path: root/doc/crypto/X509_check_private_key.pod
diff options
Diffstat (limited to 'doc/crypto/X509_check_private_key.pod')
1 files changed, 54 insertions, 0 deletions
diff --git a/doc/crypto/X509_check_private_key.pod b/doc/crypto/X509_check_private_key.pod
new file mode 100644
index 000000000000..a1fb07b1097e
--- /dev/null
+++ b/doc/crypto/X509_check_private_key.pod
@@ -0,0 +1,54 @@
+=head1 NAME
+X509_check_private_key, X509_REQ_check_private_key - check the consistency
+of a private key with the public key in an X509 certificate or certificate
+=head1 SYNOPSIS
+ #include <openssl/x509.h>
+ int X509_check_private_key(X509 *x, EVP_PKEY *k);
+ int X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k);
+X509_check_private_key() function checks the consistency of private
+key B<k> with the public key in B<x>.
+X509_REQ_check_private_key() is equivalent to X509_check_private_key()
+except that B<x> represents a certificate request of structure B<X509_REQ>.
+X509_check_private_key() and X509_REQ_check_private_key() return 1 if
+the keys match each other, and 0 if not.
+If the key is invalid or an error occurred, the reason code can be
+obtained using L<ERR_get_error(3)>.
+=head1 BUGS
+The B<check_private_key> functions don't check if B<k> itself is indeed
+a private key or not. It merely compares the public materials (e.g. exponent
+and modulus of an RSA key) and/or key parameters (e.g. EC params of an EC key)
+of a key pair. So if you pass a public key to these functions in B<k>, it will
+return success.
+=head1 SEE ALSO
+Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
+Licensed under the OpenSSL license (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at