[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
Andy Polyakov
appro at openssl.org
Mon Jul 24 21:32:20 UTC 2017
The branch OpenSSL_1_0_2-stable has been updated
via 34ee5a19d827ae14a641413e579bbec0a6f546fd (commit)
from 6b0c3877905ea95bc3f2b078aeb79ecf1bf3d1cc (commit)
- Log -----------------------------------------------------------------
commit 34ee5a19d827ae14a641413e579bbec0a6f546fd
Author: Andy Polyakov <appro at openssl.org>
Date: Mon Jul 10 15:19:45 2017 +0200
evp/e_aes_cbc_hmac_sha256.c: give SHAEXT right priority.
Reviewed-by: Kurt Roeckx <kurt at roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/3898)
(cherry picked from commit d0f6eb1d8c84165c383a677266cfae9c0b162781)
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/e_aes_cbc_hmac_sha256.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/crypto/evp/e_aes_cbc_hmac_sha256.c b/crypto/evp/e_aes_cbc_hmac_sha256.c
index aaa724a..9a8a2ad 100644
--- a/crypto/evp/e_aes_cbc_hmac_sha256.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha256.c
@@ -507,10 +507,12 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx,
* to identify it and avoid stitch invocation. So that after we
* establish that current CPU supports AVX, we even see if it's
* either even XOP-capable Bulldozer-based or GenuineIntel one.
+ * But SHAEXT-capable go ahead...
*/
- if (OPENSSL_ia32cap_P[1] & (1 << (60 - 32)) && /* AVX? */
- ((OPENSSL_ia32cap_P[1] & (1 << (43 - 32))) /* XOP? */
- | (OPENSSL_ia32cap_P[0] & (1<<30))) && /* "Intel CPU"? */
+ if (((OPENSSL_ia32cap_P[2] & (1 << 29)) || /* SHAEXT? */
+ ((OPENSSL_ia32cap_P[1] & (1 << (60 - 32))) && /* AVX? */
+ ((OPENSSL_ia32cap_P[1] & (1 << (43 - 32))) /* XOP? */
+ | (OPENSSL_ia32cap_P[0] & (1 << 30))))) && /* "Intel CPU"? */
plen > (sha_off + iv) &&
(blocks = (plen - (sha_off + iv)) / SHA256_CBLOCK)) {
SHA256_Update(&key->md, in + iv, sha_off);
More information about the openssl-commits
mailing list