2 * Copyright 2016-2024 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 * The test_multi_downgrade_shared_pkey function tests the thread safety of a
12 * deprecated function.
14 #ifndef OPENSSL_NO_DEPRECATED_3_0
15 # define OPENSSL_SUPPRESS_DEPRECATED
23 #include <openssl/crypto.h>
24 #include <openssl/rsa.h>
25 #include <openssl/aes.h>
26 #include <openssl/err.h>
27 #include <openssl/rand.h>
28 #include <openssl/pem.h>
29 #include <openssl/evp.h>
30 #include "internal/tsan_assist.h"
31 #include "internal/nelem.h"
32 #include "internal/time.h"
33 #include "internal/rcu.h"
35 #include "threadstest.h"
37 #ifdef __SANITIZE_THREAD__
38 #include <sanitizer/tsan_interface.h>
39 #define TSAN_ACQUIRE(s) __tsan_acquire(s)
41 #define TSAN_ACQUIRE(s)
44 /* Limit the maximum number of threads */
45 #define MAXIMUM_THREADS 10
47 /* Limit the maximum number of providers loaded into a library context */
48 #define MAXIMUM_PROVIDERS 4
50 static int do_fips
= 0;
52 static char *config_file
= NULL
;
53 static int multidefault_run
= 0;
55 static const char *default_provider
[] = { "default", NULL
};
56 static const char *fips_provider
[] = { "fips", NULL
};
57 static const char *fips_and_default_providers
[] = { "default", "fips", NULL
};
59 static CRYPTO_RWLOCK
*global_lock
;
61 #ifdef TSAN_REQUIRES_LOCKING
62 static CRYPTO_RWLOCK
*tsan_lock
;
65 /* Grab a globally unique integer value, return 0 on failure */
66 static int get_new_uid(void)
69 * Start with a nice large number to avoid potential conflicts when
70 * we generate a new OID.
72 static TSAN_QUALIFIER
int current_uid
= 1 << (sizeof(int) * 8 - 2);
73 #ifdef TSAN_REQUIRES_LOCKING
76 if (!TEST_true(CRYPTO_THREAD_write_lock(tsan_lock
)))
79 if (!TEST_true(CRYPTO_THREAD_unlock(tsan_lock
)))
84 return tsan_counter(¤t_uid
);
88 static int test_lock(void)
90 CRYPTO_RWLOCK
*lock
= CRYPTO_THREAD_lock_new();
93 res
= TEST_true(CRYPTO_THREAD_read_lock(lock
))
94 && TEST_true(CRYPTO_THREAD_unlock(lock
))
95 && TEST_true(CRYPTO_THREAD_write_lock(lock
))
96 && TEST_true(CRYPTO_THREAD_unlock(lock
));
98 CRYPTO_THREAD_lock_free(lock
);
103 #if defined(OPENSSL_THREADS)
104 static int contention
= 0;
105 static int rwwriter1_done
= 0;
106 static int rwwriter2_done
= 0;
107 static int rwreader1_iterations
= 0;
108 static int rwreader2_iterations
= 0;
109 static int rwwriter1_iterations
= 0;
110 static int rwwriter2_iterations
= 0;
111 static int *rwwriter_ptr
= NULL
;
112 static int rw_torture_result
= 1;
113 static CRYPTO_RWLOCK
*rwtorturelock
= NULL
;
114 static CRYPTO_RWLOCK
*atomiclock
= NULL
;
116 static void rwwriter_fn(int id
, int *iterations
)
121 t1
= ossl_time_now();
123 for (count
= 0; ; count
++) {
124 new = CRYPTO_zalloc(sizeof (int), NULL
, 0);
127 if (!CRYPTO_THREAD_write_lock(rwtorturelock
))
129 if (rwwriter_ptr
!= NULL
) {
130 *new = *rwwriter_ptr
+ 1;
136 if (!CRYPTO_THREAD_unlock(rwtorturelock
))
139 CRYPTO_free(old
, __FILE__
, __LINE__
);
140 t2
= ossl_time_now();
141 if ((ossl_time2seconds(t2
) - ossl_time2seconds(t1
)) >= 4)
148 static void rwwriter1_fn(void)
152 TEST_info("Starting writer1");
153 rwwriter_fn(1, &rwwriter1_iterations
);
154 CRYPTO_atomic_add(&rwwriter1_done
, 1, &local
, atomiclock
);
157 static void rwwriter2_fn(void)
161 TEST_info("Starting writer 2");
162 rwwriter_fn(2, &rwwriter2_iterations
);
163 CRYPTO_atomic_add(&rwwriter2_done
, 1, &local
, atomiclock
);
166 static void rwreader_fn(int *iterations
)
168 unsigned int count
= 0;
174 if (CRYPTO_THREAD_read_lock(rwtorturelock
) == 0)
177 while (lw1
!= 1 || lw2
!= 1) {
178 CRYPTO_atomic_add(&rwwriter1_done
, 0, &lw1
, atomiclock
);
179 CRYPTO_atomic_add(&rwwriter2_done
, 0, &lw2
, atomiclock
);
182 if (rwwriter_ptr
!= NULL
&& old
> *rwwriter_ptr
) {
183 TEST_info("rwwriter pointer went backwards\n");
184 rw_torture_result
= 0;
186 if (CRYPTO_THREAD_unlock(rwtorturelock
) == 0)
189 if (rw_torture_result
== 0) {
193 if (CRYPTO_THREAD_read_lock(rwtorturelock
) == 0)
197 if (CRYPTO_THREAD_unlock(rwtorturelock
) == 0)
201 static void rwreader1_fn(void)
203 TEST_info("Starting reader 1");
204 rwreader_fn(&rwreader1_iterations
);
207 static void rwreader2_fn(void)
209 TEST_info("Starting reader 2");
210 rwreader_fn(&rwreader2_iterations
);
213 static thread_t rwwriter1
;
214 static thread_t rwwriter2
;
215 static thread_t rwreader1
;
216 static thread_t rwreader2
;
218 static int _torture_rw(void)
224 struct timeval dtime
;
226 rwtorturelock
= CRYPTO_THREAD_lock_new();
227 atomiclock
= CRYPTO_THREAD_lock_new();
228 rwwriter1_iterations
= 0;
229 rwwriter2_iterations
= 0;
230 rwreader1_iterations
= 0;
231 rwreader2_iterations
= 0;
234 rw_torture_result
= 1;
236 memset(&rwwriter1
, 0, sizeof(thread_t
));
237 memset(&rwwriter2
, 0, sizeof(thread_t
));
238 memset(&rwreader1
, 0, sizeof(thread_t
));
239 memset(&rwreader2
, 0, sizeof(thread_t
));
241 TEST_info("Staring rw torture");
242 t1
= ossl_time_now();
243 if (!TEST_true(run_thread(&rwreader1
, rwreader1_fn
))
244 || !TEST_true(run_thread(&rwreader2
, rwreader2_fn
))
245 || !TEST_true(run_thread(&rwwriter1
, rwwriter1_fn
))
246 || !TEST_true(run_thread(&rwwriter2
, rwwriter2_fn
))
247 || !TEST_true(wait_for_thread(rwwriter1
))
248 || !TEST_true(wait_for_thread(rwwriter2
))
249 || !TEST_true(wait_for_thread(rwreader1
))
250 || !TEST_true(wait_for_thread(rwreader2
)))
253 t2
= ossl_time_now();
254 dtime
= ossl_time_to_timeval(ossl_time_subtract(t2
, t1
));
255 tottime
= dtime
.tv_sec
+ (dtime
.tv_usec
/ 1e6
);
256 TEST_info("rw_torture_result is %d\n", rw_torture_result
);
257 TEST_info("performed %d reads and %d writes over 2 read and 2 write threads in %e seconds",
258 rwreader1_iterations
+ rwreader2_iterations
,
259 rwwriter1_iterations
+ rwwriter2_iterations
, tottime
);
260 avr
= tottime
/ (rwreader1_iterations
+ rwreader2_iterations
);
261 avw
= (tottime
/ (rwwriter1_iterations
+ rwwriter2_iterations
));
262 TEST_info("Average read time %e/read", avr
);
263 TEST_info("Averate write time %e/write", avw
);
265 if (TEST_int_eq(rw_torture_result
, 1))
268 CRYPTO_THREAD_lock_free(rwtorturelock
);
269 CRYPTO_THREAD_lock_free(atomiclock
);
270 rwtorturelock
= NULL
;
274 static int torture_rw_low(void)
277 return _torture_rw();
280 static int torture_rw_high(void)
283 return _torture_rw();
287 # ifndef OPENSSL_SYS_MACOSX
288 static CRYPTO_RCU_LOCK
*rcu_lock
= NULL
;
290 static int writer1_done
= 0;
291 static int writer2_done
= 0;
292 static int reader1_iterations
= 0;
293 static int reader2_iterations
= 0;
294 static int writer1_iterations
= 0;
295 static int writer2_iterations
= 0;
296 static uint64_t *writer_ptr
= NULL
;
297 static uint64_t global_ctr
= 0;
298 static int rcu_torture_result
= 1;
299 static void free_old_rcu_data(void *data
)
301 CRYPTO_free(data
, NULL
, 0);
304 static void writer_fn(int id
, int *iterations
)
310 t1
= ossl_time_now();
312 for (count
= 0; ; count
++) {
313 new = CRYPTO_zalloc(sizeof(uint64_t), NULL
, 0);
316 ossl_rcu_write_lock(rcu_lock
);
317 old
= ossl_rcu_deref(&writer_ptr
);
318 TSAN_ACQUIRE(&writer_ptr
);
320 ossl_rcu_assign_ptr(&writer_ptr
, &new);
322 ossl_rcu_call(rcu_lock
, free_old_rcu_data
, old
);
323 ossl_rcu_write_unlock(rcu_lock
);
324 if (contention
!= 0) {
325 ossl_synchronize_rcu(rcu_lock
);
326 CRYPTO_free(old
, NULL
, 0);
328 t2
= ossl_time_now();
329 if ((ossl_time2seconds(t2
) - ossl_time2seconds(t1
)) >= 4)
336 static void writer1_fn(void)
340 TEST_info("Starting writer1");
341 writer_fn(1, &writer1_iterations
);
342 CRYPTO_atomic_add(&writer1_done
, 1, &local
, atomiclock
);
345 static void writer2_fn(void)
349 TEST_info("Starting writer2");
350 writer_fn(2, &writer2_iterations
);
351 CRYPTO_atomic_add(&writer2_done
, 1, &local
, atomiclock
);
354 static void reader_fn(int *iterations
)
356 unsigned int count
= 0;
363 while (lw1
!= 1 || lw2
!= 1) {
364 CRYPTO_atomic_add(&writer1_done
, 0, &lw1
, atomiclock
);
365 CRYPTO_atomic_add(&writer2_done
, 0, &lw2
, atomiclock
);
367 ossl_rcu_read_lock(rcu_lock
);
368 valp
= ossl_rcu_deref(&writer_ptr
);
369 val
= (valp
== NULL
) ? 0 : *valp
;
372 TEST_info("rcu torture value went backwards! %llu : %llu", (unsigned long long)oldval
, (unsigned long long)val
);
373 rcu_torture_result
= 0;
375 oldval
= val
; /* just try to deref the pointer */
376 ossl_rcu_read_unlock(rcu_lock
);
377 if (rcu_torture_result
== 0) {
385 static void reader1_fn(void)
387 TEST_info("Starting reader 1");
388 reader_fn(&reader1_iterations
);
391 static void reader2_fn(void)
393 TEST_info("Starting reader 2");
394 reader_fn(&reader2_iterations
);
397 static thread_t writer1
;
398 static thread_t writer2
;
399 static thread_t reader1
;
400 static thread_t reader2
;
402 static int _torture_rcu(void)
405 struct timeval dtime
;
409 atomiclock
= CRYPTO_THREAD_lock_new();
410 memset(&writer1
, 0, sizeof(thread_t
));
411 memset(&writer2
, 0, sizeof(thread_t
));
412 memset(&reader1
, 0, sizeof(thread_t
));
413 memset(&reader2
, 0, sizeof(thread_t
));
415 writer1_iterations
= 0;
416 writer2_iterations
= 0;
417 reader1_iterations
= 0;
418 reader2_iterations
= 0;
421 rcu_torture_result
= 1;
423 rcu_lock
= ossl_rcu_lock_new(1, NULL
);
425 TEST_info("Staring rcu torture");
426 t1
= ossl_time_now();
427 if (!TEST_true(run_thread(&reader1
, reader1_fn
))
428 || !TEST_true(run_thread(&reader2
, reader2_fn
))
429 || !TEST_true(run_thread(&writer1
, writer1_fn
))
430 || !TEST_true(run_thread(&writer2
, writer2_fn
))
431 || !TEST_true(wait_for_thread(writer1
))
432 || !TEST_true(wait_for_thread(writer2
))
433 || !TEST_true(wait_for_thread(reader1
))
434 || !TEST_true(wait_for_thread(reader2
)))
437 t2
= ossl_time_now();
438 dtime
= ossl_time_to_timeval(ossl_time_subtract(t2
, t1
));
439 tottime
= dtime
.tv_sec
+ (dtime
.tv_usec
/ 1e6
);
440 TEST_info("rcu_torture_result is %d\n", rcu_torture_result
);
441 TEST_info("performed %d reads and %d writes over 2 read and 2 write threads in %e seconds",
442 reader1_iterations
+ reader2_iterations
,
443 writer1_iterations
+ writer2_iterations
, tottime
);
444 avr
= tottime
/ (reader1_iterations
+ reader2_iterations
);
445 avw
= tottime
/ (writer1_iterations
+ writer2_iterations
);
446 TEST_info("Average read time %e/read", avr
);
447 TEST_info("Average write time %e/write", avw
);
449 ossl_rcu_lock_free(rcu_lock
);
450 CRYPTO_THREAD_lock_free(atomiclock
);
451 if (!TEST_int_eq(rcu_torture_result
, 1))
457 static int torture_rcu_low(void)
460 return _torture_rcu();
463 static int torture_rcu_high(void)
466 return _torture_rcu();
471 static CRYPTO_ONCE once_run
