X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=src%2Fvnet%2Fipsec%2Fipsec.h;h=d40767001b8a4b846d30fe1f99e66eae80ddea58;hb=refs%2Fchanges%2F00%2F15900%2F7;hp=ced71194f396541a0453f4e090a7bd1239326e88;hpb=555ea9a105bd0681e3b94c77cf8d9cfe22be03a9;p=vpp.git

diff --git a/src/vnet/ipsec/ipsec.h b/src/vnet/ipsec/ipsec.h
index ced71194f39..d40767001b8 100644
--- a/src/vnet/ipsec/ipsec.h
+++ b/src/vnet/ipsec/ipsec.h
@@ -18,6 +18,13 @@
 #include <vnet/ip/ip.h>
 #include <vnet/feature/feature.h>
 
+#include <openssl/hmac.h>
+#include <openssl/rand.h>
+#include <openssl/evp.h>
+
+#include <vppinfra/types.h>
+#include <vppinfra/cache.h>
+
 #define IPSEC_FLAG_IPSEC_GRE_TUNNEL (1 << 0)
 
 #define foreach_ipsec_output_next  \
@@ -290,6 +297,53 @@ typedef struct
   u32 esp6_decrypt_next_index;
 } ipsec_esp_backend_t;
 
+typedef struct
+{
+  const EVP_CIPHER *type;
+  u8 iv_size;
+  u8 block_size;
+} ipsec_proto_main_crypto_alg_t;
+
+typedef struct
+{
+  const EVP_MD *md;
+  u8 trunc_size;
+} ipsec_proto_main_integ_alg_t;
+
+typedef struct
+{
+  CLIB_CACHE_LINE_ALIGN_MARK (cacheline0);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+  EVP_CIPHER_CTX *encrypt_ctx;
+#else
+  EVP_CIPHER_CTX encrypt_ctx;
+#endif
+    CLIB_CACHE_LINE_ALIGN_MARK (cacheline1);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+  EVP_CIPHER_CTX *decrypt_ctx;
+#else
+  EVP_CIPHER_CTX decrypt_ctx;
+#endif
+    CLIB_CACHE_LINE_ALIGN_MARK (cacheline2);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+  HMAC_CTX *hmac_ctx;
+#else
+  HMAC_CTX hmac_ctx;
+#endif
+  ipsec_crypto_alg_t last_encrypt_alg;
+  ipsec_crypto_alg_t last_decrypt_alg;
+  ipsec_integ_alg_t last_integ_alg;
+} ipsec_proto_main_per_thread_data_t;
+
+typedef struct
+{
+  ipsec_proto_main_crypto_alg_t *ipsec_proto_main_crypto_algs;
+  ipsec_proto_main_integ_alg_t *ipsec_proto_main_integ_algs;
+  ipsec_proto_main_per_thread_data_t *per_thread_data;
+} ipsec_proto_main_t;
+
+extern ipsec_proto_main_t ipsec_proto_main;
+
 typedef struct
 {
   /* pool of tunnel instances */