- if (flags & IPSEC_SA_FLAG_USE_EXTENDED_SEQ_NUM)
- sa->use_esn = 1;
- if (flags & IPSEC_SA_FLAG_USE_ANTI_REPLAY)
- sa->use_anti_replay = 1;
- if (flags & IPSEC_SA_FLAG_IS_TUNNEL)
- sa->is_tunnel = 1;
- if (flags & IPSEC_SA_FLAG_IS_TUNNEL_V6)
- sa->is_tunnel_ip6 = 1;
- if (flags & IPSEC_SA_FLAG_UDP_ENCAP)
- sa->udp_encap = 1;
+ sa->crypto_key_index = vnet_crypto_key_add (vm,
+ im->crypto_algs[crypto_alg].alg,
+ (u8 *) ck->data, ck->len);
+ if (~0 == sa->crypto_key_index)
+ {
+ pool_put (im->sad, sa);
+ return VNET_API_ERROR_KEY_LENGTH;
+ }
+
+ sa->integ_key_index = vnet_crypto_key_add (vm,
+ im->integ_algs[integ_alg].alg,
+ (u8 *) ik->data, ik->len);
+ if (~0 == sa->integ_key_index)
+ {
+ pool_put (im->sad, sa);
+ return VNET_API_ERROR_KEY_LENGTH;
+ }