- if (flags & IPSEC_SA_FLAG_USE_ESN)
- ipsec_sa_set_USE_ESN (sa);
- if (flags & IPSEC_SA_FLAG_USE_ANTI_REPLAY)
- ipsec_sa_set_USE_ANTI_REPLAY (sa);
- if (flags & IPSEC_SA_FLAG_IS_TUNNEL)
- ipsec_sa_set_IS_TUNNEL (sa);
- if (flags & IPSEC_SA_FLAG_IS_TUNNEL_V6)
- ipsec_sa_set_IS_TUNNEL_V6 (sa);
- if (flags & IPSEC_SA_FLAG_UDP_ENCAP)
- ipsec_sa_set_UDP_ENCAP (sa);
+ sa->crypto_key_index = vnet_crypto_key_add (vm,
+ im->crypto_algs[crypto_alg].alg,
+ (u8 *) ck->data, ck->len);
+ if (~0 == sa->crypto_key_index)
+ {
+ pool_put (im->sad, sa);
+ return VNET_API_ERROR_KEY_LENGTH;
+ }
+
+ sa->integ_key_index = vnet_crypto_key_add (vm,
+ im->integ_algs[integ_alg].alg,
+ (u8 *) ik->data, ik->len);
+ if (~0 == sa->integ_key_index)
+ {
+ pool_put (im->sad, sa);
+ return VNET_API_ERROR_KEY_LENGTH;
+ }