github/gmsm
7
0
Fork 0
mirror of https://github.com/emmansun/gmsm.git synced 2025-06-03 01:44:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
main
gmsm/pkcs8
History
Sun Yimin c32a9849f8
sm9: refactoring #314
2025-03-13 16:50:28 +08:00
..
example_test.go sm9: refactoring #314 2025-03-13 16:50:28 +08:00
LICENSE merge pkcs7 2023-03-09 11:45:39 +08:00
pkcs8_norace_test.go ci: enable race detector 2024-03-29 14:37:58 +08:00
pkcs8_test.go sm9: refactoring, do not expose bn256 types to caller #314 2025-03-13 13:46:14 +08:00
pkcs8.go smx509: use bytes.Clone 2025-02-27 08:16:07 +08:00
README.md pkcs8: merge from emmansun/pkcs8 2022-06-17 10:59:23 +08:00

README.md

OpenSSL can generate private keys in both "traditional format" and PKCS#8 format. Newer applications are advised to use more secure PKCS#8 format. Go standard crypto package provides a function to parse private key in PKCS#8 format. There is a limitation to this function. It can only handle unencrypted PKCS#8 private keys. To use this function, the user has to save the private key in file without encryption, which is a bad practice to leave private keys unprotected on file systems. In addition, Go standard package lacks the functions to convert RSA/ECDSA private keys into PKCS#8 format.

pkcs8 package fills the gap here. It implements functions to process private keys in PKCS#8 format, as defined in RFC5208 and RFC5958. It can handle both unencrypted PKCS#8 PrivateKeyInfo format and EncryptedPrivateKeyInfo format with PKCS#5 (v2.0) algorithms.

Credits

This is a fork of youmark/pkcs8, and we added support for ShangMi.