Not decodeing Base64 encoded PK12 kubernetes.io/tls secret from Hashicorp Vault

[jcdoes]

What steps did you take and what happened:

I created a secret provider class here:

 - apiVersion: secrets-store.csi.x-k8s.io/v1
   kind: SecretProviderClass
     name: phpipam-pz-helm-phpipam-tls-cert
     namespace: phpipam
   spec:
     parameters:
       objects: "- objectName: \"cert\"\n  secretPath: \"kv/prod/cert/ipam.pz.lan/cert\"\n
         \ secretKey: \"cert\"\n  content: \n- objectName: \"key\"\n  secretPath: \"kv/prod/cert/ipam.pz.lan/key\"\n
         \ secretKey: \"cert\"\n  content: \n- objectName: \"pks12\"\n  secretPath:
         \"kv/prod/cert/ipam.pz.lan/pks12\"\n  secretKey: \"pks12\"\n  content:
         \"base64\"\n"
       roleName: kube-core-role
       vaultAddress: https://vault.pz.lan:8200
       vaultAuthMountPath: kube-core
     provider: vault
     secretObjects:
     - data:
       - key: tls.crt
         objectName: pks12
       - key: tls.key
         objectName: pks12
       secretName: ipam.pz.lan-tls
       type: kubernetes.io/tls

I created a deployment:

 volumeMounts:
    - mountPath: /mnt/secrets-store
      name: secrets-store-inline
      readOnly: true
  volumes:
  - csi:
      driver: secrets-store.csi.k8s.io
      readOnly: true
      volumeAttributes:
        secretProviderClass: phpipam-pz-helm-phpipam-tls-cert
     name: secrets-store-inline

I get a pod error:

Warning FailedToCreateSecret 0s (x12 over 10s) csi-secrets-store-controller failed to get data in spc phpipam/phpipam-pz-helm-phpipam-tls-cert for secret ipam.pz.lan-tls, err: failed to get cert data from file /var/lib/kubelet/pods/bf544c8a-7804-4976-ba6f-614177cab8fa/volumes/kubernetes.io~csi/secrets-store-inline/mount/..data/pks12, err: pkcs12: error reading P12 data: asn1: structure error: tags don't match (16 vs {class:1 tag:13 length:73 isCompound:false}) {optional:false explicit:false application:false private:false defaultValue:<nil> tag:<nil> stringType:0 timeType:0 set:false omitEmpty:false} pfxPdu @2 Warning FailedToCreateSecret 0s (x12 over 10s) csi-secrets-store-controller failed to get data in spc phpipam/phpipam-pz-helm-phpipam-tls-cert for secret ipam.pz.lan-tls, err: failed to get cert data from file /var/lib/kubelet/pods/bf544c8a-7804-4976-ba6f-614177cab8fa/volumes/kubernetes.io~csi/secrets-store-inline/mount/..data/pks12, err: pkcs12: error reading P12 data: asn1: structure error: tags don't match (16 vs {class:1 tag:13 length:73 isCompound:false}) {optional:false explicit:false application:false private:false defaultValue:<nil> tag:<nil> stringType:0 timeType:0 set:false omitEmpty:false} pfxPdu @2 Warning FailedToCreateSecret 0s (x12 over 10s) csi-secrets-store-controller failed to get data in spc phpipam/phpipam-pz-helm-phpipam-tls-cert for secret ipam.pz.lan-tls, err: failed to get cert data from file /var/lib/kubelet/pods/bf544c8a-7804-4976-ba6f-614177cab8fa/volumes/kubernetes.io~csi/secrets-store-inline/mount/..data/pks12, err: pkcs12: error reading P12 data: asn1: structure error: tags don't match (16 vs {class:1 tag:13 length:73 isCompound:false}) {optional:false explicit:false application:false private:false defaultValue:<nil> tag:<nil> stringType:0 timeType:0 set:false omitEmpty:false} pfxPdu @2

I checked the file in /var/lib/kubelet/pods/bf544c8a-7804-4976-ba6f-614177cab8fa/volumes/kubernetes.io~csi/secrets-store-inline/mount/..data/pks12 and it is populated with my PK12 in Base64 format.

What did you expect to happen:

I was expecting the driver to decode base64 before looking at the PK12 file.

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

Which provider are you using:
HashiCorp Vault, I've searched their issues tracker and having found anything of use.

Environment:

• Secrets Store CSI Driver version: (use the image tag):
  secrets-store-csi-driver-1.4.6

• Kubernetes version: (use kubectl version):
  Client Version: v1.31.3
  Kustomize Version: v5.4.2
  Server Version: v1.31.3