diff options
author | Andreas Eriksen <andreer@pvv.ntnu.no> | 2020-01-21 10:18:22 +0100 |
---|---|---|
committer | andreer <andreer@verizonmedia.com> | 2020-01-21 12:39:08 +0100 |
commit | ef85cda373ff63f08b8ea8f4a11e1e5c48b42772 (patch) | |
tree | 96bf4523129112addc52f609d37ae6dcd8843672 /security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java | |
parent | a53cde292481f4523f66e0dc5b176d452a4db20b (diff) |
Revert "Revert "accept and store json endpoint cert metadata on deploy""
Diffstat (limited to 'security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java')
-rw-r--r-- | security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java b/security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java index 97b6cc344e1..cefa8ab2f51 100644 --- a/security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java +++ b/security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java @@ -19,11 +19,16 @@ import java.io.StringReader; import java.io.StringWriter; import java.io.UncheckedIOException; import java.security.GeneralSecurityException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.Signature; +import java.security.SignatureException; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.Collections; import java.util.List; +import java.util.Random; import static com.yahoo.security.Extension.SUBJECT_ALTERNATIVE_NAMES; import static java.util.stream.Collectors.toList; @@ -140,4 +145,20 @@ public class X509CertificateUtils { } } + public static boolean privateKeyMatchesPublicKey(PrivateKey privateKey, PublicKey publicKey) { + byte[] someRandomData = new byte[64]; + new Random().nextBytes(someRandomData); + + Signature signer = SignatureUtils.createSigner(privateKey); + Signature verifier = SignatureUtils.createVerifier(publicKey); + try { + signer.update(someRandomData); + verifier.update(someRandomData); + byte[] signature = signer.sign(); + return verifier.verify(signature); + } catch (SignatureException e) { + throw new RuntimeException(e); + } + } + } |