+u32
+vnet_crypto_key_add (vlib_main_t * vm, vnet_crypto_alg_t alg, u8 * data,
+ u16 length)
+{
+ u32 index;
+ vnet_crypto_main_t *cm = &crypto_main;
+ vnet_crypto_engine_t *engine;
+ vnet_crypto_key_t *key;
+
+ if (!vnet_crypto_key_len_check (alg, length))
+ return ~0;
+
+ pool_get_zero (cm->keys, key);
+ index = key - cm->keys;
+ key->alg = alg;
+ vec_validate_aligned (key->data, length - 1, CLIB_CACHE_LINE_BYTES);
+ clib_memcpy (key->data, data, length);
+
+ /* *INDENT-OFF* */
+ vec_foreach (engine, cm->engines)
+ if (engine->key_op_handler)
+ engine->key_op_handler (vm, VNET_CRYPTO_KEY_OP_ADD, index);
+ /* *INDENT-ON* */
+ return index;
+}
+
+void
+vnet_crypto_key_del (vlib_main_t * vm, vnet_crypto_key_index_t index)
+{
+ vnet_crypto_main_t *cm = &crypto_main;
+ vnet_crypto_engine_t *engine;
+ vnet_crypto_key_t *key = pool_elt_at_index (cm->keys, index);
+
+ /* *INDENT-OFF* */
+ vec_foreach (engine, cm->engines)
+ if (engine->key_op_handler)
+ engine->key_op_handler (vm, VNET_CRYPTO_KEY_OP_DEL, index);
+ /* *INDENT-ON* */
+
+ clib_memset (key->data, 0, vec_len (key->data));
+ vec_free (key->data);
+ pool_put (cm->keys, key);
+}
+
+static void
+vnet_crypto_init_cipher_data (vnet_crypto_alg_t alg, vnet_crypto_op_id_t eid,
+ vnet_crypto_op_id_t did, char *name, u8 is_aead)
+{
+ vnet_crypto_op_type_t eopt, dopt;
+ vnet_crypto_main_t *cm = &crypto_main;
+ cm->algs[alg].name = name;
+ cm->opt_data[eid].alg = cm->opt_data[did].alg = alg;
+ cm->opt_data[eid].active_engine_index = ~0;
+ cm->opt_data[did].active_engine_index = ~0;
+ if (is_aead)
+ {
+ eopt = VNET_CRYPTO_OP_TYPE_AEAD_ENCRYPT;
+ dopt = VNET_CRYPTO_OP_TYPE_AEAD_DECRYPT;
+ }
+ else
+ {
+ eopt = VNET_CRYPTO_OP_TYPE_ENCRYPT;
+ dopt = VNET_CRYPTO_OP_TYPE_DECRYPT;
+ }
+ cm->opt_data[eid].type = eopt;
+ cm->opt_data[did].type = dopt;
+ cm->algs[alg].op_by_type[eopt] = eid;
+ cm->algs[alg].op_by_type[dopt] = did;
+ hash_set_mem (cm->alg_index_by_name, name, alg);
+}
+
+static void
+vnet_crypto_init_hmac_data (vnet_crypto_alg_t alg,
+ vnet_crypto_op_id_t id, char *name)
+{
+ vnet_crypto_main_t *cm = &crypto_main;
+ cm->algs[alg].name = name;
+ cm->algs[alg].op_by_type[VNET_CRYPTO_OP_TYPE_HMAC] = id;
+ cm->opt_data[id].alg = alg;
+ cm->opt_data[id].active_engine_index = ~0;
+ cm->opt_data[id].type = VNET_CRYPTO_OP_TYPE_HMAC;
+ hash_set_mem (cm->alg_index_by_name, name, alg);
+}
+