evp/e_aes_cbc_hmac_sha256.c: give SHAEXT right priority.

author Andy Polyakov <appro@openssl.org>

Mon, 10 Jul 2017 13:19:45 +0000 (15:19 +0200)

committer Andy Polyakov <appro@openssl.org>

Mon, 24 Jul 2017 21:29:13 +0000 (23:29 +0200)
author Andy Polyakov <appro@openssl.org>
Mon, 10 Jul 2017 13:19:45 +0000 (15:19 +0200)
committer Andy Polyakov <appro@openssl.org>
Mon, 24 Jul 2017 21:29:13 +0000 (23:29 +0200)
diff --git a/crypto/evp/e_aes_cbc_hmac_sha256.c b/crypto/evp/e_aes_cbc_hmac_sha256.c

index bca6e1018f820ff81647cbd93728c23562733c08..caac0c9d3da23635e7936969f8719a188d6e73b8 100644 (file)
--- a/crypto/evp/e_aes_cbc_hmac_sha256.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha256.c
@@ -453,10 +453,12 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx,
           * to identify it and avoid stitch invocation. So that after we
           * establish that current CPU supports AVX, we even see if it's
           * either even XOP-capable Bulldozer-based or GenuineIntel one.
+         * But SHAEXT-capable go ahead...
           */
-        if (OPENSSL_ia32cap_P[1] & (1 << (60 - 32)) && /* AVX? */
-            ((OPENSSL_ia32cap_P[1] & (1 << (43 - 32))) /* XOP? */
-             | (OPENSSL_ia32cap_P[0] & (1<<30))) &&    /* "Intel CPU"? */
+        if (((OPENSSL_ia32cap_P[2] & (1 << 29)) ||         /* SHAEXT? */
+             ((OPENSSL_ia32cap_P[1] & (1 << (60 - 32))) && /* AVX? */
+              ((OPENSSL_ia32cap_P[1] & (1 << (43 - 32)))   /* XOP? */
+               | (OPENSSL_ia32cap_P[0] & (1 << 30))))) &&  /* "Intel CPU"? */
              plen > (sha_off + iv) &&
              (blocks = (plen - (sha_off + iv)) / SHA256_CBLOCK)) {
              SHA256_Update(&key->md, in + iv, sha_off);
author	Andy Polyakov <appro@openssl.org>
	Mon, 10 Jul 2017 13:19:45 +0000 (15:19 +0200)
committer	Andy Polyakov <appro@openssl.org>
	Mon, 24 Jul 2017 21:29:13 +0000 (23:29 +0200)