Thanks again, Rich. >>>There is something strange with the RSA private key or it’s BN_CONT object. >>>Are you sure that you are properly releasing all OpenSSL objecdts in your code? My application is a server. When it is initialized it calls RSA_new() to allocate a RSA object. When the server is running, it keeps accepting concurrent connection requests from many clients. When handling a connection request it calls RSA_private_decrypt() to decrypt the encrypted password. What a client does is to connect to the server and then disconnect at once. Hence it takes very little time for each client. The RSA object is not released until the server is shutdown. Regards, Wang -- Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
