// B. Concatenate copies of Ai to create a string B of length v // bits (the final copy of Ai may be truncated to create B). var B []byte


// 1. Construct a string, D (the "diversifier"), by concatenating v/8 // copies of ID. var D []byte


// ErrDecryption represents a failure to decrypt the input. var ErrDecryption = errors.New("pkcs12: decryption error, incorrect padding")


// ErrIncorrectPassword is returned when an incorrect password is detected. // Usually, P12/PFX data is signed to be able to verify the password. var ErrIncorrectPassword = errors.New("pkcs12: decryption password incorrect")


var IjBuf []byte


// Decode extracts a certificate and private key from pfxData. This function // assumes that there is only one certificate and only one private key in the // pfxData; if there are more use ToPEM instead. func Decode(pfxData []byte, password string) (privateKey interface{}, certificate *x509.Certificate, err error)


// ToPEM converts all "safe bags" contained in pfxData to PEM blocks. // Unknown attributes are discarded. // // Note that although the returned PEM blocks for private keys have type // "PRIVATE KEY", the bytes are not encoded according to PKCS #8, but according // to PKCS #1 for RSA keys and SEC 1 for ECDSA keys. func ToPEM(pfxData []byte, password string) ([]*pem.Block, error)