How can I enable cryptographic device acceleration?

Question

I'm trying enable cryptographic device acceleration on Raspberry Pi 2B. Here's a results of benchmarks:

hubot@hubot-vps:~ $ cryptsetup benchmark
# Tests are approximate using memory only (no storage IO).
PBKDF2-sha1       131072 iterations per second
PBKDF2-sha256      49648 iterations per second
PBKDF2-sha512      11497 iterations per second
PBKDF2-ripemd160   64250 iterations per second
PBKDF2-whirlpool    6147 iterations per second
#  Algorithm | Key |  Encryption |  Decryption
     aes-cbc   128b    13.6 MiB/s    14.5 MiB/s
 serpent-cbc   128b           N/A           N/A
 twofish-cbc   128b           N/A           N/A
     aes-cbc   256b    10.7 MiB/s    11.2 MiB/s
 serpent-cbc   256b           N/A           N/A
 twofish-cbc   256b           N/A           N/A
     aes-xts   256b    13.9 MiB/s    14.2 MiB/s
 serpent-xts   256b           N/A           N/A
 twofish-xts   256b           N/A           N/A
     aes-xts   512b    10.9 MiB/s    11.0 MiB/s
 serpent-xts   512b           N/A           N/A
 twofish-xts   512b           N/A           N/A
hubot@hubot-vps:~ $ openssl speed -elapsed -evp aes-128-cbc
You have chosen to measure elapsed time instead of user CPU time.
Doing aes-128-cbc for 3s on 16 size blocks: 3407812 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 64 size blocks: 979572 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 256 size blocks: 253933 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 1024 size blocks: 64082 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 8192 size blocks: 8032 aes-128-cbc's in 3.01s
OpenSSL 1.0.1t  3 May 2016
built on: Fri Jan 27 22:44:27 2017
options:bn(64,32) rc4(ptr,char) des(idx,cisc,16,long) aes(partial) blowfish(ptr) 
compiler: gcc -I. -I.. -I../include  -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -DTERMIO -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -Wl,-z,relro -Wa,--noexecstack -Wall -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DGHASH_ASM
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
aes-128-cbc      18175.00k    20897.54k    21668.95k    21873.32k    21859.85k
hubot@hubot-vps:~ $ OPENSSL_ia32cap="~0x200000200000000" openssl speed -elapsed -evp aes-128-cbc
You have chosen to measure elapsed time instead of user CPU time.
Doing aes-128-cbc for 3s on 16 size blocks: 3378239 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 64 size blocks: 978479 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 256 size blocks: 253871 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 1024 size blocks: 64078 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 8192 size blocks: 8028 aes-128-cbc's in 3.00s
OpenSSL 1.0.1t  3 May 2016
built on: Fri Jan 27 22:44:27 2017
options:bn(64,32) rc4(ptr,char) des(idx,cisc,16,long) aes(partial) blowfish(ptr) 
compiler: gcc -I. -I.. -I../include  -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -DTERMIO -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -Wl,-z,relro -Wa,--noexecstack -Wall -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DGHASH_ASM
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
aes-128-cbc      18017.27k    20874.22k    21663.66k    21871.96k    21921.79k

I'm following this tutorial: https://lauri.võsandi.com/2014/07/cryptodev.html#cryptodev-linux. I first built dependencies for openssl package using command $ sudo apt-get build-dep openssl. Next, I fetch source by $ sudo apt-get source openssl. I moved into ~/openssl-1.0.1t directory. I executed following command in terminal:

sed -i -e "s/CONFARGS  =/CONFARGS = -DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS/" debian/rules
dch -i "Enabled cryptodev support" 

Next, I tried build package openssl with enabled cryptodev support using debuild tool and I got following error:

eng_cryptodev.c:56:31: fatal error: crypto/cryptodev.h: No such file or directory
 # include <crypto/cryptodev.h>
                               ^
compilation terminated.
Makefile:77: recipe for target 'depend' failed
make[3]: *** [depend] Error 1
make[3]: Leaving directory '/home/hubot/openssl-1.0.1t/crypto/engine'
Makefile:133: recipe for target 'depend' failed
make[2]: *** [depend] Error 1
make[2]: Leaving directory '/home/hubot/openssl-1.0.1t/crypto'
Makefile:472: recipe for target 'depend' failed
make[1]: *** [depend] Error 1
make[1]: Leaving directory '/home/hubot/openssl-1.0.1t'
debian/rules:49: recipe for target 'build-stamp' failed
make: *** [build-stamp] Error 2
dpkg-buildpackage: error: debian/rules build gave error exit status 2
debuild: fatal error at line 1376:
dpkg-buildpackage -rfakeroot -D -us -uc failed

So I thought that I have unmet dependency and cryptodev package is missing, thus I decided to manually compile it.

I fetched cryptodev source from http://nwl.cc/pub/cryptodev-linux/cryptodev-linux-1.9.tar.gz to directory ~/cryptodev, I unpacked tar archive and I entered into ~/cryptodev/cryptodev-linux-1.9 directory. I followed instructions on https://github.com/cryptodev-linux/cryptodev-linux/blob/master/INSTALL and I enter make command and I got below error:

hubot@hubot-vps:~/cryptodev/cryptodev-linux-1.9 $ make
make -C /lib/modules/4.9.24-v7+/build M=/home/hubot/cryptodev/cryptodev-linux-1.9 modules
make[1]: *** /lib/modules/4.9.24-v7+/build: No such file or directory.  Stop.
Makefile:27: recipe for target 'build' failed
make: *** [build] Error 2

I stopped at this error and I do not know what should I do next. I count on help. Thank you in advance.

Answer 1

None of the Raspberry Pi models have a cryptographic accelerator.

These instructions you found are for processors that have an accelerator as a separate device that only the kernel can access. (That separate device is pretty much always inside the same silicon package, but still a logically separate device as far as the main processor is concerned.)

Many recent Arm processors have cryptographic instructions on the main CPU: they're an optional feature of the ARMv8 architecture, whose main feature is being (usually) 64-bit. On Linux, you can test whether AES acceleration (for example) is present with the command grep -w aes /proc/cpuinfo (for AES acceleration). Raspberry Pi 3 has an ARMv8 processor, but without the cryptographic accelaration. (Presumably to keep costs down and/or to avoid legal restrictions on the import, export or use of cryptographic hardware and software.)

Answer 2

you need to install the kernel sources first.

That's described here: How compile a loadable kernel module without recompiling kernel

Afterwards you have to create a link from /lib/modules/4.9.24-v7+/build to the directory with the sources.

BTW, I found only the Raspberry Pi 3 CPU has real hardware crypto support, but it seems you need an extra license:

*About the Cortex-A53 processor Cryptography Extension*

The Cortex-A53 processor Cryptography Extension supports the ARMv8 Cryptography
Extensions. The Cryptography Extensions add new A64, A32, and T32 instructions to
Advanced SIMD that accelerate Advanced Encryption Standard (AES) encryption and
decryption, and the Secure Hash Algorithm (SHA) functions SHA-1, SHA-224, and SHA-256.
Note
 The optional Cryptography Extension is not included in the base product. ARM supplies the
Cryptography Extension only under an additional licence to the Cortex-A53 processor and
Advanced SIMD and Floating-point support licences.

https://static.docs.arm.com/ddi0501/f/DDI0501F_cortex_a53_cryptography_trm.pdf