예제 #1
func ctxInit(config string, method SSL_METHOD) (SSL_CTX, error) {
	if SSL_library_init() != 1 {
		return nil, errors.New("Unable to initialize libssl")

	ctx := SSL_CTX_new(method)
	if ctx == nil {
		return nil, errors.New("Unable to initialize SSL context")

	SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, nil)
	SSL_CTX_set_verify_depth(ctx, 4)

	return ctx, nil
예제 #2
func main() {
	var (
		plaintext = "My super super super super duper long string to be encrypted"
		ivLen     = 12

		sLen, eLen               int
		encrypted, decrypted, iv string
		bufEncrypt, bufDecrypt   []byte
		ctxEncrypt, ctxDecrypt   crypto.EVP_CIPHER_CTX

	// Setup error strings

	// Add all OpenSSL algorithms

	// Load an OpenSSL config

	// Enable FIPS mode

	// Create new EVP_CIPHER_CTX instances
	ctxEncrypt, ctxDecrypt = crypto.EVP_CIPHER_CTX_new(), crypto.EVP_CIPHER_CTX_new()

	// Panic if either EVP_CIPHER_CTX fails to create
	if ctxEncrypt == nil {
		panic("ctxEncrypt is nil")
	if ctxDecrypt == nil {
		panic("ctxDecrypt is nil")

	// Initialize the EVP_CIPHER_CTX instances

	// Create random IV for nondeterministic encryption
	buf := make([]byte, ivLen)
	_, e := rand.Read(buf)
	if e != nil {
	iv = string(buf)

	// Pass the IV into the encrypted string to be used when decoding
	encrypted = iv

	// Print plaintext string
	fmt.Printf("plaintext: %s\n", plaintext)

		Encrypting a string
	// Initialize the ctxEncrypt context for encryption
	crypto.EVP_EncryptInit_ex(ctxEncrypt, crypto.EVP_aes_256_cbc(), crypto.SwigcptrStruct_SS_engine_st(0), "somekey", iv)

	// Make a buffer with enough size for the plaintext plus one block
	bufEncrypt = make([]byte, len(plaintext)+ctxEncrypt.GetCipher().GetBlock_size())

	// Update the cipher with some content
	crypto.EVP_EncryptUpdate(ctxEncrypt, bufEncrypt, &sLen, plaintext, len(plaintext))

	// Append encrypted data to encrypted string
	encrypted += string(bufEncrypt[:sLen])

	// Finalize the cipher to flush any remaining data
	crypto.EVP_EncryptFinal_ex(ctxEncrypt, bufEncrypt, &eLen)

	// Append any remaining data to the encrypted string
	encrypted += string(bufEncrypt[:eLen])

	// Clean up the EVP_CIPHER_CTX

		Decrypting a string
	// Grab the IV from the encrypted string
	iv = string([]byte(encrypted)[:ivLen])

	// Slice the encrypted string to begin after the iv
	encrypted = encrypted[ivLen:]

	// Initialize the ctxDecrypt context for decryption
	crypto.EVP_DecryptInit_ex(ctxDecrypt, crypto.EVP_aes_256_cbc(), crypto.SwigcptrStruct_SS_engine_st(0), "somekey", iv)

	// Make a buffer the exact size of the encrypted text
	bufDecrypt = make([]byte, len(encrypted))

	// Update the cipher with the encrypted string
	crypto.EVP_DecryptUpdate(ctxDecrypt, bufDecrypt, &sLen, encrypted, len(encrypted))

	// Append decrypted data to decrypted string
	decrypted = string(bufDecrypt[:sLen])

	// Finalize the cipher to flush any remaining data
	crypto.EVP_DecryptFinal_ex(ctxDecrypt, bufDecrypt, &eLen)

	// Append any remaining data to decrypted string
	decrypted += string(bufDecrypt[:eLen])

	// Print decoded string
	fmt.Printf("decrypted: %s\n", decrypted)

	// Clean up the EVP_CIPHER_CTX
예제 #3
	. "github.com/onsi/ginkgo"
	. "github.com/onsi/gomega"

var _ = Describe("ssl", func() {
	Context("Using TLS for connections", func() {

		 * Do some basic initialization
		BeforeEach(func() {

		// AfterEach(func() {
		// SSL_free(ssl)
		// SSL_CTX_free(ctx)
		// })

		Context("Making a client connection", func() {
			var ctx SSL_CTX
			var sslInst SSL
			var conn bio.BIO
			var host, hostport string

			BeforeEach(func() {
				ctx = SSL_CTX_new(SSLv23_method())