BoringSSL is Google's fork of OpenSSL for Chrome/Chromium and Android.
This crate provides safe bindings for the Rust programming language and TLS adapters for tokio and hyper built on top of it.
It supports FIPS-compatible builds of BoringSSL, as well as Post-Quantum crypto and Raw Public Key extensions.
- Boring API: https://docs.rs/boring
- tokio TLS adapters: https://docs.rs/tokio-boring
- hyper HTTPS connector: https://docs.rs/hyper-boring
- FFI bindings: https://docs.rs/boring-sys
- First update to boring 4.22 and ensure it builds without any deprecation warnings.
pq-experimentalCargo feature is no longer needed. Post-quantum crypto is enabled by default.fips-precompiledCargo feature has been merged intofips. SetBORING_BSSL_FIPS_PATHenv var to use a precompiled library.fips-compatCargo feature has been renamed tolegacy-compat-deprecated(4cb7e260a85b7)SslCurveandSslCurveNidhave been removed. Curve names are more stable and portable identifiers. Usecurve_name()andset_curves_list().Ssl::new_from_ref->Ssl::new().X509Builder::append_extension2->X509Builder::append_extension.X509Storeis now cheaply cloneable, but immutable.SslContextBuilder.cert_store_mut()can't be used after.set_cert_store(). If you need.cert_store_mut(), either don't overwrite the default store, or use.set_cert_store_builder().X509StoreBuilder::add_certtakes a reference.hyper0.x support has been removed. Usehyper1.x.
To support both v4 and v5, add boring = ">=4.22,<6" to Cargo.toml. If you need to auto-detect the version selected, add boring-sys = ">=4.22,<6" as a direct dependency, and in your build.rs check if DEP_BORINGSSL_VERSION_MAJOR env var is set to 5. Versions older than 5.2.0 don't set it.
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed under the terms of both the Apache License, Version 2.0 and the MIT license without any additional terms or conditions.
The project is based on a fork of rust-openssl.