Filter
Top Products
Intel
®
IXP400 Software
Access-Layer Components: Security (IxCryptoAcc) API
Programmer’s Guide IXP400 Software Version 2.0 April 2005
Document Number: 252539, Revision: 007 89
The Intel XScale core WEP Engine is a software-based “engine” for performing ARC4 and WEP
ICV calculations used by WEP clients. While this differs from the model of NPE-based hardware
acceleration typically found in the IXP400 software, it provides additionally design flexibility for
products that require NPE A to perform non-crypto operations.
IxQMgr is another access-layer component that interfaces to the hardware-based AHB Queue
Manager (AQM). The AQM is SRAM memory used to store pointers to data in SDRAM memory,
which is accessible by both the Intel XScale core and the NPEs. These items are the mechanism by
which data is transferred between IxCryptoAcc and the NPEs. Separate hardware queues are used
for both IPSec and WEP services.
The NPEs provide hardware acceleration for IxCryptoAcc. Specifically, AES, DES, and hashing
acceleration can be provided by NPE C. NPE A offers ARC4 and WEP ICV CRC acceleration.
Note: CryptoAcc access-component layer provides APIs that are generic for all applications that need to
perform encryption and authentication operations. In this chapter IPSec is used as one of the
example that makes use our cryptoAcc access-layer API to perform the authentication and
encryption operations needed for implementation of IPSec
7.3.2 Basic API Flow
This section describes a high-level flow of the IxCryptoAcc API. A more detailed example of API
usage is provided in a subsequent section.
The flow of the API is similar for both IPSec and WEP services. The client application initializes
the IxCryptoAcc API and then defines the cryptographic contexts (which describe the
cryptographic processing type, mode, direction, and a pointer back to the client application
callback) necessary for the type of data the client will be submitting to the API. Packets for
encryption/decryption and/or authentication are prepared by the client and passed to the
IxCryptoAcc component using a “Perform” function of the API, referencing a particular
cryptographic context for each packet. IxCryptoAcc invokes IxQMgr to instruct the NPEs to gather
the data and appropriate crypto context information from SDRAM.
The NPE (or Intel XScale core WEP Engine) performs encryption/decryption and authentication
using the appropriate acceleration component. The resulting data is stored back into the SDRAM.
At this point, a previously registered callback will be executed (in most cases), giving the
execution context back to the client application.
The IxCryptoAcc component depends on the IxQMgr component to configure and use the
hardware queues to access the NPE.
The basic API flow described above is shown in Figure 27.