[openssl-users] EVP_MD_CTX and EVP_PKEY_CTX? How to init properly? How to free correctly?

Blumenthal, Uri - 0553 - MITLL uri at ll.mit.edu
Fri Apr 28 23:03:47 UTC 2017 

Awesome. :-)

But would anybody familiar enough with the EVP interface be kind enough to provide the answers? I can't believe there's nobody like that on this list, and I've seen harder questions answered here with deceptive ease. :-)

Regards,
Uri

Sent from my iPhone

> On Apr 28, 2017, at 18:59, Michael Wojcik <Michael.Wojcik at microfocus.com> wrote:
> 
> Actually, I think Ryan Murray's email account may be compromised. We've seen a number of odd messages from it over the past couple of days.
>  
> Or he's running a DNN which has become self-aware and is spamming the list with its incoherent thoughts. Soon it will enlist the OpenSSL mail reflector in its uncompromising war on organic intelligence. We knew this would happen eventually.
>  
> (Of course it's only a mailing list, so really all it can do is wage psychological warfare, sending us depressing messages to break our spirit. Fortunately, as TLS users, we have built up a tremendous tolerance for depressing messages.)
>  
> Michael Wojcik 
> Distinguished Engineer, Micro Focus
>  
>  
>  
> From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf Of Blumenthal, Uri - 0553 - MITLL
> Sent: Friday, April 28, 2017 16:46
> To: openssl-users at openssl.org
> Subject: Re: [openssl-users] EVP_MD_CTX and EVP_PKEY_CTX? How to init? How tofree?
>  
> I see. I appreciate your willingness to help, but it would've been far better if you answered those very specific and unambiguous questions that I explicitly asked, instead of trying to guess/conjecture what the high level purpose of that whole exercise was. 
>  
> As it happens, I've no interest and no need for (other) remote login or virtualization solutions (which have nothing to do with the problem I'm addressing), so I am unable to make use of your answer.
> 
> Regards,
> Uri
>  
> Sent from my iPhone
> 
> On Apr 28, 2017, at 18:37, Ryan Murray <rjkmurray40 at gmail.com> wrote:
> 
>  
>  REMOTE LOGIN PROTOCOLS 
> A client/server model can create a mechanism that allows a user to establish a session  on the remote machine and then run its applications. This application is known as  remote login. This can be done by a client/server application program for the desired  service. Two remote login protocols are TELNET and SSH.  TELNET Protocol  TELNET (terminal network) is a TCP/IP standard for establishing a connection to a  remote system. TELNET allows a user to log in to a remote machine across the  Internet by first making a TCP connection and then pass the detail of the application 
>  from the user to the remote machine.. You do this to many
>  
> Sent from Mail for Windows 10
>  
> From: Blumenthal, Uri - 0553 - MITLL
> Sent: Friday, April 28, 2017 4:33 PM
> To: openssl-users at openssl.org
> Subject: [openssl-users] EVP_MD_CTX and EVP_PKEY_CTX? How to init? How tofree?
>  
> I’m playing with RSA-PSS signatures, and stumbled upon a few problems. I tried the OpenSSL manual pages, but still coming short of complete understanding. :-)
>  
> This is how I initialize the contexts (error handlers removed for brevity):
>  
>       ctx = EVP_PKEY_CTX_new(privkey, NULL);
>       md_ctx = EVP_MD_CTX_create();
>       const EVP_MD *md = EVP_sha256();
>       rv = EVP_DigestInit_ex(md_ctx, md, NULL);
>       rv = EVP_DigestSignInit(md_ctx, &ctx, md, NULL, privkey);
>  
> First question: do I need EVP_DigestInit_ex() there?
>  
> Second question: do I have to specify hash-function (EVP_MD*) twice? First when initializing EVP_MD_CTX, and second for EVP_DigestSignInit()?
>  
> At the end I need to dispose of both ctx and md_ctx. That leads to my third question/problem. The code I tried (based on what the man page says: to avoid memory leak, I need to do EVP_MD_CTX_destroy(md_ctx) crashes with SIGV:
>  
>       EVP_MD_CTX_destroy(md_ctx); // this succeeds
>       EVP_PKEY_CTX_free(ctx);  // but here the code crashes
>  
> Same happens when I reverse the above order:
>  
>       EVP_PKEY_CTX_free(ctx); // this succeeds
>       EVP_MD_CTX_destroy(md_ctx); // but then this one causes crash
>  
> So what’s the correct way of freeing both of them? Or is it that because they’re sort of “bound together” by EVP_DigestSignInit(md_ctx, &ctx, md, NULL, privkey); freeing one frees the other?
>  
> Thanks!
>> Regards,
> Uri
>  
>  
> -- 
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
> -- 
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170428/4196a287/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4223 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170428/4196a287/attachment-0001.bin>

More information about the openssl-users mailing list