diff mbox series

examples/ipsec-secgw: set AES-CTR IV length to 16

Message ID 20221215035805.1777924-1-ktejasree@marvell.com (mailing list archive)
State Superseded, archived
Delegated to: Thomas Monjalon
Headers
Series examples/ipsec-secgw: set AES-CTR IV length to 16 |

Checks

Context Check Description
ci/checkpatch success coding style OK
ci/loongarch-compilation warning apply patch failure
ci/Intel-compilation warning apply issues
ci/iol-testing warning apply patch failure

Commit Message

Tejasree Kondoj Dec. 15, 2022, 3:58 a.m. UTC 
  Set AES-CTR IV length as 16 instead of taking from
SA config option since the application populates
16B IV in the datapath. AES-CTR requires 16B IV
constructed from nonce and counter.

Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
---
 examples/ipsec-secgw/sa.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)
diff mbox series

Patch

diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c
index 024831c177..cee29008ba 100644
--- a/examples/ipsec-secgw/sa.c
+++ b/examples/ipsec-secgw/sa.c
@@ -1319,9 +1319,14 @@  sa_add_rules(struct sa_ctx *sa_ctx, const struct ipsec_sa entries[],
 			case RTE_CRYPTO_CIPHER_NULL:
 			case RTE_CRYPTO_CIPHER_3DES_CBC:
 			case RTE_CRYPTO_CIPHER_AES_CBC:
-			case RTE_CRYPTO_CIPHER_AES_CTR:
 				iv_length = sa->iv_len;
 				break;
+			case RTE_CRYPTO_CIPHER_AES_CTR:
+				/* Length includes 8B per packet IV, 4B nonce and
+				 * 4B counter as populated in datapath.
+				 */
+				iv_length = 16;
+				break;
 			default:
 				RTE_LOG(ERR, IPSEC_ESP,
 						"unsupported cipher algorithm %u\n",