include "crypto.h"
-
-#include <cyassl/ctaocrypt/settings.h>
-
-#include <cyassl/ctaocrypt/md5.h>
-#include <cyassl/ctaocrypt/sha.h>
-#include <cyassl/ctaocrypt/sha256.h>
-#include <cyassl/ctaocrypt/sha512.h>
-#include <cyassl/ctaocrypt/hmac.h>
-#include <cyassl/ctaocrypt/compress.h>
-#include <cyassl/ctaocrypt/random.h>
-#include <cyassl/ctaocrypt/des3.h>
-#include <cyassl/ctaocrypt/aes.h>
-#include <cyassl/ctaocrypt/rsa.h>
-#include <cyassl/ctaocrypt/ecc.h>
-#include <cyassl/ctaocrypt/error-crypt.h>
-
-
+#ifndef NO_MD5
 /* Initialize MD5 */
 int CRYPT_MD5_Initialize(CRYPT_MD5_CTX* md5)
 {
@@ -52,9 +56,7 @@ int CRYPT_MD5_Initialize(CRYPT_MD5_CTX* md5)
     if (md5 == NULL)
         return BAD_FUNC_ARG;
 
-    wc_InitMd5((Md5*)md5);
-
-    return 0;
+    return wc_InitMd5((Md5*)md5);
 }
 
 
@@ -65,9 +67,7 @@ int CRYPT_MD5_DataAdd(CRYPT_MD5_CTX* md5, const unsigned char* input,
     if (md5 == NULL || input == NULL)
         return BAD_FUNC_ARG;
 
-    wc_Md5Update((Md5*)md5, input, sz);
-
-    return 0;
+    return wc_Md5Update((Md5*)md5, input, sz);
 }
 
 
@@ -77,11 +77,11 @@ int CRYPT_MD5_Finalize(CRYPT_MD5_CTX* md5, unsigned char* digest)
     if (md5 == NULL || digest == NULL)
         return BAD_FUNC_ARG;
 
-    wc_Md5Final((Md5*)md5, digest);
-
-    return 0;
+    return wc_Md5Final((Md5*)md5, digest);
 }
+#endif
 
+#ifndef NO_SHA
 
 /* Initialize SHA */
 int CRYPT_SHA_Initialize(CRYPT_SHA_CTX* sha)
@@ -115,7 +115,9 @@ int CRYPT_SHA_Finalize(CRYPT_SHA_CTX* sha, unsigned char* digest)
 
     return wc_ShaFinal((Sha*)sha, digest);
 }
+#endif
 
+#ifndef NO_SHA256
 
 /* Initialize SHA-256 */
 int CRYPT_SHA256_Initialize(CRYPT_SHA256_CTX* sha256)
@@ -149,8 +151,10 @@ int CRYPT_SHA256_Finalize(CRYPT_SHA256_CTX* sha256, unsigned char* digest)
 
     return wc_Sha256Final((Sha256*)sha256, digest);
 }
+#endif
 
-
+#ifdef WOLFSSL_SHA512
+#ifdef WOLFSSL_SHA384
 /* Initialize SHA-384 */
 int CRYPT_SHA384_Initialize(CRYPT_SHA384_CTX* sha384)
 {
@@ -183,6 +187,7 @@ int CRYPT_SHA384_Finalize(CRYPT_SHA384_CTX* sha384, unsigned char* digest)
 
     return wc_Sha384Final((Sha384*)sha384, digest);
 }
+#endif
 
 
 /* Initialize SHA-512 */
@@ -217,8 +222,9 @@ int CRYPT_SHA512_Finalize(CRYPT_SHA512_CTX* sha512, unsigned char* digest)
 
     return wc_Sha512Final((Sha512*)sha512, digest);
 }
+#endif
 
-
+#ifndef NO_HMAC
 /* Set HMAC key with type */
 int CRYPT_HMAC_SetKey(CRYPT_HMAC_CTX* hmac, int type, const unsigned char* key,
                       unsigned int sz)
@@ -258,6 +264,9 @@ int CRYPT_HMAC_Finalize(CRYPT_HMAC_CTX* hmac, unsigned char* digest)
     return wc_HmacFinal((Hmac*)hmac, digest);
 }
 
+#endif
+
+#ifdef HAVE_LIBZ
 
 /* Huffman Compression, set flag to do static, otherwise dynamic */
 /* return compressed size, otherwise < 0 for error */
@@ -268,7 +277,7 @@ int CRYPT_HUFFMAN_Compress(unsigned char* out, unsigned int outSz,
     if (out == NULL || in == NULL)
         return BAD_FUNC_ARG;
 
-    return Compress(out, outSz, in, inSz, flags);
+    return wc_Compress(out, outSz, in, inSz, flags);
 }
 
 
@@ -280,9 +289,12 @@ int CRYPT_HUFFMAN_DeCompress(unsigned char* out, unsigned int outSz,
     if (out == NULL || in == NULL)
         return BAD_FUNC_ARG;
 
-    return DeCompress(out, outSz, in, inSz);
+    return wc_DeCompress(out, outSz, in, inSz);
 }
 
+#endif
+
+#ifndef NO_RNG
 
 /* RNG Initialize, < 0 on error */
 int CRYPT_RNG_Initialize(CRYPT_RNG_CTX* rng)
@@ -293,7 +305,7 @@ int CRYPT_RNG_Initialize(CRYPT_RNG_CTX* rng)
     if (rng == NULL)
         return BAD_FUNC_ARG;
 
-    return InitRng((WC_RNG*)rng);
+    return wc_InitRng((WC_RNG*)rng);
 }
 
 
@@ -303,7 +315,7 @@ int CRYPT_RNG_Get(CRYPT_RNG_CTX* rng, unsigned char* b)
     if (rng == NULL || b == NULL)
         return BAD_FUNC_ARG;
 
-    return RNG_GenerateByte((WC_RNG*)rng, (byte*)b);
+    return wc_RNG_GenerateByte((WC_RNG*)rng, (byte*)b);
 }
 
 
@@ -314,10 +326,12 @@ int CRYPT_RNG_BlockGenerate(CRYPT_RNG_CTX* rng, unsigned char* b,
     if (rng == NULL || b == NULL)
         return BAD_FUNC_ARG;
 
-    return RNG_GenerateBlock((WC_RNG*)rng, b, sz);
+    return wc_RNG_GenerateBlock((WC_RNG*)rng, b, sz);
 }
 
+#endif
 
+#ifndef NO_DES3
 /* Triple DES Key Set, may have iv, will have direction */
 int CRYPT_TDES_KeySet(CRYPT_TDES_CTX* tdes, const unsigned char* key,
                       const unsigned char* iv, int dir)
@@ -328,7 +342,7 @@ int CRYPT_TDES_KeySet(CRYPT_TDES_CTX* tdes, const unsigned char* key,
     if (tdes == NULL || key == NULL)
         return BAD_FUNC_ARG;
 
-    return Des3_SetKey((Des3*)tdes, key, iv, dir);
+    return wc_Des3_SetKey((Des3*)tdes, key, iv, dir);
 }
 
 
@@ -360,9 +374,12 @@ int CRYPT_TDES_CBC_Decrypt(CRYPT_TDES_CTX* tdes, unsigned char* out,
     if (tdes == NULL || out == NULL || in == NULL)
         return BAD_FUNC_ARG;
 
-    return Des3_CbcDecrypt((Des3*)tdes, out, in, inSz);
+    return wc_Des3_CbcDecrypt((Des3*)tdes, out, in, inSz);
 }
 
+#endif
+
+#ifndef NO_AES
 
 /* AES Key Set, may have iv, will have direction */
 int CRYPT_AES_KeySet(CRYPT_AES_CTX* aes, const unsigned char* key,
@@ -406,10 +423,11 @@ int CRYPT_AES_CBC_Decrypt(CRYPT_AES_CTX* aes, unsigned char* out,
     if (aes == NULL || out == NULL || in == NULL)
         return BAD_FUNC_ARG;
 
-    return AesCbcDecrypt((Aes*)aes, out, in, inSz);
+    return wc_AesCbcDecrypt((Aes*)aes, out, in, inSz);
 }
+#endif
 
-
+#ifdef WOLFSSL_AES_COUNTER
 /* AES CTR Encrypt (used for decrypt too, with ENCRYPT key setup) */
 int CRYPT_AES_CTR_Encrypt(CRYPT_AES_CTX* aes, unsigned char* out,
                           const unsigned char* in, unsigned int inSz)
@@ -417,11 +435,11 @@ int CRYPT_AES_CTR_Encrypt(CRYPT_AES_CTX* aes, unsigned char* out,
     if (aes == NULL || out == NULL || in == NULL)
         return BAD_FUNC_ARG;
 
-    wc_AesCtrEncrypt((Aes*)aes, out, in, inSz);
-
-    return 0;
+    return wc_AesCtrEncrypt((Aes*)aes, out, in, inSz);
 }
+#endif
 
+#ifdef WOLFSSL_AES_DIRECT
 
 /* AES Direct mode encrypt, one block at a time */
 int CRYPT_AES_DIRECT_Encrypt(CRYPT_AES_CTX* aes, unsigned char* out,
@@ -447,7 +465,9 @@ int CRYPT_AES_DIRECT_Decrypt(CRYPT_AES_CTX* aes, unsigned char* out,
 
     return 0;
 }
+#endif
 
+#ifndef NO_RSA
 
 /* RSA Initialize */
 int CRYPT_RSA_Initialize(CRYPT_RSA_CTX* rsa)
@@ -459,7 +479,7 @@ int CRYPT_RSA_Initialize(CRYPT_RSA_CTX* rsa)
     if (rsa->holder == NULL)
         return -1;
 
-    return InitRsaKey((RsaKey*)rsa->holder, NULL);
+    return wc_InitRsaKey((RsaKey*)rsa->holder, NULL);
 }
 
 
@@ -469,7 +489,7 @@ int CRYPT_RSA_Free(CRYPT_RSA_CTX* rsa)
     if (rsa == NULL)
         return BAD_FUNC_ARG;
 
-    FreeRsaKey((RsaKey*)rsa->holder);
+    wc_FreeRsaKey((RsaKey*)rsa->holder);
     XFREE(rsa->holder, NULL, DYNAMIC_TYPE_RSA);
     rsa->holder = NULL;
 
@@ -487,7 +507,7 @@ int CRYPT_RSA_PublicKeyDecode(CRYPT_RSA_CTX* rsa, const unsigned char* in,
     if (rsa == NULL || in == NULL)
         return BAD_FUNC_ARG;
 
-    return RsaPublicKeyDecode(in, &idx, (RsaKey*)rsa->holder, inSz);
+    return wc_RsaPublicKeyDecode(in, &idx, (RsaKey*)rsa->holder, inSz);
 }
 
 
@@ -501,7 +521,7 @@ int CRYPT_RSA_PrivateKeyDecode(CRYPT_RSA_CTX* rsa, const unsigned char* in,
     if (rsa == NULL || in == NULL)
         return BAD_FUNC_ARG;
 
-    return RsaPrivateKeyDecode(in, &idx, (RsaKey*)rsa->holder, inSz);
+    return wc_RsaPrivateKeyDecode(in, &idx, (RsaKey*)rsa->holder, inSz);
 }
 
 
@@ -513,7 +533,7 @@ int CRYPT_RSA_PublicEncrypt(CRYPT_RSA_CTX* rsa, unsigned char* out,
     if (rsa == NULL || in == NULL || out == NULL || rng == NULL)
         return BAD_FUNC_ARG;
 
-    return RsaPublicEncrypt(in, inSz, out, outSz, (RsaKey*)rsa->holder,
+    return wc_RsaPublicEncrypt(in, inSz, out, outSz, (RsaKey*)rsa->holder,
                             (WC_RNG*)rng);
 }
 
@@ -526,17 +546,17 @@ int CRYPT_RSA_PrivateDecrypt(CRYPT_RSA_CTX* rsa, unsigned char* out,
     if (rsa == NULL || in == NULL || out == NULL)
         return BAD_FUNC_ARG;
 
-    return RsaPrivateDecrypt(in, inSz, out, outSz, (RsaKey*)rsa->holder);
+    return wc_RsaPrivateDecrypt(in, inSz, out, outSz, (RsaKey*)rsa->holder);
 }
 
 
 /* RSA Get Encrypt size helper */
-int CRYPT_RSA_EncryptSizeGet(CRYPT_RSA_CTX* rsa) 
+int CRYPT_RSA_EncryptSizeGet(CRYPT_RSA_CTX* rsa)
 {
     if (rsa == NULL)
         return BAD_FUNC_ARG;
 
-    return RsaEncryptSize((RsaKey*)rsa->holder);
+    return wc_RsaEncryptSize((RsaKey*)rsa->holder);
 }
 
 
@@ -553,7 +573,9 @@ int CRYPT_RSA_SetRng(CRYPT_RSA_CTX* rsa, CRYPT_RNG_CTX* rng)
     return 0;
 #endif
 }
+#endif
 
+#ifdef HAVE_ECC
 
 /* ECC init */
 int CRYPT_ECC_Initialize(CRYPT_ECC_CTX* ecc)
@@ -706,6 +728,7 @@ int CRYPT_ECC_SignatureSizeGet(CRYPT_ECC_CTX* ecc)
     return wc_ecc_sig_size((ecc_key*)ecc->holder);
 }
 
+#endif
 
 /* Save error string from err to str which needs to be >= 80 chars */
 int CRYPT_ERROR_StringGet(int err, char* str)
@@ -713,7 +736,7 @@ int CRYPT_ERROR_StringGet(int err, char* str)
     if (str == NULL)
         return BAD_FUNC_ARG;
 
-    CTaoCryptErrorString(err, str);
+    wc_ErrorString(err, str);
 
     return 0;
 }

mcapi/crypto.h

@@ -34,7 +34,7 @@
 
 /* MD5 */
 typedef struct CRYPT_MD5_CTX {
-    int holder[24];   /* big enough to hold internal, but check on init */
+    int holder[28];   /* big enough to hold internal, but check on init */
 } CRYPT_MD5_CTX;
 
 int CRYPT_MD5_Initialize(CRYPT_MD5_CTX*);
@@ -42,13 +42,13 @@ int CRYPT_MD5_DataAdd(CRYPT_MD5_CTX*, const unsigned char*, unsigned int);
 int CRYPT_MD5_Finalize(CRYPT_MD5_CTX*, unsigned char*);
 
 enum {
-    CRYPT_MD5_DIGEST_SIZE = 16 
+    CRYPT_MD5_DIGEST_SIZE = 16
 };
 
 
 /* SHA */
 typedef struct CRYPT_SHA_CTX {
-    int holder[24];   /* big enough to hold internal, but check on init */
+    int holder[29];   /* big enough to hold internal, but check on init */
 } CRYPT_SHA_CTX;
 
 int CRYPT_SHA_Initialize(CRYPT_SHA_CTX*);
@@ -62,7 +62,7 @@ enum {
 
 /* SHA-256 */
 typedef struct CRYPT_SHA256_CTX {
-    int holder[28];   /* big enough to hold internal, but check on init */
+    int holder[32];   /* big enough to hold internal, but check on init */
 } CRYPT_SHA256_CTX;
 
 int CRYPT_SHA256_Initialize(CRYPT_SHA256_CTX*);
@@ -70,13 +70,13 @@ int CRYPT_SHA256_DataAdd(CRYPT_SHA256_CTX*, const unsigned char*, unsigned int);
 int CRYPT_SHA256_Finalize(CRYPT_SHA256_CTX*, unsigned char*);
 
 enum {
-    CRYPT_SHA256_DIGEST_SIZE = 32 
+    CRYPT_SHA256_DIGEST_SIZE = 32
 };
 
 
 /* SHA-384 */
 typedef struct CRYPT_SHA384_CTX {
-    long long holder[32];   /* big enough to hold internal, but check on init */
+    long long holder[36];   /* big enough to hold internal, but check on init */
 } CRYPT_SHA384_CTX;
 
 int CRYPT_SHA384_Initialize(CRYPT_SHA384_CTX*);
@@ -98,13 +98,13 @@ int CRYPT_SHA512_DataAdd(CRYPT_SHA512_CTX*, const unsigned char*, unsigned int);
 int CRYPT_SHA512_Finalize(CRYPT_SHA512_CTX*, unsigned char*);
 
 enum {
-    CRYPT_SHA512_DIGEST_SIZE = 64 
+    CRYPT_SHA512_DIGEST_SIZE = 64
 };
 
 
 /* HMAC */
 typedef struct CRYPT_HMAC_CTX {
-    long long holder[69];   /* big enough to hold internal, but check on init */
+    long long holder[72];   /* big enough to hold internal, but check on init */
 } CRYPT_HMAC_CTX;
 
 int CRYPT_HMAC_SetKey(CRYPT_HMAC_CTX*, int, const unsigned char*, unsigned int);
@@ -113,10 +113,10 @@ int CRYPT_HMAC_Finalize(CRYPT_HMAC_CTX*, unsigned char*);
 
 /* HMAC types */
 enum {
-    CRYPT_HMAC_SHA    = 1, 
-    CRYPT_HMAC_SHA256 = 2, 
-    CRYPT_HMAC_SHA384 = 5, 
-    CRYPT_HMAC_SHA512 = 4 
+    CRYPT_HMAC_SHA    = 1,
+    CRYPT_HMAC_SHA256 = 2,
+    CRYPT_HMAC_SHA384 = 5,
+    CRYPT_HMAC_SHA512 = 4
 };
 
 
@@ -128,7 +128,7 @@ int CRYPT_HUFFMAN_DeCompress(unsigned char*, unsigned int, const unsigned char*,
 
 /* flag to use static huffman */
 enum {
-    CRYPT_HUFFMAN_COMPRESS_STATIC = 1 
+    CRYPT_HUFFMAN_COMPRESS_STATIC = 1
 };
 
 
@@ -144,7 +144,7 @@ int CRYPT_RNG_BlockGenerate(CRYPT_RNG_CTX*, unsigned char*, unsigned int);
 
