def get_plugin_store(self, key_spec, plugin_name=None,
transport_key_needed=False):
"""Gets a secret store plugin.
:param: plugin_name: set to plugin_name to get specific plugin
:param: key_spec: KeySpec of key that will be stored
:param: transport_key_needed: set to True if a transport
key is required.
:returns: SecretStoreBase plugin implementation
"""
active_plugins = plugin_utils.get_active_plugins(self)
if plugin_name is not None:
for plugin in active_plugins:
if utils.generate_fullname_for(plugin) == plugin_name:
return plugin
raise SecretStorePluginNotFound(plugin_name)
if not transport_key_needed:
for plugin in active_plugins:
if plugin.store_secret_supports(key_spec):
return plugin
else:
for plugin in active_plugins:
if (plugin.get_transport_key() is not None and
plugin.store_secret_supports(key_spec)):
return plugin
raise SecretStoreSupportedPluginNotFound()
def get_plugin_store(self,
key_spec,
plugin_name=None,
transport_key_needed=False):
"""Gets a secret store plugin.
:param: plugin_name: set to plugin_name to get specific plugin
:param: key_spec: KeySpec of key that will be stored
:param: transport_key_needed: set to True if a transport
key is required.
:returns: SecretStoreBase plugin implementation
"""
active_plugins = plugin_utils.get_active_plugins(self)
if plugin_name is not None:
for plugin in active_plugins:
if utils.generate_fullname_for(plugin) == plugin_name:
return plugin
raise SecretStorePluginNotFound(plugin_name)
if not transport_key_needed:
for plugin in active_plugins:
if plugin.store_secret_supports(key_spec):
return plugin
else:
for plugin in active_plugins:
if (plugin.get_transport_key() is not None
and plugin.store_secret_supports(key_spec)):
return plugin
raise SecretStoreSupportedPluginNotFound()
def _invoke_certificate_plugins(self, method, *args, **kwargs):
"""Invoke same function on plugins as calling function."""
active_plugins = plugin_utils.get_active_plugins(self)
if not active_plugins:
raise CertificateEventPluginNotFound()
for plugin in active_plugins:
getattr(plugin, method)(*args, **kwargs)
def _invoke_certificate_plugins(self, method, *args, **kwargs):
"""Invoke same function on plugins as calling function."""
active_plugins = plugin_utils.get_active_plugins(self)
if not active_plugins:
raise CertificateEventPluginNotFound()
for plugin in active_plugins:
getattr(plugin, method)(*args, **kwargs)
def get_plugin_by_name(self, plugin_name):
"""Gets a supporting certificate event plugin.
:returns: CertificateEventPluginBase plugin implementation
"""
for plugin in plugin_utils.get_active_plugins(self):
if utils.generate_fullname_for(plugin) == plugin_name:
return plugin
raise CertificateEventPluginNotFound(plugin_name)
def get_plugin_by_name(self, plugin_name):
"""Gets a supporting certificate event plugin.
:returns: CertificateEventPluginBase plugin implementation
"""
for plugin in plugin_utils.get_active_plugins(self):
if utils.generate_fullname_for(plugin) == plugin_name:
return plugin
raise CertificateEventPluginNotFound(plugin_name)
def refresh_ca_table(self):
"""Refreshes the CertificateAuthority table."""
for plugin in plugin_utils.get_active_plugins(self):
plugin_name = utils.generate_fullname_for(plugin)
cas, offset, limit, total = self.ca_repo.get_by_create_date(
plugin_name=plugin_name, suppress_exception=True)
if total < 1:
# if no entries are found, then the plugin has not yet been
# queried or that plugin's entries have expired.
# Most of the time, this will be a no-op for plugins.
self.update_ca_info(plugin)
def get_plugin_generate(self, key_spec):
"""Gets a secret generate plugin.
