Updated: 2025/Nov/16

Please read Privacy Policy. It's for your privacy.

X509_check_private_key(3)           OpenSSL          X509_check_private_key(3)


NAME
       X509_check_private_key, X509_REQ_check_private_key - check the
       consistency of a private key with the public key in an X509 certificate
       or certificate request

SYNOPSIS
        #include <openssl/x509.h>

        int X509_check_private_key(const X509 *cert, EVP_PKEY *pkey);

        int X509_REQ_check_private_key(X509_REQ *req, EVP_PKEY *pkey);

DESCRIPTION
       X509_check_private_key() function checks the consistency of private key
       pkey with the public key in cert.

       X509_REQ_check_private_key() is equivalent to X509_check_private_key()
       except that req represents a certificate request of structure X509_REQ.

RETURN VALUES
       X509_check_private_key() and X509_REQ_check_private_key() return 1 if
       the keys match each other, and 0 if not.

       If the key is invalid or an error occurred, the reason code can be
       obtained using ERR_get_error(3).

BUGS
       The X509_check_private_key() and X509_REQ_check_private_key() functions
       do not check if pkey itself is indeed a private key or not.  They
       merely compare the public materials (e.g., exponent and modulus of an
       RSA key) and/or key parameters (e.g. EC params of an EC key) of a key
       pair.  So they also return success if pkey is a matching public key.

SEE ALSO
       ERR_get_error(3)

COPYRIGHT
       Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.

       Licensed under the Apache License 2.0 (the "License").  You may not use
       this file except in compliance with the License.  You can obtain a copy
       in the file LICENSE in the source distribution or at
       <https://www.openssl.org/source/license.html>.

3.5.1                             2025-07-01         X509_check_private_key(3)