用于 RSA 私钥的 PKCS#1 和 PKCS#8 格式 [英] PKCS#1 and PKCS#8 format for RSA private key

问题描述

有人可以帮助我了解 RSA 密钥是如何以这些格式存储的吗?我想知道 PKCS 格式与编码(DER，PEM)之间的区别.据我了解，PEM 更具人类可读性.密钥/证书的 PEM/DER 是否类似于字符的 UTF-8/16?DER/PEM 的意义是什么?抱歉问题太多，但受够了谷歌搜索和模糊的答案.谢谢.

Can some one help me understand how an RSA key literally is stored in these formats? I would like to know the difference between the PKCS formats vs Encodings(DER, PEM). From what I understand PEM is more human readable. Is PEM/DER for keys/certs similar to UTF-8/16 for characters? What is the significance of DER/PEM? Sorry too many questions but fed up googling and getting vague answers. Thanks.

推荐答案

PKCS#1 和 PKCS#8(公钥加密标准)是管理特定加密原语、填充等使用的标准.两者都定义了文件格式用于存储密钥、证书和其他相关信息.

PKCS#1 and PKCS#8 (Public-Key Cryptography Standard) are standards that govern the use of particular cryptographic primitives, padding, etc. Both define file formats that are used to store keys, certificates, and other relevant information.

PEM (Privacy-Enhanced Mail) 和 DER (Distinguished Encoding Rules) 更有趣一些.DER 是密钥和证书等的 ASN.1 编码，您可以在 Google 上搜索到很多信息.私钥和证书使用 DER 编码，可以像这样直接保存.但是，这些文件是二进制文件，无法轻松复制和粘贴，因此许多(如果不是大多数?)实现也接受 PEM 编码文件.PEM 基本上是 base64 编码的 DER:我们添加一个标头、可选的元数据和 base64 编码的 DER 数据，我们就有了一个 PEM 文件.

PEM (Privacy-Enhanced Mail) and DER (Distinguished Encoding Rules) are a little bit more interesting. DER is the ASN.1 encoding for keys and certificates etc., which you'll be able to Google plenty about. Private keys and certificates are encoded using DER and can be saved directly like this. However, these files are binary and can't be copied and pasted easily, so many (if not most?) implementations accept PEM encoded files also. PEM is basically base64 encoded DER: we add a header, optional meta-data, and the base64 encoded DER data and we have a PEM file.

这篇关于用于 RSA 私钥的 PKCS#1 和 PKCS#8 格式的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！