def create_datakey(encryption_context): ''' Create a datakey from KMS. ''' # Disabled encryption is dangerous, so we don't use falsiness here. if app.config['USE_ENCRYPTION'] is False: logging.warning('Creating a mock datakey in keymanager.create_datakey.' ' If you are not running in a development or test' ' environment, this should not be happening!') return cryptolib.create_mock_datakey() # underlying lib does generate random and encrypt, so increment by 2 stats.incr('at_rest_action', 2) return cryptolib.create_datakey( encryption_context, 'alias/{0}'.format(app.config.get('KMS_MASTER_KEY')))
def create_datakey(encryption_context): ''' Create a datakey from KMS. ''' # Disabled encryption is dangerous, so we don't use falsiness here. if app.config['USE_ENCRYPTION'] is False: logging.warning('Creating a mock datakey in keymanager.create_datakey.' ' If you are not running in a development or test' ' environment, this should not be happening!') return cryptolib.create_mock_datakey() # underlying lib does generate random and encrypt, so increment by 2 stats.incr('at_rest_action', 2) return cryptolib.create_datakey( encryption_context, 'alias/{0}'.format(app.config.get('KMS_MASTER_KEY')) )
def create_datakey(encryption_context): ''' Create a datakey from KMS. ''' at_rest_kms_client = _get_at_rest_kms_client() # Disabled encryption is dangerous, so we don't use falsiness here. if settings.USE_ENCRYPTION is False: logger.warning( 'Creating a mock datakey in keymanager.create_datakey. If you are' ' not running in a development or test environment, this should not' ' be happening!') return cryptolib.create_mock_datakey() # underlying lib does generate random and encrypt, so increment by 2 stats.incr('at_rest_action', 2) return cryptolib.create_datakey(encryption_context, settings.KMS_MASTER_KEY, client=at_rest_kms_client)