Public_key vs crypto - when to use each?


I have the impression that crypto and public_key libaries overlap on several functionalities.

public_key offers

  • additional functions to manipulate certificates and
  • a (simplier?) api to derive “pem” “der” encoded contents

What is the purpose of crypto and when should I use in place of public_key?



crypto is essentially a thin wrapper around the crypto primitives provided by OpenSSL (or equivalent), with the core functionality implemented in NIFs.

public_key provides APIs for working with PKI in the broad sense, including certificates and other ASN.1 data structures. It also implements some high level wrappers for asymmetric crypto operations around the low-level primitives provided by crypto, using convenient records for the public key and private key arguments. Those records are the same ones returned when parsing e.g. PEM or DER files.

You should generally use crypto for symmetrical cryptography and random number generation, but avoid the low-level functions for asymmetrical cryptography, and use the ones from public_key instead.