Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/kkocdko/tlsimple

TLS for async Rust, with Mbed-TLS.
https://github.com/kkocdko/tlsimple

rust ssl tls

Last synced: 8 days ago
JSON representation

TLS for async Rust, with Mbed-TLS.

Host: GitHub
URL: https://github.com/kkocdko/tlsimple
Owner: kkocdko
License: mit
Created: 2023-07-25T19:32:09.000Z (over 1 year ago)
Default Branch: master
Last Pushed: 2024-01-06T11:43:25.000Z (10 months ago)
Last Synced: 2024-08-10T05:07:15.921Z (3 months ago)
Topics: rust, ssl, tls
Language: Rust
Homepage: https://crates.io/crates/tlsimple
Size: 222 KB
Stars: 2
Watchers: 1
Forks: 0
Open Issues: 1
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # tlsimple

TLS for async Rust, with [Mbed-TLS](https://github.com/Mbed-TLS/mbedtls).

## Features

- Out of the box. Only a C compiler is required (unlike OpenSSL which needs perl + autoconf + automake + many more).

- Async and blocking support, server and client mode. Also provide `HttpsConnector` for Hyper (0.14) client.

- Lightweight. As a thin layer (< 2K Lines) with few dependencies. Binary size about 700 KiB smaller than rustls, 2 MiB smaller than rust-openssl.

## Performance

WIP

## Roadmap

- [x] Run Mbed-TLS demo.

- [x] Use Mbed-TLS BIO (I/O abstraction).

- [x] Try to figure out if Mbed-TLS is easy to strip.

- [x] Build Mbed-TLS with AddressSanitizer.

- [x] Build Rust executable with AddressSanitizer.

- [x] Rust binding prototype worked.

- [x] Fully control the build progress, use only gcc / ar command.

- [x] Fix LeakSanitizer.

- [x] Compile with the Rust cc crate.

- [x] Bind to Rust.

- [x] Bind to Rust with async.

- [ ] Miri, Loom, ThreadSanitizer and more.

- [x] Set ALPN to use HTTP 2.

- [x] Client mode.

- [x] Implement Client mode cert vetify.

- [ ] Test client mode cert vetify works.

- [x] Client with Hyper 0.14.

- [x] Client with Hyper 1.0.

- [x] Deploy on Tokio current-thread runtime.

- [x] Fix crach on Tokio multi-thread runtime.

- [x] Bench OpenSSL and Mbed-TLS.

- [x] Strip more.

- [x] Test if works in Windows.

- [x] TLS 1.3 in C.

- [x] TLS 1.3 in Rust.

- [ ] ~~Use mbedtls_ssl_cache_context to speed up.~~

- [x] Use context pool to improve performance.

- [x] Improve multi-thread performance.

- [x] Bench and compare with OpenSSL / Rustls.

- [ ] Better error code to name convert.

- [x] CI by GitHub Actions.

- [x] Handle underlying io errors.

- [ ] More about close notify?

- [x] Port init script to build.rs.

- [ ] ~~Kernel TLS offload~~.

- [x] Deploy on ksite.

- [ ] Publish & Announce.

## Thanks

- https://github.com/Mbed-TLS/mbedtls

- https://github.com/tokio-rs/tokio-openssl

- https://github.com/fortanix/rust-mbedtls

- https://curl.se/docs/ssl-compared.html

简体中文

> tlsimple

为 Rust 提供轻巧的 TLS 支持，基于 [Mbed-TLS](https://github.com/Mbed-TLS/mbedtls)。

## 特性

- 支持异步与同步，服务端与客户端模式。同时为 Hyper 客户端提供 `HttpsConnector`。

> 翻译仍在进行中...