Topic: Hardware crypto on wl-500g deluxe and on wgt634u

Hello

I'm trying to use the hardware crypto capabilities of these two routers
i've installed xwrt 809rc2, all kmod-crypto packages, kmod-ocf-ubsec-ssb and crypto-tools on the wgt634u, and after running "cryptotest -z 1024", i'm afraid that computation is done by the cpu (as many people said it doesn't work)

On the wl-500gd now, i've installed xwrt openvpn package (809rc2) with all the kmod-crypto packages except kmod-crypto-test (i've not enougth space), kmod-ocf-ubsec-ssb and crypto-tools, but when i run cryptotest, it just test the null crypts and it freeze (no des, 3des .....)

here are my questions:
-have someone manage to make a vpn box with wl-500gd (with hardware crypto of course)?
-Is someone having an idea about the cryptotest freeze on the wl-500gd?
-Will the hardware acceleration work on the wgt634u in the future (is this a problem of drivers or of hardware)

thanks in advance
minimou

Re: Hardware crypto on wl-500g deluxe and on wgt634u

According to the wiki, hw crypto on the wgt634u is very limited because of "bad hw design".
http://wiki.openwrt.org/HardwareAcceleratedCrypto
https://dev.openwrt.org/changeset/11846

Alas, I do have several of them.

Re: Hardware crypto on wl-500g deluxe and on wgt634u

Well, even a Soekris vpn1411 with the HIFN driver and cryptodev enabled OpenSSL does not work on a Alix 2c2 sad

Re: Hardware crypto on wl-500g deluxe and on wgt634u

I recently tried the hw crypto on a wgt634u and it seems like the hw engine runs!
I used svn r19598, target profile WGT634U and added packages openssl-utils and crypto-tools.

cryptotest showed not even half the speed measured in http://www.danm.de/files/src/bcm5365p/bench/cryptotest-hardware.txt
and I had some issue with IRQ2 in in the middle.

But IMHO openssl speed test with and without the ubsec_ssb showed some accelaration.

If I'm not wrong I wonder what happened to the hidden pin restricting the engine to DES: http://wiki.openwrt.org/oldwiki/hardwareacceleratedcrypto?

Next question: what hardware was the benchmark in the first link run on and why do we get less than half the speed?
Could anyone run cryptotest on an Asus WL-500gD or P (v2)?


root@OpenWrt:/# cat /proc/cpuinfo 
system type             : Broadcom BCM47XX
processor               : 0
cpu model               : Broadcom BCM3302 V0.7
BogoMIPS                : 198.65
wait instruction        : yes
microsecond timers      : yes
tlb_entries             : 32
extra interrupt vector  : yes
hardware watchpoint     : no
ASEs implemented        :
shadow register sets    : 1
core                    : 0
VCED exceptions         : not available
VCEI exceptions         : not available

root@OpenWrt:/# logread | grep IPSec
Jan  1 00:00:24 OpenWrt user.info kernel: Sentry5(tm) ROBOGateway(tm) IPSec Core at IRQ 2
root@OpenWrt:/# root@OpenWrt:/# logread | grep ubsec_ssb
Jan  1 00:00:24 OpenWrt user.warn kernel: IRQ 2/ubsec_ssb: IRQF_DISABLED is not guaranteed on shared IRQs
Jan  1 00:00:24 OpenWrt user.info kernel: ubsec_ssb: DES 3DES AES128 AES192 AES256 MD5_HMAC SHA1_HMAC
root@OpenWrt:/# cryptotest -z 1024root@OpenWrt:/# cat /proc/cpuinforoot@OpenWrt:/# cryptotest -z 1024
   0.668 sec,    2048    des crypts,       8 bytes,    24519 byte/sec,     0.2 Mb/sec
   0.665 sec,    2048    des crypts,      16 bytes,    49257 byte/sec,     0.4 Mb/sec
   0.669 sec,    2048    des crypts,      32 bytes,    97900 byte/sec,     0.7 Mb/sec
   0.678 sec,    2048    des crypts,      64 bytes,   193327 byte/sec,     1.5 Mb/sec
   0.700 sec,    2048    des crypts,     128 bytes,   374229 byte/sec,     2.9 Mb/sec
   0.709 sec,    2048    des crypts,     256 bytes,   739240 byte/sec,     5.6 Mb/sec
   0.816 sec,    2048    des crypts,     512 bytes,  1285606 byte/sec,     9.8 Mb/sec
   0.961 sec,    2048    des crypts,    1024 bytes,  2182351 byte/sec,    16.7 Mb/sec
   1.366 sec,    2048    des crypts,    2048 bytes,  3070914 byte/sec,    23.4 Mb/sec
   2.049 sec,    2048    des crypts,    4096 bytes,  4094075 byte/sec,    31.2 Mb/sec
   3.606 sec,    2048    des crypts,    8192 bytes,  4653070 byte/sec,    35.5 Mb/sec
   6.554 sec,    2048    des crypts,   16384 bytes,  5119418 byte/sec,    39.1 Mb/sec
  12.412 sec,    2048    des crypts,   32768 bytes,  5406659 byte/sec,    41.2 Mb/sec
  23.994 sec,    2048    des crypts,   65280 bytes,  5572062 byte/sec,    42.5 Mb/sec
   0.669 sec,    2048   3des crypts,       8 bytes,    24481 byte/sec,     0.2 Mb/sec
   0.657 sec,    2048   3des crypts,      16 bytes,    49875 byte/sec,     0.4 Mb/sec
   0.675 sec,    2048   3des crypts,      32 bytes,    97045 byte/sec,     0.7 Mb/sec
   0.684 sec,    2048   3des crypts,      64 bytes,   191615 byte/sec,     1.5 Mb/sec
   0.695 sec,    2048   3des crypts,     128 bytes,   376923 byte/sec,     2.9 Mb/sec
   0.716 sec,    2048   3des crypts,     256 bytes,   732448 byte/sec,     5.6 Mb/sec
   0.813 sec,    2048   3des crypts,     512 bytes,  1289373 byte/sec,     9.8 Mb/sec
   0.975 sec,    2048   3des crypts,    1024 bytes,  2151181 byte/sec,    16.4 Mb/sec
   1.365 sec,    2048   3des crypts,    2048 bytes,  3072154 byte/sec,    23.4 Mb/sec
   2.049 sec,    2048   3des crypts,    4096 bytes,  4094710 byte/sec,    31.2 Mb/sec
   3.605 sec,    2048   3des crypts,    8192 bytes,  4653536 byte/sec,    35.5 Mb/sec
   6.554 sec,    2048   3des crypts,   16384 bytes,  5119675 byte/sec,    39.1 Mb/sec
  12.413 sec,    2048   3des crypts,   32768 bytes,  5406518 byte/sec,    41.2 Mb/sec
  23.994 sec,    2048   3des crypts,   65280 bytes,  5572045 byte/sec,    42.5 Mb/sec
   0.669 sec,    2048    aes crypts,      16 bytes,    48983 byte/sec,     0.4 Mb/sec
   0.663 sec,    2048    aes crypts,      32 bytes,    98777 byte/sec,     0.8 Mb/sec
   0.681 sec,    2048    aes crypts,      64 bytes,   192493 byte/sec,     1.5 Mb/sec
   0.695 sec,    2048    aes crypts,     128 bytes,   376932 byte/sec,     2.9 Mb/sec
