util: Remove use of virCryptoHaveCipher(VIR_CRYPTO_CIPHER_AES256CBC)

It always returns true. Make the logic a bit simpler to see through. This completely removes 'virCryptoHaveCipher' as it's pointless in the current form. Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
2024-12-22 05:35:25 +00:00 · 2021-09-21 17:33:52 +02:00 · 2021-09-21 17:33:52 +02:00 · acfce77201
commit acfce77201
parent c066cb6dc1
6 changed files with 1 additions and 43 deletions
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@ -2092,7 +2092,6 @@ virConfWriteMem;
 virCryptoEncryptData;
 virCryptoHashBuf;
 virCryptoHashString;
-virCryptoHaveCipher;


 # util/virdaemon.h
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@ -1253,8 +1253,7 @@ qemuDomainSecretAESSetupFromSecret(qemuDomainObjPrivate *priv,
 bool
 qemuDomainSupportsEncryptedSecret(qemuDomainObjPrivate *priv)
 {
-    return virCryptoHaveCipher(VIR_CRYPTO_CIPHER_AES256CBC) &&
-           virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_OBJECT_SECRET) &&
+    return virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_OBJECT_SECRET) &&
           priv->masterKey;
 }

--- a/src/storage/storage_util.c
+++ b/src/storage/storage_util.c
@ -839,12 +839,6 @@ storageBackendCreateQemuImgCheckEncryption(int format,
                           _("no secret provided for luks encryption"));
            return -1;
        }
-        if (!virCryptoHaveCipher(VIR_CRYPTO_CIPHER_AES256CBC)) {
-            virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
-                           _("luks encryption usage requires encrypted "
-                             "secret generation to be supported"));
-            return -1;
-        }
    } else {
        virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
                       _("volume encryption unsupported with format %s"), type);
--- a/src/util/vircrypto.c
+++ b/src/util/vircrypto.c
@ -100,33 +100,6 @@ virCryptoHashString(virCryptoHash hash,
 }


-/* virCryptoHaveCipher:
- * @algorithm: Specific cipher algorithm desired
- *
- * Expected to be called prior to virCryptoEncryptData in order
- * to determine whether the requested encryption option is available,
- * so that "other" alternatives can be taken if the algorithm is
- * not available.
- *
- * Returns true if we can support the encryption.
- */
-bool
-virCryptoHaveCipher(virCryptoCipher algorithm)
-{
-    switch (algorithm) {
-
-    case VIR_CRYPTO_CIPHER_AES256CBC:
-        return true;
-
-    case VIR_CRYPTO_CIPHER_NONE:
-    case VIR_CRYPTO_CIPHER_LAST:
-        break;
-    };
-
-    return false;
-}
-
-
 /* virCryptoEncryptDataAESgntuls:
 *
 * Performs the AES gnutls encryption
--- a/src/util/vircrypto.h
+++ b/src/util/vircrypto.h
@ -54,8 +54,6 @@ virCryptoHashString(virCryptoHash hash,
    ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3)
    G_GNUC_WARN_UNUSED_RESULT;

-bool virCryptoHaveCipher(virCryptoCipher algorithm);
-
 int virCryptoEncryptData(virCryptoCipher algorithm,
                         uint8_t *enckey, size_t enckeylen,
                         uint8_t *iv, size_t ivlen,
--- a/tests/vircryptotest.c
+++ b/tests/vircryptotest.c
@ -73,11 +73,6 @@ testCryptoEncrypt(const void *opaque)
    g_autofree uint8_t *ciphertext = NULL;
    size_t ciphertextlen = 0;

-    if (!virCryptoHaveCipher(data->algorithm)) {
-        fprintf(stderr, "cipher algorithm=%d unavailable\n", data->algorithm);
-        return EXIT_AM_SKIP;
-    }
-
    enckey = g_new0(uint8_t, enckeylen);
    iv = g_new0(uint8_t, ivlen);