README
¶
BoringSSL
BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.
Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.
Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.
BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.
Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's not part of the NDK) and a number of other apps/programs.
There are other files in this directory which might be helpful:
- PORTING.md: how to port OpenSSL-using code to BoringSSL.
- BUILDING.md: how to build BoringSSL
- INCORPORATING.md: how to incorporate BoringSSL into a project.
- API-CONVENTIONS.md: general API conventions for BoringSSL consumers and developers.
- STYLE.md: rules and guidelines for coding style.
- include/openssl: public headers with API documentation in comments. Also available online.
- FUZZING.md: information about fuzzing BoringSSL.
- CONTRIBUTING.md: how to contribute to BoringSSL.
- BREAKING-CHANGES.md: notes on potentially-breaking changes.
Directories
¶
| Path | Synopsis |
|---|---|
|
crypto
|
|
|
cipher_extra/test/nist_cavp
The make_cavp utility generates cipher_test input files from NIST CAVP Known Answer Test response (.rsp) files.
|
The make_cavp utility generates cipher_test input files from NIST CAVP Known Answer Test response (.rsp) files. |
|
x509
make_many_constraints.go generates test certificates many_constraints.pem, many_names*.pem, and some_names*.pem for x509_test.cc
|
make_many_constraints.go generates test certificates many_constraints.pem, many_names*.pem, and some_names*.pem for x509_test.cc |
|
run_cavp.go processes CAVP input files and generates suitable response files, optionally comparing the results against the provided FAX files.
|
run_cavp.go processes CAVP input files and generates suitable response files, optionally comparing the results against the provided FAX files. |
|
ssl
|
|
|
test/runner
Package tls partially implements TLS 1.2, as specified in RFC 5246.
|
Package tls partially implements TLS 1.2, as specified in RFC 5246. |
|
test/runner/curve25519
Package curve25519 provides an implementation of scalar multiplication on the elliptic curve known as curve25519.
|
Package curve25519 provides an implementation of scalar multiplication on the elliptic curve known as curve25519. |
|
test/runner/ed25519
Package ed25519 implements the Ed25519 signature algorithm.
|
Package ed25519 implements the Ed25519 signature algorithm. |
|
test/runner/poly1305
Package poly1305 implements Poly1305 one-time message authentication code as specified in http://cr.yp.to/mac/poly1305-20050329.pdf.
|
Package poly1305 implements Poly1305 one-time message authentication code as specified in http://cr.yp.to/mac/poly1305-20050329.pdf. |
|
check_filenames.go checks that filenames are unique.
|
check_filenames.go checks that filenames are unique. |
|
fipstools
break-hash parses an ELF binary containing the FIPS module and corrupts the first byte of the module.
|
break-hash parses an ELF binary containing the FIPS module and corrupts the first byte of the module. |