diff options
author | Andy Polyakov <appro@openssl.org> | 2013-02-02 19:29:59 +0100 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2013-02-06 13:56:15 +0000 |
commit | 5966f4d973fc87dbf6bc7f86c5b95cf4e63cec84 (patch) | |
tree | 373fa22e9e70413d3053e8733ae267f5fe26aa26 /ssl/ssl_algs.c | |
parent | eeb486a5f41a6d71708f02bb32b07f023f5d5ea7 (diff) | |
download | openssl-5966f4d973fc87dbf6bc7f86c5b95cf4e63cec84.tar.gz |
e_aes_cbc_hmac_sha1.c: address the CBC decrypt timing issues.
Address CBC decrypt timing issues and reenable the AESNI+SHA1 stitch.
(cherry picked from commit 125093b59f3c2a2d33785b5563d929d0472f1721)
Diffstat (limited to 'ssl/ssl_algs.c')
-rw-r--r-- | ssl/ssl_algs.c | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/ssl/ssl_algs.c b/ssl/ssl_algs.c index 41ccbaac30..9c34d19725 100644 --- a/ssl/ssl_algs.c +++ b/ssl/ssl_algs.c @@ -90,12 +90,10 @@ int SSL_library_init(void) EVP_add_cipher(EVP_aes_256_cbc()); EVP_add_cipher(EVP_aes_128_gcm()); EVP_add_cipher(EVP_aes_256_gcm()); -#if 0 /* Disabled because of timing side-channel leaks. */ #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1()); EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1()); #endif -#endif #endif #ifndef OPENSSL_NO_CAMELLIA |