[Feature]Upload Modem source code
Change-Id: Id4294f30faced84d3e6fd6d5e61e1111bf287a37
diff --git a/mcu/interface/service/ipsec/ipsec_atp_msg.h b/mcu/interface/service/ipsec/ipsec_atp_msg.h
new file mode 100644
index 0000000..bba7764
--- /dev/null
+++ b/mcu/interface/service/ipsec/ipsec_atp_msg.h
@@ -0,0 +1,73 @@
+#ifndef IPSEC_ATP_MSG_H
+#define IPSEC_ATP_MSG_H
+
+#include "ipsec_common_interface.h"
+
+/* MSG_ID_IPSEC_ATP_SPI_ALLOC_REQ */
+typedef struct {
+ LOCAL_PARA_HDR
+
+ kal_uint32 trans_id;
+ kal_uint32 min_spi;
+ kal_uint32 max_spi;
+ kal_uint8 src_addr[MAX_IP_ADDR_SIZE];
+ kal_uint8 dst_addr[MAX_IP_ADDR_SIZE];
+ ipsec_addr_family_enum addr_family;
+ ipsec_proto_enum ipsec_proto;
+ ipsec_mode_enum ipsec_mode;
+} ipsec_atp_spi_alloc_req_struct;
+
+/* MSG_ID_IPSEC_ATP_SPI_ALLOC_CNF */
+typedef struct {
+ LOCAL_PARA_HDR
+
+ kal_uint32 trans_id;
+ kal_uint32 spi;
+ ipsec_status_enum status;
+} ipsec_atp_spi_alloc_cnf_struct;
+
+ /* MSG_ID_IPSEC_ATP_SPI_FREE_REQ */
+typedef struct {
+ LOCAL_PARA_HDR
+
+ kal_uint32 trans_id;
+ kal_uint32 spi;
+ kal_uint8 src_addr[MAX_IP_ADDR_SIZE];
+ kal_uint8 dst_addr[MAX_IP_ADDR_SIZE];
+ ipsec_addr_family_enum addr_family;
+ ipsec_proto_enum ipsec_proto;
+} ipsec_atp_spi_free_req_struct;
+
+ /* MSG_ID_IPSEC_ATP_MULTI_SPI_FREE_REQ */
+typedef struct {
+ LOCAL_PARA_HDR
+
+ kal_uint32 trans_id;
+ kal_uint32 spi_del_cnt;
+ kal_uint32 spi_del_list[IPSEC_MAX_SASP_DEL_NUM];
+ kal_uint8 src_addr[MAX_IP_ADDR_SIZE*IPSEC_MAX_SASP_DEL_NUM];
+ kal_uint8 dst_addr[MAX_IP_ADDR_SIZE*IPSEC_MAX_SASP_DEL_NUM];
+ ipsec_addr_family_enum addr_family_list[IPSEC_MAX_SASP_DEL_NUM];
+ ipsec_proto_enum ipsec_proto_list[IPSEC_MAX_SASP_DEL_NUM];
+} ipsec_atp_multi_spi_free_req_struct;
+
+ /*MSG_ID_IPSEC_ATP_MULTI_SPI_FREE_CNF*/
+
+ typedef struct {
+ LOCAL_PARA_HDR
+
+ kal_uint32 trans_id;
+ kal_uint32 spi_del_cnt;
+ kal_uint32 spi_list[IPSEC_MAX_SASP_DEL_NUM];
+ ipsec_status_enum status_list[IPSEC_MAX_SASP_DEL_NUM];
+ } ipsec_atp_multi_spi_free_cnf_struct;
+
+/* MSG_ID_IPSEC_ATP_SPI_FREE_CNF */
+typedef struct {
+ LOCAL_PARA_HDR
+
+ kal_uint32 trans_id;
+ ipsec_status_enum status;
+} ipsec_atp_spi_free_cnf_struct;
+
+#endif /* IPSEC_ATP_MSG_H */
diff --git a/mcu/interface/service/ipsec/ipsec_common_interface.h b/mcu/interface/service/ipsec/ipsec_common_interface.h
new file mode 100644
index 0000000..aa777f5
--- /dev/null
+++ b/mcu/interface/service/ipsec/ipsec_common_interface.h
@@ -0,0 +1,296 @@
+#ifndef IPSEC_COMMON_INTERFACE_H
+#define IPSEC_COMMON_INTERFACE_H
+
+#include "kal_public_api.h"
+
+#define MAX_IPV4_ADDR_SIZE (4)
+#define MAX_IP_ADDR_SIZE (16)
+#define MAX_IP_FRAGMENT_SIZE (10)
+#define IPSEC_SAID_INVALID (0XFFFFFFFF)
+#define IPSEC_SPI_INVALID (0)
+
+#define IPSEC_ALGO_MAX_KEY_LEN (128) //need confirm
+
+/* Define the max selector number support in a SA/SP entry*/
+#define IPSEC_MAX_SELECTOR_NUM (2)
+
+/* Define maximum SA/SP entries to be deleted in
+MSG_ID_IPSEC_MULTI_SA_SP_DELETE_REQ*/
+#define IPSEC_MAX_SASP_DEL_NUM (50)
+
+/* SA_DEL CAUSE */
+#define IPSEC_HARD_LIFETIME_OUT (0)
+
+/*for async data flow*/
+typedef enum
+{
+ IPSEC_PKT_STATUS_INVALID,
+ IPSEC_ENCRYPTION_IN,
+ IPSEC_ENCRYPTION_SUCCESS,
+ IPSEC_DECRYPTION_IN,
+ IPSEC_DECRYPTION_SUCCESS,
+ IPSEC_INTEGRITY_IN,
+ IPSEC_INTEGRITY_SUCCESS
+
+}ipsec_pkt_status_enum;
+
+
+typedef enum
+{
+ IPSEC_ENTRY_UNUSED = 0,
+ IPSEC_ENTRY_USED = 1
+
+}ipsec_entry_status_enum;
+
+
+typedef enum
+{
+ IPSEC_SUCCESS,
+ IPSEC_FAILURE, /* for general fail */
+
+ /**** other particular failure ****/
+ /* - sa/sp add/del fail */
+ /* - encap/decap fail */
+ IPSEC_ENCAP_NO_RULE,
+ IPSEC_DECAP_NO_RULE = IPSEC_ENCAP_NO_RULE,
+ IPSEC_DECAP_PACKET_SA_UNMATCH,
+
+ /* - spi alloc/free fail */
+ IPSEC_SPI_FREE_FAIL_SA_EXISTANT,
+
+ /*-sa suspend*/
+ IPSEC_ENCAP_SA_SUSPEND
+
+}ipsec_status_enum;
+
+
+typedef enum
+{
+ IPSEC_TRANSPORT_MODE,
+ IPSEC_TUNNEL_MODE,
+ IPSEC_TUNNEL_MODE_UDP_ENCAP
+}ipsec_mode_enum;
+
+
+typedef enum
+{
+ IPSEC_IPV6_EXT_HOPOPT = 0,
+ IPSEC_ICMP = 1,
+ IPSEC_IPV4 = 4,
+ IPSEC_TCP = 6,
+ IPSEC_UDP = 17,
+ IPSEC_IPV6 = 41,
+ IPSEC_IPV6_EXT_ROUTING = 43,
+ IPSEC_IPV6_EXT_FRAGMENT = 44,
+
+ IPSEC_ESP = 50,
+ IPSEC_AH = 51,
+ IPSEC_ICMPV6 = 58,
+ IPSEC_IPV6_EXT_NONXT = 59,
+ IPSEC_IPV6_EXT_DESTOPT = 60,
+
+ /* NOT support proto_range and protocol_opaque */
+ IPSEC_PROTO_ANY = 255,
+
+ /* not used in selector */
+ IPSEC_PROTO_OPAQUE = IPSEC_PROTO_ANY
+
+}ipsec_proto_enum;
+
+
+typedef enum
+{
+ IPSEC_DIRECTION_INVALID,
+ IPSEC_DIRECTION_IN,
+ IPSEC_DIRECTION_OUT
+}ipsec_direction_enum;
+
+
+typedef enum
+{
+ IPSEC_FAMILY_IPV4,
+ IPSEC_FAMILY_IPV6
+
+}ipsec_addr_family_enum;
+
+
+typedef enum
+{
+ IPSEC_BYPASS,
+ IPSEC_PROTECTED,
+ IPSEC_DISCARD
+
+}ipsec_action_enum;
+
+
+typedef enum
+{
+ IPSEC_ENCR_DES_IV64 = 1,
+ IPSEC_ENCR_DES = 2,
+ IPSEC_ENCR_3DES = 3,
+ IPSEC_ENCR_RC5 = 4,
+ IPSEC_ENCR_IDEA = 5,
+ IPSEC_ENCR_CAST = 6,
+ IPSEC_ENCR_BLOWFISH = 7,
+ IPSEC_ENCR_3IDEA = 8,
+ IPSEC_ENCR_DES_IV32 = 9,
+ // 10-reserved
+ IPSEC_ENCR_NULL = 11,
+ IPSEC_ENCR_AES_CBC = 12,
+ IPSEC_ENCR_AES_CTR = 13,
+ //IPSEC_ENCR_AES_CCM_8 = 14, /*Combined-mode algo*/
+ //IPSEC_ENCR_AES_CCM_12 = 15, /*Combined-mode algo*/
+ //IPSEC_ENCR_AES_CCM_16 = 16, /*Combined-mode algo*/
+ //17-unassigned
+ //IPSEC_ENCR_AES_GCM_8 = 18, /*Combined-mode algo*/
+ //IPSEC_ENCR_AES_GCM_12 = 19, /*Combined-mode algo*/
+ //IPSEC_ENCR_AES_GCM_16 = 20, /*Combined-mode algo*/
+ //IPSEC_ENCR_NULL_AUTH_AES_GMAC = 21, /*Combined-mode algo*/
+ //22-reserved for IEEE P1619 XTS-AES
+ IPSEC_ENCR_CAMELLA_CBC = 23,
+ IPSEC_ENCR_CAMELLA_CTR = 24,
+ //IPSEC_ENCR_CAMELLA_CCM_8 = 25, /*Combined-mode algo*/
+ //IPSEC_ENCR_CAMELLA_CCM_12 = 26, /*Combined-mode algo*/
+ //IPSEC_ENCR_CAMELLA_CCM_16 = 27, /*Combined-mode algo*/
+ //IPSEC_ENCR_CHACHA20_POLY1305 = 28, /*Combined-mode algo*/
+ IPSEC_ENCR_AES_CCM_8_IIV = 29,
+ IPSEC_ENCR_AES_GCM_16_IIV = 30,
+ IPSEC_ENCR_CHACHA20_POLY1305_IIV = 31
+
+ // 21-1023: unassigned
+ // 1024-65535: Private use
+}ipsec_encry_algo_enum;
+
+
+typedef enum
+{
+ //0-NONE
+ IPSEC_AUTH_HMAC_MD5_96 = 1,
+ IPSEC_AUTH_HMAC_SHA1_96 = 2,
+ IPSEC_AUTH_DES_MAC = 3,
+ IPSEC_AUTH_KPDK_MD5 = 4,
+ IPSEC_AUTH_AES_XCBC_96 = 5,
+ IPSEC_AUTH_HMAC_MD5_128 = 6,
+ IPSEC_AUTH_HMAC_SHA1_160 = 7,
+ IPSEC_AUTH_AES_CMAC_96 = 8,
+ IPSEC_AUTH_AES_128_GMAC = 9,
+ IPSEC_AUTH_AES_192_GMAC = 10,
+ IPSEC_AUTH_AES_256_GMAC = 11,
+ IPSEC_AUTH_HMAC_SHA2_256_128 = 12,
+ IPSEC_AUTH_HMAC_SHA2_384_192 = 13,
+ IPSEC_AUTH_HMAC_SHA2_512_256 = 14,
+ IPSEC_AUTH_NULL = 15 //???
+
+ //15~1023: Unassigned
+ //1024~65535: Private use
+}ipsec_integ_algo_enum;
+
+
+typedef enum
+{
+ IPSEC_COM_NULL,
+ IPSEC_COM_AES_CCM_8 = 14, /*Combined-mode algo*/
+ IPSEC_COM_AES_CCM_12 = 15, /*Combined-mode algo*/
+ IPSEC_COM_AES_CCM_16 = 16, /*Combined-mode algo*/
+ //17-unassigned
+ IPSEC_COM_AES_GCM_8 = 18, /*Combined-mode algo*/
+ IPSEC_COM_AES_GCM_12 = 19, /*Combined-mode algo*/
+ IPSEC_COM_AES_GCM_16 = 20, /*Combined-mode algo*/
+ IPSEC_COM_ENCR_NULL_AUTH_AES_GMAC = 21, /*Combined-mode algo*/
+
+ IPSEC_COM_CAMELLA_CCM_8 = 25, /*Combined-mode algo*/
+ IPSEC_COM_CAMELLA_CCM_12 = 26, /*Combined-mode algo*/
+ IPSEC_COM_CAMELLA_CCM_16 = 27, /*Combined-mode algo*/
+ IPSEC_COM_CHACHA20_POLY1305 = 28 /*Combined-mode algo*/
+
+}ipsec_com_algo_enum;
+
+#define IPSEC_PORT_OPAQUE 0XFFFF
+typedef struct
+{
+ kal_uint8 src_addr[MAX_IP_ADDR_SIZE];
+ kal_uint8 dst_addr[MAX_IP_ADDR_SIZE];
+ ipsec_addr_family_enum addr_family;
+ kal_uint8 src_prefix; /* <= 32/128 */
+ kal_uint8 dst_prefix; /* <= 32/128 */
+ ipsec_proto_enum next_layer_protocol;
+ kal_uint16 src_port[2];//0-begin,1-end
+ kal_uint16 dst_port[2];//0-begin,1-end
+ /*
+ address and port can either be a single value or a range.
+ SINGLE_PORT: port[0] = port[1] = value
+ ANY_PORT: port[0]=0, port[1]=0XFFFF;
+ OPAQUE_PORT: port[0]=0xFFFF, port[1]=0;
+
+ SINGLE_ADDR: addr=value, prefix=32/128
+ ANY_ADDR: addr=any, prefix=0;
+ */
+
+}ipsec_selector_t;
+
+
+typedef struct
+{
+ kal_uint8 tunnel_src[MAX_IP_ADDR_SIZE];
+ kal_uint8 tunnel_dst[MAX_IP_ADDR_SIZE];
+ ipsec_addr_family_enum tunnel_addr_family;
+ kal_uint8 tunnel_dscp;//the lower 6 bits is valid; 000000 indicate copy from inner, else use this value.
+ kal_uint16 udp_sport;//only for Tunnel_UDP-Encap
+ kal_uint16 udp_dport;//only for Tunnel_UDP-Encap
+
+}ipsec_tunnel_info_t;
+
+
+typedef struct
+{
+ kal_uint8 flags;//for esn, stateful_fragment_checking, Bypass_DF, Bypass_DSCP?
+ ipsec_addr_family_enum tunnel_addr_family;
+ kal_uint8 tunnel_src[MAX_IP_ADDR_SIZE];//only for tunnel mode
+ kal_uint8 tunnel_dst[MAX_IP_ADDR_SIZE];//only for tunnel mode
+
+ //Used as paras when invoke SA creation?
+ kal_uint32 e_algos;// encryption
+ kal_uint32 i_algos;
+ kal_uint32 c_algos;
+}ipsec_process_info_t;
+
+
+typedef struct
+{
+ kal_uint64 byte_limit; /* = 0 if no use*/
+ kal_uint64 packet_limit;/* = 0 if no use*/
+ kal_uint32 add_expire_seconds; /* = 0 if no use*/
+ kal_uint32 use_expire_seconds; /* = 0 if no use*/
+}ipsec_lft_t;
+
+
+typedef struct
+{
+ /* = ESP_OUTER_HEADER(0/20/40 byte) + UDP_HEADER(0/8 bytes)
+ + ESP_SPI_LEN + ESP_SN_LEN + encry_algo.iv_len + integrity_algo.trunc_icv_len
+ + ESP_PAD_LENGTH_LEN + ESP_NEXT_HEADER_LEN */
+ kal_uint32 fixed_length;//in BYTE;
+
+ // = encry_algo.block_size or 4
+ // in BYTE; for users to calculate padding size
+ // (text + 2 + pad) % blk-size = 0
+ kal_uint32 encry_block_size;
+
+}esp_overhead_info_t;
+
+
+//Fragmentation buffer structure for encapsulated packet
+typedef struct
+{
+ kal_uint8 *p_ip_frag;
+ kal_uint32 frag_size;
+}ipsec_fragment_info_t;
+
+
+kal_int32 ipsec_get_esp_overhead_info(kal_uint32 said, esp_overhead_info_t *p_ovhd_info);
+kal_int32 ipsec_get_encap_buffer_size(kal_uint32 said, kal_uint32 text_size,
+ kal_uint32 *p_inbuf_size, kal_uint32 *p_outbuf_size);
+kal_int32 ipsec_get_decap_buffer_size(kal_uint32 said, kal_uint32 text_size,
+ kal_uint32 *p_inbuf_size, kal_uint32 *p_outbuf_size);
+
+#endif
\ No newline at end of file
diff --git a/mcu/interface/service/ipsec/ipsec_cp_msg.h b/mcu/interface/service/ipsec/ipsec_cp_msg.h
new file mode 100644
index 0000000..049ceca
--- /dev/null
+++ b/mcu/interface/service/ipsec/ipsec_cp_msg.h
@@ -0,0 +1,314 @@
+#ifndef IPSEC_CP_MSG_H
+#define IPSEC_CP_MSG_H
+
+#include "ipsec_common_interface.h"
+#ifdef __N3GPP_OVER_DATA__
+#include "network_dev_info_struct.h"
+#endif
+
+
+//MSG_ID_IPSEC_SA_ADD_REQ
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 req_id;//req_id
+
+ //selector
+ ipsec_selector_t ipsec_selector[IPSEC_MAX_SELECTOR_NUM];
+ kal_uint32 ipsec_selector_count;/*the selector number in the SA entry, must <= IPSEC_MAX_SELECTOR_NUM*/
+
+ kal_uint32 spi;
+ ipsec_proto_enum ipsec_protocol;//ESP/AH
+ ipsec_mode_enum ipsec_mode;//Transport/Tunnel/Tunnel-UDP_Encap
+ kal_bool esn_flag;
+
+ kal_bool is_combined;
+ ipsec_encry_algo_enum encry_algo;//for ESP
+ ipsec_integ_algo_enum integrity_algo;//for ESP/AH
+ ipsec_com_algo_enum combined_algo;//reserved
+ kal_uint8 integ_key[IPSEC_ALGO_MAX_KEY_LEN];
+ kal_uint8 encry_key[IPSEC_ALGO_MAX_KEY_LEN];
+ kal_uint8 com_key[IPSEC_ALGO_MAX_KEY_LEN];
+ kal_uint32 encry_key_len;
+ kal_uint32 integ_key_len;
+ kal_uint32 com_key_len;
+
+ ipsec_tunnel_info_t tunnel_info;
+ ipsec_lft_t soft_lft;
+ ipsec_lft_t hard_lft;
+
+#ifdef __N3GPP_OVER_DATA__
+ nw_device_id_enum dev_id;
+#endif
+
+}ipsec_sa_add_req_struct;
+
+
+//MSG_ID_IPSEC_SA_ADD_CNF
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 req_id;//Used to instead selector to identify the SA, ipsec won't use it but just return to user in CNF msg.
+ kal_uint32 ipsec_said;//0xFFFFFFFF - invalid value
+ ipsec_status_enum status;// the result
+
+} ipsec_sa_add_cnf_struct;
+
+
+//MSG_ID_IPSEC_SP_ADD_REQ
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 req_id;
+ kal_uint32 ipsec_said;// the related SA id
+ kal_uint32 interface_id;
+
+ //selector
+ ipsec_selector_t ipsec_selector[IPSEC_MAX_SELECTOR_NUM];
+ kal_uint32 ipsec_selector_count;/*the selector number in the SP entry, must <= IPSEC_MAX_SELECTOR_NUM*/
+
+ ipsec_proto_enum ipsec_protocol;
+ ipsec_mode_enum ipsec_mode;// Transport / Tunnel / Tunnel-UDP_Encap
+ ipsec_direction_enum direction;//int / out
+
+ /* As defined in RFC4301 Page31: Processing info */
+ ipsec_process_info_t *p_process_info;
+
+}ipsec_sp_add_req_struct;
+
+
+//MSG_ID_IPSEC_SP_ADD_CNF
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 req_id;
+ kal_uint32 ipsec_spid;
+ ipsec_status_enum status;
+
+} ipsec_sp_add_cnf_struct;
+
+
+//MSG_ID_IPSEC_SP_DELETE_REQ
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 ipsec_spid;
+
+} ipsec_sp_delete_req_struct;
+
+//MSG_ID_IPSEC_SA_DELETE_REQ
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 ipsec_said;
+
+} ipsec_sa_delete_req_struct;
+
+//MSG_ID_IPSEC_SA_DELETE_CNF
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 ipsec_said;
+ ipsec_status_enum status;
+} ipsec_sa_delete_cnf_struct;
+
+//MSG_ID_IPSEC_SP_DELETE_CNF
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 ipsec_spid;
+ ipsec_status_enum status;
+} ipsec_sp_delete_cnf_struct;
+
+
+//MSG_ID_IPSEC_MULTI_SA_SP_DELETE_REQ
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 req_id;
+
+ kal_uint32 sa_del_cnt;
+ kal_uint32 ipsec_said_list[IPSEC_MAX_SASP_DEL_NUM];
+
+ kal_uint32 sp_del_cnt;
+ kal_uint32 ipsec_spid_list[IPSEC_MAX_SASP_DEL_NUM];
+
+}ipsec_multi_sa_sp_delete_req_struct;
+
+
+//MSG_ID_IPSEC_MULTI_SA_SP_DELETE_CNF
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 req_id;
+
+ kal_uint32 sa_del_cnt;
+ kal_uint32 ipsec_said_list[IPSEC_MAX_SASP_DEL_NUM];
+ ipsec_status_enum ipsec_sa_status_list[IPSEC_MAX_SASP_DEL_NUM];
+
+ kal_uint32 sp_del_cnt;
+ kal_uint32 ipsec_spid_list[IPSEC_MAX_SASP_DEL_NUM];
+ ipsec_status_enum ipsec_sp_status_list[IPSEC_MAX_SASP_DEL_NUM];
+
+}ipsec_multi_sa_sp_delete_cnf_struct;
+
+
+//MSG_ID_IPSEC_REKEY_IND
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 ipsec_said;
+
+} ipsec_rekey_ind_struct;
+
+//MSG_ID_IPSEC_SA_DEL_IND
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 ipsec_said;
+ kal_uint32 cause;//indicate the cause that IPsec deletes SA itself.
