a9e5f01
diff -up openssl-0.9.8k/test/Makefile.use-fipscheck openssl-0.9.8k/test/Makefile
a9e5f01
--- openssl-0.9.8k/test/Makefile.use-fipscheck	2009-03-25 11:59:22.000000000 +0100
a9e5f01
+++ openssl-0.9.8k/test/Makefile	2009-03-25 20:14:10.000000000 +0100
a9e5f01
@@ -401,9 +401,6 @@ FIPS_BUILD_CMD=shlib_target=; if [ -n "$
a9e5f01
 	fi; \
1d20b5f
 	if [ "$(FIPSCANLIB)" = "libfips" ]; then \
1d20b5f
 		LIBRARIES="-L$(TOP) -lfips"; \
a9e5f01
-	elif [ -n "$(FIPSCANLIB)" ]; then \
1d20b5f
-		FIPSLD_CC=$(CC); CC=$(TOP)/fips/fipsld; export CC FIPSLD_CC; \
1d20b5f
-		LIBRARIES="$${FIPSLIBDIR:-$(TOP)/fips/}fipscanister.o"; \
a9e5f01
 	else \
a9e5f01
 		LIBRARIES="$(LIBCRYPTO)"; \
1d20b5f
 	fi; \
a9e5f01
@@ -416,9 +413,6 @@ FIPS_CRYPTO_BUILD_CMD=shlib_target=; if 
1d20b5f
 		shlib_target="$(SHLIB_TARGET)"; \
1d20b5f
 	fi; \
1d20b5f
 	LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \
1d20b5f
-	if [ -z "$(SHARED_LIBS)" -a -n "$(FIPSCANLIB)" ] ; then \
1d20b5f
-		FIPSLD_CC=$(CC); CC=$(TOP)/fips/fipsld; export CC FIPSLD_CC; \
1d20b5f
-	fi; \
1d20b5f
 	[ "$(FIPSCANLIB)" = "libfips" ] && LIBRARIES="$$LIBRARIES -lfips"; \
1d20b5f
 	$(MAKE) -f $(TOP)/Makefile.shared -e \
1d20b5f
 		CC=$${CC} APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
a9e5f01
diff -up openssl-0.9.8k/Makefile.org.use-fipscheck openssl-0.9.8k/Makefile.org
a9e5f01
--- openssl-0.9.8k/Makefile.org.use-fipscheck	2009-03-25 20:10:37.000000000 +0100
a9e5f01
+++ openssl-0.9.8k/Makefile.org	2009-03-25 20:10:37.000000000 +0100
1d20b5f
@@ -357,10 +357,6 @@ libcrypto$(SHLIB_EXT): libcrypto.a $(SHA
1d20b5f
 			$(MAKE) SHLIBDIRS='crypto' SHLIBDEPS='-lfips' build-shared; \
1d20b5f
 			$(AR) libcrypto.a fips/fipscanister.o ; \
1d20b5f
 		else \
1d20b5f
-			if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \
1d20b5f
-				FIPSLD_CC=$(CC); CC=fips/fipsld; \
1d20b5f
-				export CC FIPSLD_CC; \
1d20b5f
-			fi; \
1d20b5f
 			$(MAKE) -e SHLIBDIRS='crypto' build-shared; \
1d20b5f
 		fi \
1d20b5f
 	else \
1d20b5f
@@ -381,9 +377,8 @@ libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT
1d20b5f
 fips/fipscanister.o:	build_fips
1d20b5f
 libfips$(SHLIB_EXT):		fips/fipscanister.o
1d20b5f
 	@if [ "$(SHLIB_TARGET)" != "" ]; then \
1d20b5f
-		FIPSLD_CC=$(CC); CC=fips/fipsld; export CC FIPSLD_CC; \
1d20b5f
 		$(MAKE) -f Makefile.shared -e $(BUILDENV) \
1d20b5f
-			CC=$${CC} LIBNAME=fips THIS=$@ \
1d20b5f
+			CC=$(CC) LIBNAME=fips THIS=$@ \
1d20b5f
 			LIBEXTRAS=fips/fipscanister.o \
1d20b5f
 			LIBDEPS="$(EX_LIBS)" \
1d20b5f
 			LIBVERSION=${SHLIB_MAJOR}.${SHLIB_MINOR} \
1d20b5f
@@ -469,7 +464,7 @@ openssl.pc: Makefile
1d20b5f
 	    echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
1d20b5f
 	    echo 'Version: '$(VERSION); \
1d20b5f
 	    echo 'Requires: '; \
1d20b5f
-	    echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
1d20b5f
+	    echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)';\
1d20b5f
 	    echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
1d20b5f
 
