From: Emeric Brun <ebrun@haproxy.com>
Date: Tue, 11 Jul 2023 12:53:41 +0000 (+0200)
Subject: CLEANUP: quic: remove useless parameter 'key' from quic_packet_encrypt
X-Git-Tag: v2.9-dev2~53
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=49ddd87d41b62797d50d7c59e843d0c0b0236eb5;p=thirdparty%2Fhaproxy.git

CLEANUP: quic: remove useless parameter 'key' from quic_packet_encrypt

Parameter 'key' was not used in this function.

This patch removes it from the prototype of the function.

This patch could be backported until v2.6.
---

diff --git a/include/haproxy/quic_tls.h b/include/haproxy/quic_tls.h
index 2f8f51ccbc..4d1af10fe0 100644
--- a/include/haproxy/quic_tls.h
+++ b/include/haproxy/quic_tls.h
@@ -58,7 +58,7 @@ int quic_tls_derive_initial_secrets(const EVP_MD *md,
 int quic_tls_encrypt(unsigned char *buf, size_t len,
                      const unsigned char *aad, size_t aad_len,
                      EVP_CIPHER_CTX *ctx, const EVP_CIPHER *aead,
-                     const unsigned char *key, const unsigned char *iv);
+                     const unsigned char *iv);
 
 int quic_tls_decrypt2(unsigned char *out,
                       unsigned char *in, size_t ilen,
diff --git a/src/quic_conn.c b/src/quic_conn.c
index 3edfef7672..f3891f12f7 100644
--- a/src/quic_conn.c
+++ b/src/quic_conn.c
@@ -1565,7 +1565,7 @@ static void quic_packet_encrypt(unsigned char *payload, size_t payload_len,
 	quic_aead_iv_build(iv, sizeof iv, tx_iv, tx_iv_sz, pn);
 
 	if (!quic_tls_encrypt(payload, payload_len, aad, aad_len,
-	                      tls_ctx->tx.ctx, tls_ctx->tx.aead, tls_ctx->tx.key, iv)) {
+	                      tls_ctx->tx.ctx, tls_ctx->tx.aead, iv)) {
 		TRACE_ERROR("QUIC packet encryption failed", QUIC_EV_CONN_ENCPKT, qc);
 		*fail = 1;
 		enc_debug_info_init(&edi, payload, payload_len, aad, aad_len, pn);
@@ -6402,7 +6402,7 @@ static int quic_generate_retry_token(unsigned char *token, size_t len,
 	p += sizeof timestamp;
 
 	/* Do not encrypt the QUIC_TOKEN_FMT_RETRY byte */
-	if (!quic_tls_encrypt(token + 1, p - token - 1, aad, aadlen, ctx, aead, key, iv)) {
+	if (!quic_tls_encrypt(token + 1, p - token - 1, aad, aadlen, ctx, aead, iv)) {
 		TRACE_ERROR("quic_tls_encrypt() failed", QUIC_EV_CONN_TXPKT);
 		goto err;
 	}
diff --git a/src/quic_tls.c b/src/quic_tls.c
index 3efea45a6e..6eda50f2f4 100644
--- a/src/quic_tls.c
+++ b/src/quic_tls.c
@@ -671,7 +671,7 @@ int quic_tls_tx_ctx_init(EVP_CIPHER_CTX **tx_ctx,
 int quic_tls_encrypt(unsigned char *buf, size_t len,
                      const unsigned char *aad, size_t aad_len,
                      EVP_CIPHER_CTX *ctx, const EVP_CIPHER *aead,
-                     const unsigned char *key, const unsigned char *iv)
+                     const unsigned char *iv)
 {
 	int outlen;
 	int aead_nid = EVP_CIPHER_nid(aead);