   0.716 sec,    2048    aes crypts,     256 bytes,   732336 byte/sec,     5.6 Mb/sec
   0.759 sec,    2048    aes crypts,     512 bytes,  1380661 byte/sec,    10.5 Mb/sec
   0.863 sec,    2048    aes crypts,    1024 bytes,  2429920 byte/sec,    18.5 Mb/sec
   1.096 sec,    2048    aes crypts,    2048 bytes,  3827391 byte/sec,    29.2 Mb/sec
   1.600 sec,    2048    aes crypts,    4096 bytes,  5241281 byte/sec,    40.0 Mb/sec
   2.572 sec,    2048    aes crypts,    8192 bytes,  6522369 byte/sec,    49.8 Mb/sec
   4.439 sec,    2048    aes crypts,   16384 bytes,  7559630 byte/sec,    57.7 Mb/sec
   8.193 sec,    2048    aes crypts,   32768 bytes,  8190688 byte/sec,    62.5 Mb/sec
  15.871 sec,    2048    aes crypts,   65280 bytes,  8423637 byte/sec,    64.3 Mb/sec
   0.665 sec,    2048 aes192 crypts,      16 bytes,    49278 byte/sec,     0.4 Mb/sec
   0.671 sec,    2048 aes192 crypts,      32 bytes,    97666 byte/sec,     0.7 Mb/sec
   0.678 sec,    2048 aes192 crypts,      64 bytes,   193401 byte/sec,     1.5 Mb/sec
   0.708 sec,    2048 aes192 crypts,     128 bytes,   370162 byte/sec,     2.8 Mb/sec
   0.729 sec,    2048 aes192 crypts,     256 bytes,   719006 byte/sec,     5.5 Mb/sec
   0.768 sec,    2048 aes192 crypts,     512 bytes,  1365335 byte/sec,    10.4 Mb/sec
   0.894 sec,    2048 aes192 crypts,    1024 bytes,  2344517 byte/sec,    17.9 Mb/sec
   1.109 sec,    2048 aes192 crypts,    2048 bytes,  3780938 byte/sec,    28.8 Mb/sec
   1.623 sec,    2048 aes192 crypts,    4096 bytes,  5169228 byte/sec,    39.4 Mb/sec
   2.632 sec,    2048 aes192 crypts,    8192 bytes,  6374199 byte/sec,    48.6 Mb/sec
   4.535 sec,    2048 aes192 crypts,   16384 bytes,  7398508 byte/sec,    56.4 Mb/sec
   8.420 sec,    2048 aes192 crypts,   32768 bytes,  7969921 byte/sec,    60.8 Mb/sec
  16.328 sec,    2048 aes192 crypts,   65280 bytes,  8188034 byte/sec,    62.5 Mb/sec
   0.673 sec,    2048 aes256 crypts,      16 bytes,    48654 byte/sec,     0.4 Mb/sec
   0.666 sec,    2048 aes256 crypts,      32 bytes,    98425 byte/sec,     0.8 Mb/sec
   0.666 sec,    2048 aes256 crypts,      64 bytes,   196854 byte/sec,     1.5 Mb/sec
   0.715 sec,    2048 aes256 crypts,     128 bytes,   366734 byte/sec,     2.8 Mb/sec
   0.732 sec,    2048 aes256 crypts,     256 bytes,   716344 byte/sec,     5.5 Mb/sec
   0.776 sec,    2048 aes256 crypts,     512 bytes,  1350410 byte/sec,    10.3 Mb/sec
   0.881 sec,    2048 aes256 crypts,    1024 bytes,  2380017 byte/sec,    18.2 Mb/sec
   1.117 sec,    2048 aes256 crypts,    2048 bytes,  3753857 byte/sec,    28.6 Mb/sec
   1.625 sec,    2048 aes256 crypts,    4096 bytes,  5161102 byte/sec,    39.4 Mb/sec
   2.595 sec,    2048 aes256 crypts,    8192 bytes,  6464182 byte/sec,    49.3 Mb/sec
   4.464 sec,    2048 aes256 crypts,   16384 bytes,  7516391 byte/sec,    57.3 Mb/sec
irq 2: nobody cared (try booting with the "irqpoll" option)
Call Trace:[<8000a194>] 0x8000a194
[<8000a194>] 0x8000a194
[<80057b70>] 0x80057b70
[<80057d44>] 0x80057d44
[<80001444>] 0x80001444
[<81fce640>] 0x81fce640
[<80058548>] 0x80058548
[<8002b41c>] 0x8002b41c
[<8000e098>] 0x8000e098
[<80001444>] 0x80001444
[<80001660>] 0x80001660
[<81fce640>] 0x81fce640
[<800189a4>] 0x800189a4
[<8000f684>] 0x8000f684
[<80001680>] 0x80001680
[<80281a88>] 0x80281a88
[<802813ac>] 0x802813ac

