From patchwork Thu Oct 19 18:53:03 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Aviad Yehezkel X-Patchwork-Id: 30611 X-Patchwork-Delegate: pablo.de.lara.guarch@intel.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id DBD5F1B2BF; Thu, 19 Oct 2017 20:53:16 +0200 (CEST) Received: from mellanox.co.il (mail-il-dmz.mellanox.com [193.47.165.129]) by dpdk.org (Postfix) with ESMTP id 5B1B01B2AD for ; Thu, 19 Oct 2017 20:53:09 +0200 (CEST) Received: from Internal Mail-Server by MTLPINE1 (envelope-from aviadye@dev.mellanox.co.il) with ESMTPS (AES256-SHA encrypted); 19 Oct 2017 20:53:04 +0200 Received: from l-vmw-rdcore-205.mtl.labs.mlnx (l-vmw-rdcore-205.mtl.labs.mlnx [10.7.66.205]) by labmailer.mlnx (8.13.8/8.13.8) with ESMTP id v9JIr4kU013294; Thu, 19 Oct 2017 21:53:04 +0300 From: aviadye@dev.mellanox.co.il To: dev@dpdk.org, sergio.gonzalez.monroy@intel.com, pablo.de.lara.guarch@intel.com, aviadye@mellanox.com Cc: borisp@mellanox.com, akhil.goyal@nxp.com, hemant.agrawal@nxp.com, radu.nicolau@intel.com, declan.doherty@intel.com, aviadye@dev.mellanox.co.il, liranl@mellanox.com, nelio.laranjeiro@6wind.com, thomas@monjalon.net Date: Thu, 19 Oct 2017 21:53:03 +0300 Message-Id: <1508439184-17893-5-git-send-email-aviadye@dev.mellanox.co.il> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1508439184-17893-1-git-send-email-aviadye@dev.mellanox.co.il> References: <1507987683-12315-1-git-send-email-aviadye@dev.mellanox.co.il> <1508439184-17893-1-git-send-email-aviadye@dev.mellanox.co.il> Subject: [dpdk-dev] [PATCH v2 5/6] examples/ipsec-secgw: iv should be be64 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" From: Aviad Yehezkel According to rfc4106 the IV should be unique and can be implemented as counter. The changed was created because putting an analyzer on wire and comparing packets generated by this application and Linux kernel. Linux kernel sets IV as BE, so it is worth to do the same for future debug / comparison. Issue: None Signed-off-by: Aviad Yehezkel Acked-by: Radu Nicolau --- v2: * Fix commit message --- examples/ipsec-secgw/esp.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/examples/ipsec-secgw/esp.c b/examples/ipsec-secgw/esp.c index 6215ad4..de55c35 100644 --- a/examples/ipsec-secgw/esp.c +++ b/examples/ipsec-secgw/esp.c @@ -336,7 +336,7 @@ esp_outbound(struct rte_mbuf *m, struct ipsec_sa *sa, if (sa->aead_algo == RTE_CRYPTO_AEAD_AES_GCM) { uint8_t *aad; - *iv = sa->seq; + *iv = rte_cpu_to_be_64(sa->seq); sym_cop->aead.data.offset = ip_hdr_len + sizeof(struct esp_hdr) + sa->iv_len; sym_cop->aead.data.length = pad_payload_len; @@ -349,7 +349,7 @@ esp_outbound(struct rte_mbuf *m, struct ipsec_sa *sa, struct cnt_blk *icb = get_cnt_blk(m); icb->salt = sa->salt; - icb->iv = sa->seq; + icb->iv = rte_cpu_to_be_64(sa->seq); icb->cnt = rte_cpu_to_be_32(1); aad = get_aad(m); @@ -372,7 +372,7 @@ esp_outbound(struct rte_mbuf *m, struct ipsec_sa *sa, sym_cop->cipher.data.length = pad_payload_len + sa->iv_len; break; case RTE_CRYPTO_CIPHER_AES_CTR: - *iv = sa->seq; + *iv = rte_cpu_to_be_64(sa->seq); sym_cop->cipher.data.offset = ip_hdr_len + sizeof(struct esp_hdr) + sa->iv_len; sym_cop->cipher.data.length = pad_payload_len; @@ -391,7 +391,7 @@ esp_outbound(struct rte_mbuf *m, struct ipsec_sa *sa, struct cnt_blk *icb = get_cnt_blk(m); icb->salt = sa->salt; - icb->iv = sa->seq; + icb->iv = rte_cpu_to_be_64(sa->seq); icb->cnt = rte_cpu_to_be_32(1); switch (sa->auth_algo) {