Merge pull request #6926 from JacobBarthelmeh/release

prepare for release 5.6.4

.editorconfig

@@ -0,0 +1,10 @@
+# http://editorconfig.org
+root = true
+
+[*]
+indent_style = space
+indent_size = 4
+end_of_line = lf
+charset = utf-8
+trim_trailing_whitespace = true
+insert_final_newline = true

.github/workflows/async.yml

@@ -10,17 +10,20 @@ jobs:
         config: [
           # Add new configs here
           '--enable-asynccrypt --enable-all --enable-dtls13',
-          '--enable-asynccrypt-sw',
+          '--enable-asynccrypt-sw --enable-ocspstapling --enable-ocspstapling2',
+          '--enable-ocsp CFLAGS="-DTEST_NONBLOCK_CERTS"',
         ]
     name: make check
     runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 6
     steps:
       - uses: actions/checkout@v3
         name: Checkout wolfSSL
 
       - name: Test wolfSSL async
         run: |
-          ./async-check.sh setup
+          ./async-check.sh install
           ./configure ${{ matrix.config }}
           make check
 

.github/workflows/curl.yml

@@ -0,0 +1,61 @@
+name: curl Test
+
+on:
+  workflow_call:
+
+jobs:
+  build_wolfssl:
+    name: Build wolfSSL
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
+    steps:
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-curl
+          install: true
+
+      - name: Upload built lib
+        uses: actions/upload-artifact@v3
+        with:
+          name: wolf-install-curl
+          path: build-dir
+          retention-days: 1
+
+  test_curl:
+    name: ${{ matrix.curl_ref }}
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 15
+    needs: build_wolfssl
+    strategy:
+      fail-fast: false
+      matrix:
+        curl_ref: [ 'master', 'curl-8_4_0' ]
+    steps:
+    - name: Install test dependencies
+      run: |
+        sudo apt-get update
+        sudo apt-get install nghttp2
+        sudo pip install impacket
+
+    - name: Download lib
+      uses: actions/download-artifact@v3
+      with:
+        name: wolf-install-curl
+        path: build-dir
+
+    - name: Build curl
+      uses: wolfSSL/actions-build-autotools-project@v1
+      with:
+        repository: curl/curl
+        path: curl
+        ref: ${{ matrix.curl_ref }}
+        configure: --with-wolfssl=$GITHUB_WORKSPACE/build-dir
+        check: false
+
+    - name: Test curl
+      working-directory: curl
+      run: make -j test-ci

.github/workflows/docker-Espressif.yml

@@ -6,6 +6,8 @@ jobs:
   espressif_latest:
     name: latest Docker container
     runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 12
     container:
       image: espressif/idf:latest
     steps:

.github/workflows/docker-OpenWrt.yml

@@ -9,6 +9,8 @@ jobs:
     build_library:
         name: Compile libwolfssl.so
         runs-on: ubuntu-latest
+        # This should be a safe limit for the tests to run.
+        timeout-minutes: 4
         container:
             image: alpine:latest
         steps:
@@ -26,6 +28,8 @@ jobs:
     compile_container:
         name: Compile container
         runs-on: ubuntu-latest
+        # This should be a safe limit for the tests to run.
+        timeout-minutes: 2
         needs: build_library
         strategy:
             fail-fast: false

.github/workflows/hitch.yml

@@ -0,0 +1,94 @@
+name: hitch Tests
+
+on:
+  workflow_call:
+
+jobs:
+  build_wolfssl:
+    name: Build wolfSSL
+    # Just to keep it the same as the testing target
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
+    steps:
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-hitch
+          install: true
+
+      - name: Upload built lib
+        uses: actions/upload-artifact@v3
+        with:
+          name: wolf-install-hitch
+          path: build-dir
+          retention-days: 1
+
+  hitch_check:
+    strategy:
+      fail-fast: false
+      matrix:
+        # List of releases to test
+        include:
+          - ref: 1.7.3
+            ignore-tests: >-
+              test13-r82.sh test15-proxy-v2-npn.sh test39-client-cert-proxy.sh
+    name: ${{ matrix.ref }}
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
+    needs: build_wolfssl
+    steps:
+      - name: Download lib
+        uses: actions/download-artifact@v3
+        with:
+          name: wolf-install-hitch
+          path: build-dir
+
+      - name: Checkout OSP
+        uses: actions/checkout@v3
+        with:
+          repository: wolfssl/osp
+          path: osp
+
+      - name: Install dependencies
+        run: |
+            export DEBIAN_FRONTEND=noninteractive
+            sudo apt-get update
+            sudo apt-get install -y libev-dev libssl-dev automake python3-docutils flex bison pkg-config make
+
+      - name: Checkout hitch
+        uses: actions/checkout@v3
+        with:
+          repository: varnish/hitch
+          ref: 1.7.3
+          path: hitch
+
+      # Do this before configuring so that it only detects the updated list of
+      # tests
+      - if: ${{ matrix.ignore-tests }}
+        name: Remove tests that we want to ignore
+        working-directory: ./hitch/src/tests
+        run: |
+          rm ${{ matrix.ignore-tests }}
+
+      - name: Configure and build hitch
+        run: |
+            cd $GITHUB_WORKSPACE/hitch/
+            patch -p1 < $GITHUB_WORKSPACE/osp/hitch/hitch_1.7.3.patch
+            autoreconf -ivf
+            SSL_CFLAGS="-I$GITHUB_WORKSPACE/build-dir/include/ -I$GITHUB_WORKSPACE/build-dir/include/wolfssl" SSL_LIBS="-L$GITHUB_WORKSPACE/build-dir/lib -lwolfssl" ./configure --with-wolfssl=$GITHUB_WORKSPACE/build-dir/ --enable-silent-rules --enable-documentation --enable-warnings --with-lex --with-yacc --prefix=$GITHUB_WORKSPACE/build-dir
+            make -j$(nproc)
+
+      - name: Confirm hitch built with wolfSSL
+        working-directory: ./hitch
+        run: |
+          export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH
+          ldd src/hitch | grep wolfssl
+
+      - name: Run hitch tests, skipping ignored tests
+        working-directory: ./hitch
+        run: |
+          export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH
+          make check

.github/workflows/hostap.yml

@@ -15,6 +15,8 @@ jobs:
     name: Build wolfSSL
     # Just to keep it the same as the testing target
     runs-on: ubuntu-20.04
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
     steps:
         # No way to view the full strategy in the browser (really weird)
       - name: Print strategy
@@ -90,6 +92,8 @@ jobs:
     name: hwsim test
     # For openssl 1.1
     runs-on: ubuntu-20.04
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 12
     needs: build_wolfssl
     steps:
         # No way to view the full strategy in the browser (really weird)

.github/workflows/krb5.yml

@@ -0,0 +1,79 @@
+name: Kerberos 5 Tests
+
+on:
+  workflow_call:
+
+jobs:
+  build_wolfssl:
+    name: Build wolfSSL
+    # Just to keep it the same as the testing target
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 5
+    steps:
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-krb CFLAGS='-fsanitize=address'
+          install: true
+
+      - name: Upload built lib
+        uses: actions/upload-artifact@v3
+        with:
+          name: wolf-install-krb5
+          path: build-dir
+          retention-days: 1
+
+  krb5_check:
+    strategy:
+      fail-fast: false
+      matrix:
+        # List of releases to test
+        ref: [ 1.21.1 ]
+    name: ${{ matrix.ref }}
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 8
+    needs: build_wolfssl
+    steps:
+      - name: Download lib
+        uses: actions/download-artifact@v3
+        with:
+          name: wolf-install-krb5
+          path: build-dir
+
+      - name: Checkout OSP
+        uses: actions/checkout@v3
+        with:
+          repository: wolfssl/osp
+          path: osp
+
+      - name: Checkout krb5
+        uses: actions/checkout@v3
+        with:
+          repository: krb5/krb5
+          ref: krb5-${{ matrix.ref }}-final
+          path: krb5
+
+      - name: Apply patch
+        working-directory: ./krb5
+        run: |
+          patch -p1 < $GITHUB_WORKSPACE/osp/krb5/Patch-for-Kerberos-5-${{ matrix.ref }}.patch
+
+      - name: Build krb5
+        working-directory: ./krb5/src
+        run: |
+          autoreconf -ivf
+          # Using rpath because LD_LIBRARY_PATH is overwritten during testing
+          export WOLFSSL_CFLAGS="-I$GITHUB_WORKSPACE/build-dir/include -I$GITHUB_WORKSPACE/build-dir/include/wolfssl  -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib"
+          export WOLFSSL_LIBS="-lwolfssl -L$GITHUB_WORKSPACE/build-dir/lib -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib"
+          ./configure --with-crypto-impl=wolfssl --with-tls-impl=wolfssl --disable-pkinit \
+            CFLAGS='-fsanitize=address' LDFLAGS='-fsanitize=address'
+          CFLAGS='-fsanitize=address' LDFLAGS='-fsanitize=address' make -j
+
+      - name: Run tests
+        working-directory: ./krb5/src
+        run: |
+          CFLAGS='-fsanitize=address' LDFLAGS='-fsanitize=address' make -j check
+

.github/workflows/main.yml

@@ -14,6 +14,8 @@ jobs:
         uses: ./.github/workflows/docker-Espressif.yml
     multi-compiler:
         uses: ./.github/workflows/multi-compiler.yml
+    multi-arch:
+        uses: ./.github/workflows/multi-arch.yml
     openwrt:
         uses: ./.github/workflows/docker-OpenWrt.yml
     os-check:
@@ -26,6 +28,18 @@ jobs:
         uses: ./.github/workflows/openvpn.yml
     hostap:
         uses: ./.github/workflows/hostap.yml
+    nginx:
+        uses: ./.github/workflows/nginx.yml
+    zephyr:
+        uses: ./.github/workflows/zephyr.yml
+    hitch:
+        uses: ./.github/workflows/hitch.yml
+    curl:
+        uses: ./.github/workflows/curl.yml
+    krb5:
+        uses: ./.github/workflows/krb5.yml
+    packaging:
+        uses: ./.github/workflows/packaging.yml
 # TODO: Currently this test fails. Enable it once it becomes passing.        
 #    haproxy:
 #        uses: ./.github/workflows/haproxy.yml

.github/workflows/multi-arch.yml

@@ -0,0 +1,54 @@
+name: Multiple architectures
+
+on:
+  workflow_call:
+
+jobs:
+  my_matrix:
+    name: Multi-arch test
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - HOST: aarch64-linux-gnu
+            CC: aarch64-linux-gnu-gcc
+            ARCH: arm64
+            EXTRA_OPTS: --enable-sp-asm --enable-armasm
+          - HOST: arm-linux-gnueabihf
+            CC: arm-linux-gnueabihf-gcc
+            ARCH: armhf
+            EXTRA_OPTS: --enable-sp-asm
+          - HOST: riscv64-linux-gnu
+            CC: riscv64-linux-gnu-gcc
+            ARCH: riscv64
+          # Config to ensure CPUs without Thumb instructions compiles
+          - HOST: arm-linux-gnueabi
+            CC: arm-linux-gnueabi-gcc
+            CFLAGS: -marm -DWOLFSSL_SP_ARM_ARCH=6
+            ARCH: armel
+            EXTRA_OPTS: --enable-sp-asm
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 10
+    steps:
+      - name: Install Compiler
+        run: |
+          sudo apt update
+          sudo apt install -y crossbuild-essential-${{ matrix.ARCH }} qemu-user
+      - uses: actions/checkout@v3
+      - name: Build
+        env:
+            CC: ${{ matrix.CC }}
+            CFLAGS: ${{ matrix.CFLAGS }}
+            QEMU_LD_PREFIX: /usr/${{ matrix.HOST }}
+        run: ./autogen.sh && ./configure --host=${{ matrix.HOST }} --enable-all --disable-examples ${{ matrix.EXTRA_OPTS }} && make
+      - name: Print errors 
+        if: ${{ failure() }}
+        run: |
+          if [ -f config.log ] ; then
+            cat config.log
+          fi
+      - name: Run WolfCrypt Tests
+        env:
+            QEMU_LD_PREFIX: /usr/${{ matrix.HOST }}
+        run: ./wolfcrypt/test/testwolfcrypt

.github/workflows/multi-compiler.yml

@@ -12,19 +12,34 @@ jobs:
         include:
           - CC: gcc-9
             CXX: g++-9
+            OS: ubuntu-latest
           - CC: gcc-10
             CXX: g++-10
+            OS: ubuntu-latest
           - CC: gcc-11
             CXX: g++-11
+            OS: ubuntu-latest
           - CC: gcc-12
             CXX: g++-12
+            OS: ubuntu-latest
+          - CC: clang-10
+            CXX: clang++-10
+            OS: ubuntu-20.04
+          - CC: clang-11
+            CXX: clang++-11
+            OS: ubuntu-20.04
           - CC: clang-12
             CXX: clang++-12
+            OS: ubuntu-20.04
           - CC: clang-13
             CXX: clang++-13
+            OS: ubuntu-latest
           - CC: clang-14
             CXX: clang++-14
-    runs-on: ubuntu-latest
+            OS: ubuntu-latest
+    runs-on: ${{ matrix.OS }}
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
     steps:
       - uses: actions/checkout@v3
       - name: Build
@@ -32,3 +47,7 @@ jobs:
             CC: ${{ matrix.CC }}
             CXX: ${{ matrix.CXX }}
         run: ./autogen.sh && ./configure && make && make dist
+      - name: Show log on errors
+        if: ${{ failure() }}
+        run: |
+            cat config.log

.github/workflows/nginx.yml

@@ -0,0 +1,179 @@
+name: nginx Tests
+
+on:
+  workflow_call:
+
+jobs:
+  build_wolfssl:
+    name: Build wolfSSL
+    # Just to keep it the same as the testing target
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
+    steps:
+      - if: ${{ runner.debug }}
+        name: Enable wolfSSL debug logging
+        run: |
+          # We don't use --enable-debug since it makes the logs too loud
+          echo "wolf_debug_flags= CFLAGS='-g3 -O0'" >> $GITHUB_ENV
+
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-nginx ${{ env.wolf_debug_flags }}
+          install: true
+
+      - name: Upload built lib
+        uses: actions/upload-artifact@v3
+        with:
+          name: wolf-install-nginx
+          path: build-dir
+          retention-days: 1
+
+  nginx_check:
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          # in general we want to pass all tests that match *ssl*
+          - ref: 1.25.0
+            test-ref: 5b2894ea1afd01a26c589ce11f310df118e42592
+            # Following tests pass with sanitizer on
+            sanitize-ok: >-
+              h2_ssl_proxy_cache.t h2_ssl.t h2_ssl_variables.t h2_ssl_verify_client.t
+              mail_imap_ssl.t mail_ssl_conf_command.t mail_ssl_session_reuse.t
+              mail_ssl.t proxy_ssl_certificate_empty.t proxy_ssl_certificate.t
+              proxy_ssl_certificate_vars.t proxy_ssl_conf_command.t proxy_ssl_name.t
+              ssl_certificate_chain.t ssl_certificate_perl.t ssl_certificates.t
+              ssl_certificate.t ssl_client_escaped_cert.t ssl_conf_command.t
+              ssl_crl.t ssl_curve.t ssl_engine_keys.t ssl_ocsp.t ssl_password_file.t
+              ssl_proxy_protocol.t ssl_proxy_upgrade.t ssl_reject_handshake.t
+              ssl_session_reuse.t ssl_session_ticket_key.t ssl_sni_reneg.t
+              ssl_sni_sessions.t ssl_sni.t ssl_stapling.t ssl.t ssl_verify_client.t
+              ssl_verify_depth.t stream_proxy_ssl_certificate.t stream_proxy_ssl_certificate_vars.t
+              stream_proxy_ssl_conf_command.t stream_proxy_ssl_name_complex.t
+              stream_proxy_ssl_name.t stream_ssl_certificate.t stream_ssl_conf_command.t
+              stream_ssl_preread_alpn.t stream_ssl_preread_protocol.t stream_ssl_preread.t
+              stream_ssl_realip.t stream_ssl_session_reuse.t stream_ssl.t stream_ssl_variables.t
+              stream_ssl_verify_client.t stream_upstream_zone_ssl.t upstream_zone_ssl.t
+              uwsgi_ssl_certificate.t uwsgi_ssl_certificate_vars.t uwsgi_ssl.t
+              uwsgi_ssl_verify.t
+            # Following tests do not pass with sanitizer on (with OpenSSL too)
+            sanitize-not-ok: >-
+              grpc_ssl.t h2_proxy_request_buffering_ssl.t h2_proxy_ssl.t
+              proxy_request_buffering_ssl.t proxy_ssl_keepalive.t proxy_ssl.t
+              proxy_ssl_verify.t stream_proxy_protocol_ssl.t stream_proxy_ssl.t
+              stream_proxy_ssl_verify.t stream_ssl_alpn.t
+    name: ${{ matrix.ref }}
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 6
+    needs: build_wolfssl
+    steps:
+      - name: Download lib
+        uses: actions/download-artifact@v3
+        with:
+          name: wolf-install-nginx
+          path: build-dir
+
+      - name: Install dependencies
+        run: |
+          sudo cpan -iT Proc::Find Net::SSLeay IO::Socket::SSL
+
+      - name: Checkout wolfssl-nginx
+        uses: actions/checkout@v3
+        with:
+          repository: wolfssl/wolfssl-nginx
+          path: wolfssl-nginx
+
+      - name: Checkout nginx
+        uses: actions/checkout@v3
+        with:
+          repository: nginx/nginx
+          path: nginx
+          ref: release-${{ matrix.ref }}
+
+      - name: Apply nginx patch
+        working-directory: nginx
+        run: patch -p1 < ../wolfssl-nginx/nginx-${{ matrix.ref }}-wolfssl.patch
+
+      - if: ${{ runner.debug }}
+        name: Apply nginx debug patch
+        working-directory: nginx
+        run: patch -p1 < ../wolfssl-nginx/nginx-${{ matrix.ref }}-wolfssl-debug.patch
+
+      - name: Checkout nginx-tests
+        uses: actions/checkout@v3
+        with:
+          repository: nginx/nginx-tests
+          path: nginx-tests
+          ref: ${{ matrix.test-ref }}
+
+      - name: Apply nginx-tests patch
+        working-directory: nginx-tests
+        run: patch -p1 < ../wolfssl-nginx/nginx-tests-patches/*${{ matrix.test-ref }}.patch
+
+      - name: Build nginx without sanitizer
+        working-directory: nginx
+        run: |
+          ./auto/configure --with-wolfssl=$GITHUB_WORKSPACE/build-dir --with-http_ssl_module \
+            --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module \
+            --with-http_v2_module --with-mail --with-mail_ssl_module
+          make -j
+
+      - name: Confirm nginx built with wolfSSL
+        working-directory: nginx
+        run: ldd objs/nginx | grep wolfssl
+
+      - if: ${{ runner.debug }}
+        name: Run nginx-tests without sanitizer (debug)
+        working-directory: nginx-tests
+        run: |
+          LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib \
+            TMPDIR=$GITHUB_WORKSPACE TEST_NGINX_VERBOSE=y TEST_NGINX_CATLOG=y \
+            TEST_NGINX_BINARY=../nginx/objs/nginx prove -v ${{ matrix.sanitize-not-ok }}
+
+      - if: ${{ !runner.debug }}
+        name: Run nginx-tests without sanitizer
+        working-directory: nginx-tests
+        run: |
+          LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib \
+            TMPDIR=$GITHUB_WORKSPACE TEST_NGINX_BINARY=../nginx/objs/nginx \
+            prove ${{ matrix.sanitize-not-ok }}
+
+      - if: ${{ runner.debug }}
+        name: Enable wolfSSL debug logging
+        run: |
+          echo "nginx_c_flags=-O0" >> $GITHUB_ENV
+
+      - name: Build nginx with sanitizer
+        working-directory: nginx
+        run: |
+          ./auto/configure --with-wolfssl=$GITHUB_WORKSPACE/build-dir --with-http_ssl_module \
+            --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module \
+            --with-http_v2_module --with-mail --with-mail_ssl_module \
+            --with-cc-opt='-fsanitize=address -DNGX_DEBUG_PALLOC=1 -g3 ${{ env.nginx_c_flags }}' \
+            --with-ld-opt='-fsanitize=address ${{ env.nginx_c_flags }}'
+          make -j
+
+      - name: Confirm nginx built with wolfSSL
+        working-directory: nginx
+        run: ldd objs/nginx | grep wolfssl
+
+      - if: ${{ runner.debug }}
+        name: Run nginx-tests with sanitizer (debug)
+        working-directory: nginx-tests
+        run: |
+          LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib \
+          TMPDIR=$GITHUB_WORKSPACE TEST_NGINX_VERBOSE=y TEST_NGINX_CATLOG=y \
+          TEST_NGINX_BINARY=../nginx/objs/nginx prove -v ${{ matrix.sanitize-ok }}
+
+      - if: ${{ !runner.debug }}
+        name: Run nginx-tests with sanitizer
+        working-directory: nginx-tests
+        run: |
+          LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib \
+            TMPDIR=$GITHUB_WORKSPACE TEST_NGINX_BINARY=../nginx/objs/nginx \
+            prove ${{ matrix.sanitize-ok }}
+ 

.github/workflows/openvpn.yml

@@ -8,6 +8,8 @@ jobs:
     name: Build wolfSSL
     # Just to keep it the same as the testing target
     runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
     steps:
       - name: Build wolfSSL
         uses: wolfSSL/actions-build-autotools-project@v1
@@ -31,6 +33,8 @@ jobs:
         ref: [ master, release/2.6, v2.6.0 ]
     name: ${{ matrix.ref }}
     runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 6
     needs: build_wolfssl
     steps:
       - name: Download lib

.github/workflows/os-check.yml

@@ -19,9 +19,13 @@ jobs:
            --enable-opensslextra --enable-sessioncerts 
            CPPFLAGS=''-DWOLFSSL_DTLS_NO_HVR_ON_RESUME -DHAVE_EXT_CACHE 
            -DWOLFSSL_TICKET_HAVE_ID -DHAVE_EX_DATA -DSESSION_CACHE_DYNAMIC_MEM'' ',
+          '--enable-all --enable-secure-renegotiation',
+          '--enable-all --enable-haproxy --enable-quic',
         ]
     name: make check
     runs-on: ${{ matrix.os }}
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 14
     steps:
       - name: Build and test wolfSSL
         uses: wolfSSL/actions-build-autotools-project@v1
@@ -40,6 +44,8 @@ jobs:
         ]
     name: make user_setting.h
     runs-on: ${{ matrix.os }}
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 14
     steps:
       - name: Build and test wolfSSL
         uses: wolfSSL/actions-build-autotools-project@v1
@@ -61,6 +67,8 @@ jobs:
         ]
     name: make user_setting.h (testwolfcrypt only)
     runs-on: ${{ matrix.os }}
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 14
     steps:
       - name: Build and test wolfSSL
         uses: wolfSSL/actions-build-autotools-project@v1
@@ -80,6 +88,8 @@ jobs:
         os: [ ubuntu-latest, macos-latest ]
     name: make user_setting.h (with sed)
     runs-on: ${{ matrix.os }}
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 14
     steps:
     - uses: actions/checkout@v3
     - if: ${{ matrix.os == 'macos-latest' }}
@@ -96,6 +106,8 @@ jobs:
   windows_build:
     name: Windows Build Test
     runs-on: windows-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 6
     env:
       # Path to the solution file relative to the root of the project.
       SOLUTION_FILE_PATH: wolfssl64.sln
@@ -120,3 +132,7 @@ jobs:
       # Add additional options to the MSBuild command line here (like platform or verbosity level).
       # See https://docs.microsoft.com/visualstudio/msbuild/msbuild-command-line-reference
       run: msbuild /m /p:PlatformToolset=v142 /p:Platform=${{env.BUILD_PLATFORM}} /p:Configuration=${{env.BUILD_CONFIGURATION}} ${{env.SOLUTION_FILE_PATH}}
+
+    - name: Run Test
+      working-directory: ${{env.GITHUB_WORKSPACE}}
+      run: Release/x64/testsuite.exe

.github/workflows/packaging.yml

@@ -0,0 +1,45 @@
+name: Packaging Tests
+
+on:
+  workflow_call:
+
+jobs:
+  build_wolfssl:
+    name: Package wolfSSL
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 10
+    steps:
+      - name: Checkout wolfSSL
+        uses: actions/checkout@v3
+
+      - name: Configure wolfSSL
+        run: |
+          autoreconf -ivf
+          ./configure --enable-distro --enable-all \
+            --disable-openssl-compatible-defaults --enable-intelasm \
+            --enable-dtls13 --enable-dtls-mtu \
+            --enable-sp-asm --disable-examples --disable-silent-rules
+
+      - name: Make sure OPENSSL_COMPATIBLE_DEFAULTS is not present in options.h
+        run: |
+          ! grep OPENSSL_COMPATIBLE_DEFAULTS wolfssl/options.h
+
+      - name: Build wolfSSL .deb
+        run: make deb-docker
+
+      - name: Build wolfSSL .rpm
+        run: make rpm-docker
+
+      - name: Confirm packages built
+        run: |
+          DEB_COUNT=$(find -name 'libwolfssl*.deb' | wc -l)
+          if [ "$DEB_COUNT" != "2" ]; then
+            echo Did not find exactly two deb packages!!!
+            exit 1
+          fi
+          RPM_COUNT=$(find -name 'wolfssl*.rpm' | wc -l)
+          if [ "$RPM_COUNT" != "4" ]; then
+            echo Did not find exactly four rpm packages!!!
+            exit 1
+          fi

.github/workflows/stunnel.yml

@@ -8,6 +8,8 @@ jobs:
     name: Build wolfSSL
     # Just to keep it the same as the testing target
     runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
     steps:
       - name: Build wolfSSL
         uses: wolfSSL/actions-build-autotools-project@v1
@@ -31,6 +33,8 @@ jobs:
         ref: [ 5.67 ]
     name: ${{ matrix.ref }}
     runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
     needs: build_wolfssl
     steps:
       - name: Download lib

.github/workflows/zephyr.yml

@@ -0,0 +1,101 @@
+name: Zephyr tests
+
+on:
+  workflow_call:
+
+jobs:
+  run_test:
+    name: Build and run
+    strategy:
+      matrix:
+        config:
+          - zephyr-ref: v3.4.0
+            zephyr-sdk: 0.16.1
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 15
+    steps:
+      - name: Install dependencies
+        run: |
+          # Don't prompt for anything
+          export DEBIAN_FRONTEND=noninteractive
+          sudo apt-get update
+          # most of the ci-base zephyr docker image packages
+          sudo apt-get install -y zip bridge-utils uml-utilities \
+            git cmake ninja-build gperf ccache dfu-util device-tree-compiler wget \
+            python3-dev python3-pip python3-setuptools python3-tk python3-wheel xz-utils file \
+            make gcc gcc-multilib g++-multilib libsdl2-dev libmagic1 \
+            autoconf automake bison build-essential ca-certificates cargo ccache chrpath cmake \
+            cpio device-tree-compiler dfu-util diffstat dos2unix doxygen file flex g++ gawk gcc \
+            gcovr git git-core gnupg gperf gtk-sharp2 help2man iproute2 lcov libcairo2-dev \
+            libglib2.0-dev libgtk2.0-0 liblocale-gettext-perl libncurses5-dev libpcap-dev \
+            libpopt0 libsdl1.2-dev libsdl2-dev libssl-dev libtool libtool-bin locales make \
+            net-tools ninja-build openssh-client parallel pkg-config python3-dev python3-pip \
+            python3-ply python3-setuptools python-is-python3 qemu rsync socat srecord sudo \
+            texinfo unzip wget ovmf xz-utils
+
+      - name: Install west
+        run: sudo pip install west
+
+      - name: Init west workspace
+        run: west init --mr ${{ matrix.config.zephyr-ref }} zephyr
+
+      - name: Update west.yml
+        working-directory: zephyr/zephyr
+        run: |
+          REF=$(echo '${{ github.ref }}' | sed -e 's/\//\\\//g')
+          sed -e 's/remotes:/remotes:\n    \- name: wolfssl\n      url\-base: https:\/\/github.com\/${{ github.repository_owner }}/' -i west.yml
+          sed -e "s/projects:/projects:\n    \- name: wolfssl\n      path: modules\/crypto\/wolfssl\n      remote: wolfssl\n      revision: $REF/" -i west.yml
+
+      - name: Update west workspace
+        working-directory: zephyr
+        run: west update -n -o=--depth=1
+
+      - name: Export zephyr
+        working-directory: zephyr
+        run: west zephyr-export
+
+      - name: Install pip dependencies
+        working-directory: zephyr
+        run: sudo pip install -r zephyr/scripts/requirements.txt
+
+      - name: Install zephyr SDK
+        run: |
+          wget -q https://github.com/zephyrproject-rtos/sdk-ng/releases/download/v${{ matrix.config.zephyr-sdk }}/zephyr-sdk-${{ matrix.config.zephyr-sdk }}_linux-x86_64.tar.xz
+          tar xf zephyr-sdk-${{ matrix.config.zephyr-sdk }}_linux-x86_64.tar.xz
+          cd zephyr-sdk-${{ matrix.config.zephyr-sdk }}
+          ./setup.sh -h -c
+
+      - name: Run wolfssl test
+        id: wolfssl-test
+        working-directory: zephyr
+        run: |
+          ./zephyr/scripts/twister --testsuite-root modules/crypto/wolfssl --test zephyr/samples/wolfssl_test/sample.crypto.wolfssl_test -vvv
+          rm -rf zephyr/twister-out
+
+      - name: Run wolfssl TLS sock test
+        id: wolfssl-tls-sock
+        working-directory: zephyr
+        run: |
+          ./zephyr/scripts/twister --testsuite-root modules/crypto/wolfssl --test zephyr/samples/wolfssl_tls_sock/sample.crypto.wolfssl_tls_sock -vvv
+          rm -rf zephyr/twister-out
+
+      - name: Run wolfssl TLS thread test
+        id: wolfssl-tls-thread
+        working-directory: zephyr
+        run: |
+          ./zephyr/scripts/twister --testsuite-root modules/crypto/wolfssl --test zephyr/samples/wolfssl_tls_thread/sample.crypto.wolfssl_tls_thread -vvv
+          rm -rf zephyr/twister-out
+
+      - name: Zip failure logs
+        if: ${{ failure() && (steps.wolfssl-test.outcome == 'failure' || steps.wolfssl-tls-sock.outcome == 'failure' || steps.wolfssl-tls-thread.outcome == 'failure') }}
+        run: |
+          zip -9 -r logs.zip zephyr/twister-out
+
+      - name: Upload failure logs
+        if: ${{ failure() && (steps.wolfssl-test.outcome == 'failure' || steps.wolfssl-tls-sock.outcome == 'failure' || steps.wolfssl-tls-thread.outcome == 'failure') }}
+        uses: actions/upload-artifact@v3
+        with:
+          name: zephyr-client-test-logs
+          path: logs.zip
+          retention-days: 5

.gitignore

@@ -10,7 +10,7 @@ ctaocrypt/src/src/
 *.cache
 .dirstamp
 *.user
-configure
+configure
 config.*
 !cmake/config.in
 *Debug/
@@ -64,6 +64,8 @@ ctaocrypt/benchmark/benchmark
 ctaocrypt/test/testctaocrypt
 wolfcrypt/benchmark/benchmark
 wolfcrypt/test/testwolfcrypt
+examples/async/async_client
+examples/async/async_server
 examples/benchmark/tls_bench
 examples/client/client
 examples/echoclient/echoclient
@@ -74,6 +76,7 @@ examples/sctp/sctp-server-dtls
 examples/sctp/sctp-client
 examples/sctp/sctp-client-dtls
 examples/asn1/asn1
+examples/pem/pem
 server_ready
 snifftest
 output
@@ -84,6 +87,7 @@ testsuite/testsuite.test
 tests/unit.test
 tests/bio_write_test.txt
 tests/test-log-dump-to-file.txt
+tests/cert_cache.tmp
 test-write-dhparams.pem
 testsuite/*.der
 testsuite/*.pem
@@ -343,6 +347,8 @@ doc/pdf
 
 # XCODE Index
 IDE/XCODE/Index
+IDE/**/xcshareddata
+IDE/**/DerivedData
 
 # ARM DS-5 && Eclipse
 \.settings/
@@ -403,7 +409,8 @@ libFuzzer
 XXX-fips-test
 
 # ASYNC
-async
+/wolfAsyncCrypt
+/async
 
 # Generated user_settings_asm.h.
 user_settings_asm.h
@@ -417,3 +424,15 @@ user_settings_asm.h
 
 # auto-created CMake backups
 **/CMakeLists.txt.old
+
+# MagicCrypto (ARIA Cipher)
+MagicCrypto
+
+# CMake  build directory
+/out
+/out_temp
+
+# debian packaging
+debian/changelog
+debian/control
+*.deb

CMakeLists.txt

@@ -28,16 +28,27 @@ if("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_BINARY_DIR}")
      You must delete them, or cmake will refuse to work.")
 endif()
 
-project(wolfssl VERSION 5.6.2 LANGUAGES C ASM)
+project(wolfssl VERSION 5.6.4 LANGUAGES C ASM)
+
+# Set WOLFSSL_ROOT if not already defined
+if ("${WOLFSSL_ROOT}" STREQUAL "")
+    # we'll assume this CMakeLists.txt is in the root of wolfSSL
+    if (EXISTS "${CMAKE_SOURCE_DIR}/wolfcrypt/src/")
+        get_filename_component(WOLFSSL_ROOT "${CMAKE_SOURCE_DIR}" ABSOLUTE)
+        message(STATUS "Found WOLFSSL_ROOT = ${WOLFSSL_ROOT}")
+    endif()
+else()
+    message(STATUS "Using predefined WOLFSSL_ROOT = ${WOLFSSL_ROOT}")
+endif()
 
 # shared library versioning
 # increment if interfaces have been added, removed or changed
-set(LIBTOOL_CURRENT 40)
+set(LIBTOOL_CURRENT 41)
 # increment if source code has changed  set to zero if current is incremented
 set(LIBTOOL_REVISION 0)
 # increment if interfaces have been added set to zero if interfaces have been
 # removed or changed
-set(LIBTOOL_AGE 5)
+set(LIBTOOL_AGE 0)
 
 math(EXPR LIBTOOL_SO_VERSION "${LIBTOOL_CURRENT} - ${LIBTOOL_AGE}")
 set(LIBTOOL_FULL_VERSION ${LIBTOOL_SO_VERSION}.${LIBTOOL_AGE}.${LIBTOOL_REVISION})
@@ -411,12 +422,7 @@ endif()
 
 if (WOLFSSL_OPENSSLEXTRA AND NOT WOLFSSL_OPENSSLCOEXIST)
     list(APPEND WOLFSSL_DEFINITIONS
-      "-DOPENSSL_EXTRA"
-      "-DWOLFSSL_ALWAYS_VERIFY_CB"
-      "-DWOLFSSL_VERIFY_CB_ALL_CERTS"
-      "-DWOLFSSL_EXTRA_ALERTS"
-      "-DHAVE_EXT_CACHE"
-      "-DWOLFSSL_FORCE_CACHE_ON_TICKET")
+      "-DOPENSSL_EXTRA")
 endif()
 
 if (WOLFSSL_OPENSSLALL)
@@ -536,6 +542,11 @@ if(WOLFSSL_AESCTR AND NOT WOLFSSL_FORTRESS)
         "-DWOLFSSL_AES_DIRECT")
 endif()
 
+# ARIA
+add_option("WOLFSSL_ARIA"
+    "Enable wolfSSL ARIA support (default: disabled)"
+    "no" "yes;no")
+
 # AES-CCM
 add_option("WOLFSSL_AESCCM"
     "Enable wolfSSL AES-CCM support (default: disabled)"
@@ -1299,7 +1310,6 @@ endif()
 #       - CRL monitor
 #       - User crypto
 #       - Whitewood netRandom client library
-#       - SNI
 #       - Max fragment length
 #       - ALPN
 #       - Trusted CA indication
@@ -1315,8 +1325,14 @@ add_option(WOLFSSL_CRL
     "Enable CRL (Use =io for inline CRL HTTP GET) (default: disabled)"
     "no" "yes;no;io")
 
+
+set(SNI_DEFAULT "no")
+if(("${CMAKE_SYSTEM_PROCESSOR}" MATCHES "x86_64|x86|AMD64|arm64") OR
+    ("${CMAKE_SYSTEM_PROCESSOR}" STREQUAL "aarch64"))
+    set(SNI_DEFAULT "yes")
+endif()
 set(WOLFSSL_SNI_HELP_STRING "Enable SNI (default: disabled)")
-add_option(WOLFSSL_SNI ${WOLFSSL_SNI_HELP_STRING} "no" "yes;no")
+add_option(WOLFSSL_SNI ${WOLFSSL_SNI_HELP_STRING} ${SNI_DEFAULT} "yes;no")
 
 set(WOLFSSL_TLSX_HELP_STRING "Enable all TLS Extensions (default: disabled)")
 add_option(WOLFSSL_TLSX ${WOLFSSL_TLSX_HELP_STRING} "no" "yes;no")
@@ -1561,8 +1577,11 @@ endif()
 
 # TODO: - Fast huge math
 
+# Set processor-specific build macros
 if("${CMAKE_SYSTEM_PROCESSOR}" MATCHES "x86_64|AMD64")
     list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_X86_64_BUILD")
+elseif("${CMAKE_SYSTEM_PROCESSOR}" MATCHES "aarch64|arm64")
+    list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_AARCH64_BUILD")
 endif()
 
 # SP math all
@@ -1705,21 +1724,23 @@ if(WOLFSSL_SYS_CA_CERTS)
         override_cache(WOLFSSL_SYS_CA_CERTS "no")
     elseif(APPLE)
         check_include_file("Security/SecTrustSettings.h" HAVE_SECURITY_SECTRUSTSETTINGS_H)
-        if(NOT HAVE_SECURITY_SECTRUSTSETTINGS_H)
-            message("Can't enable system CA certs without Security/SecTrustSettings.h.")
-            override_cache(WOLFSSL_SYS_CA_CERTS "no")
-        else()
+        check_include_file("Security/SecCertificate.h" HAVE_SECURITY_SECCERTIFICATE_H)
+        check_include_file("Security/SecTrust.h" HAVE_SECURITY_SECTRUST_H)
+        check_include_file("Security/SecPolicy.h" HAVE_SECURITY_SECPOLICY_H)
+        if(HAVE_SECURITY_SECTRUSTSETTINGS_H OR (HAVE_SECURITY_SECCERTIFICATE_H
+                                                AND HAVE_SECURITY_SECTRUST_H
+                                                AND HAVE_SECURITY_SECPOLICY_H))
             find_library(CORE_FOUNDATION_FRAMEWORK CoreFoundation)
             if(NOT CORE_FOUNDATION_FRAMEWORK)
-                message("Can't enable system CA certs without CoreFoundation framework.")
-                override_cache(WOLFSSL_SYS_CA_CERTS "no")
+                message(FATAL_ERROR "Can't enable system CA certs without CoreFoundation framework.")
             else()
                 find_library(SECURITY_FRAMEWORK Security)
                 if(NOT SECURITY_FRAMEWORK)
-                    message("Can't enable system CA certs without Security framework.")
-                    override_cache(WOLFSSL_SYS_CA_CERTS "no")
+                    message(FATAL_ERROR "Can't enable system CA certs without Security framework.")
                 endif()
             endif()
+        else()
+            message(FATAL_ERROR "Can't enable system CA certs without Apple Security.framework headers.")
         endif()
     endif()
 
@@ -1774,6 +1795,42 @@ if(WOLFSSL_AESKEYWRAP)
         )
 endif()
 
+# Hybrid Public Key Encryption (RFC9180)
+add_option("WOLFSSL_HPKE"
+        "Enable wolfSSL hybrid public key encryption (default: disabled)"
+        "no" "yes;no")
+
+# Encrypted Client Hello (ECH)
+add_option("WOLFSSL_ECH"
+        "Enable wolfSSL encrypted client hello (default: disabled)"
+        "no" "yes;no")
+
+# Keying Material Exporter / TLS Exporter
+add_option("WOLFSSL_KEYING_MATERIAL"
+        "Enable wolfSSL keying material export (default: disabled)"
+        "no" "yes;no")
+
+if(WOLFSSL_HPKE)
+    if(NOT WOLFSSL_ECC)
+        message(FATAL_ERROR "HPKE supported only with ECC (WOLFSSL_ECC)")
+    endif()
+    list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_HPKE")
+    override_cache(WOLFSSL_HKDF "yes")
+endif()
+
+if(WOLFSSL_ECH)
+    if(NOT WOLFSSL_HPKE)
+        message(FATAL_ERROR "ECH supported only with HPKE (WOLFSSL_HPKE)")
+    endif()
+    if(NOT WOLFSSL_SNI)
+        message(FATAL_ERROR "ECH supported only with SNI (WOLFSSL_SNI)")
+    endif()
+    list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_ECH")
+endif()
+
+if(WOLFSSL_KEYING_MATERIAL)
+    list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_KEYING_MATERIAL")
+endif()
 
 if(WOLFSSL_KEYGEN)
     list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_KEY_GEN")
@@ -1841,6 +1898,9 @@ if (WOLFSSL_CAAM)
    list(APPEND WOLFSSL_DEFINITIONS  "-DWOLFSSL_CAAM")
 endif()
 
+if (WOLFSSL_ARIA)
+   list(APPEND WOLFSSL_DEFINITIONS  "-DHAVE_ARIA")
+endif()
 
 # Generates the BUILD_* flags. These control what source files are included in
 # the library. A series of AM_CONDITIONALs handle this in configure.ac.
@@ -1922,7 +1982,6 @@ else()
    set(WOLFSSL_OUTPUT_BASE ${CMAKE_CURRENT_SOURCE_DIR})
 endif()
 set(OPTION_FILE "${WOLFSSL_OUTPUT_BASE}/wolfssl/options.h")
-set(CYASSL_OPTION_FILE "${WOLFSSL_OUTPUT_BASE}/cyassl/options.h")
 
 file(REMOVE ${OPTION_FILE})
 
@@ -1952,14 +2011,6 @@ file(APPEND ${OPTION_FILE} "}\n")
 file(APPEND ${OPTION_FILE} "#endif\n\n\n")
 file(APPEND ${OPTION_FILE} "#endif /* WOLFSSL_OPTIONS_H */\n\n")
 
-# backwards compatibility for those who have included options or version
-file(REMOVE ${CYASSL_OPTION_FILE})
-file(APPEND ${CYASSL_OPTION_FILE} "/* cyassl options.h\n")
-file(APPEND ${CYASSL_OPTION_FILE} " * generated from wolfssl/options.h\n")
-file(APPEND ${CYASSL_OPTION_FILE} " */\n")
-file(READ ${OPTION_FILE} OPTION_FILE_CONTENTS)
-file(APPEND ${CYASSL_OPTION_FILE} ${OPTION_FILE_CONTENTS})
-
 ####################################################
 # Library Target
 ####################################################
@@ -1974,13 +2025,69 @@ set(LIB_SOURCES "")
 # in the *.am files.
 generate_lib_src_list("${LIB_SOURCES}")
 if(BUILD_SHARED_LIBS)
+    message(STATUS "BUILD_SHARED_LIBS enabled: ${LIB_SOURCES}")
     add_library(wolfssl SHARED ${LIB_SOURCES})
 else()
+    message(STATUS "Static Libs: ${LIB_SOURCES}")
     add_library(wolfssl STATIC ${LIB_SOURCES})
 endif()
 
 add_library(wolfssl::wolfssl ALIAS wolfssl)
 
+if (NOT "$ENV{ARIA_DIR}" STREQUAL "")
+    message(STATUS "Found Environment variable ARIA_DIR=$ENV{ARIA_DIR}")
+    if(WOLFSSL_ARIA)
+        message(STATUS "wolfSSL WOLFSSL_ARIA is enabled")
+    else()
+        message(STATUS "wolfSSL WOLFSSL_ARIA is not enabled. To enable, specify a user_settings.h file or run: cmake .. -DWOLFSSL_ARIA=yes")
+        message(STATUS "Clear the ARIA_DIR environment variable to otherwise suppress this message when not using ARIA ciphers.")
+    endif()
+endif()
+
+# ARIA Check
+if(WOLFSSL_ARIA)
+    message(STATUS "WOLFSSL_ARIA is enabled")
+
+    find_package(ARIA)
+
+    if(ARIA_FOUND)
+        message(STATUS "ARIA find_package() success.")
+    else()
+        message(FATAL_ERROR "WOLFSSL_ARIA is enabled, but find_package() did not find ARIA MagicCrypto.\n"
+                            "Check ARIA_DIR environment variable and/or copy MagicCrypto directory locally.")
+    endif()
+
+    list(APPEND WOLFSSL_LINK_LIBS "${ARIA_LIB_FILE}")
+
+    # The cmake target_include_directories() will complain about local directories,
+    # so we'll handle MagicCrypto differently when found in wolfssl.
+    # see below to use include_directories() instead.
+    if(ARIA_IS_LOCAL)
+        # there's also a wolfssl port API to include, plus local ARIA include
+        include_directories("wolfssl/wolfcrypt/port/aria" "MagicCrypto/include")
+    else()
+        # see below for target_include_directories() instead
+        include_directories("wolfssl/wolfcrypt/port/aria")
+        message(STATUS "ARIA_IS_LOCAL is false, appending ${ARIA_INCLUDE_DIR} to WOLFSSL_INCLUDE_DIRS")
+        list(APPEND WOLFSSL_INCLUDE_DIRS "${ARIA_INCLUDE_DIR}")
+    endif()
+
+    add_library(MagicCrypto_lib
+        ${CMAKE_CURRENT_SOURCE_DIR}/wolfcrypt/src/port/aria/aria-crypt.c
+        ${CMAKE_CURRENT_SOURCE_DIR}/wolfcrypt/src/port/aria/aria-cryptocb.c
+    )
+
+    set_target_properties(MagicCrypto_lib PROPERTIES OUTPUT_NAME "MagicCrypto")
+    target_link_libraries(MagicCrypto_lib wolfssl)
+    target_compile_options(MagicCrypto_lib PRIVATE "-DHAVE_ARIA")
+
+    # ARIA was enabled and we successfully found it.
+    set(HAVE_ARIA 1)
+    list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_ARIA")
+
+    message(STATUS "ARIA Check: WOLFSSL_LINK_LIBS    = ${WOLFSSL_LINK_LIBS}")
+endif()
+
 set_target_properties(wolfssl
     PROPERTIES
         SOVERSION ${LIBTOOL_SO_VERSION}
@@ -1997,6 +2104,12 @@ target_compile_definitions(wolfssl PUBLIC ${WOLFSSL_DEFINITIONS})
 # Include Directories
 ####################################################
 
+if("${WOLFSSL_INCLUDE_DIRS}" STREQUAL "")
+    message(STATUS "WOLFSSL_INCLUDE_DIRS is blank. No additional directories will be added.")
+else()
+    message(STATUS "WOLFSSL_INCLUDE_DIRS = ${WOLFSSL_INCLUDE_DIRS}")
+endif()
+
 target_include_directories(wolfssl
     PUBLIC
         $<INSTALL_INTERFACE:include>
@@ -2165,7 +2278,6 @@ include(GNUInstallDirs)
 
 set(HEADER_EXCLUDE
   "internal.h"
-  "cyassl/ctaocrypt/port"
   "wolfssl/wolfcrypt/port/nrf51.h"
   "wolfssl/wolfcrypt/port/arm"
   "wolfssl/wolfcrypt/port/cypress"
@@ -2310,19 +2422,10 @@ install(DIRECTORY ${WOLFSSL_OUTPUT_BASE}/wolfssl/
         DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}/wolfssl
         FILES_MATCHING PATTERN "*.h"
         REGEX ${EXCLUDED_HEADERS_REGEX} EXCLUDE)
-install(DIRECTORY ${WOLFSSL_OUTPUT_BASE}/cyassl/
-        DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}/cyassl
-        FILES_MATCHING PATTERN "*.h"
-        REGEX ${EXCLUDED_HEADERS_REGEX} EXCLUDE)
 install(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/wolfssl/
         DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}/wolfssl
         FILES_MATCHING PATTERN "*.h"
         REGEX ${EXCLUDED_HEADERS_REGEX} EXCLUDE)
-install(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/cyassl/
-        DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}/cyassl
-        FILES_MATCHING PATTERN "*.h"
-        REGEX ${EXCLUDED_HEADERS_REGEX} EXCLUDE)
-
 
 # Install the examples
 install(FILES ${INSTALLED_EXAMPLES}

ChangeLog.md

@@ -1,3 +1,76 @@
+# wolfSSL Release 5.6.4 (Oct 30, 2023)
+
+Release 5.6.4 has been developed according to wolfSSL's development and QA process (see link below) and successfully passed the quality criteria.
+https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
+
+
+NOTE: * --enable-heapmath is being deprecated and will be removed by 2024
+      * Old CyaSSL/CtaoCrypt shim layer was removed in this release (5.6.4)
+
+
+## Vulnerabilities
+
+* [Medium] A fix was added, but still under review for completeness, for a Bleichenbacher style attack, leading to being able to decrypt a saved TLS connection and potentially forge a signature after probing with a large number of trial connections. This issue is around RSA decryption and affects static RSA cipher suites on the server side, which are not recommended to be used and are off by default. Static RSA cipher suites were also removed from the TLS 1.3 protocol and only present in TLS 1.2 and lower. All padding versions of RSA decrypt are affected since the code under review is outside of the padding processing. Information about the private keys is NOT compromised in affected code. It's recommended to disable static RSA cipher suites and update the version of wolfSSL used if using RSA private decryption alone outside of TLS. The fix is located in this pull request (https://github.com/wolfSSL/wolfssl/pull/6896)
+
+## New Feature Additions
+
+* DTLS 1.3 PQC: support fragmenting the second ClientHello message. This allows arbitrarily long keys to be used, opening up support for all PQC ciphersuites in DTLS 1.3.
+* SM2/SM3/SM4: Chinese cipher support including TLS 1.3 and 1.2 cipher suites. SM2 SP implementation available.
+* Ability to parse ASN1 only with SMIME_read_PKCS7
+* Added support for MemUse Entropy on Windows
+* Added Ada Bindings for wolfSSL
+* Added a PEM example that converts to and from DER/PEM.
+* Added LMS/HSS and XMSS/XMSS^MT wolfcrypt hooks, both normal and verify-only options.
+* Added support for the AES EAX mode of operation
+* Port for use with Hitch (https://github.com/varnish/hitch) added
+* Add XTS API's to handle multiple sectors in new port ot VeraCrypt
+
+## Enhancements and Optimizations
+
+* Turned on SNI by default on hosts with resources
+* Improved support for Silicon Labs Simplicity Studio and the ERF32 Gecko SDK
+* Thumb-2 and ARM32 Curve25519 and Ed25519 assembly have significantly improved performance.
+* Thumb-2 AES assembly code added.
+* Thumb-2 and ARM32 SP implementations of RSA, DH and ECC have significantly improved performance.
+* Minor performance improvements to SP ECC for Intel x64.
+* AES-XTS assembly code added for Intel x64, Aarch64 and ARM32.
+* Added support for X963 KDFs to ECIES.
+* Added 32-bit type only implementation of AES GMULT using tables.
+* Add support for nginx version 1.25.0
+* Add support for Kerberos version 5 1.21.1
+* Check all CRL entries in case a single issuer has multiple CRL's loaded
+* CRL verify the entire chain including loaded CA's
+* Added example for building wolfSSL as an Apple universal binary framework using configure
+* Sniffer tool now supports decrypting TLS sessions using secrets obtained from a SSLKEYLOGFILE
+* Updates made for EBSNET port
+* Update "--enable-jni" to include additional defines for expanded JNI support. Also includes JCE and JSSE builds under the single enable option now.
+
+## Fixes
+
+* Fixed error handling when decrypted pre-master secret is too long when using static RSA.
+* Added a fix for keymod use with i.MX RT1170 CAAM blobs
+* Added a fix for AES-GCM use with Petalinux Xilinx
+* Fixed `wc_SignatureGenerate_ex` to not call verify twice
+* Fixed wolfCrypt FIPS DLL on Win32
+* Fixed TFM math library big-endian reading implementation when a zero length buffer is passed in.
+* Fixed NO_CERT configurations to build correctly.
+* Fixed ARM AES-GCM streaming assembly when –enable-opensslextra defined.
+* Added modulus checks to heap math implementation of mp_exptmod().
+* Fixed Windows assembly code to handle that certain XMM registers are non-volatile.
+* Aarch64 SP ECC implementation of sp_256_mont_dbl_4 has the register list for the assembly code fixed to include all used registers.
+* mp_sqrt_mod_prime fixed to limit the number of iterations of a loop to handle malicious non-prime values being passed in.
+* Ignore session ID's shorter than 32 bytes instead of erroring out
+
+# wolfSSL Release 5.6.3 (Jun 16, 2023)
+
+Release 5.6.3 of wolfSSL embedded TLS has 4 bug fixes:
+
+* Fix for setting the atomic macro options introduced in release 5.6.2. This issue affects GNU gcc autoconf builds. The fix resolves a potential mismatch of the generated macros defined in options.h file and the macros used when the wolfSSL library is compiled. In version 5.6.2 this mismatch could result in unstable runtime behavior.
+* Fix for invalid suffix error with Windows build using the macro GCM_TABLE_4BIT.
+* Improvements to Encrypted Memory support (WC_PROTECT_ENCRYPTED_MEM) implementations for modular exponentiation in SP math-all (sp_int.c) and TFM (tfm.c).
+* Improvements to SendAlert for getting output buffer.
+
+
 # wolfSSL Release 5.6.2 (Jun 09, 2023)
 
 Release 5.6.2 has been developed according to wolfSSL's development and QA process (see link below) and successfully passed the quality criteria.
@@ -3245,7 +3318,7 @@ More info can be found on-line at //http://wolfssl.com/yaSSL/Docs.html
   a) If using wolfSSL for DTLS on the server side of a publicly accessible
      machine you MUST update.
   b) If using wolfSSL for TLS on the server side with private RSA keys allowing
-     ephemeral key exchange without low memory optimziations you MUST update and
+     ephemeral key exchange without low memory optimizations you MUST update and
      regenerate the private RSA keys.
 
      Please see https://www.wolfssl.com/wolfSSL/Blog/Blog.html for more details

Docker/Dockerfile

@@ -5,21 +5,49 @@ USER root
 
 ARG DEPS_WOLFSSL="build-essential autoconf libtool clang clang-tools zlib1g-dev libuv1-dev libpam0g-dev valgrind git linux-headers-generic gcc-multilib g++-multilib libpcap-dev bubblewrap gdb iputils-ping lldb bsdmainutils netcat binutils-arm-linux-gnueabi binutils-aarch64-linux-gnu"
 ARG DEPS_LIBOQS="astyle cmake gcc ninja-build libssl-dev python3-pytest python3-pytest-xdist unzip xsltproc doxygen graphviz python3-yaml valgrind git"
+ARG DEPS_UDP_PROXY="wget libevent-dev"
 ARG DEPS_TESTS="abi-dumper libcurl4-openssl-dev tcpdump"
+ARG DEPS_TOOLS="ccache"
 RUN DEBIAN_FRONTEND=noninteractive apt update && apt install -y apt-utils \
-                    && apt install -y ${DEPS_WOLFSSL} ${DEPS_LIBOQS} ${DEPS_TESTS} \
+                    && apt install -y ${DEPS_WOLFSSL} ${DEPS_LIBOQS} ${DEPS_UDP_PROXY} ${DEPS_TESTS} ${DEPS_TOOLS} \
                     && apt clean -y && rm -rf /var/lib/apt/lists/*
 
+# Add 'docker' user
 ARG USER=docker
 ARG UID=1000
 ARG GID=1000
 RUN groupadd -f -g ${GID} docker && ( getent passwd ${UID} || useradd -ms /bin/bash ${USER} -u ${UID} -g ${GID} )
 
+# Add github.com as an SSH known host
+RUN ssh -o StrictHostKeyChecking=no -T git@github.com; cat ~/.ssh/known_hosts >> /etc/ssh/ssh_known_hosts
+
+# install ccache
+RUN mkdir -p /opt/ccache/bin && for prog in gcc g++ cc c++ cpp arm-none-eabi-c++ arm-none-eabi-cpp arm-none-eabi-gcc arm-none-eabi-g++; do ln -s /usr/bin/ccache /opt/ccache/bin/$(basename $prog); done
+ENV PATH /opt/ccache/bin:$PATH
+
 # install liboqs
-RUN git clone --single-branch https://github.com/open-quantum-safe/liboqs.git && cd liboqs && git checkout af76ca3b1f2fbc1f4f0967595f3bb07692fb3d82 \
+RUN git clone --single-branch https://github.com/open-quantum-safe/liboqs.git && cd liboqs && git checkout db08f12b5a96aa6582a82aac7f65cf8a4d8b231f \
     && mkdir build && cd build && cmake -DOQS_DIST_BUILD=ON -DOQS_USE_CPUFEATURE_INSTRUCTIONS=OFF -DOQS_USE_OPENSSL=0 .. && make -j8 all && make install && cd ../.. && rm -rf liboqs
 
+RUN mkdir /opt/sources
+
+# install liblms
+RUN cd /opt/sources && git clone --single-branch https://github.com/cisco/hash-sigs.git && cd hash-sigs && git checkout b0631b8891295bf2929e68761205337b7c031726 \
+    && sed -i 's/USE_OPENSSL 1/USE_OPENSSL 0/g' sha256.h && make -j4 hss_lib_thread.a
+
+# Install pkixssh to /opt/pkixssh for X509 interop testing with wolfSSH
+RUN mkdir /var/empty
+RUN cd /opt/sources && wget -q -O- https://roumenpetrov.info/secsh/src/pkixssh-14.1.1.tar.gz | tar xzf - && cd pkixssh-14.1.1 && ./configure --prefix=/opt/pkixssh/ --exec-prefix=/opt/pkixssh/ && make install
+
+# Install udp/tcp-proxy
+RUN cd /opt/sources && git clone --depth=1 --single-branch --branch=main http://github.com/wolfssl/udp-proxy && cd udp-proxy && make && cp tcp_proxy udp_proxy /bin/.
+
 # Allow non-root to use tcpdump (will need NET_RAW and NET_ADMIN capability when running the container)
 RUN setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/tcpdump
+# Allow non-root to use gdb on processes (will need SYS_PTRACE capability when running the container)
+RUN setcap 'CAP_SYS_PTRACE+eip' /usr/bin/gdb
 
-USER ${UID}:${GID}
+# Add in Jenkins userID
+RUN for i in $(seq 1001 1010); do ( getent passwd ${i} || useradd -ms /bin/bash jenkins${i} -u ${i} -g ${GID} ); done
+
+USER ${UID}:${GID}

Docker/Dockerfile.cross-compiler

@@ -0,0 +1,11 @@
+ARG DOCKER_BASE_IMAGE=wolfssl/wolfssl-builder
+FROM $DOCKER_BASE_IMAGE
+
+USER root
+
+ARG DEPS_TESTING="gcc-arm-linux-gnueabi gcc-aarch64-linux-gnu"
+RUN DEBIAN_FRONTEND=noninteractive apt update \
+                    && apt install -y ${DEPS_TESTING} \
+                    && apt clean -y && rm -rf /var/lib/apt/lists/*
+
+USER docker

Docker/OpenWrt/runTests.sh

@@ -1,23 +1,27 @@
 #!/bin/sh
 
 runCMD() { # usage: runCMD "<command>" "<retVal>"
-    eval $1 >/dev/null 2>&1
+    TMP_FILE=$(mktemp)
+    eval $1 > $TMP_FILE 2>&1
     RETVAL=$?
     if [ "$RETVAL" != "$2" ]; then
-        echo "Command ($1) returned ${RETVAL}, but expected $2. Rerunning with output to terminal:"
-        eval $1
+        echo "Command ($1) returned ${RETVAL}, but expected $2. Error output:"
+        cat $TMP_FILE
         exit 1
     fi
 }
 
 # Successful tests
 runCMD "ldd /lib/libustream-ssl.so" 0
+# Temporary workaround: comment out missing kmods repo line for 21.02 specifically.
+# Remove after fixed upstream.
+runCMD "sed '\/src\/gz openwrt_kmods https:\/\/downloads.openwrt.org\/releases\/21.02-SNAPSHOT\/targets\/x86\/64\/kmods\/5.4.238-1-5a722da41bc36de95a7195be6fce1b45/s//#&/' -i /etc/opkg/distfeeds.conf" 0
 runCMD "opkg update" 0
-runCMD "uclient-fetch -O /dev/null 'https://letsencrypt.org'" 0
+runCMD "uclient-fetch 'https://letsencrypt.org'" 0
 # Negative tests
-runCMD "uclient-fetch --ca-certificate=/dev/null -O /dev/null 'https://letsencrypt.org'" 5
-runCMD "uclient-fetch -O /dev/null 'https://self-signed.badssl.com/'" 5
-runCMD "uclient-fetch -O /dev/null 'https://untrusted-root.badssl.com/'" 5
-runCMD "uclient-fetch -O /dev/null 'https://expired.badssl.com/'" 5
+runCMD "uclient-fetch --ca-certificate=/dev/null 'https://letsencrypt.org'" 5
+runCMD "uclient-fetch 'https://self-signed.badssl.com/'" 5
+runCMD "uclient-fetch 'https://untrusted-root.badssl.com/'" 5
+runCMD "uclient-fetch 'https://expired.badssl.com/'" 5
 
 echo "All tests passed."

Docker/README.md

@@ -1,7 +1,10 @@
 # Overview
-This is a simple Docker environment for compiling and running WolfSSL. Use `run.sh` to build everything (Docker container, WolfSSL, etc.). This script takes in arguments that can be passed to `./configure`. For example: `run.sh --enable-all`
+This is a Docker environment for compiling, testing and running WolfSSL. Use `run.sh` to build everything (Docker container, WolfSSL, etc.). This script takes in arguments that can be passed to `./configure`. For example: `run.sh --enable-all`
 
-When the compilation and tests succeed, you will be dropped in to a shell environment within the container. This can be useful to build other things within the environment.
+When the compilation and tests succeed, you will be dropped in to a shell environment within the container. This can be useful to build other things within the environment. Additional tests can be run as well as debugging of code.
+
+# Docker Hub
+These images are also uploaded to the wolfSSL's [Docker Hub page](https://hub.docker.com/orgs/wolfssl/repositories). There is a convenience script here `buildAndPush.sh` that will create the appropriate containers and push them to the repo.
 
 # FAQ
 ## permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock
@@ -10,4 +13,4 @@ You need to be added to the `docker` group to run Docker containers. Run `sudo u
 ## Unable to access symlinked files outside of WolfSSL
 The volume mounted in the Docker container needs to have all files that your compilation will need. To solve this, you have a couple options:
 1. Change the `WOLFSSL_DIR` variable in the `run.sh` to one higher up (by adding `/..` to the path). Then update the `docker build` to include the correct path to the Dockerfile and the `docker run` argument to the working directory (`-w`) to the WolfSSL source directory
-2. Move the external repository to within the WolfSSL directory. For example create an `external` folder which has your files. This route may have complications when stashing Git work.
+2. Move the external repository to within the WolfSSL directory. For example create an `external` folder which has your files. This route may have complications when stashing Git work.

Docker/buildAndPush.sh

@@ -0,0 +1,37 @@
+#!/bin/bash
+
+# Assume we're in wolfssl/Docker
+WOLFSSL_DIR=$(builtin cd ${BASH_SOURCE%/*}/..; pwd)
+
+DOCKER_BUILD_OPTIONS="$1"
+if [ "${DOCKER_BASE_IMAGE}" != "" ]; then
+    DOCKER_BUILD_OPTIONS+=" --build-arg DOCKER_BASE_IMAGE=${DOCKER_BASE_IMAGE}"
+fi
+
+NUM_FAILURES=0
+
+CUR_DATE=$(date -u +%F)
+echo "Building wolfssl/wolfssl-builder:${CUR_DATE} as ${DOCKER_BUILD_OPTIONS}"
+docker build -t wolfssl/wolfssl-builder:${CUR_DATE} ${DOCKER_BUILD_OPTIONS} "${WOLFSSL_DIR}/Docker" && \
+    docker tag wolfssl/wolfssl-builder:${CUR_DATE} wolfssl/wolfssl-builder:latest && \
+    docker build --build-arg DOCKER_BASE_IMAGE=wolfssl/wolfssl-builder:${CUR_DATE} -t wolfssl/testing-cross-compiler:${CUR_DATE} "${WOLFSSL_DIR}/Docker" -f Dockerfile.cross-compiler && \
+    docker tag wolfssl/testing-cross-compiler:${CUR_DATE} wolfssl/testing-cross-compiler:latest
+
+if [ $? -eq 0 ]; then
+    echo "Pushing containers to DockerHub"
+    docker push wolfssl/wolfssl-builder:${CUR_DATE} && docker push wolfssl/wolfssl-builder:latest && \
+        docker push wolfssl/testing-cross-compiler:${CUR_DATE} && docker push wolfssl/testing-cross-compiler:latest
+else
+    echo "Warning: Build wolfssl/wolfssl-builder failed. Continuing"
+    ((NUM_FAILURES++))
+fi
+
+echo "Building wolfssl/wolfCLU:${CUR_DATE}"
+docker buildx build --pull --push --build-arg DUMMY=${CUR_DATE} -t wolfssl/wolfclu:${CUR_DATE} --platform=linux/amd64,linux/arm64,linux/arm/v7 "${WOLFSSL_DIR}/Docker/wolfCLU" && \
+docker buildx build --pull --push --build-arg DUMMY=${CUR_DATE} -t wolfssl/wolfclu:latest      --platform=linux/amd64,linux/arm64,linux/arm/v7 "${WOLFSSL_DIR}/Docker/wolfCLU"
+if [ $? -ne 0 ]; then
+    echo "Warning: Build wolfssl/wolfclu failed. Continuing"
+    ((NUM_FAILURES++))
+fi
+
+echo "Script completed in $SECONDS seconds. Had $NUM_FAILURES failures."

Docker/include.am

@@ -3,9 +3,11 @@
 # All paths should be given relative to the root
 
 EXTRA_DIST+= Docker/Dockerfile
+EXTRA_DIST+= Docker/Dockerfile.cross-compiler
 EXTRA_DIST+= Docker/run.sh
 EXTRA_DIST+= Docker/README.md
 
+ignore_files+=Docker/buildAndPush.sh
 ignore_files+=Docker/OpenWRT/Dockerfile
 ignore_files+=Docker/OpenWRT/runTests.sh
 ignore_files+=Docker/OpenWRT/README.md

Docker/packaging/debian/Dockerfile

@@ -0,0 +1,6 @@
+FROM debian:latest
+
+RUN apt-get -y update
+RUN apt-get -y upgrade
+RUN apt-get install -y build-essential autoconf gawk debhelper lintian
+

Docker/packaging/fedora/Dockerfile

@@ -0,0 +1,3 @@
+FROM fedora:latest
+
+RUN dnf install -y make automake gcc rpmdevtools

Docker/run.sh

@@ -5,9 +5,9 @@ echo "Running with \"${*}\"..."
 # Assume we're in wolfssl/Docker
 WOLFSSL_DIR=$(builtin cd ${BASH_SOURCE%/*}/..; pwd)
 
-docker build -t wolfssl --build-arg UID=$(id -u) --build-arg GID=$(id -g) "${WOLFSSL_DIR}/Docker" && \
-  docker run --rm -it -v ${HOME}/.gitconfig:/home/docker/.gitconfig:ro -v ${HOME}/.ssh:/home/docker/.ssh:ro -v "${WOLFSSL_DIR}:/tmp/wolfssl" -w /tmp/wolfssl wolfssl /bin/bash -c "./autogen.sh && ./configure ${*@Q} && make" && \
-  docker run --rm -it -v ${HOME}/.gitconfig:/home/docker/.gitconfig:ro -v ${HOME}/.ssh:/home/docker/.ssh:ro -v "${WOLFSSL_DIR}:/tmp/wolfssl" -w /tmp/wolfssl wolfssl /bin/bash
+docker build -t wolfssl/wolfssl-builder --build-arg UID=$(id -u) --build-arg GID=$(id -g) "${WOLFSSL_DIR}/Docker" && \
+  docker run --rm -it -v ${HOME}/.gitconfig:/home/docker/.gitconfig:ro -v ${HOME}/.ssh:/home/docker/.ssh:ro -v "${WOLFSSL_DIR}:/tmp/wolfssl" -w /tmp/wolfssl wolfssl/wolfssl-builder /bin/bash -c "./autogen.sh && ./configure ${*@Q} && make" && \
+  docker run --rm -it -v ${HOME}/.gitconfig:/home/docker/.gitconfig:ro -v ${HOME}/.ssh:/home/docker/.ssh:ro -v "${WOLFSSL_DIR}:/tmp/wolfssl" -w /tmp/wolfssl wolfssl/wolfssl-builder /bin/bash
 
 exitval=$?
 echo "Exited with error code $exitval"

Docker/wolfCLU/Dockerfile

@@ -21,6 +21,6 @@ USER root
 COPY --from=BUILDER /usr/local/lib/libwolfssl.so /usr/local/lib/
 COPY --from=BUILDER /usr/local/bin/wolfssl* /usr/local/bin/
 RUN ldconfig
-CMD ["/usr/local/bin/wolfssl"]
+ENTRYPOINT ["/usr/local/bin/wolfssl"]
 LABEL org.opencontainers.image.source=https://github.com/wolfssl/wolfssl
 LABEL org.opencontainers.image.description="Simple wolfCLU in a container"

IDE/AURIX/user_settings.h

@@ -98,7 +98,6 @@ extern unsigned int my_rng_seed_gen(void);
 
     #define WOLFSSL_SP_NO_MALLOC
     //#define WOLFSSL_SP_DIV_32 /* do not use 64-bit divides */
-    //#define WOLFSSL_SP_CACHE_RESISTANT
 
     /* use smaller version of code */
     #define WOLFSSL_SP_SMALL
@@ -205,7 +204,7 @@ extern unsigned int my_rng_seed_gen(void);
             /* use heap allocation for ECC points */
             #define ALT_ECC_SIZE
 
-            /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
+            /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
             //#define FP_MAX_BITS_ECC (256 * 2)
         #endif
 

IDE/CRYPTOCELL/user_settings.h

@@ -88,7 +88,6 @@ extern "C" {
     #define WOLFSSL_HAVE_SP_RSA
     #define WOLFSSL_HAVE_SP_DH
     #define WOLFSSL_HAVE_SP_ECC
-    #define WOLFSSL_SP_CACHE_RESISTANT
     //#define WOLFSSL_SP_MATH     /* only SP math - eliminates fast math code */
 
     /* Assembly */

IDE/ECLIPSE/DEOS/user_settings.h

@@ -85,7 +85,6 @@ You can get the current time from https://www.unixtimestamp.com/ */
     #define WOLFSSL_SP_4096 /* Enable RSA/RH 4096-bit support */
     #define WOLFSSL_SP_384 /* Enable ECC 384-bit SECP384R1 support */
 
-    //#define WOLFSSL_SP_CACHE_RESISTANT
     #define WOLFSSL_SP_MATH     /* only SP math - disables integer.c/tfm.c */
     //#define WOLFSSL_SP_MATH_ALL /* use SP math for all key sizes and curves */
 

IDE/ECLIPSE/MICRIUM/README.md

@@ -118,41 +118,41 @@ memcb    test passed!
  wolfSSL version 3.15.5
 ------------------------------------------------------------------------------
 wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
-RNG               225 KB tooks 1.026 seconds,  219.313 KB/s
-AES-128-CBC-enc    250 KB toks 1.105 seconds  226.210 KB/s
-AES-128-CBC-dec    225 KB tooks 1.005 seconds,  223.922 KB/s
-AES-192-CBC-enc    225 KB tooks 1.076 seconds, 209.104 KB/s
-AES-192-CBC-dec    225 KB tooks 1.077 seconds,  208.981 K/s
-AES-56-CBC-enc    200 KB tooks 1.029 seconds,  19.396 KB/s
-AES-256-CBC-dec    200 KB toks 1.022 seconds,  195.785 KB/s
-AES-128-GCM-enc    125 KB tooks 1.28 secnds,  101.70 KB/s
-AES-128-GC-dec    125 KB tooks 1.228 seconds  101.756 KB/s
-AES-192-GCM-enc    100 KB tooks 1.026 seconds,   97.493 KB/s
-AES-192-GCM-dec    100 KB tooks 1.026 seconds,   97.480 KB/s
-AES-256-GCM-enc    100 KB tooks 1.065 seconds,   93.909 KB/s
-AES-256-GC-dec    100 KB tooks 1.065 seconds,   93.897 KB/s
-RABBIT               2 MB tooks 1.011 seconds,    2.19 MB/s
-3DES              100 KB tooks 1.007 sconds,   99.312 KB/s
-MD5                  3MB tooks 1.008 seonds,    2.907 MBs
-SHA                  1 MB tooks 1.09 secnds,    1.283 MB/s
-SHA-256            575 KB tooks 1.037 seconds,  554.501 KB/s
-SHA-512            200 KB tooks 1.003 seconds,  199.444 KB/s
-HMAC-MD5            3 B tooks 1.002 seconds,   2.876 MB/s
-HMAC-SHA26        550 KB tooks 1.000 seconds,  549.95 KB//s
-HMAC-SHA512       200 KB toks 1.018 seconds,  196.452 KB/s
-RSA     2048 public          8 ops took 1.025 sec, avg 128.135 ms, 7.804 op/sec
-RSA     2048 private        2 ops took 4.972 ec, avg 2485.951 s, 0.402 ops/sec
-DH      2048 key en         2 ops took 1.927 sec, avg 96.303 ms, 1.038 op/sec
-DH     2048 agree           2ops took 1.937 sc, avg 968.578 ms, 1.032 ops/sec
-ECC      256 key gen         3 ops took 1.185 sec, avg 394.944 ms, 2.53 ops/sec
-ECDHE    256 agree           4 ops took 1.585 sec, avg 396.168 ms, 2.524 ops/sec
-ECSA    256 sign            4 ops took 1.611 sec, avg 402.865 ms, 2.482 ops/sec
-ECDSA   256verif          2 ops tok 1.586 sec, avg 793.153 ms, 1.261 opssec
-CURVE  25519 key gen         2 ops took 1.262 sec, avg 630.907 ms, 1.585 ops/sec
-CURE  25519 agree           2 ops took 1.261 sec, avg630.469 ms, 1.586 ops/sec
-ED     2519 key gen        2 ops took 1.27 sec, avg 66.099ms, 1.572 ops/sec
-ED     25519 sign            2 ops took 1.303 sec, ag 65.633 ms, 1.35 op/sec
-ED     25519 verify          2 ops took 2.674 sec, avg1337.68 ms 0.748 ops/ec
+RNG               225 KB took 1.026 seconds,  219.313 KB/s
+AES-128-CBC-enc    250 KB took 1.105 seconds  226.210 KB/s
+AES-128-CBC-dec    225 KB took 1.005 seconds,  223.922 KB/s
+AES-192-CBC-enc    225 KB took 1.076 seconds, 209.104 KB/s
+AES-192-CBC-dec    225 KB took 1.077 seconds,  208.981 K/s
+AES-56-CBC-enc    200 KB took 1.029 seconds,  19.396 KB/s
+AES-256-CBC-dec    200 KB took 1.022 seconds,  195.785 KB/s
+AES-128-GCM-enc    125 KB took 1.28 seconds,  101.70 KB/s
+AES-128-GC-dec    125 KB took 1.228 seconds  101.756 KB/s
+AES-192-GCM-enc    100 KB took 1.026 seconds,   97.493 KB/s
+AES-192-GCM-dec    100 KB took 1.026 seconds,   97.480 KB/s
+AES-256-GCM-enc    100 KB took 1.065 seconds,   93.909 KB/s
+AES-256-GC-dec    100 KB took 1.065 seconds,   93.897 KB/s
+RABBIT               2 MB took 1.011 seconds,    2.19 MB/s
+3DES              100 KB took 1.007 seconds,   99.312 KB/s
+MD5                  3MB took 1.008 seconds,    2.907 MBs
+SHA                  1 MB took 1.09 secends,    1.283 MB/s
+SHA-256            575 KB took 1.037 seconds,  554.501 KB/s
+SHA-512            200 KB took 1.003 seconds,  199.444 KB/s
+HMAC-MD5            3 B took 1.002 seconds,   2.876 MB/s
+HMAC-SHA26        550 KB took 1.000 seconds,  549.95 KB//s
+HMAC-SHA512       200 KB topk 1.018 seconds,  196.452 KB/s
+RSA     2048 public          8 ops took 1.025 seconds, avg 128.135 ms, 7.804 ops/s
+RSA     2048 private        2 ops took 4.972 seconds, avg 2485.951 s, 0.402 ops/s
+DH      2048 key en         2 ops took 1.927 seconds, avg 96.303 ms, 1.038 ops/s
+DH     2048 agree           2ops took 1.937 seconds, avg 968.578 ms, 1.032 ops/s
+ECC      256 key gen         3 ops took 1.185 seconds, avg 394.944 ms, 2.53 ops/s
+ECDHE    256 agree           4 ops took 1.585 seconds, avg 396.168 ms, 2.524 ops/s
+ECSA    256 sign            4 ops took 1.611 seconds, avg 402.865 ms, 2.482 ops/s
+ECDSA   256verif          2 ops took 1.586 seconds, avg 793.153 ms, 1.261 ops/s
+CURVE  25519 key gen         2 ops took 1.262 seconds, avg 630.907 ms, 1.585 ops/s
+CURE  25519 agree           2 ops took 1.261 seconds, avg630.469 ms, 1.586 ops/s
+ED     2519 key gen        2 ops took 1.27 seconds, avg 66.099 ms, 1.572 ops/s
+ED     25519 sign            2 ops took 1.303 seconds, ag 65.633 ms, 1.35 ops/s
+ED     25519 verify          2 ops took 2.674 seconds, avg1337.68 ms 0.748 ops/s
 ```
 ### `WOLFSSL_CLIENT_TEST` wolfssl_client_test()
 

IDE/Espressif/ESP-IDF/README.md

@@ -6,6 +6,7 @@ and have not yet been upgraded to the master branch V5.
 See the latest [migration guides](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/migration-guides/index.html).
 
 ## Overview
+
  ESP-IDF development framework with wolfSSL by setting *WOLFSSL_ESPIDF* definition
 
 Including the following examples:
@@ -17,29 +18,57 @@ Including the following examples:
  The *user_settings.h* file enables some of the hardened settings.
 
 ## Requirements
+
  1. [ESP-IDF development framework](https://docs.espressif.com/projects/esp-idf/en/latest/get-started/)
 
 ## Setup for Linux
+
  1. Run `setup.sh` at _/path/to_`/wolfssl/IDE/Espressif/ESP-IDF/` to deploy files into ESP-IDF tree  
  2. Find Wolfssl files at _/path/to/esp_`/esp-idf/components/wolfssl/`
- 3. Find [Example programs](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples) under _/path/to/esp_`/esp-idf/examples/protocols/wolfssl_xxx` (where xxx is the project name)
+ 3. Find [Example Programs](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples) under _/path/to/esp_`/esp-idf/examples/protocols/wolfssl_xxx` (where xxx is the project name)
 
 ## Setup for Windows
+
  1. Run ESP-IDF Command Prompt (cmd.exe) or Run ESP-IDF PowerShell Environment
  2. Run `setup_win.bat` at `.\IDE\Espressif\ESP-IDF\`
  3. Find Wolfssl files at _/path/to/esp_`/esp-idf/components/wolfssl/`
  4. Find [Example programs](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples) under _/path/to/esp_`/esp-idf/examples/protocols/wolfssl_xxx` (where xxx is the project name)
 
+## Setup for VisualGDB
+
+### Clone a specific version:
+
+```
+C:\SysGCC\esp32\esp-idf>git clone -b v5.0.2 --recursive https://github.com/espressif/esp-idf.git v5.0.2
+```
+
 ## Configuration
+
  1. The `user_settings.h` can be found in _/path/to/esp_`/esp-idf/components/wolfssl/include/user_settings.h`
 
 ## Build examples
+
  1. See README in each example folder
 
 ## Support
+
  For question please email [support@wolfssl.com]
 
  Note: This is tested with :  
-   - OS: Ubuntu 20.04.3 LTS and Microsoft Windows 10 Pro 10.0.19041 and well as WSL Ubuntu
+   - OS: Ubuntu 20.04.3 LTS
+   - Microsoft Windows 10 Pro 10.0.19041 
+   - WSL Ubuntu
+
    - ESP-IDF: ESP-IDF v4.3.2
    - Module : ESP32-WROOM-32
+
+## JTAG Debugging
+
+All of the examples are configured to use either the on-board JTAG (when available) or
+the open source [Tigard multi-protocol tool for hardware hacking](https://github.com/tigard-tools/tigard).
+
+VisualGDB users should find the configuration file in the `interface\ftdi` directory:
+
+```
+C:\Users\%USERNAME%\AppData\Local\VisualGDB\EmbeddedDebugPackages\com.sysprogs.esp32.core\share\openocd\scripts\interface\ftdi
+```

IDE/Espressif/ESP-IDF/README_32se.md

@@ -15,7 +15,7 @@ Including the following examples:
 2. Microchip CryptoAuthentication Library: https://github.com/MicrochipTech/cryptoauthlib
 
 ## Setup
-1. Comment out `#define WOLFSSL_ESPWROOM32` in `/path/to/wolfssl/IDE/Espressif/ESP-IDF/user_settings.h`\
+1. Comment out `#define WOLFSSL_ESP32` in `/path/to/wolfssl/IDE/Espressif/ESP-IDF/user_settings.h`\
    Uncomment out `#define WOLFSSL_ESPWROOM32SE` in `/path/to/wolfssl/IDE/Espressif/ESP-IDF/user_settings.h`
     * **Note:** crypt test will fail if enabled `WOLFSSL_ESPWROOM32SE`
 3. wolfSSL under ESP-IDF. Please see [README.md](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/README.md)

IDE/Espressif/ESP-IDF/examples/template/CMakeLists.txt

@@ -0,0 +1,43 @@
+# The following lines of boilerplate have to be in your project's
+# CMakeLists in this exact order for cmake to work correctly
+cmake_minimum_required(VERSION 3.5)
+
+# set(WOLFSSL_ROOT "~/workspace/wolfssl-other-source")
+
+# This tag is used to include this file in the ESP Component Registry:
+# __ESP_COMPONENT_SOURCE__
+
+# Optional WOLFSSL_CMAKE_SYSTEM_NAME detection to find
+# USE_MY_PRIVATE_CONFIG path for my_private_config.h
+#
+if(WIN32)
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
+    message("Detected Windows")
+endif()
+if(CMAKE_HOST_UNIX)
+    message("Detected UNIX")
+endif()
+if(APPLE)
+    message("Detected APPLE")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
+    message("Detected WSL")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
+    message("Detected Linux")
+endif()
+if(APPLE)
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
+    message("Detected Apple")
+endif()
+# End optional WOLFSSL_CMAKE_SYSTEM_NAME
+
+include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+
+project(wolfssl_template)

IDE/Espressif/ESP-IDF/examples/template/README.md

@@ -0,0 +1,64 @@
+# wolfSSL Template Project
+
+This is an example minimally viable wolfSSL template to get started with your own project.
+
+### Prerequisites
+
+It is assumed the [ESP-IDF environment](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/get-started/) has been installed.
+
+### Files Included
+
+- [main.c](./main/main.c) with a simple call to an Espressif library (`ESP_LOGI`) and a call to a wolfSSL library (`esp_ShowExtendedSystemInfo`) . 
+
+- See [components/wolfssl/include](./components/wolfssl/include/user_settings.h) directory to edit the wolfSSL `user_settings.h`.
+
+- Edit [main/CMakeLists.txt](./main/CMakeLists.txt) to add/remove source files.
+
+- The [components/wolfssl/CMakeLists.txt](./components/wolfssl/CMakeLists.txt) typically does not need to be changed.
+
+- Optional [VisualGDB Project](./VisualGDB/wolfssl_template_IDF_v5.1_ESP32.vgdbproj) for Visual Studio using ESP32 and ESP-IDF v5.1.
+
+- Edit the project [CMakeLists.txt](./CMakeLists.txt) to optionally point this project's wolfSSL component source code at a different directory:
+
+```
+set(WOLFSSL_ROOT "~/workspace/wolfssl-other-source")
+```
+
+
+## Getting Started:
+
+Here's an example using the command-line [idf.py](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/tools/idf-py.html).
+
+Edit your `WRK_IDF_PATH`to point to your ESP-IDF install directory.
+
+```
+WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.1
+
+echo "Run export.sh from ${WRK_IDF_PATH}"
+. ${WRK_IDF_PATH}/export.sh
+
+# build the example:
+idf.py build
+
+# flash the code onto the serial device at /dev/ttyS19
+idf.py flash -p /dev/ttyS19 -b 115200
+
+# build, flash, and view UART output with one command:
+idf.py flash -p /dev/ttyS19 -b 115200 monitor
+```
+
+Press `Ctrl+]` to exit `idf.py monitor`. See [additional monitor keyboard commands](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/tools/idf-monitor.html).
+
+## Other Examples:
+
+For examples, see:
+
+- [TLS Client](../wolfssl_client/README.md)
+- [TLS Server](../wolfssl_server/README.md)
+- [Benchmark](../wolfssl_benchmark/README.md)
+- [Test](../wolfssl_test/README.md)
+- [wolfssl-examples](https://github.com/wolfSSL/wolfssl-examples/tree/master/ESP32)
+- [wolfssh-examples](https://github.com/wolfSSL/wolfssh-examples/tree/main/Espressif)
+
+
+

IDE/Espressif/ESP-IDF/examples/template/VisualGDB/wolfssl_template_IDF_v5.1_ESP32.vgdbproj

@@ -0,0 +1,269 @@
+<?xml version="1.0"?>
+<VisualGDBProjectSettings2 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+  <Project xsi:type="com.visualgdb.project.external.esp-idf">
+    <CustomSourceDirectories>
+      <Directories />
+      <PathStyle>Unknown</PathStyle>
+    </CustomSourceDirectories>
+    <AutoProgramSPIFFSPartition>true</AutoProgramSPIFFSPartition>
+    <ProjectModeSettings>
+      <ProjectGUID>7bbd1486-d457-4e49-92ba-0cfc9d80849e</ProjectGUID>
+      <GroupSourcesByTypes>true</GroupSourcesByTypes>
+      <GroupSourcesByPaths>true</GroupSourcesByPaths>
+      <HeaderScanMode>SourceDirs</HeaderScanMode>
+    </ProjectModeSettings>
+  </Project>
+  <Build xsi:type="com.visualgdb.build.cmake">
+    <BuildLogMode xsi:nil="true" />
+    <ToolchainID>
+      <ID>com.visualgdb.xtensa-esp32-elf</ID>
+      <Version>
+        <GCC>12.2.0</GCC>
+        <GDB>12.1</GDB>
+        <Revision>1</Revision>
+      </Version>
+    </ToolchainID>
+    <RelativeSourceDirectory>..</RelativeSourceDirectory>
+    <ConfigurationType>DEBUG</ConfigurationType>
+    <BinaryDirectory>build/$(PlatformName)/$(ConfigurationName)</BinaryDirectory>
+    <MakeCommandTemplate>
+      <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+      <Command>$(ToolchainNinja)</Command>
+      <WorkingDirectory>$(BuildDir)</WorkingDirectory>
+      <BackgroundMode xsi:nil="true" />
+    </MakeCommandTemplate>
+    <CMakeCommand>
+      <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+      <Command>$(SYSPROGS_CMAKE_PATH)</Command>
+      <BackgroundMode xsi:nil="true" />
+    </CMakeCommand>
+    <UpdateSourcesInCMakeFile>true</UpdateSourcesInCMakeFile>
+    <ExportCompileCommands>false</ExportCompileCommands>
+    <DisableToolchainFile>false</DisableToolchainFile>
+    <CMakeMakefileType>Ninja</CMakeMakefileType>
+    <DeployAsRoot>false</DeployAsRoot>
+    <CMakeCleanMode>RemoveBuildDirectory</CMakeCleanMode>
+    <UseCCache>false</UseCCache>
+    <ProjectModeSettings>
+      <ProjectItemSettings>
+        <GroupSourcesByTypes>true</GroupSourcesByTypes>
+        <GroupSourcesByPaths>true</GroupSourcesByPaths>
+        <GroupTargetsByPaths>true</GroupTargetsByPaths>
+        <FollowCMakeSourceGroups>false</FollowCMakeSourceGroups>
+        <AutoRefreshProject>true</AutoRefreshProject>
+        <AlwaysConsiderOutdated>false</AlwaysConsiderOutdated>
+        <SortTargetsByName>true</SortTargetsByName>
+        <RedundantTargetMode>HideOuterProjectTargets</RedundantTargetMode>
+        <SortSourcesByName>true</SortSourcesByName>
+        <BuildAllTargetsInSubdir>false</BuildAllTargetsInSubdir>
+        <FoldSingleItemPathLevels>true</FoldSingleItemPathLevels>
+      </ProjectItemSettings>
+      <TargetSpecificSettings />
+      <SetLDLibraryPathFromDependentArtifacts>true</SetLDLibraryPathFromDependentArtifacts>
+      <ProjectGUID>eadcc9ab-72b3-4b51-a838-593e5d80ddf7</ProjectGUID>
+      <VirtualFolders />
+      <ConfigurationNameCase>Upper</ConfigurationNameCase>
+      <DefaultHeaderDiscoveryMode>HeaderDirectoryAndSubdirectories</DefaultHeaderDiscoveryMode>
+      <EnableFastUpToDateCheck>true</EnableFastUpToDateCheck>
+      <ESPIDFExtension>
+        <IDFCheckout>
+          <Version>release/v5.1</Version>
+          <Subdirectory>esp-idf/v5.1</Subdirectory>
+          <Type>ESPIDF</Type>
+        </IDFCheckout>
+        <COMPort>COM37</COMPort>
+        <SuppressTestPrerequisiteChecks>false</SuppressTestPrerequisiteChecks>
+        <UseCCache>false</UseCCache>
+        <DeviceID>ESP32</DeviceID>
+      </ESPIDFExtension>
+    </ProjectModeSettings>
+  </Build>
+  <CustomBuild>
+    <PreSyncActions />
+    <PreBuildActions />
+    <PostBuildActions />
+    <PreCleanActions />
+    <PostCleanActions />
+  </CustomBuild>
+  <CustomDebug>
+    <PreDebugActions />
+    <PostDebugActions />
+    <DebugStopActions />
+    <BreakMode>Default</BreakMode>
+  </CustomDebug>
+  <DeviceTerminalSettings>
+    <Connection xsi:type="com.sysprogs.terminal.connection.serial">
+      <ComPortName>COM37</ComPortName>
+      <AdvancedSettings>
+        <BaudRate>115200</BaudRate>
+        <DataBits>8</DataBits>
+        <Parity>None</Parity>
+        <StopBits>One</StopBits>
+        <FlowControl>None</FlowControl>
+      </AdvancedSettings>
+    </Connection>
+    <LastConnectionTime>0</LastConnectionTime>
+    <EchoTypedCharacters>false</EchoTypedCharacters>
+    <ClearContentsWhenReconnecting>false</ClearContentsWhenReconnecting>
+    <ReconnectAutomatically>false</ReconnectAutomatically>
+    <DisplayMode>ASCII</DisplayMode>
+    <Colors>
+      <Background>
+        <Alpha>255</Alpha>
+        <Red>0</Red>
+        <Green>0</Green>
+        <Blue>0</Blue>
+      </Background>
+      <Disconnected>
+        <Alpha>255</Alpha>
+        <Red>169</Red>
+        <Green>169</Green>
+        <Blue>169</Blue>
+      </Disconnected>
+      <Text>
+        <Alpha>255</Alpha>
+        <Red>211</Red>
+        <Green>211</Green>
+        <Blue>211</Blue>
+      </Text>
+      <Echo>
+        <Alpha>255</Alpha>
+        <Red>144</Red>
+        <Green>238</Green>
+        <Blue>144</Blue>
+      </Echo>
+      <Inactive>
+        <Alpha>255</Alpha>
+        <Red>169</Red>
+        <Green>169</Green>
+        <Blue>169</Blue>
+      </Inactive>
+    </Colors>
+    <HexSettings>
+      <MaximumBytesPerLine>16</MaximumBytesPerLine>
+      <ShowTextView>true</ShowTextView>
+      <BreaksAroundEcho>true</BreaksAroundEcho>
+      <AutoSend>true</AutoSend>
+      <SendAsHex>true</SendAsHex>
+      <TimeoutForAutoBreak>0</TimeoutForAutoBreak>
+    </HexSettings>
+    <LineEnding>LF</LineEnding>
+    <TreatLFAsCRLF>false</TreatLFAsCRLF>
+    <KeepOpenAfterExit>false</KeepOpenAfterExit>
+    <ShowAfterProgramming>false</ShowAfterProgramming>
+  </DeviceTerminalSettings>
+  <CustomShortcuts>
+    <Shortcuts />
+    <ShowMessageAfterExecuting>true</ShowMessageAfterExecuting>
+  </CustomShortcuts>
+  <UserDefinedVariables />
+  <ImportedPropertySheets />
+  <CodeSense>
+    <Enabled>Unknown</Enabled>
+    <ExtraSettings>
+      <HideErrorsInSystemHeaders>true</HideErrorsInSystemHeaders>
+      <SupportLightweightReferenceAnalysis>true</SupportLightweightReferenceAnalysis>
+      <CheckForClangFormatFiles>true</CheckForClangFormatFiles>
+      <FormattingEngine xsi:nil="true" />
+    </ExtraSettings>
+    <CodeAnalyzerSettings>
+      <Enabled>false</Enabled>
+    </CodeAnalyzerSettings>
+  </CodeSense>
+  <Configurations>
+    <VisualGDBConfiguration>
+      <Name>Debug</Name>
+      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+    </VisualGDBConfiguration>
+    <VisualGDBConfiguration>
+      <Name>Release</Name>
+      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+    </VisualGDBConfiguration>
+  </Configurations>
+  <ProgramArgumentsSuggestions />
+  <Debug xsi:type="com.visualgdb.debug.embedded">
+    <AdditionalStartupCommands />
+    <AdditionalGDBSettings>
+      <Features>
+        <DisableAutoDetection>false</DisableAutoDetection>
+        <UseFrameParameter>false</UseFrameParameter>
+        <SimpleValuesFlagSupported>false</SimpleValuesFlagSupported>
+        <ListLocalsSupported>false</ListLocalsSupported>
+        <ByteLevelMemoryCommandsAvailable>false</ByteLevelMemoryCommandsAvailable>
+        <ThreadInfoSupported>false</ThreadInfoSupported>
+        <PendingBreakpointsSupported>false</PendingBreakpointsSupported>
+        <SupportTargetCommand>false</SupportTargetCommand>
+        <ReliableBreakpointNotifications>false</ReliableBreakpointNotifications>
+      </Features>
+      <EnableSmartStepping>false</EnableSmartStepping>
+      <FilterSpuriousStoppedNotifications>false</FilterSpuriousStoppedNotifications>
+      <ForceSingleThreadedMode>false</ForceSingleThreadedMode>
+      <UseAppleExtensions>false</UseAppleExtensions>
+      <CanAcceptCommandsWhileRunning>false</CanAcceptCommandsWhileRunning>
+      <MakeLogFile>false</MakeLogFile>
+      <IgnoreModuleEventsWhileStepping>true</IgnoreModuleEventsWhileStepping>
+      <UseRelativePathsOnly>false</UseRelativePathsOnly>
+      <ExitAction>None</ExitAction>
+      <DisableDisassembly>false</DisableDisassembly>
+      <ExamineMemoryWithXCommand>false</ExamineMemoryWithXCommand>
+      <StepIntoNewInstanceEntry>app_main</StepIntoNewInstanceEntry>
+      <ExamineRegistersInRawFormat>true</ExamineRegistersInRawFormat>
+      <DisableSignals>false</DisableSignals>
+      <EnableAsyncExecutionMode>false</EnableAsyncExecutionMode>
+      <AsyncModeSupportsBreakpoints>true</AsyncModeSupportsBreakpoints>
+      <TemporaryBreakConsolidationTimeout>0</TemporaryBreakConsolidationTimeout>
+      <EnableNonStopMode>false</EnableNonStopMode>
+      <MaxBreakpointLimit>0</MaxBreakpointLimit>
+      <EnableVerboseMode>true</EnableVerboseMode>
+      <EnablePrettyPrinters>false</EnablePrettyPrinters>
+    </AdditionalGDBSettings>
+    <DebugMethod>
+      <ID>openocd</ID>
+      <Configuration xsi:type="com.visualgdb.edp.openocd.settings.esp32">
+        <CommandLine>-f interface/ftdi/tigard.cfg -c "adapter_khz 15000" -f target/esp32.cfg</CommandLine>
+        <ExtraParameters>
+          <Frequency xsi:nil="true" />
+          <BoostedFrequency xsi:nil="true" />
+          <ConnectUnderReset>false</ConnectUnderReset>
+        </ExtraParameters>
+        <LoadProgressGUIThreshold>131072</LoadProgressGUIThreshold>
+        <ProgramMode>Enabled</ProgramMode>
+        <StartupCommands>
+          <string>set remotetimeout 60</string>
+          <string>target remote :$$SYS:GDB_PORT$$</string>
+          <string>mon gdb_breakpoint_override hard</string>
+          <string>mon reset halt</string>
+          <string>load</string>
+        </StartupCommands>
+        <ProgramFLASHUsingExternalTool>false</ProgramFLASHUsingExternalTool>
+        <PreferredGDBPort>0</PreferredGDBPort>
+        <PreferredTelnetPort>0</PreferredTelnetPort>
+        <AlwaysPassSerialNumber>false</AlwaysPassSerialNumber>
+        <SelectedCoreIndex xsi:nil="true" />
+        <LiveMemoryTimeout>5000</LiveMemoryTimeout>
+        <SuggestionLogicRevision>1</SuggestionLogicRevision>
+        <CheckFLASHSize>true</CheckFLASHSize>
+        <FLASHSettings>
+          <Size>size2MB</Size>
+          <Frequency>freq40M</Frequency>
+          <Mode>DIO</Mode>
+        </FLASHSettings>
+        <PatchBootloader>true</PatchBootloader>
+      </Configuration>
+    </DebugMethod>
+    <AutoDetectRTOS>true</AutoDetectRTOS>
+    <SemihostingSupport>Disabled</SemihostingSupport>
+    <SemihostingPollingDelay>0</SemihostingPollingDelay>
+    <StepIntoEntryPoint>false</StepIntoEntryPoint>
+    <ReloadFirmwareOnReset>false</ReloadFirmwareOnReset>
+    <ValidateEndOfStackAddress>true</ValidateEndOfStackAddress>
+    <StopAtEntryPoint>false</StopAtEntryPoint>
+    <EnableVirtualHalts>false</EnableVirtualHalts>
+    <DynamicAnalysisSettings />
+    <EndOfStackSymbol>_estack</EndOfStackSymbol>
+    <TimestampProviderTicksPerSecond>0</TimestampProviderTicksPerSecond>
+    <KeepConsoleAfterExit>false</KeepConsoleAfterExit>
+    <UnusedStackFillPattern xsi:nil="true" />
+    <CheckInterfaceDrivers>true</CheckInterfaceDrivers>
+  </Debug>
+</VisualGDBProjectSettings2>

IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/CMakeLists.txt

@@ -0,0 +1,488 @@
+#
+#  Copyright (C) 2006-2023 wolfSSL Inc.
+#
+#  This file is part of wolfSSL.
+#
+#  wolfSSL is free software; you can redistribute it and/or modify
+#  it under the terms of the GNU General Public License as published by
+#  the Free Software Foundation; either version 2 of the License, or
+#  (at your option) any later version.
+#
+#  wolfSSL is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU General Public License for more details.
+#
+#  You should have received a copy of the GNU General Public License
+#  along with this program; if not, write to the Free Software
+#  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+#
+# cmake for wolfssl Espressif projects
+#
+# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
+#
+
+cmake_minimum_required(VERSION 3.16)
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+set(CMAKE_CURRENT_SOURCE_DIR ".")
+set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
+
+# COMPONENT_NAME = wolfssl
+# The component name is the directory name. "No feature to change this".
+# See https://github.com/espressif/esp-idf/issues/8978#issuecomment-1129892685
+
+# set the root of wolfSSL in top-level project CMakelists.txt:
+#   set(WOLFSSL_ROOT  "C:/some path/with/spaces")
+#   set(WOLFSSL_ROOT  "c:/workspace/wolfssl-[username]")
+#   set(WOLFSSL_ROOT  "/mnt/c/some path/with/spaces")
+#   or use this logic to assign value from Environment Variable WOLFSSL_ROOT,
+#   or assume this is an example 7 subdirectories below:
+
+# We are typically in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
+# The root of wolfSSL is 7 directories up from here:
+
+if(CMAKE_BUILD_EARLY_EXPANSION)
+    message(STATUS "wolfssl component CMAKE_BUILD_EARLY_EXPANSION:")
+    idf_component_register(
+                            REQUIRES "${COMPONENT_REQUIRES}"
+                            PRIV_REQUIRES esp_timer driver # this will typically only be needed for wolfSSL benchmark
+                           )
+
+else()
+    # not CMAKE_BUILD_EARLY_EXPANSION
+    message(STATUS "************************************************************************************************")
+    message(STATUS "wolfssl component config:")
+    message(STATUS "************************************************************************************************")
+
+    # Check to see if we're already in wolfssl, and only if WOLFSSL_ROOT not specified
+    if ("${WOLFSSL_ROOT}" STREQUAL "")
+        # wolfssl examples are 7 directories deep from wolfssl repo root
+        #                        1  2  3  4  5  6  7
+        set(THIS_RELATIVE_PATH "../../../../../../..")
+        get_filename_component(THIS_SEARCH_PATH  "${THIS_RELATIVE_PATH}" ABSOLUTE)
+        message(STATUS "Searching in path = ${THIS_SEARCH_PATH}")
+
+        if (EXISTS "${THIS_SEARCH_PATH}/wolfcrypt/src")
+            # we're already in wolfssl examples!
+            get_filename_component(WOLFSSL_ROOT  "${THIS_SEARCH_PATH}" ABSOLUTE)
+            message(STATUS "Using wolfSSL example with root ${WOLFSSL_ROOT}")
+        else()
+            # We're in some other repo such as wolfssh, so we'll search for an
+            # adjacent-level directory for wolfssl. (8 directories up, then down one)
+            #
+            # For example wolfSSL examples:
+            #   C:\workspace\wolfssl-gojimmypi\IDE\Espressif\ESP-IDF\examples\wolfssl_benchmark\components\wolfssl
+            #
+            # For example wolfSSH examples:
+            #   C:\workspace\wolfssh-gojimmypi\ide\Espressif\ESP-IDF\examples\wolfssh_benchmark\components\wolfssl
+            #
+            #                        1  2  3  4  5  6  7  8
+            set(THIS_RELATIVE_PATH "../../../../../../../..")
+            get_filename_component(THIS_SEARCH_PATH  "${THIS_RELATIVE_PATH}" ABSOLUTE)
+            message(STATUS "Searching next in path = ${THIS_SEARCH_PATH}")
+        endif()
+    endif()
+
+    # search other possible locations
+    if ("${WOLFSSL_ROOT}" STREQUAL "")
+        # there's not a hard-coded WOLFSSL_ROOT value above, so let's see if we can find it.
+        if( "$ENV{WOLFSSL_ROOT}" STREQUAL "" )
+            message(STATUS "Environment Variable WOLFSSL_ROOT not set. Will search common locations.")
+
+            message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
+            get_filename_component(THIS_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
+            message(STATUS "THIS_DIR = ${THIS_DIR}")
+
+            # find the user name to search for possible "wolfssl-username"
+            message(STATUS "USERNAME = $ENV{USERNAME}")
+            if(  "$ENV{USER}" STREQUAL "" ) # the bash user
+                if(  "$ENV{USERNAME}" STREQUAL "" ) # the Windows user
+                    message(STATUS "could not find USER or USERNAME")
+                else()
+                    # the bash user is not blank, so we'll use it.
+                    set(THIS_USER "$ENV{USERNAME}")
+                endif()
+            else()
+                # the bash user is not blank, so we'll use it.
+               set(THIS_USER "$ENV{USER}")
+            endif()
+            message(STATUS "THIS_USER = ${THIS_USER}")
+
+            # This same makefile is used for both the wolfssl component, and other
+            # components that may depend on wolfssl, such as wolfssh. Therefore
+            # we need to determine if this makefile is in the wolfssl repo, or
+            # some other repo.
+
+            if(  "{THIS_USER}" STREQUAL "" )
+                # This is highly unusual to not find a user name.
+                # In this case, we'll just search for a "wolfssl" directory:
+                message(STATUS "No username found!")
+                get_filename_component(WOLFSSL_ROOT  "${THIS_RELATIVE_PATH}/wolfssl" ABSOLUTE)
+            else()
+                # We found an environment USER name!
+                # The first place to look for wolfssl will be in a user-clone called "wolfssl-[username]"
+                message(STATUS "Using [THIS_USER = ${THIS_USER}] to see if there's a [relative path]/wolfssl-${THIS_USER} directory.")
+                get_filename_component(WOLFSSL_ROOT  "${THIS_RELATIVE_PATH}/wolfssl-${THIS_USER}" ABSOLUTE)
+
+                if( EXISTS "${WOLFSSL_ROOT}" )
+                    message(STATUS "Found wolfssl in user-suffix ${WOLFSSL_ROOT}")
+                else()
+                    # If there's not a user-clone called "wolfssl-[username]",
+                    # perhaps there's simply a git clone called "wolfssl"?
+                    message(STATUS "Did not find wolfssl-${THIS_USER}; continuing search...")
+                    get_filename_component(WOLFSSL_ROOT  "${THIS_RELATIVE_PATH}/wolfssl" ABSOLUTE)
+
+                    if( EXISTS "${WOLFSSL_ROOT}" )
+                        message(STATUS "Found wolfssl in standard ${WOLFSSL_ROOT}")
+                    else()
+                        # Things are looking pretty bleak. We'll likely not be able to compile.
+                        message(STATUS "Did not find wolfssl in ${WOLFSSL_ROOT}")
+                    endif()
+                endif()
+            endif()
+
+        else()
+            # there's an environment variable, so use it.
+            set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}")
+
+            if( EXISTS "${WOLFSSL_ROOT}" )
+                get_filename_component(WOLFSSL_ROOT  "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
+                message(STATUS "Found WOLFSSL_ROOT via Environment Variable:")
+            else()
+                message(FATAL_ERROR "WOLFSSL_ROOT Environment Variable defined, but path not found:")
+                message(STATUS "$ENV{WOLFSSL_ROOT}")
+            endif()
+        endif()
+        # end of search for wolfssl component root
+    else()
+        # There's already a value assigned; we won't search for anything else.
+        message(STATUS "Found user-specified WOLFSSL_ROOT value.")
+    endif() # WOLFSSL_ROOT user defined
+
+    # After all the logic above, does our WOLFSSL_ROOT actually exist?
+    if( EXISTS "${WOLFSSL_ROOT}" )
+        message(STATUS "WOLFSSL_ROOT = ${WOLFSSL_ROOT}")
+    else()
+        # Abort. We need wolfssl _somewhere_.
+        message(FATAL_ERROR "Could not find wolfssl in ${WOLFSSL_ROOT}. Try setting environment variable or git clone.")
+    endif()
+
+
+    set(INCLUDE_PATH ${WOLFSSL_ROOT})
+
+    set(COMPONENT_SRCDIRS "\"${WOLFSSL_ROOT}/src/\""
+                          "\"${WOLFSSL_ROOT}/wolfcrypt/src\""
+                          "\"${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif\""
+                          "\"${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel\""
+                          "\"${WOLFSSL_ROOT}/wolfcrypt/benchmark\"" # the benchmark application
+                          "\"${WOLFSSL_ROOT}/wolfcrypt/test\"" # the test application
+       ) # COMPONENT_SRCDIRS
+    message(STATUS "This COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
+
+    set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
+
+    # Espressif may take several passes through this makefile. Check to see if we found IDF
+    string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
+
+    # get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
+    file(GLOB EXCLUDE_ASM *.S)
+    file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
+
+    message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
+    message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
+    message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
+
+    #
+    # Check to see if there's both a local copy and EDP-IDF copy of the wolfssl and/or wolfssh components.
+    #
+    if( EXISTS "${WOLFSSL_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+        #
+        # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
+        #
+        message(STATUS "")
+        message(STATUS "**************************************************************************************")
+        message(STATUS "")
+        message(STATUS "Error: Found components/wolfssl in both local project and IDF_PATH")
+        message(STATUS "")
+        message(STATUS "To proceed: ")
+        message(STATUS "")
+        message(STATUS "Remove either the local project component: ${WOLFSSL_PROJECT_DIR} ")
+        message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
+        message(STATUS "")
+        message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
+        message(STATUS "")
+        message(STATUS "**************************************************************************************")
+        message(STATUS "")
+
+        # Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
+        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+
+    else()
+        if( EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+            #
+            # wolfSSL found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
+            #
+            message(STATUS "")
+            message(STATUS "Using components/wolfssl in IDF_PATH = $ENV{IDF_PATH}")
+            message(STATUS "")
+        else()
+            #
+            # wolfSSL is not an ESP-IDF component.
+            # We need to now determine if it is local and if so if it is part of the wolfSSL repo,
+            # or if  wolfSSL is simply installed as a local component.
+            #
+
+            if( EXISTS "${WOLFSSL_PROJECT_DIR}" )
+                #
+                # wolfSSL found in local project.
+                #
+                if( EXISTS "${WOLFSSL_PROJECT_DIR}/wolfcrypt/" )
+                    message(STATUS "")
+                    message(STATUS "Using installed project ./components/wolfssl in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
+                    message(STATUS "")
+                    #
+                    # Note we already checked above and confirmed there's not another wolfSSL installed in the ESP-IDF components.
+                    #
+                    # We won't do anything else here, as it will be assumed the original install completed successfully.
+                    #
+                else() # full wolfSSL not installed in local project
+                    #
+                    # This is the developer repo mode. wolfSSL will be assumed to be not installed to ESP-IDF nor local project
+                    # In this configuration, we are likely running a wolfSSL example found directly in the repo.
+                    #
+                    message(STATUS "")
+                    message(STATUS "Using developer repo ./components/wolfssl in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
+                    message(STATUS "")
+
+                    message(STATUS "************************************************************************************************")
+                    # When in developer mode, we are typically running wolfSSL examples such as benchmark or test directories.
+                    # However, the as-cloned or distributed wolfSSL does not have the ./include/ directory, so we'll add it as needed.
+                    #
+                    # first check if there's a [root]/include/user_settings.h
+                    if( EXISTS "${WOLFSSL_ROOT}/include/user_settings.h" )
+                        message(FATAL_ERROR "Found stray wolfSSL user_settings.h in "
+                                            "${WOLFSSL_ROOT}/include/user_settings.h "
+                                            " (please move it to ${WOLFSSL_PROJECT_DIR}/include/user_settings.h )")
+                    else()
+                        # we won't overwrite an existing user settings file, just note that we already have one:
+                        if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/user_settings.h" )
+                            message(STATUS "Using existing wolfSSL user_settings.h in "
+                                           "${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+                        else()
+                            message(STATUS "Installing wolfSSL user_settings.h to "
+                                           "${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+                            file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h"
+                            DESTINATION "${CMAKE_HOME_DIRECTORY}/wolfssl/include/")
+                        endif()
+                    endif() # user_settings.h
+
+                    # next check if there's a [root]/include/config.h
+                    if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
+                        message(FATAL_ERROR "Found stray wolfSSL config.h in        ${WOLFSSL_ROOT}/include/config.h (please move it to ${WOLFSSL_PROJECT_DIR}/include/config.h")
+                    else()
+                        # we won't overwrite an existing user settings file, just note that we already have one:
+                        if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/config.h" )
+                            message(STATUS "Using existing wolfSSL config.h           ${WOLFSSL_PROJECT_DIR}/include/config.h")
+                        else()
+                            message(STATUS "Installing wolfSSL config.h to            ${WOLFSSL_PROJECT_DIR}/include/config.h")
+                            file(COPY   "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/dummy_config_h" DESTINATION "${WOLFSSL_PROJECT_DIR}/include/")
+                            file(RENAME "${WOLFSSL_PROJECT_DIR}/include/dummy_config_h" "${WOLFSSL_PROJECT_DIR}/include/config.h")
+                        endif() # Project config.h
+                    endif() # WOLFSSL_ROOT config.h
+                    message(STATUS "************************************************************************************************")
+                    message(STATUS "")
+                endif()
+
+            else()
+                # we did not find a ./components/wolfssl/include/ directory from this pass of cmake.
+                if($WOLFSSL_FOUND_IDF)
+                    message(STATUS "")
+                    message(STATUS "WARNING: wolfSSL not found.")
+                    message(STATUS "")
+                else()
+                    # probably needs to be re-parsed by Espressif
+                    message(STATUS "wolfSSL found IDF. Project Source:${PROJECT_SOURCE_DIR}")
+                endif() # else we have not found ESP-IDF yet
+            endif() # else not a local wolfSSL component
+
+        endif() #else not an ESP-IDF component
+    endif() # else not local copy and EDP-IDF wolfSSL
+
+
+    # RTOS_IDF_PATH is typically:
+    # "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
+    # depending on the environment, we may need to swap backslashes with forward slashes
+    string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
+
+    string(REPLACE "\\" "/" WOLFSSL_ROOT ${WOLFSSL_ROOT})
+
+    if(IS_DIRECTORY "${RTOS_IDF_PATH}")
+        message(STATUS "Found current RTOS path: ${RTOS_IDF_PATH}")
+    else()
+        # ESP-IDF prior version 4.4x has a different RTOS directory structure
+        string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/include/freertos")
+        if(IS_DIRECTORY "${RTOS_IDF_PATH}")
+            message(STATUS "Found legacy RTOS path: ${RTOS_IDF_PATH}")
+        else()
+            message(STATUS "Could not find RTOS path")
+        endif()
+    endif()
+
+
+    set(COMPONENT_ADD_INCLUDEDIRS
+        "./include" # this is the location of wolfssl user_settings.h
+        "\"${WOLFSSL_ROOT}/\""
+        "\"${WOLFSSL_ROOT}/wolfssl/\""
+        "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\""
+        "\"${RTOS_IDF_PATH}/\""
+        )
+
+
+    if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
+        list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
+    endif()
+
+    list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/\"")
+    list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\"")
+
+
+
+    set(COMPONENT_SRCEXCLUDE
+        "\"${WOLFSSL_ROOT}/src/bio.c\""
+        "\"${WOLFSSL_ROOT}/src/conf.c\""
+        "\"${WOLFSSL_ROOT}/src/misc.c\""
+        "\"${WOLFSSL_ROOT}/src/pk.c\""
+        "\"${WOLFSSL_ROOT}/src/ssl_asn1.c\""    # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_certman.c\"" # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_bn.c\""      # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_misc.c\""    # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/x509.c\""
+        "\"${WOLFSSL_ROOT}/src/x509_str.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/misc.c\""
+        "\"${EXCLUDE_ASM}\""
+        )
+
+    spaces2list(COMPONENT_REQUIRES)
+
+    separate_arguments(COMPONENT_SRCDIRS NATIVE_COMMAND "${COMPONENT_SRCDIRS}")
+    separate_arguments(COMPONENT_SRCEXCLUDE NATIVE_COMMAND "${COMPONENT_SRCEXCLUDE}")
+    separate_arguments(COMPONENT_ADD_INCLUDEDIRS NATIVE_COMMAND "${COMPONENT_ADD_INCLUDEDIRS}")
+
+    #
+    # See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html#example-component-requirements
+    #
+    message(STATUS "COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
+    message(STATUS "COMPONENT_ADD_INCLUDEDIRS = ${COMPONENT_ADD_INCLUDEDIRS}")
+    message(STATUS "COMPONENT_REQUIRES = ${COMPONENT_REQUIRES}")
+    message(STATUS "COMPONENT_SRCEXCLUDE = ${COMPONENT_SRCEXCLUDE}")
+
+    #
+    # see https://docs.espressif.com/projects/esp-idf/en/stable/esp32/migration-guides/release-5.x/build-system.html?highlight=space%20path
+    #
+    set(EXTRA_COMPONENT_DIRS "${COMPONENT_SRCDIRS}")
+    idf_component_register(
+                            SRC_DIRS "${COMPONENT_SRCDIRS}"
+                            INCLUDE_DIRS "${COMPONENT_ADD_INCLUDEDIRS}"
+                            REQUIRES "${COMPONENT_REQUIRES}"
+                            EXCLUDE_SRCS "${COMPONENT_SRCEXCLUDE}"
+                            PRIV_REQUIRES esp_timer driver # this will typically only be needed for wolfSSL benchmark
+                           )
+    # some optional diagnostics
+    if (1)
+        get_cmake_property(_variableNames VARIABLES)
+        list (SORT _variableNames)
+        message(STATUS "")
+        message(STATUS "ALL VARIABLES BEGIN")
+        message(STATUS "")
+        foreach (_variableName ${_variableNames})
+            message(STATUS "${_variableName}=${${_variableName}}")
+        endforeach()
+        message(STATUS "")
+        message(STATUS "ALL VARIABLES END")
+        message(STATUS "")
+    endif()
+
+    # target_sources(wolfssl PRIVATE  "\"${WOLFSSL_ROOT}/wolfssl/\""  "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt\"")
+endif() # CMAKE_BUILD_EARLY_EXPANSION
+
+
+
+# check to see if there's both a local copy and EDP-IDF copy of the wolfssl components
+if( EXISTS "${WOLFSSL_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+    message(STATUS "")
+    message(STATUS "")
+    message(STATUS "********************************************************************")
+    message(STATUS "WARNING: Found components/wolfssl in both local project and IDF_PATH")
+    message(STATUS "********************************************************************")
+    message(STATUS "")
+endif()
+# end multiple component check
+
+
+#
+# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
+#
+# Save the THIS_VAR as a string in a macro called VAR_OUPUT
+#
+# VAR_OUPUT:  the name of the macro to define
+# THIS_VAR:   the OUTPUT_VARIABLE result from a execute_process()
+# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
+#
+function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
+    # is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
+    string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
+
+    # if we had a successful operation, save the THIS_VAR in VAR_OUPUT
+    if(${IS_VALID_VALUE})
+        # strip newline chars in THIS_VAR parameter and save in VAR_VALUE
+        string(REPLACE "\n" ""  VAR_VALUE  ${THIS_VAR})
+
+        # we'll could percolate the value to the parent for possible later use
+        # set(${VAR_OUPUT} ${VAR_VALUE} PARENT_SCOPE)
+
+        # but we're only using it here in this function
+        set(${VAR_OUPUT} ${VAR_VALUE})
+
+        # we'll print what we found to the console
+        message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
+
+        # the interesting part is defining the VAR_OUPUT name a value to use in the app
+        add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+    else()
+        # if we get here, check the execute_process command and parameters.
+        message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
+        set(${VAR_OUPUT} "Unknown")
+    endif()
+endfunction() # LIBWOLFSSL_SAVE_INFO
+
+# create some programmatic #define values that will be used by ShowExtendedSystemInfo().
+# see wolfcrypt\src\port\Espressif\esp32_utl.c
+if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+    set (git_cmd "git")
+    message(STATUS "Adding macro definitions:")
+
+    # LIBWOLFSSL_VERSION_GIT_ORIGIN: git config --get remote.origin.url
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "config" "--get" "remote.origin.url" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_ORIGIN "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_BRANCH: git rev-parse --abbrev-ref HEAD
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--abbrev-ref" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_BRANCH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_HASH: git rev-parse HEAD
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_SHORT_HASH: git rev-parse --short HEAD
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_HASH_DATE git show --no-patch --no-notes --pretty=\'\%cd\'
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
+
+    message(STATUS "************************************************************************************************")
+    message(STATUS "wolfssl component config complete!")
+    message(STATUS "************************************************************************************************")
+endif()

IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h

@@ -0,0 +1,197 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include <sdkconfig.h> /* essential to chip set detection */
+
+#undef WOLFSSL_ESPIDF
+#undef WOLFSSL_ESP32
+#undef WOLFSSL_ESPWROOM32SE
+#undef WOLFSSL_ESP32
+#undef WOLFSSL_ESP8266
+
+/* The Espressif sdkconfig will have chipset info.
+**
+** Possible values:
+**
+**   CONFIG_IDF_TARGET_ESP32
+**   CONFIG_IDF_TARGET_ESP32S2
+**   CONFIG_IDF_TARGET_ESP32S3
+**   CONFIG_IDF_TARGET_ESP32C3
+**   CONFIG_IDF_TARGET_ESP32C6
+*/
+
+#define WOLFSSL_ESPIDF
+
+/*
+ * choose ONE of these Espressif chips to define:
+ *
+ * WOLFSSL_ESP32
+ * WOLFSSL_ESPWROOM32SE
+ * WOLFSSL_ESP8266
+ */
+
+#define WOLFSSL_ESP32
+
+/* optionally turn off SHA512/224 SHA512/256 */
+/* #define WOLFSSL_NOSHA512_224 */
+/* #define WOLFSSL_NOSHA512_256 */
+
+#define BENCH_EMBEDDED
+#define USE_CERT_BUFFERS_2048
+
+/* TLS 1.3                                 */
+#define WOLFSSL_TLS13
+#define HAVE_TLS_EXTENSIONS
+#define WC_RSA_PSS
+#define HAVE_HKDF
+#define HAVE_AEAD
+#define HAVE_SUPPORTED_CURVES
+
+#define WOLFSSL_BENCHMARK_FIXED_UNITS_KB
+
+/* when you want to use SINGLE THREAD */
+#define SINGLE_THREADED
+
+#define NO_FILESYSTEM
+
+#define HAVE_AESGCM
+
+#define WOLFSSL_RIPEMD
+/* when you want to use SHA224 */
+#define WOLFSSL_SHA224
+
+/* when you want to use SHA384 */
+#define WOLFSSL_SHA3
+
+#define WOLFSSL_SHA384
+#define WOLFSSL_SHA512
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define CURVE25519_SMALL
+#define HAVE_ED25519
+
+/* when you want to use pkcs7 */
+/* #define HAVE_PKCS7 */
+
+#if defined(HAVE_PKCS7)
+    #define HAVE_AES_KEYWRAP
+    #define HAVE_X963_KDF
+    #define WOLFSSL_AES_DIRECT
+#endif
+
+/* when you want to use aes counter mode */
+/* #define WOLFSSL_AES_DIRECT */
+/* #define WOLFSSL_AES_COUNTER */
+
+/* esp32-wroom-32se specific definition */
+#if defined(WOLFSSL_ESPWROOM32SE)
+    #define WOLFSSL_ATECC508A
+    #define HAVE_PK_CALLBACKS
+    /* when you want to use a custom slot allocation for ATECC608A */
+    /* unless your configuration is unusual, you can use default   */
+    /* implementation.                                             */
+    /* #define CUSTOM_SLOT_ALLOCATION                              */
+#endif
+
+/* rsa primitive specific definition */
+#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
+    /* Define USE_FAST_MATH and SMALL_STACK                        */
+    #define ESP32_USE_RSA_PRIMITIVE
+    /* threshold for performance adjustment for HW primitive use   */
+    /* X bits of G^X mod P greater than                            */
+    #define EPS_RSA_EXPT_XBTIS           32
+    /* X and Y of X * Y mod P greater than                         */
+    #define ESP_RSA_MULM_BITS            9
+#endif
+#define RSA_LOW_MEM
+
+/* debug options */
+/* #define DEBUG_WOLFSSL */
+/* #define WOLFSSL_ESP32_CRYPT_DEBUG */
+/* #define WOLFSSL_ATECC508A_DEBUG          */
+
+/* date/time                               */
+/* if it cannot adjust time in the device, */
+/* enable macro below                      */
+/* #define NO_ASN_TIME */
+/* #define XTIME time */
+
+/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
+#define ESP_RSA_TIMEOUT_CNT    0x249F00
+
+#define HASH_SIZE_LIMIT /* for test.c */
+
+#define USE_FAST_MATH
+
+/* optionally use SP_MATH */
+/* #define SP_MATH */
+
+#define WOLFSSL_SMALL_STACK
+
+#define HAVE_VERSION_EXTENDED_INFO
+#define HAVE_WC_INTROSPECTION
+
+/* allows for all version info, even that suppressed with introspection */
+#define ALLOW_BINARY_MISMATCH_INTROSPECTION
+
+/* Default is HW enabled unless turned off.
+** Uncomment these lines for SW: */
+#if defined(CONFIG_IDF_TARGET_ESP32)
+    /* #define NO_ESP32_CRYPT                 */
+    /* #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /* #define NO_WOLFSSL_ESP32_CRYPT_AES     */
+    /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+    /* #define NO_ESP32_CRYPT                 */
+    /* #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /* #define NO_WOLFSSL_ESP32_CRYPT_AES     */
+    /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+#elif defined(CONFIG_IDF_TARGET_ESP32C2)
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#elif defined(CONFIG_IDF_TARGET_ESP32H2)
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#else
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#endif

IDE/Espressif/ESP-IDF/examples/template/main/CMakeLists.txt

@@ -0,0 +1,77 @@
+# This tag is used to include this file in the ESP Component Registry:
+# __ESP_COMPONENT_SOURCE__
+
+#
+# wolfssl client test
+#
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+
+set (git_cmd "git")
+
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+    #
+    # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
+    #
+    message(STATUS "")
+    message(STATUS "WARNING: Found components/wolfssl in both local project and IDF_PATH")
+    message(STATUS "")
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+endif()
+
+## register_component()
+idf_component_register(SRCS main.c
+                       INCLUDE_DIRS "." "./include")
+#
+
+#
+# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
+#
+# Save the THIS_VAR as a string in a macro called VAR_OUPUT
+#
+# VAR_OUPUT:  the name of the macro to define
+# THIS_VAR:   the OUTPUT_VARIABLE result from a execute_process()
+# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
+#
+function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
+    # is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
+    string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
+
+    # if we had a successful operation, save the THIS_VAR in VAR_OUPUT
+    if(${IS_VALID_VALUE})
+        # strip newline chars in THIS_VAR parameter and save in VAR_VALUE
+        string(REPLACE "\n" ""  VAR_VALUE  ${THIS_VAR})
+
+        # we'll could percolate the value to the parent for possible later use
+        # set(${VAR_OUPUT} ${VAR_VALUE} PARENT_SCOPE)
+
+        # but we're only using it here in this function
+        set(${VAR_OUPUT} ${VAR_VALUE})
+
+        # we'll print what we found to the console
+        message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
+
+        # the interesting part is defining the VAR_OUPUT name a value to use in the app
+        add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+    else()
+        # if we get here, check the execute_process command and parameters.
+        message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
+        set(${VAR_OUPUT} "Unknown")
+    endif()
+endfunction() # LIBWOLFSSL_SAVE_INFO
+
+if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+    # LIBWOLFSSL_VERSION_GIT_HASH
+    execute_process(COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_SHORT_HASH
+    execute_process(COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_HASH_DATE
+    execute_process(COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
+endif()
+
+message(STATUS "")
+

IDE/Espressif/ESP-IDF/examples/template/main/include/main.h

@@ -1,4 +1,4 @@
-/* error-ssl.h
+/* template main.h
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -18,6 +18,7 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
+#ifndef _MAIN_H_
+#define _MAIN_H_
 
-
-#include <wolfssl/error-ssl.h>
+#endif

IDE/Espressif/ESP-IDF/examples/template/main/main.c

@@ -1,4 +1,4 @@
-/* ripemd.h
+/* main.c
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -19,20 +19,25 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
 
+/* Espressif */
+#include <esp_log.h>
 
+/* wolfSSL  */
+#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
 
+/* project */
+#include "main.h"
 
-#ifndef CTAO_CRYPT_RIPEMD_H
-#define CTAO_CRYPT_RIPEME_H
+static const char* const TAG = "My Project";
 
-#include <wolfssl/wolfcrypt/ripemd.h>
+void app_main(void)
+{
+    ESP_LOGI(TAG, "Hello wolfSSL!");
 
-/* for ripemd reverse compatibility */
-#ifdef WOLFSSL_RIPEMD
-    #define InitRipeMd   wc_InitRipeMd
-    #define RipeMdUpdate wc_RipeMdUpdate
-    #define RipeMdFinal  wc_RipeMdFinal
+#ifdef HAVE_VERSION_EXTENDED_INFO
+    esp_ShowExtendedSystemInfo();
 #endif
 
-#endif /* CTAO_CRYPT_RIPEMD_H */
-
+    ESP_LOGI(TAG, "\n\nDone!"
+                  "If running from idf.py monitor, press twice: Ctrl+]");
+}

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/CMakeLists.txt

@@ -192,6 +192,7 @@ set(COMPONENT_SRCEXCLUDE
     "${WOLFSSL_ROOT}/src/pk.c"
     "${WOLFSSL_ROOT}/src/ssl_asn1.c" # included by ssl.c
     "${WOLFSSL_ROOT}/src/ssl_bn.c" # included by ssl.c
+    "${WOLFSSL_ROOT}/src/ssl_certman.c" # included by ssl.c
     "${WOLFSSL_ROOT}/src/ssl_misc.c" # included by ssl.c
     "${WOLFSSL_ROOT}/src/x509.c"
     "${WOLFSSL_ROOT}/src/x509_str.c"

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c

@@ -58,10 +58,10 @@ static void set_time()
     time_t now;
     struct tm timeinfo;
     char strftime_buf[64];
-    /* please update the time if seeing unknown failure when loading cert.  */
-    /* this could cause TLS communication failure due to time expiration    */
-    /* incleasing 31536000 seconds is close to spend 356 days.              */
-    utctime.tv_sec = 1645797600; /* dummy time: Fri 25 Feb 2022 02:00:00 2022 */
+    /* please update the time if seeing unknown failure when loading cert.   */
+    /* this could cause TLS communication failure due to time expiration     */
+    /* increasing 31536000 seconds is close to spanning 356 days.            */
+    utctime.tv_sec = 1695513105; /* dummy time: Sat Sep 23 17:05:31 PDT 2023 */
     utctime.tv_usec = 0;
     tz.tz_minuteswest = 0;
     tz.tz_dsttime = 0;
@@ -92,7 +92,7 @@ static void tls_smp_client_init(void)
 #else
         xTaskHandle _handle;
 #endif
-    /* http://esp32.info/docs/esp_idf/html/dd/d3c/group__xTaskCreate.html */
+    /* see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/freertos_idf.html */
     ret = xTaskCreate(tls_smp_client_task,
                       TLS_SMP_CLIENT_TASK_NAME,
                       TLS_SMP_CLIENT_TASK_WORDS,
@@ -121,7 +121,7 @@ static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
         ESP_LOGI(TAG, "got ip:%s",
                  ip4addr_ntoa(&event->event_info.got_ip.ip_info.ip));
     #endif
-        /* http://esp32.info/docs/esp_idf/html/dd/d08/group__xEventGroupSetBits.html */
+        /* see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/freertos_idf.html */
         xEventGroupSetBits(wifi_event_group, CONNECTED_BIT);
         break;
     case SYSTEM_EVENT_STA_DISCONNECTED:
@@ -217,7 +217,7 @@ void app_main(void)
     };
     /* WiFi station mode */
     ESP_ERROR_CHECK(esp_wifi_set_mode(WIFI_MODE_STA) );
-    /* Wifi Set the configuration of the ESP32 STA or AP */ 
+    /* Wifi Set the configuration of the ESP32 STA or AP */
     ESP_ERROR_CHECK(esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) );
     /* Start Wifi */
     ESP_ERROR_CHECK(esp_wifi_start() );

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c

@@ -58,10 +58,10 @@ static void set_time()
     time_t now;
     struct tm timeinfo;
     char strftime_buf[64];
-    /* please update the time if seeing unknown failure when loading cert.  */
-    /* this could cause TLS communication failure due to time expiration    */
-    /* incleasing 31536000 seconds is close to spend 356 days.              */
-    utctime.tv_sec = 1645797600; /* dummy time: Fri 25 Feb 2022 02:00:00 2022 */
+    /* please update the time if seeing unknown failure when loading cert.   */
+    /* this could cause TLS communication failure due to time expiration     */
+    /* increasing 31536000 seconds is close to spanning 356 days.            */
+    utctime.tv_sec = 1695513105; /* dummy time: Sat Sep 23 17:05:31 PDT 2023 */
     utctime.tv_usec = 0;
     tz.tz_minuteswest = 0;
     tz.tz_dsttime = 0;
@@ -92,7 +92,7 @@ static void tls_smp_server_init(void)
 #else
         xTaskHandle _handle;
 #endif
-    /* http://esp32.info/docs/esp_idf/html/dd/d3c/group__xTaskCreate.html */
+    /* see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/freertos_idf.html */
     ret = xTaskCreate(tls_smp_server_task,
                       TLS_SMP_SERVER_TASK_NAME,
                       TLS_SMP_SERVER_TASK_WORDS,
@@ -121,7 +121,7 @@ static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
         ESP_LOGI(TAG, "got ip:%s",
                  ip4addr_ntoa(&event->event_info.got_ip.ip_info.ip));
 #endif
-        /* http://esp32.info/docs/esp_idf/html/dd/d08/group__xEventGroupSetBits.html */
+        /* see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/freertos_idf.html */
         xEventGroupSetBits(wifi_event_group, CONNECTED_BIT);
         break;
     case SYSTEM_EVENT_STA_DISCONNECTED:

IDE/Espressif/ESP-IDF/examples/wolfssl_test/README.md

@@ -27,11 +27,19 @@ Example build on WSL, assuming `git clone` from `c:\workspace`:
 # switch to test example
 cd /mnt/c/workspace/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test
 
-# Pick ESP-IDF install directory, this one for v4.4.2 in VisualGDB
-. /mnt/c/SysGCC/esp32/esp-idf/v4.4.2/export.sh
+# Pick ESP-IDF install directory, this one for v5.1 in VisualGDB
+. /mnt/c/SysGCC/esp32/esp-idf/v5.1/export.sh
 
-# build and flash, in this example to COM20
-idf.py build flash -p /dev/ttyS20 -b 921600 monitor
+# set target chipset
+idf.py set-target esp32s3
+
+# erase
+idf.py erase-flash -p /dev/ttyS24 -b 115200
+
+# start with a low upload speed, then increase as found operational
+idf.py 
+# build and flash, in this example to COM24
+idf.py build flash -p /dev/ttyS24 -b 115200 monitor
 ```
 
 ## Example Output

IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/CMakeLists.txt

@@ -50,7 +50,6 @@ set(COMPONENT_SRCDIRS "${WOLFSSL_ROOT}/src/"
                         "${WOLFSSL_ROOT}/wolfcrypt/src/"
                         "${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif/"
                         "${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel/"
-                        "${WOLFSSL_ROOT}/wolfcrypt/benchmark/"
                         "${WOLFSSL_ROOT}/wolfcrypt/test/"
                         )
 
@@ -190,9 +189,10 @@ set(COMPONENT_SRCEXCLUDE
     "${WOLFSSL_ROOT}/src/conf.c"
     "${WOLFSSL_ROOT}/src/misc.c"
     "${WOLFSSL_ROOT}/src/pk.c"
-    "${WOLFSSL_ROOT}/src/ssl_asn1.c" # included by ssl.c
-    "${WOLFSSL_ROOT}/src/ssl_bn.c" # included by ssl.c
-    "${WOLFSSL_ROOT}/src/ssl_misc.c" # included by ssl.c
+    "${WOLFSSL_ROOT}/src/ssl_asn1.c"    # included by ssl.c
+    "${WOLFSSL_ROOT}/src/ssl_bn.c"      # included by ssl.c
+    "${WOLFSSL_ROOT}/src/ssl_certman.c" # included by ssl.c
+    "${WOLFSSL_ROOT}/src/ssl_misc.c"    # included by ssl.c
     "${WOLFSSL_ROOT}/src/x509.c"
     "${WOLFSSL_ROOT}/src/x509_str.c"
     "${WOLFSSL_ROOT}/wolfcrypt/src/evp.c"

IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/main.c

@@ -154,6 +154,8 @@ void app_main(void)
     /* some interesting settings are target specific (ESP32, -C3, -S3, etc */
 #if defined(CONFIG_IDF_TARGET_ESP32C3)
     /* not available for C3 at this time */
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+    /* not available for C6 at this time */
 #elif defined(CONFIG_IDF_TARGET_ESP32S3)
     ESP_LOGI(TAG, "CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ = %u MHz",
                    CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
@@ -170,23 +172,21 @@ void app_main(void)
     ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
 
     /* check to see if we are using hardware encryption */
-#if defined(NO_ESP32WROOM32_CRYPT)
-    ESP_LOGI(TAG, "NO_ESP32WROOM32_CRYPT defined! HW acceleration DISABLED.");
+#if defined(NO_ESP32_CRYPT)
+    ESP_LOGI(TAG, "NO_ESP32_CRYPT defined! HW acceleration DISABLED.");
 #else
     #if defined(CONFIG_IDF_TARGET_ESP32C3)
-        #error "ESP32WROOM32_CRYPT not yet supported on ESP32-C3"
+        #error "ESP32_CRYPT not yet supported on ESP32-C3"
     #elif defined(CONFIG_IDF_TARGET_ESP32S2)
-        #error "ESP32WROOM32_CRYPT not yet supported on ESP32-S2"
+        #error "ESP32_CRYPT not yet supported on ESP32-S2"
     #elif defined(CONFIG_IDF_TARGET_ESP32S3)
-        /* #error "ESP32WROOM32_CRYPT not yet supported on ESP32-S3" */
-        ESP_LOGI(TAG, "ESP32WROOM32_CRYPT is enabled for  ESP32-S3.");
+        /* #error "ESP32_CRYPT not yet supported on ESP32-S3" */
+        ESP_LOGI(TAG, "ESP32_CRYPT is enabled for  ESP32-S3.");
     #else
-        ESP_LOGI(TAG, "ESP32WROOM32_CRYPT is enabled.");
+        ESP_LOGI(TAG, "ESP32_CRYPT is enabled.");
     #endif
 #endif
 
-
-
 #if defined (WOLFSSL_USE_TIME_HELPER)
     set_time();
 #endif
@@ -224,9 +224,23 @@ void app_main(void)
         /* see wolfssl/wolfcrypt/error-crypt.h */
     }
 
-    /* after the test, we'll just wait */
+#ifdef INCLUDE_uxTaskGetStackHighWaterMark
+        ESP_LOGI(TAG, "Stack HWM: %d", uxTaskGetStackHighWaterMark(NULL));
+
+        ESP_LOGI(TAG, "Stack used: %d", CONFIG_ESP_MAIN_TASK_STACK_SIZE
+                                        - (uxTaskGetStackHighWaterMark(NULL) / 4));
+#endif
+
+    ESP_LOGI(TAG, "\n\nDone!\n\n"
+                  "If running from idf.py monitor, press twice: Ctrl+]");
+
+    /* done */
     while (1) {
-        /* nothing */
-    }
+#if defined(SINGLE_THREADED)
+        while (1);
+#else
+        vTaskDelay(60000);
+#endif
+    } /* done whle */
 #endif
 }

IDE/Espressif/ESP-IDF/examples/wolfssl_test_idf/main/main.c

@@ -170,17 +170,17 @@ void app_main(void)
     ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
 
     /* check to see if we are using hardware encryption */
-#if defined(NO_ESP32WROOM32_CRYPT)
-    ESP_LOGI(TAG, "NO_ESP32WROOM32_CRYPT defined! HW acceleration DISABLED.");
+#if defined(NO_ESP32_CRYPT)
+    ESP_LOGI(TAG, "NO_ESP32_CRYPT defined! HW acceleration DISABLED.");
 #else
     #if defined(CONFIG_IDF_TARGET_ESP32C3)
-        #error "ESP32WROOM32_CRYPT not yet supported on ESP32-C3"
+        #error "ESP32_CRYPT not yet supported on ESP32-C3"
     #elif defined(CONFIG_IDF_TARGET_ESP32S2)
-        #error "ESP32WROOM32_CRYPT not yet supported on ESP32-S2"
+        #error "ESP32_CRYPT not yet supported on ESP32-S2"
     #elif defined(CONFIG_IDF_TARGET_ESP32S3)
-        #error "ESP32WROOM32_CRYPT not yet supported on ESP32-S3"
+        #error "ESP32_CRYPT not yet supported on ESP32-S3"
     #else
-        ESP_LOGI(TAG, "ESP32WROOM32_CRYPT is enabled.");
+        ESP_LOGI(TAG, "ESP32_CRYPT is enabled.");
     #endif
 #endif
 

IDE/Espressif/ESP-IDF/setup_win.bat

@@ -73,7 +73,7 @@ dir %WOLFSSL_ESPIDFDIR%\*.xyzzy 2> nul | findstr  \
 
 echo;
 echo Equivalalent source directory paths:
-:: show the path of the equivalent  %VALUE% (search for files that don't exist, supress error, and look for string with "\")
+:: show the path of the equivalent  %VALUE% (search for files that don't exist, suppress error, and look for string with "\")
 dir %BASEDIR%\*.xyzzy 2> nul | findstr  \
 dir %WOLFSSLLIB_TRG_DIR%\*.xyzzy 2> nul | findstr  \
 dir %WOLFSSLEXP_TRG_DIR%\*.xyzzy 2> nul | findstr  \

IDE/Espressif/ESP-IDF/user_settings.h

@@ -18,23 +18,35 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
+
 #undef WOLFSSL_ESPIDF
-#undef WOLFSSL_ESPWROOM32
+#undef WOLFSSL_ESP32
 #undef WOLFSSL_ESPWROOM32SE
-#undef WOLFSSL_ESPWROOM32
+#undef WOLFSSL_ESP32
 #undef WOLFSSL_ESP8266
 
+/* The Espressif sdkconfig will have chipset info.
+**
+** Possible values:
+**
+**   CONFIG_IDF_TARGET_ESP32
+**   CONFIG_IDF_TARGET_ESP32S3
+**   CONFIG_IDF_TARGET_ESP32C3
+**   CONFIG_IDF_TARGET_ESP32C6
+*/
+#include <sdkconfig.h>
+
 #define WOLFSSL_ESPIDF
 
 /*
  * choose ONE of these Espressif chips to define:
  *
- * WOLFSSL_ESPWROOM32
+ * WOLFSSL_ESP32
  * WOLFSSL_ESPWROOM32SE
  * WOLFSSL_ESP8266
  */
 
-#define WOLFSSL_ESPWROOM32
+#define WOLFSSL_ESP32
 
 /* #define DEBUG_WOLFSSL_VERBOSE */
 
@@ -85,11 +97,11 @@
     /* #define CUSTOM_SLOT_ALLOCATION                              */
 #endif
 
-/* rsa primitive specific definition */
-#if defined(WOLFSSL_ESPWROOM32) || defined(WOLFSSL_ESPWROOM32SE)
+/* RSA primitive specific definition */
+#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
     /* Define USE_FAST_MATH and SMALL_STACK                        */
     #define ESP32_USE_RSA_PRIMITIVE
-    /* threshold for performance adjustment for hw primitive use   */
+    /* threshold for performance adjustment for HW primitive use   */
     /* X bits of G^X mod P greater than                            */
     #define EPS_RSA_EXPT_XBTIS           36
     /* X and Y of X * Y mod P greater than                         */
@@ -98,7 +110,7 @@
 
 /* debug options */
 /* #define DEBUG_WOLFSSL */
-/* #define WOLFSSL_ESP32WROOM32_CRYPT_DEBUG */
+/* #define WOLFSSL_ESP32_CRYPT_DEBUG */
 /* #define WOLFSSL_ATECC508A_DEBUG          */
 
 /* date/time                               */
@@ -107,11 +119,50 @@
 /* #define NO_ASN_TIME */
 /* #define XTIME time */
 
-/* when you want not to use HW acceleration */
-/* #define NO_ESP32WROOM32_CRYPT */
-/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH*/
-/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_AES */
-/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI */
 
-/* adjust wait-timeout count if you see timeout in rsa hw acceleration */
+/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
 #define ESP_RSA_TIMEOUT_CNT    0x249F00
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+    /* when you want not to use HW acceleration on ESP32 (below for S3, etc */
+    /* #define NO_ESP32_CRYPT                 */
+    /* #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /* #define NO_WOLFSSL_ESP32_CRYPT_AES     */
+    /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+    /* ESP32-S2 disabled by default; not implemented */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+    /* when you want not to use HW acceleration on ESP32-S3 */
+    /* #define NO_ESP32_CRYPT                 */
+    /* #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /* #define NO_WOLFSSL_ESP32_CRYPT_AES     */
+    /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+    /* ESP32-C3 disabled by default, not implemented */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+    /* ESP32-C6 disabled by default, not implemented */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#elif defined(CONFIG_IDF_TARGET_ESP32H2)
+    /* ESP32-H2 disabled by default, not implemented */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#else
+    /* anything else unknown will have HW disabled by default */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#endif

IDE/Espressif/include.am

@@ -17,6 +17,18 @@ EXTRA_DIST+= IDE/Espressif/ESP-IDF/setup_win.bat
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/UPDATE.md
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/user_settings.h
 
+# Template
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/CMakeLists.txt
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/README.md
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/VisualGDB
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/CMakeLists.txt
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/main/CMakeLists.txt
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/main/include
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/main/main.c
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/main/include/main.h
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/VisualGDB/wolfssl_template_IDF_v5.1_ESP32.vgdbproj
+
 # Benchmark
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/CMakeLists.txt
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main

IDE/GCC-ARM/Header/user_settings.h

@@ -70,7 +70,6 @@ extern "C" {
     #define WOLFSSL_HAVE_SP_RSA
     #define WOLFSSL_HAVE_SP_DH
     #define WOLFSSL_HAVE_SP_ECC
-    //#define WOLFSSL_SP_CACHE_RESISTANT
     #define WOLFSSL_SP_MATH     /* only SP math - eliminates fast math code */
 
     /* SP Assembly Speedups */
@@ -85,11 +84,24 @@ extern "C" {
 /* FIPS - Requires eval or license from wolfSSL */
 /* ------------------------------------------------------------------------- */
 #undef  HAVE_FIPS
+#undef  HAVE_FIPS_VERSION
+#undef  HAVE_FIPS_VERSION_MINOR
 #if 0
     #define HAVE_FIPS
 
-    #undef  HAVE_FIPS_VERSION
-    #define HAVE_FIPS_VERSION 2
+    /* Choose a FIPS version */
+    #if 0
+        /* FIPS 140-2 */
+        #define HAVE_FIPS_VERSION 2
+    #elif 0
+        /* FIPS 140-3 */
+        #define HAVE_FIPS_VERSION 5
+        #define HAVE_FIPS_VERSION_MINOR 2
+    #elif 0
+        /* FIPS Ready */
+        #define HAVE_FIPS_VERSION 5
+        #define HAVE_FIPS_VERSION_MINOR 3
+    #endif
 
     #ifdef SINGLE_THREADED
         #undef  NO_THREAD_LS
@@ -182,6 +194,9 @@ extern "C" {
 
         #undef  WOLFSSL_VALIDATE_ECC_IMPORT
         #define WOLFSSL_VALIDATE_ECC_IMPORT /* Validate import */
+
+        #undef  WOLFSSL_ECDSA_SET_K
+        #define WOLFSSL_ECDSA_SET_K
     #endif
 
     /* Compressed Key Support */
@@ -198,7 +213,7 @@ extern "C" {
         #else
             #undef  ALT_ECC_SIZE
             #define ALT_ECC_SIZE
-            /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
+            /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
             //#undef  FP_MAX_BITS_ECC
             //#define FP_MAX_BITS_ECC (256 * 2)
         #endif

IDE/GCC-ARM/Makefile.common

@@ -1,11 +1,11 @@
 # Set to @ if you want to suppress command echo
-CMD_ECHO = 
+CMD_ECHO =
 
 # Important directories
 BUILD_DIR = ./Build
 
 # Toolchain location and prefix
-#TOOLCHAIN = 
+#TOOLCHAIN =
 TOOLCHAIN ?= /opt/gcc-arm-none-eabi/bin/arm-none-eabi-
 
 # Tools selection
@@ -101,6 +101,7 @@ SRC_C += ../../wolfcrypt/src/des3.c
 SRC_C += ../../wolfcrypt/src/dh.c
 SRC_C += ../../wolfcrypt/src/ecc.c
 SRC_C += ../../wolfcrypt/src/hmac.c
+SRC_C += ../../wolfcrypt/src/kdf.c
 SRC_C += ../../wolfcrypt/src/random.c
 SRC_C += ../../wolfcrypt/src/rsa.c
 SRC_C += ../../wolfcrypt/src/sha.c
@@ -138,7 +139,6 @@ SRC_C += ../../wolfcrypt/src/ge_448.c
 SRC_C += ../../wolfcrypt/src/ge_low_mem.c
 SRC_C += ../../wolfcrypt/src/ge_operations.c
 SRC_C += ../../wolfcrypt/src/hash.c
-SRC_C += ../../wolfcrypt/src/kdf.c
 SRC_C += ../../wolfcrypt/src/integer.c
 SRC_C += ../../wolfcrypt/src/logging.c
 SRC_C += ../../wolfcrypt/src/md5.c

IDE/HEXAGON/ecc-verify-benchmark.c

@@ -133,7 +133,7 @@ static int hash_firmware_verify_dsp(int numThreads, int domain)
         ret = wolfSSL_open(sp_URI_value, &(handle[i]));
         if (ret != 0) {
             printf("unable to open CDSP? retVal = %d\n", ret);
-	    return -1;
+            return -1;
         }
         wc_ecc_set_handle(&(eccKey[i]), handle[i]);
     }

IDE/IAR-EWARM/.gitignore

@@ -0,0 +1,9 @@
+# Unused project setting files
+*.ewt
+# Build products
+ewarm/
+Debug/
+Release/
+# Auto generated files
+settings/
+*.dep

IDE/IAR-EWARM/embOS/.gitignore

@@ -1,6 +0,0 @@
-*.bat
-*.xcl
-*.crun
-*.dbgdt
-*.dni
-

IDE/IAR-EWARM/embOS/SAMV71_XULT/embOS_SAMV71_XULT_user_settings/user_settings_verbose_example.h

@@ -87,7 +87,7 @@
         #undef  ALT_ECC_SIZE
         #define ALT_ECC_SIZE
 
-        /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
+        /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
         /* MAX ECC BITS = ROUND8(MAX ECC) * 2 */
         //#undef  FP_MAX_BITS_ECC
         //#define FP_MAX_BITS_ECC (528 * 2)

IDE/IAR-MSP430/README.md

@@ -78,10 +78,10 @@ Bob init
 Successfully generated a common secret
 Alices' Secret: 85f3c7f599620c768e6dbb77dc2f8f764254cc1821aeb0a30503632dbc9bdb54
 Bobs' Secret: 85f3c7f599620c768e6dbb77dc2f8f764254cc1821aeb0a30503632dbc9bdb54
-ChaCha20/Poly1305 Encryption Start, 1000 itterations, 1024 bytes
+ChaCha20/Poly1305 Encryption Start, 1000 iterations, 1024 bytes
 ............................................
 End 44 seconds
-ChaCha20/Poly1305 Decryption Start, 1000 itterations
+ChaCha20/Poly1305 Decryption Start, 1000 iterations
 ............................................
 End 44 seconds
 end

IDE/IAR-MSP430/main.c

@@ -36,7 +36,7 @@
 #include <msp430f5659.h>
 
 /* Without __root on some of the functions, IAR's "Discard Unused Publics"
-   will optimze out some of the functions
+   will optimize out some of the functions
  */
 #if defined(__IAR_SYSTEMS_ICC__)
 #define IAR_KEEP __root
@@ -304,7 +304,7 @@ only_rng:
     wc_FreeRng(&rng);
 
     printf(
-        "ChaCha20/Poly1305 Encryption Start, 1000 itterations, %d bytes\r\n",
+        "ChaCha20/Poly1305 Encryption Start, 1000 iterations, %d bytes\r\n",
         (int)strlen((const char*)plaintext));
     start = seconds;
     for (int i=0; i <= 1000; i++) {
@@ -319,7 +319,7 @@ only_rng:
     printf("\r\nEnd %d seconds\r\n", seconds - start);
 
     start = seconds;
-    printf("ChaCha20/Poly1305 Decryption Start, 1000 itterations\r\n");
+    printf("ChaCha20/Poly1305 Decryption Start, 1000 iterations\r\n");
     start = seconds;
     for (int i=0; i <= 1000; i++) {
         ret = wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad),

IDE/M68K/Makefile

@@ -84,7 +84,7 @@ clean: rmo
 	rm -f $(OUTPUT)/$(NAME).a
 
 help:
-	@echo "all     : exectue compile, link, rmo"
+	@echo "all     : execute compile, link, rmo"
 	@echo "compile : create .o files"
 	@echo "link    : create .a library from .o files"
 	@echo "rmo     : remove all .o files"

IDE/MCUEXPRESSO/RT1170/fsl_caam_c.patch

@@ -1,6 +1,6 @@
---- fsl_caam-orig.c	2022-10-21 15:50:35.709951000 -0700
-+++ fsl_caam.c	2022-12-28 06:30:34.788316189 -0800
-@@ -7872,3 +7872,462 @@
+--- fsl_caam.c	2023-01-12 23:39:04.000000000 -0800
++++ fsl_caam-expanded.c	2023-06-23 00:18:14.395128903 -0700
+@@ -7872,3 +7872,476 @@
      }
      return status;
  }
@@ -117,7 +117,7 @@
 +    /* initialize descriptor from template */
 +    (void)caam_memcpy(descriptor, templateKeyPairECC, sizeof(templateKeyPairECC));
 +
-+    /* add descriptor lenght in bytes to HEADER descriptor command */
++    /* add descriptor length in bytes to HEADER descriptor command */
 +    DESC_HEADER_ADD_DESCLEN(descriptor[0], descriptorSize);
 +
 +    DESC_SET_ADDR(descriptor[1], (CAAM_ECDSA_KEYGEN_PD | keyType));
@@ -128,7 +128,9 @@
 +    descriptor[4] |= enc;
 +
 +    /* schedule the job */
-+    status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++    do {
++        status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++    } while (status == kStatus_CAAM_Again);
 +    if (status == kStatus_Success) {
 +        status = CAAM_Wait(base, handle, descriptor, kCAAM_Blocking);
 +    }
@@ -198,7 +200,7 @@
 +    /* initialize descriptor from template */
 +    (void)caam_memcpy(descriptor, templateSignECC, sizeof(templateSignECC));
 +
-+    /* add descriptor lenght in bytes to HEADER descriptor command */
++    /* add descriptor length in bytes to HEADER descriptor command */
 +    DESC_HEADER_ADD_DESCLEN(descriptor[0], descriptorSize);
 +
 +    DESC_SET_ADDR(descriptor[1], (CAAM_ECDSA_PD | keyType));
@@ -212,7 +214,9 @@
 +    descriptor[7] |= enc;
 +
 +    /* schedule the job */
-+    status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++    do {
++        status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++    } while (status == kStatus_CAAM_Again);
 +    if (status == kStatus_Success) {
 +        status = CAAM_Wait(base, handle, descriptor, kCAAM_Blocking);
 +    }
@@ -271,7 +275,7 @@
 +    /* initialize descriptor from template */
 +    (void)caam_memcpy(descriptor, templateVerifyECC, sizeof(templateVerifyECC));
 +
-+    /* add descriptor lenght in bytes to HEADER descriptor command */
++    /* add descriptor length in bytes to HEADER descriptor command */
 +    DESC_HEADER_ADD_DESCLEN(descriptor[0], descriptorSize);
 +
 +    DESC_SET_ADDR(descriptor[1], (CAAM_ECDSA_PD | keyType));
@@ -283,7 +287,9 @@
 +    DESC_ADD_LEN(descriptor[7], sizeHash);
 +
 +    /* schedule the job */
-+    status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++    do {
++        status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++    } while (status == kStatus_CAAM_Again);
 +    if (status == kStatus_Success) {
 +        status = CAAM_Wait(base, handle, descriptor, kCAAM_Blocking);
 +    }
@@ -338,7 +344,7 @@
 +    /* initialize descriptor from template */
 +    (void)caam_memcpy(descriptor, templateAgreeECC, sizeof(templateAgreeECC));
 +
-+    /* add descriptor lenght in bytes to HEADER descriptor command */
++    /* add descriptor length in bytes to HEADER descriptor command */
 +    DESC_HEADER_ADD_DESCLEN(descriptor[0], descriptorSize);
 +
 +    DESC_SET_ADDR(descriptor[1], (CAAM_ECDSA_KEYGEN_PD | keyType));
@@ -350,7 +356,9 @@
 +    descriptor[5] |= enc;
 +
 +    /* schedule the job */
-+    status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++    do {
++        status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++    } while (status == kStatus_CAAM_Again);
 +    if (status == kStatus_Success) {
 +        status = CAAM_Wait(base, handle, descriptor, kCAAM_Blocking);
 +    }
@@ -367,7 +375,7 @@
 +/* Handle BLOB create and open */
 +static const uint32_t templateBlob[] = {
 +    /* 00 */ 0xB0800000u,  /* HEADER */
-+    /* 01 */ 0x14400000u,  /* class */
++    /* 01 */ 0x04000000u,  /* class */
 +    /* 02 */ 0x00000000u,  /* key mod */
 +    /* 03 */ 0xF0000000u,  /* SEQ input size */
 +    /* 04 */ 0x00000000u,  /* input */
@@ -425,6 +433,10 @@
 +        return status;
 +    }
 +
++    if (keyModSz != CAAM_SM_KEYMODSZ && keyModSz != CAAM_KEYMODSZ) {
++        return status;
++    }
++
 +    if (dir == CAAM_DECAP_BLOB &&
 +                (sizeOut > sizeIn - CAAM_PADDING_SIZE_BLOB)) {
 +        return status;
@@ -433,9 +445,9 @@
 +    /* initialize descriptor from template */
 +    (void)caam_memcpy(descriptor, templateBlob, sizeof(templateBlob));
 +
-+    /* add descriptor lenght in bytes to HEADER descriptor command */
++    /* add descriptor length in bytes to HEADER descriptor command */
 +    DESC_HEADER_ADD_DESCLEN(descriptor[0], descriptorSize);
-+    descriptor[1] |= color; /* add color of blob */
++    descriptor[1] |= keyModSz;
 +    DESC_SET_ADDR(descriptor[2], keyMod);
 +    DESC_ADD_LEN(descriptor[3], sizeIn);
 +    DESC_SET_ADDR(descriptor[4], in);
@@ -450,7 +462,9 @@
 +    }
 +
 +    /* schedule the job */
-+    status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++    do {
++        status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++    } while (status == kStatus_CAAM_Again);
 +    if (status == kStatus_Success) {
 +        status = CAAM_Wait(base, handle, descriptor, kCAAM_Blocking);
 +    }

IDE/MCUEXPRESSO/RT1170/fsl_caam_h.patch

@@ -1,6 +1,6 @@
---- fsl_caam-orig.h	2022-10-21 15:50:35.745560000 -0700
-+++ fsl_caam.h	2022-12-28 08:10:29.413415216 -0800
-@@ -3038,6 +3038,162 @@
+--- fsl_caam.h	2023-06-23 00:08:46.491699533 -0700
++++ fsl_caam-expanded.h	2023-06-23 00:10:22.702730462 -0700
+@@ -3038,6 +3038,164 @@
   *@}
   */ /* end of caam_driver_pkha */
  
@@ -127,10 +127,12 @@
 +
 +/* define for application to check for ECC CAAM additions */
 +#define CAAM_BLOB_EXPANSION
-+#define CAAM_RED_BLOB 0x00000C08
-+#define CAAM_BLACK_BLOB 0x00000010
++#define CAAM_RED_BLOB 1
++#define CAAM_BLACK_BLOB 2
 +#define CAAM_ENCAP_BLOB 0x07000000
 +#define CAAM_DECAP_BLOB 0x06000000
++#define CAAM_SM_KEYMODSZ 8
++#define CAAM_KEYMODSZ 16
 +#define CAAM_PADDING_SIZE_BLOB 48
 +
 +/*!

IDE/MCUEXPRESSO/benchmark/source/run_benchmark.c

@@ -78,7 +78,7 @@ static void doBenchmark(void* params)
         wolfCrypt_Cleanup();
     }
     else {
-    	PRINTF("Failied to initialize wolfCrypt\r\n");
+    	PRINTF("Failed to initialize wolfCrypt\r\n");
     }
 }
 

IDE/MCUEXPRESSO/wolfcrypt_test.c

@@ -136,7 +136,7 @@ int main(void)
         wolfCrypt_Cleanup();
     }
     else {
-    	PRINTF("Failied to initialize wolfCrypt\r\n");
+    	PRINTF("Failed to initialize wolfCrypt\r\n");
     }
 
 #if defined(FREESCALE_KSDK_2_0_TRNG) && defined(FREESCALE_RTC)

IDE/MDK-ARM/LPC43xx/time-LCP43xx.c

@@ -34,9 +34,9 @@
 
 static void init_RTC()
 {
-		/* Enable GPIO register interface clock                                     */
-		LPC_CCU1->CLK_M4_GPIO_CFG     |= 1;
-		while (!(LPC_CCU1->CLK_M4_GPIO_STAT   & 1)) ;
+    /* Enable GPIO register interface clock                                     */
+    LPC_CCU1->CLK_M4_GPIO_CFG     |= 1;
+    while (!(LPC_CCU1->CLK_M4_GPIO_STAT   & 1)) ;
 
     /* RTC Block section ------------------------------------------------------ */
     /* Init RTC module */
@@ -82,7 +82,7 @@ double current_time()
 
 
 void init_time(void) {
-	  init_RTC() ;
+    init_RTC() ;
     init_TIM() ;
 }
 
@@ -93,7 +93,7 @@ struct tm *Cyassl_MDK_gmtime(const time_t *c)
     static struct tm date ;
 
   	RTC_TIME_Type RTCFullTime;
-	  RTC_GetFullTime (LPC_RTC, &RTCFullTime);
+    RTC_GetFullTime (LPC_RTC, &RTCFullTime);
 
     date.tm_year = RTCFullTime.YEAR + 100 ;
     date.tm_mon = RTCFullTime.MONTH - 1 ;
@@ -104,7 +104,7 @@ struct tm *Cyassl_MDK_gmtime(const time_t *c)
 
     #if defined(DEBUG_CYASSL)
     {
-			  extern void CYASSL_MSG(char *msg) ;
+        extern void CYASSL_MSG(char *msg) ;
         char msg[100] ;
         sprintf(msg, "Debug::Cyassl_KEIL_gmtime(DATE=/%4d/%02d/%02d TIME=%02d:%02d:%02d)\n",
         RTCFullTime.YEAR+2000,  RTCFullTime.MONTH, RTCFullTime.DOM,
@@ -127,14 +127,14 @@ typedef struct func_args {
 void time_main(void *args)
 {
     char * datetime ;
-	  int year ;
+    int year ;
   	RTC_TIME_Type RTCFullTime;
 
     if( args == NULL || ((func_args *)args)->argc == 1) {
-		    RTC_GetFullTime (LPC_RTC, &RTCFullTime);
+        RTC_GetFullTime (LPC_RTC, &RTCFullTime);
         printf("Date: %d/%d/%d, Time: %02d:%02d:%02d\n",
-             RTCFullTime.MONTH, RTCFullTime.DOM, RTCFullTime.YEAR+2000,
-             RTCFullTime.HOUR,  RTCFullTime.MIN,  RTCFullTime.SEC) ;
+        RTCFullTime.MONTH, RTCFullTime.DOM, RTCFullTime.YEAR+2000,
+        RTCFullTime.HOUR,  RTCFullTime.MIN,  RTCFullTime.SEC) ;
     } else if(((func_args *)args)->argc == 3 &&
               ((func_args *)args)->argv[1][0] == '-' &&
               ((func_args *)args)->argv[1][1] == 'd' ) {
@@ -143,13 +143,13 @@ void time_main(void *args)
         sscanf(datetime, "%d/%d/%d",
              (int *)&RTCFullTime.MONTH, (int *)&RTCFullTime.DOM, &year) ;
         RTCFullTime.YEAR = year - 2000 ;
-				RTC_SetTime (LPC_RTC, RTC_TIMETYPE_MONTH, RTCFullTime.MONTH);
+        RTC_SetTime (LPC_RTC, RTC_TIMETYPE_MONTH, RTCFullTime.MONTH);
         RTC_SetTime (LPC_RTC, RTC_TIMETYPE_YEAR, RTCFullTime.YEAR);
         RTC_SetTime (LPC_RTC, RTC_TIMETYPE_DAYOFMONTH, RTCFullTime.DOM);
     } else if(((func_args *)args)->argc == 3 &&
               ((func_args *)args)->argv[1][0] == '-' &&
               ((func_args *)args)->argv[1][1] == 't' ) {
-		    RTC_GetFullTime (LPC_RTC, &RTCFullTime);
+        RTC_GetFullTime (LPC_RTC, &RTCFullTime);
 								datetime = ((func_args *)args)->argv[2];
         sscanf(datetime, "%d:%d:%d",
             (int *)&RTCFullTime.HOUR,
@@ -161,7 +161,3 @@ void time_main(void *args)
         RTC_SetTime (LPC_RTC, RTC_TIMETYPE_HOUR, RTCFullTime.HOUR);
     } else printf("Invalid argument\n") ;
 }
-
-
-
-

IDE/MDK-ARM/MDK-ARM/wolfSSL/config-BARE-METAL.h

@@ -165,7 +165,7 @@
 #endif
 //  </e>
 //      <e>DSA
-#define MDK_CONF_DSA 1
+#define MDK_CONF_DSA 0
 #if MDK_CONF_DSA == 0
 #define NO_DSA
 #endif
@@ -204,6 +204,59 @@
 //  </e>
 //  </h>
 
+// <h>Math / Memory
+//      <o> Math Library
+//        <0=>SP Math All (sp_int.c)
+//        <1=>Fast Math (tfm.c)
+//        <2=>Heap Math (integer.c)
+//        <3=>SP Math (RSA/DH 2048/3072/4096 and ECC 256/384/521 only)
+//        <4=>SP Math +ASM (faster)
+#define MDK_CONF_MATH 0
+#if MDK_CONF_MATH == 0
+    #define WOLFSSL_SP_MATH_ALL /* use SP math for all key sizes and curves */
+#elif MDK_CONF_MATH == 1
+    #define USE_FAST_MATH
+#elif MDK_CONF_MATH == 2
+    #define USE_INTEGER_HEAP_MATH
+#elif MDK_CONF_MATH == 3 || MDK_CONF_MATH == 4
+    #define WOLFSSL_SP_MATH     /* only SP math - disables integer.c/tfm.c */
+    #define WOLFSSL_HAVE_SP_RSA
+    #define WOLFSSL_HAVE_SP_DH
+    #define WOLFSSL_HAVE_SP_ECC
+
+    //#define WOLFSSL_SP_NO_2048
+    //#define WOLFSSL_SP_NO_3072
+    #define WOLFSSL_SP_4096
+    //#define WOLFSSL_SP_NO_256
+    //#define WOLFSSL_SP_384
+    //#define WOLFSSL_SP_521
+
+    #define WOLFSSL_SP_SMALL /* use smaller version of code */
+    //#define WOLFSSL_SP_NO_MALLOC /* do not use heap */
+    //#define WOLFSSL_SP_DIV_32 /* do not use 64-bit divides */
+
+    #if MDK_CONF_MATH == 4
+        /* SP Assembly Speedups - specific to chip type */
+        #define WOLFSSL_SP_ASM
+
+        //#define WOLFSSL_SP_ARM32_ASM
+        //#define WOLFSSL_SP_ARM64_ASM
+        //#define WOLFSSL_SP_ARM_THUMB_ASM
+        //#define WOLFSSL_SP_ARM_CORTEX_M_ASM
+    #endif
+#endif
+
+//      <e>Small Stack
+#define MDK_CONF_SmallStack 1
+#if MDK_CONF_SmallStack == 0
+    #define NO_WOLFSSL_SMALL_STACK
+    //#define WOLFSSL_SP_NO_MALLOC
+#else
+    #define WOLFSSL_SMALL_STACK
+#endif
+//      </e>
+//  </h>
+
 //  <h>Others
 
 //      <e>Inline
@@ -253,22 +306,9 @@
 #define NO_ERROR_STRINGS
 #endif
 //  </e>
-
-//      <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-//  </e>
-//      <e>Use Fast Math
-#define MDK_CONF_FASTMATH 0
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#endif
-//  </e>
-
-
 //  </h>
 
+
+
 //</h>
 // <<< end of configuration section >>>

IDE/MDK-ARM/MDK-ARM/wolfSSL/config-FS.h

@@ -202,7 +202,7 @@
 #endif
 //  </e>
 //      <e>DSA
-#define MDK_CONF_DSA 1
+#define MDK_CONF_DSA 0
 #if MDK_CONF_DSA == 0
 #define NO_DSA
 #endif
@@ -241,6 +241,59 @@
 //  </e>
 //  </h>
 
+// <h>Math / Memory
+//      <o> Math Library
+//        <0=>SP Math All (sp_int.c)
+//        <1=>Fast Math (tfm.c)
+//        <2=>Heap Math (integer.c)
+//        <3=>SP Math (RSA/DH 2048/3072/4096 and ECC 256/384/521 only)
+//        <4=>SP Math +ASM (faster)
+#define MDK_CONF_MATH 0
+#if MDK_CONF_MATH == 0
+    #define WOLFSSL_SP_MATH_ALL /* use SP math for all key sizes and curves */
+#elif MDK_CONF_MATH == 1
+    #define USE_FAST_MATH
+#elif MDK_CONF_MATH == 2
+    #define USE_INTEGER_HEAP_MATH
+#elif MDK_CONF_MATH == 3 || MDK_CONF_MATH == 4
+    #define WOLFSSL_SP_MATH     /* only SP math - disables integer.c/tfm.c */
+    #define WOLFSSL_HAVE_SP_RSA
+    #define WOLFSSL_HAVE_SP_DH
+    #define WOLFSSL_HAVE_SP_ECC
+
+    //#define WOLFSSL_SP_NO_2048
+    //#define WOLFSSL_SP_NO_3072
+    #define WOLFSSL_SP_4096
+    //#define WOLFSSL_SP_NO_256
+    //#define WOLFSSL_SP_384
+    //#define WOLFSSL_SP_521
+
+    #define WOLFSSL_SP_SMALL /* use smaller version of code */
+    //#define WOLFSSL_SP_NO_MALLOC /* do not use heap */
+    //#define WOLFSSL_SP_DIV_32 /* do not use 64-bit divides */
+
+    #if MDK_CONF_MATH == 4
+        /* SP Assembly Speedups - specific to chip type */
+        #define WOLFSSL_SP_ASM
+
+        //#define WOLFSSL_SP_ARM32_ASM
+        //#define WOLFSSL_SP_ARM64_ASM
+        //#define WOLFSSL_SP_ARM_THUMB_ASM
+        //#define WOLFSSL_SP_ARM_CORTEX_M_ASM
+    #endif
+#endif
+
+//      <e>Small Stack
+#define MDK_CONF_SmallStack 1
+#if MDK_CONF_SmallStack == 0
+    #define NO_WOLFSSL_SMALL_STACK
+    //#define WOLFSSL_SP_NO_MALLOC
+#else
+    #define WOLFSSL_SMALL_STACK
+#endif
+//      </e>
+//  </h>
+
 //  <h>Others
 
 //      <e>Inline
@@ -291,20 +344,6 @@
 #endif
 //  </e>
 
-//      <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-//  </e>
-//      <e>Use Fast Math
-#define MDK_CONF_FASTMATH 0
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#endif
-//  </e>
-
-
 //  </h>
 
 //</h>

IDE/MDK-ARM/MDK-ARM/wolfSSL/config-RTX-TCP-FS.h

@@ -224,7 +224,7 @@
 #endif
 //  </e>
 //      <e>DSA
-#define MDK_CONF_DSA 1
+#define MDK_CONF_DSA 0
 #if MDK_CONF_DSA == 0
 #define NO_DSA
 #endif
@@ -263,6 +263,59 @@
 //  </e>
 //  </h>
 
+// <h>Math / Memory
+//      <o> Math Library
+//        <0=>SP Math All (sp_int.c)
+//        <1=>Fast Math (tfm.c)
+//        <2=>Heap Math (integer.c)
+//        <3=>SP Math (RSA/DH 2048/3072/4096 and ECC 256/384/521 only)
+//        <4=>SP Math +ASM (faster)
+#define MDK_CONF_MATH 0
+#if MDK_CONF_MATH == 0
+    #define WOLFSSL_SP_MATH_ALL /* use SP math for all key sizes and curves */
+#elif MDK_CONF_MATH == 1
+    #define USE_FAST_MATH
+#elif MDK_CONF_MATH == 2
+    #define USE_INTEGER_HEAP_MATH
+#elif MDK_CONF_MATH == 3 || MDK_CONF_MATH == 4
+    #define WOLFSSL_SP_MATH     /* only SP math - disables integer.c/tfm.c */
+    #define WOLFSSL_HAVE_SP_RSA
+    #define WOLFSSL_HAVE_SP_DH
+    #define WOLFSSL_HAVE_SP_ECC
+
+    //#define WOLFSSL_SP_NO_2048
+    //#define WOLFSSL_SP_NO_3072
+    #define WOLFSSL_SP_4096
+    //#define WOLFSSL_SP_NO_256
+    //#define WOLFSSL_SP_384
+    //#define WOLFSSL_SP_521
+
+    #define WOLFSSL_SP_SMALL /* use smaller version of code */
+    //#define WOLFSSL_SP_NO_MALLOC /* do not use heap */
+    //#define WOLFSSL_SP_DIV_32 /* do not use 64-bit divides */
+
+    #if MDK_CONF_MATH == 4
+        /* SP Assembly Speedups - specific to chip type */
+        #define WOLFSSL_SP_ASM
+
+        //#define WOLFSSL_SP_ARM32_ASM
+        //#define WOLFSSL_SP_ARM64_ASM
+        //#define WOLFSSL_SP_ARM_THUMB_ASM
+        //#define WOLFSSL_SP_ARM_CORTEX_M_ASM
+    #endif
+#endif
+
+//      <e>Small Stack
+#define MDK_CONF_SmallStack 1
+#if MDK_CONF_SmallStack == 0
+    #define NO_WOLFSSL_SMALL_STACK
+    //#define WOLFSSL_SP_NO_MALLOC
+#else
+    #define WOLFSSL_SMALL_STACK
+#endif
+//      </e>
+//  </h>
+
 //  <h>Others
 
 //      <e>Inline
@@ -312,22 +365,6 @@
 #define NO_ERROR_STRINGS
 #endif
 //  </e>
-
-//      <e>Small Stack
-#define MDK_CONF_SMALL_STACK 1
-#if MDK_CONF_SMALL_STACK == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-//  </e>
-//      <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
-#endif
-//  </e>
-
-
 //  </h>
 
 //</h>

IDE/MDK-ARM/MDK-ARM/wolfSSL/main.c

@@ -99,7 +99,7 @@ extern void benchmark_test(void) ;
 extern void SER_Init(void) ;
 
 /*-----------------------------------------------------------------------------
- *       mian entry
+ *       main entry
  *----------------------------------------------------------------------------*/
 
 /*** This is the parent task entry ***/

IDE/MDK-ARM/MDK-ARM/wolfSSL/shell.c

@@ -301,7 +301,7 @@ static struct {
     "",  NULL
 } ;
 
-enum jobtype { FORGROUND, BACKGROUND }  ;
+enum jobtype { FOREGROUND, BACKGROUND }  ;
 
 #define IF_DELIMITER(ch) ((ch) == ' ' || (ch) == '\n')
 
@@ -326,7 +326,7 @@ static int getline(char * line, int sz, func_args *args, int*bf_flg)
         (*bf_flg) = BACKGROUND ;
         line[strlen(line)-2] = '\n' ;
     } else {
-        (*bf_flg) = FORGROUND ;
+        (*bf_flg) = FOREGROUND ;
     }
     args->argc = 0 ;
     for(i=0; i<sz; i++) {
@@ -542,7 +542,7 @@ void shell_main(void) {
         for(i=0; commandTable[i].func != NULL; i++) {
             if(strcmp(commandTable[i].command, args.argv[0]) == 0) {
             args.argv[0] = (char *) commandTable[i].func ;
-                if(bf_flg == FORGROUND) {
+                if(bf_flg == FOREGROUND) {
                     #ifdef  HAVE_KEIL_RTX
                     wc_UnLockMutex((wolfSSL_Mutex *)&command_mutex) ;
                     os_tsk_create_user_ex( (void(*)(void *))&command_invoke, 7,

IDE/MDK-ARM/STM32F2xx_StdPeriph_Lib/time-STM32F2xx.c

@@ -32,7 +32,7 @@
  *----------------------------------------------------------------------------*/
 #include "stm32f2xx.h"
 
-#define assert_param(a)
+#define assert_param(a) /* null expansion */
 
 #define RTC_RSF_MASK         ((uint32_t)0xFFFFFF5F)
 #define SYNCHRO_TIMEOUT      ((uint32_t) 0x00008000)

IDE/MDK5-ARM/Conf/user_settings.h

@@ -21,21 +21,20 @@
 
 #define NO_MAIN_DRIVER
 #define BENCH_EMBEDDED
-#define NO_DEV_RANDOM
-#define WOLFSSL_USER_CURRTIME
 #define SIZEOF_LONG_LONG 8
 #define NO_WRITEV
 #define NO_DEV_RANDOM
+#define WOLFSSL_IGNORE_FILE_WARN
 
 #define TFM_TIMING_RESISTANT
 #define ECC_TIMING_RESISTANT
 #define WC_RSA_BLINDING
 
 #define WOLFSSL_USER_CURRTIME /* for benchmark */
-#define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
+#define WOLFSSL_CURRTIME_OSTICK /* use OS tick for current_time */
 #define WOLFSSL_GMTIME
-
 #define NO_MULTIBYTE_PRINT
+
 // <<< Use Configuration Wizard in Context Menu >>>
 
 
@@ -99,7 +98,7 @@
 
 
 //      <e>File System
-#define MDK_CONF_FILESYSTEM 1
+#define MDK_CONF_FILESYSTEM 0
 #if MDK_CONF_FILESYSTEM == 0
 #define NO_FILESYSTEM
 #else
@@ -109,7 +108,9 @@
 //  </e>
 
 //   <o> Network<0=>None <1=>RLnet <2=>User I/O
+#ifndef MDK_CONF_NETWORK
 #define MDK_CONF_NETWORK 1
+#endif
 #if   MDK_CONF_NETWORK == 0
 #elif MDK_CONF_NETWORK == 1
 #define WOLFSSL_KEIL_TCP_NET
@@ -150,7 +151,7 @@
 
 // <h> wolfCrypt Configuration
 
-//  <h>Hash/Crypt Algrithm
+//  <h>Hash/Crypt Algorithm
 
 //      <e>MD2
 #define MDK_CONF_MD2 0
@@ -201,7 +202,7 @@
 #endif
 //  </e>
 //      <e>RIPEMD
-#define MDK_CONF_RIPEMD 1
+#define MDK_CONF_RIPEMD 0
 #if MDK_CONF_RIPEMD == 1
 #define WOLFSSL_RIPEMD
 #endif
@@ -275,7 +276,7 @@
 //  </e>
 
 //      <e>CAMELLIA
-#define MDK_CONF_CAMELLIA 1
+#define MDK_CONF_CAMELLIA 0
 #if MDK_CONF_CAMELLIA == 1
 #define HAVE_CAMELLIA
 #endif
@@ -287,8 +288,19 @@
 #define NO_DH
 #endif
 //  </e>
+
+//      <e>RSA
+#define MDK_CONF_RSA 1
+#if MDK_CONF_RSA == 1
+/* #define RSA_LOW_MEM */
+#else
+#define NO_RSA
+#endif
+//  </e>
+
+
 //      <e>DSA
-#define MDK_CONF_DSA 1
+#define MDK_CONF_DSA 0
 #if MDK_CONF_DSA == 0
 #define NO_DSA
 #endif
@@ -297,7 +309,7 @@
 //      <e>SRP
 #define MDK_CONF_SRP 1
 #if MDK_CONF_SRP == 1
-#define HAVE_SRP
+#define WOLFCRYPT_HAVE_SRP
 #endif
 //  </e>
 
@@ -412,7 +424,7 @@
 //  </e>
 // </h>
 
-//  <h>Cert/Key Strage
+//  <h>Cert/Key Storage
 //        <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
 #define MDK_CONF_CERT_BUFF 0
 #if MDK_CONF_CERT_BUFF== 1
@@ -432,25 +444,63 @@
 #define MDK_CONF_KEY_GEN 0
 #if MDK_CONF_KEY_GEN == 1
 #define WOLFSSL_KEY_GEN
+#define WOLFSSL_OLD_PRIME_CHECK /* use older prime check (faster) */
 #endif
 //  </e>
 // </h>
-//      <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
+
+// <h>Math / Memory
+//      <o> Math Library
+//        <0=>SP Math All (sp_int.c)
+//        <1=>Fast Math (tfm.c)
+//        <2=>Heap Math (integer.c)
+//        <3=>SP Math (RSA/DH 2048/3072/4096 and ECC 256/384/521 only)
+//        <4=>SP Math +ASM (faster)
+#define MDK_CONF_MATH 0
+#if MDK_CONF_MATH == 0
+    #define WOLFSSL_SP_MATH_ALL /* use SP math for all key sizes and curves */
+#elif MDK_CONF_MATH == 1
+    #define USE_FAST_MATH
+#elif MDK_CONF_MATH == 2
+    #define USE_INTEGER_HEAP_MATH
+#elif MDK_CONF_MATH == 3 || MDK_CONF_MATH == 4
+    #define WOLFSSL_SP_MATH     /* only SP math - disables integer.c/tfm.c */
+    #define WOLFSSL_HAVE_SP_RSA
+    #define WOLFSSL_HAVE_SP_DH
+    #define WOLFSSL_HAVE_SP_ECC
+
+    //#define WOLFSSL_SP_NO_2048
+    //#define WOLFSSL_SP_NO_3072
+    #define WOLFSSL_SP_4096
+    //#define WOLFSSL_SP_NO_256
+    //#define WOLFSSL_SP_384
+    //#define WOLFSSL_SP_521
+
+    #define WOLFSSL_SP_SMALL /* use smaller version of code */
+    //#define WOLFSSL_SP_NO_MALLOC /* do not use heap */
+    //#define WOLFSSL_SP_DIV_32 /* do not use 64-bit divides */
+
+    #if MDK_CONF_MATH == 4
+        /* SP Assembly Speedups - specific to chip type */
+        #define WOLFSSL_SP_ASM
+
+        //#define WOLFSSL_SP_ARM32_ASM
+        //#define WOLFSSL_SP_ARM64_ASM
+        //#define WOLFSSL_SP_ARM_THUMB_ASM
+        //#define WOLFSSL_SP_ARM_CORTEX_M_ASM
+    #endif
 #endif
-//  </e>
+
 //      <e>Small Stack
 #define MDK_CONF_SmallStack 1
 #if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
+    #define NO_WOLFSSL_SMALL_STACK
+#else
+    #define WOLFSSL_SMALL_STACK
 #endif
-//  </e>
-
+//      </e>
+//  </h>
 //  </h>
-
 
 /**** wolfSSL Configuration ****/
 
@@ -465,6 +515,7 @@
 #define WC_RSA_PSS
 #define HAVE_HKDF
 #define HAVE_FFDHE_2048
+//#define HAVE_FFDHE_3072
 #endif
 //  </e>
 

IDE/MDK5-ARM/Inc/wolfssl_MDK_ARM.h

@@ -1,4 +1,4 @@
-/* wolfssl_KEIL_ARM.h
+/* wolfssl_MDK_ARM.h
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -70,7 +70,7 @@ typedef int socklen_t ;
 #define tcp_listen    wolfssl_tcp_listen
 #define connect(a,b,c)    connect(a, (SOCKADDR *)(b), c)
 #define SOCKADDR struct sockaddr
-	
+
 /** KEIL-RL TCPnet ****/
 /* TCPnet BSD socket does not have following functions. */
 extern char *inet_ntoa(struct in_addr in);

IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvoptx

@@ -233,7 +233,7 @@
       <tvExp>0</tvExp>
       <tvExpOptDlg>0</tvExpOptDlg>
       <bDave2>0</bDave2>
-      <PathWithFileName>.\RTE\wolfSSL\user_settings.h</PathWithFileName>
+      <PathWithFileName>..\..\Conf\user_settings.h</PathWithFileName>
       <FilenameWithoutPath>user_settings.h</FilenameWithoutPath>
       <RteFlg>0</RteFlg>
       <bShared>0</bShared>

IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvprojx

@@ -334,7 +334,7 @@
             <v6Rtti>0</v6Rtti>
             <VariousControls>
               <MiscControls></MiscControls>
-              <Define>USE_STM32756G_EVAL USE_IOEXPANDER WOLFSSL_USER_SETTINGS</Define>
+              <Define>USE_STM32756G_EVAL USE_IOEXPANDER WOLFSSL_USER_SETTINGS MDK_CONF_NETWORK=0</Define>
               <Undefine></Undefine>
               <IncludePath></IncludePath>
             </VariousControls>
@@ -383,7 +383,7 @@
             <File>
               <FileName>user_settings.h</FileName>
               <FileType>5</FileType>
-              <FilePath>.\RTE\wolfSSL\user_settings.h</FilePath>
+              <FilePath>..\..\Conf\user_settings.h</FilePath>
             </File>
           </Files>
         </Group>
@@ -791,7 +791,7 @@
         <targetInfos/>
       </file>
       <file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\user_settings.h" version="3.14.0">
-        <instance index="0">RTE\wolfSSL\user_settings.h</instance>
+        <instance index="0">..\..\Conf\user_settings.h</instance>
         <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="CORE" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core"/>
         <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
         <targetInfos>

IDE/MDK5-ARM/Projects/CryptBenchmark/RTE/wolfSSL/user_settings.h

@@ -1,497 +0,0 @@
-/* user_settings.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#define WOLFSSL_MDK5_COMPLv5
-#define NO_MAIN_DRIVER
-#define BENCH_EMBEDDED
-#define NO_DEV_RANDOM
-#define WOLFSSL_USER_CURRTIME
-#define SIZEOF_LONG_LONG 8
-#define NO_WRITEV
-#define NO_DEV_RANDOM
-
-#define TFM_TIMING_RESISTANT
-#define ECC_TIMING_RESISTANT
-#define WC_RSA_BLINDING
-
-#define WOLFSSL_USER_CURRTIME /* for benchmark */
-#define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
-#define WOLFSSL_GMTIME
-#define NO_MULTIBYTE_PRINT
-
-// <<< Use Configuration Wizard in Context Menu >>>
-
-//  <h>Common options
-//        <o> MPU<0=>Undefined<1=>STM32F2xx<2=>STM32F4xx<3=>STM32F7xx
-#define MDK_CONF_MPU 3
-#if     MDK_CONF_MPU == 0
-
-#elif   MDK_CONF_MPU == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F2xx
-#elif MDK_CONF_MPU == 2
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F4xx
-#elif MDK_CONF_MPU == 3
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F7xx
-#endif
-
-//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS<4=>Windows
-//         <5=>PThread <6=>ThreadX
-//         <7=>Micrium <8=>EBSnet<9=>MQX
-//         <10=>T-RTOS <11=>uITRON4<12=>uTKERNEL2
-//         <13=>Frosted <14=>CMSIS RTOS<15=>CMSIS RTOSv2<16=>Others
-#define MDK_CONF_THREAD 15
-#if MDK_CONF_THREAD== 0
-#define SINGLE_THREADED
-#elif MDK_CONF_THREAD == 1
-#define FREERTOS
-#elif MDK_CONF_THREAD == 3
-#define WOLFSSL_SAFERTOS
-#elif MDK_CONF_THREAD == 4
-#define USE_WINDOWS_API
-#elif MDK_CONF_THREAD == 5
-#define WOLFSSL_PTHREADS
-#elif MDK_CONF_THREAD == 6
-#define THREADX
-#define NETX
-#elif MDK_CONF_THREAD == 7
-#define MICRIUM
-#elif MDK_CONF_THREAD == 8
-#define EBSNET
-#elif MDK_CONF_THREAD == 9
-#define FREESCALE_MQX
-#define FREESCALE_KSDK_MQX
-#elif MDK_CONF_THREAD == 10
-#define WOLFSSL_TIRTOS
-#elif MDK_CONF_THREAD == 11
-#define WOLFSSL_uITRON4
-#elif MDK_CONF_THREAD == 12
-#define WOLFSSL_uTKERNEL2
-#elif MDK_CONF_THREAD == 13
-#define WOLFSSL_FROSTED
-#elif MDK_CONF_THREAD == 14
-#define WOLFSSL_CMSIS_RTOS
-#elif MDK_CONF_THREAD == 15
-#define WOLFSSL_CMSIS_RTOSv2
-#elif MDK_CONF_THREAD == 16
-#define SINGLE_THREADED
-#endif
-
-
-//      <e>File System
-#define MDK_CONF_FILESYSTEM 1
-#if MDK_CONF_FILESYSTEM == 0
-#define NO_FILESYSTEM
-#else
-#define WOLFSSL_KEIL_FS
-#define NO_WOLFSSL_DIR
-#endif
-//  </e>
-
-//   <o> Network<0=>None <1=>RLnet <2=>User I/O
-#define MDK_CONF_NETWORK 0
-#if   MDK_CONF_NETWORK == 0
-#elif MDK_CONF_NETWORK == 1
-#define WOLFSSL_KEIL_TCP_NET
-#elif MDK_CONF_NETWORK == 2
-#define WOLFSSL_USER_IO
-#endif
-
-//  <h>Debug options
-
-//              <e>Debug Message
-#define MDK_CONF_DebugMessage 0
-#if MDK_CONF_DebugMessage == 1
-#define DEBUG_WOLFSSL
-#endif
-//         </e>
-//              <e>Check malloc
-#define MDK_CONF_CheckMalloc 1
-#if MDK_CONF_CheckMalloc == 1
-#define WOLFSSL_MALLOC_CHECK
-#define USE_WOLFSSL_MEMORY
-#endif
-//         </e>
-//      <e>ErrNo.h
-#define MDK_CONF_ErrNo 1
-#if MDK_CONF_ErrNo == 1
-#define HAVE_ERRNO
-#endif
-//  </e>
-//      <e>Error Strings
-#define MDK_CONF_ErrorStrings 1
-#if MDK_CONF_ErrorStrings == 0
-#define NO_ERROR_STRINGS
-#endif
-//  </e>
-
-//</h>
-//</h>
-
-// <h> wolfCrypt Configuration
-
-//  <h>Hash/Crypt Algrithm
-
-//      <e>MD2
-#define MDK_CONF_MD2 0
-#if MDK_CONF_MD2 == 1
-#define WOLFSSL_MD2
-#endif
-//  </e>
-//      <e>MD4
-#define MDK_CONF_MD4 0
-#if MDK_CONF_MD4 == 0
-#define NO_MD4
-#endif
-//  </e>
-//      <e>MD5
-#define MDK_CONF_MD5 1
-#if MDK_CONF_MD5 == 0
-#define NO_MD5
-#endif
-//  </e>
-//      <e>SHA
-#define MDK_CONF_SHA  1
-#if MDK_CONF_SHA == 0
-#define NO_SHA
-#endif
-//  </e>
-//      <e>SHA-256
-#define MDK_CONF_SHA256 1
-#if MDK_CONF_SHA256 == 0
-#define NO_SHA256
-#endif
-//  </e>
-//      <e>SHA-384
-#define MDK_CONF_SHA384 1
-#if MDK_CONF_SHA384 == 1
-#define WOLFSSL_SHA384
-#endif
-//  </e>
-//      <e>SHA-512
-#define MDK_CONF_SHA512     1
-#if MDK_CONF_SHA512     == 1
-#define WOLFSSL_SHA512
-#endif
-//  </e>
-//      <e>Hash DRBG
-#define MDK_CONF_HASHDRBG 1
-#if MDK_CONF_HASHDRBG == 1
-#define HAVE_HASHDRBG
-#endif
-//  </e>
-//      <e>RIPEMD
-#define MDK_CONF_RIPEMD 1
-#if MDK_CONF_RIPEMD == 1
-#define WOLFSSL_RIPEMD
-#endif
-//  </e>
-//      <e>BLAKE2
-#define MDK_CONF_BLAKE2 0
-#if MDK_CONF_BLAKE2 == 1
-#define HAVE_BLAKE2
-#endif
-//  </e>
-//      <e>HMAC
-#define MDK_CONF_HMAC 1
-#if MDK_CONF_HMAC == 0
-#define NO_HMAC
-#endif
-//  </e>
-//      <e>HMAC KDF
-#define MDK_CONF_HKDF 1
-#if MDK_CONF_HKDF == 1
-#define HAVE_HKDF
-#endif
-//  </e>
-
-//      <e>AES CCM
-#define MDK_CONF_AESCCM 1
-#if MDK_CONF_AESCCM == 1
-#define HAVE_AESCCM
-#endif
-//  </e>
-//      <e>AES GCM
-#define MDK_CONF_AESGCM 1
-#if MDK_CONF_AESGCM == 1
-#define HAVE_AESGCM
-#endif
-//  </e>
-
-//      <e>RC4
-#define MDK_CONF_RC4 0
-#if MDK_CONF_RC4 == 0
-#define NO_RC4
-#endif
-//  </e>
-
-//      <e>CHACHA
-#define MDK_CONF_CHACHA 1
-#if MDK_CONF_CHACHA == 1
-#define HAVE_CHACHA
-#endif
-//  </e>
-
-//      <e>POLY1305
-#define MDK_CONF_POLY1305 1
-#if MDK_CONF_POLY1305 == 1
-#define HAVE_POLY1305
-#define HAVE_ONE_TIME_AUTH
-#endif
-//  </e>
-
-//      <e>DES3
-#define MDK_CONF_DES3 1
-#if MDK_CONF_DES3 == 0
-#define NO_DES3
-#endif
-//  </e>
-
-//      <e>AES
-#define MDK_CONF_AES 1
-#if MDK_CONF_AES == 0
-#define NO_AES
-#endif
-//  </e>
-
-//      <e>CAMELLIA
-#define MDK_CONF_CAMELLIA 1
-#if MDK_CONF_CAMELLIA == 1
-#define HAVE_CAMELLIA
-#endif
-//  </e>
-
-//      <e>DH
-#define MDK_CONF_DH 1
-#if MDK_CONF_DH == 0
-#define NO_DH
-#endif
-//  </e>
-//      <e>DSA
-#define MDK_CONF_DSA 1
-#if MDK_CONF_DSA == 0
-#define NO_DSA
-#endif
-//  </e>
-
-//      <e>SRP
-#define MDK_CONF_SRP 1
-#if MDK_CONF_SRP == 1
-#define HAVE_SRP
-#endif
-//  </e>
-
-//      <e>PWDBASED
-#define MDK_CONF_PWDBASED 1
-#if MDK_CONF_PWDBASED == 0
-#define NO_PWDBASED
-#endif
-//  </e>
-
-//      <e>ECC
-#define MDK_CONF_ECC 1
-#if MDK_CONF_ECC == 1
-#define HAVE_ECC
-#endif
-//  </e>
-
-//      <e>CURVE25519
-#define MDK_CONF_CURVE25519 1
-#if MDK_CONF_CURVE25519 == 1
-#define HAVE_CURVE25519
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>CURVE25519 SMALL
-#define MDK_CONF_CURVE25519_SMALL 0
-#if MDK_CONF_CURVE25519_SMALL == 1
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>ED25519
-#define MDK_CONF_ED25519 1
-#if MDK_CONF_ED25519 == 1
-#define HAVE_ED25519
-#endif
-//  </e>
-//      <e>ED25519 SMALL
-#define MDK_CONF_ED25519_SMALL 0
-#if MDK_CONF_ED25519_SMALL == 1
-#define ED25519_SMALL
-#endif
-//  </e>
-//      <e>PKCS7
-#define MDK_CONF_PKCS7 0
-#if MDK_CONF_PKCS7 == 1
-#define HAVE_PKCS7
-#endif
-//  </e>
-//  </h>
-
-//      <e>Random Seed, for TEST Only
-#define MDK_CONF_RNDSEED 1
-#if MDK_CONF_RNDSEED == 1
-#define WOLFSSL_GENSEED_FORTEST
-#endif
-//  </e>
-
-//  <h>Hardware Crypt (See document for usage)
-//      <e>Hardware RNG
-#define MDK_CONF_STM32F2_RNG 0
-#if MDK_CONF_STM32F2_RNG == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_RNG
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Crypt
-#define MDK_CONF_STM32F2_CRYPTO 0
-#if MDK_CONF_STM32F2_CRYPTO == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_CRYPTO
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Hash
-#define MDK_CONF_STM32F2_HASH 0
-#if MDK_CONF_STM32F2_HASH == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_HASH
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-// </h>
-
-//  <h>Cert/Key Strage
-//        <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
-#define MDK_CONF_CERT_BUFF 0
-#if MDK_CONF_CERT_BUFF== 1
-#define USE_CERT_BUFFERS_1024
-#elif MDK_CONF_CERT_BUFF == 2
-#define USE_CERT_BUFFERS_2048
-#endif
-//</h>
-//  <h>Cert/Key Generation
-//      <e>CertGen
-#define MDK_CONF_CERT_GEN 0
-#if MDK_CONF_CERT_GEN == 1
-#define WOLFSSL_CERT_GEN
-#endif
-//  </e>
-//      <e>KeyGen
-#define MDK_CONF_KEY_GEN 0
-#if MDK_CONF_KEY_GEN == 1
-#define WOLFSSL_KEY_GEN
-#endif
-//  </e>
-// </h>
-//      <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
-#endif
-//  </e>
-//      <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-//  </e>
-
-//  </h>
-
-
-/**** wolfSSL Configuration ****/
-
-// <h> wolfSSL Configuration
-
-//      <e>TLS 1.3
-#define MDK_CONF_TLS 1
-#if MDK_CONF_TLS == 1
-#define WOLFSSL_TLS13
-#define HAVE_TLS_EXTENSIONS
-#define HAVE_SUPPORTED_CURVES
-#define WC_RSA_PSS
-#define HAVE_HKDF
-#define HAVE_FFDHE_2048
-#endif
-//  </e>
-
-//      <e>Include Old TLS
-#define MDK_CONF_NO_OLDTLS 0
-#if MDK_CONF_NO_OLDTLS == 0
-#define NO_OLD_TLS
-#endif
-//  </e>
-//      <e>CRL
-#define MDK_CONF_CRL 0
-#if MDK_CONF_CRL == 1
-#define HAVE_CRL
-#define WOLFSSL_DER_LOAD
-#endif
-//  </e>
-//      <e>OCSP
-#define MDK_CONF_OCSP 0
-#if MDK_CONF_OCSP == 1
-#define HAVE_OCSP
-#endif
-//  </e>
-//      <e>OpenSSL Extra
-#define MDK_CONF_OPENSSL_EXTRA 0
-#if MDK_CONF_OPENSSL_EXTRA == 1
-#define OPENSSL_EXTRA
-#endif
-//  </e>
-
-//</h>

IDE/MDK5-ARM/Projects/CryptBenchmark/main.c

@@ -37,11 +37,11 @@
 #endif
 
 /* Dummy definition for test RTC */
-#define RTC_YEAR 2019
+#define RTC_YEAR  2023
 #define RTC_MONTH 1
-#define RTC_DAY 1
+#define RTC_DAY   1
 #define RTC_MONTH 1
-#define RTC_DAY 1
+#define RTC_DAY   1
 
 #if defined(STM32F7xx)
 #include "stm32f7xx_hal.h"
@@ -72,22 +72,22 @@ extern uint32_t os_time;
 
 uint32_t HAL_GetTick(void)
 {
-    #if defined(WOLFSSL_CMSIS_RTOS)
-        return os_time;
-    #elif defined(WOLFSSL_CMSIS_RTOSv2)
-        return osKernelGetTickCount();
-    #endif
+  #if defined(WOLFSSL_CMSIS_RTOS)
+      return os_time;
+  #elif defined(WOLFSSL_CMSIS_RTOSv2)
+      return osKernelGetTickCount();
+  #endif
 }
 
 double current_time(int reset)
 {
     if (reset)
         return 0;
-    #if defined(WOLFSSL_CMSIS_RTOS)
-        return (double)os_time / 1000.0;
-    #elif defined(WOLFSSL_CMSIS_RTOSv2)
-        return (double)osKernelGetTickCount() / 1000.0;
-    #endif
+#if defined(WOLFSSL_CMSIS_RTOS)
+    return (double)os_time / 1000.0;
+#elif defined(WOLFSSL_CMSIS_RTOSv2)
+    return (double)osKernelGetTickCount() / 1000.0;
+#endif
 }
 
 #else
@@ -96,28 +96,28 @@ double current_time(int reset)
 #define DWT                 ((DWT_Type       *)     (0xE0001000UL)     )
 typedef struct
 {
-  uint32_t CTRL;                    /*!< Offset: 0x000 (R/W)  Control Register                          */
-  uint32_t CYCCNT;                  /*!< Offset: 0x004 (R/W)  Cycle Count Register                      */
+    uint32_t CTRL;   /*!< Offset: 0x000 (R/W)  Control Register     */
+    uint32_t CYCCNT; /*!< Offset: 0x004 (R/W)  Cycle Count Register */
 } DWT_Type;
 
-extern uint32_t SystemCoreClock ;
+extern uint32_t SystemCoreClock;
 
 double current_time(int reset)
 {
-      if(reset) DWT->CYCCNT = 0 ;
-      return ((double)DWT->CYCCNT/SystemCoreClock) ;
+    if (reset) DWT->CYCCNT = 0;
+    return ((double)DWT->CYCCNT/SystemCoreClock);
 }
 #endif
 
 static time_t epochTime;
 time_t time(time_t *t)
 {
-  return epochTime;
+    return epochTime;
 }
 
 void setTime(time_t t)
 {
-  epochTime = t;
+    epochTime = t;
 }
 
 /*-----------------------------------------------------------------------------
@@ -126,48 +126,51 @@ void setTime(time_t t)
 #if !defined(NO_FILESYSTEM)
 #include "rl_fs.h"                      /* FileSystem definitions             */
 
-static void init_filesystem (void) {
-  int32_t retv;
+static void init_filesystem(void)
+{
+    int32_t retv;
 
-  retv = finit ("M0:");
-  if (retv == fsOK) {
-    retv = fmount ("M0:");
+    retv = finit ("M0:");
     if (retv == fsOK) {
-      printf ("Drive M0 ready!\n");
+        retv = fmount ("M0:");
+        if (retv == fsOK) {
+            printf ("Drive M0 ready!\n");
+        }
+        else {
+            printf ("Drive M0 mount failed(%d)!\n", retv);
+        }
     }
     else {
-      printf ("Drive M0 mount failed(%d)!\n", retv);
+        printf ("Drive M0 initialization failed!\n");
     }
-  }
-  else {
-    printf ("Drive M0 initialization failed!\n");
-  }
 }
 #endif
 
 /*-----------------------------------------------------------------------------
- *       mian entry
+ *       main entry
  *----------------------------------------------------------------------------*/
-void benchmark_test(void *arg) ;
+void benchmark_test(void *arg);
 
 int main()
 {
-    void * arg = NULL ;
-    
-    MPU_Config(); 
+    void * arg = NULL;
+
+    MPU_Config();
     CPU_CACHE_Enable();
     HAL_Init();                        /* Initialize the HAL Library     */
     SystemClock_Config();              /* Configure the System Clock     */
 
-    #if !defined(NO_FILESYSTEM)
+#if !defined(NO_FILESYSTEM)
     init_filesystem ();
-    #endif
-    
-    setTime((RTC_YEAR-1970)*365*24*60*60 + RTC_MONTH*30*24*60*60 + RTC_DAY*24*60*60);
+#endif
 
-    printf("=== Start: Crypt Benchmark ===\n") ;
-    benchmark_test(arg) ;
-    printf("=== End: Crypt Benchmark  ===\n") ;
+    setTime((RTC_YEAR-1970)*365*24*60*60 +
+             RTC_MONTH*30*24*60*60 +
+             RTC_DAY*24*60*60);
 
+    printf("=== Start: Crypt Benchmark ===\n");
+    benchmark_test(arg);
+    printf("=== End: Crypt Benchmark  ===\n");
+
+    return 0;
 }
-

IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvoptx

@@ -298,7 +298,7 @@
       <tvExp>0</tvExp>
       <tvExpOptDlg>0</tvExpOptDlg>
       <bDave2>0</bDave2>
-      <PathWithFileName>.\RTE\wolfSSL\user_settings.h</PathWithFileName>
+      <PathWithFileName>..\..\Conf\user_settings.h</PathWithFileName>
       <FilenameWithoutPath>user_settings.h</FilenameWithoutPath>
       <RteFlg>0</RteFlg>
       <bShared>0</bShared>

IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvprojx

@@ -334,7 +334,7 @@
             <v6Rtti>0</v6Rtti>
             <VariousControls>
               <MiscControls></MiscControls>
-              <Define>USE_STM32756G_EVAL USE_IOEXPANDER WOLFSSL_USER_SETTINGS</Define>
+              <Define>USE_STM32756G_EVAL USE_IOEXPANDER WOLFSSL_USER_SETTINGS MDK_CONF_NETWORK=0</Define>
               <Undefine></Undefine>
               <IncludePath></IncludePath>
             </VariousControls>
@@ -413,7 +413,7 @@
             <File>
               <FileName>user_settings.h</FileName>
               <FileType>5</FileType>
-              <FilePath>.\RTE\wolfSSL\user_settings.h</FilePath>
+              <FilePath>..\..\Conf\user_settings.h</FilePath>
             </File>
           </Files>
         </Group>
@@ -760,14 +760,8 @@
         <package name="MDK-Middleware" schemaVersion="1.4" url="http://www.keil.com/pack/" vendor="Keil" version="7.4.1"/>
         <targetInfos/>
       </file>
-      <file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\config-Crypt.h">
-        <instance index="0" removed="1">RTE\wolfSSL\config-Crypt.h</instance>
-        <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="CORE" Cvendor="wolfSSL" Cversion="" condition="wolfCrypt-Core"/>
-        <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.13.0"/>
-        <targetInfos/>
-      </file>
       <file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\user_settings.h" version="3.14.0">
-        <instance index="0">RTE\wolfSSL\user_settings.h</instance>
+        <instance index="0">..\..\Conf\user_settings.h</instance>
         <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="CORE" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core"/>
         <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
         <targetInfos>

IDE/MDK5-ARM/Projects/CryptTest/RTE/wolfSSL/user_settings.h

@@ -1,497 +0,0 @@
-/* user_settings.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#define NO_MAIN_DRIVER
-#define BENCH_EMBEDDED
-#define NO_DEV_RANDOM
-#define WOLFSSL_USER_CURRTIME
-#define SIZEOF_LONG_LONG 8
-#define NO_WRITEV
-#define NO_DEV_RANDOM
-
-#define TFM_TIMING_RESISTANT
-#define ECC_TIMING_RESISTANT
-#define WC_RSA_BLINDING
-
-#define WOLFSSL_USER_CURRTIME /* for benchmark */
-#define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
-#define WOLFSSL_GMTIME
-#define NO_MULTIBYTE_PRINT
-
-// <<< Use Configuration Wizard in Context Menu >>>
-
-
-//  <h>Common options
-//        <o> MPU<0=>Undefined<1=>STM32F2xx<2=>STM32F4xx<3=>STM32F7xx
-#define MDK_CONF_MPU 3
-#if     MDK_CONF_MPU == 0
-
-#elif   MDK_CONF_MPU == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F2xx
-#elif MDK_CONF_MPU == 2
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F4xx
-#elif MDK_CONF_MPU == 3
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F7xx
-#endif
-
-//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS <4=>Windows
-//         <5=>PThread <6=>ThreadX
-//         <7=>Micrium <8=>EBSnet <9=>MQX
-//         <10=>T-RTOS <11=>uITRON4 <12=>uTKERNEL2
-//         <13=>Frosted <14=>CMSIS RTOS <15=>CMSIS RTOSv2 <16=>Others
-#define MDK_CONF_THREAD 15
-#if MDK_CONF_THREAD== 0
-#define SINGLE_THREADED
-#elif MDK_CONF_THREAD == 1
-#define FREERTOS
-#elif MDK_CONF_THREAD == 3
-#define WOLFSSL_SAFERTOS
-#elif MDK_CONF_THREAD == 4
-#define USE_WINDOWS_API
-#elif MDK_CONF_THREAD == 5
-#define WOLFSSL_PTHREADS
-#elif MDK_CONF_THREAD == 6
-#define THREADX
-#define NETX
-#elif MDK_CONF_THREAD == 7
-#define MICRIUM
-#elif MDK_CONF_THREAD == 8
-#define EBSNET
-#elif MDK_CONF_THREAD == 9
-#define FREESCALE_MQX
-#define FREESCALE_KSDK_MQX
-#elif MDK_CONF_THREAD == 10
-#define WOLFSSL_TIRTOS
-#elif MDK_CONF_THREAD == 11
-#define WOLFSSL_uITRON4
-#elif MDK_CONF_THREAD == 12
-#define WOLFSSL_uTKERNEL2
-#elif MDK_CONF_THREAD == 13
-#define WOLFSSL_FROSTED
-#elif MDK_CONF_THREAD == 14
-#define WOLFSSL_CMSIS_RTOS
-#elif MDK_CONF_THREAD == 15
-#define WOLFSSL_CMSIS_RTOSv2
-#elif MDK_CONF_THREAD == 16
-#define SINGLE_THREADED
-#endif
-
-
-//      <e>File System
-#define MDK_CONF_FILESYSTEM 1
-#if MDK_CONF_FILESYSTEM == 0
-#define NO_FILESYSTEM
-#else
-#define WOLFSSL_KEIL_FS
-#define NO_WOLFSSL_DIR
-#endif
-//  </e>
-
-//   <o> Network<0=>None <1=>RLnet <2=>User I/O
-#define MDK_CONF_NETWORK 0
-#if   MDK_CONF_NETWORK == 0
-#elif MDK_CONF_NETWORK == 1
-#define WOLFSSL_KEIL_TCP_NET
-#elif MDK_CONF_NETWORK == 2
-#define WOLFSSL_USER_IO
-#endif
-
-//  <h>Debug options
-
-//              <e>Debug Message
-#define MDK_CONF_DebugMessage 0
-#if MDK_CONF_DebugMessage == 1
-#define DEBUG_WOLFSSL
-#endif
-//         </e>
-//              <e>Check malloc
-#define MDK_CONF_CheckMalloc 1
-#if MDK_CONF_CheckMalloc == 1
-#define WOLFSSL_MALLOC_CHECK
-#define USE_WOLFSSL_MEMORY
-#endif
-//         </e>
-//      <e>ErrNo.h
-#define MDK_CONF_ErrNo 1
-#if MDK_CONF_ErrNo == 1
-#define HAVE_ERRNO
-#endif
-//  </e>
-//      <e>Error Strings
-#define MDK_CONF_ErrorStrings 1
-#if MDK_CONF_ErrorStrings == 0
-#define NO_ERROR_STRINGS
-#endif
-//  </e>
-
-//</h>
-//</h>
-
-// <h> wolfCrypt Configuration
-
-//  <h>Hash/Crypt Algrithm
-
-//      <e>MD2
-#define MDK_CONF_MD2 0
-#if MDK_CONF_MD2 == 1
-#define WOLFSSL_MD2
-#endif
-//  </e>
-//      <e>MD4
-#define MDK_CONF_MD4 0
-#if MDK_CONF_MD4 == 0
-#define NO_MD4
-#endif
-//  </e>
-//      <e>MD5
-#define MDK_CONF_MD5 1
-#if MDK_CONF_MD5 == 0
-#define NO_MD5
-#endif
-//  </e>
-//      <e>SHA
-#define MDK_CONF_SHA  1
-#if MDK_CONF_SHA == 0
-#define NO_SHA
-#endif
-//  </e>
-//      <e>SHA-256
-#define MDK_CONF_SHA256 1
-#if MDK_CONF_SHA256 == 0
-#define NO_SHA256
-#endif
-//  </e>
-//      <e>SHA-384
-#define MDK_CONF_SHA384 1
-#if MDK_CONF_SHA384 == 1
-#define WOLFSSL_SHA384
-#endif
-//  </e>
-//      <e>SHA-512
-#define MDK_CONF_SHA512     1
-#if MDK_CONF_SHA512     == 1
-#define WOLFSSL_SHA512
-#endif
-//  </e>
-//      <e>Hash DRBG
-#define MDK_CONF_HASHDRBG 1
-#if MDK_CONF_HASHDRBG == 1
-#define HAVE_HASHDRBG
-#endif
-//  </e>
-//      <e>RIPEMD
-#define MDK_CONF_RIPEMD 1
-#if MDK_CONF_RIPEMD == 1
-#define WOLFSSL_RIPEMD
-#endif
-//  </e>
-//      <e>BLAKE2
-#define MDK_CONF_BLAKE2 0
-#if MDK_CONF_BLAKE2 == 1
-#define HAVE_BLAKE2
-#endif
-//  </e>
-//      <e>HMAC
-#define MDK_CONF_HMAC 1
-#if MDK_CONF_HMAC == 0
-#define NO_HMAC
-#endif
-//  </e>
-//      <e>HMAC KDF
-#define MDK_CONF_HKDF 1
-#if MDK_CONF_HKDF == 1
-#define HAVE_HKDF
-#endif
-//  </e>
-
-//      <e>AES CCM
-#define MDK_CONF_AESCCM 1
-#if MDK_CONF_AESCCM == 1
-#define HAVE_AESCCM
-#endif
-//  </e>
-//      <e>AES GCM
-#define MDK_CONF_AESGCM 1
-#if MDK_CONF_AESGCM == 1
-#define HAVE_AESGCM
-#endif
-//  </e>
-
-//      <e>RC4
-#define MDK_CONF_RC4 0
-#if MDK_CONF_RC4 == 0
-#define NO_RC4
-#endif
-//  </e>
-
-//      <e>CHACHA
-#define MDK_CONF_CHACHA 1
-#if MDK_CONF_CHACHA == 1
-#define HAVE_CHACHA
-#endif
-//  </e>
-
-//      <e>POLY1305
-#define MDK_CONF_POLY1305 1
-#if MDK_CONF_POLY1305 == 1
-#define HAVE_POLY1305
-#define HAVE_ONE_TIME_AUTH
-#endif
-//  </e>
-
-//      <e>DES3
-#define MDK_CONF_DES3 1
-#if MDK_CONF_DES3 == 0
-#define NO_DES3
-#endif
-//  </e>
-
-//      <e>AES
-#define MDK_CONF_AES 1
-#if MDK_CONF_AES == 0
-#define NO_AES
-#endif
-//  </e>
-
-//      <e>CAMELLIA
-#define MDK_CONF_CAMELLIA 1
-#if MDK_CONF_CAMELLIA == 1
-#define HAVE_CAMELLIA
-#endif
-//  </e>
-
-//      <e>DH
-#define MDK_CONF_DH 1
-#if MDK_CONF_DH == 0
-#define NO_DH
-#endif
-//  </e>
-//      <e>DSA
-#define MDK_CONF_DSA 1
-#if MDK_CONF_DSA == 0
-#define NO_DSA
-#endif
-//  </e>
-
-//      <e>SRP
-#define MDK_CONF_SRP 1
-#if MDK_CONF_SRP == 1
-#define HAVE_SRP
-#endif
-//  </e>
-
-//      <e>PWDBASED
-#define MDK_CONF_PWDBASED 1
-#if MDK_CONF_PWDBASED == 0
-#define NO_PWDBASED
-#endif
-//  </e>
-
-//      <e>ECC
-#define MDK_CONF_ECC 1
-#if MDK_CONF_ECC == 1
-#define HAVE_ECC
-#endif
-//  </e>
-
-//      <e>CURVE25519
-#define MDK_CONF_CURVE25519 1
-#if MDK_CONF_CURVE25519 == 1
-#define HAVE_CURVE25519
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>CURVE25519 SMALL
-#define MDK_CONF_CURVE25519_SMALL 0
-#if MDK_CONF_CURVE25519_SMALL == 1
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>ED25519
-#define MDK_CONF_ED25519 1
-#if MDK_CONF_ED25519 == 1
-#define HAVE_ED25519
-#endif
-//  </e>
-//      <e>ED25519 SMALL
-#define MDK_CONF_ED25519_SMALL 0
-#if MDK_CONF_ED25519_SMALL == 1
-#define ED25519_SMALL
-#endif
-//  </e>
-//      <e>PKCS7
-#define MDK_CONF_PKCS7 0
-#if MDK_CONF_PKCS7 == 1
-#define HAVE_PKCS7
-#endif
-//  </e>
-//  </h>
-
-//      <e>Random Seed, for TEST Only
-#define MDK_CONF_RNDSEED 1
-#if MDK_CONF_RNDSEED == 1
-#define WOLFSSL_GENSEED_FORTEST
-#endif
-//  </e>
-
-//  <h>Hardware Crypt (See document for usage)
-//      <e>Hardware RNG
-#define MDK_CONF_STM32F2_RNG 0
-#if MDK_CONF_STM32F2_RNG == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_RNG
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Crypt
-#define MDK_CONF_STM32F2_CRYPTO 0
-#if MDK_CONF_STM32F2_CRYPTO == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_CRYPTO
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Hash
-#define MDK_CONF_STM32F2_HASH 0
-#if MDK_CONF_STM32F2_HASH == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_HASH
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-// </h>
-
-//  <h>Cert/Key Strage
-//        <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
-#define MDK_CONF_CERT_BUFF 0
-#if MDK_CONF_CERT_BUFF== 1
-#define USE_CERT_BUFFERS_1024
-#elif MDK_CONF_CERT_BUFF == 2
-#define USE_CERT_BUFFERS_2048
-#endif
-//</h>
-//  <h>Cert/Key Generation
-//      <e>CertGen
-#define MDK_CONF_CERT_GEN 0
-#if MDK_CONF_CERT_GEN == 1
-#define WOLFSSL_CERT_GEN
-#endif
-//  </e>
-//      <e>KeyGen
-#define MDK_CONF_KEY_GEN 0
-#if MDK_CONF_KEY_GEN == 1
-#define WOLFSSL_KEY_GEN
-#endif
-//  </e>
-// </h>
-//      <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
-#endif
-//  </e>
-//      <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-//  </e>
-
-//  </h>
-
-
-/**** wolfSSL Configuration ****/
-
-// <h> wolfSSL Configuration
-
-//      <e>TLS 1.3
-#define MDK_CONF_TLS 1
-#if MDK_CONF_TLS == 1
-#define WOLFSSL_TLS13
-#define HAVE_TLS_EXTENSIONS
-#define HAVE_SUPPORTED_CURVES
-#define WC_RSA_PSS
-#define HAVE_HKDF
-#define HAVE_FFDHE_2048
-#endif
-//  </e>
-
-//      <e>Include Old TLS
-#define MDK_CONF_NO_OLDTLS 0
-#if MDK_CONF_NO_OLDTLS == 0
-#define NO_OLD_TLS
-#endif
-//  </e>
-//      <e>CRL
-#define MDK_CONF_CRL 0
-#if MDK_CONF_CRL == 1
-#define HAVE_CRL
-#define WOLFSSL_DER_LOAD
-#endif
-//  </e>
-//      <e>OCSP
-#define MDK_CONF_OCSP 0
-#if MDK_CONF_OCSP == 1
-#define HAVE_OCSP
-#endif
-//  </e>
-//      <e>OpenSSL Extra
-#define MDK_CONF_OPENSSL_EXTRA 0
-#if MDK_CONF_OPENSSL_EXTRA == 1
-#define OPENSSL_EXTRA
-#endif
-//  </e>
-
-//</h>

IDE/MDK5-ARM/Projects/CryptTest/main.c

@@ -34,9 +34,9 @@
     #include "cmsis_os2.h"
 #endif
 /* Dummy definition for test RTC */
-#define RTC_YEAR 2019
+#define RTC_YEAR  2023
 #define RTC_MONTH 1
-#define RTC_DAY 1
+#define RTC_DAY   1
 
 #if defined(STM32F7xx)
 #include "stm32f7xx_hal.h"
@@ -65,19 +65,19 @@ extern uint32_t os_time;
 #endif
 
 uint32_t HAL_GetTick(void) {
-    #if defined(WOLFSSL_CMSIS_RTOS)
-        return os_time;
-    #elif defined(WOLFSSL_CMSIS_RTOSv2)
-        return osKernelGetTickCount();
-    #endif
+#if defined(WOLFSSL_CMSIS_RTOS)
+    return os_time;
+#elif defined(WOLFSSL_CMSIS_RTOSv2)
+    return osKernelGetTickCount();
+#endif
 }
 
 static  time_t epochTime;
-time_t time(time_t *t){
-     return epochTime ;
+time_t time(time_t *t) {
+     return epochTime;
 }
 
-void setTime(time_t t){
+void setTime(time_t t) {
     epochTime = t;
 }
 
@@ -87,48 +87,52 @@ void setTime(time_t t){
 #if !defined(NO_FILESYSTEM)
 #include "rl_fs.h"                      /* FileSystem definitions             */
 
-static void init_filesystem (void) {
-  int32_t retv;
+static void init_filesystem(void)
+{
+    int32_t retv;
 
-  retv = finit ("M0:");
-  if (retv == fsOK) {
-    retv = fmount ("M0:");
+    retv = finit ("M0:");
     if (retv == fsOK) {
-      printf ("Drive M0 ready!\n");
+        retv = fmount ("M0:");
+        if (retv == fsOK) {
+            printf ("Drive M0 ready!\n");
+        }
+        else {
+            printf ("Drive M0 mount failed(%d)!\n", retv);
+        }
     }
     else {
-      printf ("Drive M0 mount failed(%d)!\n", retv);
+        printf ("Drive M0 initialization failed!\n");
     }
-  }
-  else {
-    printf ("Drive M0 initialization failed!\n");
-  }
 }
 #endif
 
 
 /*-----------------------------------------------------------------------------
- *       mian entry
+ *       main entry
  *----------------------------------------------------------------------------*/
-void wolfcrypt_test(void *arg) ;
+void wolfcrypt_test(void *arg);
 
 int main()
 {
-    void * arg = NULL ;
+    void * arg = NULL;
 
-    MPU_Config(); 
+    MPU_Config();
     CPU_CACHE_Enable();
     HAL_Init();                        /* Initialize the HAL Library     */
     SystemClock_Config();              /* Configure the System Clock     */
 
-    #if !defined(NO_FILESYSTEM)
+#if !defined(NO_FILESYSTEM)
     init_filesystem ();
-    #endif
+#endif
 
-    setTime((RTC_YEAR-1970)*365*24*60*60 + RTC_MONTH*30*24*60*60 + RTC_DAY*24*60*60);
+    setTime((RTC_YEAR-1970)*365*24*60*60 +
+            RTC_MONTH*30*24*60*60 +
+            RTC_DAY*24*60*60);
 
-    printf("=== Start: Crypt test === \n") ;
-        wolfcrypt_test(arg) ;
-    printf("=== End: Crypt test  ===\n") ;
+    printf("=== Start: Crypt test === \n");
+    wolfcrypt_test(arg);
+    printf("=== End: Crypt test  ===\n");
 
+    return 0;
 }

IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvoptx

@@ -328,7 +328,7 @@
       <tvExp>0</tvExp>
       <tvExpOptDlg>0</tvExpOptDlg>
       <bDave2>0</bDave2>
-      <PathWithFileName>.\RTE\wolfSSL\user_settings.h</PathWithFileName>
+      <PathWithFileName>..\..\Conf\user_settings.h</PathWithFileName>
       <FilenameWithoutPath>user_settings.h</FilenameWithoutPath>
       <RteFlg>0</RteFlg>
       <bShared>0</bShared>

IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvprojx

@@ -413,7 +413,7 @@
             <File>
               <FileName>user_settings.h</FileName>
               <FileType>5</FileType>
-              <FilePath>.\RTE\wolfSSL\user_settings.h</FilePath>
+              <FilePath>..\..\Conf\user_settings.h</FilePath>
             </File>
           </Files>
         </Group>
@@ -880,7 +880,7 @@
         <targetInfos/>
       </file>
       <file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\user_settings.h" version="3.14.0">
-        <instance index="0">RTE\wolfSSL\user_settings.h</instance>
+        <instance index="0">..\..\Conf\user_settings.h</instance>
         <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfSSL" Csub="Core" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core"/>
         <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
         <targetInfos>

