This patch includeadds support for includingIPSec ESN (IPSec Extended Sequencee Numbers) in
Number) when using AES-NI crypto driver. Both encrypt,encrypt and authenticate mode (eg. authenticate andAES-CBC and SHA256) and combined mode
combined mode was implemented(eg. Added CRD_F_ESN to supported flags whereAES-GCM).
For the encrypt and authenticate mode the ESN is stored in separate
it was necessarycrp_esn buffer because the high-order 32 bits of the sequence number are
appended after the Next Header (RFC 4303).
For the combined modes the high-order 32 bits of the sequence number
[e.g. RFC 4106, Chapter 5 AAD Construction] are part of crp_aad
(prepared by netipsec layer in case of ESN support enabled), therefore
non visible diff around combined modes.