def delete(key_ref): '''delete a key When this function is used without an external key manager it does nothing to the provided reference. :param key_ref: The reference of the key to delete ''' if CONF.use_external_key_manager: client = barbican.client_for_admin() client.secrets.delete(key_ref) LOG.debug('Deleted key {key_ref}'.format(key_ref=key_ref)) else: LOG.debug('External key manager not enabled, key not deleted')
def get(key_ref): '''retrieve a key When used with an external key manager this will retrieve the key and return it as stored. When used without an external key manager it will return the argument provided. :param key_ref: The reference of the key to retrieve :returns: The retrieved key ''' if CONF.use_external_key_manager: client = barbican.client_for_admin() key = client.secrets.get(key_ref) LOG.debug('Retrieved key for {key_ref}'.format(key_ref=key_ref)) payload = key.payload return payload else: return key_ref
def store(key): '''store a key When used with an external key manager this function will store the key in the manager and return a reference provided by the manager. When used without an external manager this function will return the argument provided. :param key: The key to store :returns: A reference for the stored key ''' if CONF.use_external_key_manager: client = barbican.client_for_admin() secret = client.secrets.create(payload=key, payload_content_type='text/plain') secret_ref = secret.store() LOG.debug('Stored key as {key_ref}'.format(key_ref=secret_ref)) return secret_ref else: return key