webpki alternatives and similar packages
Based on the "Cryptography" category.
Alternatively, view webpki alternatives based on common mentions on social networks and blogs.
-
Ockam
Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications โ at massive scale. Use Ockam to build secure-by-design applications that can Trust Data-in-Motion. -
rust-crypto
A (mostly) pure-Rust implementation of various cryptographic algorithms. -
exonum
An extensible open-source framework for creating private/permissioned blockchain applications -
curve25519-dalek
A pure-Rust implementation of group operations on Ristretto and Curve25519 -
sodiumoxide
[DEPRECATED] Sodium Oxide: Fast cryptographic library for Rust (bindings to libsodium) -
ed25519-dalek
Fast and efficient ed25519 signing and verification in Rust. -
miscreant
Meta-repository for Miscreant: misuse-resistant symmetric encryption library with AES-SIV (RFC 5297) and AES-PMAC-SIV support -
RustCrypto
Authenticated Encryption with Associated Data Algorithms: high-level encryption ciphers -
RustCrypto Elliptic Curves
Collection of pure Rust elliptic curve implementations: NIST P-224, P-256, P-384, secp256k1, SM2 -
orion
Usable, easy and safe pure-Rust crypto [Moved to: https://github.com/orion-rs/orion] -
rust-security-framework
Bindings to the macOS Security.framework -
recrypt
A set of cryptographic primitives for building a multi-hop Proxy Re-encryption scheme, known as Transform Encryption. -
Roughenough
A Roughtime secure time sync client and server written in Rust -
schannel-rs
Schannel API-bindings for rust (provides an interface for native SSL/TLS using windows APIs) -
rust-djangohashers
A Rust port of the password primitives used in Django Project. -
rustotpony
๐ด RusTOTPony โ CLI manager of one-time password generators aka Google Authenticator -
rncryptor-rs
Pure Rust implementation of the RNCryptor cryptographic format by Rob Napier
Learn any GitHub repo in 59 seconds
* Code Quality Rankings and insights are calculated and provided by Lumnify.
They vary from L1 to L5 with "L5" being the highest.
Do you think we are missing an alternative of webpki or a related project?
README
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
What is webpki?
webpki is a library that validates Web PKI (TLS/SSL) certificates. webpki is designed to provide a full implementation of the client side of the Web PKI to a diverse range of applications and devices, including embedded (IoT) applications, mobile apps, desktop applications, and server infrastructure. webpki is intended to not only be the best implementation of the Web PKI, but to also precisely define what the Web PKI is.
webpki is written in Rust and uses ring for signature verification.
webpki is strongly influenced by mozilla::pkix. You can read a little about the ideas underlying both mozilla::pkix and webpki in insanity::pkix: A New Certificate Path Building & Validation Library.
The Rust compiler statically guarantees there are no buffer overflows, uses-after-free, double-frees, data races, etc. in webpki. webpki takes advantage of Rust's borrow checker to ensure that its zero-copy parsing strategy is safe and efficient. webpki never allocates memory on the heap, and it maintains a tight bound on the amount of stack memory it uses. webpki avoids all superfluous PKIX features in order to keep its object code size small. Further reducing the code size of webpki is an important goal.
This release is the very first prototype. Lots of improvements are planned, including:
- An extensive automated test suite.
- Key pinning.
- Certificate Transparency support.
- Short-lived certificate, OCSP stapling, and CRLSet support.
- Customization of the supported algorithms, key sizes, and elliptic curves allowed during a validation.
- A C language wrapper interface to allow using webpki in non-Rust applications.
- A specification of precisely what the Web PKI is.
Demo
See https://github.com/ctz/rustls#example-code for an example of using webpki.
License
See [LICENSE](LICENSE). This project happily accepts pull requests without any formal copyright/contributor license agreement. Pull requests must explicitly indicate who owns the copyright to the code being contributed and that the code is being licensed under the same terms as the existing webpki code.
Bug Reporting
Please report bugs either as pull requests or as issues in the issue tracker. webpki has a full disclosure vulnerability policy. Please do NOT attempt to report any security vulnerability in this code privately to anybody.
*Note that all licence references and agreements mentioned in the webpki README section above
are relevant to that project's source code only.