cargo / rustls

rustls

cargo

Rustls is a modern TLS library written in Rust.

Audits

PE Patrick Elsen 2026-05-28

rustls@0.23.40

rustls 0.23.40 is a #![no_std], #![forbid(unsafe_code)] TLS 1.2/1.3 library; published source is byte-identical to VCS. No unsafe, no FFI, no I/O beyond opt-in SSLKEYLOGFILE. Record-layer sequence limits, oversized-record rejection, and the RFC 8446 downgrade sentinel are present. Crypto primitives and cert validation are delegated to the provider and rustls-webpki (scoped out). No findings.

build-exec-deterministicbuild-exec-minimalbuild-exec-no-networkbuild-exec-no-write-outbuild-exec-safeconcurrency-documentedconcurrency-safecrypto-safeenvironment-safefilesystem-safehas-binarieshas-build-exechas-fuzz-testshas-install-exechas-integration-testshas-property-testshas-unit-testsimpl-algorithmimpl-concurrencyimpl-cryptoimpl-datastructureimpl-interpreterimpl-jitimpl-parserimpl-protocolis-benignuses-concurrencyuses-cryptouses-environmentuses-execuses-filesystemuses-interpreteruses-jituses-networkuses-unsafe