As you might know I maintain a fork of OpenSSL at The 1.0.2-chacha fork started out of adding the ChaCha20/Poly1305 ciphers to the official fork, and slowly more and more ciphers and features were added.


The main goals of the fork are

  1. add as much ciphers and (test)functionality as possible
  2. to keep the source as aligned to the original as possible
  3. keep the patches transparent (easily applicable to the original source)
  4. keep the patches maintainable
  5. write as little custom/new code as possible

For 2 (to keep the source as aligned to the original as possible) I try to merge and test the code as often as I can, so that the fork is never too far behind the official repository.

As it was my first idea to start a feature branch I used no-fast forwarding git merges. This kept it transparent when I merged the code, and what the history of the commits was. However, since I'm probably going to maintain this fork besides the official fork I'm going to use fast-forwarding merges from now on (March 2014) whenever possible. I think this will keep the commit history cleaner - see point 3 (keep the patches transparent).

Goal 4 (keep the patches maintainable) is somewhat more difficult. The ChaCha20/Poly1305 source code is from a now-defunct AEAD branch of the official openssl source. Since then, the code has kind of moved to Google's BoringSSL fork, where it is being actively maintained.

In the near future I will try to replace the ChaCha20/Poly1305 with BoringSSL's active codebase. I am aware of a recent patch from Intel (see but that conflicts with goal 3 (keep the patches maintainable). Patches are usually a one-off thing, and as you might know security is a dynamic thing. What is secure code today can become insecure code tomorrow.

For complete transparency please find an alphabetical list here of the differences between the 1.0.2-chacha fork and the official OpenSSL_1_0_2-stable fork:

  • .gitignore
  • .travis.yml
  • Configure
  • Makefile.shared
  • apps/s_client.c
  • apps/speed.c
  • crypto/chacha/Makefile
  • crypto/chacha/chacha.h
  • crypto/chacha/chacha_enc.c
  • crypto/chacha/chacha_vec.c
  • crypto/chacha/chachatest.c
  • crypto/evp/Makefile
  • crypto/evp/aeadtest.c
  • crypto/evp/aes_128_gcm_tests.txt
  • crypto/evp/aes_256_gcm_tests.txt
  • crypto/evp/chacha20_poly1305_tests.txt
  • crypto/evp/e_aes.c
  • crypto/evp/e_chacha20_poly1305.c
  • crypto/evp/evp.h
  • crypto/evp/e_aead.c
  • crypto/evp/evp_err.c
  • crypto/evp/evp_locl.h
  • crypto/opensslv.h
  • crypto/poly1305/Makefile
  • crypto/poly1305/poly1305.c
  • crypto/poly1305/poly1305.h
  • crypto/poly1305/poly1305_arm.c
  • crypto/poly1305/poly1305_vec.c
  • crypto/poly1305/poly1305test.c
  • doc/apps/ciphers.pod
  • doc/apps/s_client.pod
  • doc/crypto/EVP_AEAD_CTX_init.pod
  • engines/Makefile
  • engines/ccgost/Makefile
  • ssl/s2_clnt.c
  • ssl/s2_enc.c
  • ssl/s2_lib.c
  • ssl/s2_srvr.c
  • ssl/s3_clnt.c
  • ssl/s3_enc.c
  • ssl/s3_lib.c
  • ssl/s3_srvr.c
  • ssl/ssl.h
  • ssl/ssl3.h
  • ssl/ssl_ciph.c
  • ssl/ssl_lib.c
  • ssl/ssl_locl.h
  • ssl/ssl_txt.c
  • ssl/ssltest.c
  • ssl/t1_enc.c
  • ssl/tls1.h
  • test/Makefile
  • util/libeay.num
  • util/
  • util/
This list can be created by adding the official openssl repo as upstream for the 1.0.2-chacha branch, and by comparing (diffing) the branches:
git remote add upstream
git diff 1.0.2-chacha upstream/OpenSSL_1_0_2-stable

Please enjoy!


comments powered by Disqus