diff options
author | Mrmaxmeier <Mrmaxmeier@gmail.com> | 2020-03-11 22:03:59 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-03-11 17:03:59 -0400 |
commit | 8cd3b17ec79ec2049eb9d8d6d162b417012144a2 (patch) | |
tree | b5ced288278925cb0177f7acf4d81ca847e174c6 /src/OpenSSL/crypto.py | |
parent | 675534c18ab60517985fdee424837986e58ab260 (diff) | |
download | pyopenssl-8cd3b17ec79ec2049eb9d8d6d162b417012144a2.tar.gz |
Fix PKey.check for some broken keys (#897)
* fix PKey.check for some broken keys
RSA_check_key is documented to return 1 for valid keys.
It (currently) returns 0 or -1 for invalid ones.
The previous code accepted invalid keys if RSA_check_key returns -1!
* add test
Diffstat (limited to 'src/OpenSSL/crypto.py')
-rw-r--r-- | src/OpenSSL/crypto.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/OpenSSL/crypto.py b/src/OpenSSL/crypto.py index b51e12f..e2956ae 100644 --- a/src/OpenSSL/crypto.py +++ b/src/OpenSSL/crypto.py @@ -345,7 +345,7 @@ class PKey(object): rsa = _lib.EVP_PKEY_get1_RSA(self._pkey) rsa = _ffi.gc(rsa, _lib.RSA_free) result = _lib.RSA_check_key(rsa) - if result: + if result == 1: return True _raise_current_error() |