openssl/fips/fips_premain.c

/* ====================================================================
 * Copyright (c) 2005 The OpenSSL Project. Rights for redistribution
 * and usage in source and binary forms are granted according to the
 * OpenSSL license.
 */

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#if defined(__unix) || defined(__unix__) || defined(__vxworks) || defined(__ANDROID__) || defined(__APPLE__)
#include <unistd.h>
#endif

#ifndef FINGERPRINT_PREMAIN_DSO_LOAD

#if defined(__GNUC__) && __GNUC__>=2
  void FINGERPRINT_premain(void) __attribute__((constructor));
  /* Most commonly this results in pointer to premain to be dropped
   * to .ctors segment, which is traversed by GCC crtbegin.o upon
   * program startup. Except on a.out OpenBSD where it results in
   * _GLOBAL_$I$premain() {premain();} being auto-generated by
   * compiler... But one way or another this is believed to cover
   * *all* GCC targets. */
#elif defined(_MSC_VER)
# ifdef _WINDLL
  __declspec(dllexport)	/* this is essentially cosmetics... */
# endif
  void FINGERPRINT_premain(void);
  static int premain_wrapper(void) { FINGERPRINT_premain(); return 0; }
# ifdef _WIN64
# pragma section(".CRT$XCU",read)
  __declspec(allocate(".CRT$XCU"))
# else
# pragma data_seg(".CRT$XCU")
# endif
  static int (*p)(void) = premain_wrapper;
  /* This results in pointer to premain to appear in .CRT segment,
   * which is traversed by Visual C run-time initialization code.
   * This applies to both Win32 and [all flavors of] Win64. */
# pragma data_seg()
#elif defined(__SUNPRO_C)
  void FINGERPRINT_premain(void);
# pragma init(FINGERPRINT_premain)
  /* This results in a call to premain to appear in .init segment. */
#elif defined(__DECC) && (defined(__VMS) || defined(VMS))
  void FINGERPRINT_premain(void);
# pragma __nostandard
  globaldef { "LIB$INITIALIZ" } readonly _align (LONGWORD)
	int spare[8] = {0};
  globaldef { "LIB$INITIALIZE" } readonly _align (LONGWORD)
	void (*x_FINGERPRINT_premain)(void) = FINGERPRINT_premain;
  /* Refer to LIB$INITIALIZE to ensure it exists in the image. */
  int lib$initialize();
  globaldef int (*lib_init_ref)() = lib$initialize;
# pragma __standard
#elif defined(_TMS320C6X)
# if defined(__TI_EABI__)
  asm("\t.sect \".init_array\"\n\t.align 4\n\t.field FINGERPRINT_premain,32");
# else
  asm("\t.sect \".pinit\"\n\t.align 4\n\t.field _FINGERPRINT_premain,32");
# endif
#elif 0
  The rest has to be taken care of through command line:

	-Wl,-init,FINGERPRINT_premain		on OSF1 and IRIX
	-Wl,+init,FINGERPRINT_premain		on HP-UX
	-Wl,-binitfini:FINGERPRINT_premain	on AIX

  On ELF platforms this results in a call to premain to appear in
  .init segment...
#endif

#ifndef HMAC_SHA1_SIG
#define HMAC_SHA1_SIG "?have to make sure this string is unique"
#endif

#if defined(_MSC_VER)
# pragma const_seg("fipsro")
# pragma const_seg()
  __declspec(allocate("fipsro"))
#endif
static const unsigned char FINGERPRINT_ascii_value[41] = HMAC_SHA1_SIG;

#define atox(c) ((c)>='a'?((c)-'a'+10):((c)>='A'?(c)-'A'+10:(c)-'0'))

extern const void         *FIPS_text_start(),  *FIPS_text_end();
extern const unsigned char FIPS_rodata_start[], FIPS_rodata_end[];
extern unsigned char       FIPS_signature[20];
extern unsigned int        FIPS_incore_fingerprint(unsigned char *,unsigned int);

/*
 * As name suggests this code is executed prior main(). We use this
 * opportunity to fingerprint sequestered code in virtual address
 * space of target application.
 */
void FINGERPRINT_premain(void)
{ unsigned char sig[sizeof(FIPS_signature)];
  const unsigned char * volatile p=FINGERPRINT_ascii_value;
  unsigned int len=sizeof(sig),i;

    /* "volatilization" is done to disengage unwanted optimization... */
    if (*((volatile unsigned char *)p)=='?')
    {	if (FIPS_text_start()==NULL)
	{   fprintf(stderr,"FIPS_text_start() returns NULL\n");
	    _exit(1);
	}
#if defined(DEBUG_FINGERPRINT_PREMAIN)
	fprintf(stderr,".text:%p+%d=%p\n",FIPS_text_start(),
		(int)((size_t)FIPS_text_end()-(size_t)FIPS_text_start()),
		FIPS_text_end());
	fprintf(stderr,".rodata:%p+%d=%p\n",FIPS_rodata_start,
		(int)((size_t)FIPS_rodata_end-(size_t)FIPS_rodata_start),
		FIPS_rodata_end);
#endif

	len=FIPS_incore_fingerprint(sig,sizeof(sig));

	if (len!=sizeof(sig))
	{   fprintf(stderr,"fingerprint length mismatch: %u\n",len);
	    _exit(1);
	}

	for (i=0;i<len;i++) printf("%02x",sig[i]);
	printf("\n");
	fflush(stdout);
	_exit(0);
    }
    else if (FIPS_signature[0]=='\0') do
    {	for (i=0;i<sizeof(FIPS_signature);i++,p+=2)
	    FIPS_signature[i] = (atox(p[0])<<4)|atox(p[1]);

#if defined(DEBUG_FINGERPRINT_PREMAIN)
	if (getenv("OPENSSL_FIPS")==NULL) break;

	len=FIPS_incore_fingerprint(sig,sizeof(sig));

	if (memcmp(FIPS_signature,sig,sizeof(FIPS_signature)))
	{   fprintf(stderr,"FINGERPRINT_premain: FIPS_signature mismatch\n");
	    _exit(1);
	}
#endif
    } while(0);
#if defined(__powerpc__) || defined(__ppc__) || defined(_ARCH_PPC)
    fips_openssl_cpuid_setup();
#endif
}

#else

#include <openssl/bio.h>
#include <openssl/dso.h>
#include <openssl/err.h>

int main(int argc,char *argv[])
{ DSO *dso;
  DSO_FUNC_TYPE func;
  BIO *bio_err;

    if (argc < 2)
    {	fprintf (stderr,"usage: %s libcrypto.dso\n",argv[0]);
	return 1;
    }

    if ((bio_err=BIO_new(BIO_s_file())) == NULL)
    {	fprintf (stderr,"unable to allocate BIO\n");
	return 1;
    }
    BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
    ERR_load_crypto_strings();

    dso = DSO_load(NULL,argv[1],NULL,DSO_FLAG_NO_NAME_TRANSLATION);
    if (dso == NULL)
    {	ERR_print_errors(bio_err);
	return 1;
    }

    /* This is not normally reached, because FINGERPRINT_premain should
     * have executed and terminated application already upon DSO_load... */
    func = DSO_bind_func(dso,"FINGERPRINT_premain");
    if (func == NULL)
    {	ERR_print_errors(bio_err);
	return 1;
    }

    (*func)();

  return 0;
}

#endif