Fix for async wolfCrypt test with AES GCM.

PKCS #11 id RSA - TLS don't convert length a la ecc

.gitignore

@@ -156,6 +156,7 @@ pkcs7signedData_RSA_SHA256.der
 pkcs7signedData_RSA_SHA256_firmwarePkgData.der
 pkcs7signedData_RSA_SHA256_SKID.der
 pkcs7signedData_RSA_SHA256_with_ca_cert.der
+pkcs7signedData_RSA_SHA256_detachedSig.der
 pkcs7signedData_RSA_SHA384.der
 pkcs7signedData_RSA_SHA512.der
 pkcs7signedData_RSA_SHA.der
@@ -312,3 +313,8 @@ wolfcrypt/src/port/intel/qat_test
 # Arduino Generated Files
 /IDE/ARDUINO/wolfSSL
 scripts/memtest.txt
+
+# Doxygen generated files
+doc/doxygen_warnings
+doc/html
+doc/pdf

ChangeLog.md

@@ -1,3 +1,41 @@
+# wolfSSL Release 3.15.7 (12/26/2018)
+
+Release 3.15.7 of wolfSSL embedded TLS has bug fixes and new features including:
+
+* Support for Espressif ESP-IDF development framework
+* Fix for XCode build with iPhone simulator on i386
+* PKCS7 support for generating and verify bundles using a detached signature
+* Fix for build disabling AES-CBC and enabling opensslextra compatibility layer
+* Updates to sniffer for showing session information and handling split messages across records
+* Port update for Micrium uC/OS-III
+* Feature to adjust max fragment size post handshake when compiled with the macro WOLFSSL_ALLOW_MAX_FRAGMENT_ADJUST
+* Adding the macro NO_MULTIBYTE_PRINT for compiling out special characters that embedded devices may have problems with
+* Updates for Doxygen documentation, including PKCS #11 API and more
+* Adding Intel QuickAssist v1.7 driver support for asynchronous crypto
+* Adding Intel QuickAssist RSA key generation and SHA-3 support
+* RSA verify only (--enable-rsavfy) and RSA public only (--enable-rsapub) builds added
+* Enhancements to test cases for increased code coverage
+* Updates to VxWorks port for use with Mongoose, including updates to the OpenSSL compatibility layer
+* Yocto Project ease of use improvements along with many updates and build instructions added to the INSTALL file
+* Maximum ticket nonce size was increased to 8
+* Updating --enable-armasm build for ease of use with autotools
+* Updates to internal code checking TLS 1.3 version with a connection
+* Removing unnecessary extended master secret from ServerHello if using TLS 1.3
+* Fix for TLS v1.3 HelloRetryRequest to be sent immediately and not grouped
+
+
+
+This release of wolfSSL includes a fix for 1 security vulnerability.
+
+Medium level fix for potential cache attack with a variant of Bleichenbacher’s attack. Earlier versions of wolfSSL leaked PKCS #1 v1.5 padding information during private key decryption that could lead to a potential padding oracle attack. It is recommended that users update to the latest version of wolfSSL if they have RSA cipher suites enabled and have the potential for malicious software to be ran on the same system that is performing RSA operations. Users that have only ECC cipher suites enabled and are not performing RSA PKCS #1 v1.5 Decryption operations are not vulnerable. Also users with TLS 1.3 only connections are not vulnerable to this attack. Thanks to Eyal Ronen (Weizmann Institute), Robert Gillham (University of Adelaide), Daniel Genkin (University of Michigan), Adi Shamir (Weizmann Institute), David Wong (NCC Group), and Yuval Yarom (University of Adelaide and Data61) for the report.
+
+The paper for further reading on the attack details can be found at http://cat.eyalro.net/cat.pdf.
+
+
+See INSTALL file for build instructions.
+More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html
+
+
 # wolfSSL Release 3.15.5 (11/07/2018)
 
 Release 3.15.5 of wolfSSL embedded TLS has bug fixes and new features including:

IDE/ARDUINO/README.md

@@ -16,11 +16,13 @@ wolfssl/IDE/ARDUINO directory:
 Step 2: Edit `<wolfssl-root>/IDE/ARDUINO/wolfSSL/wolfssl/wolfcrypt/settings.h` uncomment the define for `WOLFSSL_ARDUINO`
 If building for Intel Galileo platform also uncomment the define for `INTEL_GALILEO`.
 
-#####Including wolfSSL in Arduino Libraries (for Arduino version 1.6.6)
+##### Including wolfSSL in Arduino Libraries (for Arduino version 1.6.6)
 
 1. In the Arduino IDE:
     - In `Sketch -> Include Library -> Add .ZIP Library...` and choose the
         `IDE/ARDUNIO/wolfSSL` folder.
     - In `Sketch -> Include Library` choose wolfSSL.
 
-An example wolfSSL client INO sketch exists here: `sketches/wolfssl_client/wolfssl_client.ino`
+2. Open an example Arduino sketch for wolfSSL:
+	- wolfSSL Client INO sketch: `sketches/wolfssl_client/wolfssl_client.ino`
+	- wolfSSL Server INO sketch: `sketches/wolfssl_server/wolfssl_server.ino`

IDE/ARDUINO/include.am

@@ -4,5 +4,5 @@
 
 EXTRA_DIST+= IDE/ARDUINO/README.md
 EXTRA_DIST+= IDE/ARDUINO/sketches/wolfssl_client/wolfssl_client.ino
+EXTRA_DIST+= IDE/ARDUINO/sketches/wolfssl_server/wolfssl_server.ino
 EXTRA_DIST+= IDE/ARDUINO/wolfssl-arduino.sh
-

IDE/ARDUINO/sketches/wolfssl_client/wolfssl_client.ino

@@ -25,7 +25,7 @@
 #include <Ethernet.h>
 
 const char host[] = "192.168.1.148"; // server to connect to
-int port = 11111; // port on server to connect to
+const int port = 11111; // port on server to connect to
 
 int EthernetSend(WOLFSSL* ssl, char* msg, int sz, void* ctx);
 int EthernetReceive(WOLFSSL* ssl, char* reply, int sz, void* ctx);
@@ -33,11 +33,12 @@ int reconnect = 10;
 
 EthernetClient client;
 
-WOLFSSL_CTX* ctx = 0;
-WOLFSSL* ssl = 0;
-WOLFSSL_METHOD* method = 0;
+WOLFSSL_CTX* ctx = NULL;
+WOLFSSL* ssl = NULL;
 
 void setup() {
+  WOLFSSL_METHOD* method;
+
   Serial.begin(9600);
 
   method = wolfTLSv1_2_client_method();
@@ -79,65 +80,76 @@ int EthernetReceive(WOLFSSL* ssl, char* reply, int sz, void* ctx) {
 void loop() {
   int err            = 0;
   int input          = 0;
-  int sent           = 0;
   int total_input    = 0;
   char msg[32]       = "hello wolfssl!";
   int msgSz          = (int)strlen(msg);
   char errBuf[80];
   char reply[80];
-  WOLFSSL_CIPHER* cipher;
+  const char* cipherName;
     
   if (reconnect) {
     reconnect--;
+    
     if (client.connect(host, port)) {
 
       Serial.print("Connected to ");
       Serial.println(host);
+
       ssl = wolfSSL_new(ctx);
       if (ssl == NULL) {
+        Serial.println("Unable to allocate SSL object");
+        return;
+      }
+
+      err = wolfSSL_connect(ssl);
+      if (err != WOLFSSL_SUCCESS) {
         err = wolfSSL_get_error(ssl, 0);
         wolfSSL_ERR_error_string(err, errBuf);
-        Serial.print("Unable to get SSL object. Error = ");
+        Serial.print("TLS Connect Error: ");
         Serial.println(errBuf);
       }
-      
+
       Serial.print("SSL version is ");
       Serial.println(wolfSSL_get_version(ssl));
       
-
-      
-      if ((wolfSSL_write(ssl, msg, strlen(msg))) == msgSz) {
-      cipher = wolfSSL_get_current_cipher(ssl);
+      cipherName = wolfSSL_get_cipher(ssl);
       Serial.print("SSL cipher suite is ");
-      Serial.println(wolfSSL_CIPHER_get_name(cipher));                
+      Serial.println(cipherName);
+
+      if ((wolfSSL_write(ssl, msg, msgSz)) == msgSz) {
+        
         Serial.print("Server response: ");
         while (client.available() || wolfSSL_pending(ssl)) {
           input = wolfSSL_read(ssl, reply, sizeof(reply) - 1);
           total_input += input;
-          if ( input > 0 ) {
-            reply[input] = '\0';
-            Serial.print(reply);
-          } else if (input < 0) {
+          if (input < 0) {
             err = wolfSSL_get_error(ssl, 0);
             wolfSSL_ERR_error_string(err, errBuf);
-            Serial.print("wolfSSL_read failed. Error: ");
+            Serial.print("TLS Read Error: ");
             Serial.println(errBuf);
+            break;
+          } else if (input > 0) {
+            reply[input] = '\0';
+            Serial.print(reply);
           } else {
             Serial.println();
           }
         } 
       } else {
-        Serial.println("SSL_write failed");
+        err = wolfSSL_get_error(ssl, 0);
+        wolfSSL_ERR_error_string(err, errBuf);
+        Serial.print("TLS Write Error: ");
+        Serial.println(errBuf);
       }
       
-      if (ssl != NULL) 
-        wolfSSL_free(ssl);
+      wolfSSL_shutdown(ssl);
+      wolfSSL_free(ssl);
 
       client.stop();
       Serial.println("Connection complete.");
       reconnect = 0;
     } else {
-      Serial.println("Trying to reconnect...");       
+      Serial.println("Trying to reconnect...");
     }
   }
   delay(1000);

IDE/ARDUINO/sketches/wolfssl_server/wolfssl_server.ino

@@ -0,0 +1,176 @@
+/* wolfssl_server.ino
+ *
+ * Copyright (C) 2006-2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+#include <wolfssl.h>
+#include <wolfssl/ssl.h>
+#include <Ethernet.h>
+
+#define USE_CERT_BUFFERS_256
+#include <wolfssl/certs_test.h>
+
+#ifdef NO_WOLFSSL_SERVER
+  #error Please undefine NO_WOLFSSL_SERVER for this example
+#endif
+
+const int port = 11111; // port to listen on
+
+int EthernetSend(WOLFSSL* ssl, char* msg, int sz, void* ctx);
+int EthernetReceive(WOLFSSL* ssl, char* reply, int sz, void* ctx);
+
+EthernetServer server(port);
+EthernetClient client;
+
+WOLFSSL_CTX* ctx = NULL;
+WOLFSSL* ssl = NULL;
+
+void setup() {
+  int err;
+  WOLFSSL_METHOD* method;
+
+  Serial.begin(9600);
+
+  method = wolfTLSv1_2_server_method();
+  if (method == NULL) {
+    Serial.println("unable to get method");
+    return;
+  }
+  ctx = wolfSSL_CTX_new(method);
+  if (ctx == NULL) {
+    Serial.println("unable to get ctx");
+    return;
+  }
+
+  // initialize wolfSSL using callback functions
+  wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
+  wolfSSL_SetIOSend(ctx, EthernetSend);
+  wolfSSL_SetIORecv(ctx, EthernetReceive);
+
+  // setup the private key and certificate
+  err = wolfSSL_CTX_use_PrivateKey_buffer(ctx, ecc_key_der_256, 
+    sizeof_ecc_key_der_256, WOLFSSL_FILETYPE_ASN1);
+  if (err != WOLFSSL_SUCCESS) {
+    Serial.println("error setting key");
+    return;
+  }
+  err = wolfSSL_CTX_use_certificate_buffer(ctx, serv_ecc_der_256, 
+    sizeof_serv_ecc_der_256, WOLFSSL_FILETYPE_ASN1);
+  if (err != WOLFSSL_SUCCESS) {
+    Serial.println("error setting certificate");
+    return;
+  }
+
+  // Start the server
+  server.begin();
+  
+  return;
+}
+
+int EthernetSend(WOLFSSL* ssl, char* msg, int sz, void* ctx) {
+  int sent = 0;
+
+  sent = client.write((byte*)msg, sz);
+
+  return sent;
+}
+
+int EthernetReceive(WOLFSSL* ssl, char* reply, int sz, void* ctx) {
+  int ret = 0;
+
+  while (client.available() > 0 && ret < sz) {
+    reply[ret++] = client.read();
+  }
+
+  return ret;
+}
+
+void loop() {
+  int err = 0;
+  int input = 0;
+  char errBuf[80];
+  char reply[80];
+  int replySz = 0;
+  const char* cipherName;
+
+  // Listen for incoming client requests.
+  client = server.available();
+  if (!client) {
+    return;
+  }
+
+  if (client.connected()) {
+
+    Serial.println("Client connected");
+
+    ssl = wolfSSL_new(ctx);
+    if (ssl == NULL) {
+      Serial.println("Unable to allocate SSL object");
+      return;
+    }
+
+    err = wolfSSL_accept(ssl);
+    if (err != WOLFSSL_SUCCESS) {
+      err = wolfSSL_get_error(ssl, 0);
+      wolfSSL_ERR_error_string(err, errBuf);
+      Serial.print("TLS Accept Error: ");
+      Serial.println(errBuf);
+    }
+
+    Serial.print("SSL version is ");
+    Serial.println(wolfSSL_get_version(ssl));
+    
+    cipherName = wolfSSL_get_cipher(ssl);
+    Serial.print("SSL cipher suite is ");
+    Serial.println(cipherName);
+
+    Serial.print("Server Read: ");
+    while (client.available() || wolfSSL_pending(ssl)) {
+      input = wolfSSL_read(ssl, reply, sizeof(reply) - 1);
+      if (input < 0) {
+        err = wolfSSL_get_error(ssl, 0);
+        wolfSSL_ERR_error_string(err, errBuf);
+        Serial.print("TLS Read Error: ");
+        Serial.println(errBuf);
+        break;
+      } else if (input > 0) {
+        replySz = input;
+        reply[input] = '\0';
+        Serial.print(reply);
+      } else {
+        Serial.println();
+      }
+    }
+
+    // echo data
+    if ((wolfSSL_write(ssl, reply, replySz)) != replySz) {
+      err = wolfSSL_get_error(ssl, 0);
+      wolfSSL_ERR_error_string(err, errBuf);
+      Serial.print("TLS Write Error: ");
+      Serial.println(errBuf);
+    }
+    
+    wolfSSL_shutdown(ssl);
+    wolfSSL_free(ssl);
+  }
+
+  client.stop();
+  Serial.println("Connection complete");
+}

IDE/ECLIPSE/DEOS/README.md

@@ -0,0 +1,225 @@
+
+
+# Deos Port
+## Overview
+You can enable the wolfSSL support for Deos RTOS available [here](https://www.ddci.com/products_deos_do_178c_arinc_653/) using the `#define WOLFSSL_DEOS`.
+Deos is a time & space partitioned, multi-core enabled, DO-178C DAL A certifiable RTOS.
+## Usage
+
+You can start with your OpenArbor IDE-based example project for Deos with the network stack (lwip) to integrate wolfSSL source code.
+
+wolfSSL supports a compile-time user configurable options in the `IDE/ECLIPSE/DEOS/user_settings.h` file.
+
+The `tls_wolfssl.c` example application provides a simple function to run the selected examples at compile time through the following four #defines in user_settings.h. You can undefine any of these macro options to run a test.
+```
+       1. #undef NO_CRYPT_TEST
+       2. #undef NO_CRYPT_BENCHMARK
+       3. #undef NO_WOLFSSL_CLIENT
+       4. #undef NO_WOLFSSL_SERVER
+```
+Do one of the following steps for building and running wolfSSL with the Deos kernel examples, which are included in the DDS release:
+If you want to create a project from scratch, skip the Importing the project section and follow the steps in the other sections.
+
+If you want to use an pre-configured example project, go to the Importing the project section, skip the other sections and follow the Building and Running section.
+
+#### Importing the project
+In this section you will import a pre-configured example project.
+1. Launch the OpenArbor IDE as an administrator
+2. In the Workspace Launcher dialog, in the Workspace field, enter your
+workspace
+3. Right-click in the Project Explorer view and select Import
+4. In the Import dialog, select General > Existing Projects into Workspace, then click Next.
+5. In the Import Projects dialog, select Select archive file, then browse to `IDE/ECLIPSE/DEOS/` and double-click `deosWolfssl.zip` file
+6. In the Import Projects dialog, click Finish
+
+
+#### Setting up a Deos project with wolfSSL
+ 1. Download the wolfSSL source code or a zip file from GitHub. You can remove all of the files except for these folders and its contents. The top folder for this example is wolfsslPort.
+```
+wolfsslPort
+      |-- IDE
+          | -- ECLIPSE
+               | -- DEOS
+      |-- src
+      |-- wolfcrypt
+          | -- benchmark
+          | -- src
+          | -- test
+      |-- wolfssl
+          |-- openssl
+          |-- wolfcrypt
+              |-- port
+```
+ 2. Remove these two platform specific assembly source files:
+    -   wolfsslPort/wolfcrypt/src/aes_asm.asm
+    -   wolfsslPort/wolfcrypt/src/aes_asm.S
+
+ 3. Launch the OpenArbor IDE as an administrator
+ 4. Create a DDC-I Deos example project. In the main menu, go to File >DDC-I Deos example project > socket > udp-vs-tcp
+ 5. Import the `wolfSSLPort` source code into your project.
+    -   Right-click the ` udp-vs-tcp` project and choose File -> Import.
+    -   Expand the General folder and select File System, then click Next. You should now see the Import File system dialog.
+    -   Browse to the location containing the wolfSSL code and choose OK. Select the `wolfsslPort` folder and check the `Create top-level folder` button, then select Finish. You should see the folder hierarchy the same as wolfSSL folder structures.
+6. Review the configuration in $(PROJECT_DIR)/wolfsslPort/IDE/ECLIPSE/DEOS/user_setting.h
+
+7.  Review the custom malloc/realloc/free configuration $(PROJECT_DIR)/wolfsslPort/IDE/ECLIPSE/DEOS/deos_malloc.c . Memory allocated with malloc() is never freed.
+
+#### Configuring the Deos Project
+ 1. Customize your config/udp-vs-tcp.pd.xml with the following changes:
+```
+<processTemplate
+     mutexQuota = "5"
+   >
+
+   <logicalMemoryPools>
+           pagesNeeded = "500"
+      ></pool>
+   </logicalMemoryPools>
+
+   <threadTemplate
+      stackSizeInPages = "20"
+    ></threadTemplate>
+
+   <mutexTemplates>
+      <mutexTemplate
+           name = "protectWolfSSLTemp"
+           lockTimeInUsec = "40"
+           priority = "fastest"
+      ></mutexTemplate>
+   </mutexTemplates>
+
+</processTemplate>
+```
+Depending on your configuration, wolfSSL uses upto four mutexes. You also need to configure enough memory for the stack of each threads and the process logical memory pool.
+
+
+ 2. Right click on the `udp-vs-tcp` project, select properties and add the following macros in the DDC-I Options > C Compile > Preprocessor
+      -   DEOS_ALLOW_OBSOLETE_DEFINITIONS
+      -   WOLFSSL_USER_SETTINGS
+ 3.  Add the following directory paths in the DDC-I Options > C Compile > Directories and in the DDC-I Options > C++ Compile > Directories
+      -   $(PROJECT_DIR)/wolfsslPort
+      -   $(PROJECT_DIR)/wolfsslPort/wolfssl
+      -   $(PROJECT_DIR)/wolfsslPort/IDE/ECLIPSE/DEOS
+      -   $(PROJECT_DIR.printx)/code
+ 4.  Change the optimization level in the DDC-I Options > C Compile > Code Generation > Optimization level:g
+      -   g
+ 5.  Add the following library dependencies in the DDC-I Options > Deos > Dependencies
+      -   math
+      -   dart
+      -   ansi
+      -   printx
+          - You must add printx into your workspace, File >DDC-I Deos example project > training > printx
+ 6.  Edit $(PROJECT_DIR)/wolfsslPort/IDE/ECLIPSE/DEOS/user_setting.h to customize your configuration. For example, you can undef or define these tests.
+      -   #undef NO_CRYPT_TEST
+      -   #undef NO_CRYPT_BENCHMARK
+      -   #undef NO_WOLFSSL_CLIENT
+      -   #undef NO_WOLFSSL_SERVER
+ 7.  Edit your application source file where main() thread is defined and add the following:
+      -   #include "printx.h"
+      -   #include "tls_wolfssl.h"
+      -   and a call to `wolfsslRunTests()`
+Here's an example:
+```
+#include <deos.h>
+#include <printx.h>
+#include <tls_wolfssl.h>
+#include <user_settings.h>
+
+int main(void)
+{
+  initPrintx("");
+  printf("TLS wolfssl example!\n");
+
+  (void) waitUntilNextPeriod();
+   wolfsslRunTests();
+
+  deleteThread(currentThreadHandle());
+}
+
+```
+ 8.  Review $(PROJECT_DIR)/udp-vs-tcp/mailbox-transport.config configuration.
+```
+transportConfigurationId
+2                              # Client thread quota - for client and server TCP
+2                              # Client connection quota - one for client and one for server
+0                              # Server startup quota
+0                              # Server connection quota
+transportMemoryObject          # Name of memory object used for managing connections
+/
+
+connectionId1                  # TCP client connection
+Network                        # Server process name
+defaultMailbox                 # Server connection request mailbox name
+0                              # Server connection mailbox queue size (unused by Network process)
+userServiceThread              # Server thread template name
+*                              # Error timeout
+1                              # Client connection mailbox queue size
+/
+
+connectionId2                  # TCP connection
+Network                        # Server process name
+defaultMailbox                 # Server connection request mailbox name
+0                              # Server connection mailbox queue size (unused by Network process)
+userServiceThread              # Server thread template name
+*                              # Error timeout
+1                              # Client connection mailbox queue size
+/
+```
+
+   #### Building and Running
+ 1.  Build your project, then load and run your image on a target platform. Review the test results on the console output.
+
+
+### `wolfcrypt_test()`
+wolfcrypt_test() prints a message on the target console similar to the following output:
+```
+error    test passed!
+base64   test passed!
+asn      test passed!
+...
+```
+This example doesn't show the whole output.
+
+### `benchmark_test()`
+benchmark_test() prints a message on the target console similar to the following output.
+
+```
+------------------------------------------------------------------------------
+ wolfSSL version 3.15.5
+------------------------------------------------------------------------------
+wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
+RNG               225 KB tooks 1.026 seconds,  219.313 KB/s
+AES-128-CBC-enc    250 KB toks 1.105 seconds  226.210 KB/s
+AES-128-CBC-dec    225 KB tooks 1.005 seconds,  223.922 KB/s
+...
+```
+This example doesn't show the whole output.
+
+### `wolfssl_client_test()`
+
+You can modify the `TCP_SERVER_IP_ADDR` and `TCP_SERVER_PORT` macros in the `tls_wolfssl.c` file to configure the host address and port. You will also need to define the server certificate. The example client uses the GET request to get a web resource from the server at https://google.com.
+
+### `wolfssl_server_test()`
+
+You can modify the `TLS_SERVER_PORT` in the `tls_wolfssl.c` file to configure the port number to listen on a local-host.
+Once you start the TLS server and `Listening for client connection` displays on the serial console, the server is ready to accept client connections.
+
+You can connect to the server using the wolfssl TLS client example from your Linux or Windows host as follows:
+```
+$ ./examples/client/client.exe -h TLS_SERVER_IP_ADDRESS
+
+The client outputs messages similar to the following:
+
+SSL version is TLSv1.2
+SSL cipher suite is TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+SSL curve name is SECP256R1
+I hear ya fa shizzle!
+```
+
+## References
+
+The test results were collected from the qemu-x86 reference platform target with the following software and tool chains:
+- OpenArbor, eclipse based IDE, toolVersion = "3.31.0"
+- wolfssl [latest version](https://github.com/wolfSSL/wolfssl)
+
+For more information or questions, please email [support@wolfssl.com](mailto:support@wolfssl.com)

IDE/ECLIPSE/DEOS/deos_malloc.c

@@ -0,0 +1,108 @@
+/* deos_malloc.c
+ *
+ * Copyright (C) 2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/ssl.h>
+
+#define ROUND_UP(x, align)  (((int) (x) + (align - 1)) & ~(align - 1))
+#define SIZEOF_HEADER sizeof(size_t)  /* tracks size of allocated block */
+
+#define HEAP_SIZE_MAX   (1*1024*1024)
+
+static size_t allocatedMemory = 0;
+
+size_t getMemAllocatedSize_deos(size_t* size){
+
+    if (size)
+        *size = allocatedMemory;
+
+    return allocatedMemory;
+}
+
+/* Simply returns without freeing any memory. */
+
+void free_deos(void *ptr) {
+    //printf("fake free_deos()\n");
+    return;
+}
+
+void *realloc_deos(void *ptr, size_t size) {
+    void *newptr;
+
+    if (size == 0)
+        return ptr;
+    newptr = malloc_deos(size);
+
+    if (ptr != NULL && newptr != NULL) {
+
+        if ( *((char *)ptr - SIZEOF_HEADER) < *((char *)newptr - SIZEOF_HEADER))
+            size = *((char *)ptr - SIZEOF_HEADER);
+
+        XMEMCPY((char *) newptr, (const char *) ptr, size);
+        free_deos(ptr);
+    }
+
+    return newptr;
+}
+
+void *malloc_deos(size_t size) {
+    PDEOS_SYSTEM_INFO systemInfoPtr;
+    static VirtualAddressTYP heapAddr = NULL;
+    static VirtualAddressTYP freeAddr = NULL;
+    VirtualAddressTYP retAddr = NULL;
+    DWORD allocationSize = 0;
+    static int initialized = 0;
+
+    if (size <= 0)
+        return NULL;
+
+    if (!initialized) {
+        systemInfoPtr = (PDEOS_SYSTEM_INFO)getSystemInfoDEOS();
+        freeAddr = (VirtualAddressTYP)getNextLibraryStartAddress();
+        allocationSize = (((HEAP_SIZE_MAX - 1) / systemInfoPtr->dwPageSize) + 1) *
+                         systemInfoPtr->dwPageSize;
+
+        if (virtualAllocDEOS(freeAddr, allocationSize) != allocSuccess){
+            printf("ERROR: virtualAllocDEOS failed\n");
+            return NULL;
+        }
+
+        setNextLibraryStartAddress(freeAddr + allocationSize);
+        heapAddr = freeAddr;
+
+        initialized = 1;
+    }
+
+    size = ROUND_UP(size, sizeof(size_t));
+
+    if ((size + SIZEOF_HEADER) > (HEAP_SIZE_MAX - (freeAddr - heapAddr))){
+        printf("ERROR: malloc_deos cannot allocate from heap memory anymore\n");
+        return NULL;
+    }
+
+    *freeAddr = size;
+    freeAddr += SIZEOF_HEADER;
+    retAddr = freeAddr;
+    XMEMSET(retAddr, 0, size);
+    freeAddr += size;
+    allocatedMemory += size;
+
+    return retAddr;
+}

IDE/ECLIPSE/DEOS/include.am

@@ -0,0 +1,10 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST += \
+    IDE/ECLIPSE/DEOS/README.md \
+    IDE/ECLIPSE/DEOS/user_settings.h \
+    IDE/ECLIPSE/DEOS/tls_wolfssl.h \
+    IDE/ECLIPSE/DEOS/tls_wolfssl.c \
+    IDE/ECLIPSE/DEOS/deos_malloc.c

