import "golang.org/x/crypto/pkcs12"
Package pkcs12 implements some of PKCS#12.
This implementation is distilled from https://tools.ietf.org/html/rfc7292 and referenced documents. It is intended for decoding P12/PFX-stored certificates and keys for use with the crypto/tls package.
bmp-string.go crypto.go errors.go mac.go pbkdf.go pkcs12.go safebags.go
var (
// ErrDecryption represents a failure to decrypt the input.
ErrDecryption = errors.New("pkcs12: decryption error, incorrect padding")
// ErrIncorrectPassword is returned when an incorrect password is detected.
// Usually, P12/PFX data is signed to be able to verify the password.
ErrIncorrectPassword = errors.New("pkcs12: decryption password incorrect")
)func Decode(pfxData []byte, password string) (privateKey interface{}, certificate *x509.Certificate, err error)
Decode extracts a certificate and private key from pfxData. This function assumes that there is only one certificate and only one private key in the pfxData.
ConvertToPEM converts all "safe bags" contained in pfxData to PEM blocks.
Code:
p12, _ := base64.StdEncoding.DecodeString(`MIIJzgIBAzCCCZQGCS ... CA+gwggPk==`)
blocks, err := ToPEM(p12, "password")
if err != nil {
panic(err)
}
var pemData []byte
for _, b := range blocks {
pemData = append(pemData, pem.EncodeToMemory(b)...)
}
// then use PEM data for tls to construct tls certificate:
cert, err := tls.X509KeyPair(pemData, pemData)
if err != nil {
panic(err)
}
config := &tls.Config{
Certificates: []tls.Certificate{cert},
}
_ = config
NotImplementedError indicates that the input is not currently supported.
func (e NotImplementedError) Error() string
| Path | Synopsis |
|---|---|
| internal/rc2 | Package rc2 implements the RC2 cipher |
Package pkcs12 imports 16 packages (graph) and is imported by 9 packages. Updated about 5 hours ago. Refresh now. Tools for package owners.