projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
evp/e_aes_cbc_hmac_sha*.c: limit multi-block fragmentation to 1KB.
[openssl.git]
/
crypto
/
evp
/
e_aes_cbc_hmac_sha256.c
diff --git
a/crypto/evp/e_aes_cbc_hmac_sha256.c
b/crypto/evp/e_aes_cbc_hmac_sha256.c
index 602bfa9ce042b209d1737ab88b35da4e4ae438c7..e1a21b39ee2f04c1cbbc97fc0a42a3b2f27e81d9 100644
(file)
--- a/
crypto/evp/e_aes_cbc_hmac_sha256.c
+++ b/
crypto/evp/e_aes_cbc_hmac_sha256.c
@@
-744,9
+744,10
@@
static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, vo
if ((param->inp[9]<<8|param->inp[10]) < TLS1_1_VERSION)
return -1;
if ((param->inp[9]<<8|param->inp[10]) < TLS1_1_VERSION)
return -1;
- if (inp_len<
2048
) return 0; /* too short */
+ if (inp_len<
4096
) return 0; /* too short */
- if (OPENSSL_ia32cap_P[2]&(1<<5)) n4x=2; /* AVX2 */
+ if (inp_len>=8192 && OPENSSL_ia32cap_P[2]&(1<<5))
+ n4x=2; /* AVX2 */
key->md = key->head;
SHA256_Update(&key->md,param->inp,13);
key->md = key->head;
SHA256_Update(&key->md,param->inp,13);