In the embedded project, in order to realize a small function, an openssl is referenced. The compiled firmware is too large and the flash cannot be installed. While wolfssl satisfies the basic needs, it can greatly reduce the size of the firmware. Wolfssl was previously called cyassl, and it provides an embedded ssl/tls library for embedded and rtos environments. It has full client and server support, mutual authentication, and can be used on various platforms, and it is very easy to compile.
In addition to the native API of wolfssl, wolfssl also provides an openssl compatibility header file wolfssl/openssl/ssl.h to simplify the conversion to using wolfssl or to help port existing openssl applications to wolfssl. The openssl compatibility layer maps a subset of the most commonly used openssl commands to wolfssl's native API functions. In this way, openssl can be easily replaced by wolfssl in an application or project without changing a lot of code.
1. Download
Address: https://www.wolfssl.com/download/
Or use: https://www.softpedia.com/get/Programming/Components-Libraries/CyaSSL.shtml#download
2. Compile
After entering the directory, we mkdir a directory, which is used to generate the path of header files and lib after compilation;
After that we need to execute configure, the purpose of executing configure is to generate Makefile. Configure can be followed by many options, such as specifying the compilation chain, installation path, static library or dynamic library, etc. Specific instructions can be executed./configure -help. One needs to use the -host option to indicate the cross-compilation chain.
./configure --prefix=$(pwd)/ISVP --host=mips-linux-uclibc --enable-openssh --enable-tlsv10 --enable-static --disable-shared CC=/opt/mips-gcc472-glibc216-64bit/bin/mips-linux-uclibc-gnu-gcc CXX=/opt/mips-gcc472-glibc216-64bit/bin/mips-linux-uclibc-gnu-g++ --without-zlib --with-pic=nomake
make install
You can get the corresponding header files and static libraries in the directory you built
3. Application
We know that libcurl needs to rely on openssl to support HTTPS, so we directly use wolfssl to replace openssl. This replacement does not need to change any code interface, so it is very convenient to use.
Libcurl depends on wolfssl, the method of compiling libcurl is the same as the following description: https://blog.csdn.net/Swallow_he/article/details/98478466
After that, we used HTTPClient to access the encrypted HTTPServer (https access) and found that all functions were normal.