Merge pull request #7075 from cconlon/v5.6.6-prep

5.6.6 version bump and README changes
Initialize variables to NULL
2023-12-18 19:14:18 -08:00 · 2023-12-18 16:51:51 -07:00 · 2023-12-18 15:24:14 -07:00 · 2023-12-18 12:16:34 -07:00 · 2023-12-18 13:15:52 -06:00 · 2023-12-18 11:15:28 -06:00
2049 changed files with 968069 additions and 307654 deletions
--- a/.editorconfig
+++ b/.editorconfig
@@ -0,0 +1,10 @@
+# http://editorconfig.org
+root = true
+
+[*]
+indent_style = space
+indent_size = 4
+end_of_line = lf
+charset = utf-8
+trim_trailing_whitespace = true
+insert_final_newline = true
--- a/.github/SECURITY.md
+++ b/.github/SECURITY.md
@@ -6,7 +6,7 @@ If you discover a vulnerability, please report it to support@wolfssl.com

 1. Include a detailed description
 2. Include method to reproduce and/or method of discovery
- 3. We will evaulate the report promptly and respond to you with findings.
+ 3. We will evaluate the report promptly and respond to you with findings.
 4. We will credit you with the report if you would like.

 **Please keep the vulnerability private** until a fix has been released.
--- a/.github/workflows/async.yml
+++ b/.github/workflows/async.yml
@@ -0,0 +1,35 @@
+name: Async Tests
+
+on:
+  workflow_call:
+
+jobs:
+  make_check:
+    strategy:
+      matrix:
+        config: [
+          # Add new configs here
+          '--enable-asynccrypt --enable-all --enable-dtls13',
+          '--enable-asynccrypt-sw --enable-ocspstapling --enable-ocspstapling2',
+          '--enable-ocsp CFLAGS="-DTEST_NONBLOCK_CERTS"',
+        ]
+    name: make check
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 6
+    steps:
+      - uses: actions/checkout@v3
+        name: Checkout wolfSSL
+
+      - name: Test wolfSSL async
+        run: |
+          ./async-check.sh install
+          ./configure ${{ matrix.config }}
+          make check
+
+      - name: Print errors 
+        if: ${{ failure() }}
+        run: |
+          if [ -f test-suite.log ] ; then
+            cat test-suite.log
+          fi
--- a/.github/workflows/curl.yml
+++ b/.github/workflows/curl.yml
@@ -0,0 +1,61 @@
+name: curl Test
+
+on:
+  workflow_call:
+
+jobs:
+  build_wolfssl:
+    name: Build wolfSSL
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
+    steps:
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-curl
+          install: true
+
+      - name: Upload built lib
+        uses: actions/upload-artifact@v3
+        with:
+          name: wolf-install-curl
+          path: build-dir
+          retention-days: 1
+
+  test_curl:
+    name: ${{ matrix.curl_ref }}
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 15
+    needs: build_wolfssl
+    strategy:
+      fail-fast: false
+      matrix:
+        curl_ref: [ 'master', 'curl-8_4_0' ]
+    steps:
+    - name: Install test dependencies
+      run: |
+        sudo apt-get update
+        sudo apt-get install nghttp2
+        sudo pip install impacket
+
+    - name: Download lib
+      uses: actions/download-artifact@v3
+      with:
+        name: wolf-install-curl
+        path: build-dir
+
+    - name: Build curl
+      uses: wolfSSL/actions-build-autotools-project@v1
+      with:
+        repository: curl/curl
+        path: curl
+        ref: ${{ matrix.curl_ref }}
+        configure: --with-wolfssl=$GITHUB_WORKSPACE/build-dir
+        check: false
+
+    - name: Test curl
+      working-directory: curl
+      run: make -j test-ci
--- a/.github/workflows/docker-Espressif.yml
+++ b/.github/workflows/docker-Espressif.yml
@@ -0,0 +1,34 @@
+name: Espressif examples tests
+on:
+  workflow_call:
+
+jobs:
+  espressif_latest:
+    name: latest Docker container
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 12
+    container:
+      image: espressif/idf:latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Initialize Espressif IDE and build examples
+        run: . /opt/esp/idf/export.sh; IDE/Espressif/ESP-IDF/compileAllExamples.sh
+  espressif_v4_4:
+    name: v4.4 Docker container
+    runs-on: ubuntu-latest
+    container:
+      image: espressif/idf:release-v4.4
+    steps:
+      - uses: actions/checkout@v3
+      - name: Initialize Espressif IDE and build examples
+        run: . /opt/esp/idf/export.sh; IDE/Espressif/ESP-IDF/compileAllExamples.sh
+  espressif_v5_0:
+    name: v5.0 Docker container
+    runs-on: ubuntu-latest
+    container:
+      image: espressif/idf:release-v5.0
+    steps:
+      - uses: actions/checkout@v3
+      - name: Initialize Espressif IDE and build examples
+        run: . /opt/esp/idf/export.sh; IDE/Espressif/ESP-IDF/compileAllExamples.sh
--- a/.github/workflows/docker-OpenWrt.yml
+++ b/.github/workflows/docker-OpenWrt.yml
@@ -0,0 +1,54 @@
+# This workflow tests out new libraries with existing OpenWrt builds to check
+# there aren't any compatibility issues. Take a look at Docker/OpenWrt/README.md
+name: OpenWrt test
+
+on:
+    workflow_call:
+
+jobs:
+    build_library:
+        name: Compile libwolfssl.so
+        runs-on: ubuntu-latest
+        # This should be a safe limit for the tests to run.
+        timeout-minutes: 4
+        container:
+            image: alpine:latest
+        steps:
+            - name: Install required tools
+              run: apk add argp-standalone asciidoc bash bc binutils bzip2 cdrkit coreutils diffutils elfutils-dev findutils flex musl-fts-dev g++ gawk gcc gettext git grep intltool libxslt linux-headers make musl-libintl musl-obstack-dev ncurses-dev openssl-dev patch perl python3-dev rsync tar unzip util-linux wget zlib-dev autoconf automake libtool
+            - uses: actions/checkout@v3
+            - name: Compile libwolfssl.so
+              run: ./autogen.sh && ./configure --enable-all && make
+            - name: Upload libwolfssl.so
+              uses: actions/upload-artifact@v3
+              with:
+                name: openwrt-libwolfssl.so
+                path: src/.libs/libwolfssl.so
+                retention-days: 1
+    compile_container:
+        name: Compile container
+        runs-on: ubuntu-latest
+        # This should be a safe limit for the tests to run.
+        timeout-minutes: 2
+        needs: build_library
+        strategy:
+            fail-fast: false
+            matrix:
+                release: [ "22.03-SNAPSHOT", "21.02-SNAPSHOT" ] # some other versions: 21.02.0 21.02.5 22.03.0 22.03.3 snapshot
+        steps:
+            - uses: actions/checkout@v3
+            - uses: docker/setup-buildx-action@v2
+            - uses: actions/download-artifact@v3
+              with:
+                name: openwrt-libwolfssl.so
+                path: Docker/OpenWrt/.
+            - name: Build but dont push
+              uses: docker/build-push-action@v3
+              with:
+                  context: Docker/OpenWrt
+                  platforms: linux/amd64
+                  push: false
+                  tags: openwrt-test:latest
+                  build-args: DOCKER_BASE_CONTAINER=openwrt/rootfs:x86-64-${{ matrix.release }}
+                  cache-from: type=gha
+                  cache-to: type=gha,mode=max
--- a/.github/workflows/haproxy.yml
+++ b/.github/workflows/haproxy.yml
@@ -0,0 +1,51 @@
+name: HaProxy Tests
+
+on:
+  workflow_call:
+
+jobs:
+  haproxy_check:
+    strategy:
+      fail-fast: false
+      matrix:
+        # List of refs to test
+        ref: [ master ]
+    name: ${{ matrix.ref }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-quic --enable-haproxy
+          install: true
+
+      - name: Checkout VTest
+        uses: actions/checkout@v3
+        with:
+          repository: vtest/VTest
+          path: VTest
+
+      - name: Build VTest
+        working-directory: VTest
+        # Special flags due to: https://github.com/vtest/VTest/issues/12
+        run: make FLAGS='-O2 -s -Wall'
+
+      - name: Checkout HaProxy
+        uses: actions/checkout@v3
+        with:
+          repository: haproxy/haproxy
+          path: haproxy
+          ref: ${{ matrix.ref }}
+
+      - name: Build HaProxy
+        working-directory: haproxy
+        run: >-
+          make -j TARGET=linux-glibc DEBUG='-DDEBUG_MEMORY_POOLS -DDEBUG_STRICT'
+          USE_OPENSSL_WOLFSSL=1 USE_QUIC=1 SSL_INC=$GITHUB_WORKSPACE/build-dir/include/
+          SSL_LIB=$GITHUB_WORKSPACE/build-dir/lib/ ADDLIB=-Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib
+
+      - name: Test HaProxy
+        working-directory: haproxy
+        run: make reg-tests reg-tests/ssl VTEST_PROGRAM=$GITHUB_WORKSPACE/VTest/vtest
+ 
--- a/.github/workflows/hitch.yml
+++ b/.github/workflows/hitch.yml
@@ -0,0 +1,94 @@
+name: hitch Tests
+
+on:
+  workflow_call:
+
+jobs:
+  build_wolfssl:
+    name: Build wolfSSL
+    # Just to keep it the same as the testing target
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
+    steps:
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-hitch
+          install: true
+
+      - name: Upload built lib
+        uses: actions/upload-artifact@v3
+        with:
+          name: wolf-install-hitch
+          path: build-dir
+          retention-days: 1
+
+  hitch_check:
+    strategy:
+      fail-fast: false
+      matrix:
+        # List of releases to test
+        include:
+          - ref: 1.7.3
+            ignore-tests: >-
+              test13-r82.sh test15-proxy-v2-npn.sh test39-client-cert-proxy.sh
+    name: ${{ matrix.ref }}
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
+    needs: build_wolfssl
+    steps:
+      - name: Download lib
+        uses: actions/download-artifact@v3
+        with:
+          name: wolf-install-hitch
+          path: build-dir
+
+      - name: Checkout OSP
+        uses: actions/checkout@v3
+        with:
+          repository: wolfssl/osp
+          path: osp
+
+      - name: Install dependencies
+        run: |
+            export DEBIAN_FRONTEND=noninteractive
+            sudo apt-get update
+            sudo apt-get install -y libev-dev libssl-dev automake python3-docutils flex bison pkg-config make
+
+      - name: Checkout hitch
+        uses: actions/checkout@v3
+        with:
+          repository: varnish/hitch
+          ref: 1.7.3
+          path: hitch
+
+      # Do this before configuring so that it only detects the updated list of
+      # tests
+      - if: ${{ matrix.ignore-tests }}
+        name: Remove tests that we want to ignore
+        working-directory: ./hitch/src/tests
+        run: |
+          rm ${{ matrix.ignore-tests }}
+
+      - name: Configure and build hitch
+        run: |
+            cd $GITHUB_WORKSPACE/hitch/
+            patch -p1 < $GITHUB_WORKSPACE/osp/hitch/hitch_1.7.3.patch
+            autoreconf -ivf
+            SSL_CFLAGS="-I$GITHUB_WORKSPACE/build-dir/include/ -I$GITHUB_WORKSPACE/build-dir/include/wolfssl" SSL_LIBS="-L$GITHUB_WORKSPACE/build-dir/lib -lwolfssl" ./configure --with-wolfssl=$GITHUB_WORKSPACE/build-dir/ --enable-silent-rules --enable-documentation --enable-warnings --with-lex --with-yacc --prefix=$GITHUB_WORKSPACE/build-dir
+            make -j$(nproc)
+
+      - name: Confirm hitch built with wolfSSL
+        working-directory: ./hitch
+        run: |
+          export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH
+          ldd src/hitch | grep wolfssl
+
+      - name: Run hitch tests, skipping ignored tests
+        working-directory: ./hitch
+        run: |
+          export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH
+          make check
--- a/.github/workflows/hostap-files/Makefile
+++ b/.github/workflows/hostap-files/Makefile
@@ -0,0 +1,11 @@
+obj-m := mac80211_hwsim.o
+KDIR := /lib/modules/$(shell uname -r)/build
+PWD := $(shell pwd)
+default:
+	$(MAKE) -C $(KDIR) M=$(PWD) modules
+install:
+	$(MAKE) -C $(KDIR) M=$(PWD) modules_install
+	depmod -A
+clean:
+	$(MAKE) -C $(KDIR) M=$(PWD) clean
+
--- a/.github/workflows/hostap-files/README
+++ b/.github/workflows/hostap-files/README
@@ -0,0 +1,2 @@
+Makefile and directory used in .github/workflows/hostap.yml to
+compile the mac80211_hwsim kernel module.
--- a/.github/workflows/hostap-files/configs/b607d2723e927a3446d89aed813f1aa6068186bb/hostapd.config
+++ b/.github/workflows/hostap-files/configs/b607d2723e927a3446d89aed813f1aa6068186bb/hostapd.config
@@ -0,0 +1,120 @@
+#CC=ccache gcc
+
+CONFIG_DRIVER_NONE=y
+CONFIG_DRIVER_NL80211=y
+CONFIG_RSN_PREAUTH=y
+
+#CONFIG_TLS=internal
+#CONFIG_INTERNAL_LIBTOMMATH=y
+#CONFIG_INTERNAL_LIBTOMMATH_FAST=y
+#CONFIG_TLS=openssl
+CONFIG_TLS=wolfssl
+
+CONFIG_EAP=y
+CONFIG_ERP=y
+CONFIG_EAP_MD5=y
+CONFIG_EAP_TLS=y
+CONFIG_EAP_MSCHAPV2=y
+CONFIG_EAP_PEAP=y
+CONFIG_EAP_GTC=y
+CONFIG_EAP_TTLS=y
+CONFIG_EAP_SIM=y
+CONFIG_EAP_AKA=y
+CONFIG_EAP_AKA_PRIME=y
+CONFIG_EAP_GPSK=y
+CONFIG_EAP_GPSK_SHA256=y
+CONFIG_EAP_SAKE=y
+CONFIG_EAP_PAX=y
+CONFIG_EAP_PSK=y
+CONFIG_EAP_VENDOR_TEST=y
+CONFIG_EAP_FAST=y
+CONFIG_EAP_TEAP=y
+CONFIG_EAP_IKEV2=y
+CONFIG_EAP_TNC=y
+CFLAGS += -DTNC_CONFIG_FILE=\"tnc/tnc_config\"
+LIBS += -rdynamic
+CONFIG_EAP_UNAUTH_TLS=y
+ifeq ($(CONFIG_TLS), openssl)
+CONFIG_EAP_PWD=y
+endif
+ifeq ($(CONFIG_TLS), wolfssl)
+CONFIG_EAP_PWD=y
+endif
+CONFIG_EAP_EKE=y
+CONFIG_PKCS12=y
+CONFIG_RADIUS_SERVER=y
+CONFIG_IPV6=y
+CONFIG_TLSV11=y
+CONFIG_TLSV12=y
+
+CONFIG_FULL_DYNAMIC_VLAN=y
+CONFIG_VLAN_NETLINK=y
+CONFIG_LIBNL32=y
+CONFIG_LIBNL3_ROUTE=y
+CONFIG_IEEE80211R=y
+CONFIG_IEEE80211AC=y
+CONFIG_IEEE80211AX=y
+
+CONFIG_OCV=y
+
+CONFIG_WPS=y
+CONFIG_WPS_UPNP=y
+CONFIG_WPS_NFC=y
+#CONFIG_WPS_STRICT=y
+CONFIG_WPA_TRACE=y
+CONFIG_WPA_TRACE_BFD=y
+
+CONFIG_P2P_MANAGER=y
+CONFIG_DEBUG_FILE=y
+CONFIG_DEBUG_LINUX_TRACING=y
+CONFIG_WPA_CLI_EDIT=y
+CONFIG_ACS=y
+CONFIG_NO_RANDOM_POOL=y
+CONFIG_WNM=y
+CONFIG_INTERWORKING=y
+CONFIG_HS20=y
+CONFIG_SQLITE=y
+CONFIG_SAE=y
+CONFIG_SAE_PK=y
+CFLAGS += -DALL_DH_GROUPS
+
+CONFIG_FST=y
+CONFIG_FST_TEST=y
+
+CONFIG_TESTING_OPTIONS=y
+CFLAGS += -DCONFIG_RADIUS_TEST
+CONFIG_MODULE_TESTS=y
+
+CONFIG_SUITEB=y
+
+# AddressSanitizer (ASan) can be enabled by uncommenting the following lines.
+# This can be used as a more efficient memory error detector than valgrind
+# (though, with still some CPU and memory cost, so VM cases will need more
+# memory allocated for the guest).
+#CFLAGS += -fsanitize=address -O1 -fno-omit-frame-pointer -g
+#LIBS += -fsanitize=address -fno-omit-frame-pointer -g
+#LIBS_h += -fsanitize=address -fno-omit-frame-pointer -g
+#LIBS_n += -fsanitize=address -fno-omit-frame-pointer -g
+#LIBS_c += -fsanitize=address -fno-omit-frame-pointer -g
+
+# Undefined Behavior Sanitizer (UBSan) can be enabled by uncommenting the
+# following lines.
+#CFLAGS += -Wno-format-nonliteral
+#CFLAGS += -fsanitize=undefined
+##CFLAGS += -fno-sanitize-recover
+#LIBS += -fsanitize=undefined
+##LIBS += -fno-sanitize-recover
+#LIBS_h += -fsanitize=undefined
+#LIBS_n += -fsanitize=undefined
+#LIBS_c += -fsanitize=undefined
+CONFIG_MBO=y
+
+CONFIG_TAXONOMY=y
+CONFIG_FILS=y
+CONFIG_FILS_SK_PFS=y
+CONFIG_OWE=y
+CONFIG_DPP=y
+CONFIG_DPP2=y
+CONFIG_WEP=y
+CONFIG_PASN=y
+CONFIG_AIRTIME_POLICY=y
--- a/.github/workflows/hostap-files/configs/b607d2723e927a3446d89aed813f1aa6068186bb/tests
+++ b/.github/workflows/hostap-files/configs/b607d2723e927a3446d89aed813f1aa6068186bb/tests
@@ -0,0 +1,707 @@
+sae_pk
+sae_pk_group_negotiation
+sae_pk_sec_3
+sae_pk_sec_5
+sae_pk_group_20
+sae_pk_group_21
+sae_pk_group_20_sae_group_19
+sae_pk_group_20_sae_group_21
+sae_pk_group_19_sae_group_20
+sae_pk_password_without_pk
+sae_pk_only
+sae_pk_modes
+sae_pk_not_on_ap
+sae_pk_mixed
+sae_pk_mixed_immediate_confirm
+sae_pk_missing_ie
+sae_pk_unexpected_status
+sae_pk_invalid_signature
+sae_pk_invalid_fingerprint
+sae_pk_and_psk
+sae_pk_and_psk_invalid_password
+sae_pk_invalid_pw
+sae
+sae_password_ecc
+sae_pmksa_caching
+sae_pmksa_caching_pmkid
+sae_pmksa_caching_disabled
+sae_groups
+sae_group_nego
+sae_group_nego_no_match
+sae_anti_clogging
+sae_forced_anti_clogging
+sae_mixed
+sae_and_psk
+sae_and_psk2
+sae_wpa3_roam
+sae_mixed_mfp
+sae_mfp
+sae_missing_password
+sae_key_lifetime_in_memory
+sae_oom_wpas
+sae_proto_ecc
+sae_proto_ffc
+sae_proto_commit_delayed
+sae_proto_commit_replay
+sae_proto_confirm_replay
+sae_proto_hostapd
+sae_proto_hostapd_ecc
+sae_proto_hostapd_ffc
+sae_proto_hostapd_status_126
+sae_proto_hostapd_status_127
+sae_reflection_attack_ecc
+sae_reflection_attack_ecc_internal
+sae_commit_override
+sae_commit_override2
+sae_commit_invalid_scalar_element_ap
+sae_commit_invalid_element_ap
+sae_commit_invalid_scalar_element_sta
+sae_commit_invalid_element_sta
+sae_anti_clogging_proto
+sae_no_random
+sae_invalid_anti_clogging_token_req
+sae_password
+sae_password_short
+sae_password_long
+sae_connect_cmd
+sae_password_id
+sae_password_id_ecc
+sae_password_id_ffc
+sae_password_id_only
+sae_password_id_pwe_looping
+sae_password_id_pwe_check_ap
+sae_password_id_pwe_check_sta
+sae_forced_anti_clogging_pw_id
+sae_reauth
+sae_sync
+sae_confirm_immediate
+sae_confirm_immediate2
+sae_pwe_group_19
+sae_pwe_group_20
+sae_pwe_group_21
+sae_pwe_group_28
+sae_pwe_group_29
+sae_pwe_group_30
+sae_pwe_group_1
+sae_pwe_group_2
+sae_pwe_group_22
+sae_pwe_h2e_only_ap
+sae_pwe_h2e_only_ap_sta_forcing_loop
+sae_pwe_loop_only_ap
+sae_h2e_rejected_groups
+sae_h2e_rejected_groups_unexpected
+sae_h2e_password_id
+sae_pwe_in_psk_ap
+sae_auth_restart
+sae_rsne_mismatch
+sae_h2e_rsnxe_mismatch
+sae_h2e_rsnxe_mismatch_retries
+sae_h2e_rsnxe_mismatch_assoc
+sae_h2e_rsnxe_mismatch_ap
+sae_h2e_rsnxe_mismatch_ap2
+sae_h2e_rsnxe_mismatch_ap3
+sae_forced_anti_clogging_h2e
+sae_forced_anti_clogging_h2e_loop
+sae_okc
+sae_okc_sta_only
+sae_okc_pmk_lifetime
+sae_pmk_lifetime
+sae_and_psk_multiple_passwords
+sae_pmf_roam
+sae_ocv_pmk
+sae_ocv_pmk_failure
+sae_reject
+eap_tls_pkcs8_pkcs5_v2_des3
+eap_tls_pkcs8_pkcs5_v15
+eap_tls_session_resumption
+eap_tls_session_resumption_expiration
+eap_tls_session_resumption_radius
+eap_tls_sha512
+eap_tls_sha384
+eap_tls_ext_cert_check
+eap_tls_errors
+ap_wpa2_delayed_m3_retransmission
+ap_wpa2_delayed_m1_m3_retransmission
+ap_wpa2_delayed_m1_m3_retransmission2
+ap_wpa2_delayed_group_m1_retransmission
+ap_wpa2_delayed_group_m1_retransmission_igtk
+ap_wpa2_delayed_m1_m3_zero_tk
+ap_wpa2_plaintext_m1_m3
+ap_wpa2_plaintext_m1_m3_pmf
+ap_wpa2_plaintext_m3
+ap_wpa2_plaintext_group_m1
+ap_wpa2_plaintext_group_m1_pmf
+ap_wpa2_test_command_failures
+ap_wpa2_gtk_initial_rsc_tkip
+ap_wpa2_gtk_initial_rsc_ccmp
+ap_wpa2_gtk_initial_rsc_ccmp_256
+ap_wpa2_gtk_initial_rsc_gcmp
+ap_wpa2_gtk_initial_rsc_gcmp_256
+ap_wpa2_igtk_initial_rsc_aes_128_cmac
+ap_wpa2_igtk_initial_rsc_bip_gmac_128
+ap_wpa2_igtk_initial_rsc_bip_gmac_256
+ap_wpa2_igtk_initial_rsc_bip_cmac_256
+ap_wpa2_psk
+ap_wpa2_psk_file
+ap_wpa2_psk_file_keyid
+ap_wpa2_psk_mem
+ap_wpa2_ptk_rekey
+ap_wpa2_ptk_rekey_blocked_ap
+ap_wpa2_ptk_rekey_blocked_sta
+ap_wpa2_ptk_rekey_anonce
+ap_wpa2_ptk_rekey_ap
+ap_wpa2_sha256_ptk_rekey
+ap_wpa2_sha256_ptk_rekey_ap
+ap_wpa2_psk_file_errors
+ap_wpa2_psk_wildcard_ssid
+ap_wpa2_gtk_rekey
+ap_wpa2_gtk_rekey_request
+ap_wpa2_gtk_rekey_failure
+ap_wpa2_gtk_rekey_fail_1_sta
+ap_wpa2_gmk_rekey
+ap_wpa2_strict_rekey
+ap_wpa2_psk_ext
+ap_wpa2_psk_unexpected
+ap_wpa2_psk_ext_retry_msg_3
+ap_wpa2_psk_ext_retry_msg_3b
+ap_wpa2_psk_ext_retry_msg_3c
+ap_wpa2_psk_ext_retry_msg_3d
+ap_wpa2_psk_ext_retry_msg_3e
+ap_wpa2_psk_ext_delayed_ptk_rekey
+ap_wpa2_psk_ext_eapol
+ap_wpa2_psk_ext_eapol_retry1
+ap_wpa2_psk_ext_eapol_retry1b
+ap_wpa2_psk_ext_eapol_retry1c
+ap_wpa2_psk_ext_eapol_retry1d
+ap_wpa2_psk_ext_eapol_type_diff
+ap_wpa2_psk_ext_eapol_key_info
+ap_wpa2_psk_supp_proto
+ap_wpa2_psk_supp_proto_no_ie
+ap_wpa2_psk_supp_proto_ie_mismatch
+ap_wpa2_psk_supp_proto_ok
+ap_wpa2_psk_supp_proto_no_gtk
+ap_wpa2_psk_supp_proto_anonce_change
+ap_wpa2_psk_supp_proto_unexpected_group_msg
+ap_wpa2_psk_supp_proto_msg_1_invalid_kde
+ap_wpa2_psk_supp_proto_wrong_pairwise_key_len
+ap_wpa2_psk_supp_proto_wrong_group_key_len
+ap_wpa2_psk_supp_proto_gtk_tx_bit_workaround
+ap_wpa2_psk_supp_proto_gtk_keyidx_0_and_3
+ap_wpa2_psk_supp_proto_no_gtk_in_group_msg
+ap_wpa2_psk_supp_proto_too_long_gtk_in_group_msg
+ap_wpa2_psk_supp_proto_too_long_gtk_kde
+ap_wpa2_psk_supp_proto_gtk_not_encrypted
+ap_wpa2_psk_supp_proto_no_igtk
+ap_wpa2_psk_supp_proto_igtk_ok
+ap_wpa2_psk_supp_proto_igtk_keyid_swap
+ap_wpa2_psk_supp_proto_igtk_keyid_too_large
+ap_wpa2_psk_supp_proto_igtk_keyid_unexpected
+ap_wpa2_psk_wep
+ap_wpa2_psk_ifdown
+ap_wpa2_psk_drop_first_msg_4
+ap_wpa2_psk_disable_enable
+ap_wpa2_psk_incorrect_passphrase
+ap_wpa2_psk_no_random
+ap_wpa2_psk_assoc_rsn
+ap_wpa2_psk_ft_workaround
+ap_wpa2_psk_assoc_rsn_pmkid
+ap_wpa2_eapol_retry_limit
+ap_wpa2_disable_eapol_retry
+ap_wpa2_disable_eapol_retry_group
+ap_wpa2_psk_mic_0
+ap_wpa2_psk_local_error
+ap_wpa2_psk_inject_assoc
+ap_wpa2_psk_no_control_port
+ap_wpa2_psk_ap_control_port
+ap_wpa2_psk_ap_control_port_disabled
+ap_wpa2_psk_rsne_mismatch_ap
+ap_wpa2_psk_rsne_mismatch_ap2
+ap_wpa2_psk_rsne_mismatch_ap3
+ap_wpa2_psk_rsnxe_mismatch_ap
+ap_wpa2_psk_ext_key_id_ptk_rekey_ap0
+ap_wpa2_psk_ext_key_id_ptk_rekey_ap1
+ap_wpa2_psk_ext_key_id_ptk_rekey_ap2
+ap_wpa2_psk_ext_key_id_ptk_rekey_sta0
+ap_wpa2_psk_ext_key_id_ptk_rekey_sta1
+ap_wpa2_psk_ext_key_id_ptk_rekey_sta2
+ap_wpa2_eap_sim
+ap_wpa2_eap_sim_imsi_identity
+ap_wpa2_eap_sim_imsi_privacy_key
+ap_wpa2_eap_sim_imsi_privacy_attr
+ap_wpa2_eap_sim_sql
+ap_wpa2_eap_sim_config
+ap_wpa2_eap_sim_id_0
+ap_wpa2_eap_sim_id_1
+ap_wpa2_eap_sim_id_2
+ap_wpa2_eap_sim_id_3
+ap_wpa2_eap_sim_ext
+ap_wpa2_eap_sim_ext_replace_sim
+ap_wpa2_eap_sim_ext_replace_sim2
+ap_wpa2_eap_sim_ext_replace_sim3
+ap_wpa2_eap_sim_ext_auth_fail
+ap_wpa2_eap_sim_change_bssid
+ap_wpa2_eap_sim_no_change_set
+ap_wpa2_eap_sim_ext_anonymous
+ap_wpa2_eap_sim_ext_anonymous_no_pseudonym
+ap_wpa2_eap_sim_oom
+ap_wpa2_eap_aka
+ap_wpa2_eap_aka_imsi_identity
+ap_wpa2_eap_aka_imsi_privacy_key
+ap_wpa2_eap_aka_imsi_privacy_attr
+ap_wpa2_eap_aka_imsi_privacy_key_expired
+ap_wpa2_eap_aka_sql
+ap_wpa2_eap_aka_config
+ap_wpa2_eap_aka_ext
+ap_wpa2_eap_aka_ext_auth_fail
+ap_wpa2_eap_aka_prime
+ap_wpa2_eap_aka_prime_imsi_identity
+ap_wpa2_eap_aka_prime_imsi_privacy_key
+ap_wpa2_eap_aka_prime_sql
+ap_wpa2_eap_aka_prime_ext_auth_fail
+ap_wpa2_eap_aka_prime_ext
+ap_wpa2_eap_ttls_pap
+ap_wpa2_eap_ttls_pap_subject_match
+ap_wpa2_eap_ttls_pap_check_cert_subject
+ap_wpa2_eap_ttls_pap_incorrect_password
+ap_wpa2_eap_ttls_chap
+ap_wpa2_eap_ttls_chap_altsubject_match
+ap_wpa2_eap_ttls_chap_incorrect_password
+ap_wpa2_eap_ttls_mschap
+ap_wpa2_eap_ttls_mschap_incorrect_password
+ap_wpa2_eap_ttls_mschapv2
+ap_wpa2_eap_ttls_invalid_phase2
+ap_wpa2_eap_ttls_mschapv2_suffix_match
+ap_wpa2_eap_ttls_mschapv2_domain_match
+ap_wpa2_eap_ttls_mschapv2_incorrect_password
+ap_wpa2_eap_ttls_mschapv2_utf8
+ap_wpa2_eap_ttls_eap_gtc
+ap_wpa2_eap_ttls_eap_gtc_incorrect_password
+ap_wpa2_eap_ttls_eap_gtc_no_password
+ap_wpa2_eap_ttls_eap_gtc_server_oom
+ap_wpa2_eap_ttls_eap_gtc_oom
+ap_wpa2_eap_ttls_eap_md5
+ap_wpa2_eap_ttls_eap_md5_incorrect_password
+ap_wpa2_eap_ttls_eap_md5_no_password
+ap_wpa2_eap_ttls_eap_md5_server_oom
+ap_wpa2_eap_ttls_eap_mschapv2
+ap_wpa2_eap_ttls_eap_mschapv2_no_password
+ap_wpa2_eap_ttls_eap_mschapv2_server_oom
+ap_wpa2_eap_ttls_eap_sim
+ap_wpa2_eap_ttls_eap_sim_ext
+ap_wpa2_eap_ttls_eap_vendor
+ap_wpa2_eap_peap_eap_sim
+ap_wpa2_eap_peap_eap_sim_ext
+ap_wpa2_eap_fast_eap_sim_ext
+ap_wpa2_eap_ttls_eap_aka
+ap_wpa2_eap_peap_eap_aka
+ap_wpa2_eap_peap_eap_mschapv2
+ap_wpa2_eap_peap_eap_mschapv2_domain
+ap_wpa2_eap_peap_eap_mschapv2_incorrect_password
+ap_wpa2_eap_peap_crypto_binding
+ap_wpa2_eap_peap_crypto_binding_server_oom
+ap_wpa2_eap_peap_params
+ap_wpa2_eap_peap_eap_gtc
+ap_wpa2_eap_peap_eap_tls
+ap_wpa2_eap_peap_eap_vendor
+ap_wpa2_eap_tls
+ap_wpa2_eap_tls_blob
+ap_wpa2_eap_tls_blob_pem
+ap_wpa2_eap_tls_blob_missing
+ap_wpa2_eap_tls_with_tls_len
+ap_wpa2_eap_tls_pkcs12
+ap_wpa2_eap_tls_pkcs12_blob
+ap_wpa2_eap_tls_pkcs12_blob_pem
+ap_wpa2_eap_tls_diff_ca_trust
+ap_wpa2_eap_tls_diff_ca_trust2
+ap_wpa2_eap_tls_diff_ca_trust3
+ap_wpa2_eap_tls_neg_suffix_match
+ap_wpa2_eap_tls_neg_domain_match
+ap_wpa2_eap_tls_neg_subject_match
+ap_wpa2_eap_tls_neg_altsubject_match
+ap_wpa2_eap_unauth_tls
+ap_wpa2_eap_ttls_server_cert_hash
+ap_wpa2_eap_ttls_server_cert_hash_invalid
+ap_wpa2_eap_pwd
+ap_wpa2_eap_pwd_nthash
+ap_wpa2_eap_pwd_salt_sha1
+ap_wpa2_eap_pwd_salt_sha256
+ap_wpa2_eap_pwd_salt_sha512
+ap_wpa2_eap_pwd_groups
+ap_wpa2_eap_pwd_invalid_group
+ap_wpa2_eap_pwd_disabled_group
+ap_wpa2_eap_pwd_as_frag
+ap_wpa2_eap_gpsk
+ap_wpa2_eap_sake
+ap_wpa2_eap_eke
+ap_wpa2_eap_eke_many
+ap_wpa2_eap_eke_serverid_nai
+ap_wpa2_eap_eke_server_oom
+ap_wpa2_eap_ikev2
+ap_wpa2_eap_ikev2_as_frag
+ap_wpa2_eap_ikev2_oom
+ap_wpa2_eap_pax
+ap_wpa2_eap_psk
+ap_wpa2_eap_psk_oom
+ap_wpa2_eap_interactive
+ap_wpa2_eap_ext_enable_network_while_connected
+ap_wpa2_eap_vendor_test
+ap_wpa2_eap_vendor_test_oom
+ap_wpa2_eap_fast_gtc_identity_change
+ap_wpa2_eap_fast_eap_vendor
+ap_wpa2_eap_tls_ocsp
+ap_wpa2_eap_tls_ocsp_multi
+ap_wpa2_eap_tls_ocsp_key_id
+ap_wpa2_eap_tls_ocsp_ca_signed_good
+ap_wpa2_eap_tls_ocsp_ca_signed_revoked
+ap_wpa2_eap_tls_ocsp_ca_signed_unknown
+ap_wpa2_eap_tls_ocsp_server_signed
+ap_wpa2_eap_tls_ocsp_invalid_data
+ap_wpa2_eap_tls_ocsp_invalid
+ap_wpa2_eap_tls_ocsp_unknown_sign
+ap_wpa2_eap_tls_intermediate_ca
+ap_wpa2_eap_tls_ocsp_multi_revoked
+ap_wpa2_eap_tls_domain_suffix_match_cn_full
+ap_wpa2_eap_tls_domain_match_cn
+ap_wpa2_eap_tls_domain_suffix_match_cn
+ap_wpa2_eap_tls_domain_suffix_mismatch_cn
+ap_wpa2_eap_tls_domain_mismatch_cn
+ap_wpa2_eap_ttls_long_duration
+ap_wpa2_eap_ttls_server_cert_eku_client
+ap_wpa2_eap_ttls_server_cert_eku_client_server
+ap_wpa2_eap_ttls_server_pkcs12
+ap_wpa2_eap_ttls_server_pkcs12_extra
+ap_wpa2_eap_ttls_dh_params_server
+ap_wpa2_eap_ttls_dh_params_dsa_server
+ap_wpa2_eap_ttls_dh_params_not_found
+ap_wpa2_eap_ttls_dh_params_invalid
+ap_wpa2_eap_reauth
+ap_wpa2_eap_reauth_ptk_rekey_blocked_sta
+ap_wpa2_eap_request_identity_message
+ap_wpa2_eap_sim_aka_result_ind
+ap_wpa2_eap_sim_zero_db_timeout
+ap_wpa2_eap_too_many_roundtrips
+ap_wpa2_eap_too_many_roundtrips_server
+ap_wpa2_eap_too_many_roundtrips_server2
+ap_wpa2_eap_expanded_nak
+ap_wpa2_eap_sql
+ap_wpa2_eap_non_ascii_identity
+ap_wpa2_eap_non_ascii_identity2
+ap_wpa2_eap_unexpected_wep_eapol_key
+ap_wpa2_eap_session_ticket
+ap_wpa2_eap_no_workaround
+ap_wpa2_eap_tls_check_crl
+ap_wpa2_eap_tls_check_crl_not_strict
+ap_wpa2_eap_tls_crl_reload
+ap_wpa2_eap_tls_check_cert_subject
+ap_wpa2_eap_tls_check_cert_subject_neg
+ap_wpa2_eap_tls_oom
+ap_wpa2_eap_tls_macacl
+ap_wpa2_eap_oom
+ap_wpa2_eap_tls_13
+ap_wpa2_eap_tls_13_ocsp
+ap_wpa2_eap_tls_13_missing_prot_success
+ap_wpa2_eap_tls_13_fragmentation
+ap_wpa2_eap_ttls_13
+ap_wpa2_eap_peap_13
+ap_wpa2_eap_tls_13_ec
+ap_wpa2_eap_sim_db
+ap_wpa2_eap_sim_db_sqlite
+ap_wpa2_eap_assoc_rsn
+ap_wpa2_eap_status
+ap_wpa2_eap_gpsk_ptk_rekey_ap
+ap_wpa2_eap_wildcard_ssid
+ap_wpa2_eap_psk_mac_addr_change
+ap_wpa2_eap_server_get_id
+ap_wpa2_radius_server_get_id
+ap_wpa2_eap_tls_tod
+ap_wpa2_eap_tls_tod_tofu
+ap_wpa2_eap_sake_no_control_port
+ap_wpa2_tdls
+ap_wpa2_tdls_concurrent_init
+ap_wpa2_tdls_concurrent_init2
+ap_wpa2_tdls_decline_resp
+ap_wpa2_tdls_long_lifetime
+ap_wpa2_tdls_long_frame
+ap_wpa2_tdls_reneg
+ap_wpa2_tdls_wrong_lifetime_resp
+ap_wpa2_tdls_diff_rsnie
+ap_wpa2_tdls_wrong_tpk_m2_mic
+ap_wpa2_tdls_wrong_tpk_m3_mic
+ap_wpa2_tdls_double_tpk_m2
+ap_wpa2_tdls_responder_teardown
+dpp_network_intro_version
+dpp_network_intro_version_change
+dpp_network_intro_version_missing_req
+dpp_tcp_pkex
+dpp_tcp_pkex_auto_connect_2
+dpp_tcp_pkex_auto_connect_2_status
+dpp_tcp_pkex_auto_connect_2_status_fail
+dpp_tcp_pkex_while_associated
+dpp_tcp_pkex_while_associated_conn_status
+dpp_controller_relay_pkex
+dpp_push_button
+dpp_push_button_session_overlap_sta
+dpp_push_button_session_overlap_ap
+dpp_push_button_session_overlap_configurator
+dpp_push_button_2sta
+dpp_push_button_r_hash_mismatch_sta
+dpp_push_button_i_hash_mismatch_ap
+dpp_push_button_r_hash_mismatch_ap
+dpp_push_button_ext_conf
+dpp_push_button_wpas_conf
+dpp_private_peer_introduction
+dpp_qr_code_parsing
+dpp_uri_version
+dpp_uri_supported_curves
+dpp_uri_host
+dpp_qr_code_parsing_fail
+dpp_qr_code_curves
+dpp_qr_code_curves_brainpool
+dpp_qr_code_unsupported_curve
+dpp_qr_code_keygen_fail
+dpp_qr_code_curve_select
+dpp_qr_code_auth_broadcast
+dpp_configurator_enrollee
+dpp_configurator_enrollee_prime256v1
+dpp_configurator_enrollee_secp384r1
+dpp_configurator_enrollee_secp521r1
+dpp_configurator_enrollee_brainpoolP256r1
+dpp_configurator_enrollee_brainpoolP384r1
+dpp_configurator_enrollee_brainpoolP512r1
+dpp_configurator_enroll_conf
+dpp_qr_code_curve_prime256v1
+dpp_qr_code_curve_secp384r1
+dpp_qr_code_curve_secp521r1
+dpp_qr_code_curve_brainpoolP256r1
+dpp_qr_code_curve_brainpoolP384r1
+dpp_qr_code_curve_brainpoolP512r1
+dpp_qr_code_set_key
+dpp_qr_code_auth_mutual
+dpp_qr_code_auth_mutual2
+dpp_qr_code_auth_mutual_p_256
+dpp_qr_code_auth_mutual_p_384
+dpp_qr_code_auth_mutual_p_521
+dpp_qr_code_auth_mutual_bp_256
+dpp_qr_code_auth_mutual_bp_384
+dpp_qr_code_auth_mutual_bp_512
+dpp_auth_resp_retries
+dpp_qr_code_auth_mutual_not_used
+dpp_qr_code_auth_mutual_curve_mismatch
+dpp_qr_code_auth_hostapd_mutual2
+dpp_qr_code_listen_continue
+dpp_qr_code_auth_initiator_enrollee
+dpp_qr_code_auth_initiator_either_2
+dpp_qr_code_auth_initiator_either_3
+dpp_config_legacy
+dpp_config_legacy_psk_hex
+dpp_config_fragmentation
+dpp_config_legacy_gen
+dpp_config_legacy_gen_psk
+dpp_config_dpp_gen_prime256v1
+dpp_config_dpp_gen_secp384r1
+dpp_config_dpp_gen_secp521r1
+dpp_config_dpp_gen_expiry
+dpp_config_dpp_gen_expired_key
+dpp_config_dpp_gen_3rd_party
+dpp_config_dpp_override_prime256v1
+dpp_config_dpp_override_secp384r1
+dpp_config_override_objects
+dpp_config_signed_connector_error_no_dot_1
+dpp_config_signed_connector_error_no_dot_2
+dpp_config_signed_connector_error_unexpected_signature_len
+dpp_config_no_csign
+dpp_config_no_signed_connector
+dpp_config_unexpected_signed_connector_char
+dpp_config_root_not_an_object
+dpp_config_no_wi_fi_tech
+dpp_config_unsupported_wi_fi_tech
+dpp_config_no_discovery
+dpp_config_no_discovery_ssid
+dpp_config_too_long_discovery_ssid
+dpp_config_no_cred
+dpp_config_no_cred_akm
+dpp_config_unsupported_cred_akm
+dpp_config_error_legacy_no_pass
+dpp_config_error_legacy_too_long_pass
+dpp_config_error_legacy_psk_with_sae
+dpp_config_error_legacy_no_pass_for_sae
+dpp_config_error_legacy_invalid_psk
+dpp_config_error_legacy_too_short_psk
+dpp_config_connector_error_ext_sign
+dpp_config_connector_error_too_short_timestamp
+dpp_config_connector_error_invalid_timestamp
+dpp_config_connector_error_invalid_timestamp_date
+dpp_config_connector_error_invalid_time_zone
+dpp_config_connector_error_invalid_time_zone_2
+dpp_config_connector_error_expired_1
+dpp_config_connector_error_expired_2
+dpp_config_connector_error_expired_3
+dpp_config_connector_error_expired_4
+dpp_config_connector_error_expired_5
+dpp_config_connector_error_expired_6
+dpp_config_connector_error_no_groups
+dpp_config_connector_error_empty_groups
+dpp_config_connector_error_missing_group_id
+dpp_config_connector_error_missing_net_role
+dpp_config_connector_error_missing_net_access_key
+dpp_config_connector_error_net_access_key_mismatch
+dpp_akm_sha256
+dpp_akm_sha384
+dpp_akm_sha512
+dpp_network_introduction
+dpp_network_introduction_expired
+dpp_and_sae_akm
+dpp_ap_config
+dpp_ap_config_p256_p256
+dpp_ap_config_p256_p384
+dpp_ap_config_p384_p256
+dpp_ap_config_p384_p384
+dpp_ap_config_p521_p256
+dpp_ap_config_p521_p384
+dpp_ap_config_bp256_bp256
+dpp_ap_config_bp384_bp384
+dpp_ap_config_bp512_bp512
+dpp_ap_config_p256_bp256
+dpp_ap_config_bp256_p256
+dpp_ap_config_p521_bp512
+dpp_ap_config_reconfig_configurator
+dpp_auto_connect_1
+dpp_auto_connect_2
+dpp_auto_connect_2_connect_cmd
+dpp_auto_connect_2_sta_ver1
+dpp_auto_connect_2_ap_ver1
+dpp_auto_connect_2_ver1
+dpp_auto_connect_2_conf_ver1
+dpp_auto_connect_legacy
+dpp_auto_connect_legacy_ssid_charset
+dpp_auto_connect_legacy_sae_1
+dpp_auto_connect_legacy_sae_2
+dpp_auto_connect_legacy_psk_sae_1
+dpp_auto_connect_legacy_psk_sae_2
+dpp_auto_connect_legacy_psk_sae_3
+dpp_auto_connect_legacy_pmf_required
+dpp_qr_code_auth_responder_configurator
+dpp_qr_code_auth_responder_configurator_group_id
+dpp_qr_code_auth_enrollee_init_netrole
+dpp_qr_code_hostapd_init
+dpp_qr_code_hostapd_init_offchannel
+dpp_qr_code_hostapd_init_offchannel_neg_freq
+dpp_qr_code_hostapd_ignore_mismatch
+dpp_test_vector_p_256
+dpp_test_vector_p_256_b
+dpp_test_vector_p_521
+dpp_pkex
+dpp_pkex_v2
+dpp_pkex_p256
+dpp_pkex_p384
+dpp_pkex_p521
+dpp_pkex_bp256
+dpp_pkex_bp384
+dpp_pkex_bp512
+dpp_pkex_config
+dpp_pkex_no_identifier
+dpp_pkex_identifier_mismatch
+dpp_pkex_identifier_mismatch2
+dpp_pkex_identifier_mismatch3
+dpp_pkex_5ghz
+dpp_pkex_test_vector
+dpp_pkex_code_mismatch
+dpp_pkex_code_mismatch_limit
+dpp_pkex_curve_mismatch
+dpp_pkex_curve_mismatch_failure
+dpp_pkex_curve_mismatch_failure2
+dpp_pkex_exchange_resp_processing_failure
+dpp_pkex_commit_reveal_req_processing_failure
+dpp_pkex_config2
+dpp_pkex_no_responder
+dpp_pkex_after_retry
+dpp_pkex_hostapd_responder
+dpp_pkex_v2_hostapd_responder
+dpp_pkex_hostapd_initiator
+dpp_pkex_v2_hostapd_initiator
+dpp_pkex_hostapd_initiator_fallback
+dpp_pkex_hostapd_initiator_no_response
+dpp_pkex_hostapd_errors
+dpp_pkex_nak_curve_change
+dpp_pkex_nak_curve_change2
+dpp_hostapd_configurator
+dpp_hostapd_configurator_enrollee_v1
+dpp_hostapd_configurator_responder
+dpp_hostapd_configurator_fragmentation
+dpp_hostapd_enrollee_fragmentation
+dpp_hostapd_enrollee_gas_timeout
+dpp_hostapd_enrollee_gas_timeout_comeback
+dpp_hostapd_enrollee_gas_errors
+dpp_hostapd_enrollee_gas_proto
+dpp_hostapd_enrollee_gas_tx_status_errors
+dpp_hostapd_configurator_override_objects
+dpp_own_config
+dpp_own_config_group_id
+dpp_proto_after_wrapped_data_auth_req
+dpp_auth_req_stop_after_ack
+dpp_auth_req_retries
+dpp_auth_req_retries_multi_chan
+dpp_proto_after_wrapped_data_auth_resp
+dpp_proto_after_wrapped_data_auth_conf
+dpp_proto_after_wrapped_data_conf_req
+dpp_proto_after_wrapped_data_conf_resp
+dpp_proto_stop_at_pkex_exchange_resp
+dpp_proto_stop_at_pkex_cr_req
+dpp_proto_stop_at_pkex_cr_resp
+dpp_proto_network_introduction
+dpp_hostapd_auth_conf_timeout
+dpp_hostapd_auth_resp_retries
+dpp_tcp
+dpp_tcp_port
+dpp_tcp_mutual
+dpp_tcp_mutual_hostapd_conf
+dpp_tcp_conf_init
+dpp_tcp_conf_init_hostapd_enrollee
+dpp_tcp_controller_management_hostapd
+dpp_tcp_controller_management_hostapd2
+dpp_tcp_controller_start_failure
+dpp_tcp_init_failure
+dpp_controller_rx_failure
+dpp_controller_rx_errors
+dpp_conn_status_success
+dpp_conn_status_wrong_passphrase
+dpp_conn_status_no_ap
+dpp_conn_status_connector_mismatch
+dpp_conn_status_assoc_reject
+dpp_conn_status_success_hostapd_configurator
+dpp_mud_url
+dpp_mud_url_hostapd
+dpp_config_save
+dpp_config_save2
+dpp_config_save3
+dpp_nfc_uri
+dpp_nfc_uri_hostapd
+dpp_nfc_uri_hostapd_tag_read
+dpp_nfc_negotiated_handover
+dpp_nfc_negotiated_handover_diff_curve
+dpp_nfc_negotiated_handover_hostapd_sel
+dpp_nfc_negotiated_handover_hostapd_req
+dpp_nfc_errors_hostapd
+dpp_with_p2p_device
+dpp_pfs_ap_0
+dpp_pfs_ap_1
+dpp_pfs_ap_2
+dpp_pfs_connect_cmd
+dpp_pfs_connect_cmd_ap_2
+dpp_pfs_connect_cmd_ap_2_sae
+dpp_pfs_ap_0_sta_ver1
+dpp_pfs_errors
+dpp_qr_code_auth_rand_mac_addr
+dpp_enterprise
+dpp_enterprise_tcp
+dpp_enterprise_tcp2
+dpp_qr_code_config_event_initiator
+dpp_qr_code_config_event_initiator_set_comeback
+dpp_qr_code_config_event_initiator_slow
+dpp_qr_code_config_event_initiator_failure
+dpp_qr_code_config_event_initiator_no_response
+dpp_qr_code_config_event_initiator_both
+dpp_tcp_qr_code_config_event_initiator
+dpp_qr_code_config_event_responder
+dpp_discard_public_action
+
--- a/.github/workflows/hostap-files/configs/b607d2723e927a3446d89aed813f1aa6068186bb/wpa_supplicant.config
+++ b/.github/workflows/hostap-files/configs/b607d2723e927a3446d89aed813f1aa6068186bb/wpa_supplicant.config
@@ -0,0 +1,163 @@
+#CC=ccache gcc
+
+#CONFIG_TLS=openssl
+CONFIG_TLS=wolfssl
+#CONFIG_TLS=internal
+#CONFIG_INTERNAL_LIBTOMMATH=y
+#CONFIG_INTERNAL_LIBTOMMATH_FAST=y
+
+CONFIG_IEEE8021X_EAPOL=y
+
+CONFIG_ERP=y
+CONFIG_EAP_MD5=y
+CONFIG_MSCHAPV2=y
+CONFIG_EAP_TLS=y
+CONFIG_EAP_PEAP=y
+CONFIG_EAP_TTLS=y
+CONFIG_EAP_GTC=y
+CONFIG_EAP_OTP=y
+CONFIG_EAP_PSK=y
+CONFIG_EAP_PAX=y
+CONFIG_EAP_LEAP=y
+CONFIG_EAP_SIM=y
+CONFIG_EAP_AKA=y
+CONFIG_EAP_AKA_PRIME=y
+CONFIG_EAP_VENDOR_TEST=y
+CONFIG_EAP_TLV=y
+CONFIG_EAP_SAKE=y
+CONFIG_EAP_GPSK=y
+CONFIG_EAP_GPSK_SHA256=y
+CONFIG_EAP_EKE=y
+CONFIG_EAP_TNC=y
+CFLAGS += -DTNC_CONFIG_FILE=\"tnc/tnc_config\"
+LIBS += -rdynamic
+CONFIG_EAP_FAST=y
+CONFIG_EAP_TEAP=y
+CONFIG_EAP_IKEV2=y
+
+ifeq ($(CONFIG_TLS), openssl)
+CONFIG_EAP_PWD=y
+endif
+ifeq ($(CONFIG_TLS), wolfssl)
+CONFIG_EAP_PWD=y
+endif
+
+CONFIG_USIM_SIMULATOR=y
+CONFIG_SIM_SIMULATOR=y
+
+#CONFIG_PCSC=y
+CONFIG_IPV6=y
+CONFIG_DRIVER_NONE=y
+CONFIG_PKCS12=y
+CONFIG_CTRL_IFACE=unix
+
+CONFIG_WPA_CLI_EDIT=y
+
+CONFIG_OCSP=y
+
+#CONFIG_ELOOP_POLL=y
+
+CONFIG_CTRL_IFACE_DBUS_NEW=y
+CONFIG_CTRL_IFACE_DBUS_INTRO=y
+
+CONFIG_IEEE80211R=y
+CONFIG_IEEE80211AC=y
+CONFIG_IEEE80211AX=y
+
+CONFIG_OCV=y
+
+CONFIG_DEBUG_FILE=y
+
+CONFIG_WPS=y
+#CONFIG_WPS_STRICT=y
+CONFIG_WPS_UPNP=y
+CONFIG_WPS_NFC=y
+CONFIG_WPS_ER=y
+#CONFIG_WPS_REG_DISABLE_OPEN=y
+
+CONFIG_DRIVER_WEXT=y
+
+CONFIG_DRIVER_NL80211=y
+CFLAGS += -I/usr/include/libnl3
+CONFIG_LIBNL32=y
+
+CONFIG_IBSS_RSN=y
+
+CONFIG_AP=y
+CONFIG_MESH=y
+CONFIG_P2P=y
+CONFIG_WIFI_DISPLAY=y
+
+CONFIG_ACS=y
+
+CONFIG_BGSCAN_SIMPLE=y
+CONFIG_BGSCAN_LEARN=y
+
+CONFIG_WPA_TRACE=y
+CONFIG_WPA_TRACE_BFD=y
+
+CONFIG_TDLS=y
+CONFIG_TDLS_TESTING=y
+CONFIG_NO_RANDOM_POOL=y
+
+CONFIG_TLSV11=y
+CONFIG_TLSV12=y
+
+CONFIG_HT_OVERRIDES=y
+CONFIG_VHT_OVERRIDES=y
+CONFIG_HE_OVERRIDES=y
+
+CONFIG_DEBUG_LINUX_TRACING=y
+
+CONFIG_INTERWORKING=y
+CONFIG_HS20=y
+
+CONFIG_AUTOSCAN_EXPONENTIAL=y
+CONFIG_AUTOSCAN_PERIODIC=y
+
+CONFIG_EXT_PASSWORD_TEST=y
+CONFIG_EXT_PASSWORD_FILE=y
+
+CONFIG_EAP_UNAUTH_TLS=y
+
+CONFIG_SAE=y
+CONFIG_SAE_PK=y
+CFLAGS += -DALL_DH_GROUPS
+
+CONFIG_WNM=y
+
+CONFIG_FST=y
+CONFIG_FST_TEST=y
+
+CONFIG_TESTING_OPTIONS=y
+CONFIG_MODULE_TESTS=y
+
+CONFIG_SUITEB=y
+
+# AddressSanitizer (ASan) can be enabled by uncommenting the following lines.
+# This can be used as a more efficient memory error detector than valgrind
+# (though, with still some CPU and memory cost, so VM cases will need more
+# memory allocated for the guest).
+#CFLAGS += -fsanitize=address -O1 -fno-omit-frame-pointer -g
+#LIBS += -fsanitize=address -fno-omit-frame-pointer -g
+#LIBS_c += -fsanitize=address -fno-omit-frame-pointer -g
+#LIBS_p += -fsanitize=address -fno-omit-frame-pointer -g
+
+# Undefined Behavior Sanitizer (UBSan) can be enabled by uncommenting the
+# following lines.
+#CFLAGS += -Wno-format-nonliteral
+#CFLAGS += -fsanitize=undefined
+##CFLAGS += -fno-sanitize-recover
+#LIBS += -fsanitize=undefined
+##LIBS += -fno-sanitize-recover
+#LIBS_c += -fsanitize=undefined
+#LIBS_p += -fsanitize=undefined
+CONFIG_MBO=y
+CONFIG_FILS=y
+CONFIG_FILS_SK_PFS=y
+CONFIG_PMKSA_CACHE_EXTERNAL=y
+CONFIG_OWE=y
+CONFIG_DPP=y
+CONFIG_DPP2=y
+CONFIG_WEP=y
+CONFIG_PASN=y
--- a/.github/workflows/hostap-files/configs/hostap_2_10/hostapd.config
+++ b/.github/workflows/hostap-files/configs/hostap_2_10/hostapd.config
@@ -0,0 +1,119 @@
+#CC=ccache gcc
+
+CONFIG_DRIVER_NONE=y
+CONFIG_DRIVER_NL80211=y
+CONFIG_RSN_PREAUTH=y
+
+#CONFIG_TLS=internal
+#CONFIG_INTERNAL_LIBTOMMATH=y
+#CONFIG_INTERNAL_LIBTOMMATH_FAST=y
+CONFIG_TLS=wolfssl
+
+CONFIG_EAP=y
+CONFIG_ERP=y
+CONFIG_EAP_MD5=y
+CONFIG_EAP_TLS=y
+CONFIG_EAP_MSCHAPV2=y
+CONFIG_EAP_PEAP=y
+CONFIG_EAP_GTC=y
+CONFIG_EAP_TTLS=y
+CONFIG_EAP_SIM=y
+CONFIG_EAP_AKA=y
+CONFIG_EAP_AKA_PRIME=y
+CONFIG_EAP_GPSK=y
+CONFIG_EAP_GPSK_SHA256=y
+CONFIG_EAP_SAKE=y
+CONFIG_EAP_PAX=y
+CONFIG_EAP_PSK=y
+CONFIG_EAP_VENDOR_TEST=y
+CONFIG_EAP_FAST=y
+#CONFIG_EAP_TEAP=y
+CONFIG_EAP_IKEV2=y
+CONFIG_EAP_TNC=y
+CFLAGS += -DTNC_CONFIG_FILE=\"tnc/tnc_config\"
+LIBS += -rdynamic
+CONFIG_EAP_UNAUTH_TLS=y
+ifeq ($(CONFIG_TLS), wolfssl)
+CONFIG_EAP_PWD=y
+endif
+ifeq ($(CONFIG_TLS), openssl)
+CONFIG_EAP_PWD=y
+endif
+CONFIG_EAP_EKE=y
+CONFIG_PKCS12=y
+CONFIG_RADIUS_SERVER=y
+CONFIG_IPV6=y
+CONFIG_TLSV11=y
+CONFIG_TLSV12=y
+
+CONFIG_FULL_DYNAMIC_VLAN=y
+CONFIG_VLAN_NETLINK=y
+CONFIG_LIBNL32=y
+CONFIG_LIBNL3_ROUTE=y
+CONFIG_IEEE80211R=y
+CONFIG_IEEE80211AC=y
+CONFIG_IEEE80211AX=y
+
+CONFIG_OCV=y
+
+CONFIG_WPS=y
+CONFIG_WPS_UPNP=y
+CONFIG_WPS_NFC=y
+#CONFIG_WPS_STRICT=y
+CONFIG_WPA_TRACE=y
+CONFIG_WPA_TRACE_BFD=y
+
+CONFIG_P2P_MANAGER=y
+CONFIG_DEBUG_FILE=y
+CONFIG_DEBUG_LINUX_TRACING=y
+CONFIG_WPA_CLI_EDIT=y
+CONFIG_ACS=y
+CONFIG_NO_RANDOM_POOL=y
+CONFIG_WNM=y
+CONFIG_INTERWORKING=y
+CONFIG_HS20=y
+CONFIG_SQLITE=y
+CONFIG_SAE=y
+#CONFIG_SAE_PK=y
+CFLAGS += -DALL_DH_GROUPS
+
+CONFIG_FST=y
+CONFIG_FST_TEST=y
+
+CONFIG_TESTING_OPTIONS=y
+CFLAGS += -DCONFIG_RADIUS_TEST
+CONFIG_MODULE_TESTS=y
+
+CONFIG_SUITEB=y
+
+# AddressSanitizer (ASan) can be enabled by uncommenting the following lines.
+# This can be used as a more efficient memory error detector than valgrind
+# (though, with still some CPU and memory cost, so VM cases will need more
+# memory allocated for the guest).
+#CFLAGS += -fsanitize=address -O1 -fno-omit-frame-pointer -g
+#LIBS += -fsanitize=address -fno-omit-frame-pointer -g
+#LIBS_h += -fsanitize=address -fno-omit-frame-pointer -g
+#LIBS_n += -fsanitize=address -fno-omit-frame-pointer -g
+#LIBS_c += -fsanitize=address -fno-omit-frame-pointer -g
+
+# Undefined Behavior Sanitizer (UBSan) can be enabled by uncommenting the
+# following lines.
+#CFLAGS += -Wno-format-nonliteral
+#CFLAGS += -fsanitize=undefined
+##CFLAGS += -fno-sanitize-recover
+#LIBS += -fsanitize=undefined
+##LIBS += -fno-sanitize-recover
+#LIBS_h += -fsanitize=undefined
+#LIBS_n += -fsanitize=undefined
+#LIBS_c += -fsanitize=undefined
+CONFIG_MBO=y
+
+CONFIG_TAXONOMY=y
+CONFIG_FILS=y
+CONFIG_FILS_SK_PFS=y
+CONFIG_OWE=y
+#CONFIG_DPP=y
+#CONFIG_DPP2=y
+CONFIG_WEP=y
+CONFIG_PASN=y
+CONFIG_AIRTIME_POLICY=y
--- a/.github/workflows/hostap-files/configs/hostap_2_10/tests
+++ b/.github/workflows/hostap-files/configs/hostap_2_10/tests
@@ -0,0 +1,284 @@
+sae
+sae_password_ecc
+sae_pmksa_caching
+sae_pmksa_caching_pmkid
+sae_pmksa_caching_disabled
+sae_groups
+sae_group_nego
+sae_group_nego_no_match
+sae_anti_clogging
+sae_forced_anti_clogging
+sae_mixed
+sae_and_psk
+sae_and_psk2
+sae_wpa3_roam
+sae_mixed_mfp
+sae_mfp
+sae_missing_password
+sae_key_lifetime_in_memory
+sae_oom_wpas
+sae_proto_ecc
+sae_proto_ffc
+sae_proto_commit_delayed
+sae_proto_commit_replay
+sae_proto_confirm_replay
+sae_proto_hostapd
+sae_proto_hostapd_ecc
+sae_proto_hostapd_ffc
+sae_proto_hostapd_status_126
+sae_proto_hostapd_status_127
+sae_reflection_attack_ecc
+sae_reflection_attack_ecc_internal
+sae_commit_override
+sae_commit_override2
+sae_commit_invalid_scalar_element_ap
+sae_commit_invalid_element_ap
+sae_commit_invalid_scalar_element_sta
+sae_commit_invalid_element_sta
+sae_anti_clogging_proto
+sae_no_random
+sae_bignum_failure_unsafe_group
+sae_invalid_anti_clogging_token_req
+sae_password
+sae_password_short
+sae_password_long
+sae_connect_cmd
+sae_password_id
+sae_password_id_ecc
+sae_password_id_ffc
+sae_password_id_only
+sae_password_id_pwe_looping
+sae_password_id_pwe_check_ap
+sae_password_id_pwe_check_sta
+sae_forced_anti_clogging_pw_id
+sae_reauth
+sae_sync
+sae_confirm_immediate
+sae_confirm_immediate2
+sae_pwe_group_19
+sae_pwe_group_20
+sae_pwe_group_21
+sae_pwe_group_1
+sae_pwe_group_2
+sae_pwe_group_22
+sae_pwe_h2e_only_ap
+sae_pwe_h2e_only_ap_sta_forcing_loop
+sae_pwe_loop_only_ap
+sae_h2e_rejected_groups
+sae_h2e_rejected_groups_unexpected
+sae_h2e_password_id
+sae_pwe_in_psk_ap
+sae_auth_restart
+sae_rsne_mismatch
+sae_h2e_rsnxe_mismatch
+sae_h2e_rsnxe_mismatch_retries
+sae_h2e_rsnxe_mismatch_assoc
+sae_h2e_rsnxe_mismatch_ap
+sae_h2e_rsnxe_mismatch_ap2
+sae_h2e_rsnxe_mismatch_ap3
+sae_forced_anti_clogging_h2e
+sae_forced_anti_clogging_h2e_loop
+sae_okc
+sae_okc_sta_only
+sae_okc_pmk_lifetime
+sae_pmk_lifetime
+sae_and_psk_multiple_passwords
+sae_pmf_roam
+sae_ocv_pmk
+sae_ocv_pmk_failure
+sae_reject
+eap_tls_pkcs8_pkcs5_v2_des3
+eap_tls_pkcs8_pkcs5_v15
+eap_tls_sha512
+eap_tls_sha384
+eap_tls_errors
+eap_proto_peap_errors_server
+eap_proto_peap_errors
+ap_wpa2_delayed_m3_retransmission
+ap_wpa2_delayed_m1_m3_retransmission
+ap_wpa2_delayed_m1_m3_retransmission2
+ap_wpa2_delayed_group_m1_retransmission
+ap_wpa2_delayed_group_m1_retransmission_igtk
+ap_wpa2_delayed_m1_m3_zero_tk
+ap_wpa2_plaintext_m1_m3
+ap_wpa2_plaintext_m1_m3_pmf
+ap_wpa2_plaintext_m3
+ap_wpa2_plaintext_group_m1
+ap_wpa2_plaintext_group_m1_pmf
+ap_wpa2_test_command_failures
+ap_wpa2_gtk_initial_rsc_tkip
+ap_wpa2_gtk_initial_rsc_ccmp
+ap_wpa2_gtk_initial_rsc_ccmp_256
+ap_wpa2_gtk_initial_rsc_gcmp
+ap_wpa2_gtk_initial_rsc_gcmp_256
+ap_wpa2_igtk_initial_rsc_aes_128_cmac
+ap_wpa2_igtk_initial_rsc_bip_gmac_128
+ap_wpa2_igtk_initial_rsc_bip_gmac_256
+ap_wpa2_igtk_initial_rsc_bip_cmac_256
+ap_wpa2_psk
+ap_wpa2_psk_file
+ap_wpa2_psk_file_keyid
+ap_wpa2_psk_mem
+ap_wpa2_ptk_rekey
+ap_wpa2_ptk_rekey_blocked_ap
+ap_wpa2_ptk_rekey_blocked_sta
+ap_wpa2_ptk_rekey_anonce
+ap_wpa2_ptk_rekey_ap
+ap_wpa2_sha256_ptk_rekey
+ap_wpa2_sha256_ptk_rekey_ap
+ap_wpa2_psk_file_errors
+ap_wpa2_psk_wildcard_ssid
+ap_wpa2_gtk_rekey
+ap_wpa2_gtk_rekey_request
+ap_wpa2_gtk_rekey_failure
+ap_wpa2_gmk_rekey
+ap_wpa2_strict_rekey
+ap_wpa2_psk_ext
+ap_wpa2_psk_unexpected
+ap_wpa2_psk_ext_retry_msg_3
+ap_wpa2_psk_ext_retry_msg_3b
+ap_wpa2_psk_ext_retry_msg_3c
+ap_wpa2_psk_ext_retry_msg_3d
+ap_wpa2_psk_ext_retry_msg_3e
+ap_wpa2_psk_ext_delayed_ptk_rekey
+ap_wpa2_psk_ext_eapol
+ap_wpa2_psk_ext_eapol_retry1
+ap_wpa2_psk_ext_eapol_retry1b
+ap_wpa2_psk_ext_eapol_retry1c
+ap_wpa2_psk_ext_eapol_retry1d
+ap_wpa2_psk_ext_eapol_type_diff
+ap_wpa2_psk_ext_eapol_key_info
+ap_wpa2_psk_wep
+ap_wpa2_psk_ifdown
+ap_wpa2_psk_drop_first_msg_4
+ap_wpa2_psk_disable_enable
+ap_wpa2_psk_incorrect_passphrase
+ap_wpa2_psk_no_random
+ap_wpa2_psk_assoc_rsn
+ap_wpa2_psk_ft_workaround
+ap_wpa2_psk_assoc_rsn_pmkid
+ap_wpa2_eapol_retry_limit
+ap_wpa2_disable_eapol_retry
+ap_wpa2_disable_eapol_retry_group
+ap_wpa2_psk_mic_0
+ap_wpa2_psk_local_error
+ap_wpa2_psk_inject_assoc
+ap_wpa2_psk_no_control_port
+ap_wpa2_psk_ap_control_port
+ap_wpa2_psk_ap_control_port_disabled
+ap_wpa2_psk_rsne_mismatch_ap
+ap_wpa2_psk_rsne_mismatch_ap2
+ap_wpa2_psk_rsne_mismatch_ap3
+ap_wpa2_psk_rsnxe_mismatch_ap
+ap_wpa2_psk_ext_key_id_ptk_rekey_ap0
+ap_wpa2_psk_ext_key_id_ptk_rekey_ap1
+ap_wpa2_psk_ext_key_id_ptk_rekey_ap2
+ap_wpa2_psk_ext_key_id_ptk_rekey_sta0
+ap_wpa2_psk_ext_key_id_ptk_rekey_sta1
+ap_wpa2_psk_ext_key_id_ptk_rekey_sta2
+ap_wpa2_eap_sim
+ap_wpa2_eap_sim_sql
+ap_wpa2_eap_sim_config
+ap_wpa2_eap_sim_id_0
+ap_wpa2_eap_sim_id_1
+ap_wpa2_eap_sim_id_2
+ap_wpa2_eap_sim_id_3
+ap_wpa2_eap_sim_ext
+ap_wpa2_eap_sim_ext_replace_sim
+ap_wpa2_eap_sim_ext_replace_sim2
+ap_wpa2_eap_sim_ext_replace_sim3
+ap_wpa2_eap_sim_ext_auth_fail
+ap_wpa2_eap_sim_change_bssid
+ap_wpa2_eap_sim_no_change_set
+ap_wpa2_eap_sim_ext_anonymous
+ap_wpa2_eap_sim_ext_anonymous_no_pseudonym
+ap_wpa2_eap_sim_oom
+ap_wpa2_eap_aka
+ap_wpa2_eap_aka_sql
+ap_wpa2_eap_aka_config
+ap_wpa2_eap_aka_ext
+ap_wpa2_eap_aka_ext_auth_fail
+ap_wpa2_eap_aka_prime
+ap_wpa2_eap_aka_prime_sql
+ap_wpa2_eap_aka_prime_ext_auth_fail
+ap_wpa2_eap_aka_prime_ext
+ap_wpa2_eap_ttls_invalid_phase2
+ap_wpa2_eap_ttls_eap_vendor
+ap_wpa2_eap_fast_eap_sim
+ap_wpa2_eap_fast_eap_aka
+ap_wpa2_eap_peap_params
+ap_wpa2_eap_peap_eap_gtc
+ap_wpa2_eap_peap_eap_vendor
+ap_wpa2_eap_ttls_server_cert_hash
+ap_wpa2_eap_ttls_server_cert_hash_invalid
+ap_wpa2_eap_pwd
+ap_wpa2_eap_pwd_nthash
+ap_wpa2_eap_pwd_salt_sha1
+ap_wpa2_eap_pwd_salt_sha256
+ap_wpa2_eap_pwd_salt_sha512
+ap_wpa2_eap_pwd_groups
+ap_wpa2_eap_pwd_invalid_group
+ap_wpa2_eap_pwd_disabled_group
+ap_wpa2_eap_pwd_as_frag
+ap_wpa2_eap_gpsk
+ap_wpa2_eap_sake
+ap_wpa2_eap_ikev2
+ap_wpa2_eap_ikev2_as_frag
+ap_wpa2_eap_ikev2_oom
+ap_wpa2_eap_pax
+ap_wpa2_eap_psk
+ap_wpa2_eap_psk_oom
+ap_wpa2_eap_interactive
+ap_wpa2_eap_ext_enable_network_while_connected
+ap_wpa2_eap_vendor_test
+ap_wpa2_eap_vendor_test_oom
+ap_wpa2_eap_ttls_ocsp_revoked
+ap_wpa2_eap_ttls_ocsp_unknown
+ap_wpa2_eap_ttls_optional_ocsp_unknown
+ap_wpa2_eap_ttls_long_duration
+ap_wpa2_eap_ttls_server_cert_eku_client
+ap_wpa2_eap_ttls_server_cert_eku_client_server
+ap_wpa2_eap_ttls_dh_params
+ap_wpa2_eap_ttls_dh_params_dsa
+ap_wpa2_eap_ttls_dh_params_not_found
+ap_wpa2_eap_ttls_dh_params_invalid
+ap_wpa2_eap_ttls_dh_params_blob
+ap_wpa2_eap_ttls_dh_params_server
+ap_wpa2_eap_ttls_dh_params_dsa_server
+ap_wpa2_eap_reauth
+ap_wpa2_eap_reauth_ptk_rekey_blocked_sta
+ap_wpa2_eap_request_identity_message
+ap_wpa2_eap_sim_aka_result_ind
+ap_wpa2_eap_sim_zero_db_timeout
+ap_wpa2_eap_too_many_roundtrips
+ap_wpa2_eap_too_many_roundtrips_server
+ap_wpa2_eap_too_many_roundtrips_server2
+ap_wpa2_eap_expanded_nak
+ap_wpa2_eap_sql
+ap_wpa2_eap_non_ascii_identity
+ap_wpa2_eap_non_ascii_identity2
+ap_wpa2_eap_unexpected_wep_eapol_key
+ap_wpa2_eap_oom
+ap_wpa2_eap_sim_db
+ap_wpa2_eap_sim_db_sqlite
+ap_wpa2_eap_assoc_rsn
+ap_wpa2_eap_status
+ap_wpa2_eap_gpsk_ptk_rekey_ap
+ap_wpa2_eap_wildcard_ssid
+ap_wpa2_eap_psk_mac_addr_change
+ap_wpa2_eap_server_get_id
+ap_wpa2_radius_server_get_id
+ap_wpa2_eap_sake_no_control_port
+ap_wpa2_tdls
+ap_wpa2_tdls_concurrent_init
+ap_wpa2_tdls_concurrent_init2
+ap_wpa2_tdls_decline_resp
+ap_wpa2_tdls_long_lifetime
+ap_wpa2_tdls_long_frame
+ap_wpa2_tdls_reneg
+ap_wpa2_tdls_wrong_lifetime_resp
+ap_wpa2_tdls_diff_rsnie
+ap_wpa2_tdls_wrong_tpk_m2_mic
+ap_wpa2_tdls_wrong_tpk_m3_mic
+ap_wpa2_tdls_double_tpk_m2
+ap_wpa2_tdls_responder_teardown
--- a/.github/workflows/hostap-files/configs/hostap_2_10/wpa_supplicant.config
+++ b/.github/workflows/hostap-files/configs/hostap_2_10/wpa_supplicant.config
@@ -0,0 +1,163 @@
+#CC=ccache gcc
+
+#CONFIG_TLS=openssl
+CONFIG_TLS=wolfssl
+#CONFIG_TLS=internal
+#CONFIG_INTERNAL_LIBTOMMATH=y
+#CONFIG_INTERNAL_LIBTOMMATH_FAST=y
+
+CONFIG_IEEE8021X_EAPOL=y
+
+CONFIG_ERP=y
+CONFIG_EAP_MD5=y
+CONFIG_MSCHAPV2=y
+CONFIG_EAP_TLS=y
+CONFIG_EAP_PEAP=y
+CONFIG_EAP_TTLS=y
+CONFIG_EAP_GTC=y
+CONFIG_EAP_OTP=y
+CONFIG_EAP_PSK=y
+CONFIG_EAP_PAX=y
+CONFIG_EAP_LEAP=y
+CONFIG_EAP_SIM=y
+CONFIG_EAP_AKA=y
+CONFIG_EAP_AKA_PRIME=y
+CONFIG_EAP_VENDOR_TEST=y
+CONFIG_EAP_TLV=y
+CONFIG_EAP_SAKE=y
+CONFIG_EAP_GPSK=y
+CONFIG_EAP_GPSK_SHA256=y
+CONFIG_EAP_EKE=y
+CONFIG_EAP_TNC=y
+CFLAGS += -DTNC_CONFIG_FILE=\"tnc/tnc_config\"
+LIBS += -rdynamic
+CONFIG_EAP_FAST=y
+#CONFIG_EAP_TEAP=y
+CONFIG_EAP_IKEV2=y
+
+ifeq ($(CONFIG_TLS), wolfssl)
+CONFIG_EAP_PWD=y
+endif
+ifeq ($(CONFIG_TLS), openssl)
+CONFIG_EAP_PWD=y
+endif
+
+CONFIG_USIM_SIMULATOR=y
+CONFIG_SIM_SIMULATOR=y
+
+#CONFIG_PCSC=y
+CONFIG_IPV6=y
+CONFIG_DRIVER_NONE=y
+CONFIG_PKCS12=y
+CONFIG_CTRL_IFACE=unix
+
+CONFIG_WPA_CLI_EDIT=y
+
+CONFIG_OCSP=y
+
+#CONFIG_ELOOP_POLL=y
+
+CONFIG_CTRL_IFACE_DBUS_NEW=y
+CONFIG_CTRL_IFACE_DBUS_INTRO=y
+
+CONFIG_IEEE80211R=y
+CONFIG_IEEE80211AC=y
+CONFIG_IEEE80211AX=y
+
+CONFIG_OCV=y
+
+CONFIG_DEBUG_FILE=y
+
+CONFIG_WPS=y
+#CONFIG_WPS_STRICT=y
+CONFIG_WPS_UPNP=y
+CONFIG_WPS_NFC=y
+CONFIG_WPS_ER=y
+#CONFIG_WPS_REG_DISABLE_OPEN=y
+
+CONFIG_DRIVER_WEXT=y
+
+CONFIG_DRIVER_NL80211=y
+CFLAGS += -I/usr/include/libnl3
+CONFIG_LIBNL32=y
+
+CONFIG_IBSS_RSN=y
+
+CONFIG_AP=y
+CONFIG_MESH=y
+CONFIG_P2P=y
+CONFIG_WIFI_DISPLAY=y
+
+CONFIG_ACS=y
+
+CONFIG_BGSCAN_SIMPLE=y
+CONFIG_BGSCAN_LEARN=y
+
+CONFIG_WPA_TRACE=y
+CONFIG_WPA_TRACE_BFD=y
+
+CONFIG_TDLS=y
+CONFIG_TDLS_TESTING=y
+CONFIG_NO_RANDOM_POOL=y
+
+CONFIG_TLSV11=y
+CONFIG_TLSV12=y
+
+CONFIG_HT_OVERRIDES=y
+CONFIG_VHT_OVERRIDES=y
+CONFIG_HE_OVERRIDES=y
+
+CONFIG_DEBUG_LINUX_TRACING=y
+
+CONFIG_INTERWORKING=y
+CONFIG_HS20=y
+
+CONFIG_AUTOSCAN_EXPONENTIAL=y
+CONFIG_AUTOSCAN_PERIODIC=y
+
+CONFIG_EXT_PASSWORD_TEST=y
+CONFIG_EXT_PASSWORD_FILE=y
+
+CONFIG_EAP_UNAUTH_TLS=y
+
+CONFIG_SAE=y
+#CONFIG_SAE_PK=y
+CFLAGS += -DALL_DH_GROUPS
+
+CONFIG_WNM=y
+
+CONFIG_FST=y
+CONFIG_FST_TEST=y
+
+CONFIG_TESTING_OPTIONS=y
+CONFIG_MODULE_TESTS=y
+
+CONFIG_SUITEB=y
+
+# AddressSanitizer (ASan) can be enabled by uncommenting the following lines.
+# This can be used as a more efficient memory error detector than valgrind
+# (though, with still some CPU and memory cost, so VM cases will need more
+# memory allocated for the guest).
+#CFLAGS += -fsanitize=address -O1 -fno-omit-frame-pointer -g
+#LIBS += -fsanitize=address -fno-omit-frame-pointer -g
+#LIBS_c += -fsanitize=address -fno-omit-frame-pointer -g
+#LIBS_p += -fsanitize=address -fno-omit-frame-pointer -g
+
+# Undefined Behavior Sanitizer (UBSan) can be enabled by uncommenting the
+# following lines.
+#CFLAGS += -Wno-format-nonliteral
+#CFLAGS += -fsanitize=undefined
+##CFLAGS += -fno-sanitize-recover
+#LIBS += -fsanitize=undefined
+##LIBS += -fno-sanitize-recover
+#LIBS_c += -fsanitize=undefined
+#LIBS_p += -fsanitize=undefined
+CONFIG_MBO=y
+CONFIG_FILS=y
+CONFIG_FILS_SK_PFS=y
+CONFIG_PMKSA_CACHE_EXTERNAL=y
+CONFIG_OWE=y
+#CONFIG_DPP=y
+#CONFIG_DPP2=y
+CONFIG_WEP=y
+CONFIG_PASN=y
--- a/.github/workflows/hostap-files/dbus-wpa_supplicant.conf
+++ b/.github/workflows/hostap-files/dbus-wpa_supplicant.conf
@@ -0,0 +1,23 @@
+<!DOCTYPE busconfig PUBLIC
+ "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+  <policy user="root">
+    <allow own="fi.epitest.hostap.WPASupplicant"/>
+    <allow send_destination="fi.epitest.hostap.WPASupplicant"/>
+    <allow send_interface="fi.epitest.hostap.WPASupplicant"/>
+    <allow own="fi.w1.wpa_supplicant1"/>
+    <allow send_destination="fi.w1.wpa_supplicant1"/>
+    <allow send_interface="fi.w1.wpa_supplicant1"/>
+    <allow receive_sender="fi.w1.wpa_supplicant1" receive_type="signal"/>
+  </policy>
+  <policy context="default">
+    <deny own="fi.epitest.hostap.WPASupplicant"/>
+    <deny send_destination="fi.epitest.hostap.WPASupplicant"/>
+    <deny send_interface="fi.epitest.hostap.WPASupplicant"/>
+    <deny own="fi.w1.wpa_supplicant1"/>
+    <deny send_destination="fi.w1.wpa_supplicant1"/>
+    <deny send_interface="fi.w1.wpa_supplicant1"/>
+    <deny receive_sender="fi.w1.wpa_supplicant1" receive_type="signal"/>
+  </policy>
+</busconfig>
--- a/.github/workflows/hostap.yml
+++ b/.github/workflows/hostap.yml
@@ -0,0 +1,283 @@
+name: hostap and wpa-supplicant Tests
+
+on:
+  workflow_call:
+
+jobs:
+  build_wolfssl:
+    strategy:
+      matrix:
+        include:
+          - build_id: hostap-build1
+            wolf_extra_config: --disable-tls13
+          - build_id: hostap-build2
+            wolf_extra_config: --enable-brainpool --enable-wpas-dpp
+    name: Build wolfSSL
+    # Just to keep it the same as the testing target
+    runs-on: ubuntu-20.04
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
+    steps:
+        # No way to view the full strategy in the browser (really weird)
+      - name: Print strategy
+        run: |
+          cat <<EOF
+          ${{ toJSON(matrix) }}
+          EOF
+
+      - if: ${{ runner.debug }}
+        name: Enable wolfSSL debug logging
+        run: |
+          echo "wolf_debug_flags=--enable-debug" >> $GITHUB_ENV
+
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: >-
+            --enable-wpas CFLAGS=-DWOLFSSL_STATIC_RSA
+            ${{ env.wolf_debug_flags }} ${{ matrix.wolf_extra_config }}
+          install: true
+
+      - name: Upload built lib
+        uses: actions/upload-artifact@v3
+        with:
+          name: ${{ matrix.build_id }}
+          path: build-dir
+          retention-days: 1
+
+  # Build wpa_supplicant with wolfSSL and hostapd with OpenSSL and interop.
+  hostap_test:
+    strategy:
+      fail-fast: false
+      matrix:
+        # should hostapd be compiled with wolfssl
+        hostapd: [true, false]
+        # should wpa_supplicant be compiled with wolfssl
+        wpa_supplicant: [true, false]
+        # Fix the versions of hostap and osp to not break testing when a new
+        # patch is added in to osp. hostap_cherry_pick is used to apply the
+        # commit that updates the certificates used for testing. Tests are read
+        # from the corresponding configs/hostap_ref/tests file.
+        config: [
+          {
+            hostap_ref: hostap_2_10,
+            hostap_cherry_pick: 5679ec5c3dda25a0547a5f66407fd9b0b55fd04a,
+            remove_teap: true,
+            # TLS 1.3 does not work for this version
+            build_id: hostap-build1,
+          },
+          # Test the dpp patch
+          {
+            hostap_ref: b607d2723e927a3446d89aed813f1aa6068186bb,
+            hostap_cherry_pick: 5679ec5c3dda25a0547a5f66407fd9b0b55fd04a,
+            osp_ref: ad5b52a49b3cc2a5bfb47ccc1d6a5137132e9446,
+            build_id: hostap-build2
+          },
+        ]
+        # parallelize the tests to be able to run all tests within 10 minutes
+        # Update the <total server> in the ./run-tests.py step when changing.
+        server: [1, 2, 3, 4, 5]
+        exclude:
+          # don't test openssl on both sides
+          - hostapd: false
+            wpa_supplicant: false
+          # no hostapd support for dpp yet
+          - hostapd: true
+            config: {
+              hostap_ref: b607d2723e927a3446d89aed813f1aa6068186bb,
+              osp_ref: ad5b52a49b3cc2a5bfb47ccc1d6a5137132e9446,
+              build_id: hostap-build2
+            }
+    name: hwsim test
+    # For openssl 1.1
+    runs-on: ubuntu-20.04
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 12
+    needs: build_wolfssl
+    steps:
+        # No way to view the full strategy in the browser (really weird)
+      - name: Print strategy
+        run: |
+          cat <<EOF
+          ${{ toJSON(matrix) }}
+          EOF
+
+      - name: Print computed job run ID
+        run: |
+          SHA_SUM=$(sha256sum << 'END_OF_HEREDOC' | cut -d " " -f 1
+          ${{ toJSON(github) }}
+          END_OF_HEREDOC
+          )
+          echo "our_job_run_id=$SHA_SUM" >> $GITHUB_ENV
+          echo Our job run ID is $SHA_SUM
+
+      - name: Checkout wolfSSL
+        uses: actions/checkout@v3
+        with:
+          path: wolfssl
+
+      - name: Install dependencies
+        run: |
+          # Don't prompt for anything
+          export DEBIAN_FRONTEND=noninteractive
+          sudo apt-get update
+          # hostap dependencies
+          sudo apt-get install -y libpcap0.8 libpcap-dev curl libcurl4-openssl-dev \
+            libnl-3-dev binutils-dev libssl-dev libiberty-dev libnl-genl-3-dev \
+            libnl-route-3-dev libdbus-1-dev linux-modules-extra-`uname -r` \
+            bridge-utils
+          sudo pip3 install pycryptodome
+
+      - name: Enable mac80211
+        run: |
+          sudo modprobe mac80211
+          lsmod | grep mac80211
+
+      - if: ${{ runner.debug }}
+        name: Enable hostap debug logging
+        run: |
+          echo "hostap_debug_flags=-d" >> $GITHUB_ENV
+
+      - name: Download lib
+        uses: actions/download-artifact@v3
+        with:
+          name: ${{ matrix.config.build_id }}
+          path: build-dir
+
+      - name: Setup d-bus
+        working-directory: wolfssl/.github/workflows/hostap-files
+        run: |
+          sudo cp dbus-wpa_supplicant.conf /usr/share/dbus-1/system.d/wpa_supplicant.conf
+          sudo service dbus reload
+
+        # This is super hack-ish :P
+        # If you are trying to reproduce this on a more generic system, you can
+        # just run `sudo apt install linux-modules-extra-$(uname -r)` and
+        # this should have the module in the package. No need to compile it.
+      - name: Compile and install mac80211_hwsim
+        working-directory: wolfssl/.github/workflows/hostap-files
+        run: |
+          # The tag will be the first two numbers of from uname -r
+          LINUX_TAG=$(uname -r | grep -oP '^\d+\.\d+')
+          # Download the correct version of the driver
+          wget https://raw.githubusercontent.com/torvalds/linux/v$LINUX_TAG/drivers/net/wireless/mac80211_hwsim.c
+          wget https://raw.githubusercontent.com/torvalds/linux/v$LINUX_TAG/drivers/net/wireless/mac80211_hwsim.h
+          make
+          sudo make install
+          sudo modprobe mac80211_hwsim
+          lsmod | grep mac80211_hwsim
+          sudo rmmod mac80211_hwsim
+
+      - name: Checkout hostap
+        uses: actions/checkout@v3
+        with:
+          repository: julek-wolfssl/hostap-mirror 
+          path: hostap
+          ref: ${{ matrix.config.hostap_ref }}
+          # necessary for cherry pick step
+          fetch-depth: 0
+
+      - if: ${{ matrix.config.hostap_cherry_pick }}
+        name: Cherry pick certificate update
+        working-directory: hostap
+        run: git cherry-pick -n -X theirs ${{ matrix.config.hostap_cherry_pick }}
+
+      - if: ${{ matrix.config.osp_ref }}
+        name: Checkout OSP
+        uses: actions/checkout@v3
+        with:
+          repository: wolfssl/osp
+          path: osp
+          ref: ${{ matrix.config.osp_ref }}
+
+      - if: ${{ matrix.config.osp_ref }}
+        name: Apply patch files
+        working-directory: hostap
+        run: |
+          for f in $GITHUB_WORKSPACE/osp/hostap-patches/pending/*
+          do
+            patch -p1 < $f
+          done
+
+      - if: ${{ matrix.hostapd }}
+        name: Setup hostapd config file 
+        run: |
+          cp wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/hostapd.config \
+             hostap/hostapd/.config
+          cat <<EOF >> hostap/hostapd/.config
+            CFLAGS += -I$GITHUB_WORKSPACE/build-dir/include -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib
+            LIBS += -L$GITHUB_WORKSPACE/build-dir/lib -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib
+          EOF
+
+      - if: ${{ matrix.wpa_supplicant }}
+        name: Setup wpa_supplicant config file 
+        run: |
+          cp wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/wpa_supplicant.config \
+             hostap/wpa_supplicant/.config
+          cat <<EOF >> hostap/wpa_supplicant/.config
+            CFLAGS += -I$GITHUB_WORKSPACE/build-dir/include -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib
+            LIBS += -L$GITHUB_WORKSPACE/build-dir/lib -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib
+          EOF
+
+      - name: Build hostap
+        working-directory: hostap/tests/hwsim/
+        run: ./build.sh
+
+      - if: ${{ matrix.hostapd }}
+        name: Confirm hostapd linking with wolfSSL
+        run: ldd hostap/hostapd/hostapd | grep wolfssl
+
+      - if: ${{ matrix.wpa_supplicant }}
+        name: Confirm wpa_supplicant linking with wolfSSL
+        run: ldd hostap/wpa_supplicant/wpa_supplicant | grep wolfssl
+
+      - if: ${{ matrix.config.remove_teap }}
+        name: Remove EAP-TEAP from test configuration
+        working-directory: hostap/tests/hwsim/auth_serv
+        run: |
+          sed -e 's/"erp-teap@example.com"\tTEAP//' -i eap_user.conf
+          sed -e 's/"erp-teap@example.com"\tMSCHAPV2\t"password"\t\[2\]//' -i eap_user.conf
+          sed -e 's/"TEAP"\t\tTEAP//' -i eap_user.conf
+          sed -e 's/TEAP,//' -i eap_user.conf
+
+      - name: Run tests
+        id: testing
+        working-directory: hostap/tests/hwsim/
+        run: |
+          # Run tests in increments of 50 to cut down on the uploaded log size.
+          while mapfile -t -n 50 ary && ((${#ary[@]})); do
+            TESTS=$(printf '%s\n' "${ary[@]}" | tr '\n' ' ')
+            # Retry up to three times
+            for i in {1..3}; do
+              HWSIM_RES=0 # Not set when command succeeds
+              # Logs can grow quickly especially in debug mode
+              sudo rm -rf logs
+              sudo ./start.sh
+              sudo ./run-tests.py ${{ env.hostap_debug_flags }} --split ${{ matrix.server }}/5 $TESTS || HWSIM_RES=$?
+              sudo ./stop.sh
+              if [ "$HWSIM_RES" -eq "0" ]; then
+                break
+              fi
+            done
+            echo "test ran $i times"
+            if [ "$HWSIM_RES" -ne "0" ]; then
+              exit $HWSIM_RES
+            fi
+          done < $GITHUB_WORKSPACE/wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/tests
+
+      - name: Change failure log permissions
+        if: ${{ failure() && steps.testing.outcome == 'failure' }}
+        working-directory: hostap/tests/hwsim/
+        run: |
+          sudo chown -R $USER:$USER logs
+          zip -9 -r logs.zip logs/current
+
+      - name: Upload failure logs
+        if: ${{ failure() && steps.testing.outcome == 'failure' }}
+        uses: actions/upload-artifact@v3
+        with:
+          name: hostap-logs-${{ env.our_job_run_id }}
+          path: hostap/tests/hwsim/logs.zip
+          retention-days: 5
+
--- a/.github/workflows/krb5.yml
+++ b/.github/workflows/krb5.yml
@@ -0,0 +1,79 @@
+name: Kerberos 5 Tests
+
+on:
+  workflow_call:
+
+jobs:
+  build_wolfssl:
+    name: Build wolfSSL
+    # Just to keep it the same as the testing target
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 5
+    steps:
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-krb CFLAGS='-fsanitize=address'
+          install: true
+
+      - name: Upload built lib
+        uses: actions/upload-artifact@v3
+        with:
+          name: wolf-install-krb5
+          path: build-dir
+          retention-days: 1
+
+  krb5_check:
+    strategy:
+      fail-fast: false
+      matrix:
+        # List of releases to test
+        ref: [ 1.21.1 ]
+    name: ${{ matrix.ref }}
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 8
+    needs: build_wolfssl
+    steps:
+      - name: Download lib
+        uses: actions/download-artifact@v3
+        with:
+          name: wolf-install-krb5
+          path: build-dir
+
+      - name: Checkout OSP
+        uses: actions/checkout@v3
+        with:
+          repository: wolfssl/osp
+          path: osp
+
+      - name: Checkout krb5
+        uses: actions/checkout@v3
+        with:
+          repository: krb5/krb5
+          ref: krb5-${{ matrix.ref }}-final
+          path: krb5
+
+      - name: Apply patch
+        working-directory: ./krb5
+        run: |
+          patch -p1 < $GITHUB_WORKSPACE/osp/krb5/Patch-for-Kerberos-5-${{ matrix.ref }}.patch
+
+      - name: Build krb5
+        working-directory: ./krb5/src
+        run: |
+          autoreconf -ivf
+          # Using rpath because LD_LIBRARY_PATH is overwritten during testing
+          export WOLFSSL_CFLAGS="-I$GITHUB_WORKSPACE/build-dir/include -I$GITHUB_WORKSPACE/build-dir/include/wolfssl  -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib"
+          export WOLFSSL_LIBS="-lwolfssl -L$GITHUB_WORKSPACE/build-dir/lib -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib"
+          ./configure --with-crypto-impl=wolfssl --with-tls-impl=wolfssl --disable-pkinit \
+            CFLAGS='-fsanitize=address' LDFLAGS='-fsanitize=address'
+          CFLAGS='-fsanitize=address' LDFLAGS='-fsanitize=address' make -j
+
+      - name: Run tests
+        working-directory: ./krb5/src
+        run: |
+          CFLAGS='-fsanitize=address' LDFLAGS='-fsanitize=address' make -j check
+
--- a/.github/workflows/macos-check.yml
+++ b/.github/workflows/macos-check.yml
@@ -1,28 +0,0 @@
-name: macOS Build Test
-
-on:
-  push:
-    branches: [ '*' ]
-  pull_request:
-    branches: [ '*' ]
-
-jobs:
-  build:
-
-    runs-on: macos-latest
-
-    steps:
-    - uses: actions/checkout@v2
-    - name: brew
-      run: brew install automake libtool
-    - name: autogen
-      run: ./autogen.sh
-    - name: configure
-      run: ./configure
-    - name: make
-      run: make
-    - name: make check
-      run: make check
-    - name: make distcheck
-      run: make distcheck
-
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -0,0 +1,47 @@
+name: CI
+concurrency:
+  group: ${{ github.ref }}
+  cancel-in-progress: true
+
+on:
+  push:
+    branches: [ 'master', 'main', 'release/**' ]
+  pull_request:
+    branches: [ '*' ]
+
+jobs:
+    espressif:
+        uses: ./.github/workflows/docker-Espressif.yml
+    multi-compiler:
+        uses: ./.github/workflows/multi-compiler.yml
+    multi-arch:
+        uses: ./.github/workflows/multi-arch.yml
+    openwrt:
+        uses: ./.github/workflows/docker-OpenWrt.yml
+    os-check:
+        uses: ./.github/workflows/os-check.yml
+    async:
+        uses: ./.github/workflows/async.yml
+    stunnel:
+        uses: ./.github/workflows/stunnel.yml
+    openvpn:
+        uses: ./.github/workflows/openvpn.yml
+    hostap:
+        uses: ./.github/workflows/hostap.yml
+    nginx:
+        uses: ./.github/workflows/nginx.yml
+    zephyr:
+        uses: ./.github/workflows/zephyr.yml
+    hitch:
+        uses: ./.github/workflows/hitch.yml
+    curl:
+        uses: ./.github/workflows/curl.yml
+    krb5:
+        uses: ./.github/workflows/krb5.yml
+    packaging:
+        uses: ./.github/workflows/packaging.yml
+    memcached:
+        uses: ./.github/workflows/memcached.yml
+# TODO: Currently this test fails. Enable it once it becomes passing.        
+#    haproxy:
+#        uses: ./.github/workflows/haproxy.yml
--- a/.github/workflows/memcached.sh
+++ b/.github/workflows/memcached.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+
+if [ -z "$GITHUB_WORKSPACE" ]; then
+    echo '$GITHUB_WORKSPACE is not set'
+    exit 1
+fi
+
+if [ -z "$HOST_ROOT" ]; then
+    echo '$HOST_ROOT is not set'
+    exit 1
+fi
+
+chroot $HOST_ROOT make -C $GITHUB_WORKSPACE/memcached \
+    -j$(nproc) PARALLEL=$(nproc) test_tls
--- a/.github/workflows/memcached.yml
+++ b/.github/workflows/memcached.yml
@@ -0,0 +1,107 @@
+name: memcached Tests
+
+on:
+  workflow_call:
+
+jobs:
+  build_wolfssl:
+    name: Build wolfSSL
+    # Just to keep it the same as the testing target
+    runs-on: ubuntu-latest
+    steps:
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-memcached
+          install: true
+
+      - name: Bundle Docker entry point
+        run: cp wolfssl/.github/workflows/memcached.sh build-dir/bin
+
+      - name: Upload built lib
+        uses: actions/upload-artifact@v3
+        with:
+          name: wolf-install-memcached
+          path: build-dir
+          retention-days: 1
+
+  memcached_check:
+    strategy:
+      fail-fast: false
+      matrix:
+        # List of releases to test
+        include:
+          - ref: 1.6.22
+    name: ${{ matrix.ref }}
+    runs-on: ubuntu-latest
+    needs: build_wolfssl
+    steps:
+      - name: Download lib
+        uses: actions/download-artifact@v3
+        with:
+          name: wolf-install-memcached
+          path: build-dir
+
+      - name: Checkout OSP
+        uses: actions/checkout@v3
+        with:
+          repository: wolfssl/osp
+          path: osp
+
+      - name: Install dependencies
+        run: |
+            export DEBIAN_FRONTEND=noninteractive
+            sudo apt-get update
+            sudo apt-get install -y libevent-dev libevent-2.1-7 automake pkg-config make libio-socket-ssl-perl
+
+      - name: Checkout memcached
+        uses: actions/checkout@v3
+        with:
+          repository: memcached/memcached
+          ref: 1.6.22
+          path: memcached
+
+      - name: Configure and build memcached
+        run: |
+            cd $GITHUB_WORKSPACE/memcached/
+            patch -p1 < $GITHUB_WORKSPACE/osp/memcached/memcached_1.6.22.patch
+            ./autogen.sh
+            export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH
+            PKG_CONFIG_PATH=$GITHUB_WORKSPACE/build-dir/lib/pkgconfig ./configure --enable-wolfssl
+            make -j$(nproc)
+
+      - name: Confirm memcached built with wolfSSL
+        working-directory: ./memcached
+        run: |
+          export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH
+          ldd memcached | grep wolfssl
+
+      - name: Run memcached tests
+        working-directory: ./memcached
+        run: |
+          # Retry up to three times
+          # Using docker because interrupting the tests doesn't close running
+          # background servers. They can become daemonized and then all re-runs
+          # will always fail.
+          chmod +x $GITHUB_WORKSPACE/build-dir/bin/memcached.sh
+          for i in {1..3}; do
+            echo "-------- RUNNING TESTS --------"
+            MEMCACHED_RES=0 # Not set when command succeeds
+            # Tests should usually take less than 4 minutes. If already taking
+            # 5 minutes then they are probably stuck. Interrupt and re-run.
+            time timeout -s SIGKILL 5m docker run -v /:/host \
+              -v $GITHUB_WORKSPACE/build-dir/bin/memcached.sh:/memcached.sh \
+              -e GITHUB_WORKSPACE=$GITHUB_WORKSPACE \
+              -e HOST_ROOT=/host \
+              -e LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH \
+              alpine:latest /memcached.sh || MEMCACHED_RES=$?
+
+            if [ "$MEMCACHED_RES" -eq "0" ]; then
+              break
+            fi
+          done
+          echo "test ran $i times"
+          if [ "$MEMCACHED_RES" -ne "0" ]; then
+            exit $MEMCACHED_RES
+          fi
--- a/.github/workflows/multi-arch.yml
+++ b/.github/workflows/multi-arch.yml
@@ -0,0 +1,54 @@
+name: Multiple architectures
+
+on:
+  workflow_call:
+
+jobs:
+  my_matrix:
+    name: Multi-arch test
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - HOST: aarch64-linux-gnu
+            CC: aarch64-linux-gnu-gcc
+            ARCH: arm64
+            EXTRA_OPTS: --enable-sp-asm --enable-armasm
+          - HOST: arm-linux-gnueabihf
+            CC: arm-linux-gnueabihf-gcc
+            ARCH: armhf
+            EXTRA_OPTS: --enable-sp-asm
+          - HOST: riscv64-linux-gnu
+            CC: riscv64-linux-gnu-gcc
+            ARCH: riscv64
+          # Config to ensure CPUs without Thumb instructions compiles
+          - HOST: arm-linux-gnueabi
+            CC: arm-linux-gnueabi-gcc
+            CFLAGS: -marm -DWOLFSSL_SP_ARM_ARCH=6
+            ARCH: armel
+            EXTRA_OPTS: --enable-sp-asm
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 10
+    steps:
+      - name: Install Compiler
+        run: |
+          sudo apt update
+          sudo apt install -y crossbuild-essential-${{ matrix.ARCH }} qemu-user
+      - uses: actions/checkout@v3
+      - name: Build
+        env:
+            CC: ${{ matrix.CC }}
+            CFLAGS: ${{ matrix.CFLAGS }}
+            QEMU_LD_PREFIX: /usr/${{ matrix.HOST }}
+        run: ./autogen.sh && ./configure --host=${{ matrix.HOST }} --enable-all --disable-examples ${{ matrix.EXTRA_OPTS }} && make
+      - name: Print errors 
+        if: ${{ failure() }}
+        run: |
+          if [ -f config.log ] ; then
+            cat config.log
+          fi
+      - name: Run WolfCrypt Tests
+        env:
+            QEMU_LD_PREFIX: /usr/${{ matrix.HOST }}
+        run: ./wolfcrypt/test/testwolfcrypt
--- a/.github/workflows/multi-compiler.yml
+++ b/.github/workflows/multi-compiler.yml
@@ -0,0 +1,53 @@
+name: Multiple compilers and versions
+
+on:
+  workflow_call:
+
+jobs:
+  my_matrix:
+    name: Compiler test
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - CC: gcc-9
+            CXX: g++-9
+            OS: ubuntu-latest
+          - CC: gcc-10
+            CXX: g++-10
+            OS: ubuntu-latest
+          - CC: gcc-11
+            CXX: g++-11
+            OS: ubuntu-latest
+          - CC: gcc-12
+            CXX: g++-12
+            OS: ubuntu-latest
+          - CC: clang-10
+            CXX: clang++-10
+            OS: ubuntu-20.04
+          - CC: clang-11
+            CXX: clang++-11
+            OS: ubuntu-20.04
+          - CC: clang-12
+            CXX: clang++-12
+            OS: ubuntu-20.04
+          - CC: clang-13
+            CXX: clang++-13
+            OS: ubuntu-latest
+          - CC: clang-14
+            CXX: clang++-14
+            OS: ubuntu-latest
+    runs-on: ${{ matrix.OS }}
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
+    steps:
+      - uses: actions/checkout@v3
+      - name: Build
+        env:
+            CC: ${{ matrix.CC }}
+            CXX: ${{ matrix.CXX }}
+        run: ./autogen.sh && ./configure && make && make dist
+      - name: Show log on errors
+        if: ${{ failure() }}
+        run: |
+            cat config.log
--- a/.github/workflows/nginx.yml
+++ b/.github/workflows/nginx.yml
@@ -0,0 +1,206 @@
+name: nginx Tests
+
+on:
+  workflow_call:
+
+jobs:
+  build_wolfssl:
+    name: Build wolfSSL
+    # Just to keep it the same as the testing target
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
+    steps:
+      - if: ${{ runner.debug }}
+        name: Enable wolfSSL debug logging
+        run: |
+          # We don't use --enable-debug since it makes the logs too loud
+          echo "wolf_debug_flags= CFLAGS='-g3 -O0'" >> $GITHUB_ENV
+
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-nginx ${{ env.wolf_debug_flags }}
+          install: true
+
+      - name: Upload built lib
+        uses: actions/upload-artifact@v3
+        with:
+          name: wolf-install-nginx
+          path: build-dir
+          retention-days: 1
+
+  nginx_check:
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          # in general we want to pass all tests that match *ssl*
+          - ref: 1.25.0
+            test-ref: 5b2894ea1afd01a26c589ce11f310df118e42592
+            # Following tests pass with sanitizer on
+            sanitize-ok: >-
+              h2_ssl_proxy_cache.t h2_ssl.t h2_ssl_variables.t h2_ssl_verify_client.t
+              mail_imap_ssl.t mail_ssl_conf_command.t mail_ssl_session_reuse.t
+              mail_ssl.t proxy_ssl_certificate_empty.t proxy_ssl_certificate.t
+              proxy_ssl_certificate_vars.t proxy_ssl_conf_command.t proxy_ssl_name.t
+              ssl_certificate_chain.t ssl_certificate_perl.t ssl_certificates.t
+              ssl_certificate.t ssl_client_escaped_cert.t ssl_conf_command.t
+              ssl_crl.t ssl_curve.t ssl_engine_keys.t ssl_ocsp.t ssl_password_file.t
+              ssl_proxy_protocol.t ssl_proxy_upgrade.t ssl_reject_handshake.t
+              ssl_session_reuse.t ssl_session_ticket_key.t ssl_sni_reneg.t
+              ssl_sni_sessions.t ssl_sni.t ssl_stapling.t ssl.t ssl_verify_client.t
+              ssl_verify_depth.t stream_proxy_ssl_certificate.t stream_proxy_ssl_certificate_vars.t
+              stream_proxy_ssl_conf_command.t stream_proxy_ssl_name_complex.t
+              stream_proxy_ssl_name.t stream_ssl_certificate.t stream_ssl_conf_command.t
+              stream_ssl_preread_alpn.t stream_ssl_preread_protocol.t stream_ssl_preread.t
+              stream_ssl_realip.t stream_ssl_session_reuse.t stream_ssl.t stream_ssl_variables.t
+              stream_ssl_verify_client.t stream_upstream_zone_ssl.t upstream_zone_ssl.t
+              uwsgi_ssl_certificate.t uwsgi_ssl_certificate_vars.t uwsgi_ssl.t
+              uwsgi_ssl_verify.t
+            # Following tests do not pass with sanitizer on (with OpenSSL too)
+            sanitize-not-ok: >-
+              grpc_ssl.t h2_proxy_request_buffering_ssl.t h2_proxy_ssl.t
+              proxy_request_buffering_ssl.t proxy_ssl_keepalive.t proxy_ssl.t
+              proxy_ssl_verify.t stream_proxy_protocol_ssl.t stream_proxy_ssl.t
+              stream_proxy_ssl_verify.t stream_ssl_alpn.t
+          - ref: 1.24.0
+            test-ref: 212d9d003886e3a24542855fb60355a417f037de
+            # Following tests pass with sanitizer on
+            sanitize-ok: >-
+              h2_ssl_proxy_cache.t h2_ssl.t h2_ssl_variables.t h2_ssl_verify_client.t
+              mail_imap_ssl.t mail_ssl_conf_command.t mail_ssl_session_reuse.t mail_ssl.t
+              proxy_ssl_certificate_empty.t proxy_ssl_certificate.t proxy_ssl_certificate_vars.t
+              proxy_ssl_name.t ssl_certificate_chain.t ssl_certificate_perl.t ssl_certificates.t
+              ssl_certificate.t ssl_client_escaped_cert.t ssl_conf_command.t ssl_crl.t
+              ssl_engine_keys.t ssl_ocsp.t ssl_password_file.t ssl_proxy_protocol.t
+              ssl_proxy_upgrade.t ssl_reject_handshake.t ssl_session_reuse.t
+              ssl_session_ticket_key.t ssl_sni_reneg.t ssl_sni_sessions.t ssl_sni.t
+              ssl_stapling.t ssl.t ssl_verify_client.t stream_proxy_ssl_certificate.t
+              stream_proxy_ssl_certificate_vars.t stream_proxy_ssl_name_complex.t
+              stream_proxy_ssl_name.t stream_ssl_alpn.t stream_ssl_certificate.t
+              stream_ssl_conf_command.t stream_ssl_preread_alpn.t stream_ssl_preread_protocol.t
+              stream_ssl_preread.t stream_ssl_realip.t stream_ssl_session_reuse.t stream_ssl.t
+              stream_ssl_variables.t stream_ssl_verify_client.t stream_upstream_zone_ssl.t
+              upstream_zone_ssl.t uwsgi_ssl_certificate.t uwsgi_ssl_certificate_vars.t
+              uwsgi_ssl.t uwsgi_ssl_verify.t 
+            # Following tests do not pass with sanitizer on (with OpenSSL too)
+            sanitize-not-ok: >-
+              grpc_ssl.t h2_proxy_request_buffering_ssl.t h2_proxy_ssl.t
+              proxy_request_buffering_ssl.t proxy_ssl_conf_command.t proxy_ssl_keepalive.t
+              proxy_ssl.t proxy_ssl_verify.t ssl_curve.t ssl_verify_depth.t
+              stream_proxy_protocol_ssl.t stream_proxy_ssl_conf_command.t stream_proxy_ssl.t
+              stream_proxy_ssl_verify.t
+    name: ${{ matrix.ref }}
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 6
+    needs: build_wolfssl
+    steps:
+      - name: Download lib
+        uses: actions/download-artifact@v3
+        with:
+          name: wolf-install-nginx
+          path: build-dir
+
+      - name: Install dependencies
+        run: |
+          sudo cpan -iT Proc::Find Net::SSLeay IO::Socket::SSL
+
+      - name: Checkout wolfssl-nginx
+        uses: actions/checkout@v3
+        with:
+          repository: wolfssl/wolfssl-nginx
+          path: wolfssl-nginx
+
+      - name: Checkout nginx
+        uses: actions/checkout@v3
+        with:
+          repository: nginx/nginx
+          path: nginx
+          ref: release-${{ matrix.ref }}
+
+      - name: Apply nginx patch
+        working-directory: nginx
+        run: patch -p1 < ../wolfssl-nginx/nginx-${{ matrix.ref }}-wolfssl.patch
+
+      - if: ${{ runner.debug }}
+        name: Apply nginx debug patch
+        working-directory: nginx
+        run: patch -p1 < ../wolfssl-nginx/nginx-${{ matrix.ref }}-wolfssl-debug.patch
+
+      - name: Checkout nginx-tests
+        uses: actions/checkout@v3
+        with:
+          repository: nginx/nginx-tests
+          path: nginx-tests
+          ref: ${{ matrix.test-ref }}
+
+      - name: Apply nginx-tests patch
+        working-directory: nginx-tests
+        run: patch -p1 < ../wolfssl-nginx/nginx-tests-patches/*${{ matrix.test-ref }}.patch
+
+      - name: Build nginx without sanitizer
+        working-directory: nginx
+        run: |
+          ./auto/configure --with-wolfssl=$GITHUB_WORKSPACE/build-dir --with-http_ssl_module \
+            --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module \
+            --with-http_v2_module --with-mail --with-mail_ssl_module
+          make -j
+
+      - name: Confirm nginx built with wolfSSL
+        working-directory: nginx
+        run: ldd objs/nginx | grep wolfssl
+
+      - if: ${{ runner.debug }}
+        name: Run nginx-tests without sanitizer (debug)
+        working-directory: nginx-tests
+        run: |
+          LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib \
+            TMPDIR=$GITHUB_WORKSPACE TEST_NGINX_VERBOSE=y TEST_NGINX_CATLOG=y \
+            TEST_NGINX_BINARY=../nginx/objs/nginx prove -v ${{ matrix.sanitize-not-ok }}
+
+      - if: ${{ !runner.debug }}
+        name: Run nginx-tests without sanitizer
+        working-directory: nginx-tests
+        run: |
+          LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib \
+            TMPDIR=$GITHUB_WORKSPACE TEST_NGINX_BINARY=../nginx/objs/nginx \
+            prove ${{ matrix.sanitize-not-ok }}
+
+      - if: ${{ runner.debug }}
+        name: Enable wolfSSL debug logging
+        run: |
+          echo "nginx_c_flags=-O0" >> $GITHUB_ENV
+
+      - name: Build nginx with sanitizer
+        working-directory: nginx
+        run: |
+          ./auto/configure --with-wolfssl=$GITHUB_WORKSPACE/build-dir --with-http_ssl_module \
+            --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module \
+            --with-http_v2_module --with-mail --with-mail_ssl_module \
+            --with-cc-opt='-fsanitize=address -DNGX_DEBUG_PALLOC=1 -g3 ${{ env.nginx_c_flags }}' \
+            --with-ld-opt='-fsanitize=address ${{ env.nginx_c_flags }}'
+          make -j
+
+      - name: Confirm nginx built with wolfSSL
+        working-directory: nginx
+        run: ldd objs/nginx | grep wolfssl
+
+      - if: ${{ runner.debug }}
+        name: Run nginx-tests with sanitizer (debug)
+        working-directory: nginx-tests
+        run: |
+          LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib \
+          TMPDIR=$GITHUB_WORKSPACE TEST_NGINX_VERBOSE=y TEST_NGINX_CATLOG=y \
+          TEST_NGINX_BINARY=../nginx/objs/nginx prove -v ${{ matrix.sanitize-ok }}
+
+      - if: ${{ !runner.debug }}
+        name: Run nginx-tests with sanitizer
+        working-directory: nginx-tests
+        run: |
+          LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib \
+            TMPDIR=$GITHUB_WORKSPACE TEST_NGINX_BINARY=../nginx/objs/nginx \
+            prove ${{ matrix.sanitize-ok }}
+ 
--- a/.github/workflows/openvpn.yml
+++ b/.github/workflows/openvpn.yml
@@ -0,0 +1,73 @@
+name: OpenVPN Tests
+
+on:
+  workflow_call:
+
+jobs:
+  build_wolfssl:
+    name: Build wolfSSL
+    # Just to keep it the same as the testing target
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
+    steps:
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-openvpn
+          install: true
+
+      - name: Upload built lib
+        uses: actions/upload-artifact@v3
+        with:
+          name: wolf-install-openvpn
+          path: build-dir
+          retention-days: 1
+
+  openvpn_check:
+    strategy:
+      fail-fast: false
+      matrix:
+        # List of refs to test
+        ref: [ master, release/2.6, v2.6.0 ]
+    name: ${{ matrix.ref }}
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 6
+    needs: build_wolfssl
+    steps:
+      - name: Download lib
+        uses: actions/download-artifact@v3
+        with:
+          name: wolf-install-openvpn
+          path: build-dir
+
+      - name: Install dependencies
+        run: |
+          sudo apt-get update
+          sudo apt-get install liblzo2-dev libpam0g-dev liblz4-dev libcap-ng-dev \
+                     linux-libc-dev man2html libcmocka-dev python3-docutils \
+                     libtool automake autoconf libnl-genl-3-dev libnl-genl-3-200
+
+      - if: ${{ matrix.ref != 'master' }}
+        name: Build and test openvpn with fsanitize
+        run: |
+          echo 'extra_c_flags=CFLAGS="-fsanitize=address -fno-omit-frame-pointer -O2"' >> $GITHUB_ENV
+
+      - name: Build and test openvpn
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          repository: OpenVPN/openvpn
+          ref: ${{ matrix.ref }}
+          path: openvpn
+          configure: >-
+            --with-crypto-library=wolfssl
+            WOLFSSL_CFLAGS="-I$GITHUB_WORKSPACE/build-dir/include/ -I$GITHUB_WORKSPACE/build-dir/include/wolfssl"
+            WOLFSSL_LIBS="-L$GITHUB_WORKSPACE/build-dir/lib -lwolfssl"
+            ${{ env.extra_c_flags }}
+          check: true
+
+      - name: Confirm OpenVPN built with wolfSSL
+        working-directory: ./openvpn
+        run: ldd src/openvpn/openvpn | grep wolfssl
--- a/.github/workflows/os-check.yml
+++ b/.github/workflows/os-check.yml
@@ -0,0 +1,141 @@
+name: Ubuntu-Macos-Windows Tests
+
+on:
+  workflow_call:
+
+jobs:
+  make_check:
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ ubuntu-latest, macos-latest ]
+        config: [
+          # Add new configs here
+          '',
+          '--enable-all --enable-asn=template',
+          '--enable-all --enable-asn=original',
+          '--enable-harden-tls',
+          '--enable-tls13 --enable-session-ticket --enable-dtls --enable-dtls13
+             --enable-opensslextra --enable-sessioncerts 
+             CPPFLAGS=''-DWOLFSSL_DTLS_NO_HVR_ON_RESUME -DHAVE_EXT_CACHE 
+             -DWOLFSSL_TICKET_HAVE_ID -DHAVE_EX_DATA -DSESSION_CACHE_DYNAMIC_MEM'' ',
+          '--enable-all --enable-secure-renegotiation',
+          '--enable-all --enable-haproxy --enable-quic',
+          '--enable-dtls --enable-dtls13 --enable-earlydata 
+             --enable-session-ticket --enable-psk 
+             CPPFLAGS=''-DWOLFSSL_DTLS13_NO_HRR_ON_RESUME'' ',
+        ]
+    name: make check
+    runs-on: ${{ matrix.os }}
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 14
+    steps:
+      - name: Build and test wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          configure: ${{ matrix.config }}
+          check: true
+
+  make_user_settings:
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ ubuntu-latest, macos-latest ]
+        user-settings: [
+          # Add new user_settings.h here
+          'examples/configs/user_settings_all.h',
+        ]
+    name: make user_setting.h
+    runs-on: ${{ matrix.os }}
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 14
+    steps:
+      - name: Build and test wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          configure: --enable-usersettings
+          check: true
+          user-settings: ${{ matrix.user-settings }}
+
+  make_user_settings_testwolfcrypt:
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ ubuntu-latest, macos-latest ]
+        user-settings: [
+          # Add new user_settings.h here
+          'examples/configs/user_settings_min_ecc.h',
+          'examples/configs/user_settings_wolfboot_keytools.h',
+          'examples/configs/user_settings_wolftpm.h',
+        ]
+    name: make user_setting.h (testwolfcrypt only)
+    runs-on: ${{ matrix.os }}
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 14
+    steps:
+      - name: Build and test wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          configure: --enable-usersettings --disable-examples
+          check: false
+          user-settings: ${{ matrix.user-settings }}
+
+      - name: Run wolfcrypt/test/testwolfcrypt
+        run: ./wolfcrypt/test/testwolfcrypt
+
+  # Has to be dedicated function due to the sed call
+  make_user_all:
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ ubuntu-latest, macos-latest ]
+    name: make user_setting.h (with sed)
+    runs-on: ${{ matrix.os }}
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 14
+    steps:
+    - uses: actions/checkout@v3
+    - if: ${{ matrix.os == 'macos-latest' }}
+      run: brew install automake libtool
+    - run: ./autogen.sh
+    - name: user_settings_all.h with compatibility layer
+      run: |
+        cp ./examples/configs/user_settings_all.h user_settings.h
+        sed -i -e "s/if 0/if 1/" user_settings.h
+        ./configure --enable-usersettings
+        make
+        make check
+
+  windows_build:
+    name: Windows Build Test
+    runs-on: windows-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 6
+    env:
+      # Path to the solution file relative to the root of the project.
+      SOLUTION_FILE_PATH: wolfssl64.sln
+
+      # Configuration type to build.
+      # You can convert this to a build matrix if you need coverage of multiple configuration types.
+      # https://docs.github.com/actions/learn-github-actions/managing-complex-workflows#using-a-build-matrix
+      BUILD_CONFIGURATION: Release
+      BUILD_PLATFORM: x64
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Add MSBuild to PATH
+      uses: microsoft/setup-msbuild@v1
+
+    - name: Restore NuGet packages
+      working-directory: ${{env.GITHUB_WORKSPACE}}
+      run: nuget restore ${{env.SOLUTION_FILE_PATH}}
+
+    - name: Build
+      working-directory: ${{env.GITHUB_WORKSPACE}}
+      # Add additional options to the MSBuild command line here (like platform or verbosity level).
+      # See https://docs.microsoft.com/visualstudio/msbuild/msbuild-command-line-reference
+      run: msbuild /m /p:PlatformToolset=v142 /p:Platform=${{env.BUILD_PLATFORM}} /p:Configuration=${{env.BUILD_CONFIGURATION}} ${{env.SOLUTION_FILE_PATH}}
+
+    - name: Run Test
+      working-directory: ${{env.GITHUB_WORKSPACE}}
+      run: Release/x64/testsuite.exe
--- a/.github/workflows/packaging.yml
+++ b/.github/workflows/packaging.yml
@@ -0,0 +1,45 @@
+name: Packaging Tests
+
+on:
+  workflow_call:
+
+jobs:
+  build_wolfssl:
+    name: Package wolfSSL
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 10
+    steps:
+      - name: Checkout wolfSSL
+        uses: actions/checkout@v3
+
+      - name: Configure wolfSSL
+        run: |
+          autoreconf -ivf
+          ./configure --enable-distro --enable-all \
+            --disable-openssl-compatible-defaults --enable-intelasm \
+            --enable-dtls13 --enable-dtls-mtu \
+            --enable-sp-asm --disable-examples --disable-silent-rules
+
+      - name: Make sure OPENSSL_COMPATIBLE_DEFAULTS is not present in options.h
+        run: |
+          ! grep OPENSSL_COMPATIBLE_DEFAULTS wolfssl/options.h
+
+      - name: Build wolfSSL .deb
+        run: make deb-docker
+
+      - name: Build wolfSSL .rpm
+        run: make rpm-docker
+
+      - name: Confirm packages built
+        run: |
+          DEB_COUNT=$(find -name 'libwolfssl*.deb' | wc -l)
+          if [ "$DEB_COUNT" != "2" ]; then
+            echo Did not find exactly two deb packages!!!
+            exit 1
+          fi
+          RPM_COUNT=$(find -name 'wolfssl*.rpm' | wc -l)
+          if [ "$RPM_COUNT" != "4" ]; then
+            echo Did not find exactly four rpm packages!!!
+            exit 1
+          fi
--- a/.github/workflows/stunnel.yml
+++ b/.github/workflows/stunnel.yml
@@ -0,0 +1,65 @@
+name: stunnel Tests
+
+on:
+  workflow_call:
+
+jobs:
+  build_wolfssl:
+    name: Build wolfSSL
+    # Just to keep it the same as the testing target
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
+    steps:
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-stunnel
+          install: true
+
+      - name: Upload built lib
+        uses: actions/upload-artifact@v3
+        with:
+          name: wolf-install-stunnel
+          path: build-dir
+          retention-days: 1
+
+  stunnel_check:
+    strategy:
+      fail-fast: false
+      matrix:
+        # List of releases to test
+        ref: [ 5.67 ]
+    name: ${{ matrix.ref }}
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
+    needs: build_wolfssl
+    steps:
+      - name: Download lib
+        uses: actions/download-artifact@v3
+        with:
+          name: wolf-install-stunnel
+          path: build-dir
+    
+      - name: Checkout OSP
+        uses: actions/checkout@v3
+        with:
+          repository: wolfssl/osp
+          path: osp
+
+      - name: Build and test stunnel
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          repository: mtrojnar/stunnel
+          ref: stunnel-${{ matrix.ref }}
+          path: stunnel
+          patch-file: $GITHUB_WORKSPACE/osp/stunnel/${{ matrix.ref }}/stunnel-${{ matrix.ref }}.patch
+          configure: --enable-wolfssl SSLDIR=$GITHUB_WORKSPACE/build-dir
+          check: true
+
+      - name: Confirm stunnel built with wolfSSL
+        working-directory: ./stunnel
+        run: ldd src/stunnel | grep wolfssl
+
--- a/.github/workflows/ubuntu-check.yml
+++ b/.github/workflows/ubuntu-check.yml
@@ -1,26 +0,0 @@
-name: Ubuntu Build Test
-
-on:
-  push:
-    branches: [ '*' ]
-  pull_request:
-    branches: [ '*' ]
-
-jobs:
-  build:
-
-    runs-on: ubuntu-latest
-
-    steps:
-    - uses: actions/checkout@v2
-    - name: autogen
-      run: ./autogen.sh
-    - name: configure
-      run: ./configure
-    - name: make
-      run: make
-    - name: make check
-      run: make check
-    - name: make distcheck
-      run: make distcheck
-
--- a/.github/workflows/windows-check.yml
+++ b/.github/workflows/windows-check.yml
@@ -1,38 +0,0 @@
-name: Windows Build Test
-
-on:
-  push:
-    branches: [ '*' ]
-  pull_request:
-    branches: [ '*' ]
-
-env:
-  # Path to the solution file relative to the root of the project.
-  SOLUTION_FILE_PATH: wolfssl64.sln
-
-  # Configuration type to build.
-  # You can convert this to a build matrix if you need coverage of multiple configuration types.
-  # https://docs.github.com/actions/learn-github-actions/managing-complex-workflows#using-a-build-matrix
-  BUILD_CONFIGURATION: Release
-  BUILD_PLATFORM: x64
-
-jobs:
-  build:
-    runs-on: windows-latest
-
-    steps:
-    - uses: actions/checkout@v2
-
-    - name: Add MSBuild to PATH
-      uses: microsoft/setup-msbuild@v1
-
-    - name: Restore NuGet packages
-      working-directory: ${{env.GITHUB_WORKSPACE}}
-      run: nuget restore ${{env.SOLUTION_FILE_PATH}}
-
-    - name: Build
-      working-directory: ${{env.GITHUB_WORKSPACE}}
-      # Add additional options to the MSBuild command line here (like platform or verbosity level).
-      # See https://docs.microsoft.com/visualstudio/msbuild/msbuild-command-line-reference
-      run: msbuild /m /p:PlatformToolset=v142 /p:Platform=${{env.BUILD_PLATFORM}} /p:Configuration=${{env.BUILD_CONFIGURATION}} ${{env.SOLUTION_FILE_PATH}}
-
--- a/.github/workflows/zephyr.yml
+++ b/.github/workflows/zephyr.yml
@@ -0,0 +1,104 @@
+name: Zephyr tests
+
+on:
+  workflow_call:
+
+jobs:
+  run_test:
+    name: Build and run
+    strategy:
+      fail-fast: false
+      matrix:
+        config:
+          - zephyr-ref: v3.4.0
+            zephyr-sdk: 0.16.1
+          - zephyr-ref: v3.5.0
+            zephyr-sdk: 0.16.3
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 15
+    steps:
+      - name: Install dependencies
+        run: |
+          # Don't prompt for anything
+          export DEBIAN_FRONTEND=noninteractive
+          sudo apt-get update
+          # most of the ci-base zephyr docker image packages
+          sudo apt-get install -y zip bridge-utils uml-utilities \
+            git cmake ninja-build gperf ccache dfu-util device-tree-compiler wget \
+            python3-dev python3-pip python3-setuptools python3-tk python3-wheel xz-utils file \
+            make gcc gcc-multilib g++-multilib libsdl2-dev libmagic1 \
+            autoconf automake bison build-essential ca-certificates cargo ccache chrpath cmake \
+            cpio device-tree-compiler dfu-util diffstat dos2unix doxygen file flex g++ gawk gcc \
+            gcovr git git-core gnupg gperf gtk-sharp2 help2man iproute2 lcov libcairo2-dev \
+            libglib2.0-dev libgtk2.0-0 liblocale-gettext-perl libncurses5-dev libpcap-dev \
+            libpopt0 libsdl1.2-dev libsdl2-dev libssl-dev libtool libtool-bin locales make \
+            net-tools ninja-build openssh-client parallel pkg-config python3-dev python3-pip \
+            python3-ply python3-setuptools python-is-python3 qemu rsync socat srecord sudo \
+            texinfo unzip wget ovmf xz-utils
+
+      - name: Install west
+        run: sudo pip install west
+
+      - name: Init west workspace
+        run: west init --mr ${{ matrix.config.zephyr-ref }} zephyr
+
+      - name: Update west.yml
+        working-directory: zephyr/zephyr
+        run: |
+          REF=$(echo '${{ github.ref }}' | sed -e 's/\//\\\//g')
+          sed -e 's/remotes:/remotes:\n    \- name: wolfssl\n      url\-base: https:\/\/github.com\/${{ github.repository_owner }}/' -i west.yml
+          sed -e "s/projects:/projects:\n    \- name: wolfssl\n      path: modules\/crypto\/wolfssl\n      remote: wolfssl\n      revision: $REF/" -i west.yml
+
+      - name: Update west workspace
+        working-directory: zephyr
+        run: west update -n -o=--depth=1
+
+      - name: Export zephyr
+        working-directory: zephyr
+        run: west zephyr-export
+
+      - name: Install pip dependencies
+        working-directory: zephyr
+        run: sudo pip install -r zephyr/scripts/requirements.txt
+
+      - name: Install zephyr SDK
+        run: |
+          wget -q https://github.com/zephyrproject-rtos/sdk-ng/releases/download/v${{ matrix.config.zephyr-sdk }}/zephyr-sdk-${{ matrix.config.zephyr-sdk }}_linux-x86_64.tar.xz
+          tar xf zephyr-sdk-${{ matrix.config.zephyr-sdk }}_linux-x86_64.tar.xz
+          cd zephyr-sdk-${{ matrix.config.zephyr-sdk }}
+          ./setup.sh -h -c
+
+      - name: Run wolfssl test
+        id: wolfssl-test
+        working-directory: zephyr
+        run: |
+          ./zephyr/scripts/twister --testsuite-root modules/crypto/wolfssl --test zephyr/samples/wolfssl_test/sample.crypto.wolfssl_test -vvv
+          rm -rf zephyr/twister-out
+
+      - name: Run wolfssl TLS sock test
+        id: wolfssl-tls-sock
+        working-directory: zephyr
+        run: |
+          ./zephyr/scripts/twister --testsuite-root modules/crypto/wolfssl --test zephyr/samples/wolfssl_tls_sock/sample.crypto.wolfssl_tls_sock -vvv
+          rm -rf zephyr/twister-out
+
+      - name: Run wolfssl TLS thread test
+        id: wolfssl-tls-thread
+        working-directory: zephyr
+        run: |
+          ./zephyr/scripts/twister --testsuite-root modules/crypto/wolfssl --test zephyr/samples/wolfssl_tls_thread/sample.crypto.wolfssl_tls_thread -vvv
+          rm -rf zephyr/twister-out
+
+      - name: Zip failure logs
+        if: ${{ failure() && (steps.wolfssl-test.outcome == 'failure' || steps.wolfssl-tls-sock.outcome == 'failure' || steps.wolfssl-tls-thread.outcome == 'failure') }}
+        run: |
+          zip -9 -r logs.zip zephyr/twister-out
+
+      - name: Upload failure logs
+        if: ${{ failure() && (steps.wolfssl-test.outcome == 'failure' || steps.wolfssl-tls-sock.outcome == 'failure' || steps.wolfssl-tls-thread.outcome == 'failure') }}
+        uses: actions/upload-artifact@v3
+        with:
+          name: zephyr-client-test-logs
+          path: logs.zip
+          retention-days: 5
--- a/.gitignore
+++ b/.gitignore
@@ -64,6 +64,8 @@ ctaocrypt/benchmark/benchmark
 ctaocrypt/test/testctaocrypt
 wolfcrypt/benchmark/benchmark
 wolfcrypt/test/testwolfcrypt
+examples/async/async_client
+examples/async/async_server
 examples/benchmark/tls_bench
 examples/client/client
 examples/echoclient/echoclient
@@ -73,6 +75,8 @@ examples/sctp/sctp-server
 examples/sctp/sctp-server-dtls
 examples/sctp/sctp-client
 examples/sctp/sctp-client-dtls
+examples/asn1/asn1
+examples/pem/pem
 server_ready
 snifftest
 output
@@ -83,6 +87,7 @@ testsuite/testsuite.test
 tests/unit.test
 tests/bio_write_test.txt
 tests/test-log-dump-to-file.txt
+tests/cert_cache.tmp
 test-write-dhparams.pem
 testsuite/*.der
 testsuite/*.pem
@@ -342,6 +347,8 @@ doc/pdf

