I understand that in Linux kernel there are basically, 2 types of crypto options:
cryptodev (/dev/crypto)
AF_ALG
But in documentation, both methods are mentioned as HW encryption , i.e. methods which require HW support.
So, if I need crypto support in Linux, and does not have hw support , will the userspace API (for AF_ALG and cryptodev) still work ?
If yes - does it mean they use software algorithm in kernel ?
I am using Arria V, which is based on arm , yet, I don't see in its documentation mention of crypto, so I'm not sure it is supported in HW.
Overview of both methods: AF_ALG and cryptodev (/dev/crypto) https://events.linuxfoundation.org/sites/events/files/slides/lcj-2014-crypto-user.pdf#page=8 "Utilizing the crypto accelerators - Marek Vaˇsut - May 18, 2014"
As I understand, AF_ALG just uses generic kernel crypto API and may use hw crypto accelerator, but always can use software crypto enabled in kernel. AF_ALG can be enabled in 4.1 kernel by CONFIG_CRYPTO_USER_API option set as 'y' or 'm' in kernel configuration when it was built (check config file of the kernel, sometimes it is available as /proc/config.gz or in /boot partition). And to use some algorithms (hashes, symmetric ciphers, random generators), corresponding CONFIG_CRYPTO_USER_API suboption should be enabled too:
http://lxr.free-electrons.com/source/crypto/Kconfig?v=4.1#L1485
1485 config CRYPTO_USER_API
1486 tristate
1487
1488 config CRYPTO_USER_API_HASH
1489 tristate "User-space interface for hash algorithms"
1490 depends on NET
1491 select CRYPTO_HASH
1492 select CRYPTO_USER_API
1493 help
1494 This option enables the user-spaces interface for hash
1495 algorithms.
1496
1497 config CRYPTO_USER_API_SKCIPHER
1498 tristate "User-space interface for symmetric key cipher algorithms"
1499 depends on NET
1500 select CRYPTO_BLKCIPHER
1501 select CRYPTO_USER_API
1502 help
1503 This option enables the user-spaces interface for symmetric
1504 key cipher algorithms.
1505
1506 config CRYPTO_USER_API_RNG
1507 tristate "User-space interface for random number generator algorithms"
1508 depends on NET
1509 select CRYPTO_RNG
1510 select CRYPTO_USER_API
1511 help
1512 This option enables the user-spaces interface for random
1513 number generator algorithms.
Cryptodev (http://cryptodev-linux.org/index.html) looks bit like out-of-tree driver, not included into standard kernel (empty search for http://lxr.free-electrons.com/ident?i=crypto_run or http://lxr.free-electrons.com/ident?i=cryptodev). It should be downloaded, built and installed by user (slide 10 of https://events.linuxfoundation.org/sites/events/files/slides/lcj-2014-crypto-user.pdf#page=10 "Out of kernel tree code (for years)"). They also claim on their website "Support for all major cipher and hash algorithms" so, it may use hardware crypto accelerator, but will work for any supported algorithm with software implementation when there is no hardware (there is always some crypto which is not implemented by any hardware).
So, if I need crypto support in Linux, and does not have hw support , will the userspace API (for AF_ALG and cryptodev) still work? If yes - does it mean they use software algorithm in kernel?
Yes, both methods will work without any HW crypto, and will use all software implementations available in the kernel (enabled at time when kernel was built).