2 * Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 * The test_multi_downgrade_shared_pkey function tests the thread safety of a
12 * deprecated function.
14 #ifndef OPENSSL_NO_DEPRECATED_3_0
15 # define OPENSSL_SUPPRESS_DEPRECATED
23 #include <openssl/crypto.h>
24 #include <openssl/rsa.h>
25 #include <openssl/aes.h>
26 #include <openssl/err.h>
27 #include <openssl/rand.h>
28 #include <openssl/pem.h>
29 #include <openssl/evp.h>
30 #include "internal/tsan_assist.h"
31 #include "internal/nelem.h"
32 #include "internal/time.h"
33 #include "internal/rcu.h"
35 #include "threadstest.h"
37 #ifdef __SANITIZE_THREAD__
38 #include <sanitizer/tsan_interface.h>
39 #define TSAN_ACQUIRE(s) __tsan_acquire(s)
41 #define TSAN_ACQUIRE(s)
44 /* Limit the maximum number of threads */
45 #define MAXIMUM_THREADS 10
47 /* Limit the maximum number of providers loaded into a library context */
48 #define MAXIMUM_PROVIDERS 4
50 static int do_fips = 0;
52 static char *config_file = NULL;
53 static int multidefault_run = 0;
55 static const char *default_provider[] = { "default", NULL };
56 static const char *fips_provider[] = { "fips", NULL };
57 static const char *fips_and_default_providers[] = { "default", "fips", NULL };
59 static CRYPTO_RWLOCK *global_lock;
61 #ifdef TSAN_REQUIRES_LOCKING
62 static CRYPTO_RWLOCK *tsan_lock;
65 /* Grab a globally unique integer value, return 0 on failure */
66 static int get_new_uid(void)
69 * Start with a nice large number to avoid potential conflicts when
70 * we generate a new OID.
72 static TSAN_QUALIFIER int current_uid = 1 << (sizeof(int) * 8 - 2);
73 #ifdef TSAN_REQUIRES_LOCKING
76 if (!TEST_true(CRYPTO_THREAD_write_lock(tsan_lock)))
79 if (!TEST_true(CRYPTO_THREAD_unlock(tsan_lock)))
84 return tsan_counter(¤t_uid);
88 static int test_lock(void)
90 CRYPTO_RWLOCK *lock = CRYPTO_THREAD_lock_new();
93 res = TEST_true(CRYPTO_THREAD_read_lock(lock))
94 && TEST_true(CRYPTO_THREAD_unlock(lock))
95 && TEST_true(CRYPTO_THREAD_write_lock(lock))
96 && TEST_true(CRYPTO_THREAD_unlock(lock));
98 CRYPTO_THREAD_lock_free(lock);
103 #if defined(OPENSSL_THREADS)
104 static int contention = 0;
105 static int rwwriter1_done = 0;
106 static int rwwriter2_done = 0;
107 static int rwreader1_iterations = 0;
108 static int rwreader2_iterations = 0;
109 static int rwwriter1_iterations = 0;
110 static int rwwriter2_iterations = 0;
111 static int *rwwriter_ptr = NULL;
112 static int rw_torture_result = 1;
113 static CRYPTO_RWLOCK *rwtorturelock = NULL;
115 static void rwwriter_fn(int id, int *iterations)
120 t1 = ossl_time_now();
122 for (count = 0; ; count++) {
123 new = CRYPTO_zalloc(sizeof (int), NULL, 0);
126 if (!CRYPTO_THREAD_write_lock(rwtorturelock))
128 if (rwwriter_ptr != NULL) {
129 *new = *rwwriter_ptr + 1;
135 if (!CRYPTO_THREAD_unlock(rwtorturelock))
138 CRYPTO_free(old, __FILE__, __LINE__);
139 t2 = ossl_time_now();
140 if ((ossl_time2seconds(t2) - ossl_time2seconds(t1)) >= 4)
147 static void rwwriter1_fn(void)
151 TEST_info("Starting writer1");
152 rwwriter_fn(1, &rwwriter1_iterations);
153 CRYPTO_atomic_add(&rwwriter1_done, 1, &local, NULL);
156 static void rwwriter2_fn(void)
160 TEST_info("Starting writer 2");
161 rwwriter_fn(2, &rwwriter2_iterations);
162 CRYPTO_atomic_add(&rwwriter2_done, 1, &local, NULL);
165 static void rwreader_fn(int *iterations)
167 unsigned int count = 0;
173 if (CRYPTO_THREAD_read_lock(rwtorturelock) == 0)
176 while (lw1 != 1 || lw2 != 1) {
177 CRYPTO_atomic_add(&rwwriter1_done, 0, &lw1, NULL);
178 CRYPTO_atomic_add(&rwwriter2_done, 0, &lw2, NULL);
181 if (rwwriter_ptr != NULL && old > *rwwriter_ptr) {
182 TEST_info("rwwriter pointer went backwards\n");
183 rw_torture_result = 0;
185 if (CRYPTO_THREAD_unlock(rwtorturelock) == 0)
188 if (rw_torture_result == 0) {
192 if (CRYPTO_THREAD_read_lock(rwtorturelock) == 0)
196 if (CRYPTO_THREAD_unlock(rwtorturelock) == 0)
200 static void rwreader1_fn(void)
202 TEST_info("Starting reader 1");
203 rwreader_fn(&rwreader1_iterations);
206 static void rwreader2_fn(void)
208 TEST_info("Starting reader 2");
209 rwreader_fn(&rwreader2_iterations);
212 static thread_t rwwriter1;
213 static thread_t rwwriter2;
214 static thread_t rwreader1;
215 static thread_t rwreader2;
217 static int _torture_rw(void)
223 struct timeval dtime;
225 rwtorturelock = CRYPTO_THREAD_lock_new();
226 rwwriter1_iterations = 0;
227 rwwriter2_iterations = 0;
228 rwreader1_iterations = 0;
229 rwreader2_iterations = 0;
232 rw_torture_result = 1;
234 memset(&rwwriter1, 0, sizeof(thread_t));
235 memset(&rwwriter2, 0, sizeof(thread_t));
236 memset(&rwreader1, 0, sizeof(thread_t));
237 memset(&rwreader2, 0, sizeof(thread_t));
239 TEST_info("Staring rw torture");
240 t1 = ossl_time_now();
241 if (!TEST_true(run_thread(&rwreader1, rwreader1_fn))
242 || !TEST_true(run_thread(&rwreader2, rwreader2_fn))
243 || !TEST_true(run_thread(&rwwriter1, rwwriter1_fn))
244 || !TEST_true(run_thread(&rwwriter2, rwwriter2_fn))
245 || !TEST_true(wait_for_thread(rwwriter1))
246 || !TEST_true(wait_for_thread(rwwriter2))
247 || !TEST_true(wait_for_thread(rwreader1))
248 || !TEST_true(wait_for_thread(rwreader2)))
251 t2 = ossl_time_now();
252 dtime = ossl_time_to_timeval(ossl_time_subtract(t2, t1));
253 tottime = dtime.tv_sec + (dtime.tv_usec / 1e6);
254 TEST_info("rw_torture_result is %d\n", rw_torture_result);
255 TEST_info("performed %d reads and %d writes over 2 read and 2 write threads in %e seconds",
256 rwreader1_iterations + rwreader2_iterations,
257 rwwriter1_iterations + rwwriter2_iterations, tottime);
258 avr = tottime / (rwreader1_iterations + rwreader2_iterations);
259 avw = (tottime / (rwwriter1_iterations + rwwriter2_iterations));
260 TEST_info("Average read time %e/read", avr);
261 TEST_info("Averate write time %e/write", avw);
263 if (TEST_int_eq(rw_torture_result, 1))
266 CRYPTO_THREAD_lock_free(rwtorturelock);
267 rwtorturelock = NULL;
271 static int torture_rw_low(void)
274 return _torture_rw();
277 static int torture_rw_high(void)
280 return _torture_rw();
284 # ifndef OPENSSL_SYS_MACOSX
285 static CRYPTO_RCU_LOCK *rcu_lock = NULL;
287 static int writer1_done = 0;
288 static int writer2_done = 0;
289 static int reader1_iterations = 0;
290 static int reader2_iterations = 0;
291 static int writer1_iterations = 0;
292 static int writer2_iterations = 0;
293 static uint64_t *writer_ptr = NULL;
294 static uint64_t global_ctr = 0;
295 static int rcu_torture_result = 1;
296 static void free_old_rcu_data(void *data)
298 CRYPTO_free(data, NULL, 0);
301 static void writer_fn(int id, int *iterations)
307 t1 = ossl_time_now();
309 for (count = 0; ; count++) {
310 new = CRYPTO_zalloc(sizeof(uint64_t), NULL, 0);
313 ossl_rcu_write_lock(rcu_lock);
314 old = ossl_rcu_deref(&writer_ptr);
315 TSAN_ACQUIRE(&writer_ptr);
317 ossl_rcu_assign_ptr(&writer_ptr, &new);
319 ossl_rcu_call(rcu_lock, free_old_rcu_data, old);
320 ossl_rcu_write_unlock(rcu_lock);
321 if (contention != 0) {
322 ossl_synchronize_rcu(rcu_lock);
323 CRYPTO_free(old, NULL, 0);
325 t2 = ossl_time_now();
326 if ((ossl_time2seconds(t2) - ossl_time2seconds(t1)) >= 4)
333 static void writer1_fn(void)
337 TEST_info("Starting writer1");
338 writer_fn(1, &writer1_iterations);
339 CRYPTO_atomic_add(&writer1_done, 1, &local, NULL);
342 static void writer2_fn(void)
346 TEST_info("Starting writer2");
347 writer_fn(2, &writer2_iterations);
348 CRYPTO_atomic_add(&writer2_done, 1, &local, NULL);
351 static void reader_fn(int *iterations)
353 unsigned int count = 0;
360 while (lw1 != 1 || lw2 != 1) {
361 CRYPTO_atomic_add(&writer1_done, 0, &lw1, NULL);
362 CRYPTO_atomic_add(&writer2_done, 0, &lw2, NULL);
364 ossl_rcu_read_lock(rcu_lock);
365 valp = ossl_rcu_deref(&writer_ptr);
366 val = (valp == NULL) ? 0 : *valp;
369 TEST_info("rcu torture value went backwards! %llu : %llu", (unsigned long long)oldval, (unsigned long long)val);
370 rcu_torture_result = 0;
372 oldval = val; /* just try to deref the pointer */
373 ossl_rcu_read_unlock(rcu_lock);
374 if (rcu_torture_result == 0) {
382 static void reader1_fn(void)
384 TEST_info("Starting reader 1");
385 reader_fn(&reader1_iterations);
388 static void reader2_fn(void)
390 TEST_info("Starting reader 2");
391 reader_fn(&reader2_iterations);
394 static thread_t writer1;
395 static thread_t writer2;
396 static thread_t reader1;
397 static thread_t reader2;
399 static int _torture_rcu(void)
402 struct timeval dtime;
406 memset(&writer1, 0, sizeof(thread_t));
407 memset(&writer2, 0, sizeof(thread_t));
408 memset(&reader1, 0, sizeof(thread_t));
409 memset(&reader2, 0, sizeof(thread_t));
411 writer1_iterations = 0;
412 writer2_iterations = 0;
413 reader1_iterations = 0;
414 reader2_iterations = 0;
417 rcu_torture_result = 1;
419 rcu_lock = ossl_rcu_lock_new(1);
421 TEST_info("Staring rcu torture");
422 t1 = ossl_time_now();
423 if (!TEST_true(run_thread(&reader1, reader1_fn))
424 || !TEST_true(run_thread(&reader2, reader2_fn))
425 || !TEST_true(run_thread(&writer1, writer1_fn))
426 || !TEST_true(run_thread(&writer2, writer2_fn))
427 || !TEST_true(wait_for_thread(writer1))
428 || !TEST_true(wait_for_thread(writer2))
429 || !TEST_true(wait_for_thread(reader1))
430 || !TEST_true(wait_for_thread(reader2)))
433 t2 = ossl_time_now();
434 dtime = ossl_time_to_timeval(ossl_time_subtract(t2, t1));
435 tottime = dtime.tv_sec + (dtime.tv_usec / 1e6);
436 TEST_info("rcu_torture_result is %d\n", rcu_torture_result);
437 TEST_info("performed %d reads and %d writes over 2 read and 2 write threads in %e seconds",
438 reader1_iterations + reader2_iterations,
439 writer1_iterations + writer2_iterations, tottime);
440 avr = tottime / (reader1_iterations + reader2_iterations);
441 avw = tottime / (writer1_iterations + writer2_iterations);
442 TEST_info("Average read time %e/read", avr);
443 TEST_info("Average write time %e/write", avw);
445 ossl_rcu_lock_free(rcu_lock);
446 if (!TEST_int_eq(rcu_torture_result, 1))
452 static int torture_rcu_low(void)
455 return _torture_rcu();
458 static int torture_rcu_high(void)
461 return _torture_rcu();
466 static CRYPTO_ONCE once_run = CRYPTO_ONCE_STATIC_INIT;
467 static unsigned once_run_count = 0;
469 static void once_do_run(void)
474 static void once_run_thread_cb(void)
476 CRYPTO_THREAD_run_once(&once_run, once_do_run);
479 static int test_once(void)
483 if (!TEST_true(run_thread(&thread, once_run_thread_cb))
484 || !TEST_true(wait_for_thread(thread))
485 || !CRYPTO_THREAD_run_once(&once_run, once_do_run)
486 || !TEST_int_eq(once_run_count, 1))
491 static CRYPTO_THREAD_LOCAL thread_local_key;
492 static unsigned destructor_run_count = 0;
493 static int thread_local_thread_cb_ok = 0;
495 static void thread_local_destructor(void *arg)
507 static void thread_local_thread_cb(void)
511 ptr = CRYPTO_THREAD_get_local(&thread_local_key);
512 if (!TEST_ptr_null(ptr)
513 || !TEST_true(CRYPTO_THREAD_set_local(&thread_local_key,
514 &destructor_run_count)))
517 ptr = CRYPTO_THREAD_get_local(&thread_local_key);
518 if (!TEST_ptr_eq(ptr, &destructor_run_count))
521 thread_local_thread_cb_ok = 1;
524 static int test_thread_local(void)
529 if (!TEST_true(CRYPTO_THREAD_init_local(&thread_local_key,
530 thread_local_destructor)))
533 ptr = CRYPTO_THREAD_get_local(&thread_local_key);
534 if (!TEST_ptr_null(ptr)
535 || !TEST_true(run_thread(&thread, thread_local_thread_cb))
536 || !TEST_true(wait_for_thread(thread))
537 || !TEST_int_eq(thread_local_thread_cb_ok, 1))
540 #if defined(OPENSSL_THREADS) && !defined(CRYPTO_TDEBUG)
542 ptr = CRYPTO_THREAD_get_local(&thread_local_key);
543 if (!TEST_ptr_null(ptr))
546 # if !defined(OPENSSL_SYS_WINDOWS)
547 if (!TEST_int_eq(destructor_run_count, 1))
552 if (!TEST_true(CRYPTO_THREAD_cleanup_local(&thread_local_key)))
557 static int test_atomic(void)
559 int val = 0, ret = 0, testresult = 0;
560 uint64_t val64 = 1, ret64 = 0;
561 CRYPTO_RWLOCK *lock = CRYPTO_THREAD_lock_new();
566 if (CRYPTO_atomic_add(&val, 1, &ret, NULL)) {
567 /* This succeeds therefore we're on a platform with lockless atomics */
568 if (!TEST_int_eq(val, 1) || !TEST_int_eq(val, ret))
571 /* This failed therefore we're on a platform without lockless atomics */
572 if (!TEST_int_eq(val, 0) || !TEST_int_eq(val, ret))
578 if (!TEST_true(CRYPTO_atomic_add(&val, 1, &ret, lock)))
580 if (!TEST_int_eq(val, 1) || !TEST_int_eq(val, ret))
583 if (CRYPTO_atomic_or(&val64, 2, &ret64, NULL)) {
584 /* This succeeds therefore we're on a platform with lockless atomics */
585 if (!TEST_uint_eq((unsigned int)val64, 3)
586 || !TEST_uint_eq((unsigned int)val64, (unsigned int)ret64))
589 /* This failed therefore we're on a platform without lockless atomics */
590 if (!TEST_uint_eq((unsigned int)val64, 1)
591 || !TEST_int_eq((unsigned int)ret64, 0))
597 if (!TEST_true(CRYPTO_atomic_or(&val64, 2, &ret64, lock)))
600 if (!TEST_uint_eq((unsigned int)val64, 3)
601 || !TEST_uint_eq((unsigned int)val64, (unsigned int)ret64))
605 if (CRYPTO_atomic_load(&val64, &ret64, NULL)) {
606 /* This succeeds therefore we're on a platform with lockless atomics */
607 if (!TEST_uint_eq((unsigned int)val64, 3)
608 || !TEST_uint_eq((unsigned int)val64, (unsigned int)ret64))
611 /* This failed therefore we're on a platform without lockless atomics */
612 if (!TEST_uint_eq((unsigned int)val64, 3)
613 || !TEST_int_eq((unsigned int)ret64, 0))
618 if (!TEST_true(CRYPTO_atomic_load(&val64, &ret64, lock)))
621 if (!TEST_uint_eq((unsigned int)val64, 3)
622 || !TEST_uint_eq((unsigned int)val64, (unsigned int)ret64))
627 CRYPTO_THREAD_lock_free(lock);
631 static OSSL_LIB_CTX *multi_libctx = NULL;
632 static int multi_success;
633 static OSSL_PROVIDER *multi_provider[MAXIMUM_PROVIDERS + 1];
634 static size_t multi_num_threads;
635 static thread_t multi_threads[MAXIMUM_THREADS];
637 static void multi_intialise(void)
641 multi_num_threads = 0;
642 memset(multi_threads, 0, sizeof(multi_threads));
643 memset(multi_provider, 0, sizeof(multi_provider));
646 static void multi_set_success(int ok)
648 if (CRYPTO_THREAD_write_lock(global_lock) == 0) {
649 /* not synchronized, but better than not reporting failure */
656 CRYPTO_THREAD_unlock(global_lock);
659 static void thead_teardown_libctx(void)
663 for (p = multi_provider; *p != NULL; p++)
664 OSSL_PROVIDER_unload(*p);
665 OSSL_LIB_CTX_free(multi_libctx);
669 static int thread_setup_libctx(int libctx, const char *providers[])
673 if (libctx && !TEST_true(test_get_libctx(&multi_libctx, NULL, config_file,
677 if (providers != NULL)
678 for (n = 0; providers[n] != NULL; n++)
679 if (!TEST_size_t_lt(n, MAXIMUM_PROVIDERS)
680 || !TEST_ptr(multi_provider[n] = OSSL_PROVIDER_load(multi_libctx,
682 thead_teardown_libctx();
688 static int teardown_threads(void)
692 for (i = 0; i < multi_num_threads; i++)
693 if (!TEST_true(wait_for_thread(multi_threads[i])))
698 static int start_threads(size_t n, void (*thread_func)(void))
702 if (!TEST_size_t_le(multi_num_threads + n, MAXIMUM_THREADS))
705 for (i = 0 ; i < n; i++)
706 if (!TEST_true(run_thread(multi_threads + multi_num_threads++, thread_func)))
711 /* Template multi-threaded test function */
712 static int thread_run_test(void (*main_func)(void),
713 size_t num_threads, void (*thread_func)(void),
714 int libctx, const char *providers[])
719 if (!thread_setup_libctx(libctx, providers)
720 || !start_threads(num_threads, thread_func))
723 if (main_func != NULL)
726 if (!teardown_threads()
727 || !TEST_true(multi_success))
731 thead_teardown_libctx();
735 static void thread_general_worker(void)
737 EVP_MD_CTX *mdctx = EVP_MD_CTX_new();
738 EVP_MD *md = EVP_MD_fetch(multi_libctx, "SHA2-256", NULL);
739 EVP_CIPHER_CTX *cipherctx = EVP_CIPHER_CTX_new();
740 EVP_CIPHER *ciph = EVP_CIPHER_fetch(multi_libctx, "AES-128-CBC", NULL);
741 const char *message = "Hello World";
742 size_t messlen = strlen(message);
743 /* Should be big enough for encryption output too */
744 unsigned char out[EVP_MAX_MD_SIZE];
745 const unsigned char key[AES_BLOCK_SIZE] = {
746 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
747 0x0c, 0x0d, 0x0e, 0x0f
749 const unsigned char iv[AES_BLOCK_SIZE] = {
750 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
751 0x0c, 0x0d, 0x0e, 0x0f
755 EVP_PKEY *pkey = NULL;
759 isfips = OSSL_PROVIDER_available(multi_libctx, "fips");
763 || !TEST_ptr(cipherctx)
768 for (i = 0; i < 5; i++) {
769 if (!TEST_true(EVP_DigestInit_ex(mdctx, md, NULL))
770 || !TEST_true(EVP_DigestUpdate(mdctx, message, messlen))
771 || !TEST_true(EVP_DigestFinal(mdctx, out, &mdoutl)))
774 for (i = 0; i < 5; i++) {
775 if (!TEST_true(EVP_EncryptInit_ex(cipherctx, ciph, NULL, key, iv))
776 || !TEST_true(EVP_EncryptUpdate(cipherctx, out, &ciphoutl,
777 (unsigned char *)message,
779 || !TEST_true(EVP_EncryptFinal(cipherctx, out, &ciphoutl)))
784 * We want the test to run quickly - not securely.
785 * Therefore we use an insecure bit length where we can (512).
786 * In the FIPS module though we must use a longer length.
788 pkey = EVP_PKEY_Q_keygen(multi_libctx, NULL, "RSA", isfips ? 2048 : 512);
794 EVP_MD_CTX_free(mdctx);
796 EVP_CIPHER_CTX_free(cipherctx);
797 EVP_CIPHER_free(ciph);
800 multi_set_success(0);
803 static void thread_multi_simple_fetch(void)
805 EVP_MD *md = EVP_MD_fetch(multi_libctx, "SHA2-256", NULL);
810 multi_set_success(0);
813 static EVP_PKEY *shared_evp_pkey = NULL;
815 static void thread_shared_evp_pkey(void)
817 char *msg = "Hello World";
818 unsigned char ctbuf[256];
819 unsigned char ptbuf[256];
820 size_t ptlen, ctlen = sizeof(ctbuf);
821 EVP_PKEY_CTX *ctx = NULL;
825 for (i = 0; i < 1 + do_fips; i++) {
827 EVP_PKEY_CTX_free(ctx);
828 ctx = EVP_PKEY_CTX_new_from_pkey(multi_libctx, shared_evp_pkey,
829 i == 0 ? "provider=default"
834 if (!TEST_int_ge(EVP_PKEY_encrypt_init(ctx), 0)
835 || !TEST_int_ge(EVP_PKEY_encrypt(ctx, ctbuf, &ctlen,
836 (unsigned char *)msg, strlen(msg)),
840 EVP_PKEY_CTX_free(ctx);
841 ctx = EVP_PKEY_CTX_new_from_pkey(multi_libctx, shared_evp_pkey, NULL);
846 ptlen = sizeof(ptbuf);
847 if (!TEST_int_ge(EVP_PKEY_decrypt_init(ctx), 0)
848 || !TEST_int_gt(EVP_PKEY_decrypt(ctx, ptbuf, &ptlen, ctbuf, ctlen),
850 || !TEST_mem_eq(msg, strlen(msg), ptbuf, ptlen))
857 EVP_PKEY_CTX_free(ctx);
859 multi_set_success(0);
862 static void thread_provider_load_unload(void)
864 OSSL_PROVIDER *deflt = OSSL_PROVIDER_load(multi_libctx, "default");
867 || !TEST_true(OSSL_PROVIDER_available(multi_libctx, "default")))
868 multi_set_success(0);
870 OSSL_PROVIDER_unload(deflt);
873 static int test_multi_general_worker_default_provider(void)
875 return thread_run_test(&thread_general_worker, 2, &thread_general_worker,
876 1, default_provider);
879 static int test_multi_general_worker_fips_provider(void)
882 return TEST_skip("FIPS not supported");
883 return thread_run_test(&thread_general_worker, 2, &thread_general_worker,
887 static int test_multi_fetch_worker(void)
889 return thread_run_test(&thread_multi_simple_fetch,
890 2, &thread_multi_simple_fetch, 1, default_provider);
893 static int test_multi_shared_pkey_common(void (*worker)(void))
898 if (!thread_setup_libctx(1, do_fips ? fips_and_default_providers
900 || !TEST_ptr(shared_evp_pkey = load_pkey_pem(privkey, multi_libctx))
901 || !start_threads(1, &thread_shared_evp_pkey)
902 || !start_threads(1, worker))
905 thread_shared_evp_pkey();
907 if (!teardown_threads()
908 || !TEST_true(multi_success))
912 EVP_PKEY_free(shared_evp_pkey);
913 thead_teardown_libctx();
917 #ifndef OPENSSL_NO_DEPRECATED_3_0
918 static void thread_downgrade_shared_evp_pkey(void)
921 * This test is only relevant for deprecated functions that perform
924 if (EVP_PKEY_get0_RSA(shared_evp_pkey) == NULL)
925 multi_set_success(0);
928 static int test_multi_downgrade_shared_pkey(void)
930 return test_multi_shared_pkey_common(&thread_downgrade_shared_evp_pkey);
934 static int test_multi_shared_pkey(void)
936 return test_multi_shared_pkey_common(&thread_shared_evp_pkey);
939 static int test_multi_load_unload_provider(void)
941 EVP_MD *sha256 = NULL;
942 OSSL_PROVIDER *prov = NULL;
946 if (!thread_setup_libctx(1, NULL)
947 || !TEST_ptr(prov = OSSL_PROVIDER_load(multi_libctx, "default"))
948 || !TEST_ptr(sha256 = EVP_MD_fetch(multi_libctx, "SHA2-256", NULL))
949 || !TEST_true(OSSL_PROVIDER_unload(prov)))
953 if (!start_threads(2, &thread_provider_load_unload))
956 thread_provider_load_unload();
958 if (!teardown_threads()
959 || !TEST_true(multi_success))
963 OSSL_PROVIDER_unload(prov);
965 thead_teardown_libctx();
969 static char *multi_load_provider = "legacy";
971 * This test attempts to load several providers at the same time, and if
972 * run with a thread sanitizer, should crash if the core provider code
973 * doesn't synchronize well enough.
975 static void test_multi_load_worker(void)
979 if (!TEST_ptr(prov = OSSL_PROVIDER_load(multi_libctx, multi_load_provider))
980 || !TEST_true(OSSL_PROVIDER_unload(prov)))
981 multi_set_success(0);
984 static int test_multi_default(void)
986 /* Avoid running this test twice */
987 if (multidefault_run) {
988 TEST_skip("multi default test already run");
991 multidefault_run = 1;
993 return thread_run_test(&thread_multi_simple_fetch,
994 2, &thread_multi_simple_fetch, 0, default_provider);
997 static int test_multi_load(void)
1000 OSSL_PROVIDER *prov;
1002 /* The multidefault test must run prior to this test */
1003 if (!multidefault_run) {
1004 TEST_info("Running multi default test first");
1005 res = test_multi_default();
1009 * We use the legacy provider in test_multi_load_worker because it uses a
1010 * child libctx that might hit more codepaths that might be sensitive to
1011 * threading issues. But in a no-legacy build that won't be loadable so
1012 * we use the default provider instead.
1014 prov = OSSL_PROVIDER_load(NULL, "legacy");
1016 TEST_info("Cannot load legacy provider - assuming this is a no-legacy build");
1017 multi_load_provider = "default";
1019 OSSL_PROVIDER_unload(prov);
1021 return thread_run_test(NULL, MAXIMUM_THREADS, &test_multi_load_worker, 0,
1025 static void test_obj_create_one(void)
1027 char tids[12], oid[40], sn[30], ln[30];
1028 int id = get_new_uid();
1030 BIO_snprintf(tids, sizeof(tids), "%d", id);
1031 BIO_snprintf(oid, sizeof(oid), "1.3.6.1.4.1.16604.%s", tids);
1032 BIO_snprintf(sn, sizeof(sn), "short-name-%s", tids);
1033 BIO_snprintf(ln, sizeof(ln), "long-name-%s", tids);
1034 if (!TEST_int_ne(id, 0)
1035 || !TEST_true(id = OBJ_create(oid, sn, ln))
1036 || !TEST_true(OBJ_add_sigid(id, NID_sha3_256, NID_rsa)))
1037 multi_set_success(0);
1040 static int test_obj_add(void)
1042 return thread_run_test(&test_obj_create_one,
1043 MAXIMUM_THREADS, &test_obj_create_one,
1044 1, default_provider);
1047 static void test_lib_ctx_load_config_worker(void)
1049 if (!TEST_int_eq(OSSL_LIB_CTX_load_config(multi_libctx, config_file), 1))
1050 multi_set_success(0);
1053 static int test_lib_ctx_load_config(void)
1055 return thread_run_test(&test_lib_ctx_load_config_worker,
1056 MAXIMUM_THREADS, &test_lib_ctx_load_config_worker,
1057 1, default_provider);
1060 #if !defined(OPENSSL_NO_DGRAM) && !defined(OPENSSL_NO_SOCK)
1061 static BIO *multi_bio1, *multi_bio2;
1063 static void test_bio_dgram_pair_worker(void)
1068 uint8_t scratch[64];
1070 size_t num_processed = 0;
1072 if (!TEST_int_eq(RAND_bytes_ex(multi_libctx, &ch, 1, 64), 1))
1076 msg.data_len = sizeof(scratch);
1079 * We do not test for failure here as recvmmsg may fail if no sendmmsg
1080 * has been called yet. The purpose of this code is to exercise tsan.
