 |
API Reference Manual
1.46.0
|
|
API Reference Manual
1.46.0
|
IPSEC crypto parameters. More...
#include <ipsec_types.h>
Data Fields | |
| odp_cipher_alg_t | cipher_alg |
| Cipher algorithm. More... | |
| odp_crypto_key_t | cipher_key |
| Cipher key. | |
| odp_crypto_key_t | cipher_key_extra |
| Extra keying material for cipher algorithm. More... | |
| odp_auth_alg_t | auth_alg |
| Authentication algorithm. More... | |
| odp_crypto_key_t | auth_key |
| Authentication key. | |
| odp_crypto_key_t | auth_key_extra |
| Extra keying material for authentication algorithm. More... | |
| uint32_t | icv_len |
| Length of integrity check value (ICV) in bytes. More... | |
IPSEC crypto parameters.
Definition at line 521 of file api/spec/ipsec_types.h.
| odp_cipher_alg_t odp_ipsec_crypto_param_t::cipher_alg |
Cipher algorithm.
Select cipher algorithm to be used. ODP_CIPHER_ALG_NULL indicates that ciphering is disabled. See 'ciphers' field of odp_ipsec_capability_t for supported cipher algorithms. Algorithm descriptions can be found from odp_cipher_alg_t documentation. Note that some algorithms restrict choice of the pairing authentication algorithm. When ciphering is enabled, cipher key and potential extra key material (cipher_key_extra) need to be set. The default value is ODP_CIPHER_ALG_NULL.
Definition at line 533 of file api/spec/ipsec_types.h.
| odp_crypto_key_t odp_ipsec_crypto_param_t::cipher_key_extra |
Extra keying material for cipher algorithm.
Additional data used as salt or nonce if the algorithm requires it, other algorithms ignore this field. These algorithms require this field to be set:
Definition at line 548 of file api/spec/ipsec_types.h.
| odp_auth_alg_t odp_ipsec_crypto_param_t::auth_alg |
Authentication algorithm.
Select authentication algorithm to be used. ODP_AUTH_ALG_NULL indicates that authentication is disabled. See 'auths' field of odp_ipsec_capability_t for supported authentication algorithms. Algorithm descriptions can be found from odp_auth_alg_t documentation. Note that some algorithms restrict choice of the pairing cipher algorithm. When single algorithm provides both ciphering and authentication (i.e. Authenticated Encryption), authentication side key information ('auth_key' and 'auth_key_extra') is ignored, and cipher side values are used instead. These algorithms ignore authentication side key information: ODP_AUTH_ALG_AES_GCM, ODP_AUTH_ALG_AES_CCM and ODP_AUTH_ALG_CHACHA20_POLY1305. Otherwise, authentication side parameters must be set when authentication is enabled. The default value is ODP_AUTH_ALG_NULL.
Definition at line 567 of file api/spec/ipsec_types.h.
| odp_crypto_key_t odp_ipsec_crypto_param_t::auth_key_extra |
Extra keying material for authentication algorithm.
Additional data used as salt or nonce if the algorithm requires it, other algorithms ignore this field. These algorithms require this field to be set:
Definition at line 579 of file api/spec/ipsec_types.h.
| uint32_t odp_ipsec_crypto_param_t::icv_len |
Length of integrity check value (ICV) in bytes.
Some algorithms support multiple ICV lengths when used with IPsec. This field can be used to select a non-default ICV length.
Zero value indicates that the default ICV length shall be used. The default length depends on the selected algorithm as follows:
ODP_AUTH_ALG_NULL 0 ODP_AUTH_ALG_MD5_HMAC 12 ODP_AUTH_ALG_SHA1_HMAC 12 ODP_AUTH_ALG_SHA256_HMAC 16 ODP_AUTH_ALG_SHA384_HMAC 24 ODP_AUTH_ALG_SHA512_HMAC 32 ODP_AUTH_ALG_AES_GCM 16 8, 12 ODP_AUTH_ALG_AES_GMAC 16 ODP_AUTH_ALG_AES_CCM 16 8, 12 ODP_AUTH_ALG_AES_CMAC 12 ODP_AUTH_ALG_AES_XCBC_MAC 12 ODP_AUTH_ALG_CHACHA20_POLY1305 16
The requested ICV length must be supported for the selected algorithm as indicated by odp_ipsec_auth_capability().
The default value is 0.
Definition at line 610 of file api/spec/ipsec_types.h.
1.9.1