Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Migrate webauthn-rs-demo to OpenSSL #359

Closed
micolous opened this issue Oct 3, 2023 · 0 comments · Fixed by #360
Closed

Migrate webauthn-rs-demo to OpenSSL #359

micolous opened this issue Oct 3, 2023 · 0 comments · Fixed by #360

Comments

@micolous
Copy link
Collaborator

micolous commented Oct 3, 2023

Is your feature request related to a problem? Please describe.

At the moment, webauthn-rs-demo depends on rustls, which depends on ring 0.16 (which is outdated). ring v0.16 has a lot of issues with cross-compiling, and flat-out won't build on aarch64-pc-windows-msvc (and builds it with a HostX86 toolchain!):

PS C:\Users\michael\Documents\dev\webauthn-rs> cargo build
[...]
   Compiling ring v0.16.20
error: failed to run custom build command for `ring v0.16.20`

Caused by:
  process didn't exit successfully: `C:\Users\michael\Documents\dev\webauthn-rs\target\debug\build\ring-eaa32766ac89f048\build-script-build` (exit code: 101)
  --- stdout
  OPT_LEVEL = Some("0")
  TARGET = Some("aarch64-pc-windows-msvc")
  HOST = Some("aarch64-pc-windows-msvc")
  cargo:rerun-if-env-changed=CC_aarch64-pc-windows-msvc
  CC_aarch64-pc-windows-msvc = None
  cargo:rerun-if-env-changed=CC_aarch64_pc_windows_msvc
  CC_aarch64_pc_windows_msvc = None
  cargo:rerun-if-env-changed=HOST_CC
  HOST_CC = None
  cargo:rerun-if-env-changed=CC
  CC = None
  cargo:rerun-if-env-changed=CFLAGS_aarch64-pc-windows-msvc
  CFLAGS_aarch64-pc-windows-msvc = None
  cargo:rerun-if-env-changed=CFLAGS_aarch64_pc_windows_msvc
  CFLAGS_aarch64_pc_windows_msvc = None
  cargo:rerun-if-env-changed=HOST_CFLAGS
  HOST_CFLAGS = None
  cargo:rerun-if-env-changed=CFLAGS
  CFLAGS = None
  cargo:rerun-if-env-changed=CRATE_CC_NO_DEFAULTS
  CRATE_CC_NO_DEFAULTS = None
  CARGO_CFG_TARGET_FEATURE = Some("neon")
  DEBUG = Some("true")
  montgomery.c
  C:\Users\michael\.cargo\registry\src\index.crates.io-6f17d22bba15001f\ring-0.16.20\crypto\fipsmodule\bn\internal.h(191): error C2065: 'BN_ULLONG': undeclared identifier
  C:\Users\michael\.cargo\registry\src\index.crates.io-6f17d22bba15001f\ring-0.16.20\crypto\fipsmodule\bn\internal.h(191): error C2146: syntax error: missing ';' before identifier 'result'
  C:\Users\michael\.cargo\registry\src\index.crates.io-6f17d22bba15001f\ring-0.16.20\crypto\fipsmodule\bn\internal.h(191): warning C4555: result of expression not used
  C:\Users\michael\.cargo\registry\src\index.crates.io-6f17d22bba15001f\ring-0.16.20\crypto\fipsmodule\bn\internal.h(191): error C2065: 'result': undeclared identifier
  C:\Users\michael\.cargo\registry\src\index.crates.io-6f17d22bba15001f\ring-0.16.20\crypto\fipsmodule\bn\internal.h(191): error C2146: syntax error: missing ';' before identifier 'a'
  C:\Users\michael\.cargo\registry\src\index.crates.io-6f17d22bba15001f\ring-0.16.20\crypto\fipsmodule\bn\internal.h(191): warning C4552: '*': result of expression not used
  C:\Users\michael\.cargo\registry\src\index.crates.io-6f17d22bba15001f\ring-0.16.20\crypto\fipsmodule\bn\internal.h(192): error C2065: 'result': undeclared identifier
  C:\Users\michael\.cargo\registry\src\index.crates.io-6f17d22bba15001f\ring-0.16.20\crypto\fipsmodule\bn\internal.h(193): error C2065: 'result': undeclared identifier
  C:\Users\michael\.cargo\registry\src\index.crates.io-6f17d22bba15001f\ring-0.16.20\crypto\fipsmodule\bn\internal.h(193): warning C4293: '>>': shift count negative or too big, undefined behavior
  C:\Users\michael\.cargo\registry\src\index.crates.io-6f17d22bba15001f\ring-0.16.20\crypto\fipsmodule\bn\../../limbs/limbs.inl(38): warning C4163: '_addcarry_u64': not available as an intrinsic function
  C:\Users\michael\.cargo\registry\src\index.crates.io-6f17d22bba15001f\ring-0.16.20\crypto\fipsmodule\bn\../../limbs/limbs.inl(38): warning C4163: '_subborrow_u64': not available as an intrinsic function
  C:\Users\michael\.cargo\registry\src\index.crates.io-6f17d22bba15001f\ring-0.16.20\crypto\fipsmodule\bn\../../limbs/limbs.inl(62): warning C4013: '_addcarry_u64' undefined; assuming extern returning int
  C:\Users\michael\.cargo\registry\src\index.crates.io-6f17d22bba15001f\ring-0.16.20\crypto\fipsmodule\bn\../../limbs/limbs.inl(62): warning C4242: '=': conversion from 'int' to 'Carry', possible loss of data
  C:\Users\michael\.cargo\registry\src\index.crates.io-6f17d22bba15001f\ring-0.16.20\crypto\fipsmodule\bn\../../limbs/limbs.inl(76): warning C4242: '=': conversion from 'int' to 'Carry', possible loss of data
  C:\Users\michael\.cargo\registry\src\index.crates.io-6f17d22bba15001f\ring-0.16.20\crypto\fipsmodule\bn\../../limbs/limbs.inl(92): warning C4013: '_subborrow_u64' undefined; assuming extern returning int
  C:\Users\michael\.cargo\registry\src\index.crates.io-6f17d22bba15001f\ring-0.16.20\crypto\fipsmodule\bn\../../limbs/limbs.inl(92): warning C4242: '=': conversion from 'int' to 'Carry', possible loss of data
  C:\Users\michael\.cargo\registry\src\index.crates.io-6f17d22bba15001f\ring-0.16.20\crypto\fipsmodule\bn\../../limbs/limbs.inl(106): warning C4242: '=': conversion from 'int' to 'Carry', possible loss of data

  --- stderr
  running "C:\\Program Files\\Microsoft Visual Studio\\2022\\Preview\\VC\\Tools\\MSVC\\14.35.32019\\bin\\HostX86\\arm64\\cl.exe" "-nologo" "-MD" "-Z7" "-Brepro" "-I" "include" "-W4" "/GS" "/Gy" "/EHsc" "/GR-" "/Zc:wchar_t" "/Zc:forScope" "/Zc:inline" "/Zc:rvalueCast" "/sdl" "/Wall" "/wd4127" "/wd4464" "/wd4514" "/wd4710" "/wd4711" "/wd4820" "/wd5045" "/Od" "/RTCsu" "-DNDEBUG" "-c" "/FoC:\\Users\\michael\\Documents\\dev\\webauthn-rs\\target\\debug\\build\\ring-1b24f999817ab6d1\\out\\montgomery.obj" "crypto/fipsmodule/bn/montgomery.c"
  thread 'main' panicked at 'execution failed', C:\Users\michael\.cargo\registry\src\index.crates.io-6f17d22bba15001f\ring-0.16.20\build.rs:656:9
  note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
warning: build failed, waiting for other jobs to finish...

webauthn-rs-demo also depends on openssl to generate a self-signed certificate at start-up, so it effectively links two crypto libraries in.

Describe the solution you'd like

webauthn-rs-demo should migrate away from rustls to something which uses openssl instead.

Other webauthn-rs packages don't have any dependency on ring 0.16:

PS C:\Users\michael\Documents\dev\webauthn-rs> cargo tree -i ring
ring v0.16.20
├── rustls v0.19.1
│   ├── async-rustls v0.2.0
│   │   └── tide-rustls v0.3.0
│   │       └── webauthn-rs-demo v0.1.0 (C:\Users\michael\Documents\dev\webauthn-rs\compat_tester\webauthn-rs-demo)
│   ├── tide-rustls v0.3.0 (*)
│   └── webauthn-rs-demo v0.1.0 (C:\Users\michael\Documents\dev\webauthn-rs\compat_tester\webauthn-rs-demo)
├── sct v0.6.1
│   └── rustls v0.19.1 (*)
└── webpki v0.21.4
    ├── async-rustls v0.2.0 (*)
    └── rustls v0.19.1 (*)

Describe alternatives you've considered

#357

Additional context

Many issues have been resolved in ring v0.17, but this has only recently been published. This has required a huge effort by ring to migrate from winapi to windows-rs, and entirely rework their build setup.

That all said, having two crypto libraries for this demo isn't great, and the rest of this project uses OpenSSL.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Switch webauthn-rs-demo to OpenSSL. micolous/webauthn-rs
1 participant
@micolous