+
+} ipsec_sa_del_ind_struct;
+
+
+//MSG_ID_IPSEC_SP_SAID_UPDATE_REQ
+//for N3SAM to update sa link to the sp
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 req_id;
+ kal_uint32 new_said;
+ kal_uint32 ipsec_spid;
+} ipsec_sp_said_update_req_struct;
+
+//MSG_ID_IPSEC_SP_SAID_UPDATE_CNF
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 req_id;
+ ipsec_status_enum status;
+} ipsec_sp_said_update_cnf_struct;
+
+
+//MSG_ID_IPSEC_SA_TUNNEL_UPDATE_REQ
+//for N3SAM to update tunnel address
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 ipsec_said;
+ kal_uint8 new_tunnel_src[MAX_IP_ADDR_SIZE];
+ kal_uint8 new_tunnel_dst[MAX_IP_ADDR_SIZE];
+ ipsec_addr_family_enum new_tunnel_addr_family;
+#ifdef __N3GPP_OVER_DATA__
+ nw_device_id_enum dev_id;
+#endif
+}ipsec_sa_tunnel_update_req_struct;
+
+
+//MSG_ID_IPSEC_SA_TUNNEL_UPDATE_CNF
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 ipsec_said;
+ ipsec_status_enum status;
+}ipsec_sa_tunnel_update_cnf_struct;
+
+
+//MSG_ID_IPSEC_SPI_ALLOC_REQ
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint8 req_id;
+ kal_uint32 min_spi;
+ kal_uint32 max_spi;
+ kal_uint8 src_addr[16];
+ kal_uint8 dst_addr[16];
+ ipsec_addr_family_enum addr_family;
+ ipsec_proto_enum ipsec_proto;
+ ipsec_mode_enum ipsec_mode;
+ kal_uint32 max_wait_time; //seconds
+}ipsec_spi_alloc_req_struct;
+
+
+//MSG_ID_IPSEC_SPI_ALLOC_CNF
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint8 req_id;
+ kal_uint32 spi;
+ ipsec_status_enum status;
+
+}ipsec_spi_alloc_cnf_struct;
+
+
+//MSG_ID_IPSEC_SPI_FREE_REQ
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint8 req_id;
+ kal_uint8 src_addr[16];
+ kal_uint8 dst_addr[16];
+ ipsec_addr_family_enum addr_family;
+ ipsec_proto_enum ipsec_proto;
+ kal_uint32 spi;
+
+}ipsec_spi_free_req_struct;
+
+//MSG_ID_IPSEC_MULTI_SPI_FREE_REQ
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint8 req_id;
+ kal_uint32 spi_del_cnt;
+ kal_uint8 src_addr_list[16*IPSEC_MAX_SASP_DEL_NUM];
+ kal_uint8 dst_addr_list[16*IPSEC_MAX_SASP_DEL_NUM];
+ ipsec_addr_family_enum addr_family_list[IPSEC_MAX_SASP_DEL_NUM];
+ ipsec_proto_enum ipsec_proto_list[IPSEC_MAX_SASP_DEL_NUM];
+ kal_uint32 spi_del_list[IPSEC_MAX_SASP_DEL_NUM];
+
+}ipsec_multi_spi_free_req_struct;
+
+//MSG_ID_IPSEC_MULTI_SPI_FREE_CNF
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint8 req_id;
+ kal_uint32 spi_del_cnt;
+ kal_uint32 spi_del_list[IPSEC_MAX_SASP_DEL_NUM];
+ ipsec_status_enum spi_del_status_list[IPSEC_MAX_SASP_DEL_NUM];
+
+}ipsec_multi_spi_free_cnf_struct;
+
+
+//MSG_ID_IPSEC_SPI_FREE_CNF
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint8 req_id;
+ ipsec_status_enum status;
+
+}ipsec_spi_free_cnf_struct;
+
+#endif
diff --git a/mcu/interface/service/ipsec/ipsec_n3sam_interface.h b/mcu/interface/service/ipsec/ipsec_n3sam_interface.h
new file mode 100644
index 0000000..d616685
--- /dev/null
+++ b/mcu/interface/service/ipsec/ipsec_n3sam_interface.h
@@ -0,0 +1,13 @@
+#ifndef IPSEC_N3SAM_INTERFACE_H
+#define IPSEC_N3SAM_INTERFACE_H
+
+
+kal_uint32 ipsec_n3sam_query_last_time(kal_uint32 ipsec_said);
+
+
+//No-need at present
+//kal_uint32 ipsec_n3sam_query_said(ipsec_selector_t *sel);
+//kal_uint32 ipsec_n3sam_query_spid(ipsec_selector_t *sel);
+
+
+#endif
diff --git a/mcu/interface/service/ipsec/ipsec_tcpip_interface.h b/mcu/interface/service/ipsec/ipsec_tcpip_interface.h
new file mode 100644
index 0000000..b1cfbf0
