Missing private key
Context used for cryptography operation is associated with NULL private key or not associated with a private key at all
Description
This defect occurs when you use a context object for decryption, signature, or shared secret derivation but you have not previously associated the object with a non-NULL private key.
For instance, you initialize the context object with a NULL private key and use the object for decryption later.
ctx = EVP_PKEY_CTX_new(pkey, NULL); ... ret = EVP_PKEY_decrypt_init(ctx); ... ret = EVP_PKEY_decrypt(ctx, out, &out_len, in, in_len);
The counterpart checker Missing public
                key checks for a public key in encryption and authentication
            operations. The checker Missing peer
                key checks for a peer key in shared secret derivation.
Risk
Without a private key, the decryption, signature, or shared secret derivation step does not occur. The redundant operation often indicates a coding error.
Fix
Check the placement of the operation (decryption, signature, or shared secret derivation). If the operation is intended, make sure you have completed these steps prior to the operation:
- Generate a non-NULL private key. - For instance: - EVP_PKEY *pkey = NULL; kctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL); EVP_PKEY_keygen_init(kctx); EVP_PKEY_CTX_set_rsa_keygen_bits(kctx, RSA_2048BITS); EVP_PKEY_keygen(kctx, &pkey); 
- Associate a non-NULL context object with the private key. - For instance: - ctx = EVP_PKEY_CTX_new(pkey, NULL); - Note: If you use - EVP_PKEY_CTX_new_idinstead of- EVP_PKEY_CTX_new, you are not associating the context object with a private key.
Examples
Result Information
| Group: Cryptography | 
| Language: C | C++ | 
| Default: Off | 
| Command-Line Syntax: CRYPTO_PKEY_NO_PRIVATE_KEY | 
| Impact: Medium | 
Version History
Introduced in R2018a
See Also
Context
                initialized incorrectly for cryptographic operation | Incorrect key for
                cryptographic algorithm | Missing data for
                encryption, decryption or signing | Missing
                parameters for key generation | Missing peer
                key | Missing public
                key | Nonsecure
                parameters for key generation | Find defects (-checkers)
Topics
- Interpret Bug Finder Results in Polyspace Desktop User Interface
- Interpret Bug Finder Results in Polyspace Access Web Interface (Polyspace Access)
- Address Results in Polyspace User Interface Through Bug Fixes or Justifications
- Address Results in Polyspace Access Through Bug Fixes or Justifications (Polyspace Access)