Revision 1278ce48a5c6afa1429b8e8cfd0f07ab0fc640bb authored by Steve Marquess on 15 February 2016, 15:26:20 UTC, committed by Steve Marquess on 15 February 2016, 15:26:20 UTC
Reviewed-by: Stephen Henson <steve@openssl.org>
1 parent a0f8d28
incore_macho.c
/* incore_macho.c */
/* ====================================================================
* Copyright (c) 2011 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
/* ====================================================================
* Copyright 2011 Thursby Software Systems, Inc. All rights reserved.
*
* The portions of the attached software ("Contribution") is developed by
* Thursby Software Systems, Inc and is licensed pursuant to the OpenSSL
* open source license.
*
* The Contribution, originally written by Paul W. Nelson of
* Thursby Software Systems, Inc, consists of the fingerprint calculation
* required for the FIPS140 integrity check.
*
* No patent licenses or other rights except those expressly stated in
* the OpenSSL open source license shall be deemed granted or received
* expressly, by implication, estoppel, or otherwise.
*
* No assurances are provided by Thursby that the Contribution does not
* infringe the patent or other intellectual property rights of any third
* party or that the license provides you with all the necessary rights
* to make use of the Contribution.
*
* THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
* ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, THURSBY
* SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
* OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
* OTHERWISE.
*/
#include <stdio.h>
#include <ctype.h>
#include <mach-o/loader.h>
#include <mach-o/nlist.h>
#include <mach-o/stab.h>
#include <mach-o/reloc.h>
#include <mach-o/fat.h>
#include <fcntl.h>
#include <sys/mman.h>
#include <sys/vmparam.h>
#include <sys/stat.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <openssl/crypto.h>
#include <openssl/sha.h>
#include <openssl/hmac.h>
#include <openssl/fips.h>
#ifndef CPU_SUBRTPE_V7F
# define CPU_SUBRTPE_V7F ((cpu_subtype_t) 10)
#endif
/* iPhone 5 and iPad 4 (A6 Processors) */
#ifndef CPU_SUBTYPE_ARM_V7S
# define CPU_SUBTYPE_ARM_V7S ((cpu_subtype_t) 11)
#endif
#ifndef CPU_SUBTYPE_ARM_V7K
# define CPU_SUBTYPE_ARM_V7K ((cpu_subtype_t) 12)
#endif
#ifndef CPU_SUBTYPE_ARM_V8
# define CPU_SUBTYPE_ARM_V8 ((cpu_subtype_t) 13)
#endif
#ifndef CPU_TYPE_ARM64
# define CPU_TYPE_ARM64 (CPU_TYPE_ARM | CPU_ARCH_ABI64)
#endif
static int gVerbosity = 0;
static void hexdump(const unsigned char *buf,size_t len,
unsigned long address,FILE* fp)
{
unsigned long addr;
int i;
addr = 0;
while(addr<len)
{
fprintf(fp,"%6.6lx - ",addr+address);
for(i=0;i<16;i++)
{
if(addr+i<len)
fprintf(fp,"%2.2x ",buf[addr+i]);
else
fprintf(fp," ");
}
fprintf(fp," \"");
for(i=0;i<16;i++)
{
if(addr+i<len)
{
if(isprint(buf[addr+i]) && (buf[addr+i]<0x7e) )
putc(buf[addr+i],fp);
else
putc('.',fp);
}
}
fprintf(fp,"\"\n");
addr += 16;
}
fflush(fp);
}
struct segment_rec;
typedef struct section_rec {
char sectname[16];
char segname[16];
