Merge pull request #7240 from gojimmypi/PR-wolfssl_client_ESP8266

Update TLS client example for Espressif ESP8266
2024-03-06 13:18:28 -07:00 · 2024-03-06 13:18:28 -07:00 · 39ad67607e
parent 21b82a20d5 68fb183fa6
commit 39ad67607e
26 changed files with 1473 additions and 332 deletions
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/Makefile
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/Makefile
@ -1,12 +1,134 @@
 # ESP8266 Project Makefile for wolfssl_client
 #
-# This is a project Makefile. It is assumed the directory this Makefile resides in is a
+# Copyright (C) 2006-2024 wolfSSL Inc.
-# project subdirectory.
+#
 # This file is part of wolfSSL.
 #
 # wolfSSL is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation; either version 2 of the License, or
 # (at your option) any later version.
 #
 # wolfSSL is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
 #
 #
 # This is a project Makefile.
 # It is assumed the directory this Makefile resides in is a
 # project subdirectory containing an entire project.
 #
 # Optional private config headers. Define environment variables
 # to include various default header files that are typically
 # not in a git path, and thus excluded from being checked in.
 #
 #     Environment Variable Name      |     Header file name included
 # ---------------------------------- | ---------------------------------------
 #    MY_PRIVATE_CONFIG                  (files detected / selected in header)
 #    USE_MY_PRIVATE_WSL_CONFIG          /mnt/c/workspace/my_private_config.h
 #    USE_MY_PRIVATE_MAC_CONFIG          ~/Documents/my_private_config.h
 #    USE_MY_PRIVATE_LINUX_CONFIG        ~/workspace/my_private_config.h
 #    USE_MY_PRIVATE_WINDOWS_CONFIG      /workspace/my_private_config.h
 #
 #
 PROJECT_NAME := wolfssl_client
 MY_PRIVATE_CONFIG ?= n
 USE_MY_PRIVATE_WSL_CONFIG ?= n
 USE_MY_PRIVATE_MAC_CONFIG ?= n
 USE_MY_PRIVATE_LINUX_CONFIG ?= n
 USE_MY_PRIVATE_WINDOWS_CONFIG ?= n
 # Calling shell causes unintuitive error in Windows:
 #     OS := $(shell uname -s)
 #
 # But OS, or MY_PRIVATE_CONFIG should already be defined:
 $(info *************  wolfssl_client *************)
 ifeq ($(MY_PRIVATE_CONFIG),y)
    CFLAGS += -DMY_PRIVATE_CONFIG
    $(info Enabled MY_PRIVATE_CONFIG")
 endif
 # Check for Windows environment variable: USE_MY_PRIVATE_WINDOWS_CONFIG
 ifeq ($(USE_MY_PRIVATE_WINDOWS_CONFIG),y)
    # This hard coded MY_CONFIG_FILE value must match that in the header file.
    MY_CONFIG_FILE := /workspace/my_private_config.h
    ifeq ($(wildcard $(MY_CONFIG_FILE)),)
        $(info File does not exist: $(MY_CONFIG_FILE))
    else
        CFLAGS += -DUSE_MY_PRIVATE_WINDOWS_CONFIG
        $(info Using private config file for: Windows)
    endif
 endif
 # Check for WSL environment variable: USE_MY_PRIVATE_WSL_CONFIG
 ifeq ($(USE_MY_PRIVATE_WSL_CONFIG),y)
    # This hard coded MY_CONFIG_FILE value must match that in the header file.
    MY_CONFIG_FILE := /mnt/c/workspace/my_private_config.h
    ifeq ($(wildcard $(MY_CONFIG_FILE)),)
        $(info File does not exist: $(MY_CONFIG_FILE))
    else
        CFLAGS += -DUSE_MY_PRIVATE_WSL_CONFIG
        $(info Using private config file for: WSL)
    endif
 endif
 # Check for Linux environment variable: USE_MY_PRIVATE_LINUX_CONFIG
 ifeq ($(USE_MY_PRIVATE_LINUX_CONFIG),y)
    # This hard coded MY_CONFIG_FILE value must match that in the header file.
    MY_CONFIG_FILE := ~/workspace/my_private_config.h
    ifeq ($(wildcard $(MY_CONFIG_FILE)),)
        $(info File does not exist: $(MY_CONFIG_FILE))
    else
        CFLAGS += -DUSE_MY_PRIVATE_LINUX_CONFIG
        $(info Using private config file for: Linux)
    endif
 endif
 # Check for Mac environment variable: USE_MY_PRIVATE_MAC_CONFIG
 ifeq ($(USE_MY_PRIVATE_MAC_CONFIG),y)
    # This hard coded MY_CONFIG_FILE value must match that in the header file.
    MY_CONFIG_FILE := ~/Documents/my_private_config.h
    ifeq ($(wildcard $(MY_CONFIG_FILE)),)
        $(info File does not exist: $(MY_CONFIG_FILE))
    else
        CFLAGS += -DUSE_MY_PRIVATE_MAC_CONFIG
        $(info Using private config file for: Mac)
    endif
 endif
 ifneq ($(OS),MY_PRIVATE_CONFIG)
    CFLAGS += -DMY_PRIVATE_CONFIG="$(MY_PRIVATE_CONFIG)"
 else
    ifeq ($(OS),Linux)
        CFLAGS += -DOS_LINUX
    endif
    ifeq ($(OS),Windows_NT)
        CFLAGS += -DWOLFSSL_MAKE_SYSTEM_NAME_WINDOWS
    endif
    ifeq ($(OS),Darwin)
        CFLAGS += -DWOLFSSL_MAKE_SYSTEM_NAME_APPLE
    endif
    ifneq (,$(findstring MINGW,$(OS)))
        CFLAGS += -DWOLFSSL_MAKE_SYSTEM_NAME_MINGW
    endif
    ifneq (,$(findstring CYGWIN,$(OS)))
        CFLAGS += -DWOLFSSL_MAKE_SYSTEM_NAME_CYGWIN
    endif
 endif
 # It is essential that the build process sees the WOLFSSL_USER_SETTINGS
 CFLAGS += -DWOLFSSL_USER_SETTINGS
-# if there isn't the directory, please disable the line below.
+
 # if directory not available, please disable the line below.
 EXTRA_COMPONENT_DIRS = $(IDF_PATH)/examples/common_components/protocol_examples_common
 # The Standard Espressif IDF include:
 include $(IDF_PATH)/make/project.mk
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md
@ -8,12 +8,50 @@ When using the CLI, see the [example parameters](/IDE/Espressif/ESP-IDF/examples
 For general information on [wolfSSL examples for Espressif](../README.md), see the
 [README](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/README.md) file.
-## VisualGDB
+## Quick Start
 Use the [ESP-IDF](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/get-started/index.html)
 for ESP32 or [RTOS SDK](https://docs.espressif.com/projects/esp8266-rtos-sdk/en/latest/get-started/index.html)
 for the ESP8266.
 Run `menuconfig` utility (`idf.py menuconfig` for ESP32 or `make menuconfig` for the ESP8266)
 and set the various parameters for the target device, along with local WiFi settings:
 * Target Host: `CONFIG_WOLFSSL_TARGET_HOST` (The IP address of a listening server)
 * Target Port: `CONFIG_WOLFSSL_TARGET_PORT` (Typically `11111`)
 * Example WiFi SSID: `CONFIG_EXAMPLE_WIFI_SSID` (The WiFi that you want to connect to)
 * Example WiFi Password: `CONFIG_EXAMPLE_WIFI_PASSWORD` (The WiFi password)
 The latest examples use makefiles that do not require local file copy installation of wolfSSL.
 Build and flash the software to see the example in action.
 ##  Quick Start with VisualGDB
 There are optional [VisualGDB](https://visualgdb.com/tutorials/esp8266/) project files in the
 [VisualGDB](./VisualGDB) project subdirectory, and an ESP8266 project file in the project directory,
 called `wolfssl_client_ESP8266.vgdbproj`.
 Open the VisualGDB Visual Studio Project file in the VisualGDB directory and click the "Start" button.
-No wolfSSL setup is needed. You may need to adjust your specific COM port. The default is `COM20`.
+No wolfSSL setup is needed. You may need to adjust your specific COM port. The default is `COM19`.
-## ESP-IDF Commandline
+## Troubleshooting
 Weird results, odd messages, unexpected compiler errors? Manually delete the build directory and
 any locally generated files (`sdkconfig`, `sdkconfig-debug`, etc.) and start over.
 The `build` directory is typically located in the root of the project directory:  `[project]/build`.
 Difficulty flashing:
 * Ensure the target device has a robust, stable, clean power supply.
 * Check that quality USB cables are being used.
 * Try lowering the flash baud rate in the `menuconfig`. The 115200 is typically reliable.
 * Review board specifications: some require manual boot mode via on-board buttons.
 * See [Espressif ESP Frequently Asked Questions](https://docs.espressif.com/projects/esp-faq/en/latest/esp-faq-en-master.pdf)
 ## ESP-IDF Commandline v5.x
 1. `idf.py menuconfig` to config the project
@ -38,9 +76,83 @@ When you want to test the wolfSSL client
         e.g. Launch ./examples/server/server -v 4 -b -i -d
 ## VisualGDB for ESP8266
 Reminder that we build with `make` and not `cmake` in VisualGDB.
 Build files will be created in `[project directory]\build`
 ## ESP-IDF make Commandline (version 3.5 or earlier for the ESP8266)
 ```
 export IDF_PATH=~/esp/ESP8266_RTOS_SDK
 ```
 ## ESP-IDF CMake Commandline (version 3.5 or earlier for the ESP8266)
 Build files will be created in `[project directory]\build\debug`
 ```
 # Set your path to RTOS SDK, shown here for default from WSL with VisualGDB
 WRK_IDF_PATH=/mnt/c/SysGCC/esp8266/rtos-sdk/v3.4
 #  or
 WRK_IDF_PATH=~/esp/ESP8266_RTOS_SDK
 # Setup the environment
 . $WRK_IDF_PATH/export.sh
 # install as needed / prompted
 /mnt/c/SysGCC/esp8266/rtos-sdk/v3.4/install.sh
 # Fetch wolfssl from GitHub if needed:
 cd /workspace
 git clone https://github.com/wolfSSL/wolfssl.git
 # change directory to wolfssl client example.
 cd wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client
 # or for example, WSL with C:\workspace as home for git clones:
 # cd /mnt/c/workspace/wolfssl-$USER/IDE/Espressif/ESP-IDF/examples/wolfssl_client
 # adjust settings as desired
 idf.py menuconfig
 idf.py build flash -p /dev/ttyS70 -b 115200
 idf.py monitor -p /dev/ttyS70 -b 74880
 ```
 ## SM Ciphers
-#### Working Linux Client to ESP32 Server
+(TODO coming soon)
 See https://github.com/wolfSSL/wolfsm
 #### Working Linux Client to ESP32 Server Example:
 ```
 ./examples/client/client -h 192.168.1.37 -p 11111 -v 3
 ```
 ```text
 -c <file>   Certificate file,           default ./certs/client-cert.pem
 -k <file>   Key file,                   default ./certs/client-key.pem
 -A <file>   Certificate Authority file, default ./certs/ca-cert.pem
 ```
 Example client, with default certs explicitly given:
 ```bash
 ./examples/client/client -h 192.168.1.37 -p 11111 -v 3 -c ./certs/client-cert.pem -k      ./certs/client-key.pem -A     ./certs/ca-cert.pem
 ```
 Example client, with RSA 1024 certs explicitly given:
 ```
 ./examples/client/client -h 192.168.1.37 -p 11111 -v 3 -c ./certs/1024/client-cert.pem -k ./certs/1024/client-key.pem -A ./certs/1024/ca-cert.pem
 ```
 Command:
@ -48,7 +160,6 @@ Command:
 cd /mnt/c/workspace/wolfssl-$USER/IDE/Espressif/ESP-IDF/examples/wolfssl_server
 . /mnt/c/SysGCC/esp32/esp-idf/v5.1/export.sh
 idf.py flash -p /dev/ttyS19 -b 115200 monitor
 ```
 ```
@ -75,4 +186,3 @@ I hear you fa shizzle!
 ```
 See the README.md file in the upper level 'examples' directory for [more information about examples](../README.md).
