Skip to content

20251114-WOLFSSL_BLIND_PRIVATE_KEY-thread-safety #9436

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Nov 17, 2025
Merged

20251114-WOLFSSL_BLIND_PRIVATE_KEY-thread-safety #9436

merged 2 commits into from
Nov 17, 2025

Conversation

@douzzer
Copy link
Contributor

@douzzer douzzer commented Nov 14, 2025

fix races around WOLFSSL_CTX.{privateKey,privateKeyMask,altPrivateKey,altPrivateKeyMask} in WOLFSSL_BLIND_PRIVATE_KEY code paths:

  • rename wolfssl_priv_der_unblind() to wolfssl_priv_der_blind_toggle(),
  • add wolfssl_priv_der_unblind() that allocates a temp copy,
  • add wolfssl_priv_der_unblind_free(),
  • in wolfssl_priv_der_blind_toggle(), make mask a const arg;

restore const attribute to ctx arg to wolfSSL_CTX_get0_privatekey(), and add explanatory comment.

tested with wolfssl-multi-test.sh ... check-source-text clang-tidy-all-sp-all

Also ran clang-tidy-all-sp-all with LIBWOLFSSL_CONFIGURE_ARGS_OVERRIDE=CFLAGS=-DWOLFSSL_BLIND_PRIVATE_KEY, which is analytically clean, but crashes, unrelated to this PR:

Thread 1 "unit.test" received signal SIGSEGV, Segmentation fault.
0x00007ffff7c7a925 in DoTls13ClientHello (ssl=ssl@entry=0x5555563bcfe0, 
    input=input@entry=0x5555562d2160 "\001", inOutIdx=inOutIdx@entry=0x5555563bd2d4, 
    helloSz=helloSz@entry=518) at src/tls13.c:6937
6937        ssl->session->sessionIDSz = sessIdSz;
(gdb) bt
#0  0x00007ffff7c7a925 in DoTls13ClientHello (ssl=ssl@entry=0x5555563bcfe0, 
    input=input@entry=0x5555562d2160 "\001", inOutIdx=inOutIdx@entry=0x5555563bd2d4, 
    helloSz=helloSz@entry=518) at src/tls13.c:6937
#1  0x00007ffff7c7e405 in DoTls13HandShakeMsgType (ssl=ssl@entry=0x5555563bcfe0, 
    input=input@entry=0x5555562d2160 "\001", inOutIdx=inOutIdx@entry=0x5555563bd2d4, type=1 '\001', 
    size=518, totalSz=<optimized out>) at src/tls13.c:12821
#2  0x00007ffff7c80c79 in DoTls13HandShakeMsg (ssl=ssl@entry=0x5555563bcfe0, input=0x5555562d2160 "\001", 
    inOutIdx=inOutIdx@entry=0x5555563bd2d4, totalSz=totalSz@entry=522) at src/tls13.c:13166
#3  0x00007ffff7bef6ef in DoProcessReplyEx (ssl=ssl@entry=0x5555563bcfe0, 
    allowSocketErr=allowSocketErr@entry=0) at src/internal.c:22932
#4  0x00007ffff7bf0273 in ProcessReplyEx (ssl=0x5555563bcfe0, allowSocketErr=0) at src/internal.c:23305
#5  ProcessReply (ssl=ssl@entry=0x5555563bcfe0) at src/internal.c:23298
#6  0x00007ffff7c25a98 in wolfSSL_accept (ssl=0x5555563bcfe0) at src/ssl.c:11027
#7  0x00005555558b4dad in test_wolfSSL_BIO_accept () at tests/api/test_ossl_bio.c:855
#8  0x0000555555733a97 in ApiTest () at tests/api.c:51996
#9  0x00005555555b8a45 in unit_test (argc=1, argv=0x7fffffffcf18) at tests/unit.c:284
#10 0x00007ffff770b288 in __libc_start_call_main (main=main@entry=0x5555555b85a0 <main>, 
    argc=argc@entry=1, argv=argv@entry=0x7fffffffcf18) at ../sysdeps/nptl/libc_start_call_main.h:58
#11 0x00007ffff770b34b in __libc_start_main_impl (main=0x5555555b85a0 <main>, argc=1, argv=0x7fffffffcf18, 
    init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffcf08)
    at ../csu/libc-start.c:360
#12 0x00005555555b85d5 in _start () at ../sysdeps/x86_64/start.S:115

@douzzer douzzer added the For This Release Release version 5.8.4 label Nov 14, 2025
@devin-ai-integration

This comment was marked as spam.

Sign in to view
@dgarske
Copy link
Contributor

dgarske commented Nov 14, 2025

Jenkins retest this please: PRB-generic-config-parser aborted

dgarske
dgarske previously approved these changes Nov 14, 2025
View reviewed changes
julek-wolfssl
julek-wolfssl previously requested changes Nov 14, 2025
View reviewed changes
@douzzer
fix races around WOLFSSL_CTX.{privateKey,privateKeyMask,altPrivateKey…
dee0658 
…,altPrivateKeyMask} in WOLFSSL_BLIND_PRIVATE_KEY code paths:

* rename wolfssl_priv_der_unblind() to wolfssl_priv_der_blind_toggle(),
* add wolfssl_priv_der_unblind() that allocates a temp copy,
* add wolfssl_priv_der_unblind_free(),
* in wolfssl_priv_der_blind_toggle(), make mask a const arg;

restore const attribute to ctx arg to wolfSSL_CTX_get0_privatekey(), and add explanatory comment.
@douzzer
src/internal.c: peer review: refactor wolfssl_priv_der_unblind() and …
c29abcc 
…wolfssl_priv_der_unblind_free() to use AllocDer() and FreeDer().
@douzzer douzzer force-pushed the 20251114-WOLFSSL_BLIND_PRIVATE_KEY-thread-safety branch from e82110b to c29abcc Compare November 15, 2025 00:14
@douzzer douzzer assigned wolfSSL-Bot and SparkiDev and unassigned douzzer Nov 15, 2025
@douzzer
Copy link
Contributor Author

douzzer commented Nov 17, 2025

note, this is a follow-up to #9427

@dgarske dgarske assigned JacobBarthelmeh and unassigned SparkiDev Nov 17, 2025
@JacobBarthelmeh JacobBarthelmeh dismissed julek-wolfssl’s stale review November 17, 2025 17:41

Items brought up were addressed

@JacobBarthelmeh JacobBarthelmeh merged commit 35374a1 into wolfSSL:master Nov 17, 2025
267 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dgarske dgarske dgarske approved these changes

@JacobBarthelmeh JacobBarthelmeh JacobBarthelmeh approved these changes

@wolfSSL-Bot wolfSSL-Bot Awaiting requested review from wolfSSL-Bot

@SparkiDev SparkiDev Awaiting requested review from SparkiDev

@julek-wolfssl julek-wolfssl Awaiting requested review from julek-wolfssl

Assignees

@JacobBarthelmeh JacobBarthelmeh

@wolfSSL-Bot wolfSSL-Bot

Labels

For This Release Release version 5.8.4

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@douzzer @dgarske @JacobBarthelmeh @julek-wolfssl @wolfSSL-Bot @SparkiDev