Fix multiple OpenSSL vulnerabilities.

[FreeBSD/releng/9.3.git] / crypto / openssl / fips / fips_premain.c

/* ====================================================================
 * Copyright (c) 2005 The OpenSSL Project. Rights for redistribution
 * and usage in source and binary forms are granted according to the
 * OpenSSL license.
 */

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#if defined(__unix) || defined(__unix__)
# include <unistd.h>
#endif

#ifndef FINGERPRINT_PREMAIN_DSO_LOAD

# if defined(__GNUC__) && __GNUC__>=2
void FINGERPRINT_premain(void) __attribute__ ((constructor));
  /*
   * Most commonly this results in pointer to premain to be dropped to .ctors
   * segment, which is traversed by GCC crtbegin.o upon program startup.
   * Except on a.out OpenBSD where it results in _GLOBAL_$I$premain()
   * {premain();} being auto-generated by compiler... But one way or another
   * this is believed to cover *all* GCC targets.
   */
# elif defined(_MSC_VER)
#  ifdef _WINDLL
__declspec(dllexport)           /* this is essentially cosmetics... */
#  endif
void FINGERPRINT_premain(void);
static int premain_wrapper(void)
{
    FINGERPRINT_premain();
    return 0;
}

#  ifdef _WIN64
#   pragma section(".CRT$XCU",read)
__declspec(allocate(".CRT$XCU"))
#  else
#   pragma data_seg(".CRT$XCU")
#  endif
static int (*p) (void) = premain_wrapper;
  /*
   * This results in pointer to premain to appear in .CRT segment, which is
   * traversed by Visual C run-time initialization code. This applies to both
   * Win32 and [all flavors of] Win64.
   */
#  pragma data_seg()
# elif defined(__SUNPRO_C)
void FINGERPRINT_premain(void);
#  pragma init(FINGERPRINT_premain)
  /* This results in a call to premain to appear in .init segment. */
# elif defined(__DECC) && (defined(__VMS) || defined(VMS))
void FINGERPRINT_premain(void);
#  pragma __nostandard
globaldef {
"LIB$INITIALIZ"} readonly _align(LONGWORD)
int spare[8] = { 0 };

globaldef {
"LIB$INITIALIZE"} readonly _align(LONGWORD)

void (*x_FINGERPRINT_premain) (void) = FINGERPRINT_premain;
  /* Refer to LIB$INITIALIZE to ensure it exists in the image. */
int lib$initialize();
globaldef int (*lib_init_ref) () = lib$initialize;
#  pragma __standard
# elif 0
The rest has to be taken care of through command line:-Wl, -init,
    FINGERPRINT_premain on OSF1 and IRIX - Wl, +init,
    FINGERPRINT_premain on HP - UX - Wl,
    -binitfini:FINGERPRINT_premain on AIX On ELF platforms this results in a
    call to premain to appear in.init segment ...
# endif
# ifndef HMAC_SHA1_SIG
#  define HMAC_SHA1_SIG "?have to make sure this string is unique"
# endif
static const unsigned char FINGERPRINT_ascii_value[40] = HMAC_SHA1_SIG;

# define atox(c) ((c)>='a'?((c)-'a'+10):((c)>='A'?(c)-'A'+10:(c)-'0'))

extern const void *FIPS_text_start(), *FIPS_text_end();
extern const unsigned char FIPS_rodata_start[], FIPS_rodata_end[];
extern unsigned char FIPS_signature[20];
extern unsigned int FIPS_incore_fingerprint(unsigned char *, unsigned int);

/*
 * As name suggests this code is executed prior main(). We use this
 * opportunity to fingerprint sequestered code in virtual address
 * space of target application.
 */
void FINGERPRINT_premain(void)
{
    unsigned char sig[sizeof(FIPS_signature)];
    const unsigned char *volatile p = FINGERPRINT_ascii_value;
    unsigned int len = sizeof(sig), i;

    /* "volatilization" is done to disengage unwanted optimization... */
    if (*((volatile unsigned char *)p) == '?') {
        if (FIPS_text_start() == NULL) {
            fprintf(stderr, "FIPS_text_start() returns NULL\n");
            _exit(1);
        }
# if defined(DEBUG_FINGERPRINT_PREMAIN)
        fprintf(stderr, ".text:%p+%d=%p\n", FIPS_text_start(),
                (int)((size_t)FIPS_text_end() - (size_t)FIPS_text_start()),
                FIPS_text_end());
        fprintf(stderr, ".rodata:%p+%d=%p\n", FIPS_rodata_start,
                (int)((size_t)FIPS_rodata_end - (size_t)FIPS_rodata_start),
                FIPS_rodata_end);
# endif

        len = FIPS_incore_fingerprint(sig, sizeof(sig));

        if (len != sizeof(sig)) {
            fprintf(stderr, "fingerprint length mismatch: %u\n", len);
            _exit(1);
        }

        for (i = 0; i < len; i++)
            printf("%02x", sig[i]);
        printf("\n");
        fflush(stdout);
        _exit(0);
    } else if (FIPS_signature[0] == '\0')
        do {
            for (i = 0; i < sizeof(FIPS_signature); i++, p += 2)
                FIPS_signature[i] = (atox(p[0]) << 4) | atox(p[1]);

# if defined(DEBUG_FINGERPRINT_PREMAIN)
            if (getenv("OPENSSL_FIPS") == NULL)
                break;

            len = FIPS_incore_fingerprint(sig, sizeof(sig));

            if (memcmp(FIPS_signature, sig, sizeof(FIPS_signature))) {
                fprintf(stderr,
                        "FINGERPRINT_premain: FIPS_signature mismatch\n");
                _exit(1);
            }
# endif
        } while (0);
}

#else

# include <openssl/bio.h>
# include <openssl/dso.h>
# include <openssl/err.h>

int main(int argc, char *argv[])
{
    DSO *dso;
    DSO_FUNC_TYPE func;
    BIO *bio_err;

    if (argc < 2) {
        fprintf(stderr, "usage: %s libcrypto.dso\n", argv[0]);
        return 1;
    }

    if ((bio_err = BIO_new(BIO_s_file())) == NULL) {
        fprintf(stderr, "unable to allocate BIO\n");
        return 1;
    }
    BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
    ERR_load_crypto_strings();

    dso = DSO_load(NULL, argv[1], NULL, DSO_FLAG_NO_NAME_TRANSLATION);
    if (dso == NULL) {
        ERR_print_errors(bio_err);
        return 1;
    }

    /*
     * This is not normally reached, because FINGERPRINT_premain should have
     * executed and terminated application already upon DSO_load...
     */
    func = DSO_bind_func(dso, "FINGERPRINT_premain");
    if (func == NULL) {
        ERR_print_errors(bio_err);
        return 1;
    }

    (*func) ();

    return 0;
}

#endif