Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update BORINGSSL_FIPS_abort to AWS_LC_FIPS_failure which takes a message #2182

Merged
merged 3 commits into from
Feb 10, 2025
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
53 changes: 28 additions & 25 deletions crypto/fipsmodule/bcm.c
Original file line number Diff line number Diff line change
Expand Up @@ -184,6 +184,12 @@ extern const uint8_t BORINGSSL_bcm_rodata_start[];
extern const uint8_t BORINGSSL_bcm_rodata_end[];
#endif

#define STRING_POINTER_LENGTH 18
#define MAX_FUNCTION_NAME 32
#define ASSERT_WITHIN_MSG "FIPS module doesn't span expected symbol (%s). Expected %p <= %p < %p\n"
#define MAX_WITHIN_MSG_LEN sizeof(ASSERT_WITHIN_MSG) + (3 * STRING_POINTER_LENGTH) + MAX_FUNCTION_NAME
#define ASSERT_OUTSIDE_MSG "FIPS module spans unexpected symbol (%s), expected %p < %p || %p > %p\n"
#define MAX_OUTSIDE_MSG_LEN sizeof(ASSERT_OUTSIDE_MSG) + (4 * STRING_POINTER_LENGTH) + MAX_FUNCTION_NAME
Comment on lines +190 to +192
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

NP: I don't think so much precision is needed for the MAX_xxx_MSG_LEN values. Those arrays are only on the stack in the case of a failure during library initialization -- as long as the array is not so large as to cause compilation to fail, it should be fine. A "large" number like 4096 would be way more than sufficient.

// assert_within is used to sanity check that certain symbols are within the
// bounds of the integrity check. It checks that start <= symbol < end and
// aborts otherwise.
Expand All @@ -197,11 +203,10 @@ static void assert_within(const void *start, const void *symbol,
return;
}

fprintf(
stderr,
"FIPS module doesn't span expected symbol (%s). Expected %p <= %p < %p\n",
symbol_name, start, symbol, end);
BORINGSSL_FIPS_abort();
assert(sizeof(symbol_name) < MAX_FUNCTION_NAME);
char message[MAX_WITHIN_MSG_LEN] = {0};
snprintf(message, sizeof(message), ASSERT_WITHIN_MSG, symbol_name, start, symbol, end);
AWS_LC_FIPS_failure(message);
}

static void assert_not_within(const void *start, const void *symbol,
Expand All @@ -214,11 +219,10 @@ static void assert_not_within(const void *start, const void *symbol,
return;
}

fprintf(
stderr,
"FIPS module spans unexpected symbol (%s), expected %p < %p || %p > %p\n",
symbol_name, symbol, start, symbol, end);
BORINGSSL_FIPS_abort();
assert(sizeof(symbol_name) < MAX_FUNCTION_NAME);
char message[MAX_WITHIN_MSG_LEN] = {0};
snprintf(message, sizeof(message), ASSERT_OUTSIDE_MSG, symbol_name, symbol, start, symbol, end);
AWS_LC_FIPS_failure(message);
}

// TODO: Re-enable once all data has been moved out of .text segments CryptoAlg-2360
Expand Down Expand Up @@ -266,26 +270,21 @@ static void BORINGSSL_bcm_power_on_self_test(void) {
#if defined(FIPS_ENTROPY_SOURCE_JITTER_CPU)
if (jent_entropy_init()) {
fprintf(stderr, "CPU Jitter entropy RNG initialization failed.\n");
goto err;
AWS_LC_FIPS_failure("CPU Jitter failed to initilize");
}
#endif

#if !defined(OPENSSL_ASAN)
// Integrity tests cannot run under ASAN because it involves reading the full
// .text section, which triggers the global-buffer overflow detection.
if (!BORINGSSL_integrity_test()) {
goto err;
AWS_LC_FIPS_failure("Integrity test failed");
}
#endif // OPENSSL_ASAN

if (!boringssl_self_test_startup()) {
goto err;
AWS_LC_FIPS_failure("Power on self test failed");
}

return;

err:
BORINGSSL_FIPS_abort();
}

#if !defined(OPENSSL_ASAN)
Expand Down Expand Up @@ -333,8 +332,8 @@ int BORINGSSL_integrity_test(void) {

uint8_t result[SHA256_DIGEST_LENGTH];
const EVP_MD *const kHashFunction = EVP_sha256();
if (!boringssl_self_test_sha256() ||
!boringssl_self_test_hmac_sha256()) {
if (!boringssl_self_test_sha256(true) ||
!boringssl_self_test_hmac_sha256(true)) {
return 0;
}

Expand Down Expand Up @@ -377,18 +376,22 @@ int BORINGSSL_integrity_test(void) {

const uint8_t *expected = BORINGSSL_bcm_text_hash;

if (!check_test(expected, result, sizeof(result), "FIPS integrity test")) {
#if !defined(BORINGSSL_FIPS_BREAK_TESTS)
return 0;
#if defined(BORINGSSL_FIPS_BREAK_TESTS)
// Check the integrity but don't call AWS_LC_FIPS_failure or return 0
check_test(expected, result, sizeof(result), "FIPS integrity test", false);
#else
// Check the integrity, call AWS_LC_FIPS_failure if it doesn't match which will
// result in an abort
check_test(expected, result, sizeof(result), "FIPS integrity test", true);
#endif
}

OPENSSL_cleanse(result, sizeof(result)); // FIPS 140-3, AS05.10.
return 1;
}
#endif // OPENSSL_ASAN

void BORINGSSL_FIPS_abort(void) {
void AWS_LC_FIPS_failure(const char* message) {
fprintf(stderr, "AWS-LC FIPS failure caused by:\n%s\n", message);
for (;;) {
abort();
exit(1);
Expand Down
2 changes: 1 addition & 1 deletion crypto/fipsmodule/curve25519/curve25519.c
Original file line number Diff line number Diff line change
Expand Up @@ -119,7 +119,7 @@ static void ed25519_keypair_pct(uint8_t public_key[ED25519_PUBLIC_KEY_LEN],
uint8_t out_sig[ED25519_SIGNATURE_LEN];
if (ED25519_sign_no_self_test(out_sig, msg, 16, private_key) != 1 ||
ED25519_verify_no_self_test(msg, 16, out_sig, public_key) != 1) {
BORINGSSL_FIPS_abort();
AWS_LC_FIPS_failure("Ed25519 keygen PCT failed");
}
#endif
}
Expand Down
2 changes: 1 addition & 1 deletion crypto/fipsmodule/ec/ec_key.c
Original file line number Diff line number Diff line change
Expand Up @@ -549,7 +549,7 @@ int EC_KEY_generate_key_fips(EC_KEY *eckey) {
eckey->priv_key = NULL;

#if defined(AWSLC_FIPS)
BORINGSSL_FIPS_abort();
AWS_LC_FIPS_failure("EC keygen checks failed");
#else
return 0;
#endif
Expand Down
2 changes: 1 addition & 1 deletion crypto/fipsmodule/ml_kem/ml_kem_ref/kem.c
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ int crypto_kem_keypair_derand(ml_kem_params *params,
#if defined(AWSLC_FIPS)
// Abort in case of PCT failure.
if (keygen_pct(params, pk, sk)) {
BORINGSSL_FIPS_abort();
AWS_LC_FIPS_failure("ML-KEM keygen PCT failed");
}
#endif
return 0;
Expand Down
2 changes: 1 addition & 1 deletion crypto/fipsmodule/rsa/rsa_impl.c
Original file line number Diff line number Diff line change
Expand Up @@ -1231,7 +1231,7 @@ static int RSA_generate_key_ex_maybe_fips(RSA *rsa, int bits,
if(check_fips && !RSA_check_fips(tmp)) {
RSA_free(tmp);
#if defined(AWSLC_FIPS)
BORINGSSL_FIPS_abort();
AWS_LC_FIPS_failure("RSA keygen checks failed");
#endif
return ret;
}
Expand Down
Loading
Loading