removed obsolete INTEGRITY_TEST and fips signer code
authorMartin Willi <martin@strongswan.org>
Fri, 19 Jun 2009 14:39:44 +0000 (16:39 +0200)
committerMartin Willi <martin@strongswan.org>
Mon, 22 Jun 2009 13:47:17 +0000 (15:47 +0200)
--enable-integrity-test now conditionally builds libchecksum

16 files changed:
LICENSE
configure.in
src/charon/Makefile.am
src/charon/daemon.c
src/libstrongswan/Makefile.am
src/libstrongswan/fips/.gitignore [deleted file]
src/libstrongswan/fips/Makefile.am [deleted file]
src/libstrongswan/fips/fips.c [deleted file]
src/libstrongswan/fips/fips.h [deleted file]
src/libstrongswan/fips/fips_canister_end.c [deleted file]
src/libstrongswan/fips/fips_canister_start.c [deleted file]
src/libstrongswan/fips/fips_signer.c [deleted file]
src/libstrongswan/library.h
src/openac/openac.c
src/pluto/Makefile.am
src/pluto/plutomain.c

diff --git a/LICENSE b/LICENSE
index ce8c4ae..abbefa5 100644 (file)
--- a/LICENSE
+++ b/LICENSE
@@ -22,10 +22,5 @@ so they must include the following phrase: "RSA Security Inc. PKCS#11
 Cryptographic Token Interface (Cryptoki)". The headers are not under the GPL;
 see details in src/pluto/rsaref/pkcs11.h.
 
 Cryptographic Token Interface (Cryptoki)". The headers are not under the GPL;
 see details in src/pluto/rsaref/pkcs11.h.
 
-The FIPS_canister code in src/libstrongswan/fips that is used to determine
-the start (fips_canister_start.c) and end (fips_canister_end.c) of the
-libstrongswan TEXT and RODATA segments is under the OpenSSL licence. It is
-not under the GPL; see www.openssl.org. 
-
 In addition to the terms set out under the GPL, permission is granted to
 link the software against the libdes, MD2, and MD5 libraries just mentioned.  
 In addition to the terms set out under the GPL, permission is granted to
 link the software against the libdes, MD2, and MD5 libraries just mentioned.  
index 858914c..433f736 100644 (file)
@@ -588,7 +588,7 @@ AC_ARG_ENABLE(
 
 AC_ARG_ENABLE(
        [integrity-test],
 
 AC_ARG_ENABLE(
        [integrity-test],
-       AS_HELP_STRING([--enable-integrity-test],[enable the integrity test of the crypto library (default is NO).]),
+       AS_HELP_STRING([--enable-integrity-test],[enable integrity testing of libstrongswan and plugins (default is NO).]),
        [if test x$enableval = xyes; then
                integrity_test=true 
        fi]
        [if test x$enableval = xyes; then
                integrity_test=true 
        fi]
@@ -1258,7 +1258,6 @@ AC_OUTPUT(
        src/libstrongswan/plugins/gcrypt/Makefile
        src/libstrongswan/plugins/agent/Makefile
        src/libstrongswan/plugins/test_vectors/Makefile
        src/libstrongswan/plugins/gcrypt/Makefile
        src/libstrongswan/plugins/agent/Makefile
        src/libstrongswan/plugins/test_vectors/Makefile
-       src/libstrongswan/fips/Makefile
        src/libfreeswan/Makefile
        src/pluto/Makefile
        src/whack/Makefile
        src/libfreeswan/Makefile
        src/pluto/Makefile
        src/whack/Makefile
index 3b5b9c0..356e074 100644 (file)
@@ -128,10 +128,6 @@ if USE_ME
     sa/tasks/ike_me.c sa/tasks/ike_me.h
 endif
 
     sa/tasks/ike_me.c sa/tasks/ike_me.h
 endif
 
-if USE_INTEGRITY_TEST
-  AM_CFLAGS += -DINTEGRITY_TEST
-endif
-
 if USE_CAPABILITIES
   charon_LDADD += -lcap
 endif
 if USE_CAPABILITIES
   charon_LDADD += -lcap
 endif
index f6f3ac1..c672515 100644 (file)
 #include <config/traffic_selector.h>
 #include <config/proposal.h>
 
 #include <config/traffic_selector.h>
 #include <config/proposal.h>
 
-#ifdef INTEGRITY_TEST
-#include <fips/fips.h>
-#include <fips/fips_signature.h>
-#endif /* INTEGRITY_TEST */
-
 typedef struct private_daemon_t private_daemon_t;
 
