On Tue, Feb 04, 2014, TheMoud wrote: > Well, I want to use the finish method to clean the context that I have > allocated in priv_enc (rsa_priv_enc) method (allocated memory + opened file > descriptor for ioctl (to communicate with my driver)). > I expected that when calling SSL_free() method, I could access to the finish > method, but it doesn't because of the lock CRYPTO_LOCK_EVP_PKEY. >
The finish method is only called when the key is completely freed up. If there are any existing references to the key it wont be freed. So (for example) if you associate a key with an SSL_CTX structure and then create one (or more) SSL structures from that SSL_CTX the reference count will be increased in each case. So the finish method will only be freed up when all the SSL and SSL_CTX structures associated with it are freed. If you associated the key with the SSL structure instead then it will have only one reference and it will get freed when you call SSL_free. If the resource you allocate to the structure is limited you might consider allocating and freeing it up as part of the priv_enc method itself. The RSA operation is normally only called once during initial handshake of the SSL structure or during renegotiation so if you open a file descriptor it is unused most of the time. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [email protected]
