summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDamjan Marion <damarion@cisco.com>2019-03-20 16:30:54 +0100
committerFlorin Coras <florin.coras@gmail.com>2019-03-22 14:53:33 +0000
commitaf73eda08059f0168738d63c29ab09e0b8cf211c (patch)
treefa3c83547a2929e9194eba1396c8fc00cd04f440
parent00a442068d353fd60cbd743f2dfb42ee7407d267 (diff)
ipsec: fix esn handling
Change-Id: I27f24095309082363ba0d0ba4bd69e2c0741dc1c Signed-off-by: Damjan Marion <damarion@cisco.com>
-rw-r--r--src/vnet/ipsec/esp.h14
1 files changed, 5 insertions, 9 deletions
diff --git a/src/vnet/ipsec/esp.h b/src/vnet/ipsec/esp.h
index 8e61d9d751d..b0364b59d29 100644
--- a/src/vnet/ipsec/esp.h
+++ b/src/vnet/ipsec/esp.h
@@ -220,17 +220,13 @@ hmac_calc (vlib_main_t * vm, ipsec_sa_t * sa, u8 * data, int data_len,
op->len = data_len;
op->dst = signature;
op->hmac_trunc_len = sa->integ_trunc_size;
-#if 0
- HMAC_Init_ex (ctx, key, key_len, md, NULL);
-
- HMAC_Update (ctx, data, data_len);
-
- if (PREDICT_TRUE (use_esn))
- HMAC_Update (ctx, (u8 *) & seq_hi, sizeof (seq_hi));
- HMAC_Final (ctx, signature, &len);
+ if (sa->use_esn)
+ {
+ op->len += 4;
+ clib_memcpy (data + data_len, &sa->seq_hi, 4);
+ }
-#endif
vnet_crypto_process_ops (vm, op, 1);
return sa->integ_trunc_size;
}