handlers:
[<81f21a70>]
Disabling IRQ #2
   8.245 sec,    2048 aes256 crypts,   32768 bytes,  8139739 byte/sec,    62.1 Mb/sec
  15.871 sec,    2048 aes256 crypts,   65280 bytes,  8423492 byte/sec,    64.3 Mb/sec
   0.315 sec,    1024 md5_hmac crypts,       8 bytes,    25993 byte/sec,     0.2 Mb/sec
   0.315 sec,    1024 md5_hmac crypts,      16 bytes,    52028 byte/sec,     0.4 Mb/sec
   0.312 sec,    1024 md5_hmac crypts,      32 bytes,   104928 byte/sec,     0.8 Mb/sec
   0.324 sec,    1024 md5_hmac crypts,      64 bytes,   202335 byte/sec,     1.5 Mb/sec
   0.328 sec,    1024 md5_hmac crypts,     128 bytes,   400068 byte/sec,     3.1 Mb/sec
   0.341 sec,    1024 md5_hmac crypts,     256 bytes,   769480 byte/sec,     5.9 Mb/sec
   0.342 sec,    1024 md5_hmac crypts,     512 bytes,  1534204 byte/sec,    11.7 Mb/sec
   0.405 sec,    1024 md5_hmac crypts,    1024 bytes,  2585948 byte/sec,    19.7 Mb/sec
   0.459 sec,    1024 md5_hmac crypts,    2048 bytes,  4566730 byte/sec,    34.8 Mb/sec
   0.616 sec,    1024 md5_hmac crypts,    4096 bytes,  6814311 byte/sec,    52.0 Mb/sec
   0.912 sec,    1024 md5_hmac crypts,    8192 bytes,  9201284 byte/sec,    70.2 Mb/sec
   1.466 sec,    1024 md5_hmac crypts,   16384 bytes, 11444962 byte/sec,    87.3 Mb/sec
   2.667 sec,    1024 md5_hmac crypts,   32768 bytes, 12579226 byte/sec,    96.0 Mb/sec
   5.020 sec,    1024 md5_hmac crypts,   65280 bytes, 13316462 byte/sec,   101.6 Mb/sec
   0.315 sec,    1024 sha1_hmac crypts,       8 bytes,    26000 byte/sec,     0.2 Mb/sec
   0.318 sec,    1024 sha1_hmac crypts,      16 bytes,    51445 byte/sec,     0.4 Mb/sec
   0.321 sec,    1024 sha1_hmac crypts,      32 bytes,   102208 byte/sec,     0.8 Mb/sec
   0.327 sec,    1024 sha1_hmac crypts,      64 bytes,   200535 byte/sec,     1.5 Mb/sec
   0.329 sec,    1024 sha1_hmac crypts,     128 bytes,   398900 byte/sec,     3.0 Mb/sec
   0.337 sec,    1024 sha1_hmac crypts,     256 bytes,   777557 byte/sec,     5.9 Mb/sec
   0.357 sec,    1024 sha1_hmac crypts,     512 bytes,  1468890 byte/sec,    11.2 Mb/sec
   0.410 sec,    1024 sha1_hmac crypts,    1024 bytes,  2558214 byte/sec,    19.5 Mb/sec
   0.484 sec,    1024 sha1_hmac crypts,    2048 bytes,  4333245 byte/sec,    33.1 Mb/sec
   0.668 sec,    1024 sha1_hmac crypts,    4096 bytes,  6283347 byte/sec,    47.9 Mb/sec
   1.024 sec,    1024 sha1_hmac crypts,    8192 bytes,  8188977 byte/sec,    62.5 Mb/sec
   1.651 sec,    1024 sha1_hmac crypts,   16384 bytes, 10159919 byte/sec,    77.5 Mb/sec
   3.031 sec,    1024 sha1_hmac crypts,   32768 bytes, 11069113 byte/sec,    84.5 Mb/sec
   5.735 sec,    1024 sha1_hmac crypts,   65280 bytes, 11656494 byte/sec,    88.9 Mb/sec
root@OpenWrt:/# openssl speed -evp aes-128-cbc -engine cryptodev -elapsed
engine "cryptodev" set.
You have chosen to measure elapsed time instead of user CPU time.
To get the most accurate results, try to run this
program when this computer is idle.
Doing aes-128-cbc for 3s on 16 size blocks: 9470 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 64 size blocks: 8963 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 256 size blocks: 8248 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 1024 size blocks: 6746 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 2048 size blocks: 5453 aes-128-cbc's in 3.00s
OpenSSL 0.9.8l 5 Nov 2009
built on: Fri Feb 12 14:23:43 CET 2010
options:bn(64,32) rc4(ptr,char) des(idx,cisc,16,long) aes(partial) blowfish(ptr) 
compiler: mipsel-openwrt-linux-uclibc-gcc -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DDSO_DLFCN -DHAVE_DLFCN_H -DHAVE_CRYPTODEV -I/media/OpenWRT/wlan/kamikaze2/wgt634u/openwrt/staging_dir/target-mipsel_uClibc-0.9.30.1/usr/include -I/media/OpenWRT/wlan/kamikaze2/wgt634u/openwrt/staging_dir/target-mipsel_uClibc-0.9.30.1/include -I/media/OpenWRT/wlan/kamikaze2/wgt634u/openwrt/staging_dir/toolchain-mipsel_gcc-4.3.3+cs_uClibc-0.9.30.1/usr/include -I/media/OpenWRT/wlan/kamikaze2/wgt634u/openwrt/staging_dir/toolchain-mipsel_gcc-4.3.3+cs_uClibc-0.9.30.1/include -DOPENSSL_SMALL_FOOTPRINT -DOPENSSL_NO_ERR -DOPENSSL_NO_HW -DTERMIO -Os -pipe -mips32 -mtune=mips32 -funit-at-a-time -fhonour-copts -msoft-float -fpic -fomit-frame-pointer -Wall
available timing options: TIMES TIMEB HZ=100 [sysconf value]
timing function used: ftime
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   2048 bytes
aes-128-cbc         50.51k      191.21k      703.83k     2302.63k     3721.34k
root@OpenWrt:/# rmmod ubsec_ssb
root@OpenWrt:/# openssl speed -evp aes-128-cbc -engine cryptodev -elapsed
engine "cryptodev" set.
You have chosen to measure elapsed time instead of user CPU time.
To get the most accurate results, try to run this
program when this computer is idle.
Doing aes-128-cbc for 3s on 16 size blocks: 215605 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 64 size blocks: 57502 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 256 size blocks: 16487 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 1024 size blocks: 4312 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 2048 size blocks: 2173 aes-128-cbc's in 3.00s
OpenSSL 0.9.8l 5 Nov 2009
built on: Fri Feb 12 14:23:43 CET 2010
options:bn(64,32) rc4(ptr,char) des(idx,cisc,16,long) aes(partial) blowfish(ptr) 
compiler: mipsel-openwrt-linux-uclibc-gcc -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DDSO_DLFCN -DHAVE_DLFCN_H -DHAVE_CRYPTODEV -I/media/OpenWRT/wlan/kamikaze2/wgt634u/openwrt/staging_dir/target-mipsel_uClibc-0.9.30.1/usr/include -I/media/OpenWRT/wlan/kamikaze2/wgt634u/openwrt/staging_dir/target-mipsel_uClibc-0.9.30.1/include -I/media/OpenWRT/wlan/kamikaze2/wgt634u/openwrt/staging_dir/toolchain-mipsel_gcc-4.3.3+cs_uClibc-0.9.30.1/usr/include -I/media/OpenWRT/wlan/kamikaze2/wgt634u/openwrt/staging_dir/toolchain-mipsel_gcc-4.3.3+cs_uClibc-0.9.30.1/include -DOPENSSL_SMALL_FOOTPRINT -DOPENSSL_NO_ERR -DOPENSSL_NO_HW -DTERMIO -Os -pipe -mips32 -mtune=mips32 -funit-at-a-time -fhonour-copts -msoft-float -fpic -fomit-frame-pointer -Wall
available timing options: TIMES TIMEB HZ=100 [sysconf value]
timing function used: ftime
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   2048 bytes
aes-128-cbc       1149.51k     1226.71k     1406.89k     1471.83k     1482.45k

