Hmac_drbg_self_test() and ctr_drbg_self_test() routines are not thread-safe

In order to test thread-safety with my hw accelerators im instantiating two tasks of same priority that run the hmac_drbg_selftest() routines in a loop. However these seem to fail after a while which would indicate a problem with thread-safety. In order to check if it has something to do with my implementation of the hw accelerators I turned all hw acceleration of, but the problem seems to persist. Same with the ctr_drbg_selftest() routines. Can you confirm that the drbg’s themselves are thread-safe and the self-test routines are thread-safe as well?

Hi @TrinityTonic
Thank you for your continued interest in Mbed TLS!
Is the failure you are encountering similar to the issue you have raised here?

The drbg’s themselves should be thread safe, assuming you have enabled MBEDTLS_THREADING_C and defined your mutex accordingly.

As for the self tests, they do use some global variables, but these variables are for read only, so they should be thread safe, although they haven’t been written in multithreading, so I can’t fully confirm that. Could you kindly point to where you get the failures?
Mbed TLS Team member

Hi Ron, no the issue you’ve mentioned refers to something else (benchmark) which has been fixed in the current version as I’ve seen. The tests fail because comparison of expected output value and true output values fail.

HI @TrinityTonic
Thank you for your update.
The tests and selftests were not written for a multithreaded environment, however, looking at the DRBG self tests code, it does some further investigation.
Will you be willing to create an issue in our repository?

Hi Ron, I had a closer look at the code of the self test routines of hmac_drbg and ctr_drbg now. There seems to be a static variable (test_offset) used inside the self_test_entropy functions. That’s the problem.

Hi Subhan,
Thank you for your analysis
I agree with you that this variable causes the tests not to be thread safe.
As the original intent of the selftests was not to test thread safety, I would consider having them thread safe a feature request rather than a bug.

Mbed TLS Team member