This commit is contained in:
Marek Goc 2022-10-22 12:03:53 +02:00
parent d9a5f65e09
commit 3dab9a5c1f
21 changed files with 196 additions and 193 deletions

View File

@ -4,15 +4,15 @@ This is a partial implementation of S/MIME 4.0 in golang.
It consists of the following packages It consists of the following packages
- asn1<sup>[1]</sup> - ASN.1 marshalling and unmarshalling [![GoDoc](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/asn1?status.svg)](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/asn1) - asn1<sup>[1]</sup> - ASN.1 marshalling and unmarshalling
- b64 - Pretty base64 encoding for S/MIME (basically just the PEM body) [![GoDoc](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/b64?status.svg)](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/b64) - b64 - Pretty base64 encoding for S/MIME (basically just the PEM body)
- cms(cms/protocol)<sup>[2]</sup> - Cryptographic Message Syntax [rfc5652](https://tools.ietf.org/html/rfc5652)[![GoDoc](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/cms?status.svg)](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/cms) [![GoDoc](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/cms/protocol?status.svg)](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/cms/protocol) - cms(cms/protocol)<sup>[2]</sup> - Cryptographic Message Syntax [rfc5652](https://tools.ietf.org/html/rfc5652)
- mime - Parsing for mime/multipart messages needed for S/MIME [![GoDoc](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/mime?status.svg)](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/mime) - mime - Parsing for mime/multipart messages needed for S/MIME
- oid<sup>[3]</sup> - ASN.1 object identifiers and related crypto [![GoDoc](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/oid?status.svg)](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/oid) - oid<sup>[3]</sup> - ASN.1 object identifiers and related crypto
- openssl - Shelled-out openssl for testing [![GoDoc](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/openssl?status.svg)](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/openssl) - openssl - Shelled-out openssl for testing
- pki<sup>[4]</sup> - Creates x.509 pki for testing [![GoDoc](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/pki?status.svg)](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/pki) - pki<sup>[4]</sup> - Creates x.509 pki for testing
- smime Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 [rfc5751-bis-12](https://tools.ietf.org/html/draft-ietf-lamps-rfc5751-bis-12) [![GoDoc](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/smime?status.svg)](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/smime) - smime Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 [rfc5751-bis-12](https://tools.ietf.org/html/draft-ietf-lamps-rfc5751-bis-12)
- timestamp<sup>[5]</sup> - Time-Stamp Protocol (TSP) [rfc3161](https://tools.ietf.org/html/rfc3161) [![GoDoc](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/timestamp?status.svg)](https://godoc.org/github.com/InfiniteLoopSpace/go_S-MIME/timestamp) - timestamp<sup>[5]</sup> - Time-Stamp Protocol (TSP) [rfc3161](https://tools.ietf.org/html/rfc3161)
It supports enveloped data with AES in CBC mode. Decryption also works with (3)DES. Authenticated-Enveloped-Data Content Type is also supported with AES-GCM and ChaCha20-Poly1305. Also RSAES-OAEP and RSASSA-PSS is supported. It supports enveloped data with AES in CBC mode. Decryption also works with (3)DES. Authenticated-Enveloped-Data Content Type is also supported with AES-GCM and ChaCha20-Poly1305. Also RSAES-OAEP and RSASSA-PSS is supported.
@ -27,7 +27,7 @@ This is covered in
### Encryption and decryption ### Encryption and decryption
```go ```go
import "github.com/InfiniteLoopSpace/go_S-MIME/smime" import "git.ma-al.com/goc_marek/go_S-MIME/smime"
// Alice // Alice
mail := "From: Alice\nTo: Bob\n\nHello World!" mail := "From: Alice\nTo: Bob\n\nHello World!"
@ -41,7 +41,7 @@ plaintext, _ := SMIME.Decrypt(ciphertext)
### Signing and verfication ### Signing and verfication
```go ```go
import "github.com/InfiniteLoopSpace/go_S-MIME/smime" import "git.ma-al.com/goc_marek/go_S-MIME/smime"
// Alice // Alice
AlicekeyPair, _ := tls.LoadX509KeyPair("AliceCert", "AliceKey") AlicekeyPair, _ := tls.LoadX509KeyPair("AliceCert", "AliceKey")

View File

@ -9,9 +9,9 @@ import (
"log" "log"
"time" "time"
protocol "github.com/InfiniteLoopSpace/go_S-MIME/cms/protocol" protocol "git.ma-al.com/goc_marek/go_S-MIME/cms/protocol"
oid "github.com/InfiniteLoopSpace/go_S-MIME/oid" oid "git.ma-al.com/goc_marek/go_S-MIME/oid"
timestamp "github.com/InfiniteLoopSpace/go_S-MIME/timestamp" timestamp "git.ma-al.com/goc_marek/go_S-MIME/timestamp"
) )
// CMS is an instance of cms to en-/decrypt and sign/verfiy CMS data // CMS is an instance of cms to en-/decrypt and sign/verfiy CMS data

View File

@ -12,8 +12,8 @@ import (
"strings" "strings"
"testing" "testing"
openssl "github.com/InfiniteLoopSpace/go_S-MIME/openssl" openssl "git.ma-al.com/goc_marek/go_S-MIME/openssl"
pki "github.com/InfiniteLoopSpace/go_S-MIME/pki" pki "git.ma-al.com/goc_marek/go_S-MIME/pki"
) )
var ( var (

