[dpdk-stable] [PATCH] ipsec-secgw: fix AES-CTR block size in legacy mode
Fan Zhang
roy.fan.zhang at intel.com
Tue Mar 5 15:40:41 CET 2019
This patch fixes the incorrect block size for AES-CTR in
legacy mode. Originally, wrong block size will cause
esp_inbound() drop AES-CTR encrypted packets if the payload
sizes not equal to multiple times of 16.
Fixes: 4470c22de2e1 ("examples/ipsec-secgw: add AES-CTR")
Cc: stable at dpdk.org
Signed-off-by: Fan Zhang <roy.fan.zhang at intel.com>
---
examples/ipsec-secgw/sa.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c
index 414fcd26c..93e3620bc 100644
--- a/examples/ipsec-secgw/sa.c
+++ b/examples/ipsec-secgw/sa.c
@@ -80,7 +80,7 @@ const struct supported_cipher_algo cipher_algos[] = {
.keyword = "aes-128-ctr",
.algo = RTE_CRYPTO_CIPHER_AES_CTR,
.iv_len = 8,
- .block_size = 16, /* XXX AESNI MB limition, should be 4 */
+ .block_size = 4,
.key_len = 20
},
{
--
2.14.5
More information about the stable
mailing list