Merge pull request #6232 from JacobBarthelmeh/release

prepare for release 5.6.0

.github/SECURITY.md

@@ -6,7 +6,7 @@ If you discover a vulnerability, please report it to support@wolfssl.com
 
  1. Include a detailed description
  2. Include method to reproduce and/or method of discovery
- 3. We will evaulate the report promptly and respond to you with findings.
+ 3. We will evaluate the report promptly and respond to you with findings.
  4. We will credit you with the report if you would like.
 
 **Please keep the vulnerability private** until a fix has been released.

.github/workflows/docker-Espressif.yml

@@ -0,0 +1,32 @@
+name: Espressif examples tests
+on:
+  workflow_call:
+
+jobs:
+  espressif_latest:
+    name: latest Docker container
+    runs-on: ubuntu-latest
+    container:
+      image: espressif/idf:latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Initialize Espressif IDE and build examples
+        run: . /opt/esp/idf/export.sh; IDE/Espressif/ESP-IDF/compileAllExamples.sh
+  espressif_v4_4:
+    name: v4.4 Docker container
+    runs-on: ubuntu-latest
+    container:
+      image: espressif/idf:release-v4.4
+    steps:
+      - uses: actions/checkout@v3
+      - name: Initialize Espressif IDE and build examples
+        run: . /opt/esp/idf/export.sh; IDE/Espressif/ESP-IDF/compileAllExamples.sh
+  espressif_v5_0:
+    name: v5.0 Docker container
+    runs-on: ubuntu-latest
+    container:
+      image: espressif/idf:release-v5.0
+    steps:
+      - uses: actions/checkout@v3
+      - name: Initialize Espressif IDE and build examples
+        run: . /opt/esp/idf/export.sh; IDE/Espressif/ESP-IDF/compileAllExamples.sh

.github/workflows/docker-OpenWrt.yml

@@ -0,0 +1,50 @@
+# This workflow tests out new libraries with existing OpenWrt builds to check
+# there aren't any compatibility issues. Take a look at Docker/OpenWrt/README.md
+name: OpenWrt test
+
+on:
+    workflow_call:
+
+jobs:
+    build_library:
+        name: Compile libwolfssl.so
+        runs-on: ubuntu-latest
+        container:
+            image: alpine:latest
+        steps:
+            - name: Install required tools
+              run: apk add argp-standalone asciidoc bash bc binutils bzip2 cdrkit coreutils diffutils elfutils-dev findutils flex musl-fts-dev g++ gawk gcc gettext git grep intltool libxslt linux-headers make musl-libintl musl-obstack-dev ncurses-dev openssl-dev patch perl python3-dev rsync tar unzip util-linux wget zlib-dev autoconf automake libtool
+            - uses: actions/checkout@v3
+            - name: Compile libwolfssl.so
+              run: ./autogen.sh && ./configure --enable-all && make
+            - name: Upload libwolfssl.so
+              uses: actions/upload-artifact@v3
+              with:
+                name: libwolfssl.so
+                path: src/.libs/libwolfssl.so
+                retention-days: 1
+    compile_container:
+        name: Compile container
+        runs-on: ubuntu-latest
+        needs: build_library
+        strategy:
+            fail-fast: false
+            matrix:
+                release: [ "22.03-SNAPSHOT", "21.02-SNAPSHOT" ] # some other versions: 21.02.0 21.02.5 22.03.0 22.03.3 snapshot
+        steps:
+            - uses: actions/checkout@v3
+            - uses: docker/setup-buildx-action@v2
+            - uses: actions/download-artifact@v3
+              with:
+                name: libwolfssl.so
+                path: Docker/OpenWrt/.
+            - name: Build but dont push
+              uses: docker/build-push-action@v3
+              with:
+                  context: Docker/OpenWrt
+                  platforms: linux/amd64
+                  push: false
+                  tags: openwrt-test:latest
+                  build-args: DOCKER_BASE_CONTAINER=openwrt/rootfs:x86-64-${{ matrix.release }}
+                  cache-from: type=gha
+                  cache-to: type=gha,mode=max

.github/workflows/haproxy.yml

@@ -0,0 +1,51 @@
+name: HaProxy Tests
+
+on:
+  workflow_call:
+
+jobs:
+  haproxy_check:
+    strategy:
+      fail-fast: false
+      matrix:
+        # List of refs to test
+        ref: [ master ]
+    name: ${{ matrix.ref }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-quic --enable-haproxy
+          install: true
+
+      - name: Checkout VTest
+        uses: actions/checkout@v3
+        with:
+          repository: vtest/VTest
+          path: VTest
+
+      - name: Build VTest
+        working-directory: VTest
+        # Special flags due to: https://github.com/vtest/VTest/issues/12
+        run: make FLAGS='-O2 -s -Wall'
+
+      - name: Checkout HaProxy
+        uses: actions/checkout@v3
+        with:
+          repository: haproxy/haproxy
+          path: haproxy
+          ref: ${{ matrix.ref }}
+
+      - name: Build HaProxy
+        working-directory: haproxy
+        run: >-
+          make -j TARGET=linux-glibc DEBUG='-DDEBUG_MEMORY_POOLS -DDEBUG_STRICT'
+          USE_OPENSSL_WOLFSSL=1 USE_QUIC=1 SSL_INC=$GITHUB_WORKSPACE/build-dir/include/
+          SSL_LIB=$GITHUB_WORKSPACE/build-dir/lib/ ADDLIB=-Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib
+
+      - name: Test HaProxy
+        working-directory: haproxy
+        run: make reg-tests reg-tests/ssl VTEST_PROGRAM=$GITHUB_WORKSPACE/VTest/vtest
+ 

.github/workflows/hostap-files/Makefile

@@ -0,0 +1,11 @@
+obj-m := mac80211_hwsim.o
+KDIR := /lib/modules/$(shell uname -r)/build
+PWD := $(shell pwd)
+default:
+	$(MAKE) -C $(KDIR) M=$(PWD) modules
+install:
+	$(MAKE) -C $(KDIR) M=$(PWD) modules_install
+	depmod -A
+clean:
+	$(MAKE) -C $(KDIR) M=$(PWD) clean
+

.github/workflows/hostap-files/README

@@ -0,0 +1,2 @@
+Makefile and directory used in .github/workflows/hostap.yml to
+compile the mac80211_hwsim kernel module.

.github/workflows/hostap-files/configs/b607d2723e927a3446d89aed813f1aa6068186bb/hostapd.config

@@ -0,0 +1,120 @@
+#CC=ccache gcc
+
+CONFIG_DRIVER_NONE=y
+CONFIG_DRIVER_NL80211=y
+CONFIG_RSN_PREAUTH=y
+
+#CONFIG_TLS=internal
+#CONFIG_INTERNAL_LIBTOMMATH=y
+#CONFIG_INTERNAL_LIBTOMMATH_FAST=y
+#CONFIG_TLS=openssl
+CONFIG_TLS=wolfssl
+
+CONFIG_EAP=y
+CONFIG_ERP=y
+CONFIG_EAP_MD5=y
+CONFIG_EAP_TLS=y
+CONFIG_EAP_MSCHAPV2=y
+CONFIG_EAP_PEAP=y
+CONFIG_EAP_GTC=y
+CONFIG_EAP_TTLS=y
+CONFIG_EAP_SIM=y
+CONFIG_EAP_AKA=y
+CONFIG_EAP_AKA_PRIME=y
+CONFIG_EAP_GPSK=y
+CONFIG_EAP_GPSK_SHA256=y
+CONFIG_EAP_SAKE=y
+CONFIG_EAP_PAX=y
+CONFIG_EAP_PSK=y
+CONFIG_EAP_VENDOR_TEST=y
+CONFIG_EAP_FAST=y
+CONFIG_EAP_TEAP=y
+CONFIG_EAP_IKEV2=y
+CONFIG_EAP_TNC=y
+CFLAGS += -DTNC_CONFIG_FILE=\"tnc/tnc_config\"
+LIBS += -rdynamic
+CONFIG_EAP_UNAUTH_TLS=y
+ifeq ($(CONFIG_TLS), openssl)
+CONFIG_EAP_PWD=y
+endif
+ifeq ($(CONFIG_TLS), wolfssl)
+CONFIG_EAP_PWD=y
+endif
+CONFIG_EAP_EKE=y
+CONFIG_PKCS12=y
+CONFIG_RADIUS_SERVER=y
+CONFIG_IPV6=y
+CONFIG_TLSV11=y
+CONFIG_TLSV12=y
+
+CONFIG_FULL_DYNAMIC_VLAN=y
+CONFIG_VLAN_NETLINK=y
+CONFIG_LIBNL32=y
+CONFIG_LIBNL3_ROUTE=y
+CONFIG_IEEE80211R=y
+CONFIG_IEEE80211AC=y
+CONFIG_IEEE80211AX=y
+
+CONFIG_OCV=y
+
+CONFIG_WPS=y
+CONFIG_WPS_UPNP=y
+CONFIG_WPS_NFC=y
+#CONFIG_WPS_STRICT=y
+CONFIG_WPA_TRACE=y
+CONFIG_WPA_TRACE_BFD=y
+
+CONFIG_P2P_MANAGER=y
+CONFIG_DEBUG_FILE=y
+CONFIG_DEBUG_LINUX_TRACING=y
+CONFIG_WPA_CLI_EDIT=y
+CONFIG_ACS=y
+CONFIG_NO_RANDOM_POOL=y
+CONFIG_WNM=y
+CONFIG_INTERWORKING=y
+CONFIG_HS20=y
+CONFIG_SQLITE=y
+CONFIG_SAE=y
+CONFIG_SAE_PK=y
+CFLAGS += -DALL_DH_GROUPS
+
+CONFIG_FST=y
+CONFIG_FST_TEST=y
+
+CONFIG_TESTING_OPTIONS=y
+CFLAGS += -DCONFIG_RADIUS_TEST
+CONFIG_MODULE_TESTS=y
+
+CONFIG_SUITEB=y
+
+# AddressSanitizer (ASan) can be enabled by uncommenting the following lines.
+# This can be used as a more efficient memory error detector than valgrind
+# (though, with still some CPU and memory cost, so VM cases will need more
+# memory allocated for the guest).
+#CFLAGS += -fsanitize=address -O1 -fno-omit-frame-pointer -g
+#LIBS += -fsanitize=address -fno-omit-frame-pointer -g
+#LIBS_h += -fsanitize=address -fno-omit-frame-pointer -g
+#LIBS_n += -fsanitize=address -fno-omit-frame-pointer -g
+#LIBS_c += -fsanitize=address -fno-omit-frame-pointer -g
+
+# Undefined Behavior Sanitizer (UBSan) can be enabled by uncommenting the
+# following lines.
+#CFLAGS += -Wno-format-nonliteral
+#CFLAGS += -fsanitize=undefined
+##CFLAGS += -fno-sanitize-recover
+#LIBS += -fsanitize=undefined
+##LIBS += -fno-sanitize-recover
+#LIBS_h += -fsanitize=undefined
+#LIBS_n += -fsanitize=undefined
+#LIBS_c += -fsanitize=undefined
+CONFIG_MBO=y
+
+CONFIG_TAXONOMY=y
+CONFIG_FILS=y
+CONFIG_FILS_SK_PFS=y
+CONFIG_OWE=y
+CONFIG_DPP=y
+CONFIG_DPP2=y
+CONFIG_WEP=y
+CONFIG_PASN=y
+CONFIG_AIRTIME_POLICY=y

.github/workflows/hostap-files/configs/b607d2723e927a3446d89aed813f1aa6068186bb/tests

@@ -0,0 +1,707 @@
+sae_pk
+sae_pk_group_negotiation
+sae_pk_sec_3
+sae_pk_sec_5
+sae_pk_group_20
+sae_pk_group_21
+sae_pk_group_20_sae_group_19
+sae_pk_group_20_sae_group_21
+sae_pk_group_19_sae_group_20
+sae_pk_password_without_pk
+sae_pk_only
+sae_pk_modes
+sae_pk_not_on_ap
+sae_pk_mixed
+sae_pk_mixed_immediate_confirm
+sae_pk_missing_ie
+sae_pk_unexpected_status
+sae_pk_invalid_signature
+sae_pk_invalid_fingerprint
+sae_pk_and_psk
+sae_pk_and_psk_invalid_password
+sae_pk_invalid_pw
+sae
+sae_password_ecc
+sae_pmksa_caching
+sae_pmksa_caching_pmkid
+sae_pmksa_caching_disabled
+sae_groups
+sae_group_nego
+sae_group_nego_no_match
+sae_anti_clogging
+sae_forced_anti_clogging
+sae_mixed
+sae_and_psk
+sae_and_psk2
+sae_wpa3_roam
+sae_mixed_mfp
+sae_mfp
+sae_missing_password
+sae_key_lifetime_in_memory
+sae_oom_wpas
+sae_proto_ecc
+sae_proto_ffc
+sae_proto_commit_delayed
+sae_proto_commit_replay
+sae_proto_confirm_replay
+sae_proto_hostapd
+sae_proto_hostapd_ecc
+sae_proto_hostapd_ffc
+sae_proto_hostapd_status_126
+sae_proto_hostapd_status_127
+sae_reflection_attack_ecc
+sae_reflection_attack_ecc_internal
+sae_commit_override
+sae_commit_override2
+sae_commit_invalid_scalar_element_ap
+sae_commit_invalid_element_ap
+sae_commit_invalid_scalar_element_sta
+sae_commit_invalid_element_sta
+sae_anti_clogging_proto
+sae_no_random
+sae_invalid_anti_clogging_token_req
+sae_password
+sae_password_short
+sae_password_long
+sae_connect_cmd
+sae_password_id
+sae_password_id_ecc
+sae_password_id_ffc
+sae_password_id_only
+sae_password_id_pwe_looping
+sae_password_id_pwe_check_ap
+sae_password_id_pwe_check_sta
+sae_forced_anti_clogging_pw_id
+sae_reauth
+sae_sync
+sae_confirm_immediate
+sae_confirm_immediate2
+sae_pwe_group_19
+sae_pwe_group_20
+sae_pwe_group_21
+sae_pwe_group_28
+sae_pwe_group_29
+sae_pwe_group_30
+sae_pwe_group_1
+sae_pwe_group_2
+sae_pwe_group_22
+sae_pwe_h2e_only_ap
+sae_pwe_h2e_only_ap_sta_forcing_loop
+sae_pwe_loop_only_ap
+sae_h2e_rejected_groups
+sae_h2e_rejected_groups_unexpected
+sae_h2e_password_id
+sae_pwe_in_psk_ap
+sae_auth_restart
+sae_rsne_mismatch
+sae_h2e_rsnxe_mismatch
+sae_h2e_rsnxe_mismatch_retries
+sae_h2e_rsnxe_mismatch_assoc
+sae_h2e_rsnxe_mismatch_ap
+sae_h2e_rsnxe_mismatch_ap2
+sae_h2e_rsnxe_mismatch_ap3
+sae_forced_anti_clogging_h2e
+sae_forced_anti_clogging_h2e_loop
+sae_okc
+sae_okc_sta_only
+sae_okc_pmk_lifetime
+sae_pmk_lifetime
+sae_and_psk_multiple_passwords
+sae_pmf_roam
+sae_ocv_pmk
+sae_ocv_pmk_failure
+sae_reject
+eap_tls_pkcs8_pkcs5_v2_des3
+eap_tls_pkcs8_pkcs5_v15
+eap_tls_session_resumption
+eap_tls_session_resumption_expiration
+eap_tls_session_resumption_radius
+eap_tls_sha512
+eap_tls_sha384
+eap_tls_ext_cert_check
+eap_tls_errors
+ap_wpa2_delayed_m3_retransmission
+ap_wpa2_delayed_m1_m3_retransmission
+ap_wpa2_delayed_m1_m3_retransmission2
+ap_wpa2_delayed_group_m1_retransmission
+ap_wpa2_delayed_group_m1_retransmission_igtk
+ap_wpa2_delayed_m1_m3_zero_tk
+ap_wpa2_plaintext_m1_m3
+ap_wpa2_plaintext_m1_m3_pmf
+ap_wpa2_plaintext_m3
+ap_wpa2_plaintext_group_m1
+ap_wpa2_plaintext_group_m1_pmf
+ap_wpa2_test_command_failures
+ap_wpa2_gtk_initial_rsc_tkip
+ap_wpa2_gtk_initial_rsc_ccmp
+ap_wpa2_gtk_initial_rsc_ccmp_256
+ap_wpa2_gtk_initial_rsc_gcmp
+ap_wpa2_gtk_initial_rsc_gcmp_256
+ap_wpa2_igtk_initial_rsc_aes_128_cmac
+ap_wpa2_igtk_initial_rsc_bip_gmac_128
+ap_wpa2_igtk_initial_rsc_bip_gmac_256
+ap_wpa2_igtk_initial_rsc_bip_cmac_256
+ap_wpa2_psk
+ap_wpa2_psk_file
+ap_wpa2_psk_file_keyid
+ap_wpa2_psk_mem
+ap_wpa2_ptk_rekey
+ap_wpa2_ptk_rekey_blocked_ap
+ap_wpa2_ptk_rekey_blocked_sta
+ap_wpa2_ptk_rekey_anonce
+ap_wpa2_ptk_rekey_ap
+ap_wpa2_sha256_ptk_rekey
+ap_wpa2_sha256_ptk_rekey_ap
+ap_wpa2_psk_file_errors
+ap_wpa2_psk_wildcard_ssid
+ap_wpa2_gtk_rekey
+ap_wpa2_gtk_rekey_request
+ap_wpa2_gtk_rekey_failure
+ap_wpa2_gtk_rekey_fail_1_sta
+ap_wpa2_gmk_rekey
+ap_wpa2_strict_rekey
+ap_wpa2_psk_ext
+ap_wpa2_psk_unexpected
+ap_wpa2_psk_ext_retry_msg_3
+ap_wpa2_psk_ext_retry_msg_3b
+ap_wpa2_psk_ext_retry_msg_3c
+ap_wpa2_psk_ext_retry_msg_3d
+ap_wpa2_psk_ext_retry_msg_3e
+ap_wpa2_psk_ext_delayed_ptk_rekey
+ap_wpa2_psk_ext_eapol
+ap_wpa2_psk_ext_eapol_retry1
+ap_wpa2_psk_ext_eapol_retry1b
+ap_wpa2_psk_ext_eapol_retry1c
+ap_wpa2_psk_ext_eapol_retry1d
+ap_wpa2_psk_ext_eapol_type_diff
+ap_wpa2_psk_ext_eapol_key_info
+ap_wpa2_psk_supp_proto
+ap_wpa2_psk_supp_proto_no_ie
+ap_wpa2_psk_supp_proto_ie_mismatch
+ap_wpa2_psk_supp_proto_ok
+ap_wpa2_psk_supp_proto_no_gtk
+ap_wpa2_psk_supp_proto_anonce_change
+ap_wpa2_psk_supp_proto_unexpected_group_msg
+ap_wpa2_psk_supp_proto_msg_1_invalid_kde
+ap_wpa2_psk_supp_proto_wrong_pairwise_key_len
+ap_wpa2_psk_supp_proto_wrong_group_key_len
+ap_wpa2_psk_supp_proto_gtk_tx_bit_workaround
+ap_wpa2_psk_supp_proto_gtk_keyidx_0_and_3
+ap_wpa2_psk_supp_proto_no_gtk_in_group_msg
+ap_wpa2_psk_supp_proto_too_long_gtk_in_group_msg
+ap_wpa2_psk_supp_proto_too_long_gtk_kde
+ap_wpa2_psk_supp_proto_gtk_not_encrypted
+ap_wpa2_psk_supp_proto_no_igtk
+ap_wpa2_psk_supp_proto_igtk_ok
+ap_wpa2_psk_supp_proto_igtk_keyid_swap
+ap_wpa2_psk_supp_proto_igtk_keyid_too_large
+ap_wpa2_psk_supp_proto_igtk_keyid_unexpected
+ap_wpa2_psk_wep
+ap_wpa2_psk_ifdown
+ap_wpa2_psk_drop_first_msg_4
+ap_wpa2_psk_disable_enable
+ap_wpa2_psk_incorrect_passphrase
+ap_wpa2_psk_no_random
+ap_wpa2_psk_assoc_rsn
+ap_wpa2_psk_ft_workaround
+ap_wpa2_psk_assoc_rsn_pmkid
+ap_wpa2_eapol_retry_limit
+ap_wpa2_disable_eapol_retry
+ap_wpa2_disable_eapol_retry_group
+ap_wpa2_psk_mic_0
+ap_wpa2_psk_local_error
+ap_wpa2_psk_inject_assoc
+ap_wpa2_psk_no_control_port
+ap_wpa2_psk_ap_control_port
+ap_wpa2_psk_ap_control_port_disabled
+ap_wpa2_psk_rsne_mismatch_ap
+ap_wpa2_psk_rsne_mismatch_ap2
+ap_wpa2_psk_rsne_mismatch_ap3
+ap_wpa2_psk_rsnxe_mismatch_ap
+ap_wpa2_psk_ext_key_id_ptk_rekey_ap0
+ap_wpa2_psk_ext_key_id_ptk_rekey_ap1
+ap_wpa2_psk_ext_key_id_ptk_rekey_ap2
+ap_wpa2_psk_ext_key_id_ptk_rekey_sta0
+ap_wpa2_psk_ext_key_id_ptk_rekey_sta1
+ap_wpa2_psk_ext_key_id_ptk_rekey_sta2
+ap_wpa2_eap_sim
+ap_wpa2_eap_sim_imsi_identity
+ap_wpa2_eap_sim_imsi_privacy_key
+ap_wpa2_eap_sim_imsi_privacy_attr
+ap_wpa2_eap_sim_sql
+ap_wpa2_eap_sim_config
+ap_wpa2_eap_sim_id_0
+ap_wpa2_eap_sim_id_1
+ap_wpa2_eap_sim_id_2
+ap_wpa2_eap_sim_id_3
+ap_wpa2_eap_sim_ext
+ap_wpa2_eap_sim_ext_replace_sim
+ap_wpa2_eap_sim_ext_replace_sim2
+ap_wpa2_eap_sim_ext_replace_sim3
+ap_wpa2_eap_sim_ext_auth_fail
+ap_wpa2_eap_sim_change_bssid
+ap_wpa2_eap_sim_no_change_set
+ap_wpa2_eap_sim_ext_anonymous
+ap_wpa2_eap_sim_ext_anonymous_no_pseudonym
+ap_wpa2_eap_sim_oom
+ap_wpa2_eap_aka
+ap_wpa2_eap_aka_imsi_identity
+ap_wpa2_eap_aka_imsi_privacy_key
+ap_wpa2_eap_aka_imsi_privacy_attr
+ap_wpa2_eap_aka_imsi_privacy_key_expired
+ap_wpa2_eap_aka_sql
+ap_wpa2_eap_aka_config
+ap_wpa2_eap_aka_ext
+ap_wpa2_eap_aka_ext_auth_fail
+ap_wpa2_eap_aka_prime
+ap_wpa2_eap_aka_prime_imsi_identity
+ap_wpa2_eap_aka_prime_imsi_privacy_key
+ap_wpa2_eap_aka_prime_sql
+ap_wpa2_eap_aka_prime_ext_auth_fail
+ap_wpa2_eap_aka_prime_ext
+ap_wpa2_eap_ttls_pap
+ap_wpa2_eap_ttls_pap_subject_match
+ap_wpa2_eap_ttls_pap_check_cert_subject
+ap_wpa2_eap_ttls_pap_incorrect_password
+ap_wpa2_eap_ttls_chap
+ap_wpa2_eap_ttls_chap_altsubject_match
+ap_wpa2_eap_ttls_chap_incorrect_password
+ap_wpa2_eap_ttls_mschap
+ap_wpa2_eap_ttls_mschap_incorrect_password
+ap_wpa2_eap_ttls_mschapv2
+ap_wpa2_eap_ttls_invalid_phase2
+ap_wpa2_eap_ttls_mschapv2_suffix_match
+ap_wpa2_eap_ttls_mschapv2_domain_match
+ap_wpa2_eap_ttls_mschapv2_incorrect_password
+ap_wpa2_eap_ttls_mschapv2_utf8
+ap_wpa2_eap_ttls_eap_gtc
+ap_wpa2_eap_ttls_eap_gtc_incorrect_password
+ap_wpa2_eap_ttls_eap_gtc_no_password
+ap_wpa2_eap_ttls_eap_gtc_server_oom
+ap_wpa2_eap_ttls_eap_gtc_oom
+ap_wpa2_eap_ttls_eap_md5
+ap_wpa2_eap_ttls_eap_md5_incorrect_password
+ap_wpa2_eap_ttls_eap_md5_no_password
+ap_wpa2_eap_ttls_eap_md5_server_oom
+ap_wpa2_eap_ttls_eap_mschapv2
+ap_wpa2_eap_ttls_eap_mschapv2_no_password
+ap_wpa2_eap_ttls_eap_mschapv2_server_oom
+ap_wpa2_eap_ttls_eap_sim
+ap_wpa2_eap_ttls_eap_sim_ext
+ap_wpa2_eap_ttls_eap_vendor
+ap_wpa2_eap_peap_eap_sim
+ap_wpa2_eap_peap_eap_sim_ext
+ap_wpa2_eap_fast_eap_sim_ext
+ap_wpa2_eap_ttls_eap_aka
+ap_wpa2_eap_peap_eap_aka
+ap_wpa2_eap_peap_eap_mschapv2
+ap_wpa2_eap_peap_eap_mschapv2_domain
+ap_wpa2_eap_peap_eap_mschapv2_incorrect_password
+ap_wpa2_eap_peap_crypto_binding
+ap_wpa2_eap_peap_crypto_binding_server_oom
+ap_wpa2_eap_peap_params
+ap_wpa2_eap_peap_eap_gtc
+ap_wpa2_eap_peap_eap_tls
+ap_wpa2_eap_peap_eap_vendor
+ap_wpa2_eap_tls
+ap_wpa2_eap_tls_blob
+ap_wpa2_eap_tls_blob_pem
+ap_wpa2_eap_tls_blob_missing
+ap_wpa2_eap_tls_with_tls_len
+ap_wpa2_eap_tls_pkcs12
+ap_wpa2_eap_tls_pkcs12_blob
+ap_wpa2_eap_tls_pkcs12_blob_pem
+ap_wpa2_eap_tls_diff_ca_trust
+ap_wpa2_eap_tls_diff_ca_trust2
+ap_wpa2_eap_tls_diff_ca_trust3
+ap_wpa2_eap_tls_neg_suffix_match
+ap_wpa2_eap_tls_neg_domain_match
+ap_wpa2_eap_tls_neg_subject_match
+ap_wpa2_eap_tls_neg_altsubject_match
+ap_wpa2_eap_unauth_tls
+ap_wpa2_eap_ttls_server_cert_hash
+ap_wpa2_eap_ttls_server_cert_hash_invalid
+ap_wpa2_eap_pwd
+ap_wpa2_eap_pwd_nthash
+ap_wpa2_eap_pwd_salt_sha1
+ap_wpa2_eap_pwd_salt_sha256
+ap_wpa2_eap_pwd_salt_sha512
+ap_wpa2_eap_pwd_groups
+ap_wpa2_eap_pwd_invalid_group
+ap_wpa2_eap_pwd_disabled_group
+ap_wpa2_eap_pwd_as_frag
+ap_wpa2_eap_gpsk
+ap_wpa2_eap_sake
+ap_wpa2_eap_eke
+ap_wpa2_eap_eke_many
+ap_wpa2_eap_eke_serverid_nai
+ap_wpa2_eap_eke_server_oom
+ap_wpa2_eap_ikev2
+ap_wpa2_eap_ikev2_as_frag
+ap_wpa2_eap_ikev2_oom
+ap_wpa2_eap_pax
+ap_wpa2_eap_psk
+ap_wpa2_eap_psk_oom
+ap_wpa2_eap_interactive
+ap_wpa2_eap_ext_enable_network_while_connected
+ap_wpa2_eap_vendor_test
+ap_wpa2_eap_vendor_test_oom
+ap_wpa2_eap_fast_gtc_identity_change
+ap_wpa2_eap_fast_eap_vendor
+ap_wpa2_eap_tls_ocsp
+ap_wpa2_eap_tls_ocsp_multi
+ap_wpa2_eap_tls_ocsp_key_id
+ap_wpa2_eap_tls_ocsp_ca_signed_good
+ap_wpa2_eap_tls_ocsp_ca_signed_revoked
+ap_wpa2_eap_tls_ocsp_ca_signed_unknown
+ap_wpa2_eap_tls_ocsp_server_signed
+ap_wpa2_eap_tls_ocsp_invalid_data
+ap_wpa2_eap_tls_ocsp_invalid
+ap_wpa2_eap_tls_ocsp_unknown_sign
+ap_wpa2_eap_tls_intermediate_ca
+ap_wpa2_eap_tls_ocsp_multi_revoked
+ap_wpa2_eap_tls_domain_suffix_match_cn_full
+ap_wpa2_eap_tls_domain_match_cn
+ap_wpa2_eap_tls_domain_suffix_match_cn
+ap_wpa2_eap_tls_domain_suffix_mismatch_cn
+ap_wpa2_eap_tls_domain_mismatch_cn
+ap_wpa2_eap_ttls_long_duration
+ap_wpa2_eap_ttls_server_cert_eku_client
+ap_wpa2_eap_ttls_server_cert_eku_client_server
+ap_wpa2_eap_ttls_server_pkcs12
+ap_wpa2_eap_ttls_server_pkcs12_extra
+ap_wpa2_eap_ttls_dh_params_server
+ap_wpa2_eap_ttls_dh_params_dsa_server
+ap_wpa2_eap_ttls_dh_params_not_found
+ap_wpa2_eap_ttls_dh_params_invalid
+ap_wpa2_eap_reauth
+ap_wpa2_eap_reauth_ptk_rekey_blocked_sta
+ap_wpa2_eap_request_identity_message
+ap_wpa2_eap_sim_aka_result_ind
+ap_wpa2_eap_sim_zero_db_timeout
+ap_wpa2_eap_too_many_roundtrips
+ap_wpa2_eap_too_many_roundtrips_server
+ap_wpa2_eap_too_many_roundtrips_server2
+ap_wpa2_eap_expanded_nak
+ap_wpa2_eap_sql
+ap_wpa2_eap_non_ascii_identity
+ap_wpa2_eap_non_ascii_identity2
+ap_wpa2_eap_unexpected_wep_eapol_key
+ap_wpa2_eap_session_ticket
+ap_wpa2_eap_no_workaround
+ap_wpa2_eap_tls_check_crl
+ap_wpa2_eap_tls_check_crl_not_strict
+ap_wpa2_eap_tls_crl_reload
+ap_wpa2_eap_tls_check_cert_subject
+ap_wpa2_eap_tls_check_cert_subject_neg
+ap_wpa2_eap_tls_oom
+ap_wpa2_eap_tls_macacl
+ap_wpa2_eap_oom
+ap_wpa2_eap_tls_13
+ap_wpa2_eap_tls_13_ocsp
+ap_wpa2_eap_tls_13_missing_prot_success
+ap_wpa2_eap_tls_13_fragmentation
+ap_wpa2_eap_ttls_13
+ap_wpa2_eap_peap_13
+ap_wpa2_eap_tls_13_ec
+ap_wpa2_eap_sim_db
+ap_wpa2_eap_sim_db_sqlite
+ap_wpa2_eap_assoc_rsn
+ap_wpa2_eap_status
+ap_wpa2_eap_gpsk_ptk_rekey_ap
+ap_wpa2_eap_wildcard_ssid
+ap_wpa2_eap_psk_mac_addr_change
+ap_wpa2_eap_server_get_id
+ap_wpa2_radius_server_get_id
+ap_wpa2_eap_tls_tod
+ap_wpa2_eap_tls_tod_tofu
+ap_wpa2_eap_sake_no_control_port
+ap_wpa2_tdls
+ap_wpa2_tdls_concurrent_init
+ap_wpa2_tdls_concurrent_init2
+ap_wpa2_tdls_decline_resp
+ap_wpa2_tdls_long_lifetime
+ap_wpa2_tdls_long_frame
+ap_wpa2_tdls_reneg
+ap_wpa2_tdls_wrong_lifetime_resp
+ap_wpa2_tdls_diff_rsnie
+ap_wpa2_tdls_wrong_tpk_m2_mic
+ap_wpa2_tdls_wrong_tpk_m3_mic
+ap_wpa2_tdls_double_tpk_m2
+ap_wpa2_tdls_responder_teardown
+dpp_network_intro_version
+dpp_network_intro_version_change
+dpp_network_intro_version_missing_req
+dpp_tcp_pkex
+dpp_tcp_pkex_auto_connect_2
+dpp_tcp_pkex_auto_connect_2_status
+dpp_tcp_pkex_auto_connect_2_status_fail
+dpp_tcp_pkex_while_associated
+dpp_tcp_pkex_while_associated_conn_status
+dpp_controller_relay_pkex
+dpp_push_button
+dpp_push_button_session_overlap_sta
+dpp_push_button_session_overlap_ap
+dpp_push_button_session_overlap_configurator
+dpp_push_button_2sta
+dpp_push_button_r_hash_mismatch_sta
+dpp_push_button_i_hash_mismatch_ap
+dpp_push_button_r_hash_mismatch_ap
+dpp_push_button_ext_conf
+dpp_push_button_wpas_conf
+dpp_private_peer_introduction
+dpp_qr_code_parsing
+dpp_uri_version
+dpp_uri_supported_curves
+dpp_uri_host
+dpp_qr_code_parsing_fail
+dpp_qr_code_curves
+dpp_qr_code_curves_brainpool
+dpp_qr_code_unsupported_curve
+dpp_qr_code_keygen_fail
+dpp_qr_code_curve_select
+dpp_qr_code_auth_broadcast
+dpp_configurator_enrollee
+dpp_configurator_enrollee_prime256v1
+dpp_configurator_enrollee_secp384r1
+dpp_configurator_enrollee_secp521r1
+dpp_configurator_enrollee_brainpoolP256r1
+dpp_configurator_enrollee_brainpoolP384r1
+dpp_configurator_enrollee_brainpoolP512r1
+dpp_configurator_enroll_conf
+dpp_qr_code_curve_prime256v1
+dpp_qr_code_curve_secp384r1
+dpp_qr_code_curve_secp521r1
+dpp_qr_code_curve_brainpoolP256r1
+dpp_qr_code_curve_brainpoolP384r1
+dpp_qr_code_curve_brainpoolP512r1
+dpp_qr_code_set_key
+dpp_qr_code_auth_mutual
+dpp_qr_code_auth_mutual2
+dpp_qr_code_auth_mutual_p_256
+dpp_qr_code_auth_mutual_p_384
+dpp_qr_code_auth_mutual_p_521
+dpp_qr_code_auth_mutual_bp_256
+dpp_qr_code_auth_mutual_bp_384
+dpp_qr_code_auth_mutual_bp_512
+dpp_auth_resp_retries
+dpp_qr_code_auth_mutual_not_used
+dpp_qr_code_auth_mutual_curve_mismatch
+dpp_qr_code_auth_hostapd_mutual2
+dpp_qr_code_listen_continue
+dpp_qr_code_auth_initiator_enrollee
+dpp_qr_code_auth_initiator_either_2
+dpp_qr_code_auth_initiator_either_3
+dpp_config_legacy
+dpp_config_legacy_psk_hex
+dpp_config_fragmentation
+dpp_config_legacy_gen
+dpp_config_legacy_gen_psk
+dpp_config_dpp_gen_prime256v1
+dpp_config_dpp_gen_secp384r1
+dpp_config_dpp_gen_secp521r1
+dpp_config_dpp_gen_expiry
+dpp_config_dpp_gen_expired_key
+dpp_config_dpp_gen_3rd_party
+dpp_config_dpp_override_prime256v1
+dpp_config_dpp_override_secp384r1
+dpp_config_override_objects
+dpp_config_signed_connector_error_no_dot_1
+dpp_config_signed_connector_error_no_dot_2
+dpp_config_signed_connector_error_unexpected_signature_len
+dpp_config_no_csign
+dpp_config_no_signed_connector
+dpp_config_unexpected_signed_connector_char
+dpp_config_root_not_an_object
+dpp_config_no_wi_fi_tech
+dpp_config_unsupported_wi_fi_tech
+dpp_config_no_discovery
+dpp_config_no_discovery_ssid
+dpp_config_too_long_discovery_ssid
+dpp_config_no_cred
+dpp_config_no_cred_akm
+dpp_config_unsupported_cred_akm
+dpp_config_error_legacy_no_pass
+dpp_config_error_legacy_too_long_pass
+dpp_config_error_legacy_psk_with_sae
+dpp_config_error_legacy_no_pass_for_sae
+dpp_config_error_legacy_invalid_psk
+dpp_config_error_legacy_too_short_psk
+dpp_config_connector_error_ext_sign
+dpp_config_connector_error_too_short_timestamp
+dpp_config_connector_error_invalid_timestamp
+dpp_config_connector_error_invalid_timestamp_date
+dpp_config_connector_error_invalid_time_zone
+dpp_config_connector_error_invalid_time_zone_2
+dpp_config_connector_error_expired_1
+dpp_config_connector_error_expired_2
+dpp_config_connector_error_expired_3
+dpp_config_connector_error_expired_4
+dpp_config_connector_error_expired_5
+dpp_config_connector_error_expired_6
+dpp_config_connector_error_no_groups
+dpp_config_connector_error_empty_groups
+dpp_config_connector_error_missing_group_id
+dpp_config_connector_error_missing_net_role
+dpp_config_connector_error_missing_net_access_key
+dpp_config_connector_error_net_access_key_mismatch
+dpp_akm_sha256
+dpp_akm_sha384
+dpp_akm_sha512
+dpp_network_introduction
+dpp_network_introduction_expired
+dpp_and_sae_akm
+dpp_ap_config
+dpp_ap_config_p256_p256
+dpp_ap_config_p256_p384
+dpp_ap_config_p384_p256
+dpp_ap_config_p384_p384
+dpp_ap_config_p521_p256
+dpp_ap_config_p521_p384
+dpp_ap_config_bp256_bp256
+dpp_ap_config_bp384_bp384
+dpp_ap_config_bp512_bp512
+dpp_ap_config_p256_bp256
+dpp_ap_config_bp256_p256
+dpp_ap_config_p521_bp512
+dpp_ap_config_reconfig_configurator
+dpp_auto_connect_1
+dpp_auto_connect_2
+dpp_auto_connect_2_connect_cmd
+dpp_auto_connect_2_sta_ver1
+dpp_auto_connect_2_ap_ver1
+dpp_auto_connect_2_ver1
+dpp_auto_connect_2_conf_ver1
+dpp_auto_connect_legacy
+dpp_auto_connect_legacy_ssid_charset
+dpp_auto_connect_legacy_sae_1
+dpp_auto_connect_legacy_sae_2
+dpp_auto_connect_legacy_psk_sae_1
+dpp_auto_connect_legacy_psk_sae_2
+dpp_auto_connect_legacy_psk_sae_3
+dpp_auto_connect_legacy_pmf_required
+dpp_qr_code_auth_responder_configurator
+dpp_qr_code_auth_responder_configurator_group_id
+dpp_qr_code_auth_enrollee_init_netrole
+dpp_qr_code_hostapd_init
+dpp_qr_code_hostapd_init_offchannel
+dpp_qr_code_hostapd_init_offchannel_neg_freq
+dpp_qr_code_hostapd_ignore_mismatch
+dpp_test_vector_p_256
+dpp_test_vector_p_256_b
+dpp_test_vector_p_521
+dpp_pkex
+dpp_pkex_v2
+dpp_pkex_p256
+dpp_pkex_p384
+dpp_pkex_p521
+dpp_pkex_bp256
+dpp_pkex_bp384
+dpp_pkex_bp512
+dpp_pkex_config
+dpp_pkex_no_identifier
+dpp_pkex_identifier_mismatch
+dpp_pkex_identifier_mismatch2
+dpp_pkex_identifier_mismatch3
+dpp_pkex_5ghz
+dpp_pkex_test_vector
+dpp_pkex_code_mismatch
+dpp_pkex_code_mismatch_limit
+dpp_pkex_curve_mismatch
+dpp_pkex_curve_mismatch_failure
+dpp_pkex_curve_mismatch_failure2
+dpp_pkex_exchange_resp_processing_failure
+dpp_pkex_commit_reveal_req_processing_failure
+dpp_pkex_config2
+dpp_pkex_no_responder
+dpp_pkex_after_retry
+dpp_pkex_hostapd_responder
+dpp_pkex_v2_hostapd_responder
+dpp_pkex_hostapd_initiator
+dpp_pkex_v2_hostapd_initiator
+dpp_pkex_hostapd_initiator_fallback
+dpp_pkex_hostapd_initiator_no_response
+dpp_pkex_hostapd_errors
+dpp_pkex_nak_curve_change
+dpp_pkex_nak_curve_change2
+dpp_hostapd_configurator
+dpp_hostapd_configurator_enrollee_v1
+dpp_hostapd_configurator_responder
+dpp_hostapd_configurator_fragmentation
+dpp_hostapd_enrollee_fragmentation
+dpp_hostapd_enrollee_gas_timeout
+dpp_hostapd_enrollee_gas_timeout_comeback
+dpp_hostapd_enrollee_gas_errors
+dpp_hostapd_enrollee_gas_proto
+dpp_hostapd_enrollee_gas_tx_status_errors
+dpp_hostapd_configurator_override_objects
+dpp_own_config
+dpp_own_config_group_id
+dpp_proto_after_wrapped_data_auth_req
+dpp_auth_req_stop_after_ack
+dpp_auth_req_retries
+dpp_auth_req_retries_multi_chan
+dpp_proto_after_wrapped_data_auth_resp
+dpp_proto_after_wrapped_data_auth_conf
+dpp_proto_after_wrapped_data_conf_req
+dpp_proto_after_wrapped_data_conf_resp
+dpp_proto_stop_at_pkex_exchange_resp
+dpp_proto_stop_at_pkex_cr_req
+dpp_proto_stop_at_pkex_cr_resp
+dpp_proto_network_introduction
+dpp_hostapd_auth_conf_timeout
+dpp_hostapd_auth_resp_retries
+dpp_tcp
+dpp_tcp_port
+dpp_tcp_mutual
+dpp_tcp_mutual_hostapd_conf
+dpp_tcp_conf_init
+dpp_tcp_conf_init_hostapd_enrollee
+dpp_tcp_controller_management_hostapd
+dpp_tcp_controller_management_hostapd2
+dpp_tcp_controller_start_failure
+dpp_tcp_init_failure
+dpp_controller_rx_failure
+dpp_controller_rx_errors
+dpp_conn_status_success
+dpp_conn_status_wrong_passphrase
+dpp_conn_status_no_ap
+dpp_conn_status_connector_mismatch
+dpp_conn_status_assoc_reject
+dpp_conn_status_success_hostapd_configurator
+dpp_mud_url
+dpp_mud_url_hostapd
+dpp_config_save
+dpp_config_save2
+dpp_config_save3
+dpp_nfc_uri
+dpp_nfc_uri_hostapd
+dpp_nfc_uri_hostapd_tag_read
+dpp_nfc_negotiated_handover
+dpp_nfc_negotiated_handover_diff_curve
+dpp_nfc_negotiated_handover_hostapd_sel
+dpp_nfc_negotiated_handover_hostapd_req
+dpp_nfc_errors_hostapd
+dpp_with_p2p_device
+dpp_pfs_ap_0
+dpp_pfs_ap_1
+dpp_pfs_ap_2
+dpp_pfs_connect_cmd
+dpp_pfs_connect_cmd_ap_2
+dpp_pfs_connect_cmd_ap_2_sae
+dpp_pfs_ap_0_sta_ver1
+dpp_pfs_errors
+dpp_qr_code_auth_rand_mac_addr
+dpp_enterprise
+dpp_enterprise_tcp
+dpp_enterprise_tcp2
+dpp_qr_code_config_event_initiator
+dpp_qr_code_config_event_initiator_set_comeback
+dpp_qr_code_config_event_initiator_slow
+dpp_qr_code_config_event_initiator_failure
+dpp_qr_code_config_event_initiator_no_response
+dpp_qr_code_config_event_initiator_both
+dpp_tcp_qr_code_config_event_initiator
+dpp_qr_code_config_event_responder
+dpp_discard_public_action
+

.github/workflows/hostap-files/configs/b607d2723e927a3446d89aed813f1aa6068186bb/wpa_supplicant.config

@@ -0,0 +1,163 @@
+#CC=ccache gcc
+
+#CONFIG_TLS=openssl
+CONFIG_TLS=wolfssl
+#CONFIG_TLS=internal
+#CONFIG_INTERNAL_LIBTOMMATH=y
+#CONFIG_INTERNAL_LIBTOMMATH_FAST=y
+
+CONFIG_IEEE8021X_EAPOL=y
+
+CONFIG_ERP=y
+CONFIG_EAP_MD5=y
+CONFIG_MSCHAPV2=y
+CONFIG_EAP_TLS=y
+CONFIG_EAP_PEAP=y
+CONFIG_EAP_TTLS=y
+CONFIG_EAP_GTC=y
+CONFIG_EAP_OTP=y
+CONFIG_EAP_PSK=y
+CONFIG_EAP_PAX=y
+CONFIG_EAP_LEAP=y
+CONFIG_EAP_SIM=y
+CONFIG_EAP_AKA=y
+CONFIG_EAP_AKA_PRIME=y
+CONFIG_EAP_VENDOR_TEST=y
+CONFIG_EAP_TLV=y
+CONFIG_EAP_SAKE=y
+CONFIG_EAP_GPSK=y
+CONFIG_EAP_GPSK_SHA256=y
+CONFIG_EAP_EKE=y
+CONFIG_EAP_TNC=y
+CFLAGS += -DTNC_CONFIG_FILE=\"tnc/tnc_config\"
+LIBS += -rdynamic
+CONFIG_EAP_FAST=y
+CONFIG_EAP_TEAP=y
+CONFIG_EAP_IKEV2=y
+
+ifeq ($(CONFIG_TLS), openssl)
+CONFIG_EAP_PWD=y
+endif
+ifeq ($(CONFIG_TLS), wolfssl)
+CONFIG_EAP_PWD=y
+endif
+
+CONFIG_USIM_SIMULATOR=y
+CONFIG_SIM_SIMULATOR=y
+
+#CONFIG_PCSC=y
+CONFIG_IPV6=y
+CONFIG_DRIVER_NONE=y
+CONFIG_PKCS12=y
+CONFIG_CTRL_IFACE=unix
+
+CONFIG_WPA_CLI_EDIT=y
+
+CONFIG_OCSP=y
+
+#CONFIG_ELOOP_POLL=y
+
+CONFIG_CTRL_IFACE_DBUS_NEW=y
+CONFIG_CTRL_IFACE_DBUS_INTRO=y
+
+CONFIG_IEEE80211R=y
+CONFIG_IEEE80211AC=y
+CONFIG_IEEE80211AX=y
+
+CONFIG_OCV=y
+
+CONFIG_DEBUG_FILE=y
+
+CONFIG_WPS=y
+#CONFIG_WPS_STRICT=y
+CONFIG_WPS_UPNP=y
+CONFIG_WPS_NFC=y
+CONFIG_WPS_ER=y
+#CONFIG_WPS_REG_DISABLE_OPEN=y
+
+CONFIG_DRIVER_WEXT=y
+
+CONFIG_DRIVER_NL80211=y
+CFLAGS += -I/usr/include/libnl3
+CONFIG_LIBNL32=y
+
+CONFIG_IBSS_RSN=y
+
+CONFIG_AP=y
+CONFIG_MESH=y
+CONFIG_P2P=y
+CONFIG_WIFI_DISPLAY=y
+
+CONFIG_ACS=y
+
+CONFIG_BGSCAN_SIMPLE=y
+CONFIG_BGSCAN_LEARN=y
+
+CONFIG_WPA_TRACE=y
+CONFIG_WPA_TRACE_BFD=y
+
+CONFIG_TDLS=y
+CONFIG_TDLS_TESTING=y
+CONFIG_NO_RANDOM_POOL=y
+
+CONFIG_TLSV11=y
+CONFIG_TLSV12=y
+
+CONFIG_HT_OVERRIDES=y
+CONFIG_VHT_OVERRIDES=y
+CONFIG_HE_OVERRIDES=y
+
+CONFIG_DEBUG_LINUX_TRACING=y
+
+CONFIG_INTERWORKING=y
+CONFIG_HS20=y
+
+CONFIG_AUTOSCAN_EXPONENTIAL=y
+CONFIG_AUTOSCAN_PERIODIC=y
+
+CONFIG_EXT_PASSWORD_TEST=y
+CONFIG_EXT_PASSWORD_FILE=y
+
+CONFIG_EAP_UNAUTH_TLS=y
+
+CONFIG_SAE=y
+CONFIG_SAE_PK=y
+CFLAGS += -DALL_DH_GROUPS
+
+CONFIG_WNM=y
+
+CONFIG_FST=y
+CONFIG_FST_TEST=y
+
+CONFIG_TESTING_OPTIONS=y
+CONFIG_MODULE_TESTS=y
+
+CONFIG_SUITEB=y
+
+# AddressSanitizer (ASan) can be enabled by uncommenting the following lines.
+# This can be used as a more efficient memory error detector than valgrind
+# (though, with still some CPU and memory cost, so VM cases will need more
+# memory allocated for the guest).
+#CFLAGS += -fsanitize=address -O1 -fno-omit-frame-pointer -g
+#LIBS += -fsanitize=address -fno-omit-frame-pointer -g
+#LIBS_c += -fsanitize=address -fno-omit-frame-pointer -g
+#LIBS_p += -fsanitize=address -fno-omit-frame-pointer -g
+
+# Undefined Behavior Sanitizer (UBSan) can be enabled by uncommenting the
+# following lines.
+#CFLAGS += -Wno-format-nonliteral
+#CFLAGS += -fsanitize=undefined
+##CFLAGS += -fno-sanitize-recover
+#LIBS += -fsanitize=undefined
+##LIBS += -fno-sanitize-recover
+#LIBS_c += -fsanitize=undefined
+#LIBS_p += -fsanitize=undefined
+CONFIG_MBO=y
+CONFIG_FILS=y
+CONFIG_FILS_SK_PFS=y
+CONFIG_PMKSA_CACHE_EXTERNAL=y
+CONFIG_OWE=y
+CONFIG_DPP=y
+CONFIG_DPP2=y
+CONFIG_WEP=y
+CONFIG_PASN=y

.github/workflows/hostap-files/configs/hostap_2_10/hostapd.config

@@ -0,0 +1,119 @@
+#CC=ccache gcc
+
+CONFIG_DRIVER_NONE=y
+CONFIG_DRIVER_NL80211=y
+CONFIG_RSN_PREAUTH=y
+
+#CONFIG_TLS=internal
+#CONFIG_INTERNAL_LIBTOMMATH=y
+#CONFIG_INTERNAL_LIBTOMMATH_FAST=y
+CONFIG_TLS=wolfssl
+
+CONFIG_EAP=y
+CONFIG_ERP=y
+CONFIG_EAP_MD5=y
+CONFIG_EAP_TLS=y
+CONFIG_EAP_MSCHAPV2=y
+CONFIG_EAP_PEAP=y
+CONFIG_EAP_GTC=y
+CONFIG_EAP_TTLS=y
+CONFIG_EAP_SIM=y
+CONFIG_EAP_AKA=y
+CONFIG_EAP_AKA_PRIME=y
+CONFIG_EAP_GPSK=y
+CONFIG_EAP_GPSK_SHA256=y
+CONFIG_EAP_SAKE=y
+CONFIG_EAP_PAX=y
+CONFIG_EAP_PSK=y
+CONFIG_EAP_VENDOR_TEST=y
+CONFIG_EAP_FAST=y
+#CONFIG_EAP_TEAP=y
+CONFIG_EAP_IKEV2=y
+CONFIG_EAP_TNC=y
+CFLAGS += -DTNC_CONFIG_FILE=\"tnc/tnc_config\"
+LIBS += -rdynamic
+CONFIG_EAP_UNAUTH_TLS=y
+ifeq ($(CONFIG_TLS), wolfssl)
+CONFIG_EAP_PWD=y
+endif
+ifeq ($(CONFIG_TLS), openssl)
+CONFIG_EAP_PWD=y
+endif
+CONFIG_EAP_EKE=y
+CONFIG_PKCS12=y
+CONFIG_RADIUS_SERVER=y
+CONFIG_IPV6=y
+CONFIG_TLSV11=y
+CONFIG_TLSV12=y
+
+CONFIG_FULL_DYNAMIC_VLAN=y
+CONFIG_VLAN_NETLINK=y
+CONFIG_LIBNL32=y
+CONFIG_LIBNL3_ROUTE=y
+CONFIG_IEEE80211R=y
+CONFIG_IEEE80211AC=y
+CONFIG_IEEE80211AX=y
+
+CONFIG_OCV=y
+
+CONFIG_WPS=y
+CONFIG_WPS_UPNP=y
+CONFIG_WPS_NFC=y
+#CONFIG_WPS_STRICT=y
+CONFIG_WPA_TRACE=y
+CONFIG_WPA_TRACE_BFD=y
+
+CONFIG_P2P_MANAGER=y
+CONFIG_DEBUG_FILE=y
+CONFIG_DEBUG_LINUX_TRACING=y
+CONFIG_WPA_CLI_EDIT=y
+CONFIG_ACS=y
+CONFIG_NO_RANDOM_POOL=y
+CONFIG_WNM=y
+CONFIG_INTERWORKING=y
+CONFIG_HS20=y
+CONFIG_SQLITE=y
+CONFIG_SAE=y
+#CONFIG_SAE_PK=y
+CFLAGS += -DALL_DH_GROUPS
+
+CONFIG_FST=y
+CONFIG_FST_TEST=y
+
+CONFIG_TESTING_OPTIONS=y
+CFLAGS += -DCONFIG_RADIUS_TEST
+CONFIG_MODULE_TESTS=y
+
+CONFIG_SUITEB=y
+
+# AddressSanitizer (ASan) can be enabled by uncommenting the following lines.
+# This can be used as a more efficient memory error detector than valgrind
+# (though, with still some CPU and memory cost, so VM cases will need more
+# memory allocated for the guest).
+#CFLAGS += -fsanitize=address -O1 -fno-omit-frame-pointer -g
+#LIBS += -fsanitize=address -fno-omit-frame-pointer -g
+#LIBS_h += -fsanitize=address -fno-omit-frame-pointer -g
+#LIBS_n += -fsanitize=address -fno-omit-frame-pointer -g
+#LIBS_c += -fsanitize=address -fno-omit-frame-pointer -g
+
+# Undefined Behavior Sanitizer (UBSan) can be enabled by uncommenting the
+# following lines.
+#CFLAGS += -Wno-format-nonliteral
+#CFLAGS += -fsanitize=undefined
+##CFLAGS += -fno-sanitize-recover
+#LIBS += -fsanitize=undefined
+##LIBS += -fno-sanitize-recover
+#LIBS_h += -fsanitize=undefined
+#LIBS_n += -fsanitize=undefined
+#LIBS_c += -fsanitize=undefined
+CONFIG_MBO=y
+
+CONFIG_TAXONOMY=y
+CONFIG_FILS=y
+CONFIG_FILS_SK_PFS=y
+CONFIG_OWE=y
+#CONFIG_DPP=y
+#CONFIG_DPP2=y
+CONFIG_WEP=y
+CONFIG_PASN=y
+CONFIG_AIRTIME_POLICY=y

.github/workflows/hostap-files/configs/hostap_2_10/tests

@@ -0,0 +1,284 @@
+sae
+sae_password_ecc
+sae_pmksa_caching
+sae_pmksa_caching_pmkid
+sae_pmksa_caching_disabled
+sae_groups
+sae_group_nego
+sae_group_nego_no_match
+sae_anti_clogging
+sae_forced_anti_clogging
+sae_mixed
+sae_and_psk
+sae_and_psk2
+sae_wpa3_roam
+sae_mixed_mfp
+sae_mfp
+sae_missing_password
+sae_key_lifetime_in_memory
+sae_oom_wpas
+sae_proto_ecc
+sae_proto_ffc
+sae_proto_commit_delayed
+sae_proto_commit_replay
+sae_proto_confirm_replay
+sae_proto_hostapd
+sae_proto_hostapd_ecc
+sae_proto_hostapd_ffc
+sae_proto_hostapd_status_126
+sae_proto_hostapd_status_127
+sae_reflection_attack_ecc
+sae_reflection_attack_ecc_internal
+sae_commit_override
+sae_commit_override2
+sae_commit_invalid_scalar_element_ap
+sae_commit_invalid_element_ap
+sae_commit_invalid_scalar_element_sta
+sae_commit_invalid_element_sta
+sae_anti_clogging_proto
+sae_no_random
+sae_bignum_failure_unsafe_group
+sae_invalid_anti_clogging_token_req
+sae_password
+sae_password_short
+sae_password_long
+sae_connect_cmd
+sae_password_id
+sae_password_id_ecc
+sae_password_id_ffc
+sae_password_id_only
+sae_password_id_pwe_looping
+sae_password_id_pwe_check_ap
+sae_password_id_pwe_check_sta
+sae_forced_anti_clogging_pw_id
+sae_reauth
+sae_sync
+sae_confirm_immediate
+sae_confirm_immediate2
+sae_pwe_group_19
+sae_pwe_group_20
+sae_pwe_group_21
+sae_pwe_group_1
+sae_pwe_group_2
+sae_pwe_group_22
+sae_pwe_h2e_only_ap
+sae_pwe_h2e_only_ap_sta_forcing_loop
+sae_pwe_loop_only_ap
+sae_h2e_rejected_groups
+sae_h2e_rejected_groups_unexpected
+sae_h2e_password_id
+sae_pwe_in_psk_ap
+sae_auth_restart
+sae_rsne_mismatch
+sae_h2e_rsnxe_mismatch
+sae_h2e_rsnxe_mismatch_retries
+sae_h2e_rsnxe_mismatch_assoc
+sae_h2e_rsnxe_mismatch_ap
+sae_h2e_rsnxe_mismatch_ap2
+sae_h2e_rsnxe_mismatch_ap3
+sae_forced_anti_clogging_h2e
+sae_forced_anti_clogging_h2e_loop
+sae_okc
+sae_okc_sta_only
+sae_okc_pmk_lifetime
+sae_pmk_lifetime
+sae_and_psk_multiple_passwords
+sae_pmf_roam
+sae_ocv_pmk
+sae_ocv_pmk_failure
+sae_reject
+eap_tls_pkcs8_pkcs5_v2_des3
+eap_tls_pkcs8_pkcs5_v15
+eap_tls_sha512
+eap_tls_sha384
+eap_tls_errors
+eap_proto_peap_errors_server
+eap_proto_peap_errors
+ap_wpa2_delayed_m3_retransmission
+ap_wpa2_delayed_m1_m3_retransmission
+ap_wpa2_delayed_m1_m3_retransmission2
+ap_wpa2_delayed_group_m1_retransmission
+ap_wpa2_delayed_group_m1_retransmission_igtk
+ap_wpa2_delayed_m1_m3_zero_tk
+ap_wpa2_plaintext_m1_m3
+ap_wpa2_plaintext_m1_m3_pmf
+ap_wpa2_plaintext_m3
+ap_wpa2_plaintext_group_m1
+ap_wpa2_plaintext_group_m1_pmf
+ap_wpa2_test_command_failures
+ap_wpa2_gtk_initial_rsc_tkip
+ap_wpa2_gtk_initial_rsc_ccmp
+ap_wpa2_gtk_initial_rsc_ccmp_256
+ap_wpa2_gtk_initial_rsc_gcmp
+ap_wpa2_gtk_initial_rsc_gcmp_256
+ap_wpa2_igtk_initial_rsc_aes_128_cmac
+ap_wpa2_igtk_initial_rsc_bip_gmac_128
+ap_wpa2_igtk_initial_rsc_bip_gmac_256
+ap_wpa2_igtk_initial_rsc_bip_cmac_256
+ap_wpa2_psk
+ap_wpa2_psk_file
+ap_wpa2_psk_file_keyid
+ap_wpa2_psk_mem
+ap_wpa2_ptk_rekey
+ap_wpa2_ptk_rekey_blocked_ap
+ap_wpa2_ptk_rekey_blocked_sta
+ap_wpa2_ptk_rekey_anonce
+ap_wpa2_ptk_rekey_ap
+ap_wpa2_sha256_ptk_rekey
+ap_wpa2_sha256_ptk_rekey_ap
+ap_wpa2_psk_file_errors
+ap_wpa2_psk_wildcard_ssid
+ap_wpa2_gtk_rekey
+ap_wpa2_gtk_rekey_request
+ap_wpa2_gtk_rekey_failure
+ap_wpa2_gmk_rekey
+ap_wpa2_strict_rekey
+ap_wpa2_psk_ext
+ap_wpa2_psk_unexpected
+ap_wpa2_psk_ext_retry_msg_3
+ap_wpa2_psk_ext_retry_msg_3b
+ap_wpa2_psk_ext_retry_msg_3c
+ap_wpa2_psk_ext_retry_msg_3d
+ap_wpa2_psk_ext_retry_msg_3e
+ap_wpa2_psk_ext_delayed_ptk_rekey
+ap_wpa2_psk_ext_eapol
+ap_wpa2_psk_ext_eapol_retry1
+ap_wpa2_psk_ext_eapol_retry1b
+ap_wpa2_psk_ext_eapol_retry1c
+ap_wpa2_psk_ext_eapol_retry1d
+ap_wpa2_psk_ext_eapol_type_diff
+ap_wpa2_psk_ext_eapol_key_info
+ap_wpa2_psk_wep
+ap_wpa2_psk_ifdown
+ap_wpa2_psk_drop_first_msg_4
+ap_wpa2_psk_disable_enable
+ap_wpa2_psk_incorrect_passphrase
+ap_wpa2_psk_no_random
+ap_wpa2_psk_assoc_rsn
+ap_wpa2_psk_ft_workaround
+ap_wpa2_psk_assoc_rsn_pmkid
+ap_wpa2_eapol_retry_limit
+ap_wpa2_disable_eapol_retry
+ap_wpa2_disable_eapol_retry_group
+ap_wpa2_psk_mic_0
+ap_wpa2_psk_local_error
+ap_wpa2_psk_inject_assoc
+ap_wpa2_psk_no_control_port
+ap_wpa2_psk_ap_control_port
+ap_wpa2_psk_ap_control_port_disabled
+ap_wpa2_psk_rsne_mismatch_ap
+ap_wpa2_psk_rsne_mismatch_ap2
+ap_wpa2_psk_rsne_mismatch_ap3
+ap_wpa2_psk_rsnxe_mismatch_ap
+ap_wpa2_psk_ext_key_id_ptk_rekey_ap0
+ap_wpa2_psk_ext_key_id_ptk_rekey_ap1
+ap_wpa2_psk_ext_key_id_ptk_rekey_ap2
+ap_wpa2_psk_ext_key_id_ptk_rekey_sta0
+ap_wpa2_psk_ext_key_id_ptk_rekey_sta1
+ap_wpa2_psk_ext_key_id_ptk_rekey_sta2
+ap_wpa2_eap_sim
+ap_wpa2_eap_sim_sql
+ap_wpa2_eap_sim_config
+ap_wpa2_eap_sim_id_0
+ap_wpa2_eap_sim_id_1
+ap_wpa2_eap_sim_id_2
+ap_wpa2_eap_sim_id_3
+ap_wpa2_eap_sim_ext
+ap_wpa2_eap_sim_ext_replace_sim
+ap_wpa2_eap_sim_ext_replace_sim2
+ap_wpa2_eap_sim_ext_replace_sim3
+ap_wpa2_eap_sim_ext_auth_fail
+ap_wpa2_eap_sim_change_bssid
+ap_wpa2_eap_sim_no_change_set
+ap_wpa2_eap_sim_ext_anonymous
+ap_wpa2_eap_sim_ext_anonymous_no_pseudonym
+ap_wpa2_eap_sim_oom
+ap_wpa2_eap_aka
+ap_wpa2_eap_aka_sql
+ap_wpa2_eap_aka_config
+ap_wpa2_eap_aka_ext
+ap_wpa2_eap_aka_ext_auth_fail
+ap_wpa2_eap_aka_prime
+ap_wpa2_eap_aka_prime_sql
+ap_wpa2_eap_aka_prime_ext_auth_fail
+ap_wpa2_eap_aka_prime_ext
+ap_wpa2_eap_ttls_invalid_phase2
+ap_wpa2_eap_ttls_eap_vendor
+ap_wpa2_eap_fast_eap_sim
+ap_wpa2_eap_fast_eap_aka
+ap_wpa2_eap_peap_params
+ap_wpa2_eap_peap_eap_gtc
+ap_wpa2_eap_peap_eap_vendor
+ap_wpa2_eap_ttls_server_cert_hash
+ap_wpa2_eap_ttls_server_cert_hash_invalid
+ap_wpa2_eap_pwd
+ap_wpa2_eap_pwd_nthash
+ap_wpa2_eap_pwd_salt_sha1
+ap_wpa2_eap_pwd_salt_sha256
+ap_wpa2_eap_pwd_salt_sha512
+ap_wpa2_eap_pwd_groups
+ap_wpa2_eap_pwd_invalid_group
+ap_wpa2_eap_pwd_disabled_group
+ap_wpa2_eap_pwd_as_frag
+ap_wpa2_eap_gpsk
+ap_wpa2_eap_sake
+ap_wpa2_eap_ikev2
+ap_wpa2_eap_ikev2_as_frag
+ap_wpa2_eap_ikev2_oom
+ap_wpa2_eap_pax
+ap_wpa2_eap_psk
+ap_wpa2_eap_psk_oom
+ap_wpa2_eap_interactive
+ap_wpa2_eap_ext_enable_network_while_connected
+ap_wpa2_eap_vendor_test
+ap_wpa2_eap_vendor_test_oom
+ap_wpa2_eap_ttls_ocsp_revoked
+ap_wpa2_eap_ttls_ocsp_unknown
+ap_wpa2_eap_ttls_optional_ocsp_unknown
+ap_wpa2_eap_ttls_long_duration
+ap_wpa2_eap_ttls_server_cert_eku_client
+ap_wpa2_eap_ttls_server_cert_eku_client_server
+ap_wpa2_eap_ttls_dh_params
+ap_wpa2_eap_ttls_dh_params_dsa
+ap_wpa2_eap_ttls_dh_params_not_found
+ap_wpa2_eap_ttls_dh_params_invalid
+ap_wpa2_eap_ttls_dh_params_blob
+ap_wpa2_eap_ttls_dh_params_server
+ap_wpa2_eap_ttls_dh_params_dsa_server
+ap_wpa2_eap_reauth
+ap_wpa2_eap_reauth_ptk_rekey_blocked_sta
+ap_wpa2_eap_request_identity_message
+ap_wpa2_eap_sim_aka_result_ind
+ap_wpa2_eap_sim_zero_db_timeout
+ap_wpa2_eap_too_many_roundtrips
+ap_wpa2_eap_too_many_roundtrips_server
+ap_wpa2_eap_too_many_roundtrips_server2
+ap_wpa2_eap_expanded_nak
+ap_wpa2_eap_sql
+ap_wpa2_eap_non_ascii_identity
+ap_wpa2_eap_non_ascii_identity2
+ap_wpa2_eap_unexpected_wep_eapol_key
+ap_wpa2_eap_oom
+ap_wpa2_eap_sim_db
+ap_wpa2_eap_sim_db_sqlite
+ap_wpa2_eap_assoc_rsn
+ap_wpa2_eap_status
+ap_wpa2_eap_gpsk_ptk_rekey_ap
+ap_wpa2_eap_wildcard_ssid
+ap_wpa2_eap_psk_mac_addr_change
+ap_wpa2_eap_server_get_id
+ap_wpa2_radius_server_get_id
+ap_wpa2_eap_sake_no_control_port
+ap_wpa2_tdls
+ap_wpa2_tdls_concurrent_init
+ap_wpa2_tdls_concurrent_init2
+ap_wpa2_tdls_decline_resp
+ap_wpa2_tdls_long_lifetime
+ap_wpa2_tdls_long_frame
+ap_wpa2_tdls_reneg
+ap_wpa2_tdls_wrong_lifetime_resp
+ap_wpa2_tdls_diff_rsnie
+ap_wpa2_tdls_wrong_tpk_m2_mic
+ap_wpa2_tdls_wrong_tpk_m3_mic
+ap_wpa2_tdls_double_tpk_m2
+ap_wpa2_tdls_responder_teardown

.github/workflows/hostap-files/configs/hostap_2_10/wpa_supplicant.config

@@ -0,0 +1,163 @@
+#CC=ccache gcc
+
+#CONFIG_TLS=openssl
+CONFIG_TLS=wolfssl
+#CONFIG_TLS=internal
+#CONFIG_INTERNAL_LIBTOMMATH=y
+#CONFIG_INTERNAL_LIBTOMMATH_FAST=y
+
+CONFIG_IEEE8021X_EAPOL=y
+
+CONFIG_ERP=y
+CONFIG_EAP_MD5=y
+CONFIG_MSCHAPV2=y
+CONFIG_EAP_TLS=y
+CONFIG_EAP_PEAP=y
+CONFIG_EAP_TTLS=y
+CONFIG_EAP_GTC=y
+CONFIG_EAP_OTP=y
+CONFIG_EAP_PSK=y
+CONFIG_EAP_PAX=y
+CONFIG_EAP_LEAP=y
+CONFIG_EAP_SIM=y
+CONFIG_EAP_AKA=y
+CONFIG_EAP_AKA_PRIME=y
+CONFIG_EAP_VENDOR_TEST=y
+CONFIG_EAP_TLV=y
+CONFIG_EAP_SAKE=y
+CONFIG_EAP_GPSK=y
+CONFIG_EAP_GPSK_SHA256=y
+CONFIG_EAP_EKE=y
+CONFIG_EAP_TNC=y
+CFLAGS += -DTNC_CONFIG_FILE=\"tnc/tnc_config\"
+LIBS += -rdynamic
+CONFIG_EAP_FAST=y
+#CONFIG_EAP_TEAP=y
+CONFIG_EAP_IKEV2=y
+
+ifeq ($(CONFIG_TLS), wolfssl)
+CONFIG_EAP_PWD=y
+endif
+ifeq ($(CONFIG_TLS), openssl)
+CONFIG_EAP_PWD=y
+endif
+
+CONFIG_USIM_SIMULATOR=y
+CONFIG_SIM_SIMULATOR=y
+
+#CONFIG_PCSC=y
+CONFIG_IPV6=y
+CONFIG_DRIVER_NONE=y
+CONFIG_PKCS12=y
+CONFIG_CTRL_IFACE=unix
+
+CONFIG_WPA_CLI_EDIT=y
+
+CONFIG_OCSP=y
+
+#CONFIG_ELOOP_POLL=y
+
+CONFIG_CTRL_IFACE_DBUS_NEW=y
+CONFIG_CTRL_IFACE_DBUS_INTRO=y
+
+CONFIG_IEEE80211R=y
+CONFIG_IEEE80211AC=y
+CONFIG_IEEE80211AX=y
+
+CONFIG_OCV=y
+
+CONFIG_DEBUG_FILE=y
+
+CONFIG_WPS=y
+#CONFIG_WPS_STRICT=y
+CONFIG_WPS_UPNP=y
+CONFIG_WPS_NFC=y
+CONFIG_WPS_ER=y
+#CONFIG_WPS_REG_DISABLE_OPEN=y
+
+CONFIG_DRIVER_WEXT=y
+
+CONFIG_DRIVER_NL80211=y
+CFLAGS += -I/usr/include/libnl3
+CONFIG_LIBNL32=y
+
+CONFIG_IBSS_RSN=y
+
+CONFIG_AP=y
+CONFIG_MESH=y
+CONFIG_P2P=y
+CONFIG_WIFI_DISPLAY=y
+
+CONFIG_ACS=y
+
+CONFIG_BGSCAN_SIMPLE=y
+CONFIG_BGSCAN_LEARN=y
+
+CONFIG_WPA_TRACE=y
+CONFIG_WPA_TRACE_BFD=y
+
+CONFIG_TDLS=y
+CONFIG_TDLS_TESTING=y
+CONFIG_NO_RANDOM_POOL=y
+
+CONFIG_TLSV11=y
+CONFIG_TLSV12=y
+
+CONFIG_HT_OVERRIDES=y
+CONFIG_VHT_OVERRIDES=y
+CONFIG_HE_OVERRIDES=y
+
+CONFIG_DEBUG_LINUX_TRACING=y
+
+CONFIG_INTERWORKING=y
+CONFIG_HS20=y
+
+CONFIG_AUTOSCAN_EXPONENTIAL=y
+CONFIG_AUTOSCAN_PERIODIC=y
+
+CONFIG_EXT_PASSWORD_TEST=y
+CONFIG_EXT_PASSWORD_FILE=y
+
+CONFIG_EAP_UNAUTH_TLS=y
+
+CONFIG_SAE=y
+#CONFIG_SAE_PK=y
+CFLAGS += -DALL_DH_GROUPS
+
+CONFIG_WNM=y
+
+CONFIG_FST=y
+CONFIG_FST_TEST=y
+
+CONFIG_TESTING_OPTIONS=y
+CONFIG_MODULE_TESTS=y
+
+CONFIG_SUITEB=y
+
+# AddressSanitizer (ASan) can be enabled by uncommenting the following lines.
+# This can be used as a more efficient memory error detector than valgrind
+# (though, with still some CPU and memory cost, so VM cases will need more
+# memory allocated for the guest).
+#CFLAGS += -fsanitize=address -O1 -fno-omit-frame-pointer -g
+#LIBS += -fsanitize=address -fno-omit-frame-pointer -g
+#LIBS_c += -fsanitize=address -fno-omit-frame-pointer -g
+#LIBS_p += -fsanitize=address -fno-omit-frame-pointer -g
+
+# Undefined Behavior Sanitizer (UBSan) can be enabled by uncommenting the
+# following lines.
+#CFLAGS += -Wno-format-nonliteral
+#CFLAGS += -fsanitize=undefined
+##CFLAGS += -fno-sanitize-recover
+#LIBS += -fsanitize=undefined
+##LIBS += -fno-sanitize-recover
+#LIBS_c += -fsanitize=undefined
+#LIBS_p += -fsanitize=undefined
+CONFIG_MBO=y
+CONFIG_FILS=y
+CONFIG_FILS_SK_PFS=y
+CONFIG_PMKSA_CACHE_EXTERNAL=y
+CONFIG_OWE=y
+#CONFIG_DPP=y
+#CONFIG_DPP2=y
+CONFIG_WEP=y
+CONFIG_PASN=y

.github/workflows/hostap-files/dbus-wpa_supplicant.conf

@@ -0,0 +1,23 @@
+<!DOCTYPE busconfig PUBLIC
+ "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+  <policy user="root">
+    <allow own="fi.epitest.hostap.WPASupplicant"/>
+    <allow send_destination="fi.epitest.hostap.WPASupplicant"/>
+    <allow send_interface="fi.epitest.hostap.WPASupplicant"/>
+    <allow own="fi.w1.wpa_supplicant1"/>
+    <allow send_destination="fi.w1.wpa_supplicant1"/>
+    <allow send_interface="fi.w1.wpa_supplicant1"/>
+    <allow receive_sender="fi.w1.wpa_supplicant1" receive_type="signal"/>
+  </policy>
+  <policy context="default">
+    <deny own="fi.epitest.hostap.WPASupplicant"/>
+    <deny send_destination="fi.epitest.hostap.WPASupplicant"/>
+    <deny send_interface="fi.epitest.hostap.WPASupplicant"/>
+    <deny own="fi.w1.wpa_supplicant1"/>
+    <deny send_destination="fi.w1.wpa_supplicant1"/>
+    <deny send_interface="fi.w1.wpa_supplicant1"/>
+    <deny receive_sender="fi.w1.wpa_supplicant1" receive_type="signal"/>
+  </policy>
+</busconfig>

.github/workflows/hostap.yml

@@ -0,0 +1,214 @@
+name: hostap and wpa-supplicant Tests
+
+on:
+  workflow_call:
+
+jobs:
+  # Build wpa_supplicant with wolfSSL and hostapd with OpenSSL and interop.
+  hostap_test:
+    strategy:
+      fail-fast: false
+      matrix:
+        # should hostapd be compiled with wolfssl
+        hostapd: [true, false]
+        # should wpa_supplicant be compiled with wolfssl
+        wpa_supplicant: [true, false]
+        # Fix the versions of hostap and osp to not break testing when a new
+        # patch is added in to osp. hostap_cherry_pick is used to apply the
+        # commit that updates the certificates used for testing. Tests are read
+        # from the corresponding configs/hostap_ref/tests file.
+        config: [
+          {
+            hostap_ref: hostap_2_10,
+            hostap_cherry_pick: 698c05da2bd3233b005d45873caa852bc29b32c5,
+            remove_teap: true,
+            # TLS 1.3 does not work for this version
+            wolf_extra_config: --disable-tls13,
+          },
+          # Test the dpp patch
+          {
+            hostap_ref: b607d2723e927a3446d89aed813f1aa6068186bb,
+            osp_ref: ad5b52a49b3cc2a5bfb47ccc1d6a5137132e9446,
+            wolf_extra_config: --enable-brainpool --enable-wpas-dpp
+          },
+        ]
+        # parallelize the tests to be able to run all tests within 10 minutes
+        # Update the <total server> in the ./run-tests.py step when changing.
+        server: [1, 2, 3, 4, 5]
+        exclude:
+          # don't test openssl on both sides
+          - hostapd: false
+            wpa_supplicant: false
+          # no hostapd support for dpp yet
+          - hostapd: true
+            config: {
+              hostap_ref: b607d2723e927a3446d89aed813f1aa6068186bb,
+              osp_ref: ad5b52a49b3cc2a5bfb47ccc1d6a5137132e9446,
+              wolf_extra_config: --enable-brainpool --enable-wpas-dpp
+            }
+    name: hwsim test
+    # For openssl 1.1
+    runs-on: ubuntu-20.04
+    steps:
+        # No way to view the full strategy in the browser (really weird)
+      - name: Print strategy
+        run: |
+          cat <<EOF
+          ${{ toJSON(matrix) }}
+          EOF
+
+      - name: Install dependencies
+        run: |
+          # Don't prompt for anything
+          export DEBIAN_FRONTEND=noninteractive
+          sudo apt-get update
+          # hostap dependencies
+          sudo apt-get install -y libpcap0.8 libpcap-dev curl libcurl4-openssl-dev \
+            libnl-3-dev binutils-dev libssl-dev libiberty-dev libnl-genl-3-dev \
+            libnl-route-3-dev libdbus-1-dev linux-modules-extra-`uname -r` \
+            bridge-utils
+          sudo pip3 install pycryptodome
+
+      - name: Enable mac80211
+        run: |
+          sudo modprobe mac80211
+          lsmod | grep mac80211
+
+      - if: ${{ runner.debug }}
+        name: Enable wolfSSL and hostap debug logging
+        run: |
+          echo "wolf_debug_flags=--enable-debug" >> $GITHUB_ENV
+          echo "hostap_debug_flags=-d" >> $GITHUB_ENV
+
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: >-
+            --enable-wpas CFLAGS=-DWOLFSSL_STATIC_RSA
+            ${{ env.wolf_debug_flags }} ${{ matrix.config.wolf_extra_config }}
+          install: true
+
+      - name: Setup d-bus
+        working-directory: wolfssl/.github/workflows/hostap-files
+        run: |
+          sudo cp dbus-wpa_supplicant.conf /usr/share/dbus-1/system.d/wpa_supplicant.conf
+          sudo service dbus reload
+
+        # This is super hack-ish :P
+        # If you are trying to reproduce this on a more generic system, you can
+        # just run `sudo apt install linux-modules-extra-$(uname -r)` and
+        # this should have the module in the package. No need to compile it.
+      - name: Compile and install mac80211_hwsim
+        working-directory: wolfssl/.github/workflows/hostap-files
+        run: |
+          # The tag will be the first two numbers of from uname -r
+          LINUX_TAG=$(uname -r | grep -oP '^\d+\.\d+')
+          # Download the correct version of the driver
+          wget https://raw.githubusercontent.com/torvalds/linux/v$LINUX_TAG/drivers/net/wireless/mac80211_hwsim.c
+          wget https://raw.githubusercontent.com/torvalds/linux/v$LINUX_TAG/drivers/net/wireless/mac80211_hwsim.h
+          make
+          sudo make install
+          sudo modprobe mac80211_hwsim
+          lsmod | grep mac80211_hwsim
+          sudo rmmod mac80211_hwsim
+
+      - name: Checkout hostap
+        uses: actions/checkout@v3
+        with:
+          repository: julek-wolfssl/hostap-mirror 
+          path: hostap
+          ref: ${{ matrix.config.hostap_ref }}
+          # necessary for cherry pick step
+          fetch-depth: 0
+
+      - if: ${{ matrix.config.hostap_cherry_pick }}
+        name: Cherry pick certificate update
+        working-directory: hostap
+        run: git cherry-pick -n ${{ matrix.config.hostap_cherry_pick }}
+
+      - if: ${{ matrix.config.osp_ref }}
+        name: Checkout OSP
+        uses: actions/checkout@v3
+        with:
+          repository: wolfssl/osp
+          path: osp
+          ref: ${{ matrix.config.osp_ref }}
+
+      - if: ${{ matrix.config.osp_ref }}
+        name: Apply patch files
+        working-directory: hostap
+        run: |
+          for f in $GITHUB_WORKSPACE/osp/hostap-patches/pending/*
+          do
+            patch -p1 < $f
+          done
+
+      - if: ${{ matrix.hostapd }}
+        name: Setup hostapd config file 
+        run: |
+          cp wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/hostapd.config \
+             hostap/hostapd/.config
+          cat <<EOF >> hostap/hostapd/.config
+            CFLAGS += -I$GITHUB_WORKSPACE/build-dir/include -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib
+            LIBS += -L$GITHUB_WORKSPACE/build-dir/lib -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib
+          EOF
+
+      - if: ${{ matrix.wpa_supplicant }}
+        name: Setup wpa_supplicant config file 
+        run: |
+          cp wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/wpa_supplicant.config \
+             hostap/wpa_supplicant/.config
+          cat <<EOF >> hostap/wpa_supplicant/.config
+            CFLAGS += -I$GITHUB_WORKSPACE/build-dir/include -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib
+            LIBS += -L$GITHUB_WORKSPACE/build-dir/lib -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib
+          EOF
+
+      - name: Build hostap
+        working-directory: hostap/tests/hwsim/
+        run: ./build.sh
+
+      - if: ${{ matrix.hostapd }}
+        name: Confirm hostapd linking with wolfSSL
+        run: ldd hostap/hostapd/hostapd | grep wolfssl
+
+      - if: ${{ matrix.wpa_supplicant }}
+        name: Confirm wpa_supplicant linking with wolfSSL
+        run: ldd hostap/wpa_supplicant/wpa_supplicant | grep wolfssl
+
+      - if: ${{ matrix.config.remove_teap }}
+        name: Remove EAP-TEAP from test configuration
+        working-directory: hostap/tests/hwsim/auth_serv
+        run: |
+          sed -e 's/"erp-teap@example.com"\tTEAP//' -i eap_user.conf
+          sed -e 's/"erp-teap@example.com"\tMSCHAPV2\t"password"\t\[2\]//' -i eap_user.conf
+          sed -e 's/"TEAP"\t\tTEAP//' -i eap_user.conf
+          sed -e 's/TEAP,//' -i eap_user.conf
+
+      - name: Run tests
+        id: testing
+        working-directory: hostap/tests/hwsim/
+        run: |
+          # Run tests in increments of 100 to cut down on the uploaded log size.
+          while mapfile -t -n 100 ary && ((${#ary[@]})); do
+            TESTS=$(printf '%s\n' "${ary[@]}" | tr '\n' ' ')
+            sudo ./start.sh
+            sudo ./run-tests.py ${{ env.hostap_debug_flags }} --split ${{ matrix.server }}/5 $TESTS
+            sudo ./stop.sh
+          done < $GITHUB_WORKSPACE/wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/tests
+
+      - name: Change failure log permissions
+        if: ${{ failure() && steps.testing.outcome == 'failure' }}
+        working-directory: hostap/tests/hwsim/
+        run: |
+          sudo chown -R $USER:$USER logs
+          zip -9 -r logs.zip logs/current
+
+      - name: Upload failure logs
+        if: ${{ failure() && steps.testing.outcome == 'failure' }}
+        uses: actions/upload-artifact@v3
+        with:
+          name: hostap-logs
+          path: hostap/tests/hwsim/logs.zip
+          retention-days: 5
+

