Hello OpenSSL,
I'm currently writing a multi-threaded application using OpenSSL 3.1.
For some reason, I've decided to instantiate a `OSSL_LIB_CTX` per thread.
I'm also trying the provider API with oqs-provider, and I ran into an issue that is caused
by the fact that `core_obj_create` is called by `OSSL_PROVIDER_load` which itself is called by multiple threads running at the same time.
I described the bug in the following thread: https://github.com/open-quantum-safe/oqs-provider/issues/272
Basically, the oqs-provider init function registers some custom OIDs using the `core_obj_create` which makes a call to `OBJ_create`.
As described in the BUGS section of the `OBJ_create` man page[1] of OpenSSL 3.0, `OBJ_create` used to be non thread-safe.
As described in the BUGS section of the `OBJ_create` man page[1] of OpenSSL 3.0, `OBJ_create` used to be non thread-safe.
However, in OpenSSL 3.1[2], it is thread safe:
These functions were not thread safe in OpenSSL 3.0 and before.
So I think there is a race condition in `core_obj_create`[3] function: the function checks if the OID already exists, if so it returns OK (1), otherwise it makes a call to `OBJ_create`. The TOCTOU is happening between these two statements basically.
What do you suggest to mitigate this issue?
Regards,
- thomas
--
Thomas Bailleux
Cryptography software engineer
+33 6 47 04 61 58 | Paris, FRANCE
