Add FIPS break test targets and use them in break-tests.sh. am: d9c01a3089
Original change: https://android-review.googlesource.com/c/platform/external/boringssl/+/2175644
Change-Id: I9b11f0ef60fb8613dcecb5a0987481bded8ab654
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/Android.bp b/Android.bp
index d53ed95..e94de78 100644
--- a/Android.bp
+++ b/Android.bp
@@ -109,6 +109,8 @@
local_include_dirs: ["src/crypto"],
}
+// Boring Crypto Module object file.
+// Any changes here must also be reflected in bcm_object_for_testing below.
cc_object {
name: "bcm_object",
device_supported: true,
@@ -165,6 +167,55 @@
min_sdk_version: "29",
}
+// Version of bcm_object built with BORINGSSL_FIPS_BREAK_TESTS defined.
+// Only for use with the FIPS break-tests.sh script.
+// Must be kept in sync with bcm_object.
+cc_object {
+ name: "bcm_object_for_testing",
+ visibility: [
+ "//external/boringssl",
+ ],
+ device_supported: true,
+ defaults: [
+ "libcrypto_bcm_sources",
+ "libcrypto_defaults",
+ "boringssl_defaults",
+ "boringssl_flags",
+ ],
+ sanitize: {
+ address: false,
+ hwaddress: false,
+ fuzzer: false,
+ },
+ target: {
+ android: {
+ cflags: [
+ "-DBORINGSSL_FIPS",
+ "-DBORINGSSL_FIPS_BREAK_TESTS",
+ "-fPIC",
+ // -fno[data|text]-sections required to ensure a
+ // single text and data section for FIPS integrity check
+ "-fno-data-sections",
+ "-fno-function-sections",
+ ],
+ linker_script: "src/crypto/fipsmodule/fips_shared.lds",
+ },
+ // Temporary hack to let BoringSSL build with a new compiler.
+ // This doesn't enable HWASAN unconditionally, it just causes
+ // BoringSSL's asm code to unconditionally use a HWASAN-compatible
+ // global variable reference so that the non-HWASANified (because of
+ // sanitize: { hwaddress: false } above) code in the BCM can
+ // successfully link against the HWASANified code in the rest of
+ // BoringSSL in HWASAN builds.
+ android_arm64: {
+ asflags: [
+ "-fsanitize=hwaddress",
+ ],
+ },
+ },
+ min_sdk_version: "29",
+}
+
bootstrap_go_package {
name: "bssl_ar",
pkgPath: "boringssl.googlesource.com/boringssl/util/ar",
@@ -195,7 +246,8 @@
],
}
-// Target and host library
+// Target and host library.
+// Any changes here must also be reflected in libcrypto_for_test below.
cc_library {
name: "libcrypto",
visibility: ["//visibility:public"],
@@ -253,6 +305,49 @@
min_sdk_version: "29",
}
+// Version of libcrypto build with BORINGSSL_FIPS_BREAK_TESTS defined
+// Only for use with the FIPS break-tests.sh script.
+// Must be kept in sync with libcrypto.
+cc_library {
+ name: "libcrypto_for_testing",
+ visibility: [
+ "//external/boringssl",
+ ],
+ defaults: [
+ "libcrypto_sources",
+ "libcrypto_defaults",
+ "boringssl_defaults",
+ "boringssl_flags",
+ ],
+ unique_host_soname: true,
+ srcs: [
+ ":bcm_object_for_testing",
+ ],
+ target: {
+ android: {
+ cflags: [
+ "-DBORINGSSL_FIPS",
+ "-DBORINGSSL_FIPS_BREAK_TESTS",
+ ],
+ sanitize: {
+ // Disable address sanitizing otherwise libcrypto will not report
+ // itself as being in FIPS mode, which causes boringssl_self_test
+ // to fail.
+ address: false,
+ },
+ inject_bssl_hash: true,
+ static: {
+ // Disable the static version of libcrypto, as it causes
+ // problems for FIPS certification. Use libcrypto_static for
+ // modules that need static libcrypto but do not need FIPS self
+ // testing, or use dynamic libcrypto.
+ enabled: false,
+ },
+ },
+ },
+ min_sdk_version: "29",
+}
+
// Static library
// This version of libcrypto will not have FIPS self tests enabled, so its
// usage is protected through visibility to ensure it doesn't end up used
@@ -566,6 +661,10 @@
srcs: [
"src/util/fipstools/test_fips.c",
],
+ required: [
+ "adb",
+ "libcrypto_for_testing",
+ ],
}
// Rust bindings
diff --git a/src/util/fipstools/break-tests.sh b/src/util/fipstools/break-tests.sh
index a380dab..f33c4c6 100755
--- a/src/util/fipstools/break-tests.sh
+++ b/src/util/fipstools/break-tests.sh
@@ -106,7 +106,9 @@
}
device_runtime_break_test() {
- BORINGSSL_FIPS_BREAK_TEST=$1 $RUN $TEST_FIPS_BIN $LIBCRYPTO_BREAK_BIN
+ cp $LIBCRYPTO_BREAK_BIN ./libcrypto.so
+ BORINGSSL_FIPS_BREAK_TEST=$1 $RUN $TEST_FIPS_BIN ./libcrypto.so
+ rm ./libcrypto.so
}
# TODO(prb): make break-hash and break-kat take similar arguments to save having
@@ -128,7 +130,7 @@
pause () {
echo -n "Press <Enter> "
- # read
+ read
}
if [ "$MODE" = "local" ]; then
@@ -157,7 +159,7 @@
TEST_FIPS_BIN="$ANDROID_PRODUCT_OUT/system/bin/test_fips"
check_file "$TEST_FIPS_BIN"
LIBCRYPTO_BIN="$ANDROID_PRODUCT_OUT/system/lib64/libcrypto.so"
- LIBCRYPTO_BREAK_BIN="./libcrypto_for_testing.so"
+ LIBCRYPTO_BREAK_BIN="$ANDROID_PRODUCT_OUT/system/lib64/libcrypto_for_testing.so"
check_file "$LIBCRYPTO_BIN"
check_file "$LIBCRYPTO_BREAK_BIN"