> I guess I'm unclear about whether a context is something that's applicable
to an
> entire session or simply to one message. I tried it the former way, but
> when I went to encrypt the second message, it included a part of the first
> message that it had encrypted, which leads me to believe that I should be
> cleaning that up and reinitalizing.
You must cleanup the cipher context *as soon as possible* after completing
the
crypto operation, otherwise you're leaving sensitive information hanging
around
memory, i.e. immediately after calling EVP_EncryptFinal, call
EVP_CIPHER_CTX_cleanup.
- Dale.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
