Send and Receive a TLSv1.3 format ServerHello
[openssl.git] / util / fipslink.pl
1 #! /usr/bin/env perl
2 # Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
3 #
4 # Licensed under the OpenSSL license (the "License").  You may not use
5 # this file except in compliance with the License.  You can obtain a copy
6 # in the file LICENSE in the source distribution or at
7 # https://www.openssl.org/source/license.html
8
9 sub check_env
10         {
11         my @ret;
12         foreach (@_)
13                 {
14                 die "Environment variable $_ not defined!\n" unless exists $ENV{$_};
15                 push @ret, $ENV{$_};
16                 }
17         return @ret;
18         }
19
20
21 my ($fips_cc,$fips_cc_args, $fips_link,$fips_target, $fips_libdir, $sha1_exe)
22          = check_env("FIPS_CC", "FIPS_CC_ARGS", "FIPS_LINK", "FIPS_TARGET",
23                 "FIPSLIB_D", "FIPS_SHA1_EXE");
24
25
26
27 if (exists $ENV{"PREMAIN_DSO_EXE"})
28         {
29         $fips_premain_dso = $ENV{"PREMAIN_DSO_EXE"};
30         }
31         else
32         {
33         $fips_premain_dso = "";
34         }
35
36 check_hash($sha1_exe, "fips_premain.c");
37 check_hash($sha1_exe, "fipscanister.lib");
38
39
40 print "Integrity check OK\n";
41
42 if (is_premain_linked(@ARGV)) {
43         print "$fips_cc $fips_cc_args $fips_libdir/fips_premain.c\n";
44         system "$fips_cc $fips_cc_args $fips_libdir/fips_premain.c";
45         die "First stage Compile failure" if $? != 0;
46 } elsif (!defined($ENV{FIPS_SIG})) {
47         die "no fips_premain.obj linked";
48 }
49
50 print "$fips_link @ARGV\n";
51 system "$fips_link @ARGV";
52 die "First stage Link failure" if $? != 0;
53
54 if (defined($ENV{FIPS_SIG})) {
55         print "$ENV{FIPS_SIG} $fips_target\n";
56         system "$ENV{FIPS_SIG} $fips_target";
57         die "$ENV{FIPS_SIG} $fips_target failed" if $? != 0;
58         exit;
59 }
60
61 print "$fips_premain_dso $fips_target\n";
62 system("$fips_premain_dso $fips_target >$fips_target.sha1");
63 die "Get hash failure" if $? != 0;
64 open my $sha1_res, '<', $fips_target.".sha1" or die "Get hash failure";
65 $fips_hash=<$sha1_res>;
66 close $sha1_res;
67 unlink $fips_target.".sha1";
68 $fips_hash =~ s|\R$||;          # Better chomp
69 die "Get hash failure" if $? != 0;
70
71
72 print "$fips_cc -DHMAC_SHA1_SIG=\\\"$fips_hash\\\" $fips_cc_args $fips_libdir/fips_premain.c\n";
73 system "$fips_cc -DHMAC_SHA1_SIG=\\\"$fips_hash\\\" $fips_cc_args $fips_libdir/fips_premain.c";
74 die "Second stage Compile failure" if $? != 0;
75
76
77 print "$fips_link @ARGV\n";
78 system "$fips_link @ARGV";
79 die "Second stage Link failure" if $? != 0;
80
81 sub is_premain_linked
82         {
83         return 1 if (grep /fips_premain\.obj/,@_);
84         foreach (@_)
85                 {
86                 if (/^@(.*)/ && -f $1)
87                         {
88                         open FD,$1 or die "can't open $1";
89                         my $ret = (grep /fips_premain\.obj/,<FD>)?1:0;
90                         close FD;
91                         return $ret;
92                         }
93                 }
94         return 0;
95         }
96
97 sub check_hash
98         {
99         my ($sha1_exe, $filename) = @_;
100         my ($hashfile, $hashval);
101
102         open(IN, "${fips_libdir}/${filename}.sha1") || die "Cannot open file hash file ${fips_libdir}/${filename}.sha1";
103         $hashfile = <IN>;
104         close IN;
105         $hashval = `$sha1_exe ${fips_libdir}/$filename`;
106         $hashfile =~ s|\R$||;    # Better chomp
107         $hashval =~ s|\R$||;     # Better chomp
108         $hashfile =~ s/^.*=\s+//;
109         $hashval =~ s/^.*=\s+//;
110         die "Invalid hash syntax in file" if (length($hashfile) != 40);
111         die "Invalid hash received for file" if (length($hashval) != 40);
112         die "***HASH VALUE MISMATCH FOR FILE $filename ***" if ($hashval ne $hashfile);
113         }
114
115