diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/Kinetis_FlashPlacement.xml b/IDE/ROWLEY-CROSSWORKS-ARM/Kinetis_FlashPlacement.xml
new file mode 100644
index 000000000..0d63056b2
--- /dev/null
+++ b/IDE/ROWLEY-CROSSWORKS-ARM/Kinetis_FlashPlacement.xml
@@ -0,0 +1,29 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/Kinetis_MemoryMap.xml b/IDE/ROWLEY-CROSSWORKS-ARM/Kinetis_MemoryMap.xml
new file mode 100644
index 000000000..562fdb70f
--- /dev/null
+++ b/IDE/ROWLEY-CROSSWORKS-ARM/Kinetis_MemoryMap.xml
@@ -0,0 +1,11 @@
+
+
+
+
+
+
+
+
+
+
+
diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/README.md b/IDE/ROWLEY-CROSSWORKS-ARM/README.md
new file mode 100644
index 000000000..14bf47c3b
--- /dev/null
+++ b/IDE/ROWLEY-CROSSWORKS-ARM/README.md
@@ -0,0 +1,52 @@
+# Rowley CrossWorks ARM Project for wolfSSL and wolfCrypt
+
+This directory contains a CrossWorks solution named wolfssl.hzp.
+
+Inside are three projects:
+
+1. libwolfssl:
+This generates a library file named "libwolfssl_ARM_Debug/libwolfssl_v7em_t_le_eabi.a"
+2. benchmark:
+This is a sample benchmark application. It runs the "benchmark_test" suite repeatedly until a failure occurs.
+3. test:
+This is a sample test application. It runs "wolfcrypt_test" suite suite repeatedly until a failure occurs.
+
+# Prerequisits
+
+You will need to install the "Freescale Kinetis CPU Support Package" in the
+Rowley Package Manager under Tools -> Pacakge Manager.
+
+# Harware Support
+
+All hardware functions are defined in `kinetis_hw.c` and are currently setup for a Freescale Kinetis K64 Coretx-M4 microcontroller. This file can be customized to work with other Kinetis microcontrollers by editing the top part of the file. Testing for this project was done with the Freescale Kinetis `MK64FN1M0xxx12` using the `TWR-K64F120M`.
+
+To create support for a new ARM microcontroller the functions in `hw.h` will need to be implemented.
+
+Also you will need to configure the ARM Architecture and ARM Core Type in the "Solution Properties" -> "ARM".
+Also the "Target Processor" in each of the projects ("Project Properties" -> "Target Processor")
+
+## Hardware Crypto Acceleration
+
+To enable Freescale MMCAU:
+
+1. [Download the MMCAU library](http://www.freescale.com/products/arm-processors/kinetis-cortex-m/k-series/k7x-glcd-mcus/crypto-acceleration-unit-cau-and-mmcau-software-library:CAUAP).
+2. Copy the `lib_mmcau.a` and `cau_api.h` files into the project.
+3. Add `-L $(ProjectDir) -l lib_mmcau.a` to project "Additional Linker Options" OR goto "Build Configuration" and check "MMCAU".
+4. Enable the "FREESCALE_MMCAU" define in "user_settings.h" and make sure its value is 1.
+
+# Project Files
+
+* `arm_startup.c`: Handles startup from `reset_handler`. Disabled watchdog, initializes sections, initializes heap, starts harware and starts main.
+* `benchmark_main.c`: The main function entrypoint for benchmark application.
+* `hw.h`: The hardware API interface. These hardware interface functions are required for all platforms.
+* `kinetis_hw.c`: The most basic hardware implementation required for Kinetis.
+* `test_main.c`: The main function entrypoint for test application.
+* `user_libc.c`: Defines stubs for functions required by libc. It also wraps hardware functions for UART, RTC and Random Number Generator (RNG).
+* `user_settings.h`: This is the custom user configuration file for WolfSSL.
+
+# Functions required by the WolfSSL Library
+
+If you are writting your own application, the following functions need to be implemented to support the WolfSSL library:
+
+* `double current_time(int reset)`: Returns a doulbe as seconds.milliseconds.
+* `int custom_rand_generate(void)`: Returns a 32-bit randomly generated number.
diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/arm_startup.c b/IDE/ROWLEY-CROSSWORKS-ARM/arm_startup.c
new file mode 100644
index 000000000..faab65705
--- /dev/null
+++ b/IDE/ROWLEY-CROSSWORKS-ARM/arm_startup.c
@@ -0,0 +1,198 @@
+/* arm_startup.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#include "hw.h"
+#include
+
+// Memory initialization
+extern uint32_t __data_load_start__[];
+extern uint32_t __data_start__[];
+extern uint32_t __data_end__[];
+
+extern uint32_t __bss_start__[];
+extern uint32_t __bss_end__[];
+
+extern uint32_t __fast_load_start__[];
+extern uint32_t __fast_start__[];
+extern uint32_t __fast_end__[];
+
+extern uint32_t __stack_process_end__[];
+
+extern uint32_t __heap_start__[];
+extern uint32_t __heap_end__[];
+
+// Copy memory: src=Source, dst_beg=Destination Begin, dst_end=Destination End
+void memcpy32(uint32_t* src, uint32_t* dst_beg, uint32_t* dst_end)
+{
+ while (dst_beg < dst_end) {
+ *dst_beg++ = *src++;
+ }
+}
+// Zero address in range
+void meminit32(uint32_t* start, uint32_t* end)
+{
+ while (start < end) {
+ *start++ = 0;
+ }
+}
+
+// Entry Point
+void reset_handler(void)
+{
+ // Disable Watchdog
