From: Andy Polyakov <appro@openssl.org>
Date: Sat, 12 Oct 2013 20:10:28 +0000 (+0200)
Subject: evp/e_aes_cbc_hmac_sha*.c: limit multi-block fragmentation to 1KB.
X-Git-Tag: master-post-reformat~1141
X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=b4f0abd246340b90bb3fa2646814729f0e9d049e

evp/e_aes_cbc_hmac_sha*.c: limit multi-block fragmentation to 1KB.

Excessive fragmentation put additional burden (of addtional MAC
calculations) on the other size and limiting fragments it to 1KB
limits the overhead to ~6%.
---

diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c
index 15e96386b1..98ee2bba22 100644
--- a/crypto/evp/e_aes_cbc_hmac_sha1.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha1.c
@@ -719,7 +719,8 @@ static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void
 
 			if (inp_len<4096) return 0;	/* too short */
 
-			if (OPENSSL_ia32cap_P[2]&(1<<5)) n4x=2;	/* AVX2 */
+			if (inp_len>=8192 && OPENSSL_ia32cap_P[2]&(1<<5))
+				n4x=2;	/* AVX2 */
 
 			key->md = key->head;
 			SHA1_Update(&key->md,param->inp,13);
diff --git a/crypto/evp/e_aes_cbc_hmac_sha256.c b/crypto/evp/e_aes_cbc_hmac_sha256.c
index 602bfa9ce0..e1a21b39ee 100644
--- a/crypto/evp/e_aes_cbc_hmac_sha256.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha256.c
@@ -744,9 +744,10 @@ static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, vo
 			if ((param->inp[9]<<8|param->inp[10]) < TLS1_1_VERSION)
 				return -1;
 
-			if (inp_len<2048) return 0;	/* too short */
+			if (inp_len<4096) return 0;	/* too short */
 
-			if (OPENSSL_ia32cap_P[2]&(1<<5)) n4x=2;	/* AVX2 */
+			if (inp_len>=8192 && OPENSSL_ia32cap_P[2]&(1<<5))
+				n4x=2;	/* AVX2 */
 
 			key->md = key->head;
 			SHA256_Update(&key->md,param->inp,13);