ProyectoGrupal/VerifactuMidAPI/cmd/diagcert/main.go

package main

import (
	"crypto/tls"
	"fmt"
	"os"

	goPkcs12 "software.sslmate.com/src/go-pkcs12"
	stdPkcs12 "golang.org/x/crypto/pkcs12"
)

func main() {
	path := os.Args[1]
	pass := os.Args[2]

	data, err := os.ReadFile(path)
	if err != nil {
		fmt.Printf("ERROR leyendo fichero: %v\n", err)
		os.Exit(1)
	}
	fmt.Printf("Fichero leído: %d bytes\n", len(data))

	// Intento 1: go-pkcs12 Decode (moderno)
	_, cert, err := goPkcs12.Decode(data, pass)
	if err != nil {
		fmt.Printf("go-pkcs12 Decode FALLO: %v\n", err)
	} else {
		fmt.Printf("go-pkcs12 Decode OK: subject=%s, expira=%s\n", cert.Subject.CommonName, cert.NotAfter.Format("2006-01-02"))
	}

	// Intento 2: go-pkcs12 Legacy
	cert2, err := goPkcs12.DecodeTrustStore(data, pass)
	if err != nil {
		fmt.Printf("go-pkcs12 DecodeTrustStore FALLO: %v\n", err)
	} else {
		fmt.Printf("go-pkcs12 DecodeTrustStore OK: %d certs\n", len(cert2))
	}

	// Intento 3: golang.org/x/crypto/pkcs12 (legacy)
	blocks, err := stdPkcs12.ToPEM(data, pass)
	if err != nil {
		fmt.Printf("x/crypto ToPEM FALLO: %v\n", err)
	} else {
		fmt.Printf("x/crypto ToPEM OK: %d bloques PEM\n", len(blocks))
	}

	// Intento 4: tls.X509KeyPair vía x/crypto
	if err == nil {
		var certPEM, keyPEM []byte
		for _, b := range blocks {
			if b.Type == "CERTIFICATE" {
				certPEM = append(certPEM, b.Bytes...)
			} else if b.Type == "PRIVATE KEY" {
				keyPEM = append(keyPEM, b.Bytes...)
			}
		}
		_ = tls.Certificate{}
		fmt.Printf("  cert PEM bytes: %d, key PEM bytes: %d\n", len(certPEM), len(keyPEM))
	}
}
init: monorepo completo — doli-front, dolibarr-bff, VerifactuMidAPI Código real de los 3 proyectos incluido directamente: - doli-front: SPA Vanilla JS + Vite - dolibarr-bff: BFF .NET 10 - VerifactuMidAPI: microservicio Go Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-05-29 14:55:07 +00:00			`package main`

			`import (`
			`"crypto/tls"`
			`"fmt"`
			`"os"`

			`goPkcs12 "software.sslmate.com/src/go-pkcs12"`
			`stdPkcs12 "golang.org/x/crypto/pkcs12"`
			`)`

			`func main() {`
			`path := os.Args[1]`
			`pass := os.Args[2]`

			`data, err := os.ReadFile(path)`
			`if err != nil {`
			`fmt.Printf("ERROR leyendo fichero: %v\n", err)`
			`os.Exit(1)`
			`}`
			`fmt.Printf("Fichero leído: %d bytes\n", len(data))`

			`// Intento 1: go-pkcs12 Decode (moderno)`
			`_, cert, err := goPkcs12.Decode(data, pass)`
			`if err != nil {`
			`fmt.Printf("go-pkcs12 Decode FALLO: %v\n", err)`
			`} else {`
			`fmt.Printf("go-pkcs12 Decode OK: subject=%s, expira=%s\n", cert.Subject.CommonName, cert.NotAfter.Format("2006-01-02"))`
			`}`

			`// Intento 2: go-pkcs12 Legacy`
			`cert2, err := goPkcs12.DecodeTrustStore(data, pass)`
			`if err != nil {`
			`fmt.Printf("go-pkcs12 DecodeTrustStore FALLO: %v\n", err)`
			`} else {`
			`fmt.Printf("go-pkcs12 DecodeTrustStore OK: %d certs\n", len(cert2))`
			`}`

			`// Intento 3: golang.org/x/crypto/pkcs12 (legacy)`
			`blocks, err := stdPkcs12.ToPEM(data, pass)`
			`if err != nil {`
			`fmt.Printf("x/crypto ToPEM FALLO: %v\n", err)`
			`} else {`
			`fmt.Printf("x/crypto ToPEM OK: %d bloques PEM\n", len(blocks))`
			`}`

			`// Intento 4: tls.X509KeyPair vía x/crypto`
			`if err == nil {`
			`var certPEM, keyPEM []byte`
			`for _, b := range blocks {`
			`if b.Type == "CERTIFICATE" {`
			`certPEM = append(certPEM, b.Bytes...)`
			`} else if b.Type == "PRIVATE KEY" {`
			`keyPEM = append(keyPEM, b.Bytes...)`
			`}`
			`}`
			`_ = tls.Certificate{}`
			`fmt.Printf(" cert PEM bytes: %d, key PEM bytes: %d\n", len(certPEM), len(keyPEM))`
			`}`
			`}`