Remove unused code
The key generation code here is unused except in tests. It was probably orphaned over time. Change-Id: I7d1c1b66d51ff22aff8b6ee20f3d19836735619b
This commit is contained in:
parent
ec465b2e82
commit
1aa573bc24
|
@ -410,36 +410,3 @@ class P11CryptoPlugin(plugin.CryptoPluginBase):
|
|||
'mkek_label': self.mkek_label,
|
||||
'hmac_label': self.hmac_label
|
||||
}
|
||||
|
||||
def _generate_mkek(self, key_length, key_label):
|
||||
with self.mk_cache_lock, self.caching_session_lock:
|
||||
session = self.caching_session
|
||||
if key_label in self.mk_cache or \
|
||||
self.pkcs11.get_key_handle(key_label, session) is not None:
|
||||
raise exception.P11CryptoPluginKeyException(
|
||||
u._("A master key with that label already exists")
|
||||
)
|
||||
mk = self.pkcs11.generate_key(
|
||||
'CKK_AES', key_length, 'CKM_AES_KEY_GEN', session,
|
||||
key_label=key_label,
|
||||
encrypt=True, wrap=True, master_key=True
|
||||
)
|
||||
|
||||
self.mk_cache[key_label] = mk
|
||||
return mk
|
||||
|
||||
def _generate_mkhk(self, key_length, key_label):
|
||||
with self.mk_cache_lock, self.caching_session_lock:
|
||||
session = self.caching_session
|
||||
if key_label in self.mk_cache or \
|
||||
self.pkcs11.get_key_handle(key_label, session, 'hmac') \
|
||||
is not None:
|
||||
raise exception.P11CryptoPluginKeyException(
|
||||
u._("A master key with that label already exists")
|
||||
)
|
||||
mk = self.pkcs11.generate_key(
|
||||
self.hmac_key_type, key_length, self.hmac_keygen_mechanism,
|
||||
session, key_label, sign=True, master_key=True
|
||||
)
|
||||
self.mk_cache[key_label] = mk
|
||||
return mk
|
||||
|
|
|
@ -280,44 +280,6 @@ class WhenTestingP11CryptoPlugin(utils.BaseTestCase):
|
|||
self.plugin.pkek_cache['expired_kek'] = p11_crypto.CachedKEK(4, 0)
|
||||
self.assertIsNone(self.plugin._pkek_cache_get('expired_kek'))
|
||||
|
||||
def test_generate_mkek(self):
|
||||
self.pkcs11.get_key_handle.return_value = None
|
||||
|
||||
mkek = self.plugin._generate_mkek(256, 'mkek_label_2')
|
||||
self.assertEqual(3, mkek)
|
||||
|
||||
self.assertEqual(3, self.pkcs11.get_key_handle.call_count)
|
||||
self.assertEqual(1, self.pkcs11.generate_key.call_count)
|
||||
|
||||
def test_cached_generate_mkek(self):
|
||||
self.assertRaises(ex.P11CryptoPluginKeyException,
|
||||
self.plugin._generate_mkek, 256, 'mkek_label')
|
||||
self.assertEqual(2, self.pkcs11.get_key_handle.call_count)
|
||||
|
||||
def test_existing_generate_mkek(self):
|
||||
self.assertRaises(ex.P11CryptoPluginKeyException,
|
||||
self.plugin._generate_mkek, 256, 'mkek2_label')
|
||||
self.assertEqual(3, self.pkcs11.get_key_handle.call_count)
|
||||
|
||||
def test_generate_mkhk(self):
|
||||
self.pkcs11.get_key_handle.return_value = None
|
||||
|
||||
mkhk = self.plugin._generate_mkhk(256, 'mkhk_label_2')
|
||||
self.assertEqual(3, mkhk)
|
||||
|
||||
self.assertEqual(3, self.pkcs11.get_key_handle.call_count)
|
||||
self.assertEqual(1, self.pkcs11.generate_key.call_count)
|
||||
|
||||
def test_cached_generate_mkhk(self):
|
||||
self.assertRaises(ex.P11CryptoPluginKeyException,
|
||||
self.plugin._generate_mkhk, 256, 'hmac_label')
|
||||
self.assertEqual(2, self.pkcs11.get_key_handle.call_count)
|
||||
|
||||
def test_existing_generate_mkhk(self):
|
||||
self.assertRaises(ex.P11CryptoPluginKeyException,
|
||||
self.plugin._generate_mkhk, 256, 'mkhk2_label')
|
||||
self.assertEqual(3, self.pkcs11.get_key_handle.call_count)
|
||||
|
||||
def test_create_pkcs11(self):
|
||||
def _generate_random(session, buf, length):
|
||||
ffi.buffer(buf)[:] = b'0' * length
|
||||
|
|
Loading…
Reference in New Issue