Question about constness of EVP_PKEY* arguments in public API
Matt Caswell
matt at openssl.org
Thu Sep 2 16:24:01 UTC 2021
On 02/09/2021 16:43, Romain GEISSLER via openssl-users wrote:
> I am using the following OpenSSL API: EVP_DigestSignInit,
> EVP_DigestVerifyInit, EVP_PKEY_size, EVP_SealInit, EVP_OpenInit. And
> it seems these all take an non-const EVP_PKEY* argument. Does it mean
> that EVP_PKEY* have some internal state which may be updated by these
> API and which I should definitely not call without thread
> syncronization in multiple threads ? Or the API of OpenSSL just miss
> the "const" keyword as really the key, once read, has absolutely no
> state modified by these APIs ?
Neither of the above. EVP_PKEY has internal state which may be modified
by these API calls. However that internal state is controlled by an
internal lock and is therefore thread safe.
Matt
More information about the openssl-users
mailing list