Hello Victor, On Wed, May 6, 2015 at 7:10 PM, Viktor Dukhovni <[email protected]> wrote:
> On Wed, May 06, 2015 at 05:58:31PM +0200, Dmitry Belyavsky via RT wrote: > > > It seems to me there is a bug in the SSL_CTX_check_private_key function. > > > > The function ignores RSA_METHOD_FLAG_NO_CHECK flag and always tries to > > check public/private key match. > > I think that's deliberate and correct. When an application calls > SSL_CTX_check_private_key(), the key should be checked. Nothing > in libssl calls this function, it is provided to applications that > want to explicitly check the key. > > The fact that this flag is algorithm specific is also odd, if it > is useful for RSA, it should be useful for ECDSA, etc. It seems > rather an odd feature. > I agree that the flag is useful for ECDSA too. AFAIK, BoringSSL has already implemented this feature as unversal. > > The only place in real code where this function is used is in > > the set_cert_key_stuff function, just after the calls > > to SSL_CTX_use_certificate and SSL_CTX_use_PrivateKey, which carefully > > process the flag. > > That's application code (for openssl(1)). > Yes. > > > I would like to suggest a small patch providing the necessary check for > > RSA_METHOD_FLAG_NO_CHECK here. > > I am not convinced this change is correct. The function would then > not do what it is supposed to do. The flag suppresses implicit > checks only, but suppressing explicit checks seems unexpected. > Well, but what is the correct way to provide, for example, HSM key if we have to check match without access to a private key? Thank you! -- SY, Dmitry Belyavsky
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
