Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Synta Python Bindings

Synta is a high-performance Rust ASN.1 library. This book documents its Python bindings — a native extension module built with PyO3 and maturin.

What the bindings provide

The synta Python package exposes Rust types directly to Python, providing near-native performance while preserving Python’s ease of use:

  • Core ASN.1 codecDecoder, Encoder, all primitive types (Integer, OctetString, ObjectIdentifier, BitString, Boolean, Real, Null, string types, time types, TaggedElement, RawElement).

  • X.509 PKI — parse Certificate, CertificationRequest, CertificateList, and OCSPResponse; extract bundles from PKCS#7 and PKCS#12 archives; build CRLs and OCSP responses; verify certificate chains; encode X.509 extension values.

  • CMS cryptography — full RFC 5652 and RFC 9629 type coverage: ContentInfo, SignedData/SignerInfo, EnvelopedData, EncryptedData, DigestedData, AuthenticatedData, and CMS-KEM types.

  • Protocol schemas — Kerberos V5 and PKINIT (synta.krb5), SPNEGO (synta.spnego), RFC 3279 algorithm parameters (synta.pkixalgs), Attribute Certificates (synta.ac), CRMF (synta.crmf), CMP (synta.cmp), PKCS#8 (synta.pkcs8), Microsoft PKI extensions (synta.ms_pki), and Merkle Tree Certificates (synta.mtc).

  • OID constants — 70+ well-known OIDs and helper functions in synta.oids and synta.oids.attr.

Implementation notes

The extension module is implemented in the synta-python workspace crate, which compiles to a cdylib named _synta and is installed as synta._synta by maturin. Three Rust crates contribute to the module surface:

Rust crateContributes
syntaEncoding, Decoder, Encoder, all primitive types
synta-certificateObjectIdentifier, Certificate, CertificationRequest, CertificateList, OCSPResponse, PublicKey, PrivateKey, PKCS#7/12 loaders, synta.oids, and all protocol schema submodules
synta-krb5synta.krb5 submodule: Krb5PrincipalName + PKINIT classes
synta-x509-verificationsynta.x509 submodule: TrustStore, CrlStore, VerificationPolicy, chain verification functions

How to navigate this book

  • Installation and Building — how to build the wheel from source and install it.
  • Quick Start — minimal decode and encode examples to get started immediately.
  • Module Layout — the full synta module tree.
  • Core ASN.1 Codec — the Decoder, Encoder, and all primitive types.
  • X.509 PKI — certificate parsing, PKCS#7/12, extension builders, chain verification, and PyCA interoperability.
  • CMS Cryptography — all CMS content types and their builders.
  • Protocol Schemas — Kerberos, SPNEGO, and other protocol-specific schemas.
  • OID Reference — tables of well-known OID constants.
  • Performance and Development — benchmark results and how to build and test the library.
  • Example Programs — 28 runnable example programs covering every binding.

For the Rust API, code-generation tutorial, and ASN.1 schema authoring see docs/tutorial.md.