feature request: wolfSSL support

[benny-de]

On embedded devices like OpenWRT wifi routers is often not much free space e.g. 1,2 MB. OpenWRT switched to wolfSSL. Yes, you can install openssl too or instead of wolfssl on openwrt devices, but with 1,2 MB free space it is a problem. So it would be nice if acme.sh could support wolfSSL too. Thank you very much.

[Neilpang]

does the wolfssl have a cli ? just like the openssl command.

[benny-de]

openwrt installs these wolfssl packages:

"# opkg list-installed |grep wolfssl" libustream-wolfssl20201210 - 2022-12-08-9217ab46-2 libwolfssl5.5.4.ee39414e - 5.5.4-stable-1 px5g-wolfssl - 6.2 wpad-basic-wolfssl - 2022-01-16-cff80b4f-15.2

=> "# px5g" PX5G X.509 Certificate Generator Utilit using WolfSSL Usage: [eckey|rsakey|selfsigned]

https://openwrt.org/packages/pkgdata/px5g-wolfssl https://github.com/openwrt/openwrt/blob/openwrt-21.02/package/utils/px5g-wolfssl/px5g-wolfssl.c

maybe this could help?

there is https://github.com/wolfSSL/wolfCLU#readme but this is not part of openwrt default image.

[prologic]

There is a CLI for wolfSSL: https://github.com/wolfSSL/wolfCLU#readme

[prologic]

It is involved as wolfssl

[prologic]

Is anyone interested in this? I've successfully built a package for uLinux for the wolfssl CLI so I'm thinking about seeing if I can hack acme.sh to work with wolfssl.

[prologic]

So one thing I've immediately noticed is that wolfssl lacks a ec mode, however it does have ecc. It also doesn't have a -text option. I'm not sure it can display a human-readable version of a private key?

[Neilpang]

Is anyone interested in this? I've successfully built a package for uLinux for the wolfssl CLI so I'm thinking about seeing if I can hack acme.sh to work with wolfssl.

Yes, search for the functions that are using openssl command inside, if you can implement them all with wolfssl command, then that should work.