Re: Testing private key - public key consistency
Alain Damiral a écrit : Verify normally verifies a certificate chain, I think this isn't quite what the original poster is trying to achieve. I think he is interested in what the SSL_CTX_check_private_key function can achieve. However I don't know if there is an OpenSSL utility that can do this. Maybe verify can indeed but after reading the documentation I can't see how. Gayathri Sundar wrote: Probably you can try the openssl verify command? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Julien ALLANOS Sent: Monday, February 06, 2006 6:38 PM To: openssl-users@openssl.org Subject: Testing private key - public key consistency Hello, is there a quick way/function to verify that a private (EVP_PKEY) key matches a X509 certificate's public key? thanks, looks like: int X509_verify(X509 *a, EVP_PKEY *r); does the trick. -- Julien ALLANOS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Testing private key - public key consistency
On Wed, Mar 15, 2006, Julien ALLANOS wrote: int X509_verify(X509 *a, EVP_PKEY *r); No that will check to see if the certfiicate a was signed by public key r. The function: int X509_check_private_key(X509 *x, EVP_PKEY *k) is the right one. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Testing private key - public key consistency
Okay. Out of curiosity, what're the functions for: 1) Verifying that a given public key (not part of an X509 structure) matches a given EVP_PKEY? 2) Extracting the public key from the EVP_PKEY (since, as I understand it, the public key is stored as part of the private key structure)? -Kyle H On 3/15/06, Dr. Stephen Henson [EMAIL PROTECTED] wrote: On Wed, Mar 15, 2006, Julien ALLANOS wrote: int X509_verify(X509 *a, EVP_PKEY *r); No that will check to see if the certfiicate a was signed by public key r. The function: int X509_check_private_key(X509 *x, EVP_PKEY *k) is the right one. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Testing private key - public key consistency
Dr. Stephen Henson a écrit : On Wed, Mar 15, 2006, Julien ALLANOS wrote: int X509_verify(X509 *a, EVP_PKEY *r); No that will check to see if the certfiicate a was signed by public key r. The function: int X509_check_private_key(X509 *x, EVP_PKEY *k) is the right one. Steve. Thank you. -- Julien ALLANOS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Testing private key - public key consistency
Hello, is there a quick way/function to verify that a private (EVP_PKEY) key matches a X509 certificate's public key? thanks, -- Julien ALLANOS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: Testing private key - public key consistency
Probably you can try the openssl verify command? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Julien ALLANOS Sent: Monday, February 06, 2006 6:38 PM To: openssl-users@openssl.org Subject: Testing private key - public key consistency Hello, is there a quick way/function to verify that a private (EVP_PKEY) key matches a X509 certificate's public key? thanks, -- Julien ALLANOS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Testing private key - public key consistency
Verify normally verifies a certificate chain, I think this isn't quite what the original poster is trying to achieve. I think he is interested in what the SSL_CTX_check_private_key function can achieve. However I don't know if there is an OpenSSL utility that can do this. Maybe verify can indeed but after reading the documentation I can't see how. Gayathri Sundar wrote: Probably you can try the openssl verify command? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Julien ALLANOS Sent: Monday, February 06, 2006 6:38 PM To: openssl-users@openssl.org Subject: Testing private key - public key consistency Hello, is there a quick way/function to verify that a private (EVP_PKEY) key matches a X509 certificate's public key? thanks, -- Alain Damiral, I hope this message makes me look like a very intelligent person Université Catholique de Louvain - student alain.damiral'at'student.info.ucl.ac.be __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
