Go to file
David Benjamin bc6a76b0e0 Align BN_rand_range_ex with FIPS 186-4.
Rather than comparing against both min and max, FIPS prefers comparing
with max - min and adding min. It also does not believe in using
3*range. Align with it, though our old algorithm trivially produces the
same probability distribution on values.

Change-Id: I447cc3608b92ba93706489d702b8d6a68047f491
Reviewed-on: https://boringssl-review.googlesource.com/15045
Reviewed-by: Adam Langley <agl@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-04-14 19:49:49 +00:00
.github Add a PULL_REQUEST_TEMPLATE. 2016-03-08 15:23:52 +00:00
crypto Align BN_rand_range_ex with FIPS 186-4. 2017-04-14 19:49:49 +00:00
decrepit First part of the FIPS module. 2017-04-07 00:05:34 +00:00
fuzz Really remove DHE ciphersuites from TLS. 2017-04-11 23:41:31 +00:00
include/openssl Add CTR-DRBG. 2017-04-14 16:54:40 +00:00
infra/config Add FIPS builders to CQ. 2017-04-11 17:17:47 +00:00
ssl Remove the last remnants of key_exchange_info. 2017-04-13 21:23:40 +00:00
third_party Clear the last GTest warning suppression. 2017-02-16 19:03:32 +00:00
tool Unwind multiprime RSA support. 2017-04-12 23:14:57 +00:00
util Add CTR-DRBG. 2017-04-14 16:54:40 +00:00
.clang-format Import `newhope' (post-quantum key exchange). 2016-04-26 22:53:59 +00:00
.gitignore Also add util/bot/golang to .gitignore. 2016-12-02 23:39:35 +00:00
API-CONVENTIONS.md Fix API-CONVENTIONS.md typos. 2017-01-04 01:46:32 +00:00
BUILDING.md Add the start of standalone iOS build support. 2017-04-07 17:13:44 +00:00
CMakeLists.txt Add the start of standalone iOS build support. 2017-04-07 17:13:44 +00:00
codereview.settings No-op change to trigger the new Bazel bot. 2016-07-07 12:07:04 -07:00
CONTRIBUTING.md
FUZZING.md Fix FUZZING.md typo. 2017-03-30 16:54:18 +00:00
INCORPORATING.md Update links to Bazel's site. 2016-10-31 18:16:58 +00:00
LICENSE Add some bug references to the LICENSE file. 2016-02-22 20:16:48 +00:00
PORTING.md Restore SSL_CTX_set_ecdh_auto compatibility hook. 2017-03-14 14:54:45 +00:00
README.md Add an API-CONVENTIONS.md document. 2016-08-04 23:27:49 +00:00
STYLE.md Work around language and compiler bug in memcpy, etc. 2016-12-21 20:34:47 +00:00

BoringSSL

BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.

Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.

Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.

BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.

Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's not part of the NDK) and a number of other apps/programs.

There are other files in this directory which might be helpful: