wolfSSL layer for OpenEmbedded and Yocto, containing product recipes, examples, and bbappend files.
Clone or download
JacobBarthelmeh Merge pull request #5 from cconlon/yoctoupdates
update wolfssl and examples to 3.15.7 release
Latest commit 17425e5 Dec 27, 2018

README.md

meta-wolfssl

This layer provides both Yocto and OpenEmbedded recipes for wolfSSL products and examples, as well as bbappend files for configuring common open source packages and projects with support for wolfSSL.

This layer currently provides recipes for the following wolfSSL products:

This layer currently provides bbappend files for the following open source projects:

The wolfSSL library recipe is also included in the openembedded meta-networking layer, located here.

wolfSSL is a lightweight SSL/TLS library written in C and targeted at embedded and RTOS environments - primarily because of its small size, speed, and feature set. With common build sizes between 20-100kB, it is typically up to 20 times smaller than OpenSSL. Other feature highlights include support for TLS 1.3 and DTLS 1.2, full client and server support, abstraction layers for easy porting, CRL and OCSP support, key and cert generation, support for hardware cryptography modules, and much more. For a full feature list, please visit the wolfSSL product page.

Setup

Clone meta-wolfssl onto your machine:

git clone https://github.com/wolfSSL/meta-wolfssl.git

After installing your build's YoctoProject/OpenEmbedded components:

  1. Insert the 'meta-wolfssl' layer location into your build's bblayers.conf file, in the BBLAYERS section:

    BBLAYERS ?= " \
        ...
        /path/to/yocto/poky/meta-wolfssl \
        ...
    "
    
  2. Once the 'meta-wolfssl' layer has been added to your BBLAYERS collection, you can build the individual product recipes to make sure they compile successfully:

    $ bitbake wolfssl
    $ bitbake wolfssh
    $ bitbake wolfmqtt
    
  3. Edit your build's local.conf file to install the libraries you would like included (ie: wolfssl, wolfssh, wolfmqtt) by adding a IMAGE_INSTALL_append line:

    IMAGE_INSTALL_append = "wolfssl wolfssh wolfmqtt"
    

Once your image has been built, the default location for the wolfSSL library on your machine will be in the '/usr/lib' directory.

Customizing the wolfSSL Library Configuration

Custom applications that use wolfSSL libraries may wish to enable or disable specific Autoconf/configure options when the library is compiled. This can be done through the use of an application-specific .bbappend file for the wolfSSL library.

For example, if your application wanted TLS 1.3 support compiled into the wolfSSL library, you would want to create a .bbappend file for wolfSSL in your application recipe/layer, ie:

wolfssl_%.bbappend

Inside this .bbappend file, you can use the EXTRA_OECONF variable to add additional configure options to the wolfSSL library build. For enabling TLS 1.3 this would be:

EXTRA_OECONF += "--enable-tls13"

Make sure this .bbappend file gets picked up when bitbake is compiling your application.

Example Application Recipes

Several wolfSSL example appliation recipes are included in this layer. These include:

  • wolfCrypt test application (depends on wolfssl)
  • wolfCrypt benchmark application (depends on wolfssl)

The recipes for these applications are located at:

meta-wolfssl/recipes-examples/wolfcrypt/wolfcrypttest/wolfcrypttest.bb
meta-wolfssl/recipes-examples/wolfcrypt/wolfcryptbenchmark/wolfcryptbenchmark.bb

These can be compiled individually with bitbake:

$ bitbake wolfcrypttest
$ bitbake wolfcryptbenchmark

To install these applications into your image, you will need to edit your 'build/conf/local.conf' file and add them to the 'IMAGE_INSTALL_append' variable. For example, to install the wolfSSL, wolfSSH, and wolfMQTT libraries in addition to the wolfCrypt test and benchmark applications:

IMAGE_INSTALL_append = "wolfssl wolfssh wolfmqtt wolfcrypttest wolfcryptbenchmark"

When your image builds, these will be installed to the '/usr/bin' system directory. When inside your executing image, you can run them from the terminal.

Excluding Recipe from Build

Recipes can be excluded from your build by deleting their respective '.bb' file, or by deleting the recipe directory.

Maintenance

Layer maintainer: Chris Conlon (chris@wolfssl.com)

https://www.wolfssl.com

License

wolfSSL is open source and dual licensed under both the GPLv2 and a standard commercial license. For commercial license questions, please contact wolfSSL at licensing@wolfssl.com. For product support inquiries please contact support@wolfssl.com.