[openssl-dev] X509_verify() error - block type is not 01

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Mon, Jun 22, 2015 at 07:56:37AM +0530, Nayna Jain wrote:

> I want to match the certificate with the private key for whose public key
> that certificate is provided.

That's the subject key, and unless the certificate is self-signed,
the X509_verify() function is not the right interface.  You want
to extract the certificate's public key and compare it with the
key you have.  You can compare (memcmp()) the DER encoding of 
the public key from the certificate with the DER encoding of
the desired key.

> If this verifies who signed the certificate, then how do I verify whether
> the certificate provided is for the private key which was generated,

You compare the keys, or the key fingerprints.

-- 
	Viktor.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux