secrets not in base64 for secret stores

Bug #1423941 reported by Nathan Reller
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Barbican
Fix Released
Medium
Nathan Reller

Bug Description

The SecretStore interface states that secrets shall be passed to it with a base64 encoding of the bytes. This is stated in the SecretDTO object. The barbican.plugin.util.translations module normalizes the data in Barbican Core before it is transferred to the SecretStore using the SecretDTO. The translation module is currently not doing this.

For text data it is encoding it to utf-8. Binary data is sent as bytes. The expected behavior is to base64 encode the bytes for both cases.

Changed in barbican:
assignee: nobody → Nathan Reller (rellerreller)
status: New → In Progress
Changed in barbican:
importance: Undecided → Medium
milestone: none → kilo-3
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to barbican (master)

Reviewed: https://review.openstack.org/157410
Committed: https://git.openstack.org/cgit/openstack/barbican/commit/?id=961ecbe06ff15825b8f7b228f3b8936b018421d3
Submitter: Jenkins
Branch: master

commit 961ecbe06ff15825b8f7b228f3b8936b018421d3
Author: Nathan Reller <email address hidden>
Date: Wed Feb 18 21:10:42 2015 -0500

    Fixed Binary Encoding to Secret Stores

    The SecretDTO should encapsulate the secret as a Base64 string. The
    translations module was decoding Base64 secrets before inserting them
    into the SecretDTO that was later passed to the SecretStores, and it
    was not encoding plain text into Base64 as well. This code fixes that.

    Closes-Bug: #1423941
    Change-Id: I3f2f86a0bf93b44b12b0c23f53fb617d9b73043f
    Co-authored-by: Kaitlin Farr <email address hidden>
    Related: blueprint content-types

Changed in barbican:
status: In Progress → Fix Committed
Thierry Carrez (ttx)
Changed in barbican:
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in barbican:
milestone: kilo-3 → 2015.1.0
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.