1 /*
2 * Copyright 2016-2025 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 /*
11 * The test_multi_downgrade_shared_pkey function tests the thread safety of a
12 * deprecated function.
13 */
14 #ifndef OPENSSL_NO_DEPRECATED_3_0
15 # define OPENSSL_SUPPRESS_DEPRECATED
16 #endif
17
18 #if defined(_WIN32)
19 # include <windows.h>
20 #endif
21
22 #include <string.h>
23 #include <openssl/crypto.h>
24 #include <openssl/rsa.h>
25 #include <openssl/aes.h>
26 #include <openssl/err.h>
27 #include <openssl/rand.h>
28 #include <openssl/pem.h>
29 #include <openssl/evp.h>
30 #include "internal/tsan_assist.h"
31 #include "internal/nelem.h"
32 #include "internal/time.h"
33 #include "internal/rcu.h"
34 #include "testutil.h"
35 #include "threadstest.h"
36
37 #ifdef __SANITIZE_THREAD__
38 #include <sanitizer/tsan_interface.h>
39 #define TSAN_ACQUIRE(s) __tsan_acquire(s)
40 #else
41 #define TSAN_ACQUIRE(s)
42 #endif
43
44 /* Limit the maximum number of threads */
45 #define MAXIMUM_THREADS 10
46
47 /* Limit the maximum number of providers loaded into a library context */
48 #define MAXIMUM_PROVIDERS 4
49
50 static int do_fips = 0;
51 static char *privkey;
52 static char *storedir;
53 static char *config_file = NULL;
54 static int multidefault_run = 0;
55
56 static const char *default_provider[] = { "default", NULL };
57 static const char *fips_provider[] = { "fips", NULL };
58 static const char *fips_and_default_providers[] = { "default", "fips", NULL };
59
60 static CRYPTO_RWLOCK *global_lock;
61
62 #ifdef TSAN_REQUIRES_LOCKING
63 static CRYPTO_RWLOCK *tsan_lock;
64 #endif
65
66 /* Grab a globally unique integer value, return 0 on failure */
get_new_uid(void)67 static int get_new_uid(void)
68 {
69 /*
70 * Start with a nice large number to avoid potential conflicts when
71 * we generate a new OID.
72 */
73 static TSAN_QUALIFIER int current_uid = 1 << (sizeof(int) * 8 - 2);
74 #ifdef TSAN_REQUIRES_LOCKING
75 int r;
76
77 if (!TEST_true(CRYPTO_THREAD_write_lock(tsan_lock)))
78 return 0;
79 r = ++current_uid;
80 if (!TEST_true(CRYPTO_THREAD_unlock(tsan_lock)))
81 return 0;
82 return r;
83
84 #else
85 return tsan_counter(¤t_uid);
86 #endif
87 }
88
test_lock(void)89 static int test_lock(void)
90 {
91 CRYPTO_RWLOCK *lock = CRYPTO_THREAD_lock_new();
92 int res;
93
94 if (!TEST_ptr(lock))
95 return 0;
96
97 res = TEST_true(CRYPTO_THREAD_read_lock(lock))
98 && TEST_true(CRYPTO_THREAD_unlock(lock))
99 && TEST_true(CRYPTO_THREAD_write_lock(lock))
100 && TEST_true(CRYPTO_THREAD_unlock(lock));
101
102 CRYPTO_THREAD_lock_free(lock);
103
104 return res;
105 }
106
107 #if defined(OPENSSL_THREADS)
108 static int contention = 0;
109 static int rwwriter1_done = 0;
110 static int rwwriter2_done = 0;
111 static int rwreader1_iterations = 0;
112 static int rwreader2_iterations = 0;
113 static int rwwriter1_iterations = 0;
114 static int rwwriter2_iterations = 0;
115 static int *rwwriter_ptr = NULL;
116 static int rw_torture_result = 1;
117 static CRYPTO_RWLOCK *rwtorturelock = NULL;
118 static CRYPTO_RWLOCK *atomiclock = NULL;
119
rwwriter_fn(int id,int * iterations)120 static void rwwriter_fn(int id, int *iterations)
121 {
122 int count;
123 int *old, *new;
124 OSSL_TIME t1, t2;
125 t1 = ossl_time_now();
126
127 for (count = 0; ; count++) {
128 new = CRYPTO_zalloc(sizeof (int), NULL, 0);
129 if (contention == 0)
130 OSSL_sleep(1000);
131 if (!CRYPTO_THREAD_write_lock(rwtorturelock))
132 abort();
133 if (rwwriter_ptr != NULL) {
134 *new = *rwwriter_ptr + 1;
135 } else {
136 *new = 0;
137 }
138 old = rwwriter_ptr;
139 rwwriter_ptr = new;
140 if (!CRYPTO_THREAD_unlock(rwtorturelock))
141 abort();
142 if (old != NULL)
143 CRYPTO_free(old, __FILE__, __LINE__);
144 t2 = ossl_time_now();
145 if ((ossl_time2seconds(t2) - ossl_time2seconds(t1)) >= 4)
146 break;
147 }
148 *iterations = count;
149 return;
150 }
151
rwwriter1_fn(void)152 static void rwwriter1_fn(void)
153 {
154 int local;
155
156 TEST_info("Starting writer1");
157 rwwriter_fn(1, &rwwriter1_iterations);
158 CRYPTO_atomic_add(&rwwriter1_done, 1, &local, atomiclock);
159 }
160
rwwriter2_fn(void)161 static void rwwriter2_fn(void)
162 {
163 int local;
164
165 TEST_info("Starting writer 2");
166 rwwriter_fn(2, &rwwriter2_iterations);
167 CRYPTO_atomic_add(&rwwriter2_done, 1, &local, atomiclock);
168 }
169
rwreader_fn(int * iterations)170 static void rwreader_fn(int *iterations)
171 {
172 unsigned int count = 0;
173
174 int old = 0;
175 int lw1 = 0;
176 int lw2 = 0;
177
178 if (CRYPTO_THREAD_read_lock(rwtorturelock) == 0)
179 abort();
180
181 while (lw1 != 1 || lw2 != 1) {
182 CRYPTO_atomic_add(&rwwriter1_done, 0, &lw1, atomiclock);
183 CRYPTO_atomic_add(&rwwriter2_done, 0, &lw2, atomiclock);
184
185 count++;
186 if (rwwriter_ptr != NULL && old > *rwwriter_ptr) {
187 TEST_info("rwwriter pointer went backwards\n");
188 rw_torture_result = 0;
189 }
190 if (CRYPTO_THREAD_unlock(rwtorturelock) == 0)
191 abort();
192 *iterations = count;
193 if (rw_torture_result == 0) {
194 *iterations = count;
195 return;
196 }
197 if (CRYPTO_THREAD_read_lock(rwtorturelock) == 0)
