{"id":16847855,"url":"https://github.com/stepancheg/rust-tls-api","last_synced_at":"2025-04-05T10:09:56.350Z","repository":{"id":21538458,"uuid":"93213152","full_name":"stepancheg/rust-tls-api","owner":"stepancheg","description":"TLS API for Rust, and API implementations over native-tls and openssl in separate crates","archived":false,"fork":false,"pushed_at":"2023-12-05T23:24:57.000Z","size":662,"stargazers_count":49,"open_issues_count":2,"forks_count":28,"subscribers_count":6,"default_branch":"master","last_synced_at":"2024-04-23T23:04:05.867Z","etag":null,"topics":["openssl","rust","tls"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/stepancheg.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2017-06-03T00:25:14.000Z","updated_at":"2023-07-25T14:09:29.000Z","dependencies_parsed_at":"2023-12-06T00:28:15.569Z","dependency_job_id":null,"html_url":"https://github.com/stepancheg/rust-tls-api","commit_stats":{"total_commits":377,"total_committers":15,"mean_commits":"25.133333333333333","dds":0.05835543766578244,"last_synced_commit":"6337f77db1cb6dfb53bbe7f9ec6b0d258cf8224b"},"previous_names":[],"tags_count":26,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stepancheg%2Frust-tls-api","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stepancheg%2Frust-tls-api/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stepancheg%2Frust-tls-api/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stepancheg%2Frust-tls-api/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/stepancheg","download_url":"https://codeload.github.com/stepancheg/rust-tls-api/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247318745,"owners_count":20919484,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["openssl","rust","tls"],"created_at":"2024-10-13T13:09:13.984Z","updated_at":"2025-04-05T10:09:56.330Z","avatar_url":"https://github.com/stepancheg.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# This project has a new home\n\n[New home](https://github.com/edgedb/rust-tls-api/)\n\n# Original notes\n\n[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/stepancheg/rust-tls-api/CI)](https://github.com/stepancheg/rust-tls-api/actions?query=workflow%3ACI)\n[![License](https://img.shields.io/crates/l/tls-api.svg)](https://github.com/stepancheg/rust-tls-api/blob/master/LICENSE)\n[![crates.io](https://img.shields.io/crates/v/tls-api.svg)](https://crates.io/crates/tls-api)\n\n# One TLS API to rule them all\n\nSupports:\n* **tokio** and **async-std**\n* **rustls**, **native-tls**, **openssl**, **security-framework**\n\n## Crates in this repository\n\n* tls-api — TLS API without any implementation and without dependencies\n* tls-api-native-tls — implementation of TLS API over\n  [native-tls](https://github.com/sfackler/rust-native-tls) crate\n* tls-api-openssl — implementation of TLS API over\n  [openssl](https://github.com/sfackler/rust-openssl) crate\n* tls-api-rustls — implementation of TLS API over\n  [rustls](https://github.com/ctz/rustls) crate\n* tls-api-security-framework — implementation of TLS API over\n  [security framework](https://github.com/sfackler/rust-security-framework) crate\n* tls-api-schannel — _missing_ implementation of TLS API over\n  [schannel](https://github.com/steffengy/schannel-rs) crate\n* tls-api-stub — stub API implementation which returns an error on any operation\n* tls-api-not-tls — stub API implementation which pretends to be TLS, but returns wrapped plain socket\n* test-cert-gen — utility to generate certificate for unit tests\n\n## Why one might want to use TLS API instead of concrete implementation\n\n* it is not decided yet which TLS implementation is better, start prototyping with one, and then switch to another\n* something doesn't work, no idea why, maybe try another implementation which would provide better diagnostics\n* provide a library over TLS (like database client) and allow user do specify preferred TLS implementation\n* do a performace comparison of TLS implementations on the same code base\n* if one implementation is buggy, it's easy to switch to another without heavy rewrite\n\n## Example\n\n[download-rust-lang-org.rs](https://github.com/stepancheg/rust-tls-api/blob/master/examples/examples/download-rust-lang-org.rs#L66)\ncontains the implementation of simple TLS client downloading rust-lang.org,\nwhich is invoked with four backends.\n\n## Implementations comparison\n\n|                          | openssl | rustls | security-framework | native-tls |\n| ------------------------ | ------- | ------ |--------------------| ---------- |\n| Can fetch google.com:443 | Yes     | Yes    | Yes                | Yes        |\n| Server works             | Yes     | Yes    | Yes                | Yes        |\n| Client ALPN              | Yes     | Yes    | Yes                | Yes        |\n| Server ALPN              | Yes     | Yes    | No                 | No         |\n| Server init from DER key | Yes     | Yes    | No                 | No         |\n| Server init from PKCS12  | Yes     | No     | Yes                | Yes        |\n\n## Why not simply use XXX\n\n### Why not simply use native-tls\n\n* does not support server side ALPN\n* requires PKCS #12 keys on the server side\n* building OpenSSL on Linux is not always trivial\n\n### Why not simply use openssl\n\n* sometimes it's hard to compile it\n* some concerns about OpenSSL safety\n\n### Why not simply use rustls\n\n* diagnostics of rustls is not perfect\n* certain TLS features are not supported\n\n### Why not simply use security-framework\n\n* only works on Apple\n* does not support server side ALPN\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstepancheg%2Frust-tls-api","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstepancheg%2Frust-tls-api","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstepancheg%2Frust-tls-api/lists"}