Re: `core_obj_create` and multi-threaded applications

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

It mostly seems to cause an inconsistency in that sometimes core_obj_create returns 1 if the OID already exists and sometimes it returns 0.
Really core_obj_create should be a thin wrapper around OBJ_create. It probably shouldn't do the initial check at all and just call OBJ_create - which would make it always consistent, i.e. return 0 if it already exists.
oqsprovider probably needs to be tolerant of this failure condition, i.e. it doesn't care if it already exists - so ignore a 0 return. 

Matt

On 05/10/2023 08:39, Thomas Bailleux wrote:

Hello OpenSSL,

I'm currently writing a multi-threaded application using OpenSSL 3.1.
For some reason, I've decided to instantiate a `OSSL_LIB_CTX` per thread.
I'm also trying the provider API with oqs-provider, and I ran into an issue that is caused by the fact that `core_obj_create` is called by `OSSL_PROVIDER_load` which itself is called by multiple threads running at the same time.
I described the bug in the following thread: https://github.com/open-quantum-safe/oqs-provider/issues/272 <https://github.com/open-quantum-safe/oqs-provider/issues/272>
Basically, the oqs-provider init function registers some custom OIDs using the `core_obj_create` which makes a call to `OBJ_create`.
As described in the BUGS section of the `OBJ_create` man page[1] of *OpenSSL 3.0*, `OBJ_create` used to be non thread-safe. 
However, in *OpenSSL 3.1*[2], it is thread safe:

    These functions were not thread safe in OpenSSL 3.0 and before.
So I think there is a race condition in `core_obj_create`[3] function: the function checks if the OID already exists, if so it returns OK (1), otherwise it makes a call to `OBJ_create`. The TOCTOU is happening between these two statements basically. 

What do you suggest to mitigate this issue?

Regards,

- thomas
[1]: https://www.openssl.org/docs/man3.0/man3/OBJ_create.html <https://www.openssl.org/docs/man3.0/man3/OBJ_create.html> [2]: https://www.openssl.org/docs/man3.1/man3/OBJ_create.html <https://www.openssl.org/docs/man3.1/man3/OBJ_create.html> [3]: https://github.com/openssl/openssl/blob/9c20f5db0feaddc4c9ea4c4b2b07e6d87d6701f1/crypto/provider_core.c#L2127-L2133 <https://github.com/openssl/openssl/blob/9c20f5db0feaddc4c9ea4c4b2b07e6d87d6701f1/crypto/provider_core.c#L2127-L2133> 

--

Thomas Bailleux

Cryptography software engineer

thomas@xxxxxxxxxxxxx <mailto:thomas@xxxxxxxxxxxxx>

+33 6 47 04 61 58 | Paris, FRANCE
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux