YARA handles the use of BoringSSL as the crypto lib, with a caveat: BORINGSSL must be defined. This is so the pe.signatures handling can be removed, while keeping all the rest of the crypto handling, for example the hash module.
To handle that, a new cryptolib type is added, which acts as openssl, but adds this define.
YARA handles the use of BoringSSL as the crypto lib, with a caveat:
BORINGSSL
must be defined. This is so thepe.signatures
handling can be removed, while keeping all the rest of the crypto handling, for example the hash module.To handle that, a new cryptolib type is added, which acts as openssl, but adds this define.