4 Commits

Author SHA1 Message Date
Douglas Mendizábal
3b4d488a6a Add new options for Barbican PKCS#11 backend
This patch adds two new parameters for deploying Barbican with the
PCKS#11 backend `BarbicanPkcs11CryptoTokenLabels` and
`BarbicanPkcs11CryptoOsLockingOk`.

The patch also deprecates `BarbicanPkcs11CryptoTokenLabel` in favor of
the new option that can be set to more than one label.

Depends-On: Iba7013dd6e1b1e4650b25cd4dd8dc1f355ceb538
Change-Id: I1c5059799f613a62a13379eb82ba516a8ed3a15a
2021-04-12 08:04:18 -05:00
Dan Prince
5e46c2a579 flatten the barbican service configurations
This change combines the previous puppet and docker files into a single
file that performs the docker service installation and configuration
for the barbican API service. The barbican backend files are also
moved into the deployment/barbican directory for consistency.

Change-Id: Ib4a3993ac352e9e00f72ddf374042b574f6d55d6
Related-Blueprint: services-yaml-flattening
2019-02-18 08:06:21 -05:00
Douglas Mendizábal
9012fff849 Added Barbican option BarbicanPkcs11AlwaysSetCkaSensitive
Added support for setting the Barbican option
always_set_cka_sensitive.  The option defaults to true as
needed by Safenet HSMs.  It is set to false in the ATOS
and Thales HSM environments.

Change-Id: If3fa975e8243dfe30ef67ec81db891943a94a9d5
Story: 2004734
2019-01-17 08:50:24 -06:00
Ade Lee
17e0087e43 Add template code to configure hsm backends for barbican
Adds support for the Thales and ATOS client software.

Change-Id: I79f8608431fecc58c8bdeba2de4a692a7ee388e9
Co-Authored-By: Douglas Mendizabal <dmendiza@redhat.com>
2018-12-20 12:54:55 -06:00