+@@ -344,7 +344,8 @@ class CryptAlgo(object):
+ encryptor = cipher.encryptor()
+
+ if self.is_aead:
+- aad = struct.pack('!LL', esp.spi, esp.seq)
++ aad = struct.pack('!LQ' if sa.use_esn else '!LL',
++ esp.spi, esp.seq)
+ encryptor.authenticate_additional_data(aad)
+ data = encryptor.update(data) + encryptor.finalize()
+ data += encryptor.tag[:self.icv_size]
+@@ -381,9 +382,9 @@ class CryptAlgo(object):
+ if self.is_aead:
+ # Tag value check is done during the finalize method
+ decryptor.authenticate_additional_data(
+- struct.pack('!LL', esp.spi, esp.seq)
++ struct.pack('!LQ' if sa.use_esn else '!LL',
++ esp.spi, esp.seq)
+ )
+-
+ try:
+ data = decryptor.update(data) + decryptor.finalize()
+ except InvalidTag as err:
+@@ -518,12 +519,16 @@ class AuthAlgo(object):