From 21ada3bd7e9bc5cca7c2c8399adcbaa044bf8103 Mon Sep 17 00:00:00 2001
From: Neale Ranns <nranns@cisco.com>
Date: Thu, 11 Apr 2019 08:18:34 +0000
Subject: IPSEC-MB: Use random & non-repeating IV (VPP-1642)

hard code IV and key lengths based on cipher.
Init IV from random data, use AES instruction to rotate.

Change-Id: I13a6507d12267b823c528660a903787baeba47a0
Signed-off-by: Neale Ranns <nranns@cisco.com>
---
 src/vnet/crypto/crypto.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'src/vnet/crypto/crypto.c')

diff --git a/src/vnet/crypto/crypto.c b/src/vnet/crypto/crypto.c
index 58b13638924..dbdb58b16f6 100644
--- a/src/vnet/crypto/crypto.c
+++ b/src/vnet/crypto/crypto.c
@@ -119,8 +119,11 @@ vnet_crypto_set_handler (char *alg_name, char *engine)
       if (id == 0)
 	continue;
       od = vec_elt_at_index (cm->opt_data, id);
-      od->active_engine_index = p[0];
-      cm->ops_handlers[id] = ce->ops_handlers[id];
+      if (ce->ops_handlers[id])
+	{
+	  od->active_engine_index = p[0];
+	  cm->ops_handlers[id] = ce->ops_handlers[id];
+	}
     }
 
   return 0;
-- 
cgit 1.2.3-korg