Python get_instanceの例

コード例 #1

ファイル: storage.py プロジェクト: jamielennox/kite

    def set_key(self, name, key, expiration=None):
        """Encrypt a key and store it to the backend.

        :param string key_id: Key Identifier
        :param string keyblock: raw key data
        """
        crypto_manager = crypto.CryptoManager.get_instance()
        enc_key, signature = crypto_manager.encrypt_key(name, key)
        return dbapi.get_instance().set_key(name, key=enc_key,
                                            signature=signature,
                                            group=False, expiration=expiration)

コード例 #2

    def set_key(self, name, key, expiration=None):
        """Encrypt a key and store it to the backend.

        :param string key_id: Key Identifier
        :param string keyblock: raw key data
        """
        crypto_manager = crypto.CryptoManager.get_instance()
        enc_key, signature = crypto_manager.encrypt_key(name, key)
        return dbapi.get_instance().set_key(name,
                                            key=enc_key,
                                            signature=signature,
                                            group=False,
                                            expiration=expiration)

コード例 #3

ファイル: base.py プロジェクト: jamielennox/kite

    def setUp(self):
        super(BaseTestCase, self).setUp()

        self.config_fixture.config(backend='kvs', group='database')
        db_api.reset()

        root = 'kite.api.root.RootController'
        self.app_config = {
            'app': {
                'root': root,
                'modules': ['kite.api'],
            },
        }

        self.CRYPTO = crypto.CryptoManager.get_instance()
        self.DB = db_api.get_instance()
        self.STORAGE = storage.StorageManager.get_instance()

        self.app = pecan.testing.load_test_app(self.app_config)
        self.addCleanup(pecan.set_config, {}, overwrite=True)

コード例 #4

ファイル: base.py プロジェクト: jamielennox/kite

    def setUp(self):
        super(BaseTestCase, self).setUp()

        self.config_fixture.config(backend='kvs', group='database')
        db_api.reset()

        root = 'kite.api.root.RootController'
        self.app_config = {
            'app': {
                'root': root,
                'modules': ['kite.api'],
            },
        }

        self.CRYPTO = crypto.CryptoManager.get_instance()
        self.DB = db_api.get_instance()
        self.STORAGE = storage.StorageManager.get_instance()

        self.app = pecan.testing.load_test_app(self.app_config)
        self.addCleanup(pecan.set_config, {}, overwrite=True)

コード例 #5

ファイル: storage.py プロジェクト: jamielennox/kite

    def get_key(self, name, generation=None, group=None):
        """Retrieves a key from the driver and decrypts it for use.

        If it is a group key and it has expired or is not found then generate
        a new one and return that for use.

        :param string name: Key Identifier
        :param int generation: Key generation to retrieve. Default latest
        """
        key = dbapi.get_instance().get_key(name,
                                           generation=generation,
                                           group=group)
        crypto_manager = crypto.CryptoManager.get_instance()

        if not key:
            # host or group not found
            raise exception.KeyNotFound(name=name, generation=generation)

        if group is not None and group != key['group']:
            raise exception.KeyNotFound(name=name, generation=generation)

        now = timeutils.utcnow()
        expiration = key.get('expiration')

        if key['group'] and expiration and generation is not None:
            # if you ask for a specific group key generation then you can
            # retrieve it for a little while beyond it being expired
            timeout = expiration + datetime.timedelta(minutes=10)
        elif key['group'] and expiration:
            # when we can generate a new key we don't want to use an older one
            # that is just going to require refreshing soon
            timeout = expiration - datetime.timedelta(minutes=2)
        else:
            # otherwise we either have an un-expiring group or host key which
            # we just check against now
            timeout = expiration

        if timeout and now >= timeout:
            if key['group']:
                # clear the key so it will generate a new group key
                key = {'group': True}
            else:
                raise exception.KeyNotFound(name=name, generation=generation)

        if 'key' in key:
            dec_key = crypto_manager.decrypt_key(name,
                                                 enc_key=key['key'],
                                                 signature=key['signature'])
            return {'key': dec_key,
                    'generation': key['generation'],
                    'name': key['name'],
                    'group': key['group']}

        if generation is not None or not key['group']:
            # A specific generation was asked for or it's not a group key
            # so don't generate a new one
            raise exception.KeyNotFound(name=name, generation=generation)

        # generate and return a new group key
        new_key = crypto_manager.new_key()
        enc_key, signature = crypto_manager.encrypt_key(name, new_key)
        expiration = now + datetime.timedelta(minutes=15)

        new_gen = dbapi.get_instance().set_key(name,
                                               key=enc_key,
                                               signature=signature,
                                               group=True,
                                               expiration=expiration)

        return {'key': new_key,
                'generation': new_gen,
                'name': name,
                'group': True,
                'expiration': expiration}

コード例 #6

ファイル: storage.py プロジェクト: jamielennox/kite

 def delete_group(self, name):
     dbapi.get_instance().delete_host(name, group=True)

コード例 #7

ファイル: storage.py プロジェクト: jamielennox/kite

 def create_group(self, name):
     dbapi.get_instance().create_group(name)

コード例 #8

    def get_key(self, name, generation=None, group=None):
        """Retrieves a key from the driver and decrypts it for use.

        If it is a group key and it has expired or is not found then generate
        a new one and return that for use.

        :param string name: Key Identifier
        :param int generation: Key generation to retrieve. Default latest
        """
        key = dbapi.get_instance().get_key(name,
                                           generation=generation,
                                           group=group)
        crypto_manager = crypto.CryptoManager.get_instance()

        if not key:
            # host or group not found
            raise exception.KeyNotFound(name=name, generation=generation)

        if group is not None and group != key['group']:
            raise exception.KeyNotFound(name=name, generation=generation)

        now = timeutils.utcnow()
        expiration = key.get('expiration')

        if key['group'] and expiration and generation is not None:
            # if you ask for a specific group key generation then you can
            # retrieve it for a little while beyond it being expired
            timeout = expiration + datetime.timedelta(minutes=10)
        elif key['group'] and expiration:
            # when we can generate a new key we don't want to use an older one
            # that is just going to require refreshing soon
            timeout = expiration - datetime.timedelta(minutes=2)
        else:
            # otherwise we either have an un-expiring group or host key which
            # we just check against now
            timeout = expiration

        if timeout and now >= timeout:
            if key['group']:
                # clear the key so it will generate a new group key
                key = {'group': True}
            else:
                raise exception.KeyNotFound(name=name, generation=generation)

        if 'key' in key:
            dec_key = crypto_manager.decrypt_key(name,
                                                 enc_key=key['key'],
                                                 signature=key['signature'])
            return {
                'key': dec_key,
                'generation': key['generation'],
                'name': key['name'],
                'group': key['group']
            }

        if generation is not None or not key['group']:
            # A specific generation was asked for or it's not a group key
            # so don't generate a new one
            raise exception.KeyNotFound(name=name, generation=generation)

        # generate and return a new group key
        new_key = crypto_manager.new_key()
        enc_key, signature = crypto_manager.encrypt_key(name, new_key)
        expiration = now + datetime.timedelta(minutes=15)

        new_gen = dbapi.get_instance().set_key(name,
                                               key=enc_key,
                                               signature=signature,
                                               group=True,
                                               expiration=expiration)

        return {
            'key': new_key,
            'generation': new_gen,
            'name': name,
            'group': True,
            'expiration': expiration
        }

コード例 #9

 def delete_group(self, name):
     dbapi.get_instance().delete_host(name, group=True)

コード例 #10

 def create_group(self, name):
     dbapi.get_instance().create_group(name)