commit | 9e40481d5bfe08e3e6daa5335c2cf076e1187ec1 | [log] [tgz] |
---|---|---|
author | David Benjamin <davidben@google.com> | Wed Dec 06 22:33:21 2023 -0500 |
committer | Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> | Tue Dec 12 16:16:27 2023 +0000 |
tree | 4ea11801a4b32085e09e23c4a837dc723d557afa | |
parent | 10c24cb433e54f874574fec480c0f60eaf598d31 [diff] |
Document functions that export verification internals It is a little silly to have documented obscure verification internals and not verification itself yet, but these were pretty easy. X509_check_purpose and X509_check_trust should also go here, but I'll do those when I've tackled more of X509_PURPOSE and X509_TRUST. I haven't moved X509_CHECK_FLAG_* because those should go with X509_VERIFY_PARAM_set_set_hostflags. X509_check_akid seems to have no callers, so I unexported that one. Bug: 426 Change-Id: I5af1824346db27fd52773ae27e943df89c1d5a87 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/64630 Auto-Submit: David Benjamin <davidben@google.com> Commit-Queue: Bob Beck <bbe@google.com> Reviewed-by: Bob Beck <bbe@google.com>
BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.
Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.
Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.
BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.
Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's not part of the NDK) and a number of other apps/programs.
Project links:
There are other files in this directory which might be helpful: