blob: ffae5e992c2d28b5e01616aa796ff0e97aeaddbd [file] [log] [blame] [edit]
// Copyright (c) 2017, Google Inc.
//
// Permission to use, copy, modify, and/or distribute this software for any
// purpose with or without fee is hereby granted, provided that the above
// copyright notice and this permission notice appear in all copies.
//
// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
// inject_hash parses an archive containing a file object file. It finds a FIPS
// module inside that object, calculates its hash and replaces the default hash
// value in the object with the calculated value.
package main
import (
"bytes"
"crypto/hmac"
"crypto/sha256"
"debug/elf"
"encoding/binary"
"errors"
"flag"
"fmt"
"io"
"os"
"strings"
"boringssl.googlesource.com/boringssl/util/ar"
"boringssl.googlesource.com/boringssl/util/fipstools/fipscommon"
)
func do(outPath, oInput string, arInput string) error {
var objectBytes []byte
var isStatic bool
var perm os.FileMode
if len(arInput) > 0 {
isStatic = true
if len(oInput) > 0 {
return fmt.Errorf("-in-archive and -in-object are mutually exclusive")
}
fi, err := os.Stat(arInput)
if err != nil {
return err
}
perm = fi.Mode()
arFile, err := os.Open(arInput)
if err != nil {
return err
}
defer arFile.Close()
ar, err := ar.ParseAR(arFile)
if err != nil {
return err
}
if len(ar) != 1 {
return fmt.Errorf("expected one file in archive, but found %d", len(ar))
}
for _, contents := range ar {
objectBytes = contents
}
} else if len(oInput) > 0 {
fi, err := os.Stat(oInput)
if err != nil {
return err
}
perm = fi.Mode()
if objectBytes, err = os.ReadFile(oInput); err != nil {
return err
}
isStatic = strings.HasSuffix(oInput, ".o")
} else {
return fmt.Errorf("exactly one of -in-archive or -in-object is required")
}
object, err := elf.NewFile(bytes.NewReader(objectBytes))
if err != nil {
return errors.New("failed to parse object: " + err.Error())
}
// Find the .text and, optionally, .data sections.
var textSection, rodataSection *elf.Section
var textSectionIndex, rodataSectionIndex elf.SectionIndex
for i, section := range object.Sections {
switch section.Name {
case ".text":
textSectionIndex = elf.SectionIndex(i)
textSection = section
case ".rodata":
rodataSectionIndex = elf.SectionIndex(i)
rodataSection = section
}
}
if textSection == nil {
return errors.New("failed to find .text section in object")
}
// Find the starting and ending symbols for the module.
var textStart, textEnd, rodataStart, rodataEnd *uint64
symbols, err := object.Symbols()
if err != nil {
return errors.New("failed to parse symbols: " + err.Error())
}
for _, symbol := range symbols {
var base uint64
switch symbol.Section {
case textSectionIndex:
base = textSection.Addr
case rodataSectionIndex:
if rodataSection == nil {
continue
}
base = rodataSection.Addr
default:
continue
}
if isStatic {
// Static objects appear to have different semantics about whether symbol
// values are relative to their section or not.
base = 0
} else if symbol.Value < base {
return fmt.Errorf("symbol %q at %x, which is below base of %x", symbol.Name, symbol.Value, base)
}
value := symbol.Value - base
switch symbol.Name {
case "BORINGSSL_bcm_text_start":
if textStart != nil {
return errors.New("duplicate start symbol found")
}
textStart = &value
case "BORINGSSL_bcm_text_end":
if textEnd != nil {
return errors.New("duplicate end symbol found")
}
textEnd = &value
case "BORINGSSL_bcm_rodata_start":
if rodataStart != nil {
return errors.New("duplicate rodata start symbol found")
}
rodataStart = &value
case "BORINGSSL_bcm_rodata_end":
if rodataEnd != nil {
return errors.New("duplicate rodata end symbol found")
}
rodataEnd = &value
default:
continue
}
}
if textStart == nil || textEnd == nil {
return errors.New("could not find .text module boundaries in object")
}
if (rodataStart == nil) != (rodataSection == nil) {
return errors.New("rodata start marker inconsistent with rodata section presence")
}
if (rodataStart != nil) != (rodataEnd != nil) {
return errors.New("rodata marker presence inconsistent")
}
if max := textSection.Size; *textStart > max || *textStart > *textEnd || *textEnd > max {
return fmt.Errorf("invalid module .text boundaries: start: %x, end: %x, max: %x", *textStart, *textEnd, max)
}
if rodataSection != nil {
if max := rodataSection.Size; *rodataStart > max || *rodataStart > *rodataEnd || *rodataEnd > max {
return fmt.Errorf("invalid module .rodata boundaries: start: %x, end: %x, max: %x", *rodataStart, *rodataEnd, max)
}
}
// Extract the module from the .text section and hash it.
text := textSection.Open()
if _, err := text.Seek(int64(*textStart), 0); err != nil {
return errors.New("failed to seek to module start in .text: " + err.Error())
}
moduleText := make([]byte, *textEnd-*textStart)
if _, err := io.ReadFull(text, moduleText); err != nil {
return errors.New("failed to read .text: " + err.Error())
}
// Maybe extract the module's read-only data too
var moduleROData []byte
if rodataSection != nil {
rodata := rodataSection.Open()
if _, err := rodata.Seek(int64(*rodataStart), 0); err != nil {
return errors.New("failed to seek to module start in .rodata: " + err.Error())
}
moduleROData = make([]byte, *rodataEnd-*rodataStart)
if _, err := io.ReadFull(rodata, moduleROData); err != nil {
return errors.New("failed to read .rodata: " + err.Error())
}
}
var zeroKey [64]byte
mac := hmac.New(sha256.New, zeroKey[:])
if moduleROData != nil {
var lengthBytes [8]byte
binary.LittleEndian.PutUint64(lengthBytes[:], uint64(len(moduleText)))
mac.Write(lengthBytes[:])
mac.Write(moduleText)
binary.LittleEndian.PutUint64(lengthBytes[:], uint64(len(moduleROData)))
mac.Write(lengthBytes[:])
mac.Write(moduleROData)
} else {
mac.Write(moduleText)
}
calculated := mac.Sum(nil)
// Replace the default hash value in the object with the calculated
// value and write it out.
offset := bytes.Index(objectBytes, fipscommon.UninitHashValue[:])
if offset < 0 {
return errors.New("did not find uninitialised hash value in object file")
}
if bytes.Index(objectBytes[offset+1:], fipscommon.UninitHashValue[:]) >= 0 {
return errors.New("found two occurrences of uninitialised hash value in object file")
}
if _, exists := os.LookupEnv("BORINGSSL_FIPS_SHOW_HASH"); exists {
fmt.Printf("Module hash: %x\n", calculated)
}
copy(objectBytes[offset:], calculated)
return os.WriteFile(outPath, objectBytes, perm&0777)
}
func main() {
arInput := flag.String("in-archive", "", "Path to a .a file")
oInput := flag.String("in-object", "", "Path to a .o file")
outPath := flag.String("o", "", "Path to output object")
flag.Parse()
if err := do(*outPath, *oInput, *arInput); err != nil {
fmt.Fprintf(os.Stderr, "%s\n", err)
os.Exit(1)
}
}