IDE/MDK5-ARM/Projects/EchoClient/RTE/wolfSSL/user_settings.h

@@ -1,495 +0,0 @@
-/* user_settings.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#define NO_MAIN_DRIVER
-#define BENCH_EMBEDDED
-#define NO_DEV_RANDOM
-#define WOLFSSL_USER_CURRTIME
-#define SIZEOF_LONG_LONG 8
-#define NO_WRITEV
-#define NO_DEV_RANDOM
-
-#define TFM_TIMING_RESISTANT
-#define ECC_TIMING_RESISTANT
-#define WC_RSA_BLINDING
-
-#define WOLFSSL_USER_CURRTIME /* for benchmark */
-#define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
-#define WOLFSSL_GMTIME
-#define NO_MULTIBYTE_PRINT
-
-// <<< Use Configuration Wizard in Context Menu >>>
-
-
-//  <h>Common options
-//        <o> MPU<0=>Undefined<1=>STM32F2xx<2=>STM32F4xx<3=>STM32F7xx
-#define MDK_CONF_MPU 3
-#if     MDK_CONF_MPU == 0
-
-#elif   MDK_CONF_MPU == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F2xx
-#elif MDK_CONF_MPU == 2
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F4xx
-#elif MDK_CONF_MPU == 3
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F7xx
-#endif
-
-//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS <4=>Windows
-//         <5=>PThread <6=>ThreadX
-//         <7=>Micrium <8=>EBSnet <9=>MQX
-//         <10=>T-RTOS <11=>uITRON4 <12=>uTKERNEL2
-//         <13=>Frosted <14=>CMSIS RTOS <15=>CMSIS RTOSv2 <16=>Others
-#define MDK_CONF_THREAD 14
-#if MDK_CONF_THREAD== 0
-#define SINGLE_THREADED
-#elif MDK_CONF_THREAD == 1
-#define FREERTOS
-#elif MDK_CONF_THREAD == 3
-#define WOLFSSL_SAFERTOS
-#elif MDK_CONF_THREAD == 4
-#define USE_WINDOWS_API
-#elif MDK_CONF_THREAD == 5
-#define WOLFSSL_PTHREADS
-#elif MDK_CONF_THREAD == 6
-#define THREADX
-#define NETX
-#elif MDK_CONF_THREAD == 7
-#define MICRIUM
-#elif MDK_CONF_THREAD == 8
-#define EBSNET
-#elif MDK_CONF_THREAD == 9
-#define FREESCALE_MQX
-#define FREESCALE_KSDK_MQX
-#elif MDK_CONF_THREAD == 10
-#define WOLFSSL_TIRTOS
-#elif MDK_CONF_THREAD == 11
-#define WOLFSSL_uITRON4
-#elif MDK_CONF_THREAD == 12
-#define WOLFSSL_uTKERNEL2
-#elif MDK_CONF_THREAD == 13
-#define WOLFSSL_FROSTED
-#elif MDK_CONF_THREAD == 14
-#define WOLFSSL_CMSIS_RTOS
-#elif MDK_CONF_THREAD == 15
-#define SINGLE_THREADED
-#endif
-
-
-//      <e>File System
-#define MDK_CONF_FILESYSTEM 1
-#if MDK_CONF_FILESYSTEM == 0
-#define NO_FILESYSTEM
-#else
-#define WOLFSSL_KEIL_FS
-#define NO_WOLFSSL_DIR
-#endif
-//  </e>
-
-//   <o> Network<0=>None <1=>RLnet <2=>User I/O
-#define MDK_CONF_NETWORK 1
-#if   MDK_CONF_NETWORK == 0
-#elif MDK_CONF_NETWORK == 1
-#define WOLFSSL_KEIL_TCP_NET
-#elif MDK_CONF_NETWORK == 2
-#define WOLFSSL_USER_IO
-#endif
-
-//  <h>Debug options
-
-//              <e>Debug Message
-#define MDK_CONF_DebugMessage 0
-#if MDK_CONF_DebugMessage == 1
-#define DEBUG_WOLFSSL
-#endif
-//         </e>
-//              <e>Check malloc
-#define MDK_CONF_CheckMalloc 1
-#if MDK_CONF_CheckMalloc == 1
-#define WOLFSSL_MALLOC_CHECK
-#define USE_WOLFSSL_MEMORY
-#endif
-//         </e>
-//      <e>ErrNo.h
-#define MDK_CONF_ErrNo 1
-#if MDK_CONF_ErrNo == 1
-#define HAVE_ERRNO
-#endif
-//  </e>
-//      <e>Error Strings
-#define MDK_CONF_ErrorStrings 1
-#if MDK_CONF_ErrorStrings == 0
-#define NO_ERROR_STRINGS
-#endif
-//  </e>
-
-//</h>
-//</h>
-
-// <h> wolfCrypt Configuration
-
-//  <h>Hash/Crypt Algrithm
-
-//      <e>MD2
-#define MDK_CONF_MD2 0
-#if MDK_CONF_MD2 == 1
-#define WOLFSSL_MD2
-#endif
-//  </e>
-//      <e>MD4
-#define MDK_CONF_MD4 0
-#if MDK_CONF_MD4 == 0
-#define NO_MD4
-#endif
-//  </e>
-//      <e>MD5
-#define MDK_CONF_MD5 1
-#if MDK_CONF_MD5 == 0
-#define NO_MD5
-#endif
-//  </e>
-//      <e>SHA
-#define MDK_CONF_SHA  1
-#if MDK_CONF_SHA == 0
-#define NO_SHA
-#endif
-//  </e>
-//      <e>SHA-256
-#define MDK_CONF_SHA256 1
-#if MDK_CONF_SHA256 == 0
-#define NO_SHA256
-#endif
-//  </e>
-//      <e>SHA-384
-#define MDK_CONF_SHA384 1
-#if MDK_CONF_SHA384 == 1
-#define WOLFSSL_SHA384
-#endif
-//  </e>
-//      <e>SHA-512
-#define MDK_CONF_SHA512     1
-#if MDK_CONF_SHA512     == 1
-#define WOLFSSL_SHA512
-#endif
-//  </e>
-//      <e>Hash DRBG
-#define MDK_CONF_HASHDRBG 1
-#if MDK_CONF_HASHDRBG == 1
-#define HAVE_HASHDRBG
-#endif
-//  </e>
-//      <e>RIPEMD
-#define MDK_CONF_RIPEMD 1
-#if MDK_CONF_RIPEMD == 1
-#define WOLFSSL_RIPEMD
-#endif
-//  </e>
-//      <e>BLAKE2
-#define MDK_CONF_BLAKE2 0
-#if MDK_CONF_BLAKE2 == 1
-#define HAVE_BLAKE2
-#endif
-//  </e>
-//      <e>HMAC
-#define MDK_CONF_HMAC 1
-#if MDK_CONF_HMAC == 0
-#define NO_HMAC
-#endif
-//  </e>
-//      <e>HMAC KDF
-#define MDK_CONF_HKDF 1
-#if MDK_CONF_HKDF == 1
-#define HAVE_HKDF
-#endif
-//  </e>
-
-//      <e>AES CCM
-#define MDK_CONF_AESCCM 1
-#if MDK_CONF_AESCCM == 1
-#define HAVE_AESCCM
-#endif
-//  </e>
-//      <e>AES GCM
-#define MDK_CONF_AESGCM 1
-#if MDK_CONF_AESGCM == 1
-#define HAVE_AESGCM
-#endif
-//  </e>
-
-//      <e>RC4
-#define MDK_CONF_RC4 0
-#if MDK_CONF_RC4 == 0
-#define NO_RC4
-#endif
-//  </e>
-
-//      <e>CHACHA
-#define MDK_CONF_CHACHA 1
-#if MDK_CONF_CHACHA == 1
-#define HAVE_CHACHA
-#endif
-//  </e>
-
-//      <e>POLY1305
-#define MDK_CONF_POLY1305 1
-#if MDK_CONF_POLY1305 == 1
-#define HAVE_POLY1305
-#define HAVE_ONE_TIME_AUTH
-#endif
-//  </e>
-
-//      <e>DES3
-#define MDK_CONF_DES3 1
-#if MDK_CONF_DES3 == 0
-#define NO_DES3
-#endif
-//  </e>
-
-//      <e>AES
-#define MDK_CONF_AES 1
-#if MDK_CONF_AES == 0
-#define NO_AES
-#endif
-//  </e>
-
-//      <e>CAMELLIA
-#define MDK_CONF_CAMELLIA 1
-#if MDK_CONF_CAMELLIA == 1
-#define HAVE_CAMELLIA
-#endif
-//  </e>
-
-//      <e>DH
-#define MDK_CONF_DH 1
-#if MDK_CONF_DH == 0
-#define NO_DH
-#endif
-//  </e>
-//      <e>DSA
-#define MDK_CONF_DSA 1
-#if MDK_CONF_DSA == 0
-#define NO_DSA
-#endif
-//  </e>
-
-//      <e>SRP
-#define MDK_CONF_SRP 1
-#if MDK_CONF_SRP == 1
-#define HAVE_SRP
-#endif
-//  </e>
-
-//      <e>PWDBASED
-#define MDK_CONF_PWDBASED 1
-#if MDK_CONF_PWDBASED == 0
-#define NO_PWDBASED
-#endif
-//  </e>
-
-//      <e>ECC
-#define MDK_CONF_ECC 1
-#if MDK_CONF_ECC == 1
-#define HAVE_ECC
-#endif
-//  </e>
-
-//      <e>CURVE25519
-#define MDK_CONF_CURVE25519 1
-#if MDK_CONF_CURVE25519 == 1
-#define HAVE_CURVE25519
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>CURVE25519 SMALL
-#define MDK_CONF_CURVE25519_SMALL 0
-#if MDK_CONF_CURVE25519_SMALL == 1
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>ED25519
-#define MDK_CONF_ED25519 1
-#if MDK_CONF_ED25519 == 1
-#define HAVE_ED25519
-#endif
-//  </e>
-//      <e>ED25519 SMALL
-#define MDK_CONF_ED25519_SMALL 0
-#if MDK_CONF_ED25519_SMALL == 1
-#define ED25519_SMALL
-#endif
-//  </e>
-//      <e>PKCS7
-#define MDK_CONF_PKCS7 0
-#if MDK_CONF_PKCS7 == 1
-#define HAVE_PKCS7
-#endif
-//  </e>
-//  </h>
-
-//      <e>Random Seed, for TEST Only
-#define MDK_CONF_RNDSEED 1
-#if MDK_CONF_RNDSEED == 1
-#define WOLFSSL_GENSEED_FORTEST
-#endif
-//  </e>
-
-//  <h>Hardware Crypt (See document for usage)
-//      <e>Hardware RNG
-#define MDK_CONF_STM32F2_RNG 0
-#if MDK_CONF_STM32F2_RNG == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_RNG
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Crypt
-#define MDK_CONF_STM32F2_CRYPTO 0
-#if MDK_CONF_STM32F2_CRYPTO == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_CRYPTO
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Hash
-#define MDK_CONF_STM32F2_HASH 0
-#if MDK_CONF_STM32F2_HASH == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_HASH
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-// </h>
-
-//  <h>Cert/Key Strage
-//        <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
-#define MDK_CONF_CERT_BUFF 0
-#if MDK_CONF_CERT_BUFF== 1
-#define USE_CERT_BUFFERS_1024
-#elif MDK_CONF_CERT_BUFF == 2
-#define USE_CERT_BUFFERS_2048
-#endif
-//</h>
-//  <h>Cert/Key Generation
-//      <e>CertGen
-#define MDK_CONF_CERT_GEN 0
-#if MDK_CONF_CERT_GEN == 1
-#define WOLFSSL_CERT_GEN
-#endif
-//  </e>
-//      <e>KeyGen
-#define MDK_CONF_KEY_GEN 0
-#if MDK_CONF_KEY_GEN == 1
-#define WOLFSSL_KEY_GEN
-#endif
-//  </e>
-// </h>
-//      <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
-#endif
-//  </e>
-//      <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-//  </e>
-
-//  </h>
-
-
-/**** wolfSSL Configuration ****/
-
-// <h> wolfSSL Configuration
-
-//      <e>TLS 1.3
-#define MDK_CONF_TLS 1
-#if MDK_CONF_TLS == 1
-#define WOLFSSL_TLS13
-#define HAVE_TLS_EXTENSIONS
-#define HAVE_SUPPORTED_CURVES
-#define WC_RSA_PSS
-#define HAVE_HKDF
-#define HAVE_FFDHE_2048
-#endif
-//  </e>
-
-//      <e>Include Old TLS
-#define MDK_CONF_NO_OLDTLS 0
-#if MDK_CONF_NO_OLDTLS == 0
-#define NO_OLD_TLS
-#endif
-//  </e>
-//      <e>CRL
-#define MDK_CONF_CRL 0
-#if MDK_CONF_CRL == 1
-#define HAVE_CRL
-#define WOLFSSL_DER_LOAD
-#endif
-//  </e>
-//      <e>OCSP
-#define MDK_CONF_OCSP 0
-#if MDK_CONF_OCSP == 1
-#define HAVE_OCSP
-#endif
-//  </e>
-//      <e>OpenSSL Extra
-#define MDK_CONF_OPENSSL_EXTRA 0
-#if MDK_CONF_OPENSSL_EXTRA == 1
-#define OPENSSL_EXTRA
-#endif
-//  </e>
-
-//</h>

IDE/MDK5-ARM/Projects/EchoClient/main.c

@@ -26,7 +26,7 @@
 #include "wolfssl/wolfcrypt/settings.h"
 
 #include "cmsis_os.h"                 /* CMSIS RTOS definitions             */
-#include "rl_net.h"                      /* Network definitions                */
+#include "rl_net.h"                   /* Network definitions                */
 #include <time.h>
 
 #if defined(STM32F7xx)
@@ -40,12 +40,9 @@
 //-------- <<< Use Configuration Wizard in Context Menu >>> -----------------
 
 //   <h>RTC: for validate certificate date
-//    <o>Year <1970-2099>
-#define RTC_YEAR 2018
-//    <o>Month <1=>Jan<2=>Feb<3=>Mar<4=>Apr<5=>May<6=>Jun<7=>Jul<8=>Aut<9=>Sep<10=>Oct<11=>Nov<12=>Dec
+#define RTC_YEAR  2023
 #define RTC_MONTH 1
-//    <o>Day <1-31>
-#define RTC_DAY 1
+#define RTC_DAY   1
 //    </h>
 
 //------------- <<< end of configuration section >>> -----------------------
@@ -69,29 +66,30 @@ static void CPU_CACHE_Enable (void) {
 #if !defined(NO_FILESYSTEM)
 #include "rl_fs.h"                      /* FileSystem definitions             */
 
-static void init_filesystem (void) {
-  int32_t retv;
+static void init_filesystem(void)
+{
+    int32_t retv;
 
-  retv = finit ("M0:");
-  if (retv == fsOK) {
-    retv = fmount ("M0:");
+    retv = finit ("M0:");
     if (retv == fsOK) {
-      printf ("Drive M0 ready!\n");
+        retv = fmount ("M0:");
+        if (retv == fsOK) {
+            printf ("Drive M0 ready!\n");
+        }
+        else {
+            printf ("Drive M0 mount failed(%d)!\n", retv);
+        }
     }
     else {
-      printf ("Drive M0 mount failed(%d)!\n", retv);
+        printf ("Drive M0 initialization failed!\n");
     }
-  }
-  else {
-    printf ("Drive M0 initialization failed!\n");
-  }
 }
 #endif
 
 
 void net_loop(void const *arg)
 {
-    while(1) {
+    while (1) {
         net_main ();
         osThreadYield ();
     }
@@ -103,8 +101,8 @@ osThreadDef(net_loop, osPriorityLow, 2, 0);
 extern uint32_t os_time;
 static  time_t epochTime;
 
-uint32_t HAL_GetTick(void) { 
-    return os_time; 
+uint32_t HAL_GetTick(void) {
+    return os_time;
 }
 
 time_t time(time_t *t){
@@ -133,15 +131,15 @@ double current_time(int reset)
 #define DWT                 ((DWT_Type       *)     (0xE0001000UL)     )
 typedef struct
 {
-  uint32_t CTRL;       /*!< Offset: 0x000 (R/W)  Control Register           */
-  uint32_t CYCCNT;     /*!< Offset: 0x004 (R/W)  Cycle Count Register       */
+    uint32_t CTRL;       /*!< Offset: 0x000 (R/W)  Control Register           */
+    uint32_t CYCCNT;     /*!< Offset: 0x004 (R/W)  Cycle Count Register       */
 } DWT_Type;
 
 extern uint32_t SystemCoreClock ;
 
 double current_time(int reset)
 {
-    if(reset) DWT->CYCCNT = 0 ;
+    if (reset) DWT->CYCCNT = 0 ;
     return ((double)DWT->CYCCNT/SystemCoreClock) ;
 }
 #endif
@@ -160,20 +158,21 @@ extern void echoclient_test(func_args * args) ;
 int myoptind = 0;
 char* myoptarg = NULL;
 
-int main (void) {
+int main (void)
+{
      static char *argv[] =
           {   "client" } ;
      static   func_args args  =
           {  1, argv } ;
 
-    MPU_Config();                             /* Configure the MPU              */
-    CPU_CACHE_Enable();                       /* Enable the CPU Cache           */
-    HAL_Init();                               /* Initialize the HAL Library     */
-    SystemClock_Config();                     /* Configure the System Clock     */
+    MPU_Config();                             /* Configure the MPU            */
+    CPU_CACHE_Enable();                       /* Enable the CPU Cache         */
+    HAL_Init();                               /* Initialize the HAL Library   */
+    SystemClock_Config();                     /* Configure the System Clock   */
 
-    #if !defined(NO_FILESYSTEM)
+#if !defined(NO_FILESYSTEM)
     init_filesystem ();
-    #endif
+#endif
     net_initialize ();
 
     #if defined(DEBUG_WOLFSSL)
@@ -181,14 +180,15 @@ int main (void) {
          wolfSSL_Debugging_ON() ;
     #endif
 
-    setTime((RTC_YEAR-1970)*365*24*60*60 + RTC_MONTH*30*24*60*60 + RTC_DAY*24*60*60);
+    setTime((RTC_YEAR-1970)*365*24*60*60 +
+             RTC_MONTH*30*24*60*60 +
+             RTC_DAY*24*60*60);
 
     osThreadCreate (osThread(net_loop), NULL);
 
     echoclient_test(&args) ;
 
-    while(1)
+    while (1) {
         osDelay(1000);
-
+    }
 }
-

IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvoptx

@@ -279,7 +279,7 @@
       <tvExp>0</tvExp>
       <tvExpOptDlg>0</tvExpOptDlg>
       <bDave2>0</bDave2>
-      <PathWithFileName>.\RTE\wolfSSL\user_settings.h</PathWithFileName>
+      <PathWithFileName>..\..\Conf\user_settings.h</PathWithFileName>
       <FilenameWithoutPath>user_settings.h</FilenameWithoutPath>
       <RteFlg>0</RteFlg>
       <bShared>0</bShared>

IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvprojx

@@ -413,7 +413,7 @@
             <File>
               <FileName>user_settings.h</FileName>
               <FileType>5</FileType>
-              <FilePath>.\RTE\wolfSSL\user_settings.h</FilePath>
+              <FilePath>..\..\Conf\user_settings.h</FilePath>
             </File>
           </Files>
         </Group>
@@ -886,7 +886,7 @@
         <targetInfos/>
       </file>
       <file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\user_settings.h" version="3.14.0">
-        <instance index="0">RTE\wolfSSL\user_settings.h</instance>
+        <instance index="0">..\..\Conf\user_settings.h</instance>
         <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfSSL" Csub="Core" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core"/>
         <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
         <targetInfos>

IDE/MDK5-ARM/Projects/EchoServer/RTE/wolfSSL/user_settings.h

@@ -1,497 +0,0 @@
-/* user_settings.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#define NO_MAIN_DRIVER
-#define BENCH_EMBEDDED
-#define NO_DEV_RANDOM
-#define WOLFSSL_USER_CURRTIME
-#define SIZEOF_LONG_LONG 8
-#define NO_WRITEV
-#define NO_DEV_RANDOM
-
-#define TFM_TIMING_RESISTANT
-#define ECC_TIMING_RESISTANT
-#define WC_RSA_BLINDING
-
-#define WOLFSSL_USER_CURRTIME /* for benchmark */
-#define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
-#define WOLFSSL_GMTIME
-#define NO_MULTIBYTE_PRINT
-
-// <<< Use Configuration Wizard in Context Menu >>>
-
-
-//  <h>Common options
-//        <o> MPU<0=>Undefined<1=>STM32F2xx<2=>STM32F4xx<3=>STM32F7xx
-#define MDK_CONF_MPU 3
-#if     MDK_CONF_MPU == 0
-
-#elif   MDK_CONF_MPU == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F2xx
-#elif MDK_CONF_MPU == 2
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F4xx
-#elif MDK_CONF_MPU == 3
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F7xx
-#endif
-
-//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS <4=>Windows
-//         <5=>PThread <6=>ThreadX
-//         <7=>Micrium <8=>EBSnet <9=>MQX
-//         <10=>T-RTOS <11=>uITRON4 <12=>uTKERNEL2
-//         <13=>Frosted <14=>CMSIS RTOS <15=>CMSIS RTOSv2 <16=>Others
-#define MDK_CONF_THREAD 14
-#if MDK_CONF_THREAD== 0
-#define SINGLE_THREADED
-#elif MDK_CONF_THREAD == 1
-#define FREERTOS
-#elif MDK_CONF_THREAD == 3
-#define WOLFSSL_SAFERTOS
-#elif MDK_CONF_THREAD == 4
-#define USE_WINDOWS_API
-#elif MDK_CONF_THREAD == 5
-#define WOLFSSL_PTHREADS
-#elif MDK_CONF_THREAD == 6
-#define THREADX
-#define NETX
-#elif MDK_CONF_THREAD == 7
-#define MICRIUM
-#elif MDK_CONF_THREAD == 8
-#define EBSNET
-#elif MDK_CONF_THREAD == 9
-#define FREESCALE_MQX
-#define FREESCALE_KSDK_MQX
-#elif MDK_CONF_THREAD == 10
-#define WOLFSSL_TIRTOS
-#elif MDK_CONF_THREAD == 11
-#define WOLFSSL_uITRON4
-#elif MDK_CONF_THREAD == 12
-#define WOLFSSL_uTKERNEL2
-#elif MDK_CONF_THREAD == 13
-#define WOLFSSL_FROSTED
-#elif MDK_CONF_THREAD == 14
-#define WOLFSSL_CMSIS_RTOS
-#elif MDK_CONF_THREAD == 15
-#define WOLFSSL_CMSIS_RTOSv2
-#elif MDK_CONF_THREAD == 16
-#define SINGLE_THREADED
-#endif
-
-
-//      <e>File System
-#define MDK_CONF_FILESYSTEM 1
-#if MDK_CONF_FILESYSTEM == 0
-#define NO_FILESYSTEM
-#else
-#define WOLFSSL_KEIL_FS
-#define NO_WOLFSSL_DIR
-#endif
-//  </e>
-
-//   <o> Network<0=>None <1=>RLnet <2=>User I/O
-#define MDK_CONF_NETWORK 1
-#if   MDK_CONF_NETWORK == 0
-#elif MDK_CONF_NETWORK == 1
-#define WOLFSSL_KEIL_TCP_NET
-#elif MDK_CONF_NETWORK == 2
-#define WOLFSSL_USER_IO
-#endif
-
-//  <h>Debug options
-
-//              <e>Debug Message
-#define MDK_CONF_DebugMessage 0
-#if MDK_CONF_DebugMessage == 1
-#define DEBUG_WOLFSSL
-#endif
-//         </e>
-//              <e>Check malloc
-#define MDK_CONF_CheckMalloc 1
-#if MDK_CONF_CheckMalloc == 1
-#define WOLFSSL_MALLOC_CHECK
-#define USE_WOLFSSL_MEMORY
-#endif
-//         </e>
-//      <e>ErrNo.h
-#define MDK_CONF_ErrNo 1
-#if MDK_CONF_ErrNo == 1
-#define HAVE_ERRNO
-#endif
-//  </e>
-//      <e>Error Strings
-#define MDK_CONF_ErrorStrings 1
-#if MDK_CONF_ErrorStrings == 0
-#define NO_ERROR_STRINGS
-#endif
-//  </e>
-
-//</h>
-//</h>
-
-// <h> wolfCrypt Configuration
-
-//  <h>Hash/Crypt Algrithm
-
-//      <e>MD2
-#define MDK_CONF_MD2 0
-#if MDK_CONF_MD2 == 1
-#define WOLFSSL_MD2
-#endif
-//  </e>
-//      <e>MD4
-#define MDK_CONF_MD4 0
-#if MDK_CONF_MD4 == 0
-#define NO_MD4
-#endif
-//  </e>
-//      <e>MD5
-#define MDK_CONF_MD5 1
-#if MDK_CONF_MD5 == 0
-#define NO_MD5
-#endif
-//  </e>
-//      <e>SHA
-#define MDK_CONF_SHA  1
-#if MDK_CONF_SHA == 0
-#define NO_SHA
-#endif
-//  </e>
-//      <e>SHA-256
-#define MDK_CONF_SHA256 1
-#if MDK_CONF_SHA256 == 0
-#define NO_SHA256
-#endif
-//  </e>
-//      <e>SHA-384
-#define MDK_CONF_SHA384 1
-#if MDK_CONF_SHA384 == 1
-#define WOLFSSL_SHA384
-#endif
-//  </e>
-//      <e>SHA-512
-#define MDK_CONF_SHA512     1
-#if MDK_CONF_SHA512     == 1
-#define WOLFSSL_SHA512
-#endif
-//  </e>
-//      <e>Hash DRBG
-#define MDK_CONF_HASHDRBG 1
-#if MDK_CONF_HASHDRBG == 1
-#define HAVE_HASHDRBG
-#endif
-//  </e>
-//      <e>RIPEMD
-#define MDK_CONF_RIPEMD 1
-#if MDK_CONF_RIPEMD == 1
-#define WOLFSSL_RIPEMD
-#endif
-//  </e>
-//      <e>BLAKE2
-#define MDK_CONF_BLAKE2 0
-#if MDK_CONF_BLAKE2 == 1
-#define HAVE_BLAKE2
-#endif
-//  </e>
-//      <e>HMAC
-#define MDK_CONF_HMAC 1
-#if MDK_CONF_HMAC == 0
-#define NO_HMAC
-#endif
-//  </e>
-//      <e>HMAC KDF
-#define MDK_CONF_HKDF 1
-#if MDK_CONF_HKDF == 1
-#define HAVE_HKDF
-#endif
-//  </e>
-
-//      <e>AES CCM
-#define MDK_CONF_AESCCM 1
-#if MDK_CONF_AESCCM == 1
-#define HAVE_AESCCM
-#endif
-//  </e>
-//      <e>AES GCM
-#define MDK_CONF_AESGCM 1
-#if MDK_CONF_AESGCM == 1
-#define HAVE_AESGCM
-#endif
-//  </e>
-
-//      <e>RC4
-#define MDK_CONF_RC4 0
-#if MDK_CONF_RC4 == 0
-#define NO_RC4
-#endif
-//  </e>
-
-//      <e>CHACHA
-#define MDK_CONF_CHACHA 1
-#if MDK_CONF_CHACHA == 1
-#define HAVE_CHACHA
-#endif
-//  </e>
-
-//      <e>POLY1305
-#define MDK_CONF_POLY1305 1
-#if MDK_CONF_POLY1305 == 1
-#define HAVE_POLY1305
-#define HAVE_ONE_TIME_AUTH
-#endif
-//  </e>
-
-//      <e>DES3
-#define MDK_CONF_DES3 1
-#if MDK_CONF_DES3 == 0
-#define NO_DES3
-#endif
-//  </e>
-
-//      <e>AES
-#define MDK_CONF_AES 1
-#if MDK_CONF_AES == 0
-#define NO_AES
-#endif
-//  </e>
-
-//      <e>CAMELLIA
-#define MDK_CONF_CAMELLIA 1
-#if MDK_CONF_CAMELLIA == 1
-#define HAVE_CAMELLIA
-#endif
-//  </e>
-
-//      <e>DH
-#define MDK_CONF_DH 1
-#if MDK_CONF_DH == 0
-#define NO_DH
-#endif
-//  </e>
-//      <e>DSA
-#define MDK_CONF_DSA 1
-#if MDK_CONF_DSA == 0
-#define NO_DSA
-#endif
-//  </e>
-
-//      <e>SRP
-#define MDK_CONF_SRP 1
-#if MDK_CONF_SRP == 1
-#define HAVE_SRP
-#endif
-//  </e>
-
-//      <e>PWDBASED
-#define MDK_CONF_PWDBASED 1
-#if MDK_CONF_PWDBASED == 0
-#define NO_PWDBASED
-#endif
-//  </e>
-
-//      <e>ECC
-#define MDK_CONF_ECC 1
-#if MDK_CONF_ECC == 1
-#define HAVE_ECC
-#endif
-//  </e>
-
-//      <e>CURVE25519
-#define MDK_CONF_CURVE25519 1
-#if MDK_CONF_CURVE25519 == 1
-#define HAVE_CURVE25519
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>CURVE25519 SMALL
-#define MDK_CONF_CURVE25519_SMALL 0
-#if MDK_CONF_CURVE25519_SMALL == 1
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>ED25519
-#define MDK_CONF_ED25519 1
-#if MDK_CONF_ED25519 == 1
-#define HAVE_ED25519
-#endif
-//  </e>
-//      <e>ED25519 SMALL
-#define MDK_CONF_ED25519_SMALL 0
-#if MDK_CONF_ED25519_SMALL == 1
-#define ED25519_SMALL
-#endif
-//  </e>
-//      <e>PKCS7
-#define MDK_CONF_PKCS7 0
-#if MDK_CONF_PKCS7 == 1
-#define HAVE_PKCS7
-#endif
-//  </e>
-//  </h>
-
-//      <e>Random Seed, for TEST Only
-#define MDK_CONF_RNDSEED 1
-#if MDK_CONF_RNDSEED == 1
-#define WOLFSSL_GENSEED_FORTEST
-#endif
-//  </e>
-
-//  <h>Hardware Crypt (See document for usage)
-//      <e>Hardware RNG
-#define MDK_CONF_STM32F2_RNG 0
-#if MDK_CONF_STM32F2_RNG == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_RNG
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Crypt
-#define MDK_CONF_STM32F2_CRYPTO 0
-#if MDK_CONF_STM32F2_CRYPTO == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_CRYPTO
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Hash
-#define MDK_CONF_STM32F2_HASH 0
-#if MDK_CONF_STM32F2_HASH == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_HASH
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-// </h>
-
-//  <h>Cert/Key Strage
-//        <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
-#define MDK_CONF_CERT_BUFF 0
-#if MDK_CONF_CERT_BUFF== 1
-#define USE_CERT_BUFFERS_1024
-#elif MDK_CONF_CERT_BUFF == 2
-#define USE_CERT_BUFFERS_2048
-#endif
-//</h>
-//  <h>Cert/Key Generation
-//      <e>CertGen
-#define MDK_CONF_CERT_GEN 0
-#if MDK_CONF_CERT_GEN == 1
-#define WOLFSSL_CERT_GEN
-#endif
-//  </e>
-//      <e>KeyGen
-#define MDK_CONF_KEY_GEN 0
-#if MDK_CONF_KEY_GEN == 1
-#define WOLFSSL_KEY_GEN
-#endif
-//  </e>
-// </h>
-//      <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
-#endif
-//  </e>
-//      <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-//  </e>
-
-//  </h>
-
-
-/**** wolfSSL Configuration ****/
-
-// <h> wolfSSL Configuration
-
-//      <e>TLS 1.3
-#define MDK_CONF_TLS 1
-#if MDK_CONF_TLS == 1
-#define WOLFSSL_TLS13
-#define HAVE_TLS_EXTENSIONS
-#define HAVE_SUPPORTED_CURVES
-#define WC_RSA_PSS
-#define HAVE_HKDF
-#define HAVE_FFDHE_2048
-#endif
-//  </e>
-
-//      <e>Include Old TLS
-#define MDK_CONF_NO_OLDTLS 0
-#if MDK_CONF_NO_OLDTLS == 0
-#define NO_OLD_TLS
-#endif
-//  </e>
-//      <e>CRL
-#define MDK_CONF_CRL 0
-#if MDK_CONF_CRL == 1
-#define HAVE_CRL
-#define WOLFSSL_DER_LOAD
-#endif
-//  </e>
-//      <e>OCSP
-#define MDK_CONF_OCSP 0
-#if MDK_CONF_OCSP == 1
-#define HAVE_OCSP
-#endif
-//  </e>
-//      <e>OpenSSL Extra
-#define MDK_CONF_OPENSSL_EXTRA 0
-#if MDK_CONF_OPENSSL_EXTRA == 1
-#define OPENSSL_EXTRA
-#endif
-//  </e>
-
-//</h>

IDE/MDK5-ARM/Projects/EchoServer/main.c

@@ -26,7 +26,7 @@
 #include "wolfssl/wolfcrypt/settings.h"
 
 #include "cmsis_os.h"                 /* CMSIS RTOS definitions             */
-#include "rl_net.h"                      /* Network definitions                */
+#include "rl_net.h"                   /* Network definitions                */
 #include <time.h>
 
 #if defined(STM32F7xx)
@@ -58,12 +58,9 @@
 //   </h>
 
 //   <h>RTC: for validate certificate date
-//    <o>Year <1970-2099>
-#define RTC_YEAR 2018
-//    <o>Month <1=>Jan<2=>Feb<3=>Mar<4=>Apr<5=>May<6=>Jun<7=>Jul<8=>Aut<9=>Sep<10=>Oct<11=>Nov<12=>Dec
+#define RTC_YEAR  2023
 #define RTC_MONTH 1
-//    <o>Day <1-31>
-#define RTC_DAY 1
+#define RTC_DAY   1
 //    </h>
 
 //------------- <<< end of configuration section >>> -----------------------
@@ -88,22 +85,23 @@ static void CPU_CACHE_Enable (void) {
 #if !defined(NO_FILESYSTEM)
 #include "rl_fs.h"                      /* FileSystem definitions             */
 
-static void init_filesystem (void) {
-  int32_t retv;
+static void init_filesystem(void)
+{
+    int32_t retv;
 
-  retv = finit ("M0:");
-  if (retv == fsOK) {
-    retv = fmount ("M0:");
+    retv = finit ("M0:");
     if (retv == fsOK) {
-      printf ("Drive M0 ready!\n");
+        retv = fmount ("M0:");
+        if (retv == fsOK) {
+            printf ("Drive M0 ready!\n");
+        }
+        else {
+            printf ("Drive M0 mount failed(%d)!\n", retv);
+        }
     }
     else {
-      printf ("Drive M0 mount failed(%d)!\n", retv);
+        printf ("Drive M0 initialization failed!\n");
     }
-  }
-  else {
-    printf ("Drive M0 initialization failed!\n");
-  }
 }
 #endif
 
@@ -120,20 +118,20 @@ osThreadDef(net_loop, osPriorityLow, 2, 0);
 
 #ifdef RTE_CMSIS_RTOS_RTX
 extern uint32_t os_time;
-static  time_t epochTime;
+static time_t epochTime;
 
-uint32_t HAL_GetTick(void) { 
-    return os_time; 
+uint32_t HAL_GetTick(void) {
+    return os_time;
 }
 
-time_t time(time_t *t){
-     return epochTime ;
+time_t time(time_t *t) {
+     return epochTime;
 }
 
-void setTime(time_t t){
+void setTime(time_t t) {
     epochTime = t;
 }
-#endif
+#endif /* RTE_CMSIS_RTOS_RTX */
 
 
 #ifdef WOLFSSL_CURRTIME_OSTICK
@@ -143,28 +141,27 @@ extern uint32_t os_time;
 
 double current_time(int reset)
 {
-      if(reset) os_time = 0 ;
-      return (double)os_time /1000.0;
+    if (reset) os_time = 0;
+    return (double)os_time /1000.0;
 }
 
 #else
 
 #include <stdint.h>
 #define DWT                 ((DWT_Type       *)     (0xE0001000UL)     )
-typedef struct
-{
-  uint32_t CTRL;                    /*!< Offset: 0x000 (R/W)  Control Register                          */
-  uint32_t CYCCNT;                  /*!< Offset: 0x004 (R/W)  Cycle Count Register                      */
+typedef struct {
+    uint32_t CTRL;   /*!< Offset: 0x000 (R/W)  Control Register     */
+    uint32_t CYCCNT; /*!< Offset: 0x004 (R/W)  Cycle Count Register */
 } DWT_Type;
 
-extern uint32_t SystemCoreClock ;
+extern uint32_t SystemCoreClock;
 
 double current_time(int reset)
 {
-      if(reset) DWT->CYCCNT = 0 ;
-      return ((double)DWT->CYCCNT/SystemCoreClock) ;
+    if (reset) DWT->CYCCNT = 0;
+    return ((double)DWT->CYCCNT/SystemCoreClock);
 }
-#endif
+#endif /* WOLFSSL_CURRTIME_OSTICK */
 
 /*----------------------------------------------------------------------------
   Main Thread 'main': Run Network
@@ -175,39 +172,42 @@ typedef struct func_args {
     char** argv;
 } func_args;
 
-extern void echoserver_test(func_args * args) ;
+extern void echoserver_test(func_args * args);
 
 int myoptind = 0;
 char* myoptarg = NULL;
 
-int main (void) {
+int main (void)
+{
      static char *argv[] =
-          {   "server" } ;
-     static   func_args args  = { 1, argv } ;
+          {   "server" };
+     static   func_args args  = { 1, argv };
 
-    MPU_Config();                             /* Configure the MPU              */
-    CPU_CACHE_Enable();                       /* Enable the CPU Cache           */
-    HAL_Init();                               /* Initialize the HAL Library     */
-    SystemClock_Config();                     /* Configure the System Clock     */
+    MPU_Config();                           /* Configure the MPU              */
+    CPU_CACHE_Enable();                     /* Enable the CPU Cache           */
+    HAL_Init();                             /* Initialize the HAL Library     */
+    SystemClock_Config();                   /* Configure the System Clock     */
 
-    #if !defined(NO_FILESYSTEM)
+#if !defined(NO_FILESYSTEM)
     init_filesystem ();
-    #endif
+#endif
     net_initialize ();
 
-    #if defined(DEBUG_WOLFSSL)
-         printf("Turning ON Debug message\n") ;
-         wolfSSL_Debugging_ON() ;
-    #endif
+#if defined(DEBUG_WOLFSSL)
+    printf("Turning ON Debug message\n");
+    wolfSSL_Debugging_ON();
+#endif
 
-    setTime((RTC_YEAR-1970)*365*24*60*60 + RTC_MONTH*30*24*60*60 + RTC_DAY*24*60*60);
+    setTime((RTC_YEAR-1970)*365*24*60*60 +
+             RTC_MONTH*30*24*60*60 +
+             RTC_DAY*24*60*60);
 
     osThreadCreate (osThread(net_loop), NULL);
 
-    echoserver_test(&args) ;
-    printf("echoserver: Terminated\n") ;
-    while(1)
+    echoserver_test(&args);
+    printf("echoserver: Terminated\n");
+
+    while (1) {
         osDelay(1000);
-
+    }
 }
-

IDE/MDK5-ARM/Projects/SimpleClient/RTE/wolfSSL/user_settings.h

@@ -1,497 +0,0 @@
-/* user_settings.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#define NO_MAIN_DRIVER
-#define BENCH_EMBEDDED
-#define NO_DEV_RANDOM
-#define WOLFSSL_USER_CURRTIME
-#define SIZEOF_LONG_LONG 8
-#define NO_WRITEV
-#define NO_DEV_RANDOM
-
-#define TFM_TIMING_RESISTANT
-#define ECC_TIMING_RESISTANT
-#define WC_RSA_BLINDING
-
-#define WOLFSSL_USER_CURRTIME /* for benchmark */
-#define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
-#define WOLFSSL_GMTIME
-#define NO_MULTIBYTE_PRINT
-
-// <<< Use Configuration Wizard in Context Menu >>>
-
-
-//  <h>Common options
-//        <o> MPU<0=>Undefined<1=>STM32F2xx<2=>STM32F4xx<3=>STM32F7xx
-#define MDK_CONF_MPU 3
-#if     MDK_CONF_MPU == 0
-
-#elif   MDK_CONF_MPU == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F2xx
-#elif MDK_CONF_MPU == 2
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F4xx
-#elif MDK_CONF_MPU == 3
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F7xx
-#endif
-
-//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS <4=>Windows
-//         <5=>PThread <6=>ThreadX
-//         <7=>Micrium <8=>EBSnet <9=>MQX
-//         <10=>T-RTOS <11=>uITRON4 <12=>uTKERNEL2
-//         <13=>Frosted <14=>CMSIS RTOS <15=>CMSIS RTOSv2 <16=>Others
-#define MDK_CONF_THREAD 15
-#if MDK_CONF_THREAD== 0
-#define SINGLE_THREADED
-#elif MDK_CONF_THREAD == 1
-#define FREERTOS
-#elif MDK_CONF_THREAD == 3
-#define WOLFSSL_SAFERTOS
-#elif MDK_CONF_THREAD == 4
-#define USE_WINDOWS_API
-#elif MDK_CONF_THREAD == 5
-#define WOLFSSL_PTHREADS
-#elif MDK_CONF_THREAD == 6
-#define THREADX
-#define NETX
-#elif MDK_CONF_THREAD == 7
-#define MICRIUM
-#elif MDK_CONF_THREAD == 8
-#define EBSNET
-#elif MDK_CONF_THREAD == 9
-#define FREESCALE_MQX
-#define FREESCALE_KSDK_MQX
-#elif MDK_CONF_THREAD == 10
-#define WOLFSSL_TIRTOS
-#elif MDK_CONF_THREAD == 11
-#define WOLFSSL_uITRON4
-#elif MDK_CONF_THREAD == 12
-#define WOLFSSL_uTKERNEL2
-#elif MDK_CONF_THREAD == 13
-#define WOLFSSL_FROSTED
-#elif MDK_CONF_THREAD == 14
-#define WOLFSSL_CMSIS_RTOS
-#elif MDK_CONF_THREAD == 15
-#define WOLFSSL_CMSIS_RTOSv2
-#elif MDK_CONF_THREAD == 16
-#define SINGLE_THREADED
-#endif
-
-
-//      <e>File System
-#define MDK_CONF_FILESYSTEM 1
-#if MDK_CONF_FILESYSTEM == 0
-#define NO_FILESYSTEM
-#else
-#define WOLFSSL_KEIL_FS
-#define NO_WOLFSSL_DIR
-#endif
-//  </e>
-
-//   <o> Network<0=>None <1=>RLnet <2=>User I/O
-#define MDK_CONF_NETWORK 1
-#if   MDK_CONF_NETWORK == 0
-#elif MDK_CONF_NETWORK == 1
-#define WOLFSSL_KEIL_TCP_NET
-#elif MDK_CONF_NETWORK == 2
-#define WOLFSSL_USER_IO
-#endif
-
-//  <h>Debug options
-
-//              <e>Debug Message
-#define MDK_CONF_DebugMessage 0
-#if MDK_CONF_DebugMessage == 1
-#define DEBUG_WOLFSSL
-#endif
-//         </e>
-//              <e>Check malloc
-#define MDK_CONF_CheckMalloc 1
-#if MDK_CONF_CheckMalloc == 1
-#define WOLFSSL_MALLOC_CHECK
-#define USE_WOLFSSL_MEMORY
-#endif
-//         </e>
-//      <e>ErrNo.h
-#define MDK_CONF_ErrNo 1
-#if MDK_CONF_ErrNo == 1
-#define HAVE_ERRNO
-#endif
-//  </e>
-//      <e>Error Strings
-#define MDK_CONF_ErrorStrings 1
-#if MDK_CONF_ErrorStrings == 0
-#define NO_ERROR_STRINGS
-#endif
-//  </e>
-
-//</h>
-//</h>
-
-// <h> wolfCrypt Configuration
-
-//  <h>Hash/Crypt Algrithm
-
-//      <e>MD2
-#define MDK_CONF_MD2 0
-#if MDK_CONF_MD2 == 1
-#define WOLFSSL_MD2
-#endif
-//  </e>
-//      <e>MD4
-#define MDK_CONF_MD4 0
-#if MDK_CONF_MD4 == 0
-#define NO_MD4
-#endif
-//  </e>
-//      <e>MD5
-#define MDK_CONF_MD5 1
-#if MDK_CONF_MD5 == 0
-#define NO_MD5
-#endif
-//  </e>
-//      <e>SHA
-#define MDK_CONF_SHA  1
-#if MDK_CONF_SHA == 0
-#define NO_SHA
-#endif
-//  </e>
-//      <e>SHA-256
-#define MDK_CONF_SHA256 1
-#if MDK_CONF_SHA256 == 0
-#define NO_SHA256
-#endif
-//  </e>
-//      <e>SHA-384
-#define MDK_CONF_SHA384 1
-#if MDK_CONF_SHA384 == 1
-#define WOLFSSL_SHA384
-#endif
-//  </e>
-//      <e>SHA-512
-#define MDK_CONF_SHA512     1
-#if MDK_CONF_SHA512     == 1
-#define WOLFSSL_SHA512
-#endif
-//  </e>
-//      <e>Hash DRBG
-#define MDK_CONF_HASHDRBG 1
-#if MDK_CONF_HASHDRBG == 1
-#define HAVE_HASHDRBG
-#endif
-//  </e>
-//      <e>RIPEMD
-#define MDK_CONF_RIPEMD 1
-#if MDK_CONF_RIPEMD == 1
-#define WOLFSSL_RIPEMD
-#endif
-//  </e>
-//      <e>BLAKE2
-#define MDK_CONF_BLAKE2 0
-#if MDK_CONF_BLAKE2 == 1
-#define HAVE_BLAKE2
-#endif
-//  </e>
-//      <e>HMAC
-#define MDK_CONF_HMAC 1
-#if MDK_CONF_HMAC == 0
-#define NO_HMAC
-#endif
-//  </e>
-//      <e>HMAC KDF
-#define MDK_CONF_HKDF 1
-#if MDK_CONF_HKDF == 1
-#define HAVE_HKDF
-#endif
-//  </e>
-
-//      <e>AES CCM
-#define MDK_CONF_AESCCM 1
-#if MDK_CONF_AESCCM == 1
-#define HAVE_AESCCM
-#endif
-//  </e>
-//      <e>AES GCM
-#define MDK_CONF_AESGCM 1
-#if MDK_CONF_AESGCM == 1
-#define HAVE_AESGCM
-#endif
-//  </e>
-
-//      <e>RC4
-#define MDK_CONF_RC4 0
-#if MDK_CONF_RC4 == 0
-#define NO_RC4
-#endif
-//  </e>
-
-//      <e>CHACHA
-#define MDK_CONF_CHACHA 1
-#if MDK_CONF_CHACHA == 1
-#define HAVE_CHACHA
-#endif
-//  </e>
-
-//      <e>POLY1305
-#define MDK_CONF_POLY1305 1
-#if MDK_CONF_POLY1305 == 1
-#define HAVE_POLY1305
-#define HAVE_ONE_TIME_AUTH
-#endif
-//  </e>
-
-//      <e>DES3
-#define MDK_CONF_DES3 1
-#if MDK_CONF_DES3 == 0
-#define NO_DES3
-#endif
-//  </e>
-
-//      <e>AES
-#define MDK_CONF_AES 1
-#if MDK_CONF_AES == 0
-#define NO_AES
-#endif
-//  </e>
-
-//      <e>CAMELLIA
-#define MDK_CONF_CAMELLIA 1
-#if MDK_CONF_CAMELLIA == 1
-#define HAVE_CAMELLIA
-#endif
-//  </e>
-
-//      <e>DH
-#define MDK_CONF_DH 1
-#if MDK_CONF_DH == 0
-#define NO_DH
-#endif
-//  </e>
-//      <e>DSA
-#define MDK_CONF_DSA 1
-#if MDK_CONF_DSA == 0
-#define NO_DSA
-#endif
-//  </e>
-
-//      <e>SRP
-#define MDK_CONF_SRP 1
-#if MDK_CONF_SRP == 1
-#define HAVE_SRP
-#endif
-//  </e>
-
-//      <e>PWDBASED
-#define MDK_CONF_PWDBASED 1
-#if MDK_CONF_PWDBASED == 0
-#define NO_PWDBASED
-#endif
-//  </e>
-
-//      <e>ECC
-#define MDK_CONF_ECC 1
-#if MDK_CONF_ECC == 1
-#define HAVE_ECC
-#endif
-//  </e>
-
-//      <e>CURVE25519
-#define MDK_CONF_CURVE25519 1
-#if MDK_CONF_CURVE25519 == 1
-#define HAVE_CURVE25519
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>CURVE25519 SMALL
-#define MDK_CONF_CURVE25519_SMALL 0
-#if MDK_CONF_CURVE25519_SMALL == 1
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>ED25519
-#define MDK_CONF_ED25519 1
-#if MDK_CONF_ED25519 == 1
-#define HAVE_ED25519
-#endif
-//  </e>
-//      <e>ED25519 SMALL
-#define MDK_CONF_ED25519_SMALL 0
-#if MDK_CONF_ED25519_SMALL == 1
-#define ED25519_SMALL
-#endif
-//  </e>
-//      <e>PKCS7
-#define MDK_CONF_PKCS7 0
-#if MDK_CONF_PKCS7 == 1
-#define HAVE_PKCS7
-#endif
-//  </e>
-//  </h>
-
-//      <e>Random Seed, for TEST Only
-#define MDK_CONF_RNDSEED 1
-#if MDK_CONF_RNDSEED == 1
-#define WOLFSSL_GENSEED_FORTEST
-#endif
-//  </e>
-
-//  <h>Hardware Crypt (See document for usage)
-//      <e>Hardware RNG
-#define MDK_CONF_STM32F2_RNG 0
-#if MDK_CONF_STM32F2_RNG == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_RNG
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Crypt
-#define MDK_CONF_STM32F2_CRYPTO 0
-#if MDK_CONF_STM32F2_CRYPTO == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_CRYPTO
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Hash
-#define MDK_CONF_STM32F2_HASH 0
-#if MDK_CONF_STM32F2_HASH == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_HASH
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-// </h>
-
-//  <h>Cert/Key Strage
-//        <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
-#define MDK_CONF_CERT_BUFF 0
-#if MDK_CONF_CERT_BUFF== 1
-#define USE_CERT_BUFFERS_1024
-#elif MDK_CONF_CERT_BUFF == 2
-#define USE_CERT_BUFFERS_2048
-#endif
-//</h>
-//  <h>Cert/Key Generation
-//      <e>CertGen
-#define MDK_CONF_CERT_GEN 0
-#if MDK_CONF_CERT_GEN == 1
-#define WOLFSSL_CERT_GEN
-#endif
-//  </e>
-//      <e>KeyGen
-#define MDK_CONF_KEY_GEN 0
-#if MDK_CONF_KEY_GEN == 1
-#define WOLFSSL_KEY_GEN
-#endif
-//  </e>
-// </h>
-//      <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
-#endif
-//  </e>
-//      <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-//  </e>
-
-//  </h>
-
-
-/**** wolfSSL Configuration ****/
-
-// <h> wolfSSL Configuration
-
-//      <e>TLS 1.3
-#define MDK_CONF_TLS 1
-#if MDK_CONF_TLS == 1
-#define WOLFSSL_TLS13
-#define HAVE_TLS_EXTENSIONS
-#define HAVE_SUPPORTED_CURVES
-#define WC_RSA_PSS
-#define HAVE_HKDF
-#define HAVE_FFDHE_2048
-#endif
-//  </e>
-
-//      <e>Include Old TLS
-#define MDK_CONF_NO_OLDTLS 0
-#if MDK_CONF_NO_OLDTLS == 0
-#define NO_OLD_TLS
-#endif
-//  </e>
-//      <e>CRL
-#define MDK_CONF_CRL 0
-#if MDK_CONF_CRL == 1
-#define HAVE_CRL
-#define WOLFSSL_DER_LOAD
-#endif
-//  </e>
-//      <e>OCSP
-#define MDK_CONF_OCSP 0
-#if MDK_CONF_OCSP == 1
-#define HAVE_OCSP
-#endif
-//  </e>
-//      <e>OpenSSL Extra
-#define MDK_CONF_OPENSSL_EXTRA 0
-#if MDK_CONF_OPENSSL_EXTRA == 1
-#define OPENSSL_EXTRA
-#endif
-//  </e>
-
-//</h>

IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvoptx

@@ -298,7 +298,7 @@
       <tvExp>0</tvExp>
       <tvExpOptDlg>0</tvExpOptDlg>
       <bDave2>0</bDave2>
-      <PathWithFileName>.\RTE\wolfSSL\user_settings.h</PathWithFileName>
+      <PathWithFileName>..\..\Conf\user_settings.h</PathWithFileName>
       <FilenameWithoutPath>user_settings.h</FilenameWithoutPath>
       <RteFlg>0</RteFlg>
       <bShared>0</bShared>

IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvprojx

@@ -413,7 +413,7 @@
             <File>
               <FileName>user_settings.h</FileName>
               <FileType>5</FileType>
-              <FilePath>.\RTE\wolfSSL\user_settings.h</FilePath>
+              <FilePath>..\..\Conf\user_settings.h</FilePath>
             </File>
           </Files>
         </Group>
@@ -912,7 +912,7 @@
         <targetInfos/>
       </file>
       <file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\user_settings.h" version="3.15.7">
-        <instance index="0">RTE\wolfSSL\user_settings.h</instance>
+        <instance index="0">..\..\Conf\user_settings.h</instance>
         <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfSSL" Csub="Core" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core"/>
         <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
         <targetInfos>

IDE/MDK5-ARM/Projects/SimpleClient/main.c

@@ -68,12 +68,9 @@
 //   </h>
 
 //   <h>RTC: for validate certificate date
-//    <o>Year <1970-2099>
-#define RTC_YEAR 2019
-//    <o>Month <1=>Jan<2=>Feb<3=>Mar<4=>Apr<5=>May<6=>Jun<7=>Jul<8=>Aug<9=>Sep<10=>Oct<11=>Nov<12=>Dec
+#define RTC_YEAR  2023
 #define RTC_MONTH 1
-//    <o>Day <1-31>
-#define RTC_DAY 1
+#define RTC_DAY   1
 //    </h>
 
 //------------- <<< end of configuration section >>> -----------------------
@@ -96,19 +93,19 @@ extern uint32_t os_time;
 #endif
 
 uint32_t HAL_GetTick(void) {
-    #if defined(WOLFSSL_CMSIS_RTOS)
-        return os_time;
-    #elif defined(WOLFSSL_CMSIS_RTOSv2)
-        return osKernelGetTickCount();
-    #endif
+#if defined(WOLFSSL_CMSIS_RTOS)
+    return os_time;
+#elif defined(WOLFSSL_CMSIS_RTOSv2)
+    return osKernelGetTickCount();
+#endif
 }
 
 static  time_t epochTime;
-time_t time(time_t *t){
-     return epochTime ;
+time_t time(time_t *t) {
+     return epochTime;
 }
 
-void setTime(time_t t){
+void setTime(time_t t) {
     epochTime = t;
 }
 
@@ -129,22 +126,23 @@ double current_time(int reset)
 #if !defined(NO_FILESYSTEM)
 #include "rl_fs.h"                      /* FileSystem definitions             */
 
-static void init_filesystem (void) {
-  int32_t retv;
+static void init_filesystem(void)
+{
+    int32_t retv;
 
-  retv = finit ("M0:");
-  if (retv == fsOK) {
-    retv = fmount ("M0:");
+    retv = finit ("M0:");
     if (retv == fsOK) {
-      printf ("Drive M0 ready!\n");
+        retv = fmount ("M0:");
+        if (retv == fsOK) {
+            printf ("Drive M0 ready!\n");
+        }
+        else {
+            printf ("Drive M0 mount failed(%d)!\n", retv);
+        }
     }
     else {
-      printf ("Drive M0 mount failed(%d)!\n", retv);
+        printf ("Drive M0 initialization failed!\n");
     }
-  }
-  else {
-    printf ("Drive M0 initialization failed!\n");
-  }
 }
 #endif
 
@@ -156,9 +154,10 @@ void app_main(void *arg)
 void app_main(void const*arg)
 #endif
 {
-    if(netInitialize () == netOK)
-	      client_test(arg);
-		else printf("ERROR: netInitialize\n");
+    if (netInitialize () == netOK)
+        client_test(arg);
+    else
+        printf("ERROR: netInitialize\n");
 }
 
 #if defined(WOLFSSL_CMSIS_RTOS)
@@ -178,48 +177,51 @@ typedef struct func_args {
 int myoptind = 0;
 char* myoptarg = NULL;
 
-int main (void) {
+int main (void)
+{
     static char *argv[] =
         {   "client",   "-h", REMOTE_IP, "-p", REMOTE_PORT,
-                                   "-v",  " ",  OTHER_OPTIONS } ;
+                                   "-v",  " ",  OTHER_OPTIONS };
     static   func_args args  =
-        {  sizeof(argv)/sizeof(*argv[0]), argv } ;
+        {  sizeof(argv)/sizeof(*argv[0]), argv };
 
     char *verStr[] = { "SSL3", "TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"};
     #define VERSIZE 2
     static char ver[VERSIZE];
-                    
-    MPU_Config();                             /* Configure the MPU              */
-    CPU_CACHE_Enable();                       /* Enable the CPU Cache           */
-    HAL_Init();                               /* Initialize the HAL Library     */
-    SystemClock_Config();                     /* Configure the System Clock     */
-    #if defined(WOLFSSL_CMSIS_RTOSv2)
-    osKernelInitialize();
-    #endif
-		
-    #if !defined(NO_FILESYSTEM)
-    init_filesystem ();
-    #endif
 
-    #if defined(DEBUG_WOLFSSL)
-        printf("Turning ON Debug message\n") ;
-        wolfSSL_Debugging_ON() ;
-    #endif
+    MPU_Config();                             /* Configure the MPU            */
+    CPU_CACHE_Enable();                       /* Enable the CPU Cache         */
+    HAL_Init();                               /* Initialize the HAL Library   */
+    SystemClock_Config();                     /* Configure the System Clock   */
+#if defined(WOLFSSL_CMSIS_RTOSv2)
+    osKernelInitialize();
+#endif
+
+#if !defined(NO_FILESYSTEM)
+    init_filesystem ();
+#endif
+
+#if defined(DEBUG_WOLFSSL)
+    printf("Turning ON Debug message\n");
+    wolfSSL_Debugging_ON();
+#endif
 
     snprintf(ver, VERSIZE, "%d", TLS_VER);
     argv[6] = ver;
 
-    printf("SSL/TLS Client(%d)\n ", (int)(sizeof(argv)/sizeof(argv[0]))) ;
-    printf("    Remote IP: %s, Port: %s\n    Version: %s\n", argv[2], argv[4],  verStr[TLS_VER]) ;
-    printf("    Other options: %s\n", OTHER_OPTIONS);   
-    setTime((time_t)((RTC_YEAR-1970)*365*24*60*60) + RTC_MONTH*30*24*60*60 + RTC_DAY*24*60*60);
-
-    #if defined(WOLFSSL_CMSIS_RTOS)
-        osThreadCreate (osThread(app_main), (void *)&args);
-    #elif defined(WOLFSSL_CMSIS_RTOSv2)
-        osThreadNew(app_main, (void *)&args, NULL);
-    #endif
-    osKernelStart();     
+    printf("SSL/TLS Client(%d)\n ", (int)(sizeof(argv)/sizeof(argv[0])));
+    printf("    Remote IP: %s, Port: %s\n    Version: %s\n",
+        argv[2], argv[4],  verStr[TLS_VER]);
+    printf("    Other options: %s\n", OTHER_OPTIONS);
+    setTime((time_t)((RTC_YEAR-1970)*365*24*60*60) +
+                      RTC_MONTH*30*24*60*60 +
+                      RTC_DAY*24*60*60);
 
+#if defined(WOLFSSL_CMSIS_RTOS)
+    osThreadCreate (osThread(app_main), (void *)&args);
+#elif defined(WOLFSSL_CMSIS_RTOSv2)
+    osThreadNew(app_main, (void *)&args, NULL);
+#endif
+    osKernelStart();
 }
 

IDE/MDK5-ARM/Projects/SimpleServer/RTE/wolfSSL/user_settings.h

@@ -1,497 +0,0 @@
-/* user_settings.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#define NO_MAIN_DRIVER
-#define BENCH_EMBEDDED
-#define NO_DEV_RANDOM
-#define WOLFSSL_USER_CURRTIME
-#define SIZEOF_LONG_LONG 8
-#define NO_WRITEV
-#define NO_DEV_RANDOM
-
-#define TFM_TIMING_RESISTANT
-#define ECC_TIMING_RESISTANT
-#define WC_RSA_BLINDING
-
-#define WOLFSSL_USER_CURRTIME /* for benchmark */
-#define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
-#define WOLFSSL_GMTIME
-#define NO_MULTIBYTE_PRINT
-
-// <<< Use Configuration Wizard in Context Menu >>>
-
-
-//  <h>Common options
-//        <o> MPU<0=>Undefined<1=>STM32F2xx<2=>STM32F4xx<3=>STM32F7xx
-#define MDK_CONF_MPU 3
-#if     MDK_CONF_MPU == 0
-
-#elif   MDK_CONF_MPU == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F2xx
-#elif MDK_CONF_MPU == 2
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F4xx
-#elif MDK_CONF_MPU == 3
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F7xx
-#endif
-
-//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS <4=>Windows
-//         <5=>PThread <6=>ThreadX
-//         <7=>Micrium <8=>EBSnet <9=>MQX
-//         <10=>T-RTOS <11=>uITRON4 <12=>uTKERNEL2
-//         <13=>Frosted <14=>CMSIS RTOS <15=>CMSIS RTOSv2 <16=>Others
-#define MDK_CONF_THREAD 15
-#if MDK_CONF_THREAD== 0
-#define SINGLE_THREADED
-#elif MDK_CONF_THREAD == 1
-#define FREERTOS
-#elif MDK_CONF_THREAD == 3
-#define WOLFSSL_SAFERTOS
-#elif MDK_CONF_THREAD == 4
-#define USE_WINDOWS_API
-#elif MDK_CONF_THREAD == 5
-#define WOLFSSL_PTHREADS
-#elif MDK_CONF_THREAD == 6
-#define THREADX
-#define NETX
-#elif MDK_CONF_THREAD == 7
-#define MICRIUM
-#elif MDK_CONF_THREAD == 8
-#define EBSNET
-#elif MDK_CONF_THREAD == 9
-#define FREESCALE_MQX
-#define FREESCALE_KSDK_MQX
-#elif MDK_CONF_THREAD == 10
-#define WOLFSSL_TIRTOS
-#elif MDK_CONF_THREAD == 11
-#define WOLFSSL_uITRON4
-#elif MDK_CONF_THREAD == 12
-#define WOLFSSL_uTKERNEL2
-#elif MDK_CONF_THREAD == 13
-#define WOLFSSL_FROSTED
-#elif MDK_CONF_THREAD == 14
-#define WOLFSSL_CMSIS_RTOS
-#elif MDK_CONF_THREAD == 15
-#define WOLFSSL_CMSIS_RTOSv2
-#elif MDK_CONF_THREAD == 16
-#define SINGLE_THREADED
-#endif
-
-
-//      <e>File System
-#define MDK_CONF_FILESYSTEM 1
-#if MDK_CONF_FILESYSTEM == 0
-#define NO_FILESYSTEM
-#else
-#define WOLFSSL_KEIL_FS
-#define NO_WOLFSSL_DIR
-#endif
-//  </e>
-
-//   <o> Network<0=>None <1=>RLnet <2=>User I/O
-#define MDK_CONF_NETWORK 1
-#if   MDK_CONF_NETWORK == 0
-#elif MDK_CONF_NETWORK == 1
-#define WOLFSSL_KEIL_TCP_NET
-#elif MDK_CONF_NETWORK == 2
-#define WOLFSSL_USER_IO
-#endif
-
-//  <h>Debug options
-
-//              <e>Debug Message
-#define MDK_CONF_DebugMessage 0
-#if MDK_CONF_DebugMessage == 1
-#define DEBUG_WOLFSSL
-#endif
-//         </e>
-//              <e>Check malloc
-#define MDK_CONF_CheckMalloc 1
-#if MDK_CONF_CheckMalloc == 1
-#define WOLFSSL_MALLOC_CHECK
-#define USE_WOLFSSL_MEMORY
-#endif
-//         </e>
-//      <e>ErrNo.h
-#define MDK_CONF_ErrNo 1
-#if MDK_CONF_ErrNo == 1
-#define HAVE_ERRNO
-#endif
-//  </e>
-//      <e>Error Strings
-#define MDK_CONF_ErrorStrings 1
-#if MDK_CONF_ErrorStrings == 0
-#define NO_ERROR_STRINGS
-#endif
-//  </e>
-
-//</h>
-//</h>
-
-// <h> wolfCrypt Configuration
-
-//  <h>Hash/Crypt Algrithm
-
-//      <e>MD2
-#define MDK_CONF_MD2 0
-#if MDK_CONF_MD2 == 1
-#define WOLFSSL_MD2
-#endif
-//  </e>
-//      <e>MD4
-#define MDK_CONF_MD4 0
-#if MDK_CONF_MD4 == 0
-#define NO_MD4
-#endif
-//  </e>
-//      <e>MD5
-#define MDK_CONF_MD5 1
-#if MDK_CONF_MD5 == 0
-#define NO_MD5
-#endif
-//  </e>
-//      <e>SHA
-#define MDK_CONF_SHA  1
-#if MDK_CONF_SHA == 0
-#define NO_SHA
-#endif
-//  </e>
-//      <e>SHA-256
-#define MDK_CONF_SHA256 1
-#if MDK_CONF_SHA256 == 0
-#define NO_SHA256
-#endif
-//  </e>
-//      <e>SHA-384
-#define MDK_CONF_SHA384 1
-#if MDK_CONF_SHA384 == 1
-#define WOLFSSL_SHA384
-#endif
-//  </e>
-//      <e>SHA-512
-#define MDK_CONF_SHA512     1
-#if MDK_CONF_SHA512     == 1
-#define WOLFSSL_SHA512
-#endif
-//  </e>
-//      <e>Hash DRBG
-#define MDK_CONF_HASHDRBG 1
-#if MDK_CONF_HASHDRBG == 1
-#define HAVE_HASHDRBG
-#endif
-//  </e>
-//      <e>RIPEMD
-#define MDK_CONF_RIPEMD 1
-#if MDK_CONF_RIPEMD == 1
-#define WOLFSSL_RIPEMD
-#endif
-//  </e>
-//      <e>BLAKE2
-#define MDK_CONF_BLAKE2 0
-#if MDK_CONF_BLAKE2 == 1
-#define HAVE_BLAKE2
-#endif
-//  </e>
-//      <e>HMAC
-#define MDK_CONF_HMAC 1
-#if MDK_CONF_HMAC == 0
-#define NO_HMAC
-#endif
-//  </e>
-//      <e>HMAC KDF
-#define MDK_CONF_HKDF 1
-#if MDK_CONF_HKDF == 1
-#define HAVE_HKDF
-#endif
-//  </e>
-
-//      <e>AES CCM
-#define MDK_CONF_AESCCM 1
-#if MDK_CONF_AESCCM == 1
-#define HAVE_AESCCM
-#endif
-//  </e>
-//      <e>AES GCM
-#define MDK_CONF_AESGCM 1
-#if MDK_CONF_AESGCM == 1
-#define HAVE_AESGCM
-#endif
-//  </e>
-
-//      <e>RC4
-#define MDK_CONF_RC4 0
-#if MDK_CONF_RC4 == 0
-#define NO_RC4
-#endif
-//  </e>
-
-//      <e>CHACHA
-#define MDK_CONF_CHACHA 1
-#if MDK_CONF_CHACHA == 1
-#define HAVE_CHACHA
-#endif
-//  </e>
-
-//      <e>POLY1305
-#define MDK_CONF_POLY1305 1
-#if MDK_CONF_POLY1305 == 1
-#define HAVE_POLY1305
-#define HAVE_ONE_TIME_AUTH
-#endif
-//  </e>
-
-//      <e>DES3
-#define MDK_CONF_DES3 1
-#if MDK_CONF_DES3 == 0
-#define NO_DES3
-#endif
-//  </e>
-
-//      <e>AES
-#define MDK_CONF_AES 1
-#if MDK_CONF_AES == 0
-#define NO_AES
-#endif
-//  </e>
-
-//      <e>CAMELLIA
-#define MDK_CONF_CAMELLIA 1
-#if MDK_CONF_CAMELLIA == 1
-#define HAVE_CAMELLIA
-#endif
-//  </e>
-
-//      <e>DH
-#define MDK_CONF_DH 1
-#if MDK_CONF_DH == 0
-#define NO_DH
-#endif
-//  </e>
-//      <e>DSA
-#define MDK_CONF_DSA 1
-#if MDK_CONF_DSA == 0
-#define NO_DSA
-#endif
-//  </e>
-
-//      <e>SRP
-#define MDK_CONF_SRP 1
-#if MDK_CONF_SRP == 1
-#define HAVE_SRP
-#endif
-//  </e>
-
-//      <e>PWDBASED
-#define MDK_CONF_PWDBASED 1
-#if MDK_CONF_PWDBASED == 0
-#define NO_PWDBASED
-#endif
-//  </e>
-
-//      <e>ECC
-#define MDK_CONF_ECC 1
-#if MDK_CONF_ECC == 1
-#define HAVE_ECC
-#endif
-//  </e>
-
-//      <e>CURVE25519
-#define MDK_CONF_CURVE25519 1
-#if MDK_CONF_CURVE25519 == 1
-#define HAVE_CURVE25519
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>CURVE25519 SMALL
-#define MDK_CONF_CURVE25519_SMALL 0
-#if MDK_CONF_CURVE25519_SMALL == 1
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>ED25519
-#define MDK_CONF_ED25519 1
-#if MDK_CONF_ED25519 == 1
-#define HAVE_ED25519
-#endif
-//  </e>
-//      <e>ED25519 SMALL
-#define MDK_CONF_ED25519_SMALL 0
-#if MDK_CONF_ED25519_SMALL == 1
-#define ED25519_SMALL
-#endif
-//  </e>
-//      <e>PKCS7
-#define MDK_CONF_PKCS7 0
-#if MDK_CONF_PKCS7 == 1
-#define HAVE_PKCS7
-#endif
-//  </e>
-//  </h>
-
-//      <e>Random Seed, for TEST Only
-#define MDK_CONF_RNDSEED 1
-#if MDK_CONF_RNDSEED == 1
-#define WOLFSSL_GENSEED_FORTEST
-#endif
-//  </e>
-
-//  <h>Hardware Crypt (See document for usage)
-//      <e>Hardware RNG
-#define MDK_CONF_STM32F2_RNG 0
-#if MDK_CONF_STM32F2_RNG == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_RNG
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Crypt
-#define MDK_CONF_STM32F2_CRYPTO 0
-#if MDK_CONF_STM32F2_CRYPTO == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_CRYPTO
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Hash
-#define MDK_CONF_STM32F2_HASH 0
-#if MDK_CONF_STM32F2_HASH == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_HASH
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-// </h>
-
-//  <h>Cert/Key Strage
-//        <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
-#define MDK_CONF_CERT_BUFF 0
-#if MDK_CONF_CERT_BUFF== 1
-#define USE_CERT_BUFFERS_1024
-#elif MDK_CONF_CERT_BUFF == 2
-#define USE_CERT_BUFFERS_2048
-#endif
-//</h>
-//  <h>Cert/Key Generation
-//      <e>CertGen
-#define MDK_CONF_CERT_GEN 0
-#if MDK_CONF_CERT_GEN == 1
-#define WOLFSSL_CERT_GEN
-#endif
-//  </e>
-//      <e>KeyGen
-#define MDK_CONF_KEY_GEN 0
-#if MDK_CONF_KEY_GEN == 1
-#define WOLFSSL_KEY_GEN
-#endif
-//  </e>
-// </h>
-//      <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
-#endif
-//  </e>
-//      <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-//  </e>
-
-//  </h>
-
-
-/**** wolfSSL Configuration ****/
-
-// <h> wolfSSL Configuration
-
-//      <e>TLS 1.3
-#define MDK_CONF_TLS 1
-#if MDK_CONF_TLS == 1
-#define WOLFSSL_TLS13
-#define HAVE_TLS_EXTENSIONS
-#define HAVE_SUPPORTED_CURVES
-#define WC_RSA_PSS
-#define HAVE_HKDF
-#define HAVE_FFDHE_2048
-#endif
-//  </e>
-
-//      <e>Include Old TLS
-#define MDK_CONF_NO_OLDTLS 0
-#if MDK_CONF_NO_OLDTLS == 0
-#define NO_OLD_TLS
-#endif
-//  </e>
-//      <e>CRL
-#define MDK_CONF_CRL 0
-#if MDK_CONF_CRL == 1
-#define HAVE_CRL
-#define WOLFSSL_DER_LOAD
-#endif
-//  </e>
-//      <e>OCSP
-#define MDK_CONF_OCSP 0
-#if MDK_CONF_OCSP == 1
-#define HAVE_OCSP
-#endif
-//  </e>
-//      <e>OpenSSL Extra
-#define MDK_CONF_OPENSSL_EXTRA 0
-#if MDK_CONF_OPENSSL_EXTRA == 1
-#define OPENSSL_EXTRA
-#endif
-//  </e>
-
-//</h>

IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvoptx

@@ -298,7 +298,7 @@
       <tvExp>0</tvExp>
       <tvExpOptDlg>0</tvExpOptDlg>
       <bDave2>0</bDave2>
-      <PathWithFileName>.\RTE\wolfSSL\user_settings.h</PathWithFileName>
+      <PathWithFileName>..\..\Conf\user_settings.h</PathWithFileName>
       <FilenameWithoutPath>user_settings.h</FilenameWithoutPath>
       <RteFlg>0</RteFlg>
       <bShared>0</bShared>

IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvprojx

@@ -413,7 +413,7 @@
             <File>
               <FileName>user_settings.h</FileName>
               <FileType>5</FileType>
-              <FilePath>.\RTE\wolfSSL\user_settings.h</FilePath>
+              <FilePath>..\..\Conf\user_settings.h</FilePath>
             </File>
           </Files>
         </Group>
@@ -912,7 +912,7 @@
         <targetInfos/>
       </file>
       <file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\user_settings.h" version="3.15.7">
-        <instance index="0">RTE\wolfSSL\user_settings.h</instance>
+        <instance index="0">..\..\Conf\user_settings.h</instance>
         <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfSSL" Csub="Core" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core"/>
         <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
         <targetInfos>

IDE/MDK5-ARM/Projects/SimpleServer/main.c

@@ -66,11 +66,9 @@
 
 //   <h>RTC: for validate certificate date
 //    <o>Year <1970-2099>
-#define RTC_YEAR 2019
-//    <o>Month <1=>Jan<2=>Feb<3=>Mar<4=>Apr<5=>May<6=>Jun<7=>Jul<8=>Aut<9=>Sep<10=>Oct<11=>Nov<12=>Dec
+#define RTC_YEAR  2023
 #define RTC_MONTH 1
-//    <o>Day <1-31>
-#define RTC_DAY 1
+#define RTC_DAY   1
 //    </h>
 
 //------------- <<< end of configuration section >>> -----------------------
@@ -94,22 +92,23 @@ static void CPU_CACHE_Enable (void) {
 #if !defined(NO_FILESYSTEM)
 #include "rl_fs.h"                      /* FileSystem definitions             */
 
-static void init_filesystem (void) {
-  int32_t retv;
+static void init_filesystem(void)
+{
+    int32_t retv;
 
-  retv = finit ("M0:");
-  if (retv == fsOK) {
-    retv = fmount ("M0:");
+    retv = finit ("M0:");
     if (retv == fsOK) {
-      printf ("Drive M0 ready!\n");
+        retv = fmount ("M0:");
+        if (retv == fsOK) {
+            printf ("Drive M0 ready!\n");
+        }
+        else {
+            printf ("Drive M0 mount failed(%d)!\n", retv);
+        }
     }
     else {
-      printf ("Drive M0 mount failed(%d)!\n", retv);
+        printf ("Drive M0 initialization failed!\n");
     }
-  }
-  else {
-    printf ("Drive M0 initialization failed!\n");
-  }
 }
 #endif
 
@@ -121,20 +120,20 @@ extern uint32_t os_time;
 
 uint32_t HAL_GetTick(void)
 {
-    #if defined(WOLFSSL_CMSIS_RTOS)
-        return os_time;
-    #elif defined(WOLFSSL_CMSIS_RTOSv2)
-        return osKernelGetTickCount();
-    #endif
+#if defined(WOLFSSL_CMSIS_RTOS)
+    return os_time;
+#elif defined(WOLFSSL_CMSIS_RTOSv2)
+    return osKernelGetTickCount();
+#endif
 }
 
 double current_time(int reset)
 {
-    #if defined(WOLFSSL_CMSIS_RTOS)
-        return (double)os_time / 1000.0;
-    #elif defined(WOLFSSL_CMSIS_RTOSv2)
-        return (double)osKernelGetTickCount() / 1000.0;
-    #endif
+#if defined(WOLFSSL_CMSIS_RTOS)
+    return (double)os_time / 1000.0;
+#elif defined(WOLFSSL_CMSIS_RTOSv2)
+    return (double)osKernelGetTickCount() / 1000.0;
+#endif
 }
 
 #else
@@ -143,8 +142,8 @@ double current_time(int reset)
 #define DWT                 ((DWT_Type       *)     (0xE0001000UL)     )
 typedef struct
 {
-  uint32_t CTRL;       /*!< Offset: 0x000 (R/W)  Control Register           */
-  uint32_t CYCCNT;     /*!< Offset: 0x004 (R/W)  Cycle Count Register       */
+    uint32_t CTRL;       /*!< Offset: 0x000 (R/W)  Control Register           */
+    uint32_t CYCCNT;     /*!< Offset: 0x004 (R/W)  Cycle Count Register       */
 } DWT_Type;
 
 extern uint32_t SystemCoreClock;
@@ -203,22 +202,22 @@ int main(void)
 {
     static char *argv[] =
         {   "server",  "-p", SERVER_PORT,
-                       "-v",  " ",  OTHER_OPTIONS } ;
+                       "-v",  " ",  OTHER_OPTIONS };
     static   func_args args  =
-        {  sizeof(argv)/sizeof(*argv[0]), argv } ;
+        {  sizeof(argv)/sizeof(*argv[0]), argv };
 
     char *verStr[] = { "SSL3", "TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"};
     #define VERSIZE 2
     char ver[VERSIZE];
-                    
+
     MPU_Config();                             /* Configure the MPU              */
     CPU_CACHE_Enable();                       /* Enable the CPU Cache           */
     HAL_Init();                               /* Initialize the HAL Library     */
     SystemClock_Config();                     /* Configure the System Clock     */
 
-    #if !defined(NO_FILESYSTEM)
+#if !defined(NO_FILESYSTEM)
     init_filesystem ();
-    #endif
+#endif
 
 #if defined(WOLFSSL_CMSIS_RTOSv2)
     osKernelInitialize();
@@ -232,10 +231,12 @@ int main(void)
     snprintf(ver, VERSIZE, "%d", TLS_VER);
     argv[4] = ver;
 
-    printf("SSL/TLS Server\n ") ;
-    printf("    Server Port: %s\n    Version: %s\n", argv[2], verStr[TLS_VER]) ;
-    printf("    Other options: %s\n", OTHER_OPTIONS);   
-    setTime((RTC_YEAR-1970)*365*24*60*60 + RTC_MONTH*30*24*60*60 + RTC_DAY*24*60*60);
+    printf("SSL/TLS Server\n ");
+    printf("    Server Port: %s\n    Version: %s\n", argv[2], verStr[TLS_VER]);
+    printf("    Other options: %s\n", OTHER_OPTIONS);
+    setTime((RTC_YEAR-1970)*365*24*60*60 +
+             RTC_MONTH*30*24*60*60 +
+             RTC_DAY*24*60*60);
 
 #if defined(WOLFSSL_CMSIS_RTOS)
     osThreadCreate(osThread(app_main), (void *)&args);