To test if a particular RSA private key matches a particular RSA public key,
you need to compare the modulus (evp_pkey->pkey.rsa->n) and public exponent
(evp_pkey->pkey.rsa.e) components of the keys (these components will match
is the keys are a pair).
I don't know of an OpenSSL function that will simply take two keys and
return such a result, however the X509_check_private_key function in
crypto/x509/x509_cmp.c compares a private key to the public key contained in
an X509 certificate. To make it easier, here's some quik'n'dirty code (no
warranty given) to do what you want with RSA keys only:
bool cmp_rsa_keys(EVP_PKEY* pubkey, EVP_PKEY* privkey)
{
if (pubkey->type != privkey->type)
return FALSE; /* key's aren't of the same type */
if (pubkey->type != EVP_PKEY_RSA)
return FALSE; /* this function only handles RSA keys */
if (BN_cmp(pubkey->pkey.rsa->n,privkey->pkey.rsa->n) != 0 ||
BN_cmp(pubkey->pkey.rsa->e,privkey->pkey.rsa->e) != 0)
return FALSE; /* rsa keys aren't a pair */
return TRUE;
}
Regards,
Steven
> -----Original Message-----
> From: Bob Lee [SMTP:[EMAIL PROTECTED]]
> Sent: Wednesday, December 27, 2000 4:28 PM
> To: [EMAIL PROTECTED]
> Subject: can openssl verify rsa key pair?
>
> hi,
> can openssl command verify rsa key pair? that is whether two given
> keys(private, public) matches each other...
> now, i use a way to encrypt and decrypt using each keys...but it's
> inefficient..
> anyone knows good method?
> thanks...
> _________________________________________________________________________
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
