#define OTX2_IPSEC_PO_INB_RPTR_HDR 0x8
+enum otx2_ipsec_po_mode_type {
+ OTX2_IPSEC_PO_TRANSPORT = 1,
+ OTX2_IPSEC_PO_TUNNEL_IPV4,
+ OTX2_IPSEC_PO_TUNNEL_IPV6,
+};
+
enum otx2_ipsec_po_comp_e {
OTX2_IPSEC_PO_CC_SUCCESS = 0x00,
OTX2_IPSEC_PO_CC_AUTH_UNSUPPORTED = 0xB0,
/* w8 */
uint8_t udp_encap[8];
- /* w9-w23 */
- struct {
- uint8_t hmac_key[48];
- struct otx2_ipsec_po_traffic_selector selector;
- } aes_gcm;
+ /* w9-w33 */
+ union {
+ struct {
+ uint8_t hmac_key[48];
+ struct otx2_ipsec_po_traffic_selector selector;
+ } aes_gcm;
+ struct {
+ uint8_t hmac_key[64];
+ uint8_t hmac_iv[64];
+ struct otx2_ipsec_po_traffic_selector selector;
+ } sha2;
+ };
union {
struct otx2_ipsec_replay *replay;
uint64_t replay64;
/* w8-w55 */
union {
- uint8_t raw[384];
struct {
struct otx2_ipsec_po_ip_template template;
} aes_gcm;
uint8_t unused[24];
struct otx2_ipsec_po_ip_template template;
} sha1;
+ struct {
+ uint8_t hmac_key[64];
+ uint8_t hmac_iv[64];
+ struct otx2_ipsec_po_ip_template template;
+ } sha2;
};
};
if (xform->auth.algo == RTE_CRYPTO_AUTH_SHA1_HMAC) {
if (keylen >= 20 && keylen <= 64)
return 0;
+ } else if (xform->auth.algo == RTE_CRYPTO_AUTH_SHA256_HMAC) {
+ if (keylen >= 32 && keylen <= 64)
+ return 0;
}
return -ENOTSUP;