diff options
Diffstat (limited to 'util')
-rw-r--r-- | util/fipstools/inject_hash/inject_hash.go | 3 | ||||
-rw-r--r-- | util/fipstools/test_fips.c | 9 |
2 files changed, 11 insertions, 1 deletions
diff --git a/util/fipstools/inject_hash/inject_hash.go b/util/fipstools/inject_hash/inject_hash.go index 9c30836..ffae5e9 100644 --- a/util/fipstools/inject_hash/inject_hash.go +++ b/util/fipstools/inject_hash/inject_hash.go @@ -242,6 +242,9 @@ func do(outPath, oInput string, arInput string) error { return errors.New("found two occurrences of uninitialised hash value in object file") } + if _, exists := os.LookupEnv("BORINGSSL_FIPS_SHOW_HASH"); exists { + fmt.Printf("Module hash: %x\n", calculated) + } copy(objectBytes[offset:], calculated) return os.WriteFile(outPath, objectBytes, perm&0777) diff --git a/util/fipstools/test_fips.c b/util/fipstools/test_fips.c index bd0ec46..af01bfc 100644 --- a/util/fipstools/test_fips.c +++ b/util/fipstools/test_fips.c @@ -55,9 +55,16 @@ int main(int argc, char **argv) { printf("No module version set\n"); goto err; } - printf("Module: '%s', version: %" PRIu32 "\n", FIPS_module_name(), + printf("Module: '%s', version: %" PRIu32 " hash:\n", FIPS_module_name(), module_version); +#if !defined(OPENSSL_ASAN) + hexdump(FIPS_module_hash(), SHA256_DIGEST_LENGTH); +#else + printf("(not available when compiled for ASAN)"); +#endif + printf("\n"); + static const uint8_t kAESKey[16] = "BoringCrypto Key"; static const uint8_t kPlaintext[64] = "BoringCryptoModule FIPS KAT Encryption and Decryption Plaintext!"; |