`core_obj_create` and multi-threaded applications

Matt Caswell matt at openssl.org
Thu Oct 5 09:51:44 UTC 2023 

It mostly seems to cause an inconsistency in that sometimes 
core_obj_create returns 1 if the OID already exists and sometimes it 
returns 0.

Really core_obj_create should be a thin wrapper around OBJ_create. It 
probably shouldn't do the initial check at all and just call OBJ_create 
- which would make it always consistent, i.e. return 0 if it already exists.

oqsprovider probably needs to be tolerant of this failure condition, 
i.e. it doesn't care if it already exists - so ignore a 0 return.

Matt

On 05/10/2023 08:39, Thomas Bailleux wrote:
> Hello OpenSSL,
> 
> I'm currently writing a multi-threaded application using OpenSSL 3.1.
> For some reason, I've decided to instantiate a `OSSL_LIB_CTX` per thread.
> I'm also trying the provider API with oqs-provider, and I ran into an 
> issue that is caused
> by the fact that `core_obj_create` is called by `OSSL_PROVIDER_load` 
> which itself is called by multiple threads running at the same time.
> 
> I described the bug in the following thread: 
> https://github.com/open-quantum-safe/oqs-provider/issues/272 
> <https://github.com/open-quantum-safe/oqs-provider/issues/272>
> 
> Basically, the oqs-provider init function registers some custom OIDs 
> using the `core_obj_create` which makes a call to `OBJ_create`.
> 
> As described in the BUGS section of the `OBJ_create` man page[1] of 
> *OpenSSL 3.0*, `OBJ_create` used to be non thread-safe.
> However, in *OpenSSL 3.1*[2], it is thread safe:
> 
>     These functions were not thread safe in OpenSSL 3.0 and before.
> 
> 
> So I think there is a race condition in `core_obj_create`[3] function: 
> the function checks if the OID already exists, if so it returns OK (1), 
> otherwise it makes a call to `OBJ_create`. The TOCTOU is happening 
> between these two statements basically.
> 
> What do you suggest to mitigate this issue?
> 
> Regards,
> 
> - thomas
> 
> [1]: https://www.openssl.org/docs/man3.0/man3/OBJ_create.html 
> <https://www.openssl.org/docs/man3.0/man3/OBJ_create.html>
> [2]: https://www.openssl.org/docs/man3.1/man3/OBJ_create.html 
> <https://www.openssl.org/docs/man3.1/man3/OBJ_create.html>
> [3]: 
> https://github.com/openssl/openssl/blob/9c20f5db0feaddc4c9ea4c4b2b07e6d87d6701f1/crypto/provider_core.c#L2127-L2133 <https://github.com/openssl/openssl/blob/9c20f5db0feaddc4c9ea4c4b2b07e6d87d6701f1/crypto/provider_core.c#L2127-L2133>
> 
> -- 
> 
> Thomas Bailleux
> 
> Cryptography software engineer
> 
> thomas at sandboxaq.com <mailto:thomas at sandboxaq.com>
> 
> +33 6 47 04 61 58 | Paris, FRANCE
> 
>

More information about the openssl-users mailing list