I have the impression that
public_key libaries overlap on several functionalities.
- additional functions to manipulate certificates and
- a (simplier?) api to derive “pem” “der” encoded contents
What is the purpose of
crypto and when should I use in place of
crypto is essentially a thin wrapper around the crypto primitives provided by OpenSSL (or equivalent), with the core functionality implemented in NIFs.
public_key provides APIs for working with PKI in the broad sense, including certificates and other ASN.1 data structures. It also implements some high level wrappers for asymmetric crypto operations around the low-level primitives provided by
crypto, using convenient records for the public key and private key arguments. Those records are the same ones returned when parsing e.g. PEM or DER files.
You should generally use
crypto for symmetrical cryptography and random number generation, but avoid the low-level functions for asymmetrical cryptography, and use the ones from