Esempio n. 1
0
func ctxInit(config string, method SSL_METHOD) (SSL_CTX, error) {
	SSL_load_error_strings()
	if SSL_library_init() != 1 {
		return nil, errors.New("Unable to initialize libssl")
	}
	crypto.OPENSSL_config(config)

	ctx := SSL_CTX_new(method)
	if ctx == nil {
		return nil, errors.New("Unable to initialize SSL context")
	}

	SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, nil)
	SSL_CTX_set_verify_depth(ctx, 4)

	return ctx, nil
}
Esempio n. 2
0
func main() {
	var (
		plaintext = "My super super super super duper long string to be encrypted"
		ivLen     = 12

		sLen, eLen               int
		encrypted, decrypted, iv string
		bufEncrypt, bufDecrypt   []byte
		ctxEncrypt, ctxDecrypt   crypto.EVP_CIPHER_CTX
	)

	// Setup error strings
	crypto.ERR_load_crypto_strings()

	// Add all OpenSSL algorithms
	crypto.OpenSSL_add_all_algorithms()

	// Load an OpenSSL config
	crypto.OPENSSL_config("")

	// Enable FIPS mode
	crypto.FIPS_mode_set(1)

	// Create new EVP_CIPHER_CTX instances
	ctxEncrypt, ctxDecrypt = crypto.EVP_CIPHER_CTX_new(), crypto.EVP_CIPHER_CTX_new()

	// Panic if either EVP_CIPHER_CTX fails to create
	if ctxEncrypt == nil {
		panic("ctxEncrypt is nil")
	}
	if ctxDecrypt == nil {
		panic("ctxDecrypt is nil")
	}

	// Initialize the EVP_CIPHER_CTX instances
	crypto.EVP_CIPHER_CTX_init(ctxEncrypt)
	crypto.EVP_CIPHER_CTX_init(ctxDecrypt)

	// Create random IV for nondeterministic encryption
	buf := make([]byte, ivLen)
	_, e := rand.Read(buf)
	if e != nil {
		panic(e)
	}
	iv = string(buf)

	// Pass the IV into the encrypted string to be used when decoding
	encrypted = iv

	// Print plaintext string
	fmt.Printf("plaintext: %s\n", plaintext)

	/*
		Encrypting a string
	*/
	// Initialize the ctxEncrypt context for encryption
	crypto.EVP_EncryptInit_ex(ctxEncrypt, crypto.EVP_aes_256_cbc(), crypto.SwigcptrStruct_SS_engine_st(0), "somekey", iv)

	// Make a buffer with enough size for the plaintext plus one block
	bufEncrypt = make([]byte, len(plaintext)+ctxEncrypt.GetCipher().GetBlock_size())

	// Update the cipher with some content
	crypto.EVP_EncryptUpdate(ctxEncrypt, bufEncrypt, &sLen, plaintext, len(plaintext))

	// Append encrypted data to encrypted string
	encrypted += string(bufEncrypt[:sLen])

	// Finalize the cipher to flush any remaining data
	crypto.EVP_EncryptFinal_ex(ctxEncrypt, bufEncrypt, &eLen)

	// Append any remaining data to the encrypted string
	encrypted += string(bufEncrypt[:eLen])

	// Clean up the EVP_CIPHER_CTX
	crypto.EVP_CIPHER_CTX_cleanup(ctxEncrypt)

	/*
		Decrypting a string
	*/
	// Grab the IV from the encrypted string
	iv = string([]byte(encrypted)[:ivLen])

	// Slice the encrypted string to begin after the iv
	encrypted = encrypted[ivLen:]

	// Initialize the ctxDecrypt context for decryption
	crypto.EVP_DecryptInit_ex(ctxDecrypt, crypto.EVP_aes_256_cbc(), crypto.SwigcptrStruct_SS_engine_st(0), "somekey", iv)

	// Make a buffer the exact size of the encrypted text
	bufDecrypt = make([]byte, len(encrypted))

	// Update the cipher with the encrypted string
	crypto.EVP_DecryptUpdate(ctxDecrypt, bufDecrypt, &sLen, encrypted, len(encrypted))

	// Append decrypted data to decrypted string
	decrypted = string(bufDecrypt[:sLen])

	// Finalize the cipher to flush any remaining data
	crypto.EVP_DecryptFinal_ex(ctxDecrypt, bufDecrypt, &eLen)

	// Append any remaining data to decrypted string
	decrypted += string(bufDecrypt[:eLen])

	// Print decoded string
	fmt.Printf("decrypted: %s\n", decrypted)

	// Clean up the EVP_CIPHER_CTX
	crypto.EVP_CIPHER_CTX_cleanup(ctxDecrypt)
}
Esempio n. 3
0
	"github.com/IBM-Bluemix/golang-openssl-wrapper/bio"
	"github.com/IBM-Bluemix/golang-openssl-wrapper/crypto"
	. "github.com/onsi/ginkgo"
	. "github.com/onsi/gomega"
)

var _ = Describe("ssl", func() {
	Context("Using TLS for connections", func() {

		/*
		 * Do some basic initialization
		 */
		BeforeEach(func() {
			SSL_load_error_strings()
			Expect(SSL_library_init()).To(Equal(1))
			crypto.OPENSSL_config("")
		})

		// AfterEach(func() {
		// SSL_free(ssl)
		// SSL_CTX_free(ctx)
		// })

		Context("Making a client connection", func() {
			var ctx SSL_CTX
			var sslInst SSL
			var conn bio.BIO
			var host, hostport string

			BeforeEach(func() {
				ctx = SSL_CTX_new(SSLv23_method())