README
¶
S/MIME
This is a partial implementation of S/MIME 4.0 in golang.
It consists of the following packages
- asn11 - ASN.1 marshalling and unmarshalling
- b64 - Pretty base64 encoding for S/MIME (basically just the PEM body)
- cms(cms/protocol)2 - Cryptographic Message Syntax rfc5652
- mime - Parsing for mime/multipart messages needed for S/MIME
- oid3 - ASN.1 object identifiers and related crypto
- openssl - Shelled-out openssl for testing
- pki4 - Creates x.509 pki for testing
- smime Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 rfc5751-bis-12
- timestamp5 - Time-Stamp Protocol (TSP) rfc3161
It supports enveloped data with AES in CBC mode. Decryption also works with (3)DES. Authenticated-Enveloped-Data Content Type is also supported with AES-GCM and ChaCha20-Poly1305. Also RSAES-OAEP and RSASSA-PSS is supported.
This is covered in
- Cryptographic Message Syntax (CMS) Authenticated-Enveloped-Data Content Type rfc5083
- Using ChaCha20-Poly1305 Authenticated Encryption in the Cryptographic Message Syntax (CMS) rfc8103
- Using AES-CCM and AES-GCM Authenticated Encryption in the Cryptographic Message Syntax (CMS) rfc5084
- Use of the RSASSA-PSS Signature Algorithm in Cryptographic Message Syntax (CMS) rfc4056
- Use of the RSAES-OAEP Key Transport Algorithm in the Cryptographic Message Syntax (CMS) rfc3560
Examples
Encryption and decryption
import "github.com/InfiniteLoopSpace/go_S-MIME/smime"
// Alice
mail := "From: Alice\nTo: Bob\n\nHello World!"
SMIME, _ := smime.New()
ciphertext, _ := SMIME.Encrypt([]byte(mail), []*x509.Certificate{Bobcert})
// Bob
BobkeyPair, _ := tls.LoadX509KeyPair("BobCert", "BobKey")
SMIME, _ := smime.New(BobkeyPair)
plaintext, _ := SMIME.Decrypt(ciphertext)
Signing and verfication
import "github.com/InfiniteLoopSpace/go_S-MIME/smime"
// Alice
AlicekeyPair, _ := tls.LoadX509KeyPair("AliceCert", "AliceKey")
mail := "From: Alice\nTo: Bob\n\nHello World!"
SMIME, _ := smime.New(AlicekeyPair)
signedMsg, _ := SMIME.Sign([]byte(mail), []*x509.Certificate{Bobcert})
// Bob
SMIME, _ := smime.New()
plaintext, _ := SMIME.Verify(signedMsg)
Todo
- Testing
Directories
¶
| Path | Synopsis |
|---|---|
|
Package asn1 implements parsing of DER-encoded ASN.1 data structures, as defined in ITU-T Rec X.690.
|
Package asn1 implements parsing of DER-encoded ASN.1 data structures, as defined in ITU-T Rec X.690. |
|
Package b64 encodes base64 and does formating for S/MIME
|
Package b64 encodes base64 and does formating for S/MIME |
|
Package cms contains high level functions for cryptographic message syntax RFC 5652.
|
Package cms contains high level functions for cryptographic message syntax RFC 5652. |
|
protocol
Package protocol implemets parts of cryptographic message syntax RFC 5652.
|
Package protocol implemets parts of cryptographic message syntax RFC 5652. |
|
Package MIME implemets parsing of MIME and MIME/multipart messages needed to verfiy multipart/signed messages
|
Package MIME implemets parsing of MIME and MIME/multipart messages needed to verfiy multipart/signed messages |
|
Package oid contains OIDs that are used by other packages in this repository.
|
Package oid contains OIDs that are used by other packages in this repository. |
|
Package openssl shells out openssl for testing
|
Package openssl shells out openssl for testing |
|
Package pki can create ca's intermediates and certificates
|
Package pki can create ca's intermediates and certificates |
|
Package smime implants parts of the S/MIME 4.0 specification rfc5751-bis-12.
|
Package smime implants parts of the S/MIME 4.0 specification rfc5751-bis-12. |
|
Package timestamp implements the timestamp protocol rfc 3161
|
Package timestamp implements the timestamp protocol rfc 3161 |
Click to show internal directories.
Click to hide internal directories.