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.sln
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.sln
@ -18,6 +18,10 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "include", "include", "{5326
 EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{A51226B3-88A7-4463-B443-0E321C4A3D53}"
 	ProjectSection(SolutionItems) = preProject
 		..\..\..\..\..\..\wolfssl\wolfcrypt\error-crypt.h = ..\..\..\..\..\..\wolfssl\wolfcrypt\error-crypt.h
 		..\..\..\..\..\..\wolfssl\error-ssl.h = ..\..\..\..\..\..\wolfssl\error-ssl.h
 		..\main\Kconfig.projbuild = ..\main\Kconfig.projbuild
 		..\build\VisualGDB\Debug\esp-idf\esp_system\ld\memory.ld = ..\build\VisualGDB\Debug\esp-idf\esp_system\ld\memory.ld
 		..\..\..\..\..\..\..\my_private_config.h = ..\..\..\..\..\..\..\my_private_config.h
 		..\partitions_singleapp_large.csv = ..\partitions_singleapp_large.csv
 		..\README.md = ..\README.md
@ -25,6 +29,7 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution
 		..\build\VisualGDB\Debug\config\sdkconfig.cmake = ..\build\VisualGDB\Debug\config\sdkconfig.cmake
 		..\sdkconfig.defaults = ..\sdkconfig.defaults
 		..\build\VisualGDB\Debug\config\sdkconfig.h = ..\build\VisualGDB\Debug\config\sdkconfig.h
 		..\build\VisualGDB\Debug\esp-idf\esp_system\ld\sections.ld = ..\build\VisualGDB\Debug\esp-idf\esp_system\ld\sections.ld
 	EndProjectSection
 EndProject
 Global
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt
@ -158,8 +158,8 @@ if(CMAKE_BUILD_EARLY_EXPANSION)
    idf_component_register(
                            REQUIRES "${COMPONENT_REQUIRES}"
                            PRIV_REQUIRES # esp_hw_support
-                                          esp_timer
+                                          # esp_timer
-                                          driver # this will typically only be needed for wolfSSL benchmark
+                                          # driver # this will typically only be needed for wolfSSL benchmark
                           )
 else()
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/component.mk
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/component.mk
@ -17,24 +17,228 @@
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
 #
 #
 # Component Makefile
 #
 #
 # The Espressif Managed Components are only for newer versions of the ESP-IDF
 # Typically only for ESP32[-x] targets and only for ESP-IDF v4.3 or later:
 # See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/tools/idf-component-manager.html
 #     https://components.espressif.com/
 #
 # Usage:
 #
 #   make flash
 #
 #   make flash ESPPORT=/dev/ttyS55
 #
 #   make flash ESPBAUD=9600
 #
 #   make monitor ESPPORT=COM1
 #
 #   make monitor ESPPORT=/dev/ttyS55 MONITORBAUD=115200
 #
 #   export ESPPORT=/dev/ttyS55
 #
 # https://docs.espressif.com/projects/esp8266-rtos-sdk/en/latest/get-started/index.html
 #
-COMPONENT_ADD_INCLUDEDIRS := . ./include
+# Although the project should define WOLFSSL_USER_SETTINGS, we'll also
-
+# define it here:
 COMPONENT_ADD_INCLUDEDIRS += "$ENV{IDF_PATH}/components/freertos/include/freertos"
 # COMPONENT_ADD_INCLUDEDIRS += "$ENV{IDF_PATH}/soc/esp32s3/include/soc"
 COMPONENT_SRCDIRS := src wolfcrypt/src
 COMPONENT_SRCDIRS += wolfcrypt/src/port/Espressif
 COMPONENT_SRCDIRS += wolfcrypt/src/port/atmel
 COMPONENT_SRCDIRS += wolfcrypt/benchmark
 COMPONENT_SRCDIRS += wolfcrypt/test
 CFLAGS +=-DWOLFSSL_USER_SETTINGS
-COMPONENT_OBJEXCLUDE := wolfcrypt/src/aes_asm.o
+# NOTICE: the WOLFSSL_ROOT setting MUST be relative!
-COMPONENT_OBJEXCLUDE += wolfcrypt/src/evp.o
+# See https://docs.espressif.com/projects/esp8266-rtos-sdk/en/latest/api-guides/build-system.html?highlight=must+relative#optional-component-specific-variables
-COMPONENT_OBJEXCLUDE += wolfcrypt/src/misc.o
+# In the wolfSSL GitHub examples for Espressif:
-COMPONENT_OBJEXCLUDE += src/bio.o
+#   https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples
 # When this wolfssl component.mk makefile is in [project]/components/wolfssl
 # The root is 7 directories up from here:
 WOLFSSL_ROOT := ../../../../../../..
 # NOTE: The wolfSSL include diretory (e.g. user_settings.h) is
 # located HERE in THIS project, and *not* in the wolfSSL root.
 COMPONENT_ADD_INCLUDEDIRS := ./include
 COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/.
 COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfssl
 COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfssl/wolfcrypt
 COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfssl/wolfcrypt/port/Espressif
 # COMPONENT_ADD_INCLUDEDIRS += $ENV(IDF_PATH)/components/freertos/include/freertos
 # COMPONENT_ADD_INCLUDEDIRS += "$ENV(IDF_PATH)/soc/esp32s3/include/soc"
 # wolfSSL
 COMPONENT_SRCDIRS := $(WOLFSSL_ROOT)/src
 # wolfcrypt
 COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/src
 # Espressif
 COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif
 COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/atmel
 COMPONENT_OBJEXCLUDE := $(WOLFSSL_ROOT)/wolfcrypt/src/aes_asm.o
 COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/wolfcrypt/src/evp.o
 COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/wolfcrypt/src/misc.o
 COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/wolfcrypt/src/sha512_asm.o
 COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_x25519_asm.o
 COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/wolfcrypt/src/aes_gcm_x86_asm.o
 COMPONENT_OBJEXCLUDE += $(WOLFSSL_ROOT)/src/bio.o
 ##
 ## wolfSSL
 ##
 COMPONENT_OBJS := $(WOLFSSL_ROOT)/src/bio.o
 # COMPONENT_OBJS += src/conf.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/crl.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/dtls.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/dtls13.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/internal.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/keys.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/ocsp.o
 # COMPONENT_OBJS += src/pk.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/quic.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/sniffer.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/ssl.o
 # COMPONENT_OBJS += src/ssl_asn1.o
 # COMPONENT_OBJS += src/ssl_bn.o
 # COMPONENT_OBJS += src/ssl_certman.o
 # COMPONENT_OBJS += src/ssl_crypto.o
 # COMPONENT_OBJS += src/ssl_misc.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/tls.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/tls13.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/src/wolfio.o
 # COMPONENT_OBJS += src/x509.o
 # COMPONENT_OBJS += src/x509_str.o
 ##
 ## wolfcrypt
 ##
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/aes.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/arc4.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/asm.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/asn.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/async.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/blake2b.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/blake2s.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/camellia.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/chacha.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/chacha20_poly1305.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/cmac.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/coding.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/compress.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/cpuid.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/cryptocb.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/curve25519.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/curve448.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/des3.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/dh.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/dilithium.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/dsa.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ecc.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/eccsi.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ecc_fp.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed25519.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ed448.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/error.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/evp.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_kyber.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_lms.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ext_xmss.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/falcon.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_448.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_low_mem.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fe_operations.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fips.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/fips_test.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ge_448.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ge_low_mem.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ge_operations.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/hash.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/hmac.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/hpke.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/integer.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/kdf.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/logging.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/md2.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/md4.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/md5.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/memory.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/misc.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/pkcs12.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/pkcs7.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/poly1305.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/pwdbased.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/random.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/rc2.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/ripemd.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/rsa.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sakke.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/selftest.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha256.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha3.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sha512.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/signature.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/siphash.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm2.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm3.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sm4.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sphincs.o
 # COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_arm32.o
 # COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_arm64.o
 # COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_armthumb.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_c32.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_c64.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_cortexm.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_dsp32.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_int.o
 # COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_arm32.o
 # COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_arm64.o
 # COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_armthumb.o
 # COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_c32.o
 # COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_c64.o
 # COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_cortexm.o
 # COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_sm2_x86_64.o
 # COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/sp_x86_64.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/srp.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/tfm.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_dsp.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_encrypt.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_kyber.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_kyber_poly.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_lms.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_pkcs11.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_port.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wc_xmss.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_first.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfcrypt_last.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfevent.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/wolfmath.o
 ##
 ## Espressif
 ##
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_aes.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_mp.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_sha.o
 COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/src/port/Espressif/esp32_util.o
 ##
 ## wolfcrypt benchmark  (optional)
 ##
 ## COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/benchmark/benchmark.o
 ## COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/benchmark
 ## COMPONENT_ADD_INCLUDEDIRS += $(WOLFSSL_ROOT)/wolfcrypt/benchmark
 ##
 ## wolfcrypt test (optional)
 ##
 ## COMPONENT_OBJS += $(WOLFSSL_ROOT)/wolfcrypt/test/test.o
 ## COMPONENT_SRCDIRS += $(WOLFSSL_ROOT)/wolfcrypt/test
 ##
 ## wolfcrypt
 ##
 # COMPONENT_PRIV_INCLUDEDIRS += $(PROJECT_PATH)/components/wolfssl/include
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include/user_settings.h
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include/user_settings.h
@ -1,6 +1,6 @@
 /* user_settings.h
 *
- * Copyright (C) 2006-2023 wolfSSL Inc.
+ * Copyright (C) 2006-2024 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
@ -19,12 +19,16 @@
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
 */
 /* Standardized wolfSSL Espressif ESP32 + ESP8266 user_settings.h V5.6.6-01 */
 /* This user_settings.h is for Espressif ESP-IDF */
 #include <sdkconfig.h>
 #define DEBUG_WOLFSSL
 #define DEBUG_WOLFSSL_VERBOSE
 /* The Espressif sdkconfig will have chipset info.
 **
-** Possible values:
+** Some possible values:
 **
 **   CONFIG_IDF_TARGET_ESP32
 **   CONFIG_IDF_TARGET_ESP32S2
@ -37,7 +41,7 @@
 #define WOLFSSL_ESPIDF
 /*
- * choose ONE of these Espressif chips to define:
+ * ONE of these Espressif chipsets should be defined:
 *
 * WOLFSSL_ESP32
 * WOLFSSL_ESPWROOM32SE
@ -46,8 +50,13 @@
 #undef WOLFSSL_ESPWROOM32SE
 #undef WOLFSSL_ESP8266
 #undef WOLFSSL_ESP32
 /* See below for chipset detection from sdkconfig.h */
-#define WOLFSSL_ESP32
+/* Small session cache saves a lot of RAM for ClientCache and SessionCache.
 * Memory requirement is about 5KB, otherwise 20K is needed when not specified.
 * If extra small footprint is needed, try MICRO_SESSION_CACHE (< 1K)
 * When really desparate, try NO_SESSION_CACHE.  */
 #define SMALL_SESSION_CACHE
 /* optionally turn off SHA512/224 SHA512/256 */
 /* #define WOLFSSL_NOSHA512_224 */
@ -62,6 +71,9 @@
 #define BENCH_EMBEDDED
 #define USE_CERT_BUFFERS_2048
 #define WOLFSSL_SMALL_STACK
 #define HAVE_ECC
 #define RSA_LOW_MEM
 /* TLS 1.3                                 */
 #define WOLFSSL_TLS13
@ -79,7 +91,9 @@
 #define HAVE_AESGCM
-#define WOLFSSL_RIPEMD
+/* Optional RIPEMD: RACE Integrity Primitives Evaluation Message Digest */
 /* #define WOLFSSL_RIPEMD */
 /* when you want to use SHA224 */
 #define WOLFSSL_SHA224
@ -87,24 +101,17 @@
 #define WOLFSSL_SHA384
 /* when you want to use SHA512 */
-#define WOLFSSL_SHA512
+/* #define WOLFSSL_SHA512 */
 /* when you want to use SHA3 */
-#define WOLFSSL_SHA3
+/* #define WOLFSSL_SHA3 */
-#define HAVE_ED25519 /* ED25519 requires SHA512 */
+/* ED25519 requires SHA512 */
 /* #define HAVE_ED25519 */
 #define HAVE_ECC
 #define HAVE_CURVE25519
 #define CURVE25519_SMALL
 #define HAVE_ED25519
 #define OPENSSL_EXTRA
 /* when you want to use pkcs7 */
 /* #define HAVE_PKCS7 */
 #define HAVE_PKCS7
 #if defined(HAVE_PKCS7)
    #define HAVE_AES_KEYWRAP
    #define HAVE_X963_KDF
@ -125,7 +132,7 @@
    /* #define CUSTOM_SLOT_ALLOCATION                              */
 #endif
-/* rsa primitive specific definition */
+/* RSA primitive specific definition */
 #if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
    /* Define USE_FAST_MATH and SMALL_STACK                        */
    #define ESP32_USE_RSA_PRIMITIVE
@ -145,8 +152,6 @@
    #endif
 #endif
 #define RSA_LOW_MEM
 /* #define WOLFSSL_ATECC508A_DEBUG         */
 /* date/time                               */
@ -173,10 +178,6 @@
 /* #undef USE_FAST_MATH          */
 /* #define USE_INTEGER_HEAP_MATH */
 #define WOLFSSL_SMALL_STACK
 #define HAVE_VERSION_EXTENDED_INFO
 /* #define HAVE_WC_INTROSPECTION */
@ -190,7 +191,6 @@
 #define WOLFSSL_CERT_EXT
 #define WOLFSSL_SYS_CA_CERTS
 #define WOLFSSL_CERT_TEXT
 #define WOLFSSL_ASN_TEMPLATE
@ -203,7 +203,7 @@
 #undef  WOLFSSL_SYS_CA_CERTS
 */
-/*
+/* command-line options
 --enable-keygen
 --enable-certgen
 --enable-certreq
@ -211,10 +211,11 @@
 --enable-asn-template
 */
-/* Default is HW enabled unless turned off.
+/* Chipset detection from sdkconfig.h
-** Uncomment these lines to force SW instead of HW acceleration */
+ * Default is HW enabled unless turned off.
-
+ * Uncomment lines to force SW instead of HW acceleration */
 #if defined(CONFIG_IDF_TARGET_ESP32)
    #define WOLFSSL_ESP32
    /* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */
    /*  #define NO_ESP32_CRYPT                 */
    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
@ -232,6 +233,7 @@
    /***** END CONFIG_IDF_TARGET_ESP32 *****/
 #elif defined(CONFIG_IDF_TARGET_ESP32S2)
    #define WOLFSSL_ESP32
    /* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */
    /*  #define NO_ESP32_CRYPT                 */
    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
@ -244,6 +246,7 @@
    /***** END CONFIG_IDF_TARGET_ESP32S2 *****/
 #elif defined(CONFIG_IDF_TARGET_ESP32S3)
    #define WOLFSSL_ESP32
    /* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */
    /*  #define NO_ESP32_CRYPT                         */
    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH            */
@ -257,6 +260,7 @@
 #elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
      defined(CONFIG_IDF_TARGET_ESP8684)
    #define WOLFSSL_ESP32
    /* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
     * single QFN 4x4 mm package. Out of released documentation, Technical
     * Reference Manual as well as ESP-IDF Programming Guide is applicable
@ -282,6 +286,7 @@
    /***** END CONFIG_IDF_TARGET_ESP32C2 *****/
 #elif defined(CONFIG_IDF_TARGET_ESP32C3)
    #define WOLFSSL_ESP32
    /* wolfSSL HW Acceleration supported on ESP32-C3. Uncomment to disable: */
    /*  #define NO_ESP32_CRYPT                 */
@ -299,6 +304,7 @@
    /***** END CONFIG_IDF_TARGET_ESP32C3 *****/
 #elif defined(CONFIG_IDF_TARGET_ESP32C6)
    #define WOLFSSL_ESP32
    /* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */
    /*  #define NO_ESP32_CRYPT                 */
@ -315,6 +321,7 @@
    /***** END CONFIG_IDF_TARGET_ESP32C6 *****/
 #elif defined(CONFIG_IDF_TARGET_ESP32H2)
    #define WOLFSSL_ESP32
    /*  wolfSSL Hardware Acceleration not yet implemented */
    #define NO_ESP32_CRYPT
    #define NO_WOLFSSL_ESP32_CRYPT_HASH
@ -323,15 +330,28 @@
    /***** END CONFIG_IDF_TARGET_ESP32H2 *****/
 #elif defined(CONFIG_IDF_TARGET_ESP8266)
-    /*  TODO: Revisit ESP8266 */
+    #define WOLFSSL_ESP8266
    /* There's no hardware encryption on the ESP8266 */
    /* Consider using the ESP32-C2/C3/C6
     * See https://www.espressif.com/en/products/socs/esp32-c2 */
    #define NO_ESP32_CRYPT
    #define NO_WOLFSSL_ESP32_CRYPT_HASH
    #define NO_WOLFSSL_ESP32_CRYPT_AES
    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
    /***** END CONFIG_IDF_TARGET_ESP266 *****/
 #elif defined(CONFIG_IDF_TARGET_ESP8684)
    /*  There's no Hardware Acceleration available on ESP8684 */
    #define NO_ESP32_CRYPT
    #define NO_WOLFSSL_ESP32_CRYPT_HASH
    #define NO_WOLFSSL_ESP32_CRYPT_AES
    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
    /***** END CONFIG_IDF_TARGET_ESP8684 *****/
 #else
    /* Anything else encountered, disable HW accleration */
    #warning "Unexpected CONFIG_IDF_TARGET_NN value"
    #define NO_ESP32_CRYPT
    #define NO_WOLFSSL_ESP32_CRYPT_HASH
    #define NO_WOLFSSL_ESP32_CRYPT_AES
@ -392,12 +412,75 @@
 #define ATCA_WOLFSSL
 */
-/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
+/***************************** Certificate Macros *****************************
 *
 * The section below defines macros used in typically all of the wolfSSL
 * examples such as the client and server for certs stored in header files.
 *
 * There are various certificate examples in this header file:
 * https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/certs_test.h
 *
 * To use the sets of macros below, define *one* of these:
 *
 *    USE_CERT_BUFFERS_1024  - ECC 1024 bit encoded ASN1
 *    USE_CERT_BUFFERS_2048  - RSA 2048 bit encoded ASN1
 *    WOLFSSL_SM[2,3,4]      - SM Ciphers
 *
 * For example: define USE_CERT_BUFFERS_2048 to use CA Certs used in this
 *  wolfSSL function for the `ca_cert_der_2048` buffer, size and types:
 *
 *     ret = wolfSSL_CTX_load_verify_buffer(ctx,
 *                                          CTX_CA_CERT,
 *                                          CTX_CA_CERT_SIZE,
 *                                          CTX_CA_CERT_TYPE);
 *
 * See https://www.wolfssl.com/documentation/manuals/wolfssl/group__CertsKeys.html#function-wolfssl_ctx_load_verify_buffer
 *
 * In this case the CTX_CA_CERT will be defined as `ca_cert_der_2048` as
 * defined here: https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/certs_test.h
 *
 * The CTX_CA_CERT_SIZE and CTX_CA_CERT_TYPE are similarly used to reference
 * array size and cert type respectively.
 *
 * Similarly for loading the private client key:
 *
 *  ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx,
 *                                          CTX_CLIENT_KEY,
 *                                          CTX_CLIENT_KEY_SIZE,
 *                                          CTX_CLIENT_KEY_TYPE);
 *
 * see https://www.wolfssl.com/documentation/manuals/wolfssl/group__CertsKeys.html#function-wolfssl_ctx_use_privatekey_buffer
 *
 * Similarly, the other macros are for server certificates and keys:
 *   `CTX_SERVER_CERT` and `CTX_SERVER_KEY` are available.
 *
 * The certificate and key names are typically `static const unsigned char`
 * arrays. The [NAME]_size are typically `sizeof([array name])`, and the types
 * are the known wolfSSL encoding type integers (e.g. WOLFSSL_FILETYPE_PEM).
 *
 * See `SSL_FILETYPE_[name]` in
 *   https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/ssl.h
 *
 * See Abstract Syntax Notation One (ASN.1) in:
 *   https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/wolfcrypt/asn.h
 *
 * Optional SM4 Ciphers:
 *
 * Although the SM ciphers are shown here, the `certs_test_sm.h` may not yet
 * be available. See:
 *   https://github.com/wolfSSL/wolfssl/pull/6825
 *   https://github.com/wolfSSL/wolfsm
 *
 * Uncomment these 3 macros to enable the SM Ciphers and use the macros below.
 */
 /*
 #define WOLFSSL_SM2
 #define WOLFSSL_SM3
 #define WOLFSSL_SM4
 */
 /* Conditional macros used in wolfSSL TLS client and server examples */
 #if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
    #include <wolfssl/certs_test_sm.h>
    #define CTX_CA_CERT          root_sm2
@ -413,15 +496,47 @@
    #undef  WOLFSSL_BASE16
    #define WOLFSSL_BASE16
 #else
-    #define USE_CERT_BUFFERS_2048
+    #if defined(USE_CERT_BUFFERS_2048)
-    #define USE_CERT_BUFFERS_256
+        #include <wolfssl/certs_test.h>
        #define CTX_CA_CERT          ca_cert_der_2048
        #define CTX_CA_CERT_SIZE     sizeof_ca_cert_der_2048
        #define CTX_CA_CERT_TYPE     WOLFSSL_FILETYPE_ASN1
        #define CTX_SERVER_CERT      server_cert_der_2048
        #define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
        #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
        #define CTX_SERVER_KEY       server_key_der_2048
        #define CTX_SERVER_KEY_SIZE  sizeof_server_key_der_2048
        #define CTX_SERVER_KEY_TYPE  WOLFSSL_FILETYPE_ASN1
        #define CTX_CLIENT_CERT      client_cert_der_2048
        #define CTX_CLIENT_CERT_SIZE sizeof_client_cert_der_2048
        #define CTX_CLIENT_CERT_TYPE WOLFSSL_FILETYPE_ASN1
        #define CTX_CLIENT_KEY       client_key_der_2048
        #define CTX_CLIENT_KEY_SIZE  sizeof_client_key_der_2048
        #define CTX_CLIENT_KEY_TYPE  WOLFSSL_FILETYPE_ASN1
    #elif defined(USE_CERT_BUFFERS_1024)
        #include <wolfssl/certs_test.h>
        #define CTX_CA_CERT          ca_cert_der_1024
        #define CTX_CA_CERT_SIZE     sizeof_ca_cert_der_1024
        #define CTX_CA_CERT_TYPE     WOLFSSL_FILETYPE_ASN1
        #define CTX_CLIENT_CERT      client_cert_der_1024
        #define CTX_CLIENT_CERT_SIZE sizeof_client_cert_der_1024
        #define CTX_CLIENT_CERT_TYPE WOLFSSL_FILETYPE_ASN1
        #define CTX_CLIENT_KEY       client_key_der_1024
        #define CTX_CLIENT_KEY_SIZE  sizeof_client_key_der_1024
        #define CTX_CLIENT_KEY_TYPE  WOLFSSL_FILETYPE_ASN1
        #define CTX_SERVER_CERT      server_cert_der_1024
        #define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_1024
        #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
        #define CTX_SERVER_KEY       server_key_der_1024
        #define CTX_SERVER_KEY_SIZE  sizeof_server_key_der_1024
        #define CTX_SERVER_KEY_TYPE  WOLFSSL_FILETYPE_ASN1
    #else
        /* Optionally define custom cert arrays, sizes, and types here */
        #error "Must define USE_CERT_BUFFERS_2048 or USE_CERT_BUFFERS_1024"
    #endif
 #endif /* Conditional key and cert constant names */
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c
@ -1,6 +1,6 @@
 /* client-tls.c
 *
- * Copyright (C) 2006-2023 wolfSSL Inc.
