def pre_save( self, model_inst, add ):
"""
Encrypt the value with the Observer key
"""
import syndicate.observer.core as syndicatelib
import syndicate.observer.storage.common as observer_storage_common
# get observer private key
config = syndicatelib.get_config()
try:
observer_pkey_path = config.SYNDICATE_OBSERVER_PRIVATE_KEY
observer_pkey_pem = syndicatelib.get_observer_private_key_pem( observer_pkey_path )
except:
raise syndicatelib.SyndicateObserverError( "Internal Syndicate Observer error: failed to load Observer private key" )
slice_secret = getattr(model_inst, self.attname )
if slice_secret is not None:
# encrypt it
sealed_slice_secret = observer_storage_common.encrypt_slice_secret( observer_pkey_pem, slice_secret )
return ObserverSecretValue.serialize( sealed_slice_secret )
else:
raise syndicatelib.SyndicateObserverError( "Internal Syndicate Observer error: No slice secret generated" )
def save(self, *args, **kw):
"""
Make sure a SliceSecret exists for this slice
"""
import syndicate.observer.core as syndicatelib
# get observer private key
config = syndicatelib.get_config()
try:
observer_pkey_path = config.SYNDICATE_OBSERVER_PRIVATE_KEY
observer_pkey_pem = syndicatelib.get_observer_private_key_pem(
observer_pkey_path)
except:
raise syndicatelib.SyndicateObserverError(
"Internal Syndicate Observer error: failed to load Observer private key"
)
# get or create the slice secret
slice_secret = syndicatelib.get_or_create_slice_secret(
observer_pkey_pem, None, slice_fk=self.slice_id)
if slice_secret is None:
raise SyndicateObserverError(
"Failed to get or create slice secret for %s" %
self.slice_id.name)
super(VolumeSlice, self).save(*args, **kw)
def pre_save(self, model_inst, add):
"""
Encrypt the value with the Observer key
"""
import syndicate.observer.core as syndicatelib
import syndicate.observer.storage.common as observer_storage_common
# get observer private key
config = syndicatelib.get_config()
try:
observer_pkey_path = config.SYNDICATE_OBSERVER_PRIVATE_KEY
observer_pkey_pem = syndicatelib.get_observer_private_key_pem(
observer_pkey_path)
except:
raise syndicatelib.SyndicateObserverError(
"Internal Syndicate Observer error: failed to load Observer private key"
)
slice_secret = getattr(model_inst, self.attname)
if slice_secret is not None:
# encrypt it
sealed_slice_secret = observer_storage_common.encrypt_slice_secret(
observer_pkey_pem, slice_secret)
return ObserverSecretValue.serialize(sealed_slice_secret)
else:
raise syndicatelib.SyndicateObserverError(
"Internal Syndicate Observer error: No slice secret generated")
def to_python(self, secret_str):
"""
Decrypt the value with the Observer key
"""
# is this in the clear?
if not ObserverSecretValue.is_encrypted(secret_str):
# nothing to do
return secret_str
# otherwise, decrypt it
import syndicate.observer.core as syndicatelib
import syndicate.observer.storage.common as observer_storage_common
# get observer private key
config = syndicatelib.get_config()
try:
observer_pkey_path = config.SYNDICATE_OBSERVER_PRIVATE_KEY
observer_pkey_pem = syndicatelib.get_observer_private_key_pem(
observer_pkey_path)
except:
raise syndicatelib.SyndicateObserverError(
"Internal Syndicate Observer error: failed to load Observer private key"
)
# deserialize
secret_str = ObserverSecretValue.unserialize(secret_str)
# decrypt
if secret_str is not None and len(secret_str) > 0:
slice_secret = observer_storage_common.decrypt_slice_secret(
observer_pkey_pem, secret_str)
if slice_secret is not None:
return slice_secret
else:
raise syndicatelib.SyndicateObserverError(
"Internal Syndicate Observer error: failed to decrypt slice secret value"
)
else:
return None
def to_python( self, secret_str ):
"""
Decrypt the value with the Observer key
"""
# is this in the clear?
if not ObserverSecretValue.is_encrypted( secret_str ):
# nothing to do
return secret_str
# otherwise, decrypt it
import syndicate.observer.core as syndicatelib
import syndicate.observer.storage.common as observer_storage_common
# get observer private key
config = syndicatelib.get_config()
try:
observer_pkey_path = config.SYNDICATE_OBSERVER_PRIVATE_KEY
observer_pkey_pem = syndicatelib.get_observer_private_key_pem( observer_pkey_path )
except:
raise syndicatelib.SyndicateObserverError( "Internal Syndicate Observer error: failed to load Observer private key" )
# deserialize
secret_str = ObserverSecretValue.unserialize( secret_str )
# decrypt
if secret_str is not None and len(secret_str) > 0:
slice_secret = observer_storage_common.decrypt_slice_secret( observer_pkey_pem, secret_str )
if slice_secret is not None:
return slice_secret
else:
raise syndicatelib.SyndicateObserverError( "Internal Syndicate Observer error: failed to decrypt slice secret value" )
else:
return None
def save(self, *args, **kw):
"""
Make sure a SliceSecret exists for this slice
"""
import syndicate.observer.core as syndicatelib
# get observer private key
config = syndicatelib.get_config()
try:
observer_pkey_path = config.SYNDICATE_OBSERVER_PRIVATE_KEY
observer_pkey_pem = syndicatelib.get_observer_private_key_pem( observer_pkey_path )
except:
raise syndicatelib.SyndicateObserverError( "Internal Syndicate Observer error: failed to load Observer private key" )
# get or create the slice secret
slice_secret = syndicatelib.get_or_create_slice_secret( observer_pkey_pem, None, slice_fk=self.slice_id )
if slice_secret is None:
raise SyndicateObserverError( "Failed to get or create slice secret for %s" % self.slice_id.name )
super(VolumeSlice, self).save(*args, **kw)
config = observer_core.get_config()
try:
observer_secret = observer_core.get_syndicate_observer_secret(config.SYNDICATE_OBSERVER_SECRET)
RG_closure = config.SYNDICATE_RG_CLOSURE
observer_pkey_path = config.SYNDICATE_OBSERVER_PRIVATE_KEY
syndicate_url = config.SYNDICATE_SMI_URL
gateway_name_prefix = config.SYNDICATE_GATEWAY_NAME_PREFIX
except Exception, e:
traceback.print_exc()
logger.error("syndicatelib config is missing one or more of the following: SYNDICATE_OBSERVER_SECRET, SYNDICATE_RG_CLOSURE, SYNDICATE_OBSERVER_PRIVATE_KEY, SYNDICATE_SMI_URL")
raise e
# get secrets...
try:
observer_pkey_pem = observer_core.get_observer_private_key_pem(observer_pkey_path)
assert observer_pkey_pem is not None, "Failed to load Observer private key"
# get/create the slice secret
slice_secret = observer_core.get_or_create_slice_secret(observer_pkey_pem, slice_name)
assert slice_secret is not None, "Failed to get or create slice secret for %s" % slice_name
except Exception, e:
traceback.print_exc()
logger.error("Failed to load secret credentials")
raise e
# make sure there's a slice-controlled Syndicate user account for the slice owner
slice_principal_id = observer_core.make_slice_principal_id(principal_id, slice_name)
try:
observer_secret = observer_core.get_syndicate_observer_secret(
config.SYNDICATE_OBSERVER_SECRET)
RG_closure = config.SYNDICATE_RG_CLOSURE
observer_pkey_path = config.SYNDICATE_OBSERVER_PRIVATE_KEY
syndicate_url = config.SYNDICATE_SMI_URL
gateway_name_prefix = config.SYNDICATE_GATEWAY_NAME_PREFIX
except Exception, e:
traceback.print_exc()
logger.error(
"syndicatelib config is missing one or more of the following: SYNDICATE_OBSERVER_SECRET, SYNDICATE_RG_CLOSURE, SYNDICATE_OBSERVER_PRIVATE_KEY, SYNDICATE_SMI_URL"
)
raise e
# get secrets...
try:
observer_pkey_pem = observer_core.get_observer_private_key_pem(
observer_pkey_path)
assert observer_pkey_pem is not None, "Failed to load Observer private key"
# get/create the slice secret
slice_secret = observer_core.get_or_create_slice_secret(
observer_pkey_pem, slice_name)
assert slice_secret is not None, "Failed to get or create slice secret for %s" % slice_name
except Exception, e:
traceback.print_exc()
logger.error("Failed to load secret credentials")
raise e
# make sure there's a slice-controlled Syndicate user account for the slice owner
slice_principal_id = observer_core.make_slice_principal_id(
principal_id, slice_name)
