rpms/libgcrypt
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Backport the FIPS integrity checking

Browse Source 
Resolves: rhbz#2157966
This commit is contained in:
Jakub Jelen 2023-01-17 15:36:15 +01:00
parent bb8f0dfc24
commit 7e0fcaf4ab
3 changed files with 1181 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1008
libgcrypt-1.10.0-fips-integrity.patch Normal file
View File

File diff suppressed because it is too large Load Diff

158
libgcrypt-1.10.0-fips-integrity2.patch Normal file
View File

@ -0,0 +1,158 @@
From 3c8b6c4a9cad59c5e1db5706f6774a3141b60210 Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Thu, 17 Feb 2022 10:28:05 +0900
Subject: [PATCH] fips: Fix gen-note-integrity.sh script not to use cmp
utility.
* src/gen-note-integrity.sh: Simplify detecting 32-bit machine
or 64-bit machine.
--
GnuPG-bug-id: 5835
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
src/gen-note-integrity.sh | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/gen-note-integrity.sh b/src/gen-note-integrity.sh
index 969fdca6..878d7095 100755
--- a/src/gen-note-integrity.sh
+++ b/src/gen-note-integrity.sh
@@ -73,9 +73,9 @@ FILE=.libs/libgcrypt.so
#
# Fixup the ELF header to clean up section information
#
-printf '%b' '\002' > 2.bin
-dd ibs=1 skip=4 count=1 if=$FILE status=none > class-byte.bin
-if cmp class-byte.bin 2.bin; then
+BYTE002=$(printf '%b' '\002')
+CLASS_BYTE=$(dd ibs=1 skip=4 count=1 if=$FILE status=none)
+if test "$CLASS_BYTE" = "$BYTE002"; then
CLASS=64
HEADER_SIZE=64
else
@@ -112,4 +112,4 @@ END { print offset}")
dd ibs=1 skip=$HEADER_SIZE count=$OFFSET if=$FILE status=none) \
| ./hmac256 --stdkey --binary
-rm -f 2.bin class-byte.bin header-fixed.bin
+rm -f header-fixed.bin
--
2.39.1
From 052c5ef4cea56772b7015e36f231fa0bcbf91410 Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Thu, 17 Feb 2022 11:21:35 +0900
Subject: [PATCH] fips: Clarify what to be hashed for the integrity check.
* src/fips.c (get_file_offset): Compute the maximum offset
of segments.
* src/gen-note-integrity.sh: Likewise.
--
The result is same (in current format of ELF program).
Semantics is more clear. It hashes:
- From the start of shared library file,
- fixed up the ELF header to exclude link-time information,
- up to the last segment.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
src/fips.c | 20 +++++++++-----------
src/gen-note-integrity.sh | 20 ++++++++++++++------
2 files changed, 23 insertions(+), 17 deletions(-)
diff --git a/src/fips.c b/src/fips.c
index d798d577..89f8204b 100644
--- a/src/fips.c
+++ b/src/fips.c
@@ -595,7 +595,7 @@ run_random_selftests (void)
/*
* In the ELF file opened as FP, fill the ELF header to the pointer
- * EHDR_P, determine the offset of last loadable segment in R_OFFSET.
+ * EHDR_P, determine the maximum offset of segments in R_OFFSET.
* Also, find the section which contains the hmac value and return it
* in HMAC. Rewinds FP to the beginning on success.
*/
@@ -624,24 +624,22 @@ get_file_offset (FILE *fp, ElfW (Ehdr) *ehdr_p,
if (fseek (fp, ehdr_p->e_phoff, SEEK_SET) != 0)
return gpg_error_from_syserror ();
- /* Iterate over the program headers, determine the last loadable
- segment. */
+ /* Iterate over the program headers, determine the last offset of
+ segments. */
for (i = 0; i < ehdr_p->e_phnum; i++)
{
+ unsigned long off;
+
if (fread (&phdr, sizeof (phdr), 1, fp) != 1)
return gpg_error_from_syserror ();
- if (phdr.p_type == PT_PHDR)
- continue;
-
- if (phdr.p_type != PT_LOAD)
- break;
-
- off_segment = phdr.p_offset + phdr.p_filesz;
+ off = phdr.p_offset + phdr.p_filesz;
+ if (off_segment < off)
+ off_segment = off;
}
if (!off_segment)
- /* The segment not found in the file */
+ /* No segment found in the file */
return gpg_error (GPG_ERR_INV_OBJ);
/* The section header entry size should match the size of the shdr struct */
diff --git a/src/gen-note-integrity.sh b/src/gen-note-integrity.sh
index 878d7095..50071bf5 100755
--- a/src/gen-note-integrity.sh
+++ b/src/gen-note-integrity.sh
@@ -95,21 +95,29 @@ else
dd ibs=1 count=6 if=/dev/zero status=none
fi > header-fixed.bin
-# Compute the end of loadable segment.
+#
+# Compute the end of segments, and emit the COUNT to read
+# (For each segment in program headers, calculate the offset
+# and select the maximum)
#
# This require computation in hexadecimal, and GNU awk needs
# --non-decimal-data option
#
-OFFSET=$($READELF --wide --program-headers $FILE | \
- $AWK $AWK_OPTION "/^ LOAD/ { offset=\$2+\$5-$HEADER_SIZE }\
-END { print offset}")
+COUNT=$($READELF --wide --program-headers $FILE | \
+ $AWK $AWK_OPTION \
+"BEGIN { max_offset=0 }
+/^\$/ { if (program_headers_start) program_headers_end=1 }
+(program_headers_start && !program_headers_end) { offset = \$2 + \$5 }
+(max_offset < offset) { max_offset = offset }
+/^ Type/ { program_headers_start=1 }
+END { print max_offset- $HEADER_SIZE }")
#
-# Feed the header fixed and loadable segments to HMAC256
+# Feed the header fixed and all segments to HMAC256
# to generate hmac hash of the FILE
#
(cat header-fixed.bin; \
- dd ibs=1 skip=$HEADER_SIZE count=$OFFSET if=$FILE status=none) \
+ dd ibs=1 skip=$HEADER_SIZE count=$COUNT if=$FILE status=none) \
| ./hmac256 --stdkey --binary
rm -f header-fixed.bin
--
2.39.1

