Remove AES algorithm for DNS cookies

The AES algorithm for DNS cookies was being kept for legacy reasons, and
it can be safely removed in the next major release.  Remove both the AES
usage for DNS cookies and the AES implementation itself.

bin/named/server.c

@@ -32,7 +32,6 @@
 #include <systemd/sd-daemon.h>
 #endif
 
-#include <isc/aes.h>
 #include <isc/async.h>
 #include <isc/attributes.h>
 #include <isc/base64.h>
@@ -9418,8 +9417,6 @@ load_configuration(const char *filename, named_server_t *server,
 	INSIST(result == ISC_R_SUCCESS);
 	if (strcasecmp(cfg_obj_asstring(obj), "siphash24") == 0) {
 		server->sctx->cookiealg = ns_cookiealg_siphash24;
-	} else if (strcasecmp(cfg_obj_asstring(obj), "aes") == 0) {
-		server->sctx->cookiealg = ns_cookiealg_aes;
 	} else {
 		UNREACHABLE();
 	}
@@ -9486,21 +9483,6 @@ load_configuration(const char *filename, named_server_t *server,
 					goto cleanup_altsecrets;
 				}
 				break;
-			case ns_cookiealg_aes:
-				expectedlength = ISC_AES128_KEYLENGTH;
-				if (usedlength != expectedlength) {
-					result = ISC_R_RANGE;
-					isc_log_write(
-						named_g_lctx,
-						NAMED_LOGCATEGORY_GENERAL,
-						NAMED_LOGMODULE_SERVER,
-						ISC_LOG_ERROR,
-						"AES cookie-secret must be 128 "
-						"bits: %s",
-						isc_result_totext(result));
-					goto cleanup_altsecrets;
-				}
-				break;
 			}
 		}
 	} else {