David Benjamin 8cd7bbf514 Push password encoding back into pkcs12_key_gen. With PKCS8_encrypt_pbe and PKCS8_decrypt_pbe gone in 3e8b782c0cc0d9621f622cf80ab1a9bcf442fa17, we can restore the old arrangement where the password encoding was handled in pkcs12_key_gen. This simplifies the interface for the follow-up crypto/asn1 split. Note this change is not a no-op for PKCS#12 files which use PBES2. Before, we would perform the PKCS#12 password encoding for all parts of PKCS#12 processing. The new behavior is we only perform it for the parts that go through the PKCS#12 KDF. For such a file, it would only be the MAC. I believe the specification supports our new behavior. Although RFC 7292 B.1 says something which implies that the transformation is about converting passwords to byte strings and would thus be universal, appendix B itself is prefaced with: Note that this method for password privacy mode is not recommended and is deprecated for new usage. The procedures and algorithms defined in PKCS #5 v2.1 [13] [22] should be used instead. Specifically, PBES2 should be used as encryption scheme, with PBKDF2 as the key derivation function. "This method" refers to the key derivation and not the password formatting, but it does give support to the theory that password formatting is tied to PKCS#12 key derivation. (Of course, if one believes PKCS#12's assertion that their inane encoding (NUL-terminated UTF-16!) is because PKCS#5 failed to talk about passwords as Unicode strings, one would think that PBES2 (also in PKCS#5) would have the same issue and thus need PKCS#12 to valiantly save the day with an encoding...) This matches OpenSSL's behavior and that of recent versions of NSS. See https://bugzilla.mozilla.org/show_bug.cgi?id=1268141. I was unable to figure out what variants, if any, macOS accepts. BUG=54 Change-Id: I9a1bb4d5e168e6e76b82241e4634b1103e620b9b Reviewed-on: https://boringssl-review.googlesource.com/14213 Reviewed-by: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>		7 роки тому
.github	Add a PULL_REQUEST_TEMPLATE.	8 роки тому
crypto	Push password encoding back into pkcs12_key_gen.	7 роки тому
decrepit	Convert bio_test to GTest.	7 роки тому
fuzz	Remove experimental TLS 1.3 short record header extension.	7 роки тому
include/openssl	Decouple PKCS#12 hash lookup from the OID table.	7 роки тому
infra/config	Commit-Queue config: effectively remove Andorid builders.	8 роки тому
ssl	Add Data-less Zero-RTT support.	7 роки тому
third_party	Clear the last GTest warning suppression.	7 роки тому
tool	Add Data-less Zero-RTT support.	7 роки тому
util	Convert bio_test to GTest.	7 роки тому
.clang-format	Import `newhope' (post-quantum key exchange).	8 роки тому
.gitignore	Also add util/bot/golang to .gitignore.	8 роки тому
API-CONVENTIONS.md	Fix API-CONVENTIONS.md typos.	7 роки тому
BUILDING.md	Do a cursory conversion of a few tests to GTest.	7 роки тому
CMakeLists.txt	Build with -fsanitize-address-use-after-scope if -DASAN=1	7 роки тому
CONTRIBUTING.md	Add a CONTRIBUTING.md file.	8 роки тому
FUZZING.md	Merge in upstream's certificate corpus.	7 роки тому
INCORPORATING.md	Update links to Bazel's site.	8 роки тому
LICENSE	Add some bug references to the LICENSE file.	8 роки тому
PORTING.md	Restore SSL_CTX_set_ecdh_auto compatibility hook.	7 роки тому
README.md	Add an API-CONVENTIONS.md document.	8 роки тому
STYLE.md	Work around language and compiler bug in memcpy, etc.	7 роки тому
codereview.settings	No-op change to trigger the new Bazel bot.	8 роки тому

README.md

BoringSSL

BoringSSL is a fork of OpenSSL that is designed to meet Google’s needs.

Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don’t recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.

Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.

BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google’s product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.

Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it’s not part of the NDK) and a number of other apps/programs.

There are other files in this directory which might be helpful:

PORTING.md: how to port OpenSSL-using code to BoringSSL.
BUILDING.md: how to build BoringSSL
INCORPORATING.md: how to incorporate BoringSSL into a project.
API-CONVENTIONS.md: general API conventions for BoringSSL consumers and developers.
STYLE.md: rules and guidelines for coding style.
include/openssl: public headers with API documentation in comments. Also available online.
FUZZING.md: information about fuzzing BoringSSL.
CONTRIBUTING.md: how to contribute to BoringSSL.