Merge pull request #8323 from JacobBarthelmeh/release

prepare for release 5.7.6

.codespellexcludelines

@@ -0,0 +1,18 @@
+###############################################################################
+# In this file, you should add the line of the file that needs to be ignored.
+# The line should be exactly as it appears in the file.
+###############################################################################
+        0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, /* .Enginee */
+        0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, /* fo@wolfs */
+        0x0a, 0x8b, 0x98, 0xf3, 0xe3, 0xff, 0x4e, 0x44, /* ......ND */
+ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd\n\
+static const byte plaintext[] = "Lorem ipsum dolor sit amet, consectetur adipiscing elit. Cras lacus odio, pretium vel sagittis ac, facilisis quis diam. Vivamus condimentum velit sed dolor consequat interdum. Etiam eleifend ornare felis, eleifend egestas odio vulputate eu. Sed nec orci nunc. Etiam quis mi augue. Donec ullamcorper suscipit lorem, vel luctus augue cursus fermentum. Etiam a porta arcu, in convallis sem. Integer efficitur elementum diam, vel scelerisque felis posuere placerat. Donec vestibulum sit amet leo sit amet tincidunt. Etiam et vehicula turpis. Phasellus quis finibus sapien. Sed et tristique turpis. Nullam vitae sagittis tortor, et aliquet lorem. Cras a leo scelerisque, convallis lacus ut, fermentum urna. Mauris quis urna diam. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. Nam aliquam vehicula orci id pulvinar. Proin mollis, libero sollicitudin tempor ultrices, massa augue tincidunt turpis, sit amet aliquam neque nibh nec dui. Fusce finibus massa quis rutrum suscipit cras amet";
+rsource "Kconfig.tls-generic"
+        /* Loop over authenticated associated data AD1..ADn */
+  /* no easy answer [c'est la vie].  Just division */
+    const uint8_t* hashIn, int hashSz)
+    XMEMCPY(hash + (curveSz - hashSz), hashIn, hashSz);
+        0x63, 0x72, 0x65, 0x65, 0x6e, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x62, 0x65, 0x20, 0x69, /* creen would be i */
+\pagenumbering{alph}
+    DES3_KEY_SIZE       = 24,  /* 3 des ede               */
+/* functions added to support above needed, removed TOOM and KARATSUBA */

.github/workflows/codespell.yml

@@ -0,0 +1,30 @@
+name: Codespell test
+
+on:
+  push:
+    branches: [ 'master', 'main', 'release/**' ]
+  pull_request:
+    branches: [ '*' ]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+# END OF COMMON SECTION
+
+jobs:
+  codespell:
+    if: github.repository_owner == 'wolfssl'
+    runs-on: ubuntu-22.04
+    steps:
+    - uses: actions/checkout@v4
+
+    - uses: codespell-project/actions-codespell@v2.1
+      with:
+        check_filenames: true
+        check_hidden: true
+          # Add comma separated list of words that occur multiple times that should be ignored (sorted alphabetically, case sensitive)
+        ignore_words_list: adin,aNULL,carryIn,chainG,ciph,cLen,cliKs,dout,haveA,inCreated,inOut,inout,larg,LEAPYEAR,Merget,optionA,parm,parms,repid,rIn,userA,ser,siz,te,Te
+          # The exclude_file contains lines of code that should be ignored. This is useful for individual lines which have non-words that can safely be ignored.
+        exclude_file: '.codespellexcludelines'
+          # To skip files entirely from being processed, add it to the following list:
+        skip: '*.cproject,*.der,*.mtpj,*.pem,*.vcxproj,.git,*.launch,*.scfg,*.revoked'

.github/workflows/coverity-scan-fixes.yml

@@ -1,9 +1,11 @@
-name: Coverity Scan master branch on a daily basis
+name: Coverity Scan master branch
 
 on:
   workflow_dispatch:
   schedule:
-    - cron: "0 0 * * *"
+    - cron: '0 0 * * 1-5'
+    - cron: '0 0 * * 0'
+    - cron: '0 12 * * 0'
 
 jobs:
   coverity:
@@ -14,11 +16,24 @@ jobs:
       with:
         ref: master
 
-    - name: Configure wolfSSL
+    - name: Configure wolfSSL with enable-all M-F
+      if: github.event.schedule == '0 0 * * 1-5'
       run: |
         ./autogen.sh
         ./configure --enable-all
 
+    - name: Configure wolfSSL with enable-all enable-smallstack Sun at 00:00
+      if: github.event.schedule == '0 0 * * 0'
+      run: |
+        ./autogen.sh
+        ./configure --enable-all --enable-smallstack
+
+    - name: Configure wolfSSL with bigendian Sun at 12:00
+      if: github.event.schedule == '0 12 * * 0'
+      run: |
+        ./autogen.sh
+        ./configure --enable-all CFLAGS="-DBIG_ENDIAN_ORDER"
+
     - name: Check secrets
       env:
         token_var: ${{ secrets.COVERITY_SCAN_TOKEN }}

.github/workflows/curl.yml

@@ -52,8 +52,7 @@ jobs:
     - name: Install test dependencies
       run: |
         sudo apt-get update
-        sudo apt-get install nghttp2 libpsl5 libpsl-dev
-        sudo pip install impacket
+        sudo apt-get install nghttp2 libpsl5 libpsl-dev python3-impacket
 
     - name: Download lib
       uses: actions/download-artifact@v4

.github/workflows/disabled/haproxy.yml

@@ -21,7 +21,7 @@ jobs:
         ref: [ master ]
     name: ${{ matrix.ref }}
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-latest
     steps:
       - name: Build wolfSSL
         uses: wolfSSL/actions-build-autotools-project@v1

.github/workflows/disabled/hitch.yml

@@ -17,7 +17,7 @@ jobs:
     name: Build wolfSSL
     if: github.repository_owner == 'wolfssl'
     # Just to keep it the same as the testing target
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-latest
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     steps:
@@ -49,7 +49,7 @@ jobs:
               test13-r82.sh test15-proxy-v2-npn.sh test39-client-cert-proxy.sh
     name: ${{ matrix.ref }}
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-latest
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     needs: build_wolfssl

.github/workflows/docker-Espressif.yml

@@ -23,7 +23,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - name: Initialize Espressif IDE and build examples
-        run: . /opt/esp/idf/export.sh; IDE/Espressif/ESP-IDF/compileAllExamples.sh
+        run: cd /opt/esp/idf && . ./export.sh && cd $GITHUB_WORKSPACE; IDE/Espressif/ESP-IDF/compileAllExamples.sh
   espressif_v4_4:
     name: v4.4 Docker container
     if: github.repository_owner == 'wolfssl'
@@ -33,7 +33,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - name: Initialize Espressif IDE and build examples
-        run: . /opt/esp/idf/export.sh; IDE/Espressif/ESP-IDF/compileAllExamples.sh
+        run: cd /opt/esp/idf && . ./export.sh && cd $GITHUB_WORKSPACE; IDE/Espressif/ESP-IDF/compileAllExamples.sh
   espressif_v5_0:
     name: v5.0 Docker container
     if: github.repository_owner == 'wolfssl'
@@ -43,4 +43,4 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - name: Initialize Espressif IDE and build examples
-        run: . /opt/esp/idf/export.sh; IDE/Espressif/ESP-IDF/compileAllExamples.sh
+        run: cd /opt/esp/idf && . ./export.sh && cd $GITHUB_WORKSPACE; IDE/Espressif/ESP-IDF/compileAllExamples.sh

.github/workflows/gencertbuf.yml

@@ -0,0 +1,41 @@
+name: Test gencertbuf script
+
+# START OF COMMON SECTION
+on:
+  push:
+    branches: [ 'master', 'main', 'release/**' ]
+  pull_request:
+    branches: [ '*' ]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+# END OF COMMON SECTION
+
+jobs:
+  gencertbuf:
+    name: gencertbuf
+    if: github.repository_owner == 'wolfssl'
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 6
+    steps:
+      - uses: actions/checkout@v4
+        name: Checkout wolfSSL
+
+      - name: Test generate wolfssl/certs_test.h
+        run: ./gencertbuf.pl
+
+      - name: Test wolfSSL
+        run: |
+          ./autogen.sh
+          ./configure --enable-all --enable-experimental --enable-dilithium --enable-kyber
+          make
+          ./wolfcrypt/test/testwolfcrypt
+
+      - name: Print errors
+        if: ${{ failure() }}
+        run: |
+          if [ -f test-suite.log ] ; then
+            cat test-suite.log
+          fi

.github/workflows/haproxy.yml

@@ -0,0 +1,91 @@
+name: haproxy Test
+
+# START OF COMMON SECTION
+on:
+  push:
+    branches: [ 'master', 'main', 'release/**' ]
+  pull_request:
+    branches: [ '*' ]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+# END OF COMMON SECTION
+
+jobs:
+  build_wolfssl:
+    name: Build wolfSSL
+    if: github.repository_owner == 'wolfssl'
+    runs-on: ubuntu-22.04
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
+    steps:
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-haproxy
+          install: true
+
+      - name: tar build-dir
+        run: tar -zcf build-dir.tgz build-dir
+
+      - name: Upload built lib
+        uses: actions/upload-artifact@v4
+        with:
+          name: wolf-install-haproxy
+          path: build-dir.tgz
+          retention-days: 5
+
+  test_haproxy:
+    name: ${{ matrix.haproxy_ref }}
+    if: github.repository_owner == 'wolfssl'
+    runs-on: ubuntu-22.04
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 15
+    needs: build_wolfssl
+    strategy:
+      fail-fast: false
+      matrix:
+        haproxy_ref: [ 'v3.1.0' ]
+    steps:
+    - name: Install test dependencies
+      run: |
+        sudo apt-get update
+        sudo apt-get install libpcre2-dev
+
+    - name: Download lib
+      uses: actions/download-artifact@v4
+      with:
+        name: wolf-install-haproxy
+
+    - name: untar build-dir
+      run: tar -xf build-dir.tgz
+
+    # check cache for haproxy if not there then download it
+    - name: Check haproxy cache
+      uses: actions/cache@v4
+      id: cache-haproxy
+      with:
+        path: build-dir/haproxy-${{matrix.haproxy_ref}}
+        key: haproxy-${{matrix.haproxy_ref}}
+
+    - name: Download haproxy if needed
+      if: steps.cache-haproxy.outputs.cache-hit != 'true'
+      uses: actions/checkout@v3
+      with:
+        repository: haproxy/haproxy
+        ref: ${{matrix.haproxy_ref}}
+        path: build-dir/haproxy-${{matrix.haproxy_ref}}
+
+    - name: Build haproxy
+      working-directory: build-dir/haproxy-${{matrix.haproxy_ref}}
+      run: make clean && make TARGET=linux-glibc USE_OPENSSL_WOLFSSL=1 SSL_LIB=$GITHUB_WORKSPACE/build-dir/lib SSL_INC=$GITHUB_WORKSPACE/build-dir/include ADDLIB=-Wl,-rpath,$GITHUB_WORKSPACE/build-dir/lib CFLAGS="-fsanitize=address" LDFLAGS="-fsanitize=address"
+
+    - name: Build haproxy vtest
+      working-directory: build-dir/haproxy-${{matrix.haproxy_ref}}
+      run: ./scripts/build-vtest.sh
+
+    - name: Test haproxy
+      working-directory: build-dir/haproxy-${{matrix.haproxy_ref}}
+      run: VTEST_PROGRAM=$GITHUB_WORKSPACE/build-dir/vtest/vtest make reg-tests -- --debug reg-tests/ssl/*

.github/workflows/hostap-vm.yml

@@ -13,7 +13,7 @@ concurrency:
 # END OF COMMON SECTION
 
 env:
-  LINUX_REF: v6.6
+  LINUX_REF: v6.12
 
 jobs:
   build_wolfssl:
@@ -63,27 +63,47 @@ jobs:
           path: build-dir.tgz
           retention-days: 5
 
+  checkout_hostap:
+    name: Checkout hostap repo
+    if: github.repository_owner == 'wolfssl'
+    runs-on: ubuntu-22.04
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 10
+    steps:
+      - name: Checking if we have hostap in cache
+        uses: actions/cache@v4
+        id: cache
+        with:
+          path: hostap
+          key: hostap-repo
+          lookup-only: true
+
+      - name: Checkout hostap
+        run: git clone git://w1.fi/hostap.git hostap
+
   build_uml_linux:
     name: Build UML (UserMode Linux)
     if: github.repository_owner == 'wolfssl'
     runs-on: ubuntu-22.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 10
+    needs: checkout_hostap
     steps:
       - name: Checking if we have kernel in cache
         uses: actions/cache@v4
         id: cache
         with:
           path: linux/linux
-          key: ${{ env.LINUX_REF }}
+          key: hostap-linux-${{ env.LINUX_REF }}
           lookup-only: true
 
-      - name: Checkout hostap
+      - name: Checking if we have hostap in cache
         if: steps.cache.outputs.cache-hit != 'true'
-        uses: actions/checkout@v4
+        uses: actions/cache/restore@v4
         with:
-          repository: julek-wolfssl/hostap-mirror
           path: hostap
+          key: hostap-repo
+          fail-on-cache-miss: true
 
       - name: Checkout linux
         if: steps.cache.outputs.cache-hit != 'true'
@@ -91,6 +111,7 @@ jobs:
         with:
           repository: torvalds/linux
           path: linux
+          ref: ${{ env.LINUX_REF }}
 
       - name: Compile linux
         if: steps.cache.outputs.cache-hit != 'true'
@@ -141,19 +162,18 @@ jobs:
               build_id: hostap-vm-build2
             }
     name: hwsim test
-    # For openssl 1.1
     if: github.repository_owner == 'wolfssl'
     runs-on: ubuntu-22.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 45
-    needs: [build_wolfssl, build_uml_linux]
+    needs: [build_wolfssl, build_uml_linux, checkout_hostap]
     steps:
       - name: Checking if we have kernel in cache
         uses: actions/cache/restore@v4
         id: cache
         with:
           path: linux/linux
-          key: ${{ env.LINUX_REF }}
+          key: hostap-linux-${{ env.LINUX_REF }}
           fail-on-cache-miss: true
 
       - name: show file structure
@@ -196,15 +216,18 @@ jobs:
           # hostap dependencies
           sudo apt-get install -y libpcap0.8 libpcap-dev curl libcurl4-openssl-dev \
             libnl-3-dev binutils-dev libssl-dev libiberty-dev libnl-genl-3-dev \
-            libnl-route-3-dev libdbus-1-dev bridge-utils tshark
-          sudo pip3 install pycryptodome
+            libnl-route-3-dev libdbus-1-dev bridge-utils tshark python3-pycryptodome
 
-      - name: Checkout hostap
-        uses: actions/checkout@v4
+      - name: Checking if we have hostap in cache
+        uses: actions/cache/restore@v4
         with:
-          repository: julek-wolfssl/hostap-mirror
           path: hostap
-          ref: ${{ matrix.config.hostap_ref }}
+          key: hostap-repo
+          fail-on-cache-miss: true
+
+      - name: Checkout correct ref
+        working-directory: hostap
+        run: git checkout ${{ matrix.config.hostap_ref }}
 
       - name: Update certs
         working-directory: hostap/tests/hwsim/auth_serv

.github/workflows/ipmitool.yml

@@ -51,6 +51,8 @@ jobs:
     runs-on: ubuntu-22.04
     needs: build_wolfssl
     steps:
+      - name: Install dependencies
+        run: export DEBIAN_FRONTEND=noninteractive && sudo apt-get update && sudo apt-get install -y libreadline8
       - name: Download lib
         uses: actions/download-artifact@v4
         with:

.github/workflows/jwt-cpp.yml

@@ -41,13 +41,17 @@ jobs:
           retention-days: 5
 
   build_pam-ipmi:
+    if: github.repository_owner == 'wolfssl'
     strategy:
       fail-fast: false
       matrix:
-        ref: [ 0.6.0 ]
-    name: ${{ matrix.ref }}
-    if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-22.04
+        config:
+          - ref: 0.7.0
+            runner: ubuntu-22.04
+          - ref: 0.6.0
+            runner: ubuntu-22.04
+    name: ${{ matrix.config.ref }}
+    runs-on: ${{ matrix.config.runner }}
     needs: build_wolfssl
     steps:
       - name: Install dependencies
@@ -76,12 +80,12 @@ jobs:
         with:
           repository: Thalhammer/jwt-cpp
           path: jwt-cpp
-          ref: v${{ matrix.ref }}
+          ref: v${{ matrix.config.ref }}
 
       - name: Build pam-ipmi
         working-directory: jwt-cpp
         run: |
-          patch -p1 < ../osp/jwt-cpp/${{ matrix.ref }}.patch
+          patch -p1 < ../osp/jwt-cpp/${{ matrix.config.ref }}.patch
           PKG_CONFIG_PATH=$GITHUB_WORKSPACE/build-dir/lib/pkgconfig \
             cmake -B build -DJWT_SSL_LIBRARY:STRING=wolfSSL -DJWT_BUILD_TESTS=ON .
           make -j -C build

.github/workflows/libspdm.yml

@@ -0,0 +1,91 @@
+name: libspdm Tests
+
+# START OF COMMON SECTION
+on:
+  push:
+    branches: [ 'master', 'main', 'release/**' ]
+  pull_request:
+    branches: [ '*' ]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+# END OF COMMON SECTION
+
+jobs:
+  build_wolfssl:
+    name: Build wolfSSL
+    if: github.repository_owner == 'wolfssl'
+    # Just to keep it the same as the testing target
+    runs-on: ubuntu-22.04
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
+    steps:
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-all --enable-static CFLAGS='-DRSA_MIN_SIZE=512'
+          install: true
+
+      - name: tar build-dir
+        run: tar -zcf build-dir.tgz build-dir
+
+      - name: Upload built lib
+        uses: actions/upload-artifact@v4
+        with:
+          name: wolf-install-libspdm
+          path: build-dir.tgz
+          retention-days: 5
+
+  libspdm_check:
+    strategy:
+      fail-fast: false
+      matrix:
+        # List of releases to test
+        ref: [ 3.3.0 ]
+    name: ${{ matrix.ref }}
+    if: github.repository_owner == 'wolfssl'
+    runs-on: ubuntu-22.04
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
+    needs: build_wolfssl
+    steps:
+      - name: Download lib
+        uses: actions/download-artifact@v4
+        with:
+          name: wolf-install-libspdm
+
+      - name: untar build-dir
+        run: tar -xf build-dir.tgz
+
+      - name: Checkout OSP
+        uses: actions/checkout@v4
+        with:
+          repository: wolfssl/osp
+          path: osp
+
+      - name: Checkout libspdm
+        uses: actions/checkout@v4
+        with:
+          repository: DMTF/libspdm
+          path: libspdm
+          ref: ${{ matrix.ref }}
+
+      - name: Build and test libspdm
+        working-directory: libspdm
+        run: |
+          patch -p1 < ../osp/libspdm/${{ matrix.ref }}/libspdm-${{ matrix.ref }}.patch
+          git submodule update --init --recursive
+          # Silence cmake version warnings
+          find -name CMakeLists.txt -exec sed -i 's/cmake_minimum_required.*/cmake_minimum_required(VERSION 3.10)/g' {} \;
+          mkdir build
+          cd build
+          cmake -DARCH=x64 -DTOOLCHAIN=GCC -DTARGET=Debug -DCRYPTO=wolfssl -DENABLE_BINARY_BUILD=1 \
+            -DCOMPILED_LIBWOLFSSL_PATH=$GITHUB_WORKSPACE/build-dir/lib/libwolfssl.a \
+            -DWOLFSSL_INCDIR=$GITHUB_WORKSPACE/build-dir/include ..
+          make -j
+          cd ../unit_test/sample_key
+          ../../build/bin/test_crypt
+          ../../build/bin/test_spdm_secured_message
+          ../../build/bin/test_spdm_crypt

.github/workflows/mbedtls.sh

@@ -0,0 +1,79 @@
+#!/usr/bin/env bash
+
+set -e
+set -x
+
+# Basic TLS test
+./mbedtls/build/programs/ssl/ssl_server2 > /tmp/server.log 2>&1 &
+SERVER_PID=$!
+sleep 0.1
+./mbedtls/build/programs/ssl/ssl_client2 # Confirm working with mbed
+env -C wolfssl ./examples/client/client -p 4433 -g \
+  -A ../mbedtls/framework/data_files/test-ca-sha256.crt \
+  -c ../mbedtls/framework/data_files/cli-rsa-sha256.crt \
+  -k ../mbedtls/framework/data_files/cli-rsa-sha256.key.pem
+kill $SERVER_PID
+sleep 0.1
+env -C wolfssl ./examples/server/server -p 4433 -i -g \
+  -A ../mbedtls/framework/data_files/test-ca-sha256.crt \
+  -c ../mbedtls/framework/data_files/server2-sha256.crt \
+  -k ../mbedtls/framework/data_files/server2.key.pem > /tmp/server.log 2>&1 &
+SERVER_PID=$!
+sleep 0.1
+./mbedtls/build/programs/ssl/ssl_client2
+env -C wolfssl ./examples/client/client -p 4433 -g \
+  -A ../mbedtls/framework/data_files/test-ca-sha256.crt \
+  -c ../mbedtls/framework/data_files/cli-rsa-sha256.crt \
+  -k ../mbedtls/framework/data_files/cli-rsa-sha256.key.pem
+kill $SERVER_PID
+sleep 0.1
+
+# Basic DTLS test
+./mbedtls/build/programs/ssl/ssl_server2 dtls=1 > /tmp/server.log 2>&1 &
+SERVER_PID=$!
+sleep 0.1
+./mbedtls/build/programs/ssl/ssl_client2 dtls=1 # Confirm working with mbed
+env -C wolfssl ./examples/client/client -p 4433 -g -u \
+  -A ../mbedtls/framework/data_files/test-ca-sha256.crt \
+  -c ../mbedtls/framework/data_files/cli-rsa-sha256.crt \
+  -k ../mbedtls/framework/data_files/cli-rsa-sha256.key.pem
+kill $SERVER_PID
+sleep 0.1
+env -C wolfssl ./examples/server/server -p 4433 -i -g -u \
+  -A ../mbedtls/framework/data_files/test-ca-sha256.crt \
+  -c ../mbedtls/framework/data_files/server2-sha256.crt \
+  -k ../mbedtls/framework/data_files/server2.key.pem > /tmp/server.log 2>&1 &
+SERVER_PID=$!
+sleep 0.1
+env -C wolfssl ./examples/client/client -p 4433 -g -u \
+  -A ../mbedtls/framework/data_files/test-ca-sha256.crt \
+  -c ../mbedtls/framework/data_files/cli-rsa-sha256.crt \
+  -k ../mbedtls/framework/data_files/cli-rsa-sha256.key.pem
+./mbedtls/build/programs/ssl/ssl_client2 dtls=1
+kill $SERVER_PID
+sleep 0.1
+
+# DTLS 1.2 CID test
+./mbedtls/build/programs/ssl/ssl_server2 dtls=1 cid=1 cid_val=121212 > /tmp/server.log 2>&1 &
+SERVER_PID=$!
+sleep 0.1
+./mbedtls/build/programs/ssl/ssl_client2 dtls=1 cid=1 cid_val=232323  # Confirm working with mbed
+env -C wolfssl ./examples/client/client -p 4433 -g -u --cid 232323 \
+  -A ../mbedtls/framework/data_files/test-ca-sha256.crt \
+  -c ../mbedtls/framework/data_files/cli-rsa-sha256.crt \
+  -k ../mbedtls/framework/data_files/cli-rsa-sha256.key.pem
+kill $SERVER_PID
+sleep 0.1
+env -C wolfssl ./examples/server/server -p 4433 -i -g -u --cid 121212 \
+  -A ../mbedtls/framework/data_files/test-ca-sha256.crt \
+  -c ../mbedtls/framework/data_files/server2-sha256.crt \
+  -k ../mbedtls/framework/data_files/server2.key.pem > /tmp/server.log 2>&1 &
+SERVER_PID=$!
+sleep 0.1
+./mbedtls/build/programs/ssl/ssl_client2 dtls=1 cid_val=232323
+env -C wolfssl ./examples/client/client -p 4433 -g -u --cid 232323 \
+  -A ../mbedtls/framework/data_files/test-ca-sha256.crt \
+  -c ../mbedtls/framework/data_files/cli-rsa-sha256.crt \
+  -k ../mbedtls/framework/data_files/cli-rsa-sha256.key.pem
+kill $SERVER_PID
+sleep 0.1

