|
 |
c4366c |
/* Test program to verify that RSA signing is thread-safe in OpenSSL. */
|
|
|
c4366c |
|
|
|
c4366c |
#include <assert.h>
|
|
|
c4366c |
#include <errno.h>
|
|
|
c4366c |
#include <fcntl.h>
|
|
|
c4366c |
#include <limits.h>
|
|
|
c4366c |
#include <pthread.h>
|
|
|
c4366c |
#include <stdio.h>
|
|
|
c4366c |
#include <string.h>
|
|
|
c4366c |
#include <unistd.h>
|
|
|
c4366c |
|
|
|
c4366c |
#include <openssl/crypto.h>
|
|
|
c4366c |
#include <openssl/err.h>
|
|
|
c4366c |
#include <openssl/objects.h>
|
|
|
c4366c |
#include <openssl/rand.h>
|
|
|
c4366c |
#include <openssl/rsa.h>
|
|
|
c4366c |
#include <openssl/md5.h>
|
|
|
c4366c |
#include <openssl/ssl.h>
|
|
|
c4366c |
|
|
|
c4366c |
/* Just assume we want to do engine stuff if we're using 0.9.6b or
|
|
|
c4366c |
* higher. This assumption is only valid for versions bundled with RHL. */
|
|
|
c4366c |
#if OPENSSL_VERSION_NUMBER >= 0x0090602fL
|
|
|
c4366c |
#include <openssl/engine.h>
|
|
|
c4366c |
#define USE_ENGINE
|
|
|
c4366c |
#endif
|
|
|
c4366c |
|
|
|
c4366c |
#define MAX_THREAD_COUNT 10000
|
|
|
c4366c |
#define ITERATION_COUNT 10
|
|
|
c4366c |
#define MAIN_COUNT 100
|
|
|
c4366c |
|
|
|
c4366c |
/* OpenSSL requires us to provide thread ID and locking primitives. */
|
|
|
c4366c |
pthread_mutex_t *mutex_locks = NULL;
|
|
|
c4366c |
static unsigned long
|
|
|
c4366c |
thread_id_cb(void)
|
|
|
c4366c |
{
|
|
|
c4366c |
return (unsigned long) pthread_self();
|
|
|
c4366c |
}
|
|
|
c4366c |
static void
|
|
|
c4366c |
lock_cb(int mode, int n, const char *file, int line)
|
|
|
c4366c |
{
|
|
|
c4366c |
if (mode & CRYPTO_LOCK) {
|
|
|
c4366c |
pthread_mutex_lock(&mutex_locks[n]);
|
|
|
c4366c |
} else {
|
|
|
c4366c |
pthread_mutex_unlock(&mutex_locks[n]);
|
|
|
c4366c |
}
|
|
|
c4366c |
}
|
|
|
c4366c |
|
|
|
c4366c |
struct thread_args {
|
|
|
c4366c |
RSA *rsa;
|
|
|
c4366c |
int digest_type;
|
|
|
c4366c |
unsigned char *digest;
|
|
|
c4366c |
unsigned int digest_len;
|
|
|
c4366c |
unsigned char *signature;
|
|
|
c4366c |
unsigned int signature_len;
|
|
|
c4366c |
pthread_t main_thread;
|
|
|
c4366c |
};
|
|
|
c4366c |
|
|
|
c4366c |
static int print = 0;
|
|
|
c4366c |
|
|
|
c4366c |
pthread_mutex_t sign_lock = PTHREAD_MUTEX_INITIALIZER;
|
|
|
c4366c |
static int locked_sign = 0;
|
|
|
c4366c |
static void SIGN_LOCK() {if (locked_sign) pthread_mutex_lock(&sign_lock);}
|
|
|
c4366c |
static void SIGN_UNLOCK() {if (locked_sign) pthread_mutex_unlock(&sign_lock);}
|
|
|
c4366c |
|
|
|
c4366c |
pthread_mutex_t verify_lock = PTHREAD_MUTEX_INITIALIZER;
|
|
|
c4366c |
static int locked_verify = 0;
|
|
|
c4366c |
static void VERIFY_LOCK() {if (locked_verify) pthread_mutex_lock(&verify_lock);}
|
|
|
c4366c |
static void VERIFY_UNLOCK() {if (locked_verify) pthread_mutex_unlock(&verify_lock);}
|
|
|
c4366c |
|
|
|
c4366c |
pthread_mutex_t failure_count_lock = PTHREAD_MUTEX_INITIALIZER;
|
|
|
c4366c |
long failure_count = 0;
|
|
|
c4366c |
static void
|
|
|
c4366c |
failure()
|
|
|
c4366c |
{
|
|
|
c4366c |
pthread_mutex_lock(&failure_count_lock);
|
|
|
c4366c |
failure_count++;
|
|
|
c4366c |
pthread_mutex_unlock(&failure_count_lock);
|
|
|
c4366c |
}
|
|
|
c4366c |
|
|
|
c4366c |
static void *
|
|
|
c4366c |
thread_main(void *argp)
|
|
|
c4366c |
{
|
|
|
c4366c |
struct thread_args *args = argp;
|
|
|
c4366c |
unsigned char *signature;
|
|
|
c4366c |
unsigned int signature_len, signature_alloc_len;
|
|
|
c4366c |
int ret, i;
|
|
|
c4366c |
|
|
|
c4366c |
signature_alloc_len = args->signature_len;
|
|
|
c4366c |
if (RSA_size(args->rsa) > signature_alloc_len) {
|
|
|
c4366c |
signature_alloc_len = RSA_size(args->rsa);
|
|
|
c4366c |
}
|
|
|
c4366c |
signature = malloc(signature_alloc_len);
|
|
|
c4366c |
if (signature == NULL) {
|
|
|
c4366c |
fprintf(stderr, "Skipping checks in thread %lu -- %s.\n",
|
|
|
c4366c |
(unsigned long) pthread_self(), strerror(errno));
|
|
|
c4366c |
pthread_exit(0);
|
|
|
c4366c |
return NULL;
|
|
|
c4366c |
}
|
|
|
c4366c |
for (i = 0; i < ITERATION_COUNT; i++) {
|
|
|
c4366c |
signature_len = signature_alloc_len;
|
|
|
c4366c |
SIGN_LOCK();
|
|
|
c4366c |
ret = RSA_check_key(args->rsa);
|
|
|
c4366c |
ERR_print_errors_fp(stdout);
|
|
|
c4366c |
if (ret != 1) {
|
|
|
c4366c |
failure();
|
|
|
c4366c |
break;
|
|
|
c4366c |
}
|
|
|
c4366c |
ret = RSA_sign(args->digest_type,
|
|
|
c4366c |
args->digest,
|
|
|
c4366c |
args->digest_len,
|
|
|
c4366c |
signature, &signature_len,
|
|
|
c4366c |
args->rsa);
|
|
|
c4366c |
SIGN_UNLOCK();
|
|
|
c4366c |
ERR_print_errors_fp(stdout);
|
|
|
c4366c |
if (ret != 1) {
|
|
|
c4366c |
failure();
|
|
|
c4366c |
break;
|
|
|
c4366c |
}
|
|
|
c4366c |
|
|
|
c4366c |
VERIFY_LOCK();
|
|
|
c4366c |
ret = RSA_verify(args->digest_type,
|
|
|
c4366c |
args->digest,
|
|
|
c4366c |
args->digest_len,
|
|
|
c4366c |
signature, signature_len,
|
|
|
c4366c |
args->rsa);
|
|
|
c4366c |
VERIFY_UNLOCK();
|
|
|
c4366c |
if (ret != 1) {
|
|
|
c4366c |
fprintf(stderr,
|
|
|
c4366c |
"Signature from thread %lu(%d) fails "
|
|
|
c4366c |
"verification (passed in thread #%lu)!\n",
|
|
|
c4366c |
(long) pthread_self(), i,
|
|
|
c4366c |
(long) args->main_thread);
|
|
|
c4366c |
ERR_print_errors_fp(stdout);
|
|
|
c4366c |
failure();
|
|
|
c4366c |
continue;
|
|
|
c4366c |
}
|
|
|
c4366c |
if (print) {
|
|
|
c4366c |
fprintf(stderr, ">%d\n", i);
|
|
|
c4366c |
}
|
|
|
c4366c |
}
|
|
|
c4366c |
free(signature);
|
|
|
c4366c |
|
|
|
c4366c |
pthread_exit(0);
|
|
|
c4366c |
|
|
|
c4366c |
return NULL;
|
|
|
c4366c |
}
|
|
|
c4366c |
|
|
|
c4366c |
unsigned char *
|
|
|
c4366c |
xmemdup(unsigned char *s, size_t len)
|
|
|
c4366c |
{
|
|
|
c4366c |
unsigned char *r;
|
|
|
c4366c |
r = malloc(len);
|
|
|
c4366c |
if (r == NULL) {
|
|
|
c4366c |
fprintf(stderr, "Out of memory.\n");
|
|
|
c4366c |
ERR_print_errors_fp(stdout);
|
|
|
c4366c |
assert(r != NULL);
|
|
|
c4366c |
}
|
|
|
c4366c |
memcpy(r, s, len);
|
|
|
c4366c |
return r;
|
|
|
c4366c |
}
|
|
|
c4366c |
|
|
|
c4366c |
int
|
|
|
c4366c |
main(int argc, char **argv)
|
|
|
c4366c |
{
|
|
|
c4366c |
RSA *rsa;
|
|
|
c4366c |
MD5_CTX md5;
|
|
|
c4366c |
int fd, i;
|
|
|
c4366c |
pthread_t threads[MAX_THREAD_COUNT];
|
|
|
c4366c |
int thread_count = 1000;
|
|
|
c4366c |
unsigned char *message, *digest;
|
|
|
c4366c |
unsigned int message_len, digest_len;
|
|
|
c4366c |
unsigned char *correct_signature;
|
|
|
c4366c |
unsigned int correct_siglen, ret;
|
|
|
c4366c |
struct thread_args master_args, *args;
|
|
|
c4366c |
int sync = 0, seed = 0;
|
|
|
c4366c |
int again = 1;
|
|
|
c4366c |
#ifdef USE_ENGINE
|
|
|
c4366c |
char *engine = NULL;
|
|
|
c4366c |
ENGINE *e = NULL;
|
|
|
c4366c |
#endif
|
|
|
c4366c |
|
|
|
c4366c |
pthread_mutex_init(&failure_count_lock, NULL);
|
|
|
c4366c |
|
|
|
c4366c |
for (i = 1; i < argc; i++) {
|
|
|
c4366c |
if (strcmp(argv[i], "--seed") == 0) {
|
|
|
c4366c |
printf("Seeding PRNG.\n");
|
|
|
c4366c |
seed++;
|
|
|
c4366c |
} else
|
|
|
c4366c |
if (strcmp(argv[i], "--sync") == 0) {
|
|
|
c4366c |
printf("Running synchronized.\n");
|
|
|
c4366c |
sync++;
|
|
|
c4366c |
} else
|
|
|
c4366c |
if ((strcmp(argv[i], "--threads") == 0) && (i < argc - 1)) {
|
|
|
c4366c |
i++;
|
|
|
c4366c |
thread_count = atol(argv[i]);
|
|
|
c4366c |
if (thread_count > MAX_THREAD_COUNT) {
|
|
|
c4366c |
thread_count = MAX_THREAD_COUNT;
|
|
|
c4366c |
}
|
|
|
c4366c |
printf("Starting %d threads.\n", thread_count);
|
|
|
c4366c |
sync++;
|
|
|
c4366c |
} else
|
|
|
c4366c |
if (strcmp(argv[i], "--sign") == 0) {
|
|
|
c4366c |
printf("Locking signing.\n");
|
|
|
c4366c |
locked_sign++;
