RustCrypto: ASN.1 DER

Pure Rust embedded-friendly implementation of the Distinguished Encoding Rules (DER) for Abstract Syntax Notation One (ASN.1) as described in ITU X.690.

Documentation

About

This crate provides a no_std-friendly implementation of a subset of ASN.1 DER necessary for decoding/encoding the following cryptography-related formats implemented as crates maintained by the RustCrypto project:

• cms: Cryptographic Message Syntax
• pkcs1: RSA Cryptography Specifications
• pkcs5: Password-Based Cryptography Specification
• pkcs8: Private-Key Information Syntax Specification
• pkcs12: Personal Information Exchange Syntax
• sec1: Elliptic Curve Cryptography
• spki: X.509 Subject Public Key Info
• x509-cert: Public Key Infrastructure Certificate
• x509-ocsp: Online Certificate Status Protocol

The core implementation avoids any heap usage (with convenience methods that allocate gated under the off-by-default alloc feature).

The DER decoder in this crate performs checks to ensure that the input document is in canonical form, and will return errors if non-canonical productions are encountered. There is currently no way to disable these checks.

Features

• Rich support for ASN.1 types used by PKCS/PKIX documents
• Performs DER canonicalization checks at decoding time
• no_std friendly: supports "heapless" usage
• Optionally supports alloc and std if desired
• No hard dependencies! Self-contained implementation with optional integrations with the following crates, all of which are no_std friendly:
  • const-oid: const-friendly OID implementation
  • pem-rfc7468: PKCS/PKIX-flavored PEM library with constant-time decoder/encoders
  • time crate: date/time library

License

Licensed under either of:

• Apache License, Version 2.0
• MIT license

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.