30 open-source projects similar to digitalbazaar/forge, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Forge alternative.
This project is a command-line tool for managing public key infrastructure and digital identities. It provides a comprehensive suite for X.509 certificate lifecycle management, including the generation, signing, renewal, and revocation of certificates and signing requests. The tool distinguishes itself through specialized security capabilities such as binding cryptographic credentials to TPMs and HSMs for hardware-backed identity attestation. It also provides dedicated support for machine identity security, using short-lived SSH certificates and mTLS to secure non-human workloads. Broad capa
Mbed TLS is an open-source TLS and DTLS library with a small footprint, designed for embedded systems and IoT devices. It provides a portable cryptographic library that includes symmetric ciphers, hashing, and public-key cryptography, along with a reference implementation of the PSA Cryptography API for standardized cryptographic operations across platforms. The library also offers X.509 certificate management for parsing, validating, and managing certificate chains in secure communications. The library is built around a platform abstraction layer that decouples it from OS-specific services t
phpseclib is a pure-PHP cryptographic library that provides a comprehensive suite of cryptographic operations entirely without requiring compiled C extensions. At its core, it implements arbitrary-precision integer arithmetic for big-number math, ASN.1 DER encoding and decoding for working with cryptographic data structures, and a full set of pure-PHP cryptographic primitives. The library is designed to operate on PHP 5.6 and above, automatically detecting and using native extensions like GMP or BCMath when available, but falling back to its own pure-PHP implementations when they are not. The
GmSSL is an open-source cryptographic library that implements the Chinese national cryptographic standards SM2, SM3, SM4, SM9, and ZUC as a unified algorithm suite. It provides a comprehensive set of cryptographic primitives including symmetric and asymmetric encryption, digital signatures, hashing, and key exchange, all built around these national standards for government and enterprise security applications. The library distinguishes itself through several integration capabilities. It includes an OpenSSL compatibility layer that maps GmSSL functions to OpenSSL API calls, enabling drop-in re
crypto-js is a JavaScript cryptography library providing a collection of standard cryptographic algorithms and data transformation tools. It functions as a symmetric encryption toolset, a cryptographic hash implementation, and a password derivation tool for the JavaScript environment. The library enables the protection of sensitive data through symmetric encryption and the production of fixed-size data digests to verify integrity. It includes utilities for converting user passwords into secure cryptographic keys and a data format converter for translating information between Base64, Hex, and
This project is a technical study and analysis guide focused on the internal architecture of Node.js. It provides an in-depth examination of the runtime, focusing on how the engine manages memory handles, executes asynchronous operations, and implements core module logic. The guide specifically analyzes the integration of native C++ classes and functions into JavaScript and documents the behavior of the libuv event loop. It includes detailed references for optimizing performance by identifying V8 compiler bailouts and profiling execution to improve resource efficiency. The material covers a
pysheeet is a technical reference library providing a curated collection of code snippets and implementation patterns for advanced Python development, system integration, and high-performance computing. It serves as a comprehensive guide for implementing low-level network programming, native C extensions, and asynchronous and concurrent programming. The project provides specialized frameworks for the development and deployment of large language models, including tools for distributed GPU inference and high-performance serving. It also includes detailed patterns for high-performance computing
Easy-RSA is a shell-based utility designed to automate the creation and management of a public key infrastructure. It functions as a simplified interface for OpenSSL, providing the tooling necessary to establish a root certificate authority and manage X.509 certificates. The project focuses on the lifecycle of digital identities, covering the issuance of certificates to verify entities and the maintenance of revocation lists to invalidate compromised credentials. It specifically provides the utilities required to generate the keys and certificates used to secure OpenVPN connections. The syst
The MongoDB Python Driver is a client library and NoSQL database client used to execute CRUD operations and manage data within MongoDB databases using the Python programming language. It serves as a database connectivity library that handles authentication and connection pooling, while also providing a vector search client for managing embedding indexes and retrieving data based on semantic similarity. The driver supports both synchronous and asynchronous database driver models to perform non-blocking I/O operations and stream data from database clusters. It distinguishes itself through speci
libhv is a high-performance C/C++ network library and event-driven I/O framework used to build TCP, UDP, SSL, HTTP, WebSocket, and MQTT clients and servers. It provides a non-blocking event loop for managing network sockets, timers, and system signals across multiple threads. The project is distinguished by its integrated support for specialized network roles, including a full HTTP web server with RESTful routing and middleware, an MQTT messaging client for IoT communication, and the ability to implement SOCKS5 and HTTP proxies. It also features a reliable UDP implementation to ensure ordered
Mbed TLS is a C library that provides a full implementation of the TLS and DTLS protocols for secure network communication, a library of fundamental cryptographic primitives, and a reference implementation of the PSA Cryptography API. It also includes libraries for parsing, validating, and managing X.509 digital certificates, as well as support for integrating hardware cryptoprocessors through the PSA Cryptoprocessor Driver Interface. The library is designed for resource-constrained environments and is built from source with a customizable feature set, allowing developers to select which TLS
Handy is a C++11 network server framework and event-driven networking engine designed for building high-performance concurrent TCP and UDP servers. It functions as an asynchronous I/O library and an HTTP server implementation that separates asynchronous network I/O from synchronous business logic to simplify server development. The framework distinguishes itself by utilizing platform-specific event notifications to manage millions of simultaneous network connections and providing an SSL/TLS network wrapper for encrypted asynchronous data transmission. It implements a half-sync/half-async proc
grpc-rust is a native gRPC framework for Rust designed for building high-performance remote procedure call clients and servers. It provides an asynchronous communication stack and a protocol buffers implementation for encoding, decoding, and generating type-safe code from service definitions. The project enables the implementation of unary and bi-directional data streaming over the HTTP/2 protocol. It includes specialized support for gRPC-Web integration, allowing browser-based clients to communicate with services through protocol translation. The infrastructure covers a broad range of distr
This project is a comprehensive computer networking textbook and instructional resource. It serves as a technical guide for the design and implementation of network layers, protocols, and hardware architecture, covering the spectrum from physical links to application-layer protocols. The content provides a detailed study of standards for congestion control, reliable data delivery, and internetwork routing. It includes specialized technical material on network security, public-key infrastructure, and the operation of modern cloud infrastructure and data centers. The material covers a broad ra
BLAKE3 is a high-performance implementation of the BLAKE3 cryptographic hash algorithm used for calculating secure data digests and fingerprints. It functions as a parallel cryptographic hash tool that distributes workloads across multiple processor threads to process large datasets rapidly. The project provides specialized tools for keyed hashing and the generation of message authentication codes. It also includes functionality for cryptographic key derivation, allowing the creation of unique secret sub-keys from a master key and context strings. The implementation supports data integrity v
This project is an OpenPGP cryptography library designed for encrypting, decrypting, and signing messages according to the OpenPGP standard for secure communication. It functions as an asymmetric encryption toolkit for securing data and managing digital identities through cryptographic operations. The library provides a cryptographic key manager to create and handle the public and private key pairs required for identity operations. It includes a digital signature implementation to ensure message authenticity and data integrity. The system covers a broad range of capabilities, including asymm
sjcl is a JavaScript cryptography library providing a collection of primitives for encryption, hashing, and encoding within a web browser. It functions as an AES symmetric encryption tool, a cryptographic hashing library, and a Base32 data encoder. The project provides implementations for the Advanced Encryption Standard to secure data through symmetric key encryption and decryption. It also enables the generation of fixed-length data fingerprints to verify information integrity and authenticity. The library covers a broader range of security capabilities, including client-side data hashing,
Node.js is an open-source, cross-platform JavaScript runtime environment built on the V8 engine, designed for executing JavaScript code outside a web browser. It operates as a server-side JavaScript platform with an event-driven, non-blocking I/O architecture that enables building scalable network applications and web servers. The runtime integrates the CommonJS module system for synchronous module loading and the npm ecosystem for sharing and reusing packages. The platform provides comprehensive capabilities for web server development, including creating HTTP and HTTPS servers, managing HTTP
Lancet is a comprehensive extension of the Go standard library, providing a collection of reusable functions and data structures designed to reduce boilerplate code in applications. It serves as a general-purpose toolkit across multiple domains, including concurrency, security, networking, and functional logic. The project distinguishes itself through specialized toolkits for Go concurrency, such as keyed locking and channel-based stream processing, and a dedicated functional programming kit that supports currying and function composition. It also includes a dedicated cryptography library imp
Sui is a blockchain platform featuring an object-centric state model and resource-oriented smart contracts. It utilizes parallel transaction execution to increase network throughput and supports programmable transaction blocks that bundle multiple operations into single atomic units. The platform distinguishes itself with a capability-based access control system and zero-knowledge login mechanisms, enabling users to authenticate via identity providers without seed phrases. It also implements deterministic object addressing to allow predictable state lookups and supports the creation of soulbo
jsencrypt is a JavaScript library for performing RSA encryption, decryption, and key generation. It functions as an asymmetric key generator and digital signature provider that executes all cryptographic processing directly in the browser. The library focuses on the use of the PEM standard for importing, exporting, and managing cryptographic keys. It provides the ability to create public and private RSA key pairs of various bit sizes and supports OpenSSL compatible formats. Its capabilities cover the transformation of plaintext into ciphertext and the recovery of original messages using corr
This project is a mnemonic seed generator and deterministic wallet deriver. It converts mnemonic phrases into binary seeds and derives cryptocurrency wallet addresses and private keys. The tool is implemented as a browser-based cryptographic utility designed for offline execution. This ensures that all key generation and seed computation occur locally on the machine to prevent private keys from leaving the local environment. The system covers mnemonic phrase generation from entropy, seed computation using password-based derivation, and the derivation of public addresses for multiple cryptocu
Beast is a C++ library for implementing low-level HTTP and WebSocket clients and servers. It functions as an asynchronous networking framework designed to compose non-blocking I/O operations and layered stream stacks for managing concurrent network traffic, specifically utilizing the Boost.Asio asynchronous model. The library provides a comprehensive implementation of the HTTP/1.1 and WebSocket protocols. For HTTP, it includes primitives for parsing and serializing messages with support for chunked transfer encoding, incremental body reading, and request pipelining. Its WebSocket implementati
This project is a learning guide and collection of study notes designed to teach Node.js backend development. It provides a comprehensive core API reference and practical demonstrations for implementing server-side logic, network programming, and system APIs. The guide specifically covers advanced technical domains including process management for scaling applications via clusters and child processes, as well as network programming for building TCP, UDP, and HTTP services. It also includes detailed instructional material on security implementation, focusing on cryptographic hashing and encryp
H2 is a JDBC-compliant relational database management system written in Java. It functions as an embeddable SQL database that can run directly within an application process to remove network latency, or as an in-memory database for high-performance volatile storage. It also includes a web-based console for executing SQL commands and administering schemas. The system is characterized by its flexible deployment modes, including a standalone server mode for remote TCP/IP access and a mixed mode for simultaneous local and remote connectivity. It features a dialect emulation layer and compatibilit
FoundationDB is an ACID-compliant distributed transactional key-value store. It functions as a scalable database engine that ensures strict serializability and data consistency across a cluster of servers using a shared-nothing architecture. The system is distinguished by its multi-region replication capabilities, allowing data to be synchronized across different datacenters for high availability and disaster recovery. It utilizes optimistic concurrency control to manage distributed transactions and employs a majority-based coordination system to maintain cluster state. The platform provides
This project is a front-end interview study guide and a collection of structured notes designed for technical job preparation. It serves as a comprehensive reference for web technologies, common technical interview questions, and JavaScript algorithm implementation. The notebook distinguishes itself by integrating specialized guides for web performance optimization, browser API documentation, and JavaScript algorithm references. It provides a structured approach to solving coding challenges involving data structures like binary trees, linked lists, and array manipulation. The content covers
hashsigs-ts is a TypeScript cryptography library used to generate and verify digital signatures through one-time cryptographic schemes. It functions as a hash-based signature tool that creates secure signatures without relying on asymmetric encryption. The library provides tools for cryptographic identity verification and data integrity validation. It utilizes a one-time signature generation process to ensure that data remains unaltered and that the origin of a message can be proven. The implementation manages raw cryptographic data using typed arrays and employs pure functions to ensure con
CryptoSwift is a cryptography library implemented entirely in the Swift programming language. It provides a collection of standard cryptographic algorithms for encryption, decryption, and hashing without relying on native C libraries or system frameworks. The library supports symmetric and asymmetric encryption, including RSA key generation and signature management. It features authenticated encryption schemes and the ability to generate cryptographic digests for data integrity verification. The toolset covers message authentication codes, secure key derivation from passwords, and data paddi
This is a cross-platform JavaScript library and cryptographic hash tool used for generating 128-bit MD5 message digests and fingerprints from strings or binary data. It provides a consistent implementation for computing hash values and hexadecimal-encoded digests to facilitate data validation. The library includes an implementation of HMAC-MD5, allowing for the creation of keyed-hash message authentication codes to verify both the authenticity and integrity of a message using a secret key. These capabilities support data integrity verification and message authentication across both client-si