priorities: when without AES acceleration prefer stream ciphers (i.e., CHACHA20)

author Nikos Mavrogiannopoulos <nmav@redhat.com>

Thu, 5 May 2016 09:01:29 +0000 (11:01 +0200)

committer Nikos Mavrogiannopoulos <nmav@redhat.com>

Fri, 6 May 2016 08:08:55 +0000 (10:08 +0200)
author Nikos Mavrogiannopoulos <nmav@redhat.com>
Thu, 5 May 2016 09:01:29 +0000 (11:01 +0200)
committer Nikos Mavrogiannopoulos <nmav@redhat.com>
Fri, 6 May 2016 08:08:55 +0000 (10:08 +0200)
diff --git a/lib/accelerated/x86/x86-common.c b/lib/accelerated/x86/x86-common.c

index 371d025ad9ea141c890f14f52fad2d49603b1f75..78ccb235b282a17ba8cf11623f267e0eeba1eb84 100644 (file)
--- a/lib/accelerated/x86/x86-common.c
+++ b/lib/accelerated/x86/x86-common.c
@@ -103,6 +103,7 @@ static void capabilities_to_intel_cpuid(unsigned capabilities)
                             ("SSSE3 acceleration requested but not available\n");
                 }
         }
+
         if (capabilities & INTEL_PCLMUL) {
                 if (b & bit_PCLMUL) {
                         _gnutls_x86_cpuid_s[1] |= bit_PCLMUL;
@@ -111,6 +112,7 @@ static void capabilities_to_intel_cpuid(unsigned capabilities)
                             ("PCLMUL acceleration requested but not available\n");
                 }
         }
+
  }
  
  static unsigned check_optimized_aes(void)
@@ -275,7 +277,10 @@ void register_x86_padlock_crypto(unsigned capabilities)
                         gnutls_assert();
                 }
  #endif
+       } else {
+               _gnutls_priority_update_non_aesni();
         }
+
  #ifdef HAVE_LIBNETTLE
         phe = check_phe(edx);
  
@@ -644,6 +649,8 @@ void register_x86_intel_crypto(unsigned capabilities)
                                 gnutls_assert();
                         }
                 }
+       } else {
+               _gnutls_priority_update_non_aesni();
         }
  
         return;
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h

index fd899461cd3a509ed5c17724b057653449d59599..74225378d968c3ddd0fbc59b3f6f8cab1a185c4a 100644 (file)
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -1068,6 +1068,7 @@ inline static unsigned get_num_version(gnutls_session_t session)
  }
  
  void _gnutls_priority_update_fips(void);
+void _gnutls_priority_update_non_aesni(void);
  
  #define timespec_sub_ms _gnutls_timespec_sub_ms
  unsigned int
diff --git a/lib/priority.c b/lib/priority.c

index 4934e3af159920279ad95e7a0c4249e9184363cf..31710c4e02ef068bec86839758dec824e9b059e7 100644 (file)
--- a/lib/priority.c
+++ b/lib/priority.c
@@ -31,6 +31,7 @@
  #include <gnutls/x509.h>
  #include <c-ctype.h>
  #include <extensions.h>
+#include "fips.h"
  
  #define MAX_ELEMENTS 64
  
@@ -232,14 +233,30 @@ static const int _cipher_priority_performance_default[] = {
         GNUTLS_CIPHER_AES_128_GCM,
         GNUTLS_CIPHER_AES_256_GCM,
         GNUTLS_CIPHER_CHACHA20_POLY1305,
+       GNUTLS_CIPHER_AES_128_CCM,
+       GNUTLS_CIPHER_AES_256_CCM,
         GNUTLS_CIPHER_CAMELLIA_128_GCM,
         GNUTLS_CIPHER_CAMELLIA_256_GCM,
         GNUTLS_CIPHER_AES_128_CBC,
         GNUTLS_CIPHER_AES_256_CBC,
         GNUTLS_CIPHER_CAMELLIA_128_CBC,
         GNUTLS_CIPHER_CAMELLIA_256_CBC,
+       GNUTLS_CIPHER_3DES_CBC,
+       0
+};
+
+static const int _cipher_priority_performance_no_aesni[] = {
+       GNUTLS_CIPHER_CHACHA20_POLY1305,
+       GNUTLS_CIPHER_AES_128_GCM,
+       GNUTLS_CIPHER_AES_256_GCM,
         GNUTLS_CIPHER_AES_128_CCM,
         GNUTLS_CIPHER_AES_256_CCM,
+       GNUTLS_CIPHER_CAMELLIA_128_GCM,
+       GNUTLS_CIPHER_CAMELLIA_256_GCM,
+       GNUTLS_CIPHER_AES_128_CBC,
+       GNUTLS_CIPHER_AES_256_CBC,
+       GNUTLS_CIPHER_CAMELLIA_128_CBC,
+       GNUTLS_CIPHER_CAMELLIA_256_CBC,
         GNUTLS_CIPHER_3DES_CBC,
         0
  };
@@ -251,16 +268,17 @@ static const int _cipher_priority_normal_default[] = {
         GNUTLS_CIPHER_AES_256_GCM,
         GNUTLS_CIPHER_CAMELLIA_256_GCM,
         GNUTLS_CIPHER_CHACHA20_POLY1305,
+       GNUTLS_CIPHER_AES_256_CCM,
  
         GNUTLS_CIPHER_AES_256_CBC,
         GNUTLS_CIPHER_CAMELLIA_256_CBC,
-       GNUTLS_CIPHER_AES_256_CCM,
  
         GNUTLS_CIPHER_AES_128_GCM,
         GNUTLS_CIPHER_CAMELLIA_128_GCM,
+       GNUTLS_CIPHER_AES_128_CCM,
+
         GNUTLS_CIPHER_AES_128_CBC,
         GNUTLS_CIPHER_CAMELLIA_128_CBC,
-       GNUTLS_CIPHER_AES_128_CCM,
  
         GNUTLS_CIPHER_3DES_CBC,
         0
@@ -268,19 +286,20 @@ static const int _cipher_priority_normal_default[] = {
  
  static const int cipher_priority_performance_fips[] = {
         GNUTLS_CIPHER_AES_128_GCM,
+       GNUTLS_CIPHER_AES_128_CCM,
         GNUTLS_CIPHER_AES_256_GCM,
+       GNUTLS_CIPHER_AES_256_CCM,
+
         GNUTLS_CIPHER_AES_128_CBC,
         GNUTLS_CIPHER_AES_256_CBC,
-       GNUTLS_CIPHER_AES_128_CCM,
-       GNUTLS_CIPHER_AES_256_CCM,
         GNUTLS_CIPHER_3DES_CBC,
         0
  };
  
  static const int cipher_priority_normal_fips[] = {
         GNUTLS_CIPHER_AES_256_GCM,
-       GNUTLS_CIPHER_AES_256_CBC,
         GNUTLS_CIPHER_AES_256_CCM,
+       GNUTLS_CIPHER_AES_256_CBC,
  
         GNUTLS_CIPHER_AES_128_GCM,
         GNUTLS_CIPHER_AES_128_CBC,
@@ -418,6 +437,15 @@ void _gnutls_priority_update_fips(void)
         mac_priority_normal = mac_priority_normal_fips;
  }
  
+void _gnutls_priority_update_non_aesni(void)
+{
+       /* if we have no AES acceleration in performance mode
+        * prefer fast stream ciphers */
+       if (_gnutls_fips_mode_enabled() == 0) {
+               cipher_priority_performance = _cipher_priority_performance_no_aesni;
+       }
+}
+
  static const int _mac_priority_suiteb[] = {
         GNUTLS_MAC_AEAD,
         0
author	Nikos Mavrogiannopoulos <nmav@redhat.com>
	Thu, 5 May 2016 09:01:29 +0000 (11:01 +0200)
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>
	Fri, 6 May 2016 08:08:55 +0000 (10:08 +0200)
lib/accelerated/x86/x86-common.c		patch \| blob \| blame \| history
lib/gnutls_int.h		patch \| blob \| blame \| history
lib/priority.c		patch \| blob \| blame \| history