View File

@ -3,7 +3,7 @@ package protocol
import ( import (
"encoding/asn1" "encoding/asn1"
asn "github.com/InfiniteLoopSpace/go_S-MIME/asn1" asn "git.ma-al.com/goc_marek/go_S-MIME/asn1"
) )
// RawValue marshals val and returns the asn1.RawValue // RawValue marshals val and returns the asn1.RawValue

View File

@ -5,19 +5,22 @@ import (
"encoding/asn1" "encoding/asn1"
"log" "log"
asn "github.com/InfiniteLoopSpace/go_S-MIME/asn1" asn "git.ma-al.com/goc_marek/go_S-MIME/asn1"
oid "github.com/InfiniteLoopSpace/go_S-MIME/oid" oid "git.ma-al.com/goc_marek/go_S-MIME/oid"
) )
//AuthEnvelopedData ::= SEQUENCE { // AuthEnvelopedData ::= SEQUENCE {
// version CMSVersion, // version CMSVersion,
// originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL, // originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
// recipientInfos RecipientInfos, // recipientInfos RecipientInfos,
// authEncryptedContentInfo EncryptedContentInfo, // authEncryptedContentInfo EncryptedContentInfo,
/// authAttrs [1] IMPLICIT AuthAttributes OPTIONAL, //
// / authAttrs [1] IMPLICIT AuthAttributes OPTIONAL,
//
// mac MessageAuthenticationCode, // mac MessageAuthenticationCode,
// unauthAttrs [2] IMPLICIT UnauthAttributes OPTIONAL } // unauthAttrs [2] IMPLICIT UnauthAttributes OPTIONAL }
//https://tools.ietf.org/html/rfc5083##section-2.1 //
// https://tools.ietf.org/html/rfc5083##section-2.1
type AuthEnvelopedData struct { type AuthEnvelopedData struct {
Version int Version int
OriginatorInfo asn1.RawValue `asn1:"optional,tag:0"` OriginatorInfo asn1.RawValue `asn1:"optional,tag:0"`

View File

@ -7,13 +7,13 @@ import (
"encoding/asn1" "encoding/asn1"
"fmt" "fmt"
asn "github.com/InfiniteLoopSpace/go_S-MIME/asn1" asn "git.ma-al.com/goc_marek/go_S-MIME/asn1"
"github.com/InfiniteLoopSpace/go_S-MIME/b64" "git.ma-al.com/goc_marek/go_S-MIME/b64"
) )
// ContentInfo ::= SEQUENCE { // ContentInfo ::= SEQUENCE {
// contentType ContentType, // contentType ContentType,
// content [0] EXPLICIT ANY DEFINED BY contentType } // content [0] EXPLICIT ANY DEFINED BY contentType }
// //
// ContentType ::= OBJECT IDENTIFIER // ContentType ::= OBJECT IDENTIFIER
type ContentInfo struct { type ContentInfo struct {

View File

@ -13,7 +13,7 @@ import (
"errors" "errors"
"math/big" "math/big"
"github.com/InfiniteLoopSpace/go_S-MIME/oid" "git.ma-al.com/goc_marek/go_S-MIME/oid"
) )
var errUnsupported = errors.New("Unsupported hash function") var errUnsupported = errors.New("Unsupported hash function")
@ -129,10 +129,10 @@ func encryptKeyECDH(key []byte, recipient *x509.Certificate) (kari KeyAgreeRecip
return return
} }
// ECCCMSSharedInfo ECC-CMS-SharedInfo ::= SEQUENCE { // ECCCMSSharedInfo ECC-CMS-SharedInfo ::= SEQUENCE {
// keyInfo AlgorithmIdentifier, // keyInfo AlgorithmIdentifier,
// entityUInfo [0] EXPLICIT OCTET STRING OPTIONAL, // entityUInfo [0] EXPLICIT OCTET STRING OPTIONAL,
// suppPubInfo [2] EXPLICIT OCTET STRING } // suppPubInfo [2] EXPLICIT OCTET STRING }
type ECCCMSSharedInfo struct { type ECCCMSSharedInfo struct {
KeyInfo pkix.AlgorithmIdentifier KeyInfo pkix.AlgorithmIdentifier
EntityUInfo []byte `asn1:"optional,explicit,tag:0"` EntityUInfo []byte `asn1:"optional,explicit,tag:0"`

View File

@ -4,13 +4,13 @@ import (
"crypto/x509/pkix" "crypto/x509/pkix"
"encoding/asn1" "encoding/asn1"
oid "github.com/InfiniteLoopSpace/go_S-MIME/oid" oid "git.ma-al.com/goc_marek/go_S-MIME/oid"
) )
//EncryptedContentInfo ::= SEQUENCE { // EncryptedContentInfo ::= SEQUENCE {
// contentType ContentType, // contentType ContentType,
// contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier, // contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
// encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL } // encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL }
type EncryptedContentInfo struct { type EncryptedContentInfo struct {
EContentType asn1.ObjectIdentifier EContentType asn1.ObjectIdentifier
ContentEncryptionAlgorithm pkix.AlgorithmIdentifier ContentEncryptionAlgorithm pkix.AlgorithmIdentifier

View File

@ -3,12 +3,12 @@ package protocol
import ( import (
"encoding/asn1" "encoding/asn1"
oid "github.com/InfiniteLoopSpace/go_S-MIME/oid" oid "git.ma-al.com/goc_marek/go_S-MIME/oid"
) )
// EncapsulatedContentInfo ::= SEQUENCE { // EncapsulatedContentInfo ::= SEQUENCE {
// eContentType ContentType, // eContentType ContentType,
// eContent [0] EXPLICIT OCTET STRING OPTIONAL } // eContent [0] EXPLICIT OCTET STRING OPTIONAL }
type EncapsulatedContentInfo struct { type EncapsulatedContentInfo struct {
EContentType asn1.ObjectIdentifier `` // ContentType ::= OBJECT IDENTIFIER EContentType asn1.ObjectIdentifier `` // ContentType ::= OBJECT IDENTIFIER
EContent []byte `asn1:"optional,explicit,tag:0"` // EContent []byte `asn1:"optional,explicit,tag:0"` //

View File

@ -5,16 +5,16 @@ import (
"encoding/asn1" "encoding/asn1"
"log" "log"
asn "github.com/InfiniteLoopSpace/go_S-MIME/asn1" asn "git.ma-al.com/goc_marek/go_S-MIME/asn1"
oid "github.com/InfiniteLoopSpace/go_S-MIME/oid" oid "git.ma-al.com/goc_marek/go_S-MIME/oid"
) )
//EnvelopedData ::= SEQUENCE { // EnvelopedData ::= SEQUENCE {
// version CMSVersion, // version CMSVersion,
// originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL, // originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
// recipientInfos RecipientInfos, // recipientInfos RecipientInfos,
// encryptedContentInfo EncryptedContentInfo, // encryptedContentInfo EncryptedContentInfo,
// unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL } // unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL }
type EnvelopedData struct { type EnvelopedData struct {
Version int Version int
OriginatorInfo asn1.RawValue `asn1:"optional,tag:0"` OriginatorInfo asn1.RawValue `asn1:"optional,tag:0"`

View File

@ -8,7 +8,7 @@ import (
"encoding/asn1" "encoding/asn1"
"errors" "errors"
oid "github.com/InfiniteLoopSpace/go_S-MIME/oid" oid "git.ma-al.com/goc_marek/go_S-MIME/oid"
) )
type pssParameters struct { type pssParameters struct {
@ -103,11 +103,11 @@ func newPSS(hash crypto.Hash, pub *rsa.PublicKey) (signatureAlgorithm pkix.Algor
return return
} }
// RSAESOAEPparams ::= SEQUENCE { // RSAESOAEPparams ::= SEQUENCE {
// hashFunc [0] AlgorithmIdentifier DEFAULT sha1Identifier, // hashFunc [0] AlgorithmIdentifier DEFAULT sha1Identifier,
// maskGenFunc [1] AlgorithmIdentifier DEFAULT mgf1SHA1Identifier, // maskGenFunc [1] AlgorithmIdentifier DEFAULT mgf1SHA1Identifier,
// pSourceFunc [2] AlgorithmIdentifier DEFAULT // pSourceFunc [2] AlgorithmIdentifier DEFAULT
// pSpecifiedEmptyIdentifier } // pSpecifiedEmptyIdentifier }
type RSAESOAEPparams struct { type RSAESOAEPparams struct {
HashFunc pkix.AlgorithmIdentifier `asn1:"optional,explicit,tag:0"` HashFunc pkix.AlgorithmIdentifier `asn1:"optional,explicit,tag:0"`
MaskGenFunc pkix.AlgorithmIdentifier `asn1:"optional,explicit,tag:1"` MaskGenFunc pkix.AlgorithmIdentifier `asn1:"optional,explicit,tag:1"`

View File

@ -13,15 +13,15 @@ import (
"log" "log"
"time" "time"
oid "github.com/InfiniteLoopSpace/go_S-MIME/oid" oid "git.ma-al.com/goc_marek/go_S-MIME/oid"
) )
//RecipientInfo ::= CHOICE { // RecipientInfo ::= CHOICE {
// ktri KeyTransRecipientInfo, // ktri KeyTransRecipientInfo,
// kari [1] KeyAgreeRecipientInfo, // kari [1] KeyAgreeRecipientInfo,
// kekri [2] KEKRecipientInfo, // kekri [2] KEKRecipientInfo,
// pwri [3] PasswordRecipientInfo, // pwri [3] PasswordRecipientInfo,
// ori [4] OtherRecipientInfo } // ori [4] OtherRecipientInfo }
type RecipientInfo struct { type RecipientInfo struct {
KTRI KeyTransRecipientInfo `asn1:"optional"` KTRI KeyTransRecipientInfo `asn1:"optional"`
KARI KeyAgreeRecipientInfo `asn1:"optional,tag:1"` //KeyAgreeRecipientInfo KARI KeyAgreeRecipientInfo `asn1:"optional,tag:1"` //KeyAgreeRecipientInfo
@ -42,11 +42,11 @@ func (recInfo *RecipientInfo) decryptKey(keyPair tls.Certificate) (key []byte, e
return return
} }
//KeyTransRecipientInfo ::= SEQUENCE { // KeyTransRecipientInfo ::= SEQUENCE {
// version CMSVersion, -- always set to 0 or 2 // version CMSVersion, -- always set to 0 or 2
// rid RecipientIdentifier, // rid RecipientIdentifier,
// keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, // keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
// encryptedKey EncryptedKey } // encryptedKey EncryptedKey }
type KeyTransRecipientInfo struct { type KeyTransRecipientInfo struct {
Version int Version int
Rid RecipientIdentifier `asn1:"choice"` Rid RecipientIdentifier `asn1:"choice"`
@ -112,9 +112,9 @@ func (ktri *KeyTransRecipientInfo) decryptKey(keyPair tls.Certificate) (key []by
return nil, nil return nil, nil
} }
//RecipientIdentifier ::= CHOICE { // RecipientIdentifier ::= CHOICE {
// issuerAndSerialNumber IssuerAndSerialNumber, // issuerAndSerialNumber IssuerAndSerialNumber,
// subjectKeyIdentifier [0] SubjectKeyIdentifier } // subjectKeyIdentifier [0] SubjectKeyIdentifier }
type RecipientIdentifier struct { type RecipientIdentifier struct {
IAS IssuerAndSerialNumber `asn1:"optional"` IAS IssuerAndSerialNumber `asn1:"optional"`
SKI []byte `asn1:"optional,tag:0"` SKI []byte `asn1:"optional,tag:0"`
@ -191,12 +191,12 @@ func encryptKeyRSA(key []byte, recipient *x509.Certificate) (ktri KeyTransRecipi
// ErrUnsupportedAlgorithm is returned if the algorithm is unsupported. // ErrUnsupportedAlgorithm is returned if the algorithm is unsupported.
var ErrUnsupportedAlgorithm = errors.New("cms: cannot decrypt data: unsupported algorithm") var ErrUnsupportedAlgorithm = errors.New("cms: cannot decrypt data: unsupported algorithm")
//KeyAgreeRecipientInfo ::= SEQUENCE { // KeyAgreeRecipientInfo ::= SEQUENCE {
// version CMSVersion, -- always set to 3 // version CMSVersion, -- always set to 3
// originator [0] EXPLICIT OriginatorIdentifierOrKey, // originator [0] EXPLICIT OriginatorIdentifierOrKey,
// ukm [1] EXPLICIT UserKeyingMaterial OPTIONAL, // ukm [1] EXPLICIT UserKeyingMaterial OPTIONAL,
// keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, // keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
// recipientEncryptedKeys RecipientEncryptedKeys } // recipientEncryptedKeys RecipientEncryptedKeys }
type KeyAgreeRecipientInfo struct { type KeyAgreeRecipientInfo struct {
Version int Version int
Originator OriginatorIdentifierOrKey `asn1:"explicit,choice,tag:0"` Originator OriginatorIdentifierOrKey `asn1:"explicit,choice,tag:0"`
@ -205,53 +205,53 @@ type KeyAgreeRecipientInfo struct {
RecipientEncryptedKeys []RecipientEncryptedKey `asn1:"sequence"` //RecipientEncryptedKeys ::= SEQUENCE OF RecipientEncryptedKey RecipientEncryptedKeys []RecipientEncryptedKey `asn1:"sequence"` //RecipientEncryptedKeys ::= SEQUENCE OF RecipientEncryptedKey
} }
//OriginatorIdentifierOrKey ::= CHOICE { // OriginatorIdentifierOrKey ::= CHOICE {
// issuerAndSerialNumber IssuerAndSerialNumber, // issuerAndSerialNumber IssuerAndSerialNumber,
// subjectKeyIdentifier [0] SubjectKeyIdentifier, // subjectKeyIdentifier [0] SubjectKeyIdentifier,
// originatorKey [1] OriginatorPublicKey } // originatorKey [1] OriginatorPublicKey }
type OriginatorIdentifierOrKey struct { type OriginatorIdentifierOrKey struct {
IAS IssuerAndSerialNumber `asn1:"optional"` IAS IssuerAndSerialNumber `asn1:"optional"`
SKI []byte `asn1:"optional,tag:0"` SKI []byte `asn1:"optional,tag:0"`
OriginatorKey OriginatorPublicKey `asn1:"optional,tag:1"` OriginatorKey OriginatorPublicKey `asn1:"optional,tag:1"`
} }
//OriginatorPublicKey ::= SEQUENCE { // OriginatorPublicKey ::= SEQUENCE {
// algorithm AlgorithmIdentifier, // algorithm AlgorithmIdentifier,
// publicKey BIT STRING // publicKey BIT STRING
type OriginatorPublicKey struct { type OriginatorPublicKey struct {
Algorithm pkix.AlgorithmIdentifier Algorithm pkix.AlgorithmIdentifier
PublicKey asn1.BitString PublicKey asn1.BitString
} }
//RecipientEncryptedKey ::= SEQUENCE { // RecipientEncryptedKey ::= SEQUENCE {
// rid KeyAgreeRecipientIdentifier, // rid KeyAgreeRecipientIdentifier,
// encryptedKey EncryptedKey } // encryptedKey EncryptedKey }
type RecipientEncryptedKey struct { type RecipientEncryptedKey struct {
RID KeyAgreeRecipientIdentifier `asn1:"choice"` RID KeyAgreeRecipientIdentifier `asn1:"choice"`
EncryptedKey []byte EncryptedKey []byte
} }
//KeyAgreeRecipientIdentifier ::= CHOICE { // KeyAgreeRecipientIdentifier ::= CHOICE {
// issuerAndSerialNumber IssuerAndSerialNumber, // issuerAndSerialNumber IssuerAndSerialNumber,
// rKeyId [0] IMPLICIT RecipientKeyIdentifier } // rKeyId [0] IMPLICIT RecipientKeyIdentifier }
type KeyAgreeRecipientIdentifier struct { type KeyAgreeRecipientIdentifier struct {
IAS IssuerAndSerialNumber `asn1:"optional"` IAS IssuerAndSerialNumber `asn1:"optional"`
RKeyID RecipientKeyIdentifier `asn1:"optional,tag:0"` RKeyID RecipientKeyIdentifier `asn1:"optional,tag:0"`
} }
//RecipientKeyIdentifier ::= SEQUENCE { // RecipientKeyIdentifier ::= SEQUENCE {
// subjectKeyIdentifier SubjectKeyIdentifier, // subjectKeyIdentifier SubjectKeyIdentifier,
// date GeneralizedTime OPTIONAL, // date GeneralizedTime OPTIONAL,
// other OtherKeyAttribute OPTIONAL } // other OtherKeyAttribute OPTIONAL }
type RecipientKeyIdentifier struct { type RecipientKeyIdentifier struct {
SubjectKeyIdentifier []byte //SubjectKeyIdentifier ::= OCTET STRING SubjectKeyIdentifier []byte //SubjectKeyIdentifier ::= OCTET STRING
Date time.Time `asn1:"optional"` Date time.Time `asn1:"optional"`
Other OtherKeyAttribute `asn1:"optional"` Other OtherKeyAttribute `asn1:"optional"`
} }
//OtherKeyAttribute ::= SEQUENCE { // OtherKeyAttribute ::= SEQUENCE {
// keyAttrId OBJECT IDENTIFIER, // keyAttrId OBJECT IDENTIFIER,
// keyAttr ANY DEFINED BY keyAttrId OPTIONAL } // keyAttr ANY DEFINED BY keyAttrId OPTIONAL }
type OtherKeyAttribute struct { type OtherKeyAttribute struct {
KeyAttrID asn1.ObjectIdentifier KeyAttrID asn1.ObjectIdentifier
KeyAttr asn1.RawValue `asn1:"optional"` KeyAttr asn1.RawValue `asn1:"optional"`

View File

@ -17,8 +17,8 @@ import (
"net/http" "net/http"
"time" "time"
asn "github.com/InfiniteLoopSpace/go_S-MIME/asn1" asn "git.ma-al.com/goc_marek/go_S-MIME/asn1"
oid "github.com/InfiniteLoopSpace/go_S-MIME/oid" oid "git.ma-al.com/goc_marek/go_S-MIME/oid"
) )
// SignedDataContent returns SignedData if ContentType is SignedData. // SignedDataContent returns SignedData if ContentType is SignedData.
@ -37,13 +37,13 @@ func (ci ContentInfo) SignedDataContent() (*SignedData, error) {
return sd, nil return sd, nil
} }
// SignedData ::= SEQUENCE { // SignedData ::= SEQUENCE {
// version CMSVersion, // version CMSVersion,
// digestAlgorithms DigestAlgorithmIdentifiers, // digestAlgorithms DigestAlgorithmIdentifiers,
// encapContentInfo EncapsulatedContentInfo, // encapContentInfo EncapsulatedContentInfo,
// certificates [0] IMPLICIT CertificateSet OPTIONAL, // certificates [0] IMPLICIT CertificateSet OPTIONAL,
// crls [1] IMPLICIT RevocationInfoChoices OPTIONAL, // crls [1] IMPLICIT RevocationInfoChoices OPTIONAL,
// signerInfos SignerInfos } // signerInfos SignerInfos }
type SignedData struct { type SignedData struct {
Version int `` // CMSVersion ::= INTEGER { v0(0), v1(1), v2(2), v3(3), v4(4), v5(5) } Version int `` // CMSVersion ::= INTEGER { v0(0), v1(1), v2(2), v3(3), v4(4), v5(5) }
DigestAlgorithms []pkix.AlgorithmIdentifier `asn1:"set"` //DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier //DigestAlgorithmIdentifier ::= AlgorithmIdentifier DigestAlgorithms []pkix.AlgorithmIdentifier `asn1:"set"` //DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier //DigestAlgorithmIdentifier ::= AlgorithmIdentifier
@ -53,37 +53,37 @@ type SignedData struct {
SignerInfos []SignerInfo `asn1:"set"` // SignerInfos ::= SET OF SignerInfo SignerInfos []SignerInfo `asn1:"set"` // SignerInfos ::= SET OF SignerInfo
} }
// CertificateChoices ::= CHOICE { // CertificateChoices ::= CHOICE {
// certificate Certificate, // certificate Certificate,
// extendedCertificate [0] IMPLICIT ExtendedCertificate, -- Obsolete // extendedCertificate [0] IMPLICIT ExtendedCertificate, -- Obsolete
// v1AttrCert [1] IMPLICIT AttributeCertificateV1, -- Obsolete // v1AttrCert [1] IMPLICIT AttributeCertificateV1, -- Obsolete
// v2AttrCert [2] IMPLICIT AttributeCertificateV2, // v2AttrCert [2] IMPLICIT AttributeCertificateV2,
// other [3] IMPLICIT OtherCertificateFormat } // other [3] IMPLICIT OtherCertificateFormat }
type CertificateChoices struct { type CertificateChoices struct {
Cert x509.Certificate `asn1:"optional"` Cert x509.Certificate `asn1:"optional"`
V2AttrCert asn1.RawValue `asn1:"optional,tag:2"` V2AttrCert asn1.RawValue `asn1:"optional,tag:2"`
Other OtherCertificateFormat `asn1:"optional,tag:3"` Other OtherCertificateFormat `asn1:"optional,tag:3"`
} }
// OtherCertificateFormat ::= SEQUENCE { // OtherCertificateFormat ::= SEQUENCE {
// otherCertFormat OBJECT IDENTIFIER, // otherCertFormat OBJECT IDENTIFIER,
// otherCert ANY DEFINED BY otherCertFormat } // otherCert ANY DEFINED BY otherCertFormat }
type OtherCertificateFormat struct { type OtherCertificateFormat struct {
OtherCertFormat asn1.ObjectIdentifier OtherCertFormat asn1.ObjectIdentifier
OtherCert asn1.RawValue OtherCert asn1.RawValue
} }
// RevocationInfoChoice ::= CHOICE { // RevocationInfoChoice ::= CHOICE {
// crl CertificateList, // crl CertificateList,
// other [1] IMPLICIT OtherRevocationInfoFormat } // other [1] IMPLICIT OtherRevocationInfoFormat }
type RevocationInfoChoice struct { type RevocationInfoChoice struct {
Crl pkix.CertificateList `asn1:"optional"` Crl pkix.CertificateList `asn1:"optional"`
Other OtherRevocationInfoFormat `asn1:"optional,tag:1"` Other OtherRevocationInfoFormat `asn1:"optional,tag:1"`
} }
// OtherRevocationInfoFormat ::= SEQUENCE { // OtherRevocationInfoFormat ::= SEQUENCE {
// otherRevInfoFormat OBJECT IDENTIFIER, // otherRevInfoFormat OBJECT IDENTIFIER,
// otherRevInfo ANY DEFINED BY otherRevInfoFormat } // otherRevInfo ANY DEFINED BY otherRevInfoFormat }
type OtherRevocationInfoFormat struct { type OtherRevocationInfoFormat struct {
OtherRevInfoFormat asn1.ObjectIdentifier OtherRevInfoFormat asn1.ObjectIdentifier
OtherRevInfo asn1.RawValue OtherRevInfo asn1.RawValue

View File

@ -9,18 +9,18 @@ import (
"fmt" "fmt"
"time" "time"
asn "github.com/InfiniteLoopSpace/go_S-MIME/asn1" asn "git.ma-al.com/goc_marek/go_S-MIME/asn1"
oid "github.com/InfiniteLoopSpace/go_S-MIME/oid" oid "git.ma-al.com/goc_marek/go_S-MIME/oid"
) )
// SignerInfo ::= SEQUENCE { // SignerInfo ::= SEQUENCE {
// version CMSVersion, // version CMSVersion,
// sid SignerIdentifier, // sid SignerIdentifier,
// digestAlgorithm DigestAlgorithmIdentifier, // digestAlgorithm DigestAlgorithmIdentifier,
// signedAttrs [0] IMPLICIT SignedAttributes OPTIONAL, // signedAttrs [0] IMPLICIT SignedAttributes OPTIONAL,
// signatureAlgorithm SignatureAlgorithmIdentifier, // signatureAlgorithm SignatureAlgorithmIdentifier,
// signature SignatureValue, // signature SignatureValue,
// unsignedAttrs [1] IMPLICIT UnsignedAttributes OPTIONAL } // unsignedAttrs [1] IMPLICIT UnsignedAttributes OPTIONAL }
type SignerInfo struct { type SignerInfo struct {
Version int `` // CMSVersion ::= INTEGER { v0(0), v1(1), v2(2), v3(3), v4(4), v5(5) } Version int `` // CMSVersion ::= INTEGER { v0(0), v1(1), v2(2), v3(3), v4(4), v5(5) }
SID SignerIdentifier `asn1:"choice"` // SID SignerIdentifier `asn1:"choice"` //
@ -31,9 +31,9 @@ type SignerInfo struct {
UnsignedAttrs []Attribute `asn1:"set,optional,tag:1"` // UnsignedAttributes ::= SET SIZE (1..MAX) OF Attribute UnsignedAttrs []Attribute `asn1:"set,optional,tag:1"` // UnsignedAttributes ::= SET SIZE (1..MAX) OF Attribute
} }
//SignerIdentifier ::= CHOICE { // SignerIdentifier ::= CHOICE {
// issuerAndSerialNumber IssuerAndSerialNumber, // issuerAndSerialNumber IssuerAndSerialNumber,
// subjectKeyIdentifier [0] SubjectKeyIdentifier } // subjectKeyIdentifier [0] SubjectKeyIdentifier }
type SignerIdentifier struct { type SignerIdentifier struct {
IAS IssuerAndSerialNumber `asn1:"optional"` IAS IssuerAndSerialNumber `asn1:"optional"`
SKI []byte `asn1:"optional,tag:0"` SKI []byte `asn1:"optional,tag:0"`

View File

@ -13,12 +13,12 @@ import (
"log" "log"
"strings" "strings"
"github.com/InfiniteLoopSpace/go_S-MIME/oid" "git.ma-al.com/goc_marek/go_S-MIME/oid"
"github.com/InfiniteLoopSpace/go_S-MIME/b64" "git.ma-al.com/goc_marek/go_S-MIME/b64"
cms "github.com/InfiniteLoopSpace/go_S-MIME/cms" cms "git.ma-al.com/goc_marek/go_S-MIME/cms"
mime "github.com/InfiniteLoopSpace/go_S-MIME/mime" mime "git.ma-al.com/goc_marek/go_S-MIME/mime"
) )
// SMIME is an instance of cms to en-/decrypt and sign/verfiy SMIME messages // SMIME is an instance of cms to en-/decrypt and sign/verfiy SMIME messages

View File

@ -11,9 +11,9 @@ import (
"strings" "strings"
"testing" "testing"
"github.com/InfiniteLoopSpace/go_S-MIME/cms" "git.ma-al.com/goc_marek/go_S-MIME/cms"
"github.com/InfiniteLoopSpace/go_S-MIME/openssl" "git.ma-al.com/goc_marek/go_S-MIME/openssl"
"github.com/InfiniteLoopSpace/go_S-MIME/pki" "git.ma-al.com/goc_marek/go_S-MIME/pki"
) )
var ( var (
@ -233,7 +233,7 @@ vCunrnVNqcBU+B1O8BiR4yPWnLMcRSyFRVJQA7HCp8JlDV6abXd8vPFfXuC9WN7rOvTKF8
Y0ZB9qANMAsGA1UdDzEEAwIAEA== Y0ZB9qANMAsGA1UdDzEEAwIAEA==
-----END PRIVATE KEY-----` -----END PRIVATE KEY-----`
//https://github.com/fullsailor/pkcs7/issues/9 // https://github.com/fullsailor/pkcs7/issues/9
func TestSampleiTunesReceipt(t *testing.T) { func TestSampleiTunesReceipt(t *testing.T) {
b, err := base64.StdEncoding.DecodeString(strings.TrimSpace(iTunesReceipt)) b, err := base64.StdEncoding.DecodeString(strings.TrimSpace(iTunesReceipt))
@ -359,7 +359,7 @@ VZXl0gKgxSOmDrcp1eQxdlymzrPv9U60wUJ0bkPfrU9qZj3mJrmrkQk61JTe3j6/
QfjfFBG9JG2mUmYQP1KQ3SypGHzDW8vngvsGu//tNU0NFfOqQu4bYU4VpQl0nPtD QfjfFBG9JG2mUmYQP1KQ3SypGHzDW8vngvsGu//tNU0NFfOqQu4bYU4VpQl0nPtD
4B85NkrgvQsWAQ==` 4B85NkrgvQsWAQ==`
//https://github.com/fullsailor/pkcs7/issues/11 // https://github.com/fullsailor/pkcs7/issues/11
func TestSCEP(t *testing.T) { func TestSCEP(t *testing.T) {
b, err := base64.StdEncoding.DecodeString(SCEP) b, err := base64.StdEncoding.DecodeString(SCEP)

View File

@ -6,28 +6,28 @@ import (
"math/big" "math/big"
"time" "time"
asn "github.com/InfiniteLoopSpace/go_S-MIME/asn1" asn "git.ma-al.com/goc_marek/go_S-MIME/asn1"
cms "github.com/InfiniteLoopSpace/go_S-MIME/cms/protocol" cms "git.ma-al.com/goc_marek/go_S-MIME/cms/protocol"
oid "github.com/InfiniteLoopSpace/go_S-MIME/oid" oid "git.ma-al.com/goc_marek/go_S-MIME/oid"
) )
// TSTInfo ::= SEQUENCE { // TSTInfo ::= SEQUENCE {
// version INTEGER { v1(1) }, // version INTEGER { v1(1) },
// policy TSAPolicyId, // policy TSAPolicyId,
// messageImprint MessageImprint, // messageImprint MessageImprint,
// -- MUST have the same value as the similar field in // -- MUST have the same value as the similar field in
// -- TimeStampReq // -- TimeStampReq
// serialNumber INTEGER, // serialNumber INTEGER,
// -- Time-Stamping users MUST be ready to accommodate integers // -- Time-Stamping users MUST be ready to accommodate integers
// -- up to 160 bits. // -- up to 160 bits.
// genTime GeneralizedTime, // genTime GeneralizedTime,
// accuracy Accuracy OPTIONAL, // accuracy Accuracy OPTIONAL,
// ordering BOOLEAN DEFAULT FALSE, // ordering BOOLEAN DEFAULT FALSE,
// nonce INTEGER OPTIONAL, // nonce INTEGER OPTIONAL,
// -- MUST be present if the similar field was present // -- MUST be present if the similar field was present
// -- in TimeStampReq. In that case it MUST have the same value. // -- in TimeStampReq. In that case it MUST have the same value.
// tsa [0] GeneralName OPTIONAL, // tsa [0] GeneralName OPTIONAL,
// extensions [1] IMPLICIT Extensions OPTIONAL } // extensions [1] IMPLICIT Extensions OPTIONAL }
type TSTInfo struct { type TSTInfo struct {
Version int Version int
Policy asn1.ObjectIdentifier Policy asn1.ObjectIdentifier

