On 08/11/17 09:47, Wang wrote: > Hello Matt, > > Thank you for trying to help. > >>>> Is this the "bottom" of the OpenSSL stack? i.e. your application calls >>>> RSA_private_decrypt() directly? > Yes, it does. > >>>> Do you share a single RSA object across multiple threads? > Yes, my application shares a single RSA object across many concurrent > threads. Namely RSA_private_decrypt() is called with the same RSA object > concurrently across many threads. > > Does this cause any issue? I checked OpenSSL document, but didn't find > anything related to this kind of restriction > (https://www.openssl.org/docs/manmaster/man3/RSA_public_encrypt.html). Or > this restriction is undocumented? https://www.openssl.org/docs/faq.html#PROG1 >From the FAQ: "1. Is OpenSSL thread-safe? Yes but with some limitations; for example, an SSL connection cannot be used concurrently by multiple threads. This is true for most OpenSSL objects. ..." This is also true for the RSA object. Temporary, thread specific blinding state is held in the RSA object so it cannot be shared across multiple threads. Matt -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
