{"id":15557679,"url":"https://github.com/fgasper/p5-net-mbedtls","last_synced_at":"2025-10-03T20:18:43.509Z","repository":{"id":65024497,"uuid":"580905340","full_name":"FGasper/p5-Net-mbedTLS","owner":"FGasper","description":"CPAN’s Net::mbedTLS","archived":false,"fork":false,"pushed_at":"2022-12-27T17:16:46.000Z","size":158,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-29T03:46:31.106Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Perl","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/FGasper.png","metadata":{"files":{"readme":"README.md","changelog":"Changes","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-12-21T18:52:50.000Z","updated_at":"2022-12-21T18:59:42.000Z","dependencies_parsed_at":"2023-01-03T20:22:35.430Z","dependency_job_id":null,"html_url":"https://github.com/FGasper/p5-Net-mbedTLS","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/FGasper/p5-Net-mbedTLS","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FGasper%2Fp5-Net-mbedTLS","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FGasper%2Fp5-Net-mbedTLS/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FGasper%2Fp5-Net-mbedTLS/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FGasper%2Fp5-Net-mbedTLS/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/FGasper","download_url":"https://codeload.github.com/FGasper/p5-Net-mbedTLS/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FGasper%2Fp5-Net-mbedTLS/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":278220337,"owners_count":25950446,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-03T02:00:06.070Z","response_time":53,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-02T15:20:19.690Z","updated_at":"2025-10-03T20:18:43.476Z","avatar_url":"https://github.com/FGasper.png","language":"Perl","funding_links":[],"categories":[],"sub_categories":[],"readme":"# NAME\n\nNet::mbedTLS - [mbedTLS](https://tls.mbed.org/) in Perl\n\n# SYNOPSIS\n\n    my $fh = IO::Socket::INET-\u003enew(\"example.com:12345\");\n\n    my $mbedtls = Net::mbedTLS-\u003enew();\n\n    my $client = $mbedtls-\u003ecreate_client($fh);\n\n    # Optional, but useful to do separately if, e.g., you want\n    # to report a successful handshake.\n    $client-\u003eshake_hands();\n\n    # Throws if the error is an “unexpected” one:\n    my $input = \"\\0\" x 23;\n    my $got = $client-\u003eread($input) // do {\n\n        # We get here if, e.g., the socket is non-blocking and we\n        # weren’t ready to read.\n    };\n\n    # Similar to read(); throws on “unexpected” errors:\n    my $wrote = $tls-\u003ewrite($byte_string) // do {\n        # ...\n    };\n\n# DESCRIPTION\n\n[OpenSSL](https://openssl.org) is great but rather large.\n\nThis distribution allows use of mbedTLS, a smaller, simpler TLS library,\nfrom Perl.\n\n# BENEFITS \u0026 LIABILITIES\n\nThis library, like mbedTLS itself, minimizes memory usage at\nthe cost of performance. After a simple TLS handshake with this library\nPerl’s memory usage is about 6.5 MiB lower than when using\n[IO::Socket::SSL](https://metacpan.org/pod/IO%3A%3ASocket%3A%3ASSL) for the same. On the other hand, OpenSSL does the\nhandshake (as of this writing) about 18 times faster.\n\n# AVAILABLE FUNCTIONALITY\n\nFor now this module largely just exposes the ability to do TLS. mbedTLS\nitself exposes a good deal more functionality like raw crypto and\nconfigurable ciphers; if you want that stuff, file a feature request.\n(A patch with a test is highly desirable!)\n\n# BUILDING/LINKING\n\nThis library can link to mbedTLS in several ways:\n\n- Dynamic, to system library (default): This assumes that\nmbedTLS is available from some system-default location (e.g.,\n`/usr`).\n- Dynamic, to a specific path: To do this set\n`NET_MBEDTLS_MBEDTLS_BASE` in your environment to whatever directory\ncontains mbedTLS’s `include` and `lib` (or `library`) directories.\n- Static, to a specific path: Like the previous one, but\nalso set `NET_MBEDTLS_LINKING` to `static` in your environment.