summaryrefslogtreecommitdiffstats
path: root/src/vnet/ipsec/ipsec.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/vnet/ipsec/ipsec.h')
-rw-r--r--src/vnet/ipsec/ipsec.h54
1 files changed, 12 insertions, 42 deletions
diff --git a/src/vnet/ipsec/ipsec.h b/src/vnet/ipsec/ipsec.h
index c877139ba12..e38a4a8771e 100644
--- a/src/vnet/ipsec/ipsec.h
+++ b/src/vnet/ipsec/ipsec.h
@@ -16,12 +16,9 @@
#define __IPSEC_H__
#include <vnet/ip/ip.h>
+#include <vnet/crypto/crypto.h>
#include <vnet/feature/feature.h>
-#include <openssl/hmac.h>
-#include <openssl/rand.h>
-#include <openssl/evp.h>
-
#include <vppinfra/types.h>
#include <vppinfra/cache.h>
@@ -69,50 +66,17 @@ typedef struct
typedef struct
{
- const EVP_CIPHER *type;
+ vnet_crypto_op_type_t enc_op_type;
+ vnet_crypto_op_type_t dec_op_type;
u8 iv_size;
u8 block_size;
-} ipsec_proto_main_crypto_alg_t;
+} ipsec_main_crypto_alg_t;
typedef struct
{
- const EVP_MD *md;
+ vnet_crypto_op_type_t op_type;
u8 trunc_size;
-} ipsec_proto_main_integ_alg_t;
-
-typedef struct
-{
- CLIB_CACHE_LINE_ALIGN_MARK (cacheline0);
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
- EVP_CIPHER_CTX *encrypt_ctx;
-#else
- EVP_CIPHER_CTX encrypt_ctx;
-#endif
- CLIB_CACHE_LINE_ALIGN_MARK (cacheline1);
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
- EVP_CIPHER_CTX *decrypt_ctx;
-#else
- EVP_CIPHER_CTX decrypt_ctx;
-#endif
- CLIB_CACHE_LINE_ALIGN_MARK (cacheline2);
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
- HMAC_CTX *hmac_ctx;
-#else
- HMAC_CTX hmac_ctx;
-#endif
- ipsec_crypto_alg_t last_encrypt_alg;
- ipsec_crypto_alg_t last_decrypt_alg;
- ipsec_integ_alg_t last_integ_alg;
-} ipsec_proto_main_per_thread_data_t;
-
-typedef struct
-{
- ipsec_proto_main_crypto_alg_t *ipsec_proto_main_crypto_algs;
- ipsec_proto_main_integ_alg_t *ipsec_proto_main_integ_algs;
- ipsec_proto_main_per_thread_data_t *per_thread_data;
-} ipsec_proto_main_t;
-
-extern ipsec_proto_main_t ipsec_proto_main;
+} ipsec_main_integ_alg_t;
typedef struct
{
@@ -171,6 +135,12 @@ typedef struct
u32 ah_default_backend;
/* index of default esp backend */
u32 esp_default_backend;
+
+ /* crypto alg data */
+ ipsec_main_crypto_alg_t *crypto_algs;
+
+ /* crypto integ data */
+ ipsec_main_integ_alg_t *integ_algs;
} ipsec_main_t;
extern ipsec_main_t ipsec_main;