| // Copyright 2014 The Go Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style |
| // license that can be found in the LICENSE file. |
| |
| package internal |
| |
| import ( |
| "crypto/rsa" |
| "crypto/x509" |
| "encoding/pem" |
| "errors" |
| "fmt" |
| ) |
| |
| // ParseKey converts the binary contents of a private key file |
| // to an *rsa.PrivateKey. It detects whether the private key is in a |
| // PEM container or not. If so, it extracts the private key |
| // from PEM container before conversion. It only supports PEM |
| // containers with no passphrase. |
| func ParseKey(key []byte) (*rsa.PrivateKey, error) { |
| block, _ := pem.Decode(key) |
| if block != nil { |
| key = block.Bytes |
| } |
| parsedKey, err := x509.ParsePKCS8PrivateKey(key) |
| if err != nil { |
| parsedKey, err = x509.ParsePKCS1PrivateKey(key) |
| if err != nil { |
| return nil, fmt.Errorf("private key should be a PEM or plain PKCS1 or PKCS8; parse error: %v", err) |
| } |
| } |
| parsed, ok := parsedKey.(*rsa.PrivateKey) |
| if !ok { |
| return nil, errors.New("private key is invalid") |
| } |
| return parsed, nil |
| } |