OpenSSL Compatibility Layer Expansion

As many of our readers know, the wolfSSL embedded SSL/TLS library includes an OpenSSL compatibility layer. This layer makes it easier to replace OpenSSL with wolfSSL in applications that have previously been using OpenSSL.

As wolfSSL is ported into more and more projects that have previously used OpenSSL, our compatibility layer expands.  As new versions of wolfSSL are released, the OpenSSL compatibility layer continues to expand. The following list some recent additions, along with other OpenSSL compatibility layer functions:


  • OpenSSL_add_all_algorithms_noconf()
  • RAND_poll()
  • d2i_X509_fp()
  • X509_check_ca()
  • X509_CRL_free()
  • X509_STORE_add_crl()
  • d2i_X509_CRL_fp()
  • PEM_read()
  • PEM_write()
  • PEM_read_X509_CRL()
  • ASN1_STRING_print_ex()
  • ASN1_TIME_to_generalizedtime()
  • d2i_PKCS12_fp()
  • i2d_RSAPublicKey()
  • d2i_RSAPublicKey()
  • i2c_ASN1_INTEGER()
  • d2i_ECDSA_SIG()
  • i2d_ECDSA_SIG()
  • EVP_DigestVerifyInit()
  • EVP_DigestVerifyUpdate()
  • EVP_DigestVerifyFinal()
  • EVP_PKEY_id()
  • PEM_read_bio_PUBKEY()

There are several reasons that users switch from OpenSSL to wolfSSL, including memory usage, portability, algorithm support, CAVP and FIPS 140-2 validations, and the availability of excellent commercial support.  To learn more about the advantages of using wolfSSL, visit our page on “wolfSSL vs. OpenSSL”.

If you have any questions about using wolfSSL in your application, or replacing OpenSSL with wolfSSL, please reach out to our support team at!