| .. | ||
| cipher_aes.go | ||
| cipher_des.go | ||
| cipher_sm4.go | ||
| cipher.go | ||
| kdf_pbkdf2.go | ||
| kdf_scrypt.go | ||
| pkcs8_norace_test.go | ||
| pkcs8_test.go | ||
| pkcs8.go | ||
| README.md | ||
OpenSSL can generate private keys in both "traditional format" and PKCS#8 format. Newer applications are advised to use more secure PKCS#8 format. Go standard crypto package provides a function to parse private key in PKCS#8 format. There is a limitation to this function. It can only handle unencrypted PKCS#8 private keys. To use this function, the user has to save the private key in file without encryption, which is a bad practice to leave private keys unprotected on file systems. In addition, Go standard package lacks the functions to convert RSA/ECDSA private keys into PKCS#8 format.
pkcs8 package fills the gap here. It implements functions to process private keys in PKCS#8 format, as defined in RFC5208 and RFC5958. It can handle both unencrypted PKCS#8 PrivateKeyInfo format and EncryptedPrivateKeyInfo format with PKCS#5 (v2.0) algorithms.
Credits
This is a fork of youmark/pkcs8, and we added support for ShangMi.