diff options
author | Jon Marius Venstad <jonmv@users.noreply.github.com> | 2020-01-20 18:03:51 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-01-20 18:03:51 +0100 |
commit | e26a64e7b763bb5a15b33e7ccb0517e277676db5 (patch) | |
tree | b5c8ebee67185a548a34a3d5ec59e7cf2a44aa78 /security-utils/src | |
parent | 7198375a03613745e7c8b45b4c32c966c55be0ba (diff) |
Revert "accept and store json endpoint cert metadata on deploy"
Diffstat (limited to 'security-utils/src')
-rw-r--r-- | security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java | 21 | ||||
-rw-r--r-- | security-utils/src/test/java/com/yahoo/security/X509CertificateUtilsTest.java | 16 |
2 files changed, 0 insertions, 37 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java b/security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java index cefa8ab2f51..97b6cc344e1 100644 --- a/security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java +++ b/security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java @@ -19,16 +19,11 @@ import java.io.StringReader; import java.io.StringWriter; import java.io.UncheckedIOException; import java.security.GeneralSecurityException; -import java.security.PrivateKey; -import java.security.PublicKey; -import java.security.Signature; -import java.security.SignatureException; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.Collections; import java.util.List; -import java.util.Random; import static com.yahoo.security.Extension.SUBJECT_ALTERNATIVE_NAMES; import static java.util.stream.Collectors.toList; @@ -145,20 +140,4 @@ public class X509CertificateUtils { } } - public static boolean privateKeyMatchesPublicKey(PrivateKey privateKey, PublicKey publicKey) { - byte[] someRandomData = new byte[64]; - new Random().nextBytes(someRandomData); - - Signature signer = SignatureUtils.createSigner(privateKey); - Signature verifier = SignatureUtils.createVerifier(publicKey); - try { - signer.update(someRandomData); - verifier.update(someRandomData); - byte[] signature = signer.sign(); - return verifier.verify(signature); - } catch (SignatureException e) { - throw new RuntimeException(e); - } - } - } diff --git a/security-utils/src/test/java/com/yahoo/security/X509CertificateUtilsTest.java b/security-utils/src/test/java/com/yahoo/security/X509CertificateUtilsTest.java index b4eca8328c1..76a93028efe 100644 --- a/security-utils/src/test/java/com/yahoo/security/X509CertificateUtilsTest.java +++ b/security-utils/src/test/java/com/yahoo/security/X509CertificateUtilsTest.java @@ -17,9 +17,7 @@ import static org.hamcrest.CoreMatchers.containsString; import static org.hamcrest.CoreMatchers.equalTo; import static org.hamcrest.Matchers.is; import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertThat; -import static org.junit.Assert.assertTrue; /** * @author bjorncs @@ -73,18 +71,4 @@ public class X509CertificateUtilsTest { assertThat(sans.size(), is(1)); assertThat(sans.get(0), equalTo(san)); } - - @Test - public void verifies_matching_cert_and_key() { - KeyPair ecKeypairA = KeyUtils.generateKeypair(KeyAlgorithm.EC, 256); - KeyPair ecKeypairB = KeyUtils.generateKeypair(KeyAlgorithm.EC, 256); - KeyPair rsaKeypairA = KeyUtils.generateKeypair(KeyAlgorithm.RSA, 1024); - KeyPair rsaKeypairB = KeyUtils.generateKeypair(KeyAlgorithm.RSA, 1024); - - assertTrue(X509CertificateUtils.privateKeyMatchesPublicKey(ecKeypairA.getPrivate(), ecKeypairA.getPublic())); - assertTrue(X509CertificateUtils.privateKeyMatchesPublicKey(rsaKeypairA.getPrivate(), rsaKeypairA.getPublic())); - - assertFalse(X509CertificateUtils.privateKeyMatchesPublicKey(ecKeypairA.getPrivate(), ecKeypairB.getPublic())); - assertFalse(X509CertificateUtils.privateKeyMatchesPublicKey(rsaKeypairA.getPrivate(), rsaKeypairB.getPublic())); - } }
\ No newline at end of file |