Hi, There seems to be an issue with CMS_decrypt. It seems that if we have code like this: CMS_ContentInfo* ci = CMS_encrypt(...); CMS_decrypt(ci, ...); CMS_ContentInfo_free(ci); we leak the X509 certificate's public key. If the call to CMS_decrypt is commented out, then no leak happens, as the key is freed by the call to CMS_ContentInfo_free. I created this issue[1] with a concrete example of this case. Is the expectation here that if you call CMS_decrypt on the same CMS_ContentInfo instance then you have to call EVP_PKEY_free on the public key twice? Does anyone have any thoughts on this? [1] https://github.com/openssl/openssl/issues/5052 -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
