Difference in key generation with genpkey and genrsa

vico

8/16/23, 1:40 PM

What is the difference in key generation with commands below?

openssl genpkey -algorithm RSA -out key1.pem

key1.pem content:

-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----

openssl genrsa -out key2.pem

key2.pem content:

-----BEGIN RSA PRIVATE KEY-----
...
-----END RSA PRIVATE KEY-----

0 + 0

openssl

forest

8/17/23, 1:10 AM

Are you asking how the internal key generation routine differs?

Score:3

Crypto

dave_thompson_085

8/17/23, 6:06 AM

Mostly crossdupe https://stackoverflow.com/questions/20065304/differences-between-begin-rsa-private-key-and-begin-private-key

In reasonably recent versions of OpenSSL there is no difference in the key generation done by default, as you used. In 1.0.0 (in 2010) genrsa defaulted to 512 bits while genpkey defaulted to 1024 bits, and of course in 0.9.x genpkey didn't exist. Across all versions which have both commands there are differences in the other options you can add, some of which alter key generation.

The output formats are different, but contain effectively the same information and can be converted easily and losslessly. As in the Q linked above:

PEM type [BEGIN/END] RSA PRIVATE KEY is OpenSSL's 'traditional' or 'legacy' format, whose contents are defined by PKCS1v2.0 = RFC2437 section 11.1.2 (moved to Appendix C in later versions but v2.0 is close to when SSLeay used it, which later became OpenSSL).

In PEM (but not DER), there is also an encrypted traditional/PKCS1 form using the same label but adding header lines for Proc-type and DEK-info.
PEM type [BEGIN/END] PRIVATE KEY is defined by RFC7468 section 10 with contents defined by PKCS8 = RFC5208 section 5 which was added to OpenSSL about 1999 but described as 'new' until about 2015. The PKCS8 format handles multiple cryptographic algorithms (not just RSA) by containing an 'AlgorithmIdentifier' (a specific ASN.1 syntax borrowed from X.509/PKIX=RFC5280 sections 4.1.1.2, 4.1.2.3, 4.1.2.7 plus wrapped algorithm-specific data which for RSA is the same PKCS1 structure above.

There is also an encrypted PKCS8 form with PEM type [BEGIN/END] ENCRYPTED PRIVATE KEY -- see the sections in RFC7468 and RFC5208 just after the links above. This encrypted form is also supported in DER, but that is not relevant to your Q.

Traditional format can be converted to unencrypted PKCS8 by

openssl pkey -in old -out new # in 1.0.0 up 
openssl pkcs8 -topk8 -nocrypt -in old -out new # in all versions

and PKCS8 format can be converted to unencrypted PKCS1 by

openssl rsa -in new -out old

There are also conversions to the encrypted forms, which genrsa and genpkey can also produce but do not do so by default.

0 + 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Difference in key generation with genpkey and genrsa

TH: ความแตกต่างของการสร้างคีย์ด้วย genpkey และ genrsa

RO: Diferență în generarea cheii cu genpkey și genrsa

RU: Разница в генерации ключей с помощью genpkey и genrsa

VI: Sự khác biệt trong việc tạo khóa với genpkey và genrsa

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.