Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Avoid OpenSSL functions are unconditionally called at OQS_destroy #1982

Merged
merged 1 commit into from
Nov 12, 2024
Merged

Avoid OpenSSL functions are unconditionally called at OQS_destroy #1982

merged 1 commit into from
Nov 12, 2024

Conversation

ueno
Copy link
Contributor

@ueno ueno commented Nov 7, 2024

When OQS_DLOPEN_OPENSSL is designated and low-level primitives are overridden with OQS_set_callbacks, OQS_destroy still indirectly calls EVP_free from OpenSSL. This adds a extra NULL check to avoid that.

  • Does this PR change the input/output behaviour of a cryptographic algorithm (i.e., does it change known answer test values)? (If so, a version bump will be required from x.y.z to x.(y+1).0.)
  • Does this PR change the list of algorithms available -- either adding, removing, or renaming? Does this PR otherwise change an API? (If so, PRs in fully supported downstream projects dependent on these, i.e., oqs-provider will also need to be ready for review and merge by the time this is merged.)

@ueno ueno requested a review from dstebila as a code owner November 7, 2024 01:56
@ueno ueno force-pushed the wip/oqs-destroy-openssl branch from 13168c8 to 96d0cba Compare November 7, 2024 05:34
baentsch
baentsch reviewed Nov 7, 2024
View reviewed changes
Copy link
Member

@baentsch baentsch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR begs 1-2 questions in my mind: If the purpose is

to avoid OpenSSL functions being used when they are overridden with OQS_*_set_callbacks

then a) why did free_ossl_objects get called in the first place and/or b) why is EVP_MD_free not also replaced with an "alternative TLS lib" variant?

@ueno
Copy link
Contributor Author

ueno commented Nov 7, 2024

then a) why did free_ossl_objects get called in the first place and/or b) why is EVP_MD_free not also replaced with an "alternative TLS lib" variant?

Let me answer (b) first: the objects being freed here (i.e., fetched algorithm implementations) are exclusively used by the OpenSSL implementation, not used nor needed for alternative TLS lib variants.

For (a), to avoid calling free_ossl_objects entirely, liboqs needs to know which objects are used and which are not, as the current mechanism allows partial override (OpenSSL for SHA3 but GnuTLS for SHA2, ...).

@baentsch
Copy link
Member

baentsch commented Nov 7, 2024

the current mechanism allows partial override

That's the explanation I've been looking for, Thanks @ueno .

baentsch
baentsch reviewed Nov 7, 2024
View reviewed changes
src/common/ossl_helpers.c Outdated Show resolved Hide resolved
baentsch
baentsch approved these changes Nov 7, 2024
View reviewed changes
Copy link
Member

@baentsch baentsch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Conceptually LGTM, but a macro may make this more readable.

@ueno
Avoid OpenSSL functions being called unconditionally at OQS_destroy
28e2f34 
When OQS_DLOPEN_OPENSSL is designated and low-level primitives are
overridden with OQS_*_set_callbacks, OQS_destroy still indirectly
calls EVP_*_free from OpenSSL. This adds a extra NULL check to
avoid that.

Signed-off-by: Daiki Ueno <dueno@redhat.com>
@ueno ueno force-pushed the wip/oqs-destroy-openssl branch from 96d0cba to 28e2f34 Compare November 7, 2024 09:51
SWilson4
SWilson4 approved these changes Nov 7, 2024
View reviewed changes
Copy link
Member

@SWilson4 SWilson4 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Thanks @ueno.

@dstebila dstebila merged commit 2ee908d into open-quantum-safe:main Nov 12, 2024
66 checks passed
gnutlsbot pushed a commit to gnutls/gnutls that referenced this pull request Nov 15, 2024
@ueno
liboqs: don't call OQS_destroy if the version is 0.11.0
a9c16ed 
OQS_destroy in liboqs 0.11.0 unconditionally calls OpenSSL functions
for cleanup; see:
open-quantum-safe/liboqs#1982

As it doesn't do anything other than that so far, just skip it for
now.

Signed-off-by: Daiki Ueno <ueno@gnu.org>
@BrewTestBot BrewTestBot mentioned this pull request Dec 10, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@baentsch baentsch baentsch approved these changes

@SWilson4 SWilson4 SWilson4 approved these changes

@dstebila dstebila Awaiting requested review from dstebila dstebila is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ueno @baentsch @SWilson4 @dstebila