198 abort();
199 }
200 *iterations = count;
201 if (CRYPTO_THREAD_unlock(rwtorturelock) == 0)
202 abort();
203 }
204
rwreader1_fn(void)205 static void rwreader1_fn(void)
206 {
207 TEST_info("Starting reader 1");
208 rwreader_fn(&rwreader1_iterations);
209 }
210
rwreader2_fn(void)211 static void rwreader2_fn(void)
212 {
213 TEST_info("Starting reader 2");
214 rwreader_fn(&rwreader2_iterations);
215 }
216
217 static thread_t rwwriter1;
218 static thread_t rwwriter2;
219 static thread_t rwreader1;
220 static thread_t rwreader2;
221
_torture_rw(void)222 static int _torture_rw(void)
223 {
224 double tottime = 0;
225 int ret = 0;
226 double avr, avw;
227 OSSL_TIME t1, t2;
228 struct timeval dtime;
229
230 rwtorturelock = CRYPTO_THREAD_lock_new();
231 atomiclock = CRYPTO_THREAD_lock_new();
232 if (!TEST_ptr(rwtorturelock) || !TEST_ptr(atomiclock))
233 goto out;
234
235 rwwriter1_iterations = 0;
236 rwwriter2_iterations = 0;
237 rwreader1_iterations = 0;
238 rwreader2_iterations = 0;
239 rwwriter1_done = 0;
240 rwwriter2_done = 0;
241 rw_torture_result = 1;
242
243 memset(&rwwriter1, 0, sizeof(thread_t));
244 memset(&rwwriter2, 0, sizeof(thread_t));
245 memset(&rwreader1, 0, sizeof(thread_t));
246 memset(&rwreader2, 0, sizeof(thread_t));
247
248 TEST_info("Staring rw torture");
249 t1 = ossl_time_now();
250 if (!TEST_true(run_thread(&rwreader1, rwreader1_fn))
251 || !TEST_true(run_thread(&rwreader2, rwreader2_fn))
252 || !TEST_true(run_thread(&rwwriter1, rwwriter1_fn))
253 || !TEST_true(run_thread(&rwwriter2, rwwriter2_fn))
254 || !TEST_true(wait_for_thread(rwwriter1))
255 || !TEST_true(wait_for_thread(rwwriter2))
256 || !TEST_true(wait_for_thread(rwreader1))
257 || !TEST_true(wait_for_thread(rwreader2)))
258 goto out;
259
260 t2 = ossl_time_now();
261 dtime = ossl_time_to_timeval(ossl_time_subtract(t2, t1));
262 tottime = dtime.tv_sec + (dtime.tv_usec / 1e6);
263 TEST_info("rw_torture_result is %d\n", rw_torture_result);
264 TEST_info("performed %d reads and %d writes over 2 read and 2 write threads in %e seconds",
265 rwreader1_iterations + rwreader2_iterations,
266 rwwriter1_iterations + rwwriter2_iterations, tottime);
267 if ((rwreader1_iterations + rwreader2_iterations == 0)
268 || (rwwriter1_iterations + rwwriter2_iterations == 0)) {
269 TEST_info("Threads did not iterate\n");
270 goto out;
271 }
272 avr = tottime / (rwreader1_iterations + rwreader2_iterations);
273 avw = (tottime / (rwwriter1_iterations + rwwriter2_iterations));
274 TEST_info("Average read time %e/read", avr);
275 TEST_info("Averate write time %e/write", avw);
276
277 if (TEST_int_eq(rw_torture_result, 1))
278 ret = 1;
279 out:
280 CRYPTO_THREAD_lock_free(rwtorturelock);
281 CRYPTO_THREAD_lock_free(atomiclock);
282 rwtorturelock = NULL;
283 return ret;
284 }
285
torture_rw_low(void)286 static int torture_rw_low(void)
287 {
288 contention = 0;
289 return _torture_rw();
290 }
291
torture_rw_high(void)292 static int torture_rw_high(void)
293 {
294 contention = 1;
295 return _torture_rw();
296 }
297
298
299 static CRYPTO_RCU_LOCK *rcu_lock = NULL;
300
301 static int writer1_done = 0;
302 static int writer2_done = 0;
303 static int reader1_iterations = 0;
304 static int reader2_iterations = 0;
305 static int writer1_iterations = 0;
306 static int writer2_iterations = 0;
307 static uint64_t *writer_ptr = NULL;
308 static uint64_t global_ctr = 0;
309 static int rcu_torture_result = 1;
free_old_rcu_data(void * data)310 static void free_old_rcu_data(void *data)
311 {
312 CRYPTO_free(data, NULL, 0);
313 }
314
writer_fn(int id,int * iterations)315 static void writer_fn(int id, int *iterations)
316 {
317 int count;
318 OSSL_TIME t1, t2;
319 uint64_t *old, *new;
320
321 t1 = ossl_time_now();
322
323 for (count = 0; ; count++) {
324 new = CRYPTO_zalloc(sizeof(uint64_t), NULL, 0);
325 if (contention == 0)
326 OSSL_sleep(1000);
327 ossl_rcu_write_lock(rcu_lock);
328 old = ossl_rcu_deref(&writer_ptr);
329 TSAN_ACQUIRE(&writer_ptr);
330 *new = global_ctr++;
331 ossl_rcu_assign_ptr(&writer_ptr, &new);
332 if (contention == 0)
333 ossl_rcu_call(rcu_lock, free_old_rcu_data, old);
334 ossl_rcu_write_unlock(rcu_lock);
335 if (contention != 0) {
336 ossl_synchronize_rcu(rcu_lock);
337 CRYPTO_free(old, NULL, 0);
338 }
339 t2 = ossl_time_now();
340 if ((ossl_time2seconds(t2) - ossl_time2seconds(t1)) >= 4)
341 break;
342 }
343 *iterations = count;
344 return;
345 }
346
writer1_fn(void)347 static void writer1_fn(void)
348 {
349 int local;
350
351 TEST_info("Starting writer1");
352 writer_fn(1, &writer1_iterations);
353 CRYPTO_atomic_add(&writer1_done, 1, &local, atomiclock);
354 }
355
writer2_fn(void)356 static void writer2_fn(void)
357 {
358 int local;
359
360 TEST_info("Starting writer2");
361 writer_fn(2, &writer2_iterations);
362 CRYPTO_atomic_add(&writer2_done, 1, &local, atomiclock);
363 }
364
reader_fn(int * iterations)365 static void reader_fn(int *iterations)
366 {
367 unsigned int count = 0;
368 uint64_t *valp;
369 uint64_t val;
370 uint64_t oldval = 0;
371 int lw1 = 0;
372 int lw2 = 0;