|
|
|
c4366c |
} else
|
|
|
c4366c |
if (strcmp(argv[i], "--verify") == 0) {
|
|
|
c4366c |
printf("Locking verifies.\n");
|
|
|
c4366c |
locked_verify++;
|
|
|
c4366c |
} else
|
|
|
c4366c |
if (strcmp(argv[i], "--print") == 0) {
|
|
|
c4366c |
printf("Tracing.\n");
|
|
|
c4366c |
print++;
|
|
|
c4366c |
#ifdef USE_ENGINE
|
|
|
c4366c |
} else
|
|
|
c4366c |
if ((strcmp(argv[i], "--engine") == 0) && (i < argc - 1)) {
|
|
|
c4366c |
printf("Using engine \"%s\".\n", argv[i + 1]);
|
|
|
c4366c |
engine = argv[i + 1];
|
|
|
c4366c |
i++;
|
|
|
c4366c |
#endif
|
|
|
c4366c |
} else {
|
|
|
c4366c |
printf("Bad argument: %s\n", argv[i]);
|
|
|
c4366c |
return 1;
|
|
|
c4366c |
}
|
|
|
c4366c |
}
|
|
|
c4366c |
|
|
|
c4366c |
/* Get some random data to sign. */
|
|
|
c4366c |
fd = open("/dev/urandom", O_RDONLY);
|
|
|
c4366c |
if (fd == -1) {
|
|
|
c4366c |
fprintf(stderr, "Error opening /dev/urandom: %s\n",
|
|
|
c4366c |
strerror(errno));
|
|
|
c4366c |
}
|
|
|
c4366c |
|
|
|
c4366c |
if (print) {
|
|
|
c4366c |
fprintf(stderr, "Reading random data.\n");
|
|
|
c4366c |
}
|
|
|
c4366c |
message = malloc(message_len = 9371);
|
|
|
c4366c |
read(fd, message, message_len);
|
|
|
c4366c |
close(fd);
|
|
|
c4366c |
|
|
|
c4366c |
/* Initialize the SSL library and set up thread-safe locking. */
|
|
|
c4366c |
ERR_load_crypto_strings();
|
|
|
c4366c |
SSL_library_init();
|
|
|
c4366c |
mutex_locks = malloc(sizeof(pthread_mutex_t) * CRYPTO_num_locks());
|
|
|
c4366c |
for (i = 0; i < CRYPTO_num_locks(); i++) {
|
|
|
c4366c |
pthread_mutex_init(&mutex_locks[i], NULL);
|
|
|
c4366c |
}
|
|
|
c4366c |
CRYPTO_set_id_callback(thread_id_cb);
|
|
|
c4366c |
CRYPTO_set_locking_callback(lock_cb);
|
|
|
c4366c |
ERR_print_errors_fp(stdout);
|
|
|
c4366c |
|
|
|
c4366c |
/* Seed the PRNG if we were asked to do so. */
|
|
|
c4366c |
if (seed) {
|
|
|
c4366c |
if (print) {
|
|
|
c4366c |
fprintf(stderr, "Seeding PRNG.\n");
|
|
|
c4366c |
}
|
|
|
c4366c |
RAND_add(message, message_len, message_len);
|
|
|
c4366c |
ERR_print_errors_fp(stdout);
|
|
|
c4366c |
}
|
|
|
c4366c |
|
|
|
c4366c |
/* Turn on a hardware crypto device if asked to do so. */
|
|
|
c4366c |
#ifdef USE_ENGINE
|
|
|
c4366c |
if (engine) {
|
|
|
c4366c |
#if OPENSSL_VERSION_NUMBER >= 0x0090700fL
|
|
|
c4366c |
ENGINE_load_builtin_engines();
|
|
|
c4366c |
#endif
|
|
|
c4366c |
if (print) {
|
|
|
c4366c |
fprintf(stderr, "Initializing \"%s\" engine.\n",
|
|
|
c4366c |
engine);
|
|
|
c4366c |
}
|
|
|
c4366c |
e = ENGINE_by_id(engine);
|
|
|
c4366c |
ERR_print_errors_fp(stdout);
|
|
|
c4366c |
if (e) {
|
|
|
c4366c |
i = ENGINE_init(e);
|
|
|
c4366c |
ERR_print_errors_fp(stdout);
|
|
|
c4366c |
i = ENGINE_set_default_RSA(e);
|
|
|
c4366c |
ERR_print_errors_fp(stdout);
|
|
|
c4366c |
}
|
|
|
c4366c |
}
|
|
|
c4366c |
#endif
|
|
|
c4366c |
|
|
|
c4366c |
/* Compute the digest for the signature. */
|
|
|
c4366c |
if (print) {
|
|
|
c4366c |
fprintf(stderr, "Computing digest.\n");
|
|
|
c4366c |
}
|
|
|
c4366c |
digest = malloc(digest_len = MD5_DIGEST_LENGTH);
|
|
|
c4366c |
MD5_Init(&md5;;
|
|
|
c4366c |
MD5_Update(&md5, message, message_len);
|
|
|
c4366c |
MD5_Final(digest, &md5;;
|
|
|
c4366c |
|
|
|
c4366c |
/* Generate a signing key. */
|
|
|
c4366c |
if (print) {
|
|
|
c4366c |
fprintf(stderr, "Generating key.\n");
|
|
|
c4366c |
}
|
|
|
c4366c |
rsa = RSA_generate_key(4096, 3, NULL, NULL);
|
|
|
c4366c |
ERR_print_errors_fp(stdout);
|
|
|
c4366c |
if (rsa == NULL) {
|
|
|
c4366c |
_exit(1);
|
|
|
c4366c |
}
|
|
|
c4366c |
|
|
|
c4366c |
/* Sign the data. */
|
|
|
c4366c |
correct_siglen = RSA_size(rsa);
|
|
|
c4366c |
correct_signature = malloc(correct_siglen);
|
|
|
c4366c |
for (i = 0; i < MAIN_COUNT; i++) {
|
|
|
c4366c |
if (print) {
|
|
|
c4366c |
fprintf(stderr, "Signing data (%d).\n", i);
|
|
|
c4366c |
}
|
|
|
c4366c |
ret = RSA_check_key(rsa);
|
|
|
c4366c |
ERR_print_errors_fp(stdout);
|
|
|
c4366c |
if (ret != 1) {
|
|
|
c4366c |
failure();
|
|
|
c4366c |
}
|
|
|
c4366c |
correct_siglen = RSA_size(rsa);
|
|
|
c4366c |
ret = RSA_sign(NID_md5, digest, digest_len,
|
|
|
c4366c |
correct_signature, &correct_siglen,
|
|
|
c4366c |
rsa);
|
|
|
c4366c |
ERR_print_errors_fp(stdout);
|
|
|
c4366c |
if (ret != 1) {
|
|
|
c4366c |
_exit(2);
|
|
|
c4366c |
}
|
|
|
c4366c |
if (print) {
|
|
|
c4366c |
fprintf(stderr, "Verifying data (%d).\n", i);
|
|
|
c4366c |
}
|
|
|
c4366c |
ret = RSA_verify(NID_md5, digest, digest_len,
|
|
|
c4366c |
correct_signature, correct_siglen,
|
|
|
c4366c |
rsa);
|
|
|
c4366c |
if (ret != 1) {
|
|
|
c4366c |
_exit(2);
|
|
|
c4366c |
}
|
|
|
c4366c |
}
|
|
|
c4366c |
|
|
|
c4366c |
/* Collect up the inforamtion which other threads will need for
|
|
|
c4366c |
* comparing their signature results with ours. */
|
|
|
c4366c |
master_args.rsa = rsa;
|
|
|
c4366c |
master_args.digest_type = NID_md5;
|
|
|
c4366c |
master_args.digest = digest;
|
|
|
c4366c |
master_args.digest_len = digest_len;
|
|
|
c4366c |
master_args.signature = correct_signature;
|
|
|
c4366c |
master_args.signature_len = correct_siglen;
|
|
|
c4366c |
master_args.main_thread = pthread_self();
|
|
|
c4366c |
|
|
|
c4366c |
fprintf(stdout, "Performing %d signatures in each of %d threads "
|
|
|
c4366c |
"(%d, %d).\n", ITERATION_COUNT, thread_count,
|
|
|
c4366c |
digest_len, correct_siglen);
|
|
|
c4366c |
fflush(NULL);
|
|
|
c4366c |
|
|
|
c4366c |
/* Start up all of the threads. */
|
|
|
c4366c |
for (i = 0; i < thread_count; i++) {
|
|
|
c4366c |
args = malloc(sizeof(struct thread_args));
|
|
|
c4366c |
args->rsa = RSAPrivateKey_dup(master_args.rsa);
|
|
|
c4366c |
args->digest_type = master_args.digest_type;
|
|
|
c4366c |
args->digest_len = master_args.digest_len;
|
|
|
c4366c |
args->digest = xmemdup(master_args.digest, args->digest_len);
|
|
|
c4366c |
args->signature_len = master_args.signature_len;
|
|
|
c4366c |
args->signature = xmemdup(master_args.signature,
|
|
|
c4366c |
args->signature_len);
|
|
|
c4366c |
args->main_thread = pthread_self();
|
|
|
c4366c |
ret = pthread_create(&threads[i], NULL, thread_main, args);
|
|
|
c4366c |
while ((ret != 0) && (errno == EAGAIN)) {
|
|
|
c4366c |
ret = pthread_create(&threads[i], NULL,
|
|
|
c4366c |
thread_main, &args);
|
|
|
c4366c |
fprintf(stderr, "Thread limit hit at %d.\n", i);
|
|
|
c4366c |
}
|
|
|
c4366c |
if (ret != 0) {
|
|
|
c4366c |
fprintf(stderr, "Unable to create thread %d: %s.\n",
|
|
|
c4366c |
i, strerror(errno));
|
|
|
c4366c |
threads[i] = -1;
|
|
|
c4366c |
} else {
|
|
|
c4366c |
if (sync) {
|
|
|
c4366c |
ret = pthread_join(threads[i], NULL);
|
|
|
c4366c |
assert(ret == 0);
|
|
|
c4366c |
}
|
|
|
c4366c |
if (print) {
|
|
|
c4366c |
fprintf(stderr, "%d\n", i);
|
|
|
c4366c |
}
|
|
|
c4366c |
}
|
|
|
c4366c |
}
|
|
|
c4366c |
|
|
|
c4366c |
/* Wait for all threads to complete. So long as we can find an
|
|
|
c4366c |
* unjoined thread, keep joining threads. */
|
|
|
c4366c |
do {
|
|
|
c4366c |
again = 0;
|
|
|
c4366c |
for (i = 0; i < thread_count; i++) {
|
|
|
c4366c |
/* If we have an unterminated thread, join it. */
|
|
|
c4366c |
if (threads[i] != -1) {
|
|
|
c4366c |
again = 1;
|
|
|
c4366c |
if (print) {
|
|
|
c4366c |
fprintf(stderr, "Joining thread %d.\n",
|
|
|
c4366c |
i);
|
|
|
c4366c |
}
|
|
|
c4366c |
pthread_join(threads[i], NULL);
|
|
|
c4366c |
threads[i] = -1;
|
|
|
c4366c |
break;
|
|
|
c4366c |
}
|
|
|
c4366c |
}
|
|
|
c4366c |
} while (again == 1);
|
|
|
c4366c |
|
|
|
c4366c |
fprintf(stderr, "%ld failures\n", failure_count);
|
|
|
c4366c |
|
|
|
c4366c |
return (failure_count != 0);
|
|
|
c4366c |
}
|