Can't build example. wc_SSH_KDF not found.

[Gato-X]

After setting up wolfSSH and wolfSSL so that they are visible when compiling the ESP32 example SSH server, I encountered an error during the build indicating that wc_SSH_KDF is not declared (or rather, is being implicitly declared) in wolfSSH’s internal.c.

/home/gato/iot/SSH-proof-of-concept/wolfssh/src/internal.c:2194:15: error: implicit declaration of function 'wc_SSH_KDF'; did you mean 'wc_HKDF'? [-Werror=implicit-function-declaration]
 2194 |         ret = wc_SSH_KDF(hashId, keyId, key, keySz,
      |               ^~~~~~~~~~
      |               wc_HKDF

[dgarske]

Hi @Gato-X ,

Make sure you build wolfSSL with --enable-wolfssh or WOLFSSL_WOLFSSH that enables this wolfCrypt API.

Thanks, David Garske, wolfSSL

[Suphappy]

set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS -DWOLFSSL_WOLFSSH")

[embhorn]

@Suphappy

Did this resolve the issue for you? Do you have any further questions?

[gojimmypi]

I'm working on updated Espressif Managed Components for wolfSSL and confirmed this error, at least for somewhat recent versions of the wolfSSH component on my staging namespace.

I'll be sure the latest release version is working properly upon completion.

[gojimmypi]

For reference: @Suphappy is correct regarding the missing #define WOLFSSL_WOLFSSH.

Although ESP_ENABLE_WOLFSSH is set in the project CMakeLists.txt, the respective #ifdef ESP_ENABLE_WOLFSSH section in the user_settings.h is missing the #define WOLFSSL_WOLFSSH.

This is known to be an issue through wolfSSL v 5.7.6 using the template user_settings.h

The interim solution as noted is to have these lines added to the top-most, project-level CMakeLists.txt:

# enable wolfssl user_settings.h project-wide
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
set(WOLFSSL_USER_SETTINGS ON)

# Assume we have a ESP_ENABLE_WOLFSSH section in user_settings.h
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DESP_ENABLE_WOLFSSH")

# Managed wolfSSL Components prior to 5.7.6 need a manual setting for WOLFSSL_WOLFSSH
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_WOLFSSH")

See the Espressif wolfssh_echoserver example.

Currently the release version of the wolfSSL Managed Component is v5.7.4 published yesterday, Feb 2, 2025.

I plan to create a post-release fix to include this in the upcoming Espressif Managed wolfSSL Component v5.7.6.

This is the section in the wolfSSL user_settings.h for the Espressif examples:

/* Optionally enable some wolfSSH settings.
 * For wolfSSL examples, this is typically enabled in project CMakeLists.txt */
#ifdef ESP_ENABLE_WOLFSSH
    #undef  WOLFSSL_WOLFSSH
    #define WOLFSSL_WOLFSSH

    /* The default SSH Windows size is massive for an embedded target. Limit it: */
    #define DEFAULT_WINDOW_SZ 2000

    /* These may be defined in cmake for other examples: */
    #undef  WOLFSSH_TERM
    #define WOLFSSH_TERM

    #undef  DEBUG_WOLFSSH
    #define DEBUG_WOLFSSH

    #undef  WOLFSSL_KEY_GEN
    #define WOLFSSL_KEY_GEN

    #undef  WOLFSSL_PTHREADS
    #define WOLFSSL_PTHREADS

    #define WOLFSSH_TEST_SERVER
    #define WOLFSSH_TEST_THREADING

#endif /* ESP_ENABLE_WOLFSSH */

[embhorn]

@gojimmypi - Is this resolved by the PR's you linked?

[gojimmypi]

@embhorn yes, I believe so, but probably best if confirmed by @Gato-X and/or @Suphappy

Please see the Managed Components recently published:

wolfSSH v1.4.20 https://components.espressif.com/components/wolfssl/wolfssh/versions/1.4.20

wolfSSL v5.7.6 https://components.espressif.com/components/wolfssl/wolfssl/versions/5.7.6 (includes post-release changes to examples as noted in https://github.com/wolfSSL/wolfssl/pull/8418)

See example SSH echo server:

https://components.espressif.com/components/wolfssl/wolfssh/versions/1.4.20/examples/wolfssh_echoserver

[Suphappy]

@Suphappy

Did this resolve the issue for you? Do you have any further questions?

It's fine if I do it this way. No other problems occurred.