IDE/ECLIPSE/DEOS/tls_wolfssl.c

@@ -0,0 +1,599 @@
+/* tls_wolfssl.c
+ *
+ * Copyright (C) 2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/ssl.h>
+#include <wolfcrypt/test/test.h>
+#include <wolfcrypt/benchmark/benchmark.h>
+#include <wolfssl/wolfcrypt/logging.h> /* to use WOLFSSL_MSG */
+#include <tls_wolfssl.h>
+
+
+int setupTransport(clientConnectionHandleType* connectionHandle,
+                   char* connectionId) {
+    int ret, error;
+    void * sendBuffer;
+    DWORD bufferSizeInBytes;
+
+    if ((ret = socketTransportInitialize("mailbox-transport.config",
+                                         "transportConfigurationId",
+                                         (DWORD)waitIndefinitely,&error)) != transportSuccess)
+        printf("Initialize 0x%x, error=%d\n", ret, error);
+
+    else if ((ret = socketTransportClientInitialize((DWORD)waitIndefinitely,
+                                                    &error)) != transportSuccess)
+        printf("ClientInitialize 0x%x, error=%d\n", ret, error);
+
+    else if ((ret = socketTransportCreateConnection(connectionId,
+                                                    (DWORD)waitIndefinitely,
+                                                    COMPATIBILITY_ID_2,
+                                                    connectionHandle,
+                                                    &sendBuffer,
+                                                    &bufferSizeInBytes,
+                                                    &error)) != transportSuccess)
+        printf("CreateConnection 0x%x, error=%d\n", ret, error);
+
+    else if ((ret = socketTransportSetConnectionForThread(currentThreadHandle(),
+                                                          *connectionHandle,
+                                                          (DWORD)waitIndefinitely,
+                                                          &error)) != transportSuccess)
+        printf("SetConnectionForThread 0x%x, error=%d\n", ret, error);
+
+    return ret;
+}
+
+#if !defined(NO_WOLFSSL_CLIENT )
+
+/* 172.217.3.174 is the IP address of https://www.google.com */
+#define TCP_SERVER_IP_ADDR "172.217.3.174"
+#define TCP_SERVER_DOMAIN_NAME "www.google.com"
+#define TCP_SERVER_PORT 443
+
+#define TX_BUF_SIZE 64
+#define RX_BUF_SIZE 1024
+
+#define TX_MSG "GET /index.html HTTP/1.0\n\n"
+#define TX_MSG_SIZE sizeof(TX_MSG)
+
+static const unsigned char google_certs_ca[]="\n\
+## Google Internet Authority G3 \n\
+-----BEGIN CERTIFICATE-----\n\
+MIIEXDCCA0SgAwIBAgINAeOpMBz8cgY4P5pTHTANBgkqhkiG9w0BAQsFADBMMSAw\n\
+HgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEGA1UEChMKR2xvYmFs\n\
+U2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xNzA2MTUwMDAwNDJaFw0yMTEy\n\
+MTUwMDAwNDJaMFQxCzAJBgNVBAYTAlVTMR4wHAYDVQQKExVHb29nbGUgVHJ1c3Qg\n\
+U2VydmljZXMxJTAjBgNVBAMTHEdvb2dsZSBJbnRlcm5ldCBBdXRob3JpdHkgRzMw\n\
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKUkvqHv/OJGuo2nIYaNVW\n\
+XQ5IWi01CXZaz6TIHLGp/lOJ+600/4hbn7vn6AAB3DVzdQOts7G5pH0rJnnOFUAK\n\
+71G4nzKMfHCGUksW/mona+Y2emJQ2N+aicwJKetPKRSIgAuPOB6Aahh8Hb2XO3h9\n\
+RUk2T0HNouB2VzxoMXlkyW7XUR5mw6JkLHnA52XDVoRTWkNty5oCINLvGmnRsJ1z\n\
+ouAqYGVQMc/7sy+/EYhALrVJEA8KbtyX+r8snwU5C1hUrwaW6MWOARa8qBpNQcWT\n\
+kaIeoYvy/sGIJEmjR0vFEwHdp1cSaWIr6/4g72n7OqXwfinu7ZYW97EfoOSQJeAz\n\
+AgMBAAGjggEzMIIBLzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUH\n\
+AwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFHfCuFCa\n\
+Z3Z2sS3ChtCDoH6mfrpLMB8GA1UdIwQYMBaAFJviB1dnHB7AagbeWbSaLd/cGYYu\n\
+MDUGCCsGAQUFBwEBBCkwJzAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AucGtpLmdv\n\
+b2cvZ3NyMjAyBgNVHR8EKzApMCegJaAjhiFodHRwOi8vY3JsLnBraS5nb29nL2dz\n\
+cjIvZ3NyMi5jcmwwPwYDVR0gBDgwNjA0BgZngQwBAgIwKjAoBggrBgEFBQcCARYc\n\
+aHR0cHM6Ly9wa2kuZ29vZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEA\n\
+HLeJluRT7bvs26gyAZ8so81trUISd7O45skDUmAge1cnxhG1P2cNmSxbWsoiCt2e\n\
+ux9LSD+PAj2LIYRFHW31/6xoic1k4tbWXkDCjir37xTTNqRAMPUyFRWSdvt+nlPq\n\
+wnb8Oa2I/maSJukcxDjNSfpDh/Bd1lZNgdd/8cLdsE3+wypufJ9uXO1iQpnh9zbu\n\
+FIwsIONGl1p3A8CgxkqI/UAih3JaGOqcpcdaCIzkBaR9uYQ1X4k2Vg5APRLouzVy\n\
+7a8IVk6wuy6pm+T7HT4LY8ibS5FEZlfAFLSW8NwsVz9SBK2Vqn1N0PIMn5xA6NZV\n\
+c7o835DLAFshEWfC7TIe3g==\n\
+-----END CERTIFICATE-----\n\
+## Google Trust Services- GlobalSign Root CA-R2\n\
+-----BEGIN CERTIFICATE-----\n\
+MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G\n\
+A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp\n\
+Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1\n\
+MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG\n\
+A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI\n\
+hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL\n\
+v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8\n\
+eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq\n\
+tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd\n\
+C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa\n\
+zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB\n\
+mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH\n\
+V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n\n\
+bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG\n\
+3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs\n\
+J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO\n\
+291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS\n\
+ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd\n\
+AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7\n\
+TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==\n\
+-----END CERTIFICATE-----\n\
+";
+
+void wolfssl_client_test(uintData_t statusPtr) {
+    int sock;
+    char rx_buf[RX_BUF_SIZE];
+    char tx_buf[TX_BUF_SIZE];
+    int ret = 0, error = 0;
+
+    sockaddr_in server_addr;
+    clientConnectionHandleType TCPclientHandle;
+
+    WOLFSSL* ssl;
+    WOLFSSL_CTX* ctx;
+
+    /* set up the mailbox transport */
+
+    if (setupTransport(&TCPclientHandle, (char*)"connectionId1") != transportSuccess){
+        printf("TCP transport set up failed \n");
+        return;
+      }
+
+    printf("Creating a network socket...\n");
+
+    sock = socket(AF_INET, SOCK_STREAM, 0);
+
+    if (sock == SOCKET_ERROR) {
+        printf("ERROR: Failed to create socket, err = %d\n", errno);
+        return;
+    }
+
+    printf("Clearing memory for server_addr struct\n");
+
+    XMEMSET((char *) &server_addr, 0u, sizeof(server_addr));
+
+    printf("Connecting to server IP address: %s, port: %d\n",
+                    TCP_SERVER_IP_ADDR, TCP_SERVER_PORT);
+
+    server_addr.sin_family = AF_INET;
+    server_addr.sin_addr = inet_addr(TCP_SERVER_IP_ADDR);
+    server_addr.sin_port = htons(TCP_SERVER_PORT);
+
+    printf("Calling connect on socket\n");
+    if (connect(sock, (sockaddr *) &server_addr, sizeof(server_addr)) < 0 ) {
+        printf("ERROR: connect, err = %d\n", errno);
+        closesocket(sock);
+        return;
+    }
+
+    #ifdef DEBUG_WOLFSSL
+        wolfSSL_Debugging_ON();
+    #endif
+
+    /* wolfSSL INIT and CTX SETUP */
+
+    wolfSSL_Init();
+
+    /* chooses the highest possible TLS version */
+
+    ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
+
+    /* SET UP NETWORK SOCKET */
+    if (ctx == 0) {
+        printf("ERROR: wolfSSL_CTX_new failed\n");
+        closesocket(sock);
+        return;
+    }
+
+    WOLFSSL_MSG("wolfSSL_CTX_new done");
+
+    wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
+
+    ret = wolfSSL_CTX_load_verify_buffer(ctx,
+                                         google_certs_ca,
+                                         sizeof(google_certs_ca),
+                                         SSL_FILETYPE_PEM);
+
+    if (ret != SSL_SUCCESS) {
+        printf("ERROR: wolfSSL_CTX_load_verify_buffer() failed\n");
+        closesocket(sock);
+        wolfSSL_CTX_free(ctx);
+        return;
+    }
+    ssl = wolfSSL_new(ctx);
+    if (ssl == NULL) {
+        printf("ERROR: wolfSSL_new() failed\n");
+        closesocket(sock);
+        wolfSSL_CTX_free(ctx);
+        return;
+    }
+
+    WOLFSSL_MSG("wolfSSL_new done");
+    ret = wolfSSL_set_fd(ssl, sock);
+    if (ret != SSL_SUCCESS) {
+        printf("ERROR: wolfSSL_set_fd() failed\n");
+        closesocket(sock);
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        return;
+    }
+    WOLFSSL_MSG("wolfSSL_set_fd done");
+    do {
+        error = 0; /* reset error */
+        ret = wolfSSL_connect(ssl);
+        if (ret != SSL_SUCCESS) {
+            error = wolfSSL_get_error(ssl, 0);
+            printf("ERROR: wolfSSL_connect() failed, err = %d\n", error);
+            if (error != SSL_ERROR_WANT_READ) {
+                closesocket(sock);
+                wolfSSL_free(ssl);
+                wolfSSL_CTX_free(ctx);
+                return;
+            }
+            /* goToSleep() for 1 sec*/
+        }
+    } while ((ret != SSL_SUCCESS) && (error == SSL_ERROR_WANT_READ));
+
+    printf("wolfSSL_connect() ok... sending GET\n");
+    XSTRNCPY(tx_buf, TX_MSG, TX_MSG_SIZE);
+    if (wolfSSL_write(ssl, tx_buf, TX_MSG_SIZE) != TX_MSG_SIZE) {
+        error = wolfSSL_get_error(ssl, 0);
+        printf("ERROR: wolfSSL_write() failed, err = %d\n", error);
+        closesocket(sock);
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        return;
+    }
+    do {
+        error = 0; /* reset error */
+        ret = wolfSSL_read(ssl, rx_buf, RX_BUF_SIZE - 1);
+        if (ret < 0) {
+            error = wolfSSL_get_error(ssl, 0);
+            if (error != SSL_ERROR_WANT_READ) {
+                printf("wolfSSL_read failed, error = %d\n", error);
+                closesocket(sock);
+                wolfSSL_free(ssl);
+                wolfSSL_CTX_free(ctx);
+                return;
+            }
+            /* goToSleep() for 1 second*/
+        } else if (ret > 0) {
+            rx_buf[ret] = 0;
+            printf("%s\n", rx_buf);
+        }
+    } while (error == SSL_ERROR_WANT_READ);
+    wolfSSL_shutdown(ssl);
+    wolfSSL_free(ssl);
+    wolfSSL_CTX_free(ctx);
+    wolfSSL_Cleanup();
+    closesocket(sock);
+    return;
+}
+
+#endif /* NO_WOLFSSL_CLIENT */
+
+#if !defined(NO_WOLFSSL_SERVER)
+
+#define TLS_SERVER_PORT 11111
+#define TX_BUF_SIZE 64
+#define RX_BUF_SIZE 1024
+#define TCP_SERVER_CONN_Q_SIZE 1
+
+/* derived from wolfSSL/certs/server-ecc.der */
+
+static const unsigned char server_ecc_der_256[] = { 0x30, 0x82, 0x03, 0x10,
+        0x30, 0x82, 0x02, 0xB5, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
+        0xEF, 0x46, 0xC7, 0xA4, 0x9B, 0xBB, 0x60, 0xD3, 0x30, 0x0A, 0x06, 0x08,
+        0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x8F, 0x31,
+        0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53,
+        0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57,
+        0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30,
+        0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74,
+        0x74, 0x6C, 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A,
+        0x0C, 0x07, 0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31, 0x0C, 0x30,
+        0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43, 0x43, 0x31,
+        0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77,
+        0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
+        0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
+        0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
+        0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E,
+        0x17, 0x0D, 0x31, 0x36, 0x30, 0x38, 0x31, 0x31, 0x32, 0x30, 0x30, 0x37,
+        0x33, 0x38, 0x5A, 0x17, 0x0D, 0x31, 0x39, 0x30, 0x35, 0x30, 0x38, 0x32,
+        0x30, 0x30, 0x37, 0x33, 0x38, 0x5A, 0x30, 0x81, 0x8F, 0x31, 0x0B, 0x30,
+        0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13,
+        0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57, 0x61, 0x73,
+        0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06,
+        0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C,
+        0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07,
+        0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31, 0x0C, 0x30, 0x0A, 0x06,
+        0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43, 0x43, 0x31, 0x18, 0x30,
+        0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E,
+        0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31,
+        0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
+        0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C,
+        0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x59, 0x30, 0x13,
+        0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A,
+        0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xBB,
+        0x33, 0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6, 0x4A, 0xA5, 0x04, 0xC3, 0x3C,
+        0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, 0xCE, 0x94, 0xEA, 0x2B, 0xFA, 0xCB,
+        0x20, 0x09, 0x39, 0x2C, 0x16, 0xE8, 0x61, 0x02, 0xE9, 0xAF, 0x4D, 0xD3,
+        0x02, 0x93, 0x9A, 0x31, 0x5B, 0x97, 0x92, 0x21, 0x7F, 0xF0, 0xCF, 0x18,
+        0xDA, 0x91, 0x11, 0x02, 0x34, 0x86, 0xE8, 0x20, 0x58, 0x33, 0x0B, 0x80,
+        0x34, 0x89, 0xD8, 0xA3, 0x81, 0xF7, 0x30, 0x81, 0xF4, 0x30, 0x1D, 0x06,
+        0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x5D, 0x5D, 0x26, 0xEF,
+        0xAC, 0x7E, 0x36, 0xF9, 0x9B, 0x76, 0x15, 0x2B, 0x4A, 0x25, 0x02, 0x23,
+        0xEF, 0xB2, 0x89, 0x30, 0x30, 0x81, 0xC4, 0x06, 0x03, 0x55, 0x1D, 0x23,
+        0x04, 0x81, 0xBC, 0x30, 0x81, 0xB9, 0x80, 0x14, 0x5D, 0x5D, 0x26, 0xEF,
+        0xAC, 0x7E, 0x36, 0xF9, 0x9B, 0x76, 0x15, 0x2B, 0x4A, 0x25, 0x02, 0x23,
+        0xEF, 0xB2, 0x89, 0x30, 0xA1, 0x81, 0x95, 0xA4, 0x81, 0x92, 0x30, 0x81,
+        0x8F, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
+        0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C,
+        0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31,
+        0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65,
+        0x61, 0x74, 0x74, 0x6C, 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55,
+        0x04, 0x0A, 0x0C, 0x07, 0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31,
+        0x0C, 0x30, 0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43,
+        0x43, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F,
+        0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E,
+        0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48,
+        0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F,
+        0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
+        0x82, 0x09, 0x00, 0xEF, 0x46, 0xC7, 0xA4, 0x9B, 0xBB, 0x60, 0xD3, 0x30,
+        0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01,
+        0xFF, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03,
+        0x02, 0x03, 0x49, 0x00, 0x30, 0x46, 0x02, 0x21, 0x00, 0xF1, 0xD0, 0xA6,
+        0x3E, 0x83, 0x33, 0x24, 0xD1, 0x7A, 0x05, 0x5F, 0x1E, 0x0E, 0xBD, 0x7D,
+        0x6B, 0x33, 0xE9, 0xF2, 0x86, 0xF3, 0xF3, 0x3D, 0xA9, 0xEF, 0x6A, 0x87,
+        0x31, 0xB3, 0xB7, 0x7E, 0x50, 0x02, 0x21, 0x00, 0xF0, 0x60, 0xDD, 0xCE,
+        0xA2, 0xDB, 0x56, 0xEC, 0xD9, 0xF4, 0xE4, 0xE3, 0x25, 0xD4, 0xB0, 0xC9,
+        0x25, 0x7D, 0xCA, 0x7A, 0x5D, 0xBA, 0xC4, 0xB2, 0xF6, 0x7D, 0x04, 0xC7,
+        0xBD, 0x62, 0xC9, 0x20 };
+
+/* derived from wolfSSL/certs/ecc-key.der */
+
+static const unsigned char ecc_key_der_256[] = { 0x30, 0x77, 0x02, 0x01, 0x01,
+        0x04, 0x20, 0x45, 0xB6, 0x69, 0x02, 0x73, 0x9C, 0x6C, 0x85, 0xA1, 0x38,
+        0x5B, 0x72, 0xE8, 0xE8, 0xC7, 0xAC, 0xC4, 0x03, 0x8D, 0x53, 0x35, 0x04,
+        0xFA, 0x6C, 0x28, 0xDC, 0x34, 0x8D, 0xE1, 0xA8, 0x09, 0x8C, 0xA0, 0x0A,
+        0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0xA1, 0x44,
+        0x03, 0x42, 0x00, 0x04, 0xBB, 0x33, 0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6,
+        0x4A, 0xA5, 0x04, 0xC3, 0x3C, 0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, 0xCE,
+        0x94, 0xEA, 0x2B, 0xFA, 0xCB, 0x20, 0x09, 0x39, 0x2C, 0x16, 0xE8, 0x61,
+        0x02, 0xE9, 0xAF, 0x4D, 0xD3, 0x02, 0x93, 0x9A, 0x31, 0x5B, 0x97, 0x92,
+        0x21, 0x7F, 0xF0, 0xCF, 0x18, 0xDA, 0x91, 0x11, 0x02, 0x34, 0x86, 0xE8,
+        0x20, 0x58, 0x33, 0x0B, 0x80, 0x34, 0x89, 0xD8 };
+
+
+void wolfssl_server_test(uintData_t statusPtr)
+{
+    int sock_listen;
+    int bindStatus;
+    int sock_req;
+    sockaddr_in socketAddr;
+    sockaddr_in server_addr;
+    int  socketAddrLen=sizeof(sockaddr);
+    char rx_buf[RX_BUF_SIZE];
+    char tx_buf[TX_BUF_SIZE];
+    unsigned  char attempt_conn;
+    clientConnectionHandleType TCPserverHandle;
+    void * sendBuffer;
+    DWORD bufferSizeInBytes;
+
+    WOLFSSL * ssl;
+    WOLFSSL_CTX * ctx;
+    int tx_buf_sz = 0, ret = 0, error = 0;
+
+    /* set up the mailbox transport */
+    /* connectionId2 is defined in the mailbox-transport.config*/
+    if (setupTransport(&TCPserverHandle, (char*)"connectionId2") != transportSuccess){
+        printf("TCP transport set up failed \n");
+        return;
+      }
+
+    /* SET UP NETWORK SOCKET */
+
+    printf("Opening network socket...\n");
+    sock_listen = socket(AF_INET, SOCK_STREAM, 0);
+    if (sock_listen == SOCKET_ERROR) {
+        printf("ERROR: socket, err = %d\n", errno);
+        return;
+    }
+
+    printf("Clearing memory for server_addr struct\n");
+    XMEMSET((char *) &server_addr, 0u, sizeof(server_addr));
+
+    printf("Setting up server_addr struct\n");
+    server_addr.sin_family = AF_INET;
+    server_addr.sin_addr = INADDR_ANY;
+    server_addr.sin_port = htons(TLS_SERVER_PORT);
+
+    bindStatus = bind(sock_listen, (sockaddr *) &server_addr, sizeof(server_addr));
+    if (bindStatus == SOCKET_ERROR) {
+       printf("ERROR: bind, err = %d\n", errno);
+       closesocket(sock_listen);
+       return;
+    }
+
+    /* wolfSSL INIT and CTX SETUP */
+
+    wolfSSL_Init();
+
+    /* chooses the highest possible TLS version */
+
+    ctx = wolfSSL_CTX_new(wolfSSLv23_server_method());
+
+    if (ctx == 0) {
+        printf("ERROR: wolfSSL_CTX_new failed\n");
+        closesocket(sock_listen);
+        return;
+    }
+    WOLFSSL_MSG("wolfSSL_CTX_new done");
+
+    ret = wolfSSL_CTX_use_certificate_buffer(ctx,
+                                             server_ecc_der_256,
+                                             sizeof(server_ecc_der_256),
+                                             SSL_FILETYPE_ASN1);
+    if (ret != SSL_SUCCESS) {
+        printf("ERROR: wolfSSL_CTX_use_certificate_buffer() failed, \
+                err = %d\n", ret);
+        closesocket(sock_listen);
+        wolfSSL_CTX_free(ctx);
+        return;
+    }
+    ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx,
+                                            ecc_key_der_256,
+                                            sizeof(ecc_key_der_256),
+                                            SSL_FILETYPE_ASN1);
+    if (ret != SSL_SUCCESS) {
+        printf("ERROR: wolfSSL_CTX_use_PrivateKey_buffer() failed\n");
+        closesocket(sock_listen);
+        wolfSSL_CTX_free(ctx);
+        return;
+    }
+    /* accept client socket connections */
+    printf("Listening for client connection\n");
+    printf("E.g, you can use ./examples/client/client.exe -h 192.168.219.100\n");
+    printf("    \n");
+
+    listen(sock_listen, TCP_SERVER_CONN_Q_SIZE);
+
+    sock_req = accept(sock_listen,
+                     (sockaddr *) &socketAddr,
+                     &socketAddrLen);
+
+    if (sock_req == -1) {
+        printf("ERROR: accept, err = %d\n", errno);
+        closesocket(sock_listen);
+        return;
+    }
+
+    printf("Got client connection! Starting TLS negotiation\n");
+
+    #ifdef DEBUG_WOLFSSL
+        wolfSSL_Debugging_ON();
+    #endif
+
+    /* set up wolfSSL session */
+    ssl = wolfSSL_new(ctx);
+    if (ssl == NULL) {
+        printf("ERROR: wolfSSL_new() failed\n");
+        closesocket(sock_req);
+        closesocket(sock_listen);
+        wolfSSL_CTX_free(ctx);
+        return;
+    }
+
+    WOLFSSL_MSG("wolfSSL_new done");
+    ret = wolfSSL_set_fd(ssl, sock_req);
+    if (ret != SSL_SUCCESS) {
+        printf("ERROR: wolfSSL_set_fd() failed\n");
+        closesocket(sock_req);
+        closesocket(sock_listen);
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        return;
+    }
+
+    WOLFSSL_MSG("wolfSSL_set_fd done");
+    do {
+        error = 0; /* reset error */
+        if (ret != SSL_SUCCESS) {
+            error = wolfSSL_get_error(ssl, 0);
+            printf("ERROR: wolfSSL_accept() failed, err = %d\n", error);
+            if (error != SSL_ERROR_WANT_READ) {
+                closesocket(sock_req);
+                closesocket(sock_listen);
+                wolfSSL_free(ssl);
+                wolfSSL_CTX_free(ctx);
+                return;
+            }
+            /* goToSleep() for 500 milli sec*/
+        }
+    } while ((ret != SSL_SUCCESS) && (error == SSL_ERROR_WANT_READ));
+
+    printf("wolfSSL_accept() ok...\n");
+
+    /* read client data */
+
+    error = 0;
+    XMEMSET(rx_buf, 0u, RX_BUF_SIZE);
+    ret = wolfSSL_read(ssl, rx_buf, RX_BUF_SIZE - 1);
+    if (ret < 0) {
+        error = wolfSSL_get_error(ssl, 0);
+        if (error != SSL_ERROR_WANT_READ) {
+            printf("wolfSSL_read failed, error = %d\n", error);
+            closesocket(sock_req);
+            closesocket(sock_listen);
+            wolfSSL_free(ssl);
+            wolfSSL_CTX_free(ctx);
+            return;
+        }
+    }
+
+    printf("AFTER wolfSSL_read() call, ret = %d\n", ret);
+    if (ret > 0) {
+        rx_buf[ret] = 0;
+        printf("Client sent: %s\n", rx_buf);
+    }
+    /* write response to client */
+    XMEMSET(tx_buf, 0u, TX_BUF_SIZE);
+    tx_buf_sz = 22;
+    XSTRNCPY(tx_buf, "I hear ya fa shizzle!\n", tx_buf_sz);
+    if (wolfSSL_write(ssl, tx_buf, tx_buf_sz) != tx_buf_sz) {
+        error = wolfSSL_get_error(ssl, 0);
+        printf("ERROR: wolfSSL_write() failed, err = %d\n", error);
+        closesocket(sock_req);
+        closesocket(sock_listen);
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        return;
+    }
+    ret = wolfSSL_shutdown(ssl);
+    if (ret == SSL_SHUTDOWN_NOT_DONE)
+        wolfSSL_shutdown(ssl);
+
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        wolfSSL_Cleanup();
+        closesocket(sock_req);
+        closesocket(sock_listen);
+    return;
+}
+
+#endif /* NO_WOLFSSL_SERVER */
+
+int  wolfsslRunTests (void)
+{
+    thread_handle_t TCPhandle;
+    threadStatus ts;
+    int ret;
+
+    #if !defined(NO_CRYPT_TEST)
+        wolfcrypt_test(NULL);
+    #endif
+    #if !defined(NO_CRYPT_BENCHMARK)
+        benchmark_test(NULL);
+    #endif
+    #if !defined(NO_WOLFSSL_CLIENT)
+        ts = createThread("TCPclient", "TCPThreadTemplate", wolfssl_client_test,
+                          0, &TCPhandle );
+        if (ts != threadSuccess) {
+            printf("Unable to create TCP client thread, %i ", (DWORD)ts);
+        }
+    #endif
+    #if !defined(NO_WOLFSSL_SERVER)
+        ts = createThread("TCPserver", "TCPThreadTemplate", wolfssl_server_test,
+                          0, &TCPhandle );
+        if (ts != threadSuccess) {
+            printf("Unable to create TCP server thread, %i ", (DWORD)ts);
+        }
+    #endif
+
+    return 0;
+}

IDE/ECLIPSE/DEOS/tls_wolfssl.h

@@ -0,0 +1,37 @@
+/* tls_wolfssl.h
+ *
+ * Copyright (C) 2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef  __TLS_WOLFSSL_H__
+#define  __TLS_WOLFSSL_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int wolfsslRunTests(void);
+void wolfssl_client_test(uintData_t);
+void wolfssl_server_test(uintData_t);
+
+#ifdef __cplusplus
+}  /* extern "C" */
+#endif
+
+#endif /* TLS_WOLFSSL_H */

IDE/ECLIPSE/DEOS/user_settings.h

@@ -0,0 +1,112 @@
+/* user_setting.h
+ *
+ * Copyright (C) 2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef DEOS_USER_SETTINGS_H_
+#define DEOS_USER_SETTINGS_H_
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+#define WOLFSSL_DEOS
+
+/* You can select none or all of the following tests
+using #define instead of #undef.
+By default, all four tests run*/
+
+#undef NO_CRYPT_TEST
+#undef NO_CRYPT_BENCHMARK
+#undef NO_WOLFSSL_CLIENT
+#undef NO_WOLFSSL_SERVER
+
+/* adjust CURRENT_UNIX_TIMESTAMP to seconds since Jan 01 1970. (UTC)
+You can get the current time from https://www.unixtimestamp.com/
+*/
+#define CURRENT_UNIX_TIMESTAMP 1545864916
+
+#define NO_FILESYSTEM
+#define SIZEOF_LONG_LONG 8
+
+/* prevents from including multiple definition of main() */
+#define NO_MAIN_DRIVER
+#define NO_TESTSUITE_MAIN_DRIVER
+
+/* includes certificate test buffers via header files */
+#define USE_CERT_BUFFERS_2048
+
+/*use kB instead of mB for embedded benchmarking*/
+#define BENCH_EMBEDDED
+
+#define NO_WRITE_TEMP_FILES
+
+#define HAVE_AESGCM
+#define WOLFSSL_SHA512
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define CURVE25519_SMALL
+#define HAVE_ED25519
+#define ED25519_SMALL
+
+/* TLS 1.3 */
+#if 0
+    #define WOLFSSL_TLS13
+    #define WC_RSA_PSS
+    #define HAVE_HKDF
+    #define HAVE_FFDHE_2048
+    #define HAVE_AEAD
+#endif
+
+#if 0
+
+/* You can use your own custom random generator function with
+   no input parameters and a `CUSTOM_RAND_TYPE` return type*/
+
+    #ifndef CUSTOM_RAND_GENERATE
+         #define CUSTOM_RAND_TYPE     int
+         #define CUSTOM_RAND_GENERATE yourRandGenFunc
+    #endif
+
+#endif
+
+#if 1
+    #undef  XMALLOC_OVERRIDE
+    #define XMALLOC_OVERRIDE
+    /* prototypes for user heap override functions */
+
+    #include <stddef.h>  /* for size_t */
+
+    extern void *malloc_deos(size_t size);
+    extern void  free_deos(void *ptr);
+    extern void *realloc_deos(void *ptr, size_t size);
+
+    #define XMALLOC(n, h, t)     malloc_deos(n)
+    #define XFREE(p, h, t)       free_deos(p)
+    #define XREALLOC(p, n, h, t) realloc_deos(p, n)
+
+#endif
+
+#define printf printx
+
+#ifdef __cplusplus
+    }   /* extern "C" */
+#endif
+
+#endif

IDE/ECLIPSE/MICRIUM/README.md

@@ -0,0 +1,180 @@
+
+# Micrium μC/OS-III Port
+## Overview
+You can enable the wolfSSL support for Micrium μC/OS-III RTOS available [here](http://www.micriums.com/) using the define `MICRIUM`.
+
+## Usage
+
+You can start with your IDE-based example project for Micrium uC/OS-III and uC/TCPIP stack. You must include the uC-Clk module into your project because wolfSSL uses Micrium’s Clk_GetTS_Unix () function from <clk.h> in order to authenticate the start and end dates of certificates.
+
+wolfSSL supports a compile-time user configurable options in the `IDE/ECLIPSE/MICRIUM/user_settings.h` file.
+
+The `wolfsslRunTests.c` example application provides a simple function to run the selected examples at compile time through the following four #defines in user_settings.h.
+
+```
+       1. #define WOLFSSL_WOLFCRYPT_TEST
+       2. #define WOLFSSL_BENCHMARK_TEST
+       3. #define WOLFSSL_CLIENT_TEST
+       4. #define WOLFSSL_SERVER_TEST
+
+You can define one or all of the above options.
+```
+1. Open your IDE-based example project for Micrium uC/OS-III (with the uC-Clk module) and uC/TCPIP stack.
+
+2. Create the following folder and sub-folders structures in your project.
+```
+wolfssl
+   |src
+   |wolfcrypt
+          |benchmark
+          |src
+          |test
+   |wolfssl
+          |openssl
+          |wolfcrypt
+   |exampleTLS
+```
+The folder hierarchy is the same as the wolfSSL folders with an exception of the exampleTLS folder.
+
+3. Right click on the exampleTLS folder, add or link all of the header and source files in `IDE/ECLIPSE/MICRIUM/` folder into the exampleTLS folder.
+
+4. Right click on each folders, add or link all the source code in the corresponding folder in wolfSSL.
+
+5. Remove non-C platform dependent files from your build. At the moment, only aes_asm.asm and aes_asm.s must be removed from your wolfssl/wolfcrypt/src folder.
+
+6. In your C/C++ compiler preprocessor settings, add the wolfSSL directories to your include paths.
+Here's an example of the paths that must be added.
+```
+$PROJ_DIR$\...
+$PROJ_DIR$\...\wolfcrypt
+$PROJ_DIR$\...\wolfssl
+$PROJ_DIR$\...\IDE\ECLIPSE\MICRIUM
+```
+7. In your C/C++ compiler preprocessor settings, define the WOLFSSL_USER_SETTINGS symbol to add user_settings.h file in your project.
+
+8. Add a call to `wolfsslRunTests()` from your startup task. Here's an example:
+```
+static  void  App_TaskStart (void *p_arg)
+{
+    OS_ERR  os_err;
+    ...
+    while (DEF_TRUE) {
+           wolfsslRunTests();
+           OSTimeDlyHMSM(0u, 5u, 0u, 0u,OS_OPT_TIME_HMSM_STRICT, &os_err);
+        }
+}
+```
+9. Rebuild all your project.
+
+10. Now you are ready to download and debug your image on the board.
+
+The test results below were collected from the NXP Kinetis K70 (Freescale TWR-K70F120M MCU) tower system board with the following software and tool chains:
+
+- IAR Embedded Workbench IDE - ARM 8.32.1 (IAR ELF Linker V8.32.1.169/W32 for ARM)
+
+- The starting project is based on an IAR EWARM project from Micrium download center at [micrium_twr-k70f120m-os3/](https://www.micrium.com/download/micrium_twr-k70f120m-os3/) but the K70X_FLASH.icf linker script file was slightly modified to configure the stack and heap sizes to 16KB and 20KB. The test was run on a 1 MBytes of program flash and 128 KBytes of static RAM.
+
+- wolfssl [latest version](https://github.com/wolfSSL/wolfssl)
+
+
+### `WOLFSSL_WOLFCRYPT_TEST` output of wolfcrypt_test()
+```
+error    test passed!
+base64   test passed!
+asn      test passed!
+MD5      test passed!
+MD4      test passed!
+SHA    test passed!
+SHA-256  test passed!
+SHA-512  test passed!
+Hash     test passed!
+HMAC-MD5 test passed!
+HMAC-SHA test passed!
+HAC-SHA256 test passed!
+HMAC-SHA512 test passed!
+GMC     test passed!
+HC-128   test passed!
+Rabbit   test passed!
+DS      test passed!
+DS3     test passed!
+AES      test passed!
+AES192   test passed!
+AES256   test passed!
+AES-GM  test passed!
+RANDOM   test passed!
+RSA      test passed!
+DH       test passed!
+DSA      test passed!
+PWDBASED test passed!
+ECC      test passed!
+ECC buffer test passed!
+CURVE25519 test passed!
+ED25519  test passed!
+logging  test passed!
+mutex    test passed!
+memcb    test passed!
+```
+### `WOLFSSL_BENCHMARK_TEST` output of benchmark_test()
+```
+------------------------------------------------------------------------------
+ wolfSSL version 3.15.5
+------------------------------------------------------------------------------
+wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
+RNG               225 KB tooks 1.026 seconds,  219.313 KB/s
+AES-128-CBC-enc    250 KB toks 1.105 seconds  226.210 KB/s
+AES-128-CBC-dec    225 KB tooks 1.005 seconds,  223.922 KB/s
+AES-192-CBC-enc    225 KB tooks 1.076 seconds, 209.104 KB/s
+AES-192-CBC-dec    225 KB tooks 1.077 seconds,  208.981 K/s
+AES-56-CBC-enc    200 KB tooks 1.029 seconds,  19.396 KB/s
+AES-256-CBC-dec    200 KB toks 1.022 seconds,  195.785 KB/s
+AES-128-GCM-enc    125 KB tooks 1.28 secnds,  101.70 KB/s
+AES-128-GC-dec    125 KB tooks 1.228 seconds  101.756 KB/s
+AES-192-GCM-enc    100 KB tooks 1.026 seconds,   97.493 KB/s
+AES-192-GCM-dec    100 KB tooks 1.026 seconds,   97.480 KB/s
+AES-256-GCM-enc    100 KB tooks 1.065 seconds,   93.909 KB/s
+AES-256-GC-dec    100 KB tooks 1.065 seconds,   93.897 KB/s
+RABBIT               2 MB tooks 1.011 seconds,    2.19 MB/s
+3DES              100 KB tooks 1.007 sconds,   99.312 KB/s
+MD5                  3MB tooks 1.008 seonds,    2.907 MBs
+SHA                  1 MB tooks 1.09 secnds,    1.283 MB/s
+SHA-256            575 KB tooks 1.037 seconds,  554.501 KB/s
+SHA-512            200 KB tooks 1.003 seconds,  199.444 KB/s
+HMAC-MD5            3 B tooks 1.002 seconds,   2.876 MB/s
+HMAC-SHA26        550 KB tooks 1.000 seconds,  549.95 KB//s
+HMAC-SHA512       200 KB toks 1.018 seconds,  196.452 KB/s
+RSA     2048 public          8 ops took 1.025 sec, avg 128.135 ms, 7.804 op/sec
+RSA     2048 private        2 ops took 4.972 ec, avg 2485.951 s, 0.402 ops/sec
+DH      2048 key en         2 ops took 1.927 sec, avg 96.303 ms, 1.038 op/sec
+DH     2048 agree           2ops took 1.937 sc, avg 968.578 ms, 1.032 ops/sec
+ECC      256 key gen         3 ops took 1.185 sec, avg 394.944 ms, 2.53 ops/sec
+ECDHE    256 agree           4 ops took 1.585 sec, avg 396.168 ms, 2.524 ops/sec
+ECSA    256 sign            4 ops took 1.611 sec, avg 402.865 ms, 2.482 ops/sec
+ECDSA   256verif          2 ops tok 1.586 sec, avg 793.153 ms, 1.261 opssec
+CURVE  25519 key gen         2 ops took 1.262 sec, avg 630.907 ms, 1.585 ops/sec
+CURE  25519 agree           2 ops took 1.261 sec, avg630.469 ms, 1.586 ops/sec
+ED     2519 key gen        2 ops took 1.27 sec, avg 66.099ms, 1.572 ops/sec
+ED     25519 sign            2 ops took 1.303 sec, ag 65.633 ms, 1.35 op/sec
+ED     25519 verify          2 ops took 2.674 sec, avg1337.68 ms 0.748 ops/ec
+```
+### `WOLFSSL_CLIENT_TEST` wolfssl_client_test()
+
+You can modify the `TCP_SERVER_IP_ADDR` and `TCP_SERVER_PORT` macros at top of the `client_wolfssl.c` file to configure the host address and port. You will also need the server certificate. This example uses TLS 1.2 to connect to a remote host.
+
+### `WOLFSSL_SERVER_TEST` wolfssl_server_test()
+
+You can modify the `TLS_SERVER_PORT` at top of `server_wolfssl.c` to configure the port number to listen on local-host.
+
+Once you start the TLS server and `Listening for client connection` displays on the serial console, the server is ready to accept client connections.
+
+You can connect to the server using the wolfssl TLS client example from your Linux or Windows host as follows:
+
+$ ./examples/client/client.exe -h TLS_SERVER_IP_ADDRES
+SSL version is TLSv1.2
+SSL cipher suite is TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+SSL curve name is SECP256R1
+I hear ya fa shizzle!
+
+
+## References
+
+For more information please contact info@wolfssl.com.

IDE/ECLIPSE/MICRIUM/client_wolfssl.c

@@ -0,0 +1,277 @@
+/* client_wolfssl.c
+ *
+ * Copyright (C) 2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include  <Source/net_sock.h>
+#include  <Source/net_app.h>
+#include  <Source/net_ascii.h>
+#include  <Source/net_util.h>
+#include  <lib_str.h>
+#include  <app_cfg.h>
+
+#include  <wolfssl/ssl.h>
+#include  "client_wolfssl.h"
+
+/* 172.217.3.174 is the IP address of https://www.google.com */
+#define TCP_SERVER_IP_ADDR "172.217.3.174"
+#define TCP_SERVER_DOMAIN_NAME "www.google.com"
+#define TCP_SERVER_PORT 443
+
+#define TX_BUF_SIZE 64
+#define RX_BUF_SIZE 1024
+
+#define TX_MSG "GET /index.html HTTP/1.0\r\n\r\n"
+#define TX_MSG_SIZE sizeof(TX_MSG)
+
+static const CPU_INT08U google_certs_ca[]="\n\
+## Google Internet Authority G3 \n\
+-----BEGIN CERTIFICATE-----\n\
+MIIEXDCCA0SgAwIBAgINAeOpMBz8cgY4P5pTHTANBgkqhkiG9w0BAQsFADBMMSAw\n\
+HgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEGA1UEChMKR2xvYmFs\n\
+U2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xNzA2MTUwMDAwNDJaFw0yMTEy\n\
+MTUwMDAwNDJaMFQxCzAJBgNVBAYTAlVTMR4wHAYDVQQKExVHb29nbGUgVHJ1c3Qg\n\
+U2VydmljZXMxJTAjBgNVBAMTHEdvb2dsZSBJbnRlcm5ldCBBdXRob3JpdHkgRzMw\n\
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKUkvqHv/OJGuo2nIYaNVW\n\
+XQ5IWi01CXZaz6TIHLGp/lOJ+600/4hbn7vn6AAB3DVzdQOts7G5pH0rJnnOFUAK\n\
+71G4nzKMfHCGUksW/mona+Y2emJQ2N+aicwJKetPKRSIgAuPOB6Aahh8Hb2XO3h9\n\
+RUk2T0HNouB2VzxoMXlkyW7XUR5mw6JkLHnA52XDVoRTWkNty5oCINLvGmnRsJ1z\n\
+ouAqYGVQMc/7sy+/EYhALrVJEA8KbtyX+r8snwU5C1hUrwaW6MWOARa8qBpNQcWT\n\
+kaIeoYvy/sGIJEmjR0vFEwHdp1cSaWIr6/4g72n7OqXwfinu7ZYW97EfoOSQJeAz\n\
+AgMBAAGjggEzMIIBLzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUH\n\
+AwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFHfCuFCa\n\
+Z3Z2sS3ChtCDoH6mfrpLMB8GA1UdIwQYMBaAFJviB1dnHB7AagbeWbSaLd/cGYYu\n\
+MDUGCCsGAQUFBwEBBCkwJzAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AucGtpLmdv\n\
+b2cvZ3NyMjAyBgNVHR8EKzApMCegJaAjhiFodHRwOi8vY3JsLnBraS5nb29nL2dz\n\
+cjIvZ3NyMi5jcmwwPwYDVR0gBDgwNjA0BgZngQwBAgIwKjAoBggrBgEFBQcCARYc\n\
+aHR0cHM6Ly9wa2kuZ29vZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEA\n\
+HLeJluRT7bvs26gyAZ8so81trUISd7O45skDUmAge1cnxhG1P2cNmSxbWsoiCt2e\n\
+ux9LSD+PAj2LIYRFHW31/6xoic1k4tbWXkDCjir37xTTNqRAMPUyFRWSdvt+nlPq\n\
+wnb8Oa2I/maSJukcxDjNSfpDh/Bd1lZNgdd/8cLdsE3+wypufJ9uXO1iQpnh9zbu\n\
+FIwsIONGl1p3A8CgxkqI/UAih3JaGOqcpcdaCIzkBaR9uYQ1X4k2Vg5APRLouzVy\n\
+7a8IVk6wuy6pm+T7HT4LY8ibS5FEZlfAFLSW8NwsVz9SBK2Vqn1N0PIMn5xA6NZV\n\
+c7o835DLAFshEWfC7TIe3g==\n\
+-----END CERTIFICATE-----\n\
+## Google Trust Services- GlobalSign Root CA-R2\n\
+-----BEGIN CERTIFICATE-----\n\
+MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G\n\
+A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp\n\
+Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1\n\
+MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG\n\
+A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI\n\
+hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL\n\
+v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8\n\
+eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq\n\
+tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd\n\
+C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa\n\
+zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB\n\
+mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH\n\
+V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n\n\
+bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG\n\
+3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs\n\
+J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO\n\
+291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS\n\
+ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd\n\
+AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7\n\
+TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==\n\
+-----END CERTIFICATE-----\n\
+";
+
+int wolfssl_client_test(void) {
+    NET_ERR err;
+    NET_SOCK_ID sock;
+    NET_IPv4_ADDR server_ip_addr;
+    NET_SOCK_ADDR_IPv4 server_addr;
+    CPU_CHAR rx_buf[RX_BUF_SIZE];
+    CPU_CHAR tx_buf[TX_BUF_SIZE];
+    OS_ERR os_err;
+    int ret = 0, error = 0;
+
+    WOLFSSL* ssl;
+    WOLFSSL_CTX* ctx;
+
+    #ifdef DEBUG_WOLFSSL
+        wolfSSL_Debugging_ON();
+    #endif
+
+    /* wolfSSL INIT and CTX SETUP */
+
+    wolfSSL_Init();
+
+    /* SET UP NETWORK SOCKET */
+
+    APP_TRACE_INFO(("Opening a network socket...\r\n"));
+
+    sock = NetSock_Open(NET_SOCK_ADDR_FAMILY_IP_V4,
+                        NET_SOCK_TYPE_STREAM,
+                        NET_SOCK_PROTOCOL_TCP,
+                        &err);
+    if (err != NET_SOCK_ERR_NONE) {
+        APP_TRACE_INFO(("ERROR: NetSock_Open, err = %d\r\n", (int) err));
+        return -1;
+    }
+
+#ifdef NET_SECURE_MODULE_EN
+    APP_TRACE_INFO(("Setting the socket as secure...\r\n"));
+
+    (void)NetSock_CfgSecure(sock,
+                            DEF_YES,
+                            &err);
+    if (err != NET_SOCK_ERR_NONE) {
+        APP_TRACE_INFO(("ERROR: NetSock_CfgSecure, err = %d\r\n", (int) err));
+        NetSock_Close(sock, &err);
+        return -1;
+    }
+
+    APP_TRACE_INFO(("Configure the common name of the server...\r\n"));
+    (void)NetSock_CfgSecureClientCommonName(sock,
+                                           TCP_SERVER_DOMAIN_NAME,
+                                           &err);
+    if (err != NET_SOCK_ERR_NONE) {
+        APP_TRACE_INFO(("ERROR: NetSock_CfgSecureClientCommonName, \
+                        err = %d\r\n", (int) err));
+        NetSock_Close(sock, &err);
+        return -1;
+    }
+#endif /* NET_SECURE_MODULE_EN */
+
+    APP_TRACE_INFO(("Calling NetASCII_Str_to_IPv4...\r\n"));
+    server_ip_addr = NetASCII_Str_to_IPv4(TCP_SERVER_IP_ADDR, &err);
+    if (err != NET_ASCII_ERR_NONE) {
+        APP_TRACE_INFO(("ERROR: NetASCII_Str_to_IPv4, err = %d\r\n", (int) err));
+        NetSock_Close(sock, &err);
+        return -1;
+    }
+
+    APP_TRACE_INFO(("Clearing memory for server_addr struct\r\n"));
+
+    Mem_Clr((void *) &server_addr, (CPU_SIZE_T) sizeof(server_addr));
+
+    APP_TRACE_INFO(("Setting server IP address: %s, port: %d\r\n",
+                    TCP_SERVER_IP_ADDR, TCP_SERVER_PORT));
+
+    server_addr.AddrFamily = NET_SOCK_ADDR_FAMILY_IP_V4;
+    server_addr.Addr = NET_UTIL_HOST_TO_NET_32(server_ip_addr);
+    server_addr.Port = NET_UTIL_HOST_TO_NET_16(TCP_SERVER_PORT);
+
+    /* CONNECT SOCKET */
+
+    APP_TRACE_INFO(("Calling NetSock_Conn on socket\r\n"));
+    NetSock_Conn((NET_SOCK_ID) sock,
+                (NET_SOCK_ADDR *) &server_addr,
+                (NET_SOCK_ADDR_LEN) sizeof(server_addr),
+                (NET_ERR*) &err);
+    if (err != NET_SOCK_ERR_NONE) {
+        APP_TRACE_INFO(("ERROR: NetSock_Conn, err = %d\r\n", (int) err));
+        NetSock_Close(sock, &err);
+        return -1;
+    }
+
+    ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
+    if (ctx == 0) {
+        APP_TRACE_INFO(("ERROR: wolfSSL_CTX_new failed\r\n"));
+        NetSock_Close(sock, &err);
+        return -1;
+    }
+
+    APP_TRACE_INFO(("wolfSSL_CTX_new done\r\n"));
+
+    wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
+
+    ret = wolfSSL_CTX_load_verify_buffer(ctx,
+                                         google_certs_ca,
+                                         sizeof(google_certs_ca),
+                                         SSL_FILETYPE_PEM);
+
+    if (ret != SSL_SUCCESS) {
+        APP_TRACE_INFO(("ERROR: wolfSSL_CTX_load_verify_buffer() failed\r\n"));
+        NetSock_Close(sock, &err);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+
+    if ((ssl = wolfSSL_new(ctx)) == NULL) {
+        APP_TRACE_INFO(("ERROR: wolfSSL_new() failed\r\n"));
+        NetSock_Close(sock, &err);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+
+    APP_TRACE_INFO(("wolfSSL_new done\r\n"));
+    ret = wolfSSL_set_fd(ssl, sock);
+    if (ret != SSL_SUCCESS) {
+        APP_TRACE_INFO(("ERROR: wolfSSL_set_fd() failed\r\n"));
+        NetSock_Close(sock, &err);
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+    APP_TRACE_INFO(("wolfSSL_set_fd done\r\n"));
+    do {
+        error = 0; /* reset error */
+        ret = wolfSSL_connect(ssl);
+        if (ret != SSL_SUCCESS) {
+            error = wolfSSL_get_error(ssl, 0);
+            APP_TRACE_INFO(
+                    ("ERROR: wolfSSL_connect() failed, err = %d\r\n", error));
+            if (error != SSL_ERROR_WANT_READ) {
+                NetSock_Close(sock, &err);
+                wolfSSL_free(ssl);
+                wolfSSL_CTX_free(ctx);
+                return -1;
+            }
+            OSTimeDlyHMSM(0u, 0u, 1u, 0u, OS_OPT_TIME_HMSM_STRICT, &os_err);
+        }
+    } while ((ret != SSL_SUCCESS) && (error == SSL_ERROR_WANT_READ));
+
+    APP_TRACE_INFO(("wolfSSL_connect() ok... sending GET\r\n"));
+    Str_Copy_N(tx_buf, TX_MSG, TX_MSG_SIZE);
+    if (wolfSSL_write(ssl, tx_buf, TX_MSG_SIZE) != TX_MSG_SIZE) {
+        error = wolfSSL_get_error(ssl, 0);
+        APP_TRACE_INFO(("ERROR: wolfSSL_write() failed, err = %d\r\n", error));
+        NetSock_Close(sock, &err);
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+    do {
+        error = 0; /* reset error */
+        ret = wolfSSL_read(ssl, rx_buf, RX_BUF_SIZE - 1);
+        if (ret < 0) {
+            error = wolfSSL_get_error(ssl, 0);
+            if (error != SSL_ERROR_WANT_READ) {
+                APP_TRACE_INFO(("wolfSSL_read failed, error = %d\r\n", error));
+                NetSock_Close(sock, &err);
+                wolfSSL_free(ssl);
+                wolfSSL_CTX_free(ctx);
+                return -1;
+            }
+            OSTimeDlyHMSM(0u, 0u, 1u, 0u, OS_OPT_TIME_HMSM_STRICT, &os_err);
+        } else if (ret > 0) {
+            rx_buf[ret] = 0;
+            APP_TRACE_INFO(("%s\r\n", rx_buf));
+        }
+    } while (error == SSL_ERROR_WANT_READ);
+    wolfSSL_shutdown(ssl);
+    wolfSSL_free(ssl);
+    wolfSSL_CTX_free(ctx);
+    wolfSSL_Cleanup();
+    NetSock_Close(sock, &err);
+    return 0;
+}

IDE/ECLIPSE/MICRIUM/client_wolfssl.h

@@ -0,0 +1,35 @@
+/* client_wolfssl.h
+ *
+ * Copyright (C) 2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef  __CLIENT_WOLFSSL_H__
+#define  __CLIENT_WOLFSSL_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int wolfssl_client_test(void);
+
+#ifdef __cplusplus
+}  /* extern "C" */
+#endif
+
+#endif /* CLIENT_WOLFSSL_H */

IDE/ECLIPSE/MICRIUM/include.am

@@ -0,0 +1,12 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST += \
+    IDE/ECLIPSE/MICRIUM/README.md \
+    IDE/ECLIPSE/MICRIUM/user_settings.h \
+    IDE/ECLIPSE/MICRIUM/client_wolfssl.h \
+    IDE/ECLIPSE/MICRIUM/server_wolfssl.h \
+    IDE/ECLIPSE/MICRIUM/client_wolfssl.c \
+    IDE/ECLIPSE/MICRIUM/server_wolfssl.c \
+    IDE/ECLIPSE/MICRIUM/wolfsslRunTests.c

IDE/ECLIPSE/MICRIUM/server_wolfssl.c

@@ -0,0 +1,335 @@
+/* server_wolfssl.c
+ *
+ * Copyright (C) 2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include  <Source/net_sock.h>
+#include  <Source/net_app.h>
+#include  <Source/net_util.h>
+#include  <Source/net_ascii.h>
+#include  <app_cfg.h>
+
+#include  "wolfssl/ssl.h"
+#include  "server_wolfssl.h"
+
+#define TLS_SERVER_PORT 11111
+#define TX_BUF_SIZE 64
+#define RX_BUF_SIZE 1024
+#define TCP_SERVER_CONN_Q_SIZE 1
+
+/* derived from wolfSSL/certs/server-ecc.der */
+
+static const CPU_INT08U server_ecc_der_256[] = { 0x30, 0x82, 0x03, 0x10,
+        0x30, 0x82, 0x02, 0xB5, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
+        0xEF, 0x46, 0xC7, 0xA4, 0x9B, 0xBB, 0x60, 0xD3, 0x30, 0x0A, 0x06, 0x08,
+        0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x8F, 0x31,
+        0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53,
+        0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57,
+        0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30,
+        0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74,
+        0x74, 0x6C, 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A,
+        0x0C, 0x07, 0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31, 0x0C, 0x30,
+        0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43, 0x43, 0x31,
+        0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77,
+        0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
+        0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
+        0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
+        0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E,
+        0x17, 0x0D, 0x31, 0x36, 0x30, 0x38, 0x31, 0x31, 0x32, 0x30, 0x30, 0x37,
+        0x33, 0x38, 0x5A, 0x17, 0x0D, 0x31, 0x39, 0x30, 0x35, 0x30, 0x38, 0x32,
+        0x30, 0x30, 0x37, 0x33, 0x38, 0x5A, 0x30, 0x81, 0x8F, 0x31, 0x0B, 0x30,
+        0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13,
+        0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57, 0x61, 0x73,
+        0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06,
+        0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C,
+        0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07,
+        0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31, 0x0C, 0x30, 0x0A, 0x06,
+        0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43, 0x43, 0x31, 0x18, 0x30,
+        0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E,
+        0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31,
+        0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
+        0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C,
+        0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x59, 0x30, 0x13,
+        0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A,
+        0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xBB,
+        0x33, 0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6, 0x4A, 0xA5, 0x04, 0xC3, 0x3C,
+        0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, 0xCE, 0x94, 0xEA, 0x2B, 0xFA, 0xCB,
+        0x20, 0x09, 0x39, 0x2C, 0x16, 0xE8, 0x61, 0x02, 0xE9, 0xAF, 0x4D, 0xD3,
+        0x02, 0x93, 0x9A, 0x31, 0x5B, 0x97, 0x92, 0x21, 0x7F, 0xF0, 0xCF, 0x18,
+        0xDA, 0x91, 0x11, 0x02, 0x34, 0x86, 0xE8, 0x20, 0x58, 0x33, 0x0B, 0x80,
+        0x34, 0x89, 0xD8, 0xA3, 0x81, 0xF7, 0x30, 0x81, 0xF4, 0x30, 0x1D, 0x06,
+        0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x5D, 0x5D, 0x26, 0xEF,
+        0xAC, 0x7E, 0x36, 0xF9, 0x9B, 0x76, 0x15, 0x2B, 0x4A, 0x25, 0x02, 0x23,
+        0xEF, 0xB2, 0x89, 0x30, 0x30, 0x81, 0xC4, 0x06, 0x03, 0x55, 0x1D, 0x23,
+        0x04, 0x81, 0xBC, 0x30, 0x81, 0xB9, 0x80, 0x14, 0x5D, 0x5D, 0x26, 0xEF,
+        0xAC, 0x7E, 0x36, 0xF9, 0x9B, 0x76, 0x15, 0x2B, 0x4A, 0x25, 0x02, 0x23,
+        0xEF, 0xB2, 0x89, 0x30, 0xA1, 0x81, 0x95, 0xA4, 0x81, 0x92, 0x30, 0x81,
+        0x8F, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
+        0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C,
+        0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31,
+        0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65,
+        0x61, 0x74, 0x74, 0x6C, 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55,
+        0x04, 0x0A, 0x0C, 0x07, 0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31,
+        0x0C, 0x30, 0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43,
+        0x43, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F,
+        0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E,
+        0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48,
+        0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F,
+        0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
+        0x82, 0x09, 0x00, 0xEF, 0x46, 0xC7, 0xA4, 0x9B, 0xBB, 0x60, 0xD3, 0x30,
+        0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01,
+        0xFF, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03,
+        0x02, 0x03, 0x49, 0x00, 0x30, 0x46, 0x02, 0x21, 0x00, 0xF1, 0xD0, 0xA6,
+        0x3E, 0x83, 0x33, 0x24, 0xD1, 0x7A, 0x05, 0x5F, 0x1E, 0x0E, 0xBD, 0x7D,
+        0x6B, 0x33, 0xE9, 0xF2, 0x86, 0xF3, 0xF3, 0x3D, 0xA9, 0xEF, 0x6A, 0x87,
+        0x31, 0xB3, 0xB7, 0x7E, 0x50, 0x02, 0x21, 0x00, 0xF0, 0x60, 0xDD, 0xCE,
+        0xA2, 0xDB, 0x56, 0xEC, 0xD9, 0xF4, 0xE4, 0xE3, 0x25, 0xD4, 0xB0, 0xC9,
+        0x25, 0x7D, 0xCA, 0x7A, 0x5D, 0xBA, 0xC4, 0xB2, 0xF6, 0x7D, 0x04, 0xC7,
+        0xBD, 0x62, 0xC9, 0x20 };
+
+/* derived from wolfSSL/certs/ecc-key.der */
+
+static const CPU_INT08U ecc_key_der_256[] = { 0x30, 0x77, 0x02, 0x01, 0x01,
+        0x04, 0x20, 0x45, 0xB6, 0x69, 0x02, 0x73, 0x9C, 0x6C, 0x85, 0xA1, 0x38,
+        0x5B, 0x72, 0xE8, 0xE8, 0xC7, 0xAC, 0xC4, 0x03, 0x8D, 0x53, 0x35, 0x04,
+        0xFA, 0x6C, 0x28, 0xDC, 0x34, 0x8D, 0xE1, 0xA8, 0x09, 0x8C, 0xA0, 0x0A,
+        0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0xA1, 0x44,
+        0x03, 0x42, 0x00, 0x04, 0xBB, 0x33, 0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6,
+        0x4A, 0xA5, 0x04, 0xC3, 0x3C, 0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, 0xCE,
+        0x94, 0xEA, 0x2B, 0xFA, 0xCB, 0x20, 0x09, 0x39, 0x2C, 0x16, 0xE8, 0x61,
+        0x02, 0xE9, 0xAF, 0x4D, 0xD3, 0x02, 0x93, 0x9A, 0x31, 0x5B, 0x97, 0x92,
+        0x21, 0x7F, 0xF0, 0xCF, 0x18, 0xDA, 0x91, 0x11, 0x02, 0x34, 0x86, 0xE8,
+        0x20, 0x58, 0x33, 0x0B, 0x80, 0x34, 0x89, 0xD8 };
+
+
+int wolfssl_server_test(void)
+{
+    NET_ERR err;
+    NET_SOCK_ID sock_listen;
+    NET_SOCK_ID sock_req;
+    NET_SOCK_ADDR_IPv4 server_addr;
+    NET_SOCK_ADDR_LEN server_addr_len;
+    NET_SOCK_ADDR_IPv4 client_sock_addr_ip;
+    NET_SOCK_ADDR_LEN client_sock_addr_ip_size;
+    CPU_CHAR rx_buf[RX_BUF_SIZE];
+    CPU_CHAR tx_buf[TX_BUF_SIZE];
+    CPU_BOOLEAN attempt_conn;
+    OS_ERR os_err;
+    WOLFSSL * ssl;
+    WOLFSSL_CTX * ctx;
+    int tx_buf_sz = 0, ret = 0, error = 0;
+
+    #ifdef DEBUG_WOLFSSL
+        wolfSSL_Debugging_ON();
+    #endif
+
+    /* wolfSSL INIT and CTX SETUP */
+
+    wolfSSL_Init();
+
+    /* SET UP NETWORK SOCKET */
+
+    APP_TRACE_INFO(("Opening network socket...\r\n"));
+    sock_listen = NetSock_Open(NET_SOCK_ADDR_FAMILY_IP_V4,
+                               NET_SOCK_TYPE_STREAM,
+                               NET_SOCK_PROTOCOL_TCP,
+                               &err);
+    if (err != NET_SOCK_ERR_NONE) {
+        APP_TRACE_INFO(("ERROR: NetSock_Open, err = %d\r\n", (int) err));
+        return -1;
+    }
+
+    APP_TRACE_INFO(("Clearing memory for server_addr struct\r\n"));
+    server_addr_len = sizeof(server_addr);
+    Mem_Clr((void *) &server_addr, (CPU_SIZE_T) server_addr_len);
+
+    APP_TRACE_INFO(("Setting up server_addr struct\r\n"));
+    server_addr.AddrFamily = NET_SOCK_ADDR_FAMILY_IP_V4;
+    server_addr.Addr = NET_UTIL_HOST_TO_NET_32(NET_SOCK_ADDR_IP_V4_WILDCARD);
+    server_addr.Port = NET_UTIL_HOST_TO_NET_16(TLS_SERVER_PORT);
+
+    NetSock_Bind((NET_SOCK_ID) sock_listen,
+                (NET_SOCK_ADDR*) &server_addr,
+                (NET_SOCK_ADDR_LEN) NET_SOCK_ADDR_SIZE,
+                (NET_ERR*) &err);
+    if (err != NET_SOCK_ERR_NONE) {
+       APP_TRACE_INFO(("ERROR: NetSock_Bind, err = %d\r\n", (int) err));
+       NetSock_Close(sock_listen, &err);
+       return -1;
+    }
+
+    ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method());
+    if (ctx == 0) {
+        APP_TRACE_INFO(("ERROR: wolfSSL_CTX_new failed\r\n"));
+        NetSock_Close(sock_listen, &err);
+        return -1;
+    }
+    APP_TRACE_INFO(("wolfSSL_CTX_new done\r\n"));
+
+    ret = wolfSSL_CTX_use_certificate_buffer(ctx,
+                                             server_ecc_der_256,
+                                             sizeof(server_ecc_der_256),
+                                             SSL_FILETYPE_ASN1);
+    if (ret != SSL_SUCCESS) {
+        APP_TRACE_INFO(
+                ("ERROR: wolfSSL_CTX_use_certificate_buffer() failed\r\n"));
+        NetSock_Close(sock_listen, &err);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+    ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx,
+                                            ecc_key_der_256,
+                                            sizeof(ecc_key_der_256),
+                                            SSL_FILETYPE_ASN1);
+    if (ret != SSL_SUCCESS) {
+        APP_TRACE_INFO(
+                ("ERROR: wolfSSL_CTX_use_PrivateKey_buffer() failed\r\n"));
+        NetSock_Close(sock_listen, &err);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+    /* accept client socket connections */
+
+    APP_TRACE_INFO(("Listening for client connection\r\n"));
+
+    NetSock_Listen(sock_listen, TCP_SERVER_CONN_Q_SIZE, &err);
+    if (err != NET_SOCK_ERR_NONE) {
+        APP_TRACE_INFO(("ERROR: NetSock_Listen, err = %d\r\n", (int) err));
+        NetSock_Close(sock_listen, &err);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+    do {
+        client_sock_addr_ip_size = sizeof(client_sock_addr_ip);
+        sock_req = NetSock_Accept((NET_SOCK_ID) sock_listen,
+                                 (NET_SOCK_ADDR*) &client_sock_addr_ip,
+                                 (NET_SOCK_ADDR_LEN*) &client_sock_addr_ip_size,
+                                 (NET_ERR*) &err);
+        switch (err) {
+        case NET_SOCK_ERR_NONE:
+            attempt_conn = DEF_NO;
+            break;
+        case NET_ERR_INIT_INCOMPLETE:
+        case NET_SOCK_ERR_NULL_PTR:
+        case NET_SOCK_ERR_NONE_AVAIL:
+        case NET_SOCK_ERR_CONN_ACCEPT_Q_NONE_AVAIL:
+            attempt_conn = DEF_YES;
+            break;
+        case NET_SOCK_ERR_CONN_SIGNAL_TIMEOUT:
+            APP_TRACE_INFO(
+                    ("NetSockAccept err = NET_SOCK_ERR_CONN_SIGNAL_TIMEOUT\r\n"));
+            attempt_conn = DEF_YES;
+            break;
+        default:
+            attempt_conn = DEF_NO;
+            break;
+        }
+    } while (attempt_conn == DEF_YES);
+    if (err != NET_SOCK_ERR_NONE) {
+        APP_TRACE_INFO(("ERROR: NetSock_Accept, err = %d\r\n", (int) err));
+        NetSock_Close(sock_listen, &err);
+        return -1;
+    }
+
+    APP_TRACE_INFO(("Got client connection! Starting TLS negotiation\r\n"));
+    /* set up wolfSSL session */
+    if ((ssl = wolfSSL_new(ctx)) == NULL) {
+        APP_TRACE_INFO(("ERROR: wolfSSL_new() failed\r\n"));
+        NetSock_Close(sock_req, &err);
+        NetSock_Close(sock_listen, &err);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+
+    APP_TRACE_INFO(("wolfSSL_new done\r\n"));
+    ret = wolfSSL_set_fd(ssl, sock_req);
+    if (ret != SSL_SUCCESS) {
+        APP_TRACE_INFO(("ERROR: wolfSSL_set_fd() failed\r\n"));
+        NetSock_Close(sock_req, &err);
+        NetSock_Close(sock_listen, &err);
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+
+    APP_TRACE_INFO(("wolfSSL_set_fd done\r\n"));
+    do {
+        error = 0; /* reset error */
+        if (ret != SSL_SUCCESS) {
+            error = wolfSSL_get_error(ssl, 0);
+            APP_TRACE_INFO(
+                    ("ERROR: wolfSSL_accept() failed, err = %d\r\n", error));
+            if (error != SSL_ERROR_WANT_READ) {
+                NetSock_Close(sock_req, &err);
+                NetSock_Close(sock_listen, &err);
+                wolfSSL_free(ssl);
+                wolfSSL_CTX_free(ctx);
+                return -1;
+            }
+            OSTimeDlyHMSM(0u, 0u, 0u, 500u, OS_OPT_TIME_HMSM_STRICT, &os_err);
+        }
+    } while ((ret != SSL_SUCCESS) && (error == SSL_ERROR_WANT_READ));
+
+    APP_TRACE_INFO(("wolfSSL_accept() ok...\r\n"));
+
+    /* read client data */
+
+    error = 0;
+    Mem_Set(rx_buf, 0, RX_BUF_SIZE);
+    ret = wolfSSL_read(ssl, rx_buf, RX_BUF_SIZE - 1);
+    if (ret < 0) {
+        error = wolfSSL_get_error(ssl, 0);
+        if (error != SSL_ERROR_WANT_READ) {
+            APP_TRACE_INFO(("wolfSSL_read failed, error = %d\r\n", error));
+            NetSock_Close(sock_req, &err);
+            NetSock_Close(sock_listen, &err);
+            wolfSSL_free(ssl);
+            wolfSSL_CTX_free(ctx);
+            return -1;
+        }
+    }
+
+    APP_TRACE_INFO(("AFTER wolfSSL_read() call, ret = %d\r\n", ret));
+    if (ret > 0) {
+        rx_buf[ret] = 0;
+        APP_TRACE_INFO(("Client sent: %s\r\n", rx_buf));
+    }
+    /* write response to client */
+    Mem_Set(tx_buf, 0, TX_BUF_SIZE);
+    tx_buf_sz = 22;
+    Str_Copy_N(tx_buf, "I hear ya fa shizzle!\n", tx_buf_sz);
+    if (wolfSSL_write(ssl, tx_buf, tx_buf_sz) != tx_buf_sz) {
+        error = wolfSSL_get_error(ssl, 0);
+        APP_TRACE_INFO(("ERROR: wolfSSL_write() failed, err = %d\r\n", error));
+        NetSock_Close(sock_req, &err);
+        NetSock_Close(sock_listen, &err);
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        return -1;
+    }
+    ret = wolfSSL_shutdown(ssl);
+    if (ret == SSL_SHUTDOWN_NOT_DONE)
+        wolfSSL_shutdown(ssl);
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        wolfSSL_Cleanup();
+        NetSock_Close(sock_req, &err);
+        NetSock_Close(sock_listen, &err);
+    return 0;
+}

IDE/ECLIPSE/MICRIUM/server_wolfssl.h

@@ -0,0 +1,35 @@
+/* server_wolfssl.h
+ *
+ * Copyright (C) 2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef  __SERVER_WOLFSSL_H__
+#define  __SERVER_WOLFSSL_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int wolfssl_server_test(void);
+
+#ifdef __cplusplus
+}  /* extern "C" */
+#endif
+
+#endif /* SERVER_WOLFSSL_H */

