Hello,
I discovered a small bug in X509_check_private_key.
EVP_PKEY *X509_get_pubkey(X509 *x)
{
if ((x == NULL) || (x->cert_info == NULL))
return(NULL);
return(X509_PUBKEY_get(x->cert_info->key));
}
int X509_check_private_key(X509 *x, EVP_PKEY *k)
{
EVP_PKEY *xk=NULL;
int ok=0;
--> xk=X509_get_pubkey(x); <--- the problem
if (xk->type != k->type)
{
If this function is called with x set to NULL, it it will crash, because
xk is not checked for NULLs.
Regards,
Maas-Maarten Zeeman
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
