Update code to v1.0.14 (10)

android/extern/wolfssl/zephyr/CMakeLists.txt

@@ -0,0 +1,141 @@
+if(CONFIG_WOLFSSL)
+  zephyr_interface_library_named(wolfSSL)
+  
+  if(CONFIG_WOLFSSL_BUILTIN)
+    target_compile_definitions(wolfSSL INTERFACE
+  	WOLFSSL_SETTINGS_FILE="${CONFIG_WOLFSSL_SETTINGS_FILE}"
+  	)
+  
+    target_include_directories(wolfSSL INTERFACE
+  	${ZEPHYR_CURRENT_MODULE_DIR}
+  	${ZEPHYR_CURRENT_MODULE_DIR}/wolfssl
+  	${ZEPHYR_CURRENT_MODULE_DIR}/zephyr
+  	)
+  
+    zephyr_library()
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/zephyr/zephyr_init.c)
+  
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/src/crl.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/src/dtls13.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/src/internal.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/src/keys.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/src/ocsp.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/src/sniffer.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/src/ssl.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/src/tls.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/src/tls13.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/src/wolfio.c)
+  
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/aes.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/arc4.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/asm.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/asn.c)
+    #zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/async.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/blake2b.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/blake2s.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/camellia.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/chacha.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/chacha20_poly1305.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/cmac.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/coding.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/compress.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/cpuid.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/cryptocb.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/curve25519.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/curve448.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/des3.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/dh.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/dsa.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/ecc.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/ecc_fp.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/eccsi.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/ed25519.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/ed448.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/error.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/falcon.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/fe_448.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/fe_low_mem.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/fe_operations.c)
+    #zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/fips.c)
+    #zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/fips_test.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/ge_448.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/ge_low_mem.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/ge_operations.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/hash.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/hmac.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/integer.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/kdf.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/logging.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/md2.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/md4.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/md5.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/memory.c)
+    #zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/misc.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/pkcs12.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/pkcs7.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/poly1305.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/pwdbased.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/random.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/ripemd.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/rsa.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/sakke.c)
+    #zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/selftest.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/sha.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/sha256.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/sha3.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/sha512.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/signature.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/siphash.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/sp_arm32.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/sp_arm64.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/sp_armthumb.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/sp_c32.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/sp_c64.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/sp_cortexm.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/sp_dsp32.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/sp_int.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/sp_x86_64.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/srp.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/tfm.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/wc_dsp.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/wc_encrypt.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/wc_pkcs11.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/wc_port.c)
+    #zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/wolfcrypt_first.c)
+    #zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/wolfcrypt_last.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/wolfevent.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/wolfmath.c)
+
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/port/psa/psa.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/port/psa/psa_aes.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/port/psa/psa_hash.c)
+    zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/port/psa/psa_pkcbs.c)
+  
+    zephyr_library_link_libraries(wolfSSL)
+  
+    add_definitions(-DWOLFSSL_USER_SETTINGS)
+    add_definitions(-DWOLFSSL_ZEPHYR)
+    include_directories("${ZEPHYR_CURRENT_MODULE_DIR}/wolfssl")
+  else()
+    assert(CONFIG_WOLFSSL_LIBRARY "wolfSSL was enabled, but neither BUILTIN or LIBRARY was selected.")
+  
+    # NB: CONFIG_WOLFSSL_LIBRARY is not regression tested and is
+    # therefore susceptible to bit rot
+  
+    target_include_directories(wolfSSL INTERFACE
+  	${CONFIG_WOLFSSL_INSTALL_PATH}
+  	)
+  
+    zephyr_link_libraries(
+      wolfssl_external
+      -L${CONFIG_WOLFSSL_INSTALL_PATH}
+      gcc
+      )
+    # Lib wolfssl depends on libgcc so to allow
+    # wolfssl to link with gcc we need to ensure it is placed
+    # after wolfssl_external on the linkers command line.
+  endif()
+  
+  target_link_libraries(wolfSSL INTERFACE zephyr_interface)
+
+endif()

android/extern/wolfssl/zephyr/Kconfig

@@ -0,0 +1,92 @@
+# Kconfig - Cryptography primitive options for wolfSSL
+
+#
+# Copyright (c) 2016 Intel Corporation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+config ZEPHYR_WOLFSSL_MODULE
+        bool
+config WOLFSSL_PROMPTLESS
+        bool
+        help
+          Symbol to disable the prompt for WOLFSSL selection.
+          This symbol may be used internally in a Kconfig tree to hide the
+          wolfSSL menu prompt and instead handle the selection of WOLFSSL from
+          dependent sub-configurations and thus preven stuck symbol behavior.
+
+
+menuconfig WOLFSSL
+	bool "wolfSSL Support" if !WOLFSSL_PROMPTLESS
+	help
+	  This option enables the wolfSSL cryptography library.
+
+if WOLFSSL
+
+choice WOLFSSL_IMPLEMENTATION
+	prompt "Select implementation"
+	default WOLFSSL_BUILTIN
+
+config WOLFSSL_BUILTIN
+	bool "Enable wolfSSL integrated sources"
+	help
+	  Link with local wolfSSL sources instead of external library.
+
+config WOLFSSL_LIBRARY
+	bool "Enable wolfSSL external library"
+	help
+	  This option enables wolfSSL library.
+
+endchoice
+
+config WOLFSSL_SETTINGS_FILE
+	string "wolfSSL settings file"
+	depends on WOLFSSL_BUILTIN
+	default "user_settings-tls-generic.h"
+	help
+	  Use a specific wolfSSL settings file. The default config file
+	  file can be tweaked with Kconfig. The default settings is
+	  suitable to communicate with majority of HTTPS servers on the Internet,
+	  but has relatively many features enabled. To optimize resources for
+	  special TLS usage, use available Kconfig settings, or select an
+	  alternative config.
+
+rsource "Kconfig.tls-generic"
+
+config WOLFSSL_DEBUG
+	bool "wolfSSL debug activation"
+	depends on WOLFSSL_BUILTIN
+	help
+	  Enable debugging activation for wolfSSL configuration. If you use
+	  wolfSSL/Zephyr integration (e.g. net_app), this will activate debug
+	  logging (of the level configured by WOLFSSL_DEBUG_LEVEL).
+
+config WOLFSSL_INSTALL_PATH
+	string "wolfSSL install path"
+	depends on WOLFSSL_LIBRARY
+	help
+	  This option holds the path where the wolfSSL libraries and headers are
+	  installed. Make sure this option is properly set when WOLFSSL_LIBRARY
+	  is enabled otherwise the build will fail.
+
+config APP_LINK_WITH_WOLFSSL
+	bool "Link 'app' with WOLFSSL"
+	default y
+	help
+	  Add WOLFSSL header files to the 'app' include path. It may be
+	  disabled if the include paths for WOLFSSL are causing aliasing
+	  issues for 'app'.
+
+endif
+

android/extern/wolfssl/zephyr/Kconfig.tls-generic

@@ -0,0 +1,272 @@
+# Kconfig.tls - TLS/DTLS related options
+
+#
+# Copyright (c) 2018 Intel Corporation
+# Copyright (c) 2018 Nordic Semiconductor ASA
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+
+menu "TLS configuration"
+
+menu "Supported TLS version"
+
+config WOLFSSL_TLS_VERSION_1_0
+	bool "Enable support for TLS 1.0"
+	select WOLFSSL_ALLOW_TLSV10_ENABLED
+
+config WOLFSSL_TLS_VERSION_1_1
+	bool "Enable support for TLS 1.1"
+	select WOLFSSL_NO_OLD_TLS_DISABLED
+
+config WOLFSSL_TLS_VERSION_1_2
+	bool "Enable support for TLS 1.2"
+	default y
+
+config WOLFSSL_TLS_VERSION_1_3
+	bool "Enable support for TLS 1.3"
+	select WOLFSSL_TLS13_ENABLED
+
+endmenu
+
+menu "Ciphersuite configuration"
+
+comment "Supported key exchange modes"
+
+config WOLFSSL_KEY_EXCHANGE_ALL_ENABLED
+	bool "Enable all available ciphersuite modes"
+	select WOLFSSL_KEY_EXCHANGE_PSK_ENABLED
+	select WOLFSSL_KEY_EXCHANGE_DHE_PSK_ENABLED
+	select WOLFSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+	select WOLFSSL_KEY_EXCHANGE_RSA_PSK_ENABLED
+	select WOLFSSL_KEY_EXCHANGE_RSA_ENABLED
+	select WOLFSSL_KEY_EXCHANGE_DHE_RSA_ENABLED
+	select WOLFSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+	select WOLFSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+	select WOLFSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+	select WOLFSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+	select WOLFSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED
+	select WOLFSSL_KEY_EXCHANGE_ECJPAKE_ENABLED
+
+config WOLFSSL_KEY_EXCHANGE_PSK_ENABLED
+	bool "Enable the PSK based ciphersuite modes"
+
+config WOLFSSL_KEY_EXCHANGE_DHE_PSK_ENABLED
+	bool "Enable the DHE-PSK based ciphersuite modes"
+
+config WOLFSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+	bool "Enable the ECDHE-PSK based ciphersuite modes"
+
+config WOLFSSL_KEY_EXCHANGE_RSA_PSK_ENABLED
+	bool "Enable the RSA-PSK based ciphersuite modes"
+
+config WOLFSSL_KEY_EXCHANGE_RSA_ENABLED
+	bool "Enable the RSA-only based ciphersuite modes"
+	default y
+
+config WOLFSSL_KEY_EXCHANGE_DHE_RSA_ENABLED
+	bool "Enable the DHE-RSA based ciphersuite modes"
+
+config WOLFSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+	bool "Enable the ECDHE-RSA based ciphersuite modes"
+
+config WOLFSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+	bool "Enable the ECDHE-ECDSA based ciphersuite modes"
+
+config WOLFSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+	bool "Enable the ECDH-ECDSA based ciphersuite modes"
+
+config WOLFSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED
+	bool "Enable the ECDH-RSA based ciphersuite modes"
+
+config WOLFSSL_KEY_EXCHANGE_ECJPAKE_ENABLED
+	bool "Enable the ECJPAKE based ciphersuite modes"
+
+if WOLFSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED || \
+   WOLFSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED || \
+   WOLFSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || \
+   WOLFSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED || \
+   WOLFSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED || \
+   WOLFSSL_KEY_EXCHANGE_ECJPAKE_ENABLED
+
+comment "Supported elliptic curves"
+
+config WOLFSSL_ECP_ALL_ENABLED
+	bool "Enable all available elliptic curves"
+	select WOLFSSL_ECP_DP_SECP192R1_ENABLED
+	select WOLFSSL_ECP_DP_SECP192R1_ENABLED
+	select WOLFSSL_ECP_DP_SECP224R1_ENABLED
+	select WOLFSSL_ECP_DP_SECP256R1_ENABLED
+	select WOLFSSL_ECP_DP_SECP384R1_ENABLED
+	select WOLFSSL_ECP_DP_SECP521R1_ENABLED
+	select WOLFSSL_ECP_DP_SECP192K1_ENABLED
+	select WOLFSSL_ECP_DP_SECP224K1_ENABLED
+	select WOLFSSL_ECP_DP_SECP256K1_ENABLED
+	select WOLFSSL_ECP_DP_BP256R1_ENABLED
+	select WOLFSSL_ECP_DP_BP384R1_ENABLED
+	select WOLFSSL_ECP_DP_BP512R1_ENABLED
+	select WOLFSSL_ECP_DP_CURVE25519_ENABLED
+	select WOLFSSL_ECP_DP_CURVE448_ENABLED
+	select WOLFSSL_ECP_NIST_OPTIM
+
+config WOLFSSL_ECP_DP_SECP192R1_ENABLED
+	bool "Enable SECP192R1 elliptic curve"
+
+config WOLFSSL_ECP_DP_SECP224R1_ENABLED
+	bool "Enable SECP224R1 elliptic curve"
+
+config WOLFSSL_ECP_DP_SECP256R1_ENABLED
+	bool "Enable SECP256R1 elliptic curve"
+
+config WOLFSSL_ECP_DP_SECP384R1_ENABLED
+	bool "Enable SECP384R1 elliptic curve"
+
+config WOLFSSL_ECP_DP_SECP521R1_ENABLED
+	bool "Enable SECP521R1 elliptic curve"
+
+config WOLFSSL_ECP_DP_SECP192K1_ENABLED
+	bool "Enable SECP192K1 elliptic curve"
+
+config WOLFSSL_ECP_DP_SECP224K1_ENABLED
+	bool "Enable SECP224K1 elliptic curve"
+
+config WOLFSSL_ECP_DP_SECP256K1_ENABLED
+	bool "Enable SECP256K1 elliptic curve"
+
+config WOLFSSL_ECP_DP_BP256R1_ENABLED
+	bool "Enable BP256R1 elliptic curve"
+
+config WOLFSSL_ECP_DP_BP384R1_ENABLED
+	bool "Enable BP384R1 elliptic curve"
+
+config WOLFSSL_ECP_DP_BP512R1_ENABLED
+	bool "Enable BP512R1 elliptic curve"
+
+config WOLFSSL_ECP_DP_CURVE25519_ENABLED
+	bool "Enable CURVE25519 elliptic curve"
+
+config WOLFSSL_ECP_DP_CURVE448_ENABLED
+	bool "Enable CURVE448 elliptic curve"
+
+config WOLFSSL_ECP_NIST_OPTIM
+	bool "Enable NSIT curves optimization"
+
+endif
+
+comment "Supported cipher modes"
+
+config WOLFSSL_CIPHER_ALL_ENABLED
+	bool "Enable all available ciphers"
+	select WOLFSSL_CIPHER_AES_ENABLED
+	select WOLFSSL_CIPHER_CAMELLIA_ENABLED
+	select WOLFSSL_CIPHER_DES_ENABLED
+	select WOLFSSL_CIPHER_ARC4_ENABLED
+	select WOLFSSL_CIPHER_CHACHA20_ENABLED
+	select WOLFSSL_CIPHER_BLOWFISH_ENABLED
+	select WOLFSSL_CIPHER_CCM_ENABLED
+	select WOLFSSL_CIPHER_MODE_XTS_ENABLED
+	select WOLFSSL_CIPHER_MODE_GCM_ENABLED
+	select WOLFSSL_CIPHER_CBC_ENABLED
+	select WOLFSSL_CHACHAPOLY_AEAD_ENABLED
+
+config WOLFSSL_CIPHER_AES_ENABLED
+	bool "Enable the AES block cipher"
+	default y
+
+config WOLFSSL_AES_ROM_TABLES
+	depends on WOLFSSL_CIPHER_AES_ENABLED
+	bool "Use precomputed AES tables stored in ROM."
+	default y
+
+config WOLFSSL_CIPHER_CAMELLIA_ENABLED
+	bool "Enable the Camellia block cipher"
+
+config WOLFSSL_CIPHER_DES_ENABLED
+	bool "Enable the DES block cipher"
+	default y
+
+config WOLFSSL_CIPHER_ARC4_ENABLED
+	bool "Enable the ARC4 stream cipher"
+
+config WOLFSSL_CIPHER_CHACHA20_ENABLED
+	bool "Enable the ChaCha20 stream cipher"
+
+config WOLFSSL_CIPHER_BLOWFISH_ENABLED
+	bool "Enable the Blowfish block cipher"
+
+config WOLFSSL_CIPHER_CCM_ENABLED
+	bool "Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher"
+	depends on WOLFSSL_CIPHER_AES_ENABLED || WOLFSSL_CIPHER_CAMELLIA_ENABLED
+
+config WOLFSSL_CIPHER_MODE_XTS_ENABLED
+	bool "Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES"
+	depends on WOLFSSL_CIPHER_AES_ENABLED || WOLFSSL_CIPHER_CAMELLIA_ENABLED
+
+config WOLFSSL_CIPHER_MODE_GCM_ENABLED
+	bool "Enable the Galois/Counter Mode (GCM) for AES"
+	depends on WOLFSSL_CIPHER_AES_ENABLED || WOLFSSL_CIPHER_CAMELLIA_ENABLED
+
+config WOLFSSL_CIPHER_CBC_ENABLED
+	bool "Enable Cipher Block Chaining mode (CBC) for symmetric ciphers"
+	default y
+
+config WOLFSSL_CHACHAPOLY_AEAD_ENABLED
+	bool "Enable the ChaCha20-Poly1305 AEAD algorithm"
+	depends on WOLFSSL_CIPHER_CHACHA20_ENABLED || WOLFSSL_MAC_POLY1305_ENABLED
+
+comment "Supported message authentication methods"
+
+config WOLFSSL_MAC_ALL_ENABLED
+	bool "Enable all available MAC methods"
+	select WOLFSSL_MAC_MD4_ENABLED
+	select WOLFSSL_MAC_MD5_ENABLED
+	select WOLFSSL_MAC_SHA1_ENABLED
+	select WOLFSSL_MAC_SHA256_ENABLED
+	select WOLFSSL_MAC_SHA512_ENABLED
+	select WOLFSSL_MAC_POLY1305_ENABLED
+
+config WOLFSSL_MAC_MD4_ENABLED
+	bool "Enable the MD4 hash algorithm"
+
+config WOLFSSL_MAC_MD5_ENABLED
+	bool "Enable the MD5 hash algorithm"
+	default y
+
+config WOLFSSL_MAC_SHA1_ENABLED
+	bool "Enable the SHA1 hash algorithm"
+	default y
+
+config WOLFSSL_MAC_SHA256_ENABLED
+	bool "Enable the SHA-224 and SHA-256 hash algorithms"
+	default y
+
+config WOLFSSL_MAC_SHA512_ENABLED
+	bool "Enable the SHA-384 and SHA-512 hash algorithms"
+
+config WOLFSSL_MAC_POLY1305_ENABLED
+	bool "Enable the Poly1305 MAC algorithm"
+
+endmenu
+
+comment "Random number generators"
+
+config WOLFSSL_HMAC_DRBG_ENABLED
+	bool "Enable the HMAC_DRBG random generator"
+	default y
+
+comment "Other configurations"
+
+config WOLFSSL_HAVE_ASM
+	bool "Enable use of assembly code"
+	default y
+	help
+	  Enable use of assembly code in wolfSSL. This improves the performances
+	  of asymmetric cryptography, however this might have an impact on the
+	  code size.
+
+config WOLFSSL_USER_SETTTINGS
+	string "User settings file for wolfSSL"
+	help
+	  User settings file that contains wolfSSL defines.
+
+endmenu