 # XCODE Index
 IDE/XCODE/Index
+IDE/**/xcshareddata
+IDE/**/DerivedData

 # ARM DS-5 && Eclipse
 \.settings/
@@ -379,6 +386,9 @@ IDE/XCODE/Index
 /IDE/QNX/example-cmac/cmac-test
 /IDE/QNX/CAAM-DRIVER/wolfCrypt

+# Xilinx
+/IDE/XilinxSDK/data
+
 # Emacs
 *~

@@ -390,3 +400,40 @@ cmake_install.cmake
 # GDB Settings
 \.gdbinit

+libFuzzer
+
+# Pycharm and other IDEs
+\.idea
+
+# FIPS
+XXX-fips-test
+
+# ASYNC
+/wolfAsyncCrypt
+/async
+
+# Generated user_settings_asm.h.
+user_settings_asm.h
+
+# VisualGD
+**/.visualgdb
+
+# Espressif sdk config default should be saved in sdkconfig.defaults
+# we won't track the actual working sdkconfig files
+/IDE/Espressif/**/sdkconfig
+/IDE/Espressif/**/sdkconfig.old
+
+# auto-created CMake backups
+**/CMakeLists.txt.old
+
+# MagicCrypto (ARIA Cipher)
+MagicCrypto
+
+# CMake  build directory
+/out
+/out_temp
+
+# debian packaging
+debian/changelog
+debian/control
+*.deb
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
--- a/ChangeLog.md
+++ b/ChangeLog.md
--- a/Docker/Dockerfile
+++ b/Docker/Dockerfile
@@ -0,0 +1,53 @@
+ARG DOCKER_BASE_IMAGE=ubuntu:22.04
+FROM $DOCKER_BASE_IMAGE
+
+USER root
+
+ARG DEPS_WOLFSSL="build-essential autoconf libtool clang clang-tools zlib1g-dev libuv1-dev libpam0g-dev valgrind git linux-headers-generic gcc-multilib g++-multilib libpcap-dev bubblewrap gdb iputils-ping lldb bsdmainutils netcat binutils-arm-linux-gnueabi binutils-aarch64-linux-gnu"
+ARG DEPS_LIBOQS="astyle cmake gcc ninja-build libssl-dev python3-pytest python3-pytest-xdist unzip xsltproc doxygen graphviz python3-yaml valgrind git"
+ARG DEPS_UDP_PROXY="wget libevent-dev"
+ARG DEPS_TESTS="abi-dumper libcurl4-openssl-dev tcpdump"
+ARG DEPS_TOOLS="ccache"
+RUN DEBIAN_FRONTEND=noninteractive apt update && apt install -y apt-utils \
+                    && apt install -y ${DEPS_WOLFSSL} ${DEPS_LIBOQS} ${DEPS_UDP_PROXY} ${DEPS_TESTS} ${DEPS_TOOLS} \
+                    && apt clean -y && rm -rf /var/lib/apt/lists/*
+
+# Add 'docker' user
+ARG USER=docker
+ARG UID=1000
+ARG GID=1000
+RUN groupadd -f -g ${GID} docker && ( getent passwd ${UID} || useradd -ms /bin/bash ${USER} -u ${UID} -g ${GID} )
+
+# Add github.com as an SSH known host
+RUN ssh -o StrictHostKeyChecking=no -T git@github.com; cat ~/.ssh/known_hosts >> /etc/ssh/ssh_known_hosts
+
+# install ccache
+RUN mkdir -p /opt/ccache/bin && for prog in gcc g++ cc c++ cpp arm-none-eabi-c++ arm-none-eabi-cpp arm-none-eabi-gcc arm-none-eabi-g++; do ln -s /usr/bin/ccache /opt/ccache/bin/$(basename $prog); done
+ENV PATH /opt/ccache/bin:$PATH
+
+# install liboqs
+RUN git clone --single-branch https://github.com/open-quantum-safe/liboqs.git && cd liboqs && git checkout db08f12b5a96aa6582a82aac7f65cf8a4d8b231f \
+    && mkdir build && cd build && cmake -DOQS_DIST_BUILD=ON -DOQS_USE_CPUFEATURE_INSTRUCTIONS=OFF -DOQS_USE_OPENSSL=0 .. && make -j8 all && make install && cd ../.. && rm -rf liboqs
+
+RUN mkdir /opt/sources
+
+# install liblms
+RUN cd /opt/sources && git clone --single-branch https://github.com/cisco/hash-sigs.git && cd hash-sigs && git checkout b0631b8891295bf2929e68761205337b7c031726 \
+    && sed -i 's/USE_OPENSSL 1/USE_OPENSSL 0/g' sha256.h && make -j4 hss_lib_thread.a
+
+# Install pkixssh to /opt/pkixssh for X509 interop testing with wolfSSH
+RUN mkdir /var/empty
+RUN cd /opt/sources && wget -q -O- https://roumenpetrov.info/secsh/src/pkixssh-14.1.1.tar.gz | tar xzf - && cd pkixssh-14.1.1 && ./configure --prefix=/opt/pkixssh/ --exec-prefix=/opt/pkixssh/ && make install
+
+# Install udp/tcp-proxy
+RUN cd /opt/sources && git clone --depth=1 --single-branch --branch=main http://github.com/wolfssl/udp-proxy && cd udp-proxy && make && cp tcp_proxy udp_proxy /bin/.
+
+# Allow non-root to use tcpdump (will need NET_RAW and NET_ADMIN capability when running the container)
+RUN setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/tcpdump
+# Allow non-root to use gdb on processes (will need SYS_PTRACE capability when running the container)
+RUN setcap 'CAP_SYS_PTRACE+eip' /usr/bin/gdb
+
+# Add in Jenkins userID
+RUN for i in $(seq 1001 1010); do ( getent passwd ${i} || useradd -ms /bin/bash jenkins${i} -u ${i} -g ${GID} ); done
+
+USER ${UID}:${GID}
--- a/Docker/Dockerfile.cross-compiler
+++ b/Docker/Dockerfile.cross-compiler
@@ -0,0 +1,11 @@
+ARG DOCKER_BASE_IMAGE=wolfssl/wolfssl-builder
+FROM $DOCKER_BASE_IMAGE
+
+USER root
+
+ARG DEPS_TESTING="gcc-arm-linux-gnueabi gcc-aarch64-linux-gnu"
+RUN DEBIAN_FRONTEND=noninteractive apt update \
+                    && apt install -y ${DEPS_TESTING} \
+                    && apt clean -y && rm -rf /var/lib/apt/lists/*
+
+USER docker
--- a/Docker/OpenWrt/Dockerfile
+++ b/Docker/OpenWrt/Dockerfile
@@ -0,0 +1,12 @@
+# This Dockerfile is used in conjunction with the docker-OpenWrt.yml GitHub Action.
+ARG DOCKER_BASE_CONTAINER=openwrt/rootfs:x86-64-snapshot
+FROM $DOCKER_BASE_CONTAINER
+
+RUN mkdir -p /var/lock # Fix for parent container
+COPY libwolfssl.so /tmp/libwolfssl.so
+RUN export LIBWOLFSSL=$(ls /usr/lib/libwolfssl.so.* -1); \
+                      rm ${LIBWOLFSSL} && ln -s /tmp/libwolfssl.so ${LIBWOLFSSL}
+# for debugging purposes to make sure the correct library is tested
+RUN ls -Ll /usr/lib/libwolfssl* && ldd /lib/libustream-ssl.so | grep wolfssl
+COPY runTests.sh /tmp/.
+RUN /tmp/runTests.sh
--- a/Docker/OpenWrt/README.md
+++ b/Docker/OpenWrt/README.md
@@ -0,0 +1,13 @@
+This container is really only useful in conjunction with the GitHub Workflow
+found in .github/workflows/docker-OpenWrt.yml. The idea is that we will
+compile a new libwolfssl that gets placed in official OpenWrt containers to
+run some tests ensuring the library is still compatible with existing
+binaries.
+
+To run the test locally, build libwolfssl.so (or download from the GitHub Action)
+and put it in Docker/OpenWrt. Then switch to that folder and run:
+docker build -t openwrt --build-args DOCKER_BASE_CONTAINER=<openwrtContainer> .
+where 'openwrtContainer' => "openwrt/rootfs:x86-64-22.03-SNAPSHOT" or similar
+
+This should run some sample tests. The resulting container then can be used to
+evaluate OpenWrt with the latest wolfSSL library.
--- a/Docker/OpenWrt/runTests.sh
+++ b/Docker/OpenWrt/runTests.sh
@@ -0,0 +1,27 @@
+#!/bin/sh
+
+runCMD() { # usage: runCMD "<command>" "<retVal>"
+    TMP_FILE=$(mktemp)
+    eval $1 > $TMP_FILE 2>&1
+    RETVAL=$?
+    if [ "$RETVAL" != "$2" ]; then
+        echo "Command ($1) returned ${RETVAL}, but expected $2. Error output:"
+        cat $TMP_FILE
+        exit 1
+    fi
+}
+
+# Successful tests
+runCMD "ldd /lib/libustream-ssl.so" 0
+# Temporary workaround: comment out missing kmods repo line for 21.02 specifically.
+# Remove after fixed upstream.
+runCMD "sed '\/src\/gz openwrt_kmods https:\/\/downloads.openwrt.org\/releases\/21.02-SNAPSHOT\/targets\/x86\/64\/kmods\/5.4.238-1-5a722da41bc36de95a7195be6fce1b45/s//#&/' -i /etc/opkg/distfeeds.conf" 0
+runCMD "opkg update" 0
+runCMD "uclient-fetch 'https://letsencrypt.org'" 0
+# Negative tests
+runCMD "uclient-fetch --ca-certificate=/dev/null 'https://letsencrypt.org'" 5
+runCMD "uclient-fetch 'https://self-signed.badssl.com/'" 5
+runCMD "uclient-fetch 'https://untrusted-root.badssl.com/'" 5
+runCMD "uclient-fetch 'https://expired.badssl.com/'" 5
+
+echo "All tests passed."
--- a/Docker/README.md
+++ b/Docker/README.md
@@ -0,0 +1,16 @@
+# Overview
+This is a Docker environment for compiling, testing and running WolfSSL. Use `run.sh` to build everything (Docker container, WolfSSL, etc.). This script takes in arguments that can be passed to `./configure`. For example: `run.sh --enable-all`
+
+When the compilation and tests succeed, you will be dropped in to a shell environment within the container. This can be useful to build other things within the environment. Additional tests can be run as well as debugging of code.
+
+# Docker Hub
+These images are also uploaded to the wolfSSL's [Docker Hub page](https://hub.docker.com/orgs/wolfssl/repositories). There is a convenience script here `buildAndPush.sh` that will create the appropriate containers and push them to the repo.
+
+# FAQ
+## permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock
+You need to be added to the `docker` group to run Docker containers. Run `sudo usermod -aG docker $USER`. You may need to restart the Docker daemon.
+
+## Unable to access symlinked files outside of WolfSSL
+The volume mounted in the Docker container needs to have all files that your compilation will need. To solve this, you have a couple options:
+1. Change the `WOLFSSL_DIR` variable in the `run.sh` to one higher up (by adding `/..` to the path). Then update the `docker build` to include the correct path to the Dockerfile and the `docker run` argument to the working directory (`-w`) to the WolfSSL source directory
+2. Move the external repository to within the WolfSSL directory. For example create an `external` folder which has your files. This route may have complications when stashing Git work.
--- a/Docker/buildAndPush.sh
+++ b/Docker/buildAndPush.sh
@@ -0,0 +1,37 @@
+#!/bin/bash
+
+# Assume we're in wolfssl/Docker
+WOLFSSL_DIR=$(builtin cd ${BASH_SOURCE%/*}/..; pwd)
+
+DOCKER_BUILD_OPTIONS="$1"
+if [ "${DOCKER_BASE_IMAGE}" != "" ]; then
+    DOCKER_BUILD_OPTIONS+=" --build-arg DOCKER_BASE_IMAGE=${DOCKER_BASE_IMAGE}"
+fi
+
+NUM_FAILURES=0
+
+CUR_DATE=$(date -u +%F)
+echo "Building wolfssl/wolfssl-builder:${CUR_DATE} as ${DOCKER_BUILD_OPTIONS}"
+docker build -t wolfssl/wolfssl-builder:${CUR_DATE} ${DOCKER_BUILD_OPTIONS} "${WOLFSSL_DIR}/Docker" && \
+    docker tag wolfssl/wolfssl-builder:${CUR_DATE} wolfssl/wolfssl-builder:latest && \
+    docker build --build-arg DOCKER_BASE_IMAGE=wolfssl/wolfssl-builder:${CUR_DATE} -t wolfssl/testing-cross-compiler:${CUR_DATE} "${WOLFSSL_DIR}/Docker" -f Dockerfile.cross-compiler && \
+    docker tag wolfssl/testing-cross-compiler:${CUR_DATE} wolfssl/testing-cross-compiler:latest
+
+if [ $? -eq 0 ]; then
+    echo "Pushing containers to DockerHub"
+    docker push wolfssl/wolfssl-builder:${CUR_DATE} && docker push wolfssl/wolfssl-builder:latest && \
+        docker push wolfssl/testing-cross-compiler:${CUR_DATE} && docker push wolfssl/testing-cross-compiler:latest
+else
+    echo "Warning: Build wolfssl/wolfssl-builder failed. Continuing"
+    ((NUM_FAILURES++))
+fi
+
+echo "Building wolfssl/wolfCLU:${CUR_DATE}"
+docker buildx build --pull --push --build-arg DUMMY=${CUR_DATE} -t wolfssl/wolfclu:${CUR_DATE} --platform=linux/amd64,linux/arm64,linux/arm/v7 "${WOLFSSL_DIR}/Docker/wolfCLU" && \
+docker buildx build --pull --push --build-arg DUMMY=${CUR_DATE} -t wolfssl/wolfclu:latest      --platform=linux/amd64,linux/arm64,linux/arm/v7 "${WOLFSSL_DIR}/Docker/wolfCLU"
+if [ $? -ne 0 ]; then
+    echo "Warning: Build wolfssl/wolfclu failed. Continuing"
+    ((NUM_FAILURES++))
+fi
+
+echo "Script completed in $SECONDS seconds. Had $NUM_FAILURES failures."
--- a/Docker/include.am
+++ b/Docker/include.am
@@ -0,0 +1,13 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST+= Docker/Dockerfile
+EXTRA_DIST+= Docker/Dockerfile.cross-compiler
+EXTRA_DIST+= Docker/run.sh
+EXTRA_DIST+= Docker/README.md
+
+ignore_files+=Docker/buildAndPush.sh
+ignore_files+=Docker/OpenWRT/Dockerfile
+ignore_files+=Docker/OpenWRT/runTests.sh
+ignore_files+=Docker/OpenWRT/README.md
--- a/Docker/packaging/debian/Dockerfile
+++ b/Docker/packaging/debian/Dockerfile
@@ -0,0 +1,6 @@
+FROM debian:latest
+
+RUN apt-get -y update
+RUN apt-get -y upgrade
+RUN apt-get install -y build-essential autoconf gawk debhelper lintian
+
--- a/Docker/packaging/fedora/Dockerfile
+++ b/Docker/packaging/fedora/Dockerfile
@@ -0,0 +1,3 @@
+FROM fedora:latest
+
+RUN dnf install -y make automake gcc rpmdevtools
--- a/Docker/run.sh
+++ b/Docker/run.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+echo "Running with \"${*}\"..."
+
+# Assume we're in wolfssl/Docker
+WOLFSSL_DIR=$(builtin cd ${BASH_SOURCE%/*}/..; pwd)
+
+docker build -t wolfssl/wolfssl-builder --build-arg UID=$(id -u) --build-arg GID=$(id -g) "${WOLFSSL_DIR}/Docker" && \
+  docker run --rm -it -v ${HOME}/.gitconfig:/home/docker/.gitconfig:ro -v ${HOME}/.ssh:/home/docker/.ssh:ro -v "${WOLFSSL_DIR}:/tmp/wolfssl" -w /tmp/wolfssl wolfssl/wolfssl-builder /bin/bash -c "./autogen.sh && ./configure ${*@Q} && make" && \
+  docker run --rm -it -v ${HOME}/.gitconfig:/home/docker/.gitconfig:ro -v ${HOME}/.ssh:/home/docker/.ssh:ro -v "${WOLFSSL_DIR}:/tmp/wolfssl" -w /tmp/wolfssl wolfssl/wolfssl-builder /bin/bash
+
+exitval=$?
+echo "Exited with error code $exitval"
+exit $exitval
--- a/Docker/wolfCLU/Dockerfile
+++ b/Docker/wolfCLU/Dockerfile
@@ -0,0 +1,26 @@
+ARG DOCKER_BASE_IMAGE=ubuntu
+FROM ubuntu as BUILDER
+
+ARG DEPS_WOLFSSL="build-essential autoconf libtool zlib1g-dev libuv1-dev libpam0g-dev git libpcap-dev libcurl4-openssl-dev bsdmainutils netcat iputils-ping bubblewrap"
+RUN DEBIAN_FRONTEND=noninteractive apt update && apt install -y apt-utils \
+                    && apt install -y ${DEPS_WOLFSSL} ${DEPS_LIBOQS} \
+                    && apt clean -y && rm -rf /var/lib/apt/lists/*
+
+ARG NUM_CPU=16
+
+# This arg is to force a rebuild starting from this line
+ARG DUMMY=date
+# install wolfssl
+RUN DUMMY=${DUMMY} git clone --depth=1 --single-branch --branch=master http://github.com/wolfssl/wolfssl && cd wolfssl && ./autogen.sh && ./configure --enable-all && make -j $NUM_CPU && make install && ldconfig
+
+# install wolfCLU
+RUN git clone --depth=1 --single-branch --branch=main http://github.com/wolfssl/wolfCLU && cd wolfCLU && ./autogen.sh && ./configure && make -j $NUM_CPU && make install
+
+FROM ${DOCKER_BASE_IMAGE}
+USER root
+COPY --from=BUILDER /usr/local/lib/libwolfssl.so /usr/local/lib/
+COPY --from=BUILDER /usr/local/bin/wolfssl* /usr/local/bin/
+RUN ldconfig
+ENTRYPOINT ["/usr/local/bin/wolfssl"]
+LABEL org.opencontainers.image.source=https://github.com/wolfssl/wolfssl
+LABEL org.opencontainers.image.description="Simple wolfCLU in a container"
--- a/Docker/wolfCLU/README.md
+++ b/Docker/wolfCLU/README.md
@@ -0,0 +1,10 @@
+This is a small container that has wolfCLU installed for quick access. To build your own run the following:
+```
+docker build --pull --build-arg DUMMY=$(date +%s) -t wolfclu . 
+```
+
+To run the container, you can use:
+```
+docker run -it --rm -v $(pwd):/ws -w /ws wolfclu version
+```
+This command will allow you to use the certs/keys in your local directory.
--- a/IDE/ARDUINO/README.md
+++ b/IDE/ARDUINO/README.md
@@ -2,10 +2,11 @@

 ##### Reformatting wolfSSL as a compatible Arduino Library
 This is a shell script that will re-organize the wolfSSL library to be 
-compatible with Arduino projects. The Arduino IDE requires a library's source
-files to be in the library's root directory with a header file in the name of 
-the library. This script moves all src/ files to the `IDE/ARDUINO/wolfSSL`
-directory and creates a stub header file called `wolfssl.h`.
+compatible with Arduino projects that use Arduino IDE 1.5.0 or newer. 
+The Arduino IDE requires a library's source files to be in the library's root 
+directory with a header file in the name of the library. This script moves all 
+src/ files to the `IDE/ARDUINO/wolfSSL/src` directory and creates a stub header
+file called `wolfssl.h` inside that directory.

 Step 1: To configure wolfSSL with Arduino, enter the following from within the
 wolfssl/IDE/ARDUINO directory:
@@ -15,7 +16,7 @@ wolfssl/IDE/ARDUINO directory:
 Step 2: Copy the directory wolfSSL that was just created to:
 `~/Documents/Arduino/libraries/` directory so the Arduino IDE can find it.

-Step 3: Edit `<arduino-libraries>/wolfSSL/user_settings.h`
+Step 3: Edit `<arduino-libraries>/wolfSSL/src/user_settings.h`
 If building for Intel Galileo platform add: `#define INTEL_GALILEO`.
 Add any other custom settings, for a good start see the examples in wolfssl root
 "/examples/configs/user_settings_*.h"
--- a/IDE/ARDUINO/sketches/wolfssl_client/wolfssl_client.ino
+++ b/IDE/ARDUINO/sketches/wolfssl_client/wolfssl_client.ino
@@ -1,6 +1,6 @@
 /* wolfssl_client.ino
 *
- * Copyright (C) 2006-2021 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
@@ -19,10 +19,18 @@
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
 */

+/*
+ This was original tested with Intel Galileo acting as the Client, with a 
+laptop acting as a server using the server example provided in examples/server.
+Legacy Ardunio v1.86 was used to compile and program the Galileo 
+*/

+#define USE_CERT_BUFFERS_2048
 #include <wolfssl.h>
 #include <wolfssl/ssl.h>
 #include <Ethernet.h>
+#include <wolfssl/certs_test.h>
+

 const char host[] = "192.168.1.148"; /* server to connect to */
 const int port = 11111; /* port on server to connect to */
@@ -37,123 +45,132 @@ WOLFSSL_CTX* ctx = NULL;
 WOLFSSL* ssl = NULL;

 void setup() {
-  WOLFSSL_METHOD* method;
+    WOLFSSL_METHOD* method;
+    /* Initialize Return Code */
+    int rc;
+    Serial.begin(9600);
+    /* Delay need to ensure connection to server */
+    delay(4000);

-  Serial.begin(9600);
-
-  method = wolfTLSv1_2_client_method();
-  if (method == NULL) {
-    Serial.println("unable to get method");
+    method = wolfTLSv1_2_client_method();
+    if (method == NULL) {
+        Serial.println("unable to get method");
    return;
-  }
-  ctx = wolfSSL_CTX_new(method);
-  if (ctx == NULL) {
-    Serial.println("unable to get ctx");
+    }
+    ctx = wolfSSL_CTX_new(method);
+    if (ctx == NULL) {
+        Serial.println("unable to get ctx");
+    return;
+    }
+    /* initialize wolfSSL using callback functions */
+    wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0);
+    rc = wolfSSL_CTX_load_verify_buffer(ctx, ca_cert_der_2048,\
+                                        sizeof_ca_cert_der_2048,\
+                                        WOLFSSL_FILETYPE_ASN1);
+    Serial.print("\n\n Return code of load_verify is:");
+    Serial.println(rc);
+    Serial.println("");
+    rc = wolfSSL_CTX_use_certificate_buffer(ctx, client_cert_der_2048,\
+                                            sizeof_client_cert_der_2048,\
+                                            WOLFSSL_FILETYPE_ASN1);
+    Serial.print("\n\n Return code of use_certificate_buffer is:");
+    Serial.println(rc);
+    Serial.println("");
+    rc = wolfSSL_CTX_use_PrivateKey_buffer(ctx, client_key_der_2048,\
+                                            sizeof_client_key_der_2048,\
+                                            WOLFSSL_FILETYPE_ASN1);
+    Serial.print("\n\n Return code of use_PrivateKey_buffer is:");
+    Serial.println(rc);
+    Serial.println("");
+    wolfSSL_SetIOSend(ctx, EthernetSend);
+    wolfSSL_SetIORecv(ctx, EthernetReceive);
    return;
-  }
-  /* initialize wolfSSL using callback functions */
-  wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
-  wolfSSL_SetIOSend(ctx, EthernetSend);
-  wolfSSL_SetIORecv(ctx, EthernetReceive);
-  
-  return;
 }

 int EthernetSend(WOLFSSL* ssl, char* msg, int sz, void* ctx) {
-  int sent = 0;
-
-  sent = client.write((byte*)msg, sz);
-
-  return sent;
+    int sent = 0;
+    sent = client.write((byte*)msg, sz);
+    return sent;
 }

 int EthernetReceive(WOLFSSL* ssl, char* reply, int sz, void* ctx) {
-  int ret = 0;
-
-  while (client.available() > 0 && ret < sz) {
-    reply[ret++] = client.read();
-  }
-
-  return ret;
+    int ret = 0;
+    while (client.available() > 0 && ret < sz) {
+        reply[ret++] = client.read();
+    }
+    return ret;
 }

 void loop() {
-  int err            = 0;
-  int input          = 0;
-  int total_input    = 0;
-  char msg[32]       = "hello wolfssl!";
-  int msgSz          = (int)strlen(msg);
-  char errBuf[80];
-  char reply[80];
-  const char* cipherName;
-    
-  if (reconnect) {
-    reconnect--;
-    
-    if (client.connect(host, port)) {
-
-      Serial.print("Connected to ");
-      Serial.println(host);
-
-      ssl = wolfSSL_new(ctx);
-      if (ssl == NULL) {
-        Serial.println("Unable to allocate SSL object");
-        return;
-      }
-
-      err = wolfSSL_connect(ssl);
-      if (err != WOLFSSL_SUCCESS) {
-        err = wolfSSL_get_error(ssl, 0);
-        wolfSSL_ERR_error_string(err, errBuf);
-        Serial.print("TLS Connect Error: ");
-        Serial.println(errBuf);
-      }
-
-      Serial.print("SSL version is ");
-      Serial.println(wolfSSL_get_version(ssl));
-      
-      cipherName = wolfSSL_get_cipher(ssl);
-      Serial.print("SSL cipher suite is ");
-      Serial.println(cipherName);
-
-      if ((wolfSSL_write(ssl, msg, msgSz)) == msgSz) {
-        
-        Serial.print("Server response: ");
-        /* wait for data */
-        while (!client.available()) {}
-        /* read data */
-        while (wolfSSL_pending(ssl)) {
-          input = wolfSSL_read(ssl, reply, sizeof(reply) - 1);
-          total_input += input;
-          if (input < 0) {
-            err = wolfSSL_get_error(ssl, 0);
-            wolfSSL_ERR_error_string(err, errBuf);
-            Serial.print("TLS Read Error: ");
-            Serial.println(errBuf);
-            break;
-          } else if (input > 0) {
-            reply[input] = '\0';
-            Serial.print(reply);
-          } else {
-            Serial.println();
-          }
-        } 
-      } else {
-        err = wolfSSL_get_error(ssl, 0);
-        wolfSSL_ERR_error_string(err, errBuf);
-        Serial.print("TLS Write Error: ");
-        Serial.println(errBuf);
-      }
-      
-      wolfSSL_shutdown(ssl);
-      wolfSSL_free(ssl);
-
-      client.stop();
-      Serial.println("Connection complete.");
-      reconnect = 0;
-    } else {
-      Serial.println("Trying to reconnect...");
+    int err            = 0;
+    int input          = 0;
+    int total_input    = 0;
+    char msg[32]       = "hello wolfssl!";
+    int msgSz          = (int)strlen(msg);
+    char errBuf[80];
+    char reply[80];
+    const char* cipherName;
+    if (reconnect) {
+        reconnect--;
+        if (client.connect(host, port)) {
+            Serial.print("Connected to ");
+            Serial.println(host);
+            ssl = wolfSSL_new(ctx);
+            if (ssl == NULL) {
+                Serial.println("Unable to allocate SSL object");
+                return;
+            }
+            err = wolfSSL_connect(ssl);
+            if (err != WOLFSSL_SUCCESS) {
+                err = wolfSSL_get_error(ssl, 0);
+                wolfSSL_ERR_error_string(err, errBuf);
+                Serial.print("TLS Connect Error: ");
+                Serial.println(errBuf);
+            }
+            Serial.print("SSL version is ");
+            Serial.println(wolfSSL_get_version(ssl));
+            cipherName = wolfSSL_get_cipher(ssl);
+            Serial.print("SSL cipher suite is ");
+            Serial.println(cipherName);
+            if ((wolfSSL_write(ssl, msg, msgSz)) == msgSz) {
+                Serial.print("Server response: ");
+                /* wait for data */
+                while (!client.available()) {}
+                /* read data */
+                while (wolfSSL_pending(ssl)) {
+                    input = wolfSSL_read(ssl, reply, sizeof(reply) - 1);
+                    total_input += input;
+                    if (input < 0) {
+                        err = wolfSSL_get_error(ssl, 0);
+                        wolfSSL_ERR_error_string(err, errBuf);
+                        Serial.print("TLS Read Error: ");
+                        Serial.println(errBuf);
+                        break;
+                    } 
+                    else if (input > 0) {
+                        reply[input] = '\0';
+                        Serial.print(reply);
+                    }
+                    else {
+                        Serial.println();
+                    }
+                } 
+            }
+            else {
+                err = wolfSSL_get_error(ssl, 0);
+                wolfSSL_ERR_error_string(err, errBuf);
+                Serial.print("TLS Write Error: ");
+                Serial.println(errBuf);
+            }
+            wolfSSL_shutdown(ssl);
+            wolfSSL_free(ssl);
+            client.stop();
+            Serial.println("Connection complete.");
+            reconnect = 0;
+        }
+        else {
+            Serial.println("Trying to reconnect...");
+        }
    }
-  }
-  delay(1000);
+    delay(1000);
 }
--- a/IDE/ARDUINO/sketches/wolfssl_server/wolfssl_server.ino
+++ b/IDE/ARDUINO/sketches/wolfssl_server/wolfssl_server.ino
@@ -1,6 +1,6 @@
 /* wolfssl_server.ino
 *
- * Copyright (C) 2006-2021 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
--- a/IDE/ARDUINO/wolfssl-arduino.sh
+++ b/IDE/ARDUINO/wolfssl-arduino.sh
@@ -4,86 +4,141 @@
 # an Arduino project
 # run as bash ./wolfssl-arduino.sh

+ROOT_DIR="/wolfSSL"
+ROOT_SRC_DIR="${ROOT_DIR}/src"
+WOLFSSL_SRC="${ROOT_SRC_DIR}/src"
+WOLFSSL_HEADERS="${ROOT_SRC_DIR}/wolfssl"
+WOLFCRYPT_ROOT="${ROOT_SRC_DIR}/wolfcrypt"
+WOLFCRYPT_SRC="${WOLFCRYPT_ROOT}/src"
+WOLFCRYPT_HEADERS="${WOLFSSL_HEADERS}/wolfcrypt"
+OPENSSL_DIR="${WOLFSSL_HEADERS}/openssl"
+WOLFSSL_VERSION="5.6.4"
+
+# TOP indicates the file directory comes from the top level of the wolfssl repo
+TOP_DIR="../.."
+WOLFSSL_SRC_TOP="${TOP_DIR}/src"
+WOLFSSL_HEADERS_TOP="${TOP_DIR}/wolfssl"
+WOLFCRYPT_ROOT_TOP="${TOP_DIR}/wolfcrypt"
+WOLFCRYPT_SRC_TOP="${WOLFCRYPT_ROOT_TOP}/src"
+WOLFCRYPT_HEADERS_TOP="${WOLFSSL_HEADERS_TOP}/wolfcrypt"
+OPENSSL_DIR_TOP="${WOLFSSL_HEADERS_TOP}/openssl"
+
+
+# TODO: Parse version number
+WOLFSSL_VERSION=$(grep -i "LIBWOLFSSL_VERSION_STRING" ${TOP_DIR}/wolfssl/version.h | cut -d '"' -f 2)
+
+
 DIR=${PWD##*/}

-space(){
-    echo "" >> "$1"
-}
-
 if [ "$DIR" = "ARDUINO" ]; then
-	if [ ! -d "wolfSSL" ]; then
-	    mkdir wolfSSL
+	if [ ! -d ".${ROOT_DIR}" ]; then
+	    mkdir .${ROOT_DIR}
+    fi
+    if [ ! -d ".${ROOT_SRC_DIR}" ]; then
+	    mkdir .${ROOT_SRC_DIR}
    fi

-    cp ../../src/*.c ./wolfSSL
-    cp ../../wolfcrypt/src/*.c ./wolfSSL
+    if [ ! -d ".${WOLFSSL_HEADERS}" ]; then
+	    mkdir .${WOLFSSL_HEADERS}
+    fi

-    if [ ! -d "wolfSSL/wolfssl" ]; then
-	    mkdir wolfSSL/wolfssl
+    cp ${WOLFSSL_HEADERS_TOP}/*.h .${WOLFSSL_HEADERS}
+    if [ ! -d ".${WOLFCRYPT_HEADERS}" ]; then
+        mkdir .${WOLFCRYPT_HEADERS}
    fi
-    cp ../../wolfssl/*.h ./wolfSSL/wolfssl
-    if [ ! -d "wolfSSL/wolfssl/wolfcrypt" ]; then
-        mkdir wolfSSL/wolfssl/wolfcrypt
-    fi
-    cp ../../wolfssl/wolfcrypt/*.h ./wolfSSL/wolfssl/wolfcrypt
+    cp ${WOLFCRYPT_HEADERS_TOP}/*.h .${WOLFCRYPT_HEADERS}

-    # support misc.c as include in wolfcrypt/src
-    if [ ! -d "./wolfSSL/wolfcrypt" ]; then
-        mkdir ./wolfSSL/wolfcrypt
+    # Add in source files to wolfcrypt/src
+    if [ ! -d ".${WOLFCRYPT_ROOT}" ]; then
+        mkdir .${WOLFCRYPT_ROOT}
    fi
-    if [ ! -d "./wolfSSL/wolfcrypt/src" ]; then
-        mkdir ./wolfSSL/wolfcrypt/src
+    if [ ! -d ".${WOLFCRYPT_SRC}" ]; then
+        mkdir .${WOLFCRYPT_SRC}
    fi
-    cp ../../wolfcrypt/src/misc.c ./wolfSSL/wolfcrypt/src
-    cp ../../wolfcrypt/src/asm.c  ./wolfSSL/wolfcrypt/src
-
+    cp ${WOLFCRYPT_SRC_TOP}/*.c .${WOLFCRYPT_SRC}
+    
+    # Add in source files to top level src folders
+    if [ ! -d ".${WOLFSSL_SRC}" ]; then
+        mkdir .${WOLFSSL_SRC}
+    fi
+    cp ${WOLFSSL_SRC_TOP}/*.c .${WOLFSSL_SRC}
    # put bio and evp as includes
-    mv ./wolfSSL/bio.c ./wolfSSL/wolfssl
-	mv ./wolfSSL/evp.c ./wolfSSL/wolfssl
+    cp .${WOLFSSL_SRC}/bio.c .${WOLFSSL_HEADERS}
+    cp .${WOLFCRYPT_SRC}/evp.c .${WOLFSSL_HEADERS}

    # make a copy of evp.c and bio.c for ssl.c to include inline
-    cp ./wolfSSL/wolfssl/evp.c ./wolfSSL/wolfcrypt/src/evp.c
-    cp ./wolfSSL/wolfssl/bio.c ./wolfSSL/wolfcrypt/src/bio.c
+    cp .${WOLFSSL_HEADERS}/evp.c .${WOLFCRYPT_SRC}/evp.c
+    cp .${WOLFSSL_HEADERS}/bio.c .${WOLFCRYPT_SRC}/bio.c
    
    # copy openssl compatibility headers to their appropriate location
-    if [ ! -d "./wolfSSL/wolfssl/openssl" ]; then
-        mkdir ./wolfSSL/wolfssl/openssl
+    if [ ! -d ".${OPENSSL_DIR}" ]; then
+        mkdir .${OPENSSL_DIR}
    fi
-    cp ../../wolfssl/openssl/* ./wolfSSL/wolfssl/openssl
+    cp ${OPENSSL_DIR_TOP}/* .${OPENSSL_DIR}

-    echo "/* Generated wolfSSL header file for Arduino */" > ./wolfSSL/wolfssl.h
-    echo "#include <user_settings.h>" >> ./wolfSSL/wolfssl.h
-    echo "#include <wolfssl/wolfcrypt/settings.h>" >> ./wolfSSL/wolfssl.h
-    echo "#include <wolfssl/ssl.h>" >> ./wolfSSL/wolfssl.h

-    if [ ! -f "./wolfSSL/user_settings.h" ]; then
-        echo "/* Generated wolfSSL user_settings.h file for Arduino */" > ./wolfSSL/user_settings.h
-        echo "#ifndef ARDUINO_USER_SETTINGS_H" >> ./wolfSSL/user_settings.h
-        echo "#define ARDUINO_USER_SETTINGS_H" >> ./wolfSSL/user_settings.h
-        space ./wolfSSL/user_settings.h
-        echo "/* Platform */" >> ./wolfSSL/user_settings.h
-        echo "#define WOLFSSL_ARDUINO" >> ./wolfSSL/user_settings.h
-        space ./wolfSSL/user_settings.h
-        echo "/* Math library (remove this to use normal math)*/" >>  ./wolfSSL/user_settings.h
-        echo "#define USE_FAST_MATH" >> ./wolfSSL/user_settings.h
-        echo "#define TFM_NO_ASM" >> ./wolfSSL/user_settings.h
-        space ./wolfSSL/user_settings.h
-        echo "/* RNG DEFAULT !!FOR TESTING ONLY!! */" >>  ./wolfSSL/user_settings.h
-        echo "/* comment out the error below to get started w/ bad entropy source" >>  ./wolfSSL/user_settings.h
-        echo " * This will need fixed before distribution but is OK to test with */" >>  ./wolfSSL/user_settings.h
-        echo "#error \"needs solved, see: https://www.wolfssl.com/docs/porting-guide/\"" >>  ./wolfSSL/user_settings.h
-        echo "#define WOLFSSL_GENSEED_FORTEST" >> ./wolfSSL/user_settings.h
-        space ./wolfSSL/user_settings.h
-        echo "#endif /* ARDUINO_USER_SETTINGS_H */" >> ./wolfSSL/user_settings.h
+    cat > .${ROOT_SRC_DIR}/wolfssl.h <<EOF
+/* Generated wolfSSL header file for Arduino */
+#include <user_settings.h>
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/ssl.h>
+EOF
+
+
+# Creates user_settings file if one does not exist
+    if [ ! -f ".${ROOT_SRC_DIR}/user_settings.h" ]; then
+    	cat > .${ROOT_SRC_DIR}/user_settings.h <<EOF
+/* Generated wolfSSL user_settings.h file for Arduino */
+#ifndef ARDUINO_USER_SETTINGS_H
+#define ARDUINO_USER_SETTINGS_H
+
+/* Platform */
+#define WOLFSSL_ARDUINO
+
+/* Math library (remove this to use normal math)*/
+#define USE_FAST_MATH
+#define TFM_NO_ASM
+#define NO_ASN_TIME
+
+/* When using Intel Galileo Uncomment the line below */
+/* #define INTEL_GALILEO */
+
+/* RNG DEFAULT !!FOR TESTING ONLY!! */
+/* comment out the error below to get started w/ bad entropy source
+ * This will need fixed before distribution but is OK to test with */
+#error "needs solved, see: https://www.wolfssl.com/docs/porting-guide/"
+#define WOLFSSL_GENSEED_FORTEST
+
+#endif /* ARDUINO_USER_SETTINGS_H */
+EOF
    fi

-    cp wolfSSL/wolfssl/wolfcrypt/settings.h wolfSSL/wolfssl/wolfcrypt/settings.h.bak
-    echo " /* wolfSSL Generated ARDUINO settings */" > ./wolfSSL/wolfssl/wolfcrypt/settings.h
-    echo "#ifndef WOLFSSL_USER_SETTINGS" >> ./wolfSSL/wolfssl/wolfcrypt/settings.h
-    echo "    #define WOLFSSL_USER_SETTINGS" >> ./wolfSSL/wolfssl/wolfcrypt/settings.h
-    echo "#endif /* WOLFSSL_USER_SETTINGS */" >> ./wolfSSL/wolfssl/wolfcrypt/settings.h
-    echo " /* wolfSSL Generated ARDUINO settings: END */" >> ./wolfSSL/wolfssl/wolfcrypt/settings.h
-    cat ./wolfSSL/wolfssl/wolfcrypt/settings.h.bak >> ./wolfSSL/wolfssl/wolfcrypt/settings.h
+    cp .${WOLFCRYPT_HEADERS}/settings.h .${WOLFCRYPT_HEADERS}/settings.h.bak
+    cat > .${WOLFCRYPT_HEADERS}/settings.h <<EOF
+/*wolfSSL Generated ARDUINO settings */
+#ifndef WOLFSSL_USER_SETTINGS
+    #define WOLFSSL_USER_SETTINGS
+#endif /* WOLFSSL_USER_SETTINGS */ 
+/*wolfSSL Generated ARDUINO settings: END */	
+
+EOF
+    cat .${WOLFCRYPT_HEADERS}/settings.h.bak >> .${WOLFCRYPT_HEADERS}/settings.h
+
+    #Creating library.properties file based off of: 
+    #https://arduino.github.io/arduino-cli/0.35/library-specification/#libraryproperties-file-format
+
+    cat > .${ROOT_DIR}/library.properties <<EOF
+name=wolfSSL
+version=${WOLFSSL_VERSION}
+author=wolfSSL inc
+maintainer=wolfSSL inc <support@wolfssl.com>
+sentence=A lightweight SSL/TLS library written in ANSI C and targeted for embedded, RTOS, and resource-constrained environments.
+paragraph=Manual: https://www.wolfssl.com/documentation/manuals/wolfssl/index.html.
+category=Communication
+url=https://www.wolfssl.com/
+architectures=*
+
+EOF

 else
    echo "ERROR: You must be in the IDE/ARDUINO directory to run this script"
--- a/IDE/AURIX/Cpu0_Main.c
+++ b/IDE/AURIX/Cpu0_Main.c
@@ -0,0 +1,153 @@
+/* Cpu0_Main.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Infineon includes */
+#include "Ifx_Types.h"
+#include "IfxCpu.h"
+#include "IfxScuWdt.h"
+#include "IfxAsclin_Asc.h"
+#include "IfxCpu_Irq.h"
+#include "IfxPort.h"
+#include "SysSe/Bsp/Bsp.h"
+
+/* For mapping stdio printf */
+#include <stdio.h>
+#include <string.h>
+
+/* used to wait for CPU sync event */
+IFX_ALIGN(4) IfxCpu_syncEvent g_cpuSyncEvent = 0;
+
+#define SERIAL_BAUDRATE         115200  /* Baud rate in bit/s */
+#define SERIAL_PIN_RX           IfxAsclin0_RXA_P14_1_IN /* RX pin of the board */
+#define SERIAL_PIN_TX           IfxAsclin0_TX_P14_0_OUT /* TX pin of the board */
+#define INTPRIO_ASCLIN0_TX      19  /* Priority of the ISR */
+#define ASC_TX_BUFFER_SIZE      128 /* Definition of the buffer size */
+
+/* Declaration of the ASC handle */
+static IfxAsclin_Asc g_asc;
+
+/* Declaration of the FIFOs parameters:
+ * The transfer buffers allocate memory for the data itself and for FIFO runtime
+ * variables. 8 more bytes have to be added to ensure a proper circular buffer
+ * handling independent from the address to which the buffers have been located.
+ */
+static uint8 g_ascTxBuffer[ASC_TX_BUFFER_SIZE + sizeof(Ifx_Fifo) + 8];
+
+/******************************************************************************/
+/*----Function Implementations------------------------------------------------*/
+/******************************************************************************/
+
+/* Re-target the C library printf function to the asc lin. */
+int fputc(int ch, FILE *f)
+{
+    Ifx_SizeT count;
+    /* convert to CRLF */
+    if (ch == (int)'\n') {
+        int chcr = (int)'\r';
+        count = 1;
+        IfxAsclin_Asc_write(&g_asc, &chcr, &count, TIME_INFINITE);    
+    }
+    count = 1;
+    IfxAsclin_Asc_write(&g_asc, &ch, &count, TIME_INFINITE);
+    return ch;
+}
+
+/* Add the Interrupt Service Routine */
+IFX_INTERRUPT(asclin0_Tx_ISR, 0, INTPRIO_ASCLIN0_TX);
+void asclin0_Tx_ISR(void)
+{
+    IfxAsclin_Asc_isrTransmit(&g_asc);
+}
+
+static void init_UART(void)
+{
+    IfxAsclin_Asc_Config ascConfig;
+
+    IfxCpu_Irq_installInterruptHandler(asclin0_Tx_ISR, INTPRIO_ASCLIN0_TX);
+
+    /* Port pins configuration */
+    const IfxAsclin_Asc_Pins pins = {
+        NULL_PTR,         IfxPort_InputMode_pullUp,     /* CTS pin not used   */
+        &SERIAL_PIN_RX,   IfxPort_InputMode_pullUp,     /* RX pin             */
+        NULL_PTR,         IfxPort_OutputMode_pushPull,  /* RTS pin not used   */
+        &SERIAL_PIN_TX,   IfxPort_OutputMode_pushPull,  /* TX pin             */
+        IfxPort_PadDriver_cmosAutomotiveSpeed1
+    };
+
+    /* Initialize an instance of IfxAsclin_Asc_Config with default values */
+    IfxAsclin_Asc_initModuleConfig(&ascConfig, SERIAL_PIN_TX.module);
+
+    /* Set the desired baud rate */
+    ascConfig.baudrate.baudrate = SERIAL_BAUDRATE;
+
+    /* ISR priorities and interrupt target */
+    ascConfig.interrupt.txPriority = INTPRIO_ASCLIN0_TX;
+    ascConfig.interrupt.typeOfService = IfxCpu_Irq_getTos(IfxCpu_getCoreIndex());
+
+    /* FIFO configuration */
+    ascConfig.txBuffer = &g_ascTxBuffer;
+    ascConfig.txBufferSize = ASC_TX_BUFFER_SIZE;
+
+    ascConfig.pins = &pins;
+
+    /* Initialize module with above parameters  */
+    IfxAsclin_Asc_initModule(&g_asc, &ascConfig);
+
+    /* Turn off buffers, so I/O occurs immediately */
+    setvbuf(stdin, NULL, _IONBF, 0);
+    setvbuf(stdout, NULL, _IONBF, 0);
+    setvbuf(stderr, NULL, _IONBF, 0);
+}
+
+int send_UART(const char* str)
+{
+    Ifx_SizeT count = (Ifx_SizeT)strlen(str);
+    IfxAsclin_Asc_write(&g_asc, str, &count, TIME_INFINITE);
+    return (int)count;
+}
+
+void core0_main(void)
+{
+    IfxCpu_enableInterrupts();
+
+    /* !!WATCHDOG0 AND SAFETY WATCHDOG ARE DISABLED HERE!!
+     * Enable the watchdogs and service them periodically if it is required
+     */
+    IfxScuWdt_disableCpuWatchdog(IfxScuWdt_getCpuWatchdogPassword());
+    IfxScuWdt_disableSafetyWatchdog(IfxScuWdt_getSafetyWatchdogPassword());
+
+    /* Wait for CPU sync event */
+    IfxCpu_emitEvent(&g_cpuSyncEvent);
+    IfxCpu_waitEvent(&g_cpuSyncEvent, 1);
+
+    /* Initialize the UART to board VCOM */
+    init_UART();
+
+    /* bare metal loop */
+    while(1)
+    {
+        extern void run_wolf_tests(void);
+        run_wolf_tests();
+
+        /* wait 5 seconds */
+        waitTime(IfxStm_getTicksFromMilliseconds(BSP_DEFAULT_TIMER, 5 * 1000));
+    } /* while */
+}
--- a/IDE/AURIX/README.md
+++ b/IDE/AURIX/README.md
@@ -0,0 +1,114 @@
+# Infineon AURIX Development Studio
+
+An Eclipse based IDE for developing software for the Infineon TriCore AURIX TX3XX.
+
+Tested Platform:
+* Infineon AURIX™ Development Studio 1.7.2 (Build 20220617-0730)
+* Infineon TriBoard TC399 v2.0
+* wolfSSL v5.4.0 (with PR 5419)
+
+## Running wolfCrypt on TriCore
+
+1) Add the wolfSSL source and headers to `Libraries/wolfssl`. 
+  - Only the following folders are required: `src`, `wolfcrypt` and `wolfssl`.
+  - See script to help with producing bundle here: https://github.com/wolfSSL/wolfssl/blob/master/scripts/makedistsmall.sh
+2) Add `WOLFSSL_USER_SETTINGS` to the Preprocessing symbols list. C/C++ Build -> Settings -> TASKING C/C++ Compiler -> Preprocessing.
+3) Add `Libraries/wolfssl` to the include path. C/C++ General -> Paths and Symbols -> Includes -> GNU C
+4) Add ignores for the following warnings. Unused static function (553) and switch missing break (536). C/C++ Build -> Settings -> TASKING C/C++ Compiler -> Diagnostics
+5) Copy `Cpu0_Main.c`, `user_settings.h` and `wolf_main.c` into the project folder.
+6) Increase the stack by modifying `Lcf_Tasking_Tricore_Tc.lsl` to adjusting the USTACK0-4 (`LCF_USTACK#_SIZE`) from 2k to 12k.
+6) Build and run/debug.
+
+### Example output from wolfCrypt test and benchmark
+
+Benchmark Configuration:
+* TriCore (TC1.6.2P) 32-bit super-scalar running at 300MHz:
+* Release build: `-O2`
+* SP Math SMALL: sp_c32.c for RSA/ECC/DH
+* AES GCM SMALL
+
+```
+Running wolfCrypt Tests...
+------------------------------------------------------------------------------
+ wolfSSL version 5.4.0
+------------------------------------------------------------------------------
+error    test passed!
+MEMORY   test passed!
+base64   test passed!
+asn      test passed!
+RANDOM   test passed!
+SHA      test passed!
+SHA-256  test passed!
+Hash     test passed!
+HMAC-SHA test passed!
+HMAC-SHA256 test passed!
+HMAC-KDF    test passed!
+TLSv1.3 KDF test passed!
+GMAC     test passed!
+Chacha   test passed!
+POLY1305 test passed!
+ChaCha20-Poly1305 AEAD test passed!
+AES      test passed!
+AES192   test passed!
+AES256   test passed!
+AES-GCM  test passed!
+RSA      test passed!
+ECC      test passed!
+ECC buffer test passed!
+CMAC     test passed!
+logging  test passed!
+time test passed!
+mutex    test passed!
+memcb    test passed!
+Test complete
+Crypt Test: Return code 0
+Running wolfCrypt Benchmarks...
+wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
+RNG                725 KB took 1.023 seconds,  708.703 KB/s
+AES-128-CBC-enc      2 MB took 1.002 seconds,    2.071 MB/s
+AES-128-CBC-dec      2 MB took 1.005 seconds,    2.065 MB/s
+AES-192-CBC-enc      2 MB took 1.002 seconds,    1.779 MB/s
+AES-192-CBC-dec      2 MB took 1.013 seconds,    1.783 MB/s
+AES-256-CBC-enc      2 MB took 1.003 seconds,    1.558 MB/s
+AES-256-CBC-dec      2 MB took 1.009 seconds,    1.573 MB/s
+AES-128-GCM-enc    225 KB took 1.013 seconds,  222.112 KB/s
+AES-128-GCM-dec    225 KB took 1.014 seconds,  221.892 KB/s
+AES-192-GCM-enc    225 KB took 1.046 seconds,  215.107 KB/s
+AES-192-GCM-dec    225 KB took 1.046 seconds,  215.104 KB/s
+AES-256-GCM-enc    225 KB took 1.070 seconds,  210.279 KB/s
+AES-256-GCM-dec    225 KB took 1.069 seconds,  210.477 KB/s
+GMAC Small         251 KB took 1.000 seconds,  251.000 KB/s
+AES-128-ECB-enc      2 MB took 1.000 seconds,    2.000 MB/s
+AES-128-ECB-dec      2 MB took 1.000 seconds,    2.049 MB/s
+AES-192-ECB-enc      2 MB took 1.000 seconds,    1.727 MB/s
+AES-192-ECB-dec      2 MB took 1.000 seconds,    1.772 MB/s
+AES-256-ECB-enc      2 MB took 1.000 seconds,    1.518 MB/s
+AES-256-ECB-dec      2 MB took 1.000 seconds,    1.563 MB/s
+CHACHA               3 MB took 1.007 seconds,    3.322 MB/s
+CHA-POLY             2 MB took 1.011 seconds,    2.028 MB/s
+POLY1305             6 MB took 1.003 seconds,    6.012 MB/s
+SHA                  3 MB took 1.004 seconds,    3.380 MB/s
+SHA-256              2 MB took 1.003 seconds,    1.558 MB/s
+AES-128-CMAC         2 MB took 1.010 seconds,    2.055 MB/s
+AES-256-CMAC         2 MB took 1.010 seconds,    1.547 MB/s
+HMAC-SHA             3 MB took 1.004 seconds,    3.356 MB/s
+HMAC-SHA256          2 MB took 1.010 seconds,    1.547 MB/s
+RSA     2048 public         50 ops took 1.020 sec, avg 20.400 ms, 49.019 ops/sec
+RSA     2048 private         2 ops took 2.377 sec, avg 1188.492 ms, 0.841 ops/sec
+ECC   [      SECP256R1]   256 key gen        16 ops took 1.061 sec, avg 66.313 ms, 15.080 ops/sec
+ECDHE [      SECP256R1]   256 agree          16 ops took 1.059 sec, avg 66.187 ms, 15.109 ops/sec
+ECDSA [      SECP256R1]   256 sign           14 ops took 1.058 sec, avg 75.570 ms, 13.233 ops/sec
+ECDSA [      SECP256R1]   256 verify          8 ops took 1.080 sec, avg 135.002 ms, 7.407 ops/sec
+Benchmark complete
+Benchmark Test: Return code 0
+```
+
+
+## Running wolfCrypt on the HSM (Cortex M3)
+
+Coming soon
+
+
+## Support
+
+For questions please email facts@wolfssl.com
--- a/IDE/AURIX/include.am
+++ b/IDE/AURIX/include.am
@@ -0,0 +1,8 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST+= IDE/AURIX/Cpu0_Main.c
+EXTRA_DIST+= IDE/AURIX/README.md
+EXTRA_DIST+= IDE/AURIX/user_settings.h
+EXTRA_DIST+= IDE/AURIX/wolf_main.c
--- a/IDE/AURIX/user_settings.h
+++ b/IDE/AURIX/user_settings.h
@@ -0,0 +1,460 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Template for the Infineon AURIX Development Studio and TC3XX
+ * Example wolfSSL user settings with #if 0/1 gates to enable/disable algorithms and features.
+ * This file is included with wolfssl/wolfcrypt/settings.h when WOLFSSL_USER_SETTINGS is defined.
+
+ */
+
+#ifndef WOLFSSL_USER_SETTINGS_H
+#define WOLFSSL_USER_SETTINGS_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* ------------------------------------------------------------------------- */
+/* Platform */
+/* ------------------------------------------------------------------------- */
+/* Alignment and sizeof 64-bit */
+#define WOLFSSL_GENERAL_ALIGNMENT 4
+#define SIZEOF_LONG_LONG 8
+
+/* disable threading - mutex locking */
+#define SINGLE_THREADED
+
+/* ignore file include warnings */
+#define WOLFSSL_IGNORE_FILE_WARN
+
+/* disable the built-in socket support and use the IO callbacks.
+ * Set with wolfSSL_CTX_SetIORecv/wolfSSL_CTX_SetIOSend
+ */
+#define WOLFSSL_USER_IO
+
+/* Disable file system */
+#define NO_FILESYSTEM
+
+
+/* ------------------------------------------------------------------------- */
+/* Port */
+/* ------------------------------------------------------------------------- */
+
+/* Override Current Time */
+/* Allows custom "custom_time()" function to be used for benchmark */
+#define WOLFSSL_USER_CURRTIME
+#define WOLFSSL_GMTIME
+#define USER_TICKS
+extern unsigned long my_time(unsigned long* timer);
+#define XTIME my_time
+
+/* Use built-in P-RNG (SHA256 based) with HW RNG */
+#undef  HAVE_HASHDRBG
+#define HAVE_HASHDRBG
+
+/* Custom Seed Source */
+#define CUSTOM_RAND_TYPE      unsigned int
+extern unsigned int my_rng_seed_gen(void);
+#undef  CUSTOM_RAND_GENERATE
+#define CUSTOM_RAND_GENERATE  my_rng_seed_gen
+
+/* Standard Lib - C89 */
+#define XSTRCASECMP(s1,s2) strcmp((s1),(s2))
+
+
+/* ------------------------------------------------------------------------- */
+/* Math Configuration */
+/* ------------------------------------------------------------------------- */
+#undef USE_FAST_MATH
+#undef WOLFSSL_SP
+#if 1
+    /* Wolf Single Precision Math */
+    #define WOLFSSL_HAVE_SP_RSA
+    //#define WOLFSSL_HAVE_SP_DH
+    #define WOLFSSL_HAVE_SP_ECC
+    #define WOLFSSL_SP_4096 /* Enable RSA/RH 4096-bit support */
+    #define WOLFSSL_SP_384 /* Enable ECC 384-bit SECP384R1 support */
+
+    #define WOLFSSL_SP_MATH     /* only SP math - disables integer.c/tfm.c */
+    //#define WOLFSSL_SP_MATH_ALL /* use SP math for all key sizes and curves */
+
+    #define WOLFSSL_SP_NO_MALLOC
+    //#define WOLFSSL_SP_DIV_32 /* do not use 64-bit divides */
+
+    /* use smaller version of code */
+    #define WOLFSSL_SP_SMALL
+
+    /* SP Assembly Speedups - specific to chip type */
+    //#define WOLFSSL_SP_ASM
+    //#define WOLFSSL_SP_ARM32_ASM
+    //#define WOLFSSL_SP_ARM64_ASM
+    //#define WOLFSSL_SP_ARM_THUMB_ASM
+    //#define WOLFSSL_SP_ARM_CORTEX_M_ASM
+#endif
+
+#ifndef WOLFSSL_SP_MATH
+    #if 0
+        /* fast math (tfmc.) (stack based and timing resistant) */
+        #define USE_FAST_MATH
+        #define TFM_TIMING_RESISTANT
+    #else
+        /* normal heap based integer.c (not timing resistant) */
+        #define USE_INTEGER_HEAP_MATH
+    #endif
+#endif
+
+/* ------------------------------------------------------------------------- */
+/* Crypto */
+/* ------------------------------------------------------------------------- */
+/* RSA */
+#undef NO_RSA
+#if 1
+    #ifdef USE_FAST_MATH
+        /* Maximum math bits (Max RSA key bits * 2) */
+        #define FP_MAX_BITS 4096
+    #endif
+
+    /* half as much memory but twice as slow */
+    //#define RSA_LOW_MEM
+
+    /* Enables blinding mode, to prevent timing attacks */
+    #define WC_RSA_BLINDING
+
+    /* RSA PSS Support */
+    #define WC_RSA_PSS
+#else
+    #define NO_RSA
+#endif
+
+/* DH */
+#undef  NO_DH
+#if 0
+    /* Use table for DH instead of -lm (math) lib dependency */
+    #if 1
+        #define WOLFSSL_DH_CONST
+        #define HAVE_FFDHE_2048
+        //#define HAVE_FFDHE_4096
+        //#define HAVE_FFDHE_6144
+        //#define HAVE_FFDHE_8192
+    #endif
+#else
+    #define NO_DH
+#endif
+
+/* ECC */
+#undef HAVE_ECC
+#if 1
+    #define HAVE_ECC
+
+    /* Manually define enabled curves */
+    #define ECC_USER_CURVES
+
+    #ifdef ECC_USER_CURVES
+        /* Manual Curve Selection */
+        //#define HAVE_ECC192
+        //#define HAVE_ECC224
+        #undef NO_ECC256
+        #define HAVE_ECC384
+        //#define HAVE_ECC521
+    #endif
+
+    /* Fixed point cache (speeds repeated operations against same private key) */
+    //#define FP_ECC
+    #ifdef FP_ECC
+        /* Bits / Entries */
+        #define FP_ENTRIES  2
+        #define FP_LUT      4
+    #endif
+
+    /* Optional ECC calculation method */
+    /* Note: doubles heap usage, but slightly faster */
+    #define ECC_SHAMIR
+
+    /* Reduces heap usage, but slower */
+    #define ECC_TIMING_RESISTANT
+
+    /* Compressed ECC Key Support */
+    //#define HAVE_COMP_KEY
+
+    /* Use alternate ECC size for ECC math */
+    #ifdef USE_FAST_MATH
+        /* MAX ECC BITS = ROUND8(MAX ECC) * 2 */
+        #if defined(NO_RSA) && defined(NO_DH)
+            /* Custom fastmath size if not using RSA/DH */
+            #define FP_MAX_BITS     (256 * 2)
+        #else
+            /* use heap allocation for ECC points */
+            #define ALT_ECC_SIZE
+
+            /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
+            //#define FP_MAX_BITS_ECC (256 * 2)
+        #endif
+
+        /* Speedups specific to curve */
+        #ifndef NO_ECC256
+            #define TFM_ECC256
+        #endif
+    #endif
+#endif
+
+
+/* AES */
+#undef NO_AES
+#if 1
+    #define HAVE_AES_CBC
+
+    /* GCM Method: GCM_TABLE_4BIT, GCM_SMALL, GCM_WORD32 or GCM_TABLE */
+    #define HAVE_AESGCM
+    #define GCM_SMALL
+
+    #define WOLFSSL_AES_DIRECT
+    #define HAVE_AES_ECB
+#else
+    #define NO_AES
+#endif
+
+
+/* DES3 */
+#undef NO_DES3
+#if 0
+#else
+    #define NO_DES3
+#endif
+
+/* ChaCha20 / Poly1305 */
+#undef HAVE_CHACHA
+#undef HAVE_POLY1305
+#if 1
+    #define HAVE_CHACHA
+    #define HAVE_POLY1305
+
+    /* Needed for Poly1305 */
+    #define HAVE_ONE_TIME_AUTH
+#endif
+
+/* Ed25519 / Curve25519 */
+#undef HAVE_CURVE25519
+#undef HAVE_ED25519
+#if 0
+    #define HAVE_CURVE25519
+    #define HAVE_ED25519 /* ED25519 Requires SHA512 */
+
+    /* Optionally use small math (less flash usage, but much slower) */
+    #if 1
+        #define CURVED25519_SMALL
+    #endif
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Hashing */
+/* ------------------------------------------------------------------------- */
+/* Sha */
+#undef NO_SHA
+#if 1
+    /* on by default */
+    /* 1k smaller, but 25% slower */
+    //#define USE_SLOW_SHA
+#else
+    #define NO_SHA
+#endif
+
+/* Sha256 */
+#undef NO_SHA256
+#if 1
+    /* not unrolled - ~2k smaller and ~25% slower */
+    //#define USE_SLOW_SHA256
+
+    /* Sha224 */
+    #if 0
+        #define WOLFSSL_SHA224
+    #endif
+#else
+    #define NO_SHA256
+#endif
+
+/* Sha512 */
+#undef WOLFSSL_SHA512
+#if 0
+    #define WOLFSSL_SHA512
+
+    /* Sha384 */
+    #undef  WOLFSSL_SHA384
+    #if 0
+        #define WOLFSSL_SHA384
+    #endif
+
+    /* over twice as small, but 50% slower */
+    //#define USE_SLOW_SHA512
+#endif
+
+/* Sha3 */
+#undef WOLFSSL_SHA3
+#if 0
+    #define WOLFSSL_SHA3
+#endif
+
+/* MD5 */
+#undef NO_MD5
+#if 0
+    /* on by default */
+#else
+    #define NO_MD5
+#endif
+
+/* HKDF */
+#undef HAVE_HKDF
+#if 1
+    #define HAVE_HKDF
+#endif
+
+/* CMAC */
+#undef WOLFSSL_CMAC
+#if 1
+    #define WOLFSSL_CMAC
+    /* Note: requires WOLFSSL_AES_DIRECT */
+#endif
+
+/* HMAC - on by default */
+#undef NO_HMAC
+#if 1
+    /* on by default */
+#else
+    #define NO_HMAC
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* ASN */
+/* ------------------------------------------------------------------------- */
+#if 0
+    /* Use the newer ASN template code */
+    #define WOLFSSL_ASN_TEMPLATE
+    //#define WOLFSSL_CUSTOM_OID
+    //#define HAVE_OID_ENCODING
+    //#define HAVE_OID_DECODING
+#else
+    /* Use the original custom ASN code */
+#endif
+/* Optionally disable time checking for ASN */
+//#define NO_ASN_TIME
+
+
+/* ------------------------------------------------------------------------- */
+/* Benchmark / Test */
+/* ------------------------------------------------------------------------- */
+/* Use reduced benchmark / test sizes */
+#define BENCH_EMBEDDED
+
+/* Use test buffers from array (not filesystem) */
+#ifndef NO_FILESYSTEM
+#define USE_CERT_BUFFERS_256
+#define USE_CERT_BUFFERS_2048
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Debugging */
+/* ------------------------------------------------------------------------- */
+
+#undef DEBUG_WOLFSSL
+#undef NO_ERROR_STRINGS
+#if 0
+    #define DEBUG_WOLFSSL
+    #define WOLFSSL_LOG_PRINTF
+#else
+    #if 0
+        #define NO_ERROR_STRINGS
+    #endif
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Memory */
+/* ------------------------------------------------------------------------- */
+#if 0
+    /* Static memory requires fast math or SP math with no malloc */
+    #define WOLFSSL_STATIC_MEMORY
+
+    /* Disable fallback malloc/free */
+    #define WOLFSSL_NO_MALLOC
+    #if 1
+        #define WOLFSSL_MALLOC_CHECK /* trap malloc failure */
+    #endif
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Enable Features */
+/* ------------------------------------------------------------------------- */
+
+#define WOLFSSL_TLS13
+#define WOLFSSL_OLD_PRIME_CHECK /* Use faster DH prime checking */
+#define HAVE_TLS_EXTENSIONS
+#define HAVE_SUPPORTED_CURVES
+#define WOLFSSL_BASE64_ENCODE
+
+//#define WOLFSSL_KEY_GEN /* For RSA Key gen only */
+//#define KEEP_PEER_CERT
+//#define HAVE_COMP_KEY
+
+/* TLS Session Cache */
+#if 0
+    #define SMALL_SESSION_CACHE
+#else
+    #define NO_SESSION_CACHE
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Disable Features */
+/* ------------------------------------------------------------------------- */
+//#define NO_WOLFSSL_SERVER
+//#define NO_WOLFSSL_CLIENT
+//#define NO_CRYPT_TEST
+//#define NO_CRYPT_BENCHMARK
+//#define WOLFCRYPT_ONLY
+
+/* In-lining of misc.c functions */
+/* If defined, must include wolfcrypt/src/misc.c in build */
+/* Slower, but about 1k smaller */
+//#define NO_INLINE
+
+#define NO_WRITEV
+#define NO_MAIN_DRIVER
+//#define NO_DEV_RANDOM
+
+#define NO_OLD_TLS
+#define NO_PSK
+
+#define NO_DSA
+#define NO_RC4
+#define NO_MD4
+#define NO_PWDBASED
+//#define NO_CODING
+//#define NO_CERTS
+//#define NO_SIG_WRAPPER
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* WOLFSSL_USER_SETTINGS_H */
--- a/IDE/AURIX/wolf_main.c
+++ b/IDE/AURIX/wolf_main.c
@@ -0,0 +1,150 @@
+/* wolf_main.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+/* wolfSSL includes */
+#ifndef WOLFSSL_USER_SETTINGS
+    #include <wolfssl/options.h>
+#endif
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfssl/wolfcrypt/random.h> /* for CUSTOM_RAND_TYPE */
+#include <wolfcrypt/test/test.h>
+#include <wolfcrypt/benchmark/benchmark.h>
+
+#include <stdint.h>
+#include <stdio.h>
+#include <stdarg.h>
+#include <string.h>
+
+/* Infineon Includes */
+#include "Ifx_Types.h"
+#include "IfxStm.h"
+
+extern int send_UART(const char* str);
+static void my_logging_cb(const int logLevel, const char *const logMessage)
+{
+    send_UART(logMessage);
+    send_UART("\r\n");
+    (void)logLevel; /* not used */
+}
+
+/* TIME CODE */
+/* Optionally you can define NO_ASN_TIME to disable all cert time checks */
+static int hw_get_time_sec(void)
+{
+    /* get time in seconds */
+    return IfxStm_get(&MODULE_STM0) / IfxStm_getFrequency(&MODULE_STM0);
+}
+
+/* This is used by wolfCrypt asn.c for cert time checking */
+unsigned long my_time(unsigned long* timer)
+{
+    (void)timer;
+    return hw_get_time_sec();
+}
+
+#ifndef WOLFCRYPT_ONLY
+/* This is used by TLS only */
+unsigned int LowResTimer(void)
+{
+    return hw_get_time_sec();
+}
+#endif
+
+#ifndef NO_CRYPT_BENCHMARK
+/* This is used by wolfCrypt benchmark tool only */
+double current_time(int reset)
+{
+    double timeNow;
+    uint64_t timeMs, ticks = IfxStm_get(&MODULE_STM0);
+    (void)reset;
+    timeMs = ticks / (IfxStm_getFrequency(&MODULE_STM0) / 1000);
+    timeNow = (timeMs / 1000); // sec
+    timeNow += (double)(timeMs % 1000) / 1000; // ms
+    return timeNow;
+}
+#endif
+
+/* RNG CODE */
+/* TODO: Implement real RNG */
+static unsigned int gCounter;
+unsigned int hw_rand(void)
+{
+    //#warning Must implement your own random source
+
+    return ++gCounter;
+}
+
+unsigned int my_rng_seed_gen(void)
+{
+    return hw_rand();
+}
+
+typedef struct func_args {
+    int    argc;
+    char** argv;
+    int    return_code;
+} func_args;
+
+void run_wolf_tests(void)
+{
+    func_args args;
+
+#ifdef DEBUG_WOLFSSL
+    wolfSSL_Debugging_ON();
+#endif
+    wolfSSL_SetLoggingCb(my_logging_cb);
+
+    /* initialize wolfSSL */
+#ifdef WOLFCRYPT_ONLY
+    wolfCrypt_Init();
+#else
+    wolfSSL_Init();
+#endif
+
+    memset(&args, 0, sizeof(args));
+    args.return_code = NOT_COMPILED_IN; /* default */
+
+    printf("Running wolfCrypt Tests...\n");
+#ifndef NO_CRYPT_TEST
+    args.return_code = 0;
+    wolfcrypt_test(&args);
+    printf("Crypt Test: Return code %d\n", args.return_code);
+#else
+    args.return_code = NOT_COMPILED_IN;
+#endif
+
+    printf("Running wolfCrypt Benchmarks...\n");
+#ifndef NO_CRYPT_BENCHMARK
+    args.return_code = 0;
+    benchmark_test(&args);
+#else
+    args.return_code = NOT_COMPILED_IN;
+#endif
+    printf("Benchmark Test: Return code %d\n", args.return_code);
+
+#ifdef WOLFCRYPT_ONLY
+    wolfCrypt_Cleanup();
+#else
+    wolfSSL_Cleanup();
+#endif
+}
--- a/IDE/Android/user_settings.h
+++ b/IDE/Android/user_settings.h
@@ -11,7 +11,7 @@
 #ifdef __aarch64__
    #if !defined(__clang__) || \
        (defined(__clang__) && defined(__clang_major__) && __clang_major__ >= 5)
-        /* older clang v4 has issue with inline assembly contraints */
+        /* older clang v4 has issue with inline assembly constraints */
        #define WOLFSSL_ARMASM
    #endif
 #endif
@@ -58,7 +58,7 @@
 #define HAVE_PK_CALLBACKS
 /* crypto callback support is not in FIPS 3389 */
 #ifndef HAVE_FIPS
-    #define WOLF_CRYPTO_CB 
+    #define WOLF_CRYPTO_CB
 #endif

 #define KEEP_OUR_CERT
--- a/IDE/CRYPTOCELL/main.c
+++ b/IDE/CRYPTOCELL/main.c
@@ -1,6 +1,6 @@
 /* main.c
 *
- * Copyright (C) 2006-2021 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
@@ -19,6 +19,7 @@
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
 */

+
 #include <wolfssl/wolfcrypt/settings.h>
 #include <wolfcrypt/test/test.h>
 #include <wolfcrypt/benchmark/benchmark.h>
@@ -26,7 +27,7 @@
 /* wolfCrypt_Init/wolfCrypt_Cleanup to turn CryptoCell hardware on/off */
 #include <wolfssl/wolfcrypt/wc_port.h>

-/* SEGGER_RTT_Init, you can potential replace it with other serial terminal */
+/* SEGGER_RTT_Init, you can potentially replace it with other serial terminal */
 #include "SEGGER_RTT.h"

 int main(void)
--- a/IDE/CRYPTOCELL/user_settings.h
+++ b/IDE/CRYPTOCELL/user_settings.h
@@ -1,6 +1,6 @@
 /* user_settings.h
 *
- * Copyright (C) 2006-2021 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
@@ -88,7 +88,6 @@ extern "C" {
    #define WOLFSSL_HAVE_SP_RSA
    #define WOLFSSL_HAVE_SP_DH
    #define WOLFSSL_HAVE_SP_ECC
-    #define WOLFSSL_SP_CACHE_RESISTANT
    //#define WOLFSSL_SP_MATH     /* only SP math - eliminates fast math code */

    /* Assembly */
--- a/IDE/ECLIPSE/DEOS/deos_malloc.c
+++ b/IDE/ECLIPSE/DEOS/deos_malloc.c
@@ -1,6 +1,6 @@
 /* deos_malloc.c
 *
- * Copyright (C) 2006-2021 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
--- a/IDE/ECLIPSE/DEOS/tls_wolfssl.c
+++ b/IDE/ECLIPSE/DEOS/tls_wolfssl.c
@@ -1,6 +1,6 @@
 /* tls_wolfssl.c
 *
- * Copyright (C) 2006-2021 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
@@ -31,19 +31,19 @@ int setupTransport(clientConnectionHandleType* connectionHandle,
                   char* connectionId) {
    int ret, error;
    void * sendBuffer;
-    DWORD bufferSizeInBytes;
+    size_t bufferSizeInBytes;

    if ((ret = socketTransportInitialize("mailbox-transport.config",
                                         "transportConfigurationId",
-                                         (DWORD)waitIndefinitely,&error)) != transportSuccess)
+                                         waitIndefinitely,&error)) != transportSuccess)
        printf("Initialize 0x%x, error=%d\n", ret, error);

-    else if ((ret = socketTransportClientInitialize((DWORD)waitIndefinitely,
+    else if ((ret = socketTransportClientInitialize(waitIndefinitely,
                                                    &error)) != transportSuccess)
        printf("ClientInitialize 0x%x, error=%d\n", ret, error);

    else if ((ret = socketTransportCreateConnection(connectionId,
-                                                    (DWORD)waitIndefinitely,
+                                                    waitIndefinitely,
                                                    COMPATIBILITY_ID_2,
                                                    connectionHandle,
                                                    &sendBuffer,
@@ -53,7 +53,7 @@ int setupTransport(clientConnectionHandleType* connectionHandle,

    else if ((ret = socketTransportSetConnectionForThread(currentThreadHandle(),
                                                          *connectionHandle,
-                                                          (DWORD)waitIndefinitely,
+                                                          waitIndefinitely,
                                                          &error)) != transportSuccess)
        printf("SetConnectionForThread 0x%x, error=%d\n", ret, error);

@@ -162,7 +162,7 @@ void wolfssl_client_test(uintData_t statusPtr) {
                    TCP_SERVER_IP_ADDR, TCP_SERVER_PORT);

    server_addr.sin_family = AF_INET;
-    server_addr.sin_addr = inet_addr(TCP_SERVER_IP_ADDR);
+    server_addr.sin_addr.s_addr = inet_addr(TCP_SERVER_IP_ADDR);
    server_addr.sin_port = htons(TCP_SERVER_PORT);

    printf("Calling connect on socket\n");
@@ -407,7 +407,7 @@ void wolfssl_server_test(uintData_t statusPtr)

    printf("Setting up server_addr struct\n");
    server_addr.sin_family = AF_INET;
-    server_addr.sin_addr = INADDR_ANY;
+    server_addr.sin_addr.s_addr = INADDR_ANY;
    server_addr.sin_port = htons(TLS_SERVER_PORT);

    bindStatus = bind(sock_listen, (sockaddr *) &server_addr, sizeof(server_addr));
@@ -510,7 +510,7 @@ void wolfssl_server_test(uintData_t statusPtr)
                wolfSSL_CTX_free(ctx);
                return;
            }
-            /* goToSleep() for 500 milli sec*/
+            /* goToSleep() for 500 milliseconds */
        }
    } while ((ret != SSL_SUCCESS) && (error == SSL_ERROR_WANT_READ));

@@ -580,14 +580,14 @@ int  wolfsslRunTests (void)
        ts = createThread("TCPclient", "TCPThreadTemplate", wolfssl_client_test,
                          0, &TCPhandle );
        if (ts != threadSuccess) {
-            printf("Unable to create TCP client thread, %i ", (DWORD)ts);
+            printf("Unable to create TCP client thread, %i ", (size_t)ts);
        }
    #endif
    #if !defined(NO_WOLFSSL_SERVER)
        ts = createThread("TCPserver", "TCPThreadTemplate", wolfssl_server_test,
                          0, &TCPhandle );
        if (ts != threadSuccess) {
-            printf("Unable to create TCP server thread, %i ", (DWORD)ts);
+            printf("Unable to create TCP server thread, %i ", (size_t)ts);
        }
    #endif

--- a/IDE/ECLIPSE/DEOS/tls_wolfssl.h
+++ b/IDE/ECLIPSE/DEOS/tls_wolfssl.h
@@ -1,6 +1,6 @@
 /* tls_wolfssl.h
 *
- * Copyright (C) 2006-2021 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
--- a/IDE/ECLIPSE/DEOS/user_settings.h
+++ b/IDE/ECLIPSE/DEOS/user_settings.h
@@ -1,6 +1,6 @@
 /* user_setting.h
 *
- * Copyright (C) 2006-2021 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
@@ -26,75 +26,140 @@
    extern "C" {
 #endif

-#define WOLFSSL_DEOS
+#if 0
+    /* RTEMS */
+    #define WOLFSSL_DEOS_RTEMS

-/* You can select none or all of the following tests
-using #define instead of #undef.
-By default, all four tests run*/
+    #include <stdio.h>
+    #include <string.h>
+    #include <netinet/in.h>
+    #include <sys/socket.h>
+    #include <pthread.h>
+    #include <stdint.h>
+    #include <stddef.h>  /* for size_t */
+    #include <stdlib.h> /* for malloc/free */

-#undef NO_CRYPT_TEST
-#undef NO_CRYPT_BENCHMARK
-#undef NO_WOLFSSL_CLIENT
-#undef NO_WOLFSSL_SERVER
+    #if (__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__)
+        #define BIG_ENDIAN_ORDER
+    #else
+        #undef  BIG_ENDIAN_ORDER
+        #define LITTLE_ENDIAN_ORDER
+    #endif
+#else
+    /* DEOS Native */
+    #define WOLFSSL_DEOS
+
+    #include <deos.h>
+    #include <timeout.h>
+    #include <socketapi.h>
+    #include <lwip-socket.h>
+    #include <mem.h>
+    #include <string.h>
+    #include <stdlib.h> /* for rand_r: pseudo-random number generator */
+    #include <stdio.h>  /* for snprintf */
+#endif
+
+/* Porting */

 /* adjust CURRENT_UNIX_TIMESTAMP to seconds since Jan 01 1970. (UTC)
-You can get the current time from https://www.unixtimestamp.com/
-*/
-#define CURRENT_UNIX_TIMESTAMP 1545864916
+You can get the current time from https://www.unixtimestamp.com/ */
+#define CURRENT_UNIX_TIMESTAMP 1663020069

-#define NO_FILESYSTEM
+#define BENCH_EMBEDDED /* use kB instead of mB for embedded benchmarking */
+#define WOLFSSL_IGNORE_FILE_WARN /* ignore warning for include of files not required */
+
+/* Math */
+#define USE_FAST_MATH
+#define FP_MAX_BITS (4096*2)
 #define SIZEOF_LONG_LONG 8
+#define TFM_TIMING_RESISTANT
+#define ECC_TIMING_RESISTANT
+#define WC_RSA_BLINDING

-/* prevents from including multiple definition of main() */
-#define NO_MAIN_DRIVER
-#define NO_TESTSUITE_MAIN_DRIVER
+/* Wolf Single Precision Math */
+#undef WOLFSSL_SP
+#if 1
+    #define WOLFSSL_HAVE_SP_RSA
+    #define WOLFSSL_HAVE_SP_DH
+    #define WOLFSSL_HAVE_SP_ECC
+    #define WOLFSSL_SP_4096 /* Enable RSA/RH 4096-bit support */
+    #define WOLFSSL_SP_384 /* Enable ECC 384-bit SECP384R1 support */

-/* includes certificate test buffers via header files */
-#define USE_CERT_BUFFERS_2048
+    #define WOLFSSL_SP_MATH     /* only SP math - disables integer.c/tfm.c */
+    //#define WOLFSSL_SP_MATH_ALL /* use SP math for all key sizes and curves */

-/*use kB instead of mB for embedded benchmarking*/
-#define BENCH_EMBEDDED
+    #define WOLFSSL_SP_NO_MALLOC
+    //#define WOLFSSL_SP_DIV_32 /* do not use 64-bit divides */

-#define NO_WRITE_TEMP_FILES
+    /* use smaller version of code */
+    #define WOLFSSL_SP_SMALL
+#endif

-#define HAVE_AESGCM
-#define WOLFSSL_SHA512
+/* Algorithms */
+#undef NO_RSA
+#undef NO_DH
+#define WOLFSSL_DH_CONST
 #define HAVE_ECC
-#define HAVE_CURVE25519
-#define CURVE25519_SMALL
-#define HAVE_ED25519
-#define ED25519_SMALL
+#define ECC_USER_CURVES
+#define HAVE_ECC384

-#define WOLFSSL_DTLS
+#if 1
+    #define HAVE_CURVE25519
+    #define HAVE_ED25519
+    #define CURVED25519_SMALL
+#endif
+
+#undef NO_SHA
+#undef NO_MD5
+#undef NO_SHA256
+#define HAVE_AESGCM
+#define WOLFSSL_SHA384
+#define WOLFSSL_SHA512
+
+/* TLS */
+#define HAVE_TLS_EXTENSIONS
+#define HAVE_SUPPORTED_CURVES
+#define HAVE_EXTENDED_MASTER
+#define HAVE_ENCRYPT_THEN_MAC
+
+//#define WOLFSSL_DTLS
+//#define WOLFSSL_DTLS13
+//#define WOLFSSL_NO_TLS12

-/* TLS 1.3 */
 #if 0
+    /* TLS 1.3 */
    #define WOLFSSL_TLS13
    #define WC_RSA_PSS
    #define HAVE_HKDF
    #define HAVE_FFDHE_2048
-    #define HAVE_AEAD
+    #define HAVE_FFDHE_3072
+    #define HAVE_FFDHE_4096
 #endif

+/* wolfSentry */
 #if 0
-
-/* You can use your own custom random generator function with
-   no input parameters and a `CUSTOM_RAND_TYPE` return type*/
-
-    #ifndef CUSTOM_RAND_GENERATE
-         #define CUSTOM_RAND_TYPE     int
-         #define CUSTOM_RAND_GENERATE yourRandGenFunc
-    #endif
-
+    #define WOLFSSL_WOLFSENTRY_HOOKS
+    #define HAVE_EX_DATA
+    #define HAVE_EX_DATA_CLEANUP_HOOKS
 #endif

-#if 1
-    #undef  XMALLOC_OVERRIDE
+/* compatibility layer */
+#if 0
+    #define OPENSSL_EXTRA
+#endif
+
+/* Random */
+#ifdef WOLFSSL_DEOS_RTEMS
+    extern int rtems_wolf_seed(unsigned char* output, unsigned int sz);
+    #define CUSTOM_RAND_GENERATE_SEED rtems_wolf_seed
+#endif
+
+/* custom heap handling */
+#ifdef WOLFSSL_DEOS
+    #define WOLFSSL_NO_MALLOC
    #define XMALLOC_OVERRIDE
+
    /* prototypes for user heap override functions */
-
-    #include <stddef.h>  /* for size_t */
-
    extern void *malloc_deos(size_t size);
    extern void  free_deos(void *ptr);
    extern void *realloc_deos(void *ptr, size_t size);
@@ -102,9 +167,40 @@ You can get the current time from https://www.unixtimestamp.com/
    #define XMALLOC(n, h, t)     malloc_deos(n)
    #define XFREE(p, h, t)       free_deos(p)
    #define XREALLOC(p, n, h, t) realloc_deos(p, n)
-
 #endif

+#if 0
+    #define DEBUG_WOLFSSL
+#endif
+
+/* You can select none or all of the following tests
+ * using #define instead of #undef.
+ * By default, all four tests run*/
+#define NO_CRYPT_TEST
+#define NO_CRYPT_BENCHMARK
+#undef NO_WOLFSSL_CLIENT
+#undef NO_WOLFSSL_SERVER
+
+/* file system has not been ported since it is a separate product */
+#define NO_FILESYSTEM
+#define NO_WOLFSSL_DIR
+#define NO_WRITEV
+#define NO_WRITE_TEMP_FILES
+
+/* disable old protocols and algorithms */
+#define NO_OLD_TLS
+#define NO_PSK
+#define NO_DSA
+#define NO_RC4
+#define NO_MD4
+
+#define NO_PWDBASED
+
+/* prevents from including multiple definition of main() */
+#define NO_MAIN_DRIVER
+#define NO_TESTSUITE_MAIN_DRIVER
+
+
 #ifdef __cplusplus
    }   /* extern "C" */
 #endif
--- a/IDE/ECLIPSE/MICRIUM/README.md
+++ b/IDE/ECLIPSE/MICRIUM/README.md
@@ -40,7 +40,7 @@ The folder hierarchy is the same as the wolfSSL folders with an exception of the

 4. Right click on each folders, add or link all the source code in the corresponding folder in wolfSSL.

-5. Remove non-C platform dependent files from your build. At the moment, only aes_asm.asm and aes_asm.s must be removed from your wolfssl/wolfcrypt/src folder.
+5. Remove non-C platform dependent files from your build. At the moment, only aes_asm.asm, aes_gcm_asm.asm and aes_asm.s must be removed from your wolfssl/wolfcrypt/src folder.

 6. In your C/C++ compiler preprocessor settings, add the wolfSSL directories to your include paths.
 Here's an example of the paths that must be added.
@@ -118,41 +118,41 @@ memcb    test passed!
 wolfSSL version 3.15.5
 ------------------------------------------------------------------------------
 wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
-RNG               225 KB tooks 1.026 seconds,  219.313 KB/s
-AES-128-CBC-enc    250 KB toks 1.105 seconds  226.210 KB/s
-AES-128-CBC-dec    225 KB tooks 1.005 seconds,  223.922 KB/s
-AES-192-CBC-enc    225 KB tooks 1.076 seconds, 209.104 KB/s
-AES-192-CBC-dec    225 KB tooks 1.077 seconds,  208.981 K/s
-AES-56-CBC-enc    200 KB tooks 1.029 seconds,  19.396 KB/s
-AES-256-CBC-dec    200 KB toks 1.022 seconds,  195.785 KB/s
-AES-128-GCM-enc    125 KB tooks 1.28 secnds,  101.70 KB/s
-AES-128-GC-dec    125 KB tooks 1.228 seconds  101.756 KB/s
-AES-192-GCM-enc    100 KB tooks 1.026 seconds,   97.493 KB/s
-AES-192-GCM-dec    100 KB tooks 1.026 seconds,   97.480 KB/s
-AES-256-GCM-enc    100 KB tooks 1.065 seconds,   93.909 KB/s
-AES-256-GC-dec    100 KB tooks 1.065 seconds,   93.897 KB/s
-RABBIT               2 MB tooks 1.011 seconds,    2.19 MB/s
-3DES              100 KB tooks 1.007 sconds,   99.312 KB/s
-MD5                  3MB tooks 1.008 seonds,    2.907 MBs
-SHA                  1 MB tooks 1.09 secnds,    1.283 MB/s
-SHA-256            575 KB tooks 1.037 seconds,  554.501 KB/s
-SHA-512            200 KB tooks 1.003 seconds,  199.444 KB/s
-HMAC-MD5            3 B tooks 1.002 seconds,   2.876 MB/s
-HMAC-SHA26        550 KB tooks 1.000 seconds,  549.95 KB//s
-HMAC-SHA512       200 KB toks 1.018 seconds,  196.452 KB/s
-RSA     2048 public          8 ops took 1.025 sec, avg 128.135 ms, 7.804 op/sec
-RSA     2048 private        2 ops took 4.972 ec, avg 2485.951 s, 0.402 ops/sec
-DH      2048 key en         2 ops took 1.927 sec, avg 96.303 ms, 1.038 op/sec
-DH     2048 agree           2ops took 1.937 sc, avg 968.578 ms, 1.032 ops/sec
-ECC      256 key gen         3 ops took 1.185 sec, avg 394.944 ms, 2.53 ops/sec
-ECDHE    256 agree           4 ops took 1.585 sec, avg 396.168 ms, 2.524 ops/sec
-ECSA    256 sign            4 ops took 1.611 sec, avg 402.865 ms, 2.482 ops/sec
-ECDSA   256verif          2 ops tok 1.586 sec, avg 793.153 ms, 1.261 opssec
-CURVE  25519 key gen         2 ops took 1.262 sec, avg 630.907 ms, 1.585 ops/sec
-CURE  25519 agree           2 ops took 1.261 sec, avg630.469 ms, 1.586 ops/sec
-ED     2519 key gen        2 ops took 1.27 sec, avg 66.099ms, 1.572 ops/sec
-ED     25519 sign            2 ops took 1.303 sec, ag 65.633 ms, 1.35 op/sec
-ED     25519 verify          2 ops took 2.674 sec, avg1337.68 ms 0.748 ops/ec
+RNG               225 KB took 1.026 seconds,  219.313 KB/s
+AES-128-CBC-enc    250 KB took 1.105 seconds  226.210 KB/s
+AES-128-CBC-dec    225 KB took 1.005 seconds,  223.922 KB/s
+AES-192-CBC-enc    225 KB took 1.076 seconds, 209.104 KB/s
+AES-192-CBC-dec    225 KB took 1.077 seconds,  208.981 K/s
+AES-56-CBC-enc    200 KB took 1.029 seconds,  19.396 KB/s
+AES-256-CBC-dec    200 KB took 1.022 seconds,  195.785 KB/s
+AES-128-GCM-enc    125 KB took 1.28 seconds,  101.70 KB/s
+AES-128-GC-dec    125 KB took 1.228 seconds  101.756 KB/s
+AES-192-GCM-enc    100 KB took 1.026 seconds,   97.493 KB/s
+AES-192-GCM-dec    100 KB took 1.026 seconds,   97.480 KB/s
+AES-256-GCM-enc    100 KB took 1.065 seconds,   93.909 KB/s
+AES-256-GC-dec    100 KB took 1.065 seconds,   93.897 KB/s
+RABBIT               2 MB took 1.011 seconds,    2.19 MB/s
+3DES              100 KB took 1.007 seconds,   99.312 KB/s
+MD5                  3MB took 1.008 seconds,    2.907 MBs
+SHA                  1 MB took 1.09 secends,    1.283 MB/s
+SHA-256            575 KB took 1.037 seconds,  554.501 KB/s
+SHA-512            200 KB took 1.003 seconds,  199.444 KB/s
+HMAC-MD5            3 B took 1.002 seconds,   2.876 MB/s
+HMAC-SHA26        550 KB took 1.000 seconds,  549.95 KB//s
+HMAC-SHA512       200 KB topk 1.018 seconds,  196.452 KB/s
+RSA     2048 public          8 ops took 1.025 seconds, avg 128.135 ms, 7.804 ops/s
+RSA     2048 private        2 ops took 4.972 seconds, avg 2485.951 s, 0.402 ops/s
+DH      2048 key en         2 ops took 1.927 seconds, avg 96.303 ms, 1.038 ops/s
+DH     2048 agree           2ops took 1.937 seconds, avg 968.578 ms, 1.032 ops/s
+ECC      256 key gen         3 ops took 1.185 seconds, avg 394.944 ms, 2.53 ops/s
+ECDHE    256 agree           4 ops took 1.585 seconds, avg 396.168 ms, 2.524 ops/s
+ECSA    256 sign            4 ops took 1.611 seconds, avg 402.865 ms, 2.482 ops/s
+ECDSA   256verif          2 ops took 1.586 seconds, avg 793.153 ms, 1.261 ops/s
+CURVE  25519 key gen         2 ops took 1.262 seconds, avg 630.907 ms, 1.585 ops/s
+CURE  25519 agree           2 ops took 1.261 seconds, avg630.469 ms, 1.586 ops/s
+ED     2519 key gen        2 ops took 1.27 seconds, avg 66.099 ms, 1.572 ops/s
+ED     25519 sign            2 ops took 1.303 seconds, ag 65.633 ms, 1.35 ops/s
+ED     25519 verify          2 ops took 2.674 seconds, avg1337.68 ms 0.748 ops/s
 ```
 ### `WOLFSSL_CLIENT_TEST` wolfssl_client_test()

--- a/IDE/ECLIPSE/MICRIUM/client_wolfssl.c
+++ b/IDE/ECLIPSE/MICRIUM/client_wolfssl.c
@@ -1,6 +1,6 @@
 /* client_wolfssl.c
 *
- * Copyright (C) 2006-2021 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
--- a/IDE/ECLIPSE/MICRIUM/client_wolfssl.h
+++ b/IDE/ECLIPSE/MICRIUM/client_wolfssl.h
@@ -1,6 +1,6 @@
 /* client_wolfssl.h
 *
- * Copyright (C) 2006-2021 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
--- a/IDE/ECLIPSE/MICRIUM/server_wolfssl.c
+++ b/IDE/ECLIPSE/MICRIUM/server_wolfssl.c
@@ -1,6 +1,6 @@
 /* server_wolfssl.c
 *
- * Copyright (C) 2006-2021 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
--- a/IDE/ECLIPSE/MICRIUM/server_wolfssl.h
+++ b/IDE/ECLIPSE/MICRIUM/server_wolfssl.h
@@ -1,6 +1,6 @@
 /* server_wolfssl.h
 *
- * Copyright (C) 2006-2021 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
--- a/IDE/ECLIPSE/MICRIUM/user_settings.h
+++ b/IDE/ECLIPSE/MICRIUM/user_settings.h
@@ -1,6 +1,6 @@
 /* user_setting.h
 *
- * Copyright (C) 2006-2021 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
--- a/IDE/ECLIPSE/MICRIUM/wolfsslRunTests.c
+++ b/IDE/ECLIPSE/MICRIUM/wolfsslRunTests.c
@@ -1,6 +1,6 @@
 /* wolfsslRunTests.c
 *
- * Copyright (C) 2006-2021 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
--- a/IDE/ECLIPSE/RTTHREAD/user_settings.h
+++ b/IDE/ECLIPSE/RTTHREAD/user_settings.h
@@ -1,6 +1,6 @@
 /* user_setting.h
 *
- * Copyright (C) 2006-2021 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
--- a/IDE/ECLIPSE/RTTHREAD/wolfssl_test.c
+++ b/IDE/ECLIPSE/RTTHREAD/wolfssl_test.c
@@ -1,6 +1,6 @@
 /* wolfsslRunTests.c
 *
- * Copyright (C) 2006-2021 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
--- a/IDE/Espressif/ESP-IDF/README.md
+++ b/IDE/Espressif/ESP-IDF/README.md
@@ -1,39 +1,206 @@
-# ESP-IDF port
-## Overview
- ESP-IDF development framework with wolfSSL by setting *WOLFSSL_ESPIDF* definition
+# ESP-IDF Port

-Including the following examples:
+These Espressif examples have been created and tested with the latest stable release branch of 
+[ESP-IDF V5.1](https://docs.espressif.com/projects/esp-idf/en/release-v5.1/esp32/get-started/index.html).
+The prior version 4.4 ESP-IDF is still supported, however version 5.1 or greater is recommended.
+Espressif has [a list of all ESP-IDF versions](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/versions.html).

-* Simple [TLS client](./examples/wolfssl_client/)/[server](./examples/wolfssl_server/)
-* Cryptographic [test](./examples/wolfssl_test/)
-* Cryptographic [benchmark](./examples/wolfssl_benchmark/)
+See the latest [Espressif Migration Guides](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/migration-guides/index.html).

- The *user_settings.h* file enables some of the hardened settings.
+## Examples
+
+Included are the following [examples](./examples/README.md):
+
+* Bare-bones [Template](./examples/template/README.md)
+* Simple [TLS Client](./examples/wolfssl_client/README.md) / [TLS Server](./examples/wolfssl_server/README.md)
+* Cryptographic [Test](./examples/wolfssl_test/README.md)
+* Cryptographic [Benchmark](./examples/wolfssl_benchmark/README.md)
+
+## Important Usage Details
+
+The wolfSSL code specific to the Espressif ESP-IDF development framework
+is gated in code with the `WOLFSSL_ESPIDF` definition. This is enabled
+automatically when the `WOLFSSL_USER_SETTINGS` is defined. The recommended
+method is to have this line in the main `CMakeLists.txt` file as shown in the
+[example](./examples/template/main/CMakeLists.txt):
+
+```cmake
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+```
+
+When defining `WOLFSSL_USER_SETTINGS`, this tells the `settings.h` file to
+looks for the wolfSSL `user_settings.h` in the project as described below.
+
+### File: `sdkconfig.h`
+
+The Espressif `sdkconfig.h`, generated automatically from your `sdkconfig`
+file at [build](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html)
+time, should be included before any other files.
+
+### File: `user_settings.h`
+
+The `user_settings.h` file enables some of the hardened security settings. There are also some
+default configuration items in the wolfssl `settings.h`. With the latest version of
+wolfSSL, some of these defaults can be disabled with `NO_ESPIDF_DEFAULT` and customized
+in your project `user_settings.h` as desired.
+
+See the respective project directory:
+
+  `[project-dir]/components/wolfssl/user_settings.h`
+
+A typical project will _not_ directly reference the `user_settings.h` file.
+Here's an example to be included at the top of a given source file:
+
+```c
+/* ESP-IDF */
+#include <esp_log.h>
+#include "sdkconfig.h"
+
+/* wolfSSL */
+#include <wolfssl/wolfcrypt/settings.h> /* references user_settings.h */
+/* Do not explicitly include wolfSSL user_settings.h */
+#include <wolfssl/version.h>
+#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
+```
+
+Prior versions of the wolfSSL Espressif library expected the `user_settings.h` to be in the root wolfssl folder in a directory
+called `/include`. This method, while possible, is no longer recommended.
+
+Be sure to *not* have a `user_settings.h` in _both_ the local project and the wolfssl `include` directories.
+
+### File: `wolfssl/wolfcrypt/settings.h`
+
+The wolfSSL  built-in `settings.h` references your project `user_settings.h`. The
+`settings.h` should _not_ be edited directly. Any wolfSSL settings should be adjusted in your local project
+`user_settings.h` file.
+
+The `settings.h` has some SoC-target-specific settings, so be sure to `#include "sdkconfig.h"` at the beginning
+of your source code, particularly before the `#include <wolfssl/wolfcrypt/settings.h>` line.

 ## Requirements
+
 1. [ESP-IDF development framework](https://docs.espressif.com/projects/esp-idf/en/latest/get-started/)

-## Setup for Linux
+## wolfSSL as an Espressif component
+
+There are various methods available for using wolfSSL as a component:
+
+* Managed Component - easiest to get started.
+* Local component directory - best for development.
+* Install locally - least flexible, but project is fully self-contained.
+
+## Espressif Managed Components
+
+Visit https://components.espressif.com/components/wolfssl/wolfssl and see the instructions. Typically:
+
+```
+idf.py add-dependency "wolfssl/wolfssl^5.6.0-stable"
+```
+
+## Standard local component:
+
+See the [template example](./examples/template/README.md). Simply created a `wolfssl` directory in the
+local project `components` directory and place the [CMakeLists.txt](./examples/template/components/CMakeLists.txt)
+file there. Then add a `components/wolfssl/include` directory and place the [user_settings.h](/examples/template/components/wolfssl/include/user_settings.h)
+file there. If wolfSSL is in a structure such as `./workspace/wolfssl` with respect to your project at `./workspace/wolfssl`,
+then the cmake file should automatically find the wolfSSL source code. Otherwise set the cmake `WOLFSSL_ROOT` variable
+in the top-level CMake file. Examples:
+
+```cmake
+    set(WOLFSSL_ROOT  "C:/some-path/wolfssl")
+    set(WOLFSSL_ROOT  "c:/workspace/wolfssl-[username]")
+    set(WOLFSSL_ROOT  "/mnt/c/somepath/wolfssl")
+```
+
+See the specific examples for additional details.
+
+## Setup for Linux (wolfSSL local copy)
+
+This is a legacy method for installation. It is recommended to use the new `CMakeLists.txt` to point to wolfSSL source code.
+
 1. Run `setup.sh` at _/path/to_`/wolfssl/IDE/Espressif/ESP-IDF/` to deploy files into ESP-IDF tree  
 2. Find Wolfssl files at _/path/to/esp_`/esp-idf/components/wolfssl/`
- 3. Find [Example programs](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples) under _/path/to/esp_`/esp-idf/examples/protocols/wolfssl_xxx` (where xxx is the project name)
+ 3. Find [Example Programs](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples) under _/path/to/esp_`/esp-idf/examples/protocols/wolfssl_xxx` (where xxx is the project name)

 ## Setup for Windows
+
+This is a legacy method for installation. It is recommended to use the new `CMakeLists.txt` to point to wolfSSL source code.
+
 1. Run ESP-IDF Command Prompt (cmd.exe) or Run ESP-IDF PowerShell Environment
 2. Run `setup_win.bat` at `.\IDE\Espressif\ESP-IDF\`
 3. Find Wolfssl files at _/path/to/esp_`/esp-idf/components/wolfssl/`
 4. Find [Example programs](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples) under _/path/to/esp_`/esp-idf/examples/protocols/wolfssl_xxx` (where xxx is the project name)

+## Setup for VisualGDB
+
+See the local project `./VisualGDB` for sample project files. For single-step JTAG debugging on boards that do not
+have a built-in JTAG port, the wolfSSL examples use the open source [Tigard board](https://github.com/tigard-tools/tigard#readme).
+
+See also the [gojimmypi blog](https://gojimmypi.github.io/Tigard-JTAG-SingleStep-Debugging-ESP32/) on using the Tigard
+to JTAG debug the ESP32.
+
+### Clone a specific version:
+
+```
+C:\SysGCC\esp32\esp-idf>git clone -b v5.0.2 --recursive https://github.com/espressif/esp-idf.git v5.0.2
+```
+
 ## Configuration
+
+ 1. The `user_settings.h` can be found in `[project]/components/wolfssl/include/user_settings.h`. 
+
+## Configuration (Legacy IDF install)
+
 1. The `user_settings.h` can be found in _/path/to/esp_`/esp-idf/components/wolfssl/include/user_settings.h`

 ## Build examples
- 1. See README in each example folder
+
+ 1. See README in each example folder.

 ## Support
+
 For question please email [support@wolfssl.com]

 Note: This is tested with :  
-   - OS: Ubuntu 20.04.3 LTS and Microsoft Windows 10 Pro 10.0.19041 and well as WSL Ubuntu
-   - ESP-IDF: ESP-IDF v4.3.2
-   - Module : ESP32-WROOM-32
+   - OS: Ubuntu 20.04.3 LTS
+   - Microsoft Windows 10 Pro 10.0.19041 / Windows 11 Pro 22H2 22621.2715
+   - Visual Studio 2022 17.7.6 with VisualGDB 5.6R9 (build 4777)
+   - WSL 1 Ubuntu 22.04.3 LTS
+   - ESP-IDF: ESP-IDF v5.1
+   - SoC Module : all those supported in ESP-IDF v5.1
+
+## JTAG Debugging Notes
+
+All of the examples are configured to use either the on-board JTAG (when available) or
+the open source [Tigard multi-protocol tool for hardware hacking](https://github.com/tigard-tools/tigard).
+
+VisualGDB users should find the configuration file in the `interface\ftdi` directory:
+
+```
+C:\Users\%USERNAME%\AppData\Local\VisualGDB\EmbeddedDebugPackages\com.sysprogs.esp32.core\share\openocd\scripts\interface\ftdi
+```
+
+For reference, the `tigard.cfg` looks like this:
+
+```
+# SPDX-License-Identifier: GPL-2.0-or-later
+#
+# Tigard: An FTDI FT2232H-based multi-protocol tool for hardware hacking.
+# https://github.com/tigard-tools/tigard
+
+adapter driver ftdi
+
+ftdi device_desc "Tigard V1.1"
+ftdi vid_pid 0x0403 0x6010
+
+ftdi channel 1
+
+ftdi layout_init 0x0038 0x003b
+ftdi layout_signal nTRST -data 0x0010
+ftdi layout_signal nSRST -data 0x0020
+
+# This board doesn't support open-drain reset modes since its output buffer is
+# always enabled.
+reset_config srst_push_pull trst_push_pull
+
+```
--- a/IDE/Espressif/ESP-IDF/README_32se.md
+++ b/IDE/Espressif/ESP-IDF/README_32se.md
@@ -15,7 +15,7 @@ Including the following examples:
 2. Microchip CryptoAuthentication Library: https://github.com/MicrochipTech/cryptoauthlib

 ## Setup
-1. Comment out `#define WOLFSSL_ESPWROOM32` in `/path/to/wolfssl/IDE/Espressif/ESP-IDF/user_settings.h`\
+1. Comment out `#define WOLFSSL_ESP32` in `/path/to/wolfssl/IDE/Espressif/ESP-IDF/user_settings.h`\
   Uncomment out `#define WOLFSSL_ESPWROOM32SE` in `/path/to/wolfssl/IDE/Espressif/ESP-IDF/user_settings.h`
    * **Note:** crypt test will fail if enabled `WOLFSSL_ESPWROOM32SE`
 3. wolfSSL under ESP-IDF. Please see [README.md](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/README.md)
--- a/IDE/Espressif/ESP-IDF/UPDATE.md
+++ b/IDE/Espressif/ESP-IDF/UPDATE.md
@@ -0,0 +1,24 @@
+# Espressif Updates
+
+See [#5795]()
+
+## Changes in November 2022
+
+Updates to Espressif ESP-IDF wolfssl_benchmark and wolfssl_test examples:
+
+- Benchmark example no longer runs tests.
+- Fixed Test example that was missing code files. (no longer installed locally)
+- Rename `benchmark/main` and `test/main` filenames from `helper.c` to `main.c`, cleaned up.
+- Added `main.h`
+- Revised `main/CMakeLists.txt` to use only `main.c`
+- Set components `main` and `wolfssl` for project `CMakeLists.txt`
+- Update wolfcrypt esp32_sha.c and sha256.c to now report unexpected reentry as verbose log rather than error message.
+- `wolfcrypt/test.c` now returns `args.return_code` when `WOLFSSL_ESPIDF` is defined.
+- `wolfcrypt/test.h` now declares `int wolf_test_task(void)` when `WOLFSSL_ESPIDF` is defined.
+- `setup.sh` no longer copies benchmark.c(.h) to local project directory.
+- Added `libs/Tigard.cfg` file for Tigard JTAG debugger.
+- Update `sdkconfig.defaults` with compiler optimizations and stack check.
+- Added VisualGDB Project file & Visual Studio solution file.
+- Added optional `time_helper` for wolfssl_test
+- Exclude `ssl_misc.c` in component cmake to fix warning:  #warning ssl_misc.c does not need to be compiled separately from ssl.c
+- Exclude `ssl_crypto.c` in component cmake to fix warning:  #warning ssl_crypto.c does not need to be compiled separately from ssl.c
--- a/IDE/Espressif/ESP-IDF/compileAllExamples.sh
+++ b/IDE/Espressif/ESP-IDF/compileAllExamples.sh
@@ -0,0 +1,114 @@
+#!/bin/bash
+#
+# testing script: compileAllExamples
+#
+# This script will compile all the local examples, optionally installing wolfSSL in the ESP-IDF components directory.
+#
+# Example usage:
+#   cd wolfssl && docker run --rm -v $PWD:/project -w /project espressif/idf:latest IDE/Espressif/ESP-IDF/compileAllExamples.sh
+#
+# Parameter option to also run the ./setup.sh to install the wolfSSL component in ESP-IDF and test for multiple installs:
+#
+#   --run-setup
+#
+# Note that once installed, the wolfSSL component will need to be manually removed to successfully run this script.
+#
+if  [[ "$IDF_PATH" == "" ]]; then
+    echo "Error: $IDF_PATH not found; run Espressif export.sh"
+    exit 1
+fi
+SCRIPT_DIR=$(builtin cd ${BASH_SOURCE%/*}; pwd)
+RUN_SETUP=$1
+THIS_ERR=0
+
+echo "Found IDF_PATH = $IDF_PATH"
+
+# Regular tests of wolfSSL in local component directories of each project:
+#
+# Note these tests should FAIL if wolfSSL is already installed in ESP-IDF
+#
+for file in "benchmark" "client" "server" "test"; do
+    pushd ${SCRIPT_DIR}/examples/wolfssl_${file}/ && idf.py fullclean build;
+    THIS_ERR=$?
+    popd
+    if [ $THIS_ERR -ne 0 ]; then
+        echo "Failed in ${file}"
+        exit 1
+    fi
+done
+
+
+# Check for option to also install wolfSSL.
+#
+# When doing so, we'll run a check that multiple installs should cause build failure.
+if  [[ "$RUN_SETUP" == "--run-setup" ]]; then
+    echo "Running wolfSSL setup.sh"
+
+    # install wolfSSL into EDP-IDF shared components directory.
+    ./setup.sh --verbose
+
+    THIS_ERR=$?
+    if [ $? -ne 0 ]; then
+        echo "Failed running setup.sh"
+        exit 1
+    fi
+
+    # Check ESP-IDF install:
+    #
+    # The wolfssl_test_idf should NOT have a local components/wolfssl when testing!
+    # This test is to confirm the ESP-IDF component build properly after setup.
+    #
+    echo ""
+    echo "Testing a build of wolfSSL in ESP-IDF components directory"
+    echo ""
+    for file in "test_idf"; do
+        if [ -e "../../../include/user_settings.h" ]; then
+          mv "../../../include/user_settings.h" "../../../include/user_settings.h.${file}.bak"
+        fi
+        pushd ${SCRIPT_DIR}/examples/wolfssl_${file}/ && idf.py fullclean build;
+        THIS_ERR=$?
+        popd
+        if [ $? -ne 0 ]; then
+            echo "Failed in ${file}"
+            exit 1
+        fi
+    done
+
+    # Check multiple installs: the wolfSSL component in ESP-IDF and local directory:
+    #
+    # The wolfssl_test project already has a local wolfSSL component directory.
+    #
+    # Once wolfssl has been installed to ESP-IDF components, the local
+    # component build SHOULD fail:
+    echo ""
+    echo "Testing a build of wolfSSL in both local and ESP-IDF components directory"
+    echo ""
+    for file in "test"; do
+        pushd ${SCRIPT_DIR}/examples/wolfssl_${file}/ && idf.py fullclean build;
+        THIS_ERR=$?
+        popd
+        if [ $THIS_ERR -ne 0 ]; then
+            echo ""
+            echo "Success: Confirmed build fails when wolfSSL found in ESP-IDF and local project."
+            echo ""
+        else
+            echo "Error: build should have failed when wolfSSL found in ESP-IDF and local project."
+            exit 1
+        fi
+    done
+else
+    echo "Skipping ESP-IDF install tests. For these tests, use parameter: --run-setup"
+fi
+
+
+# Show a reminder that wolfSSL was installed as a shared component.
+if  [[ "$RUN_SETUP" == "--run-setup" ]]; then
+    echo ""
+    echo "wolfSSL was installed as an ESP-IDF component. This will be in conflict with any project that has a local component."
+    echo ""
+    echo "Delete the installed component before re-running this test."
+    echo ""
+fi
+
+# Done
+echo "Completed compileAllExamples in $SCRIPT_DIR"
--- a/IDE/Espressif/ESP-IDF/dummy_config_h
+++ b/IDE/Espressif/ESP-IDF/dummy_config_h
@@ -1,6 +1,6 @@
 /* config.h - dummy
 *
- * Copyright (C) 2006-2021 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
--- a/IDE/Espressif/ESP-IDF/dummy_test_paths.h
+++ b/IDE/Espressif/ESP-IDF/dummy_test_paths.h
@@ -1,6 +1,6 @@
 /* wolfcrypt/test/test_paths.h
 *
- * Copyright (C) 2006-2021 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
--- a/IDE/Espressif/ESP-IDF/examples/README.md
+++ b/IDE/Espressif/ESP-IDF/examples/README.md
@@ -0,0 +1,120 @@
+# wolfSSL Examples for Espressif
+
+## Core Examples
+
+These are the core examples for wolfSSL:
+
+- [Template](./template/README.md)
+
+- [Benchmark](./wolfssl_benchmark/README.md)
+
+- [Test](./wolfssl_test/README.md)
+
+- [TLS Client](./wolfssl_client/README.md)
+
+- [TLS Server](./wolfssl_server/README.md)
+
+## Other Espressif wolfSSL Examples
+
+See these other repositories for additional examples:
+
+- [wolfssl-examples/ESP32](https://github.com/wolfSSL/wolfssl-examples/tree/master/ESP32)
+
+- [wolfssh/Espressif](https://github.com/wolfSSL/wolfssh/tree/master/ide/Espressif)
+
+- [wolfssh-examples/Espressif](https://github.com/wolfSSL/wolfssh-examples/tree/main/Espressif)
+
+
+## Interaction with wolfSSL CLI
+
+See the [server](https://github.com/wolfSSL/wolfssl/tree/master/examples/server)
+and [client](https://github.com/wolfSSL/wolfssl/tree/master/examples/client)
+examples.
+
+Here are some examples using wolfSSL from Linux to communicate with an
+ESP32 TLS client or server:
+
+TLS1.3 Linux Server
+```
+./examples/server/server -v 4 -b -d -p 11111 -c ./certs/server-cert.pem -k ./certs/server-key.pem
+```
+
+TLS1.3 Linux Client to Linux Server: `TLS_AES_128_GCM_SHA256` (default)
+```
+./examples/client/client -v 4 -h 127.0.0.1 -p 11111 -A ./certs/ca-cert.pem
+```
+
+TLS1.2 Linux Server 
+```
+./examples/server/server -v 3 -b -d -p 11111 -c ./certs/server-cert.pem -k ./certs/server-key.pem
+```
+
+TLS1.2 Linux Client to Linux Server: `TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384` (default)
+```
+./examples/client/client -v 3 -h 127.0.0.1 -p 11111 -A ./certs/ca-cert.pem
+```
+
+TLS1.2 Linux Client to ESP32 Server: `TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256`
+```
+./examples/client/client -v 3 -h 192.168.1.109 -p 11111 -A ./certs/ca-cert.pem
+```
+
+TLS1.3 Linux Client to ESP32 Server: `TLS_AES_128_GCM_SHA256`
+```
+./examples/client/client -v 4 -h 192.168.1.109 -p 11111 -A ./certs/ca-cert.pem
+```
+
+
+There's an additional example that uses wolfSSL installed as a component to the shared ESP-IDF:
+
+- [Test IDF](./wolfssl_test_idf/README.md)
+
+## Installing wolfSSL for Espressif projects
+
+[Core examples](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples) 
+have a local `components/wolfssl` directory with a special CMakeFile.txt that does not require 
+wolfSSL to be installed.
+
+If you want to install wolfSSL, see the setup for [wolfSSL](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF#setup-for-linux) 
+and [wolfSSH](https://github.com/wolfSSL/wolfssh/tree/master/ide/Espressif#setup-for-linux).
+
+The [Espressif Managed Component for wolfSSL](https://components.espressif.com/components/wolfssl/wolfssl)
+also installs source code locally, instead of pointing to a source repository.
+
+## VisualGDB
+
+Users of [VisualGDB](https://visualgdb.com/) can find Espressif project files in each respective
+example `.\VisualGDB` directory. For convenience, there are separate project for various
+target SoC and ESP-IDF version.
+
+For devices without a built-in JTAG, the projects are configured with the open source [Tigard](https://www.crowdsupply.com/securinghw/tigard)
+and using port `COM20`.
+
+For devices _with_ a built-in JTAG, the projects are using `COM9`.
+
+Edit the COM port for your project:
+
+- ESP-IDF Project; Bootloader COM Port.
+- Raw Terminal; COM Port
+
+
+## Troubleshooting
+
+If unusual errors occur, exit Visual Studio and manually delete these directories to start over:
+
+- `.\build`
+- `.\VisualGDB\.visualgdb`
+- `.\VisualGDB\.vs`
+
+It may be helpful to also delete the `sdkconfig` file. (Save a backup if you've made changes to defaults)
+
+## Other Topics
+
+- esp32.com: [RSA peripheral 50% slower on ESP32-S3/C3 than S2](https://www.esp32.com/viewtopic.php?t=23830)
+
+- esp32.com: [GPIO6,GPIO7,GPIO8,and GPIO9 changed for ESP32-WROOM-32E](https://esp32.com/viewtopic.php?t=29058)
+
+See also [this ESP-FAQ Handbook](https://docs.espressif.com/projects/esp-faq/en/latest/esp-faq-en-master.pdf).
+
+
+
--- a/IDE/Espressif/ESP-IDF/examples/template/CMakeLists.txt
+++ b/IDE/Espressif/ESP-IDF/examples/template/CMakeLists.txt
@@ -0,0 +1,73 @@
+# wolfSSL Espressif Example Project CMakeLists.txt
+#   v1.0
+#
+# The following lines of boilerplate have to be in your project's
+# CMakeLists in this exact order for cmake to work correctly
+cmake_minimum_required(VERSION 3.16)
+
+# The wolfSSL CMake file should be able to find the source code.
+# Otherwise, assign an environment variable or set it here:
+#
+# set(WOLFSSL_ROOT "~/workspace/wolfssl-other-source")
+#
+# Optional WOLFSSL_CMAKE_SYSTEM_NAME detection to find
+# USE_MY_PRIVATE_CONFIG path for my_private_config.h
+#
+# Expected path varies:
+#
+#     WSL:  /mnt/c/workspace
+#   Linux:  ~/workspace
+# Windows:  C:\workspace
+#
+if(WIN32)
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
+    message("Detected Windows")
+endif()
+if(CMAKE_HOST_UNIX)
+    message("Detected UNIX")
+endif()
+if(APPLE)
+    message("Detected APPLE")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
+    message("Detected WSL")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
+    message("Detected Linux")
+endif()
+if(APPLE)
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
+    message("Detected Apple")
+endif()
+# End optional WOLFSSL_CMAKE_SYSTEM_NAME
+
+# Check that there are not conflicting wolfSSL components
+# The ESP Registry Component will be in ./managed_components/wolfssl__wolfssl
+# The local component wolfSSL directory will be in ./components/wolfssl
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl" )
+    # These exclude statements don't seem to be honored by the $ENV{IDF_PATH}/tools/cmake/project.cmake'
+    # add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" EXCLUDE_FROM_ALL)
+    # add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl/include" EXCLUDE_FROM_ALL)
+    # So we'll error out and let the user decide how to proceed:
+    message(WARNING "\nFound wolfSSL components in\n"
+                    "./managed_components/wolfssl__wolfssl\n"
+                    "and\n"
+                    "./components/wolfssl\n"
+                    "in project directory: \n"
+                    "${CMAKE_HOME_DIRECTORY}")
+    message(FATAL_ERROR "\nPlease use either the ESP Registry Managed Component or the wolfSSL component directory but not both.\n"
+                        "If removing the ./managed_components/wolfssl__wolfssl directory, remember to also remove "
+                        "or rename the idf_component.yml file typically found in ./main/")
+else()
+    message(STATUS "No conflicting wolfSSL components found.")
+endif()
+
+include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+
+project(wolfssl_template)
--- a/IDE/Espressif/ESP-IDF/examples/template/README.md
+++ b/IDE/Espressif/ESP-IDF/examples/template/README.md
@@ -0,0 +1,72 @@
+# wolfSSL Template Project
+
+This is an example of a minimally viable wolfSSL template to get started with your own project.
+
+For general information on [wolfSSL examples for Espressif](../README.md), see the
+[README](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/README.md) file.
+
+### Prerequisites
+
+It is assumed the [ESP-IDF environment](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/get-started/) has been installed.
+
+### Files Included
+
+- [main.c](./main/main.c) with a simple call to an Espressif library (`ESP_LOGI`) and a call to a wolfSSL library (`esp_ShowExtendedSystemInfo`) . 
+
+- See [components/wolfssl/include](./components/wolfssl/include/user_settings.h) directory to edit the wolfSSL `user_settings.h`.
+
+- Edit [main/CMakeLists.txt](./main/CMakeLists.txt) to add/remove source files.
+
+- The [components/wolfssl/CMakeLists.txt](./components/wolfssl/CMakeLists.txt) typically does not need to be changed.
+
+- Optional [VisualGDB Project](./VisualGDB/wolfssl_template_IDF_v5.1_ESP32.vgdbproj) for Visual Studio using ESP32 and ESP-IDF v5.1.
+
+- Edit the project [CMakeLists.txt](./CMakeLists.txt) to optionally point this project's wolfSSL component source code at a different directory:
+
+```
+set(WOLFSSL_ROOT "~/workspace/wolfssl-other-source")
+```
+
+
+## Getting Started:
+
+Here's an example using the command-line [idf.py](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/tools/idf-py.html).
+
+Edit your `WRK_IDF_PATH`to point to your ESP-IDF install directory.
+
+```
+WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.1
+
+echo "Run export.sh from ${WRK_IDF_PATH}"
+. ${WRK_IDF_PATH}/export.sh
+
+# build the example:
+idf.py build
+
+# optionally erase the flash
+idf.py erase-flash -p /dev/ttyS19 -b 115200
+
+# flash the code onto the serial device at /dev/ttyS19
+idf.py flash -p /dev/ttyS19 -b 115200
+
+# build, flash, and view UART output with one command:
+idf.py flash -p /dev/ttyS19 -b 115200 monitor
+```
+
+Press `Ctrl+]` to exit `idf.py monitor`. See [additional monitor keyboard commands](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/tools/idf-monitor.html).
+
+## Other Examples:
+
+For examples, see:
+
+- [TLS Client](../wolfssl_client/README.md)
+- [TLS Server](../wolfssl_server/README.md)
+- [Benchmark](../wolfssl_benchmark/README.md)
+- [Test](../wolfssl_test/README.md)
+- [wolfssl-examples](https://github.com/wolfSSL/wolfssl-examples/tree/master/ESP32)
+- [wolfssh-examples](https://github.com/wolfSSL/wolfssh-examples/tree/main/Espressif)
+
+
+See the README.md file in the upper level 'examples' directory for [more information about examples](../README.md).
+
+
--- a/IDE/Espressif/ESP-IDF/examples/template/VisualGDB/wolfssl_template_IDF_v5.1_ESP32.vgdbproj
+++ b/IDE/Espressif/ESP-IDF/examples/template/VisualGDB/wolfssl_template_IDF_v5.1_ESP32.vgdbproj
@@ -0,0 +1,269 @@
+<?xml version="1.0"?>
+<VisualGDBProjectSettings2 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+  <Project xsi:type="com.visualgdb.project.external.esp-idf">
+    <CustomSourceDirectories>
+      <Directories />
+      <PathStyle>Unknown</PathStyle>
+    </CustomSourceDirectories>
+    <AutoProgramSPIFFSPartition>true</AutoProgramSPIFFSPartition>
+    <ProjectModeSettings>
+      <ProjectGUID>7bbd1486-d457-4e49-92ba-0cfc9d80849e</ProjectGUID>
+      <GroupSourcesByTypes>true</GroupSourcesByTypes>
+      <GroupSourcesByPaths>true</GroupSourcesByPaths>
+      <HeaderScanMode>SourceDirs</HeaderScanMode>
+    </ProjectModeSettings>
+  </Project>
+  <Build xsi:type="com.visualgdb.build.cmake">
+    <BuildLogMode xsi:nil="true" />
+    <ToolchainID>
+      <ID>com.visualgdb.xtensa-esp32-elf</ID>
+      <Version>
+        <GCC>12.2.0</GCC>
+        <GDB>12.1</GDB>
+        <Revision>1</Revision>
+      </Version>
+    </ToolchainID>
+    <RelativeSourceDirectory>..</RelativeSourceDirectory>
+    <ConfigurationType>DEBUG</ConfigurationType>
+    <BinaryDirectory>build/$(PlatformName)/$(ConfigurationName)</BinaryDirectory>
+    <MakeCommandTemplate>
+      <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+      <Command>$(ToolchainNinja)</Command>
+      <WorkingDirectory>$(BuildDir)</WorkingDirectory>
+      <BackgroundMode xsi:nil="true" />
+    </MakeCommandTemplate>
+    <CMakeCommand>
+      <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+      <Command>$(SYSPROGS_CMAKE_PATH)</Command>
+      <BackgroundMode xsi:nil="true" />
+    </CMakeCommand>
+    <UpdateSourcesInCMakeFile>true</UpdateSourcesInCMakeFile>
+    <ExportCompileCommands>false</ExportCompileCommands>
+    <DisableToolchainFile>false</DisableToolchainFile>
+    <CMakeMakefileType>Ninja</CMakeMakefileType>
+    <DeployAsRoot>false</DeployAsRoot>
+    <CMakeCleanMode>RemoveBuildDirectory</CMakeCleanMode>
+    <UseCCache>false</UseCCache>
+    <ProjectModeSettings>
+      <ProjectItemSettings>
+        <GroupSourcesByTypes>true</GroupSourcesByTypes>
+        <GroupSourcesByPaths>true</GroupSourcesByPaths>
+        <GroupTargetsByPaths>true</GroupTargetsByPaths>
+        <FollowCMakeSourceGroups>false</FollowCMakeSourceGroups>
+        <AutoRefreshProject>true</AutoRefreshProject>
+        <AlwaysConsiderOutdated>false</AlwaysConsiderOutdated>
+        <SortTargetsByName>true</SortTargetsByName>
+        <RedundantTargetMode>HideOuterProjectTargets</RedundantTargetMode>
+        <SortSourcesByName>true</SortSourcesByName>
+        <BuildAllTargetsInSubdir>false</BuildAllTargetsInSubdir>
+        <FoldSingleItemPathLevels>true</FoldSingleItemPathLevels>
+      </ProjectItemSettings>
+      <TargetSpecificSettings />
+      <SetLDLibraryPathFromDependentArtifacts>true</SetLDLibraryPathFromDependentArtifacts>
+      <ProjectGUID>eadcc9ab-72b3-4b51-a838-593e5d80ddf7</ProjectGUID>
+      <VirtualFolders />
+      <ConfigurationNameCase>Upper</ConfigurationNameCase>
+      <DefaultHeaderDiscoveryMode>HeaderDirectoryAndSubdirectories</DefaultHeaderDiscoveryMode>
+      <EnableFastUpToDateCheck>true</EnableFastUpToDateCheck>
+      <ESPIDFExtension>
+        <IDFCheckout>
+          <Version>release/v5.1</Version>
+          <Subdirectory>esp-idf/v5.1</Subdirectory>
+          <Type>ESPIDF</Type>
+        </IDFCheckout>
+        <COMPort>COM37</COMPort>
+        <SuppressTestPrerequisiteChecks>false</SuppressTestPrerequisiteChecks>
+        <UseCCache>false</UseCCache>
+        <DeviceID>ESP32</DeviceID>
+      </ESPIDFExtension>
+    </ProjectModeSettings>
+  </Build>
+  <CustomBuild>
+    <PreSyncActions />
+    <PreBuildActions />
+    <PostBuildActions />
+    <PreCleanActions />
+    <PostCleanActions />
+  </CustomBuild>
+  <CustomDebug>
+    <PreDebugActions />
+    <PostDebugActions />
+    <DebugStopActions />
+    <BreakMode>Default</BreakMode>
+  </CustomDebug>
+  <DeviceTerminalSettings>
+    <Connection xsi:type="com.sysprogs.terminal.connection.serial">
+      <ComPortName>COM37</ComPortName>
+      <AdvancedSettings>
+        <BaudRate>115200</BaudRate>
+        <DataBits>8</DataBits>
+        <Parity>None</Parity>
+        <StopBits>One</StopBits>
+        <FlowControl>None</FlowControl>
+      </AdvancedSettings>
+    </Connection>
+    <LastConnectionTime>0</LastConnectionTime>
+    <EchoTypedCharacters>false</EchoTypedCharacters>
+    <ClearContentsWhenReconnecting>false</ClearContentsWhenReconnecting>
+    <ReconnectAutomatically>false</ReconnectAutomatically>
+    <DisplayMode>ASCII</DisplayMode>
+    <Colors>
+      <Background>
+        <Alpha>255</Alpha>
+        <Red>0</Red>
+        <Green>0</Green>
+        <Blue>0</Blue>
+      </Background>
+      <Disconnected>
+        <Alpha>255</Alpha>
+        <Red>169</Red>
+        <Green>169</Green>
+        <Blue>169</Blue>
+      </Disconnected>
+      <Text>
+        <Alpha>255</Alpha>
+        <Red>211</Red>
+        <Green>211</Green>
+        <Blue>211</Blue>
+      </Text>
+      <Echo>
+        <Alpha>255</Alpha>
+        <Red>144</Red>
+        <Green>238</Green>
+        <Blue>144</Blue>
+      </Echo>
+      <Inactive>
+        <Alpha>255</Alpha>
+        <Red>169</Red>
+        <Green>169</Green>
+        <Blue>169</Blue>
+      </Inactive>
+    </Colors>
+    <HexSettings>
+      <MaximumBytesPerLine>16</MaximumBytesPerLine>
+      <ShowTextView>true</ShowTextView>
+      <BreaksAroundEcho>true</BreaksAroundEcho>
+      <AutoSend>true</AutoSend>
+      <SendAsHex>true</SendAsHex>
+      <TimeoutForAutoBreak>0</TimeoutForAutoBreak>
+    </HexSettings>
+    <LineEnding>LF</LineEnding>
+    <TreatLFAsCRLF>false</TreatLFAsCRLF>
+    <KeepOpenAfterExit>false</KeepOpenAfterExit>
+    <ShowAfterProgramming>false</ShowAfterProgramming>
+  </DeviceTerminalSettings>
+  <CustomShortcuts>
+    <Shortcuts />
+    <ShowMessageAfterExecuting>true</ShowMessageAfterExecuting>
+  </CustomShortcuts>
+  <UserDefinedVariables />
+  <ImportedPropertySheets />
+  <CodeSense>
+    <Enabled>Unknown</Enabled>
+    <ExtraSettings>
+      <HideErrorsInSystemHeaders>true</HideErrorsInSystemHeaders>
+      <SupportLightweightReferenceAnalysis>true</SupportLightweightReferenceAnalysis>
+      <CheckForClangFormatFiles>true</CheckForClangFormatFiles>
+      <FormattingEngine xsi:nil="true" />
+    </ExtraSettings>
+    <CodeAnalyzerSettings>
+      <Enabled>false</Enabled>
+    </CodeAnalyzerSettings>
+  </CodeSense>
+  <Configurations>
+    <VisualGDBConfiguration>
+      <Name>Debug</Name>
+      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+    </VisualGDBConfiguration>
+    <VisualGDBConfiguration>
+      <Name>Release</Name>
+      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+    </VisualGDBConfiguration>
+  </Configurations>
+  <ProgramArgumentsSuggestions />
+  <Debug xsi:type="com.visualgdb.debug.embedded">
+    <AdditionalStartupCommands />
+    <AdditionalGDBSettings>
+      <Features>
+        <DisableAutoDetection>false</DisableAutoDetection>
+        <UseFrameParameter>false</UseFrameParameter>
+        <SimpleValuesFlagSupported>false</SimpleValuesFlagSupported>
+        <ListLocalsSupported>false</ListLocalsSupported>
+        <ByteLevelMemoryCommandsAvailable>false</ByteLevelMemoryCommandsAvailable>
+        <ThreadInfoSupported>false</ThreadInfoSupported>
+        <PendingBreakpointsSupported>false</PendingBreakpointsSupported>
+        <SupportTargetCommand>false</SupportTargetCommand>
+        <ReliableBreakpointNotifications>false</ReliableBreakpointNotifications>
+      </Features>
+      <EnableSmartStepping>false</EnableSmartStepping>
+      <FilterSpuriousStoppedNotifications>false</FilterSpuriousStoppedNotifications>
+      <ForceSingleThreadedMode>false</ForceSingleThreadedMode>
+      <UseAppleExtensions>false</UseAppleExtensions>
+      <CanAcceptCommandsWhileRunning>false</CanAcceptCommandsWhileRunning>
+      <MakeLogFile>false</MakeLogFile>
+      <IgnoreModuleEventsWhileStepping>true</IgnoreModuleEventsWhileStepping>
+      <UseRelativePathsOnly>false</UseRelativePathsOnly>
+      <ExitAction>None</ExitAction>
+      <DisableDisassembly>false</DisableDisassembly>
+      <ExamineMemoryWithXCommand>false</ExamineMemoryWithXCommand>
+      <StepIntoNewInstanceEntry>app_main</StepIntoNewInstanceEntry>
+      <ExamineRegistersInRawFormat>true</ExamineRegistersInRawFormat>
+      <DisableSignals>false</DisableSignals>
+      <EnableAsyncExecutionMode>false</EnableAsyncExecutionMode>
+      <AsyncModeSupportsBreakpoints>true</AsyncModeSupportsBreakpoints>
+      <TemporaryBreakConsolidationTimeout>0</TemporaryBreakConsolidationTimeout>
+      <EnableNonStopMode>false</EnableNonStopMode>
+      <MaxBreakpointLimit>0</MaxBreakpointLimit>
+      <EnableVerboseMode>true</EnableVerboseMode>
+      <EnablePrettyPrinters>false</EnablePrettyPrinters>
+    </AdditionalGDBSettings>
+    <DebugMethod>
+      <ID>openocd</ID>
+      <Configuration xsi:type="com.visualgdb.edp.openocd.settings.esp32">
+        <CommandLine>-f interface/ftdi/tigard.cfg -c "adapter_khz 15000" -f target/esp32.cfg</CommandLine>
+        <ExtraParameters>
+          <Frequency xsi:nil="true" />
+          <BoostedFrequency xsi:nil="true" />
+          <ConnectUnderReset>false</ConnectUnderReset>
+        </ExtraParameters>
+        <LoadProgressGUIThreshold>131072</LoadProgressGUIThreshold>
+        <ProgramMode>Enabled</ProgramMode>
+        <StartupCommands>
+          <string>set remotetimeout 60</string>
+          <string>target remote :$$SYS:GDB_PORT$$</string>
+          <string>mon gdb_breakpoint_override hard</string>
+          <string>mon reset halt</string>
+          <string>load</string>
+        </StartupCommands>
+        <ProgramFLASHUsingExternalTool>false</ProgramFLASHUsingExternalTool>
+        <PreferredGDBPort>0</PreferredGDBPort>
+        <PreferredTelnetPort>0</PreferredTelnetPort>
+        <AlwaysPassSerialNumber>false</AlwaysPassSerialNumber>
+        <SelectedCoreIndex xsi:nil="true" />
+        <LiveMemoryTimeout>5000</LiveMemoryTimeout>
+        <SuggestionLogicRevision>1</SuggestionLogicRevision>
+        <CheckFLASHSize>true</CheckFLASHSize>
+        <FLASHSettings>
+          <Size>size2MB</Size>
+          <Frequency>freq40M</Frequency>
+          <Mode>DIO</Mode>
+        </FLASHSettings>
+        <PatchBootloader>true</PatchBootloader>
+      </Configuration>
+    </DebugMethod>
+    <AutoDetectRTOS>true</AutoDetectRTOS>
+    <SemihostingSupport>Disabled</SemihostingSupport>
+    <SemihostingPollingDelay>0</SemihostingPollingDelay>
+    <StepIntoEntryPoint>false</StepIntoEntryPoint>
+    <ReloadFirmwareOnReset>false</ReloadFirmwareOnReset>
+    <ValidateEndOfStackAddress>true</ValidateEndOfStackAddress>
+    <StopAtEntryPoint>false</StopAtEntryPoint>
+    <EnableVirtualHalts>false</EnableVirtualHalts>
+    <DynamicAnalysisSettings />
+    <EndOfStackSymbol>_estack</EndOfStackSymbol>
+    <TimestampProviderTicksPerSecond>0</TimestampProviderTicksPerSecond>
+    <KeepConsoleAfterExit>false</KeepConsoleAfterExit>
+    <UnusedStackFillPattern xsi:nil="true" />
+    <CheckInterfaceDrivers>true</CheckInterfaceDrivers>
+  </Debug>
+</VisualGDBProjectSettings2>
--- a/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/CMakeLists.txt
+++ b/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/CMakeLists.txt
@@ -0,0 +1,524 @@
+#
+#  Copyright (C) 2006-2023 wolfSSL Inc.
+#
+#  This file is part of wolfSSL.
+#
+#  wolfSSL is free software; you can redistribute it and/or modify
+#  it under the terms of the GNU General Public License as published by
+#  the Free Software Foundation; either version 2 of the License, or
+#  (at your option) any later version.
+#
+#  wolfSSL is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU General Public License for more details.
+#
+#  You should have received a copy of the GNU General Public License
+#  along with this program; if not, write to the Free Software
+#  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+#
+# cmake for wolfssl Espressif projects
+#
+# Version 5.6.0.011 for detect test/benchmark
+#
+# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
+#
+
+cmake_minimum_required(VERSION 3.16)
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+set(CMAKE_CURRENT_SOURCE_DIR ".")
+set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
+set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" )
+
+# find the user name to search for possible "wolfssl-username"
+message(STATUS "USERNAME = $ENV{USERNAME}")
+if(  "$ENV{USER}" STREQUAL "" ) # the bash user
+    if(  "$ENV{USERNAME}" STREQUAL "" ) # the Windows user
+        message(STATUS "could not find USER or USERNAME")
+    else()
+        # the bash user is not blank, so we'll use it.
+        set(THIS_USER "$ENV{USERNAME}")
+    endif()
+else()
+    # the bash user is not blank, so we'll use it.
+    set(THIS_USER "$ENV{USER}")
+endif()
+message(STATUS "THIS_USER = ${THIS_USER}")
+
+
+# COMPONENT_NAME = wolfssl
+# The component name is the directory name. "No feature to change this".
+# See https://github.com/espressif/esp-idf/issues/8978#issuecomment-1129892685
+
+# set the root of wolfSSL in top-level project CMakelists.txt:
+#   set(WOLFSSL_ROOT  "C:/some path/with/spaces")
+#   set(WOLFSSL_ROOT  "c:/workspace/wolfssl-[username]")
+#   set(WOLFSSL_ROOT  "/mnt/c/some path/with/spaces")
+#   or use this logic to assign value from Environment Variable WOLFSSL_ROOT,
+#   or assume this is an example 7 subdirectories below:
+
+# We are typically in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
+# The root of wolfSSL is 7 directories up from here:
+
+# function: IS_WOLFSSL_SOURCE
+#  parameter: DIRECTORY_PARAMETER - the directory to test
+#  output:    RESULT = contains contents of DIRECTORY_PARAMETER for wolfssl directory, otherwise blank.
+function(IS_WOLFSSL_SOURCE DIRECTORY_PARAMETER RESULT)
+    if (EXISTS "${DIRECTORY_PARAMETER}/wolfcrypt/src")
+        set(${RESULT} "${DIRECTORY_PARAMETER}" PARENT_SCOPE)
+    else()
+        set(${RESULT} "" PARENT_SCOPE)
+    endif()
+endfunction()
+
+# function: FIND_WOLFSSL_DIRECTORY
+#  parameter: OUTPUT_FOUND_WOLFSSL_DIRECTORY contains root of source code, otherwise blank
+#
+function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
+    message(STATUS "Starting FIND_WOLFSSL_DIRECTORY")
+    set(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}")
+    if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
+        message(STATUS "The WOLFSSL_ROOT environment variable is not set. Searching...")
+    else()
+        get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
+        IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
+        if("${FOUND_WOLFSSL}")
+            message(STATUS "Found WOLFSSL_ROOT via Environment Variable:")
+        else()
+            message(FATAL_ERROR "WOLFSSL_ROOT Environment Variable defined, but path not found:")
+            message(STATUS "$ENV{WOLFSSL_ROOT}")
+        endif()
+    endif()
+
+    # we'll start in the CMAKE_CURRENT_SOURCE_DIR, typically [something]/projectname/components/wolfssl
+    message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
+    get_filename_component(CURRENT_SEARCH_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
+    message(STATUS "CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+    string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
+
+    # loop through all the parents, looking for wolfssl
+    while(NOT CURRENT_SEARCH_DIR STREQUAL "/" AND NOT CURRENT_SEARCH_DIR STREQUAL "" )
+        string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
+        # wolfSSL may simply be in a parent directory, such as for local examples in wolfssl repo
+        IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
+        if( FOUND_WOLFSSL )
+            message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+            set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
+            return()
+        endif()
+
+        if( THIS_USER )
+            # Check for "wolfssl-[username]" subdirectory as we recurse up the directory tree
+            set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl-${THIS_USER})
+            message(STATUS "Looking in ${CURRENT_SEARCH_DIR}")
+
+            #if(EXISTS ${CURRENT_SEARCH_DIR_ALT} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR_ALT} AND EXISTS "${CURRENT_SEARCH_DIR_ALT}/wolfcrypt/src")
+            IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
+            if ( FOUND_WOLFSSL )
+               message(STATUS "Found wolfssl in user-suffix CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
+                set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR_ALT} PARENT_SCOPE)
+                return()
+            endif()
+        endif()
+
+        # Next check for no user suffix "wolfssl" subdirectory as we recurse up the directory tree
+        set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl)
+        # if(EXISTS ${CURRENT_SEARCH_DIR} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR} AND EXISTS "${CURRENT_SEARCH_DIR}/wolfcrypt/src")
+        IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
+        if ( FOUND_WOLFSSL )
+            message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+            set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
+            return()
+        endif()
+
+        # Move up one directory level
+        set(PRIOR_SEARCH_DIR "${CURRENT_SEARCH_DIR}")
+        get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" DIRECTORY)
+        message(STATUS "Next CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+        if( "${PRIOR_SEARCH_DIR}" STREQUAL "${CURRENT_SEARCH_DIR}" )
+            # when the search directory is empty, we'll give up
+            set(CURRENT_SEARCH_DIR "")
+        endif()
+    endwhile()
+
+    # If not found, set the output variable to empty before exiting
+    set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} "" PARENT_SCOPE)
+endfunction()
+
+
+# Example usage:
+
+
+
+
+if(CMAKE_BUILD_EARLY_EXPANSION)
+    message(STATUS "wolfssl component CMAKE_BUILD_EARLY_EXPANSION:")
+    idf_component_register(
+                            REQUIRES "${COMPONENT_REQUIRES}"
+                            PRIV_REQUIRES # esp_hw_support
+                                          esp_timer
+                                          driver # this will typically only be needed for wolfSSL benchmark
+                           )
+
+else()
+    # not CMAKE_BUILD_EARLY_EXPANSION
+    message(STATUS "************************************************************************************************")
+    message(STATUS "wolfssl component config:")
+    message(STATUS "************************************************************************************************")
+
+    # search for wolfSSL
+    FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
+    if(WOLFSSL_ROOT)
+        message(STATUS "NEW Found wolfssl directory at: ${WOLFSSL_ROOT}")
+    else()
+        message(STATUS "NEW wolfssl directory not found.")
+        # Abort. We need wolfssl _somewhere_.
+        message(FATAL_ERROR "Could not find wolfssl in ${WOLFSSL_ROOT}.\n"
+                            "Try setting WOLFSSL_ROOT environment variable or git clone.")
+    endif()
+
+    set(INCLUDE_PATH ${WOLFSSL_ROOT})
+
+    set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/src/")
+
+    if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_benchmark" )
+        set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/benchmark")
+    endif()
+
+    if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_test" )
+        set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/test")
+    endif()
+
+    set(COMPONENT_SRCDIRS "\"${WOLFSSL_ROOT}/src/\""
+                          "\"${WOLFSSL_ROOT}/wolfcrypt/src\""
+                          "\"${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif\""
+                          "\"${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel\""
+                          "\"${WOLFSSL_EXTRA_PROJECT_DIR}\""
+                         ) # COMPONENT_SRCDIRS
+
+    message(STATUS "This COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
+
+    set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
+    add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+
+
+    # Espressif may take several passes through this makefile. Check to see if we found IDF
+    string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
+
+    # get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
+    file(GLOB EXCLUDE_ASM *.S)
+    file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
+
+    message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
+    message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
+    message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
+
+    #
+    # Check to see if there's both a local copy and EDP-IDF copy of the wolfssl and/or wolfssh components.
+    #
+    if( EXISTS "${WOLFSSL_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+        #
+        # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
+        #
+        message(STATUS "")
+        message(STATUS "**************************************************************************************")
+        message(STATUS "")
+        message(STATUS "Error: Found components/wolfssl in both local project and IDF_PATH")
+        message(STATUS "")
+        message(STATUS "To proceed: ")
+        message(STATUS "")
+        message(STATUS "Remove either the local project component: ${WOLFSSL_PROJECT_DIR} ")
+        message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
+        message(STATUS "")
+        message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
+        message(STATUS "")
+        message(STATUS "**************************************************************************************")
+        message(STATUS "")
+
+        # Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
+        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+
+    else()
+        if( EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+            #
+            # wolfSSL found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
+            #
+            message(STATUS "")
+            message(STATUS "Using components/wolfssl in IDF_PATH = $ENV{IDF_PATH}")
+            message(STATUS "")
+        else()
+            #
+            # wolfSSL is not an ESP-IDF component.
+            # We need to now determine if it is local and if so if it is part of the wolfSSL repo,
+            # or if  wolfSSL is simply installed as a local component.
+            #
+
+            if( EXISTS "${WOLFSSL_PROJECT_DIR}" )
+                #
+                # wolfSSL found in local project.
+                #
+                if( EXISTS "${WOLFSSL_PROJECT_DIR}/wolfcrypt/" )
+                    message(STATUS "")
+                    message(STATUS "Using installed project ./components/wolfssl in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
+                    message(STATUS "")
+                    #
+                    # Note we already checked above and confirmed there's not another wolfSSL installed in the ESP-IDF components.
+                    #
+                    # We won't do anything else here, as it will be assumed the original install completed successfully.
+                    #
+                else() # full wolfSSL not installed in local project
+                    #
+                    # This is the developer repo mode. wolfSSL will be assumed to be not installed to ESP-IDF nor local project
+                    # In this configuration, we are likely running a wolfSSL example found directly in the repo.
+                    #
+                    message(STATUS "")
+                    message(STATUS "Using developer repo ./components/wolfssl in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
+                    message(STATUS "")
+
+                    message(STATUS "************************************************************************************************")
+                    # When in developer mode, we are typically running wolfSSL examples such as benchmark or test directories.
+                    # However, the as-cloned or distributed wolfSSL does not have the ./include/ directory, so we'll add it as needed.
+                    #
+                    # first check if there's a [root]/include/user_settings.h
+                    if( EXISTS "${WOLFSSL_ROOT}/include/user_settings.h" )
+                        message(FATAL_ERROR "Found stray wolfSSL user_settings.h in "
+                                            "${WOLFSSL_ROOT}/include/user_settings.h "
+                                            " (please move it to ${WOLFSSL_PROJECT_DIR}/include/user_settings.h )")
+                    else()
+                        # we won't overwrite an existing user settings file, just note that we already have one:
+                        if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/user_settings.h" )
+                            message(STATUS "Using existing wolfSSL user_settings.h in "
+                                            "${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+                        else()
+                            message(STATUS "Installing wolfSSL user_settings.h to "
+                                            "${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+                            file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h"
+                            DESTINATION "${CMAKE_HOME_DIRECTORY}/wolfssl/include/")
+                        endif()
+                    endif() # user_settings.h
+
+                    # next check if there's a [root]/include/config.h
+                    if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
+                        message(STATUS "******************************************************************************")
+                        message(STATUS "******************************************************************************")
+                        message(STATUS "Found stray wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h"              )
+                        message(STATUS "  Please move it to ${WOLFSSL_PROJECT_DIR}/include/config.h"                   )
+                        message(STATUS "******************************************************************************")
+                        message(STATUS "******************************************************************************")
+                    else()
+                        # we won't overwrite an existing user settings file, just note that we already have one:
+                        if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/config.h" )
+                            message(STATUS "Using existing wolfSSL config.h           ${WOLFSSL_PROJECT_DIR}/include/config.h")
+                        else()
+                            message(STATUS "Installing wolfSSL config.h to            ${WOLFSSL_PROJECT_DIR}/include/config.h")
+                            file(COPY   "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/dummy_config_h" DESTINATION "${WOLFSSL_PROJECT_DIR}/include/")
+                            file(RENAME "${WOLFSSL_PROJECT_DIR}/include/dummy_config_h" "${WOLFSSL_PROJECT_DIR}/include/config.h")
+                        endif() # Project config.h
+                    endif() # WOLFSSL_ROOT config.h
+                    message(STATUS "************************************************************************************************")
+                    message(STATUS "")
+                endif()
+
+            else()
+                # we did not find a ./components/wolfssl/include/ directory from this pass of cmake.
+                if($WOLFSSL_FOUND_IDF)
+                    message(STATUS "")
+                    message(STATUS "WARNING: wolfSSL not found.")
+                    message(STATUS "")
+                else()
+                    # probably needs to be re-parsed by Espressif
+                    message(STATUS "wolfSSL found IDF. Project Source:${PROJECT_SOURCE_DIR}")
+                endif() # else we have not found ESP-IDF yet
+            endif() # else not a local wolfSSL component
+
+        endif() #else not an ESP-IDF component
+    endif() # else not local copy and EDP-IDF wolfSSL
+
+
+    # RTOS_IDF_PATH is typically:
+    # "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
+    # depending on the environment, we may need to swap backslashes with forward slashes
+    string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
+
+    string(REPLACE "\\" "/" WOLFSSL_ROOT ${WOLFSSL_ROOT})
+
+    if(IS_DIRECTORY "${RTOS_IDF_PATH}")
+        message(STATUS "Found current RTOS path: ${RTOS_IDF_PATH}")
+    else()
+        # ESP-IDF prior version 4.4x has a different RTOS directory structure
+        string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/include/freertos")
+        if(IS_DIRECTORY "${RTOS_IDF_PATH}")
+            message(STATUS "Found legacy RTOS path: ${RTOS_IDF_PATH}")
+        else()
+            message(STATUS "Could not find RTOS path")
+        endif()
+    endif()
+
+
+    set(COMPONENT_ADD_INCLUDEDIRS
+        "./include" # this is the location of wolfssl user_settings.h
+        "\"${WOLFSSL_ROOT}/\""
+        "\"${WOLFSSL_ROOT}/wolfssl/\""
+        "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\""
+        "\"${RTOS_IDF_PATH}/\""
+        )
+
+
+    if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
+        list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
+    endif()
+
+    list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/\"")
+    list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\"")
+
+
+
+    set(COMPONENT_SRCEXCLUDE
+        "\"${WOLFSSL_ROOT}/src/bio.c\""
+        "\"${WOLFSSL_ROOT}/src/conf.c\""
+        "\"${WOLFSSL_ROOT}/src/misc.c\""
+        "\"${WOLFSSL_ROOT}/src/pk.c\""
+        "\"${WOLFSSL_ROOT}/src/ssl_asn1.c\""    # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_bn.c\""      # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_certman.c\"" # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_crypto.c\""  # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_misc.c\""    # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/x509.c\""
+        "\"${WOLFSSL_ROOT}/src/x509_str.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/misc.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm32.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm64.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_armthumb.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c32.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c64.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_cortexm.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64_asm.S\""
+        "\"${EXCLUDE_ASM}\""
+        )
+
+    spaces2list(COMPONENT_REQUIRES)
+
+    separate_arguments(COMPONENT_SRCDIRS NATIVE_COMMAND "${COMPONENT_SRCDIRS}")
+    separate_arguments(COMPONENT_SRCEXCLUDE NATIVE_COMMAND "${COMPONENT_SRCEXCLUDE}")
+    separate_arguments(COMPONENT_ADD_INCLUDEDIRS NATIVE_COMMAND "${COMPONENT_ADD_INCLUDEDIRS}")
+
+    #
+    # See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html#example-component-requirements
+    #
+    message(STATUS "COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
+    message(STATUS "COMPONENT_ADD_INCLUDEDIRS = ${COMPONENT_ADD_INCLUDEDIRS}")
+    message(STATUS "COMPONENT_REQUIRES = ${COMPONENT_REQUIRES}")
+    message(STATUS "COMPONENT_SRCEXCLUDE = ${COMPONENT_SRCEXCLUDE}")
+
+    #
+    # see https://docs.espressif.com/projects/esp-idf/en/stable/esp32/migration-guides/release-5.x/build-system.html?highlight=space%20path
+    #
+    set(EXTRA_COMPONENT_DIRS "${COMPONENT_SRCDIRS}")
+    idf_component_register(
+                            SRC_DIRS "${COMPONENT_SRCDIRS}"
+                            INCLUDE_DIRS "${COMPONENT_ADD_INCLUDEDIRS}"
+                            REQUIRES "${COMPONENT_REQUIRES}"
+                            EXCLUDE_SRCS "${COMPONENT_SRCEXCLUDE}"
+                            PRIV_REQUIRES esp_timer driver # this will typically only be needed for wolfSSL benchmark
+                           )
+    # some optional diagnostics
+    if (1)
+        get_cmake_property(_variableNames VARIABLES)
+        list (SORT _variableNames)
+        message(STATUS "")
+        message(STATUS "ALL VARIABLES BEGIN")
+        message(STATUS "")
+        foreach (_variableName ${_variableNames})
+            message(STATUS "${_variableName}=${${_variableName}}")
+        endforeach()
+        message(STATUS "")
+        message(STATUS "ALL VARIABLES END")
+        message(STATUS "")
+    endif()
+
+    # target_sources(wolfssl PRIVATE  "\"${WOLFSSL_ROOT}/wolfssl/\""  "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt\"")
+
+endif() # CMAKE_BUILD_EARLY_EXPANSION
+
+
+
+# check to see if there's both a local copy and EDP-IDF copy of the wolfssl components
+if( EXISTS "${WOLFSSL_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+    message(STATUS "")
+    message(STATUS "")
+    message(STATUS "********************************************************************")
+    message(STATUS "WARNING: Found components/wolfssl in both local project and IDF_PATH")
+    message(STATUS "********************************************************************")
+    message(STATUS "")
+endif()
+# end multiple component check
+
+
+#
+# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
+#
+# Save the THIS_VAR as a string in a macro called VAR_OUPUT
+#
+# VAR_OUPUT:  the name of the macro to define
+# THIS_VAR:   the OUTPUT_VARIABLE result from a execute_process()
+# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
+#
+function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
+    # is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
+    string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
+
+    # if we had a successful operation, save the THIS_VAR in VAR_OUPUT
+    if(${IS_VALID_VALUE})
+        # strip newline chars in THIS_VAR parameter and save in VAR_VALUE
+        string(REPLACE "\n" ""  VAR_VALUE  ${THIS_VAR})
+
+        # we'll could percolate the value to the parent for possible later use
+        # set(${VAR_OUPUT} ${VAR_VALUE} PARENT_SCOPE)
+
+        # but we're only using it here in this function
+        set(${VAR_OUPUT} ${VAR_VALUE})
+
+        # we'll print what we found to the console
+        message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
+
+        # the interesting part is defining the VAR_OUPUT name a value to use in the app
+        add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+    else()
+        # if we get here, check the execute_process command and parameters.
+        message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
+        set(${VAR_OUPUT} "Unknown")
+    endif()
+endfunction() # LIBWOLFSSL_SAVE_INFO
+
+# create some programmatic #define values that will be used by ShowExtendedSystemInfo().
+# see wolfcrypt\src\port\Espressif\esp32_utl.c
+if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+    set (git_cmd "git")
+    message(STATUS "Adding macro definitions:")
+
+    # LIBWOLFSSL_VERSION_GIT_ORIGIN: git config --get remote.origin.url
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "config" "--get" "remote.origin.url" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_ORIGIN "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_BRANCH: git rev-parse --abbrev-ref HEAD
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--abbrev-ref" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_BRANCH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_HASH: git rev-parse HEAD
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_SHORT_HASH: git rev-parse --short HEAD
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_HASH_DATE git show --no-patch --no-notes --pretty=\'\%cd\'
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
+
+    message(STATUS "************************************************************************************************")
+    message(STATUS "wolfssl component config complete!")
+    message(STATUS "************************************************************************************************")
+endif()
--- a/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h
+++ b/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h
@@ -0,0 +1,428 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* This user_settings.h is for Espressif ESP-IDF */
+#include <sdkconfig.h>
+
+/* The Espressif sdkconfig will have chipset info.
+**
+** Possible values:
+**
+**   CONFIG_IDF_TARGET_ESP32
+**   CONFIG_IDF_TARGET_ESP32S2
+**   CONFIG_IDF_TARGET_ESP32S3
+**   CONFIG_IDF_TARGET_ESP32C3
+**   CONFIG_IDF_TARGET_ESP32C6
+*/
+
+#undef  WOLFSSL_ESPIDF
+#define WOLFSSL_ESPIDF
+
+/*
+ * choose ONE of these Espressif chips to define:
+ *
+ * WOLFSSL_ESP32
+ * WOLFSSL_ESPWROOM32SE
+ * WOLFSSL_ESP8266
+ */
+#undef WOLFSSL_ESPWROOM32SE
+#undef WOLFSSL_ESP8266
+#undef WOLFSSL_ESP32
+
+#define WOLFSSL_ESP32
+
+/* optionally turn off SHA512/224 SHA512/256 */
+/* #define WOLFSSL_NOSHA512_224 */
+/* #define WOLFSSL_NOSHA512_256 */
+
+/* when you want to use SINGLE THREAD. Note Default ESP-IDF is FreeRTOS */
+/* #define SINGLE_THREADED */
+
+/* When you don't want to use the old SHA */
+/* #define NO_SHA */
+/* #define NO_OLD_TLS */
+
+#define BENCH_EMBEDDED
+#define USE_CERT_BUFFERS_2048
+
+/* TLS 1.3                                 */
+#define WOLFSSL_TLS13
+#define HAVE_TLS_EXTENSIONS
+#define WC_RSA_PSS
+#define HAVE_HKDF
+#define HAVE_AEAD
+#define HAVE_SUPPORTED_CURVES
+
+#define WOLFSSL_BENCHMARK_FIXED_UNITS_KB
+
+#define NO_FILESYSTEM
+
+#define NO_OLD_TLS
+
+#define HAVE_AESGCM
+
+#define WOLFSSL_RIPEMD
+/* when you want to use SHA224 */
+#define WOLFSSL_SHA224
+
+/* when you want to use SHA384 */
+#define WOLFSSL_SHA384
+
+/* when you want to use SHA512 */
+#define WOLFSSL_SHA512
+
+/* when you want to use SHA3 */
+#define WOLFSSL_SHA3
+
+/* Reminder: ED25519 requires SHA512 */
+#define HAVE_ED25519
+
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define CURVE25519_SMALL
+#define HAVE_ED25519
+
+/* Optional OPENSSL compatibility */
+#define OPENSSL_EXTRA
+/* when you want to use pkcs7 */
+/* #define HAVE_PKCS7 */
+
+#define HAVE_PKCS7
+
+#if defined(HAVE_PKCS7)
+    #define HAVE_AES_KEYWRAP
+    #define HAVE_X963_KDF
+    #define WOLFSSL_AES_DIRECT
+#endif
+
+/* when you want to use AES counter mode */
+/* #define WOLFSSL_AES_DIRECT */
+/* #define WOLFSSL_AES_COUNTER */
+
+/* esp32-wroom-32se specific definition */
+#if defined(WOLFSSL_ESPWROOM32SE)
+    #define WOLFSSL_ATECC508A
+    #define HAVE_PK_CALLBACKS
+    /* when you want to use a custom slot allocation for ATECC608A */
+    /* unless your configuration is unusual, you can use default   */
+    /* implementation.                                             */
+    /* #define CUSTOM_SLOT_ALLOCATION                              */
+#endif
+
+/* RSA primitive specific definition */
+#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
+    /* Define USE_FAST_MATH and SMALL_STACK                        */
+    #define ESP32_USE_RSA_PRIMITIVE
+
+    #if defined(CONFIG_IDF_TARGET_ESP32)
+
+        /* NOTE HW unreliable for small values! */
+        /* threshold for performance adjustment for HW primitive use   */
+        /* X bits of G^X mod P greater than                            */
+        #undef  ESP_RSA_EXPT_XBITS
+        #define ESP_RSA_EXPT_XBITS 32
+
+        /* X and Y of X * Y mod P greater than                         */
+        #undef  ESP_RSA_MULM_BITS
+        #define ESP_RSA_MULM_BITS  16
+
+    #endif
+#endif
+
+#define RSA_LOW_MEM
+
+/* #define WOLFSSL_ATECC508A_DEBUG         */
+
+/* date/time                               */
+/* if it cannot adjust time in the device, */
+/* enable macro below                      */
+/* #define NO_ASN_TIME */
+/* #define XTIME time */
+
+
+/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
+#define ESP_RSA_TIMEOUT_CNT    0x249F00
+
+#define HASH_SIZE_LIMIT /* for test.c */
+
+/* USE_FAST_MATH is default */
+#define USE_FAST_MATH
+
+/*****      Use SP_MATH      *****/
+/* #undef USE_FAST_MATH          */
+/* #define SP_MATH               */
+/* #define WOLFSSL_SP_MATH_ALL   */
+
+/***** Use Integer Heap Math *****/
+/* #undef USE_FAST_MATH          */
+/* #define USE_INTEGER_HEAP_MATH */
+
+
+#define WOLFSSL_SMALL_STACK
+
+
+#define HAVE_VERSION_EXTENDED_INFO
+/* #define HAVE_WC_INTROSPECTION */
+
+#define  HAVE_SESSION_TICKET
+
+/* #define HAVE_HASHDRBG */
+
+#define WOLFSSL_KEY_GEN
+#define WOLFSSL_CERT_REQ
+#define WOLFSSL_CERT_GEN
+#define WOLFSSL_CERT_EXT
+#define WOLFSSL_SYS_CA_CERTS
+
+
+#define WOLFSSL_CERT_TEXT
+
+#define WOLFSSL_ASN_TEMPLATE
+
+/*
+#undef  WOLFSSL_KEY_GEN
+#undef  WOLFSSL_CERT_REQ
+#undef  WOLFSSL_CERT_GEN
+#undef  WOLFSSL_CERT_EXT
+#undef  WOLFSSL_SYS_CA_CERTS
+*/
+
+/*
+--enable-keygen
+--enable-certgen
+--enable-certreq
+--enable-certext
+--enable-asn-template
+*/
+
+/* Default is HW enabled unless turned off.
+** Uncomment these lines to force SW instead of HW acceleration */
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+    /* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES     */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+
+    /*  These are defined automatically in esp32-crypt.h, here for clarity:  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 /* no SHA224 HW on ESP32  */
+
+    #undef  ESP_RSA_MULM_BITS
+    #define ESP_RSA_MULM_BITS 16 /* TODO add compile-time warning */
+    /***** END CONFIG_IDF_TARGET_ESP32 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+    /* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /* Note: There's no AES192 HW on the ESP32-S2; falls back to SW */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES     */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32S2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+    /* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH            */
+    /* Note: There's no AES192 HW on the ESP32-S3; falls back to SW */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES             */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32S3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+      defined(CONFIG_IDF_TARGET_ESP8684)
+    /* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
+     * single QFN 4x4 mm package. Out of released documentation, Technical
+     * Reference Manual as well as ESP-IDF Programming Guide is applicable
+     * to both ESP32-C2 and ESP8684.
+     *
+     * See: https://www.esp32.com/viewtopic.php?f=5&t=27926#:~:text=ESP8684%20is%20essentially%20ESP32%2DC2,both%20ESP32%2DC2%20and%20ESP8684. */
+
+    /* wolfSSL HW Acceleration supported on ESP32-C2. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */ /* to disable all SHA HW   */
+
+    /* These are defined automatically in esp32-crypt.h, here for clarity    */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384    /* no SHA384 HW on C2  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512    /* no SHA512 HW on C2  */
+
+    /* There's no AES or RSA/Math accelerator on the ESP32-C2
+     * Auto defined with NO_WOLFSSL_ESP32_CRYPT_RSA_PRI, for clarity: */
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
+    /***** END CONFIG_IDF_TARGET_ESP32C2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+    /* wolfSSL HW Acceleration supported on ESP32-C3. Uncomment to disable: */
+
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */ /* to disable all SHA HW   */
+
+    /* These are defined automatically in esp32-crypt.h, here for clarity:  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384    /* no SHA384 HW on C6  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512    /* no SHA512 HW on C6  */
+
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES             */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32C3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+    /* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */
+
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /*  These are defined automatically in esp32-crypt.h, here for clarity:  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384    /* no SHA384 HW on C6  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512    /* no SHA512 HW on C6  */
+
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES             */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32C6 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32H2)
+    /*  wolfSSL Hardware Acceleration not yet implemented */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    /***** END CONFIG_IDF_TARGET_ESP32H2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP8266)
+    /*  TODO: Revisit ESP8266 */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    /***** END CONFIG_IDF_TARGET_ESP266 *****/
+#else
+    /* Anything else encountered, disable HW accleration */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#endif /* CONFIG_IDF_TARGET Check */
+
+/* Debug options:
+
+#define ESP_VERIFY_MEMBLOCK
+#define DEBUG_WOLFSSL
+#define DEBUG_WOLFSSL_VERBOSE
+#define DEBUG_WOLFSSL_SHA_MUTEX
+#define WOLFSSL_ESP32_CRYPT_DEBUG
+#define WOLFSSL_ESP32_CRYPT_HASH_SHA224_DEBUG
+#define NO_RECOVER_SOFTWARE_CALC
+#define WOLFSSL_TEST_STRAY 1
+#define USE_ESP_DPORT_ACCESS_READ_BUFFER
+#define WOLFSSL_ESP32_HW_LOCK_DEBUG
+#define WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
+#define ESP_DISABLE_HW_TASK_LOCK
+*/
+
+#define WOLFSSL_ESPIDF_ERROR_PAUSE /* Pause in a loop rather than exit. */
+#define WOLFSSL_HW_METRICS
+
+/* #define HASH_SIZE_LIMIT */ /* for test.c */
+
+/* #define NO_HW_MATH_TEST */ /* Optionall turn off HW math checks */
+
+/* Optionally include alternate HW test library: alt_hw_test.h */
+/* When enabling, the ./components/wolfssl/CMakeLists.txt file
+ * will need the name of the library in the idf_component_register
+ * for the PRIV_REQUIRES list. */
+/* #define INCLUDE_ALT_HW_TEST */
+
+/* optionally turn off individual math HW acceleration features */
+
+/* Turn off Large Number ESP32 HW Multiplication:
+** [Z = X * Y] in esp_mp_mul()                                  */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL                */
+
+/* Turn off Large Number ESP32 HW Modular Exponentiation:
+** [Z = X^Y mod M] in esp_mp_exptmod()                          */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD               */
+
+/* Turn off Large Number ESP32 HW Modular Multiplication
+** [Z = X * Y mod M] in esp_mp_mulmod()                         */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD                */
+
+
+#define WOLFSSL_PUBLIC_MP /* used by benchmark */
+#define USE_CERT_BUFFERS_2048
+
+/* when turning on ECC508 / ECC608 support
+#define WOLFSSL_ESPWROOM32SE
+#define HAVE_PK_CALLBACKS
+#define WOLFSSL_ATECC508A
+#define ATCA_WOLFSSL
+*/
+
+/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
+#define WOLFSSL_SM2
+#define WOLFSSL_SM3
+#define WOLFSSL_SM4
+*/
+
+#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
+    #include <wolfssl/certs_test_sm.h>
+    #define CTX_CA_CERT          root_sm2
+    #define CTX_CA_CERT_SIZE     sizeof_root_sm2
+    #define CTX_CA_CERT_TYPE     WOLFSSL_FILETYPE_PEM
+    #define CTX_SERVER_CERT      server_sm2
+    #define CTX_SERVER_CERT_SIZE sizeof_server_sm2
+    #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_PEM
+    #define CTX_SERVER_KEY       server_sm2_priv
+    #define CTX_SERVER_KEY_SIZE  sizeof_server_sm2_priv
+    #define CTX_SERVER_KEY_TYPE  WOLFSSL_FILETYPE_PEM
+
+    #undef  WOLFSSL_BASE16
+    #define WOLFSSL_BASE16
+#else
+    #define USE_CERT_BUFFERS_2048
+    #define USE_CERT_BUFFERS_256
+    #define CTX_CA_CERT          ca_cert_der_2048
+    #define CTX_CA_CERT_SIZE     sizeof_ca_cert_der_2048
+    #define CTX_CA_CERT_TYPE     WOLFSSL_FILETYPE_ASN1
+    #define CTX_SERVER_CERT      server_cert_der_2048
+    #define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
+    #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
+    #define CTX_SERVER_KEY       server_key_der_2048
+    #define CTX_SERVER_KEY_SIZE  sizeof_server_key_der_2048
+    #define CTX_SERVER_KEY_TYPE  WOLFSSL_FILETYPE_ASN1
+#endif
--- a/IDE/Espressif/ESP-IDF/examples/template/main/CMakeLists.txt
+++ b/IDE/Espressif/ESP-IDF/examples/template/main/CMakeLists.txt
@@ -0,0 +1,102 @@
+# wolfSSL Espressif Example Project/main CMakeLists.txt
+#   v1.0
+#
+# wolfssl template
+#
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+
+if(WIN32)
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
+    message("Detected Windows")
+endif()
+if(CMAKE_HOST_UNIX)
+    message("Detected UNIX")
+endif()
+if(APPLE)
+    message("Detected APPLE")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
+    message("Detected WSL")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
+    message("Detected Linux")
+endif()
+if(APPLE)
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
+    message("Detected Apple")
+endif()
+set (git_cmd "git")
+
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+    #
+    # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
+    #
+    message(STATUS "")
+    message(STATUS "WARNING: Found components/wolfssl in both local project and IDF_PATH")
+    message(STATUS "")
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+endif()
+
+## register_component()
+idf_component_register(SRCS main.c
+                       INCLUDE_DIRS "."
+                                    "./include")
+
+#
+# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
+#
+# Save the THIS_VAR as a string in a macro called VAR_OUPUT
+#
+# VAR_OUPUT:  the name of the macro to define
+# THIS_VAR:   the OUTPUT_VARIABLE result from a execute_process()
+# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
+#
+function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
+    # is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
+    string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
+
+    # if we had a successful operation, save the THIS_VAR in VAR_OUPUT
+    if(${IS_VALID_VALUE})
+        # strip newline chars in THIS_VAR parameter and save in VAR_VALUE
+        string(REPLACE "\n" ""  VAR_VALUE  ${THIS_VAR})
+
+        # we'll could percolate the value to the parent for possible later use
+        # set(${VAR_OUPUT} ${VAR_VALUE} PARENT_SCOPE)
+
+        # but we're only using it here in this function
+        set(${VAR_OUPUT} ${VAR_VALUE})
+
+        # we'll print what we found to the console
+        message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
+
+        # the interesting part is defining the VAR_OUPUT name a value to use in the app
+        add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+    else()
+        # if we get here, check the execute_process command and parameters.
+        message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
+        set(${VAR_OUPUT} "Unknown")
+    endif()
+endfunction() # LIBWOLFSSL_SAVE_INFO
+
+if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+    # LIBWOLFSSL_VERSION_GIT_HASH
+    execute_process(COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_SHORT_HASH
+    execute_process(COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_HASH_DATE
+    execute_process(COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
+endif()
+
+message(STATUS "")
+
--- a/IDE/Espressif/ESP-IDF/examples/template/main/include/main.h
+++ b/IDE/Espressif/ESP-IDF/examples/template/main/include/main.h
@@ -1,6 +1,6 @@
-/* crl.h
+/* template main.h
 *
- * Copyright (C) 2006-2021 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
@@ -18,6 +18,7 @@
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
 */
+#ifndef _MAIN_H_
+#define _MAIN_H_

-
-#include <wolfssl/crl.h>
+#endif
--- a/IDE/Espressif/ESP-IDF/examples/template/main/main.c
+++ b/IDE/Espressif/ESP-IDF/examples/template/main/main.c
@@ -1,6 +1,6 @@
-/* wolfcrypt_first.c
+/* main.c
 *
- * Copyright (C) 2006-2021 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
@@ -19,36 +19,31 @@
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
 */

+/* Espressif */
+#include <esp_log.h>

-/* This file needs to be linked first in order to work correctly */
+/* wolfSSL  */
+#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>

-#ifdef HAVE_CONFIG_H
-    #include <config.h>
-#endif
+/* project */
+#include "main.h"

-/* in case user set HAVE_FIPS there */
-#include <cyassl/ctaocrypt/settings.h>
+static const char* const TAG = "My Project";

-#ifdef HAVE_FIPS
-
-#ifdef USE_WINDOWS_API
-    #pragma code_seg(".fipsA$a")
-    #pragma const_seg(".fipsB$a")
-#endif
-
-
-/* read only start address */
-const unsigned int wolfCrypt_FIPS_ro_start[] =
-{ 0x1a2b3c4d, 0x00000001 };
-
-
-/* first function of text/code segment */
-int wolfCrypt_FIPS_first(void);
-int wolfCrypt_FIPS_first(void)
+void app_main(void)
 {
-    return 0;
+    ESP_LOGI(TAG, "Hello wolfSSL!");
+
+#ifdef HAVE_VERSION_EXTENDED_INFO
+    esp_ShowExtendedSystemInfo();
+#endif
+
+#if defined(WOLFSSL_HW_METRICS) && defined(WOLFSSL_HAS_METRICS)
+    esp_hw_show_metrics();
+#endif
+
+    ESP_LOGI(TAG, "\n\nDone!"
+                  "If running from idf.py monitor, press twice: Ctrl+]\n\n"
+                  "WOLFSSL_COMPLETE\n" /* exit keyword for wolfssl_monitor.py */
+            );
 }
-
-
-#endif /* HAVE_FIPS */
-
--- a/IDE/Espressif/ESP-IDF/examples/template/partitions_singleapp_large.csv
+++ b/IDE/Espressif/ESP-IDF/examples/template/partitions_singleapp_large.csv
@@ -0,0 +1,31 @@
+# to view: idf.py partition-table
+#
+# ESP-IDF Partition Table
+# Name, Type,  SubType, Offset,  Size, Flags
+nvs,     data, nvs,     0x9000,  24K,
+phy_init,data, phy,     0xf000,  4K,
+factory, app,  factory, 0x10000, 1500K,
+
+
+# For other settings, see:
+# https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/partition-tables.html#creating-custom-tables
+#
+# Here is the summary printed for the "Single factory app, no OTA" configuration:
+#
+# # ESP-IDF Partition Table
+# # Name,   Type, SubType, Offset,  Size, Flags
+# nvs,      data, nvs,     0x9000,  0x6000,
+# phy_init, data, phy,     0xf000,  0x1000,
+# factory,  app,  factory, 0x10000, 1M,
+#
+#
+# Here is the summary printed for the "Factory app, two OTA definitions" configuration:
+#
+# # ESP-IDF Partition Table
+# # Name,   Type, SubType, Offset,  Size, Flags
+# nvs,      data, nvs,     0x9000,  0x4000,
+# otadata,  data, ota,     0xd000,  0x2000,
+# phy_init, data, phy,     0xf000,  0x1000,
+# factory,  app,  factory, 0x10000,  1M,
+# ota_0,    app,  ota_0,   0x110000, 1M,
+# ota_1,    app,  ota_1,   0x210000, 1M,
--- a/IDE/Espressif/ESP-IDF/examples/template/sdkconfig.defaults
+++ b/IDE/Espressif/ESP-IDF/examples/template/sdkconfig.defaults
@@ -0,0 +1,35 @@
+CONFIG_FREERTOS_HZ=1000
+CONFIG_ESP32_DEFAULT_CPU_FREQ_240=y
+
+#
+# Default main stack size
+#
+# This is typically way bigger than needed for stack size. See user_settings.h
+#
+CONFIG_ESP_MAIN_TASK_STACK_SIZE=10500
+
+# Legacy stack size for older ESP-IDF versions
+CONFIG_MAIN_TASK_STACK_SIZE=10500
+
+#
+# Compiler options
+#
+CONFIG_COMPILER_OPTIMIZATION_DEFAULT=y
+CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_ENABLE=y
+CONFIG_COMPILER_OPTIMIZATION_ASSERTION_LEVEL=2
+CONFIG_COMPILER_HIDE_PATHS_MACROS=y
+CONFIG_COMPILER_STACK_CHECK_MODE_NORM=y
+CONFIG_COMPILER_STACK_CHECK=y
+
+#
+# Partition Table
+#
+# CONFIG_PARTITION_TABLE_SINGLE_APP is not set
+CONFIG_PARTITION_TABLE_SINGLE_APP_LARGE=y
+# CONFIG_PARTITION_TABLE_TWO_OTA is not set
+# CONFIG_PARTITION_TABLE_CUSTOM is not set
+CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="partitions.csv"
+CONFIG_PARTITION_TABLE_FILENAME="partitions_singleapp_large.csv"
+CONFIG_PARTITION_TABLE_OFFSET=0x8000
+CONFIG_PARTITION_TABLE_MD5=y
+# end of Partition Table
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/CMakeLists.txt
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/CMakeLists.txt
@@ -1,6 +1,33 @@
+# wolfSSL Espressif Example Project CMakeLists.txt
+#   v1.0
+#
 # The following lines of boilerplate have to be in your project's
 # CMakeLists in this exact order for cmake to work correctly
-cmake_minimum_required(VERSION 3.5)
+cmake_minimum_required(VERSION 3.16)
+
+# The wolfSSL CMake file should be able to find the source code.
+# Otherwise, assign an environment variable or set it here:
+#
+# set(WOLFSSL_ROOT "~/workspace/wolfssl-other-source")
+#
+# Optional WOLFSSL_CMAKE_SYSTEM_NAME detection to find
+# USE_MY_PRIVATE_CONFIG path for my_private_config.h
+#
+# Expected path varies:
+#
+#     WSL:  /mnt/c/workspace
+#   Linux:  ~/workspace
+# Windows:  C:\workspace
+#
+
+# Optionally specify a location for wolfSSL component source code
+# set(WOLFSSL_ROOT "c:/test/blogtest/wolfssl" )

 include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+
+set(COMPONENTS
+  main
+  wolfssl
+) # set components
+
 project(wolfssl_benchmark)
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md
@@ -1,6 +1,59 @@
 # wolfSSL Benchmark Example

-The Example contains of wolfSSL benchmark program.
+This ESP32 example uses the [wolfSSL wolfcrypt Benchmark Application](https://github.com/wolfSSL/wolfssl/tree/master/wolfcrypt/benchmark).
+
+For general information on [wolfSSL examples for Espressif](../README.md), see the
+[README](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/README.md) file.
+
+## Espressif ESP Component Registry
+
+See the wolfSSL namespace at [components.espressif.com](https://components.espressif.com/components?q=wolfssl)
+
+
+## Windows COM Port
+
+All of these examples use COM20 on Windows. The DOS `change port` command can be use to assign any
+other local port to `COM20` as needed:
+
+```
+change port com20=com23
+```
+
+## VisualGDB
+
+Open the VisualGDB Visual Studio Project file in the VisualGDB directory and click the "Start" button.
+No wolfSSL setup is needed. You may need to adjust your specific COM port. The default is `COM20`.
+
+Include in the respective project `./VisualGDB` directory are [VisualGDB](https://visualgdb.com/) project files.
+Individual project files are included for convenience to new users,
+as there are [difficulties switching between ESP-IDF Versions or Chipsets](https://sysprogs.com/w/forums/topic/difficulties-switching-espressif-esp-idf-version-or-chipset/)
+using the VisualGDB extension.
+
+The naming convention for project files is: `[project name]_IDF_[Version]_[chipset].vgdbproj`. The solution files (filename[.sln]) often will contain shortcuts to commonly used source and configuration files used by the respective project.
+
+
+-------- |------------- |------------- |
+ChipSet  | ESP-IDF v4.4 | ESP-IDF v5.1 |
+-------- |------------- |------------- |
+ESP32    |      x       |              |
+ESP32-S2 |              |              |
+ESP32-S3 |      x       |      x       |
+ESP32-C3 |      x       |      x       |
+ESP32-C6 |              |              |
+
+
+The default directories are:
+
+- `C:\SysGCC` - The root directory install of VisualGDB
+- `C:\SysGCC\esp32` - The default for ESP-IDF v5.x
+- `C:\SysGCC\esp32-8.4` - Many need to manually select this name for ESP-IDF v4.x install
+- `C:\SysGCC\esp8266`- The default for ESP8266
+
+Windows ports assigned with the `change port` command may not appear in the VisualGDB dropdowns but can still
+be used when manually typed.
+See the [feature request](https://sysprogs.com/w/forums/topic/feature-request-show-windows-change-port-results-in-com-port-dropdown-lists/).
+
+## ESP-IDF Commandline

 1. `idf.py menuconfig` to configure the program.  
    1-1. Example Configuration ->
@@ -14,3 +67,192 @@ When you want to run the benchmark program
 2. `idf.py monitor` to see the message

 See the README.md file in the upper level 'examples' directory for more information about examples.
+
+## Performance
+
+Reminder than when building on WSL in `/mnt/c` there will be a noticeable performance degradation at compile time. Using `~/` will be faster at the cost of shared filesystems.
+
+Example build on WSL:
+
+```
+Optionally update toolchain
+
+cd /mnt/c/SysGCC/esp32/esp-idf/master
+git fetch
+git pull
+git submodule update --init --recursive
+
+cd /mnt/c/workspace/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark
+
+# Pick ESP-IDF install directory, this one for v5.1 in VisualGDB
+
+WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.1
+WRK_IDF_PATH=/mnt/c/SysGCC/esp32-8.4/esp-idf/v4.4.1
+WRK_IDF_PATH=~/esp/esp-idf
+
+. $WRK_IDF_PATH/export.sh
+
+# Set target SoC
+idf.py set-target esp32c3
+
+# Optionally erase
+
+# Build and flash
+idf.py build flash -p /dev/ttyS20 -b 115200 monitor
+```
+
+## Example Output
+
+Note the default wolfSSL `user_settings.h` is configured by default to be the most 
+compatible across the widest ranges of targets. Contact wolfSSL at support@wolfssl.com
+for help in optimizing for your particular application, or see the 
+[docs](https://www.wolfssl.com/documentation/manuals/wolfssl/index.html).
+
+Compiled and flashed with `idf.py build  flash -p /dev/ttyS7 -b 115200 monitor`:
+
+```
+--- idf_monitor on /dev/ttyS7 115200 ---
+--- Quit: Ctrl+] | Menu: Ctrl+T | Help: Ctrl+T followed by Ctrl+H ---
+ (377) cpu_start: Starting scheduler ets Jun  8 2016 00:22:57
+
+rst:0x1 (POWERON_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
+configsip: 0, SPIWP:0xee
+clk_drv:0x00,q_drv:0x00,d_drv:0x00,cs0_drv:0x00,hd_drv:0x00,wp_drv:0x00
+mode:DIO, clock div:2
+load:0x3fff0030,len:6664
+load:0x40078000,len:14848
+load:0x40080400,len:3792
+0x40080400: _init at ??:?
+
+entry 0x40080694
+I (27) boot: ESP-IDF v4.4.2-dirty 2nd stage bootloader
+I (27) boot: compile time 13:41:41
+I (27) boot: chip revision: 1
+I (30) boot_comm: chip revision: 1, min. bootloader chip revision: 0
+I (37) boot.esp32: SPI Speed      : 40MHz
+I (42) boot.esp32: SPI Mode       : DIO
+I (46) boot.esp32: SPI Flash Size : 2MB
+I (51) boot: Enabling RNG early entropy source...
+I (56) boot: Partition Table:
+I (60) boot: ## Label            Usage          Type ST Offset   Length
+I (67) boot:  0 nvs              WiFi data        01 02 00009000 00006000
+I (75) boot:  1 phy_init         RF data          01 01 0000f000 00001000
+I (82) boot:  2 factory          factory app      00 00 00010000 00100000
+I (90) boot: End of partition table
+I (94) boot_comm: chip revision: 1, min. application chip revision: 0
+I (101) esp_image: segment 0: paddr=00010020 vaddr=3f400020 size=12bf4h ( 76788) map
+I (137) esp_image: segment 1: paddr=00022c1c vaddr=3ffb0000 size=02420h (  9248) load
+I (141) esp_image: segment 2: paddr=00025044 vaddr=40080000 size=0afd4h ( 45012) load
+I (161) esp_image: segment 3: paddr=00030020 vaddr=400d0020 size=33148h (209224) map
+I (237) esp_image: segment 4: paddr=00063170 vaddr=4008afd4 size=00550h (  1360) load
+I (238) esp_image: segment 5: paddr=000636c8 vaddr=50000000 size=00010h (    16) load
+I (249) boot: Loaded app from partition at offset 0x10000
+I (249) boot: Disabling RNG early entropy source...
+I (266) cpu_start: Pro cpu up.
+I (266) cpu_start: Starting app cpu, entry point is 0x40081098
+0x40081098: call_start_cpu1 at /mnt/c/SysGCC/esp32/esp-idf/v4.4.2/components/esp_system/port/cpu_start.c:160
+
+I (0) cpu_start: App cpu up.
+I (280) cpu_start: Pro cpu start user code
+I (280) cpu_start: cpu freq: 240000000
+I (280) cpu_start: Application information:
+I (285) cpu_start: Project name:     wolfssl_benchmark
+I (291) cpu_start: App version:      v5.5.3-stable-108-gbd7b442df-di
+I (298) cpu_start: Compile time:     Nov 17 2022 14:10:03
+I (304) cpu_start: ELF file SHA256:  fbb520f5bbf963a0...
+I (310) cpu_start: ESP-IDF:          v4.4.2-dirty
+I (316) heap_init: Initializing. RAM available for dynamic allocation:
+I (323) heap_init: At 3FFAE6E0 len 00001920 (6 KiB): DRAM
+I (329) heap_init: At 3FFB3DE8 len 0002C218 (176 KiB): DRAM
+I (335) heap_init: At 3FFE0440 len 00003AE0 (14 KiB): D/IRAM
+I (341) heap_init: At 3FFE4350 len 0001BCB0 (111 KiB): D/IRAM
+I (348) heap_init: At 4008B524 len 00014ADC (82 KiB): IRAM
+I (355) spi_flash: detected chip: generic
+I (359) spi_flash: flash io: dio
+W (362) spi_flash: Detected size(4096k) larger than the size in the binary image header(2048k). Using the size in the binary image header.
+I (377) cpu_start: Starting scheduler on PRO CPU.
+I (0) cpu_start: Starting scheduler on APP CPU.
+I (391) wolfssl_benchmark: app_main CONFIG_BENCH_ARGV = -lng 0
+I (397) wolfssl_benchmark: construct_argv arg:-lng 0
+
+------------------------------------------------------------------------------
+ wolfSSL version 5.5.3
+------------------------------------------------------------------------------
+wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
+RNG                          1 MiB took 1.017 seconds,    1.320 MiB/s
+AES-128-CBC-enc              6 MiB took 1.002 seconds,    5.726 MiB/s
+AES-128-CBC-dec              5 MiB took 1.000 seconds,    5.347 MiB/s
+AES-192-CBC-enc              6 MiB took 1.004 seconds,    5.714 MiB/s
+AES-192-CBC-dec              5 MiB took 1.001 seconds,    5.341 MiB/s
+AES-256-CBC-enc              6 MiB took 1.000 seconds,    5.713 MiB/s
+AES-256-CBC-dec              5 MiB took 1.002 seconds,    5.336 MiB/s
+AES-128-GCM-enc            300 KiB took 1.004 seconds,  298.805 KiB/s
+AES-128-GCM-dec            300 KiB took 1.004 seconds,  298.805 KiB/s
+AES-192-GCM-enc            300 KiB took 1.007 seconds,  297.915 KiB/s
+AES-192-GCM-dec            300 KiB took 1.008 seconds,  297.619 KiB/s
+AES-256-GCM-enc            300 KiB took 1.011 seconds,  296.736 KiB/s
+AES-256-GCM-dec            300 KiB took 1.011 seconds,  296.736 KiB/s
+GMAC Default               403 KiB took 1.002 seconds,  402.196 KiB/s
+3DES                       450 KiB took 1.028 seconds,  437.743 KiB/s
+MD5                         14 MiB took 1.001 seconds,   13.756 MiB/s
+SHA                         14 MiB took 1.001 seconds,   14.463 MiB/s
+SHA-256                     14 MiB took 1.000 seconds,   14.233 MiB/s
+SHA-512                     17 MiB took 1.000 seconds,   16.626 MiB/s
+HMAC-MD5                    14 MiB took 1.000 seconds,   13.599 MiB/s
+HMAC-SHA                    14 MiB took 1.000 seconds,   13.989 MiB/s
+HMAC-SHA256                 14 MiB took 1.000 seconds,   13.940 MiB/s
+HMAC-SHA512                 16 MiB took 1.000 seconds,   16.064 MiB/s
+PBKDF2                     640 bytes took 1.009 seconds,  634.291 bytes/s
+RSA     2048   public        52 ops took 1.022 sec, avg 19.654 ms, 50.881 ops/sec
+RSA     2048  private         4 ops took 1.056 sec, avg 264.000 ms, 3.788 ops/sec
+ECC   [      SECP256R1]   256  key gen         4 ops took 1.216 sec, avg 304.000 ms, 3.289 ops/sec