.github/workflows/mbedtls.yml

@@ -0,0 +1,86 @@
+name: mbedtls interop Tests
+
+# START OF COMMON SECTION
+on:
+  push:
+    branches: [ 'master', 'main', 'release/**' ]
+  pull_request:
+    branches: [ '*' ]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+# END OF COMMON SECTION
+
+env:
+  MBED_REF: v3.6.2
+
+jobs:
+  build_mbedtls:
+    name: Build mbedtls
+    if: github.repository_owner == 'wolfssl'
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 10
+    steps:
+      - name: Checking if we have mbed in cache
+        uses: actions/cache@v4
+        id: cache
+        with:
+          path: mbedtls
+          key: mbedtls-${{ env.MBED_REF }}
+          lookup-only: true
+
+      - name: Checkout mbedtls
+        if: steps.cache.outputs.cache-hit != 'true'
+        uses: actions/checkout@v4
+        with:
+          repository: Mbed-TLS/mbedtls
+          ref: ${{ env.MBED_REF }}
+          path: mbedtls
+
+      - name: Compile mbedtls
+        if: steps.cache.outputs.cache-hit != 'true'
+        working-directory: mbedtls
+        run: |
+          git submodule update --init
+          mkdir build
+          cd build
+          cmake ..
+          make -j
+          # convert key to pem format
+          openssl pkey -in framework/data_files/cli-rsa-sha256.key.der -text > framework/data_files/cli-rsa-sha256.key.pem
+          openssl pkey -in framework/data_files/server2.key.der -text > framework/data_files/server2.key.pem
+
+  mbedtls_test:
+    name: Test interop with mbedtls
+    runs-on: ubuntu-latest
+    needs: build_mbedtls
+    timeout-minutes: 10
+    if: github.repository_owner == 'wolfssl'
+    steps:
+      - name: Disable IPv6 (IMPORTANT, OTHERWISE DTLS MBEDTLS CLIENT WON'T CONNECT)
+        run: echo 1 | sudo tee /proc/sys/net/ipv6/conf/lo/disable_ipv6
+
+      - name: Checking if we have mbed in cache
+        uses: actions/cache/restore@v4
+        id: cache
+        with:
+          path: mbedtls
+          key: mbedtls-${{ env.MBED_REF }}
+          fail-on-cache-miss: true
+
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-dtls --enable-dtlscid
+          install: false
+          check: false
+
+      - name: Test interop
+        run: bash wolfssl/.github/workflows/mbedtls.sh
+
+      - name: print server logs
+        if: ${{ failure() }}
+        run: cat /tmp/server.log

.github/workflows/mosquitto.yml

@@ -68,8 +68,7 @@ jobs:
         run: |
             export DEBIAN_FRONTEND=noninteractive
             sudo apt-get update
-            sudo apt-get install -y build-essential libev-dev libssl-dev automake python3-docutils libcunit1 libcunit1-doc libcunit1-dev pkg-config make
-            sudo pip install --upgrade psutil
+            sudo apt-get install -y build-essential libev-dev libssl-dev automake python3-docutils libcunit1 libcunit1-doc libcunit1-dev pkg-config make python3-psutil
 
       - name: Checkout mosquitto
         uses: actions/checkout@v4

.github/workflows/multi-compiler.yml

@@ -51,6 +51,8 @@ jobs:
     # This should be a safe limit for the tests to run.
     timeout-minutes: 4
     steps:
+      - name: Install dependencies
+        run: export DEBIAN_FRONTEND=noninteractive && sudo apt-get update && sudo apt-get install -y ${{ matrix.CC }}
       - uses: actions/checkout@v4
       - name: Build
         env:

.github/workflows/nss.sh

@@ -0,0 +1,27 @@
+#!/usr/bin/env bash
+
+set -e
+set -x
+
+# Setup nss cert db
+mkdir nssdb
+./dist/Debug/bin/certutil -d nssdb -N --empty-password
+./dist/Debug/bin/certutil -d nssdb  -A -a -i  wolfssl/certs/test/server-localhost.pem \
+    -t TCP -n 'wolf localhost'
+
+# App data for nss
+echo Hello from nss > /tmp/in
+
+# TLS 1.3 test
+env -C wolfssl ./examples/server/server -v 4 -p 4433 \
+    -c certs/test/server-localhost.pem -d -w > /tmp/server.log 2>&1 &
+sleep 0.1
+./dist/Debug/bin/tstclnt -V tls1.3: -h localhost -p 4433 -d nssdb -C -4 -A /tmp/in -v
+sleep 0.1
+
+# DTLS 1.3 test
+env -C wolfssl ./examples/server/server -v 4 -p 4433 -u \
+    -c certs/test/server-localhost.pem -d -w > /tmp/server.log 2>&1 &
+sleep 0.1
+./dist/Debug/bin/tstclnt -V tls1.3: -P client -h localhost -p 4433 -d nssdb -C -4 -A /tmp/in -v
+sleep 0.1

.github/workflows/nss.yml

@@ -0,0 +1,89 @@
+name: nss interop Tests
+
+### TODO uncomment stuff
+
+# START OF COMMON SECTION
+on:
+  push:
+    branches: [ 'master', 'main', 'release/**' ]
+  pull_request:
+    branches: [ '*' ]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+# END OF COMMON SECTION
+
+env:
+  NSS_REF: NSS_3_107_RTM
+
+jobs:
+  build_nss:
+    name: Build nss
+    if: github.repository_owner == 'wolfssl'
+    runs-on: ubuntu-22.04
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 30
+    steps:
+      - name: Checking if we have nss in cache
+        uses: actions/cache@v4
+        id: cache
+        with:
+          path: dist
+          key: nss-${{ env.NSS_REF }}
+          lookup-only: true
+
+      - name: Install dependencies
+        if: steps.cache.outputs.cache-hit != 'true'
+        run: |
+          # Don't prompt for anything
+          export DEBIAN_FRONTEND=noninteractive
+          sudo apt-get update
+          # hostap dependencies
+          sudo apt-get install -y gyp ninja-build
+
+      - name: Checkout nss
+        if: steps.cache.outputs.cache-hit != 'true'
+        uses: actions/checkout@v4
+        with:
+          repository: nss-dev/nss
+          ref: ${{ env.NSS_REF }}
+          path: nss
+
+      - name: Compile nss
+        if: steps.cache.outputs.cache-hit != 'true'
+        run: |
+          hg clone https://hg.mozilla.org/projects/nspr
+          cd nss
+          ./build.sh
+
+  nss_test:
+    name: Test interop with nss
+    runs-on: ubuntu-22.04
+    needs: build_nss
+    timeout-minutes: 10
+    if: github.repository_owner == 'wolfssl'
+    steps:
+      - name: Checking if we have nss in cache
+        uses: actions/cache/restore@v4
+        id: cache
+        with:
+          path: dist
+          key: nss-${{ env.NSS_REF }}
+          fail-on-cache-miss: true
+
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-dtls --enable-dtls13
+          install: false
+          check: false
+
+      - name: Test interop
+        run: bash wolfssl/.github/workflows/nss.sh
+
+      - name: print server logs
+        if: ${{ failure() }}
+        run: |
+          cat /tmp/server.log

.github/workflows/pam-ipmi.yml

@@ -56,8 +56,7 @@ jobs:
           # Don't prompt for anything
           export DEBIAN_FRONTEND=noninteractive
           sudo apt-get update
-          sudo apt-get install libpam-dev ninja-build
-          sudo pip3 install meson
+          sudo apt-get install libpam-dev ninja-build meson
 
       - name: Download lib
         uses: actions/download-artifact@v4

.github/workflows/socat.yml

@@ -70,7 +70,7 @@ jobs:
         run: |
           patch -p1 < ../osp/socat/1.8.0.0/socat-1.8.0.0.patch
           autoreconf -vfi
-          ./configure --with-wolfssl=$GITHUB_WORKSPACE/build-dir
+          ./configure --with-wolfssl=$GITHUB_WORKSPACE/build-dir --enable-default-ipv=4
           make
 
       - name: Run socat tests
@@ -78,4 +78,4 @@ jobs:
         run: |
           export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH
           export SHELL=/bin/bash
-          SOCAT=$GITHUB_WORKSPACE/socat-1.8.0.0/socat ./test.sh -t 0.5 --expect-fail 146,216,309,310,386,399,402,459,460,467,468,478,492,528,530
+          SOCAT=$GITHUB_WORKSPACE/socat-1.8.0.0/socat ./test.sh -t 0.5 --expect-fail 36,64,146,214,216,217,309,310,386,399,402,403,459,460,467,468,475,478,492,528,530

.github/workflows/softhsm.yml

@@ -17,7 +17,7 @@ jobs:
     name: Build wolfSSL
     if: github.repository_owner == 'wolfssl'
     # Just to keep it the same as the testing target
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 10
     steps:
@@ -47,7 +47,7 @@ jobs:
         ref: [ 2.6.1 ]
     name: ${{ matrix.ref }}
     if: github.repository_owner == 'wolfssl'
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     # This should be a safe limit for the tests to run.
     timeout-minutes: 20
     needs: build_wolfssl

.github/workflows/sssd.yml

@@ -14,6 +14,7 @@ concurrency:
 
 jobs:
   build_wolfssl:
+    if: github.repository_owner == 'wolfssl'
     name: Build wolfSSL
     # Just to keep it the same as the testing target
     runs-on: ubuntu-22.04
@@ -39,6 +40,7 @@ jobs:
           retention-days: 5
 
   sssd_check:
+    if: github.repository_owner == 'wolfssl'
     strategy:
       fail-fast: false
       matrix:

.github/workflows/zephyr.yml

@@ -46,7 +46,7 @@ jobs:
             libglib2.0-dev libgtk2.0-0 liblocale-gettext-perl libncurses5-dev libpcap-dev \
             libpopt0 libsdl1.2-dev libsdl2-dev libssl-dev libtool libtool-bin locales make \
             net-tools ninja-build openssh-client parallel pkg-config python3-dev python3-pip \
-            python3-ply python3-setuptools python-is-python3 qemu rsync socat srecord sudo \
+            python3-ply python3-setuptools python-is-python3 qemu-kvm rsync socat srecord sudo \
             texinfo unzip wget ovmf xz-utils
 
       - name: Install west

.gitignore

@@ -457,3 +457,7 @@ wrapper/Ada/obj/
 /**/.vscode/launch.json
 /**/.vscode/ipch
 /**/sdkconfig.esp32dev
+
+# Autogenerated debug trace headers
+wolfssl/debug-trace-error-codes.h
+wolfssl/debug-untrace-error-codes.h

.wolfssl_known_macro_extras

@@ -0,0 +1,983 @@
+AES_GCM_GMULT_NCT
+AFX_RESOURCE_DLL
+AFX_TARG_ENU
+ALLOW_BINARY_MISMATCH_INTROSPECTION
+ALLOW_V1_EXTENSIONS
+ANDROID
+APP_ESP_HTTP_CLIENT
+APP_ESP_HTTP_CLIENT_EXAMPLE
+APSTUDIO_INVOKED
+ARCH_sim
+ARDUINO
+ARDUINO_ARCH_RP2040
+ARDUINO_SAMD_NANO_33_IOT
+ARDUINO_SAM_DUE
+ASN_DUMP_OID
+ASN_TEMPLATE_SKIP_ISCA_CHECK
+ATCAPRINTF
+ATCA_ENABLE_DEPRECATED
+AVR
+BASE64_NO_TABLE
+BLAKE2B_SELFTEST
+BLAKE2S_SELFTEST
+BLOCKING
+BSP_DEFAULT_IO_CHANNEL_DEFINED
+BSP_LED_0
+BSP_LED_1
+BSP_SDCARD_ESDHC_CHANNEL
+BSP_SDCARD_SDHC_CHANNEL
+BSP_SDCARD_SPI_CHANNEL
+CAAM_OUT_INVALIDATE
+CIOCASYMFEAT
+CIOCGSESSINFO
+CMSIS_OS2_H_
+COMPONENT_WOLFSSL
+CONFIG_ARCH_CHIP_STM32F746ZG
+CONFIG_ARCH_CHIP_STM32H743ZI
+CONFIG_ARCH_CHIP_STM32L552ZE
+CONFIG_ARCH_POSIX
+CONFIG_ARM
+CONFIG_ARM64
+CONFIG_BOARD_NATIVE_POSIX
+CONFIG_COMPILER_OPTIMIZATION_DEFAULT
+CONFIG_COMPILER_OPTIMIZATION_NONE
+CONFIG_COMPILER_OPTIMIZATION_PERF
+CONFIG_COMPILER_OPTIMIZATION_SIZE
+CONFIG_CRYPTO_FIPS
+CONFIG_CRYPTO_MANAGER
+CONFIG_CSPRNG_ENABLED
+CONFIG_ESP32C2_DEFAULT_CPU_FREQ_MHZ
+CONFIG_ESP32C3_DEFAULT_CPU_FREQ_MHZ
+CONFIG_ESP32H2_DEFAULT_CPU_FREQ_MHZ
+CONFIG_ESP32S2_DEFAULT_CPU_FREQ_MHZ
+CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
+CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ
+CONFIG_ESP8266_XTAL_FREQ_26
+CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_160
+CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240
+CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_80
+CONFIG_ESP_ENABLE_WOLFSSH
+CONFIG_ESP_MAIN_TASK_STACK_SIZE
+CONFIG_ESP_TLS_USING_WOLFSSL
+CONFIG_ESP_WIFI_PASSWORD
+CONFIG_ESP_WIFI_SSID
+CONFIG_ESP_WOLFSSL_ENABLE_KYBER
+CONFIG_ESP_WOLFSSL_ENABLE_WOLFSSH
+CONFIG_ESP_WOLFSSL_NO_ESP32_CRYPT
+CONFIG_ESP_WOLFSSL_NO_HW_AES
+CONFIG_ESP_WOLFSSL_NO_HW_HASH
+CONFIG_ESP_WOLFSSL_NO_HW_RSA_PRI
+CONFIG_ESP_WOLFSSL_NO_HW_RSA_PRI_EXPTMOD
+CONFIG_ESP_WOLFSSL_NO_HW_RSA_PRI_MP_MUL
+CONFIG_ESP_WOLFSSL_NO_HW_RSA_PRI_MULMOD
+CONFIG_FREERTOS_HZ
+CONFIG_FREERTOS_UNICORE
+CONFIG_IDF_TARGET
+CONFIG_IDF_TARGET_ARCH_RISCV
+CONFIG_IDF_TARGET_ARCH_XTENSA
+CONFIG_IDF_TARGET_ESP32
+CONFIG_IDF_TARGET_ESP32C2
+CONFIG_IDF_TARGET_ESP32C3
+CONFIG_IDF_TARGET_ESP32C6
+CONFIG_IDF_TARGET_ESP32H2
+CONFIG_IDF_TARGET_ESP32S2
+CONFIG_IDF_TARGET_ESP32S3
+CONFIG_IDF_TARGET_ESP8266
+CONFIG_IDF_TARGET_ESP8684
+CONFIG_MAIN_TASK_STACK_SIZE
+CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
+CONFIG_MBEDTLS_PSA_CRYPTO_C
+CONFIG_MIPS
+CONFIG_MODULE_SIG
+CONFIG_NET_SOCKETS_SOCKOPT_TLS
+CONFIG_NEWLIB_LIBC
+CONFIG_NEWLIB_NANO_FORMAT
+CONFIG_PICOLIBC
+CONFIG_POSIX_API
+CONFIG_POSIX_THREADS
+CONFIG_PREEMPT_COUNT
+CONFIG_PTHREAD_IPC
+CONFIG_SMP
+CONFIG_SNTP_TIME_SYNC_METHOD_SMOOTH
+CONFIG_TIMER_TASK_STACK_DEPTH
+CONFIG_TIMER_TASK_STACK_SIZE
+CONFIG_TLS_STACK_WOLFSSL
+CONFIG_USE_WOLFSSL_ESP_SDK_TIME
+CONFIG_USE_WOLFSSL_ESP_SDK_WIFI
+CONFIG_WOLFCRYPT_ARMASM
+CONFIG_WOLFCRYPT_FIPS
+CONFIG_WOLFCRYPT_INTELASM
+CONFIG_WOLFSSL
+CONFIG_WOLFSSL_ALLOW_TLS13
+CONFIG_WOLFSSL_ALPN
+CONFIG_WOLFSSL_ALT_CERT_CHAINS
+CONFIG_WOLFSSL_APPLE_HOMEKIT
+CONFIG_WOLFSSL_ASN_ALLOW_0_SERIAL
+CONFIG_WOLFSSL_CERTIFICATE_BUNDLE
+CONFIG_WOLFSSL_CERTIFICATE_BUNDLE_DEFAULT_NONE
+CONFIG_WOLFSSL_DTLS
+CONFIG_WOLFSSL_ENABLE_KYBER
+CONFIG_WOLFSSL_EXAMPLE_NAME_ESP32_SSH_SERVER
+CONFIG_WOLFSSL_EXAMPLE_NAME_ESP8266_SSH_SERVER
+CONFIG_WOLFSSL_EXAMPLE_NAME_NONE
+CONFIG_WOLFSSL_EXAMPLE_NAME_TEMPLATE
+CONFIG_WOLFSSL_EXAMPLE_NAME_TLS_CLIENT
+CONFIG_WOLFSSL_EXAMPLE_NAME_TLS_SERVER
+CONFIG_WOLFSSL_EXAMPLE_NAME_WOLFMQTT_AWS_IOT_MQTT
+CONFIG_WOLFSSL_EXAMPLE_NAME_WOLFMQTT_TEMPLATE
+CONFIG_WOLFSSL_EXAMPLE_NAME_WOLFSSH_ECHOSERVER
+CONFIG_WOLFSSL_EXAMPLE_NAME_WOLFSSH_TEMPLATE
+CONFIG_WOLFSSL_HKDF
+CONFIG_WOLFSSL_MAX_FRAGMENT_LEN
+CONFIG_WOLFSSL_NO_ASN_STRICT
+CONFIG_WOLFSSL_PSK
+CONFIG_WOLFSSL_RSA_PSS
+CONFIG_WOLFSSL_TARGET_HOST
+CONFIG_WOLFSSL_TARGET_PORT
+CONFIG_WOLFSSL_TLS13_ENABLED
+CONFIG_WOLFSSL_TLS_VERSION_1_2
+CONFIG_WOLFSSL_TLS_VERSION_1_3
+CONFIG_WOLFTPM_EXAMPLE_NAME_ESPRESSIF
+CONFIG_X86
+CONV_WITH_DIV
+CPA_CY_API_VERSION_NUM_MAJOR
+CPU_MIMXRT1176DVMAA_cm7
+CPU_MK82FN256VLL15
+CRLDP_VALIDATE_DATA
+CRL_REPORT_LOAD_ERRORS
+CRL_STATIC_REVOKED_LIST
+CRYPTOCELL_KEY_SIZE
+CRYP_HEADERWIDTHUNIT_BYTE
+CRYP_KEYIVCONFIG_ONCE
+CRYP_KEYSIZE_192B
+CSM_UNSUPPORTED_ALGS
+CTYPE_USER
+CURVED448_SMALL
+CY_USING_HAL
+DCP_USE_DCACHE
+DILITHIUM_MUL_11_SLOW
+DILITHIUM_MUL_44_SLOW
+DILITHIUM_MUL_QINV_SLOW
+DILITHIUM_MUL_Q_SLOW
+DILITHIUM_MUL_SLOW
+DILITHIUM_USE_HINT_CT
+DTLS_RECEIVEFROM_NO_TIMEOUT_ON_INVALID_PEER
+ECCSI_ORDER_MORE_BITS_THAN_PRIME
+ECC_DUMP_OID
+ECDHE_SIZE
+ENABLE_SECURE_SOCKETS_LOGS
+ESP32
+ESP8266
+ESP_ENABLE_WOLFSSH
+ESP_IDF_VERSION_MAJOR
+ESP_IDF_VERSION_MINOR
+ESP_PLATFORM
+ESP_TASK_MAIN_STACK
+EV_TRIGGER
+FP_ECC_CONTROL
+FREERTOS_TCP_WINSIM
+FREESCALE
+FREESCALE_RNGB
+FREESCALE_USE_MMCAU_CLASSIC
+FSL_FEATURE_HAS_L1CACHE
+FSL_FEATURE_LTC_HAS_DES
+FSL_FEATURE_LTC_HAS_GCM
+FSL_FEATURE_LTC_HAS_PKHA
+FSL_FEATURE_LTC_HAS_SHA
+FSL_FEATURE_SOC_LTC_COUNT
+FSL_FEATURE_SOC_MMCAU_COUNT
+FSL_FEATURE_SOC_RNG_COUNT
+FSL_FEATURE_SOC_TRNG_COUNT
+FUSION_RTOS
+GENERATE_MACHINE_PARSEABLE_REPORT
+GE_P3_TOBYTES_IMPL
+GOAHEAD_WS
+HAL_RTC_MODULE_ENABLED
+HARDWARE_CACHE_COHERENCY
+HASH_AlgoMode_HASH
+HASH_BYTE_SWAP
+HASH_CR_LKEY
+HASH_DIGEST
+HASH_DataType_8b
+HASH_IMR_DCIE
+HASH_IMR_DINIE
+HAVE_AESGCM_DECRYPT
+HAVE_BYTEREVERSE64
+HAVE_CERTIFICATE_STATUS_V2
+HAVE_COLDFIRE_SEC
+HAVE_CRL_UPDATE_CB
+HAVE_CSHARP
+HAVE_CURL
+HAVE_CURVE22519
+HAVE_DANE
+HAVE_ECC239
+HAVE_ECC320
+HAVE_ECC512
+HAVE_ECC_CDH_CAST
+HAVE_ECC_SM2
+HAVE_ESP_CLK
+HAVE_FACON
+HAVE_FIPS_VERSION_PORT
+HAVE_FUZZER
+HAVE_INTEL_MULX
+HAVE_INTEL_QAT_SYNC
+HAVE_INTEL_SPEEDUP
+HAVE_MDK_RTX
+HAVE_NETX_BSD
+HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK
+HAVE_POCO_LIB
+HAVE_RTP_SYS
+HAVE_SECURE_GETENV
+HAVE_STACK_SIZE_VERBOSE_LOG
+HAVE_THREADX
+HAVE_TM_TYPE
+HAVE_VALIDATE_DATE
+HAVE_VA_COPY
+HAVE_X448
+HONOR_MATH_USED_LENGTH
+HSM_KEY_TYPE_HMAC_224
+HSM_KEY_TYPE_HMAC_256
+HSM_KEY_TYPE_HMAC_384
+HSM_KEY_TYPE_HMAC_512
+HSM_OP_KEY_GENERATION_FLAGS_CREATE
+HSM_OP_KEY_GENERATION_FLAGS_UPDATE
+HSM_SVC_KEY_STORE_FLAGS_UPDATE
+IDIRECT_DEV_RANDOM
+IDIRECT_DEV_TIME
+ID_TRNG
+IGNORE_KEY_EXTENSIONS
+IGNORE_NETSCAPE_CERT_TYPE
+INCLUDE_uxTaskGetStackHighWaterMark
+INTEGRITY
+INTIMEVER
+IOTSAFE_NO_GETDATA
+IOTSAFE_SIG_8BIT_LENGTH
+KCAPI_USE_XMALLOC
+KYBER_NONDETERMINISTIC
+K_SERIES
+LIBWOLFSSL_VERSION_GIT_BRANCH
+LIBWOLFSSL_VERSION_GIT_HASH
+LIBWOLFSSL_VERSION_GIT_HASH_DATE
+LIBWOLFSSL_VERSION_GIT_ORIGIN
+LIBWOLFSSL_VERSION_GIT_SHORT_HASH
+LIBWOLFSSL_VERSION_GIT_TAG
+LINUXKM_FPU_STATES_FOLLOW_THREADS
+LINUXKM_LKCAPI_PRIORITY_ALLOW_MASKING
+LINUX_CYCLE_COUNT
+LINUX_RUSAGE_UTIME
+LP64
+MAX3266X_AESGCM
+MAX3266X_RSA
+MAXQ10XX_PRODUCTION_KEY
+MAXQ_EXPORT_TLS_KEYS
+MAXQ_SHA1
+MAXSEG_64K
+MAX_WOLFSSL_FILE_SIZE
+MDK_CONF_BARE_METAL
+MDK_CONF_FS
+MDK_CONF_RTX_TCP_FS
+MDK_CONF_TCP_FS
+MDK_WOLFLIB
+MICRIUM_MALLOC
+MICROCHIP_MPLAB_HARMONY
+MICROCHIP_MPLAB_HARMONY_3
+MICRO_SESSION_CACHEx
+MODULE_SOCK_TCP
+MP_31BIT
+MP_8BIT
+MQX_USE_IO_OLD
+MULTI_VALUE_STATISTICS
+MUTEX_DURING_INIT
+NEED_THREADX_TYPES
+NETX_DUO
+NET_SECURE_MODULE_EN
+NOTE_TRIGGER
+NO_AES_DECRYPT
+NO_ARDUINO_DEFAULT
+NO_ASM
+NO_ASN_OLD_TYPE_NAMES
+NO_CAMELLIA_CBC
+NO_CERT
+NO_CIPHER_SUITE_ALIASES
+NO_CLIENT_CACHE
+NO_CLOCK_SPEEDUP
+NO_CURVE25519_KEY_EXPORT
+NO_CURVE25519_KEY_IMPORT
+NO_CURVE25519_SHARED_SECRET
+NO_CURVE448_KEY_EXPORT
+NO_CURVE448_KEY_IMPORT
+NO_CURVE448_SHARED_SECRET
+NO_DEV_URANDOM
+NO_ECC384
+NO_ECC521
+NO_ECC_CACHE_CURVE
+NO_ECC_CHECK_KEY
+NO_ECC_KEY_IMPORT
+NO_ECC_MAKE_PUB
+NO_ED25519_CLIENT_AUTH
+NO_ED25519_KEY_EXPORT
+NO_ED25519_KEY_IMPORT
+NO_ED25519_MAKE_KEY
+NO_ED25519_SIGN
+NO_ED25519_VERIFY
+NO_ED448_CLIENT_AUTH
+NO_ED448_KEY_EXPORT
+NO_ED448_KEY_IMPORT
+NO_ED448_SIGN
+NO_ED448_VERIFY
+NO_ESP_MP_MUL_EVEN_ALT_CALC
+NO_FORCE_SCR_SAME_SUITE
+NO_GCM_ENCRYPT_EXTRA
+NO_GETENV
+NO_HANDSHAKE_DONE_CB
+NO_IMX6_CAAM_AES
+NO_IMX6_CAAM_HASH
+NO_OLD_NAMES
+NO_OLD_POLY1305
+NO_OLD_TIMEVAL_NAME
+NO_PBKDF1
+NO_PIC32MZ_CRYPT
+NO_PIC32MZ_HASH
+NO_PIC32MZ_RNG
+NO_PKCS11_AES
+NO_PKCS11_AESCBC
+NO_PKCS11_AESGCM
+NO_PKCS11_ECC
+NO_PKCS11_ECDH
+NO_PKCS11_EC_KEYGEN
+NO_PKCS11_HMAC
+NO_PKCS11_RNG
+NO_PKCS11_RSA
+NO_PKCS11_RSA_PKCS
+NO_PKCS7
+NO_PKCS7_COMPRESSED_DATA
+NO_PKCS7_ENCRYPTED_DATA
+NO_PKCS7_STREAM
+NO_POLY1305_ASM
+NO_PUBLIC_CCM_SET_NONCE
+NO_PUBLIC_GCM_SET_IV
+NO_RESUME_SUITE_CHECK
+NO_RNG
+NO_RNG_MUTEX
+NO_SESSION_CACHE_ROW_LOCK
+NO_SKID
+NO_SKIP_PREVIEW
+NO_STDIO_FGETS_REMAP
+NO_TKERNEL_MEM_POOL
+NO_TLSX_PSKKEM_PLAIN_ANNOUNCE
+NO_VERIFY_OID
+NO_WC_SSIZE_TYPE
+NO_WOLFSSL_ALLOC_ALIGN
+NO_WOLFSSL_AUTOSAR_CRYIF
+NO_WOLFSSL_AUTOSAR_CRYPTO
+NO_WOLFSSL_AUTOSAR_CSM
+NO_WOLFSSL_BASE64_DECODE
+NO_WOLFSSL_MSG_EX
+NO_WOLFSSL_RENESAS_FSPSM_AES
+NO_WOLFSSL_RENESAS_FSPSM_HASH
+NO_WOLFSSL_RENESAS_TSIP_CRYPT_AES
+NO_WOLFSSL_SHA256
+NO_WOLFSSL_SHA256_INTERLEAVE
+NO_WOLFSSL_SHA512_INTERLEAVE
+NO_WOLFSSL_SKIP_TRAILING_PAD
+NO_WOLFSSL_SMALL_STACK_STATIC
+NO_WOLFSSL_XILINX_TAG_MALLOC
+NRF52
+NRF52_SERIES
+NRF_ERROR_MODULE_ALREADY_INITIALIZED
+OLD_HELLO_ALLOWED
+OPENSSL_EXTRA_BSD
+OPENSSL_EXTRA_NO_ASN1
+OPENSSL_EXTRA_NO_BN
+OPENSSL_NO_PK
+OS_WINDOWS
+OTHERBOARD
+OTHER_BOARD
+PEER_INFO
+PKA_ECC_SCALAR_MUL_IN_B_COEFF
+PLATFORMIO
+PLUTON_CRYPTO_ECC
+PRINT_SESSION_STATS
+PTHREAD_STACK_MIN
+QAT_ENABLE_HASH
+QAT_ENABLE_RNG
+QAT_USE_POLLING_CHECK
+RC_NO_RNG
+REDIRECTION_IN3_KEYELMID
+REDIRECTION_IN3_KEYID
+REDIRECTION_OUT1_KEYELMID
+REDIRECTION_OUT1_KEYID
+REDIRECTION_OUT2_KEYELMID
+REDIRECTION_OUT2_KEYID
+RENESAS_T4_USE
+RTC_ALARMSUBSECONDMASK_ALL
+RTE_CMSIS_RTOS_RTX
+RTOS_MODULE_NET_AVAIL
+RTPLATFORM
+SA_INTERRUPT
+SCEKEY_INSTALLED
+SHA256_MANY_REGISTERS
+SHA3_BY_SPEC
+SHOW_CERTS
+SHOW_GEN
+SHOW_SIZES
+SHOW_SSID_AND_PASSWORD
+SIM_SCGC3_RNGA_MASK
+SIM_SCGC5_PORTC_MASK
+SIM_SCGC5_PORTD_MASK
+SIM_SCGC5_PORTE_MASK
+SIM_SCGC6_RNGA_MASK
+SL_SE_KEY_TYPE_ECC_P384
+SL_SE_KEY_TYPE_ECC_P521
+SL_SE_KEY_TYPE_ECC_X25519
+SL_SE_KEY_TYPE_ECC_X448
+SL_SE_PRF_HMAC_SHA1
+SOFTDEVICE_PRESENT
+SO_NOSIGPIPE
+SO_REUSEPORT
+SP_INT_NO_ASM
+SP_MATH_NEED_ADD_OFF
+SP_USE_DIVTI3
+SQRTMOD_USE_MOD_EXP
+SSL_SNIFFER_EXPORTS
+SSN_BUILDING_LIBYASSL
+STATIC_CHUNKS_ONLY
+STM32F107xC
+STM32F207xx
+STM32F217xx
+STM32F401xE
+STM32F407xx
+STM32F437xx
+STM32F756xx
+STM32F777xx
+STM32G071xx
+STM32G491xx
+STM32H563xx
+STM32H723xx
+STM32H725xx
+STM32H743xx
+STM32H753xx
+STM32L475xx
+STM32L4A6xx
+STM32L552xx
+STM32L562xx
+STM32MP135Fxx
+STM32U575xx
+STM32U585xx
+STM32U5A9xx
+STM32WB55xx
+STM32WL55xx
+STM32_AESGCM_PARTIAL
+STM32_HW_CLOCK_AUTO
+STM32_NUTTX_RNG
+TASK_EXTRA_STACK_SIZE
+TCP_NODELAY
+TFM_ALREADY_SET
+TFM_SMALL_MONT_SET
+THREADED_SNIFFTEST
+TIME_T_NOT_LONG
+TI_DUMMY_BUILD
+TLS13_RSA_PSS_SIGN_CB_NO_PREHASH
+UNICODE
+USER_CA_CB
+USER_CUSTOM_SNIFFX
+USER_MATH_LIB
+USE_ALT_MPRIME
+USE_ANY_ADDR
+USE_CERT_BUFFERS_25519
+USE_CERT_BUFFERS_3072
+USE_ECDSA_KEYSZ_HASH_ALGO
+USE_FULL_ASSERT
+USE_HAL_DRIVER
+USE_NXP_LTC
+USE_NXP_MMCAU
+USE_QAE_THREAD_LS
+USE_SECRET_CALLBACK
+USE_STSAFE_RNG_SEED
+USE_STSAFE_VERBOSE
+USE_TLSV13
+USE_WOLF_STRNSTR
+USS_API
+WC_AESXTS_STREAM_NO_REQUEST_ACCOUNTING
+WC_AES_BS_WORD_SIZE
+WC_AES_GCM_DEC_AUTH_EARLY
+WC_ASN_HASH_SHA256
+WC_ASYNC_ENABLE_3DES
+WC_ASYNC_ENABLE_AES
+WC_ASYNC_ENABLE_ARC4
+WC_ASYNC_ENABLE_DH
+WC_ASYNC_ENABLE_ECC
+WC_ASYNC_ENABLE_ECC_KEYGEN
+WC_ASYNC_ENABLE_HMAC
+WC_ASYNC_ENABLE_MD5
+WC_ASYNC_ENABLE_RSA
+WC_ASYNC_ENABLE_RSA_KEYGEN
+WC_ASYNC_ENABLE_SHA
+WC_ASYNC_ENABLE_SHA224
+WC_ASYNC_ENABLE_SHA256
+WC_ASYNC_ENABLE_SHA3
+WC_ASYNC_ENABLE_SHA384
+WC_ASYNC_ENABLE_SHA512
+WC_ASYNC_NO_CRYPT
+WC_ASYNC_NO_HASH
+WC_DILITHIUM_CACHE_PRIV_VECTORS
+WC_DILITHIUM_CACHE_PUB_VECTORS
+WC_DILITHIUM_FIXED_ARRAY
+WC_DISABLE_RADIX_ZERO_PAD
+WC_ECC_NONBLOCK_ONLY
+WC_KDF_NIST_SP_800_56C
+WC_LMS_FULL_HASH
+WC_NO_RNG_SIMPLE
+WC_NO_STATIC_ASSERT
+WC_PKCS11_FIND_WITH_ID_ONLY
+WC_PROTECT_ENCRYPTED_MEM
+WC_RNG_BLOCKING
+WC_RSA_DIRECT
+WC_RSA_NONBLOCK
+WC_RSA_NONBLOCK_TIME
+WC_RSA_NO_FERMAT_CHECK
+WC_SHA384
+WC_SHA384_DIGEST_SIZE
+WC_SHA512
+WC_SSIZE_TYPE
+WC_STRICT_SIG
+WC_XMSS_FULL_HASH
+WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE
+WOLFSENTRY_H
+WOLFSENTRY_NO_JSON
+WOLFSSL_32BIT_MILLI_TIME
+WOLFSSL_AARCH64_PRIVILEGE_MODE
+WOLFSSL_AESNI_BY4
+WOLFSSL_AESNI_BY6
+WOLFSSL_AFTER_DATE_CLOCK_SKEW
+WOLFSSL_ALGO_HW_MUTEX
+WOLFSSL_ALLOW_CRIT_AIA
+WOLFSSL_ALLOW_CRIT_AKID
+WOLFSSL_ALLOW_CRIT_SKID
+WOLFSSL_ALLOW_ENCODING_CA_FALSE
+WOLFSSL_ALLOW_MAX_FRAGMENT_ADJUST
+WOLFSSL_ALLOW_NO_CN_IN_SAN
+WOLFSSL_ALLOW_NO_SUITES
+WOLFSSL_ALLOW_SERVER_SC_EXT
+WOLFSSL_ALLOW_TLS_SHA1
+WOLFSSL_ALTERNATIVE_DOWNGRADE
+WOLFSSL_ALT_NAMES_NO_REV
+WOLFSSL_ARM_ARCH_NEON_64BIT
+WOLFSSL_ASNC_CRYPT
+WOLFSSL_ASN_EXTRA
+WOLFSSL_ASN_INT_LEAD_0_ANY
+WOLFSSL_ASN_TEMPLATE_NEED_SET_INT32
+WOLFSSL_ASN_TEMPLATE_TYPE_CHECK
+WOLFSSL_ATECC508
+WOLFSSL_ATECC508A_NOIDLE
+WOLFSSL_ATECC508A_NOSOFTECC
+WOLFSSL_ATECC508A_TLS
+WOLFSSL_ATECC_ECDH_IOENC
+WOLFSSL_ATECC_NO_ECDH_ENC
+WOLFSSL_ATECC_RNG
+WOLFSSL_ATECC_TFLXTLS
+WOLFSSL_ATECC_TNGTLS
+WOLFSSL_ATMEL
+WOLFSSL_ATMEL_TIME
+WOLFSSL_BEFORE_DATE_CLOCK_SKEW
+WOLFSSL_BIGINT_TYPES
+WOLFSSL_BIO_NO_FLOW_STATS
+WOLFSSL_BLAKE2B_INIT_EACH_FIELD
+WOLFSSL_BLAKE2S_INIT_EACH_FIELD
+WOLFSSL_BLIND_PRIVATE_KEY
+WOLFSSL_BYTESWAP32_ASM
+WOLFSSL_CAAM_BLACK_KEY_AESCCM
+WOLFSSL_CAAM_BLACK_KEY_SM
+WOLFSSL_CAAM_NO_BLACK_KEY
+WOLFSSL_CALLBACKS
+WOLFSSL_CHECK_DESKEY
+WOLFSSL_CHECK_MEM_ZERO
+WOLFSSL_CHIBIOS
+WOLFSSL_CLANG_TIDY
+WOLFSSL_COMMERCIAL_LICENSE
+WOLFSSL_CONTIKI
+WOLFSSL_CRL_ALLOW_MISSING_CDP
+WOLFSSL_CUSTOM_CONFIG
+WOLFSSL_DILITHIUM_ASSIGN_KEY
+WOLFSSL_DILITHIUM_MAKE_KEY_SMALL_MEM
+WOLFSSL_DILITHIUM_NO_ASN1
+WOLFSSL_DILITHIUM_NO_CHECK_KEY
+WOLFSSL_DILITHIUM_NO_LARGE_CODE
+WOLFSSL_DILITHIUM_NO_MAKE
+WOLFSSL_DILITHIUM_REVERSE_HASH_OID
+WOLFSSL_DILITHIUM_SIGN_CHECK_W0
+WOLFSSL_DILITHIUM_SIGN_CHECK_Y
+WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC
+WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC_A
+WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
+WOLFSSL_DILITHIUM_VERIFY_NO_MALLOC
+WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM
+WOLFSSL_DISABLE_EARLY_SANITY_CHECKS
+WOLFSSL_DTLS_DISALLOW_FUTURE
+WOLFSSL_DTLS_DROP_STATS
+WOLFSSL_DTLS_RESEND_ONLY_TIMEOUT
+WOLFSSL_DUMP_MEMIO_STREAM
+WOLFSSL_DUP_CERTPOL
+WOLFSSL_ECC_BLIND_K
+WOLFSSL_ECC_GEN_REJECT_SAMPLING
+WOLFSSL_ECC_NO_SMALL_STACK
+WOLFSSL_ECC_SIGALG_PARAMS_NULL_ALLOWED
+WOLFSSL_ECDHX_SHARED_NOT_ZERO
+WOLFSSL_ECDSA_MATCH_HASH
+WOLFSSL_ECDSA_SET_K_ONE_LOOP
+WOLFSSL_EC_POINT_CMP_JACOBIAN
+WOLFSSL_EDDSA_CHECK_PRIV_ON_SIGN
+WOLFSSL_EMNET
+WOLFSSL_ESPWROOM32
+WOLFSSL_EVP_PRINT
+WOLFSSL_EXPORT_INT
+WOLFSSL_EXPORT_SPC_SZ
+WOLFSSL_EXTRA
+WOLFSSL_FORCE_OCSP_NONCE_CHECK
+WOLFSSL_FRDM_K64
+WOLFSSL_FRDM_K64_JENKINS
+WOLFSSL_FUNC_TIME
+WOLFSSL_FUNC_TIME_LOG
+WOLFSSL_GAISLER_BCC
+WOLFSSL_GEN_CERT
+WOLFSSL_GETRANDOM
+WOLFSSL_GNRC
+WOLFSSL_HARDEN_TLS_ALLOW_ALL_CIPHERSUITES
+WOLFSSL_HARDEN_TLS_ALLOW_OLD_TLS
+WOLFSSL_HARDEN_TLS_ALLOW_TRUNCATED_HMAC
+WOLFSSL_HARDEN_TLS_NO_PKEY_CHECK
+WOLFSSL_HARDEN_TLS_NO_SCR_CHECK
+WOLFSSL_HOSTNAME_VERIFY_ALT_NAME_ONLY
+WOLFSSL_I2D_ECDSA_SIG_ALLOC
+WOLFSSL_IAR_ARM_TIME
+WOLFSSL_IGNORE_BAD_CERT_PATH
+WOLFSSL_IMX6
+WOLFSSL_IMX6_CAAM
+WOLFSSL_IMX6_CAAM_BLOB
+WOLFSSL_IMX6_CAAM_RNG
+WOLFSSL_IMXRT_DCP
+WOLFSSL_ISOTP
+WOLFSSL_KEIL
+WOLFSSL_KEIL_NET
+WOLFSSL_KYBER_INVNTT_UNROLL
+WOLFSSL_KYBER_NO_LARGE_CODE
+WOLFSSL_KYBER_NTT_UNROLL
+WOLFSSL_LIB
+WOLFSSL_LMS_CACHE_BITS
+WOLFSSL_LMS_FULL_HASH
+WOLFSSL_LMS_LARGE_CACHES
+WOLFSSL_LMS_MAX_HEIGHT
+WOLFSSL_LMS_MAX_LEVELS
+WOLFSSL_LMS_NO_SIG_CACHE
+WOLFSSL_LMS_ROOT_LEVELS
+WOLFSSL_LPC43xx
+WOLFSSL_MAKE_SYSTEM_NAME_LINUX
+WOLFSSL_MAKE_SYSTEM_NAME_WSL
+WOLFSSL_MDK5
+WOLFSSL_MEM_FAIL_COUNT
+WOLFSSL_MONT_RED_CT
+WOLFSSL_MP_COND_COPY
+WOLFSSL_MP_INVMOD_CONSTANT_TIME
+WOLFSSL_MULTICIRCULATE_ALTNAMELIST
+WOLFSSL_NONBLOCK_OCSP
+WOLFSSL_NOSHA3_384
+WOLFSSL_NOT_WINDOWS_API
+WOLFSSL_NO_AES_CFB_1_8
+WOLFSSL_NO_BIO_ADDR_IN
+WOLFSSL_NO_CLIENT
+WOLFSSL_NO_CLIENT_CERT_ERROR
+WOLFSSL_NO_COPY_CERT
+WOLFSSL_NO_COPY_KEY
+WOLFSSL_NO_CRL_DATE_CHECK
+WOLFSSL_NO_CRL_NEXT_DATE
+WOLFSSL_NO_DECODE_EXTRA
+WOLFSSL_NO_DER_TO_PEM
+WOLFSSL_NO_DH186
+WOLFSSL_NO_DTLS_SIZE_CHECK
+WOLFSSL_NO_ETM_ALERT
+WOLFSSL_NO_FENCE
+WOLFSSL_NO_FSEEK
+WOLFSSL_NO_INIT_CTX_KEY
+WOLFSSL_NO_ISSUERHASH_TDPEER
+WOLFSSL_NO_KCAPI_AES_CBC
+WOLFSSL_NO_KCAPI_HMAC_SHA1
+WOLFSSL_NO_KCAPI_HMAC_SHA224
+WOLFSSL_NO_KCAPI_HMAC_SHA256
+WOLFSSL_NO_KCAPI_HMAC_SHA384
+WOLFSSL_NO_KCAPI_HMAC_SHA512
+WOLFSSL_NO_KCAPI_SHA224
+WOLFSSL_NO_OCSP_DATE_CHECK
+WOLFSSL_NO_OCSP_ISSUER_CHAIN_CHECK
+WOLFSSL_NO_OCSP_OPTIONAL_CERTS
+WOLFSSL_NO_PUBLIC_FFDHE
+WOLFSSL_NO_RSA_KEY_CHECK
+WOLFSSL_NO_SERVER_GROUPS_EXT
+WOLFSSL_NO_SESSION_STATS
+WOLFSSL_NO_SIGALG
+WOLFSSL_NO_SOCKADDR_UN
+WOLFSSL_NO_SPHINCS
+WOLFSSL_NO_STRICT_CIPHER_SUITE
+WOLFSSL_NO_TICKET_EXPIRE
+WOLFSSL_NO_TRUSTED_CERTS_VERIFY
+WOLFSSL_NO_XOR_OPS
+WOLFSSL_NRF51_AES
+WOLFSSL_OLDTLS_AEAD_CIPHERSUITES
+WOLFSSL_OLDTLS_SHA2_CIPHERSUITES
+WOLFSSL_OLD_SET_CURVES_LIST
+WOLFSSL_OLD_TIMINGPADVERIFY
+WOLFSSL_OLD_UNSUPPORTED_EXTENSION
+WOLFSSL_OPTIONS_IGNORE_SYS
+WOLFSSL_PASSTHRU_ERR
+WOLFSSL_PB
+WOLFSSL_PEER_ADDRESS_CHANGES
+WOLFSSL_PKCS11_RW_TOKENS
+WOLFSSL_PRCONNECT_PRO
+WOLFSSL_PREFIX
+WOLFSSL_PSA_NO_AES
+WOLFSSL_PSA_NO_HASH
+WOLFSSL_PSA_NO_PKCB
+WOLFSSL_PSA_NO_PKCBS
+WOLFSSL_PSA_NO_RNG
+WOLFSSL_PSK_IDENTITY_ALERT
+WOLFSSL_PSK_ID_PROTECTION
+WOLFSSL_PSK_MULTI_ID_PER_CS
+WOLFSSL_PSK_TLS13_CB
+WOLFSSL_PSOC6_CRYPTO
+WOLFSSL_PYTHON
+WOLFSSL_RENESAS_FSPSM_CRYPT_ONLY
+WOLFSSL_RENESAS_RA6M3
+WOLFSSL_RENESAS_RA6M3G
+WOLFSSL_RENESAS_RSIP
+WOLFSSL_RENESAS_RZN2L
+WOLFSSL_RENESAS_TLS
+WOLFSSL_RENESAS_TSIP_IAREWRX
+WOLFSSL_RSA_CHECK_D_ON_DECRYPT
+WOLFSSL_RSA_DECRYPT_TO_0_LEN
+WOLFSSL_RW_THREADED
+WOLFSSL_SAKKE_SMALL
+WOLFSSL_SAKKE_SMALL_MODEXP
+WOLFSSL_SE050_CRYPT
+WOLFSSL_SE050_HASH
+WOLFSSL_SE050_INIT
+WOLFSSL_SE050_NO_TRNG
+WOLFSSL_SECURE_RENEGOTIATION_ON_BY_DEFAULT
+WOLFSSL_SETTINGS_FILE
+WOLFSSL_SH224
+WOLFSSL_SHA256_ALT_CH_MAJ
+WOLFSSL_SHUTDOWNONCE
+WOLFSSL_SILABS_TRNG
+WOLFSSL_SM4_EBC
+WOLFSSL_SNIFFER_NO_RECOVERY
+WOLFSSL_SP_ARM32_UDIV
+WOLFSSL_SP_DH
+WOLFSSL_SP_FAST_NCT_EXPTMOD
+WOLFSSL_SP_INT_SQR_VOLATILE
+WOLFSSL_STACK_CHECK
+WOLFSSL_STM32F427_RNG
+WOLFSSL_STM32_RNG_NOLIB
+WOLFSSL_STRONGEST_HASH_SIG
+WOLFSSL_STSAFE_TAKES_SLOT
+WOLFSSL_TELIT_M2MB
+WOLFSSL_THREADED_CRYPT
+WOLFSSL_TICKET_DECRYPT_NO_CREATE
+WOLFSSL_TICKET_ENC_AES128_GCM
+WOLFSSL_TICKET_ENC_AES256_CBC
+WOLFSSL_TICKET_ENC_AES256_GCM
+WOLFSSL_TICKET_ENC_CBC_HMAC
+WOLFSSL_TICKET_ENC_CHACHA20_POLY1305
+WOLFSSL_TICKET_ENC_HMAC_SHA384
+WOLFSSL_TICKET_ENC_HMAC_SHA512
+WOLFSSL_TI_CURRTIME
+WOLFSSL_TLS13_DRAFT
+WOLFSSL_TLS13_IGNORE_AEAD_LIMITS
+WOLFSSL_TLS13_MIDDLEBOX_COMPAT
+WOLFSSL_TLS13_SHA512
+WOLFSSL_TLS13_TICKET_BEFORE_FINISHED
+WOLFSSL_TRACK_MEMORY_FULL
+WOLFSSL_TRAP_MALLOC_SZ
+WOLFSSL_UNALIGNED_64BIT_ACCESS
+WOLFSSL_USER_FILESYSTEM
+WOLFSSL_USER_LOG
+WOLFSSL_USER_MUTEX
+WOLFSSL_USER_THREADING
+WOLFSSL_USE_ESP32C3_CRYPT_HASH_HW
+WOLFSSL_USE_FLASHMEM
+WOLFSSL_USE_OPTIONS_H
+WOLFSSL_USE_POPEN_HOST
+WOLFSSL_VALIDATE_DH_KEYGEN
+WOLFSSL_WC_XMSS_NO_SHA256
+WOLFSSL_WC_XMSS_NO_SHAKE256
+WOLFSSL_WICED_PSEUDO_UNIX_EPOCH_TIME
+WOLFSSL_X509_STORE_CERTS
+WOLFSSL_X509_TRUSTED_CERTIFICATE_CALLBACK
+WOLFSSL_XFREE_NO_NULLNESS_CHECK
+WOLFSSL_XILINX_CRYPTO_OLD
+WOLFSSL_XILINX_PATCH
+WOLFSSL_XIL_MSG_NO_SLEEP
+WOLFSSL_XMSS_LARGE_SECRET_KEY
+WOLFSSL_ZEPHYR
+WOLF_ALLOW_BUILTIN
+WOLF_CONF_IO
+WOLF_CONF_KYBER
+WOLF_CONF_PK
+WOLF_CONF_RESUMPTION
+WOLF_CONF_TPM
+WOLF_CRYPTO_CB_CMD
+WOLF_CRYPTO_CB_FIND
+WOLF_CRYPTO_CB_ONLY_ECC
+WOLF_CRYPTO_CB_ONLY_RSA
+WOLF_CRYPTO_DEV
+WOLF_NO_TRAILING_ENUM_COMMAS
+XGETPASSWD
+XMSS_CALL_PRF_KEYGEN
+XPAR_VERSAL_CIPS_0_PSPMC_0_PSV_CORTEXA72_0_TIMESTAMP_CLK_FREQ
+XSECURE_CACHE_DISABLE
+_ABI64
+_ABIO64
+_ARCH_PPC64
+_COMPILER_VERSION
+_INTPTR_T_DECLARED
+_LP64
+_MSC_VER
+_MSVC_LANG
+_M_ARM64
+_M_X64
+_NETOS
+_POSIX_C_SOURCE
+_SDCC_VERSION_PATCHLEVEL
+_SH3
+_SILICON_LABS_SECURITY_FEATURE
+_SOCKLEN_T
+_SYS_DEVCON_LOCAL_H
+_TIME_HELPER_H
+_UINTPTR_T_DECLARED
+_WIN32
+_WIN32_WCE
+_WIN64
+_XOPEN_SOURCE_EXTENDED
+__32MZ2048ECH144__
+__32MZ2048ECM144__
+__32MZ2048EFM144__
+__ANDROID__
+__APPLE__
+__ARCH_STRCASECMP_NO_REDIRECT
+__ARCH_STRCMP_NO_REDIRECT
+__ARCH_STRNCASECMP_NO_REDIRECT
+__ARCH_STRNCAT_NO_REDIRECT
+__ARCH_STRNCMP_NO_REDIRECT
+__ARCH_STRNCPY_NO_REDIRECT
+__ARCH_STRSTR_NO_REDIRECT
+__ARM_ARCH_7M__
+__ARM_FEATURE_CRYPTO
+__ASSEMBLER__
+__ATOMIC_RELAXED
+__AVR__
+__BCPLUSPLUS__
+__BIG_ENDIAN__
+__BORLANDC__
+__CCRX__
+__COMPILER_VER__
+__CYGWIN__
+__DATE__
+__DCACHE_PRESENT
+__DCC__
+__DECC_VER
+__ELF__
+__EMSCRIPTEN__
+__FPU_PRESENT
+__FreeBSD__
+__GLIBC__
+__GNUC_MINOR__
+__GNUC__
+__HP_cc
+__IAR_SYSTEMS_ICC__
+__ICCARM__
+__ILP32__
+__INCLUDE_NUTTX_CONFIG_H
+__INTEGRITY
+__INTEL_COMPILER
+__KEIL__
+__KEY_DATA_H__
+__LP64
+__LP64__
+__MACH__
+__MICROBLAZE__
+__MINGW32__
+__MINGW64_VERSION_MAJOR
+__MINGW64__
+__MWERKS__
+__OpenBSD__
+__PIE__
+__POWERPC__
+__PPC__
+__PPU
+__QNXNTO__
+__QNX__
+__ROPI__
+__SAM3A4C__
+__SAM3A8C__
+__SAM3A8H__
+__SAM3X4C__
+__SAM3X4E__
+__SAM3X8C__
+__SAM3X8E__
+__SANITIZE_ADDRESS__
+__SDCC_VERSION_MAJOR
+__SDCC_VERSION_MINOR
+__SDCC_VERSION_PATCH
+__SIZEOF_INT128__
+__SIZEOF_LONG_LONG__
+__STDC_VERSION__
+__STDC__
+__STM32__
+__STRICT_ANSI__
+__SUNPRO_C
+__SUNPRO_CC
+__SVR4
+__TI_COMPILER_VERSION__
+__TURBOC__
+__USE_GNU
+__USE_MISC
+__USE_XOPEN2K
+__WATCOMC__
+__WATCOM_INT64__
+__XC32
+__XTENSA__
+__aarch64__
+__alpha__
+__arch64__
+__arm__
+__clang__
+__clang_major__
+__cplusplus
+__ghc__
+__ghs__
+__hpux__
+__i386
+__i386__
+__ia64__
+__linux__
+__llvm__
+__mips
+__mips64
+__must_check
+__ppc64__
+__ppc__
+__riscv
+__riscv_xlen
+__s390x__
+__sparc
+__sparc64__
+__sun
+__svr4__
+__thumb__
+__ti__
+__x86_64__
+byte
+configTICK_RATE_HZ
+fallthrough
+noinline
+ssize_t
+sun
+versal
+wc_Tls13_HKDF_Expand_Label

CMakeLists.txt

@@ -34,7 +34,7 @@ if("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_BINARY_DIR}")
      You must delete them, or cmake will refuse to work.")
 endif()
 
-project(wolfssl VERSION 5.7.4 LANGUAGES C ASM)
+project(wolfssl VERSION 5.7.6 LANGUAGES C ASM)
 
 # Set WOLFSSL_ROOT if not already defined
 if ("${WOLFSSL_ROOT}" STREQUAL "")
@@ -49,11 +49,11 @@ endif()
 
 # shared library versioning
 # increment if interfaces have been removed or changed
-set(WOLFSSL_LIBRARY_VERSION_FIRST 42)
+set(WOLFSSL_LIBRARY_VERSION_FIRST 43)
 
 # increment if interfaces have been added
 # set to zero if WOLFSSL_LIBRARY_VERSION_FIRST is incremented
-set(WOLFSSL_LIBRARY_VERSION_SECOND 3)
+set(WOLFSSL_LIBRARY_VERSION_SECOND 0)
 
 # increment if source code has changed
 # set to zero if WOLFSSL_LIBRARY_VERSION_FIRST is incremented or

ChangeLog.md

@@ -1,3 +1,129 @@
+# wolfSSL Release 5.7.6 (Dec 31, 2024)
+
+Release 5.7.6 has been developed according to wolfSSL's development and QA
+process (see link below) and successfully passed the quality criteria.
+https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
+
+NOTE:
+ * --enable-heapmath is deprecated.
+ * In this release, the default cipher suite preference is updated to prioritize
+ TLS_AES_256_GCM_SHA384 over TLS_AES_128_GCM_SHA256 when enabled.
+ * This release adds a sanity check for including wolfssl/options.h or
+ user_settings.h.
+
+
+PR stands for Pull Request, and PR <NUMBER> references a GitHub pull request
+ number where the code change was added.
+
+
+## Vulnerabilities
+* [Med] An OCSP (non stapling) issue was introduced in wolfSSL version 5.7.4
+ when performing OCSP requests for intermediate certificates in a certificate
+ chain. This affects only TLS 1.3 connections on the server side. It would not
+ impact other TLS protocol versions or connections that are not using the
+ traditional OCSP implementation. (Fix in pull request 8115)
+
+
+## New Feature Additions
+* Add support for RP2350 and improve RP2040 support, both with RNG optimizations
+ (PR 8153)
+* Add support for STM32MP135F, including STM32CubeIDE support and HAL support
+ for SHA2/SHA3/AES/RNG/ECC optimizations. (PR 8223, 8231, 8241)
+* Implement Renesas TSIP RSA Public Enc/Private support (PR 8122)
+* Add support for Fedora/RedHat system-wide crypto-policies (PR 8205)
+* Curve25519 generic keyparsing API added with  wc_Curve25519KeyToDer and
+ wc_Curve25519KeyDecode (PR 8129)
+* CRL improvements and update callback, added the functions
+ wolfSSL_CertManagerGetCRLInfo and wolfSSL_CertManagerSetCRLUpdate_Cb (PR 8006)
+* For DTLS, add server-side stateless and CID quality-of-life API. (PR 8224)
+
+
+## Enhancements and Optimizations
+* Add a CMake dependency check for pthreads when required. (PR 8162)
+* Update OS_Seed declarations for legacy compilers and FIPS modules (boundary
+ not affected). (PR 8170)
+* Enable WOLFSSL_ALWAYS_KEEP_SNI by default when using --enable-jni. (PR 8283)
+* Change the default cipher suite preference, prioritizing
+ TLS_AES_256_GCM_SHA384 over TLS_AES_128_GCM_SHA256. (PR 7771)
+* Add SRTP-KDF (FIPS module v6.0.0) to checkout script for release bundling
+ (PR 8215)
+* Make library build when no hardware crypto available for Aarch64 (PR 8293)
+* Update assembly code to avoid `uint*_t` types for better compatibility with
+ older C standards. (PR 8133)
+* Add initial documentation for writing ASN template code to decode BER/DER.
+ (PR 8120)
+* Perform full reduction in sc_muladd for EdDSA with Curve448 (PR 8276)
+* Allow SHA-3 hardware cryptography instructions to be explicitly not used in
+ MacOS builds (PR 8282)
+* Make Kyber and ML-KEM available individually and together. (PR 8143)
+* Update configuration options to include Kyber/ML-KEM and fix defines used in
+ wolfSSL_get_curve_name. (PR 8183)
+* Make GetShortInt available with WOLFSSL_ASN_EXTRA (PR 8149)
+* Improved test coverage and minor improvements of X509 (PR 8176)
+* Add sanity checks for configuration methods, ensuring the inclusion of
+ wolfssl/options.h or user_settings.h. (PR 8262)
+* Enable support for building without TLS (NO_TLS). Provides reduced code size
+ option for non-TLS users who want features like the certificate manager or
+ compatibility layer. (PR 8273)
+* Exposed get_verify functions with OPENSSL_EXTRA. (PR 8258)
+* ML-DSA/Dilithium: obtain security level from DER when decoding (PR 8177)
+* Implementation for using PKCS11 to retrieve certificate for SSL CTX (PR 8267)
+* Add support for the RFC822 Mailbox attribute (PR 8280)
+* Initialize variables and adjust types resolve warnings with Visual Studio in
+ Windows builds. (PR 8181)
+* Refactors and expansion of opensslcoexist build (PR 8132, 8216, 8230)
+* Add DTLS 1.3 interoperability, libspdm and DTLS CID interoperability tests
+ (PR 8261, 8255, 8245)
+* Remove trailing error exit code in wolfSSL install setup script (PR 8189)
+* Update Arduino files for wolfssl 5.7.4 (PR 8219)
+* Improve Espressif SHA HW/SW mutex messages (PR 8225)
+* Apply post-5.7.4 release updates for Espressif Managed Component examples
+ (PR 8251)
+* Expansion of c89 conformance (PR 8164)
+* Added configure option for additional sanity checks with --enable-faultharden
+ (PR 8289)
+* Aarch64 ASM additions to check CPU features before hardware crypto instruction
+ use (PR 8314)
+
+
+## Fixes
+* Fix a memory issue when using the compatibility layer with
+ WOLFSSL_GENERAL_NAME and handling registered ID types. (PR 8155)
+* Fix a build issue with signature fault hardening when using public key
+ callbacks (HAVE_PK_CALLBACKS). (PR 8287)
+* Fix for handling heap hint pointer properly when managing multiple WOLFSSL_CTX
+ objects and free’ing one of them (PR 8180)
+* Fix potential memory leak in error case with Aria. (PR 8268)
+* Fix Set_Verify flag behaviour on Ada wrapper. (PR 8256)
+* Fix a compilation error with the NO_WOLFSSL_DIR flag. (PR 8294)
+* Resolve a corner case for Poly1305 assembly code on Aarch64. (PR 8275)
+* Fix incorrect version setting in CSRs. (PR 8136)
+* Correct debugging output for cryptodev. (PR 8202)
+* Fix for benchmark application use with /dev/crypto GMAC auth error due to size
+ of AAD (PR 8210)
+* Add missing checks for the initialization of sp_int/mp_int with DSA to free
+ memory properly in error cases. (PR 8209)
+* Fix return value of wolfSSL_CTX_set_tlsext_use_srtp (8252)
+* Check Root CA by Renesas TSIP before adding it to ca-table (PR 8101)
+* Prevent adding a certificate to the CA cache for Renesas builds if it does not
+ set CA:TRUE in basic constraints. (PR 8060)
+* Fix attribute certificate holder entityName parsing. (PR 8166)
+* Resolve build issues for configurations without any wolfSSL/openssl
+ compatibility layer headers. (PR 8182)
+* Fix for building SP RSA small and RSA public only (PR 8235)
+* Fix for Renesas RX TSIP RSA Sign/Verify with wolfCrypt only (PR 8206)
+* Fix to ensure all files have settings.h included (like wc_lms.c) and guards
+ for building all `*.c` files (PR 8257 and PR 8140)
+* Fix x86 target build issues in Visual Studio for non-Windows operating
+ systems. (PR 8098)
+* Fix wolfSSL_X509_STORE_get0_objects to handle no CA (PR 8226)
+* Properly handle reference counting when adding to the X509 store. (PR 8233)
+* Fix for various typos and improper size used with FreeRTOS_bind in the Renesas
+ example. Thanks to Hongbo for the report on example issues. (PR 7537)
+* Fix for potential heap use after free with wolfSSL_PEM_read_bio_PrivateKey.
+ Thanks to Peter for the issue reported. (PR 8139)
+
+
 # wolfSSL Release 5.7.4 (Oct 24, 2024)
 
 Release 5.7.4 has been developed according to wolfSSL's development and QA

Docker/Dockerfile

@@ -10,7 +10,7 @@ ARG DEPS_WOLFSSL="build-essential autoconf libtool clang clang-tools zlib1g-dev
 ARG DEPS_LIBOQS="astyle cmake gcc ninja-build libssl-dev python3-pytest python3-pytest-xdist unzip xsltproc doxygen graphviz python3-yaml valgrind git"
 ARG DEPS_UDP_PROXY="wget libevent-dev"
 ARG DEPS_TESTS="abi-dumper libcurl4-openssl-dev tcpdump libpsl-dev python3-pandas python3-tabulate libnl-genl-3-dev libcap-ng-dev python3-virtualenv curl jq"
-ARG DEPS_TOOLS="ccache clang-tidy maven libfile-util-perl"
+ARG DEPS_TOOLS="ccache clang-tidy maven libfile-util-perl android-tools-adb usbutils shellcheck"
 RUN DEBIAN_FRONTEND=noninteractive apt update && apt install -y apt-utils \
                     && apt install -y ${DEPS_WOLFSSL} ${DEPS_LIBOQS} ${DEPS_UDP_PROXY} ${DEPS_TESTS} ${DEPS_TOOLS} \
                     && apt clean -y && rm -rf /var/lib/apt/lists/*

Docker/wolfCLU/Dockerfile

@@ -1,5 +1,5 @@
 ARG DOCKER_BASE_IMAGE=ubuntu
-FROM ubuntu as BUILDER
+FROM ubuntu AS builder
 
 ARG DEPS_WOLFSSL="build-essential autoconf libtool zlib1g-dev libuv1-dev libpam0g-dev git libpcap-dev libcurl4-openssl-dev bsdmainutils netcat-traditional iputils-ping bubblewrap"
 RUN DEBIAN_FRONTEND=noninteractive apt update && apt install -y apt-utils \
@@ -18,8 +18,8 @@ RUN git clone --depth=1 --single-branch --branch=main http://github.com/wolfssl/
 
 FROM ${DOCKER_BASE_IMAGE}
 USER root
-COPY --from=BUILDER /usr/local/lib/libwolfssl.so /usr/local/lib/
-COPY --from=BUILDER /usr/local/bin/wolfssl* /usr/local/bin/
+COPY --from=builder /usr/local/lib/libwolfssl.so /usr/local/lib/
+COPY --from=builder /usr/local/bin/wolfssl* /usr/local/bin/
 RUN ldconfig
 ENTRYPOINT ["/usr/local/bin/wolfssl"]
 LABEL org.opencontainers.image.source=https://github.com/wolfssl/wolfssl

IDE/ARDUINO/Arduino_README_prepend.md

@@ -8,8 +8,12 @@ See the [Arduino-wolfSSL logs](https://downloads.arduino.cc/libraries/logs/githu
 
 ## Arduino Releases
 
-The first Official wolfSSL Arduino Library is `5.6.6-Arduino.1`: a slightly modified, post [release 5.6.6](https://github.com/wolfSSL/wolfssl/releases/tag/v5.6.6-stable) version update.
+This release of wolfSSL is version [5.7.4](https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.4-stable).
 
-The next Official wolfSSL Arduino Library is [5.7.0](https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.0-stable)
+Version [5.7.2](https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.2-stable) of the Arduino wolfSSL was published August 3, 2024.
+
+The next Official wolfSSL Arduino Library was [5.7.0](https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.0-stable)
+
+The first Official wolfSSL Arduino Library was `5.6.6-Arduino.1`: a slightly modified, post [release 5.6.6](https://github.com/wolfSSL/wolfssl/releases/tag/v5.6.6-stable) version update.
 
 See other [wolfSSL releases versions](https://github.com/wolfSSL/wolfssl/releases). The `./wolfssl-arduino.sh INSTALL` [script](https://github.com/wolfSSL/wolfssl/tree/master/IDE/ARDUINO) can be used to install specific GitHub versions as needed.

IDE/ARDUINO/wolfssl-arduino.sh

@@ -106,10 +106,10 @@ if [ $# -gt 0 ]; then
         else
             echo "Installing to $THIS_INSTALL_DIR"
             if [ -d "$THIS_INSTALL_DIR/.git" ];then
-                echo "Target is a GitHub repository."
+                echo "Target is a GitHub root repository."
                 THIS_INSTALL_IS_GITHUB="true"
             else
-                echo "Target is NOT a GitHub repository."
+                echo "Target is NOT a GitHub root directory repository. (e.g. not wolfssl/Arduino-wolfssl)"
             fi
         fi
     else
@@ -325,11 +325,18 @@ if [ "$THIS_OPERATION" = "INSTALL" ]; then
         echo "Removing workspace library directory: .$ROOT_DIR"
         rm -rf ".$ROOT_DIR"
     else
-        echo "Installing to local directory:"
-        echo "mv .$ROOT_DIR $ARDUINO_ROOT"
-        mv  ."$ROOT_DIR" "$ARDUINO_ROOT" || exit 1
 
-        echo "Arduino wolfSSL Version: $WOLFSSL_VERSION$WOLFSSL_VERSION_ARUINO_SUFFIX"
+        echo "Installing to local directory:"
+        if [ "$THIS_INSTALL_DIR" = "" ]; then
+            echo "mv .$ROOT_DIR $ARDUINO_ROOT"
+            mv  ."$ROOT_DIR" "$ARDUINO_ROOT" || exit 1
+
+            echo "Arduino wolfSSL Version: $WOLFSSL_VERSION$WOLFSSL_VERSION_ARUINO_SUFFIX"
+        else
+            echo "cp -r .\"$ROOT_DIR\"/* \"$THIS_INSTALL_DIR\""
+            mkdir -p "$THIS_INSTALL_DIR" || exit 1
+            cp -r ."$ROOT_DIR"/* "$THIS_INSTALL_DIR" || exit 1
+        fi
     fi
 fi
 

IDE/Espressif/ESP-IDF/examples/template/CMakeLists.txt

@@ -3,10 +3,12 @@
 #
 # The following lines of boilerplate have to be in your project's
 # CMakeLists in this exact order for cmake to work correctly
+message(STATUS "Begin project ${CMAKE_PROJECT_NAME}")
+
 cmake_minimum_required(VERSION 3.16)
 
 # Optional no watchdog typically used for test & benchmark
-add_compile_options(-DWOLFSSL_ESP_NO_WATCHDOG=1)
+add_compile_definitions(WOLFSSL_ESP_NO_WATCHDOG=1)
 
 # The wolfSSL CMake file should be able to find the source code.
 # Otherwise, assign an environment variable or set it here:
@@ -25,34 +27,63 @@ add_compile_options(-DWOLFSSL_ESP_NO_WATCHDOG=1)
 if(WIN32)
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
-    message("Detected Windows")
+    message(STATUS "Detected Windows")
 endif()
 if(CMAKE_HOST_UNIX)
-    message("Detected UNIX")
+    message(STATUS "Detected UNIX")
 endif()
 if(APPLE)
-    message("Detected APPLE")
+    message(STATUS "Detected APPLE")
 endif()
 if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
-    message("Detected WSL")
+    message(STATUS "Detected WSL")
 endif()
 if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
-    message("Detected Linux")
+    message(STATUS "Detected Linux")
 endif()
 if(APPLE)
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
-    message("Detected Apple")
+    message(STATUS "Detected Apple")
 endif()
 # End optional WOLFSSL_CMAKE_SYSTEM_NAME
 
+# This example uses an extra component for common functions such as Wi-Fi and Ethernet connection.
+# set (PROTOCOL_EXAMPLES_DIR $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+string(REPLACE "\\" "/" PROTOCOL_EXAMPLES_DIR "$ENV{IDF_PATH}/examples/common_components/protocol_examples_common")
+
+if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
+    message(STATUS "Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+    set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
+else()
+    message(STATUS "NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+endif()
+
+# Find the user name to search for possible "wolfssl-username"
+# Reminder: Windows is  %USERNAME%, Linux is $USER
+message(STATUS "USERNAME = $ENV{USERNAME}")
+if(  "$ENV{USER}" STREQUAL "" ) # the bash user
+    if(  "$ENV{USERNAME}" STREQUAL "" ) # the Windows user
+        message(STATUS "could not find USER or USERNAME")
+    else()
+        # the bash user is not blank, so we'll use it.
+        set(THIS_USER "$ENV{USERNAME}")
+    endif()
+else()
+    # the bash user is not blank, so we'll use it.
+    set(THIS_USER "$ENV{USER}")
+endif()
+message(STATUS "THIS_USER = ${THIS_USER}")
+
 # Check that there are not conflicting wolfSSL components
 # The ESP Registry Component will be in ./managed_components/wolfssl__wolfssl
 # The local component wolfSSL directory will be in ./components/wolfssl
+message(STATUS "Checking for wolfSSL as Managed Component or not... ${CMAKE_HOME_DIRECTORY}")
 if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl" )
     # These exclude statements don't seem to be honored by the $ENV{IDF_PATH}/tools/cmake/project.cmake'
     # add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" EXCLUDE_FROM_ALL)
@@ -67,16 +98,46 @@ if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXI
     message(FATAL_ERROR "\nPlease use either the ESP Registry Managed Component or the wolfSSL component directory but not both.\n"
                         "If removing the ./managed_components/wolfssl__wolfssl directory, remember to also remove "
                         "or rename the idf_component.yml file typically found in ./main/")
-else()
+elseif(EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
+    # A standard project component (not a Managed Component)
     message(STATUS "No conflicting wolfSSL components found.")
+    set(WOLFSSL_PATH "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
+elseif(EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl")
+    # The official Managed Component called wolfssl from the wolfssl user.
+    message(STATUS "No conflicting wolfSSL components found as a Managed Component.")
+    set(WOLFSSL_PATH "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl")
+elseif(EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/gojimmypi__mywolfssl")
+    # There is a known gojimmypi staging component available for anyone:
+    message(STATUS "No conflicting wolfSSL components found as a gojimmypi staging Managed Component.")
+elseif(EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/${THIS_USER}__mywolfssl")
+    # Other users with permissions might publish their own mywolfssl staging Managed Component
+    message(STATUS "No conflicting wolfSSL components found as a Managed Component.")
+    set(WOLFSSL_PATH "${CMAKE_HOME_DIRECTORY}/managed_components/${THIS_USER}__mywolfssl")
+else()
+    message(STATUS "WARNING: wolfssl component directory not found.")
 endif()
 
-# Ensure the this wolfSSL component directory is included
-set(WOLFSSL_PATH "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
-list(APPEND EXTRA_COMPONENT_DIRS ${WOLFSSL_PATH})
+# message(STATUS "EXTRA_COMPONENT_DIRS WOLFSSL_PATH: ${WOLFSSL_PATH}")
+# list(APPEND EXTRA_COMPONENT_DIRS ${WOLFSSL_PATH})
 
 # Not only is a project-level "set(COMPONENTS" not needed here, this will cause
 # an unintuitive error about  Unknown CMake command "esptool_py_flash_project_args".
+
+message(STATUS "begin optional PROTOCOL_EXAMPLES_DIR include")
+if(0)
+    # This example uses an extra component for common functions such as Wi-Fi and Ethernet connection.
+    set (PROTOCOL_EXAMPLES_DIR $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+
+    if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
+        message(STATUS "Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+        set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
+    else()
+        message(STATUS "NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+    endif()
+endif()
 include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+message(STATUS "end optional include")
 
 project(wolfssl_template)
+message(STATUS "end project")

IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/CMakeLists.txt

@@ -102,28 +102,28 @@ if(VERBOSE_COMPONENT_MESSAGES)
     if(WIN32)
         # Windows-specific configuration here
         set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
-        message("Detected Windows")
+        message(STATUS "Detected Windows")
     endif()
     if(CMAKE_HOST_UNIX)
-        message("Detected UNIX")
+        message(STATUS "Detected UNIX")
     endif()
     if(APPLE)
-        message("Detected APPLE")
+        message(STATUS "Detected APPLE")
     endif()
     if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
         # Windows-specific configuration here
         set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
-        message("Detected WSL")
+        message(STATUS "Detected WSL")
     endif()
     if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
         # Windows-specific configuration here
         set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
-        message("Detected Linux")
+        message(STATUS "Detected Linux")
     endif()
     if(APPLE)
         # Windows-specific configuration here
         set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
-        message("Detected Apple")
+        message(STATUS "Detected Apple")
     endif()
 endif() # End optional WOLFSSL_CMAKE_SYSTEM_NAME
 
@@ -159,7 +159,8 @@ else()
     set(COMPONENT_REQUIRES lwip "${THIS_ESP_TLS}") # we typically don't need lwip directly in wolfssl component
 endif()
 
-# find the user name to search for possible "wolfssl-username"
+# Find the user name to search for possible "wolfssl-username"
+# Reminder: Windows is  %USERNAME%, Linux is $USER
 message(STATUS "USERNAME = $ENV{USERNAME}")
 if(  "$ENV{USER}" STREQUAL "" ) # the bash user
     if(  "$ENV{USERNAME}" STREQUAL "" ) # the Windows user
@@ -524,7 +525,7 @@ else()
     set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
 
     string(REPLACE "/" "//" STR_WOLFSSL_PROJECT_DIR "${WOLFSSL_PROJECT_DIR}")
-    add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${STR_WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+    add_compile_definitions(WOLFSSL_USER_SETTINGS_DIR="${STR_WOLFSSL_PROJECT_DIR}/include/user_settings.h")
     message(STATUS "Added definition for user_settings.h: -DWOLFSSL_USER_SETTINGS_DIR=\"${STR_WOLFSSL_PROJECT_DIR}//include//user_settings.h\"")
     # Espressif may take several passes through this makefile. Check to see if we found IDF
     string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
@@ -951,7 +952,7 @@ function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
         message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
 
         # the interesting part is defining the VAR_OUPUT name a value to use in the app
-        add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+        add_compile_definitions(${VAR_OUPUT}=\"${VAR_VALUE}\")
     else()
         # if we get here, check the execute_process command and parameters.
         message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
@@ -959,9 +960,16 @@ function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
     endif()
 endfunction() # LIBWOLFSSL_SAVE_INFO
 
+execute_process(
+    COMMAND ${git_cmd} "rev-parse" "--is-inside-work-tree"
+    OUTPUT_VARIABLE IS_GIT_REPO
+    OUTPUT_STRIP_TRAILING_WHITESPACE
+    ERROR_QUIET
+)
+
 # create some programmatic #define values that will be used by ShowExtendedSystemInfo().
 # see wolfcrypt\src\port\Espressif\esp32_utl.c
-if(NOT CMAKE_BUILD_EARLY_EXPANSION AND WOLFSSL_ROOT)
+if(NOT CMAKE_BUILD_EARLY_EXPANSION AND WOLFSSL_ROOT AND (IS_GIT_REPO STREQUAL "true"))
     set (git_cmd "git")
     message(STATUS "Adding macro definitions:")
 

IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/Kconfig

@@ -41,7 +41,7 @@
 # The maximum length of options is NOT 50 characters as documented.
 #   kconfcheck will complain that options should be 40 at most.
 #
-# Fix option lengths first. Superflous errors on other lines may occur.
+# Fix option lengths first. Superfluous errors on other lines may occur.
 #
 # The maximum length of lines is 120 characters.
 #

IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/component.mk

@@ -82,7 +82,7 @@ WOLFSSL_ROOT := ../../../../../../..
 # "/mnt/c" is 4 directories up:
 #             2 for `./test/demo` from where we run `make`, plus
 #             2 more from the location of `component.mk` located
-#               in `[currect directory]/components/wolfssl`.
+#               in `[current directory]/components/wolfssl`.
 #
 # Thus we need 4 parent reference to find the relative path to wolfSSL:
 # WOLFSSL_ROOT := ../../../../workspace/wolfssl-master

IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h

@@ -786,7 +786,7 @@
     /***** END CONFIG_IDF_TARGET_ESP8684 *****/
 
 #else
-    /* Anything else encountered, disable HW accleration */
+    /* Anything else encountered, disable HW acceleration */
     #warning "Unexpected CONFIG_IDF_TARGET_NN value"
     #define NO_ESP32_CRYPT
     #define NO_WOLFSSL_ESP32_CRYPT_HASH

IDE/Espressif/ESP-IDF/examples/template/main/CMakeLists.txt

@@ -3,33 +3,34 @@
 #
 # wolfssl template
 #
+message(STATUS "Begin wolfSSL main CMakeLists.txt")
 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
 
 if(WIN32)
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
-    message("Detected Windows")
+    message(STATUS "Detected Windows")
 endif()
 if(CMAKE_HOST_UNIX)
-    message("Detected UNIX")
+    message(STATUS "Detected UNIX")
 endif()
 if(APPLE)
-    message("Detected APPLE")
+    message(STATUS "Detected APPLE")
 endif()
 if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
-    message("Detected WSL")
+    message(STATUS "Detected WSL")
 endif()
 if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
-    message("Detected Linux")
+    message(STATUS "Detected Linux")
 endif()
 if(APPLE)
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
-    message("Detected Apple")
+    message(STATUS "Detected Apple")
 endif()
 set (git_cmd "git")
 
@@ -43,10 +44,20 @@ if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PA
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
 endif()
 
+# The wolfSL component name is named "mywolfssl" on the staging site for Managed Components.
+if( NOT EXISTS "../components/wolfssl" AND ("$ENV{IDF_COMPONENT_REGISTRY_URL}" STREQUAL "https://components-staging.espressif.com") )
+    message(STATUS "WARNING: Using a staging instance of wolfssl.")
+    set(MAIN_WOLFSSL_COMPONENT_NAME "mywolfssl")
+else()
+    message(STATUS "Using release wolfssl component.")
+    set(MAIN_WOLFSSL_COMPONENT_NAME "wolfssl")
+endif()
+
 ## register_component()
 idf_component_register(SRCS main.c
                        INCLUDE_DIRS "."
-                                    "./include")
+                            "./include"
+                       PRIV_REQUIRES driver "${MAIN_WOLFSSL_COMPONENT_NAME}")
 
 #
 # LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
@@ -76,15 +87,24 @@ function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
         message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
 
         # the interesting part is defining the VAR_OUPUT name a value to use in the app
-        add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+        add_compile_definitions(${VAR_OUPUT}=\"${VAR_VALUE}\")
     else()
         # if we get here, check the execute_process command and parameters.
-        message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
+        message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT.")
+        message(STATUS "Setting ${VAR_OUPUT} to \"Unknown\"")
         set(${VAR_OUPUT} "Unknown")
     endif()
 endfunction() # LIBWOLFSSL_SAVE_INFO
 
-if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+execute_process(
+    COMMAND ${git_cmd} "rev-parse" "--is-inside-work-tree"
+    OUTPUT_VARIABLE IS_GIT_REPO
+    OUTPUT_STRIP_TRAILING_WHITESPACE
+    ERROR_QUIET
+)
+
+# Save some project-specific details. Repo may be different than component, or may not even be a repo at all:
+if(NOT CMAKE_BUILD_EARLY_EXPANSION AND (IS_GIT_REPO STREQUAL "true"))
     # LIBWOLFSSL_VERSION_GIT_HASH
     execute_process(COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
     LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
@@ -100,3 +120,4 @@ endif()
 
 message(STATUS "")
 
+message(STATUS "End wolfSSL main CMakeLists.txt")

IDE/Espressif/ESP-IDF/examples/template/main/Kconfig.projbuild

@@ -57,7 +57,7 @@ choice WOLFSSL_EXAMPLE_CHOOSE
     config WOLFSSL_EXAMPLE_NAME_WOLFSSH_TEMPLATE
         bool "SSH Template App"
         help
-            Bare-bones Hellow World app that only compiles in wolfSSL and wolfSSH.
+            Bare-bones Hello World app that only compiles in wolfSSL and wolfSSH.
             See wolfSSL/wolfssh on GitHub.
 
     config WOLFSSL_EXAMPLE_NAME_WOLFSSH_ECHOSERVER

IDE/Espressif/ESP-IDF/examples/template/sdkconfig.defaults

@@ -1,10 +1,13 @@
 # Set the known example app config to template example (see user_settings.h)
 CONFIG_WOLFSSL_EXAMPLE_NAME_TEMPLATE=y
+# CONFIG_EXAMPLE_WIFI_SSID="myssid"
+# CONFIG_EXAMPLE_WIFI_PASSWORD="mypassword"
 
 # Some wolfSSL helpers
 CONFIG_USE_WOLFSSL_ESP_SDK_TIME=y
 
-
+# sdkconfig.defaults for ESP8266 + ESP32
+# See separate sdkconfig.defaults.esp8266
 # FreeRTOS ticks at 1ms interval
 CONFIG_FREERTOS_UNICORE=y
 CONFIG_FREERTOS_HZ=1000
@@ -18,9 +21,10 @@ CONFIG_ESP32_DEFAULT_CPU_FREQ_240=y
 #
 # For wolfSSL SMALL_STACK, 3072 bytes should be sufficient for benchmark app.
 # When using RSA, assign at least 10500 bytes, otherwise 5500 usually works for others
-CONFIG_ESP_MAIN_TASK_STACK_SIZE=3584
-# Legacy stack size for older ESP-IDF versions
-CONFIG_MAIN_TASK_STACK_SIZE=3584
+# We set this to 28672 for use in the "test everything possible" in the wolfssl_test app.
+CONFIG_ESP_MAIN_TASK_STACK_SIZE=10500
+# Legacy stack size name for older ESP-IDF versions
+CONFIG_MAIN_TASK_STACK_SIZE=10500
 
 #
 # Benchmark must not have CONFIG_NEWLIB_NANO_FORMAT enabled
@@ -61,8 +65,8 @@ CONFIG_HEAP_DISABLE_IRAM=y
 CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240=y
 
 # Enable wolfSSL TLS in esp-tls
-CONFIG_ESP_TLS_USING_WOLFSSL=y
-CONFIG_TLS_STACK_WOLFSSL=y
+# CONFIG_ESP_TLS_USING_WOLFSSL=y
+# CONFIG_TLS_STACK_WOLFSSL=y
 
 # Bundles take up flash space and are disabled unless otherwise known to be needed
 CONFIG_WOLFSSL_CERTIFICATE_BUNDLE=n
@@ -87,6 +91,13 @@ CONFIG_HEAP_DISABLE_IRAM=y
 # Performance
 # CONFIG_COMPILER_OPTIMIZATION_PERF=y
 
+# Set max COU frequency (falls back as needed for lower maximum)
+CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240=y
+
+# FreeRTOS ticks at 1ms interval
+CONFIG_FREERTOS_UNICORE=y
+CONFIG_FREERTOS_HZ=1000
+
 # Ensure mbedTLS options are disabled
 # CONFIG_MBEDTLS_TLS_SERVER_AND_CLIENT=n
 # CONFIG_MBEDTLS_TLS_CLIENT_ONLY=n

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/CMakeLists.txt

@@ -3,10 +3,12 @@
 #
 # The following lines of boilerplate have to be in your project's
 # CMakeLists in this exact order for cmake to work correctly
+message(STATUS "Begin project ${CMAKE_PROJECT_NAME}")
+
 cmake_minimum_required(VERSION 3.16)
 
 # Optional no watchdog typically used for test & benchmark
-add_compile_options(-DWOLFSSL_ESP_NO_WATCHDOG=1)
+add_compile_definitions(WOLFSSL_ESP_NO_WATCHDOG=1)
 
 # The wolfSSL CMake file should be able to find the source code.
 # Otherwise, assign an environment variable or set it here:
@@ -25,34 +27,35 @@ add_compile_options(-DWOLFSSL_ESP_NO_WATCHDOG=1)
 if(WIN32)
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
-    message("Detected Windows")
+    message(STATUS "Detected Windows")
 endif()
 if(CMAKE_HOST_UNIX)
-    message("Detected UNIX")
+    message(STATUS "Detected UNIX")
 endif()
 if(APPLE)
-    message("Detected APPLE")
+    message(STATUS "Detected APPLE")
 endif()
 if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
-    message("Detected WSL")
+    message(STATUS "Detected WSL")
 endif()
 if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
-    message("Detected Linux")
+    message(STATUS "Detected Linux")
 endif()
 if(APPLE)
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
-    message("Detected Apple")
+    message(STATUS "Detected Apple")
 endif()
 # End optional WOLFSSL_CMAKE_SYSTEM_NAME
 
 # Check that there are not conflicting wolfSSL components
 # The ESP Registry Component will be in ./managed_components/wolfssl__wolfssl
 # The local component wolfSSL directory will be in ./components/wolfssl
+message(STATUS "Checking for wolfSSL as Managed Component or not... ${CMAKE_HOME_DIRECTORY}")
 if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl" )
     # These exclude statements don't seem to be honored by the $ENV{IDF_PATH}/tools/cmake/project.cmake'
     # add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" EXCLUDE_FROM_ALL)
@@ -67,16 +70,46 @@ if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXI
     message(FATAL_ERROR "\nPlease use either the ESP Registry Managed Component or the wolfSSL component directory but not both.\n"
                         "If removing the ./managed_components/wolfssl__wolfssl directory, remember to also remove "
                         "or rename the idf_component.yml file typically found in ./main/")
-else()
+elseif(EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
+    # A standard project component (not a Managed Component)
     message(STATUS "No conflicting wolfSSL components found.")
+    set(WOLFSSL_PATH "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
+elseif(EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl")
+    # The official Managed Component called wolfssl from the wolfssl user.
+    message(STATUS "No conflicting wolfSSL components found as a Managed Component.")
+    set(WOLFSSL_PATH "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl")
+elseif(EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/gojimmypi__mywolfssl")
+    # There is a known gojimmypi staging component available for anyone:
+    message(STATUS "No conflicting wolfSSL components found as a gojimmypi staging Managed Component.")
+elseif(EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/${THIS_USER}__mywolfssl")
+    # Other users with permissions might publish their own mywolfssl staging Managed Component
+    message(STATUS "No conflicting wolfSSL components found as a Managed Component.")
+    set(WOLFSSL_PATH "${CMAKE_HOME_DIRECTORY}/managed_components/${THIS_USER}__mywolfssl")
+else()
+    message(STATUS "WARNING: wolfssl component directory not found.")
 endif()
 
-# Ensure the this wolfSSL component directory is included
-set(WOLFSSL_PATH "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
-list(APPEND EXTRA_COMPONENT_DIRS ${WOLFSSL_PATH})
+# message(STATUS "EXTRA_COMPONENT_DIRS WOLFSSL_PATH: ${WOLFSSL_PATH}")
+# list(APPEND EXTRA_COMPONENT_DIRS ${WOLFSSL_PATH})
 
 # Not only is a project-level "set(COMPONENTS" not needed here, this will cause
 # an unintuitive error about  Unknown CMake command "esptool_py_flash_project_args".
+
+message(STATUS "begin optional PROTOCOL_EXAMPLES_DIR include")
+if(0)
+    # This example uses an extra component for common functions such as Wi-Fi and Ethernet connection.
+    set (PROTOCOL_EXAMPLES_DIR $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+
+    if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
+        message(STATUS "Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+        set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
+    else()
+        message(STATUS "NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+    endif()
+endif()
 include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+message(STATUS "end optional include")
 
 project(wolfssl_benchmark)
+message(STATUS "end project")

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/CMakeLists.txt

@@ -102,28 +102,28 @@ if(VERBOSE_COMPONENT_MESSAGES)
     if(WIN32)
         # Windows-specific configuration here
         set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
-        message("Detected Windows")
+        message(STATUS "Detected Windows")
     endif()
     if(CMAKE_HOST_UNIX)
-        message("Detected UNIX")
+        message(STATUS "Detected UNIX")
     endif()
     if(APPLE)
-        message("Detected APPLE")
+        message(STATUS "Detected APPLE")
     endif()
     if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
         # Windows-specific configuration here
         set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
-        message("Detected WSL")
+        message(STATUS "Detected WSL")
     endif()
     if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
         # Windows-specific configuration here
         set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
-        message("Detected Linux")
+        message(STATUS "Detected Linux")
     endif()
     if(APPLE)
         # Windows-specific configuration here
         set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
-        message("Detected Apple")
+        message(STATUS "Detected Apple")
     endif()
 endif() # End optional WOLFSSL_CMAKE_SYSTEM_NAME
 
@@ -524,7 +524,7 @@ else()
     set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
 
     string(REPLACE "/" "//" STR_WOLFSSL_PROJECT_DIR "${WOLFSSL_PROJECT_DIR}")
-    add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${STR_WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+    add_compile_definitions(WOLFSSL_USER_SETTINGS_DIR="${STR_WOLFSSL_PROJECT_DIR}/include/user_settings.h")
     message(STATUS "Added definition for user_settings.h: -DWOLFSSL_USER_SETTINGS_DIR=\"${STR_WOLFSSL_PROJECT_DIR}//include//user_settings.h\"")
     # Espressif may take several passes through this makefile. Check to see if we found IDF
     string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
@@ -951,7 +951,7 @@ function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
         message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
 
         # the interesting part is defining the VAR_OUPUT name a value to use in the app
-        add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+        add_compile_definitions(${VAR_OUPUT}=\"${VAR_VALUE}\")
     else()
         # if we get here, check the execute_process command and parameters.
         message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
@@ -959,9 +959,16 @@ function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
     endif()
 endfunction() # LIBWOLFSSL_SAVE_INFO
 
+execute_process(
+    COMMAND ${git_cmd} "rev-parse" "--is-inside-work-tree"
+    OUTPUT_VARIABLE IS_GIT_REPO
+    OUTPUT_STRIP_TRAILING_WHITESPACE
+    ERROR_QUIET
+)
+
 # create some programmatic #define values that will be used by ShowExtendedSystemInfo().
 # see wolfcrypt\src\port\Espressif\esp32_utl.c
-if(NOT CMAKE_BUILD_EARLY_EXPANSION AND WOLFSSL_ROOT)
+if(NOT CMAKE_BUILD_EARLY_EXPANSION AND WOLFSSL_ROOT AND (IS_GIT_REPO STREQUAL "true"))
     set (git_cmd "git")
     message(STATUS "Adding macro definitions:")
 

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/Kconfig

@@ -41,7 +41,7 @@
 # The maximum length of options is NOT 50 characters as documented.
 #   kconfcheck will complain that options should be 40 at most.
 #
-# Fix option lengths first. Superflous errors on other lines may occur.
+# Fix option lengths first. Superfluous errors on other lines may occur.
 #
 # The maximum length of lines is 120 characters.
 #

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/component.mk

@@ -82,7 +82,7 @@ WOLFSSL_ROOT := ../../../../../../..
 # "/mnt/c" is 4 directories up:
 #             2 for `./test/demo` from where we run `make`, plus
 #             2 more from the location of `component.mk` located
-#               in `[currect directory]/components/wolfssl`.
+#               in `[current directory]/components/wolfssl`.
 #
 # Thus we need 4 parent reference to find the relative path to wolfSSL:
 # WOLFSSL_ROOT := ../../../../workspace/wolfssl-master

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/include/user_settings.h

@@ -786,7 +786,7 @@
     /***** END CONFIG_IDF_TARGET_ESP8684 *****/
 
 #else
-    /* Anything else encountered, disable HW accleration */
+    /* Anything else encountered, disable HW acceleration */
     #warning "Unexpected CONFIG_IDF_TARGET_NN value"
     #define NO_ESP32_CRYPT
     #define NO_WOLFSSL_ESP32_CRYPT_HASH

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/CMakeLists.txt

@@ -8,6 +8,32 @@ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
 set(COMPONENT_SRCS "main.c")
 set(COMPONENT_ADD_INCLUDEDIRS ".")
 
+if(WIN32)
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
+    message(STATUS "Detected Windows")
+endif()
+if(CMAKE_HOST_UNIX)
+    message(STATUS "Detected UNIX")
+endif()
+if(APPLE)
+    message(STATUS "Detected APPLE")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
+    message(STATUS "Detected WSL")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
+    message(STATUS "Detected Linux")
+endif()
+if(APPLE)
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
+    message(STATUS "Detected Apple")
+endif()
 set (git_cmd "git")
 
 if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
@@ -20,9 +46,20 @@ if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PA
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
 endif()
 
+# The wolfSL component name is named "mywolfssl" on the staging site for Managed Components.
+if( NOT EXISTS "../components/wolfssl" AND ("$ENV{IDF_COMPONENT_REGISTRY_URL}" STREQUAL "https://components-staging.espressif.com") )
+    message(STATUS "WARNING: Using a staging instance of wolfssl.")
+    set(MAIN_WOLFSSL_COMPONENT_NAME "mywolfssl")
+else()
+    message(STATUS "Using release wolfssl component.")
+    set(MAIN_WOLFSSL_COMPONENT_NAME "wolfssl")
+endif()
+
+## register_component()
 idf_component_register(SRCS main.c
                        INCLUDE_DIRS "."
-                       "./include")
+                            "./include"
+                       PRIV_REQUIRES driver "${MAIN_WOLFSSL_COMPONENT_NAME}")
 
 #
 # LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
@@ -52,15 +89,24 @@ function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
         message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
 
         # the interesting part is defining the VAR_OUPUT name a value to use in the app
-        add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+        add_compile_definitions(${VAR_OUPUT}=\"${VAR_VALUE}\")
     else()
         # if we get here, check the execute_process command and parameters.
-        message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
+        message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT.")
+        message(STATUS "Setting ${VAR_OUPUT} to \"Unknown\"")
         set(${VAR_OUPUT} "Unknown")
     endif()
 endfunction() # LIBWOLFSSL_SAVE_INFO
 
-if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+execute_process(
+    COMMAND ${git_cmd} "rev-parse" "--is-inside-work-tree"
+    OUTPUT_VARIABLE IS_GIT_REPO
+    OUTPUT_STRIP_TRAILING_WHITESPACE
+    ERROR_QUIET
+)
+
+# Save some project-specific details. Repo may be different than component, or may not even be a repo at all:
+if(NOT CMAKE_BUILD_EARLY_EXPANSION AND (IS_GIT_REPO STREQUAL "true"))
     # LIBWOLFSSL_VERSION_GIT_HASH
     execute_process(COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
     LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
@@ -76,3 +122,4 @@ endif()
 
 message(STATUS "")
 
+message(STATUS "End wolfSSL main CMakeLists.txt")

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/sdkconfig.defaults

@@ -1,12 +1,13 @@
 # Set the known example app config to template example (see user_settings.h)
 CONFIG_WOLFSSL_EXAMPLE_NAME_WOLFSSL_BENCHMARK=y
+# CONFIG_EXAMPLE_WIFI_SSID="myssid"
+# CONFIG_EXAMPLE_WIFI_PASSWORD="mypassword"
 
 # Some wolfSSL helpers
 CONFIG_USE_WOLFSSL_ESP_SDK_TIME=y
 
 # sdkconfig.defaults for ESP8266 + ESP32
 # Note that during the build process, settings from sdkconfig.defaults will not override those already in sdkconfig.
-# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html#custom-sdkconfig-defaults
 CONFIG_BENCH_ARGV="-lng 0"
 # FreeRTOS ticks at 1ms interval
 CONFIG_FREERTOS_UNICORE=y
@@ -24,7 +25,7 @@ CONFIG_ESP32_DEFAULT_CPU_FREQ_240=y
 # We set this to 28672 for use in the "test everything possible" in the wolfssl_test app.
 CONFIG_ESP_MAIN_TASK_STACK_SIZE=28672
 
-# Legacy stack size for older ESP-IDF versions
+# Legacy stack size name for older ESP-IDF versions
 CONFIG_MAIN_TASK_STACK_SIZE=28672
 
 #
@@ -66,8 +67,8 @@ CONFIG_HEAP_DISABLE_IRAM=y
 CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240=y
 
 # Enable wolfSSL TLS in esp-tls
-CONFIG_ESP_TLS_USING_WOLFSSL=y
-CONFIG_TLS_STACK_WOLFSSL=y
+# CONFIG_ESP_TLS_USING_WOLFSSL=y
+# CONFIG_TLS_STACK_WOLFSSL=y
 
 # Bundles take up flash space and are disabled unless otherwise known to be needed
 CONFIG_WOLFSSL_CERTIFICATE_BUNDLE=n
@@ -99,6 +100,26 @@ CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240=y
 CONFIG_FREERTOS_UNICORE=y
 CONFIG_FREERTOS_HZ=1000
 
+# Ensure mbedTLS options are disabled
+# CONFIG_MBEDTLS_TLS_SERVER_AND_CLIENT=n
+# CONFIG_MBEDTLS_TLS_CLIENT_ONLY=n
+# CONFIG_MBEDTLS_TLS_SERVER=n
+# CONFIG_MBEDTLS_TLS_CLIENT=n
+# CONFIG_MBEDTLS_HARDWARE_AES=n
+# CONFIG_MBEDTLS_HARDWARE_MPI=n
+# CONFIG_MBEDTLS_HARDWARE_SHA=n
+# CONFIG_MBEDTLS_ROM_MD5=n
+# CONFIG_MBEDTLS_SSL_RENEGOTIATION=n
+# CONFIG_MBEDTLS_SSL_PROTO_TLS1_2=n
+# CONFIG_MBEDTLS_SSL_PROTO_GMTSSL1_1=n
+# CONFIG_MBEDTLS_SSL_ALPN=n
+# CONFIG_MBEDTLS_CLIENT_SSL_SESSION_TICKETS=n
+# CONFIG_MBEDTLS_SERVER_SSL_SESSION_TICKETS=n
+
+# The same-name config is used for both WiFi and client/server TLS, so we cannot disable:
+# CONFIG_MBEDTLS_TLS_ENABLED=n
+# CONFIG_MBEDTLS_TLS_DISABLED=y
+
 #
 # Compiler options
 #

IDE/Espressif/ESP-IDF/examples/wolfssl_client/CMakeLists.txt

@@ -1,5 +1,5 @@
 # wolfSSL Espressif Example Project CMakeLists.txt
-#   v1.0
+#   v1.3
 #
 # The following lines of boilerplate have to be in your project's
 # CMakeLists in this exact order for cmake to work correctly
@@ -7,6 +7,9 @@ message(STATUS "Begin project ${CMAKE_PROJECT_NAME}")
 
 cmake_minimum_required(VERSION 3.16)
 
+# Optional no watchdog typically used for test & benchmark
+add_compile_definitions(WOLFSSL_ESP_NO_WATCHDOG=1)
+
 # The wolfSSL CMake file should be able to find the source code.
 # Otherwise, assign an environment variable or set it here:
 #
@@ -24,28 +27,28 @@ cmake_minimum_required(VERSION 3.16)
 if(WIN32)
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
-    message("Detected Windows")
+    message(STATUS "Detected Windows")
 endif()
 if(CMAKE_HOST_UNIX)
-    message("Detected UNIX")
+    message(STATUS "Detected UNIX")
 endif()
 if(APPLE)
-    message("Detected APPLE")
+    message(STATUS "Detected APPLE")
 endif()
 if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
-    message("Detected WSL")
+    message(STATUS "Detected WSL")
 endif()
 if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
-    message("Detected Linux")
+    message(STATUS "Detected Linux")
 endif()
 if(APPLE)
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
-    message("Detected Apple")
+    message(STATUS "Detected Apple")
 endif()
 # End optional WOLFSSL_CMAKE_SYSTEM_NAME
 
@@ -54,16 +57,33 @@ endif()
 string(REPLACE "\\" "/" PROTOCOL_EXAMPLES_DIR "$ENV{IDF_PATH}/examples/common_components/protocol_examples_common")
 
 if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
-    message("Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+    message(STATUS "Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
     set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
 else()
-    message("NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+    message(STATUS "NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
 endif()
 
+# Find the user name to search for possible "wolfssl-username"
+# Reminder: Windows is  %USERNAME%, Linux is $USER
+message(STATUS "USERNAME = $ENV{USERNAME}")
+if(  "$ENV{USER}" STREQUAL "" ) # the bash user
+    if(  "$ENV{USERNAME}" STREQUAL "" ) # the Windows user
+        message(STATUS "could not find USER or USERNAME")
+    else()
+        # the bash user is not blank, so we'll use it.
+        set(THIS_USER "$ENV{USERNAME}")
+    endif()
+else()
+    # the bash user is not blank, so we'll use it.
+    set(THIS_USER "$ENV{USER}")
+endif()
+message(STATUS "THIS_USER = ${THIS_USER}")
+
 # Check that there are not conflicting wolfSSL components
 # The ESP Registry Component will be in ./managed_components/wolfssl__wolfssl
 # The local component wolfSSL directory will be in ./components/wolfssl
+message(STATUS "Checking for wolfSSL as Managed Component or not... ${CMAKE_HOME_DIRECTORY}")
 if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl" )
     # These exclude statements don't seem to be honored by the $ENV{IDF_PATH}/tools/cmake/project.cmake'
     # add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" EXCLUDE_FROM_ALL)
@@ -78,25 +98,46 @@ if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXI
     message(FATAL_ERROR "\nPlease use either the ESP Registry Managed Component or the wolfSSL component directory but not both.\n"
                         "If removing the ./managed_components/wolfssl__wolfssl directory, remember to also remove "
                         "or rename the idf_component.yml file typically found in ./main/")
-else()
+elseif(EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
+    # A standard project component (not a Managed Component)
     message(STATUS "No conflicting wolfSSL components found.")
+    set(WOLFSSL_PATH "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
+elseif(EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl")
+    # The official Managed Component called wolfssl from the wolfssl user.
+    message(STATUS "No conflicting wolfSSL components found as a Managed Component.")
+    set(WOLFSSL_PATH "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl")
+elseif(EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/gojimmypi__mywolfssl")
+    # There is a known gojimmypi staging component available for anyone:
+    message(STATUS "No conflicting wolfSSL components found as a gojimmypi staging Managed Component.")
+elseif(EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/${THIS_USER}__mywolfssl")
+    # Other users with permissions might publish their own mywolfssl staging Managed Component
+    message(STATUS "No conflicting wolfSSL components found as a Managed Component.")
+    set(WOLFSSL_PATH "${CMAKE_HOME_DIRECTORY}/managed_components/${THIS_USER}__mywolfssl")
+else()
+    message(STATUS "WARNING: wolfssl component directory not found.")
 endif()
 
+# message(STATUS "EXTRA_COMPONENT_DIRS WOLFSSL_PATH: ${WOLFSSL_PATH}")
+# list(APPEND EXTRA_COMPONENT_DIRS ${WOLFSSL_PATH})
+
+# Not only is a project-level "set(COMPONENTS" not needed here, this will cause
+# an unintuitive error about  Unknown CMake command "esptool_py_flash_project_args".
 
-message(STATUS "begin include")
 if(0)
+    message(STATUS "begin optional PROTOCOL_EXAMPLES_DIR include")
     # This example uses an extra component for common functions such as Wi-Fi and Ethernet connection.
     set (PROTOCOL_EXAMPLES_DIR $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
 
     if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
-        message("Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+        message(STATUS "Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
         set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
         set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
     else()
-        message("NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+        message(STATUS "NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
     endif()
+    message(STATUS "end optional include")
 endif()
 include($ENV{IDF_PATH}/tools/cmake/project.cmake)
-message(STATUS "end include")
+
 project(wolfssl_client)
 message(STATUS "end project")

IDE/Espressif/ESP-IDF/examples/wolfssl_client/README_server_sm.md

@@ -167,7 +167,7 @@ I (735) system_api: read default base MAC address from EFUSE
 I (755) wifi:wifi firmware version: 0d470ef
 I (755) wifi:wifi certification version: v7.0
 I (755) wifi:config NVS flash: enabled
-I (755) wifi:config nano formating: disabled
+I (755) wifi:config nano formatting: disabled
 I (755) wifi:Init data frame dynamic rx buffer num: 32
 I (765) wifi:Init management frame dynamic rx buffer num: 32
 I (765) wifi:Init management short buffer num: 32

IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt

@@ -102,28 +102,28 @@ if(VERBOSE_COMPONENT_MESSAGES)
     if(WIN32)
         # Windows-specific configuration here
         set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
-        message("Detected Windows")
+        message(STATUS "Detected Windows")
     endif()
     if(CMAKE_HOST_UNIX)
-        message("Detected UNIX")
+        message(STATUS "Detected UNIX")
     endif()
     if(APPLE)
-        message("Detected APPLE")
+        message(STATUS "Detected APPLE")
     endif()
     if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
         # Windows-specific configuration here
         set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
-        message("Detected WSL")
+        message(STATUS "Detected WSL")
     endif()
     if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
         # Windows-specific configuration here
         set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
-        message("Detected Linux")
+        message(STATUS "Detected Linux")
     endif()
     if(APPLE)
         # Windows-specific configuration here
         set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
-        message("Detected Apple")
+        message(STATUS "Detected Apple")
     endif()
 endif() # End optional WOLFSSL_CMAKE_SYSTEM_NAME
 
@@ -524,7 +524,7 @@ else()
     set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
 
     string(REPLACE "/" "//" STR_WOLFSSL_PROJECT_DIR "${WOLFSSL_PROJECT_DIR}")
-    add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${STR_WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+    add_compile_definitions(WOLFSSL_USER_SETTINGS_DIR="${STR_WOLFSSL_PROJECT_DIR}/include/user_settings.h")
     message(STATUS "Added definition for user_settings.h: -DWOLFSSL_USER_SETTINGS_DIR=\"${STR_WOLFSSL_PROJECT_DIR}//include//user_settings.h\"")
     # Espressif may take several passes through this makefile. Check to see if we found IDF
     string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
@@ -951,7 +951,7 @@ function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
         message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
 
         # the interesting part is defining the VAR_OUPUT name a value to use in the app
-        add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+        add_compile_definitions(${VAR_OUPUT}=\"${VAR_VALUE}\")
     else()
         # if we get here, check the execute_process command and parameters.
         message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
@@ -959,9 +959,16 @@ function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
     endif()
 endfunction() # LIBWOLFSSL_SAVE_INFO
 
+execute_process(
+    COMMAND ${git_cmd} "rev-parse" "--is-inside-work-tree"
+    OUTPUT_VARIABLE IS_GIT_REPO
+    OUTPUT_STRIP_TRAILING_WHITESPACE
+    ERROR_QUIET
+)
+
 # create some programmatic #define values that will be used by ShowExtendedSystemInfo().
 # see wolfcrypt\src\port\Espressif\esp32_utl.c
-if(NOT CMAKE_BUILD_EARLY_EXPANSION AND WOLFSSL_ROOT)
+if(NOT CMAKE_BUILD_EARLY_EXPANSION AND WOLFSSL_ROOT AND (IS_GIT_REPO STREQUAL "true"))
     set (git_cmd "git")
     message(STATUS "Adding macro definitions:")
 

IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/Kconfig

@@ -41,7 +41,7 @@
 # The maximum length of options is NOT 50 characters as documented.
 #   kconfcheck will complain that options should be 40 at most.
 #
-# Fix option lengths first. Superflous errors on other lines may occur.
+# Fix option lengths first. Superfluous errors on other lines may occur.
 #
 # The maximum length of lines is 120 characters.
 #

IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/component.mk

@@ -82,7 +82,7 @@ WOLFSSL_ROOT := ../../../../../../..
 # "/mnt/c" is 4 directories up:
 #             2 for `./test/demo` from where we run `make`, plus
 #             2 more from the location of `component.mk` located
-#               in `[currect directory]/components/wolfssl`.
+#               in `[current directory]/components/wolfssl`.
 #
 # Thus we need 4 parent reference to find the relative path to wolfSSL:
 # WOLFSSL_ROOT := ../../../../workspace/wolfssl-master

IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include/user_settings.h

@@ -786,7 +786,7 @@
     /***** END CONFIG_IDF_TARGET_ESP8684 *****/
 
 #else
-    /* Anything else encountered, disable HW accleration */
+    /* Anything else encountered, disable HW acceleration */
     #warning "Unexpected CONFIG_IDF_TARGET_NN value"
     #define NO_ESP32_CRYPT
     #define NO_WOLFSSL_ESP32_CRYPT_HASH

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/CMakeLists.txt

@@ -1,36 +1,36 @@
 # wolfSSL Espressif Example Project/main CMakeLists.txt
-#   v1.0
+#   v1.1
 #
 # wolfssl client test
 #
-message("Begin wolfSSL main CMakeLists.txt")
+message(STATUS "Begin wolfSSL main CMakeLists.txt")
 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
 
 if(WIN32)
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
-    message("Detected Windows")
+    message(STATUS "Detected Windows")
 endif()
 if(CMAKE_HOST_UNIX)
-    message("Detected UNIX")
+    message(STATUS "Detected UNIX")
 endif()
 if(APPLE)
-    message("Detected APPLE")
+    message(STATUS "Detected APPLE")
 endif()
 if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
-    message("Detected WSL")
+    message(STATUS "Detected WSL")
 endif()
 if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
-    message("Detected Linux")
+    message(STATUS "Detected Linux")
 endif()
 if(APPLE)
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
-    message("Detected Apple")
+    message(STATUS "Detected Apple")
 endif()
 set (git_cmd "git")
 
@@ -44,14 +44,26 @@ if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PA
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
 endif()
 
+# The wolfSL component name is named "mywolfssl" on the staging site for Managed Components.
+if( NOT EXISTS "../components/wolfssl" AND ("$ENV{IDF_COMPONENT_REGISTRY_URL}" STREQUAL "https://components-staging.espressif.com") )
+    message(STATUS "WARNING: Using a staging instance of wolfssl.")
+    set(MAIN_WOLFSSL_COMPONENT_NAME "mywolfssl")
+else()
+    message(STATUS "Using release wolfssl component.")
+    set(MAIN_WOLFSSL_COMPONENT_NAME "wolfssl")
+endif()
+
 ## register_component()
 idf_component_register(SRCS main.c
                             wifi_connect.c
                             time_helper.c
                             client-tls.c
                        INCLUDE_DIRS "."
-                                    "./include")
-#
+                            "./include"
+                       PRIV_REQUIRES "${MAIN_WOLFSSL_COMPONENT_NAME}"
+                                     driver
+                                     nvs_flash
+                                     protocol_examples_common)
 
 #
 # LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
@@ -81,7 +93,7 @@ function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
         message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
 
         # the interesting part is defining the VAR_OUPUT name a value to use in the app
-        add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+        add_compile_definitions(${VAR_OUPUT}=\"${VAR_VALUE}\")
     else()
         # if we get here, check the execute_process command and parameters.
         message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT.")
@@ -90,21 +102,28 @@ function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
     endif()
 endfunction() # LIBWOLFSSL_SAVE_INFO
 
+execute_process(
+    COMMAND ${git_cmd} "rev-parse" "--is-inside-work-tree"
+    OUTPUT_VARIABLE IS_GIT_REPO
+    OUTPUT_STRIP_TRAILING_WHITESPACE
+    ERROR_QUIET
+)
+
 # Save some project-specific details. Repo may be different than component, or may not even be a repo at all:
-if(NOT CMAKE_BUILD_EARLY_EXPANSION)
-    # WOLFSSL_EXAMPLE_VERSION_GIT_HASH
+if(NOT CMAKE_BUILD_EARLY_EXPANSION AND (IS_GIT_REPO STREQUAL "true"))
+    # LIBWOLFSSL_VERSION_GIT_HASH
     execute_process(COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
-    LIBWOLFSSL_SAVE_INFO(WOLFSSL_EXAMPLE_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
 
-    # WOLFSSL_EXAMPLE_VERSION_GIT_SHORT_HASH
+    # LIBWOLFSSL_VERSION_GIT_SHORT_HASH
     execute_process(COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
-    LIBWOLFSSL_SAVE_INFO(WOLFSSL_EXAMPLE_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
 
-    # WOLFSSL_EXAMPLE_VERSION_GIT_HASH_DATE
+    # LIBWOLFSSL_VERSION_GIT_HASH_DATE
     execute_process(COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES  )
-    LIBWOLFSSL_SAVE_INFO(WOLFSSL_EXAMPLE_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
 endif()
 
 message(STATUS "")
-message("End wolfSSL main CMakeLists.txt")
 
+message(STATUS "End wolfSSL main CMakeLists.txt")

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/Kconfig.projbuild

@@ -34,7 +34,7 @@ choice WOLFSSL_EXAMPLE_CHOOSE
     config WOLFSSL_EXAMPLE_NAME_WOLFSSH_TEMPLATE
         bool "SSH Template App"
         help
-            Bare-bones Hellow World app that only compiles in wolfSSL and wolfSSH.
+            Bare-bones Hello World app that only compiles in wolfSSL and wolfSSH.
             See wolfSSL/wolfssh on GitHub.
 
     config WOLFSSL_EXAMPLE_NAME_WOLFSSH_ECHOSERVER

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c

@@ -307,11 +307,11 @@ WOLFSSL_ESP_TASK tls_smp_client_task(void* args)
 
     /* no peer check */
     if (doPeerCheck == 0) {
-        ESP_LOGW(TAG, "doPeerCheck == 0");
+        ESP_LOGW(TAG, "doPeerCheck == 0; WOLFSSL_VERIFY_NONE");
         wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, 0);
     }
     else {
-        ESP_LOGW(TAG, "doPeerCheck != 0");
+        ESP_LOGI(TAG, "doPeerCheck != 0");
         WOLFSSL_MSG("Loading... our cert");
         /* load our certificate */
         ret_i = wolfSSL_CTX_use_certificate_chain_buffer_format(ctx,

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/client-tls.h

@@ -59,7 +59,7 @@
         #define TLS_SMP_CLIENT_TASK_BYTES (12 * 1024)
     #else
         /* Minimum ESP32 stack size = 8K without Kyber */
-        #define TLS_SMP_CLIENT_TASK_BYTES (8 * 1024)
+        #define TLS_SMP_CLIENT_TASK_BYTES (10 * 1024)
     #endif
 #endif
 
@@ -87,7 +87,7 @@ WOLFSSL_ESP_TASK tls_smp_client_task(void* args);
 
 /* init will create an RTOS task, otherwise server is simply function call. */
 #if defined(SINGLE_THREADED)
-    /* no init neded */
+    /* no init needed */
 #else
     WOLFSSL_ESP_TASK tls_smp_client_init(void* args);
 #endif

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h

@@ -103,7 +103,7 @@
     ** the config you want - ie #define EXAMPLE_WIFI_SSID "mywifissid"
     */
     #if defined(CONFIG_ESP_WIFI_SSID)
-        /* tyically from ESP32 with ESP-IDF v4 ot v5 */
+        /* tyically from ESP32 with ESP-IDF v4 to v5 */
         #define EXAMPLE_ESP_WIFI_SSID CONFIG_ESP_WIFI_SSID
     #elif defined(CONFIG_EXAMPLE_WIFI_SSID)
         /* typically from ESP8266 rtos-sdk/v3.4 */

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/main.c

@@ -149,7 +149,7 @@ void app_main(void)
 #if !defined(CONFIG_WOLFSSL_EXAMPLE_NAME_TLS_CLIENT)
     ESP_LOGW(TAG, "Warning: Example wolfSSL misconfigured? Check menuconfig.");
 #endif
-#ifdef ESP_SDK_MEM_LIB_VERSION
+#if defined(ESP_SDK_MEM_LIB_VERSION) && defined(DEBUG_WOLFSSL)
     sdk_init_meminfo();
 #endif
 #ifdef ESP_TASK_MAIN_STACK

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/time_helper.c

@@ -204,7 +204,7 @@ int set_time_from_string(const char* time_buffer)
     int quote_offset = 0;
     int ret = 0;
 
-    /* perform some basic sanity checkes */
+    /* perform some basic sanity checks */
     ret = probably_valid_time_string(time_buffer);
     if (ret == ESP_OK) {
         /* we are expecting the string to be encapsulated in single quotes */
@@ -218,7 +218,7 @@ int set_time_from_string(const char* time_buffer)
                     &day, &hour, &minute, &second, &year, &offset);
 
         if (ret == 8) {
-            /* we found a match for all componets */
+            /* we found a match for all components */
 
             const char *months[] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun",
                                      "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"
@@ -282,7 +282,7 @@ int set_time(void)
     esp_show_current_datetime();
 
 #ifdef LIBWOLFSSL_VERSION_GIT_HASH_DATE
-    /* initialy set a default approximate time from recent git commit */
+    /* initially set a default approximate time from recent git commit */
     ESP_LOGI(TAG, "Found git hash date, attempting to set system date: %s",
                    LIBWOLFSSL_VERSION_GIT_HASH_DATE);
     set_time_from_string(LIBWOLFSSL_VERSION_GIT_HASH_DATE"\0");

IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c

@@ -147,7 +147,7 @@ int wifi_init_sta(void)
     };
 
     /* Setting a password implies station will connect to all security modes including WEP/WPA.
-        * However these modes are deprecated and not advisable to be used. Incase your Access point
+        * However these modes are deprecated and not advisable to be used. In case your Access point
         * doesn't support WPA2, these mode can be enabled by commenting below line */
 
     if (strlen((char *)wifi_config.sta.password)) {
@@ -325,7 +325,7 @@ int wifi_init_sta(void)
             .ssid = EXAMPLE_ESP_WIFI_SSID,
             .password = EXAMPLE_ESP_WIFI_PASS,
             /* Authmode threshold resets to WPA2 as default if password matches
-             * WPA2 standards (pasword len => 8). If you want to connect the
+             * WPA2 standards (password len => 8). If you want to connect the
              * device to deprecated WEP/WPA networks, Please set the threshold
              * value WIFI_AUTH_WEP/WIFI_AUTH_WPA_PSK and set the password with
              * length and format matching to WIFI_AUTH_WEP/WIFI_AUTH_WPA_PSK

IDE/Espressif/ESP-IDF/examples/wolfssl_client/sdkconfig.defaults

@@ -6,22 +6,25 @@ CONFIG_WOLFSSL_EXAMPLE_NAME_TLS_CLIENT=y
 # Some wolfSSL helpers
 CONFIG_USE_WOLFSSL_ESP_SDK_TIME=y
 
+# sdkconfig.defaults for ESP8266 + ESP32
+
 # FreeRTOS ticks at 1ms interval
 CONFIG_FREERTOS_UNICORE=y
 CONFIG_FREERTOS_HZ=1000
 CONFIG_ESP32_DEFAULT_CPU_FREQ_240=y
 
 #
-# Default main stack size
+# Default main stack size. See user_settings.h
 #
 # This is typically bigger than needed for stack size.
 # Units are words, not bytes. See user_settings.h
 #
 # For wolfSSL SMALL_STACK, 3072 bytes should be sufficient for benchmark app.
 # When using RSA, assign at least 10500 bytes, otherwise 5500 usually works for others
+# We set this to 28672 for use in the "test everything possible" in the wolfssl_test app.
 CONFIG_ESP_MAIN_TASK_STACK_SIZE=10500
 
-# Legacy stack size for older ESP-IDF versions
+# Legacy stack size name for older ESP-IDF versions
 CONFIG_MAIN_TASK_STACK_SIZE=10500
 
 #
@@ -63,8 +66,8 @@ CONFIG_HEAP_DISABLE_IRAM=y
 CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240=y
 
 # Enable wolfSSL TLS in esp-tls
-CONFIG_ESP_TLS_USING_WOLFSSL=y
-CONFIG_TLS_STACK_WOLFSSL=y
+# CONFIG_ESP_TLS_USING_WOLFSSL=y
+# CONFIG_TLS_STACK_WOLFSSL=y
 
 # Bundles take up flash space and are disabled unless otherwise known to be needed
 CONFIG_WOLFSSL_CERTIFICATE_BUNDLE=n
@@ -76,6 +79,25 @@ CONFIG_WOLFSSL_CERTIFICATE_BUNDLE=n
 CONFIG_ESP_TLS_USING_MBEDTLS=n
 CONFIG_MBEDTLS_CERTIFICATE_BUNDLE=n
 
+# Some wolfSSL helpers
+CONFIG_USE_WOLFSSL_ESP_SDK_TIME=n
+
+# CONFIG_ESP_HTTP_CLIENT_ENABLE_HTTPS is not set
+CONFIG_ESP_HTTP_CLIENT_ENABLE_HTTPS=n
+
+# ESP8266 Memory
+CONFIG_FREERTOS_GLOBAL_DATA_LINK_IRAM=y
+CONFIG_HEAP_DISABLE_IRAM=y
+
+# Performance
+# CONFIG_COMPILER_OPTIMIZATION_PERF=y
+
+# Set max COU frequency (falls back as needed for lower maximum)
+CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240=y
+
+# FreeRTOS ticks at 1ms interval
+CONFIG_FREERTOS_UNICORE=y
+CONFIG_FREERTOS_HZ=1000
 
 # Ensure mbedTLS options are disabled
 # CONFIG_MBEDTLS_TLS_SERVER_AND_CLIENT=n

IDE/Espressif/ESP-IDF/examples/wolfssl_server/CMakeLists.txt

@@ -1,5 +1,5 @@
 # wolfSSL Espressif Example Project CMakeLists.txt
-#   v1.0
+#   v1.3
 #
 # The following lines of boilerplate have to be in your project's
 # CMakeLists in this exact order for cmake to work correctly
@@ -7,6 +7,9 @@ message(STATUS "Begin project ${CMAKE_PROJECT_NAME}")
 
 cmake_minimum_required(VERSION 3.16)
 
+# Optional no watchdog typically used for test & benchmark
+add_compile_definitions(WOLFSSL_ESP_NO_WATCHDOG=1)
+
 # The wolfSSL CMake file should be able to find the source code.
 # Otherwise, assign an environment variable or set it here:
 #
@@ -24,28 +27,28 @@ cmake_minimum_required(VERSION 3.16)
 if(WIN32)
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
-    message("Detected Windows")
+    message(STATUS "Detected Windows")
 endif()
 if(CMAKE_HOST_UNIX)
-    message("Detected UNIX")
+    message(STATUS "Detected UNIX")
 endif()
 if(APPLE)
-    message("Detected APPLE")
+    message(STATUS "Detected APPLE")
 endif()
 if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
-    message("Detected WSL")
+    message(STATUS "Detected WSL")
 endif()
 if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
-    message("Detected Linux")
+    message(STATUS "Detected Linux")
 endif()
 if(APPLE)
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
-    message("Detected Apple")
+    message(STATUS "Detected Apple")
 endif()
 # End optional WOLFSSL_CMAKE_SYSTEM_NAME
 
