Google Git
Sign in
boringssl / boringssl / 35a910949d684aea8b86a8c42db76c4f43e31a96
commit35a910949d684aea8b86a8c42db76c4f43e31a96[log] [tgz]
authorBob Beck <bbe@google.com>Wed Dec 13 23:37:41 2023 +0000
committerBoringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>Thu May 09 00:18:39 2024 +0000
tree3e3f8db13c037935eb1ee6ef5070c072ee4cf7cd
parent8e6aa7f39f4357a6ad15944884f72db8d25b9dff [diff]
Add verify.cc and verify.h as top level public API.

Not the end of a public API, but rather a beginning
as this one has successful consumers.

This is an adaptation of google3 verify.cc with the
primary differences being:

- No custom error code conversions are provided. when
  google3 is switched to use this the conversions for
  absl, sts, and trawler will be re-done and kept in
  third_party/chromium_certificate verifier.
- No CRL or certificate revocation functionality is
  yet provided. (This comes via the delegate, we can
  consider exposing a way to to do this later)

Bug: 660, b:323560158
Change-Id: Id5f36f792ca0f6d61298e6bb239bf51b1b6b40da
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/64847
Commit-Queue: Bob Beck <bbe@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
15 files changed
tree: 3e3f8db13c037935eb1ee6ef5070c072ee4cf7cd
  1. .github/
  2. cmake/
  3. crypto/
  4. decrepit/
  5. fuzz/
  6. gen/
  7. include/
  8. pki/
  9. rust/
  10. ssl/
  11. third_party/
  12. tool/
  13. util/
  14. .bazelignore
  15. .bazelrc
  16. .clang-format
  17. .gitignore
  18. API-CONVENTIONS.md
  19. BREAKING-CHANGES.md
  20. BUILD.bazel
  21. build.json
  22. BUILDING.md
  23. CMakeLists.txt
  24. codereview.settings
  25. CONTRIBUTING.md
  26. FUZZING.md
  27. go.mod
  28. go.sum
  29. INCORPORATING.md
  30. LICENSE
  31. MODULE.bazel
  32. MODULE.bazel.lock
  33. PORTING.md
  34. PrivacyInfo.xcprivacy
  35. README.md
  36. SANDBOXING.md
  37. STYLE.md
README.md

BoringSSL

BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.

Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.

Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.

BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.

Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's not part of the NDK) and a number of other apps/programs.

Project links:

There are other files in this directory which might be helpful: