BoringSSL is a Google-maintained fork of OpenSSL, designed specifically to meet the security, performance, and maintainability needs of Google’s infrastructure and products. While fully open source, BoringSSL is not intended for general public use — it serves as a streamlined, heavily modified SSL/TLS and cryptography library optimized for Google’s internal ecosystem, including Chrome/Chromium, Android, and other Google services. The project prioritizes security, simplicity, and maintainability over backward compatibility. Unlike OpenSSL, BoringSSL provides no guarantee of stable APIs or ABIs, meaning third-party projects depending on it may frequently break. Google products that use BoringSSL ship their own copies and update them as needed, enabling faster iteration without legacy constraints. BoringSSL includes comprehensive API documentation, build instructions, and guidance for porting code from OpenSSL.
Features
- Streamlined codebase with deprecated or unused OpenSSL features removed
- Regularly updated to address vulnerabilities and improve performance
- Documentation and tools for building, porting, and incorporating the library
- Built-in support for fuzzing and sandboxing to enhance security testing
- No API or ABI stability guarantees — intended for internal integration
- Simplified, stripped-down API focused on Google’s needs