dream
/
Android_verify


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236
							.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings.  \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote.  \*(C+ will
.\" give a nicer C++.  Capital omega is used to do unbreakable dashes and
.\" therefore won't be available.  \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
.    ds -- \(*W-
.    ds PI pi
.    if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
.    if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\"  diablo 12 pitch
.    ds L" ""
.    ds R" ""
.    ds C` ""
.    ds C' ""
'br\}
.el\{\
.    ds -- \|\(em\|
.    ds PI \(*p
.    ds L" ``
.    ds R" ''
.    ds C`
.    ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD.  Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
.    if \nF \{\
.        de IX
.        tm Index:\\$1\t\\n%\t"\\$2"
..
.        if !\nF==2 \{\
.            nr % 0
.            nr F 2
.        \}
.    \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear.  Run.  Save yourself.  No user-serviceable parts.
.    \" fudge factors for nroff and troff
.if n \{\
.    ds #H 0
.    ds #V .8m
.    ds #F .3m
.    ds #[ \f1
.    ds #] \fP
.\}
.if t \{\
.    ds #H ((1u-(\\\\n(.fu%2u))*.13m)
.    ds #V .6m
.    ds #F 0
.    ds #[ \&
.    ds #] \&
.\}
.    \" simple accents for nroff and troff
.if n \{\
.    ds ' \&
.    ds ` \&
.    ds ^ \&
.    ds , \&
.    ds ~ ~
.    ds /
.\}
.if t \{\
.    ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
.    ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
.    ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
.    ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
.    ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
.    ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
.    \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
.    \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
.    \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
.    ds : e
.    ds 8 ss
.    ds o a
.    ds d- d\h'-1'\(ga
.    ds D- D\h'-1'\(hy
.    ds th \o'bp'
.    ds Th \o'LP'
.    ds ae ae
.    ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "OPENSSL-THREADS 7ossl"
.TH OPENSSL-THREADS 7ossl "2024-09-03" "3.3.2" "OpenSSL"
.\" For nroff, turn off justification.  Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
openssl\-threads \- Overview of thread safety in OpenSSL
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
In this man page, we use the term \fBthread-safe\fR to indicate that an
object or function can be used by multiple threads at the same time.
.PP
OpenSSL can be built with or without threads support. The most important
use of this support is so that OpenSSL itself can use a single consistent
\&\s-1API,\s0 as shown in \*(L"\s-1EXAMPLES\*(R"\s0 in \fBCRYPTO_THREAD_run_once\fR\|(3).
Multi-platform applications can also use this \s-1API.\s0
.PP
In particular, being configured for threads support does not imply that
all OpenSSL objects are thread-safe.
To emphasize: \fImost objects are not safe for simultaneous use\fR.
Exceptions to this should be documented on the specific manual pages, and
some general high-level guidance is given here.
.PP
One major use of the OpenSSL thread \s-1API\s0 is to implement reference counting.
Many objects within OpenSSL are reference-counted, so resources are not
released, until the last reference is removed.
References are often increased automatically (such as when an \fBX509\fR
certificate object is added into an \fBX509_STORE\fR trust store).
There is often an \fB\f(BIobject\fB_up_ref\fR() function that can be used to increase
the reference count.
Failure to match \fB\f(BIobject\fB_up_ref\fR() calls with the right number of
\&\fB\f(BIobject\fB_free\fR() calls is a common source of memory leaks when a program
exits.
.PP
Many objects have set and get \s-1API\s0's to set attributes in the object.
A \f(CW\*(C`set0\*(C'\fR passes ownership from the caller to the object and a
\&\f(CW\*(C`get0\*(C'\fR returns a pointer but the attribute ownership
remains with the object and a reference to it is returned.
A \f(CW\*(C`set1\*(C'\fR or \f(CW\*(C`get1\*(C'\fR function does not change the ownership, but instead
updates the attribute's reference count so that the object is shared
between the caller and the object; the caller must free the returned
attribute when finished.
Functions that involve attributes that have reference counts themselves,
but are named with just \f(CW\*(C`set\*(C'\fR or \f(CW\*(C`get\*(C'\fR are historical; and the documentation
must state how the references are handled.
Get methods are often thread-safe as long as the ownership requirements are
met and shared objects are not modified.
Set methods, or modifying shared objects, are generally not thread-safe
as discussed below.
.PP
Objects are thread-safe
as long as the \s-1API\s0's being invoked don't modify the object; in this
case the parameter is usually marked in the \s-1API\s0 as \f(CW\*(C`const\*(C'\fR.
Not all parameters are marked this way.
Note that a \f(CW\*(C`const\*(C'\fR declaration does not mean immutable; for example
\&\fBX509_cmp\fR\|(3) takes pointers to \f(CW\*(C`const\*(C'\fR objects, but the implementation
uses a C cast to remove that so it can lock objects, generate and cache
a \s-1DER\s0 encoding, and so on.
.PP
Another instance of thread-safety is when updates to an object's
internal state, such as cached values, are done with locks.
One example of this is the reference counting \s-1API\s0's described above.
.PP
In all cases, however, it is generally not safe for one thread to
mutate an object, such as setting elements of a private or public key,
while another thread is using that object, such as verifying a signature.
.PP
The same \s-1API\s0's can usually be used simultaneously on different objects
without interference.
For example, two threads can calculate a signature using two different
\&\fB\s-1EVP_PKEY_CTX\s0\fR objects.
.PP
For implicit global state or singletons, thread-safety depends on the facility.
The \fBCRYPTO_secure_malloc\fR\|(3) and related \s-1API\s0's have their own lock,
while \fBCRYPTO_malloc\fR\|(3) assumes the underlying platform allocation
will do any necessary locking.
Some \s-1API\s0's, such as \fBNCONF_load\fR\|(3) and related do no locking at all;
this can be considered a bug.
.PP
A separate, although related, issue is modifying \*(L"factory\*(R" objects
when other objects have been created from that.
For example, an \fB\s-1SSL_CTX\s0\fR object created by \fBSSL_CTX_new\fR\|(3) is used
to create per-connection \fB\s-1SSL\s0\fR objects by calling \fBSSL_new\fR\|(3).
In this specific case, and probably for factory methods in general, it is
not safe to modify the factory object after it has been used to create
other objects.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBCRYPTO_THREAD_run_once\fR\|(3),
local system threads documentation.
.SH "BUGS"
.IX Header "BUGS"
This page is admittedly very incomplete.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.