 /* TDES */
 typedef struct CRYPT_TDES_CTX {
-    int holder[100];   /* big enough to hold internal, but check on init */
+    int holder[104];   /* big enough to hold internal, but check on init */
 } CRYPT_TDES_CTX;
 
 int CRYPT_TDES_KeySet(CRYPT_TDES_CTX*, const unsigned char*,
@@ -158,13 +158,13 @@ int CRYPT_TDES_CBC_Decrypt(CRYPT_TDES_CTX*, unsigned char*,
 /* key direction flags for setup */
 enum {
     CRYPT_TDES_ENCRYPTION = 0,
-    CRYPT_TDES_DECRYPTION = 1 
+    CRYPT_TDES_DECRYPTION = 1
 };
 
 
 /* AES */
 typedef struct CRYPT_AES_CTX {
-    int holder[76];   /* big enough to hold internal, but check on init */
+    int holder[90];   /* big enough to hold internal, but check on init */
 } CRYPT_AES_CTX;
 
 /* key */
@@ -262,7 +262,7 @@ int CRYPT_ERROR_StringGet(int, char*);
 
 
 #ifdef __cplusplus
-    }  /* extern "C" */ 
+    }  /* extern "C" */
 #endif
 
 

mcapi/include.am

@@ -15,5 +15,5 @@ noinst_HEADERS += mcapi/crypto.h
 
 EXTRA_DIST += \
          mcapi/README \
-		 mcapi/PIC32MZ-serial.h
-
+         mcapi/PIC32MZ-serial.h \
+         mcapi/user_settings.h

mcapi/mcapi_test.c

@@ -1,4 +1,4 @@
-/* test.c
+/* mcapi_test.c
  *
  * Copyright (C) 2006-2016 wolfSSL Inc.
  *
@@ -59,6 +59,8 @@
     #include <stdio.h>
     #include <stdlib.h>
     #include <p32xxxx.h>
+    #define _SUPPRESS_PLIB_WARNING
+    #define _DISABLE_OPENADC10_CONFIGPORT_WARNING
     #include <plib.h>
     #include <sys/appio.h>
     #define init_serial()  /* void out init_serial() */
@@ -214,25 +216,30 @@ static int check_md5(void)
 {
     CRYPT_MD5_CTX mcMd5;
     Md5           defMd5;
+    int           ret;
     byte          mcDigest[CRYPT_MD5_DIGEST_SIZE];
     byte          defDigest[MD5_DIGEST_SIZE];
 
     CRYPT_MD5_Initialize(&mcMd5);
-    wc_InitMd5(&defMd5);
+    ret = wc_InitMd5(&defMd5);
 
-    CRYPT_MD5_DataAdd(&mcMd5, ourData, OUR_DATA_SIZE);
-    wc_Md5Update(&defMd5, ourData, OUR_DATA_SIZE);
+    if (ret == 0) {
+        CRYPT_MD5_DataAdd(&mcMd5, ourData, OUR_DATA_SIZE);
+        ret = wc_Md5Update(&defMd5, ourData, OUR_DATA_SIZE);
+    }
 
-    CRYPT_MD5_Finalize(&mcMd5, mcDigest);
-    wc_Md5Final(&defMd5, defDigest);
+    if (ret == 0) {
+        CRYPT_MD5_Finalize(&mcMd5, mcDigest);
+        ret = wc_Md5Final(&defMd5, defDigest);
+    }
 
     if (memcmp(mcDigest, defDigest, CRYPT_MD5_DIGEST_SIZE) != 0) {
         printf("md5 final memcmp fialed\n");
         return -1;
-    } 
+    }
     printf("md5         mcapi test passed\n");
 
-    return 0;
+    return ret;
 }
 
 
@@ -261,7 +268,7 @@ static int check_sha(void)
     if (memcmp(mcDigest, defDigest, CRYPT_SHA_DIGEST_SIZE) != 0) {
         printf("sha final memcmp failed\n");
         return -1;
-    } 
+    }
     printf("sha         mcapi test passed\n");
 
     return 0;
@@ -301,7 +308,7 @@ static int check_sha256(void)
     if (memcmp(mcDigest, defDigest, CRYPT_SHA256_DIGEST_SIZE) != 0) {
         printf("sha256 final memcmp fialed\n");
         return -1;
-    } 
+    }
     printf("sha256      mcapi test passed\n");
 
     return 0;
@@ -341,7 +348,7 @@ static int check_sha384(void)
     if (memcmp(mcDigest, defDigest, CRYPT_SHA384_DIGEST_SIZE) != 0) {
         printf("sha384 final memcmp fialed\n");
         return -1;
-    } 
+    }
     printf("sha384      mcapi test passed\n");
 
     return 0;
@@ -381,7 +388,7 @@ static int check_sha512(void)
     if (memcmp(mcDigest, defDigest, CRYPT_SHA512_DIGEST_SIZE) != 0) {
         printf("sha512 final memcmp fialed\n");
         return -1;
-    } 
+    }
     printf("sha512      mcapi test passed\n");
 
     return 0;
@@ -424,7 +431,7 @@ static int check_hmac(void)
     if (memcmp(mcDigest, defDigest, CRYPT_SHA_DIGEST_SIZE) != 0) {
         printf("hmac sha final memcmp fialed\n");
         return -1;
-    } 
+    }
     printf("hmac sha    mcapi test passed\n");
 
     /* SHA-256 */
@@ -452,7 +459,7 @@ static int check_hmac(void)
     if (memcmp(mcDigest, defDigest, CRYPT_SHA256_DIGEST_SIZE) != 0) {
         printf("hmac sha256 final memcmp fialed\n");
         return -1;
-    } 
+    }
     printf("hmac sha256 mcapi test passed\n");
 
     /* SHA-384 */
@@ -480,7 +487,7 @@ static int check_hmac(void)
     if (memcmp(mcDigest, defDigest, CRYPT_SHA384_DIGEST_SIZE) != 0) {
         printf("hmac sha384 final memcmp fialed\n");
         return -1;
-    } 
+    }
     printf("hmac sha384 mcapi test passed\n");
 
     /* SHA-512 */
@@ -508,7 +515,7 @@ static int check_hmac(void)
     if (memcmp(mcDigest, defDigest, CRYPT_SHA512_DIGEST_SIZE) != 0) {
         printf("hmac sha512 final memcmp fialed\n");
         return -1;
-    } 
+    }
     printf("hmac sha512 mcapi test passed\n");
 
     return 0;
@@ -621,7 +628,7 @@ static int check_compress(void)
 static int check_rng(void)
 {
     int           ret;
-    int           i; 
+    int           i;
     byte          in[RANDOM_BYTE_SZ];
     byte          out[RANDOM_BYTE_SZ];
 
@@ -955,8 +962,11 @@ static int check_aesctr(void)
         printf("mcapi aes-128 ctr encrypt failed\n");
         return -1;
     }
-    wc_AesCtrEncrypt(&defAes, out2, ourData, AES_TEST_SIZE);
-
+    ret = wc_AesCtrEncrypt(&defAes, out2, ourData, AES_TEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi aes-128 ctr encrypt set failed\n");
+        return -1;
+    }
     if (memcmp(out1, out2, AES_TEST_SIZE) != 0) {
         printf("mcapi aes-128 ctr encrypt cmp failed\n");
         return -1;
@@ -1002,8 +1012,11 @@ static int check_aesctr(void)
         printf("mcapi aes-192 ctr encrypt failed\n");
         return -1;
     }
-    wc_AesCtrEncrypt(&defAes, out2, ourData, AES_TEST_SIZE);
-
+    ret = wc_AesCtrEncrypt(&defAes, out2, ourData, AES_TEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi aes-192 ctr encrypt set failed\n");
+        return -1;
+    }
     if (memcmp(out1, out2, AES_TEST_SIZE) != 0) {
         printf("mcapi aes-192 ctr encrypt cmp failed\n");
         return -1;
@@ -1049,8 +1062,11 @@ static int check_aesctr(void)
         printf("mcapi aes-256 ctr encrypt failed\n");
         return -1;
     }
-    wc_AesCtrEncrypt(&defAes, out2, ourData, AES_TEST_SIZE);
-
+    ret = wc_AesCtrEncrypt(&defAes, out2, ourData, AES_TEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi aes-256 ctr encrypt set failed\n");
+        return -1;
+    }
     if (memcmp(out1, out2, AES_TEST_SIZE) != 0) {
         printf("mcapi aes-256 ctr encrypt cmp failed\n");
         return -1;
@@ -1326,7 +1342,7 @@ static int check_rsa(void)
         return -1;
     }
 
