crypto, ipsec: change GCM IV handling

- nonce construction out of salt and iv is ipsec specific so it should be handled in ipsec code - fixes GCM unit tests - GCM IV is constructed out of simple counter, per RFC4106 section 3.1 Change-Id: Ib7712cc9612830daa737f5171d8384f1d361bb61 Signed-off-by: Damjan Marion <damarion@cisco.com>
author: Damjan Marion <damarion@cisco.com> 2019-04-25 18:28:31 +0200
committer: Florin Coras <florin.coras@gmail.com> 2019-04-26 14:13:00 +0000
commit: d97918ec678c4086001840e7263ba9ac3504ce24 (patch)
tree: b490f0318dc8bae6b7d8f90f789c416414bf0b17 /src/vnet/ipsec/ipsec_sa.h
parent: aaed170828dfdb3d62295b76fd617f794dc76b3f (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/src/vnet/ipsec/ipsec_sa.h b/src/vnet/ipsec/ipsec_sa.h
index bde09589672..661b54a6ce9 100644
--- a/src/vnet/ipsec/ipsec_sa.h
+++ b/src/vnet/ipsec/ipsec_sa.h
@@ -167,6 +167,7 @@ typedef struct
 
   /* Salt used in GCM modes - stored in network byte order */
   u32 salt;
+  u64 gcm_iv_counter;
 } ipsec_sa_t;
 
 STATIC_ASSERT_OFFSET_OF (ipsec_sa_t, cacheline1, CLIB_CACHE_LINE_BYTES);
author	Damjan Marion <damarion@cisco.com>	2019-04-25 18:28:31 +0200
committer	Florin Coras <florin.coras@gmail.com>	2019-04-26 14:13:00 +0000
commit	d97918ec678c4086001840e7263ba9ac3504ce24 (patch)
tree	b490f0318dc8bae6b7d8f90f789c416414bf0b17 /src/vnet/ipsec/ipsec_sa.h
parent	aaed170828dfdb3d62295b76fd617f794dc76b3f (diff)