Merge "Pass secret metadata to crypto extension manager for plugin search."

barbican/crypto/extension_manager.py

@@ -305,7 +305,9 @@ class CryptoExtensionManager(named.NamedExtensionManager):
         is then returned from this method.
         """
         encrypting_plugin = \
-            self._determine_crypto_plugin(secret.algorithm)
+            self._determine_crypto_plugin(secret.algorithm,
+                                          secret.bit_length,
+                                          secret.mode)
 
         kek_datum, kek_meta_dto = self._find_or_create_kek_objects(
             encrypting_plugin, tenant, kek_repo)

barbican/tests/crypto/test_extension_manager.py

@@ -315,6 +315,21 @@ class WhenTestingCryptoExtensionManager(testtools.TestCase):
             mock.MagicMock(),
         )
 
+    def test_generate_symmetric_encryption_key(self):
+        secret = mock.MagicMock(algorithm='aes', bit_length=128)
+        content_type = 'application/octet-stream'
+        tenant = mock.MagicMock()
+        kek_repo = mock.MagicMock(name='kek_repo')
+
+        plugin = SimpleCryptoPlugin()
+        plugin_mock = mock.MagicMock(obj=plugin)
+        self.manager.extensions = [plugin_mock]
+
+        datum = self.manager.generate_symmetric_encryption_key(
+            secret, content_type, tenant, kek_repo
+        )
+        self.assertIsNotNone(datum)
+
     def test_generate_data_encryption_key_no_supported_plugin(self):
         plugin = TestSupportsCryptoPlugin()
         plugin_mock = mock.MagicMock(obj=plugin)