= CRYPTO_ONCE_STATIC_INIT
;
472 static unsigned once_run_count
= 0;
474 static void once_do_run(void)
479 static void once_run_thread_cb(void)
481 CRYPTO_THREAD_run_once(&once_run
, once_do_run
);
484 static int test_once(void)
488 if (!TEST_true(run_thread(&thread
, once_run_thread_cb
))
489 || !TEST_true(wait_for_thread(thread
))
490 || !CRYPTO_THREAD_run_once(&once_run
, once_do_run
)
491 || !TEST_int_eq(once_run_count
, 1))
496 static CRYPTO_THREAD_LOCAL thread_local_key
;
497 static unsigned destructor_run_count
= 0;
498 static int thread_local_thread_cb_ok
= 0;
500 static void thread_local_destructor(void *arg
)
512 static void thread_local_thread_cb(void)
516 ptr
= CRYPTO_THREAD_get_local(&thread_local_key
);
517 if (!TEST_ptr_null(ptr
)
518 || !TEST_true(CRYPTO_THREAD_set_local(&thread_local_key
,
519 &destructor_run_count
)))
522 ptr
= CRYPTO_THREAD_get_local(&thread_local_key
);
523 if (!TEST_ptr_eq(ptr
, &destructor_run_count
))
526 thread_local_thread_cb_ok
= 1;
529 static int test_thread_local(void)
534 if (!TEST_true(CRYPTO_THREAD_init_local(&thread_local_key
,
535 thread_local_destructor
)))
538 ptr
= CRYPTO_THREAD_get_local(&thread_local_key
);
539 if (!TEST_ptr_null(ptr
)
540 || !TEST_true(run_thread(&thread
, thread_local_thread_cb
))
541 || !TEST_true(wait_for_thread(thread
))
542 || !TEST_int_eq(thread_local_thread_cb_ok
, 1))
545 #if defined(OPENSSL_THREADS) && !defined(CRYPTO_TDEBUG)
547 ptr
= CRYPTO_THREAD_get_local(&thread_local_key
);
548 if (!TEST_ptr_null(ptr
))
551 # if !defined(OPENSSL_SYS_WINDOWS)
552 if (!TEST_int_eq(destructor_run_count
, 1))
557 if (!TEST_true(CRYPTO_THREAD_cleanup_local(&thread_local_key
)))
562 static int test_atomic(void)
564 int val
= 0, ret
= 0, testresult
= 0;
565 uint64_t val64
= 1, ret64
= 0;
566 CRYPTO_RWLOCK
*lock
= CRYPTO_THREAD_lock_new();
571 if (CRYPTO_atomic_add(&val
, 1, &ret
, NULL
)) {
572 /* This succeeds therefore we're on a platform with lockless atomics */
573 if (!TEST_int_eq(val
, 1) || !TEST_int_eq(val
, ret
))
576 /* This failed therefore we're on a platform without lockless atomics */
577 if (!TEST_int_eq(val
, 0) || !TEST_int_eq(val
, ret
))
583 if (!TEST_true(CRYPTO_atomic_add(&val
, 1, &ret
, lock
)))
585 if (!TEST_int_eq(val
, 1) || !TEST_int_eq(val
, ret
))
588 if (CRYPTO_atomic_or(&val64
, 2, &ret64
, NULL
)) {
589 /* This succeeds therefore we're on a platform with lockless atomics */
590 if (!TEST_uint_eq((unsigned int)val64
, 3)
591 || !TEST_uint_eq((unsigned int)val64
, (unsigned int)ret64
))
594 /* This failed therefore we're on a platform without lockless atomics */
595 if (!TEST_uint_eq((unsigned int)val64
, 1)
596 || !TEST_int_eq((unsigned int)ret64
, 0))
602 if (!TEST_true(CRYPTO_atomic_or(&val64
, 2, &ret64
, lock
)))
605 if (!TEST_uint_eq((unsigned int)val64
, 3)
606 || !TEST_uint_eq((unsigned int)val64
, (unsigned int)ret64
))
610 if (CRYPTO_atomic_load(&val64
, &ret64
, NULL
)) {
611 /* This succeeds therefore we're on a platform with lockless atomics */
612 if (!TEST_uint_eq((unsigned int)val64
, 3)
613 || !TEST_uint_eq((unsigned int)val64
, (unsigned int)ret64
))
616 /* This failed therefore we're on a platform without lockless atomics */
617 if (!TEST_uint_eq((unsigned int)val64
, 3)
618 || !TEST_int_eq((unsigned int)ret64
, 0))
623 if (!TEST_true(CRYPTO_atomic_load(&val64
, &ret64
, lock
)))
626 if (!TEST_uint_eq((unsigned int)val64
, 3)
627 || !TEST_uint_eq((unsigned int)val64
, (unsigned int)ret64
))
632 CRYPTO_THREAD_lock_free(lock
);
636 static OSSL_LIB_CTX
*multi_libctx
= NULL
;
637 static int multi_success
;
638 static OSSL_PROVIDER
*multi_provider
[MAXIMUM_PROVIDERS
+ 1];
639 static size_t multi_num_threads
;
640 static thread_t multi_threads
[MAXIMUM_THREADS
];
642 static void multi_intialise(void)
646 multi_num_threads
= 0;
647 memset(multi_threads
, 0, sizeof(multi_threads
));
648 memset(multi_provider
, 0, sizeof(multi_provider
));
651 static void multi_set_success(int ok
)
653 if (CRYPTO_THREAD_write_lock(global_lock
) == 0) {
654 /* not synchronized, but better than not reporting failure */
661 CRYPTO_THREAD_unlock(global_lock
);
664 static void thead_teardown_libctx(void)
668 for (p
= multi_provider
; *p
!= NULL
; p
++)
669 OSSL_PROVIDER_unload(*p
);
670 OSSL_LIB_CTX_free(multi_libctx
);
674 static int thread_setup_libctx(int libctx
, const char *providers
[])
678 if (libctx
&& !TEST_true(test_get_libctx(&multi_libctx
, NULL
, config_file
,
682 if (providers
!= NULL
)
683 for (n
= 0; providers
[n
] != NULL
; n
++)
684 if (!TEST_size_t_lt(n
, MAXIMUM_PROVIDERS
)
685 || !TEST_ptr(multi_provider
[n
] = OSSL_PROVIDER_load(multi_libctx
,
687 thead_teardown_libctx();
693 static int teardown_threads(void)
697 for (i
= 0; i
< multi_num_threads
; i
++)
698 if (!TEST_true(wait_for_thread(multi_threads
[i
])))
703 static int start_threads(size_t n
, void (*thread_func
)(void))
707 if (!TEST_size_t_le(multi_num_threads
+ n
, MAXIMUM_THREADS
))
710 for (i
= 0 ; i
< n
; i
++)
711 if (!TEST_true(run_thread(multi_threads
+ multi_num_threads
++, thread_func
)))
716 /* Template multi-threaded test function */
717 static int thread_run_test(void (*main_func
)(void),
718 size_t num_threads
, void (*thread_func
)(void),
719 int libctx
, const char *providers
[])
724 if (!thread_setup_libctx(libctx
, providers
)
725 || !start_threads(num_threads
, thread_func
))
728 if (main_func
!= NULL
)
731 if (!teardown_threads()
732 || !TEST_true(multi_success
))
736 thead_teardown_libctx();
740 static void thread_general_worker(void)
742 EVP_MD_CTX
*mdctx
= EVP_MD_CTX_new();
743 EVP_MD
*md
= EVP_MD_fetch(multi_libctx
, "SHA2-256", NULL
);
744 EVP_CIPHER_CTX
*cipherctx
= EVP_CIPHER_CTX_new();
745 EVP_CIPHER
*ciph
= EVP_CIPHER_fetch(multi_libctx
, "AES-128-CBC", NULL
);
746 const char *message
= "Hello World";
747 size_t messlen
= strlen(message
);
748 /* Should be big enough for encryption output too */
749 unsigned char out
[EVP_MAX_MD_SIZE
];
750 const unsigned char key
[AES_BLOCK_SIZE
] = {
751 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
752 0x0c, 0x0d, 0x0e, 0x0f
754 const unsigned char iv
[AES_BLOCK_SIZE
] = {
755 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
756 0x0c, 0x0d, 0x0e, 0x0f
760 EVP_PKEY
*pkey
= NULL
;
764 isfips
= OSSL_PROVIDER_available(multi_libctx
, "fips");
768 || !TEST_ptr(cipherctx
)
773 for (i
= 0; i
< 5; i
++) {
774 if (!TEST_true(EVP_DigestInit_ex(mdctx
, md
, NULL
))
775 || !TEST_true(EVP_DigestUpdate(mdctx
, message
, messlen
))
776 || !TEST_true(EVP_DigestFinal(mdctx
, out
, &mdoutl
)))
779 for (i
= 0; i
< 5; i
++) {
780 if (!TEST_true(EVP_EncryptInit_ex(cipherctx
, ciph
, NULL
, key
, iv
))
781 || !TEST_true(EVP_EncryptUpdate(cipherctx
, out
, &ciphoutl
,
782 (unsigned char *)message
,
784 || !TEST_true(EVP_EncryptFinal(cipherctx
, out
, &ciphoutl
)))
789 * We want the test to run quickly - not securely.
790 * Therefore we use an insecure bit length where we can (512).
791 * In the FIPS module though we must use a longer length.
793 pkey
= EVP_PKEY_Q_keygen(multi_libctx
, NULL
, "RSA", isfips
? 2048 : 512);
799 EVP_MD_CTX_free(mdctx
);
801 EVP_CIPHER_CTX_free(cipherctx
);
802 EVP_CIPHER_free(ciph
);
805 multi_set_success(0);
808 static void thread_multi_simple_fetch(void)
810 EVP_MD
*md
= EVP_MD_fetch(multi_libctx
, "SHA2-256", NULL
);
815 multi_set_success(0);
818 static EVP_PKEY
*shared_evp_pkey
= NULL
;
820 static void thread_shared_evp_pkey(void)
822 char *msg
= "Hello World";
823 unsigned char ctbuf
[256];
824 unsigned char ptbuf
[256];
825 size_t ptlen
, ctlen
= sizeof(ctbuf
);
826 EVP_PKEY_CTX
*ctx
= NULL
;
830 for (i
= 0; i
< 1 + do_fips
; i
++) {
832 EVP_PKEY_CTX_free(ctx
);
833 ctx
= EVP_PKEY_CTX_new_from_pkey(multi_libctx
, shared_evp_pkey
,
834 i
== 0 ? "provider=default"
839 if (!TEST_int_ge(EVP_PKEY_encrypt_init(ctx
), 0)
840 || !TEST_int_ge(EVP_PKEY_encrypt(ctx
, ctbuf
, &ctlen
,
841 (unsigned char *)msg
, strlen(msg
)),
845 EVP_PKEY_CTX_free(ctx
);
846 ctx
= EVP_PKEY_CTX_new_from_pkey(multi_libctx
, shared_evp_pkey
, NULL
);
851 ptlen
= sizeof(ptbuf
);
852 if (!TEST_int_ge(EVP_PKEY_decrypt_init(ctx
), 0)
853 || !TEST_int_gt(EVP_PKEY_decrypt(ctx
, ptbuf
, &ptlen
, ctbuf
, ctlen
),
855 || !TEST_mem_eq(msg
, strlen(msg
), ptbuf
, ptlen
))
862 EVP_PKEY_CTX_free(ctx
);
864 multi_set_success(0);
867 static void thread_provider_load_unload(void)
869 OSSL_PROVIDER
*deflt
= OSSL_PROVIDER_load(multi_libctx
, "default");
872 || !TEST_true(OSSL_PROVIDER_available(multi_libctx
, "default")))
873 multi_set_success(0);
875 OSSL_PROVIDER_unload(deflt
);
878 static int test_multi_general_worker_default_provider(void)
880 return thread_run_test(&thread_general_worker
, 2, &thread_general_worker
,
881 1, default_provider
);
884 static int test_multi_general_worker_fips_provider(void)
887 return TEST_skip("FIPS not supported");
888 return thread_run_test(&thread_general_worker
, 2, &thread_general_worker
,
892 static int test_multi_fetch_worker(void)
894 return thread_run_test(&thread_multi_simple_fetch
,
895 2, &thread_multi_simple_fetch
, 1, default_provider
);
898 static int test_multi_shared_pkey_common(void (*worker
)(void))
903 if (!thread_setup_libctx(1, do_fips
? fips_and_default_providers
905 || !TEST_ptr(shared_evp_pkey
= load_pkey_pem(privkey
, multi_libctx
))
906 || !start_threads(1, &thread_shared_evp_pkey
)
907 || !start_threads(1, worker
))
910 thread_shared_evp_pkey();
912 if (!teardown_threads()
913 || !TEST_true(multi_success
))
917 EVP_PKEY_free(shared_evp_pkey
);
918 thead_teardown_libctx();
922 #ifndef OPENSSL_NO_DEPRECATED_3_0
923 static void thread_downgrade_shared_evp_pkey(void)
926 * This test is only relevant for deprecated functions that perform
929 if (EVP_PKEY_get0_RSA(shared_evp_pkey
) == NULL
)
930 multi_set_success(0);
933 static int test_multi_downgrade_shared_pkey(void)
935 return test_multi_shared_pkey_common(&thread_downgrade_shared_evp_pkey
);
939 static int test_multi_shared_pkey(void)
941 return test_multi_shared_pkey_common(&thread_shared_evp_pkey
);
944 static int test_multi_load_unload_provider(void)
946 EVP_MD
*sha256
= NULL
;
947 OSSL_PROVIDER
*prov
= NULL
;
951 if (!thread_setup_libctx(1, NULL
)
952 || !TEST_ptr(prov
= OSSL_PROVIDER_load(multi_libctx
, "default"))
953 || !TEST_ptr(sha256
= EVP_MD_fetch(multi_libctx
, "SHA2-256", NULL
))
954 || !TEST_true(OSSL_PROVIDER_unload(prov
)))
958 if (!start_threads(2, &thread_provider_load_unload
))
961 thread_provider_load_unload();
963 if (!teardown_threads()
964 || !TEST_true(multi_success
))
968 OSSL_PROVIDER_unload(prov
);
970 thead_teardown_libctx();
974 static char *multi_load_provider
= "legacy";
976 * This test attempts to load several providers at the same time, and if
977 * run with a thread sanitizer, should crash if the core provider code
978 * doesn't synchronize well enough.
980 static void test_multi_load_worker(void)
984 if (!TEST_ptr(prov
= OSSL_PROVIDER_load(multi_libctx
, multi_load_provider
))
985 || !TEST_true(OSSL_PROVIDER_unload(prov
)))
986 multi_set_success(0);
989 static int test_multi_default(void)
991 /* Avoid running this test twice */
992 if (multidefault_run
) {
993 TEST_skip("multi default test already run");
996 multidefault_run
= 1;
998 return thread_run_test(&thread_multi_simple_fetch
,
999 2, &thread_multi_simple_fetch
, 0, default_provider
);
1002 static int test_multi_load(void)
1005 OSSL_PROVIDER
*prov
;
1007 /* The multidefault test must run prior to this test */
1008 if (!multidefault_run
) {
1009 TEST_info("Running multi default test first");
1010 res
= test_multi_default();
1014 * We use the legacy provider in test_multi_load_worker because it uses a
1015 * child libctx that might hit more codepaths that might be sensitive to
1016 * threading issues. But in a no-legacy build that won't be loadable so
1017 * we use the default provider instead.
1019 prov
= OSSL_PROVIDER_load(NULL
, "legacy");
1021 TEST_info("Cannot load legacy provider - assuming this is a no-legacy build");
1022 multi_load_provider
= "default";
1024 OSSL_PROVIDER_unload(prov
);
1026 return thread_run_test(NULL
, MAXIMUM_THREADS
, &test_multi_load_worker
, 0,
1030 static void test_obj_create_one(void)
1032 char tids
[12], oid
[40], sn
[30], ln
[30];
1033 int id
= get_new_uid();
1035 BIO_snprintf(tids
, sizeof(tids
), "%d", id
);
1036 BIO_snprintf(oid
, sizeof(oid
), "1.3.6.1.4.1.16604.%s", tids
);
1037 BIO_snprintf(sn
, sizeof(sn
), "short-name-%s", tids
);
1038 BIO_snprintf(ln
, sizeof(ln
), "long-name-%s", tids
);
1039 if (!TEST_int_ne(id
, 0)
1040 || !TEST_true(id
= OBJ_create(oid
, sn
, ln
))
1041 || !TEST_true(OBJ_add_sigid(id
, NID_sha3_256
, NID_rsa
)))
1042 multi_set_success(0);
1045 static int test_obj_add(void)
1047 return thread_run_test(&test_obj_create_one
,
1048 MAXIMUM_THREADS
, &test_obj_create_one
,
1049 1, default_provider
);
1052 static void test_lib_ctx_load_config_worker(void)
1054 if (!TEST_int_eq(OSSL_LIB_CTX_load_config(multi_libctx
, config_file
), 1))
1055 multi_set_success(0);
1058 static int test_lib_ctx_load_config(void)
1060 return thread_run_test(&test_lib_ctx_load_config_worker
,
1061 MAXIMUM_THREADS
, &test_lib_ctx_load_config_worker
,
1062 1, default_provider
);
1065 #if !defined(OPENSSL_NO_DGRAM) && !defined(OPENSSL_NO_SOCK)
1066 static BIO
*multi_bio1
, *multi_bio2
;
1068 static void test_bio_dgram_pair_worker(void)
1073 uint8_t scratch
[64];
1075 size_t num_processed
= 0;
1077 if (!TEST_int_eq(RAND_bytes_ex(multi_libctx
, &ch
, 1, 64), 1))
1081 msg
.data_len
= sizeof(scratch
);
1084 * We do not test for failure here as recvmmsg may fail if no sendmmsg
1085 * has been called yet. The purpose of this code is to exercise tsan.