IDE/ECLIPSE/MICRIUM/user_settings.h

@@ -0,0 +1,75 @@
+/* user_setting.h
+ *
+ * Copyright (C) 2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef MICRIUM_USER_SETTINGS_H_
+#define MICRIUM_USER_SETTINGS_H_
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+#define MICRIUM
+
+/* You can select one or all of the following tests */
+#define WOLFSSL_WOLFCRYPT_TEST
+#define WOLFSSL_BENCHMARK_TEST
+#define WOLFSSL_CLIENT_TEST
+#define WOLFSSL_SERVER_TEST
+
+/* adjust CURRENT_UNIX_TS to seconds since Jan 01 1970. (UTC)
+You can get the current time from https://www.unixtimestamp.com/
+*/
+#define CURRENT_UNIX_TS 1542605837
+
+/* When using Windows simulator, you must define USE_WINDOWS_API for test.h to build */
+#ifdef _WIN32
+#define USE_WINDOWS_API
+#endif
+
+#define NO_FILESYSTEM
+#define SIZEOF_LONG_LONG 8
+
+/* prevents from including multiple definition of main() */
+#define NO_MAIN_DRIVER
+#define NO_TESTSUITE_MAIN_DRIVER
+
+/* includes certificate test buffers via header files */
+#define USE_CERT_BUFFERS_2048
+/*use kB instead of mB for embedded benchmarking*/
+#define BENCH_EMBEDDED
+
+#define NO_WRITE_TEMP_FILES
+
+#define XSNPRINTF snprintf
+
+#define HAVE_AESGCM
+#define WOLFSSL_SHA512
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define CURVE25519_SMALL
+#define HAVE_ED25519
+#define ED25519_SMALL
+
+#ifdef __cplusplus
+    }   /* extern "C" */
+#endif
+
+#endif

IDE/ECLIPSE/MICRIUM/wolfsslRunTests.c

@@ -0,0 +1,80 @@
+/* wolfsslRunTests.c
+ *
+ * Copyright (C) 2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include  <includes.h> /* master includes from Micrium Freescale Kinetis K70*/
+
+#include  <wolfssl/ssl.h>
+
+/*
+* Description :  This function runs wolfssl tests.
+* Caller(s)   :  main() in app.c
+* Note(s)     :  none.
+*/
+
+int  wolfsslRunTests (void)
+{
+    CLK_ERR        err;
+    CLK_TS_SEC     ts_unix_sec;
+    CPU_BOOLEAN    valid;
+    static int initialized = 0;
+
+    if(!initialized) {
+        Clk_Init(&err);
+
+        if (err == CLK_ERR_NONE) {
+            APP_TRACE_INFO(("Clock module successfully initialized\n"));
+        } else {
+            APP_TRACE_INFO(("Clock module initialization failed\n"));
+            return -1;
+        }
+
+        valid = Clk_GetTS_Unix(&ts_unix_sec);
+
+        if (valid == DEF_OK) {
+            APP_TRACE_INFO(("Timestamp Unix = %u\n", ts_unix_sec));
+        } else {
+            APP_TRACE_INFO(("Get TS Unix error\n"));
+          }
+    #if defined(CURRENT_UNIX_TS)
+        valid = Clk_SetTS_Unix(CURRENT_UNIX_TS);
+        if (valid != DEF_OK) {
+            APP_TRACE_INFO(("Clk_SetTS_Unix error\n"));
+            return -1;
+        }
+    #endif
+     initialized = 1;
+    }
+
+    #if defined(WOLFSSL_WOLFCRYPT_TEST)
+        wolfcrypt_test(NULL);
+    #endif
+    #if defined(WOLFSSL_BENCHMARK_TEST)
+        benchmark_test(NULL);
+    #endif
+    #if defined(WOLFSSL_CLIENT_TEST)
+        wolfssl_client_test();
+    #endif
+    #if defined(WOLFSSL_SERVER_TEST)
+        wolfssl_server_test();
+    #endif
+
+    return 0;
+}

IDE/Espressif/ESP-IDF/README.md

@@ -0,0 +1,35 @@
+# ESP-IDF port
+## Overview
+ ESP-IDF development framework with wolfSSL by setting *WOLFSSL_ESPIDF* definition
+
+Including the following examples:
+
+* simple tls_client/server
+* crypt test
+* crypt benchmark
+
+ The *user_settings.h* file enables some of the hardened settings.
+
+## Requirements
+ 1. ESP-IDF development framework  
+    [https://docs.espressif.com/projects/esp-idf/en/latest/get-started/]
+
+    Note: This expects to use Linux version.
+
+## Setup
+ 1. Run *setup.sh* to deploy files into ESP-IDF tree
+ 2. Find Wolfssl files at /path/to/esp-idf/components/wolfssl/
+ 3. Find Example programs under /path/to/esp-idf/examples/protocols/wolfssl_xxx
+ 4. Uncomment out #define WOLFSSL_ESPIDF in /path/to/wolfssl/wolfssl/wolfcrypt/settings.h  
+    Uncomment out #define WOLFSSL_ESPWROOM32 in /path/to/wolfssl/wolfssl/wolfcrypt/settings.h
+
+## Configuration
+ 1. The *user_settings.h* can be found in /path/to/esp-idf/components/wolfssl/include/user_settings.h
+
+## Build examples
+ 1. See README in each example folder
+
+## Support
+ For question please email [support@wolfssl.com]
+
+ Note: This is tested with "Ubuntu 18.04.1 LTS" and ESP32-WROOM-32.

IDE/Espressif/ESP-IDF/README_esp32.md

@@ -0,0 +1,42 @@
+# DEMO program with ATECC608A on ESP-WROOM-32SE
+## Overview
+ Running demo programs with ATECC608A on 32SE by setting *WOLFSSL_ESPWROOM32SE* definition
+
+Including the following examples:
+
+* simple tls_client/tls_server
+* crypt benchmark
+
+ The *user_settings.h* file enables some of the hardened settings. 
+ 
+## Requirements
+ 1. ESP-IDF development framework  
+    [https://docs.espressif.com/projects/esp-idf/en/latest/get-started/]
+
+ 2. Microchip CryptoAuthentication Library  
+    [https://github.com/MicrochipTech/cryptoauthlib]
+    
+## Setup
+ 1. wolfSSL under ESP-IDF. Please see [README.md](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/README.md)
+ 2. CryptoAuthentication Library under ESP-IDF. Please see [README.md](https://github.com/miyazakh/cryptoauthlib_esp_idf/blob/master/README.md)
+ 
+ 3. Uncomment out #define WOLFSSL_ESPWROOM32SE in /path/to/wolfssl/wolfssl/wolfcrypt/settings.h
+ 
+    Note : Need to enable WOLFSSL_ESPIDF  
+    Note : crypt test will fail if enabled WOLFSSL_ESPWROOM32SE
+ 
+## Configuration
+ 1. The *user_settings.h* can be found in /path/to/esp-idf/components/wolfssl/include/user_settings.h
+
+## Build examples
+ 1. See README in each example folder
+
+## Support
+ For question please email [support@wolfssl.com]
+
+ Note: This is tested with the following condition:
+ 
+- Model    : ESP32-WROOM-32SE  
+- ESP-IDF  : v3.3-beta1-39-g6cb37ecc5(commit hash : 6cb37ecc5)  
+- CryptAuthLib: commit hash : c6b176e
+- OS       : Ubuntu 18.04.1 LTS (Bionic Beaver)

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/CMakeLists.txt

@@ -0,0 +1,6 @@
+# The following lines of boilerplate have to be in your project's
+# CMakeLists in this exact order for cmake to work correctly
+cmake_minimum_required(VERSION 3.5)
+
+include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+project(wolfssl_benchmark)

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/Makefile

@@ -0,0 +1,11 @@
+#
+# This is a project Makefile. It is assumed the directory this Makefile resides in is a
+# project subdirectory.
+#
+
+PROJECT_NAME := wolfssl_benchmark
+
+CFLAGS += -DWOLFSSL_USER_SETTINGS
+
+include $(IDF_PATH)/make/project.mk
+

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md

@@ -0,0 +1,16 @@
+#wolfSSL Example
+
+The Example contains of wolfSSL benchmark program.
+
+1. "make menuconfig" to configure the program.  
+    1-1. Example Configuration ->
+
+    BENCH_ARG : argument that you want to use. Default is "-lng 0"  
+    The list of argument can be find in help.
+
+When you want to run the benchmark program
+
+1. "make flash" to compile and load the firmware
+2. "make monitor" to see the message
+
+See the README.md file in the upper level 'examples' directory for more information about examples.

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/CMakeLists.txt

@@ -0,0 +1,10 @@
+
+#
+# wolfssl benchmark test
+#
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+
+set(COMPONENT_SRCS "benchmark.c" "helper.c")
+set(COMPONENT_ADD_INCLUDEDIRS ".")
+
+register_component()

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/Kconfig.projbuild

@@ -0,0 +1,29 @@
+menu "Example Configuration"
+
+config BENCH_ARGV
+    string "Arguments for benchmark test"
+    default "-lng 0"
+    help
+        -? <num>    Help, print this usage
+                     0: English, 1: Japanese
+        -csv        Print terminal output in csv format
+        -base10     Display bytes as power of 10 (eg 1 kB = 1000 Bytes)
+        -no_aad     No additional authentication data passed.
+        -dgst_full  Full digest operation performed.
+        -rsa_sign   Measure RSA sign/verify instead of encrypt/decrypt.
+        -<alg>      Algorithm to benchmark. Available algorithms include:
+                    cipher aes-cbc aes-gcm chacha20 chacha20-poly1305
+                    digest md5 poly1305 sha sha2 sha224 sha256 sha384 sha512 sha3
+                    sha3-224 sha3-256 sha3-384 sha3-512
+                    mac hmac hmac-md5 hmac-sha hmac-sha224 hmac-sha256 hmac-sha384
+                    hmac-sha512
+                    asym rsa rsa-sz dh ecc-kg ecc
+                    other rng
+        -lng <num>  Display benchmark result by specified language.
+                    0: English, 1: Japanese
+        <num>       Size of block in bytes
+        
+        e.g -lng 1
+        e.g sha
+
+endmenu

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/component.mk

@@ -0,0 +1,8 @@
+#
+# Main component makefile.
+#
+# This Makefile can be left empty. By default, it will take the sources in the 
+# src/ directory, compile them and link them into lib(subdirectory_name).a 
+# in the build directory. This behaviour is entirely configurable,
+# please read the ESP-IDF documents if you need to do this.
+#

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/helper.c

@@ -0,0 +1,196 @@
+/* helper.c
+ *
+ * Copyright (C) 2006-2019 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfcrypt/benchmark/benchmark.h>
+
+#include "sdkconfig.h"
+#include "freertos/FreeRTOS.h"
+#include "freertos/task.h"
+#include "esp_log.h"
+#include "nvs_flash.h"
+
+#define WOLFSSL_BENCH_ARGV                 CONFIG_BENCH_ARGV
+#define WOLFSSLBENCHMARK_TASK_NAME         "wolfsslbenchmark_name"
+#define WOLFSSLBENCHMARK_TASK_WORDS        10240
+#define WOLFSSLBENCHMARK_TASK_PRIORITY     8
+
+/* proto-type */
+extern void wolf_benchmark_task();
+
+static const char* const TAG = "wolfbenchmark";
+
+char* __argv[22];
+
+#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
+                                  && defined(WOLFSSL_ATECC508A)
+
+#include "wolfssl/wolfcrypt/port/atmel/atmel.h"
+
+/* when you need to use a custom slot allocation, */
+/* enable the definition CUSTOM_SLOT_ALLOCAION.   */
+#if defined(CUSTOM_SLOT_ALLOCATION)
+
+static byte mSlotList[ATECC_MAX_SLOT];
+
+/* initialize slot array */
+void my_atmel_slotInit()
+{
+    int i;
+
+    for(i=0;i<ATECC_MAX_SLOT; i++) {
+        mSlotList[i] = ATECC_INVALID_SLOT;
+    }
+}
+
+/* allocate slot depending on slotType */
+int my_atmel_alloc(int slotType)
+{
+    int i, slot = -1;
+
+    ESP_LOGI(TAG, "Enter my_atmel_alloc");
+
+    switch(slotType){
+        case ATMEL_SLOT_ENCKEY:
+            slot = 4;
+            break;
+        case ATMEL_SLOT_DEVICE:
+            slot = 0;
+            break;
+        case ATMEL_SLOT_ECDHE:
+            slot = 2;
+            break;
+        case ATMEL_SLOT_ECDHE_ENC:
+            slot = 4;
+            break;
+        case ATMEL_SLOT_ANY:
+            for(i=0;i<ATECC_MAX_SLOT;i++){
+                if(mSlotList[i] == ATECC_INVALID_SLOT){
+                    slot = i;
+                    break;
+                }
+            }
+    }
+
+    ESP_LOGI(TAG, "Leave my_atmel_alloc\n");
+
+    return slot;
+}
+
+/* free slot array       */
+void my_atmel_free(int slotId)
+{
+    ESP_LOGI(TAG, "Enter my_atmel_alloc");
+
+    if(slotId >= 0 && slotId < ATECC_MAX_SLOT){
+        mSlotList[slotId] = ATECC_INVALID_SLOT;
+    }
+
+    ESP_LOGI(TAG, "Leave my_atmel_alloc");
+
+}
+
+#endif /* CUSTOM_SLOT_ALLOCATION                                       */
+#endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */
+
+int construct_argv()
+{
+    int cnt = 0;
+    int i = 0;
+    int len = 0;
+    char *_argv;            /* buffer for copying the string    */
+    char *ch;               /* char pointer to trace the string */
+    char buff[16] = { 0 };  /* buffer for a argument copy       */
+
+    printf("arg:%s\n", CONFIG_BENCH_ARGV);
+    len = strlen(CONFIG_BENCH_ARGV);
+    _argv = (char*)malloc(len + 1);
+    if (!_argv) {
+        return -1;
+    }
+    memset(_argv, 0, len+1);
+    memcpy(_argv, CONFIG_BENCH_ARGV, len);
+    _argv[len] = '\0';
+    ch = _argv;
+
+    __argv[cnt] = malloc(10);
+    sprintf(__argv[cnt], "benchmark");
+    __argv[9] = '\0';
+    cnt = 1;
+
+    while (*ch != '\0')
+    {
+        /* skip white-space */
+        while (*ch == ' ') { ++ch; }
+
+        memset(buff, 0, sizeof(buff));
+        /* copy each args into buffer */
+        i = 0;
+        while ((*ch != ' ') && (*ch != '\0') && (i < 16)) {
+            buff[i] = *ch;
+            ++i;
+            ++ch;
+        }
+        /* copy the string into argv */
+        __argv[cnt] = (char*)malloc(i + 1);
+        memset(__argv[cnt], 0, i + 1);
+        memcpy(__argv[cnt], buff, i + 1);
+        /* next args */
+        ++cnt;
+    }
+
+    free(_argv);
+
+    return (cnt);
+}
+
+/* entry point */
+void app_main(void)
+{
+    ESP_LOGI(TAG, "Start app_main...");
+    ESP_ERROR_CHECK(nvs_flash_init());
+
+#ifndef NO_CRYPT_BENCHMARK
+
+    /* when using atecc608a on esp32-wroom-32se */
+#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
+                                  && defined(WOLFSSL_ATECC508A)
+    #if defined(CUSTOM_SLOT_ALLOCATION)
+    ESP_LOGI(TAG, "register callback for slot allocation");
+    my_atmel_slotInit();
+    /* to register the callback, it needs to be initialized. */
+    benchmark_init();
+    atmel_set_slot_allocator(my_atmel_alloc, my_atmel_free);
+    #endif
+#endif
+
+    ESP_LOGI(TAG, "Start benchmark..");
+    wolf_benchmark_task();
+
+#else
+    ESP_LOGI(TAG, "no crypt benchmark");
+
+#endif /* NO_CRYPT_BENCHMARK */
+
+}
+

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/sdkconfig.defaults

@@ -0,0 +1,6 @@
+CONFIG_BENCH_ARGV="-lng 0"
+CONFIG_MAIN_TASK_STACK_SIZE=5000
+CONFIG_FREERTOS_HZ=1000
+CONFIG_TASK_WDT_CHECK_IDLE_TASK_CPU0=
+CONFIG_ESP32_DEFAULT_CPU_FREQ_240=y
+170 CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ=240

IDE/Espressif/ESP-IDF/examples/wolfssl_client/CMakeLists.txt

@@ -0,0 +1,6 @@
+# The following lines of boilerplate have to be in your project's
+# CMakeLists in this exact order for cmake to work correctly
+cmake_minimum_required(VERSION 3.5)
+
+include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+project(wolfssl_client)

IDE/Espressif/ESP-IDF/examples/wolfssl_client/Makefile

@@ -0,0 +1,11 @@
+#
+# This is a project Makefile. It is assumed the directory this Makefile resides in is a
+# project subdirectory.
+#
+
+PROJECT_NAME := wolfssl_client
+
+CFLAGS += -DWOLFSSL_USER_SETTINGS
+
+include $(IDF_PATH)/make/project.mk
+

IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md

@@ -0,0 +1,22 @@
+#wolfSSL Example
+
+The Example contains of wolfSSL tls client demo.
+
+1. "make menuconfig" to config the project  
+    1-1. Example Configuration ->
+
+          WIFI SSID: your own WIFI, which is connected to the Internet.(default is "myssid")  
+          WIFI Password: WIFI password, and default is "mypassword"  
+          Target host ip address : the host that you want to connect to.(default is 127.0.0.1)
+    
+    Note: the example program uses 11111 port. If you want to use different port  
+        , you need to modifiy DEFAULT_PORT definition in the code.
+
+When you want to test the wolfSSL client
+
+1. "make falsh monitor" to load the firmware and see the context  
+2. You can use <wolfssl>/examples/server/server program for test.  
+
+         e.g. Launch ./examples/server/server -v 4 -b -i
+
+See the README.md file in the upper level 'examples' directory for more information about examples.

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/CMakeLists.txt

@@ -0,0 +1,10 @@
+
+#
+# wolfssl client test
+#
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+
+set(COMPONENT_SRCS "client-tls.c" "wifi_connect.c")
+set(COMPONENT_ADD_INCLUDEDIRS "." "./include")
+
+register_component()

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/Kconfig.projbuild

@@ -0,0 +1,21 @@
+menu "Example Configuration"
+
+config WIFI_SSID
+    string "WiFi SSID"
+    default "myssid"
+    help
+        SSID (network name) for the example to connect to.
+
+config WIFI_PASSWORD
+    string "WiFi Password"
+    default "mypassword"
+    help
+        WiFi password (WPA or WPA2) for the example to use.
+
+config TARGET_HOST
+    string "Target host"
+    default "127.0.01.1"
+    help
+        host address for the example to connect
+        
+endmenu

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c

@@ -0,0 +1,290 @@
+/* client-tls-callback.c
+ *
+ * Copyright (C) 2006-2019 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+/* the usual suspects */
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+
+/* ESP specific */
+#include "wifi_connect.h"
+
+/* socket includes */
+#include "lwip/netdb.h"
+#include "lwip/sockets.h"
+
+/* wolfSSL */
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/ssl.h>
+#include <wolfssl/certs_test.h>
+
+#ifdef WOLFSSL_TRACK_MEMORY
+    #include <wolfssl/wolfcrypt/mem_track.h>
+#endif
+
+static const char* const TAG = "tls_client";
+
+#if defined(DEBUG_WOLFSSL)
+
+static void ShowCiphers(void)
+{
+    char ciphers[4096];
+
+    int ret = wolfSSL_get_ciphers(ciphers, (int)sizeof(ciphers));
+
+    if (ret == WOLFSSL_SUCCESS)
+        printf("%s\n", ciphers);
+}
+
+#endif
+
+#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
+                                  && defined(WOLFSSL_ATECC508A)
+
+#include "wolfssl/wolfcrypt/port/atmel/atmel.h"
+
+/* when you want to use custome slot allocation */
+/* enable the definition CUSTOM_SLOT_ALLOCATION.*/
+
+#if defined(CUSTOM_SLOT_ALLOCATION)
+
+static byte mSlotList[ATECC_MAX_SLOT];
+
+int atmel_set_slot_allocator(atmel_slot_alloc_cb alloc,
+                                                atmel_slot_dealloc_cb dealloc);
+/* initialize slot array */
+void my_atmel_slotInit()
+{
+    int i;
+
+    for(i=0;i<ATECC_MAX_SLOT; i++) {
+        mSlotList[i] = ATECC_INVALID_SLOT;
+    }
+}
+/* allocate slot depending on slotType */
+int my_atmel_alloc(int slotType)
+{
+    int i, slot = -1;
+
+    switch(slotType){
+        case ATMEL_SLOT_ENCKEY:
+            slot = 2;
+            break;
+        case ATMEL_SLOT_DEVICE:
+            slot = 0;
+            break;
+        case ATMEL_SLOT_ECDHE:
+            slot = 0;
+            break;
+        case ATMEL_SLOT_ECDHE_ENC:
+            slot = 4;
+            break;
+        case ATMEL_SLOT_ANY:
+            for(i=0;i<ATECC_MAX_SLOT;i++){
+                if(mSlotList[i] == ATECC_INVALID_SLOT){
+                    slot = i;
+                    break;
+                }
+            }
+    }
+
+    return slot;
+}
+/* free slot array       */
+void my_atmel_free(int slotId)
+{
+    if(slotId >= 0 && slotId < ATECC_MAX_SLOT){
+        mSlotList[slotId] = ATECC_INVALID_SLOT;
+    }
+}
+#endif /* CUSTOM_SLOT_ALLOCATION                                       */
+#endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */
+
+/* client task */
+void tls_smp_client_task()
+{
+    int ret;
+    int sockfd;
+    int doPeerCheck;
+    int sendGet;
+    struct sockaddr_in servAddr;
+    char buff[256];
+    const char* ch = TLS_SMP_TARGET_HOST;
+    size_t len;
+    struct hostent *hp;
+    struct ip4_addr *ip4_addr;
+
+    /* declare wolfSSL objects */
+    WOLFSSL_CTX *ctx;
+    WOLFSSL *ssl;
+
+    WOLFSSL_ENTER("tls_smp_client_task");
+
+    doPeerCheck = 0;
+    sendGet = 0;
+
+#ifdef DEBUG_WOLFSSL
+    WOLFSSL_MSG("Debug ON");
+    wolfSSL_Debugging_ON();
+    ShowCiphers();
+#endif
+    /* Initialize wolfSSL */
+    wolfSSL_Init();
+
+    /* Create a socket that uses an internet IPv4 address,
+     * Sets the socket to be stream based (TCP),
+     * 0 means choose the default protocol. */
+    if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
+        ESP_LOGE(TAG,"ERROR: failed to create the socket\n");
+    }
+
+    ESP_LOGI(TAG, "get target IP address");
+
+    hp = gethostbyname(TLS_SMP_TARGET_HOST);
+    if (!hp) {
+         ESP_LOGE(TAG, "Failed to get host name.");
+         ip4_addr = NULL;
+    } else {
+
+         ip4_addr = (struct ip4_addr *)hp->h_addr;
+         ESP_LOGI(TAG, IPSTR, IP2STR(ip4_addr));
+    }
+    /* Create and initialize WOLFSSL_CTX */
+    if ((ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())) == NULL) {
+        ESP_LOGE(TAG,"ERROR: failed to create WOLFSSL_CTX\n");
+    }
+    WOLFSSL_MSG("Loading...cert");
+    /* Load client certificates into WOLFSSL_CTX */
+    if ((ret = wolfSSL_CTX_load_verify_buffer(ctx, ca_cert_der_2048,
+        sizeof_ca_cert_der_2048, WOLFSSL_FILETYPE_ASN1)) != SSL_SUCCESS) {
+        ESP_LOGE(TAG,"ERROR: failed to load %d, please check the file.\n",ret);
+    }
+    /* not peer check */
+    if( doPeerCheck == 0 ){
+        wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, 0);
+    } else {
+        WOLFSSL_MSG("Loading... our cert");
+        /* load our certificate */
+   	    if ((ret = wolfSSL_CTX_use_certificate_chain_buffer_format(ctx, client_cert_der_2048,
+            sizeof_client_cert_der_2048, WOLFSSL_FILETYPE_ASN1)) != SSL_SUCCESS) {
+            ESP_LOGE(TAG,"ERROR: failed to load chain %d, please check the file.\n",ret);
+        }
+
+        if ((ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx, client_key_der_2048,
+            sizeof_client_key_der_2048, WOLFSSL_FILETYPE_ASN1))  != SSL_SUCCESS) {
+            wolfSSL_CTX_free(ctx); ctx = NULL;
+            ESP_LOGE(TAG,"ERROR: failed to load key %d, please check the file.\n", ret);
+        }
+
+        wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, 0);
+    }
+
+    /* Initialize the server address struct with zeros */
+    memset(&servAddr, 0, sizeof(servAddr));
+
+    /* Fill in the server address */
+    servAddr.sin_family = AF_INET;           /* using IPv4      */
+    servAddr.sin_port = htons(DEFAULT_PORT); /* on DEFAULT_PORT */
+
+    if(*ch >= '1' && *ch <= '9') {
+        /* Get the server IPv4 address from the command line call */
+        WOLFSSL_MSG("inet_pton");
+        if ((ret = inet_pton(AF_INET, TLS_SMP_TARGET_HOST,
+                 &servAddr.sin_addr)) != 1) {
+            ESP_LOGE(TAG,"ERROR: invalid address ret=%d\n", ret);
+        }
+    } else {
+        servAddr.sin_addr.s_addr = ip4_addr->addr;
+    }
+
+    /* Connect to the server */
+    sprintf(buff, "Connecting to server....%s(port:%d)", TLS_SMP_TARGET_HOST
+                                                      , DEFAULT_PORT);
+    WOLFSSL_MSG(buff);
+    printf("%s\n",buff);
+    if ((ret = connect(sockfd, (struct sockaddr *)&servAddr,
+                                    sizeof(servAddr))) == -1){
+        ESP_LOGE(TAG,"ERROR: failed to connect ret=%d\n", ret);
+    }
+
+    WOLFSSL_MSG("Create a WOLFSSL object");
+    /* Create a WOLFSSL object */
+    if ((ssl = wolfSSL_new(ctx)) == NULL) {
+        ESP_LOGE(TAG,"ERROR: failed to create WOLFSSL object\n");
+    }
+
+    /* when using atecc608a on esp32-wroom-32se */
+#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
+                                  && defined(WOLFSSL_ATECC508A)
+    atcatls_set_callbacks(ctx);
+    /* when using custome slot-allocation */
+    #if defined(CUSTOM_SLOT_ALLOCATION)
+    my_atmel_slotInit();
+    atmel_set_slot_allocator(my_atmel_alloc, my_atmel_free);
+    #endif
+#endif
+
+    /* Attach wolfSSL to the socket */
+    wolfSSL_set_fd(ssl, sockfd);
+
+    WOLFSSL_MSG("Connect to wolfSSL on the server side");
+    /* Connect to wolfSSL on the server side */
+    if (wolfSSL_connect(ssl) != SSL_SUCCESS) {
+        ESP_LOGE(TAG,"ERROR: failed to connect to wolfSSL\n");
+    }
+
+    /* Get a message for the server from stdin */
+    WOLFSSL_MSG("Message for server: ");
+    memset(buff, 0, sizeof(buff));
+
+    if(sendGet){
+        printf("SSL connect ok, sending GET...\n");
+        len = 28;
+        strncpy(buff, "GET /index.html HTTP/1.0\r\n\r\n", 28);
+        buff[len] = '\0';
+    } else {
+        sprintf(buff, "message from esp32 tls client\n");
+        len = strnlen(buff, sizeof(buff));
+    }
+    /* Send the message to the server */
+    if (wolfSSL_write(ssl, buff, len) != len) {
+        ESP_LOGE(TAG,"ERROR: failed to write\n");
+    }
+
+    /* Read the server data into our buff array */
+    memset(buff, 0, sizeof(buff));
+    if (wolfSSL_read(ssl, buff, sizeof(buff) - 1) == -1) {
+        ESP_LOGE(TAG,"ERROR: failed to read\n");
+    }
+
+    /* Print to stdout any data the server sends */
+    printf("Server:");
+    printf("%s", buff);
+    /* Cleanup and return */
+    wolfSSL_free(ssl);     /* Free the wolfSSL object                  */
+    wolfSSL_CTX_free(ctx); /* Free the wolfSSL context object          */
+    wolfSSL_Cleanup();     /* Cleanup the wolfSSL environment          */
+    close(sockfd);         /* Close the connection to the server       */
+
+    vTaskDelete(NULL);
+
+    return;                /* Return reporting a success               */
+}

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/component.mk

@@ -0,0 +1,8 @@
+#
+# Main component makefile.
+#
+# This Makefile can be left empty. By default, it will take the sources in the 
+# src/ directory, compile them and link them into lib(subdirectory_name).a 
+# in the build directory. This behaviour is entirely configurable,
+# please read the ESP-IDF documents if you need to do this.
+#

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h

@@ -0,0 +1,38 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#ifndef _TLS_WIFI_H_
+#define _TLS_WIFI_H_
+
+#include "esp_log.h"
+#include "esp_wifi.h"
+#include "esp_event_loop.h"
+
+#define DEFAULT_PORT                     11111
+
+#define TLS_SMP_CLIENT_TASK_NAME         "tls_client_example"
+#define TLS_SMP_CLIENT_TASK_WORDS        10240
+#define TLS_SMP_CLIENT_TASK_PRIORITY     8
+
+#define TLS_SMP_WIFI_SSID                CONFIG_WIFI_SSID
+#define TLS_SMP_WIFI_PASS                CONFIG_WIFI_PASSWORD
+#define TLS_SMP_TARGET_HOST              CONFIG_TARGET_HOST
+
+#endif

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c

@@ -0,0 +1,146 @@
+/* wifi_connect.c
+ *
+ * Copyright (C) 2006-2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+/*ESP specific */
+#include "freertos/FreeRTOS.h"
+#include "freertos/task.h"
+#include "freertos/event_groups.h"
+#include "wifi_connect.h"
+#include "lwip/sockets.h"
+#include "lwip/netdb.h"
+#include "lwip/apps/sntp.h"
+#include "nvs_flash.h"
+
+const static int CONNECTED_BIT = BIT0;
+static EventGroupHandle_t wifi_event_group;
+/* proto-type */
+extern void tls_smp_client_task();
+static void tls_smp_client_init();
+
+const static char *TAG = "tls_client";
+
+static EventGroupHandle_t wifi_event_group;
+extern void tls_smp_client_task();
+
+static void set_time()
+{
+    /* set dummy wallclock time. */
+    struct timeval utctime;
+    struct timezone tz;
+    struct strftime_buf;
+    time_t now;
+    struct tm timeinfo;
+    char strftime_buf[64];
+
+    utctime.tv_sec = 1542008020; /* dummy time: Mon Nov 12 07:33:40 2018 */
+    utctime.tv_usec = 0;
+    tz.tz_minuteswest = 0;
+    tz.tz_dsttime = 0;
+    
+    settimeofday(&utctime, &tz);
+
+    time(&now);
+    localtime_r(&now, &timeinfo);
+
+    strftime(strftime_buf, sizeof(strftime_buf), "%c", &timeinfo);
+    ESP_LOGI(TAG, "The current date/time is: %s", strftime_buf);
+
+    /* wait until wifi connect */
+    xEventGroupWaitBits(wifi_event_group, CONNECTED_BIT,
+                                            false, true, portMAX_DELAY);
+    /* now we start client tasks. */
+    tls_smp_client_init();
+}
+
+/* create task */
+static void tls_smp_client_init(void)
+{
+    int ret;
+    xTaskHandle _handle;
+    /* http://esp32.info/docs/esp_idf/html/dd/d3c/group__xTaskCreate.html */
+    ret = xTaskCreate(tls_smp_client_task,
+                      TLS_SMP_CLIENT_TASK_NAME,
+                      TLS_SMP_CLIENT_TASK_WORDS,
+                      NULL,
+                      TLS_SMP_CLIENT_TASK_PRIORITY,
+                      &_handle);
+
+    if (ret != pdPASS) {
+        ESP_LOGI(TAG, "create thread %s failed", TLS_SMP_CLIENT_TASK_NAME);
+    }
+}
+/* event hander for wifi events */
+static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
+{
+    switch (event->event_id)
+    {
+    case SYSTEM_EVENT_STA_START:
+        esp_wifi_connect();
+        break;
+    case SYSTEM_EVENT_STA_GOT_IP:
+        ESP_LOGI(TAG, "got ip:%s",
+                 ip4addr_ntoa(&event->event_info.got_ip.ip_info.ip));
+        /* http://esp32.info/docs/esp_idf/html/dd/d08/group__xEventGroupSetBits.html */
+        xEventGroupSetBits(wifi_event_group, CONNECTED_BIT);
+        break;
+    case SYSTEM_EVENT_STA_DISCONNECTED:
+        esp_wifi_connect();
+        xEventGroupClearBits(wifi_event_group, CONNECTED_BIT);
+        break;
+    default:
+        break;
+    }
+    return ESP_OK;
+}
+/* entry point */
+void app_main(void)
+{
+    ESP_LOGI(TAG, "Start app_main...");
+    ESP_ERROR_CHECK(nvs_flash_init());
+
+    ESP_LOGI(TAG, "Initialize wifi");
+    /* TCP/IP adapter initialization */
+    tcpip_adapter_init();
+
+    /* */
+    wifi_event_group = xEventGroupCreate();
+    ESP_ERROR_CHECK(esp_event_loop_init(wifi_event_handler, NULL));
+    wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
+    ESP_ERROR_CHECK(esp_wifi_init(&cfg));
+
+    wifi_config_t wifi_config = {
+        .sta = {
+            .ssid = TLS_SMP_WIFI_SSID,
+            .password = TLS_SMP_WIFI_PASS,
+        },
+    };
+    /* WiFi station mode */
+    ESP_ERROR_CHECK(esp_wifi_set_mode(WIFI_MODE_STA) );
+    /* Wifi Set the configuration of the ESP32 STA or AP */ 
+    ESP_ERROR_CHECK(esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) );
+    /* Start Wifi */
+    ESP_ERROR_CHECK(esp_wifi_start() );
+
+    ESP_LOGI(TAG, "wifi_init_sta finished.");
+    ESP_LOGI(TAG, "connect to ap SSID:%s password:%s",
+                                        TLS_SMP_WIFI_SSID, TLS_SMP_WIFI_PASS);
+    ESP_LOGI(TAG, "Set dummy time...");
+    set_time();
+}

IDE/Espressif/ESP-IDF/examples/wolfssl_server/CMakeLists.txt

@@ -0,0 +1,7 @@
+# The following lines of boilerplate have to be in your project's
+# CMakeLists in this exact order for cmake to work correctly
+cmake_minimum_required(VERSION 3.5)
+
+
+include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+project(wolfssl_server)

IDE/Espressif/ESP-IDF/examples/wolfssl_server/Makefile

@@ -0,0 +1,11 @@
+#
+# This is a project Makefile. It is assumed the directory this Makefile resides in is a
+# project subdirectory.
+#
+
+PROJECT_NAME := tls_server
+
+CFLAGS += -DWOLFSSL_USER_SETTINGS
+
+include $(IDF_PATH)/make/project.mk
+

IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md

@@ -0,0 +1,22 @@
+#wolfSSL Example
+
+The Example contains a wolfSSL simple server.
+
+1. "make menuconfigure" to configure the project
+
+    1-1. Example Configuration ->
+           WIFI SSID : your own WIFI, which is connected to the Internet.(default is "myssid")  
+           WIFI Password : WIFI password, and default is "mypassword"
+
+When you want to test the wolfSSL simple server demo
+
+1. "make flash" to compile the code and load the firmware
+2. "make monitor" to see the context. The assigned IP address can be found in output message.
+3. Once the server connects to the wifi, it is waiting for client request.  
+    ("Waiting for a connection..." message will be displayed.)
+   
+4. You can use <wolfssl>/examples/client to test the server  
+    e.g ./example/client/client -h xx.xx.xx
+
+See the README.md file in the upper level 'examples' directory for more information about examples.
+

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/CMakeLists.txt

@@ -0,0 +1,10 @@
+
+#
+# wolfssl server test
+#
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+
+set(COMPONENT_SRCS "server-tls.c" "wifi_connect.c")
+set(COMPONENT_ADD_INCLUDEDIRS "." "./include")
+
+register_component()

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/Kconfig.projbuild

@@ -0,0 +1,15 @@
+menu "Example Configuration"
+
+config WIFI_SSID
+    string "WiFi SSID"
+    default "myssid"
+    help
+        SSID (network name) for the example to connect to.
+
+config WIFI_PASSWORD
+    string "WiFi Password"
+    default "mypassword"
+    help
+        WiFi password (WPA or WPA2) for the example to use.
+
+endmenu

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/component.mk

@@ -0,0 +1,3 @@
+#
+# Main Makefile. This is basically the same as a component makefile.
+#

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h

@@ -0,0 +1,37 @@
+/* wifi_connect.h 
+ *
+ * Copyright (C) 2006-2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#ifndef _TLS_WIFI_H_
+#define _TLS_WIFI_H_
+
+#include "esp_log.h"
+#include "esp_wifi.h"
+#include "esp_event_loop.h"
+
+#define DEFAULT_PORT                     11111
+
+#define TLS_SMP_SERVER_TASK_NAME         "tls_sever_example"
+#define TLS_SMP_SERVER_TASK_WORDS        10240
+#define TLS_SMP_SERVER_TASK_PRIORITY     8
+
+#define TLS_SMP_WIFI_SSID                CONFIG_WIFI_SSID
+#define TLS_SMP_WIFI_PASS                CONFIG_WIFI_PASSWORD
+
+#endif

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c

@@ -0,0 +1,266 @@
+/* server-tls-callback.c
+ *
+ * Copyright (C) 2006-2019 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+/* the usual suspects */
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+
+/* socket includes */
+#include <sys/socket.h>
+#include <arpa/inet.h>
+#include <netinet/in.h>
+#include <unistd.h>
+
+/* wolfSSL */
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/ssl.h>
+#include <wolfssl/certs_test.h>
+
+/* ESP specific */
+#include "wifi_connect.h"
+
+#ifdef WOLFSSL_TRACK_MEMORY
+    #include <wolfssl/wolfcrypt/mem_track.h>
+#endif
+
+static const char* const TAG = "tls_server";
+
+#if defined(DEBUG_WOLFSSL)
+
+static void ShowCiphers(void)
+{
+    char ciphers[4096];
+
+    int ret = wolfSSL_get_ciphers(ciphers, (int)sizeof(ciphers));
+
+    if (ret == WOLFSSL_SUCCESS)
+        printf("%s\n", ciphers);
+}
+
+#endif
+
+#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
+                                  && defined(WOLFSSL_ATECC508A)
+
+#include "wolfssl/wolfcrypt/port/atmel/atmel.h"
+
+/* when you want to use a custom slot allocation */
+/* enable the difinition CUSTOM_SLOT_ALLOCATION. */
+
+#if defined(CUSTOM_SLOT_ALLOCATION)
+
+static byte mSlotList[ATECC_MAX_SLOT];
+
+int atmel_set_slot_allocator(atmel_slot_alloc_cb alloc, atmel_slot_dealloc_cb dealloc);
+
+/* initialize slot array */
+void my_atmel_slotInit()
+{
+    int i;
+
+    for(i=0;i<ATECC_MAX_SLOT; i++) {
+        mSlotList[i] = ATECC_INVALID_SLOT;
+    }
+}
+
+/* allocate slot depending on slotType */
+int my_atmel_alloc(int slotType)
+{
+    int i, slot = -1;
+
+    switch(slotType){
+        case ATMEL_SLOT_ENCKEY:
+            slot = 4;
+            break;
+        case ATMEL_SLOT_DEVICE:
+            slot = 0;
+            break;
+        case ATMEL_SLOT_ECDHE:
+            slot = 0;
+            break;
+        case ATMEL_SLOT_ECDHE_ENC:
+            slot = 4;
+            break;
+        case ATMEL_SLOT_ANY:
+            for(i=0;i<ATECC_MAX_SLOT;i++){
+                if(mSlotList[i] == ATECC_INVALID_SLOT){
+                    slot = i;
+                    break;
+                }
+            }
+    }
+
+    return slot;
+}
+
+/* free slot array       */
+void my_atmel_free(int slotId)
+{
+    if(slotId >= 0 && slotId < ATECC_MAX_SLOT){
+        mSlotList[slotId] = ATECC_INVALID_SLOT;
+    }
+}
+#endif /* CUSTOM_SLOT_ALLOCATION                                       */
+#endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */
+
+void tls_smp_server_task()
+{
+    int                sockfd;
+    int                connd;
+    struct sockaddr_in servAddr;
+    struct sockaddr_in clientAddr;
+    socklen_t          size = sizeof(clientAddr);
+    char               buff[256];
+    size_t             len;
+    int                shutdown = 0;
+    int                ret;
+
+    /* declare wolfSSL objects */
+    WOLFSSL_CTX* ctx;
+    WOLFSSL*     ssl;
+
+    WOLFSSL_ENTER("tls_smp_server_task");
+
+#ifdef DEBUG_WOLFSSL
+    WOLFSSL_MSG("Debug ON");
+    wolfSSL_Debugging_ON();
+    ShowCiphers();
+#endif
+
+    /* Initialize wolfSSL */
+    WOLFSSL_MSG("Start wolfSSL_Init()");
+    wolfSSL_Init();
+
+    /* Create a socket that uses an internet IPv4 address,
+     * Sets the socket to be stream based (TCP),
+     * 0 means choose the default protocol. */
+    WOLFSSL_MSG( "start socket())");
+    if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
+        ESP_LOGE(TAG, "ERROR: failed to create the socket");
+    }
+
+    /* Create and initialize WOLFSSL_CTX */
+    WOLFSSL_MSG("Create and initialize WOLFSSL_CTX");
+    if ((ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())) == NULL) {
+        ESP_LOGE(TAG, "ERROR: failed to create WOLFSSL_CTX");
+    }
+    WOLFSSL_MSG("Loading certificate...");
+    /* Load server certificates into WOLFSSL_CTX */
+
+    if ((ret = wolfSSL_CTX_use_certificate_buffer(ctx, server_cert_der_2048,
+                        sizeof_server_cert_der_2048,
+                        WOLFSSL_FILETYPE_ASN1)) != SSL_SUCCESS) {
+        ESP_LOGE(TAG, "ERROR: failed to load cert");
+    }
+    WOLFSSL_MSG("Loading key info...");
+    /* Load server key into WOLFSSL_CTX */
+
+    if((ret=wolfSSL_CTX_use_PrivateKey_buffer(ctx,
+                            server_key_der_2048, sizeof_server_key_der_2048,
+                            WOLFSSL_FILETYPE_ASN1)) != SSL_SUCCESS) {
+        ESP_LOGE(TAG, "ERROR: failed to load privatekey");
+    }
+
+    /* TO DO when using ECDSA, it loads the provisioned certificate and present it.*/
+    /* TO DO when using ECDSA, it uses the generated key instead of loading key    */
+
+    /* Initialize the server address struct with zeros */
+    memset(&servAddr, 0, sizeof(servAddr));
+    /* Fill in the server address */
+    servAddr.sin_family      = AF_INET;             /* using IPv4      */
+    servAddr.sin_port        = htons(DEFAULT_PORT); /* on DEFAULT_PORT */
+    servAddr.sin_addr.s_addr = INADDR_ANY;          /* from anywhere   */
+
+    /* Bind the server socket to our port */
+    if (bind(sockfd, (struct sockaddr*)&servAddr, sizeof(servAddr)) == -1) {
+         ESP_LOGE(TAG, "ERROR: failed to bind");
+    }
+
+    /* Listen for a new connection, allow 5 pending connections */
+    if (listen(sockfd, 5) == -1) {
+         ESP_LOGE(TAG, "ERROR: failed to listen");
+    }
+
+#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
+                                  && defined(WOLFSSL_ATECC508A)
+    atcatls_set_callbacks(ctx);
+    /* when using a custom slot allocation */
+    #if defined(CUSTOM_SLOT_ALLOCATION)
+    my_atmel_slotInit();
+    atmel_set_slot_allocator(my_atmel_alloc, my_atmel_free);
+    #endif
+#endif
+
+    /* Continue to accept clients until shutdown is issued */
+    while (!shutdown) {
+         WOLFSSL_MSG("Waiting for a connection...");
+        /* Accept client connections */
+        if ((connd = accept(sockfd, (struct sockaddr*)&clientAddr, &size))
+            == -1) {
+             ESP_LOGE(TAG, "ERROR: failed to accept the connection");
+        }
+        /* Create a WOLFSSL object */
+        if ((ssl = wolfSSL_new(ctx)) == NULL) {
+             ESP_LOGE(TAG, "ERROR: failed to create WOLFSSL object");
+        }
+        /* Attach wolfSSL to the socket */
+        wolfSSL_set_fd(ssl, connd);
+        /* Establish TLS connection */
+        ret = wolfSSL_accept(ssl);
+        if (ret != SSL_SUCCESS) {
+            ESP_LOGE(TAG, "wolfSSL_accept error %d", wolfSSL_get_error(ssl, ret));
+        }
+        WOLFSSL_MSG("Client connected successfully");
+        /* Read the client data into our buff array */
+        memset(buff, 0, sizeof(buff));
+        if (wolfSSL_read(ssl, buff, sizeof(buff)-1) == -1) {
+            ESP_LOGE(TAG, "ERROR: failed to read");
+        }
+        /* Print to stdout any data the client sends */
+        WOLFSSL_MSG("Client sends:");
+        WOLFSSL_MSG(buff);
+        /* Check for server shutdown command */
+        if (strncmp(buff, "shutdown", 8) == 0) {
+            WOLFSSL_MSG("Shutdown command issued!");
+            shutdown = 1;
+        }
+        /* Write our reply into buff */
+        memset(buff, 0, sizeof(buff));
+        memcpy(buff, "I hear ya fa shizzle!", sizeof(buff));
+        len = strnlen(buff, sizeof(buff));
+        /* Reply back to the client */
+        if (wolfSSL_write(ssl, buff, len) != len) {
+            ESP_LOGE(TAG, "ERROR: failed to write");
+        }
+        /* Cleanup after this connection */
+        wolfSSL_free(ssl);      /* Free the wolfSSL object              */
+        close(connd);           /* Close the connection to the client   */
+    }
+    /* Cleanup and return */
+    wolfSSL_CTX_free(ctx);  /* Free the wolfSSL context object          */
+    wolfSSL_Cleanup();      /* Cleanup the wolfSSL environment          */
+    close(sockfd);          /* Close the socket listening for clients   */
+
+    vTaskDelete(NULL);
+
+    return;                 /* Return reporting a success               */
+}

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c

@@ -0,0 +1,143 @@
+/* wifi_connect.c 
+ *
+ * Copyright (C) 2006-2018 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+/*ESP specific */
+#include "freertos/FreeRTOS.h"
+#include "freertos/task.h"
+#include "freertos/event_groups.h"
+#include "wifi_connect.h"
+#include "lwip/sockets.h"
+#include "lwip/netdb.h"
+#include "lwip/apps/sntp.h"
+#include "nvs_flash.h"
+
+const static int CONNECTED_BIT = BIT0;
+static EventGroupHandle_t wifi_event_group;
+/* prefix for logging */
+const static char *TAG = "tls_server";
+/* proto-type difinition */
+extern void tls_smp_server_task();
+static void tls_smp_server_init();
+
+static void set_time()
+{
+    /* set dummy wallclock time. */
+    struct timeval utctime;
+    struct timezone tz;
+    struct strftime_buf;
+    time_t now;
+    struct tm timeinfo;
+    char strftime_buf[64];
+
+    utctime.tv_sec = 1542008020; /* dummy time: Mon Nov 12 07:33:40 2018 */
+    utctime.tv_usec = 0;
+    tz.tz_minuteswest = 0;
+    tz.tz_dsttime = 0;
+    
+    settimeofday(&utctime, &tz);
+
+    time(&now);
+    localtime_r(&now, &timeinfo);
+
+    strftime(strftime_buf, sizeof(strftime_buf), "%c", &timeinfo);
+    ESP_LOGI(TAG, "The current date/time is: %s", strftime_buf);
+
+    /* wait until wifi connect */
+    xEventGroupWaitBits(wifi_event_group, CONNECTED_BIT,
+                                            false, true, portMAX_DELAY);
+    /* now we start client tasks. */
+    tls_smp_server_init();
+}
+
+/* create task */
+static void tls_smp_server_init(void)
+{
+    int ret;
+    xTaskHandle _handle;
+    /* http://esp32.info/docs/esp_idf/html/dd/d3c/group__xTaskCreate.html */
+    ret = xTaskCreate(tls_smp_server_task,
+                      TLS_SMP_SERVER_TASK_NAME,
+                      TLS_SMP_SERVER_TASK_WORDS,
+                      NULL,
+                      TLS_SMP_SERVER_TASK_PRIORITY,
+                      &_handle);
+
+    if (ret != pdPASS) {
+        ESP_LOGI(TAG, "create thread %s failed", TLS_SMP_SERVER_TASK_NAME);
+    }
+}
+/* event hander for wifi events */
+static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
+{
+    switch (event->event_id)
+    {
+    case SYSTEM_EVENT_STA_START:
+        esp_wifi_connect();
+        break;
+    case SYSTEM_EVENT_STA_GOT_IP:
+        ESP_LOGI(TAG, "got ip:%s",
+                 ip4addr_ntoa(&event->event_info.got_ip.ip_info.ip));
+        /* http://esp32.info/docs/esp_idf/html/dd/d08/group__xEventGroupSetBits.html */
+        xEventGroupSetBits(wifi_event_group, CONNECTED_BIT);
+        break;
+    case SYSTEM_EVENT_STA_DISCONNECTED:
+        esp_wifi_connect();
+        xEventGroupClearBits(wifi_event_group, CONNECTED_BIT);
+        break;
+    default:
+        break;
+    }
+    return ESP_OK;
+}
+/* entry point */
+void app_main(void)
+{
+    ESP_LOGI(TAG, "Start app_main...");
+    ESP_ERROR_CHECK(nvs_flash_init());
+
+    ESP_LOGI(TAG, "Initialize wifi");
+    /* TCP/IP adapter initialization */
+    tcpip_adapter_init();
+
+    /* */
+    wifi_event_group = xEventGroupCreate();
+    ESP_ERROR_CHECK(esp_event_loop_init(wifi_event_handler, NULL));
+    wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
+    ESP_ERROR_CHECK(esp_wifi_init(&cfg));
+
+    wifi_config_t wifi_config = {
+        .sta = {
+            .ssid = TLS_SMP_WIFI_SSID,
+            .password = TLS_SMP_WIFI_PASS,
+        },
+    };
+    /* WiFi station mode */
+    ESP_ERROR_CHECK(esp_wifi_set_mode(WIFI_MODE_STA) );
+    /* Wifi Set the configuration of the ESP32 STA or AP */ 
+    ESP_ERROR_CHECK(esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) );
+    /* Start Wifi */
+    ESP_ERROR_CHECK(esp_wifi_start() );
+
+    ESP_LOGI(TAG, "wifi_init_sta finished.");
+    ESP_LOGI(TAG, "connect to ap SSID:%s password:%s",
+                                        TLS_SMP_WIFI_SSID, TLS_SMP_WIFI_PASS);
+    ESP_LOGI(TAG, "Set Dummy time...");
+    set_time();
+}

IDE/Espressif/ESP-IDF/examples/wolfssl_test/CMakeLists.txt

@@ -0,0 +1,6 @@
+# The following five lines of boilerplate have to be in your project's
+# CMakeLists in this exact order for cmake to work correctly
+cmake_minimum_required(VERSION 3.5)
+
+include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+project(wolfssl_test)

IDE/Espressif/ESP-IDF/examples/wolfssl_test/Makefile

@@ -0,0 +1,11 @@
+#
+# This is a project Makefile. It is assumed the directory this Makefile resides in is a
+# project subdirectory.
+#
+
+PROJECT_NAME := wolfssl_test
+
+CFLAGS += -DWOLFSSL_USER_SETTINGS
+
+include $(IDF_PATH)/make/project.mk
+

IDE/Espressif/ESP-IDF/examples/wolfssl_test/README.md

@@ -0,0 +1,10 @@
+#wolfSSL Example
+
+The Example contains of wolfSSL test program.
+
+When you want to run the benchmark program
+1. "make menuconfig" to configure the program,first
+1. "make flash" to compile and load the firemware
+2. "make monitor" to see the message
+
+See the README.md file in the upper level 'examples' directory for more information about examples.

IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/CMakeLists.txt

@@ -0,0 +1,10 @@
+
+#
+# wolfssl crypt test
+#
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+
+set(COMPONENT_SRCS "test.c")
+set(COMPONENT_ADD_INCLUDEDIRS ".")
+
+register_component()

IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/component.mk

@@ -0,0 +1,3 @@
+#
+# Main Makefile. This is basically the same as a component makefile.
+#

IDE/Espressif/ESP-IDF/examples/wolfssl_test/sdkconfig.defaults

@@ -0,0 +1,2 @@
+CONFIG_MAIN_TASK_STACK_SIZE=5000
+CONFIG_TASK_WDT_CHECK_IDLE_TASK_CPU0=

IDE/Espressif/ESP-IDF/libs/CMakeLists.txt

@@ -0,0 +1,37 @@
+#
+# cmake for wolfssl
+# 
+cmake_minimum_required(VERSION 3.5)
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+
+set(CMAKE_CURRENT_SOURCE_DIR ".")
+set(WOLFSSL_ROOT ${CMAKE_CURRENT_SOURCE_DIR})
+set(INCLUDE_PATH ${WOLFSSL_ROOT})
+
+set(COMPONENT_SRCDIRS "./src/"
+                      "./wolfcrypt/src/"
+                      "./wolfcrypt/src/port/Espressif/"
+                      "./wolfcrypt/src/port/atmel/"
+                      )
+
+set(COMPONENT_REQUIRES lwip)
+
+set(COMPONENT_ADD_INCLUDEDIRS
+    "."
+    "./include"
+    "../freertos/include/freertos" 
+    "${WOLFSSL_ROOT}"
+    )
+
+if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
+    list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
+endif()
+
+set(COMPONENT_SRCEXCLUDE
+    "wolfcrypt/src/aes_asm.S"
+    "wolfcrypt/src/evp.c"
+    "wolfcrypt/src/misc.c"
+    "src/bio.c"
+    )
+
+register_component()

IDE/Espressif/ESP-IDF/libs/component.mk

@@ -0,0 +1,17 @@
+#
+# Component Makefile
+#
+
+COMPONENT_ADD_INCLUDEDIRS := . ./include
+COMPONENT_ADD_INCLUDEDIRS += ../freertos/include/freertos/
+
+COMPONENT_SRCDIRS := src wolfcrypt/src
+COMPONENT_SRCDIRS += wolfcrypt/src/port/Espressif
+COMPONENT_SRCDIRS += wolfcrypt/src/port/atmel
+
+CFLAGS +=-DWOLFSSL_USER_SETTINGS
+
+COMPONENT_OBJEXCLUDE := wolfcrypt/src/aes_asm.o
+COMPONENT_OBJEXCLUDE += wolfcrypt/src/evp.o
+COMPONENT_OBJEXCLUDE += wolfcrypt/src/misc.o
+COMPONENT_OBJEXCLUDE += src/bio.o

IDE/Espressif/ESP-IDF/setup.sh

@@ -0,0 +1,112 @@
+#!/bin/bash
+
+# check if IDF_PATH is set
+if [ -z "$IDF_PATH" ]; then
+    echo "Please follows the instruction of ESP-IDF installation and set IDF_PATH."
+    exit 1
+fi
+
+RMDCMD='/bin/rm -rf'
+MKDCMD='/bin/mkdir'
+CPDCMD='/bin/cp'
+
+SCRIPTDIR=`dirname $0`
+SCRIPTDIR=`cd $SCRIPTDIR && pwd -P`
+WOLFSSL_ESPIDFDIR=${SCRIPTDIR}
+WOLFSSL_ESPIDFDIR=`cd $WOLFSSL_ESPIDFDIR && pwd -P`
+BASEDIR=${SCRIPTDIR}/../../../
+BASEDIR=`cd ${BASEDIR} && pwd -P`
+
+# echo $WOLFSSL_ESPIDFDIR
+
+WOLFSSLLIB_TRG_DIR=${IDF_PATH}/components/wolfssl
+WOLFSSLEXP_TRG_DIR=${IDF_PATH}/examples/protocols
+
+if [ ! -d $IDF_PATH ]; then
+    echo "ESP-IDF Development Framework doesn't exist.: $IDF_PATH"
+    exit 1
+fi
+
+# Copy files into ESP-IDF development framework
+pushd $IDF_PATH > /dev/null
+
+echo "Copy files into $IDF_PATH"
+# Remove/Create directories
+${RMDCMD} ${WOLFSSLLIB_TRG_DIR}/
+${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/
+
+${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/src
+${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/wolfcrypt
+${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/wolfcrypt/src
+${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/wolfssl
+${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/test
+${MKDCMD} ${WOLFSSLLIB_TRG_DIR}/include
+
+popd > /dev/null             # $WOLFSSL_ESPIDFDIR
+pushd ${BASEDIR} > /dev/null # WOLFSSL TOP DIR
+
+# copying ... files in src/ into $WOLFSSLLIB_TRG_DIR/src
+${CPDCMD} ./src/*.c ${WOLFSSLLIB_TRG_DIR}/src/
+
+
+${CPDCMD} -r ./wolfcrypt/src/*.{c,i} ${WOLFSSLLIB_TRG_DIR}/wolfcrypt/src/
+${CPDCMD} -r ./wolfcrypt/src/port  ${WOLFSSLLIB_TRG_DIR}/wolfcrypt/src/port/
+${CPDCMD} -r ./wolfcrypt/test ${WOLFSSLLIB_TRG_DIR}/wolfcrypt/
+${CPDCMD} -r ./wolfcrypt/benchmark ${WOLFSSLLIB_TRG_DIR}/wolfcrypt/
+
+${CPDCMD} -r ./wolfssl/*.h ${WOLFSSLLIB_TRG_DIR}/wolfssl/
+${CPDCMD} -r ./wolfssl/wolfcrypt ${WOLFSSLLIB_TRG_DIR}/wolfssl/
+# user_settings.h
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/user_settings.h ${WOLFSSLLIB_TRG_DIR}/include/
+
+# unit test app
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/test/* ${WOLFSSLLIB_TRG_DIR}/test/
+
+popd > /dev/null # 
+
+${CPDCMD} ./libs/CMakeLists.txt ${WOLFSSLLIB_TRG_DIR}/
+${CPDCMD} ./libs/component.mk ${WOLFSSLLIB_TRG_DIR}/
+
+pushd ${BASEDIR} > /dev/null # WOLFSSL TOP DIR
+
+# Benchmark program
+${RMDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_benchmark/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_benchmark/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_benchmark/main/
+
+${CPDCMD} -r ./wolfcrypt/benchmark/benchmark.c ${WOLFSSLEXP_TRG_DIR}/wolfssl_benchmark/main/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_benchmark/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_benchmark/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_benchmark/main/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_benchmark/main/
+
+# Crypt Test program
+${RMDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_test/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_test/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_test/main/
+
+${CPDCMD} -r ./wolfcrypt/test/test.c ${WOLFSSLEXP_TRG_DIR}/wolfssl_test/main/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_test/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_test/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_test/main/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_test/main/
+
+# TLS Client program
+${RMDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_client/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_client/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_client/main/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_client/main/include
+
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_client/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_client/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_client/main/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_client/main/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_client/main/include/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_client/main/include/
+
+# TLS Server program
+${RMDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_server/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_server/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_server/main/
+${MKDCMD} ${WOLFSSLEXP_TRG_DIR}/wolfssl_server/main/include
+
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_server/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_server/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_server/main/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_server/main/
+${CPDCMD} -r ${WOLFSSL_ESPIDFDIR}/examples/wolfssl_server/main/include/* ${WOLFSSLEXP_TRG_DIR}/wolfssl_server/main/include/
+
+popd > /dev/null # 
+
+exit 1

IDE/Espressif/ESP-IDF/test/CMakeLists.txt

@@ -0,0 +1,6 @@
+set(COMPONENT_SRCDIRS ".")
+set(COMPONENT_ADD_INCLUDEDIRS ".")
+
+set(COMPONENT_REQUIRES unity test_utils wolfssl)
+
+register_component()

IDE/Espressif/ESP-IDF/test/README.md

@@ -0,0 +1,11 @@
+# wolfSSL unit-test app
+
+The test contains of wolfSSL unit-test app on Unity.
+
+When you want to run the app  
+1. Copy *test.c* file at /path/to/esp-idf/components/wolfssl/wolfcrypt/test/ folder to the  wolfssl/test folder  
+2. Go to /esp-idf/tools/unit-test-app/ folder  
+3. "make menuconfig" to configure unit test app.  
+4. "make TEST_COMPONENTS=wolfssl" to build wolfssl unit test app.  
+
+See [https://docs.espressif.com/projects/esp-idf/en/latest/api-guides/unit-tests.html] for more information about unit test app.

IDE/Espressif/ESP-IDF/test/component.mk

@@ -0,0 +1,10 @@
+#
+#Component Makefile
+#
+
+#CFLAGS := -v
+CFLAGS += -DNO_MAIN_DRIVER
+CFLAGS += -DWOLFSSL_USER_SETTINGS
+#CFLAGS += -DWOLFSSL_ESP32WROOM32_CRYPT_DEBUG
+
+COMPONENT_ADD_LDFLAGS = -Wl,--whole-archive -l$(COMPONENT_NAME) -Wl,--no-whole-archive

IDE/Espressif/ESP-IDF/test/test_wolfssl.c

@@ -0,0 +1,524 @@
+/*
+* wolfssl sha tests
+*/
+
+#include <stdio.h>
+#include <string.h>
+
+#include <esp_system.h>
+#include "freertos/FreeRTOS.h"
+#include "freertos/task.h"
+#include "freertos/semphr.h"
+#include "unity.h"
+#include "sdkconfig.h"
+#include "esp_log.h"
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/sha.h>
+#include <wolfssl/wolfcrypt/sha256.h>
+#include <wolfssl/wolfcrypt/sha512.h>
+#include <wolfssl/wolfcrypt/wc_port.h>
+#include <wolfssl/wolfcrypt/logging.h>
+#include <wolfssl/wolfcrypt/types.h>
+
+static const char* TAG = "wolfssl unit test";
+static xSemaphoreHandle exit_semaph;
+static volatile bool exit_loop=false;
+
+#define SHA_STACK_SIZE (20*1024)
+#define TIMES_SHA 500
+#define TIMES_AES 100
+
+#ifndef NO_SHA
+int sha_test();
+#endif
+#ifndef NO_SHA256
+int sha256_test();
+#endif
+#ifdef WOLFSSL_SHA384
+int sha384_test(void);
+#endif
+#ifdef WOLFSSL_SHA512
+int sha512_test(void);
+#endif
+
+#ifndef NO_AES
+int aes_test(void);
+static void tskAes_Test(void *pvParam)
+{
+    ESP_LOGI(TAG, "enter tskAes_Test");
+    int ret = 0;
+    while(exit_loop==false) {
+        ret = aes_test();
+        if(ret != 0) {
+            printf("result was not good(aes_test)(%d)\n",ret);
+            TEST_FAIL_MESSAGE("tskAes_Test\n");
+        }
+    }
+
+    ESP_LOGI(TAG, "leave tskAes_Test");
+    xSemaphoreGive(exit_semaph);
+    vTaskDelete(NULL);
+}
+
+int aesgcm_test(void);
+
+static void tskAesGcm_Test(void *pvParam)
+{
+    ESP_LOGI(TAG, "enter tskAesGcm_Test");
+    int ret = 0;
+    while(exit_loop==false) {
+        ret = aesgcm_test();
+        if(ret != 0) {
+            printf(" results was not good(%d). aesGcm_test\n",ret);
+            TEST_FAIL_MESSAGE("aesGcm_test\n");
+        }
+    }
+    ESP_LOGI(TAG, "leave tskAesGcm_Test");
+    xSemaphoreGive(exit_semaph);
+    vTaskDelete(NULL);
+}
+
+#ifdef WOLFSSL_AES_192
+int aes192_test(void);
+static void tskAes192_Test(void *pvParam)
+{
+    ESP_LOGI(TAG, "enter tskAes192_Test");
+    int ret = 0;
+    while(exit_loop==false) {
+        ret = aes192_test();
+        if(ret != 0) {
+            printf(" results was not good(%d). aes192_test\n",ret);
+            TEST_FAIL_MESSAGE("aes192_test\n");
+        }
+    }
+    ESP_LOGI(TAG, "leave tskAes192_Test");
+    xSemaphoreGive(exit_semaph);
+    vTaskDelete(NULL);
+}
+#endif
+#ifdef WOLFSSL_AES_256
+int aes256_test(void);
+static void tskAes256_Test(void *pvParam)
+{
+    ESP_LOGI(TAG, "enter tskAes256_Test");
+    int ret = 0;
+    while(exit_loop==false) {
+        ret = aes256_test();
+        if(ret != 0) {
+            printf(" results was not good(%d). aes256_test\n", ret);
+            TEST_FAIL_MESSAGE("aes256_test\n");
+        }
+    }
+    ESP_LOGI(TAG, "leave tskAes256_Test");
+    xSemaphoreGive(exit_semaph);
+    vTaskDelete(NULL);
+}
+#endif
+
+TEST_CASE("wolfssl aes test"  , "[wolfssl]")
+{
+    ESP_LOGI(TAG, "aes test");
+    TEST_ASSERT_EQUAL(0, aes_test());
+#ifdef WOLFSSL_AES_192
+    ESP_LOGI(TAG, "aes_192 test");
+    TEST_ASSERT_EQUAL(0, aes192_test());
+#endif
+#ifdef WOLFSSL_AES_256
+    ESP_LOGI(TAG, "aes_256 test");
+    TEST_ASSERT_EQUAL(0, aes256_test());
+#endif
+    ESP_LOGI(TAG, "aes-gcm test");
+    TEST_ASSERT_EQUAL(0, aesgcm_test());
+}
+
+#endif
+
+TEST_CASE("wolfssl sha crypt-test", "[wolfssl]")
+{
+#ifndef NO_SHA
+    ESP_LOGI(TAG, "sha_test()");
+    TEST_ASSERT_EQUAL(0, sha_test());
+#endif
+#ifndef NO_SHA256
+    ESP_LOGI(TAG, "sha256_test()");
+    TEST_ASSERT_EQUAL(0, sha256_test());
+#endif
+#ifdef WOLSSL_SHA384
+    ESP_LOGI(TAG, "sha384_test()");
+    TEST_ASSERT_EQUAL(0, sha384_test());
+#endif
+#ifdef WOLFSSL_SHA512
+    ESP_LOGI(TAG, "sha512_test()");
+    TEST_ASSERT_EQUAL(0, sha512_test());
+#endif
+}
+
+
+#ifndef NO_SHA
+static void tskSha_Test(void *pvParam)
+{
+    ESP_LOGI(TAG, "enter tskSha_Test");
+
+    int ret = 0;
+
+    while(exit_loop==false) {
+        ret = sha_test();
+        if(ret != 0) {
+            printf(" results was not good(%d). sha_test\n", ret);
+            TEST_FAIL_MESSAGE("tskSha_Test\n");
+        }
+    }
+
+    ESP_LOGI(TAG, "leave tskSha_Test");
+    xSemaphoreGive(exit_semaph);
+    vTaskDelete(NULL);
+}
+#endif
+
+#ifndef NO_SHA256
+static void tskSha256_Test(void *pvParam)
+{
+    ESP_LOGI(TAG, "enter tskSha256_Test");
+    int ret;
+
+    while(exit_loop==false) {
+        ret = sha256_test();
+        if(ret != 0) {
+            printf("results was not good(%d). sha256_test\n", ret);
+            TEST_FAIL_MESSAGE("sha256_test() failed");
+        }
+    }
+
+    ESP_LOGI(TAG, "leave tskSha256_Test");
+    xSemaphoreGive(exit_semaph);
+    vTaskDelete(NULL);
+}
+#endif
+
+#ifdef WOLFSSL_SHA384
+static void tskSha384_Test(void *pvParam)
+{
+    ESP_LOGI(TAG, "enter tskSha384_Test");
+    int ret = 0;
+
+    while(exit_loop==false) {
+        ret = sha384_test();
+        if(ret != 0) {
+            printf("results was not good(%d). sha384_test\n", ret);
+            TEST_FAIL_MESSAGE("sha384_test() failed\n");
+        }
+    }
+
+    ESP_LOGI(TAG, "leave tskSha384_Test");
+    xSemaphoreGive(exit_semaph);
+    vTaskDelete(NULL);
+}
+#endif
+
+#ifdef WOLFSSL_SHA512
+static void tskSha512_Test(void *pvParam)
+{
+    ESP_LOGI(TAG, "enter tskSha512_Test");
+
+    int ret = 0;
+
+    while(exit_loop==false) {
+        ret = sha512_test();
+        if(ret != 0) {
+            printf(" results was not good(%d). sha512_test\n", ret);
+            TEST_FAIL_MESSAGE("tskSha512_Test() failed\n");
+        }
+    }
+    ESP_LOGI(TAG, "leave tskSha512_test()");
+    xSemaphoreGive(exit_semaph);
+    vTaskDelete(NULL);
+
+
+}
+#endif
+
+TEST_CASE("wolfssl sha multi-thread test ", "[wolfssl]")
+{
+    int num = 0;
+#ifndef NO_SHA
+    num++;
+#endif
+#ifndef NO_SHA256
+    num++;
+#endif
+#ifdef WOLFSSL_SHA384
+    num++;
+#endif
+#ifdef WOLFSSL_SHA512
+    num++;
+#endif
+
+    exit_loop = false;
+
+    exit_semaph = xSemaphoreCreateCounting(num, 0);
+
+#ifndef NO_SHA
+    xTaskCreate(tskSha_Test, "sha_test", SHA_STACK_SIZE, NULL, 3, NULL);
+#endif
+#ifndef NO_SHA256
+    xTaskCreate(tskSha256_Test, "sha256_test", SHA_STACK_SIZE, NULL, 3, NULL);
+#endif
+#ifdef WOLFSSL_SHA384
+    xTaskCreate(tskSha384_Test, "sha384_test", SHA_STACK_SIZE, NULL, 3, NULL);
+#endif
+#ifdef WOLFSSL_SHA512
+    xTaskCreate(tskSha512_Test, "sha512_test", SHA_STACK_SIZE, NULL, 3, NULL);
+#endif
+
+ ESP_LOGI(TAG, "Waiting for 10s ...");
+ vTaskDelay(10000/portTICK_PERIOD_MS);
+ exit_loop = true;
+
+ for(int i=0;i<num;i++){
+     if(!xSemaphoreTake(exit_semaph, 2000/portTICK_PERIOD_MS)) {
+         TEST_FAIL_MESSAGE("exit semaphore not released by test task");
+     }
+ }
+ vSemaphoreDelete(exit_semaph);
+}
+
+TEST_CASE("wolfssl aes multi-thread test ", "[wolfssl]")
+{
+    int num = 0;
+#ifndef NO_AES
+    num++;
+    num++;
+#ifdef WOLFSSL_AES_192
+    num++;
+#endif
+#ifdef WOLFSSL_AES_256
+    num++;
+#endif
+#endif
+
+    exit_loop = false;
+    exit_semaph = xSemaphoreCreateCounting(num, 0);
+
+#ifndef NO_AES
+    xTaskCreate(tskAes_Test, "Aes_test", SHA_STACK_SIZE, NULL, 3, NULL);
+    xTaskCreate(tskAesGcm_Test, "AesGcm_test", SHA_STACK_SIZE, NULL, 3, NULL);
+#endif
+#ifdef WOLFSSL_AES_192
+    xTaskCreate(tskAes192_Test, "Aes192_test", SHA_STACK_SIZE, NULL, 3, NULL);
+#endif
+#ifdef WOLFSSL_AES_256
+    xTaskCreate(tskAes256_Test, "Aes256_test", SHA_STACK_SIZE, NULL, 3, NULL);
+#endif
+
+ ESP_LOGI(TAG, "Waiting for 10s ...");
+ vTaskDelay(10000/portTICK_PERIOD_MS);
+ exit_loop = true;
+
+ for(int i=0;i<num;i++){
+    if(!xSemaphoreTake(exit_semaph, 2000/portTICK_PERIOD_MS)) {
+        TEST_FAIL_MESSAGE("exit semaphore not released by test task");
+    }
+ }
+ vSemaphoreDelete(exit_semaph);
+}
+
+TEST_CASE("wolfssl aes sha sha256 multi-thread test ", "[wolfssl]")
+{
+    int num = 0;
+
+#ifndef NO_AES
+    num++;
+    num++;
+#ifdef WOLFSSL_AES_192
+    num++;
+#endif
+#ifdef WOLFSSL_AES_256
+    num++;
+#endif
+#endif
+#ifndef NO_SHA
+    num++;
+#endif
+#ifndef NO_SHA256
+    num++;
+#endif
+
+    exit_loop = false;
+
+#ifndef CONFIG_FREERTOS_UNICORE
+    num *= 2;
+    printf("num=%d\n", num);
+
+    exit_semaph = xSemaphoreCreateCounting(num, 0);
+
+#ifndef NO_AES
+    if(xTaskCreatePinnedToCore(tskAes_Test, "Aes_test", SHA_STACK_SIZE, NULL, 3, NULL, 0)!=pdPASS)
+        ESP_LOGE(TAG, "failed to create task -1 \n");
+    if(xTaskCreatePinnedToCore(tskAes_Test, "Aes_test", SHA_STACK_SIZE, NULL, 3, NULL, 1)!=pdPASS)
+        ESP_LOGE(TAG, "failed to create task -2 \n");
+    if(xTaskCreatePinnedToCore(tskAesGcm_Test, "AesGcm_test", SHA_STACK_SIZE, NULL, 3, NULL, 0)!=pdPASS)
+        ESP_LOGE(TAG, "failed to create task -3 \n");
+    if(xTaskCreatePinnedToCore(tskAesGcm_Test, "AesGcm_test", SHA_STACK_SIZE, NULL, 3, NULL, 1)!=pdPASS)
+        ESP_LOGE(TAG, "failed to create task -4 \n");
+#endif
+#ifdef WOLFSSL_AES_192
+    if(xTaskCreatePinnedToCore(tskAes192_Test, "Aes192_test", SHA_STACK_SIZE, NULL, 3, NULL, 0)!=pdPASS)
+        ESP_LOGE(TAG, "failed to create task -5 \n");
+    if(xTaskCreatePinnedToCore(tskAes192_Test, "Aes192_test", SHA_STACK_SIZE, NULL, 3, NULL, 1)!=pdPASS)
+        ESP_LOGE(TAG, "failed to create task -6 \n");
+#endif
+#ifdef WOLFSSL_AES_256
+    if(xTaskCreatePinnedToCore(tskAes256_Test, "Aes256_test", SHA_STACK_SIZE, NULL, 3, NULL, 0)!=pdPASS)
+        ESP_LOGE(TAG, "failed to create task -7 \n");
+    if(xTaskCreatePinnedToCore(tskAes256_Test, "Aes256_test", SHA_STACK_SIZE, NULL, 3, NULL, 1)!=pdPASS)
+        ESP_LOGE(TAG, "failed to create task -8 \n");
+#endif
+#ifndef NO_SHA
+    if(xTaskCreatePinnedToCore(tskSha_Test, "Sha_test", SHA_STACK_SIZE, NULL, 3, NULL, 0)!=pdPASS)
+        ESP_LOGE(TAG, "failed to create task -9 \n");
+    if(xTaskCreatePinnedToCore(tskSha_Test, "Sha_test", SHA_STACK_SIZE, NULL, 3, NULL, 1)!=pdPASS)
+        ESP_LOGE(TAG, "failed to create task -10 \n");
+#endif
+#ifndef NO_SHA256
+    if(xTaskCreatePinnedToCore(tskSha256_Test, "sha256_test", SHA_STACK_SIZE, NULL, 3, NULL, 0)!=pdPASS)
+        ESP_LOGE(TAG, "failed to create task -11 \n");
+    if(xTaskCreatePinnedToCore(tskSha256_Test, "sha256_test", SHA_STACK_SIZE, NULL, 3, NULL, 1)!=pdPASS)
+        ESP_LOGE(TAG, "failed to create task -12 \n");
+#endif
+
+#else
+
+    exit_semaph = xSemaphoreCreateCounting(num, 0);
+
+#ifndef NO_AES
+    xTaskCreate(tskAes_Test, "Aes_test", SHA_STACK_SIZE, NULL, 3, NULL);
+    xTaskCreate(tskAesGcm_Test, "AesGcm_test", SHA_STACK_SIZE, NULL, 3, NULL);
+#endif
+#ifdef WOLFSSL_AES_192
+    xTaskCreate(tskAes192_Test, "Aes192_test", SHA_STACK_SIZE, NULL, 3, NULL);
+#endif
+#ifdef WOLFSSL_AES_256
+    xTaskCreate(tskAes256_Test, "Aes256_test", SHA_STACK_SIZE, NULL, 3, NULL);
+#endif
+#ifndef NO_SHA
+    xTaskCreate(tskSha_Test, "Sha_test", SHA_STACK_SIZE, NULL, 3, NULL);
+#endif
+#ifndef NO_SHA256
+    xTaskCreate(tskSha256_Test, "sha256_test", SHA_STACK_SIZE, NULL, 3, NULL);
+#endif
+
+#endif /* CONFIG_FREERTOS_UNICORE */
+
+    ESP_LOGI(TAG, "Waiting for 15s ...");
+    vTaskDelay(15000/portTICK_PERIOD_MS);
+    exit_loop = true;
+
+    for(int i=0;i<num;i++){
+       if(!xSemaphoreTake(exit_semaph, 2000/portTICK_PERIOD_MS)) {
+           TEST_FAIL_MESSAGE("exit semaphore not released by test task");
+       }
+    }
+    vSemaphoreDelete(exit_semaph);
+}
+
+TEST_CASE("wolfssl aes sha384 sha512 multi-thread test ", "[wolfssl]")
+{
+    int num = 0;
+
+#ifndef NO_AES
+    num++;
+    num++;
+#ifdef WOLFSSL_AES_192
+    num++;
+#endif
+#ifdef WOLFSSL_AES_256
+    num++;
+#endif
+#endif
+#ifdef WOLFSSL_SHA384
+    num++;
+#endif
+#ifdef WOLFSSL_SHA512
+    num++;
+#endif
+
+
+    exit_loop = false;
+
+#ifndef CONFIG_FREERTOS_UNICORE
+    num *= 2;
+    exit_semaph = xSemaphoreCreateCounting(num, 0);
+
+#ifndef NO_AES
+    if(xTaskCreatePinnedToCore(tskAes_Test, "Aes_test", SHA_STACK_SIZE, NULL, 3, NULL, 0)!=pdPASS)
+        ESP_LOGE(TAG, "failed to create task -1 \n");
+    if(xTaskCreatePinnedToCore(tskAes_Test, "Aes_test", SHA_STACK_SIZE, NULL, 3, NULL, 1)!=pdPASS)
+        ESP_LOGE(TAG, "failed to create task -2 \n");
+    if(xTaskCreatePinnedToCore(tskAesGcm_Test, "AesGcm_test", SHA_STACK_SIZE, NULL, 3, NULL, 0)!=pdPASS)
+        ESP_LOGE(TAG, "failed to create task -3 \n");
+    if(xTaskCreatePinnedToCore(tskAesGcm_Test, "AesGcm_test", SHA_STACK_SIZE, NULL, 3, NULL, 1)!=pdPASS)
+        ESP_LOGE(TAG, "failed to create task -4 \n");
+#endif
+#ifdef WOLFSSL_AES_192
+    if(xTaskCreatePinnedToCore(tskAes192_Test, "Aes192_test", SHA_STACK_SIZE, NULL, 3, NULL, 0)!=pdPASS)
+        ESP_LOGE(TAG, "failed to create task -5 \n");
+    if(xTaskCreatePinnedToCore(tskAes192_Test, "Aes192_test", SHA_STACK_SIZE, NULL, 3, NULL, 1)!=pdPASS)
+        ESP_LOGE(TAG, "failed to create task -6 \n");
+#endif
+#ifdef WOLFSSL_AES_256
+    if(xTaskCreatePinnedToCore(tskAes256_Test, "Aes256_test", SHA_STACK_SIZE, NULL, 3, NULL, 0)!=pdPASS)
+        ESP_LOGE(TAG, "failed to create task -7 \n");
+    if(xTaskCreatePinnedToCore(tskAes256_Test, "Aes256_test", SHA_STACK_SIZE, NULL, 3, NULL, 1)!=pdPASS)
+        ESP_LOGE(TAG, "failed to create task -8 \n");
+#endif
+#ifdef WOLFSSL_SHA384
+    if(xTaskCreatePinnedToCore(tskSha384_Test, "sha384_test", SHA_STACK_SIZE, NULL, 3, NULL, 0)!=pdPASS)
+        ESP_LOGE(TAG, "failed to create task -13 \n");
+    if(xTaskCreatePinnedToCore(tskSha384_Test, "sha384_test", SHA_STACK_SIZE, NULL, 3, NULL, 1)!=pdPASS)
+        ESP_LOGE(TAG, "failed to create task -14 \n");
+#endif
+#ifdef WOLFSSL_SHA512
+    printf("start sha512\n");
+    if(xTaskCreatePinnedToCore(tskSha512_Test, "Sha512_test", SHA_STACK_SIZE, NULL, 3, NULL, 0)!=pdPASS)
+        ESP_LOGE(TAG, "failed to create task -15 \n");
+    if(xTaskCreatePinnedToCore(tskSha512_Test, "Sha512_test", SHA_STACK_SIZE, NULL, 3, NULL, 1)!=pdPASS)
+        ESP_LOGE(TAG, "failed to create task -16 \n");
+
+#endif
+
+#else
+
+    exit_semaph = xSemaphoreCreateCounting(num, 0);
+
+#ifndef NO_AES
+    xTaskCreate(tskAes_Test, "Aes_test", SHA_STACK_SIZE, NULL, 3, NULL);
+    xTaskCreate(tskAesGcm_Test, "AesGcm_test", SHA_STACK_SIZE, NULL, 3, NULL);
+#endif
+#ifdef WOLFSSL_AES_192
+    xTaskCreate(tskAes192_Test, "Aes192_test", SHA_STACK_SIZE, NULL, 3, NULL);
+#endif
+#ifdef WOLFSSL_AES_256
+    xTaskCreate(tskAes256_Test, "Aes256_test", SHA_STACK_SIZE, NULL, 3, NULL);
+#endif
+#ifndef NO_SHA
+    xTaskCreate(tskSha_Test, "Sha_test", SHA_STACK_SIZE, NULL, 3, NULL);
+#endif
+#ifndef NO_SHA256
+    xTaskCreate(tskSha256_Test, "sha256_test", SHA_STACK_SIZE, NULL, 3, NULL);
+#endif
+
+#endif /* CONFIG_FREERTOS_UNICORE */
+
+    ESP_LOGI(TAG, "Waiting for 15s ...");
+    vTaskDelay(15000/portTICK_PERIOD_MS);
+    exit_loop = true;
+
+
+    for(int i=0;i<num;i++){
+       if(!xSemaphoreTake(exit_semaph, 2000/portTICK_PERIOD_MS)) {
+           TEST_FAIL_MESSAGE("exit semaphore not released by test task");
+       }
+    }
+    vSemaphoreDelete(exit_semaph);
+}

IDE/Espressif/ESP-IDF/user_settings.h

@@ -0,0 +1,72 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2019 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#define BENCH_EMBEDDED
+#define USE_CERT_BUFFERS_2048
+
+/* TLS 1.3                                 */
+#define WOLFSSL_TLS13
+#define HAVE_TLS_EXTENSIONS
+#define WC_RSA_PSS
+#define HAVE_HKDF
+#define HAVE_FFDHE_2048
+#define HAVE_AEAD
+#define HAVE_SUPPORTED_CURVES
+
+/* when you want to use SINGLE THREAD */
+/* #define SINGLE_THREADED */
+#define NO_FILESYSTEM
+
+#define HAVE_AESGCM
+/* when you want to use SHA384 */
+/* #define WOLFSSL_SHA384 */
+#define WOLFSSL_SHA512
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define CURVE25519_SMALL
+#define HAVE_ED25519
+
+/* esp32-wroom-32se specific definition */
+#if defined(WOLFSSL_ESPWROOM32SE)
+    #define WOLFSSL_ATECC508A
+    #define HAVE_PK_CALLBACKS
+    /* when you want to use a custom slot allocation for ATECC608A */
+    /* unless your configuration is unusual, you can use default   */
+    /* implementation.                                             */
+    /* #define CUSTOM_SLOT_ALLOCATION                              */
+#endif
+
+
+/* debug options */
+/* #define DEBUG_WOLFSSL */
+/* #define WOLFSSL_ESP32WROOM32_CRYPT_DEBUG */
+/* #define WOLFSSL_ATECC508A_DEBUG          */
+
+/* date/time                               */
+/* if it cannot adjust time in the device, */
+/* enable macro below                      */
+/* #define NO_ASN_TIME */
+/* #define XTIME time */
+
+/* when you want not to use HW acceleration */
+/* #define NO_ESP32WROOM32_CRYPT */
+/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH*/
+/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_AES */

IDE/GCC-ARM/Header/user_settings.h

@@ -66,14 +66,15 @@ extern "C" {
 #undef WOLFSSL_SP
 #if 0
     #define WOLFSSL_SP
-    #define WOLFSSL_SP_SMALL
+    #define WOLFSSL_SP_SMALL      /* use smaller version of code */
     #define WOLFSSL_HAVE_SP_RSA
     #define WOLFSSL_HAVE_SP_DH
     #define WOLFSSL_HAVE_SP_ECC
     #define WOLFSSL_SP_CACHE_RESISTANT
-    //#define WOLFSSL_SP_MATH
+    //#define WOLFSSL_SP_MATH     /* only SP math - eliminates fast math code */
 
     /* 64 or 32 bit version */
+    //#define WOLFSSL_SP_ASM      /* required if using the ASM versions */
     //#define WOLFSSL_SP_ARM32_ASM
     //#define WOLFSSL_SP_ARM64_ASM
 #endif

IDE/GCC-ARM/Makefile.common

@@ -110,7 +110,7 @@ SRC_C += ../../wolfcrypt/src/cmac.c
 SRC_C += ../../wolfcrypt/src/coding.c
 SRC_C += ../../wolfcrypt/src/compress.c
 SRC_C += ../../wolfcrypt/src/cpuid.c
-SRC_C += ../../wolfcrypt/src/cryptodev.c
+SRC_C += ../../wolfcrypt/src/cryptocb.c
 SRC_C += ../../wolfcrypt/src/curve25519.c
 SRC_C += ../../wolfcrypt/src/ed25519.c
 SRC_C += ../../wolfcrypt/src/error.c

