diff options
author | Damjan Marion <damarion@cisco.com> | 2019-03-20 16:30:54 +0100 |
---|---|---|
committer | Florin Coras <florin.coras@gmail.com> | 2019-03-22 14:53:33 +0000 |
commit | af73eda08059f0168738d63c29ab09e0b8cf211c (patch) | |
tree | fa3c83547a2929e9194eba1396c8fc00cd04f440 | |
parent | 00a442068d353fd60cbd743f2dfb42ee7407d267 (diff) |
ipsec: fix esn handling
Change-Id: I27f24095309082363ba0d0ba4bd69e2c0741dc1c
Signed-off-by: Damjan Marion <damarion@cisco.com>
-rw-r--r-- | src/vnet/ipsec/esp.h | 14 |
1 files changed, 5 insertions, 9 deletions
diff --git a/src/vnet/ipsec/esp.h b/src/vnet/ipsec/esp.h index 8e61d9d751d..b0364b59d29 100644 --- a/src/vnet/ipsec/esp.h +++ b/src/vnet/ipsec/esp.h @@ -220,17 +220,13 @@ hmac_calc (vlib_main_t * vm, ipsec_sa_t * sa, u8 * data, int data_len, op->len = data_len; op->dst = signature; op->hmac_trunc_len = sa->integ_trunc_size; -#if 0 - HMAC_Init_ex (ctx, key, key_len, md, NULL); - - HMAC_Update (ctx, data, data_len); - - if (PREDICT_TRUE (use_esn)) - HMAC_Update (ctx, (u8 *) & seq_hi, sizeof (seq_hi)); - HMAC_Final (ctx, signature, &len); + if (sa->use_esn) + { + op->len += 4; + clib_memcpy (data + data_len, &sa->seq_hi, 4); + } -#endif vnet_crypto_process_ops (vm, op, 1); return sa->integ_trunc_size; } |