Drogue-TLS

Drogue-TLS is a Rust-native TLS 1.3 implementation that works in a no-std environment. The implementation is work in progress, but the example clients should work against the rustls echo server.

The client supports both async and blocking modes. By default, the async and std features are enabled. The async feature requires Rust nightly, while the blocking feature works on Rust stable.

To use the async mode, import drogue_tls::*. To use the blocking mode, import drogue_tls::blocking::*.

Some features like certificate validation are still not implemented, have a look at open issues. Only supports writing/receiving one frame at a time, hence using a frame buffer larger than 16k is not currently needed. You may use a lower frame buffer size, but there is no guarantee that it will be able to parse any TLS 1.3 frame.

Usage of this crate should fit in 20 kB of RAM assuming a frame buffer of 16 kB (max TLS record size). This is not including the space used to hold the CA and any client certificates, which is not yet supported.

NOTE: This is very fresh and is probably not meeting all parts of the TLS 1.3 spec. Things like certificate validation and client certificate support is not complete. If you find anything you'd like to get implemented, feel free to raise an issue.

Community

• Drogue IoT Matrix Chat Room
• We have bi-weekly calls at 9:00 AM (GMT). Check the calendar to see which week we are having the next call, and feel free to join!
• Drogue IoT Forum
• Drogue IoT YouTube channel
• Follow us on Twitter!