diff --git a/src/internal.c b/src/internal.c
index ee83663f2..370bde84d 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -19592,8 +19592,6 @@ int DecodePrivateKey(WOLFSSL *ssl, word16* length)
 #if !defined(NO_RSA) || defined(HAVE_ECC) || defined(HAVE_ED25519)
     int      keySz;
     word32   idx;
-    (void)idx;
-    (void)keySz;
 #else
     (void)length;
 #endif
@@ -19720,6 +19718,8 @@ int DecodePrivateKey(WOLFSSL *ssl, word16* length)
     }
 #endif
 
+    (void)idx;
+    (void)keySz;
 exit_dpk:
     return ret;
 }
diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c
index afe768445..e8ee908aa 100644
--- a/wolfcrypt/src/aes.c
+++ b/wolfcrypt/src/aes.c
@@ -787,7 +787,7 @@
         }
     #endif /* HAVE_AES_DECRYPT */
 
-#elif defined(WOLFSSL_IMX6_CAAM)
+#elif defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_AES)
         static int wc_AesEncrypt(Aes* aes, const byte* inBlock, byte* outBlock)
         {
             wc_AesEncryptDirect(aes, outBlock, inBlock);
@@ -1991,7 +1991,7 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
         return wc_AesSetKey(aes, userKey, keylen, iv, dir);
     }
 
-#elif defined(WOLFSSL_IMX6_CAAM)
+#elif defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_AES)
       /* implemented in wolfcrypt/src/port/caam/caam_aes.c */
 
 #else
@@ -2305,7 +2305,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
                 key, keySize, kLTC_EncryptKey);
         }
 
-    #elif defined(WOLFSSL_IMX6_CAAM)
+    #elif defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_AES)
         /* implemented in wolfcrypt/src/port/caam/caam_aes.c */
 
     #else
@@ -2875,7 +2875,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
     }
     #endif /* HAVE_AES_DECRYPT */
 
-#elif defined(WOLFSSL_IMX6_CAAM)
+#elif defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_AES)
       /* implemented in wolfcrypt/src/port/caam/caam_aes.c */
 
 #else
@@ -3050,7 +3050,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
 #endif /* HAVE_AES_CBC */
 
 #ifdef HAVE_AES_ECB
-#ifdef WOLFSSL_IMX6_CAAM
+#if defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_AES)
     /* implemented in wolfcrypt/src/port/caam/caam_aes.c */
 #else
 
@@ -3274,7 +3274,7 @@ int wc_AesEcbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
             return 0;
         }
 
-    #elif defined(WOLFSSL_IMX6_CAAM)
+    #elif defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_AES)
         /* implemented in wolfcrypt/src/port/caam/caam_aes.c */
 
     #else
@@ -7332,7 +7332,7 @@ int wc_AesCcmSetKey(Aes* aes, const byte* key, word32 keySz)
 #if defined(HAVE_COLDFIRE_SEC)
     #error "Coldfire SEC doesn't currently support AES-CCM mode"
 
-#elif defined(WOLFSSL_IMX6_CAAM)
+#elif defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_AES)
     /* implemented in wolfcrypt/src/port/caam_aes.c */
 
 #elif defined(FREESCALE_LTC)
diff --git a/wolfcrypt/src/include.am b/wolfcrypt/src/include.am
index 80defcdad..3e0b5abb8 100644
--- a/wolfcrypt/src/include.am
+++ b/wolfcrypt/src/include.am
@@ -59,7 +59,8 @@ EXTRA_DIST += wolfcrypt/src/port/ti/ti-aes.c \
               wolfcrypt/src/port/caam/caam_aes.c \
               wolfcrypt/src/port/caam/caam_driver.c \
               wolfcrypt/src/port/caam/caam_init.c \
-              wolfcrypt/src/port/caam/caam_sha.c
+              wolfcrypt/src/port/caam/caam_sha.c \
+              wolfcrypt/src/port/caam/caam_doc.pdf
 
