Hello Openssl team, It seems to me there is a bug in the SSL_CTX_check_private_key function.
The function ignores RSA_METHOD_FLAG_NO_CHECK flag and always tries to check public/private key match. The only place in real code where this function is used is in the set_cert_key_stuff function, just after the calls to SSL_CTX_use_certificate and SSL_CTX_use_PrivateKey, which carefully process the flag. I would like to suggest a small patch providing the necessary check for RSA_METHOD_FLAG_NO_CHECK here. Thank you! -- SY, Dmitry Belyavsky
openssl.patch
Description: Binary data
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev