awesome-repositories.com
Blog
awesome-repositories.com

Découvrez les meilleurs dépôts open-source grâce à notre recherche par IA.

ExplorerRecherches sélectionnéesAlternatives open sourceLogiciels auto-hébergésBlogPlan du site
ProjetÀ proposNotre méthodologiePresseServeur MCP
Mentions légalesConfidentialitéConditions d'utilisation
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·
rustls avatar

rustls/rustls

0
View on GitHub↗
7,470 stars·845 forks·Rust·2 vues

Rustls

rustls is a memory-safe implementation of the Transport Layer Security protocol written in Rust. It provides a cryptographic stack for secure network communication, supporting both TLS 1.3 and 1.2 standards for client and server implementations.

The project is designed as a modular cryptographic library that allows swapping underlying cryptographic backends and primitive providers to meet specific security or performance requirements. It incorporates a post-quantum cryptography stack, utilizing hybrid key exchanges and signatures to protect data against future quantum computing threats.

The library includes capabilities for secure connection management, client authentication via digital certificates or raw public keys, and OS-delegated trust verification. It further implements latency optimizations such as zero round-trip time handshakes, certificate compression, and early data transmission.

Quality is maintained through protocol compliance validation, fuzz testing, and performance benchmarking.

Features

  • Secure Connection Managers - Provides a memory-safe cryptographic stack for establishing encrypted and authenticated TLS connections between clients and servers.
  • Secure Network Communication - Provides a complete implementation for encrypting and authenticating network traffic using the TLS protocol.
  • TLS Clients - Provides a full TLS client implementation for establishing secure connections and verifying server certificates.
  • TLS Servers - Implements a TLS server capable of managing secure handshakes and enforcing client authentication.
  • Cryptographic Abstractions - Employs Rust traits to decouple high-level protocol logic from specific cryptographic primitive implementations.
  • TLS Implementations - Implements the Transport Layer Security protocol specifically using the Rust programming language.
  • TLS 1.3 Protocol Implementations - Implements the TLS 1.3 and 1.2 standards for secure handshakes and encrypted data streams.
  • Client Certificate Authentication - Verifies the identity of connecting clients by checking digital certificates and validating them against revocation lists.
  • Cryptographic Backends - Provides an abstraction layer to swap underlying cryptographic libraries like ring or OpenSSL.
  • Handshake State Machines - Uses a formal state machine to manage the transitions between various TLS handshake phases.
  • Modular Cryptographic Providers - Provides a modular architecture for loading external security libraries to extend cryptographic functionality.
  • Post-Quantum Cryptographic Operations - Implements experimental quantum-resistant signature algorithms to ensure data security against future computing threats.
  • Post-Quantum Key Exchange - Protects sessions against future quantum decryption using hybrid cryptographic key exchange algorithms.
  • Memory-Safe Protocol Implementations - Offers a memory-safe alternative to C-based SSL libraries to eliminate common memory-related vulnerabilities.
  • System Trust Stores - Delegates certificate validation to native operating system platform verifiers to respect system-specific trust restrictions.
  • Performance Benchmarks - Measures CPU instructions and execution time during handshakes and data transfers to detect performance regressions.
  • Early Data Transmitters - Implements 0-RTT data transmission to allow application data to be sent before the handshake fully completes.
  • Encrypted Client Hello - Protects data sent during the initial handshake to prevent passive network observers from seeing client information.
  • Zero-RTT Handshakes - Minimizes connection latency by sending and receiving encrypted application data during the first handshake.
  • Post-Quantum Cryptography - Implements hybrid key exchanges and signatures to transition network security toward quantum-resistance.
  • Public Key Authentication - Verifies identity using raw public keys instead of full certificates to establish secure network connections.
  • Zero-Copy Buffers - Implements memory management strategies that process encrypted packets without intermediate copying to reduce overhead.
  • Fuzz Testing - Uses randomized input tests via external harnesses to discover edge cases and hidden vulnerabilities.
  • Protocol Compliance Testing - Runs integration tests against different cryptographic backends to ensure protocol compliance and functional correctness.
  • Protocol Fuzzing - Executes randomized input tests through external harnesses to discover edge cases and security vulnerabilities.

