Hmmm, it’s a bug introduced by the use of RSA_check_key_ex function. Thanks for reporting.
> On 28 Jul 2017, at 19:16, Georg Höllrigl <georg.hoellr...@gmx.at> wrote: > > Hello, > > I think there is something broken with verifying the Private Key with > "openssl rsa -check" like it was described in > https://blog.hboeck.de/archives/888-How-I-tricked-Symantec-with-a-Fake-Private-Key.html > > <https://blog.hboeck.de/archives/888-How-I-tricked-Symantec-with-a-Fake-Private-Key.html> > > I tried to implement better checking in a script that tells me if a key > matches a certificate or certificate request. > > To reproduce, get the fake private key from > https://github.com/hannob/tlshelpers/blob/master/examples/symantec.key > <https://github.com/hannob/tlshelpers/blob/master/examples/symantec.key> > > Verify the key with openssl 1.0.1e-fips or 1.0.2h: > $OPENSSL rsa -in symantec-broken.key -check -noout > RSA key error: n does not equal p q > > Verify the key with openssl 1.1.0c or 1.1.0f (gives no output) > $OPENSSL rsa -in symantec-broken.key -check -noout > > > I would expect 1.1.0 to report the faked key in some way. > Even the returnvalue for openssl returns with a 0 no matter if used a > legimate key or a faked key. > > > > Kind Regards, > Georg > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
