Add tool for corrupting the FIPS module in a binary.
This is for demonstrating an integrity check failure.
Change-Id: I4b52b1aa5450f5dec024f381863aeed92b5e9ce0
Reviewed-on: https://boringssl-review.googlesource.com/16465
Reviewed-by: Martin Kreichgauer <martinkr@google.com>
Reviewed-by: Adam Langley <alangley@gmail.com>
diff --git a/util/fipstools/break-hash.go b/util/fipstools/break-hash.go
new file mode 100644
index 0000000..53e1c5c
--- /dev/null
+++ b/util/fipstools/break-hash.go
@@ -0,0 +1,147 @@
+// Copyright (c) 2017, Google Inc.
+//
+// Permission to use, copy, modify, and/or distribute this software for any
+// purpose with or without fee is hereby granted, provided that the above
+// copyright notice and this permission notice appear in all copies.
+//
+// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+// break-hash parses an ELF binary containing the FIPS module and corrupts the
+// first byte of the module. This should cause the integrity check to fail.
+package main
+
+import (
+ "bytes"
+ "crypto/hmac"
+ "crypto/sha512"
+ "debug/elf"
+ "encoding/hex"
+ "errors"
+ "fmt"
+ "io/ioutil"
+ "os"
+)
+
+func do(outPath, inPath string) error {
+ objectBytes, err := ioutil.ReadFile(inPath)
+ if err != nil {
+ return err
+ }
+
+ object, err := elf.NewFile(bytes.NewReader(objectBytes))
+ if err != nil {
+ return errors.New("failed to parse object: " + err.Error())
+ }
+
+ // Find the .text section.
+ var textSection *elf.Section
+ var textSectionIndex elf.SectionIndex
+ for i, section := range object.Sections {
+ if section.Name == ".text" {
+ textSectionIndex = elf.SectionIndex(i)
+ textSection = section
+ break
+ }
+ }
+
+ if textSection == nil {
+ return errors.New("failed to find .text section in object")
+ }
+
+ symbols, err := object.Symbols()
+ if err != nil {
+ return errors.New("failed to parse symbols: " + err.Error())
+ }
+
+ // Find the start and end markers of the module.
+ var startSeen, endSeen bool
+ var start, end uint64
+
+ for _, symbol := range symbols {
+ if symbol.Section != textSectionIndex {
+ continue
+ }
+
+ switch symbol.Name {
+ case "BORINGSSL_bcm_text_start":
+ if startSeen {
+ return errors.New("duplicate start symbol found")
+ }
+ startSeen = true
+ start = symbol.Value
+ case "BORINGSSL_bcm_text_end":
+ if endSeen {
+ return errors.New("duplicate end symbol found")
+ }
+ endSeen = true
+ end = symbol.Value
+ default:
+ continue
+ }
+ }
+
+ if !startSeen || !endSeen {
+ return errors.New("could not find module in object")
+ }
+
+ moduleText := make([]byte, end-start)
+ if n, err := textSection.ReadAt(moduleText, int64(start-textSection.Addr)); err != nil {
+ return fmt.Errorf("failed to read from module start (at %d of %d) in .text: %s", start, textSection.Size, err)
+ } else if n != len(moduleText) {
+ return fmt.Errorf("short read from .text: wanted %d, got %d", len(moduleText), n)
+ }
+
+ // In order to match up the module start with the raw ELF contents,
+ // search for the first 256 bytes and assume that will be unique.
+ offset := bytes.Index(objectBytes, moduleText[:256])
+ if offset < 0 {
+ return errors.New("did not find module prefix in object file")
+ }
+
+ if bytes.Index(objectBytes[offset+1:], moduleText[:256]) >= 0 {
+ return errors.New("found two occurrences of prefix in object file")
+ }
+
+ // Corrupt the module in the ELF.
+ objectBytes[offset] ^= 1
+
+ // Calculate the before and after hash of the module.
+ var zeroKey [64]byte
+ mac := hmac.New(sha512.New, zeroKey[:])
+ mac.Write(moduleText)
+ hashWas := mac.Sum(nil)
+
+ moduleText[0] ^= 1
+ mac.Reset()
+ mac.Write(moduleText)
+ newHash := mac.Sum(nil)
+
+ fmt.Printf("Found start of module at offset 0x%x (VMA 0x%x):\n", start-textSection.Addr, start)
+ fmt.Printf(hex.Dump(moduleText[:128]))
+ fmt.Printf("\nHash of module was: %x\n", hashWas)
+ fmt.Printf("Hash of corrupted module is: %x\n", newHash)
+
+ return ioutil.WriteFile(outPath, objectBytes, 0755)
+}
+
+func main() {
+ if len(os.Args) != 3 {
+ usage()
+ os.Exit(1)
+ }
+
+ if err := do(os.Args[2], os.Args[1]); err != nil {
+ fmt.Fprintf(os.Stderr, "%s\n", err)
+ os.Exit(1)
+ }
+}
+
+func usage() {
+ fmt.Fprintf(os.Stderr, "Usage: %s <input binary> <output path>\n", os.Args[0])
+}