ec.key doesn't correspond to cert.der{,.old}

[martindorey]

I was hoping to probe a vulnerable system with a command like this:

$ < /dev/null openssl s_client -cert cert.der.old -certform DER -key ec.key -keyform PEM
error setting private key
140222542737472:error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch:../crypto/x509/x509_cmp.c:297:
$ 

... but the error message there made me try this (h/t https://security.stackexchange.com/a/73131/276099):

$ openssl pkey -in ec.key -pubout > key.pub
$ openssl x509 -in cert.der.old -inform DER -pubkey -noout >  cert.der.old.pub
$ diff *.pub
7,8c7,8
< //////////+85vqtpxeehPO5ysL8YyVRAgEBAyIAA+/L/l5HQLeGeajfxw/bAjdo
< GFf9xBgV3j34fVhn2EFD
---
> //////////+85vqtpxeehPO5ysL8YyVRAgEBAyIAAjfHIC2Zuu/BE0zc8q9Cw6Ny
> 0rUxh6Ka+ViN7zpL7/89
$ 

Did something go wrong when @catbro666 uploaded the original files in https://github.com/drago-96/CVE-2022-0778/commit/345bf80ce65f4b1097b7fef18957f601c44f0138?

[catbro666]

I was hoping to probe a vulnerable system with a command like this:

$ < /dev/null openssl s_client -cert cert.der.old -certform DER -key ec.key -keyform PEM
error setting private key
140222542737472:error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch:../crypto/x509/x509_cmp.c:297:
$ 

... but the error message there made me try this (h/t https://security.stackexchange.com/a/73131/276099):

$ openssl pkey -in ec.key -pubout > key.pub
$ openssl x509 -in cert.der.old -inform DER -pubkey -noout >  cert.der.old.pub
$ diff *.pub
7,8c7,8
< //////////+85vqtpxeehPO5ysL8YyVRAgEBAyIAA+/L/l5HQLeGeajfxw/bAjdo
< GFf9xBgV3j34fVhn2EFD
---
> //////////+85vqtpxeehPO5ysL8YyVRAgEBAyIAAjfHIC2Zuu/BE0zc8q9Cw6Ny
> 0rUxh6Ka+ViN7zpL7/89
$ 

Did something go wrong when @catbro666 uploaded the original files in 345bf80?

Oops, It seems like I made a mistake. Maybe the key file was overwritten by accident.