Replace key manager with Castellan

Because key manager code is duplicated across several projects, a key
manager interface was moved into its own library. This patch goes back
to replace the old code with the new library.

Change-Id: Ib563b0ea4b8b4bc1833bf52bf49a68546c384996
Implements: blueprint use-castellan-key-manager
This commit is contained in:
Kaitlin Farr 2016-04-21 14:58:46 -04:00
parent 56087a9d5b
commit c7ccad4a02
3 changed files with 8 additions and 10 deletions

View File

@ -50,7 +50,7 @@ from nova.conf import hyperv
from nova.conf import image_file_url from nova.conf import image_file_url
from nova.conf import ipv6 from nova.conf import ipv6
from nova.conf import ironic from nova.conf import ironic
from nova.conf import keymgr from nova.conf import key_manager
# from nova.conf import keystone_authtoken # from nova.conf import keystone_authtoken
# from nova.conf import libvirt # from nova.conf import libvirt
from nova.conf import mks from nova.conf import mks
@ -120,7 +120,7 @@ mks.register_opts(CONF)
image_file_url.register_opts(CONF) image_file_url.register_opts(CONF)
ipv6.register_opts(CONF) ipv6.register_opts(CONF)
ironic.register_opts(CONF) ironic.register_opts(CONF)
keymgr.register_opts(CONF) key_manager.register_opts(CONF)
# keystone_authtoken.register_opts(CONF) # keystone_authtoken.register_opts(CONF)
# libvirt.register_opts(CONF) # libvirt.register_opts(CONF)
# matchmaker_redis.register_opts(CONF) # matchmaker_redis.register_opts(CONF)

View File

@ -14,24 +14,21 @@
# under the License. # under the License.
import array import binascii
import codecs
from castellan.common.objects import symmetric_key as key
import mock import mock
import six import six
from nova import exception from nova import exception
from nova.keymgr import key
from nova.tests.unit.volume.encryptors import test_base from nova.tests.unit.volume.encryptors import test_base
from nova.volume.encryptors import cryptsetup from nova.volume.encryptors import cryptsetup
decode_hex = codecs.getdecoder("hex_codec")
def fake__get_key(context): def fake__get_key(context):
raw = array.array('B', decode_hex('0' * 64)[0]).tolist() raw = bytes(binascii.unhexlify('0' * 32))
symmetric_key = key.SymmetricKey('AES', raw) symmetric_key = key.SymmetricKey('AES', len(raw) * 8, raw)
return symmetric_key return symmetric_key

View File

@ -14,6 +14,7 @@
# under the License. # under the License.
import binascii
import os import os
from oslo_log import log as logging from oslo_log import log as logging
@ -54,7 +55,7 @@ class CryptsetupEncryptor(base.VolumeEncryptor):
def _get_passphrase(self, key): def _get_passphrase(self, key):
"""Convert raw key to string.""" """Convert raw key to string."""
return ''.join(hex(x).replace('0x', '') for x in key) return binascii.hexlify(key).decode('utf-8')
def _open_volume(self, passphrase, **kwargs): def _open_volume(self, passphrase, **kwargs):
"""Opens the LUKS partition on the volume using the specified """Opens the LUKS partition on the volume using the specified