crypto: remove VNET_CRYPTO_OP_FLAG_INIT_IV flag

IV requirements vary wildly with the selected mode of operation. For example, for AES-CBC the IV must be unpredictable whereas for AES counter mode (CTR or GCM), it can be predictable but reusing an IV with the same key material is catastrophic. Because of that, it is hard to generate IV in a generic way, and it is better left to the crypto user (eg. IPsec). Type: improvement Change-Id: I32689c591d8c6572b8d37c4d24f175ea6132d3ec Signed-off-by: Benoît Ganne <bganne@cisco.com>
author: Benoît Ganne <bganne@cisco.com> 2022-01-19 10:09:42 +0100
committer: Damjan Marion <dmarion@0xa5.net> 2023-03-06 17:15:24 +0000
commit: 063549f9605c018618670ecb6c5bbbdbedd62c04 (patch)
tree: 278242f135d25eaabee714bcb919318cf0afc08f /src/vnet
parent: f471e3339f12049531d2ead015d82f117d8fd936 (diff)
1 files changed, 2 insertions, 3 deletions
diff --git a/src/vnet/crypto/crypto.h b/src/vnet/crypto/crypto.h
index 8f12a7216b0..0bb5e367f21 100644
--- a/src/vnet/crypto/crypto.h
+++ b/src/vnet/crypto/crypto.h
@@ -260,9 +260,8 @@ typedef struct
   vnet_crypto_op_id_t op:16;
   vnet_crypto_op_status_t status:8;
   u8 flags;
-#define VNET_CRYPTO_OP_FLAG_INIT_IV (1 << 0)
-#define VNET_CRYPTO_OP_FLAG_HMAC_CHECK (1 << 1)
-#define VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS (1 << 2)
+#define VNET_CRYPTO_OP_FLAG_HMAC_CHECK	    (1 << 0)
+#define VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS (1 << 1)
 
   union
   {
author	Benoît Ganne <bganne@cisco.com>	2022-01-19 10:09:42 +0100
committer	Damjan Marion <dmarion@0xa5.net>	2023-03-06 17:15:24 +0000
commit	063549f9605c018618670ecb6c5bbbdbedd62c04 (patch)
tree	278242f135d25eaabee714bcb919318cf0afc08f /src/vnet
parent	f471e3339f12049531d2ead015d82f117d8fd936 (diff)