CVE-2013-0169: Make CBC decoding constant time (cherry-picked from 2c082d25fc3f0dd6e56c45407fe10638b904083c) Bug: 8017911 Bug: 8095088 Change-Id: I57556e120fd1f585d38739d0d6aaf02bcbe45fbd

commit: fa75fdba32eae335f286afb1dc93ef1b5ec72615 [log] [tgz]
author: Brian Carlstrom <bdc@google.com> Fri Feb 01 23:44:05 2013 -0800
committer: Brian Carlstrom <bdc@google.com> Mon Feb 04 10:56:20 2013 -0800
tree: 6feddc5bf7c637ed8425aae362fecc235f66a030
parent: 4b0baa1ed0dba48c5f450864e0369c601040f84d [diff] [blame]
diff --git a/ssl/ssl_algs.c b/ssl/ssl_algs.c
index d443143..41ccbaa 100644
--- a/ssl/ssl_algs.c
+++ b/ssl/ssl_algs.c

@@ -90,11 +90,14 @@
 	EVP_add_cipher(EVP_aes_256_cbc());
 	EVP_add_cipher(EVP_aes_128_gcm());
 	EVP_add_cipher(EVP_aes_256_gcm());
+#if 0 /* Disabled because of timing side-channel leaks. */
 #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
 	EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
 	EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
 #endif
 #endif
+
+#endif
 #ifndef OPENSSL_NO_CAMELLIA
 	EVP_add_cipher(EVP_camellia_128_cbc());
 	EVP_add_cipher(EVP_camellia_256_cbc());
commit	fa75fdba32eae335f286afb1dc93ef1b5ec72615	[log] [tgz]
author	Brian Carlstrom <bdc@google.com>	Fri Feb 01 23:44:05 2013 -0800
committer	Brian Carlstrom <bdc@google.com>	Mon Feb 04 10:56:20 2013 -0800
tree	6feddc5bf7c637ed8425aae362fecc235f66a030
parent	4b0baa1ed0dba48c5f450864e0369c601040f84d [diff] [blame]