--- /dev/null
+++ b/mcu/interface/service/ipsec/ipsec_tcpip_interface.h
@@ -0,0 +1,30 @@
+
+#ifndef IPSEC_TCPIP_INTERFACE_H
+#define IPSEC_TCPIP_INTERFACE_H
+
+#include "ipsec_common_interface.h"
+
+/*******************************************************************************
+ *FUNCTION
+ *
+ *DESCRIPTION
+ *
+ *PARAMETERS
+ *
+ *RETURNS
+ *
+ *******************************************************************************/
+kal_uint32 ipsec_tcpip_get_sa_id(kal_uint32 interface_id, ipsec_addr_family_enum addr_family,
+ const kal_uint8* p_src_addr, const kal_uint8* p_dst_addr, ipsec_proto_enum next_layer_protocol,
+ kal_uint16 src_port, kal_uint16 dst_port);
+
+kal_uint32 ipsec_tcpip_get_spi(kal_uint32 interface_id, ipsec_addr_family_enum addr_family,
+ const kal_uint8* p_src_addr, const kal_uint8* p_dst_addr, ipsec_proto_enum next_layer_protocol,
+ kal_uint16 src_port, kal_uint16 dst_port);
+
+kal_uint32 ipsec_tcpip_get_spi_list(kal_uint32 interface_id, ipsec_addr_family_enum addr_family,
+ const kal_uint8* p_dst_addr, ipsec_proto_enum next_layer_protocol, kal_uint16 dst_port,
+ kal_uint32* p_spi_list, kal_uint32 max_spi_cnt);
+
+
+#endif
\ No newline at end of file
diff --git a/mcu/interface/service/ipsec/ipsec_tcpip_msg.h b/mcu/interface/service/ipsec/ipsec_tcpip_msg.h
new file mode 100644
index 0000000..f6bec75
--- /dev/null
+++ b/mcu/interface/service/ipsec/ipsec_tcpip_msg.h
@@ -0,0 +1,119 @@
+#ifndef IPSEC_TCPIP_MSG_H
+#define IPSEC_TCPIP_MSG_H
+
+#include "ipsec_common_interface.h"
+
+/*example:
+MSG_ID_TDD_CRLC_CONFIG_AM_ESTABLISH_REQ
+tdd_crlc_config_am_establish_req_struct
+Name MUST exactly match:
+MSG_ID_ + TDD_CRLC_CONFIG_AM_ESTABLISH_REQ
+ tdd_crlc_config_am_establish_req + _struct
+*/
+
+//MSG_ID_TCPIP_IPSEC_ENCAP_REQ
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 transaction_id; // to identify the packet
+ kal_uint32 input_data_len; // or input_payload_len
+ kal_uint32 input_buffer_len;
+ kal_uint32 output_buffer_len;
+ kal_uint32 sa_id;
+ void* p_input_buffer; // point to the beginning of the TCP/UDP header for ENCAP
+ void* p_output_buffer;
+ ipsec_proto_enum next_header; // {TCP or UDP or ICMP or MH or IP} for ENCAP_REQ;
+} tcpip_ipsec_encap_req_struct;
+
+
+//MSG_ID_TCPIP_IPSEC_DECAP_REQ
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 transaction_id; // to identify the packet
+ kal_uint32 input_data_len;
+ kal_uint32 input_buffer_len;
+ kal_uint32 output_buffer_len;
+ void* p_input_buffer; // point to the beginning of the ESP header for DECAP
+ void* p_output_buffer;
+ kal_uint8 src_addr[MAX_IP_ADDR_SIZE]; // IP_ADDR_MAX_LEN = 16 BYTES
+ kal_uint8 dst_addr[MAX_IP_ADDR_SIZE];
+ ipsec_addr_family_enum addr_family; // ipv4 or ipv6
+ ipsec_proto_enum next_header; // {ESP or AH} for DECAP_REQ
+} tcpip_ipsec_decap_req_struct;
+
+
+//MSG_ID_TCPIP_IPSEC_ENCAP_RSP
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 transaction_id;//to identify the packet
+ kal_uint32 output_data_len;//not always be equal to the input output_buffer_len in ENCAP_REQ/DECAP_REQ
+ ipsec_proto_enum next_header;//{ESP or AH} for ENCAP_RSP
+ ipsec_status_enum status;//result
+
+} tcpip_ipsec_encap_rsp_struct;
+
+
+//MSG_ID_TCPIP_IPSEC_DECAP_RSP
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 transaction_id;//to identify the packet
+ kal_uint32 output_data_len;//not always be equal to the input output_buffer_len in ENCAP_REQ/DECAP_REQ
+ ipsec_proto_enum next_header;//{TCP or UDP or ICMP or MH or IP} for DECAP_RSP;
+ ipsec_status_enum status;//result
+
+} tcpip_ipsec_decap_rsp_struct;
+
+
+//MSG_ID_TCPIP_IPSEC_SA_CREATION_IND
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 interface_id;
+ kal_uint32 spi;
+ kal_uint32 sa_id;
+
+ ipsec_selector_t sel[IPSEC_MAX_SELECTOR_NUM]; /* equal to sp.sel */
+ kal_uint32 ipsec_selector_count;
+ /*
+ kal_uint8 src_addr[MAX_IP_ADDR_SIZE];
+ kal_uint8 dst_addr[MAX_IP_ADDR_SIZE];
+ kal_uint8 addr_family;
+ ipsec_proto_enum next_header;
+ kal_uint16 src_port;
+ kal_uint16 dst_port;
+ */
+ ipsec_proto_enum ipsec_protocol;//ESP or AH
+
+ kal_uint32 overhead_fixed_len;
+ kal_uint32 overhead_block_size;
+} tcpip_ipsec_sa_creation_ind_struct;
+
+
+//MSG_ID_TCPIP_IPSEC_SA_DELETION_IND
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 sa_id;
+} tcpip_ipsec_sa_deletion_ind_struct;
+
+// MSG_ID_TCPIP_IPSEC_MULTI_SA_DELETION_IND
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 sa_del_cnt;
+ kal_uint32 ipsec_said_list[IPSEC_MAX_SASP_DEL_NUM];
+} tcpip_ipsec_multi_sa_deletion_ind_struct;
+
+#endif
+
+
diff --git a/mcu/interface/service/ipsec/ipsec_wtunnel_msg.h b/mcu/interface/service/ipsec/ipsec_wtunnel_msg.h
new file mode 100644
index 0000000..c7d99dd
--- /dev/null
+++ b/mcu/interface/service/ipsec/ipsec_wtunnel_msg.h
@@ -0,0 +1,86 @@
+#ifndef IPSEC_WTUNNEL_MSG_H
+#define IPSEC_WTUNNEL_MSG_H
+
+#include "ipsec_common_interface.h"
+#ifdef __N3GPP_OVER_DATA__
+#include "network_dev_info_struct.h"
+#endif
+
+
+//MSG_ID_WTUNNEL_IPSEC_ENCAP_REQ
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 transaction_id;//to identify the packet
+ kal_uint32 input_buffer_len;
+ kal_uint32 output_buffer_len;
+ void* p_input_buffer;//point to the beginning of the IP header
+ void* p_output_buffer;
+ kal_uint32 sa_id;
+
+}wtunnel_ipsec_encap_req_struct;
+
+
+//MSG_ID_WTUNNEL_IPSEC_DECAP_REQ
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 transaction_id;//to identify the packet
+ kal_uint32 input_buffer_len;
+ kal_uint32 output_buffer_len;
+ void* p_input_buffer;//point to the beginning of the IP header
+ void* p_output_buffer;
+
+}wtunnel_ipsec_decap_req_struct;
+
+
+//MSG_ID_WTUNNEL_IPSEC_ENCAP_RSP
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 transaction_id;//to identify the packet
+ //kal_uint32 output_data_len;//maybe no-need, could be gotten from the outer ip header
+ ipsec_status_enum status;//result
+ ipsec_fragment_info_t frag_list[MAX_IP_FRAGMENT_SIZE];//output_buffer fragmentation
+ kal_uint32 frag_num;
+}wtunnel_ipsec_encap_rsp_struct;
+
+
+//MSG_ID_WTUNNEL_IPSEC_DECAP_RSP
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 transaction_id;//to identify the packet
+ kal_uint32 sa_id;
+ kal_uint32 output_data_len;//maybe no-need, could be gotten from the outer ip header
+ ipsec_status_enum status;//result
+}wtunnel_ipsec_decap_rsp_struct;
+
+
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ kal_uint32 sa_id;
+ kal_uint8 tunnel_src[MAX_IP_ADDR_SIZE];
+ kal_uint8 tunnel_dst[MAX_IP_ADDR_SIZE];
+ ipsec_addr_family_enum tunnel_addr_family;
+#ifdef __N3GPP_OVER_DATA__
+ nw_device_id_enum dev_id;
+#endif
+}ipsec_wtunnel_pmtu_register_req_struct;
+
+typedef struct
+{
+ LOCAL_PARA_HDR
+
+ ipsec_mode_enum mode;
+ kal_uint32 sa_id;
+ kal_uint32 pmtu;
+}ipsec_wtunnel_pmtu_update_ind_struct;
+
+#endif
\ No newline at end of file