1 /*
2 * Copyright 2016-2025 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 /*
11 * The test_multi_downgrade_shared_pkey function tests the thread safety of a
12 * deprecated function.
13 */
14 #ifndef OPENSSL_NO_DEPRECATED_3_0
15 #define OPENSSL_SUPPRESS_DEPRECATED
16 #endif
17
18 #if defined(_WIN32)
19 #include <windows.h>
20 #endif
21
22 #include <string.h>
23 #include <openssl/crypto.h>
24 #include <openssl/rsa.h>
25 #include <openssl/aes.h>
26 #include <openssl/err.h>
27 #include <openssl/rand.h>
28 #include <openssl/pem.h>
29 #include <openssl/evp.h>
30 #include "internal/tsan_assist.h"
31 #include "internal/nelem.h"
32 #include "internal/time.h"
33 #include "internal/rcu.h"
34 #include "testutil.h"
35 #include "threadstest.h"
36
37 #ifdef __SANITIZE_THREAD__
38 #include <sanitizer/tsan_interface.h>
39 #define TSAN_ACQUIRE(s) __tsan_acquire(s)
40 #else
41 #define TSAN_ACQUIRE(s)
42 #endif
43
44 /* Limit the maximum number of threads */
45 #define MAXIMUM_THREADS 10
46
47 /* Limit the maximum number of providers loaded into a library context */
48 #define MAXIMUM_PROVIDERS 4
49
50 static int do_fips = 0;
51 static char *privkey;
52 static char *storedir;
53 static char *config_file = NULL;
54 static int multidefault_run = 0;
55
56 static const char *default_provider[] = { "default", NULL };
57 static const char *fips_provider[] = { "fips", NULL };
58 static const char *fips_and_default_providers[] = { "default", "fips", NULL };
59
60 static CRYPTO_RWLOCK *global_lock;
61
62 #ifdef TSAN_REQUIRES_LOCKING
63 static CRYPTO_RWLOCK *tsan_lock;
64 #endif
65
66 /* Grab a globally unique integer value, return 0 on failure */
get_new_uid(void)67 static int get_new_uid(void)
68 {
69 /*
70 * Start with a nice large number to avoid potential conflicts when
71 * we generate a new OID.
72 */
73 static TSAN_QUALIFIER int current_uid = 1 << (sizeof(int) * 8 - 2);
74 #ifdef TSAN_REQUIRES_LOCKING
75 int r;
76
77 if (!TEST_true(CRYPTO_THREAD_write_lock(tsan_lock)))
78 return 0;
79 r = ++current_uid;
80 if (!TEST_true(CRYPTO_THREAD_unlock(tsan_lock)))
81 return 0;
82 return r;
83
84 #else
85 return tsan_counter(¤t_uid);
86 #endif
87 }
88
test_lock(void)89 static int test_lock(void)
90 {
91 CRYPTO_RWLOCK *lock = CRYPTO_THREAD_lock_new();
92 int res;
93
94 if (!TEST_ptr(lock))
95 return 0;
96
97 res = TEST_true(CRYPTO_THREAD_read_lock(lock))
98 && TEST_true(CRYPTO_THREAD_unlock(lock))
99 && TEST_true(CRYPTO_THREAD_write_lock(lock))
100 && TEST_true(CRYPTO_THREAD_unlock(lock));
101
102 CRYPTO_THREAD_lock_free(lock);
103
104 return res;
105 }
106
107 #if defined(OPENSSL_THREADS)
108 static int contention = 0;
109 static int rwwriter1_done = 0;
110 static int rwwriter2_done = 0;
111 static int rwreader1_iterations = 0;
112 static int rwreader2_iterations = 0;
113 static int rwwriter1_iterations = 0;
114 static int rwwriter2_iterations = 0;
115 static int *rwwriter_ptr = NULL;
116 static int rw_torture_result = 1;
117 static CRYPTO_RWLOCK *rwtorturelock = NULL;
118 static CRYPTO_RWLOCK *atomiclock = NULL;
119
rwwriter_fn(int id,int * iterations)120 static void rwwriter_fn(int id, int *iterations)
121 {
122 int count;
123 int *old, *new;
124 OSSL_TIME t1, t2;
125 t1 = ossl_time_now();
126
127 for (count = 0;; count++) {
128 new = CRYPTO_zalloc(sizeof(int), NULL, 0);
129 if (contention == 0)
130 OSSL_sleep(1000);
131 if (!CRYPTO_THREAD_write_lock(rwtorturelock))
132 abort();
133 if (rwwriter_ptr != NULL) {
134 *new = *rwwriter_ptr + 1;
135 } else {
136 *new = 0;
137 }
138 old = rwwriter_ptr;
139 rwwriter_ptr = new;
140 if (!CRYPTO_THREAD_unlock(rwtorturelock))
141 abort();
142 if (old != NULL)
143 CRYPTO_free(old, __FILE__, __LINE__);
144 t2 = ossl_time_now();
145 if ((ossl_time2seconds(t2) - ossl_time2seconds(t1)) >= 4)
146 break;
147 }
148 *iterations = count;
149 return;
150 }
151
rwwriter1_fn(void)152 static void rwwriter1_fn(void)
153 {
154 int local;
155
156 TEST_info("Starting writer1");
157 rwwriter_fn(1, &rwwriter1_iterations);
158 CRYPTO_atomic_add(&rwwriter1_done, 1, &local, atomiclock);
159 }
160
rwwriter2_fn(void)161 static void rwwriter2_fn(void)
162 {
163 int local;
164
165 TEST_info("Starting writer 2");
166 rwwriter_fn(2, &rwwriter2_iterations);
167 CRYPTO_atomic_add(&rwwriter2_done, 1, &local, atomiclock);
168 }
169
rwreader_fn(int * iterations)170 static void rwreader_fn(int *iterations)
171 {
172 unsigned int count = 0;
173
174 int old = 0;
175 int lw1 = 0;
176 int lw2 = 0;
177
178 if (CRYPTO_THREAD_read_lock(rwtorturelock) == 0)
179 abort();
180
181 while (lw1 != 1 || lw2 != 1) {
182 CRYPTO_atomic_add(&rwwriter1_done, 0, &lw1, atomiclock);
183 CRYPTO_atomic_add(&rwwriter2_done, 0, &lw2, atomiclock);
184
185 count++;
186 if (rwwriter_ptr != NULL) {
187 if (old > *rwwriter_ptr) {
188 TEST_info("rwwriter pointer went backwards! %d : %d\n",
189 old, *rwwriter_ptr);
190 rw_torture_result = 0;
191 }
192 old = *rwwriter_ptr;
193 }
194 if (CRYPTO_THREAD_unlock(rwtorturelock) == 0)
195 abort();
196 if (rw_torture_result == 0) {
197 *iterations = count;
198 return;
199 }
200 if (CRYPTO_THREAD_read_lock(rwtorturelock) == 0)
201 abort();
202 }
203 *iterations = count;
204 if (CRYPTO_THREAD_unlock(rwtorturelock) == 0)
205 abort();
206 }
207
rwreader1_fn(void)208 static void rwreader1_fn(void)
209 {
210 TEST_info("Starting reader 1");
211 rwreader_fn(&rwreader1_iterations);
212 }
213
rwreader2_fn(void)214 static void rwreader2_fn(void)
215 {
216 TEST_info("Starting reader 2");
217 rwreader_fn(&rwreader2_iterations);
218 }
219
220 static thread_t rwwriter1;
221 static thread_t rwwriter2;
222 static thread_t rwreader1;
223 static thread_t rwreader2;
224
_torture_rw(void)225 static int _torture_rw(void)
226 {
227 double tottime = 0;
228 int ret = 0;
229 double avr, avw;
230 OSSL_TIME t1, t2;
231 struct timeval dtime;
232
233 rwtorturelock = CRYPTO_THREAD_lock_new();
234 atomiclock = CRYPTO_THREAD_lock_new();
235 if (!TEST_ptr(rwtorturelock) || !TEST_ptr(atomiclock))
236 goto out;
237
238 rwwriter1_iterations = 0;
239 rwwriter2_iterations = 0;
240 rwreader1_iterations = 0;
241 rwreader2_iterations = 0;
242 rwwriter1_done = 0;
243 rwwriter2_done = 0;
244 rw_torture_result = 1;
245
246 memset(&rwwriter1, 0, sizeof(thread_t));
247 memset(&rwwriter2, 0, sizeof(thread_t));
248 memset(&rwreader1, 0, sizeof(thread_t));
249 memset(&rwreader2, 0, sizeof(thread_t));
250
251 TEST_info("Staring rw torture");
252 t1 = ossl_time_now();
253 if (!TEST_true(run_thread(&rwreader1, rwreader1_fn))
254 || !TEST_true(run_thread(&rwreader2, rwreader2_fn))
255 || !TEST_true(run_thread(&rwwriter1, rwwriter1_fn))
256 || !TEST_true(run_thread(&rwwriter2, rwwriter2_fn))
257 || !TEST_true(wait_for_thread(rwwriter1))
258 || !TEST_true(wait_for_thread(rwwriter2))
259 || !TEST_true(wait_for_thread(rwreader1))
260 || !TEST_true(wait_for_thread(rwreader2)))
261 goto out;
262
263 t2 = ossl_time_now();
264 dtime = ossl_time_to_timeval(ossl_time_subtract(t2, t1));
265 tottime = dtime.tv_sec + (dtime.tv_usec / 1e6);
266 TEST_info("rw_torture_result is %d\n", rw_torture_result);
267 TEST_info("performed %d reads and %d writes over 2 read and 2 write threads in %e seconds",
268 rwreader1_iterations + rwreader2_iterations,
269 rwwriter1_iterations + rwwriter2_iterations, tottime);
270 if ((rwreader1_iterations + rwreader2_iterations == 0)
271 || (rwwriter1_iterations + rwwriter2_iterations == 0)) {
272 TEST_info("Threads did not iterate\n");
273 goto out;
274 }
275 avr = tottime / (rwreader1_iterations + rwreader2_iterations);
276 avw = (tottime / (rwwriter1_iterations + rwwriter2_iterations));
277 TEST_info("Average read time %e/read", avr);
278 TEST_info("Averate write time %e/write", avw);
279
280 if (TEST_int_eq(rw_torture_result, 1))
281 ret = 1;
282 out:
283 CRYPTO_THREAD_lock_free(rwtorturelock);
284 CRYPTO_THREAD_lock_free(atomiclock);
285 rwtorturelock = NULL;
286 return ret;
287 }
288
torture_rw_low(void)289 static int torture_rw_low(void)
290 {
291 contention = 0;
292 return _torture_rw();
293 }
294
torture_rw_high(void)295 static int torture_rw_high(void)
296 {
297 contention = 1;
298 return _torture_rw();
299 }
300
301 static CRYPTO_RCU_LOCK *rcu_lock = NULL;
302
303 static int writer1_done = 0;
304 static int writer2_done = 0;
305 static int reader1_iterations = 0;
306 static int reader2_iterations = 0;
307 static int writer1_iterations = 0;
308 static int writer2_iterations = 0;
309 static uint64_t *writer_ptr = NULL;
310 static uint64_t global_ctr = 0;
311 static int rcu_torture_result = 1;
free_old_rcu_data(void * data)312 static void free_old_rcu_data(void *data)
313 {
314 CRYPTO_free(data, NULL, 0);
315 }
316
writer_fn(int id,int * iterations)317 static void writer_fn(int id, int *iterations)
318 {
319 int count;
320 OSSL_TIME t1, t2;
321 uint64_t *old, *new;
322
323 t1 = ossl_time_now();
324
325 for (count = 0;; count++) {
326 new = CRYPTO_malloc(sizeof(uint64_t), NULL, 0);
327 *new = (uint64_t)0xBAD;
328 if (contention == 0)
329 OSSL_sleep(1000);
330 ossl_rcu_write_lock(rcu_lock);
331 old = ossl_rcu_deref(&writer_ptr);
332 TSAN_ACQUIRE(&writer_ptr);
333 *new = global_ctr++;
334 ossl_rcu_assign_ptr(&writer_ptr, &new);
335 if (contention == 0)
336 ossl_rcu_call(rcu_lock, free_old_rcu_data, old);
337 ossl_rcu_write_unlock(rcu_lock);
338 if (contention != 0) {
339 ossl_synchronize_rcu(rcu_lock);
340 CRYPTO_free(old, NULL, 0);
341 }
342 t2 = ossl_time_now();
343 if ((ossl_time2seconds(t2) - ossl_time2seconds(t1)) >= 4)
344 break;
345 }
346 *iterations = count;
347 return;
348 }
349
writer1_fn(void)350 static void writer1_fn(void)
351 {
352 int local;
353
354 TEST_info("Starting writer1");
355 writer_fn(1, &writer1_iterations);
356 CRYPTO_atomic_add(&writer1_done, 1, &local, atomiclock);
357 }
358
writer2_fn(void)359 static void writer2_fn(void)
360 {
361 int local;
362
363 TEST_info("Starting writer2");
364 writer_fn(2, &writer2_iterations);
365 CRYPTO_atomic_add(&writer2_done, 1, &local, atomiclock);
366 }
367
reader_fn(int * iterations)368 static void reader_fn(int *iterations)
369 {
370 unsigned int count = 0;
371 uint64_t *valp;
