From: Andy Polyakov Date: Mon, 10 Jul 2017 13:19:45 +0000 (+0200) Subject: evp/e_aes_cbc_hmac_sha256.c: give SHAEXT right priority. X-Git-Tag: OpenSSL_1_1_1-pre1~986 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=d0f6eb1d8c84165c383a677266cfae9c0b162781;p=oweals%2Fopenssl.git evp/e_aes_cbc_hmac_sha256.c: give SHAEXT right priority. Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/3898) --- diff --git a/crypto/evp/e_aes_cbc_hmac_sha256.c b/crypto/evp/e_aes_cbc_hmac_sha256.c index bca6e1018f..caac0c9d3d 100644 --- a/crypto/evp/e_aes_cbc_hmac_sha256.c +++ b/crypto/evp/e_aes_cbc_hmac_sha256.c @@ -453,10 +453,12 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx, * to identify it and avoid stitch invocation. So that after we * establish that current CPU supports AVX, we even see if it's * either even XOP-capable Bulldozer-based or GenuineIntel one. + * But SHAEXT-capable go ahead... */ - if (OPENSSL_ia32cap_P[1] & (1 << (60 - 32)) && /* AVX? */ - ((OPENSSL_ia32cap_P[1] & (1 << (43 - 32))) /* XOP? */ - | (OPENSSL_ia32cap_P[0] & (1<<30))) && /* "Intel CPU"? */ + if (((OPENSSL_ia32cap_P[2] & (1 << 29)) || /* SHAEXT? */ + ((OPENSSL_ia32cap_P[1] & (1 << (60 - 32))) && /* AVX? */ + ((OPENSSL_ia32cap_P[1] & (1 << (43 - 32))) /* XOP? */ + | (OPENSSL_ia32cap_P[0] & (1 << 30))))) && /* "Intel CPU"? */ plen > (sha_off + iv) && (blocks = (plen - (sha_off + iv)) / SHA256_CBLOCK)) { SHA256_Update(&key->md, in + iv, sha_off);