asn1crypto - Python ASN.1 library with a focus on performance and a pythonic API

  •        134

A fast, pure Python library for parsing and serializing ASN.1 structures. Python has long had the pyasn1 and pyasn1_modules available for parsing and serializing ASN.1 structures. While the project does include a comprehensive set of tools for parsing and serializing, the performance of the library can be very poor, especially when dealing with bit fields and parsing large structures such as CRLs.



Related Projects

forge - A native implementation of TLS in Javascript and tools to write crypto-based and network-heavy webapps

  •    Javascript

A native implementation of TLS (and various other cryptographic tools) in JavaScript. The Forge software is a fully native implementation of the TLS protocol in JavaScript, a set of cryptography utilities, and a set of tools for developing Web Apps that utilize many network resources.

certigo - A utility to examine and validate certificates in a variety of formats

  •    Go

Certigo is a utility to examine and validate certificates to help with debugging SSL/TLS issues.Supports all common file formats: Certigo can read and dump certificates in various formats. It can automatically detect and read from X.509 (DER/PEM), JCEKS, PKCS7 and PKCS12 files. Certificates can be dumped to a human-readable format, a set of PEM blocks, or a JSON object for use in scripting.

BouncyCastle - Lightweight Cryptography API for Java and CSharp

  •    Java

Bouncy Castle Crypto APIs is a lightweight cryptography API for Java and CSharp. It has provider for the Java Cryptography Extension and the Java Cryptography Architecture. It supports TLS, PKCS7, PKCS12, OpenPGP, S/MIME, OCSP, TSP, CMP, Extended Access Control, ASN and lot more.

jsrsasign - The 'jsrsasign' (RSA-Sign JavaScript Library) is an opensource free cryptography library supporting RSA/RSAPSS/ECDSA/DSA signing/validation, ASN

  •    HTML

The 'jsrsasign' (RSA-Sign JavaScript Library) is an opensource free cryptography library supporting RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp, CAdES JSON Web Signature/Token/Key in pure JavaScript.Public page is .

Dogtag - Certificate System

  •    Java

The Dogtag Certificate System is an enterprise-class open source Certificate Authority (CA). It is a full-featured system, and has been hardened by real-world deployments. It supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management, and much more. It supports Certificate issuance, revocation, and retrieval, Certificate Revocation List (CRL) generation and publishing, Encryption key archival and recovery and lot more.

Cryptlib - provides Encryption and Authentication Service

  •    C

cryptlib is a powerful security toolkit that allows even inexperienced crypto programmers to easily add encryption and authentication services to their software. It provides support for S/MIME and PGP/OpenPGP secure enveloping, SSL/TLS and SSH secure sessions, CA services such as CMP, SCEP, RTCS, and OCSP, and other security operations such as secure timestamping.

pem - Create private keys and certificates with node.js

  •    Javascript

Here are some examples for creating an SSL key/cert on the fly, and running an HTTPS server on port 443. 443 is the standard HTTPS port, but requires root permissions on most systems. To get around this, you could use a higher port number, like 4300, and use https://localhost:4300 to access your server. Please have a look into the API documentation.


  •    Shell

EasyCA is a front-end for managing X509 certificates. It is a shell based administration tool using the OpenSSL software for signing, generating server/client certificates, maintaining the CRL incl. backup amp; restore. No dependencies on other software.

cli - A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.

  •    Go

step is a zero trust swiss army knife. It’s an easy-to-use and hard-to-misuse utility for building, operating, and automating systems that use zero trust technologies like authenticated encryption (X.509, TLS), single sign-on (OAuth OIDC, SAML), multi-factor authentication (OATH OTP, FIDO U2F), encryption mechanisms (JSON Web Encryption, NaCl), and verifiable claims (JWT, SAML assertions). For more information and docs see the step website and the blog post announcing step.

WinRT Bouncy Castle


The Bouncy Castle API provides many cryptoghraphic APIs to every developpers. It is a port targetting WinRT (Windows Store apps & WP8) of the original C# branch

Certificate Request (PKCS#10) Generator


A .NET application that can create PKCS#10 Certificate Requests, either by generating a new key or reusing a preexisting one. Minimum requirement : Windows Vista and above. .NET 2.0.

Digital Wallet

  •    DotNet

e-Wallet is a WPF application that allows you to store sensitive information such as online banking accounts or user names and passwords, and protect all of that information securely with a single password or a digital certificate.

kekeo - A little toolbox to play with Microsoft Kerberos in C

  •    C

In kekeo, I use an external commercial library to deal with Kerberos ASN.1 structures: OSS ASN.1/C ( It was the only code generator/library that I've found to work easily with Microsoft C project. You can't build kekeo out-of-the-box, you'have to generate C files and link with OSS libraries.


  •    Java

The PKI Framework (PKIF) is a cross-platform library for performing PKIX-compliant certificate processing. It includes support for SCVP, OCSP, CMS and Timestamps. It uses Windows CAPI, NSS or Crypto++ for cryptographic services and hardware support.

X509 Certificate management tools


Windows based utilities for viewing and managing X509 certificates. Intended to be a replacement/addition for the standard MMC certificate viewer.

halite - High-level cryptography interface powered by libsodium

  •    PHP

Halite is a high-level cryptography interface that relies on libsodium for all of its underlying cryptography operations. Halite was created by Paragon Initiative Enterprises as a result of our continued efforts to improve the ecosystem and make cryptography in PHP safer and easier to implement.

PAM X509 Authentication Module

  •    C

PAM module which will authenticate user by X509 certificates. Keys must be provided in some automountable location. As storage may be used usb steaks, bluetooth storage devices... Mainly intended for password-less authentication on single user clients pc

elliptic - Fast Elliptic Curve Cryptography in plain javascript

  •    Javascript

Fast elliptic-curve cryptography in a plain javascript implementation.NOTE: Please take a look at before choosing a curve for your cryptography operations.

awesome-cryptography - A curated list of cryptography resources and links.

  •    Javascript

A curated list of cryptography resources and links. Your contributions are always welcome! Please take a look at the contribution guidelines first.