Componentpedia / Listings / rustls-pemfile

Last update: 30/04/2026

rustls-pemfile

Basic parser for PEM formatted keys and certificates

Latest version: 2.2.0 registry icon
Maintenance score
29
Safety score
0
Popularity score
74
Check your open source dependency risks. Get immediate insight about security, stability and licensing risks.
De-risk your app now
Security
  Vulnerabilities
Version Suggest Low Medium High Critical
2.2.0 0 0 1 0 0
2.1.3 0 0 1 0 0
2.1.2 0 0 1 0 0
2.1.1 0 0 1 0 0
2.1.0 0 0 1 0 0
2.0.0 0 0 1 0 0
1.0.4 0 0 1 0 0
1.0.3 0 0 1 0 0
1.0.2 0 0 1 0 0
1.0.1 0 0 1 0 0
1.0.0 0 0 1 0 0
0.3.0 0 0 1 0 0
0.2.1 0 0 1 0 0
0.2.0 0 0 1 0 0
0.1.0 0 0 1 0 0

Stability
Latest release:

2.2.0 - This version may not be safe as it has not been updated for a long time. Find out if your coding project uses this component and get notified of any reported security vulnerabilities with Meterian-X Open Source Security Platform

Licensing

Maintain your licence declarations and avoid unwanted licences to protect your IP the way you intended.

MIT   -   MIT License

Not a wildcard

Not proprietary

OSI Compliant

Apache-2.0   -   Apache License 2.0

Not a wildcard

Not proprietary

OSI Compliant

ISC   -   ISC License

Not a wildcard

Not proprietary

OSI Compliant

rustls-pemfile

This is a basic parser for PEM-encodings commonly used for storing keys and certificates at rest.

It doesn't support reading encrypted keys: the cryptography standardised for this is typically very poor and doing so doesn't address a meaningful threat model.

Build Status Crate Documentation

See also: rustls-pki-types

The main function of this crate has been incorporated into rustls-pki-types. 2.2.0 maintains the existing public API for this crate, on top of this new implementation. This drops the dependency on the base64 crate, and allows for constant-time decoding of private keys.

This crate will continue to exist in its current form, but it is somewhat unlikely that the API will be extended from its current state.

Should you wish to migrate to using the new rustls-pki-types PEM APIs directly, here is a rough cheat-sheet:

Use case Replace
File stream to CertificateDer iterator rustls_pemfile::certs(io::BufRead)
➡️
CertificateDer::pem_reader_iter(io::Read)
File stream to one PrivateKeyDer rustls_pemfile::private_key(io::BufRead)
➡️
PrivateKeyDer::from_pem_reader(io::Read)
File stream to one CertificateSigningRequestDer rustls_pemfile::csr(io::BufRead)
➡️
CertificateSigningRequestDer::from_pem_reader(io::Read)
File stream to CertificateRevocationListDer iterator rustls_pemfile::crls(io::BufRead)
➡️
CertificateRevocationListDer::pem_reader_iter(io::Read)
File stream to PrivatePkcs1KeyDer iterator rustls_pemfile::rsa_private_keys(io::BufRead)
➡️
PrivatePkcs1KeyDer::pem_reader_iter(io::Read)
File stream to PrivatePkcs8KeyDer iterator rustls_pemfile::pkcs8_private_keys(io::BufRead)
➡️
PrivatePkcs8KeyDer::pem_reader_iter(io::Read)
File stream to PrivateSec1KeyDer iterator rustls_pemfile::ec_private_keys(io::BufRead)
➡️
PrivateSec1KeyDer::pem_reader_iter(io::Read)
File stream to SubjectPublicKeyInfoDer iterator rustls_pemfile::public_keys(io::BufRead)
➡️
SubjectPublicKeyInfoDer::pem_reader_iter(io::Read)

Changelog

The detailed list of changes in each release can be found at https://github.com/rustls/pemfile/releases.

License

rustls-pemfile is distributed under the following three licenses:

  • Apache License version 2.0.
  • MIT license.
  • ISC license.

These are included as LICENSE-APACHE, LICENSE-MIT and LICENSE-ISC respectively. You may use this software under the terms of any of these licenses, at your option.