uint64_t addr;
uint64_t size;
uint32_t offset;
uint32_t align;
uint32_t reloff;
uint32_t nreloc;
uint32_t flags;
struct segment_rec* segment;
struct section_rec* _next;
} section_t;
typedef struct segment_rec {
char segname[16];
uint64_t vmaddr;
uint64_t vmsize;
off_t fileoff;
uint64_t filesize;
vm_prot_t maxprot;
vm_prot_t initprot;
uint32_t nsects;
uint32_t flags;
unsigned char* mapped;
struct segment_rec* _next;
} segment_t;
typedef struct symtab_entry_rec {
uint32_t n_strx;
uint8_t n_type;
uint8_t n_sect;
int16_t n_desc;
uint64_t n_value;
const char * n_symbol;
section_t* section;
unsigned char* mapped; /* pointer to the actual data in mapped file */
struct symtab_entry_rec* _next;
} symtab_entry_t;
typedef struct macho_file_rec
{
const char * filename;
void* mapped;
size_t size; /* number of valid bytes at 'mapped' */
uint32_t align; /* byte alignment for this arch */
int isBigEndian;/* 1 if everything is byte swapped */
cpu_type_t cpu_type;
cpu_subtype_t cpu_subtype;
section_t* sec_head;
section_t* sec_tail;
segment_t* seg_head;
segment_t* seg_tail;
symtab_entry_t* sym_head;
symtab_entry_t* sym_tail;
struct macho_file_rec *next;
char * fingerprint_computed;
char * fingerprint_original;
} macho_file_t;
static const char *cputype(cpu_type_t cputype, cpu_subtype_t subtype)
{
const char *rval = "unknown";
switch( cputype )
{
case CPU_TYPE_I386: rval = "i386"; break;
case CPU_TYPE_X86_64: rval = "x86_64"; break;
case CPU_TYPE_ARM64: rval = "aarch64"; break;
case CPU_TYPE_ARM:
{
switch( subtype )
{
case CPU_SUBTYPE_ARM_V6: rval = "armv6"; break;
case CPU_SUBTYPE_ARM_V7: rval = "armv7"; break;
case CPU_SUBTYPE_ARM_V7S: rval = "armv7s"; break;
case CPU_SUBTYPE_ARM_V7K: rval = "armv7k"; break;
case CPU_SUBTYPE_ARM_V8: rval = "armv8"; break;
default: rval = "arm"; break;
}
}
}
return rval;
}
static void *add_section( macho_file_t *macho, void *pCommand,
uint8_t is64bit, struct segment_rec *segment )
{
void* rval = 0;
uint32_t flags;
section_t* sec = (section_t*)calloc(1, sizeof(section_t));
if(!sec) return NULL;
if(is64bit)
{
struct section_64* pSec = (struct section_64*)pCommand;
flags = pSec->flags;
memcpy( sec->sectname, pSec->sectname, 16 );
memcpy( sec->segname, pSec->segname, 16 );
sec->addr = pSec->addr;
sec->size = pSec->size;
sec->offset = pSec->offset;
sec->align = pSec->align;
sec->reloff = pSec->reloff;
sec->nreloc = pSec->nreloc;
sec->flags = pSec->flags;
rval = pCommand + sizeof(struct section_64);
}
else
{
struct section* pSec = (struct section*)pCommand;
flags = pSec->flags;
memcpy( sec->sectname, pSec->sectname, 16 );
memcpy( sec->segname, pSec->segname, 16 );
sec->addr = pSec->addr;
sec->size = pSec->size;
sec->offset = pSec->offset;
sec->align = pSec->align;
sec->reloff = pSec->reloff;
sec->nreloc = pSec->nreloc;
sec->flags = pSec->flags;
rval = pCommand + sizeof(struct section);
}
if( gVerbosity > 2 )
fprintf(stderr, " flags=%x\n", flags);
sec->segment = segment;
sec->_next = NULL;
if( macho->sec_head )
macho->sec_tail->_next = sec;
else
macho->sec_head = sec;
macho->sec_tail = sec;
return rval;
}
static section_t *lookup_section(macho_file_t* macho, uint32_t nsect)
{
section_t *rval = macho->sec_head;
if(nsect == 0) return NULL;
while( rval != NULL && --nsect > 0 )
rval = rval->_next;
return rval;
}
static void *add_segment( macho_file_t *macho, void *pCommand, uint8_t is64bit )
{
void *rval = 0;
segment_t *seg = (segment_t *)calloc(1, sizeof(segment_t));
if(!seg)
return 0;
if(is64bit)
{
struct segment_command_64 *pSeg = (struct segment_command_64*)pCommand;
memcpy( seg->segname, pSeg->segname, 16 );
seg->vmaddr = pSeg->vmaddr;
seg->vmsize = pSeg->vmsize;
seg->fileoff = pSeg->fileoff;
seg->filesize = pSeg->filesize;
seg->maxprot = pSeg->maxprot;
seg->initprot = pSeg->initprot;
seg->nsects = pSeg->nsects;
seg->flags = pSeg->flags;
rval = pCommand + sizeof(struct segment_command_64);
} else {
struct segment_command *pSeg = (struct segment_command*)pCommand;
memcpy( seg->segname, pSeg->segname, 16 );
seg->vmaddr = pSeg->vmaddr;
seg->vmsize = pSeg->vmsize;
seg->fileoff = pSeg->fileoff;
seg->filesize = pSeg->filesize;
seg->maxprot = pSeg->maxprot;
seg->initprot = pSeg->initprot;
seg->nsects = pSeg->nsects;
seg->flags = pSeg->flags;
rval = pCommand + sizeof(struct segment_command);
}
seg->_next = NULL;
seg->mapped = macho->mapped + seg->fileoff;
if( macho->seg_head )
macho->seg_tail->_next = seg;
else
macho->seg_head = seg;
macho->seg_tail = seg;
if( gVerbosity > 2 )
fprintf(stderr, "Segment %s: flags=%x\n", seg->segname, seg->flags );
unsigned int ii;
for( ii=0; ii<seg->nsects; ii++ )
{
rval = add_section(macho, rval, is64bit, seg);
}
return rval;
}
static const char *type_str(uint8_t n_type)
{
static char result[16] = {};
int idx = 0;
uint8_t stab;
memset(result, 0, sizeof(result));
if( n_type & N_PEXT )
result[idx++] = 'P';
if( n_type & N_EXT )
result[idx++] = 'E';
if( idx > 0 )
result[idx++] = ':';
switch( n_type & N_TYPE )
{
case N_UNDF: result[idx++] = 'U'; break;
case N_ABS: result[idx++] = 'A'; break;
case N_PBUD: result[idx++] = 'P'; break;
case N_SECT: result[idx++] = 'S'; break;
case N_INDR: result[idx++] = 'I'; break;
default: result[idx++] = '*'; break;
}
stab = n_type & N_STAB;
if( stab )
{
result[idx++] = ':';
result[idx++] = '0'+(stab >> 5);
}
result[idx++] = 0;
return result;
}
static symtab_entry_t *lookup_entry_by_name( macho_file_t *macho,
const char *name)
{
symtab_entry_t *entry;
for( entry = macho->sym_head; entry; entry = entry->_next )
{
if(strcmp(entry->n_symbol,name)==0 && (entry->n_type & N_STAB)==0 )
{
if( entry->section == NULL )
{
entry->section = lookup_section( macho, entry->n_sect );
if( entry->section )
{
section_t* sec = entry->section;
segment_t* seg = sec->segment;
uint64_t offset = entry->n_value - seg->vmaddr;
entry->mapped = seg->mapped+offset;
}
else
entry = 0;
}
break;
}
}
return entry;
}
static void check_symtab(macho_file_t *macho,void *pCommand,uint8_t is64bit )
{
struct symtab_command *pSym = (struct symtab_command *)pCommand;
void *pS = macho->mapped + pSym->symoff;
unsigned int ii = 0;
/* collect symbols */
for( ii=0; ii<pSym->nsyms; ii++ )
{
struct nlist *pnlist=(struct nlist*)pS;
symtab_entry_t *entry=(symtab_entry_t*)calloc(1,sizeof(symtab_entry_t));
if(!entry)
{
fprintf(stderr, "out of memory!\n");
_exit(1);
}
entry->n_strx = pnlist->n_un.n_strx;
entry->n_type = pnlist->n_type;
entry->n_sect = pnlist->n_sect;
entry->n_desc = pnlist->n_desc;
entry->section = NULL;
if(is64bit)
{
struct nlist_64 *pnlist64 = (struct nlist_64*)pS;
entry->n_value = pnlist64->n_value;
pS += sizeof(struct nlist_64);
}
else
{
entry->n_value = pnlist->n_value;
pS += sizeof(struct nlist);
}
entry->n_symbol=(const char *)macho->mapped+pSym->stroff+entry->n_strx;
entry->_next = NULL;
if( macho->sym_head )
macho->sym_tail->_next = entry;
else
macho->sym_head = entry;
macho->sym_tail = entry;
}
if( gVerbosity > 2 )
{
/* dump info */
symtab_entry_t* entry;
for( entry = macho->sym_head; entry; entry=entry->_next )
{
/* only do non-debug symbols */
if( (entry->n_type & N_STAB) == 0 )
fprintf(stderr, "%32.32s %18llx type=%s, sect=%d\n",
entry->n_symbol, entry->n_value,
type_str(entry->n_type), entry->n_sect);
}
}
}
static int load_architecture( macho_file_t* inFile )
{
/* check the header */
unsigned int ii;
void * pCurrent = inFile->mapped;
struct mach_header* header = (struct mach_header*)pCurrent;
if( header->magic != MH_MAGIC && header->magic != MH_MAGIC_64 )
{
fprintf(stderr, "%s is not a mach-o file\n", inFile->filename);
return -1;
}
else if( header->filetype == MH_BUNDLE )
{
fprintf(stderr, "%s is not a mach-o executable file (filetype MH_BUNDLE, should be MH_EXECUTE or MH_DYLIB)\n", inFile->filename);
return -1;
}
else if( header->filetype == MH_DYLINKER )
{
fprintf(stderr, "%s is not a mach-o executable file (filetype MH_DYLINKER, should be MH_EXECUTE or MH_DYLIB)\n", inFile->filename);
return -1;
}
else if( !(header->filetype == MH_EXECUTE || header->filetype == MH_DYLIB) )
{
fprintf(stderr, "%s is not a mach-o executable file (filetype %d, should be MH_EXECUTE or MH_DYLIB)\n", inFile->filename, header->filetype);
return -1;
}
if( gVerbosity > 1 )
fprintf(stderr, "loading %s(%s)\n", inFile->filename, cputype(header->cputype, header->cpusubtype));
inFile->cpu_type = header->cputype;
inFile->cpu_subtype = header->cpusubtype;
if( header->magic == MH_MAGIC )
pCurrent += sizeof( struct mach_header );
else if( header->magic == MH_MAGIC_64 )
pCurrent += sizeof( struct mach_header_64 );
for( ii=0; ii<header->ncmds; ii++ )
{
struct load_command* command = (struct load_command*)pCurrent;
const char * lc_name;
switch( command->cmd )
{
case LC_SEGMENT:
{
lc_name = "LC_SEGMENT";
add_segment(inFile, pCurrent, header->magic == MH_MAGIC_64);
break;
}
case LC_SYMTAB:
{
lc_name = "LC_SYMTAB";
check_symtab(inFile, pCurrent, header->magic == MH_MAGIC_64 );
break;
}
case LC_SYMSEG: lc_name = "LC_SYMSEG"; break;
case LC_THREAD: lc_name = "LC_THREAD"; break;
case LC_UNIXTHREAD: lc_name = "LC_UNIXTHREAD"; break;
case LC_LOADFVMLIB: lc_name = "LC_LOADFVMLIB"; break;
case LC_IDFVMLIB: lc_name = "LC_IDFVMLIB"; break;
case LC_IDENT: lc_name = "LC_IDENT"; break;
case LC_FVMFILE: lc_name = "LC_FVMFILE"; break;
case LC_PREPAGE: lc_name = "LC_PREPAGE"; break;
case LC_DYSYMTAB: lc_name = "LC_DYSYMTAB"; break;
case LC_LOAD_DYLIB: lc_name = "LC_LOAD_DYLIB"; break;
case LC_ID_DYLIB: lc_name = "LC_ID_DYLIB"; break;
case LC_LOAD_DYLINKER: lc_name = "LC_LOAD_DYLINKER"; break;
case LC_ID_DYLINKER: lc_name = "LC_ID_DYLINKER"; break;
case LC_PREBOUND_DYLIB: lc_name = "LC_PREBOUND_DYLIB"; break;
case LC_ROUTINES: lc_name = "LC_ROUTINES"; break;
case LC_SUB_FRAMEWORK: lc_name = "LC_SUB_FRAMEWORK"; break;
case LC_SUB_UMBRELLA: lc_name = "LC_SUB_UMBRELLA"; break;
case LC_SUB_CLIENT: lc_name = "LC_SUB_CLIENT"; break;
case LC_SUB_LIBRARY: lc_name = "LC_SUB_LIBRARY"; break;
case LC_TWOLEVEL_HINTS: lc_name = "LC_TWOLEVEL_HINTS"; break;
case LC_PREBIND_CKSUM: lc_name = "LC_PREBIND_CKSUM"; break;
case LC_LOAD_WEAK_DYLIB: lc_name = "LC_LOAD_WEAK_DYLIB"; break;
case LC_SEGMENT_64:
{
lc_name = "LC_SEGMENT_64";
add_segment(inFile, pCurrent, TRUE);
break;
}
case LC_ROUTINES_64: lc_name = "LC_ROUTINES_64"; break;
case LC_UUID: lc_name = "LC_UUID"; break;
case LC_RPATH: lc_name = "LC_RPATH"; break;
case LC_CODE_SIGNATURE: lc_name = "LC_CODE_SIGNATURE"; break;
case LC_SEGMENT_SPLIT_INFO:
lc_name = "LC_SEGMENT_SPLIT_INFO"; break;
case LC_REEXPORT_DYLIB: lc_name = "LC_REEXPORT_DYLIB"; break;
case LC_LAZY_LOAD_DYLIB: lc_name = "LC_LAZY_LOAD_DYLIB"; break;
case LC_ENCRYPTION_INFO: lc_name = "LC_ENCRYPTION_INFO"; break;
case LC_DYLD_INFO: lc_name = "LC_DYLD_INFO"; break;
case LC_DYLD_INFO_ONLY: lc_name = "LC_DYLD_INFO_ONLY"; break;
case LC_LOAD_UPWARD_DYLIB: lc_name = "LC_LOAD_UPWARD_DYLIB"; break;
case LC_VERSION_MIN_MACOSX:
lc_name = "LC_VERSION_MIN_MACOSX"; break;
case LC_VERSION_MIN_IPHONEOS:
lc_name = "LC_VERSION_MIN_IPHONEOS"; break;
case LC_FUNCTION_STARTS: lc_name = "LC_FUNCTION_STARTS"; break;
case LC_DYLD_ENVIRONMENT: lc_name = "LC_DYLD_ENVIRONMENT"; break;
default: lc_name=NULL; break;
}
if( gVerbosity > 1 )
{
if(lc_name)
fprintf(stderr,"command %s: size=%d\n",lc_name,
command->cmdsize );
else
fprintf(stderr,"command %x, size=%d\n",command->cmd,
command->cmdsize);
}
pCurrent += command->cmdsize;
}
return 0;
}
#define HOSTORDER_VALUE(val) (isBigEndian ? OSSwapBigToHostInt32(val) : (val))
static macho_file_t *load_file(macho_file_t *inFile)
{
macho_file_t *rval = NULL;
void *pCurrent = inFile->mapped;
struct fat_header *fat = (struct fat_header *)pCurrent;
if( fat->magic==FAT_MAGIC || fat->magic==FAT_CIGAM )
{
int isBigEndian = fat->magic == FAT_CIGAM;
unsigned int ii = 0;
struct fat_arch *pArch = NULL;
uint32_t nfat_arch = 0;
pCurrent += sizeof(struct fat_header);
pArch = pCurrent;
nfat_arch = HOSTORDER_VALUE(fat->nfat_arch);
for( ii=0; ii<nfat_arch; ii++)
{
macho_file_t *archfile=(macho_file_t *)calloc(1,
sizeof(macho_file_t));
if( archfile )
{
archfile->filename = strdup(inFile->filename);
archfile->mapped = inFile->mapped +
HOSTORDER_VALUE(pArch->offset);
archfile->size = HOSTORDER_VALUE(pArch->size);
archfile->align = HOSTORDER_VALUE(pArch->align);
archfile->isBigEndian = isBigEndian;
archfile->cpu_type = HOSTORDER_VALUE(pArch->cputype);
archfile->cpu_subtype = HOSTORDER_VALUE(pArch->cpusubtype);
if( load_architecture(archfile) == 0 )
{
archfile->next = rval;
rval = archfile;
}
}
else
return NULL; /* no memory */
pArch++;
}
}
else
{
struct mach_header* header = (struct mach_header*)pCurrent;
if( header->magic != MH_MAGIC && header->magic != MH_MAGIC_64 )
{
fprintf(stderr, "%s is not a mach-o file\n", inFile->filename);
}
else if( header->filetype == MH_BUNDLE )
{
fprintf(stderr, "%s is not a mach-o executable file "
"(filetype MH_BUNDLE, should be MH_EXECUTE or MH_DYLIB)\n", inFile->filename);
}
else if( header->filetype == MH_DYLINKER )
{
fprintf(stderr, "%s is not a mach-o executable file "
"(filetype MH_DYLINKER, should be MH_EXECUTE or MH_DYLIB)\n", inFile->filename);
}
else if( !(header->filetype == MH_EXECUTE || header->filetype == MH_DYLIB) )
{
fprintf(stderr, "%s is not a mach-o executable file "
"(filetype %d should be MH_EXECUTE or MH_DYLIB)\n",
inFile->filename, header->filetype );
}
if( load_architecture(inFile) == 0 )
{
inFile->next = 0;
rval = inFile;
}
}
return rval;
}
#define FIPS_SIGNATURE_SIZE 20
#define FIPS_FINGERPRINT_SIZE 40
static void debug_symbol( symtab_entry_t* sym )
{
if( gVerbosity > 1 )
{
section_t* sec = sym->section;
segment_t* seg = sec->segment;
fprintf(stderr, "%-40.40s: %llx sect=%s, segment=%s prot=(%x->%x)\n",
sym->n_symbol, sym->n_value, sec->sectname,
seg->segname, seg->initprot, seg->maxprot );
}
}
/*
* Minimalistic HMAC from fips_standalone_sha1.c
*/
static void hmac_init(SHA_CTX *md_ctx,SHA_CTX *o_ctx,
const char *key)
{
size_t len=strlen(key);
int i;
unsigned char keymd[HMAC_MAX_MD_CBLOCK];
unsigned char pad[HMAC_MAX_MD_CBLOCK];
if (len > SHA_CBLOCK)
{
SHA1_Init(md_ctx);
SHA1_Update(md_ctx,key,len);
SHA1_Final(keymd,md_ctx);
len=20;
}
else
memcpy(keymd,key,len);
memset(&keymd[len],'\0',HMAC_MAX_MD_CBLOCK-len);
for(i=0 ; i < HMAC_MAX_MD_CBLOCK ; i++)
pad[i]=0x36^keymd[i];
SHA1_Init(md_ctx);
SHA1_Update(md_ctx,pad,SHA_CBLOCK);
for(i=0 ; i < HMAC_MAX_MD_CBLOCK ; i++)
pad[i]=0x5c^keymd[i];
SHA1_Init(o_ctx);
SHA1_Update(o_ctx,pad,SHA_CBLOCK);
}
static void hmac_final(unsigned char *md,SHA_CTX *md_ctx,SHA_CTX *o_ctx)
{
unsigned char buf[20];
SHA1_Final(buf,md_ctx);
SHA1_Update(o_ctx,buf,sizeof buf);
SHA1_Final(md,o_ctx);
}
static int fingerprint(macho_file_t* inFile, int addFingerprint)
{
int rval = 0;
unsigned char signature[FIPS_SIGNATURE_SIZE];
char signature_string[FIPS_FINGERPRINT_SIZE+1];
unsigned int len = sizeof(signature);
const char *fingerprint = NULL;
int ii = 0;
#define LOOKUP_SYMBOL( symname, prot ) \
symtab_entry_t *symname = \
lookup_entry_by_name( inFile, "_" #symname ); \
if( ! symname ) { \
fprintf(stderr, "%s: Not a FIPS executable (" \
#symname " not found)\n", inFile->filename ); \
return -1;\
} \
if( (symname->section->segment->initprot & \
(PROT_READ|PROT_WRITE|PROT_EXEC)) != (prot) ) { \
fprintf(stderr, #symname \
" segment has the wrong protection.\n"); \
debug_symbol(symname);return -1;\
}
LOOKUP_SYMBOL( FIPS_rodata_start, PROT_READ | PROT_EXEC );
LOOKUP_SYMBOL( FIPS_rodata_end, PROT_READ | PROT_EXEC );
LOOKUP_SYMBOL( FIPS_text_startX, PROT_READ | PROT_EXEC );
LOOKUP_SYMBOL( FIPS_text_endX, PROT_READ | PROT_EXEC );
LOOKUP_SYMBOL( FIPS_signature, PROT_WRITE | PROT_READ );
LOOKUP_SYMBOL( FINGERPRINT_ascii_value, PROT_READ | PROT_EXEC );
if( gVerbosity > 1 )
{
debug_symbol( FIPS_rodata_start );
debug_symbol( FIPS_rodata_end );
debug_symbol( FIPS_text_startX );
debug_symbol( FIPS_text_endX );
debug_symbol( FIPS_signature );
debug_symbol( FINGERPRINT_ascii_value );
fingerprint = (const char *)FINGERPRINT_ascii_value->mapped;
fprintf(stderr, "fingerprint: ");
for(ii=0; ii<40; ii++ )
{
if( fingerprint[ii] == 0 )
break;
putc(fingerprint[ii], stderr);
}
putc('\n', stderr);
}
/* check for the prefix ? character */
{
const unsigned char * p1 = FIPS_text_startX->mapped;
const unsigned char * p2 = FIPS_text_endX->mapped;
const unsigned char * p3 = FIPS_rodata_start->mapped;
const unsigned char * p4 = FIPS_rodata_end->mapped;
static const char FIPS_hmac_key[]="etaonrishdlcupfm";
SHA_CTX md_ctx,o_ctx;
hmac_init(&md_ctx,&o_ctx,FIPS_hmac_key);
if (p1<=p3 && p2>=p3)
p3=p1, p4=p2>p4?p2:p4, p1=NULL, p2=NULL;
else if (p3<=p1 && p4>=p1)
p3=p3, p4=p2>p4?p2:p4, p1=NULL, p2=NULL;
if (p1) {
SHA1_Update(&md_ctx,p1,(size_t)p2-(size_t)p1);
}
if (FIPS_signature->mapped>=p3 && FIPS_signature->mapped<p4)
{
/* "punch" hole */
SHA1_Update(&md_ctx,p3,(size_t)FIPS_signature-(size_t)p3);
p3 = FIPS_signature->mapped+FIPS_SIGNATURE_SIZE;
if (p3<p4) {
SHA1_Update(&md_ctx,p3,(size_t)p4-(size_t)p3);
}
}
else {
SHA1_Update(&md_ctx,p3,(size_t)p4-(size_t)p3);
}
hmac_final(signature,&md_ctx,&o_ctx);
{
char *pString = NULL;
unsigned int i = 0;
memset( signature_string, 0, sizeof(signature_string));
pString = signature_string;
for (i=0;i<len;i++)
{
snprintf(pString, 3, "%02x",signature[i]);
pString+=2;
}
*pString = 0;
}
}
fingerprint = (char *)FINGERPRINT_ascii_value->mapped;
inFile->fingerprint_original = strndup(fingerprint,FIPS_FINGERPRINT_SIZE);
inFile->fingerprint_computed = strdup(signature_string);
if( addFingerprint )
{
void *fp_page = NULL;
void *fp_end = NULL;
if(strcmp(fingerprint,"?have to make sure this string is unique")!=0)
{
if (memcmp((char*)fingerprint, signature_string, FIPS_FINGERPRINT_SIZE)!=0)
{
fprintf(stderr,
"%s(%s) original fingerprint incorrect: %s\n",
inFile->filename,
cputype(inFile->cpu_type, inFile->cpu_subtype),
fingerprint);
}
}
fp_page = (void*)((uintptr_t)fingerprint & ~PAGE_MASK);
fp_end = (void*)((uintptr_t)(fingerprint+(PAGE_SIZE*2)) & ~PAGE_MASK);
if( mprotect( fp_page, fp_end-fp_page, PROT_READ|PROT_WRITE ) )
{
perror("Can't write the fingerprint - mprotect failed");
fprintf(stderr, "fp_page=%p, fp_end=%p, len=%ld\n",
fp_page, fp_end, (size_t)(fp_end-fp_page));
rval = 1;
}
else
{
memcpy((char*)fingerprint, signature_string, FIPS_FINGERPRINT_SIZE);
if( msync(fp_page, (fp_end-fp_page), 0) )
perror("msync failed");
}
if( gVerbosity > 0 )
fprintf(stderr, "%s(%s) fingerprint: %s\n", inFile->filename,
cputype(inFile->cpu_type,inFile->cpu_subtype),
signature_string);
}
if( *fingerprint == '?' )
{
printf("%s(%s) has no fingerprint.\n", inFile->filename,
cputype(inFile->cpu_type, inFile->cpu_subtype));
rval = 2;
}
else if( strncmp( fingerprint, signature_string, FIPS_FINGERPRINT_SIZE) == 0 )
{
if( ! addFingerprint )
printf("%s(%s) fingerprint is correct: %s\n", inFile->filename,
cputype(inFile->cpu_type, inFile->cpu_subtype),
signature_string);
}
else
{
printf("%s(%s) fingerprint %.40s is not correct\n", inFile->filename,
cputype(inFile->cpu_type,inFile->cpu_subtype), fingerprint);
printf("calculated: %s\n", signature_string);
rval = -1;
}
return rval;
}
static int make_fingerprint( const char * inApp, int addFingerprint )
{
int rval = 1;
int appfd = -1;
if( addFingerprint )
appfd = open( inApp, O_RDWR );
if( appfd < 0 )
{
if( addFingerprint )
fprintf(stderr, "Can't modify %s. Verifying only.\n", inApp);
addFingerprint = 0;
appfd = open( inApp, O_RDONLY );
}
if( appfd >= 0 )
{
struct stat stbuf;
fstat(appfd, &stbuf);
void * pApp = mmap(0, (size_t)stbuf.st_size, PROT_READ,
MAP_SHARED, appfd, (off_t)0);
if( pApp == MAP_FAILED )
{
perror(inApp);
}
else
{
macho_file_t theFile;
macho_file_t* architectures;
macho_file_t* pArchitecture;
memset( &theFile, 0, sizeof(theFile) );
theFile.filename = inApp;
theFile.mapped = pApp;
architectures = load_file(&theFile);
for( pArchitecture = architectures; pArchitecture;
pArchitecture = pArchitecture->next )
{
rval = fingerprint(pArchitecture, addFingerprint);
if( rval && addFingerprint )
{
printf("Failure\n");
break;
}
}
if((rval==0) && addFingerprint)
{
printf("Fingerprint Stored\n");
}
munmap(pApp, (size_t)stbuf.st_size);
}
close(appfd);
}
else
{
fprintf(stderr, "Can't open %s\n", inApp );
}
return rval;
}
static void print_usage(const char * prog)
{
fprintf(stderr, "usage:\n\t%s [--debug] [--quiet] [-exe|-dso|-dylib] executable\n", prog);
_exit(1);
}
int main (int argc, const char * argv[])
{
const char * pname = argv[0];
const char * filename = NULL;
int addFingerprint = 1;
const char * verbose_env = getenv("FIPS_SIG_VERBOSE");
if( verbose_env )
gVerbosity = atoi(verbose_env);
if( gVerbosity < 0 )
gVerbosity = 1;
while( --argc )
{
++argv;
if( strcmp(*argv,"-exe")==0 || strcmp(*argv,"--exe")==0 ||
strcmp(*argv,"-dso")==0 || strcmp(*argv,"--dso")==0 ||
strcmp(*argv,"-dylib")==0 || strcmp(*argv,"--dylib")==0 ||
strcmp(*argv,"--verify")==0 )
{
if(strcmp(*argv,"--verify")==0)
addFingerprint=0;
if( argc > 0 )
{
filename = *++argv;
argc--;
}
}
else if(strcmp(*argv,"-d")==0 || strcmp(*argv,"-debug")==0 || strcmp(*argv,"--debug")==0)
{
if( gVerbosity < 2 )
gVerbosity = 2;
else
gVerbosity++;
}
else if(strcmp(*argv,"-q")==0 || strcmp(*argv,"-quiet")==0 || strcmp(*argv,"--quiet")==0)
gVerbosity = 0;
else if(strncmp(*argv,"-",1)!=0) {
filename = *argv;
}
}
if( !filename )
{
print_usage(pname);
return 1;
}
if( access(filename, R_OK) )
{
fprintf(stderr, "Can't access %s\n", filename);
return 1;
}
return make_fingerprint( filename, addFingerprint );
}
Computing file changes ...
