Comment 0 for bug 1620860

As part of bug fix for https://bugs.launchpad.net/barbican/+bug/1561701, related review (https://review.openstack.org/#/c/299108/) has broken kmip plugin payload read functionality.

The issue is related to line # 157 in https://review.openstack.org/#/c/299108/3/barbican/api/controllers/secrets.py . Here change is looking for 'encrypted_data' (relationship to encrypted_data table) from secrets to check if there is encrypted key material defined for given secret id. This works for db and pkcs11 backend as those plugins store encrypted key material in database whereas kmip plugin stores key material in kmip device and NOT in db. So it fails only for kmip device and its merged upstream as there is no voting gate to check against kmip device.

arun@arun-hp-z620-ws:~/myFolder/myWork/hp_gerrit/barbican$ curl -X GET -H 'X-Auth-Token:b24025f6678845aea89d60f4f39e746a' http://localhost:9311/v1/secrets/54150f4c-a0cf-4612-9b0e-84217505fcc1/payload
{"code": 404, "description": "Not Found. Sorry but your secret has no payload.", "title": "Not Found"}

Now when I comment related change in secrets controller, it works fine.

arun@arun-hp-z620-ws:~/myFolder/myWork/hp_gerrit/barbican$ curl -X GET -H 'X-Auth-Token:b24025f6678845aea89d60f4f39e746a' http://localhost:9311/v1/secrets/54150f4c-a0cf-4612-9b0e-84217505fcc1/payload
��o�R�Ќ;��޿)}��`�`#q� Ba