[PATCH 01/12] util: Remove use of virCryptoHaveCipher(VIR_CRYPTO_CIPHER_AES256CBC)
Peter Krempa
pkrempa at redhat.com
Wed Sep 22 11:35:20 UTC 2021
It always returns true. Make the logic a bit simpler to see through.
This completely removes 'virCryptoHaveCipher' as it's pointless in the
current form.
Signed-off-by: Peter Krempa <pkrempa at redhat.com>
---
src/libvirt_private.syms | 1 -
src/qemu/qemu_domain.c | 3 +--
src/storage/storage_util.c | 6 ------
src/util/vircrypto.c | 27 ---------------------------
src/util/vircrypto.h | 2 --
tests/vircryptotest.c | 5 -----
6 files changed, 1 insertion(+), 43 deletions(-)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 25ee21463c..5e11eb1b5c 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -2092,7 +2092,6 @@ virConfWriteMem;
virCryptoEncryptData;
virCryptoHashBuf;
virCryptoHashString;
-virCryptoHaveCipher;
# util/virdaemon.h
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 5de7461fb3..0774374784 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -1253,8 +1253,7 @@ qemuDomainSecretAESSetupFromSecret(qemuDomainObjPrivate *priv,
bool
qemuDomainSupportsEncryptedSecret(qemuDomainObjPrivate *priv)
{
- return virCryptoHaveCipher(VIR_CRYPTO_CIPHER_AES256CBC) &&
- virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_OBJECT_SECRET) &&
+ return virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_OBJECT_SECRET) &&
priv->masterKey;
}
diff --git a/src/storage/storage_util.c b/src/storage/storage_util.c
index 53792765ff..ce61f37172 100644
--- a/src/storage/storage_util.c
+++ b/src/storage/storage_util.c
@@ -839,12 +839,6 @@ storageBackendCreateQemuImgCheckEncryption(int format,
_("no secret provided for luks encryption"));
return -1;
}
- if (!virCryptoHaveCipher(VIR_CRYPTO_CIPHER_AES256CBC)) {
- virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
- _("luks encryption usage requires encrypted "
- "secret generation to be supported"));
- return -1;
- }
} else {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("volume encryption unsupported with format %s"), type);
diff --git a/src/util/vircrypto.c b/src/util/vircrypto.c
index 78689721c3..23692d22fb 100644
--- a/src/util/vircrypto.c
+++ b/src/util/vircrypto.c
@@ -100,33 +100,6 @@ virCryptoHashString(virCryptoHash hash,
}
-/* virCryptoHaveCipher:
- * @algorithm: Specific cipher algorithm desired
- *
- * Expected to be called prior to virCryptoEncryptData in order
- * to determine whether the requested encryption option is available,
- * so that "other" alternatives can be taken if the algorithm is
- * not available.
- *
- * Returns true if we can support the encryption.
- */
-bool
-virCryptoHaveCipher(virCryptoCipher algorithm)
-{
- switch (algorithm) {
-
- case VIR_CRYPTO_CIPHER_AES256CBC:
- return true;
-
- case VIR_CRYPTO_CIPHER_NONE:
- case VIR_CRYPTO_CIPHER_LAST:
- break;
- };
-
- return false;
-}
-
-
/* virCryptoEncryptDataAESgntuls:
*
* Performs the AES gnutls encryption
diff --git a/src/util/vircrypto.h b/src/util/vircrypto.h
index bf002d42d5..5f079ac335 100644
--- a/src/util/vircrypto.h
+++ b/src/util/vircrypto.h
@@ -54,8 +54,6 @@ virCryptoHashString(virCryptoHash hash,
ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3)
G_GNUC_WARN_UNUSED_RESULT;
-bool virCryptoHaveCipher(virCryptoCipher algorithm);
-
int virCryptoEncryptData(virCryptoCipher algorithm,
uint8_t *enckey, size_t enckeylen,
uint8_t *iv, size_t ivlen,
diff --git a/tests/vircryptotest.c b/tests/vircryptotest.c
index 98af476156..9fbaf2f636 100644
--- a/tests/vircryptotest.c
+++ b/tests/vircryptotest.c
@@ -73,11 +73,6 @@ testCryptoEncrypt(const void *opaque)
g_autofree uint8_t *ciphertext = NULL;
size_t ciphertextlen = 0;
- if (!virCryptoHaveCipher(data->algorithm)) {
- fprintf(stderr, "cipher algorithm=%d unavailable\n", data->algorithm);
- return EXIT_AM_SKIP;
- }
-
enckey = g_new0(uint8_t, enckeylen);
iv = g_new0(uint8_t, ivlen);
--
2.31.1
More information about the libvir-list
mailing list