[resolved] OpenSSL building from source?

Development on core packages and the distribution goes on in here.
Post a reply

Re: [resolved] OpenSSL building from source?

Postby lulo » Sat Feb 18, 2012 10:45 am

howto PKGBUILD openssl for iconnect ? like this ?:

Code: Select all
...build() {
cd $srcdir/$pkgname-$_ver

if [ "${CARCH}" == 'x86_64' ]; then
openssltarget='linux-x86_64'
elif [ "${CARCH}" == 'i686' ]; then
openssltarget='linux-elf'
elif [ "${CARCH}" == 'arm' -o "${CARCH}" == 'armv7h' ]; then
openssltarget='linux-armv5'
fi...
???

howto build cryptodev for this machine ?
lulo
 
Posts: 89
Joined: Mon Nov 28, 2011 1:19 am
Top

Re: [resolved] OpenSSL building from source?

Postby firefoxPL » Mon Feb 20, 2012 8:26 am

hi, from what I've checked the iconnect is based on the same CPU Kirkwood architecture, so you sould be able to build openssl with the same settings I've used:
Code: Select all
openssltarget='linux-armv4'

you can simply try makepkg if it succeeds then you can install the package using pacman, and if it doesn't nothing bad will happen since it wont affect your current openssl

edit:
as for building cryptodev it as simple as (at least that worked for me)
Code: Select all
# make
# make install
Pogo-P24 (new Pogoplug Classic) - ALARM on SATA (mediatomb, netatalk, avahi, time machine, swap, openvpn)
Pogo-E02 (v2 Pink) - ALARM on USB (netatalk, avahi, cryptodev-linux, getting ready for L2TP)
firefoxPL
 
Posts: 65
Joined: Thu Dec 08, 2011 1:49 pm
Top

Re: [resolved] OpenSSL building from source?

Postby lulo » Mon Feb 20, 2012 7:37 pm

thx @firefoxPL...i'am build one:

cryptodev build & install = ok (latest version http://download.gna.org/cryptodev-linux ... 1.1.tar.gz ; try make, sudo make install, sudo depmod -a )
openssl (from git https://github.com/archlinuxarm/PKGBUIL ... re/openssl ...modyfing PKGBUILD) build & install = ok ? (PKGBUILD = http://pastebin.com/u08pPSr4 ; sudo pacman -U --force ./openssl-1.0.0.g-1.1.git.use.cryptodev-arm.pkg.tar.gz)
testing = (reboot) not successful, nothing effect, not working :

Code: Select all
[lulo@lulo-iconnect ~]$ openssl speed -evp aes-256-cbc
Doing aes-256-cbc for 3s on 16 size blocks: 1675208 aes-256-cbc's in 2.98s
Doing aes-256-cbc for 3s on 64 size blocks: 487829 aes-256-cbc's in 2.98s
Doing aes-256-cbc for 3s on 256 size blocks: 127453 aes-256-cbc's in 2.98s
Doing aes-256-cbc for 3s on 1024 size blocks: 32249 aes-256-cbc's in 2.97s
Doing aes-256-cbc for 3s on 8192 size blocks: 4040 aes-256-cbc's in 2.98s
OpenSSL 1.0.0g 18 Jan 2012
built on: Mon Feb 20 18:42:45 CET 2012
options:bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,16,long) aes(partial) idea(int) blowfish(ptr)
compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS -DHASH_MAX_LEN=64 -Wa,--noexecstack -march=armv5te -O2 -pipe -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -DTERMIO -O3 -Wall -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
aes-256-cbc       8994.41k    10476.86k    10948.98k    11118.85k    11105.93k
[lulo@lulo-iconnect ~]$ sudo modprobe cryptodev
Hasło:
[lulo@lulo-iconnect openssl]$ modinfo cryptodev
filename:       /lib/modules/3.1.10-3-ARCH/extra/cryptodev.ko
license:        GPL
description:    CryptoDev driver
author:         Nikos Mavrogiannopoulos <nmav@gnutls.org>
depends:       
vermagic:       3.1.10-3-ARCH preempt mod_unload modversions ARMv5
parm:           cryptodev_verbosity:0: normal, 1: verbose, 2: debug (int)
[lulo@lulo-iconnect ~]$ lsmod
Module                  Size  Used by
cryptodev              26002  0
bridge                 68894  0
stp                     1286  1 bridge
llc                     3190  2 stp,bridge
lm63                    5245  0
hwmon                   1191  1 lm63
i2c_mv64xxx             4061  0
i2c_core               15627  2 i2c_mv64xxx,lm63
ipv6                  254083  13 bridge
rt2800pci               7795  0
rt2800lib              39229  1 rt2800pci
rt2x00pci               3629  1 rt2800pci
rt2x00lib              30106  3 rt2x00pci,rt2800lib,rt2800pci
eeprom_93cx6            1150  1 rt2800pci
mac80211              169844  3 rt2x00lib,rt2x00pci,rt2800lib
cfg80211              142596  2 mac80211,rt2x00lib
mv_cesa                 9021  0
rfkill                 14388  1 cfg80211
[lulo@lulo-iconnect ~]$ openssl speed -evp aes-256-cbc
Doing aes-256-cbc for 3s on 16 size blocks: 1660204 aes-256-cbc's in 2.96s
Doing aes-256-cbc for 3s on 64 size blocks: 484659 aes-256-cbc's in 2.96s
Doing aes-256-cbc for 3s on 256 size blocks: 125699 aes-256-cbc's in 2.94s
Doing aes-256-cbc for 3s on 1024 size blocks: 32110 aes-256-cbc's in 2.97s
Doing aes-256-cbc for 3s on 8192 size blocks: 4040 aes-256-cbc's in 2.98s
OpenSSL 1.0.0g 18 Jan 2012
built on: Mon Feb 20 18:42:45 CET 2012
options:bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,16,long) aes(partial) idea(int) blowfish(ptr)
compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS -DHASH_MAX_LEN=64 -Wa,--noexecstack -march=armv5te -O2 -pipe -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -DTERMIO -O3 -Wall -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
aes-256-cbc       8974.08k    10479.11k    10945.22k    11070.92k    11105.93k


heeee... :(
if unload mv_cesa...it's the same effect...not working
lulo
 
Posts: 89
Joined: Mon Nov 28, 2011 1:19 am
Top

Re: [resolved] OpenSSL building from source?

Postby firefoxPL » Mon Feb 20, 2012 8:33 pm

check out this community guide viewtopic.php?f=30&t=2452
looks like you're running openssl as normal user (not root), in the guide I've put an info, that for normal user to have access to cryptodev, the permissions for /dev/crypto (created by cryptodev through udev) need to change:
Code: Select all
chmod go+rw /dev/crypto

after this you should see improvement during openssl speed test, also note in later posts in the guide that there is some problem with certificates signing while using cryptodev - therefore for now it might be wiser to compile openssl without option
Code: Select all
-DUSE_CRYPTODEV_DIGESTS

so that only AES will be handled by cryptodev
Pogo-P24 (new Pogoplug Classic) - ALARM on SATA (mediatomb, netatalk, avahi, time machine, swap, openvpn)
Pogo-E02 (v2 Pink) - ALARM on USB (netatalk, avahi, cryptodev-linux, getting ready for L2TP)
firefoxPL
 
Posts: 65
Joined: Thu Dec 08, 2011 1:49 pm
Top

Re: [resolved] OpenSSL building from source?

Postby lulo » Mon Feb 20, 2012 8:48 pm

ok...i'am build again for your tips...:D

EDIT:
ok...new working perfect (without erase this option -DUSE_CRYPTODEV_DIGESTS)...
Code: Select all
[lulo@lulo-iconnect ~]$ sudo chmod go+rw /dev/crypto
Hasło:
[lulo@lulo-iconnect ~]$ mc