+ hw_watchdog_disable();
+
+ // Init sections
+ memcpy32(__data_load_start__, __data_start__, __data_end__);
+ meminit32(__bss_start__, __bss_end__);
+ memcpy32(__fast_load_start__, __fast_start__, __fast_end__);
+
+ // Init heap
+ __heap_start__[0] = 0;
+ __heap_start__[1] = ((uint32_t)__heap_end__ - (uint32_t)__heap_start__);
+
+ // Init hardware
+ hw_init();
+
+ // Start main
+ extern void main(void);
+ main();
+
+ // Application has ended, so busy wait
+ while(1);
+}
+
+// Vector Exception/Interrupt Handlers
+static void Default_Handler(void)
+{
+}
+
+void HardFault_HandlerC( uint32_t *hardfault_args )
+{
+ /* These are volatile to try and prevent the compiler/linker optimizing them
+ away as the variables never actually get used. If the debugger won't show the
+ values of the variables, make them global my moving their declaration outside
+ of this function. */
+ volatile uint32_t stacked_r0;
+ volatile uint32_t stacked_r1;
+ volatile uint32_t stacked_r2;
+ volatile uint32_t stacked_r3;
+ volatile uint32_t stacked_r12;
+ volatile uint32_t stacked_lr;
+ volatile uint32_t stacked_pc;
+ volatile uint32_t stacked_psr;
+ volatile uint32_t _CFSR;
+ volatile uint32_t _HFSR;
+ volatile uint32_t _DFSR;
+ volatile uint32_t _AFSR;
+ volatile uint32_t _BFAR;
+ volatile uint32_t _MMAR;
+
+ stacked_r0 = ((uint32_t)hardfault_args[0]);
+ stacked_r1 = ((uint32_t)hardfault_args[1]);
+ stacked_r2 = ((uint32_t)hardfault_args[2]);
+ stacked_r3 = ((uint32_t)hardfault_args[3]);
+ stacked_r12 = ((uint32_t)hardfault_args[4]);
+ stacked_lr = ((uint32_t)hardfault_args[5]);
+ stacked_pc = ((uint32_t)hardfault_args[6]);
+ stacked_psr = ((uint32_t)hardfault_args[7]);
+
+ // Configurable Fault Status Register
+ // Consists of MMSR, BFSR and UFSR
+ _CFSR = (*((volatile uint32_t *)(0xE000ED28)));
+
+ // Hard Fault Status Register
+ _HFSR = (*((volatile uint32_t *)(0xE000ED2C)));
+
+ // Debug Fault Status Register
+ _DFSR = (*((volatile uint32_t *)(0xE000ED30)));
+
+ // Auxiliary Fault Status Register
+ _AFSR = (*((volatile uint32_t *)(0xE000ED3C)));
+
+ // Read the Fault Address Registers. These may not contain valid values.
+ // Check BFARVALID/MMARVALID to see if they are valid values
+ // MemManage Fault Address Register
+ _MMAR = (*((volatile uint32_t *)(0xE000ED34)));
+ // Bus Fault Address Register
+ _BFAR = (*((volatile uint32_t *)(0xE000ED38)));
+
+ printf ("\n\nHard fault handler (all numbers in hex):\n");
+ printf ("R0 = %x\n", stacked_r0);
+ printf ("R1 = %x\n", stacked_r1);
+ printf ("R2 = %x\n", stacked_r2);
+ printf ("R3 = %x\n", stacked_r3);
+ printf ("R12 = %x\n", stacked_r12);
+ printf ("LR [R14] = %x subroutine call return address\n", stacked_lr);
+ printf ("PC [R15] = %x program counter\n", stacked_pc);
+ printf ("PSR = %x\n", stacked_psr);
+ printf ("CFSR = %x\n", _CFSR);
+ printf ("HFSR = %x\n", _HFSR);
+ printf ("DFSR = %x\n", _DFSR);
+ printf ("AFSR = %x\n", _AFSR);
+ printf ("MMAR = %x\n", _MMAR);
+ printf ("BFAR = %x\n", _BFAR);
+
+ // Break into the debugger
+ __asm("BKPT #0\n");
+}
+
+__attribute__( ( naked ) )
+void HardFault_Handler(void)
+{
+ __asm volatile
+ (
+ " tst lr, #4 \n"
+ " ite eq \n"
+ " mrseq r0, msp \n"
+ " mrsne r0, psp \n"
+ " ldr r1, [r0, #24] \n"
+ " ldr r2, handler2_address_const \n"
+ " bx r2 \n"
+ " handler2_address_const: .word HardFault_HandlerC \n"
+ );
+}
+
+// Vectors
+typedef void (*vector_entry)(void);
+const vector_entry vectors[] __attribute__ ((section(".vectors"),used)) =
+{
+ /* Interrupt Vector Table Function Pointers */
+ // Address Vector IRQ Source module Source description
+ (vector_entry)__stack_process_end__, // ARM core Initial Supervisor SP
+ reset_handler, // 0x0000_0004 1 - ARM core Initial Program Counter
+ Default_Handler, // 0x0000_0008 2 - ARM core Non-maskable Interrupt (NMI)
+ HardFault_Handler, // 0x0000_000C 3 - ARM core Hard Fault
+ Default_Handler, // 0x0000_0010 4 -
+ HardFault_Handler, // 0x0000_0014 5 - ARM core Bus Fault
+ HardFault_Handler, // 0x0000_0018 6 - ARM core Usage Fault
+ Default_Handler, // 0x0000_001C 7 -
+ Default_Handler, // 0x0000_0020 8 -
+ Default_Handler, // 0x0000_0024 9 -
+ Default_Handler, // 0x0000_0028 10 -
+ Default_Handler, // 0x0000_002C 11 - ARM core Supervisor call (SVCall)
+ Default_Handler, // 0x0000_0030 12 - ARM core Debug Monitor
+ Default_Handler, // 0x0000_0034 13 -
+ Default_Handler, // 0x0000_0038 14 - ARM core Pendable request for system service (PendableSrvReq)
+ Default_Handler, // 0x0000_003C 15 - ARM core System tick timer (SysTick)
+
+ // Add specific driver interrupt handlers below
+};
diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/benchmark_main.c b/IDE/ROWLEY-CROSSWORKS-ARM/benchmark_main.c
new file mode 100644
index 000000000..584acf933
--- /dev/null
+++ b/IDE/ROWLEY-CROSSWORKS-ARM/benchmark_main.c
@@ -0,0 +1,69 @@
+/* benchmark_main.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include
