Calling EVP_DigestFinal_ex multiple times
Sam Roberts
vieuxtech at gmail.com
Mon Jun 17 20:06:31 UTC 2019
On Mon, Jun 17, 2019 at 2:07 AM Matt Caswell <matt at openssl.org> wrote:
> On 15/06/2019 15:08, Tobias Nießen wrote:
> > I am wondering whether it is permitted to call EVP_DigestFinal_ex multiple
> > times on the same context in order to retrieve the same digest twice. I
> > expected OpenSSL to fail with an error code, but SHA256 seems to permit it
> > whereas SHA3 seems to cause a segmentation fault. The documentation does not
> > explicitely forbid or allow it, so I am wondering where this should be
> > addressed: In the implementation of EVP_*, in SHA2, in SHA3, in the
> > documentation, or not at all?
>
> I believe this should not be allowed. Probably this is a documentation issue.
Just a doc issue? Shouldn't the SHAs behave more uniformly?
Also, is segfaulting a reasonable result of this kind of API use,
calling an API twice? Segving on bad memory is unavoidable, but
calling an API twice sounds detectable.
Cheers,
Sam
More information about the openssl-users
mailing list