{"id":20110487,"url":"https://github.com/otsmr/anothertls","last_synced_at":"2025-06-20T03:08:14.960Z","repository":{"id":105879107,"uuid":"597911217","full_name":"otsmr/AnotherTLS","owner":"otsmr","description":"Yet another TLS implementation, but written from scratch (including the crypto) in pure Rust - of course.","archived":false,"fork":false,"pushed_at":"2023-12-21T12:22:11.000Z","size":946,"stargazers_count":3,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-06-20T03:08:07.998Z","etag":null,"topics":["rust","tls13"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/otsmr.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-02-06T01:08:51.000Z","updated_at":"2024-08-27T19:03:31.000Z","dependencies_parsed_at":"2023-12-21T14:14:42.148Z","dependency_job_id":"ef96e193-516a-4d23-b132-c1889a0589ab","html_url":"https://github.com/otsmr/AnotherTLS","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/otsmr/AnotherTLS","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/otsmr%2FAnotherTLS","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/otsmr%2FAnotherTLS/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/otsmr%2FAnotherTLS/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/otsmr%2FAnotherTLS/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/otsmr","download_url":"https://codeload.github.com/otsmr/AnotherTLS/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/otsmr%2FAnotherTLS/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":260869034,"owners_count":23074963,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["rust","tls13"],"created_at":"2024-11-13T18:12:08.740Z","updated_at":"2025-06-20T03:08:09.949Z","avatar_url":"https://github.com/otsmr.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# AnotherTLS\nYet another TLS implementation, but written **from scratch** (including the\ncrypto) in **pure Rust** - of course. The focus of this implementation is the\nsimplicity and to use no dependencies. I started this project to deep dive into\nRust, cryptography and network protocols.\n\n**If you are interested in hacking TLS, you should checkout my\n[VulnTLS](https://github.com/otsmr/VulnTLS) project.**\n\n## What makes AnotherTLS unique?\nIt depends only on the standard library and the `ibig` crate. So you will find\n**the entire TLSv1.3 stack in a single repo** to play around with, as I do with\nmy VulnTLS implementation. Also, everything is `pub`, so you can use AnotherTLS\nto easily simulate parts of TLS for example to write an exploit.\n\nWith the current version it is possible to connect via curl or the browser with\nthe AnotherTLS server. AnotherTLS can also be used as a client. Since the\nparsing of certificates is still WIP, it is not yet possible to connect\n(securely) to known websites (resp. certificates are not verified).\n\n\n**handshake and application data**\n```bash\n$ cargo run --bin server_https\n# other window\n$ curl -iv --insecure https://localhost:4000/\n```\n\n**client certificate**\n```bash\n$ cargo run --bin server_client_auth\n# other window\n$ cd ./examples/src/bin/config/client_cert/\n$ curl --cert client.signed.cert --key client.key -iv --insecure https://localhost:4000/\n```\n\nFor more information about using AnotherTLS, see the `./examples` folder.\n\n\n## depending standards\nThe TLSv1.3 stack consists of the following standards, which are also\nimplemented in this repository.\n\n### implemented\n- [SHA256](https://datatracker.ietf.org/doc/html/rfc6234)\n- [SHA384](https://datatracker.ietf.org/doc/html/rfc6234)\n- [AES](https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf)\n- [AES_GCM](https://luca-giuzzi.unibs.it/corsi/Support/papers-cryptography/gcm-spec.pdf)\n- [prime256v1](https://github.com/starkbank/ecdsa-python/)\n- [X25519](https://martin.kleppmann.com/papers/curve25519.pdf)\n- [HKDF](https://www.rfc-editor.org/rfc/rfc5869)\n- [HMAC](https://www.rfc-editor.org/rfc/rfc2104)\n- [X.509](https://www.rfc-editor.org/rfc/rfc5280#section-4.1)\n- [CHACHA20_POLY1305](https://datatracker.ietf.org/doc/html/rfc8439)\n- [CHACHA20_POLY1305_TLS](https://www.rfc-editor.org/rfc/rfc7905)\n\n### open\n- TLS curves: [secp384r1]()\n\n\n## security\nCurrently, the focus of this implementation is to be TLS-complaint according to\nthe [RFC8446](https://datatracker.ietf.org/doc/html/rfc8446), but when all\nrequirements are implemented, I will switch the focus to the security part,\nbecause this is one of the main reasons I started this project.\n\n**Todo**\n- setup [tlsfuzzer](https://github.com/tlsfuzzer/tlsfuzzer)\n- setup [TLS-Attacker](https://github.com/tls-attacker/TLS-Attacker)\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fotsmr%2Fanothertls","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fotsmr%2Fanothertls","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fotsmr%2Fanothertls/lists"}