11 ErrKeyMustBePEMEncoded = errors.New("Invalid Key: Key must be PEM encoded PKCS1 or PKCS8 private key")
12 ErrNotRSAPrivateKey = errors.New("Key is not a valid RSA private key")
13 ErrNotRSAPublicKey = errors.New("Key is not a valid RSA public key")
16 // Parse PEM encoded PKCS1 or PKCS8 private key
17 func ParseRSAPrivateKeyFromPEM(key []byte) (*rsa.PrivateKey, error) {
22 if block, _ = pem.Decode(key); block == nil {
23 return nil, ErrKeyMustBePEMEncoded
26 var parsedKey interface{}
27 if parsedKey, err = x509.ParsePKCS1PrivateKey(block.Bytes); err != nil {
28 if parsedKey, err = x509.ParsePKCS8PrivateKey(block.Bytes); err != nil {
33 var pkey *rsa.PrivateKey
35 if pkey, ok = parsedKey.(*rsa.PrivateKey); !ok {
36 return nil, ErrNotRSAPrivateKey
42 // Parse PEM encoded PKCS1 or PKCS8 private key protected with password
43 func ParseRSAPrivateKeyFromPEMWithPassword(key []byte, password string) (*rsa.PrivateKey, error) {
48 if block, _ = pem.Decode(key); block == nil {
49 return nil, ErrKeyMustBePEMEncoded
52 var parsedKey interface{}
54 var blockDecrypted []byte
55 if blockDecrypted, err = x509.DecryptPEMBlock(block, []byte(password)); err != nil {
59 if parsedKey, err = x509.ParsePKCS1PrivateKey(blockDecrypted); err != nil {
60 if parsedKey, err = x509.ParsePKCS8PrivateKey(blockDecrypted); err != nil {
65 var pkey *rsa.PrivateKey
67 if pkey, ok = parsedKey.(*rsa.PrivateKey); !ok {
68 return nil, ErrNotRSAPrivateKey
74 // Parse PEM encoded PKCS1 or PKCS8 public key
75 func ParseRSAPublicKeyFromPEM(key []byte) (*rsa.PublicKey, error) {
80 if block, _ = pem.Decode(key); block == nil {
81 return nil, ErrKeyMustBePEMEncoded
85 var parsedKey interface{}
86 if parsedKey, err = x509.ParsePKIXPublicKey(block.Bytes); err != nil {
87 if cert, err := x509.ParseCertificate(block.Bytes); err == nil {
88 parsedKey = cert.PublicKey
94 var pkey *rsa.PublicKey
96 if pkey, ok = parsedKey.(*rsa.PublicKey); !ok {
97 return nil, ErrNotRSAPublicKey