1 /* ====================================================================
2 * Copyright (c) 2005 The OpenSSL Project. Rights for redistribution
3 * and usage in source and binary forms are granted according to the
10 #if defined(__unix) || defined(__unix__) || defined(__vxworks) || defined(__ANDROID__) || defined(__APPLE__)
14 #ifndef FINGERPRINT_PREMAIN_DSO_LOAD
16 #if defined(__GNUC__) && __GNUC__>=2
17 void FINGERPRINT_premain(void) __attribute__((constructor));
18 /* Most commonly this results in pointer to premain to be dropped
19 * to .ctors segment, which is traversed by GCC crtbegin.o upon
20 * program startup. Except on a.out OpenBSD where it results in
21 * _GLOBAL_$I$premain() {premain();} being auto-generated by
22 * compiler... But one way or another this is believed to cover
23 * *all* GCC targets. */
24 #elif defined(_MSC_VER)
26 __declspec(dllexport) /* this is essentially cosmetics... */
28 void FINGERPRINT_premain(void);
29 static int premain_wrapper(void) { FINGERPRINT_premain(); return 0; }
31 # pragma section(".CRT$XCU",read)
32 __declspec(allocate(".CRT$XCU"))
34 # pragma data_seg(".CRT$XCU")
36 static int (*p)(void) = premain_wrapper;
37 /* This results in pointer to premain to appear in .CRT segment,
38 * which is traversed by Visual C run-time initialization code.
39 * This applies to both Win32 and [all flavors of] Win64. */
41 #elif defined(__SUNPRO_C)
42 void FINGERPRINT_premain(void);
43 # pragma init(FINGERPRINT_premain)
44 /* This results in a call to premain to appear in .init segment. */
45 #elif defined(__DECC) && (defined(__VMS) || defined(VMS))
46 void FINGERPRINT_premain(void);
48 globaldef { "LIB$INITIALIZ" } readonly _align (LONGWORD)
50 globaldef { "LIB$INITIALIZE" } readonly _align (LONGWORD)
51 void (*x_FINGERPRINT_premain)(void) = FINGERPRINT_premain;
52 /* Refer to LIB$INITIALIZE to ensure it exists in the image. */
54 globaldef int (*lib_init_ref)() = lib$initialize;
56 #elif defined(_TMS320C6X)
57 # if defined(__TI_EABI__)
58 asm("\t.sect \".init_array\"\n\t.align 4\n\t.field FINGERPRINT_premain,32");
60 asm("\t.sect \".pinit\"\n\t.align 4\n\t.field _FINGERPRINT_premain,32");
63 The rest has to be taken care of through command line:
65 -Wl,-init,FINGERPRINT_premain on OSF1 and IRIX
66 -Wl,+init,FINGERPRINT_premain on HP-UX
67 -Wl,-binitfini:FINGERPRINT_premain on AIX
69 On ELF platforms this results in a call to premain to appear in
74 #define HMAC_SHA1_SIG "?have to make sure this string is unique"
78 # pragma const_seg("fipsro")
80 __declspec(allocate("fipsro"))
82 static const unsigned char FINGERPRINT_ascii_value[41] = HMAC_SHA1_SIG;
84 #define atox(c) ((c)>='a'?((c)-'a'+10):((c)>='A'?(c)-'A'+10:(c)-'0'))
86 extern const void *FIPS_text_start(), *FIPS_text_end();
87 extern const unsigned char FIPS_rodata_start[], FIPS_rodata_end[];
88 extern unsigned char FIPS_signature[20];
89 extern unsigned int FIPS_incore_fingerprint(unsigned char *,unsigned int);
92 * As name suggests this code is executed prior main(). We use this
93 * opportunity to fingerprint sequestered code in virtual address
94 * space of target application.
96 void FINGERPRINT_premain(void)
97 { unsigned char sig[sizeof(FIPS_signature)];
98 const unsigned char * volatile p=FINGERPRINT_ascii_value;
99 unsigned int len=sizeof(sig),i;
101 /* "volatilization" is done to disengage unwanted optimization... */
102 if (*((volatile unsigned char *)p)=='?')
103 { if (FIPS_text_start()==NULL)
104 { fprintf(stderr,"FIPS_text_start() returns NULL\n");
107 #if defined(DEBUG_FINGERPRINT_PREMAIN)
108 fprintf(stderr,".text:%p+%d=%p\n",FIPS_text_start(),
109 (int)((size_t)FIPS_text_end()-(size_t)FIPS_text_start()),
111 fprintf(stderr,".rodata:%p+%d=%p\n",FIPS_rodata_start,
112 (int)((size_t)FIPS_rodata_end-(size_t)FIPS_rodata_start),
116 len=FIPS_incore_fingerprint(sig,sizeof(sig));
118 if (len!=sizeof(sig))
119 { fprintf(stderr,"fingerprint length mismatch: %u\n",len);
123 for (i=0;i<len;i++) printf("%02x",sig[i]);
128 else if (FIPS_signature[0]=='\0') do
129 { for (i=0;i<sizeof(FIPS_signature);i++,p+=2)
130 FIPS_signature[i] = (atox(p[0])<<4)|atox(p[1]);
132 #if defined(DEBUG_FINGERPRINT_PREMAIN)
133 if (getenv("OPENSSL_FIPS")==NULL) break;
135 len=FIPS_incore_fingerprint(sig,sizeof(sig));
137 if (memcmp(FIPS_signature,sig,sizeof(FIPS_signature)))
138 { fprintf(stderr,"FINGERPRINT_premain: FIPS_signature mismatch\n");
147 #include <openssl/bio.h>
148 #include <openssl/dso.h>
149 #include <openssl/err.h>
151 int main(int argc,char *argv[])
157 { fprintf (stderr,"usage: %s libcrypto.dso\n",argv[0]);
161 if ((bio_err=BIO_new(BIO_s_file())) == NULL)
162 { fprintf (stderr,"unable to allocate BIO\n");
165 BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
166 ERR_load_crypto_strings();
168 dso = DSO_load(NULL,argv[1],NULL,DSO_FLAG_NO_NAME_TRANSLATION);
170 { ERR_print_errors(bio_err);
174 /* This is not normally reached, because FINGERPRINT_premain should
175 * have executed and terminated application already upon DSO_load... */
176 func = DSO_bind_func(dso,"FINGERPRINT_premain");
178 { ERR_print_errors(bio_err);