-    ret = CRYPT_RSA_PrivateDecrypt(&mcRsa, out2, sizeof(out2), out1, ret); 
+    ret = CRYPT_RSA_PrivateDecrypt(&mcRsa, out2, sizeof(out2), out1, ret);
     if (ret < 0) {
         printf("mcapi rsa private derypt failed\n");
         return -1;
@@ -1348,7 +1364,7 @@ static int check_rsa(void)
         printf("mcapi rsa free failed\n");
         return -1;
     }
-    
+
     printf("rsa         mcapi test passed\n");
 
     return 0;
@@ -1358,7 +1374,7 @@ static int check_rsa(void)
 /* check mcapi ecc */
 static int check_ecc(void)
 {
-    CRYPT_ECC_CTX userA; 
+    CRYPT_ECC_CTX userA;
     CRYPT_ECC_CTX userB;
     int           ret;
     byte          sharedA[100];
@@ -1463,7 +1479,7 @@ static int check_ecc(void)
         printf("mcapi ecc public export failed\n");
         return -1;
     }
-  
+
     ret = CRYPT_ECC_PublicImport(&userB, sharedA, usedA);
     if (ret != 0) {
         printf("mcapi ecc public import failed\n");

mcapi/user_settings.h

@@ -0,0 +1,386 @@
+/* Example custom user settings for wolfSSL */
+
+#ifndef WOLFSSL_USER_SETTINGS_H
+#define WOLFSSL_USER_SETTINGS_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <stddef.h> /* for size_t */
+
+
+/* ------------------------------------------------------------------------- */
+/* Platform */
+/* ------------------------------------------------------------------------- */
+#undef  WOLFSSL_GENERAL_ALIGNMENT
+#define WOLFSSL_GENERAL_ALIGNMENT   4
+
+#undef  SINGLE_THREADED
+#define SINGLE_THREADED
+
+#undef  WOLFSSL_SMALL_STACK
+#define WOLFSSL_SMALL_STACK
+
+#undef  MICROCHIP_PIC32
+#define MICROCHIP_PIC32
+
+#undef  WOLFSSL_MICROCHIP_PIC32MZ
+#define WOLFSSL_MICROCHIP_PIC32MZ
+
+
+/* ------------------------------------------------------------------------- */
+/* Math Configuration */
+/* ------------------------------------------------------------------------- */
+#undef  USE_FAST_MATH
+#define USE_FAST_MATH
+
+#ifdef USE_FAST_MATH
+    #undef  TFM_TIMING_RESISTANT
+    #define TFM_TIMING_RESISTANT
+
+    /* Optimizations */
+    //#define TFM_MIPS
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Crypto */
+/* ------------------------------------------------------------------------- */
+/* ECC */
+#if 1
+    #undef  HAVE_ECC
+    #define HAVE_ECC
+
+    /* Manually define enabled curves */
+    #undef  ECC_USER_CURVES
+    #define ECC_USER_CURVES
+
+    //#define HAVE_ECC192
+    //#define HAVE_ECC224
+    #undef NO_ECC256
+    //#define HAVE_ECC384
+    //#define HAVE_ECC521
+
+    /* Fixed point cache (speeds repeated operations against same private key) */
+    #undef  FP_ECC
+    //#define FP_ECC
+    #ifdef FP_ECC
+        /* Bits / Entries */
+        #undef  FP_ENTRIES
+        #define FP_ENTRIES  2
+        #undef  FP_LUT
+        #define FP_LUT      4
+    #endif
+
+    /* Optional ECC calculation method */
+    /* Note: doubles heap usage, but slightly faster */
+    #undef  ECC_SHAMIR
+    #define ECC_SHAMIR
+
+    /* Reduces heap usage, but slower */
+    #undef  ECC_TIMING_RESISTANT
+    #define ECC_TIMING_RESISTANT
+
+    #ifdef USE_FAST_MATH
+        /* use reduced size math buffers for ecc points */
+        #undef  ALT_ECC_SIZE
+        #define ALT_ECC_SIZE
+
+        /* Enable TFM optimizations for ECC */
+        #if defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES)
+            #define TFM_ECC192
+        #endif
+        #if defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES)
+            #define TFM_ECC224
+        #endif
+        #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)
+            #define TFM_ECC256
+        #endif
+        #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)
+            #define TFM_ECC384
+        #endif
+        #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)
+            #define TFM_ECC521
+        #endif
+    #endif
+#endif
+
+/* RSA */
+#undef NO_RSA
+#if 1
+    #ifdef USE_FAST_MATH
+        /* Maximum math bits (Max RSA key bits * 2) */
+        #undef  FP_MAX_BITS
+        #define FP_MAX_BITS     2048
+    #endif
+
+    /* half as much memory but twice as slow */
+    #undef  RSA_LOW_MEM
+    //#define RSA_LOW_MEM
+    
+    /* timing resistance */
+    #undef  WC_RSA_BLINDING
+    #define WC_RSA_BLINDING
+#else
+    #define NO_RSA
+#endif
+
+/* AES */
+#undef NO_AES
+#if 1
+    #undef  HAVE_AES_DECRYPT
+    #define HAVE_AES_DECRYPT
+
+    #undef  HAVE_AESGCM
+    #define HAVE_AESGCM
+
+    /* GCM Method: GCM_SMALL, GCM_WORD32 or GCM_TABLE */
+    #undef  GCM_SMALL
+    #define GCM_SMALL
+
+    #undef  HAVE_AESCCM
+    #define HAVE_AESCCM
+
+    #undef  WOLFSSL_AES_COUNTER
+    #define WOLFSSL_AES_COUNTER
+
+    #undef  WOLFSSL_AES_DIRECT
+    #define WOLFSSL_AES_DIRECT
+#else
+    #define NO_AES
+#endif
+
+/* DES3 */
+#undef NO_DES3
+#if 1
+    #undef  WOLFSSL_DES_ECB
+    #define WOLFSSL_DES_ECB
+#else
+    #define NO_DES3
+#endif
+
+
+/* ChaCha20 / Poly1305 */
+#undef HAVE_CHACHA
+#undef HAVE_POLY1305
+#if 0
+    #define HAVE_CHACHA
+    #define HAVE_POLY1305
+
+    /* Needed for Poly1305 */
+    #undef  HAVE_ONE_TIME_AUTH
+    #define HAVE_ONE_TIME_AUTH
+#endif
+
+/* Ed25519 / Curve25519 */
+#undef HAVE_CURVE25519
+#undef HAVE_ED25519
+#if 0
+    #define HAVE_CURVE25519
+    #define HAVE_ED25519
+
+    /* Optionally use small math (less flash usage, but much slower) */
+    #if 0
+        #define CURVED25519_SMALL
+    #endif
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Hashing */
+/* ------------------------------------------------------------------------- */
+/* Sha */
+#undef NO_SHA
+#if 1
+    /* 1k smaller, but 25% slower */
+    //#define USE_SLOW_SHA
+#else
+    #define NO_SHA
+#endif
+
+/* Sha256 */
+#undef NO_SHA256
+#if 1
+#else
+    #define NO_SHA256
+#endif
+
+/* Sha512 */
+#undef WOLFSSL_SHA512
+#if 1
+    #define WOLFSSL_SHA512
+
+    /* Sha384 */
+    #undef  WOLFSSL_SHA384
+    #if 1
+        #define WOLFSSL_SHA384
+    #endif
+
+    /* over twice as small, but 50% slower */
+    //#define USE_SLOW_SHA2
+#endif
+
+/* MD5 */
+#undef  NO_MD5
+#if 1
+#else
+    #define NO_MD5
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Benchmark / Test */
+/* ------------------------------------------------------------------------- */
+/* Use reduced benchmark / test sizes */
+#undef  BENCH_EMBEDDED
+#define BENCH_EMBEDDED
+
+#undef  USE_CERT_BUFFERS_2048
+//#define USE_CERT_BUFFERS_2048
+
+#undef  USE_CERT_BUFFERS_1024
+#define USE_CERT_BUFFERS_1024
+
+#undef  USE_CERT_BUFFERS_256
+#define USE_CERT_BUFFERS_256
+
+
+/* ------------------------------------------------------------------------- */
+/* Time */
+/* ------------------------------------------------------------------------- */
+#if 0
+    /* Override Current Time */
+    /* Allows custom "custom_time()" function to be used for benchmark */
+    #define WOLFSSL_USER_CURRTIME
+    #define USER_TICKS
+    extern unsigned long custom_time(unsigned long* timer);
+    #define XTIME custom_time
+#else
+    #warning Time/RTC disabled
+    #undef  NO_ASN_TIME
+    #define NO_ASN_TIME
+#endif
+
+/* ------------------------------------------------------------------------- */
+/* Debugging */
+/* ------------------------------------------------------------------------- */
+#undef  DEBUG_WOLFSSL
+#define DEBUG_WOLFSSL
+
+#ifdef DEBUG_WOLFSSL
+    /* Use this to measure / print heap usage */
+    #if 0
+        #undef  USE_WOLFSSL_MEMORY
+        #define USE_WOLFSSL_MEMORY
+        #undef  WOLFSSL_TRACK_MEMORY
+        #define WOLFSSL_TRACK_MEMORY
+    #endif
+#else
+    #undef  NO_WOLFSSL_MEMORY
+    #define NO_WOLFSSL_MEMORY
+
+    #undef  NO_ERROR_STRINGS
+    //#define NO_ERROR_STRINGS
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Enable Features */
+/* ------------------------------------------------------------------------- */
+#undef  KEEP_PEER_CERT
+//#define KEEP_PEER_CERT
+
+#undef  HAVE_COMP_KEY
+//#define HAVE_COMP_KEY
+
+#undef  HAVE_TLS_EXTENSIONS
+//#define HAVE_TLS_EXTENSIONS
+
+#undef  HAVE_SUPPORTED_CURVES
+//#define HAVE_SUPPORTED_CURVES
+
+#undef  WOLFSSL_BASE64_ENCODE
+//#define WOLFSSL_BASE64_ENCODE
+
+/* TLS Session Cache */
+#if 0
+    #define SMALL_SESSION_CACHE
+#else
+    #define NO_SESSION_CACHE
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Disable Features */
+/* ------------------------------------------------------------------------- */
+#undef  NO_WOLFSSL_SERVER
+//#define NO_WOLFSSL_SERVER
+
+#undef  NO_WOLFSSL_CLIENT
+//#define NO_WOLFSSL_CLIENT
+
+#undef  NO_CRYPT_TEST
+//#define NO_CRYPT_TEST
+
+#undef  NO_CRYPT_BENCHMARK
+//#define NO_CRYPT_BENCHMARK
+
+/* In-lining of misc.c functions */
+/* If defined, must include wolfcrypt/src/misc.c in build */
+/* Slower, but about 1k smaller */
+#undef  NO_INLINE
+//#define NO_INLINE
+
+#undef  NO_FILESYSTEM
+#define NO_FILESYSTEM
+
+#undef  NO_WRITEV
+#define NO_WRITEV
+
+#undef  NO_MAIN_DRIVER
+#define NO_MAIN_DRIVER
+
+#undef  NO_DEV_RANDOM
+#define NO_DEV_RANDOM
+
+#undef  NO_DSA
+#define NO_DSA
+
+#undef  NO_DH
+#define NO_DH
+
+#undef  NO_RC4
+#define NO_RC4
+
+#undef  NO_OLD_TLS
+#define NO_OLD_TLS
+
+#undef  NO_HC128
+#define NO_HC128
+
+#undef  NO_RABBIT
+#define NO_RABBIT
+
+#undef  NO_PSK
+#define NO_PSK
+
+#undef  NO_MD4
+#define NO_MD4
+
+#undef  NO_PWDBASED
+#define NO_PWDBASED
+
+#undef  NO_CODING
+//#define NO_CODING
+
+
+/* Suppress array-bounds */
+#pragma GCC diagnostic ignored "-Warray-bounds"
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* WOLFSSL_USER_SETTINGS_H */

mcapi/wolfcrypt_mcapi.X/nbproject/configurations.xml

@@ -4,6 +4,7 @@
     <logicalFolder name="HeaderFiles"
                    displayName="Header Files"
                    projectFiles="true">
+      <itemPath>../user_settings.h</itemPath>
     </logicalFolder>
     <logicalFolder name="LinkerScript"
                    displayName="Linker Files"
@@ -110,8 +111,7 @@
         <property key="place-data-into-section" value="false"/>
         <property key="post-instruction-scheduling" value="default"/>
         <property key="pre-instruction-scheduling" value="default"/>
-        <property key="preprocessor-macros"
-                  value="WOLFSSL_SHA384;WOLFSSL_SHA512;HAVE_ECC;HAVE_LIBZ;HAVE_MCAPI"/>
+        <property key="preprocessor-macros" value="WOLFSSL_USER_SETTINGS;HAVE_LIBZ;HAVE_MCAPI"/>
         <property key="strict-ansi" value="false"/>
         <property key="support-ansi" value="false"/>
         <property key="use-cci" value="false"/>
@@ -149,7 +149,7 @@
         <property key="preprocessor-macros" value=""/>
         <property key="remove-unused-sections" value="false"/>
         <property key="report-memory-usage" value="false"/>
-        <property key="stack-size" value="2048"/>
+        <property key="stack-size" value="20480"/>
         <property key="symbol-stripping" value=""/>
         <property key="trace-symbols" value=""/>
         <property key="warn-section-align" value="false"/>

mcapi/wolfcrypt_test.X/nbproject/configurations.xml

@@ -4,6 +4,7 @@
     <logicalFolder name="HeaderFiles"
                    displayName="Header Files"
                    projectFiles="true">
+      <itemPath>../user_settings.h</itemPath>
     </logicalFolder>
     <logicalFolder name="LinkerScript"
                    displayName="Linker Files"
@@ -110,8 +111,7 @@
         <property key="place-data-into-section" value="false"/>
         <property key="post-instruction-scheduling" value="default"/>
         <property key="pre-instruction-scheduling" value="default"/>
-        <property key="preprocessor-macros"
-                  value="NO_MAIN_DRIVER;USE_CERT_BUFFERS_1024;WOLFSSL_SHA384;WOLFSSL_SHA512;HAVE_ECC;HAVE_LIBZ;HAVE_MCAPI"/>
+        <property key="preprocessor-macros" value="WOLFSSL_USER_SETTINGS;HAVE_LIBZ;HAVE_MCAPI"/>
         <property key="strict-ansi" value="false"/>
         <property key="support-ansi" value="false"/>
         <property key="use-cci" value="false"/>

mcapi/wolfssl.X/nbproject/configurations.xml

@@ -4,6 +4,7 @@
     <logicalFolder name="HeaderFiles"
                    displayName="Header Files"
                    projectFiles="true">
+      <itemPath>../user_settings.h</itemPath>
     </logicalFolder>
     <logicalFolder name="LinkerScript"
                    displayName="Linker Files"
@@ -37,10 +38,8 @@
         <itemPath>../../wolfcrypt/src/md5.c</itemPath>
         <itemPath>../../wolfcrypt/src/memory.c</itemPath>
         <itemPath>../../wolfcrypt/src/misc.c</itemPath>
-        <itemPath>../../wolfcrypt/src/pic32mz-hash.c</itemPath>
         <itemPath>../../wolfcrypt/src/pkcs7.c</itemPath>
         <itemPath>../../wolfcrypt/src/poly1305.c</itemPath>
-        <itemPath>../../wolfcrypt/src/pw.c</itemPath>
         <itemPath>../../wolfcrypt/src/pwdbased.c</itemPath>
         <itemPath>../../wolfcrypt/src/rabbit.c</itemPath>
         <itemPath>../../wolfcrypt/src/random.c</itemPath>
@@ -51,6 +50,21 @@
         <itemPath>../../wolfcrypt/src/sha512.c</itemPath>
         <itemPath>../../wolfcrypt/src/tfm.c</itemPath>
         <itemPath>../../wolfcrypt/src/wc_port.c</itemPath>
+        <itemPath>../../wolfcrypt/src/port/pic32/pic32mz-hash.c</itemPath>
+        <itemPath>../../wolfcrypt/src/port/pic32/pic32mz-crypt.c</itemPath>
+        <itemPath>../../wolfcrypt/src/hash.c</itemPath>
+        <itemPath>../../wolfcrypt/src/chacha20_poly1305.c</itemPath>
+        <itemPath>../../wolfcrypt/src/curve25519.c</itemPath>
+        <itemPath>../../wolfcrypt/src/ed25519.c</itemPath>
+        <itemPath>../../wolfcrypt/src/fe_low_mem.c</itemPath>
+        <itemPath>../../wolfcrypt/src/fe_operations.c</itemPath>
+        <itemPath>../../wolfcrypt/src/ge_low_mem.c</itemPath>
+        <itemPath>../../wolfcrypt/src/ge_operations.c</itemPath>
+        <itemPath>../../wolfcrypt/src/wc_encrypt.c</itemPath>
+        <itemPath>../../wolfcrypt/src/pkcs12.c</itemPath>
+        <itemPath>../../wolfcrypt/src/signature.c</itemPath>
+        <itemPath>../../wolfcrypt/src/wolfevent.c</itemPath>
+        <itemPath>../../wolfcrypt/src/wolfmath.c</itemPath>
       </logicalFolder>
       <logicalFolder name="src" displayName="wolfssl" projectFiles="true">
         <itemPath>../../src/crl.c</itemPath>
@@ -61,6 +75,7 @@
         <itemPath>../../src/sniffer.c</itemPath>
         <itemPath>../../src/ssl.c</itemPath>
         <itemPath>../../src/tls.c</itemPath>
+        <itemPath>../../src/tls13.c</itemPath>
       </logicalFolder>
     </logicalFolder>
     <logicalFolder name="ExternalFiles"
@@ -118,7 +133,7 @@
         <property key="enable-unroll-loops" value="false"/>
         <property key="exclude-floating-point" value="false"/>
         <property key="extra-include-directories"
-                  value="../../;../../mcapi;../../zlib-1.2.8;/Users/chrisc/yaSSL/products/cyassl/git/cyassl57/zlib-1.2.7"/>
+                  value="../../;../../mcapi;../../mplabx;../../zlib-1.2.8"/>
         <property key="generate-16-bit-code" value="false"/>
         <property key="generate-micro-compressed-code" value="false"/>
         <property key="isolate-each-function" value="false"/>
@@ -127,8 +142,7 @@
         <property key="place-data-into-section" value="false"/>
         <property key="post-instruction-scheduling" value="default"/>
         <property key="pre-instruction-scheduling" value="default"/>
-        <property key="preprocessor-macros"
-                  value="WOLFSSL_SHA512;WOLFSSL_SHA384;WOLFSSL_AES_COUNTER;WOLFSSL_AES_DIRECT;HAVE_ECC;HAVE_LIBZ;HAVE_MCAPI"/>
+        <property key="preprocessor-macros" value="WOLFSSL_USER_SETTINGS;HAVE_LIBZ;HAVE_MCAPI"/>
         <property key="strict-ansi" value="false"/>
         <property key="support-ansi" value="false"/>
         <property key="use-cci" value="false"/>

mplabx/PIC32MZ-serial.h

@@ -1,28 +1,96 @@
 void _mon_putc(char c);
 