+ * Copyright (C) 2006-2024 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
@ -18,7 +18,6 @@
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
 */
 #include "client-tls.h"
 /* Espressif FreeRTOS */
@ -28,13 +27,15 @@
    #include <freertos/event_groups.h>
 #endif
 /* Espressif */
 #include <esp_log.h>
 /* socket includes */
 #include <lwip/netdb.h>
 #include <lwip/sockets.h>
 /* wolfSSL */
 #include <wolfssl/wolfcrypt/settings.h>
 #include "user_settings.h"
 #include <wolfssl/ssl.h>
 #ifdef WOLFSSL_TRACK_MEMORY
@ -50,30 +51,6 @@
    #define DEFAULT_MAX_DHKEY_BITS 2048
 #endif
 #if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
    #include <wolfssl/certs_test_sm.h>
    #define CTX_CA_CERT          root_sm2
    #define CTX_CA_CERT_SIZE     sizeof_root_sm2
    #define CTX_CA_CERT_TYPE     WOLFSSL_FILETYPE_PEM
    #define CTX_CLIENT_CERT      client_sm2
    #define CTX_CLIENT_CERT_SIZE sizeof_client_sm2
    #define CTX_CLIENT_CERT_TYPE WOLFSSL_FILETYPE_PEM
    #define CTX_CLIENT_KEY       client_sm2_priv
    #define CTX_CLIENT_KEY_SIZE  sizeof_client_sm2_priv
    #define CTX_CLIENT_KEY_TYPE  WOLFSSL_FILETYPE_PEM
 #else
    #include <wolfssl/certs_test.h>
    #define CTX_CA_CERT          ca_cert_der_2048
    #define CTX_CA_CERT_SIZE     sizeof_ca_cert_der_2048
    #define CTX_CA_CERT_TYPE     WOLFSSL_FILETYPE_ASN1
    #define CTX_CLIENT_CERT      client_cert_der_2048
    #define CTX_CLIENT_CERT_SIZE sizeof_client_cert_der_2048
    #define CTX_CLIENT_CERT_TYPE WOLFSSL_FILETYPE_ASN1
    #define CTX_CLIENT_KEY       client_key_der_2048
    #define CTX_CLIENT_KEY_SIZE  sizeof_client_key_der_2048
    #define CTX_CLIENT_KEY_TYPE  WOLFSSL_FILETYPE_ASN1
 #endif
 /* Project */
 #include "wifi_connect.h"
 #include "time_helper.h"
@ -87,7 +64,7 @@
 *  -h 192.168.1.128 -v 4 -l TLS13-SM4-CCM-SM3        -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
 *
 **/
-static const char* const TAG = "tls_client";
+#define TAG "client-tls"
 #if defined(DEBUG_WOLFSSL)
 int stack_start = -1;
@ -294,14 +271,14 @@ WOLFSSL_ESP_TASK tls_smp_client_task(void* args)
        ESP_LOGI(TAG, "Set cipher list: %s\n", WOLFSSL_ESP32_CIPHER_SUITE);
    }
    else {
-        ESP_LOGE(TAG, "ERROR: failed to set cipher list: %s\n", WOLFSSL_ESP32_CIPHER_SUITE);
+        ESP_LOGE(TAG, "ERROR: failed to set cipher list: %s\n",
                       WOLFSSL_ESP32_CIPHER_SUITE);
    }
 #endif
 #ifdef DEBUG_WOLFSSL
    ShowCiphers(NULL);
-    ESP_LOGI(TAG,
+    ESP_LOGI(TAG, "Stack used: %d\n",
             "Stack used: %d\n",
                   CONFIG_ESP_MAIN_TASK_STACK_SIZE
                   - uxTaskGetStackHighWaterMark(NULL));
 #endif
@ -328,7 +305,8 @@ WOLFSSL_ESP_TASK tls_smp_client_task(void* args)
                                         CTX_CLIENT_CERT_SIZE,
                                         CTX_CLIENT_CERT_TYPE);
        if (ret_i != SSL_SUCCESS) {
-            ESP_LOGE(TAG, "ERROR: failed to load chain %d, please check the file.\n", ret_i);
+            ESP_LOGE(TAG, "ERROR: failed to load chain %d, "
                          "please check the file.", ret_i);
        }
        /* Load client certificates into WOLFSSL_CTX */
@ -420,10 +398,17 @@ WOLFSSL_ESP_TASK tls_smp_client_task(void* args)
 #endif
    /* Attach wolfSSL to the socket */
-    wolfSSL_set_fd(ssl, sockfd);
+    ret_i = wolfSSL_set_fd(ssl, sockfd);
    if (ret_i == WOLFSSL_SUCCESS) {
        ESP_LOGI(TAG, "wolfSSL_set_fd success");
    }
    else {
        ESP_LOGE(TAG, "ERROR: failed wolfSSL_set_fd. Error: %d\n", ret_i);
    }
    WOLFSSL_MSG("Connect to wolfSSL on the server side");
    /* Connect to wolfSSL on the server side */
    ret_i = wolfSSL_connect(ssl);
    if (wolfSSL_connect(ssl) == SSL_SUCCESS) {
 #ifdef DEBUG_WOLFSSL
        ShowCiphers(ssl);
@ -458,7 +443,8 @@ WOLFSSL_ESP_TASK tls_smp_client_task(void* args)
        printf("%s\n", buff);
        }
    else {
-        ESP_LOGE(TAG, "ERROR: failed to connect to wolfSSL\n");
+        ESP_LOGE(TAG, "ERROR: failed to connect to wolfSSL. "
                      "Error: %d\n", ret_i);
    }
 #ifdef DEBUG_WOLFSSL
    ShowCiphers(ssl);
@ -487,16 +473,28 @@ WOLFSSL_ESP_TASK tls_smp_client_init(void* args)
 #else
    xTaskHandle _handle;
 #endif
-    /* http://esp32.info/docs/esp_idf/html/dd/d3c/group__xTaskCreate.html */
+    /* See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/freertos_idf.html#functions  */
    if (TLS_SMP_CLIENT_TASK_BYTES < (6 * 1024)) {
        /* Observed approximately 6KB limit for the RTOS task stack size.
         * Reminder parameter is bytes, not words as with generic FreeeRTOS. */
        ESP_LOGW(TAG, "Warning: TLS_SMP_CLIENT_TASK_BYTES < 6KB");
    }
 #ifndef WOLFSSL_SMALL_STACK
    ESP_LOGW(TAG, "WARNING: WOLFSSL_SMALL_STACK is not defined. Consider "
                  "defining that to reduce embedded memory usage.");
 #endif
    /* Note that despite vanilla FreeRTOS using WORDS for a parameter,
     * Espressif uses BYTES for the task stack size here: */
    ret = xTaskCreate(tls_smp_client_task,
                      TLS_SMP_CLIENT_TASK_NAME,
-                      TLS_SMP_CLIENT_TASK_WORDS,
+                      TLS_SMP_CLIENT_TASK_BYTES,
                      NULL,
                      TLS_SMP_CLIENT_TASK_PRIORITY,
                      &_handle);
    if (ret != pdPASS) {
-        ESP_LOGI(TAG, "create thread %s failed", TLS_SMP_CLIENT_TASK_NAME);
+        ESP_LOGI(TAG, "Create thread %s failed.", TLS_SMP_CLIENT_TASK_NAME);
    }
    return TLS_SMP_CLIENT_TASK_RET;
 }
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/component.mk
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/component.mk
@ -3,6 +3,6 @@
 #
 # This Makefile can be left empty. By default, it will take the sources in the
 # src/ directory, compile them and link them into lib(subdirectory_name).a
-# in the build directory. This behaviour is entirely configurable,
+# in the build directory. This behavior is entirely configurable,
 # please read the ESP-IDF documents if you need to do this.
 #
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/client-tls.h
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/client-tls.h
@ -1,6 +1,6 @@
-/* server-tls.h
+/* client-tls.h
 *
- * Copyright (C) 2006-2023 wolfSSL Inc.
+ * Copyright (C) 2006-2024 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
@ -18,18 +18,20 @@
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
 */
-#ifndef _SERVER_TLS_
+#ifndef _CLIENT_TLS_H_
-#define _SERVER_TLS_
+#define _CLIENT_TLS_H_
 /* Local project, auto-generated configuration */
 #include "sdkconfig.h"
 #include <wolfssl/wolfcrypt/settings.h>
 #include <wolfssl/ssl.h>
 #include "sdkconfig.h"
 /* See main/Kconfig.projbuild for default configuration settings */
 #ifdef CONFIG_WOLFSSL_TARGET_HOST
    #define TLS_SMP_TARGET_HOST         CONFIG_WOLFSSL_TARGET_HOST
 #else
-    #define TLS_SMP_TARGET_HOST         "192.168.1.38"
+    #define TLS_SMP_TARGET_HOST         "192.168.1.37"
 #endif
 #ifdef CONFIG_WOLFSSL_TARGET_PORT
@ -39,13 +41,20 @@
 #endif
 #define TLS_SMP_CLIENT_TASK_NAME        "tls_client_example"
-#define TLS_SMP_CLIENT_TASK_WORDS       22240
+
 /* Reminder: Vanilla FreeRTOS is words, Espressif is bytes. */
 #if defined(WOLFSSL_ESP8266)
    #define TLS_SMP_CLIENT_TASK_BYTES (6 * 1024)
 #else
    #define TLS_SMP_CLIENT_TASK_BYTES (8 * 1024)
 #endif
 #define TLS_SMP_CLIENT_TASK_PRIORITY    8
 #if defined(SINGLE_THREADED)
    #define WOLFSSL_ESP_TASK int
 #else
-    #include "freertos/FreeRTOS.h"
+    #include <freertos/FreeRTOS.h>
    #define WOLFSSL_ESP_TASK void
 #endif
@ -68,4 +77,5 @@ WOLFSSL_ESP_TASK tls_smp_client_task(void* args);
 #else
    WOLFSSL_ESP_TASK tls_smp_client_init(void* args);
 #endif
 #endif /* _SERVER_TLS_ */
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/main.h
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/main.h
@ -1,6 +1,6 @@
-/* template main.h
+/* wolfssl_client main.h
 *
- * Copyright (C) 2006-2023 wolfSSL Inc.
+ * Copyright (C) 2006-2024 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/time_helper.h
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/time_helper.h
@ -1,5 +1,6 @@
-/*
+/* time_helper.h
- * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
 * Copyright (C) 2006-2024 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
@ -20,8 +21,8 @@
 /* common Espressif time_helper v5.6.3.001 */
-#ifndef _TIME_HELPER_H
+#ifndef _TIME_HELPER_H_
-#define _TIME_HELPER_H
+#define _TIME_HELPER_H_
 /* ESP-IDF uses a 64-bit signed integer to represent time_t starting from release v5.0
 * See: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/system_time.html#year-2036-and-2038-overflow-issues
@ -32,13 +33,13 @@ extern "C" {
 #endif
 /* a function to show the current data and time */
-int esp_show_current_datetime();
+int esp_show_current_datetime(void);
 /* worst case, if GitHub time not available, used fixed time */
 int set_fixed_default_time(void);
 /* set time from string (e.g. GitHub commit time) */
-int set_time_from_string(char* time_buffer);
+int set_time_from_string(const char* time_buffer);
 /* set time from NTP servers,
 * also initially calls set_fixed_default_time or set_time_from_string */
@ -51,4 +52,4 @@ int set_time_wait_for_ntp(void);
 } /* extern "C" */
 #endif
-#endif /* #ifndef _TIME_HELPER_H */
+#endif /* #ifndef _TIME_HELPER_H_ */
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h
@ -21,9 +21,6 @@
 #ifndef _WIFI_CONNECT_H_
 #define _WIFI_CONNECT_H_
 #include <esp_idf_version.h>
 #include <esp_log.h>
 /* ESP lwip */
 #define EXAMPLE_ESP_MAXIMUM_RETRY       CONFIG_ESP_MAXIMUM_RETRY
@ -48,18 +45,53 @@
 * file my_private_config.h should be excluded from git updates */
 /* #define  USE_MY_PRIVATE_CONFIG */
-#ifdef  USE_MY_PRIVATE_CONFIG
+/* Note that IntelliSense may not work properly in the next section for the
 * Espressif SDK 3.4 on the ESP8266. Macros should still be defined.
 * See the project-level Makefile. Example found in:
 * https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples/template
 *
 * The USE_MY_PRIVATE_[OS]_CONFIG is typically an environment variable that
 * triggers the make (not cmake) to add compiler defines.
 */
 #if defined(USE_MY_PRIVATE_WINDOWS_CONFIG)
    #include "/workspace/my_private_config.h"
 #elif defined(USE_MY_PRIVATE_WSL_CONFIG)
    #include "/mnt/c/workspace/my_private_config.h"
 #elif defined(USE_MY_PRIVATE_LINUX_CONFIG)
    #include "~/workspace/my_private_config.h"
 #elif defined(USE_MY_PRIVATE_MAC_CONFIG)
    #include "~/Documents/my_private_config.h"
 #elif defined(USE_MY_PRIVATE_CONFIG)
    /* This section works best with cmake & non-environment variable setting */
    #if defined(WOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS)
        #define WOLFSSL_CMAKE
        #include "/workspace/my_private_config.h"
    #elif defined(WOLFSSL_MAKE_SYSTEM_NAME_WINDOWS)
        #define WOLFSSL_MAKE
        #include "/workspace/my_private_config.h"
    #elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_WSL)
        #define WOLFSSL_CMAKE
        #include "/mnt/c/workspace/my_private_config.h"
    #elif defined(WOLFSSL_MAKE_SYSTEM_NAME_WSL)
        #define WOLFSSL_MAKE
        #include "/mnt/c/workspace/my_private_config.h"
    #elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_LINUX)
        #define WOLFSSL_CMAKE
        #include "~/workspace/my_private_config.h"
    #elif defined(WOLFSSL_MAKE_SYSTEM_NAME_LINUX)
        #define WOLFSSL_MAKE
        #include "~/workspace/my_private_config.h"
    #elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_APPLE)
        #include "~/Documents/my_private_config.h"
    #elif defined(WOLFSSL_MAKE_SYSTEM_NAME_APPLE)
        #define WOLFSSL_MAKE
        #include "~/Documents/my_private_config.h"
    #elif defined(OS_WINDOWS)
        #include "/workspace/my_private_config.h"
    #else
-        #warning "did not detect environment. using ~/my_private_config.h"
+        /* Edit as needed for your private config: */
-        #include "~/my_private_config.h"
+        #warning "default private config using /workspace/my_private_config.h"
        #include "/workspace/my_private_config.h"
    #endif
 #else
@ -70,14 +102,22 @@
    ** If you'd rather not, just change the below entries to strings with
    ** the config you want - ie #define EXAMPLE_WIFI_SSID "mywifissid"
    */
-    #ifdef CONFIG_ESP_WIFI_SSID
+    #if defined(CONFIG_ESP_WIFI_SSID)
        /* tyically from ESP32 with ESP-IDF v4 ot v5 */
        #define EXAMPLE_ESP_WIFI_SSID CONFIG_ESP_WIFI_SSID
    #elif defined(CONFIG_EXAMPLE_WIFI_SSID)
        /* tyically from ESP8266 rtos-sdk/v3.4 */
        #define EXAMPLE_ESP_WIFI_SSID CONFIG_EXAMPLE_WIFI_SSID
    #else
        #define EXAMPLE_ESP_WIFI_SSID "MYSSID_WIFI_CONNECT"
    #endif
-    #ifdef CONFIG_ESP_WIFI_PASSWORD
+    #if defined(CONFIG_ESP_WIFI_PASSWORD)
        /* tyically from ESP32 with ESP-IDF v4 or v5 */
        #define EXAMPLE_ESP_WIFI_PASS CONFIG_ESP_WIFI_PASSWORD
    #elif defined(CONFIG_EXAMPLE_WIFI_SSID)
        /* tyically from ESP8266 rtos-sdk/v3.4 */
        #define EXAMPLE_ESP_WIFI_PASS CONFIG_EXAMPLE_WIFI_PASSWORD
    #else
        #define EXAMPLE_ESP_WIFI_PASS "MYPASSWORD_WIFI_CONNECT"
    #endif
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/main.c
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/main.c
@ -1,6 +1,6 @@
 /* main.c
 *
- * Copyright (C) 2006-2023 wolfSSL Inc.
+ * Copyright (C) 2006-2024 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
@ -27,8 +27,9 @@
 #include <esp_event.h>
 /* wolfSSL */
 /* Always include wolfcrypt/settings.h before any other wolfSSL file.    */
 /* Reminder: settings.h pulls in user_settings.h; don't include it here */
 #include <wolfssl/wolfcrypt/settings.h>
 #include <user_settings.h>
 #include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
 #ifndef WOLFSSL_ESPIDF
    #warning "Problem with wolfSSL user_settings."
@ -44,13 +45,17 @@
     * For wired ethernet, see:
     * https://github.com/wolfSSL/wolfssl-examples/tree/master/ESP32/TLS13-ENC28J60-client */
    #include "wifi_connect.h"
    /*
     * Note ModBus TCP cannot be disabled on ESP8266 tos-sdk/v3.4
     * See https://github.com/espressif/esp-modbus/issues/2
     */
 #endif
 #ifdef WOLFSSL_TRACK_MEMORY
    #include <wolfssl/wolfcrypt/mem_track.h>
 #endif
-static const char* const TAG = "TLS Client";
+static const char* TAG = "main";
 #if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
                                  && defined(WOLFSSL_ATECC508A)
@ -115,7 +120,7 @@ void my_atmel_free(int slotId)
 #endif /* CUSTOM_SLOT_ALLOCATION                                       */
 #endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */
-/* for FreeRTOS */
+/* Entry for FreeRTOS */
 void app_main(void)
 {
    int stack_start = 0;
@ -126,17 +131,25 @@ void app_main(void)
    ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------");
    ESP_LOGI(TAG, "--------------------------------------------------------");
    ESP_LOGI(TAG, "--------------------------------------------------------");
 #ifdef ESP_SDK_MEM_LIB_VERSION
    sdk_init_meminfo();
 #endif
 #ifdef ESP_TASK_MAIN_STACK
    ESP_LOGI(TAG, "ESP_TASK_MAIN_STACK: %d", ESP_TASK_MAIN_STACK);
 #endif
 #ifdef TASK_EXTRA_STACK_SIZE
    ESP_LOGI(TAG, "TASK_EXTRA_STACK_SIZE: %d", TASK_EXTRA_STACK_SIZE);
 #endif
-#ifdef INCLUDE_uxTaskGetStackHighWaterMark
+
 #ifdef SINGLE_THREADED
    ESP_LOGI(TAG, "Single threaded");
 #else
    ESP_LOGI(TAG, "CONFIG_ESP_MAIN_TASK_STACK_SIZE = %d bytes (%d words)",
                   CONFIG_ESP_MAIN_TASK_STACK_SIZE,
             (int)(CONFIG_ESP_MAIN_TASK_STACK_SIZE / sizeof(void*)));
    #ifdef INCLUDE_uxTaskGetStackHighWaterMark
    {
        /* Returns the high water mark of the stack associated with xTask. That is,
         * the minimum free stack space there has been (in bytes not words, unlike
         * vanilla FreeRTOS) since the task started. The smaller the returned
@ -144,9 +157,17 @@ void app_main(void)
         * see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/freertos_idf.html
         */
        stack_start = uxTaskGetStackHighWaterMark(NULL);
-    ESP_LOGI(TAG, "Stack Start HWM: %d bytes", stack_start);
+        #ifdef ESP_SDK_MEM_LIB_VERSION
        {
            sdk_var_whereis("stack_start", &stack_start);
        }
        #endif
        ESP_LOGI(TAG, "Stack Start HWM: %d bytes", stack_start);
    }
    #endif /* INCLUDE_uxTaskGetStackHighWaterMark */
 #endif /* SINGLE_THREADED */
 #ifdef HAVE_VERSION_EXTENDED_INFO
    esp_ShowExtendedSystemInfo();
 #endif
@ -184,11 +205,23 @@ void app_main(void)
    /* Initialize NVS */
    ret = nvs_flash_init();
    #if defined(CONFIG_IDF_TARGET_ESP8266)
    {
        if (ret == ESP_ERR_NVS_NO_FREE_PAGES) {
            ESP_ERROR_CHECK(nvs_flash_erase());
            ret = nvs_flash_init();
        }
    }
    #else
    {
        /* Non-ESP8266 initialization is slightly different */
        if (ret == ESP_ERR_NVS_NO_FREE_PAGES ||
            ret == ESP_ERR_NVS_NEW_VERSION_FOUND) {
            ESP_ERROR_CHECK(nvs_flash_erase());
            ret = nvs_flash_init();
        }
    }
    #endif /* else not CONFIG_IDF_TARGET_ESP8266 */
    ESP_ERROR_CHECK(ret);
    #if defined(CONFIG_IDF_TARGET_ESP32H2)
@ -203,8 +236,8 @@ void app_main(void)
            ESP_LOGI(TAG, "Trying WiFi again...");
            ret = wifi_init_sta();
        }
-    #endif
+    #endif /* else not CONFIG_IDF_TARGET_ESP32H2 */
-#endif
+#endif /* else FOUND_PROTOCOL_EXAMPLES_DIR not found */
    /* Once we are connected to the network, start & wait for NTP time */
    ret = set_time_wait_for_ntp();
@ -216,14 +249,6 @@ void app_main(void)
        esp_show_current_datetime();
    }
    /* HWM is maximum amount of stack space that has been unused, in bytes
     * not words (unlike vanilla freeRTOS). */
    ESP_LOGI(TAG, "Initial Stack Used (before wolfSSL Server): %d bytes",
                   CONFIG_ESP_MAIN_TASK_STACK_SIZE
                   - (uxTaskGetStackHighWaterMark(NULL))
            );
    ESP_LOGI(TAG, "Starting TLS Client task ...\n");
 #if defined(SINGLE_THREADED)
    /* just call the task */
    tls_smp_client_task((void*)NULL);
@ -232,6 +257,19 @@ void app_main(void)
    /* start a thread with the task */
    args[0].loops = 10;
    args[0].port = 11111;
    /* HWM is maximum amount of stack space that has been unused, in bytes
     * not words (unlike vanilla freeRTOS). */
    int this_heap;
    this_heap = esp_get_free_heap_size();
    ESP_LOGI(TAG, "Initial Stack Used (before wolfSSL Server): %d bytes",
                   CONFIG_ESP_MAIN_TASK_STACK_SIZE
                   - (uxTaskGetStackHighWaterMark(NULL))
            );
    ESP_LOGI(TAG, "Starting TLS Client task ...\n");
    ESP_LOGI(TAG, "main tls_smp_client_init heap @ %p = %d",
                  &this_heap, this_heap);
    tls_smp_client_init(args);
 /* optional additional client threads
    tls_smp_client_init(args);
@ -244,6 +282,11 @@ void app_main(void)
 */
 #endif
    /* Done */
 #ifdef SINGLE_THREADED
    ESP_LOGV(TAG, "\n\nDone!\n\n");
    while (1);
 #else
    ESP_LOGV(TAG, "\n\nvTaskDelete...\n\n");
    vTaskDelete(NULL);
    /* done */
@ -255,13 +298,8 @@ void app_main(void)
        ESP_LOGI(TAG, "Stack used: %d", CONFIG_ESP_MAIN_TASK_STACK_SIZE
                                        - (uxTaskGetStackHighWaterMark(NULL) ));
    #endif
 #if defined(SINGLE_THREADED)
        ESP_LOGV(TAG, "\n\nDone!\n\n");
        while (1);
 #else
        vTaskDelay(60000);
-#endif
+    } /* done while */
-    } /* done whle */
+#endif /* else not SINGLE_THREADED */
 } /* app_main */
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/time_helper.c
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/time_helper.c
@ -1,6 +1,6 @@
 /* time_helper.c
 *
- * Copyright (C) 2006-2023 wolfSSL Inc.
+ * Copyright (C) 2006-2024 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
@ -19,12 +19,14 @@
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
 */
-/* common Espressif time_helper v5.6.3.002 */
+/* See https://tf.nist.gov/tf-cgi/servers.cgi */
-#include "esp_idf_version.h"
+
 /* common Espressif time_helper v5.6.6.001 */
 #include "sdkconfig.h"
 #include "time_helper.h"
 #include <esp_log.h>
 #include <esp_idf_version.h>
 #if defined(ESP_IDF_VERSION_MAJOR) && defined(ESP_IDF_VERSION_MINOR)
    #if (ESP_IDF_VERSION_MAJOR == 5) && (ESP_IDF_VERSION_MINOR >= 1)
@ -36,13 +38,12 @@
        #include <esp_sntp.h>
    #endif
 #else
-    /* TODO Consider pre IDF v5? */
+    /* TODO Consider non ESP-IDF environments */
 #endif
 /* ESP-IDF uses a 64-bit signed integer to represent time_t starting from release v5.0
 * See: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/system_time.html#year-2036-and-2038-overflow-issues
 */
 const static char* TAG = "time_helper";
 /* see https://www.gnu.org/software/libc/manual/html_node/TZ-Variable.html */
 #ifndef TIME_ZONE
@ -87,11 +88,13 @@ const static char* TAG = "time_helper";
 char* ntpServerList[NTP_SERVER_COUNT] = NTP_SERVER_LIST;
 const static char* TAG = "time_helper";
 /* our NTP server list is global info */
 extern char* ntpServerList[NTP_SERVER_COUNT];
 /* Show the current date and time */
-int esp_show_current_datetime()
+int esp_show_current_datetime(void)
 {
    time_t now;
    char strftime_buf[64];
@ -104,7 +107,7 @@ int esp_show_current_datetime()
    localtime_r(&now, &timeinfo);
    strftime(strftime_buf, sizeof(strftime_buf), "%c", &timeinfo);
    ESP_LOGI(TAG, "The current date/time is: %s", strftime_buf);
-    return 0;
+    return ESP_OK;
 }
 /* the worst-case scenario is a hard-coded date/time */
@ -113,9 +116,9 @@ int set_fixed_default_time(void)
    /* ideally, we'd like to set time from network,
     * but let's set a default time, just in case */
    struct tm timeinfo = {
-        .tm_year = 2023 - 1900,
+        .tm_year = 2024 - 1900,
-        .tm_mon  = 10,
+        .tm_mon  = 1,
-        .tm_mday = 02,
+        .tm_mday = 05,
        .tm_hour = 13,
        .tm_min  = 01,
        .tm_sec  = 05
@ -130,7 +133,38 @@ int set_fixed_default_time(void)
    ESP_LOGI(TAG, "Adjusting time from fixed value");
    now = (struct timeval){ .tv_sec = interim_time };
    ret = settimeofday(&now, NULL);
    ESP_LOGI(TAG, "settimeofday result = %d", ret);
    return ret;
 }
 /* probably_valid_time_string(s)
 *
 * some sanity checks on time string before calling sscanf()
 *
 * returns 0 == ESP_OK == Success if str is likely a valid time.
 *        -1 == ESP_FAIL otherwise
 */
 int probably_valid_time_string(const char* str)
 {
    int ret = ESP_OK;
    size_t length = 0;
    size_t spaces = 0;
    size_t colons = 0;
    while (str[length] != '\0') {
        if (str[length] == ' ') {
            spaces++;
        }
        if (str[length] == ':') {
            colons++;
        }
        length++;
    }
    if ((length > 32) || (spaces < 4) || (spaces > 5) || (colons > 2)) {
        ret = ESP_FAIL;
        ESP_LOGE(TAG, "ERROR, failed time sanity check: %s", str);
    }
    return ret;
 }
@ -138,20 +172,23 @@ int set_fixed_default_time(void)
 *
 * returns 0 = success if able to set the time from the provided string
 * error for any other value, typically -1 */
-int set_time_from_string(char* time_buffer)
+int set_time_from_string(const char* time_buffer)
 {
    /* expecting github default formatting: 'Thu Aug 31 12:41:45 2023 -0700' */
    char offset[28]; /* large arrays, just in case there's still bad data */
    char day_str[28];
    char month_str[28];
    const char *format = "%3s %3s %d %d:%d:%d %d %s";
    struct tm this_timeinfo;
    struct timeval now;
    time_t interim_time;
    char offset[6]; /* expecting trailing single quote, not used */
    char day_str[4];
    char month_str[4];
    int day, year, hour, minute, second;
    int quote_offset = 0;
    int ret = 0;
    /* perform some basic sanity checkes */
    ret = probably_valid_time_string(time_buffer);
    if (ret == ESP_OK) {
        /* we are expecting the string to be encapsulated in single quotes */
        if (*time_buffer == 0x27) {
            quote_offset = 1;
@ -187,11 +224,14 @@ int set_time_from_string(char* time_buffer)
            ESP_LOGI(TAG, "Time updated to %s", time_buffer);
        }
        else {
-        ESP_LOGE(TAG, "Failed to convert \"%s\" to a tm date.", time_buffer);
+            ESP_LOGE(TAG, "Failed to convert \"%s\" to a tm date.",
-        ESP_LOGI(TAG, "Trying fixed date that was hard-coded.");
+                           time_buffer);
            ESP_LOGI(TAG, "Trying fixed date that was hard-coded....");
            set_fixed_default_time();
-        ret = -1;
+            ret = ESP_FAIL;
        }
    }
    return ret;
 }
@ -224,14 +264,16 @@ int set_time(void)
 #ifdef LIBWOLFSSL_VERSION_GIT_HASH_DATE
    /* initialy set a default approximate time from recent git commit */
-    ESP_LOGI(TAG, "Found git hash date, attempting to set system date.");
+    ESP_LOGI(TAG, "Found git hash date, attempting to set system date: %s",
-    set_time_from_string(LIBWOLFSSL_VERSION_GIT_HASH_DATE);
+                   LIBWOLFSSL_VERSION_GIT_HASH_DATE);
    set_time_from_string(LIBWOLFSSL_VERSION_GIT_HASH_DATE"\0");
    esp_show_current_datetime();
    ret = -4;
 #else
    /* otherwise set a fixed time that was hard coded */
    set_fixed_default_time();
    esp_show_current_datetime();
    ret = -3;
 #endif
@ -262,6 +304,7 @@ int set_time(void)
            }
            ESP_LOGI(TAG, "%s", thisServer);
            sntp_setservername(i, thisServer);
            ret = ESP_OK;
        }
    #ifdef HAS_ESP_NETIF_SNTP
        ret = esp_netif_sntp_init(&config);
@ -289,6 +332,9 @@ int set_time(void)
        ESP_LOGW(TAG, "No sntp time servers found.");
        ret = -1;
    }
    esp_show_current_datetime();
    ESP_LOGI(TAG, "time helper existing with result = %d", ret);
    return ret;
 }
@ -303,6 +349,8 @@ int set_time_wait_for_ntp(void)
    ret = esp_netif_sntp_start();
    ret = esp_netif_sntp_sync_wait(500 / portTICK_PERIOD_MS);
 #else
    ESP_LOGE(TAG, "HAS_ESP_NETIF_SNTP not defined");
 #endif /* HAS_ESP_NETIF_SNTP */
    esp_show_current_datetime();
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c
@ -1,6 +1,6 @@
 /* wifi_connect.c
 *
- * Copyright (C) 2006-2023 wolfSSL Inc.
+ * Copyright (C) 2006-2024 wolfSSL Inc.
 *
 * This file is part of wolfSSL.
 *
@ -20,15 +20,18 @@
 */
 #include "wifi_connect.h"
 /* FreeRTOS */
 #include <freertos/FreeRTOS.h>
 #include <freertos/task.h>
 #include <freertos/event_groups.h>
-#include <esp_wifi.h>
+
 /* Espressif */
 #include <esp_log.h>
 #include <esp_idf_version.h>
 #include <esp_wifi.h>
 /* wolfSSL */
 #include <wolfssl/wolfcrypt/settings.h>
 #include "user_settings.h"
 #include <wolfssl/version.h>
 #include <wolfssl/wolfcrypt/types.h>
 #ifndef WOLFSSL_ESPIDF
@ -36,7 +39,12 @@
    #warning "Check components/wolfssl/include"
 #endif
-#if ESP_IDF_VERSION_MAJOR >= 5
+/* When there's too little heap, WiFi quietly refuses to connect */
 #define WIFI_LOW_HEAP_WARNING 21132
 #if defined(CONFIG_IDF_TARGET_ESP8266)
 #elif ESP_IDF_VERSION_MAJOR >= 5
    /* example path set in cmake file */
 #elif ESP_IDF_VERSION_MAJOR >= 4
    #include "protocol_examples_common.h"
 #else
@ -44,7 +52,9 @@
    static EventGroupHandle_t wifi_event_group;
 #endif
-#if defined(ESP_IDF_VERSION_MAJOR) && defined(ESP_IDF_VERSION_MINOR)
+#if defined(CONFIG_IDF_TARGET_ESP8266)
 #elif defined(ESP_IDF_VERSION_MAJOR) && defined(ESP_IDF_VERSION_MINOR)
    #if ESP_IDF_VERSION_MAJOR >= 4
        /* likely using examples, see wifi_connect.h */
    #else
@ -64,7 +74,114 @@
 /* breadcrumb prefix for logging */
 const static char *TAG = "wifi_connect";
-#if ESP_IDF_VERSION_MAJOR < 4
+#if defined(CONFIG_IDF_TARGET_ESP8266)
 #ifndef CONFIG_ESP_MAX_STA_CONN
    #define CONFIG_ESP_MAX_STA_CONN 4
 #endif
 #define EXAMPLE_MAX_STA_CONN       CONFIG_ESP_MAX_STA_CONN
 #define WIFI_CONNECTED_BIT BIT0
 #define WIFI_FAIL_BIT      BIT1
 #ifndef CONFIG_ESP_MAXIMUM_RETRY
    #define CONFIG_ESP_MAXIMUM_RETRY 5
 #endif
 /* FreeRTOS event group to signal when we are connected*/
 static EventGroupHandle_t s_wifi_event_group;
 static int s_retry_num = 0;
 #define EXAMPLE_ESP_MAXIMUM_RETRY  CONFIG_ESP_MAXIMUM_RETRY
 static void event_handler(void* arg, esp_event_base_t event_base,
                                int32_t event_id, void* event_data)
 {
    if (event_base == WIFI_EVENT && event_id == WIFI_EVENT_STA_START) {
        esp_wifi_connect();
    } else if (event_base == WIFI_EVENT && event_id == WIFI_EVENT_STA_DISCONNECTED) {
        if (s_retry_num < EXAMPLE_ESP_MAXIMUM_RETRY) {
            esp_wifi_connect();
            s_retry_num++;
            ESP_LOGI(TAG, "retry to connect to the AP");
        } else {
            xEventGroupSetBits(s_wifi_event_group, WIFI_FAIL_BIT);
        }
        ESP_LOGI(TAG,"connect to the AP fail");
    } else if (event_base == IP_EVENT && event_id == IP_EVENT_STA_GOT_IP) {
        ip_event_got_ip_t* event = (ip_event_got_ip_t*) event_data;
        ESP_LOGI(TAG, "got ip:%s",
                 ip4addr_ntoa(&event->ip_info.ip));
        s_retry_num = 0;
        xEventGroupSetBits(s_wifi_event_group, WIFI_CONNECTED_BIT);
    }
 }
 int wifi_init_sta(void)
 {
    word32 this_heap;
    s_wifi_event_group = xEventGroupCreate();
    tcpip_adapter_init();
    ESP_ERROR_CHECK(esp_event_loop_create_default());
    wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
    ESP_ERROR_CHECK(esp_wifi_init(&cfg));
    ESP_ERROR_CHECK(esp_event_handler_register(WIFI_EVENT, ESP_EVENT_ANY_ID, &event_handler, NULL));
    ESP_ERROR_CHECK(esp_event_handler_register(IP_EVENT, IP_EVENT_STA_GOT_IP, &event_handler, NULL));
    wifi_config_t wifi_config = {
        .sta = {
            .ssid = EXAMPLE_ESP_WIFI_SSID,
            .password = EXAMPLE_ESP_WIFI_PASS
        },
    };
    /* Setting a password implies station will connect to all security modes including WEP/WPA.
        * However these modes are deprecated and not advisable to be used. Incase your Access point
        * doesn't support WPA2, these mode can be enabled by commenting below line */
    if (strlen((char *)wifi_config.sta.password)) {
        wifi_config.sta.threshold.authmode = WIFI_AUTH_WPA2_PSK;
    }
    ESP_ERROR_CHECK(esp_wifi_set_mode(WIFI_MODE_STA) );
    ESP_ERROR_CHECK(esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) );
    ESP_ERROR_CHECK(esp_wifi_start() );
    ESP_LOGI(TAG, "wifi_init_sta finished. Connecting...");
    this_heap = esp_get_free_heap_size();
    ESP_LOGI(TAG, "this heap = %d", this_heap);
    if (this_heap < WIFI_LOW_HEAP_WARNING) {
        ESP_LOGW(TAG, "Warning: WiFi low heap: %d", WIFI_LOW_HEAP_WARNING);
    }
    /* Waiting until either the connection is established (WIFI_CONNECTED_BIT) or connection failed for the maximum
     * number of re-tries (WIFI_FAIL_BIT). The bits are set by event_handler() (see above) */
    EventBits_t bits = xEventGroupWaitBits(s_wifi_event_group,
            WIFI_CONNECTED_BIT | WIFI_FAIL_BIT,
            pdFALSE,
            pdFALSE,
            portMAX_DELAY);
    ESP_LOGI(TAG, "xEventGroupWaitBits finished.");
    /* xEventGroupWaitBits() returns the bits before the call returned, hence we can test which event actually
     * happened. */
    if (bits & WIFI_CONNECTED_BIT) {
        ESP_LOGI(TAG, "connected to ap SSID:%s",
                 EXAMPLE_ESP_WIFI_SSID);
    } else if (bits & WIFI_FAIL_BIT) {
        ESP_LOGI(TAG, "Failed to connect to SSID:%s, password:%s",
                 EXAMPLE_ESP_WIFI_SSID, EXAMPLE_ESP_WIFI_PASS);
    } else {
        ESP_LOGE(TAG, "UNEXPECTED EVENT");
    }
    ESP_ERROR_CHECK(esp_event_handler_unregister(IP_EVENT, IP_EVENT_STA_GOT_IP, &event_handler));
    ESP_ERROR_CHECK(esp_event_handler_unregister(WIFI_EVENT, ESP_EVENT_ANY_ID, &event_handler));
    vEventGroupDelete(s_wifi_event_group);
    return ESP_OK;
 }
 #elif ESP_IDF_VERSION_MAJOR < 4
 /* event handler for wifi events */
 static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
 {
@ -270,7 +387,8 @@ int wifi_init_sta(void)
 int wifi_show_ip(void)
 {
-    /* ESP_LOGI(TAG, "got ip:" IPSTR, IP2STR(&event->ip_info.ip)); */
+    /* TODO Causes panic: ESP_LOGI(TAG, "got ip:" IPSTR,
-    return 0;
+     * IP2STR(&event->ip_info.ip)); */
    return ESP_OK;
 }
 #endif
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/sdkconfig.defaults
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/sdkconfig.defaults
@ -1,26 +1,15 @@
 # sdkconfig.defaults for ESP8266 + ESP32
 # CONFIG_ESP_PANIC_PRINT_REBOOT is not set
 CONFIG_ESP_PANIC_PRINT_REBOOT=n
 CONFIG_ESP_PANIC_PRINT_HALT=y
 # CONFIG_ESP_HTTP_CLIENT_ENABLE_HTTPS is not set
 CONFIG_ESP_HTTP_CLIENT_ENABLE_HTTPS=n
 CONFIG_FREERTOS_GLOBAL_DATA_LINK_IRAM=y
 CONFIG_HEAP_DISABLE_IRAM=y
 CONFIG_FREERTOS_HZ=1000
 CONFIG_ESP32_DEFAULT_CPU_FREQ_240=y
 #
 # Default main stack size
 #
 # This is typically way bigger than needed for stack size. See user_settings.h
 #
 CONFIG_ESP_MAIN_TASK_STACK_SIZE=55500
 # Legacy stack size for older ESP-IDF versions
 CONFIG_MAIN_TASK_STACK_SIZE=55500
 #
 # Compiler options
 #
 CONFIG_COMPILER_OPTIMIZATION_DEFAULT=y
 CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_ENABLE=y
 CONFIG_COMPILER_OPTIMIZATION_ASSERTION_LEVEL=2
 CONFIG_COMPILER_HIDE_PATHS_MACROS=y
 CONFIG_COMPILER_STACK_CHECK_MODE_NORM=y
 CONFIG_COMPILER_STACK_CHECK=y
 #
 # Partition Table
 #
--- a/IDE/Espressif/ESP-IDF/examples/wolfssl_client/wolfssl_client_ESP8266.vgdbproj
+++ b/IDE/Espressif/ESP-IDF/examples/wolfssl_client/wolfssl_client_ESP8266.vgdbproj
@ -0,0 +1,292 @@
 <?xml version="1.0"?>
 <VisualGDBProjectSettings2 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <Project xsi:type="com.visualgdb.project.external.esp-idf">
    <CustomSourceDirectories>
      <Directories />
      <PathStyle>Unknown</PathStyle>
    </CustomSourceDirectories>
    <AutoProgramSPIFFSPartition>true</AutoProgramSPIFFSPartition>
    <ProjectModeSettings>
      <ProjectGUID>c9687472-a434-43a7-9026-7914f425b9b4</ProjectGUID>
      <GroupSourcesByTypes>true</GroupSourcesByTypes>
      <GroupSourcesByPaths>true</GroupSourcesByPaths>
      <HeaderScanMode>SourceDirs</HeaderScanMode>
    </ProjectModeSettings>
  </Project>
  <Build xsi:type="com.visualgdb.build.external.esp-idf">
    <BuildLogMode xsi:nil="true" />
    <ToolchainID>
      <ID>com.visualgdb.xtensa-lx106-elf</ID>
      <Version>
        <GCC>8.4.0</GCC>
        <GDB>8.1</GDB>
        <Revision>1</Revision>
      </Version>
    </ToolchainID>
    <IDFCheckout>
      <Version>release/v3.4</Version>
      <Subdirectory>rtos-sdk/v3.4</Subdirectory>
      <Type>RTOS_SDK</Type>
    </IDFCheckout>
    <BuildThreadCount>0</BuildThreadCount>
  </Build>
  <CustomBuild>
    <PreSyncActions />
    <PreBuildActions />
    <PostBuildActions />
    <PreCleanActions />
    <PostCleanActions />
  </CustomBuild>
  <CustomDebug>
    <PreDebugActions />
    <PostDebugActions />
    <DebugStopActions />
    <BreakMode>Default</BreakMode>
    <CustomBreakCommand>
      <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
      <RemoteHost>
        <HostName>BuildMachine</HostName>
        <Transport>BuiltinShortcut</Transport>
      </RemoteHost>
      <BackgroundMode xsi:nil="true" />
    </CustomBreakCommand>
  </CustomDebug>
  <DeviceTerminalSettings>
    <Connection xsi:type="com.sysprogs.terminal.connection.serial">
      <ComPortName>COM70</ComPortName>
      <AdvancedSettings>
        <BaudRate>74880</BaudRate>
        <DataBits>8</DataBits>
        <Parity>None</Parity>
        <StopBits>One</StopBits>
        <FlowControl>None</FlowControl>
      </AdvancedSettings>
    </Connection>
    <LastConnectionTime>0</LastConnectionTime>
    <EchoTypedCharacters>false</EchoTypedCharacters>
    <ClearContentsWhenReconnecting>true</ClearContentsWhenReconnecting>
    <ReconnectAutomatically>false</ReconnectAutomatically>
    <DisplayMode>ASCII</DisplayMode>
    <Colors>
      <Background>
        <Alpha>255</Alpha>
        <Red>0</Red>
        <Green>0</Green>
        <Blue>0</Blue>
      </Background>
      <Disconnected>
        <Alpha>255</Alpha>
        <Red>169</Red>
        <Green>169</Green>
        <Blue>169</Blue>
      </Disconnected>
      <Text>
        <Alpha>255</Alpha>
        <Red>211</Red>
        <Green>211</Green>
        <Blue>211</Blue>
      </Text>
      <Echo>
        <Alpha>255</Alpha>
        <Red>144</Red>
        <Green>238</Green>
        <Blue>144</Blue>
      </Echo>
      <Inactive>
        <Alpha>255</Alpha>
        <Red>169</Red>
        <Green>169</Green>
        <Blue>169</Blue>
      </Inactive>
    </Colors>
    <HexSettings>
      <MaximumBytesPerLine>16</MaximumBytesPerLine>
      <ShowTextView>true</ShowTextView>
      <BreaksAroundEcho>true</BreaksAroundEcho>
      <AutoSend>true</AutoSend>
      <SendAsHex>true</SendAsHex>
      <TimeoutForAutoBreak>0</TimeoutForAutoBreak>
    </HexSettings>
    <LineEnding>LF</LineEnding>
    <TreatLFAsCRLF>false</TreatLFAsCRLF>
    <KeepOpenAfterExit>false</KeepOpenAfterExit>
    <ShowAfterProgramming>false</ShowAfterProgramming>
  </DeviceTerminalSettings>
  <CustomShortcuts>
    <Shortcuts />
    <ShowMessageAfterExecuting>true</ShowMessageAfterExecuting>
  </CustomShortcuts>
  <UserDefinedVariables />
  <ImportedPropertySheets />
  <CodeSense>
    <Enabled>True</Enabled>
    <ExtraSettings>
      <HideErrorsInSystemHeaders>true</HideErrorsInSystemHeaders>
      <SupportLightweightReferenceAnalysis>true</SupportLightweightReferenceAnalysis>
      <DiscoverySettings>
        <Mode>Enabled</Mode>
        <SearchInProjectDir>true</SearchInProjectDir>
        <SearchInSourceDirs>true</SearchInSourceDirs>
        <SearchInIncludeSubdirs>true</SearchInIncludeSubdirs>
      </DiscoverySettings>
      <CheckForClangFormatFiles>true</CheckForClangFormatFiles>
      <FormattingEngine xsi:nil="true" />
    </ExtraSettings>
    <CodeAnalyzerSettings>
      <Enabled>false</Enabled>
      <SelectedAnalyzers>
        <string>apiModeling.google.GTest</string>
        <string>core.builtin.BuiltinFunctions</string>
        <string>core.builtin.NoReturnFunctions</string>
        <string>core.CallAndMessage</string>
        <string>core.DivideZero</string>
        <string>core.DynamicTypePropagation</string>
        <string>core.NonnilStringConstants</string>
        <string>core.NonNullParamChecker</string>
        <string>core.NullDereference</string>
        <string>core.StackAddressEscape</string>
        <string>core.UndefinedBinaryOperatorResult</string>
        <string>core.uninitialized.ArraySubscript</string>
        <string>core.uninitialized.Assign</string>
        <string>core.uninitialized.Branch</string>
        <string>core.uninitialized.CapturedBlockVariable</string>
        <string>core.uninitialized.UndefReturn</string>
        <string>core.VLASize</string>
        <string>cplusplus.NewDelete</string>
        <string>cplusplus.NewDeleteLeaks</string>
        <string>cplusplus.SelfAssignment</string>
        <string>deadcode.DeadStores</string>
        <string>nullability.NullPassedToNonnull</string>
        <string>nullability.NullReturnedFromNonnull</string>
        <string>security.insecureAPI.getpw</string>
        <string>security.insecureAPI.gets</string>
        <string>security.insecureAPI.mkstemp</string>
        <string>security.insecureAPI.mktemp</string>
        <string>security.insecureAPI.UncheckedReturn</string>
        <string>security.insecureAPI.vfork</string>
        <string>unix.API</string>
        <string>unix.cstring.BadSizeArg</string>
        <string>unix.cstring.NullArg</string>
        <string>unix.Malloc</string>
        <string>unix.MallocSizeof</string>
        <string>unix.MismatchedDeallocator</string>
        <string>unix.StdCLibraryFunctions</string>
        <string>unix.Vfork</string>
      </SelectedAnalyzers>
      <ExtraArguments>
        <string>-analyzer-store=region</string>
        <string>-analyzer-opt-analyze-nested-blocks</string>
        <string>-analyzer-eagerly-assume</string>
      </ExtraArguments>
    </CodeAnalyzerSettings>
  </CodeSense>
  <Configurations>
    <VisualGDBConfiguration>
      <Name>Debug</Name>
      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.extension">
        <OutputSubdirectory>build/Debug</OutputSubdirectory>
        <SDKConfigFile>sdkconfig-debug</SDKConfigFile>
        <EnableVerboseBuild>false</EnableVerboseBuild>
      </BuildSettingsExtension>
    </VisualGDBConfiguration>
    <VisualGDBConfiguration>
      <Name>Release</Name>
      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.extension">
        <OutputSubdirectory>build/Release</OutputSubdirectory>
        <SDKConfigFile>sdkconfig-release</SDKConfigFile>
        <EnableVerboseBuild>false</EnableVerboseBuild>
      </BuildSettingsExtension>
    </VisualGDBConfiguration>
  </Configurations>
  <ProgramArgumentsSuggestions />
  <Debug xsi:type="com.visualgdb.debug.embedded">
    <AdditionalStartupCommands>
      <GDBPreStartupCommands />
      <GDBStartupCommands />
      <GDBFinalizationCommands />
    </AdditionalStartupCommands>
    <AdditionalGDBSettings>
      <Features>
        <DisableAutoDetection>false</DisableAutoDetection>
        <UseFrameParameter>false</UseFrameParameter>
        <SimpleValuesFlagSupported>false</SimpleValuesFlagSupported>
        <ListLocalsSupported>false</ListLocalsSupported>
        <ByteLevelMemoryCommandsAvailable>false</ByteLevelMemoryCommandsAvailable>
        <ThreadInfoSupported>false</ThreadInfoSupported>
        <PendingBreakpointsSupported>false</PendingBreakpointsSupported>
        <SupportTargetCommand>false</SupportTargetCommand>
        <ReliableBreakpointNotifications>false</ReliableBreakpointNotifications>
      </Features>
      <EnableSmartStepping>false</EnableSmartStepping>
      <FilterSpuriousStoppedNotifications>false</FilterSpuriousStoppedNotifications>
      <ForceSingleThreadedMode>false</ForceSingleThreadedMode>
      <UseAppleExtensions>false</UseAppleExtensions>
      <CanAcceptCommandsWhileRunning>false</CanAcceptCommandsWhileRunning>
      <MakeLogFile>false</MakeLogFile>
      <IgnoreModuleEventsWhileStepping>true</IgnoreModuleEventsWhileStepping>
      <UseRelativePathsOnly>false</UseRelativePathsOnly>
      <ExitAction>None</ExitAction>
      <DisableDisassembly>false</DisableDisassembly>
      <ExamineMemoryWithXCommand>false</ExamineMemoryWithXCommand>
      <StepIntoNewInstanceEntry />
      <ExamineRegistersInRawFormat>true</ExamineRegistersInRawFormat>
      <DisableSignals>false</DisableSignals>
      <EnableAsyncExecutionMode>false</EnableAsyncExecutionMode>
      <AsyncModeSupportsBreakpoints>true</AsyncModeSupportsBreakpoints>
      <TemporaryBreakConsolidationTimeout>0</TemporaryBreakConsolidationTimeout>
      <EnableNonStopMode>false</EnableNonStopMode>
      <MaxBreakpointLimit>0</MaxBreakpointLimit>
      <EnableVerboseMode>true</EnableVerboseMode>
      <EnablePrettyPrinters>false</EnablePrettyPrinters>
    </AdditionalGDBSettings>
    <DebugMethod>
      <ID>openocd</ID>
      <Configuration xsi:type="com.visualgdb.edp.openocd.settings.esp8266">
        <CommandLine>-f interface/ftdi/tigard.cfg -f target/esp8266.cfg</CommandLine>
        <ExtraParameters>
          <Frequency xsi:nil="true" />
          <BoostedFrequency xsi:nil="true" />
          <ConnectUnderReset>false</ConnectUnderReset>
        </ExtraParameters>
        <LoadProgressGUIThreshold>131072</LoadProgressGUIThreshold>
        <ProgramMode>Enabled</ProgramMode>
        <StartupCommands>
          <string>set remotetimeout 60</string>
          <string>target remote :$$SYS:GDB_PORT$$</string>
          <string>mon reset halt</string>
          <string>load</string>
          <string>mon xtensa_no_interrupts_during_steps on</string>
          <string>mon esp8266_autofeed_watchdog on</string>
        </StartupCommands>
        <ProgramFLASHUsingExternalTool>false</ProgramFLASHUsingExternalTool>
        <PreferredGDBPort>0</PreferredGDBPort>
        <PreferredTelnetPort>0</PreferredTelnetPort>
        <AlwaysPassSerialNumber>false</AlwaysPassSerialNumber>
        <SelectedCoreIndex xsi:nil="true" />
        <SuggestionLogicRevision>0</SuggestionLogicRevision>
        <ResetMode>Soft</ResetMode>
        <ProgramSectorSize>4096</ProgramSectorSize>
        <EraseSectorSize>4096</EraseSectorSize>
        <FLASHSettings>
          <Size>size4M</Size>
          <Frequency>freq40M</Frequency>
          <Mode>QIO</Mode>
        </FLASHSettings>
      </Configuration>
    </DebugMethod>
    <AutoDetectRTOS>true</AutoDetectRTOS>
    <SemihostingSupport>Disabled</SemihostingSupport>
    <SemihostingPollingDelay>0</SemihostingPollingDelay>
    <StepIntoEntryPoint>false</StepIntoEntryPoint>
    <ReloadFirmwareOnReset>false</ReloadFirmwareOnReset>
    <ValidateEndOfStackAddress>true</ValidateEndOfStackAddress>
    <StopAtEntryPoint>false</StopAtEntryPoint>
    <EnableVirtualHalts>false</EnableVirtualHalts>
    <DynamicAnalysisSettings />
    <EndOfStackSymbol>_estack</EndOfStackSymbol>
    <TimestampProviderTicksPerSecond>0</TimestampProviderTicksPerSecond>
    <KeepConsoleAfterExit>false</KeepConsoleAfterExit>
    <UnusedStackFillPattern xsi:nil="true" />
    <CheckInterfaceDrivers>true</CheckInterfaceDrivers>
  </Debug>
 </VisualGDBProjectSettings2>
--- a/IDE/Espressif/README.md
+++ b/IDE/Espressif/README.md
@ -156,6 +156,47 @@ Solution:
 Press and hold `EN` button, press and release `IO0` button, then release `EN` button.
