diff options
author | Damjan Marion <damarion@cisco.com> | 2019-04-24 15:20:35 +0200 |
---|---|---|
committer | Neale Ranns <nranns@cisco.com> | 2019-04-25 01:36:12 +0000 |
commit | d1bed687231bb64cf7761da37431ba61bc32b6d8 (patch) | |
tree | 891af80a873db9dda53c18e95f5eeb9366a1cb07 /src/plugins/crypto_ipsecmb | |
parent | 20bc56ab58189ad9fa24feaaca3e76ea8e636140 (diff) |
crypto: improve key handling
Change-Id: If96f661d507305da4b96cac7b1a8f14ba90676ad
Signed-off-by: Damjan Marion <damarion@cisco.com>
Diffstat (limited to 'src/plugins/crypto_ipsecmb')
-rw-r--r-- | src/plugins/crypto_ipsecmb/ipsecmb.c | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/src/plugins/crypto_ipsecmb/ipsecmb.c b/src/plugins/crypto_ipsecmb/ipsecmb.c index 6d4d9136784..10cc32f8e6d 100644 --- a/src/plugins/crypto_ipsecmb/ipsecmb.c +++ b/src/plugins/crypto_ipsecmb/ipsecmb.c @@ -154,9 +154,10 @@ ipsecmb_ops_hmac_inline (vlib_main_t * vm, for (i = 0; i < n_ops; i++) { vnet_crypto_op_t *op = ops[i]; + vnet_crypto_key_t *key = vnet_crypto_get_key (op->key_index); u8 ipad[256], opad[256]; - hash_expand_keys (ptd->mgr, op->key, op->key_len, + hash_expand_keys (ptd->mgr, key->data, vec_len (key->data), block_size, ipad, opad, fn); job = IMB_GET_NEXT_JOB (ptd->mgr); @@ -172,7 +173,7 @@ ipsecmb_ops_hmac_inline (vlib_main_t * vm, job->cipher_direction = DECRYPT; job->chain_order = HASH_CIPHER; - job->aes_key_len_in_bytes = op->key_len; + job->aes_key_len_in_bytes = vec_len (key->data); job->u.HMAC._hashed_auth_key_xor_ipad = ipad; job->u.HMAC._hashed_auth_key_xor_opad = opad; @@ -250,9 +251,10 @@ ipsecmb_ops_cbc_cipher_inline (vlib_main_t * vm, u8 aes_enc_key_expanded[EXPANDED_KEY_N_BYTES]; u8 aes_dec_key_expanded[EXPANDED_KEY_N_BYTES]; vnet_crypto_op_t *op = ops[i]; + vnet_crypto_key_t *key = vnet_crypto_get_key (op->key_index); __m128i iv; - fn (op->key, aes_enc_key_expanded, aes_dec_key_expanded); + fn (key->data, aes_enc_key_expanded, aes_dec_key_expanded); job = IMB_GET_NEXT_JOB (ptd->mgr); @@ -380,10 +382,11 @@ ipsecmb_ops_gcm_cipher_inline (vlib_main_t * vm, { struct gcm_key_data key_data; vnet_crypto_op_t *op = ops[i]; + vnet_crypto_key_t *key = vnet_crypto_get_key (op->key_index); u32 nonce[3]; __m128i iv; - fn (op->key, &key_data); + fn (key->data, &key_data); job = IMB_GET_NEXT_JOB (ptd->mgr); |