- block, data := pem.Decode(data)
- if block == nil {
- err = errors.New("can not decode PEM")
- return
- }
- data = block.Bytes
- switch block.Type {
- case "PRIVATE KEY":
- prv, err = x509.ParsePKCS8PrivateKey(data)
- case "EC PRIVATE KEY":
- prv, err = x509.ParseECPrivateKey(data)
- default:
- err = errors.New("non PRIVATE KEY found in PEM")
+ var block *pem.Block
+ for len(data) > 0 {
+ block, data = pem.Decode(data)
+ if block == nil {
+ continue
+ }
+ switch block.Type {
+ case "PRIVATE KEY":
+ prv, err = x509.ParsePKCS8PrivateKey(block.Bytes)
+ return
+ case "EC PRIVATE KEY":
+ prv, err = x509.ParseECPrivateKey(block.Bytes)
+ return
+ }