Source file src/pkg/crypto/x509/pkcs8.go

     1	// Copyright 2011 The Go Authors. All rights reserved.
     2	// Use of this source code is governed by a BSD-style
     3	// license that can be found in the LICENSE file.
     4	
     5	package x509
     6	
     7	import (
     8		"crypto/x509/pkix"
     9		"encoding/asn1"
    10		"errors"
    11		"fmt"
    12	)
    13	
    14	// pkcs8 reflects an ASN.1, PKCS#8 PrivateKey. See 
    15	// ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-8/pkcs-8v1_2.asn.
    16	type pkcs8 struct {
    17		Version    int
    18		Algo       pkix.AlgorithmIdentifier
    19		PrivateKey []byte
    20		// optional attributes omitted.
    21	}
    22	
    23	// ParsePKCS8PrivateKey parses an unencrypted, PKCS#8 private key. See
    24	// http://www.rsa.com/rsalabs/node.asp?id=2130
    25	func ParsePKCS8PrivateKey(der []byte) (key interface{}, err error) {
    26		var privKey pkcs8
    27		if _, err := asn1.Unmarshal(der, &privKey); err != nil {
    28			return nil, err
    29		}
    30		switch {
    31		case privKey.Algo.Algorithm.Equal(oidRSA):
    32			key, err = ParsePKCS1PrivateKey(privKey.PrivateKey)
    33			if err != nil {
    34				return nil, errors.New("crypto/x509: failed to parse RSA private key embedded in PKCS#8: " + err.Error())
    35			}
    36			return key, nil
    37		default:
    38			return nil, fmt.Errorf("crypto/x509: PKCS#8 wrapping contained private key with unknown algorithm: %v", privKey.Algo.Algorithm)
    39		}
    40	
    41		panic("unreachable")
    42	}