On Mon, Jun 17, 2019 at 2:07 AM Matt Caswell <matt@xxxxxxxxxxx> wrote: > On 15/06/2019 15:08, Tobias Nießen wrote: > > I am wondering whether it is permitted to call EVP_DigestFinal_ex multiple > > times on the same context in order to retrieve the same digest twice. I > > expected OpenSSL to fail with an error code, but SHA256 seems to permit it > > whereas SHA3 seems to cause a segmentation fault. The documentation does not > > explicitely forbid or allow it, so I am wondering where this should be > > addressed: In the implementation of EVP_*, in SHA2, in SHA3, in the > > documentation, or not at all? > > I believe this should not be allowed. Probably this is a documentation issue. Just a doc issue? Shouldn't the SHAs behave more uniformly? Also, is segfaulting a reasonable result of this kind of API use, calling an API twice? Segving on bad memory is unavoidable, but calling an API twice sounds detectable. Cheers, Sam