commit | d62fe6f3e83a97d7fd81726ca8c2c4b84a2b3eb5 | [log] [tgz] |
---|---|---|
author | David Benjamin <davidben@google.com> | Tue Mar 06 20:28:10 2018 -0500 |
committer | CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> | Wed Mar 07 21:17:02 2018 +0000 |
tree | 23390709fe82bafc7809fb7877bbb07811926d9c | |
parent | 40cdb3b5dad0a1028e40fbc73fa62a3e6d31fed7 [diff] |
Fold EC_KEY_copy into EC_KEY_dup. EC_KEY_copy left unset fields alone, which meant it was possible to create an EC_KEY with mismatched private key and group. Nothing was using EC_KEY_copy anyway, and in keeping of us generally preferring fresh objects over object reuse, remove it. EC_KEY_dup itself can also be made simpler by using the very setters available. Additionally, skip copying the method table. As of https://boringssl-review.googlesource.com/16344, we no longer copy the ex_data, so we probably shouldn't copy the method pointers either, aligning with RSAPrivateKey_dup. Update-Note: If I missed anything and someone uses EC_KEY_copy, it should be easy to port them to EC_KEY_dup. Change-Id: Ibbdcea73345d91fa143fbe70a15bb527972693e8 Reviewed-on: https://boringssl-review.googlesource.com/26404 Reviewed-by: Steven Valdez <svaldez@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.
Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.
Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.
BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.
Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's not part of the NDK) and a number of other apps/programs.
There are other files in this directory which might be helpful: