4.16. SA¶
4.16.1. Introduction¶
The Security Accelerator (SA) also known as cp_ace (Adaptive Cryptographic Engine) is designed to provide packet security as part of IPSEC, SRTP, and 3GPP industry standards. The security accelerator low level driver (referred to as the module) provides APIs for the configuration and control of the security accelerator sub-system. The SA low level driver provides an abstraction layer between the application and the Security Accelerator Sub System (SASS). It provides both the system level interface and the channel-level interface with a set of APIs in the driver.
Modes of Operation
Security accelerator library (ti.drv.sa) supports below modes
Protocol Specific Mode: In this mode, standards such as Ipv4/Ipv6 and 3gpp protocols are supported, where command labels are created based on the protocols.
Data Mode: In this mode, user can implement a custom/proprietary protocol mode with the help of APIs provided by SA LLD
4.16.2. User Interface¶
4.16.2.1. Driver Configuration¶
The driver configures the SASS subsystem using SA_config_t (system configuration) and Channel Configuration (Sa_ChanConfig_t) structure.
For details about individual fields of this library structure, see the PDK doxygen documentation
4.16.3. Application¶
4.16.3.1. Examples¶
Name | Description
|
Expected Results
|
List of SOCs with Application Build Support as CCS
|
List of SOCs with Applications Build Support Make
|
---|---|---|---|---|
SA_Example application | CCS Project Example
demonstrating
simple IPSec use
case. Reference
example for
developers
|
User observes the
output printed over
the CCS console
|
K2HK, K2L, K2E, C6678
|
None |
SA_UnitTestApplication | Unit Test
application to test
all APIs
|
User observes the
output printed over
the CCS console
|
K2HK, K2L, K2E, C6678, K2G
|
AM65XX |
NOTE : SA Unit Test applications are makefile based for AM65XX. Note that the application built, can be loaded on to CCS.
Note
Although SASS supports 3GPP specific Ciphering and Authentication algorithms such as Kasumi F8/F9 and Snow3G F8, those algorithms are locked out in this standard SA LLD distribution. In order to access 3GPP specific functionalities, one must obtain ETSI licensing as described at http://www.etsi.org/services/security-algorithms/cellular-algorithms and then download the SASS 3GPP Enabler package from TI from the link https://software-dl.ti.com/libs/sa_3gpp_enabler/latest/index_FDS.html
Due to export control restrictions, the SA 3GPP Enabler is a seperate download from the rest of the PROCESSOR-SDK.