Partial implementation of the S/MIME 4.0 specification draft
Go to file
2022-10-22 13:17:29 +02:00
asn1 fixing 2022-10-22 13:17:29 +02:00
b64 Add base64 encoding for S/MIME 2018-11-14 13:45:02 +01:00
cms cleaning 2022-10-22 12:03:53 +02:00
mime Add support for signing E-Mails and fixed tests. 2018-11-19 14:33:55 +01:00
oid fixing 2022-10-22 13:17:29 +02:00
openssl fixing 2022-10-22 13:17:29 +02:00
pki fixing 2022-10-22 13:17:29 +02:00
smime cleaning 2022-10-22 12:03:53 +02:00
timestamp cleaning 2022-10-22 12:03:53 +02:00
.gitignore Add support for ASN.1 "choice" 2018-11-14 12:36:41 +01:00
go.mod mod init 2022-10-22 12:09:04 +02:00
go.sum mod init 2022-10-22 12:09:04 +02:00
LICENSE.md Add license. 2018-11-16 14:30:10 +01:00
README.md cleaning 2022-10-22 12:03:53 +02:00

S/MIME

This is a partial implementation of S/MIME 4.0 in golang.

It consists of the following packages

  • asn11 - ASN.1 marshalling and unmarshalling
  • b64 - Pretty base64 encoding for S/MIME (basically just the PEM body)
  • cms(cms/protocol)2 - Cryptographic Message Syntax rfc5652
  • mime - Parsing for mime/multipart messages needed for S/MIME
  • oid3 - ASN.1 object identifiers and related crypto
  • openssl - Shelled-out openssl for testing
  • pki4 - Creates x.509 pki for testing
  • smime Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 rfc5751-bis-12
  • timestamp5 - Time-Stamp Protocol (TSP) rfc3161

It supports enveloped data with AES in CBC mode. Decryption also works with (3)DES. Authenticated-Enveloped-Data Content Type is also supported with AES-GCM and ChaCha20-Poly1305. Also RSAES-OAEP and RSASSA-PSS is supported.

This is covered in

  • Cryptographic Message Syntax (CMS) Authenticated-Enveloped-Data Content Type rfc5083
  • Using ChaCha20-Poly1305 Authenticated Encryption in the Cryptographic Message Syntax (CMS) rfc8103
  • Using AES-CCM and AES-GCM Authenticated Encryption in the Cryptographic Message Syntax (CMS) rfc5084
  • Use of the RSASSA-PSS Signature Algorithm in Cryptographic Message Syntax (CMS) rfc4056
  • Use of the RSAES-OAEP Key Transport Algorithm in the Cryptographic Message Syntax (CMS) rfc3560

Examples

Encryption and decryption

import "git.ma-al.com/goc_marek/go_S-MIME/smime"

// Alice
mail := "From: Alice\nTo: Bob\n\nHello World!"
SMIME, _ := smime.New()
ciphertext, _ := SMIME.Encrypt([]byte(mail), []*x509.Certificate{Bobcert})
// Bob
BobkeyPair, _ := tls.LoadX509KeyPair("BobCert", "BobKey")
SMIME, _ := smime.New(BobkeyPair)
plaintext, _ := SMIME.Decrypt(ciphertext)

Signing and verfication

import "git.ma-al.com/goc_marek/go_S-MIME/smime"

// Alice
AlicekeyPair, _ := tls.LoadX509KeyPair("AliceCert", "AliceKey")
mail := "From: Alice\nTo: Bob\n\nHello World!"
SMIME, _ := smime.New(AlicekeyPair)
signedMsg, _ := SMIME.Sign([]byte(mail), []*x509.Certificate{Bobcert})
// Bob
SMIME, _ := smime.New()
plaintext, _ := SMIME.Verify(signedMsg)

Todo

  • Testing