github.com/emmansun/gmsm@v0.29.1/pkcs8/pkcs8_test.go (about) 1 package pkcs8_test 2 3 import ( 4 "crypto/ecdsa" 5 "crypto/elliptic" 6 "crypto/rand" 7 "crypto/rsa" 8 "crypto/x509/pkix" 9 "encoding/asn1" 10 "encoding/pem" 11 "testing" 12 13 "github.com/emmansun/gmsm/pkcs" 14 "github.com/emmansun/gmsm/pkcs8" 15 "github.com/emmansun/gmsm/sm2" 16 "github.com/emmansun/gmsm/sm9" 17 ) 18 19 const rsa2048 = `-----BEGIN PRIVATE KEY----- 20 MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDBMF0LikTFOU/T 21 8DUDSvORootvhUD67f6AXmEnntfXRvQ3O91+qt40tevS8JtFaq4gKxugRjjZRtni 22 50aUGcEZ4leq3DboBL9XH089IEmxxLbJeJIXxgPeRHrXRINvUSspwRrJkX6fnXyi 23 MdRhqdH2tG1yrXKkt9UvdSHfRYimDcJ+ry2zYlcbz9aoLDO1vEdS/IBu0jXAZ/Z/ 24 xaEVfkoWMzZM2SU+lfJeyzobii00VXGuSQKnI8E/e16kDpBXJ6PFSm6EyZmAad6O 25 f+B9d/ZEXGQlbaooG54v5sGj54mg7m/75qMaxL2H8NER31gAeyvoyovfXI0vbswH 26 8AozxGwDAgMBAAECggEAautIY62nt/urKaIExQjDWvO59gOq3fW/5+3UGWh5DqUv 27 Xi5cvND2X/fbR4hwdu++5QDWrlKO/fmPd1wGnMrQK3IwkNiF7s1J1H74jN0EzEUR 28 4NlBCbVGyMnfrqo1j/M9T0OXfr1udgpkQyQO5epl0QM0m8ZQ78bqTvSlxXsnULbQ 29 py0Tx0uCWaP6FzDsZ+t2rj/SVH7hQNf8ITfQJhVol/n5Hza4+NRfp/DPXWZEvPlo 30 GeMs9PDCa16tw8wI9EUnmFaeFlmtJPdTs5rVo9Ya/zmtoxN6AGTCG0IE6YRvh3Qn 31 jttIp2QitOSBKmXpu1ZI6UTtimGgnfiJKK1BGVaMOQKBgQDfF6ZBMY/tLmDg1mgS 32 QQKAOWMB0/3CvzcM96R0VACO2vr1BbePMXQQ/i27rD001Xl2wNTsETRk1Ji6btwQ 33 64m4uxRSZCJmYyBAcJjfBtMWIDiihQTL55NFTd9YIPmqGmbj1ASQgtpQR5Cq/5YR 34 9Vu0kTxMmADoiq1tR2VGZeScnwKBgQDdr4ITDFGSpqWKnyHQaQgTIW4uxQ5pQKIx 35 aKbCNZOtSgJfqUCY+8gJMkFOtQzawrburD4qllFxdqhHLiXSx6/8zSTrsiexml2i 36 7HxUZaSmn5Q4HFNngKKHXd4NGsWp237k8fJ2953KX89yEov8FpIiq6qvZH/LS8DN 37 +GORAPSSHQKBgCHobUuRZefN2cmyrOTBXsjwb/zyJKq593sQFL3dmqwb2nLtaIXq 38 JVMD3x2cQz1JiQmkq3gp8UW2DnSfrvEfa7JZNPCE6bmYLWm9825KkkDVquYAw8be 39 LsMk3+J8OJZDJwpPylXQnbAAAJwM9tlJ6qNaQ8j8fX7avRtT86+sgv/PAoGABjJp 40 yG6HuTm/Vuir4U+OUjqVAemwRXDxF8B9KOCmiCmRd2sbyyr+pIMrIDAfc94Njw5x 41 jm81R56xhYvcss+yM7boWU5ZnbVa+LrznshYme/MDOV9z17hLDeLhYJCFEV2fp/k 42 zz6MwqN7AQ1TrHBVFXMHCnAcwmoTsa5H2j3UmGECgYEAvvJ+o5+FPnBs+VU5FJxF 43 fAGFpF3AwfbSCm2ARZOxMHAkpsz/FBXlo+rVZv6loTKTPQFMxIB15il7ls0CGI9q 44 6UaZ5hkKjEOQUW8UYc8Cv0xpSkcuxcGrWzw4AMdc84XXi6F1+48ab9Gt0pN3tgUG 45 qg+KU+JDsQLHHmykZ92cHPA= 46 -----END PRIVATE KEY----- 47 ` 48 49 const encryptedRSA2048aes = `-----BEGIN ENCRYPTED PRIVATE KEY----- 50 MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQIrrW09+9XumECAggA 51 MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBAxglavSPtrKNsM9cDXmrS1BIIE 52 0Gy226c9+zxZ8jUsUIbDdsq1mPbqAWs1xImAj4nA7NMv6G/5QH9CrsmB+4r4GIiy 53 CafN1W9YvFg3SISUbe+h156Pt2iKoZlVCbSa4XVo4diwmjloZIHM4Jk0Pu28CbJo 54 QDVwPCuWMKppkfwr63RT+FBSfBEBaRCi4eXz6tOcMduBOlaiQvSREvDCCOeY9gja 55 RgvyUa2Hf8oHNkSG9yXoMrvz0FayMWK/i7LU+2NqiPZVTvfGkqNkJJF/M7INKgLs 56 d6A1hgyA7HVv4czQOPQJCArXeCycI1EJ4uSthJxqd/iYX0z52Tfa7q/0oAZ4HZt+ 57 wmcov8GwqfAg7Cu9soifYwfMYTghXOX2UKmQa/0UNK5ibj5cC9+oA09Ucx5twKDs 58 nwSGEIb+7qNhZSRtEXtOL7bxQL8PUvAXWrTXluvZ+bv/9S53XYPL4E95rrLnTF/L 59 csEYleNIpY/6HkPFtqPZiWCsVUZep9uPjZo29kh/246yKBFjsw5mXtm1S6ha4Xb9 60 gUxqKQiWe9+tCkPHRVo2KJX1H4Al7UB9GqDR5oUhIayp6nYCeI/dLwPpikq1F8HO 61 iJva/qV2iltxwyQHhEenyM9TPkPawqOOUKvDd1hZR0wzABcC3koLtwwKyEGzQPPW 62 bxp5GBim9Pu/EGWY1d1H38eVu44jRP/3ONk8wvZcsIbn6U8bOeToUFmcjuuQ3cxf 63 pDUruIA9PjWL9Se6TI3CytTUCbCb4bKRP+eE0B2LPwq6+dyvcY2yidYj9C2D25tb 64 F+E1Wr7ro97OXQ8grMWwrTpZ9rUzmz5wzYWmOFaKJRiepkuUpx4HWl+fKn5r5LyV 65 +cyYoSjApNgHe/9Pz7mNXNdeSmWcn4BVs1XgKi1MiJNWn5tNlKB3kz1kgraKOWbs 66 9/dspegd5fQ6Lzvlt7CsJh/I76rE+90LAbXWVlQ/jm/4jrWownjW1oVIj0Xfxx7i 67 UlmtTFoCIvNWRyoyK5pfL0JvxOtd5leHZniJoww0CPKYS0mibxYLc883Q5Hq5ZH/ 68 C7iBJN0aDJfVfkl0o4EQWaWQS0rAInhe7xTHmFFe5NP9lVTEwQt+C/fz7qalHe9P 69 ulV8MsT/vg2/9twvxKbVCSzaDyta/TyhX76LTULprPr6ahDhP9rybmmK548m86kZ 70 IxWdmed7Pt3YPeEImoLBoXh8eaWpYDlX2Be5/eqjw2wbg6srBKoA7swSkMsFXm5q 71 +HgF4X6R9lfmLjs/UMOi9SM6ODh4xgq1DxX+bJZLfJwXj90i56Ij8OhjcBJ+DwUi 72 ntosYkXp6lMZIyfI3jWG4IZwE9nt8oXJZfUtIU5mYF9DAV92fRwm1mCLMx0iznv1 73 bvCu7yJ51nWB3xkIOqCYbzbREWmL+6/akGOqu1KDrFKBu0IyAqUWt0XrY3b4V5jm 74 WjTXywDkCcGC6W0t4yhu1Yz8QhE5Giw2PHwwZ3940QZQsFcBM6RJOcnkbYTu8TFm 75 7s9ZItSShwAN/i1nN1daF9lgdm4WKHWd/jqHIgl2NijiDgb5F5YaWgurKg9tOrEK 76 oGJlPmBUiNynhqcz69ljjW6q4U2cfF4g6Onl2sucLdsFXejgVdsKBVXw+gjGr2TS 77 lgmeHTcvZmTShvbN/TrHETjO7jEB4V2I4a4L7uybuWF/ 78 -----END ENCRYPTED PRIVATE KEY----- 79 ` 80 81 const encryptedRSA2048des3 = `-----BEGIN ENCRYPTED PRIVATE KEY----- 82 MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIKXB+OWAc6pwCAggA 83 MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECCeQ2z+ohlaTBIIEyAbgxv69udAD 84 N0JzM0+E/dYKTRxEVED1cyY+fcROfxkJvT3FOOWS65vaPo5i8n0e7pFHvm/ezkoL 85 mNRYhoyd45pog4ALJ6O03bUBTLJPiowz90uHC7GWQelMl7LeNyX/7/5s2jOpgW82 86 oB6JizF9SjZzCTzKTmZLOAz3GjIERWHmoIczy40nxP7zmHzVrxTp1V6gnzxgUIuA 87 X/7FTMRlWvEbX9gzODx7stI/5/bLla1Y7PDWEs2aJCnsN7pXJSd0Ry2/iBnQKe6n 88 p4RW7jRAiFTGXbR1E5ZoFsSUs0K9JLEJA+kq6x+smRGxioV3I/r6MLaeumNZ37Bx 89 9OfiJAWk0Ei9EUjM4ZLWjnhgRyI2mThEXTbCevv2GonwG9G968QEMjfbXcLA6Opt 90 0mmRutT6IgvflEZRi9BlmCGOecNHl+cojVCwmAPZKkk2e9lZe+x9+TXW66GJVFiK 91 6BlgRwTcNPKePCYWPjsV5wUZACq0Y61nksBViyRUFsEkEEYMXIbh6bbUTTlJg/tk 92 tCp/LF9oTf1XacJ8a/s6oLuz95R07u9E/liibzVavK0nVNSR5Xdo7QDivWxnaSLd 93 wt8qUOnVbW0eSyq2BAKK7yvZfhz44D9WS8M8jp8gwj7Eti81LGqeh5IvqekDYmoz 94 BFiY24PnRcZnpETA/e6v5dNrpE/OLHmdY1ag6aifIJCc1UG84Oi/nPBTZ7eHLGCd 95 Kn4/9xdCVHd4077Qx9JLW9LutZXkqYaBckOEHtvaMfyWUaXiNty/N5RECGvn5wmM 96 dwC6td6CqtojiHOB7GAUiwjHgbQLpNoIz1BiVTIo1eoD32+4RHYUxNmhsk0r22Zf 97 ZnfnKBGgV7KKNKP3eFQnzSeNE0qFd5AtSpeJX0G0IsbuvXOE/7P0pj7DhD4HoYS7 98 Mf2za6Wm/CVWNM4ekc3MsKb9D+ogzdQ4VYI2mzBdLulrYvfPCE6SHZlZ+ePE4LSr 99 jexB6LYLZJU7Bxnslt9E/mjSzWHctF9LhHf7sl7NUhCHdDvij6Hd0l4+noQlDTtd 100 rnXgL9fTjSfaVDv3Rt+AmNN9Cu9Y1FSBLYMe8LfGXXUPg86bTbGk3uFjkyIY3hE2 101 /Kz1re4KXdDdjYe4ja5qZK8fWx0704NkzH1UO/HMd4Cnx3agyVeyJVG3iRSIesRG 102 vI1ESJMMv1+MMGiWwRzHYvv7yrqp2steAVwjGu26/s1vwkZrvy8SjzYAXo1RLT9o 103 cNnlPra6N7xReSohOibAp0kx1d81JqvEOvJIhR7KDXSRutgIPlqQgHXtmDW/VlCb 104 w05Ptg3SXaCE0+pY0T+FYHusA3JEmyU0e629Ed/dl/j7Xpynl1V6/ndf3gdRGX0l 105 d2IGneJsnj8yvP0dUsB2l71W/ZIM3HERDLxP9JByyINCBQ1BFsN81qUXpj6vGYjb 106 hPyUmmsAGibXJOiGzmaP3nGgF9qbe1XiTRdbm2AZ3pEaJxkkFWsT+Yivz9yzZE0P 107 3/w14HvS94X/Z2+yDLtQQgsLNkfw/Gpc4O0GMnLuOl4KSaTA37IdJR2jOFP7LtHR 108 9Egbm93atZWSAyTO7OtZGmna6k6eGUsk8Dxp7cWOUkLf7C5sL6l3bBH7omlQHx9P 109 RIiDkxAd7hbpm4/C/DoUZQ== 110 -----END ENCRYPTED PRIVATE KEY----- 111 ` 112 113 const encryptedRSA2048scrypt = `-----BEGIN ENCRYPTED PRIVATE KEY----- 114 MIIFJTBPBgkqhkiG9w0BBQ0wQjAhBgkrBgEEAdpHBAswFAQIY6+u2Dcq3hwCAkAA 115 AgEIAgEBMB0GCWCGSAFlAwQBKgQQ6Kut7Q560w1e+fqSiF6uUgSCBNBWRJP19DiT 116 m/ZWEh4ukxTnrBpx59ATbuiBZjjty9vw/dkusUivNLsIoJDezuv4YxjxNx4zZsv+ 117 vI5/gWT78XdF0XHgrRKjB0AvQ4rdVSUhV2/sxMa8P5bwE7NikovkzP1rM0cPCLRE 118 K5J81+pEOVKumJJg3jNtK18HtCiH0D4n276xK6fJ2BptA1BMNhlDkoz99kmwPfhg 119 gMiJxbcGrYHMvCZAL8towTRomI82fjRwpEtT8eZ7aLUALDM53JXzhiz/bO2cKCRx 120 4oLx6rChrqCTS4bZ++PPBS9klwW1kx5eMTGdv3IS+/Y7wvPtZ9jbwcjkSKpOsALv 121 h/6CzUuTo5dIPDaOidLLHS4bfgKCC/da/uuow/ET7K6KBOZ6kCnXi300D+hZE8cJ 122 GYjIQGVY3FtrtZx55hjeqyRsVrdKP0e83wNEnGgofsgeJ+H88zUxaMqIiz3e773M 123 zshNXcCko9jAgr8PwRg7ARPql+TcS3fJ+HPBA1mDlT4xMXyFOgckMkz8xR08EA0M 124 UcvtGAxLJYtsiMJigdrCI7lGmWZbj8tB2sS0JD95QsbR5CcsqzaELzoKMdOpG5MP 125 4ZdgHpeGNtw15aAIdxfoFGGcNgLiZ+y7BC0fM9xYAPARrb64A3e3gmsJ3ZKEkZzR 126 MbK9a08S+6VI68T9M0f3i53p/e09CYZ0TN3yMN/g/usxERzpji7zCjEYf6yuUeRF 127 c3ceVVaxldexAOV0dEIUq8xehUhvhV129/hUHUyqsx1XiURWSx2TRSjuZ3SE63Sc 128 LO81rijz4rFa69JXPGWNrzR0IS0CY8aMF79fwqpcLaRHIpfQLiIQ19qDHiipXCs/ 129 ZLli5MZQZ7AHoXqbHBQOqhiT2LLEgeVF4uEi0qM1ULfmmZMoJQg+ugRXPEJR0fa0 130 ji6Hb/ZTDGwsdrNZGfTD4lJeiel3IPVcOzfeZqb6OsdkUSQzZZSvAET95qkKn/CN 