diff options
author | Damjan Marion <damarion@cisco.com> | 2019-03-29 13:47:54 +0100 |
---|---|---|
committer | Damjan Marion <damarion@cisco.com> | 2019-04-07 11:19:35 +0200 |
commit | 060bfb987a277624e5644de2fcbee1196c2c76e8 (patch) | |
tree | 2ca6ccf57c09c5e016f9613b0e0e75f8e49475eb /src/vnet/ipsec/esp_decrypt.c | |
parent | dc43bcd8abef2cee4eebdc94d9a82c0194ba00fb (diff) |
crypto: add support for AEAD and AES-GCM
Change-Id: Iff6f81a49b9cff5522fbb4914d47472423eac5db
Signed-off-by: Damjan Marion <damarion@cisco.com>
Diffstat (limited to 'src/vnet/ipsec/esp_decrypt.c')
-rw-r--r-- | src/vnet/ipsec/esp_decrypt.c | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/src/vnet/ipsec/esp_decrypt.c b/src/vnet/ipsec/esp_decrypt.c index 7737d186865..9b24e5aaeaa 100644 --- a/src/vnet/ipsec/esp_decrypt.c +++ b/src/vnet/ipsec/esp_decrypt.c @@ -202,14 +202,14 @@ esp_decrypt_inline (vlib_main_t * vm, vnet_crypto_op_t *op; vec_add2_aligned (ptd->integ_ops, op, 1, CLIB_CACHE_LINE_BYTES); - vnet_crypto_op_init (op, sa0->integ_op_type); + vnet_crypto_op_init (op, sa0->integ_op_id); op->key = sa0->integ_key.data; op->key_len = sa0->integ_key.len; op->src = payload; - op->hmac_trunc_len = cpd.icv_sz; op->flags = VNET_CRYPTO_OP_FLAG_HMAC_CHECK; op->user_data = b - bufs; - op->dst = payload + len; + op->digest = payload + len; + op->digest_len = cpd.icv_sz; op->len = len; if (PREDICT_TRUE (sa0->flags & IPSEC_SA_FLAG_USE_ESN)) { @@ -226,11 +226,11 @@ esp_decrypt_inline (vlib_main_t * vm, payload += esp_sz; len -= esp_sz; - if (sa0->crypto_enc_op_type != VNET_CRYPTO_OP_NONE) + if (sa0->crypto_enc_op_id != VNET_CRYPTO_OP_NONE) { vnet_crypto_op_t *op; vec_add2_aligned (ptd->crypto_ops, op, 1, CLIB_CACHE_LINE_BYTES); - vnet_crypto_op_init (op, sa0->crypto_dec_op_type); + vnet_crypto_op_init (op, sa0->crypto_dec_op_id); op->key = sa0->crypto_key.data; op->iv = payload; op->src = op->dst = payload += cpd.iv_sz; @@ -271,7 +271,6 @@ esp_decrypt_inline (vlib_main_t * vm, op++; } } - if ((n = vec_len (ptd->crypto_ops))) { vnet_crypto_op_t *op = ptd->crypto_ops; |