cryptodev: remove AAD length from crypto op

[dpdk.git] / examples / ipsec-secgw / esp.c

diff --git a/examples/ipsec-secgw/esp.c b/examples/ipsec-secgw/esp.c
index 9715ea9..a5f43a2 100644 (file)
--- a/examples/ipsec-secgw/esp.c
+++ b/examples/ipsec-secgw/esp.c
@@ -1,7 +1,7 @@
 /*-
  *   BSD LICENSE
  *
- *   Copyright(c) 2016 Intel Corporation. All rights reserved.
+ *   Copyright(c) 2016-2017 Intel Corporation. All rights reserved.
  *   All rights reserved.
  *
  *   Redistribution and use in source and binary forms, with or without
@@ -93,14 +93,14 @@ esp_inbound(struct rte_mbuf *m, struct ipsec_sa *sa,
        struct cnt_blk *icb;
        uint8_t *aad;
        uint8_t *iv = RTE_PTR_ADD(ip4, ip_hdr_len + sizeof(struct esp_hdr));
+       uint8_t *iv_ptr = rte_crypto_op_ctod_offset(cop,
+                               uint8_t *, IV_OFFSET);
 
        switch (sa->cipher_algo) {
        case RTE_CRYPTO_CIPHER_NULL:
        case RTE_CRYPTO_CIPHER_AES_CBC:
-               sym_cop->cipher.iv.data = iv;
-               sym_cop->cipher.iv.phys_addr = rte_pktmbuf_mtophys_offset(m,
-                                ip_hdr_len + sizeof(struct esp_hdr));
-               sym_cop->cipher.iv.length = sa->iv_len;
+               /* Copy IV at the end of crypto operation */
+               rte_memcpy(iv_ptr, iv, sa->iv_len);
                break;
        case RTE_CRYPTO_CIPHER_AES_CTR:
        case RTE_CRYPTO_CIPHER_AES_GCM:
@@ -108,10 +108,6 @@ esp_inbound(struct rte_mbuf *m, struct ipsec_sa *sa,
                icb->salt = sa->salt;
                memcpy(&icb->iv, iv, 8);
                icb->cnt = rte_cpu_to_be_32(1);
-               sym_cop->cipher.iv.data = (uint8_t *)icb;
-               sym_cop->cipher.iv.phys_addr = rte_pktmbuf_mtophys_offset(m,
-                        (uint8_t *)icb - rte_pktmbuf_mtod(m, uint8_t *));
-               sym_cop->cipher.iv.length = 16;
                break;
        default:
                RTE_LOG(ERR, IPSEC_ESP, "unsupported cipher algorithm %u\n",
@@ -122,6 +118,7 @@ esp_inbound(struct rte_mbuf *m, struct ipsec_sa *sa,
        switch (sa->auth_algo) {
        case RTE_CRYPTO_AUTH_NULL:
        case RTE_CRYPTO_AUTH_SHA1_HMAC:
+       case RTE_CRYPTO_AUTH_SHA256_HMAC:
                sym_cop->auth.data.offset = ip_hdr_len;
                sym_cop->auth.data.length = sizeof(struct esp_hdr) +
                        sa->iv_len + payload_len;
@@ -132,7 +129,6 @@ esp_inbound(struct rte_mbuf *m, struct ipsec_sa *sa,
                sym_cop->auth.aad.data = aad;
                sym_cop->auth.aad.phys_addr = rte_pktmbuf_mtophys_offset(m,
                                aad - rte_pktmbuf_mtod(m, uint8_t *));
-               sym_cop->auth.aad.length = 8;
                break;
        default:
                RTE_LOG(ERR, IPSEC_ESP, "unsupported auth algorithm %u\n",
@@ -344,16 +340,13 @@ esp_outbound(struct rte_mbuf *m, struct ipsec_sa *sa,
        icb->salt = sa->salt;
        icb->iv = sa->seq;
        icb->cnt = rte_cpu_to_be_32(1);
-       sym_cop->cipher.iv.data = (uint8_t *)icb;
-       sym_cop->cipher.iv.phys_addr = rte_pktmbuf_mtophys_offset(m,
-                        (uint8_t *)icb - rte_pktmbuf_mtod(m, uint8_t *));
-       sym_cop->cipher.iv.length = 16;
 
        uint8_t *aad;
 
        switch (sa->auth_algo) {
        case RTE_CRYPTO_AUTH_NULL:
        case RTE_CRYPTO_AUTH_SHA1_HMAC:
+       case RTE_CRYPTO_AUTH_SHA256_HMAC:
                sym_cop->auth.data.offset = ip_hdr_len;
                sym_cop->auth.data.length = sizeof(struct esp_hdr) +
                        sa->iv_len + pad_payload_len;
@@ -364,7 +357,6 @@ esp_outbound(struct rte_mbuf *m, struct ipsec_sa *sa,
                sym_cop->auth.aad.data = aad;
                sym_cop->auth.aad.phys_addr = rte_pktmbuf_mtophys_offset(m,
                                aad - rte_pktmbuf_mtod(m, uint8_t *));
-               sym_cop->auth.aad.length = 8;
                break;
        default:
                RTE_LOG(ERR, IPSEC_ESP, "unsupported auth algorithm %u\n",