1 Use fipscheck compatible way of verification of the integrity of the libcrypto
3 diff -up openssl-0.9.8j/test/Makefile.use-fipscheck openssl-0.9.8j/test/Makefile
4 --- openssl-0.9.8j/test/Makefile.use-fipscheck 2008-12-13 13:22:47.000000000 +0100
5 +++ openssl-0.9.8j/test/Makefile 2009-01-13 22:49:25.000000000 +0100
6 @@ -402,8 +402,7 @@ FIPS_BUILD_CMD=shlib_target=; if [ -n "$
7 if [ "$(FIPSCANLIB)" = "libfips" ]; then \
8 LIBRARIES="-L$(TOP) -lfips"; \
9 elif [ -n "$(FIPSCANLIB)" ]; then \
10 - FIPSLD_CC=$(CC); CC=$(TOP)/fips/fipsld; export CC FIPSLD_CC; \
11 - LIBRARIES="$${FIPSLIBDIR:-$(TOP)/fips/}fipscanister.o"; \
12 + LIBRARIES="$(LIBCRYPTO)"; \
14 $(MAKE) -f $(TOP)/Makefile.shared -e \
15 CC=$${CC} APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
16 @@ -414,9 +413,6 @@ FIPS_CRYPTO_BUILD_CMD=shlib_target=; if
17 shlib_target="$(SHLIB_TARGET)"; \
19 LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \
20 - if [ -z "$(SHARED_LIBS)" -a -n "$(FIPSCANLIB)" ] ; then \
21 - FIPSLD_CC=$(CC); CC=$(TOP)/fips/fipsld; export CC FIPSLD_CC; \
23 [ "$(FIPSCANLIB)" = "libfips" ] && LIBRARIES="$$LIBRARIES -lfips"; \
24 $(MAKE) -f $(TOP)/Makefile.shared -e \
25 CC=$${CC} APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
26 diff -up openssl-0.9.8j/Makefile.org.use-fipscheck openssl-0.9.8j/Makefile.org
27 --- openssl-0.9.8j/Makefile.org.use-fipscheck 2009-01-13 22:35:48.000000000 +0100
28 +++ openssl-0.9.8j/Makefile.org 2009-01-13 22:35:49.000000000 +0100
29 @@ -357,10 +357,6 @@ libcrypto$(SHLIB_EXT): libcrypto.a $(SHA
30 $(MAKE) SHLIBDIRS='crypto' SHLIBDEPS='-lfips' build-shared; \
31 $(AR) libcrypto.a fips/fipscanister.o ; \
33 - if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \
34 - FIPSLD_CC=$(CC); CC=fips/fipsld; \
35 - export CC FIPSLD_CC; \
37 $(MAKE) -e SHLIBDIRS='crypto' build-shared; \
40 @@ -381,9 +377,8 @@ libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT
41 fips/fipscanister.o: build_fips
42 libfips$(SHLIB_EXT): fips/fipscanister.o
43 @if [ "$(SHLIB_TARGET)" != "" ]; then \
44 - FIPSLD_CC=$(CC); CC=fips/fipsld; export CC FIPSLD_CC; \
45 $(MAKE) -f Makefile.shared -e $(BUILDENV) \
46 - CC=$${CC} LIBNAME=fips THIS=$@ \
47 + CC=$(CC) LIBNAME=fips THIS=$@ \
48 LIBEXTRAS=fips/fipscanister.o \
49 LIBDEPS="$(EX_LIBS)" \
50 LIBVERSION=${SHLIB_MAJOR}.${SHLIB_MINOR} \
51 @@ -469,7 +464,7 @@ openssl.pc: Makefile
52 echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
53 echo 'Version: '$(VERSION); \
55 - echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
56 + echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)';\
57 echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
59 Makefile: Makefile.org Configure config
60 diff -up openssl-0.9.8j/fips/fips.c.use-fipscheck openssl-0.9.8j/fips/fips.c
61 --- openssl-0.9.8j/fips/fips.c.use-fipscheck 2008-09-16 12:12:09.000000000 +0200
62 +++ openssl-0.9.8j/fips/fips.c 2009-01-13 22:35:49.000000000 +0100
69 #include <openssl/rand.h>
70 #include <openssl/fips_rand.h>
72 #include <openssl/rsa.h>
78 #include "fips_locl.h"
81 @@ -165,6 +169,7 @@ int FIPS_selftest()
82 && FIPS_selftest_dsa();
86 extern const void *FIPS_text_start(), *FIPS_text_end();
87 extern const unsigned char FIPS_rodata_start[], FIPS_rodata_end[];
88 unsigned char FIPS_signature [20] = { 0 };
89 @@ -243,6 +248,206 @@ int FIPS_check_incore_fingerprint(void)
94 +/* we implement what libfipscheck does ourselves */
97 +get_library_path(const char *libname, const char *symbolname, char *path, size_t pathlen)
103 + dl = dlopen(libname, RTLD_NODELETE|RTLD_NOLOAD|RTLD_LAZY);
108 + sym = dlsym(dl, symbolname);
110 + if (sym != NULL && dladdr(sym, &info)) {
111 + strncpy(path, info.dli_fname, pathlen-1);
112 + path[pathlen-1] = '\0';
121 +static const char conv[] = "0123456789abcdef";
124 +bin2hex(void *buf, size_t len)
127 + unsigned char *src = buf;
129 + hex = malloc(len * 2 + 1);
143 + *p = conv[c & 0x0f];
151 +#define HMAC_PREFIX "."
152 +#define HMAC_SUFFIX ".hmac"
153 +#define READ_BUFFER_LENGTH 16384
156 +make_hmac_path(const char *origpath)
161 + path = malloc(sizeof(HMAC_PREFIX) + sizeof(HMAC_SUFFIX) + strlen(origpath));
166 + fn = strrchr(origpath, '/');
173 + strncpy(path, origpath, fn-origpath);
174 + p = path + (fn - origpath);
175 + p = stpcpy(p, HMAC_PREFIX);
177 + p = stpcpy(p, HMAC_SUFFIX);
182 +static const char hmackey[] = "orboDeJITITejsirpADONivirpUkvarP";
185 +compute_file_hmac(const char *path, void **buf, size_t *hmaclen)
189 + unsigned char rbuf[READ_BUFFER_LENGTH];
196 + f = fopen(path, "r");
202 + HMAC_Init(&c, hmackey, sizeof(hmackey)-1, EVP_sha256());
204 + while ((len=fread(rbuf, 1, sizeof(rbuf), f)) != 0) {
205 + HMAC_Update(&c, rbuf, len);
208 + len = sizeof(rbuf);
209 + /* reuse rbuf for hmac */
210 + HMAC_Final(&c, rbuf, &hlen);
212 + *buf = malloc(hlen);
213 + if (*buf == NULL) {
219 + memcpy(*buf, rbuf, hlen);
223 + HMAC_CTX_cleanup(&c);
232 +FIPSCHECK_verify(const char *libname, const char *symbolname)
234 + char path[PATH_MAX+1];
237 + char *hmacpath, *p;
241 + rv = get_library_path(libname, symbolname, path, sizeof(path));
246 + hmacpath = make_hmac_path(path);
248 + hf = fopen(hmacpath, "r");
254 + if (getline(&hmac, &n, hf) > 0) {
259 + if ((p=strchr(hmac, '\n')) != NULL)
262 + if (compute_file_hmac(path, &buf, &hmaclen) < 0) {
267 + if ((hex=bin2hex(buf, hmaclen)) == NULL) {
273 + if (strcmp(hex, hmac) != 0) {
288 + /* check successful */
294 int FIPS_mode_set(int onoff)
296 @@ -280,16 +485,9 @@ int FIPS_mode_set(int onoff)
300 - if(fips_signature_witness() != FIPS_signature)
302 - FIPSerr(FIPS_F_FIPS_MODE_SET,FIPS_R_CONTRADICTING_EVIDENCE);
303 - fips_selftest_fail = 1;
308 - if(!FIPS_check_incore_fingerprint())
309 + if(!FIPSCHECK_verify("libcrypto.so.0.9.8e","FIPS_mode_set"))
311 + FIPSerr(FIPS_F_FIPS_MODE_SET,FIPS_R_FINGERPRINT_DOES_NOT_MATCH);
312 fips_selftest_fail = 1;
315 @@ -405,11 +603,13 @@ int fips_clear_owning_thread(void)
320 unsigned char *fips_signature_witness(void)
322 extern unsigned char FIPS_signature[];
323 return FIPS_signature;
327 /* Generalized public key test routine. Signs and verifies the data
328 * supplied in tbs using mesage digest md and setting option digest
329 diff -up openssl-0.9.8j/fips/Makefile.use-fipscheck openssl-0.9.8j/fips/Makefile
330 --- openssl-0.9.8j/fips/Makefile.use-fipscheck 2009-01-13 22:35:49.000000000 +0100
331 +++ openssl-0.9.8j/fips/Makefile 2009-01-13 22:36:15.000000000 +0100
332 @@ -62,9 +62,9 @@ testapps:
335 @if [ -z "$(FIPSLIBDIR)" ]; then \
336 - $(MAKE) -e subdirs lib fips_premain_dso$(EXE_EXT); \
337 + $(MAKE) -e subdirs lib; \
339 - $(MAKE) -e lib fips_premain_dso$(EXE_EXT) fips_standalone_sha1$(EXE_EXT); \
343 # Idea behind fipscanister.o is to "seize" the sequestered code between
344 @@ -109,7 +109,6 @@ fipscanister.o: fips_start.o $(LIBOBJ) $
345 HP-UX|OSF1|SunOS) set -x; /usr/ccs/bin/ld -r -o $@ $$objs ;; \
346 *) set -x; $(CC) $$cflags -r -o $@ $$objs ;; \
348 - ./fips_standalone_sha1 fipscanister.o > fipscanister.o.sha1
350 # If another exception is immediately required, assign approprite
351 # site-specific ld command to FIPS_SITE_LD environment variable.
352 @@ -171,7 +170,7 @@ $(FIPSCANLIB): $(FIPSCANLOC)
353 $(RANLIB) ../$(FIPSCANLIB).a || echo Never mind.
356 -shared: lib subdirs fips_premain_dso$(EXE_EXT)
360 @target=lib; $(RECURSIVE_MAKE)
361 @@ -195,10 +194,6 @@ install:
362 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
364 @target=install; $(RECURSIVE_MAKE)
365 - @cp -p -f fipscanister.o fipscanister.o.sha1 fips_premain.c \
366 - fips_premain.c.sha1 \
367 - $(INSTALL_PREFIX)$(INSTALLTOP)/lib/; \
368 - chmod 0444 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/fips*
371 @target=lint; $(RECURSIVE_MAKE)
372 diff -up openssl-0.9.8j/fips/fips_locl.h.use-fipscheck openssl-0.9.8j/fips/fips_locl.h
373 --- openssl-0.9.8j/fips/fips_locl.h.use-fipscheck 2008-09-16 12:12:10.000000000 +0200
374 +++ openssl-0.9.8j/fips/fips_locl.h 2009-01-13 22:35:49.000000000 +0100
375 @@ -63,7 +63,9 @@ int fips_is_owning_thread(void);
376 int fips_set_owning_thread(void);
377 void fips_set_selftest_fail(void);
378 int fips_clear_owning_thread(void);
380 unsigned char *fips_signature_witness(void);
383 #define FIPS_MAX_CIPHER_TEST_SIZE 16