diff options
author | Andy Polyakov <appro@openssl.org> | 2013-02-02 19:29:59 +0100 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2013-02-06 14:19:10 +0000 |
commit | 9970308c88dda1e55a10c970b73ff64e8f678d8f (patch) | |
tree | f18dc43efebdaf756a58b67c18194350c6f0997c /ssl/ssl_algs.c | |
parent | 2aec073a529f8d8dc0e625b9c444db9de7b46873 (diff) |
e_aes_cbc_hmac_sha1.c: address the CBC decrypt timing issues.
Address CBC decrypt timing issues and reenable the AESNI+SHA1 stitch.
(cherry picked from commit 125093b59f3c2a2d33785b5563d929d0472f1721)
Diffstat (limited to 'ssl/ssl_algs.c')
-rw-r--r-- | ssl/ssl_algs.c | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/ssl/ssl_algs.c b/ssl/ssl_algs.c index 333a8d5377..d5a7a20e8a 100644 --- a/ssl/ssl_algs.c +++ b/ssl/ssl_algs.c @@ -90,12 +90,10 @@ int SSL_library_init(void) EVP_add_cipher(EVP_aes_256_cbc()); EVP_add_cipher(EVP_aes_128_gcm()); EVP_add_cipher(EVP_aes_256_gcm()); -#if 0 /* Disabled because of timing side-channel leaks. */ #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1()); EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1()); #endif -#endif #endif #ifndef OPENSSL_NO_CAMELLIA |