06-21-2014 04:56 AM
Google started working on their own version of cryptographic library, dubbed BoringSSL, that relies on OpenSSL code but seeks to be more appropriate for their products.
In order to adapt the cryptographic functions of the library to their solutions, Google uses a number of patches on top of OpenSSL; but maintaining them across multiple code bases has become more difficult, to the point that it is more feasible to add modifications from the main code into a forked version rather than keeping OpenSSL and building on top of it.
Google employee and cryptography engineer Adam Langley explains in a blog post that, at the moment, there are over 70 patches added into the OpenSSL used for Google products and that “some of them have been accepted into the main OpenSSL repository, but many of them don’t mesh with OpenSSL’s guarantee of API and ABI stability and many of them are a little too experimental.”
Helpful Webroot Links: