Merge pull request #2906 from ejohnstown/release-rollup

Release Rollup

ChangeLog.md

@@ -1,3 +1,127 @@
+# wolfSSL Release 4.4.0 (04/22/2020)
+
+If you have questions about this release, then feel free to contact us on our
+info@ address.
+
+Release 4.4.0 of wolfSSL embedded TLS has bug fixes and new features including:
+
+## New Feature Additions
+
+* Hexagon support.
+* DSP builds to offload ECC verify operations.
+* Certificate Manager callback support.
+* New APIs for running updates to ChaCha20/Poly1305 AEAD.
+* Support for use with Apache.
+* Add support for IBM s390x.
+* PKCS8 support for ED25519.
+* OpenVPN support.
+* Add P384 curve support to SP.
+* Add BIO and EVP API.
+* Add AES-OFB mode.
+* Add AES-CFB mode.
+* Add Curve448, X448, and Ed448.
+* Add Renesas Synergy S7G2 build and hardware acceleration.
+
+## Fixes
+
+* Fix for RSA public encrypt / private sign with RSA key sizes over 2048-bit.
+* Correct misspellings.
+* Secure renegotiation fix.
+* Fix memory leak when using ATECC and non-SECP256R1 curves for sign, verify,
+  or shared secret.
+* Fix for K64 MMCAU with `WOLFSSL_SMALL_STACK_CACHE`.
+* Fix the RSA verify only build.
+* Fix in SP C implementation for small stack.
+* Fix using the auth key id extension is set, hash might not be present.
+* Fix when flattening certificate structure to include the subject alt names.
+* Fixes for building with ECC sign/verify only.
+* Fix for ECC and no cache resistance.
+* Fix memory leak in DSA.
+* Fix build on minGW.
+* Fix `PemToDer()` call in `ProcessBuffer()` to set more than ECC.
+* Fix for using RSA without SHA-512.
+* Add some close tags to the echoserver HTTP example output.
+* Miscellaneous fixes and updates for static analysis reports.
+* Fixes for time structure support.
+* Fixes for VxWorks support.
+* Fixes for Async crypto support.
+* Fix cache resist compile to work with SP C code.
+* Fixes for Curve25519 x64 asm.
+* Fix for SP x64 div.
+* Fix for DTLS edge case where CCS and Finished come out of order and the
+  retransmit pool gets flushed.
+* Fix for infinite loop in SHA-1 with small inputs. Thanks to Peter W.
+* Fix for FIPS Hmac where `wc_HmacInit()` isn't used. `wc_HmacSetKey()` needs
+  to initialize the Hmac structure. Type is set to NONE, and checked against
+  NONE, not 0.
+* Fixes for SP RSA private operations.
+* Fixes for Xilinx SDK and Zynq UltraScale+ MPSoC
+* Fix leak when building with HAVE_AESGCM and NO_AES_DECRYPT. Thanks G.G.
+* Fixes for building ECC without ASN.
+* Fix for async TLSv1.3 issues.
+* Fix `wc_KeyPemToDer()` with PKCS1 and empty key.
+* Omit `-fomit-frame-pointer` from CFLAGS in configure.ac.
+
+## Improvements/Optimizations
+
+* Qt 5.12 and 5.13 support.
+* Added more digest types to Cryptocell RSA sign/verify.
+* Some memory usage improvements.
+* Speed improvements for mp_rand.
+* Improvements to CRL and OCSP support.
+* Refactor Poly1305 AEAD/MAC to reduce duplicate code.
+* Add blinding to RSA key gen.
+* Improvements to blinding.
+* Improvement and expansion of OpenSSL Compatibility Layer.
+* Improvements to ChaCha20.
+* Improvements to X.509 processing.
+* Improvements to ECC support.
+* Improvement in detecting 64-bit support.
+* Refactor to combine duplicate ECC parameter parsing code.
+* Improve keyFormat to be set by algId and let later key parsing produce fail.
+* Add test cases for 3072-bit and 4096-bit RSA keys.
+* Improve signature wrapper and DH test cases.
+* Improvements to the configure.ac script.
+* Added constant time RSA q modinv p.
+* Improve performance of SP Intel 64-bit asm.
+* Added a few more functions to the ABI list.
+* Improve TLS bidirectional shutdown behavior.
+* OpenSSH 8.1 support.
+* Improve performance of RSA/DH operations on x64.
+* Add support for PKCS7/CMS Enveloped data with fragmented encrypted content.
+* Example linker description for FIPS builds to enforce object ordering.
+* C# wrapper improvements. Added TLS client example and TLSv1.3 methods.
+* Allow setting MTU in DTLS.
+* Improve PKCS12 create for outputting encrypted bundles.
+* Constant time EC map to affine for private operations.
+* Improve performance of RSA public key ops with TFM.
+* Smaller table version of AES encrypt/decrypt.
+* Support IAR with position independent code (ROPI).
+* Improve speed of AArch64 assembly.
+* Support AES-CTR with AES-NI.
+* Support AES-CTR on esp32.
+* Add a no malloc option for small SP math.
+
+## This release of wolfSSL includes fixes for 2 security vulnerabilities.
+
+* For fast math, use a constant time modular inverse when mapping to affine
+  when operation involves a private key - keygen, calc shared secret, sign.
+  Thank you to Alejandro Cabrera Aldaya, Cesar Pereida García and
+  Billy Bob Brumley from the Network and Information Security Group (NISEC)
+  at Tampere University for the report.
+
+* Change constant time and cache resistant ECC mulmod. Ensure points being
+  operated on change to make constant time. Thank you to Pietro Borrello at
+  Sapienza University of Rome.
+
+For additional vulnerability information visit the vulnerability page at
+https://www.wolfssl.com/docs/security-vulnerabilities/
+
+See INSTALL file for build instructions.
+More info can be found on-line at https://wolfssl.com/wolfSSL/Docs.html
+
+
+
 # wolfSSL Release 4.3.0 (12/20/2019)
 
 If you have questions about this release, then feel free to contact us on our info@ address.
@@ -1020,7 +1144,7 @@ More info can be found on-line at https://wolfssl.com/wolfSSL/Docs.html
 - Add helper functions for static memory option to allow getting optimum buffer
   sizes.
 - Update DTLS behavior on bad MAC. DTLS silently drops packets with bad MACs now.
-- Update fp_isprime function from libtom enchancement/cleanup repository.
+- Update fp_isprime function from libtom enhancement/cleanup repository.
 - Update sanity checks on inputs and return values for AES-CMAC.
 - Update wolfSSL for use with MYSQL v5.6.30.
 - Update LPCXpresso eclipse project to not include misc.c when not needed.
@@ -1347,7 +1471,7 @@ More info can be found on-line at //http://wolfssl.com/yaSSL/Docs.html
   the Prosecco team at INRIA Paris-Rocquencourt for the report.
 - FIPS version submitted
 - Removes SSLv2 Client Hello processing, can be enabled with OLD_HELLO_ALLOWED
-- User can set mimimum downgrade version with CyaSSL_SetMinVersion()
+- User can set minimum downgrade version with CyaSSL_SetMinVersion()
 - Small stack improvements at TLS/SSL layer
 - TLS Master Secret generation and Key Expansion are now exposed
 - Adds client side Secure Renegotiation, * not recommended *
@@ -2014,7 +2138,7 @@ works but seems to remove sockets from  TIME_WAIT entirely?
 
 `sudo sysctl -w net.ipv4.tcp_fin_timeout=1`
 
-doen't control TIME_WAIT, it controls FIN_WAIT(2) contrary to some posts
+doesn't control TIME_WAIT, it controls FIN_WAIT(2) contrary to some posts
 
 
 # CyaSSL Release 1.4.0 (2/18/2010)

IDE/ARDUINO/sketches/wolfssl_client/wolfssl_client.ino

@@ -1,6 +1,6 @@
 /* wolfssl_client.ino
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/ARDUINO/sketches/wolfssl_server/wolfssl_server.ino

@@ -1,6 +1,6 @@
 /* wolfssl_server.ino
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/CRYPTOCELL/README.md

@@ -22,13 +22,15 @@ The `IDE/CRYPTOCELL/main.c` example application provides a function to run the s
 - SHA-256
 - AES CBC
 - CryptoCell 310 RNG
-- RSA sign/verify and RSA key gen
+- RSA sign/verify and RSA key gen (2048 bit in PKCSv1.5 padding mode)
 - RSA encrypt/decrypt
 - ECC sign/verify/shared secret
 - ECC key import/export and key gen pairs
 - Hardware RNG
 - RTC for benchmark timing source
 
+Note: All Cryptocell features are not supported. The wolfcrypt RSA API allows import and export of Private/Public keys in DER format. However, this is not possible with key pairs generated with Cryptocell because the importing/exporting Cryptocell keys has not been implemented yet.
+
 ## Setup
 ### Setting up Nordic SDK with wolfSSL
 1. Download the wolfSSL source code or a zip file from GitHub and place it under your SDK `InstallFolder/external/` directory. You can also copy or simlink to the source.

IDE/CRYPTOCELL/main.c

@@ -1,6 +1,6 @@
 /* main.c
  *
- * Copyright (C) 2019 wolfSSL Inc.
+ * Copyright (C) 2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/CRYPTOCELL/user_settings.h

@@ -1,6 +1,6 @@
 /* user_settings.h
  *
- * Copyright (C) 2019 wolfSSL Inc.
+ * Copyright (C) 2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/ECLIPSE/DEOS/deos_malloc.c

@@ -1,6 +1,6 @@
 /* deos_malloc.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/ECLIPSE/DEOS/tls_wolfssl.c

@@ -1,6 +1,6 @@
 /* tls_wolfssl.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -380,10 +380,7 @@ void wolfssl_server_test(uintData_t statusPtr)
     int  socketAddrLen=sizeof(sockaddr);
     char rx_buf[RX_BUF_SIZE];
     char tx_buf[TX_BUF_SIZE];
-    unsigned  char attempt_conn;
     clientConnectionHandleType TCPserverHandle;
-    void * sendBuffer;
-    DWORD bufferSizeInBytes;
 
     WOLFSSL * ssl;
     WOLFSSL_CTX * ctx;
@@ -572,7 +569,6 @@ int  wolfsslRunTests (void)
 {
     thread_handle_t TCPhandle;
     threadStatus ts;
-    int ret;
 
     #if !defined(NO_CRYPT_TEST)
         wolfcrypt_test(NULL);

IDE/ECLIPSE/DEOS/tls_wolfssl.h

@@ -1,6 +1,6 @@
 /* tls_wolfssl.h
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/ECLIPSE/DEOS/user_settings.h

@@ -1,6 +1,6 @@
 /* user_setting.h
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/ECLIPSE/MICRIUM/client_wolfssl.c

@@ -1,6 +1,6 @@
 /* client_wolfssl.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/ECLIPSE/MICRIUM/client_wolfssl.h

@@ -1,6 +1,6 @@
 /* client_wolfssl.h
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/ECLIPSE/MICRIUM/server_wolfssl.c

@@ -1,6 +1,6 @@
 /* server_wolfssl.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/ECLIPSE/MICRIUM/server_wolfssl.h

@@ -1,6 +1,6 @@
 /* server_wolfssl.h
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/ECLIPSE/MICRIUM/user_settings.h

@@ -1,6 +1,6 @@
 /* user_setting.h
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/ECLIPSE/MICRIUM/wolfsslRunTests.c

@@ -1,6 +1,6 @@
 /* wolfsslRunTests.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/Espressif/ESP-IDF/dummy_config_h

@@ -1,6 +1,6 @@
 /* config.h - dummy
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/helper.c

@@ -1,6 +1,6 @@
 /* helper.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c

@@ -1,6 +1,6 @@
 /* client-tls-callback.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h

@@ -1,6 +1,6 @@
 /* user_settings.h
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c

@@ -1,6 +1,6 @@
 /* wifi_connect.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -92,7 +92,7 @@ static void tls_smp_client_init(void)
         ESP_LOGI(TAG, "create thread %s failed", TLS_SMP_CLIENT_TASK_NAME);
     }
 }
-/* event hander for wifi events */
+/* event handler for wifi events */
 static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
 {
     switch (event->event_id)

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h

@@ -1,6 +1,6 @@
 /* wifi_connect.h
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c

@@ -1,6 +1,6 @@
 /* server-tls-callback.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -64,7 +64,7 @@ static void ShowCiphers(void)
 #include "wolfssl/wolfcrypt/port/atmel/atmel.h"
 
 /* when you want to use a custom slot allocation */
-/* enable the difinition CUSTOM_SLOT_ALLOCATION. */
+/* enable the definition CUSTOM_SLOT_ALLOCATION. */
 
 #if defined(CUSTOM_SLOT_ALLOCATION)
 

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c

@@ -1,6 +1,6 @@
 /* wifi_connect.c 
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -35,7 +35,7 @@ const static int CONNECTED_BIT = BIT0;
 static EventGroupHandle_t wifi_event_group;
 /* prefix for logging */
 const static char *TAG = "tls_server";
-/* proto-type difinition */
+/* proto-type definition */
 extern void tls_smp_server_task();
 static void tls_smp_server_init();
 
@@ -89,7 +89,7 @@ static void tls_smp_server_init(void)
         ESP_LOGI(TAG, "create thread %s failed", TLS_SMP_SERVER_TASK_NAME);
     }
 }
-/* event hander for wifi events */
+/* event handler for wifi events */
 static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
 {
     switch (event->event_id)
@@ -98,8 +98,13 @@ static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
         esp_wifi_connect();
         break;
     case SYSTEM_EVENT_STA_GOT_IP:
+#if ESP_IDF_VERSION_MAJOR >= 4 && ESP_IDF_VERSION_MINOR >= 1
+        ESP_LOGI(TAG, "got ip:" IPSTR "\n",
+                 IP2STR(&event->event_info.got_ip.ip_info.ip));
+#else
         ESP_LOGI(TAG, "got ip:%s",
                  ip4addr_ntoa(&event->event_info.got_ip.ip_info.ip));
+#endif
         /* http://esp32.info/docs/esp_idf/html/dd/d08/group__xEventGroupSetBits.html */
         xEventGroupSetBits(wifi_event_group, CONNECTED_BIT);
         break;
@@ -120,8 +125,11 @@ void app_main(void)
 
     ESP_LOGI(TAG, "Initialize wifi");
     /* TCP/IP adapter initialization */
+#if ESP_IDF_VERSION_MAJOR >= 4 && ESP_IDF_VERSION_MINOR >= 1
+    esp_netif_init();
+#else
     tcpip_adapter_init();
-
+#endif
     /* */
 #if ESP_IDF_VERSION_MAJOR >= 4 && ESP_IDF_VERSION_MINOR >= 1
     (void) wifi_event_handler;

IDE/Espressif/ESP-IDF/test/test_wolfssl.c

@@ -171,7 +171,7 @@ static void tskAes256_Test(void *pvParam)
 }
 #endif
 
-#if !defined(NO_RSA) || defined(HAVE_ECC)
+#if (!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(WC_NO_RNG)
 
 int mp_performance_check(int mul, int mulmod, int exptmod)
 {
@@ -280,13 +280,13 @@ int mp_performance_check(int mul, int mulmod, int exptmod)
                 printf("(%d,%d) Xbits = %d, Ybits = %d Pbits = %d",
                                                         i , j, Xbits, Ybits, Pbits);
                 if(mul) {
-                    printf(" mul = %llu (us)", elapsedTime1);
+                    printf(" mul = %llu (us)", (unsigned long long)elapsedTime1);
                 }
                 if(mulmod) {
-                    printf(" mulmod = %llu (us)\n", elapsedTime2);
+                    printf(" mulmod = %llu (us)\n", (unsigned long long)elapsedTime2);
                 }
                 if(exptmod) {
-                    printf(" exptmod = %llu (ms)\n", elapsedTime3);
+                    printf(" exptmod = %llu (ms)\n", (unsigned long long)elapsedTime3);
                 }
             }
         }
@@ -539,20 +539,20 @@ int mp_unitest_exptmod(const char* strZ, const char* strX, const char* strY,
 TEST_CASE("wolfssl mp exptmod test"   , "[wolfssl]")
 {
     ESP_LOGI(TAG, "mp test");
-    int verbose = 0;
+    int verbose = 1;
 
-    TEST_ASSERT_EQUAL(0, mp_unitest_exptmod("2", "5", "1", "3", verbose));
-    TEST_ASSERT_EQUAL(0, mp_unitest_exptmod("1", "-5", "1", "3", verbose));
+    TEST_ASSERT_EQUAL(0, mp_unitest_exptmod("02", "5", "1", "3", verbose));
+    TEST_ASSERT_EQUAL(0, mp_unitest_exptmod("01", "-5", "1", "3", verbose));
     TEST_ASSERT_EQUAL(0, mp_unitest_exptmod("CE331E6D30A77A57", "1234", "A",
                            "FFFFFFFFFFFFFFFF", verbose));
-    TEST_ASSERT_EQUAL(0, mp_unitest_exptmod("1000000", "1000", "2", "FFFFFFF", verbose));
-    TEST_ASSERT_EQUAL(0, mp_unitest_exptmod("1000000", "2", "128",
+    TEST_ASSERT_EQUAL(0, mp_unitest_exptmod("01000000", "1000", "2", "FFFFFFF", verbose));
+    TEST_ASSERT_EQUAL(0, mp_unitest_exptmod("01000000", "2", "128",
                             "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", verbose));
-    TEST_ASSERT_EQUAL(0, mp_unitest_exptmod("14B5A90", "1234", "2", "FFFFFFF", verbose));
-    TEST_ASSERT_EQUAL(0, mp_unitest_exptmod("1234321", "1111", "2", "FFFFFFFF", verbose));
-    TEST_ASSERT_EQUAL(0, mp_unitest_exptmod("2", "5", "1", "3", verbose));
+    TEST_ASSERT_EQUAL(0, mp_unitest_exptmod("014B5A90", "1234", "2", "FFFFFFF", verbose));
+    TEST_ASSERT_EQUAL(0, mp_unitest_exptmod("01234321", "1111", "2", "FFFFFFFF", verbose));
+    TEST_ASSERT_EQUAL(0, mp_unitest_exptmod("02", "5", "1", "3", verbose));
     TEST_ASSERT_EQUAL(0, mp_unitest_exptmod("22", "55", "1", "33", verbose));
-    TEST_ASSERT_EQUAL(0, mp_unitest_exptmod("222", "555", "1", "333", verbose));
+    TEST_ASSERT_EQUAL(0, mp_unitest_exptmod("0222", "555", "1", "333", verbose));
     TEST_ASSERT_EQUAL(0, mp_unitest_exptmod("2222", "5555", "1", "3333", verbose));
     TEST_ASSERT_EQUAL(0, mp_unitest_exptmod("11", "5555", "1", "33", verbose));
     TEST_ASSERT_EQUAL(0, mp_unitest_exptmod("55", "1111", "1", "77", verbose));
@@ -564,14 +564,14 @@ TEST_CASE("wolfssl mp mulmod test"   , "[wolfssl]")
     ESP_LOGI(TAG, "mp test");
     int verbose = 0;
     /*                                      Z    X    Y    M */
-    TEST_ASSERT_EQUAL(0, mp_unitest_mulmod("2", "5", "1", "3", verbose));
-    TEST_ASSERT_EQUAL(0, mp_unitest_mulmod("1", "-5", "1", "3", verbose));
-    TEST_ASSERT_EQUAL(0, mp_unitest_mulmod("2", "-64", "A", "3", verbose));
+    TEST_ASSERT_EQUAL(0, mp_unitest_mulmod("02", "5", "1", "3", verbose));
+    TEST_ASSERT_EQUAL(0, mp_unitest_mulmod("01", "-5", "1", "3", verbose));
+    TEST_ASSERT_EQUAL(0, mp_unitest_mulmod("02", "-64", "A", "3", verbose));
     TEST_ASSERT_EQUAL(0, mp_unitest_mulmod("74C3AC", "123456", "55555", "AAAAA1", verbose));
     TEST_ASSERT_EQUAL(0, mp_unitest_mulmod("73A068", "123456", "55555", "AAAAA3", verbose));
 
     mp_unitest_mulmod(
-    "10C530243ADE5EA7C557E9A2FF5B4573195665A89CB921F573267B15CD2BCB6467E925235AA752CC2D08B07D31497B497744CA3685A46E76247439826628589DD814AC9EEE9EF8B4B44BEE2DB6065BE3C51B788E4ECFF39FB28C3D8EBE10FC9989D97CDC6624E32EBD222E222A2E93085FC2D05E4EB73375F7FC7B11E9B3024",
+    "010C530243ADE5EA7C557E9A2FF5B4573195665A89CB921F573267B15CD2BCB6467E925235AA752CC2D08B07D31497B497744CA3685A46E76247439826628589DD814AC9EEE9EF8B4B44BEE2DB6065BE3C51B788E4ECFF39FB28C3D8EBE10FC9989D97CDC6624E32EBD222E222A2E93085FC2D05E4EB73375F7FC7B11E9B3024",
     "A4F780E83C3FAC34878787D4876BA7582E48C7637A26C6E720974FC7416150A3865D44F6D08E3DA38EB4296928C564D9A0008D8A0D63E0B8EF54D14D54FBEAB540E43D2ED6BE54806D9150C1944437CC3D8B2486A1FB932A6691B529E0E2A46524CB0825BA4F4E1B9C24554DB1913169E5373173A3B7CBBF77C3403C8C7AE86A",
     "6520379E44C1A2C359342010E1038F8C3644D9A47A9346A80C92B48A6986872D74C3BDDB49B2D93C554B588D4A4448614FADBC066CC10F3EB20A2422EA857B7DD0BF60C9CB7D733B12761BD785BCD122D97ECA0A8F1D0F705BC094B66EE5C96712AE3B14B5AA6AD9E50C6A3020BA01DA4FB94E3934527ADCDB3DE51C368B37C2",
     "BE7070B80418E528FE66D89088E0F1B7C3D0D23EE64B9474B0FFB0F763A5AB7EAFB62BB738161A50BFF1CA873AD5B0DAF8437A15B97EEA2A80D251B035AF07F3F25D243A4B8756481B3C249ADA7080BD3C8B034A0C8371DEE30370A2B760091B5EC73DA06460E3A9068DD3FF42BB0A94272D57420DB02DE0BA182560921192F3",
@@ -604,11 +604,11 @@ TEST_CASE("wolfssl mp mul test"   , "[wolfssl]")
     ESP_LOGI(TAG, "mp test");
     int verbose = 0;
 
-    TEST_ASSERT_EQUAL(0, mp_unitest_mul("A", "5", "2", verbose));
-    TEST_ASSERT_EQUAL(0, mp_unitest_mul("-A", "-5", "2", verbose));
-    TEST_ASSERT_EQUAL(0, mp_unitest_mul("A", "-5", "-2", verbose));
-    TEST_ASSERT_EQUAL(0, mp_unitest_mul("6260060", "1234", "5678", verbose));
-    TEST_ASSERT_EQUAL(0, mp_unitest_mul("38E83", "123", "321", verbose));
+    TEST_ASSERT_EQUAL(0, mp_unitest_mul("0A", "5", "2", verbose));
+    TEST_ASSERT_EQUAL(0, mp_unitest_mul("-0A", "-5", "2", verbose));
+    TEST_ASSERT_EQUAL(0, mp_unitest_mul("0A", "-5", "-2", verbose));
+    TEST_ASSERT_EQUAL(0, mp_unitest_mul("06260060", "1234", "5678", verbose));
+    TEST_ASSERT_EQUAL(0, mp_unitest_mul("038E83", "123", "321", verbose));
     TEST_ASSERT_EQUAL(0, mp_unitest_mul("75CD7FCBBC", "123456", "6789A", verbose));
 
     TEST_ASSERT_EQUAL(0, mp_unitest_mul(
@@ -618,7 +618,7 @@ TEST_CASE("wolfssl mp mul test"   , "[wolfssl]")
     verbose));
 
     TEST_ASSERT_EQUAL(0, mp_unitest_mul(
-    "33676FE7B625BF0759F7E8932B6B50D5F45E16E1C670AD20F1CDA5DFFA433685937CA8422A9CB916CC8",
+    "033676FE7B625BF0759F7E8932B6B50D5F45E16E1C670AD20F1CDA5DFFA433685937CA8422A9CB916CC8",
     "165196BA298CD54975DC483C4D21A51EA0A146783CFB41522E76E50C",
     "24D9D5CA7D9CCC06F5E70F1963E6",
     verbose));
@@ -636,7 +636,7 @@ TEST_CASE("wolfssl mp mul performance test"   , "[wolfssl]")
 
     TEST_ASSERT_EQUAL(0, mp_performance_check(mul, mulmod, exptmod));
 }
-#endif/* !NO_RSA || HAVE_ECC */
+#endif/* (!NO_RSA || HAVE_ECC) && !WC_NO_RNG */
 
 TEST_CASE("wolfssl aes test"  , "[wolfssl]")
 {

IDE/Espressif/ESP-IDF/user_settings.h

@@ -1,6 +1,6 @@
 /* user_settings.h
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -43,6 +43,10 @@
 #define CURVE25519_SMALL
 #define HAVE_ED25519
 
+/* when you want to use aes counter mode */
+/* #define WOLFSSL_AES_DIRECT */
+/* #define WOLFSSL_AES_COUNTER */
+
 /* esp32-wroom-32se specific definition */
 #if defined(WOLFSSL_ESPWROOM32SE)
     #define WOLFSSL_ATECC508A

IDE/GCC-ARM/Header/user_settings.h

@@ -1,6 +1,6 @@
 /* user_settings.h
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/GCC-ARM/Source/armtarget.c

@@ -1,6 +1,6 @@
 /* armtarget.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -142,20 +142,20 @@ void HardFault_HandlerC( uint32_t *hardfault_args )
     _BFAR = (*((volatile uint32_t *)(0xE000ED38)));
 
     printf ("\n\nHard fault handler (all numbers in hex):\n");
-    printf ("R0 = %lx\n", stacked_r0);
-    printf ("R1 = %lx\n", stacked_r1);
-    printf ("R2 = %lx\n", stacked_r2);
-    printf ("R3 = %lx\n", stacked_r3);
-    printf ("R12 = %lx\n", stacked_r12);
-    printf ("LR [R14] = %lx  subroutine call return address\n", stacked_lr);
-    printf ("PC [R15] = %lx  program counter\n", stacked_pc);
-    printf ("PSR = %lx\n", stacked_psr);
-    printf ("CFSR = %lx\n", _CFSR);
-    printf ("HFSR = %lx\n", _HFSR);
-    printf ("DFSR = %lx\n", _DFSR);
-    printf ("AFSR = %lx\n", _AFSR);
-    printf ("MMAR = %lx\n", _MMAR);
-    printf ("BFAR = %lx\n", _BFAR);
+    printf ("R0 = %ux\n", stacked_r0);
+    printf ("R1 = %ux\n", stacked_r1);
+    printf ("R2 = %ux\n", stacked_r2);
+    printf ("R3 = %ux\n", stacked_r3);
+    printf ("R12 = %ux\n", stacked_r12);
+    printf ("LR [R14] = %ux  subroutine call return address\n", stacked_lr);
+    printf ("PC [R15] = %ux  program counter\n", stacked_pc);
+    printf ("PSR = %ux\n", stacked_psr);
+    printf ("CFSR = %ux\n", _CFSR);
+    printf ("HFSR = %ux\n", _HFSR);
+    printf ("DFSR = %ux\n", _DFSR);
+    printf ("AFSR = %ux\n", _AFSR);
+    printf ("MMAR = %ux\n", _MMAR);
+    printf ("BFAR = %ux\n", _BFAR);
 
     // Break into the debugger
     __asm("BKPT #0\n");

IDE/GCC-ARM/Source/benchmark_main.c

@@ -1,6 +1,6 @@
 /* benchmark_main.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/GCC-ARM/Source/test_main.c

@@ -1,6 +1,6 @@
 /* test_main.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/GCC-ARM/Source/tls_client.c

@@ -1,6 +1,6 @@
 /* tls_client.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/GCC-ARM/Source/wolf_main.c

@@ -1,6 +1,6 @@
 /* wolf_main.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/GCC-ARM/include.am

@@ -9,6 +9,7 @@ EXTRA_DIST+= IDE/GCC-ARM/Source/benchmark_main.c
 EXTRA_DIST+= IDE/GCC-ARM/Source/test_main.c
 EXTRA_DIST+= IDE/GCC-ARM/Source/tls_client.c
 EXTRA_DIST+= IDE/GCC-ARM/linker.ld
+EXTRA_DIST+= IDE/GCC-ARM/linker_fips.ld
 EXTRA_DIST+= IDE/GCC-ARM/Makefile
 EXTRA_DIST+= IDE/GCC-ARM/Makefile.bench
 EXTRA_DIST+= IDE/GCC-ARM/Makefile.client

IDE/GCC-ARM/linker_fips.ld

@@ -0,0 +1,92 @@
+MEMORY
+{
+  FLASH (wx) : ORIGIN = 0x00000000, LENGTH = 256K
+  RAM   (wx) : ORIGIN = 0x20000000, LENGTH = 64K
+}
+
+SECTIONS
+{
+    __vectors_start__ = .;
+    .vectors : { *(.vectors) } > FLASH
+    __vectors_end__ = __vectors_start__ + 0x400;
+
+    /* Custom section for wolfCrypt FIPS module */
+    .wolfCryptFIPSModule_text :
+    {
+        . = ALIGN(4);
+        KEEP(wolfcrypt_first.o (.text .text* ))
+        KEEP(aes.o(.text .text* ))
+        KEEP(cmac.o (.text .text* ))
+        KEEP(des3.o (.text .text* ))
+        KEEP(dh.o (.text .text* ))
+        KEEP(ecc.o (.text .text* ))
+        KEEP(fips.o (.text .text* ))
+        KEEP(fips_test.o (.text .text* ))
+        KEEP(hmac.o (.text .text* ))
+        KEEP(random.o(.text .text* ))
+        KEEP(rsa.o (.text .text* ))
+        KEEP(sha.o (.text .text* ))
+        KEEP(sha256.o (.text .text* ))
+        KEEP(sha3.o (.text .text* ))
+        KEEP(sha512.o (.text .text* ))
+        KEEP(wolfcrypt_last.o(.text .text*))
+        . = ALIGN(4);
+    } > FLASH
+    .wolfCryptFIPSModule_rodata :
+    {
+        . = ALIGN(4);
+        KEEP(wolfcrypt_first.o (.rodata .rodata*))
+        KEEP(aes.o(.rodata .rodata*))
+        KEEP(cmac.o(.rodata .rodata*))
+        KEEP(des3.o(.rodata .rodata*))
+        KEEP(dh.o(.rodata .rodata*))
+        KEEP(ecc.o(.rodata .rodata*))
+        KEEP(fips.o(.rodata .rodata*))
+        KEEP(fips_test.o(.rodata .rodata*))
+        KEEP(hmac.o(.rodata .rodata*))
+        KEEP(random.o(.rodata .rodata*))
+        KEEP(rsa.o(.rodata .rodata*))
+        KEEP(sha.o(.rodata .rodata*))
+        KEEP(sha256.o(.rodata .rodata*))
+        KEEP(sha3.o(.rodata .rodata*))
+        KEEP(sha512.o(.rodata .rodata*))
+        KEEP(wolfcrypt_last.o(.rodata .rodata*))
+        . = ALIGN(4);
+    } > FLASH
+
+    /* Custom section for wolfCrypt and LibC to prevent FIPS hash from changing 
+        when application code changes are made */
+    .wolfCryptNonFIPS_text :
+    {
+        . = ALIGN(4);
+        KEEP(*wolf*src*.o(.text .text*))
+        lib_a* ( .text .text*)
+        . = ALIGN(4);
+    } > FLASH
+    .wolfCryptNonFIPS_rodata :
+    {
+        . = ALIGN(4);
+        KEEP(*wolf*src*.o(.rodata .rodata*))
+        lib_a* (.rodata .rodata*)
+        . = ALIGN(4);
+    } > FLASH
+    
+	.sys    : { *(.sys*) }    > FLASH
+    .text   : { *(.text*) }   > FLASH
+    .rodata : { *(.text*) }   > FLASH
+
+	__data_load_start__ = .;
+    __data_start__ = .;
+    .data   : { *(.data*) }   > RAM
+    __data_end__ = __data_start__ + SIZEOF(.data);
+
+    __bss_start__ = .;
+    .bss    : { *(.bss*)  }   > RAM
+    __bss_end__   = __bss_start__ + SIZEOF(.bss);
+
+    __heap_start__ = .;
+    .heap   : { *(.heap*)  }   > RAM
+    __heap_end__ = __heap_start__ + SIZEOF(.heap);
+
+    end = .;
+}

IDE/HEXAGON/DSP/Makefile

@@ -0,0 +1,110 @@
+# Makefile
+#
+# Copyright (C) 2006-2020 wolfSSL Inc.
+#
+# This file is part of wolfSSL.
+#
+# wolfSSL is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# wolfSSL is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+
+ENVI=hexagon
+
+# default to hexagon v65 Release build
+ifndef V
+V=hexagon_Release_dynamic_toolv83_v65
+endif
+
+SUPPORTED_VS = $(default_VS)
+
+DEPENDENCIES = \
+  ATOMIC \
+  RPCMEM \
+  TEST_MAIN \
+  TEST_UTIL
+ATOMIC_DIR = $(HEXAGON_SDK_ROOT)/libs/common/atomic
+RPCMEM_DIR = $(HEXAGON_SDK_ROOT)/libs/common/rpcmem
+TEST_MAIN_DIR = $(HEXAGON_SDK_ROOT)/test/common/test_main
+TEST_UTIL_DIR = $(HEXAGON_SDK_ROOT)/test/common/test_util
+
+include $(HEXAGON_SDK_ROOT)/build/make.d/$(ENVI)_vs.min
+include $(HEXAGON_SDK_ROOT)/build/defines.min
+
+QURT = $(HEXAGON_SDK_ROOT)/libs/common/qurt
+QAIC_FLAGS += -I../../../
+CC_FLAGS += -I../../../
+CC_FLAGS += -I $(QURT)/computev65/include/posix/
+CC_FLAGS += -I $(QURT)/computev65/include/qurt/
+CC_FLAGS += -I../
+CC_FLAGS += -DWOLFSSL_USER_SETTINGS
+CC_FLAGS += -DWOLFSSL_DSP_BUILD
+CC_FLAGS += -DWC_NO_RNG
+#CC_FLAGS += -O3
+
+C_FLAGS += $(MHVX_DOUBLE_FLAG) -mllvm -hexagon-eif=0
+CC_FLAGS += $(MHVX_DOUBLE_FLAG) -mllvm -hexagon-eif=0
+
+# stub library
+BUILD_LIBS += libwolfssl_dsp_skel
+ifeq (1,$(V_dynamic))
+BUILD_DLLS += libwolfssl_dsp_skel
+endif
+libwolfssl_dsp_skel_QAICIDLS += wolfssl_dsp
+libwolfssl_dsp_skel_C_SRCS += $V/wolfSSL_skel
+libwolfssl_dsp_skel.C_SRCS += ../../../wolfcrypt/src/sp_dsp32.c
+libwolfssl_dsp_skel.C_SRCS += ../../../wolfcrypt/src/sp_int.c
+libwolfssl_dsp_skel.C_SRCS += ../../../wolfcrypt/src/wc_port.c
+libwolfssl_dsp_skel.C_SRCS += ../../../wolfcrypt/src/logging.c
+libwolfssl_dsp_skel.C_SRCS += ../../../wolfcrypt/src/memory.c
+libwolfssl_dsp_skel.C_SRCS += ../../../wolfcrypt/src/wolfmath.c
+#libsp_dsp_skel_DLLS += libdspCV_skel
+
+# quality test
+#BUILD_QEXES += eccverify_q
+#eccverify_q_QAICIDLS = wolfssl_dsp
+#eccverify_q_C_SRCS = ../ecc-verify
+#eccverify_q.C_SRCS += ../../../wolfcrypt/src/wc_dsp.c
+#eccverify_q.C_SRCS += ../../../wolfcrypt/src/sp_dsp32.c
+#eccverify_q.C_SRCS += ../../../wolfcrypt/src/sp_int.c
+#eccverify_q.C_SRCS += ../../../wolfcrypt/src/wc_port.c
+#eccverify_q.C_SRCS += ../../../wolfcrypt/src/wc_encrypt.c
+#eccverify_q.C_SRCS += ../../../wolfcrypt/src/pwdbased.c
+#eccverify_q.C_SRCS += ../../../wolfcrypt/src/hash.c
+#eccverify_q.C_SRCS += ../../../wolfcrypt/src/arc4.c
+#eccverify_q.C_SRCS += ../../../wolfcrypt/src/hmac.c
+#eccverify_q.C_SRCS += ../../../wolfcrypt/src/md5.c
+#eccverify_q.C_SRCS += ../../../wolfcrypt/src/coding.c
+#eccverify_q.C_SRCS += ../../../wolfcrypt/src/aes.c
+#eccverify_q.C_SRCS += ../../../wolfcrypt/src/des3.c
+#eccverify_q.C_SRCS += ../../../wolfcrypt/src/random.c
+#eccverify_q.C_SRCS += ../../../wolfcrypt/src/logging.c
+#eccverify_q.C_SRCS += ../../../wolfcrypt/src/ecc.c
+#eccverify_q.C_SRCS += ../../../wolfcrypt/src/memory.c
+#eccverify_q.C_SRCS += ../../../wolfcrypt/src/sha256.c
+#eccverify_q.C_SRCS += ../../../wolfcrypt/src/sha.c
+#eccverify_q.C_SRCS += ../../../wolfcrypt/src/asn.c
+#eccverify_q.C_SRCS += ../../../wolfcrypt/src/wolfmath.c
+#eccverify_q.C_SRCS += ../../../wolfcrypt/src/sp_c32.c
+#eccverify_q.C_SRCS += ../../../wolfcrypt/src/sp_c64.c
+#eccverify_q_LIBS = rtld rpcmem test_util atomic test_main
+
+BUILD_COPIES = \
+   $(DLLS) \
+   $(EXES) \
+   $(LIBS) \
+   $(SHIP_DIR)/ ;
+
+
+include $(RULES_MIN)
+
+

IDE/HEXAGON/DSP/wolfssl_dsp.idl

@@ -0,0 +1,13 @@
+#ifndef WOLFSSL_DSP_INC
+#define WOLFSSL_DSP_INC
+
+#include "AEEStdDef.idl"
+#include "remote.idl"
+
+interface wolfSSL: remote_handle64{
+
+	/* ecc operations */
+	long DSP_ECC_Verify_256(inrout sequence<int32>  hash, inrout sequence<int32> pX, inrout sequence<int32> pY,
+		inrout sequence<int32> pZ, inrout sequence<int32> r, inrout sequence<int32> sm, inrout long res);
+};
+#endif

IDE/HEXAGON/Makefile

@@ -0,0 +1,189 @@
+# Makefile
+#
+# Copyright (C) 2006-2020 wolfSSL Inc.
+#
+# This file is part of wolfSSL.
+#
+# wolfSSL is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# wolfSSL is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+
+ENVI=UbuntuARM
+
+# default to Ubuntu Release build
+ifndef V
+V=UbuntuARM_Release_aarch64
+endif
+
+SUPPORTED_VS = $(default_VS)
+include $(HEXAGON_SDK_ROOT)/build/make.d/$(ENVI)_vs.min
+include $(HEXAGON_SDK_ROOT)/build/defines.min
+
+ifeq ($(CDSP_FLAG), 1) 
+	LIB_DSPRPC = libcdsprpc
+else ifeq ($(MDSP_FLAG), 1) 
+	LIB_DSPRPC = libmdsprpc
+else ifeq ($(SLPI_FLAG), 1) 
+	LIB_DSPRPC = libsdsprpc
+else
+	LIB_DSPRPC = libadsprpc
+endif
+$(info ************  LIB=$(LIB_DSPRPC) ************)
+# include files
+CC_FLAGS += -I../../
+CC_FLAGS += -I./
+CC_FLAGS += -DWOLFSSL_USER_SETTINGS
+CC_FLAGS += -mcpu=generic+crypto
+#CC_FLAGS += -O3
+
+DEPENDENCIES = \
+  ATOMIC \
+  RPCMEM 
+ATOMIC_DIR = $(HEXAGON_SDK_ROOT)/libs/common/atomic
+RPCMEM_DIR = $(HEXAGON_SDK_ROOT)/libs/common/rpcmem
+
+# stub library
+BUILD_DLLS += libwolfssl
+libwolfssl_QAICIDLS += DSP/wolfssl_dsp
+libwolfssl_C_SRCS += $V/wolfSSL_stub
+libwolfssl_DLLS += $(LIB_DSPRPC)
+libwolfssl_C_SRCS += ../../wolfcrypt/src/wc_dsp
+libwolfssl_LIBS += rpcmem
+libwolfssl_LD_FLAGS += -ldl
+
+# wolfSSL crypto source files
+libwolfssl_C_SRCS += \
+	../../wolfcrypt/src/aes \
+	../../wolfcrypt/src/md2 \
+	../../wolfcrypt/src/arc4 \
+	../../wolfcrypt/src/md4 \
+	../../wolfcrypt/src/asm \
+	../../wolfcrypt/src/md5 \
+	../../wolfcrypt/src/asn \
+	../../wolfcrypt/src/memory \
+	../../wolfcrypt/src/async \
+	../../wolfcrypt/src/blake2b \
+	../../wolfcrypt/src/pkcs12 \
+	../../wolfcrypt/src/blake2s \
+	../../wolfcrypt/src/pkcs7 \
+	../../wolfcrypt/src/camellia \
+	../../wolfcrypt/src/poly1305 \
+	../../wolfcrypt/src/chacha20_poly1305 \
+	../../wolfcrypt/src/pwdbased \
+	../../wolfcrypt/src/chacha \
+	../../wolfcrypt/src/rabbit \
+	../../wolfcrypt/src/cmac \
+	../../wolfcrypt/src/random \
+	../../wolfcrypt/src/coding \
+	../../wolfcrypt/src/ripemd \
+	../../wolfcrypt/src/compress \
+	../../wolfcrypt/src/rsa \
+	../../wolfcrypt/src/cpuid \
+	../../wolfcrypt/src/selftest \
+	../../wolfcrypt/src/cryptocb \
+	../../wolfcrypt/src/sha256 \
+	../../wolfcrypt/src/curve25519 \
+	../../wolfcrypt/src/sha3 \
+	../../wolfcrypt/src/des3 \
+	../../wolfcrypt/src/sha512 \
+	../../wolfcrypt/src/dh \
+	../../wolfcrypt/src/sha \
+	../../wolfcrypt/src/signature \
+	../../wolfcrypt/src/ecc \
+	../../wolfcrypt/src/ecc_fp \
+	../../wolfcrypt/src/ed25519 \
+	../../wolfcrypt/src/sp_armthumb \
+	../../wolfcrypt/src/error \
+	../../wolfcrypt/src/sp_int \
+	../../wolfcrypt/src/fe_low_mem \
+	../../wolfcrypt/src/sp_cortexm \
+	../../wolfcrypt/src/fe_operations \
+	../../wolfcrypt/src/fips \
+	../../wolfcrypt/src/sp_x86_64 \
+	../../wolfcrypt/src/fips_test \
+	../../wolfcrypt/src/srp \
+	../../wolfcrypt/src/ge_low_mem \
+	../../wolfcrypt/src/ge_operations \
+	../../wolfcrypt/src/wc_encrypt \
+	../../wolfcrypt/src/hash \
+	../../wolfcrypt/src/wc_pkcs11 \
+	../../wolfcrypt/src/hc128 \
+	../../wolfcrypt/src/wc_port \
+	../../wolfcrypt/src/hmac \
+	../../wolfcrypt/src/wolfcrypt_first \
+	../../wolfcrypt/src/idea \
+	../../wolfcrypt/src/wolfcrypt_last \
+	../../wolfcrypt/src/wolfevent \
+	../../wolfcrypt/src/logging \
+	../../wolfcrypt/src/sp_c32 \
+	../../wolfcrypt/src/sp_c64 \
+	../../wolfcrypt/src/sp_arm32 \
+	../../wolfcrypt/src/sp_arm64 \
+	../../wolfcrypt/src/wolfmath
+
+
+# wolfSSL TLS source files
+libwolfssl_C_SRCS += \
+	../../src/ocsp \
+	../../src/tls \
+	../../src/crl \
+	../../src/sniffer \
+	../../src/wolfio \
+	../../src/internal \
+	../../src/ssl \
+	../../src/keys \
+	../../src/tls13
+
+# build benchmark app
+BUILD_EXES += benchmark
+benchmark_C_SRCS += ../../wolfcrypt/benchmark/benchmark
+benchmark_LD_FLAGS += -ldl
+benchmark_LD_FLAGS += -lpthread
+benchmark_DLLS += libwolfssl
+benchmark_LIBS += rpcmem
+benchmark_DLLS += $(LIB_DSPRPC) 
+
+# build test app
+BUILD_EXES += testwolfcrypt 
+testwolfcrypt_C_SRCS += ../../wolfcrypt/test/test
+testwolfcrypt_DLLS += libwolfssl
+testwolfcrypt_LD_FLAGS += -ldl
+testwolfcrypt_LIBS += rpcmem
+testwolfcrypt_DLLS += $(LIB_DSPRPC) 
+
+# build ecc verify test app
+BUILD_EXES += eccverify 
+eccverify_C_SRCS += ecc-verify
+eccverify_DLLS += libwolfssl
+eccverify_LD_FLAGS += -ldl
+eccverify_LIBS += rpcmem
+eccverify_DLLS += $(LIB_DSPRPC) 
+
+# build ecc verify test app
+BUILD_EXES += eccbenchmark
+eccbenchmark_C_SRCS += ecc-verify-benchmark
+eccbenchmark_DLLS += libwolfssl
+eccbenchmark_LD_FLAGS += -lpthread
+eccbenchmark_LD_FLAGS += -ldl
+eccbenchmark_LIBS += rpcmem
+eccbenchmark_DLLS += $(LIB_DSPRPC) 
+
+BUILD_COPIES = \
+   $(DLLS) \
+   $(EXES) \
+   $(LIBS) \
+   $(SHIP_DIR)/ ;
+
+
+include $(RULES_MIN)
+

IDE/HEXAGON/README.md

@@ -0,0 +1,75 @@
+# Building wolfSSL with DSP Use
+
+## Intro
+This directory is to help with building wolfSSL for use with DSP. It assumes that the Hexagon SDK has been setup on the machine and that the environment variables have been set by calling (source ~/Qualcomm/Hexagon_SDK/3.4.3/setup_sdk_env.source). Currently offloading ECC 256 verify operations to the DSP is supported. When WOLFSSL_DSP is defined ECC verify operations are offloaded to the aDSP by default. When not in SINGLE_THREADED mode a call back function must be set for getting the handle or a handle must be set in the ecc_key structure for the operation to make use of multiple threads when offloading to the DSP. This is because creating new handles for new threads must be done.
+
+
+## Building
+The directory is divided up into a build for the CPU portion in IDE/HEXAGON and a build for use on the DSP located in IDE/HEXAGON/DSP. Each section has their own Makefile. The Makefile default to an Ubuntu + hexagon v65 release build but can be changed by using V=<build type>. An example of building both would be:
+
+```
+cd IDE/HEXAGON
+make V=UbuntuARM_Release_aarch64
+cd DSP
+make V=hexagon_Release_dynamic_toolv83_v65
+```
+
+The results from each build will be placed into the ship directories of each, for example ./UbuntuARM_Release_aarch64/ship/* and ./DSP/hexagon_Release_dynamic_toolv83_v65/ship/*.
+The Makefile creates a DSP library libwolfssl_dsp_skel.so, library libwolfssl.so, executable benchmark, example ecc-verify, example ecc-verify-benchmark and executable testwolfcrypt.
+These then need pushed to the device in order to run. An example of pushing the results to the device would be:
+
+```
+cd IDE/HEXAGON
+adb push DSP/hexagon_Release_dynamic_toolv83_v65/ship/libwolfssl_dsp_skel.so /data/rfsa/adsp/
+adb push UbuntuARM_Release_aarch64/ship/libwolfssl.so /data/
+adb push UbuntuARM_Release_aarch64/ship/benchmark /data/
+adb push UbuntuARM_Release_aarch64/ship/eccverify /data/
+adb push UbuntuARM_Release_aarch64/ship/eccbenchmark /data/
+```
+
+To change the settings wolfSSL is built with macros can be set in IDE/HEXAGON/user_settings.h. It contains a default setting at this point that was used for collecting benchmark values. The macro necessary to turn on use of the DSP is WOLFSSL_DSP.
+
+
+The script IDE/HEXAGON/build.sh was added to help speed up building and testing. An example of using the script would be:
+
+```
+cd IDE/HEXAGON
+./build.sh Release
+```
+
+This will delete the previous build and rebuild for Release mode. Then it will try to push the resulting library and some of the executables to the device.
+
+
+For increased performance uncomment the -O3 flag in IDE/HEXAGON/Makefile and IDE/HEXAGON/DSP/Makefile.
+
+## Use
+
+A default handle is created with the call to wolfCrypt_Init() and is set to use the aDSP. A default mutex is locked for each use of the handle to make the library stable when multiple threads are calling to DSP supported operations.
+To use wolfSSL with a user created handle it can be done by calling wc_ecc_set_handle or by setting a callback function using wolfSSL_SetHandleCb(). This should be set in the case of multithreaded applications to account for having a handle for each thread being used.
+
+
+#### wolfSSL_SetHandleCb
+The API wolfSSL_SetHandleCb takes a function pointer of type "int (*wolfSSL_DSP_Handle_cb)(remote_handle64 *handle, int finished void *ctx);". This callback is executed right before the operation is handed off to the DSP (finished set to 0) and right after done with the handle (finished set to 1). With ECC this would be after the ECC verify function has been called but before the information is passed on to the DSP and once again with the finished flag set after the result is returned.
+
+The callback set should return 0 on successfully setting the input handle. The ctx argument is for future custom context to be passed in and is currently not used.
+
+#### Expected Performance
+This is the expected results from running ./eccbenchmark using the -O3 flag
+
+benchmarking using default (locks on handle for aDSP)
+5000 verifies on 1 threads took 17.481616 seconds
+10000 verifies on 2 threads took 35.324308 seconds
+
+benchmarking using software (+NEON if built in)
+5000 verifies on 1 threads took 1.398336 seconds
+10000 verifies on 2 threads took 1.383992 seconds
+
+benchmarking using threads on aDSP
+5000 verifies on 1 threads took 17.616811 seconds
+10000 verifies on 2 threads took 19.215413 seconds
+15000 verifies on 3 threads took 20.410200 seconds
+20000 verifies on 4 threads took 23.261446 seconds
+
+benchmarking 1 thread on cDSP
+5000 verifies on 1 threads took 18.560995 seconds 
+

