Why do I see a private key?

2000-03-22 Thread rrln
Hi, people I was tinkering with some piece of code (modified from /demos/selfsign) and I was shocked to find that I saw a private key where I shouldn't. Here is the code CODE = #include stdio.h #include stdlib.h #include openssl/pem.h #include openssl/conf.h #include openssl/x509v3.h

Re: Why do I see a private key?

2000-03-22 Thread Oscar Jacobsson
rrln wrote: I was tinkering with some piece of code (modified from /demos/selfsign) and I was shocked to find that I saw a private key where I shouldn't. Here is the code I might be missing the point here, but the following calls look pretty explicit to me:

Re: Why do I see a private key?

2000-03-22 Thread Dr Stephen Henson
rrln wrote: Hi, people I was tinkering with some piece of code (modified from /demos/selfsign) and I was shocked to find that I saw a private key where I shouldn't. Here is the code [stuff deleted] It seems that the call to X509_print_fp() is showing the private key. I thought that

Re: Why do I see a private key?

2000-03-22 Thread Richard Levitte - VMS Whacker
rrln It seems that the call to X509_print_fp() is showing the private key. I rrln thought that X509_set_pubkey() only take the public part of the RSA key rrln rrln to the X509 structure, but it seems that it puts all the key . rrln rrln When I cut the PEM code ( BEGIN CERTIFICATE --- END

Re: Why do I see a private key?

2000-03-22 Thread Oscar Jacobsson
rrln wrote: That's right, and that was expected, but what bothers me is that a call to X509_print_fp() is showing private key info. You're right of course, and I should know better than to post after sitting up half the night playing drunken Need For Speed: Porsche Challenge. I think Stephen

Re: Why do I see a private key?

2000-03-22 Thread Dr Stephen Henson
rrln wrote: That's right, and that was expected, but what bothers me is that a call to X509_print_fp() is showing private key info. Since this issue crops up quite often and it is a potential security risk (e.g. using the -text option when a certificate or request has just been signed)