[dpdk-dev] [PATCH] ipsec-secgw: fix AES-CTR block size in legacy mode

Ananyev, Konstantin konstantin.ananyev at intel.com
Wed Mar 6 11:08:30 CET 2019

Previous message: [dpdk-dev] [PATCH] ipsec-secgw: fix AES-CTR block size in legacy mode
Next message: [dpdk-dev] [PATCH] ipsec-secgw: fix AES-CTR block size in legacy mode
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]


> -----Original Message-----
> From: Zhang, Roy Fan
> Sent: Tuesday, March 5, 2019 2:41 PM
> To: dev at dpdk.org
> Cc: akhil.goyal at nxp.com; Zhang, Roy Fan <roy.fan.zhang at intel.com>; Ananyev, Konstantin <konstantin.ananyev at intel.com>;
> stable at dpdk.org
> Subject: [PATCH] ipsec-secgw: fix AES-CTR block size in legacy mode
> 
> This patch fixes the incorrect block size for AES-CTR in
> legacy mode. Originally, wrong block size will cause
> esp_inbound() drop AES-CTR encrypted packets if the payload
> sizes not equal to multiple times of 16.
> 
> Fixes: 4470c22de2e1 ("examples/ipsec-secgw: add AES-CTR")
> Cc: stable at dpdk.org
> 
> Signed-off-by: Fan Zhang <roy.fan.zhang at intel.com>
> ---
>  examples/ipsec-secgw/sa.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c
> index 414fcd26c..93e3620bc 100644
> --- a/examples/ipsec-secgw/sa.c
> +++ b/examples/ipsec-secgw/sa.c
> @@ -80,7 +80,7 @@ const struct supported_cipher_algo cipher_algos[] = {
>  		.keyword = "aes-128-ctr",
>  		.algo = RTE_CRYPTO_CIPHER_AES_CTR,
>  		.iv_len = 8,
> -		.block_size = 16, /* XXX AESNI MB limition, should be 4 */
> +		.block_size = 4,
>  		.key_len = 20
>  	},
>  	{
> --

Acked-by: Konstantin Ananyev <konstantin.ananyev at intel.com>

> 2.14.5

Previous message: [dpdk-dev] [PATCH] ipsec-secgw: fix AES-CTR block size in legacy mode
Next message: [dpdk-dev] [PATCH] ipsec-secgw: fix AES-CTR block size in legacy mode
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list