OPENSSL中PEM_read_bio_RSAPublicKey和PEM_read_bio_RSA_PUBKEY的区别

PEM_write,read*_RSAPublicKey and also i2d,d2i_RSAPublicKey write and
read an encoding specific for and limited to RSA keys defined by PKCS#1.
Similarly *_DSAPublicKey use a specific encoding for DSA (and DH) and
*_ECPublicKey for EC(DSA/DH).

write,read,i2d,d2i_RSA,etc_PUBKEY use the generic encoding from X.509
for SubjectPublicKeyInfo, which combines an OID stating the algorithm,
an alg-dependent piece containing the key/algorithm 'parameters'
if separate from the key proper (e.g. for DSA/DH you can have P,Q,G
in parameters and only Y as the key) or NULL if no such parameters,
then the key (also alg-dependent). RSA has no parameters (NULL).

write,read,i2d,d2i_PUBKEY use the generic encoding to handle any
(supported) algorithm in a generic EVP_PKEY structure. Since your code
is using EVP_* (as recommended), you could support other algorithms
with I believe no code changes other than reading the key(s).
Plus generating/managing different keys but that can be external.

In fact d2i_RSA_PUBKEY just calls d2i_PUBKEY and if the result alg
is RSA returns the RSA 'part'. Similarly for other algs and PEM_read.

For PEM files you can see the difference in the label. The first form
are "BEGIN RSA PUBLIC KEY", "BEGIN DSA PUBLIC KEY" etc. The second form
are "BEGIN PUBLIC KEY" and if you asn1parse it you see it has near the
beginning an 'OBJECT' (OID) which is rsaEncryption or dsaEncryption etc.

There is a similar choice on the private-key side, where there are
specific encodings for each algorithm, and a PKCS#8 generic encoding.

参考链接

你可能感兴趣的:(openssl,rsa)