PyASN1 Project Logo
Data model for ASN.1 types
Scalar types
Boolean type
Null type
Integer type
Enumerated type
Real type
Bit string type
OctetString type
ObjectIdentifier type
Character string types
Useful types
Constructed types
Sequence and Set types
SequenceOf and SetOf types
Choice type
Any type
Subtype constraints
Single value constraint
Value range constraint
Size constraint
Alphabet constraint
Constraint combinations
Github repo
Change log
Get ASN.1 library for Python at Fast, secure and Free Open Source software downloads

Implementing ASN.1 types in Python

Abstract Syntax Notation One (ASN.1) is a well established and heavily used technology for storing and exchanging structured data between programs and systems. Many Internet, encryption and telephony protocols define their operations in ASN.1 terms.

The pyasn1 library makes it easier for programmers and network engineers to develop, debug and experiment with ASN.1-based protocols using Python programming language as a tool.

ASN.1 is a set of ITU standards concered with provisioning instrumentation for developing data exchange protocols in a robust, clear and interoperabable way for various IT systems and applications. Most of the efforts are targeting the following areas:

  • Data structures: the standard introduces a collection of basic data types (similar to integers, bits, strings, arrays and records in a programming language) that can be used for defining complex, possibly nested data structures representing domain-specific data units.
  • Serialization protocols: domain-specific data units expressed in ASN.1 types could be converted into a series of octets for storage or transmission over the wire and then recovered back into their structured form on the receiving end. This process is immune to various hardware and software related dependencies.
  • Data description language: could be used to describe particular set of domain-specific data structures and their relationships. Such a description could be passed to an ASN.1 compiler for automated generation of program code that represents ASN.1 data structures in language-native environment and handles data serialization issues.

The algorithms implemented in the pyasn1 library are largely based on the information from ASN.1 - Communication between heterogeneous systems by Olivier Dubuisson and ASN.1 Complete by Prof John Larmouth. Another resource is A Layman's Guide to a Subset of ASN.1, BER, and DER by Burton S. Kaliski. Please refer to books above for getting proper understanding of ASN.1 design and internals.

As of this writing, pyasn1 library implements most of the standard ASN.1 data structures in a rather detailed and feature-rich manner. Another highly important capability of the library is its data serialization facilities.

There's a tool called asn1late which is an ASN.1 grammar parser paired to code generator capable of generating pyasn1 code. So this is an alternative (or at least a good start) to manual implementation of pyasn1 classes from ASN.1 specification.

The pyasn1 library was designed to follow the pre-1995 ASN.1 specification (also known as X.208). Later, post 1995, revision (X.680) introduced significant changes most of which have not yet been supported by pyasn1.

Although pyasn1 software is almost a decade old and used in many production environments, it still may have bugs and non-implemented pieces. Anyone who happens to run into such defect is welcome to complain to pyasn1 mailing list or better yet fix the issue and send me the patch.

Typically, pyasn1 is used for building arbitrary protocol support into various applications. This involves manual translation of ASN.1 data structures into their pyasn1 implementations. To save time and effort, data structures for some of the popular protocols are pre-programmed and kept for further re-use in form of the pyasn1-modules package. For instance, many structures for PKI (X.509, PKCS#*, CRMF, OCSP), LDAP and SNMP are present. Applications authors are advised to import and use relevant modules from that package whenever needed protocol structures are already there. New protocol modules contributions are welcome.

Both pyasn1 and pyasn1-modules libraries can be used out-of-the-box with Python versions 2.4 through 3.3. In other words, pyasn1 is Py3K compliant since release 0.1.1.

And finally, the latest pyasn1 package revision is freely available for download.

Need help? Try PyASN1 mailing lists or report to current maintainer.

Example modules:

RFC1155 (SNMP)
RFC1157 (SNMP)
RFC2251 (LDAP)
RFC2459 (X.509)