Documentation
¶
Overview ¶
Package pkcs12 implements some of PKCS#12.
This implementation is distilled from https://tools.ietf.org/html/rfc7292 and referenced documents. It is intended for decoding P12/PFX-stored certificates and keys for use with the crypto/tls package.
Index ¶
Examples ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // ErrDecryption represents a failure to decrypt the input. ErrDecryption = errors.New("pkcs12: decryption error, incorrect padding") // ErrIncorrectPassword is returned when an incorrect password is detected. // Usually, P12/PFX data is signed to be able to verify the password. ErrIncorrectPassword = errors.New("pkcs12: decryption password incorrect") )
Functions ¶
func Decode ¶
func Decode(pfxData []byte, password string) (privateKey interface{}, certificate *x509.Certificate, err error)
Decode extracts a certificate and private key from pfxData. This function assumes that there is only one certificate and only one private key in the pfxData.
func ToPEM ¶
ConvertToPEM converts all "safe bags" contained in pfxData to PEM blocks.
Example ¶
p12, _ := base64.StdEncoding.DecodeString(`MIIJzgIBAzCCCZQGCS ... CA+gwggPk==`)
blocks, err := ToPEM(p12, "password")
if err != nil {
panic(err)
}
var pemData []byte
for _, b := range blocks {
pemData = append(pemData, pem.EncodeToMemory(b)...)
}
// then use PEM data for tls to construct tls certificate:
cert, err := tls.X509KeyPair(pemData, pemData)
if err != nil {
panic(err)
}
config := &tls.Config{
Certificates: []tls.Certificate{cert},
}
_ = config
Types ¶
type NotImplementedError ¶
type NotImplementedError string
NotImplementedError indicates that the input is not currently supported.
func (NotImplementedError) Error ¶
func (e NotImplementedError) Error() string
Source Files
¶
- bmp-string.go
- crypto.go
- errors.go
- mac.go
- pbkdf.go
- pkcs12.go
- safebags.go
Directories
Click to show internal directories.
Click to hide internal directories.