@@ -54,16 +57,33 @@ endif()
 string(REPLACE "\\" "/" PROTOCOL_EXAMPLES_DIR "$ENV{IDF_PATH}/examples/common_components/protocol_examples_common")
 
 if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
-    message("Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+    message(STATUS "Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
     set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
 else()
-    message("NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+    message(STATUS "NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
 endif()
 
+# Find the user name to search for possible "wolfssl-username"
+# Reminder: Windows is  %USERNAME%, Linux is $USER
+message(STATUS "USERNAME = $ENV{USERNAME}")
+if(  "$ENV{USER}" STREQUAL "" ) # the bash user
+    if(  "$ENV{USERNAME}" STREQUAL "" ) # the Windows user
+        message(STATUS "could not find USER or USERNAME")
+    else()
+        # the bash user is not blank, so we'll use it.
+        set(THIS_USER "$ENV{USERNAME}")
+    endif()
+else()
+    # the bash user is not blank, so we'll use it.
+    set(THIS_USER "$ENV{USER}")
+endif()
+message(STATUS "THIS_USER = ${THIS_USER}")
+
 # Check that there are not conflicting wolfSSL components
 # The ESP Registry Component will be in ./managed_components/wolfssl__wolfssl
 # The local component wolfSSL directory will be in ./components/wolfssl
+message(STATUS "Checking for wolfSSL as Managed Component or not... ${CMAKE_HOME_DIRECTORY}")
 if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl" )
     # These exclude statements don't seem to be honored by the $ENV{IDF_PATH}/tools/cmake/project.cmake'
     # add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" EXCLUDE_FROM_ALL)
@@ -78,25 +98,46 @@ if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXI
     message(FATAL_ERROR "\nPlease use either the ESP Registry Managed Component or the wolfSSL component directory but not both.\n"
                         "If removing the ./managed_components/wolfssl__wolfssl directory, remember to also remove "
                         "or rename the idf_component.yml file typically found in ./main/")
-else()
+elseif(EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
+    # A standard project component (not a Managed Component)
     message(STATUS "No conflicting wolfSSL components found.")
+    set(WOLFSSL_PATH "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
+elseif(EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl")
+    # The official Managed Component called wolfssl from the wolfssl user.
+    message(STATUS "No conflicting wolfSSL components found as a Managed Component.")
+    set(WOLFSSL_PATH "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl")
+elseif(EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/gojimmypi__mywolfssl")
+    # There is a known gojimmypi staging component available for anyone:
+    message(STATUS "No conflicting wolfSSL components found as a gojimmypi staging Managed Component.")
+elseif(EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/${THIS_USER}__mywolfssl")
+    # Other users with permissions might publish their own mywolfssl staging Managed Component
+    message(STATUS "No conflicting wolfSSL components found as a Managed Component.")
+    set(WOLFSSL_PATH "${CMAKE_HOME_DIRECTORY}/managed_components/${THIS_USER}__mywolfssl")
+else()
+    message(STATUS "WARNING: wolfssl component directory not found.")
 endif()
 
+# message(STATUS "EXTRA_COMPONENT_DIRS WOLFSSL_PATH: ${WOLFSSL_PATH}")
+# list(APPEND EXTRA_COMPONENT_DIRS ${WOLFSSL_PATH})
 
-message(STATUS "begin include")
+# Not only is a project-level "set(COMPONENTS" not needed here, this will cause
+# an unintuitive error about  Unknown CMake command "esptool_py_flash_project_args".
+
+message(STATUS "begin optional PROTOCOL_EXAMPLES_DIR include")
 if(0)
     # This example uses an extra component for common functions such as Wi-Fi and Ethernet connection.
     set (PROTOCOL_EXAMPLES_DIR $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
 
     if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
-        message("Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+        message(STATUS "Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
         set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
         set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
     else()
-        message("NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+        message(STATUS "NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
     endif()
 endif()
 include($ENV{IDF_PATH}/tools/cmake/project.cmake)
 message(STATUS "end include")
+
 project(wolfssl_server)
 message(STATUS "end project")

IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md

@@ -82,7 +82,7 @@ After the server exits, remove the port proxy forward:
 netsh interface portproxy delete v4tov4 listenport=11111 listenaddress=0.0.0.0
 ```
 
-Cipers to consider
+Ciphers to consider
 
 ```
 TLS13-AES128-GCM-SHA256:

IDE/Espressif/ESP-IDF/examples/wolfssl_server/README_server_sm.md

@@ -167,7 +167,7 @@ I (735) system_api: read default base MAC address from EFUSE
 I (755) wifi:wifi firmware version: 0d470ef
 I (755) wifi:wifi certification version: v7.0
 I (755) wifi:config NVS flash: enabled
-I (755) wifi:config nano formating: disabled
+I (755) wifi:config nano formatting: disabled
 I (755) wifi:Init data frame dynamic rx buffer num: 32
 I (765) wifi:Init management frame dynamic rx buffer num: 32
 I (765) wifi:Init management short buffer num: 32

IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/CMakeLists.txt

@@ -102,28 +102,28 @@ if(VERBOSE_COMPONENT_MESSAGES)
     if(WIN32)
         # Windows-specific configuration here
         set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
-        message("Detected Windows")
+        message(STATUS "Detected Windows")
     endif()
     if(CMAKE_HOST_UNIX)
-        message("Detected UNIX")
+        message(STATUS "Detected UNIX")
     endif()
     if(APPLE)
-        message("Detected APPLE")
+        message(STATUS "Detected APPLE")
     endif()
     if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
         # Windows-specific configuration here
         set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
-        message("Detected WSL")
+        message(STATUS "Detected WSL")
     endif()
     if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
         # Windows-specific configuration here
         set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
-        message("Detected Linux")
+        message(STATUS "Detected Linux")
     endif()
     if(APPLE)
         # Windows-specific configuration here
         set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
-        message("Detected Apple")
+        message(STATUS "Detected Apple")
     endif()
 endif() # End optional WOLFSSL_CMAKE_SYSTEM_NAME
 
@@ -524,7 +524,7 @@ else()
     set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
 
     string(REPLACE "/" "//" STR_WOLFSSL_PROJECT_DIR "${WOLFSSL_PROJECT_DIR}")
-    add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${STR_WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+    add_compile_definitions(WOLFSSL_USER_SETTINGS_DIR="${STR_WOLFSSL_PROJECT_DIR}/include/user_settings.h")
     message(STATUS "Added definition for user_settings.h: -DWOLFSSL_USER_SETTINGS_DIR=\"${STR_WOLFSSL_PROJECT_DIR}//include//user_settings.h\"")
     # Espressif may take several passes through this makefile. Check to see if we found IDF
     string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
@@ -951,7 +951,7 @@ function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
         message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
 
         # the interesting part is defining the VAR_OUPUT name a value to use in the app
-        add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+        add_compile_definitions(${VAR_OUPUT}=\"${VAR_VALUE}\")
     else()
         # if we get here, check the execute_process command and parameters.
         message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
@@ -959,9 +959,16 @@ function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
     endif()
 endfunction() # LIBWOLFSSL_SAVE_INFO
 
+execute_process(
+    COMMAND ${git_cmd} "rev-parse" "--is-inside-work-tree"
+    OUTPUT_VARIABLE IS_GIT_REPO
+    OUTPUT_STRIP_TRAILING_WHITESPACE
+    ERROR_QUIET
+)
+
 # create some programmatic #define values that will be used by ShowExtendedSystemInfo().
 # see wolfcrypt\src\port\Espressif\esp32_utl.c
-if(NOT CMAKE_BUILD_EARLY_EXPANSION AND WOLFSSL_ROOT)
+if(NOT CMAKE_BUILD_EARLY_EXPANSION AND WOLFSSL_ROOT AND (IS_GIT_REPO STREQUAL "true"))
     set (git_cmd "git")
     message(STATUS "Adding macro definitions:")
 

IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/Kconfig

@@ -41,7 +41,7 @@
 # The maximum length of options is NOT 50 characters as documented.
 #   kconfcheck will complain that options should be 40 at most.
 #
-# Fix option lengths first. Superflous errors on other lines may occur.
+# Fix option lengths first. Superfluous errors on other lines may occur.
 #
 # The maximum length of lines is 120 characters.
 #

IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/component.mk

@@ -82,7 +82,7 @@ WOLFSSL_ROOT := ../../../../../../..
 # "/mnt/c" is 4 directories up:
 #             2 for `./test/demo` from where we run `make`, plus
 #             2 more from the location of `component.mk` located
-#               in `[currect directory]/components/wolfssl`.
+#               in `[current directory]/components/wolfssl`.
 #
 # Thus we need 4 parent reference to find the relative path to wolfSSL:
 # WOLFSSL_ROOT := ../../../../workspace/wolfssl-master

IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/include/user_settings.h

@@ -786,7 +786,7 @@
     /***** END CONFIG_IDF_TARGET_ESP8684 *****/
 
 #else
-    /* Anything else encountered, disable HW accleration */
+    /* Anything else encountered, disable HW acceleration */
     #warning "Unexpected CONFIG_IDF_TARGET_NN value"
     #define NO_ESP32_CRYPT
     #define NO_WOLFSSL_ESP32_CRYPT_HASH

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/CMakeLists.txt

@@ -1,36 +1,36 @@
 # wolfSSL Espressif Example Project/main CMakeLists.txt
-#   v1.0
+#   v1.1
 #
 # wolfssl server test
 #
-message("Begin wolfSSL main CMakeLists.txt")
+message(STATUS "Begin wolfSSL main CMakeLists.txt")
 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
 
 if(WIN32)
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
-    message("Detected Windows")
+    message(STATUS "Detected Windows")
 endif()
 if(CMAKE_HOST_UNIX)
-    message("Detected UNIX")
+    message(STATUS "Detected UNIX")
 endif()
 if(APPLE)
-    message("Detected APPLE")
+    message(STATUS "Detected APPLE")
 endif()
 if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
-    message("Detected WSL")
+    message(STATUS "Detected WSL")
 endif()
 if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
-    message("Detected Linux")
+    message(STATUS "Detected Linux")
 endif()
 if(APPLE)
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
-    message("Detected Apple")
+    message(STATUS "Detected Apple")
 endif()
 set (git_cmd "git")
 
@@ -44,14 +44,26 @@ if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PA
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
 endif()
 
+# The wolfSL component name is named "mywolfssl" on the staging site for Managed Components.
+if( NOT EXISTS "../components/wolfssl" AND ("$ENV{IDF_COMPONENT_REGISTRY_URL}" STREQUAL "https://components-staging.espressif.com") )
+    message(STATUS "WARNING: Using a staging instance of wolfssl.")
+    set(MAIN_WOLFSSL_COMPONENT_NAME "mywolfssl")
+else()
+    message(STATUS "Using release wolfssl component.")
+    set(MAIN_WOLFSSL_COMPONENT_NAME "wolfssl")
+endif()
+
 ## register_component()
 idf_component_register(SRCS main.c
                             wifi_connect.c
                             time_helper.c
                             server-tls.c
                        INCLUDE_DIRS "."
-                                    "./include")
-#
+                            "./include"
+                       PRIV_REQUIRES "${MAIN_WOLFSSL_COMPONENT_NAME}"
+                                     driver
+                                     nvs_flash
+                                     protocol_examples_common)
 
 #
 # LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
@@ -81,7 +93,7 @@ function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
         message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
 
         # the interesting part is defining the VAR_OUPUT name a value to use in the app
-        add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+        add_compile_definitions(${VAR_OUPUT}=\"${VAR_VALUE}\")
     else()
         # if we get here, check the execute_process command and parameters.
         message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT.")
@@ -90,21 +102,28 @@ function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
     endif()
 endfunction() # LIBWOLFSSL_SAVE_INFO
 
+execute_process(
+    COMMAND ${git_cmd} "rev-parse" "--is-inside-work-tree"
+    OUTPUT_VARIABLE IS_GIT_REPO
+    OUTPUT_STRIP_TRAILING_WHITESPACE
+    ERROR_QUIET
+)
+
 # Save some project-specific details. Repo may be different than component, or may not even be a repo at all:
-if(NOT CMAKE_BUILD_EARLY_EXPANSION)
-    # WOLFSSL_EXAMPLE_VERSION_GIT_HASH
+if(NOT CMAKE_BUILD_EARLY_EXPANSION AND (IS_GIT_REPO STREQUAL "true"))
+    # LIBWOLFSSL_VERSION_GIT_HASH
     execute_process(COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
     LIBWOLFSSL_SAVE_INFO(WOLFSSL_EXAMPLE_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
 
-    # WOLFSSL_EXAMPLE_VERSION_GIT_SHORT_HASH
+    # LIBWOLFSSL_VERSION_GIT_SHORT_HASH
     execute_process(COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
-    LIBWOLFSSL_SAVE_INFO(WOLFSSL_EXAMPLE_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
 
-    # WOLFSSL_EXAMPLE_VERSION_GIT_HASH_DATE
+    # LIBWOLFSSL_VERSION_GIT_HASH_DATE
     execute_process(COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES  )
-    LIBWOLFSSL_SAVE_INFO(WOLFSSL_EXAMPLE_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
 endif()
 
 message(STATUS "")
-message("End wolfSSL main CMakeLists.txt")
 
+message(STATUS "End wolfSSL main CMakeLists.txt")

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/Kconfig.projbuild

@@ -34,7 +34,7 @@ choice WOLFSSL_EXAMPLE_CHOOSE
     config WOLFSSL_EXAMPLE_NAME_WOLFSSH_TEMPLATE
         bool "SSH Template App"
         help
-            Bare-bones Hellow World app that only compiles in wolfSSL and wolfSSH.
+            Bare-bones Hello World app that only compiles in wolfSSL and wolfSSH.
             See wolfSSL/wolfssh on GitHub.
 
     config WOLFSSL_EXAMPLE_NAME_WOLFSSH_ECHOSERVER

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/server-tls.h

@@ -53,7 +53,7 @@ WOLFSSL_ESP_TASK tls_smp_server_task(void *args);
 
 /* init will create an RTOS task, otherwise server is simply function call. */
 #if defined(SINGLE_THREADED)
-    /* no init neded */
+    /* no init needed */
 #else
     WOLFSSL_ESP_TASK tls_smp_server_init(void* args);
 #endif

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h

@@ -109,7 +109,7 @@
     ** the config you want - ie #define EXAMPLE_WIFI_SSID "mywifissid"
     */
     #if defined(CONFIG_ESP_WIFI_SSID)
-        /* tyically from ESP32 with ESP-IDF v4 ot v5 */
+        /* tyically from ESP32 with ESP-IDF v4 to v5 */
         #define EXAMPLE_ESP_WIFI_SSID CONFIG_ESP_WIFI_SSID
     #elif defined(CONFIG_EXAMPLE_WIFI_SSID)
         /* typically from ESP8266 rtos-sdk/v3.4 */

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/main.c

@@ -131,9 +131,13 @@ void my_atmel_free(int slotId)
 /* Entry for FreeRTOS */
 void app_main(void)
 {
-    int stack_start = 0;
-    int this_heap = 0;
     esp_err_t ret = 0;
+#ifndef SINGLE_THREADED
+    int this_heap = 0;
+    #ifdef INCLUDE_uxTaskGetStackHighWaterMark
+        int stack_start = 0;
+    #endif
+#endif
     ESP_LOGI(TAG, "---------------- wolfSSL TLS Server Example ------------");
     ESP_LOGI(TAG, "--------------------------------------------------------");
     ESP_LOGI(TAG, "--------------------------------------------------------");
@@ -143,7 +147,7 @@ void app_main(void)
 #if !defined(CONFIG_WOLFSSL_EXAMPLE_NAME_TLS_SERVER)
     ESP_LOGW(TAG, "Warning: Example wolfSSL misconfigured? Check menuconfig.");
 #endif
-#ifdef ESP_SDK_MEM_LIB_VERSION
+#if defined(ESP_SDK_MEM_LIB_VERSION) && defined(DEBUG_WOLFSSL)
     sdk_init_meminfo();
 #endif
 #ifdef ESP_TASK_MAIN_STACK

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/time_helper.c

@@ -185,7 +185,7 @@ int set_time_from_string(const char* time_buffer)
     int quote_offset = 0;
     int ret = 0;
 
-    /* perform some basic sanity checkes */
+    /* perform some basic sanity checks */
     ret = probably_valid_time_string(time_buffer);
     if (ret == ESP_OK) {
         /* we are expecting the string to be encapsulated in single quotes */
@@ -199,7 +199,7 @@ int set_time_from_string(const char* time_buffer)
                     &day, &hour, &minute, &second, &year, &offset);
 
         if (ret == 8) {
-            /* we found a match for all componets */
+            /* we found a match for all components */
 
             const char *months[] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun",
                                      "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"
@@ -263,7 +263,7 @@ int set_time(void)
     esp_show_current_datetime();
 
 #ifdef LIBWOLFSSL_VERSION_GIT_HASH_DATE
-    /* initialy set a default approximate time from recent git commit */
+    /* initially set a default approximate time from recent git commit */
     ESP_LOGI(TAG, "Found git hash date, attempting to set system date: %s",
                    LIBWOLFSSL_VERSION_GIT_HASH_DATE);
     set_time_from_string(LIBWOLFSSL_VERSION_GIT_HASH_DATE"\0");

IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c

@@ -146,7 +146,7 @@ int wifi_init_sta(void)
     };
 
     /* Setting a password implies station will connect to all security modes including WEP/WPA.
-        * However these modes are deprecated and not advisable to be used. Incase your Access point
+        * However these modes are deprecated and not advisable to be used. In case your Access point
         * doesn't support WPA2, these mode can be enabled by commenting below line */
 
     if (strlen((char *)wifi_config.sta.password)) {
@@ -324,7 +324,7 @@ int wifi_init_sta(void)
             .ssid = EXAMPLE_ESP_WIFI_SSID,
             .password = EXAMPLE_ESP_WIFI_PASS,
             /* Authmode threshold resets to WPA2 as default if password matches
-             * WPA2 standards (pasword len => 8). If you want to connect the
+             * WPA2 standards (password len => 8). If you want to connect the
              * device to deprecated WEP/WPA networks, Please set the threshold
              * value WIFI_AUTH_WEP/WIFI_AUTH_WPA_PSK and set the password with
              * length and format matching to WIFI_AUTH_WEP/WIFI_AUTH_WPA_PSK

IDE/Espressif/ESP-IDF/examples/wolfssl_server/sdkconfig.defaults

@@ -7,21 +7,23 @@ CONFIG_WOLFSSL_EXAMPLE_NAME_TLS_SERVER=y
 # Some wolfSSL helpers
 CONFIG_USE_WOLFSSL_ESP_SDK_TIME=y
 
+# sdkconfig.defaults for ESP8266 + ESP32
+# See separate sdkconfig.defaults.esp8266
 # FreeRTOS ticks at 1ms interval
 CONFIG_FREERTOS_UNICORE=y
 CONFIG_FREERTOS_HZ=1000
 CONFIG_ESP32_DEFAULT_CPU_FREQ_240=y
 
 #
-# Default main stack size
+# Default main stack size. See user_settings.h
 #
 # This is typically bigger than needed for stack size.
 # Units are words, not bytes. See user_settings.h
 #
 # For wolfSSL SMALL_STACK, 3072 bytes should be sufficient for benchmark app.
 # When using RSA, assign at least 10500 bytes, otherwise 5500 usually works for others
+# We set this to 28672 for use in the "test everything possible" in the wolfssl_test app.
 CONFIG_ESP_MAIN_TASK_STACK_SIZE=10500
-
 # Legacy stack size for older ESP-IDF versions
 CONFIG_MAIN_TASK_STACK_SIZE=10500
 
@@ -64,8 +66,8 @@ CONFIG_HEAP_DISABLE_IRAM=y
 CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240=y
 
 # Enable wolfSSL TLS in esp-tls
-CONFIG_ESP_TLS_USING_WOLFSSL=y
-CONFIG_TLS_STACK_WOLFSSL=y
+# CONFIG_ESP_TLS_USING_WOLFSSL=y
+# CONFIG_TLS_STACK_WOLFSSL=y
 
 # Bundles take up flash space and are disabled unless otherwise known to be needed
 CONFIG_WOLFSSL_CERTIFICATE_BUNDLE=n
@@ -77,6 +79,25 @@ CONFIG_WOLFSSL_CERTIFICATE_BUNDLE=n
 CONFIG_ESP_TLS_USING_MBEDTLS=n
 CONFIG_MBEDTLS_CERTIFICATE_BUNDLE=n
 
+# Some wolfSSL helpers
+CONFIG_USE_WOLFSSL_ESP_SDK_TIME=n
+
+# CONFIG_ESP_HTTP_CLIENT_ENABLE_HTTPS is not set
+CONFIG_ESP_HTTP_CLIENT_ENABLE_HTTPS=n
+
+# ESP8266 Memory
+CONFIG_FREERTOS_GLOBAL_DATA_LINK_IRAM=y
+CONFIG_HEAP_DISABLE_IRAM=y
+
+# Performance
+# CONFIG_COMPILER_OPTIMIZATION_PERF=y
+
+# Set max COU frequency (falls back as needed for lower maximum)
+CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240=y
+
+# FreeRTOS ticks at 1ms interval
+CONFIG_FREERTOS_UNICORE=y
+CONFIG_FREERTOS_HZ=1000
 
 # Ensure mbedTLS options are disabled
 # CONFIG_MBEDTLS_TLS_SERVER_AND_CLIENT=n

IDE/Espressif/ESP-IDF/examples/wolfssl_test/CMakeLists.txt

@@ -3,10 +3,12 @@
 #
 # The following lines of boilerplate have to be in your project's
 # CMakeLists in this exact order for cmake to work correctly
+message(STATUS "Begin project ${CMAKE_PROJECT_NAME}")
+
 cmake_minimum_required(VERSION 3.16)
 
 # Optional no watchdog typically used for test & benchmark
-add_compile_options(-DWOLFSSL_ESP_NO_WATCHDOG=1)
+add_compile_definitions(WOLFSSL_ESP_NO_WATCHDOG=1)
 
 # The wolfSSL CMake file should be able to find the source code.
 # Otherwise, assign an environment variable or set it here:
@@ -25,34 +27,63 @@ add_compile_options(-DWOLFSSL_ESP_NO_WATCHDOG=1)
 if(WIN32)
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
-    message("Detected Windows")
+    message(STATUS "Detected Windows")
 endif()
 if(CMAKE_HOST_UNIX)
-    message("Detected UNIX")
+    message(STATUS "Detected UNIX")
 endif()
 if(APPLE)
-    message("Detected APPLE")
+    message(STATUS "Detected APPLE")
 endif()
 if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
-    message("Detected WSL")
+    message(STATUS "Detected WSL")
 endif()
 if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
-    message("Detected Linux")
+    message(STATUS "Detected Linux")
 endif()
 if(APPLE)
     # Windows-specific configuration here
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
-    message("Detected Apple")
+    message(STATUS "Detected Apple")
 endif()
 # End optional WOLFSSL_CMAKE_SYSTEM_NAME
 
+# This example uses an extra component for common functions such as Wi-Fi and Ethernet connection.
+# set (PROTOCOL_EXAMPLES_DIR $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+string(REPLACE "\\" "/" PROTOCOL_EXAMPLES_DIR "$ENV{IDF_PATH}/examples/common_components/protocol_examples_common")
+
+if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
+    message(STATUS "Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+    set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
+else()
+    message(STATUS "NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+endif()
+
+# Find the user name to search for possible "wolfssl-username"
+# Reminder: Windows is  %USERNAME%, Linux is $USER
+message(STATUS "USERNAME = $ENV{USERNAME}")
+if(  "$ENV{USER}" STREQUAL "" ) # the bash user
+    if(  "$ENV{USERNAME}" STREQUAL "" ) # the Windows user
+        message(STATUS "could not find USER or USERNAME")
+    else()
+        # the bash user is not blank, so we'll use it.
+        set(THIS_USER "$ENV{USERNAME}")
+    endif()
+else()
+    # the bash user is not blank, so we'll use it.
+    set(THIS_USER "$ENV{USER}")
+endif()
+message(STATUS "THIS_USER = ${THIS_USER}")
+
 # Check that there are not conflicting wolfSSL components
 # The ESP Registry Component will be in ./managed_components/wolfssl__wolfssl
 # The local component wolfSSL directory will be in ./components/wolfssl
+message(STATUS "Checking for wolfSSL as Managed Component or not... ${CMAKE_HOME_DIRECTORY}")
 if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl" )
     # These exclude statements don't seem to be honored by the $ENV{IDF_PATH}/tools/cmake/project.cmake'
     # add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" EXCLUDE_FROM_ALL)
@@ -67,16 +98,46 @@ if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXI
     message(FATAL_ERROR "\nPlease use either the ESP Registry Managed Component or the wolfSSL component directory but not both.\n"
                         "If removing the ./managed_components/wolfssl__wolfssl directory, remember to also remove "
                         "or rename the idf_component.yml file typically found in ./main/")
-else()
+elseif(EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
+    # A standard project component (not a Managed Component)
     message(STATUS "No conflicting wolfSSL components found.")
+    set(WOLFSSL_PATH "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
+elseif(EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl")
+    # The official Managed Component called wolfssl from the wolfssl user.
+    message(STATUS "No conflicting wolfSSL components found as a Managed Component.")
+    set(WOLFSSL_PATH "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl")
+elseif(EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/gojimmypi__mywolfssl")
+    # There is a known gojimmypi staging component available for anyone:
+    message(STATUS "No conflicting wolfSSL components found as a gojimmypi staging Managed Component.")
+elseif(EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/${THIS_USER}__mywolfssl")
+    # Other users with permissions might publish their own mywolfssl staging Managed Component
+    message(STATUS "No conflicting wolfSSL components found as a Managed Component.")
+    set(WOLFSSL_PATH "${CMAKE_HOME_DIRECTORY}/managed_components/${THIS_USER}__mywolfssl")
+else()
+    message(STATUS "WARNING: wolfssl component directory not found.")
 endif()
 
-# Ensure the this wolfSSL component directory is included
-set(WOLFSSL_PATH "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
-list(APPEND EXTRA_COMPONENT_DIRS ${WOLFSSL_PATH})
+# message(STATUS "EXTRA_COMPONENT_DIRS WOLFSSL_PATH: ${WOLFSSL_PATH}")
+# list(APPEND EXTRA_COMPONENT_DIRS ${WOLFSSL_PATH})
 
 # Not only is a project-level "set(COMPONENTS" not needed here, this will cause
 # an unintuitive error about  Unknown CMake command "esptool_py_flash_project_args".
+
+message(STATUS "begin optional PROTOCOL_EXAMPLES_DIR include")
+if(0)
+    # This example uses an extra component for common functions such as Wi-Fi and Ethernet connection.
+    set (PROTOCOL_EXAMPLES_DIR $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+
+    if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
+        message(STATUS "Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+        set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
+    else()
+        message(STATUS "NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+    endif()
+endif()
 include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+message(STATUS "end optional include")
 
 project(wolfssl_test)
+message(STATUS "end project")

IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/CMakeLists.txt

@@ -102,28 +102,28 @@ if(VERBOSE_COMPONENT_MESSAGES)
     if(WIN32)
         # Windows-specific configuration here
         set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
-        message("Detected Windows")
+        message(STATUS "Detected Windows")
     endif()
     if(CMAKE_HOST_UNIX)
-        message("Detected UNIX")
+        message(STATUS "Detected UNIX")
     endif()
     if(APPLE)
-        message("Detected APPLE")
+        message(STATUS "Detected APPLE")
     endif()
     if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
         # Windows-specific configuration here
         set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
-        message("Detected WSL")
+        message(STATUS "Detected WSL")
     endif()
     if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
         # Windows-specific configuration here
         set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
-        message("Detected Linux")
+        message(STATUS "Detected Linux")
     endif()
     if(APPLE)
         # Windows-specific configuration here
         set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
-        message("Detected Apple")
+        message(STATUS "Detected Apple")
     endif()
 endif() # End optional WOLFSSL_CMAKE_SYSTEM_NAME
 
@@ -524,7 +524,7 @@ else()
     set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
 
     string(REPLACE "/" "//" STR_WOLFSSL_PROJECT_DIR "${WOLFSSL_PROJECT_DIR}")
-    add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${STR_WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+    add_compile_definitions(WOLFSSL_USER_SETTINGS_DIR="${STR_WOLFSSL_PROJECT_DIR}/include/user_settings.h")
     message(STATUS "Added definition for user_settings.h: -DWOLFSSL_USER_SETTINGS_DIR=\"${STR_WOLFSSL_PROJECT_DIR}//include//user_settings.h\"")
     # Espressif may take several passes through this makefile. Check to see if we found IDF
     string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
@@ -951,7 +951,7 @@ function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
         message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
 
         # the interesting part is defining the VAR_OUPUT name a value to use in the app
-        add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+        add_compile_definitions(${VAR_OUPUT}=\"${VAR_VALUE}\")
     else()
         # if we get here, check the execute_process command and parameters.
         message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
@@ -959,9 +959,16 @@ function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
     endif()
 endfunction() # LIBWOLFSSL_SAVE_INFO
 
+execute_process(
+    COMMAND ${git_cmd} "rev-parse" "--is-inside-work-tree"
+    OUTPUT_VARIABLE IS_GIT_REPO
+    OUTPUT_STRIP_TRAILING_WHITESPACE
+    ERROR_QUIET
+)
+
 # create some programmatic #define values that will be used by ShowExtendedSystemInfo().
 # see wolfcrypt\src\port\Espressif\esp32_utl.c
-if(NOT CMAKE_BUILD_EARLY_EXPANSION AND WOLFSSL_ROOT)
+if(NOT CMAKE_BUILD_EARLY_EXPANSION AND WOLFSSL_ROOT AND (IS_GIT_REPO STREQUAL "true"))
     set (git_cmd "git")
     message(STATUS "Adding macro definitions:")
 

IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/Kconfig

@@ -41,7 +41,7 @@
 # The maximum length of options is NOT 50 characters as documented.
 #   kconfcheck will complain that options should be 40 at most.
 #
-# Fix option lengths first. Superflous errors on other lines may occur.
+# Fix option lengths first. Superfluous errors on other lines may occur.
 #
 # The maximum length of lines is 120 characters.
 #

IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/component.mk

@@ -82,7 +82,7 @@ WOLFSSL_ROOT := ../../../../../../..
 # "/mnt/c" is 4 directories up:
 #             2 for `./test/demo` from where we run `make`, plus
 #             2 more from the location of `component.mk` located
-#               in `[currect directory]/components/wolfssl`.
+#               in `[current directory]/components/wolfssl`.
 #
 # Thus we need 4 parent reference to find the relative path to wolfSSL:
 # WOLFSSL_ROOT := ../../../../workspace/wolfssl-master
@@ -291,5 +291,5 @@ COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/test
 ## wolfcrypt
 ##
 # COMPONENT_PRIV_INCLUDEDIRS += $(PROJECT_PATH)/components/wolfssl/include
-COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)wolfcrypt/src
+COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/src
 $(info ********** end wolfssl component **********)

IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/include/user_settings.h

@@ -786,7 +786,7 @@
     /***** END CONFIG_IDF_TARGET_ESP8684 *****/
 
 #else
-    /* Anything else encountered, disable HW accleration */
+    /* Anything else encountered, disable HW acceleration */
     #warning "Unexpected CONFIG_IDF_TARGET_NN value"
     #define NO_ESP32_CRYPT
     #define NO_WOLFSSL_ESP32_CRYPT_HASH

IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/CMakeLists.txt

@@ -3,9 +3,121 @@
 #
 # wolfssl crypt test
 #
+message(STATUS "Begin wolfSSL main CMakeLists.txt")
 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
 
-idf_component_register(SRCS
-                         "main.c"
-                       INCLUDE_DIRS
-                         ".")
+if(WIN32)
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
+    message(STATUS "Detected Windows")
+endif()
+if(CMAKE_HOST_UNIX)
+    message(STATUS "Detected UNIX")
+endif()
+if(APPLE)
+    message(STATUS "Detected APPLE")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
+    message(STATUS "Detected WSL")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
+    message(STATUS "Detected Linux")
+endif()
+if(APPLE)
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
+    message(STATUS "Detected Apple")
+endif()
+set (git_cmd "git")
+
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+    #
+    # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
+    #
+    message(STATUS "")
+    message(STATUS "WARNING: Found components/wolfssl in both local project and IDF_PATH")
+    message(STATUS "")
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+endif()
+
+# The wolfSL component name is named "mywolfssl" on the staging site for Managed Components.
+if( NOT EXISTS "../components/wolfssl" AND ("$ENV{IDF_COMPONENT_REGISTRY_URL}" STREQUAL "https://components-staging.espressif.com") )
+    message(STATUS "WARNING: Using a staging instance of wolfssl.")
+    set(MAIN_WOLFSSL_COMPONENT_NAME "mywolfssl")
+else()
+    message(STATUS "Using release wolfssl component.")
+    set(MAIN_WOLFSSL_COMPONENT_NAME "wolfssl")
+endif()
+
+## register_component()
+idf_component_register(SRCS main.c
+                       INCLUDE_DIRS "."
+                            "./include"
+                       PRIV_REQUIRES driver "${MAIN_WOLFSSL_COMPONENT_NAME}")
+
+#
+# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
+#
+# Save the THIS_VAR as a string in a macro called VAR_OUPUT
+#
+# VAR_OUPUT:  the name of the macro to define
+# THIS_VAR:   the OUTPUT_VARIABLE result from a execute_process()
+# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
+#
+function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
+    # is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
+    string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
+
+    # if we had a successful operation, save the THIS_VAR in VAR_OUPUT
+    if(${IS_VALID_VALUE})
+        # strip newline chars in THIS_VAR parameter and save in VAR_VALUE
+        string(REPLACE "\n" ""  VAR_VALUE  ${THIS_VAR})
+
+        # we'll could percolate the value to the parent for possible later use
+        # set(${VAR_OUPUT} ${VAR_VALUE} PARENT_SCOPE)
+
+        # but we're only using it here in this function
+        set(${VAR_OUPUT} ${VAR_VALUE})
+
+        # we'll print what we found to the console
+        message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
+
+        # the interesting part is defining the VAR_OUPUT name a value to use in the app
+        add_compile_definitions(${VAR_OUPUT}=\"${VAR_VALUE}\")
+    else()
+        # if we get here, check the execute_process command and parameters.
+        message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT.")
+        message(STATUS "Setting ${VAR_OUPUT} to \"Unknown\"")
+        set(${VAR_OUPUT} "Unknown")
+    endif()
+endfunction() # LIBWOLFSSL_SAVE_INFO
+
+execute_process(
+    COMMAND ${git_cmd} "rev-parse" "--is-inside-work-tree"
+    OUTPUT_VARIABLE IS_GIT_REPO
+    OUTPUT_STRIP_TRAILING_WHITESPACE
+    ERROR_QUIET
+)
+
+# Save some project-specific details. Repo may be different than component, or may not even be a repo at all:
+if(NOT CMAKE_BUILD_EARLY_EXPANSION AND (IS_GIT_REPO STREQUAL "true"))
+    # LIBWOLFSSL_VERSION_GIT_HASH
+    execute_process(COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_SHORT_HASH
+    execute_process(COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_HASH_DATE
+    execute_process(COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
+endif()
+
+message(STATUS "")
+
+message(STATUS "End wolfSSL main CMakeLists.txt")

IDE/Espressif/ESP-IDF/examples/wolfssl_test/partitions_singleapp_large.csv

@@ -13,7 +13,7 @@ factory, app,  factory, 0x10000, 1500K,
 # For other settings, see:
 # https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/partition-tables.html#creating-custom-tables
 #
-# Here is the summary printed for the “Single factory app, no OTA” configuration:
+# Here is the summary printed for the "Single factory app, no OTA" configuration:
 #
 # # ESP-IDF Partition Table
 # # Name,   Type, SubType, Offset,  Size, Flags
@@ -22,7 +22,7 @@ factory, app,  factory, 0x10000, 1500K,
 # factory,  app,  factory, 0x10000, 1M,
 #
 #
-# Here is the summary printed for the “Factory app, two OTA definitions” configuration:
+# Here is the summary printed for the "Factory app, two OTA definitions" configuration:
 #
 # # ESP-IDF Partition Table
 # # Name,   Type, SubType, Offset,  Size, Flags

IDE/Espressif/ESP-IDF/examples/wolfssl_test/sdkconfig.defaults

@@ -1,13 +1,14 @@
 # Set the known example app config to template example (see user_settings.h)
 CONFIG_WOLFSSL_EXAMPLE_NAME_WOLFSSL_TEST=y
+# CONFIG_EXAMPLE_WIFI_SSID="myssid"
+# CONFIG_EXAMPLE_WIFI_PASSWORD="mypassword"
 
 # Some wolfSSL helpers
 CONFIG_USE_WOLFSSL_ESP_SDK_TIME=y
 
-# sdkconfig.defaults for ESP32. 
+# sdkconfig.defaults for ESP8266 + ESP32
 # See separate sdkconfig.defaults.esp8266
 # Note that during the build process, settings from sdkconfig.defaults will not override those already in sdkconfig.
-# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html#custom-sdkconfig-defaults
 CONFIG_BENCH_ARGV="-lng 0"
 # FreeRTOS ticks at 1ms interval
 CONFIG_FREERTOS_UNICORE=y
@@ -24,8 +25,7 @@ CONFIG_ESP32_DEFAULT_CPU_FREQ_240=y
 # When using RSA, assign at least 10500 bytes, otherwise 5500 usually works for others
 # We set this to 28672 for use in the "test everything possible" in the wolfssl_test app.
 CONFIG_ESP_MAIN_TASK_STACK_SIZE=28672
-
-# Legacy stack size for older ESP-IDF versions
+# Legacy stack size name for older ESP-IDF versions
 CONFIG_MAIN_TASK_STACK_SIZE=28672
 
 #
@@ -67,8 +67,8 @@ CONFIG_HEAP_DISABLE_IRAM=y
 CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240=y
 
 # Enable wolfSSL TLS in esp-tls
-CONFIG_ESP_TLS_USING_WOLFSSL=y
-CONFIG_TLS_STACK_WOLFSSL=y
+# CONFIG_ESP_TLS_USING_WOLFSSL=y
+# CONFIG_TLS_STACK_WOLFSSL=y
 
 # Bundles take up flash space and are disabled unless otherwise known to be needed
 CONFIG_WOLFSSL_CERTIFICATE_BUNDLE=n
@@ -100,6 +100,26 @@ CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240=y
 CONFIG_FREERTOS_UNICORE=y
 CONFIG_FREERTOS_HZ=1000
 
+# Ensure mbedTLS options are disabled
+# CONFIG_MBEDTLS_TLS_SERVER_AND_CLIENT=n
+# CONFIG_MBEDTLS_TLS_CLIENT_ONLY=n
+# CONFIG_MBEDTLS_TLS_SERVER=n
+# CONFIG_MBEDTLS_TLS_CLIENT=n
+# CONFIG_MBEDTLS_HARDWARE_AES=n
+# CONFIG_MBEDTLS_HARDWARE_MPI=n
+# CONFIG_MBEDTLS_HARDWARE_SHA=n
+# CONFIG_MBEDTLS_ROM_MD5=n
+# CONFIG_MBEDTLS_SSL_RENEGOTIATION=n
+# CONFIG_MBEDTLS_SSL_PROTO_TLS1_2=n
+# CONFIG_MBEDTLS_SSL_PROTO_GMTSSL1_1=n
+# CONFIG_MBEDTLS_SSL_ALPN=n
+# CONFIG_MBEDTLS_CLIENT_SSL_SESSION_TICKETS=n
+# CONFIG_MBEDTLS_SERVER_SSL_SESSION_TICKETS=n
+
+# The same-name config is used for both WiFi and client/server TLS, so we cannot disable:
+# CONFIG_MBEDTLS_TLS_ENABLED=n
+# CONFIG_MBEDTLS_TLS_DISABLED=y
+
 #
 # Compiler options
 #

IDE/Espressif/ESP-IDF/setup.sh

@@ -159,4 +159,3 @@ if [ "${WOLFSSL_SETUP_VERBOSE}" == "true" ]; then
   echo "Copy complete!"
 fi
 
-exit 1

IDE/Espressif/ESP-IDF/user_settings.h

@@ -331,7 +331,7 @@
     #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
     /***** END CONFIG_IDF_TARGET_ESP266 *****/
 #else
-    /* Anything else encountered, disable HW accleration */
+    /* Anything else encountered, disable HW acceleration */
     #define NO_ESP32_CRYPT
     #define NO_WOLFSSL_ESP32_CRYPT_HASH
     #define NO_WOLFSSL_ESP32_CRYPT_AES
@@ -359,7 +359,7 @@
 
 /* #define HASH_SIZE_LIMIT */ /* for test.c */
 
-/* #define NO_HW_MATH_TEST */ /* Optionall turn off HW math checks */
+/* #define NO_HW_MATH_TEST */ /* Optionally turn off HW math checks */
 
 /* Optionally include alternate HW test library: alt_hw_test.h */
 /* When enabling, the ./components/wolfssl/CMakeLists.txt file

IDE/GCC-ARM/Source/benchmark_main.c

@@ -39,16 +39,16 @@ int main(void)
 {
     int ret;
 #ifndef NO_CRYPT_BENCHMARK
-	wolfCrypt_Init();
+    wolfCrypt_Init();
 
-	printf("\nBenchmark Test\n");
-	benchmark_test(&args);
+    printf("\nBenchmark Test\n");
+    benchmark_test(&args);
     ret = args.return_code;
-	printf("Benchmark Test: Return code %d\n", ret);
+    printf("Benchmark Test: Return code %d\n", ret);
 
-	wolfCrypt_Cleanup();
+    wolfCrypt_Cleanup();
 #else
     ret = NOT_COMPILED_IN;
 #endif
-	return ret;
+    return ret;
 }

IDE/GCC-ARM/Source/test_main.c

@@ -40,16 +40,16 @@ int main(void)
 {
     int ret;
 #ifndef NO_CRYPT_TEST
-	wolfCrypt_Init();
+    wolfCrypt_Init();
 
-	printf("\nCrypt Test\n");
-	wolfcrypt_test(&args);
+    printf("\nCrypt Test\n");
+    wolfcrypt_test(&args);
     ret = args.return_code;
-	printf("Crypt Test: Return code %d\n", ret);
+    printf("Crypt Test: Return code %d\n", ret);
 
-	wolfCrypt_Cleanup();
+    wolfCrypt_Cleanup();
 #else
     ret = NOT_COMPILED_IN;
 #endif
-	return ret;
+    return ret;
 }

IDE/Gaisler-BCC/README.md

@@ -0,0 +1,65 @@
+# Gaisler BCC
+
+This document outlines how to compile for the Gaisler LEON range of Sparc CPUs
+using the BCC2 toolkit. The steps here should also work for the original BCC.
+
+## Compiler
+
+In the examples in this document, a Linux computer is used as a cross compiler
+and the compilers have been extracted to `/opt`. You can install them elsewhere,
+but please adjust commands accordingly.
+
+### Bare-metal
+
+To compile for bare-metal, you need to download the BCC2 binaries from
+[here](https://www.gaisler.com/index.php/downloads/compilers). You can use
+either the GCC or CLang version, but do note that you will need to set the
+CFLAG `-std=c99` to compile in CLang.
+
+### Linux
+
+For Linux, you will need the "GNU toolchains for LEON and NOEL" from
+[this link](https://www.gaisler.com/index.php/downloads/linux).
+
+## Compiling
+
+### Bare metal
+
+Copy the file `examples/config/user_settings_template.h` to `user_settings.h` in
+the root of the source code. Then edit this to add the following:
+
+```c
+#define WOLFSSL_GAISLER_BCC
+#define WOLFSSL_GENSEED_FORTEST
+```
+
+The first `#define` is only required to compile the wolfCrypt benchmark.
+
+**Note:** that most Gaisler LEON processors do not have a good source of
+entropy for the RNG. It is recommended an external entropy source is used when
+developing for production.
+
+You can then compile with the following. Change `leon5` to the LEON CPU version
+used:
+
+```sh
+export CC=/opt/sparc-bcc-2.3.1-gcc/bin/sparc-gaisler-elf-gcc
+export CXX=/opt/sparc-bcc-2.3.1-gcc/bin/sparc-gaisler-elf-g++
+export CFLAGS="-mcpu=leon5"
+
+./configure --host=sparc --enable-usersettings --disable-examples --enable-static
+make
+```
+
+### Linux
+
+To compile for Linux on the LEON use the following commands:
+
+```sh
+export CC=/opt/sparc-gaisler-linux5.10/bin/sparc-gaisler-linux5.10-gcc
+export CXX=/opt/sparc-gaisler-linux5.10/bin/sparc-gaisler-linux5.10-g++
+export CFLAGS="-mcpu=leon5"
+
+./configure --host=sparc-linux
+make
+```

IDE/Gaisler-BCC/include.am

@@ -0,0 +1,4 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+
+EXTRA_DIST+= IDE/Gaisler-BCC/README.md

IDE/IAR-EWARM/Projects/benchmark/wolfCrypt-benchmark.ewp

@@ -937,7 +937,7 @@
         </option>
         <option>
           <name>IarchiveOutput</name>
-          <state>###Unitialized###</state>
+          <state>###Uninitialized###</state>
         </option>
       </data>
     </settings>

IDE/IAR-EWARM/Projects/lib/wolfSSL-Lib.ewp

@@ -1593,7 +1593,7 @@
         </option>
         <option>
           <name>IlinkOutputFile</name>
-          <state>###Unitialized###</state>
+          <state>###Uninitialized###</state>
         </option>
         <option>
           <name>IlinkDebugInfoEnable</name>
@@ -1879,7 +1879,7 @@
         </option>
         <option>
           <name>IarchiveOutput</name>
-          <state>###Unitialized###</state>
+          <state>###Uninitialized###</state>
         </option>
       </data>
     </settings>

IDE/IAR-EWARM/Projects/test/wolfCrypt-test.ewp

@@ -937,7 +937,7 @@
         </option>
         <option>
           <name>IarchiveOutput</name>
-          <state>###Unitialized###</state>
+          <state>###Uninitialized###</state>
         </option>
       </data>
     </settings>

IDE/IAR-EWARM/embOS/SAMV71_XULT/embOS_wolfcrypt_benchmark_SAMV71_XULT/wolfcrypt_benchmark.ewp

@@ -958,7 +958,7 @@
         </option>
         <option>
           <name>IarchiveOutput</name>
-          <state>###Unitialized###</state>
+          <state>###Uninitialized###</state>
         </option>
       </data>
     </settings>
@@ -1627,7 +1627,7 @@
         </option>
         <option>
           <name>IlinkOutputFile</name>
-          <state>###Unitialized###</state>
+          <state>###Uninitialized###</state>
         </option>
         <option>
           <name>IlinkDebugInfoEnable</name>
@@ -1917,7 +1917,7 @@
         </option>
         <option>
           <name>IarchiveOutput</name>
-          <state>###Unitialized###</state>
+          <state>###Uninitialized###</state>
         </option>
       </data>
     </settings>

IDE/IAR-EWARM/embOS/SAMV71_XULT/embOS_wolfcrypt_lib_SAMV71_XULT/wolfcrypt_lib.ewp

@@ -1624,7 +1624,7 @@
         </option>
         <option>
           <name>IlinkOutputFile</name>
-          <state>###Unitialized###</state>
+          <state>###Uninitialized###</state>
         </option>
         <option>
           <name>IlinkDebugInfoEnable</name>
@@ -1914,7 +1914,7 @@
         </option>
         <option>
           <name>IarchiveOutput</name>
-          <state>###Unitialized###</state>
+          <state>###Uninitialized###</state>
         </option>
       </data>
     </settings>

IDE/IAR-EWARM/embOS/SAMV71_XULT/embOS_wolfcrypt_test_SAMV71_XULT/wolfcrypt_test.ewp

@@ -958,7 +958,7 @@
         </option>
         <option>
           <name>IarchiveOutput</name>
-          <state>###Unitialized###</state>
+          <state>###Uninitialized###</state>
         </option>
       </data>
     </settings>
@@ -1627,7 +1627,7 @@
         </option>
         <option>
           <name>IlinkOutputFile</name>
-          <state>###Unitialized###</state>
+          <state>###Uninitialized###</state>
         </option>
         <option>
           <name>IlinkDebugInfoEnable</name>
@@ -1917,7 +1917,7 @@
         </option>
         <option>
           <name>IarchiveOutput</name>
-          <state>###Unitialized###</state>
+          <state>###Uninitialized###</state>
         </option>
       </data>
     </settings>

IDE/MPLABX16/README.md

@@ -38,7 +38,7 @@ steps below to generate that code.
 2. Set the Project path to the wolfSSL/IDE/MPLABX16 and enter your PIC device
 into the interface.
 
-3. Select MCC Clasic as the content type and click `Finish`.
+3. Select MCC Classic as the content type and click `Finish`.
 
 4. Under the Device Resources section, find the UART entry and add the UART1
 peripheral.

IDE/MPLABX16/wolfcrypt_test.X/Makefile

@@ -22,7 +22,7 @@
 #     clean                    remove built files from a configuration
 #     clobber                  remove all built files
 #     all                      build all configurations
-#     help                     print help mesage
+#     help                     print help message
 #  
 #  Targets .build-impl, .clean-impl, .clobber-impl, .all-impl, and
 #  .help-impl are implemented in nbproject/makefile-impl.mk.

IDE/MPLABX16/wolfssl.X/Makefile

@@ -22,7 +22,7 @@
 #     clean                    remove built files from a configuration
 #     clobber                  remove all built files
 #     all                      build all configurations
-#     help                     print help mesage
+#     help                     print help message
 #  
 #  Targets .build-impl, .clean-impl, .clobber-impl, .all-impl, and
 #  .help-impl are implemented in nbproject/makefile-impl.mk.