Verifying the sha1 of fipscanister.o with what is embedded in libcrypto.so

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 03/15/2016 04:58 PM, Mike Mohr wrote:
> During the linking process, parts of fipscanister.o are removed
> (discarded) by the linker. Also, jumps and call instructions have their
> operands changed (addresses are filled in or relocation information is
> added) and the machine code is fundamentally altered.
> 
> Imagine the linking process as something analogous to baking a cheese
> quiche with tomatoes. The can of tomatoes you use (i.e., the
> fipscanister.o file) is opened. The metal can is discarded along with
> any liquid inside the can. Then the tomatoes are placed into the quiche
> and baked. Melting cheese seeps into the tomatoes and the tomatoes are
> physically deformed and soften. At the end you have a delicious quiche.
> Can you get the original can of tomatoes back, in its unmodified form,
> at this point? Can you identify exactly which can of tomatoes was used
> to make this quiche, given only photos of all the cans prior to opening
> them?

To a rough first approximation this is true for object code, but the
story is a little more nuanced for the OpenSSL FIPS Object Module. We
create that in a way (the "monolithic" object module) that prevents the
application link process from scrambling what would otherwise have been
an assortment of object modules (in the software engineering sense, not
FIPS-speak).

The premain (native compilation) process, the "incore" utilities
(cross-compilation), and the run-time POST integrity test all calculate
exactly the same digest over exactly the same bits (in our case, the
TEXT and RODATA segments). If the application link process rearranged
any of that TEXT or RODATA then the runtime integrity test would fail.

So very technically speaking the FIPS module is not fipscanister.o, but
the TEXT and RODATA data within it.

To use your analogy, the fipscanister.o "can" contains only one tomato
which is an indigestible and indivisible blob that appears intact in the
baked quiche. Bon App?tit.

-Steve M.

-- 
Steve Marquess
OpenSSL Validation Services, Inc.
1829 Mount Ephraim Road
Adamstown, MD  21710
USA
+1 877 673 6775 s/b
+1 301 874 2571 direct
marquess at openssl.com
gpg/pgp key: http://openssl.com/docs/0x6D1892F5.asc
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux