Add CryptoPluginUnsupportedOperation

If none of the enabled crypto plugins support the given operation,
raise an exception with a detailed error message. Previously,
a secret_store exception was being raised, but now a crypto
plugin specific exception is raised instead.

Closes-Bug: #1616179

Change-Id: I7b74367baab54682357cdb44e45336fa20ae7273

barbican/plugin/crypto/base.py

@@ -42,6 +42,16 @@ class CryptoPrivateKeyFailureException(exception.BarbicanException):
         )
 
 
+class CryptoPluginUnsupportedOperation(exception.BarbicanException):
+    """Raised when no crypto plugins support the operation."""
+    def __init__(self, operation):
+        message = (
+            u._('Could not find an enabled crypto plugin backend '
+                'that supports the requested operation: {operation}')
+            .format(operation=operation))
+        super(CryptoPluginUnsupportedOperation, self).__init__(message)
+
+
 # TODO(john-wood-w) Need to harmonize these lower-level constants with the
 #  higher level constants in secret_store.py.
 class PluginSupportTypes(object):

barbican/plugin/crypto/manager.py

@@ -19,7 +19,6 @@ from barbican.common import config
 from barbican.common import utils
 from barbican import i18n as u
 from barbican.plugin.crypto import base
-from barbican.plugin.interface import secret_store
 from barbican.plugin.util import multiple_backends
 from barbican.plugin.util import utils as plugin_utils
 
@@ -94,7 +93,14 @@ class _CryptoPluginManager(named.NamedExtensionManager):
                     type_needed, algorithm, bit_length, mode):
                 break
         else:
-            raise secret_store.SecretStorePluginNotFound()
+            operation = (u._("store or generate a secret of type {secret_type}"
+                             " with algorithm {algorithm}, bit length "
+                             "{bit_length}, and mode {mode}")
+                         .format(secret_type=type_needed,
+                                 algorithm=algorithm,
+                                 bit_length=bit_length,
+                                 mode=mode))
+            raise base.CryptoPluginUnsupportedOperation(operation=operation)
 
         return generating_plugin
 
@@ -115,7 +121,9 @@ class _CryptoPluginManager(named.NamedExtensionManager):
             if plugin_name == plugin_name_for_store:
                 break
         else:
-            raise secret_store.SecretStorePluginNotFound()
+            operation = (u._("retrieve a secret from plugin: {plugin}")
+                         .format(plugin=plugin_name_for_store))
+            raise base.CryptoPluginUnsupportedOperation(operation=operation)
 
         return decrypting_plugin
 

barbican/tests/plugin/crypto/test_manager.py

@@ -17,7 +17,6 @@ import threading
 from barbican.common import utils as common_utils
 from barbican.plugin.crypto import base
 from barbican.plugin.crypto import manager as cm
-from barbican.plugin.interface import secret_store
 from barbican.tests import utils
 
 
@@ -73,7 +72,7 @@ class WhenTestingManager(utils.BaseTestCase):
     def test_raises_error_with_wrong_plugin_type(self):
         self.plugin_returned.supports.return_value = False
         self.assertRaises(
-            secret_store.SecretStorePluginNotFound,
+            base.CryptoPluginUnsupportedOperation,
             self.manager.get_plugin_store_generate,
             self.plugin_type)
 
@@ -91,7 +90,7 @@ class WhenTestingManager(utils.BaseTestCase):
 
     def test_raises_error_with_wrong_plugin_name(self):
         self.assertRaises(
-            secret_store.SecretStorePluginNotFound,
+            base.CryptoPluginUnsupportedOperation,
             self.manager.get_plugin_retrieve,
             'other-name')