+ECDHE [      SECP256R1]   256    agree         4 ops took 1.215 sec, avg 303.750 ms, 3.292 ops/sec
+ECDSA [      SECP256R1]   256     sign         4 ops took 1.226 sec, avg 306.500 ms, 3.263 ops/sec
+ECDSA [      SECP256R1]   256   verify         2 ops took 1.172 sec, avg 586.000 ms, 1.706 ops/sec
+CURVE  25519  key gen         3 ops took 1.279 sec, avg 426.333 ms, 2.346 ops/sec
+CURVE  25519    agree         4 ops took 1.701 sec, avg 425.250 ms, 2.352 ops/sec
+ED     25519  key gen        46 ops took 1.008 sec, avg 21.913 ms, 45.635 ops/sec
+ED     25519     sign        42 ops took 1.038 sec, avg 24.714 ms, 40.462 ops/sec
+ED     25519   verify        26 ops took 1.009 sec, avg 38.808 ms, 25.768 ops/sec
+Benchmark complete
+```
+
+## Known Issues and Common Issues
+
+### Permission denied
+
+Delete project directory `build`, `.visualgdb` and `.vs` directories. Ensure no other build
+process is using the same files in Windows, WSL, Visual Studio, VSCode, etc.
+
+Example message:
+
+```
+-- Building ESP-IDF components for target esp32
+CMake Error at /mnt/c/SysGCC/esp32/esp-idf/v4.4.2/tools/cmake/component.cmake:131 (file):
+  file failed to open for writing (Permission denied):
+
+    /mnt/c/workspace-pr/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/build/bootloader/component_properties.temp.cmake
+```
+
+
+### user_settings.h: No such file or directory
+
+Ensure wolfSSL is installed in the ESP-IDF or local project `components` directory.
+
+Example message:
+
+```
+ esp-idf/main/CMakeFiles/__idf_main.dir/main.c.obj   -c ../main/main.c
+../main/main.c:27:10: fatal error: user_settings.h: No such file or directory
+ #include <user_settings.h>
+          ^~~~~~~~~~~~~~~~~
+compilation terminated.
+```
+
+A 'clean` may be needed after freshly installing a new component:
+
+```
+idf.py clean build  flash -p /dev/ttyS7 -b 115200 monitor
+```
+
+See the README.md file in the upper level 'examples' directory for [more information about examples](../README.md).
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v4.4_ESP32.sln
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v4.4_ESP32.sln
@@ -0,0 +1,58 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 16
+VisualStudioVersion = 16.0.33027.164
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{803FD0C6-D64E-4E16-9DC3-1DAEC859A3D2}") = "wolfssl_benchmark", "wolfssl_benchmark_IDF_v4.4_ESP32.vgdbproj", "{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}"
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{51FEFEA9-C2BA-43A1-8B36-9140367E5AAF}"
+	ProjectSection(SolutionItems) = preProject
+		..\..\..\..\..\..\wolfcrypt\benchmark\benchmark.c = ..\..\..\..\..\..\wolfcrypt\benchmark\benchmark.c
+		..\..\..\..\..\..\wolfcrypt\benchmark\benchmark.h = ..\..\..\..\..\..\wolfcrypt\benchmark\benchmark.h
+		..\sdkconfig.defaults = ..\sdkconfig.defaults
+	EndProjectSection
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "wolfssl", "wolfssl", "{E0C1A3C6-D2E2-4E10-890C-3468B1B8834C}"
+	ProjectSection(SolutionItems) = preProject
+		..\components\wolfssl\CMakeLists.txt = ..\components\wolfssl\CMakeLists.txt
+		..\components\wolfssl\component.mk = ..\components\wolfssl\component.mk
+		..\..\..\..\..\..\wolfcrypt\src\sha.c = ..\..\..\..\..\..\wolfcrypt\src\sha.c
+		..\..\..\..\..\..\wolfcrypt\src\sha256.c = ..\..\..\..\..\..\wolfcrypt\src\sha256.c
+		..\..\..\..\..\..\wolfcrypt\src\sha3.c = ..\..\..\..\..\..\wolfcrypt\src\sha3.c
+		..\..\..\..\..\..\wolfcrypt\src\sha512.c = ..\..\..\..\..\..\wolfcrypt\src\sha512.c
+	EndProjectSection
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "include", "include", "{530960D7-4FAB-4683-9C83-35ADE6C00358}"
+	ProjectSection(SolutionItems) = preProject
+		..\components\wolfssl\include\config.h = ..\components\wolfssl\include\config.h
+		..\components\wolfssl\include\user_settings.h = ..\components\wolfssl\include\user_settings.h
+	EndProjectSection
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|VisualGDB = Debug|VisualGDB
+		Release|VisualGDB = Release|VisualGDB
+		Tests (Debug)|VisualGDB = Tests (Debug)|VisualGDB
+		Tests (Release)|VisualGDB = Tests (Release)|VisualGDB
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Debug|VisualGDB.ActiveCfg = Debug|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Debug|VisualGDB.Build.0 = Debug|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Release|VisualGDB.ActiveCfg = Release|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Release|VisualGDB.Build.0 = Release|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Debug)|VisualGDB.ActiveCfg = Tests (Debug)|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Debug)|VisualGDB.Build.0 = Tests (Debug)|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Release)|VisualGDB.ActiveCfg = Tests (Release)|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Release)|VisualGDB.Build.0 = Tests (Release)|VisualGDB
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(NestedProjects) = preSolution
+		{E0C1A3C6-D2E2-4E10-890C-3468B1B8834C} = {51FEFEA9-C2BA-43A1-8B36-9140367E5AAF}
+		{530960D7-4FAB-4683-9C83-35ADE6C00358} = {E0C1A3C6-D2E2-4E10-890C-3468B1B8834C}
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {668EEFC0-010C-4688-916F-A628190717D4}
+	EndGlobalSection
+EndGlobal
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v4.4_ESP32.vgdbproj
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v4.4_ESP32.vgdbproj
@@ -0,0 +1,269 @@
+<?xml version="1.0"?>
+<VisualGDBProjectSettings2 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+  <Project xsi:type="com.visualgdb.project.external.esp-idf">
+    <CustomSourceDirectories>
+      <Directories />
+      <PathStyle>Unknown</PathStyle>
+    </CustomSourceDirectories>
+    <AutoProgramSPIFFSPartition>true</AutoProgramSPIFFSPartition>
+    <ProjectModeSettings>
+      <ProjectGUID>7bbd1486-d457-4e49-92ba-0cfc9d80849e</ProjectGUID>
+      <GroupSourcesByTypes>true</GroupSourcesByTypes>
+      <GroupSourcesByPaths>true</GroupSourcesByPaths>
+      <HeaderScanMode>SourceDirs</HeaderScanMode>
+    </ProjectModeSettings>
+  </Project>
+  <Build xsi:type="com.visualgdb.build.cmake">
+    <BuildLogMode xsi:nil="true" />
+    <ToolchainID>
+      <ID>com.visualgdb.xtensa-esp32-elf</ID>
+      <Version>
+        <GCC>8.4.0</GCC>
+        <GDB>8.1.0</GDB>
+        <Revision>9</Revision>
+      </Version>
+    </ToolchainID>
+    <RelativeSourceDirectory>..</RelativeSourceDirectory>
+    <ConfigurationType>DEBUG</ConfigurationType>
+    <BinaryDirectory>build/$(PlatformName)/$(ConfigurationName)</BinaryDirectory>
+    <MakeCommandTemplate>
+      <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+      <Command>$(ToolchainNinja)</Command>
+      <WorkingDirectory>$(BuildDir)</WorkingDirectory>
+      <BackgroundMode xsi:nil="true" />
+    </MakeCommandTemplate>
+    <CMakeCommand>
+      <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+      <Command>$(SYSPROGS_CMAKE_PATH)</Command>
+      <BackgroundMode xsi:nil="true" />
+    </CMakeCommand>
+    <UpdateSourcesInCMakeFile>true</UpdateSourcesInCMakeFile>
+    <ExportCompileCommands>false</ExportCompileCommands>
+    <DisableToolchainFile>false</DisableToolchainFile>
+    <CMakeMakefileType>Ninja</CMakeMakefileType>
+    <DeployAsRoot>false</DeployAsRoot>
+    <CMakeCleanMode>RemoveBuildDirectory</CMakeCleanMode>
+    <UseCCache>false</UseCCache>
+    <ProjectModeSettings>
+      <ProjectItemSettings>
+        <GroupSourcesByTypes>true</GroupSourcesByTypes>
+        <GroupSourcesByPaths>true</GroupSourcesByPaths>
+        <GroupTargetsByPaths>true</GroupTargetsByPaths>
+        <FollowCMakeSourceGroups>false</FollowCMakeSourceGroups>
+        <AutoRefreshProject>true</AutoRefreshProject>
+        <AlwaysConsiderOutdated>false</AlwaysConsiderOutdated>
+        <SortTargetsByName>true</SortTargetsByName>
+        <RedundantTargetMode>HideOuterProjectTargets</RedundantTargetMode>
+        <SortSourcesByName>true</SortSourcesByName>
+        <BuildAllTargetsInSubdir>false</BuildAllTargetsInSubdir>
+        <FoldSingleItemPathLevels>true</FoldSingleItemPathLevels>
+      </ProjectItemSettings>
+      <TargetSpecificSettings />
+      <SetLDLibraryPathFromDependentArtifacts>true</SetLDLibraryPathFromDependentArtifacts>
+      <ProjectGUID>eadcc9ab-72b3-4b51-a838-593e5d80ddf7</ProjectGUID>
+      <VirtualFolders />
+      <ConfigurationNameCase>Upper</ConfigurationNameCase>
+      <DefaultHeaderDiscoveryMode>HeaderDirectoryAndSubdirectories</DefaultHeaderDiscoveryMode>
+      <EnableFastUpToDateCheck>true</EnableFastUpToDateCheck>
+      <ESPIDFExtension>
+        <IDFCheckout>
+          <Version>v4.4.1</Version>
+          <Subdirectory>esp-idf/v4.4.1</Subdirectory>
+          <Type>ESPIDF</Type>
+        </IDFCheckout>
+        <COMPort>COM20</COMPort>
+        <SuppressTestPrerequisiteChecks>false</SuppressTestPrerequisiteChecks>
+        <UseCCache>false</UseCCache>
+        <DeviceID>ESP32</DeviceID>
+      </ESPIDFExtension>
+    </ProjectModeSettings>
+  </Build>
+  <CustomBuild>
+    <PreSyncActions />
+    <PreBuildActions />
+    <PostBuildActions />
+    <PreCleanActions />
+    <PostCleanActions />
+  </CustomBuild>
+  <CustomDebug>
+    <PreDebugActions />
+    <PostDebugActions />
+    <DebugStopActions />
+    <BreakMode>Default</BreakMode>
+  </CustomDebug>
+  <DeviceTerminalSettings>
+    <Connection xsi:type="com.sysprogs.terminal.connection.serial">
+      <ComPortName>COM20</ComPortName>
+      <AdvancedSettings>
+        <BaudRate>115200</BaudRate>
+        <DataBits>8</DataBits>
+        <Parity>None</Parity>
+        <StopBits>One</StopBits>
+        <FlowControl>None</FlowControl>
+      </AdvancedSettings>
+    </Connection>
+    <LastConnectionTime>0</LastConnectionTime>
+    <EchoTypedCharacters>false</EchoTypedCharacters>
+    <ClearContentsWhenReconnecting>false</ClearContentsWhenReconnecting>
+    <ReconnectAutomatically>false</ReconnectAutomatically>
+    <DisplayMode>ASCII</DisplayMode>
+    <Colors>
+      <Background>
+        <Alpha>255</Alpha>
+        <Red>0</Red>
+        <Green>0</Green>
+        <Blue>0</Blue>
+      </Background>
+      <Disconnected>
+        <Alpha>255</Alpha>
+        <Red>169</Red>
+        <Green>169</Green>
+        <Blue>169</Blue>
+      </Disconnected>
+      <Text>
+        <Alpha>255</Alpha>
+        <Red>211</Red>
+        <Green>211</Green>
+        <Blue>211</Blue>
+      </Text>
+      <Echo>
+        <Alpha>255</Alpha>
+        <Red>144</Red>
+        <Green>238</Green>
+        <Blue>144</Blue>
+      </Echo>
+      <Inactive>
+        <Alpha>255</Alpha>
+        <Red>169</Red>
+        <Green>169</Green>
+        <Blue>169</Blue>
+      </Inactive>
+    </Colors>
+    <HexSettings>
+      <MaximumBytesPerLine>16</MaximumBytesPerLine>
+      <ShowTextView>true</ShowTextView>
+      <BreaksAroundEcho>true</BreaksAroundEcho>
+      <AutoSend>true</AutoSend>
+      <SendAsHex>true</SendAsHex>
+      <TimeoutForAutoBreak>0</TimeoutForAutoBreak>
+    </HexSettings>
+    <LineEnding>LF</LineEnding>
+    <TreatLFAsCRLF>false</TreatLFAsCRLF>
+    <KeepOpenAfterExit>false</KeepOpenAfterExit>
+    <ShowAfterProgramming>false</ShowAfterProgramming>
+  </DeviceTerminalSettings>
+  <CustomShortcuts>
+    <Shortcuts />
+    <ShowMessageAfterExecuting>true</ShowMessageAfterExecuting>
+  </CustomShortcuts>
+  <UserDefinedVariables />
+  <ImportedPropertySheets />
+  <CodeSense>
+    <Enabled>Unknown</Enabled>
+    <ExtraSettings>
+      <HideErrorsInSystemHeaders>true</HideErrorsInSystemHeaders>
+      <SupportLightweightReferenceAnalysis>true</SupportLightweightReferenceAnalysis>
+      <CheckForClangFormatFiles>true</CheckForClangFormatFiles>
+      <FormattingEngine xsi:nil="true" />
+    </ExtraSettings>
+    <CodeAnalyzerSettings>
+      <Enabled>false</Enabled>
+    </CodeAnalyzerSettings>
+  </CodeSense>
+  <Configurations>
+    <VisualGDBConfiguration>
+      <Name>Debug</Name>
+      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+    </VisualGDBConfiguration>
+    <VisualGDBConfiguration>
+      <Name>Release</Name>
+      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+    </VisualGDBConfiguration>
+  </Configurations>
+  <ProgramArgumentsSuggestions />
+  <Debug xsi:type="com.visualgdb.debug.embedded">
+    <AdditionalStartupCommands />
+    <AdditionalGDBSettings>
+      <Features>
+        <DisableAutoDetection>false</DisableAutoDetection>
+        <UseFrameParameter>false</UseFrameParameter>
+        <SimpleValuesFlagSupported>false</SimpleValuesFlagSupported>
+        <ListLocalsSupported>false</ListLocalsSupported>
+        <ByteLevelMemoryCommandsAvailable>false</ByteLevelMemoryCommandsAvailable>
+        <ThreadInfoSupported>false</ThreadInfoSupported>
+        <PendingBreakpointsSupported>false</PendingBreakpointsSupported>
+        <SupportTargetCommand>false</SupportTargetCommand>
+        <ReliableBreakpointNotifications>false</ReliableBreakpointNotifications>
+      </Features>
+      <EnableSmartStepping>false</EnableSmartStepping>
+      <FilterSpuriousStoppedNotifications>false</FilterSpuriousStoppedNotifications>
+      <ForceSingleThreadedMode>false</ForceSingleThreadedMode>
+      <UseAppleExtensions>false</UseAppleExtensions>
+      <CanAcceptCommandsWhileRunning>false</CanAcceptCommandsWhileRunning>
+      <MakeLogFile>false</MakeLogFile>
+      <IgnoreModuleEventsWhileStepping>true</IgnoreModuleEventsWhileStepping>
+      <UseRelativePathsOnly>false</UseRelativePathsOnly>
+      <ExitAction>None</ExitAction>
+      <DisableDisassembly>false</DisableDisassembly>
+      <ExamineMemoryWithXCommand>false</ExamineMemoryWithXCommand>
+      <StepIntoNewInstanceEntry>app_main</StepIntoNewInstanceEntry>
+      <ExamineRegistersInRawFormat>true</ExamineRegistersInRawFormat>
+      <DisableSignals>false</DisableSignals>
+      <EnableAsyncExecutionMode>false</EnableAsyncExecutionMode>
+      <AsyncModeSupportsBreakpoints>true</AsyncModeSupportsBreakpoints>
+      <TemporaryBreakConsolidationTimeout>0</TemporaryBreakConsolidationTimeout>
+      <EnableNonStopMode>false</EnableNonStopMode>
+      <MaxBreakpointLimit>0</MaxBreakpointLimit>
+      <EnableVerboseMode>true</EnableVerboseMode>
+      <EnablePrettyPrinters>false</EnablePrettyPrinters>
+    </AdditionalGDBSettings>
+    <DebugMethod>
+      <ID>openocd</ID>
+      <Configuration xsi:type="com.visualgdb.edp.openocd.settings.esp32">
+        <CommandLine>-f interface/ftdi/tigard.cfg -c "adapter_khz 15000" -f target/esp32.cfg</CommandLine>
+        <ExtraParameters>
+          <Frequency xsi:nil="true" />
+          <BoostedFrequency xsi:nil="true" />
+          <ConnectUnderReset>false</ConnectUnderReset>
+        </ExtraParameters>
+        <LoadProgressGUIThreshold>131072</LoadProgressGUIThreshold>
+        <ProgramMode>Enabled</ProgramMode>
+        <StartupCommands>
+          <string>set remotetimeout 60</string>
+          <string>target remote :$$SYS:GDB_PORT$$</string>
+          <string>mon gdb_breakpoint_override hard</string>
+          <string>mon reset halt</string>
+          <string>load</string>
+        </StartupCommands>
+        <ProgramFLASHUsingExternalTool>false</ProgramFLASHUsingExternalTool>
+        <PreferredGDBPort>0</PreferredGDBPort>
+        <PreferredTelnetPort>0</PreferredTelnetPort>
+        <AlwaysPassSerialNumber>false</AlwaysPassSerialNumber>
+        <SelectedCoreIndex xsi:nil="true" />
+        <LiveMemoryTimeout>5000</LiveMemoryTimeout>
+        <SuggestionLogicRevision>1</SuggestionLogicRevision>
+        <CheckFLASHSize>true</CheckFLASHSize>
+        <FLASHSettings>
+          <Size>size2MB</Size>
+          <Frequency>freq40M</Frequency>
+          <Mode>DIO</Mode>
+        </FLASHSettings>
+        <PatchBootloader>true</PatchBootloader>
+      </Configuration>
+    </DebugMethod>
+    <AutoDetectRTOS>true</AutoDetectRTOS>
+    <SemihostingSupport>Disabled</SemihostingSupport>
+    <SemihostingPollingDelay>0</SemihostingPollingDelay>
+    <StepIntoEntryPoint>false</StepIntoEntryPoint>
+    <ReloadFirmwareOnReset>false</ReloadFirmwareOnReset>
+    <ValidateEndOfStackAddress>true</ValidateEndOfStackAddress>
+    <StopAtEntryPoint>false</StopAtEntryPoint>
+    <EnableVirtualHalts>false</EnableVirtualHalts>
+    <DynamicAnalysisSettings />
+    <EndOfStackSymbol>_estack</EndOfStackSymbol>
+    <TimestampProviderTicksPerSecond>0</TimestampProviderTicksPerSecond>
+    <KeepConsoleAfterExit>false</KeepConsoleAfterExit>
+    <UnusedStackFillPattern xsi:nil="true" />
+    <CheckInterfaceDrivers>true</CheckInterfaceDrivers>
+  </Debug>
+</VisualGDBProjectSettings2>
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v5_ESP32.sln
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v5_ESP32.sln
@@ -0,0 +1,59 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 17
+VisualStudioVersion = 17.5.33516.290
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{803FD0C6-D64E-4E16-9DC3-1DAEC859A3D2}") = "wolfssl_benchmark_IDF_v5_ESP32", "wolfssl_benchmark_IDF_v5_ESP32.vgdbproj", "{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}"
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "wolfssl", "wolfssl", "{BDD063E3-67C1-437F-9F9B-7175E36EE6EE}"
+	ProjectSection(SolutionItems) = preProject
+		..\components\wolfssl\CMakeLists.txt = ..\components\wolfssl\CMakeLists.txt
+		..\components\wolfssl\include\config.h = ..\components\wolfssl\include\config.h
+		..\components\wolfssl\Kconfig = ..\components\wolfssl\Kconfig
+		..\components\wolfssl\include\user_settings.h = ..\components\wolfssl\include\user_settings.h
+	EndProjectSection
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{E25A35EF-64B9-48AA-939B-49340C2A4B03}"
+	ProjectSection(SolutionItems) = preProject
+		..\sdkconfig = ..\sdkconfig
+		..\build\VisualGDB\Debug\config\sdkconfig.h = ..\build\VisualGDB\Debug\config\sdkconfig.h
+	EndProjectSection
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "wolfcrypt", "wolfcrypt", "{68571B42-6509-475F-A79D-FB5F6188753B}"
+	ProjectSection(SolutionItems) = preProject
+		..\..\..\..\..\..\wolfssl\wolfcrypt\port\Espressif\esp32-crypt.h = ..\..\..\..\..\..\wolfssl\wolfcrypt\port\Espressif\esp32-crypt.h
+		..\..\..\..\..\..\wolfcrypt\src\port\Espressif\esp32_aes.c = ..\..\..\..\..\..\wolfcrypt\src\port\Espressif\esp32_aes.c
+		..\..\..\..\..\..\wolfcrypt\src\port\Espressif\esp32_mp.c = ..\..\..\..\..\..\wolfcrypt\src\port\Espressif\esp32_mp.c
+		..\..\..\..\..\..\wolfcrypt\src\port\Espressif\esp32_sha.c = ..\..\..\..\..\..\wolfcrypt\src\port\Espressif\esp32_sha.c
+		..\..\..\..\..\..\wolfcrypt\src\port\Espressif\esp32_util.c = ..\..\..\..\..\..\wolfcrypt\src\port\Espressif\esp32_util.c
+		..\..\..\..\..\..\wolfcrypt\src\port\Espressif\README.md = ..\..\..\..\..\..\wolfcrypt\src\port\Espressif\README.md
+	EndProjectSection
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|VisualGDB = Debug|VisualGDB
+		Release|VisualGDB = Release|VisualGDB
+		Tests (Debug)|VisualGDB = Tests (Debug)|VisualGDB
+		Tests (Release)|VisualGDB = Tests (Release)|VisualGDB
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Debug|VisualGDB.ActiveCfg = Debug|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Debug|VisualGDB.Build.0 = Debug|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Release|VisualGDB.ActiveCfg = Release|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Release|VisualGDB.Build.0 = Release|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Debug)|VisualGDB.ActiveCfg = Tests (Debug)|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Debug)|VisualGDB.Build.0 = Tests (Debug)|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Release)|VisualGDB.ActiveCfg = Tests (Release)|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Release)|VisualGDB.Build.0 = Tests (Release)|VisualGDB
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(NestedProjects) = preSolution
+		{BDD063E3-67C1-437F-9F9B-7175E36EE6EE} = {E25A35EF-64B9-48AA-939B-49340C2A4B03}
+		{68571B42-6509-475F-A79D-FB5F6188753B} = {E25A35EF-64B9-48AA-939B-49340C2A4B03}
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {DED328BF-3A3C-47F4-A536-4554945B865B}
+	EndGlobalSection
+EndGlobal
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v5_ESP32.vgdbproj
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v5_ESP32.vgdbproj
@@ -0,0 +1,269 @@
+<?xml version="1.0"?>
+<VisualGDBProjectSettings2 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+  <Project xsi:type="com.visualgdb.project.external.esp-idf">
+    <CustomSourceDirectories>
+      <Directories />
+      <PathStyle>Unknown</PathStyle>
+    </CustomSourceDirectories>
+    <AutoProgramSPIFFSPartition>true</AutoProgramSPIFFSPartition>
+    <ProjectModeSettings>
+      <ProjectGUID>7bbd1486-d457-4e49-92ba-0cfc9d80849e</ProjectGUID>
+      <GroupSourcesByTypes>true</GroupSourcesByTypes>
+      <GroupSourcesByPaths>true</GroupSourcesByPaths>
+      <HeaderScanMode>SourceDirs</HeaderScanMode>
+    </ProjectModeSettings>
+  </Project>
+  <Build xsi:type="com.visualgdb.build.cmake">
+    <BuildLogMode xsi:nil="true" />
+    <ToolchainID>
+      <ID>com.visualgdb.xtensa-esp32-elf</ID>
+      <Version>
+        <GCC>11.2.0</GCC>
+        <GDB>9.2.90</GDB>
+        <Revision>2</Revision>
+      </Version>
+    </ToolchainID>
+    <RelativeSourceDirectory>..</RelativeSourceDirectory>
+    <ConfigurationType>DEBUG</ConfigurationType>
+    <BinaryDirectory>build/$(PlatformName)/$(ConfigurationName)</BinaryDirectory>
+    <MakeCommandTemplate>
+      <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+      <Command>$(ToolchainNinja)</Command>
+      <WorkingDirectory>$(BuildDir)</WorkingDirectory>
+      <BackgroundMode xsi:nil="true" />
+    </MakeCommandTemplate>
+    <CMakeCommand>
+      <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+      <Command>$(SYSPROGS_CMAKE_PATH)</Command>
+      <BackgroundMode xsi:nil="true" />
+    </CMakeCommand>
+    <UpdateSourcesInCMakeFile>true</UpdateSourcesInCMakeFile>
+    <ExportCompileCommands>false</ExportCompileCommands>
+    <DisableToolchainFile>false</DisableToolchainFile>
+    <CMakeMakefileType>Ninja</CMakeMakefileType>
+    <DeployAsRoot>false</DeployAsRoot>
+    <CMakeCleanMode>RemoveBuildDirectory</CMakeCleanMode>
+    <UseCCache>false</UseCCache>
+    <ProjectModeSettings>
+      <ProjectItemSettings>
+        <GroupSourcesByTypes>true</GroupSourcesByTypes>
+        <GroupSourcesByPaths>true</GroupSourcesByPaths>
+        <GroupTargetsByPaths>true</GroupTargetsByPaths>
+        <FollowCMakeSourceGroups>false</FollowCMakeSourceGroups>
+        <AutoRefreshProject>true</AutoRefreshProject>
+        <AlwaysConsiderOutdated>false</AlwaysConsiderOutdated>
+        <SortTargetsByName>true</SortTargetsByName>
+        <RedundantTargetMode>HideOuterProjectTargets</RedundantTargetMode>
+        <SortSourcesByName>true</SortSourcesByName>
+        <BuildAllTargetsInSubdir>false</BuildAllTargetsInSubdir>
+        <FoldSingleItemPathLevels>true</FoldSingleItemPathLevels>
+      </ProjectItemSettings>
+      <TargetSpecificSettings />
+      <SetLDLibraryPathFromDependentArtifacts>true</SetLDLibraryPathFromDependentArtifacts>
+      <ProjectGUID>eadcc9ab-72b3-4b51-a838-593e5d80ddf7</ProjectGUID>
+      <VirtualFolders />
+      <ConfigurationNameCase>Upper</ConfigurationNameCase>
+      <DefaultHeaderDiscoveryMode>HeaderDirectoryAndSubdirectories</DefaultHeaderDiscoveryMode>
+      <EnableFastUpToDateCheck>true</EnableFastUpToDateCheck>
+      <ESPIDFExtension>
+        <IDFCheckout>
+          <Version>release/v5.0</Version>
+          <Subdirectory>esp-idf/v5.0</Subdirectory>
+          <Type>ESPIDF</Type>
+        </IDFCheckout>
+        <COMPort>COM20</COMPort>
+        <SuppressTestPrerequisiteChecks>false</SuppressTestPrerequisiteChecks>
+        <UseCCache>false</UseCCache>
+        <DeviceID>ESP32</DeviceID>
+      </ESPIDFExtension>
+    </ProjectModeSettings>
+  </Build>
+  <CustomBuild>
+    <PreSyncActions />
+    <PreBuildActions />
+    <PostBuildActions />
+    <PreCleanActions />
+    <PostCleanActions />
+  </CustomBuild>
+  <CustomDebug>
+    <PreDebugActions />
+    <PostDebugActions />
+    <DebugStopActions />
+    <BreakMode>Default</BreakMode>
+  </CustomDebug>
+  <DeviceTerminalSettings>
+    <Connection xsi:type="com.sysprogs.terminal.connection.serial">
+      <ComPortName>COM9</ComPortName>
+      <AdvancedSettings>
+        <BaudRate>115200</BaudRate>
+        <DataBits>8</DataBits>
+        <Parity>None</Parity>
+        <StopBits>One</StopBits>
+        <FlowControl>None</FlowControl>
+      </AdvancedSettings>
+    </Connection>
+    <LastConnectionTime>0</LastConnectionTime>
+    <EchoTypedCharacters>false</EchoTypedCharacters>
+    <ClearContentsWhenReconnecting>false</ClearContentsWhenReconnecting>
+    <ReconnectAutomatically>false</ReconnectAutomatically>
+    <DisplayMode>ASCII</DisplayMode>
+    <Colors>
+      <Background>
+        <Alpha>255</Alpha>
+        <Red>0</Red>
+        <Green>0</Green>
+        <Blue>0</Blue>
+      </Background>
+      <Disconnected>
+        <Alpha>255</Alpha>
+        <Red>169</Red>
+        <Green>169</Green>
+        <Blue>169</Blue>
+      </Disconnected>
+      <Text>
+        <Alpha>255</Alpha>
+        <Red>211</Red>
+        <Green>211</Green>
+        <Blue>211</Blue>
+      </Text>
+      <Echo>
+        <Alpha>255</Alpha>
+        <Red>144</Red>
+        <Green>238</Green>
+        <Blue>144</Blue>
+      </Echo>
+      <Inactive>
+        <Alpha>255</Alpha>
+        <Red>169</Red>
+        <Green>169</Green>
+        <Blue>169</Blue>
+      </Inactive>
+    </Colors>
+    <HexSettings>
+      <MaximumBytesPerLine>16</MaximumBytesPerLine>
+      <ShowTextView>true</ShowTextView>
+      <BreaksAroundEcho>true</BreaksAroundEcho>
+      <AutoSend>true</AutoSend>
+      <SendAsHex>true</SendAsHex>
+      <TimeoutForAutoBreak>0</TimeoutForAutoBreak>
+    </HexSettings>
+    <LineEnding>LF</LineEnding>
+    <TreatLFAsCRLF>false</TreatLFAsCRLF>
+    <KeepOpenAfterExit>false</KeepOpenAfterExit>
+    <ShowAfterProgramming>false</ShowAfterProgramming>
+  </DeviceTerminalSettings>
+  <CustomShortcuts>
+    <Shortcuts />
+    <ShowMessageAfterExecuting>true</ShowMessageAfterExecuting>
+  </CustomShortcuts>
+  <UserDefinedVariables />
+  <ImportedPropertySheets />
+  <CodeSense>
+    <Enabled>Unknown</Enabled>
+    <ExtraSettings>
+      <HideErrorsInSystemHeaders>true</HideErrorsInSystemHeaders>
+      <SupportLightweightReferenceAnalysis>true</SupportLightweightReferenceAnalysis>
+      <CheckForClangFormatFiles>true</CheckForClangFormatFiles>
+      <FormattingEngine xsi:nil="true" />
+    </ExtraSettings>
+    <CodeAnalyzerSettings>
+      <Enabled>false</Enabled>
+    </CodeAnalyzerSettings>
+  </CodeSense>
+  <Configurations>
+    <VisualGDBConfiguration>
+      <Name>Debug</Name>
+      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+    </VisualGDBConfiguration>
+    <VisualGDBConfiguration>
+      <Name>Release</Name>
+      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+    </VisualGDBConfiguration>
+  </Configurations>
+  <ProgramArgumentsSuggestions />
+  <Debug xsi:type="com.visualgdb.debug.embedded">
+    <AdditionalStartupCommands />
+    <AdditionalGDBSettings>
+      <Features>
+        <DisableAutoDetection>false</DisableAutoDetection>
+        <UseFrameParameter>false</UseFrameParameter>
+        <SimpleValuesFlagSupported>false</SimpleValuesFlagSupported>
+        <ListLocalsSupported>false</ListLocalsSupported>
+        <ByteLevelMemoryCommandsAvailable>false</ByteLevelMemoryCommandsAvailable>
+        <ThreadInfoSupported>false</ThreadInfoSupported>
+        <PendingBreakpointsSupported>false</PendingBreakpointsSupported>
+        <SupportTargetCommand>false</SupportTargetCommand>
+        <ReliableBreakpointNotifications>false</ReliableBreakpointNotifications>
+      </Features>
+      <EnableSmartStepping>false</EnableSmartStepping>
+      <FilterSpuriousStoppedNotifications>false</FilterSpuriousStoppedNotifications>
+      <ForceSingleThreadedMode>false</ForceSingleThreadedMode>
+      <UseAppleExtensions>false</UseAppleExtensions>
+      <CanAcceptCommandsWhileRunning>false</CanAcceptCommandsWhileRunning>
+      <MakeLogFile>false</MakeLogFile>
+      <IgnoreModuleEventsWhileStepping>true</IgnoreModuleEventsWhileStepping>
+      <UseRelativePathsOnly>false</UseRelativePathsOnly>
+      <ExitAction>None</ExitAction>
+      <DisableDisassembly>false</DisableDisassembly>
+      <ExamineMemoryWithXCommand>false</ExamineMemoryWithXCommand>
+      <StepIntoNewInstanceEntry>app_main</StepIntoNewInstanceEntry>
+      <ExamineRegistersInRawFormat>true</ExamineRegistersInRawFormat>
+      <DisableSignals>false</DisableSignals>
+      <EnableAsyncExecutionMode>false</EnableAsyncExecutionMode>
+      <AsyncModeSupportsBreakpoints>true</AsyncModeSupportsBreakpoints>
+      <TemporaryBreakConsolidationTimeout>0</TemporaryBreakConsolidationTimeout>
+      <EnableNonStopMode>false</EnableNonStopMode>
+      <MaxBreakpointLimit>0</MaxBreakpointLimit>
+      <EnableVerboseMode>true</EnableVerboseMode>
+      <EnablePrettyPrinters>false</EnablePrettyPrinters>
+    </AdditionalGDBSettings>
+    <DebugMethod>
+      <ID>openocd</ID>
+      <Configuration xsi:type="com.visualgdb.edp.openocd.settings.esp32">
+        <CommandLine>-f interface/ftdi/tigard.cfg -c "adapter_khz 15000" -f target/esp32.cfg</CommandLine>
+        <ExtraParameters>
+          <Frequency xsi:nil="true" />
+          <BoostedFrequency xsi:nil="true" />
+          <ConnectUnderReset>false</ConnectUnderReset>
+        </ExtraParameters>
+        <LoadProgressGUIThreshold>131072</LoadProgressGUIThreshold>
+        <ProgramMode>Enabled</ProgramMode>
+        <StartupCommands>
+          <string>set remotetimeout 60</string>
+          <string>target remote :$$SYS:GDB_PORT$$</string>
+          <string>mon gdb_breakpoint_override hard</string>
+          <string>mon reset halt</string>
+          <string>load</string>
+        </StartupCommands>
+        <ProgramFLASHUsingExternalTool>false</ProgramFLASHUsingExternalTool>
+        <PreferredGDBPort>0</PreferredGDBPort>
+        <PreferredTelnetPort>0</PreferredTelnetPort>
+        <AlwaysPassSerialNumber>false</AlwaysPassSerialNumber>
+        <SelectedCoreIndex xsi:nil="true" />
+        <LiveMemoryTimeout>5000</LiveMemoryTimeout>
+        <SuggestionLogicRevision>1</SuggestionLogicRevision>
+        <CheckFLASHSize>true</CheckFLASHSize>
+        <FLASHSettings>
+          <Size>size2MB</Size>
+          <Frequency>freq40M</Frequency>
+          <Mode>DIO</Mode>
+        </FLASHSettings>
+        <PatchBootloader>true</PatchBootloader>
+      </Configuration>
+    </DebugMethod>
+    <AutoDetectRTOS>true</AutoDetectRTOS>
+    <SemihostingSupport>Disabled</SemihostingSupport>
+    <SemihostingPollingDelay>0</SemihostingPollingDelay>
+    <StepIntoEntryPoint>false</StepIntoEntryPoint>
+    <ReloadFirmwareOnReset>false</ReloadFirmwareOnReset>
+    <ValidateEndOfStackAddress>true</ValidateEndOfStackAddress>
+    <StopAtEntryPoint>false</StopAtEntryPoint>
+    <EnableVirtualHalts>false</EnableVirtualHalts>
+    <DynamicAnalysisSettings />
+    <EndOfStackSymbol>_estack</EndOfStackSymbol>
+    <TimestampProviderTicksPerSecond>0</TimestampProviderTicksPerSecond>
+    <KeepConsoleAfterExit>false</KeepConsoleAfterExit>
+    <UnusedStackFillPattern xsi:nil="true" />
+    <CheckInterfaceDrivers>true</CheckInterfaceDrivers>
+  </Debug>
+</VisualGDBProjectSettings2>
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v5_ESP32C3.sln
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v5_ESP32C3.sln
@@ -0,0 +1,63 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 16
+VisualStudioVersion = 16.0.33027.164
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{803FD0C6-D64E-4E16-9DC3-1DAEC859A3D2}") = "wolfssl_benchmark_IDF_v5_ESP32C3", "wolfssl_benchmark_IDF_v5_ESP32C3.vgdbproj", "{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}"
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{68202294-86F7-471F-BBBF-47F6B3E3137C}"
+	ProjectSection(SolutionItems) = preProject
+		..\..\..\..\..\..\wolfcrypt\benchmark\benchmark.c = ..\..\..\..\..\..\wolfcrypt\benchmark\benchmark.c
+		..\..\..\..\..\..\wolfcrypt\benchmark\benchmark.h = ..\..\..\..\..\..\wolfcrypt\benchmark\benchmark.h
+		..\components\wolfssl\include\config.h = ..\components\wolfssl\include\config.h
+		..\components\wolfssl\include\user_settings.h = ..\components\wolfssl\include\user_settings.h
+	EndProjectSection
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "wolfcrypt", "wolfcrypt", "{35897992-1F28-4AB1-B432-7F7D76D61162}"
+	ProjectSection(SolutionItems) = preProject
+		..\..\..\..\..\..\wolfcrypt\src\sha.c = ..\..\..\..\..\..\wolfcrypt\src\sha.c
+		..\..\..\..\..\..\wolfssl\openssl\sha.h = ..\..\..\..\..\..\wolfssl\openssl\sha.h
+		..\..\..\..\..\..\wolfssl\wolfcrypt\sha.h = ..\..\..\..\..\..\wolfssl\wolfcrypt\sha.h
+		..\..\..\..\..\..\wolfcrypt\src\sha256.c = ..\..\..\..\..\..\wolfcrypt\src\sha256.c
+		..\..\..\..\..\..\wolfssl\wolfcrypt\sha256.h = ..\..\..\..\..\..\wolfssl\wolfcrypt\sha256.h
+		..\..\..\..\..\..\wolfcrypt\src\sha512.c = ..\..\..\..\..\..\wolfcrypt\src\sha512.c
+		..\..\..\..\..\..\wolfssl\wolfcrypt\sha512.h = ..\..\..\..\..\..\wolfssl\wolfcrypt\sha512.h
+	EndProjectSection
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Espressif Port", "Espressif Port", "{66DEEB01-9378-4714-9EF7-23A0CA65A996}"
+	ProjectSection(SolutionItems) = preProject
+		..\..\..\..\..\..\wolfssl\wolfcrypt\port\Espressif\esp32-crypt.h = ..\..\..\..\..\..\wolfssl\wolfcrypt\port\Espressif\esp32-crypt.h
+		..\..\..\..\..\..\wolfcrypt\src\port\Espressif\esp32_sha.c = ..\..\..\..\..\..\wolfcrypt\src\port\Espressif\esp32_sha.c
+	EndProjectSection
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "config", "config", "{3BA29EA8-68C5-4144-B471-33BA380C323E}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|VisualGDB = Debug|VisualGDB
+		Release|VisualGDB = Release|VisualGDB
+		Tests (Debug)|VisualGDB = Tests (Debug)|VisualGDB
+		Tests (Release)|VisualGDB = Tests (Release)|VisualGDB
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Debug|VisualGDB.ActiveCfg = Debug|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Debug|VisualGDB.Build.0 = Debug|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Release|VisualGDB.ActiveCfg = Release|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Release|VisualGDB.Build.0 = Release|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Debug)|VisualGDB.ActiveCfg = Tests (Debug)|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Debug)|VisualGDB.Build.0 = Tests (Debug)|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Release)|VisualGDB.ActiveCfg = Tests (Release)|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Release)|VisualGDB.Build.0 = Tests (Release)|VisualGDB
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(NestedProjects) = preSolution
+		{35897992-1F28-4AB1-B432-7F7D76D61162} = {68202294-86F7-471F-BBBF-47F6B3E3137C}
+		{66DEEB01-9378-4714-9EF7-23A0CA65A996} = {68202294-86F7-471F-BBBF-47F6B3E3137C}
+		{3BA29EA8-68C5-4144-B471-33BA380C323E} = {68202294-86F7-471F-BBBF-47F6B3E3137C}
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {8F3E87F6-73E7-446B-A5B7-ADB94756C9D4}
+	EndGlobalSection
+EndGlobal
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v5_ESP32C3.vgdbproj
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v5_ESP32C3.vgdbproj
@@ -0,0 +1,271 @@
+<?xml version="1.0"?>
+<VisualGDBProjectSettings2 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+  <Project xsi:type="com.visualgdb.project.external.esp-idf">
+    <CustomSourceDirectories>
+      <Directories />
+      <PathStyle>Unknown</PathStyle>
+    </CustomSourceDirectories>
+    <AutoProgramSPIFFSPartition>true</AutoProgramSPIFFSPartition>
+    <ProjectModeSettings>
+      <ProjectGUID>7bbd1486-d457-4e49-92ba-0cfc9d80849e</ProjectGUID>
+      <GroupSourcesByTypes>true</GroupSourcesByTypes>
+      <GroupSourcesByPaths>true</GroupSourcesByPaths>
+      <HeaderScanMode>SourceDirs</HeaderScanMode>
+    </ProjectModeSettings>
+  </Project>
+  <Build xsi:type="com.visualgdb.build.cmake">
+    <BuildLogMode xsi:nil="true" />
+    <ToolchainID>
+      <ID>com.visualgdb.xtensa-esp32-elf</ID>
+      <Version>
+        <GCC>11.2.0</GCC>
+        <GDB>9.2.90</GDB>
+        <Revision>2</Revision>
+      </Version>
+    </ToolchainID>
+    <RelativeSourceDirectory>..</RelativeSourceDirectory>
+    <ConfigurationType>DEBUG</ConfigurationType>
+    <BinaryDirectory>build/$(PlatformName)/$(ConfigurationName)</BinaryDirectory>
+    <MakeCommandTemplate>
+      <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+      <Command>$(ToolchainNinja)</Command>
+      <WorkingDirectory>$(BuildDir)</WorkingDirectory>
+      <BackgroundMode xsi:nil="true" />
+    </MakeCommandTemplate>
+    <CMakeCommand>
+      <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+      <Command>$(SYSPROGS_CMAKE_PATH)</Command>
+      <BackgroundMode xsi:nil="true" />
+    </CMakeCommand>
+    <UpdateSourcesInCMakeFile>true</UpdateSourcesInCMakeFile>
+    <ExportCompileCommands>false</ExportCompileCommands>
+    <DisableToolchainFile>false</DisableToolchainFile>
+    <CMakeMakefileType>Ninja</CMakeMakefileType>
+    <DeployAsRoot>false</DeployAsRoot>
+    <CMakeCleanMode>RemoveBuildDirectory</CMakeCleanMode>
+    <UseCCache>false</UseCCache>
+    <ProjectModeSettings>
+      <ProjectItemSettings>
+        <GroupSourcesByTypes>true</GroupSourcesByTypes>
+        <GroupSourcesByPaths>true</GroupSourcesByPaths>
+        <GroupTargetsByPaths>true</GroupTargetsByPaths>
+        <FollowCMakeSourceGroups>false</FollowCMakeSourceGroups>
+        <AutoRefreshProject>true</AutoRefreshProject>
+        <AlwaysConsiderOutdated>false</AlwaysConsiderOutdated>
+        <SortTargetsByName>true</SortTargetsByName>
+        <RedundantTargetMode>HideOuterProjectTargets</RedundantTargetMode>
+        <SortSourcesByName>true</SortSourcesByName>
+        <BuildAllTargetsInSubdir>false</BuildAllTargetsInSubdir>
+        <FoldSingleItemPathLevels>true</FoldSingleItemPathLevels>
+      </ProjectItemSettings>
+      <TargetSpecificSettings />
+      <SetLDLibraryPathFromDependentArtifacts>true</SetLDLibraryPathFromDependentArtifacts>
+      <ProjectGUID>eadcc9ab-72b3-4b51-a838-593e5d80ddf7</ProjectGUID>
+      <VirtualFolders />
+      <ConfigurationNameCase>Upper</ConfigurationNameCase>
+      <DefaultHeaderDiscoveryMode>HeaderDirectoryAndSubdirectories</DefaultHeaderDiscoveryMode>
+      <EnableFastUpToDateCheck>true</EnableFastUpToDateCheck>
+      <ESPIDFExtension>
+        <IDFCheckout>
+          <Version>release/v5.0</Version>
+          <Subdirectory>esp-idf/v5.0</Subdirectory>
+          <Type>ESPIDF</Type>
+        </IDFCheckout>
+        <COMPort>COM23</COMPort>
+        <SuppressTestPrerequisiteChecks>false</SuppressTestPrerequisiteChecks>
+        <UseCCache>false</UseCCache>
+        <DeviceID>ESP32C3</DeviceID>
+      </ESPIDFExtension>
+    </ProjectModeSettings>
+  </Build>
+  <CustomBuild>
+    <PreSyncActions />
+    <PreBuildActions />
+    <PostBuildActions />
+    <PreCleanActions />
+    <PostCleanActions />
+  </CustomBuild>
+  <CustomDebug>
+    <PreDebugActions />
+    <PostDebugActions />
+    <DebugStopActions />
+    <BreakMode>Default</BreakMode>
+  </CustomDebug>
+  <DeviceTerminalSettings>
+    <Connection xsi:type="com.sysprogs.terminal.connection.serial">
+      <ComPortName>COM24</ComPortName>
+      <AdvancedSettings>
+        <BaudRate>115200</BaudRate>
+        <DataBits>8</DataBits>
+        <Parity>None</Parity>
+        <StopBits>One</StopBits>
+        <FlowControl>None</FlowControl>
+      </AdvancedSettings>
+    </Connection>
+    <LastConnectionTime>0</LastConnectionTime>
+    <EchoTypedCharacters>false</EchoTypedCharacters>
+    <ClearContentsWhenReconnecting>false</ClearContentsWhenReconnecting>
+    <ReconnectAutomatically>false</ReconnectAutomatically>
+    <DisplayMode>ASCII</DisplayMode>
+    <Colors>
+      <Background>
+        <Alpha>255</Alpha>
+        <Red>0</Red>
+        <Green>0</Green>
+        <Blue>0</Blue>
+      </Background>
+      <Disconnected>
+        <Alpha>255</Alpha>
+        <Red>169</Red>
+        <Green>169</Green>
+        <Blue>169</Blue>
+      </Disconnected>
+      <Text>
+        <Alpha>255</Alpha>
+        <Red>211</Red>
+        <Green>211</Green>
+        <Blue>211</Blue>
+      </Text>
+      <Echo>
+        <Alpha>255</Alpha>
+        <Red>144</Red>
+        <Green>238</Green>
+        <Blue>144</Blue>
+      </Echo>
+      <Inactive>
+        <Alpha>255</Alpha>
+        <Red>169</Red>
+        <Green>169</Green>
+        <Blue>169</Blue>
+      </Inactive>
+    </Colors>
+    <HexSettings>
+      <MaximumBytesPerLine>16</MaximumBytesPerLine>
+      <ShowTextView>true</ShowTextView>
+      <BreaksAroundEcho>true</BreaksAroundEcho>
+      <AutoSend>true</AutoSend>
+      <SendAsHex>true</SendAsHex>
+      <TimeoutForAutoBreak>0</TimeoutForAutoBreak>
+    </HexSettings>
+    <LineEnding>LF</LineEnding>
+    <TreatLFAsCRLF>false</TreatLFAsCRLF>
+    <KeepOpenAfterExit>false</KeepOpenAfterExit>
+    <ShowAfterProgramming>false</ShowAfterProgramming>
+  </DeviceTerminalSettings>
+  <CustomShortcuts>
+    <Shortcuts />
+    <ShowMessageAfterExecuting>true</ShowMessageAfterExecuting>
+  </CustomShortcuts>
+  <UserDefinedVariables />
+  <ImportedPropertySheets />
+  <CodeSense>
+    <Enabled>Unknown</Enabled>
+    <ExtraSettings>
+      <HideErrorsInSystemHeaders>true</HideErrorsInSystemHeaders>
+      <SupportLightweightReferenceAnalysis>true</SupportLightweightReferenceAnalysis>
+      <CheckForClangFormatFiles>true</CheckForClangFormatFiles>
+      <FormattingEngine xsi:nil="true" />
+    </ExtraSettings>
+    <CodeAnalyzerSettings>
+      <Enabled>false</Enabled>
+    </CodeAnalyzerSettings>
+  </CodeSense>
+  <Configurations>
+    <VisualGDBConfiguration>
+      <Name>Debug</Name>
+      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+    </VisualGDBConfiguration>
+    <VisualGDBConfiguration>
+      <Name>Release</Name>
+      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+    </VisualGDBConfiguration>
+  </Configurations>
+  <ProgramArgumentsSuggestions />
+  <Debug xsi:type="com.visualgdb.debug.embedded">
+    <AdditionalStartupCommands />
+    <AdditionalGDBSettings>
+      <Features>
+        <DisableAutoDetection>false</DisableAutoDetection>
+        <UseFrameParameter>true</UseFrameParameter>
+        <SimpleValuesFlagSupported>true</SimpleValuesFlagSupported>
+        <ListLocalsSupported>true</ListLocalsSupported>
+        <ByteLevelMemoryCommandsAvailable>true</ByteLevelMemoryCommandsAvailable>
+        <ThreadInfoSupported>true</ThreadInfoSupported>
+        <PendingBreakpointsSupported>true</PendingBreakpointsSupported>
+        <SupportTargetCommand>true</SupportTargetCommand>
+        <ReliableBreakpointNotifications>true</ReliableBreakpointNotifications>
+      </Features>
+      <EnableSmartStepping>false</EnableSmartStepping>
+      <FilterSpuriousStoppedNotifications>false</FilterSpuriousStoppedNotifications>
+      <ForceSingleThreadedMode>false</ForceSingleThreadedMode>
+      <UseAppleExtensions>false</UseAppleExtensions>
+      <CanAcceptCommandsWhileRunning>false</CanAcceptCommandsWhileRunning>
+      <MakeLogFile>false</MakeLogFile>
+      <IgnoreModuleEventsWhileStepping>true</IgnoreModuleEventsWhileStepping>
+      <UseRelativePathsOnly>false</UseRelativePathsOnly>
+      <ExitAction>Disconnect</ExitAction>
+      <DisableDisassembly>false</DisableDisassembly>
+      <ExamineMemoryWithXCommand>false</ExamineMemoryWithXCommand>
+      <StepIntoNewInstanceEntry>app_main</StepIntoNewInstanceEntry>
+      <ExamineRegistersInRawFormat>true</ExamineRegistersInRawFormat>
+      <DisableSignals>false</DisableSignals>
+      <EnableAsyncExecutionMode>false</EnableAsyncExecutionMode>
+      <AsyncModeSupportsBreakpoints>true</AsyncModeSupportsBreakpoints>
+      <TemporaryBreakConsolidationTimeout>0</TemporaryBreakConsolidationTimeout>
+      <EnableNonStopMode>false</EnableNonStopMode>
+      <MaxBreakpointLimit>0</MaxBreakpointLimit>
+      <EnableVerboseMode>true</EnableVerboseMode>
+      <EnablePrettyPrinters>false</EnablePrettyPrinters>
+    </AdditionalGDBSettings>
+    <DebugMethod>
+      <ID>openocd</ID>
+      <InterfaceID>esp_usb_jtag</InterfaceID>
+      <InterfaceSerialNumber>60:55:F9:BC:29:94</InterfaceSerialNumber>
+      <Configuration xsi:type="com.visualgdb.edp.openocd.settings.esp32">
+        <CommandLine>-f interface/esp_usb_jtag.cfg -c "adapter_khz 3000" -f target/esp32c3.cfg</CommandLine>
+        <ExtraParameters>
+          <Frequency xsi:nil="true" />
+          <BoostedFrequency xsi:nil="true" />
+          <ConnectUnderReset>false</ConnectUnderReset>
+        </ExtraParameters>
+        <LoadProgressGUIThreshold>131072</LoadProgressGUIThreshold>
+        <ProgramMode>Enabled</ProgramMode>
+        <StartupCommands>
+          <string>set remotetimeout 60</string>
+          <string>target remote :$$SYS:GDB_PORT$$</string>
+          <string>mon gdb_breakpoint_override hard</string>
+          <string>mon reset halt</string>
+          <string>load</string>
+        </StartupCommands>
+        <ProgramFLASHUsingExternalTool>false</ProgramFLASHUsingExternalTool>
+        <PreferredGDBPort>0</PreferredGDBPort>
+        <PreferredTelnetPort>0</PreferredTelnetPort>
+        <AlwaysPassSerialNumber>false</AlwaysPassSerialNumber>
+        <SelectedCoreIndex xsi:nil="true" />
+        <LiveMemoryTimeout>5000</LiveMemoryTimeout>
+        <SuggestionLogicRevision>1</SuggestionLogicRevision>
+        <CheckFLASHSize>true</CheckFLASHSize>
+        <FLASHSettings>
+          <Size>size2MB</Size>
+          <Frequency>freq40M</Frequency>
+          <Mode>DIO</Mode>
+        </FLASHSettings>
+        <PatchBootloader>true</PatchBootloader>
+      </Configuration>
+    </DebugMethod>
+    <AutoDetectRTOS>true</AutoDetectRTOS>
+    <SemihostingSupport>Disabled</SemihostingSupport>
+    <SemihostingPollingDelay>0</SemihostingPollingDelay>
+    <StepIntoEntryPoint>false</StepIntoEntryPoint>
+    <ReloadFirmwareOnReset>false</ReloadFirmwareOnReset>
+    <ValidateEndOfStackAddress>true</ValidateEndOfStackAddress>
+    <StopAtEntryPoint>false</StopAtEntryPoint>
+    <EnableVirtualHalts>false</EnableVirtualHalts>
+    <DynamicAnalysisSettings />
+    <EndOfStackSymbol>_estack</EndOfStackSymbol>
+    <TimestampProviderTicksPerSecond>0</TimestampProviderTicksPerSecond>
+    <KeepConsoleAfterExit>false</KeepConsoleAfterExit>
+    <UnusedStackFillPattern xsi:nil="true" />
+    <CheckInterfaceDrivers>true</CheckInterfaceDrivers>
+  </Debug>
+</VisualGDBProjectSettings2>
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v5_ESP32S3.sln
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v5_ESP32S3.sln
@@ -0,0 +1,54 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 16
+VisualStudioVersion = 16.0.33027.164
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{CD9E73EC-27FB-49E4-B3A3-B0502C20A818}"
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "wolfSSL", "wolfSSL", "{20662F9E-D386-4839-B855-857D7F922C99}"
+	ProjectSection(SolutionItems) = preProject
+		..\components\wolfssl\CMakeLists.txt = ..\components\wolfssl\CMakeLists.txt
+	EndProjectSection
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "include", "include", "{89279333-68BD-4E6A-B970-E645967CE5FA}"
+	ProjectSection(SolutionItems) = preProject
+		..\components\wolfssl\include\config.h = ..\components\wolfssl\include\config.h
+		..\components\wolfssl\include\user_settings.h = ..\components\wolfssl\include\user_settings.h
+	EndProjectSection
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "lib", "lib", "{E9586E44-7821-4956-9F72-A79B988B3211}"
+	ProjectSection(SolutionItems) = preProject
+		..\..\..\user_settings.h = ..\..\..\user_settings.h
+	EndProjectSection
+EndProject
+Project("{803FD0C6-D64E-4E16-9DC3-1DAEC859A3D2}") = "wolfssl_benchmark_IDF_v5_ESP32S3", "wolfssl_benchmark_IDF_v5_ESP32S3.vgdbproj", "{870D7357-61DA-432A-806F-041A23BC8532}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|VisualGDB = Debug|VisualGDB
+		Release|VisualGDB = Release|VisualGDB
+		Tests (Debug)|VisualGDB = Tests (Debug)|VisualGDB
+		Tests (Release)|VisualGDB = Tests (Release)|VisualGDB
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{870D7357-61DA-432A-806F-041A23BC8532}.Debug|VisualGDB.ActiveCfg = Debug|VisualGDB
+		{870D7357-61DA-432A-806F-041A23BC8532}.Debug|VisualGDB.Build.0 = Debug|VisualGDB
+		{870D7357-61DA-432A-806F-041A23BC8532}.Release|VisualGDB.ActiveCfg = Release|VisualGDB
+		{870D7357-61DA-432A-806F-041A23BC8532}.Release|VisualGDB.Build.0 = Release|VisualGDB
+		{870D7357-61DA-432A-806F-041A23BC8532}.Tests (Debug)|VisualGDB.ActiveCfg = Tests (Debug)|VisualGDB
+		{870D7357-61DA-432A-806F-041A23BC8532}.Tests (Debug)|VisualGDB.Build.0 = Tests (Debug)|VisualGDB
+		{870D7357-61DA-432A-806F-041A23BC8532}.Tests (Release)|VisualGDB.ActiveCfg = Tests (Release)|VisualGDB
+		{870D7357-61DA-432A-806F-041A23BC8532}.Tests (Release)|VisualGDB.Build.0 = Tests (Release)|VisualGDB
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(NestedProjects) = preSolution
+		{20662F9E-D386-4839-B855-857D7F922C99} = {CD9E73EC-27FB-49E4-B3A3-B0502C20A818}
+		{89279333-68BD-4E6A-B970-E645967CE5FA} = {20662F9E-D386-4839-B855-857D7F922C99}
+		{E9586E44-7821-4956-9F72-A79B988B3211} = {CD9E73EC-27FB-49E4-B3A3-B0502C20A818}
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {7F8E1DC0-55AD-4DF8-B65A-CD65B60E17F9}
+	EndGlobalSection
+EndGlobal
--- a/Show More
+++ b/Show More