This was not compatible with python3 due to encoding issues of the input
and the out. Ensure we pass the input plaintext as bytes to the
encryption routine and use the base64 module to convert the output to
base64.
Change-Id: Ie8b3a8e5c93544e448016829c1071240b68e8957
Rightly the system in use is RSAES-OAEP, part of the PKCS#1 standard.
"PKCS#1" is not enough information to communicate to someone the
encryption scheme in use. Refer to the scheme Zuul uses as "PKCS#1-OAEP"
or "pkcs1-oaep" to clarify.
Change-Id: I74dcde6fa3756354ce65233c64c6189d1b241e90
Create an interface to the cryptography library so that internally
Zuul uses simple facade methods. Unit test that interface, and
that it is compatible with OpenSSL.
Change-Id: I57da1081c8d43b0b44af5967d075908459c91687
This adds secrets as a top-level config object, including a new
custom YAML tag to indicate encrypted data.
It also adds a script which encrypts data for use in tests.
Change-Id: I92a6bc048874f8aa4ebe0dd27180b253bede7370