Calling EVP_DigestFinal_ex multiple times

Sam Roberts vieuxtech at
Mon Jun 17 20:06:31 UTC 2019

On Mon, Jun 17, 2019 at 2:07 AM Matt Caswell <matt at> wrote:
> On 15/06/2019 15:08, Tobias Nießen wrote:
> > I am wondering whether it is permitted to call EVP_DigestFinal_ex multiple
> > times on the same context in order to retrieve the same digest twice. I
> > expected OpenSSL to fail with an error code, but SHA256 seems to permit it
> > whereas SHA3 seems to cause a segmentation fault. The documentation does not
> > explicitely forbid or allow it, so I am wondering where this should be
> > addressed: In the implementation of EVP_*, in SHA2, in SHA3, in the
> > documentation, or not at all?
> I believe this should not be allowed. Probably this is a documentation issue.

Just a doc issue? Shouldn't the SHAs behave more uniformly?

Also, is segfaulting a reasonable result of this kind of API use,
calling an API twice? Segving on bad memory is unavoidable, but
calling an API twice sounds detectable.


More information about the openssl-users mailing list