def _store_secret_and_datum(context, secret_model, kek_datum_model,
generated_dto):
# Create Secret entities in data store.
if not secret_model.id:
secret_model.project_id = context.project_model.id
repositories.get_secret_repository().create_from(secret_model)
# setup and store encrypted datum
datum_model = models.EncryptedDatum(secret_model, kek_datum_model)
datum_model.content_type = context.content_type
datum_model.cypher_text = base64.b64encode(generated_dto.cypher_text)
datum_model.kek_meta_extended = generated_dto.kek_meta_extended
repositories.get_encrypted_datum_repository().create_from(datum_model)
def _store_secret_and_datum(
context, secret_model, kek_datum_model, generated_dto):
# Create Secret entities in data store.
if not secret_model.id:
secret_model.project_id = context.project_model.id
repositories.get_secret_repository().create_from(secret_model)
# setup and store encrypted datum
datum_model = models.EncryptedDatum(secret_model, kek_datum_model)
datum_model.content_type = context.content_type
datum_model.cypher_text = base64.b64encode(generated_dto.cypher_text)
datum_model.kek_meta_extended = generated_dto.kek_meta_extended
repositories.get_encrypted_datum_repository().create_from(
datum_model)
def create_encrypted_datum(secret=None, kek_datum=None, session=None):
enc_datum = models.EncryptedDatum()
enc_datum.secret_id = secret.id
enc_datum.kek_id = kek_datum.id
enc_datum_repo = repositories.get_encrypted_datum_repository()
enc_datum_repo.create_from(enc_datum, session=session)
return enc_datum
def create_encrypted_datum(secret=None, kek_datum=None, session=None):
enc_datum = models.EncryptedDatum()
enc_datum.secret_id = secret.id
enc_datum.kek_id = kek_datum.id
enc_datum_repo = repositories.get_encrypted_datum_repository()
enc_datum_repo.create_from(enc_datum, session=session)
return enc_datum
def _store_secret_and_datum(context, secret_model, kek_datum_model,
generated_dto):
# Create Secret entities in data store.
if not secret_model.id:
repositories.get_secret_repository().create_from(secret_model)
new_assoc = models.ProjectSecret()
new_assoc.project_id = context.project_model.id
new_assoc.secret_id = secret_model.id
new_assoc.role = "admin"
new_assoc.status = models.States.ACTIVE
repositories.get_project_secret_repository().create_from(new_assoc)
# setup and store encrypted datum
datum_model = models.EncryptedDatum(secret_model, kek_datum_model)
datum_model.content_type = context.content_type
datum_model.cypher_text = base64.b64encode(generated_dto.cypher_text)
datum_model.kek_meta_extended = generated_dto.kek_meta_extended
datum_model.secret_id = secret_model.id
repositories.get_encrypted_datum_repository().create_from(datum_model)
def _store_secret_and_datum(
context, secret_model, kek_datum_model, generated_dto):
# Create Secret entities in data store.
if not secret_model.id:
repositories.get_secret_repository().create_from(secret_model)
new_assoc = models.TenantSecret()
new_assoc.tenant_id = context.tenant_model.id
new_assoc.secret_id = secret_model.id
new_assoc.role = "admin"
new_assoc.status = models.States.ACTIVE
repositories.get_tenant_secret_repository().create_from(new_assoc)
# setup and store encrypted datum
datum_model = models.EncryptedDatum(secret_model, kek_datum_model)
datum_model.content_type = context.content_type
datum_model.cypher_text = base64.b64encode(generated_dto.cypher_text)
datum_model.kek_meta_extended = generated_dto.kek_meta_extended
datum_model.secret_id = secret_model.id
repositories.get_encrypted_datum_repository().create_from(
datum_model)
class EncryptedDatum(base.BarbicanObject, base.BarbicanPersistentObject,
object_base.VersionedObjectDictCompat):
fields = {
'content_type': fields.StringField(nullable=True, default=None),
'secret_id': fields.StringField(),
'kek_id': fields.StringField(),
'cypher_text': fields.StringField(nullable=True, default=None),
'kek_meta_extended': fields.StringField(nullable=True, default=None),
'kek_meta_project': fields.ObjectField('KEKDatum',
nullable=True, default=None),
'status': fields.StringField(nullable=True, default=base.States.ACTIVE)
}
db_model = models.EncryptedDatum
db_repo = repo.get_encrypted_datum_repository()
synthetic_fields = ['kek_meta_project']
