OpenSSL icon indicating copy to clipboard operation
OpenSSL copied to clipboard
verified publisher icon krzyzanowskim

Crash on X509_check_private_key

Open jdanthinne opened this issue 11 months ago • 0 comments

I'm using OpenSSL 1.1.2301, and I recently got a crash report for X509_check_private_key, but by checking the source, I don't understand where that could come from. Before calling X509_check_private_key, I only call some other conversions methods, but none of them are throwing, so difficult to know if pointers are correctly created. Any clue/advice?

func pkcs12(fromPem pemCertificate: String, withPrivateKey pemPrivateKey: String) throws -> NSData {
    // Set OpenSSL parameters
    OpenSSL_add_all_algorithms()

    // Read certificate and private key
    let x509CertificateBuffer = BIO_new_mem_buf(pemCertificate, Int32(pemCertificate.count))
    let x509Certificate = PEM_read_bio_X509(x509CertificateBuffer, nil, nil, nil)

    let privateKeyBuffer = BIO_new_mem_buf(pemPrivateKey, Int32(pemPrivateKey.count))
    let privateKey = PEM_read_bio_PrivateKey(privateKeyBuffer, nil, nil, nil)

    defer {
        BIO_free(x509CertificateBuffer)
        BIO_free(privateKeyBuffer)
        X509_free(x509Certificate)
    }

    // Check if private key matches certificate
    guard X509_check_private_key(x509Certificate, privateKey) == 1 else {
        throw X509Error.privateKeyDoesNotMatchCertificate
    }

    …
Image

jdanthinne avatar Jan 21 '25 09:01 jdanthinne