rustls-backed TLS for tokio-postgres without a required crypto backend
Go to file
asonix 973697bd6c
All checks were successful
/ check (aarch64-unknown-linux-musl) (push) Successful in 51s
/ check (armv7-unknown-linux-musleabihf) (push) Successful in 59s
/ check (x86_64-unknown-linux-musl) (push) Successful in 52s
/ clippy (push) Successful in 29s
/ tests (push) Successful in 30s
/ build (armv7-unknown-linux-musleabihf) (push) Successful in 59s
/ build (x86_64-unknown-linux-musl) (push) Successful in 41s
/ publish-forgejo (push) Successful in 5s
/ publish-crate (push) Successful in 20s
/ build (aarch64-unknown-linux-musl) (push) Successful in 56s
Uppercase OR
2024-05-03 22:04:10 -05:00
.forgejo/workflows Working base image 2024-05-03 17:02:42 -05:00
src Remove fn main() from doctests 2024-05-03 15:05:20 -05:00
.gitignore Implementation 2024-05-03 11:56:09 -05:00
Cargo.toml Uppercase OR 2024-05-03 22:04:10 -05:00
flake.lock Implementation 2024-05-03 11:56:09 -05:00
flake.nix Initial commit 2024-05-03 11:56:02 -05:00
LICENSE-APACHE Add documentation, prepare release 2024-05-03 15:03:07 -05:00
LICENSE-MIT Add documentation, prepare release 2024-05-03 15:03:07 -05:00 Add documentation, prepare release 2024-05-03 15:03:07 -05:00


An impelementation of TLS based on rustls for tokio-postgres

This crate allows users to select a crypto backend, or bring their own, rather than relying on primitives provided by ring directly. This is done through the use of x509-cert for certificate parsing rather than X509-certificate, while also adding an abstraction for computing digests.

By default, tokio-postgres-generic-rustls does not provide a digest implementation, but one or more are provided behind crate features.

Feature Impelementation
aws-lc-rs AwsLcRsDigest
ring RingDigest
rustcrypto RustcryptoDigest


Using this crate is fairly straightforward. First, select your digest impelementation via crate features (or provide your own), then construct rustls connector for tokio-postgres with your rustls client configuration.

The following example demonstrates providing a custom digest backend.

use tokio_postgres_generic_rustls::{DigestImplementation, DigestAlgorithm, MakeRustlsConnect};

struct DemoDigest;

impl DigestImplementation for DemoDigest {
    fn digest(&self, algorithm: DigestAlgorithm, bytes: &[u8]) -> Vec<u8> {
        todo!("digest it")

fn main() {
    let cert_store = rustls::RootCertStore::empty();

    let config = rustls::ClientConfig::builder()

    let tls = MakeRustlsConnect::new(config, DemoDigest);

    let connect_future = tokio_postgres::connect("postgres://username:password@localhost:5432/db", tls);

    // connect_future.await;


This project is licensed under either of

at your option.