diff options
author | Andy Polyakov <appro@openssl.org> | 2013-10-12 22:10:28 +0200 |
---|---|---|
committer | Andy Polyakov <appro@openssl.org> | 2013-10-12 22:10:28 +0200 |
commit | b4f0abd246340b90bb3fa2646814729f0e9d049e (patch) | |
tree | 8cfaef856b0e1371748a91da86ed72147da186e7 | |
parent | 7e1e3334f6d419a09da5f9f99bf448f18ff74867 (diff) |
evp/e_aes_cbc_hmac_sha*.c: limit multi-block fragmentation to 1KB.
Excessive fragmentation put additional burden (of addtional MAC
calculations) on the other size and limiting fragments it to 1KB
limits the overhead to ~6%.
-rw-r--r-- | crypto/evp/e_aes_cbc_hmac_sha1.c | 3 | ||||
-rw-r--r-- | crypto/evp/e_aes_cbc_hmac_sha256.c | 5 |
2 files changed, 5 insertions, 3 deletions
diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c index 15e96386b1..98ee2bba22 100644 --- a/crypto/evp/e_aes_cbc_hmac_sha1.c +++ b/crypto/evp/e_aes_cbc_hmac_sha1.c @@ -719,7 +719,8 @@ static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void if (inp_len<4096) return 0; /* too short */ - if (OPENSSL_ia32cap_P[2]&(1<<5)) n4x=2; /* AVX2 */ + if (inp_len>=8192 && OPENSSL_ia32cap_P[2]&(1<<5)) + n4x=2; /* AVX2 */ key->md = key->head; SHA1_Update(&key->md,param->inp,13); diff --git a/crypto/evp/e_aes_cbc_hmac_sha256.c b/crypto/evp/e_aes_cbc_hmac_sha256.c index 602bfa9ce0..e1a21b39ee 100644 --- a/crypto/evp/e_aes_cbc_hmac_sha256.c +++ b/crypto/evp/e_aes_cbc_hmac_sha256.c @@ -744,9 +744,10 @@ static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, vo if ((param->inp[9]<<8|param->inp[10]) < TLS1_1_VERSION) return -1; - if (inp_len<2048) return 0; /* too short */ + if (inp_len<4096) return 0; /* too short */ - if (OPENSSL_ia32cap_P[2]&(1<<5)) n4x=2; /* AVX2 */ + if (inp_len>=8192 && OPENSSL_ia32cap_P[2]&(1<<5)) + n4x=2; /* AVX2 */ key->md = key->head; SHA256_Update(&key->md,param->inp,13); |