search

wolfSSL / wolfssh

wolfSSH is a small, fast, portable SSH implementation, including support for SCP and SFTP.
https://www.wolfssl.com
370 stars 88 forks source link

include wolfcrypt/asn_public.h needed by RSA RsaKey #649

Closed gojimmypi closed 7 months ago

gojimmypi commented 7 months ago

I'm working on improving the wolfssh-examples/Espressif and encountered this odd error in wolfssh/internal.h at build time:

FAILED: esp-idf/wolfssh/CMakeFiles/__idf_wolfssh.dir/C_/workspace/wolfssh-gojimmypi-pr/src/internal.c.obj 
C:\SysGCC\esp32\tools\xtensa-esp32-elf\esp-12.2.0_20230208\xtensa-esp32-elf\bin\xtensa-esp32-elf-gcc.exe -DESP_PLATFORM -DIDF_VER=\"v5.1-231-ga7b62bbcaf-dirty\" -DLIBWOLFSSH_VERSION_GIT_BRANCH=\"master\" -DLIBWOLFSSH_VERSION_GIT_HASH=\"dce3cf09e98e242797eac56c5aaf2342eb37aa0f\" -DLIBWOLFSSH_VERSION_GIT_HASH_DATE="\"'Tue Jan 23 14:26:23 2024 -0800'\"" -DLIBWOLFSSH_VERSION_GIT_ORIGIN=\"https://github.com/gojimmypi/wolfssh.git\" -DLIBWOLFSSH_VERSION_GIT_SHORT_HASH=\"dce3cf0\" -DSOC_MMU_PAGE_SIZE=CONFIG_MMU_PAGE_SIZE -DWINDOWS_MY_PRIVATE_CONFIG=\"/workspace/my_private_config.h\" -D_GNU_SOURCE -D_POSIX_READER_WRITER_LOCKS -Iconfig -IC:/workspace/wolfssh-gojimmypi-pr -IC:/workspace/wolfssh-gojimmypi-pr/wolfssh -IC:/SysGCC/esp32/esp-idf/v5.1/components/freertos/FreeRTOS-Kernel/include/freertos -IC:/SysGCC/esp32/esp-idf/v5.1/components/newlib/platform_include -IC:/SysGCC/esp32/esp-idf/v5.1/components/freertos/FreeRTOS-Kernel/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/freertos/FreeRTOS-Kernel/portable/xtensa/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/freertos/esp_additions/include/freertos -IC:/SysGCC/esp32/esp-idf/v5.1/components/freertos/esp_additions/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/freertos/esp_additions/arch/xtensa/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/esp_hw_support/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/esp_hw_support/include/soc -IC:/SysGCC/esp32/esp-idf/v5.1/components/esp_hw_support/include/soc/esp32 -IC:/SysGCC/esp32/esp-idf/v5.1/components/esp_hw_support/port/esp32/. -IC:/SysGCC/esp32/esp-idf/v5.1/components/esp_hw_support/port/esp32/private_include -IC:/SysGCC/esp32/esp-idf/v5.1/components/heap/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/log/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/soc/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/soc/esp32 -IC:/SysGCC/esp32/esp-idf/v5.1/components/soc/esp32/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/hal/esp32/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/hal/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/hal/platform_port/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/esp_rom/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/esp_rom/include/esp32 -IC:/SysGCC/esp32/esp-idf/v5.1/components/esp_rom/esp32 -IC:/SysGCC/esp32/esp-idf/v5.1/components/esp_common/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/esp_system/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/esp_system/port/soc -IC:/SysGCC/esp32/esp-idf/v5.1/components/esp_system/port/include/private -IC:/SysGCC/esp32/esp-idf/v5.1/components/xtensa/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/xtensa/esp32/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/lwip/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/lwip/include/apps -IC:/SysGCC/esp32/esp-idf/v5.1/components/lwip/include/apps/sntp -IC:/SysGCC/esp32/esp-idf/v5.1/components/lwip/lwip/src/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/lwip/port/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/lwip/port/freertos/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/lwip/port/esp32xx/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/lwip/port/esp32xx/include/arch -I../../../components/wolfssl/include -IC:/workspace/wolfssl-gojimmypi-PR -IC:/workspace/wolfssl-gojimmypi-PR/wolfssl -IC:/workspace/wolfssl-gojimmypi-PR/wolfssl/wolfcrypt -IC:/workspace/wolfssl-gojimmypi-PR/wolfssl/wolfcrypt/port/Espressif -mlongcalls -Wno-frame-address  -DWOLFSSL_USER_SETTINGS -DWOLFSSH_SHELL -DDEBUG_WOLFSSL -DFOUND_PROTOCOL_EXAMPLES_DIR -DWOLFSSH_USER_SETTINGS -DWOLFSSL_USER_SETTINGS -g -ffunction-sections -fdata-sections -Wall -Werror=all -Wno-error=unused-function -Wno-error=unused-variable -Wno-error=unused-but-set-variable -Wno-error=deprecated-declarations -Wextra -Wno-unused-parameter -Wno-sign-compare -Wno-enum-conversion -gdwarf-4 -ggdb -Og -fstack-protector -fmacro-prefix-map=C:/workspace/wolfssh-examples-gojimmypi-pr/Espressif/ESP32/ESP32-SSH-Server=. -fmacro-prefix-map=C:/SysGCC/esp32/esp-idf/v5.1=/IDF -fstrict-volatile-bitfields -fno-jump-tables -fno-tree-switch-conversion -DconfigENABLE_FREERTOS_DEBUG_OCDAWARE=1 -std=gnu17 -Wno-old-style-declaration -MD -MT esp-idf/wolfssh/CMakeFiles/__idf_wolfssh.dir/C_/workspace/wolfssh-gojimmypi-pr/src/internal.c.obj -MF esp-idf\wolfssh\CMakeFiles\__idf_wolfssh.dir\C_\workspace\wolfssh-gojimmypi-pr\src\internal.c.obj.d -o esp-idf/wolfssh/CMakeFiles/__idf_wolfssh.dir/C_/workspace/wolfssh-gojimmypi-pr/src/internal.c.obj -c C:/workspace/wolfssh-gojimmypi-pr/src/internal.c
In file included from C:/workspace/wolfssh-gojimmypi-pr/src/internal.c:34:
C:/workspace/wolfssh-gojimmypi-pr/wolfssh/internal.h:1210:9: error: unknown type name 'RsaKey'
 1210 |         RsaKey* key, void* heap, const char* loc);
      |         ^~~~~~
ninja: build stopped: subcommand failed.
-------------------------------------------------------------

