OpenBSD manual page server

NAME

X509_check_private_key, X509_REQ_check_private_key — compare public key components

SYNOPSIS

#include <openssl/x509.h>

int
X509_check_private_key(const X509 *x, const EVP_PKEY *k);

int
X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k);

DESCRIPTION

These functions are seriously misnamed. X509_check_private_key() compares the public key components (e.g. exponent and modulus of an RSA key) and parameters (e.g. EC params of an EC key) of k with the corresponding properties of x. Despite the name, it neither checks whether k contains private key components at all, nor, if any are present, whether they are consistent with the public key components.

X509_REQ_check_private_key() is equivalent to X509_check_private_key() except that it compares to the public key contained in a certificate request.

RETURN VALUES

These functions return 1 if the public key components and parameters match, or 0 if they do not or if an error occurs. On error or mismatch, a reason code can be obtained using ERR_get_error(3).

SEE ALSO

SSL_check_private_key(3), X509_new(3), X509_REQ_new(3)

HISTORY

X509_check_private_key() first appeared in SSLeay 0.6.5 and has been available since OpenBSD 2.4.

X509_REQ_check_private_key() first appeared in OpenSSL 0.9.8 and has been available since OpenBSD 4.5.