summaryrefslogtreecommitdiffstats
path: root/src/vnet/ipsec/esp_decrypt.c
diff options
context:
space:
mode:
authorDamjan Marion <damarion@cisco.com>2019-03-29 13:47:54 +0100
committerDamjan Marion <damarion@cisco.com>2019-04-07 11:19:35 +0200
commit060bfb987a277624e5644de2fcbee1196c2c76e8 (patch)
tree2ca6ccf57c09c5e016f9613b0e0e75f8e49475eb /src/vnet/ipsec/esp_decrypt.c
parentdc43bcd8abef2cee4eebdc94d9a82c0194ba00fb (diff)
crypto: add support for AEAD and AES-GCM
Change-Id: Iff6f81a49b9cff5522fbb4914d47472423eac5db Signed-off-by: Damjan Marion <damarion@cisco.com>
Diffstat (limited to 'src/vnet/ipsec/esp_decrypt.c')
-rw-r--r--src/vnet/ipsec/esp_decrypt.c11
1 files changed, 5 insertions, 6 deletions
diff --git a/src/vnet/ipsec/esp_decrypt.c b/src/vnet/ipsec/esp_decrypt.c
index 7737d186865..9b24e5aaeaa 100644
--- a/src/vnet/ipsec/esp_decrypt.c
+++ b/src/vnet/ipsec/esp_decrypt.c
@@ -202,14 +202,14 @@ esp_decrypt_inline (vlib_main_t * vm,
vnet_crypto_op_t *op;
vec_add2_aligned (ptd->integ_ops, op, 1, CLIB_CACHE_LINE_BYTES);
- vnet_crypto_op_init (op, sa0->integ_op_type);
+ vnet_crypto_op_init (op, sa0->integ_op_id);
op->key = sa0->integ_key.data;
op->key_len = sa0->integ_key.len;
op->src = payload;
- op->hmac_trunc_len = cpd.icv_sz;
op->flags = VNET_CRYPTO_OP_FLAG_HMAC_CHECK;
op->user_data = b - bufs;
- op->dst = payload + len;
+ op->digest = payload + len;
+ op->digest_len = cpd.icv_sz;
op->len = len;
if (PREDICT_TRUE (sa0->flags & IPSEC_SA_FLAG_USE_ESN))
{
@@ -226,11 +226,11 @@ esp_decrypt_inline (vlib_main_t * vm,
payload += esp_sz;
len -= esp_sz;
- if (sa0->crypto_enc_op_type != VNET_CRYPTO_OP_NONE)
+ if (sa0->crypto_enc_op_id != VNET_CRYPTO_OP_NONE)
{
vnet_crypto_op_t *op;
vec_add2_aligned (ptd->crypto_ops, op, 1, CLIB_CACHE_LINE_BYTES);
- vnet_crypto_op_init (op, sa0->crypto_dec_op_type);
+ vnet_crypto_op_init (op, sa0->crypto_dec_op_id);
op->key = sa0->crypto_key.data;
op->iv = payload;
op->src = op->dst = payload += cpd.iv_sz;
@@ -271,7 +271,6 @@ esp_decrypt_inline (vlib_main_t * vm,
op++;
}
}
-
if ((n = vec_len (ptd->crypto_ops)))
{
vnet_crypto_op_t *op = ptd->crypto_ops;