Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feature request: wolfSSL support #4537

Open
benny-de opened this issue Mar 4, 2023 · 7 comments
Open

feature request: wolfSSL support #4537

benny-de opened this issue Mar 4, 2023 · 7 comments

Comments

@benny-de
Copy link

benny-de commented Mar 4, 2023

On embedded devices like OpenWRT wifi routers is often not much free space e.g. 1,2 MB.
OpenWRT switched to wolfSSL. Yes, you can install openssl too or instead of wolfssl on openwrt devices, but with 1,2 MB free space it is a problem.
So it would be nice if acme.sh could support wolfSSL too.
Thank you very much.

@acmesh-official acmesh-official deleted a comment from github-actions bot Mar 4, 2023
@Neilpang
Copy link
Member

Neilpang commented Mar 4, 2023

does the wolfssl have a cli ? just like the openssl command.

@benny-de
Copy link
Author

benny-de commented Mar 4, 2023

openwrt installs these wolfssl packages:

"# opkg list-installed |grep wolfssl"
libustream-wolfssl20201210 - 2022-12-08-9217ab46-2
libwolfssl5.5.4.ee39414e - 5.5.4-stable-1
px5g-wolfssl - 6.2
wpad-basic-wolfssl - 2022-01-16-cff80b4f-15.2

=> "# px5g"
PX5G X.509 Certificate Generator Utilit using WolfSSL
Usage: [eckey|rsakey|selfsigned]

https://openwrt.org/packages/pkgdata/px5g-wolfssl
https://github.com/openwrt/openwrt/blob/openwrt-21.02/package/utils/px5g-wolfssl/px5g-wolfssl.c

maybe this could help?

there is https://github.com/wolfSSL/wolfCLU#readme
but this is not part of openwrt default image.

@prologic
Copy link

There is a CLI for wolfSSL: https://github.com/wolfSSL/wolfCLU#readme

@prologic
Copy link

It is involved as wolfssl

@Neilpang Neilpang pinned this issue Dec 17, 2024
@prologic
Copy link

Is anyone interested in this? I've successfully built a package for uLinux for the wolfssl CLI so I'm thinking about seeing if I can hack acme.sh to work with wolfssl.

@prologic
Copy link

So one thing I've immediately noticed is that wolfssl lacks a ec mode, however it does have ecc. It also doesn't have a -text option. I'm not sure it can display a human-readable version of a private key?

@Neilpang
Copy link
Member

Is anyone interested in this? I've successfully built a package for uLinux for the wolfssl CLI so I'm thinking about seeing if I can hack acme.sh to work with wolfssl.

Yes, search for the functions that are using openssl command inside, if you can implement them all with wolfssl command, then that should work.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants