12 #include <odp/helper/ipsec.h>
14 #include <odp_ipsec_cache.h>
17 ipsec_cache_t *ipsec_cache;
19 void init_ipsec_cache(
void)
25 sizeof(ipsec_cache_t),
29 ODPH_ERR(
"Error: shared mem alloc failed.\n");
35 if (ipsec_cache == NULL) {
36 ODPH_ERR(
"Error: shared mem alloc failed.\n");
39 memset(ipsec_cache, 0,
sizeof(*ipsec_cache));
41 for (i = 0; i < MAX_DB; i++)
42 ipsec_cache->array[i].state.session =
46 int create_ipsec_cache_entry(sa_db_entry_t *cipher_sa,
47 sa_db_entry_t *auth_sa,
49 crypto_api_mode_e api_mode,
54 ipsec_cache_entry_t *entry;
57 sa_mode_t mode = IPSEC_SA_MODE_TRANSPORT;
60 entry = &ipsec_cache->array[ipsec_cache->index];
61 if (MAX_DB <= ipsec_cache->index)
65 if (cipher_sa && auth_sa &&
66 (cipher_sa->mode != auth_sa->mode))
75 if (CRYPTO_API_SYNC == api_mode) {
93 mode = cipher_sa->mode;
94 if (cipher_sa->flags & BIT_MODE_CIPHER)
95 entry->sa_flags |= BIT_MODE_CIPHER;
103 params.
auth_alg = auth_sa->alg.u.auth;
107 mode = auth_sa->mode;
109 if (auth_sa->flags & BIT_MODE_AUTH)
110 entry->sa_flags |= BIT_MODE_AUTH;
123 entry->src_ip = cipher_sa->src_ip;
124 entry->dst_ip = cipher_sa->dst_ip;
125 entry->esp.alg = cipher_sa->alg.u.cipher;
126 entry->esp.spi = cipher_sa->spi;
127 entry->esp.block_len = cipher_sa->block_len;
128 entry->esp.iv_len = cipher_sa->iv_len;
129 memcpy(&entry->esp.key, &cipher_sa->key,
sizeof(ipsec_key_t));
132 entry->src_ip = auth_sa->src_ip;
133 entry->dst_ip = auth_sa->dst_ip;
134 entry->ah.alg = auth_sa->alg.u.auth;
135 entry->ah.spi = auth_sa->spi;
136 entry->ah.icv_len = auth_sa->icv_len;
137 memcpy(&entry->ah.key, &auth_sa->key,
sizeof(ipsec_key_t));
141 entry->tun_src_ip = tun->tun_src_ip;
142 entry->tun_dst_ip = tun->tun_dst_ip;
143 mode = IPSEC_SA_MODE_TUNNEL;
150 &entry->state.tun_hdr_id,
151 sizeof(entry->state.tun_hdr_id),
153 if (ret !=
sizeof(entry->state.tun_hdr_id))
160 entry->state.esp_seq = 0;
161 entry->state.ah_seq = 0;
162 entry->state.session = session;
165 ipsec_cache->index++;
167 entry->next = ipsec_cache->in_list;
168 ipsec_cache->in_list = entry;
170 entry->next = ipsec_cache->out_list;
171 ipsec_cache->out_list = entry;
177 ipsec_cache_entry_t *find_ipsec_cache_entry_in(uint32_t src_ip,
182 ipsec_cache_entry_t *entry = ipsec_cache->in_list;
185 for (; NULL != entry; entry = entry->next) {
186 if ((entry->src_ip != src_ip) || (entry->dst_ip != dst_ip))
187 if ((entry->tun_src_ip != src_ip) ||
188 (entry->tun_dst_ip != dst_ip))
195 ((!entry->esp.alg) ||
204 ipsec_cache_entry_t *find_ipsec_cache_entry_out(uint32_t src_ip,
208 ipsec_cache_entry_t *entry = ipsec_cache->out_list;
211 for (; NULL != entry; entry = entry->next) {
212 if ((entry->src_ip == src_ip) && (entry->dst_ip == dst_ip))
218 int destroy_ipsec_cache(
void)
220 ipsec_cache_entry_t *entry;
224 for (i = 0; i < MAX_DB; i++) {
225 entry = &ipsec_cache->array[i];
#define ODP_UNUSED
Intentionally unused variables of functions.
uint32_t odp_be_to_cpu_32(odp_u32be_t be32)
Convert 32bit big endian to cpu native uint32_t.
void odp_crypto_session_param_init(odp_crypto_session_param_t *param)
Initialize crypto session parameters.
uint64_t odp_crypto_session_t
Crypto API opaque session handle.
int odp_crypto_session_create(const odp_crypto_session_param_t *param, odp_crypto_session_t *session, odp_crypto_ses_create_err_t *status)
Crypto session creation.
#define ODP_CRYPTO_SESSION_INVALID
Invalid session handle.
int odp_crypto_session_destroy(odp_crypto_session_t session)
Crypto session destroy.
odp_crypto_ses_create_err_t
Crypto API session creation return code.
@ ODP_CIPHER_ALG_NULL
No cipher algorithm specified.
@ ODP_CRYPTO_OP_TYPE_BASIC
Input packet data and metadata are copied to the output packet and then processed.
@ ODP_AUTH_ALG_NULL
No authentication algorithm specified.
@ ODP_CRYPTO_SES_ERR_NONE
Session created.
@ ODP_CRYPTO_OP_ENCODE
Encrypt and/or compute authentication ICV.
@ ODP_CRYPTO_OP_DECODE
Decrypt and/or verify authentication ICV.
@ ODP_CRYPTO_SYNC
Synchronous, return results immediately.
@ ODP_CRYPTO_ASYNC
Asynchronous, return results via posted event.
#define ODP_QUEUE_INVALID
Invalid queue.
int32_t odp_random_data(uint8_t *buf, uint32_t len, odp_random_kind_t kind)
Generate random byte data.
#define ODP_SHM_INVALID
Invalid shared memory block.
void * odp_shm_addr(odp_shm_t shm)
Shared memory block address.
odp_shm_t odp_shm_reserve(const char *name, uint64_t size, uint64_t align, uint32_t flags)
Reserve a contiguous block of shared memory.
bool odp_bool_t
Boolean type.
uint32_t length
Key length in bytes.
Crypto API session creation parameters.
odp_bool_t auth_cipher_text
Authenticate cipher vs.
odp_crypto_key_t auth_key
Authentication key.
odp_crypto_op_type_t op_type
Crypto operation type.
odp_crypto_key_t cipher_key
Cipher key.
odp_queue_t compl_queue
Async mode completion event queue.
uint32_t cipher_iv_len
Cipher IV length.
odp_bool_t hash_result_in_auth_range
Hash result location may overlap authentication range.
uint32_t auth_digest_len
Authentication digest length in bytes.
odp_auth_alg_t auth_alg
Authentication algorithm.
odp_crypto_op_mode_t op_mode
Operation mode when using packet interface: sync or async.
odp_cipher_alg_t cipher_alg
Cipher algorithm.
odp_crypto_op_t op
Encode vs.
1.9.1