.github/workflows/macos-check.yml

@@ -1,28 +0,0 @@
-name: macOS Build Test
-
-on:
-  push:
-    branches: [ '*' ]
-  pull_request:
-    branches: [ '*' ]
-
-jobs:
-  build:
-
-    runs-on: macos-latest
-
-    steps:
-    - uses: actions/checkout@v2
-    - name: brew
-      run: brew install automake libtool
-    - name: autogen
-      run: ./autogen.sh
-    - name: configure
-      run: ./configure
-    - name: make
-      run: make
-    - name: make check
-      run: make check
-    - name: make distcheck
-      run: make distcheck
-

.github/workflows/main.yml

@@ -0,0 +1,29 @@
+name: CI
+concurrency:
+  group: ${{ github.ref }}
+  cancel-in-progress: true
+
+on:
+  push:
+    branches: [ 'master', 'main', 'release/**' ]
+  pull_request:
+    branches: [ '*' ]
+
+jobs:
+    espressif:
+        uses: ./.github/workflows/docker-Espressif.yml
+    multi-compiler:
+        uses: ./.github/workflows/multi-compiler.yml
+    openwrt:
+        uses: ./.github/workflows/docker-OpenWrt.yml
+    os-check:
+        uses: ./.github/workflows/os-check.yml
+    stunnel:
+        uses: ./.github/workflows/stunnel.yml
+    openvpn:
+        uses: ./.github/workflows/openvpn.yml
+    hostap:
+        uses: ./.github/workflows/hostap.yml
+# TODO: Currently this test fails. Enable it once it becomes passing.        
+#    haproxy:
+#        uses: ./.github/workflows/haproxy.yml

.github/workflows/multi-compiler.yml

@@ -0,0 +1,34 @@
+name: Multiple compilers and versions
+
+on:
+  workflow_call:
+
+jobs:
+  my_matrix:
+    name: Compiler test
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - CC: gcc-9
+            CXX: g++-9
+          - CC: gcc-10
+            CXX: g++-10
+          - CC: gcc-11
+            CXX: g++-11
+          - CC: gcc-12
+            CXX: g++-12
+          - CC: clang-12
+            CXX: clang++-12
+          - CC: clang-13
+            CXX: clang++-13
+          - CC: clang-14
+            CXX: clang++-14
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Build
+        env:
+            CC: ${{ matrix.CC }}
+            CXX: ${{ matrix.CXX }}
+        run: ./autogen.sh && ./configure && make && make dist

.github/workflows/openvpn.yml

@@ -0,0 +1,56 @@
+name: OpenVPN Tests
+
+on:
+  workflow_call:
+
+jobs:
+  openvpn_check:
+    strategy:
+      fail-fast: false
+      matrix:
+        # List of refs to test
+        ref: [ master, release/2.6, v2.6.0 ]
+    name: ${{ matrix.ref }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-openvpn
+          install: true
+
+      - name: Install dependencies
+        run: |
+          sudo apt-get update
+          sudo apt-get install liblzo2-dev libpam0g-dev liblz4-dev libcap-ng-dev \
+                     linux-libc-dev man2html libcmocka-dev python3-docutils \
+                     libtool automake autoconf libnl-genl-3-dev libnl-genl-3-200
+
+      - if: ${{ matrix.ref != 'master' }}
+        name: Build and test openvpn with fsanitize
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          repository: OpenVPN/openvpn
+          ref: ${{ matrix.ref }}
+          path: openvpn
+          configure: >-
+            --with-crypto-library=wolfssl
+            WOLFSSL_CFLAGS="-I$GITHUB_WORKSPACE/build-dir/include/ -I$GITHUB_WORKSPACE/build-dir/include/wolfssl"
+            WOLFSSL_LIBS="-L$GITHUB_WORKSPACE/build-dir/lib -lwolfssl"
+            CFLAGS="-fsanitize=address -fno-omit-frame-pointer -O2"
+          check: true
+
+      - if: ${{ matrix.ref == 'master' }}
+        name: Build and test openvpn without fsanitize
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          repository: OpenVPN/openvpn
+          ref: ${{ matrix.ref }}
+          path: openvpn
+          configure: >-
+            --with-crypto-library=wolfssl
+            WOLFSSL_CFLAGS="-I$GITHUB_WORKSPACE/build-dir/include/ -I$GITHUB_WORKSPACE/build-dir/include/wolfssl"
+            WOLFSSL_LIBS="-L$GITHUB_WORKSPACE/build-dir/lib -lwolfssl"
+          check: true
+

.github/workflows/os-check.yml

@@ -0,0 +1,117 @@
+name: Ubuntu-Macos-Windows Tests
+
+on:
+  workflow_call:
+
+jobs:
+  make_check:
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ ubuntu-latest, macos-latest ]
+        config: [
+          # Add new configs here
+          '',
+          '--enable-all --enable-asn=template',
+          '--enable-all --enable-asn=original',
+        ]
+    name: make check
+    runs-on: ${{ matrix.os }}
+    steps:
+      - name: Build and test wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          configure: ${{ matrix.config }}
+          check: true
+
+  make_user_settings:
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ ubuntu-latest, macos-latest ]
+        user-settings: [
+          # Add new user_settings.h here
+          'examples/configs/user_settings_all.h',
+        ]
+    name: make user_setting.h
+    runs-on: ${{ matrix.os }}
+    steps:
+      - name: Build and test wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          configure: --enable-usersettings
+          check: true
+          user-settings: ${{ matrix.user-settings }}
+
+  make_user_settings_testwolfcrypt:
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ ubuntu-latest, macos-latest ]
+        user-settings: [
+          # Add new user_settings.h here
+          'examples/configs/user_settings_min_ecc.h',
+          'examples/configs/user_settings_wolfboot_keytools.h',
+          'examples/configs/user_settings_wolftpm.h',
+        ]
+    name: make user_setting.h (testwolfcrypt only)
+    runs-on: ${{ matrix.os }}
+    steps:
+      - name: Build and test wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          configure: --enable-usersettings --disable-examples
+          check: false
+          user-settings: ${{ matrix.user-settings }}
+
+      - name: Run wolfcrypt/test/testwolfcrypt
+        run: ./wolfcrypt/test/testwolfcrypt
+
+  # Has to be dedicated function due to the sed call
+  make_user_all:
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ ubuntu-latest, macos-latest ]
+    name: make user_setting.h (with sed)
+    runs-on: ${{ matrix.os }}
+    steps:
+    - uses: actions/checkout@v3
+    - if: ${{ matrix.os == 'macos-latest' }}
+      run: brew install automake libtool
+    - run: ./autogen.sh
+    - name: user_settings_all.h with compatibility layer
+      run: |
+        cp ./examples/configs/user_settings_all.h user_settings.h
+        sed -i -e "s/if 0/if 1/" user_settings.h
+        ./configure --enable-usersettings
+        make
+        make check
+
+  windows_build:
+    name: Windows Build Test
+    runs-on: windows-latest
+    env:
+      # Path to the solution file relative to the root of the project.
+      SOLUTION_FILE_PATH: wolfssl64.sln
+
+      # Configuration type to build.
+      # You can convert this to a build matrix if you need coverage of multiple configuration types.
+      # https://docs.github.com/actions/learn-github-actions/managing-complex-workflows#using-a-build-matrix
+      BUILD_CONFIGURATION: Release
+      BUILD_PLATFORM: x64
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Add MSBuild to PATH
+      uses: microsoft/setup-msbuild@v1
+
+    - name: Restore NuGet packages
+      working-directory: ${{env.GITHUB_WORKSPACE}}
+      run: nuget restore ${{env.SOLUTION_FILE_PATH}}
+
+    - name: Build
+      working-directory: ${{env.GITHUB_WORKSPACE}}
+      # Add additional options to the MSBuild command line here (like platform or verbosity level).
+      # See https://docs.microsoft.com/visualstudio/msbuild/msbuild-command-line-reference
+      run: msbuild /m /p:PlatformToolset=v142 /p:Platform=${{env.BUILD_PLATFORM}} /p:Configuration=${{env.BUILD_CONFIGURATION}} ${{env.SOLUTION_FILE_PATH}}

.github/workflows/stunnel.yml

@@ -0,0 +1,42 @@
+name: stunnel Tests
+
+on:
+  workflow_call:
+
+jobs:
+  stunnel_check:
+    strategy:
+      fail-fast: false
+      matrix:
+        # List of releases to test
+        ref: [ 5.67 ]
+    name: ${{ matrix.ref }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-stunnel
+          install: true
+    
+      - name: Checkout OSP
+        uses: actions/checkout@v3
+        with:
+          repository: wolfssl/osp
+          path: osp
+
+      - name: Build and test stunnel
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          repository: mtrojnar/stunnel
+          ref: stunnel-${{ matrix.ref }}
+          path: stunnel
+          patch-file: $GITHUB_WORKSPACE/osp/stunnel/${{ matrix.ref }}/stunnel-${{ matrix.ref }}.patch
+          configure: --enable-wolfssl SSLDIR=$GITHUB_WORKSPACE/build-dir
+          check: true
+
+      - name: Confirm stunnel built with wolfSSL
+        working-directory: ./stunnel
+        run: ldd src/stunnel | grep wolfssl
+

.github/workflows/ubuntu-check.yml

@@ -1,26 +0,0 @@
-name: Ubuntu Build Test
-
-on:
-  push:
-    branches: [ '*' ]
-  pull_request:
-    branches: [ '*' ]
-
-jobs:
-  build:
-
-    runs-on: ubuntu-latest
-
-    steps:
-    - uses: actions/checkout@v2
-    - name: autogen
-      run: ./autogen.sh
-    - name: configure
-      run: ./configure
-    - name: make
-      run: make
-    - name: make check
-      run: make check
-    - name: make distcheck
-      run: make distcheck
-

.github/workflows/windows-check.yml

@@ -1,38 +0,0 @@
-name: Windows Build Test
-
-on:
-  push:
-    branches: [ '*' ]
-  pull_request:
-    branches: [ '*' ]
-
-env:
-  # Path to the solution file relative to the root of the project.
-  SOLUTION_FILE_PATH: wolfssl64.sln
-
-  # Configuration type to build.
-  # You can convert this to a build matrix if you need coverage of multiple configuration types.
-  # https://docs.github.com/actions/learn-github-actions/managing-complex-workflows#using-a-build-matrix
-  BUILD_CONFIGURATION: Release
-  BUILD_PLATFORM: x64
-
-jobs:
-  build:
-    runs-on: windows-latest
-
-    steps:
-    - uses: actions/checkout@v2
-
-    - name: Add MSBuild to PATH
-      uses: microsoft/setup-msbuild@v1
-
-    - name: Restore NuGet packages
-      working-directory: ${{env.GITHUB_WORKSPACE}}
-      run: nuget restore ${{env.SOLUTION_FILE_PATH}}
-
-    - name: Build
-      working-directory: ${{env.GITHUB_WORKSPACE}}
-      # Add additional options to the MSBuild command line here (like platform or verbosity level).
-      # See https://docs.microsoft.com/visualstudio/msbuild/msbuild-command-line-reference
-      run: msbuild /m /p:PlatformToolset=v142 /p:Platform=${{env.BUILD_PLATFORM}} /p:Configuration=${{env.BUILD_CONFIGURATION}} ${{env.SOLUTION_FILE_PATH}}
-

.gitignore

@@ -393,6 +393,8 @@ cmake_install.cmake
 # GDB Settings
 \.gdbinit
 
+libFuzzer
+
 # Pycharm and other IDEs
 \.idea
 
@@ -404,3 +406,13 @@ async
 
 # Generated user_settings_asm.h.
 user_settings_asm.h
+
+# VisualGD
+**/.visualgdb
+
+# Espressif sdk config default should be saved in sdkconfig.defaults
+# we won't track the actual working sdkconfig files
+/IDE/Espressif/**/sdkconfig
+
+# auto-created CMake backups
+**/CMakeLists.txt.old

CMakeLists.txt

@@ -28,16 +28,16 @@ if("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_BINARY_DIR}")
      You must delete them, or cmake will refuse to work.")
 endif()
 
-project(wolfssl VERSION 5.5.2 LANGUAGES C ASM)
+project(wolfssl VERSION 5.6.0 LANGUAGES C ASM)
 
 # shared library versioning
 # increment if interfaces have been added, removed or changed
-set(LIBTOOL_CURRENT 37)
+set(LIBTOOL_CURRENT 39)
 # increment if source code has changed  set to zero if current is incremented
 set(LIBTOOL_REVISION 0)
 # increment if interfaces have been added set to zero if interfaces have been
 # removed or changed
-set(LIBTOOL_AGE 2)
+set(LIBTOOL_AGE 4)
 
 math(EXPR LIBTOOL_SO_VERSION "${LIBTOOL_CURRENT} - ${LIBTOOL_AGE}")
 set(LIBTOOL_FULL_VERSION ${LIBTOOL_SO_VERSION}.${LIBTOOL_AGE}.${LIBTOOL_REVISION})
@@ -66,18 +66,6 @@ if(CMAKE_C_COMPILER_ID STREQUAL "AppleClang")
     set(CMAKE_CXX_ARCHIVE_FINISH "<CMAKE_RANLIB> -no_warning_for_no_symbols -c <TARGET>")
 endif()
 
-if(APPLE)
-    find_library(CORE_FOUNDATION_FRAMEWORK CoreFoundation)
-    if(NOT CORE_FOUNDATION_FRAMEWORK)
-        message(FATAL_ERROR "Couldn't find CoreFoundation framework.")
-    endif()
-
-    find_library(SECURITY_FRAMEWORK Security)
-    if(NOT SECURITY_FRAMEWORK)
-        message(FATAL_ERROR "Couldn't find Security framework.")
-    endif()
-endif()
-
 include(CheckIncludeFile)
 
 check_include_file("arpa/inet.h" HAVE_ARPA_INET_H)
@@ -115,6 +103,7 @@ check_function_exists("inet_ntoa" HAVE_INET_NTOA)
 check_function_exists("memset" HAVE_MEMSET)
 check_function_exists("socket" HAVE_SOCKET)
 check_function_exists("strftime" HAVE_STRFTIME)
+check_function_exists("__atomic_fetch_add" HAVE_C___ATOMIC)
 
 include(CheckTypeSize)
 
@@ -942,7 +931,7 @@ endif()
 # DH
 add_option("WOLFSSL_DH"
     "Enable DH (default: enabled)"
-    "yes" "yes;no")
+    "yes" "yes;no;const")
 
 if(WOLFSSL_OPENSSH)
     override_cache(WOLFSSL_DH "yes")
@@ -957,6 +946,11 @@ else()
     endif()
 endif()
 
+if("${WOLFSSL_DH}" STREQUAL "const")
+    list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_DH_CONST")
+    set(WOLFSSL_DH_CONST "yes")
+endif()
+
 # TODO: - Anonymous
 
 # ASN
@@ -1673,10 +1667,33 @@ add_option("WOLFSSL_OPTFLAGS"
 add_option("WOLFSSL_SYS_CA_CERTS"
     "Enable ability to load CA certs from OS (default: enabled)"
     "yes" "yes;no")
+
 if(WOLFSSL_SYS_CA_CERTS)
     if(NOT WOLFSSL_FILESYSTEM)
-        message(FATAL_ERROR "Cannot use system CA certs without a filesystem.")
-    else()
+        message("Can't enable system CA certs without a filesystem.")
+        override_cache(WOLFSSL_SYS_CA_CERTS "no")
+    elseif(APPLE)
+        check_include_file("Security/SecTrustSettings.h" HAVE_SECURITY_SECTRUSTSETTINGS_H)
+        if(NOT HAVE_SECURITY_SECTRUSTSETTINGS_H)
+            message("Can't enable system CA certs without Security/SecTrustSettings.h.")
+            override_cache(WOLFSSL_SYS_CA_CERTS "no")
+        else()
+            find_library(CORE_FOUNDATION_FRAMEWORK CoreFoundation)
+            if(NOT CORE_FOUNDATION_FRAMEWORK)
+                message("Can't enable system CA certs without CoreFoundation framework.")
+                override_cache(WOLFSSL_SYS_CA_CERTS "no")
+            else()
+                find_library(SECURITY_FRAMEWORK Security)
+                if(NOT SECURITY_FRAMEWORK)
+                    message("Can't enable system CA certs without Security framework.")
+                    override_cache(WOLFSSL_SYS_CA_CERTS "no")
+                endif()
+            endif()
+        endif()
+    endif()
+
+
+    if(WOLFSSL_SYS_CA_CERTS)
         list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_SYS_CA_CERTS")
     endif()
 endif()
@@ -1786,6 +1803,14 @@ if (WOLFSSL_TLSX)
 endif()
 
 
+add_option("WOLFSSL_CAAM"
+    "Enable use of CAAM with NXP (default: disabled)"
+    "no" "yes;no")
+if (WOLFSSL_CAAM)
+   list(APPEND WOLFSSL_DEFINITIONS  "-DWOLFSSL_CAAM")
+endif()
+
+
 # Generates the BUILD_* flags. These control what source files are included in
 # the library. A series of AM_CONDITIONALs handle this in configure.ac.
 generate_build_flags()
@@ -1800,7 +1825,7 @@ if(WOLFSSL_USER_SETTINGS)
         -DWOLFSSL_USER_SETTINGS_ASM")
 
     # Create user_settings_asm.h for use in assembly files (e.g. .S files).
-    execute_process(COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/scripts/user_settings_asm.sh
+    execute_process(COMMAND $ENV{SHELL} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/user_settings_asm.sh
                             "${CMAKE_C_FLAGS} ${CMAKE_CXX_FLAGS}"
                     RESULT_VARIABLE USER_SETTINGS_ASM_RET)
     if (NOT USER_SETTINGS_ASM_RET EQUAL 0)
@@ -1931,14 +1956,18 @@ if(WIN32)
     target_link_libraries(wolfssl PUBLIC
         $<$<PLATFORM_ID:Windows>:ws2_32>)
 elseif(APPLE)
-    target_link_libraries(wolfssl PUBLIC
-        ${CORE_FOUNDATION_FRAMEWORK}
-        ${SECURITY_FRAMEWORK})
+    if(WOLFSSL_SYS_CA_CERTS)
+        target_link_libraries(wolfssl PUBLIC
+            ${CORE_FOUNDATION_FRAMEWORK}
+            ${SECURITY_FRAMEWORK})
+    endif()
 else()
-    # DH requires math (m) library
-    target_link_libraries(wolfssl
-        PUBLIC
-            m)
+    if(WOLFSSL_DH AND NOT WOLFSSL_DH_CONST)
+        # DH requires math (m) library
+        target_link_libraries(wolfssl
+            PUBLIC
+                m)
+    endif()
 endif()
 
 ####################################################
@@ -2187,7 +2216,7 @@ if(NOT BUILD_FIPS OR BUILD_FIPS_V1)
     "wolfssl/wolfcrypt/fips.h")
 endif()
 
-if(NOT BUILD_QNXCAAM)
+if(NOT BUILD_QNXCAAM OR BUILD_CAAM)
   list(APPEND HEADER_EXCLUDE
     "wolfssl/wolfcrypt/port/caam"
     )

ChangeLog.md

@@ -1,3 +1,315 @@
+# wolfSSL Release 5.6.0 (Mar 24, 2023)
+
+Release 5.6.0 has been developed according to wolfSSL's development and QA process (see link below) and successfully passed the quality criteria.
+https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
+
+NOTE: * --enable-heapmath is being deprecated and will be removed by 2024
+      * This release makes ASN Template the default with ./configure, the previous ASN parsing can be built with --enable-asn=original
+
+Release 5.6.0 of wolfSSL embedded TLS has bug fixes and new features including:
+
+## New Feature Additions
+
+* ASN template is now the default ASN parsing implementation when compiling with configure
+* Added in support for TLS v1.3 Encrypted Client Hello (ECH) and HPKE (Hybrid Public Key Encryption)
+* DTLS 1.3 stateless server ClientHello parsing support added
+
+### Ports
+* Add RX64/RX71 SHA hardware support
+* Port to RT1170 and expand NXP CAAM driver support
+* Add NuttX integration files for ease of use
+* Updated Stunnel support for version 5.67
+Compatibility Layer
+* Add in support for AES-CCM with EVP
+* BN compatibility API refactoring and separate API created
+* Expanding public key type cipher suite list strings support
+
+### Misc.
+* Support pthread_rwlock and add enable option
+* Add wolfSSL_CertManagerLoadCABuffer_ex() that takes a user certificate chain flag and additional verify flag options
+* Docker build additions for wolfSSL library and wolfCLU application
+* Add favorite drink pilot attribute type to get it from the encoding
+* Added in support for indefinite length BER parsing with PKCS12
+* Add dynamic session cache which allocates sessions from the heap with macro SESSION_CACHE_DYNAMIC_MEM
+
+
+## Improvements / Optimizations
+
+### Tests
+* Additional CI (continuous integration) testing and leveraging of GitHub workflows
+* Add CI testing for wpa_supplicant, OpenWrt and OpenVPN using GitHub workflows
+* Add compilation of Espressif to GitHub workflows tests
+* Refactoring and improving error results with wolfCrypt unit test application
+* Minor warning fixes from Coverity static analysis scan
+* Add new SHA-512/224 and SHA-512/256 tests
+* Used codespell and fixed some minor typos
+
+### Ports
+* Improve TLS1.2 client authentication to use TSIP
+* Updated Kyber macro to be WOLFSSL_HAVE_KYBER and made changes that make Kyber work on STM32
+* AES-GCM Windows assembly additions
+* CRLF line endings, trailing spaces for C# Wrapper Projects
+Compatibility Layer
+* Update `PubKey` and `Key` PEM-to-DER APIs to support return of needed DER size
+* Allow reading ENC EC PRIVATE KEY as well via wolfSSL_PEM_read_bio_ECPrivateKey
+* Improve wolfSSL_EC_POINT_cmp to handle Jacobian ordinates
+* Fix issue with BIO_reset() and add BIO_FLAGS_MEM_RDONLY flag support for read only BIOs
+
+### SP
+* In SP math library rework mod 3 and use count leading zero instruction
+* Fix with SP ECC sign to reject the random k generated when r is 0
+* With SP math add better detection of when add won't work and double is needed with point_add_qz1 internal function
+* With SP int fail when buffer writing to is too small for number rather than discarding the extra values
+
+### Builds
+* Define WOLFSSL_SP_SMALL_STACK if wolfSSL is build with --enable-smallstack
+* Fix CMake to exclude libm when DH is not enabled
+* Allow building of SAKKE as external non-FIPS algorithm with wolfmikey product
+* Add option to add library suffix, --with-libsuffix
+* ASN template compile option WOLFSSL_ASN_INT_LEAD_0_ANY to allow leading zeros
+* Add user_settings.h template for wolfTPM to examples/configs/user_settings_wolftpm.h
+* Purge the AES variant of Dilithium
+* Expand WOLFSSL_NO_ASN_STRICT to allow parsing of explicit ECC public key
+* Remove relocatable text in ARMv7a AES assembly for use with FIPS builds
+* Expand checking for hardware that supports ARMv7a neon with autotools configure
+* Sanity check on allocation fails with DSA and FP_ECC build when zeroizing internal buffer
+* Additional TLS alerts sent when compiling with WOLFSSL_EXTRA_ALERTS macro defined
+
+### Benchmarking
+* Update wolfCrypt benchmark Windows build files to support x64 Platform
+* Add SHA512/224 and SHA512/256 benchmarks, fixed CVS macro and display sizes
+* Separate AES-GCM streaming runs when benchmarked
+* No longer call external implementation of Kyber from benchmark
+* Fix for benchmarking shake with custom block size
+* Fixes for benchmark help `-alg` list and block format
+Documentation/Examples
+* Document use of wc_AesFree() and update documentation of Ed25519 with Doxygen
+* Move the wolfSSL Configuration section higher in QUIC.md
+* Add Japanese Doxygen documentation for cmac.h, quic.h and remove incomplete Japanese doxygen in asn_public.h
+* Espressif examples run with local wolfSSL now with no additional setup needed
+* Added a fix for StartTLS use In the example client
+* Add a base-line user_settings.h for use with FIPS 140-3 in XCode example app
+
+### Optimizations
+* AES-NI usage added for AES modes ECB/CTR/XTS
+
+### Misc
+* Update AES-GCM stream decryption to allow long IVs
+* Internal refactor to use wolfSSL_Ref functions when incrementing or decrementing the structures reference count and fixes for static analysis reports
+* Cleanup function logging making adjustments to the debug log print outs
+* Remove realloc dependency in DtlsMsgCombineFragBuckets function
+* Refactor to use WOLFSSL_CTX’s cipher suite list when possible
+* Update internal padding of 0’s with DSA sign and additional tests with mp_to_unsigned_bin_len function
+* With DTLS SRTP use wolfSSL_export_keying_material instead of wc_PRF_TLS
+* Updated macro naming from HAVE_KYBER to be WOLFSSL_HAVE_KYBER
+* Update AES XTS encrypt to handle in-place encryption properly
+* With TLS 1.3 add option to require only PSK with DHE
+
+## Fixes
+
+### Ports
+* Fix for AES use with CAAM on imx8qxp with SECO builds
+* Fix for PIC32 crypto HW and unused `TLSX_SetResponse`
+* Fix warning if ltime is unsigned seen with QNX build
+* Updates and fix for Zephyr project support
+* Include sys/time.h for WOLFSSL_RIOT_OS
+* Move X509_V errors from enums to defines for use with HAProxy CLI
+* Fix IAR compiler warnings resolved
+* Fix for STM32 Hash peripherals (like on F437) with FIFO depth = 1
+* ESP32 fix for SHA384 init with hardware acceleration
+
+### Builds
+* Add WOLFSSL_IP_ALT_NAME macro define to --enable-curl
+* Fixes for building with C++17 and avoiding clashing with byte naming
+* Fixes SP math all build issue with small-stack and no hardening
+* Fix for building with ASN template with `NO_ASN_TIME` defined
+* Fix building FIPSv2 with WOLFSSL_ECDSA_SET_K defined
+* Don't allow aesgcm-stream option with kcapi
+* Fix DTLS test case for when able to read peers close notify alert on FreeBSD systems
+* Fix for "expression must have a constant value" in tls13.c with Green Hills compiler
+* Fixes for building KCAPI with opensslextra enabled
+* Fix warnings of shadows min and subscript with i486-netbsd-gcc compiler
+* Fix issue with async and `WOLFSSL_CHECK_ALERT_ON_ERR`
+* Fix for PKCS7 with asynchronous crypto enabled
+
+### Math Library
+* SP Aarch64 fix for conditional changed in asm needing "cc" and fix for ECC P256 mont reduce
+* In SP builds add sanity check with DH exp. to check the output length for minimum size
+* In SP math fix scalar length check with EC scalar multiply
+* With SP int fix handling negative character properly with read radix
+* Add error checks before setting variable err in SP int with the function sp_invmod_mont_ct
+* Fix to add sanity check for malloc of zero size in fastmath builds
+* In fastmath  fix a possible overflow in fp_to_unsigned_bin_len length check
+* Heapmath fast mod. reduce fix
+
+### Compatibility Layer
+* Fixes for encoding/decoding ecc public keys and ensure i2d public key functions do not include any private key information
+* Fix for EVP_EncryptUpdate to update outl on empty input
+* Fix SE050 RSA public key loading and RSA/ECC SE050 TLS Compatibility
+* Rework EC API and validate point after setting it
+* Fix for X509 RSA PSS with compatibility layer functions
+* Fix size of structures used with SHA operations when built with opensslextra for Espressif hardware accelerated hashing
+* Added sanity check on key length with wolfSSL_CMAC_Init function
+* Fix for return value type conversion of bad mutex error in logging function
+* Fix NID conflict NID_givenName and NID_md5WithRSAEncryption
+* Fix unguarded XFPRINTF calls with opensslextra build
+* Fix wolfSSL_ASN1_INTEGER_to_BN for negative values
+* Fix for potential ASN1_STRING leak in wolfSSL_X509_NAME_ENTRY_create_by_txt  and wolfSSL_X509_NAME_ENTRY_create_by_NID when memory allocation fails
+
+### Misc.
+* Add sanity check to prevent an out of bounds read with OCSP response decoding
+* Sanity check to not allow 0 length with bit string and integer when parsing ASN1 syntax
+* Adjust RNG sanity checks and remove error prone first byte comparison
+* With PKCS7 add a fix for GetAsnTimeString() to correctly increment internal data pointer
+* PKCS7 addition of sequence around algo parameters with authenvelop
+* DSA fixes for clearing mp_int before re-reading data and avoid mp_clear without first calling mp_init
+* Fix for SRTP setting bitfield when it is encoded for the TLS extension
+* Fix for handling small http headers when doing CRL verification
+* Fix for ECCSI hash function to validate the output size and curve size
+* Fix for value of givenName and name being reversed with CSR generation
+* Fix for error type returned (OCSP_CERT_UNKNOWN) with OCSP verification
+* Fix for a potential memory leak with ProcessCSR when handling OCSP responses
+* Fix for VERIFY_SKIP_DATE flag not ignoring date errors when set
+* Fix for zlib decompression buffer issue with PKCS7
+* Fix for DTLS message pool send size used and DTLS server saving of the handshake sequence
+* Fix to propagate WOLFSSL_TICKET_RET_CREATE error return value from DoDecryptTicket()
+* Fix for handling long session IDs with TLS 1.3 session tickets
+* Fix for AES-GCM streaming when caching an IV
+* Fix for test case with older selftest that returns bad padding instead of salt len error
+* Add fix for siphash cache and added in additional tests
+* Fix potential out of bounds memset to 0 in error case with session export function used with --enable-sessionexport builds
+* Fix possible NULL dereference in TLSX_CSR_Parse with TLS 1.3
+* Fix for sanity check on RSA pad length with no padding using the build macro WC_RSA_NO_PADDING
+
+# wolfSSL Release 5.5.4 (Dec 21, 2022)
+
+Release 5.5.4 of wolfSSL embedded TLS has bug fixes and new features including:
+
+## New Feature Additions
+
+* QUIC related changes for HAProxy integration and config option
+* Support for Analog Devices MAXQ1080 and MAXQ1065
+* Testing and build of wolfSSL with NuttX
+* New software based entropy gatherer with configure option --enable-entropy-memuse
+* NXP SE050 feature expansion and fixes, adding in RSA support and conditional compile of AES and CMAC
+* Support for multi-threaded sniffer
+
+## Improvements / Optimizations
+
+### Benchmark and Tests
+* Add alternate test case for unsupported static memory API when testing mutex allocations
+* Additional unit test cases added for AES CCM 256-bit
+* Initialize and free AES object with benchmarking AES-OFB
+* Kyber with DTLS 1.3 tests added
+* Tidy up Espressif ESP32 test and benchmark examples
+* Rework to be able to run API tests individually and add display of time taken per test
+
+### Build and Port Improvements
+* Add check for 64-bit ABI on MIPS64 before declaring a 64-bit CPU
+* Add support to detect SIZEOF_LONG in armclang and diab
+* Added in a simple example working on Rx72n
+* Update azsphere support to prevent compilation of file included inline
+* --enable-brainpool configure option added and default to on when custom curves are also on
+* Add RSA PSS salt defines to engine builds if not FIPS v2
+
+### Post Quantum
+* Remove kyber-90s and route all Kyber through wolfcrypt
+* Purge older version of NTRU and SABER from wolfSSL
+
+### SP Math
+* Support static memory build with sp-math
+* SP C, SP int: improve performance
+* SP int: support mingw64 again
+* SP int: enhancements to guess 64-bit type and check on NO_64BIT macro set before using long long
+* SP int: check size required when using sp_int on stack
+* SP: --enable-sp-asm now enables SP by default if not set
+* SP: support aarch64 big endian
+
+### DTLS
+* Allow DTLS 1.3 to compile when FIPS is enabled
+* Allow for stateless DTLS client hello parsing
+
+### Misc.
+* Easier detection of DRBG health when using Intel’s RDRAND by updating the structures status value
+* Detection of duplicate known extensions with TLS
+* PKCS#11 handle a user PIN that is a NULL_PTR, compile time check in finding keys, add initialization API
+* Update max Cert Policy size based on RFC 5280
+* Add Android CA certs path for wolfSSL_CTX_load_system_CA_certs()
+* Improve logic for enabling system CA certs on Apple devices
+* Stub functions to allow for cpuid public functions with non-intel builds
+* Increase RNG_SECURITY_STRENGTH for FIPS
+* Improvements in OpenSSL Compat ERR Queue handling
+* Support ASN1/DER CRLs in LoadCertByIssuer
+* Expose more ECC math functions and improve async shared secret
+* Improvement for sniffer error messages
+* Warning added that renegotiation in TLS 1.3 requires session ticket
+* Adjustment for TLS 1.3 post auth support
+* Rework DH API and improve PEM read/write
+
+## Fixes
+
+### Build Fixes
+* Fix --enable-devcrypto build error for sys without u_int8_t type
+* Fix casts in evp.c and build issue in ParseCRL
+* Fixes for compatibility layer building with heap hint and OSSL callbacks
+* fix compile error due to Werro=undef on gcc-4.8
+* Fix mingw-w64 build issues on windows
+* Xcode project fixes for different build settings
+* Initialize variable causing failures with gcc-11 and gcc-12 with a unique wolfSSL build configuration
+* Prevent WOLFSSL_NO_MALLOC from breaking RSA certificate verification
+* Fixes for various tests that do not properly handle `WC_PENDING_E` with async. builds
+* Fix for misc `HashObject` to be excluded for `WOLFCRYPT_ONLY`
+
+### OCSP Fixes
+* Correctly save next status with OCSP response verify
+* When the OCSP responder returns an unknown exception, continue through to checking the CRL
+
+### Math Fixes
+* Fix for implicit conversion with 32-bit in SP math
+* Fix for error checks when modulus is even with SP int build
+* Fix for checking of err in _sp_exptmod_nct with SP int build
+* ECC cofactor fix when checking scalar bits
+* ARM32 ASM: don't use ldrd on user data
+* SP int, fix when ECC specific size code included
+
+### Port Fixes
+* Fixes for STM32 PKA ECC (not 256-bit) and improvements for AES-GCM
+* Fix for cryptocell signature verification with ECC
+* Benchmark devid changes, CCM with SECO fix, set IV on AES import into SECO
+
+### Compat. Layer Fixes
+* Fix for handling DEFAULT:... cipher suite list
+* Fix memory leak in wolfSSL_X509_NAME_ENTRY_get_object
+* Set alt name type to V_ASN1_IA5STRING
+* Update name hash functions wolfSSL_X509_subject_name_hash and wolfSSL_X509_issuer_name_hash to hash the canonical form of subject
+* Fix wolfSSL_set_SSL_CTX() to be usable during handshake
+* Fix X509_get1_ocsp to set num of elements in stack
+* X509v3 EXT d2i: fix freeing of aia
+* Fix to remove recreation of certificate with wolfSSL_PEM_write_bio_X509()
+* Link newly created x509 store's certificate manager to self by default to assist with CRL verification
+* Fix for compatibility `EC_KEY_new_by_curve_name` to not create a key if the curve is not found
+
+### Misc.
+* Free potential signer malloc in a fail case
+* fix other name san parsing and add RID cert to test parsing
+* WOLFSSL_OP_NO_TICKET fix for TLSv1.2
+* fix ASN template parsing of X509 subject directory attribute
+* Fix the wrong IV size with the cipher suite TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256
+* Fix incorrect self signed error return when compiled with certreq and certgen.
+* Fix wrong function name in debug comment with wolfSSL_X509_get_name_oneline()
+* Fix for decryption after second handshake with async sniffer
+* Allow session tickets to properly resume when using PQ KEMs
+* Add sanity overflow check to DecodeAltNames input buffer access
+
+# wolfSSL Release 5.5.3 (Nov 2, 2022)
+
+Release 5.5.3 of wolfSSL embedded TLS has the following bug fix:
+
+## Fixes
+
+* Fix for possible buffer zeroization overrun introduced at the end of v5.5.2 release cycle in GitHub pull request 5743 (https://github.com/wolfSSL/wolfssl/pull/5743) and fixed in pull request 5757 (https://github.com/wolfSSL/wolfssl/pull/5757). In the case where a specific memory allocation failed or a hardware fault happened there was the potential for an overrun of 0’s when masking the buffer used for (D)TLS 1.2 and lower operations. (D)TLS 1.3 only and crypto only users are not affected by the issue. This is not related in any way to recent issues reported in OpenSSL.
+
+
 # wolfSSL Release 5.5.2 (Oct 28, 2022)
 Release 5.5.2 of wolfSSL embedded TLS has bug fixes and new features including:
 

Docker/Dockerfile

@@ -0,0 +1,21 @@
+ARG DOCKER_BASE_IMAGE=ubuntu:22.04
+FROM $DOCKER_BASE_IMAGE
+
+USER root
+
+ARG DEPS_WOLFSSL="build-essential autoconf libtool git gdb iputils-ping clang lldb bsdmainutils netcat gcc-multilib binutils-arm-linux-gnueabi binutils-aarch64-linux-gnu"
+ARG DEPS_LIBOQS="astyle cmake gcc ninja-build libssl-dev python3-pytest python3-pytest-xdist unzip xsltproc doxygen graphviz python3-yaml valgrind git"
+RUN DEBIAN_FRONTEND=noninteractive apt update && apt install -y apt-utils \
+                    && apt install -y ${DEPS_WOLFSSL} ${DEPS_LIBOQS} \
+                    && apt clean -y && rm -rf /var/lib/apt/lists/*
+
+ARG USER=docker
+ARG UID=1000
+ARG GID=1000
+RUN groupadd -f -g ${GID} docker && ( getent passwd ${UID} || useradd -ms /bin/bash ${USER} -u ${UID} -g ${GID} )
+
+# install liboqs
+RUN git clone --single-branch https://github.com/open-quantum-safe/liboqs.git && cd liboqs && git checkout af76ca3b1f2fbc1f4f0967595f3bb07692fb3d82 \
+    && mkdir build && cd build && cmake -DOQS_DIST_BUILD=ON -DOQS_USE_CPUFEATURE_INSTRUCTIONS=OFF -DOQS_USE_OPENSSL=0 .. && make -j8 all && make install && cd ../.. && rm -rf liboqs
+
+USER ${UID}:${GID}

Docker/OpenWrt/Dockerfile

@@ -0,0 +1,12 @@
+# This Dockerfile is used in conjunction with the docker-OpenWrt.yml GitHub Action.
+ARG DOCKER_BASE_CONTAINER=openwrt/rootfs:x86-64-snapshot
+FROM $DOCKER_BASE_CONTAINER
+
+RUN mkdir -p /var/lock # Fix for parent container
+COPY libwolfssl.so /tmp/libwolfssl.so
+RUN export LIBWOLFSSL=$(ls /usr/lib/libwolfssl.so.* -1); \
+                      rm ${LIBWOLFSSL} && ln -s /tmp/libwolfssl.so ${LIBWOLFSSL}
+# for debugging purposes to make sure the correct library is tested
+RUN ls -Ll /usr/lib/libwolfssl* && ldd /lib/libustream-ssl.so | grep wolfssl
+COPY runTests.sh /tmp/.
+RUN /tmp/runTests.sh

Docker/OpenWrt/README.md

@@ -0,0 +1,13 @@
+This container is really only useful in conjunction with the GitHub Workflow
+found in .github/workflows/docker-OpenWrt.yml. The idea is that we will
+compile a new libwolfssl that gets placed in official OpenWrt containers to
+run some tests ensuring the library is still compatible with existing
+binaries.
+
+To run the test locally, build libwolfssl.so (or download from the GitHub Action)
+and put it in Docker/OpenWrt. Then switch to that folder and run:
+docker build -t openwrt --build-args DOCKER_BASE_CONTAINER=<openwrtContainer> .
+where 'openwrtContainer' => "openwrt/rootfs:x86-64-22.03-SNAPSHOT" or similar
+
+This should run some sample tests. The resulting container then can be used to
+evaluate OpenWrt with the latest wolfSSL library.

Docker/OpenWrt/runTests.sh

@@ -0,0 +1,23 @@
+#!/bin/sh
+
+runCMD() { # usage: runCMD "<command>" "<retVal>"
+    eval $1 >/dev/null 2>&1
+    RETVAL=$?
+    if [ "$RETVAL" != "$2" ]; then
+        echo "Command ($1) returned ${RETVAL}, but expected $2. Rerunning with output to terminal:"
+        eval $1
+        exit 1
+    fi
+}
+
+# Successful tests
+runCMD "ldd /lib/libustream-ssl.so" 0
+runCMD "opkg update" 0
+runCMD "uclient-fetch -O /dev/null 'https://letsencrypt.org'" 0
+# Negative tests
+runCMD "uclient-fetch --ca-certificate=/dev/null -O /dev/null 'https://letsencrypt.org'" 5
+runCMD "uclient-fetch -O /dev/null 'https://self-signed.badssl.com/'" 5
+runCMD "uclient-fetch -O /dev/null 'https://untrusted-root.badssl.com/'" 5
+runCMD "uclient-fetch -O /dev/null 'https://expired.badssl.com/'" 5
+
+echo "All tests passed."

Docker/README.md

@@ -0,0 +1,13 @@
+# Overview
+This is a simple Docker environment for compiling and running WolfSSL. Use `run.sh` to build everything (Docker container, WolfSSL, etc.). This script takes in arguments that can be passed to `./configure`. For example: `run.sh --enable-all`
+
+When the compilation and tests succeed, you will be dropped in to a shell environment within the container. This can be useful to build other things within the environment.
+
+# FAQ
+## permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock
+You need to be added to the `docker` group to run Docker containers. Run `sudo usermod -aG docker $USER`. You may need to restart the Docker daemon.
+
+## Unable to access symlinked files outside of WolfSSL
+The volume mounted in the Docker container needs to have all files that your compilation will need. To solve this, you have a couple options:
+1. Change the `WOLFSSL_DIR` variable in the `run.sh` to one higher up (by adding `/..` to the path). Then update the `docker build` to include the correct path to the Dockerfile and the `docker run` argument to the working directory (`-w`) to the WolfSSL source directory
+2. Move the external repository to within the WolfSSL directory. For example create an `external` folder which has your files. This route may have complications when stashing Git work.

Docker/include.am

@@ -0,0 +1,11 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST+= Docker/Dockerfile
+EXTRA_DIST+= Docker/run.sh
+EXTRA_DIST+= Docker/README.md
+
+ignore_files+=Docker/OpenWRT/Dockerfile
+ignore_files+=Docker/OpenWRT/runTests.sh
+ignore_files+=Docker/OpenWRT/README.md

Docker/run.sh

@@ -0,0 +1,14 @@
+#!/bin/bash
+
+echo "Running with \"${*}\"..."
+
+# Assume we're in wolfssl/Docker
+WOLFSSL_DIR=$(builtin cd ${BASH_SOURCE%/*}/..; pwd)
+
+docker build -t wolfssl --build-arg UID=$(id -u) --build-arg GID=$(id -g) "${WOLFSSL_DIR}/Docker" && \
+  docker run --rm -it -v ${HOME}/.gitconfig:/home/docker/.gitconfig:ro -v ${HOME}/.ssh:/home/docker/.ssh:ro -v "${WOLFSSL_DIR}:/tmp/wolfssl" -w /tmp/wolfssl wolfssl /bin/bash -c "./autogen.sh && ./configure ${*@Q} && make" && \
+  docker run --rm -it -v ${HOME}/.gitconfig:/home/docker/.gitconfig:ro -v ${HOME}/.ssh:/home/docker/.ssh:ro -v "${WOLFSSL_DIR}:/tmp/wolfssl" -w /tmp/wolfssl wolfssl /bin/bash
+
+exitval=$?
+echo "Exited with error code $exitval"
+exit $exitval

Docker/wolfCLU/Dockerfile

@@ -0,0 +1,22 @@
+FROM ubuntu as BUILDER
+
+ARG DEPS_WOLFSSL="build-essential autoconf libtool zlib1g-dev libuv1-dev libpam0g-dev git libpcap-dev libcurl4-openssl-dev bsdmainutils netcat iputils-ping bubblewrap"
+RUN DEBIAN_FRONTEND=noninteractive apt update && apt install -y apt-utils \
+                    && apt install -y ${DEPS_WOLFSSL} ${DEPS_LIBOQS} \
+                    && apt clean -y && rm -rf /var/lib/apt/lists/*
+
+ARG NUM_CPU=16
+
+# This arg is to force a rebuild starting from this line
+ARG DUMMY=date
+# install wolfssl
+RUN DUMMY=${DUMMY} git clone --depth=1 --single-branch --branch=master http://github.com/wolfssl/wolfssl && cd wolfssl && ./autogen.sh && ./configure --enable-all && make -j $NUM_CPU && make install && ldconfig
+
+# install wolfCLU
+RUN git clone --depth=1 --single-branch --branch=main http://github.com/wolfssl/wolfCLU && cd wolfCLU && ./autogen.sh && ./configure && make -j $NUM_CPU && make install
+
+FROM ubuntu
+COPY --from=BUILDER /usr/local/lib/libwolfssl.so /usr/local/lib/
+COPY --from=BUILDER /usr/local/bin/wolfssl* /usr/local/bin/
+RUN ldconfig
+ENTRYPOINT ["/usr/local/bin/wolfssl"]

Docker/wolfCLU/README.md

@@ -0,0 +1,10 @@
+This is a small container that has wolfCLU installed for quick access. To build your own run the following:
+```
+docker build --pull --build-arg DUMMY=$(date +%s) -t wolfclu . 
+```
+
+To run the container, you can use:
+```
+docker run -it --rm -v $(pwd):/ws -w /ws wolfclu version
+```
+This command will allow you to use the certs/keys in your local directory.

IDE/ARDUINO/sketches/wolfssl_client/wolfssl_client.ino

@@ -1,6 +1,6 @@
 /* wolfssl_client.ino
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/ARDUINO/sketches/wolfssl_server/wolfssl_server.ino

@@ -1,6 +1,6 @@
 /* wolfssl_server.ino
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/AURIX/Cpu0_Main.c

@@ -1,6 +1,6 @@
 /* Cpu0_Main.c
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/AURIX/user_settings.h

@@ -1,6 +1,6 @@
 /* user_settings.h
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/AURIX/wolf_main.c

@@ -1,6 +1,6 @@
 /* wolf_main.c
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/CRYPTOCELL/main.c

@@ -1,6 +1,6 @@
 /* main.c
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/CRYPTOCELL/user_settings.h

@@ -1,6 +1,6 @@
 /* user_settings.h
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/ECLIPSE/DEOS/deos_malloc.c

@@ -1,6 +1,6 @@
 /* deos_malloc.c
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/ECLIPSE/DEOS/tls_wolfssl.c

@@ -1,6 +1,6 @@
 /* tls_wolfssl.c
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/ECLIPSE/DEOS/tls_wolfssl.h

@@ -1,6 +1,6 @@
 /* tls_wolfssl.h
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/ECLIPSE/DEOS/user_settings.h

@@ -1,6 +1,6 @@
 /* user_setting.h
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/ECLIPSE/MICRIUM/README.md

@@ -40,7 +40,7 @@ The folder hierarchy is the same as the wolfSSL folders with an exception of the
 
 4. Right click on each folders, add or link all the source code in the corresponding folder in wolfSSL.
 
-5. Remove non-C platform dependent files from your build. At the moment, only aes_asm.asm and aes_asm.s must be removed from your wolfssl/wolfcrypt/src folder.
+5. Remove non-C platform dependent files from your build. At the moment, only aes_asm.asm, aes_gcm_asm.asm and aes_asm.s must be removed from your wolfssl/wolfcrypt/src folder.
 
 6. In your C/C++ compiler preprocessor settings, add the wolfSSL directories to your include paths.
 Here's an example of the paths that must be added.

IDE/ECLIPSE/MICRIUM/client_wolfssl.c

@@ -1,6 +1,6 @@
 /* client_wolfssl.c
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/ECLIPSE/MICRIUM/client_wolfssl.h

@@ -1,6 +1,6 @@
 /* client_wolfssl.h
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/ECLIPSE/MICRIUM/server_wolfssl.c

@@ -1,6 +1,6 @@
 /* server_wolfssl.c
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/ECLIPSE/MICRIUM/server_wolfssl.h

@@ -1,6 +1,6 @@
 /* server_wolfssl.h
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/ECLIPSE/MICRIUM/user_settings.h

@@ -1,6 +1,6 @@
 /* user_setting.h
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/ECLIPSE/MICRIUM/wolfsslRunTests.c

@@ -1,6 +1,6 @@
 /* wolfsslRunTests.c
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/ECLIPSE/RTTHREAD/user_settings.h

@@ -1,6 +1,6 @@
 /* user_setting.h
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/ECLIPSE/RTTHREAD/wolfssl_test.c

@@ -1,6 +1,6 @@
 /* wolfsslRunTests.c
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/Espressif/ESP-IDF/UPDATE.md

@@ -0,0 +1,23 @@
+# Espressif Updates
+
+See [#5795]()
+
+## Changes in November 2022
+
+Updates to Espressif ESP-IDF wolfssl_benchmark and wolfssl_test examples:
+
+- Benchmark example no longer runs tests.
+- Fixed Test example that was missing code files. (no longer installed locally)
+- Rename `benchmark/main` and `test/main` filenames from `helper.c` to `main.c`, cleaned up.
+- Added `main.h`
+- Revised `main/CMakeLists.txt` to use only `main.c`
+- Set components `main` and `wolfssl` for project `CMakeLists.txt`
+- Update wolfcrypt esp32_sha.c and sha256.c to now report unexpected reentry as verbose log rather than error message.
+- `wolfcrypt/test.c` now returns `args.return_code` when `WOLFSSL_ESPIDF` is defined.
+- `wolfcrypt/test.h` now declares `int wolf_test_task(void)` when `WOLFSSL_ESPIDF` is defined.
+- `setup.sh` no longer copies benchmark.c(.h) to local project directory.
+- Added `libs/Tigard.cfg` file for Tigard JTAG debugger.
+- Update `sdkconfig.defaults` with compiler optimizations and stack check.
+- Added VisualGDB Project file & Visual Studio solution file.
+- Added optional `time_helper` for wolfssl_test
+- Exclude `ssl_misc.c` in component cmake to fix warning:  #warning ssl_misc.c does not need to be compiled separately from ssl.c

IDE/Espressif/ESP-IDF/compileAllExamples.sh

@@ -0,0 +1,111 @@
+#!/bin/bash
+#
+# testing script: compileAllExamples
+#
+# This script will compile all the local examples, optionally installing wolfSSL in the ESP-IDF components directory.
+#
+# Example usage:
+#   cd wolfssl && docker run --rm -v $PWD:/project -w /project espressif/idf:latest IDE/Espressif/ESP-IDF/compileAllExamples.sh
+#
+# Parameter option to also run the ./setup.sh to install the wolfSSL component in ESP-IDF and test for multiple installs:
+#
+#   --run-setup
+#
+# Note that once installed, the wolfSSL component will need to be manually removed to successfully run this script.
+#
+if  [[ "$IDF_PATH" == "" ]]; then
+    echo "Error: $IDF_PATH not found; run Espressif export.sh"
+    exit 1
+fi
+SCRIPT_DIR=$(builtin cd ${BASH_SOURCE%/*}; pwd)
+RUN_SETUP=$1
+THIS_ERR=0
+
+echo "Found IDF_PATH = $IDF_PATH"
+
+# Regular tests of wolfSSL in local component directories of each project:
+#
+# Note these tests should FAIL if wolfSSL is already installed in ESP-IDF
+#
+for file in "benchmark" "client" "server" "test"; do
+    pushd ${SCRIPT_DIR}/examples/wolfssl_${file}/ && idf.py fullclean build;
+    THIS_ERR=$?
+    popd
+    if [ $THIS_ERR -ne 0 ]; then
+        echo "Failed in ${file}"
+        exit 1
+    fi
+done
+
+
+# Check for option to also install wolfSSL.
+#
+# When doing so, we'll run a check that multiple installs should cause build failure.
+if  [[ "$RUN_SETUP" == "--run-setup" ]]; then
+    echo "Running wolfSSL setup.sh"
+
+    # install wolfSSL into EDP-IDF shared components directory.
+    ./setup.sh --verbose
+
+    THIS_ERR=$?
+    if [ $? -ne 0 ]; then
+        echo "Failed running setup.sh"
+        exit 1
+    fi
+
+    # Check ESP-IDF install:
+    #
+    # The wolfssl_test_idf should NOT have a local components/wolfssl when testing!
+    # This test is to confirm the ESP-IDF component build properly after setup.
+    #
+    echo ""
+    echo "Testing a build of wolfSSL in ESP-IDF components directory"
+    echo ""
+    for file in "test_idf"; do
+        pushd ${SCRIPT_DIR}/examples/wolfssl_${file}/ && idf.py fullclean build;
+        THIS_ERR=$?
+        popd
+        if [ $? -ne 0 ]; then
+            echo "Failed in ${file}"
+            exit 1
+        fi
+    done
+
+    # Check multiple installs: the wolfSSL component in ESP-IDF and local directory:
+    #
+    # The wolfssl_test project already has a local wolfSSL component directory.
+    #
+    # Once wolfssl has been installed to ESP-IDF components, the local
+    # component build SHOULD fail:
+    echo ""
+    echo "Testing a build of wolfSSL in both local and ESP-IDF components directory"
+    echo ""
+    for file in "test"; do
+        pushd ${SCRIPT_DIR}/examples/wolfssl_${file}/ && idf.py fullclean build;
+        THIS_ERR=$?
+        popd
+        if [ $THIS_ERR -ne 0 ]; then
+            echo ""
+            echo "Success: Confirmed build fails when wolfSSL found in ESP-IDF and local project."
+            echo ""
+        else
+            echo "Error: build should have failed when wolfSSL found in ESP-IDF and local project."
+            exit 1
+        fi
+    done
+else
+    echo "Skipping ESP-IDF install tests. For these tests, use parameter: --run-setup"
+fi
+
+
+# Show a reminder that wolfSSL was installed as a shared component.
+if  [[ "$RUN_SETUP" == "--run-setup" ]]; then
+    echo ""
+    echo "wolfSSL was installed as an ESP-IDF component. This will be in conflict with any project that has a local component."
+    echo ""
+    echo "Delete the installed component before re-running this test."
+    echo ""
+fi
+
+# Done
+echo "Completed compileAllExamples in $SCRIPT_DIR"

IDE/Espressif/ESP-IDF/dummy_config_h

@@ -1,6 +1,6 @@
 /* config.h - dummy
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/Espressif/ESP-IDF/dummy_test_paths.h

@@ -1,6 +1,6 @@
 /* wolfcrypt/test/test_paths.h
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/CMakeLists.txt

@@ -3,4 +3,10 @@
 cmake_minimum_required(VERSION 3.5)
 
 include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+
+set(COMPONENTS
+  main
+  wolfssl
+) # set components
+
 project(wolfssl_benchmark)

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md

@@ -14,3 +14,177 @@ When you want to run the benchmark program
 2. `idf.py monitor` to see the message
 
 See the README.md file in the upper level 'examples' directory for more information about examples.
+
+## Performance
+
+Reminder than when building on WSL in `/mnt/c` there will be a noticeable performance degradation at compile time. Using `~/` will be faster at the cost of shared filesystems.
+
+Example build on WSL:
+
+```
+Optionally install wolfSSL component
+# cd /mnt/c/workspace/wolfssl/IDE/Espressif/ESP-IDF
+./setup.sh
+
+cd /mnt/c/workspace/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark
+
+# Pick ESP-IDF install directory, this one for v4.4.2 in VisualGDB
+. /mnt/c/SysGCC/esp32/esp-idf/v4.4.2/export.sh
+
+
+idf.py build flash -p /dev/ttyS20 -b 921600 monitor
+```
+
+## Example Output
+
+Note the default wolfSSL `user_settings.h` is configured by default to be the most 
+compatible across the widest ranges of targets. Contact wolfSSL at support@wolfssl.com
+for help in optimizing for your particular application, or see the 
+[docs](https://www.wolfssl.com/documentation/manuals/wolfssl/index.html).
+
+Compiled and flashed with `idf.py build  flash -p /dev/ttyS7 -b 921600 monitor`:
+
+```
+--- idf_monitor on /dev/ttyS7 115200 ---
+--- Quit: Ctrl+] | Menu: Ctrl+T | Help: Ctrl+T followed by Ctrl+H ---
+ (377) cpu_start: Starting scheduler ets Jun  8 2016 00:22:57
+
+rst:0x1 (POWERON_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
+configsip: 0, SPIWP:0xee
+clk_drv:0x00,q_drv:0x00,d_drv:0x00,cs0_drv:0x00,hd_drv:0x00,wp_drv:0x00
+mode:DIO, clock div:2
+load:0x3fff0030,len:6664
+load:0x40078000,len:14848
+load:0x40080400,len:3792
+0x40080400: _init at ??:?
+
+entry 0x40080694
+I (27) boot: ESP-IDF v4.4.2-dirty 2nd stage bootloader
+I (27) boot: compile time 13:41:41
+I (27) boot: chip revision: 1
+I (30) boot_comm: chip revision: 1, min. bootloader chip revision: 0
+I (37) boot.esp32: SPI Speed      : 40MHz
+I (42) boot.esp32: SPI Mode       : DIO
+I (46) boot.esp32: SPI Flash Size : 2MB
+I (51) boot: Enabling RNG early entropy source...
+I (56) boot: Partition Table:
+I (60) boot: ## Label            Usage          Type ST Offset   Length
+I (67) boot:  0 nvs              WiFi data        01 02 00009000 00006000
+I (75) boot:  1 phy_init         RF data          01 01 0000f000 00001000
+I (82) boot:  2 factory          factory app      00 00 00010000 00100000
+I (90) boot: End of partition table
+I (94) boot_comm: chip revision: 1, min. application chip revision: 0
+I (101) esp_image: segment 0: paddr=00010020 vaddr=3f400020 size=12bf4h ( 76788) map
+I (137) esp_image: segment 1: paddr=00022c1c vaddr=3ffb0000 size=02420h (  9248) load
+I (141) esp_image: segment 2: paddr=00025044 vaddr=40080000 size=0afd4h ( 45012) load
+I (161) esp_image: segment 3: paddr=00030020 vaddr=400d0020 size=33148h (209224) map
+I (237) esp_image: segment 4: paddr=00063170 vaddr=4008afd4 size=00550h (  1360) load
+I (238) esp_image: segment 5: paddr=000636c8 vaddr=50000000 size=00010h (    16) load
+I (249) boot: Loaded app from partition at offset 0x10000
+I (249) boot: Disabling RNG early entropy source...
+I (266) cpu_start: Pro cpu up.
+I (266) cpu_start: Starting app cpu, entry point is 0x40081098
+0x40081098: call_start_cpu1 at /mnt/c/SysGCC/esp32/esp-idf/v4.4.2/components/esp_system/port/cpu_start.c:160
+
+I (0) cpu_start: App cpu up.
+I (280) cpu_start: Pro cpu start user code
+I (280) cpu_start: cpu freq: 240000000
+I (280) cpu_start: Application information:
+I (285) cpu_start: Project name:     wolfssl_benchmark
+I (291) cpu_start: App version:      v5.5.3-stable-108-gbd7b442df-di
+I (298) cpu_start: Compile time:     Nov 17 2022 14:10:03
+I (304) cpu_start: ELF file SHA256:  fbb520f5bbf963a0...
+I (310) cpu_start: ESP-IDF:          v4.4.2-dirty
+I (316) heap_init: Initializing. RAM available for dynamic allocation:
+I (323) heap_init: At 3FFAE6E0 len 00001920 (6 KiB): DRAM
+I (329) heap_init: At 3FFB3DE8 len 0002C218 (176 KiB): DRAM
+I (335) heap_init: At 3FFE0440 len 00003AE0 (14 KiB): D/IRAM
+I (341) heap_init: At 3FFE4350 len 0001BCB0 (111 KiB): D/IRAM
+I (348) heap_init: At 4008B524 len 00014ADC (82 KiB): IRAM
+I (355) spi_flash: detected chip: generic
+I (359) spi_flash: flash io: dio
+W (362) spi_flash: Detected size(4096k) larger than the size in the binary image header(2048k). Using the size in the binary image header.
+I (377) cpu_start: Starting scheduler on PRO CPU.
+I (0) cpu_start: Starting scheduler on APP CPU.
+I (391) wolfssl_benchmark: app_main CONFIG_BENCH_ARGV = -lng 0
+I (397) wolfssl_benchmark: construct_argv arg:-lng 0
+
+------------------------------------------------------------------------------
+ wolfSSL version 5.5.3
+------------------------------------------------------------------------------
+wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
+RNG                          1 MiB took 1.017 seconds,    1.320 MiB/s
+AES-128-CBC-enc              6 MiB took 1.002 seconds,    5.726 MiB/s
+AES-128-CBC-dec              5 MiB took 1.000 seconds,    5.347 MiB/s
+AES-192-CBC-enc              6 MiB took 1.004 seconds,    5.714 MiB/s
+AES-192-CBC-dec              5 MiB took 1.001 seconds,    5.341 MiB/s
+AES-256-CBC-enc              6 MiB took 1.000 seconds,    5.713 MiB/s
+AES-256-CBC-dec              5 MiB took 1.002 seconds,    5.336 MiB/s
+AES-128-GCM-enc            300 KiB took 1.004 seconds,  298.805 KiB/s
+AES-128-GCM-dec            300 KiB took 1.004 seconds,  298.805 KiB/s
+AES-192-GCM-enc            300 KiB took 1.007 seconds,  297.915 KiB/s
+AES-192-GCM-dec            300 KiB took 1.008 seconds,  297.619 KiB/s
+AES-256-GCM-enc            300 KiB took 1.011 seconds,  296.736 KiB/s
+AES-256-GCM-dec            300 KiB took 1.011 seconds,  296.736 KiB/s
+GMAC Default               403 KiB took 1.002 seconds,  402.196 KiB/s
+3DES                       450 KiB took 1.028 seconds,  437.743 KiB/s
+MD5                         14 MiB took 1.001 seconds,   13.756 MiB/s
+SHA                         14 MiB took 1.001 seconds,   14.463 MiB/s
+SHA-256                     14 MiB took 1.000 seconds,   14.233 MiB/s
+SHA-512                     17 MiB took 1.000 seconds,   16.626 MiB/s
+HMAC-MD5                    14 MiB took 1.000 seconds,   13.599 MiB/s
+HMAC-SHA                    14 MiB took 1.000 seconds,   13.989 MiB/s
+HMAC-SHA256                 14 MiB took 1.000 seconds,   13.940 MiB/s
+HMAC-SHA512                 16 MiB took 1.000 seconds,   16.064 MiB/s
+PBKDF2                     640 bytes took 1.009 seconds,  634.291 bytes/s
+RSA     2048   public        52 ops took 1.022 sec, avg 19.654 ms, 50.881 ops/sec
+RSA     2048  private         4 ops took 1.056 sec, avg 264.000 ms, 3.788 ops/sec
+ECC   [      SECP256R1]   256  key gen         4 ops took 1.216 sec, avg 304.000 ms, 3.289 ops/sec
+ECDHE [      SECP256R1]   256    agree         4 ops took 1.215 sec, avg 303.750 ms, 3.292 ops/sec
+ECDSA [      SECP256R1]   256     sign         4 ops took 1.226 sec, avg 306.500 ms, 3.263 ops/sec
+ECDSA [      SECP256R1]   256   verify         2 ops took 1.172 sec, avg 586.000 ms, 1.706 ops/sec
+CURVE  25519  key gen         3 ops took 1.279 sec, avg 426.333 ms, 2.346 ops/sec
+CURVE  25519    agree         4 ops took 1.701 sec, avg 425.250 ms, 2.352 ops/sec
+ED     25519  key gen        46 ops took 1.008 sec, avg 21.913 ms, 45.635 ops/sec
+ED     25519     sign        42 ops took 1.038 sec, avg 24.714 ms, 40.462 ops/sec
+ED     25519   verify        26 ops took 1.009 sec, avg 38.808 ms, 25.768 ops/sec
+Benchmark complete
+```
+
+## Known Issues and Common Issues
+
+### Permission denied
+
+Delete project directory `build`, `.visualgdb` and `.vs` directories. Ensure no other build
+process is using the same files in Windows, WSL, Visual Studio, VSCode, etc.
+
+Example message:
+
+```
+-- Building ESP-IDF components for target esp32
+CMake Error at /mnt/c/SysGCC/esp32/esp-idf/v4.4.2/tools/cmake/component.cmake:131 (file):
+  file failed to open for writing (Permission denied):
+
+    /mnt/c/workspace-pr/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/build/bootloader/component_properties.temp.cmake
+```
+
+
+### user_settings.h: No such file or directory
+
+Ensure wolfSSL is installed in the ESP-IDF or local project `components` directory.
+
+Example message:
+
+```
+ esp-idf/main/CMakeFiles/__idf_main.dir/main.c.obj   -c ../main/main.c
+../main/main.c:27:10: fatal error: user_settings.h: No such file or directory
+ #include <user_settings.h>
+          ^~~~~~~~~~~~~~~~~
+compilation terminated.
+```
+
+A 'clean` may be needed after freshly installing a new component:
+
+```
+idf.py clean build  flash -p /dev/ttyS7 -b 921600 monitor
+```

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/VisualGDB_wolfssl_benchmark.sln

@@ -0,0 +1,39 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 16
+VisualStudioVersion = 16.0.33027.164
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{803FD0C6-D64E-4E16-9DC3-1DAEC859A3D2}") = "VisualGDB_wolfssl_benchmark", "VisualGDB_wolfssl_benchmark.vgdbproj", "{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}"
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{51FEFEA9-C2BA-43A1-8B36-9140367E5AAF}"
+	ProjectSection(SolutionItems) = preProject
+		..\..\..\..\..\wolfcrypt\benchmark\benchmark.c = ..\..\..\..\..\wolfcrypt\benchmark\benchmark.c
+		..\..\..\..\..\wolfcrypt\benchmark\benchmark.h = ..\..\..\..\..\wolfcrypt\benchmark\benchmark.h
+		components\wolfssl\CMakeLists.txt = components\wolfssl\CMakeLists.txt
+		..\..\..\..\..\include\user_settings.h = ..\..\..\..\..\include\user_settings.h
+	EndProjectSection
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|VisualGDB = Debug|VisualGDB
+		Release|VisualGDB = Release|VisualGDB
+		Tests (Debug)|VisualGDB = Tests (Debug)|VisualGDB
+		Tests (Release)|VisualGDB = Tests (Release)|VisualGDB
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Debug|VisualGDB.ActiveCfg = Debug|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Debug|VisualGDB.Build.0 = Debug|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Release|VisualGDB.ActiveCfg = Release|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Release|VisualGDB.Build.0 = Release|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Debug)|VisualGDB.ActiveCfg = Tests (Debug)|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Debug)|VisualGDB.Build.0 = Tests (Debug)|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Release)|VisualGDB.ActiveCfg = Tests (Release)|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Release)|VisualGDB.Build.0 = Tests (Release)|VisualGDB
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {668EEFC0-010C-4688-916F-A628190717D4}
+	EndGlobalSection
+EndGlobal

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/VisualGDB_wolfssl_benchmark.vgdbproj

@@ -0,0 +1,269 @@
+<?xml version="1.0"?>
+<VisualGDBProjectSettings2 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+  <Project xsi:type="com.visualgdb.project.external.esp-idf">
+    <CustomSourceDirectories>
+      <Directories />
+      <PathStyle>Unknown</PathStyle>
+    </CustomSourceDirectories>
+    <AutoProgramSPIFFSPartition>true</AutoProgramSPIFFSPartition>
+    <ProjectModeSettings>
+      <ProjectGUID>7bbd1486-d457-4e49-92ba-0cfc9d80849e</ProjectGUID>
+      <GroupSourcesByTypes>true</GroupSourcesByTypes>
+      <GroupSourcesByPaths>true</GroupSourcesByPaths>
+      <HeaderScanMode>SourceDirs</HeaderScanMode>
+    </ProjectModeSettings>
+  </Project>
+  <Build xsi:type="com.visualgdb.build.cmake">
+    <BuildLogMode xsi:nil="true" />
+    <ToolchainID>
+      <ID>com.visualgdb.xtensa-esp32-elf</ID>
+      <Version>
+        <GCC>11.2.0</GCC>
+        <GDB>9.2.90</GDB>
+        <Revision>2</Revision>
+      </Version>
+    </ToolchainID>
+    <RelativeSourceDirectory>..</RelativeSourceDirectory>
+    <ConfigurationType>DEBUG</ConfigurationType>
+    <BinaryDirectory>build/$(PlatformName)/$(ConfigurationName)</BinaryDirectory>
+    <MakeCommandTemplate>
+      <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+      <Command>$(ToolchainNinja)</Command>
+      <WorkingDirectory>$(BuildDir)</WorkingDirectory>
+      <BackgroundMode xsi:nil="true" />
+    </MakeCommandTemplate>
+    <CMakeCommand>
+      <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+      <Command>$(SYSPROGS_CMAKE_PATH)</Command>
+      <BackgroundMode xsi:nil="true" />
+    </CMakeCommand>
+    <UpdateSourcesInCMakeFile>true</UpdateSourcesInCMakeFile>
+    <ExportCompileCommands>false</ExportCompileCommands>
+    <DisableToolchainFile>false</DisableToolchainFile>
+    <CMakeMakefileType>Ninja</CMakeMakefileType>
+    <DeployAsRoot>false</DeployAsRoot>
+    <CMakeCleanMode>RemoveBuildDirectory</CMakeCleanMode>
+    <UseCCache>false</UseCCache>
+    <ProjectModeSettings>
+      <ProjectItemSettings>
+        <GroupSourcesByTypes>true</GroupSourcesByTypes>
+        <GroupSourcesByPaths>true</GroupSourcesByPaths>
+        <GroupTargetsByPaths>true</GroupTargetsByPaths>
+        <FollowCMakeSourceGroups>false</FollowCMakeSourceGroups>
+        <AutoRefreshProject>true</AutoRefreshProject>
+        <AlwaysConsiderOutdated>false</AlwaysConsiderOutdated>
+        <SortTargetsByName>true</SortTargetsByName>
+        <RedundantTargetMode>HideOuterProjectTargets</RedundantTargetMode>
+        <SortSourcesByName>true</SortSourcesByName>
+        <BuildAllTargetsInSubdir>false</BuildAllTargetsInSubdir>
+        <FoldSingleItemPathLevels>true</FoldSingleItemPathLevels>
+      </ProjectItemSettings>
+      <TargetSpecificSettings />
+      <SetLDLibraryPathFromDependentArtifacts>true</SetLDLibraryPathFromDependentArtifacts>
+      <ProjectGUID>eadcc9ab-72b3-4b51-a838-593e5d80ddf7</ProjectGUID>
+      <VirtualFolders />
+      <ConfigurationNameCase>Upper</ConfigurationNameCase>
+      <DefaultHeaderDiscoveryMode>HeaderDirectoryAndSubdirectories</DefaultHeaderDiscoveryMode>
+      <EnableFastUpToDateCheck>true</EnableFastUpToDateCheck>
+      <ESPIDFExtension>
+        <IDFCheckout>
+          <Version>release/v5.0</Version>
+          <Subdirectory>esp-idf/v5.0</Subdirectory>
+          <Type>ESPIDF</Type>
+        </IDFCheckout>
+        <COMPort>COM20</COMPort>
+        <SuppressTestPrerequisiteChecks>false</SuppressTestPrerequisiteChecks>
+        <UseCCache>false</UseCCache>
+        <DeviceID>ESP32</DeviceID>
+      </ESPIDFExtension>
+    </ProjectModeSettings>
+  </Build>
+  <CustomBuild>
+    <PreSyncActions />
+    <PreBuildActions />
+    <PostBuildActions />
+    <PreCleanActions />
+    <PostCleanActions />
+  </CustomBuild>
+  <CustomDebug>
+    <PreDebugActions />
+    <PostDebugActions />
+    <DebugStopActions />
+    <BreakMode>Default</BreakMode>
+  </CustomDebug>
+  <DeviceTerminalSettings>
+    <Connection xsi:type="com.sysprogs.terminal.connection.serial">
+      <ComPortName>COM20</ComPortName>
+      <AdvancedSettings>
+        <BaudRate>115200</BaudRate>
+        <DataBits>8</DataBits>
+        <Parity>None</Parity>
+        <StopBits>One</StopBits>
+        <FlowControl>None</FlowControl>
+      </AdvancedSettings>
+    </Connection>
+    <LastConnectionTime>0</LastConnectionTime>
+    <EchoTypedCharacters>false</EchoTypedCharacters>
+    <ClearContentsWhenReconnecting>false</ClearContentsWhenReconnecting>
+    <ReconnectAutomatically>false</ReconnectAutomatically>
+    <DisplayMode>ASCII</DisplayMode>
+    <Colors>
+      <Background>
+        <Alpha>255</Alpha>
+        <Red>0</Red>
+        <Green>0</Green>
+        <Blue>0</Blue>
+      </Background>
+      <Disconnected>
+        <Alpha>255</Alpha>
+        <Red>169</Red>
+        <Green>169</Green>
+        <Blue>169</Blue>
+      </Disconnected>
+      <Text>
+        <Alpha>255</Alpha>
+        <Red>211</Red>
+        <Green>211</Green>
+        <Blue>211</Blue>
+      </Text>
+      <Echo>
+        <Alpha>255</Alpha>
+        <Red>144</Red>
+        <Green>238</Green>
+        <Blue>144</Blue>
+      </Echo>
+      <Inactive>
+        <Alpha>255</Alpha>
+        <Red>169</Red>
+        <Green>169</Green>
+        <Blue>169</Blue>
+      </Inactive>
+    </Colors>
+    <HexSettings>
+      <MaximumBytesPerLine>16</MaximumBytesPerLine>
+      <ShowTextView>true</ShowTextView>
+      <BreaksAroundEcho>true</BreaksAroundEcho>
+      <AutoSend>true</AutoSend>
+      <SendAsHex>true</SendAsHex>
+      <TimeoutForAutoBreak>0</TimeoutForAutoBreak>
+    </HexSettings>
+    <LineEnding>LF</LineEnding>
+    <TreatLFAsCRLF>false</TreatLFAsCRLF>
+    <KeepOpenAfterExit>false</KeepOpenAfterExit>
+    <ShowAfterProgramming>false</ShowAfterProgramming>
+  </DeviceTerminalSettings>
+  <CustomShortcuts>
+    <Shortcuts />
+    <ShowMessageAfterExecuting>true</ShowMessageAfterExecuting>
+  </CustomShortcuts>
+  <UserDefinedVariables />
+  <ImportedPropertySheets />
+  <CodeSense>
+    <Enabled>Unknown</Enabled>
+    <ExtraSettings>
+      <HideErrorsInSystemHeaders>true</HideErrorsInSystemHeaders>
+      <SupportLightweightReferenceAnalysis>true</SupportLightweightReferenceAnalysis>
+      <CheckForClangFormatFiles>true</CheckForClangFormatFiles>
+      <FormattingEngine xsi:nil="true" />
+    </ExtraSettings>
+    <CodeAnalyzerSettings>
+      <Enabled>false</Enabled>
+    </CodeAnalyzerSettings>
+  </CodeSense>
+  <Configurations>
+    <VisualGDBConfiguration>
+      <Name>Debug</Name>
+      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+    </VisualGDBConfiguration>
+    <VisualGDBConfiguration>
+      <Name>Release</Name>
+      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+    </VisualGDBConfiguration>
+  </Configurations>
+  <ProgramArgumentsSuggestions />
+  <Debug xsi:type="com.visualgdb.debug.embedded">
+    <AdditionalStartupCommands />
+    <AdditionalGDBSettings>
+      <Features>
+        <DisableAutoDetection>false</DisableAutoDetection>
+        <UseFrameParameter>false</UseFrameParameter>
+        <SimpleValuesFlagSupported>false</SimpleValuesFlagSupported>
+        <ListLocalsSupported>false</ListLocalsSupported>
+        <ByteLevelMemoryCommandsAvailable>false</ByteLevelMemoryCommandsAvailable>
+        <ThreadInfoSupported>false</ThreadInfoSupported>
+        <PendingBreakpointsSupported>false</PendingBreakpointsSupported>
+        <SupportTargetCommand>false</SupportTargetCommand>
+        <ReliableBreakpointNotifications>false</ReliableBreakpointNotifications>
+      </Features>
+      <EnableSmartStepping>false</EnableSmartStepping>
+      <FilterSpuriousStoppedNotifications>false</FilterSpuriousStoppedNotifications>
+      <ForceSingleThreadedMode>false</ForceSingleThreadedMode>
+      <UseAppleExtensions>false</UseAppleExtensions>
+      <CanAcceptCommandsWhileRunning>false</CanAcceptCommandsWhileRunning>
+      <MakeLogFile>false</MakeLogFile>
+      <IgnoreModuleEventsWhileStepping>true</IgnoreModuleEventsWhileStepping>
+      <UseRelativePathsOnly>false</UseRelativePathsOnly>
+      <ExitAction>None</ExitAction>
+      <DisableDisassembly>false</DisableDisassembly>
+      <ExamineMemoryWithXCommand>false</ExamineMemoryWithXCommand>
+      <StepIntoNewInstanceEntry>app_main</StepIntoNewInstanceEntry>
+      <ExamineRegistersInRawFormat>true</ExamineRegistersInRawFormat>
+      <DisableSignals>false</DisableSignals>
+      <EnableAsyncExecutionMode>false</EnableAsyncExecutionMode>
+      <AsyncModeSupportsBreakpoints>true</AsyncModeSupportsBreakpoints>
+      <TemporaryBreakConsolidationTimeout>0</TemporaryBreakConsolidationTimeout>
+      <EnableNonStopMode>false</EnableNonStopMode>
+      <MaxBreakpointLimit>0</MaxBreakpointLimit>
+      <EnableVerboseMode>true</EnableVerboseMode>
+      <EnablePrettyPrinters>false</EnablePrettyPrinters>
+    </AdditionalGDBSettings>
+    <DebugMethod>
+      <ID>openocd</ID>
+      <Configuration xsi:type="com.visualgdb.edp.openocd.settings.esp32">
+        <CommandLine>-f interface/tigard.cfg -c "adapter_khz 15000" -f target/esp32.cfg</CommandLine>
+        <ExtraParameters>
+          <Frequency xsi:nil="true" />
+          <BoostedFrequency xsi:nil="true" />
+          <ConnectUnderReset>false</ConnectUnderReset>
+        </ExtraParameters>
+        <LoadProgressGUIThreshold>131072</LoadProgressGUIThreshold>
+        <ProgramMode>Enabled</ProgramMode>
+        <StartupCommands>
+          <string>set remotetimeout 60</string>
+          <string>target remote :$$SYS:GDB_PORT$$</string>
+          <string>mon gdb_breakpoint_override hard</string>
+          <string>mon reset halt</string>
+          <string>load</string>
+        </StartupCommands>
+        <ProgramFLASHUsingExternalTool>false</ProgramFLASHUsingExternalTool>
+        <PreferredGDBPort>0</PreferredGDBPort>
+        <PreferredTelnetPort>0</PreferredTelnetPort>
+        <AlwaysPassSerialNumber>false</AlwaysPassSerialNumber>
+        <SelectedCoreIndex xsi:nil="true" />
+        <LiveMemoryTimeout>5000</LiveMemoryTimeout>
+        <SuggestionLogicRevision>1</SuggestionLogicRevision>
+        <CheckFLASHSize>true</CheckFLASHSize>
+        <FLASHSettings>
+          <Size>size2MB</Size>
+          <Frequency>freq40M</Frequency>
+          <Mode>DIO</Mode>
+        </FLASHSettings>
+        <PatchBootloader>true</PatchBootloader>
+      </Configuration>
+    </DebugMethod>
+    <AutoDetectRTOS>true</AutoDetectRTOS>
+    <SemihostingSupport>Disabled</SemihostingSupport>
+    <SemihostingPollingDelay>0</SemihostingPollingDelay>
+    <StepIntoEntryPoint>false</StepIntoEntryPoint>
+    <ReloadFirmwareOnReset>false</ReloadFirmwareOnReset>
+    <ValidateEndOfStackAddress>true</ValidateEndOfStackAddress>
+    <StopAtEntryPoint>false</StopAtEntryPoint>
+    <EnableVirtualHalts>false</EnableVirtualHalts>
+    <DynamicAnalysisSettings />
+    <EndOfStackSymbol>_estack</EndOfStackSymbol>
+    <TimestampProviderTicksPerSecond>0</TimestampProviderTicksPerSecond>
+    <KeepConsoleAfterExit>false</KeepConsoleAfterExit>
+    <UnusedStackFillPattern xsi:nil="true" />
+    <CheckInterfaceDrivers>true</CheckInterfaceDrivers>
+  </Debug>
+</VisualGDBProjectSettings2>

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/CMakeLists.txt

@@ -0,0 +1,229 @@
+#
+#  Copyright (C) 2006-2023 wolfSSL Inc.
+#
+#  This file is part of wolfSSL.
+#
+#  wolfSSL is free software; you can redistribute it and/or modify
+#  it under the terms of the GNU General Public License as published by
+#  the Free Software Foundation; either version 2 of the License, or
+#  (at your option) any later version.
+#
+#  wolfSSL is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU General Public License for more details.
+#
+#  You should have received a copy of the GNU General Public License
+#  along with this program; if not, write to the Free Software
+#  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+#
+# cmake for wolfssl
+#
+cmake_minimum_required(VERSION 3.5)
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+set(CMAKE_CURRENT_SOURCE_DIR ".")
+
+# We are currently in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
+# The root of wolfSSL is 7 directories up from here:
+get_filename_component(WOLFSSL_ROOT  "../../../../../../../" ABSOLUTE)
+
+# Espressif may take several passes through this makefile. Check to see if we found IDF
+string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
+
+if($WOLFSSL_FOUND_IDF)
+    message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
+    message(STATUS "WOLFSSL_ROOT = ${WOLFSSL_ROOT}")
+    message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
+endif()
+
+# get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
+FILE(GLOB EXCLUDE_ASM *.S)
+file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
+
+if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+    message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
+endif()
+
+set(INCLUDE_PATH ${WOLFSSL_ROOT})
+
+set(COMPONENT_SRCDIRS "${WOLFSSL_ROOT}/src/"
+                        "${WOLFSSL_ROOT}/wolfcrypt/src/"
+                        "${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif/"
+                        "${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel/"
+                        "${WOLFSSL_ROOT}/wolfcrypt/benchmark/"
+                        "${WOLFSSL_ROOT}/wolfcrypt/test/"
+                        )
+
+set(COMPONENT_REQUIRES lwip)
+
+
+# check to see if there's both a local copy and EDP-IDF copy of the wolfssl and/or wolfssh components
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+    #
+    # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
+    #
+    message(STATUS "")
+    message(STATUS "**************************************************************************************")
+    message(STATUS "")
+    message(STATUS "Error: Found components/wolfssl in both local project and IDF_PATH")
+    message(STATUS "")
+    message(STATUS "To proceed: ")
+    message(STATUS "")
+    message(STATUS "Remove either the local project component: ${CMAKE_HOME_DIRECTORY}/components/wolfssl/ ")
+    message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
+    message(STATUS "")
+    message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
+    message(STATUS "")
+    message(STATUS "**************************************************************************************")
+    message(STATUS "")
+
+    # Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+
+else()
+    if( EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+        #
+        # wolfSSL found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
+        #
+        message(STATUS "")
+        message(STATUS "Using components/wolfssl in IDF_PATH = $ENV{IDF_PATH}")
+        message(STATUS "")
+    else()
+        #
+        # wolfSSL is not an ESP-IDF component. We need to now determine if it is local and if so if it is part of the wolfSSL repo
+        # or if  wolfSSL is simply installed as a local component.
+        #
+        if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" )
+            #
+            # wolfSSL found in local project.
+            #
+            if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/include/" )
+                message(STATUS "")
+                message(STATUS "Using installed project ./components/wolfssl in CMAKE_HOME_DIRECTORY = $ENV{CMAKE_HOME_DIRECTORY}")
+                message(STATUS "")
+                #
+                # Note we already checked above and confirmed there's not another wolfSSL installed in the ESP-IDF components.
+                #
+                # We won't do anything else here, as it will be assumed the original install completed successfully.
+                #
+            else()
+                #
+                # This is the developer repo mode. wolfSSL will be assume to be not installed to ESP-IDF nor local project
+                # In this configuration, we are likely running a wolfSSL example found directly in the repo.
+                #
+                message(STATUS "")
+                message(STATUS "Using developer repo ./components/wolfssl in CMAKE_HOME_DIRECTORY = $ENV{CMAKE_HOME_DIRECTORY}")
+                message(STATUS "")
+
+                message(STATUS "************************************************************************************************")
+                # When in developer mode, we are typically running wolfSSL examples such as benchmark or test directories.
+                # However, the as-cloned or distributed wolfSSL does not have the ./include/ directory, so we'll add it as needed.
+                #
+                # first check if there's a [root]/include/user_settings.h
+                if( EXISTS "${WOLFSSL_ROOT}/include/user_settings.h" )
+                    # we won't overwrite an existing user settings file, just note that we already have one:
+                    message(STATUS "Found wolfSSL user_settings.h in ${WOLFSSL_ROOT}/include/user_settings.h")
+                else()
+                    message(STATUS "Installing wolfSSL user_settings.h to ${WOLFSSL_ROOT}/include/user_settings.h")
+                    file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h" DESTINATION "${WOLFSSL_ROOT}/include/")
+                endif() # user_settings.h
+
+                # next check if there's a [root]/include/config.h
+                if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
+                    message(STATUS "Found wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h")
+                else()
+                    message(STATUS "Installing wolfSSL config.h to ${WOLFSSL_ROOT}/include/config.h")
+                    file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/dummy_config_h" DESTINATION "${WOLFSSL_ROOT}/include/")
+                    file(RENAME "${WOLFSSL_ROOT}/include/dummy_config_h" "${WOLFSSL_ROOT}/include/config.h")
+                endif() # config.h
+                message(STATUS "************************************************************************************************")
+                message(STATUS "")
+            endif()
+
+        else()
+            # we did not find a ./components/wolfssl/include/ directory from this pass of cmake.
+            if($WOLFSSL_FOUND_IDF)
+                message(STATUS "")
+                message(STATUS "WARNING: wolfSSL not found.")
+                message(STATUS "")
+            else()
+                # probably needs to be re-parsed by Espressif
+                message(STATUS "wolfSSL found IDF. Project Source:${PROJECT_SOURCE_DIR}")
+            endif() # else we have not found ESP-IDF yet
+        endif() # else not a local wolfSSL component
+
+    endif() #else not an ESP-IDF component
+endif() # else not local copy and EDP-IDF wolfSSL
+
+
+# RTOS_IDF_PATH is typically:
+# "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
+# depending on the environment, we may need to swap backslashes with forward slashes
+string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/include/freertos")
+
+# ESP-IDF after version 4.4x has a different RTOS directory structure
+string(REPLACE "\\" "/" RTOS_IDF_PATH5 "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
+
+if(IS_DIRECTORY ${IDF_PATH}/components/freertos/FreeRTOS-Kernel/)
+    set(COMPONENT_ADD_INCLUDEDIRS
+        "."
+       "${WOLFSSL_ROOT}/include"
+       "${RTOS_IDF_PATH5}"
+       "${WOLFSSL_ROOT}"
+       )
+else()
+
+   set(COMPONENT_ADD_INCLUDEDIRS
+       "."
+       "${WOLFSSL_ROOT}/include"
+       "${RTOS_IDF_PATH}"
+       "${WOLFSSL_ROOT}"
+      )
+endif()
+
+if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
+    list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
+endif()
+
+set(COMPONENT_SRCEXCLUDE
+    "${WOLFSSL_ROOT}/src/bio.c"
+    "${WOLFSSL_ROOT}/src/conf.c"
+    "${WOLFSSL_ROOT}/src/misc.c"
+    "${WOLFSSL_ROOT}/src/pk.c"
+    "${WOLFSSL_ROOT}/src/ssl_misc.c" # included by ssl.c
+    "${WOLFSSL_ROOT}/src/x509.c"
+    "${WOLFSSL_ROOT}/src/x509_str.c"
+    "${WOLFSSL_ROOT}/wolfcrypt/src/evp.c"
+    "${WOLFSSL_ROOT}/wolfcrypt/src/misc.c"
+    "${EXCLUDE_ASM}"
+    )
+
+register_component()
+
+# some optional diagnostics
+if (0)
+    get_cmake_property(_variableNames VARIABLES)
+    list (SORT _variableNames)
+    message(STATUS "")
+    message(STATUS "ALL VARIABLES BEGIN")
+    message(STATUS "")
+    foreach (_variableName ${_variableNames})
+        message(STATUS "${_variableName}=${${_variableName}}")
+    endforeach()
+    message(STATUS "")
+    message(STATUS "ALL VARIABLES END")
+    message(STATUS "")
+endif()
+
+# check to see if there's both a local copy and EDP-IDF copy of the wolfssl components
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+    message(STATUS "")
+    message(STATUS "")
+    message(STATUS "********************************************************************")
+    message(STATUS "WARNING: Found components/wolfssl in both local project and IDF_PATH")
+    message(STATUS "********************************************************************")
+    message(STATUS "")
+endif()
+# end multiple component check
+
+

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/component.mk

@@ -0,0 +1,40 @@
+#
+# Copyright (C) 2006-2023 wolfSSL Inc.
+#
+# This file is part of wolfSSL.
+#
+# wolfSSL is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# wolfSSL is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+#
+#
+# Component Makefile
+#
+
+COMPONENT_ADD_INCLUDEDIRS := . ./include
+
+COMPONENT_ADD_INCLUDEDIRS += "$ENV{IDF_PATH}/components/freertos/include/freertos"
+# COMPONENT_ADD_INCLUDEDIRS += "$ENV{IDF_PATH}/soc/esp32s3/include/soc"
+
+COMPONENT_SRCDIRS := src wolfcrypt/src
+COMPONENT_SRCDIRS += wolfcrypt/src/port/Espressif
+COMPONENT_SRCDIRS += wolfcrypt/src/port/atmel
+COMPONENT_SRCDIRS += wolfcrypt/benchmark
+COMPONENT_SRCDIRS += wolfcrypt/test
+
+CFLAGS +=-DWOLFSSL_USER_SETTINGS
+
+COMPONENT_OBJEXCLUDE := wolfcrypt/src/aes_asm.o
+COMPONENT_OBJEXCLUDE += wolfcrypt/src/evp.o
+COMPONENT_OBJEXCLUDE += wolfcrypt/src/misc.o
+COMPONENT_OBJEXCLUDE += src/bio.o

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/CMakeLists.txt

@@ -4,7 +4,72 @@
 #
 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
 
-set(COMPONENT_SRCS "benchmark.c" "helper.c")
+set(COMPONENT_SRCS main.c)
 set(COMPONENT_ADD_INCLUDEDIRS ".")
 
+set (git_cmd "git")
+
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+    #
+    # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
+    #
+    message(STATUS "")
+    message(STATUS "WARNING: Found components/wolfssl in both local project and IDF_PATH")
+    message(STATUS "")
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+endif()
+
 register_component()
+
+#
+# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
+#
+# Save the THIS_VAR as a string in a macro called VAR_OUPUT
+#
+# VAR_OUPUT:  the name of the macro to define
+# THIS_VAR:   the OUTPUT_VARIABLE result from a execute_process()
+# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
+#
+function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
+    # is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
+    string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
+
+    # if we had a successful operation, save the THIS_VAR in VAR_OUPUT
+    if(${IS_VALID_VALUE})
+        # strip newline chars in THIS_VAR parameter and save in VAR_VALUE
+        string(REPLACE "\n" ""  VAR_VALUE  ${THIS_VAR})
+
+        # we'll could percolate the value to the parent for possible later use
+        # set(${VAR_OUPUT} ${VAR_VALUE} PARENT_SCOPE)
+
+        # but we're only using it here in this function
+        set(${VAR_OUPUT} ${VAR_VALUE})
+
+        # we'll print what we found to the console
+        message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
+
+        # the interesting part is defining the VAR_OUPUT name a value to use in the app
+        add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+    else()
+        # if we get here, check the execute_process command and parameters.
+        message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
+        set(${VAR_OUPUT} "Unknown")
+    endif()
+endfunction() # LIBWOLFSSL_SAVE_INFO
+
+if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+    # LIBWOLFSSL_VERSION_GIT_HASH
+    execute_process(COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_SHORT_HASH
+    execute_process(COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_HASH_DATE
+    execute_process(COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
+endif()
+
+message(STATUS "")
+

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/helper.c

@@ -1,177 +0,0 @@
-/* helper.c
- *
- * Copyright (C) 2006-2022 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <wolfssl/wolfcrypt/settings.h>
-#include <wolfssl/wolfcrypt/types.h>
-#include <wolfcrypt/benchmark/benchmark.h>
-
-#include "sdkconfig.h"
-#include "esp_log.h"
-
-#define WOLFSSL_BENCH_ARGV                 CONFIG_BENCH_ARGV
-
-/* proto-type */
-extern void wolf_benchmark_task();
-extern void wolf_crypt_task();
-static const char* const TAG = "wolfbenchmark";
-char* __argv[22];
-
-#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
-                                  && defined(WOLFSSL_ATECC508A)
-
-#include "wolfssl/wolfcrypt/port/atmel/atmel.h"
-
-/* when you need to use a custom slot allocation, */
-/* enable the definition CUSTOM_SLOT_ALLOCAION.   */
-#if defined(CUSTOM_SLOT_ALLOCATION)
-
-static byte mSlotList[ATECC_MAX_SLOT];
-
-/* initialize slot array */
-void my_atmel_slotInit()
-{
-    int i;
-    for(i = 0;i < ATECC_MAX_SLOT;i++) {
-        mSlotList[i] = ATECC_INVALID_SLOT;
-    }
-}
-
-/* allocate slot depending on slotType */
-int my_atmel_alloc(int slotType)
-{
-    int i, slot = -1;
-
-    switch(slotType){
-        case ATMEL_SLOT_ENCKEY:
-            slot = 4;
-            break;
-        case ATMEL_SLOT_DEVICE:
-            slot = 0;
-            break;
-        case ATMEL_SLOT_ECDHE:
-            slot = 0;
-            break;
-        case ATMEL_SLOT_ECDHE_ENC:
-            slot = 4;
-            break;
-        case ATMEL_SLOT_ANY:
-            for(i = 0;i < ATECC_MAX_SLOT;i++){
-                if(mSlotList[i] == ATECC_INVALID_SLOT){
-                    slot = i;
-                    break;
-                }
-            }
-    }
-
-    return slot;
-}
-
-/* free slot array       */
-void my_atmel_free(int slotId)
-{
-    if(slotId >= 0 && slotId < ATECC_MAX_SLOT){
-        mSlotList[slotId] = ATECC_INVALID_SLOT;
-    }
-}
-
-#endif /* CUSTOM_SLOT_ALLOCATION                                       */
-#endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */
-
-int construct_argv()
-{
-    int cnt = 0;
-    int i = 0;
-    int len = 0;
-    char *_argv;            /* buffer for copying the string    */
-    char *ch;               /* char pointer to trace the string */
-    char buff[16] = { 0 };  /* buffer for a argument copy       */
-
-    printf("arg:%s\n", CONFIG_BENCH_ARGV);
-    len = strlen(CONFIG_BENCH_ARGV);
-    _argv = (char*)malloc(len + 1);
-    if (!_argv) {
-        return -1;
-    }
-    memset(_argv, 0, len+1);
-    memcpy(_argv, CONFIG_BENCH_ARGV, len);
-    _argv[len] = '\0';
-    ch = _argv;
-
-    __argv[cnt] = malloc(10);
-    sprintf(__argv[cnt], "benchmark");
-    __argv[cnt][9] = '\0';
-    cnt = 1;
-
-    while (*ch != '\0')
-    {
-        /* skip white-space */
-        while (*ch == ' ') { ++ch; }
-
-        memset(buff, 0, sizeof(buff));
-        /* copy each args into buffer */
-        i = 0;
-        while ((*ch != ' ') && (*ch != '\0') && (i < 16)) {
-            buff[i] = *ch;
-            ++i;
-            ++ch;
-        }
-        /* copy the string into argv */
-        __argv[cnt] = (char*)malloc(i + 1);
-        memset(__argv[cnt], 0, i + 1);
-        memcpy(__argv[cnt], buff, i + 1);
-        /* next args */
-        ++cnt;
-    }
-
-    free(_argv);
-
-    return (cnt);
-}
-
-/* entry point */
-void app_main(void)
-{
-    (void) TAG;
-
-/* when using atecc608a on esp32-wroom-32se */
-#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
-                                  && defined(WOLFSSL_ATECC508A)
-    #if defined(CUSTOM_SLOT_ALLOCATION)
-    my_atmel_slotInit();
-    /* to register the callback, it needs to be initialized. */
-    if ((wolfCrypt_Init()) != 0) {
-       ESP_LOGE(TAG, "wolfCrypt_Init failed");
-       return;
-    }
-    atmel_set_slot_allocator(my_atmel_alloc, my_atmel_free);
-    #endif
-#endif
-
-#ifndef NO_CRYPT_TEST
-    wolf_crypt_task();
-#endif
-#ifndef NO_CRYPT_BENCHMARK
-    wolf_benchmark_task();
-#endif
-}

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.c

@@ -0,0 +1,266 @@
+/* benchmark main.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+/* ESP-IDF */
+#include <esp_log.h>
+#include "sdkconfig.h"
+
+/* wolfSSL */
+#include <wolfssl/wolfcrypt/settings.h>
+#include <user_settings.h>
+#include <wolfssl/version.h>
+#ifndef WOLFSSL_ESPIDF
+    #warning "problem with wolfSSL user_settings. Check components/wolfssl/include"
+#endif
+
+#include <wolfssl/wolfcrypt/types.h>
+#include <wolfcrypt/benchmark/benchmark.h>
+
+/* check BENCH_ARGV in sdkconfig to determine need to set WOLFSSL_BENCH_ARGV */
+#ifdef CONFIG_BENCH_ARGV
+#define WOLFSSL_BENCH_ARGV CONFIG_BENCH_ARGV
+#define WOLFSSL_BENCH_ARGV_MAX_ARGUMENTS 22 /* arbitrary number of max args */
+#endif
+
+/*
+** the wolfssl component can be installed in either:
+**
+**   - the ESP-IDF component directory
+**
+**       ** OR **
+**
+**   - the local project component directory
+**
+** it is not recommended to install in both.
+**
+*/
+
+#include "main.h"
+
+static const char* const TAG = "wolfssl_benchmark";
+
+#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
+                                  && defined(WOLFSSL_ATECC508A)
+
+#include "wolfssl/wolfcrypt/port/atmel/atmel.h"
+
+/* when you need to use a custom slot allocation, */
+/* enable the definition CUSTOM_SLOT_ALLOCAION.   */
+#if defined(CUSTOM_SLOT_ALLOCATION)
+
+static byte mSlotList[ATECC_MAX_SLOT];
+
+/* initialize slot array */
+void my_atmel_slotInit()
+{
+    int i;
+    for(i = 0;i < ATECC_MAX_SLOT;i++) {
+        mSlotList[i] = ATECC_INVALID_SLOT;
+    }
+}
+
+/* allocate slot depending on slotType */
+int my_atmel_alloc(int slotType)
+{
+    int i, slot = -1;
+
+    switch(slotType){
+        case ATMEL_SLOT_ENCKEY:
+            slot = 4;
+            break;
+        case ATMEL_SLOT_DEVICE:
+            slot = 0;
+            break;
+        case ATMEL_SLOT_ECDHE:
+            slot = 0;
+            break;
+        case ATMEL_SLOT_ECDHE_ENC:
+            slot = 4;
+            break;
+        case ATMEL_SLOT_ANY:
+            for(i = 0;i < ATECC_MAX_SLOT;i++){
+                if(mSlotList[i] == ATECC_INVALID_SLOT){
+                    slot = i;
+                    break;
+                }
+            }
+    }
+
+    return slot;
+}
+
+/* free slot array       */
+void my_atmel_free(int slotId)
+{
+    if(slotId >= 0 && slotId < ATECC_MAX_SLOT){
+        mSlotList[slotId] = ATECC_INVALID_SLOT;
+    }
+}
+
+#endif /* CUSTOM_SLOT_ALLOCATION                                       */
+#endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */
+
+/* the following are needed by benchmark.c with args */
+#ifdef WOLFSSL_BENCH_ARGV
+char* __argv[WOLFSSL_BENCH_ARGV_MAX_ARGUMENTS];
+
+int construct_argv()
+{
+    int cnt = 0;
+    int i = 0;
+    int len = 0;
+    char *_argv; /* buffer for copying the string    */
+    char *ch; /* char pointer to trace the string */
+    char buff[16] = { 0 }; /* buffer for a argument copy       */
+
+    ESP_LOGI(TAG, "construct_argv arg:%s\n", CONFIG_BENCH_ARGV);
+    len = strlen(CONFIG_BENCH_ARGV);
+    _argv = (char*)malloc(len + 1);
+    if (!_argv) {
+        return -1;
+    }
+    memset(_argv, 0, len + 1);
+    memcpy(_argv, CONFIG_BENCH_ARGV, len);
+    _argv[len] = '\0';
+    ch = _argv;
+
+    __argv[cnt] = malloc(10);
+    sprintf(__argv[cnt], "benchmark");
+    __argv[cnt][9] = '\0';
+    cnt = 1;
+
+    while (*ch != '\0') {
+        /* check that we don't overflow manual arg assembly */
+        if (cnt >= (WOLFSSL_BENCH_ARGV_MAX_ARGUMENTS)) {
+            ESP_LOGE(TAG, "Abort construct_argv;"
+                          "Reached maximum defined arguments = %d",
+                          WOLFSSL_BENCH_ARGV_MAX_ARGUMENTS);
+            break;
+        }
+
+        /* skip white-space */
+        while (*ch == ' ') { ++ch; }
+
+        memset(buff, 0, sizeof(buff));
+        /* copy each args into buffer */
+        i = 0;
+        while ((*ch != ' ') && (*ch != '\0') && (i < 16)) {
+            buff[i] = *ch;
+            ++i;
+            ++ch;
+        }
+        /* copy the string into argv */
+        __argv[cnt] = (char*)malloc(i + 1);
+        memset(__argv[cnt], 0, i + 1);
+        memcpy(__argv[cnt], buff, i + 1);
+        /* next args */
+        ++cnt;
+    }
+
+    free(_argv);
+
+    return (cnt);
+}
+#endif
+
+/* entry point */
+void app_main(void)
+{
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+    ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------");
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+    ESP_LOGI(TAG, "CONFIG_IDF_TARGET = %s", CONFIG_IDF_TARGET);
+    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_STRING = %s", LIBWOLFSSL_VERSION_STRING);
+
+#if defined(WOLFSSL_MULTI_INSTALL_WARNING)
+    ESP_LOGI(TAG, "");
+    ESP_LOGI(TAG, "WARNING: Multiple wolfSSL installs found.");
+    ESP_LOGI(TAG, "Check ESP-IDF and local project [components] directory.");
+    ESP_LOGI(TAG, "");
+#endif
+
+#if defined(LIBWOLFSSL_VERSION_GIT_HASH)
+    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH = %s", LIBWOLFSSL_VERSION_GIT_HASH);
+#endif
+
+#if defined(LIBWOLFSSL_VERSION_GIT_SHORT_HASH )
+    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_SHORT_HASH = %s", LIBWOLFSSL_VERSION_GIT_SHORT_HASH);
+#endif
+
+#if defined(LIBWOLFSSL_VERSION_GIT_HASH_DATE)
+    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH_DATE = %s", LIBWOLFSSL_VERSION_GIT_HASH_DATE);
+#endif
+
+
+    /* some interesting settings are target specific (ESP32, -C3, -S3, etc */
+#if defined(CONFIG_IDF_TARGET_ESP32C3)
+    /* not available for C3 at this time */
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+    ESP_LOGI(TAG, "CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ = %u MHz",
+                   CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
+             );
+    ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
+#else
+    ESP_LOGI(TAG, "CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ = %u MHz",
+                   CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ
+            );
+    ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
+#endif
+
+    /* all platforms: stack high water mark check */
+    ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
+    ESP_LOGI(TAG, "app_main CONFIG_BENCH_ARGV = %s", WOLFSSL_BENCH_ARGV);
+
+/* when using atecc608a on esp32-wroom-32se */
+#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
+                                  && defined(WOLFSSL_ATECC508A)
+    #if defined(CUSTOM_SLOT_ALLOCATION)
+    my_atmel_slotInit();
+    /* to register the callback, it needs to be initialized. */
+    if ((wolfCrypt_Init()) != 0) {
+       ESP_LOGE(TAG, "wolfCrypt_Init failed");
+       return;
+    }
+    atmel_set_slot_allocator(my_atmel_alloc, my_atmel_free);
+    #endif
+#endif
+
+#ifdef NO_CRYPT_BENCHMARK
+    ESP_LOGI(TAG, "NO_CRYPT_BENCHMARK defined, skipping wolf_benchmark_task")
+#else
+
+    /* although wolfCrypt_Init() may be explicitly called above,
+    ** note it is still always called in wolf_benchmark_task.
+    */
+    wolf_benchmark_task();
+    /* wolfCrypt_Cleanup should always be called at completion,
+    ** and is called in wolf_benchmark_task().
+    */
+    ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
+
+    /* after the test, we'll just wait */
+    while (1) {
+        /* nothing */
+    }
+
+#endif /* NO_CRYPT_BENCHMARK */
+} /* main */

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.h

@@ -0,0 +1,29 @@
+#pragma once
+/* benchmark main.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+void app_main(void);
+
+/* see wolfssl/wolfcrypt/benchmark/benchmark.h */
+extern void wolf_benchmark_task();
+
+
+

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/sdkconfig.defaults

@@ -1,6 +1,44 @@
 CONFIG_BENCH_ARGV="-lng 0"
-CONFIG_MAIN_TASK_STACK_SIZE=7500
 CONFIG_FREERTOS_HZ=1000
-CONFIG_TASK_WDT_CHECK_IDLE_TASK_CPU0=
 CONFIG_ESP32_DEFAULT_CPU_FREQ_240=y
-170 CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ=240
+
+#
+# Default main stack size
+#
+# This is typically way bigger than needed for stack size. See user_settings.h
+#
+CONFIG_ESP_MAIN_TASK_STACK_SIZE=55500
+
+# Legacy stack size for older ESP-IDF versions
+CONFIG_MAIN_TASK_STACK_SIZE=55500
+
+#
+# Watchdog Timers
+#
+# We don't want to have the watchdog timeout during tests
+#
+CONFIG_ESP_TASK_WDT_CHECK_IDLE_TASK_CPU0=n
+CONFIG_ESP_TASK_WDT_CHECK_IDLE_TASK_CPU1=n
+
+#
+# Compiler options
+#
+CONFIG_COMPILER_OPTIMIZATION_DEFAULT=y
+CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_ENABLE=y
+CONFIG_COMPILER_OPTIMIZATION_ASSERTION_LEVEL=2
+CONFIG_COMPILER_HIDE_PATHS_MACROS=y
+CONFIG_COMPILER_STACK_CHECK_MODE_NORM=y
+CONFIG_COMPILER_STACK_CHECK=y
+
+#
+# Partition Table
+#
+# CONFIG_PARTITION_TABLE_SINGLE_APP is not set
+CONFIG_PARTITION_TABLE_SINGLE_APP_LARGE=y
+# CONFIG_PARTITION_TABLE_TWO_OTA is not set
+# CONFIG_PARTITION_TABLE_CUSTOM is not set
+CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="partitions.csv"
+CONFIG_PARTITION_TABLE_FILENAME="partitions_singleapp_large.csv"
+CONFIG_PARTITION_TABLE_OFFSET=0x8000
+CONFIG_PARTITION_TABLE_MD5=y
+# end of Partition Table

IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/VisualGDB_wolfssl_client.sln

@@ -0,0 +1,31 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 16
+VisualStudioVersion = 16.0.33027.164
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{803FD0C6-D64E-4E16-9DC3-1DAEC859A3D2}") = "VisualGDB_wolfssl_client", "VisualGDB_wolfssl_client.vgdbproj", "{E903E9CC-1A23-4B00-8914-7E45EC21E351}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|VisualGDB = Debug|VisualGDB
+		Release|VisualGDB = Release|VisualGDB
+		Tests (Debug)|VisualGDB = Tests (Debug)|VisualGDB
+		Tests (Release)|VisualGDB = Tests (Release)|VisualGDB
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Debug|VisualGDB.ActiveCfg = Debug|VisualGDB
+		{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Debug|VisualGDB.Build.0 = Debug|VisualGDB
+		{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Release|VisualGDB.ActiveCfg = Release|VisualGDB
+		{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Release|VisualGDB.Build.0 = Release|VisualGDB
+		{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Debug)|VisualGDB.ActiveCfg = Tests (Debug)|VisualGDB
+		{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Debug)|VisualGDB.Build.0 = Tests (Debug)|VisualGDB
+		{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Release)|VisualGDB.ActiveCfg = Tests (Release)|VisualGDB
+		{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Release)|VisualGDB.Build.0 = Tests (Release)|VisualGDB
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {D510376F-F313-4EF6-8EF5-248D1949DFEB}
+	EndGlobalSection
+EndGlobal

IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/VisualGDB_wolfssl_client.vgdbproj

@@ -0,0 +1,269 @@
+<?xml version="1.0"?>
+<VisualGDBProjectSettings2 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+  <Project xsi:type="com.visualgdb.project.external.esp-idf">
+    <CustomSourceDirectories>
+      <Directories />
+      <PathStyle>Unknown</PathStyle>
+    </CustomSourceDirectories>
+    <AutoProgramSPIFFSPartition>true</AutoProgramSPIFFSPartition>
+    <ProjectModeSettings>
+      <ProjectGUID>bdbba681-1213-45f8-a44e-4652fe489fe3</ProjectGUID>
+      <GroupSourcesByTypes>true</GroupSourcesByTypes>
+      <GroupSourcesByPaths>true</GroupSourcesByPaths>
+      <HeaderScanMode>SourceDirs</HeaderScanMode>
+    </ProjectModeSettings>
+  </Project>
+  <Build xsi:type="com.visualgdb.build.cmake">
+    <BuildLogMode xsi:nil="true" />
+    <ToolchainID>
+      <ID>com.visualgdb.xtensa-esp32-elf</ID>
+      <Version>
+        <GCC>11.2.0</GCC>
+        <GDB>9.2.90</GDB>
+        <Revision>2</Revision>
+      </Version>
+    </ToolchainID>
+    <RelativeSourceDirectory>..</RelativeSourceDirectory>
+    <ConfigurationType>DEBUG</ConfigurationType>
+    <BinaryDirectory>build/$(PlatformName)/$(ConfigurationName)</BinaryDirectory>
+    <MakeCommandTemplate>
+      <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+      <Command>$(ToolchainNinja)</Command>
+      <WorkingDirectory>$(BuildDir)</WorkingDirectory>
+      <BackgroundMode xsi:nil="true" />
+    </MakeCommandTemplate>
+    <CMakeCommand>
+      <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+      <Command>$(SYSPROGS_CMAKE_PATH)</Command>
+      <BackgroundMode xsi:nil="true" />
+    </CMakeCommand>
+    <UpdateSourcesInCMakeFile>true</UpdateSourcesInCMakeFile>
+    <ExportCompileCommands>false</ExportCompileCommands>
+    <DisableToolchainFile>false</DisableToolchainFile>
+    <CMakeMakefileType>Ninja</CMakeMakefileType>
+    <DeployAsRoot>false</DeployAsRoot>
+    <CMakeCleanMode>RemoveBuildDirectory</CMakeCleanMode>
+    <UseCCache>false</UseCCache>
+    <ProjectModeSettings>
+      <ProjectItemSettings>
+        <GroupSourcesByTypes>true</GroupSourcesByTypes>
+        <GroupSourcesByPaths>true</GroupSourcesByPaths>
+        <GroupTargetsByPaths>true</GroupTargetsByPaths>
+        <FollowCMakeSourceGroups>false</FollowCMakeSourceGroups>
+        <AutoRefreshProject>true</AutoRefreshProject>
+        <AlwaysConsiderOutdated>false</AlwaysConsiderOutdated>
+        <SortTargetsByName>true</SortTargetsByName>
+        <RedundantTargetMode>HideOuterProjectTargets</RedundantTargetMode>
+        <SortSourcesByName>true</SortSourcesByName>
+        <BuildAllTargetsInSubdir>false</BuildAllTargetsInSubdir>
+        <FoldSingleItemPathLevels>true</FoldSingleItemPathLevels>
+      </ProjectItemSettings>
+      <TargetSpecificSettings />
+      <SetLDLibraryPathFromDependentArtifacts>true</SetLDLibraryPathFromDependentArtifacts>
+      <ProjectGUID>e903e9cc-1a23-4b00-8914-7e45ec21e351</ProjectGUID>
+      <VirtualFolders />
+      <ConfigurationNameCase>Upper</ConfigurationNameCase>
+      <DefaultHeaderDiscoveryMode>HeaderDirectoryAndSubdirectories</DefaultHeaderDiscoveryMode>
+      <EnableFastUpToDateCheck>true</EnableFastUpToDateCheck>
+      <ESPIDFExtension>
+        <IDFCheckout>
+          <Version>release/v5.0</Version>
+          <Subdirectory>esp-idf/v5.0</Subdirectory>
+          <Type>ESPIDF</Type>
+        </IDFCheckout>
+        <COMPort>COM20</COMPort>
+        <SuppressTestPrerequisiteChecks>false</SuppressTestPrerequisiteChecks>
+        <UseCCache>false</UseCCache>
+        <DeviceID>ESP32</DeviceID>
+      </ESPIDFExtension>
+    </ProjectModeSettings>
+  </Build>
+  <CustomBuild>
+    <PreSyncActions />
+    <PreBuildActions />
+    <PostBuildActions />
+    <PreCleanActions />
+    <PostCleanActions />
+  </CustomBuild>
+  <CustomDebug>
+    <PreDebugActions />
+    <PostDebugActions />
+    <DebugStopActions />
+    <BreakMode>Default</BreakMode>
+  </CustomDebug>
+  <DeviceTerminalSettings>
+    <Connection xsi:type="com.sysprogs.terminal.connection.serial">
+      <ComPortName>COM20</ComPortName>
+      <AdvancedSettings>
+        <BaudRate>115200</BaudRate>
+        <DataBits>8</DataBits>
+        <Parity>None</Parity>
+        <StopBits>One</StopBits>
+        <FlowControl>None</FlowControl>
+      </AdvancedSettings>
+    </Connection>
+    <LastConnectionTime>0</LastConnectionTime>
+    <EchoTypedCharacters>false</EchoTypedCharacters>
+    <ClearContentsWhenReconnecting>false</ClearContentsWhenReconnecting>
+    <ReconnectAutomatically>false</ReconnectAutomatically>
+    <DisplayMode>ASCII</DisplayMode>
+    <Colors>
+      <Background>
+        <Alpha>255</Alpha>
+        <Red>0</Red>
+        <Green>0</Green>
+        <Blue>0</Blue>
+      </Background>
+      <Disconnected>
+        <Alpha>255</Alpha>
+        <Red>169</Red>
+        <Green>169</Green>
+        <Blue>169</Blue>
+      </Disconnected>
+      <Text>
+        <Alpha>255</Alpha>
+        <Red>211</Red>
+        <Green>211</Green>
+        <Blue>211</Blue>
+      </Text>
+      <Echo>
+        <Alpha>255</Alpha>
+        <Red>144</Red>
+        <Green>238</Green>
+        <Blue>144</Blue>
+      </Echo>
+      <Inactive>
+        <Alpha>255</Alpha>
+        <Red>169</Red>
+        <Green>169</Green>
+        <Blue>169</Blue>
+      </Inactive>
+    </Colors>
+    <HexSettings>
+      <MaximumBytesPerLine>16</MaximumBytesPerLine>
+      <ShowTextView>true</ShowTextView>
+      <BreaksAroundEcho>true</BreaksAroundEcho>
+      <AutoSend>true</AutoSend>
+      <SendAsHex>true</SendAsHex>
+      <TimeoutForAutoBreak>0</TimeoutForAutoBreak>
+    </HexSettings>
+    <LineEnding>LF</LineEnding>
+    <TreatLFAsCRLF>false</TreatLFAsCRLF>
+    <KeepOpenAfterExit>false</KeepOpenAfterExit>
+    <ShowAfterProgramming>false</ShowAfterProgramming>
+  </DeviceTerminalSettings>
+  <CustomShortcuts>
+    <Shortcuts />
+    <ShowMessageAfterExecuting>true</ShowMessageAfterExecuting>
+  </CustomShortcuts>
+  <UserDefinedVariables />
+  <ImportedPropertySheets />
+  <CodeSense>
+    <Enabled>Unknown</Enabled>
+    <ExtraSettings>
+      <HideErrorsInSystemHeaders>true</HideErrorsInSystemHeaders>
+      <SupportLightweightReferenceAnalysis>true</SupportLightweightReferenceAnalysis>
+      <CheckForClangFormatFiles>true</CheckForClangFormatFiles>
+      <FormattingEngine xsi:nil="true" />
+    </ExtraSettings>
+    <CodeAnalyzerSettings>
+      <Enabled>false</Enabled>
+    </CodeAnalyzerSettings>
+  </CodeSense>
+  <Configurations>
+    <VisualGDBConfiguration>
+      <Name>Debug</Name>
+      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+    </VisualGDBConfiguration>
+    <VisualGDBConfiguration>
+      <Name>Release</Name>
+      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+    </VisualGDBConfiguration>
+  </Configurations>
+  <ProgramArgumentsSuggestions />
+  <Debug xsi:type="com.visualgdb.debug.embedded">
+    <AdditionalStartupCommands />
+    <AdditionalGDBSettings>
+      <Features>
+        <DisableAutoDetection>false</DisableAutoDetection>
+        <UseFrameParameter>false</UseFrameParameter>
+        <SimpleValuesFlagSupported>false</SimpleValuesFlagSupported>
+        <ListLocalsSupported>false</ListLocalsSupported>
+        <ByteLevelMemoryCommandsAvailable>false</ByteLevelMemoryCommandsAvailable>
+        <ThreadInfoSupported>false</ThreadInfoSupported>
+        <PendingBreakpointsSupported>false</PendingBreakpointsSupported>
+        <SupportTargetCommand>false</SupportTargetCommand>
+        <ReliableBreakpointNotifications>false</ReliableBreakpointNotifications>
+      </Features>
+      <EnableSmartStepping>false</EnableSmartStepping>
+      <FilterSpuriousStoppedNotifications>false</FilterSpuriousStoppedNotifications>
+      <ForceSingleThreadedMode>false</ForceSingleThreadedMode>
+      <UseAppleExtensions>false</UseAppleExtensions>
+      <CanAcceptCommandsWhileRunning>false</CanAcceptCommandsWhileRunning>
+      <MakeLogFile>false</MakeLogFile>
+      <IgnoreModuleEventsWhileStepping>true</IgnoreModuleEventsWhileStepping>
+      <UseRelativePathsOnly>false</UseRelativePathsOnly>
+      <ExitAction>None</ExitAction>
+      <DisableDisassembly>false</DisableDisassembly>
+      <ExamineMemoryWithXCommand>false</ExamineMemoryWithXCommand>
+      <StepIntoNewInstanceEntry>app_main</StepIntoNewInstanceEntry>
+      <ExamineRegistersInRawFormat>true</ExamineRegistersInRawFormat>
+      <DisableSignals>false</DisableSignals>
+      <EnableAsyncExecutionMode>false</EnableAsyncExecutionMode>
+      <AsyncModeSupportsBreakpoints>true</AsyncModeSupportsBreakpoints>
+      <TemporaryBreakConsolidationTimeout>0</TemporaryBreakConsolidationTimeout>
+      <EnableNonStopMode>false</EnableNonStopMode>
+      <MaxBreakpointLimit>0</MaxBreakpointLimit>
+      <EnableVerboseMode>true</EnableVerboseMode>
+      <EnablePrettyPrinters>false</EnablePrettyPrinters>
+    </AdditionalGDBSettings>
+    <DebugMethod>
+      <ID>openocd</ID>
+      <Configuration xsi:type="com.visualgdb.edp.openocd.settings.esp32">
+        <CommandLine>-f interface/tigard.cfg -c "adapter_khz 3000" -f target/esp32.cfg</CommandLine>
+        <ExtraParameters>
+          <Frequency xsi:nil="true" />
+          <BoostedFrequency xsi:nil="true" />
+          <ConnectUnderReset>false</ConnectUnderReset>
+        </ExtraParameters>
+        <LoadProgressGUIThreshold>131072</LoadProgressGUIThreshold>
+        <ProgramMode>Enabled</ProgramMode>
+        <StartupCommands>
+          <string>set remotetimeout 60</string>
+          <string>target remote :$$SYS:GDB_PORT$$</string>
+          <string>mon gdb_breakpoint_override hard</string>
+          <string>mon reset halt</string>
+          <string>load</string>
+        </StartupCommands>
+        <ProgramFLASHUsingExternalTool>false</ProgramFLASHUsingExternalTool>
+        <PreferredGDBPort>0</PreferredGDBPort>
+        <PreferredTelnetPort>0</PreferredTelnetPort>
+        <AlwaysPassSerialNumber>false</AlwaysPassSerialNumber>
+        <SelectedCoreIndex xsi:nil="true" />
+        <LiveMemoryTimeout>5000</LiveMemoryTimeout>
+        <SuggestionLogicRevision>1</SuggestionLogicRevision>
+        <CheckFLASHSize>true</CheckFLASHSize>
+        <FLASHSettings>
+          <Size>size2MB</Size>
+          <Frequency>freq40M</Frequency>
+          <Mode>DIO</Mode>
+        </FLASHSettings>
+        <PatchBootloader>true</PatchBootloader>
+      </Configuration>
+    </DebugMethod>
+    <AutoDetectRTOS>true</AutoDetectRTOS>
+    <SemihostingSupport>Auto</SemihostingSupport>
+    <SemihostingPollingDelay>0</SemihostingPollingDelay>
+    <StepIntoEntryPoint>false</StepIntoEntryPoint>
+    <ReloadFirmwareOnReset>false</ReloadFirmwareOnReset>
+    <ValidateEndOfStackAddress>true</ValidateEndOfStackAddress>
+    <StopAtEntryPoint>false</StopAtEntryPoint>
+    <EnableVirtualHalts>false</EnableVirtualHalts>
+    <DynamicAnalysisSettings />
+    <EndOfStackSymbol>_estack</EndOfStackSymbol>
+    <TimestampProviderTicksPerSecond>0</TimestampProviderTicksPerSecond>
+    <KeepConsoleAfterExit>false</KeepConsoleAfterExit>
+    <UnusedStackFillPattern xsi:nil="true" />
+    <CheckInterfaceDrivers>true</CheckInterfaceDrivers>
+  </Debug>
+</VisualGDBProjectSettings2>

IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt

@@ -0,0 +1,229 @@
+#
+#  Copyright (C) 2006-2023 wolfSSL Inc.
+#
+#  This file is part of wolfSSL.
+#
+#  wolfSSL is free software; you can redistribute it and/or modify
+#  it under the terms of the GNU General Public License as published by
+#  the Free Software Foundation; either version 2 of the License, or
+#  (at your option) any later version.
+#
+#  wolfSSL is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU General Public License for more details.
+#
+#  You should have received a copy of the GNU General Public License
+#  along with this program; if not, write to the Free Software
+#  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+#
+# cmake for wolfssl
+#
+cmake_minimum_required(VERSION 3.5)
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+set(CMAKE_CURRENT_SOURCE_DIR ".")
+
+# We are currently in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
+# The root of wolfSSL is 7 directories up from here:
+get_filename_component(WOLFSSL_ROOT  "../../../../../../../" ABSOLUTE)
+
+# Espressif may take several passes through this makefile. Check to see if we found IDF
+string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
+
+if($WOLFSSL_FOUND_IDF)
+    message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
+    message(STATUS "WOLFSSL_ROOT = ${WOLFSSL_ROOT}")
+    message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
+endif()
+
+# get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
+FILE(GLOB EXCLUDE_ASM *.S)
+file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
+
+if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+    message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
+endif()
+
+set(INCLUDE_PATH ${WOLFSSL_ROOT})
+
+set(COMPONENT_SRCDIRS "${WOLFSSL_ROOT}/src/"
+                        "${WOLFSSL_ROOT}/wolfcrypt/src/"
+                        "${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif/"
+                        "${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel/"
+                        "${WOLFSSL_ROOT}/wolfcrypt/benchmark/"
+                        "${WOLFSSL_ROOT}/wolfcrypt/test/"
+                        )
+
+set(COMPONENT_REQUIRES lwip)
+
+
+# check to see if there's both a local copy and EDP-IDF copy of the wolfssl and/or wolfssh components
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+    #
+    # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
+    #
+    message(STATUS "")
+    message(STATUS "**************************************************************************************")
+    message(STATUS "")
+    message(STATUS "Error: Found components/wolfssl in both local project and IDF_PATH")
+    message(STATUS "")
+    message(STATUS "To proceed: ")
+    message(STATUS "")
+    message(STATUS "Remove either the local project component: ${CMAKE_HOME_DIRECTORY}/components/wolfssl/ ")
+    message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
+    message(STATUS "")
+    message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
+    message(STATUS "")
+    message(STATUS "**************************************************************************************")
+    message(STATUS "")
+
+    # Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+
+else()
+    if( EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+        #
+        # wolfSSL found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
+        #
+        message(STATUS "")
+        message(STATUS "Using components/wolfssl in IDF_PATH = $ENV{IDF_PATH}")
+        message(STATUS "")
+    else()
+        #
+        # wolfSSL is not an ESP-IDF component. We need to now determine if it is local and if so if it is part of the wolfSSL repo
+        # or if  wolfSSL is simply installed as a local component.
+        #
+        if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" )
+            #
+            # wolfSSL found in local project.
+            #
+            if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/include/" )
+                message(STATUS "")
+                message(STATUS "Using installed project ./components/wolfssl in CMAKE_HOME_DIRECTORY = $ENV{CMAKE_HOME_DIRECTORY}")
+                message(STATUS "")
+                #
+                # Note we already checked above and confirmed there's not another wolfSSL installed in the ESP-IDF components.
+                #
+                # We won't do anything else here, as it will be assumed the original install completed successfully.
+                #
+            else()
+                #
+                # This is the developer repo mode. wolfSSL will be assume to be not installed to ESP-IDF nor local project
+                # In this configuration, we are likely running a wolfSSL example found directly in the repo.
+                #
+                message(STATUS "")
+                message(STATUS "Using developer repo ./components/wolfssl in CMAKE_HOME_DIRECTORY = $ENV{CMAKE_HOME_DIRECTORY}")
+                message(STATUS "")
+
+                message(STATUS "************************************************************************************************")
+                # When in developer mode, we are typically running wolfSSL examples such as benchmark or test directories.
+                # However, the as-cloned or distributed wolfSSL does not have the ./include/ directory, so we'll add it as needed.
+                #
+                # first check if there's a [root]/include/user_settings.h
+                if( EXISTS "${WOLFSSL_ROOT}/include/user_settings.h" )
+                    # we won't overwrite an existing user settings file, just note that we already have one:
+                    message(STATUS "Found wolfSSL user_settings.h in ${WOLFSSL_ROOT}/include/user_settings.h")
+                else()
+                    message(STATUS "Installing wolfSSL user_settings.h to ${WOLFSSL_ROOT}/include/user_settings.h")
+                    file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h" DESTINATION "${WOLFSSL_ROOT}/include/")
+                endif() # user_settings.h
+
+                # next check if there's a [root]/include/config.h
+                if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
+                    message(STATUS "Found wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h")
+                else()
+                    message(STATUS "Installing wolfSSL config.h to ${WOLFSSL_ROOT}/include/config.h")
+                    file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/dummy_config_h" DESTINATION "${WOLFSSL_ROOT}/include/")
+                    file(RENAME "${WOLFSSL_ROOT}/include/dummy_config_h" "${WOLFSSL_ROOT}/include/config.h")
+                endif() # config.h
+                message(STATUS "************************************************************************************************")
+                message(STATUS "")
+            endif()
+
+        else()
+            # we did not find a ./components/wolfssl/include/ directory from this pass of cmake.
+            if($WOLFSSL_FOUND_IDF)
+                message(STATUS "")
+                message(STATUS "WARNING: wolfSSL not found.")
+                message(STATUS "")
+            else()
+                # probably needs to be re-parsed by Espressif
+                message(STATUS "wolfSSL found IDF. Project Source:${PROJECT_SOURCE_DIR}")
+            endif() # else we have not found ESP-IDF yet
+        endif() # else not a local wolfSSL component
+
+    endif() #else not an ESP-IDF component
+endif() # else not local copy and EDP-IDF wolfSSL
+
+
+# RTOS_IDF_PATH is typically:
+# "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
+# depending on the environment, we may need to swap backslashes with forward slashes
+string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/include/freertos")
+
+# ESP-IDF after version 4.4x has a different RTOS directory structure
+string(REPLACE "\\" "/" RTOS_IDF_PATH5 "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
+
+if(IS_DIRECTORY ${IDF_PATH}/components/freertos/FreeRTOS-Kernel/)
+    set(COMPONENT_ADD_INCLUDEDIRS
+        "."
+       "${WOLFSSL_ROOT}/include"
+       "${RTOS_IDF_PATH5}"
+       "${WOLFSSL_ROOT}"
+       )
+else()
+
+   set(COMPONENT_ADD_INCLUDEDIRS
+       "."
+       "${WOLFSSL_ROOT}/include"
+       "${RTOS_IDF_PATH}"
+       "${WOLFSSL_ROOT}"
+      )
+endif()
+
+if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
+    list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
+endif()
+
+set(COMPONENT_SRCEXCLUDE
+    "${WOLFSSL_ROOT}/src/bio.c"
+    "${WOLFSSL_ROOT}/src/conf.c"
+    "${WOLFSSL_ROOT}/src/misc.c"
+    "${WOLFSSL_ROOT}/src/pk.c"
+    "${WOLFSSL_ROOT}/src/ssl_misc.c" # included by ssl.c
+    "${WOLFSSL_ROOT}/src/x509.c"
+    "${WOLFSSL_ROOT}/src/x509_str.c"
+    "${WOLFSSL_ROOT}/wolfcrypt/src/evp.c"
+    "${WOLFSSL_ROOT}/wolfcrypt/src/misc.c"
+    "${EXCLUDE_ASM}"
+    )
+
+register_component()
+
+# some optional diagnostics
+if (0)
+    get_cmake_property(_variableNames VARIABLES)
+    list (SORT _variableNames)
+    message(STATUS "")
+    message(STATUS "ALL VARIABLES BEGIN")
+    message(STATUS "")
+    foreach (_variableName ${_variableNames})
+        message(STATUS "${_variableName}=${${_variableName}}")
+    endforeach()
+    message(STATUS "")
+    message(STATUS "ALL VARIABLES END")
+    message(STATUS "")
+endif()
+
+# check to see if there's both a local copy and EDP-IDF copy of the wolfssl components
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+    message(STATUS "")
+    message(STATUS "")
+    message(STATUS "********************************************************************")
+    message(STATUS "WARNING: Found components/wolfssl in both local project and IDF_PATH")
+    message(STATUS "********************************************************************")
+    message(STATUS "")
+endif()
+# end multiple component check
+
+

IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/component.mk

@@ -0,0 +1,40 @@
+#
+# Copyright (C) 2006-2023 wolfSSL Inc.
+#
+# This file is part of wolfSSL.
+#
+# wolfSSL is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# wolfSSL is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+#
+#
+# Component Makefile
+#
+
+COMPONENT_ADD_INCLUDEDIRS := . ./include
+
+COMPONENT_ADD_INCLUDEDIRS += "$ENV{IDF_PATH}/components/freertos/include/freertos"
+# COMPONENT_ADD_INCLUDEDIRS += "$ENV{IDF_PATH}/soc/esp32s3/include/soc"
+
+COMPONENT_SRCDIRS := src wolfcrypt/src
+COMPONENT_SRCDIRS += wolfcrypt/src/port/Espressif
+COMPONENT_SRCDIRS += wolfcrypt/src/port/atmel
+COMPONENT_SRCDIRS += wolfcrypt/benchmark
+COMPONENT_SRCDIRS += wolfcrypt/test
+
+CFLAGS +=-DWOLFSSL_USER_SETTINGS
+
+COMPONENT_OBJEXCLUDE := wolfcrypt/src/aes_asm.o
+COMPONENT_OBJEXCLUDE += wolfcrypt/src/evp.o
+COMPONENT_OBJEXCLUDE += wolfcrypt/src/misc.o
+COMPONENT_OBJEXCLUDE += src/bio.o

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/CMakeLists.txt

@@ -7,4 +7,69 @@ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
 set(COMPONENT_SRCS "client-tls.c" "wifi_connect.c")
 set(COMPONENT_ADD_INCLUDEDIRS "." "./include")
 
+set (git_cmd "git")
+
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+    #
+    # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
+    #
+    message(STATUS "")
+    message(STATUS "WARNING: Found components/wolfssl in both local project and IDF_PATH")
+    message(STATUS "")
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+endif()
+
 register_component()
+
+#
+# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
+#
+# Save the THIS_VAR as a string in a macro called VAR_OUPUT
+#
+# VAR_OUPUT:  the name of the macro to define
+# THIS_VAR:   the OUTPUT_VARIABLE result from a execute_process()
+# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
+#
+function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
+    # is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
+    string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
+
+    # if we had a successful operation, save the THIS_VAR in VAR_OUPUT
+    if(${IS_VALID_VALUE})
+        # strip newline chars in THIS_VAR parameter and save in VAR_VALUE
+        string(REPLACE "\n" ""  VAR_VALUE  ${THIS_VAR})
+
+        # we'll could percolate the value to the parent for possible later use
+        # set(${VAR_OUPUT} ${VAR_VALUE} PARENT_SCOPE)
+
+        # but we're only using it here in this function
+        set(${VAR_OUPUT} ${VAR_VALUE})
+
+        # we'll print what we found to the console
+        message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
+
+        # the interesting part is defining the VAR_OUPUT name a value to use in the app
+        add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+    else()
+        # if we get here, check the execute_process command and parameters.
+        message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
+        set(${VAR_OUPUT} "Unknown")
+    endif()
+endfunction() # LIBWOLFSSL_SAVE_INFO
+
+if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+    # LIBWOLFSSL_VERSION_GIT_HASH
+    execute_process(COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_SHORT_HASH
+    execute_process(COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_HASH_DATE
+    execute_process(COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
+endif()
+
+message(STATUS "")
+

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c

@@ -1,6 +1,6 @@
 /* client-tls-callback.c
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h

@@ -1,6 +1,6 @@
 /* user_settings.h
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -25,9 +25,9 @@
 #include "esp_log.h"
 #include "esp_wifi.h"
 #if ESP_IDF_VERSION_MAJOR >= 4
-#include "esp_event.h"
+    #include "esp_event.h"
 #else
-#include "esp_event_loop.h"
+    #include "esp_event_loop.h"
 #endif
 
 #define DEFAULT_PORT                     11111

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c

@@ -1,6 +1,6 @@
 /* wifi_connect.c
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -27,21 +27,28 @@
 #include "lwip/netdb.h"
 #include "lwip/apps/sntp.h"
 #include "nvs_flash.h"
-#if ESP_IDF_VERSION_MAJOR >= 4
-#include "protocol_examples_common.h"
+
+/* wolfSSL */
+#include <wolfssl/wolfcrypt/settings.h>
+#include <user_settings.h>
+#include <wolfssl/version.h>
+#ifndef WOLFSSL_ESPIDF
+    #warning "problem with wolfSSL user_settings. Check components/wolfssl/include"
+#endif
+
+#if ESP_IDF_VERSION_MAJOR >= 4
+    #include "protocol_examples_common.h"
+#else
+    const static int CONNECTED_BIT = BIT0;
+    static EventGroupHandle_t wifi_event_group;
 #endif
 
-const static int CONNECTED_BIT = BIT0;
-static EventGroupHandle_t wifi_event_group;
 /* proto-type */
 extern void tls_smp_client_task();
 static void tls_smp_client_init();
 
 const static char *TAG = "tls_client";
 
-static EventGroupHandle_t wifi_event_group;
-extern void tls_smp_client_task();
-
 static void set_time()
 {
     /* set dummy wallclock time. */
@@ -80,7 +87,11 @@ static void set_time()
 static void tls_smp_client_init(void)
 {
     int ret;
-    xTaskHandle _handle;
+#if ESP_IDF_VERSION_MAJOR >= 4
+        TaskHandle_t _handle;
+#else
+        xTaskHandle _handle;
+#endif
     /* http://esp32.info/docs/esp_idf/html/dd/d3c/group__xTaskCreate.html */
     ret = xTaskCreate(tls_smp_client_task,
                       TLS_SMP_CLIENT_TASK_NAME,
@@ -93,6 +104,7 @@ static void tls_smp_client_init(void)
         ESP_LOGI(TAG, "create thread %s failed", TLS_SMP_CLIENT_TASK_NAME);
     }
 }
+#if ESP_IDF_VERSION_MAJOR < 4
 /* event handler for wifi events */
 static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
 {
@@ -121,15 +133,63 @@ static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
     }
     return ESP_OK;
 }
+#endif
 /* entry point */
 void app_main(void)
 {
     ESP_LOGI(TAG, "Start app_main...");
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+    ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------");
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+    ESP_LOGI(TAG, "CONFIG_IDF_TARGET = %s", CONFIG_IDF_TARGET);
+    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_STRING = %s", LIBWOLFSSL_VERSION_STRING);
+
+#if defined(WOLFSSL_MULTI_INSTALL_WARNING)
+    ESP_LOGI(TAG, "");
+    ESP_LOGI(TAG, "WARNING: Multiple wolfSSL installs found.");
+    ESP_LOGI(TAG, "Check ESP-IDF and local project [components] directory.");
+    ESP_LOGI(TAG, "");
+#endif
+
+#if defined(LIBWOLFSSL_VERSION_GIT_HASH)
+    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH = %s", LIBWOLFSSL_VERSION_GIT_HASH);
+#endif
+
+#if defined(LIBWOLFSSL_VERSION_GIT_SHORT_HASH )
+    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_SHORT_HASH = %s", LIBWOLFSSL_VERSION_GIT_SHORT_HASH);
+#endif
+
+#if defined(LIBWOLFSSL_VERSION_GIT_HASH_DATE)
+    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH_DATE = %s", LIBWOLFSSL_VERSION_GIT_HASH_DATE);
+#endif
+
+
+    /* some interesting settings are target specific (ESP32, -C3, -S3, etc */
+#if defined(CONFIG_IDF_TARGET_ESP32C3)
+    /* not available for C3 at this time */
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+    ESP_LOGI(TAG, "CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ = %u MHz",
+                   CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
+             );
+    ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
+#else
+    ESP_LOGI(TAG, "CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ = %u MHz",
+                   CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ
+            );
+    ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
+#endif
+
+    /* all platforms: stack high water mark check */
+    ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
+
+
     ESP_ERROR_CHECK(nvs_flash_init());
 
     ESP_LOGI(TAG, "Initialize wifi");
-#if (ESP_IDF_VERSION_MAJOR >= 4 && ESP_IDF_VERSION_MINOR >= 1) || \
-    (ESP_IDF_VERSION_MAJOR > 5)
+#if (ESP_IDF_VERSION_MAJOR == 4 && ESP_IDF_VERSION_MINOR >= 1) || \
+    (ESP_IDF_VERSION_MAJOR >= 5)
     esp_netif_init();
 #else
     tcpip_adapter_init();
@@ -137,7 +197,6 @@ void app_main(void)
 
     /* */
 #if ESP_IDF_VERSION_MAJOR >= 4
-    (void) wifi_event_handler;
    ESP_ERROR_CHECK(esp_event_loop_create_default());
    /* This helper function configures Wi-Fi or Ethernet, as selected in menuconfig.
    * Read "Establishing Wi-Fi or Ethernet Connection" section in

IDE/Espressif/ESP-IDF/examples/wolfssl_client/sdkconfig.defaults

@@ -0,0 +1,35 @@
+CONFIG_FREERTOS_HZ=1000
+CONFIG_ESP32_DEFAULT_CPU_FREQ_240=y
+
+#
+# Default main stack size
+#
+# This is typically way bigger than needed for stack size. See user_settings.h
+#
+CONFIG_ESP_MAIN_TASK_STACK_SIZE=55500
+
+# Legacy stack size for older ESP-IDF versions
+CONFIG_MAIN_TASK_STACK_SIZE=55500
+
+#
+# Compiler options
+#
+CONFIG_COMPILER_OPTIMIZATION_DEFAULT=y
+CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_ENABLE=y
+CONFIG_COMPILER_OPTIMIZATION_ASSERTION_LEVEL=2
+CONFIG_COMPILER_HIDE_PATHS_MACROS=y
+CONFIG_COMPILER_STACK_CHECK_MODE_NORM=y
+CONFIG_COMPILER_STACK_CHECK=y
+
+#
+# Partition Table
+#
+# CONFIG_PARTITION_TABLE_SINGLE_APP is not set
+CONFIG_PARTITION_TABLE_SINGLE_APP_LARGE=y
+# CONFIG_PARTITION_TABLE_TWO_OTA is not set
+# CONFIG_PARTITION_TABLE_CUSTOM is not set
+CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="partitions.csv"
+CONFIG_PARTITION_TABLE_FILENAME="partitions_singleapp_large.csv"
+CONFIG_PARTITION_TABLE_OFFSET=0x8000
+CONFIG_PARTITION_TABLE_MD5=y
+# end of Partition Table

IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/VisualGDB_wolfssl_server.sln

@@ -0,0 +1,31 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 16
+VisualStudioVersion = 16.0.33027.164
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{803FD0C6-D64E-4E16-9DC3-1DAEC859A3D2}") = "VisualGDB_wolfssl_server", "VisualGDB_wolfssl_server.vgdbproj", "{CD5A90CA-2D40-461A-A0C3-27654371BB00}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|VisualGDB = Debug|VisualGDB
+		Release|VisualGDB = Release|VisualGDB
+		Tests (Debug)|VisualGDB = Tests (Debug)|VisualGDB
+		Tests (Release)|VisualGDB = Tests (Release)|VisualGDB
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{CD5A90CA-2D40-461A-A0C3-27654371BB00}.Debug|VisualGDB.ActiveCfg = Debug|VisualGDB
+		{CD5A90CA-2D40-461A-A0C3-27654371BB00}.Debug|VisualGDB.Build.0 = Debug|VisualGDB
+		{CD5A90CA-2D40-461A-A0C3-27654371BB00}.Release|VisualGDB.ActiveCfg = Release|VisualGDB
+		{CD5A90CA-2D40-461A-A0C3-27654371BB00}.Release|VisualGDB.Build.0 = Release|VisualGDB
+		{CD5A90CA-2D40-461A-A0C3-27654371BB00}.Tests (Debug)|VisualGDB.ActiveCfg = Tests (Debug)|VisualGDB
+		{CD5A90CA-2D40-461A-A0C3-27654371BB00}.Tests (Debug)|VisualGDB.Build.0 = Tests (Debug)|VisualGDB
+		{CD5A90CA-2D40-461A-A0C3-27654371BB00}.Tests (Release)|VisualGDB.ActiveCfg = Tests (Release)|VisualGDB
+		{CD5A90CA-2D40-461A-A0C3-27654371BB00}.Tests (Release)|VisualGDB.Build.0 = Tests (Release)|VisualGDB
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {719A8CBE-E881-4B20-89F3-9910520E1067}
+	EndGlobalSection
+EndGlobal

IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/VisualGDB_wolfssl_server.vgdbproj

@@ -0,0 +1,269 @@
+<?xml version="1.0"?>
+<VisualGDBProjectSettings2 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+  <Project xsi:type="com.visualgdb.project.external.esp-idf">
+    <CustomSourceDirectories>
+      <Directories />
+      <PathStyle>Unknown</PathStyle>
+    </CustomSourceDirectories>
+    <AutoProgramSPIFFSPartition>true</AutoProgramSPIFFSPartition>
+    <ProjectModeSettings>
+      <ProjectGUID>63883b8e-8fa2-4e2f-807c-31c07f619c51</ProjectGUID>
+      <GroupSourcesByTypes>true</GroupSourcesByTypes>
+      <GroupSourcesByPaths>true</GroupSourcesByPaths>
+      <HeaderScanMode>SourceDirs</HeaderScanMode>
+    </ProjectModeSettings>
+  </Project>
+  <Build xsi:type="com.visualgdb.build.cmake">
+    <BuildLogMode xsi:nil="true" />
+    <ToolchainID>
+      <ID>com.visualgdb.xtensa-esp32-elf</ID>
+      <Version>
+        <GCC>8.4.0</GCC>
+        <GDB>8.1.0</GDB>
+        <Revision>9</Revision>
+      </Version>
+    </ToolchainID>
+    <RelativeSourceDirectory>..</RelativeSourceDirectory>
+    <ConfigurationType>DEBUG</ConfigurationType>
+    <BinaryDirectory>build/$(PlatformName)/$(ConfigurationName)</BinaryDirectory>
+    <MakeCommandTemplate>
+      <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+      <Command>$(ToolchainNinja)</Command>
+      <WorkingDirectory>$(BuildDir)</WorkingDirectory>
+      <BackgroundMode xsi:nil="true" />
+    </MakeCommandTemplate>
+    <CMakeCommand>
+      <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+      <Command>$(SYSPROGS_CMAKE_PATH)</Command>
+      <BackgroundMode xsi:nil="true" />
+    </CMakeCommand>
+    <UpdateSourcesInCMakeFile>true</UpdateSourcesInCMakeFile>
+    <ExportCompileCommands>false</ExportCompileCommands>
+    <DisableToolchainFile>false</DisableToolchainFile>
+    <CMakeMakefileType>Ninja</CMakeMakefileType>
+    <DeployAsRoot>false</DeployAsRoot>
+    <CMakeCleanMode>RemoveBuildDirectory</CMakeCleanMode>
+    <UseCCache>false</UseCCache>
+    <ProjectModeSettings>
+      <ProjectItemSettings>
+        <GroupSourcesByTypes>true</GroupSourcesByTypes>
+        <GroupSourcesByPaths>true</GroupSourcesByPaths>
+        <GroupTargetsByPaths>true</GroupTargetsByPaths>
+        <FollowCMakeSourceGroups>false</FollowCMakeSourceGroups>
+        <AutoRefreshProject>true</AutoRefreshProject>
+        <AlwaysConsiderOutdated>false</AlwaysConsiderOutdated>
+        <SortTargetsByName>true</SortTargetsByName>
+        <RedundantTargetMode>HideOuterProjectTargets</RedundantTargetMode>
+        <SortSourcesByName>true</SortSourcesByName>
+        <BuildAllTargetsInSubdir>false</BuildAllTargetsInSubdir>
+        <FoldSingleItemPathLevels>true</FoldSingleItemPathLevels>
+      </ProjectItemSettings>
+      <TargetSpecificSettings />
+      <SetLDLibraryPathFromDependentArtifacts>true</SetLDLibraryPathFromDependentArtifacts>
+      <ProjectGUID>cd5a90ca-2d40-461a-a0c3-27654371bb00</ProjectGUID>
+      <VirtualFolders />
+      <ConfigurationNameCase>Upper</ConfigurationNameCase>
+      <DefaultHeaderDiscoveryMode>HeaderDirectoryAndSubdirectories</DefaultHeaderDiscoveryMode>
+      <EnableFastUpToDateCheck>true</EnableFastUpToDateCheck>
+      <ESPIDFExtension>
+        <IDFCheckout>
+          <Version>v4.4.1</Version>
+          <Subdirectory>esp-idf/v4.4.1</Subdirectory>
+          <Type>ESPIDF</Type>
+        </IDFCheckout>
+        <COMPort>COM20</COMPort>
+        <SuppressTestPrerequisiteChecks>false</SuppressTestPrerequisiteChecks>
+        <UseCCache>false</UseCCache>
+        <DeviceID>ESP32</DeviceID>
+      </ESPIDFExtension>
+    </ProjectModeSettings>
+  </Build>
+  <CustomBuild>
+    <PreSyncActions />
+    <PreBuildActions />
+    <PostBuildActions />
+    <PreCleanActions />
+    <PostCleanActions />
+  </CustomBuild>
+  <CustomDebug>
+    <PreDebugActions />
+    <PostDebugActions />
+    <DebugStopActions />
+    <BreakMode>Default</BreakMode>
+  </CustomDebug>
+  <DeviceTerminalSettings>
+    <Connection xsi:type="com.sysprogs.terminal.connection.serial">
+      <ComPortName>COM20</ComPortName>
+      <AdvancedSettings>
+        <BaudRate>115200</BaudRate>
+        <DataBits>8</DataBits>
+        <Parity>None</Parity>
+        <StopBits>One</StopBits>
+        <FlowControl>None</FlowControl>
+      </AdvancedSettings>
+    </Connection>
+    <LastConnectionTime>0</LastConnectionTime>
+    <EchoTypedCharacters>false</EchoTypedCharacters>
+    <ClearContentsWhenReconnecting>false</ClearContentsWhenReconnecting>
+    <ReconnectAutomatically>false</ReconnectAutomatically>
+    <DisplayMode>ASCII</DisplayMode>
+    <Colors>
+      <Background>
+        <Alpha>255</Alpha>
+        <Red>0</Red>
+        <Green>0</Green>
+        <Blue>0</Blue>
+      </Background>
+      <Disconnected>
+        <Alpha>255</Alpha>
+        <Red>169</Red>
+        <Green>169</Green>
+        <Blue>169</Blue>
+      </Disconnected>
+      <Text>
+        <Alpha>255</Alpha>
+        <Red>211</Red>
+        <Green>211</Green>
+        <Blue>211</Blue>
+      </Text>
+      <Echo>
+        <Alpha>255</Alpha>
+        <Red>144</Red>
+        <Green>238</Green>
+        <Blue>144</Blue>
+      </Echo>
+      <Inactive>
+        <Alpha>255</Alpha>
+        <Red>169</Red>
+        <Green>169</Green>
+        <Blue>169</Blue>
+      </Inactive>
+    </Colors>
+    <HexSettings>
+      <MaximumBytesPerLine>16</MaximumBytesPerLine>
+      <ShowTextView>true</ShowTextView>
+      <BreaksAroundEcho>true</BreaksAroundEcho>
+      <AutoSend>true</AutoSend>
+      <SendAsHex>true</SendAsHex>
+      <TimeoutForAutoBreak>0</TimeoutForAutoBreak>
+    </HexSettings>
+    <LineEnding>LF</LineEnding>
+    <TreatLFAsCRLF>false</TreatLFAsCRLF>
+    <KeepOpenAfterExit>false</KeepOpenAfterExit>
+    <ShowAfterProgramming>false</ShowAfterProgramming>
+  </DeviceTerminalSettings>
+  <CustomShortcuts>
+    <Shortcuts />
+    <ShowMessageAfterExecuting>true</ShowMessageAfterExecuting>
+  </CustomShortcuts>
+  <UserDefinedVariables />
+  <ImportedPropertySheets />
+  <CodeSense>
+    <Enabled>Unknown</Enabled>
+    <ExtraSettings>
+      <HideErrorsInSystemHeaders>true</HideErrorsInSystemHeaders>
+      <SupportLightweightReferenceAnalysis>true</SupportLightweightReferenceAnalysis>
+      <CheckForClangFormatFiles>true</CheckForClangFormatFiles>
+      <FormattingEngine xsi:nil="true" />
+    </ExtraSettings>
+    <CodeAnalyzerSettings>
+      <Enabled>false</Enabled>
+    </CodeAnalyzerSettings>
+  </CodeSense>
+  <Configurations>
+    <VisualGDBConfiguration>
+      <Name>Debug</Name>
+      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+    </VisualGDBConfiguration>
+    <VisualGDBConfiguration>
+      <Name>Release</Name>
+      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+    </VisualGDBConfiguration>
+  </Configurations>
+  <ProgramArgumentsSuggestions />
+  <Debug xsi:type="com.visualgdb.debug.embedded">
+    <AdditionalStartupCommands />
+    <AdditionalGDBSettings>
+      <Features>
+        <DisableAutoDetection>false</DisableAutoDetection>
+        <UseFrameParameter>false</UseFrameParameter>
+        <SimpleValuesFlagSupported>false</SimpleValuesFlagSupported>
+        <ListLocalsSupported>false</ListLocalsSupported>
+        <ByteLevelMemoryCommandsAvailable>false</ByteLevelMemoryCommandsAvailable>
+        <ThreadInfoSupported>false</ThreadInfoSupported>
+        <PendingBreakpointsSupported>false</PendingBreakpointsSupported>
+        <SupportTargetCommand>false</SupportTargetCommand>
+        <ReliableBreakpointNotifications>false</ReliableBreakpointNotifications>
+      </Features>
+      <EnableSmartStepping>false</EnableSmartStepping>
+      <FilterSpuriousStoppedNotifications>false</FilterSpuriousStoppedNotifications>
+      <ForceSingleThreadedMode>false</ForceSingleThreadedMode>
+      <UseAppleExtensions>false</UseAppleExtensions>
+      <CanAcceptCommandsWhileRunning>false</CanAcceptCommandsWhileRunning>
+      <MakeLogFile>false</MakeLogFile>
+      <IgnoreModuleEventsWhileStepping>true</IgnoreModuleEventsWhileStepping>
+      <UseRelativePathsOnly>false</UseRelativePathsOnly>
+      <ExitAction>None</ExitAction>
+      <DisableDisassembly>false</DisableDisassembly>
+      <ExamineMemoryWithXCommand>false</ExamineMemoryWithXCommand>
+      <StepIntoNewInstanceEntry>app_main</StepIntoNewInstanceEntry>
+      <ExamineRegistersInRawFormat>true</ExamineRegistersInRawFormat>
+      <DisableSignals>false</DisableSignals>
+      <EnableAsyncExecutionMode>false</EnableAsyncExecutionMode>
+      <AsyncModeSupportsBreakpoints>true</AsyncModeSupportsBreakpoints>
+      <TemporaryBreakConsolidationTimeout>0</TemporaryBreakConsolidationTimeout>
+      <EnableNonStopMode>false</EnableNonStopMode>
+      <MaxBreakpointLimit>0</MaxBreakpointLimit>
+      <EnableVerboseMode>true</EnableVerboseMode>
+      <EnablePrettyPrinters>false</EnablePrettyPrinters>
+    </AdditionalGDBSettings>
+    <DebugMethod>
+      <ID>openocd</ID>
+      <Configuration xsi:type="com.visualgdb.edp.openocd.settings.esp32">
+        <CommandLine>-f interface/tigard.cfg -c "adapter_khz 3000" -f target/esp32.cfg</CommandLine>
+        <ExtraParameters>
+          <Frequency xsi:nil="true" />
+          <BoostedFrequency xsi:nil="true" />
+          <ConnectUnderReset>false</ConnectUnderReset>
+        </ExtraParameters>
+        <LoadProgressGUIThreshold>131072</LoadProgressGUIThreshold>
+        <ProgramMode>Enabled</ProgramMode>
+        <StartupCommands>
+          <string>set remotetimeout 60</string>
+          <string>target remote :$$SYS:GDB_PORT$$</string>
+          <string>mon gdb_breakpoint_override hard</string>
+          <string>mon reset halt</string>
+          <string>load</string>
+        </StartupCommands>
+        <ProgramFLASHUsingExternalTool>false</ProgramFLASHUsingExternalTool>
+        <PreferredGDBPort>0</PreferredGDBPort>
+        <PreferredTelnetPort>0</PreferredTelnetPort>
+        <AlwaysPassSerialNumber>false</AlwaysPassSerialNumber>
+        <SelectedCoreIndex xsi:nil="true" />
+        <LiveMemoryTimeout>5000</LiveMemoryTimeout>
+        <SuggestionLogicRevision>1</SuggestionLogicRevision>
+        <CheckFLASHSize>true</CheckFLASHSize>
+        <FLASHSettings>
+          <Size>size2MB</Size>
+          <Frequency>freq40M</Frequency>
+          <Mode>DIO</Mode>
+        </FLASHSettings>
+        <PatchBootloader>true</PatchBootloader>
+      </Configuration>
+    </DebugMethod>
+    <AutoDetectRTOS>true</AutoDetectRTOS>
+    <SemihostingSupport>Auto</SemihostingSupport>
+    <SemihostingPollingDelay>0</SemihostingPollingDelay>
+    <StepIntoEntryPoint>false</StepIntoEntryPoint>
+    <ReloadFirmwareOnReset>false</ReloadFirmwareOnReset>
+    <ValidateEndOfStackAddress>true</ValidateEndOfStackAddress>
+    <StopAtEntryPoint>false</StopAtEntryPoint>
+    <EnableVirtualHalts>false</EnableVirtualHalts>
+    <DynamicAnalysisSettings />
+    <EndOfStackSymbol>_estack</EndOfStackSymbol>
+    <TimestampProviderTicksPerSecond>0</TimestampProviderTicksPerSecond>
+    <KeepConsoleAfterExit>false</KeepConsoleAfterExit>
+    <UnusedStackFillPattern xsi:nil="true" />
+    <CheckInterfaceDrivers>true</CheckInterfaceDrivers>
+  </Debug>
+</VisualGDBProjectSettings2>

IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/CMakeLists.txt

@@ -0,0 +1,229 @@
+#
+#  Copyright (C) 2006-2023 wolfSSL Inc.
+#
+#  This file is part of wolfSSL.
+#
+#  wolfSSL is free software; you can redistribute it and/or modify
+#  it under the terms of the GNU General Public License as published by
+#  the Free Software Foundation; either version 2 of the License, or
+#  (at your option) any later version.
+#
+#  wolfSSL is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU General Public License for more details.
+#
+#  You should have received a copy of the GNU General Public License
+#  along with this program; if not, write to the Free Software
+#  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+#
+# cmake for wolfssl
+#
+cmake_minimum_required(VERSION 3.5)
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+set(CMAKE_CURRENT_SOURCE_DIR ".")
+
+# We are currently in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
+# The root of wolfSSL is 7 directories up from here:
+get_filename_component(WOLFSSL_ROOT  "../../../../../../../" ABSOLUTE)
+
+# Espressif may take several passes through this makefile. Check to see if we found IDF
+string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
+
+if($WOLFSSL_FOUND_IDF)
+    message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
+    message(STATUS "WOLFSSL_ROOT = ${WOLFSSL_ROOT}")
+    message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
+endif()
+
+# get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
+FILE(GLOB EXCLUDE_ASM *.S)
+file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
+
+if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+    message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
+endif()
+
+set(INCLUDE_PATH ${WOLFSSL_ROOT})
+
+set(COMPONENT_SRCDIRS "${WOLFSSL_ROOT}/src/"
+                        "${WOLFSSL_ROOT}/wolfcrypt/src/"
+                        "${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif/"
+                        "${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel/"
+                        "${WOLFSSL_ROOT}/wolfcrypt/benchmark/"
+                        "${WOLFSSL_ROOT}/wolfcrypt/test/"
+                        )
+
+set(COMPONENT_REQUIRES lwip)
+
+
+# check to see if there's both a local copy and EDP-IDF copy of the wolfssl and/or wolfssh components
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+    #
+    # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
+    #
+    message(STATUS "")
+    message(STATUS "**************************************************************************************")
+    message(STATUS "")
+    message(STATUS "Error: Found components/wolfssl in both local project and IDF_PATH")
+    message(STATUS "")
+    message(STATUS "To proceed: ")
+    message(STATUS "")
+    message(STATUS "Remove either the local project component: ${CMAKE_HOME_DIRECTORY}/components/wolfssl/ ")
+    message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
+    message(STATUS "")
+    message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
+    message(STATUS "")
+    message(STATUS "**************************************************************************************")
+    message(STATUS "")
+
+    # Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+
+else()
+    if( EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+        #
+        # wolfSSL found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
+        #
+        message(STATUS "")
+        message(STATUS "Using components/wolfssl in IDF_PATH = $ENV{IDF_PATH}")
+        message(STATUS "")
+    else()
+        #
+        # wolfSSL is not an ESP-IDF component. We need to now determine if it is local and if so if it is part of the wolfSSL repo
+        # or if  wolfSSL is simply installed as a local component.
+        #
+        if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" )
+            #
+            # wolfSSL found in local project.
+            #
+            if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/include/" )
+                message(STATUS "")
+                message(STATUS "Using installed project ./components/wolfssl in CMAKE_HOME_DIRECTORY = $ENV{CMAKE_HOME_DIRECTORY}")
+                message(STATUS "")
+                #
+                # Note we already checked above and confirmed there's not another wolfSSL installed in the ESP-IDF components.
+                #
+                # We won't do anything else here, as it will be assumed the original install completed successfully.
+                #
+            else()
+                #
+                # This is the developer repo mode. wolfSSL will be assume to be not installed to ESP-IDF nor local project
+                # In this configuration, we are likely running a wolfSSL example found directly in the repo.
+                #
+                message(STATUS "")
+                message(STATUS "Using developer repo ./components/wolfssl in CMAKE_HOME_DIRECTORY = $ENV{CMAKE_HOME_DIRECTORY}")
+                message(STATUS "")
+
+                message(STATUS "************************************************************************************************")
+                # When in developer mode, we are typically running wolfSSL examples such as benchmark or test directories.
+                # However, the as-cloned or distributed wolfSSL does not have the ./include/ directory, so we'll add it as needed.
+                #
+                # first check if there's a [root]/include/user_settings.h
+                if( EXISTS "${WOLFSSL_ROOT}/include/user_settings.h" )
+                    # we won't overwrite an existing user settings file, just note that we already have one:
+                    message(STATUS "Found wolfSSL user_settings.h in ${WOLFSSL_ROOT}/include/user_settings.h")
+                else()
+                    message(STATUS "Installing wolfSSL user_settings.h to ${WOLFSSL_ROOT}/include/user_settings.h")
+                    file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h" DESTINATION "${WOLFSSL_ROOT}/include/")
+                endif() # user_settings.h
+
+                # next check if there's a [root]/include/config.h
+                if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
+                    message(STATUS "Found wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h")
+                else()
+                    message(STATUS "Installing wolfSSL config.h to ${WOLFSSL_ROOT}/include/config.h")
+                    file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/dummy_config_h" DESTINATION "${WOLFSSL_ROOT}/include/")
+                    file(RENAME "${WOLFSSL_ROOT}/include/dummy_config_h" "${WOLFSSL_ROOT}/include/config.h")
+                endif() # config.h
+                message(STATUS "************************************************************************************************")
+                message(STATUS "")
+            endif()
+
+        else()
+            # we did not find a ./components/wolfssl/include/ directory from this pass of cmake.
+            if($WOLFSSL_FOUND_IDF)
+                message(STATUS "")
+                message(STATUS "WARNING: wolfSSL not found.")
+                message(STATUS "")
+            else()
+                # probably needs to be re-parsed by Espressif
+                message(STATUS "wolfSSL found IDF. Project Source:${PROJECT_SOURCE_DIR}")
+            endif() # else we have not found ESP-IDF yet
+        endif() # else not a local wolfSSL component
+
+    endif() #else not an ESP-IDF component
+endif() # else not local copy and EDP-IDF wolfSSL
+
+
+# RTOS_IDF_PATH is typically:
+# "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
+# depending on the environment, we may need to swap backslashes with forward slashes
+string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/include/freertos")
+
+# ESP-IDF after version 4.4x has a different RTOS directory structure
+string(REPLACE "\\" "/" RTOS_IDF_PATH5 "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
+
+if(IS_DIRECTORY ${IDF_PATH}/components/freertos/FreeRTOS-Kernel/)
+    set(COMPONENT_ADD_INCLUDEDIRS
+        "."
+       "${WOLFSSL_ROOT}/include"
+       "${RTOS_IDF_PATH5}"
+       "${WOLFSSL_ROOT}"
+       )
+else()
+
+   set(COMPONENT_ADD_INCLUDEDIRS
+       "."
+       "${WOLFSSL_ROOT}/include"
+       "${RTOS_IDF_PATH}"
+       "${WOLFSSL_ROOT}"
+      )
+endif()
+
+if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
+    list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
+endif()
+
+set(COMPONENT_SRCEXCLUDE
+    "${WOLFSSL_ROOT}/src/bio.c"
+    "${WOLFSSL_ROOT}/src/conf.c"
+    "${WOLFSSL_ROOT}/src/misc.c"
+    "${WOLFSSL_ROOT}/src/pk.c"
+    "${WOLFSSL_ROOT}/src/ssl_misc.c" # included by ssl.c
+    "${WOLFSSL_ROOT}/src/x509.c"
+    "${WOLFSSL_ROOT}/src/x509_str.c"
+    "${WOLFSSL_ROOT}/wolfcrypt/src/evp.c"
+    "${WOLFSSL_ROOT}/wolfcrypt/src/misc.c"
+    "${EXCLUDE_ASM}"
+    )
+
+register_component()
+
+# some optional diagnostics
+if (0)
+    get_cmake_property(_variableNames VARIABLES)
+    list (SORT _variableNames)
+    message(STATUS "")
+    message(STATUS "ALL VARIABLES BEGIN")
+    message(STATUS "")
+    foreach (_variableName ${_variableNames})
+        message(STATUS "${_variableName}=${${_variableName}}")
+    endforeach()
+    message(STATUS "")
+    message(STATUS "ALL VARIABLES END")
+    message(STATUS "")
+endif()
+
+# check to see if there's both a local copy and EDP-IDF copy of the wolfssl components
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+    message(STATUS "")
+    message(STATUS "")
+    message(STATUS "********************************************************************")
+    message(STATUS "WARNING: Found components/wolfssl in both local project and IDF_PATH")
+    message(STATUS "********************************************************************")
+    message(STATUS "")
+endif()
+# end multiple component check
+
+

IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/component.mk

@@ -0,0 +1,40 @@
+#
+# Copyright (C) 2006-2023 wolfSSL Inc.
+#
+# This file is part of wolfSSL.
+#
+# wolfSSL is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# wolfSSL is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+#
+#
+# Component Makefile
+#
+
+COMPONENT_ADD_INCLUDEDIRS := . ./include
+
+COMPONENT_ADD_INCLUDEDIRS += "$ENV{IDF_PATH}/components/freertos/include/freertos"
+# COMPONENT_ADD_INCLUDEDIRS += "$ENV{IDF_PATH}/soc/esp32s3/include/soc"
+
+COMPONENT_SRCDIRS := src wolfcrypt/src
+COMPONENT_SRCDIRS += wolfcrypt/src/port/Espressif
+COMPONENT_SRCDIRS += wolfcrypt/src/port/atmel
+COMPONENT_SRCDIRS += wolfcrypt/benchmark
+COMPONENT_SRCDIRS += wolfcrypt/test
+
+CFLAGS +=-DWOLFSSL_USER_SETTINGS
+
+COMPONENT_OBJEXCLUDE := wolfcrypt/src/aes_asm.o
+COMPONENT_OBJEXCLUDE += wolfcrypt/src/evp.o
+COMPONENT_OBJEXCLUDE += wolfcrypt/src/misc.o
+COMPONENT_OBJEXCLUDE += src/bio.o

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/CMakeLists.txt

@@ -7,4 +7,69 @@ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
 set(COMPONENT_SRCS "server-tls.c" "wifi_connect.c")
 set(COMPONENT_ADD_INCLUDEDIRS "." "./include")
 
+set (git_cmd "git")
+
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+    #
+    # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
+    #
+    message(STATUS "")
+    message(STATUS "WARNING: Found components/wolfssl in both local project and IDF_PATH")
+    message(STATUS "")
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+endif()
+
+
 register_component()
+
+#
+# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
+#
+# Save the THIS_VAR as a string in a macro called VAR_OUPUT
+#
+# VAR_OUPUT:  the name of the macro to define
+# THIS_VAR:   the OUTPUT_VARIABLE result from a execute_process()
+# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
+#
+function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
+    # is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
+    string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
+
+    # if we had a successful operation, save the THIS_VAR in VAR_OUPUT
+    if(${IS_VALID_VALUE})
+        # strip newline chars in THIS_VAR parameter and save in VAR_VALUE
+        string(REPLACE "\n" ""  VAR_VALUE  ${THIS_VAR})
+
+        # we'll could percolate the value to the parent for possible later use
+        # set(${VAR_OUPUT} ${VAR_VALUE} PARENT_SCOPE)
+
+        # but we're only using it here in this function
+        set(${VAR_OUPUT} ${VAR_VALUE})
+
+        # we'll print what we found to the console
+        message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
+
+        # the interesting part is defining the VAR_OUPUT name a value to use in the app
+        add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+    else()
+        # if we get here, check the execute_process command and parameters.
+        message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
+        set(${VAR_OUPUT} "Unknown")
+    endif()
+endfunction() # LIBWOLFSSL_SAVE_INFO
+
+if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+    # LIBWOLFSSL_VERSION_GIT_HASH
+    execute_process(COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_SHORT_HASH
+    execute_process(COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_HASH_DATE
+    execute_process(COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
+endif()
+
+message(STATUS "")

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h

@@ -1,6 +1,6 @@
 /* wifi_connect.h
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c

@@ -1,6 +1,6 @@
 /* server-tls-callback.c
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c

@@ -1,6 +1,6 @@
-/* wifi_connect.c 
+/* wifi_connect.c
  *
- * Copyright (C) 2006-2022 wolfSSL Inc.
+ * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
  *
@@ -27,12 +27,22 @@
 #include "lwip/netdb.h"
 #include "lwip/apps/sntp.h"
 #include "nvs_flash.h"
-#if ESP_IDF_VERSION_MAJOR >= 4
-#include "protocol_examples_common.h"
+
+/* wolfSSL */
+#include <wolfssl/wolfcrypt/settings.h>
+#include <user_settings.h>
+#include <wolfssl/version.h>
+#ifndef WOLFSSL_ESPIDF
+    #warning "problem with wolfSSL user_settings. Check components/wolfssl/include"
+#endif
+
+#if ESP_IDF_VERSION_MAJOR >= 4
+    #include "protocol_examples_common.h"
+#else
+    const static int CONNECTED_BIT = BIT0;
+    static EventGroupHandle_t wifi_event_group;
 #endif
 
-const static int CONNECTED_BIT = BIT0;
-static EventGroupHandle_t wifi_event_group;
 /* prefix for logging */
 const static char *TAG = "tls_server";
 /* proto-type definition */
@@ -55,7 +65,7 @@ static void set_time()
     utctime.tv_usec = 0;
     tz.tz_minuteswest = 0;
     tz.tz_dsttime = 0;
-    
+
     settimeofday(&utctime, &tz);
 
     time(&now);
@@ -77,7 +87,11 @@ static void set_time()
 static void tls_smp_server_init(void)
 {
     int ret;
-    xTaskHandle _handle;
+#if ESP_IDF_VERSION_MAJOR >= 4
+        TaskHandle_t _handle;
+#else
+        xTaskHandle _handle;
+#endif
     /* http://esp32.info/docs/esp_idf/html/dd/d3c/group__xTaskCreate.html */
     ret = xTaskCreate(tls_smp_server_task,
                       TLS_SMP_SERVER_TASK_NAME,
@@ -90,6 +104,7 @@ static void tls_smp_server_init(void)
         ESP_LOGI(TAG, "create thread %s failed", TLS_SMP_SERVER_TASK_NAME);
     }
 }
+#if ESP_IDF_VERSION_MAJOR < 4
 /* event handler for wifi events */
 static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
 {
@@ -118,23 +133,68 @@ static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
     }
     return ESP_OK;
 }
+#endif
 /* entry point */
 void app_main(void)
 {
-    ESP_LOGI(TAG, "Start app_main...");
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+    ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------");
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+    ESP_LOGI(TAG, "CONFIG_IDF_TARGET = %s", CONFIG_IDF_TARGET);
+    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_STRING = %s", LIBWOLFSSL_VERSION_STRING);
+
+#if defined(WOLFSSL_MULTI_INSTALL_WARNING)
+    ESP_LOGI(TAG, "");
+    ESP_LOGI(TAG, "WARNING: Multiple wolfSSL installs found.");
+    ESP_LOGI(TAG, "Check ESP-IDF and local project [components] directory.");
+    ESP_LOGI(TAG, "");
+#endif
+
+#if defined(LIBWOLFSSL_VERSION_GIT_HASH)
+    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH = %s", LIBWOLFSSL_VERSION_GIT_HASH);
+#endif
+
+#if defined(LIBWOLFSSL_VERSION_GIT_SHORT_HASH )
+    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_SHORT_HASH = %s", LIBWOLFSSL_VERSION_GIT_SHORT_HASH);
+#endif
+
+#if defined(LIBWOLFSSL_VERSION_GIT_HASH_DATE)
+    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH_DATE = %s", LIBWOLFSSL_VERSION_GIT_HASH_DATE);
+#endif
+
+
+    /* some interesting settings are target specific (ESP32, -C3, -S3, etc */
+#if defined(CONFIG_IDF_TARGET_ESP32C3)
+    /* not available for C3 at this time */
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+    ESP_LOGI(TAG, "CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ = %u MHz",
+                   CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
+             );
+    ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
+#else
+    ESP_LOGI(TAG, "CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ = %u MHz",
+                   CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ
+            );
+    ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
+#endif
+
+    /* all platforms: stack high water mark check */
+    ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
+
     ESP_ERROR_CHECK(nvs_flash_init());
 
     ESP_LOGI(TAG, "Initialize wifi");
     /* TCP/IP adapter initialization */
-#if (ESP_IDF_VERSION_MAJOR >= 4 && ESP_IDF_VERSION_MINOR >= 1) || \
-    (ESP_IDF_VERSION_MAJOR > 5)
+#if (ESP_IDF_VERSION_MAJOR == 4 && ESP_IDF_VERSION_MINOR >= 1) || \
+    (ESP_IDF_VERSION_MAJOR >= 5)
     esp_netif_init();
 #else
     tcpip_adapter_init();
 #endif
     /* */
 #if ESP_IDF_VERSION_MAJOR >= 4
-    (void) wifi_event_handler;
    ESP_ERROR_CHECK(esp_event_loop_create_default());
    /* This helper function configures Wi-Fi or Ethernet, as selected in menuconfig.
    * Read "Establishing Wi-Fi or Ethernet Connection" section in
@@ -155,7 +215,7 @@ void app_main(void)
     };
     /* WiFi station mode */
     ESP_ERROR_CHECK(esp_wifi_set_mode(WIFI_MODE_STA) );
-    /* Wifi Set the configuration of the ESP32 STA or AP */ 
+    /* Wifi Set the configuration of the ESP32 STA or AP */
     ESP_ERROR_CHECK(esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) );
     /* Start Wifi */
     ESP_ERROR_CHECK(esp_wifi_start() );

IDE/Espressif/ESP-IDF/examples/wolfssl_server/sdkconfig.defaults

@@ -0,0 +1,35 @@
+CONFIG_FREERTOS_HZ=1000
+CONFIG_ESP32_DEFAULT_CPU_FREQ_240=y
+
+#
+# Default main stack size
+#
+# This is typically way bigger than needed for stack size. See user_settings.h
+#
+CONFIG_ESP_MAIN_TASK_STACK_SIZE=55500
+
+# Legacy stack size for older ESP-IDF versions
+CONFIG_MAIN_TASK_STACK_SIZE=55500
+
+#
+# Compiler options
+#
+CONFIG_COMPILER_OPTIMIZATION_DEFAULT=y
+CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_ENABLE=y
+CONFIG_COMPILER_OPTIMIZATION_ASSERTION_LEVEL=2
+CONFIG_COMPILER_HIDE_PATHS_MACROS=y
+CONFIG_COMPILER_STACK_CHECK_MODE_NORM=y
+CONFIG_COMPILER_STACK_CHECK=y
+
+#
+# Partition Table
+#
+# CONFIG_PARTITION_TABLE_SINGLE_APP is not set
+CONFIG_PARTITION_TABLE_SINGLE_APP_LARGE=y
+# CONFIG_PARTITION_TABLE_TWO_OTA is not set
+# CONFIG_PARTITION_TABLE_CUSTOM is not set
+CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="partitions.csv"
+CONFIG_PARTITION_TABLE_FILENAME="partitions_singleapp_large.csv"
+CONFIG_PARTITION_TABLE_OFFSET=0x8000
+CONFIG_PARTITION_TABLE_MD5=y
+# end of Partition Table

IDE/Espressif/ESP-IDF/examples/wolfssl_test/CMakeLists.txt

@@ -1,6 +1,12 @@
-# The following five lines of boilerplate have to be in your project's
+# The following lines of boilerplate have to be in your project's
 # CMakeLists in this exact order for cmake to work correctly
 cmake_minimum_required(VERSION 3.5)
 
 include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+
+set(COMPONENTS
+  main
+  wolfssl
+) # set components
+
 project(wolfssl_test)

IDE/Espressif/ESP-IDF/examples/wolfssl_test/README.md

@@ -2,9 +2,141 @@
 
 The Example contains of wolfSSL test program.
 
-When you want to run the benchmark program
-1. `idf.py menuconfig` to configure the program,first
-2. `idf.py build` to compile and `idf.py -p <PORT> flash` to load the firmware
-3. `idf.py monitor` to see the message
+1. `idf.py menuconfig` to configure the program.  
+    1-1. Example Configuration ->
+
+    TEST_ARG : argument that you want to use. Default is "-lng 0"  
+    The list of argument can be find in help.
+
+When you want to run the test program
+
+1. `idf.py -p <PORT> flash` to compile and load the firmware
+2. `idf.py monitor` to see the message
 
 See the README.md file in the upper level 'examples' directory for more information about examples.
+
+Reminder than when building on WSL in `/mnt/c` there will be a noticeable performance degradation at compile time. Using `~/` will be faster at the cost of shared filesystems.
+
+Example build on WSL, assuming `git clone` from `c:\workspace`:
+
+```
+# Optionally install wolfSSL component
+# cd /mnt/c/workspace/wolfssl/IDE/Espressif/ESP-IDF
+./setup.sh
+
+# switch to test example
+cd /mnt/c/workspace/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test
+
+# Pick ESP-IDF install directory, this one for v4.4.2 in VisualGDB
+. /mnt/c/SysGCC/esp32/esp-idf/v4.4.2/export.sh
+
+# build and flash, in this example to COM20
+idf.py build flash -p /dev/ttyS20 -b 921600 monitor
+```
+
+## Example Output
+
+Note the default wolfSSL `user_settings.h` is configured by default to be the most 
+compatible across the widest ranges of targets. Contact wolfSSL at support@wolfssl.com
+for help in optimizing for your particular application, or see the 
+[docs](https://www.wolfssl.com/documentation/manuals/wolfssl/index.html).
+
+Compiled and flashed with `idf.py build  flash -p /dev/ttyS7 -b 921600 monitor`:
+
+```
+ets Jun  8 2016 00:22:57
+
+rst:0x3 (SW_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
+configsip: 0, SPIWP:0xee
+clk_drv:0x00,q_drv:0x00,d_drv:0x00,cs0_drv:0x00,hd_drv:0x00,wp_drv:0x00
+mode:DIO, clock div:2
+load:0x3fff0030,len:6612
+load:0x40078000,len:14788
+load:0x40080400,len:3792
+entry 0x40080694
+I (26) boot: ESP-IDF v4.4.1-dirty 2nd stage bootloader
+I (26) boot: compile time 15:25:38
+I (26) boot: chip revision: 1
+I (29) boot_comm: chip revision: 1, min. bootloader chip revision: 0
+I (37) boot.esp32: SPI Speed      : 40MHz
+I (41) boot.esp32: SPI Mode       : DIO
+I (46) boot.esp32: SPI Flash Size : 2MB
+I (50) boot: Enabling RNG early entropy source...
+I (56) boot: Partition Table:
+I (59) boot: ## Label            Usage          Type ST Offset   Length
+I (67) boot:  0 nvs              WiFi data        01 02 00009000 00006000
+I (74) boot:  1 phy_init         RF data          01 01 0000f000 00001000
+I (81) boot:  2 factory          factory app      00 00 00010000 00100000
+I (89) boot: End of partition table
+I (93) boot_comm: chip revision: 1, min. application chip revision: 0
+I (100) esp_image: segment 0: paddr=00010020 vaddr=3f400020 size=16ca4h ( 93348) map
+I (143) esp_image: segment 1: paddr=00026ccc vaddr=3ffb0000 size=024d4h (  9428) load
+I (147) esp_image: segment 2: paddr=000291a8 vaddr=40080000 size=06e70h ( 28272) load
+I (160) esp_image: segment 3: paddr=00030020 vaddr=400d0020 size=412d8h (266968) map
+I (257) esp_image: segment 4: paddr=00071300 vaddr=40086e70 size=045a8h ( 17832) load
+I (265) esp_image: segment 5: paddr=000758b0 vaddr=50000000 size=00010h (    16) load
+I (270) boot: Loaded app from partition at offset 0x10000
+I (270) boot: Disabling RNG early entropy source...
+I (285) cpu_start: Pro cpu up.
+I (286) cpu_start: Starting app cpu, entry point is 0x40081088
+I (273) cpu_start: App cpu up.
+I (300) cpu_start: Pro cpu start user code
+I (300) cpu_start: cpu freq: 160000000
+I (300) cpu_start: Application information:
+I (305) cpu_start: Project name:     wolfssl_test
+I (310) cpu_start: App version:      v5.5.3-stable-108-gbd7b442df-di
+I (317) cpu_start: Compile time:     Nov 17 2022 15:24:40
+I (323) cpu_start: ELF file SHA256:  90957eeb4f0d2246...
+I (329) cpu_start: ESP-IDF:          v4.4.1-dirty
+I (335) heap_init: Initializing. RAM available for dynamic allocation:
+I (342) heap_init: At 3FFAE6E0 len 00001920 (6 KiB): DRAM
+I (348) heap_init: At 3FFB2DF0 len 0002D210 (180 KiB): DRAM
+I (354) heap_init: At 3FFE0440 len 00003AE0 (14 KiB): D/IRAM
+I (360) heap_init: At 3FFE4350 len 0001BCB0 (111 KiB): D/IRAM
+I (367) heap_init: At 4008B418 len 00014BE8 (82 KiB): IRAM
+I (374) spi_flash: detected chip: generic
+I (378) spi_flash: flash io: dio
+W (382) spi_flash: Detected size(4096k) larger than the size in the binary image header(2048k). Using the size in the binary image header.
+I (396) cpu_start: Starting scheduler on PRO CPU.
+I (0) cpu_start: Starting scheduler on APP CPU.
+------------------------------------------------------------------------------
+ wolfSSL version 5.5.3
+------------------------------------------------------------------------------
+error    test passed!
+MEMORY   test passed!
+base64   test passed!
+asn      test passed!
+RANDOM   test passed!
+MD5      test passed!
+MD4      test passed!
+SHA      test passed!
+SHA-256  test passed!
+SHA-512  test passed!
+Hash     test passed!
+HMAC-MD5 test passed!
+HMAC-SHA test passed!
+HMAC-SHA256 test passed!
+HMAC-SHA512 test passed!
+HMAC-KDF    test passed!
+TLSv1.3 KDF test passed!
+GMAC     test passed!
+DES      test passed!
+DES3     test passed!
+AES      test passed!
+AES192   test passed!
+AES256   test passed!
+AES-GCM  test passed!
+RSA      test passed!
+PWDBASED test passed!
+ECC      test passed!
+ECC buffer test passed!
+CURVE25519 test passed!
+ED25519  test passed!
+logging  test passed!
+time test passed!
+mutex    test passed!
+Test complete
+I (136548) wolfcrypt_test: Exiting main with return code:  0
+
+I (136548) wolfssl_test: wolf_test_task complete success result code = 0
+```

IDE/Espressif/ESP-IDF/examples/wolfssl_test/VisualGDB/VisualGDB_wolfssl_test-WIP.sln

@@ -0,0 +1,31 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 16
+VisualStudioVersion = 16.0.33027.164
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{803FD0C6-D64E-4E16-9DC3-1DAEC859A3D2}") = "VisualGDB_wolfssl_test-WIP", "VisualGDB_wolfssl_test-WIP.vgdbproj", "{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|VisualGDB = Debug|VisualGDB
+		Release|VisualGDB = Release|VisualGDB
+		Tests (Debug)|VisualGDB = Tests (Debug)|VisualGDB
+		Tests (Release)|VisualGDB = Tests (Release)|VisualGDB
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Debug|VisualGDB.ActiveCfg = Debug|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Debug|VisualGDB.Build.0 = Debug|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Release|VisualGDB.ActiveCfg = Release|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Release|VisualGDB.Build.0 = Release|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Debug)|VisualGDB.ActiveCfg = Tests (Debug)|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Debug)|VisualGDB.Build.0 = Tests (Debug)|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Release)|VisualGDB.ActiveCfg = Tests (Release)|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Release)|VisualGDB.Build.0 = Tests (Release)|VisualGDB
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {C84ED821-3F33-4EBD-94E4-FE860F402B2F}
+	EndGlobalSection
+EndGlobal

IDE/Espressif/ESP-IDF/examples/wolfssl_test/VisualGDB/VisualGDB_wolfssl_test-WIP.vgdbproj

@@ -0,0 +1,269 @@
+<?xml version="1.0"?>
+<VisualGDBProjectSettings2 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+  <Project xsi:type="com.visualgdb.project.external.esp-idf">
+    <CustomSourceDirectories>
+      <Directories />
+      <PathStyle>Unknown</PathStyle>
+    </CustomSourceDirectories>
+    <AutoProgramSPIFFSPartition>true</AutoProgramSPIFFSPartition>
+    <ProjectModeSettings>
+      <ProjectGUID>35e5525f-318a-466e-a8c7-36548547d801</ProjectGUID>
+      <GroupSourcesByTypes>true</GroupSourcesByTypes>
+      <GroupSourcesByPaths>true</GroupSourcesByPaths>
+      <HeaderScanMode>SourceDirs</HeaderScanMode>
+    </ProjectModeSettings>
+  </Project>
+  <Build xsi:type="com.visualgdb.build.cmake">
+    <BuildLogMode xsi:nil="true" />
+    <ToolchainID>
+      <ID>com.visualgdb.xtensa-esp32-elf</ID>
+      <Version>
+        <GCC>8.4.0</GCC>
+        <GDB>8.1.0</GDB>
+        <Revision>9</Revision>
+      </Version>
+    </ToolchainID>
+    <RelativeSourceDirectory>..</RelativeSourceDirectory>
+    <ConfigurationType>DEBUG</ConfigurationType>
+    <BinaryDirectory>build/$(PlatformName)/$(ConfigurationName)</BinaryDirectory>
+    <MakeCommandTemplate>
+      <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+      <Command>$(ToolchainNinja)</Command>
+      <WorkingDirectory>$(BuildDir)</WorkingDirectory>
+      <BackgroundMode xsi:nil="true" />
+    </MakeCommandTemplate>
+    <CMakeCommand>
+      <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+      <Command>$(SYSPROGS_CMAKE_PATH)</Command>
+      <BackgroundMode xsi:nil="true" />
+    </CMakeCommand>
+    <UpdateSourcesInCMakeFile>true</UpdateSourcesInCMakeFile>
+    <ExportCompileCommands>false</ExportCompileCommands>
+    <DisableToolchainFile>false</DisableToolchainFile>
+    <CMakeMakefileType>Ninja</CMakeMakefileType>
+    <DeployAsRoot>false</DeployAsRoot>
+    <CMakeCleanMode>RemoveBuildDirectory</CMakeCleanMode>
+    <UseCCache>false</UseCCache>
+    <ProjectModeSettings>
+      <ProjectItemSettings>
+        <GroupSourcesByTypes>true</GroupSourcesByTypes>
+        <GroupSourcesByPaths>true</GroupSourcesByPaths>
+        <GroupTargetsByPaths>true</GroupTargetsByPaths>
+        <FollowCMakeSourceGroups>false</FollowCMakeSourceGroups>
+        <AutoRefreshProject>true</AutoRefreshProject>
+        <AlwaysConsiderOutdated>false</AlwaysConsiderOutdated>
+        <SortTargetsByName>true</SortTargetsByName>
+        <RedundantTargetMode>HideOuterProjectTargets</RedundantTargetMode>
+        <SortSourcesByName>true</SortSourcesByName>
+        <BuildAllTargetsInSubdir>false</BuildAllTargetsInSubdir>
+        <FoldSingleItemPathLevels>true</FoldSingleItemPathLevels>
+      </ProjectItemSettings>
+      <TargetSpecificSettings />
+      <SetLDLibraryPathFromDependentArtifacts>true</SetLDLibraryPathFromDependentArtifacts>
+      <ProjectGUID>eadcc9ab-72b3-4b51-a838-593e5d80ddf7</ProjectGUID>
+      <VirtualFolders />
+      <ConfigurationNameCase>Upper</ConfigurationNameCase>
+      <DefaultHeaderDiscoveryMode>HeaderDirectoryAndSubdirectories</DefaultHeaderDiscoveryMode>
+      <EnableFastUpToDateCheck>true</EnableFastUpToDateCheck>
+      <ESPIDFExtension>
+        <IDFCheckout>
+          <Version>v4.4.1</Version>
+          <Subdirectory>esp-idf/v4.4.1</Subdirectory>
+          <Type>ESPIDF</Type>
+        </IDFCheckout>
+        <COMPort>COM20</COMPort>
+        <SuppressTestPrerequisiteChecks>false</SuppressTestPrerequisiteChecks>
+        <UseCCache>false</UseCCache>
+        <DeviceID>ESP32</DeviceID>
+      </ESPIDFExtension>
+    </ProjectModeSettings>
+  </Build>
+  <CustomBuild>
+    <PreSyncActions />
+    <PreBuildActions />
+    <PostBuildActions />
+    <PreCleanActions />
+    <PostCleanActions />
+  </CustomBuild>
+  <CustomDebug>
+    <PreDebugActions />
+    <PostDebugActions />
+    <DebugStopActions />
+    <BreakMode>Default</BreakMode>
+  </CustomDebug>
+  <DeviceTerminalSettings>
+    <Connection xsi:type="com.sysprogs.terminal.connection.serial">
+      <ComPortName>COM20</ComPortName>
+      <AdvancedSettings>
+        <BaudRate>115200</BaudRate>
+        <DataBits>8</DataBits>
+        <Parity>None</Parity>
+        <StopBits>One</StopBits>
+        <FlowControl>None</FlowControl>
+      </AdvancedSettings>
+    </Connection>
+    <LastConnectionTime>0</LastConnectionTime>
+    <EchoTypedCharacters>false</EchoTypedCharacters>
+    <ClearContentsWhenReconnecting>true</ClearContentsWhenReconnecting>
+    <ReconnectAutomatically>false</ReconnectAutomatically>
+    <DisplayMode>ASCII</DisplayMode>
+    <Colors>
+      <Background>
+        <Alpha>255</Alpha>
+        <Red>0</Red>
+        <Green>0</Green>
+        <Blue>0</Blue>
+      </Background>
+      <Disconnected>
+        <Alpha>255</Alpha>
+        <Red>169</Red>
+        <Green>169</Green>
+        <Blue>169</Blue>
+      </Disconnected>
+      <Text>
+        <Alpha>255</Alpha>
+        <Red>211</Red>
+        <Green>211</Green>
+        <Blue>211</Blue>
+      </Text>
+      <Echo>
+        <Alpha>255</Alpha>
+        <Red>144</Red>
+        <Green>238</Green>
+        <Blue>144</Blue>
+      </Echo>
+      <Inactive>
+        <Alpha>255</Alpha>
+        <Red>169</Red>
+        <Green>169</Green>
+        <Blue>169</Blue>
+      </Inactive>
+    </Colors>
+    <HexSettings>
+      <MaximumBytesPerLine>16</MaximumBytesPerLine>
+      <ShowTextView>true</ShowTextView>
+      <BreaksAroundEcho>true</BreaksAroundEcho>
+      <AutoSend>true</AutoSend>
+      <SendAsHex>true</SendAsHex>
+      <TimeoutForAutoBreak>0</TimeoutForAutoBreak>
+    </HexSettings>
+    <LineEnding>LF</LineEnding>
+    <TreatLFAsCRLF>false</TreatLFAsCRLF>
+    <KeepOpenAfterExit>false</KeepOpenAfterExit>
+    <ShowAfterProgramming>false</ShowAfterProgramming>
+  </DeviceTerminalSettings>
+  <CustomShortcuts>
+    <Shortcuts />
+    <ShowMessageAfterExecuting>true</ShowMessageAfterExecuting>
+  </CustomShortcuts>
+  <UserDefinedVariables />
+  <ImportedPropertySheets />
+  <CodeSense>
+    <Enabled>Unknown</Enabled>
+    <ExtraSettings>
+      <HideErrorsInSystemHeaders>true</HideErrorsInSystemHeaders>
+      <SupportLightweightReferenceAnalysis>true</SupportLightweightReferenceAnalysis>
+      <CheckForClangFormatFiles>true</CheckForClangFormatFiles>
+      <FormattingEngine xsi:nil="true" />
+    </ExtraSettings>
+    <CodeAnalyzerSettings>
+      <Enabled>false</Enabled>
+    </CodeAnalyzerSettings>
+  </CodeSense>
+  <Configurations>
+    <VisualGDBConfiguration>
+      <Name>Debug</Name>
+      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+    </VisualGDBConfiguration>
+    <VisualGDBConfiguration>
+      <Name>Release</Name>
+      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+    </VisualGDBConfiguration>
+  </Configurations>
+  <ProgramArgumentsSuggestions />
+  <Debug xsi:type="com.visualgdb.debug.embedded">
+    <AdditionalStartupCommands />
+    <AdditionalGDBSettings>
+      <Features>
+        <DisableAutoDetection>false</DisableAutoDetection>
+        <UseFrameParameter>false</UseFrameParameter>
+        <SimpleValuesFlagSupported>false</SimpleValuesFlagSupported>
+        <ListLocalsSupported>false</ListLocalsSupported>
+        <ByteLevelMemoryCommandsAvailable>false</ByteLevelMemoryCommandsAvailable>
+        <ThreadInfoSupported>false</ThreadInfoSupported>
+        <PendingBreakpointsSupported>false</PendingBreakpointsSupported>
+        <SupportTargetCommand>false</SupportTargetCommand>
+        <ReliableBreakpointNotifications>false</ReliableBreakpointNotifications>
+      </Features>
+      <EnableSmartStepping>false</EnableSmartStepping>
+      <FilterSpuriousStoppedNotifications>false</FilterSpuriousStoppedNotifications>
+      <ForceSingleThreadedMode>false</ForceSingleThreadedMode>
+      <UseAppleExtensions>false</UseAppleExtensions>
+      <CanAcceptCommandsWhileRunning>false</CanAcceptCommandsWhileRunning>
+      <MakeLogFile>false</MakeLogFile>
+      <IgnoreModuleEventsWhileStepping>true</IgnoreModuleEventsWhileStepping>
+      <UseRelativePathsOnly>false</UseRelativePathsOnly>
+      <ExitAction>None</ExitAction>
+      <DisableDisassembly>false</DisableDisassembly>
+      <ExamineMemoryWithXCommand>false</ExamineMemoryWithXCommand>
+      <StepIntoNewInstanceEntry>app_main</StepIntoNewInstanceEntry>
+      <ExamineRegistersInRawFormat>true</ExamineRegistersInRawFormat>
+      <DisableSignals>false</DisableSignals>
+      <EnableAsyncExecutionMode>false</EnableAsyncExecutionMode>
+      <AsyncModeSupportsBreakpoints>true</AsyncModeSupportsBreakpoints>
+      <TemporaryBreakConsolidationTimeout>0</TemporaryBreakConsolidationTimeout>
+      <EnableNonStopMode>false</EnableNonStopMode>
+      <MaxBreakpointLimit>0</MaxBreakpointLimit>
+      <EnableVerboseMode>true</EnableVerboseMode>
+      <EnablePrettyPrinters>false</EnablePrettyPrinters>
+    </AdditionalGDBSettings>
+    <DebugMethod>
+      <ID>openocd</ID>
+      <Configuration xsi:type="com.visualgdb.edp.openocd.settings.esp32">
+        <CommandLine>-f interface/tigard.cfg -c "adapter_khz 13000" -f target/esp32.cfg</CommandLine>
+        <ExtraParameters>
+          <Frequency xsi:nil="true" />
+          <BoostedFrequency xsi:nil="true" />
+          <ConnectUnderReset>false</ConnectUnderReset>
+        </ExtraParameters>
+        <LoadProgressGUIThreshold>131072</LoadProgressGUIThreshold>
+        <ProgramMode>Enabled</ProgramMode>
+        <StartupCommands>
+          <string>set remotetimeout 60</string>
+          <string>target remote :$$SYS:GDB_PORT$$</string>
+          <string>mon gdb_breakpoint_override hard</string>
+          <string>mon reset halt</string>
+          <string>load</string>
+        </StartupCommands>
+        <ProgramFLASHUsingExternalTool>false</ProgramFLASHUsingExternalTool>
+        <PreferredGDBPort>0</PreferredGDBPort>
+        <PreferredTelnetPort>0</PreferredTelnetPort>
+        <AlwaysPassSerialNumber>false</AlwaysPassSerialNumber>
+        <SelectedCoreIndex xsi:nil="true" />
+        <LiveMemoryTimeout>5000</LiveMemoryTimeout>
+        <SuggestionLogicRevision>1</SuggestionLogicRevision>
+        <CheckFLASHSize>true</CheckFLASHSize>
+        <FLASHSettings>
+          <Size>size2MB</Size>
+          <Frequency>freq40M</Frequency>
+          <Mode>DIO</Mode>
+        </FLASHSettings>
+        <PatchBootloader>true</PatchBootloader>
+      </Configuration>
+    </DebugMethod>
+    <AutoDetectRTOS>true</AutoDetectRTOS>
+    <SemihostingSupport>Auto</SemihostingSupport>
+    <SemihostingPollingDelay>0</SemihostingPollingDelay>
+    <StepIntoEntryPoint>false</StepIntoEntryPoint>
+    <ReloadFirmwareOnReset>false</ReloadFirmwareOnReset>
+    <ValidateEndOfStackAddress>true</ValidateEndOfStackAddress>
+    <StopAtEntryPoint>false</StopAtEntryPoint>
+    <EnableVirtualHalts>false</EnableVirtualHalts>
+    <DynamicAnalysisSettings />
+    <EndOfStackSymbol>_estack</EndOfStackSymbol>
+    <TimestampProviderTicksPerSecond>0</TimestampProviderTicksPerSecond>
+    <KeepConsoleAfterExit>false</KeepConsoleAfterExit>
+    <UnusedStackFillPattern xsi:nil="true" />
+    <CheckInterfaceDrivers>true</CheckInterfaceDrivers>
+  </Debug>
+</VisualGDBProjectSettings2>

IDE/Espressif/ESP-IDF/examples/wolfssl_test/VisualGDB/VisualGDB_wolfssl_test.sln

@@ -0,0 +1,44 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 16
+VisualStudioVersion = 16.0.32802.440
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{803FD0C6-D64E-4E16-9DC3-1DAEC859A3D2}") = "VisualGDB_wolfssl_test", "VisualGDB_wolfssl_test.vgdbproj", "{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}"
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{35EEC1E7-13AB-4C74-BFCE-22142A10E1C1}"
+	ProjectSection(SolutionItems) = preProject
+		..\..\..\compileAllExamples.sh = ..\..\..\compileAllExamples.sh
+		README.md = README.md
+		sdkconfig = sdkconfig
+		sdkconfig.defaults = sdkconfig.defaults
+		build\config\sdkconfig.h = build\config\sdkconfig.h
+		..\..\..\..\..\wolfcrypt\test\test.c = ..\..\..\..\..\wolfcrypt\test\test.c
+		..\..\..\..\..\wolfcrypt\test\test.h = ..\..\..\..\..\wolfcrypt\test\test.h
+		..\..\..\..\..\include\user_settings.h = ..\..\..\..\..\include\user_settings.h
+		..\..\..\..\..\..\include\user_settings.h = ..\..\..\..\..\..\include\user_settings.h
+	EndProjectSection
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|VisualGDB = Debug|VisualGDB
+		Release|VisualGDB = Release|VisualGDB
+		Tests (Debug)|VisualGDB = Tests (Debug)|VisualGDB
+		Tests (Release)|VisualGDB = Tests (Release)|VisualGDB
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Debug|VisualGDB.ActiveCfg = Debug|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Debug|VisualGDB.Build.0 = Debug|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Release|VisualGDB.ActiveCfg = Release|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Release|VisualGDB.Build.0 = Release|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Debug)|VisualGDB.ActiveCfg = Tests (Debug)|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Debug)|VisualGDB.Build.0 = Tests (Debug)|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Release)|VisualGDB.ActiveCfg = Tests (Release)|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Release)|VisualGDB.Build.0 = Tests (Release)|VisualGDB
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {A0AC9105-F2CF-44E7-8032-3CD9E77EC9F6}
+	EndGlobalSection
+EndGlobal

IDE/Espressif/ESP-IDF/examples/wolfssl_test/VisualGDB/VisualGDB_wolfssl_test.vgdbproj

@@ -0,0 +1,269 @@
+<?xml version="1.0"?>
+<VisualGDBProjectSettings2 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+  <Project xsi:type="com.visualgdb.project.external.esp-idf">
+    <CustomSourceDirectories>
+      <Directories />
+      <PathStyle>Unknown</PathStyle>
+    </CustomSourceDirectories>
+    <AutoProgramSPIFFSPartition>true</AutoProgramSPIFFSPartition>
+    <ProjectModeSettings>
+      <ProjectGUID>35e5525f-318a-466e-a8c7-36548547d801</ProjectGUID>
+      <GroupSourcesByTypes>true</GroupSourcesByTypes>
+      <GroupSourcesByPaths>true</GroupSourcesByPaths>
+      <HeaderScanMode>SourceDirs</HeaderScanMode>
+    </ProjectModeSettings>
+  </Project>
+  <Build xsi:type="com.visualgdb.build.cmake">
+    <BuildLogMode xsi:nil="true" />
+    <ToolchainID>
+      <ID>com.visualgdb.xtensa-esp32-elf</ID>
+      <Version>
+        <GCC>11.2.0</GCC>
+        <GDB>9.2.90</GDB>
+        <Revision>2</Revision>
+      </Version>
+    </ToolchainID>
+    <RelativeSourceDirectory>..</RelativeSourceDirectory>
+    <ConfigurationType>DEBUG</ConfigurationType>
+    <BinaryDirectory>build/$(PlatformName)/$(ConfigurationName)</BinaryDirectory>
+    <MakeCommandTemplate>
+      <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+      <Command>$(ToolchainNinja)</Command>
+      <WorkingDirectory>$(BuildDir)</WorkingDirectory>
+      <BackgroundMode xsi:nil="true" />
+    </MakeCommandTemplate>
+    <CMakeCommand>
+      <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+      <Command>$(SYSPROGS_CMAKE_PATH)</Command>
+      <BackgroundMode xsi:nil="true" />
+    </CMakeCommand>
+    <UpdateSourcesInCMakeFile>true</UpdateSourcesInCMakeFile>
+    <ExportCompileCommands>false</ExportCompileCommands>
+    <DisableToolchainFile>false</DisableToolchainFile>
+    <CMakeMakefileType>Ninja</CMakeMakefileType>
+    <DeployAsRoot>false</DeployAsRoot>
+    <CMakeCleanMode>RemoveBuildDirectory</CMakeCleanMode>
+    <UseCCache>false</UseCCache>
+    <ProjectModeSettings>
+      <ProjectItemSettings>
+        <GroupSourcesByTypes>true</GroupSourcesByTypes>
+        <GroupSourcesByPaths>true</GroupSourcesByPaths>
+        <GroupTargetsByPaths>true</GroupTargetsByPaths>
+        <FollowCMakeSourceGroups>false</FollowCMakeSourceGroups>
+        <AutoRefreshProject>true</AutoRefreshProject>
+        <AlwaysConsiderOutdated>false</AlwaysConsiderOutdated>
+        <SortTargetsByName>true</SortTargetsByName>
+        <RedundantTargetMode>HideOuterProjectTargets</RedundantTargetMode>
+        <SortSourcesByName>true</SortSourcesByName>
+        <BuildAllTargetsInSubdir>false</BuildAllTargetsInSubdir>
+        <FoldSingleItemPathLevels>true</FoldSingleItemPathLevels>
+      </ProjectItemSettings>
+      <TargetSpecificSettings />
+      <SetLDLibraryPathFromDependentArtifacts>true</SetLDLibraryPathFromDependentArtifacts>
+      <ProjectGUID>eadcc9ab-72b3-4b51-a838-593e5d80ddf7</ProjectGUID>
+      <VirtualFolders />
+      <ConfigurationNameCase>Upper</ConfigurationNameCase>
+      <DefaultHeaderDiscoveryMode>HeaderDirectoryAndSubdirectories</DefaultHeaderDiscoveryMode>
+      <EnableFastUpToDateCheck>true</EnableFastUpToDateCheck>
+      <ESPIDFExtension>
+        <IDFCheckout>
+          <Version>release/v5.0</Version>
+          <Subdirectory>esp-idf/v5.0</Subdirectory>
+          <Type>ESPIDF</Type>
+        </IDFCheckout>
+        <COMPort>COM20</COMPort>
+        <SuppressTestPrerequisiteChecks>false</SuppressTestPrerequisiteChecks>
+        <UseCCache>false</UseCCache>
+        <DeviceID>ESP32</DeviceID>
+      </ESPIDFExtension>
+    </ProjectModeSettings>
+  </Build>
+  <CustomBuild>
+    <PreSyncActions />
+    <PreBuildActions />
+    <PostBuildActions />
+    <PreCleanActions />
+    <PostCleanActions />
+  </CustomBuild>
+  <CustomDebug>
+    <PreDebugActions />
+    <PostDebugActions />
+    <DebugStopActions />
+    <BreakMode>Default</BreakMode>
+  </CustomDebug>
+  <DeviceTerminalSettings>
+    <Connection xsi:type="com.sysprogs.terminal.connection.serial">
+      <ComPortName>COM20</ComPortName>
+      <AdvancedSettings>
+        <BaudRate>115200</BaudRate>
+        <DataBits>8</DataBits>
+        <Parity>None</Parity>
+        <StopBits>One</StopBits>
+        <FlowControl>None</FlowControl>
+      </AdvancedSettings>
+    </Connection>
+    <LastConnectionTime>0</LastConnectionTime>
+    <EchoTypedCharacters>false</EchoTypedCharacters>
+    <ClearContentsWhenReconnecting>false</ClearContentsWhenReconnecting>
+    <ReconnectAutomatically>false</ReconnectAutomatically>
+    <DisplayMode>ASCII</DisplayMode>
+    <Colors>
+      <Background>
+        <Alpha>255</Alpha>
+        <Red>0</Red>
+        <Green>0</Green>
+        <Blue>0</Blue>
+      </Background>
+      <Disconnected>
+        <Alpha>255</Alpha>
+        <Red>169</Red>
+        <Green>169</Green>
+        <Blue>169</Blue>
+      </Disconnected>
+      <Text>
+        <Alpha>255</Alpha>
+        <Red>211</Red>
+        <Green>211</Green>
+        <Blue>211</Blue>
+      </Text>
+      <Echo>
+        <Alpha>255</Alpha>
+        <Red>144</Red>
+        <Green>238</Green>
+        <Blue>144</Blue>
+      </Echo>
+      <Inactive>
+        <Alpha>255</Alpha>
+        <Red>169</Red>
+        <Green>169</Green>
+        <Blue>169</Blue>
+      </Inactive>
+    </Colors>
+    <HexSettings>
+      <MaximumBytesPerLine>16</MaximumBytesPerLine>
+      <ShowTextView>true</ShowTextView>
+      <BreaksAroundEcho>true</BreaksAroundEcho>
+      <AutoSend>true</AutoSend>
+      <SendAsHex>true</SendAsHex>
+      <TimeoutForAutoBreak>0</TimeoutForAutoBreak>
+    </HexSettings>
+    <LineEnding>LF</LineEnding>
+    <TreatLFAsCRLF>false</TreatLFAsCRLF>
+    <KeepOpenAfterExit>false</KeepOpenAfterExit>
+    <ShowAfterProgramming>false</ShowAfterProgramming>
+  </DeviceTerminalSettings>
+  <CustomShortcuts>
+    <Shortcuts />
+    <ShowMessageAfterExecuting>true</ShowMessageAfterExecuting>
+  </CustomShortcuts>
+  <UserDefinedVariables />
+  <ImportedPropertySheets />
+  <CodeSense>
+    <Enabled>Unknown</Enabled>
+    <ExtraSettings>
+      <HideErrorsInSystemHeaders>true</HideErrorsInSystemHeaders>
+      <SupportLightweightReferenceAnalysis>true</SupportLightweightReferenceAnalysis>
+      <CheckForClangFormatFiles>true</CheckForClangFormatFiles>
+      <FormattingEngine xsi:nil="true" />
+    </ExtraSettings>
+    <CodeAnalyzerSettings>
+      <Enabled>false</Enabled>
+    </CodeAnalyzerSettings>
+  </CodeSense>
+  <Configurations>
+    <VisualGDBConfiguration>
+      <Name>Debug</Name>
+      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+    </VisualGDBConfiguration>
+    <VisualGDBConfiguration>
+      <Name>Release</Name>
+      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+    </VisualGDBConfiguration>
+  </Configurations>
+  <ProgramArgumentsSuggestions />
+  <Debug xsi:type="com.visualgdb.debug.embedded">
+    <AdditionalStartupCommands />
+    <AdditionalGDBSettings>
+      <Features>
+        <DisableAutoDetection>false</DisableAutoDetection>
+        <UseFrameParameter>false</UseFrameParameter>
+        <SimpleValuesFlagSupported>false</SimpleValuesFlagSupported>
+        <ListLocalsSupported>false</ListLocalsSupported>
+        <ByteLevelMemoryCommandsAvailable>false</ByteLevelMemoryCommandsAvailable>
+        <ThreadInfoSupported>false</ThreadInfoSupported>
+        <PendingBreakpointsSupported>false</PendingBreakpointsSupported>
+        <SupportTargetCommand>false</SupportTargetCommand>
+        <ReliableBreakpointNotifications>false</ReliableBreakpointNotifications>
+      </Features>
+      <EnableSmartStepping>false</EnableSmartStepping>
+      <FilterSpuriousStoppedNotifications>false</FilterSpuriousStoppedNotifications>
+      <ForceSingleThreadedMode>false</ForceSingleThreadedMode>
+      <UseAppleExtensions>false</UseAppleExtensions>
+      <CanAcceptCommandsWhileRunning>false</CanAcceptCommandsWhileRunning>
+      <MakeLogFile>false</MakeLogFile>
+      <IgnoreModuleEventsWhileStepping>true</IgnoreModuleEventsWhileStepping>
+      <UseRelativePathsOnly>false</UseRelativePathsOnly>
+      <ExitAction>None</ExitAction>
+      <DisableDisassembly>false</DisableDisassembly>
+      <ExamineMemoryWithXCommand>false</ExamineMemoryWithXCommand>
+      <StepIntoNewInstanceEntry>app_main</StepIntoNewInstanceEntry>
+      <ExamineRegistersInRawFormat>true</ExamineRegistersInRawFormat>
+      <DisableSignals>false</DisableSignals>
+      <EnableAsyncExecutionMode>false</EnableAsyncExecutionMode>
+      <AsyncModeSupportsBreakpoints>true</AsyncModeSupportsBreakpoints>
+      <TemporaryBreakConsolidationTimeout>0</TemporaryBreakConsolidationTimeout>
+      <EnableNonStopMode>false</EnableNonStopMode>
+      <MaxBreakpointLimit>0</MaxBreakpointLimit>
+      <EnableVerboseMode>true</EnableVerboseMode>
+      <EnablePrettyPrinters>false</EnablePrettyPrinters>
+    </AdditionalGDBSettings>
+    <DebugMethod>
+      <ID>openocd</ID>
+      <Configuration xsi:type="com.visualgdb.edp.openocd.settings.esp32">
+        <CommandLine>-f interface/tigard.cfg -c "adapter_khz 3000" -f target/esp32.cfg</CommandLine>
+        <ExtraParameters>
+          <Frequency xsi:nil="true" />
+          <BoostedFrequency xsi:nil="true" />
+          <ConnectUnderReset>false</ConnectUnderReset>
+        </ExtraParameters>
+        <LoadProgressGUIThreshold>131072</LoadProgressGUIThreshold>
+        <ProgramMode>Enabled</ProgramMode>
+        <StartupCommands>
+          <string>set remotetimeout 60</string>
+          <string>target remote :$$SYS:GDB_PORT$$</string>
+          <string>mon gdb_breakpoint_override hard</string>
+          <string>mon reset halt</string>
+          <string>load</string>
+        </StartupCommands>
+        <ProgramFLASHUsingExternalTool>false</ProgramFLASHUsingExternalTool>
+        <PreferredGDBPort>0</PreferredGDBPort>
+        <PreferredTelnetPort>0</PreferredTelnetPort>
+        <AlwaysPassSerialNumber>false</AlwaysPassSerialNumber>
+        <SelectedCoreIndex xsi:nil="true" />
+        <LiveMemoryTimeout>5000</LiveMemoryTimeout>
+        <SuggestionLogicRevision>1</SuggestionLogicRevision>
+        <CheckFLASHSize>true</CheckFLASHSize>
+        <FLASHSettings>
+          <Size>size2MB</Size>
+          <Frequency>freq40M</Frequency>
+          <Mode>DIO</Mode>
+        </FLASHSettings>
+        <PatchBootloader>true</PatchBootloader>
+      </Configuration>
+    </DebugMethod>
+    <AutoDetectRTOS>true</AutoDetectRTOS>
+    <SemihostingSupport>Auto</SemihostingSupport>
+    <SemihostingPollingDelay>0</SemihostingPollingDelay>
+    <StepIntoEntryPoint>false</StepIntoEntryPoint>
+    <ReloadFirmwareOnReset>false</ReloadFirmwareOnReset>
+    <ValidateEndOfStackAddress>true</ValidateEndOfStackAddress>
+    <StopAtEntryPoint>false</StopAtEntryPoint>
+    <EnableVirtualHalts>false</EnableVirtualHalts>
+    <DynamicAnalysisSettings />
+    <EndOfStackSymbol>_estack</EndOfStackSymbol>
+    <TimestampProviderTicksPerSecond>0</TimestampProviderTicksPerSecond>
+    <KeepConsoleAfterExit>false</KeepConsoleAfterExit>
+    <UnusedStackFillPattern xsi:nil="true" />
+    <CheckInterfaceDrivers>true</CheckInterfaceDrivers>
+  </Debug>
+</VisualGDBProjectSettings2>

IDE/Espressif/ESP-IDF/examples/wolfssl_test/VisualGDB/VisualGDB_wolfssl_test_IDF_v5_ESP32S3.sln

@@ -0,0 +1,31 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 16
+VisualStudioVersion = 16.0.33027.164
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{803FD0C6-D64E-4E16-9DC3-1DAEC859A3D2}") = "VisualGDB_wolfssl_test_IDF_v5_ESP32S3", "VisualGDB_wolfssl_test_IDF_v5_ESP32S3.vgdbproj", "{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|VisualGDB = Debug|VisualGDB
+		Release|VisualGDB = Release|VisualGDB
+		Tests (Debug)|VisualGDB = Tests (Debug)|VisualGDB
+		Tests (Release)|VisualGDB = Tests (Release)|VisualGDB
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Debug|VisualGDB.ActiveCfg = Debug|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Debug|VisualGDB.Build.0 = Debug|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Release|VisualGDB.ActiveCfg = Release|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Release|VisualGDB.Build.0 = Release|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Debug)|VisualGDB.ActiveCfg = Tests (Debug)|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Debug)|VisualGDB.Build.0 = Tests (Debug)|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Release)|VisualGDB.ActiveCfg = Tests (Release)|VisualGDB
+		{EADCC9AB-72B3-4B51-A838-593E5D80DDF7}.Tests (Release)|VisualGDB.Build.0 = Tests (Release)|VisualGDB
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {7F8E1DC0-55AD-4DF8-B65A-CD65B60E17F9}
+	EndGlobalSection
+EndGlobal

IDE/Espressif/ESP-IDF/examples/wolfssl_test/VisualGDB/VisualGDB_wolfssl_test_IDF_v5_ESP32S3.vgdbproj

@@ -0,0 +1,269 @@
+<?xml version="1.0"?>
+<VisualGDBProjectSettings2 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+  <Project xsi:type="com.visualgdb.project.external.esp-idf">
+    <CustomSourceDirectories>
+      <Directories />
+      <PathStyle>Unknown</PathStyle>
+    </CustomSourceDirectories>
+    <AutoProgramSPIFFSPartition>true</AutoProgramSPIFFSPartition>
+    <ProjectModeSettings>
+      <ProjectGUID>35e5525f-318a-466e-a8c7-36548547d801</ProjectGUID>
+      <GroupSourcesByTypes>true</GroupSourcesByTypes>
+      <GroupSourcesByPaths>true</GroupSourcesByPaths>
+      <HeaderScanMode>SourceDirs</HeaderScanMode>
+    </ProjectModeSettings>
+  </Project>
+  <Build xsi:type="com.visualgdb.build.cmake">
+    <BuildLogMode xsi:nil="true" />
+    <ToolchainID>
+      <ID>com.visualgdb.xtensa-esp32-elf</ID>
+      <Version>
+        <GCC>11.2.0</GCC>
+        <GDB>9.2.90</GDB>
+        <Revision>2</Revision>
+      </Version>
+    </ToolchainID>
+    <RelativeSourceDirectory>..</RelativeSourceDirectory>
+    <ConfigurationType>DEBUG</ConfigurationType>
+    <BinaryDirectory>build/$(PlatformName)/$(ConfigurationName)</BinaryDirectory>
+    <MakeCommandTemplate>
+      <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+      <Command>$(ToolchainNinja)</Command>
+      <WorkingDirectory>$(BuildDir)</WorkingDirectory>
+      <BackgroundMode xsi:nil="true" />
+    </MakeCommandTemplate>
+    <CMakeCommand>
+      <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+      <Command>$(SYSPROGS_CMAKE_PATH)</Command>
+      <BackgroundMode xsi:nil="true" />
+    </CMakeCommand>
+    <UpdateSourcesInCMakeFile>true</UpdateSourcesInCMakeFile>
+    <ExportCompileCommands>false</ExportCompileCommands>
+    <DisableToolchainFile>false</DisableToolchainFile>
+    <CMakeMakefileType>Ninja</CMakeMakefileType>
+    <DeployAsRoot>false</DeployAsRoot>
+    <CMakeCleanMode>RemoveBuildDirectory</CMakeCleanMode>
+    <UseCCache>false</UseCCache>
+    <ProjectModeSettings>
+      <ProjectItemSettings>
+        <GroupSourcesByTypes>true</GroupSourcesByTypes>
+        <GroupSourcesByPaths>true</GroupSourcesByPaths>
+        <GroupTargetsByPaths>true</GroupTargetsByPaths>
+        <FollowCMakeSourceGroups>false</FollowCMakeSourceGroups>
+        <AutoRefreshProject>true</AutoRefreshProject>
+        <AlwaysConsiderOutdated>false</AlwaysConsiderOutdated>
+        <SortTargetsByName>true</SortTargetsByName>
+        <RedundantTargetMode>HideOuterProjectTargets</RedundantTargetMode>
+        <SortSourcesByName>true</SortSourcesByName>
+        <BuildAllTargetsInSubdir>false</BuildAllTargetsInSubdir>
+        <FoldSingleItemPathLevels>true</FoldSingleItemPathLevels>
+      </ProjectItemSettings>
+      <TargetSpecificSettings />
+      <SetLDLibraryPathFromDependentArtifacts>true</SetLDLibraryPathFromDependentArtifacts>
+      <ProjectGUID>eadcc9ab-72b3-4b51-a838-593e5d80ddf7</ProjectGUID>
+      <VirtualFolders />
+      <ConfigurationNameCase>Upper</ConfigurationNameCase>
+      <DefaultHeaderDiscoveryMode>HeaderDirectoryAndSubdirectories</DefaultHeaderDiscoveryMode>
+      <EnableFastUpToDateCheck>true</EnableFastUpToDateCheck>
+      <ESPIDFExtension>
+        <IDFCheckout>
+          <Version>release/v5.0</Version>
+          <Subdirectory>esp-idf/v5.0</Subdirectory>
+          <Type>ESPIDF</Type>
+        </IDFCheckout>
+        <COMPort>COM20</COMPort>
+        <SuppressTestPrerequisiteChecks>false</SuppressTestPrerequisiteChecks>
+        <UseCCache>false</UseCCache>
+        <DeviceID>ESP32</DeviceID>
+      </ESPIDFExtension>
+    </ProjectModeSettings>
+  </Build>
+  <CustomBuild>
+    <PreSyncActions />
+    <PreBuildActions />
+    <PostBuildActions />
+    <PreCleanActions />
+    <PostCleanActions />
+  </CustomBuild>
+  <CustomDebug>
+    <PreDebugActions />
+    <PostDebugActions />
+    <DebugStopActions />
+    <BreakMode>Default</BreakMode>
+  </CustomDebug>
+  <DeviceTerminalSettings>
+    <Connection xsi:type="com.sysprogs.terminal.connection.serial">
+      <ComPortName>COM20</ComPortName>
+      <AdvancedSettings>
+        <BaudRate>115200</BaudRate>
+        <DataBits>8</DataBits>
+        <Parity>None</Parity>
+        <StopBits>One</StopBits>
+        <FlowControl>None</FlowControl>
+      </AdvancedSettings>
+    </Connection>
+    <LastConnectionTime>0</LastConnectionTime>
+    <EchoTypedCharacters>false</EchoTypedCharacters>
+    <ClearContentsWhenReconnecting>false</ClearContentsWhenReconnecting>
+    <ReconnectAutomatically>false</ReconnectAutomatically>
+    <DisplayMode>ASCII</DisplayMode>
+    <Colors>
+      <Background>
+        <Alpha>255</Alpha>
+        <Red>0</Red>
+        <Green>0</Green>
+        <Blue>0</Blue>
+      </Background>
+      <Disconnected>
+        <Alpha>255</Alpha>
+        <Red>169</Red>
+        <Green>169</Green>
+        <Blue>169</Blue>
+      </Disconnected>
+      <Text>
+        <Alpha>255</Alpha>
+        <Red>211</Red>
+        <Green>211</Green>
+        <Blue>211</Blue>
+      </Text>
+      <Echo>
+        <Alpha>255</Alpha>
+        <Red>144</Red>
+        <Green>238</Green>
+        <Blue>144</Blue>
+      </Echo>
+      <Inactive>
+        <Alpha>255</Alpha>
+        <Red>169</Red>
+        <Green>169</Green>
+        <Blue>169</Blue>
+      </Inactive>
+    </Colors>
+    <HexSettings>
+      <MaximumBytesPerLine>16</MaximumBytesPerLine>
+      <ShowTextView>true</ShowTextView>
+      <BreaksAroundEcho>true</BreaksAroundEcho>
+      <AutoSend>true</AutoSend>
+      <SendAsHex>true</SendAsHex>
+      <TimeoutForAutoBreak>0</TimeoutForAutoBreak>
+    </HexSettings>
+    <LineEnding>LF</LineEnding>
+    <TreatLFAsCRLF>false</TreatLFAsCRLF>
+    <KeepOpenAfterExit>false</KeepOpenAfterExit>
+    <ShowAfterProgramming>false</ShowAfterProgramming>
+  </DeviceTerminalSettings>
+  <CustomShortcuts>
+    <Shortcuts />
+    <ShowMessageAfterExecuting>true</ShowMessageAfterExecuting>
+  </CustomShortcuts>
+  <UserDefinedVariables />
+  <ImportedPropertySheets />
+  <CodeSense>
+    <Enabled>Unknown</Enabled>
+    <ExtraSettings>
+      <HideErrorsInSystemHeaders>true</HideErrorsInSystemHeaders>
+      <SupportLightweightReferenceAnalysis>true</SupportLightweightReferenceAnalysis>
+      <CheckForClangFormatFiles>true</CheckForClangFormatFiles>
+      <FormattingEngine xsi:nil="true" />
+    </ExtraSettings>
+    <CodeAnalyzerSettings>
+      <Enabled>false</Enabled>
+    </CodeAnalyzerSettings>
+  </CodeSense>
+  <Configurations>
+    <VisualGDBConfiguration>
+      <Name>Debug</Name>
+      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+    </VisualGDBConfiguration>
+    <VisualGDBConfiguration>
+      <Name>Release</Name>
+      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+    </VisualGDBConfiguration>
+  </Configurations>
+  <ProgramArgumentsSuggestions />
+  <Debug xsi:type="com.visualgdb.debug.embedded">
+    <AdditionalStartupCommands />
+    <AdditionalGDBSettings>
+      <Features>
+        <DisableAutoDetection>false</DisableAutoDetection>
+        <UseFrameParameter>false</UseFrameParameter>
+        <SimpleValuesFlagSupported>false</SimpleValuesFlagSupported>
+        <ListLocalsSupported>false</ListLocalsSupported>
+        <ByteLevelMemoryCommandsAvailable>false</ByteLevelMemoryCommandsAvailable>
+        <ThreadInfoSupported>false</ThreadInfoSupported>
+        <PendingBreakpointsSupported>false</PendingBreakpointsSupported>
+        <SupportTargetCommand>false</SupportTargetCommand>
+        <ReliableBreakpointNotifications>false</ReliableBreakpointNotifications>
+      </Features>
+      <EnableSmartStepping>false</EnableSmartStepping>
+      <FilterSpuriousStoppedNotifications>false</FilterSpuriousStoppedNotifications>
+      <ForceSingleThreadedMode>false</ForceSingleThreadedMode>
+      <UseAppleExtensions>false</UseAppleExtensions>
+      <CanAcceptCommandsWhileRunning>false</CanAcceptCommandsWhileRunning>
+      <MakeLogFile>false</MakeLogFile>
+      <IgnoreModuleEventsWhileStepping>true</IgnoreModuleEventsWhileStepping>
+      <UseRelativePathsOnly>false</UseRelativePathsOnly>
+      <ExitAction>None</ExitAction>
+      <DisableDisassembly>false</DisableDisassembly>
+      <ExamineMemoryWithXCommand>false</ExamineMemoryWithXCommand>
+      <StepIntoNewInstanceEntry>app_main</StepIntoNewInstanceEntry>
+      <ExamineRegistersInRawFormat>true</ExamineRegistersInRawFormat>
+      <DisableSignals>false</DisableSignals>
+      <EnableAsyncExecutionMode>false</EnableAsyncExecutionMode>
+      <AsyncModeSupportsBreakpoints>true</AsyncModeSupportsBreakpoints>
+      <TemporaryBreakConsolidationTimeout>0</TemporaryBreakConsolidationTimeout>
+      <EnableNonStopMode>false</EnableNonStopMode>
+      <MaxBreakpointLimit>0</MaxBreakpointLimit>
+      <EnableVerboseMode>true</EnableVerboseMode>
+      <EnablePrettyPrinters>false</EnablePrettyPrinters>
+    </AdditionalGDBSettings>
+    <DebugMethod>
+      <ID>openocd</ID>
+      <Configuration xsi:type="com.visualgdb.edp.openocd.settings.esp32">
+        <CommandLine>-f interface/tigard.cfg -c "adapter_khz 3000" -f target/esp32s3.cfg</CommandLine>
+        <ExtraParameters>
+          <Frequency xsi:nil="true" />
+          <BoostedFrequency xsi:nil="true" />
+          <ConnectUnderReset>false</ConnectUnderReset>
+        </ExtraParameters>
+        <LoadProgressGUIThreshold>131072</LoadProgressGUIThreshold>
+        <ProgramMode>Enabled</ProgramMode>
+        <StartupCommands>
+          <string>set remotetimeout 60</string>
+          <string>target remote :$$SYS:GDB_PORT$$</string>
+          <string>mon gdb_breakpoint_override hard</string>
+          <string>mon reset halt</string>
+          <string>load</string>
+        </StartupCommands>
+        <ProgramFLASHUsingExternalTool>false</ProgramFLASHUsingExternalTool>
+        <PreferredGDBPort>0</PreferredGDBPort>
+        <PreferredTelnetPort>0</PreferredTelnetPort>
+        <AlwaysPassSerialNumber>false</AlwaysPassSerialNumber>
+        <SelectedCoreIndex xsi:nil="true" />
+        <LiveMemoryTimeout>5000</LiveMemoryTimeout>
+        <SuggestionLogicRevision>1</SuggestionLogicRevision>
+        <CheckFLASHSize>true</CheckFLASHSize>
+        <FLASHSettings>
+          <Size>size2MB</Size>
+          <Frequency>freq40M</Frequency>
+          <Mode>DIO</Mode>
+        </FLASHSettings>
+        <PatchBootloader>true</PatchBootloader>
+      </Configuration>
+    </DebugMethod>
+    <AutoDetectRTOS>true</AutoDetectRTOS>
+    <SemihostingSupport>Auto</SemihostingSupport>
+    <SemihostingPollingDelay>0</SemihostingPollingDelay>
+    <StepIntoEntryPoint>false</StepIntoEntryPoint>
+    <ReloadFirmwareOnReset>false</ReloadFirmwareOnReset>
+    <ValidateEndOfStackAddress>true</ValidateEndOfStackAddress>
+    <StopAtEntryPoint>false</StopAtEntryPoint>
+    <EnableVirtualHalts>false</EnableVirtualHalts>
+    <DynamicAnalysisSettings />
+    <EndOfStackSymbol>_estack</EndOfStackSymbol>
+    <TimestampProviderTicksPerSecond>0</TimestampProviderTicksPerSecond>
+    <KeepConsoleAfterExit>false</KeepConsoleAfterExit>
+    <UnusedStackFillPattern xsi:nil="true" />
+    <CheckInterfaceDrivers>true</CheckInterfaceDrivers>
+  </Debug>
+</VisualGDBProjectSettings2>

IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/CMakeLists.txt

@@ -0,0 +1,229 @@
+#
+#  Copyright (C) 2006-2023 wolfSSL Inc.
+#
+#  This file is part of wolfSSL.
+#
+#  wolfSSL is free software; you can redistribute it and/or modify
+#  it under the terms of the GNU General Public License as published by
+#  the Free Software Foundation; either version 2 of the License, or
+#  (at your option) any later version.
+#
+#  wolfSSL is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU General Public License for more details.
+#
+#  You should have received a copy of the GNU General Public License
+#  along with this program; if not, write to the Free Software
+#  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+#
+# cmake for wolfssl
+#
+cmake_minimum_required(VERSION 3.5)
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+set(CMAKE_CURRENT_SOURCE_DIR ".")
+
+# We are currently in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
+# The root of wolfSSL is 7 directories up from here:
+get_filename_component(WOLFSSL_ROOT  "../../../../../../../" ABSOLUTE)
+
+# Espressif may take several passes through this makefile. Check to see if we found IDF
+string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
+
+if($WOLFSSL_FOUND_IDF)
+    message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
+    message(STATUS "WOLFSSL_ROOT = ${WOLFSSL_ROOT}")
+    message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
+endif()
+
+# get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
+FILE(GLOB EXCLUDE_ASM *.S)
+file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
+
+if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+    message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
+endif()
+
+set(INCLUDE_PATH ${WOLFSSL_ROOT})
+
+set(COMPONENT_SRCDIRS "${WOLFSSL_ROOT}/src/"
+                        "${WOLFSSL_ROOT}/wolfcrypt/src/"
+                        "${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif/"
+                        "${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel/"
+                        "${WOLFSSL_ROOT}/wolfcrypt/benchmark/"
+                        "${WOLFSSL_ROOT}/wolfcrypt/test/"
+                        )
+
+set(COMPONENT_REQUIRES lwip)
+
+
+# check to see if there's both a local copy and EDP-IDF copy of the wolfssl and/or wolfssh components
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+    #
+    # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
+    #
+    message(STATUS "")
+    message(STATUS "**************************************************************************************")
+    message(STATUS "")
+    message(STATUS "Error: Found components/wolfssl in both local project and IDF_PATH")
+    message(STATUS "")
+    message(STATUS "To proceed: ")
+    message(STATUS "")
+    message(STATUS "Remove either the local project component: ${CMAKE_HOME_DIRECTORY}/components/wolfssl/ ")
+    message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
+    message(STATUS "")
+    message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
+    message(STATUS "")
+    message(STATUS "**************************************************************************************")
+    message(STATUS "")
+
+    # Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+
+else()
+    if( EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+        #
+        # wolfSSL found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
+        #
+        message(STATUS "")
+        message(STATUS "Using components/wolfssl in IDF_PATH = $ENV{IDF_PATH}")
+        message(STATUS "")
+    else()
+        #
+        # wolfSSL is not an ESP-IDF component. We need to now determine if it is local and if so if it is part of the wolfSSL repo
+        # or if  wolfSSL is simply installed as a local component.
+        #
+        if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" )
+            #
+            # wolfSSL found in local project.
+            #
+            if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/include/" )
+                message(STATUS "")
+                message(STATUS "Using installed project ./components/wolfssl in CMAKE_HOME_DIRECTORY = $ENV{CMAKE_HOME_DIRECTORY}")
+                message(STATUS "")
+                #
+                # Note we already checked above and confirmed there's not another wolfSSL installed in the ESP-IDF components.
+                #
+                # We won't do anything else here, as it will be assumed the original install completed successfully.
+                #
+            else()
+                #
+                # This is the developer repo mode. wolfSSL will be assume to be not installed to ESP-IDF nor local project
+                # In this configuration, we are likely running a wolfSSL example found directly in the repo.
+                #
+                message(STATUS "")
+                message(STATUS "Using developer repo ./components/wolfssl in CMAKE_HOME_DIRECTORY = $ENV{CMAKE_HOME_DIRECTORY}")
+                message(STATUS "")
+
+                message(STATUS "************************************************************************************************")
+                # When in developer mode, we are typically running wolfSSL examples such as benchmark or test directories.
+                # However, the as-cloned or distributed wolfSSL does not have the ./include/ directory, so we'll add it as needed.
+                #
+                # first check if there's a [root]/include/user_settings.h
+                if( EXISTS "${WOLFSSL_ROOT}/include/user_settings.h" )
+                    # we won't overwrite an existing user settings file, just note that we already have one:
+                    message(STATUS "Found wolfSSL user_settings.h in ${WOLFSSL_ROOT}/include/user_settings.h")
+                else()
+                    message(STATUS "Installing wolfSSL user_settings.h to ${WOLFSSL_ROOT}/include/user_settings.h")
+                    file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h" DESTINATION "${WOLFSSL_ROOT}/include/")
+                endif() # user_settings.h
+
+                # next check if there's a [root]/include/config.h
+                if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
+                    message(STATUS "Found wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h")
+                else()
+                    message(STATUS "Installing wolfSSL config.h to ${WOLFSSL_ROOT}/include/config.h")
+                    file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/dummy_config_h" DESTINATION "${WOLFSSL_ROOT}/include/")
+                    file(RENAME "${WOLFSSL_ROOT}/include/dummy_config_h" "${WOLFSSL_ROOT}/include/config.h")
+                endif() # config.h
+                message(STATUS "************************************************************************************************")
+                message(STATUS "")
+            endif()
+
+        else()
+            # we did not find a ./components/wolfssl/include/ directory from this pass of cmake.
+            if($WOLFSSL_FOUND_IDF)
+                message(STATUS "")
+                message(STATUS "WARNING: wolfSSL not found.")
+                message(STATUS "")
+            else()
+                # probably needs to be re-parsed by Espressif
+                message(STATUS "wolfSSL found IDF. Project Source:${PROJECT_SOURCE_DIR}")
+            endif() # else we have not found ESP-IDF yet
+        endif() # else not a local wolfSSL component
+
+    endif() #else not an ESP-IDF component
+endif() # else not local copy and EDP-IDF wolfSSL
+
+
+# RTOS_IDF_PATH is typically:
+# "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
+# depending on the environment, we may need to swap backslashes with forward slashes
+string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/include/freertos")
+
+# ESP-IDF after version 4.4x has a different RTOS directory structure
+string(REPLACE "\\" "/" RTOS_IDF_PATH5 "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
+
+if(IS_DIRECTORY ${IDF_PATH}/components/freertos/FreeRTOS-Kernel/)
+    set(COMPONENT_ADD_INCLUDEDIRS
+        "."
+       "${WOLFSSL_ROOT}/include"
+       "${RTOS_IDF_PATH5}"
+       "${WOLFSSL_ROOT}"
+       )
+else()
+
+   set(COMPONENT_ADD_INCLUDEDIRS
+       "."
+       "${WOLFSSL_ROOT}/include"
+       "${RTOS_IDF_PATH}"
+       "${WOLFSSL_ROOT}"
+      )
+endif()
+
+if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
+    list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
+endif()
+
+set(COMPONENT_SRCEXCLUDE
+    "${WOLFSSL_ROOT}/src/bio.c"
+    "${WOLFSSL_ROOT}/src/conf.c"
+    "${WOLFSSL_ROOT}/src/misc.c"
+    "${WOLFSSL_ROOT}/src/pk.c"
+    "${WOLFSSL_ROOT}/src/ssl_misc.c" # included by ssl.c
+    "${WOLFSSL_ROOT}/src/x509.c"
+    "${WOLFSSL_ROOT}/src/x509_str.c"
+    "${WOLFSSL_ROOT}/wolfcrypt/src/evp.c"
+    "${WOLFSSL_ROOT}/wolfcrypt/src/misc.c"
+    "${EXCLUDE_ASM}"
+    )
+
+register_component()
+
+# some optional diagnostics
+if (0)
+    get_cmake_property(_variableNames VARIABLES)
+    list (SORT _variableNames)
+    message(STATUS "")
+    message(STATUS "ALL VARIABLES BEGIN")
+    message(STATUS "")
+    foreach (_variableName ${_variableNames})
+        message(STATUS "${_variableName}=${${_variableName}}")
+    endforeach()
+    message(STATUS "")
+    message(STATUS "ALL VARIABLES END")
+    message(STATUS "")
+endif()
+
+# check to see if there's both a local copy and EDP-IDF copy of the wolfssl components
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+    message(STATUS "")
+    message(STATUS "")
+    message(STATUS "********************************************************************")
+    message(STATUS "WARNING: Found components/wolfssl in both local project and IDF_PATH")
+    message(STATUS "********************************************************************")
+    message(STATUS "")
+endif()
+# end multiple component check
+
+

IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/component.mk

@@ -0,0 +1,40 @@
+#
+# Copyright (C) 2006-2023 wolfSSL Inc.
+#
+# This file is part of wolfSSL.
+#
+# wolfSSL is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# wolfSSL is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+#
+#
+# Component Makefile
+#
+
+COMPONENT_ADD_INCLUDEDIRS := . ./include
+
+COMPONENT_ADD_INCLUDEDIRS += "$ENV{IDF_PATH}/components/freertos/include/freertos"
+# COMPONENT_ADD_INCLUDEDIRS += "$ENV{IDF_PATH}/soc/esp32s3/include/soc"
+
+COMPONENT_SRCDIRS := src wolfcrypt/src
+COMPONENT_SRCDIRS += wolfcrypt/src/port/Espressif
+COMPONENT_SRCDIRS += wolfcrypt/src/port/atmel
+COMPONENT_SRCDIRS += wolfcrypt/benchmark
+COMPONENT_SRCDIRS += wolfcrypt/test
+
+CFLAGS +=-DWOLFSSL_USER_SETTINGS
+
+COMPONENT_OBJEXCLUDE := wolfcrypt/src/aes_asm.o
+COMPONENT_OBJEXCLUDE += wolfcrypt/src/evp.o
+COMPONENT_OBJEXCLUDE += wolfcrypt/src/misc.o
+COMPONENT_OBJEXCLUDE += src/bio.o

IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/CMakeLists.txt

@@ -4,7 +4,76 @@
 #
 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
 
-set(COMPONENT_SRCS "test.c")
+set(COMPONENT_SRCS "main.c")
+
+# when using time helper:
+# set(COMPONENT_SRCS "main.c" "time_helper.c")
+
 set(COMPONENT_ADD_INCLUDEDIRS ".")
 
+set (git_cmd "git")
+
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+    #
+    # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
+    #
+    message(STATUS "")
+    message(STATUS "WARNING: Found components/wolfssl in both local project and IDF_PATH")
+    message(STATUS "")
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+endif()
+
 register_component()
+
+#
+# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
+#
+# Save the THIS_VAR as a string in a macro called VAR_OUPUT
+#
+# VAR_OUPUT:  the name of the macro to define
+# THIS_VAR:   the OUTPUT_VARIABLE result from a execute_process()
+# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
+#
+function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
+    # is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
+    string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
+
+    # if we had a successful operation, save the THIS_VAR in VAR_OUPUT
+    if(${IS_VALID_VALUE})
+        # strip newline chars in THIS_VAR parameter and save in VAR_VALUE
+        string(REPLACE "\n" ""  VAR_VALUE  ${THIS_VAR})
+
+        # we'll could percolate the value to the parent for possible later use
+        # set(${VAR_OUPUT} ${VAR_VALUE} PARENT_SCOPE)
+
+        # but we're only using it here in this function
+        set(${VAR_OUPUT} ${VAR_VALUE})
+
+        # we'll print what we found to the console
+        message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
+
+        # the interesting part is defining the VAR_OUPUT name a value to use in the app
+        add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+    else()
+        # if we get here, check the execute_process command and parameters.
+        message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
+        set(${VAR_OUPUT} "Unknown")
+    endif()
+endfunction() # LIBWOLFSSL_SAVE_INFO
+
+if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+    # LIBWOLFSSL_VERSION_GIT_HASH
+    execute_process(COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_SHORT_HASH
+    execute_process(COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_HASH_DATE
+    execute_process(COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
+endif()
+
+message(STATUS "")
+

IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/Kconfig.projbuild

@@ -0,0 +1,29 @@
+menu "Example Configuration"
+
+config BENCH_ARGV
+    string "Arguments for benchmark test"
+    default "-lng 0"
+    help
+        -? <num>    Help, print this usage
+                     0: English, 1: Japanese
+        -csv        Print terminal output in csv format
+        -base10     Display bytes as power of 10 (eg 1 kB = 1000 Bytes)
+        -no_aad     No additional authentication data passed.
+        -dgst_full  Full digest operation performed.
+        -rsa_sign   Measure RSA sign/verify instead of encrypt/decrypt.
+        -<alg>      Algorithm to benchmark. Available algorithms include:
+                    cipher aes-cbc aes-gcm chacha20 chacha20-poly1305
+                    digest md5 poly1305 sha sha2 sha224 sha256 sha384 sha512 sha3
+                    sha3-224 sha3-256 sha3-384 sha3-512
+                    mac hmac hmac-md5 hmac-sha hmac-sha224 hmac-sha256 hmac-sha384
+                    hmac-sha512
+                    asym rsa rsa-sz dh ecc-kg ecc
+                    other rng
+        -lng <num>  Display benchmark result by specified language.
+                    0: English, 1: Japanese
+        <num>       Size of block in bytes
+
+        e.g -lng 1
+        e.g sha
+
+endmenu

IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/main.c

@@ -0,0 +1,231 @@
+/* main.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* ESP-IDF */
+#include <esp_log.h>
+#include "sdkconfig.h"
+
+/* wolfSSL */
+#include <wolfssl/wolfcrypt/settings.h>
+#include <user_settings.h>
+#include <wolfssl/version.h>
+#ifndef WOLFSSL_ESPIDF
+#warning "problem with wolfSSL user settings. Check components/wolfssl/include"
+#endif
+
+#include <wolfcrypt/test/test.h>
+
+/*
+** the wolfssl component can be installed in either:
+**
+**   - the ESP-IDF component directory
+**
+**       ** OR **
+**
+**   - the local project component directory
+**
+** it is not recommended to install in both.
+**
+*/
+
+/*
+** although the wolfcrypt/test includes a default time setting,
+** see the enclosed optional time helper for adding NNTP.
+** be sure to add "time_helper.c" in main/CMakeLists.txt
+*/
+#undef WOLFSSL_USE_TIME_HELPER
+#if defined(WOLFSSL_USE_TIME_HELPER)
+    #include "time_helper.h" */
+#endif
+
+/* see wolfssl/wolfcrypt/test/test.h */
+extern void wolf_crypt_task();
+
+
+static const char* const TAG = "wolfssl_test";
+
+#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
+                                  && defined(WOLFSSL_ATECC508A)
+
+#include "wolfssl/wolfcrypt/port/atmel/atmel.h"
+
+/* when you need to use a custom slot allocation, */
+/* enable the definition CUSTOM_SLOT_ALLOCAION.   */
+#if defined(CUSTOM_SLOT_ALLOCATION)
+
+static byte mSlotList[ATECC_MAX_SLOT];
+
+/* initialize slot array */
+void my_atmel_slotInit()
+{
+    int i;
+    for (i = 0; i < ATECC_MAX_SLOT; i++) {
+        mSlotList[i] = ATECC_INVALID_SLOT;
+    }
+}
+
+/* allocate slot depending on slotType */
+int my_atmel_alloc(int slotType)
+{
+    int i, slot = ATECC_INVALID_SLOT;
+
+    switch (slotType) {
+        case ATMEL_SLOT_ENCKEY:
+            slot = 4;
+            break;
+        case ATMEL_SLOT_DEVICE:
+            slot = 0;
+            break;
+        case ATMEL_SLOT_ECDHE:
+            slot = 0;
+            break;
+        case ATMEL_SLOT_ECDHE_ENC:
+            slot = 4;
+            break;
+        case ATMEL_SLOT_ANY:
+            for (i = 0; i < ATECC_MAX_SLOT; i++) {
+                if (mSlotList[i] == ATECC_INVALID_SLOT) {
+                    slot = i;
+                    break;
+                } /* if */
+            } /* for */
+    } /* switch */
+
+    return slot;
+}
+
+/* free slot array       */
+void my_atmel_free(int slotId)
+{
+    if (slotId >= 0 && slotId < ATECC_MAX_SLOT) {
+        mSlotList[slotId] = ATECC_INVALID_SLOT;
+    }
+}
+
+#endif /* CUSTOM_SLOT_ALLOCATION                                        */
+#endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */
+
+
+/* entry point */
+void app_main(void)
+{
+    int rc = 0;
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+    ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------");
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+
+
+    ESP_LOGI(TAG, "CONFIG_IDF_TARGET = %s", CONFIG_IDF_TARGET);
+    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_STRING = %s", LIBWOLFSSL_VERSION_STRING);
+
+#if defined(LIBWOLFSSL_VERSION_GIT_HASH)
+    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH = %s", LIBWOLFSSL_VERSION_GIT_HASH);
+#endif
+
+#if defined(LIBWOLFSSL_VERSION_GIT_SHORT_HASH )
+    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_SHORT_HASH = %s", LIBWOLFSSL_VERSION_GIT_SHORT_HASH);
+#endif
+
+#if defined(LIBWOLFSSL_VERSION_GIT_HASH_DATE)
+    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH_DATE = %s", LIBWOLFSSL_VERSION_GIT_HASH_DATE);
+#endif
+
+
+    /* some interesting settings are target specific (ESP32, -C3, -S3, etc */
+#if defined(CONFIG_IDF_TARGET_ESP32C3)
+    /* not available for C3 at this time */
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+    ESP_LOGI(TAG, "CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ = %u MHz",
+                   CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
+             );
+    ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
+#else
+    ESP_LOGI(TAG, "CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ = %u MHz",
+                   CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ
+            );
+    ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
+#endif
+
+    /* all platforms: stack high water mark check */
+    ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
+
+    /* check to see if we are using hardware encryption */
+#if defined(NO_ESP32WROOM32_CRYPT)
+    ESP_LOGI(TAG, "NO_ESP32WROOM32_CRYPT defined! HW acceleration DISABLED.");
+#else
+    #if defined(CONFIG_IDF_TARGET_ESP32C3)
+        #error "ESP32WROOM32_CRYPT not yet supported on ESP32-C3"
+    #elif defined(CONFIG_IDF_TARGET_ESP32S2)
+        #error "ESP32WROOM32_CRYPT not yet supported on ESP32-S2"
+    #elif defined(CONFIG_IDF_TARGET_ESP32S3)
+        #error "ESP32WROOM32_CRYPT not yet supported on ESP32-S3"
+    #else
+        ESP_LOGI(TAG, "ESP32WROOM32_CRYPT is enabled.");
+    #endif
+#endif
+
+
+
+#if defined (WOLFSSL_USE_TIME_HELPER)
+    set_time();
+#endif
+
+/* when using atecc608a on esp32-wroom-32se */
+#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
+                                  && defined(WOLFSSL_ATECC508A)
+    #if defined(CUSTOM_SLOT_ALLOCATION)
+    my_atmel_slotInit();
+    /* to register the callback, it needs to be initialized. */
+    if ((wolfCrypt_Init()) != 0) {
+        ESP_LOGE(TAG, "wolfCrypt_Init failed");
+        return;
+    }
+    atmel_set_slot_allocator(my_atmel_alloc, my_atmel_free);
+    #endif
+#endif
+
+#ifdef NO_CRYPT_TEST
+    ESP_LOGI(TAG, "NO_CRYPT_TEST defined, skipping wolf_test_task");
+#else
+    /* Although wolfCrypt_Init() may be explicitly called above,
+    ** Note it is still always called in wolf_test_task.
+    */
+    rc = wolf_test_task();
+    /* note wolfCrypt_Cleanup() should always be called when finished.
+    ** This is called at the end of wolf_test_task();
+    */
+
+    if (rc == 0) {
+        ESP_LOGI(TAG, "wolf_test_task complete success result code = %d", rc);
+    }
+    else {
+        ESP_LOGE(TAG, "wolf_test_task FAIL result code = %d", rc);
+        /* see wolfssl/wolfcrypt/error-crypt.h */
+    }
+
+    /* after the test, we'll just wait */
+    while (1) {
+        /* nothing */
+    }
+#endif
+}