Add option to dynamically load libcrypto.so.* #1603
Conversation
ueno
force-pushed
the
wip/crypto-backend
branch
from
76d86e1 to
f892a4f
Compare
|
Thanks for the proposal. Conceptually, I (think I) get it, but wonder why all tests (using it, i.e., not Windows :) fail on this code: It seems this PR basically delays loading OpenSSL symbols -- but then, why does the hash (and AES) self-test |
|
@ueno Are you interested in continuing to work on this? Just wondering whether to leave this PR open for further development or to close it. Either way, it will remain linked to the issue and can be used as a proof-of-concept / starting point for future work. |
|
@SWilson4 sorry for the inactivity; yes, I'm still interested in working on this, targeting the end of this quarter. |
ueno
force-pushed
the
wip/crypto-backend
branch
11 times, most recently
from
6ea299d to
9a26324
Compare
ueno
changed the title
There was a problem hiding this comment.
Thanks for this contribution, @ueno ! I still think I understand how it works, let all our CI "loose" on it and have a few initial comments from a first review pass through. Just to set expectations: Final review and merge may not happen very quickly as we're trying to get a new liboqs release out the door and this isn't on the feature list for the release.
|
Thanks again, @ueno -- LGTM now. Now one "logical" question pertaining downstream use: Will this feature work without problems if someone activates the new option "OQS_DLOPEN_OPENSSL" while using |
ueno
force-pushed
the
wip/crypto-backend
branch
from
a574880 to
2b27898
Compare
|
I guess we could add such downstream integration tests through packit. So far, I've created a copr repository which hosts modified liboqs package with this changeset. With the package installed on Fedora 39, I confirm nginx is working with hybrid key exchange (x25519_kyber768) following the test scenario provided by @beldmit. |
ueno
force-pushed
the
wip/crypto-backend
branch
from
2b27898 to
5f45b7a
Compare
|
@baentsch now that 0.10.0 is out, is there anything specific we can do to move this forward? As mentioned, my local testing with oqsprovider and nginx/curl didn't show any problems. |
|
I confirm I see no problems with oqsprovider. The only suspicion I have is related to multithreading use cases |
There was a problem hiding this comment.
@baentsch now that 0.10.0 is out, is there anything specific we can do to move this forward? As mentioned, my local testing with oqsprovider and nginx/curl didn't show any problems.
As stated earlier, this LGTM. With 0.10.0 out let's move this towards merge with the second review: @SWilson4 would you have time? Thanks @beldmit for your test/feedback.
According to the manual page, EVP_MD_CTX_destroy has been renamed to EVP_MD_CTX_free in OpenSSL 1.1.0 and only provided as a compatibility macro in later OpenSSL releases: https://www.openssl.org/docs/man1.1.1/man3/EVP_MD_CTX_free.html Signed-off-by: Daiki Ueno <[email protected]>
Throughout the code base, liboqs uses pthread_once for one-shot initialization and falls back to thread-unsafe code if it is not supported nor enabled on the system. For consistency and to remove additional dependency on OpenSSL, this switches the use of CRYPTO_THREAD_run_once with that. Signed-off-by: Daiki Ueno <[email protected]>
This allows applications to replace the implementation of common cryptographic algorithms at runtime, by setting callback functions for each operations with OQS_AES_set_callbacks, OQS_SHA2_set_callbacks, OQS_SHA3_set_callbacks, and OQS_SHA3_x4_callbacks. Those functions may be called once before OQS_init; otherwise the default implementation will be used. Signed-off-by: Daiki Ueno <[email protected]>
This adds OQS_DLOPEN_OPENSSL build option to use OpenSSL through dynamically loaded libcrypto.so.* with dlopen, instead of linking to the library at build time. That way the applications could use their favorite implementation of common cryptographic primitives without pulling in the OpenSSL as a hard dependency. Signed-off-by: Daiki Ueno <[email protected]>
baentsch
force-pushed
the
wip/crypto-backend
branch
from
5f45b7a to
b470c1f
Compare
|
For some reason I'm not able to view logs for the failing CI jobs: only a message that says "this job failed". I'm going to rerun them and see if that helps. |
|
Functionality-wise, this looks OK to me. Thanks, @ueno! It would be nice to test the |
Cool! It would be great to see another liboqs integration. I think it would be a good idea to also have some sort of testing in liboqs CI so that we don't have to monitor an external repo. Perhaps we can set up a Docker image containing nettle and run some tests using it as a common code provider. Or maybe this would be better suited to At any rate, those options are both (imo) out of scope for this PR, so for now please add the non-exhaustive test you mentioned to get it landed. |
This adds tests that exercise OQS_*_set_callbacks by overriding one of the function of each and ensuring the wrapper function is called. Signed-off-by: Daiki Ueno <[email protected]>
|
Sure, b60ba69 is an attempt to add tests for OQS_*_set_callbacks. |
As discussed on #1599, this is a strawman proposal to make the common cryptographic algorithms (AES, SHA2, SHA3, and RNG) switchable to avoid OpenSSL dependency at package installation time. The applications can replace the implementation by providing custom callback functions for with
OQS_AES_set_callbacks,OQS_SHA2_set_callbacks,OQS_SHA3_set_callbacks, andOQS_SHA3_x4_callbacks.This also adds
OQS_DLOPEN_OPENSSLbuild option to use OpenSSL through dynamically loaded libcrypto.so.* with dlopen, instead of linking to the library at build time.Fixes #1599