372 uint64_t val;
373 uint64_t oldval = 0;
374 int lw1 = 0;
375 int lw2 = 0;
376
377 while (lw1 != 1 || lw2 != 1) {
378 CRYPTO_atomic_add(&writer1_done, 0, &lw1, atomiclock);
379 CRYPTO_atomic_add(&writer2_done, 0, &lw2, atomiclock);
380 count++;
381 ossl_rcu_read_lock(rcu_lock);
382 valp = ossl_rcu_deref(&writer_ptr);
383 val = (valp == NULL) ? 0 : *valp;
384
385 if (oldval > val) {
386 TEST_info("rcu torture value went backwards! %llu : %llu", (unsigned long long)oldval, (unsigned long long)val);
387 if (valp == NULL)
388 TEST_info("ossl_rcu_deref did return NULL!");
389 rcu_torture_result = 0;
390 }
391 oldval = val; /* just try to deref the pointer */
392 ossl_rcu_read_unlock(rcu_lock);
393 if (rcu_torture_result == 0) {
394 *iterations = count;
395 return;
396 }
397 }
398 *iterations = count;
399 }
400
reader1_fn(void)401 static void reader1_fn(void)
402 {
403 TEST_info("Starting reader 1");
404 reader_fn(&reader1_iterations);
405 }
406
reader2_fn(void)407 static void reader2_fn(void)
408 {
409 TEST_info("Starting reader 2");
410 reader_fn(&reader2_iterations);
411 }
412
413 static thread_t writer1;
414 static thread_t writer2;
415 static thread_t reader1;
416 static thread_t reader2;
417
_torture_rcu(void)418 static int _torture_rcu(void)
419 {
420 OSSL_TIME t1, t2;
421 struct timeval dtime;
422 double tottime;
423 double avr, avw;
424 int rc = 0;
425
426 atomiclock = CRYPTO_THREAD_lock_new();
427 if (!TEST_ptr(atomiclock))
428 goto out;
429
430 memset(&writer1, 0, sizeof(thread_t));
431 memset(&writer2, 0, sizeof(thread_t));
432 memset(&reader1, 0, sizeof(thread_t));
433 memset(&reader2, 0, sizeof(thread_t));
434
435 writer1_iterations = 0;
436 writer2_iterations = 0;
437 reader1_iterations = 0;
438 reader2_iterations = 0;
439 writer1_done = 0;
440 writer2_done = 0;
441 rcu_torture_result = 1;
442
443 rcu_lock = ossl_rcu_lock_new(contention == 2 ? 4 : 1, NULL);
444 if (rcu_lock == NULL)
445 goto out;
446
447 TEST_info("Staring rcu torture");
448 t1 = ossl_time_now();
449 if (!TEST_true(run_thread(&reader1, reader1_fn))
450 || !TEST_true(run_thread(&reader2, reader2_fn))
451 || !TEST_true(run_thread(&writer1, writer1_fn))
452 || !TEST_true(run_thread(&writer2, writer2_fn))
453 || !TEST_true(wait_for_thread(writer1))
454 || !TEST_true(wait_for_thread(writer2))
455 || !TEST_true(wait_for_thread(reader1))
456 || !TEST_true(wait_for_thread(reader2)))
457 goto out;
458
459 t2 = ossl_time_now();
460 dtime = ossl_time_to_timeval(ossl_time_subtract(t2, t1));
461 tottime = dtime.tv_sec + (dtime.tv_usec / 1e6);
462 TEST_info("rcu_torture_result is %d\n", rcu_torture_result);
463 TEST_info("performed %d reads and %d writes over 2 read and 2 write threads in %e seconds",
464 reader1_iterations + reader2_iterations,
465 writer1_iterations + writer2_iterations, tottime);
466 if ((reader1_iterations + reader2_iterations == 0)
467 || (writer1_iterations + writer2_iterations == 0)) {
468 TEST_info("Threads did not iterate\n");
469 goto out;
470 }
471 avr = tottime / (reader1_iterations + reader2_iterations);
472 avw = tottime / (writer1_iterations + writer2_iterations);
473 TEST_info("Average read time %e/read", avr);
474 TEST_info("Average write time %e/write", avw);
475
476 if (!TEST_int_eq(rcu_torture_result, 1))
477 goto out;
478
479 rc = 1;
480 out:
481 ossl_rcu_lock_free(rcu_lock);
482 CRYPTO_THREAD_lock_free(atomiclock);
483 if (!TEST_int_eq(rcu_torture_result, 1))
484 return 0;
485
486 return rc;
487 }
488
torture_rcu_low(void)489 static int torture_rcu_low(void)
490 {
491 contention = 0;
492 return _torture_rcu();
493 }
494
torture_rcu_high(void)495 static int torture_rcu_high(void)
496 {
497 contention = 1;
498 return _torture_rcu();
499 }
500
torture_rcu_high2(void)501 static int torture_rcu_high2(void)
502 {
503 contention = 2;
504 return _torture_rcu();
505 }
506 #endif
507
508 static CRYPTO_ONCE once_run = CRYPTO_ONCE_STATIC_INIT;
509 static unsigned once_run_count = 0;
510
once_do_run(void)511 static void once_do_run(void)
512 {
513 once_run_count++;
514 }
515
once_run_thread_cb(void)516 static void once_run_thread_cb(void)
517 {
518 CRYPTO_THREAD_run_once(&once_run, once_do_run);
519 }
520
test_once(void)521 static int test_once(void)
522 {
523 thread_t thread;
524
525 if (!TEST_true(run_thread(&thread, once_run_thread_cb))
526 || !TEST_true(wait_for_thread(thread))
527 || !CRYPTO_THREAD_run_once(&once_run, once_do_run)
528 || !TEST_int_eq(once_run_count, 1))
529 return 0;
530 return 1;
531 }
532
533 static CRYPTO_THREAD_LOCAL thread_local_key;
534 static unsigned destructor_run_count = 0;
535 static int thread_local_thread_cb_ok = 0;
536
thread_local_destructor(void * arg)537 static void thread_local_destructor(void *arg)
538 {
539 unsigned *count;
540
541 if (arg == NULL)
542 return;
543
544 count = arg;
545
546 (*count)++;
547 }
548
thread_local_thread_cb(void)549 static void thread_local_thread_cb(void)
550 {
551 void *ptr;
552
553 ptr = CRYPTO_THREAD_get_local(&thread_local_key);
554 if (!TEST_ptr_null(ptr)
555 || !TEST_true(CRYPTO_THREAD_set_local(&thread_local_key,
556 &destructor_run_count)))
557 return;
558
559 ptr = CRYPTO_THREAD_get_local(&thread_local_key);
560 if (!TEST_ptr_eq(ptr, &destructor_run_count))
561 return;
562
563 thread_local_thread_cb_ok = 1;
564 }
565
test_thread_local(void)566 static int test_thread_local(void)
567 {
568 thread_t thread;
569 void *ptr = NULL;
570
571 if (!TEST_true(CRYPTO_THREAD_init_local(&thread_local_key,
572 thread_local_destructor)))
573 return 0;
574
575 ptr = CRYPTO_THREAD_get_local(&thread_local_key);
576 if (!TEST_ptr_null(ptr)
577 || !TEST_true(run_thread(&thread, thread_local_thread_cb))
578 || !TEST_true(wait_for_thread(thread))
579 || !TEST_int_eq(thread_local_thread_cb_ok, 1))
580 return 0;
581
582 #if defined(OPENSSL_THREADS) && !defined(CRYPTO_TDEBUG)
583
584 ptr = CRYPTO_THREAD_get_local(&thread_local_key);
585 if (!TEST_ptr_null(ptr))
586 return 0;
587
588 #if !defined(OPENSSL_SYS_WINDOWS)
589 if (!TEST_int_eq(destructor_run_count, 1))
590 return 0;
591 #endif
592 #endif
593
594 if (!TEST_true(CRYPTO_THREAD_cleanup_local(&thread_local_key)))
595 return 0;
596 return 1;
597 }
598
599 /*
600 * Basic test to ensure that we can repeatedly create and
601 * destroy local keys without leaking anything
602 */
test_thread_local_multi_key(void)603 static int test_thread_local_multi_key(void)
604 {
605 int dummy;
606 int i;
607
608 for (i = 0; i < 1000; i++) {
609 if (!TEST_true(CRYPTO_THREAD_init_local(&thread_local_key,
610 thread_local_destructor)))
611 return 0;
612
613 if (!TEST_true(CRYPTO_THREAD_set_local(&thread_local_key, &dummy)))
614 return 0;
615
616 if (!TEST_true(CRYPTO_THREAD_cleanup_local(&thread_local_key)))
617 return 0;
618 }
619 return 1;
620 }
621
test_atomic(void)622 static int test_atomic(void)
623 {
624 int val = 0, ret = 0, testresult = 0;
625 uint64_t val64 = 1, ret64 = 0;
626 CRYPTO_RWLOCK *lock = CRYPTO_THREAD_lock_new();
627
628 if (!TEST_ptr(lock))
629 return 0;
630
631 if (CRYPTO_atomic_add(&val, 1, &ret, NULL)) {
632 /* This succeeds therefore we're on a platform with lockless atomics */
633 if (!TEST_int_eq(val, 1) || !TEST_int_eq(val, ret))
634 goto err;
635 } else {
636 /* This failed therefore we're on a platform without lockless atomics */
637 if (!TEST_int_eq(val, 0) || !TEST_int_eq(val, ret))
638 goto err;
639 }
640 val = 0;
641 ret = 0;
642
643 if (!TEST_true(CRYPTO_atomic_add(&val, 1, &ret, lock)))
644 goto err;
645 if (!TEST_int_eq(val, 1) || !TEST_int_eq(val, ret))
646 goto err;
647
648 if (CRYPTO_atomic_or(&val64, 2, &ret64, NULL)) {
649 /* This succeeds therefore we're on a platform with lockless atomics */
650 if (!TEST_uint_eq((unsigned int)val64, 3)
651 || !TEST_uint_eq((unsigned int)val64, (unsigned int)ret64))
652 goto err;
653 } else {
654 /* This failed therefore we're on a platform without lockless atomics */
655 if (!TEST_uint_eq((unsigned int)val64, 1)
656 || !TEST_int_eq((unsigned int)ret64, 0))
657 goto err;
658 }
659 val64 = 1;
660 ret64 = 0;
661
662 if (!TEST_true(CRYPTO_atomic_or(&val64, 2, &ret64, lock)))
663 goto err;
664
665 if (!TEST_uint_eq((unsigned int)val64, 3)
666 || !TEST_uint_eq((unsigned int)val64, (unsigned int)ret64))
667 goto err;
668
669 ret64 = 0;
670 if (CRYPTO_atomic_load(&val64, &ret64, NULL)) {
671 /* This succeeds therefore we're on a platform with lockless atomics */
672 if (!TEST_uint_eq((unsigned int)val64, 3)
673 || !TEST_uint_eq((unsigned int)val64, (unsigned int)ret64))
674 goto err;
675 } else {
676 /* This failed therefore we're on a platform without lockless atomics */
677 if (!TEST_uint_eq((unsigned int)val64, 3)
678 || !TEST_int_eq((unsigned int)ret64, 0))
679 goto err;
680 }
681
682 ret64 = 0;
683 if (!TEST_true(CRYPTO_atomic_load(&val64, &ret64, lock)))
684 goto err;
685
686 if (!TEST_uint_eq((unsigned int)val64, 3)
687 || !TEST_uint_eq((unsigned int)val64, (unsigned int)ret64))
688 goto err;
689
690 ret64 = 0;
691
692 if (CRYPTO_atomic_and(&val64, 5, &ret64, NULL)) {
693 /* This succeeds therefore we're on a platform with lockless atomics */
694 if (!TEST_uint_eq((unsigned int)val64, 1)
695 || !TEST_uint_eq((unsigned int)val64, (unsigned int)ret64))
696 goto err;
697 } else {
698 /* This failed therefore we're on a platform without lockless atomics */
699 if (!TEST_uint_eq((unsigned int)val64, 3)
700 || !TEST_int_eq((unsigned int)ret64, 0))
701 goto err;
702 }
703 val64 = 3;
704 ret64 = 0;
705
706 if (!TEST_true(CRYPTO_atomic_and(&val64, 5, &ret64, lock)))
707 goto err;
708
709 if (!TEST_uint_eq((unsigned int)val64, 1)
710 || !TEST_uint_eq((unsigned int)val64, (unsigned int)ret64))
711 goto err;
712
713 ret64 = 0;
714
715 if (CRYPTO_atomic_add64(&val64, 2, &ret64, NULL)) {
716 /* This succeeds therefore we're on a platform with lockless atomics */
717 if (!TEST_uint_eq((unsigned int)val64, 3)
718 || !TEST_uint_eq((unsigned int)val64, (unsigned int)ret64))
719 goto err;
720 } else {
721 /* This failed therefore we're on a platform without lockless atomics */
722 if (!TEST_uint_eq((unsigned int)val64, 1)
723 || !TEST_int_eq((unsigned int)ret64, 0))
724 goto err;
725 }
726 val64 = 1;
727 ret64 = 0;
728
729 if (!TEST_true(CRYPTO_atomic_add64(&val64, 2, &ret64, lock)))
730 goto err;
731
732 if (!TEST_uint_eq((unsigned int)val64, 3)
733 || !TEST_uint_eq((unsigned int)val64, (unsigned int)ret64))
734 goto err;
735
736 testresult = 1;
737 err:
738 CRYPTO_THREAD_lock_free(lock);
739 return testresult;
740 }
741
742 static OSSL_LIB_CTX *multi_libctx = NULL;
743 static int multi_success;
744 static OSSL_PROVIDER *multi_provider[MAXIMUM_PROVIDERS + 1];
745 static size_t multi_num_threads;
746 static thread_t multi_threads[MAXIMUM_THREADS];
747
multi_intialise(void)748 static void multi_intialise(void)
749 {
750 multi_success = 1;
751 multi_libctx = NULL;
752 multi_num_threads = 0;
753 memset(multi_threads, 0, sizeof(multi_threads));
754 memset(multi_provider, 0, sizeof(multi_provider));
755 }
756
multi_set_success(int ok)757 static void multi_set_success(int ok)
758 {
759 if (CRYPTO_THREAD_write_lock(global_lock) == 0) {
760 /* not synchronized, but better than not reporting failure */
761 multi_success = ok;
762 return;
763 }
764
765 multi_success = ok;
766
767 CRYPTO_THREAD_unlock(global_lock);
768 }
769
thead_teardown_libctx(void)770 static void thead_teardown_libctx(void)
771 {
772 OSSL_PROVIDER **p;
773
774 for (p = multi_provider; *p != NULL; p++)
775 OSSL_PROVIDER_unload(*p);
776 OSSL_LIB_CTX_free(multi_libctx);
777 multi_intialise();
778 }
779
thread_setup_libctx(int libctx,const char * providers[])780 static int thread_setup_libctx(int libctx, const char *providers[])
781 {
782 size_t n;
783
784 if (libctx && !TEST_true(test_get_libctx(&multi_libctx, NULL, config_file, NULL, NULL)))
785 return 0;
786
787 if (providers != NULL)
788 for (n = 0; providers[n] != NULL; n++)
789 if (!TEST_size_t_lt(n, MAXIMUM_PROVIDERS)
790 || !TEST_ptr(multi_provider[n] = OSSL_PROVIDER_load(multi_libctx,
791 providers[n]))) {
792 thead_teardown_libctx();
793 return 0;
794 }
795 return 1;
796 }
797
teardown_threads(void)798 static int teardown_threads(void)
799 {
800 size_t i;
801
802 for (i = 0; i < multi_num_threads; i++)
803 if (!TEST_true(wait_for_thread(multi_threads[i])))
804 return 0;
805 return 1;
806 }
807
start_threads(size_t n,void (* thread_func)(void))808 static int start_threads(size_t n, void (*thread_func)(void))
809 {
810 size_t i;
811
812 if (!TEST_size_t_le(multi_num_threads + n, MAXIMUM_THREADS))
813 return 0;
814
815 for (i = 0; i < n; i++)
816 if (!TEST_true(run_thread(multi_threads + multi_num_threads++, thread_func)))
817 return 0;
818 return 1;
819 }
820
821 /* Template multi-threaded test function */
thread_run_test(void (* main_func)(void),size_t num_threads,void (* thread_func)(void),int libctx,const char * providers[])822 static int thread_run_test(void (*main_func)(void),
823 size_t num_threads, void (*thread_func)(void),
824 int libctx, const char *providers[])
825 {
826 int testresult = 0;
827
828 multi_intialise();
829 if (!thread_setup_libctx(libctx, providers)
830 || !start_threads(num_threads, thread_func))
831 goto err;
832
833 if (main_func != NULL)
834 main_func();
835
836 if (!teardown_threads()
837 || !TEST_true(multi_success))
838 goto err;
839 testresult = 1;
840 err:
841 thead_teardown_libctx();
842 return testresult;
843 }
844
thread_general_worker(void)845 static void thread_general_worker(void)
846 {
847 EVP_MD_CTX *mdctx = EVP_MD_CTX_new();
848 EVP_MD *md = EVP_MD_fetch(multi_libctx, "SHA2-256", NULL);
849 EVP_CIPHER_CTX *cipherctx = EVP_CIPHER_CTX_new();
850 EVP_CIPHER *ciph = EVP_CIPHER_fetch(multi_libctx, "AES-128-CBC", NULL);
851 const char *message = "Hello World";
852 size_t messlen = strlen(message);
853 /* Should be big enough for encryption output too */
854 unsigned char out[EVP_MAX_MD_SIZE];
855 const unsigned char key[AES_BLOCK_SIZE] = {
856 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
857 0x0c, 0x0d, 0x0e, 0x0f
858 };
859 const unsigned char iv[AES_BLOCK_SIZE] = {
860 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
861 0x0c, 0x0d, 0x0e, 0x0f
862 };
863 unsigned int mdoutl;
864 int ciphoutl;
865 EVP_PKEY *pkey = NULL;
866 int testresult = 0;
867 int i, isfips;
868
869 isfips = OSSL_PROVIDER_available(multi_libctx, "fips");
870
871 if (!TEST_ptr(mdctx)
872 || !TEST_ptr(md)
873 || !TEST_ptr(cipherctx)
874 || !TEST_ptr(ciph))
875 goto err;
876
877 /* Do some work */
878 for (i = 0; i < 5; i++) {
879 if (!TEST_true(EVP_DigestInit_ex(mdctx, md, NULL))
880 || !TEST_true(EVP_DigestUpdate(mdctx, message, messlen))
881 || !TEST_true(EVP_DigestFinal(mdctx, out, &mdoutl)))
882 goto err;
883 }
884 for (i = 0; i < 5; i++) {
885 if (!TEST_true(EVP_EncryptInit_ex(cipherctx, ciph, NULL, key, iv))
886 || !TEST_true(EVP_EncryptUpdate(cipherctx, out, &ciphoutl,
887 (unsigned char *)message,
888 messlen))
889 || !TEST_true(EVP_EncryptFinal(cipherctx, out, &ciphoutl)))
890 goto err;
891 }
892
893 /*
894 * We want the test to run quickly - not securely.
895 * Therefore we use an insecure bit length where we can (512).
896 * In the FIPS module though we must use a longer length.
