[openssl-users] EVP_MD_CTX and EVP_PKEY_CTX? How to init? How tofree?

Blumenthal, Uri - 0553 - MITLL uri at ll.mit.edu
Fri Apr 28 22:45:49 UTC 2017

I see. I appreciate your willingness to help, but it would've been far better if you answered those very specific and unambiguous questions that I explicitly asked, instead of trying to guess/conjecture what the high level purpose of that whole exercise was. 

As it happens, I've no interest and no need for (other) remote login or virtualization solutions (which have nothing to do with the problem I'm addressing), so I am unable to make use of your answer.


Sent from my iPhone

> On Apr 28, 2017, at 18:37, Ryan Murray <rjkmurray40 at gmail.com> wrote:
> A client/server model can create a mechanism that allows a user to establish a session  on the remote machine and then run its applications. This application is known as  remote login. This can be done by a client/server application program for the desired  service. Two remote login protocols are TELNET and SSH.  TELNET Protocol  TELNET (terminal network) is a TCP/IP standard for establishing a connection to a  remote system. TELNET allows a user to log in to a remote machine across the  Internet by first making a TCP connection and then pass the detail of the application 
>  from the user to the remote machine.. You do this to many
> Sent from Mail for Windows 10
> From: Blumenthal, Uri - 0553 - MITLL
> Sent: Friday, April 28, 2017 4:33 PM
> To: openssl-users at openssl.org
> Subject: [openssl-users] EVP_MD_CTX and EVP_PKEY_CTX? How to init? How tofree?
> I’m playing with RSA-PSS signatures, and stumbled upon a few problems. I tried the OpenSSL manual pages, but still coming short of complete understanding. :-)
> This is how I initialize the contexts (error handlers removed for brevity):
>       ctx = EVP_PKEY_CTX_new(privkey, NULL);
>       md_ctx = EVP_MD_CTX_create();
>       const EVP_MD *md = EVP_sha256();
>       rv = EVP_DigestInit_ex(md_ctx, md, NULL);
>       rv = EVP_DigestSignInit(md_ctx, &ctx, md, NULL, privkey);
> First question: do I need EVP_DigestInit_ex() there?
> Second question: do I have to specify hash-function (EVP_MD*) twice? First when initializing EVP_MD_CTX, and second for EVP_DigestSignInit()?
> At the end I need to dispose of both ctx and md_ctx. That leads to my third question/problem. The code I tried (based on what the man page says: to avoid memory leak, I need to do EVP_MD_CTX_destroy(md_ctx) crashes with SIGV:
>       EVP_MD_CTX_destroy(md_ctx); // this succeeds
>       EVP_PKEY_CTX_free(ctx);  // but here the code crashes
> Same happens when I reverse the above order:
>       EVP_PKEY_CTX_free(ctx); // this succeeds
>       EVP_MD_CTX_destroy(md_ctx); // but then this one causes crash
> So what’s the correct way of freeing both of them? Or is it that because they’re sort of “bound together” by EVP_DigestSignInit(md_ctx, &ctx, md, NULL, privkey); freeing one frees the other?
> Thanks!
>> Regards,
> Uri
> -- 
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170428/e390febc/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4223 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170428/e390febc/attachment-0001.bin>

More information about the openssl-users mailing list