5 (edited by jal2 2010-02-15 13:08:07)

Re: Hardware crypto on wl-500g deluxe and on wgt634u

I tried to test the openssh server on the WGT634U with ubsec_ssb, similar to the test in http://www.danm.de/files/src/bcm5365p/bench/openssh-server-aes.txt:

On the PC:

scp -c aes128-cbc randomfile test@wgt634u:/tmp

This command hangs forever, it doesn't even ask for the passwort.

On the WGT634U with debug level 1:

root@OpenWrt:/tmp# /usr/sbin/sshd -d
debug1: sshd version OpenSSH_5.3p1
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-d'
socket: Address family not supported by protocol
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
debug1: inetd sockets after dupping: 4, 4
Connection from 192.168.6.1 port 58819
debug1: Client protocol version 2.0; client software version OpenSSH_5.1p1 Debia2
debug1: match: OpenSSH_5.1p1 Debian-6ubuntu2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: permanently_set_uid: 74/74
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
WARNING: /etc/ssh/moduli does not exist, using fixed modulus
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
Bad packet length 3539845156.

The above works after removing the kernel module ubsec_ssb on the WGT634U.

I get a similar bug for the cipher 3des-cbc.

Does anyone know how to compile and run the openssl test suite for WGT634U?

Re: Hardware crypto on wl-500g deluxe and on wgt634u

Just keep in mind, setting up transactions with a crypto engine is in general expensive. You get an appreciable gain with big transfers only. For average vpn traffic it's probably not worth

Re: Hardware crypto on wl-500g deluxe and on wgt634u

rAndy wrote:

Just keep in mind, setting up transactions with a crypto engine is in general expensive. You get an appreciable gain with big transfers only. For average vpn traffic it's probably not worth

Due to the benchmarks in {url]http://www.danm.de/files/src/bcm5365p/bench/[/url] hw crypto increased the speed of scp'ing a file
of 10 MByte by a factor of ~2. This seems to be measured on an Asus WL-500gP with a CPU @ 266 MHz. The WGT634U's CPU runs @ 200 MHz only.

The CPU load in both cases would be interesting, too.

Re: Hardware crypto on wl-500g deluxe and on wgt634u

Yanira wrote:

Well, even a Soekris vpn1411 with the HIFN driver and cryptodev enabled OpenSSL does not work on a Alix 2c2 sad

I have yet to make a Soekris VPN1411 work with a RouterStation Pro and so far no one can give me any ideas on how to make it work.

I think at least for the HIFN the driver is broken as I see the following on boot.

hifn_795x: Unknown symbol hwrng_unregister
hifn_795x: Unknown symbol hwrng_register

and I think over all the hardware crypto support is broken

Re: Hardware crypto on wl-500g deluxe and on wgt634u

ByerRA wrote:

I think at least for the HIFN the driver is broken as I see the following on boot.

hifn_795x: Unknown symbol hwrng_unregister
hifn_795x: Unknown symbol hwrng_register

and I think over all the hardware crypto support is broken

The above error looks like a missing dependency. Both symbols are exported by drivers/char/hw_random/core.c
which is controlled by the config CONFIG_HW_RANDOM (at least with kernel 2.6.32.8)

Just check your kernel config file and either compile the file into your kernel (CONFIG_HW_RANDOM=y) or
as a module (CONFIG_HW_RANDOM=m) and load the kernel module rng_core.ko at runtime.

Have you already added a trac ticket for this problem?

BTW, this issue doesn't fit the topic of this thread (unless the hifn card is inside a wl-500gD or wgt634u :-), maybe we should have a separate thread.

HTH,
jal2

Re: Hardware crypto on wl-500g deluxe and on wgt634u

It seems like AES is currently broken on the WGT-634U, i.e. the results are wrong.
Could someone please run cryptotest -c -a aes on a Asus WL-500gP v1 or any other hardware with a BCM94704
and running the current svn trunk software?

cryptotest -c  -a des 1 64
   0.001 sec,       2    des crypts,      64 bytes,   160000 byte/sec,     1.2 Mb/sec
root@OpenWrt:/# cryptotest -c  -a 3des 1 64
   0.001 sec,       2   3des crypts,      64 bytes,   181047 byte/sec,     1.4 Mb/sec
root@OpenWrt:/# cryptotest -c -v -a aes 1 64
 crid = 3000000
alg = aes
session = 0x0
device = ubsec_ssb0
count = 1, size = 64
iv:
0000: 32 6a 62 36 35 38 6e 75 32 73 38 21 74 61 75 6f
cleartext:
0000: 61 74 6a 73 74 34 30 34 37 38 62 37 30 30 39 6e
0010: 36 38 33 30 35 69 37 65 39 21 61 6e 61 74 38 21
0020: 37 36 30 6a 74 74 62 73 61 38 31 68 38 74 37 30
0030: 68 37 30 75 74 73 35 21 30 21 36 35 74 30 68 34
ciphertext:
0000: c7 de be d3 28 29 99 70 1b af 34 b0 05 72 01 99
0010: 8f 56 9c 87 93 af 7e b1 87 3a 65 65 6c ad cf 2d
0020: 85 8d c2 3d da 07 af 27 6d 54 d2 41 3c d1 03 a4
0030: dd d7 12 2a dd 9f 41 75 8a cc f3 aa db b8 9b 5f
cipheriv:
0000: 32 6a 62 36 35 38 6e 75 32 73 38 21 74 61 75 6f
0010: 00 00 00 00 01 00 00 00 40 00 00 00 60 40 41 00
0020: a0 40 41 00 00 00 00 00 5c 94 8b 7f 0b 00 00 00
0030: 00 00 00 00 10 00 00 00 08 40 41 00 00 00 00 00
decrypt mismatch:
original:
0000: 61 74 6a 73 74 34 30 34 37 38 62 37 30 30 39 6e
0010: 36 38 33 30 35 69 37 65 39 21 61 6e 61 74 38 21
0020: 37 36 30 6a 74 74 62 73 61 38 31 68 38 74 37 30
0030: 68 37 30 75 74 73 35 21 30 21 36 35 74 30 68 34
cleartext:
0000: f7 bd 17 24 9c 6b 35 e2 42 35 e8 9a 20 b3 66 d3
0010: de 19 8e 7d 33 a6 b1 dd ed 39 9b d2 ba ba fe 7a
0020: 52 b9 6a 58 bf f2 a0 fe 7c 10 56 73 7f ac 54 bb
0030: b4 11 42 0b d3 93 c9 0a 61 d4 4b d9 92 1f 9f d4
cleartext:
0000: f7 bd 17 24 9c 6b 35 e2 42 35 e8 9a 20 b3 66 d3
0010: de 19 8e 7d 33 a6 b1 dd ed 39 9b d2 ba ba fe 7a
0020: 52 b9 6a 58 bf f2 a0 fe 7c 10 56 73 7f ac 54 bb
0030: b4 11 42 0b d3 93 c9 0a 61 d4 4b d9 92 1f 9f d4
   0.010 sec,       2    aes crypts,      64 bytes,    12716 byte/sec,     0.1 Mb/sec

