1. Field
The present invention relates generally to communication protocols, and more particularly, to a bus interface and protocol for efficiently connecting processors.
2. Description of Related Art
A bus is the communication path through which processors communicate with one another or with other system elements such as memory. To be able to receive and transmit intelligible signals, the processors must agree on the same set of rules to use in interpreting signals sent back and forth. This common set of rules is referred to as the bus protocol.
One example of a data bus used to interface two system components is a network controller coupled to a special purpose processor, such as a cryptographic processor providing accelerated encryption, decryption, and authentication of data packets. Cryptographic processors implement, in hardware, encryption algorithms such as the well known data encryption standard (DES), which is specified in the ANSI (American National Standards Institute) X3.92 and X3.106 standards. By closely coupling the cryptographic processor with the network controller on a single network interface card, data packets received or transmitted over the network can be encrypted and authenticated at speeds comparable to the network""s bandwidth. By automatically encrypting all data sent over a network, two computers can transform an otherwise public network, such as the Internet, into a xe2x80x9cvirtual private networkxe2x80x9d (VPN).
Because performance is the biggest motivation behind doing hardware encryption and authentication, data transfers to and from the cryptographic processor and the network controller should ideally be very fast. Additionally, in order to maintain as much backwards compatibility as possible and to avoid extensive modifications to existing network controllers, it is desirable to use as few new output pins as possible from the LAN controller when interfacing it with the cryptographic processor.
Systems and methods consistent with the principles of the present invention address the need identified above by efficiently interfacing a special purpose processor with a network controller.
One aspect of the present invention is a method for interfacing a special purpose processor to a network controller that links a computer system to a network. The method comprises requesting permission, via a first signal line, that data destined for the network be transferred from the special purpose processor to the network controller. Second signal lines are used to request permission that data destined for the computer system be transferred from the special purpose processor to the network controller. Data signal lines transfer data to the network controller in response to the request for permission from one of the first and second signal lines. Data received at the network controller is forwarded to the network when the data transferred to the network controller is requested with the first signal line and forwarding the data to the computer system when the data transferred to the network controller is requested with the second signal line.
Other aspects of the present invention, related to the first aspect, are directed to a network controller and a computer network.
Another aspect of the present invention is a computer network comprising a first computer system and a public network connecting the first computer system to a second computer system. The first computer system further comprises a cryptographic processor; a network controller; first signal lines connecting the cryptographic processor to the network controller; the first signal lines being used to transmit data between the special purpose processor and the network controller; and second signal lines connecting the cryptographic processor to the network controller, the second signal lines indicating whether the data transmitted to the network controller from the cryptographic processor is to be transmitted to a memory of the first computer system or to the second computer system over the public network.
Yet another aspect of the present invention is a method for interfacing a special purpose processor to a network controller. The method includes transferring a plurality of bytes of data from the special purpose processor to the network controller, the plurality of bytes being arranged as packets of data. Further, the data transfer is interrupted when the network controller deasserts a chip select line connecting the special purpose processor to the network controller, the interruption of the data transfer occurring while one of the packets is being transferred and before the packet has completed the transfer to the network controller. Finally, when the network controller reasserts the chip select line, the transfer of the interrupted packet is resumed.
One further aspect of the present invention is directed to a network controller. The network controller comprises a first set of output pins and a chip select pin. The first set of output pins transfer data organized as packets to a bus, each packet containing a plurality of bytes of information. The chip select pin, when deasserted by the network controller, indicates that one of the packets being received by the network controller from a processor connected to the bus are to cease being transmitted by the processor, and, when subsequently asserted by the network controller, the chip select pin indicates to the processor that the processor is to resume transmitting the packet to the network controller beginning at a point within the packet corresponding to the location where the processor ceased transmitting the packet.