You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There is no such thing as a PKCS#8 public key. What is used when decoding a "PKCS#8 public key" in this library is called a "SubjectPublicKeyInfo" or "spki" for short.
The PKCS#8 only describes (possibly encrypted) private keys. As these private keys also contain a key type / algorithm they have the same role as SubjectPublicKeyInfo (this is why they don't need the algorithm description in the PEM header, i.e. PRIVATE / PUBLIC KEY instead of RSA PRIVATE / PUBLIC KEY).
I think it would be best to add a "SubjectPublicKeyInfo" or "spki" encoding / decoding format for the Import/Export keys
functionality, and explain that "pkcs8" can also be used to encode / decode formats for backwards compatibility.
The SubjectPublicKeyInfo format is specified in the X.509 specifications (which is why they are known as "X509" in Java, but I think "spki" is better and more commonplace). Of course, the BIT STRING simply contains the PKCS#1 encoded public key for RSA.
The text was updated successfully, but these errors were encountered:
There is no such thing as a PKCS#8 public key. What is used when decoding a "PKCS#8 public key" in this library is called a "SubjectPublicKeyInfo" or "spki" for short.
The PKCS#8 only describes (possibly encrypted) private keys. As these private keys also contain a key type / algorithm they have the same role as SubjectPublicKeyInfo (this is why they don't need the algorithm description in the PEM header, i.e. PRIVATE / PUBLIC KEY instead of RSA PRIVATE / PUBLIC KEY).
I think it would be best to add a
"SubjectPublicKeyInfo"or"spki"encoding / decoding format for the Import/Export keysfunctionality, and explain that "pkcs8" can also be used to encode / decode formats for backwards compatibility.
The SubjectPublicKeyInfo format is specified in the X.509 specifications (which is why they are known as
"X509"in Java, but I think"spki"is better and more commonplace). Of course, the BIT STRING simply contains the PKCS#1 encoded public key for RSA.The text was updated successfully, but these errors were encountered: