X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;f=examples%2Fipsec-secgw%2Fsa.c;h=d9dcc0e0687fcfe7b3c918c95281fb80e90c0593;hb=72b75134b89667baf4aaf4fcb516ab6bc2b1ebd7;hp=1ae4e2a9c507dcf4c87da62f92a14c0050319480;hpb=3998e2a07220844d3f3c17f76a781ced3efe0de0;p=dpdk.git

diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c
index 1ae4e2a9c5..d9dcc0e068 100644
--- a/examples/ipsec-secgw/sa.c
+++ b/examples/ipsec-secgw/sa.c
@@ -68,6 +68,13 @@ const struct supported_cipher_algo cipher_algos[] = {
 		.block_size = 16,
 		.key_len = 16
 	},
+	{
+		.keyword = "aes-256-cbc",
+		.algo = RTE_CRYPTO_CIPHER_AES_CBC,
+		.iv_len = 16,
+		.block_size = 16,
+		.key_len = 32
+	},
 	{
 		.keyword = "aes-128-ctr",
 		.algo = RTE_CRYPTO_CIPHER_AES_CTR,
@@ -240,6 +247,8 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
 	APP_CHECK_TOKEN_IS_NUM(tokens, 1, status);
 	if (status->status < 0)
 		return;
+	if (atoi(tokens[1]) == INVALID_SPI)
+		return;
 	rule->spi = atoi(tokens[1]);
 
 	for (ti = 2; ti < n_tokens; ti++) {
@@ -622,7 +631,8 @@ print_one_sa_rule(const struct ipsec_sa *sa, int inbound)
 	printf("\tspi_%s(%3u):", inbound?"in":"out", sa->spi);
 
 	for (i = 0; i < RTE_DIM(cipher_algos); i++) {
-		if (cipher_algos[i].algo == sa->cipher_algo) {
+		if (cipher_algos[i].algo == sa->cipher_algo &&
+				cipher_algos[i].key_len == sa->cipher_key_len) {
 			printf("%s ", cipher_algos[i].keyword);
 			break;
 		}