cinder.keymgr.conf_key_mgr module

An implementation of a key manager that reads its key from the project’s configuration options.

This key manager implementation provides limited security, assuming that the key remains secret. Using the volume encryption feature as an example, encryption provides protection against a lost or stolen disk, assuming that the configuration file that contains the key is not stored on the disk. Encryption also protects the confidentiality of data as it is transmitted via iSCSI from the compute host to the storage host (again assuming that an attacker who intercepts the data does not know the secret key).

Because this implementation uses a single, fixed key, it proffers no protection once that key is compromised. In particular, different volumes encrypted with a key provided by this key manager actually share the same encryption key so any volume can be decrypted once the fixed key is known.

class ConfKeyManager(configuration)

Bases: KeyManager

Key Manager that supports one key defined by the fixed_key conf option.

This key manager implementation supports all the methods specified by the key manager interface. This implementation creates a single key in response to all invocations of create_key. Side effects (e.g., raising exceptions) for each method are handled as specified by the key manager interface.

add_consumer(context, managed_object_id, consumer_data)

Add a consumer to a managed object.

Implementations should verify that the caller has permission to add a consumer to the managed object by checking the context object (context). A NotAuthorized exception should be raised if the caller lacks permission.

If the specified object does not exist, then a KeyError should be raised. Implementations should preclude users from discerning the UUIDs of objects that belong to other users by repeatedly calling this method. That is, objects that belong to other users should be considered “non-existent” and completely invisible.

create_key(context, **kwargs)

Creates a symmetric key.

This implementation returns a UUID for the key read from the configuration file. A NotAuthorized exception is raised if the specified context is None.

create_key_pair(context, **kwargs)

Creates an asymmetric key pair.

This method creates an asymmetric key pair and returns the pair of key UUIDs. If the specified context does not permit the creation of keys, then a NotAuthorized exception should be raised. The order of the UUIDs will be (private, public).

delete(context, managed_object_id)

Represents deleting the key.

Because the ConfKeyManager has only one key, which is read from the configuration file, the key is not actually deleted when this is called.

get(context, managed_object_id)

Retrieves the key identified by the specified id.

This implementation returns the key that is associated with the specified UUID. A NotAuthorized exception is raised if the specified context is None; a KeyError is raised if the UUID is invalid.

list(context, object_type=None, metadata_only=False)

Retrieves a list of managed objects that match the criteria.

Note: Required abstract method starting with Castellan 0.13.0

Parameters:
  • context – Contains information of the user and the environment for the request.

  • object_type – The type of object to retrieve.

  • metadata_only – Whether secret data should be included.

Raises:

NotAuthorized – If no user context.

remove_consumer(context, managed_object_id, consumer_data)

Remove a consumer from a managed object.

Implementations should verify that the caller has permission to remove a consumer to the managed object by checking the context object (context). A NotAuthorized exception should be raised if the caller lacks permission.

If the specified object does not exist, then a KeyError should be raised. Implementations should preclude users from discerning the UUIDs of objects that belong to other users by repeatedly calling this method. That is, objects that belong to other users should be considered “non-existent” and completely invisible.

store(context, managed_object, **kwargs)

Stores (i.e., registers) a key with the key manager.

warning_logged = False