diff mbox series

[API-NEXT,v2,5/9] api: ipsec: ignore aad capability

Message ID 20170712125639.11445-5-petri.savolainen@linaro.org
State Superseded
Headers show
Series [API-NEXT,v2,1/9] api: ipsec: add salt parameter | expand

Commit Message

Petri Savolainen July 12, 2017, 12:56 p.m. UTC
AAD lengths are needed in crypto API but not in IPSEC API.
So, application should ignore AAD capability values in IPSEC
API.

Signed-off-by: Petri Savolainen <petri.savolainen@linaro.org>

---
 include/odp/api/spec/ipsec.h | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

-- 
2.13.0
diff mbox series

Patch

diff --git a/include/odp/api/spec/ipsec.h b/include/odp/api/spec/ipsec.h
index 9012ca59..87cee2a1 100644
--- a/include/odp/api/spec/ipsec.h
+++ b/include/odp/api/spec/ipsec.h
@@ -761,7 +761,9 @@  int odp_ipsec_cipher_capability(odp_cipher_alg_t cipher,
  * Outputs all supported configuration options for the algorithm. Output is
  * sorted (from the smallest to the largest) first by digest length, then by key
  * length. Use this information to select key lengths, etc authentication
- * algorithm options for SA creation (odp_ipsec_crypto_param_t).
+ * algorithm options for SA creation (odp_ipsec_crypto_param_t). Application
+ * must ignore values for AAD length capabilities as those are not relevant for
+ * IPSEC API (fixed in IPSEC RFCs).
  *
  * @param      auth         Authentication algorithm
  * @param[out] capa         Array of capability structures for output