+extern uword unformat_ipsec_key (unformat_input_t * input, va_list * args);
+
+#define IPSEC_UDP_PORT_NONE ((u16)~0)
+
+/*
+ * Anti Replay definitions
+ */
+
+#define IPSEC_SA_ANTI_REPLAY_WINDOW_SIZE (64)
+#define IPSEC_SA_ANTI_REPLAY_WINDOW_MAX_INDEX (IPSEC_SA_ANTI_REPLAY_WINDOW_SIZE-1)
+
+/*
+ * sequence number less than the lower bound are outside of the window
+ * From RFC4303 Appendix A:
+ * Bl = Tl - W + 1
+ */
+#define IPSEC_SA_ANTI_REPLAY_WINDOW_LOWER_BOUND(_tl) (_tl - IPSEC_SA_ANTI_REPLAY_WINDOW_SIZE + 1)
+
+always_inline int
+ipsec_sa_anti_replay_check (const ipsec_sa_t *sa, u32 seq)
+{
+ if (ipsec_sa_is_set_USE_ANTI_REPLAY (sa) &&
+ sa->replay_window & (1ULL << (sa->seq - seq)))
+ return 1;
+ else
+ return 0;
+}
+
+/*
+ * Anti replay check.
+ * inputs need to be in host byte order.
+ *
+ * The function runs in two contexts. pre and post decrypt.
+ * Pre-decrypt it:
+ * 1 - determines if a packet is a replay - a simple check in the window
+ * 2 - returns the hi-seq number that should be used to decrypt.
+ * post-decrypt:
+ * Checks whether the packet is a replay or falls out of window
+ *
+ * This funcion should be called even without anti-replay enabled to ensure
+ * the high sequence number is set.
+ */
+always_inline int
+ipsec_sa_anti_replay_and_sn_advance (const ipsec_sa_t *sa, u32 seq,
+ u32 hi_seq_used, bool post_decrypt,
+ u32 *hi_seq_req)
+{
+ ASSERT ((post_decrypt == false) == (hi_seq_req != 0));
+
+ if (!ipsec_sa_is_set_USE_ESN (sa))
+ {
+ if (hi_seq_req)
+ /* no ESN, therefore the hi-seq is always 0 */
+ *hi_seq_req = 0;
+
+ if (!ipsec_sa_is_set_USE_ANTI_REPLAY (sa))
+ return 0;
+
+ if (PREDICT_TRUE (seq > sa->seq))
+ return 0;
+
+ u32 diff = sa->seq - seq;
+
+ if (IPSEC_SA_ANTI_REPLAY_WINDOW_SIZE > diff)
+ return ((sa->replay_window & (1ULL << diff)) ? 1 : 0);
+ else
+ return 1;
+
+ return 0;
+ }
+
+ if (!ipsec_sa_is_set_USE_ANTI_REPLAY (sa))
+ {
+ /* there's no AR configured for this SA, but in order
+ * to know whether a packet has wrapped the hi ESN we need
+ * to know whether it is out of window. if we use the default
+ * lower bound then we are effectively forcing AR because
+ * out of window packets will get the increased hi seq number
+ * and will thus fail to decrypt. IOW we need a window to know
+ * if the SN has wrapped, but we don't want a window to check for
+ * anti replay. to resolve the contradiction we use a huge window.
+ * if the packet is not within 2^30 of the current SN, we'll consider
+ * it a wrap.
+ */
+ if (hi_seq_req)
+ {
+ if (seq >= sa->seq)
+ /* The packet's sequence number is larger that the SA's.
+ * that can't be a warp - unless we lost more than
+ * 2^32 packets ... how could we know? */
+ *hi_seq_req = sa->seq_hi;
+ else
+ {
+ /* The packet's SN is less than the SAs, so either the SN has
+ * wrapped or the SN is just old. */
+ if (sa->seq - seq > (1 << 30))
+ /* It's really really really old => it wrapped */
+ *hi_seq_req = sa->seq_hi + 1;
+ else
+ *hi_seq_req = sa->seq_hi;
+ }
+ }
+ /*
+ * else
+ * this is post-decrpyt and since it decrypted we accept it
+ */
+ return 0;
+ }
+ if (PREDICT_TRUE (sa->seq >= (IPSEC_SA_ANTI_REPLAY_WINDOW_MAX_INDEX)))
+ {
+ /*
+ * the last sequence number VPP recieved is more than one
+ * window size greater than zero.
+ * Case A from RFC4303 Appendix A.
+ */
+ if (seq < IPSEC_SA_ANTI_REPLAY_WINDOW_LOWER_BOUND (sa->seq))
+ {
+ /*
+ * the received sequence number is lower than the lower bound
+ * of the window, this could mean either a replay packet or that
+ * the high sequence number has wrapped. if it decrypts corrently
+ * then it's the latter.
+ */
+ if (post_decrypt)
+ {
+ if (hi_seq_used == sa->seq_hi)
+ /* the high sequence number used to succesfully decrypt this
+ * packet is the same as the last-sequnence number of the SA.
+ * that means this packet did not cause a wrap.
+ * this packet is thus out of window and should be dropped */
+ return 1;
+ else
+ /* The packet decrypted with a different high sequence number
+ * to the SA, that means it is the wrap packet and should be
+ * accepted */
+ return 0;
+ }
+ else
+ {
+ /* pre-decrypt it might be the might that casues a wrap, we
+ * need to decrpyt to find out */
+ if (hi_seq_req)
+ *hi_seq_req = sa->seq_hi + 1;
+ return 0;
+ }
+ }
+ else
+ {
+ /*
+ * the recieved sequence number greater than the low
+ * end of the window.
+ */
+ if (hi_seq_req)
+ *hi_seq_req = sa->seq_hi;
+ if (seq <= sa->seq)
+ /*
+ * The recieved seq number is within bounds of the window
+ * check if it's a duplicate
+ */
+ return (ipsec_sa_anti_replay_check (sa, seq));
+ else
+ /*
+ * The received sequence number is greater than the window
+ * upper bound. this packet will move the window along, assuming
+ * it decrypts correctly.
+ */
+ return 0;
+ }
+ }
+ else
+ {
+ /*
+ * the last sequence number VPP recieved is within one window
+ * size of zero, i.e. 0 < TL < WINDOW_SIZE, the lower bound is thus a
+ * large sequence number.
+ * Note that the check below uses unsiged integer arthimetic, so the
+ * RHS will be a larger number.
+ * Case B from RFC4303 Appendix A.
+ */
+ if (seq < IPSEC_SA_ANTI_REPLAY_WINDOW_LOWER_BOUND (sa->seq))
+ {
+ /*
+ * the sequence number is less than the lower bound.
+ */
+ if (seq <= sa->seq)
+ {
+ /*
+ * the packet is within the window upper bound.
+ * check for duplicates.
+ */
+ if (hi_seq_req)
+ *hi_seq_req = sa->seq_hi;
+ return (ipsec_sa_anti_replay_check (sa, seq));
+ }
+ else
+ {
+ /*
+ * the packet is less the window lower bound or greater than
+ * the higher bound, depending on how you look at it...
+ * We're assuming, given that the last sequence number received,
+ * TL < WINDOW_SIZE, that a largeer seq num is more likely to be
+ * a packet that moves the window forward, than a packet that has
+ * wrapped the high sequence again. If it were the latter then
+ * we've lost close to 2^32 packets.
+ */
+ if (hi_seq_req)
+ *hi_seq_req = sa->seq_hi;
+ return 0;
+ }
+ }
+ else
+ {
+ /*
+ * the packet seq number is between the lower bound (a large nubmer)
+ * and MAX_SEQ_NUM. This is in the window since the window upper bound
+ * tl > 0.
+ * However, since TL is the other side of 0 to the received
+ * packet, the SA has moved on to a higher sequence number.
+ */
+ if (hi_seq_req)
+ *hi_seq_req = sa->seq_hi - 1;
+ return (ipsec_sa_anti_replay_check (sa, seq));
+ }
+ }
+
+ /* unhandled case */
+ ASSERT (0);
+ return 0;
+}
+
+always_inline u32
+ipsec_sa_anti_replay_window_shift (ipsec_sa_t *sa, u32 inc)
+{
+ u32 n_lost = 0;
+
+ if (inc < IPSEC_SA_ANTI_REPLAY_WINDOW_SIZE)
+ {
+ if (sa->seq > IPSEC_SA_ANTI_REPLAY_WINDOW_SIZE)
+ {
+ /*
+ * count how many holes there are in the portion
+ * of the window that we will right shift of the end
+ * as a result of this increments
+ */
+ u64 mask = (((u64) 1 << inc) - 1) << (BITS (u64) - inc);
+ u64 old = sa->replay_window & mask;
+ /* the number of packets we saw in this section of the window */
+ u64 seen = count_set_bits (old);
+
+ /*
+ * the number we missed is the size of the window section
+ * minus the number we saw.
+ */
+ n_lost = inc - seen;
+ }
+ sa->replay_window = ((sa->replay_window) << inc) | 1;
+ }
+ else
+ {
+ /* holes in the replay window are lost packets */
+ n_lost = BITS (u64) - count_set_bits (sa->replay_window);
+
+ /* any sequence numbers that now fall outside the window
+ * are forever lost */
+ n_lost += inc - IPSEC_SA_ANTI_REPLAY_WINDOW_SIZE;
+
+ sa->replay_window = 1;
+ }
+
+ return (n_lost);
+}
+
+/*
+ * Anti replay window advance
+ * inputs need to be in host byte order.
+ * This function both advances the anti-replay window and the sequence number
+ * We always need to move on the SN but the window updates are only needed
+ * if AR is on.
+ * However, updating the window is trivial, so we do it anyway to save
+ * the branch cost.
+ */
+always_inline u64
+ipsec_sa_anti_replay_advance (ipsec_sa_t *sa, u32 thread_index, u32 seq,
+ u32 hi_seq)
+{
+ u64 n_lost = 0;
+ u32 pos;
+
+ if (ipsec_sa_is_set_USE_ESN (sa))
+ {
+ int wrap = hi_seq - sa->seq_hi;
+
+ if (wrap == 0 && seq > sa->seq)
+ {
+ pos = seq - sa->seq;
+ n_lost = ipsec_sa_anti_replay_window_shift (sa, pos);
+ sa->seq = seq;
+ }
+ else if (wrap > 0)
+ {
+ pos = ~seq + sa->seq + 1;
+ n_lost = ipsec_sa_anti_replay_window_shift (sa, pos);
+ sa->seq = seq;
+ sa->seq_hi = hi_seq;
+ }
+ else if (wrap < 0)
+ {
+ pos = ~seq + sa->seq + 1;
+ sa->replay_window |= (1ULL << pos);
+ }
+ else
+ {
+ pos = sa->seq - seq;
+ sa->replay_window |= (1ULL << pos);
+ }
+ }
+ else
+ {
+ if (seq > sa->seq)
+ {
+ pos = seq - sa->seq;
+ n_lost = ipsec_sa_anti_replay_window_shift (sa, pos);
+ sa->seq = seq;
+ }
+ else
+ {
+ pos = sa->seq - seq;
+ sa->replay_window |= (1ULL << pos);
+ }
+ }
+
+ return n_lost;
+}
+
+
+/*
+ * Makes choice for thread_id should be assigned.
+ * if input ~0, gets random worker_id based on unix_time_now_nsec
+*/
+always_inline u32
+ipsec_sa_assign_thread (u32 thread_id)
+{
+ return ((thread_id) ? thread_id
+ : (unix_time_now_nsec () % vlib_num_workers ()) + 1);
+}
+
+always_inline ipsec_sa_t *
+ipsec_sa_get (u32 sa_index)
+{
+ return (pool_elt_at_index (ipsec_sa_pool, sa_index));
+}