diff options
author | Martin Willi <martin@strongswan.org> | 2009-06-19 16:39:44 +0200 |
---|---|---|
committer | Martin Willi <martin@strongswan.org> | 2009-06-22 15:47:17 +0200 |
commit | e3b7be91e1c9abafc82e267906e6b18e89e7393d (patch) | |
tree | 962cf144664ab815596c6bf40471742bc237fde5 | |
parent | f1f51395d59ee7ab2e1b79eb3b033fcc68253e40 (diff) | |
download | strongswan-e3b7be91e1c9abafc82e267906e6b18e89e7393d.tar.bz2 strongswan-e3b7be91e1c9abafc82e267906e6b18e89e7393d.tar.xz |
removed obsolete INTEGRITY_TEST and fips signer code
--enable-integrity-test now conditionally builds libchecksum
-rw-r--r-- | LICENSE | 5 | ||||
-rw-r--r-- | configure.in | 3 | ||||
-rw-r--r-- | src/charon/Makefile.am | 4 | ||||
-rw-r--r-- | src/charon/daemon.c | 18 | ||||
-rw-r--r-- | src/libstrongswan/Makefile.am | 19 | ||||
-rw-r--r-- | src/libstrongswan/fips/.gitignore | 2 | ||||
-rw-r--r-- | src/libstrongswan/fips/Makefile.am | 19 | ||||
-rw-r--r-- | src/libstrongswan/fips/fips.c | 96 | ||||
-rw-r--r-- | src/libstrongswan/fips/fips.h | 44 | ||||
-rw-r--r-- | src/libstrongswan/fips/fips_canister_end.c | 166 | ||||
-rw-r--r-- | src/libstrongswan/fips/fips_canister_start.c | 167 | ||||
-rw-r--r-- | src/libstrongswan/fips/fips_signer.c | 68 | ||||
-rw-r--r-- | src/libstrongswan/library.h | 11 | ||||
-rwxr-xr-x | src/openac/openac.c | 19 | ||||
-rw-r--r-- | src/pluto/Makefile.am | 5 | ||||
-rw-r--r-- | src/pluto/plutomain.c | 18 |
16 files changed, 7 insertions, 657 deletions
@@ -22,10 +22,5 @@ so they must include the following phrase: "RSA Security Inc. PKCS#11 Cryptographic Token Interface (Cryptoki)". The headers are not under the GPL; see details in src/pluto/rsaref/pkcs11.h. -The FIPS_canister code in src/libstrongswan/fips that is used to determine -the start (fips_canister_start.c) and end (fips_canister_end.c) of the -libstrongswan TEXT and RODATA segments is under the OpenSSL licence. It is -not under the GPL; see www.openssl.org. - In addition to the terms set out under the GPL, permission is granted to link the software against the libdes, MD2, and MD5 libraries just mentioned. diff --git a/configure.in b/configure.in index 858914c14..433f736b7 100644 --- a/configure.in +++ b/configure.in @@ -588,7 +588,7 @@ AC_ARG_ENABLE( AC_ARG_ENABLE( [integrity-test], - AS_HELP_STRING([--enable-integrity-test],[enable the integrity test of the crypto library (default is NO).]), + AS_HELP_STRING([--enable-integrity-test],[enable integrity testing of libstrongswan and plugins (default is NO).]), [if test x$enableval = xyes; then integrity_test=true fi] @@ -1258,7 +1258,6 @@ AC_OUTPUT( src/libstrongswan/plugins/gcrypt/Makefile src/libstrongswan/plugins/agent/Makefile src/libstrongswan/plugins/test_vectors/Makefile - src/libstrongswan/fips/Makefile src/libfreeswan/Makefile src/pluto/Makefile src/whack/Makefile diff --git a/src/charon/Makefile.am b/src/charon/Makefile.am index 3b5b9c068..356e0742f 100644 --- a/src/charon/Makefile.am +++ b/src/charon/Makefile.am @@ -128,10 +128,6 @@ if USE_ME sa/tasks/ike_me.c sa/tasks/ike_me.h endif -if USE_INTEGRITY_TEST - AM_CFLAGS += -DINTEGRITY_TEST -endif - if USE_CAPABILITIES charon_LDADD += -lcap endif diff --git a/src/charon/daemon.c b/src/charon/daemon.c index f6f3ac17c..c672515a7 100644 --- a/src/charon/daemon.c +++ b/src/charon/daemon.c @@ -42,11 +42,6 @@ #include <config/traffic_selector.h> #include <config/proposal.h> -#ifdef INTEGRITY_TEST -#include <fips/fips.h> -#include <fips/fips_signature.h> -#endif /* INTEGRITY_TEST */ - typedef struct private_daemon_t private_daemon_t; /** @@ -487,19 +482,6 @@ static bool initialize(private_daemon_t *this, bool syslog, level_t levels[]) lib->settings->get_str(lib->settings, "charon.load", PLUGINS)); print_plugins(); - -#ifdef INTEGRITY_TEST - DBG1(DBG_DMN, "integrity test of libstrongswan code"); - if (fips_verify_hmac_signature(hmac_key, hmac_signature)) - { - DBG1(DBG_DMN, " integrity test passed"); - } - else - { - DBG1(DBG_DMN, " integrity test failed"); - return FALSE; - } -#endif /* INTEGRITY_TEST */ this->public.ike_sa_manager = ike_sa_manager_create(); if (this->public.ike_sa_manager == NULL) diff --git a/src/libstrongswan/Makefile.am b/src/libstrongswan/Makefile.am index 4de511e80..d190f351d 100644 --- a/src/libstrongswan/Makefile.am +++ b/src/libstrongswan/Makefile.am @@ -1,14 +1,6 @@ lib_LTLIBRARIES = libstrongswan.la -if USE_INTEGRITY_TEST - libstrongswan_la_SOURCES = \ - fips/fips_canister_start.c \ - fips/fips.c fips/fips.h -else - libstrongswan_la_SOURCES = -endif - -libstrongswan_la_SOURCES += \ +libstrongswan_la_SOURCES = \ library.c library.h \ chunk.c chunk.h \ debug.c debug.h \ @@ -76,11 +68,6 @@ if USE_LOCK_PROFILER AM_CFLAGS += -DLOCK_PROFILER endif -if USE_INTEGRITY_TEST - libstrongswan_la_SOURCES += \ - fips/fips_canister_end.c -endif - if USE_VSTR libstrongswan_la_LIBADD += -lvstr endif @@ -207,7 +194,5 @@ if USE_TEST_VECTORS endif if USE_INTEGRITY_TEST - SUBDIRS += fips + SUBDIRS += checksum endif - -SUBDIRS += checksum diff --git a/src/libstrongswan/fips/.gitignore b/src/libstrongswan/fips/.gitignore deleted file mode 100644 index ebb05cff9..000000000 --- a/src/libstrongswan/fips/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -fips_signature.h -fips_signer diff --git a/src/libstrongswan/fips/Makefile.am b/src/libstrongswan/fips/Makefile.am deleted file mode 100644 index 22a35701b..000000000 --- a/src/libstrongswan/fips/Makefile.am +++ /dev/null @@ -1,19 +0,0 @@ -noinst_PROGRAMS = fips_signer -fips_signer_SOURCES = fips_signer.c -fips_signer_LDADD = ../libstrongswan.la - -BUILT_SOURCES = fips_signature.h -CLEANFILES = fips_signature.h fips_signer -INCLUDES = -I$(top_srcdir)/src/libstrongswan -AM_CFLAGS = -DSTRONGSWAN_CONF=\"${strongswan_conf}\" \ - -DPLUGINDIR=\"${top_srcdir}/src/libstrongswan/plugins\" -if USE_SHA1 - AM_CFLAGS += -DUSE_SHA1 -endif - -if USE_OPENSSL - AM_CFLAGS += -DUSE_OPENSSL -endif - -fips_signature.h : fips_signer - ./fips_signer diff --git a/src/libstrongswan/fips/fips.c b/src/libstrongswan/fips/fips.c deleted file mode 100644 index d2296e5e9..000000000 --- a/src/libstrongswan/fips/fips.c +++ /dev/null @@ -1,96 +0,0 @@ -/* - * Copyright (C) 2007 Bruno Krieg, Daniel Wydler - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <stdio.h> - -#include <debug.h> -#include <crypto/signers/signer.h> -#include "fips.h" - -extern const u_char FIPS_rodata_start[]; -extern const u_char FIPS_rodata_end[]; -extern const void *FIPS_text_start(); -extern const void *FIPS_text_end(); - -/** - * Described in header - */ -bool fips_compute_hmac_signature(const char *key, char *signature) -{ - u_char *text_start = (u_char *)FIPS_text_start(); - u_char *text_end = (u_char *)FIPS_text_end(); - size_t text_len, rodata_len; - signer_t *signer; - - if (text_start > text_end) - { - DBG1(" TEXT start (%p) > TEXT end (%p", - text_start, text_end); - return FALSE; - } - text_len = text_end - text_start; - DBG1(" TEXT: %p + %6d = %p", - text_start, (int)text_len, text_end); - - if (FIPS_rodata_start > FIPS_rodata_end) - { - DBG1(" RODATA start (%p) > RODATA end (%p", - FIPS_rodata_start, FIPS_rodata_end); - return FALSE; - } - rodata_len = FIPS_rodata_end - FIPS_rodata_start; - DBG1(" RODATA: %p + %6d = %p", - FIPS_rodata_start, (int)rodata_len, FIPS_rodata_end); - - signer = lib->crypto->create_signer(lib->crypto, AUTH_HMAC_SHA1_128); - if (signer == NULL) - { - DBG1(" SHA-1 HMAC signer could not be created"); - return FALSE; - } - else - { - chunk_t hmac_key = { (u_char *)key, strlen(key) }; - chunk_t text_chunk = { text_start, text_len }; - chunk_t rodata_chunk = { (u_char *)FIPS_rodata_start, rodata_len }; - chunk_t signature_chunk = chunk_empty; - - signer->set_key(signer, hmac_key); - signer->allocate_signature(signer, text_chunk, NULL); - signer->allocate_signature(signer, rodata_chunk, &signature_chunk); - signer->destroy(signer); - - sprintf(signature, "%#B", &signature_chunk); - DBG1(" SHA-1 HMAC key: %s", key); - DBG1(" SHA-1 HMAC sig: %s", signature); - free(signature_chunk.ptr); - return TRUE; - } -} - -/** - * Described in header - */ -bool fips_verify_hmac_signature(const char *key, - const char *signature) -{ - char current_signature[BUF_LEN]; - - if (!fips_compute_hmac_signature(key, current_signature)) - { - return FALSE; - } - return streq(signature, current_signature); -} diff --git a/src/libstrongswan/fips/fips.h b/src/libstrongswan/fips/fips.h deleted file mode 100644 index aae18e3b2..000000000 --- a/src/libstrongswan/fips/fips.h +++ /dev/null @@ -1,44 +0,0 @@ -/* - * Copyright (C) 2007 Bruno Krieg, Daniel Wydler - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup fips1 fips - * @{ @ingroup fips - */ - -#ifndef FIPS_H_ -#define FIPS_H_ - -#include <library.h> - -/** - * compute HMAC signature over RODATA and TEXT sections of libstrongswan - * - * @param key key used for HMAC signature in ASCII string format - * @param signature HMAC signature in HEX string format - * @return TRUE if HMAC signature computation was successful - */ -bool fips_compute_hmac_signature(const char *key, char *signature); - -/** - * verify HMAC signature over RODATA and TEXT sections of libstrongswan - * - * @param key key used for HMAC signature in ASCII string format - * @param signature signature value from fips_signature.h in HEX string format - * @return TRUE if signatures agree - */ -bool fips_verify_hmac_signature(const char *key, const char *signature); - -#endif /** FIPS_H_ @}*/ diff --git a/src/libstrongswan/fips/fips_canister_end.c b/src/libstrongswan/fips/fips_canister_end.c deleted file mode 100644 index 247d48927..000000000 --- a/src/libstrongswan/fips/fips_canister_end.c +++ /dev/null @@ -1,166 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2005 The OpenSSL Project. Rights for redistribution - * and usage in source and binary forms are granted according to the - * OpenSSL license. - */ - -#include <stdio.h> -#if defined(__DECC) -# include <c_asm.h> -# pragma __nostandard -#endif - -#if !defined(POINTER_TO_FUNCTION_IS_POINTER_TO_1ST_INSTRUCTION) -# if (defined(__sun) && (defined(__sparc) || defined(__sparcv9))) || \ - (defined(__sgi) && (defined(__mips) || defined(mips))) || \ - (defined(__osf__) && defined(__alpha)) || \ - (defined(__linux) && (defined(__arm) || defined(__arm__))) || \ - (defined(__i386) || defined(__i386__)) || \ - (defined(__x86_64) || defined(__x86_64__)) || \ - (defined(vax) || defined(__vax__)) -# define POINTER_TO_FUNCTION_IS_POINTER_TO_1ST_INSTRUCTION -# endif -#endif - -#define FIPS_ref_point FIPS_text_end -/* Some compilers put string literals into a separate segment. As we - * are mostly interested to hash AES tables in .rodata, we declare - * reference points accordingly. In case you wonder, the values are - * big-endian encoded variable names, just to prevent these arrays - * from being merged by linker. */ -const unsigned int FIPS_rodata_end[]= - { 0x46495053, 0x5f726f64, 0x6174615f, 0x656e645b }; - - -/* - * I declare reference function as static in order to avoid certain - * pitfalls in -dynamic linker behaviour... - */ -static void *instruction_pointer(void) -{ - void *ret = NULL; - -/* These are ABI-neutral CPU-specific snippets. ABI-neutrality means - * that they are designed to work under any OS running on particular - * CPU, which is why you don't find any #ifdef THIS_OR_THAT_OS in - * this function. */ -#if defined(INSTRUCTION_POINTER_IMPLEMENTED) - INSTRUCTION_POINTER_IMPLEMENTED(ret); -#elif defined(__GNUC__) && __GNUC__>=2 -# if defined(__alpha) || defined(__alpha__) -# define INSTRUCTION_POINTER_IMPLEMENTED - __asm __volatile ( "br %0,1f\n1:" : "=r"(ret) ); -# elif defined(__i386) || defined(__i386__) -# define INSTRUCTION_POINTER_IMPLEMENTED - __asm __volatile ( "call 1f\n1: popl %0" : "=r"(ret) ); - ret = (void *)((size_t)ret&~3UL); /* align for better performance */ -# elif defined(__ia64) || defined(__ia64__) -# define INSTRUCTION_POINTER_IMPLEMENTED - __asm __volatile ( "mov %0=ip" : "=r"(ret) ); -# elif defined(__hppa) || defined(__hppa__) || defined(__pa_risc) -# define INSTRUCTION_POINTER_IMPLEMENTED - __asm __volatile ( "blr %%r0,%0\n\tnop" : "=r"(ret) ); - ret = (void *)((size_t)ret&~3UL); /* mask privilege level */ -# elif defined(__mips) || defined(__mips__) -# define INSTRUCTION_POINTER_IMPLEMENTED - void *scratch; - __asm __volatile ( "move %1,$31\n\t" /* save ra */ - "bal .+8; nop\n\t" - "move %0,$31\n\t" - "move $31,%1" /* restore ra */ - : "=r"(ret),"=r"(scratch) ); -# elif defined(__ppc__) || defined(__powerpc) || defined(__powerpc__) || \ - defined(__POWERPC__) || defined(_POWER) || defined(__PPC__) || \ - defined(__PPC64__) || defined(__powerpc64__) -# define INSTRUCTION_POINTER_IMPLEMENTED - void *scratch; - __asm __volatile ( "mfspr %1,8\n\t" /* save lr */ - "bl .+4\n\t" - "mfspr %0,8\n\t" /* mflr ret */ - "mtspr 8,%1" /* restore lr */ - : "=r"(ret),"=r"(scratch) ); -# elif defined(__sparc) || defined(__sparc__) || defined(__sparcv9) -# define INSTRUCTION_POINTER_IMPLEMENTED - void *scratch; - __asm __volatile ( "mov %%o7,%1\n\t" - "call .+8; nop\n\t" - "mov %%o7,%0\n\t" - "mov %1,%%o7" - : "=r"(ret),"=r"(scratch) ); -# elif defined(__x86_64) || defined(__x86_64__) -# define INSTRUCTION_POINTER_IMPLEMENTED - __asm __volatile ( "leaq 0(%%rip),%0" : "=r"(ret) ); - ret = (void *)((size_t)ret&~3UL); /* align for better performance */ -# endif -#elif defined(__DECC) && defined(__alpha) -# define INSTRUCTION_POINTER_IMPLEMENTED - ret = (void *)(size_t)asm("br %v0,1f\n1:"); -#elif defined(_MSC_VER) && defined(_M_IX86) -# undef INSTRUCTION_POINTER_IMPLEMENTED - void *scratch; - _asm { - call self - self: pop eax - mov scratch,eax - } - ret = (void *)((size_t)scratch&~3UL); -#endif - return ret; -} - -/* - * This function returns pointer to an instruction in the vicinity of - * its entry point, but not outside this object module. This guarantees - * that sequestered code is covered... - */ -void *FIPS_ref_point() -{ -#if defined(INSTRUCTION_POINTER_IMPLEMENTED) - return instruction_pointer(); -/* Below we essentially cover vendor compilers which do not support - * inline assembler... */ -#elif defined(_AIX) - struct { void *ip,*gp,*env; } *p = (void *)instruction_pointer; - return p->ip; -#elif defined(_HPUX_SOURCE) -# if defined(__hppa) || defined(__hppa__) - struct { void *i[4]; } *p = (void *)FIPS_ref_point; - - if (sizeof(p) == 8) /* 64-bit */ - return p->i[2]; - else if ((size_t)p & 2) - { p = (void *)((size_t)p&~3UL); - return p->i[0]; - } - else - return (void *)p; -# elif defined(__ia64) || defined(__ia64__) - struct { unsigned long long ip,gp; } *p=(void *)instruction_pointer; - return (void *)(size_t)p->ip; -# endif -#elif (defined(__VMS) || defined(VMS)) && !(defined(vax) || defined(__vax__)) - /* applies to both alpha and ia64 */ - struct { unsigned __int64 opaque,ip; } *p=(void *)instruction_pointer; - return (void *)(size_t)p->ip; -#elif defined(__VOS__) - /* applies to both pa-risc and ia32 */ - struct { void *dp,*ip,*gp; } *p = (void *)instruction_pointer; - return p->ip; -#elif defined(_WIN32) -# if defined(_WIN64) && defined(_M_IA64) - struct { void *ip,*gp; } *p = (void *)FIPS_ref_point; - return p->ip; -# else - return (void *)FIPS_ref_point; -# endif -/* - * In case you wonder why there is no #ifdef __linux. All Linux targets - * are GCC-based and therefore are covered by instruction_pointer above - * [well, some are covered by by the one below]... - */ -#elif defined(POINTER_TO_FUNCTION_IS_POINTER_TO_1ST_INSTRUCTION) - return (void *)instruction_pointer; -#else - return NULL; -#endif -} diff --git a/src/libstrongswan/fips/fips_canister_start.c b/src/libstrongswan/fips/fips_canister_start.c deleted file mode 100644 index 4a5528a94..000000000 --- a/src/libstrongswan/fips/fips_canister_start.c +++ /dev/null @@ -1,167 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2005 The OpenSSL Project. Rights for redistribution - * and usage in source and binary forms are granted according to the - * OpenSSL license. - */ - -#include <stdio.h> -#if defined(__DECC) -# include <c_asm.h> -# pragma __nostandard -#endif - -#if !defined(POINTER_TO_FUNCTION_IS_POINTER_TO_1ST_INSTRUCTION) -# if (defined(__sun) && (defined(__sparc) || defined(__sparcv9))) || \ - (defined(__sgi) && (defined(__mips) || defined(mips))) || \ - (defined(__osf__) && defined(__alpha)) || \ - (defined(__linux) && (defined(__arm) || defined(__arm__))) || \ - (defined(__i386) || defined(__i386__)) || \ - (defined(__x86_64) || defined(__x86_64__)) || \ - (defined(vax) || defined(__vax__)) -# define POINTER_TO_FUNCTION_IS_POINTER_TO_1ST_INSTRUCTION -# endif -#endif - - -#define FIPS_ref_point FIPS_text_start -/* Some compilers put string literals into a separate segment. As we - * are mostly interested to hash AES tables in .rodata, we declare - * reference points accordingly. In case you wonder, the values are - * big-endian encoded variable names, just to prevent these arrays - * from being merged by linker. */ -const unsigned int FIPS_rodata_start[]= - { 0x46495053, 0x5f726f64, 0x6174615f, 0x73746172 }; - - -/* - * I declare reference function as static in order to avoid certain - * pitfalls in -dynamic linker behaviour... - */ -static void *instruction_pointer(void) -{ - void *ret = NULL; - -/* These are ABI-neutral CPU-specific snippets. ABI-neutrality means - * that they are designed to work under any OS running on particular - * CPU, which is why you don't find any #ifdef THIS_OR_THAT_OS in - * this function. */ -#if defined(INSTRUCTION_POINTER_IMPLEMENTED) - INSTRUCTION_POINTER_IMPLEMENTED(ret); -#elif defined(__GNUC__) && __GNUC__>=2 -# if defined(__alpha) || defined(__alpha__) -# define INSTRUCTION_POINTER_IMPLEMENTED - __asm __volatile ( "br %0,1f\n1:" : "=r"(ret) ); -# elif defined(__i386) || defined(__i386__) -# define INSTRUCTION_POINTER_IMPLEMENTED - __asm __volatile ( "call 1f\n1: popl %0" : "=r"(ret) ); - ret = (void *)((size_t)ret&~3UL); /* align for better performance */ -# elif defined(__ia64) || defined(__ia64__) -# define INSTRUCTION_POINTER_IMPLEMENTED - __asm __volatile ( "mov %0=ip" : "=r"(ret) ); -# elif defined(__hppa) || defined(__hppa__) || defined(__pa_risc) -# define INSTRUCTION_POINTER_IMPLEMENTED - __asm __volatile ( "blr %%r0,%0\n\tnop" : "=r"(ret) ); - ret = (void *)((size_t)ret&~3UL); /* mask privilege level */ -# elif defined(__mips) || defined(__mips__) -# define INSTRUCTION_POINTER_IMPLEMENTED - void *scratch; - __asm __volatile ( "move %1,$31\n\t" /* save ra */ - "bal .+8; nop\n\t" - "move %0,$31\n\t" - "move $31,%1" /* restore ra */ - : "=r"(ret),"=r"(scratch) ); -# elif defined(__ppc__) || defined(__powerpc) || defined(__powerpc__) || \ - defined(__POWERPC__) || defined(_POWER) || defined(__PPC__) || \ - defined(__PPC64__) || defined(__powerpc64__) -# define INSTRUCTION_POINTER_IMPLEMENTED - void *scratch; - __asm __volatile ( "mfspr %1,8\n\t" /* save lr */ - "bl .+4\n\t" - "mfspr %0,8\n\t" /* mflr ret */ - "mtspr 8,%1" /* restore lr */ - : "=r"(ret),"=r"(scratch) ); -# elif defined(__sparc) || defined(__sparc__) || defined(__sparcv9) -# define INSTRUCTION_POINTER_IMPLEMENTED - void *scratch; - __asm __volatile ( "mov %%o7,%1\n\t" - "call .+8; nop\n\t" - "mov %%o7,%0\n\t" - "mov %1,%%o7" - : "=r"(ret),"=r"(scratch) ); -# elif defined(__x86_64) || defined(__x86_64__) -# define INSTRUCTION_POINTER_IMPLEMENTED - __asm __volatile ( "leaq 0(%%rip),%0" : "=r"(ret) ); - ret = (void *)((size_t)ret&~3UL); /* align for better performance */ -# endif -#elif defined(__DECC) && defined(__alpha) -# define INSTRUCTION_POINTER_IMPLEMENTED - ret = (void *)(size_t)asm("br %v0,1f\n1:"); -#elif defined(_MSC_VER) && defined(_M_IX86) -# undef INSTRUCTION_POINTER_IMPLEMENTED - void *scratch; - _asm { - call self - self: pop eax - mov scratch,eax - } - ret = (void *)((size_t)scratch&~3UL); -#endif - return ret; -} - -/* - * This function returns pointer to an instruction in the vicinity of - * its entry point, but not outside this object module. This guarantees - * that sequestered code is covered... - */ -void *FIPS_ref_point() -{ -#if defined(INSTRUCTION_POINTER_IMPLEMENTED) - return instruction_pointer(); -/* Below we essentially cover vendor compilers which do not support - * inline assembler... */ -#elif defined(_AIX) - struct { void *ip,*gp,*env; } *p = (void *)instruction_pointer; - return p->ip; -#elif defined(_HPUX_SOURCE) -# if defined(__hppa) || defined(__hppa__) - struct { void *i[4]; } *p = (void *)FIPS_ref_point; - - if (sizeof(p) == 8) /* 64-bit */ - return p->i[2]; - else if ((size_t)p & 2) - { p = (void *)((size_t)p&~3UL); - return p->i[0]; - } - else - return (void *)p; -# elif defined(__ia64) || defined(__ia64__) - struct { unsigned long long ip,gp; } *p=(void *)instruction_pointer; - return (void *)(size_t)p->ip; -# endif -#elif (defined(__VMS) || defined(VMS)) && !(defined(vax) || defined(__vax__)) - /* applies to both alpha and ia64 */ - struct { unsigned __int64 opaque,ip; } *p=(void *)instruction_pointer; - return (void *)(size_t)p->ip; -#elif defined(__VOS__) - /* applies to both pa-risc and ia32 */ - struct { void *dp,*ip,*gp; } *p = (void *)instruction_pointer; - return p->ip; -#elif defined(_WIN32) -# if defined(_WIN64) && defined(_M_IA64) - struct { void *ip,*gp; } *p = (void *)FIPS_ref_point; - return p->ip; -# else - return (void *)FIPS_ref_point; -# endif -/* - * In case you wonder why there is no #ifdef __linux. All Linux targets - * are GCC-based and therefore are covered by instruction_pointer above - * [well, some are covered by by the one below]... - */ -#elif defined(POINTER_TO_FUNCTION_IS_POINTER_TO_1ST_INSTRUCTION) - return (void *)instruction_pointer; -#else - return NULL; -#endif -} diff --git a/src/libstrongswan/fips/fips_signer.c b/src/libstrongswan/fips/fips_signer.c deleted file mode 100644 index 6f5fdcecf..000000000 --- a/src/libstrongswan/fips/fips_signer.c +++ /dev/null @@ -1,68 +0,0 @@ -/* - * Copyright (C) 2007 Bruno Krieg, Daniel Wydler - * Hochschule fuer Technik Rapperswil, Switzerland - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <stdio.h> - -#include <crypto/hashers/hasher.h> -#include "fips.h" - -int main(int argc, char* argv[]) -{ - FILE *f; - char *hmac_key = "strongSwan Version " VERSION; - char hmac_signature[BUF_LEN]; - - /* initialize library */ - library_init(STRONGSWAN_CONF); -#ifdef USE_SHA1 - lib->plugins->load(lib->plugins, PLUGINDIR "/sha1/.libs", "sha1"); -#endif -#ifdef USE_OPENSSL - lib->plugins->load(lib->plugins, PLUGINDIR "/openssl/.libs", "openssl"); -#endif - lib->plugins->load(lib->plugins, PLUGINDIR "/hmac/.libs", "hmac"); - - if (!fips_compute_hmac_signature(hmac_key, hmac_signature)) - { - exit(1); - } - - /** - * write computed HMAC signature to fips_signature.h - */ - f = fopen("fips_signature.h", "wt"); - - if (f == NULL) - { - exit(1); - } - fprintf(f, "/* SHA-1 HMAC signature computed over TEXT and RODATA of libstrongswan\n"); - fprintf(f, " *\n"); - fprintf(f, " * This file has been automatically generated by fips_signer\n"); - fprintf(f, " * Do not edit manually!\n"); - fprintf(f, " */\n"); - fprintf(f, "\n"); - fprintf(f, "#ifndef FIPS_SIGNATURE_H_\n"); - fprintf(f, "#define FIPS_SIGNATURE_H_\n"); - fprintf(f, "\n"); - fprintf(f, "const char *hmac_key = \"%s\";\n", hmac_key); - fprintf(f, "const char *hmac_signature = \"%s\";\n", hmac_signature); - fprintf(f, "\n"); - fprintf(f, "#endif /* FIPS_SIGNATURE_H_ @} */\n"); - fclose(f); - - library_deinit(); - exit(0); -} diff --git a/src/libstrongswan/library.h b/src/libstrongswan/library.h index 3f62b24d5..eab56c42d 100644 --- a/src/libstrongswan/library.h +++ b/src/libstrongswan/library.h @@ -30,19 +30,16 @@ * * @defgroup crypto crypto * @ingroup libstrongswan - + * * @defgroup database database * @ingroup libstrongswan - + * * @defgroup fetcher fetcher * @ingroup libstrongswan - - * @defgroup fips fips - * @ingroup libstrongswan - + * * @defgroup plugins plugins * @ingroup libstrongswan - + * * @defgroup utils utils * @ingroup libstrongswan */ diff --git a/src/openac/openac.c b/src/openac/openac.c index 3686c07ac..b7d303d12 100755 --- a/src/openac/openac.c +++ b/src/openac/openac.c @@ -40,11 +40,6 @@ #include <credentials/keys/private_key.h> #include <utils/optionsfrom.h> -#ifdef INTEGRITY_TEST -#include <fips/fips.h> -#include <fips_signature.h> -#endif /* INTEGRITY_TEST */ - #define OPENAC_PATH IPSEC_CONFDIR "/openac" #define OPENAC_SERIAL IPSEC_CONFDIR "/openac/serial" @@ -482,20 +477,6 @@ int main(int argc, char **argv) DBG1("starting openac (strongSwan Version %s)", VERSION); -#ifdef INTEGRITY_TEST - DBG1("integrity test of libstrongswan code"); - if (fips_verify_hmac_signature(hmac_key, hmac_signature)) - { - DBG1(" integrity test passed"); - } - else - { - DBG1(" integrity test failed"); - status = 3; - goto end; - } -#endif /* INTEGRITY_TEST */ - /* load the signer's RSA private key */ if (keyfile != NULL) { diff --git a/src/pluto/Makefile.am b/src/pluto/Makefile.am index 01237305b..c9cb6651f 100644 --- a/src/pluto/Makefile.am +++ b/src/pluto/Makefile.am @@ -110,11 +110,6 @@ if USE_SMARTCARD AM_CFLAGS += -DSMARTCARD endif -# This compile option activates the integrity test of libstrongswan -if USE_INTEGRITY_TEST - AM_CFLAGS += -DINTEGRITY_TEST -endif - if USE_CAPABILITIES pluto_LDADD += -lcap endif diff --git a/src/pluto/plutomain.c b/src/pluto/plutomain.c index a9377cba7..0ff9bfc0d 100644 --- a/src/pluto/plutomain.c +++ b/src/pluto/plutomain.c @@ -43,11 +43,6 @@ #include <utils/enumerator.h> #include <utils/optionsfrom.h> -#ifdef INTEGRITY_TEST -#include <fips/fips.h> -#include <fips/fips_signature.h> -#endif /* INTEGRITY_TEST */ - #include <pfkeyv2.h> #include <pfkey.h> @@ -645,19 +640,6 @@ int main(int argc, char **argv) lib->settings->get_str(lib->settings, "pluto.load", PLUGINS)); print_plugins(); -#ifdef INTEGRITY_TEST - DBG1("integrity test of libstrongswan code"); - if (fips_verify_hmac_signature(hmac_key, hmac_signature)) - { - DBG1(" integrity test passed"); - } - else - { - DBG1(" integrity test failed"); - abort(); - } -#endif /* INTEGRITY_TEST */ - init_nat_traversal(nat_traversal, keep_alive, force_keepalive, nat_t_spf); init_virtual_ip(virtual_private); scx_init(pkcs11_module_path, pkcs11_init_args); |