This project is a command-line tool for managing public key infrastructure and digital identities. It provides a comprehensive suite for X.509 certificate lifecycle management, including the generation, signing, renewal, and revocation of certificates and signing requests. The tool distinguishes itself through specialized security capabilities such as binding cryptographic credentials to TPMs and HSMs for hardware-backed identity attestation. It also provides dedicated support for machine identity security, using short-lived SSH certificates and mTLS to secure non-human workloads. Broad capa
Mbed TLS is an open-source TLS and DTLS library with a small footprint, designed for embedded systems and IoT devices. It provides a portable cryptographic library that includes symmetric ciphers, hashing, and public-key cryptography, along with a reference implementation of the PSA Cryptography API for standardized cryptographic operations across platforms. The library also offers X.509 certificate management for parsing, validating, and managing certificate chains in secure communications. The library is built around a platform abstraction layer that decouples it from OS-specific services t
phpseclib is a pure-PHP cryptographic library that provides a comprehensive suite of cryptographic operations entirely without requiring compiled C extensions. At its core, it implements arbitrary-precision integer arithmetic for big-number math, ASN.1 DER encoding and decoding for working with cryptographic data structures, and a full set of pure-PHP cryptographic primitives. The library is designed to operate on PHP 5.6 and above, automatically detecting and using native extensions like GMP or BCMath when available, but falling back to its own pure-PHP implementations when they are not. The
GmSSL is an open-source cryptographic library that implements the Chinese national cryptographic standards SM2, SM3, SM4, SM9, and ZUC as a unified algorithm suite. It provides a comprehensive set of cryptographic primitives including symmetric and asymmetric encryption, digital signatures, hashing, and key exchange, all built around these national standards for government and enterprise security applications. The library distinguishes itself through several integration capabilities. It includes an OpenSSL compatibility layer that maps GmSSL functions to OpenSSL API calls, enabling drop-in re
Forge ist eine JavaScript-Kryptografie-Bibliothek, die einen umfassenden Satz an Tools für symmetrische und asymmetrische Verschlüsselung, Hashing und digitale Signaturen bereitstellt. Sie enthält eine vollständige Implementierung von Transport Layer Security (TLS) zum Aufbau sicherer Netzwerkverbindungen und zur Verwaltung verschlüsselten Traffics.
Die Hauptfunktionen von digitalbazaar/forge sind: Symmetric and Asymmetric Ciphers, SSL/TLS Connection Security, Binary Serialization Formats, Cryptographic Random Number Generators, X.509 Certificate Parsing and Validation, X.509 Management Utilities, General ASN.1 DER Parsers, JavaScript Cryptography Libraries.
Open-Source-Alternativen zu digitalbazaar/forge sind unter anderem: smallstep/cli — This project is a command-line tool for managing public key infrastructure and digital identities. It provides a… armmbed/mbedtls — Mbed TLS is an open-source TLS and DTLS library with a small footprint, designed for embedded systems and IoT devices.… phpseclib/phpseclib — phpseclib is a pure-PHP cryptographic library that provides a comprehensive suite of cryptographic operations entirely… guanzhi/gmssl — GmSSL is an open-source cryptographic library that implements the Chinese national cryptographic standards SM2, SM3,… brix/crypto-js — crypto-js is a JavaScript cryptography library providing a collection of standard cryptographic algorithms and data… yjhjstz/deep-into-node — This project is a technical study and analysis guide focused on the internal architecture of Node.js. It provides an…