+#endif
+
+#include
+#include
+
+typedef struct func_args {
+ int argc;
+ char** argv;
+ int return_code;
+} func_args;
+
+static func_args args = { 0 } ;
+
+extern double current_time(int reset) ;
+extern int benchmark_test(void *args) ;
+
+void main(void)
+{
+ int test_num = 0;
+
+ do
+ {
+ printf("\nBenchmark Test %d:\n", test_num);
+ benchmark_test(&args);
+ printf("Benchmark Test %d: Return code %d\n", test_num, args.return_code);
+
+ test_num++;
+ } while(args.return_code == 0);
+}
+
+/*
+SAMPLE OUTPUT: Freescale K64 running at 96MHz with no MMCAU:
+Benchmark Test 1:
+AES 25 kB took 0.073 seconds, 0.334 MB/s
+ARC4 25 kB took 0.033 seconds, 0.740 MB/s
+RABBIT 25 kB took 0.027 seconds, 0.904 MB/s
+3DES 25 kB took 0.375 seconds, 0.065 MB/s
+MD5 25 kB took 0.016 seconds, 1.526 MB/s
+SHA 25 kB took 0.044 seconds, 0.555 MB/s
+SHA-256 25 kB took 0.119 seconds, 0.205 MB/s
+RSA 1024 encryption took 91.000 milliseconds, avg over 1 iterations
+RSA 1024 decryption took 573.000 milliseconds, avg over 1 iterations
+DH 1024 key generation 253.000 milliseconds, avg over 1 iterations
+DH 1024 key agreement 311.000 milliseconds, avg over 1 iterations
+Benchmark Test 1: Return code 0
+*/
diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/hw.h b/IDE/ROWLEY-CROSSWORKS-ARM/hw.h
new file mode 100644
index 000000000..3a9bea546
--- /dev/null
+++ b/IDE/ROWLEY-CROSSWORKS-ARM/hw.h
@@ -0,0 +1,13 @@
+#pragma once
+
+#include <__cross_studio_io.h>
+#include <__libc.h>
+#include
+
+// Generic HW API
+void hw_init(void);
+uint32_t hw_get_time_sec(void);
+uint32_t hw_get_time_msec(void);
+void hw_uart_printchar(int c);
+void hw_watchdog_disable(void);
+int hw_rand(void);
diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/include.am b/IDE/ROWLEY-CROSSWORKS-ARM/include.am
new file mode 100644
index 000000000..d7b17a037
--- /dev/null
+++ b/IDE/ROWLEY-CROSSWORKS-ARM/include.am
@@ -0,0 +1,15 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST+= IDE/ROWLEY-CROSSWORKS-ARM/arm_startup.c
+EXTRA_DIST+= IDE/ROWLEY-CROSSWORKS-ARM/benchmark_main.c
+EXTRA_DIST+= IDE/ROWLEY-CROSSWORKS-ARM/hw.h
+EXTRA_DIST+= IDE/ROWLEY-CROSSWORKS-ARM/kinetis_hw.c
+EXTRA_DIST+= IDE/ROWLEY-CROSSWORKS-ARM/Kinetis_MemoryMap.xml
+EXTRA_DIST+= IDE/ROWLEY-CROSSWORKS-ARM/Kinetis_FlashPlacement.xml
+EXTRA_DIST+= IDE/ROWLEY-CROSSWORKS-ARM/README.md
+EXTRA_DIST+= IDE/ROWLEY-CROSSWORKS-ARM/test_main.c
+EXTRA_DIST+= IDE/ROWLEY-CROSSWORKS-ARM/user_libc.c
+EXTRA_DIST+= IDE/ROWLEY-CROSSWORKS-ARM/user_settings.h
+EXTRA_DIST+= IDE/ROWLEY-CROSSWORKS-ARM/wolfssl.hzp
diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/kinetis_hw.c b/IDE/ROWLEY-CROSSWORKS-ARM/kinetis_hw.c
new file mode 100644
index 000000000..f8fe62441
--- /dev/null
+++ b/IDE/ROWLEY-CROSSWORKS-ARM/kinetis_hw.c
@@ -0,0 +1,213 @@
+/* kinetis_hw.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#include "hw.h"
+
+#if defined(FREESCALE) && defined(K_SERIES)
+
+
+/**********************************************
+ * NOTE: Customize for actual hardware
+ **********************************************/
+
+// CPU include for Rowley CrossWorks packages
+// $(TargetsDir) location:
+// On Mac OS/X: Users/USERNAME/Library/Rowley Associates Limited/CrossWorks for ARM/packages/targets/
+// On Windows: C:/Users/USERNAME/Application Data/Local/Rowley Associates Limited/CrossWorks for ARM/packages/targets/
+#include // Located in $(TargetsDir)/Kinetis/CMSIS/
+
+// System clock
+#define SYS_CLK_KHZ 96000ul /* Core system clock in KHz */
+#define SYS_CLK_DRS MCG_C4_DRST_DRS(0x03) /* DRS 0=24MHz, 1=48MHz, 2=72MHz, 3=96MHz */
+#define SYS_CLK_DMX MCG_C4_DMX32_MASK /* 0=Disable DMX32 (lower actual speed), MCG_C4_DMX32_MASK=Enable DMX32 */
+#define SYS_CLK_DIV 1 /* System clock divisor */
+#define BUS_CLK_DIV 2 /* Bus clock divisor */
+#define BUS_CLK_KHZ (SYS_CLK_KHZ/BUS_CLK_DIV) /* Helper to calculate bus speed for UART */
+#define FLASH_CLK_DIV 4 /* Flash clock divisor */
+
+// UART TX Port, Pin, Mux and Baud
+#define UART_PORT UART5 /* UART Port */
+#define UART_TX_PORT PORTE /* UART TX Port */
+#define UART_TX_PIN 8 /* UART TX Pin */
+#define UART_TX_MUX 0x3 /* Kinetis UART pin mux */
+#define UART_BAUD 115200 /* UART Baud Rate */
+/* Note: You will also need to update the UART clock gate in hw_uart_init (SIM_SCGC1_UART5_MASK) */
+/* Note: TWR-K60 is UART3, PTC17 */
+
+/***********************************************/
+
+// Private functions
+static void hw_mcg_init(void)
+{
+ /* Adjust clock dividers (core/system=div/1, bus=div/2, flex bus=div/2, flash=div/4) */
+ SIM->CLKDIV1 = SIM_CLKDIV1_OUTDIV1(SYS_CLK_DIV-1) | SIM_CLKDIV1_OUTDIV2(BUS_CLK_DIV-1) |
+ SIM_CLKDIV1_OUTDIV3(BUS_CLK_DIV-1) | SIM_CLKDIV1_OUTDIV4(FLASH_CLK_DIV-1);
+
+ /* Configure FEI internal clock speed */
+ MCG->C4 = (SYS_CLK_DMX | SYS_CLK_DRS);
+ while((MCG->C4 & (MCG_C4_DRST_DRS_MASK | MCG_C4_DMX32_MASK)) != (SYS_CLK_DMX | SYS_CLK_DRS));
