Source file src/pkg/crypto/x509/pkcs8.go
1 // Copyright 2011 The Go Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style
3 // license that can be found in the LICENSE file.
4
5 package x509
6
7 import (
8 "crypto/x509/pkix"
9 "encoding/asn1"
10 "errors"
11 "fmt"
12 )
13
14 // pkcs8 reflects an ASN.1, PKCS#8 PrivateKey. See
15 // ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-8/pkcs-8v1_2.asn.
16 type pkcs8 struct {
17 Version int
18 Algo pkix.AlgorithmIdentifier
19 PrivateKey []byte
20 // optional attributes omitted.
21 }
22
23 // ParsePKCS8PrivateKey parses an unencrypted, PKCS#8 private key. See
24 // http://www.rsa.com/rsalabs/node.asp?id=2130
25 func ParsePKCS8PrivateKey(der []byte) (key interface{}, err error) {
26 var privKey pkcs8
27 if _, err := asn1.Unmarshal(der, &privKey); err != nil {
28 return nil, err
29 }
30 switch {
31 case privKey.Algo.Algorithm.Equal(oidRSA):
32 key, err = ParsePKCS1PrivateKey(privKey.PrivateKey)
33 if err != nil {
34 return nil, errors.New("crypto/x509: failed to parse RSA private key embedded in PKCS#8: " + err.Error())
35 }
36 return key, nil
37 default:
38 return nil, fmt.Errorf("crypto/x509: PKCS#8 wrapping contained private key with unknown algorithm: %v", privKey.Algo.Algorithm)
39 }
40
41 panic("unreachable")
42 }