summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/modes
diff options
context:
space:
mode:
authortb <>2024-09-06 09:57:32 +0000
committertb <>2024-09-06 09:57:32 +0000
commit2f477ae2728d0ed1462508692e09b8f3c8398d90 (patch)
treec22e39e94e81983bcd1b3626eb8f8209d4c33a03 /src/lib/libcrypto/modes
parent1cf5f5e953944e829c982d02e497cddf8a7ed9c4 (diff)
downloadopenbsd-2f477ae2728d0ed1462508692e09b8f3c8398d90.tar.gz
openbsd-2f477ae2728d0ed1462508692e09b8f3c8398d90.tar.bz2
openbsd-2f477ae2728d0ed1462508692e09b8f3c8398d90.zip
Reenable AES-NI in libcrypto
The OPENSSL_cpu_caps() change after the last bump missed a crucial bit: there is more MD mess in the MI code than anticipated, with the result that AES is now used without AES-NI on amd64 and i386, hurting machines that previously greatly benefitted from it. Temporarily add an internal crypto_cpu_caps_ia32() API that returns the OPENSSL_ia32cap_P or 0 like OPENSSL_cpu_caps() previously did. This can be improved after the release. Regression reported and fix tested by Mark Patruck. No impact on public ABI or API. with/ok jsing PS: Next time my pkg_add feels very slow, I should perhaps not mechanically blame IEEE 802.11...
Diffstat (limited to 'src/lib/libcrypto/modes')
-rw-r--r--src/lib/libcrypto/modes/gcm128.c13
1 files changed, 8 insertions, 5 deletions
diff --git a/src/lib/libcrypto/modes/gcm128.c b/src/lib/libcrypto/modes/gcm128.c
index cbda8ad097..6c89bd44b7 100644
--- a/src/lib/libcrypto/modes/gcm128.c
+++ b/src/lib/libcrypto/modes/gcm128.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gcm128.c,v 1.26 2023/08/10 07:18:43 jsing Exp $ */ 1/* $OpenBSD: gcm128.c,v 1.27 2024/09/06 09:57:32 tb Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 2010 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 2010 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -50,9 +50,12 @@
50 50
51#define OPENSSL_FIPSAPI 51#define OPENSSL_FIPSAPI
52 52
53#include <string.h>
54
53#include <openssl/crypto.h> 55#include <openssl/crypto.h>
56
57#include "crypto_internal.h"
54#include "modes_local.h" 58#include "modes_local.h"
55#include <string.h>
56 59
57#ifndef MODES_DEBUG 60#ifndef MODES_DEBUG
58# ifndef NDEBUG 61# ifndef NDEBUG
@@ -660,7 +663,7 @@ CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block)
660# if defined(GHASH_ASM_X86_OR_64) 663# if defined(GHASH_ASM_X86_OR_64)
661# if !defined(GHASH_ASM_X86) || defined(OPENSSL_IA32_SSE2) 664# if !defined(GHASH_ASM_X86) || defined(OPENSSL_IA32_SSE2)
662 /* check FXSR and PCLMULQDQ bits */ 665 /* check FXSR and PCLMULQDQ bits */
663 if ((OPENSSL_cpu_caps() & (CPUCAP_MASK_FXSR | CPUCAP_MASK_PCLMUL)) == 666 if ((crypto_cpu_caps_ia32() & (CPUCAP_MASK_FXSR | CPUCAP_MASK_PCLMUL)) ==
664 (CPUCAP_MASK_FXSR | CPUCAP_MASK_PCLMUL)) { 667 (CPUCAP_MASK_FXSR | CPUCAP_MASK_PCLMUL)) {
665 gcm_init_clmul(ctx->Htable, ctx->H.u); 668 gcm_init_clmul(ctx->Htable, ctx->H.u);
666 ctx->gmult = gcm_gmult_clmul; 669 ctx->gmult = gcm_gmult_clmul;
@@ -671,9 +674,9 @@ CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block)
671 gcm_init_4bit(ctx->Htable, ctx->H.u); 674 gcm_init_4bit(ctx->Htable, ctx->H.u);
672# if defined(GHASH_ASM_X86) /* x86 only */ 675# if defined(GHASH_ASM_X86) /* x86 only */
673# if defined(OPENSSL_IA32_SSE2) 676# if defined(OPENSSL_IA32_SSE2)
674 if (OPENSSL_cpu_caps() & CPUCAP_MASK_SSE) { /* check SSE bit */ 677 if (crypto_cpu_caps_ia32() & CPUCAP_MASK_SSE) { /* check SSE bit */
675# else 678# else
676 if (OPENSSL_cpu_caps() & CPUCAP_MASK_MMX) { /* check MMX bit */ 679 if (crypto_cpu_caps_ia32() & CPUCAP_MASK_MMX) { /* check MMX bit */
677# endif 680# endif
678 ctx->gmult = gcm_gmult_4bit_mmx; 681 ctx->gmult = gcm_gmult_4bit_mmx;
679 ctx->ghash = gcm_ghash_4bit_mmx; 682 ctx->ghash = gcm_ghash_4bit_mmx;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-22 22:09:47 +0000