20
libgcrypt.spec
View File

@ -38,6 +38,14 @@ Patch11: libgcrypt-1.10.0-fips-kdf.patch
# c34c9e70055ee43e5ef257384fa15941f064e5a4 # c34c9e70055ee43e5ef257384fa15941f064e5a4
# https://gitlab.com/redhat-crypto/libgcrypt/libgcrypt-mirror/-/merge_requests/13 # https://gitlab.com/redhat-crypto/libgcrypt/libgcrypt-mirror/-/merge_requests/13
Patch12: libgcrypt-1.10.0-fips-indicator.patch Patch12: libgcrypt-1.10.0-fips-indicator.patch
# beb5d6df5c5785db7c32a24a5d2a351cb964bfbc
# 521500624b4b11538d206137205e2a511dad7072
# 9dcf9305962b90febdf2d7cc73b49feadbf6a01f
# a340e980388243ceae6df57d101036f3f2a955be
Patch13: libgcrypt-1.10.0-fips-integrity.patch
# 3c8b6c4a9cad59c5e1db5706f6774a3141b60210
# 052c5ef4cea56772b7015e36f231fa0bcbf91410
Patch14: libgcrypt-1.10.0-fips-integrity2.patch
%global gcrylibdir %{_libdir} %global gcrylibdir %{_libdir}
%global gcrysoname libgcrypt.so.20 %global gcrysoname libgcrypt.so.20
@ -83,6 +91,8 @@ applications using libgcrypt.
%patch10 -p1 %patch10 -p1
%patch11 -p1 %patch11 -p1
%patch12 -p1 %patch12 -p1
%patch13 -p1
%patch14 -p1
%build %build
# This package has a configure test which uses ASMs, but does not link the # This package has a configure test which uses ASMs, but does not link the
@ -126,12 +136,12 @@ LIBGCRYPT_FORCE_FIPS_MODE=1 make check
%{?__debug_package:%{__debug_install_post}} \ %{?__debug_package:%{__debug_install_post}} \
%{__arch_install_post} \ %{__arch_install_post} \
%{__os_install_post} \ %{__os_install_post} \
dd if=/dev/zero of=%{libpath}.hmac bs=32 count=1 \ cd src \
objcopy --update-section .rodata1=%{libpath}.hmac %{libpath} %{libpath}.empty \ sed -i -e 's|FILE=.*|FILE=\\\$1|' gen-note-integrity.sh \
src/hmac256 --binary %{hmackey} %{libpath}.empty > %{libpath}.hmac \ READELF=readelf AWK=awk ECHO_N="-n" bash gen-note-integrity.sh %{libpath} > %{libpath}.hmac \
objcopy --update-section .rodata1=%{libpath}.hmac %{libpath}.empty %{libpath}.new \ objcopy --update-section .note.fdo.integrity=%{libpath}.hmac %{libpath} %{libpath}.new \
mv -f %{libpath}.new %{libpath} \ mv -f %{libpath}.new %{libpath} \
rm -f %{libpath}.hmac %{libpath}.empty rm -f %{libpath}.hmac
%{nil} %{nil}
%install %install