I have successfully cross-compiled a FIPS_capable libcrypto.a for my
target (NetBSD on PowerPC), and successfully built the FIPS tests and
run them on the target - all pass/fail as expected. I also built a
simple app and built that with the library, and ran that successfully.
I have (see other thread...) verified the location of the sequestered
code and rodata is the same as fipscanister.o, and that the functions
point to the correct memory locations for the start and end of the
sequestered stuff.
Next I wanted to build my main application (massive), and modified the
final linking rule to use fipsld and incore in a similar manner to how
I built the simple app above. I verified the result via objdump as I
did with the simple app above. I also modified my main app to have a
function to enable FIPS mode in the same way as the simple app (i.e.,
FIPS_mode_set(1)). I was downright giddy with excitement.
However, when I run my app on the target, and run the function to
enable FIPS mode, it fails - the not uncommon but nevertheless
disheartening error "FIPS_check_incore_fingerprint:fingerprint does
not match:fips.c:229:".
After more detailed investigation, I'm pretty sure that
FINGERPRINT_premain() does not get called in my big app, because if I
dump FIPS_signature[] it is null. If FINGERPRINT_premain() were being
called, it would get filled in by this piece of code:
else if (FIPS_signature[0]=='\0') do
{ for (i=0;i<sizeof(FIPS_signature);i++,p+=2)
FIPS_signature[i] = (atox(p[0])<<4)|atox(p[1]);
}
When I run my simple app on the target, I see it getting called and it
goes into FIPS mode fine.
When doing fipsld on my main application, I see fips_premain.c in the
command executed to recompile the app right before calling incore
(FIPS_SIG), and I see the FINGERPRINT_premain symbol in the final app.
While investigating this I realized I did not really know when
FINGERPRINT_premain is supposed to be called. With my small app I see
it get called when I execute the app (because I stuck some debug
printfs in fips_premain.c). But with the main app - which is called by
some system startup chicanery I'm not too familiar with - it is not
called. So perhaps that is the issue. I'm not familiar with what the
fips_premain.c code seems to be doing with the function declaration,
using the __attribute__((constructor)), so maybe that is interfering
with the way the system starts up this app.
Suggestions and enlightening explanation appreciated.
Thanks,
Kevin
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
