Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix FIPS integrity failed test on aarch. #131

Merged
merged 4 commits into from
Apr 23, 2021
Merged

Fix FIPS integrity failed test on aarch. #131

merged 4 commits into from
Apr 23, 2021

Conversation

bryce-shang
Copy link
Contributor

@bryce-shang bryce-shang commented Apr 20, 2021
edited
Loading

Issues:

Addresses CryptoAlg-723

Description of changes:

This PR is to fix FIPS integrity failed test when building and testing awslc with -DBUILD_SHARED_LIBS=1 -DFIPS=1 on aarch.

The FIPS integrity test failed because sha512 (instead of sha256) is used by inject_hash.go, but bcm.c uses sha256 on aarch. Verified, inject_hash.go and bcm.c use the same key and bytes to call the hash function.

Call-outs:

  • This is POC(Proof of Concept) of FIPS shared build on aarch. The POC uses Clang-7. Other compilers are not tested yet.
  • Another PR will be published to make FIPS static build working on aarch.
    • After that, CI integration PR will be sent out.

Testing:

aarch-fips-shared-build-test-log.out is attached to CryptoAlg-723.

#!/bin/bash -ex
# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
# SPDX-License-Identifier: Apache-2.0
export CC=clang-7
export CXX=clang++-7

source tests/ci/common_posix_setup.sh

echo "Testing shared AWS-LC in FIPS debug mode."
fips_build_and_test -DBUILD_SHARED_LIBS=1

echo "Testing shared AWS-LC in FIPS release mode."
fips_build_and_test -DCMAKE_BUILD_TYPE=Release -DBUILD_SHARED_LIBS=1

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@bryce-shang bryce-shang requested review from nebeid and dkostic April 20, 2021 23:48
dkostic
dkostic previously approved these changes Apr 21, 2021
View reviewed changes
nebeid
nebeid previously approved these changes Apr 21, 2021
View reviewed changes
@bryce-shang bryce-shang dismissed stale reviews from nebeid and dkostic via f7b740b April 23, 2021 02:29
@bryce-shang bryce-shang requested review from nebeid and dkostic April 23, 2021 02:29
@bryce-shang bryce-shang merged commit 1623a5e into aws:main Apr 23, 2021
@bryce-shang bryce-shang deleted the arm-fips-shared-poc branch April 23, 2021 14:41
dkostic pushed a commit to dkostic/aws-lc that referenced this pull request Jul 22, 2024
@jargh
Merge pull request aws#131 from jargh/main
d6f07a3 
P-256 scalar multiplication and related tweaks
s2n-bignum original commit: awslabs/s2n-bignum@2237fe8
torben-hansen pushed a commit to torben-hansen/aws-lc that referenced this pull request Sep 18, 2024
@jargh
Merge pull request aws#131 from jargh/main
780083d 
P-256 scalar multiplication and related tweaks
s2n-bignum original commit: awslabs/s2n-bignum@2237fe8
torben-hansen pushed a commit to torben-hansen/aws-lc that referenced this pull request Sep 18, 2024
@jargh
Merge pull request aws#131 from jargh/main
877112f 
P-256 scalar multiplication and related tweaks
s2n-bignum original commit: awslabs/s2n-bignum@2237fe8

s2n-bignum original commit: awslabs/s2n-bignum@780083d
torben-hansen pushed a commit to torben-hansen/aws-lc that referenced this pull request Sep 19, 2024
@jargh
Merge pull request aws#131 from jargh/main
817c4b5 
P-256 scalar multiplication and related tweaks
s2n-bignum original commit: awslabs/s2n-bignum@2237fe8
dkostic pushed a commit to dkostic/aws-lc that referenced this pull request Dec 5, 2024
@jargh
Merge pull request aws#131 from jargh/main
2237fe8 
P-256 scalar multiplication and related tweaks
dkostic pushed a commit to dkostic/aws-lc that referenced this pull request Dec 10, 2024
@jargh
Merge pull request aws#131 from jargh/main
3ecc99a 
P-256 scalar multiplication and related tweaks
s2n-bignum original commit: awslabs/s2n-bignum@2237fe8
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nebeid nebeid nebeid approved these changes

@dkostic dkostic dkostic approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@bryce-shang @dkostic @nebeid