pkcs12: add a note suggesting ToPEM for multiple certificates/keys

Updates golang/go#14015

Change-Id: Iffe73540c5d74e4b3d0664035a1bdce5b47663ee
Reviewed-on: https://go-review.googlesource.com/c/160258
Reviewed-by: Bryan C. Mills <[email protected]>

Author: FiloSottile

Diff for: pkcs12/pkcs12.go

@@ -103,7 +103,7 @@ func unmarshal(in []byte, out interface{}) error {
 	return nil
 }
 
-// ConvertToPEM converts all "safe bags" contained in pfxData to PEM blocks.
+// ToPEM converts all "safe bags" contained in pfxData to PEM blocks.
 func ToPEM(pfxData []byte, password string) ([]*pem.Block, error) {
 	encodedPassword, err := bmpString(password)
 	if err != nil {
@@ -211,7 +211,7 @@ func convertAttribute(attribute *pkcs12Attribute) (key, value string, err error)
 
 // Decode extracts a certificate and private key from pfxData. This function
 // assumes that there is only one certificate and only one private key in the
-// pfxData.
+// pfxData; if there are more use ToPEM instead.
 func Decode(pfxData []byte, password string) (privateKey interface{}, certificate *x509.Certificate, err error) {
 	encodedPassword, err := bmpString(password)
 	if err != nil {