Lib.rs

Cryptography | Encoding
#asn-1 #pkcs #der #target

no-std der

Pure Rust embedded-friendly implementation of the Distinguished Encoding Rules (DER) for Abstract Syntax Notation One (ASN.1) as described in ITU X.690 with full support for heapless no_std targets

Owned by Tony Arcieri, Arthur Gautier, RustCrypto.

33 releases

Uses new Rust 2024

0.8.0-rc.2 Apr 23, 2025
0.8.0-rc.1 Aug 18, 2024
0.8.0-rc.0 Jul 26, 2024
0.8.0-pre.0 Jan 7, 2024
0.1.0 Dec 22, 2020

#78 in Cryptography

Download history 1703652/week @ 2025-01-12 1555262/week @ 2025-01-19 1788805/week @ 2025-01-26 1916700/week @ 2025-02-02 2091175/week @ 2025-02-09 1779556/week @ 2025-02-16 1895786/week @ 2025-02-23 2878434/week @ 2025-03-02 2661615/week @ 2025-03-09 2837902/week @ 2025-03-16 3290723/week @ 2025-03-23 2179519/week @ 2025-03-30 2285933/week @ 2025-04-06 1908723/week @ 2025-04-13 1859737/week @ 2025-04-20 1678768/week @ 2025-04-27

7,857,069 downloads per month
Used in 6,304 crates (107 directly)

Apache-2.0 OR MIT

470KB
10K SLoC

RustCrypto: ASN.1 DER

Crate Docs Build Status Apache2/MIT licensed Rust Version Project Chat

Pure Rust embedded-friendly implementation of the Distinguished Encoding Rules (DER) for Abstract Syntax Notation One (ASN.1) as described in ITU X.690.

Documentation

About

This crate provides a no_std-friendly implementation of a subset of ASN.1 DER necessary for decoding/encoding the following cryptography-related formats implemented as crates maintained by the RustCrypto project:

  • cms: Cryptographic Message Syntax
  • pkcs1: RSA Cryptography Specifications
  • pkcs5: Password-Based Cryptography Specification
  • pkcs8: Private-Key Information Syntax Specification
  • pkcs12: Personal Information Exchange Syntax
  • sec1: Elliptic Curve Cryptography
  • spki: X.509 Subject Public Key Info
  • x509-cert: Public Key Infrastructure Certificate
  • x509-ocsp: Online Certificate Status Protocol

The core implementation avoids any heap usage (with convenience methods that allocate gated under the off-by-default alloc feature).

The DER decoder in this crate performs checks to ensure that the input document is in canonical form, and will return errors if non-canonical productions are encountered. There is currently no way to disable these checks.

Features

  • Rich support for ASN.1 types used by PKCS/PKIX documents
  • Performs DER canonicalization checks at decoding time
  • no_std friendly: supports "heapless" usage
  • Optionally supports alloc and std if desired
  • No hard dependencies! Self-contained implementation with optional integrations with the following crates, all of which are no_std friendly:
    • const-oid: const-friendly OID implementation
    • pem-rfc7468: PKCS/PKIX-flavored PEM library with constant-time decoder/encoders
    • time crate: date/time library

License

Licensed under either of:

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

Dependencies

~0–500KB