wolfCLU Command Line Utility

wolfCLU is wolfSSL’s portable command line utility. It is backed by the best-tested crypto using wolfCrypt and can make use of FIPS builds with wolfSSL. wolfCLU handles common cryptographic operations, such as certificate parsing and key generation, for easier usage than writing an application from scratch. You can download wolfCLU on Github today for use with the wolfSSL embedded SSL/TLS library!

Possible uses

  • Create certificates and certificate requests
  • Create hash digests
  • Create private/public keys
  • More to come...

wolfCLU is ideal for customers who want to do simple crypto operations without writing an application. It is also an excellent option for users who have an environment without OpenSSL installed, but would still like a command line utility.

Download Now

Version: 0.1.5
Release Date: 12/22/2023
View ChangeLog


  • wolfSSL-owned IP
  • Direct support from engineers
  • FIPS-tested crypto
  • Support for ED25519
  • Progressive list of supported ciphers
  • Key and Certificate generation
  • Support Available

Lightweight and Portable

  • Compact code size and portability
  • Autoconf for portability


  • Support for ED25519 sign and verify
  • Encrypt a file and store it locally on your computer
  • Decrypt a file after it has been encrypted, or send it via email to a recipient who can decrypt it (if they know the password and encryption algorithm)
  • Hash a single file (i.e. a zip archive) for verification
  • Benchmark the currently configured algorithms
  • X509 parsing and print out

About wolfCLU

wolfCLU is a utility application that can be run from the command line. This allows users to perform common operations without having to write their own code for it. An example would be creating a hash digest of a file.

Platform and Language Support

wolfCLU is built for maximum portability and is generally very easy to compile on new platforms.  If your desired platform is not listed under the supported operating environments, please contact us.

wolfCLU supports the C programming language as a primary interface. If you have interest in using wolfCLU in another programming language that is not currently supported, please contact us.

Hardware encryption and acceleration

Because wolfCLU is powered by wolfCrypt, wolfCLU has access to all the platforms with hardware cryptography/acceleration that are supported by wolfCrypt. To see the list of platforms, please see our hardware cryptography support page.


For benchmarking information or data, please visit our Benchmark page or contact us for more information.


  • Multiple Hash Functions: MD5, SHA, SHA-224, SHA-256, SHA-384, SHA-512, base64enc, base64dec
  • Block Ciphers: AES (CBC, CTR), 3DES (CBC)
  • Public Key Algorithms: RSA, ECC, ED25519
  • RSA, ECC, and ED25519 key generation
  • PKCS#12 (Certificate/Personal Information Exchange Syntax Standard) support
  • Random byte generation in raw or base64 form
  • Certificate request creation
  • Self-signed certificate creation
  • Basic TLS connection supported
  • X509 certificate verification
  • CRL parsing and verification

Supported Chipmakers

  • wolfSSL has support for chipsets including ARM, Intel, Motorola, mbed,  Freescale, Microchip (PIC32), STMicro (STM32F2/F4), NXP Analog Devices, Texas Instruments, AMD, and more.
  • If you would like to use or test wolfCLU on another chipset, let us know and we’ll be happy to support you.

Supported Operating Environments

  • Linux, Mac OS X, FreeBSD, NetBSD, OpenBSD, embedded Linux, Yocto Linux, PetaLinux, and more.
  • If you would like to test wolfCLU on another environment, let us know and we’ll be happy to support you