> So, does EVP_CIPHER_CTX_cleanup free the context's memory as well as
> clearing it, or is that left to me? I can't seem to find that
> in the man pages...
A quick inspection of the code, suggests that NO memory is actually
allocated (the EVP_CIPHER_CTX contains pre-sized buffers for all
the necessary data).
When the EVP_CIPEHR_CTX goes out of scope (or is deleted from the heap),
everything should be free'd.
N.B. You should still call EVP_CIPHER_CTX_cleanup before the context goes
out of scope (or is deleted from the heap), as it reset's everything in
the structure to ensure nothing sensitive remains in memory.
The only memory to worry about is the application data, which you can
set with the EVP_CIPHER_CTX_set_app_data() function and get with
EVP_CIPHER_CTX_get_app_data(). If you choose to set it, you need to
manage it (and I think you need to get it back and free it - assuming
it's dynamically allocated - prior to calling EVP_CIPHER_CTX_cleanup
as that will set the value to 0.
- Dale.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
