salrashid123/ekm.go

## ekm.go
package main

/*
Sample that prints the EKM value for a TLS connection:
 https://www.openssl.org/docs/man1.1.1/man3/SSL_export_keying_material.html
 https://github.com/salrashid123/go_mtls_scratchpad/tree/main#exported-key-material
*/

import (
	"context"
	"crypto/tls"
	"encoding/hex"
	"io/ioutil"
	"log"
	"net"
	"net/http"
)

var (
	ekm []byte
)

func main() {
	conn, err := tls.Dial("tcp", "httpbin.org:443", &tls.Config{})
	if err != nil {
		log.Fatal(err)
	}
	cs := conn.ConnectionState()
	ekm, err = cs.ExportKeyingMaterial("my_nonce", nil, 32)
	if err != nil {
		log.Fatal(err)
	}
	log.Printf("EKM my_nonce: %s\n", hex.EncodeToString(ekm))

	tr := &http.Transport{
		DialTLSContext: func(ctx context.Context, network string, addr string) (net.Conn, error) {
			return conn, nil
		},
	}
	client := http.Client{
		Transport: tr,
	}

	req, err := http.NewRequest(http.MethodGet, "https://httpbin.org/get", nil)
	if err != nil {
		log.Fatal(err)
	}
	// do something here with the ekm value...

	req.Header.Add("ekm", hex.EncodeToString(ekm))
	resp, err := client.Do(req)
	if err != nil {
		log.Fatal(err)
	}

	htmlData, err := ioutil.ReadAll(resp.Body)
	if err != nil {
		log.Fatal(err)
	}
	defer resp.Body.Close()
	log.Printf("%v\n", resp.Status)
	log.Printf(string(htmlData))

}
	package main

	/*
	Sample that prints the EKM value for a TLS connection:
	https://www.openssl.org/docs/man1.1.1/man3/SSL_export_keying_material.html
	https://github.com/salrashid123/go_mtls_scratchpad/tree/main#exported-key-material
	*/

	import (
	"context"
	"crypto/tls"
	"encoding/hex"
	"io/ioutil"
	"log"
	"net"
	"net/http"
	)

	var (
	ekm []byte
	)

	func main() {
	conn, err := tls.Dial("tcp", "httpbin.org:443", &tls.Config{})
	if err != nil {
	log.Fatal(err)
	}
	cs := conn.ConnectionState()
	ekm, err = cs.ExportKeyingMaterial("my_nonce", nil, 32)
	if err != nil {
	log.Fatal(err)
	}
	log.Printf("EKM my_nonce: %s\n", hex.EncodeToString(ekm))

	tr := &http.Transport{
	DialTLSContext: func(ctx context.Context, network string, addr string) (net.Conn, error) {
	return conn, nil
	},
	}
	client := http.Client{
	Transport: tr,
	}

	req, err := http.NewRequest(http.MethodGet, "https://httpbin.org/get", nil)
	if err != nil {
	log.Fatal(err)
	}
	// do something here with the ekm value...

	req.Header.Add("ekm", hex.EncodeToString(ekm))
	resp, err := client.Do(req)
	if err != nil {
	log.Fatal(err)
	}

	htmlData, err := ioutil.ReadAll(resp.Body)
	if err != nil {
	log.Fatal(err)
	}
	defer resp.Body.Close()
	log.Printf("%v\n", resp.Status)
	log.Printf(string(htmlData))

	}