Code Search (source.chromium.org) can answer this question for you. On Thu, Jul 20, 2023, 6:05 AM Иван Кобзарь <kobzar.iv...@gmail.com> wrote:
> Hello, Could you please provide a link to the methods where the BoringSSL > cryptography library is invoked in the implementation of WebCrypto in > Chromium? > Thanks > > четверг, 21 октября 2021 г. в 02:41:29 UTC+4, Adam Langley: > >> On Wednesday, October 20, 2021 at 3:07:40 PM UTC-7 Jackson Wonderly wrote: >> >>> I understand from the Chromium Web Crypto README >>> <https://chromium.googlesource.com/chromium/src/+/refs/heads/main/components/webcrypto/README.md> >>> that BoringSSL is used for cryptography. I also understand that BoringSSL >>> uses a library BoringCrypto >>> <https://boringssl.googlesource.com/boringssl/+/master/crypto/fipsmodule/FIPS.md> >>> . >>> >>> My question is: *for the algorithms made available through Chromium's >>> Web Crypto API, are some/all of them using BoringCrypto under the hood?* >>> >>> I ask because there is a version of BoringCrypto that is FIPS validated >>> <https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Certificate/3678>, >>> which is relevant to what I am currently working on. I understand that the >>> version of BoringCrypto included in a given version of Chromium may not be >>> FIPS validated. >>> >> >> WebCrypto in Chromium is primarily implemented atop of BoringSSL. For any >> specific algorithm, one would have to chase the function calls to confirm, >> however. >> >> Note that BoringSSL in Chromium is not built in FIPS mode and, of the >> platforms that Chromium supports, only Android has seen a BoringCrypto >> validation. (A list of which can be found here >> <https://boringssl.googlesource.com/boringssl/+/refs/heads/master/crypto/fipsmodule/FIPS.md#validations> >> .) >> >> Also, the security policy of the module may require specific functions to >> be called to enforce FIPS requirements and Chromium may not be calling >> those versions of the functions. >> >> >> Cheers >> >> AGL >> > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/716adb99-0beb-4e4e-944e-7158c0b87571n%40chromium.org > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/716adb99-0beb-4e4e-944e-7158c0b87571n%40chromium.org?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CACwGi-5V%2B_jEwsTqapyyWVjChW%2BbW4MV9WJuCh612jPUBS91Bg%40mail.gmail.com.