protected void importHostPublicKey(String hostId, String publicKey, boolean rh) {
KeyManager keyManager = securityManager.getKeyManager();
keyManager.savePublicKeyRing(
hostId,
rh ? SecurityKeyType.RESOURCE_HOST_KEY.getId() : SecurityKeyType.CONTAINER_HOST_KEY.getId(),
publicKey);
}
@Override
public ContainerToken verifyToken(final String token, String containerHostId, String publicKey)
throws HostRegistrationException {
ContainerTokenImpl containerToken = containerTokenDataService.find(token);
if (containerToken == null) {
throw new HostRegistrationException("Couldn't verify container token");
}
if (containerToken.getDateCreated().getTime() + containerToken.getTtl()
< System.currentTimeMillis()) {
throw new HostRegistrationException("Container token expired");
}
try {
securityManager
.getKeyManager()
.savePublicKeyRing(
containerHostId, SecurityKeyType.CONTAINER_HOST_KEY.getId(), publicKey);
} catch (Exception e) {
LOG.error("Error verifying token", e);
throw new HostRegistrationException("Failed to store container pubkey", e);
}
return containerToken;
}
protected void importHostSslCert(String hostId, String cert) {
securityManager
.getKeyStoreManager()
.importCertAsTrusted(Common.DEFAULT_PUBLIC_SECURE_PORT, hostId, cert);
securityManager.getHttpContextManager().reloadKeyStore();
}