-static void init_serial() {
-    #ifdef MICROCHIP_PIC32
-#if defined (__32MZ2048ECH144__) || (__32MZ2048ECM144__)
-    /* Set up PB2 divisor for UART2 */
-    SYSKEY = 0x00000000;
-    SYSKEY = 0xAA996655;
-    SYSKEY = 0x556699AA;
-    PB2DIV = 0x00008808;
-    SYSKEY = 0x33333333;
- 
-    /* UART2 Init */
-//    U2BRG = 0x0C;
-    U2BRG = 0x047;
+#define BAUD_GEN(sysclk, baud) ((sysclk / (16 * baud)) - 1)
+
+#ifdef MICROCHIP_PIC32
+#if defined (__32MZ2048ECH144__) || defined(__32MZ2048ECM144__) || defined(__32MZ2048EFM144__)
+    /* Code generated from Harmony example then exported using Window -> PIC32 Memory View -> Configuration Bits into system_config.h */
+    #define SYS_CLK_FREQ                    200000000ul
+    #define SYS_CLK_BUS_PERIPHERAL_2        100000000ul
+
+    /* PIC32MZ2048EFM144 Configuration Bit Settings */
+
+    /*** DEVCFG0 ***/
+    #pragma config DEBUG =      OFF
+    #pragma config JTAGEN =     OFF
+    #pragma config ICESEL =     ICS_PGx2
+    #pragma config TRCEN =      OFF
+    #pragma config BOOTISA =    MIPS32
+    #pragma config FECCCON =    OFF_UNLOCKED
+    #pragma config FSLEEP =     OFF
+    #pragma config DBGPER =     PG_ALL
+    #pragma config SMCLR =      MCLR_NORM
+    #pragma config SOSCGAIN =   GAIN_2X
+    #pragma config SOSCBOOST =  ON
+    #pragma config POSCGAIN =   GAIN_2X
+    #pragma config POSCBOOST =  ON
+    #pragma config EJTAGBEN =   NORMAL
+    #pragma config CP =         OFF
+
+    /*** DEVCFG1 ***/
+    #pragma config FNOSC =      SPLL
+    #pragma config DMTINTV =    WIN_127_128
+    #pragma config FSOSCEN =    OFF
+    #pragma config IESO =       OFF
+    #pragma config POSCMOD =    EC
+    #pragma config OSCIOFNC =   OFF
+    #pragma config FCKSM =      CSECME
+    #pragma config WDTPS =      PS1048576
+    #pragma config WDTSPGM =    STOP
+    #pragma config FWDTEN =     OFF
+    #pragma config WINDIS =     NORMAL
+    #pragma config FWDTWINSZ =  WINSZ_25
+    #pragma config DMTCNT =     DMT31
+    #pragma config FDMTEN =     OFF
+
+    /*** DEVCFG2 ***/
+    #pragma config FPLLIDIV =   DIV_3
+    #pragma config FPLLRNG =    RANGE_5_10_MHZ
+    #pragma config FPLLICLK =   PLL_POSC
+    #pragma config FPLLMULT =   MUL_50
+    #pragma config FPLLODIV =   DIV_2
+    #pragma config UPLLFSEL =   FREQ_24MHZ
+
+    /*** DEVCFG3 ***/
+    #pragma config USERID =     0xffff
+    #pragma config FMIIEN =     ON
+    #pragma config FETHIO =     ON
+    #pragma config PGL1WAY =    ON
+    #pragma config PMDL1WAY =   ON
+    #pragma config IOL1WAY =    ON
+    #pragma config FUSBIDIO =   ON
+
+    /*** BF1SEQ0 ***/
+    #pragma config TSEQ =       0x0000
+    #pragma config CSEQ =       0xffff
+
+    /* #pragma config statements should precede project file includes. */
+    /* Use project enums instead of #define for ON and OFF. */
+
+    #include <xc.h>
+#endif
+#endif
+
+static void init_serial(unsigned int sysClk) {
+#ifdef MICROCHIP_PIC32
+#if defined (__32MZ2048ECH144__) || defined(__32MZ2048ECM144__) || defined(__32MZ2048EFM144__)
+    /* This is for pin B14 which is connected to the USB to UART connector J11 located under Ethernet connector */
+
+    /* Setup UART2 */
+#ifdef SYS_CLK_BUS_PERIPHERAL_2
+    U2BRG = BAUD_GEN(SYS_CLK_BUS_PERIPHERAL_2, 115200);
+#else
+    if (sysClk > 100000000)
+        sysClk /= 2;
+    U2BRG = BAUD_GEN(sysClk, 115200);
+#endif
     ANSELBCLR = 0x4000;
     ANSELGCLR = 0x0040;
     RPB14R = 0x02;
     U2RXR = 0x01;
     U2MODE = 0x8000;
     U2STA = 0x400;
-#elif defined __PIC32MX__
-    SYSTEMConfigPerformance(80000000);
-    DBINIT();
 #endif
- 
 #endif
+    (void)sysClk;
 }

mplabx/README

@@ -14,8 +14,8 @@ Included Project Files
 
 1. wolfSSL library (wolfssl.X)
 
-    This project builds a static wolfSSL library. Prior to building this
-    project, uncomment the MICROCHIP_PIC32 define located in:
+    This project builds a static wolfSSL library. The settings for this project
+    are in `user_settings.h`:
 
     <wolfssl_root>/wolfssl/wolfcrypt/settings.h
 
@@ -39,9 +39,10 @@ Included Project Files
 PIC32MX/PIC32MZ
 ---------------
 
-The projects are set for PIC32MX by default. For PIC32MZ, change project
-properties->Devices and add "WOLFSSL_MICROCHIP_PIC32MZ" to
-XC32-gcc->Preprocessing and messages-> Preprocessor macros.
+The projects are set for PIC32MZ by default. For PIC32MX, comment out the
+`WOLFSSL_MICROCHIP_PIC32MZ` line in `user_settings.h`.
+
+You also need to adjust the microcontroller device in the project properties.
 
 
 MIPS16 and MIPS32 Support
@@ -51,6 +52,14 @@ These projects support both MIPS16 and MIPS32 instruction sets. Switching
 between these two instruction sets can be done in each project's properties
 settings by checking the "Generate 16-bit code" checkbox.
 
+
+Legacy Peripheral Libraries
+___________________________
+
+If you get a linker error locating `ReadCoreTimer` and `WriteCoreTimer` you
+can enable wrappers in benchmark_main.c and test_main.c.
+
+
 Support
 -------
 Please send questions or comments to support@wolfssl.com

mplabx/benchmark_main.c

@@ -24,114 +24,55 @@
 #endif
 
 #include <wolfssl/wolfcrypt/settings.h>
+#include <wolfcrypt/benchmark/benchmark.h>
 
 #if defined(WOLFSSL_MICROCHIP_PIC32MZ)
     #define MICROCHIP_PIC32
-    #include <xc.h>
-    #pragma config ICESEL = ICS_PGx2
-            /* ICE/ICD Comm Channel Select (Communicate on PGEC2/PGED2) */
     #include <stdio.h>
     #include <stdlib.h>
     #include "PIC32MZ-serial.h"
-    #define  SYSTEMConfigPerformance /* void out SYSTEMConfigPerformance(); */
+    #include <xc.h>
+    #define SYSTEMConfigPerformance(a) /* void out SYSTEMConfigPerformance(); */
+    #define SYS_CLK 200000000
 #else
     #define PIC32_STARTER_KIT
-    #include <p32xxxx.h>
+    #define _SUPPRESS_PLIB_WARNING
+    #define _DISABLE_OPENADC10_CONFIGPORT_WARNING
     #include <plib.h>
     #include <sys/appio.h>
     #define init_serial() /* void out init_serial() ; */
+    #define SYS_CLK 80000000
 #endif
 
-void bench_des(void);
-void bench_arc4(void);
-void bench_hc128(void);
-void bench_rabbit(void);
-void bench_aes(int);
-void bench_aesgcm(void);
-
-void bench_md5(void);
-void bench_sha(void);
-void bench_sha256(void);
-void bench_sha512(void);
-void bench_ripemd(void);
-
-void bench_rsa(void);
-void bench_rsaKeyGen(void);
-void bench_dh(void);
-#ifdef HAVE_ECC
-void bench_eccKeyGen(void);
-void bench_eccKeyAgree(void);
+#if 1
+/* enable this if ReadCoreTimer and WriteCoreTimer are missing */
+unsigned int ReadCoreTimer(void)
+{
+    unsigned int timer;
+    timer = __builtin_mfc0(9, 0);
+    return timer;
+}
+void WriteCoreTimer(unsigned int t)
+{
+    /* do nothing here */
+    (void)t;
+}
 #endif
 
