|author||David Benjamin <firstname.lastname@example.org>||Fri Jan 29 15:28:58 2016 -0500|
|committer||Adam Langley <email@example.com>||Fri Jan 29 21:30:00 2016 +0000|
Stop allowing SHA-224 in TLS 1.2. Take the mappings for MD5 and SHA-224 values out of the code altogether. This aligns with the current TLS 1.3 draft. For MD5, this is a no-op. It is not currently possible to configure accepted signature algorithms, MD5 wasn't in the hardcoded list, and we already had a test ensuring we enforced our preferences correctly. MD5 also wasn't in the default list of hashes our keys could sign and no one overrides it with a different hash. For SHA-224, this is not quite a no-op. The hardcoded accepted signature algorithms list included SHA-224, so this will break servers relying on that. However, Chrome's metrics have zero data points of servers picking SHA-224 and no other major browser includes it. Thus that should be safe. SHA-224 was also in the default list of hashes we are willing to sign. For client certificates, Chromium's abstractions already did not allow signing SHA-224, so this is a no-op there. For servers, this will break any clients which only accept SHA-224. But no major browsers do this and I am not aware of any client implementation which does such ridiculous thing. (SHA-1's still in there. Getting rid of that one is going to take more effort.) Change-Id: I6a765fdeea9e19348e409d58a0eac770b318e599 Reviewed-on: https://boringssl-review.googlesource.com/7020 Reviewed-by: Adam Langley <firstname.lastname@example.org>
BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.
Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.
Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.
BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.
Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's not part of the NDK) and a number of other apps/programs.
There are other files in this directory which might be helpful: