util: Remove use of virCryptoHaveCipher(VIR_CRYPTO_CIPHER_AES256CBC)

It always returns true. Make the logic a bit simpler to see through.

This completely removes 'virCryptoHaveCipher' as it's pointless in the
current form.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>

diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 25ee21463c61b55909327fc3c71bc4fade26022e..5e11eb1b5c9650e8c5e12c9bd972d5558e62f0dd 100644 (file)
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -2092,7 +2092,6 @@ virConfWriteMem;
 virCryptoEncryptData;
 virCryptoHashBuf;
 virCryptoHashString;
-virCryptoHaveCipher;
 
 
 # util/virdaemon.h

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 5de7461fb34fc334956a21069b4c651bc65320b2..0774374784c0dd0850da9f8a7eaa7d32eadbeade 100644 (file)
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -1253,8 +1253,7 @@ qemuDomainSecretAESSetupFromSecret(qemuDomainObjPrivate *priv,
 bool
 qemuDomainSupportsEncryptedSecret(qemuDomainObjPrivate *priv)
 {
-    return virCryptoHaveCipher(VIR_CRYPTO_CIPHER_AES256CBC) &&
-           virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_OBJECT_SECRET) &&
+    return virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_OBJECT_SECRET) &&
            priv->masterKey;
 }
 

diff --git a/src/storage/storage_util.c b/src/storage/storage_util.c
index 53792765ff707ef61e8bc4de3c6e1cab800a159e..ce61f3717229bf9c2c723c35d9fa41b29b725606 100644 (file)
--- a/src/storage/storage_util.c
+++ b/src/storage/storage_util.c
@@ -839,12 +839,6 @@ storageBackendCreateQemuImgCheckEncryption(int format,
                            _("no secret provided for luks encryption"));
             return -1;
         }
-        if (!virCryptoHaveCipher(VIR_CRYPTO_CIPHER_AES256CBC)) {
-            virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
-                           _("luks encryption usage requires encrypted "
-                             "secret generation to be supported"));
-            return -1;
-        }
     } else {
         virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
                        _("volume encryption unsupported with format %s"), type);

diff --git a/src/util/vircrypto.c b/src/util/vircrypto.c
index 78689721c30ac2904ccaec41bf7f73daa63eacc4..23692d22fbb29ee0b358aa86f350f1cafef8263a 100644 (file)
--- a/src/util/vircrypto.c
+++ b/src/util/vircrypto.c
@@ -100,33 +100,6 @@ virCryptoHashString(virCryptoHash hash,
 }
 
 
-/* virCryptoHaveCipher:
- * @algorithm: Specific cipher algorithm desired
- *
- * Expected to be called prior to virCryptoEncryptData in order
- * to determine whether the requested encryption option is available,
- * so that "other" alternatives can be taken if the algorithm is
- * not available.
- *
- * Returns true if we can support the encryption.
- */
-bool
-virCryptoHaveCipher(virCryptoCipher algorithm)
-{
-    switch (algorithm) {
-
-    case VIR_CRYPTO_CIPHER_AES256CBC:
-        return true;
-
-    case VIR_CRYPTO_CIPHER_NONE:
-    case VIR_CRYPTO_CIPHER_LAST:
-        break;
-    };
-
-    return false;
-}
-
-
 /* virCryptoEncryptDataAESgntuls:
  *
  * Performs the AES gnutls encryption

diff --git a/src/util/vircrypto.h b/src/util/vircrypto.h
index bf002d42d5920e40824ed110e221835c2de555af..5f079ac3350acfaf8802ea34ab435e40fa29f536 100644 (file)
--- a/src/util/vircrypto.h
+++ b/src/util/vircrypto.h
@@ -54,8 +54,6 @@ virCryptoHashString(virCryptoHash hash,
     ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3)
     G_GNUC_WARN_UNUSED_RESULT;
 
-bool virCryptoHaveCipher(virCryptoCipher algorithm);
-
 int virCryptoEncryptData(virCryptoCipher algorithm,
                          uint8_t *enckey, size_t enckeylen,
                          uint8_t *iv, size_t ivlen,

diff --git a/tests/vircryptotest.c b/tests/vircryptotest.c
index 98af4761564f38bd0f4f7a7fe4979b808ebe3d59..9fbaf2f636e5af13c3df4ee335af1c3880af2400 100644 (file)
--- a/tests/vircryptotest.c
+++ b/tests/vircryptotest.c
@@ -73,11 +73,6 @@ testCryptoEncrypt(const void *opaque)
     g_autofree uint8_t *ciphertext = NULL;
     size_t ciphertextlen = 0;
 
-    if (!virCryptoHaveCipher(data->algorithm)) {
-        fprintf(stderr, "cipher algorithm=%d unavailable\n", data->algorithm);
-        return EXIT_AM_SKIP;
-    }
-
     enckey = g_new0(uint8_t, enckeylen);
     iv = g_new0(uint8_t, ivlen);