diff options
| author | Adam Langley <agl@imperialviolet.org> | 2024-05-19 23:41:16 +0000 |
|---|---|---|
| committer | David Benjamin <davidben@google.com> | 2024-05-28 20:33:39 +0000 |
| commit | 85897d07196b7bf164dbd4673fc78b762aff3e8b (patch) | |
| tree | f9cc9676c5bc939686f69b84c6b6f9de0c3ae19b | |
| parent | 5acbee6493035dbf148e44efa14e11e0a2712f50 (diff) | |
| download | boringssl-fips-20240407.zip boringssl-fips-20240407.tar.gz boringssl-fips-20240407.tar.bz2 | |
Expose the FIPS module hash at build- and run-time.fips-20240407
In order to provide evidence that a given build is being used when
testing the module (as part of validation), this change prints the
module hash during the build process and makes it available for logging
at run time.
Change-Id: Ib128858cc429655e86444ee86dd04f1467abc735
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/68528
Reviewed-by: David Benjamin <davidben@google.com>
Auto-Submit: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/68807
| -rw-r--r-- | crypto/fipsmodule/bcm.c | 5 | ||||
| -rw-r--r-- | include/openssl/crypto.h | 3 | ||||
| -rw-r--r-- | util/fipstools/inject_hash/inject_hash.go | 3 | ||||
| -rw-r--r-- | util/fipstools/test_fips.c | 9 |
4 files changed, 19 insertions, 1 deletions
diff --git a/crypto/fipsmodule/bcm.c b/crypto/fipsmodule/bcm.c index 9d9227d..4b9b64f 100644 --- a/crypto/fipsmodule/bcm.c +++ b/crypto/fipsmodule/bcm.c @@ -263,6 +263,11 @@ int BORINGSSL_integrity_test(void) { OPENSSL_cleanse(result, sizeof(result)); // FIPS 140-3, AS05.10. return 1; } + +const uint8_t* FIPS_module_hash(void) { + return BORINGSSL_bcm_text_hash; +} + #endif // OPENSSL_ASAN void BORINGSSL_FIPS_abort(void) { diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h index c5c21bb..2981e68 100644 --- a/include/openssl/crypto.h +++ b/include/openssl/crypto.h @@ -178,6 +178,9 @@ OPENSSL_EXPORT int FIPS_mode_set(int on); // FIPS_module_name returns the name of the FIPS module. OPENSSL_EXPORT const char *FIPS_module_name(void); +// FIPS_module_hash returns the 32-byte hash of the FIPS module. +OPENSSL_EXPORT const uint8_t* FIPS_module_hash(void); + // FIPS_version returns the version of the FIPS module, or zero if the build // isn't exactly at a verified version. The version, expressed in base 10, will // be a date in the form yyyymmddXX where XX is often "00", but can be diff --git a/util/fipstools/inject_hash/inject_hash.go b/util/fipstools/inject_hash/inject_hash.go index 9c30836..ffae5e9 100644 --- a/util/fipstools/inject_hash/inject_hash.go +++ b/util/fipstools/inject_hash/inject_hash.go @@ -242,6 +242,9 @@ func do(outPath, oInput string, arInput string) error { return errors.New("found two occurrences of uninitialised hash value in object file") } + if _, exists := os.LookupEnv("BORINGSSL_FIPS_SHOW_HASH"); exists { + fmt.Printf("Module hash: %x\n", calculated) + } copy(objectBytes[offset:], calculated) return os.WriteFile(outPath, objectBytes, perm&0777) diff --git a/util/fipstools/test_fips.c b/util/fipstools/test_fips.c index bd0ec46..af01bfc 100644 --- a/util/fipstools/test_fips.c +++ b/util/fipstools/test_fips.c @@ -55,9 +55,16 @@ int main(int argc, char **argv) { printf("No module version set\n"); goto err; } - printf("Module: '%s', version: %" PRIu32 "\n", FIPS_module_name(), + printf("Module: '%s', version: %" PRIu32 " hash:\n", FIPS_module_name(), module_version); +#if !defined(OPENSSL_ASAN) + hexdump(FIPS_module_hash(), SHA256_DIGEST_LENGTH); +#else + printf("(not available when compiled for ASAN)"); +#endif + printf("\n"); + static const uint8_t kAESKey[16] = "BoringCrypto Key"; static const uint8_t kPlaintext[64] = "BoringCryptoModule FIPS KAT Encryption and Decryption Plaintext!"; |