[openssl-dev] [openssl.org #3837] Bug in SSL_CTX_check_private_key?
Dmitry Belyavsky via RT
rt at openssl.org
Wed May 6 15:58:31 UTC 2015
Hello Openssl team,
It seems to me there is a bug in the SSL_CTX_check_private_key function.
The function ignores RSA_METHOD_FLAG_NO_CHECK flag and always tries to
check public/private key match.
The only place in real code where this function is used is in
the set_cert_key_stuff function, just after the calls
to SSL_CTX_use_certificate and SSL_CTX_use_PrivateKey, which carefully
process the flag.
I would like to suggest a small patch providing the necessary check for
RSA_METHOD_FLAG_NO_CHECK here.
Thank you!
--
SY, Dmitry Belyavsky
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openssl.patch
Type: application/octet-stream
Size: 572 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150506/58d33614/attachment.obj>
More information about the openssl-dev
mailing list