Ever since Google presented their Go language in 2009, its fan base has grown. We use Go for a number of projects that relate to Internet scans of the SSL/TLS protocol. However, Go’s own TLS implementation is incomplete. Meanwhile, OpenSSL remains a de-facto standard library for SSL/TLS, possibly unrivalled in its feature set - but there is no binding for OpenSSL that would support more than skeleton features.
In this project, we will write an OpenSSL binding for Go, possibly using SWIG. We expose the richness of the API and provide an easy custom API to use OpenSSL from within Go. Depending on the kind of project (SSP or Capstone), we also use the new API in a proof-of-concept by replacing the current SSL/TLS calls in our Internet scanner.
This project is coding-heavy. Candidates should be familiar with C or C++ and not afraid of learning new technology from online resources.
Keywords: coding, Internet scans, network security
Advisor(s): Ralph Holz
Suitable for: Capstone SSP/TSP