https://github.com/rustls/pemfile
Basic parser for PEM formatted keys and certificates
https://github.com/rustls/pemfile
rust rustls-pemfile
Last synced: 8 months ago
JSON representation
Basic parser for PEM formatted keys and certificates
- Host: GitHub
- URL: https://github.com/rustls/pemfile
- Owner: rustls
- License: other
- Created: 2020-12-27T12:14:06.000Z (about 5 years ago)
- Default Branch: main
- Last Pushed: 2024-12-06T19:13:51.000Z (about 1 year ago)
- Last Synced: 2025-06-08T00:08:38.064Z (8 months ago)
- Topics: rust, rustls-pemfile
- Language: Rust
- Homepage:
- Size: 209 KB
- Stars: 60
- Watchers: 9
- Forks: 19
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# rustls-pemfile
This is a basic parser for PEM-encodings commonly used for storing keys and certificates at rest.
It doesn't support reading encrypted keys: the cryptography standardised for this is typically very
poor and doing so doesn't address a meaningful threat model.
[](https://github.com/rustls/pemfile/actions)
[](https://crates.io/crates/rustls-pemfile)
[](https://docs.rs/rustls-pemfile/)
# See also: rustls-pki-types
The main function of this crate has been incorporated into
[rustls-pki-types](https://crates.io/crates/rustls-pki-types). 2.2.0 maintains the
existing public API for this crate, on top of this new implementation. This drops
the dependency on the `base64` crate, and allows for constant-time decoding of private keys.
This crate will continue to exist in its current form, but it is somewhat unlikely that the
API will be extended from its current state.
Should you wish to migrate to using the new [`rustls-pki-types` PEM APIs](https://docs.rs/rustls-pki-types/latest/rustls_pki_types/pem/trait.PemObject.html)
directly, here is a rough cheat-sheet:
| *Use case* | *Replace* |
|---|---|
| File stream to `CertificateDer` iterator |`rustls_pemfile::certs(io::BufRead)`
➡️
`CertificateDer::pem_reader_iter(io::Read)` |
| File stream to one `PrivateKeyDer` | `rustls_pemfile::private_key(io::BufRead)`
➡️
`PrivateKeyDer::from_pem_reader(io::Read)` |
| File stream to one `CertificateSigningRequestDer` | `rustls_pemfile::csr(io::BufRead)`
➡️
`CertificateSigningRequestDer::from_pem_reader(io::Read)` |
| File stream to `CertificateRevocationListDer` iterator |`rustls_pemfile::crls(io::BufRead)`
➡️
`CertificateRevocationListDer::pem_reader_iter(io::Read)` |
| File stream to `PrivatePkcs1KeyDer` iterator |`rustls_pemfile::rsa_private_keys(io::BufRead)`
➡️
`PrivatePkcs1KeyDer::pem_reader_iter(io::Read)` |
| File stream to `PrivatePkcs8KeyDer` iterator |`rustls_pemfile::pkcs8_private_keys(io::BufRead)`
➡️
`PrivatePkcs8KeyDer::pem_reader_iter(io::Read)` |
| File stream to `PrivateSec1KeyDer` iterator |`rustls_pemfile::ec_private_keys(io::BufRead)`
➡️
`PrivateSec1KeyDer::pem_reader_iter(io::Read)` |
| File stream to `SubjectPublicKeyInfoDer` iterator |`rustls_pemfile::public_keys(io::BufRead)`
➡️
`SubjectPublicKeyInfoDer::pem_reader_iter(io::Read)` |
# Changelog
The detailed list of changes in each release can be found at
https://github.com/rustls/pemfile/releases.
# License
rustls-pemfile is distributed under the following three licenses:
- Apache License version 2.0.
- MIT license.
- ISC license.
These are included as LICENSE-APACHE, LICENSE-MIT and LICENSE-ISC
respectively. You may use this software under the terms of any
of these licenses, at your option.