Jeffrey Walton <[email protected]> writes: > On Tue, Sep 2, 2025 at 1:16 PM Pádraig Brady <[email protected]> wrote: > >> On 02/09/2025 07:27, Collin Funk wrote: >> > Here is a patch to add OpenSSL support for SHA-3 using the EVP API. >> > There are two things I am not 100% happy with, but I do not see a way >> > around. >> > >> > First, we must call EVP_MD_CTX_create to malloc an EVP_MD_CTX. This is >> > because an EVP_MD_CTX field cannot be inside of a structure; it is a >> > typedef to an incomplete type. >> >> Do you need a EVP_MD_CTX_cleanup() to match the EVP_MD_CTX_create() ? >> > > Actually, it looks like it needs a call to EVP_MD_CTX_destroy. From < > https://docs.openssl.org/1.0.2/man3/EVP_DigestInit/#description>: > > EVP_MD_CTX_cleanup() cleans up digest context ctx, it should be called > after a digest context is no longer needed. > > EVP_MD_CTX_destroy() cleans up digest context ctx and frees up the > space allocated to it, it should be called only on a context created > using EVP_MD_CTX_create().
Thank you both for the review. You are correct, my patch would leak memory upon every call to sha3_*_buffer. It seems the common convention is to use the EVP_MD_CTX_free macro [1]. Collin [1] https://docs.openssl.org/master/man3/EVP_DigestInit/#examples