\n\nDynamic linking allows Net::mbedTLS to use the most recent\n(compatible) mbedTLS but requires you to have a shared mbedTLS\navailable, whereas static linking alleviates that dependency at the\ncost of always using the same library version.\n\nmbedTLS, alas, as of this writing does not support\n[pkg-config](https://www.freedesktop.org/wiki/Software/pkg-config/).\n([GitHub issue](https://github.com/ARMmbed/mbedtls/issues/228)) If that\nchanges then dynamic linking may become more reliable.\n\nNB: mbedTLS **MUST** be built with _position-independent_ code. If you’re\nbuilding your own mbedTLS then you’ll need to configure that manually.\nGCC’s `-fPIC` flag does this; see this distribution’s CI tests for an example.\n\n# METHODS\n\n## $obj = _CLASS_-\u003enew( %OPTS )\n\nInstantiates this class. %OPTS are:\n\n- `trust_store_path` (optional) - Filesystem path to the trust\nstore (i.e., root certificates). If not given this module will use\n[Mozilla::CA](https://metacpan.org/pod/Mozilla%3A%3ACA)’s trust store.\n\n    The trust store isn’t loaded until it’s needed, so if you don’t need\n    to verify certificate chains (e.g., you’re only serving without\n    TLS client authentication) you can safely omit this.\n\n## $client = _OBJ_-\u003ecreate\\_client( $SOCKET, %OPTS )\n\nInitializes a client session on $SOCKET. Returns a\n[Net::mbedTLS::Client](https://metacpan.org/pod/Net%3A%3AmbedTLS%3A%3AClient) instance.\n\n%OPTS are:\n\n- `servername` (optional) - The SNI string to send in the handshake.\n- `authmode` (optional) - One of this module’s `SSL_VERIFY_*` constants. Defaults as in mbedTLS.\n\n## $client = _OBJ_-\u003ecreate\\_server( $SOCKET, %OPTS )\n\nInitializes a server session on $SOCKET. Returns a\n[Net::mbedTLS::Server](https://metacpan.org/pod/Net%3A%3AmbedTLS%3A%3AServer) instance.\n\n%OPTS are:\n\n- `servername_cb` (optional) - The callback to run once the\nclient’s SNI string is received. It will receive a\n[Net::mbedTLS::Server::SNICallbackCtx](https://metacpan.org/pod/Net%3A%3AmbedTLS%3A%3AServer%3A%3ASNICallbackCtx) instance, which you can use\nto set the necessary parameters for the new TLS session.\n\n    If an exception is thrown, a warning is created, and the TLS session\n    is aborted.\n\n    To abort the session without a warning, return -1.\n\n    All other outcomes of this callback tell mbedTLS to continue the\n    TLS handshake.\n\n- `key_and_certs` - A reference to an array of key and certs.\nThe array’s contents may be either:\n    - 1 item: Concatenated PEM documents.\n    - 2+ items: The key, then certificates. Any item may be in\n    PEM or DER format, and any non-initial items (i.e., certificate items)\n    may contain multiple certifictes.\n\n# CONSTANTS\n\nThese come from mbedTLS:\n\n- Error states: `ERR_SSL_WANT_READ`, `ERR_SSL_WANT_WRITE`,\n`ERR_SSL_ASYNC_IN_PROGRESS`, `ERR_SSL_CRYPTO_IN_PROGRESS`,\n`MBEDTLS_ERR_SSL_CLIENT_RECONNECT`\n- Verify modes: `SSL_VERIFY_NONE`, `SSL_VERIFY_OPTIONAL`,\n`SSL_VERIFY_REQUIRED`\n\n# SEE ALSO\n\n[Net::SSLeay](https://metacpan.org/pod/Net%3A%3ASSLeay), an XS binding to OpenSSL, is Perl’s de facto standard TLS\nlibrary.\n\n[IO::Socket::SSL](https://metacpan.org/pod/IO%3A%3ASocket%3A%3ASSL) wraps Net::SSLeay with logic to make TLS _almost_ as\neasy to use as plain TCP.\n\n\\#----------------------------------------------------------------------\n\n# LICENSE \u0026 COPYRIGHT\n\nCopyright 2022 Gasper Software Consulting. All rights reserved.\n\nThis library is licensed under the same terms as Perl itself.\nSee [perlartistic](https://metacpan.org/pod/perlartistic).\n\nThis library was originally a research project at\n[cPanel, L.L.C.](https://cpanel.net).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffgasper%2Fp5-net-mbedtls","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffgasper%2Fp5-net-mbedtls","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffgasper%2Fp5-net-mbedtls/lists"}