373
374 while (lw1 != 1 || lw2 != 1) {
375 CRYPTO_atomic_add(&writer1_done, 0, &lw1, atomiclock);
376 CRYPTO_atomic_add(&writer2_done, 0, &lw2, atomiclock);
377 count++;
378 if (!ossl_rcu_read_lock(rcu_lock)) {
379 TEST_info("rcu torture read lock failed");
380 rcu_torture_result = 0;
381 *iterations = count;
382 return;
383 }
384
385 valp = ossl_rcu_deref(&writer_ptr);
386 val = (valp == NULL) ? 0 : *valp;
387
388 if (oldval > val) {
389 TEST_info("rcu torture value went backwards! %llu : %llu", (unsigned long long)oldval, (unsigned long long)val);
390 rcu_torture_result = 0;
391 }
392 oldval = val; /* just try to deref the pointer */
393 ossl_rcu_read_unlock(rcu_lock);
394 if (rcu_torture_result == 0) {
395 *iterations = count;
396 return;
397 }
398 }
399 *iterations = count;
400 }
401
reader1_fn(void)402 static void reader1_fn(void)
403 {
404 TEST_info("Starting reader 1");
405 reader_fn(&reader1_iterations);
406 }
407
reader2_fn(void)408 static void reader2_fn(void)
409 {
410 TEST_info("Starting reader 2");
411 reader_fn(&reader2_iterations);
412 }
413
414 static thread_t writer1;
415 static thread_t writer2;
416 static thread_t reader1;
417 static thread_t reader2;
418
_torture_rcu(void)419 static int _torture_rcu(void)
420 {
421 OSSL_TIME t1, t2;
422 struct timeval dtime;
423 double tottime;
424 double avr, avw;
425 int rc = 0;
426
427 atomiclock = CRYPTO_THREAD_lock_new();
428 if (!TEST_ptr(atomiclock))
429 goto out;
430
431 memset(&writer1, 0, sizeof(thread_t));
432 memset(&writer2, 0, sizeof(thread_t));
433 memset(&reader1, 0, sizeof(thread_t));
434 memset(&reader2, 0, sizeof(thread_t));
435
436 writer1_iterations = 0;
437 writer2_iterations = 0;
438 reader1_iterations = 0;
439 reader2_iterations = 0;
440 writer1_done = 0;
441 writer2_done = 0;
442 rcu_torture_result = 1;
443
444 rcu_lock = ossl_rcu_lock_new(contention == 2 ? 4 : 1, NULL);
445 if (rcu_lock == NULL)
446 goto out;
447
448 TEST_info("Staring rcu torture");
449 t1 = ossl_time_now();
450 if (!TEST_true(run_thread(&reader1, reader1_fn))
451 || !TEST_true(run_thread(&reader2, reader2_fn))
452 || !TEST_true(run_thread(&writer1, writer1_fn))
453 || !TEST_true(run_thread(&writer2, writer2_fn))
454 || !TEST_true(wait_for_thread(writer1))
455 || !TEST_true(wait_for_thread(writer2))
456 || !TEST_true(wait_for_thread(reader1))
457 || !TEST_true(wait_for_thread(reader2)))
458 goto out;
459
460 t2 = ossl_time_now();
461 dtime = ossl_time_to_timeval(ossl_time_subtract(t2, t1));
462 tottime = dtime.tv_sec + (dtime.tv_usec / 1e6);
463 TEST_info("rcu_torture_result is %d\n", rcu_torture_result);
464 TEST_info("performed %d reads and %d writes over 2 read and 2 write threads in %e seconds",
465 reader1_iterations + reader2_iterations,
466 writer1_iterations + writer2_iterations, tottime);
467 if ((reader1_iterations + reader2_iterations == 0)
468 || (writer1_iterations + writer2_iterations == 0)) {
469 TEST_info("Threads did not iterate\n");
470 goto out;
471 }
472 avr = tottime / (reader1_iterations + reader2_iterations);
473 avw = tottime / (writer1_iterations + writer2_iterations);
474 TEST_info("Average read time %e/read", avr);
475 TEST_info("Average write time %e/write", avw);
476
477 if (!TEST_int_eq(rcu_torture_result, 1))
478 goto out;
479
480 rc = 1;
481 out:
482 ossl_rcu_lock_free(rcu_lock);
483 CRYPTO_THREAD_lock_free(atomiclock);
484 if (!TEST_int_eq(rcu_torture_result, 1))
485 return 0;
486
487 return rc;
488 }
489
torture_rcu_low(void)490 static int torture_rcu_low(void)
491 {
492 contention = 0;
493 return _torture_rcu();
494 }
495
torture_rcu_high(void)496 static int torture_rcu_high(void)
497 {
498 contention = 1;
499 return _torture_rcu();
500 }
501
torture_rcu_high2(void)502 static int torture_rcu_high2(void)
503 {
504 contention = 2;
505 return _torture_rcu();
506 }
507 #endif
508
509 static CRYPTO_ONCE once_run = CRYPTO_ONCE_STATIC_INIT;
510 static unsigned once_run_count = 0;
511
once_do_run(void)512 static void once_do_run(void)
513 {
514 once_run_count++;
515 }
516
once_run_thread_cb(void)517 static void once_run_thread_cb(void)
518 {
519 CRYPTO_THREAD_run_once(&once_run, once_do_run);
520 }
521
test_once(void)522 static int test_once(void)
523 {
524 thread_t thread;
525
526 if (!TEST_true(run_thread(&thread, once_run_thread_cb))
527 || !TEST_true(wait_for_thread(thread))
528 || !CRYPTO_THREAD_run_once(&once_run, once_do_run)
529 || !TEST_int_eq(once_run_count, 1))
530 return 0;
531 return 1;
532 }
533
534 static CRYPTO_THREAD_LOCAL thread_local_key;
535 static unsigned destructor_run_count = 0;
536 static int thread_local_thread_cb_ok = 0;
537
thread_local_destructor(void * arg)538 static void thread_local_destructor(void *arg)
539 {
540 unsigned *count;
541
542 if (arg == NULL)
543 return;
544
545 count = arg;
546
547 (*count)++;
548 }
549
thread_local_thread_cb(void)550 static void thread_local_thread_cb(void)
551 {
552 void *ptr;
553
554 ptr = CRYPTO_THREAD_get_local(&thread_local_key);
555 if (!TEST_ptr_null(ptr)
556 || !TEST_true(CRYPTO_THREAD_set_local(&thread_local_key,