 /**
 typedef struct private_daemon_t private_daemon_t;
 
 /**
@@ -487,19 +482,6 @@ static bool initialize(private_daemon_t *this, bool syslog, level_t levels[])
                lib->settings->get_str(lib->settings, "charon.load", PLUGINS));
        
        print_plugins();
                lib->settings->get_str(lib->settings, "charon.load", PLUGINS));
        
        print_plugins();
-       
-#ifdef INTEGRITY_TEST
-       DBG1(DBG_DMN, "integrity test of libstrongswan code");
-       if (fips_verify_hmac_signature(hmac_key, hmac_signature))
-       {
-               DBG1(DBG_DMN, "  integrity test passed");
-       }
-       else
-       {
-               DBG1(DBG_DMN, "  integrity test failed");
-               return FALSE;
-       }
-#endif /* INTEGRITY_TEST */
 
        this->public.ike_sa_manager = ike_sa_manager_create();
        if (this->public.ike_sa_manager == NULL)
 
        this->public.ike_sa_manager = ike_sa_manager_create();
        if (this->public.ike_sa_manager == NULL)
index 4de511e..d190f35 100644 (file)
@@ -1,14 +1,6 @@
 lib_LTLIBRARIES = libstrongswan.la
 
 lib_LTLIBRARIES = libstrongswan.la
 
-if USE_INTEGRITY_TEST
-  libstrongswan_la_SOURCES = \
-  fips/fips_canister_start.c \
-  fips/fips.c fips/fips.h
-else
-  libstrongswan_la_SOURCES =
-endif
-
-libstrongswan_la_SOURCES += \
+libstrongswan_la_SOURCES = \
 library.c library.h \
 chunk.c chunk.h \
 debug.c debug.h \
 library.c library.h \
 chunk.c chunk.h \
 debug.c debug.h \
@@ -76,11 +68,6 @@ if USE_LOCK_PROFILER
   AM_CFLAGS += -DLOCK_PROFILER
 endif
 
   AM_CFLAGS += -DLOCK_PROFILER
 endif
 
-if USE_INTEGRITY_TEST
-  libstrongswan_la_SOURCES += \
-  fips/fips_canister_end.c
-endif
-
 if USE_VSTR
   libstrongswan_la_LIBADD += -lvstr
 endif
 if USE_VSTR
   libstrongswan_la_LIBADD += -lvstr
 endif
@@ -207,7 +194,5 @@ if USE_TEST_VECTORS
 endif
 
 if USE_INTEGRITY_TEST
 endif
 
 if USE_INTEGRITY_TEST
-  SUBDIRS += fips
+  SUBDIRS += checksum
 endif
 endif
-
-SUBDIRS += checksum
diff --git a/src/libstrongswan/fips/.gitignore b/src/libstrongswan/fips/.gitignore
deleted file mode 100644 (file)
index ebb05cf..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-fips_signature.h
-fips_signer
diff --git a/src/libstrongswan/fips/Makefile.am b/src/libstrongswan/fips/Makefile.am
deleted file mode 100644 (file)
index 22a3570..0000000
+++ /dev/null
@@ -1,19 +0,0 @@
-noinst_PROGRAMS = fips_signer
-fips_signer_SOURCES = fips_signer.c
-fips_signer_LDADD = ../libstrongswan.la
-
-BUILT_SOURCES = fips_signature.h
-CLEANFILES = fips_signature.h fips_signer
-INCLUDES = -I$(top_srcdir)/src/libstrongswan
-AM_CFLAGS = -DSTRONGSWAN_CONF=\"${strongswan_conf}\" \
-            -DPLUGINDIR=\"${top_srcdir}/src/libstrongswan/plugins\"
-if USE_SHA1
-  AM_CFLAGS += -DUSE_SHA1
-endif
-
-if USE_OPENSSL
-  AM_CFLAGS += -DUSE_OPENSSL
-endif
-
-fips_signature.h : fips_signer
-                  ./fips_signer
diff --git a/src/libstrongswan/fips/fips.c b/src/libstrongswan/fips/fips.c
deleted file mode 100644 (file)
index d2296e5..0000000
+++ /dev/null
@@ -1,96 +0,0 @@
-/*
- * Copyright (C) 2007 Bruno Krieg, Daniel Wydler
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-#include <stdio.h>
-
-#include <debug.h>
-#include <crypto/signers/signer.h>
-#include "fips.h"
-
-extern const u_char FIPS_rodata_start[];
-extern const u_char FIPS_rodata_end[];
-extern const void *FIPS_text_start();
-extern const void *FIPS_text_end();
-
-/**
- * Described in header
- */
-bool fips_compute_hmac_signature(const char *key, char *signature)
-{
-       u_char *text_start = (u_char *)FIPS_text_start();
-       u_char *text_end   = (u_char *)FIPS_text_end();
-       size_t text_len, rodata_len;
-       signer_t *signer;
-
-       if (text_start > text_end)
-       {
-               DBG1("  TEXT start (%p) > TEXT end (%p",
-                               text_start, text_end);
-               return FALSE;
-       }
-       text_len = text_end - text_start;
-    DBG1("  TEXT:   %p + %6d = %p",
-                       text_start, (int)text_len, text_end);
-
-       if (FIPS_rodata_start > FIPS_rodata_end)
-       {
-               DBG1("  RODATA start (%p) > RODATA end (%p",
-                               FIPS_rodata_start, FIPS_rodata_end);
-               return FALSE;
-       }
-       rodata_len = FIPS_rodata_end - FIPS_rodata_start;
-    DBG1("  RODATA: %p + %6d = %p",
-                       FIPS_rodata_start, (int)rodata_len, FIPS_rodata_end);
-
-    signer = lib->crypto->create_signer(lib->crypto, AUTH_HMAC_SHA1_128);
-       if (signer == NULL)
-       {
-           DBG1("  SHA-1 HMAC signer could not be created");
-               return FALSE;
-       }
-       else
-       {
-               chunk_t hmac_key = { (u_char *)key, strlen(key) };
-               chunk_t text_chunk = { text_start, text_len };
-               chunk_t rodata_chunk = { (u_char *)FIPS_rodata_start, rodata_len };
-               chunk_t signature_chunk = chunk_empty;
-
-               signer->set_key(signer, hmac_key);
-               signer->allocate_signature(signer, text_chunk, NULL);
-               signer->allocate_signature(signer, rodata_chunk, &signature_chunk);
-               signer->destroy(signer);
-
-               sprintf(signature, "%#B", &signature_chunk);
-               DBG1("  SHA-1 HMAC key: %s", key);
-               DBG1("  SHA-1 HMAC sig: %s", signature);
-               free(signature_chunk.ptr);
-               return TRUE;
-       }
-}
-
-/**
- * Described in header
- */
-bool fips_verify_hmac_signature(const char *key,
-                                                               const char *signature)
-{
-       char current_signature[BUF_LEN];
-
-       if (!fips_compute_hmac_signature(key, current_signature))
-       {
-               return FALSE;
-       }
-       return streq(signature, current_signature);
-}
diff --git a/src/libstrongswan/fips/fips.h b/src/libstrongswan/fips/fips.h
deleted file mode 100644 (file)
index aae18e3..0000000
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Copyright (C) 2007 Bruno Krieg, Daniel Wydler
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-/**
- * @defgroup fips1 fips
