pkcs12 - ActiveState ActiveGo 1.8
...

Package pkcs12

import "golang.org/x/crypto/pkcs12"
Overview
Index
Examples
Subdirectories

Overview ▾

Package pkcs12 implements some of PKCS#12.

This implementation is distilled from https://tools.ietf.org/html/rfc7292 and referenced documents. It is intended for decoding P12/PFX-stored certificates and keys for use with the crypto/tls package.

Variables

var (
    // ErrDecryption represents a failure to decrypt the input.
    ErrDecryption = errors.New("pkcs12: decryption error, incorrect padding")

    // ErrIncorrectPassword is returned when an incorrect password is detected.
    // Usually, P12/PFX data is signed to be able to verify the password.
    ErrIncorrectPassword = errors.New("pkcs12: decryption password incorrect")
)

func Decode 

func Decode(pfxData []byte, password string) (privateKey interface{}, certificate *x509.Certificate, err error)

Decode extracts a certificate and private key from pfxData. This function assumes that there is only one certificate and only one private key in the pfxData.

func ToPEM 

func ToPEM(pfxData []byte, password string) ([]*pem.Block, error)

ConvertToPEM converts all "safe bags" contained in pfxData to PEM blocks.

Example

Code:

p12, _ := base64.StdEncoding.DecodeString(`MIIJzgIBAzCCCZQGCS ... CA+gwggPk==`)

blocks, err := ToPEM(p12, "password")
if err != nil {
    panic(err)
}

var pemData []byte
for _, b := range blocks {
    pemData = append(pemData, pem.EncodeToMemory(b)...)
}

// then use PEM data for tls to construct tls certificate:
cert, err := tls.X509KeyPair(pemData, pemData)
if err != nil {
    panic(err)
}

config := &tls.Config{
    Certificates: []tls.Certificate{cert},
}

_ = config

type NotImplementedError

NotImplementedError indicates that the input is not currently supported. 

type NotImplementedError string

func (NotImplementedError) Error 

func (e NotImplementedError) Error() string

Subdirectories

Name Synopsis
..