 if BUILD_CAVIUM
 src_libwolfssl_la_SOURCES += wolfcrypt/src/port/cavium/cavium_nitrox.c
diff --git a/wolfcrypt/src/md5.c b/wolfcrypt/src/md5.c
index 3097c5337..ab710aa9e 100644
--- a/wolfcrypt/src/md5.c
+++ b/wolfcrypt/src/md5.c
@@ -225,7 +225,7 @@ static INLINE void AddLength(wc_Md5* md5, word32 len);
     #include <wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h>
     #define HAVE_MD5_CUST_API
 
-#elif defined(WOLFSSL_IMX6_CAAM)
+#elif defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_HASH)
     /* functions implemented in wolfcrypt/src/port/caam/caam_sha.c */
     #define HAVE_MD5_CUST_API
 #else
diff --git a/wolfcrypt/src/port/caam/README.md b/wolfcrypt/src/port/caam/README.md
new file mode 100644
index 000000000..eef8b8cde
--- /dev/null
+++ b/wolfcrypt/src/port/caam/README.md
@@ -0,0 +1 @@
+See caam_doc.pdf for documentation about building and using.
diff --git a/wolfcrypt/src/port/caam/caam_aes.c b/wolfcrypt/src/port/caam/caam_aes.c
index a2f1ca9cf..baef92d4e 100644
--- a/wolfcrypt/src/port/caam/caam_aes.c
+++ b/wolfcrypt/src/port/caam/caam_aes.c
@@ -22,7 +22,8 @@
 
 #include <wolfssl/wolfcrypt/settings.h>
 
-#if defined(WOLFSSL_IMX6_CAAM) && !defined(NO_AES)
+#if defined(WOLFSSL_IMX6_CAAM) && !defined(NO_AES) && \
+   !defined(NO_IMX6_CAAM_AES)
 
 #include <wolfssl/wolfcrypt/logging.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
diff --git a/wolfcrypt/src/port/caam/caam_doc.pdf b/wolfcrypt/src/port/caam/caam_doc.pdf
new file mode 100644
index 000000000..821363441
Binary files /dev/null and b/wolfcrypt/src/port/caam/caam_doc.pdf differ
diff --git a/wolfcrypt/src/port/caam/caam_init.c b/wolfcrypt/src/port/caam/caam_init.c
index 6ba5e062e..b96cc42bc 100644
--- a/wolfcrypt/src/port/caam/caam_init.c
+++ b/wolfcrypt/src/port/caam/caam_init.c
@@ -179,7 +179,8 @@ void wc_caamWriteRegister(word32 reg, word32 value)
 
 
 /* return 0 on success and WC_HW_E on failure. Can also return WC_HW_WAIT_E
- * in the case that the driver is waiting for a resource. */
+ * in the case that the driver is waiting for a resource or RAN_BLOCK_E if
+ * waiting for entropy. */
 int wc_caamAddAndWait(Buffer* buf, word32 arg[4], word32 type)
 {
     int ret;
@@ -196,6 +197,11 @@ int wc_caamAddAndWait(Buffer* buf, word32 arg[4], word32 type)
 
         /* if waiting for resource or RNG return waiting */
         if (ret == Waiting) {
+            WOLFSSL_MSG("Waiting on entropy from driver");
+            return RAN_BLOCK_E;
+        }
+
+        if (ret == ResourceNotAvailable) {
             WOLFSSL_MSG("Waiting on CAAM driver");
             return WC_HW_WAIT_E;
         }
diff --git a/wolfcrypt/src/port/caam/caam_sha.c b/wolfcrypt/src/port/caam/caam_sha.c
index bbd048321..c61ed6324 100644
--- a/wolfcrypt/src/port/caam/caam_sha.c
+++ b/wolfcrypt/src/port/caam/caam_sha.c
@@ -22,7 +22,7 @@
 
 #include <wolfssl/wolfcrypt/settings.h>
 
-#if defined(WOLFSSL_IMX6_CAAM)
+#if defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_HASH)
 
 #include <wolfssl/wolfcrypt/logging.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c
index dec607666..677d866a1 100644
--- a/wolfcrypt/src/random.c
+++ b/wolfcrypt/src/random.c
@@ -1637,7 +1637,7 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
     {
         Buffer buf[1];
         int ret  = 0;
-        int times = 10, i;
+        int times = 1000, i;
 
         (void)os;
 
@@ -1657,10 +1657,10 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
             }
 
             /* driver could be waiting for entropy */
-            if (ret != WC_HW_WAIT_E) {
+            if (ret != RAN_BLOCK_E) {
                 return ret;
             }
-            sleep(1);
+            usleep(100);
         }
 
         if (i == times && ret != Success) {
diff --git a/wolfcrypt/src/sha.c b/wolfcrypt/src/sha.c
index e62719282..1c94f708e 100644
--- a/wolfcrypt/src/sha.c
+++ b/wolfcrypt/src/sha.c
@@ -316,7 +316,7 @@ static INLINE void AddLength(wc_Sha* sha, word32 len);
         return ret;
     }
 
-#elif defined(WOLFSSL_IMX6_CAAM)
+#elif defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_HASH)
     /* wolfcrypt/src/port/caam/caam_sha.c */
 #else
 
diff --git a/wolfcrypt/src/sha256.c b/wolfcrypt/src/sha256.c
index 60406e59d..776305e6d 100644
--- a/wolfcrypt/src/sha256.c
+++ b/wolfcrypt/src/sha256.c
@@ -118,7 +118,7 @@
 static INLINE void AddLength(wc_Sha256* sha256, word32 len);
 
 #if !defined(WOLFSSL_PIC32MZ_HASH) && !defined(STM32_HASH) && \
-    !defined(WOLFSSL_IMX6_CAAM)
+    (!defined(WOLFSSL_IMX6_CAAM) || defined(NO_IMX6_CAAM_HASH))
 static int InitSha256(wc_Sha256* sha256)
 {
     int ret = 0;
@@ -519,7 +519,7 @@ static int InitSha256(wc_Sha256* sha256)
 
         return ret;
     }
-#elif defined(WOLFSSL_IMX6_CAAM)
+#elif defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_HASH)
     /* functions defined in wolfcrypt/src/port/caam/caam_sha256.c */
 #else
     #define NEED_SOFT_SHA256
@@ -2708,7 +2708,7 @@ SHA256_NOINLINE static int Transform_Sha256_AVX2_RORX_Len(wc_Sha256* sha256,
         return ret;
     }
 
-#elif defined(WOLFSSL_IMX6_CAAM)
+#elif defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_HASH)
     /* functions defined in wolfcrypt/src/port/caam/caam_sha256.c */
 #else
 
diff --git a/wolfcrypt/src/sha512.c b/wolfcrypt/src/sha512.c
index 73b2f9cd3..c954a816e 100644
--- a/wolfcrypt/src/sha512.c
+++ b/wolfcrypt/src/sha512.c
@@ -168,7 +168,7 @@
         }
 #endif
 
-#ifdef WOLFSSL_IMX6_CAAM /* hardware */
+#if defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_HASH)
     /* functions defined in wolfcrypt/src/port/caam/caam_sha.c */
 #else
 
@@ -2545,7 +2545,7 @@ static int Transform_Sha512_AVX2_RORX_Len(wc_Sha512* sha512, word32 len)
 /* -------------------------------------------------------------------------- */
 #ifdef WOLFSSL_SHA384
 
-#ifdef WOLFSSL_IMX6_CAAM /* hardware */
+#if defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_HASH)
     /* functions defined in wolfcrypt/src/port/caam/caam_sha.c */
 #else