WolfSSL not compatible with LWS due to missing SSL_CTX_use_certificate_ASN1

[kdowney-lot49]

Error:

[build] /workspaces/iggy-cpp-client/build/libwebsockets/src/lws/lib/tls/openssl/openssl-client.c:1100:21: error: implicit declaration of function 'SSL_CTX_use_certificate_ASN1'; did you mean 'SSL_CTX_use_certificate_file'? [-Werror=implicit-function-declaration]
[build]  1100 |                 n = SSL_CTX_use_certificate_ASN1(vh->tls.ssl_client_ctx,
[build]       |                     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
[build]       |                     SSL_CTX_use_certificate_file

In WolfSSL the OpenSSL compatibility layer is incomplete, and this is one of the missing functions. You need to load the certificate from a file or wolfSSL_CTX_use_certificate_buffer and pass SSL_FILETYPE_ASN1 to specify ASN.1 format certificates.

Versions:

• CMake 3.22.1
• gcc 11.4.0
• Ubuntu 22.04
• WolfSSL 5.6.6 built from vcpkg
• LWS v4.3.3 from GitHub
• args: -DLWS_WITH_WOLFSSL=1 -DLWS_WOLFSSL_INCLUDE_DIRS=${WOLFSSL_INCLUDE_DIR} -DLWS_WOLFSSL_LIBRARIES=${WOLFSSL_INSTALL_DIR}/lib

[ljluestc]

#include <wolfssl/options.h>
#include <wolfssl/ssl.h>

/*
 * Use WolfSSL function to load certificate from a buffer
 */
int load_certificate_from_buffer(WOLFSSL_CTX *ctx, const unsigned char *cert, size_t cert_len) {
    if (wolfSSL_CTX_use_certificate_buffer(ctx, cert, cert_len, SSL_FILETYPE_ASN1) != SSL_SUCCESS) {
        fprintf(stderr, "Failed to load certificate\n");
        return -1;
    }
    return 0;
}

/* Updated function call for loading certificate */
int setup_tls_certificate(vh_t *vh) {
    int n;

    /* Replace SSL_CTX_use_certificate_ASN1 with wolfSSL_CTX_use_certificate_buffer */
    n = load_certificate_from_buffer(vh->tls.ssl_client_ctx,
                                      vh->certificate_buffer,
                                      vh->certificate_buffer_length);
    if (n < 0) {
        fprintf(stderr, "Error setting up TLS certificate\n");
        return -1;
    }

    return 0;
}