CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
esp_decrypt_trace_t * t = va_arg (*args, esp_decrypt_trace_t *);
- uword indent = format_get_indent (s);
+ u32 indent = format_get_indent (s);
s = format (s, "cipher %U auth %U\n",
format_ipsec_crypto_alg, t->crypto_alg,
if (sa_index0 != last_sa_index)
{
- last_sa_index = sa_index0;
-
sa0 = pool_elt_at_index (im->sad, sa_index0);
cipher_alg = vec_elt_at_index (dcm->cipher_algs, sa0->crypto_alg);
auth_alg = vec_elt_at_index (dcm->auth_algs, sa0->integ_alg);
-#if DPDK_NO_AEAD
- is_aead = (sa0->crypto_alg == IPSEC_CRYPTO_ALG_AES_GCM_128 |
- sa0->crypto_alg == IPSEC_CRYPTO_ALG_AES_GCM_192 |
- sa0->crypto_alg == IPSEC_CRYPTO_ALG_AES_GCM_256);
-#else
is_aead = (cipher_alg->type == RTE_CRYPTO_SYM_XFORM_AEAD);
-#endif
if (is_aead)
auth_alg = cipher_alg;
n_left_to_next -= 1;
goto trace;
}
+
+ last_sa_index = sa_index0;
}
/* anti-replay check */
u32 cipher_off, cipher_len;
u32 auth_len = 0, aad_size = 0;
- u8 *aad = NULL, *digest = NULL;
- u64 digest_paddr = 0;
+ u8 *aad = NULL;
u8 *iv = (u8 *) (esp0 + 1);
cipher_off = sizeof (esp_header_t) + iv_size;
cipher_len = payload_len;
- digest = vlib_buffer_get_tail (b0) - trunc_size;
+ u8 *digest = vlib_buffer_get_tail (b0) - trunc_size;
+ u64 digest_paddr =
+ mb0->buf_physaddr + digest - ((u8 *) mb0->buf_addr);
- if (cipher_alg->alg == RTE_CRYPTO_CIPHER_AES_CBC)
+ if (!is_aead && cipher_alg->alg == RTE_CRYPTO_CIPHER_AES_CBC)
clib_memcpy(icb, iv, 16);
else /* CTR/GCM */
{
u32 *_iv = (u32 *) iv;
crypto_set_icb (icb, sa0->salt, _iv[0], _iv[1]);
-#if DPDK_NO_AEAD
- iv_size = 16;
-#else
iv_size = 12;
-#endif
}
if (is_aead)
CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
esp_decrypt_trace_t * t = va_arg (*args, esp_decrypt_trace_t *);
- uword indent = format_get_indent (s);
+ u32 indent = format_get_indent (s);
s = format (s, "cipher %U auth %U\n",
format_ipsec_crypto_alg, t->crypto_alg,
cipher_alg = vec_elt_at_index (dcm->cipher_algs, sa0->crypto_alg);
auth_alg = vec_elt_at_index (dcm->auth_algs, sa0->integ_alg);
-#if DPDK_NO_AEAD
- is_aead = (sa0->crypto_alg == IPSEC_CRYPTO_ALG_AES_GCM_128 |
- sa0->crypto_alg == IPSEC_CRYPTO_ALG_AES_GCM_192 |
- sa0->crypto_alg == IPSEC_CRYPTO_ALG_AES_GCM_256);
-#else
is_aead = cipher_alg->type == RTE_CRYPTO_SYM_XFORM_AEAD;
-#endif
if (is_aead)
auth_alg = cipher_alg;