Yet another TLS implementation, but written from scratch (including the crypto) in pure Rust - of course.
Go to file
otsmr 2380aa042f cargo fmt 2023-12-21 13:22:10 +01:00
.github/workflows Create rust.yml 2023-05-02 18:15:05 +02:00
anothertls cargo fmt 2023-12-21 13:22:10 +01:00
examples cargo fmt 2023-12-21 13:22:10 +01:00
.gitignore server handshake works again :) 2023-04-11 14:42:07 +02:00
AnotherTLS.pdf fix layout 2023-06-27 15:34:03 +02:00
Cargo.toml cargo fmt 2023-12-21 13:22:10 +01:00
LICENSE update cargo.toml 2023-04-20 22:07:06 +02:00 add test cases 2023-04-27 11:53:50 +02:00


Yet another TLS implementation, but written from scratch (including the crypto) in pure Rust - of course. The focus of this implementation is the simplicity and to use no dependencies. I started this project to deep dive into Rust, cryptography and network protocols.

If you are interested in hacking TLS, you should checkout my VulnTLS project.

What makes AnotherTLS unique?

It depends only on the standard library and the ibig crate. So you will find the entire TLSv1.3 stack in a single repo to play around with, as I do with my VulnTLS implementation. Also, everything is pub, so you can use AnotherTLS to easily simulate parts of TLS for example to write an exploit.

With the current version it is possible to connect via curl or the browser with the AnotherTLS server. AnotherTLS can also be used as a client. Since the parsing of certificates is still WIP, it is not yet possible to connect (securely) to known websites (resp. certificates are not verified).

handshake and application data

$ cargo run --bin server_https
# other window
$ curl -iv --insecure https://localhost:4000/

client certificate

$ cargo run --bin server_client_auth
# other window
$ cd ./examples/src/bin/config/client_cert/
$ curl --cert client.signed.cert --key client.key -iv --insecure https://localhost:4000/

For more information about using AnotherTLS, see the ./examples folder.

depending standards

The TLSv1.3 stack consists of the following standards, which are also implemented in this repository.



  • TLS curves: secp384r1


Currently, the focus of this implementation is to be TLS-complaint according to the RFC8446, but when all requirements are implemented, I will switch the focus to the security part, because this is one of the main reasons I started this project.