Hi,
Minimizing wolfSSL build sizes depends on what protocols, ciphers, and cipher suites you are looking to use. Using the --enable-small build option will give you a fully working wolfSSL client and server, but several features will be disabled. Currently --enable-small disables the following features:
TLS, HMAC, AES, 3DES, SHA-256, Error Strings, HC-128, RABBIT, PSK, DSA, and DH
If you are only going to be using client functionality, the server parts can be disabled by defining NO_CYASSL_SERVER. See the "Building wolfSSL" document (sections III and V) for a list of build options and defines. For certificate verification, wolfSSL verifies all certificates internally by default unless it is turned off, but the files needed shouldn't change.
What's the philosophy of the minimal build - how does OpenWRT's idea of minimal differ from the configure option?
I'm not positive of the configuration used in the OpenWrt example, but the standard build size with a client and server functionality on an embedded platform is usually <= 60k.
Regards,
Chris