 /*
  * Main driver for wolfCrypt benchmarks.
  */
-int main(int argc, char** argv) {
-    volatile int i ;
-    int j ;
-
-    PRECONbits.PFMWS = 2;
-    PRECONbits.PREFEN = 0b11;
-
-    init_serial() ;  /* initialize PIC32MZ serial I/O */
-    SYSTEMConfigPerformance(80000000);
+int main(int argc, char** argv)
+{
+    SYSTEMConfigPerformance(SYS_CLK);
     DBINIT();
+    
+    init_serial(SYS_CLK) ;  /* initialize PIC32MZ serial I/O */
+    
     printf("wolfCrypt Benchmark:\n");
 
-#ifndef NO_AES
-    bench_aes(0);
-    bench_aes(1);
-#endif
-#ifdef HAVE_AESGCM
-    bench_aesgcm();
-#endif
-#ifndef NO_RC4
-    bench_arc4();
-#endif
-#ifdef HAVE_HC128
-    bench_hc128();
-#endif
-#ifndef NO_RABBIT
-    bench_rabbit();
-#endif
-#ifndef NO_DES3
-    bench_des();
-#endif
+    benchmark_test(NULL);
 
-    printf("\n");
-
-#ifndef NO_MD5
-    bench_md5();
-#endif
-    bench_sha();
-#ifndef NO_SHA256
-    bench_sha256();
-#endif
-#ifdef WOLFSSL_SHA512
-    bench_sha512();
-#endif
-#ifdef CYASSL_RIPEMD
-    bench_ripemd();
-#endif
-
-    printf("\n");
-
-#ifndef NO_RSA
-    bench_rsa();
-#endif
-
-#ifndef NO_DH
-    bench_dh();
-#endif
-
-#if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA)
-    bench_rsaKeyGen();
-#endif
-
-#ifdef HAVE_ECC
-    bench_eccKeyGen();
-    bench_eccKeyAgree();
-#endif
     printf("End of wolfCrypt Benchmark:\n");
     return 0;
 }

mplabx/include.am

@@ -3,8 +3,8 @@
 #
 
 EXTRA_DIST += \
-         mplabx/PIC32MZ-serial.h \
 		 mplabx/README \
 		 mplabx/benchmark_main.c \
-		 mplabx/test_main.c
-
+		 mplabx/test_main.c \
+         mplabx/PIC32MZ-serial.h \
+         mplabx/user_settings.h

mplabx/test_main.c

@@ -25,24 +25,27 @@
 #endif
 
 #include <wolfssl/wolfcrypt/settings.h>
+#include <wolfcrypt/test/test.h>
 
 #if defined(WOLFSSL_MICROCHIP_PIC32MZ)
     #define MICROCHIP_PIC32
-    #include <xc.h>
-    #pragma config ICESEL = ICS_PGx2
-            /* ICE/ICD Comm Channel Select (Communicate on PGEC2/PGED2) */
     #include <stdio.h>
     #include <stdlib.h>
     #include "PIC32MZ-serial.h"
-    #define  SYSTEMConfigPerformance /* void out SYSTEMConfigPerformance(); */
+    #include <xc.h>
+    #define SYSTEMConfigPerformance(a) /* void out SYSTEMConfigPerformance(); */
+    #define SYS_CLK 200000000
 #else
     #define PIC32_STARTER_KIT
     #include <stdio.h>
     #include <stdlib.h>
     #include <p32xxxx.h>
+    #define _SUPPRESS_PLIB_WARNING
+    #define _DISABLE_OPENADC10_CONFIGPORT_WARNING
     #include <plib.h>
     #include <sys/appio.h>
     #define init_serial()  /* void out init_serial() */
+    #define SYS_CLK 80000000
 #endif
 
 /* func_args from test.h, so don't have to pull in other junk */
@@ -52,17 +55,35 @@ typedef struct func_args {
     int    return_code;
 } func_args;
 
+
+#if 1
+/* enable this if ReadCoreTimer and WriteCoreTimer are missing */
+unsigned int ReadCoreTimer(void)
+{
+    unsigned int timer;
+    timer = __builtin_mfc0(9, 0);
+    return timer;
+}
+void WriteCoreTimer(unsigned int t)
+{
+    /* do nothing here */
+    (void)t;
+}
+#endif
+
 /*
  * Main driver for WolfCrypt tests.
  */
-int main(int argc, char** argv) {
-    int i ;
-
-    init_serial() ;  /* initialize PIC32MZ serial I/O */
-    SYSTEMConfigPerformance(80000000);
-    DBINIT();
-    printf("WolfCrypt Test:\n");
+int main(int argc, char** argv)
+{
     func_args args;
+    
+    SYSTEMConfigPerformance(SYS_CLK);
+    DBINIT();
+    
+    init_serial(SYS_CLK) ;  /* initialize PIC32MZ serial I/O */
+    
+    printf("WolfCrypt Test:\n");
 
     args.argc = argc;
     args.argv = argv;
@@ -72,7 +93,7 @@ int main(int argc, char** argv) {
     if (args.return_code == 0) {
         printf("All tests passed!\n");
     }
-    
+
     return 0;
 }
 

