]> git.droids-corp.org - dpdk.git/commit
git.droids-corp.org / dpdk.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4ab82fe) | patch
examples/ipsec-secgw: change CBC IV generation
authorSergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
Thu, 29 Sep 2016 15:44:07 +0000 (16:44 +0100)
committerPablo de Lara <pablo.de.lara.guarch@intel.com>
Sat, 8 Oct 2016 15:54:38 +0000 (17:54 +0200)
commitcef50fc6f1e2e3fe165793fdd8e1fcc113ac411c
tree4e11e5f24276a53fb6c97d59de84f5f0517d4945tree | snapshot
parent4ab82fec1335e577ce20bb944772e7fa7d30a522commit | diff
examples/ipsec-secgw: change CBC IV generation

NIST SP800-38A recommends two methods to generate unpredictable IVs
(Initilisation Vector) for CBC mode:
1) Apply the forward function to a nonce (ie. counter)
2) Use a FIPS-approved random number generator

This patch implements the first recommended method by using the forward
function to generate the IV.

Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
doc/guides/rel_notes/release_16_11.rst diff | blob | history
examples/ipsec-secgw/esp.c diff | blob | history
examples/ipsec-secgw/ipsec.h diff | blob | history
DPDK repo used for reviews