1083 r = BIO_sendmmsg(ch & 1 ? multi_bio2 : multi_bio1, &msg,
1084 sizeof(BIO_MSG), 1, 0, &num_processed);
1086 r = BIO_recvmmsg(ch & 1 ? multi_bio2 : multi_bio1, &msg,
1087 sizeof(BIO_MSG), 1, 0, &num_processed);
1092 multi_set_success(0);
1095 static int test_bio_dgram_pair(void)
1098 BIO *bio1 = NULL, *bio2 = NULL;
1100 r = BIO_new_bio_dgram_pair(&bio1, 0, &bio2, 0);
1101 if (!TEST_int_eq(r, 1))
1107 r = thread_run_test(&test_bio_dgram_pair_worker,
1108 MAXIMUM_THREADS, &test_bio_dgram_pair_worker,
1109 1, default_provider);
1118 static const char *pemdataraw[] = {
1119 "-----BEGIN RSA PRIVATE KEY-----\n",
1120 "MIIBOgIBAAJBAMFcGsaxxdgiuuGmCkVImy4h99CqT7jwY3pexPGcnUFtR2Fh36Bp\n",
1121 "oncwtkZ4cAgtvd4Qs8PkxUdp6p/DlUmObdkCAwEAAQJAUR44xX6zB3eaeyvTRzms\n",
1122 "kHADrPCmPWnr8dxsNwiDGHzrMKLN+i/HAam+97HxIKVWNDH2ba9Mf1SA8xu9dcHZ\n",
1123 "AQIhAOHPCLxbtQFVxlnhSyxYeb7O323c3QulPNn3bhOipElpAiEA2zZpBE8ZXVnL\n",
1124 "74QjG4zINlDfH+EOEtjJJ3RtaYDugvECIBtsQDxXytChsRgDQ1TcXdStXPcDppie\n",
1125 "dZhm8yhRTTBZAiAZjE/U9rsIDC0ebxIAZfn3iplWh84yGB3pgUI3J5WkoQIhAInE\n",
1126 "HTUY5WRj5riZtkyGnbm3DvF+1eMtO2lYV+OuLcfE\n",
1127 "-----END RSA PRIVATE KEY-----\n",
1131 static void test_pem_read_one(void)
1133 EVP_PKEY *key = NULL;
1138 pemdata = glue_strings(pemdataraw, &len);
1139 if (pemdata == NULL) {
1140 multi_set_success(0);
1144 pem = BIO_new_mem_buf(pemdata, len);
1146 multi_set_success(0);
1150 key = PEM_read_bio_PrivateKey(pem, NULL, NULL, NULL);
1152 multi_set_success(0);
1157 OPENSSL_free(pemdata);
1160 /* Test reading PEM files in multiple threads */
1161 static int test_pem_read(void)
1163 return thread_run_test(&test_pem_read_one, MAXIMUM_THREADS,
1164 &test_pem_read_one, 1, default_provider);
1167 typedef enum OPTION_choice {
1170 OPT_FIPS, OPT_CONFIG_FILE,
1174 const OPTIONS *test_get_options(void)
1176 static const OPTIONS options[] = {
1177 OPT_TEST_OPTIONS_DEFAULT_USAGE,
1178 { "fips", OPT_FIPS, '-', "Test the FIPS provider" },
1179 { "config", OPT_CONFIG_FILE, '<',
1180 "The configuration file to use for the libctx" },
1186 int setup_tests(void)
1191 while ((o = opt_next()) != OPT_EOF) {
1196 case OPT_CONFIG_FILE:
1197 config_file = opt_arg();
1199 case OPT_TEST_CASES:
1206 if (!TEST_ptr(datadir = test_get_argument(0)))
1209 privkey = test_mk_file_path(datadir, "rsakey.pem");
1210 if (!TEST_ptr(privkey))
1213 if (!TEST_ptr(global_lock = CRYPTO_THREAD_lock_new()))
1216 #ifdef TSAN_REQUIRES_LOCKING
1217 if (!TEST_ptr(tsan_lock = CRYPTO_THREAD_lock_new()))
1221 /* Keep first to validate auto creation of default library context */
1222 ADD_TEST(test_multi_default);
1224 ADD_TEST(test_lock);
1225 #if defined(OPENSSL_THREADS)
1226 ADD_TEST(torture_rw_low);
1227 ADD_TEST(torture_rw_high);
1228 # ifndef OPENSSL_SYS_MACOSX
1229 ADD_TEST(torture_rcu_low);
1230 ADD_TEST(torture_rcu_high);
1233 ADD_TEST(test_once);
1234 ADD_TEST(test_thread_local);
1235 ADD_TEST(test_atomic);
1236 ADD_TEST(test_multi_load);
1237 ADD_TEST(test_multi_general_worker_default_provider);
1238 ADD_TEST(test_multi_general_worker_fips_provider);
1239 ADD_TEST(test_multi_fetch_worker);
1240 ADD_TEST(test_multi_shared_pkey);
1241 #ifndef OPENSSL_NO_DEPRECATED_3_0
1242 ADD_TEST(test_multi_downgrade_shared_pkey);
1244 ADD_TEST(test_multi_load_unload_provider);
1245 ADD_TEST(test_obj_add);
1246 ADD_TEST(test_lib_ctx_load_config);
1247 #if !defined(OPENSSL_NO_DGRAM) && !defined(OPENSSL_NO_SOCK)
1248 ADD_TEST(test_bio_dgram_pair);
1250 ADD_TEST(test_pem_read);
1254 void cleanup_tests(void)
1256 OPENSSL_free(privkey);
1257 #ifdef TSAN_REQUIRES_LOCKING
1258 CRYPTO_THREAD_lock_free(tsan_lock);
1260 CRYPTO_THREAD_lock_free(global_lock);
projects / openssl.git / blob