A native implementation of TLS (and various other cryptographic tools) in JavaScript.
The Forge software is a fully native implementation of the TLS protocol in JavaScript as well as a set of tools for developing Web Apps that utilize many network resources.
Provides storage of debugging information normally inaccessible in closures for viewing/investigation.
Provides utility functions, including byte buffer support, base64, bytes to/from hex, zlib inflate/deflate, etc.
Provides logging to a javascript console using various categories and levels of verbosity.
Provides queuing and synchronizing tasks in a web application.
Provides basic AES encryption and decryption in CBC mode.
Provides MD5 message digests.
Provides SHA-1 message digests.
Provides SHA-256 message digests.
Provides HMAC w/any supported message digest algorithm.
Provides the password-based key-derivation function from PKCS#5.
Provides cryptographically protected messages from PKCS#7.
Provides the cryptographic archive file format from PKCS#12.
Provides a Fortuna-based cryptographically-secure pseudo-random number generator, to be used with a cryptographic function backend, ie: AES.
Provides an interface to getting cryptographically-secure bytes using AES as a backend for forge.prng.
Provides ASN.1 DER encoding and decoding.
Provides X.509 certificate and RSA public and private key encoding, decoding, encryption/decryption, and signing/verifying.
Provides a native javascript client and server-side TLS implementation.
Provides an interface to create and use raw sockets provided via Flash.
Provides a native JavaScript mini-implementation of an http client that uses pooled sockets.
Provides an XmlHttpRequest implementation using forge.http as a backend.
Provides an Apache module that can serve up a Flash Socket Policy. See
mod_fsp/README for more details. This module makes it easy to modify
an Apache server to allow cross domain requests to be made to it.
Requirements
- General
- GNU autotools for the build infrastructure.
- Flash
- Optional: A pre-built SocketPool.swf is included.
- Adobe Flex 3 SDK to build the Flash socket code.
- http://opensource.adobe.com/wiki/display/flexsdk/
- Testing
- Optional: Only needed for fast session cache during testing.
- Python and OpenSSL development environment to build a special SSL module with session cache support.
- http://www.python.org/dev/
- http://www.openssl.org/
- Debian users should install python-dev and libssl-dev.
To build the whole project, run the following::
$ ./build-setup
$ make
This will create the SWF, symlink all the JavaScript files, and build a Python
SSL module for testing. To see configure options, run ./configure --help.
A test server is provided which can be run in TLS mode and non-TLS mode. Use the --help option to get help for configuring ports. The server will print out the local URL you can vist to run tests.
Some of the simplier tests should be run with just the non-TLS server::
$ ./tests/server.py
More advanced tests need TLS enabled::
$ ./tests/server.py --tls