- * @{ @ingroup fips
- */
-
-#ifndef FIPS_H_
-#define FIPS_H_
-
-#include <library.h>
-
-/**
- * compute HMAC signature over RODATA and TEXT sections of libstrongswan
- *
- * @param key          key used for HMAC signature in ASCII string format
- * @param signature    HMAC signature in HEX string format
- * @return                     TRUE if HMAC signature computation was successful
- */
-bool fips_compute_hmac_signature(const char *key, char *signature);
-
-/**
- * verify HMAC signature over RODATA and TEXT sections of libstrongswan
- *
- * @param key          key used for HMAC signature in ASCII string format
- * @param signature    signature value from fips_signature.h in HEX string format
- * @return                     TRUE if signatures agree
- */
-bool fips_verify_hmac_signature(const char *key, const char *signature);
-
-#endif /** FIPS_H_ @}*/
diff --git a/src/libstrongswan/fips/fips_canister_end.c b/src/libstrongswan/fips/fips_canister_end.c
deleted file mode 100644 (file)
index 247d489..0000000
+++ /dev/null
@@ -1,166 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2005 The OpenSSL Project. Rights for redistribution
- * and usage in source and binary forms are granted according to the
- * OpenSSL license.
- */
-
-#include <stdio.h>
-#if defined(__DECC)
-# include <c_asm.h>
-# pragma __nostandard
-#endif
-
-#if !defined(POINTER_TO_FUNCTION_IS_POINTER_TO_1ST_INSTRUCTION)
-# if   (defined(__sun) && (defined(__sparc) || defined(__sparcv9)))    || \
-       (defined(__sgi) && (defined(__mips) || defined(mips)))          || \
-       (defined(__osf__) && defined(__alpha))                          || \
-       (defined(__linux) && (defined(__arm) || defined(__arm__)))      || \
-       (defined(__i386) || defined(__i386__))                          || \
-       (defined(__x86_64) || defined(__x86_64__))                      || \
-       (defined(vax) || defined(__vax__))
-#  define POINTER_TO_FUNCTION_IS_POINTER_TO_1ST_INSTRUCTION
-# endif
-#endif
-
-#define FIPS_ref_point FIPS_text_end
-/* Some compilers put string literals into a separate segment. As we
- * are mostly interested to hash AES tables in .rodata, we declare
- * reference points accordingly. In case you wonder, the values are
- * big-endian encoded variable names, just to prevent these arrays
- * from being merged by linker. */
-const unsigned int FIPS_rodata_end[]=
-       { 0x46495053, 0x5f726f64, 0x6174615f, 0x656e645b };
-
-
-/*
- * I declare reference function as static in order to avoid certain
- * pitfalls in -dynamic linker behaviour...
- */
-static void *instruction_pointer(void)
-{
-  void *ret = NULL;
-
-/* These are ABI-neutral CPU-specific snippets. ABI-neutrality means
- * that they are designed to work under any OS running on particular
- * CPU, which is why you don't find any #ifdef THIS_OR_THAT_OS in
- * this function. */
-#if    defined(INSTRUCTION_POINTER_IMPLEMENTED)
-    INSTRUCTION_POINTER_IMPLEMENTED(ret);
-#elif  defined(__GNUC__) && __GNUC__>=2
-# if   defined(__alpha) || defined(__alpha__)
-#   define INSTRUCTION_POINTER_IMPLEMENTED
-    __asm __volatile ( "br     %0,1f\n1:" : "=r"(ret) );
-# elif defined(__i386) || defined(__i386__)
-#   define INSTRUCTION_POINTER_IMPLEMENTED
-    __asm __volatile ( "call 1f\n1:    popl %0" : "=r"(ret) );
-    ret = (void *)((size_t)ret&~3UL); /* align for better performance */
-# elif defined(__ia64) || defined(__ia64__)
-#   define INSTRUCTION_POINTER_IMPLEMENTED
-    __asm __volatile ( "mov    %0=ip" : "=r"(ret) );
-# elif defined(__hppa) || defined(__hppa__) || defined(__pa_risc)
-#   define INSTRUCTION_POINTER_IMPLEMENTED
-    __asm __volatile ( "blr    %%r0,%0\n\tnop" : "=r"(ret) );
-    ret = (void *)((size_t)ret&~3UL); /* mask privilege level */
-# elif defined(__mips) || defined(__mips__)
-#   define INSTRUCTION_POINTER_IMPLEMENTED
-    void *scratch;
-    __asm __volatile ( "move   %1,$31\n\t"     /* save ra */
-                       "bal    .+8; nop\n\t"
-                       "move   %0,$31\n\t"
-                       "move   $31,%1"         /* restore ra */
-                       : "=r"(ret),"=r"(scratch) );
-# elif defined(__ppc__) || defined(__powerpc) || defined(__powerpc__) || \
-       defined(__POWERPC__) || defined(_POWER) || defined(__PPC__) || \
-       defined(__PPC64__) || defined(__powerpc64__)
-#   define INSTRUCTION_POINTER_IMPLEMENTED
-    void *scratch;
-    __asm __volatile ( "mfspr  %1,8\n\t"       /* save lr */
-                       "bl     .+4\n\t"
-                       "mfspr  %0,8\n\t"       /* mflr ret */
-                       "mtspr  8,%1"           /* restore lr */
-                       : "=r"(ret),"=r"(scratch) );
-# elif defined(__sparc) || defined(__sparc__) || defined(__sparcv9)
-#   define INSTRUCTION_POINTER_IMPLEMENTED
-    void *scratch;
-    __asm __volatile ( "mov    %%o7,%1\n\t"
-                       "call   .+8; nop\n\t"
-                       "mov    %%o7,%0\n\t"
-                       "mov    %1,%%o7"
-                       : "=r"(ret),"=r"(scratch) );
-# elif defined(__x86_64) || defined(__x86_64__)
-#   define INSTRUCTION_POINTER_IMPLEMENTED
-    __asm __volatile ( "leaq   0(%%rip),%0" : "=r"(ret) );
-    ret = (void *)((size_t)ret&~3UL); /* align for better performance */
-# endif
-#elif  defined(__DECC) && defined(__alpha)
-#   define INSTRUCTION_POINTER_IMPLEMENTED
-    ret = (void *)(size_t)asm("br %v0,1f\n1:");
-#elif   defined(_MSC_VER) && defined(_M_IX86)
-#   undef INSTRUCTION_POINTER_IMPLEMENTED
-    void *scratch;
-    _asm {
-            call    self
-    self:   pop     eax
-            mov     scratch,eax
-         }
-    ret = (void *)((size_t)scratch&~3UL);
-#endif
-  return ret;
-}
-
-/*
- * This function returns pointer to an instruction in the vicinity of
- * its entry point, but not outside this object module. This guarantees
- * that sequestered code is covered...
- */
-void *FIPS_ref_point()
-{
-#if    defined(INSTRUCTION_POINTER_IMPLEMENTED)
-    return instruction_pointer();
-/* Below we essentially cover vendor compilers which do not support
- * inline assembler... */
-#elif  defined(_AIX)
-    struct { void *ip,*gp,*env; } *p = (void *)instruction_pointer;
-    return p->ip;
-#elif  defined(_HPUX_SOURCE)
-# if   defined(__hppa) || defined(__hppa__)
-    struct { void *i[4]; } *p = (void *)FIPS_ref_point;
-
-    if (sizeof(p) == 8)        /* 64-bit */
-       return p->i[2];
-    else if ((size_t)p & 2)
-    {  p = (void *)((size_t)p&~3UL);
-       return p->i[0];
-    }
-    else
-       return (void *)p;
-# elif defined(__ia64) || defined(__ia64__)
-    struct { unsigned long long ip,gp; } *p=(void *)instruction_pointer;
-    return (void *)(size_t)p->ip;
-# endif
-#elif  (defined(__VMS) || defined(VMS)) && !(defined(vax) || defined(__vax__))
-    /* applies to both alpha and ia64 */
-    struct { unsigned __int64 opaque,ip; } *p=(void *)instruction_pointer;
-    return (void *)(size_t)p->ip;
-#elif  defined(__VOS__)
-    /* applies to both pa-risc and ia32 */
-    struct { void *dp,*ip,*gp; } *p = (void *)instruction_pointer;
-    return p->ip;
-#elif  defined(_WIN32)
-# if   defined(_WIN64) && defined(_M_IA64)
-    struct { void *ip,*gp; } *p = (void *)FIPS_ref_point;
-    return p->ip;
-# else
-    return (void *)FIPS_ref_point;
-# endif
-/*
- * In case you wonder why there is no #ifdef __linux. All Linux targets
- * are GCC-based and therefore are covered by instruction_pointer above
- * [well, some are covered by by the one below]...
- */ 
-#elif  defined(POINTER_TO_FUNCTION_IS_POINTER_TO_1ST_INSTRUCTION)
-    return (void *)instruction_pointer;
-#else
-    return NULL;
-#endif
-}
diff --git a/src/libstrongswan/fips/fips_canister_start.c b/src/libstrongswan/fips/fips_canister_start.c
deleted file mode 100644 (file)
index 4a5528a..0000000
+++ /dev/null
@@ -1,167 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2005 The OpenSSL Project. Rights for redistribution
- * and usage in source and binary forms are granted according to the
- * OpenSSL license.
- */
-
-#include <stdio.h>
-#if defined(__DECC)
-# include <c_asm.h>
-# pragma __nostandard
-#endif
-
-#if !defined(POINTER_TO_FUNCTION_IS_POINTER_TO_1ST_INSTRUCTION)
-# if   (defined(__sun) && (defined(__sparc) || defined(__sparcv9)))    || \
-       (defined(__sgi) && (defined(__mips) || defined(mips)))          || \
-       (defined(__osf__) && defined(__alpha))                          || \
-       (defined(__linux) && (defined(__arm) || defined(__arm__)))      || \
-       (defined(__i386) || defined(__i386__))                          || \
-       (defined(__x86_64) || defined(__x86_64__))                      || \
-       (defined(vax) || defined(__vax__))
-#  define POINTER_TO_FUNCTION_IS_POINTER_TO_1ST_INSTRUCTION
-# endif
-#endif
-
-
-#define FIPS_ref_point FIPS_text_start
-/* Some compilers put string literals into a separate segment. As we
- * are mostly interested to hash AES tables in .rodata, we declare
- * reference points accordingly. In case you wonder, the values are
- * big-endian encoded variable names, just to prevent these arrays
- * from being merged by linker. */
-const unsigned int FIPS_rodata_start[]=
-       { 0x46495053, 0x5f726f64, 0x6174615f, 0x73746172 };
-
-
-/*
- * I declare reference function as static in order to avoid certain
- * pitfalls in -dynamic linker behaviour...
- */
-static void *instruction_pointer(void)
-{
-  void *ret = NULL;
-
-/* These are ABI-neutral CPU-specific snippets. ABI-neutrality means
- * that they are designed to work under any OS running on particular
- * CPU, which is why you don't find any #ifdef THIS_OR_THAT_OS in
- * this function. */
-#if    defined(INSTRUCTION_POINTER_IMPLEMENTED)
-    INSTRUCTION_POINTER_IMPLEMENTED(ret);
-#elif  defined(__GNUC__) && __GNUC__>=2
-# if   defined(__alpha) || defined(__alpha__)
-#   define INSTRUCTION_POINTER_IMPLEMENTED
-    __asm __volatile ( "br     %0,1f\n1:" : "=r"(ret) );
-# elif defined(__i386) || defined(__i386__)
-#   define INSTRUCTION_POINTER_IMPLEMENTED
-    __asm __volatile ( "call 1f\n1:    popl %0" : "=r"(ret) );
-    ret = (void *)((size_t)ret&~3UL); /* align for better performance */
-# elif defined(__ia64) || defined(__ia64__)
-#   define INSTRUCTION_POINTER_IMPLEMENTED
-    __asm __volatile ( "mov    %0=ip" : "=r"(ret) );
-# elif defined(__hppa) || defined(__hppa__) || defined(__pa_risc)
-#   define INSTRUCTION_POINTER_IMPLEMENTED
-    __asm __volatile ( "blr    %%r0,%0\n\tnop" : "=r"(ret) );
-    ret = (void *)((size_t)ret&~3UL); /* mask privilege level */
-# elif defined(__mips) || defined(__mips__)
-#   define INSTRUCTION_POINTER_IMPLEMENTED
-    void *scratch;
-    __asm __volatile ( "move   %1,$31\n\t"     /* save ra */
-                       "bal    .+8; nop\n\t"
-                       "move   %0,$31\n\t"
-                       "move   $31,%1"         /* restore ra */
-                       : "=r"(ret),"=r"(scratch) );
-# elif defined(__ppc__) || defined(__powerpc) || defined(__powerpc__) || \
-       defined(__POWERPC__) || defined(_POWER) || defined(__PPC__) || \
-       defined(__PPC64__) || defined(__powerpc64__)
-#   define INSTRUCTION_POINTER_IMPLEMENTED
-    void *scratch;
-    __asm __volatile ( "mfspr  %1,8\n\t"       /* save lr */
-                       "bl     .+4\n\t"
-                       "mfspr  %0,8\n\t"       /* mflr ret */
-                       "mtspr  8,%1"           /* restore lr */
-                       : "=r"(ret),"=r"(scratch) );
-# elif defined(__sparc) || defined(__sparc__) || defined(__sparcv9)
-#   define INSTRUCTION_POINTER_IMPLEMENTED
-    void *scratch;
-    __asm __volatile ( "mov    %%o7,%1\n\t"
-                       "call   .+8; nop\n\t"
-                       "mov    %%o7,%0\n\t"
-                       "mov    %1,%%o7"
-                       : "=r"(ret),"=r"(scratch) );
-# elif defined(__x86_64) || defined(__x86_64__)
-#   define INSTRUCTION_POINTER_IMPLEMENTED
-    __asm __volatile ( "leaq   0(%%rip),%0" : "=r"(ret) );
-    ret = (void *)((size_t)ret&~3UL); /* align for better performance */
-# endif
-#elif  defined(__DECC) && defined(__alpha)
-#   define INSTRUCTION_POINTER_IMPLEMENTED
-    ret = (void *)(size_t)asm("br %v0,1f\n1:");
-#elif   defined(_MSC_VER) && defined(_M_IX86)
-#   undef INSTRUCTION_POINTER_IMPLEMENTED
-    void *scratch;
-    _asm {
-            call    self
-    self:   pop     eax
-            mov     scratch,eax
-         }
-    ret = (void *)((size_t)scratch&~3UL);
-#endif
-  return ret;
-}
-
-/*
- * This function returns pointer to an instruction in the vicinity of
- * its entry point, but not outside this object module. This guarantees
- * that sequestered code is covered...
- */
-void *FIPS_ref_point()
-{
-#if    defined(INSTRUCTION_POINTER_IMPLEMENTED)
-    return instruction_pointer();
-/* Below we essentially cover vendor compilers which do not support
- * inline assembler... */
-#elif  defined(_AIX)
-    struct { void *ip,*gp,*env; } *p = (void *)instruction_pointer;
-    return p->ip;
-#elif  defined(_HPUX_SOURCE)
-# if   defined(__hppa) || defined(__hppa__)
-    struct { void *i[4]; } *p = (void *)FIPS_ref_point;
-
-    if (sizeof(p) == 8)        /* 64-bit */
-       return p->i[2];
-    else if ((size_t)p & 2)
-    {  p = (void *)((size_t)p&~3UL);
-       return p->i[0];
-    }
-    else
-       return (void *)p;
-# elif defined(__ia64) || defined(__ia64__)
-    struct { unsigned long long ip,gp; } *p=(void *)instruction_pointer;
-    return (void *)(size_t)p->ip;
-# endif
-#elif  (defined(__VMS) || defined(VMS)) && !(defined(vax) || defined(__vax__))
-    /* applies to both alpha and ia64 */
-    struct { unsigned __int64 opaque,ip; } *p=(void *)instruction_pointer;
-    return (void *)(size_t)p->ip;
-#elif  defined(__VOS__)
-    /* applies to both pa-risc and ia32 */
-    struct { void *dp,*ip,*gp; } *p = (void *)instruction_pointer;
-    return p->ip;
-#elif  defined(_WIN32)
-# if   defined(_WIN64) && defined(_M_IA64)
-    struct { void *ip,*gp; } *p = (void *)FIPS_ref_point;
-    return p->ip;
-# else
-    return (void *)FIPS_ref_point;
-# endif
-/*
- * In case you wonder why there is no #ifdef __linux. All Linux targets
- * are GCC-based and therefore are covered by instruction_pointer above
- * [well, some are covered by by the one below]...
- */ 
-#elif  defined(POINTER_TO_FUNCTION_IS_POINTER_TO_1ST_INSTRUCTION)
-    return (void *)instruction_pointer;
-#else
-    return NULL;
-#endif
-}
diff --git a/src/libstrongswan/fips/fips_signer.c b/src/libstrongswan/fips/fips_signer.c
deleted file mode 100644 (file)
index 6f5fdce..0000000
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * Copyright (C) 2007 Bruno Krieg, Daniel Wydler
- * Hochschule fuer Technik Rapperswil, Switzerland
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-#include <stdio.h>
-
-#include <crypto/hashers/hasher.h>
-#include "fips.h"
-
-int main(int argc, char* argv[])
-{
-       FILE *f;
-       char *hmac_key = "strongSwan Version " VERSION;
-       char  hmac_signature[BUF_LEN];
-
-       /* initialize library */
-       library_init(STRONGSWAN_CONF);
-#ifdef USE_SHA1
-       lib->plugins->load(lib->plugins, PLUGINDIR "/sha1/.libs", "sha1");
-#endif
-#ifdef USE_OPENSSL
-       lib->plugins->load(lib->plugins, PLUGINDIR "/openssl/.libs", "openssl");
-#endif
-       lib->plugins->load(lib->plugins, PLUGINDIR "/hmac/.libs", "hmac");
-
-       if (!fips_compute_hmac_signature(hmac_key, hmac_signature))
-       {
-               exit(1);
-       }
-       
-       /**
-     * write computed HMAC signature to fips_signature.h
-        */
-       f = fopen("fips_signature.h", "wt");
-
-       if (f == NULL)
-       {
-               exit(1);
-       }
-       fprintf(f, "/* SHA-1 HMAC signature computed over TEXT and RODATA of libstrongswan\n");
-       fprintf(f, " *\n");
-       fprintf(f, " * This file has been automatically generated by fips_signer\n");
-       fprintf(f, " * Do not edit manually!\n");
-       fprintf(f, " */\n");
-       fprintf(f, "\n");
-       fprintf(f, "#ifndef FIPS_SIGNATURE_H_\n");
-       fprintf(f, "#define FIPS_SIGNATURE_H_\n");
-       fprintf(f, "\n");
-       fprintf(f, "const char *hmac_key = \"%s\";\n", hmac_key);
-       fprintf(f, "const char *hmac_signature = \"%s\";\n", hmac_signature);
-       fprintf(f, "\n");
-       fprintf(f, "#endif /* FIPS_SIGNATURE_H_ @} */\n");
-       fclose(f);
-
-       library_deinit();
-       exit(0);
-}
index 3f62b24..eab56c4 100644 (file)
  *
  * @defgroup crypto crypto
  * @ingroup libstrongswan
  *
  * @defgroup crypto crypto
  * @ingroup libstrongswan
+ *
  * @defgroup database database
  * @ingroup libstrongswan
  * @defgroup database database
  * @ingroup libstrongswan
+ *
  * @defgroup fetcher fetcher
  * @ingroup libstrongswan
  * @defgroup fetcher fetcher
  * @ingroup libstrongswan
- * @defgroup fips fips
- * @ingroup libstrongswan
+ *
  * @defgroup plugins plugins
  * @ingroup libstrongswan
  * @defgroup plugins plugins
  * @ingroup libstrongswan
+ *
  * @defgroup utils utils
  * @ingroup libstrongswan
  */
  * @defgroup utils utils
  * @ingroup libstrongswan
  */
index 3686c07..b7d303d 100755 (executable)
 #include <credentials/keys/private_key.h>
 #include <utils/optionsfrom.h>
 
 #include <credentials/keys/private_key.h>
 #include <utils/optionsfrom.h>
 
-#ifdef INTEGRITY_TEST
-#include <fips/fips.h>
-#include <fips_signature.h>
-#endif /* INTEGRITY_TEST */
-
 #define OPENAC_PATH            IPSEC_CONFDIR "/openac"
 #define OPENAC_SERIAL          IPSEC_CONFDIR "/openac/serial"
 
 #define OPENAC_PATH            IPSEC_CONFDIR "/openac"
 #define OPENAC_SERIAL          IPSEC_CONFDIR "/openac/serial"
 
@@ -482,20 +477,6 @@ int main(int argc, char **argv)
 
        DBG1("starting openac (strongSwan Version %s)", VERSION);
 
 
        DBG1("starting openac (strongSwan Version %s)", VERSION);
 
-#ifdef INTEGRITY_TEST
-       DBG1("integrity test of libstrongswan code");
-       if (fips_verify_hmac_signature(hmac_key, hmac_signature))
-       {
-               DBG1("  integrity test passed");
-       }
-       else
-       {
-               DBG1("  integrity test failed");
-               status = 3;
-               goto end;
-       }
-#endif /* INTEGRITY_TEST */
-
        /* load the signer's RSA private key */
        if (keyfile != NULL)
        {
        /* load the signer's RSA private key */
        if (keyfile != NULL)
        {
index 0123730..c9cb665 100644 (file)
@@ -110,11 +110,6 @@ if USE_SMARTCARD
   AM_CFLAGS += -DSMARTCARD
 endif
 
   AM_CFLAGS += -DSMARTCARD
 endif
 
-# This compile option activates the integrity test of libstrongswan
-if USE_INTEGRITY_TEST
-  AM_CFLAGS += -DINTEGRITY_TEST
-endif
-
 if USE_CAPABILITIES
   pluto_LDADD += -lcap
 endif
 if USE_CAPABILITIES
   pluto_LDADD += -lcap
 endif
index a9377cb..0ff9bfc 100644 (file)
 #include <utils/enumerator.h>
 #include <utils/optionsfrom.h>
 
 #include <utils/enumerator.h>
 #include <utils/optionsfrom.h>
 
-#ifdef INTEGRITY_TEST
-#include <fips/fips.h>
-#include <fips/fips_signature.h>
-#endif /* INTEGRITY_TEST */
-
 #include <pfkeyv2.h>
 #include <pfkey.h>
 
 #include <pfkeyv2.h>
 #include <pfkey.h>
 
@@ -645,19 +640,6 @@ int main(int argc, char **argv)
                lib->settings->get_str(lib->settings, "pluto.load", PLUGINS));
        print_plugins();
 
                lib->settings->get_str(lib->settings, "pluto.load", PLUGINS));
        print_plugins();
 
-#ifdef INTEGRITY_TEST
-       DBG1("integrity test of libstrongswan code");
-       if (fips_verify_hmac_signature(hmac_key, hmac_signature))
-       {
-               DBG1("  integrity test passed");
-       }
-       else
-       {
-               DBG1("  integrity test failed");
-               abort();
-       }
-#endif /* INTEGRITY_TEST */
-
        init_nat_traversal(nat_traversal, keep_alive, force_keepalive, nat_t_spf);
        init_virtual_ip(virtual_private);
        scx_init(pkcs11_module_path, pkcs11_init_args);
        init_nat_traversal(nat_traversal, keep_alive, force_keepalive, nat_t_spf);
        init_virtual_ip(virtual_private);
        scx_init(pkcs11_module_path, pkcs11_init_args);