131 diPkX96iYuhjcace/f8xLnVY3TJ6WRpDW9oBzVFEm5jXtlHhVltau2Qmoi28pthE 132 25QrNfoOs4qr2gaGA37VXSEW4yLU3jyqlP1esXxyEiqg9CKPnk/K/XxREjGJXElr 133 FQtRif9b4QDBrZc38Y5ct7x+Ce7llJ3kKslVdF2rbVEn4nPIHIqw8oKDv/6+CNwo 134 8O1B4u16WUqj2Th6hOQcmWb9Nb6Js5TSRtIJxrif6PTfTczSB9bZgU1fTxgr0tTI 135 AERJLqFA9dvCxAehWrlegsSOwvJ/E8FwbGJLhiJs6aFk1fJ6NPkp62UkmvBMDq1w 136 qYuwLSr920KrPsCYBa09Ldm9e88+nCQz5QWcJt2vvdIz0UQUqtsjUo8DWL0qNXgU 137 JVSRrfE+64II2sxt3/9oywLCk9DG+dcWZH6SRjSt7y9KhWfhdGq1S6Og1Mjc+U4A 138 L/TgycaVTBodGTmw5YlsbSBYzAwSBCaR7GLThhZqIlPrk6P3w8VZJ1B14nEcTP9Y 139 GVdcEOqE0mwNtWZYcuy1cqPj6g/p9NOmLOnT8HGbjw9qtdl+iEGN/ZDWfu+En7ES 140 Dv4v0MiWAMArKY8rAMWa9/phbWXVEtNz6RnJ460qxIax5GR0QPce3+lrswhmXSm4 141 RNXdI4NIGtOdg8zwuKI5AefoLlWjt56Pzg== 142 -----END ENCRYPTED PRIVATE KEY----- 143 ` 144 145 const ec256 = `-----BEGIN PRIVATE KEY----- 146 MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgjLFzKb/8hsdSmPft 147 s98RZ7AWzQnLDsMhy6v+/3BZlZ6hRANCAASKkodoH+hHmBfwoFfrvv1E+iMLt3g1 148 s6hxOUMbkv6ZTVFXND/3z9zlJli6/YGrlSnsHOJc0GbwSYD1AMwZyr0T 149 -----END PRIVATE KEY----- 150 ` 151 152 const encryptedEC256aes = `-----BEGIN ENCRYPTED PRIVATE KEY----- 153 MIHsMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAjVvKZtHlmIbAICCAAw 154 DAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEL3jdkBvObn+QELgKVE2cnMEgZAl 155 wgo3AjtXevJaGgep5GsW2krw9S7dC7xG9dR33Z/a9nBnO1rKm7Htf0+986w/1vmj 156 4k3M2QiI/VY+tnDFE+46DLLKYtJGRT1aoAH+mwhzaQGwzJnKhbeA23aE0f7KWCAK 157 +f999+SeHWro7FiRZjHEYVVLGQr/I7K5Wyh24YjN2nR4CU4X+GQU25My/pgSRog= 158 -----END ENCRYPTED PRIVATE KEY----- 159 ` 160 161 const ec128 = `-----BEGIN PRIVATE KEY----- 162 MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgjLFzKb/8hsdSmPft 163 s98RZ7AWzQnLDsMhy6v+/3BZlZ6hRANCAASKkodoH+hHmBfwoFfrvv1E+iMLt3g1 164 s6hxOUMbkv6ZTVFXND/3z9zlJli6/YGrlSnsHOJc0GbwSYD1AMwZyr0T 165 -----END PRIVATE KEY-----` 166 167 const encryptedEC128aes = `-----BEGIN ENCRYPTED PRIVATE KEY----- 168 MIHeMEkGCSqGSIb3DQEFDTA8MBsGCSqGSIb3DQEFDDAOBAg7qE4RYQEEugICCAAw 169 HQYJYIZIAWUDBAECBBBa+6eKv6il/iEjOw8/AmEHBIGQ24YmBiMfzjJjFU+PAwXr 170 zCfR3NPOHBwn3+BkpyivaezSrFWIF919cnDyI15Omd+Iz2oljrT/R4IDC9NOmoAy 171 5uKixYGAOi74Qr9kdgrT2Bfvu9wq+dYqPwLjR4WFHl2ofrLn7RCaOa8mOh3bgfHP 172 SnXPiACchx53PDh6bZTIZ0V9v0ymcMuXf758OXbUmSGN 173 -----END ENCRYPTED PRIVATE KEY-----` 174 175 const encryptedEC256aes128sha1 = `-----BEGIN ENCRYPTED PRIVATE KEY----- 176 MIHeMEkGCSqGSIb3DQEFDTA8MBsGCSqGSIb3DQEFDDAOBAgEoFG3x07DbQICCAAw 177 HQYJYIZIAWUDBAECBBCRN9PNX9rBqXhaHLUOsv7YBIGQFfXAPPV+COWABJdSarog 178 eUHFNaQ+R6x55Tz/mquNIwiOrP9DNoEd1PGtKaHaO+ACSEQwMfrGeh8BuNV69EwP 179 bhsob/MZeexRbrLe2YN7Y7/Y0wpujalGlliMvs35f1fpq/9RfVU+qRpFED2lT4dm 180 zOuhMC9Oo3oMYlbEXAT9mq33MkGKMUth2ek/bQIvnCHG 181 -----END ENCRYPTED PRIVATE KEY----- 182 ` 183 184 const encryptedPBEWithMD5AndDES = `-----BEGIN ENCRYPTED PRIVATE KEY----- 185 MIGwMBsGCSqGSIb3DQEFAzAOBAhsKeK+cnfdjAICCAAEgZAE5GZMjPQCLLifGK0r 186 ytlpt23Qas1KI6x7qmIP6oeYflCWT0Iv7AqK2cT8YK7s5Yy3j21YiHEG5FCr8Qb+ 187 GMlgQsRGkeU5y0I9zLZrhH9qOVJEuDLckCjMKbFXUEwx5YeBhQKTosB/quA5v9Lp 188 6SSLtKShYgx/MDJDarcAuj0whmNyTXijDGAMImltuqwsIUg= 189 -----END ENCRYPTED PRIVATE KEY----- 190 ` 191 192 const encyptedPBEWithSha1AndDES = `-----BEGIN ENCRYPTED PRIVATE KEY----- 193 MIGwMBsGCSqGSIb3DQEFCjAOBAiFq+R6absk/wICCAAEgZB7T7BEaGkyMqw8xN9e 194 ldSPFAAXzcsPx83w1jvD8TvM7uwqUu9k0+2FnSMcuhOHjX03AFZ2JJXZZBWxZJ24 195 GEWLwQYJIJ16el9n2DVPkp1qqbsXPMCyHR9hW4Qxt/9aXZmTLdqpAhQ9BfTSmpQp 196 Yt+/s6eXMOHP2C0sp5aOxnIjkorzfgasO/Y8JtMukVlKzqU= 197 -----END ENCRYPTED PRIVATE KEY----- 198 ` 199 200 const encryptedPBEWithSha1AndRC2_64 = `-----BEGIN ENCRYPTED PRIVATE KEY----- 201 MIGwMBsGCSqGSIb3DQEFCzAOBAhNHGnZio3lKwICCAAEgZCGUGQ3b6zS/iBlJ6BY 202 mpmuPBmGnuwtOtTFshWaZL8kPUROkZVBrKt6a/oM0vsTbyEDeii9ktt2cnd3plwh 203 fqnOmJmOBwHVeltjRLYYFzs2JgX4bXSc9eg+/AugvsDPj+dgk0yMsRLjKoZw/w/U 204 qZTZq/iFYg4Q80Ew7gJUBaMdA6Af8K/YDc3If7y78L0AD74= 205 -----END ENCRYPTED PRIVATE KEY----- 206 ` 207 208 const encryptedPBEWithMD5AndRC2_40 = `-----BEGIN ENCRYPTED PRIVATE KEY----- 209 MIGwMBsGCSqGSIb3DQEFBjAOBAiZRjrXPXpYwgICCAAEgZBilgJ9rYtNt7Ih59zF 210 jnErhxny2wRPoK1Ng/bLNijlBnppryizyAHuujNmpDRf77pYFmszaaprWZDs2bQw 211 tlhqw20XVOBG2PhHXsL9LXfbm7lJOVpMtBYtbduascC1aA5Dref9L3nBNlP5zdMp 212 TFgdUgkic4/tuw6b5E3Ysn3ugAlPTAMm7b8Nd0Hs0P/81nA= 213 -----END ENCRYPTED PRIVATE KEY----- 214 ` 215 216 func TestParsePKCS8PrivateKeyRSA(t *testing.T) { 217 keyList := []struct { 218 name string 219 clear string 220 encrypted string 221 }{ 222 { 223 name: "encryptedRSA2048aes", 224 clear: rsa2048, 225 encrypted: encryptedRSA2048aes, 226 }, 227 { 228 name: "encryptedRSA2048des3", 229 clear: rsa2048, 230 encrypted: encryptedRSA2048des3, 231 }, 232 } 233 for i, key := range keyList { 234 t.Run(key.name, func(t *testing.T) { 235 block, _ := pem.Decode([]byte(key.encrypted)) 236 _, err := pkcs8.ParsePKCS8PrivateKeyRSA(block.Bytes, []byte("password")) 237 if err != nil { 238 t.Errorf("%d: ParsePKCS8PrivateKeyRSA returned: %s", i, err) 239 } 240 _, err = pkcs8.ParsePKCS8PrivateKeyRSA(block.Bytes, []byte("wrong password")) 241 if err == nil { 242 t.Errorf("%d: should have failed", i) 243 } 244 _, err = pkcs8.ParsePKCS8PrivateKeyRSA(block.Bytes) 245 if err == nil { 246 t.Errorf("%d: should have failed", i) 247 } 248 249 block, _ = pem.Decode([]byte(key.clear)) 250 _, err = pkcs8.ParsePKCS8PrivateKeyRSA(block.Bytes) 251 if err != nil { 252 t.Errorf("%d: ParsePKCS8PrivateKeyRSA returned: %s", i, err) 253 } 254 }) 255 } 256 } 257 258 func TestParsePKCS8PrivateKeyECDSA(t *testing.T) { 259 keyList := []struct { 260 name string 261 clear string 262 encrypted string 263 }{ 264 { 265 name: "encryptedEC256aes", 266 clear: ec256, 267 encrypted: encryptedEC256aes, 268 }, 269 } 270 for i, key := range keyList { 271 t.Run(key.name, func(t *testing.T) { 272 block, _ := pem.Decode([]byte(key.encrypted)) 273 _, err := pkcs8.ParsePKCS8PrivateKeyECDSA(block.Bytes, []byte("password")) 274 if err != nil { 275 t.Errorf("%d: ParsePKCS8PrivateKeyECDSA returned: %s", i, err) 276 } 277 _, err = pkcs8.ParsePKCS8PrivateKeyECDSA(block.Bytes, []byte("wrong password")) 278 if err == nil { 279 t.Errorf("%d: should have failed", i) 280 } 281 _, err = pkcs8.ParsePKCS8PrivateKeyECDSA(block.Bytes) 282 if err == nil { 283 t.Errorf("%d: should have failed", i) 284 } 285 286 block, _ = pem.Decode([]byte(key.clear)) 287 _, err = pkcs8.ParsePKCS8PrivateKeyECDSA(block.Bytes) 288 if err != nil { 289 t.Errorf("%d: ParsePKCS8PrivateKeyECDSA returned: %s", i, err) 290 } 291 }) 292 } 293 } 294 295 type testPrivateKey struct { 296 name string 297 clear string 298 encrypted string 299 password string 300 } 301 302 func testParsePKCS8PrivateKey(t *testing.T, i int, key *testPrivateKey) { 303 block, _ := pem.Decode([]byte(key.encrypted)) 304 _, err := pkcs8.ParsePKCS8PrivateKey(block.Bytes, []byte(key.password)) 305 if err != nil { 306 t.Errorf("%d: ParsePKCS8PrivateKey returned: %s", i, err) 307 } 308 _, err = pkcs8.ParsePKCS8PrivateKey(block.Bytes, []byte("wrong password")) 309 if err == nil { 310 t.Errorf("%d: should have failed", i) 311 } 312 _, err = pkcs8.ParsePKCS8PrivateKey(block.Bytes) 313 if err == nil { 314 t.Errorf("%d: should have failed", i) 315 } 316 317 if key.clear != "" { 318 block, _ = pem.Decode([]byte(key.clear)) 319 _, err = pkcs8.ParsePKCS8PrivateKey(block.Bytes) 320 if err != nil { 321 t.Errorf("%d: ParsePKCS8PrivateKey returned: %s", i, err) 322 } 323 } 324 } 325 func TestParsePKCS8PrivateKey(t *testing.T) { 326 keyList := []testPrivateKey{ 