summaryrefslogtreecommitdiffstats
path: root/security-utils
diff options
context:
space:
mode:
authorMorten Tokle <mortent@verizonmedia.com>2021-09-22 13:05:01 +0200
committerMorten Tokle <mortent@verizonmedia.com>2021-09-22 13:05:01 +0200
commitf306ea17f230652d616bcd91d53869b3f5607a72 (patch)
tree2f7027dc5ed35fbe05ac49d5f606d2e96e147c56 /security-utils
parente45db1be2298ec7665dbf089747381a83a19d43c (diff)
Read certificate fingerprint
Diffstat (limited to 'security-utils')
-rw-r--r--security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java15
1 files changed, 15 insertions, 0 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java b/security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java
index 215dc311af3..dbabf1274af 100644
--- a/security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java
+++ b/security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java
@@ -21,10 +21,13 @@ import java.io.UncheckedIOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
+import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.time.Duration;
@@ -178,4 +181,16 @@ public class X509CertificateUtils {
.build();
return new X509CertificateWithKey(cert, keyPair.getPrivate());
}
+
+ /**
+ * @return certificate SHA-1 fingerprint
+ */
+ public static byte[] getX509CertificateFingerPrint(X509Certificate certificate) {
+ try {
+ MessageDigest sha1 = MessageDigest.getInstance("SHA-1");
+ return sha1.digest(certificate.getEncoded());
+ } catch (CertificateEncodingException | NoSuchAlgorithmException e) {
+ throw new RuntimeException(e);
+ }
+ }
}