From f2922422d972644e67d1ca989e40cd0100ecb06d Mon Sep 17 00:00:00 2001
From: Neale Ranns <nranns@cisco.com>
Date: Thu, 6 Jun 2019 13:28:14 +0000
Subject: ipsec: remove the set_key API

there's no use case to just change the key of an SA. instead the SA
should be renegociated and the new SA applied to the existing SPD entry
or tunnel.

the set_key functions were untested.

Type: refactor
Change-Id: Ib096eebaafb20be7b5501ece5a24aea038373002
Signed-off-by: Neale Ranns <nranns@cisco.com>
---
 src/vnet/ipsec/ipsec.api | 40 ----------------------------------------
 1 file changed, 40 deletions(-)

(limited to 'src/vnet/ipsec/ipsec.api')

diff --git a/src/vnet/ipsec/ipsec.api b/src/vnet/ipsec/ipsec.api
index 3a2c993f99c..bb9e8056251 100644
--- a/src/vnet/ipsec/ipsec.api
+++ b/src/vnet/ipsec/ipsec.api
@@ -305,27 +305,6 @@ define ipsec_sad_entry_add_del_reply
   u32 stat_index;
 };
 
-/** \brief IPsec: Update Security Association keys
-    @param client_index - opaque cookie to identify the sender
-    @param context - sender context, to match reply w/ request
-
-    @param sa_id - sa id
-
-    @param crypto_key - crypto keying material
-    @param integrity_key - integrity keying material
-*/
-
-autoreply define ipsec_sa_set_key
-{
-  u32 client_index;
-  u32 context;
-
-  u32 sa_id;
-
-  vl_api_key_t crypto_key;
-  vl_api_key_t integrity_key;
-};
-
 /** \brief IPsec: Get SPD interfaces
     @param client_index - opaque cookie to identify the sender
     @param context - sender context, to match reply w/ request
@@ -467,25 +446,6 @@ define ipsec_sa_details {
   u64 total_data_size;
 };
 
-/** \brief Set key on IPsec interface
-    @param client_index - opaque cookie to identify the sender
-    @param context - sender context, to match reply w/ request
-    @param sw_if_index - index of tunnel interface
-    @param key_type - type of key being set
-    @param alg - algorithm used with key
-    @param key_len - length key in bytes
-    @param key - key
-*/
-autoreply define ipsec_tunnel_if_set_key {
-  u32 client_index;
-  u32 context;
-  u32 sw_if_index;
-  u8 key_type;
-  u8 alg;
-  u8 key_len;
-  u8 key[128];
-};
-
 /** \brief Set new SA on IPsec interface
     @param client_index - opaque cookie to identify the sender
     @param context - sender context, to match reply w/ request
-- 
cgit 1.2.3-korg