OERV-RUNTIME/boringssl
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
9,192 Commits 63 Branches 29 Tags
main
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
David Benjamin 40e035a9e5 Clear the extension list when removing the last extension 
The extensions list in a certificate, CRL, and CRL entry is defined as:

... extensions      [3]  EXPLICIT Extensions OPTIONAL ...
... crlEntryExtensions      Extensions OPTIONAL ...
... crlExtensions           [0]  EXPLICIT Extensions OPTIONAL ...

Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension

This means that a present but empty extensions list is actually invalid.
Rather, if you have no extensions to encode, you are meant to omit the
list altogether. Fix the delete_ext functions to handle this correctly.

Bug: 442221114
Change-Id: I92af89d3e7120e06489359b3c6e2af499ecf5b85
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/81751
Reviewed-by: Adam Langley <agl@google.com>
Auto-Submit: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
2025-09-01 09:16:47 -07:00
.bcr
I have been laid off from Google.
2025-04-16 11:55:50 -07:00
.github
Update references in the repo to use the main branch
2025-01-22 12:42:48 -08:00
cmake
Switch the license to Apache 2.0, matching OpenSSL upstream
2025-02-03 15:05:16 -08:00
crypto
Clear the extension list when removing the last extension
2025-09-01 09:16:47 -07:00
decrepit
Remove unused bputs hook
2025-05-27 13:00:47 -07:00
docs
Update releasing docs slightly
2025-08-12 19:02:29 -07:00
fuzz
Replace OPENSSL_ARRAY_SIZE with std::size
2025-08-28 12:22:59 -07:00
gen
Add a jitter entropy source.
2025-08-22 13:04:39 -07:00
include/openssl
Document ASN1_item_sign's order of operations a bit
2025-09-01 09:12:56 -07:00
infra/config
infra/config: Remove luci.recipes.use_python3 experiment
2025-08-27 07:26:18 -07:00
pki
Use EVP_PKEY_bits in SimplePathBuilderDelegate
2025-08-28 12:30:47 -07:00
rust
Add EVP_PKEY_ALG-based raw public/private key importers
2025-08-28 12:30:53 -07:00
ssl
Update citations from RFC 3447 to RFC 8017
2025-08-28 12:24:07 -07:00
third_party
bump fiat-crypto (remove redundant return statements)
2025-08-27 09:33:38 -07:00
tool
Add EVP_PKEY_ALG-based raw public/private key importers
2025-08-28 12:30:53 -07:00
util
Add utility for dumping raw jitter samples.
2025-08-25 11:30:36 -07:00
.bazelignore
Add a standalone Bazel build
2024-04-26 22:19:48 +00:00
.bazelrc
Switch the license to Apache 2.0, matching OpenSSL upstream
2025-02-03 15:05:16 -08:00
.bazelversion
Update dependencies
2025-02-13 09:45:44 -08:00
.clang-format
Use InsertBraces - and reformat pki as such
2023-11-21 20:46:34 +00:00
.gitignore
Pull in Rust toolchain via util/bot/DEPS
2025-07-21 08:52:07 -07:00
API-CONVENTIONS.md
Add a discussion about callbacks to API Conventions
2025-08-08 14:26:04 -07:00
AUTHORS
Add SPAKE2+.
2025-01-15 17:02:35 -08:00
BREAKING-CHANGES.md
Update references in the repo to use the main branch
2025-01-22 12:42:48 -08:00
BUILD.bazel
Make MODULE.bazel and BUILD.bazel buildifier-clean
2025-03-15 21:05:48 -07:00
build.json
Add a jitter entropy source.
2025-08-22 13:04:39 -07:00
BUILDING.md
Fix markdown syntax in BUILDING.md
2025-08-21 09:28:58 -07:00
CMakeLists.txt
Add utility for dumping raw jitter samples.
2025-08-25 11:30:36 -07:00
codereview.settings
Comment change in codereview.settings
2018-07-26 00:23:04 +00:00
CONTRIBUTING.md
Add PRESUBMIT.py for infra/config
2025-07-24 14:14:44 -07:00
FUZZING.md
Simplfy fuzzer build
2025-03-20 03:41:54 -07:00
go.mod
Update tools, etc
2025-04-14 16:16:34 -07:00
go.sum
Update tools, etc
2025-04-14 16:16:34 -07:00
INCORPORATING.md
Update references in the repo to use the main branch
2025-01-22 12:42:48 -08:00
LICENSE
Switch to the CIPD Windows SDK package
2025-04-14 16:16:31 -07:00
MODULE.bazel
Bump version for BCR
2025-08-18 14:35:01 -07:00
MODULE.bazel.lock
Bump Bazel deps and version for BCR
2025-08-07 14:19:07 -07:00
PORTING.md
Make BoringSSL initialization-less
2024-06-21 04:01:30 +00:00
PrivacyInfo.xcprivacy
Add a PrivacyInfo plist file
2024-03-29 19:12:40 +00:00
README.md
Update README with new bugtracker links
2024-08-27 17:23:48 +00:00
SANDBOXING.md
Use relative links in markdown files
2023-11-30 18:32:28 +00:00
STYLE.md
Style guide: mention placement of & for reference types
2025-08-13 11:17:03 -07:00

README.md

BoringSSL

BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.

Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.

Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.

BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.

Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's not part of the NDK) and a number of other apps/programs.

Project links:

To file a security issue, use the Chromium process and mention in the report this is for BoringSSL. You can ignore the parts of the process that are specific to Chromium/Chrome.

There are other files in this directory which might be helpful:

Reference in New Issue View Git Blame Copy Permalink
Description
Mirror of BoringSSL
Readme Multiple Licenses 332 MiB
Languages
C++ 39.1%
Assembly 25.4%
C 13.8%
Go 9.1%
Raku 5.2%
Other 7.3%