pyOpenSSL

check method of private keys

Bug #376051 reported by rick_dean on 2009-05-13

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	pyOpenSSL	Fix Released	Undecided	Unassigned	pyOpenSSL 0.13

Bug Description

Here is a patch to implement the RSA key checking functionality
of "openssl rsa -in somekey.pem -check -noout".

The openssl library (and applications) do not have the equivalent
functionality for DSA private keys, so attempting to check one produces
a TypeError exception.

Automated unit test cases are included, but I don't actually
have an inconsistent RSA key to test with, so the
failure explanation is not as detailed as the openssl app.

Related branches

lp://staging/~exarkun/pyopenssl/rsa-check-2 (Merged)

lp://staging/~exarkun/pyopenssl/pkey-modulus

Revision history for this message

rick_dean (rick-fdd) wrote on 2009-05-13:

pyOpenSSL_rsa_check.diff Edit (2.5 KiB, text/plain)

Revision history for this message

rick_dean (rick-fdd) wrote on 2009-05-13:

add support for modulus() of PKey Edit (3.8 KiB, text/plain)

This patch add support for "openssl rsa -noout -modulus" and
"openssl dsa -noout -modulus". The patch applies on to of the
"-check" patch.

X509 seem to use "get_" in it's method names, but
PKey does not (see type()). This patch continues that
convention, but I'm open to change.

This patch duplicates the _runopenssl() function
definition in it's test case, but there is clearly
a better solution, although it would be
harder to merge.

Revision history for this message

Jean-Paul Calderone (exarkun) wrote on 2011-06-13:

The modulus patch confuses me a bit. It seems to be a faithful reimplementation of "openssl rsa -modulus" and "openssl dsa -modulus", but *those* options make little sense to me. Or rather, the RSA version makes sense, since RSA keys have something that can be referred to as a "modulus" with little confusion. Why you would make up the name "modulus" for the "public key components" of a DSA key is beyond me, though.

A use case would probably help clarify things. Meanwhile, I'll apply the `check` patch and resolve this ticket and push the `modulus` part to a branch so it can be dealt with easily when someone understands it. :)

Revision history for this message

Jean-Paul Calderone (exarkun) wrote on 2011-06-13:

PKey.check added. lp:~exarkun/pyopenssl/pkey-modulus has the modulus changes.

Changed in pyopenssl:
milestone:	none → 0.13
status:	New → Fix Committed

Jean-Paul Calderone (exarkun) on 2011-09-04

Changed in pyopenssl:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Patches

Add patch

Remote bug watches

Bug watches keep track of this bug in other bug trackers.