897 */
898 pkey = EVP_PKEY_Q_keygen(multi_libctx, NULL, "RSA", (size_t)(isfips ? 2048 : 512));
899 if (!TEST_ptr(pkey))
900 goto err;
901
902 testresult = 1;
903 err:
904 EVP_MD_CTX_free(mdctx);
905 EVP_MD_free(md);
906 EVP_CIPHER_CTX_free(cipherctx);
907 EVP_CIPHER_free(ciph);
908 EVP_PKEY_free(pkey);
909 if (!testresult)
910 multi_set_success(0);
911 }
912
thread_multi_simple_fetch(void)913 static void thread_multi_simple_fetch(void)
914 {
915 EVP_MD *md = EVP_MD_fetch(multi_libctx, "SHA2-256", NULL);
916
917 if (md != NULL)
918 EVP_MD_free(md);
919 else
920 multi_set_success(0);
921 }
922
923 static EVP_PKEY *shared_evp_pkey = NULL;
924
thread_shared_evp_pkey(void)925 static void thread_shared_evp_pkey(void)
926 {
927 char *msg = "Hello World";
928 unsigned char ctbuf[256];
929 unsigned char ptbuf[256];
930 size_t ptlen, ctlen = sizeof(ctbuf);
931 EVP_PKEY_CTX *ctx = NULL;
932 int success = 0;
933 int i;
934
935 for (i = 0; i < 1 + do_fips; i++) {
936 if (i > 0)
937 EVP_PKEY_CTX_free(ctx);
938 ctx = EVP_PKEY_CTX_new_from_pkey(multi_libctx, shared_evp_pkey,
939 i == 0 ? "provider=default"
940 : "provider=fips");
941 if (!TEST_ptr(ctx))
942 goto err;
943
944 if (!TEST_int_ge(EVP_PKEY_encrypt_init(ctx), 0)
945 || !TEST_int_ge(EVP_PKEY_encrypt(ctx, ctbuf, &ctlen,
946 (unsigned char *)msg, strlen(msg)),
947 0))
948 goto err;
949
950 EVP_PKEY_CTX_free(ctx);
951 ctx = EVP_PKEY_CTX_new_from_pkey(multi_libctx, shared_evp_pkey, NULL);
952
953 if (!TEST_ptr(ctx))
954 goto err;
955
956 ptlen = sizeof(ptbuf);
957 if (!TEST_int_ge(EVP_PKEY_decrypt_init(ctx), 0)
958 || !TEST_int_gt(EVP_PKEY_decrypt(ctx, ptbuf, &ptlen, ctbuf, ctlen),
959 0)
960 || !TEST_mem_eq(msg, strlen(msg), ptbuf, ptlen))
961 goto err;
962 }
963
964 success = 1;
965
966 err:
967 EVP_PKEY_CTX_free(ctx);
968 if (!success)
969 multi_set_success(0);
970 }
971
thread_provider_load_unload(void)972 static void thread_provider_load_unload(void)
973 {
974 OSSL_PROVIDER *deflt = OSSL_PROVIDER_load(multi_libctx, "default");
975
976 if (!TEST_ptr(deflt)
977 || !TEST_true(OSSL_PROVIDER_available(multi_libctx, "default")))
978 multi_set_success(0);
979
980 OSSL_PROVIDER_unload(deflt);
981 }
982
test_multi_general_worker_default_provider(void)983 static int test_multi_general_worker_default_provider(void)
984 {
985 return thread_run_test(&thread_general_worker, 2, &thread_general_worker,
986 1, default_provider);
987 }
988
test_multi_general_worker_fips_provider(void)989 static int test_multi_general_worker_fips_provider(void)
990 {
991 if (!do_fips)
992 return TEST_skip("FIPS not supported");
993 return thread_run_test(&thread_general_worker, 2, &thread_general_worker,
994 1, fips_provider);
995 }
996
test_multi_fetch_worker(void)997 static int test_multi_fetch_worker(void)
998 {
999 return thread_run_test(&thread_multi_simple_fetch,
1000 2, &thread_multi_simple_fetch, 1, default_provider);
1001 }
1002
test_multi_shared_pkey_common(void (* worker)(void))1003 static int test_multi_shared_pkey_common(void (*worker)(void))
1004 {
1005 int testresult = 0;
1006
1007 multi_intialise();
1008 if (!thread_setup_libctx(1, do_fips ? fips_and_default_providers : default_provider)
1009 || !TEST_ptr(shared_evp_pkey = load_pkey_pem(privkey, multi_libctx))
1010 || !start_threads(1, &thread_shared_evp_pkey)
1011 || !start_threads(1, worker))
1012 goto err;
1013
1014 thread_shared_evp_pkey();
1015
1016 if (!teardown_threads()
1017 || !TEST_true(multi_success))
1018 goto err;
1019 testresult = 1;
1020 err:
1021 EVP_PKEY_free(shared_evp_pkey);
1022 thead_teardown_libctx();
1023 return testresult;
1024 }
1025
1026 #ifndef OPENSSL_NO_DEPRECATED_3_0
thread_downgrade_shared_evp_pkey(void)1027 static void thread_downgrade_shared_evp_pkey(void)
1028 {
1029 /*
1030 * This test is only relevant for deprecated functions that perform
1031 * downgrading
1032 */
1033 if (EVP_PKEY_get0_RSA(shared_evp_pkey) == NULL)
1034 multi_set_success(0);
1035 }
1036
test_multi_downgrade_shared_pkey(void)1037 static int test_multi_downgrade_shared_pkey(void)
1038 {
1039 return test_multi_shared_pkey_common(&thread_downgrade_shared_evp_pkey);
1040 }
1041 #endif
1042
test_multi_shared_pkey(void)1043 static int test_multi_shared_pkey(void)
1044 {
1045 return test_multi_shared_pkey_common(&thread_shared_evp_pkey);
1046 }
1047
thread_release_shared_pkey(void)1048 static void thread_release_shared_pkey(void)
1049 {
1050 OSSL_sleep(0);
1051 EVP_PKEY_free(shared_evp_pkey);
1052 }
1053
test_multi_shared_pkey_release(void)1054 static int test_multi_shared_pkey_release(void)
1055 {
1056 int testresult = 0;
1057 size_t i = 1;
1058
1059 multi_intialise();
1060 shared_evp_pkey = NULL;
1061 if (!thread_setup_libctx(1, do_fips ? fips_and_default_providers : default_provider)
1062 || !TEST_ptr(shared_evp_pkey = load_pkey_pem(privkey, multi_libctx)))
1063 goto err;
1064 for (; i < 10; ++i) {
1065 if (!TEST_true(EVP_PKEY_up_ref(shared_evp_pkey)))
1066 goto err;
1067 }
1068
1069 if (!start_threads(10, &thread_release_shared_pkey))
1070 goto err;
1071 i = 0;
1072
1073 if (!teardown_threads()
1074 || !TEST_true(multi_success))
1075 goto err;
1076 testresult = 1;
1077 err:
1078 while (i > 0) {
1079 EVP_PKEY_free(shared_evp_pkey);
1080 --i;
1081 }
1082 thead_teardown_libctx();
1083 return testresult;
1084 }
1085
test_multi_load_unload_provider(void)1086 static int test_multi_load_unload_provider(void)
1087 {
1088 EVP_MD *sha256 = NULL;
1089 OSSL_PROVIDER *prov = NULL;
1090 int testresult = 0;
1091
1092 multi_intialise();
1093 if (!thread_setup_libctx(1, NULL)
1094 || !TEST_ptr(prov = OSSL_PROVIDER_load(multi_libctx, "default"))
1095 || !TEST_ptr(sha256 = EVP_MD_fetch(multi_libctx, "SHA2-256", NULL))
1096 || !TEST_true(OSSL_PROVIDER_unload(prov)))
1097 goto err;
1098 prov = NULL;
1099
1100 if (!start_threads(2, &thread_provider_load_unload))
1101 goto err;
1102
1103 thread_provider_load_unload();
1104
1105 if (!teardown_threads()
1106 || !TEST_true(multi_success))
1107 goto err;
1108 testresult = 1;
1109 err:
1110 OSSL_PROVIDER_unload(prov);
1111 EVP_MD_free(sha256);
1112 thead_teardown_libctx();
1113 return testresult;
1114 }
1115
1116 static char *multi_load_provider = "legacy";
1117 /*
1118 * This test attempts to load several providers at the same time, and if
1119 * run with a thread sanitizer, should crash if the core provider code
1120 * doesn't synchronize well enough.
1121 */
test_multi_load_worker(void)1122 static void test_multi_load_worker(void)
1123 {
1124 OSSL_PROVIDER *prov;
1125
1126 if (!TEST_ptr(prov = OSSL_PROVIDER_load(multi_libctx, multi_load_provider))
1127 || !TEST_true(OSSL_PROVIDER_unload(prov)))
1128 multi_set_success(0);
1129 }
1130
test_multi_default(void)1131 static int test_multi_default(void)
1132 {
1133 /* Avoid running this test twice */
1134 if (multidefault_run) {
1135 TEST_skip("multi default test already run");
1136 return 1;
1137 }
1138 multidefault_run = 1;
1139
1140 return thread_run_test(&thread_multi_simple_fetch,
1141 2, &thread_multi_simple_fetch, 0, NULL);
1142 }
1143
test_multi_load(void)1144 static int test_multi_load(void)
1145 {
1146 int res = 1;
1147 OSSL_PROVIDER *prov;
1148
1149 /* The multidefault test must run prior to this test */
1150 if (!multidefault_run) {
1151 TEST_info("Running multi default test first");
1152 res = test_multi_default();
1153 }
1154
1155 /*
1156 * We use the legacy provider in test_multi_load_worker because it uses a
1157 * child libctx that might hit more codepaths that might be sensitive to
1158 * threading issues. But in a no-legacy build that won't be loadable so
1159 * we use the default provider instead.
1160 */
1161 prov = OSSL_PROVIDER_load(NULL, "legacy");
1162 if (prov == NULL) {
1163 TEST_info("Cannot load legacy provider - assuming this is a no-legacy build");
1164 multi_load_provider = "default";
1165 }
1166 OSSL_PROVIDER_unload(prov);
1167
1168 return thread_run_test(NULL, MAXIMUM_THREADS, &test_multi_load_worker, 0,
1169 NULL)
1170 && res;
1171 }
1172
test_obj_create_one(void)1173 static void test_obj_create_one(void)
1174 {
1175 char tids[12], oid[40], sn[30], ln[30];
1176 int id = get_new_uid();
1177
1178 BIO_snprintf(tids, sizeof(tids), "%d", id);
1179 BIO_snprintf(oid, sizeof(oid), "1.3.6.1.4.1.16604.%s", tids);
1180 BIO_snprintf(sn, sizeof(sn), "short-name-%s", tids);
1181 BIO_snprintf(ln, sizeof(ln), "long-name-%s", tids);
1182 if (!TEST_int_ne(id, 0)
1183 || !TEST_true(id = OBJ_create(oid, sn, ln))
1184 || !TEST_true(OBJ_add_sigid(id, NID_sha3_256, NID_rsa)))
1185 multi_set_success(0);
1186 }
1187
test_obj_add(void)1188 static int test_obj_add(void)
1189 {
1190 return thread_run_test(&test_obj_create_one,
1191 MAXIMUM_THREADS, &test_obj_create_one,
1192 1, default_provider);
1193 }
1194
1195 #if !defined(OPENSSL_NO_DGRAM) && !defined(OPENSSL_NO_SOCK)
1196 static BIO *multi_bio1, *multi_bio2;
1197
test_bio_dgram_pair_worker(void)1198 static void test_bio_dgram_pair_worker(void)
1199 {
1200 ossl_unused int r;
1201 int ok = 0;
1202 uint8_t ch = 0;
1203 uint8_t scratch[64];
1204 BIO_MSG msg = { 0 };
1205 size_t num_processed = 0;
1206
1207 if (!TEST_int_eq(RAND_bytes_ex(multi_libctx, &ch, 1, 64), 1))
1208 goto err;
1209
1210 msg.data = scratch;
1211 msg.data_len = sizeof(scratch);
1212
1213 /*
1214 * We do not test for failure here as recvmmsg may fail if no sendmmsg
1215 * has been called yet. The purpose of this code is to exercise tsan.
1216 */
1217 if (ch & 2)
1218 r = BIO_sendmmsg(ch & 1 ? multi_bio2 : multi_bio1, &msg,
1219 sizeof(BIO_MSG), 1, 0, &num_processed);
1220 else
1221 r = BIO_recvmmsg(ch & 1 ? multi_bio2 : multi_bio1, &msg,
1222 sizeof(BIO_MSG), 1, 0, &num_processed);
1223
1224 ok = 1;
1225 err:
1226 if (ok == 0)
1227 multi_set_success(0);
1228 }
1229
test_bio_dgram_pair(void)1230 static int test_bio_dgram_pair(void)
1231 {
1232 int r;
1233 BIO *bio1 = NULL, *bio2 = NULL;
1234
1235 r = BIO_new_bio_dgram_pair(&bio1, 0, &bio2, 0);
1236 if (!TEST_int_eq(r, 1))
1237 goto err;
1238
1239 multi_bio1 = bio1;
1240 multi_bio2 = bio2;
1241
1242 r = thread_run_test(&test_bio_dgram_pair_worker,
1243 MAXIMUM_THREADS, &test_bio_dgram_pair_worker,
1244 1, default_provider);
1245
1246 err:
1247 BIO_free(bio1);
1248 BIO_free(bio2);
1249 return r;
1250 }
1251 #endif
1252
1253 static const char *pemdataraw[] = {
1254 "-----BEGIN RSA PRIVATE KEY-----\n",
1255 "MIIBOgIBAAJBAMFcGsaxxdgiuuGmCkVImy4h99CqT7jwY3pexPGcnUFtR2Fh36Bp\n",
1256 "oncwtkZ4cAgtvd4Qs8PkxUdp6p/DlUmObdkCAwEAAQJAUR44xX6zB3eaeyvTRzms\n",
1257 "kHADrPCmPWnr8dxsNwiDGHzrMKLN+i/HAam+97HxIKVWNDH2ba9Mf1SA8xu9dcHZ\n",
1258 "AQIhAOHPCLxbtQFVxlnhSyxYeb7O323c3QulPNn3bhOipElpAiEA2zZpBE8ZXVnL\n",
1259 "74QjG4zINlDfH+EOEtjJJ3RtaYDugvECIBtsQDxXytChsRgDQ1TcXdStXPcDppie\n",
1260 "dZhm8yhRTTBZAiAZjE/U9rsIDC0ebxIAZfn3iplWh84yGB3pgUI3J5WkoQIhAInE\n",
1261 "HTUY5WRj5riZtkyGnbm3DvF+1eMtO2lYV+OuLcfE\n",
1262 "-----END RSA PRIVATE KEY-----\n",
1263 NULL
1264 };
1265
test_pem_read_one(void)1266 static void test_pem_read_one(void)
1267 {
1268 EVP_PKEY *key = NULL;
1269 BIO *pem = NULL;
1270 char *pemdata;
1271 size_t len;
1272
1273 pemdata = glue_strings(pemdataraw, &len);
1274 if (pemdata == NULL) {
1275 multi_set_success(0);