327 { 328 name: "encryptedRSA2048aes", 329 clear: rsa2048, 330 encrypted: encryptedRSA2048aes, 331 password: "password", 332 }, 333 { 334 name: "encryptedRSA2048des3", 335 clear: rsa2048, 336 encrypted: encryptedRSA2048des3, 337 password: "password", 338 }, 339 { 340 name: "encryptedRSA2048scrypt", 341 clear: rsa2048, 342 encrypted: encryptedRSA2048scrypt, 343 password: "password", 344 }, 345 { 346 name: "encryptedEC256aes", 347 clear: ec256, 348 encrypted: encryptedEC256aes, 349 password: "password", 350 }, 351 { 352 name: "encryptedEC256aes128sha1", 353 clear: ec256, 354 encrypted: encryptedEC256aes128sha1, 355 password: "password", 356 }, 357 { 358 name: "encryptedEC128aes", 359 clear: ec128, 360 encrypted: encryptedEC128aes, 361 password: "password", 362 }, 363 } 364 for i, key := range keyList { 365 t.Run(key.name, func(t *testing.T) { 366 testParsePKCS8PrivateKey(t, i, &key) 367 }) 368 } 369 } 370 371 func TestConvertPrivateKeyToPKCS8(t *testing.T) { 372 for i, password := range [][]byte{nil, []byte("password")} { 373 var args [][]byte 374 if password != nil { 375 args = append(args, password) 376 } 377 rsaPrivateKey, err := rsa.GenerateKey(rand.Reader, 2048) 378 if err != nil { 379 t.Fatalf("%d: GenerateKey returned: %s", i, err) 380 } 381 der, err := pkcs8.ConvertPrivateKeyToPKCS8(rsaPrivateKey, args...) 382 if err != nil { 383 t.Fatalf("%d: ConvertPrivateKeyToPKCS8 returned: %s", i, err) 384 } 385 decodedRSAPrivateKey, err := pkcs8.ParsePKCS8PrivateKey(der, args...) 386 if err != nil { 387 t.Fatalf("%d: ParsePKCS8PrivateKey returned: %s", i, err) 388 } 389 if rsaPrivateKey.D.Cmp(decodedRSAPrivateKey.(*rsa.PrivateKey).D) != 0 { 390 t.Fatalf("%d: Decoded key does not match original key", i) 391 } 392 393 for _, curve := range []elliptic.Curve{ 394 elliptic.P224(), elliptic.P256(), elliptic.P384(), elliptic.P521(), 395 } { 396 ecPrivateKey, err := ecdsa.GenerateKey(curve, rand.Reader) 397 if err != nil { 398 t.Fatalf("%d, %s: GenerateKey returned: %s", i, curve, err) 399 } 400 der, err = pkcs8.ConvertPrivateKeyToPKCS8(ecPrivateKey, args...) 401 if err != nil { 402 t.Fatalf("%d, %s: ConvertPrivateKeyToPKCS8 returned: %s", i, curve, err) 403 } 404 decodedECPrivateKey, err := pkcs8.ParsePKCS8PrivateKey(der, args...) 405 if err != nil { 406 t.Fatalf("%d, %s: ParsePKCS8PrivateKey returned: %s", i, curve, err) 407 } 408 if ecPrivateKey.D.Cmp(decodedECPrivateKey.(*ecdsa.PrivateKey).D) != 0 { 409 t.Fatalf("%d, %s: Decoded key does not match original key", i, curve) 410 } 411 } 412 } 413 } 414 415 func TestMarshalPrivateKey(t *testing.T) { 416 for i, tt := range []struct { 417 password []byte 418 opts *pkcs8.Opts 419 }{ 420 { 421 password: nil, 422 opts: nil, 423 }, 424 { 425 password: []byte("password"), 426 opts: &pkcs8.Opts{ 427 Cipher: pkcs.SM4CBC, 428 KDFOpts: pkcs8.PBKDF2Opts{ 429 SaltSize: 8, IterationCount: 2048, HMACHash: pkcs8.SM3, 430 }, 431 }, 432 }, 433 { 434 password: []byte("password"), 435 opts: &pkcs8.Opts{ 436 Cipher: pkcs.SM4GCM, 437 KDFOpts: pkcs8.PBKDF2Opts{ 438 SaltSize: 8, IterationCount: 2048, HMACHash: pkcs8.SM3, 439 }, 440 }, 441 }, 442 { 443 password: []byte("password"), 444 opts: &pkcs8.Opts{ 445 Cipher: pkcs.AES128CBC, 446 KDFOpts: pkcs8.PBKDF2Opts{ 447 SaltSize: 8, IterationCount: 2048, HMACHash: pkcs8.SHA224, 448 }, 449 }, 450 }, 451 { 452 password: []byte("password"), 453 opts: &pkcs8.Opts{ 454 Cipher: pkcs.AES128CBC, 455 KDFOpts: pkcs8.PBKDF2Opts{ 456 SaltSize: 8, IterationCount: 2048, HMACHash: pkcs8.SHA256, 457 }, 458 }, 459 }, 460 { 461 password: []byte("password"), 462 opts: &pkcs8.Opts{ 463 Cipher: pkcs.AES128CBC, 464 KDFOpts: pkcs8.PBKDF2Opts{ 465 SaltSize: 8, IterationCount: 2048, HMACHash: pkcs8.SHA512, 466 }, 467 }, 468 }, 469 { 470 password: []byte("password"), 471 opts: &pkcs8.Opts{ 472 Cipher: pkcs.AES128CBC, 473 KDFOpts: pkcs8.PBKDF2Opts{ 474 SaltSize: 8, IterationCount: 2048, HMACHash: pkcs8.SHA384, 475 }, 476 }, 477 }, 478 { 479 password: []byte("password"), 480 opts: &pkcs8.Opts{ 481 Cipher: pkcs.AES128CBC, 482 KDFOpts: pkcs8.PBKDF2Opts{ 483 SaltSize: 8, IterationCount: 2048, HMACHash: pkcs8.SHA512_224, 484 }, 485 }, 486 }, 487 { 488 password: []byte("password"), 489 opts: &pkcs8.Opts{ 490 Cipher: pkcs.AES128CBC, 491 KDFOpts: pkcs8.PBKDF2Opts{ 492 SaltSize: 8, IterationCount: 2048, HMACHash: pkcs8.SHA512_256, 493 }, 494 }, 495 }, 496 { 497 password: []byte("password"), 498 opts: &pkcs8.Opts{ 499 Cipher: pkcs.AES192CBC, 500 KDFOpts: pkcs8.PBKDF2Opts{ 501 SaltSize: 8, IterationCount: 1000, HMACHash: pkcs8.SHA256, 502 }, 503 }, 504 }, 505 { 506 password: []byte("password"), 507 opts: &pkcs8.Opts{ 508 Cipher: pkcs.AES256CBC, 509 KDFOpts: pkcs8.PBKDF2Opts{ 510 SaltSize: 16, IterationCount: 2000, HMACHash: pkcs8.SHA256, 511 }, 512 }, 513 }, 514 { 515 password: []byte("password"), 516 opts: &pkcs8.Opts{ 517 Cipher: pkcs.AES128GCM, 518 KDFOpts: pkcs8.PBKDF2Opts{ 519 SaltSize: 8, IterationCount: 2048, HMACHash: pkcs8.SHA256, 520 }, 521 }, 522 }, 523 { 524 password: []byte("password"), 525 opts: &pkcs8.Opts{ 526 Cipher: pkcs.AES192GCM, 527 KDFOpts: pkcs8.PBKDF2Opts{ 528 SaltSize: 8, IterationCount: 10000, HMACHash: pkcs8.SHA256, 529 }, 530 }, 531 }, 532 { 533 password: []byte("password"), 534 opts: &pkcs8.Opts{ 535 Cipher: pkcs.AES256GCM, 536 KDFOpts: pkcs8.PBKDF2Opts{ 537 SaltSize: 16, IterationCount: 16, HMACHash: pkcs8.SHA256, 538 }, 539 }, 540 }, 541 { 542 password: []byte("password"), 543 opts: &pkcs8.Opts{ 544 Cipher: pkcs.DESCBC, 545 KDFOpts: pkcs8.PBKDF2Opts{ 546 SaltSize: 16, IterationCount: 16, HMACHash: pkcs8.SHA1, 547 }, 548 }, 549 }, 550 { 551 password: []byte("password"), 552 opts: &pkcs8.Opts{ 553 Cipher: pkcs.TripleDESCBC, 554 KDFOpts: pkcs8.PBKDF2Opts{ 555 SaltSize: 16, IterationCount: 16, HMACHash: pkcs8.SHA1, 556 }, 557 }, 558 }, 559 { 560 password: []byte("password"), 561 opts: &pkcs8.Opts{ 562 Cipher: pkcs.AES256CBC, 563 KDFOpts: pkcs8.ScryptOpts{ 564 CostParameter: 1 << 2, 565 BlockSize: 8, 566 ParallelizationParameter: 1, 567 SaltSize: 16, 568 }, 569 }, 570 }, 571 } { 572 rsaPrivateKey, err := rsa.GenerateKey(rand.Reader, 2048) 573 if err != nil { 574 t.Fatalf("%d: GenerateKey returned: %s", i, err) 575 } 576 der, err := pkcs8.MarshalPrivateKey(rsaPrivateKey, tt.password, tt.opts) 577 if err != nil { 578 t.Fatalf("%d: MarshalPrivateKey returned: %s", i, err) 579 } 580 decodedRSAPrivateKey, _, err := pkcs8.ParsePrivateKey(der, tt.password) 581 if err != nil { 582 t.Fatalf("%d: ParsePKCS8PrivateKey returned: %s", i, err) 583 } 584 if rsaPrivateKey.D.Cmp(decodedRSAPrivateKey.(*rsa.PrivateKey).D) != 0 { 585 t.Fatalf("%d: Decoded key does not match original key", i) 586 } 587 588 sm2PrivateKey, err := sm2.GenerateKey(rand.Reader) 589 if err != nil { 590 t.Fatalf("%d: GenerateKey returned: %s", i, err) 591 } 592 593 der, err = pkcs8.MarshalPrivateKey(sm2PrivateKey, tt.password, tt.opts) 594 if err != nil { 595 t.Fatalf("%d: MarshalPrivateKey returned: %s", i, err) 596 } 597 598 decodedSM2PrivateKey, err := pkcs8.ParsePKCS8PrivateKeySM2(der, tt.password) 599 if err != nil { 600 t.Fatalf("%d: ParsePKCS8PrivateKey returned: %s", i, err) 601 } 602 if !sm2PrivateKey.Equal(decodedSM2PrivateKey) { 603 t.Fatalf("%d: Decoded key does not match original key", i) 604 } 605 606 sm9SignMasterPrivateKey, err := sm9.GenerateSignMasterKey(rand.Reader) 607 if err != nil { 608 t.Fatalf("%d: GenerateKey returned: %s", i, err) 609 } 610 611 der, err = pkcs8.MarshalPrivateKey(sm9SignMasterPrivateKey, tt.password, tt.opts) 612 if err != nil { 613 t.Fatalf("%d: MarshalPrivateKey returned: %s", i, err) 614 } 615 decodedSM9SignMasterPrivateKey, err := pkcs8.ParseSM9SignMasterPrivateKey(der, tt.password) 616 if err != nil { 617 t.Fatalf("%d: ParseSM9SignMasterPrivateKey returned: %s", i, err) 618 } 619 620 _, err = pkcs8.ParseSM9SignPrivateKey(der, tt.password) 621 if err == nil { 622 t.Fatalf("%d: ParseSM9SignPrivateKey should return error", i) 623 } 624 625 if sm9SignMasterPrivateKey.D.Cmp(decodedSM9SignMasterPrivateKey.D) != 0 { 626 t.Fatalf("%d: Decoded key does not match original key", i) 627 } 628 629 sm9SignPrivateKey, err := sm9SignMasterPrivateKey.GenerateUserKey([]byte("emmansun"), 0x01) 630 if err != nil { 631 t.Fatalf("%d: GenerateUserKey returned: %s", i, err) 632 } 633 der, err = pkcs8.MarshalPrivateKey(sm9SignPrivateKey, tt.password, tt.opts) 634 if err != nil { 635 t.Fatalf("%d: MarshalPrivateKey returned: %s", i, err) 636 } 637 decodedSM9SignPrivateKey, err := pkcs8.ParseSM9SignPrivateKey(der, tt.password) 638 if err != nil { 639 t.Fatalf("%d: ParseSM9SignPrivateKey returned: %s", i, err) 640 } 641 _, err = pkcs8.ParseSM9SignMasterPrivateKey(der, tt.password) 642 if err == nil { 643 t.Fatalf("%d: ParseSM9SignMasterPrivateKey should return error", i) 644 } 645 if !sm9SignPrivateKey.PrivateKey.Equal(decodedSM9SignPrivateKey.PrivateKey) { 646 t.Fatalf("%d: Decoded key does not match original key", i) 647 } 648 649 sm9EncMasterPrivateKey, err := sm9.GenerateEncryptMasterKey(rand.Reader) 650 if err != nil { 651 t.Fatalf("%d: GenerateKey returned: %s", i, err) 652 } 653 654 der, err = pkcs8.MarshalPrivateKey(sm9EncMasterPrivateKey, tt.password, tt.opts) 655 if err != nil { 656 t.Fatalf("%d: MarshalPrivateKey returned: %s", i, err) 657 } 658 decodedSM9EncMasterPrivateKey, err := pkcs8.ParseSM9EncryptMasterPrivateKey(der, tt.password) 659 if err != nil { 660 t.Fatalf("%d: ParseSM9EncryptMasterPrivateKey returned: %s", i, err) 661 } 662 _, err = pkcs8.ParseSM9EncryptPrivateKey(der, tt.password) 663 if err == nil { 664 t.Fatalf("%d: ParseSM9EncryptPrivateKey should return error", i) 665 } 666 if sm9EncMasterPrivateKey.D.Cmp(decodedSM9EncMasterPrivateKey.D) != 0 { 667 t.Fatalf("%d: Decoded key does not match original key", i) 668 } 669 670 sm9EncPrivateKey, err := sm9EncMasterPrivateKey.GenerateUserKey([]byte("emmansun"), 0x02) 671 if err != nil { 672 t.Fatalf("%d: GenerateUserKey returned: %s", i, err) 673 } 674 der, err = pkcs8.MarshalPrivateKey(sm9EncPrivateKey, tt.password, tt.opts) 675 if err != nil { 676 t.Fatalf("%d: MarshalPrivateKey returned: %s", i, err) 677 } 678 decodedSM9EncPrivateKey, err := pkcs8.ParseSM9EncryptPrivateKey(der, tt.password) 679 if err != nil { 680 t.Fatalf("%d: ParseSM9EncryptPrivateKey returned: %s", i, err) 681 } 682 _, err = pkcs8.ParseSM9EncryptMasterPrivateKey(der, tt.password) 683 if err == nil { 684 t.Fatalf("%d: ParseSM9EncryptMasterPrivateKey should return error", i) 685 } 686 if !sm9EncPrivateKey.PrivateKey.Equal(decodedSM9EncPrivateKey.PrivateKey) { 687 t.Fatalf("%d: Decoded key does not match original key", i) 688 } 689 690 for _, curve := range []elliptic.Curve{ 691 elliptic.P224(), elliptic.P256(), elliptic.P384(), elliptic.P521(), 692 } { 693 ecPrivateKey, err := ecdsa.GenerateKey(curve, rand.Reader) 694 if err != nil { 695 t.Fatalf("%d, %s: ConvertPrivateKeyToPKCS8 returned: %s", i, curve, err) 696 } 697 der, err = pkcs8.MarshalPrivateKey(ecPrivateKey, tt.password, tt.opts) 698 if err != nil { 699 t.Fatalf("%d, %s: ConvertPrivateKeyToPKCS8 returned: %s", i, curve, err) 700 } 701 decodedECPrivateKey, _, err := pkcs8.ParsePrivateKey(der, tt.password) 702 if err != nil { 703 t.Fatalf("%d, %s: ParsePKCS8PrivateKey returned: %s", i, curve, err) 704 } 705 if ecPrivateKey.D.Cmp(decodedECPrivateKey.