def pre_save( self, model_inst, add ): """ Encrypt the value with the Observer key """ import syndicate.observer.core as syndicatelib import syndicate.observer.storage.common as observer_storage_common # get observer private key config = syndicatelib.get_config() try: observer_pkey_path = config.SYNDICATE_OBSERVER_PRIVATE_KEY observer_pkey_pem = syndicatelib.get_observer_private_key_pem( observer_pkey_path ) except: raise syndicatelib.SyndicateObserverError( "Internal Syndicate Observer error: failed to load Observer private key" ) slice_secret = getattr(model_inst, self.attname ) if slice_secret is not None: # encrypt it sealed_slice_secret = observer_storage_common.encrypt_slice_secret( observer_pkey_pem, slice_secret ) return ObserverSecretValue.serialize( sealed_slice_secret ) else: raise syndicatelib.SyndicateObserverError( "Internal Syndicate Observer error: No slice secret generated" )
def save(self, *args, **kw): """ Make sure a SliceSecret exists for this slice """ import syndicate.observer.core as syndicatelib # get observer private key config = syndicatelib.get_config() try: observer_pkey_path = config.SYNDICATE_OBSERVER_PRIVATE_KEY observer_pkey_pem = syndicatelib.get_observer_private_key_pem( observer_pkey_path) except: raise syndicatelib.SyndicateObserverError( "Internal Syndicate Observer error: failed to load Observer private key" ) # get or create the slice secret slice_secret = syndicatelib.get_or_create_slice_secret( observer_pkey_pem, None, slice_fk=self.slice_id) if slice_secret is None: raise SyndicateObserverError( "Failed to get or create slice secret for %s" % self.slice_id.name) super(VolumeSlice, self).save(*args, **kw)
def pre_save(self, model_inst, add): """ Encrypt the value with the Observer key """ import syndicate.observer.core as syndicatelib import syndicate.observer.storage.common as observer_storage_common # get observer private key config = syndicatelib.get_config() try: observer_pkey_path = config.SYNDICATE_OBSERVER_PRIVATE_KEY observer_pkey_pem = syndicatelib.get_observer_private_key_pem( observer_pkey_path) except: raise syndicatelib.SyndicateObserverError( "Internal Syndicate Observer error: failed to load Observer private key" ) slice_secret = getattr(model_inst, self.attname) if slice_secret is not None: # encrypt it sealed_slice_secret = observer_storage_common.encrypt_slice_secret( observer_pkey_pem, slice_secret) return ObserverSecretValue.serialize(sealed_slice_secret) else: raise syndicatelib.SyndicateObserverError( "Internal Syndicate Observer error: No slice secret generated")
def to_python(self, secret_str): """ Decrypt the value with the Observer key """ # is this in the clear? if not ObserverSecretValue.is_encrypted(secret_str): # nothing to do return secret_str # otherwise, decrypt it import syndicate.observer.core as syndicatelib import syndicate.observer.storage.common as observer_storage_common # get observer private key config = syndicatelib.get_config() try: observer_pkey_path = config.SYNDICATE_OBSERVER_PRIVATE_KEY observer_pkey_pem = syndicatelib.get_observer_private_key_pem( observer_pkey_path) except: raise syndicatelib.SyndicateObserverError( "Internal Syndicate Observer error: failed to load Observer private key" ) # deserialize secret_str = ObserverSecretValue.unserialize(secret_str) # decrypt if secret_str is not None and len(secret_str) > 0: slice_secret = observer_storage_common.decrypt_slice_secret( observer_pkey_pem, secret_str) if slice_secret is not None: return slice_secret else: raise syndicatelib.SyndicateObserverError( "Internal Syndicate Observer error: failed to decrypt slice secret value" ) else: return None
def to_python( self, secret_str ): """ Decrypt the value with the Observer key """ # is this in the clear? if not ObserverSecretValue.is_encrypted( secret_str ): # nothing to do return secret_str # otherwise, decrypt it import syndicate.observer.core as syndicatelib import syndicate.observer.storage.common as observer_storage_common # get observer private key config = syndicatelib.get_config() try: observer_pkey_path = config.SYNDICATE_OBSERVER_PRIVATE_KEY observer_pkey_pem = syndicatelib.get_observer_private_key_pem( observer_pkey_path ) except: raise syndicatelib.SyndicateObserverError( "Internal Syndicate Observer error: failed to load Observer private key" ) # deserialize secret_str = ObserverSecretValue.unserialize( secret_str ) # decrypt if secret_str is not None and len(secret_str) > 0: slice_secret = observer_storage_common.decrypt_slice_secret( observer_pkey_pem, secret_str ) if slice_secret is not None: return slice_secret else: raise syndicatelib.SyndicateObserverError( "Internal Syndicate Observer error: failed to decrypt slice secret value" ) else: return None
def save(self, *args, **kw): """ Make sure a SliceSecret exists for this slice """ import syndicate.observer.core as syndicatelib # get observer private key config = syndicatelib.get_config() try: observer_pkey_path = config.SYNDICATE_OBSERVER_PRIVATE_KEY observer_pkey_pem = syndicatelib.get_observer_private_key_pem( observer_pkey_path ) except: raise syndicatelib.SyndicateObserverError( "Internal Syndicate Observer error: failed to load Observer private key" ) # get or create the slice secret slice_secret = syndicatelib.get_or_create_slice_secret( observer_pkey_pem, None, slice_fk=self.slice_id ) if slice_secret is None: raise SyndicateObserverError( "Failed to get or create slice secret for %s" % self.slice_id.name ) super(VolumeSlice, self).save(*args, **kw)
config = observer_core.get_config() try: observer_secret = observer_core.get_syndicate_observer_secret(config.SYNDICATE_OBSERVER_SECRET) RG_closure = config.SYNDICATE_RG_CLOSURE observer_pkey_path = config.SYNDICATE_OBSERVER_PRIVATE_KEY syndicate_url = config.SYNDICATE_SMI_URL gateway_name_prefix = config.SYNDICATE_GATEWAY_NAME_PREFIX except Exception, e: traceback.print_exc() logger.error("syndicatelib config is missing one or more of the following: SYNDICATE_OBSERVER_SECRET, SYNDICATE_RG_CLOSURE, SYNDICATE_OBSERVER_PRIVATE_KEY, SYNDICATE_SMI_URL") raise e # get secrets... try: observer_pkey_pem = observer_core.get_observer_private_key_pem(observer_pkey_path) assert observer_pkey_pem is not None, "Failed to load Observer private key" # get/create the slice secret slice_secret = observer_core.get_or_create_slice_secret(observer_pkey_pem, slice_name) assert slice_secret is not None, "Failed to get or create slice secret for %s" % slice_name except Exception, e: traceback.print_exc() logger.error("Failed to load secret credentials") raise e # make sure there's a slice-controlled Syndicate user account for the slice owner slice_principal_id = observer_core.make_slice_principal_id(principal_id, slice_name) try:
observer_secret = observer_core.get_syndicate_observer_secret( config.SYNDICATE_OBSERVER_SECRET) RG_closure = config.SYNDICATE_RG_CLOSURE observer_pkey_path = config.SYNDICATE_OBSERVER_PRIVATE_KEY syndicate_url = config.SYNDICATE_SMI_URL gateway_name_prefix = config.SYNDICATE_GATEWAY_NAME_PREFIX except Exception, e: traceback.print_exc() logger.error( "syndicatelib config is missing one or more of the following: SYNDICATE_OBSERVER_SECRET, SYNDICATE_RG_CLOSURE, SYNDICATE_OBSERVER_PRIVATE_KEY, SYNDICATE_SMI_URL" ) raise e # get secrets... try: observer_pkey_pem = observer_core.get_observer_private_key_pem( observer_pkey_path) assert observer_pkey_pem is not None, "Failed to load Observer private key" # get/create the slice secret slice_secret = observer_core.get_or_create_slice_secret( observer_pkey_pem, slice_name) assert slice_secret is not None, "Failed to get or create slice secret for %s" % slice_name except Exception, e: traceback.print_exc() logger.error("Failed to load secret credentials") raise e # make sure there's a slice-controlled Syndicate user account for the slice owner slice_principal_id = observer_core.make_slice_principal_id( principal_id, slice_name)