Re: Hardware crypto on wl-500g deluxe and on wgt634u

jal2 wrote:

Due to the benchmarks in {url]http://www.danm.de/files/src/bcm5365p/bench/[/url] hw crypto increased the speed of scp'ing a file
of 10 MByte by a factor of ~2.

That's the proof of what i said. I would expect a (much) higher factor. If you try with a bigger file, factor should be even better.
But such big transfers are not the common case in vpn.

Re: Hardware crypto on wl-500g deluxe and on wgt634u

rAndy wrote:
jal2 wrote:

Due to the benchmarks in {url]http://www.danm.de/files/src/bcm5365p/bench/[/url] hw crypto increased the speed of scp'ing a file
of 10 MByte by a factor of ~2.

That's the proof of what i said. I would expect a (much) higher factor. If you try with a bigger file, factor should be even better.
But such big transfers are not the common case in vpn.

I don't think that bigger files would lead to better results here, as I assume openssh feeds cryptodev with a buffer of constant size and AFAIR the upper limit of the size is 64K-1 (saw some define in the ubsec_ssb sources).

We shouldn't focus on speed improvements in the idle case only, but also look on CPU utilization, where I would assume 100% for the software case and something considerable less with the crypto hw. Which translates into a higher factor under real-world conditions where the CPU is needed
for other tasks, too.

Re: Hardware crypto on wl-500g deluxe and on wgt634u

jal2 wrote:

We shouldn't focus on speed improvements in the idle case only, but also look on CPU utilization, where I would assume 100% for the software case and something considerable less with the crypto hw. Which translates into a higher factor under real-world conditions where the CPU is needed
for other tasks, too.

Ok, the real case: wl500gp + openvpn + VoIP traffic (SIP + RTP (alaw codec)), no crypto engine activated: i measured 10% cpu utilization (openvpn only). I then feel no need of a crypto engine.
Indeed, the problem i observed is speech interruption on vpn rekeying. But here no crypto engine helps, a hw random generator engine is needed.

Re: Hardware crypto on wl-500g deluxe and on wgt634u

jal2 wrote:

It seems like AES is currently broken on the WGT-634U, i.e. the results are wrong.

It seems like the 3DES results from the hardware are also wrong, it calculates a simple DES only.
cryptotest -c -a 3des cannot detect this, because its check is to decrypt the encrypted data
and compare the result with the original plaintext.

The export control pin mentioned here is really enabled.
No hope for 3DES or AES in hardware unless someone finds a trace on the PCB where a pull-down resistor is missing.

Sorry for all the fuss.

Re: Hardware crypto on wl-500g deluxe and on wgt634u

Nice topic, I will try on my wl-500gd

Re: Hardware crypto on wl-500g deluxe and on wgt634u

Looks like the ocf doesn't take affection, I tested with kmod-crypto-ocf + kmod-ocf-ubsec-ssb installed and not installed, the wireless on 10mbps, the cpu usage has no change.
wireless is b43 + psk2