ligang/vpp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ipsec: fix esn handling

Browse Source 
Change-Id: I27f24095309082363ba0d0ba4bd69e2c0741dc1c
Signed-off-by: Damjan Marion <damarion@cisco.com>
This commit is contained in:
Damjan Marion
2019-03-20 16:30:54 +01:00
committed by Florin Coras
parent 00a442068d
commit af73eda080
1 changed files with 5 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/vnet/ipsec/esp.h
View File

@@ -220,17 +220,13 @@ hmac_calc (vlib_main_t * vm, ipsec_sa_t * sa, u8 * data, int data_len,
op->len = data_len;
op->dst = signature;
op->hmac_trunc_len = sa->integ_trunc_size;
#if 0
HMAC_Init_ex (ctx, key, key_len, md, NULL);
if (sa->use_esn)
{
op->len += 4;
clib_memcpy (data + data_len, &sa->seq_hi, 4);
}
HMAC_Update (ctx, data, data_len);
if (PREDICT_TRUE (use_esn))
HMAC_Update (ctx, (u8 *) & seq_hi, sizeof (seq_hi));
HMAC_Final (ctx, signature, &len);
#endif
vnet_crypto_process_ops (vm, op, 1);
return sa->integ_trunc_size;
}