2b4b28dc32
Initial FIPS 140-2 code ported to HEAD. Doesn't even compile yet, may have missing files, extraneous files and other nastiness. In other words: it's experimental ATM, OK?
176 lines
5.3 KiB
C
176 lines
5.3 KiB
C
/* ====================================================================
|
|
* Copyright (c) 2005 The OpenSSL Project. Rights for redistribution
|
|
* and usage in source and binary forms are granted according to the
|
|
* OpenSSL license.
|
|
*/
|
|
|
|
#include <stdio.h>
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
#if defined(__unix) || defined(__unix__)
|
|
#include <unistd.h>
|
|
#endif
|
|
|
|
#ifndef FINGERPRINT_PREMAIN_DSO_LOAD
|
|
|
|
#if defined(__GNUC__) && __GNUC__>=2
|
|
void FINGERPRINT_premain(void) __attribute__((constructor));
|
|
/* Most commonly this results in pointer to premain to be dropped
|
|
* to .ctors segment, which is traversed by GCC crtbegin.o upon
|
|
* program startup. Except on a.out OpenBSD where it results in
|
|
* _GLOBAL_$I$premain() {premain();} being auto-generated by
|
|
* compiler... But one way or another this is believed to cover
|
|
* *all* GCC targets. */
|
|
#elif defined(_MSC_VER)
|
|
# ifdef _WINDLL
|
|
__declspec(dllexport) /* this is essentially cosmetics... */
|
|
# endif
|
|
void FINGERPRINT_premain(void);
|
|
static int premain_wrapper(void) { FINGERPRINT_premain(); return 0; }
|
|
# ifdef _WIN64
|
|
# pragma section(".CRT$XCU",read)
|
|
__declspec(allocate(".CRT$XCU"))
|
|
# else
|
|
# pragma data_seg(".CRT$XCU")
|
|
# endif
|
|
static int (*p)(void) = premain_wrapper;
|
|
/* This results in pointer to premain to appear in .CRT segment,
|
|
* which is traversed by Visual C run-time initialization code.
|
|
* This applies to both Win32 and [all flavors of] Win64. */
|
|
# pragma data_seg()
|
|
#elif defined(__SUNPRO_C)
|
|
void FINGERPRINT_premain(void);
|
|
# pragma init(FINGERPRINT_premain)
|
|
/* This results in a call to premain to appear in .init segment. */
|
|
#elif defined(__DECC) && (defined(__VMS) || defined(VMS))
|
|
void FINGERPRINT_premain(void);
|
|
# pragma __nostandard
|
|
globaldef { "LIB$INITIALIZ" } readonly _align (LONGWORD)
|
|
int spare[8] = {0};
|
|
globaldef { "LIB$INITIALIZE" } readonly _align (LONGWORD)
|
|
void (*x_FINGERPRINT_premain)(void) = FINGERPRINT_premain;
|
|
/* Refer to LIB$INITIALIZE to ensure it exists in the image. */
|
|
int lib$initialize();
|
|
globaldef int (*lib_init_ref)() = lib$initialize;
|
|
# pragma __standard
|
|
#elif 0
|
|
The rest has to be taken care of through command line:
|
|
|
|
-Wl,-init,FINGERPRINT_premain on OSF1 and IRIX
|
|
-Wl,+init,FINGERPRINT_premain on HP-UX
|
|
-Wl,-binitfini:FINGERPRINT_premain on AIX
|
|
|
|
On ELF platforms this results in a call to premain to appear in
|
|
.init segment...
|
|
#endif
|
|
|
|
#ifndef HMAC_SHA1_SIG
|
|
#define HMAC_SHA1_SIG "?have to make sure this string is unique"
|
|
#endif
|
|
|
|
static const unsigned char FINGERPRINT_ascii_value[40] = HMAC_SHA1_SIG;
|
|
|
|
#define atox(c) ((c)>='a'?((c)-'a'+10):((c)>='A'?(c)-'A'+10:(c)-'0'))
|
|
|
|
extern const void *FIPS_text_start(), *FIPS_text_end();
|
|
extern const unsigned char FIPS_rodata_start[], FIPS_rodata_end[];
|
|
extern unsigned char FIPS_signature[20];
|
|
extern unsigned int FIPS_incore_fingerprint(unsigned char *,unsigned int);
|
|
|
|
/*
|
|
* As name suggests this code is executed prior main(). We use this
|
|
* opportunity to fingerprint sequestered code in virtual address
|
|
* space of target application.
|
|
*/
|
|
void FINGERPRINT_premain(void)
|
|
{ unsigned char sig[sizeof(FIPS_signature)];
|
|
const unsigned char * volatile p=FINGERPRINT_ascii_value;
|
|
unsigned int len=sizeof(sig),i;
|
|
|
|
/* "volatilization" is done to disengage unwanted optimization... */
|
|
if (*((volatile unsigned char *)p)=='?')
|
|
{ if (FIPS_text_start()==NULL)
|
|
{ fprintf(stderr,"FIPS_text_start() returns NULL\n");
|
|
_exit(1);
|
|
}
|
|
#if defined(DEBUG_FINGERPRINT_PREMAIN)
|
|
fprintf(stderr,".text:%p+%d=%p\n",FIPS_text_start(),
|
|
(int)((size_t)FIPS_text_end()-(size_t)FIPS_text_start()),
|
|
FIPS_text_end());
|
|
fprintf(stderr,".rodata:%p+%d=%p\n",FIPS_rodata_start,
|
|
(int)((size_t)FIPS_rodata_end-(size_t)FIPS_rodata_start),
|
|
FIPS_rodata_end);
|
|
#endif
|
|
|
|
len=FIPS_incore_fingerprint(sig,sizeof(sig));
|
|
|
|
if (len!=sizeof(sig))
|
|
{ fprintf(stderr,"fingerprint length mismatch: %u\n",len);
|
|
_exit(1);
|
|
}
|
|
|
|
for (i=0;i<len;i++) printf("%02x",sig[i]);
|
|
printf("\n");
|
|
fflush(stdout);
|
|
_exit(0);
|
|
}
|
|
else if (FIPS_signature[0]=='\0') do
|
|
{ for (i=0;i<sizeof(FIPS_signature);i++,p+=2)
|
|
FIPS_signature[i] = (atox(p[0])<<4)|atox(p[1]);
|
|
|
|
#if defined(DEBUG_FINGERPRINT_PREMAIN)
|
|
if (getenv("OPENSSL_FIPS")==NULL) break;
|
|
|
|
len=FIPS_incore_fingerprint(sig,sizeof(sig));
|
|
|
|
if (memcmp(FIPS_signature,sig,sizeof(FIPS_signature)))
|
|
{ fprintf(stderr,"FINGERPRINT_premain: FIPS_signature mismatch\n");
|
|
_exit(1);
|
|
}
|
|
#endif
|
|
} while(0);
|
|
}
|
|
|
|
#else
|
|
|
|
#include <openssl/bio.h>
|
|
#include <openssl/dso.h>
|
|
#include <openssl/err.h>
|
|
|
|
int main(int argc,char *argv[])
|
|
{ DSO *dso;
|
|
DSO_FUNC_TYPE func;
|
|
BIO *bio_err;
|
|
|
|
if (argc < 2)
|
|
{ fprintf (stderr,"usage: %s libcrypto.dso\n",argv[0]);
|
|
return 1;
|
|
}
|
|
|
|
if ((bio_err=BIO_new(BIO_s_file())) == NULL)
|
|
{ fprintf (stderr,"unable to allocate BIO\n");
|
|
return 1;
|
|
}
|
|
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
|
|
ERR_load_crypto_strings();
|
|
|
|
dso = DSO_load(NULL,argv[1],NULL,DSO_FLAG_NO_NAME_TRANSLATION);
|
|
if (dso == NULL)
|
|
{ ERR_print_errors(bio_err);
|
|
return 1;
|
|
}
|
|
|
|
/* This is not normally reached, because FINGERPRINT_premain should
|
|
* have executed and terminated application already upon DSO_load... */
|
|
func = DSO_bind_func(dso,"FINGERPRINT_premain");
|
|
if (func == NULL)
|
|
{ ERR_print_errors(bio_err);
|
|
return 1;
|
|
}
|
|
|
|
(*func)();
|
|
|
|
return 0;
|
|
}
|
|
|
|
#endif
|