- RSA* private_key = PEM_read_bio_RSAPrivateKey (bio, 0, 0, 0);
- RSA* public_key = leaf().public_key ();
+ auto private_key = PEM_read_bio_RSAPrivateKey (bio, 0, 0, 0);
+ if (!private_key) {
+ return false;
+ }
+
+ auto public_key = leaf().public_key ();
+
+#if OPENSSL_VERSION_NUMBER > 0x10100000L
+ BIGNUM const * private_key_n;
+ RSA_get0_key(private_key, &private_key_n, 0, 0);
+ BIGNUM const * public_key_n;
+ RSA_get0_key(public_key, &public_key_n, 0, 0);
+ if (!private_key_n || !public_key_n) {
+ return false;
+ }
+ bool const valid = !BN_cmp (private_key_n, public_key_n);
+#else