Pages

Thursday, 22 October 2015

Google Replaces OpenSSL By BoringSSL



Google recently decided in a wide range of products, including Chromium, M Android and Google's own production services, OpenSSL replace BoringSSL. OpenSSL is software that is used for setting up secure connections.

Google uses OpenSSL in their own software, but often in combination with specific patches. Some of these patches are approved by the OpenSSL developers, but many do not because they do not meet the stability guarantees of OpenSSL and are experimental. This created an awkward situation when Google decided to create an offshoot of OpenSSL called BoringSSL.

"For the first time, sharing many of Google's products a single TLS stack," says Google engineer Adam Langley. That makes it easy to make adjustments. Which previously could cost days. Google is now used in many places BoringSSL does not mean that everyone must OpenSSL dump and must change the demerger of Google, says Langley.

Modifications

The changes that Google has made, and especially the removal of code and components, ensuring that many programs on Linux no longer work as a Linux user OpenSSL replaces BoringSSL. The OpenSSL version where Google started it consisted of 468 000 lines of code. After removing all kinds of parts remained about 200,000 lines. Since BoringSSL not only used within Google, but also by third-party developers of Chromium and Android, Langley has now published a document on the changes to the demerger.

No comments:

Post a Comment