I see. I've digged a little bit more in the built-in engines and found out that this is the way some of them are implemented. I guess there's no way to to the same for ECDSA_METHOD tough, since there's no finish function pointer on that...
By the way, I took a look at the gost engine, which uses EVP_PKEY_METHOD. Is it possible to achieve the behaviour I'm looking for only using the EVP interface. Better explaining, I want to implement RSA and ECDSA signing and verifying, and a proper cleanup for both. If it is possible, I'll use that engine as an example. Thank you for quick reply. 2012/8/16 Dr. Stephen Henson <st...@openssl.org> > On Thu, Aug 16, 2012, Felipe Blauth wrote: > > > Dear all, > > > > Im writing an OpenSSL engine and I have some internal data to manage via > > ex_data functions. > > > > What I've been doing so far is using RSA_get_ex_new_index(0, NULL, NULL, > > NULL, <my free function>), at the initialization of the engine to > register > > a free function for structures allocated when the method > > ENGINE_load_private_key (or ENGINE_load_public_key) is called. > > To do so, I use the method RSA_set_ex_data(<my_rsa>, <the index returned > > by RSA_get_ex_new_index> , <my custom data>) and I do the proper cleanup > > at <my free function> accordingly. > > > > Everything works fine, except for the fact that, when I finish the > engine, > > other keys that are not engine related still try to get cleaned up by <my > > free function>, which no longer exists, and my program crashes. > > > > I realize, also, that if I call CRYPTO_cleanup_all_ex_data after > finishing > > the engine, no problems occur. > > > > The problem with CRYPTO_cleanup_all_ex_data is that I'm planning to have > > multiple engines at the same time, so I'd like to cleanup only the index > > created with RSA_get_ex_new_index for an specific engine. > > > > I tryed to debug the method RSA_get_ex_new_index to figure something > out, > > but didn't understand it well =p. > > > > There is currently no way to unregister an index. There is a workaround for > RSA though. Don't register a free function when you call > RSA_get_ex_new_index > and instead free up and zero the ex data in the RSA_METHOD finish function > instead. > > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > -- Felipe Menegola Blauth
