X-Git-Url: http://www.git.cypherpunks.ru/?p=pyderasn.git;a=blobdiff_plain;f=doc%2Ffeatures.rst;h=fd7bb7d71df35a275abdf52c5e8d904fa6fd62dd;hp=34fe9419d3b6f4aa30dcc9f19a52c6843d68570c;hb=HEAD;hpb=13ea772db7870683065ac15197888cd037df78f0 diff --git a/doc/features.rst b/doc/features.rst index 34fe941..5cfabee 100644 --- a/doc/features.rst +++ b/doc/features.rst @@ -1,15 +1,19 @@ +.. _features: + Features ======== -* BER/CER/DER decoding, DER encoding +* BER/CER/DER decoding, strict DER validation, DER/CER encoding * Basic ASN.1 data types (X.208): BOOLEAN, INTEGER, BIT STRING, OCTET STRING, NULL, OBJECT IDENTIFIER, ENUMERATED, all strings, UTCTime, GeneralizedTime, CHOICE, ANY, SEQUENCE (OF), SET (OF) * Size :ref:`constraints ` checking * Working with sequences as high level data objects with ability to (un)marshall them -* Python 2.7/3.5/3.6 compatibility +* Python 3.5+ compatibility (2.7 dropped in version 9.0) * Aimed to be complaint with `X.690-201508 `__ +* Streaming decoding and encoding capabilities, allowing working with + very small memory footprint Why yet another library? `pyasn1 `__ had all of this a long time ago. PyDERASN resembles it in many ways. In @@ -18,7 +22,6 @@ practice it should be relatively easy to convert ``pyasn1``'s code to Also there is `asn1crypto `__. * Small, simple and trying to be reviewable code. Just a single file - with `six `__ dependency * Ability to know :ref:`exact decoded ` objects offsets and lengths inside the binary * Automatic decoding of :ref:`DEFINED BY ` fields @@ -34,10 +37,19 @@ Also there is `asn1crypto `__. structures allow BER encoding for the whole message, except for ``SignedAttributes`` -- you can easily verify your CMS satisfies that requirement +* Ability to use mmap-ed files, memoryviews, iterators, 2-pass DER + encoding mode and CER encoder dealing with the writer, giving ability + to create huge ASN.1 encoded files with very little memory footprint +* Ability to decode files in event generation mode, without the need to + keep all the data and decoded structures (that takes huge quantity of + memory in all known ASN.1 libraries) in the memory +* ``__slots__``, ``copy.copy()`` friendliness +* Workability with ``pickle`` +* `Cython `__ compatibility * Extensive and comprehensive `hypothesis `__ driven tests coverage. It also has been fuzzed with - `python-afl `__. + `python-afl `__ * Some kind of strong typing: SEQUENCEs require the exact **type** of settable values, even when they are inherited (assigning ``Integer`` to the field with the type ``CMSVersion(Integer)`` is not allowed) @@ -47,38 +59,20 @@ Also there is `asn1crypto `__. automatically set required tags) * Descriptive errors, like ``pyderasn.DecodeError: UTCTime (tbsCertificate:validity:notAfter:utcTime) (at 328) invalid UTCTime format`` -* ``__slots__`` friendliness +* Could be significantly :ref:`faster ` and have lower memory usage * :ref:`Pretty printer ` and :ref:`command-line decoder `, that could conveniently replace utilities like either ``dumpasn1`` or ``openssl asn1parse`` -* Could be significantly faster and have lower memory usage. - For example parsing of CACert.org's CRL (8.48 MiB) on FreeBSD 12.0 - amd64, Intel Core i5-6200U 2.3 GHz machine, Python 3.5.5/2.7.15: - .. list-table:: - :widths: 15 45 20 20 - :header-rows: 1 + .. figure:: pprinting.webp + :alt: Pretty printing example output - * - Library - - Command - - Time, sec (Py3/Py2) - - Memory used, MiB (Py3/Py2) - * - pyasn1 0.4.5 - - ``der_decode(data, asn1Spec=rfc5280.CertificateList())`` - - 1257 / 1302 - - 1327 / 2093 - * - asn1crypto 0.24.0 - - ``asn1crypto.crl.CertificateList.load(data).native`` - - 29.3 / 43.8 - - 983 / 1677 - * - pyderasn 4.9 - - ``CertificateList().decode(data)`` (CertificateList is - converted ``pyasn1`` scheme definition) - - 27.6 / 32.5 - - 498 / 488 + An example of pretty printed X.509 certificate with automatically + parsed DEFINED BY fields. +* :ref:`ASN.1 browser ` -There are drawbacks: + .. figure:: browser.webp + :alt: ASN.1 browser example -* No old Python versions support -* See :ref:`limitations ` + An example of browser running.