A New ASN.1 API for Python

If you’ve ever worked with cryptography, PKI schemes, or low-level networking in Python, you’ve likely encountered ASN.1. ASN.1 undergirds every TLS handshake (via X.509 path validation), provides the serialization layer for core internet protocols like LDAP, SNMP, and 3GPP, and generally operates as the lingua franca of cryptographic primitive and protocol representation. ASN.1’s critical role is complemented by a colorful security history: implementations of ASN.1’s encoding rules have historically been a rich source of memory corruption and denial-of-service vulnerabilities. Similarly, ASN.1’s presence at the lowest layers of the internet’s protocols makes performance and a lack of parser differentials a critical requirement. Python has multiple excellent ASN.1 implementations (like pyasn1, asn1, and asn1tools), but these generally fall into the latter category: being written purely in Python makes performance a concern, and integration into a stack where other ASN.1 parsers are u ... Read full article.