Crate spki

source · []
Expand description

RustCrypto: X.509 Subject Public Key Info (SPKI)

crate Docs Build Status Apache2/MIT licensed Rust Version Project Chat

X.509 Subject Public Key Info types describing public keys as well as their associated AlgorithmIdentifiers (i.e. OIDs).

Specified in RFC 5280 § 4.1.


Minimum Supported Rust Version

This crate requires Rust 1.57 at a minimum.

We may change the MSRV in the future, but it will be accompanied by a minor version bump.


Licensed under either of:

at your option.


Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.


The following example demonstrates how to use an OID as the parameters of an AlgorithmIdentifier.

Borrow the ObjectIdentifier first then use der::AnyRef::from or .into():

use spki::{AlgorithmIdentifier, ObjectIdentifier, der::AnyRef};

let alg_oid = "1.2.840.10045.2.1".parse::<ObjectIdentifier>().unwrap();
let params_oid = "1.2.840.10045.3.1.7".parse::<ObjectIdentifier>().unwrap();

let alg_id = AlgorithmIdentifier {
    oid: alg_oid,
    parameters: Some(AnyRef::from(&params_oid))


pub use der;


X.509 AlgorithmIdentifier as defined in RFC 5280 Section

ASN.1 DER-encoded document.

Object identifier (OID).

X.509 SubjectPublicKeyInfo (SPKI) as defined in RFC 5280 §


Error type


Parse a public key object from an encoded SPKI document.

Serialize a public key object to a SPKI-encoded document.

Type Definitions


Raw bytes of a SPKI fingerprint i.e. SHA-256 digest of SubjectPublicKeyInfo’s DER encoding.

Result type with spki crate’s Error type.