awesome-repositories.com
Blog
awesome-repositories.com

Descubre los mejores repositorios open-source con nuestra búsqueda potenciada por IA.

ExplorarBúsquedas curadasAlternativas open-sourceSoftware autohospedableBlogMapa del sitio
ProyectoAcerca deCómo clasificamosPrensaServidor MCP
Aviso legalPrivacidadTérminos
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·
rustls avatar

rustls/rustls

0
View on GitHub↗
7,470 estrellas·845 forks·Rust·2 vistas

Rustls

rustls is a memory-safe implementation of the Transport Layer Security protocol written in Rust. It provides a cryptographic stack for secure network communication, supporting both TLS 1.3 and 1.2 standards for client and server implementations.

The project is designed as a modular cryptographic library that allows swapping underlying cryptographic backends and primitive providers to meet specific security or performance requirements. It incorporates a post-quantum cryptography stack, utilizing hybrid key exchanges and signatures to protect data against future quantum computing threats.

The library includes capabilities for secure connection management, client authentication via digital certificates or raw public keys, and OS-delegated trust verification. It further implements latency optimizations such as zero round-trip time handshakes, certificate compression, and early data transmission.

Quality is maintained through protocol compliance validation, fuzz testing, and performance benchmarking.

Features

  • Secure Connection Managers - Provides a memory-safe cryptographic stack for establishing encrypted and authenticated TLS connections between clients and servers.
  • Secure Network Communication - Provides a complete implementation for encrypting and authenticating network traffic using the TLS protocol.
  • TLS Clients - Provides a full TLS client implementation for establishing secure connections and verifying server certificates.
  • TLS Servers - Implements a TLS server capable of managing secure handshakes and enforcing client authentication.
  • Cryptographic Abstractions - Employs Rust traits to decouple high-level protocol logic from specific cryptographic primitive implementations.
  • TLS Implementations - Implements the Transport Layer Security protocol specifically using the Rust programming language.
  • TLS 1.3 Protocol Implementations - Implements the TLS 1.3 and 1.2 standards for secure handshakes and encrypted data streams.
  • Client Certificate Authentication - Verifies the identity of connecting clients by checking digital certificates and validating them against revocation lists.
  • Cryptographic Backends - Provides an abstraction layer to swap underlying cryptographic libraries like ring or OpenSSL.
  • Handshake State Machines - Uses a formal state machine to manage the transitions between various TLS handshake phases.
  • Modular Cryptographic Providers - Provides a modular architecture for loading external security libraries to extend cryptographic functionality.
  • Post-Quantum Cryptographic Operations - Implements experimental quantum-resistant signature algorithms to ensure data security against future computing threats.
  • Post-Quantum Key Exchange - Protects sessions against future quantum decryption using hybrid cryptographic key exchange algorithms.
  • Memory-Safe Protocol Implementations - Offers a memory-safe alternative to C-based SSL libraries to eliminate common memory-related vulnerabilities.
  • System Trust Stores - Delegates certificate validation to native operating system platform verifiers to respect system-specific trust restrictions.
  • Performance Benchmarks - Measures CPU instructions and execution time during handshakes and data transfers to detect performance regressions.
  • Early Data Transmitters - Implements 0-RTT data transmission to allow application data to be sent before the handshake fully completes.
  • Encrypted Client Hello - Protects data sent during the initial handshake to prevent passive network observers from seeing client information.
  • Zero-RTT Handshakes - Minimizes connection latency by sending and receiving encrypted application data during the first handshake.
  • Post-Quantum Cryptography - Implements hybrid key exchanges and signatures to transition network security toward quantum-resistance.
  • Public Key Authentication - Verifies identity using raw public keys instead of full certificates to establish secure network connections.
  • Zero-Copy Buffers - Implements memory management strategies that process encrypted packets without intermediate copying to reduce overhead.
  • Fuzz Testing - Uses randomized input tests via external harnesses to discover edge cases and hidden vulnerabilities.
  • Protocol Compliance Testing - Runs integration tests against different cryptographic backends to ensure protocol compliance and functional correctness.
  • Protocol Fuzzing - Executes randomized input tests through external harnesses to discover edge cases and security vulnerabilities.

Historial de estrellas

Gráfico del historial de estrellas de rustls/rustlsGráfico del historial de estrellas de rustls/rustls

Búsqueda con IA

Explora más repositorios increíbles

Describe lo que necesitas en lenguaje sencillo: la IA clasifica miles de proyectos open-source curados por relevancia.

Start searching with AI

Alternativas open-source a Rustls

Proyectos open-source similares, clasificados según cuántas características comparten con Rustls.
  • ctz/rustlsAvatar de ctz

    ctz/rustls

    7,453Ver en GitHub↗

    rustls is a modern implementation of the Transport Layer Security protocol written in the Rust programming language. It serves as a cryptographic transport layer for establishing encrypted connections between clients and servers to ensure data privacy and integrity. The library features a pluggable crypto provider framework, allowing the substitution of cryptographic primitive implementations to meet specific platform architecture or regulatory compliance requirements. It provides capabilities for secure server configuration to handle encrypted incoming connections and secure client connecti

    Rust
    Ver en GitHub↗7,453
  • awslabs/s2nAvatar de awslabs

    awslabs/s2n

    4,736Ver en GitHub↗

    s2n is a C-based security library and TLS protocol implementation that serves as a secure network transport layer. It provides a modular cryptographic backend interface to encrypt data streams, manage handshakes, and handle mutual authentication between peers. The project focuses on post-quantum cryptography, integrating quantum-resistant key exchange and digital signatures to protect connections against future computing threats. It distinguishes itself through security hardening measures, such as memory-locked secret storage to prevent keys from being swapped to disk and timing-attack mitiga

    C
    Ver en GitHub↗4,736
  • nats-io/nats-serverAvatar de nats-io

    nats-io/nats-server

    20,076Ver en GitHub↗

    NATS Server is a high-performance, lightweight messaging system designed for cloud-native applications, edge computing, and distributed microservices. It functions as a distributed publish-subscribe broker that routes messages using hierarchical, dot-separated subject strings, enabling decoupled communication between services without requiring centralized broker lookups. The system supports core messaging patterns including asynchronous publish-subscribe, request-reply, and load-balanced queue processing. The platform distinguishes itself through a decentralized architecture that eliminates t

    Gocloudcloud-computingcloud-native
    Ver en GitHub↗20,076
  • crowdsecurity/crowdsecAvatar de crowdsecurity

    crowdsecurity/crowdsec

    12,574Ver en GitHub↗

    CrowdSec is a collaborative, distributed security engine designed for threat detection and infrastructure protection. It functions as an intrusion detection system that parses logs and network traffic to identify malicious patterns, utilizing a bucket-based threshold detection model to aggregate events and trigger alerts. The platform is built on a modular architecture that includes a centralized local API server for managing security signals and a relational database for persistent storage of remediation decisions. What distinguishes the project is its decoupled enforcement model, which offl

    Goattacks-preventiondetectionids
    Ver en GitHub↗12,574
Ver las 30 alternativas a Rustls→

Preguntas frecuentes

¿Qué hace rustls/rustls?

rustls is a memory-safe implementation of the Transport Layer Security protocol written in Rust. It provides a cryptographic stack for secure network communication, supporting both TLS 1.3 and 1.2 standards for client and server implementations.

¿Cuáles son las características principales de rustls/rustls?

Las características principales de rustls/rustls son: Secure Connection Managers, Secure Network Communication, TLS Clients, TLS Servers, Cryptographic Abstractions, TLS Implementations, TLS 1.3 Protocol Implementations, Client Certificate Authentication.

¿Qué alternativas de código abierto existen para rustls/rustls?

Las alternativas de código abierto para rustls/rustls incluyen: ctz/rustls — rustls is a modern implementation of the Transport Layer Security protocol written in the Rust programming language.… awslabs/s2n — s2n is a C-based security library and TLS protocol implementation that serves as a secure network transport layer. It… nats-io/nats-server — NATS Server is a high-performance, lightweight messaging system designed for cloud-native applications, edge… crowdsecurity/crowdsec — CrowdSec is a collaborative, distributed security engine designed for threat detection and infrastructure protection.… boostorg/beast — Beast is a C++ library for implementing low-level HTTP and WebSocket clients and servers. It functions as an… quipnetwork/cpp-sdk — This project is a C++ SDK and command-line interface designed for executing smart contract operations and managing…