/**************************************************************
 * FILE PURPOSE :  NETAPI SECURITY CONFIGURATION-
 *         user space access to security transport resources on SOC
 **************************************************************
 * @file netapi_sec.h
 * 
 * @brief DESCRIPTION:  netapi security  header file for user space transport
 *               library
 * 
 * REVISION HISTORY:  rev 0.0.1 
 *
 *  Copyright (c) Texas Instruments Incorporated 2010-2011
 * 
 *  Redistribution and use in source and binary forms, with or without 
 *  modification, are permitted provided that the following conditions 
 *  are met:
 *
 *    Redistributions of source code must retain the above copyright 
 *    notice, this list of conditions and the following disclaimer.
 *
 *    Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the 
 *    documentation and/or other materials provided with the   
 *    distribution.
 *
 *    Neither the name of Texas Instruments Incorporated nor the names of
 *    its contributors may be used to endorse or promote products derived
 *    from this software without specific prior written permission.
 *
 *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 
 *  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 
 *  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
 *  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 
 *  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 
 *  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 
 *  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 *  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 *  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 
 *  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 
 *  OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*****************************************************************************/
#ifndef __NETAPI_SEC__H
#define __NETAPI_SEC__H
#include "netapi.h"
#include "ti/runtime/pktlib/pktlib.h"
#include "ti/drv/nwal/nwal.h"


// To hold SA info */
typedef struct NETAPI_SEC_SA_INFO_tag
{
    nwal_SaDir          dir;            /** Direction for the channel. Inbound or Outbound */
    uint32_t            spi;               /**< IPSec Security Parameter index */
    nwal_IpSecProto     proto;              /**< IpSec Proto (ESP/AH) */
    nwal_saMode         saMode;         /**< Tunnel/ Transport mode */
    nwal_IpType         ipType;             /**< IPV4 or V6 */
    nwalIpAddr_t        src;            /**< Source IP Address (remote) */
    nwalIpAddr_t        dst;           /**< DST IP Address (local) */
    uint32_t            replayWindow;   /**< Replay Window Size */
    nwal_saAALG         authMode;       /**< Authentication Algorithm */
    nwal_saEALG         cipherMode;       /**< Encryption Algorithm */
    uint32_t            esnLo;          /**< Initial Value of Extended Sequence Number LSB */
    uint32_t            esnHi;          /**< Initial Value of Extended Sequence Number MSB */
} NETAPI_SEC_SA_INFO_T;


#define NETAPI_SEC_SA_INFLOW   0x2 
#define NETAPI_SEC_SA_SIDEBAND 0x1 

/******************************************************
 ************************API***************************
 *****************************************************/

//**********************************
//add SA
//*******************************************
NETCP_CFG_SA_T netapi_secAddSA(NETAPI_T h, //the  netapi handle
                                int iface_no, //inteface to attach to
                                NETAPI_SEC_SA_INFO_T *sa_info   ,//info on the SA
                                nwalSecKeyParams_t *key_params, //keys,etc
                                int mode, //SA implementation mode: inflow or sideband or both
                                NETCP_CFG_ROUTE_HANDLE_T  route,  //Optional route
                                void ** data_mode_handle, //returned data mode handle for pktio
                                void ** inflow_mode_handle,//returned inflow mode handle for pktio
                                int * perr);

//*****************************************
//delete SA
//*****************************************
void netapi_secDelSA(NETAPI_T h,int iface_no, NETCP_CFG_SA_T  sa_app_id,  int *perr);

//******************************************
// Add RX Security Policy
//******************************************
NETCP_CFG_IPSEC_POLICY_T netapi_secAddRxPolicy(NETAPI_T h, //the  netapi handle
                                NETCP_CFG_SA_T sa,  //tunnel to attach to
                                nwal_IpType ipType,     //V4 or V6
                                nwalIpAddr_t  * src_ip_addr,  //src (from where)
                                nwalIpAddr_t  * dst_ip_addr,  //dst (us)
                                nwalIpOpt_t * ip_qualifiers,  //other qualifiers
                                NETCP_CFG_ROUTE_HANDLE_T  route,  //Optional route
                                int * perr);

//******************************************
// Delete RX Security Policy
//******************************************
void netapi_secDelRxPolicy(NETAPI_T h,
                              NETCP_CFG_IPSEC_POLICY_T policy_app_id, 
                              int *perr);




#endif