lemon-tls
Version:
JavaScript TLS 1.3/1.2 implementation for Node.js, with full control over cryptographic keys and record layer
184 lines (129 loc) β’ 6.18 kB
Markdown
<p align="center">
<img src="https://github.com/colocohen/lemon-tls/raw/main/lemontls.svg" width="450" alt="LemonTLS"/>
</p>
<h1 align="center">LemonTLS</h1>
<p align="center">
<em>π Pure JavaScript implementation of TLS for Node.js, exposing cryptographic keys and record-layer control for implementing advanced protocols.</em>
</p>
<p align="center">
<a href="https://www.npmjs.com/package/lemon-tls">
<img src="https://img.shields.io/npm/v/lemon-tls?color=blue" alt="npm">
</a>
<img src="https://img.shields.io/badge/status-in%20development-yellow" alt="status">
<img src="https://img.shields.io/github/license/colocohen/lemon-tls?color=brightgreen" alt="license">
</p>
---
> **β οΈ Project status: _Active development_.**
> APIs may change without notice until we reach v1.0.
> Use at your own risk and please report issues!
## β¨ Features
- π **Pure JavaScript** β no OpenSSL, no native bindings.
- β‘ **TLS 1.3 (RFC 8446)** + **TLS 1.2** support.
- π **Key Schedule** β full HKDF-based derivation, AEAD, transcript hashing.
- π **X.509 Certificates** β parsing and basic validation included.
- π‘ **Designed for extensibility** β exposes cryptographic keys and record-layer primitives, making it possible to implement protocols such as QUIC, DTLS, or custom transports that depend on TLS. This level of flexibility is not possible when using OpenSSL directly.
- π **Currently server-only** β LemonTLS supports acting as a **TLS server** today.
TLS **client support** is planned and under design.
## π¦ Installation
```bash
npm i lemon-tls
```
## π Example
```js
import net from 'node:net';
import fs from 'node:fs';
import tls from 'lemon-tls';
// Example: TLS server over TCP
var server = net.createServer(function(tcp){
var socket = new tls.TLSSocket(tcp, {
isServer: true,
minVersion: 'TLSv1.2',
maxVersion: 'TLSv1.3',
ALPNProtocols: ['http/1.1'],
SNICallback: function (servername, cb) {
console.log('get cert for: '+servername);
cb(null, tls.createSecureContext({
key: fs.readFileSync('YOUR_CERT_PEM_FILE_PATH'),
cert: fs.readFileSync('YOUR_KEY_PEM_FILE_PATH')
}));
}
});
socket.on('secureConnect', function(){
console.log('[SRV] secure handshake established');
socket.write(new TextEncoder().encode('hi'));
});
socket.on('data', function(c){
// echo
socket.write(c);
});
socket.on('error', function(e){ console.error('[SRV TLS ERROR]', e); });
socket.on('close', function(){ console.log('[SRV] closed'); });
});
server.listen(8443, function(){ console.log('[SRV] listening 8443'); });
```
## π API
### `TLSSession`
`TLSSession` is the **core state machine** for a TLS connection. its exposes low-level cryptographic material:
- Handshake secrets and application traffic keys.
- Record-layer primitives for encrypting/decrypting TLS records.
- Hooks for ALPN, SNI, and extensions.
### `TLSSocket`
`TLSSocket` is a high-level wrapper designed to be API-compatible with Node.js [`tls.TLSSocket`](https://nodejs.org/api/tls.html#class-tlstlssocket).
The main difference is that it uses a `TLSSession` from **LemonTLS** under the hood. This allows you to:
- Use familiar methods and events (`secureConnect`, `data`, `end`, etc.).
- Integrate seamlessly with existing Node.js applications.
- Gain access to LemonTLSβs advanced features by working directly with the underlying `TLSSession` if needed.
## π£ Roadmap
The following roadmap reflects the current and planned status of the LemonTLS project.
β
= Completedβπ = In progressββ³ = Plannedββ = Not planned
### β
Completed
| Status | Item |
|:------:|------|
| β
| TLS 1.3 - Server mode |
| β
| X.509 certificate parsing (basic) |
### π In Progress
| Status | Item | Notes |
|:------:|------|-------|
| π | TLS 1.3 - Client mode |
| π | TLS 1.2 - Server mode |
| π | TLS 1.2 - Client mode |
| π | Session tickets & resumption |
| π | ALPN & SNI extensions | API design ongoing |
| π | API alignment with Node.js `tls.TLSSocket` | Migration tests in progress |
| π | Modularization of key schedule & record layer | For reuse in QUIC/DTLS |
### β³ Planned
| Status | Item | Notes |
|:------:|------|-------|
| β³ | DTLS support | Datagram TLS 1.2/1.3 |
| β³ | Full certificate chain validation | Including revocation checks |
| β³ | Browser compatibility | Via WebCrypto integration |
| β³ | End-to-end interoperability tests | Against OpenSSL, rustls |
| β³ | Benchmarks & performance tuning | Resource usage, throughput |
| β³ | Fuzz testing & robustness checks | To improve security |
| β³ | Developer documentation & API reference | For easier onboarding |
| β³ | TypeScript typings | Type safety and IDE integration |
_Note: LemonTLS is an active work-in-progress project aiming to provide a fully auditable, pure JavaScript TLS implementation for Node.js and beyond._
_Please β star the repo to follow progress!_
## π€ Contributing
Pull requests are welcome!
Please open an issue before submitting major changes.
## π Sponsors
This project is part of the [colocohen](https://github.com/colocohen) Node.js infrastructure stack (QUIC, WebRTC, DNSSEC, TLS, and more).
You can support ongoing development via [GitHub Sponsors](https://github.com/sponsors/colocohen).
## π Documentation
- [RFC 8446 β TLS 1.3](https://datatracker.ietf.org/doc/html/rfc8446)
- [RFC 5246 β TLS 1.2](https://datatracker.ietf.org/doc/html/rfc5246)
## π License
**Apache License 2.0**
```
Copyright Β© 2025 colocohen
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
```