Update Crypto Plugin Interface

As discussed during the Keystone hackathon in January, the plugin interface for Barbican needs to be modified to support a DogTag plugin. This change requires the "create" method to be removed from the plugin abstract base class. The method will be replaced with a "generate" method with a return signature that matches the "encrypt" method.

The plugin manager will change so that "generate_data_encryption_key" only calls the new "generate" method in the plugin instead of calling both "create" and "encrypt".

This allows a plugin to handle secret creation and encryption in one step. From Barbican's point of view, plugin encryption and plugin generation both produce an encrypted blob that will later be given back to the plugin for decryption. Barbican does not require that the encrypted blob actually contain the secret. The only requirement is that the plugin's decrypt method is able to produce the secret when given the encrypted blob.

For the DogTag plugin, this "encrypted blob" would be the dogtag URI to the secret. Barbican doesn't care that the blob isn't really a secret. All that matters is that the DogTag plugin is able to produce the secret when the URI is given to the decrypt method.

barbican.common.resources.create_secret() needs to be updated so that the Secret UUID is available for the Plugin during both encrypt() and generate(). This may require persisting the
Secret object to the DB before calling the plugin and adding some try/except logic to cleanup the Secret object in the event of a plugin exception.