557 &destructor_run_count)))
558 return;
559
560 ptr = CRYPTO_THREAD_get_local(&thread_local_key);
561 if (!TEST_ptr_eq(ptr, &destructor_run_count))
562 return;
563
564 thread_local_thread_cb_ok = 1;
565 }
566
test_thread_local(void)567 static int test_thread_local(void)
568 {
569 thread_t thread;
570 void *ptr = NULL;
571
572 if (!TEST_true(CRYPTO_THREAD_init_local(&thread_local_key,
573 thread_local_destructor)))
574 return 0;
575
576 ptr = CRYPTO_THREAD_get_local(&thread_local_key);
577 if (!TEST_ptr_null(ptr)
578 || !TEST_true(run_thread(&thread, thread_local_thread_cb))
579 || !TEST_true(wait_for_thread(thread))
580 || !TEST_int_eq(thread_local_thread_cb_ok, 1))
581 return 0;
582
583 #if defined(OPENSSL_THREADS) && !defined(CRYPTO_TDEBUG)
584
585 ptr = CRYPTO_THREAD_get_local(&thread_local_key);
586 if (!TEST_ptr_null(ptr))
587 return 0;
588
589 # if !defined(OPENSSL_SYS_WINDOWS)
590 if (!TEST_int_eq(destructor_run_count, 1))
591 return 0;
592 # endif
593 #endif
594
595 if (!TEST_true(CRYPTO_THREAD_cleanup_local(&thread_local_key)))
596 return 0;
597 return 1;
598 }
599
600 /*
601 * Basic test to ensure that we can repeatedly create and
602 * destroy local keys without leaking anything
603 */
test_thread_local_multi_key(void)604 static int test_thread_local_multi_key(void)
605 {
606 int dummy;
607 int i;
608
609 for (i = 0; i < 1000; i++) {
610 if (!TEST_true(CRYPTO_THREAD_init_local(&thread_local_key,
611 thread_local_destructor)))
612 return 0;
613
614 if (!TEST_true(CRYPTO_THREAD_set_local(&thread_local_key, &dummy)))
615 return 0;
616
617 if (!TEST_true(CRYPTO_THREAD_cleanup_local(&thread_local_key)))
618 return 0;
619 }
620 return 1;
621 }
622
test_atomic(void)623 static int test_atomic(void)
624 {
625 int val = 0, ret = 0, testresult = 0;
626 uint64_t val64 = 1, ret64 = 0;
627 CRYPTO_RWLOCK *lock = CRYPTO_THREAD_lock_new();
628
629 if (!TEST_ptr(lock))
630 return 0;
631
632 if (CRYPTO_atomic_add(&val, 1, &ret, NULL)) {
633 /* This succeeds therefore we're on a platform with lockless atomics */
634 if (!TEST_int_eq(val, 1) || !TEST_int_eq(val, ret))
635 goto err;
636 } else {
637 /* This failed therefore we're on a platform without lockless atomics */
638 if (!TEST_int_eq(val, 0) || !TEST_int_eq(val, ret))
639 goto err;
640 }
641 val = 0;
642 ret = 0;
643
644 if (!TEST_true(CRYPTO_atomic_add(&val, 1, &ret, lock)))
645 goto err;
646 if (!TEST_int_eq(val, 1) || !TEST_int_eq(val, ret))
647 goto err;
648
649 if (CRYPTO_atomic_or(&val64, 2, &ret64, NULL)) {
650 /* This succeeds therefore we're on a platform with lockless atomics */
651 if (!TEST_uint_eq((unsigned int)val64, 3)
652 || !TEST_uint_eq((unsigned int)val64, (unsigned int)ret64))
653 goto err;
654 } else {
655 /* This failed therefore we're on a platform without lockless atomics */
656 if (!TEST_uint_eq((unsigned int)val64, 1)
657 || !TEST_int_eq((unsigned int)ret64, 0))
658 goto err;
659 }
660 val64 = 1;
661 ret64 = 0;
662
663 if (!TEST_true(CRYPTO_atomic_or(&val64, 2, &ret64, lock)))
664 goto err;
665
666 if (!TEST_uint_eq((unsigned int)val64, 3)
667 || !TEST_uint_eq((unsigned int)val64, (unsigned int)ret64))
668 goto err;
669
670 ret64 = 0;
671 if (CRYPTO_atomic_load(&val64, &ret64, NULL)) {
672 /* This succeeds therefore we're on a platform with lockless atomics */
673 if (!TEST_uint_eq((unsigned int)val64, 3)
674 || !TEST_uint_eq((unsigned int)val64, (unsigned int)ret64))
675 goto err;
676 } else {
677 /* This failed therefore we're on a platform without lockless atomics */
678 if (!TEST_uint_eq((unsigned int)val64, 3)
679 || !TEST_int_eq((unsigned int)ret64, 0))
680 goto err;
681 }
682
683 ret64 = 0;
684 if (!TEST_true(CRYPTO_atomic_load(&val64, &ret64, lock)))
685 goto err;
686
687 if (!TEST_uint_eq((unsigned int)val64, 3)
688 || !TEST_uint_eq((unsigned int)val64, (unsigned int)ret64))
689 goto err;
690
691 ret64 = 0;
692
693 if (CRYPTO_atomic_and(&val64, 5, &ret64, NULL)) {
694 /* This succeeds therefore we're on a platform with lockless atomics */
695 if (!TEST_uint_eq((unsigned int)val64, 1)
696 || !TEST_uint_eq((unsigned int)val64, (unsigned int)ret64))
697 goto err;
698 } else {
699 /* This failed therefore we're on a platform without lockless atomics */
700 if (!TEST_uint_eq((unsigned int)val64, 3)
701 || !TEST_int_eq((unsigned int)ret64, 0))
702 goto err;
703 }
704 val64 = 3;
705 ret64 = 0;
706
707 if (!TEST_true(CRYPTO_atomic_and(&val64, 5, &ret64, lock)))
708 goto err;
709
710 if (!TEST_uint_eq((unsigned int)val64, 1)
711 || !TEST_uint_eq((unsigned int)val64, (unsigned int)ret64))
712 goto err;
713
714 ret64 = 0;
715
716 if (CRYPTO_atomic_add64(&val64, 2, &ret64, NULL)) {
717 /* This succeeds therefore we're on a platform with lockless atomics */
718 if (!TEST_uint_eq((unsigned int)val64, 3)
719 || !TEST_uint_eq((unsigned int)val64, (unsigned int)ret64))
720 goto err;
721 } else {
722 /* This failed therefore we're on a platform without lockless atomics */
723 if (!TEST_uint_eq((unsigned int)val64, 1)
724 || !TEST_int_eq((unsigned int)ret64, 0))
725 goto err;
726 }
727 val64 = 1;
728 ret64 = 0;
729
730 if (!TEST_true(CRYPTO_atomic_add64(&val64, 2, &ret64, lock)))
731 goto err;
732
733 if (!TEST_uint_eq((unsigned int)val64, 3)
734 || !TEST_uint_eq((unsigned int)val64, (unsigned int)ret64))
735 goto err;
736
737 testresult = 1;
738 err:
739 CRYPTO_THREAD_lock_free(lock);
740 return testresult;
741 }
742
743 static OSSL_LIB_CTX *multi_libctx = NULL;
744 static int multi_success;
745 static OSSL_PROVIDER *multi_provider[MAXIMUM_PROVIDERS + 1];
746 static size_t multi_num_threads;
747 static thread_t multi_threads[MAXIMUM_THREADS];
748
multi_intialise(void)749 static void multi_intialise(void)
750 {
751 multi_success = 1;
752 multi_libctx = NULL;
753 multi_num_threads = 0;
754 memset(multi_threads, 0, sizeof(multi_threads));
755 memset(multi_provider, 0, sizeof(multi_provider));
756 }
757
multi_set_success(int ok)758 static void multi_set_success(int ok)
759 {
760 if (CRYPTO_THREAD_write_lock(global_lock) == 0) {
761 /* not synchronized, but better than not reporting failure */
762 multi_success = ok;
763 return;
764 }
765
766 multi_success = ok;
767
768 CRYPTO_THREAD_unlock(global_lock);
769 }
770
thead_teardown_libctx(void)771 static void thead_teardown_libctx(void)
772 {
773 OSSL_PROVIDER **p;
774
775 for (p = multi_provider; *p != NULL; p++)
776 OSSL_PROVIDER_unload(*p);
777 OSSL_LIB_CTX_free(multi_libctx);
778 multi_intialise();
779 }
780
thread_setup_libctx(int libctx,const char * providers[])781 static int thread_setup_libctx(int libctx, const char *providers[])
782 {
783 size_t n;
784
785 if (libctx && !TEST_true(test_get_libctx(&multi_libctx, NULL, config_file,
786 NULL, NULL)))
787 return 0;
788
789 if (providers != NULL)
790 for (n = 0; providers[n] != NULL; n++)
791 if (!TEST_size_t_lt(n, MAXIMUM_PROVIDERS)
792 || !TEST_ptr(multi_provider[n] = OSSL_PROVIDER_load(multi_libctx,
793 providers[n]))) {
794 thead_teardown_libctx();
795 return 0;
796 }
797 return 1;
798 }
799
teardown_threads(void)800 static int teardown_threads(void)
801 {
802 size_t i;
803
804 for (i = 0; i < multi_num_threads; i++)
805 if (!TEST_true(wait_for_thread(multi_threads[i])))
806 return 0;
807 return 1;
808 }
809
start_threads(size_t n,void (* thread_func)(void))810 static int start_threads(size_t n, void (*thread_func)(void))
811 {
812 size_t i;
813
814 if (!TEST_size_t_le(multi_num_threads + n, MAXIMUM_THREADS))
815 return 0;
816
817 for (i = 0 ; i < n; i++)
818 if (!TEST_true(run_thread(multi_threads + multi_num_threads++, thread_func)))
819 return 0;
820 return 1;
821 }
822
823 /* Template multi-threaded test function */
thread_run_test(void (* main_func)(void),size_t num_threads,void (* thread_func)(void),int libctx,const char * providers[])824 static int thread_run_test(void (*main_func)(void),
825 size_t num_threads, void (*thread_func)(void),
826 int libctx, const char *providers[])
827 {
828 int testresult = 0;
829
830 multi_intialise();
831 if (!thread_setup_libctx(libctx, providers)
832 || !start_threads(num_threads, thread_func))
833 goto err;
834
835 if (main_func != NULL)
836 main_func();
837
838 if (!teardown_threads()
839 || !TEST_true(multi_success))
840 goto err;
841 testresult = 1;
842 err:
843 thead_teardown_libctx();
844 return testresult;
845 }
846
thread_general_worker(void)847 static void thread_general_worker(void)
848 {
849 EVP_MD_CTX *mdctx = EVP_MD_CTX_new();
850 EVP_MD *md = EVP_MD_fetch(multi_libctx, "SHA2-256", NULL);
851 EVP_CIPHER_CTX *cipherctx = EVP_CIPHER_CTX_new();
852 EVP_CIPHER *ciph = EVP_CIPHER_fetch(multi_libctx, "AES-128-CBC", NULL);
853 const char *message = "Hello World";
854 size_t messlen = strlen(message);
855 /* Should be big enough for encryption output too */
856 unsigned char out[EVP_MAX_MD_SIZE];
857 const unsigned char key[AES_BLOCK_SIZE] = {
858 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
859 0x0c, 0x0d, 0x0e, 0x0f
860 };
861 const unsigned char iv[AES_BLOCK_SIZE] = {
862 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
863 0x0c, 0x0d, 0x0e, 0x0f
864 };
865 unsigned int mdoutl;
866 int ciphoutl;
867 EVP_PKEY *pkey = NULL;
868 int testresult = 0;
869 int i, isfips;
870
871 isfips = OSSL_PROVIDER_available(multi_libctx, "fips");
872
873 if (!TEST_ptr(mdctx)
874 || !TEST_ptr(md)
875 || !TEST_ptr(cipherctx)
876 || !TEST_ptr(ciph))
877 goto err;
878
879 /* Do some work */
880 for (i = 0; i < 5; i++) {
881 if (!TEST_true(EVP_DigestInit_ex(mdctx, md, NULL))
882 || !TEST_true(EVP_DigestUpdate(mdctx, message, messlen))
883 || !TEST_true(EVP_DigestFinal(mdctx, out, &mdoutl)))
884 goto err;
885 }
886 for (i = 0; i < 5; i++) {
887 if (!TEST_true(EVP_EncryptInit_ex(cipherctx, ciph, NULL, key, iv))
888 || !TEST_true(EVP_EncryptUpdate(cipherctx, out, &ciphoutl,
889 (unsigned char *)message,
890 (int)messlen))
891 || !TEST_true(EVP_EncryptFinal(cipherctx, out, &ciphoutl)))
892 goto err;
893 }
894
895 /*
896 * We want the test to run quickly - not securely.
897 * Therefore we use an insecure bit length where we can (512).
898 * In the FIPS module though we must use a longer length.
899 */
900 pkey = EVP_PKEY_Q_keygen(multi_libctx, NULL, "RSA", (size_t)(isfips ? 2048 : 512));
901 if (!TEST_ptr(pkey))
902 goto err;
903
904 testresult = 1;
905 err:
906 EVP_MD_CTX_free(mdctx);
907 EVP_MD_free(md);
908 EVP_CIPHER_CTX_free(cipherctx);
909 EVP_CIPHER_free(ciph);
910 EVP_PKEY_free(pkey);
911 if (!testresult)
912 multi_set_success(0);
913 }
914
thread_multi_simple_fetch(void)915 static void thread_multi_simple_fetch(void)
916 {
917 EVP_MD *md = EVP_MD_fetch(multi_libctx, "SHA2-256", NULL);
918
919 if (md != NULL)
920 EVP_MD_free(md);
921 else
922 multi_set_success(0);
923 }
924
925 static EVP_PKEY *shared_evp_pkey = NULL;
926
thread_shared_evp_pkey(void)927 static void thread_shared_evp_pkey(void)
928 {
929 char *msg = "Hello World";
930 unsigned char ctbuf[256];
931 unsigned char ptbuf[256];
932 size_t ptlen, ctlen = sizeof(ctbuf);
933 EVP_PKEY_CTX *ctx = NULL;
934 int success = 0;
935 int i;
936
937 for (i = 0; i < 1 + do_fips; i++) {
938 if (i > 0)
939 EVP_PKEY_CTX_free(ctx);
940 ctx = EVP_PKEY_CTX_new_from_pkey(multi_libctx, shared_evp_pkey,
941 i == 0 ? "provider=default"
942 : "provider=fips");
943 if (!TEST_ptr(ctx))
944 goto err;
945
946 if (!TEST_int_ge(EVP_PKEY_encrypt_init(ctx), 0)
947 || !TEST_int_ge(EVP_PKEY_encrypt(ctx, ctbuf, &ctlen,
948 (unsigned char *)msg, strlen(msg)),
949 0))
950 goto err;
951
952 EVP_PKEY_CTX_free(ctx);
953 ctx = EVP_PKEY_CTX_new_from_pkey(multi_libctx, shared_evp_pkey, NULL);
954
955 if (!TEST_ptr(ctx))
956 goto err;
957
958 ptlen = sizeof(ptbuf);
959 if (!TEST_int_ge(EVP_PKEY_decrypt_init(ctx), 0)
960 || !TEST_int_gt(EVP_PKEY_decrypt(ctx, ptbuf, &ptlen, ctbuf, ctlen),
961 0)
962 || !TEST_mem_eq(msg, strlen(msg), ptbuf, ptlen))
963 goto err;
964 }
965
966 success = 1;
967
968 err:
969 EVP_PKEY_CTX_free(ctx);
970 if (!success)
971 multi_set_success(0);
972 }
973
thread_provider_load_unload(void)974 static void thread_provider_load_unload(void)
975 {
976 OSSL_PROVIDER *deflt = OSSL_PROVIDER_load(multi_libctx, "default");
977
978 if (!TEST_ptr(deflt)
979 || !TEST_true(OSSL_PROVIDER_available(multi_libctx, "default")))
980 multi_set_success(0);
981
982 OSSL_PROVIDER_unload(deflt);
983 }
984
test_multi_general_worker_default_provider(void)985 static int test_multi_general_worker_default_provider(void)
986 {
987 return thread_run_test(&thread_general_worker, 2, &thread_general_worker,
988 1, default_provider);
989 }
990
test_multi_general_worker_fips_provider(void)991 static int test_multi_general_worker_fips_provider(void)
992 {
993 if (!do_fips)
994 return TEST_skip("FIPS not supported");
995 return thread_run_test(&thread_general_worker, 2, &thread_general_worker,
996 1, fips_provider);
997 }
998
test_multi_fetch_worker(void)999 static int test_multi_fetch_worker(void)
1000 {
1001 return thread_run_test(&thread_multi_simple_fetch,
1002 2, &thread_multi_simple_fetch, 1, default_provider);
1003 }
1004
test_multi_shared_pkey_common(void (* worker)(void))1005 static int test_multi_shared_pkey_common(void (*worker)(void))
1006 {
1007 int testresult = 0;
1008
1009 multi_intialise();
1010 if (!thread_setup_libctx(1, do_fips ? fips_and_default_providers
1011 : default_provider)
1012 || !TEST_ptr(shared_evp_pkey = load_pkey_pem(privkey, multi_libctx))
1013 || !start_threads(1, &thread_shared_evp_pkey)
1014 || !start_threads(1, worker))
1015 goto err;
1016
1017 thread_shared_evp_pkey();
1018
1019 if (!teardown_threads()
1020 || !TEST_true(multi_success))
1021 goto err;
1022 testresult = 1;
1023 err:
1024 EVP_PKEY_free(shared_evp_pkey);
1025 thead_teardown_libctx();
1026 return testresult;
1027 }
1028
1029 #ifndef OPENSSL_NO_DEPRECATED_3_0
thread_downgrade_shared_evp_pkey(void)1030 static void thread_downgrade_shared_evp_pkey(void)
1031 {
1032 /*
1033 * This test is only relevant for deprecated functions that perform
1034 * downgrading
1035 */
1036 if (EVP_PKEY_get0_RSA(shared_evp_pkey) == NULL)
1037 multi_set_success(0);
1038 }
1039
test_multi_downgrade_shared_pkey(void)1040 static int test_multi_downgrade_shared_pkey(void)
1041 {
1042 return test_multi_shared_pkey_common(&thread_downgrade_shared_evp_pkey);
1043 }
1044 #endif
1045
test_multi_shared_pkey(void)1046 static int test_multi_shared_pkey(void)
1047 {
1048 return test_multi_shared_pkey_common(&thread_shared_evp_pkey);
1049 }
1050
thread_release_shared_pkey(void)1051 static void thread_release_shared_pkey(void)
1052 {
1053 OSSL_sleep(0);
1054 EVP_PKEY_free(shared_evp_pkey);
1055 }
1056
test_multi_shared_pkey_release(void)1057 static int test_multi_shared_pkey_release(void)
1058 {
1059 int testresult = 0;
1060 size_t i = 1;
1061
1062 multi_intialise();
1063 shared_evp_pkey = NULL;
1064 if (!thread_setup_libctx(1, do_fips ? fips_and_default_providers
1065 : default_provider)
1066 || !TEST_ptr(shared_evp_pkey = load_pkey_pem(privkey, multi_libctx)))
1067 goto err;
1068 for (; i < 10; ++i) {
1069 if (!TEST_true(EVP_PKEY_up_ref(shared_evp_pkey)))
1070 goto err;
1071 }
1072
1073 if (!start_threads(10, &thread_release_shared_pkey))
1074 goto err;
1075 i = 0;
1076
1077 if (!teardown_threads()
1078 || !TEST_true(multi_success))
1079 goto err;
1080 testresult = 1;
1081 err:
1082 while (i > 0) {
1083 EVP_PKEY_free(shared_evp_pkey);
1084 --i;
1085 }
1086 thead_teardown_libctx();
1087 return testresult;
1088 }
1089
test_multi_load_unload_provider(void)1090 static int test_multi_load_unload_provider(void)
1091 {
1092 EVP_MD *sha256 = NULL;
1093 OSSL_PROVIDER *prov = NULL;
1094 int testresult = 0;
1095
1096 multi_intialise();
1097 if (!thread_setup_libctx(1, NULL)
1098 || !TEST_ptr(prov = OSSL_PROVIDER_load(multi_libctx, "default"))
1099 || !TEST_ptr(sha256 = EVP_MD_fetch(multi_libctx, "SHA2-256", NULL))
1100 || !TEST_true(OSSL_PROVIDER_unload(prov)))
1101 goto err;
1102 prov = NULL;
1103
1104 if (!start_threads(2, &thread_provider_load_unload))
1105 goto err;
1106
1107 thread_provider_load_unload();
1108
1109 if (!teardown_threads()
1110 || !TEST_true(multi_success))
1111 goto err;
1112 testresult = 1;
1113 err:
1114 OSSL_PROVIDER_unload(prov);
1115 EVP_MD_free(sha256);
1116 thead_teardown_libctx();
1117 return testresult;
1118 }
1119
1120 static char *multi_load_provider = "legacy";
1121 /*
1122 * This test attempts to load several providers at the same time, and if
1123 * run with a thread sanitizer, should crash if the core provider code
1124 * doesn't synchronize well enough.
