goc_marek/go_S-MIME
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
Partial implementation of the S/MIME 4.0 specification draft
17 Commits 1 Branch 2 Tags 137 KiB
Go 100%
58514b0041
Go to file
InfiniteLoopSpace 58514b0041 Added README; additional tests and fixes for them.
2018-11-20 15:03:05 +01:00
asn1 Added README; additional tests and fixes for them. 2018-11-20 15:03:05 +01:00
b64 Add base64 encoding for S/MIME 2018-11-14 13:45:02 +01:00
cms Added README; additional tests and fixes for them. 2018-11-20 15:03:05 +01:00
mime Add support for signing E-Mails and fixed tests. 2018-11-19 14:33:55 +01:00
oid Add license. 2018-11-16 14:30:10 +01:00
openssl Add support for signing E-Mails and fixed tests. 2018-11-19 14:33:55 +01:00
pki Add support for signing E-Mails and fixed tests. 2018-11-19 14:33:55 +01:00
smime Added README; additional tests and fixes for them. 2018-11-20 15:03:05 +01:00
timestamp Added support for Time-Stamp Protocol; fork of https://github.com/mastahyeti/cms/tree/master/timestamp. 2018-11-16 13:57:11 +01:00
.gitignore Add support for ASN.1 "choice" 2018-11-14 12:36:41 +01:00
LICENSE.md Add license. 2018-11-16 14:30:10 +01:00
README.md Added README; additional tests and fixes for them. 2018-11-20 15:03:05 +01:00

README.md

S/MIME

This is a partial implementation of S/MIME 4.0 in golang.

It consists of the following packages

  • asn11 - ASN.1 marshalling and unmarshalling GoDoc
  • b64 - Pretty base64 encoding for S/MIME (basically just the PEM body) GoDoc
  • cms(cms/protocol)2 - Cryptographic Message Syntax rfc5652GoDoc GoDoc
  • mime - Parsing for mime/multipart messages needed for S/MIME GoDoc
  • oid3 - ASN.1 object identifiers and related crypto GoDoc
  • openssl - Shelled-out openssl for testing GoDoc
  • pki4 - Creates x.509 pki for testing GoDoc
  • smime Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 rfc5751-bis-12 GoDoc
  • timestamp5 - Time-Stamp Protocol (TSP) rfc3161 GoDoc

It supports enveloped data with AES in CBC mode. Decryption also works with (3)DES. Authenticated-Enveloped-Data Content Type is also supported with AES-GCM and ChaCha20-Poly1305.

This is covered in

  • Cryptographic Message Syntax (CMS) Authenticated-Enveloped-Data Content Type rfc5083
  • Using ChaCha20-Poly1305 Authenticated Encryption in the Cryptographic Message Syntax (CMS) rfc8103
  • Using AES-CCM and AES-GCM Authenticated Encryption in the Cryptographic Message Syntax (CMS) [rfc5084](https://tools.ietf.org/html/rfc 5084)

Examples

Encryption and decryption

import "github.com/InfiniteLoopSpace/go_S-MIME/smime"

// Alice
mail := "From: Alice\nTo: Bob\n\nHello World!"
SMIME, _ := smime.New()
ciphertext, _ := SMIME.Encrypt([]byte(mail), []*x509.Certificate{Bobcert})
// Bob
BobkeyPair, _ := tls.LoadX509KeyPair("BobCert", "BobKey")
SMIME, _ := smime.New(BobkeyPair)
plaintext, _ := SMIME.Decrypt(ciphertext)

Signing and verfication

import "github.com/InfiniteLoopSpace/go_S-MIME/smime"

// Alice
AlicekeyPair, _ := tls.LoadX509KeyPair("AliceCert", "AliceKey")
mail := "From: Alice\nTo: Bob\n\nHello World!"
SMIME, _ := smime.New(AlicekeyPair)
signedMsg, _ := SMIME.Sign([]byte(mail), []*x509.Certificate{Bobcert})
// Bob
SMIME, _ := smime.New()
plaintext, _ := SMIME.Verify(signedMsg)

Todo

  • Add S/MIME capabilities attributes
  • Add ECDH for encryption and decryption
  • Testing