1 (edited by Alfred Zhou 2019-07-08 02:43:38)

Topic: [SOLVED] How to verify a certificate key pair?

Hi,

I have generated a private key file as private.pem. I have received a CA signed public key file as public.der. Well how can I use API in C++ project verify these two files valid and matching each other? After verification, I will use the key pair as outgoing certificate in my demo application.

PS: The private key is usually RSAKey and could also be other type like ECC key. For RSAKey, can I use the sample code in function in source file "openssl_evpSig_test in wolfssl\wolfcrypt\test\test.c"?

Thanks,
Alfred

Share

Re: [SOLVED] How to verify a certificate key pair?

Hi Alfred,

You can use:

wolfSSL_CTX_use_PrivateKey_[file | buffer](); // to load the private key
wolfSSL_CTX_use_certificate_[file | buffer](); // to load the certificate
wolfSSL_CTX_check_private_key(); // checks that the private key matches the public key in the cert, returns WOLFSSL_SUCCESS or WOLFSSL_FAILURE
/* Check private against public in certificate for match                         
*                                                                               
* ctx  WOLFSSL_CTX structure to check private key in                            
*                                                                               
* Returns SSL_SUCCESS on good private key and SSL_FAILURE if miss matched. */
int wolfSSL_CTX_check_private_key(const WOLFSSL_CTX* ctx);

If you have any issues let me know and I'll put together a quick example.


Warm Regards,

KH

Re: [SOLVED] How to verify a certificate key pair?

Hi Kaleb,

I have used the code to verify my certificate files. It's great.

Thank you for your quick response,
Alfred

Share

Re: [SOLVED] How to verify a certificate key pair?

Alfred,

My pleasure!

Cheers,

KH