From 6af92515f0543dfbc34eb0dce97fe43eea356f8b Mon Sep 17 00:00:00 2001
From: Seena Fallah <seenafallah@gmail.com>
Date: Tue, 22 Apr 2025 10:19:03 +0200
Subject: [PATCH] rgw: drop unused keysel attrs for non testing encryptions

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
---
 src/rgw/rgw_crypt.cc | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/rgw/rgw_crypt.cc b/src/rgw/rgw_crypt.cc
index 2196e982953..98b1fc20bcc 100644
--- a/src/rgw/rgw_crypt.cc
+++ b/src/rgw/rgw_crypt.cc
@@ -1170,10 +1170,12 @@ int rgw_s3_prepare_encrypt(req_state* s, optional_yield y,
           return -EINVAL;
         }
         /* try to retrieve actual key */
-        std::string key_selector = create_random_key_selector(s->cct);
+        if (s->cct->_conf->rgw_crypt_s3_kms_backend == RGW_SSE_KMS_BACKEND_TESTING) {
+          std::string key_selector = create_random_key_selector(s->cct);
+          set_attr(attrs, RGW_ATTR_CRYPT_KEYSEL, key_selector);
+        }
         set_attr(attrs, RGW_ATTR_CRYPT_MODE, "SSE-KMS");
         set_attr(attrs, RGW_ATTR_CRYPT_KEYID, key_id);
-        set_attr(attrs, RGW_ATTR_CRYPT_KEYSEL, key_selector);
         set_attr(attrs, RGW_ATTR_CRYPT_CONTEXT, cooked_context);
         std::string actual_key;
         res = make_actual_key_from_kms(s, attrs, y, actual_key);
@@ -1226,9 +1228,7 @@ int rgw_s3_prepare_encrypt(req_state* s, optional_yield y,
       if (res != 0) {
         return res;
       }
-      std::string key_selector = create_random_key_selector(s->cct);
 
-      set_attr(attrs, RGW_ATTR_CRYPT_KEYSEL, key_selector);
       set_attr(attrs, RGW_ATTR_CRYPT_CONTEXT, cooked_context);
       set_attr(attrs, RGW_ATTR_CRYPT_MODE, "AES256");
       set_attr(attrs, RGW_ATTR_CRYPT_KEYID, key_id);
-- 
2.47.3