[lulo@lulo-iconnect ~]$ lsmod
Module                  Size  Used by
rmd160                  7186  0
sha1_generic            1661  0
hmac                    2387  0
blowfish                8374  0
cryptodev              26002  1
bridge                 68894  0
stp                     1286  1 bridge
llc                     3190  2 stp,bridge
lm63                    5245  0
hwmon                   1191  1 lm63
i2c_mv64xxx             4061  0
i2c_core               15627  2 i2c_mv64xxx,lm63
ipv6                  254083  13 bridge
rt2800pci               7795  0
rt2800lib              39229  1 rt2800pci
rt2x00pci               3629  1 rt2800pci
rt2x00lib              30106  3 rt2x00pci,rt2800lib,rt2800pci
eeprom_93cx6            1150  1 rt2800pci
mac80211              169844  3 rt2x00lib,rt2x00pci,rt2800lib
cfg80211              142596  2 mac80211,rt2x00lib
rfkill                 14388  1 cfg80211
[lulo@lulo-iconnect ~]$ openssl speed -evp aes-256-cbc
Doing aes-256-cbc for 3s on 16 size blocks: 58304 aes-256-cbc's in 0.06s
Doing aes-256-cbc for 3s on 64 size blocks: 47886 aes-256-cbc's in 0.03s
Doing aes-256-cbc for 3s on 256 size blocks: 28859 aes-256-cbc's in 0.02s
Doing aes-256-cbc for 3s on 1024 size blocks: 10913 aes-256-cbc's in 0.00s
Doing aes-256-cbc for 3s on 8192 size blocks: 1565 aes-256-cbc's in 0.00s
OpenSSL 1.0.0g 18 Jan 2012
built on: Mon Feb 20 18:42:45 CET 2012
options:bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,16,long) aes(partial) idea(int) blowfish(ptr)
compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS -DHASH_MAX_LEN=64 -Wa,--noexecstack -march=armv5te -O2 -pipe -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -DTERMIO -O3 -Wall -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
aes-256-cbc      15547.73k   102156.80k   369395.20k         infk         infk
[lulo@lulo-iconnect ~]$

its right...test fail certificate (full build proceding from console http://pastebin.com/CgEz5dSh )


any ideas, sugestions... ???
lulo
 
Posts: 89
Joined: Mon Nov 28, 2011 1:19 am
Top

Re: [resolved] OpenSSL building from source?

Postby lulo » Sat Mar 03, 2012 1:13 am

i'am
1) remove openssl
2) install new opessl-cryptodev and upgrade linux* (cryptodev modules build from latest linux-3.1.10-4-arm)
3) rmmod mv_cesa
4) sudo modprobe cryptodev
4) sudo chmod go+rw /dev/crypto
5) sudo depmod -a

and...

Code: Select all
[lulo@lulo-iconnect openssl]$ openssl speed -evp aes-256-cbc
Doing aes-256-cbc for 3s on 16 size blocks: 111900 aes-256-cbc's in 0.15s
Doing aes-256-cbc for 3s on 64 size blocks: 93151 aes-256-cbc's in 0.14s
Doing aes-256-cbc for 3s on 256 size blocks: 56317 aes-256-cbc's in 0.10s
Doing aes-256-cbc for 3s on 1024 size blocks: 21962 aes-256-cbc's in 0.05s
Doing aes-256-cbc for 3s on 8192 size blocks: 3146 aes-256-cbc's in 0.01s
OpenSSL 1.0.0g 18 Jan 2012
built on: Wed Feb 29 15:45:42 UTC 2012
options:bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,16,long) aes(partial) idea(int) blowfish(ptr)
compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS -DHASH_MAX_LEN=64 -Wa,--noexecstack -march=armv5te -O2 -pipe -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -I/usr/src/linux-3.1.10-4-ARCH -DTERMIO -O3 -Wall -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
aes-256-cbc      11936.00k    42583.31k   144171.52k   449781.76k  2577203.20k
[lulo@lulo-iconnect openssl]$ lsmod
Module                  Size  Used by
rmd160                  7186  0
sha1_generic            1661  0
hmac                    2387  0
blowfish                8374  0
cryptodev              30239  0
bridge                 68894  0
stp                     1286  1 bridge
llc                     3190  2 stp,bridge
lm63                    5245  0
hwmon                   1191  1 lm63
i2c_mv64xxx             4061  0
i2c_core               15627  2 i2c_mv64xxx,lm63
ipv6                  254083  13 bridge
rt2800pci               7795  0
rt2800lib              39229  1 rt2800pci
rt2x00pci               3629  1 rt2800pci
rt2x00lib              30106  3 rt2x00pci,rt2800lib,rt2800pci
eeprom_93cx6            1150  1 rt2800pci
mac80211              169844  3 rt2x00lib,rt2x00pci,rt2800lib
cfg80211              142596  2 mac80211,rt2x00lib
rfkill                 14388  1 cfg80211


...working :D

Thank you Kurlon & Kevin Mihelich :roll: :D
lulo
 
Posts: 89
Joined: Mon Nov 28, 2011 1:19 am
Top
Previous
Post a reply

Return to Arch Linux ARM

Who is online

Users browsing this forum: No registered users and 1 guest

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group    © Arch Linux ARM. Original Design: Free CSS Templates. phpBB3 port by phpBB3 styles