[openssl-dev] Circumstances cause CBC often to be preferred over GCM modes
Hanno Böck
hanno at hboeck.de
Tue Dec 16 17:15:19 UTC 2014
On Tue, 16 Dec 2014 17:11:34 +0100
Hubert Kario <hkario at redhat.com> wrote:
> they don't differ...
oh sorry, must've pasted the wrong string.
But please ignore my first patch, I don't think this is optimal. I'll
do another one later.
What I think is a sane approach is to leave the current code mostly as
it is, just add one further sorting step that will bring GCM ciphers in
front of non-gcm ones.
I think that should give the desired result.
--
Hanno Böck
http://hboeck.de/
mail/jabber: hanno at hboeck.de
GPG: BBB51E42
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://mta.opensslfoundation.net/pipermail/openssl-dev/attachments/20141216/07b8a41d/attachment-0001.sig>
More information about the openssl-dev
mailing list