evp/e_aes_cbc_hmac_sha*.c: limit multi-block fragmentation to 1KB.
authorAndy Polyakov <appro@openssl.org>
Sat, 12 Oct 2013 20:10:28 +0000 (22:10 +0200)
committerAndy Polyakov <appro@openssl.org>
Sat, 12 Oct 2013 20:10:28 +0000 (22:10 +0200)
Excessive fragmentation put additional burden (of addtional MAC
calculations) on the other size and limiting fragments it to 1KB
limits the overhead to ~6%.

crypto/evp/e_aes_cbc_hmac_sha1.c
crypto/evp/e_aes_cbc_hmac_sha256.c

index 15e9638..98ee2bb 100644 (file)
@@ -719,7 +719,8 @@ static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void
 
                        if (inp_len<4096) return 0;     /* too short */
 
-                       if (OPENSSL_ia32cap_P[2]&(1<<5)) n4x=2; /* AVX2 */
+                       if (inp_len>=8192 && OPENSSL_ia32cap_P[2]&(1<<5))
+                               n4x=2;  /* AVX2 */
 
                        key->md = key->head;
                        SHA1_Update(&key->md,param->inp,13);
index 602bfa9..e1a21b3 100644 (file)
@@ -744,9 +744,10 @@ static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, vo
                        if ((param->inp[9]<<8|param->inp[10]) < TLS1_1_VERSION)
                                return -1;
 
-                       if (inp_len<2048) return 0;     /* too short */
+                       if (inp_len<4096) return 0;     /* too short */
 
-                       if (OPENSSL_ia32cap_P[2]&(1<<5)) n4x=2; /* AVX2 */
+                       if (inp_len>=8192 && OPENSSL_ia32cap_P[2]&(1<<5))
+                               n4x=2;  /* AVX2 */
 
                        key->md = key->head;
                        SHA256_Update(&key->md,param->inp,13);