Add OpenSSL static PIE

Signed-off-by: Giulia <iuliastefania.sandulescu@yahoo.com>
unikraft · Oct 22, 2022 · 5499e4d · 5499e4d
1 parent 5974451
commit 5499e4d
Show file tree

Hide file tree

Showing 12 changed files with 130 additions and 0 deletions.
diff --git a/OpenSSL/.gitignore b/OpenSSL/.gitignore
@@ -0,0 +1,2 @@
+/openssl-3.0.5/
+/openssl-3.0.5.tar.gz*
diff --git a/OpenSSL/README.md b/OpenSSL/README.md
@@ -0,0 +1,33 @@
+# Build OpenSSL as static PIE
+
+Script to build OpenSSL as a static PIE binary for use with Unikraft
+
+
+## Requirements
+
+Make sure that you have the following packages:
+* GCC
+* GNU Make
+
+## Build
+
+RUn the build.sh file.
+It will create a folder where the static PIE OpenSSL will be located.
+
+
+
+## Running
+
+### Encrypt 
+
+```bash
+./openssl aes-256-cbc  -a -salt -pbkdf2 -pass pass:PASSWORD -in rootfs/plaintext.txt -out rootfs/ciphertext.enc
+```
+
+### Decrypt
+
+```bash
+./openssl aes-256-cbc  -d -a -salt -pbkdf2 -pass pass:PASSWORD -in  rootfs/ciphertext.enc
+```
+
+
diff --git a/OpenSSL/build.sh b/OpenSSL/build.sh
@@ -0,0 +1,33 @@
+#!/bin/bash
+
+SSL_URL="https://www.openssl.org/source/openssl-3.0.5.tar.gz"
+rm -rf SSL-*
+echo -n "Downloading OpenSSL ... "
+wget -q "$SSL_URL"
+echo ""
+
+echo -n "Unpacking OpenSSL ... "
+tar xzf openssl-3.0.5.tar.gz
+echo ""
+
+
+pushd openssl-3.0.5 > /dev/null 2>&1 || exit 1
+
+
+echo -n "Configuring  OpenSSL for static-PIE building..."
+./Configure -static
+echo ""
+
+echo "Building OpenSSL..."
+sed -i '0,/$(BIN_LDFLAGS)/{s/$(BIN_LDFLAGS)[^ ]*/-static-pie/}' Makefile
+make -j "$(nproc)"
+echo ""
+
+
+popd > /dev/null 2>&1 || exit 1
+
+ln -fn openssl-3.0.5/apps/openssl .
+
+rm openssl-3.0.5.tar.gz* 
+
+
diff --git a/OpenSSL/openssl b/OpenSSL/openssl
diff --git a/OpenSSL/rootfs/ciphertext.enc b/OpenSSL/rootfs/ciphertext.enc
@@ -0,0 +1 @@
+U2FsdGVkX189ngaVPb5krYDlQl7EaJSOs3fx7C+zC+4=
diff --git a/OpenSSL/rootfs/plaintext.txt b/OpenSSL/rootfs/plaintext.txt
@@ -0,0 +1 @@
+abcdefgh
diff --git a/openssl/.gitignore b/openssl/.gitignore
@@ -0,0 +1,2 @@
+/openssl-3.0.5/
+/openssl-3.0.5.tar.gz*
diff --git a/openssl/README.md b/openssl/README.md
@@ -0,0 +1,28 @@
+# Build OpenSSL as static PIE
+
+Script to build OpenSSL as a static PIE ELF binary. 
+
+## Requirements
+
+Make sure that you have the following packages:
+* GCC
+* GNU Make
+
+## Build
+
+Run the build.sh file.
+It will create a folder where the static PIE OpenSSL will be located.
+
+## Running
+
+### Encrypt 
+
+```bash
+./openssl aes-256-cbc  -a -salt -pbkdf2 -pass pass:PASSWORD -in rootfs/plaintext.txt -out rootfs/ciphertext.enc
+```
+
+### Decrypt
+
+```bash
+./openssl aes-256-cbc  -d -a -salt -pbkdf2 -pass pass:PASSWORD -in  rootfs/ciphertext.enc
+```
diff --git a/openssl/build.sh b/openssl/build.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+
+SSL_URL="https://www.openssl.org/source/openssl-3.0.5.tar.gz"
+rm -rf SSL-*
+echo -n "Downloading OpenSSL ... "
+wget -q "$SSL_URL"
+echo ""
+
+echo -n "Unpacking OpenSSL ... "
+tar xzf openssl-3.0.5.tar.gz
+echo ""
+
+pushd openssl-3.0.5 > /dev/null 2>&1 || exit 1
+
+echo -n "Configuring  OpenSSL for static-PIE building..."
+./Configure -static
+echo ""
+
+echo "Building OpenSSL..."
+sed -i "0,/$(BIN_LDFLAGS)/{s/$(BIN_LDFLAGS)[^ ]*/-static-pie/}" Makefile
+make -j "$(nproc)"
+echo ""
+
+popd > /dev/null 2>&1 || exit 1
+
+ln -fn openssl-3.0.5/apps/openssl .
+
+rm openssl-3.0.5.tar.gz* 
diff --git a/openssl/openssl b/openssl/openssl
diff --git a/openssl/rootfs/ciphertext.enc b/openssl/rootfs/ciphertext.enc
@@ -0,0 +1 @@
+U2FsdGVkX189ngaVPb5krYDlQl7EaJSOs3fx7C+zC+4=
diff --git a/openssl/rootfs/plaintext.txt b/openssl/rootfs/plaintext.txt
@@ -0,0 +1 @@
+abcdefgh