-
Notifications
You must be signed in to change notification settings - Fork 830
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Compilation error when defining OPENSSL_ALL or OPENSSL_EXTRA on ESP-IDFv5 : ssl.c:18011:22: error: size of array 'sha_test' is negative
#6028
Comments
+@gojimmypi FYI |
Hi @llange - does your project need the OpenSSL compatibility layer? Given that your project compiles without that enabled, I suspect not. I'm interested in why you might have wanted to turn on that feature? I think it is only meant for users with a large codebase that previously used OpenSSL and then later upgraded to wolfSSL. In any case, that's an interesting problem. Even if you don't need the OpenSSL compatibility layer in your project, we should not see that error when turning on that feature. Thanks again for your time to report these issues. Feel free to report any other concerns or observations. |
Hi @gojimmypi, thanks for the comment. |
Hi @llange - thanks for the update. Even if not used in your project, I'd like to get this fixed up. It appears the OpenSSL errors are related to HW hash acceleration. To turn off that feature, disable with
We should see this new output in the wolfssl_test with the hash accleration turned off:
To fix the size error noted above with acceleration turned on, the initialization noted in #6035 is needed as well as this line added in sha.h:
That's not the final solution, so no PR yet as the OpenSSL tests are failing for me with acceleration turned on:
See my Espressif_OpenSSL_interim branch for WIP. |
Hi @gojimmypi , just a quick thank you for your time and work and these ESP-related issues. Very appreciated ! |
Hi @llange glad to help. I think the current problem with OpenSSL may in fact be related to #5948 - I have not yet updated that issue, but I currently believe the root cause is more related to proper initialization of a new SHA hash ctx object and not the alignment issue (despite compelling evidence to the contrary) - in particular initialization of the hardware state struct probably needs attention. I need to spend more time with that. Perhaps in the meantime during your development you could just turn that feature off with |
I found this after hitting the same error when enabling OPENSSL_EXTRA. I'm not using the OpenSSL compatibility layer, as I understand it. But I wanted to check certificates for expiry and authenticate based on the presence of policy information. For that I needed:
I noticed that defining I got enough functionality to read a certificate expiry date by adding my own config option. But trying to enable Anyway, I'm not sure why any of the above would be limited to OpenSSL compatibility. Am I using the wrong functions? My hope, @llange, is if we can identify the specific functionality we need from " |
…work for ESP32. See: wolfSSL#6028
Hi @llange and @PaulMartinsen - I believe this issue was fixed with #6287 There's still a minor problem with ESP32-S3 AES-192 HW acceleration as noted in #6375 Could you please take it for a test drive and confirm the OpenSSL settings no longer cause a problem? See #6234 for Espressif Roadmap and related updates. Thank you. |
Hi @gojimmypi , I merged in the WolfSSL/master branch and can confirm there's no longer a problem with During testing I was getting |
Version
tag
v5.5.4-stable
ormaster
Description
Compiling OVMSv3 for ESP-IDF version 5+ (NOT using the component integration (https://github.com/espressif/esp-wolfssl/)) - like in #6024 , #6026
Also I'm targeting the ESP32 target (not ESP32-S3 etc...)
When enabling either
OPENSSL_ALL
orOPENSSL_EXTRA
(or both) inuser_settings.h
, the compilation fails with:Otherwise it does compile perfectly if I don't enable these 2 defines.
Here is
user_settings.h
(the defines are commented out on lines 40 and 41):user_settings.h.txt
I understood that ESP-IDF defines also this typedef (
SHA_CTX
), and that a specific workaround was necessary inwolfssl/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h
Lines 104 to 112 in bdcf692
It may be related, or something completely different, but I lack experience with the codebase to understand exactly why this "assertion" fails.
The text was updated successfully, but these errors were encountered: