Checking if a key can sign / verify in 3.0
norm.green at gemtalksystems.com
Fri Aug 21 17:59:12 UTC 2020
No comments on my question? Should there not be a way to know if an
EVP_PKEY is valid for verification besides attempting the verify
operation and getting a weird error code? Doesn't seem like too much to
expect since we already have EVP_PKEY_can_sign().
I'm happy to implement EVP_PKEY_can_verify() with some assurance such a
PR would be accepted.
On 8/18/2020 6:01 PM, Norm Green wrote:
> In 3.0 I see this new function in evp.h :
> int EVP_PKEY_can_sign(const EVP_PKEY *pkey);
> Is there an equivalent way to check if a key can verify? I'm not
> seeing an obvious way to do that. Previously I used
> EVP_PKEY_meth_get_verifyctx() but that call is now deprecated in 3.0.
> Norm Green
More information about the openssl-users