gerrit.fd Code Review - vpp.git/commit

author	Benoît Ganne <bganne@cisco.com>
	Wed, 19 Jan 2022 09:09:42 +0000 (10:09 +0100)
committer	Damjan Marion <dmarion@0xa5.net>
	Mon, 6 Mar 2023 17:15:24 +0000 (17:15 +0000)
commit	063549f9605c018618670ecb6c5bbbdbedd62c04
tree	278242f135d25eaabee714bcb919318cf0afc08f	tree \| snapshot
parent	f471e3339f12049531d2ead015d82f117d8fd936	commit \| diff

crypto: remove VNET_CRYPTO_OP_FLAG_INIT_IV flag

IV requirements vary wildly with the selected mode of operation. For
example, for AES-CBC the IV must be unpredictable whereas for AES
counter mode (CTR or GCM), it can be predictable but reusing an IV with
the same key material is catastrophic.
Because of that, it is hard to generate IV in a generic way, and it is
better left to the crypto user (eg. IPsec).

Type: improvement

Change-Id: I32689c591d8c6572b8d37c4d24f175ea6132d3ec
Signed-off-by: Benoît Ganne <bganne@cisco.com>

src/plugins/crypto_ipsecmb/ipsecmb.c		diff \| blob \| history
src/plugins/crypto_native/aes_cbc.c		diff \| blob \| history
src/plugins/crypto_native/crypto_native.h		diff \| blob \| history
src/plugins/crypto_native/main.c		diff \| blob \| history
src/plugins/crypto_openssl/main.c		diff \| blob \| history
src/plugins/crypto_sw_scheduler/main.c		diff \| blob \| history
src/plugins/unittest/crypto_test.c		diff \| blob \| history
src/vnet/crypto/crypto.h		diff \| blob \| history