1d20b5f
 Makefile: Makefile.org Configure config
a9e5f01
diff -up openssl-0.9.8k/fips/fips.c.use-fipscheck openssl-0.9.8k/fips/fips.c
a9e5f01
--- openssl-0.9.8k/fips/fips.c.use-fipscheck	2008-09-16 12:12:09.000000000 +0200
a9e5f01
+++ openssl-0.9.8k/fips/fips.c	2009-03-25 20:10:37.000000000 +0100
1d20b5f
@@ -47,6 +47,7 @@
1d20b5f
  *
1d20b5f
  */
1d20b5f
 
1d20b5f
+#define _GNU_SOURCE
1d20b5f
 
1d20b5f
 #include <openssl/rand.h>
1d20b5f
 #include <openssl/fips_rand.h>
1d20b5f
@@ -56,6 +57,9 @@
1d20b5f
 #include <openssl/rsa.h>
1d20b5f
 #include <string.h>
1d20b5f
 #include <limits.h>
1d20b5f
+#include <dlfcn.h>
1d20b5f
+#include <stdio.h>
1d20b5f
+#include <stdlib.h>
1d20b5f
 #include "fips_locl.h"
1d20b5f
 
1d20b5f
 #ifdef OPENSSL_FIPS
1d20b5f
@@ -165,6 +169,7 @@ int FIPS_selftest()
1d20b5f
 	&& FIPS_selftest_dsa();
1d20b5f
     }
1d20b5f
 
1d20b5f
+#if 0
1d20b5f
 extern const void         *FIPS_text_start(),  *FIPS_text_end();
1d20b5f
 extern const unsigned char FIPS_rodata_start[], FIPS_rodata_end[];
1d20b5f
 unsigned char              FIPS_signature [20] = { 0 };
1d20b5f
@@ -243,6 +248,206 @@ int FIPS_check_incore_fingerprint(void)
1d20b5f
 
1d20b5f
     return 1;
1d20b5f
     }
1d20b5f
+#else
1d20b5f
+/* we implement what libfipscheck does ourselves */
1d20b5f
+
1d20b5f
+static int
1d20b5f
+get_library_path(const char *libname, const char *symbolname, char *path, size_t pathlen)
1d20b5f
+{
1d20b5f
+	Dl_info info;
1d20b5f
+	void *dl, *sym;
1d20b5f
+	int rv = -1;
1d20b5f
+
07bd81d
+        dl = dlopen(libname, RTLD_LAZY);
1d20b5f
+        if (dl == NULL) {
1d20b5f
+	        return -1;
1d20b5f
+        }       
1d20b5f
+
1d20b5f
+	sym = dlsym(dl, symbolname);
1d20b5f
+
1d20b5f
+	if (sym != NULL && dladdr(sym, &info)) {
1d20b5f
+		strncpy(path, info.dli_fname, pathlen-1);
1d20b5f
+		path[pathlen-1] = '\0';
1d20b5f
+		rv = 0;
1d20b5f
+	}
1d20b5f
+
1d20b5f
+	dlclose(dl);	
1d20b5f
+	
1d20b5f
+	return rv;
1d20b5f
+}
1d20b5f
+
1d20b5f
+static const char conv[] = "0123456789abcdef";
1d20b5f
+
1d20b5f
+static char *
1d20b5f
+bin2hex(void *buf, size_t len)
1d20b5f
+{
1d20b5f
+	char *hex, *p;
1d20b5f
+	unsigned char *src = buf;
1d20b5f
+	
1d20b5f
+	hex = malloc(len * 2 + 1);
1d20b5f
+	if (hex == NULL)
1d20b5f
+		return NULL;
1d20b5f
+
1d20b5f
+	p = hex;
1d20b5f
+
1d20b5f
+	while (len > 0) {
1d20b5f
+		unsigned c;
1d20b5f
+
1d20b5f
+		c = *src;
1d20b5f
+		src++;
1d20b5f
+
1d20b5f
+		*p = conv[c >> 4];
1d20b5f
+		++p;
1d20b5f
+		*p = conv[c & 0x0f];
1d20b5f
+		++p;
1d20b5f
+		--len;
1d20b5f
+	}
1d20b5f
+	*p = '\0';
1d20b5f
+	return hex;
1d20b5f
+}
1d20b5f
+
1d20b5f
+#define HMAC_PREFIX "." 
1d20b5f
+#define HMAC_SUFFIX ".hmac" 
1d20b5f
+#define READ_BUFFER_LENGTH 16384
1d20b5f
+
1d20b5f
+static char *
1d20b5f
+make_hmac_path(const char *origpath)
1d20b5f
+{
1d20b5f
+	char *path, *p;
1d20b5f
+	const char *fn;
1d20b5f
+
1d20b5f
+	path = malloc(sizeof(HMAC_PREFIX) + sizeof(HMAC_SUFFIX) + strlen(origpath));
1d20b5f
+	if(path == NULL) {
1d20b5f
+		return NULL;
1d20b5f
+	}
1d20b5f
+
1d20b5f
+	fn = strrchr(origpath, '/');
1d20b5f
+	if (fn == NULL) {
1d20b5f
+		fn = origpath;
1d20b5f
+	} else {
1d20b5f
+		++fn;
1d20b5f
+	}
1d20b5f
+
1d20b5f
+	strncpy(path, origpath, fn-origpath);
1d20b5f
+	p = path + (fn - origpath);
1d20b5f
+	p = stpcpy(p, HMAC_PREFIX);
1d20b5f
+	p = stpcpy(p, fn);
1d20b5f
+	p = stpcpy(p, HMAC_SUFFIX);
1d20b5f
+
1d20b5f
+	return path;
1d20b5f
+}
1d20b5f
+
1d20b5f
+static const char hmackey[] = "orboDeJITITejsirpADONivirpUkvarP";
1d20b5f
+
1d20b5f
+static int
1d20b5f
+compute_file_hmac(const char *path, void **buf, size_t *hmaclen)
1d20b5f
+{
1d20b5f
+	FILE *f = NULL;
1d20b5f
+	int rv = -1;
1d20b5f
+	unsigned char rbuf[READ_BUFFER_LENGTH];
1d20b5f
+	size_t len;
1d20b5f
+	unsigned int hlen;
1d20b5f
+	HMAC_CTX c;
1d20b5f
+
1d20b5f
+	HMAC_CTX_init(&c);
1d20b5f
+
1d20b5f
+	f = fopen(path, "r");
1d20b5f
+
1d20b5f
+	if (f == NULL) {
1d20b5f
+		goto end;
1d20b5f
+	}
1d20b5f
+
1d20b5f
+	HMAC_Init(&c, hmackey, sizeof(hmackey)-1, EVP_sha256());
1d20b5f
+
1d20b5f
+	while ((len=fread(rbuf, 1, sizeof(rbuf), f)) != 0) {
1d20b5f
+		HMAC_Update(&c, rbuf, len);
1d20b5f
+	}
1d20b5f
+
1d20b5f
+	len = sizeof(rbuf);
1d20b5f
+	/* reuse rbuf for hmac */
1d20b5f
+	HMAC_Final(&c, rbuf, &hlen);
1d20b5f
+
1d20b5f
+	*buf = malloc(hlen);
1d20b5f
+	if (*buf == NULL) {
1d20b5f
+		goto end;
1d20b5f
+	}
1d20b5f
+
1d20b5f
+	*hmaclen = hlen;
1d20b5f
+
1d20b5f
+	memcpy(*buf, rbuf, hlen);
1d20b5f
+
1d20b5f
+	rv = 0;
1d20b5f
+end:
1d20b5f
+	HMAC_CTX_cleanup(&c);
1d20b5f
+
1d20b5f
+	if (f)
1d20b5f
+		fclose(f);
1d20b5f
+
1d20b5f
+	return rv;
1d20b5f
+}
1d20b5f
+
1d20b5f
+static int
1d20b5f
+FIPSCHECK_verify(const char *libname, const char *symbolname)
1d20b5f
+{
1d20b5f
+	char path[PATH_MAX+1];
1d20b5f
+	int rv;
1d20b5f
+	FILE *hf;
1d20b5f
+	char *hmacpath, *p;
1d20b5f
+	char *hmac = NULL;
1d20b5f
+	size_t n;
1d20b5f
+	
1d20b5f
+	rv = get_library_path(libname, symbolname, path, sizeof(path));
1d20b5f
+
1d20b5f
+	if (rv < 0)
1d20b5f
+		return 0;
1d20b5f
+
1d20b5f
+	hmacpath = make_hmac_path(path);
1d20b5f
+
1d20b5f
+	hf = fopen(hmacpath, "r");
1d20b5f
+	if (hf == NULL) {
1d20b5f
+		free(hmacpath);
1d20b5f
+		return 0;
1d20b5f
+	}
1d20b5f
+
1d20b5f
+	if (getline(&hmac, &n, hf) > 0) {
1d20b5f
+		void *buf;
1d20b5f
+		size_t hmaclen;
1d20b5f
+		char *hex;
1d20b5f
+
1d20b5f
+		if ((p=strchr(hmac, '\n')) != NULL)
1d20b5f
+			*p = '\0';
1d20b5f
+
1d20b5f
+		if (compute_file_hmac(path, &buf, &hmaclen) < 0) {
1d20b5f
+			rv = -4;
1d20b5f
+			goto end;
1d20b5f
+		}
1d20b5f
+
1d20b5f
+		if ((hex=bin2hex(buf, hmaclen)) == NULL) {
1d20b5f
+			free(buf);
1d20b5f
+			rv = -5;
1d20b5f
+			goto end;
1d20b5f
+		}
1d20b5f
+
1d20b5f
+		if (strcmp(hex, hmac) != 0) {
1d20b5f
+			rv = -1;
1d20b5f
+		}
1d20b5f
+		free(buf);
1d20b5f
+		free(hex);
1d20b5f
+	}
1d20b5f
+
1d20b5f
+end:
1d20b5f
+	free(hmac);
1d20b5f
+	free(hmacpath);
1d20b5f
+	fclose(hf);
1d20b5f
+
1d20b5f
+	if (rv < 0)
1d20b5f
+		return 0;
1d20b5f
+
1d20b5f
+	/* check successful */
1d20b5f
+	return 1;	
1d20b5f
+}
1d20b5f
+
1d20b5f
+#endif
1d20b5f
 
1d20b5f
 int FIPS_mode_set(int onoff)
1d20b5f
     {
07bd81d
@@ -280,16 +485,17 @@ int FIPS_mode_set(int onoff)
1d20b5f
 	    }
1d20b5f
 #endif
1d20b5f
 
1d20b5f
-	if(fips_signature_witness() != FIPS_signature)
07bd81d
+	if(!FIPSCHECK_verify("libcrypto.so." SHLIB_VERSION_NUMBER,"FIPS_mode_set"))
07bd81d
 	    {
1d20b5f
-	    FIPSerr(FIPS_F_FIPS_MODE_SET,FIPS_R_CONTRADICTING_EVIDENCE);
07bd81d
+	    FIPSerr(FIPS_F_FIPS_MODE_SET,FIPS_R_FINGERPRINT_DOES_NOT_MATCH);
07bd81d
 	    fips_selftest_fail = 1;
07bd81d
 	    ret = 0;
07bd81d
 	    goto end;
07bd81d
 	    }
07bd81d
 
1d20b5f
-	if(!FIPS_check_incore_fingerprint())
07bd81d
+	if(!FIPSCHECK_verify("libssl.so." SHLIB_VERSION_NUMBER,"SSL_CTX_new"))
1d20b5f
 	    {
1d20b5f
+	    FIPSerr(FIPS_F_FIPS_MODE_SET,FIPS_R_FINGERPRINT_DOES_NOT_MATCH);
1d20b5f
 	    fips_selftest_fail = 1;
1d20b5f
 	    ret = 0;
1d20b5f
 	    goto end;
07bd81d
@@ -405,11 +611,13 @@ int fips_clear_owning_thread(void)
1d20b5f
 	return ret;
1d20b5f
 	}
1d20b5f
 
1d20b5f
+#if 0
1d20b5f
 unsigned char *fips_signature_witness(void)
1d20b5f
 	{
1d20b5f
 	extern unsigned char FIPS_signature[];
1d20b5f
 	return FIPS_signature;
1d20b5f
 	}
1d20b5f
+#endif
1d20b5f
 
1d20b5f
 /* Generalized public key test routine. Signs and verifies the data
1d20b5f
  * supplied in tbs using mesage digest md and setting option digest
a9e5f01
diff -up openssl-0.9.8k/fips/Makefile.use-fipscheck openssl-0.9.8k/fips/Makefile
a9e5f01
--- openssl-0.9.8k/fips/Makefile.use-fipscheck	2009-03-25 20:10:37.000000000 +0100
a9e5f01
+++ openssl-0.9.8k/fips/Makefile	2009-03-25 20:16:09.000000000 +0100
1d20b5f
@@ -62,9 +62,9 @@ testapps:
1d20b5f
 
1d20b5f
 all:
1d20b5f
 	@if [ -z "$(FIPSLIBDIR)" ]; then \
1d20b5f
-		$(MAKE) -e subdirs lib fips_premain_dso$(EXE_EXT); \
1d20b5f
+		$(MAKE) -e subdirs lib; \
1d20b5f
 	else \
1d20b5f
-		$(MAKE) -e lib fips_premain_dso$(EXE_EXT) fips_standalone_sha1$(EXE_EXT); \
1d20b5f
+		$(MAKE) -e lib; \
1d20b5f
 	fi
1d20b5f
 
1d20b5f
 # Idea behind fipscanister.o is to "seize" the sequestered code between
1d20b5f
@@ -109,7 +109,6 @@ fipscanister.o: fips_start.o $(LIBOBJ) $
1d20b5f
 		HP-UX|OSF1|SunOS) set -x; /usr/ccs/bin/ld -r -o $@ $$objs ;; \
1d20b5f
 		*) set -x; $(CC) $$cflags -r -o $@ $$objs ;; \
1d20b5f
 	esac fi
1d20b5f
-	./fips_standalone_sha1 fipscanister.o > fipscanister.o.sha1
1d20b5f
 
1d20b5f
 # If another exception is immediately required, assign approprite
1d20b5f
 # site-specific ld command to FIPS_SITE_LD environment variable.
1d20b5f
@@ -171,7 +170,7 @@ $(FIPSCANLIB):	$(FIPSCANLOC)
1d20b5f
 	$(RANLIB) ../$(FIPSCANLIB).a || echo Never mind.
1d20b5f
 	@touch lib
1d20b5f
 
1d20b5f
-shared:	lib subdirs fips_premain_dso$(EXE_EXT)
1d20b5f
+shared:	lib subdirs
1d20b5f
 
1d20b5f
 libs:
1d20b5f
 	@target=lib; $(RECURSIVE_MAKE)
a9e5f01
@@ -195,17 +194,6 @@ install:
1d20b5f
 	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
1d20b5f
 	done;
1d20b5f
 	@target=install; $(RECURSIVE_MAKE)
a9e5f01
-	for i in $(EXE) ; \
a9e5f01
-	do \
a9e5f01
-		echo "installing $$i"; \
a9e5f01
-		cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
a9e5f01
-		chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
a9e5f01
-		mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i; \
a9e5f01
-	done
a9e5f01
-	cp -p -f $(FIPSLIBDIR)fipscanister.o $(FIPSLIBDIR)fipscanister.o.sha1 \
a9e5f01
-		$(FIPSLIBDIR)fips_premain.c $(FIPSLIBDIR)fips_premain.c.sha1 \
1d20b5f
-		$(INSTALL_PREFIX)$(INSTALLTOP)/lib/; \
1d20b5f
-	chmod 0444 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/fips*
1d20b5f
 
1d20b5f
 lint:
1d20b5f
 	@target=lint; $(RECURSIVE_MAKE)
a9e5f01
diff -up openssl-0.9.8k/fips/fips_locl.h.use-fipscheck openssl-0.9.8k/fips/fips_locl.h
a9e5f01
--- openssl-0.9.8k/fips/fips_locl.h.use-fipscheck	2008-09-16 12:12:10.000000000 +0200
a9e5f01
+++ openssl-0.9.8k/fips/fips_locl.h	2009-03-25 20:10:37.000000000 +0100
1d20b5f
@@ -63,7 +63,9 @@ int fips_is_owning_thread(void);
1d20b5f
 int fips_set_owning_thread(void);
1d20b5f
 void fips_set_selftest_fail(void);
1d20b5f
 int fips_clear_owning_thread(void);
1d20b5f
+#if 0
1d20b5f
 unsigned char *fips_signature_witness(void);
1d20b5f
+#endif
1d20b5f
 
1d20b5f
 #define FIPS_MAX_CIPHER_TEST_SIZE	16
1d20b5f