{"id":18787219,"url":"https://github.com/michaelforney/libtls-bearssl","last_synced_at":"2026-03-07T16:34:37.853Z","repository":{"id":55893034,"uuid":"225815659","full_name":"michaelforney/libtls-bearssl","owner":"michaelforney","description":"libtls implemented on top of BearSSL","archived":false,"fork":false,"pushed_at":"2022-09-08T18:36:49.000Z","size":288,"stargazers_count":40,"open_issues_count":2,"forks_count":4,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-04-13T13:12:25.101Z","etag":null,"topics":["bearssl","tls"],"latest_commit_sha":null,"homepage":"https://sr.ht/~mcf/libtls-bearssl","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"isc","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/michaelforney.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-12-04T08:21:45.000Z","updated_at":"2025-01-06T14:32:04.000Z","dependencies_parsed_at":"2022-08-15T08:50:25.939Z","dependency_job_id":null,"html_url":"https://github.com/michaelforney/libtls-bearssl","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"purl":"pkg:github/michaelforney/libtls-bearssl","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michaelforney%2Flibtls-bearssl","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michaelforney%2Flibtls-bearssl/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michaelforney%2Flibtls-bearssl/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michaelforney%2Flibtls-bearssl/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/michaelforney","download_url":"https://codeload.github.com/michaelforney/libtls-bearssl/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michaelforney%2Flibtls-bearssl/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30221511,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-07T14:02:48.375Z","status":"ssl_error","status_checked_at":"2026-03-07T14:02:43.192Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bearssl","tls"],"created_at":"2024-11-07T20:53:54.194Z","updated_at":"2026-03-07T16:34:37.794Z","avatar_url":"https://github.com/michaelforney.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"# libtls-bearssl\n\n[![builds.sr.ht status](https://builds.sr.ht/~mcf/libtls-bearssl.svg)](https://builds.sr.ht/~mcf/libtls-bearssl)\n\nlibtls-bearssl is an implementation of [libtls] on top of [BearSSL].\n\nBearSSL is an excellent TLS library: it is small, secure by default,\nflexible, consistent, performs no memory allocation, and the code\nis as clean and well documented as any I've ever seen.\n\nHowever, due to some of its constraints, it is not the easiest TLS\nlibrary to use. Things like loading trust anchors, server-side SNI,\nand I/O with non-blocking sockets actually involve quite a bit of\nwork.\n\nlibtls shares some of the same goals as BearSSL: it is also consistent,\nsecure by default, and well documented. However, it is also a\nhigher-level API that is designed to be easy to use for many common\nsituations.\n\nThis project aims to get the best of both worlds by implementing\nthe libtls API on top of BearSSL.\n\n## Status\n\nlibtls-bearssl implements nearly all features of the libtls API\n(version 3.3.3).  However, there are some that are missing, since\nthey are not supported by BearSSL.\n\n- OCSP stapling. Attempts to configure this will fail.\n- Certificate revocation list (CRL). Attempts to configure this\n  will fail.\n- Inspecting peer certificate issuer name. `tls_peer_cert_issuer`\n  always returns `NULL`.\n- Inspecting peer certificate notBefore and notAfter times.\n  `tls_peer_cert_notbefore` and `tls_peer_cert_notafter` always\n  return `-1`.\n- Encrypted key files. If `tls_load_file` is passed a password\n  string, it will return `NULL`.\n- Session caching. BearSSL does implement this (though not session\n  tickets, RFC 5077), so this may be added in the future.\n- Keys and certificates using CRLF as the line ending are not\n  supported. They must first be converted to use unix-style line\n  endings (LF).\n\n## Mailing list\n\nFeel free to use the mailing list at\nhttps://lists.sr.ht/~mcf/libtls-bearssl for patches, questions, or\ngeneral discussion.\n\n## Issue tracker\n\nPlease report any issues to https://todo.sr.ht/~mcf/libtls-bearssl.\n\n[libtls]: http://man.openbsd.org/tls_init\n[BearSSL]: https://bearssl.org/\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmichaelforney%2Flibtls-bearssl","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmichaelforney%2Flibtls-bearssl","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmichaelforney%2Flibtls-bearssl/lists"}