When is EVP_MD_CTX_reset() needed?

Tomas Mraz tomas at openssl.org
Sun Feb 12 06:43:07 UTC 2023


I do not think the EVP_MD_CTX_reset() is that much useful anymore. It
is not required before another call to EVP_DigestInit_ex. In theory it
could be useful if you're using the MD context for
DigestSign/DigestVerify operation and then you'd like to use it for a
pure Digest operation. But I do not think anybody would reuse the MD
context in such sequence of operations.

Tomas Mraz

On Sat, 2023-02-11 at 16:12 -0800, Hal Murray wrote:
> I'm expecting the answer to be "not in your use case" but I'm fishing
> for 
> something I might have overlooked.
> 
> The man page says:
>        EVP_MD_CTX_reset()
>            Resets the digest context ctx.  This can be used to reuse
> an
>            already existing context.
> 
> I have a subroutine that does:
>   EVP_DigestInit_ex
>   EVP_DigestUpdate
>   EVP_DigestFinal_ex
> 
> That code is reusing a ctx.  The init often gets a new digest.  It
> works 
> without the reset.
> 
> What does "reuse" mean?  When would EVP_MD_CTX_reset() be necessary?
> 
> 

-- 
Tomáš Mráz, OpenSSL



More information about the openssl-users mailing list