1088 r
= BIO_sendmmsg(ch
& 1 ? multi_bio2
: multi_bio1
, &msg
,
1089 sizeof(BIO_MSG
), 1, 0, &num_processed
);
1091 r
= BIO_recvmmsg(ch
& 1 ? multi_bio2
: multi_bio1
, &msg
,
1092 sizeof(BIO_MSG
), 1, 0, &num_processed
);
1097 multi_set_success(0);
1100 static int test_bio_dgram_pair(void)
1103 BIO
*bio1
= NULL
, *bio2
= NULL
;
1105 r
= BIO_new_bio_dgram_pair(&bio1
, 0, &bio2
, 0);
1106 if (!TEST_int_eq(r
, 1))
1112 r
= thread_run_test(&test_bio_dgram_pair_worker
,
1113 MAXIMUM_THREADS
, &test_bio_dgram_pair_worker
,
1114 1, default_provider
);
1123 static const char *pemdataraw
[] = {
1124 "-----BEGIN RSA PRIVATE KEY-----\n",
1125 "MIIBOgIBAAJBAMFcGsaxxdgiuuGmCkVImy4h99CqT7jwY3pexPGcnUFtR2Fh36Bp\n",
1126 "oncwtkZ4cAgtvd4Qs8PkxUdp6p/DlUmObdkCAwEAAQJAUR44xX6zB3eaeyvTRzms\n",
1127 "kHADrPCmPWnr8dxsNwiDGHzrMKLN+i/HAam+97HxIKVWNDH2ba9Mf1SA8xu9dcHZ\n",
1128 "AQIhAOHPCLxbtQFVxlnhSyxYeb7O323c3QulPNn3bhOipElpAiEA2zZpBE8ZXVnL\n",
1129 "74QjG4zINlDfH+EOEtjJJ3RtaYDugvECIBtsQDxXytChsRgDQ1TcXdStXPcDppie\n",
1130 "dZhm8yhRTTBZAiAZjE/U9rsIDC0ebxIAZfn3iplWh84yGB3pgUI3J5WkoQIhAInE\n",
1131 "HTUY5WRj5riZtkyGnbm3DvF+1eMtO2lYV+OuLcfE\n",
1132 "-----END RSA PRIVATE KEY-----\n",
1136 static void test_pem_read_one(void)
1138 EVP_PKEY
*key
= NULL
;
1143 pemdata
= glue_strings(pemdataraw
, &len
);
1144 if (pemdata
== NULL
) {
1145 multi_set_success(0);
1149 pem
= BIO_new_mem_buf(pemdata
, len
);
1151 multi_set_success(0);
1155 key
= PEM_read_bio_PrivateKey(pem
, NULL
, NULL
, NULL
);
1157 multi_set_success(0);
1162 OPENSSL_free(pemdata
);
1165 /* Test reading PEM files in multiple threads */
1166 static int test_pem_read(void)
1168 return thread_run_test(&test_pem_read_one
, MAXIMUM_THREADS
,
1169 &test_pem_read_one
, 1, default_provider
);
1172 typedef enum OPTION_choice
{
1175 OPT_FIPS
, OPT_CONFIG_FILE
,
1179 const OPTIONS
*test_get_options(void)
1181 static const OPTIONS options
[] = {
1182 OPT_TEST_OPTIONS_DEFAULT_USAGE
,
1183 { "fips", OPT_FIPS
, '-', "Test the FIPS provider" },
1184 { "config", OPT_CONFIG_FILE
, '<',
1185 "The configuration file to use for the libctx" },
1191 int setup_tests(void)
1196 while ((o
= opt_next()) != OPT_EOF
) {
1201 case OPT_CONFIG_FILE
:
1202 config_file
= opt_arg();
1204 case OPT_TEST_CASES
:
1211 if (!TEST_ptr(datadir
= test_get_argument(0)))
1214 privkey
= test_mk_file_path(datadir
, "rsakey.pem");
1215 if (!TEST_ptr(privkey
))
1218 if (!TEST_ptr(global_lock
= CRYPTO_THREAD_lock_new()))
1221 #ifdef TSAN_REQUIRES_LOCKING
1222 if (!TEST_ptr(tsan_lock
= CRYPTO_THREAD_lock_new()))
1226 /* Keep first to validate auto creation of default library context */
1227 ADD_TEST(test_multi_default
);
1229 ADD_TEST(test_lock
);
1230 #if defined(OPENSSL_THREADS)
1231 ADD_TEST(torture_rw_low
);
1232 ADD_TEST(torture_rw_high
);
1233 # ifndef OPENSSL_SYS_MACOSX
1234 ADD_TEST(torture_rcu_low
);
1235 ADD_TEST(torture_rcu_high
);
1238 ADD_TEST(test_once
);
1239 ADD_TEST(test_thread_local
);
1240 ADD_TEST(test_atomic
);
1241 ADD_TEST(test_multi_load
);
1242 ADD_TEST(test_multi_general_worker_default_provider
);
1243 ADD_TEST(test_multi_general_worker_fips_provider
);
1244 ADD_TEST(test_multi_fetch_worker
);
1245 ADD_TEST(test_multi_shared_pkey
);
1246 #ifndef OPENSSL_NO_DEPRECATED_3_0
1247 ADD_TEST(test_multi_downgrade_shared_pkey
);
1249 ADD_TEST(test_multi_load_unload_provider
);
1250 ADD_TEST(test_obj_add
);
1251 ADD_TEST(test_lib_ctx_load_config
);
1252 #if !defined(OPENSSL_NO_DGRAM) && !defined(OPENSSL_NO_SOCK)
1253 ADD_TEST(test_bio_dgram_pair
);
1255 ADD_TEST(test_pem_read
);
1259 void cleanup_tests(void)
1261 OPENSSL_free(privkey
);
1262 #ifdef TSAN_REQUIRES_LOCKING
1263 CRYPTO_THREAD_lock_free(tsan_lock
);
1265 CRYPTO_THREAD_lock_free(global_lock
);