OpenBSD manual page server

Manual Page Search Parameters

X509_CHECK_PRIVATE_KEY(3) Library Functions Manual X509_CHECK_PRIVATE_KEY(3)

X509_check_private_key, X509_REQ_check_private_keycompare public key components

#include <openssl/x509.h>

X509_check_private_key(const X509 *x, const EVP_PKEY *k);

X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k);

These functions are seriously misnamed. () compares the key components (e.g. exponent and modulus of an RSA key) and parameters (e.g. EC params of an EC key) of k with the corresponding properties of x. Despite the name, it neither checks whether k contains private key components at all, nor, if any are present, whether they are consistent with the public key components.

() is equivalent to X509_check_private_key() except that it compares to the public key contained in a certificate request.

These functions return 1 if the public key components and parameters match, or 0 if they do not or if an error occurs. On error or mismatch, a reason code can be obtained using ERR_get_error(3).

SSL_check_private_key(3), X509_new(3), X509_REQ_new(3)

X509_check_private_key() first appeared in SSLeay 0.6.5 and has been available since OpenBSD 2.4.

X509_REQ_check_private_key() first appeared in OpenSSL 0.9.8 and has been available since OpenBSD 4.5.

June 6, 2019 OpenBSD-current