summaryrefslogtreecommitdiffstats
path: root/security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java
diff options
context:
space:
mode:
Diffstat (limited to 'security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java')
-rw-r--r--security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java21
1 files changed, 21 insertions, 0 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java b/security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java
index 97b6cc344e1..cefa8ab2f51 100644
--- a/security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java
+++ b/security-utils/src/main/java/com/yahoo/security/X509CertificateUtils.java
@@ -19,11 +19,16 @@ import java.io.StringReader;
import java.io.StringWriter;
import java.io.UncheckedIOException;
import java.security.GeneralSecurityException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.Signature;
+import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
+import java.util.Random;
import static com.yahoo.security.Extension.SUBJECT_ALTERNATIVE_NAMES;
import static java.util.stream.Collectors.toList;
@@ -140,4 +145,20 @@ public class X509CertificateUtils {
}
}
+ public static boolean privateKeyMatchesPublicKey(PrivateKey privateKey, PublicKey publicKey) {
+ byte[] someRandomData = new byte[64];
+ new Random().nextBytes(someRandomData);
+
+ Signature signer = SignatureUtils.createSigner(privateKey);
+ Signature verifier = SignatureUtils.createVerifier(publicKey);
+ try {
+ signer.update(someRandomData);
+ verifier.update(someRandomData);
+ byte[] signature = signer.sign();
+ return verifier.verify(signature);
+ } catch (SignatureException e) {
+ throw new RuntimeException(e);
+ }
+ }
+
}