Historique des stars

Graphique de l'historique des stars pour rustls/rustlsGraphique de l'historique des stars pour rustls/rustls

Recherche par IA

Explorez plus de dépôts awesome

Décrivez vos besoins en langage naturel — l'IA classe des milliers de projets open source sélectionnés par pertinence.

Start searching with AI

Alternatives open source à Rustls

Projets open source similaires, classés selon le nombre de fonctionnalités partagées avec Rustls.
  • ctz/rustlsAvatar de ctz

    ctz/rustls

    7,453Voir sur GitHub↗

    rustls is a modern implementation of the Transport Layer Security protocol written in the Rust programming language. It serves as a cryptographic transport layer for establishing encrypted connections between clients and servers to ensure data privacy and integrity. The library features a pluggable crypto provider framework, allowing the substitution of cryptographic primitive implementations to meet specific platform architecture or regulatory compliance requirements. It provides capabilities for secure server configuration to handle encrypted incoming connections and secure client connecti

    Rust
    Voir sur GitHub↗7,453
  • awslabs/s2nAvatar de awslabs

    awslabs/s2n

    4,736Voir sur GitHub↗

    s2n is a C-based security library and TLS protocol implementation that serves as a secure network transport layer. It provides a modular cryptographic backend interface to encrypt data streams, manage handshakes, and handle mutual authentication between peers. The project focuses on post-quantum cryptography, integrating quantum-resistant key exchange and digital signatures to protect connections against future computing threats. It distinguishes itself through security hardening measures, such as memory-locked secret storage to prevent keys from being swapped to disk and timing-attack mitiga

    C
    Voir sur GitHub↗4,736
  • nats-io/nats-serverAvatar de nats-io

    nats-io/nats-server

    20,076Voir sur GitHub↗

    NATS Server is a high-performance, lightweight messaging system designed for cloud-native applications, edge computing, and distributed microservices. It functions as a distributed publish-subscribe broker that routes messages using hierarchical, dot-separated subject strings, enabling decoupled communication between services without requiring centralized broker lookups. The system supports core messaging patterns including asynchronous publish-subscribe, request-reply, and load-balanced queue processing. The platform distinguishes itself through a decentralized architecture that eliminates t

    Gocloudcloud-computingcloud-native
    Voir sur GitHub↗20,076
  • crowdsecurity/crowdsecAvatar de crowdsecurity

    crowdsecurity/crowdsec

    12,574Voir sur GitHub↗

    CrowdSec is a collaborative, distributed security engine designed for threat detection and infrastructure protection. It functions as an intrusion detection system that parses logs and network traffic to identify malicious patterns, utilizing a bucket-based threshold detection model to aggregate events and trigger alerts. The platform is built on a modular architecture that includes a centralized local API server for managing security signals and a relational database for persistent storage of remediation decisions. What distinguishes the project is its decoupled enforcement model, which offl

    Goattacks-preventiondetectionids
    Voir sur GitHub↗12,574
Voir les 30 alternatives à Rustls→

Questions fréquentes

Que fait rustls/rustls ?

rustls is a memory-safe implementation of the Transport Layer Security protocol written in Rust. It provides a cryptographic stack for secure network communication, supporting both TLS 1.3 and 1.2 standards for client and server implementations.

Quelles sont les fonctionnalités principales de rustls/rustls ?

Les fonctionnalités principales de rustls/rustls sont : Secure Connection Managers, Secure Network Communication, TLS Clients, TLS Servers, Cryptographic Abstractions, TLS Implementations, TLS 1.3 Protocol Implementations, Client Certificate Authentication.

Quelles sont les alternatives open-source à rustls/rustls ?

Les alternatives open-source à rustls/rustls incluent : ctz/rustls — rustls is a modern implementation of the Transport Layer Security protocol written in the Rust programming language.… awslabs/s2n — s2n is a C-based security library and TLS protocol implementation that serves as a secure network transport layer. It… nats-io/nats-server — NATS Server is a high-performance, lightweight messaging system designed for cloud-native applications, edge… crowdsecurity/crowdsec — CrowdSec is a collaborative, distributed security engine designed for threat detection and infrastructure protection.… boostorg/beast — Beast is a C++ library for implementing low-level HTTP and WebSocket clients and servers. It functions as an… quipnetwork/cpp-sdk — This project is a C++ SDK and command-line interface designed for executing smart contract operations and managing…