Drop AES functions and pycrypto dependency

At some point IV parameter has been removed making these functions dangerous to use unless keys are unique on every message. Since the functions were added the original consumer has disappeared too. With no more users it's better to get rid of the incomplete encryption system entirely. These were the only functions using pycrypto module directly, so it was also removed from the dependency list. Fixes bug: 1033178 Change-Id: I57b0a0a42dac455d5baae3d726aea1507121aa4d (cherry picked from commit 56d3d29)
openstack · Aug 5, 2012 · e8ef050 · e8ef050
1 parent 6c05f43
commit e8ef050
Show file tree

Hide file tree

Showing 3 changed files with 0 additions and 58 deletions.
diff --git a/nova/crypto.py b/nova/crypto.py
@@ -29,8 +29,6 @@
 import os
 import string
 
-import Crypto.Cipher.AES
-
 from nova import context
 from nova import db
 from nova import exception
@@ -308,44 +306,6 @@ def _sign_csr(csr_text, ca_folder):
             return (serial, crtfile.read())
 
 
-def _build_cipher(key, iv):
-    """Make a 128bit AES CBC encode/decode Cipher object.
-       Padding is handled internally."""
-    return Crypto.Cipher.AES.new(key, IV=iv)
-
-
-def encryptor(key):
-    """Simple symmetric key encryption."""
-    key = base64.b64decode(key)
-    iv = '\0' * 16
-
-    def encrypt(data):
-        cipher = _build_cipher(key, iv)
-        # Must pad string to multiple of 16 chars
-        padding = (16 - len(data) % 16) * " "
-        v = cipher.encrypt(data + padding)
-        del cipher
-        v = base64.b64encode(v)
-        return v
-
-    return encrypt
-
-
-def decryptor(key):
-    """Simple symmetric key decryption."""
-    key = base64.b64decode(key)
-    iv = '\0' * 16
-
-    def decrypt(data):
-        data = base64.b64decode(data)
-        cipher = _build_cipher(key, iv)
-        v = cipher.decrypt(data).rstrip()
-        del cipher
-        return v
-
-    return decrypt
-
-
 # Copyright (c) 2006-2009 Mitch Garnaat http://garnaat.org/
 #
 # Permission is hereby granted, free of charge, to any person obtaining a

diff --git a/nova/tests/test_crypto.py b/nova/tests/test_crypto.py
@@ -29,23 +29,6 @@
 FLAGS = flags.FLAGS
 
 
-class SymmetricKeyTestCase(test.TestCase):
-    """Test case for Encrypt/Decrypt"""
-    def test_encrypt_decrypt(self):
-        key = 'c286696d887c9aa0611bbb3e2025a45a'
-        plain_text = "The quick brown fox jumped over the lazy dog."
-
-        # No IV supplied (all 0's)
-        encrypt = crypto.encryptor(key)
-        cipher_text = encrypt(plain_text)
-        self.assertNotEquals(plain_text, cipher_text)
-
-        decrypt = crypto.decryptor(key)
-        plain = decrypt(cipher_text)
-
-        self.assertEquals(plain_text, plain)
-
-
 class X509Test(test.TestCase):
     def test_can_generate_x509(self):
         with utils.tempdir() as tmpdir:

diff --git a/tools/pip-requires b/tools/pip-requires
@@ -23,6 +23,5 @@ glance>=2011.3.1
 suds==0.4
 paramiko
 feedparser
-pycrypto
 Babel>=0.9.6
 iso8601>=0.1.4