+}
+
+static void hw_gpio_init(void)
+{
+ /* Enable clocks to all GPIO ports */
+ SIM->SCGC5 |= (SIM_SCGC5_PORTA_MASK | SIM_SCGC5_PORTB_MASK
+#ifdef SIM_SCGC5_PORTC_MASK
+ | SIM_SCGC5_PORTC_MASK
+#endif
+#ifdef SIM_SCGC5_PORTD_MASK
+ | SIM_SCGC5_PORTD_MASK
+#endif
+#ifdef SIM_SCGC5_PORTE_MASK
+ | SIM_SCGC5_PORTE_MASK
+#endif
+ );
+}
+
+static void hw_uart_init(void)
+{
+ register uint16_t sbr, brfa;
+ uint8_t temp;
+
+ /* Enable UART core clock */
+ SIM->SCGC1 |= SIM_SCGC1_UART5_MASK;
+
+ /* Configure UART TX pin */
+ UART_TX_PORT->PCR[UART_TX_PIN] = PORT_PCR_MUX(UART_TX_MUX);
+
+ /* Disable transmitter and receiver while we change settings. */
+ UART_PORT->C2 &= ~(UART_C2_TE_MASK | UART_C2_RE_MASK );
+
+ /* Configure the UART for 8-bit mode, no parity */
+ UART_PORT->C1 = 0;
+
+ /* Calculate baud settings */
+ sbr = (uint16_t)((BUS_CLK_KHZ * 1000)/(UART_BAUD * 16));
+ temp = UART_PORT->BDH & ~(UART_BDH_SBR(0x1F));
+ UART_PORT->BDH = temp | UART_BDH_SBR(((sbr & 0x1F00) >> 8));
+ UART_PORT->BDL = (uint8_t)(sbr & UART_BDL_SBR_MASK);
+
+ /* Determine if a fractional divider is needed to get closer to the baud rate */
+ brfa = (((BUS_CLK_KHZ * 32000)/(UART_BAUD * 16)) - (sbr * 32));
+ temp = UART_PORT->C4 & ~(UART_C4_BRFA(0x1F));
+ UART_PORT->C4 = temp | UART_C4_BRFA(brfa);
+
+ /* Enable receiver and transmitter */
+ UART_PORT->C2 |= (UART_C2_TE_MASK | UART_C2_RE_MASK);
+}
+
+static void hw_rtc_init(void)
+{
+ /* Enable RTC clock and oscillator */
+ SIM->SCGC6 |= SIM_SCGC6_RTC_MASK;
+ RTC->CR |= RTC_CR_OSCE_MASK;
+}
+
+static void hw_rand_init(void)
+{
+ /* Enable RNG clocks */
+ SIM->SCGC6 |= SIM_SCGC6_RNGA_MASK;
+ SIM->SCGC3 |= SIM_SCGC3_RNGA_MASK;
+
+ /* Wake up RNG to normal mode (take out of sleep) */
+ RNG->CR &= ~RNG_CR_SLP_MASK;
+
+ /* Enable High Assurance mode (Enables notification of security violations via SR[SECV]) */
+ RNG->CR |= RNG_CR_HA_MASK;
+
+ /* Enable RNG generation to RANDOUT FIFO */
+ RNG->CR |= RNG_CR_GO_MASK;
+}
+
+
+/* Public Functions */
+void hw_init(void)
+{
+ hw_mcg_init();
+ hw_gpio_init();
+ hw_uart_init();
+ hw_rtc_init();
+ hw_rand_init();
+}
+
+uint32_t hw_get_time_sec(void)
+{
+ /* Return RTC seconds */
+ return RTC->TSR;
+}
+
+uint32_t hw_get_time_msec(void)
+{
+ /* RTC TPR precision register increments every 32.768 kHz clock cycle */
+ /* Convert with rounding crystal count (32768 or (1 << 15)) to milliseconds */
+ return ( ((uint32_t)RTC->TPR * 1000) + ((1 << 15) / 2) ) / (1 << 15);
+}
+
+void hw_uart_printchar(int c)
+{
+ while(!(UART_PORT->S1 & UART_S1_TDRE_MASK)); /* Wait until space is available in the FIFO */
+ UART_PORT->D = (uint8_t)c; /* Send the character */
+}
+
+int hw_rand(void)
+{
+ while((RNG->SR & RNG_SR_OREG_LVL(0xF)) == 0) {}; /* Wait until FIFO has a value available */
+ return RNG->OR; /* Return next value in FIFO output register */
+}
+
+// Watchdog
+void hw_watchdog_disable(void)
+{
+ WDOG->UNLOCK = 0xC520;
+ WDOG->UNLOCK = 0xD928;
+ WDOG->STCTRLH = WDOG_STCTRLH_ALLOWUPDATE_MASK;
+}
+
+// Flash configuration
+#define FSEC_UNSECURE 2
+#define FSEC_SECURE 0
+#define FSEC_FSLACC_DENIED 2
+#define FSEC_FSLACC_GRANTED 3
+#define FSEC_KEY_ENABLED 2
+#define FSEC_KEY_DISABLED 3
+#define FSEC_MASS_ERASE_DISABLE 2
+#define FSEC_MASS_ERASE_ENABLE 3
+
+struct flash_conf {
+ uint8_t backdoor_key[8]; /* Backdoor Comparison Key */
+ uint8_t fprot[4]; /* Program flash protection bytes */
+ uint8_t fsec; /* Flash security byte */
+ uint8_t fopt; /* Flash nonvolatile option byte */
+ uint8_t feprot; /* FlexNVM: EEPROM protection byte */
+ uint8_t fdprot; /* FlexNVM: Data flash protection byte */
+};
+const struct flash_conf flash_conf __attribute__ ((section (".flashconf"),used)) =
+{
+ .backdoor_key = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF },
+ .fprot = { 0xFF, 0xFF, 0xFF, 0xFF },
+ .fsec = NV_FSEC_SEC(FSEC_UNSECURE) | NV_FSEC_FSLACC(FSEC_FSLACC_GRANTED) |
+ NV_FSEC_MEEN(FSEC_MASS_ERASE_ENABLE) | NV_FSEC_KEYEN(FSEC_KEY_DISABLED),
+ .fopt = 0xFF,
+ .feprot = 0xFF,
+ .fdprot = 0xFF
+};
+
+#endif /* FREESCALE && K_SERIES */
diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/test_main.c b/IDE/ROWLEY-CROSSWORKS-ARM/test_main.c
new file mode 100644
index 000000000..632adcb98
--- /dev/null
+++ b/IDE/ROWLEY-CROSSWORKS-ARM/test_main.c
@@ -0,0 +1,76 @@
+/* test_main.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
+#ifdef HAVE_CONFIG_H
+ #include
+#endif
+
+#include
+#include
+#include
+
+typedef struct func_args {
+ int argc;
+ char** argv;
+ int return_code;
+} func_args;
+
+static func_args args = { 0 } ;
+
+
+void main(void)
+{
+ int test_num = 0;
+
+ do
+ {
+ printf("\nCrypt Test %d:\n", test_num);
+ wolfcrypt_test(&args);
+ printf("Crypt Test %d: Return code %d\n", test_num, args.return_code);
+
+ test_num++;
+ } while(args.return_code == 0);
+}
+
+
+/* SAMPLE OUTPUT:
+Crypt Test 1:
+MD5 test passed!
+MD4 test passed!
+SHA test passed!
+SHA-256 test passed!
+HMAC-MD5 test passed!
+HMAC-SHA test passed!
+HMAC-SHA256 test passed!
+ARC4 test passed!
+HC-128 test passed!
+Rabbit test passed!
+DES test passed!
+DES3 test passed!
+AES test passed!
+RANDOM test passed!
+RSA test passed!
+DH test passed!
+DSA test passed!
+PWDBASED test passed!
+Crypt Test 1: Return code 0
+*/
diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/user_libc.c b/IDE/ROWLEY-CROSSWORKS-ARM/user_libc.c
new file mode 100644
index 000000000..562f153c6
--- /dev/null
+++ b/IDE/ROWLEY-CROSSWORKS-ARM/user_libc.c
@@ -0,0 +1,106 @@
+/* user_libc.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#include "hw.h"
+
+double current_time(int reset)
+{
+ double time;
+ time = hw_get_time_sec();
+ time += (double)hw_get_time_msec() / 1000;
+ return time;
+}
+
+int custom_rand_generate(void)
+{
+ return hw_rand();
+}
+
+// Debug print handler
+int __putchar(int c, __printf_tag_ptr ctx)
+{
+ hw_uart_printchar(c);
+}
+
+
+// Rowley CrossWorks, runtime support.
+//
+// Copyright (c) 2001-2015 Rowley Associates Limited.
+//
+// This file may be distributed under the terms of the License Agreement
+// provided with this software.
+//
+// THIS FILE IS PROVIDED AS IS WITH NO WARRANTY OF ANY KIND, INCLUDING THE
+// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+
+#include <__libc.h>
+
+#if defined(__CROSSWORKS_ARM) || defined(__SES_ARM)
+
+extern unsigned char __stack_process_start__[];
+
+unsigned char * __aeabi_read_tp(void)
+{
+ // thread-local storage addressing refers to the thread pointer
+ // This is returning start address of stack process
+ return (__stack_process_start__);
+}
+
+#elif defined(__CROSSWORKS_AVR) || defined(__CROSSWORKS_MSP430)
+
+unsigned char * __RAL_read_tp(void)
+{
+ return 0;
+}
+
+#endif
+
+void __heap_lock(void)
+{
+}
+
+void __heap_unlock(void)
+{
+}
+
+void __printf_lock(void)
+{
+}
+
+void __printf_unlock(void)
+{
+}
+
+void __scanf_lock(void)
+{
+}
+
+void __scanf_unlock(void)
+{
+}
+
+void __debug_io_lock(void)
+{
+}
+
+void __debug_io_unlock(void)
+{
+}
diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/user_settings.h b/IDE/ROWLEY-CROSSWORKS-ARM/user_settings.h
new file mode 100644
index 000000000..77ae6dbd4
--- /dev/null
+++ b/IDE/ROWLEY-CROSSWORKS-ARM/user_settings.h
@@ -0,0 +1,28 @@
+/* Configuration */
+#define SINGLE_THREADED
+#define WOLFSSL_SMALL_STACK
+#define WOLFSSL_GENERAL_ALIGNMENT 4
+#define NO_MAIN_DRIVER
+#define NO_FILESYSTEM
+#define NO_WRITEV
+#define NO_DEV_RANDOM
+#define NO_WOLFSSL_MEMORY
+
+/* HW Crypto Acceleration */
+// See README.md for instructions
+//#define FREESCALE_MMCAU 1
+
+/* Benchmark */
+#define BENCH_EMBEDDED
+#define USE_CERT_BUFFERS_2048
+
+/* Custom functions */
+extern int custom_rand_generate(void);
+#define CUSTOM_RAND_GENERATE custom_rand_generate
+#define WOLFSSL_USER_CURRTIME
+
+/* Debugging - Optional */
+#if 0
+#define fprintf(file, format, ...) printf(format, ##__VA_ARGS__)
+#define DEBUG_WOLFSSL
+#endif
diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/wolfssl.hzp b/IDE/ROWLEY-CROSSWORKS-ARM/wolfssl.hzp
new file mode 100644
index 000000000..4ec9e06d3
--- /dev/null
+++ b/IDE/ROWLEY-CROSSWORKS-ARM/wolfssl.hzp
@@ -0,0 +1,317 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/IDE/include.am b/IDE/include.am
index f6caad332..008e6ddda 100644
--- a/IDE/include.am
+++ b/IDE/include.am
@@ -5,5 +5,6 @@
include IDE/iOS/include.am
include IDE/WIN/include.am
include IDE/WORKBENCH/include.am
+include IDE/ROWLEY-CROSSWORKS-ARM/include.am
EXTRA_DIST+= IDE/IAR-EWARM IDE/MDK-ARM IDE/MDK5-ARM IDE/MYSQL
diff --git a/README b/README
index ea646a390..9cfcbf97d 100644
--- a/README
+++ b/README
@@ -32,7 +32,26 @@ before calling wolfSSL_new(); Though it's not recommended.
*** end Notes ***
-wolfSSL (Formerly CyaSSL) Release 3.6.8 (09/17/2015)
+wolfSSL (Formerly CyaSSL) Release 3.6.9 (10/05/2015)
+
+Release 3.6.9 of wolfSSL has bug fixes and new features including:
+
+- New option for the sniffer where it will try to pick up decoding after a
+ sequence number acknowldgement fault. Also includes some additional stats.
+- AES-GCM/CCM fixes.
+- FreeRTOS support updates.
+- VXWorks support updates.
+- Added the IDEA cipher and support in wolfSSL.
+- Update wolfSSL website CA.
+- CFLAGS is usable when configuring source.
+
+- No high level security fixes that requires an update though we always
+ recommend updating to the latest
+
+See INSTALL file for build instructions.
+More info can be found on-line at //http://wolfssl.com/yaSSL/Docs.html
+
+ ********* wolfSSL (Formerly CyaSSL) Release 3.6.8 (09/17/2015)
Release 3.6.8 of wolfSSL fixes two high severity vulnerabilities. It also
includes bug fixes and new features including:
diff --git a/README.md b/README.md
index 5fe25e3c1..38f1bc112 100644
--- a/README.md
+++ b/README.md
@@ -36,6 +36,26 @@ before calling wolfSSL_new(); Though it's not recommended.
```
+# wolfSSL (Formerly CyaSSL) Release 3.6.9 (10/05/2015)
+
+##Release 3.6.9 of wolfSSL has bug fixes and new features including:
+
+- New option for the sniffer where it will try to pick up decoding after a
+ sequence number acknowldgement fault. Also includes some additional stats.
+- AES-GCM/CCM fixes.
+- FreeRTOS support updates.
+- VXWorks support updates.
+- Added the IDEA cipher and support in wolfSSL.
+- Update wolfSSL website CA.
+- CFLAGS is usable when configuring source.
+
+- No high level security fixes that requires an update though we always
+ recommend updating to the latest
+
+See INSTALL file for build instructions.
+More info can be found on-line at //http://wolfssl.com/yaSSL/Docs.html
+
+
#wolfSSL (Formerly CyaSSL) Release 3.6.8 (09/17/2015)
##Release 3.6.8 of wolfSSL fixes two high severity vulnerabilities.
diff --git a/configure.ac b/configure.ac
index 018685731..0a5a27c50 100644
--- a/configure.ac
+++ b/configure.ac
@@ -6,7 +6,7 @@
#
#
-AC_INIT([wolfssl],[3.6.8],[https://github.com/wolfssl/wolfssl/issues],[wolfssl],[http://www.wolfssl.com])
+AC_INIT([wolfssl],[3.6.9],[https://github.com/wolfssl/wolfssl/issues],[wolfssl],[http://www.wolfssl.com])
AC_CONFIG_AUX_DIR([build-aux])
diff --git a/scripts/include.am b/scripts/include.am
index 4b1b105c5..915baf63a 100644
--- a/scripts/include.am
+++ b/scripts/include.am
@@ -20,6 +20,7 @@ endif
if !BUILD_IPV6
dist_noinst_SCRIPTS+= scripts/external.test
dist_noinst_SCRIPTS+= scripts/google.test
+dist_noinst_SCRIPTS+= scripts/openssl.test
endif
endif
diff --git a/scripts/openssl.test b/scripts/openssl.test
new file mode 100755
index 000000000..708186ab2
--- /dev/null
+++ b/scripts/openssl.test
@@ -0,0 +1,127 @@
+#!/bin/bash
+
+#openssl.test
+
+# need a unique port since may run the same time as testsuite
+openssl_port=11114
+no_pid=-1
+server_pid=$no_pid
+wolf_suites_tested=0
+wolf_suites_total=0
+counter=0
+
+do_cleanup() {
+ echo "in cleanup"
+
+ if [ $server_pid != $no_pid ]
+ then
+ echo "killing server"
+ kill -9 $server_pid
+ fi
+}
+
+do_trap() {
+ echo "got trap"
+ do_cleanup
+ exit -1
+}
+
+trap do_trap INT TERM
+
+if test -n "$WOLFSSL_OPENSSL_TEST"; then
+ echo "WOLFSSL_OPENSSL_TEST set, running test..."
+else
+ echo "WOLFSSL_OPENSSL_TEST NOT set, won't run"
+ exit 0
+fi
+
+echo -e "\nTesting existence of openssl command...\n"
+command -v openssl >/dev/null 2>&1 || { echo >&2 "Requires openssl command, but it's not installed. Ending."; exit 0; }
+
+
+echo -e "\nTesting for _build directory as part of distcheck, different paths"
+currentDir=`pwd`
+if [[ $currentDir == *"_build" ]]
+then
+ echo -e "_build directory detected, moving a directory back"
+ cd ..
+fi
+
+echo -e "\nStarting openssl server...\n"
+
+openssl s_server -accept $openssl_port -cert ./certs/server-cert.pem -key ./certs/server-key.pem -quiet -www -dhparam ./certs/dh2048.pem -dcert ./certs/server-ecc.pem -dkey ./certs/ecc-key.pem &
+server_pid=$!
+
+
+# get openssl ciphers
+open_ciphers=`openssl ciphers`
+IFS=':' read -ra opensslArray <<< "$open_ciphers"
+
+# get wolfssl ciphers
+wolf_ciphers=`./examples/client/client -e`
+IFS=':' read -ra wolfsslArray <<< "$wolf_ciphers"
+
+# server should be ready, let's make sure
+server_ready=0
+while [ "$counter" -lt 20 ]; do
+ echo -e "waiting for openssl s_server ready..."
+ nc -z localhost $openssl_port
+ nc_result=$?
+ if [ $nc_result == 0 ]
+ then
+ echo -e "openssl s_server ready!"
+ server_ready=1
+ break
+ fi
+ sleep 0.1
+ counter=$((counter+ 1))
+done
+
+
+if [ $server_ready == 0 ]
+then
+ echo -e "Couldn't verify openssl server is running, timeout error"
+ do_cleanup
+ exit -1
+fi
+
+for wolfSuite in "${wolfsslArray[@]}"; do
+
+ echo -e "trying wolfSSL cipher suite $wolfSuite"
+ matchSuite=0
+ wolf_suites_total=$((wolf_suites_total + 1))
+
+ for openSuite in "${opensslArray[@]}"; do
+ if [ $openSuite == $wolfSuite ]
+ then
+ echo -e "Matched to OpenSSL suite support"
+ matchSuite=1
+ fi
+ done
+
+ if [ $matchSuite == 0 ]
+ then
+ echo -e "Couldn't match suite, continuing..."
