Monday, January 28, 2013

Integrating OpenSSL crypto functions with Go

In a previous post I pointed to my go-openssl project that provides alternative implementations of crypto/rc4, crypto/md5 and crypto/sha1 based on OpenSSL's libcrypto. To make these easy to use (and to allow Go itself to use them for crypto/tls) I've added a bootstrapping Makefile to the project that builds Go itself with the OpenSSL implementations integrated.

To use it just do make in the integrate directory. It will create a go subdirectory with a full build of the latest version of Go form Mercurial incorporating the OpenSSL implementations. Doing make tester will build a small tester program that exercises the new hash and cipher implementations.

Since this was a slightly complex task (requiring the assistance of minux) I wrote a large comment in the Makefile. If anyone else needs to patch Go itself they might run into similar things:
# This target modifies the Go installation in the following ways:                     
# 1. Copies the native Go md5 implementation and calls it crypto/gomd5                
# 2. Alters cgo so that it uses crypto/gomd5 and fixes gomd5 so that                  
#    it doesn't reference crypto/md5                                                     
# 3. Alters the deps_test.go to recognize that the OpenSSL-linked                     
#    versions of md5, sha1 and rc4 are dependent on the C include.                    
# 4. Modifies the api/except.txt list to cause the change in signature                
#    on the md5, sha1 and rc4 packages to be ignored when testing API                 
#    compatibility (this is necessary because using cgo changes the                   
#    signature even though they are compatible with the existing                      
#    packages)                                                                        
# 5. Deletes the md5block.go and sha1block.go implementations since                   
#    they are not needed.                                                             
# 6. Copies in the OpenSSL md5, sha1 and rc4. 

No comments: