Replace key manager with Castellan

Because key manager code is duplicated across several projects, a key manager interface was moved into its own library. This patch goes back to replace the old code with the new library. Change-Id: Ib563b0ea4b8b4bc1833bf52bf49a68546c384996 Implements: blueprint use-castellan-key-manager
2016-04-21 14:58:46 -04:00 · 2016-04-21 14:58:46 -04:00 · c7ccad4a02
commit c7ccad4a02
parent 56087a9d5b
3 changed files with 8 additions and 10 deletions
--- a/nova/conf/init.py
+++ b/nova/conf/init.py
@ -50,7 +50,7 @@ from nova.conf import hyperv
 from nova.conf import image_file_url
 from nova.conf import ipv6
 from nova.conf import ironic
-from nova.conf import keymgr
+from nova.conf import key_manager
 # from nova.conf import keystone_authtoken
 # from nova.conf import libvirt
 from nova.conf import mks
@ -120,7 +120,7 @@ mks.register_opts(CONF)
 image_file_url.register_opts(CONF)
 ipv6.register_opts(CONF)
 ironic.register_opts(CONF)
-keymgr.register_opts(CONF)
+key_manager.register_opts(CONF)
 # keystone_authtoken.register_opts(CONF)
 # libvirt.register_opts(CONF)
 # matchmaker_redis.register_opts(CONF)
--- a/nova/tests/unit/volume/encryptors/test_cryptsetup.py
+++ b/nova/tests/unit/volume/encryptors/test_cryptsetup.py
@ -14,24 +14,21 @@
 #    under the License.


-import array
-import codecs
+import binascii

+from castellan.common.objects import symmetric_key as key
 import mock
 import six

 from nova import exception
-from nova.keymgr import key
 from nova.tests.unit.volume.encryptors import test_base
 from nova.volume.encryptors import cryptsetup

-decode_hex = codecs.getdecoder("hex_codec")
-

 def fake__get_key(context):
-    raw = array.array('B', decode_hex('0' * 64)[0]).tolist()
+    raw = bytes(binascii.unhexlify('0' * 32))

-    symmetric_key = key.SymmetricKey('AES', raw)
+    symmetric_key = key.SymmetricKey('AES', len(raw) * 8, raw)
    return symmetric_key


--- a/nova/volume/encryptors/cryptsetup.py
+++ b/nova/volume/encryptors/cryptsetup.py
@ -14,6 +14,7 @@
 #    under the License.


+import binascii
 import os

 from oslo_log import log as logging
@ -54,7 +55,7 @@ class CryptsetupEncryptor(base.VolumeEncryptor):

    def _get_passphrase(self, key):
        """Convert raw key to string."""
-        return ''.join(hex(x).replace('0x', '') for x in key)
+        return binascii.hexlify(key).decode('utf-8')

    def _open_volume(self, passphrase, **kwargs):
        """Opens the LUKS partition on the volume using the specified