android/extern/wolfssl/zephyr/README.md

@@ -0,0 +1,96 @@
+Zephyr Project Port
+===================
+
+## Overview
+
+This port is for the Zephyr RTOS Project, available [here](https://www.zephyrproject.org/).
+
+It provides the following zephyr code.
+
+- modules/crypto/wolfssl
+    - wolfssl library code
+- modules/crypto/wolfssl/zephyr/
+    - Configuration and CMake files for wolfSSL as a Zephyr module
+- modules/crypto/wolfssl/zephyr/samples/wolfssl_test
+    - wolfCrypt test application
+- modules/crypto/wolfssl/zephyr/samples/wolfssl_bench
+    - wolfCrypt benchmark application
+- modules/crypto/wolfssl/zephyr/samples/wolfssl_tls_sock
+    - socket based sample of TLS
+- modules/crypto/wolfssl/zephyr/samples/wolfssl_tls_thread
+    - socket based sample of TLS using threads
+
+## How to setup as a Zephyr Module
+
+### Modify your project's west manifest
+
+Add wolfssl as a project to your west.yml:
+```
+manifest:
+  remotes:
+    # <your other remotes>
+    - name: wolfssl
+      url-base: https://github.com/wolfssl
+
+  projects:
+    # <your other projects>
+    - name: wolfssl
+      path: modules/crypto/wolfssl
+      revision: master
+      remote: wolfssl
+```
+
+If you are using the Nordic nRF Connect SDK with Zephyr, the sdk-nrf manifest
+file is located at: `vX.X.X/nrf/west.yml`. On OSX the default installation
+location for the nRF Connect SDK is at `/opt/nordic/ncs/vX.X.X`.
+
+Update west's modules:
+
+```bash
+west update
+```
+
+Now west recognizes 'wolfssl' as a module, and will include it's Kconfig and
+CMakeFiles.txt in the build system.
+
+If using the Nordic nRF Connect SDK, to get access to a terminal with west
+tool access, open "nRF Connect for Desktop", then "Toolchain Manager",
+and finally next to the SDK version you are using click the drop down arrow,
+then "Open Terminal".
+
+## Build and Run wolfCrypt Test Application
+
+build and execute `wolfssl_test`
+
+```
+cd [zephyrproject]
+west build -p auto -b qemu_x86 modules/crypto/wolfssl/zephyr/samples/wolfssl_test
+west build -t run
+```
+
+## Build and Run wolfCrypt Benchmark Application
+
+build and execute `wolfssl_benchmark`
+
+```
+cd [zephyrproject]
+west build -p auto -b qemu_x86 modules/crypto/wolfssl/zephyr/samples/wolfssl_benchmark
+west build -t run
+```
+
+### Build and Run wolfSSL example `wolfssl_tls_sock`
+
+```
+cd [zephyrproject]
+west build -p auto -b qemu_x86 modules/crypto/wolfssl/zephyr/samples/wolfssl_tls_sock
+west build -t run
+```
+
+### Build and Run wolfSSL example `wolfssl_tls_thread`
+
+```
+cd [zephyrproject]
+west build -p auto -b qemu_x86 modules/crypto/wolfssl/zephyr/samples/wolfssl_tls_thread
+west build -t run
+```
+

android/extern/wolfssl/zephyr/include.am

@@ -0,0 +1,45 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST+= zephyr/CMakeLists.txt
+EXTRA_DIST+= zephyr/Kconfig
+EXTRA_DIST+= zephyr/Kconfig.tls-generic
+EXTRA_DIST+= zephyr/zephyr_init.c
+EXTRA_DIST+= zephyr/module.yml
+EXTRA_DIST+= zephyr/wolfssl/options.h
+EXTRA_DIST+= zephyr/nrf5340dk_nrf5340_user_settings.h
+EXTRA_DIST+= zephyr/user_settings.h
+EXTRA_DIST+= zephyr/user_settings-tls-generic.h
+EXTRA_DIST+= zephyr/README.md
+EXTRA_DIST+= zephyr/samples/wolfssl_benchmark/
+EXTRA_DIST+= zephyr/samples/wolfssl_benchmark/CMakeLists.txt
+EXTRA_DIST+= zephyr/samples/wolfssl_benchmark/README
+EXTRA_DIST+= zephyr/samples/wolfssl_benchmark/boards/nrf5340dk_nrf5340_cpuapp.conf
+EXTRA_DIST+= zephyr/samples/wolfssl_benchmark/boards/nrf5340dk_nrf5340_cpuapp_ns.conf
+EXTRA_DIST+= zephyr/samples/wolfssl_benchmark/install_test.sh
+EXTRA_DIST+= zephyr/samples/wolfssl_benchmark/prj.conf
+EXTRA_DIST+= zephyr/samples/wolfssl_benchmark/sample.yaml
+EXTRA_DIST+= zephyr/samples/wolfssl_test/CMakeLists.txt
+EXTRA_DIST+= zephyr/samples/wolfssl_test/README
+EXTRA_DIST+= zephyr/samples/wolfssl_test/boards/nrf5340dk_nrf5340_cpuapp.conf
+EXTRA_DIST+= zephyr/samples/wolfssl_test/boards/nrf5340dk_nrf5340_cpuapp_ns.conf
+EXTRA_DIST+= zephyr/samples/wolfssl_test/install_test.sh
+EXTRA_DIST+= zephyr/samples/wolfssl_test/prj.conf
+EXTRA_DIST+= zephyr/samples/wolfssl_test/sample.yaml
+EXTRA_DIST+= zephyr/samples/wolfssl_tls_sock/CMakeLists.txt
+EXTRA_DIST+= zephyr/samples/wolfssl_tls_sock/README
+EXTRA_DIST+= zephyr/samples/wolfssl_tls_sock/install_sample.sh
+EXTRA_DIST+= zephyr/samples/wolfssl_tls_sock/prj.conf
+EXTRA_DIST+= zephyr/samples/wolfssl_tls_sock/sample.yaml
+EXTRA_DIST+= zephyr/samples/wolfssl_tls_sock/src
+EXTRA_DIST+= zephyr/samples/wolfssl_tls_sock/src/tls_sock.c
+EXTRA_DIST+= zephyr/samples/wolfssl_tls_thread/CMakeLists.txt
+EXTRA_DIST+= zephyr/samples/wolfssl_tls_thread/README
+EXTRA_DIST+= zephyr/samples/wolfssl_tls_thread/boards/nrf5340dk_nrf5340_cpuapp.conf
+EXTRA_DIST+= zephyr/samples/wolfssl_tls_thread/boards/nrf5340dk_nrf5340_cpuapp_ns.conf
+EXTRA_DIST+= zephyr/samples/wolfssl_tls_thread/install_sample.sh
+EXTRA_DIST+= zephyr/samples/wolfssl_tls_thread/prj.conf
+EXTRA_DIST+= zephyr/samples/wolfssl_tls_thread/sample.yaml
+EXTRA_DIST+= zephyr/samples/wolfssl_tls_thread/src
+EXTRA_DIST+= zephyr/samples/wolfssl_tls_thread/src/tls_threaded.c

android/extern/wolfssl/zephyr/module.yml

@@ -0,0 +1,3 @@
+build:
+  cmake: zephyr
+  kconfig: zephyr/Kconfig

android/extern/wolfssl/zephyr/nrf5340dk_nrf5340_user_settings.h

@@ -0,0 +1,133 @@
+/* nrf5340dk_nrf5340_user_settings.h
+ *
+ * Copyright (C) 2006-2022 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef WOLFSSL_OPTIONS_H
+#define WOLFSSL_OPTIONS_H
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Platform */
+#undef  WOLFSSL_ZEPHYR
+#define WOLFSSL_ZEPHYR
+
+#define WOLFSSL_GENERAL_ALIGNMENT 4
+#define SIZEOF_LONG_LONG 8
+
+/* Enable PSA Crypto API for CryptoCell 312 crypto use */
+#define WOLFSSL_HAVE_PSA
+#define WOLFSSL_PSA_GLOBAL_LOCK
+
+/* Enable SP Math */
+#define WOLFSSL_SP_MATH
+#define WOLFSSL_SP_MATH_ALL
+#define WOLFSSL_HAVE_SP_RSA
+#define WOLFSSL_HAVE_SP_DH
+#define WOLFSSL_HAVE_SP_ECC
+
+/* Enable SP Math assembly support for ARM32 */
+#define SP_WORD_SIZE 32
+#define WOLFSSL_SP_ASM
+#define WOLFSSL_SP_ARM32
+#define WOLFSSL_SP_ARM32_ASM
+
+/* Crypto */
+#define WC_RSA_BLINDING
+#define WC_RSA_PSS
+#define WOLFSSL_DH_CONST
+#define HAVE_FFDHE_2048
+
+#define HAVE_ECC
+#define ECC_USER_CURVES
+/* #define HAVE_ECC192 */
+/* #define HAVE_ECC224 */
+#undef NO_ECC256
+/* #define HAVE_ECC384 */
+/* #define HAVE_ECC521 */
+#define ECC_SHAMIR
+#define ECC_TIMING_RESISTANT
+
+#define WOLFSSL_AES_DIRECT
+#define HAVE_AES_ECB
+#define HAVE_AES_CBC
+#define HAVE_AESCCM
+#define HAVE_AESGCM
+#define GCM_TABLE_4BIT
+
+/* AES-CTR is not working correctly with Nordic PSA Crypto API */
+/* #define WOLFSSL_AES_COUNTER */
+
+#define HAVE_CHACHA
+#define HAVE_POLY1305
+#define HAVE_ONE_TIME_AUTH
+
+/* Nordic Security PSA Crypto CryptoCell integration does not support SHA-1 */
+#define NO_SHA
+#define WOLFSSL_SHA224
+#define WOLFSSL_SHA384
+#define WOLFSSL_SHA512
+#define WOLFSSL_SHA3
+
+#define HAVE_HKDF
+#define WOLFSSL_CMAC
+
+/* Benchmark / Test */
+#define BENCH_EMBEDDED
+#define USE_CERT_BUFFERS_256
+#define USE_CERT_BUFFERS_2048
+#define NO_FILESYSTEM
+
+/* RNG */
+#define HAVE_HASHDRBG
+
+/* Features */
+#define WOLFSSL_TLS13
+#define WOLFSSL_OLD_PRIME_CHECK
+#define HAVE_TLS_EXTENSIONS
+#define HAVE_SUPPORTED_CURVES
+#define HAVE_EXTENDED_MASTER
+#define WOLFSSL_BASE64_ENCODE
+#define WC_NO_ASYNC_THREADING
+
+/* Disable features that require SHA-1 (see note above) */
+#define NO_OLD_TLS
+#define NO_DSA
+
+/* Disable other features (re-enable if needed) */
+#define NO_RC4
+#define NO_PSK
+#define NO_MD4
+#define NO_PWDBASED
+#define NO_DES3
+
+#if defined(CONFIG_WOLFSSL_DEBUG)
+#undef  DEBUG_WOLFSSL
+#define DEBUG_WOLFSSL
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* WOLFSSL_OPTIONS_H */
+

android/extern/wolfssl/zephyr/samples/wolfssl_benchmark/CMakeLists.txt

@@ -0,0 +1,8 @@
+cmake_minimum_required(VERSION 3.13.1)
+find_package(Zephyr REQUIRED HINTS $ENV{ZEPHYR_BASE})
+project(wolfssl_benchmark)
+
+target_sources(app PRIVATE ${ZEPHYR_WOLFSSL_MODULE_DIR}/wolfcrypt/benchmark/benchmark.c)
+target_include_directories(app PRIVATE ${ZEPHYR_WOLFSSL_MODULE_DIR}/wolfcrypt/benchmark)
+target_sources(app PRIVATE ${app_sources})
+add_definitions(-DWOLFSSL_USER_SETTINGS)

android/extern/wolfssl/zephyr/samples/wolfssl_benchmark/README

@@ -0,0 +1,12 @@
+
+wolfSSL (formerly known as CyaSSL) and wolfCrypt are either licensed for use
+under the GPLv2 or a standard commercial license. For our users who cannot use
+wolfSSL under GPLv2, a commercial license to wolfSSL and wolfCrypt is available.
+Please contact wolfSSL Inc. directly at:
+
+Email: licensing@wolfssl.com
+Phone: +1 425 245-8247
+
+More information can be found on the wolfSSL website at www.wolfssl.com.
+
+

android/extern/wolfssl/zephyr/samples/wolfssl_benchmark/boards/nrf5340dk_nrf5340_cpuapp.conf

@@ -0,0 +1,22 @@
+# Set user_settings.h file to be used for native wolfSSL build settings
+CONFIG_WOLFSSL_SETTINGS_FILE="nrf5340dk_nrf5340_user_settings.h"
+
+##### PSA and CC3XX #####
+# Enable Nordic Security Module
+CONFIG_NRF_SECURITY=y
+CONFIG_ENTROPY_DEVICE_RANDOM_GENERATOR=y
+# Enable PSA API support (comes from mbedTLS)
+CONFIG_MBEDTLS_PSA_CRYPTO_C=y
+# Enable/configure mbedTLS heap
+CONFIG_MBEDTLS_ENABLE_HEAP=y
+CONFIG_MBEDTLS_HEAP_SIZE=8192
+# Disable nrf_oberon crypto library PSA backend
+CONFIG_PSA_CRYPTO_DRIVER_OBERON=n
+# Enable ARM CryptoCell cc3xx driver PSA backend
+CONFIG_PSA_CRYPTO_DRIVER_CC3XX=y
+
+##### Logging #####
+CONFIG_USE_SEGGER_RTT=y
+CONFIG_LOG_BACKEND_RTT=y
+CONFIG_SEGGER_RTT_BUFFER_SIZE_UP=15360
+

android/extern/wolfssl/zephyr/samples/wolfssl_benchmark/boards/nrf5340dk_nrf5340_cpuapp_ns.conf

@@ -0,0 +1,25 @@
+CONFIG_BUILD_WITH_TFM=y
+CONFIG_TFM_PROFILE_TYPE_NOT_SET=y
+
+# Set user_settings.h file to be used for native wolfSSL build settings
+CONFIG_WOLFSSL_SETTINGS_FILE="nrf5340dk_nrf5340_user_settings.h"
+
+##### PSA and CC3XX #####
+# Enable Nordic Security Module
+CONFIG_NRF_SECURITY=y
+CONFIG_ENTROPY_DEVICE_RANDOM_GENERATOR=y
+# Enable PSA API support (comes from mbedTLS)
+CONFIG_MBEDTLS_PSA_CRYPTO_C=y
+# Enable/configure mbedTLS heap
+CONFIG_MBEDTLS_ENABLE_HEAP=y
+CONFIG_MBEDTLS_HEAP_SIZE=8192
+# Disable nrf_oberon crypto library PSA backend
+CONFIG_PSA_CRYPTO_DRIVER_OBERON=n
+# Enable ARM CryptoCell cc3xx driver PSA backend
+CONFIG_PSA_CRYPTO_DRIVER_CC3XX=y
+
+##### Logging #####
+CONFIG_USE_SEGGER_RTT=y
+CONFIG_LOG_BACKEND_RTT=y
+CONFIG_SEGGER_RTT_BUFFER_SIZE_UP=15360
+

android/extern/wolfssl/zephyr/samples/wolfssl_benchmark/install_test.sh

@@ -0,0 +1,49 @@
+#!/bin/sh
+
+WOLFSSL_SRC_DIR=../../..
+
+if [ ! -d $WOLFSSL_SRC_DIR ]; then
+    echo "Directory does not exist: $WOLFSSL_SRC_DIR"
+    exit 1
+fi
+if [ ! -f $WOLFSSL_SRC_DIR/wolfcrypt/benchmark/benchmark.c ]; then
+    echo "Missing source file: $WOLFSSL_SRC_DIR/wolfcrypt/benchmark/benchmark.h"
+    exit 1
+fi
+
+ZEPHYR_DIR=
+if [ $# -ne 1 ]; then
+    echo "Need location of zephyr project as a command line argument"
+    exit 1
+else
+    ZEPHYR_DIR=$1
+fi
+if [ ! -d $ZEPHR_DIR ]; then
+    echo "Zephyr project directory does not exist: $ZEPHYR_DIR"
+    exit 1
+fi
+ZEPHYR_SAMPLES_DIR=$ZEPHYR_DIR/zephyr/samples/modules
+if [ ! -d $ZEPHYR_SAMPLES_DIR ]; then
+    echo "Zephyr samples/modules directory does not exist: $ZEPHYR_SAMPLES_DIR"
+    exit 1
+fi
+ZEPHYR_WOLFSSL_DIR=$ZEPHYR_SAMPLES_DIR/wolfssl_benchmark
+
+echo "wolfSSL directory:"
+echo "  $ZEPHYR_WOLFSSL_DIR"
+rm -rf $ZEPHYR_WOLFSSL_DIR
+mkdir $ZEPHYR_WOLFSSL_DIR
+
+echo "Copy in Build files ..."
+cp -r * $ZEPHYR_WOLFSSL_DIR/
+rm $ZEPHYR_WOLFSSL_DIR/$0
+
+echo "Copy Source Code ..."
+rm -rf $ZEPHYR_WOLFSSL_DIR/src
+mkdir $ZEPHYR_WOLFSSL_DIR/src
+
+cp -rf ${WOLFSSL_SRC_DIR}/wolfcrypt/benchmark/benchmark.c $ZEPHYR_WOLFSSL_DIR/src/
+cp -rf ${WOLFSSL_SRC_DIR}/wolfcrypt/benchmark/benchmark.h $ZEPHYR_WOLFSSL_DIR/src/
+
+echo "Done"
+

android/extern/wolfssl/zephyr/samples/wolfssl_benchmark/prj.conf

@@ -0,0 +1,29 @@
+
+# Configure stack and heap sizes
+CONFIG_MAIN_STACK_SIZE=32768
+CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE=16384
+
+# Clock for time()
+CONFIG_POSIX_CLOCK=y
+
+# TLS configuration
+CONFIG_WOLFSSL=y
+CONFIG_WOLFSSL_BUILTIN=y
+
+# Floating Point
+CONFIG_FPU=y
+
+# Logging
+CONFIG_PRINTK=y
+CONFIG_CBPRINTF_LIBC_SUBSTS=y
+CONFIG_CBPRINTF_FP_SUPPORT=y
+CONFIG_CONSOLE=y
+CONFIG_LOG=y
+CONFIG_LOG_BACKEND_UART=y
+CONFIG_LOG_BUFFER_SIZE=15360
+#CONFIG_WOLFSSL_DEBUG=y
+
+# Entropy
+CONFIG_ENTROPY_GENERATOR=y
+CONFIG_ENTROPY_DEVICE_RANDOM_GENERATOR=y
+

android/extern/wolfssl/zephyr/samples/wolfssl_benchmark/sample.yaml

@@ -0,0 +1,10 @@
+sample:
+  description: wolfCrypt benchmark sample app
+  name: wolfCrypt benchmark
+common:
+  min_flash: 65
+  min_ram: 36
+  tags: crypto wolfssl userspace random
+tests:
+  crypto.wolfssl_benchmark:
+    platform_allow: qemu_x86 nrf5340dk_nrf5340_cpuapp_ns nrf5340dk_nrf5340_cpuapp

android/extern/wolfssl/zephyr/samples/wolfssl_test/CMakeLists.txt

@@ -0,0 +1,9 @@
+cmake_minimum_required(VERSION 3.13.1)
+find_package(Zephyr REQUIRED HINTS $ENV{ZEPHYR_BASE})
+project(wolfssl_test)
+
+target_sources(app PRIVATE ${ZEPHYR_WOLFSSL_MODULE_DIR}/wolfcrypt/test/test.c)
+target_include_directories(app PRIVATE ${ZEPHYR_WOLFSSL_MODULE_DIR}/wolfcrypt/test)
+target_sources(app PRIVATE ${app_sources})
+add_definitions(-DWOLFSSL_USER_SETTINGS)
+

android/extern/wolfssl/zephyr/samples/wolfssl_test/README

@@ -0,0 +1,12 @@
+
+wolfSSL (formerly known as CyaSSL) and wolfCrypt are either licensed for use
+under the GPLv2 or a standard commercial license. For our users who cannot use
+wolfSSL under GPLv2, a commercial license to wolfSSL and wolfCrypt is available.
+Please contact wolfSSL Inc. directly at:
+
+Email: licensing@wolfssl.com
+Phone: +1 425 245-8247
+
+More information can be found on the wolfSSL website at www.wolfssl.com.
+
+

android/extern/wolfssl/zephyr/samples/wolfssl_test/boards/nrf5340dk_nrf5340_cpuapp.conf

@@ -0,0 +1,22 @@
+# Set user_settings.h file to be used for native wolfSSL build settings
+CONFIG_WOLFSSL_SETTINGS_FILE="nrf5340dk_nrf5340_user_settings.h"
+
+##### PSA and CC3XX #####
+# Enable Nordic Security Module
+CONFIG_NRF_SECURITY=y
+CONFIG_ENTROPY_DEVICE_RANDOM_GENERATOR=y
+# Enable PSA API support (comes from mbedTLS)
+CONFIG_MBEDTLS_PSA_CRYPTO_C=y
+# Enable/configure mbedTLS heap
+CONFIG_MBEDTLS_ENABLE_HEAP=y
+CONFIG_MBEDTLS_HEAP_SIZE=8192
+# Disable nrf_oberon crypto library PSA backend
+CONFIG_PSA_CRYPTO_DRIVER_OBERON=n
+# Enable ARM CryptoCell cc3xx driver PSA backend
+CONFIG_PSA_CRYPTO_DRIVER_CC3XX=y
+
+##### Logging #####
+CONFIG_USE_SEGGER_RTT=y
+CONFIG_LOG_BACKEND_RTT=y
+CONFIG_SEGGER_RTT_BUFFER_SIZE_UP=15360
+

android/extern/wolfssl/zephyr/samples/wolfssl_test/boards/nrf5340dk_nrf5340_cpuapp_ns.conf

@@ -0,0 +1,25 @@
+CONFIG_BUILD_WITH_TFM=y
+CONFIG_TFM_PROFILE_TYPE_NOT_SET=y
+
+# Set user_settings.h file to be used for native wolfSSL build settings
+CONFIG_WOLFSSL_SETTINGS_FILE="nrf5340dk_nrf5340_user_settings.h"
+
+##### PSA and CC3XX #####
+# Enable Nordic Security Module
+CONFIG_NRF_SECURITY=y
+CONFIG_ENTROPY_DEVICE_RANDOM_GENERATOR=y
+# Enable PSA API support (comes from mbedTLS)
+CONFIG_MBEDTLS_PSA_CRYPTO_C=y
+# Enable/configure mbedTLS heap
+CONFIG_MBEDTLS_ENABLE_HEAP=y
+CONFIG_MBEDTLS_HEAP_SIZE=8192
+# Disable nrf_oberon crypto library PSA backend
+CONFIG_PSA_CRYPTO_DRIVER_OBERON=n
+# Enable ARM CryptoCell cc3xx driver PSA backend
+CONFIG_PSA_CRYPTO_DRIVER_CC3XX=y
+
+##### Logging #####
+CONFIG_USE_SEGGER_RTT=y
+CONFIG_LOG_BACKEND_RTT=y
+CONFIG_SEGGER_RTT_BUFFER_SIZE_UP=15360
+

android/extern/wolfssl/zephyr/samples/wolfssl_test/install_test.sh

@@ -0,0 +1,49 @@
+#!/bin/sh
+
+WOLFSSL_SRC_DIR=../../..
+
+if [ ! -d $WOLFSSL_SRC_DIR ]; then
+    echo "Directory does not exist: $WOLFSSL_SRC_DIR"
+    exit 1
+fi
+if [ ! -f $WOLFSSL_SRC_DIR/wolfcrypt/test/test.c ]; then
+    echo "Missing source file: $WOLFSSL_SRC_DIR/wolfcrypt/test/test.h"
+    exit 1
+fi
+
+ZEPHYR_DIR=
+if [ $# -ne 1 ]; then
+    echo "Need location of zephyr project as a command line argument"
+    exit 1
+else
+    ZEPHYR_DIR=$1
+fi
+if [ ! -d $ZEPHR_DIR ]; then
+    echo "Zephyr project directory does not exist: $ZEPHYR_DIR"
+    exit 1
+fi
+ZEPHYR_SAMPLES_DIR=$ZEPHYR_DIR/zephyr/samples/modules
+if [ ! -d $ZEPHYR_SAMPLES_DIR ]; then
+    echo "Zephyr samples/modules directory does not exist: $ZEPHYR_SAMPLES_DIR"
+    exit 1
+fi
+ZEPHYR_WOLFSSL_DIR=$ZEPHYR_SAMPLES_DIR/wolfssl_test
+
+echo "wolfSSL directory:"
+echo "  $ZEPHYR_WOLFSSL_DIR"
+rm -rf $ZEPHYR_WOLFSSL_DIR
+mkdir $ZEPHYR_WOLFSSL_DIR
+
+echo "Copy in Build files ..."
+cp -r * $ZEPHYR_WOLFSSL_DIR/
+rm $ZEPHYR_WOLFSSL_DIR/$0
+
+echo "Copy Source Code ..."
+rm -rf $ZEPHYR_WOLFSSL_DIR/src
+mkdir $ZEPHYR_WOLFSSL_DIR/src
+
+cp -rf ${WOLFSSL_SRC_DIR}/wolfcrypt/test/test.c $ZEPHYR_WOLFSSL_DIR/src/
+cp -rf ${WOLFSSL_SRC_DIR}/wolfcrypt/test/test.h $ZEPHYR_WOLFSSL_DIR/src/
+
+echo "Done"
+

android/extern/wolfssl/zephyr/samples/wolfssl_test/prj.conf

@@ -0,0 +1,26 @@
+
+# Configure stack and heap sizes
+CONFIG_MAIN_STACK_SIZE=32768
+CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE=16384
+
+# Clock for time()
+CONFIG_POSIX_CLOCK=y
+
+# TLS configuration
+CONFIG_WOLFSSL=y
+CONFIG_WOLFSSL_BUILTIN=y
+
+# Logging
+CONFIG_PRINTK=y
+CONFIG_CBPRINTF_LIBC_SUBSTS=y
+CONFIG_CBPRINTF_FP_SUPPORT=y
+CONFIG_CONSOLE=y
+CONFIG_LOG=y
+CONFIG_LOG_BACKEND_UART=y
+CONFIG_LOG_BUFFER_SIZE=15360
+#CONFIG_WOLFSSL_DEBUG=y
+
+# Entropy
+CONFIG_ENTROPY_GENERATOR=y
+CONFIG_ENTROPY_DEVICE_RANDOM_GENERATOR=y
+

android/extern/wolfssl/zephyr/samples/wolfssl_test/sample.yaml

@@ -0,0 +1,10 @@
+sample:
+  description: wolfCrypt test sample app
+  name: wolfCrypt test
+common:
+  min_flash: 65
+  min_ram: 36
+  tags: crypto wolfssl userspace random
+tests:
+  crypto.wolfssl_test:
+    platform_allow: qemu_x86 nrf5340dk_nrf5340_cpuapp_ns nrf5340dk_nrf5340_cpuapp

android/extern/wolfssl/zephyr/samples/wolfssl_tls_sock/CMakeLists.txt

@@ -0,0 +1,8 @@
+cmake_minimum_required(VERSION 3.13.1)
+include($ENV{ZEPHYR_BASE}/cmake/app/boilerplate.cmake NO_POLICY_SCOPE)
+project(wolfssl_tls_threaded)
+
+FILE(GLOB app_sources src/*.c)
+target_sources(app PRIVATE ${app_sources})
+add_definitions(-DWOLFSSL_USER_SETTINGS)
+

android/extern/wolfssl/zephyr/samples/wolfssl_tls_sock/README

@@ -0,0 +1,12 @@
+
+wolfSSL (formerly known as CyaSSL) and wolfCrypt are either licensed for use
+under the GPLv2 or a standard commercial license. For our users who cannot use
+wolfSSL under GPLv2, a commercial license to wolfSSL and wolfCrypt is available.
+Please contact wolfSSL Inc. directly at:
+
+Email: licensing@wolfssl.com
+Phone: +1 425 245-8247
+
+More information can be found on the wolfSSL website at www.wolfssl.com.
+
+

android/extern/wolfssl/zephyr/samples/wolfssl_tls_sock/install_sample.sh

@@ -0,0 +1,31 @@
+#!/bin/sh
+
+ZEPHYR_DIR=
+if [ $# -ne 1 ]; then
+    echo "Need location of zephyr project as a command line argument"
+    exit 1
+else
+    ZEPHYR_DIR=$1
+fi
+if [ ! -d $ZEPHR_DIR ]; then
+    echo "Zephyr project directory does not exist: $ZEPHYR_DIR"
+    exit 1
+fi
+ZEPHYR_SAMPLES_DIR=$ZEPHYR_DIR/zephyr/samples/modules
+if [ ! -d $ZEPHYR_SAMPLES_DIR ]; then
+    echo "Zephyr samples/module directory does not exist: $ZEPHYR_SAMPLES_DIR"
+    exit 1
+fi
+ZEPHYR_WOLFSSL_DIR=$ZEPHYR_SAMPLES_DIR/wolfssl_tls_sock
+
+echo "wolfSSL directory:"
+echo "  $ZEPHYR_WOLFSSL_DIR"
+rm -rf $ZEPHYR_WOLFSSL_DIR
+mkdir $ZEPHYR_WOLFSSL_DIR
+
+echo "Copy in Sample files ..."
+cp -r * $ZEPHYR_WOLFSSL_DIR/
+rm $ZEPHYR_WOLFSSL_DIR/$0
+
+echo "Done"
+

android/extern/wolfssl/zephyr/samples/wolfssl_tls_sock/prj.conf

@@ -0,0 +1,55 @@
+# Kernel options
+CONFIG_MAIN_STACK_SIZE=16384
+CONFIG_ENTROPY_GENERATOR=y
+CONFIG_INIT_STACKS=y
+CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE=8192
+
+# General config
+CONFIG_NEWLIB_LIBC=y
+
+# Clock for time()
+CONFIG_POSIX_CLOCK=y
+
+# Networking config
+CONFIG_NETWORKING=y
+CONFIG_NET_IPV4=y
+CONFIG_NET_IPV6=n
+CONFIG_NET_TCP=y
+CONFIG_NET_SOCKETS=y
+CONFIG_NET_SOCKETS_POSIX_NAMES=y
+
+CONFIG_NET_TEST=y
+CONFIG_NET_LOOPBACK=y
+CONFIG_DNS_RESOLVER=y
+CONFIG_DNS_SERVER_IP_ADDRESSES=y
+CONFIG_DNS_SERVER1="192.0.2.2"
+
+# Network driver config
+CONFIG_TEST_RANDOM_GENERATOR=y
+
+# Network address config
+CONFIG_NET_CONFIG_SETTINGS=y
+CONFIG_NET_CONFIG_NEED_IPV4=y
+CONFIG_NET_CONFIG_MY_IPV4_ADDR="192.0.2.1"
+CONFIG_NET_CONFIG_PEER_IPV4_ADDR="192.0.2.2"
+CONFIG_NET_CONFIG_MY_IPV4_GW="192.0.2.2"
+
+CONFIG_NET_PKT_TX_COUNT=10
+
+# Network debug config
+#CONFIG_NET_LOG=y
+#CONFIG_NET_PKT_LOG_LEVEL_DBG=y
+
+# Logging
+CONFIG_PRINTK=y
+#CONFIG_WOLFSSL_DEBUG=y
+
+# TLS configuration
+CONFIG_WOLFSSL=y
+CONFIG_WOLFSSL_BUILTIN=y
+
+CONFIG_WOLFSSL_TLS_VERSION_1_2=y
+CONFIG_WOLFSSL_KEY_EXCHANGE_ALL_ENABLED=y
+CONFIG_WOLFSSL_CIPHER_ALL_ENABLED=y
+CONFIG_WOLFSSL_MAC_ALL_ENABLED=y
+CONFIG_WOLFSSL_HMAC_DRBG_ENABLED=y

android/extern/wolfssl/zephyr/samples/wolfssl_tls_sock/sample.yaml

@@ -0,0 +1,9 @@
+common:
+  harness: crypto
+  tags: crypto
+sample:
+  description: wolfSSL TLS test application
+  name: wolfSSL TLS Test
+tests:
+  test:
+    platform_whitelist: qemu_x86

android/extern/wolfssl/zephyr/samples/wolfssl_tls_sock/src/tls_sock.c

@@ -0,0 +1,502 @@
+/* tls_sock.c
+ *
+ * Copyright (C) 2006-2022 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include <wolfssl/options.h>
+#include <wolfssl/ssl.h>
+#define USE_CERT_BUFFERS_2048
+#include <wolfssl/certs_test.h>
+#include <wolfssl/test.h>
+
+#ifdef WOLFSSL_ZEPHYR
+#define printf   printk
+#endif
+
+#define BUFFER_SIZE           2048
+#define STATIC_MEM_SIZE       (96*1024)
+#define THREAD_STACK_SIZE     (12*1024)
+#define MAX_SEND_SIZE         256
+
+/* The stack to use in the server's thread. */
+K_THREAD_STACK_DEFINE(server_stack, THREAD_STACK_SIZE);
+
+#ifdef WOLFSSL_STATIC_MEMORY
+    static WOLFSSL_HEAP_HINT* HEAP_HINT_SERVER;
+    static WOLFSSL_HEAP_HINT* HEAP_HINT_CLIENT;
+
+    static byte gMemoryServer[STATIC_MEM_SIZE];
+    static byte gMemoryClient[STATIC_MEM_SIZE];
+#else
+    #define HEAP_HINT_SERVER NULL
+    #define HEAP_HINT_CLIENT NULL
+#endif /* WOLFSSL_STATIC_MEMORY */
+
+/* Application data to send. */
+static const char msgHTTPGet[] = "GET /index.html HTTP/1.0\r\n\r\n";
+static const char msgHTTPIndex[] =
+    "HTTP/1.1 200 OK\n"
+    "Content-Type: text/html\n"
+    "Connection: close\n"
+    "\n"
+    "<html>\n"
+    "<head>\n"
+    "<title>Welcome to wolfSSL!</title>\n"
+    "</head>\n"
+    "<body>\n"
+    "<p>wolfSSL has successfully performed handshake!</p>\n"
+    "</body>\n"
+    "</html>\n";
+
+
+/* Create a new wolfSSL client with a server CA certificate. */
+static int wolfssl_client_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl)
+{
+    int ret = 0;
+    WOLFSSL_CTX* client_ctx = NULL;
+    WOLFSSL*     client_ssl = NULL;
+
+    /* Create and initialize WOLFSSL_CTX */
+    if ((client_ctx = wolfSSL_CTX_new_ex(wolfTLSv1_2_client_method(),
+                                                   HEAP_HINT_CLIENT)) == NULL) {
+        printf("ERROR: failed to create WOLFSSL_CTX\n");
+        ret = -1;
+    }
+
+    if (ret == 0) {
+        /* Load client certificates into WOLFSSL_CTX */
+        if (wolfSSL_CTX_load_verify_buffer(client_ctx, ca_cert_der_2048,
+                sizeof_ca_cert_der_2048, WOLFSSL_FILETYPE_ASN1) !=
+                WOLFSSL_SUCCESS) {
+            printf("ERROR: failed to load CA certificate\n");
+            ret = -1;
+        }
+    }
+
+    if (ret == 0) {
+        /* Create a WOLFSSL object */
+        if ((client_ssl = wolfSSL_new(client_ctx)) == NULL) {
+            printf("ERROR: failed to create WOLFSSL object\n");
+            ret = -1;
+        }
+    }
+
+    if (ret == 0) {
+        /* Return newly created wolfSSL context and object */
+        *ctx = client_ctx;
+        *ssl = client_ssl;
+    }
+    else {
+        if (client_ssl != NULL)
+            wolfSSL_free(client_ssl);
+        if (client_ctx != NULL)
+            wolfSSL_CTX_free(client_ctx);
+    }
+
+    return ret;
+}
+
+/* Client connecting to server using TLS */
+static int wolfssl_client_connect(WOLFSSL* ssl)
+{
+    int ret = 0;
+
+    if (wolfSSL_connect(ssl) != WOLFSSL_SUCCESS) {
+        printf("wolfSSL Error: %d\n", wolfSSL_get_error(ssl, -1));
+        if (!wolfSSL_want_read(ssl) && !wolfSSL_want_write(ssl))
+            ret = -1;
+    }
+
+    return ret;
+}
+
+
+
+/* Create a new wolfSSL server with a certificate for authentication. */
+static int wolfssl_server_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl)
+{
+    int ret = 0;
+    WOLFSSL_CTX* server_ctx = NULL;
+    WOLFSSL*     server_ssl = NULL;
+
+    /* Create and initialize WOLFSSL_CTX */
+    if ((server_ctx = wolfSSL_CTX_new_ex(wolfTLSv1_2_server_method(),
+                                                   HEAP_HINT_SERVER)) == NULL) {
+        printf("ERROR: failed to create WOLFSSL_CTX\n");
+        ret = -1;
+    }
+
+    if (ret == 0) {
+        /* Load client certificates into WOLFSSL_CTX */
+        if (wolfSSL_CTX_use_certificate_buffer(server_ctx,
+                server_cert_der_2048, sizeof_server_cert_der_2048,
+                WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS) {
+            printf("ERROR: failed to load server certificate\n");
+            ret = -1;
+        }
+    }
+
+    if (ret == 0) {
+        /* Load client certificates into WOLFSSL_CTX */
+        if (wolfSSL_CTX_use_PrivateKey_buffer(server_ctx,
+                server_key_der_2048, sizeof_server_key_der_2048,
+                WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS) {
+            printf("ERROR: failed to load server key\n");
+            ret = -1;
+        }
+    }
+
+    if (ret == 0) {
+        /* Create a WOLFSSL object */
+        if ((server_ssl = wolfSSL_new(server_ctx)) == NULL) {
+            printf("ERROR: failed to create WOLFSSL object\n");
+            ret = -1;
+        }
+    }
+
+    if (ret == 0) {
+        /* Return newly created wolfSSL context and object */
+        *ctx = server_ctx;
+        *ssl = server_ssl;
+    }
+    else {
+        if (server_ssl != NULL)
+            wolfSSL_free(server_ssl);
+        if (server_ctx != NULL)
+            wolfSSL_CTX_free(server_ctx);
+    }
+
+    return ret;
+}
+
+/* Server accepting a client using TLS */
+static int wolfssl_server_accept(WOLFSSL* ssl)
+{
+    int ret = 0;
+
+    if (wolfSSL_accept(ssl) != WOLFSSL_SUCCESS) {
+        printf("wolfSSL Error: %d\n", wolfSSL_get_error(ssl, -1));
+        if (!wolfSSL_want_read(ssl) && !wolfSSL_want_write(ssl))
+            ret = -1;
+    }
+
+    return ret;
+}
+
+
+/* Send application data. */
+static int wolfssl_send(WOLFSSL* ssl, const char* msg)
+{
+    int ret = 0;
+    int len;
+
+    printf("Sending:\n%s\n", msg);
+    len = wolfSSL_write(ssl, msg, XSTRLEN(msg));
+    if (len < 0)
+        ret = len;
+    else if (len != XSTRLEN(msg))
+        ret = -1;
+
+    return ret;
+}
+
+/* Receive application data. */
+static int wolfssl_recv(WOLFSSL* ssl)
+{
+    int ret;
+    byte reply[256];
+
+    ret = wolfSSL_read(ssl, reply, sizeof(reply)-1);
+    if (ret > 0) {
+        reply[ret] = '\0';
+        printf("Received:\n%s\n", reply);
+        ret = 1;
+    }
+    else if (wolfSSL_want_read(ssl) || wolfSSL_want_write(ssl))
+        ret = 0;
+
+    return ret;
+}
+
+
+/* Free the WOLFSSL object and context. */
+static void wolfssl_free(WOLFSSL_CTX* ctx, WOLFSSL* ssl)
+{
+    if (ssl != NULL)
+        wolfSSL_free(ssl);
+    if (ctx != NULL)
+        wolfSSL_CTX_free(ctx);
+}
+
+
+/* Display the static memory usage. */
+static void wolfssl_memstats(WOLFSSL* ssl)
+{
+#ifdef WOLFSSL_STATIC_MEMORY
+    WOLFSSL_MEM_CONN_STATS ssl_stats;
+
+    XMEMSET(&ssl_stats, 0 , sizeof(ssl_stats));
+
+    if (wolfSSL_is_static_memory(ssl, &ssl_stats) != 1)
+        printf("static memory was not used with ssl");
+    else {
+        printf("*** This is memory state before wolfSSL_free is called\n");
+        printf("peak connection memory = %d\n", ssl_stats.peakMem);
+        printf("current memory in use  = %d\n", ssl_stats.curMem);
+        printf("peak connection allocs = %d\n", ssl_stats.peakAlloc);
+        printf("current connection allocs = %d\n",ssl_stats.curAlloc);
+        printf("total connection allocs   = %d\n",ssl_stats.totalAlloc);
+        printf("total connection frees    = %d\n\n", ssl_stats.totalFr);
+    }
+#else
+    (void)ssl;
+#endif
+}
+
+
+/* Start the server thread. */
+void start_thread(THREAD_FUNC func, func_args* args, THREAD_TYPE* thread)
+{
+    k_thread_create(thread, server_stack, K_THREAD_STACK_SIZEOF(server_stack),
+                    func, args, NULL, NULL, 5, 0, K_NO_WAIT);
+}
+
+void join_thread(THREAD_TYPE thread)
+{
+    /* Threads are handled in the kernel. */
+}
+
+
+int wolfssl_server_accept_tcp(WOLFSSL* ssl, SOCKET_T* fd, SOCKET_T* acceptfd)
+{
+    int ret = 0;
+    SOCKET_T      sockfd;
+    SOCKET_T      clientfd = WOLFSSL_SOCKET_INVALID;
+    SOCKADDR_IN_T client;
+    socklen_t     client_len = sizeof(client);
+    word16        port = 443;
+    struct sockaddr_in bind_addr;
+
+    sockfd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
+    bind_addr.sin_family = AF_INET;
+    bind_addr.sin_addr.s_addr = htonl(INADDR_ANY);
+    bind_addr.sin_port = htons(port);
+    if (bind(sockfd, (struct sockaddr *)&bind_addr, sizeof(bind_addr)) != 0)
+        ret = -1;
+
+    if (ret == 0) {
+        *fd = sockfd;
+        printf("Server Listen\n");
+        listen(sockfd, 5);
+        if (WOLFSSL_SOCKET_IS_INVALID(sockfd))
+            ret = -1;
+    }
+    if (ret == 0) {
+        printf("Server Accept\n");
+        clientfd = accept(sockfd, (struct sockaddr*)&client,
+                          (ACCEPT_THIRD_T)&client_len);
+        if (WOLFSSL_SOCKET_IS_INVALID(clientfd))
+            ret = -1;
+    }
+    if (ret == 0) {
+        *acceptfd = clientfd;
+        tcp_set_nonblocking(&clientfd);
+
+        printf("Server has client\n");
+        if (wolfSSL_set_fd(ssl, clientfd) != WOLFSSL_SUCCESS)
+            ret = -1;
+    }
+
+    return ret;
+}
+
+/* Thread to do the server operations. */
+void server_thread(void* arg1, void* arg2, void* arg3)
+{
+    int           ret = 0;
+    WOLFSSL_CTX*  server_ctx = NULL;
+    WOLFSSL*      server_ssl = NULL;
+    SOCKET_T      sockfd   = WOLFSSL_SOCKET_INVALID;
+    SOCKET_T      clientfd = WOLFSSL_SOCKET_INVALID;
+
+
+#ifdef WOLFSSL_STATIC_MEMORY
+    if (wc_LoadStaticMemory(&HEAP_HINT_SERVER, gMemoryServer,
+                               sizeof(gMemoryServer),
+                               WOLFMEM_GENERAL | WOLFMEM_TRACK_STATS, 1) != 0) {
+        printf("unable to load static memory");
+        ret = -1;
+    }
+
+    if (ret == 0)
+#endif
+        ret = wolfssl_server_new(&server_ctx, &server_ssl);
+
+    if (ret == 0)
+        ret = wolfssl_server_accept_tcp(server_ssl, &sockfd, &clientfd);
+
+    while (ret == 0) {
+        k_sleep(Z_TIMEOUT_TICKS(100));
+        ret = wolfssl_server_accept(server_ssl);
+        if (ret == 0 && wolfSSL_is_init_finished(server_ssl))
+            break;
+    }
+
+    /* Receive HTTP request */
+    while (ret == 0) {
+        ret = wolfssl_recv(server_ssl);
+    }
+    if (ret == 1)
+        ret = 0;
+    /* Send HTTP response */
+    if (ret == 0)
+        ret = wolfssl_send(server_ssl, msgHTTPIndex);
+
+    printf("Server Return: %d\n", ret);
+
+#ifdef WOLFSSL_STATIC_MEMORY
+    printf("Server Memory Stats\n");
+#endif
+    wolfssl_memstats(server_ssl);
+    wolfssl_free(server_ctx, server_ssl);
+    if (clientfd != WOLFSSL_SOCKET_INVALID)
+        CloseSocket(clientfd);
+    if (sockfd != WOLFSSL_SOCKET_INVALID)
+        CloseSocket(sockfd);
+}
+
+int wolfssl_client_connect_tcp(WOLFSSL* ssl, SOCKET_T* fd)
+{
+    int              ret = 0;
+    SOCKET_T         sockfd = WOLFSSL_SOCKET_INVALID;
+    static struct    addrinfo hints;
+    struct addrinfo* res;
+
+    XMEMSET(&hints, 0, sizeof(hints));
+    hints.ai_family = AF_INET;
+    hints.ai_socktype = SOCK_STREAM;
+    if (getaddrinfo("192.0.2.1", "443", &hints, &res) != 0)
+        ret = -1;
+
+    if (ret == 0) {
+        printf("Client socket\n");
+        sockfd = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
+        if (WOLFSSL_SOCKET_IS_INVALID(sockfd))
+            ret = -1;
+    }
+    if (ret == 0) {
+        *fd = sockfd;
+        tcp_set_nonblocking(&sockfd);
+
+        printf("Client Connect\n");
+        if (connect(sockfd, res->ai_addr, res->ai_addrlen) != 0)
+            ret = -1;
+    }
+
+    if (ret == 0) {
+        printf("Client Connected\n");
+        if (wolfSSL_set_fd(ssl, sockfd) != WOLFSSL_SUCCESS)
+            ret = -1;
+    }
+
+    return ret;
+}
+
+/* Thread to do the client operations. */
+void client_thread()
+{
+    int ret = 0;
+    WOLFSSL_CTX* client_ctx = NULL;
+    WOLFSSL*     client_ssl = NULL;
+    SOCKET_T     sockfd = WOLFSSL_SOCKET_INVALID;
+
+#ifdef WOLFSSL_STATIC_MEMORY
+    if (wc_LoadStaticMemory(&HEAP_HINT_CLIENT, gMemoryClient,
+                               sizeof(gMemoryClient),
+                               WOLFMEM_GENERAL | WOLFMEM_TRACK_STATS, 1) != 0) {
+        printf("unable to load static memory");
+        ret = -1;
+    }
+
+    if (ret == 0)
+#endif
+    {
+        /* Client connection */
+        ret = wolfssl_client_new(&client_ctx, &client_ssl);
+    }
+
+    if (ret == 0)
+        ret = wolfssl_client_connect_tcp(client_ssl, &sockfd);
+
+    while (ret == 0) {
+        k_sleep(Z_TIMEOUT_TICKS(10));
+        ret = wolfssl_client_connect(client_ssl);
+        if (ret == 0 && wolfSSL_is_init_finished(client_ssl))
+            break;
+    }
+
+    if (ret == 0) {
+        printf("Handshake complete\n");
+
+        /* Send HTTP request */
+        ret = wolfssl_send(client_ssl, msgHTTPGet);
+    }
+    /* Receive HTTP response */
+    while (ret == 0) {
+        k_sleep(Z_TIMEOUT_TICKS(10));
+        ret = wolfssl_recv(client_ssl);
+    }
+    if (ret == 1)
+        ret = 0;
+
+    printf("Client Return: %d\n", ret);
+
+#ifdef WOLFSSL_STATIC_MEMORY
+    printf("Client Memory Stats\n");
+#endif
+    wolfssl_memstats(client_ssl);
+    wolfssl_free(client_ctx, client_ssl);
+    if (sockfd != WOLFSSL_SOCKET_INVALID)
+        CloseSocket(sockfd);
+}
+
+int main()
+{
+    THREAD_TYPE  serverThread;
+
+    wolfSSL_Init();
+#ifdef DEBUG_WOLFSSL
+    wolfSSL_Debugging_ON();
+#endif
+
+    /* Start server */
+    start_thread(server_thread, NULL, &serverThread);
+
+    k_sleep(Z_TIMEOUT_TICKS(100));
+    client_thread();
+
+    join_thread(serverThread);
+
+    wolfSSL_Cleanup();
+
+    printf("Done\n");
+
+    return 0;
+}
+

android/extern/wolfssl/zephyr/samples/wolfssl_tls_thread/CMakeLists.txt

@@ -0,0 +1,8 @@
+cmake_minimum_required(VERSION 3.13.1)
+find_package(Zephyr REQUIRED HINTS $ENV{ZEPHYR_BASE})
+project(wolfssl_tls_threaded)
+
+FILE(GLOB app_sources src/*.c)
+target_sources(app PRIVATE ${app_sources})
+add_definitions(-DWOLFSSL_USER_SETTINGS)
+

android/extern/wolfssl/zephyr/samples/wolfssl_tls_thread/README

@@ -0,0 +1,12 @@
+
+wolfSSL (formerly known as CyaSSL) and wolfCrypt are either licensed for use
+under the GPLv2 or a standard commercial license. For our users who cannot use
+wolfSSL under GPLv2, a commercial license to wolfSSL and wolfCrypt is available.
+Please contact wolfSSL Inc. directly at:
+
+Email: licensing@wolfssl.com
+Phone: +1 425 245-8247
+
+More information can be found on the wolfSSL website at www.wolfssl.com.
+
+

android/extern/wolfssl/zephyr/samples/wolfssl_tls_thread/boards/nrf5340dk_nrf5340_cpuapp.conf

@@ -0,0 +1,22 @@
+# Set user_settings.h file to be used for native wolfSSL build settings
+CONFIG_WOLFSSL_SETTINGS_FILE="nrf5340dk_nrf5340_user_settings.h"
+
+##### PSA and CC3XX #####
+# Enable Nordic Security Module
+CONFIG_NRF_SECURITY=y
+CONFIG_ENTROPY_DEVICE_RANDOM_GENERATOR=y
+# Enable PSA API support (comes from mbedTLS)
+CONFIG_MBEDTLS_PSA_CRYPTO_C=y
+# Enable/configure mbedTLS heap
+CONFIG_MBEDTLS_ENABLE_HEAP=y
+CONFIG_MBEDTLS_HEAP_SIZE=8192
+# Disable nrf_oberon crypto library PSA backend
+CONFIG_PSA_CRYPTO_DRIVER_OBERON=n
+# Enable ARM CryptoCell cc3xx driver PSA backend
+CONFIG_PSA_CRYPTO_DRIVER_CC3XX=y
+
+##### Logging #####
+CONFIG_USE_SEGGER_RTT=y
+CONFIG_LOG_BACKEND_RTT=y
+CONFIG_SEGGER_RTT_BUFFER_SIZE_UP=15360
+

android/extern/wolfssl/zephyr/samples/wolfssl_tls_thread/boards/nrf5340dk_nrf5340_cpuapp_ns.conf

@@ -0,0 +1,25 @@
+CONFIG_BUILD_WITH_TFM=y
+CONFIG_TFM_PROFILE_TYPE_NOT_SET=y
+
+# Set user_settings.h file to be used for native wolfSSL build settings
+CONFIG_WOLFSSL_SETTINGS_FILE="nrf5340dk_nrf5340_user_settings.h"
+
+##### PSA and CC3XX #####
+# Enable Nordic Security Module
+CONFIG_NRF_SECURITY=y
+CONFIG_ENTROPY_DEVICE_RANDOM_GENERATOR=y
+# Enable PSA API support (comes from mbedTLS)
+CONFIG_MBEDTLS_PSA_CRYPTO_C=y
+# Enable/configure mbedTLS heap
+CONFIG_MBEDTLS_ENABLE_HEAP=y
+CONFIG_MBEDTLS_HEAP_SIZE=8192
+# Disable nrf_oberon crypto library PSA backend
+CONFIG_PSA_CRYPTO_DRIVER_OBERON=n
+# Enable ARM CryptoCell cc3xx driver PSA backend
+CONFIG_PSA_CRYPTO_DRIVER_CC3XX=y
+
+##### Logging #####
+CONFIG_USE_SEGGER_RTT=y
+CONFIG_LOG_BACKEND_RTT=y
+CONFIG_SEGGER_RTT_BUFFER_SIZE_UP=15360
+

android/extern/wolfssl/zephyr/samples/wolfssl_tls_thread/install_sample.sh

@@ -0,0 +1,31 @@
+#!/bin/sh
+
+ZEPHYR_DIR=
+if [ $# -ne 1 ]; then
+    echo "Need location of zephyr project as a command line argument"
+    exit 1
+else
+    ZEPHYR_DIR=$1
+fi
+if [ ! -d $ZEPHR_DIR ]; then
+    echo "Zephyr project directory does not exist: $ZEPHYR_DIR"
+    exit 1
+fi
+ZEPHYR_SAMPLES_DIR=$ZEPHYR_DIR/zephyr/samples/modules
+if [ ! -d $ZEPHYR_SAMPLES_DIR ]; then
+    echo "Zephyr samples/modules directory does not exist: $ZEPHYR_SAMPLES_DIR"
+    exit 1
+fi
+ZEPHYR_WOLFSSL_DIR=$ZEPHYR_SAMPLES_DIR/wolfssl_tls_thread
+
+echo "wolfSSL directory:"
+echo "  $ZEPHYR_WOLFSSL_DIR"
+rm -rf $ZEPHYR_WOLFSSL_DIR
+mkdir $ZEPHYR_WOLFSSL_DIR
+
+echo "Copy in Sample files ..."
+cp -r * $ZEPHYR_WOLFSSL_DIR/
+rm $ZEPHYR_WOLFSSL_DIR/$0
+
+echo "Done"
+

android/extern/wolfssl/zephyr/samples/wolfssl_tls_thread/prj.conf

@@ -0,0 +1,37 @@
+# Kernel options
+CONFIG_MAIN_STACK_SIZE=16384
+CONFIG_ENTROPY_GENERATOR=y
+CONFIG_INIT_STACKS=y
+CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE=65536
+
+# Clock for time()
+CONFIG_POSIX_CLOCK=y
+
+# Networking
+CONFIG_NETWORKING=y
+CONFIG_NET_TEST=y
+CONFIG_NET_IPV4=y
+CONFIG_NET_IPV6=y
+CONFIG_NET_SOCKETS=y
+CONFIG_DNS_RESOLVER=y
+
+# Logging
+# Enable logging using RTT and UART
+CONFIG_PRINTK=y
+CONFIG_CBPRINTF_LIBC_SUBSTS=y
+CONFIG_CBPRINTF_FP_SUPPORT=y
+CONFIG_CONSOLE=y
+CONFIG_LOG=y
+CONFIG_LOG_BACKEND_UART=y
+CONFIG_LOG_BUFFER_SIZE=15360
+#CONFIG_WOLFSSL_DEBUG=y
+
+# TLS configuration
+CONFIG_WOLFSSL=y
+CONFIG_WOLFSSL_BUILTIN=y
+
+CONFIG_WOLFSSL_TLS_VERSION_1_2=y
+CONFIG_WOLFSSL_KEY_EXCHANGE_ALL_ENABLED=y
+CONFIG_WOLFSSL_CIPHER_ALL_ENABLED=y
+CONFIG_WOLFSSL_MAC_ALL_ENABLED=y
+CONFIG_WOLFSSL_HMAC_DRBG_ENABLED=y

android/extern/wolfssl/zephyr/samples/wolfssl_tls_thread/sample.yaml

@@ -0,0 +1,9 @@
+common:
+  harness: crypto
+  tags: crypto
+sample:
+  description: wolfSSL TLS test application
+  name: wolfSSL TLS Test
+tests:
+  test:
+    platform_whitelist: qemu_x86

android/extern/wolfssl/zephyr/samples/wolfssl_tls_thread/src/tls_threaded.c

@@ -0,0 +1,642 @@
+/* tls_threaded.c
+ *
+ * Copyright (C) 2006-2022 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef WOLFSSL_USER_SETTINGS
+    #include <wolfssl/options.h>
+#endif
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/ssl.h>
+#define USE_CERT_BUFFERS_256
+#include <wolfssl/certs_test.h>
+#include <wolfssl/test.h>
+
+#ifdef WOLFSSL_ZEPHYR
+#define printf   printk
+#endif
+
+/* wolfSSL PSA Crypto API integration with ECDH/ECDSA currently requires
+ * use of wolfSSL Public Key (PK) callbacks.
+ *
+ * PSA Crypto API integration for this sample was tested on a
+ * Nordic nRF5340dk.
+ */
+#if defined(WOLFSSL_HAVE_PSA) && defined(HAVE_PK_CALLBACKS)
+    #include <wolfssl/wolfcrypt/port/psa/psa.h>
+#endif
+
+#define BUFFER_SIZE           2048
+#define STATIC_MEM_SIZE       (96*1024)
+#define THREAD_STACK_SIZE     (13*1024)
+
+/* The stack to use in the server's thread. */
+K_THREAD_STACK_DEFINE(server_stack, THREAD_STACK_SIZE);
+
+#ifdef WOLFSSL_STATIC_MEMORY
+    static WOLFSSL_HEAP_HINT* HEAP_HINT_SERVER;
+    static WOLFSSL_HEAP_HINT* HEAP_HINT_CLIENT;
+
+    static byte gMemoryServer[STATIC_MEM_SIZE];
+    static byte gMemoryClient[STATIC_MEM_SIZE];
+#else
+    #define HEAP_HINT_SERVER NULL
+    #define HEAP_HINT_CLIENT NULL
+#endif /* WOLFSSL_STATIC_MEMORY */
+
+/* Buffer to hold data for client to read. */
+unsigned char client_buffer[BUFFER_SIZE];
+int client_buffer_sz = 0;
+wolfSSL_Mutex client_mutex;
+
+/* Buffer to hold data for server to read. */
+unsigned char server_buffer[BUFFER_SIZE];
+int server_buffer_sz = 0;
+wolfSSL_Mutex server_mutex;
+
+#if defined(WOLFSSL_HAVE_PSA) && defined(HAVE_PK_CALLBACKS)
+static struct psa_ssl_ctx server_psa_ctx;
+static struct psa_ssl_ctx client_psa_ctx;
+/* psa_key_id_t representing server key loaded into PSA Crypto API */
+static psa_key_id_t ecc_key_id;
+#endif
+
+/* Application data to send. */
+static const char msgHTTPGet[] = "GET /index.html HTTP/1.0\r\n\r\n";
+static const char msgHTTPIndex[] =
+    "HTTP/1.1 200 OK\n"
+    "Content-Type: text/html\n"
+    "Connection: close\n"
+    "\n"
+    "<html>\n"
+    "<head>\n"
+    "<title>Welcome to wolfSSL!</title>\n"
+    "</head>\n"
+    "<body>\n"
+    "<p>wolfSSL has successfully performed handshake!</p>\n"
+    "</body>\n"
+    "</html>\n";
+
+/* wolfSSL client wants to read data from the server. */
+static int recv_client(WOLFSSL* ssl, char* buff, int sz, void* ctx)
+{
+    wc_LockMutex(&client_mutex);
+    if (client_buffer_sz > 0) {
+        /* Take as many bytes is available or requested from buffer. */
+        if (sz > client_buffer_sz)
+            sz = client_buffer_sz;
+        XMEMCPY(buff, client_buffer, sz);
+        if (sz < client_buffer_sz) {
+            XMEMMOVE(client_buffer, client_buffer + sz, client_buffer_sz - sz);
+        }
+        client_buffer_sz -= sz;
+    }
+    else
+        sz = WOLFSSL_CBIO_ERR_WANT_READ;
+    wc_UnLockMutex(&client_mutex);
+
+    return sz;
+}
+
+/* wolfSSL client wants to write data to the server. */
+static int send_client(WOLFSSL* ssl, char* buff, int sz, void* ctx)
+{
+    wc_LockMutex(&server_mutex);
+    if (server_buffer_sz < BUFFER_SIZE)
+    {
+        /* Put in as many bytes requested or will fit in buffer. */
+        if (sz > BUFFER_SIZE - server_buffer_sz)
+            sz = BUFFER_SIZE - server_buffer_sz;
+        XMEMCPY(server_buffer + server_buffer_sz, buff, sz);
+        server_buffer_sz += sz;
+    }
+    else
+        sz = WOLFSSL_CBIO_ERR_WANT_WRITE;
+    wc_UnLockMutex(&server_mutex);
+
+    return sz;
+}
+
+/* wolfSSL server wants to read data from the client. */
+static int recv_server(WOLFSSL* ssl, char* buff, int sz, void* ctx)
+{
+    wc_LockMutex(&server_mutex);
+    if (server_buffer_sz > 0) {
+        /* Take as many bytes is available or requested from buffer. */
+        if (sz > server_buffer_sz)
+            sz = server_buffer_sz;
+        XMEMCPY(buff, server_buffer, sz);
+        if (sz < server_buffer_sz) {
+            XMEMMOVE(server_buffer, server_buffer + sz, server_buffer_sz - sz);
+        }
+        server_buffer_sz -= sz;
+    }
+    else
+        sz = WOLFSSL_CBIO_ERR_WANT_READ;
+    wc_UnLockMutex(&server_mutex);
+
+    return sz;
+}
+
+/* wolfSSL server wants to write data to the client. */
+static int send_server(WOLFSSL* ssl, char* buff, int sz, void* ctx)
+{
+    wc_LockMutex(&client_mutex);
+    if (client_buffer_sz < BUFFER_SIZE)
+    {
+        /* Put in as many bytes requested or will fit in buffer. */
+        if (sz > BUFFER_SIZE - client_buffer_sz)
+            sz = BUFFER_SIZE - client_buffer_sz;
+        XMEMCPY(client_buffer + client_buffer_sz, buff, sz);
+        client_buffer_sz += sz;
+    }
+    else
+        sz = WOLFSSL_CBIO_ERR_WANT_WRITE;
+    wc_UnLockMutex(&client_mutex);
+
+    return sz;
+}
+
+/* Create a new wolfSSL client with a server CA certificate. */
+static int wolfssl_client_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl)
+{
+    int ret = 0;
+    WOLFSSL_CTX* client_ctx = NULL;
+    WOLFSSL*     client_ssl = NULL;
+
+    /* Create and initialize WOLFSSL_CTX */
+    if ((client_ctx = wolfSSL_CTX_new_ex(wolfTLSv1_3_client_method(),
+                                                   HEAP_HINT_CLIENT)) == NULL) {
+        printf("ERROR: failed to create WOLFSSL_CTX\n");
+        ret = -1;
+    }
+
+    if (ret == 0) {
+        /* Load client certificates into WOLFSSL_CTX */
+         if (wolfSSL_CTX_load_verify_buffer(client_ctx, ca_ecc_cert_der_256,
+                sizeof_ca_ecc_cert_der_256, WOLFSSL_FILETYPE_ASN1) !=
+                WOLFSSL_SUCCESS) {
+            printf("ERROR: failed to load CA certificate\n");
+            ret = -1;
+        }
+    }
+
+#if defined(WOLFSSL_HAVE_PSA) && defined(HAVE_PK_CALLBACKS)
+    if (ret == 0) {
+        if (wolfSSL_CTX_psa_enable(client_ctx) != WOLFSSL_SUCCESS) {
+            printf("ERROR: failed to enable PSA Crypto API for WOLFSSL_CTX\n");
+            ret = -1;
+        }
+    }
+#endif
+
+    if (ret == 0) {
+        /* Register callbacks */
+        wolfSSL_SetIORecv(client_ctx, recv_client);
+        wolfSSL_SetIOSend(client_ctx, send_client);
+
+        /* Create a WOLFSSL object */
+        if ((client_ssl = wolfSSL_new(client_ctx)) == NULL) {
+            printf("ERROR: failed to create WOLFSSL object\n");
+            ret = -1;
+        }
+    }
+
+#if defined(WOLFSSL_HAVE_PSA) && defined(HAVE_PK_CALLBACKS)
+    if (ret == 0) {
+        XMEMSET(&client_psa_ctx, 0, sizeof(client_psa_ctx));
+        if (wolfSSL_set_psa_ctx(client_ssl, &client_psa_ctx) != WOLFSSL_SUCCESS) {
+            printf("ERROR: wolfSSL_set_psa_ctx() failed\n");
+            ret = -1;
+        }
+    }
+#endif
+
+    if (ret == 0) {
+        /* make wolfSSL object nonblocking */
+        wolfSSL_set_using_nonblock(client_ssl, 1);
+
+        /* Return newly created wolfSSL context and object */
+        *ctx = client_ctx;
+        *ssl = client_ssl;
+    }
+    else {
+        if (client_ssl != NULL) {
+#if defined(WOLFSSL_HAVE_PSA) && defined(HAVE_PK_CALLBACKS)
+            wolfSSL_free_psa_ctx(&client_psa_ctx);
+#endif
+            wolfSSL_free(client_ssl);
+        }
+        if (client_ctx != NULL)
+            wolfSSL_CTX_free(client_ctx);
+    }
+
+    return ret;
+}
+
+/* Client connecting to server using TLS */
+static int wolfssl_client_connect(WOLFSSL* ssl)
+{
+    int ret = 0;
+
+    if (wolfSSL_connect(ssl) != WOLFSSL_SUCCESS) {
+        if (!wolfSSL_want_read(ssl) && !wolfSSL_want_write(ssl))
+            ret = -1;
+    }
+
+    return ret;
+}
+
+#if defined(WOLFSSL_HAVE_PSA) && defined(HAVE_PK_CALLBACKS)
+
+/* ./certs/ecc-key.pem */
+static const unsigned char ecc_key_256[] =
+{
+    0x45, 0xB6, 0x69, 0x02, 0x73, 0x9C, 0x6C, 0x85, 0xA1, 0x38,
+    0x5B, 0x72, 0xE8, 0xE8, 0xC7, 0xAC, 0xC4, 0x03, 0x8D, 0x53,
+    0x35, 0x04, 0xFA, 0x6C, 0x28, 0xDC, 0x34, 0x8D, 0xE1, 0xA8,
+    0x09, 0x8C
+};
+
+/* Provision server private key using PSA Crypto API.
+ *
+ * key_id - resulting psa_key_id_t
+ *
+ * Returns - 0 on success, negative on error
+ */
+static int psa_private_key_provisioning(psa_key_id_t *key_id)
+{
+    psa_key_attributes_t key_attr = { 0 };
+    psa_key_type_t key_type;
+    psa_status_t status;
+
+    key_type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1);
+
+    psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_SIGN_HASH);
+    psa_set_key_lifetime(&key_attr, PSA_KEY_LIFETIME_VOLATILE);
+    psa_set_key_algorithm(&key_attr, PSA_ALG_ECDSA(PSA_ALG_SHA_256));
+    psa_set_key_type(&key_attr, key_type);
+    psa_set_key_bits(&key_attr, 256);
+
+    status = psa_import_key(&key_attr, ecc_key_256,
+                            sizeof(ecc_key_256), key_id);
+
+    if (status != PSA_SUCCESS) {
+        printf("ERROR: provisioning of private key failed: [%d] \n", status);
+        return -1;
+    }
+
+    return 0;
+}
+
+#endif /* WOLFSSL_HAVE_PSA & HAVE_PK_CALLBACKS */
+
+/* Create a new wolfSSL server with a certificate for authentication. */
+static int wolfssl_server_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl)
+{
+    int ret = 0;
+    WOLFSSL_CTX* server_ctx = NULL;
+    WOLFSSL*     server_ssl = NULL;
+
+#if defined(WOLFSSL_HAVE_PSA) && defined(HAVE_PK_CALLBACKS)
+    /* Provision ECC private key with PSA Crypto API */
+    if (psa_private_key_provisioning(&ecc_key_id) != 0) {
+        printf("ERROR: failed to provision PSA private key\n");
+        ret = -1;
+    }
+
+    if (ret == 0) {
+        XMEMSET(&server_psa_ctx, 0, sizeof(server_psa_ctx));
+        wolfSSL_psa_set_private_key_id(&server_psa_ctx, ecc_key_id);
+    }
+#endif
+
+    if (ret == 0) {
+        /* Create and initialize WOLFSSL_CTX */
+        if ((server_ctx = wolfSSL_CTX_new_ex(wolfTLSv1_3_server_method(),
+                                             HEAP_HINT_SERVER)) == NULL) {
+            printf("ERROR: failed to create WOLFSSL_CTX\n");
+            ret = -1;
+        }
+    }
+
+    if (ret == 0) {
+        /* Load client certificates into WOLFSSL_CTX */
+        if (wolfSSL_CTX_use_certificate_buffer(server_ctx,
+                serv_ecc_der_256, sizeof_serv_ecc_der_256,
+                WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS) {
+            printf("ERROR: failed to load server certificate\n");
+            ret = -1;
+        }
+    }
+
+#if !defined(WOLFSSL_HAVE_PSA) || \
+    (defined(WOLFSSL_HAVE_PSA) && !defined(HAVE_PK_CALLBACKS))
+    if (ret == 0) {
+        /* Load client certificates into WOLFSSL_CTX */
+        if (wolfSSL_CTX_use_PrivateKey_buffer(server_ctx,
+                ecc_key_der_256, sizeof_ecc_key_der_256,
+                WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS) {
+            printf("ERROR: failed to load server key\n");
+            ret = -1;
+        }
+    }
+#else
+    if (ret == 0) {
+        if (wolfSSL_CTX_psa_enable(server_ctx) != WOLFSSL_SUCCESS) {
+            printf("ERROR: failed to enable PSA\n");
+            ret = -1;
+        }
+    }
+#endif /* WOLFSSL_HAVE_PSA */
+
+    if (ret == 0) {
+        /* Register callbacks */
+        wolfSSL_SetIORecv(server_ctx, recv_server);
+        wolfSSL_SetIOSend(server_ctx, send_server);
+
+        /* Create a WOLFSSL object */
+        if ((server_ssl = wolfSSL_new(server_ctx)) == NULL) {
+            printf("ERROR: failed to create WOLFSSL object\n");
+            ret = -1;
+        }
+    }
+
+#if defined(WOLFSSL_HAVE_PSA) && defined(HAVE_PK_CALLBACKS)
+    if (ret == 0) {
+        if (wolfSSL_set_psa_ctx(server_ssl, &server_psa_ctx)
+                != WOLFSSL_SUCCESS) {
+            printf("ERROR: failed to enable PSA in WOLFSSL struct\n");
+            ret = -1;
+        }
+    }
+#endif
+
+    if (ret == 0) {
+        /* make wolfSSL object nonblocking */
+        wolfSSL_set_using_nonblock(server_ssl, 1);
+
+        /* Return newly created wolfSSL context and object */
+        *ctx = server_ctx;
+        *ssl = server_ssl;
+    }
+    else {
+        if (server_ssl != NULL) {
+#if defined(WOLFSSL_HAVE_PSA) && defined(HAVE_PK_CALLBACKS)
+            wolfSSL_free_psa_ctx(&server_psa_ctx);
+#endif
+            wolfSSL_free(server_ssl);
+        }
+        if (server_ctx != NULL)
+            wolfSSL_CTX_free(server_ctx);
+    }
+
+    return ret;
+}
+
+/* Server accepting a client using TLS */
+static int wolfssl_server_accept(WOLFSSL* ssl)
+{
+    int ret = 0;
+
+    if (wolfSSL_accept(ssl) != WOLFSSL_SUCCESS) {
+        if (!wolfSSL_want_read(ssl) && !wolfSSL_want_write(ssl))
+            ret = -1;
+    }
+
+    return ret;
+}
+
+
+/* Send application data. */
+static int wolfssl_send(WOLFSSL* ssl, const char* msg)
+{
+    int ret = 0;
+    int len;
+
+    printf("Sending:\n%s\n", msg);
+    len = wolfSSL_write(ssl, msg, XSTRLEN(msg));
+    if (len < 0)
+        ret = len;
+    else if (len != XSTRLEN(msg))
+        ret = -1;
+
+    return ret;
+}
+
+/* Receive application data. */
+static int wolfssl_recv(WOLFSSL* ssl)
+{
+    int ret;
+    byte reply[256];
+
+    ret = wolfSSL_read(ssl, reply, sizeof(reply)-1);
+    if (ret > 0) {
+        reply[ret] = '\0';
+        printf("Received:\n%s\n", reply);
+        ret = 1;
+    }
+    else if (wolfSSL_want_read(ssl) || wolfSSL_want_write(ssl))
+        ret = 0;
+
+    return ret;
+}
+
+
+/* Free the WOLFSSL object and context. */
+static void wolfssl_free(WOLFSSL_CTX* ctx, WOLFSSL* ssl)
+{
+    if (ssl != NULL)
+        wolfSSL_free(ssl);
+    if (ctx != NULL)
+        wolfSSL_CTX_free(ctx);
+}
+
+
+/* Display the static memory usage. */
+static void wolfssl_memstats(WOLFSSL* ssl)
+{
+#ifdef WOLFSSL_STATIC_MEMORY
+    WOLFSSL_MEM_CONN_STATS ssl_stats;
+
+    XMEMSET(&ssl_stats, 0 , sizeof(ssl_stats));
+
+    if (wolfSSL_is_static_memory(ssl, &ssl_stats) != 1)
+        printf("static memory was not used with ssl");
+    else {
+        printf("*** This is memory state before wolfSSL_free is called\n");
+        printf("peak connection memory = %d\n", ssl_stats.peakMem);
+        printf("current memory in use  = %d\n", ssl_stats.curMem);
+        printf("peak connection allocs = %d\n", ssl_stats.peakAlloc);
+        printf("current connection allocs = %d\n",ssl_stats.curAlloc);
+        printf("total connection allocs   = %d\n",ssl_stats.totalAlloc);
+        printf("total connection frees    = %d\n\n", ssl_stats.totalFr);
+    }
+#else
+    (void)ssl;
+#endif
+}
+
+
+/* Start the server thread. */
+void start_thread(THREAD_FUNC func, func_args* args, THREAD_TYPE* thread)
+{
+    k_thread_create(thread, server_stack, K_THREAD_STACK_SIZEOF(server_stack),
+                    func, args, NULL, NULL, 5, 0, K_NO_WAIT);
+}
+
+void join_thread(THREAD_TYPE thread)
+{
+    /* Threads are handled in the kernel. */
+}
+
+
+/* Thread to do the server operations. */
+void server_thread(void* arg1, void* arg2, void* arg3)
+{
+    int ret = 0;
+    WOLFSSL_CTX* server_ctx = NULL;
+    WOLFSSL*     server_ssl = NULL;
+
+#ifdef WOLFSSL_STATIC_MEMORY
+    if (wc_LoadStaticMemory(&HEAP_HINT_SERVER, gMemoryServer,
+                               sizeof(gMemoryServer),
+                               WOLFMEM_GENERAL | WOLFMEM_TRACK_STATS, 1) != 0) {
+        printf("unable to load static memory");
+        ret = -1;
+    }
+
+    if (ret == 0)
+#endif
+        ret = wolfssl_server_new(&server_ctx, &server_ssl);
+
+    while (ret == 0) {
+        ret = wolfssl_server_accept(server_ssl);
+        if (ret == 0 && wolfSSL_is_init_finished(server_ssl))
+            break;
+    }
+
+    /* Receive HTTP request */
+    while (ret == 0) {
+        ret = wolfssl_recv(server_ssl);
+    }
+    if (ret == 1)
+        ret = 0;
+    /* Send HTTP response */
+    if (ret == 0)
+        ret = wolfssl_send(server_ssl, msgHTTPIndex);
+
+    printf("Server Return: %d\n", ret);
+
+#ifdef WOLFSSL_STATIC_MEMORY
+    printf("Server Memory Stats\n");
+#endif
+    wolfssl_memstats(server_ssl);
+
+#if defined(WOLFSSL_HAVE_PSA) && defined(HAVE_PK_CALLBACKS)
+    if (server_ssl != NULL) {
+        wolfSSL_free_psa_ctx(&server_psa_ctx);
+    }
+#endif
+    wolfssl_free(server_ctx, server_ssl);
+}
+
+int main()
+{
+    int ret = 0;
+    WOLFSSL_CTX* client_ctx = NULL;
+    WOLFSSL*     client_ssl = NULL;
+    THREAD_TYPE  serverThread;
+
+    /* set dummy wallclock time for cert validation without NTP/etc */
+    struct timespec utctime;
+    utctime.tv_sec = 1658510212; /* Friday, July 22, 2022 5:16:52 PM GMT */
+    utctime.tv_nsec = 0;
+    clock_settime(CLOCK_REALTIME, &utctime);
+
+    wolfSSL_Init();
+#ifdef DEBUG_WOLFSSL
+    wolfSSL_Debugging_ON();
+#endif
+
+    wc_InitMutex(&client_mutex);
+    wc_InitMutex(&server_mutex);
+
+    /* Start server */
+    start_thread(server_thread, NULL, &serverThread);
+
+#ifdef WOLFSSL_STATIC_MEMORY
+    if (wc_LoadStaticMemory(&HEAP_HINT_CLIENT, gMemoryClient,
+                               sizeof(gMemoryClient),
+                               WOLFMEM_GENERAL | WOLFMEM_TRACK_STATS, 1) != 0) {
+        printf("unable to load static memory");
+        ret = -1;
+    }
+
+    if (ret == 0)
+#endif
+    {
+        /* Client connection */
+        ret = wolfssl_client_new(&client_ctx, &client_ssl);
+    }
+
+    while (ret == 0) {
+        ret = wolfssl_client_connect(client_ssl);
+        if (ret == 0 && wolfSSL_is_init_finished(client_ssl))
+            break;
+        k_sleep(Z_TIMEOUT_TICKS(10));
+    }
+
+    if (ret == 0) {
+        printf("Handshake complete\n");
+
+        /* Send HTTP request */
+        ret = wolfssl_send(client_ssl, msgHTTPGet);
+    }
+    /* Receive HTTP response */
+    while (ret == 0) {
+        k_sleep(Z_TIMEOUT_TICKS(10));
+        ret = wolfssl_recv(client_ssl);
+    }
+    if (ret == 1)
+        ret = 0;
+
+    printf("Client Return: %d\n", ret);
+
+    join_thread(serverThread);
+
+#ifdef WOLFSSL_STATIC_MEMORY
+    printf("Client Memory Stats\n");
+#endif
+    wolfssl_memstats(client_ssl);
+
+#if defined(WOLFSSL_HAVE_PSA) && defined(HAVE_PK_CALLBACKS)
+    if (client_ssl != NULL) {
+        wolfSSL_free_psa_ctx(&client_psa_ctx);
+    }
+#endif
+    wolfssl_free(client_ctx, client_ssl);
+
+    wolfSSL_Cleanup();
+
+    printf("Done\n");
+
+    return (ret == 0) ? 0 : 1;
+}
+

android/extern/wolfssl/zephyr/user_settings-tls-generic.h

@@ -0,0 +1,161 @@
+/* user_settings-tls-generic.h
+ * generated from configure options
+ *
+ * Copyright (C) 2006-2022 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef WOLFSSL_OPTIONS_H
+#define WOLFSSL_OPTIONS_H
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#undef  WOLFSSL_ZEPHYR
+#define WOLFSSL_ZEPHYR
+
+#if 0
+#undef  SINGLE_THREADED
+#define SINGLE_THREADED
+#endif
+
+#undef  TFM_TIMING_RESISTANT
+#define TFM_TIMING_RESISTANT
+
+#undef  ECC_TIMING_RESISTANT
+#define ECC_TIMING_RESISTANT
+
+#undef  WC_RSA_BLINDING
+#define WC_RSA_BLINDING
+
+#undef  HAVE_AESGCM
+#define HAVE_AESGCM
+
+#undef  WOLFSSL_SHA512
+#define WOLFSSL_SHA512
+
+#undef  WOLFSSL_SHA384
+#define WOLFSSL_SHA384
+
+#undef  NO_DSA
+#define NO_DSA
+
+#undef  HAVE_ECC
+#define HAVE_ECC
+
+#undef  TFM_ECC256
+#define TFM_ECC256
+
+#undef  WOLFSSL_BASE64_ENCODE
+#define WOLFSSL_BASE64_ENCODE
+
+#undef  NO_RC4
+#define NO_RC4
+
+#undef  WOLFSSL_SHA224
+#define WOLFSSL_SHA224
+
+#undef  WOLFSSL_SHA3
+#define WOLFSSL_SHA3
+
+#undef  HAVE_POLY1305
+#define HAVE_POLY1305
+
+#undef  HAVE_ONE_TIME_AUTH
+#define HAVE_ONE_TIME_AUTH
+
+#undef  HAVE_CHACHA
+#define HAVE_CHACHA
+
+#undef  HAVE_HASHDRBG
+#define HAVE_HASHDRBG
+
+#undef  NO_FILESYSTEM
+#define NO_FILESYSTEM
+
+#undef  HAVE_TLS_EXTENSIONS
+#define HAVE_TLS_EXTENSIONS
+
+#undef  HAVE_SUPPORTED_CURVES
+#define HAVE_SUPPORTED_CURVES
+
+#undef  HAVE_EXTENDED_MASTER
+#define HAVE_EXTENDED_MASTER
+
+#undef  NO_PSK
+#define NO_PSK
+
+#undef  NO_MD4
+#define NO_MD4
+
+#undef  NO_PWDBASED
+#define NO_PWDBASED
+
+#undef  USE_FAST_MATH
+#define USE_FAST_MATH
+
+#undef  WOLFSSL_NO_ASM
+#define WOLFSSL_NO_ASM
+
+#undef  WOLFSSL_X86_BUILD
+#define WOLFSSL_X86_BUILD
+
+#undef  WC_NO_ASYNC_THREADING
+#define WC_NO_ASYNC_THREADING
+
+#undef  NO_DES3
+#define NO_DES3
+
+#undef  WOLFSSL_STATIC_MEMORY
+#define WOLFSSL_STATIC_MEMORY
+
+#undef  WOLFSSL_TLS13
+#define WOLFSSL_TLS13
+
+#undef  HAVE_HKDF
+#define HAVE_HKDF
+
+#undef  WC_RSA_PSS
+#define WC_RSA_PSS
+
+#undef  HAVE_FFDHE_2048
+#define HAVE_FFDHE_2048
+
+#if 0
+#undef  WOLFSSL_HAVE_SP_RSA
+#define WOLFSSL_HAVE_SP_RSA
+#undef  WOLFSSL_HAVE_SP_DH
+#define WOLFSSL_HAVE_SP_DH
+#undef  WOLFSSL_HAVE_SP_ECC
+#define WOLFSSL_HAVE_SP_ECC
+#endif
+
+#if defined(CONFIG_WOLFSSL_DEBUG)
+#undef  DEBUG_WOLFSSL
+#define DEBUG_WOLFSSL
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+
+#endif /* WOLFSSL_OPTIONS_H */
+

android/extern/wolfssl/zephyr/user_settings.h

@@ -0,0 +1,156 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2022 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef USER_SETTINGS_H
+#define USER_SETTINGS_H
+
+#ifdef CONFIG_WOLFSSL
+#ifdef CONFIG_WOLFSSL_SETTINGS_FILE
+
+#include CONFIG_WOLFSSL_SETTINGS_FILE
+
+#else
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#undef  WOLFSSL_ZEPHYR
+#define WOLFSSL_ZEPHYR
+
+#if 0
+#undef  SINGLE_THREADED
+#define SINGLE_THREADED
+#endif
+
+#undef  TFM_TIMING_RESISTANT
+#define TFM_TIMING_RESISTANT
+
+#undef  ECC_TIMING_RESISTANT
+#define ECC_TIMING_RESISTANT
+
+#undef  WC_RSA_BLINDING
+#define WC_RSA_BLINDING
+
+#undef  HAVE_AESGCM
+#define HAVE_AESGCM
+
+#undef  WOLFSSL_SHA512
+#define WOLFSSL_SHA512
+
+#undef  WOLFSSL_SHA384
+#define WOLFSSL_SHA384
+
+#undef  NO_DSA
+#define NO_DSA
+
+#undef  HAVE_ECC
+#define HAVE_ECC
+
+#undef  TFM_ECC256
+#define TFM_ECC256
+
+#undef  WOLFSSL_BASE64_ENCODE
+#define WOLFSSL_BASE64_ENCODE
+
+#undef  NO_RC4
+#define NO_RC4
+
+#undef  WOLFSSL_SHA224
+#define WOLFSSL_SHA224
+
+#undef  WOLFSSL_SHA3
+#define WOLFSSL_SHA3
+
+#undef  HAVE_POLY1305
+#define HAVE_POLY1305
+
+#undef  HAVE_ONE_TIME_AUTH
+#define HAVE_ONE_TIME_AUTH
+
+#undef  HAVE_CHACHA
+#define HAVE_CHACHA
+
+#undef  HAVE_HASHDRBG
+#define HAVE_HASHDRBG
+
+#undef  NO_FILESYSTEM
+#define NO_FILESYSTEM
+
+#undef  HAVE_TLS_EXTENSIONS
+#define HAVE_TLS_EXTENSIONS
+
+#undef  HAVE_SUPPORTED_CURVES
+#define HAVE_SUPPORTED_CURVES
+
+#undef  HAVE_EXTENDED_MASTER
+#define HAVE_EXTENDED_MASTER
+
+#undef  NO_PSK
+#define NO_PSK
+
+#undef  NO_MD4
+#define NO_MD4
+
+#undef  NO_PWDBASED
+#define NO_PWDBASED
+
+#undef  USE_FAST_MATH
+#define USE_FAST_MATH
+
+#undef  WOLFSSL_NO_ASM
+#define WOLFSSL_NO_ASM
+
+#undef  WOLFSSL_X86_BUILD
+#define WOLFSSL_X86_BUILD
+
+#undef  WC_NO_ASYNC_THREADING
+#define WC_NO_ASYNC_THREADING
+
+#undef  NO_DES3
+#define NO_DES3
+
+#undef  WOLFSSL_STATIC_MEMORY
+#define WOLFSSL_STATIC_MEMORY
+
+#if 0
+#undef  WOLFSSL_HAVE_SP_RSA
+#define WOLFSSL_HAVE_SP_RSA
+#undef  WOLFSSL_HAVE_SP_DH
+#define WOLFSSL_HAVE_SP_DH
+#undef  WOLFSSL_HAVE_SP_ECC
+#define WOLFSSL_HAVE_SP_ECC
+#endif
+
+#if defined(CONFIG_WOLFSSL_DEBUG)
+#undef  DEBUG_WOLFSSL
+#define DEBUG_WOLFSSL
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* CONFIG_WOLFSSL_SETTINGS_FILE */
+#endif /* CONFIG_WOLFSSL */
+
+#endif /* USER_SETTINGS_H */
+

android/extern/wolfssl/zephyr/zephyr_init.c

@@ -0,0 +1,40 @@
+/* zephyr_init.c
+ *
+ * Copyright (C) 2006-2022 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/** @file
+ * @brief wolfSSL initialization
+ *
+ * Initialize the wolfSSL library.
+ */
+
+#include <init.h>
+
+#include "user_settings.h"
+#include "wolfssl/ssl.h"
+
+static int _wolfssl_init(const struct device *device)
+{
+    ARG_UNUSED(device);
+
+    return 0;
+}
+
+SYS_INIT(_wolfssl_init, POST_KERNEL, 0);