概要
通俗講,PKCS1是標准RSA秘鑰對標准規范,但是都是裸奔的;
PKCS8是對加密后的秘鑰進行了描述,就是說P8格式的秘鑰不是裸奔了
PKCS1私鑰生成
openssl genrsa -out private.pem 1024
PKCS1格式的private.pem 內容如下
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQC5BW6T9GVaaG/epGDjPpY3wN0DrBt+NojvxkEgpUdOAxgAepqe
...
TbzKH/LEqZN8WVau3bf41yAx2YoaOsIJJtOUTYcfh14=
-----END RSA PRIVATE KEY-----
PKCS1私鑰轉換為PKCS8(該格式一般Java調用)
openssl pkcs8 -topk8 -inform PEM -in private.pem -outform pem -nocrypt -out pkcs8.pem
pkcs8.pem文件內容
-----BEGIN PRIVATE KEY-----
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALkFbpP0ZVpob96k
...
wgkm05RNhx+HXg==
-----END PRIVATE KEY-----