commit | 91a3f26a2e5a0b8dab61b72ba6ae044372af3891 | [log] [tgz] |
---|---|---|
author | David Benjamin <davidben@google.com> | Sat Feb 10 11:08:08 2024 -0500 |
committer | Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> | Thu Mar 07 22:19:26 2024 +0000 |
tree | 87118ebdf8527ae7e1eddc4dad78078373bc6d21 | |
parent | 1a118bbf76ab52698961a1c7ec717ab0080b037d [diff] |
Add an SSL_CREDENTIAL API for ECDSA/RSA and delegated credentials This adds a notion of "credentials" to BoringSSL's API, to support certificate selection by key type (typically ECDSA vs RSA), though the aim is for it to be generalizable to other certificate types and other kinds of selection criteria, such as Trust Expressions, or Merkle Tree Certificates. Since we already had some nascent delegated credentials I've reworked that feature with SSL_CREDENTIALs as well. The model is that you create an SSL_CREDENTIAL object containing all the configuration for what you are authenticating as. An X.509 SSL_CREDENTIAL has a certificate chain, private key, optionally an OCSP response and SCT list. Delegated credentials are similar. In the future, we might use this for raw public keys, other certificate types, etc. Once you set those up, you configure those on the SSL or SSL_CTX in preference order, and BoringSSL will internally pick the first one that is usable. The current implementation ends up redundantly selecting the signature algorithm a couple of times. This works but is a little goofy. A follow-up change will remove this redundancy. The protocol between the runner and shim for tests is also a little weird, but it was the easiest way I could think of for injecting that. Long-term, I think we should just replace that protocol with a JSON structure. (See https://crbug.com/boringssl/704.) As split handshakes are in the process of being replaced with handshake hints, this won't work with split handshakes. It works with handshake hints without any extra work. Update-Note: The delegated credentials API has been revamped. Previously, it worked by configuring an optional delegated credential and key with your normal certificate chain. This has the side effect of forcing your DC issuer and your fallback certificate to be the same. The SSL_CREDENTIAL API lifts this restriction. A delegated credential is now just a different kind of credential. It may use the same certificate chain as an X.509 credential or be completely separate. All the SSL_CREDENTIAL APIs take CRYPTO_BUFFERs, so, if common, the buffers may be shared to reduce memory. The SSL_delegated_credential_used API is also removed, in favor of the more general SSL_get0_selected_credential API. Callers can use ex_data or pointer equality to identify the credential. Bug: 249 Change-Id: Ibc290df3b7b95f148df12625e41cf55c50566602 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66690 Reviewed-by: Bob Beck <bbe@google.com> Commit-Queue: David Benjamin <davidben@google.com>
BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.
Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.
Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.
BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.
Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's not part of the NDK) and a number of other apps/programs.
Project links:
There are other files in this directory which might be helpful: