Prefer AES-GCM when hardware support is available.
BUG=396787
Change-Id: I72ddb0ec3c71dbc70054403163930cbbde4b6009
Reviewed-on: https://boringssl-review.googlesource.com/1581
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/crypto/modes/gcm.c b/crypto/modes/gcm.c
index 982f823..065c457 100644
--- a/crypto/modes/gcm.c
+++ b/crypto/modes/gcm.c
@@ -406,8 +406,7 @@
}
#if defined(GHASH_ASM_X86_OR_64)
- if (OPENSSL_ia32cap_P[0] & (1 << 24) && /* check FXSR bit */
- OPENSSL_ia32cap_P[1] & (1 << 1)) { /* check PCLMULQDQ bit */
+ if (crypto_gcm_clmul_enabled()) {
if (((OPENSSL_ia32cap_P[1] >> 22) & 0x41) == 0x41) { /* AVX+MOVBE */
gcm_init_avx(ctx->Htable, ctx->H.u);
ctx->gmult = gcm_gmult_avx;
@@ -1189,3 +1188,14 @@
OPENSSL_free(ctx);
}
}
+
+#if defined(OPENSSL_X86) || defined(OPENSSL_X86_64)
+int crypto_gcm_clmul_enabled(void) {
+#ifdef GHASH_ASM
+ return OPENSSL_ia32cap_P[0] & (1 << 24) && /* check FXSR bit */
+ OPENSSL_ia32cap_P[1] & (1 << 1); /* check PCLMULQDQ bit */
+#else
+ return 0;
+#endif
+}
+#endif
diff --git a/crypto/modes/internal.h b/crypto/modes/internal.h
index 4fa0ec6..4659eab 100644
--- a/crypto/modes/internal.h
+++ b/crypto/modes/internal.h
@@ -194,6 +194,13 @@
#endif
+#if defined(OPENSSL_X86) || defined(OPENSSL_X86_64)
+/* crypto_gcm_clmul_enabled returns one if the CLMUL implementation of GCM is
+ * used. */
+int crypto_gcm_clmul_enabled(void);
+#endif
+
+
#if defined(__cplusplus)
} /* extern C */
#endif
