RustCrypto: ASN.1 DER
Pure Rust embedded-friendly implementation of the Distinguished Encoding Rules (DER) for Abstract Syntax Notation One (ASN.1) as described in ITU X.690.
About
This crate provides a no_std
-friendly implementation of a subset of ASN.1 DER
necessary for decoding/encoding the following cryptography-related formats
implemented as crates maintained by the RustCrypto project:
- [
pkcs1
]: RSA Cryptography Specifications - [
pkcs5
]: Password-Based Cryptography Specification - [
pkcs7
]: Cryptographic Message Syntax - [
pkcs8
]: Private-Key Information Syntax Specification - [
pkcs10
]: Certification Request Syntax Specification - [
sec1
]: Elliptic Curve Cryptography - [
spki
]: X.509 Subject Public Key Info - [
x501
]: Directory Services Types - [
x509
]: Public Key Infrastructure Certificate
The core implementation avoids any heap usage (with convenience methods
that allocate gated under the off-by-default alloc
feature).
The DER decoder in this crate performs checks to ensure that the input document is in canonical form, and will return errors if non-canonical productions are encountered. There is currently no way to disable these checks.
Features
- Rich support for ASN.1 types used by PKCS/PKIX documents
- Performs DER canonicalization checks at decoding time
no_std
friendly: supports "heapless" usage- Optionally supports
alloc
andstd
if desired - No hard dependencies! Self-contained implementation with optional
integrations with the following crates, all of which are
no_std
friendly: const-oid
: const-friendly OID implementationpem-rfc7468
: PKCS/PKIX-flavored PEM library with constant-time decoder/encoderstime
crate: date/time library
Minimum Supported Rust Version
This crate requires Rust 1.65 at a minimum.
We may change the MSRV in the future, but it will be accompanied by a minor version bump.
License
Licensed under either of:
at your option.
Contribution
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.