CPU-Accelerated Cryptography on OpenWRT Using wolfSSL

OpenWRT is a customizable open-source firmware for wireless routers and embedded devices, offering extensive flexibility and control over network configurations. For those looking to enhance their device’s security capabilities with efficient cryptographic operations, integrating wolfSSL with CPU acceleration presents an excellent option. This setup is optimized for devices compatible with x86 and armv8 architectures, ensuring enhanced performance where it matters most.

Setting Up wolfSSL with CPU Acceleration

When configuring OpenWRT, incorporating wolfSSL with CPU acceleration is straightforward.

  1. Initiate the Configuration Process: Begin with the make menuconfig command to open the OpenWRT configuration menu and select a compatible target device. This assumes you have already met all prerequisites, such as having the correct version of OpenWRT and necessary development tools installed on your system.
  2. Navigate to wolfSSL Options: From the top menu of the OpenWRT Configuration, make your way to wolfSSL by selecting Libraries → SSL. Here, you will encounter two options: libwolfssl and libwolfsslcpu-crypto. For CPU-accelerated cryptography, select libwolfsslcpu-crypto and ensure that libwolfssl is deselected (See Image). If you do not see libwolfsslcpu-crypto your target device may be incompatible or set up wrong in OpenWRT.
  3. Configure wolfSSL Library Settings: Proceed to the wolfSSL Library Configuration submenu to customize the options compatible with the libwolfsslcpu-crypto package.
  4. Save Your Configuration: This will make sure your OpenWRT build environment will compile with wolfSSL’s CPU-accelerated cryptography enabled, enhancing the performance capabilities of your device.

Why CPU Acceleration?

Leveraging CPU acceleration for cryptographic functions with wolfSSL not only improves encryption and decryption speeds but also optimizes processor load, making your device more efficient. To see the advantages of using your compatible device with wolfSSL’s CPU acceleration consider enabling the benchmark package seen in the figure above, and run it when you are in the final image for the device via a call on the command line for wolfssl-benchmark. Share your results with us on X @wolfSSL!

If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now