mplabx/user_settings.h

@@ -0,0 +1,386 @@
+/* Example custom user settings for wolfSSL */
+
+#ifndef WOLFSSL_USER_SETTINGS_H
+#define WOLFSSL_USER_SETTINGS_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <stddef.h> /* for size_t */
+
+
+/* ------------------------------------------------------------------------- */
+/* Platform */
+/* ------------------------------------------------------------------------- */
+#undef  WOLFSSL_GENERAL_ALIGNMENT
+#define WOLFSSL_GENERAL_ALIGNMENT   4
+
+#undef  SINGLE_THREADED
+#define SINGLE_THREADED
+
+#undef  WOLFSSL_SMALL_STACK
+#define WOLFSSL_SMALL_STACK
+
+#undef  MICROCHIP_PIC32
+#define MICROCHIP_PIC32
+
+#undef  WOLFSSL_MICROCHIP_PIC32MZ
+#define WOLFSSL_MICROCHIP_PIC32MZ
+
+
+/* ------------------------------------------------------------------------- */
+/* Math Configuration */
+/* ------------------------------------------------------------------------- */
+#undef  USE_FAST_MATH
+#define USE_FAST_MATH
+
+#ifdef USE_FAST_MATH
+    #undef  TFM_TIMING_RESISTANT
+    #define TFM_TIMING_RESISTANT
+
+    /* Optimizations */
+    //#define TFM_MIPS
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Crypto */
+/* ------------------------------------------------------------------------- */
+/* ECC */
+#if 1
+    #undef  HAVE_ECC
+    #define HAVE_ECC
+
+    /* Manually define enabled curves */
+    #undef  ECC_USER_CURVES
+    #define ECC_USER_CURVES
+
+    //#define HAVE_ECC192
+    //#define HAVE_ECC224
+    #undef NO_ECC256
+    //#define HAVE_ECC384
+    //#define HAVE_ECC521
+
+    /* Fixed point cache (speeds repeated operations against same private key) */
+    #undef  FP_ECC
+    //#define FP_ECC
+    #ifdef FP_ECC
+        /* Bits / Entries */
+        #undef  FP_ENTRIES
+        #define FP_ENTRIES  2
+        #undef  FP_LUT
+        #define FP_LUT      4
+    #endif
+
+    /* Optional ECC calculation method */
+    /* Note: doubles heap usage, but slightly faster */
+    #undef  ECC_SHAMIR
+    #define ECC_SHAMIR
+
+    /* Reduces heap usage, but slower */
+    #undef  ECC_TIMING_RESISTANT
+    #define ECC_TIMING_RESISTANT
+
+    #ifdef USE_FAST_MATH
+        /* use reduced size math buffers for ecc points */
+        #undef  ALT_ECC_SIZE
+        #define ALT_ECC_SIZE
+
+        /* Enable TFM optimizations for ECC */
+        #if defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES)
+            #define TFM_ECC192
+        #endif
+        #if defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES)
+            #define TFM_ECC224
+        #endif
+        #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)
+            #define TFM_ECC256
+        #endif
+        #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)
+            #define TFM_ECC384
+        #endif
+        #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)
+            #define TFM_ECC521
+        #endif
+    #endif
+#endif
+
+/* RSA */
+#undef NO_RSA
+#if 1
+    #ifdef USE_FAST_MATH
+        /* Maximum math bits (Max RSA key bits * 2) */
+        #undef  FP_MAX_BITS
+        #define FP_MAX_BITS     2048
+    #endif
+
+    /* half as much memory but twice as slow */
+    #undef  RSA_LOW_MEM
+    //#define RSA_LOW_MEM
+    
+    /* timing resistance */
+    #undef  WC_RSA_BLINDING
+    #define WC_RSA_BLINDING
+#else
+    #define NO_RSA
+#endif
+
+/* AES */
+#undef NO_AES
+#if 1
+    #undef  HAVE_AES_DECRYPT
+    #define HAVE_AES_DECRYPT
+
+    #undef  HAVE_AESGCM
+    #define HAVE_AESGCM
+
+    /* GCM Method: GCM_SMALL, GCM_WORD32 or GCM_TABLE */
+    #undef  GCM_SMALL
+    #define GCM_SMALL
+
+    #undef  HAVE_AESCCM
+    #define HAVE_AESCCM
+
+    #undef  WOLFSSL_AES_COUNTER
+    #define WOLFSSL_AES_COUNTER
+
+    #undef  WOLFSSL_AES_DIRECT
+    #define WOLFSSL_AES_DIRECT
+#else
+    #define NO_AES
+#endif
+
+/* DES3 */
+#undef NO_DES3
+#if 1
+    #undef  WOLFSSL_DES_ECB
+    #define WOLFSSL_DES_ECB
+#else
+    #define NO_DES3
+#endif
+
+
+/* ChaCha20 / Poly1305 */
+#undef HAVE_CHACHA
+#undef HAVE_POLY1305
+#if 0
+    #define HAVE_CHACHA
+    #define HAVE_POLY1305
+
+    /* Needed for Poly1305 */
+    #undef  HAVE_ONE_TIME_AUTH
+    #define HAVE_ONE_TIME_AUTH
+#endif
+
+/* Ed25519 / Curve25519 */
+#undef HAVE_CURVE25519
+#undef HAVE_ED25519
+#if 0
+    #define HAVE_CURVE25519
+    #define HAVE_ED25519
+
+    /* Optionally use small math (less flash usage, but much slower) */
+    #if 0
+        #define CURVED25519_SMALL
+    #endif
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Hashing */
+/* ------------------------------------------------------------------------- */
+/* Sha */
+#undef NO_SHA
+#if 1
+    /* 1k smaller, but 25% slower */
+    //#define USE_SLOW_SHA
+#else
+    #define NO_SHA
+#endif
+
+/* Sha256 */
+#undef NO_SHA256
+#if 1
+#else
+    #define NO_SHA256
+#endif
+
+/* Sha512 */
+#undef WOLFSSL_SHA512
+#if 1
+    #define WOLFSSL_SHA512
+
+    /* Sha384 */
+    #undef  WOLFSSL_SHA384
+    #if 1
+        #define WOLFSSL_SHA384
+    #endif
+
+    /* over twice as small, but 50% slower */
+    //#define USE_SLOW_SHA2
+#endif
+
+/* MD5 */
+#undef  NO_MD5
+#if 1
+#else
+    #define NO_MD5
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Benchmark / Test */
+/* ------------------------------------------------------------------------- */
+/* Use reduced benchmark / test sizes */
+#undef  BENCH_EMBEDDED
+#define BENCH_EMBEDDED
+
+#undef  USE_CERT_BUFFERS_2048
+//#define USE_CERT_BUFFERS_2048
+
+#undef  USE_CERT_BUFFERS_1024
+#define USE_CERT_BUFFERS_1024
+
+#undef  USE_CERT_BUFFERS_256
+#define USE_CERT_BUFFERS_256
+
+
+/* ------------------------------------------------------------------------- */
+/* Time */
+/* ------------------------------------------------------------------------- */
+#if 0
+    /* Override Current Time */
+    /* Allows custom "custom_time()" function to be used for benchmark */
+    #define WOLFSSL_USER_CURRTIME
+    #define USER_TICKS
+    extern unsigned long custom_time(unsigned long* timer);
+    #define XTIME custom_time
+#else
+    #warning Time/RTC disabled
+    #undef  NO_ASN_TIME
+    #define NO_ASN_TIME
+#endif
+
+/* ------------------------------------------------------------------------- */
+/* Debugging */
+/* ------------------------------------------------------------------------- */
+#undef  DEBUG_WOLFSSL
+#define DEBUG_WOLFSSL
+
+#ifdef DEBUG_WOLFSSL
+    /* Use this to measure / print heap usage */
+    #if 0
+        #undef  USE_WOLFSSL_MEMORY
+        #define USE_WOLFSSL_MEMORY
+        #undef  WOLFSSL_TRACK_MEMORY
+        #define WOLFSSL_TRACK_MEMORY
+    #endif
+#else
+    #undef  NO_WOLFSSL_MEMORY
+    #define NO_WOLFSSL_MEMORY
+
+    #undef  NO_ERROR_STRINGS
+    //#define NO_ERROR_STRINGS
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Enable Features */
+/* ------------------------------------------------------------------------- */
+#undef  KEEP_PEER_CERT
+//#define KEEP_PEER_CERT
+
+#undef  HAVE_COMP_KEY
+//#define HAVE_COMP_KEY
+
+#undef  HAVE_TLS_EXTENSIONS
+//#define HAVE_TLS_EXTENSIONS
+
+#undef  HAVE_SUPPORTED_CURVES
+//#define HAVE_SUPPORTED_CURVES
+
+#undef  WOLFSSL_BASE64_ENCODE
+//#define WOLFSSL_BASE64_ENCODE
+
+/* TLS Session Cache */
+#if 0
+    #define SMALL_SESSION_CACHE
+#else
+    #define NO_SESSION_CACHE
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Disable Features */
+/* ------------------------------------------------------------------------- */
+#undef  NO_WOLFSSL_SERVER
+//#define NO_WOLFSSL_SERVER
+
+#undef  NO_WOLFSSL_CLIENT
+//#define NO_WOLFSSL_CLIENT
+
+#undef  NO_CRYPT_TEST
+//#define NO_CRYPT_TEST
+
+#undef  NO_CRYPT_BENCHMARK
+//#define NO_CRYPT_BENCHMARK
+
+/* In-lining of misc.c functions */
+/* If defined, must include wolfcrypt/src/misc.c in build */
+/* Slower, but about 1k smaller */
+#undef  NO_INLINE
+//#define NO_INLINE
+
+#undef  NO_FILESYSTEM
+#define NO_FILESYSTEM
+
+#undef  NO_WRITEV
+#define NO_WRITEV
+
+#undef  NO_MAIN_DRIVER
+#define NO_MAIN_DRIVER
+
+#undef  NO_DEV_RANDOM
+#define NO_DEV_RANDOM
+
+#undef  NO_DSA
+#define NO_DSA
+
+#undef  NO_DH
+#define NO_DH
+
+#undef  NO_RC4
+#define NO_RC4
+
+#undef  NO_OLD_TLS
+#define NO_OLD_TLS
+
+#undef  NO_HC128
+#define NO_HC128
+
+#undef  NO_RABBIT
+#define NO_RABBIT
+
+#undef  NO_PSK
+#define NO_PSK
+
+#undef  NO_MD4
+#define NO_MD4
+
+#undef  NO_PWDBASED
+#define NO_PWDBASED
+
+#undef  NO_CODING
+//#define NO_CODING
+
+
+/* Suppress array-bounds */
+#pragma GCC diagnostic ignored "-Warray-bounds"
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* WOLFSSL_USER_SETTINGS_H */

mplabx/wolfcrypt_benchmark.X/nbproject/configurations.xml

@@ -4,6 +4,7 @@
     <logicalFolder name="HeaderFiles"
                    displayName="Header Files"
                    projectFiles="true">
+      <itemPath>../user_settings.h</itemPath>
     </logicalFolder>
     <logicalFolder name="LinkerScript"
                    displayName="Linker Files"
@@ -84,17 +85,16 @@
         <property key="enable-symbols" value="true"/>
         <property key="enable-unroll-loops" value="false"/>
         <property key="exclude-floating-point" value="false"/>
-        <property key="extra-include-directories" value="../../"/>
+        <property key="extra-include-directories" value="../../;../"/>
         <property key="generate-16-bit-code" value="false"/>
         <property key="generate-micro-compressed-code" value="false"/>
         <property key="isolate-each-function" value="false"/>
         <property key="make-warnings-into-errors" value="false"/>
-        <property key="optimization-level" value="-O1"/>
+        <property key="optimization-level" value="-O3"/>
         <property key="place-data-into-section" value="false"/>
         <property key="post-instruction-scheduling" value="default"/>
         <property key="pre-instruction-scheduling" value="default"/>
-        <property key="preprocessor-macros"
-                  value="NO_MAIN_DRIVER;USE_CERT_BUFFERS_1024;BENCH_EMBEDDED;HAVE_ECC;WOLFSSL_SHA512"/>
+        <property key="preprocessor-macros" value="WOLFSSL_USER_SETTINGS"/>
         <property key="strict-ansi" value="false"/>
         <property key="support-ansi" value="false"/>
         <property key="use-cci" value="false"/>

mplabx/wolfcrypt_benchmark.X/nbproject/project.xml

@@ -8,7 +8,7 @@
             <make-project-type>0</make-project-type>
             <c-extensions>c</c-extensions>
             <cpp-extensions/>
-            <header-extensions/>
+            <header-extensions>h</header-extensions>
             <sourceEncoding>ISO-8859-1</sourceEncoding>
             <asminc-extensions/>
             <make-dep-projects>