dpdk: ipsec gcm fixes

- Fix AAD initialization. With use-esn the aad data consists of the SPI
and the 64-bit sequence number in big-endian order. Fix the u32 swapped
code.

- Remove salt-reinitialization. The GCM code seems inspired by the GCM
RFCs recommendations on IKE keydata and how to produce a salt
value (create an extra 4 octets of keying material). This is not IKE
code though and the SA already holds the configured salt value which
this code is blowing away. Use the configured value instead.

Type: fix

Change-Id: I5e75518aa7c1d91037bb24b2a40fe4fc90bdfdb0
Signed-off-by: Christian Hopps <chopps@labn.net>

src/plugins/dpdk/ipsec/esp_decrypt.c

@@ -330,7 +330,10 @@ dpdk_esp_decrypt_inline (vlib_main_t * vm,
 
 	      /* _aad[3] should always be 0 */
 	      if (PREDICT_FALSE (ipsec_sa_is_set_USE_ESN (sa0)))
-		_aad[2] = clib_host_to_net_u32 (sa0->seq_hi);
+		{
+		  _aad[2] = _aad[1];
+		  _aad[1] = clib_host_to_net_u32 (sa0->seq_hi);
+		}
 	      else
 		_aad[2] = 0;
 	    }

src/plugins/dpdk/ipsec/esp_encrypt.c

@@ -530,14 +530,19 @@ dpdk_esp_encrypt_inline (vlib_main_t * vm,
 	  if (is_aead)
 	    {
 	      aad = (u32 *) priv->aad;
-	      aad[0] = clib_host_to_net_u32 (sa0->spi);
-	      aad[1] = clib_host_to_net_u32 (sa0->seq);
+	      aad[0] = esp0->spi;
 
 	      /* aad[3] should always be 0 */
 	      if (PREDICT_FALSE (ipsec_sa_is_set_USE_ESN (sa0)))
-		aad[2] = clib_host_to_net_u32 (sa0->seq_hi);
+		{
+		  aad[1] = clib_host_to_net_u32 (sa0->seq_hi);
+		  aad[2] = esp0->seq;
+		}
 	      else
-		aad[2] = 0;
+		{
+		  aad[1] = esp0->seq;
+		  aad[2] = 0;
+		}
 	    }
 	  else
 	    {

src/plugins/dpdk/ipsec/ipsec.c

@@ -494,7 +494,6 @@ dpdk_crypto_session_disposal (crypto_session_disposal_t * v, u64 ts)
 static clib_error_t *
 add_del_sa_session (u32 sa_index, u8 is_add)
 {
-  ipsec_main_t *im = &ipsec_main;
   dpdk_crypto_main_t *dcm = &dpdk_crypto_main;
   crypto_data_t *data;
   struct rte_cryptodev_sym_session *s;
@@ -502,25 +501,7 @@ add_del_sa_session (u32 sa_index, u8 is_add)
   u32 drv_id;
 
   if (is_add)
-    {
-#if 1
-      ipsec_sa_t *sa = pool_elt_at_index (im->sad, sa_index);
-      u32 seed;
-      switch (sa->crypto_alg)
-	{
-	case IPSEC_CRYPTO_ALG_AES_GCM_128:
-	case IPSEC_CRYPTO_ALG_AES_GCM_192:
-	case IPSEC_CRYPTO_ALG_AES_GCM_256:
-	  clib_memcpy (&sa->salt,
-		       &sa->crypto_key.data[sa->crypto_key.len - 4], 4);
-	  break;
-	default:
-	  seed = (u32) clib_cpu_time_now ();
-	  sa->salt = random_u32 (&seed);
-	}
-#endif
-      return 0;
-    }
+    return 0;
 
   /* *INDENT-OFF* */
   vec_foreach (data, dcm->data)