[Feature]Upload Modem source code
Change-Id: Id4294f30faced84d3e6fd6d5e61e1111bf287a37
diff --git a/mcu/interface/service/ipsec/ipsec_common_interface.h b/mcu/interface/service/ipsec/ipsec_common_interface.h
new file mode 100644
index 0000000..aa777f5
--- /dev/null
+++ b/mcu/interface/service/ipsec/ipsec_common_interface.h
@@ -0,0 +1,296 @@
+#ifndef IPSEC_COMMON_INTERFACE_H
+#define IPSEC_COMMON_INTERFACE_H
+
+#include "kal_public_api.h"
+
+#define MAX_IPV4_ADDR_SIZE (4)
+#define MAX_IP_ADDR_SIZE (16)
+#define MAX_IP_FRAGMENT_SIZE (10)
+#define IPSEC_SAID_INVALID (0XFFFFFFFF)
+#define IPSEC_SPI_INVALID (0)
+
+#define IPSEC_ALGO_MAX_KEY_LEN (128) //need confirm
+
+/* Define the max selector number support in a SA/SP entry*/
+#define IPSEC_MAX_SELECTOR_NUM (2)
+
+/* Define maximum SA/SP entries to be deleted in
+MSG_ID_IPSEC_MULTI_SA_SP_DELETE_REQ*/
+#define IPSEC_MAX_SASP_DEL_NUM (50)
+
+/* SA_DEL CAUSE */
+#define IPSEC_HARD_LIFETIME_OUT (0)
+
+/*for async data flow*/
+typedef enum
+{
+ IPSEC_PKT_STATUS_INVALID,
+ IPSEC_ENCRYPTION_IN,
+ IPSEC_ENCRYPTION_SUCCESS,
+ IPSEC_DECRYPTION_IN,
+ IPSEC_DECRYPTION_SUCCESS,
+ IPSEC_INTEGRITY_IN,
+ IPSEC_INTEGRITY_SUCCESS
+
+}ipsec_pkt_status_enum;
+
+
+typedef enum
+{
+ IPSEC_ENTRY_UNUSED = 0,
+ IPSEC_ENTRY_USED = 1
+
+}ipsec_entry_status_enum;
+
+
+typedef enum
+{
+ IPSEC_SUCCESS,
+ IPSEC_FAILURE, /* for general fail */
+
+ /**** other particular failure ****/
+ /* - sa/sp add/del fail */
+ /* - encap/decap fail */
+ IPSEC_ENCAP_NO_RULE,
+ IPSEC_DECAP_NO_RULE = IPSEC_ENCAP_NO_RULE,
+ IPSEC_DECAP_PACKET_SA_UNMATCH,
+
+ /* - spi alloc/free fail */
+ IPSEC_SPI_FREE_FAIL_SA_EXISTANT,
+
+ /*-sa suspend*/
+ IPSEC_ENCAP_SA_SUSPEND
+
+}ipsec_status_enum;
+
+
+typedef enum
+{
+ IPSEC_TRANSPORT_MODE,
+ IPSEC_TUNNEL_MODE,
+ IPSEC_TUNNEL_MODE_UDP_ENCAP
+}ipsec_mode_enum;
+
+
+typedef enum
+{
+ IPSEC_IPV6_EXT_HOPOPT = 0,
+ IPSEC_ICMP = 1,
+ IPSEC_IPV4 = 4,
+ IPSEC_TCP = 6,
+ IPSEC_UDP = 17,
+ IPSEC_IPV6 = 41,
+ IPSEC_IPV6_EXT_ROUTING = 43,
+ IPSEC_IPV6_EXT_FRAGMENT = 44,
+
+ IPSEC_ESP = 50,
+ IPSEC_AH = 51,
+ IPSEC_ICMPV6 = 58,
+ IPSEC_IPV6_EXT_NONXT = 59,
+ IPSEC_IPV6_EXT_DESTOPT = 60,
+
+ /* NOT support proto_range and protocol_opaque */
+ IPSEC_PROTO_ANY = 255,
+
+ /* not used in selector */
+ IPSEC_PROTO_OPAQUE = IPSEC_PROTO_ANY
+
+}ipsec_proto_enum;
+
+
+typedef enum
+{
+ IPSEC_DIRECTION_INVALID,
+ IPSEC_DIRECTION_IN,
+ IPSEC_DIRECTION_OUT
+}ipsec_direction_enum;
+
+
+typedef enum
+{
+ IPSEC_FAMILY_IPV4,
+ IPSEC_FAMILY_IPV6
+
+}ipsec_addr_family_enum;
+
+
+typedef enum
+{
+ IPSEC_BYPASS,
+ IPSEC_PROTECTED,
+ IPSEC_DISCARD
+
+}ipsec_action_enum;
+
+
+typedef enum
+{
+ IPSEC_ENCR_DES_IV64 = 1,
+ IPSEC_ENCR_DES = 2,
+ IPSEC_ENCR_3DES = 3,
+ IPSEC_ENCR_RC5 = 4,
+ IPSEC_ENCR_IDEA = 5,
+ IPSEC_ENCR_CAST = 6,
+ IPSEC_ENCR_BLOWFISH = 7,
+ IPSEC_ENCR_3IDEA = 8,
+ IPSEC_ENCR_DES_IV32 = 9,
+ // 10-reserved
+ IPSEC_ENCR_NULL = 11,
+ IPSEC_ENCR_AES_CBC = 12,
+ IPSEC_ENCR_AES_CTR = 13,
+ //IPSEC_ENCR_AES_CCM_8 = 14, /*Combined-mode algo*/
+ //IPSEC_ENCR_AES_CCM_12 = 15, /*Combined-mode algo*/
+ //IPSEC_ENCR_AES_CCM_16 = 16, /*Combined-mode algo*/
+ //17-unassigned
+ //IPSEC_ENCR_AES_GCM_8 = 18, /*Combined-mode algo*/
+ //IPSEC_ENCR_AES_GCM_12 = 19, /*Combined-mode algo*/
+ //IPSEC_ENCR_AES_GCM_16 = 20, /*Combined-mode algo*/
+ //IPSEC_ENCR_NULL_AUTH_AES_GMAC = 21, /*Combined-mode algo*/
+ //22-reserved for IEEE P1619 XTS-AES
+ IPSEC_ENCR_CAMELLA_CBC = 23,
+ IPSEC_ENCR_CAMELLA_CTR = 24,
+ //IPSEC_ENCR_CAMELLA_CCM_8 = 25, /*Combined-mode algo*/
+ //IPSEC_ENCR_CAMELLA_CCM_12 = 26, /*Combined-mode algo*/
+ //IPSEC_ENCR_CAMELLA_CCM_16 = 27, /*Combined-mode algo*/
+ //IPSEC_ENCR_CHACHA20_POLY1305 = 28, /*Combined-mode algo*/
+ IPSEC_ENCR_AES_CCM_8_IIV = 29,
+ IPSEC_ENCR_AES_GCM_16_IIV = 30,
+ IPSEC_ENCR_CHACHA20_POLY1305_IIV = 31
+
+ // 21-1023: unassigned
+ // 1024-65535: Private use
+}ipsec_encry_algo_enum;
+
+
+typedef enum
+{
+ //0-NONE
+ IPSEC_AUTH_HMAC_MD5_96 = 1,
+ IPSEC_AUTH_HMAC_SHA1_96 = 2,
+ IPSEC_AUTH_DES_MAC = 3,
+ IPSEC_AUTH_KPDK_MD5 = 4,
+ IPSEC_AUTH_AES_XCBC_96 = 5,
+ IPSEC_AUTH_HMAC_MD5_128 = 6,
+ IPSEC_AUTH_HMAC_SHA1_160 = 7,
+ IPSEC_AUTH_AES_CMAC_96 = 8,
+ IPSEC_AUTH_AES_128_GMAC = 9,
+ IPSEC_AUTH_AES_192_GMAC = 10,
+ IPSEC_AUTH_AES_256_GMAC = 11,
+ IPSEC_AUTH_HMAC_SHA2_256_128 = 12,
+ IPSEC_AUTH_HMAC_SHA2_384_192 = 13,
+ IPSEC_AUTH_HMAC_SHA2_512_256 = 14,
+ IPSEC_AUTH_NULL = 15 //???
+
+ //15~1023: Unassigned
+ //1024~65535: Private use
+}ipsec_integ_algo_enum;
+
+
+typedef enum
+{
+ IPSEC_COM_NULL,
+ IPSEC_COM_AES_CCM_8 = 14, /*Combined-mode algo*/
+ IPSEC_COM_AES_CCM_12 = 15, /*Combined-mode algo*/
+ IPSEC_COM_AES_CCM_16 = 16, /*Combined-mode algo*/
+ //17-unassigned
+ IPSEC_COM_AES_GCM_8 = 18, /*Combined-mode algo*/
+ IPSEC_COM_AES_GCM_12 = 19, /*Combined-mode algo*/
+ IPSEC_COM_AES_GCM_16 = 20, /*Combined-mode algo*/
+ IPSEC_COM_ENCR_NULL_AUTH_AES_GMAC = 21, /*Combined-mode algo*/
+
+ IPSEC_COM_CAMELLA_CCM_8 = 25, /*Combined-mode algo*/
+ IPSEC_COM_CAMELLA_CCM_12 = 26, /*Combined-mode algo*/
+ IPSEC_COM_CAMELLA_CCM_16 = 27, /*Combined-mode algo*/
+ IPSEC_COM_CHACHA20_POLY1305 = 28 /*Combined-mode algo*/
+
+}ipsec_com_algo_enum;
+
+#define IPSEC_PORT_OPAQUE 0XFFFF
+typedef struct
+{
+ kal_uint8 src_addr[MAX_IP_ADDR_SIZE];
+ kal_uint8 dst_addr[MAX_IP_ADDR_SIZE];
+ ipsec_addr_family_enum addr_family;
+ kal_uint8 src_prefix; /* <= 32/128 */
+ kal_uint8 dst_prefix; /* <= 32/128 */
+ ipsec_proto_enum next_layer_protocol;
+ kal_uint16 src_port[2];//0-begin,1-end
+ kal_uint16 dst_port[2];//0-begin,1-end
+ /*
+ address and port can either be a single value or a range.
+ SINGLE_PORT: port[0] = port[1] = value
+ ANY_PORT: port[0]=0, port[1]=0XFFFF;
+ OPAQUE_PORT: port[0]=0xFFFF, port[1]=0;
+
+ SINGLE_ADDR: addr=value, prefix=32/128
+ ANY_ADDR: addr=any, prefix=0;
+ */
+
+}ipsec_selector_t;
+
+
+typedef struct
+{
+ kal_uint8 tunnel_src[MAX_IP_ADDR_SIZE];
+ kal_uint8 tunnel_dst[MAX_IP_ADDR_SIZE];
+ ipsec_addr_family_enum tunnel_addr_family;
+ kal_uint8 tunnel_dscp;//the lower 6 bits is valid; 000000 indicate copy from inner, else use this value.
+ kal_uint16 udp_sport;//only for Tunnel_UDP-Encap
+ kal_uint16 udp_dport;//only for Tunnel_UDP-Encap
+
+}ipsec_tunnel_info_t;
+
+
+typedef struct
+{
+ kal_uint8 flags;//for esn, stateful_fragment_checking, Bypass_DF, Bypass_DSCP?
+ ipsec_addr_family_enum tunnel_addr_family;
+ kal_uint8 tunnel_src[MAX_IP_ADDR_SIZE];//only for tunnel mode
+ kal_uint8 tunnel_dst[MAX_IP_ADDR_SIZE];//only for tunnel mode
+
+ //Used as paras when invoke SA creation?
+ kal_uint32 e_algos;// encryption
+ kal_uint32 i_algos;
+ kal_uint32 c_algos;
+}ipsec_process_info_t;
+
+
+typedef struct
+{
+ kal_uint64 byte_limit; /* = 0 if no use*/
+ kal_uint64 packet_limit;/* = 0 if no use*/
+ kal_uint32 add_expire_seconds; /* = 0 if no use*/
+ kal_uint32 use_expire_seconds; /* = 0 if no use*/
+}ipsec_lft_t;
+
+
+typedef struct
+{
+ /* = ESP_OUTER_HEADER(0/20/40 byte) + UDP_HEADER(0/8 bytes)
+ + ESP_SPI_LEN + ESP_SN_LEN + encry_algo.iv_len + integrity_algo.trunc_icv_len
+ + ESP_PAD_LENGTH_LEN + ESP_NEXT_HEADER_LEN */
+ kal_uint32 fixed_length;//in BYTE;
+
+ // = encry_algo.block_size or 4
+ // in BYTE; for users to calculate padding size
+ // (text + 2 + pad) % blk-size = 0
+ kal_uint32 encry_block_size;
+
+}esp_overhead_info_t;
+
+
+//Fragmentation buffer structure for encapsulated packet
+typedef struct
+{
+ kal_uint8 *p_ip_frag;
+ kal_uint32 frag_size;
+}ipsec_fragment_info_t;
+
+
+kal_int32 ipsec_get_esp_overhead_info(kal_uint32 said, esp_overhead_info_t *p_ovhd_info);
+kal_int32 ipsec_get_encap_buffer_size(kal_uint32 said, kal_uint32 text_size,
+ kal_uint32 *p_inbuf_size, kal_uint32 *p_outbuf_size);
+kal_int32 ipsec_get_decap_buffer_size(kal_uint32 said, kal_uint32 text_size,
+ kal_uint32 *p_inbuf_size, kal_uint32 *p_outbuf_size);
+
+#endif
\ No newline at end of file