util/fipstools/break-hash.go - boringssl.git - Git at Google

 // Copyright (c) 2017, Google Inc.
 //
 // Permission to use, copy, modify, and/or distribute this software for any
 // purpose with or without fee is hereby granted, provided that the above
 // copyright notice and this permission notice appear in all copies.
 //
 // THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 // WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 // MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
 // SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 // WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
 // OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
 // CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

 // break-hash parses an ELF binary containing the FIPS module and corrupts the
 // first byte of the module. This should cause the integrity check to fail.
 package main

 import (
 	"bytes"
 	"crypto/hmac"
 	"crypto/sha512"
 	"debug/elf"
 	"encoding/hex"
 	"errors"
 	"fmt"
 	"io/ioutil"
 	"os"
 )

 func do(outPath, inPath string) error {
 	objectBytes, err := ioutil.ReadFile(inPath)
 	if err != nil {
 		return err
 	}

 	object, err := elf.NewFile(bytes.NewReader(objectBytes))
 	if err != nil {
 		return errors.New("failed to parse object: " + err.Error())
 	}

 	// Find the .text section.
 	var textSection *elf.Section
 	var textSectionIndex elf.SectionIndex
 	for i, section := range object.Sections {
 		if section.Name == ".text" {
 			textSectionIndex = elf.SectionIndex(i)
 			textSection = section
 			break
 		}
 	}

 	if textSection == nil {
 		return errors.New("failed to find .text section in object")
 	}

 	symbols, err := object.Symbols()
 	if err != nil {
 		fmt.Fprintf(os.Stderr, "%s\nTrying dynamic symbols\n", err)
 		symbols, err = object.DynamicSymbols()
 	}
 	if err != nil {
 		return errors.New("failed to parse symbols: " + err.Error())
 	}

 	// Find the start and end markers of the module.
 	var startSeen, endSeen bool
 	var start, end uint64

 	for _, symbol := range symbols {
 		if symbol.Section != textSectionIndex {
 			continue
 		}

 		switch symbol.Name {
 		case "BORINGSSL_bcm_text_start":
 			if startSeen {
 				return errors.New("duplicate start symbol found")
 			}
 			startSeen = true
 			start = symbol.Value
 		case "BORINGSSL_bcm_text_end":
 			if endSeen {
 				return errors.New("duplicate end symbol found")
 			}
 			endSeen = true
 			end = symbol.Value
 		default:
 			continue
 		}
 	}

 	if !startSeen || !endSeen {
 		return errors.New("could not find module in object")
 	}

 	moduleText := make([]byte, end-start)
 	if n, err := textSection.ReadAt(moduleText, int64(start-textSection.Addr)); err != nil {
 		return fmt.Errorf("failed to read from module start (at %d of %d) in .text: %s", start, textSection.Size, err)
 	} else if n != len(moduleText) {
 		return fmt.Errorf("short read from .text: wanted %d, got %d", len(moduleText), n)
 	}

 	// In order to match up the module start with the raw ELF contents,
 	// search for the first 256 bytes and assume that will be unique.
 	offset := bytes.Index(objectBytes, moduleText[:256])
 	if offset < 0 {
 		return errors.New("did not find module prefix in object file")
 	}

 	if bytes.Index(objectBytes[offset+1:], moduleText[:256]) >= 0 {
 		return errors.New("found two occurrences of prefix in object file")
 	}

 	// Corrupt the module in the ELF.
 	objectBytes[offset] ^= 1

 	// Calculate the before and after hash of the module.
 	var zeroKey [64]byte
 	mac := hmac.New(sha512.New, zeroKey[:])
 	mac.Write(moduleText)
 	hashWas := mac.Sum(nil)

 	moduleText[0] ^= 1
 	mac.Reset()
 	mac.Write(moduleText)
 	newHash := mac.Sum(nil)

 	fmt.Printf("Found start of module at offset 0x%x (VMA 0x%x):\n", start-textSection.Addr, start)
 	fmt.Println(hex.Dump(moduleText[:128]))
 	fmt.Printf("\nHash of module was:          %x\n", hashWas)
 	fmt.Printf("Hash of corrupted module is: %x\n", newHash)

 	return ioutil.WriteFile(outPath, objectBytes, 0755)
 }

 func main() {
 	if len(os.Args) != 3 {
 		usage()
 		os.Exit(1)
 	}

 	if err := do(os.Args[2], os.Args[1]); err != nil {
 		fmt.Fprintf(os.Stderr, "%s\n", err)
 		os.Exit(1)
 	}
 }

 func usage() {
 	fmt.Fprintf(os.Stderr, "Usage: %s <input binary> <output path>\n", os.Args[0])
 }
	// Copyright (c) 2017, Google Inc.
	//
	// Permission to use, copy, modify, and/or distribute this software for any
	// purpose with or without fee is hereby granted, provided that the above
	// copyright notice and this permission notice appear in all copies.
	//
	// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
	// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
	// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
	// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
	// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
	// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
	// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

	// break-hash parses an ELF binary containing the FIPS module and corrupts the
	// first byte of the module. This should cause the integrity check to fail.
	package main

	import (
	"bytes"
	"crypto/hmac"
	"crypto/sha512"
	"debug/elf"
	"encoding/hex"
	"errors"
	"fmt"
	"io/ioutil"
	"os"
	)

	func do(outPath, inPath string) error {
	objectBytes, err := ioutil.ReadFile(inPath)
	if err != nil {
	return err
	}

	object, err := elf.NewFile(bytes.NewReader(objectBytes))
	if err != nil {
	return errors.New("failed to parse object: " + err.Error())
	}

	// Find the .text section.
	var textSection *elf.Section
	var textSectionIndex elf.SectionIndex
	for i, section := range object.Sections {
	if section.Name == ".text" {
	textSectionIndex = elf.SectionIndex(i)
	textSection = section
	break
	}
	}

	if textSection == nil {
	return errors.New("failed to find .text section in object")
	}

	symbols, err := object.Symbols()
	if err != nil {
	fmt.Fprintf(os.Stderr, "%s\nTrying dynamic symbols\n", err)
	symbols, err = object.DynamicSymbols()
	}
	if err != nil {
	return errors.New("failed to parse symbols: " + err.Error())
	}

	// Find the start and end markers of the module.
	var startSeen, endSeen bool
	var start, end uint64

	for _, symbol := range symbols {
	if symbol.Section != textSectionIndex {
	continue
	}

	switch symbol.Name {
	case "BORINGSSL_bcm_text_start":
	if startSeen {
	return errors.New("duplicate start symbol found")
	}
	startSeen = true
	start = symbol.Value
	case "BORINGSSL_bcm_text_end":
	if endSeen {
	return errors.New("duplicate end symbol found")
	}
	endSeen = true
	end = symbol.Value
	default:
	continue
	}
	}

	if !startSeen \|\| !endSeen {
	return errors.New("could not find module in object")
	}

	moduleText := make([]byte, end-start)
	if n, err := textSection.ReadAt(moduleText, int64(start-textSection.Addr)); err != nil {
	return fmt.Errorf("failed to read from module start (at %d of %d) in .text: %s", start, textSection.Size, err)
	} else if n != len(moduleText) {
	return fmt.Errorf("short read from .text: wanted %d, got %d", len(moduleText), n)
	}

	// In order to match up the module start with the raw ELF contents,
	// search for the first 256 bytes and assume that will be unique.
	offset := bytes.Index(objectBytes, moduleText[:256])
	if offset < 0 {
	return errors.New("did not find module prefix in object file")
	}

	if bytes.Index(objectBytes[offset+1:], moduleText[:256]) >= 0 {
	return errors.New("found two occurrences of prefix in object file")
	}

	// Corrupt the module in the ELF.
	objectBytes[offset] ^= 1

	// Calculate the before and after hash of the module.
	var zeroKey [64]byte
	mac := hmac.New(sha512.New, zeroKey[:])
	mac.Write(moduleText)
	hashWas := mac.Sum(nil)

	moduleText[0] ^= 1
	mac.Reset()
	mac.Write(moduleText)
	newHash := mac.Sum(nil)

	fmt.Printf("Found start of module at offset 0x%x (VMA 0x%x):\n", start-textSection.Addr, start)
	fmt.Println(hex.Dump(moduleText[:128]))
	fmt.Printf("\nHash of module was: %x\n", hashWas)
	fmt.Printf("Hash of corrupted module is: %x\n", newHash)

	return ioutil.WriteFile(outPath, objectBytes, 0755)
	}

	func main() {
	if len(os.Args) != 3 {
	usage()
	os.Exit(1)
	}

	if err := do(os.Args[2], os.Args[1]); err != nil {
	fmt.Fprintf(os.Stderr, "%s\n", err)
	os.Exit(1)
	}
	}

	func usage() {
	fmt.Fprintf(os.Stderr, "Usage: %s <input binary> <output path>\n", os.Args[0])
	}