Skip to content
wolfSSL layer for OpenEmbedded and Yocto, containing product recipes, examples, and bbappend files.
C Other
  1. C 99.2%
  2. Other 0.8%
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
recipes-examples/wolfcrypt Updates to bench/test apps. Oct 30, 2019
recipes-wolfssl update wolfSSH to 1.4.3, add space to layer.conf Nov 7, 2019
COPYING initial meta-wolfssl repo Jun 30, 2014


This layer provides both Yocto and OpenEmbedded recipes for wolfSSL products and examples, as well as bbappend files for configuring common open source packages and projects with support for wolfSSL.

This layer currently provides recipes for the following wolfSSL products:

This layer currently provides bbappend files for the following open source projects:

The wolfSSL library recipe is also included in the openembedded meta-networking layer, located here.

wolfSSL is a lightweight SSL/TLS library written in C and targeted at embedded and RTOS environments - primarily because of its small size, speed, and feature set. With common build sizes between 20-100kB, it is typically up to 20 times smaller than OpenSSL. Other feature highlights include support for TLS 1.3 and DTLS 1.2, full client and server support, abstraction layers for easy porting, CRL and OCSP support, key and cert generation, support for hardware cryptography modules, and much more. For a full feature list, please visit the wolfSSL product page.


Clone meta-wolfssl onto your machine:

git clone

After installing your build's YoctoProject/OpenEmbedded components:

  1. Insert the 'meta-wolfssl' layer location into your build's bblayers.conf file, in the BBLAYERS section:

    BBLAYERS ?= " \
        /path/to/yocto/poky/meta-wolfssl \
  2. Once the 'meta-wolfssl' layer has been added to your BBLAYERS collection, you can build the individual product recipes to make sure they compile successfully:

    $ bitbake wolfssl
    $ bitbake wolfssh
    $ bitbake wolfmqtt
    $ bitbake wolftpm
  3. Edit your build's local.conf file to install the libraries you would like included (ie: wolfssl, wolfssh, wolfmqtt, wolftpm) by adding a IMAGE_INSTALL_append line:

    IMAGE_INSTALL_append = "wolfssl wolfssh wolfmqtt wolftpm"

Once your image has been built, the default location for the wolfSSL library on your machine will be in the '/usr/lib' directory.

Note: If you need to install the development headers for these libraries, you will want to use the "-dev" variant of the package. For example, to install both the wolfSSL library and headers into your image, use "wolfssl-dev" along with IMAGE_INSTALL_append, ie:

IMAGE_INSTALL_append = "wolfssl-dev"

After building your image, you will find wolfSSL headers in the "/usr/include" directory.

Customizing the wolfSSL Library Configuration

Custom applications that use wolfSSL libraries may wish to enable or disable specific Autoconf/configure options when the library is compiled. This can be done through the use of an application-specific .bbappend file for the wolfSSL library.

For example, if your application wanted TLS 1.3 support compiled into the wolfSSL library, you would want to create a .bbappend file for wolfSSL in your application recipe/layer, ie:


Inside this .bbappend file, you can use the EXTRA_OECONF variable to add additional configure options to the wolfSSL library build. For enabling TLS 1.3 this would be:

EXTRA_OECONF += "--enable-tls13"

Make sure this .bbappend file gets picked up when bitbake is compiling your application.

Example Application Recipes

Several wolfSSL example application recipes are included in this layer. These include:

  • wolfCrypt test application (depends on wolfssl)
  • wolfCrypt benchmark application (depends on wolfssl)

The recipes for these applications are located at:


These can be compiled individually with bitbake:

$ bitbake wolfcrypttest
$ bitbake wolfcryptbenchmark

To install these applications into your image, you will need to edit your 'build/conf/local.conf' file and add them to the 'IMAGE_INSTALL_append' variable. For example, to install the wolfSSL, wolfSSH, and wolfMQTT libraries in addition to the wolfCrypt test and benchmark applications:

IMAGE_INSTALL_append = "wolfssl wolfssh wolfmqtt wolftpm wolfcrypttest wolfcryptbenchmark"

When your image builds, these will be installed to the '/usr/bin' system directory. When inside your executing image, you can run them from the terminal.

Excluding Recipe from Build

Recipes can be excluded from your build by deleting their respective '.bb' file, or by deleting the recipe directory.


Layer maintainer: Chris Conlon (


wolfSSL is open source and dual licensed under both the GPLv2 and a standard commercial license. For commercial license questions, please contact wolfSSL at For product support inquiries please contact

You can’t perform that action at this time.