the "open" in openssl refers to the security holes.
Conversation
in this case, openssl initially rejects the notion that the openssl code could have a strict aliasing violation, and instead blames clang.
meanwhile, libressl and boringssl correctly fix the bug, e.g.
1
2
22
the openssl fix, however, is entirely wrong from an ISO C point of view, and only fixes the immediate problem:
github.com/openssl/openss
if Clang starts applying this specific (and valid) optimization at the block level, then the code breaks again as it still invokes UB.
2
7
26
furthermore, this issue should have been assigned a CVE because it resulted in incorrect elliptic curve behavior in builds where assembly code was not used
1
4
19
the reason the FOSS world is stuck with OpenSSL has nothing to do with there not being capable forks to replace it, but with the fact that OpenSSL is FIPS certified, and therefore can be "white label FIPS certified".
an example of this being:
1
11
38
vendors such as redhat and canonical do these "white label" FIPS certifications which cost much less than doing a new FIPS certification from scratch.
they then charge for FIPS as a separate SKU, and make a lot of money. that money does not improve OpenSSL, however.
2
9
26
Replying to
There's a subset of BoringSSL that's FIPS certified (boringssl.googlesource.com/boringssl/+/ma).
6th generation Pixels have a fips partition for enabling a FIPS mode where the cryptography including disk encryption is crippled by not using inline SoC encryption hardware with wrapped keys, etc.
BoringSSL isn't used much outside Android and Chromium because it doesn't have any API / ABI stability guarantees. They improve the API and remove things that are obsolete / deprecated. Most projects can't cope with modernization. They also remove some things others may want.
1
1
2
Android put in a HUGE effort to get rid of all the cryptography / TLS implementations other than BoringSSL. It implements the Java standard library, BouncyCastle, conscrypt and other APIs on top it and did that mostly transparently, so everything in the OS using BoringSSL now.
1
3
Show replies