e_aes_cbc_hmac_sha1.c: address the CBC decrypt timing issues.

Address CBC decrypt timing issues and reenable the AESNI+SHA1 stitch. (cherry picked from commit 125093b59f3c2a2d33785b5563d929d0472f1721)
author: Andy Polyakov <appro@openssl.org> 2013-02-02 19:29:59 +0100
committer: Dr. Stephen Henson <steve@openssl.org> 2013-02-06 13:56:15 +0000
commit: 5966f4d973fc87dbf6bc7f86c5b95cf4e63cec84 (patch)
tree: 373fa22e9e70413d3053e8733ae267f5fe26aa26 /ssl/ssl_algs.c
parent: eeb486a5f41a6d71708f02bb32b07f023f5d5ea7 (diff)
download: openssl-5966f4d973fc87dbf6bc7f86c5b95cf4e63cec84.tar.gz
1 files changed, 0 insertions, 2 deletions
diff --git a/ssl/ssl_algs.c b/ssl/ssl_algs.c
index 41ccbaac30..9c34d19725 100644
--- a/ssl/ssl_algs.c
+++ b/ssl/ssl_algs.c
@@ -90,12 +90,10 @@ int SSL_library_init(void)
 	EVP_add_cipher(EVP_aes_256_cbc());
 	EVP_add_cipher(EVP_aes_128_gcm());
 	EVP_add_cipher(EVP_aes_256_gcm());
-#if 0 /* Disabled because of timing side-channel leaks. */
 #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
 	EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
 	EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
 #endif
-#endif
 
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
author	Andy Polyakov <appro@openssl.org>	2013-02-02 19:29:59 +0100
committer	Dr. Stephen Henson <steve@openssl.org>	2013-02-06 13:56:15 +0000
commit	5966f4d973fc87dbf6bc7f86c5b95cf4e63cec84 (patch)
tree	373fa22e9e70413d3053e8733ae267f5fe26aa26 /ssl/ssl_algs.c
parent	eeb486a5f41a6d71708f02bb32b07f023f5d5ea7 (diff)
download	openssl-5966f4d973fc87dbf6bc7f86c5b95cf4e63cec84.tar.gz