Including the <wolfssl/wolfcrypt/asn_public.h> in the header with this PR fixes that.

Edit:

I noticed that in a recent PR #7112 , @anhu added some definitions, such as the conditional MAX_ENCODED_SIG_SZ value that is used in the wolfSSH internal.c .

See this wolfssh internal.c example defined in asn.h:

#ifndef WOLFSSH_SMALL_STACK
    byte s_checkDigest[MAX_ENCODED_SIG_SZ];
#endif

And so not including the asn.h in wolfssh/internal.h, I now see these additional errors:

[1/1] cmd.exe /C "cd /D C:\workspace\wolfssh-examples-gojimmypi\Espressif\ESP32\ESP32-SSH-Server\build\VisualGDB\Debug\bootloader\esp-idf\esptool_py && python C:/SysGCC/esp32/esp-idf/v5.1/components/partition_table/check_sizes.py --offset 0x8000 bootloader 0x1000 C:/workspace/wolfssh-examples-gojimmypi/Espressif/ESP32/ESP32-SSH-Server/build/VisualGDB/Debug/bootloader/bootloader.bin"
Bootloader binary size 0x6820 bytes. 0x7e0 bytes (7%) free.
[2/7] Building C object esp-idf/wolfssh/CMakeFiles/__idf_wolfssh.dir/C_/workspace/wolfssh-gojimmypi-pr/src/internal.c.obj
FAILED: esp-idf/wolfssh/CMakeFiles/__idf_wolfssh.dir/C_/workspace/wolfssh-gojimmypi-pr/src/internal.c.obj 
C:\SysGCC\esp32\tools\xtensa-esp32-elf\esp-12.2.0_20230208\xtensa-esp32-elf\bin\xtensa-esp32-elf-gcc.exe -DESP_PLATFORM -DIDF_VER=\"v5.1-231-ga7b62bbcaf-dirty\" -DLIBWOLFSSH_VERSION_GIT_BRANCH=\"PR-include-asn\" -DLIBWOLFSSH_VERSION_GIT_HASH=\"3dd413b04226370be2ce098251ad850727157330\" -DLIBWOLFSSH_VERSION_GIT_HASH_DATE="\"'Thu Jan 25 11:41:58 2024 -0800'\"" -DLIBWOLFSSH_VERSION_GIT_ORIGIN=\"https://github.com/gojimmypi/wolfssh.git\" -DLIBWOLFSSH_VERSION_GIT_SHORT_HASH=\"3dd413b\" -DSOC_MMU_PAGE_SIZE=CONFIG_MMU_PAGE_SIZE -DWINDOWS_MY_PRIVATE_CONFIG=\"/workspace/my_private_config.h\" -D_GNU_SOURCE -D_POSIX_READER_WRITER_LOCKS -Iconfig -IC:/workspace/wolfssh-gojimmypi-pr -IC:/workspace/wolfssh-gojimmypi-pr/wolfssh -IC:/SysGCC/esp32/esp-idf/v5.1/components/freertos/FreeRTOS-Kernel/include/freertos -IC:/SysGCC/esp32/esp-idf/v5.1/components/newlib/platform_include -IC:/SysGCC/esp32/esp-idf/v5.1/components/freertos/FreeRTOS-Kernel/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/freertos/FreeRTOS-Kernel/portable/xtensa/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/freertos/esp_additions/include/freertos -IC:/SysGCC/esp32/esp-idf/v5.1/components/freertos/esp_additions/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/freertos/esp_additions/arch/xtensa/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/esp_hw_support/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/esp_hw_support/include/soc -IC:/SysGCC/esp32/esp-idf/v5.1/components/esp_hw_support/include/soc/esp32 -IC:/SysGCC/esp32/esp-idf/v5.1/components/esp_hw_support/port/esp32/. -IC:/SysGCC/esp32/esp-idf/v5.1/components/esp_hw_support/port/esp32/private_include -IC:/SysGCC/esp32/esp-idf/v5.1/components/heap/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/log/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/soc/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/soc/esp32 -IC:/SysGCC/esp32/esp-idf/v5.1/components/soc/esp32/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/hal/esp32/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/hal/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/hal/platform_port/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/esp_rom/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/esp_rom/include/esp32 -IC:/SysGCC/esp32/esp-idf/v5.1/components/esp_rom/esp32 -IC:/SysGCC/esp32/esp-idf/v5.1/components/esp_common/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/esp_system/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/esp_system/port/soc -IC:/SysGCC/esp32/esp-idf/v5.1/components/esp_system/port/include/private -IC:/SysGCC/esp32/esp-idf/v5.1/components/xtensa/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/xtensa/esp32/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/lwip/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/lwip/include/apps -IC:/SysGCC/esp32/esp-idf/v5.1/components/lwip/include/apps/sntp -IC:/SysGCC/esp32/esp-idf/v5.1/components/lwip/lwip/src/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/lwip/port/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/lwip/port/freertos/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/lwip/port/esp32xx/include -IC:/SysGCC/esp32/esp-idf/v5.1/components/lwip/port/esp32xx/include/arch -I../../../components/wolfssl/include -IC:/workspace/wolfssl-gojimmypi-PR -IC:/workspace/wolfssl-gojimmypi-PR/wolfssl -IC:/workspace/wolfssl-gojimmypi-PR/wolfssl/wolfcrypt -IC:/workspace/wolfssl-gojimmypi-PR/wolfssl/wolfcrypt/port/Espressif -mlongcalls -Wno-frame-address  -DWOLFSSL_USER_SETTINGS -DWOLFSSH_SHELL -DDEBUG_WOLFSSL -DFOUND_PROTOCOL_EXAMPLES_DIR -DWOLFSSH_USER_SETTINGS -DWOLFSSL_USER_SETTINGS -g -ffunction-sections -fdata-sections -Wall -Werror=all -Wno-error=unused-function -Wno-error=unused-variable -Wno-error=unused-but-set-variable -Wno-error=deprecated-declarations -Wextra -Wno-unused-parameter -Wno-sign-compare -Wno-enum-conversion -gdwarf-4 -ggdb -Og -fstack-protector -fmacro-prefix-map=C:/workspace/wolfssh-examples-gojimmypi/Espressif/ESP32/ESP32-SSH-Server=. -fmacro-prefix-map=C:/SysGCC/esp32/esp-idf/v5.1=/IDF -fstrict-volatile-bitfields -fno-jump-tables -fno-tree-switch-conversion -DconfigENABLE_FREERTOS_DEBUG_OCDAWARE=1 -std=gnu17 -Wno-old-style-declaration -MD -MT esp-idf/wolfssh/CMakeFiles/__idf_wolfssh.dir/C_/workspace/wolfssh-gojimmypi-pr/src/internal.c.obj -MF esp-idf\wolfssh\CMakeFiles\__idf_wolfssh.dir\C_\workspace\wolfssh-gojimmypi-pr\src\internal.c.obj.d -o esp-idf/wolfssh/CMakeFiles/__idf_wolfssh.dir/C_/workspace/wolfssh-gojimmypi-pr/src/internal.c.obj -c C:/workspace/wolfssh-gojimmypi-pr/src/internal.c
C:/workspace/wolfssh-gojimmypi-pr/src/internal.c: In function 'DoUserAuthRequestRsa':
C:/workspace/wolfssh-gojimmypi-pr/src/internal.c:5520:24: error: 'MAX_ENCODED_SIG_SZ' undeclared (first use in this function)
 5520 |     byte s_checkDigest[MAX_ENCODED_SIG_SZ];
      |                        ^~~~~~~~~~~~~~~~~~
C:/workspace/wolfssh-gojimmypi-pr/src/internal.c:5520:24: note: each undeclared identifier is reported only once for each function it appears in
C:/workspace/wolfssh-gojimmypi-pr/src/internal.c:5628:14: warning: unused variable 's_encDigest' [-Wunused-variable]
 5628 |         byte s_encDigest[MAX_ENCODED_SIG_SZ];
      |              ^~~~~~~~~~~
C:/workspace/wolfssh-gojimmypi-pr/src/internal.c:5520:10: warning: unused variable 's_checkDigest' [-Wunused-variable]
 5520 |     byte s_checkDigest[MAX_ENCODED_SIG_SZ];
      |          ^~~~~~~~~~~~~
C:/workspace/wolfssh-gojimmypi-pr/src/internal.c: In function 'SendKexDhReply':
C:/workspace/wolfssh-gojimmypi-pr/src/internal.c:10259:29: error: 'MAX_ENCODED_SIG_SZ' undeclared (first use in this function)
10259 |                 byte encSig[MAX_ENCODED_SIG_SZ];
      |                             ^~~~~~~~~~~~~~~~~~
C:/workspace/wolfssh-gojimmypi-pr/src/internal.c:10259:22: warning: unused variable 'encSig' [-Wunused-variable]
10259 |                 byte encSig[MAX_ENCODED_SIG_SZ];
      |                      ^~~~~~
C:/workspace/wolfssh-gojimmypi-pr/src/internal.c: In function 'BuildUserAuthRequestRsa':
C:/workspace/wolfssh-gojimmypi-pr/src/internal.c:11461:28: error: 'MAX_ENCODED_SIG_SZ' undeclared (first use in this function)
11461 |             byte encDigest[MAX_ENCODED_SIG_SZ];
      |                            ^~~~~~~~~~~~~~~~~~
C:/workspace/wolfssh-gojimmypi-pr/src/internal.c:11461:18: warning: unused variable 'encDigest' [-Wunused-variable]
11461 |             byte encDigest[MAX_ENCODED_SIG_SZ];
      |                  ^~~~~~~~~
ninja: build stopped: subcommand failed.
-------------------------------------------------------------

This is in the context of alternatively adding just gating around the wolfSSH_RsaVerify items (suggested by @miyazakh) instead of the inclusion of the entire wolfssl/wolfcrypt/asn_public.h file.

There are a lot of unfamiliar moving parts, so I've added a couple of reviewers to help me understand the best solution here.

miyazakh commented 7 months ago

Open PR#650 for WOLFSSH_NO_RSA case

ejohnstown commented 7 months ago

This PR is redundant. PR #650 fixes the compile issue, properly hiding the function prototype for wolfSSH_RsaVerify() with the missing RsaKey type. The RSA key type is missing because RSA is disabled in the default Espressif build.

Including asn_public.h fixed your build because it has a forward declaration for struct RsaKey. That function is using a pointer to that type.

The Zephyr timeout has been increased to 200 already with PR #615. This also includes a fix for another issue.