IDE/HEXAGON/build.sh

@@ -0,0 +1,38 @@
+#!/bin/bash
+if [ -z $1 ]; then
+	echo "./build <Debug | Release>"
+	exit -1
+fi
+
+printf "Erasing previous hexagon_$1_dynamic_toolv83_v65 and UbuntuARM_$1_aarch64\n"
+rm -rf hexagon_$1_dynamic_toolv83_v65 &> /dev/null
+rm -rf UbuntuARM_$1_aarch64 &> /dev/null
+cd ./DSP &> /dev/null
+rm -rf hexagon_$1_dynamic_toolv83_v65 &> /dev/null
+
+printf "Building hexagon_$1_dynamic_toolv83_v65 ..."
+make V=hexagon_$1_dynamic_toolv83_v65 &> /dev/null
+if [ $? != 0 ]; then
+     printf "failed\n"
+else
+     printf "done\n"
+fi
+
+cd ../ &> /dev/null
+printf "Building UbuntuARM_$1_aarch64 ..."
+make V=UbuntuARM_$1_aarch64 &> /dev/null
+if [ $? != 0 ]; then
+     printf "failed\n"
+else
+     printf "done\n"
+fi
+
+printf "Trying to push libwolfssl_Dsp_skel.so, libwolfssl.so, benchmark, eccverify, eccbenchmark\n"
+adb push DSP/hexagon_$1_dynamic_toolv83_v65/ship/libwolfssl_dsp_skel.so /data/rfsa/adsp/
+adb push UbuntuARM_$1_aarch64/ship/libwolfssl.so /data/
+adb push UbuntuARM_$1_aarch64/ship/benchmark /data/
+adb push UbuntuARM_$1_aarch64/ship/eccverify /data/
+adb push UbuntuARM_$1_aarch64/ship/eccbenchmark /data/
+#adb push UbuntuARM_$1_aarch64/ship/testwolfcrypt /data/wolfcrypt/test/
+printf "done\n"
+exit 0

IDE/HEXAGON/ecc-verify-benchmark.c

@@ -0,0 +1,185 @@
+/* ecc-verify-benchmark.c
+ *
+ * Copyright (C) 2006-2020 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/sha256.h>
+#include <wolfssl/wolfcrypt/random.h>
+#include <wolfssl/wolfcrypt/ecc.h>
+#include <wolfssl/wolfcrypt/asn_public.h>
+#include <pthread.h>
+
+#define USE_CERT_BUFFERS_256
+#include <wolfssl/certs_test.h>
+
+#define MAX_TIMES 5000
+#define MAX_BLOCK_SIZE 1024
+
+#include <sys/time.h>                                                       
+
+static double get_time()                                              
+{                                                                           
+    struct timeval tv;                                                      
+    gettimeofday(&tv, 0);                                                   
+    return (double)tv.tv_sec + (double)tv.tv_usec / 1000000;                
+} 
+
+
+/* software version */
+void* hash_firmware_verify(void* key)
+{
+    int ret, i;
+    int verify;
+    const byte hash[] = {
+0XFB, 0XBA, 0XB2, 0X89, 0XF7, 0XF9, 0X4B, 0X25, 0X73, 0X6C, 0X58, 0XBE, 0X46, 0XA9, 0X94, 0XC4, 0X41, 0XFD, 0X02, 0X55, 0X2C, 0XC6, 0X02, 0X23, 0X52, 0XE3, 0XD8, 0X6D, 0X2F, 0XAB, 0X7C, 0X83
+};
+    const byte sigBuf[] = {
+0X30, 0X44, 0X02, 0X20, 0X05, 0X38, 0XBC, 0X16, 0XC7, 0X67, 0X18, 0XEC, 0XE6, 0X1E, 0X43, 0X7B, 0X29, 0X8F, 0X85, 0X01, 0X33, 0XA8, 0X9B, 0XDD, 0X91, 0X32, 0X1F, 0XEC, 0XF7, 0X91, 0X18, 0X72, 0X9C, 0XE2, 0X6F, 0X31, 0X02, 0X20, 0X3E, 0X31, 0XD6, 0X40, 0XF7, 0X38, 0X3C, 0X1B, 0X6D, 0XAD, 0XE3, 0X93, 0X20, 0XE8, 0XB1, 0XBD, 0X3C, 0X59, 0XF2, 0XD2, 0X7C, 0X46, 0X1B, 0XE5, 0XE1, 0XE3, 0XAB, 0X5E, 0X76, 0X73, 0X6F, 0XFB
+    };
+    word32 sigLen = (word32)sizeof(sigBuf);
+    word32 hashLen = (word32)sizeof(hash);
+
+    for (i = 0; i < MAX_TIMES; i++) {
+        ret = wc_ecc_verify_hash((byte*)sigBuf, sigLen, hash, hashLen, &verify, (ecc_key*)key);
+        if (ret < 0 || verify != 1) {
+            printf("failed on try %d\n", i);
+            break;
+        }
+    }
+
+    if (ret < 0 || verify != 1) {
+	printf("unable to verify, ret = %d verify = %d\n", ret, verify);
+    }
+
+    return NULL;
+}
+
+
+/* when flag is set then try to use software only if DSP is built in */
+static int hash_firmware_verify_default(int numThreads)
+{
+    int ret, i;
+    word32 idx;
+    double t;
+    pthread_t threads[numThreads];
+    ecc_key eccKey[numThreads];
+
+    for (i = 0; i < numThreads; i++) {
+        wc_ecc_init(&(eccKey[i]));
+        idx = 0;
+        ret = wc_EccPrivateKeyDecode(ecc_clikey_der_256, &idx, &(eccKey[i]), sizeof_ecc_clikey_der_256);
+        if (ret < 0)
+            return ret;
+
+    }
+
+    t = get_time();
+    for (i = 0; i < numThreads; i++) {
+        pthread_create(&threads[i], NULL, hash_firmware_verify, (void*)&(eccKey[i]));
+    }
+
+    for (i = 0; i < numThreads; i++) {
+        pthread_join(threads[i], NULL);
+    }
+    t = get_time() - t;
+    printf("%d verifies on %d threads took %f seconds\n", MAX_TIMES * numThreads, numThreads, t);
+
+    return 0;
+}
+
+#ifdef WOLFSSL_DSP
+/* domain 0 = cDSP 1 = aDSP */
+static int hash_firmware_verify_dsp(int numThreads, int domain)
+{
+    int ret, i;
+    word32 idx;
+    double t;
+    remote_handle64 handle[numThreads];
+    char *sp_URI_value;
+    pthread_t threads[numThreads];
+    ecc_key eccKey[numThreads];
+
+    if (domain == 0) {
+        sp_URI_value = wolfSSL_URI "&_dom=cdsp";
+    }
+    else {
+        sp_URI_value = wolfSSL_URI "&_dom=adsp";
+    }
+
+    for (i = 0; i < numThreads; i++) {
+        wc_ecc_init(&(eccKey[i]));
+        idx = 0;
+        ret = wc_EccPrivateKeyDecode(ecc_clikey_der_256, &idx, &(eccKey[i]), sizeof_ecc_clikey_der_256);
+        if (ret < 0)
+            return ret;
+
+        ret = wolfSSL_open(sp_URI_value, &(handle[i]));
+        if (ret != 0) {
+            printf("unable to open CDSP? retVal = %d\n", ret);
+	    return -1;
+        }
+        wc_ecc_set_handle(&(eccKey[i]), handle[i]);
+    }
+
+    t = get_time();
+    for (i = 0; i < numThreads; i++) {
+        pthread_create(&threads[i], NULL, hash_firmware_verify, (void*)&(eccKey[i]));
+    }
+
+    for (i = 0; i < numThreads; i++) {
+        pthread_join(threads[i], NULL);
+        wolfSSL_close(handle[i]);
+    }
+    t = get_time() - t;
+    printf("%d verifies on %d threads took %f seconds\n", MAX_TIMES * numThreads, numThreads, t);
+
+    return 0;
+}
+#endif /* WOLFSSL_DSP */
+
+
+int main(int argc, char* argv[])
+{
+    wolfCrypt_Init();
+
+    printf("benchmarking using default (locks on handle for aDSP)\n");
+    hash_firmware_verify_default(1);
+    hash_firmware_verify_default(2);
+
+    printf("\nbenchmarking using software (+NEON if built in)\n");
+#ifdef WOLFSSL_DSP
+    wolfSSL_SetHandleCb(NULL); /* remove calls to DSP by default */
+#endif
+    hash_firmware_verify_default(1);
+    hash_firmware_verify_default(2);
+
+#ifdef WOLFSSL_DSP
+    printf("\nbenchmarking using threads on aDSP\n");
+    hash_firmware_verify_dsp(1, 1);
+    hash_firmware_verify_dsp(2, 1);
+    hash_firmware_verify_dsp(3, 1);
+    hash_firmware_verify_dsp(4, 1);
+
+    printf("\nbenchmarking 1 thread on cDSP\n");
+    hash_firmware_verify_dsp(1, 0);
+#endif /* WOLFSSL_DSP */
+    wolfCrypt_Cleanup();
+    return 0;
+}

IDE/HEXAGON/ecc-verify.c

@@ -0,0 +1,91 @@
+/* ecc-verify.c
+ *
+ * Copyright (C) 2006-2020 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/sha256.h>
+#include <wolfssl/wolfcrypt/random.h>
+#include <wolfssl/wolfcrypt/ecc.h>
+#include <wolfssl/wolfcrypt/asn_public.h>
+
+#define USE_CERT_BUFFERS_256
+#include <wolfssl/certs_test.h>
+
+#define MAX_BLOCK_SIZE 1024
+
+#ifdef WOLFSSL_DSP
+static char *sp_URI_value = wolfSSL_URI "&_dom=cdsp";
+
+int hash_firmware_verify(const byte* hash, word32 hashLen, const byte* sigBuf, word32 sigLen)
+{
+    int ret;
+    ecc_key eccKey;
+    word32 idx;
+    int verify;
+    remote_handle64 handle = -1;
+
+    idx = 0;
+    ret = wc_EccPrivateKeyDecode(ecc_clikey_der_256, &idx, &eccKey, sizeof_ecc_clikey_der_256);
+    if (ret < 0)
+        goto exit;
+
+    int retVal = wolfSSL_open(sp_URI_value, &handle);
+    if (retVal != 0) {
+        printf("unable to open CDSP? retVal = %d\n", retVal);
+        ret = -1;
+        goto exit;
+    }
+    wc_ecc_set_handle(&eccKey, handle);
+
+    ret = wc_ecc_verify_hash((byte*)sigBuf, sigLen, hash, hashLen, &verify, &eccKey);
+    printf("verify = %d\n", verify);
+    if (ret < 0)
+        goto exit;
+
+    wolfSSL_close(handle);
+exit:
+
+    return ret;
+}
+
+int main(void)
+{
+    int ret;
+    const byte hash[] = {
+0XFB, 0XBA, 0XB2, 0X89, 0XF7, 0XF9, 0X4B, 0X25, 0X73, 0X6C, 0X58, 0XBE, 0X46, 0XA9, 0X94, 0XC4, 0X41, 0XFD, 0X02, 0X55, 0X2C, 0XC6, 0X02, 0X23, 0X52, 0XE3, 0XD8, 0X6D, 0X2F, 0XAB, 0X7C, 0X83
+};
+    const byte sigBuf[] = {
+0X30, 0X44, 0X02, 0X20, 0X05, 0X38, 0XBC, 0X16, 0XC7, 0X67, 0X18, 0XEC, 0XE6, 0X1E, 0X43, 0X7B, 0X29, 0X8F, 0X85, 0X01, 0X33, 0XA8, 0X9B, 0XDD, 0X91, 0X32, 0X1F, 0XEC, 0XF7, 0X91, 0X18, 0X72, 0X9C, 0XE2, 0X6F, 0X31, 0X02, 0X20, 0X3E, 0X31, 0XD6, 0X40, 0XF7, 0X38, 0X3C, 0X1B, 0X6D, 0XAD, 0XE3, 0X93, 0X20, 0XE8, 0XB1, 0XBD, 0X3C, 0X59, 0XF2, 0XD2, 0X7C, 0X46, 0X1B, 0XE5, 0XE1, 0XE3, 0XAB, 0X5E, 0X76, 0X73, 0X6F, 0XFB
+    };
+    word32 sigLen = (word32)sizeof(sigBuf);
+
+    wolfCrypt_Init();
+    ret = hash_firmware_verify(hash, sizeof(hash), sigBuf, sigLen);
+    printf("hash_firmware_verify: %d\n", ret);
+    wolfCrypt_Cleanup();
+    return 0;
+}
+#else
+int main()
+{
+	printf("WOLFSSL_DSP expected to be defined when building\n");
+	return 0;
+}
+#endif /* WOLFSSL_DSP */

IDE/HEXAGON/include.am

@@ -0,0 +1,14 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST+= IDE/HEXAGON/Makefile
+EXTRA_DIST+= IDE/HEXAGON/user_settings.h
+EXTRA_DIST+= IDE/HEXAGON/README.md
+EXTRA_DIST+= IDE/HEXAGON/build.sh
+EXTRA_DIST+= IDE/HEXAGON/ecc-verify.c
+EXTRA_DIST+= IDE/HEXAGON/ecc-verify-benchmark.c
+
+EXTRA_DIST+= IDE/HEXAGON/DSP/Makefile
+EXTRA_DIST+= IDE/HEXAGON/DSP/wolfssl_dsp.idl
+

IDE/HEXAGON/user_settings.h

@@ -0,0 +1,37 @@
+#ifndef USER_SETTINGS_H
+#define USER_SETTINGS_H
+
+#define WOLFCRYPT_ONLY
+#define HAVE_ECC
+#define FP_ECC
+//#define FP_ENTRIES 1
+#define NO_DSA
+#define NO_DH
+#define NO_RSA
+//#define DEBUG_WOLFSSL
+
+#define USE_FAST_MATH
+#define TFM_TIMING_RESISTANT
+#ifdef HAVE_ECC
+	#define ECC_TIMING_RESISTANT
+#endif
+#ifndef NO_RSA
+	#define WC_RSA_BLINDING
+#endif
+
+#if 1
+	#define WOLFSSL_HAVE_SP_RSA
+	#define WOLFSSL_HAVE_SP_ECC
+	#define WOLFSSL_SP_MATH
+
+	#if 1
+		/* ARM NEON instructions */
+		#define WOLFSSL_SP_ARM64_ASM
+	#endif
+	#if 1
+		/* Use DSP */
+		#define WOLFSSL_DSP
+	#endif
+#endif
+
+#endif

IDE/IAR-EWARM/Projects/benchmark/benchmark-main.c

@@ -1,6 +1,6 @@
 /* benchmark-main.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/IAR-EWARM/Projects/benchmark/current_time.c

@@ -1,6 +1,6 @@
 /* current-time.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -44,7 +44,7 @@ void InitTimer(void) {
                                        SYSCTL_USE_PLL |
                                        SYSCTL_CFG_VCO_480), 120000000);
 
-    printf("Clock=%dMHz\n", ui32SysClock/1000000) ;
+    printf("Clock=%dMHz\n", (int)(ui32SysClock/1000000));
     ROM_SysCtlPeripheralEnable(SYSCTL_PERIPH_TIMER0);
     ROM_TimerConfigure(TIMER0_BASE, TIMER_CFG_PERIODIC);
     ROM_TimerLoadSet(TIMER0_BASE, TIMER_A, -1);
@@ -64,10 +64,10 @@ double current_time(int reset)
 
 /* dummy */
 double current_time(int reset) {
-    static double t; 
-    t += 1.0; /* for avoid infinit loop of waiting time */
+    static double t;
+    t += 1.0; /* for avoid infinite loop of waiting time */
     if(reset)t = 0.0;
-    return t ; 
-} 
+    return t ;
+}
 
-#endif
+#endif

IDE/IAR-EWARM/Projects/common/minimum-startup.c

@@ -1,6 +1,6 @@
 /* minimum-startup.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/IAR-EWARM/Projects/lib/wolfSSL-Lib.ewp

@@ -343,7 +343,7 @@
         </option>
         <option>
           <name>CCPosIndRopi</name>
-          <state>0</state>
+          <state>1</state>
         </option>
         <option>
           <name>CCPosIndRwpi</name>

IDE/IAR-EWARM/Projects/test/test-main.c

@@ -1,6 +1,6 @@
 /* test-main.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/IAR-EWARM/embOS/SAMV71_XULT/embOS_wolfcrypt_benchmark_SAMV71_XULT/README_wolfcrypt_benchmark

@@ -6,7 +6,7 @@ embOS v4.16 (for Cortex-M and IAR compiler)
 wolfssl (latest version)
 
 Required items (Hardware) for this guide:
-Atmel SAM V71 Xplained Ultra (Or equivelent Cortex-M Evaluation Board)
+Atmel SAM V71 Xplained Ultra (Or equivalent Cortex-M Evaluation Board)
     Note: Must have J-Trace adapter (SWD or SWD + ETM)
 j-Trace for ARM Cortex-M Processors
     Note: You can see here: https://www.segger.com/j-trace-for-cortex-m.html

IDE/IAR-EWARM/embOS/SAMV71_XULT/embOS_wolfcrypt_lib_SAMV71_XULT/README_wolfcrypt_lib

@@ -6,7 +6,7 @@ embOS v4.16 (for Cortex-M and IAR compiler)
 wolfssl (latest version)
 
 Required items (Hardware) for this guide:
-Atmel SAM V71 Xplained Ultra (Or equivelent Cortex-M Evaluation Board)
+Atmel SAM V71 Xplained Ultra (Or equivalent Cortex-M Evaluation Board)
     Note: Must have J-Trace adapter (SWD or SWD + ETM)
 j-Trace for ARM Cortex-M Processors
     Note: You can see here: https://www.segger.com/j-trace-for-cortex-m.html

IDE/IAR-EWARM/embOS/SAMV71_XULT/embOS_wolfcrypt_test_SAMV71_XULT/README_wolfcrypt_test

@@ -6,7 +6,7 @@ embOS v4.16 (for Cortex-M and IAR compiler)
 wolfssl (latest version)
 
 Required items (Hardware) for this guide:
-Atmel SAM V71 Xplained Ultra (Or equivelent Cortex-M Evaluation Board)
+Atmel SAM V71 Xplained Ultra (Or equivalent Cortex-M Evaluation Board)
     Note: Must have J-Trace adapter (SWD or SWD + ETM)
 j-Trace for ARM Cortex-M Processors
     Note: You can see here: https://www.segger.com/j-trace-for-cortex-m.html

IDE/IAR-EWARM/embOS/custom_port/README_custom_port

@@ -109,7 +109,7 @@ We are now set to link to this library in the evaluation project
         #---------------------------------------------
 
 5. Go to Project -> Options -> Linker -> Library (Tab)
-    Add to the field "Additonal libraries:"
+    Add to the field "Additional libraries:"
     $PROJ_DIR$\..\embOS_wolfcrypt_lib_SAMV71_XULT\Debug\Exe\wolfcrypt_lib.a
     $PROJ_DIR$\..\..\extract_trial_here\Start\Lib\os7m_tlv_dp.a
 

IDE/INTIME-RTOS/wolfExamples.c

@@ -55,7 +55,7 @@ int wolfExample_TLSClient(const char* ip, int port)
     int          ret = 0;
     WOLFSSL_CTX* ctx = NULL;
     WOLFSSL*     ssl = NULL;        /* create WOLFSSL object */
-    int                sockFd = -1; /* socket file descriptor */
+    int                sockFd;      /* socket file descriptor */
     struct sockaddr_in servAddr;    /* struct for server address */
     char sendBuff[TLS_MAXDATASIZE], rcvBuff[TLS_MAXDATASIZE];
 
@@ -144,13 +144,13 @@ int wolfExample_TLSServer(int port)
     int ret = 0;
     WOLFSSL_CTX* ctx = NULL;
     WOLFSSL* ssl = NULL;
-    int sockFd = -1, clientFd = -1;
+    int sockFd, clientFd = -1;
     struct sockaddr_in serverAddr = {0}, clientAddr = {0};
     const char reply[]  = "I hear ya fa shizzle!\n";
     int addrSize        = sizeof(clientAddr);
     char buff[256];
 
-	sockFd = socket(AF_INET, SOCK_STREAM, 0);
+    sockFd = socket(AF_INET, SOCK_STREAM, 0);
     if (sockFd < 0) {
         printf("Failed to create socket. Error: %d\n", errno);
         return errno;

IDE/LINUX-SGX/README.md

@@ -1,10 +1,11 @@
 # Static Library: Building libwolfssl.sgx.static.lib.a for use with SGX Enclaves
 
 ### Requirements:
-This code was created to use Intel's SGX hardware. It is expected that the user has gone through the steps of both turning on the hardware in bios if needed and has installed the necesary software from Intel to make use of the hardware. (https://software.intel.com/en-us/sgx) If these steps have not been done then it is expected that the user is familure with simulation software being used in place of hardware.
+This code was created to use Intel's SGX hardware. It is expected that the user has gone through the steps of both turning on the hardware in bios if needed and has installed the necessary software from Intel to make use of the hardware. (https://software.intel.com/en-us/sgx) If these steps have not been done then it is expected that the user is familure with simulation software being used in place of hardware.
 
 ### Overview and Build:
 This project creates a static library to then link with Enclaves. A simple example of an Enclave linking to the created wolfSSL library can be found in wolfssl-examples on github. This project has been tested with gcc 5.4.0 on Ubuntu 16.04.
+When building with tests the file wolfssl/options.h is expected, in downloaded bundles from wolfssl.com this file exists but when building from a cloned version of wolfSSL from GitHub then the file needs created. This is done either through cd wolfssl && ./autogen.sh && ./configure && ./config.status or by cd wolfssl && touch wolfssl/options.h.
 
 To create the static library, simply call make:
 

IDE/LPCXPRESSO/lib_wolfssl/lpc_18xx_port.c

@@ -1,6 +1,6 @@
 /* lpc_18xx_port.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/LPCXPRESSO/wolf_example/src/lpc_18xx_startup.c

@@ -1,6 +1,6 @@
 /* lpc_18xx_startup.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/M68K/README.md

@@ -3,7 +3,7 @@ toolchain and example benchmark/testwolfcrypt application linking to it. The
 examples and default builds where made to support a MCF5441X board.
 
 Macros to define for use:
-WOLFSSL_MCF5441X /* arch settings i.e. sizeof long and endianess */
+WOLFSSL_MCF5441X /* arch settings i.e. sizeof long and endianness */
 WOLFSSL_NETBURNER /* for use of NetBurner headers and RNG seed */
 
 
@@ -17,7 +17,7 @@ wolfssl-root/wolfssl/wolfcrypt/settings.h sets the sizeof long and long long
 along with big endian macro.
 
 The configuration for the build is located in wolfssl-root/IDE/M68K/user_settings.h
-Along with the defualt build there is 2 others BUILD_B (smaller resource use),
+Along with the default build there is 2 others BUILD_B (smaller resource use),
 and BUILD_C (faster runtime with more resource use).
 
 RSA speeds of the builds

IDE/M68K/benchmark/main.cpp

@@ -1,6 +1,6 @@
 /* main.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/M68K/testwolfcrypt/main.cpp

@@ -1,6 +1,6 @@
 /* main.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK-ARM/LPC43xx/time-LCP43xx.c

@@ -1,6 +1,6 @@
 /* time.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK-ARM/MDK-ARM/wolfSSL/cert_data.c

@@ -1,6 +1,6 @@
 /* certs_test.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK-ARM/MDK-ARM/wolfSSL/config-BARE-METAL.h

@@ -1,6 +1,6 @@
 /* config-BEREFOOT.h
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK-ARM/MDK-ARM/wolfSSL/config-FS.h

@@ -1,6 +1,6 @@
 /* config-FS.h
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK-ARM/MDK-ARM/wolfSSL/config-RTX-TCP-FS.h

@@ -1,6 +1,6 @@
 /* config-RTX-TCP-FS.h
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK-ARM/MDK-ARM/wolfSSL/config.h

@@ -1,6 +1,6 @@
 /* config.h
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK-ARM/MDK-ARM/wolfSSL/main.c

@@ -1,6 +1,6 @@
 /* main.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK-ARM/MDK-ARM/wolfSSL/shell.c

@@ -1,6 +1,6 @@
 /*shell.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -214,7 +214,7 @@ static struct {
     "stack", stack_comm,        /* On/Off check stack size */
     "for", for_command,         /* iterate next command X times */
     "debug", dbg_comm,          /* On/Off debug message  */
-    "help", help_comm,          /* Breif description about the commands */
+    "help", help_comm,          /* Brief description about the commands */
 
     /** short name **/
     "ec", echoclient_test,
@@ -436,7 +436,7 @@ static void for_command(void *args)
 {
     if( args == NULL || ((func_args *)args)->argc == 1) {
         printf("For %d times\n", for_iteration) ;
-    } else if( args == NULL || ((func_args *)args)->argc == 2) {
+    } else if(((func_args *)args)->argc == 2) {
         for_iteration = atoi(((func_args *)args)->argv[1]) ;
     } else printf("Invalid argument\n") ;
 }
@@ -483,7 +483,7 @@ static char command_stack[COMMAND_STACK_SIZE] ;
 static   wolfSSL_Mutex command_mutex ;
 #endif
 
-/***********    Invoke Forground Command  *********************/
+/***********    Invoke Foreground Command  *********************/
 static void command_invoke(void *args)
 {
     void (*func)(void * ) ;

IDE/MDK-ARM/MDK-ARM/wolfSSL/time-CortexM3-4.c

@@ -1,6 +1,6 @@
 /* time-STM32F2.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK-ARM/MDK-ARM/wolfSSL/time-dummy.c

@@ -1,6 +1,6 @@
 /* time-dummy.c.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK-ARM/MDK-ARM/wolfSSL/wolfssl_MDK_ARM.c

@@ -1,6 +1,6 @@
 /* wolfssl_KEIL_RL.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -69,7 +69,7 @@ char *inet_ntoa(struct in_addr in)
 unsigned long inet_addr(const char *cp)
 {
     unsigned int a[4] ; unsigned long ret ;
-    sscanf(cp, "%d.%d.%d.%d", &a[0], &a[1], &a[2], &a[3]) ;
+    sscanf(cp, "%u.%u.%u.%u", &a[0], &a[1], &a[2], &a[3]) ;
     ret = ((a[3]<<24) + (a[2]<<16) + (a[1]<<8) + a[0]) ;
     return(ret) ;
 }

IDE/MDK-ARM/MDK-ARM/wolfSSL/wolfssl_MDK_ARM.h

@@ -1,6 +1,6 @@
 /* wolfssl_KEIL_RL.h
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK-ARM/STM32F2xx_StdPeriph_Lib/time-STM32F2xx.c

@@ -1,6 +1,6 @@
 /* time-STM32F2xx.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK5-ARM/Conf/user_settings.h

@@ -1,6 +1,6 @@
 /* user_settings.h
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -55,11 +55,11 @@
 #define STM32F7xx
 #endif
 
-//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <2=>SafeRTOS<3=>Windows
-//         <4=>PThread <5=>ThreadX<6=> ThreadX/NetX
-//         <7=>Micrium <8=>EBSnet<9=>MQX 
-//         <10=>T-RTOS <11=>uITRON4<12=>uTKERNEL2 
-//         <13=>Frosted <14=>CMSIS RTOS<15=>CMSIS RTOSv2<16=>Others
+//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS <4=>Windows
+//         <5=>PThread <6=>ThreadX
+//         <7=>Micrium <8=>EBSnet <9=>MQX
+//         <10=>T-RTOS <11=>uITRON4 <12=>uTKERNEL2
+//         <13=>Frosted <14=>CMSIS RTOS <15=>CMSIS RTOSv2 <16=>Others
 #define MDK_CONF_THREAD 15
 #if MDK_CONF_THREAD== 0
 #define SINGLE_THREADED
@@ -247,7 +247,7 @@
 
 //      <e>HC128
 #define MDK_CONF_HC128 1
-#if MDK_CONF_AESGCM == 0
+#if MDK_CONF_HC128 == 0
 #define NO_HC128
 #endif
 //  </e>
@@ -516,4 +516,3 @@
 //  </e>
 
 //</h>
-

IDE/MDK5-ARM/Inc/wolfssl_MDK_ARM.h

@@ -1,6 +1,6 @@
 /* wolfssl_KEIL_ARM.h
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK5-ARM/Projects/CryptBenchmark/RTE/wolfSSL/user_settings.h

@@ -1,6 +1,6 @@
 /* user_settings.h
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -55,10 +55,10 @@
 #define STM32F7xx
 #endif
 
-//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <2=>SafeRTOS<3=>Windows
-//         <4=>PThread <5=>ThreadX<6=> ThreadX/NetX
-//         <7=>Micrium <8=>EBSnet<9=>MQX 
-//         <10=>T-RTOS <11=>uITRON4<12=>uTKERNEL2 
+//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS<4=>Windows
+//         <5=>PThread <6=>ThreadX
+//         <7=>Micrium <8=>EBSnet<9=>MQX
+//         <10=>T-RTOS <11=>uITRON4<12=>uTKERNEL2
 //         <13=>Frosted <14=>CMSIS RTOS<15=>CMSIS RTOSv2<16=>Others
 #define MDK_CONF_THREAD 15
 #if MDK_CONF_THREAD== 0
@@ -247,7 +247,7 @@
 
 //      <e>HC128
 #define MDK_CONF_HC128 1
-#if MDK_CONF_AESGCM == 0
+#if MDK_CONF_HC128 == 0
 #define NO_HC128
 #endif
 //  </e>
@@ -516,4 +516,3 @@
 //  </e>
 
 //</h>
-

IDE/MDK5-ARM/Projects/CryptBenchmark/main.c

@@ -1,6 +1,6 @@
 /* main.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK5-ARM/Projects/CryptTest/RTE/wolfSSL/user_settings.h

@@ -1,6 +1,6 @@
 /* user_settings.h
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -55,11 +55,11 @@
 #define STM32F7xx
 #endif
 
-//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <2=>SafeRTOS<3=>Windows
-//         <4=>PThread <5=>ThreadX<6=> ThreadX/NetX
-//         <7=>Micrium <8=>EBSnet<9=>MQX 
-//         <10=>T-RTOS <11=>uITRON4<12=>uTKERNEL2 
-//         <13=>Frosted <14=>CMSIS RTOS<15=>CMSIS RTOSv2<16=>Others
+//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS <4=>Windows
+//         <5=>PThread <6=>ThreadX
+//         <7=>Micrium <8=>EBSnet <9=>MQX
+//         <10=>T-RTOS <11=>uITRON4 <12=>uTKERNEL2
+//         <13=>Frosted <14=>CMSIS RTOS <15=>CMSIS RTOSv2 <16=>Others
 #define MDK_CONF_THREAD 15
 #if MDK_CONF_THREAD== 0
 #define SINGLE_THREADED
@@ -247,7 +247,7 @@
 
 //      <e>HC128
 #define MDK_CONF_HC128 1
-#if MDK_CONF_AESGCM == 0
+#if MDK_CONF_HC128 == 0
 #define NO_HC128
 #endif
 //  </e>
@@ -516,4 +516,3 @@
 //  </e>
 
 //</h>
-

IDE/MDK5-ARM/Projects/CryptTest/main.c

@@ -1,6 +1,6 @@
 /* main.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK5-ARM/Projects/EchoClient/RTE/wolfSSL/user_settings.h

@@ -1,6 +1,6 @@
 /* user_settings.h
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -55,11 +55,11 @@
 #define STM32F7xx
 #endif
 
-//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <2=>SafeRTOS<3=>Windows
-//         <4=>PThread <5=>ThreadX<6=> ThreadX/NetX
-//         <7=>Micrium <8=>EBSnet<9=>MQX 
-//         <10=>T-RTOS <11=>uITRON4<12=>uTKERNEL2 
-//         <13=>Frosted <14=>CMSIS RTOS<15=>Others
+//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS <4=>Windows
+//         <5=>PThread <6=>ThreadX
+//         <7=>Micrium <8=>EBSnet <9=>MQX
+//         <10=>T-RTOS <11=>uITRON4 <12=>uTKERNEL2
+//         <13=>Frosted <14=>CMSIS RTOS <15=>CMSIS RTOSv2 <16=>Others
 #define MDK_CONF_THREAD 14
 #if MDK_CONF_THREAD== 0
 #define SINGLE_THREADED
@@ -245,7 +245,7 @@
 
 //      <e>HC128
 #define MDK_CONF_HC128 1
-#if MDK_CONF_AESGCM == 0
+#if MDK_CONF_HC128 == 0
 #define NO_HC128
 #endif
 //  </e>
@@ -514,4 +514,3 @@
 //  </e>
 
 //</h>
-

IDE/MDK5-ARM/Projects/EchoClient/main.c

@@ -1,6 +1,6 @@
 /* main.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK5-ARM/Projects/EchoServer/RTE/wolfSSL/user_settings.h

@@ -1,6 +1,6 @@
 /* user_settings.h
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -55,11 +55,11 @@
 #define STM32F7xx
 #endif
 
-//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <2=>SafeRTOS<3=>Windows
-//         <4=>PThread <5=>ThreadX<6=> ThreadX/NetX
-//         <7=>Micrium <8=>EBSnet<9=>MQX 
-//         <10=>T-RTOS <11=>uITRON4<12=>uTKERNEL2 
-//         <13=>Frosted <14=>CMSIS RTOS<15=>CMSIS RTOSv2<16=>Others
+//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS <4=>Windows
+//         <5=>PThread <6=>ThreadX
+//         <7=>Micrium <8=>EBSnet <9=>MQX
+//         <10=>T-RTOS <11=>uITRON4 <12=>uTKERNEL2
+//         <13=>Frosted <14=>CMSIS RTOS <15=>CMSIS RTOSv2 <16=>Others
 #define MDK_CONF_THREAD 14
 #if MDK_CONF_THREAD== 0
 #define SINGLE_THREADED
@@ -247,7 +247,7 @@
 
 //      <e>HC128
 #define MDK_CONF_HC128 1
-#if MDK_CONF_AESGCM == 0
+#if MDK_CONF_HC128 == 0
 #define NO_HC128
 #endif
 //  </e>
@@ -516,4 +516,3 @@
 //  </e>
 
 //</h>
-

IDE/MDK5-ARM/Projects/EchoServer/main.c

@@ -1,6 +1,6 @@
 /* main.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK5-ARM/Projects/SimpleClient/RTE/wolfSSL/user_settings.h

@@ -1,6 +1,6 @@
 /* user_settings.h
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -55,11 +55,11 @@
 #define STM32F7xx
 #endif
 
-//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <2=>SafeRTOS<3=>Windows
-//         <4=>PThread <5=>ThreadX<6=> ThreadX/NetX
-//         <7=>Micrium <8=>EBSnet<9=>MQX 
-//         <10=>T-RTOS <11=>uITRON4<12=>uTKERNEL2 
-//         <13=>Frosted <14=>CMSIS RTOS<15=>CMSIS RTOSv2<16=>Others
+//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS <4=>Windows
+//         <5=>PThread <6=>ThreadX
+//         <7=>Micrium <8=>EBSnet <9=>MQX
+//         <10=>T-RTOS <11=>uITRON4 <12=>uTKERNEL2
+//         <13=>Frosted <14=>CMSIS RTOS <15=>CMSIS RTOSv2 <16=>Others
 #define MDK_CONF_THREAD 15
 #if MDK_CONF_THREAD== 0
 #define SINGLE_THREADED
@@ -247,7 +247,7 @@
 
 //      <e>HC128
 #define MDK_CONF_HC128 1
-#if MDK_CONF_AESGCM == 0
+#if MDK_CONF_HC128 == 0
 #define NO_HC128
 #endif
 //  </e>
@@ -516,4 +516,3 @@
 //  </e>
 
 //</h>
-

IDE/MDK5-ARM/Projects/SimpleClient/main.c

@@ -1,6 +1,6 @@
 /* main.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -209,7 +209,7 @@ int main (void) {
     snprintf(ver, VERSIZE, "%d", TLS_VER);
     argv[6] = ver;
 
-    printf("SSL/TLS Client(%d)\n ", sizeof(argv)/sizeof(argv[0])) ;
+    printf("SSL/TLS Client(%d)\n ", (int)(sizeof(argv)/sizeof(argv[0]))) ;
     printf("    Remote IP: %s, Port: %s\n    Version: %s\n", argv[2], argv[4],  verStr[TLS_VER]) ;
     printf("    Other options: %s\n", OTHER_OPTIONS);   
     setTime((time_t)((RTC_YEAR-1970)*365*24*60*60) + RTC_MONTH*30*24*60*60 + RTC_DAY*24*60*60);

IDE/MDK5-ARM/Projects/SimpleServer/RTE/wolfSSL/user_settings.h

@@ -1,6 +1,6 @@
 /* user_settings.h
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -55,11 +55,11 @@
 #define STM32F7xx
 #endif
 
-//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <2=>SafeRTOS<3=>Windows
-//         <4=>PThread <5=>ThreadX<6=> ThreadX/NetX
-//         <7=>Micrium <8=>EBSnet<9=>MQX 
-//         <10=>T-RTOS <11=>uITRON4<12=>uTKERNEL2 
-//         <13=>Frosted <14=>CMSIS RTOS<15=>CMSIS RTOSv2<16=>Others
+//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS <4=>Windows
+//         <5=>PThread <6=>ThreadX
+//         <7=>Micrium <8=>EBSnet <9=>MQX
+//         <10=>T-RTOS <11=>uITRON4 <12=>uTKERNEL2
+//         <13=>Frosted <14=>CMSIS RTOS <15=>CMSIS RTOSv2 <16=>Others
 #define MDK_CONF_THREAD 15
 #if MDK_CONF_THREAD== 0
 #define SINGLE_THREADED
@@ -247,7 +247,7 @@
 
 //      <e>HC128
 #define MDK_CONF_HC128 1
-#if MDK_CONF_AESGCM == 0
+#if MDK_CONF_HC128 == 0
 #define NO_HC128
 #endif
 //  </e>
@@ -516,4 +516,3 @@
 //  </e>
 
 //</h>
-

IDE/MDK5-ARM/Projects/SimpleServer/main.c

@@ -1,6 +1,6 @@
 /* main.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK5-ARM/Projects/wolfSSL-Full/main.c

@@ -1,6 +1,6 @@
 /* main.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK5-ARM/Projects/wolfSSL-Full/shell.c

@@ -1,6 +1,6 @@
 /*shell.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -221,7 +221,7 @@ static struct {
     "stack", stack_comm,        /* On/Off check stack size */
     "for", for_command,         /* iterate next command X times */
     "debug", dbg_comm,          /* On/Off debug message  */
-    "help", help_comm,          /* Breif description about the commands */
+    "help", help_comm,          /* Brief description about the commands */
 
     /** short name **/
     "ec", echoclient_test,
@@ -477,7 +477,7 @@ static void for_command(void *args)
 {
     if( args == NULL || ((func_args *)args)->argc == 1) {
         printf("For %d times\n", for_iteration) ;
-    } else if( args == NULL || ((func_args *)args)->argc == 2) {
+    } else if(((func_args *)args)->argc == 2) {
         for_iteration = atoi(((func_args *)args)->argv[1]) ;
     } else printf("Invalid argument\n") ;
 }
@@ -554,7 +554,7 @@ void exit_command(void) {
 }
 
 
-/***********    Invoke Forground Command  *********************/
+/***********    Invoke Foreground Command  *********************/
 static void command_invoke(void const *args)
 {
     void (*func)(void const * ) ;
@@ -630,7 +630,9 @@ void shell_main(void *arg) {
     int i ;
     func_args args ;
     int bf_flg ;
+#if defined(WOLFSSL_CMSIS_RTOS)
     osThreadId 	 cmd ;
+#endif
     i = BackGround ;
         /* Dummy for avoiding warning: BackGround is defined but not used. */
 

IDE/MDK5-ARM/Projects/wolfSSL-Full/time-CortexM3-4.c

@@ -1,6 +1,6 @@
 /* time-STM32F2.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MDK5-ARM/Projects/wolfSSL-Lib/RTE/wolfSSL/user_settings.h

@@ -1,6 +1,6 @@
 /* user_settings.h
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -55,11 +55,11 @@
 #define STM32F7xx
 #endif
 
-//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <2=>SafeRTOS<3=>Windows
-//         <4=>PThread <5=>ThreadX<6=> ThreadX/NetX
-//         <7=>Micrium <8=>EBSnet<9=>MQX 
-//         <10=>T-RTOS <11=>uITRON4<12=>uTKERNEL2 
-//         <13=>Frosted <14=>CMSIS RTOS<15=>CMSIS RTOSv2<16=>Others
+//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS <4=>Windows
+//         <5=>PThread <6=>ThreadX
+//         <7=>Micrium <8=>EBSnet <9=>MQX
+//         <10=>T-RTOS <11=>uITRON4 <12=>uTKERNEL2
+//         <13=>Frosted <14=>CMSIS RTOS <15=>CMSIS RTOSv2 <16=>Others
 #define MDK_CONF_THREAD 15
 #if MDK_CONF_THREAD== 0
 #define SINGLE_THREADED
@@ -247,7 +247,7 @@
 
 //      <e>HC128
 #define MDK_CONF_HC128 1
-#if MDK_CONF_AESGCM == 0
+#if MDK_CONF_HC128 == 0
 #define NO_HC128
 #endif
 //  </e>
@@ -516,4 +516,3 @@
 //  </e>
 
 //</h>
-

IDE/MDK5-ARM/Src/ssl-dummy.c

@@ -1,6 +1,6 @@
 /* ssl-dummy.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/MYSQL/CMakeLists_wolfCrypt.txt

@@ -1,6 +1,6 @@
 # CMakeLists.txt
 #
-# Copyright (C) 2006-2019 wolfSSL Inc.
+# Copyright (C) 2006-2020 wolfSSL Inc.
 #
 # This file is part of wolfSSL.
 #

IDE/MYSQL/CMakeLists_wolfSSL.txt

@@ -1,6 +1,6 @@
 # CMakeLists.txt
 #
-# Copyright (C) 2006-2019 wolfSSL Inc.
+# Copyright (C) 2006-2020 wolfSSL Inc.
 #
 # This file is part of wolfSSL.
 #

IDE/OPENSTM32/Inc/user_settings.h

@@ -1,6 +1,6 @@
 /* user_settings.h
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/OPENSTM32/Inc/wolfssl_example.h

@@ -1,6 +1,6 @@
 /* wolfssl_example.h
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/OPENSTM32/Src/main.c

@@ -1,6 +1,6 @@
 /* main.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/OPENSTM32/Src/wolfssl_example.c

@@ -1,6 +1,6 @@
 /* wolfssl_example.c
  *
- * Copyright (C) 2006-2019 wolfSSL Inc.
+ * Copyright (C) 2006-2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -1122,7 +1122,7 @@ int bench_tls(void* args)
 {
     int ret = 0;
     info_t *info = NULL;
-    char *cipher, *next_cipher, *ciphers = NULL;
+    char *cipher, *next_cipher, *ciphers;
 
     /* Runtime variables */
     int argRuntimeSec = BENCH_RUNTIME_SEC;

IDE/RISCV/SIFIVE-HIFIVE1/main.c

@@ -1,6 +1,6 @@
 /* main.c
  *
- * Copyright (C) 2019 wolfSSL Inc.
+ * Copyright (C) 2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -143,12 +143,12 @@ int main(void)
 #ifdef USE_CLOCK_HZ
     /* Speed up clock */
     printf("SiFive HiFive1 Demo\n");
-    printf("Setting clock to %dMHz\n", USE_CLOCK_HZ/1000000);
+    printf("Setting clock to %dMHz\n", (int)(USE_CLOCK_HZ/1000000));
     clk_Hz = metal_clock_set_rate_hz(
         &__METAL_DT_SIFIVE_FE310_G000_PLL_HANDLE->clock, USE_CLOCK_HZ
     );
 #endif
-    printf("Actual Clock %dMHz\n", clk_Hz/1000000);
+    printf("Actual Clock %dMHz\n", (int)(clk_Hz/1000000));
 
     /* Reconfigure the SPI Bus for dual mode */
     #define QSPI0_CTRL       0x10014000UL

IDE/RISCV/SIFIVE-HIFIVE1/user_settings.h

@@ -1,6 +1,6 @@
 /* user_settings.h
  *
- * Copyright (C) 2019 wolfSSL Inc.
+ * Copyright (C) 2020 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/RISCV/SIFIVE-UNLEASHED/README.md

@@ -9,7 +9,7 @@ SiFive Freedom U540 SoC at 1.5GHz
 Getting started guide: 
 https://sifive.cdn.prismic.io/sifive%2Ffa3a584a-a02f-4fda-b758-a2def05f49f9_hifive-unleashed-getting-started-guide-v1p1.pdf
 
-Make sure your ethernet is attached and power up board. You can connecct the micro-usb to get a UART console that will display the DHCP IP address. Default login password is "sifive".
+Make sure your ethernet is attached and power up board. You can connecct the micro-usb to get a UART console that will display the DHCP IP address. Default user is "root" and login password is "sifive".
 
 ## Building Freedom-U-SDK
 
@@ -99,10 +99,10 @@ make
 
 ## Benchmark Results
 
-The following is running the wolfCrypt benchmark at 1.5GHz on a single thread (default CPU speed is 1.0GHz).
+The following is running the wolfCrypt benchmark at 1.4GHz on a single thread (default CPU speed is 1.0GHz).
 
 ```sh
-echo 1500000000 > /sys/devices/platform/soc/10000000.prci/rate
+echo 1400000000 > /sys/devices/platform/soc/10000000.prci/rate
 
 ./benchmark
 ------------------------------------------------------------------------------
@@ -146,6 +146,60 @@ ECDSA    256 verify        300 ops took 1.104 sec, avg 3.680 ms, 271.766 ops/sec
 Benchmark complete
 ```
 
+## TLS Benchmarks
+
+```
+echo 1400000000 > /sys/devices/platform/soc/10000000.prci/rate
+./examples/benchmark/tls_bench -p 8192 -m
+Side    Cipher                             Total Bytes  Num Conns      Rx ms      Tx ms    Rx MB/s    Tx MB/s   Connect Total ms   Connect Avg ms
+Server  DHE-RSA-AES128-SHA                      557056         18     94.722     34.548      2.804      7.689            915.005           50.834
+Client  DHE-RSA-AES128-SHA                      557056         18    113.339     34.464      2.344      7.707            896.122           49.785
+Server  DHE-RSA-AES256-SHA                      524288         17    102.691     37.624      2.434      6.645            866.921           50.995
+Client  DHE-RSA-AES256-SHA                      524288         17    123.016     37.391      2.032      6.686            846.925           49.819
+Server  ECDHE-RSA-AES128-SHA                    851968         27    144.719     52.871      2.807      7.684            828.128           30.671
+Client  ECDHE-RSA-AES128-SHA                    851968         27    173.414     52.593      2.343      7.724            799.406           29.608
+Server  ECDHE-ECDSA-AES128-SHA                 1245184         39    210.728     75.683      2.818      7.845            702.403           18.010
+Client  ECDHE-ECDSA-AES128-SHA                 1245184         39    251.039     76.824      2.365      7.729            660.166           16.927
+Server  ECDHE-ECDSA-AES256-SHA                 1179648         37    232.303     85.585      2.421      6.572            673.207           18.195
+Client  ECDHE-ECDSA-AES256-SHA                 1179648         37    277.830     85.551      2.025      6.575            626.807           16.941
+Server  DHE-RSA-AES128-SHA256                   524288         17    106.848     39.533      2.340      6.324            867.397           51.023
+Client  DHE-RSA-AES128-SHA256                   524288         17    127.601     39.334      1.959      6.356            846.556           49.797
+Server  DHE-RSA-AES256-SHA256                   524288         17    120.685     45.184      2.072      5.533            870.931           51.231
+Client  DHE-RSA-AES256-SHA256                   524288         17    144.842     44.807      1.726      5.579            847.038           49.826
+Server  DHE-RSA-AES128-GCM-SHA256               524288         17    124.636     49.373      2.006      5.064            869.243           51.132
+Client  DHE-RSA-AES128-GCM-SHA256               524288         17    148.326     49.277      1.685      5.073            845.442           49.732
+Server  DHE-RSA-AES256-GCM-SHA384               491520         16    129.714     51.389      1.807      4.561            822.309           51.394
+Client  DHE-RSA-AES256-GCM-SHA384               491520         16    154.349     51.488      1.518      4.552            797.458           49.841
+Server  ECDHE-RSA-AES128-GCM-SHA256             753664         24    179.251     71.130      2.005      5.052            744.773           31.032
+Client  ECDHE-RSA-AES128-GCM-SHA256             753664         24    213.410     71.098      1.684      5.055            710.151           29.590
+Server  ECDHE-RSA-AES256-GCM-SHA384             753664         24    198.233     78.075      1.813      4.603            751.299           31.304
+Client  ECDHE-RSA-AES256-GCM-SHA384             753664         24    235.646     78.914      1.525      4.554            712.908           29.705
+Server  ECDHE-ECDSA-AES128-GCM-SHA256          1114112         35    263.646    103.830      2.015      5.117            641.739           18.335
+Client  ECDHE-ECDSA-AES128-GCM-SHA256          1114112         35    312.647    105.155      1.699      5.052            590.693           16.877
+Server  ECDHE-ECDSA-AES256-GCM-SHA384          1048576         33    275.753    117.824      1.813      4.244            615.062           18.638
+Client  ECDHE-ECDSA-AES256-GCM-SHA384          1048576         33    336.538    109.886      1.486      4.550            561.107           17.003
+Server  ECDHE-RSA-AES128-SHA256                 786432         25    159.515     58.314      2.351      6.431            777.706           31.108
+Client  ECDHE-RSA-AES128-SHA256                 786432         25    190.152     58.939      1.972      6.362            746.025           29.841
+Server  ECDHE-ECDSA-AES128-SHA256              1179648         37    239.776     87.656      2.346      6.417            675.020           18.244
+Client  ECDHE-ECDSA-AES128-SHA256              1179648         37    285.535     88.530      1.970      6.354            626.898           16.943
+Server  ECDHE-RSA-AES256-SHA384                 786432         25    173.038     63.549      2.167      5.901            780.063           31.203
+Client  ECDHE-RSA-AES256-SHA384                 786432         25    206.355     63.950      1.817      5.864            745.912           29.836
+Server  ECDHE-ECDSA-AES256-SHA384              1146880         36    252.686     94.012      2.164      5.817            666.287           18.508
+Client  ECDHE-ECDSA-AES256-SHA384              1146880         36    302.699     93.089      1.807      5.875            616.081           17.113
+Server  ECDHE-RSA-CHACHA20-POLY1305             983040         31     67.015     25.344      6.995     18.496            929.187           29.974
+Client  ECDHE-RSA-CHACHA20-POLY1305             983040         31     79.041     25.765      5.930     18.193            916.451           29.563
+Server  ECDHE-ECDSA-CHACHA20-POLY1305          1572864         49    110.132     40.284      6.810     18.618            848.004           17.306
+Client  ECDHE-ECDSA-CHACHA20-POLY1305          1572864         49    131.014     41.404      5.725     18.114            824.766           16.832
+Server  DHE-RSA-CHACHA20-POLY1305               589824         19     40.016     15.086      7.028     18.643            951.114           50.059
+Client  DHE-RSA-CHACHA20-POLY1305               589824         19     46.994     15.467      5.985     18.184            943.807           49.674
+Server  ECDHE-RSA-CHACHA20-POLY1305-OLD         983040         31     66.802     25.246      7.017     18.567            928.078           29.938
+Client  ECDHE-RSA-CHACHA20-POLY1305-OLD         983040         31     78.402     25.915      5.979     18.088            915.354           29.528
+Server  ECDHE-ECDSA-CHACHA20-POLY1305-OLD      1572864         49    106.853     40.000      7.019     18.750            844.887           17.243
+Client  ECDHE-ECDSA-CHACHA20-POLY1305-OLD      1572864         49    124.956     41.720      6.002     17.977            824.284           16.822
+Server  DHE-RSA-CHACHA20-POLY1305-OLD           589824         19     40.200     14.991      6.996     18.762            951.477           50.078
+Client  DHE-RSA-CHACHA20-POLY1305-OLD           589824         19     46.852     15.688      6.003     17.928            944.071           49.688
+```
+
 ## Support
 
 For questions please email us at support@wolfssl.com.