salrashid123 · October 28, 2023 14:59
diff --git a/ekm.go b/ekm.go
 package main

 /*
 Sample that prints the EKM value for a TLS connection:
 https://www.openssl.org/docs/man1.1.1/man3/SSL_export_keying_material.html
 https://github.com/salrashid123/go_mtls_scratchpad/tree/main#exported-key-material
 */

 import (
 	"context"
 	"crypto/tls"
 	"encoding/hex"
 	"io/ioutil"
 	"log"
 	"net"
 	"net/http"
 )

 var (
 	ekm []byte
 )

 func main() {
 	conn, err := tls.Dial("tcp", "httpbin.org:443", &tls.Config{})
 	if err != nil {
 		log.Fatal(err)
 	}
 	cs := conn.ConnectionState()
 	ekm, err = cs.ExportKeyingMaterial("my_nonce", nil, 32)
 	if err != nil {
 		log.Fatal(err)
 	}
 	log.Printf("EKM my_nonce: %s\n", hex.EncodeToString(ekm))

 	tr := &http.Transport{
 		DialTLSContext: func(ctx context.Context, network string, addr string) (net.Conn, error) {
 			return conn, nil
 		},
 	}
 	client := http.Client{
 		Transport: tr,
 	}

 	req, err := http.NewRequest(http.MethodGet, "https://httpbin.org/get", nil)
 	if err != nil {
 		log.Fatal(err)
 	}
 	// do something here with the ekm value...

 	req.Header.Add("ekm", hex.EncodeToString(ekm))
 	resp, err := client.Do(req)
 	if err != nil {
 		log.Fatal(err)
 	}

 	htmlData, err := ioutil.ReadAll(resp.Body)
 	if err != nil {
 		log.Fatal(err)
 	}
 	defer resp.Body.Close()
 	log.Printf("%v\n", resp.Status)
 	log.Printf(string(htmlData))

 }
	package main

	/*
	Sample that prints the EKM value for a TLS connection:
	https://www.openssl.org/docs/man1.1.1/man3/SSL_export_keying_material.html
	https://github.com/salrashid123/go_mtls_scratchpad/tree/main#exported-key-material
	*/

	import (
	"context"
	"crypto/tls"
	"encoding/hex"
	"io/ioutil"
	"log"
	"net"
	"net/http"
	)

	var (
	ekm []byte
	)

	func main() {
	conn, err := tls.Dial("tcp", "httpbin.org:443", &tls.Config{})
	if err != nil {
	log.Fatal(err)
	}
	cs := conn.ConnectionState()
	ekm, err = cs.ExportKeyingMaterial("my_nonce", nil, 32)
	if err != nil {
	log.Fatal(err)
	}
	log.Printf("EKM my_nonce: %s\n", hex.EncodeToString(ekm))

	tr := &http.Transport{
	DialTLSContext: func(ctx context.Context, network string, addr string) (net.Conn, error) {
	return conn, nil
	},
	}
	client := http.Client{
	Transport: tr,
	}

	req, err := http.NewRequest(http.MethodGet, "https://httpbin.org/get", nil)
	if err != nil {
	log.Fatal(err)
	}
	// do something here with the ekm value...

	req.Header.Add("ekm", hex.EncodeToString(ekm))
	resp, err := client.Do(req)
	if err != nil {
	log.Fatal(err)
	}

	htmlData, err := ioutil.ReadAll(resp.Body)
	if err != nil {
	log.Fatal(err)
	}
	defer resp.Body.Close()
	log.Printf("%v\n", resp.Status)
	log.Printf(string(htmlData))

	}