threadstest.c 24 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881
  1. /*
  2. * Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. /*
  10. * The test_multi_downgrade_shared_pkey function tests the thread safety of a
  11. * deprecated function.
  12. */
  13. #ifndef OPENSSL_NO_DEPRECATED_3_0
  14. # define OPENSSL_SUPPRESS_DEPRECATED
  15. #endif
  16. #if defined(_WIN32)
  17. # include <windows.h>
  18. #endif
  19. #include <string.h>
  20. #include <openssl/crypto.h>
  21. #include <openssl/rsa.h>
  22. #include <openssl/aes.h>
  23. #include <openssl/err.h>
  24. #include <openssl/rand.h>
  25. #include <openssl/pem.h>
  26. #include <openssl/evp.h>
  27. #include "internal/tsan_assist.h"
  28. #include "internal/nelem.h"
  29. #include "testutil.h"
  30. #include "threadstest.h"
  31. /* Limit the maximum number of threads */
  32. #define MAXIMUM_THREADS 10
  33. /* Limit the maximum number of providers loaded into a library context */
  34. #define MAXIMUM_PROVIDERS 4
  35. static int do_fips = 0;
  36. static char *privkey;
  37. static char *config_file = NULL;
  38. static int multidefault_run = 0;
  39. static const char *default_provider[] = { "default", NULL };
  40. static const char *fips_provider[] = { "fips", NULL };
  41. static const char *fips_and_default_providers[] = { "default", "fips", NULL };
  42. static CRYPTO_RWLOCK *global_lock;
  43. #ifdef TSAN_REQUIRES_LOCKING
  44. static CRYPTO_RWLOCK *tsan_lock;
  45. #endif
  46. /* Grab a globally unique integer value, return 0 on failure */
  47. static int get_new_uid(void)
  48. {
  49. /*
  50. * Start with a nice large number to avoid potential conflicts when
  51. * we generate a new OID.
  52. */
  53. static TSAN_QUALIFIER int current_uid = 1 << (sizeof(int) * 8 - 2);
  54. #ifdef TSAN_REQUIRES_LOCKING
  55. int r;
  56. if (!TEST_true(CRYPTO_THREAD_write_lock(tsan_lock)))
  57. return 0;
  58. r = ++current_uid;
  59. if (!TEST_true(CRYPTO_THREAD_unlock(tsan_lock)))
  60. return 0;
  61. return r;
  62. #else
  63. return tsan_counter(&current_uid);
  64. #endif
  65. }
  66. static int test_lock(void)
  67. {
  68. CRYPTO_RWLOCK *lock = CRYPTO_THREAD_lock_new();
  69. int res;
  70. res = TEST_true(CRYPTO_THREAD_read_lock(lock))
  71. && TEST_true(CRYPTO_THREAD_unlock(lock))
  72. && TEST_true(CRYPTO_THREAD_write_lock(lock))
  73. && TEST_true(CRYPTO_THREAD_unlock(lock));
  74. CRYPTO_THREAD_lock_free(lock);
  75. return res;
  76. }
  77. static CRYPTO_ONCE once_run = CRYPTO_ONCE_STATIC_INIT;
  78. static unsigned once_run_count = 0;
  79. static void once_do_run(void)
  80. {
  81. once_run_count++;
  82. }
  83. static void once_run_thread_cb(void)
  84. {
  85. CRYPTO_THREAD_run_once(&once_run, once_do_run);
  86. }
  87. static int test_once(void)
  88. {
  89. thread_t thread;
  90. if (!TEST_true(run_thread(&thread, once_run_thread_cb))
  91. || !TEST_true(wait_for_thread(thread))
  92. || !CRYPTO_THREAD_run_once(&once_run, once_do_run)
  93. || !TEST_int_eq(once_run_count, 1))
  94. return 0;
  95. return 1;
  96. }
  97. static CRYPTO_THREAD_LOCAL thread_local_key;
  98. static unsigned destructor_run_count = 0;
  99. static int thread_local_thread_cb_ok = 0;
  100. static void thread_local_destructor(void *arg)
  101. {
  102. unsigned *count;
  103. if (arg == NULL)
  104. return;
  105. count = arg;
  106. (*count)++;
  107. }
  108. static void thread_local_thread_cb(void)
  109. {
  110. void *ptr;
  111. ptr = CRYPTO_THREAD_get_local(&thread_local_key);
  112. if (!TEST_ptr_null(ptr)
  113. || !TEST_true(CRYPTO_THREAD_set_local(&thread_local_key,
  114. &destructor_run_count)))
  115. return;
  116. ptr = CRYPTO_THREAD_get_local(&thread_local_key);
  117. if (!TEST_ptr_eq(ptr, &destructor_run_count))
  118. return;
  119. thread_local_thread_cb_ok = 1;
  120. }
  121. static int test_thread_local(void)
  122. {
  123. thread_t thread;
  124. void *ptr = NULL;
  125. if (!TEST_true(CRYPTO_THREAD_init_local(&thread_local_key,
  126. thread_local_destructor)))
  127. return 0;
  128. ptr = CRYPTO_THREAD_get_local(&thread_local_key);
  129. if (!TEST_ptr_null(ptr)
  130. || !TEST_true(run_thread(&thread, thread_local_thread_cb))
  131. || !TEST_true(wait_for_thread(thread))
  132. || !TEST_int_eq(thread_local_thread_cb_ok, 1))
  133. return 0;
  134. #if defined(OPENSSL_THREADS) && !defined(CRYPTO_TDEBUG)
  135. ptr = CRYPTO_THREAD_get_local(&thread_local_key);
  136. if (!TEST_ptr_null(ptr))
  137. return 0;
  138. # if !defined(OPENSSL_SYS_WINDOWS)
  139. if (!TEST_int_eq(destructor_run_count, 1))
  140. return 0;
  141. # endif
  142. #endif
  143. if (!TEST_true(CRYPTO_THREAD_cleanup_local(&thread_local_key)))
  144. return 0;
  145. return 1;
  146. }
  147. static int test_atomic(void)
  148. {
  149. int val = 0, ret = 0, testresult = 0;
  150. uint64_t val64 = 1, ret64 = 0;
  151. CRYPTO_RWLOCK *lock = CRYPTO_THREAD_lock_new();
  152. if (!TEST_ptr(lock))
  153. return 0;
  154. if (CRYPTO_atomic_add(&val, 1, &ret, NULL)) {
  155. /* This succeeds therefore we're on a platform with lockless atomics */
  156. if (!TEST_int_eq(val, 1) || !TEST_int_eq(val, ret))
  157. goto err;
  158. } else {
  159. /* This failed therefore we're on a platform without lockless atomics */
  160. if (!TEST_int_eq(val, 0) || !TEST_int_eq(val, ret))
  161. goto err;
  162. }
  163. val = 0;
  164. ret = 0;
  165. if (!TEST_true(CRYPTO_atomic_add(&val, 1, &ret, lock)))
  166. goto err;
  167. if (!TEST_int_eq(val, 1) || !TEST_int_eq(val, ret))
  168. goto err;
  169. if (CRYPTO_atomic_or(&val64, 2, &ret64, NULL)) {
  170. /* This succeeds therefore we're on a platform with lockless atomics */
  171. if (!TEST_uint_eq((unsigned int)val64, 3)
  172. || !TEST_uint_eq((unsigned int)val64, (unsigned int)ret64))
  173. goto err;
  174. } else {
  175. /* This failed therefore we're on a platform without lockless atomics */
  176. if (!TEST_uint_eq((unsigned int)val64, 1)
  177. || !TEST_int_eq((unsigned int)ret64, 0))
  178. goto err;
  179. }
  180. val64 = 1;
  181. ret64 = 0;
  182. if (!TEST_true(CRYPTO_atomic_or(&val64, 2, &ret64, lock)))
  183. goto err;
  184. if (!TEST_uint_eq((unsigned int)val64, 3)
  185. || !TEST_uint_eq((unsigned int)val64, (unsigned int)ret64))
  186. goto err;
  187. ret64 = 0;
  188. if (CRYPTO_atomic_load(&val64, &ret64, NULL)) {
  189. /* This succeeds therefore we're on a platform with lockless atomics */
  190. if (!TEST_uint_eq((unsigned int)val64, 3)
  191. || !TEST_uint_eq((unsigned int)val64, (unsigned int)ret64))
  192. goto err;
  193. } else {
  194. /* This failed therefore we're on a platform without lockless atomics */
  195. if (!TEST_uint_eq((unsigned int)val64, 3)
  196. || !TEST_int_eq((unsigned int)ret64, 0))
  197. goto err;
  198. }
  199. ret64 = 0;
  200. if (!TEST_true(CRYPTO_atomic_load(&val64, &ret64, lock)))
  201. goto err;
  202. if (!TEST_uint_eq((unsigned int)val64, 3)
  203. || !TEST_uint_eq((unsigned int)val64, (unsigned int)ret64))
  204. goto err;
  205. testresult = 1;
  206. err:
  207. CRYPTO_THREAD_lock_free(lock);
  208. return testresult;
  209. }
  210. static OSSL_LIB_CTX *multi_libctx = NULL;
  211. static int multi_success;
  212. static OSSL_PROVIDER *multi_provider[MAXIMUM_PROVIDERS + 1];
  213. static size_t multi_num_threads;
  214. static thread_t multi_threads[MAXIMUM_THREADS];
  215. static void multi_intialise(void)
  216. {
  217. multi_success = 1;
  218. multi_libctx = NULL;
  219. multi_num_threads = 0;
  220. memset(multi_threads, 0, sizeof(multi_threads));
  221. memset(multi_provider, 0, sizeof(multi_provider));
  222. }
  223. static void multi_set_success(int ok)
  224. {
  225. if (CRYPTO_THREAD_write_lock(global_lock) == 0) {
  226. /* not synchronized, but better than not reporting failure */
  227. multi_success = ok;
  228. return;
  229. }
  230. multi_success = ok;
  231. CRYPTO_THREAD_unlock(global_lock);
  232. }
  233. static void thead_teardown_libctx(void)
  234. {
  235. OSSL_PROVIDER **p;
  236. for (p = multi_provider; *p != NULL; p++)
  237. OSSL_PROVIDER_unload(*p);
  238. OSSL_LIB_CTX_free(multi_libctx);
  239. multi_intialise();
  240. }
  241. static int thread_setup_libctx(int libctx, const char *providers[])
  242. {
  243. size_t n;
  244. if (libctx && !TEST_true(test_get_libctx(&multi_libctx, NULL, config_file,
  245. NULL, NULL)))
  246. return 0;
  247. if (providers != NULL)
  248. for (n = 0; providers[n] != NULL; n++)
  249. if (!TEST_size_t_lt(n, MAXIMUM_PROVIDERS)
  250. || !TEST_ptr(multi_provider[n] = OSSL_PROVIDER_load(multi_libctx,
  251. providers[n]))) {
  252. thead_teardown_libctx();
  253. return 0;
  254. }
  255. return 1;
  256. }
  257. static int teardown_threads(void)
  258. {
  259. size_t i;
  260. for (i = 0; i < multi_num_threads; i++)
  261. if (!TEST_true(wait_for_thread(multi_threads[i])))
  262. return 0;
  263. return 1;
  264. }
  265. static int start_threads(size_t n, void (*thread_func)(void))
  266. {
  267. size_t i;
  268. if (!TEST_size_t_le(multi_num_threads + n, MAXIMUM_THREADS))
  269. return 0;
  270. for (i = 0 ; i < n; i++)
  271. if (!TEST_true(run_thread(multi_threads + multi_num_threads++, thread_func)))
  272. return 0;
  273. return 1;
  274. }
  275. /* Template multi-threaded test function */
  276. static int thread_run_test(void (*main_func)(void),
  277. size_t num_threads, void (*thread_func)(void),
  278. int libctx, const char *providers[])
  279. {
  280. int testresult = 0;
  281. multi_intialise();
  282. if (!thread_setup_libctx(libctx, providers)
  283. || !start_threads(num_threads, thread_func))
  284. goto err;
  285. if (main_func != NULL)
  286. main_func();
  287. if (!teardown_threads()
  288. || !TEST_true(multi_success))
  289. goto err;
  290. testresult = 1;
  291. err:
  292. thead_teardown_libctx();
  293. return testresult;
  294. }
  295. static void thread_general_worker(void)
  296. {
  297. EVP_MD_CTX *mdctx = EVP_MD_CTX_new();
  298. EVP_MD *md = EVP_MD_fetch(multi_libctx, "SHA2-256", NULL);
  299. EVP_CIPHER_CTX *cipherctx = EVP_CIPHER_CTX_new();
  300. EVP_CIPHER *ciph = EVP_CIPHER_fetch(multi_libctx, "AES-128-CBC", NULL);
  301. const char *message = "Hello World";
  302. size_t messlen = strlen(message);
  303. /* Should be big enough for encryption output too */
  304. unsigned char out[EVP_MAX_MD_SIZE];
  305. const unsigned char key[AES_BLOCK_SIZE] = {
  306. 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
  307. 0x0c, 0x0d, 0x0e, 0x0f
  308. };
  309. const unsigned char iv[AES_BLOCK_SIZE] = {
  310. 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
  311. 0x0c, 0x0d, 0x0e, 0x0f
  312. };
  313. unsigned int mdoutl;
  314. int ciphoutl;
  315. EVP_PKEY *pkey = NULL;
  316. int testresult = 0;
  317. int i, isfips;
  318. isfips = OSSL_PROVIDER_available(multi_libctx, "fips");
  319. if (!TEST_ptr(mdctx)
  320. || !TEST_ptr(md)
  321. || !TEST_ptr(cipherctx)
  322. || !TEST_ptr(ciph))
  323. goto err;
  324. /* Do some work */
  325. for (i = 0; i < 5; i++) {
  326. if (!TEST_true(EVP_DigestInit_ex(mdctx, md, NULL))
  327. || !TEST_true(EVP_DigestUpdate(mdctx, message, messlen))
  328. || !TEST_true(EVP_DigestFinal(mdctx, out, &mdoutl)))
  329. goto err;
  330. }
  331. for (i = 0; i < 5; i++) {
  332. if (!TEST_true(EVP_EncryptInit_ex(cipherctx, ciph, NULL, key, iv))
  333. || !TEST_true(EVP_EncryptUpdate(cipherctx, out, &ciphoutl,
  334. (unsigned char *)message,
  335. messlen))
  336. || !TEST_true(EVP_EncryptFinal(cipherctx, out, &ciphoutl)))
  337. goto err;
  338. }
  339. /*
  340. * We want the test to run quickly - not securely.
  341. * Therefore we use an insecure bit length where we can (512).
  342. * In the FIPS module though we must use a longer length.
  343. */
  344. pkey = EVP_PKEY_Q_keygen(multi_libctx, NULL, "RSA", isfips ? 2048 : 512);
  345. if (!TEST_ptr(pkey))
  346. goto err;
  347. testresult = 1;
  348. err:
  349. EVP_MD_CTX_free(mdctx);
  350. EVP_MD_free(md);
  351. EVP_CIPHER_CTX_free(cipherctx);
  352. EVP_CIPHER_free(ciph);
  353. EVP_PKEY_free(pkey);
  354. if (!testresult)
  355. multi_set_success(0);
  356. }
  357. static void thread_multi_simple_fetch(void)
  358. {
  359. EVP_MD *md = EVP_MD_fetch(multi_libctx, "SHA2-256", NULL);
  360. if (md != NULL)
  361. EVP_MD_free(md);
  362. else
  363. multi_set_success(0);
  364. }
  365. static EVP_PKEY *shared_evp_pkey = NULL;
  366. static void thread_shared_evp_pkey(void)
  367. {
  368. char *msg = "Hello World";
  369. unsigned char ctbuf[256];
  370. unsigned char ptbuf[256];
  371. size_t ptlen, ctlen = sizeof(ctbuf);
  372. EVP_PKEY_CTX *ctx = NULL;
  373. int success = 0;
  374. int i;
  375. for (i = 0; i < 1 + do_fips; i++) {
  376. if (i > 0)
  377. EVP_PKEY_CTX_free(ctx);
  378. ctx = EVP_PKEY_CTX_new_from_pkey(multi_libctx, shared_evp_pkey,
  379. i == 0 ? "provider=default"
  380. : "provider=fips");
  381. if (!TEST_ptr(ctx))
  382. goto err;
  383. if (!TEST_int_ge(EVP_PKEY_encrypt_init(ctx), 0)
  384. || !TEST_int_ge(EVP_PKEY_encrypt(ctx, ctbuf, &ctlen,
  385. (unsigned char *)msg, strlen(msg)),
  386. 0))
  387. goto err;
  388. EVP_PKEY_CTX_free(ctx);
  389. ctx = EVP_PKEY_CTX_new_from_pkey(multi_libctx, shared_evp_pkey, NULL);
  390. if (!TEST_ptr(ctx))
  391. goto err;
  392. ptlen = sizeof(ptbuf);
  393. if (!TEST_int_ge(EVP_PKEY_decrypt_init(ctx), 0)
  394. || !TEST_int_gt(EVP_PKEY_decrypt(ctx, ptbuf, &ptlen, ctbuf, ctlen),
  395. 0)
  396. || !TEST_mem_eq(msg, strlen(msg), ptbuf, ptlen))
  397. goto err;
  398. }
  399. success = 1;
  400. err:
  401. EVP_PKEY_CTX_free(ctx);
  402. if (!success)
  403. multi_set_success(0);
  404. }
  405. static void thread_provider_load_unload(void)
  406. {
  407. OSSL_PROVIDER *deflt = OSSL_PROVIDER_load(multi_libctx, "default");
  408. if (!TEST_ptr(deflt)
  409. || !TEST_true(OSSL_PROVIDER_available(multi_libctx, "default")))
  410. multi_set_success(0);
  411. OSSL_PROVIDER_unload(deflt);
  412. }
  413. static int test_multi_general_worker_default_provider(void)
  414. {
  415. return thread_run_test(&thread_general_worker, 2, &thread_general_worker,
  416. 1, default_provider);
  417. }
  418. static int test_multi_general_worker_fips_provider(void)
  419. {
  420. if (!do_fips)
  421. return TEST_skip("FIPS not supported");
  422. return thread_run_test(&thread_general_worker, 2, &thread_general_worker,
  423. 1, fips_provider);
  424. }
  425. static int test_multi_fetch_worker(void)
  426. {
  427. return thread_run_test(&thread_multi_simple_fetch,
  428. 2, &thread_multi_simple_fetch, 1, default_provider);
  429. }
  430. static int test_multi_shared_pkey_common(void (*worker)(void))
  431. {
  432. int testresult = 0;
  433. multi_intialise();
  434. if (!thread_setup_libctx(1, do_fips ? fips_and_default_providers
  435. : default_provider)
  436. || !TEST_ptr(shared_evp_pkey = load_pkey_pem(privkey, multi_libctx))
  437. || !start_threads(1, &thread_shared_evp_pkey)
  438. || !start_threads(1, worker))
  439. goto err;
  440. thread_shared_evp_pkey();
  441. if (!teardown_threads()
  442. || !TEST_true(multi_success))
  443. goto err;
  444. testresult = 1;
  445. err:
  446. EVP_PKEY_free(shared_evp_pkey);
  447. thead_teardown_libctx();
  448. return testresult;
  449. }
  450. #ifndef OPENSSL_NO_DEPRECATED_3_0
  451. static void thread_downgrade_shared_evp_pkey(void)
  452. {
  453. /*
  454. * This test is only relevant for deprecated functions that perform
  455. * downgrading
  456. */
  457. if (EVP_PKEY_get0_RSA(shared_evp_pkey) == NULL)
  458. multi_set_success(0);
  459. }
  460. static int test_multi_downgrade_shared_pkey(void)
  461. {
  462. return test_multi_shared_pkey_common(&thread_downgrade_shared_evp_pkey);
  463. }
  464. #endif
  465. static int test_multi_shared_pkey(void)
  466. {
  467. return test_multi_shared_pkey_common(&thread_shared_evp_pkey);
  468. }
  469. static int test_multi_load_unload_provider(void)
  470. {
  471. EVP_MD *sha256 = NULL;
  472. OSSL_PROVIDER *prov = NULL;
  473. int testresult = 0;
  474. multi_intialise();
  475. if (!thread_setup_libctx(1, NULL)
  476. || !TEST_ptr(prov = OSSL_PROVIDER_load(multi_libctx, "default"))
  477. || !TEST_ptr(sha256 = EVP_MD_fetch(multi_libctx, "SHA2-256", NULL))
  478. || !TEST_true(OSSL_PROVIDER_unload(prov)))
  479. goto err;
  480. prov = NULL;
  481. if (!start_threads(2, &thread_provider_load_unload))
  482. goto err;
  483. thread_provider_load_unload();
  484. if (!teardown_threads()
  485. || !TEST_true(multi_success))
  486. goto err;
  487. testresult = 1;
  488. err:
  489. OSSL_PROVIDER_unload(prov);
  490. EVP_MD_free(sha256);
  491. thead_teardown_libctx();
  492. return testresult;
  493. }
  494. static char *multi_load_provider = "legacy";
  495. /*
  496. * This test attempts to load several providers at the same time, and if
  497. * run with a thread sanitizer, should crash if the core provider code
  498. * doesn't synchronize well enough.
  499. */
  500. static void test_multi_load_worker(void)
  501. {
  502. OSSL_PROVIDER *prov;
  503. if (!TEST_ptr(prov = OSSL_PROVIDER_load(multi_libctx, multi_load_provider))
  504. || !TEST_true(OSSL_PROVIDER_unload(prov)))
  505. multi_set_success(0);
  506. }
  507. static int test_multi_default(void)
  508. {
  509. /* Avoid running this test twice */
  510. if (multidefault_run) {
  511. TEST_skip("multi default test already run");
  512. return 1;
  513. }
  514. multidefault_run = 1;
  515. return thread_run_test(&thread_multi_simple_fetch,
  516. 2, &thread_multi_simple_fetch, 0, default_provider);
  517. }
  518. static int test_multi_load(void)
  519. {
  520. int res = 1;
  521. OSSL_PROVIDER *prov;
  522. /* The multidefault test must run prior to this test */
  523. if (!multidefault_run) {
  524. TEST_info("Running multi default test first");
  525. res = test_multi_default();
  526. }
  527. /*
  528. * We use the legacy provider in test_multi_load_worker because it uses a
  529. * child libctx that might hit more codepaths that might be sensitive to
  530. * threading issues. But in a no-legacy build that won't be loadable so
  531. * we use the default provider instead.
  532. */
  533. prov = OSSL_PROVIDER_load(NULL, "legacy");
  534. if (prov == NULL) {
  535. TEST_info("Cannot load legacy provider - assuming this is a no-legacy build");
  536. multi_load_provider = "default";
  537. }
  538. OSSL_PROVIDER_unload(prov);
  539. return thread_run_test(NULL, MAXIMUM_THREADS, &test_multi_load_worker, 0,
  540. NULL) && res;
  541. }
  542. static void test_obj_create_one(void)
  543. {
  544. char tids[12], oid[40], sn[30], ln[30];
  545. int id = get_new_uid();
  546. BIO_snprintf(tids, sizeof(tids), "%d", id);
  547. BIO_snprintf(oid, sizeof(oid), "1.3.6.1.4.1.16604.%s", tids);
  548. BIO_snprintf(sn, sizeof(sn), "short-name-%s", tids);
  549. BIO_snprintf(ln, sizeof(ln), "long-name-%s", tids);
  550. if (!TEST_int_ne(id, 0)
  551. || !TEST_true(id = OBJ_create(oid, sn, ln))
  552. || !TEST_true(OBJ_add_sigid(id, NID_sha3_256, NID_rsa)))
  553. multi_set_success(0);
  554. }
  555. static int test_obj_add(void)
  556. {
  557. return thread_run_test(&test_obj_create_one,
  558. MAXIMUM_THREADS, &test_obj_create_one,
  559. 1, default_provider);
  560. }
  561. static void test_lib_ctx_load_config_worker(void)
  562. {
  563. if (!TEST_int_eq(OSSL_LIB_CTX_load_config(multi_libctx, config_file), 1))
  564. multi_set_success(0);
  565. }
  566. static int test_lib_ctx_load_config(void)
  567. {
  568. return thread_run_test(&test_lib_ctx_load_config_worker,
  569. MAXIMUM_THREADS, &test_lib_ctx_load_config_worker,
  570. 1, default_provider);
  571. }
  572. #if !defined(OPENSSL_NO_DGRAM) && !defined(OPENSSL_NO_SOCK)
  573. static BIO *multi_bio1, *multi_bio2;
  574. static void test_bio_dgram_pair_worker(void)
  575. {
  576. ossl_unused int r;
  577. int ok = 0;
  578. uint8_t ch = 0;
  579. uint8_t scratch[64];
  580. BIO_MSG msg = {0};
  581. size_t num_processed = 0;
  582. if (!TEST_int_eq(RAND_bytes_ex(multi_libctx, &ch, 1, 64), 1))
  583. goto err;
  584. msg.data = scratch;
  585. msg.data_len = sizeof(scratch);
  586. /*
  587. * We do not test for failure here as recvmmsg may fail if no sendmmsg
  588. * has been called yet. The purpose of this code is to exercise tsan.
  589. */
  590. if (ch & 2)
  591. r = BIO_sendmmsg(ch & 1 ? multi_bio2 : multi_bio1, &msg,
  592. sizeof(BIO_MSG), 1, 0, &num_processed);
  593. else
  594. r = BIO_recvmmsg(ch & 1 ? multi_bio2 : multi_bio1, &msg,
  595. sizeof(BIO_MSG), 1, 0, &num_processed);
  596. ok = 1;
  597. err:
  598. if (ok == 0)
  599. multi_set_success(0);
  600. }
  601. static int test_bio_dgram_pair(void)
  602. {
  603. int r;
  604. BIO *bio1 = NULL, *bio2 = NULL;
  605. r = BIO_new_bio_dgram_pair(&bio1, 0, &bio2, 0);
  606. if (!TEST_int_eq(r, 1))
  607. goto err;
  608. multi_bio1 = bio1;
  609. multi_bio2 = bio2;
  610. r = thread_run_test(&test_bio_dgram_pair_worker,
  611. MAXIMUM_THREADS, &test_bio_dgram_pair_worker,
  612. 1, default_provider);
  613. err:
  614. BIO_free(bio1);
  615. BIO_free(bio2);
  616. return r;
  617. }
  618. #endif
  619. static const char *pemdataraw[] = {
  620. "-----BEGIN RSA PRIVATE KEY-----\n",
  621. "MIIBOgIBAAJBAMFcGsaxxdgiuuGmCkVImy4h99CqT7jwY3pexPGcnUFtR2Fh36Bp\n",
  622. "oncwtkZ4cAgtvd4Qs8PkxUdp6p/DlUmObdkCAwEAAQJAUR44xX6zB3eaeyvTRzms\n",
  623. "kHADrPCmPWnr8dxsNwiDGHzrMKLN+i/HAam+97HxIKVWNDH2ba9Mf1SA8xu9dcHZ\n",
  624. "AQIhAOHPCLxbtQFVxlnhSyxYeb7O323c3QulPNn3bhOipElpAiEA2zZpBE8ZXVnL\n",
  625. "74QjG4zINlDfH+EOEtjJJ3RtaYDugvECIBtsQDxXytChsRgDQ1TcXdStXPcDppie\n",
  626. "dZhm8yhRTTBZAiAZjE/U9rsIDC0ebxIAZfn3iplWh84yGB3pgUI3J5WkoQIhAInE\n",
  627. "HTUY5WRj5riZtkyGnbm3DvF+1eMtO2lYV+OuLcfE\n",
  628. "-----END RSA PRIVATE KEY-----\n",
  629. NULL
  630. };
  631. static void test_pem_read_one(void)
  632. {
  633. EVP_PKEY *key = NULL;
  634. BIO *pem = NULL;
  635. char *pemdata;
  636. size_t len;
  637. pemdata = glue_strings(pemdataraw, &len);
  638. if (pemdata == NULL) {
  639. multi_set_success(0);
  640. goto err;
  641. }
  642. pem = BIO_new_mem_buf(pemdata, len);
  643. if (pem == NULL) {
  644. multi_set_success(0);
  645. goto err;
  646. }
  647. key = PEM_read_bio_PrivateKey(pem, NULL, NULL, NULL);
  648. if (key == NULL)
  649. multi_set_success(0);
  650. err:
  651. EVP_PKEY_free(key);
  652. BIO_free(pem);
  653. OPENSSL_free(pemdata);
  654. }
  655. /* Test reading PEM files in multiple threads */
  656. static int test_pem_read(void)
  657. {
  658. return thread_run_test(&test_pem_read_one, MAXIMUM_THREADS,
  659. &test_pem_read_one, 1, default_provider);
  660. }
  661. typedef enum OPTION_choice {
  662. OPT_ERR = -1,
  663. OPT_EOF = 0,
  664. OPT_FIPS, OPT_CONFIG_FILE,
  665. OPT_TEST_ENUM
  666. } OPTION_CHOICE;
  667. const OPTIONS *test_get_options(void)
  668. {
  669. static const OPTIONS options[] = {
  670. OPT_TEST_OPTIONS_DEFAULT_USAGE,
  671. { "fips", OPT_FIPS, '-', "Test the FIPS provider" },
  672. { "config", OPT_CONFIG_FILE, '<',
  673. "The configuration file to use for the libctx" },
  674. { NULL }
  675. };
  676. return options;
  677. }
  678. int setup_tests(void)
  679. {
  680. OPTION_CHOICE o;
  681. char *datadir;
  682. while ((o = opt_next()) != OPT_EOF) {
  683. switch (o) {
  684. case OPT_FIPS:
  685. do_fips = 1;
  686. break;
  687. case OPT_CONFIG_FILE:
  688. config_file = opt_arg();
  689. break;
  690. case OPT_TEST_CASES:
  691. break;
  692. default:
  693. return 0;
  694. }
  695. }
  696. if (!TEST_ptr(datadir = test_get_argument(0)))
  697. return 0;
  698. privkey = test_mk_file_path(datadir, "rsakey.pem");
  699. if (!TEST_ptr(privkey))
  700. return 0;
  701. if (!TEST_ptr(global_lock = CRYPTO_THREAD_lock_new()))
  702. return 0;
  703. #ifdef TSAN_REQUIRES_LOCKING
  704. if (!TEST_ptr(tsan_lock = CRYPTO_THREAD_lock_new()))
  705. return 0;
  706. #endif
  707. /* Keep first to validate auto creation of default library context */
  708. ADD_TEST(test_multi_default);
  709. ADD_TEST(test_lock);
  710. ADD_TEST(test_once);
  711. ADD_TEST(test_thread_local);
  712. ADD_TEST(test_atomic);
  713. ADD_TEST(test_multi_load);
  714. ADD_TEST(test_multi_general_worker_default_provider);
  715. ADD_TEST(test_multi_general_worker_fips_provider);
  716. ADD_TEST(test_multi_fetch_worker);
  717. ADD_TEST(test_multi_shared_pkey);
  718. #ifndef OPENSSL_NO_DEPRECATED_3_0
  719. ADD_TEST(test_multi_downgrade_shared_pkey);
  720. #endif
  721. ADD_TEST(test_multi_load_unload_provider);
  722. ADD_TEST(test_obj_add);
  723. ADD_TEST(test_lib_ctx_load_config);
  724. #if !defined(OPENSSL_NO_DGRAM) && !defined(OPENSSL_NO_SOCK)
  725. ADD_TEST(test_bio_dgram_pair);
  726. #endif
  727. ADD_TEST(test_pem_read);
  728. return 1;
  729. }
  730. void cleanup_tests(void)
  731. {
  732. OPENSSL_free(privkey);
  733. #ifdef TSAN_REQUIRES_LOCKING
  734. CRYPTO_THREAD_lock_free(tsan_lock);
  735. #endif
  736. CRYPTO_THREAD_lock_free(global_lock);
  737. }