aes: make the no-asm constant time code path not the default

After OMC and OTC discussions, the 95% performance loss resulting from the constant time code was deemed excessive for something outside of our security policy. The option to use the constant time code exists as it was in OpenSSL 1.1.1. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17600)
author: Pauli <pauli@openssl.org> 2022-01-27 15:05:48 +1100
committer: Pauli <pauli@openssl.org> 2022-01-31 11:46:20 +1100
commit: 1f7c5c56c7365fefd9cff9bea4d3d27346ca44d1 (patch)
tree: 94bb52e8a12b52bca229f0b5a240f496849f0ac4 /CHANGES.md
parent: cb7e50ba3f250a9c9978a964e98a8c8940833595 (diff)
download: openssl-1f7c5c56c7365fefd9cff9bea4d3d27346ca44d1.zip
openssl-1f7c5c56c7365fefd9cff9bea4d3d27346ca44d1.tar.gz
openssl-1f7c5c56c7365fefd9cff9bea4d3d27346ca44d1.tar.bz2
1 files changed, 7 insertions, 0 deletions
diff --git a/CHANGES.md b/CHANGES.md
index 50002e0..a7980da 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -30,6 +30,13 @@ breaking changes, and mappings for the large list of deprecated functions.
 
 ### Changes between 3.0.1 and 3.0.2 [xx XXX xxxx]
 
+ * Made the AES constant time code for no-asm configurations
+   optional due to the resulting 95% performance degradation.
+   The AES constant time code can be enabled, for no assembly
+   builds, with: ./config no-asm -DOPENSSL_AES_CONST_TIME
+
+   *Paul Dale*
+
  * Fixed PEM_write_bio_PKCS8PrivateKey() to make it possible to use empty
    passphrase strings.
author	Pauli <pauli@openssl.org>	2022-01-27 15:05:48 +1100
committer	Pauli <pauli@openssl.org>	2022-01-31 11:46:20 +1100
commit	1f7c5c56c7365fefd9cff9bea4d3d27346ca44d1 (patch)
tree	94bb52e8a12b52bca229f0b5a240f496849f0ac4 /CHANGES.md
parent	cb7e50ba3f250a9c9978a964e98a8c8940833595 (diff)
download	openssl-1f7c5c56c7365fefd9cff9bea4d3d27346ca44d1.zip openssl-1f7c5c56c7365fefd9cff9bea4d3d27346ca44d1.tar.gz openssl-1f7c5c56c7365fefd9cff9bea4d3d27346ca44d1.tar.bz2