(*ecdsa.PrivateKey).D) != 0 { 706 t.Fatalf("%d, %s: Decoded key does not match original key", i, curve) 707 } 708 } 709 } 710 } 711 712 type unknown int 713 714 func TestUnknownTypeFailure(t *testing.T) { 715 badInput := unknown(0) 716 _, err := pkcs8.ConvertPrivateKeyToPKCS8(badInput, []byte("password")) 717 if err == nil { 718 t.Fatal("expected error") 719 } 720 } 721 722 // for encrypted private-key information 723 type encryptedPrivateKeyInfo struct { 724 EncryptionAlgorithm pkix.AlgorithmIdentifier 725 EncryptedData []byte 726 } 727 728 func TestParseInvalidPrivateKey(t *testing.T) { 729 // test parse pem directly 730 _, err := pkcs8.ParsePKCS8PrivateKeyECDSA([]byte(encryptedEC256aes), []byte("password")) 731 if err == nil || err.Error() != "pkcs8: this method just supports DER-encoded key" { 732 t.Errorf("should be error: pkcs8: this method just supports DER-encoded key") 733 } 734 _, err = pkcs8.ParsePKCS8PrivateKeyECDSA(nil, []byte("password")) 735 if err == nil || err.Error() != "pkcs8: only PKCS #5 v2.0 supported" { 736 t.Errorf("should be error: pkcs8: only PKCS #5 v2.0 supported") 737 } 738 739 var privKey encryptedPrivateKeyInfo 740 privKey.EncryptionAlgorithm.Algorithm = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 5, 2} 741 data, err := asn1.Marshal(privKey) 742 if err != nil { 743 t.Fatal(err) 744 } 745 _, err = pkcs8.ParsePKCS8PrivateKeyECDSA(data, []byte("password")) 746 if err == nil || err.Error() != "pkcs8: only part of PBES1/PBES2 supported" { 747 t.Errorf("should be error: only part of PBES1/PBES2 supported") 748 } 749 750 privKey.EncryptionAlgorithm.Algorithm = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 5, 13} 751 data, err = asn1.Marshal(privKey) 752 if err != nil { 753 t.Fatal(err) 754 } 755 _, err = pkcs8.ParsePKCS8PrivateKeyECDSA(data, []byte("password")) 756 if err == nil || err.Error() != "pkcs8: invalid PBES2 parameters" { 757 t.Errorf("should be error: pkcs8: invalid PBES2 parameters") 758 } 759 } 760 761 func TestParseLegacyPBES1PrivateKey(t *testing.T) { 762 block, _ := pem.Decode([]byte(encryptedPBEWithMD5AndDES)) 763 _, err := pkcs8.ParsePKCS8PrivateKey(block.Bytes, []byte("12345678")) 764 if err != nil { 765 t.Errorf("ParsePKCS8PrivateKey returned: %s", err) 766 } 767 768 block, _ = pem.Decode([]byte(encyptedPBEWithSha1AndDES)) 769 _, err = pkcs8.ParsePKCS8PrivateKey(block.Bytes, []byte("12345678")) 770 if err != nil { 771 t.Errorf("ParsePKCS8PrivateKey returned: %s", err) 772 } 773 774 block, _ = pem.Decode([]byte(encryptedPBEWithSha1AndRC2_64)) 775 _, err = pkcs8.ParsePKCS8PrivateKey(block.Bytes, []byte("12345678")) 776 if err != nil { 777 t.Errorf("ParsePKCS8PrivateKey returned: %s", err) 778 } 779 780 block, _ = pem.Decode([]byte(encryptedPBEWithMD5AndRC2_40)) 781 _, err = pkcs8.ParsePKCS8PrivateKey(block.Bytes, []byte("12345678")) 782 if err != nil { 783 t.Errorf("ParsePKCS8PrivateKey returned: %s", err) 784 } 785 786 _, err = pkcs8.ParsePKCS8PrivateKey(block.Bytes, []byte("wrong pwd")) 787 if err != pkcs.ErrPBEDecryption { 788 t.Errorf("should have failed") 789 } 790 } 791 792 func TestShangMiPBES(t *testing.T) { 793 block, _ := pem.Decode([]byte(encryptedPBEWithMD5AndDES)) 794 priv, err := pkcs8.ParsePKCS8PrivateKey(block.Bytes, []byte("12345678")) 795 if err != nil { 796 t.Errorf("ParsePKCS8PrivateKey returned: %s", err) 797 } 798 799 der, err := pkcs8.MarshalPrivateKey(priv, []byte("12345678"), pkcs.NewSMPBESEncrypter(16, 2048)) 800 if err != nil { 801 t.Fatalf("MarshalPrivateKey returned: %s", err) 802 } 803 _, _, err = pkcs8.ParsePrivateKey(der, []byte("12345678")) 804 if err != nil { 805 t.Fatalf("ParsePrivateKey returned: %s", err) 806 } 807 }