pkcs12

package

v1.3.2 Latest Latest Go to latest Published: Oct 29, 2018 License: MPL-2.0, MIT, BSD-3-Clause Imports: 18 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/HashDataInc/packer

Documentation ¶

Overview ¶

Package pkcs12 implements some of PKCS#12.

This implementation is distilled from https://tools.ietf.org/html/rfc7292 and referenced documents. It is intended for decoding P12/PFX-stored certificates and keys for use with the crypto/tls package.

Index ¶

Variables
func Decode(pfxData []byte, password string) (privateKey interface{}, certificate *x509.Certificate, err error)
func Encode(derBytes []byte, privateKey interface{}, password string) (pfxBytes []byte, err error)
func ToPEM(pfxData []byte, password string) ([]*pem.Block, error)
type EncodeError
- func (e EncodeError) Error() string
type NotImplementedError
- func (e NotImplementedError) Error() string

Examples ¶

ToPEM

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// ErrDecryption represents a failure to decrypt the input.
	ErrDecryption = errors.New("pkcs12: decryption error, incorrect padding")

	// ErrIncorrectPassword is returned when an incorrect password is detected.
	// Usually, P12/PFX data is signed to be able to verify the password.
	ErrIncorrectPassword = errors.New("pkcs12: decryption password incorrect")
)

Functions ¶

func Decode ¶ added in v1.1.0

func Decode(pfxData []byte, password string) (privateKey interface{}, certificate *x509.Certificate, err error)

Decode extracts a certificate and private key from pfxData. This function assumes that there is only one certificate and only one private key in the pfxData.

func Encode ¶

func Encode(derBytes []byte, privateKey interface{}, password string) (pfxBytes []byte, err error)

Encode converts a certificate and a private key to the PKCS#12 byte stream format.

derBytes is a DER encoded certificate. privateKey is an RSA

func ToPEM ¶ added in v1.1.0

func ToPEM(pfxData []byte, password string) ([]*pem.Block, error)

ConvertToPEM converts all "safe bags" contained in pfxData to PEM blocks.

Example ¶

p12, _ := base64.StdEncoding.DecodeString(`MIIJzgIBAzCCCZQGCS ... CA+gwggPk==`)

blocks, err := ToPEM(p12, "password")
if err != nil {
	panic(err)
}

var pemData []byte
for _, b := range blocks {
	pemData = append(pemData, pem.EncodeToMemory(b)...)
}

// then use PEM data for tls to construct tls certificate:
cert, err := tls.X509KeyPair(pemData, pemData)
if err != nil {
	panic(err)
}

config := &tls.Config{
	Certificates: []tls.Certificate{cert},
}

_ = config

Output:

Types ¶

type EncodeError ¶

type EncodeError string

func (EncodeError) Error ¶

func (e EncodeError) Error() string

type NotImplementedError ¶

type NotImplementedError string

NotImplementedError indicates that the input is not currently supported.

func (NotImplementedError) Error ¶

func (e NotImplementedError) Error() string

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
rc2 Package rc2 implements the RC2 cipher https://www.ietf.org/rfc/rfc2268.txt http://people.csail.mit.edu/rivest/pubs/KRRR98.pdf This code is licensed under the MIT license.	Package rc2 implements the RC2 cipher https://www.ietf.org/rfc/rfc2268.txt http://people.csail.mit.edu/rivest/pubs/KRRR98.pdf This code is licensed under the MIT license.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL