diff options
Diffstat (limited to 'src/crypto/internal/boring/build')
-rw-r--r-- | src/crypto/internal/boring/build/README | 6 | ||||
-rwxr-xr-x | src/crypto/internal/boring/build/build.sh | 64 | ||||
-rwxr-xr-x | src/crypto/internal/boring/build/build_in_chroot.sh | 198 | ||||
-rwxr-xr-x | src/crypto/internal/boring/build/root_setup_in_chroot.sh | 13 | ||||
-rw-r--r-- | src/crypto/internal/boring/build/sources.list | 10 |
5 files changed, 291 insertions, 0 deletions
diff --git a/src/crypto/internal/boring/build/README b/src/crypto/internal/boring/build/README new file mode 100644 index 0000000000..22ce944a44 --- /dev/null +++ b/src/crypto/internal/boring/build/README @@ -0,0 +1,6 @@ +This is not a Go package. The directory must not contain Go sources, +to prevent it from being considered a Go package. + +This directory holds the script for building ../goboringcrypto_*.syso. +Run build.sh on an Ubuntu system. +See the comment at the top of build.sh for details. diff --git a/src/crypto/internal/boring/build/build.sh b/src/crypto/internal/boring/build/build.sh new file mode 100755 index 0000000000..5afbb426e2 --- /dev/null +++ b/src/crypto/internal/boring/build/build.sh @@ -0,0 +1,64 @@ +#!/bin/bash +# Copyright 2017 The Go Authors. All rights reserved. +# Use of this source code is governed by a BSD-style +# license that can be found in the LICENSE file. + +# Run on Ubuntu system set up with: +# sudo apt-get install debootstrap +# sudo apt-get install squid-deb-proxy +# sudo /etc/init.d/squid-deb-proxy start +# +# The script sets up an Ubuntu chroot and then runs the build +# in that chroot, to make sure we know exactly what software +# is being used for the build. To repeat the script reusing the +# chroot installation, run build.sh -quick. This mode is useful +# if all you've modified is goboringcrypto.c and ../goboringcrypto.h +# (or some of the setup scripts in this directory). + +# Comment this setting out if not using squid-deb-proxy, +# but it will be much slower to repeat the script. +http_proxy=http://127.0.0.1:8000 + +chroot=/var/tmp/boringssl + +sudo umount -f $chroot/proc +sudo umount -f $chroot/sys +sudo umount -f $chroot/dev/pts +sudo umount -f $chroot/dev + +set -e +if [ "$1" != "-quick" ]; then + sudo rm -rf $chroot + sudo http_proxy=$http_proxy debootstrap --variant=minbase disco $chroot +fi + +sudo chown $(whoami) $chroot +sudo chmod u+w $chroot + +sudo mount -t proc proc $chroot/proc +sudo mount -t sysfs sys $chroot/sys +sudo mount -o bind /dev $chroot/dev +sudo mount -t devpts devpts $chroot/dev/pts + +sudo cp sources.list $chroot/etc/apt/sources.list + +cp *chroot.sh $chroot + +# Following https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3318.pdf page 19. +if [ ! -e $chroot/boringssl-66005f41fbc3529ffe8d007708756720529da20d.tar.xz ]; then + wget -O $chroot/boringssl-66005f41fbc3529ffe8d007708756720529da20d.tar.xz https://commondatastorage.googleapis.com/chromium-boringssl-docs/fips/boringssl-66005f41fbc3529ffe8d007708756720529da20d.tar.xz +fi +if [ "$(sha256sum $chroot/boringssl-66005f41fbc3529ffe8d007708756720529da20d.tar.xz | awk '{print $1}')" != b12ad676ee533824f698741bd127f6fbc82c46344398a6d78d25e62c6c418c73 ]; then + echo WRONG SHA256SUM + exit 2 +fi + +rm -rf $chroot/godriver +mkdir $chroot/godriver +cp ../goboringcrypto.h $chroot/godriver + +sudo http_proxy=$http_proxy chroot $chroot /root_setup_in_chroot.sh +sudo chroot --userspec=$(id -u):$(id -g) $chroot /build_in_chroot.sh +cp $chroot/godriver/goboringcrypto_linux_amd64.syso .. +sha256sum ../goboringcrypto_linux_amd64.syso +echo DONE diff --git a/src/crypto/internal/boring/build/build_in_chroot.sh b/src/crypto/internal/boring/build/build_in_chroot.sh new file mode 100755 index 0000000000..73597e11fd --- /dev/null +++ b/src/crypto/internal/boring/build/build_in_chroot.sh @@ -0,0 +1,198 @@ +#!/bin/bash +# Copyright 2017 The Go Authors. All rights reserved. +# Use of this source code is governed by a BSD-style +# license that can be found in the LICENSE file. + +set -e +echo running build_in_chroot.sh +id +date +export LANG=C +unset LANGUAGE + +# Build BoringCrypto libcrypto.a. +# Following https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3318.pdf page 19. +if ! [ -e ./boringssl/build/tool/bssl ]; then + export PATH=$PATH:/usr/lib/go-1.10/bin:/clangbin + + # Go requires -fPIC for linux/amd64 cgo builds. + # Setting -fPIC only affects the compilation of the non-module code in libcrypto.a, + # because the FIPS module itself is already built with -fPIC. + mkdir /clangbin + echo '#!/bin/bash + exec clang-6.0 -fPIC "$@" + ' >/clangbin/clang + echo '#!/bin/bash + exec clang++-6.0 -fPIC "$@" + ' >/clangbin/clang++ + chmod +x /clangbin/clang /clangbin/clang++ + + rm -rf boringssl + tar xJf ../boringssl-*z + cd boringssl + + # Verbatim instructions from BoringCrypto build docs. + printf "set(CMAKE_C_COMPILER \"clang\")\nset(CMAKE_CXX_COMPILER \"clang++\")\n" >${HOME}/toolchain + mkdir build && cd build && cmake -GNinja -DCMAKE_TOOLCHAIN_FILE=${HOME}/toolchain -DFIPS=1 -DCMAKE_BUILD_TYPE=Release .. + ninja + ninja run_tests + + cd ../.. +fi +if [ "$(./boringssl/build/tool/bssl isfips)" != 1 ]; then + echo "NOT FIPS" + exit 2 +fi + + +# Build and run test C++ program to make sure goboringcrypto.h matches openssl/*.h. +# Also collect list of checked symbols in syms.txt +set -x +set -e +cd godriver +cat >goboringcrypto.cc <<'EOF' +#include <cassert> +#include "goboringcrypto0.h" +#include "goboringcrypto1.h" +#define check_size(t) if(sizeof(t) != sizeof(GO_ ## t)) {printf("sizeof(" #t ")=%d, but sizeof(GO_" #t ")=%d\n", (int)sizeof(t), (int)sizeof(GO_ ## t)); ret=1;} +#define check_func(f) { auto x = f; x = _goboringcrypto_ ## f ; } +#define check_value(n, v) if(n != v) {printf(#n "=%d, but goboringcrypto.h defines it as %d\n", (int)n, (int)v); ret=1;} +int main() { +int ret = 0; +#include "goboringcrypto.x" +return ret; +} +EOF + +awk ' +BEGIN { + exitcode = 0 +} + +# Ignore comments, #includes, blank lines. +/^\/\// || /^#/ || NF == 0 { next } + +# Ignore unchecked declarations. +/\/\*unchecked/ { next } + +# Check enum values. +!enum && $1 == "enum" && $NF == "{" { + enum = 1 + next +} +enum && $1 == "};" { + enum = 0 + next +} +enum && NF == 3 && $2 == "=" { + name = $1 + sub(/^GO_/, "", name) + val = $3 + sub(/,$/, "", val) + print "check_value(" name ", " val ")" > "goboringcrypto.x" + next +} +enum { + print FILENAME ":" NR ": unexpected line in enum: " $0 > "/dev/stderr" + exitcode = 1 + next +} + +# Check struct sizes. +/^typedef struct / && $NF ~ /^GO_/ { + name = $NF + sub(/^GO_/, "", name) + sub(/;$/, "", name) + print "check_size(" name ")" > "goboringcrypto.x" + next +} + +# Check function prototypes. +/^(const )?[^ ]+ \**_goboringcrypto_.*\(/ { + name = $2 + if($1 == "const") + name = $3 + sub(/^\**_goboringcrypto_/, "", name) + sub(/\(.*/, "", name) + print "check_func(" name ")" > "goboringcrypto.x" + print name > "syms.txt" + next +} + +{ + print FILENAME ":" NR ": unexpected line: " $0 > "/dev/stderr" + exitcode = 1 +} + +END { + exit exitcode +} +' goboringcrypto.h + +cat goboringcrypto.h | awk ' + /^\/\/ #include/ {sub(/\/\//, ""); print > "goboringcrypto0.h"; next} + /typedef struct|enum ([a-z_]+ )?{|^[ \t]/ {print;next} + {gsub(/GO_/, ""); gsub(/enum go_/, "enum "); print} +' >goboringcrypto1.h +clang++-6.0 -std=c++11 -fPIC -I../boringssl/include -O2 -o a.out goboringcrypto.cc +./a.out || exit 2 + +# Prepare copy of libcrypto.a with only the checked functions renamed and exported. +# All other symbols are left alone and hidden. +echo BORINGSSL_bcm_power_on_self_test >>syms.txt +awk '{print "_goboringcrypto_" $0 }' syms.txt >globals.txt +awk '{print $0 " _goboringcrypto_" $0 }' syms.txt >renames.txt +objcopy --globalize-symbol=BORINGSSL_bcm_power_on_self_test ../boringssl/build/crypto/libcrypto.a libcrypto.a + +# clang implements u128 % u128 -> u128 by calling __umodti3, +# which is in libgcc. To make the result self-contained even if linking +# against a different compiler version, link our own __umodti3 into the syso. +# This one is specialized so it only expects divisors below 2^64, +# which is all BoringCrypto uses. (Otherwise it will seg fault.) +cat >umod.s <<'EOF' +# tu_int __umodti3(tu_int x, tu_int y) +# x is rsi:rdi, y is rcx:rdx, return result is rdx:rax. +.globl __umodti3 +__umodti3: + # specialized to u128 % u64, so verify that + test %rcx,%rcx + jne 1f + + # save divisor + movq %rdx, %r8 + + # reduce top 64 bits mod divisor + movq %rsi, %rax + xorl %edx, %edx + divq %r8 + + # reduce full 128-bit mod divisor + # quotient fits in 64 bits because top 64 bits have been reduced < divisor. + # (even though we only care about the remainder, divq also computes + # the quotient, and it will trap if the quotient is too large.) + movq %rdi, %rax + divq %r8 + + # expand remainder to 128 for return + movq %rdx, %rax + xorl %edx, %edx + ret + +1: + # crash - only want 64-bit divisor + xorl %ecx, %ecx + movl %ecx, 0(%ecx) + jmp 1b + +.section .note.GNU-stack,"",@progbits +EOF +clang-6.0 -c -o umod.o umod.s + +ld -r -nostdlib --whole-archive -o goboringcrypto.o libcrypto.a umod.o +echo __umodti3 _goboringcrypto___umodti3 >>renames.txt +objcopy --redefine-syms=renames.txt goboringcrypto.o goboringcrypto2.o +objcopy --keep-global-symbols=globals.txt goboringcrypto2.o goboringcrypto_linux_amd64.syso + +# Done! +ls -l goboringcrypto_linux_amd64.syso +sha256sum goboringcrypto_linux_amd64.syso diff --git a/src/crypto/internal/boring/build/root_setup_in_chroot.sh b/src/crypto/internal/boring/build/root_setup_in_chroot.sh new file mode 100755 index 0000000000..90f0f266c3 --- /dev/null +++ b/src/crypto/internal/boring/build/root_setup_in_chroot.sh @@ -0,0 +1,13 @@ +#!/bin/bash +# Copyright 2017 The Go Authors. All rights reserved. +# Use of this source code is governed by a BSD-style +# license that can be found in the LICENSE file. + +set -e +id +date +echo http_proxy=$http_proxy +export LANG=C +unset LANGUAGE +apt-get update +apt-get install --no-install-recommends -y cmake clang-6.0 golang-1.10-go ninja-build xz-utils diff --git a/src/crypto/internal/boring/build/sources.list b/src/crypto/internal/boring/build/sources.list new file mode 100644 index 0000000000..a5c31c0645 --- /dev/null +++ b/src/crypto/internal/boring/build/sources.list @@ -0,0 +1,10 @@ +deb http://archive.ubuntu.com/ubuntu/ disco main restricted +deb http://archive.ubuntu.com/ubuntu/ disco-updates main restricted +deb http://archive.ubuntu.com/ubuntu/ disco universe +deb http://archive.ubuntu.com/ubuntu/ disco-updates universe +deb http://archive.ubuntu.com/ubuntu/ disco multiverse +deb http://archive.ubuntu.com/ubuntu/ disco-updates multiverse +deb http://archive.ubuntu.com/ubuntu/ disco-backports main restricted universe multiverse +deb http://security.ubuntu.com/ubuntu disco-security main restricted +deb http://security.ubuntu.com/ubuntu disco-security universe +deb http://security.ubuntu.com/ubuntu disco-security multiverse |