diff options
author | Christian Hopps <chopps@labn.net> | 2019-11-03 01:02:18 -0400 |
---|---|---|
committer | Andrew Yourtchenko <ayourtch@gmail.com> | 2019-11-18 13:30:59 +0000 |
commit | 8f6b9a39e63190639bfc19e162bfb63ccbf26871 (patch) | |
tree | 3f20e2727d9cd4f39de3845679ca7e8f6a59d4db | |
parent | cde7068bbe8d76d84c2e44f79e32c60a1525bcc9 (diff) |
dpdk: ipsec gcm fixes
- Fix AAD initialization. With use-esn the aad data consists of the SPI
and the 64-bit sequence number in big-endian order. Fix the u32 swapped
code.
- Remove salt-reinitialization. The GCM code seems inspired by the GCM
RFCs recommendations on IKE keydata and how to produce a salt
value (create an extra 4 octets of keying material). This is not IKE
code though and the SA already holds the configured salt value which
this code is blowing away. Use the configured value instead.
Type: fix
Change-Id: I5e75518aa7c1d91037bb24b2a40fe4fc90bdfdb0
Signed-off-by: Christian Hopps <chopps@labn.net>
(cherry picked from commit d58419f19b33560d224471bc16674a525427308e)
-rw-r--r-- | src/plugins/dpdk/ipsec/esp_decrypt.c | 5 | ||||
-rw-r--r-- | src/plugins/dpdk/ipsec/esp_encrypt.c | 13 | ||||
-rw-r--r-- | src/plugins/dpdk/ipsec/ipsec.c | 21 |
3 files changed, 14 insertions, 25 deletions
diff --git a/src/plugins/dpdk/ipsec/esp_decrypt.c b/src/plugins/dpdk/ipsec/esp_decrypt.c index afbab963009..112b96a12bd 100644 --- a/src/plugins/dpdk/ipsec/esp_decrypt.c +++ b/src/plugins/dpdk/ipsec/esp_decrypt.c @@ -330,7 +330,10 @@ dpdk_esp_decrypt_inline (vlib_main_t * vm, /* _aad[3] should always be 0 */ if (PREDICT_FALSE (ipsec_sa_is_set_USE_ESN (sa0))) - _aad[2] = clib_host_to_net_u32 (sa0->seq_hi); + { + _aad[2] = _aad[1]; + _aad[1] = clib_host_to_net_u32 (sa0->seq_hi); + } else _aad[2] = 0; } diff --git a/src/plugins/dpdk/ipsec/esp_encrypt.c b/src/plugins/dpdk/ipsec/esp_encrypt.c index 1d29841c5d7..dd37f081a15 100644 --- a/src/plugins/dpdk/ipsec/esp_encrypt.c +++ b/src/plugins/dpdk/ipsec/esp_encrypt.c @@ -530,14 +530,19 @@ dpdk_esp_encrypt_inline (vlib_main_t * vm, if (is_aead) { aad = (u32 *) priv->aad; - aad[0] = clib_host_to_net_u32 (sa0->spi); - aad[1] = clib_host_to_net_u32 (sa0->seq); + aad[0] = esp0->spi; /* aad[3] should always be 0 */ if (PREDICT_FALSE (ipsec_sa_is_set_USE_ESN (sa0))) - aad[2] = clib_host_to_net_u32 (sa0->seq_hi); + { + aad[1] = clib_host_to_net_u32 (sa0->seq_hi); + aad[2] = esp0->seq; + } else - aad[2] = 0; + { + aad[1] = esp0->seq; + aad[2] = 0; + } } else { diff --git a/src/plugins/dpdk/ipsec/ipsec.c b/src/plugins/dpdk/ipsec/ipsec.c index 93efc6bcf7e..260775b0695 100644 --- a/src/plugins/dpdk/ipsec/ipsec.c +++ b/src/plugins/dpdk/ipsec/ipsec.c @@ -494,7 +494,6 @@ dpdk_crypto_session_disposal (crypto_session_disposal_t * v, u64 ts) static clib_error_t * add_del_sa_session (u32 sa_index, u8 is_add) { - ipsec_main_t *im = &ipsec_main; dpdk_crypto_main_t *dcm = &dpdk_crypto_main; crypto_data_t *data; struct rte_cryptodev_sym_session *s; @@ -502,25 +501,7 @@ add_del_sa_session (u32 sa_index, u8 is_add) u32 drv_id; if (is_add) - { -#if 1 - ipsec_sa_t *sa = pool_elt_at_index (im->sad, sa_index); - u32 seed; - switch (sa->crypto_alg) - { - case IPSEC_CRYPTO_ALG_AES_GCM_128: - case IPSEC_CRYPTO_ALG_AES_GCM_192: - case IPSEC_CRYPTO_ALG_AES_GCM_256: - clib_memcpy (&sa->salt, - &sa->crypto_key.data[sa->crypto_key.len - 4], 4); - break; - default: - seed = (u32) clib_cpu_time_now (); - sa->salt = random_u32 (&seed); - } -#endif - return 0; - } + return 0; /* *INDENT-OFF* */ vec_foreach (data, dcm->data) |