Filter
Top Products
Intel
®
IXP400 Software
Access-Layer Components: Security (IxCryptoAcc) API
April 2005 IXP400 Software Version 2.0 Programmer’s Guide
102 Document Number: 252539, Revision: 007
1. The proper NPE microcode images must have been downloaded to the NPE and initialized.
Additionally, the IxCryptoAcc API must be properly configured, initialized, and the crypto
context registration procedure must have completed.
At this point, the client must create the IX_OSAL_MBUFs that will hold the target data and
populate the source IX_OSAL_MBUF with the data to be operated on. Depending on the
encryption/decryption mode being used, the client must supply an initialization vector for the
AES or DES algorithm.
2. The client submits the IxCryptoAccAuthCryptPerform() function, supplying the crypto
context ID, pointers to the source and destination buffer, offset and length of the authentication
and crypto data, offset to the integrity check value, and a pointer to the initialization vector.
3. IxCryptoAcc uses IxQMgr to place a descriptor for the data into the Crypto Request Queue.
Figure 36. IPSec API Call Flow
IPSec Client
1. (...NPE init, CryptoAccConfig,
CryptoAccInit, CryptoAccCtxRegister, etc...)
create data mBufs, IV
2. ixCryptoAccAuthCryptPerform
(cryptoCtxId, *pSrcMbuf, *pDestMbuf,
authStartOffset, authDataLen,
cryptStartOffset, cryptDataLen, icvOffset,
*pIV)
IxQMgr / AQM
NPE - C
6. IxCryptoPerformCompleteCallback
(cryptoContextId, mBuf *, IxCryptoAccStatus)
IxCryptoAcc
Crypto Request Queue
Crypto Complete Queue
SDRAM
3.
4.
5.
B2918-01