 ### Unknown CMake command "esptool_py_flash_project_args".
 This unintuitive error was observed when including an unneeded `set(COMPONENTS` in the project-level CMakeLists.txt
 and attempting to build with an older toolchain, such as the RTOS SDK 3.4 for the ESP8266.
 ### PermissionError: [Errno 13] Permission denied could not open port {}
 This error, other than the obvious permissions, also occurs when the port is in use by another application:
 ```text
 Traceback (most recent call last):
  File "/home/gojimmypi/.espressif/python_env/rtos3.4_py3.10_env/lib/python3.10/site-packages/serial/serialposix.py", line 322, in open
    self.fd = os.open(self.portstr, os.O_RDWR | os.O_NOCTTY | os.O_NONBLOCK)
 PermissionError: [Errno 13] Permission denied: '/dev/ttyS55'
 During handling of the above exception, another exception occurred:
 Traceback (most recent call last):
    [... snip ...]
 raise SerialException(msg.errno, "could not open port {}: {}".format(self._port, msg))
 serial.serialutil.SerialException: [Errno 13] could not open port /dev/ttyS55: [Errno 13] Permission denied: '/dev/ttyS55'
 ```
 ### Panic Task watchdog got triggered.
 Long-running code may trip the watchdog timer.
 ```
 Task watchdog got triggered.
 Guru Meditation Error: Core  0 panic'ed (unknown). Exception was unhandled.
 ```
 The watchdog needs to be [fed](https://docs.espressif.com/projects/esp8266-rtos-sdk/en/latest/api-reference/system/wdts.html?highlight=watchdog#_CPPv418esp_task_wdt_resetv) on a regular basis
 with `void esp_task_wdt_reset(void)` from `esp8266/include/esp_task_wdt.h`.
 Try turning off the WDT in menuconfig, or for Makefiles:
 ```
 EXTRA_CFLAGS += -DNO_WATCHDOG
 ```
 #### Other Solutions
 See also [this ESP-FAQ Handbook](https://docs.espressif.com/projects/esp-faq/en/latest/esp-faq-en-master.pdf)
--- a/IDE/Espressif/include.am
+++ b/IDE/Espressif/include.am
@ -95,6 +95,7 @@ EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/time_hel
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/README.md
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/wolfssl_client_ESP8266.vgdbproj
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.sln
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.vgdbproj
--- a/wolfcrypt/benchmark/benchmark.c
+++ b/wolfcrypt/benchmark/benchmark.c
@ -1476,7 +1476,7 @@ static const char* bench_result_words3[][5] = {
                ESP_LOGI(TAG, "expected_diff       = %llu", expected_diff);
                ESP_LOGI(TAG, "tickBeginDiff       = %lu", tickBeginDiff);
-                ESP_LOGW(TAG, "");
+                ESP_LOGW(TAG,  WOLFSSL_ESPIDF_BLANKLINE_MESSAGE);
            }
            #endif
        }
--- a/wolfcrypt/src/port/Espressif/esp32_mp.c
+++ b/wolfcrypt/src/port/Espressif/esp32_mp.c
@ -2441,14 +2441,14 @@ int esp_mp_mulmod(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* M, MATH_INT_T* Z)
                           esp_mp_mulmod_usage_ct);
            ESP_LOGI(TAG, "esp_mp_mulmod_error_ct = %lu failures",
                           esp_mp_mulmod_error_ct);
-            ESP_LOGI(TAG, "");
+            ESP_LOGI(TAG,  WOLFSSL_ESPIDF_BLANKLINE_MESSAGE);
            esp_show_mp("HW Z", Z); /* this is the HW result */
            esp_show_mp("SW Z2", Z2); /* this is the SW result */
            ESP_LOGI(TAG, "esp_mp_mulmod_usage_ct = %lu tries",
                           esp_mp_mulmod_usage_ct);
            ESP_LOGI(TAG, "esp_mp_mulmod_error_ct = %lu failures",
                           esp_mp_mulmod_error_ct);
-            ESP_LOGI(TAG, "");
+            ESP_LOGI(TAG,  WOLFSSL_ESPIDF_BLANKLINE_MESSAGE);
            #ifndef NO_RECOVER_SOFTWARE_CALC
@ -2991,7 +2991,7 @@ int esp_hw_show_mp_metrics(void)
                  "NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL");
 #else
    /* Metrics: esp_mp_mul() */
-    ESP_LOGI(TAG, ""); /* mul follows */
+    ESP_LOGI(TAG,  WOLFSSL_ESPIDF_BLANKLINE_MESSAGE); /* mul follows */
    ESP_LOGI(TAG, "esp_mp_mul HW acceleration enabled.");
    ESP_LOGI(TAG, "Number of calls to esp_mp_mul: %lu",
                   esp_mp_mul_usage_ct);
@ -3010,7 +3010,7 @@ int esp_hw_show_mp_metrics(void)
                  "NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD");
 #else
    /* Metrics: esp_mp_mulmod() */
-    ESP_LOGI(TAG, ""); /* mulmod follows */
+    ESP_LOGI(TAG,  WOLFSSL_ESPIDF_BLANKLINE_MESSAGE); /* mulmod follows */
    ESP_LOGI(TAG, "esp_mp_mulmod HW acceleration enabled.");
    /* Metrics: esp_mp_mulmod() */
@ -3052,7 +3052,7 @@ int esp_hw_show_mp_metrics(void)
                  "NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD");
 #else
    /* Metrics: sp_mp_exptmod() */
-    ESP_LOGI(TAG, ""); /* exptmod follows */
+    ESP_LOGI(TAG,  WOLFSSL_ESPIDF_BLANKLINE_MESSAGE); /* exptmod follows */
    ESP_LOGI(TAG, "Number of calls to esp_mp_exptmod: %lu",
                   esp_mp_exptmod_usage_ct);
--- a/wolfcrypt/src/port/Espressif/esp32_sha.c
+++ b/wolfcrypt/src/port/Espressif/esp32_sha.c
@ -227,10 +227,13 @@ int esp_sha_init(WC_ESP32SHA* ctx, enum wc_HashType hash_type)
 #if defined(CONFIG_IDF_TARGET_ESP32) || \
    defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
    switch (hash_type) { /* check each wolfSSL hash type WC_[n] */
        #ifndef NO_SHA
        case WC_HASH_TYPE_SHA:
            ctx->sha_type = SHA1; /* assign Espressif SHA HW type */
            ret = esp_sha_init_ctx(ctx);
            break;
        #endif
        case WC_HASH_TYPE_SHA224:
        #if defined(CONFIG_IDF_TARGET_ESP32S2) || \
@ -333,7 +336,6 @@ int esp_sha_init(WC_ESP32SHA* ctx, enum wc_HashType hash_type)
    return ret;
 }
 #ifndef NO_SHAx /* TODO cannot currently turn off SHA */
 /* we'll call a separate init as there's only 1 HW acceleration */
 int esp_sha_init_ctx(WC_ESP32SHA* ctx)
 {
@ -522,6 +524,7 @@ int esp_sha_init_ctx(WC_ESP32SHA* ctx)
                    * We assume all issues handled, above. */
 } /* esp_sha_init_ctx */
 #ifndef NO_SHA
 /*
 ** internal SHA ctx copy for ESP HW
 */
--- a/wolfcrypt/src/port/Espressif/esp32_util.c
+++ b/wolfcrypt/src/port/Espressif/esp32_util.c
@ -482,7 +482,7 @@ int ShowExtendedSystemInfo_config(void)
    show_macro("WOLFSSL_NO_CURRDIR",        STR_IFNDEF(WOLFSSL_NO_CURRDIR));
    show_macro("WOLFSSL_LWIP",              STR_IFNDEF(WOLFSSL_LWIP));
-    ESP_LOGI(TAG, "");
+    ESP_LOGI(TAG,  WOLFSSL_ESPIDF_BLANKLINE_MESSAGE);
 #if defined(CONFIG_COMPILER_OPTIMIZATION_DEFAULT)
    ESP_LOGI(TAG, "Compiler Optimization: Default");
 #elif defined(CONFIG_COMPILER_OPTIMIZATION_SIZE)
@ -494,7 +494,7 @@ int ShowExtendedSystemInfo_config(void)
 #else
    ESP_LOGI(TAG, "Compiler Optimization: Unknown");
 #endif
-    ESP_LOGI(TAG, "");
+    ESP_LOGI(TAG,  WOLFSSL_ESPIDF_BLANKLINE_MESSAGE);
    return ESP_OK;
 }
@ -629,7 +629,7 @@ int ShowExtendedSystemInfo(void)
 #ifdef INCLUDE_uxTaskGetStackHighWaterMark
    ESP_LOGI(TAG, "Stack HWM: %d", uxTaskGetStackHighWaterMark(NULL));
 #endif
-    ESP_LOGI(TAG, "");
+    ESP_LOGI(TAG,  WOLFSSL_ESPIDF_BLANKLINE_MESSAGE);
    ShowExtendedSystemInfo_config();
    ShowExtendedSystemInfo_git();
@ -665,7 +665,7 @@ int esp_show_mp_attributes(char* c, MATH_INT_T* X)
        ESP_LOGV(MP_TAG, "esp_show_mp_attributes called with X == NULL");
    }
    else {
-        ESP_LOGI(MP_TAG, "");
+        ESP_LOGI(MP_TAG,  WOLFSSL_ESPIDF_BLANKLINE_MESSAGE);
        ESP_LOGI(MP_TAG, "%s.used = %d;", c, X->used);
 #if defined(WOLFSSL_SP_INT_NEGATIVE) || defined(USE_FAST_MATH)
        ESP_LOGI(MP_TAG, "%s.sign = %d;", c, X->sign);
@ -717,7 +717,7 @@ int esp_show_mp(char* c, MATH_INT_T* X)
                                   i  /* the index, again, for comment   */
                     );
        }
-        ESP_LOGI(MP_TAG, "");
+        ESP_LOGI(MP_TAG,  WOLFSSL_ESPIDF_BLANKLINE_MESSAGE);
    }
    return ret;
 }
--- a/wolfcrypt/src/sha256.c
+++ b/wolfcrypt/src/sha256.c
@ -105,7 +105,7 @@ on the specific device platform.
 #endif
 #ifdef WOLFSSL_ESPIDF
-    /* Define the ESP_LOGx(TAG, "" value for output messages here.
+    /* Define the ESP_LOGx(TAG,  WOLFSSL_ESPIDF_BLANKLINE_MESSAGE value for output messages here.
    **
    ** Beware of possible conflict in test.c (that one now named TEST_TAG)
    */
--- a/wolfcrypt/src/sha512.c
+++ b/wolfcrypt/src/sha512.c
@ -39,11 +39,8 @@
     * By default the HW acceleration is on for ESP32 Chipsets,
     * but individual components can be turned off. See user_settings.h
     */
    #define TAG "wc_sha_512"
    #define WOLFSSL_USE_ESP32_CRYPT_HASH_HW
    #if !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384) && \
        !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
        static const char* TAG = "wc_sha_512";
    #endif
 #else
    #undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
 #endif
--- a/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h
+++ b/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h
@ -44,6 +44,13 @@
 #include <esp_types.h>
 #include <esp_log.h>
 #if ESP_IDF_VERSION_MAJOR >= 4
    #define WOLFSSL_ESPIDF_BLANKLINE_MESSAGE ""
 #else
    /* Older ESP-IDF such as that for ESP8266 do not support empty strings */
    #define WOLFSSL_ESPIDF_BLANKLINE_MESSAGE "."
 #endif
 /* exit codes to be used in tfm.c, sp_int.c, integer.c, etc.
 *
 * see wolfssl/wolfcrypt/error-crypt.h
@ -521,6 +528,8 @@ extern "C"
 #ifndef NO_AES
    #if ESP_IDF_VERSION_MAJOR >= 4
        #include "esp32/rom/aes.h"
    #elif defined(CONFIG_IDF_TARGET_ESP8266)
        /* no hardware includes for ESP8266*/
    #else
        #include "rom/aes.h"
    #endif