OXIESEC PANEL
- Current Dir:
/
/
opt
/
golang
/
1.22.0
/
src
/
crypto
/
x509
Server IP: 191.96.63.230
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
02/02/2024 06:09:55 PM
rwxr-xr-x
📄
boring.go
993 bytes
02/02/2024 06:09:55 PM
rw-r--r--
📄
boring_test.go
3.75 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
cert_pool.go
8.93 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
cert_pool_test.go
2.25 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
example_test.go
5.32 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
hybrid_pool_test.go
3.72 KB
02/02/2024 06:09:55 PM
rw-r--r--
📁
internal
-
02/02/2024 06:09:55 PM
rwxr-xr-x
📄
name_constraints_test.go
44.92 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
notboring.go
258 bytes
02/02/2024 06:09:55 PM
rw-r--r--
📄
oid.go
5.75 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
oid_test.go
3.7 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
parser.go
36.57 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
parser_test.go
2.63 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
pem_decrypt.go
7.2 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
pem_decrypt_test.go
8.92 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
pkcs1.go
4.66 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
pkcs8.go
5.8 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
pkcs8_test.go
8.95 KB
02/02/2024 06:09:55 PM
rw-r--r--
📁
pkix
-
02/02/2024 06:09:55 PM
rwxr-xr-x
📄
platform_root_cert.pem
749 bytes
02/02/2024 06:09:55 PM
rw-r--r--
📄
platform_root_key.pem
227 bytes
02/02/2024 06:09:55 PM
rw-r--r--
📄
platform_test.go
7.28 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
root.go
2.03 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_aix.go
410 bytes
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_bsd.go
748 bytes
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_darwin.go
3.48 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_darwin_test.go
3.7 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_linux.go
1.11 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_plan9.go
828 bytes
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_solaris.go
538 bytes
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_test.go
2.62 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_unix.go
2.67 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_unix_test.go
6.07 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_wasm.go
373 bytes
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_windows.go
8.74 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
root_windows_test.go
3.43 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
sec1.go
4.58 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
sec1_test.go
5.36 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
test-file.crt
1.9 KB
02/02/2024 06:09:55 PM
rw-r--r--
📁
testdata
-
02/02/2024 06:09:55 PM
rwxr-xr-x
📄
verify.go
35.3 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
verify_test.go
108.97 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
x509.go
82.3 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
x509_test.go
159.96 KB
02/02/2024 06:09:55 PM
rw-r--r--
📄
x509_test_import.go
1.7 KB
02/02/2024 06:09:55 PM
rw-r--r--
Editing: pkcs8.go
Close
// Copyright 2011 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package x509 import ( "crypto/ecdh" "crypto/ecdsa" "crypto/ed25519" "crypto/rsa" "crypto/x509/pkix" "encoding/asn1" "errors" "fmt" ) // pkcs8 reflects an ASN.1, PKCS #8 PrivateKey. See // ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-8/pkcs-8v1_2.asn // and RFC 5208. type pkcs8 struct { Version int Algo pkix.AlgorithmIdentifier PrivateKey []byte // optional attributes omitted. } // ParsePKCS8PrivateKey parses an unencrypted private key in PKCS #8, ASN.1 DER form. // // It returns a *[rsa.PrivateKey], an *[ecdsa.PrivateKey], an [ed25519.PrivateKey] (not // a pointer), or an *[ecdh.PrivateKey] (for X25519). More types might be supported // in the future. // // This kind of key is commonly encoded in PEM blocks of type "PRIVATE KEY". func ParsePKCS8PrivateKey(der []byte) (key any, err error) { var privKey pkcs8 if _, err := asn1.Unmarshal(der, &privKey); err != nil { if _, err := asn1.Unmarshal(der, &ecPrivateKey{}); err == nil { return nil, errors.New("x509: failed to parse private key (use ParseECPrivateKey instead for this key format)") } if _, err := asn1.Unmarshal(der, &pkcs1PrivateKey{}); err == nil { return nil, errors.New("x509: failed to parse private key (use ParsePKCS1PrivateKey instead for this key format)") } return nil, err } switch { case privKey.Algo.Algorithm.Equal(oidPublicKeyRSA): key, err = ParsePKCS1PrivateKey(privKey.PrivateKey) if err != nil { return nil, errors.New("x509: failed to parse RSA private key embedded in PKCS#8: " + err.Error()) } return key, nil case privKey.Algo.Algorithm.Equal(oidPublicKeyECDSA): bytes := privKey.Algo.Parameters.FullBytes namedCurveOID := new(asn1.ObjectIdentifier) if _, err := asn1.Unmarshal(bytes, namedCurveOID); err != nil { namedCurveOID = nil } key, err = parseECPrivateKey(namedCurveOID, privKey.PrivateKey) if err != nil { return nil, errors.New("x509: failed to parse EC private key embedded in PKCS#8: " + err.Error()) } return key, nil case privKey.Algo.Algorithm.Equal(oidPublicKeyEd25519): if l := len(privKey.Algo.Parameters.FullBytes); l != 0 { return nil, errors.New("x509: invalid Ed25519 private key parameters") } var curvePrivateKey []byte if _, err := asn1.Unmarshal(privKey.PrivateKey, &curvePrivateKey); err != nil { return nil, fmt.Errorf("x509: invalid Ed25519 private key: %v", err) } if l := len(curvePrivateKey); l != ed25519.SeedSize { return nil, fmt.Errorf("x509: invalid Ed25519 private key length: %d", l) } return ed25519.NewKeyFromSeed(curvePrivateKey), nil case privKey.Algo.Algorithm.Equal(oidPublicKeyX25519): if l := len(privKey.Algo.Parameters.FullBytes); l != 0 { return nil, errors.New("x509: invalid X25519 private key parameters") } var curvePrivateKey []byte if _, err := asn1.Unmarshal(privKey.PrivateKey, &curvePrivateKey); err != nil { return nil, fmt.Errorf("x509: invalid X25519 private key: %v", err) } return ecdh.X25519().NewPrivateKey(curvePrivateKey) default: return nil, fmt.Errorf("x509: PKCS#8 wrapping contained private key with unknown algorithm: %v", privKey.Algo.Algorithm) } } // MarshalPKCS8PrivateKey converts a private key to PKCS #8, ASN.1 DER form. // // The following key types are currently supported: *[rsa.PrivateKey], // *[ecdsa.PrivateKey], [ed25519.PrivateKey] (not a pointer), and *[ecdh.PrivateKey]. // Unsupported key types result in an error. // // This kind of key is commonly encoded in PEM blocks of type "PRIVATE KEY". func MarshalPKCS8PrivateKey(key any) ([]byte, error) { var privKey pkcs8 switch k := key.(type) { case *rsa.PrivateKey: privKey.Algo = pkix.AlgorithmIdentifier{ Algorithm: oidPublicKeyRSA, Parameters: asn1.NullRawValue, } privKey.PrivateKey = MarshalPKCS1PrivateKey(k) case *ecdsa.PrivateKey: oid, ok := oidFromNamedCurve(k.Curve) if !ok { return nil, errors.New("x509: unknown curve while marshaling to PKCS#8") } oidBytes, err := asn1.Marshal(oid) if err != nil { return nil, errors.New("x509: failed to marshal curve OID: " + err.Error()) } privKey.Algo = pkix.AlgorithmIdentifier{ Algorithm: oidPublicKeyECDSA, Parameters: asn1.RawValue{ FullBytes: oidBytes, }, } if privKey.PrivateKey, err = marshalECPrivateKeyWithOID(k, nil); err != nil { return nil, errors.New("x509: failed to marshal EC private key while building PKCS#8: " + err.Error()) } case ed25519.PrivateKey: privKey.Algo = pkix.AlgorithmIdentifier{ Algorithm: oidPublicKeyEd25519, } curvePrivateKey, err := asn1.Marshal(k.Seed()) if err != nil { return nil, fmt.Errorf("x509: failed to marshal private key: %v", err) } privKey.PrivateKey = curvePrivateKey case *ecdh.PrivateKey: if k.Curve() == ecdh.X25519() { privKey.Algo = pkix.AlgorithmIdentifier{ Algorithm: oidPublicKeyX25519, } var err error if privKey.PrivateKey, err = asn1.Marshal(k.Bytes()); err != nil { return nil, fmt.Errorf("x509: failed to marshal private key: %v", err) } } else { oid, ok := oidFromECDHCurve(k.Curve()) if !ok { return nil, errors.New("x509: unknown curve while marshaling to PKCS#8") } oidBytes, err := asn1.Marshal(oid) if err != nil { return nil, errors.New("x509: failed to marshal curve OID: " + err.Error()) } privKey.Algo = pkix.AlgorithmIdentifier{ Algorithm: oidPublicKeyECDSA, Parameters: asn1.RawValue{ FullBytes: oidBytes, }, } if privKey.PrivateKey, err = marshalECDHPrivateKey(k); err != nil { return nil, errors.New("x509: failed to marshal EC private key while building PKCS#8: " + err.Error()) } } default: return nil, fmt.Errorf("x509: unknown key type while marshaling PKCS#8: %T", key) } return asn1.Marshal(privKey) }