Thanks for your reply.
So, does EVP_CIPHER_CTX_cleanup free the context's memory as well as
clearing it, or is that left to me? I can't seem to find that in the man
pages...
Thanks again,
Haig
On 24 Jul 2001 12:36:22 +0100, Dale Peakall wrote:
> > I guess I'm unclear about whether a context is something that's applicable
> to an
> > entire session or simply to one message. I tried it the former way, but
> > when I went to encrypt the second message, it included a part of the first
> > message that it had encrypted, which leads me to believe that I should be
> > cleaning that up and reinitalizing.
>
> You must cleanup the cipher context *as soon as possible* after completing
> the
> crypto operation, otherwise you're leaving sensitive information hanging
> around
> memory, i.e. immediately after calling EVP_EncryptFinal, call
> EVP_CIPHER_CTX_cleanup.
>
> - Dale.
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