IDE/GCC-ARM/README.md

@@ -81,7 +81,7 @@ $ make
 $ make install
 ```
 
-If you are building for a 32-bit architecture, add `-DTIME_T_NOT_LONG` to the
+If you are building for a 32-bit architecture, add `-DTIME_T_NOT_64BIT` to the
 list of CFLAGS.
 
 ## Example Build Output

IDE/IAR-EWARM/Projects/user_settings.h

@@ -10,6 +10,7 @@
 #define NO_WOLFSSL_DIR 
 #define WOLFSSL_NO_CURRDIR
 #define NO_WOLF_C99
+#define NO_MULTIBYTE_PRINT
 
 #define XVALIDATEDATE(d, f,t) (0)
 #define WOLFSSL_USER_CURRTIME /* for benchmark */

IDE/MDK5-ARM/Conf/user_settings.h

@@ -35,6 +35,7 @@
 #define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
 #define WOLFSSL_GMTIME
 
+#define NO_MULTIBYTE_PRINT
 // <<< Use Configuration Wizard in Context Menu >>>
 
 

IDE/MDK5-ARM/Projects/CryptBenchmark/RTE/wolfSSL/user_settings.h

@@ -34,10 +34,10 @@
 #define WOLFSSL_USER_CURRTIME /* for benchmark */
 #define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
 #define WOLFSSL_GMTIME
+#define NO_MULTIBYTE_PRINT
 
 // <<< Use Configuration Wizard in Context Menu >>>
 
-
 //  <h>Common options
 //        <o> MPU<0=>Undefined<1=>STM32F2xx<2=>STM32F4xx<3=>STM32F7xx
 #define MDK_CONF_MPU 3

IDE/MDK5-ARM/Projects/CryptTest/RTE/wolfSSL/user_settings.h

@@ -34,6 +34,7 @@
 #define WOLFSSL_USER_CURRTIME /* for benchmark */
 #define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
 #define WOLFSSL_GMTIME
+#define NO_MULTIBYTE_PRINT
 
 // <<< Use Configuration Wizard in Context Menu >>>
 

IDE/Renesas/cs+/Projects/include.am

@@ -16,4 +16,5 @@ EXTRA_DIST+= IDE/Renesas/cs+/Projects/t4_demo/wolf_client.c
 EXTRA_DIST+= IDE/Renesas/cs+/Projects/t4_demo/wolf_server.c
 EXTRA_DIST+= IDE/Renesas/cs+/Projects/t4_demo/wolf_main.c
 EXTRA_DIST+= IDE/Renesas/cs+/Projects/t4_demo/wolf_demo.h
+EXTRA_DIST+= IDE/Renesas/cs+/Projects/t4_demo/t4_demo.mtpj
 

IDE/Renesas/cs+/Projects/t4_demo/README_en.txt

@@ -42,6 +42,8 @@ Setup process:
 wolfssl\IDE\Renesas\cs+\Projects\wolfssl_lib\DefaultBuild\wolfssl_lib.lib
 wolfssl\IDE\Renesas\cs+\Projects\t4_demo\DefaultBuild\t4_demo.lib
 
+   - Set CC-RX(Build Tool)->Library Geberation->Library Configuration to"C99" and enable ctype.h.
+
    - Build the project and start execut. You see message on the console prompting command.
    
 ===

IDE/Renesas/cs+/Projects/t4_demo/README_jp.txt

@@ -51,6 +51,9 @@ wolfSSL/AlphaProject
 　wolfssl\IDE\Renesas\cs+\Projects\wolfssl_lib\DefaultBuild\wolfssl_lib.lib
 　wolfssl\IDE\Renesas\cs+\Projects\t4_demo\DefaultBuild\t4_demo.lib
 
+- CC-RX(ビルドツール)->ライブラリージェネレーションタブ->ライブラリー構成を「C99」に、
+ctype.hを有効にするを「はい」に設定します。
+
 　- プロジェクトのビルド、ターゲットへのダウンロードをしたのち、表示->デバッグ・コンソール
 　からコンソールを表示させます。実行を開始するとコンソールに以下の表示が出力されます。
 　

IDE/Renesas/cs+/Projects/t4_demo/wolf_client.c

@@ -34,29 +34,29 @@ static int my_IORecv(WOLFSSL* ssl, char* buff, int sz, void* ctx)
 {
     int ret;
     ID  cepid;
-    
+
     if(ctx != NULL)cepid = *(ID *)ctx;
     else return WOLFSSL_CBIO_ERR_GENERAL;
-    
+
     ret = tcp_rcv_dat(cepid, buff, sz, TMO_FEVR);
     if(ret > 0)return ret;
-    else         return WOLFSSL_CBIO_ERR_GENERAL;  
+    else         return WOLFSSL_CBIO_ERR_GENERAL;
 }
 
 static int my_IOSend(WOLFSSL* ssl, char* buff, int sz, void* ctx)
 {
     int ret;
     ID  cepid;
-    
+
     if(ctx != NULL)cepid = *(ID *)ctx;
     else return WOLFSSL_CBIO_ERR_GENERAL;
-    
+
     ret = tcp_snd_dat(cepid, buff, sz, TMO_FEVR);
     if(ret == sz)return ret;
-    else         return WOLFSSL_CBIO_ERR_GENERAL;          
+    else         return WOLFSSL_CBIO_ERR_GENERAL;
 }
 
-static int getIPaddr(char *arg) 
+static int getIPaddr(char *arg)
 {
     int a1, a2, a3, a4;
     if(sscanf(arg, "%d.%d.%d.%d", &a1, &a2, &a3, &a4) == 4)
@@ -64,8 +64,8 @@ static int getIPaddr(char *arg)
     else return 0;
 }
 
-static int getPort(char *arg) 
-{   
+static int getPort(char *arg)
+{
     int port;
     if(sscanf(arg, "%d", &port) == 1)
          return port;
@@ -74,7 +74,7 @@ static int getPort(char *arg)
 
 WOLFSSL_CTX *wolfSSL_TLS_client_init()
 {
-    
+
     WOLFSSL_CTX* ctx;
     #ifndef NO_FILESYSTEM
         #ifdef USE_ECC_CERT
@@ -91,18 +91,18 @@ WOLFSSL_CTX *wolfSSL_TLS_client_init()
         #define  SIZEOF_CERT sizeof_ca_cert_der_2048
         #endif
     #endif
-    
+
     wolfSSL_Init();
     #ifdef DEBUG_WOLFSSL
         wolfSSL_Debugging_ON();
     #endif
-    
+
     /* Create and initialize WOLFSSL_CTX */
     if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method_ex((void *)NULL))) == NULL) {
         printf("ERROR: failed to create WOLFSSL_CTX\n");
         return NULL;
     }
- 
+
     #if !defined(NO_FILESYSTEM)
     if (wolfSSL_CTX_load_verify_locations(ctx, cert, 0) != SSL_SUCCESS) {
         printf("ERROR: can't load \"%s\"\n", cert);
@@ -127,7 +127,7 @@ WOLFSSL_CTX *wolfSSL_TLS_client_init()
 void wolfSSL_TLS_client(void *v_ctx, func_args *args)
 {
     ID cepid = 1;
-    ER ercd; 
+    ER ercd;
     int ret;
     WOLFSSL_CTX *ctx = (WOLFSSL_CTX *)v_ctx;
     WOLFSSL *ssl;
@@ -136,7 +136,7 @@ void wolfSSL_TLS_client(void *v_ctx, func_args *args)
     char    rcvBuff[BUFF_SIZE] = {0};
     static T_IPV4EP my_addr = { 0, 0 };
     T_IPV4EP dst_addr;
-    
+
     if(args->argc >= 2){
 	    if((dst_addr.ipaddr = getIPaddr(args->argv[1])) == 0){
 		printf("ERROR: IP address\n");
@@ -147,7 +147,7 @@ void wolfSSL_TLS_client(void *v_ctx, func_args *args)
 	        return;
 	    }
     }
-    
+
     if((ercd = tcp_con_cep(cepid, &my_addr, &dst_addr, TMO_FEVR)) != E_OK) {
         printf("ERROR TCP Connect: %d\n", ercd);
         return;
@@ -157,7 +157,7 @@ void wolfSSL_TLS_client(void *v_ctx, func_args *args)
         printf("ERROR wolfSSL_new: %d\n", wolfSSL_get_error(ssl, 0));
         return;
     }
-    
+
     /* set callback context */
     wolfSSL_SetIOReadCtx(ssl, (void *)&cepid);
     wolfSSL_SetIOWriteCtx(ssl, (void *)&cepid);
@@ -166,7 +166,7 @@ void wolfSSL_TLS_client(void *v_ctx, func_args *args)
         printf("ERROR SSL connect: %d\n",  wolfSSL_get_error(ssl, 0));
         return;
     }
-        
+
     if (wolfSSL_write(ssl, sendBuff, strlen(sendBuff)) != strlen(sendBuff)) {
         printf("ERROR SSL write: %d\n", wolfSSL_get_error(ssl, 0));
         return;
@@ -176,9 +176,9 @@ void wolfSSL_TLS_client(void *v_ctx, func_args *args)
         printf("ERROR SSL read: %d\n", wolfSSL_get_error(ssl, 0));
         return;
     }
-    
+
     rcvBuff[ret] = '\0' ;
-    printf("Recieved: %s\n", rcvBuff);
+    printf("Received: %s\n", rcvBuff);
 
     /* frees all data before client termination */
     wolfSSL_free(ssl);

IDE/Renesas/cs+/Projects/t4_demo/wolf_server.c

@@ -31,26 +31,26 @@ static int my_IORecv(WOLFSSL* ssl, char* buff, int sz, void* ctx)
 {
     int ret;
     ID  cepid;
-    
+
     if(ctx != NULL)cepid = *(ID *)ctx;
     else return WOLFSSL_CBIO_ERR_GENERAL;
-    
+
     ret = tcp_rcv_dat(cepid, buff, sz, TMO_FEVR);
     if(ret == sz)return ret;
-    else         return WOLFSSL_CBIO_ERR_GENERAL;  
+    else         return WOLFSSL_CBIO_ERR_GENERAL;
 }
 
 static int my_IOSend(WOLFSSL* ssl, char* buff, int sz, void* ctx)
 {
     int ret;
     ID  cepid;
-    
+
     if(ctx != NULL)cepid = *(ID *)ctx;
     else return WOLFSSL_CBIO_ERR_GENERAL;
-    
+
     ret = tcp_snd_dat(cepid, buff, sz, TMO_FEVR);
     if(ret == sz)return ret;
-    else         return WOLFSSL_CBIO_ERR_GENERAL;          
+    else         return WOLFSSL_CBIO_ERR_GENERAL;
 }
 
 
@@ -59,7 +59,7 @@ WOLFSSL_CTX *wolfSSL_TLS_server_init()
 
 	int ret;
     WOLFSSL_CTX* ctx;
-    
+
     #ifndef NO_FILESYSTEM
         #ifdef USE_ECC_CERT
         char *cert       = "./certs/server-ecc-cert.pem";
@@ -81,15 +81,15 @@ WOLFSSL_CTX *wolfSSL_TLS_server_init()
         #define  sizeof_key sizeof_server_key_der_2048
         #endif
     #endif
-     
+
 
 	wolfSSL_Init();
         #ifdef DEBUG_WOLFSSL
 	    wolfSSL_Debugging_ON();
 	#endif
-	
+
 	/* Create and initialize WOLFSSL_CTX */
-	if ((ctx = wolfSSL_CTX_new(wolfSSLv23_server_method_ex((void *)NULL))) == NULL) {	
+	if ((ctx = wolfSSL_CTX_new(wolfSSLv23_server_method_ex((void *)NULL))) == NULL) {
 		printf("ERROR: failed to create WOLFSSL_CTX\n");
 		return NULL;
 	}
@@ -130,13 +130,13 @@ void wolfSSL_TLS_server(void *v_ctx, func_args *args)
     ER ercd;
     WOLFSSL_CTX *ctx = (WOLFSSL_CTX *)v_ctx;
     (void) args;
-    
+
     WOLFSSL *ssl;
     int len;
     #define BUFF_SIZE 256
     char buff[BUFF_SIZE];
     T_IPV4EP dst_addr = {0, 0};
-        
+
     if((ercd = tcp_acp_cep(cepid, repid, &dst_addr, TMO_FEVR)) != E_OK) {
         printf("ERROR TCP Accept: %d\n", ercd);
         return;
@@ -146,7 +146,7 @@ void wolfSSL_TLS_server(void *v_ctx, func_args *args)
         printf("ERROR: failed wolfSSL_new\n");
         return;
     }
-   
+
     wolfSSL_SetIOReadCtx(ssl, (void *)&cepid);
     wolfSSL_SetIOWriteCtx(ssl, (void *)&cepid);
 
@@ -154,20 +154,20 @@ void wolfSSL_TLS_server(void *v_ctx, func_args *args)
         printf("ERROR: SSL Accept(%d)\n", wolfSSL_get_error(ssl, 0));
         return;
     }
-      
+
     if ((len = wolfSSL_read(ssl, buff, sizeof(buff) - 1)) < 0) {
         printf("ERROR: SSL Read(%d)\n", wolfSSL_get_error(ssl, 0));
         return;
     }
-        
+
     buff[len] = '\0';
-    printf("Recieved: %s\n", buff);
-	
+    printf("Received: %s\n", buff);
+
     if (wolfSSL_write(ssl, buff, len) != len) {
-        printf("ERROR: SSL Wirte(%d)\n", wolfSSL_get_error(ssl, 0));
+        printf("ERROR: SSL Write(%d)\n", wolfSSL_get_error(ssl, 0));
         return;
     }
-    
+
     wolfSSL_free(ssl);
     tcp_sht_cep(cepid);
 }

IDE/Renesas/e2studio/Projects/wolfssl/.project

@@ -130,9 +130,9 @@
 			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/cpuid.c</locationURI>
 		</link>
 		<link>
-			<name>wolfcrypt/src/cryptodev.c</name>
+			<name>wolfcrypt/src/cryptocb.c</name>
 			<type>1</type>
-			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/cryptodev.c</locationURI>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/cryptocb.c</locationURI>
 		</link>
 		<link>
 			<name>wolfcrypt/src/curve25519.c</name>

IDE/XCODE/Benchmark/wolfBench.xcodeproj/project.pbxproj

@@ -7,6 +7,7 @@
 	objects = {
 
 /* Begin PBXBuildFile section */
+		52114C8721B5A7320022ADA1 /* sp_c64.c in Sources */ = {isa = PBXBuildFile; fileRef = 52114C8621B5A7320022ADA1 /* sp_c64.c */; };
 		A47546261FD90492005176B9 /* tls_bench.c in Sources */ = {isa = PBXBuildFile; fileRef = A47546251FD90492005176B9 /* tls_bench.c */; };
 		A4ADF82F1FCE0BD300A06E90 /* AppDelegate.m in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF82E1FCE0BD300A06E90 /* AppDelegate.m */; };
 		A4ADF8321FCE0BD300A06E90 /* ViewController.m in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8311FCE0BD300A06E90 /* ViewController.m */; };
@@ -49,7 +50,6 @@
 		A4ADF8F81FCE0C5600A06E90 /* fe_low_mem.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF89C1FCE0C4F00A06E90 /* fe_low_mem.c */; };
 		A4ADF8FA1FCE0C5600A06E90 /* pkcs12.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF89E1FCE0C4F00A06E90 /* pkcs12.c */; };
 		A4ADF8FC1FCE0C5600A06E90 /* asm.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8A01FCE0C4F00A06E90 /* asm.c */; };
-		A4ADF8FD1FCE0C5600A06E90 /* misc.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8A11FCE0C5000A06E90 /* misc.c */; };
 		A4ADF8FE1FCE0C5600A06E90 /* integer.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8A21FCE0C5000A06E90 /* integer.c */; };
 		A4ADF9001FCE0C5600A06E90 /* poly1305.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8A41FCE0C5000A06E90 /* poly1305.c */; };
 		A4ADF9011FCE0C5600A06E90 /* md2.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8A51FCE0C5000A06E90 /* md2.c */; };
@@ -67,12 +67,10 @@
 		A4ADF9131FCE0C5600A06E90 /* signature.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8B71FCE0C5200A06E90 /* signature.c */; };
 		A4ADF9141FCE0C5600A06E90 /* wolfmath.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8B81FCE0C5200A06E90 /* wolfmath.c */; };
 		A4ADF9161FCE0C5600A06E90 /* fe_operations.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8BA1FCE0C5300A06E90 /* fe_operations.c */; };
-		A4ADF91A1FCE0C5600A06E90 /* sp.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8BE1FCE0C5300A06E90 /* sp.c */; };
 		A4ADF91B1FCE0C5600A06E90 /* srp.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8BF1FCE0C5300A06E90 /* srp.c */; };
 		A4ADF91C1FCE0C5600A06E90 /* pwdbased.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8C01FCE0C5300A06E90 /* pwdbased.c */; };
 		A4ADF91D1FCE0C5600A06E90 /* cpuid.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8C11FCE0C5300A06E90 /* cpuid.c */; };
 		A4ADF91E1FCE0C5600A06E90 /* asn.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8C21FCE0C5300A06E90 /* asn.c */; };
-		A4ADF91F1FCE0C5600A06E90 /* async.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8C31FCE0C5400A06E90 /* async.c */; };
 		A4ADF9231FCE0C5600A06E90 /* camellia.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8C71FCE0C5400A06E90 /* camellia.c */; };
 		A4ADF9261FCE0C5600A06E90 /* chacha.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8CA1FCE0C5500A06E90 /* chacha.c */; };
 		A4ADF9271FCE0C5600A06E90 /* ed25519.c in Sources */ = {isa = PBXBuildFile; fileRef = A4ADF8CB1FCE0C5500A06E90 /* ed25519.c */; };
@@ -86,6 +84,7 @@
 /* End PBXBuildFile section */
 
 /* Begin PBXFileReference section */
+		52114C8621B5A7320022ADA1 /* sp_c64.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sp_c64.c; path = ../../../wolfcrypt/src/sp_c64.c; sourceTree = "<group>"; };
 		A47546241FD9042D005176B9 /* user_settings.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = user_settings.h; path = ../user_settings.h; sourceTree = "<group>"; };
 		A47546251FD90492005176B9 /* tls_bench.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = tls_bench.c; path = ../../../examples/benchmark/tls_bench.c; sourceTree = "<group>"; };
 		A4ADF82A1FCE0BD300A06E90 /* wolfBench.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = wolfBench.app; sourceTree = BUILT_PRODUCTS_DIR; };
@@ -133,7 +132,6 @@
 		A4ADF89C1FCE0C4F00A06E90 /* fe_low_mem.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = fe_low_mem.c; path = ../../../wolfcrypt/src/fe_low_mem.c; sourceTree = "<group>"; };
 		A4ADF89E1FCE0C4F00A06E90 /* pkcs12.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = pkcs12.c; path = ../../../wolfcrypt/src/pkcs12.c; sourceTree = "<group>"; };
 		A4ADF8A01FCE0C4F00A06E90 /* asm.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = asm.c; path = ../../../wolfcrypt/src/asm.c; sourceTree = "<group>"; };
-		A4ADF8A11FCE0C5000A06E90 /* misc.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = misc.c; path = ../../../wolfcrypt/src/misc.c; sourceTree = "<group>"; };
 		A4ADF8A21FCE0C5000A06E90 /* integer.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = integer.c; path = ../../../wolfcrypt/src/integer.c; sourceTree = "<group>"; };
 		A4ADF8A41FCE0C5000A06E90 /* poly1305.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = poly1305.c; path = ../../../wolfcrypt/src/poly1305.c; sourceTree = "<group>"; };
 		A4ADF8A51FCE0C5000A06E90 /* md2.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = md2.c; path = ../../../wolfcrypt/src/md2.c; sourceTree = "<group>"; };
@@ -151,12 +149,10 @@
 		A4ADF8B71FCE0C5200A06E90 /* signature.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = signature.c; path = ../../../wolfcrypt/src/signature.c; sourceTree = "<group>"; };
 		A4ADF8B81FCE0C5200A06E90 /* wolfmath.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = wolfmath.c; path = ../../../wolfcrypt/src/wolfmath.c; sourceTree = "<group>"; };
 		A4ADF8BA1FCE0C5300A06E90 /* fe_operations.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = fe_operations.c; path = ../../../wolfcrypt/src/fe_operations.c; sourceTree = "<group>"; };
-		A4ADF8BE1FCE0C5300A06E90 /* sp.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sp.c; path = ../../../wolfcrypt/src/sp.c; sourceTree = "<group>"; };
 		A4ADF8BF1FCE0C5300A06E90 /* srp.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = srp.c; path = ../../../wolfcrypt/src/srp.c; sourceTree = "<group>"; };
 		A4ADF8C01FCE0C5300A06E90 /* pwdbased.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = pwdbased.c; path = ../../../wolfcrypt/src/pwdbased.c; sourceTree = "<group>"; };
 		A4ADF8C11FCE0C5300A06E90 /* cpuid.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = cpuid.c; path = ../../../wolfcrypt/src/cpuid.c; sourceTree = "<group>"; };
 		A4ADF8C21FCE0C5300A06E90 /* asn.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = asn.c; path = ../../../wolfcrypt/src/asn.c; sourceTree = "<group>"; };
-		A4ADF8C31FCE0C5400A06E90 /* async.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = async.c; path = ../../../../wolfAsyncCrypt/wolfcrypt/src/async.c; sourceTree = "<group>"; };
 		A4ADF8C71FCE0C5400A06E90 /* camellia.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = camellia.c; path = ../../../wolfcrypt/src/camellia.c; sourceTree = "<group>"; };
 		A4ADF8CA1FCE0C5500A06E90 /* chacha.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = chacha.c; path = ../../../wolfcrypt/src/chacha.c; sourceTree = "<group>"; };
 		A4ADF8CB1FCE0C5500A06E90 /* ed25519.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = ed25519.c; path = ../../../wolfcrypt/src/ed25519.c; sourceTree = "<group>"; };
@@ -243,7 +239,6 @@
 				A4ADF8921FCE0C4E00A06E90 /* arc4.c */,
 				A4ADF8A01FCE0C4F00A06E90 /* asm.c */,
 				A4ADF8C21FCE0C5300A06E90 /* asn.c */,
-				A4ADF8C31FCE0C5400A06E90 /* async.c */,
 				A4ADF8B11FCE0C5100A06E90 /* blake2b.c */,
 				A4ADF8C71FCE0C5400A06E90 /* camellia.c */,
 				A4ADF8CA1FCE0C5500A06E90 /* chacha.c */,
@@ -274,7 +269,6 @@
 				A4ADF87C1FCE0C4D00A06E90 /* md4.c */,
 				A4ADF8791FCE0C4D00A06E90 /* md5.c */,
 				A4ADF8941FCE0C4E00A06E90 /* memory.c */,
-				A4ADF8A11FCE0C5000A06E90 /* misc.c */,
 				A4ADF8981FCE0C4F00A06E90 /* pkcs7.c */,
 				A4ADF89E1FCE0C4F00A06E90 /* pkcs12.c */,
 				A4ADF8A41FCE0C5000A06E90 /* poly1305.c */,
@@ -288,7 +282,7 @@
 				A4ADF8831FCE0C4D00A06E90 /* sha256.c */,
 				A4ADF8AE1FCE0C5100A06E90 /* sha512.c */,
 				A4ADF8B71FCE0C5200A06E90 /* signature.c */,
-				A4ADF8BE1FCE0C5300A06E90 /* sp.c */,
+				52114C8621B5A7320022ADA1 /* sp_c64.c */,
 				A4ADF8BF1FCE0C5300A06E90 /* srp.c */,
 				A4ADF8881FCE0C4D00A06E90 /* tfm.c */,
 				A4ADF8AA1FCE0C5000A06E90 /* wc_encrypt.c */,
@@ -342,7 +336,7 @@
 			isa = PBXProject;
 			attributes = {
 				LastUpgradeCheck = 0910;
-				ORGANIZATIONNAME = "David Garske";
+				ORGANIZATIONNAME = "wolfSSL Inc";
 				TargetAttributes = {
 					A4ADF8291FCE0BD300A06E90 = {
 						CreatedOnToolsVersion = 9.1;
@@ -393,7 +387,6 @@
 				A4ADF9141FCE0C5600A06E90 /* wolfmath.c in Sources */,
 				A4ADF8FC1FCE0C5600A06E90 /* asm.c in Sources */,
 				A4ADF8721FCE0C1C00A06E90 /* crl.c in Sources */,
-				A4ADF91F1FCE0C5600A06E90 /* async.c in Sources */,
 				A4ADF91B1FCE0C5600A06E90 /* srp.c in Sources */,
 				A4ADF9101FCE0C5600A06E90 /* rabbit.c in Sources */,
 				A4ADF9091FCE0C5600A06E90 /* idea.c in Sources */,
@@ -420,13 +413,13 @@
 				A4DFEC101FD4CB8500A7BB33 /* armv8-sha256.c in Sources */,
 				A4ADF83D1FCE0BD300A06E90 /* main.m in Sources */,
 				A4ADF9271FCE0C5600A06E90 /* ed25519.c in Sources */,
+				5231117421B5AF430054CC79 /* async.c in Sources */,
 				A4ADF8D11FCE0C5600A06E90 /* hmac.c in Sources */,
 				A4ADF8F01FCE0C5600A06E90 /* memory.c in Sources */,
 				A4ADF82F1FCE0BD300A06E90 /* AppDelegate.m in Sources */,
 				A4ADF8D31FCE0C5600A06E90 /* random.c in Sources */,
 				A4ADF9131FCE0C5600A06E90 /* signature.c in Sources */,
 				A4DFEC3C1FD6B9CC00A7BB33 /* test.c in Sources */,
-				A4ADF8FD1FCE0C5600A06E90 /* misc.c in Sources */,
 				A4ADF9261FCE0C5600A06E90 /* chacha.c in Sources */,
 				A4ADF8DD1FCE0C5600A06E90 /* error.c in Sources */,
 				A4ADF90A1FCE0C5600A06E90 /* sha512.c in Sources */,
@@ -435,6 +428,7 @@
 				A4ADF92A1FCE0C5600A06E90 /* coding.c in Sources */,
 				A4ADF8741FCE0C1C00A06E90 /* ssl.c in Sources */,
 				A4ADF9051FCE0C5600A06E90 /* cmac.c in Sources */,
+				52114C8721B5A7320022ADA1 /* sp_c64.c in Sources */,
 				A4ADF8F41FCE0C5600A06E90 /* pkcs7.c in Sources */,
 				A4ADF90B1FCE0C5600A06E90 /* logging.c in Sources */,
 				A4ADF8E01FCE0C5600A06E90 /* ecc_fp.c in Sources */,
@@ -458,7 +452,6 @@
 				A4ADF8D71FCE0C5600A06E90 /* wolfevent.c in Sources */,
 				A4DFEC0D1FD4CAA300A7BB33 /* benchmark.c in Sources */,
 				A4ADF91D1FCE0C5600A06E90 /* cpuid.c in Sources */,
-				A4ADF91A1FCE0C5600A06E90 /* sp.c in Sources */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};

IDE/XCODE/README.md

@@ -54,6 +54,15 @@ device build. Both are debug builds.
 
 You can make an archive for a device, as well. That is a release build.
 
+## Known issues:
+
+When building for older i386 architectures and using tfm.c there are specific
+CFLAGS required to expose the necessary registers for inline assembly in tfm.c.
+An example script has been provided "build-for-i386.sh" that targets the watchos
+by default. If using SDK iphonesimulator10.1 or older you can change the SDK
+variable in that script however newer versions of the SDK no longer support
+i386 for the iphones.
+
 # Installing libwolfssl.a
 
 Simply drag the file libwolfssl_XXX_.a and the directory `include` and drop it into

IDE/XCODE/build-for-i386.sh

@@ -0,0 +1,16 @@
+#!/bin/sh
+
+WORKSPACE=$(eval "pwd")
+PROJ=wolfssl.xcodeproj
+CONFIG=Release
+SCHEME=wolfssl_ios
+ARCH=i386
+SDK=watchsimulator5.1
+CONF_BUILD_DIR=${WORKSPACE}/simulator
+
+xcodebuild clean build -project ${PROJ} -configuration ${CONFIG} \
+           -scheme ${SCHEME} -arch ${ARCH} -sdk ${SDK} \
+           BITCODE_GENERATION_MODE=bitcode \
+           OTHER_CFLAGS="-fembed-bitcode -O3 -fomit-frame-pointer" \
+           CONFIGURATION_BUILD_DIR=${CONF_BUILD_DIR}  \
+           -quiet

IDE/XCODE/user_settings.h

@@ -16,6 +16,9 @@
     #undef NO_MAIN_DRIVER
     #define NO_MAIN_DRIVER
 
+    /* 128-bit type */
+    #define HAVE___UINT128_T
+
     /* fast math */
     #define USE_FAST_MATH
     #define HAVE_ECC

IDE/XCODE/wolfssl-FIPS.xcodeproj/project.pbxproj

@@ -1066,12 +1066,12 @@
 			isa = PBXNativeTarget;
 			buildConfigurationList = 52B1347216F3C9E800C07B32 /* Build configuration list for PBXNativeTarget "wolfssl_fips_ios" */;
 			buildPhases = (
-				52B1344916F3C9E800C07B32 /* Sources */,
 				52B1344A16F3C9E800C07B32 /* Frameworks */,
 				52B1344B16F3C9E800C07B32 /* CopyFiles */,
 				521646C11A8A7B380062516A /* CopyFiles */,
 				521646C21A8A7B3B0062516A /* CopyFiles */,
 				521646C31A8A7B3D0062516A /* CopyFiles */,
+				52B1344916F3C9E800C07B32 /* Sources */,
 			);
 			buildRules = (
 			);
@@ -1313,7 +1313,7 @@
 		52B1347316F3C9E800C07B32 /* Debug */ = {
 			isa = XCBuildConfiguration;
 			buildSettings = {
-				ALWAYS_SEARCH_USER_PATHS = YES;
+				ALWAYS_SEARCH_USER_PATHS = NO;
 				CLANG_LINK_OBJC_RUNTIME = NO;
 				DSTROOT = /tmp/wolfssl_ios.dst;
 				GCC_PRECOMPILE_PREFIX_HEADER = NO;
@@ -1321,6 +1321,7 @@
 				GCC_PREPROCESSOR_DEFINITIONS = (
 					"DEBUG=1",
 					HAVE_FIPS,
+					CYASSL_USER_SETTINGS,
 					WOLFSSL_USER_SETTINGS,
 				);
 				HEADER_SEARCH_PATHS = (
@@ -1340,13 +1341,14 @@
 		52B1347416F3C9E800C07B32 /* Release */ = {
 			isa = XCBuildConfiguration;
 			buildSettings = {
-				ALWAYS_SEARCH_USER_PATHS = YES;
+				ALWAYS_SEARCH_USER_PATHS = NO;
 				CLANG_LINK_OBJC_RUNTIME = NO;
 				DSTROOT = /tmp/wolfssl_ios.dst;
 				GCC_PRECOMPILE_PREFIX_HEADER = NO;
 				GCC_PREFIX_HEADER = "";
 				GCC_PREPROCESSOR_DEFINITIONS = (
 					HAVE_FIPS,
+					CYASSL_USER_SETTINGS,
 					WOLFSSL_USER_SETTINGS,
 				);
 				HEADER_SEARCH_PATHS = (
@@ -1374,6 +1376,7 @@
 				GCC_PREPROCESSOR_DEFINITIONS = (
 					"DEBUG=1",
 					HAVE_FIPS,
+					CYASSL_USER_SETTINGS,
 					WOLFSSL_USER_SETTINGS,
 				);
 				HEADER_SEARCH_PATHS = (
@@ -1401,6 +1404,7 @@
 				GCC_PREFIX_HEADER = "";
 				GCC_PREPROCESSOR_DEFINITIONS = (
 					HAVE_FIPS,
+					CYASSL_USER_SETTINGS,
 					WOLFSSL_USER_SETTINGS,
 				);
 				HEADER_SEARCH_PATHS = (

IDE/XCODE/wolfssl.xcworkspace/contents.xcworkspacedata

@@ -1,15 +1,15 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <Workspace
    version = "1.0">
+   <FileRef
+      location = "group:Benchmark/wolfBench.xcodeproj">
+   </FileRef>
    <FileRef
       location = "group:wolfssl-FIPS.xcodeproj">
    </FileRef>
    <FileRef
       location = "group:wolfssl_testsuite.xcodeproj">
    </FileRef>
-   <FileRef
-      location = "group:/Users/davidgarske/GitHub/wolfssl/IDE/XCODE/wolfcrypt_testbench.xcodeproj">
-   </FileRef>
    <FileRef
       location = "group:wolfssl.xcodeproj">
    </FileRef>

IDE/include.am

@@ -16,8 +16,10 @@ include IDE/OPENSTM32/include.am
 include IDE/VS-ARM/include.am
 include IDE/GCC-ARM/include.am
 include IDE/CSBENCH/include.am
+include IDE/ECLIPSE/DEOS/include.am
+include IDE/ECLIPSE/MICRIUM/include.am
 include IDE/mynewt/include.am
 include IDE/Renesas/cs+/Projects/include.am
 include IDE/Renesas/e2studio/Projects/include.am
 
-EXTRA_DIST+= IDE/IAR-EWARM IDE/MDK-ARM IDE/MDK5-ARM IDE/MYSQL IDE/LPCXPRESSO IDE/HEXIWEAR
+EXTRA_DIST+= IDE/IAR-EWARM IDE/MDK-ARM IDE/MDK5-ARM IDE/MYSQL IDE/LPCXPRESSO IDE/HEXIWEAR IDE/Espressif IDE/zephyr

IDE/zephyr/README.md

@@ -0,0 +1,41 @@
+Zephyr Project Port
+===================
+
+## Overview
+
+This port is for Zephyr Project available [here](https://www.zephyrproject.org/).
+
+It provides the following zephyr code.
+
+- zephyr/ext/lib/crypto/wolfssl
+    - wolfssl library
+- zephyr/samples/crypto/wolfssl_test
+    - wolfcrypt unit test application
+- zephyr/samples/crypto/wolfssl_tls_sock
+    - socket based sample of TLS
+- zephyr/samples/crypto/wolfssl_tls_thread
+    - socket based sample of TLS using threads
+
+## How to setup
+
+### delopy wolfssl source to mynewt project
+Specify the path of the mynewt project and execute  `wolfssl/IDE/mynewt/setup.sh`.
+
+```bash
+./IDE/zephyr/setup.sh　/path/to/zephyrproject
+```
+
+This script will deploy wolfssl's library code and samples as described in the Overview to the zephyr project.
+
+## build & test
+
+build and execute wolfssl_test
+
+```
+cd [zephyrproject]/zephyr/samples/crypto/wolfssl_test
+mkdir build && cd build
+cmake -GNinja -DBOARD=qemu_x86 ..
+ninja
+ninja run
+```
+

IDE/zephyr/lib/CMakeLists.txt

@@ -0,0 +1,122 @@
+zephyr_interface_library_named(wolfSSL)
+
+if(CONFIG_WOLFSSL_BUILTIN)
+  target_compile_definitions(wolfSSL INTERFACE
+	WOLFSSL_OPTIONS_FILE="${CONFIG_WOLFSSL_OPTIONS_FILE}"
+	)
+
+  target_include_directories(wolfSSL INTERFACE
+	include
+	settings
+	)
+
+  zephyr_library()
+  zephyr_library_sources(zephyr_init.c)
+
+  zephyr_library_sources(library/src/crl.c)
+  zephyr_library_sources(library/src/internal.c)
+  zephyr_library_sources(library/src/keys.c)
+  zephyr_library_sources(library/src/ocsp.c)
+  zephyr_library_sources(library/src/sniffer.c)
+  zephyr_library_sources(library/src/ssl.c)
+  zephyr_library_sources(library/src/tls13.c)
+  zephyr_library_sources(library/src/tls.c)
+  zephyr_library_sources(library/src/wolfio.c)
+
+  zephyr_library_sources(library/wolfcrypt/src/aes.c)
+  zephyr_library_sources(library/wolfcrypt/src/arc4.c)
