commit ccf9416b74a5409c59ad2a3e921fc07f729dd145
Author: Andy Ning <email address hidden>
Date: Tue May 24 12:15:06 2022 -0400
Added patch to store barbican data in ascii format in DB
Currently Barbican stores base64 encoded secret data (plugin_meta
and cypher_text) as hex bytes in database. But when these data
is retrieved from database for base64 decoding, it is not
converted back to ascii format, causing the decoding failed with
error:
binascii.Error: Invalid base64-encoded string: number of data
characters (273) cannot be 1 more than a multiple of 4.
This commit added a patch to Barbican to store these data in ascii
format in the database so they can be decoded when retrieved.
Test Plan for Debian:
PASS: trigger mtcAgent to store a password secret in Barbican by
system host-update controller-0 bm_type=dynamic bm_ip=<bm IP> bm_username=root bm_password=root.
PASS: retrieve the secret with "--payload" option by
openstack secret get <secret URL> --payload.
PASS: AIO-SX deployment and unlock.
Closes-Bug: 1975611
Signed-off-by: Andy Ning <email address hidden>
Change-Id: I1c2fa112caa8700b1c21130aec041fd7d2a52a19
Reviewed: https:/ /review. opendev. org/c/starlingx /upstream/ +/843180 /opendev. org/starlingx/ upstream/ commit/ ccf9416b74a5409 c59ad2a3e921fc0 7f729dd145
Committed: https:/
Submitter: "Zuul (22348)"
Branch: master
commit ccf9416b74a5409 c59ad2a3e921fc0 7f729dd145
Author: Andy Ning <email address hidden>
Date: Tue May 24 12:15:06 2022 -0400
Added patch to store barbican data in ascii format in DB
Currently Barbican stores base64 encoded secret data (plugin_meta
and cypher_text) as hex bytes in database. But when these data
is retrieved from database for base64 decoding, it is not
converted back to ascii format, causing the decoding failed with
error:
binascii.Error: Invalid base64-encoded string: number of data
characters (273) cannot be 1 more than a multiple of 4.
This commit added a patch to Barbican to store these data in ascii
format in the database so they can be decoded when retrieved.
Test Plan for Debian:
bm_username= root bm_password=root.
PASS: trigger mtcAgent to store a password secret in Barbican by
system host-update controller-0 bm_type=dynamic bm_ip=<bm IP>
PASS: retrieve the secret with "--payload" option by
openstack secret get <secret URL> --payload.
PASS: AIO-SX deployment and unlock.
Closes-Bug: 1975611 0b1c21130aec041 fd7d2a52a19
Signed-off-by: Andy Ning <email address hidden>
Change-Id: I1c2fa112caa870