+ continue
+ fi
+
+ ./examples/client/client -p $openssl_port -g -l $wolfSuite
+ client_result=$?
+
+ if [ $client_result != 0 ]
+ then
+ echo -e "client failed!"
+ do_cleanup
+ exit 1
+ fi
+ wolf_suites_tested=$((wolf_suites_tested+1))
+
+done
+
+kill -9 $server_pid
+
+echo -e "wolfSSL total suites $wolf_suites_total"
+echo -e "wolfSSL suites tested $wolf_suites_tested"
+echo -e "\nSuccess!\n"
+
+exit 0
diff --git a/src/internal.c b/src/internal.c
index f0e54cf2f..1b0391af9 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -1956,6 +1956,10 @@ void FreeArrays(WOLFSSL* ssl, int keep)
XMEMCPY(ssl->session.sessionID, ssl->arrays->sessionID, ID_LEN);
ssl->session.sessionIDSz = ssl->arrays->sessionIDSz;
}
+ if (ssl->arrays) {
+ XFREE(ssl->arrays->pendingMsg, ssl->heap, DYNAMIC_TYPE_ARRAYS);
+ ssl->arrays->pendingMsg = NULL;
+ }
XFREE(ssl->arrays, ssl->heap, DYNAMIC_TYPE_CERT);
ssl->arrays = NULL;
}
@@ -5259,16 +5263,73 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
static int DoHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
word32 totalSz)
{
- byte type;
- word32 size;
int ret = 0;
WOLFSSL_ENTER("DoHandShakeMsg()");
- if (GetHandShakeHeader(ssl, input, inOutIdx, &type, &size, totalSz) != 0)
- return PARSE_ERROR;
+ /* If there is a pending fragmented handshake message,
+ * pending message size will be non-zero. */
+ if (ssl->arrays->pendingMsgSz == 0) {
+ byte type;
+ word32 size;
- ret = DoHandShakeMsgType(ssl, input, inOutIdx, type, size, totalSz);
+ if (GetHandShakeHeader(ssl,input, inOutIdx, &type, &size, totalSz) != 0)
+ return PARSE_ERROR;
+
+ /* Cap the maximum size of a handshake message to something reasonable.
+ * By default is the maximum size of a certificate message assuming
+ * nine 2048-bit RSA certificates in the chain. */
+ if (size > MAX_HANDSHAKE_SZ) {
+ WOLFSSL_MSG("Handshake message too large");
+ return HANDSHAKE_SIZE_ERROR;
+ }
+
+ /* size is the size of the certificate message payload */
+ if (ssl->curSize < size) {
+ ssl->arrays->pendingMsgType = type;
+ ssl->arrays->pendingMsgSz = size + HANDSHAKE_HEADER_SZ;
+ ssl->arrays->pendingMsg = (byte*)XMALLOC(size + HANDSHAKE_HEADER_SZ,
+ ssl->heap,
+ DYNAMIC_TYPE_ARRAYS);
+ if (ssl->arrays->pendingMsg == NULL)
+ return MEMORY_E;
+ XMEMCPY(ssl->arrays->pendingMsg,
+ input + *inOutIdx - HANDSHAKE_HEADER_SZ, ssl->curSize);
+ ssl->arrays->pendingMsgOffset = ssl->curSize;
+ *inOutIdx += ssl->curSize - HANDSHAKE_HEADER_SZ;
+ return 0;
+ }
+
+ ret = DoHandShakeMsgType(ssl, input, inOutIdx, type, size, totalSz);
+ }
+ else {
+ if (ssl->curSize + ssl->arrays->pendingMsgOffset
+ > ssl->arrays->pendingMsgSz) {
+
+ return BUFFER_ERROR;
+ }
+ else {
+ XMEMCPY(ssl->arrays->pendingMsg + ssl->arrays->pendingMsgOffset,
+ input + *inOutIdx, ssl->curSize);
+ ssl->arrays->pendingMsgOffset += ssl->curSize;
+ *inOutIdx += ssl->curSize;
+ }
+
+ if (ssl->arrays->pendingMsgOffset == ssl->arrays->pendingMsgSz)
+ {
+ word32 idx = 0;
+ ret = DoHandShakeMsgType(ssl,
+ ssl->arrays->pendingMsg
+ + HANDSHAKE_HEADER_SZ,
+ &idx, ssl->arrays->pendingMsgType,
+ ssl->arrays->pendingMsgSz
+ - HANDSHAKE_HEADER_SZ,
+ ssl->arrays->pendingMsgSz);
+ XFREE(ssl->arrays->pendingMsg, ssl->heap, DYNAMIC_TYPE_ARRAYS);
+ ssl->arrays->pendingMsg = NULL;
+ ssl->arrays->pendingMsgSz = 0;
+ }
+ }
WOLFSSL_LEAVE("DoHandShakeMsg()", ret);
return ret;
@@ -8503,6 +8564,9 @@ const char* wolfSSL_ERR_reason_error_string(unsigned long e)
case UNKNOWN_ALPN_PROTOCOL_NAME_E:
return "Unrecognized protocol name Error";
+ case HANDSHAKE_SIZE_ERROR:
+ return "Handshake message too large Error";
+
default :
return "unknown error number";
}
diff --git a/src/ssl.c b/src/ssl.c
index a0d7dd6dd..dfd5696ab 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -295,6 +295,8 @@ int wolfSSL_get_ciphers(char* buf, int len)
if (i < size - 1)
*buf++ = delim;
+ else
+ *buf++ = '\0';
}
else
return BUFFER_E;
diff --git a/support/wolfssl.pc b/support/wolfssl.pc
index 761b674ca..7116f5acf 100644
--- a/support/wolfssl.pc
+++ b/support/wolfssl.pc
@@ -5,6 +5,6 @@ includedir=${prefix}/include
Name: wolfssl
Description: wolfssl C library.
-Version: 3.6.8
+Version: 3.6.9
Libs: -L${libdir} -lwolfssl
Cflags: -I${includedir}
diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c
index 7ba6069b6..044a77021 100644
--- a/wolfcrypt/src/random.c
+++ b/wolfcrypt/src/random.c
@@ -102,7 +102,8 @@ int wc_RNG_GenerateByte(WC_RNG* rng, byte* b)
#include
#else
#if !defined(NO_DEV_RANDOM) && !defined(CUSTOM_RAND_GENERATE) && \
- !defined(WOLFSSL_GENSEED_FORTEST) && !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_IAR_ARM)
+ !defined(WOLFSSL_GENSEED_FORTEST) && !defined(WOLFSSL_MDK_ARM) && \
+ !defined(WOLFSSL_IAR_ARM) && !defined(WOLFSSL_ROWLEY_ARM)
#include
#ifndef EBSNET
#include
diff --git a/wolfssl/error-ssl.h b/wolfssl/error-ssl.h
index ec2d9af82..f07796079 100644
--- a/wolfssl/error-ssl.h
+++ b/wolfssl/error-ssl.h
@@ -136,8 +136,9 @@ enum wolfSSL_ErrorCodes {
DH_KEY_SIZE_E = -401, /* DH Key too small */
SNI_ABSENT_ERROR = -402, /* No SNI request. */
RSA_SIGN_FAULT = -403, /* RSA Sign fault */
+ HANDSHAKE_SIZE_ERROR = -404, /* Handshake message too large */
- UNKNOWN_ALPN_PROTOCOL_NAME_E = -404, /* Unrecognized protocol name Error*/
+ UNKNOWN_ALPN_PROTOCOL_NAME_E = -405, /* Unrecognized protocol name Error*/
/* add strings to SetErrorString !!!!! */
diff --git a/wolfssl/internal.h b/wolfssl/internal.h
index f88e96e9e..511ba29dd 100644
--- a/wolfssl/internal.h
+++ b/wolfssl/internal.h
@@ -1016,6 +1016,19 @@ enum Misc {
#define MAX_CHAIN_DEPTH 9
#endif
+/* max size of a certificate message payload */
+/* assumes MAX_CHAIN_DEPTH number of certificates at 2kb per certificate */
+#ifndef MAX_CERTIFICATE_SZ
+ #define MAX_CERTIFICATE_SZ \
+ CERT_HEADER_SZ + \
+ (MAX_X509_SIZE + CERT_HEADER_SZ) * MAX_CHAIN_DEPTH
+#endif
+
+/* max size of a handshake message, currently set to the certificate */
+#ifndef MAX_HANDSHAKE_SZ
+ #define MAX_HANDSHAKE_SZ MAX_CERTIFICATE_SZ
+#endif
+
#ifndef SESSION_TICKET_LEN
#define SESSION_TICKET_LEN 256
#endif
@@ -2114,7 +2127,10 @@ typedef struct Options {
} Options;
typedef struct Arrays {
+ byte* pendingMsg; /* defrag buffer */
word32 preMasterSz; /* differs for DH, actual size */
+ word32 pendingMsgSz; /* defrag buffer size */
+ word32 pendingMsgOffset; /* current offset into defrag buffer */
#ifndef NO_PSK
word32 psk_keySz; /* acutal size */
char client_identity[MAX_PSK_ID_LEN];
diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h
index 1f4963c7b..14d13c663 100644
--- a/wolfssl/ssl.h
+++ b/wolfssl/ssl.h
@@ -947,7 +947,8 @@ WOLFSSL_API int wolfSSL_make_eap_keys(WOLFSSL*, void* key, unsigned int len,
#ifdef __PPU
#include
#include
- #elif !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_IAR_ARM) && !defined(WOLFSSL_PICOTCP)
+ #elif !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_IAR_ARM) && \
+ !defined(WOLFSSL_PICOTCP) && !defined(WOLFSSL_ROWLEY_ARM)
#include
#endif
/* allow writev style writing */
diff --git a/wolfssl/test.h b/wolfssl/test.h
index e488f9128..f0196a323 100644
--- a/wolfssl/test.h
+++ b/wolfssl/test.h
@@ -109,7 +109,8 @@
/* HPUX doesn't use socklent_t for third parameter to accept, unless
_XOPEN_SOURCE_EXTENDED is defined */
-#if !defined(__hpux__) && !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_IAR_ARM)
+#if !defined(__hpux__) && !defined(WOLFSSL_MDK_ARM) && \
+ !defined(WOLFSSL_IAR_ARM) && !defined(WOLFSSL_ROWLEY_ARM)
typedef socklen_t* ACCEPT_THIRD_T;
#else
#if defined _XOPEN_SOURCE_EXTENDED
diff --git a/wolfssl/version.h b/wolfssl/version.h
index c0b1a99fa..b8aa49372 100644
--- a/wolfssl/version.h
+++ b/wolfssl/version.h
@@ -26,8 +26,8 @@
extern "C" {
#endif
-#define LIBWOLFSSL_VERSION_STRING "3.6.8"
-#define LIBWOLFSSL_VERSION_HEX 0x03006008
+#define LIBWOLFSSL_VERSION_STRING "3.6.9"
+#define LIBWOLFSSL_VERSION_HEX 0x03006009
#ifdef __cplusplus
}
diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h
index 431c70d7d..6d38dfc2e 100644
--- a/wolfssl/wolfcrypt/settings.h
+++ b/wolfssl/wolfcrypt/settings.h
@@ -102,6 +102,9 @@
/* Uncomment next line if building for IAR EWARM */
/* #define WOLFSSL_IAR_ARM */
+/* Uncomment next line if building for Rowley CrossWorks ARM */
+/* #define WOLFSSL_ROWLEY_ARM */
+
/* Uncomment next line if using TI-RTOS settings */
/* #define WOLFSSL_TIRTOS */
@@ -180,7 +183,7 @@
#define NO_FILESYSTEM
#endif
-#if defined(WOLFSSL_IAR_ARM)
+#if defined(WOLFSSL_IAR_ARM) || defined(WOLFSSL_ROWLEY_ARM)
#define NO_MAIN_DRIVER
#define SINGLE_THREADED
#define USE_CERT_BUFFERS_1024
@@ -188,7 +191,7 @@
#define NO_FILESYSTEM
#define NO_WRITEV
#define WOLFSSL_USER_IO
- #define BENCH_EMBEDDED
+ #define BENCH_EMBEDDED
#endif
#ifdef MICROCHIP_PIC32