:param key_spec: KeySpec that contains details on the type of key to
generate
:returns: SecretStoreBase plugin implementation
"""
for plugin in plugin_utils.get_active_plugins(self):
if plugin.generate_supports(key_spec):
return plugin
raise SecretStoreSupportedPluginNotFound()
def refresh_ca_table(self):
"""Refreshes the CertificateAuthority table."""
for plugin in plugin_utils.get_active_plugins(self):
plugin_name = utils.generate_fullname_for(plugin)
cas, offset, limit, total = self.ca_repo.get_by_create_date(
plugin_name=plugin_name,
suppress_exception=True)
if total < 1:
# if no entries are found, then the plugin has not yet been
# queried or that plugin's entries have expired.
# Most of the time, this will be a no-op for plugins.
self.update_ca_info(plugin)
def get_plugin_generate(self, key_spec):
"""Gets a secret generate plugin.
:param key_spec: KeySpec that contains details on the type of key to
generate
:returns: SecretStoreBase plugin implementation
"""
for plugin in plugin_utils.get_active_plugins(self):
if plugin.generate_supports(key_spec):
return plugin
raise SecretStoreSupportedPluginNotFound()
def get_plugin(self, certificate_spec):
"""Gets a supporting certificate plugin.
:param certificate_spec: Contains details on the certificate to
generate the certificate order
:returns: CertificatePluginBase plugin implementation
"""
request_type = certificate_spec.get(
REQUEST_TYPE, CertificateRequestType.CUSTOM_REQUEST)
for plugin in plugin_utils.get_active_plugins(self):
supported_request_types = plugin.supported_request_types()
if request_type not in supported_request_types:
continue
if plugin.supports(certificate_spec):
return plugin
raise CertificatePluginNotFound()
def get_plugin_retrieve_delete(self, plugin_name):
"""Gets a secret retrieve/delete plugin.
If this function is being called, it is because we are trying to
retrieve or delete an already stored secret. Thus, the plugin name is
actually gotten from the plugin metadata that has already been stored
in the database. So, in this case, if this plugin is not available,
this might be due to a server misconfiguration.
:returns: SecretStoreBase plugin implementation
:raises: StorePluginNotAvailableOrMisconfigured: If the plugin wasn't
found it's because the plugin parameters were not properly
configured on the database side.
"""
for plugin in plugin_utils.get_active_plugins(self):
if utils.generate_fullname_for(plugin) == plugin_name:
return plugin
raise StorePluginNotAvailableOrMisconfigured(plugin_name)
def get_plugin_store_generate(self, type_needed, algorithm=None, bit_length=None, mode=None):
"""Gets a secret store or generate plugin that supports provided type.
:param type_needed: PluginSupportTypes that contains details on the
type of plugin required
:returns: CryptoPluginBase plugin implementation
"""
active_plugins = plugin_utils.get_active_plugins(self)
if len(active_plugins) < 1:
raise crypto.CryptoPluginNotFound()
for generating_plugin in active_plugins:
if generating_plugin.supports(type_needed, algorithm, bit_length, mode):
break
else:
raise secret_store.SecretStorePluginNotFound()
return generating_plugin
def get_plugin_retrieve_delete(self, plugin_name):
"""Gets a secret retrieve/delete plugin.
If this function is being called, it is because we are trying to
retrieve or delete an already stored secret. Thus, the plugin name is
actually gotten from the plugin metadata that has already been stored
in the database. So, in this case, if this plugin is not available,
this might be due to a server misconfiguration.
:returns: SecretStoreBase plugin implementation
:raises: StorePluginNotAvailableOrMisconfigured: If the plugin wasn't
found it's because the plugin parameters were not properly
configured on the database side.
"""
for plugin in plugin_utils.get_active_plugins(self):
if utils.generate_fullname_for(plugin) == plugin_name:
return plugin
raise StorePluginNotAvailableOrMisconfigured(plugin_name)
def get_plugin_retrieve(self, plugin_name_for_store):
"""Gets a secret retrieve plugin that supports the provided type.
:param type_needed: PluginSupportTypes that contains details on the
type of plugin required
:returns: CryptoPluginBase plugin implementation
"""
active_plugins = plugin_utils.get_active_plugins(self)
if not active_plugins:
raise crypto.CryptoPluginNotFound()
for decrypting_plugin in active_plugins:
plugin_name = utils.generate_fullname_for(decrypting_plugin)
if plugin_name == plugin_name_for_store:
break
else:
raise secret_store.SecretStorePluginNotFound()
return decrypting_plugin
def get_plugin_retrieve(self, plugin_name_for_store):
"""Gets a secret retrieve plugin that supports the provided type.
:param type_needed: PluginSupportTypes that contains details on the
type of plugin required
:returns: CryptoPluginBase plugin implementation
"""
active_plugins = plugin_utils.get_active_plugins(self)
if len(active_plugins) < 1:
raise crypto.CryptoPluginNotFound()
for decrypting_plugin in active_plugins:
plugin_name = utils.generate_fullname_for(decrypting_plugin)
if plugin_name == plugin_name_for_store:
break
else:
raise secret_store.SecretStorePluginNotFound()
return decrypting_plugin
def get_plugin(self, certificate_spec):
"""Gets a supporting certificate plugin.
:param certificate_spec: Contains details on the certificate to
generate the certificate order
:returns: CertificatePluginBase plugin implementation
"""
request_type = certificate_spec.get(
REQUEST_TYPE,
CertificateRequestType.CUSTOM_REQUEST)
for plugin in plugin_utils.get_active_plugins(self):
supported_request_types = plugin.supported_request_types()
if request_type not in supported_request_types:
continue
if plugin.supports(certificate_spec):
return plugin
raise CertificatePluginNotFound()
def get_plugin_retrieve(self, plugin_name_for_store):
"""Gets a secret retrieve plugin that supports the provided type.
:param type_needed: PluginSupportTypes that contains details on the
type of plugin required
:returns: CryptoPluginBase plugin implementation
"""
active_plugins = plugin_utils.get_active_plugins(self)
if not active_plugins:
raise base.CryptoPluginNotFound()
for decrypting_plugin in active_plugins:
plugin_name = utils.generate_fullname_for(decrypting_plugin)
if plugin_name == plugin_name_for_store:
break
else:
operation = (u._("retrieve a secret from plugin: {plugin}")
.format(plugin=plugin_name_for_store))
raise base.CryptoPluginUnsupportedOperation(operation=operation)
return decrypting_plugin
def get_plugin_retrieve(self, plugin_name_for_store):
"""Gets a secret retrieve plugin that supports the provided type.
:param type_needed: PluginSupportTypes that contains details on the
type of plugin required
:returns: CryptoPluginBase plugin implementation
"""
active_plugins = plugin_utils.get_active_plugins(self)
if not active_plugins:
raise base.CryptoPluginNotFound()
for decrypting_plugin in active_plugins:
plugin_name = utils.generate_fullname_for(decrypting_plugin)
if plugin_name == plugin_name_for_store:
break
else:
operation = (u._("retrieve a secret from plugin: {plugin}")
.format(plugin=plugin_name_for_store))
raise base.CryptoPluginUnsupportedOperation(operation=operation)
return decrypting_plugin
def get_plugin_store_generate(self,
type_needed,
algorithm=None,
bit_length=None,
mode=None):
"""Gets a secret store or generate plugin that supports provided type.
:param type_needed: PluginSupportTypes that contains details on the
type of plugin required
:returns: CryptoPluginBase plugin implementation
"""
active_plugins = plugin_utils.get_active_plugins(self)
if not active_plugins:
raise crypto.CryptoPluginNotFound()
for generating_plugin in active_plugins:
if generating_plugin.supports(type_needed, algorithm, bit_length,
mode):
break
else:
raise secret_store.SecretStorePluginNotFound()
return generating_plugin