+  zephyr_library_sources(library/wolfcrypt/src/asm.c)
+  zephyr_library_sources(library/wolfcrypt/src/asn.c)
+  zephyr_library_sources(library/wolfcrypt/src/async.c)
+  zephyr_library_sources(library/wolfcrypt/src/blake2b.c)
+  zephyr_library_sources(library/wolfcrypt/src/camellia.c)
+  zephyr_library_sources(library/wolfcrypt/src/chacha20_poly1305.c)
+  zephyr_library_sources(library/wolfcrypt/src/chacha.c)
+  zephyr_library_sources(library/wolfcrypt/src/cmac.c)
+  zephyr_library_sources(library/wolfcrypt/src/coding.c)
+  zephyr_library_sources(library/wolfcrypt/src/compress.c)
+  zephyr_library_sources(library/wolfcrypt/src/cpuid.c)
+  zephyr_library_sources(library/wolfcrypt/src/cryptocb.c)
+  zephyr_library_sources(library/wolfcrypt/src/curve25519.c)
+  zephyr_library_sources(library/wolfcrypt/src/des3.c)
+  zephyr_library_sources(library/wolfcrypt/src/dh.c)
+  zephyr_library_sources(library/wolfcrypt/src/dsa.c)
+  zephyr_library_sources(library/wolfcrypt/src/ecc.c)
+  zephyr_library_sources(library/wolfcrypt/src/ecc_fp.c)
+  zephyr_library_sources(library/wolfcrypt/src/ed25519.c)
+  zephyr_library_sources(library/wolfcrypt/src/error.c)
+  zephyr_library_sources(library/wolfcrypt/src/fe_low_mem.c)
+  zephyr_library_sources(library/wolfcrypt/src/fe_operations.c)
+  #zephyr_library_sources(library/wolfcrypt/src/fips.c)
+  #zephyr_library_sources(library/wolfcrypt/src/fips_test.c)
+  zephyr_library_sources(library/wolfcrypt/src/ge_low_mem.c)
+  zephyr_library_sources(library/wolfcrypt/src/ge_operations.c)
+  zephyr_library_sources(library/wolfcrypt/src/hash.c)
+  zephyr_library_sources(library/wolfcrypt/src/hc128.c)
+  zephyr_library_sources(library/wolfcrypt/src/hmac.c)
+  zephyr_library_sources(library/wolfcrypt/src/idea.c)
+  zephyr_library_sources(library/wolfcrypt/src/integer.c)
+  zephyr_library_sources(library/wolfcrypt/src/logging.c)
+  zephyr_library_sources(library/wolfcrypt/src/md2.c)
+  zephyr_library_sources(library/wolfcrypt/src/md4.c)
+  zephyr_library_sources(library/wolfcrypt/src/md5.c)
+  zephyr_library_sources(library/wolfcrypt/src/memory.c)
+  #zephyr_library_sources(library/wolfcrypt/src/misc.c)
+  zephyr_library_sources(library/wolfcrypt/src/pkcs12.c)
+  zephyr_library_sources(library/wolfcrypt/src/pkcs7.c)
+  zephyr_library_sources(library/wolfcrypt/src/poly1305.c)
+  zephyr_library_sources(library/wolfcrypt/src/pwdbased.c)
+  zephyr_library_sources(library/wolfcrypt/src/rabbit.c)
+  zephyr_library_sources(library/wolfcrypt/src/random.c)
+  zephyr_library_sources(library/wolfcrypt/src/ripemd.c)
+  zephyr_library_sources(library/wolfcrypt/src/rsa.c)
+  #zephyr_library_sources(library/wolfcrypt/src/selftest.c)
+  zephyr_library_sources(library/wolfcrypt/src/sha256.c)
+  zephyr_library_sources(library/wolfcrypt/src/sha3.c)
+  zephyr_library_sources(library/wolfcrypt/src/sha512.c)
+  zephyr_library_sources(library/wolfcrypt/src/sha.c)
+  zephyr_library_sources(library/wolfcrypt/src/signature.c)
+  zephyr_library_sources(library/wolfcrypt/src/sp_arm32.c)
+  zephyr_library_sources(library/wolfcrypt/src/sp_arm64.c)
+  zephyr_library_sources(library/wolfcrypt/src/sp_armthumb.c)
+  zephyr_library_sources(library/wolfcrypt/src/sp_c32.c)
+  zephyr_library_sources(library/wolfcrypt/src/sp_c64.c)
+  zephyr_library_sources(library/wolfcrypt/src/sp_cortexm.c)
+  zephyr_library_sources(library/wolfcrypt/src/sp_int.c)
+  zephyr_library_sources(library/wolfcrypt/src/sp_x86_64.c)
+  zephyr_library_sources(library/wolfcrypt/src/srp.c)
+  zephyr_library_sources(library/wolfcrypt/src/tfm.c)
+  zephyr_library_sources(library/wolfcrypt/src/wc_encrypt.c)
+  zephyr_library_sources(library/wolfcrypt/src/wc_pkcs11.c)
+  zephyr_library_sources(library/wolfcrypt/src/wc_port.c)
+  #zephyr_library_sources(library/wolfcrypt/src/wolfcrypt_first.c)
+  #zephyr_library_sources(library/wolfcrypt/src/wolfcrypt_last.c)
+  zephyr_library_sources(library/wolfcrypt/src/wolfevent.c)
+  zephyr_library_sources(library/wolfcrypt/src/wolfmath.c)
+
+  zephyr_library_link_libraries(wolfSSL)
+
+  add_definitions(-DWOLFSSL_USER_SETTINGS)
+  add_definitions(-DWOLFSSL_ZEPHYR)
+  include_directories("library")
+else()
+  assert(CONFIG_WOLFSSL_LIBRARY "wolfSSL was enabled, but neither BUILTIN or LIBRARY was selected.")
+
+  # NB: CONFIG_WOLFSSL_LIBRARY is not regression tested and is
+  # therefore susceptible to bit rot
+
+  target_include_directories(wolfSSL INTERFACE
+	${CONFIG_WOLFSSL_INSTALL_PATH}
+	)
+
+  zephyr_link_libraries(
+    mbedtls_external
+    -L${CONFIG_WOLFSSL_INSTALL_PATH}
+    gcc
+    )
+  # Lib wolfssl depends on libgcc so to allow
+  # wolfssl to link with gcc we need to ensure it is placed
+  # after wolfssl_external on the linkers command line.
+endif()
+
+target_link_libraries(wolfSSL INTERFACE zephyr_interface)

IDE/zephyr/lib/Kconfig

@@ -0,0 +1,85 @@
+# Kconfig - Cryptography primitive options for wolfSSL
+
+#
+# Copyright (c) 2016 Intel Corporation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+
+menuconfig WOLFSSL
+	bool "wolfSSL Support"
+	help
+	  This option enables the wolfSSL cryptography library.
+
+if WOLFSSL
+
+choice
+	prompt "Select implementation"
+	default WOLFSSL_BUILTIN
+
+config WOLFSSL_BUILTIN
+	bool "Enable wolfSSL integrated sources"
+	help
+	  Link with local wolfSSL sources instead of external library.
+
+config WOLFSSL_LIBRARY
+	bool "Enable wolfSSL external library"
+	help
+	  This option enables wolfSSL library.
+
+endchoice
+
+config WOLFSSL_SETTINGS_FILE
+	string "wolfSSL settings file"
+	depends on WOLFSSL_BUILTIN
+	default "user_settings-tls-generic.h"
+	help
+	  Use a specific wolfSSL settings file. The default config file
+	  file can be tweaked with Kconfig. The default settings is
+	  suitable to communicate with majority of HTTPS servers on the Internet,
+	  but has relatively many features enabled. To optimize resources for
+	  special TLS usage, use available Kconfig settings, or select an
+	  alternative config.
+
+if WOLFSSL_BUILTIN && WOLFSSL_SETTINGS_FILE = "user_settings-tls-generic.h"
+source "ext/lib/crypto/wolfssl/Kconfig.tls-generic"
+endif
+
+config WOLFSSL_DEBUG
+	bool "wolfSSL debug activation"
+	depends on WOLFSSL_BUILTIN
+	help
+	  Enable debugging activation for wolfSSL configuration. If you use
+	  wolfSSL/Zephyr integration (e.g. net_app), this will activate debug
+	  logging (of the level configured by WOLFSSL_DEBUG_LEVEL).
+
+config WOLFSSL_INSTALL_PATH
+	string "wolfSSL install path"
+	depends on WOLFSSL_LIBRARY
+	help
+	  This option holds the path where the wolfSSL libraries and headers are
+	  installed. Make sure this option is properly set when WOLFSSL_LIBRARY
+	  is enabled otherwise the build will fail.
+
+config APP_LINK_WITH_WOLFSSL
+	bool "Link 'app' with WOLFSSL"
+	default y
+	depends on WOLFSSL
+	help
+	  Add WOLFSSL header files to the 'app' include path. It may be
+	  disabled if the include paths for WOLFSSL are causing aliasing
+	  issues for 'app'.
+
+endif
+

IDE/zephyr/lib/Kconfig.tls-generic

@@ -0,0 +1,272 @@
+# Kconfig.tls - TLS/DTLS related options
+
+#
+# Copyright (c) 2018 Intel Corporation
+# Copyright (c) 2018 Nordic Semiconductor ASA
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+
+menu "TLS configuration"
+
+menu "Supported TLS version"
+
+config WOLFSSL_TLS_VERSION_1_0
+	bool "Enable support for TLS 1.0"
+	select WOLFSSL_ALLOW_TLSV10_ENABLED
+
+config WOLFSSL_TLS_VERSION_1_1
+	bool "Enable support for TLS 1.1"
+	select WOLFSSL_NO_OLD_TLS_DISABLED
+
+config WOLFSSL_TLS_VERSION_1_2
+	bool "Enable support for TLS 1.2"
+	default y
+
+config WOLFSSL_TLS_VERSION_1_3
+	bool "Enable support for TLS 1.3"
+	select WOLFSSL_TLS13_ENABLED
+
+endmenu
+
+menu "Ciphersuite configuration"
+
+comment "Supported key exchange modes"
+
+config WOLFSSL_KEY_EXCHANGE_ALL_ENABLED
+	bool "Enable all available ciphersuite modes"
+	select WOLFSSL_KEY_EXCHANGE_PSK_ENABLED
+	select WOLFSSL_KEY_EXCHANGE_DHE_PSK_ENABLED
+	select WOLFSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+	select WOLFSSL_KEY_EXCHANGE_RSA_PSK_ENABLED
+	select WOLFSSL_KEY_EXCHANGE_RSA_ENABLED
+	select WOLFSSL_KEY_EXCHANGE_DHE_RSA_ENABLED
+	select WOLFSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+	select WOLFSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+	select WOLFSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+	select WOLFSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+	select WOLFSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED
+	select WOLFSSL_KEY_EXCHANGE_ECJPAKE_ENABLED
+
+config WOLFSSL_KEY_EXCHANGE_PSK_ENABLED
+	bool "Enable the PSK based ciphersuite modes"
+
+config WOLFSSL_KEY_EXCHANGE_DHE_PSK_ENABLED
+	bool "Enable the DHE-PSK based ciphersuite modes"
+
+config WOLFSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+	bool "Enable the ECDHE-PSK based ciphersuite modes"
+
+config WOLFSSL_KEY_EXCHANGE_RSA_PSK_ENABLED
+	bool "Enable the RSA-PSK based ciphersuite modes"
+
+config WOLFSSL_KEY_EXCHANGE_RSA_ENABLED
+	bool "Enable the RSA-only based ciphersuite modes"
+	default y
+
+config WOLFSSL_KEY_EXCHANGE_DHE_RSA_ENABLED
+	bool "Enable the DHE-RSA based ciphersuite modes"
+
+config WOLFSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+	bool "Enable the ECDHE-RSA based ciphersuite modes"
+
+config WOLFSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+	bool "Enable the ECDHE-ECDSA based ciphersuite modes"
+
+config WOLFSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+	bool "Enable the ECDH-ECDSA based ciphersuite modes"
+
+config WOLFSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED
+	bool "Enable the ECDH-RSA based ciphersuite modes"
+
+config WOLFSSL_KEY_EXCHANGE_ECJPAKE_ENABLED
+	bool "Enable the ECJPAKE based ciphersuite modes"
+
+if WOLFSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED || \
+   WOLFSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED || \
+   WOLFSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || \
+   WOLFSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED || \
+   WOLFSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED || \
+   WOLFSSL_KEY_EXCHANGE_ECJPAKE_ENABLED
+
+comment "Supported elliptic curves"
+
+config WOLFSSL_ECP_ALL_ENABLED
+	bool "Enable all available elliptic curves"
+	select WOLFSSL_ECP_DP_SECP192R1_ENABLED
+	select WOLFSSL_ECP_DP_SECP192R1_ENABLED
+	select WOLFSSL_ECP_DP_SECP224R1_ENABLED
+	select WOLFSSL_ECP_DP_SECP256R1_ENABLED
+	select WOLFSSL_ECP_DP_SECP384R1_ENABLED
+	select WOLFSSL_ECP_DP_SECP521R1_ENABLED
+	select WOLFSSL_ECP_DP_SECP192K1_ENABLED
+	select WOLFSSL_ECP_DP_SECP224K1_ENABLED
+	select WOLFSSL_ECP_DP_SECP256K1_ENABLED
+	select WOLFSSL_ECP_DP_BP256R1_ENABLED
+	select WOLFSSL_ECP_DP_BP384R1_ENABLED
+	select WOLFSSL_ECP_DP_BP512R1_ENABLED
+	select WOLFSSL_ECP_DP_CURVE25519_ENABLED
+	select WOLFSSL_ECP_DP_CURVE448_ENABLED
+	select WOLFSSL_ECP_NIST_OPTIM
+
+config WOLFSSL_ECP_DP_SECP192R1_ENABLED
+	bool "Enable SECP192R1 elliptic curve"
+
+config WOLFSSL_ECP_DP_SECP224R1_ENABLED
+	bool "Enable SECP224R1 elliptic curve"
+
+config WOLFSSL_ECP_DP_SECP256R1_ENABLED
+	bool "Enable SECP256R1 elliptic curve"
+
+config WOLFSSL_ECP_DP_SECP384R1_ENABLED
+	bool "Enable SECP384R1 elliptic curve"
+
+config WOLFSSL_ECP_DP_SECP521R1_ENABLED
+	bool "Enable SECP521R1 elliptic curve"
+
+config WOLFSSL_ECP_DP_SECP192K1_ENABLED
+	bool "Enable SECP192K1 elliptic curve"
+
+config WOLFSSL_ECP_DP_SECP224K1_ENABLED
+	bool "Enable SECP224K1 elliptic curve"
+
+config WOLFSSL_ECP_DP_SECP256K1_ENABLED
+	bool "Enable SECP256K1 elliptic curve"
+
+config WOLFSSL_ECP_DP_BP256R1_ENABLED
+	bool "Enable BP256R1 elliptic curve"
+
+config WOLFSSL_ECP_DP_BP384R1_ENABLED
+	bool "Enable BP384R1 elliptic curve"
+
+config WOLFSSL_ECP_DP_BP512R1_ENABLED
+	bool "Enable BP512R1 elliptic curve"
+
+config WOLFSSL_ECP_DP_CURVE25519_ENABLED
+	bool "Enable CURVE25519 elliptic curve"
+
+config WOLFSSL_ECP_DP_CURVE448_ENABLED
+	bool "Enable CURVE448 elliptic curve"
+
+config WOLFSSL_ECP_NIST_OPTIM
+	bool "Enable NSIT curves optimization"
+
+endif
+
+comment "Supported cipher modes"
+
+config WOLFSSL_CIPHER_ALL_ENABLED
+	bool "Enable all available ciphers"
+	select WOLFSSL_CIPHER_AES_ENABLED
+	select WOLFSSL_CIPHER_CAMELLIA_ENABLED
+	select WOLFSSL_CIPHER_DES_ENABLED
+	select WOLFSSL_CIPHER_ARC4_ENABLED
+	select WOLFSSL_CIPHER_CHACHA20_ENABLED
+	select WOLFSSL_CIPHER_BLOWFISH_ENABLED
+	select WOLFSSL_CIPHER_CCM_ENABLED
+	select WOLFSSL_CIPHER_MODE_XTS_ENABLED
+	select WOLFSSL_CIPHER_MODE_GCM_ENABLED
+	select WOLFSSL_CIPHER_CBC_ENABLED
+	select WOLFSSL_CHACHAPOLY_AEAD_ENABLED
+
+config WOLFSSL_CIPHER_AES_ENABLED
+	bool "Enable the AES block cipher"
+	default y
+
+config WOLFSSL_AES_ROM_TABLES
+	depends on WOLFSSL_CIPHER_AES_ENABLED
+	bool "Use precomputed AES tables stored in ROM."
+	default y
+
+config WOLFSSL_CIPHER_CAMELLIA_ENABLED
+	bool "Enable the Camellia block cipher"
+
+config WOLFSSL_CIPHER_DES_ENABLED
+	bool "Enable the DES block cipher"
+	default y
+
+config WOLFSSL_CIPHER_ARC4_ENABLED
+	bool "Enable the ARC4 stream cipher"
+
+config WOLFSSL_CIPHER_CHACHA20_ENABLED
+	bool "Enable the ChaCha20 stream cipher"
+
+config WOLFSSL_CIPHER_BLOWFISH_ENABLED
+	bool "Enable the Blowfish block cipher"
+
+config WOLFSSL_CIPHER_CCM_ENABLED
+	bool "Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher"
+	depends on WOLFSSL_CIPHER_AES_ENABLED || WOLFSSL_CIPHER_CAMELLIA_ENABLED
+
+config WOLFSSL_CIPHER_MODE_XTS_ENABLED
+	bool "Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES"
+	depends on WOLFSSL_CIPHER_AES_ENABLED || WOLFSSL_CIPHER_CAMELLIA_ENABLED
+
+config WOLFSSL_CIPHER_MODE_GCM_ENABLED
+	bool "Enable the Galois/Counter Mode (GCM) for AES"
+	depends on WOLFSSL_CIPHER_AES_ENABLED || WOLFSSL_CIPHER_CAMELLIA_ENABLED
+
+config WOLFSSL_CIPHER_CBC_ENABLED
+	bool "Enable Cipher Block Chaining mode (CBC) for symmetric ciphers"
+	default y
+
+config WOLFSSL_CHACHAPOLY_AEAD_ENABLED
+	bool "Enable the ChaCha20-Poly1305 AEAD algorithm"
+	depends on WOLFSSL_CIPHER_CHACHA20_ENABLED || WOLFSSL_MAC_POLY1305_ENABLED
+
+comment "Supported message authentication methods"
+
+config WOLFSSL_MAC_ALL_ENABLED
+	bool "Enable all available MAC methods"
+	select WOLFSSL_MAC_MD4_ENABLED
+	select WOLFSSL_MAC_MD5_ENABLED
+	select WOLFSSL_MAC_SHA1_ENABLED
+	select WOLFSSL_MAC_SHA256_ENABLED
+	select WOLFSSL_MAC_SHA512_ENABLED
+	select WOLFSSL_MAC_POLY1305_ENABLED
+
+config WOLFSSL_MAC_MD4_ENABLED
+	bool "Enable the MD4 hash algorithm"
+
+config WOLFSSL_MAC_MD5_ENABLED
+	bool "Enable the MD5 hash algorithm"
+	default y
+
+config WOLFSSL_MAC_SHA1_ENABLED
+	bool "Enable the SHA1 hash algorithm"
+	default y
+
+config WOLFSSL_MAC_SHA256_ENABLED
+	bool "Enable the SHA-224 and SHA-256 hash algorithms"
+	default y
+
+config WOLFSSL_MAC_SHA512_ENABLED
+	bool "Enable the SHA-384 and SHA-512 hash algorithms"
+
+config WOLFSSL_MAC_POLY1305_ENABLED
+	bool "Enable the Poly1305 MAC algorithm"
+
+endmenu
+
+comment "Random number generators"
+
+config WOLFSSL_HMAC_DRBG_ENABLED
+	bool "Enable the HMAC_DRBG random generator"
+	default y
+
+comment "Other configurations"
+
+config WOLFSSL_HAVE_ASM
+	bool "Enable use of assembly code"
+	default y
+	help
+	  Enable use of assembly code in wolfSSL. This improves the performances
+	  of asymetric cryptography, however this might have an impact on the
+	  code size.
+
+config WOLFSSL_USER_SETTTINGS
+	string "User settings file for wolfSSL"
+	help
+	  User settings file that contains wolfSSL defines.
+
+endmenu

IDE/zephyr/lib/README

@@ -0,0 +1,12 @@
+
+wolfSSL (formerly known as CyaSSL) and wolfCrypt are either licensed for use
+under the GPLv2 or a standard commercial license. For our users who cannot use
+wolfSSL under GPLv2, a commercial license to wolfSSL and wolfCrypt is available.
+Please contact wolfSSL Inc. directly at:
+
+Email: licensing@wolfssl.com
+Phone: +1 425 245-8247
+
+More information can be found on the wolfSSL website at www.wolfssl.com.
+
+

IDE/zephyr/lib/install_lib.sh

@@ -0,0 +1,64 @@
+#!/bin/sh
+
+WOLFSSL_SRC_DIR=../../..
+
+if [ ! -d $WOLFSSL_SRC_DIR ]; then
+    echo "Directory does not exist: $WOLFSSL_SRC_DIR"
+    exit 1
+fi
+if [ ! -f $WOLFSSL_SRC_DIR/wolfssl/ssl.h ]; then
+    echo "Missing header file: $WOLFSSL_SRC_DIR/wolfssl/ssl.h"
+    exit 1
+fi
+
+ZEPHYR_DIR=
+if [ $# -ne 1 ]; then
+    echo "Need location of zephyr project as a command line argument"
+    exit 1
+else
+    ZEPHYR_DIR=$1
+fi
+if [ ! -d $ZEPHR_DIR ]; then
+    echo "Zephyr project directory does not exist: $ZEPHYR_DIR"
+    exit 1
+fi
+ZEPHYR_CRYPTO_DIR=$ZEPHYR_DIR/zephyr/ext/lib/crypto
+if [ ! -d $ZEPHYR_CRYPTO_DIR ]; then
+    echo "Zephyr crypto directory does not exist: $ZEPHYR_CRYPTO_DIR"
+    exit 1
+fi
+ZEPHYR_WOLFSSL_DIR=$ZEPHYR_CRYPTO_DIR/wolfssl
+
+echo "wolfSSL directory in Zephyr:"
+echo "  $ZEPHYR_WOLFSSL_DIR"
+rm -rf $ZEPHYR_WOLFSSL_DIR
+mkdir $ZEPHYR_WOLFSSL_DIR
+
+echo "Copy in Build files ..."
+cp -r * $ZEPHYR_WOLFSSL_DIR/
+rm $ZEPHYR_WOLFSSL_DIR/$0
+
+echo "Copy Source Code ..."
+rm -rf $ZEPHYR_WOLFSSL_DIR/library
+mkdir $ZEPHYR_WOLFSSL_DIR/library
+mkdir $ZEPHYR_WOLFSSL_DIR/library/src
+mkdir -p $ZEPHYR_WOLFSSL_DIR/library/wolfcrypt/src
+
+cp -rf ${WOLFSSL_SRC_DIR}/src/*.c $ZEPHYR_WOLFSSL_DIR/library/src/
+cp -rf ${WOLFSSL_SRC_DIR}/wolfcrypt/src/*.c $ZEPHYR_WOLFSSL_DIR/library/wolfcrypt/src/
+cp -rf ${WOLFSSL_SRC_DIR}/wolfcrypt/src/*.i $ZEPHYR_WOLFSSL_DIR/library/wolfcrypt/src/
+cp -rf ${WOLFSSL_SRC_DIR}/wolfcrypt/src/*.S $ZEPHYR_WOLFSSL_DIR/library/wolfcrypt/src/
+
+echo "Copy Header Files ..."
+rm -rf $ZEPHYR_WOLFSSL_DIR/include
+mkdir $ZEPHYR_WOLFSSL_DIR/include
+
+cp $ZEPHYR_WOLFSSL_DIR/user_settings.h $ZEPHYR_WOLFSSL_DIR/include/
+cp -rf ${WOLFSSL_SRC_DIR}/wolfssl $ZEPHYR_WOLFSSL_DIR/include/
+rm -f $ZEPHYR_WOLFSSL_DIR/include/wolfssl/options.h
+touch $ZEPHYR_WOLFSSL_DIR/include/wolfssl/options.h
+rm -rf $ZEPHYR_WOLFSSL_DIR/include/wolfssl/wolfcrypt/port
+
+
+echo "Done"
+

IDE/zephyr/lib/settings/user_settings-tls-generic.h

@@ -0,0 +1,147 @@
+/* wolfssl options.h
+ * generated from configure options
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ */
+
+#ifndef WOLFSSL_OPTIONS_H
+#define WOLFSSL_OPTIONS_H
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#undef  WOLFSSL_ZEPHYR
+#define WOLFSSL_ZEPHYR
+
+#if 0
+#undef  SINGLE_THREADED
+#define SINGLE_THREADED
+#endif
+
+#undef  TFM_TIMING_RESISTANT
+#define TFM_TIMING_RESISTANT
+
+#undef  ECC_TIMING_RESISTANT
+#define ECC_TIMING_RESISTANT
+
+#undef  WC_RSA_BLINDING
+#define WC_RSA_BLINDING
+
+#undef  HAVE_AESGCM
+#define HAVE_AESGCM
+
+#undef  WOLFSSL_SHA512
+#define WOLFSSL_SHA512
+
+#undef  WOLFSSL_SHA384
+#define WOLFSSL_SHA384
+
+#undef  NO_DSA
+#define NO_DSA
+
+#undef  HAVE_ECC
+#define HAVE_ECC
+
+#undef  TFM_ECC256
+#define TFM_ECC256
+
+#undef  WOLFSSL_BASE64_ENCODE
+#define WOLFSSL_BASE64_ENCODE
+
+#undef  NO_RC4
+#define NO_RC4
+
+#undef  NO_HC128
+#define NO_HC128
+
+#undef  NO_RABBIT
+#define NO_RABBIT
+
+#undef  WOLFSSL_SHA224
+#define WOLFSSL_SHA224
+
+#undef  WOLFSSL_SHA3
+#define WOLFSSL_SHA3
+
+#undef  HAVE_POLY1305
+#define HAVE_POLY1305
+
+#undef  HAVE_ONE_TIME_AUTH
+#define HAVE_ONE_TIME_AUTH
+
+#undef  HAVE_CHACHA
+#define HAVE_CHACHA
+
+#undef  HAVE_HASHDRBG
+#define HAVE_HASHDRBG
+
+#undef  NO_FILESYSTEM
+#define NO_FILESYSTEM
+
+#undef  HAVE_TLS_EXTENSIONS
+#define HAVE_TLS_EXTENSIONS
+
+#undef  HAVE_SUPPORTED_CURVES
+#define HAVE_SUPPORTED_CURVES
+
+#undef  HAVE_EXTENDED_MASTER
+#define HAVE_EXTENDED_MASTER
+
+#undef  NO_PSK
+#define NO_PSK
+
+#undef  NO_MD4
+#define NO_MD4
+
+#undef  NO_PWDBASED
+#define NO_PWDBASED
+
+#undef  USE_FAST_MATH
+#define USE_FAST_MATH
+
+#undef  WOLFSSL_NO_ASM
+#define WOLFSSL_NO_ASM
+
+#undef  WOLFSSL_X86_BUILD
+#define WOLFSSL_X86_BUILD
+
+#undef  WC_NO_ASYNC_THREADING
+#define WC_NO_ASYNC_THREADING
+
+#undef  NO_DES3
+#define NO_DES3
+
+#if 1
+#undef  NO_ASN_TIME
+#define NO_ASN_TIME
+#endif
+
+#undef  WOLFSSL_STATIC_MEMORY
+#define WOLFSSL_STATIC_MEMORY
+
+#if 0
+#undef  WOLFSSL_HAVE_SP_RSA
+#define WOLFSSL_HAVE_SP_RSA
+#undef  WOLFSSL_HAVE_SP_DH
+#define WOLFSSL_HAVE_SP_DH
+#undef  WOLFSSL_HAVE_SP_ECC
+#define WOLFSSL_HAVE_SP_ECC
+#endif
+
+#if 0
+#undef  DEBUG_WOLFSSL
+#define DEBUG_WOLFSSL
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+
+#endif /* WOLFSSL_OPTIONS_H */
+

IDE/zephyr/lib/user_settings.h

@@ -0,0 +1,147 @@
+
+#ifndef USER_SETTINGS_H
+#define USER_SETTINGS_H
+
+#ifdef CONFIG_WOLFSSL
+#ifdef CONFIG_WOLFSSL_SETTINGS_FILE
+
+#include CONFIG_WOLFSSL_SETTINGS_FILE
+
+#else
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#undef  WOLFSSL_ZEPHYR
+#define WOLFSSL_ZEPHYR
+
+#if 0
+#undef  SINGLE_THREADED
+#define SINGLE_THREADED
+#endif
+
+#undef  TFM_TIMING_RESISTANT
+#define TFM_TIMING_RESISTANT
+
+#undef  ECC_TIMING_RESISTANT
+#define ECC_TIMING_RESISTANT
+
+#undef  WC_RSA_BLINDING
+#define WC_RSA_BLINDING
+
+#undef  HAVE_AESGCM
+#define HAVE_AESGCM
+
+#undef  WOLFSSL_SHA512
+#define WOLFSSL_SHA512
+
+#undef  WOLFSSL_SHA384
+#define WOLFSSL_SHA384
+
+#undef  NO_DSA
+#define NO_DSA
+
+#undef  HAVE_ECC
+#define HAVE_ECC
+
+#undef  TFM_ECC256
+#define TFM_ECC256
+
+#undef  WOLFSSL_BASE64_ENCODE
+#define WOLFSSL_BASE64_ENCODE
+
+#undef  NO_RC4
+#define NO_RC4
+
+#undef  NO_HC128
+#define NO_HC128
+
+#undef  NO_RABBIT
+#define NO_RABBIT
+
+#undef  WOLFSSL_SHA224
+#define WOLFSSL_SHA224
+
+#undef  WOLFSSL_SHA3
+#define WOLFSSL_SHA3
+
+#undef  HAVE_POLY1305
+#define HAVE_POLY1305
+
+#undef  HAVE_ONE_TIME_AUTH
+#define HAVE_ONE_TIME_AUTH
+
+#undef  HAVE_CHACHA
+#define HAVE_CHACHA
+
+#undef  HAVE_HASHDRBG
+#define HAVE_HASHDRBG
+
+#undef  NO_FILESYSTEM
+#define NO_FILESYSTEM
+
+#undef  HAVE_TLS_EXTENSIONS
+#define HAVE_TLS_EXTENSIONS
+
+#undef  HAVE_SUPPORTED_CURVES
+#define HAVE_SUPPORTED_CURVES
+
+#undef  HAVE_EXTENDED_MASTER
+#define HAVE_EXTENDED_MASTER
+
+#undef  NO_PSK
+#define NO_PSK
+
+#undef  NO_MD4
+#define NO_MD4
+
+#undef  NO_PWDBASED
+#define NO_PWDBASED
+
+#undef  USE_FAST_MATH
+#define USE_FAST_MATH
+
+#undef  WOLFSSL_NO_ASM
+#define WOLFSSL_NO_ASM
+
+#undef  WOLFSSL_X86_BUILD
+#define WOLFSSL_X86_BUILD
+
+#undef  WC_NO_ASYNC_THREADING
+#define WC_NO_ASYNC_THREADING
+
+#undef  NO_DES3
+#define NO_DES3
+
+#if 1
+#undef  NO_ASN_TIME
+#define NO_ASN_TIME
+#endif
+
+#undef  WOLFSSL_STATIC_MEMORY
+#define WOLFSSL_STATIC_MEMORY
+
+#if 0
+#undef  WOLFSSL_HAVE_SP_RSA
+#define WOLFSSL_HAVE_SP_RSA
+#undef  WOLFSSL_HAVE_SP_DH
+#define WOLFSSL_HAVE_SP_DH
+#undef  WOLFSSL_HAVE_SP_ECC
+#define WOLFSSL_HAVE_SP_ECC
+#endif
+
+#if 0
+#undef  DEBUG_WOLFSSL
+#define DEBUG_WOLFSSL
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* CONFIG_WOLFSSL_SETTINGS_FILE */
+#endif /* CONFIG_WOLFSSL */
+
+#endif /* USER_SETTINGS_H */
+

IDE/zephyr/lib/zephyr_init.c

@@ -0,0 +1,19 @@
+/** @file
+ * @brief wolfSSL initialization
+ *
+ * Initialize the wolfSSL library.
+ */
+
+#include <init.h>
+
+#include "user_settings.h"
+#include "wolfssl/ssl.h"
+
+static int _wolfssl_init(struct device *device)
+{
+    ARG_UNUSED(device);
+
+    return 0;
+}
+
+SYS_INIT(_wolfssl_init, POST_KERNEL, 0);

IDE/zephyr/setup.sh

@@ -0,0 +1,22 @@
+#!/bin/sh
+
+# Check for zephyr directory on command line
+if [ $# -ne 1 ]; then
+    echo "Usage: $0 'zephyr project root directory path'" 1>&2
+    exit 1
+fi
+ZEPHYR_DIR=$1
+
+# Check zephyr directory exists
+if [ ! -d $ZEPHR_DIR ]; then
+    echo "Zephyr project directory does not exist: $ZEPHYR_DIR"
+    exit 1
+fi
+
+cd `dirname $0`
+
+(cd lib; ./install_lib.sh $ZEPHYR_DIR)
+(cd wolfssl_test; ./install_test.sh $ZEPHYR_DIR)
+(cd wolfssl_tls_sock; ./install_sample.sh $ZEPHYR_DIR)
+(cd wolfssl_tls_thread; ./install_sample.sh $ZEPHYR_DIR)
+

IDE/zephyr/wolfssl_test/CMakeLists.txt

@@ -0,0 +1,8 @@
+cmake_minimum_required(VERSION 3.13.1)
+include($ENV{ZEPHYR_BASE}/cmake/app/boilerplate.cmake NO_POLICY_SCOPE)
+project(wolfssl_test)
+
+FILE(GLOB app_sources src/*.c)
+target_sources(app PRIVATE ${app_sources})
+add_definitions(-DWOLFSSL_USER_SETTINGS)
+

IDE/zephyr/wolfssl_test/README

@@ -0,0 +1,12 @@
+
+wolfSSL (formerly known as CyaSSL) and wolfCrypt are either licensed for use
+under the GPLv2 or a standard commercial license. For our users who cannot use
+wolfSSL under GPLv2, a commercial license to wolfSSL and wolfCrypt is available.
+Please contact wolfSSL Inc. directly at:
+
+Email: licensing@wolfssl.com
+Phone: +1 425 245-8247
+
+More information can be found on the wolfSSL website at www.wolfssl.com.
+
+

IDE/zephyr/wolfssl_test/install_test.sh

@@ -0,0 +1,49 @@
+#!/bin/sh
+
+WOLFSSL_SRC_DIR=../../..
+
+if [ ! -d $WOLFSSL_SRC_DIR ]; then
+    echo "Directory does not exist: $WOLFSSL_SRC_DIR"
+    exit 1
+fi
+if [ ! -f $WOLFSSL_SRC_DIR/wolfcrypt/test/test.c ]; then
+    echo "Missing source file: $WOLFSSL_SRC_DIR/wolfcrypt/test/test.h"
+    exit 1
+fi
+
+ZEPHYR_DIR=
+if [ $# -ne 1 ]; then
+    echo "Need location of zephyr project as a command line argument"
+    exit 1
+else
+    ZEPHYR_DIR=$1
+fi
+if [ ! -d $ZEPHR_DIR ]; then
+    echo "Zephyr project directory does not exist: $ZEPHYR_DIR"
+    exit 1
+fi
+ZEPHYR_CRYPTO_DIR=$ZEPHYR_DIR/zephyr/samples/crypto
+if [ ! -d $ZEPHYR_CRYPTO_DIR ]; then
+    echo "Zephyr crypto directory does not exist: $ZEPHYR_CRYPTO_DIR"
+    exit 1
+fi
+ZEPHYR_WOLFSSL_DIR=$ZEPHYR_CRYPTO_DIR/wolfssl_test
+
+echo "wolfSSL directory:"
+echo "  $ZEPHYR_WOLFSSL_DIR"
+rm -rf $ZEPHYR_WOLFSSL_DIR
+mkdir $ZEPHYR_WOLFSSL_DIR
+
+echo "Copy in Build files ..."
+cp -r * $ZEPHYR_WOLFSSL_DIR/
+rm $ZEPHYR_WOLFSSL_DIR/$0
+
+echo "Copy Source Code ..."
+rm -rf $ZEPHYR_WOLFSSL_DIR/src
+mkdir $ZEPHYR_WOLFSSL_DIR/src
+
+cp -rf ${WOLFSSL_SRC_DIR}/wolfcrypt/test/test.c $ZEPHYR_WOLFSSL_DIR/src/
+cp -rf ${WOLFSSL_SRC_DIR}/wolfcrypt/test/test.h $ZEPHYR_WOLFSSL_DIR/src/
+
+echo "Done"
+

IDE/zephyr/wolfssl_test/prj.conf

@@ -0,0 +1,25 @@
+# Kernel options
+CONFIG_MAIN_STACK_SIZE=32768
+CONFIG_ENTROPY_GENERATOR=y
+CONFIG_POSIX_API=y
+CONFIG_INIT_STACKS=y
+#CONFIG_FLOAT=y
+CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE=8192
+
+# Networking
+CONFIG_NETWORKING=y
+CONFIG_NET_TEST=y
+CONFIG_NET_LOOPBACK=y
+CONFIG_NET_IPV4=y
+CONFIG_NET_IPV6=y
+CONFIG_NET_SOCKETS=y
+CONFIG_DNS_RESOLVER=y
+
+# Logging
+CONFIG_PRINTK=y
+CONFIG_WOLFSSL_DEBUG=y
+
+# TLS configuration
+CONFIG_WOLFSSL=y
+CONFIG_WOLFSSL_BUILTIN=y
+

IDE/zephyr/wolfssl_test/sample.yaml

@@ -0,0 +1,9 @@
+common:
+  harness: crypto
+  tags: crypto
+sample:
+  description: wolfSSL test application
+  name: wolfSSL Test
+tests:
+  test:
+    platform_whitelist: qemu_x86

IDE/zephyr/wolfssl_tls_sock/CMakeLists.txt

@@ -0,0 +1,8 @@
+cmake_minimum_required(VERSION 3.13.1)
+include($ENV{ZEPHYR_BASE}/cmake/app/boilerplate.cmake NO_POLICY_SCOPE)
+project(wolfssl_tls_threaded)
+
+FILE(GLOB app_sources src/*.c)
+target_sources(app PRIVATE ${app_sources})
+add_definitions(-DWOLFSSL_USER_SETTINGS)
+

IDE/zephyr/wolfssl_tls_sock/README

@@ -0,0 +1,12 @@
+
+wolfSSL (formerly known as CyaSSL) and wolfCrypt are either licensed for use
+under the GPLv2 or a standard commercial license. For our users who cannot use
+wolfSSL under GPLv2, a commercial license to wolfSSL and wolfCrypt is available.
+Please contact wolfSSL Inc. directly at:
+
+Email: licensing@wolfssl.com
+Phone: +1 425 245-8247
+
+More information can be found on the wolfSSL website at www.wolfssl.com.
+
+