Partial implementation of the S/MIME 4.0 specification draft
Go to file
2018-12-21 14:43:59 +01:00
asn1 Added support for ECDH in enveloped data with ECDSA certificates. 2018-12-10 17:18:29 +01:00
b64 Add base64 encoding for S/MIME 2018-11-14 13:45:02 +01:00
cms Added support for RSASSA-PSS and RSAES-OAEP. 2018-12-21 14:43:59 +01:00
mime Add support for signing E-Mails and fixed tests. 2018-11-19 14:33:55 +01:00
oid Added support for RSASSA-PSS and RSAES-OAEP. 2018-12-21 14:43:59 +01:00
openssl Added support for RSASSA-PSS and RSAES-OAEP. 2018-12-21 14:43:59 +01:00
pki Added support for RSASSA-PSS and RSAES-OAEP. 2018-12-21 14:43:59 +01:00
smime Added support for RSASSA-PSS and RSAES-OAEP. 2018-12-21 14:43:59 +01:00
timestamp Added support for Time-Stamp Protocol; fork of https://github.com/mastahyeti/cms/tree/master/timestamp. 2018-11-16 13:57:11 +01:00
.gitignore Add support for ASN.1 "choice" 2018-11-14 12:36:41 +01:00
LICENSE.md Add license. 2018-11-16 14:30:10 +01:00
README.md Added support for RSASSA-PSS and RSAES-OAEP. 2018-12-21 14:43:59 +01:00

S/MIME

This is a partial implementation of S/MIME 4.0 in golang.

It consists of the following packages

  • asn11 - ASN.1 marshalling and unmarshalling GoDoc
  • b64 - Pretty base64 encoding for S/MIME (basically just the PEM body) GoDoc
  • cms(cms/protocol)2 - Cryptographic Message Syntax rfc5652GoDoc GoDoc
  • mime - Parsing for mime/multipart messages needed for S/MIME GoDoc
  • oid3 - ASN.1 object identifiers and related crypto GoDoc
  • openssl - Shelled-out openssl for testing GoDoc
  • pki4 - Creates x.509 pki for testing GoDoc
  • smime Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 rfc5751-bis-12 GoDoc
  • timestamp5 - Time-Stamp Protocol (TSP) rfc3161 GoDoc

It supports enveloped data with AES in CBC mode. Decryption also works with (3)DES. Authenticated-Enveloped-Data Content Type is also supported with AES-GCM and ChaCha20-Poly1305. Also RSAES-OAEP and RSASSA-PSS is supported.

This is covered in

  • Cryptographic Message Syntax (CMS) Authenticated-Enveloped-Data Content Type rfc5083
  • Using ChaCha20-Poly1305 Authenticated Encryption in the Cryptographic Message Syntax (CMS) rfc8103
  • Using AES-CCM and AES-GCM Authenticated Encryption in the Cryptographic Message Syntax (CMS) rfc5084
  • Use of the RSASSA-PSS Signature Algorithm in Cryptographic Message Syntax (CMS) rfc4056
  • Use of the RSAES-OAEP Key Transport Algorithm in the Cryptographic Message Syntax (CMS) rfc3560

Examples

Encryption and decryption

import "github.com/InfiniteLoopSpace/go_S-MIME/smime"

// Alice
mail := "From: Alice\nTo: Bob\n\nHello World!"
SMIME, _ := smime.New()
ciphertext, _ := SMIME.Encrypt([]byte(mail), []*x509.Certificate{Bobcert})
// Bob
BobkeyPair, _ := tls.LoadX509KeyPair("BobCert", "BobKey")
SMIME, _ := smime.New(BobkeyPair)
plaintext, _ := SMIME.Decrypt(ciphertext)

Signing and verfication

import "github.com/InfiniteLoopSpace/go_S-MIME/smime"

// Alice
AlicekeyPair, _ := tls.LoadX509KeyPair("AliceCert", "AliceKey")
mail := "From: Alice\nTo: Bob\n\nHello World!"
SMIME, _ := smime.New(AlicekeyPair)
signedMsg, _ := SMIME.Sign([]byte(mail), []*x509.Certificate{Bobcert})
// Bob
SMIME, _ := smime.New()
plaintext, _ := SMIME.Verify(signedMsg)

Todo

  • Testing