From 56d3d29ad2451bd0e753e7878827a08b458b726b Mon Sep 17 00:00:00 2001
From: Stanislaw Pitucha <stanislaw.pitucha@hp.com>
Date: Sat, 4 Aug 2012 19:50:54 +0100
Subject: Drop AES functions and pycrypto dependency

At some point IV parameter has been removed making these functions
dangerous to use unless keys are unique on every message. Since the
functions were added the original consumer has disappeared too. With
no more users it's better to get rid of the incomplete encryption system
entirely.

These were the only functions using pycrypto module directly, so it was
also removed from the dependency list.

Change-Id: I57b0a0a42dac455d5baae3d726aea1507121aa4d
---
 nova/crypto.py            | 40 ----------------------------------------
 nova/tests/test_crypto.py | 17 -----------------
 2 files changed, 57 deletions(-)

(limited to 'nova')

diff --git a/nova/crypto.py b/nova/crypto.py
index dfab2cd55..bdb056c93 100644
--- a/nova/crypto.py
+++ b/nova/crypto.py
@@ -29,8 +29,6 @@ import hashlib
 import os
 import string
 
-import Crypto.Cipher.AES
-
 from nova import context
 from nova import db
 from nova import exception
@@ -309,44 +307,6 @@ def _sign_csr(csr_text, ca_folder):
             return (serial, crtfile.read())
 
 
-def _build_cipher(key, iv):
-    """Make a 128bit AES CBC encode/decode Cipher object.
-       Padding is handled internally."""
-    return Crypto.Cipher.AES.new(key, IV=iv)
-
-
-def encryptor(key):
-    """Simple symmetric key encryption."""
-    key = base64.b64decode(key)
-    iv = '\0' * 16
-
-    def encrypt(data):
-        cipher = _build_cipher(key, iv)
-        # Must pad string to multiple of 16 chars
-        padding = (16 - len(data) % 16) * " "
-        v = cipher.encrypt(data + padding)
-        del cipher
-        v = base64.b64encode(v)
-        return v
-
-    return encrypt
-
-
-def decryptor(key):
-    """Simple symmetric key decryption."""
-    key = base64.b64decode(key)
-    iv = '\0' * 16
-
-    def decrypt(data):
-        data = base64.b64decode(data)
-        cipher = _build_cipher(key, iv)
-        v = cipher.decrypt(data).rstrip()
-        del cipher
-        return v
-
-    return decrypt
-
-
 # Copyright (c) 2006-2009 Mitch Garnaat http://garnaat.org/
 #
 # Permission is hereby granted, free of charge, to any person obtaining a
diff --git a/nova/tests/test_crypto.py b/nova/tests/test_crypto.py
index 89de1247f..c9ee6ca02 100644
--- a/nova/tests/test_crypto.py
+++ b/nova/tests/test_crypto.py
@@ -29,23 +29,6 @@ from nova import utils
 FLAGS = flags.FLAGS
 
 
-class SymmetricKeyTestCase(test.TestCase):
-    """Test case for Encrypt/Decrypt"""
-    def test_encrypt_decrypt(self):
-        key = 'c286696d887c9aa0611bbb3e2025a45a'
-        plain_text = "The quick brown fox jumped over the lazy dog."
-
-        # No IV supplied (all 0's)
-        encrypt = crypto.encryptor(key)
-        cipher_text = encrypt(plain_text)
-        self.assertNotEquals(plain_text, cipher_text)
-
-        decrypt = crypto.decryptor(key)
-        plain = decrypt(cipher_text)
-
-        self.assertEquals(plain_text, plain)
-
-
 class X509Test(test.TestCase):
     def test_can_generate_x509(self):
         with utils.tempdir() as tmpdir:
-- 
cgit