1125 */
test_multi_load_worker(void)1126 static void test_multi_load_worker(void)
1127 {
1128 OSSL_PROVIDER *prov;
1129
1130 if (!TEST_ptr(prov = OSSL_PROVIDER_load(multi_libctx, multi_load_provider))
1131 || !TEST_true(OSSL_PROVIDER_unload(prov)))
1132 multi_set_success(0);
1133 }
1134
test_multi_default(void)1135 static int test_multi_default(void)
1136 {
1137 /* Avoid running this test twice */
1138 if (multidefault_run) {
1139 TEST_skip("multi default test already run");
1140 return 1;
1141 }
1142 multidefault_run = 1;
1143
1144 return thread_run_test(&thread_multi_simple_fetch,
1145 2, &thread_multi_simple_fetch, 0, NULL);
1146 }
1147
test_multi_load(void)1148 static int test_multi_load(void)
1149 {
1150 int res = 1;
1151 OSSL_PROVIDER *prov;
1152
1153 /* The multidefault test must run prior to this test */
1154 if (!multidefault_run) {
1155 TEST_info("Running multi default test first");
1156 res = test_multi_default();
1157 }
1158
1159 /*
1160 * We use the legacy provider in test_multi_load_worker because it uses a
1161 * child libctx that might hit more codepaths that might be sensitive to
1162 * threading issues. But in a no-legacy build that won't be loadable so
1163 * we use the default provider instead.
1164 */
1165 prov = OSSL_PROVIDER_load(NULL, "legacy");
1166 if (prov == NULL) {
1167 TEST_info("Cannot load legacy provider - assuming this is a no-legacy build");
1168 multi_load_provider = "default";
1169 }
1170 OSSL_PROVIDER_unload(prov);
1171
1172 return thread_run_test(NULL, MAXIMUM_THREADS, &test_multi_load_worker, 0,
1173 NULL) && res;
1174 }
1175
test_obj_create_one(void)1176 static void test_obj_create_one(void)
1177 {
1178 char tids[12], oid[40], sn[30], ln[30];
1179 int id = get_new_uid();
1180
1181 BIO_snprintf(tids, sizeof(tids), "%d", id);
1182 BIO_snprintf(oid, sizeof(oid), "1.3.6.1.4.1.16604.%s", tids);
1183 BIO_snprintf(sn, sizeof(sn), "short-name-%s", tids);
1184 BIO_snprintf(ln, sizeof(ln), "long-name-%s", tids);
1185 if (!TEST_int_ne(id, 0)
1186 || !TEST_true(id = OBJ_create(oid, sn, ln))
1187 || !TEST_true(OBJ_add_sigid(id, NID_sha3_256, NID_rsa)))
1188 multi_set_success(0);
1189 }
1190
test_obj_add(void)1191 static int test_obj_add(void)
1192 {
1193 return thread_run_test(&test_obj_create_one,
1194 MAXIMUM_THREADS, &test_obj_create_one,
1195 1, default_provider);
1196 }
1197
1198 #if !defined(OPENSSL_NO_DGRAM) && !defined(OPENSSL_NO_SOCK)
1199 static BIO *multi_bio1, *multi_bio2;
1200
test_bio_dgram_pair_worker(void)1201 static void test_bio_dgram_pair_worker(void)
1202 {
1203 ossl_unused int r;
1204 int ok = 0;
1205 uint8_t ch = 0;
1206 uint8_t scratch[64];
1207 BIO_MSG msg = {0};
1208 size_t num_processed = 0;
1209
1210 if (!TEST_int_eq(RAND_bytes_ex(multi_libctx, &ch, 1, 64), 1))
1211 goto err;
1212
1213 msg.data = scratch;
1214 msg.data_len = sizeof(scratch);
1215
1216 /*
1217 * We do not test for failure here as recvmmsg may fail if no sendmmsg
1218 * has been called yet. The purpose of this code is to exercise tsan.
1219 */
1220 if (ch & 2)
1221 r = BIO_sendmmsg(ch & 1 ? multi_bio2 : multi_bio1, &msg,
1222 sizeof(BIO_MSG), 1, 0, &num_processed);
1223 else
1224 r = BIO_recvmmsg(ch & 1 ? multi_bio2 : multi_bio1, &msg,
1225 sizeof(BIO_MSG), 1, 0, &num_processed);
1226
1227 ok = 1;
1228 err:
1229 if (ok == 0)
1230 multi_set_success(0);
1231 }
1232
test_bio_dgram_pair(void)1233 static int test_bio_dgram_pair(void)
1234 {
1235 int r;
1236 BIO *bio1 = NULL, *bio2 = NULL;
1237
1238 r = BIO_new_bio_dgram_pair(&bio1, 0, &bio2, 0);
1239 if (!TEST_int_eq(r, 1))
1240 goto err;
1241
1242 multi_bio1 = bio1;
1243 multi_bio2 = bio2;
1244
1245 r = thread_run_test(&test_bio_dgram_pair_worker,
1246 MAXIMUM_THREADS, &test_bio_dgram_pair_worker,
1247 1, default_provider);
1248
1249 err:
1250 BIO_free(bio1);
1251 BIO_free(bio2);
1252 return r;
1253 }
1254 #endif
1255
1256 static const char *pemdataraw[] = {
1257 "-----BEGIN RSA PRIVATE KEY-----\n",
1258 "MIIBOgIBAAJBAMFcGsaxxdgiuuGmCkVImy4h99CqT7jwY3pexPGcnUFtR2Fh36Bp\n",
1259 "oncwtkZ4cAgtvd4Qs8PkxUdp6p/DlUmObdkCAwEAAQJAUR44xX6zB3eaeyvTRzms\n",
1260 "kHADrPCmPWnr8dxsNwiDGHzrMKLN+i/HAam+97HxIKVWNDH2ba9Mf1SA8xu9dcHZ\n",
1261 "AQIhAOHPCLxbtQFVxlnhSyxYeb7O323c3QulPNn3bhOipElpAiEA2zZpBE8ZXVnL\n",
1262 "74QjG4zINlDfH+EOEtjJJ3RtaYDugvECIBtsQDxXytChsRgDQ1TcXdStXPcDppie\n",
1263 "dZhm8yhRTTBZAiAZjE/U9rsIDC0ebxIAZfn3iplWh84yGB3pgUI3J5WkoQIhAInE\n",
1264 "HTUY5WRj5riZtkyGnbm3DvF+1eMtO2lYV+OuLcfE\n",
1265 "-----END RSA PRIVATE KEY-----\n",
1266 NULL
1267 };
1268
test_pem_read_one(void)1269 static void test_pem_read_one(void)
1270 {
1271 EVP_PKEY *key = NULL;
1272 BIO *pem = NULL;
1273 char *pemdata;
1274 size_t len;
1275
1276 pemdata = glue_strings(pemdataraw, &len);
1277 if (pemdata == NULL) {
1278 multi_set_success(0);
1279 goto err;
1280 }
1281
1282 pem = BIO_new_mem_buf(pemdata, (int)len);
1283 if (pem == NULL) {
1284 multi_set_success(0);
1285 goto err;
1286 }
1287
1288 key = PEM_read_bio_PrivateKey(pem, NULL, NULL, NULL);
1289 if (key == NULL)
1290 multi_set_success(0);
1291
1292 err:
1293 EVP_PKEY_free(key);
1294 BIO_free(pem);
1295 OPENSSL_free(pemdata);
1296 }
1297
1298 /* Test reading PEM files in multiple threads */
test_pem_read(void)1299 static int test_pem_read(void)
1300 {
1301 return thread_run_test(&test_pem_read_one, MAXIMUM_THREADS,
1302 &test_pem_read_one, 1, default_provider);
1303 }
1304
1305 static X509_STORE *store = NULL;
1306
test_x509_store_by_subject(void)1307 static void test_x509_store_by_subject(void)
1308 {
1309 X509_STORE_CTX *ctx;
1310 X509_OBJECT *obj = NULL;
1311 X509_NAME *name = NULL;
1312 int success = 0;
1313
1314 ctx = X509_STORE_CTX_new();
1315 if (!TEST_ptr(ctx))
1316 goto err;
1317
1318 if (!TEST_true(X509_STORE_CTX_init(ctx, store, NULL, NULL)))
1319 goto err;
1320
1321 name = X509_NAME_new();
1322 if (!TEST_ptr(name))
1323 goto err;
1324 if (!TEST_true(X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC,
1325 (unsigned char *)"Root CA",
1326 -1, -1, 0)))
1327 goto err;
1328 obj = X509_STORE_CTX_get_obj_by_subject(ctx, X509_LU_X509, name);
1329 if (!TEST_ptr(obj))
1330 goto err;
1331
1332 success = 1;
1333 err:
1334 X509_OBJECT_free(obj);
1335 X509_STORE_CTX_free(ctx);
1336 X509_NAME_free(name);
1337 if (!success)
1338 multi_set_success(0);
1339 }
1340
1341 /* Test accessing an X509_STORE from multiple threads */
test_x509_store(void)1342 static int test_x509_store(void)
1343 {
1344 int ret = 0;
1345
1346 store = X509_STORE_new();
1347 if (!TEST_ptr(store))
1348 return 0;
1349 if (!TEST_true(X509_STORE_load_store(store, storedir)))
1350 goto err;
1351
1352 ret = thread_run_test(&test_x509_store_by_subject, MAXIMUM_THREADS,
1353 &test_x509_store_by_subject, 0, NULL);
1354
1355 err:
1356 X509_STORE_free(store);
1357 store = NULL;
1358 return ret;
1359 }
1360
1361 typedef enum OPTION_choice {
1362 OPT_ERR = -1,
1363 OPT_EOF = 0,
1364 OPT_FIPS, OPT_CONFIG_FILE,
1365 OPT_TEST_ENUM
1366 } OPTION_CHOICE;
1367
test_get_options(void)1368 const OPTIONS *test_get_options(void)
1369 {
1370 static const OPTIONS options[] = {
1371 OPT_TEST_OPTIONS_DEFAULT_USAGE,
1372 { "fips", OPT_FIPS, '-', "Test the FIPS provider" },
1373 { "config", OPT_CONFIG_FILE, '<',
1374 "The configuration file to use for the libctx" },
1375 { NULL }
1376 };
1377 return options;
1378 }
1379
setup_tests(void)1380 int setup_tests(void)
1381 {
1382 OPTION_CHOICE o;
1383 char *datadir;
1384
1385 while ((o = opt_next()) != OPT_EOF) {
1386 switch (o) {
1387 case OPT_FIPS:
1388 do_fips = 1;
1389 break;
1390 case OPT_CONFIG_FILE:
1391 config_file = opt_arg();
1392 break;
1393 case OPT_TEST_CASES:
1394 break;
1395 default:
1396 return 0;
1397 }
1398 }
1399
1400 if (!TEST_ptr(datadir = test_get_argument(0)))
1401 return 0;
1402
1403 privkey = test_mk_file_path(datadir, "rsakey.pem");
1404 if (!TEST_ptr(privkey))
1405 return 0;
1406
1407 storedir = test_mk_file_path(datadir, "store");
1408 if (!TEST_ptr(storedir))
1409 return 0;
1410
1411 if (!TEST_ptr(global_lock = CRYPTO_THREAD_lock_new()))
1412 return 0;
1413
1414 #ifdef TSAN_REQUIRES_LOCKING
1415 if (!TEST_ptr(tsan_lock = CRYPTO_THREAD_lock_new()))
1416 return 0;
1417 #endif
1418
1419 /* Keep first to validate auto creation of default library context */
1420 ADD_TEST(test_multi_default);
1421
1422 ADD_TEST(test_lock);
1423 #if defined(OPENSSL_THREADS)
1424 ADD_TEST(torture_rw_low);
1425 ADD_TEST(torture_rw_high);
1426 ADD_TEST(torture_rcu_low);
1427 ADD_TEST(torture_rcu_high);
1428 ADD_TEST(torture_rcu_high2);
1429 #endif
1430 ADD_TEST(test_once);
1431 ADD_TEST(test_thread_local);
1432 ADD_TEST(test_thread_local_multi_key);
1433 ADD_TEST(test_atomic);
1434 ADD_TEST(test_multi_load);
1435 ADD_TEST(test_multi_general_worker_default_provider);
1436 ADD_TEST(test_multi_general_worker_fips_provider);
1437 ADD_TEST(test_multi_fetch_worker);
1438 ADD_TEST(test_multi_shared_pkey);
1439 #ifndef OPENSSL_NO_DEPRECATED_3_0
1440 ADD_TEST(test_multi_downgrade_shared_pkey);
1441 #endif
1442 ADD_TEST(test_multi_shared_pkey_release);
1443 ADD_TEST(test_multi_load_unload_provider);
1444 ADD_TEST(test_obj_add);
1445 #if !defined(OPENSSL_NO_DGRAM) && !defined(OPENSSL_NO_SOCK)
1446 ADD_TEST(test_bio_dgram_pair);
1447 #endif
1448 ADD_TEST(test_pem_read);
1449 ADD_TEST(test_x509_store);
1450 return 1;
1451 }
1452
cleanup_tests(void)1453 void cleanup_tests(void)
1454 {
1455 OPENSSL_free(privkey);
1456 OPENSSL_free(storedir);
1457 #ifdef TSAN_REQUIRES_LOCKING
1458 CRYPTO_THREAD_lock_free(tsan_lock);
1459 #endif
1460 CRYPTO_THREAD_lock_free(global_lock);
1461 }
1462