1276 goto err;
1277 }
1278
1279 pem = BIO_new_mem_buf(pemdata, len);
1280 if (pem == NULL) {
1281 multi_set_success(0);
1282 goto err;
1283 }
1284
1285 key = PEM_read_bio_PrivateKey(pem, NULL, NULL, NULL);
1286 if (key == NULL)
1287 multi_set_success(0);
1288
1289 err:
1290 EVP_PKEY_free(key);
1291 BIO_free(pem);
1292 OPENSSL_free(pemdata);
1293 }
1294
1295 /* Test reading PEM files in multiple threads */
test_pem_read(void)1296 static int test_pem_read(void)
1297 {
1298 return thread_run_test(&test_pem_read_one, MAXIMUM_THREADS,
1299 &test_pem_read_one, 1, default_provider);
1300 }
1301
1302 static X509_STORE *store = NULL;
1303
test_x509_store_by_subject(void)1304 static void test_x509_store_by_subject(void)
1305 {
1306 X509_STORE_CTX *ctx;
1307 X509_OBJECT *obj = NULL;
1308 X509_NAME *name = NULL;
1309 int success = 0;
1310
1311 ctx = X509_STORE_CTX_new();
1312 if (!TEST_ptr(ctx))
1313 goto err;
1314
1315 if (!TEST_true(X509_STORE_CTX_init(ctx, store, NULL, NULL)))
1316 goto err;
1317
1318 name = X509_NAME_new();
1319 if (!TEST_ptr(name))
1320 goto err;
1321 if (!TEST_true(X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC,
1322 (unsigned char *)"Root CA",
1323 -1, -1, 0)))
1324 goto err;
1325 obj = X509_STORE_CTX_get_obj_by_subject(ctx, X509_LU_X509, name);
1326 if (!TEST_ptr(obj))
1327 goto err;
1328
1329 success = 1;
1330 err:
1331 X509_OBJECT_free(obj);
1332 X509_STORE_CTX_free(ctx);
1333 X509_NAME_free(name);
1334 if (!success)
1335 multi_set_success(0);
1336 }
1337
1338 /* Test accessing an X509_STORE from multiple threads */
test_x509_store(void)1339 static int test_x509_store(void)
1340 {
1341 int ret = 0;
1342
1343 store = X509_STORE_new();
1344 if (!TEST_ptr(store))
1345 return 0;
1346 if (!TEST_true(X509_STORE_load_store(store, storedir)))
1347 goto err;
1348
1349 ret = thread_run_test(&test_x509_store_by_subject, MAXIMUM_THREADS,
1350 &test_x509_store_by_subject, 0, NULL);
1351
1352 err:
1353 X509_STORE_free(store);
1354 store = NULL;
1355 return ret;
1356 }
1357
1358 typedef enum OPTION_choice {
1359 OPT_ERR = -1,
1360 OPT_EOF = 0,
1361 OPT_FIPS,
1362 OPT_CONFIG_FILE,
1363 OPT_TEST_ENUM
1364 } OPTION_CHOICE;
1365
test_get_options(void)1366 const OPTIONS *test_get_options(void)
1367 {
1368 static const OPTIONS options[] = {
1369 OPT_TEST_OPTIONS_DEFAULT_USAGE,
1370 { "fips", OPT_FIPS, '-', "Test the FIPS provider" },
1371 { "config", OPT_CONFIG_FILE, '<',
1372 "The configuration file to use for the libctx" },
1373 { NULL }
1374 };
1375 return options;
1376 }
1377
setup_tests(void)1378 int setup_tests(void)
1379 {
1380 OPTION_CHOICE o;
1381 char *datadir;
1382
1383 while ((o = opt_next()) != OPT_EOF) {
1384 switch (o) {
1385 case OPT_FIPS:
1386 do_fips = 1;
1387 break;
1388 case OPT_CONFIG_FILE:
1389 config_file = opt_arg();
1390 break;
1391 case OPT_TEST_CASES:
1392 break;
1393 default:
1394 return 0;
1395 }
1396 }
1397
1398 if (!TEST_ptr(datadir = test_get_argument(0)))
1399 return 0;
1400
1401 privkey = test_mk_file_path(datadir, "rsakey.pem");
1402 if (!TEST_ptr(privkey))
1403 return 0;
1404
1405 storedir = test_mk_file_path(datadir, "store");
1406 if (!TEST_ptr(storedir))
1407 return 0;
1408
1409 if (!TEST_ptr(global_lock = CRYPTO_THREAD_lock_new()))
1410 return 0;
1411
1412 #ifdef TSAN_REQUIRES_LOCKING
1413 if (!TEST_ptr(tsan_lock = CRYPTO_THREAD_lock_new()))
1414 return 0;
1415 #endif
1416
1417 /* Keep first to validate auto creation of default library context */
1418 ADD_TEST(test_multi_default);
1419
1420 ADD_TEST(test_lock);
1421 #if defined(OPENSSL_THREADS)
1422 ADD_TEST(torture_rw_low);
1423 ADD_TEST(torture_rw_high);
1424 ADD_TEST(torture_rcu_low);
1425 ADD_TEST(torture_rcu_high);
1426 ADD_TEST(torture_rcu_high2);
1427 #endif
1428 ADD_TEST(test_once);
1429 ADD_TEST(test_thread_local);
1430 ADD_TEST(test_thread_local_multi_key);
1431 ADD_TEST(test_atomic);
1432 ADD_TEST(test_multi_load);
1433 ADD_TEST(test_multi_general_worker_default_provider);
1434 ADD_TEST(test_multi_general_worker_fips_provider);
1435 ADD_TEST(test_multi_fetch_worker);
1436 ADD_TEST(test_multi_shared_pkey);
1437 #ifndef OPENSSL_NO_DEPRECATED_3_0
1438 ADD_TEST(test_multi_downgrade_shared_pkey);
1439 #endif
1440 ADD_TEST(test_multi_shared_pkey_release);
1441 ADD_TEST(test_multi_load_unload_provider);
1442 ADD_TEST(test_obj_add);
1443 #if !defined(OPENSSL_NO_DGRAM) && !defined(OPENSSL_NO_SOCK)
1444 ADD_TEST(test_bio_dgram_pair);
1445 #endif
1446 ADD_TEST(test_pem_read);
1447 ADD_TEST(test_x509_store);
1448 return 1;
1449 }
1450
cleanup_tests(void)1451 void cleanup_tests(void)
1452 {
1453 OPENSSL_free(privkey);
1454 OPENSSL_free(storedir);
1455 #ifdef TSAN_REQUIRES_LOCKING
1456 CRYPTO_THREAD_lock_free(tsan_lock);
1457 #endif
1458 CRYPTO_THREAD_lock_free(global_lock);
1459 }
1460