break-tests.sh: break run-time tests and use two test_fips binaries. (This change breaks running on Android. But it's close to what we used for non-Android FIPS testing so is useful to have on the record.) This change adds testing of the run-time break tests: the pair-wise consistency tests and the RNG test. It also switches to using two test_fips binaries: an unmodified one for showing a clean up and testing the integrity test, and a test_fips_break which makes integrity test failures non-fatal (for KAT testing) and which allows the run-time tests to be triggered. Change-Id: Id2787723059cfb17cc2d22013ad66b985ef86701 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/53885 Reviewed-by: David Benjamin <davidben@google.com> Auto-Submit: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com>
diff --git a/util/fipstools/break-tests.sh b/util/fipstools/break-tests.sh index f9ae2e8..695b629 100644 --- a/util/fipstools/break-tests.sh +++ b/util/fipstools/break-tests.sh
@@ -25,139 +25,147 @@ set -e die () { - echo "ERROR: $@" - exit 1 + echo "ERROR: $@" + exit 1 } usage() { - echo "USAGE: $0 [local|device]" - exit 1 + echo "USAGE: $0 [local|device]" + exit 1 } inferred_mode() { - # Try and infer local or device mode based on makefiles and artifacts. - if [ -f Android.bp -o -f external/boringssl/Android.bp ] - then - echo device - elif [ -f CMakeLists.txt -a -d build/crypto -a -d build/ssl ] - then - echo local - else - echo "Unable to infer mode, please specify on the command line." - usage - fi + # Try and infer local or device mode based on makefiles and artifacts. + if [ -f Android.bp -o -f external/boringssl/Android.bp ]; then + echo device + elif [ -f CMakeLists.txt -a -d build/crypto -a -d build/ssl ]; then + echo local + else + echo "Unable to infer mode, please specify on the command line." + usage + fi } # Prefer mode from command line if present. case "$1" in - local|device) - MODE=$1 - ;; + local|device) + MODE=$1 + ;; - "") - MODE=`inferred_mode` - ;; + "") + MODE=`inferred_mode` + ;; - *) - usage - ;; + *) + usage + ;; esac check_directory() { - test -d $1 || die "Directory $1 not found." + test -d "$1" || die "Directory $1 not found." } check_file() { - test -f $1 || die "File $1 not found." + test -f "$1" || die "File $1 not found." } run_test_locally() { - eval "$1" || true + eval "$1" || true } run_test_on_device() { - EXECFILE="$1" - LIBRARY="$2" - adb shell rm -rf $DEVICE_TMP - adb shell mkdir -p $DEVICE_TMP - adb push $EXECFILE $DEVICE_TMP > /dev/null - EXECPATH=$(basename $EXECFILE) - adb push $LIBRARY $DEVICE_TMP > /dev/null - adb shell "LD_LIBRARY_PATH=$DEVICE_TMP $DEVICE_TMP/$EXECPATH" || true + EXECFILE="$1" + LIBRARY="$2" + adb shell rm -rf "$DEVICE_TMP" + adb shell mkdir -p "$DEVICE_TMP" + adb push "$EXECFILE" "$DEVICE_TMP" > /dev/null + EXECPATH=$(basename "$EXECFILE") + adb push "$LIBRARY" "$DEVICE_TMP" > /dev/null + adb shell "LD_LIBRARY_PATH=$DEVICE_TMP" "$DEVICE_TMP/$EXECPATH" || true } device_integrity_break_test() { - go run $BORINGSSL/util/fipstools/break-hash.go $LIBCRYPTO_BIN ./libcrypto.so - $RUN $TEST_FIPS_BIN ./libcrypto.so - rm ./libcrypto.so + go run "$BORINGSSL/util/fipstools/break-hash.go" "$LIBCRYPTO_BIN" ./libcrypto.so + $RUN "$TEST_FIPS_BIN" ./libcrypto.so + rm ./libcrypto.so } local_integrity_break_test() { - go run $BORINGSSL/util/fipstools/break-hash.go $TEST_FIPS_BIN ./break-bin - chmod u+x ./break-bin - $RUN ./break-bin - rm ./break-bin + go run $BORINGSSL/util/fipstools/break-hash.go "$TEST_FIPS_BIN" ./break-bin + chmod u+x ./break-bin + $RUN ./break-bin + rm ./break-bin +} + +local_runtime_break_test() { + BORINGSSL_FIPS_BREAK_TEST=$1 "$RUN" "$TEST_FIPS_BREAK_BIN" } # TODO(prb): make break-hash and break-kat take similar arguments to save having # separate functions for each. device_kat_break_test() { - KAT="$1" - go run $BORINGSSL/util/fipstools/break-kat.go $LIBCRYPTO_BIN $KAT > ./libcrypto.so - $RUN $TEST_FIPS_BIN ./libcrypto.so - rm ./libcrypto.so + KAT="$1" + go run "$BORINGSSL/util/fipstools/break-kat.go" "$LIBCRYPTO_BREAK_BIN" "$KAT" > ./libcrypto.so + $RUN "$TEST_FIPS_BIN" ./libcrypto.so + rm ./libcrypto.so } local_kat_break_test() { - KAT="$1" - go run $BORINGSSL/util/fipstools/break-kat.go $TEST_FIPS_BIN $KAT > ./break-bin - chmod u+x ./break-bin - $RUN ./break-bin - rm ./break-bin + KAT="$1" + go run "$BORINGSSL/util/fipstools/break-kat.go" "$TEST_FIPS_BREAK_BIN" "$KAT" > ./break-bin + chmod u+x ./break-bin + $RUN ./break-bin + rm ./break-bin } pause () { - echo -n "Press <Enter> " - read + echo -n "Press <Enter> " + read } -if [ "$MODE" = "local" ] -then - TEST_FIPS_BIN="build/util/fipstools/test_fips" - BORINGSSL=. - RUN=run_test_locally - BREAK_TEST=local_break_test - INTEGRITY_BREAK_TEST=local_integrity_break_test - KAT_BREAK_TEST=local_kat_break_test - if [ ! -f $TEST_FIPS_BIN ]; then - echo "$TEST_FIPS_BIN is missing. Run this script from the top level of a" - echo "BoringSSL checkout and ensure that BoringSSL has been built in" - echo "build/ with -DFIPS_BREAK_TEST=TESTS passed to CMake." - exit 1 - fi +if [ "$MODE" = "local" ]; then + TEST_FIPS_BIN=${TEST_FIPS_BIN:-build/util/fipstools/test_fips} + TEST_FIPS_BREAK_BIN=${TEST_FIPS_BREAK_BIN:-./test_fips_break} + check_file "$TEST_FIPS_BIN" + check_file "$TEST_FIPS_BREAK_BIN" + + BORINGSSL=. + RUN=run_test_locally + BREAK_TEST=local_break_test + INTEGRITY_BREAK_TEST=local_integrity_break_test + KAT_BREAK_TEST=local_kat_break_test + RUNTIME_BREAK_TEST=local_runtime_break_test + if [ ! -f "$TEST_FIPS_BIN" ]; then + echo "$TEST_FIPS_BIN is missing. Run this script from the top level of a" + echo "BoringSSL checkout and ensure that BoringSSL has been built in" + echo "build/ with -DFIPS_BREAK_TEST=TESTS passed to CMake." + exit 1 + fi else # Device mode - test "$ANDROID_BUILD_TOP" || die "'lunch aosp_arm64-eng' first" - check_directory "$ANDROID_PRODUCT_OUT" + test "$ANDROID_BUILD_TOP" || die "'lunch aosp_arm64-eng' first" + check_directory "$ANDROID_PRODUCT_OUT" - TEST_FIPS_BIN="$ANDROID_PRODUCT_OUT/system/bin/test_fips" - check_file "$TEST_FIPS_BIN" - LIBCRYPTO_BIN="$ANDROID_PRODUCT_OUT/system/lib64/libcrypto.so" - check_file "$LIBCRYPTO_BIN" + TEST_FIPS_BIN="$ANDROID_PRODUCT_OUT/system/bin/test_fips" + check_file "$TEST_FIPS_BIN" + LIBCRYPTO_BIN="$ANDROID_PRODUCT_OUT/system/lib64/libcrypto.so" + LIBCRYPTO_BREAK_BIN="libcrypto.so" + check_file "$LIBCRYPTO_BIN" + check_file "$LIBCRYPTO_BREAK_BIN" - test "$ANDROID_SERIAL" || die "ANDROID_SERIAL not set" - DEVICE_TMP=/data/local/tmp + test "$ANDROID_SERIAL" || die "ANDROID_SERIAL not set" + DEVICE_TMP=/data/local/tmp - BORINGSSL="$ANDROID_BUILD_TOP/external/boringssl/src" - RUN=run_test_on_device - INTEGRITY_BREAK_TEST=device_integrity_break_test - KAT_BREAK_TEST=device_kat_break_test + BORINGSSL="$ANDROID_BUILD_TOP/external/boringssl/src" + RUN=run_test_on_device + INTEGRITY_BREAK_TEST=device_integrity_break_test + KAT_BREAK_TEST=device_kat_break_test fi -KATS=$(go run $BORINGSSL/util/fipstools/break-kat.go --list-tests) +KATS=$(go run "$BORINGSSL/util/fipstools/break-kat.go" --list-tests) echo -e '\033[1mNormal output\033[0m' -$RUN $TEST_FIPS_BIN $LIBCRYPTO_BIN +$RUN "$TEST_FIPS_BIN" "$LIBCRYPTO_BIN" pause echo @@ -171,3 +179,13 @@ $KAT_BREAK_TEST $kat pause done + +if [ "$MODE" = "local" ]; then + # TODO(prb): add support for Android devices. + for runtime_test in ECDSA_PWCT RSA_PWCT CRNG; do + echo + echo -e "\033[1m${runtime_test} failure\033[0m" + $RUNTIME_BREAK_TEST ${runtime_test} + pause + done +fi