View File

@ -5,13 +5,13 @@ import (
"fmt" "fmt"
"strings" "strings"
cms "github.com/InfiniteLoopSpace/go_S-MIME/cms/protocol" cms "git.ma-al.com/goc_marek/go_S-MIME/cms/protocol"
) )
// PKIStatusInfo ::= SEQUENCE { // PKIStatusInfo ::= SEQUENCE {
// status PKIStatus, // status PKIStatus,
// statusString PKIFreeText OPTIONAL, // statusString PKIFreeText OPTIONAL,
// failInfo PKIFailureInfo OPTIONAL } // failInfo PKIFailureInfo OPTIONAL }
type PKIStatusInfo struct { type PKIStatusInfo struct {
Status int Status int
StatusString PKIFreeText `asn1:"optional"` StatusString PKIFreeText `asn1:"optional"`

View File

@ -12,19 +12,19 @@ import (
"encoding/asn1" "encoding/asn1"
"math/big" "math/big"
cms "github.com/InfiniteLoopSpace/go_S-MIME/cms/protocol" cms "git.ma-al.com/goc_marek/go_S-MIME/cms/protocol"
oid "github.com/InfiniteLoopSpace/go_S-MIME/oid" oid "git.ma-al.com/goc_marek/go_S-MIME/oid"
) )
// TimeStampReq ::= SEQUENCE { // TimeStampReq ::= SEQUENCE {
// version INTEGER { v1(1) }, // version INTEGER { v1(1) },
// messageImprint MessageImprint, // messageImprint MessageImprint,
// --a hash algorithm OID and the hash value of the data to be // --a hash algorithm OID and the hash value of the data to be
// --time-stamped // --time-stamped
// reqPolicy TSAPolicyId OPTIONAL, // reqPolicy TSAPolicyId OPTIONAL,
// nonce INTEGER OPTIONAL, // nonce INTEGER OPTIONAL,
// certReq BOOLEAN DEFAULT FALSE, // certReq BOOLEAN DEFAULT FALSE,
// extensions [0] IMPLICIT Extensions OPTIONAL } // extensions [0] IMPLICIT Extensions OPTIONAL }
type TimeStampReq struct { type TimeStampReq struct {
Version int Version int
MessageImprint MessageImprint MessageImprint MessageImprint
@ -93,9 +93,9 @@ func (req TimeStampReq) Do(url string) (TimeStampResp, error) {
return ParseResponse(buf.Bytes()) return ParseResponse(buf.Bytes())
} }
//MessageImprint ::= SEQUENCE { // MessageImprint ::= SEQUENCE {
// hashAlgorithm AlgorithmIdentifier, // hashAlgorithm AlgorithmIdentifier,
// hashedMessage OCTET STRING } // hashedMessage OCTET STRING }
type MessageImprint struct { type MessageImprint struct {
HashAlgorithm pkix.AlgorithmIdentifier HashAlgorithm pkix.AlgorithmIdentifier
HashedMessage []byte HashedMessage []byte

View File

@ -1,13 +1,13 @@
package timestamp package timestamp
import ( import (
asn "github.com/InfiniteLoopSpace/go_S-MIME/asn1" asn "git.ma-al.com/goc_marek/go_S-MIME/asn1"
cms "github.com/InfiniteLoopSpace/go_S-MIME/cms/protocol" cms "git.ma-al.com/goc_marek/go_S-MIME/cms/protocol"
) )
//TimeStampResp ::= SEQUENCE { // TimeStampResp ::= SEQUENCE {
// status PKIStatusInfo, // status PKIStatusInfo,
// timeStampToken TimeStampToken OPTIONAL } // timeStampToken TimeStampToken OPTIONAL }
type TimeStampResp struct { type TimeStampResp struct {
Status PKIStatusInfo Status PKIStatusInfo
TimeStampToken cms.ContentInfo `asn1:"optional"` TimeStampToken cms.ContentInfo `asn1:"optional"`

View File

@ -6,9 +6,9 @@ import (
"crypto/x509" "crypto/x509"
"time" "time"
asn1 "github.com/InfiniteLoopSpace/go_S-MIME/asn1" asn1 "git.ma-al.com/goc_marek/go_S-MIME/asn1"
cms "github.com/InfiniteLoopSpace/go_S-MIME/cms/protocol" cms "git.ma-al.com/goc_marek/go_S-MIME/cms/protocol"
oid "github.com/InfiniteLoopSpace/go_S-MIME/oid" oid "git.ma-al.com/goc_marek/go_S-MIME/oid"
) )
const ( const (