A New ASN.1 API for Python

Summary

If you’ve ever worked with cryptography, PKI schemes, or low-level networking in Python, you’ve likely encountered ASN.1. ASN.1 undergirds every TLS handshake (via X.509 path validation), provides the serialization layer for core internet protocols like LDAP, SNMP, and 3GPP, and generally operates as the lingua franca of cryptographic primitive and protocol representation.ASN.1’s critical role is complemented by a colorful security history: implementations of ASN.1’s encoding rules have historically been a rich source of memory corruption and denial-of-service vulnerabilities. Similarly, ASN.1’s presence at the lowest layers of the internet’s protocols makes performance and a lack of parser differentials a critical requirement.Python has multiple excellent ASN.1 implementations (like pyasn1, asn1, and asn1tools), but these generally fall into the latter category: being written purely in Python makes performance a concern, and integration into a stack where other ASN.1 parsers are used (e.g., at the X.509 layer) introduces a differential risk.We’re changing that: with the help of funding from Alpha-Omega, we’re building an ASN.1 API for PyCA Cryptography that addresses three key shortcomings in the Python ecosystem today:Performance: This new API will use a pure Rust ASN.1 parser, giving us close-to-native parsing performance.Differential reduction: The parser mentioned above is already used by PyCA Cryptography for its X.509 APIs. This will reduce the need for “mix and match” approaches to ASN.1 parsing, which in turn drive differential vulnerabilities.Modernization: The new API will expose a declarative dataclasses style interface replete with type hints, making it familiar, idiomatic, and compatible with type checkers.For example, an ASN.1 definition like this:Doohickies ::= SEQUENCE { tschotchkes OCTET STRING, baubles INTEGER, knickknacks UTF8String, whatchamacallits SEQUENCE OF OBJECT IDENTIFIER, gizmos SET OF GeneralizedTime OPTIONAL }…will correspond to t...