authcms

package module

v1.2.0 Latest Latest Go to latest Published: May 11, 2026 License: MIT Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

codeberg.org/tactsec/authcms

Links

Open Source Insights

README ¶

authcms

Go library for decrypting CMS AuthEnvelopedData (RFC 5083).

Supports:

RSA-OAEP key transport + AES-256-GCM content encryption
ECDH key agreement + AES-256-GCM content encryption
Symmetric key (KEK) with AES-256-KeyWrap + AES-256-GCM content encryption

Go API

import "authcms"

aed, err := ParseAuthEnvelopedData(cms)

// decrypt with RSA or ECDH private key
plaintext, err := aed.Decrypt(key)

// decrypt with symmetric key (KEK)
plaintext, err := aed.DecryptWithKEK(kek, kekID)

Generating test data with OpenSSL

RSA-OAEP

# 1. generate RSA keypair
openssl req -x509 -newkey rsa:2048 -keyout rsa_key.pem -out rsa_cert.pem -days 365 -nodes -subj "/CN=Test"

# 2. encrypt with OAEP
echo -n "secret_string" > ./testdata/plain.txt
openssl cms -encrypt -in ./testdata/plain.txt -out ./testdata/aes256gcm_rsa_oaep.pem \
    -outform PEM -recip ./testdata/rsa_cert.pem -aes-256-gcm \
    -keyopt rsa_padding_mode:oaep \
    -keyopt rsa_oaep_md:sha256

# or with pkcs1.5
openssl cms -encrypt \
    -in ./testdata/plain.txt \
    -out ./testdata/aes256gcm_rsa.pem \
    -outform PEM \
    -recip ./testdata/rsa_cert.pem \
    -aes-256-gcm

# 3. view
openssl cms -cmsout -in ./testdata/aes256gcm_rsa_oaep.pem -inform PEM -noout -print

# 4. decrypt with openssl
openssl cms -decrypt -inform PEM -in ./testdata/aes256gcm_rsa_oaep.pem \
    -out decrypted.txt -recip ./testdata/rsa_cert.pem -inkey ./testdata/rsa_key.pem

ECDH

# 1. generate keypair
openssl ecparam -genkey -name prime256v1 -out ./testdata/ecc_private_key.pem
openssl req -new -x509 -days 365 \
    -key ./testdata/ecc_private_key.pem \
    -out ./testdata/ecc_cert.pem \
    -subj "/CN=ECC Recipient" \
    -addext "keyUsage=keyAgreement,digitalSignature"
    
# 2. encrypt
openssl cms -encrypt -in ./testdata/plain.txt -out ./testdata/aes256gcm_ecdh.pem \
    -outform PEM -recip ./testdata/ecc_cert.pem -aes-256-gcm \
    -keyopt ecdh_kdf_md:sha256 \
    -keyopt ecdh_cofactor_mode:1

# 3. decrypt
openssl cms -decrypt -inform PEM \
    -in ./testdata/aes256gcm_ecdh.pem \
    -out ./testdata/plain_decrypted.txt \
    -inkey ./testdata/ecc_private_key.pem \
    -recip ./testdata/ecc_cert.pem

Symmetric key (KEK)

# 1. generate a 256-bit symmetric key
openssl rand -hex 32
# output: be788673a432901d7f1d9f42380b93c47b06e2b8f132617ae0821a7a45d47fd8

# 2. encrypt
openssl cms -encrypt \
    -in ./testdata/plain.txt -out ./testdata/aes256gcm_kek.pem \
    -secretkey "be788673a432901d7f1d9f42380b93c47b06e2b8f132617ae0821a7a45d47fd8" \
    -secretkeyid "01" -aes-256-gcm -outform PEM
    
# 3. decrypt
openssl cms -decrypt \
    -in auth_pw.pem \
    -inform PEM \
    -secretkey "be788673a432901d7f1d9f42380b93c47b06e2b8f132617ae0821a7a45d47fd8" \
    -secretkeyid "01" \
    -out decrypted.txt

Documentation ¶

Index ¶

type AlgorithmIdentifier
type AuthEnvelopedData
- func ParseAuthEnvelopedData(der []byte) (*AuthEnvelopedData, error)
- func (aed *AuthEnvelopedData) Decrypt(key crypto.PrivateKey) ([]byte, error)
- func (aed *AuthEnvelopedData) DecryptWithKEK(kek []byte, kekID []byte) ([]byte, error)
type EncryptedContentInfo
type KEKRecipientInfo
type KeyAgreeRecipientInfo
type KeyTransRecipientInfo
type RecipientInfo

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AlgorithmIdentifier ¶

type AlgorithmIdentifier struct {
	Algorithm  asn1.ObjectIdentifier
	Parameters asn1.RawValue `asn1:"optional"`
}

type AuthEnvelopedData ¶

type AuthEnvelopedData struct {
	RecipientInfos []RecipientInfo
	EncContentInfo EncryptedContentInfo
	MAC            []byte
	AuthAttrs      []byte
}

func ParseAuthEnvelopedData ¶

func ParseAuthEnvelopedData(der []byte) (*AuthEnvelopedData, error)

func (*AuthEnvelopedData) Decrypt ¶ added in v1.1.0

func (aed *AuthEnvelopedData) Decrypt(key crypto.PrivateKey) ([]byte, error)

func (*AuthEnvelopedData) DecryptWithKEK ¶

func (aed *AuthEnvelopedData) DecryptWithKEK(kek []byte, kekID []byte) ([]byte, error)

type EncryptedContentInfo ¶

type EncryptedContentInfo struct {
	ContentType      asn1.ObjectIdentifier
	ContentEncAlgo   AlgorithmIdentifier
	EncryptedContent []byte `asn1:"optional,tag:0,implicit"`
}

type KEKRecipientInfo ¶

type KEKRecipientInfo struct {
	Version           int
	KEKID             asn1.RawValue
	KeyEncryptionAlgo AlgorithmIdentifier
	EncryptedKey      []byte
}

type KeyAgreeRecipientInfo ¶ added in v1.1.0

type KeyAgreeRecipientInfo struct {
	Version              int
	KeyEncryptionAlgo    AlgorithmIdentifier
	OriginatorPubKeyAlgo asn1.ObjectIdentifier
	OriginatorPubKey     []byte
	EncryptedKey         []byte
}

type KeyTransRecipientInfo ¶

type KeyTransRecipientInfo struct {
	Version           int
	RID               asn1.RawValue
	KeyEncryptionAlgo AlgorithmIdentifier
	EncryptedKey      []byte
}

type RecipientInfo ¶

type RecipientInfo struct {
	Raw   asn1.RawValue
	KTRI  *KeyTransRecipientInfo
	KEKRI *KEKRecipientInfo
	KARI  *KeyAgreeRecipientInfo
}

func (*RecipientInfo) IsKARI ¶ added in v1.1.0

func (ri *RecipientInfo) IsKARI() bool

func (*RecipientInfo) IsKEK ¶

func (ri *RecipientInfo) IsKEK() bool

func (*RecipientInfo) IsKeyTrans ¶

func (ri *RecipientInfo) IsKeyTrans() bool

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL