`core_obj_create` and multi-threaded applications
Thomas Bailleux
thomas.bailleux at sandboxaq.com
Thu Oct 5 07:39:22 UTC 2023
Hello OpenSSL,
I'm currently writing a multi-threaded application using OpenSSL 3.1.
For some reason, I've decided to instantiate a `OSSL_LIB_CTX` per thread.
I'm also trying the provider API with oqs-provider, and I ran into an issue
that is caused
by the fact that `core_obj_create` is called by `OSSL_PROVIDER_load` which
itself is called by multiple threads running at the same time.
I described the bug in the following thread:
https://github.com/open-quantum-safe/oqs-provider/issues/272
Basically, the oqs-provider init function registers some custom OIDs using
the `core_obj_create` which makes a call to `OBJ_create`.
As described in the BUGS section of the `OBJ_create` man page[1] of *OpenSSL
3.0*, `OBJ_create` used to be non thread-safe.
However, in *OpenSSL 3.1*[2], it is thread safe:
These functions were not thread safe in OpenSSL 3.0 and before.
>
So I think there is a race condition in `core_obj_create`[3] function: the
function checks if the OID already exists, if so it returns OK (1),
otherwise it makes a call to `OBJ_create`. The TOCTOU is happening between
these two statements basically.
What do you suggest to mitigate this issue?
Regards,
- thomas
[1]: https://www.openssl.org/docs/man3.0/man3/OBJ_create.html
[2]: https://www.openssl.org/docs/man3.1/man3/OBJ_create.html
[3]:
https://github.com/openssl/openssl/blob/9c20f5db0feaddc4c9ea4c4b2b07e6d87d6701f1/crypto/provider_core.c#L2127-L2133
--
Thomas Bailleux
Cryptography software engineer
thomas at sandboxaq.com
+33 6 47 04 61 58 | Paris, FRANCE
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20231005/65bbbdfa/attachment.htm>
More information about the openssl-users
mailing list