From: Shihong Wang <shihong.w...@corigine.com>

The SA salt of struct ipsec_sa is a CPU-endian u32 variable, but it’s
value is stored in an array of encryption or authentication keys
according to big-endian. So it maybe need to convert the endianness
order to ensure that the value assigned to the SA salt is CPU-endian.

Fixes: 50d75cae2a2c ("examples/ipsec-secgw: initialize SA salt")
Fixes: 9413c3901f31 ("examples/ipsec-secgw: support additional algorithms")
Fixes: 501e9c226adf ("examples/ipsec-secgw: add AEAD parameters")
Cc: sta...@dpdk.org

Signed-off-by: Shihong Wang <shihong.w...@corigine.com>
Reviewed-by: Chaoyong He <chaoyong...@corigine.com>
---
 examples/ipsec-secgw/sa.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c
index c4bac17cd7..4018b0558a 100644
--- a/examples/ipsec-secgw/sa.c
+++ b/examples/ipsec-secgw/sa.c
@@ -374,6 +374,7 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
        uint32_t ti; /*token index*/
        uint32_t *ri /*rule index*/;
        struct ipsec_sa_cnt *sa_cnt;
+       rte_be32_t salt; /*big-endian salt*/
        uint32_t cipher_algo_p = 0;
        uint32_t auth_algo_p = 0;
        uint32_t aead_algo_p = 0;
@@ -508,8 +509,9 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
                        if (algo->algo == RTE_CRYPTO_CIPHER_AES_CTR) {
                                key_len -= 4;
                                rule->cipher_key_len = key_len;
-                               memcpy(&rule->salt,
+                               memcpy(&salt,
                                        &rule->cipher_key[key_len], 4);
+                               rule->salt = rte_be_to_cpu_32(salt);
                        }
 
                        cipher_algo_p = 1;
@@ -573,8 +575,9 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
                                key_len -= 4;
                                rule->auth_key_len = key_len;
                                rule->iv_len = algo->iv_len;
-                               memcpy(&rule->salt,
+                               memcpy(&salt,
                                        &rule->auth_key[key_len], 4);
+                               rule->salt = rte_be_to_cpu_32(salt);
                        }
 
                        auth_algo_p = 1;
@@ -632,8 +635,9 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
 
                        key_len -= 4;
                        rule->cipher_key_len = key_len;
-                       memcpy(&rule->salt,
+                       memcpy(&salt,
                                &rule->cipher_key[key_len], 4);
+                       rule->salt = rte_be_to_cpu_32(salt);
 
                        aead_algo_p = 1;
                        continue;
-- 
2.39.1

Reply via email to