Welcome to the wolfSSL Forums!

Alfred Zhou · 2019-07-07 23:34:18

Alfred Zhou
Member
Offline

Registered: 2019-07-01
Posts: 12

Topic: [SOLVED] How to verify a certificate key pair?

Hi,

I have generated a private key file as private.pem. I have received a CA signed public key file as public.der. Well how can I use API in C++ project verify these two files valid and matching each other? After verification, I will use the key pair as outgoing certificate in my demo application.

PS: The private key is usually RSAKey and could also be other type like ECC key. For RSAKey, can I use the sample code in function in source file "openssl_evpSig_test in wolfssl\wolfcrypt\test\test.c"?

Thanks,
Alfred

Kaleb J. Himes · 2019-07-08 16:29:02

Kaleb J. Himes
Moderator
Offline

From: Bozeman
Registered: 2014-05-09
Posts: 777

Re: [SOLVED] How to verify a certificate key pair?

Hi Alfred,

You can use:

wolfSSL_CTX_use_PrivateKey_[file | buffer](); // to load the private key
wolfSSL_CTX_use_certificate_[file | buffer](); // to load the certificate
wolfSSL_CTX_check_private_key(); // checks that the private key matches the public key in the cert, returns WOLFSSL_SUCCESS or WOLFSSL_FAILURE

/* Check private against public in certificate for match                         
*                                                                               
* ctx  WOLFSSL_CTX structure to check private key in                            
*                                                                               
* Returns SSL_SUCCESS on good private key and SSL_FAILURE if miss matched. */
int wolfSSL_CTX_check_private_key(const WOLFSSL_CTX* ctx);

If you have any issues let me know and I'll put together a quick example.

Warm Regards,

KH

Alfred Zhou · 2019-07-08 23:42:43

Alfred Zhou
Member
Offline

Registered: 2019-07-01
Posts: 12

Re: [SOLVED] How to verify a certificate key pair?

Hi Kaleb,

I have used the code to verify my certificate files. It's great.

Thank you for your quick response,
Alfred

Kaleb J. Himes · 2019-07-09 05:44:24

Kaleb J. Himes
Moderator
Offline

From: Bozeman
Registered: 2014-05-09
Posts: 777

Re: [SOLVED] How to verify a certificate key pair?

Alfred,

My pleasure!

Cheers,

KH

Welcome to the wolfSSL Forums!

[SOLVED] How to verify a certificate key pair?

Posts: 4

1 Topic by Alfred Zhou 2019-07-07 23:34:18 (edited by Alfred Zhou 2019-07-08 02:43:38)

Topic: [SOLVED] How to verify a certificate key pair?

2 Reply by Kaleb J. Himes 2019-07-08 16:29:02

Re: [SOLVED] How to verify a certificate key pair?

3 Reply by Alfred Zhou 2019-07-08 23:42:43

Re: [SOLVED] How to verify a certificate key pair?

4 Reply by Kaleb J. Himes 2019-07-09 05:44:24

Re: [SOLVED] How to verify a certificate key pair?

Posts: 4