abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-05-07 00:46:17 +08:00
Code Issues Packages Projects Releases Wiki Activity

修改License

Browse Source
This commit is contained in:
Simon
2022-08-25 22:42:11 -07:00
parent 16b39da60b
commit 0b4308b948
268 changed files with 67247 additions and 67015 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
demos/cademo.sh
View File

@@ -1,22 +1,22 @@
#!/bin/bash
gmssl sm2keygen -pass 1234 -out rootcakey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign
gmssl certparse -in rootcacert.pem
gmssl sm2keygen -pass 1234 -out cakey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -days 3650 -key cakey.pem -pass 1234 -out careq.pem
gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem
gmssl certparse -in cacert.pem
gmssl sm2keygen -pass 1234 -out signkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem
gmssl sm2keygen -pass 1234 -out enckey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key enckey.pem -pass 1234 -out encreq.pem
gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem
gmssl certparse -in enccert.pem
#!/bin/bash
gmssl sm2keygen -pass 1234 -out rootcakey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign
gmssl certparse -in rootcacert.pem
gmssl sm2keygen -pass 1234 -out cakey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -days 3650 -key cakey.pem -pass 1234 -out careq.pem
gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem
gmssl certparse -in cacert.pem
gmssl sm2keygen -pass 1234 -out signkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem
gmssl sm2keygen -pass 1234 -out enckey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key enckey.pem -pass 1234 -out encreq.pem
gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem
gmssl certparse -in enccert.pem

68
demos/certdemo.sh
View File

@@ -1,34 +1,34 @@
#!/bin/bash
gmssl sm2keygen -pass 1234 -out rootcakey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign
gmssl certparse -in rootcacert.pem
gmssl sm2keygen -pass 1234 -out cakey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -days 3650 -key cakey.pem -pass 1234 -out careq.pem
gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem
gmssl certparse -in cacert.pem
gmssl sm2keygen -pass 1234 -out signkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem
gmssl sm2keygen -pass 1234 -out enckey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key enckey.pem -pass 1234 -out encreq.pem
gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem
gmssl certparse -in enccert.pem
cat signcert.pem > certs.pem
cat cacert.pem >> certs.pem
gmssl certverify -in certs.pem -cacert rootcacert.pem
cat signcert.pem > dbl_certs.pem
cat enccert.pem >> dbl_certs.pem
cat cacert.pem >> dbl_certs.pem
gmssl certverify -double_certs -in dbl_certs.pem -cacert rootcacert.pem
#!/bin/bash
gmssl sm2keygen -pass 1234 -out rootcakey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign
gmssl certparse -in rootcacert.pem
gmssl sm2keygen -pass 1234 -out cakey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -days 3650 -key cakey.pem -pass 1234 -out careq.pem
gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem
gmssl certparse -in cacert.pem
gmssl sm2keygen -pass 1234 -out signkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem
gmssl sm2keygen -pass 1234 -out enckey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key enckey.pem -pass 1234 -out encreq.pem
gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem
gmssl certparse -in enccert.pem
cat signcert.pem > certs.pem
cat cacert.pem >> certs.pem
gmssl certverify -in certs.pem -cacert rootcacert.pem
cat signcert.pem > dbl_certs.pem
cat enccert.pem >> dbl_certs.pem
cat cacert.pem >> dbl_certs.pem
gmssl certverify -double_certs -in dbl_certs.pem -cacert rootcacert.pem

34
demos/cmsdemo.sh
View File

@@ -1,17 +1,17 @@
#!/bin/bash
gmssl sm2keygen -pass 1234 -out key.pem -pubout keypub.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Alice -key_usage dataEncipherment -days 365 -key key.pem -pass 1234 -out cert.pem
echo "<html>The plaintext message.</html>" > plain.txt
gmssl cmsencrypt -in plain.txt -rcptcert cert.pem -out enveloped_data.pem
gmssl cmsparse -in enveloped_data.pem
gmssl cmsdecrypt -key key.pem -pass 1234 -cert cert.pem -in enveloped_data.pem
gmssl cmssign -key key.pem -pass 1234 -cert cert.pem -in plain.txt -out signed_data.pem
gmssl cmsparse -in signed_data.pem
gmssl cmsverify -in signed_data.pem -out signed_data.txt
cat signed_data.txt
#!/bin/bash
gmssl sm2keygen -pass 1234 -out key.pem -pubout keypub.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Alice -key_usage dataEncipherment -days 365 -key key.pem -pass 1234 -out cert.pem
echo "<html>The plaintext message.</html>" > plain.txt
gmssl cmsencrypt -in plain.txt -rcptcert cert.pem -out enveloped_data.pem
gmssl cmsparse -in enveloped_data.pem
gmssl cmsdecrypt -key key.pem -pass 1234 -cert cert.pem -in enveloped_data.pem
gmssl cmssign -key key.pem -pass 1234 -cert cert.pem -in plain.txt -out signed_data.pem
gmssl cmsparse -in signed_data.pem
gmssl cmsverify -in signed_data.pem -out signed_data.txt
cat signed_data.txt

10
demos/pbkdf2demo.sh
View File

@@ -1,5 +1,5 @@
#!/bin/bash
gmssl pbkdf2 -pass 1234 -salt 1122334455667788 -iter 60000 -outlen 16
#!/bin/bash
gmssl pbkdf2 -pass 1234 -salt 1122334455667788 -iter 60000 -outlen 16

38
demos/reqdemo.sh
View File

@@ -1,19 +1,19 @@
#!/bin/bash -x
# generate self-signed CA certificate
gmssl sm2keygen -pass 1234 -out cakey.pem -pubout pubkey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN CA -days 365 -key cakey.pem -pass 1234 -out cacert.pem
gmssl certparse -in cacert.pem
# generate a req and sign by CA certificate
gmssl sm2keygen -pass 1234 -out signkey.pem -pubout pubkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Alice -days 365 -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem
# sign a encryption certificate with the same DN, different KeyUsage extension
gmssl sm2keygen -pass 1234 -out enckey.pem -pubout pubkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Alice -days 365 -key enckey.pem -pass 1234 -out encreq.pem
gmssl reqsign -in encreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem
gmssl certparse -in enccert.pem
#!/bin/bash -x
# generate self-signed CA certificate
gmssl sm2keygen -pass 1234 -out cakey.pem -pubout pubkey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN CA -days 365 -key cakey.pem -pass 1234 -out cacert.pem
gmssl certparse -in cacert.pem
# generate a req and sign by CA certificate
gmssl sm2keygen -pass 1234 -out signkey.pem -pubout pubkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Alice -days 365 -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem
# sign a encryption certificate with the same DN, different KeyUsage extension
gmssl sm2keygen -pass 1234 -out enckey.pem -pubout pubkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Alice -days 365 -key enckey.pem -pass 1234 -out encreq.pem
gmssl reqsign -in encreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem
gmssl certparse -in enccert.pem

36
demos/sm2/Makefile
View File

@@ -1,18 +1,18 @@
all:
cc sm2_keygen_demo.c -lgmssl -o sm2_keygen_demo
cc sm2_private_key_demo.c -lgmssl -o sm2_private_key_demo
cc sm2_private_key_parse_demo.c -lgmssl -o sm2_private_key_parse_demo
cc sm2_public_key_demo.c -lgmssl -o sm2_public_key_demo
cc sm2_sign_demo.c -lgmssl -o sm2_sign_demo
cc sm2_sign_ctx_demo.c -lgmssl -o sm2_sign_ctx_demo
cc sm2_encrypt_demo.c -lgmssl -o sm2_encrypt_demo
clear:
rm -fr sm2_keygen_demo
rm -fr sm2_private_key_demo
rm -fr sm2_private_key_parse_demo
rm -fr sm2_public_key_demo
rm -fr sm2_sign_demo
rm -fr sm2_sign_ctx_demo
rm -fr sm2_encrypt_demo
all:
cc sm2_keygen_demo.c -lgmssl -o sm2_keygen_demo
cc sm2_private_key_demo.c -lgmssl -o sm2_private_key_demo
cc sm2_private_key_parse_demo.c -lgmssl -o sm2_private_key_parse_demo
cc sm2_public_key_demo.c -lgmssl -o sm2_public_key_demo
cc sm2_sign_demo.c -lgmssl -o sm2_sign_demo
cc sm2_sign_ctx_demo.c -lgmssl -o sm2_sign_ctx_demo
cc sm2_encrypt_demo.c -lgmssl -o sm2_encrypt_demo
clear:
rm -fr sm2_keygen_demo
rm -fr sm2_private_key_demo
rm -fr sm2_private_key_parse_demo
rm -fr sm2_public_key_demo
rm -fr sm2_sign_demo
rm -fr sm2_sign_ctx_demo
rm -fr sm2_encrypt_demo

63
demos/sm2/sm2_encrypt_demo.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,33 +7,34 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/error.h>
int main(void)
{
SM2_KEY sm2_key;
SM2_KEY pub_key;
unsigned char plaintext[SM2_MAX_PLAINTEXT_SIZE];
unsigned char ciphertext[SM2_MAX_CIPHERTEXT_SIZE];
size_t len;
sm2_key_generate(&sm2_key);
memcpy(&pub_key, &sm2_key, sizeof(SM2_POINT));
sm2_encrypt(&pub_key, (uint8_t *)"hello world", strlen("hello world"), ciphertext, &len);
format_bytes(stdout, 0, 0, "ciphertext", ciphertext, len);
if (sm2_decrypt(&sm2_key, ciphertext, len, plaintext, &len) != 1) {
fprintf(stderr, "error\n");
return 1;
}
plaintext[len] = 0;
printf("plaintext: %s\n", plaintext);
return 0;
}
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/error.h>
int main(void)
{
SM2_KEY sm2_key;
SM2_KEY pub_key;
unsigned char plaintext[SM2_MAX_PLAINTEXT_SIZE];
unsigned char ciphertext[SM2_MAX_CIPHERTEXT_SIZE];
size_t len;
sm2_key_generate(&sm2_key);
memcpy(&pub_key, &sm2_key, sizeof(SM2_POINT));
sm2_encrypt(&pub_key, (uint8_t *)"hello world", strlen("hello world"), ciphertext, &len);
format_bytes(stdout, 0, 0, "ciphertext", ciphertext, len);
if (sm2_decrypt(&sm2_key, ciphertext, len, plaintext, &len) != 1) {
fprintf(stderr, "error\n");
return 1;
}
plaintext[len] = 0;
printf("plaintext: %s\n", plaintext);
return 0;
}

41
demos/sm2/sm2_keygen_demo.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,22 +7,23 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
int main(void)
{
SM2_KEY sm2_key;
if (sm2_key_generate(&sm2_key) != 1) {
fprintf(stderr, "error\n");
return 1;
}
sm2_key_print(stdout, 0, 0, "SM2PrivateKey", &sm2_key);
sm2_public_key_print(stdout, 0, 0, "SM2PublicKey", &sm2_key);
return 0;
}
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
int main(void)
{
SM2_KEY sm2_key;
if (sm2_key_generate(&sm2_key) != 1) {
fprintf(stderr, "error\n");
return 1;
}
sm2_key_print(stdout, 0, 0, "SM2PrivateKey", &sm2_key);
sm2_public_key_print(stdout, 0, 0, "SM2PublicKey", &sm2_key);
return 0;
}

47
demos/sm2/sm2_private_key_demo.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,25 +7,26 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
int main(void)
{
SM2_KEY sm2_key;
char *password = "123456";
if (sm2_key_generate(&sm2_key) != 1) {
fprintf(stderr, "error\n");
return 1;
}
if (sm2_private_key_info_encrypt_to_pem(&sm2_key, password, stdout) != 1) {
fprintf(stderr, "error\n");
return 1;
}
return 0;
}
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
int main(void)
{
SM2_KEY sm2_key;
char *password = "123456";
if (sm2_key_generate(&sm2_key) != 1) {
fprintf(stderr, "error\n");
return 1;
}
if (sm2_private_key_info_encrypt_to_pem(&sm2_key, password, stdout) != 1) {
fprintf(stderr, "error\n");
return 1;
}
return 0;
}

67
demos/sm2/sm2_private_key_parse_demo.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,35 +7,36 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/mem.h>
#include <gmssl/sm2.h>
int main(void)
{
SM2_KEY sm2_key;
char *password = "123456";
unsigned char buf[512];
unsigned char *p;
size_t len;
printf("Read SM2 private key file (PEM) from stdin ...\n");
if (sm2_private_key_info_decrypt_from_pem(&sm2_key, password, stdin) != 1) {
fprintf(stderr, "error\n");
return 1;
}
p = buf;
len = 0;
if (sm2_private_key_to_der(&sm2_key, &p, &len) != 1) {
fprintf(stderr, "error\n");
return 1;
}
fwrite(buf, 1, len, stdout);
gmssl_secure_clear(&sm2_key, sizeof(sm2_key));
return 0;
}
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/mem.h>
#include <gmssl/sm2.h>
int main(void)
{
SM2_KEY sm2_key;
char *password = "123456";
unsigned char buf[512];
unsigned char *p;
size_t len;
printf("Read SM2 private key file (PEM) from stdin ...\n");
if (sm2_private_key_info_decrypt_from_pem(&sm2_key, password, stdin) != 1) {
fprintf(stderr, "error\n");
return 1;
}
p = buf;
len = 0;
if (sm2_private_key_to_der(&sm2_key, &p, &len) != 1) {
fprintf(stderr, "error\n");
return 1;
}
fwrite(buf, 1, len, stdout);
gmssl_secure_clear(&sm2_key, sizeof(sm2_key));
return 0;
}

51
demos/sm2/sm2_public_key_demo.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,27 +7,28 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/mem.h>
#include <gmssl/sm2.h>
int main(void)
{
SM2_KEY sm2_key;
char *password = "123456";
printf("Read SM2 private key file (PEM) from stdin ...\n");
if (sm2_private_key_info_decrypt_from_pem(&sm2_key, password, stdin) != 1) {
fprintf(stderr, "error\n");
return 1;
}
// openssl ec -pubin -in sm2pub.pem -text
sm2_public_key_info_to_pem(&sm2_key, stdout);
gmssl_secure_clear(&sm2_key, sizeof(sm2_key));
return 0;
}
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/mem.h>
#include <gmssl/sm2.h>
int main(void)
{
SM2_KEY sm2_key;
char *password = "123456";
printf("Read SM2 private key file (PEM) from stdin ...\n");
if (sm2_private_key_info_decrypt_from_pem(&sm2_key, password, stdin) != 1) {
fprintf(stderr, "error\n");
return 1;
}
// openssl ec -pubin -in sm2pub.pem -text
sm2_public_key_info_to_pem(&sm2_key, stdout);
gmssl_secure_clear(&sm2_key, sizeof(sm2_key));
return 0;
}

109
demos/sm2/sm2_sign_ctx_demo.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,56 +7,57 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/error.h>
int main(void)
{
SM2_KEY sm2_key;
SM2_KEY pub_key;
SM2_SIGN_CTX sign_ctx;
unsigned char dgst[32];
unsigned char sig[SM2_MAX_SIGNATURE_SIZE];
size_t siglen;
int ret;
sm2_key_generate(&sm2_key);
memcpy(&pub_key, &sm2_key, sizeof(SM2_POINT));
// sign without signer ID (and Z value)
sm2_sign_init(&sign_ctx, &sm2_key, NULL, 0);
sm2_sign_update(&sign_ctx, (unsigned char *)"hello ", strlen("hello "));
sm2_sign_update(&sign_ctx, (unsigned char *)"world", strlen("world"));
sm2_sign_finish(&sign_ctx, sig, &siglen);
format_bytes(stdout, 0, 0, "signature", sig, siglen);
// digest and verify
sm3_digest((unsigned char *)"hello world", strlen("hello world"), dgst);
ret = sm2_verify(&pub_key, dgst, sig, siglen);
printf("verify result: %s\n", ret == 1 ? "success" : "failure");
// use verify update API
sm2_verify_init(&sign_ctx, &pub_key, NULL, 0);
sm2_verify_update(&sign_ctx, (unsigned char *)"hello world", strlen("hello world"));
ret = sm2_verify_finish(&sign_ctx, sig, siglen);
printf("verify result: %s\n", ret == 1 ? "success" : "failure");
// sign use default signer ID
sm2_sign_init(&sign_ctx, &sm2_key, SM2_DEFAULT_ID, SM2_DEFAULT_ID_LENGTH);
sm2_sign_update(&sign_ctx, (unsigned char *)"hello ", strlen("hello "));
sm2_sign_update(&sign_ctx, (unsigned char *)"world", strlen("world"));
sm2_sign_finish(&sign_ctx, sig, &siglen);
format_bytes(stdout, 0, 0, "signature", sig, siglen);
sm2_verify_init(&sign_ctx, &pub_key, SM2_DEFAULT_ID, SM2_DEFAULT_ID_LENGTH);
sm2_verify_update(&sign_ctx, (unsigned char *)"hello world", strlen("hello world"));
ret = sm2_verify_finish(&sign_ctx, sig, siglen);
printf("verify result: %s\n", ret == 1 ? "success" : "failure");
return 0;
}
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/error.h>
int main(void)
{
SM2_KEY sm2_key;
SM2_KEY pub_key;
SM2_SIGN_CTX sign_ctx;
unsigned char dgst[32];
unsigned char sig[SM2_MAX_SIGNATURE_SIZE];
size_t siglen;
int ret;
sm2_key_generate(&sm2_key);
memcpy(&pub_key, &sm2_key, sizeof(SM2_POINT));
// sign without signer ID (and Z value)
sm2_sign_init(&sign_ctx, &sm2_key, NULL, 0);
sm2_sign_update(&sign_ctx, (unsigned char *)"hello ", strlen("hello "));
sm2_sign_update(&sign_ctx, (unsigned char *)"world", strlen("world"));
sm2_sign_finish(&sign_ctx, sig, &siglen);
format_bytes(stdout, 0, 0, "signature", sig, siglen);
// digest and verify
sm3_digest((unsigned char *)"hello world", strlen("hello world"), dgst);
ret = sm2_verify(&pub_key, dgst, sig, siglen);
printf("verify result: %s\n", ret == 1 ? "success" : "failure");
// use verify update API
sm2_verify_init(&sign_ctx, &pub_key, NULL, 0);
sm2_verify_update(&sign_ctx, (unsigned char *)"hello world", strlen("hello world"));
ret = sm2_verify_finish(&sign_ctx, sig, siglen);
printf("verify result: %s\n", ret == 1 ? "success" : "failure");
// sign use default signer ID
sm2_sign_init(&sign_ctx, &sm2_key, SM2_DEFAULT_ID, SM2_DEFAULT_ID_LENGTH);
sm2_sign_update(&sign_ctx, (unsigned char *)"hello ", strlen("hello "));
sm2_sign_update(&sign_ctx, (unsigned char *)"world", strlen("world"));
sm2_sign_finish(&sign_ctx, sig, &siglen);
format_bytes(stdout, 0, 0, "signature", sig, siglen);
sm2_verify_init(&sign_ctx, &pub_key, SM2_DEFAULT_ID, SM2_DEFAULT_ID_LENGTH);
sm2_verify_update(&sign_ctx, (unsigned char *)"hello world", strlen("hello world"));
ret = sm2_verify_finish(&sign_ctx, sig, siglen);
printf("verify result: %s\n", ret == 1 ? "success" : "failure");
return 0;
}

71
demos/sm2/sm2_sign_demo.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,37 +7,38 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/error.h>
int main(void)
{
SM2_KEY sm2_key;
SM2_KEY pub_key;
unsigned char dgst[32];
unsigned char sig[SM2_MAX_SIGNATURE_SIZE];
size_t siglen;
int ret;
sm3_digest((unsigned char *)"hello world", strlen("hello world"), dgst);
format_bytes(stdout, 0, 0, "to be signed digest", dgst, sizeof(dgst));
sm2_key_generate(&sm2_key);
sm2_sign(&sm2_key, dgst, sig, &siglen);
format_bytes(stdout, 0, 0, "signature", sig, siglen);
memcpy(&pub_key, &sm2_key, sizeof(SM2_POINT));
if ((ret = sm2_verify(&pub_key, dgst, sig, siglen)) != 1) {
fprintf(stderr, "verify failed\n");
} else {
printf("verify success\n");
}
return 0;
}
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/error.h>
int main(void)
{
SM2_KEY sm2_key;
SM2_KEY pub_key;
unsigned char dgst[32];
unsigned char sig[SM2_MAX_SIGNATURE_SIZE];
size_t siglen;
int ret;
sm3_digest((unsigned char *)"hello world", strlen("hello world"), dgst);
format_bytes(stdout, 0, 0, "to be signed digest", dgst, sizeof(dgst));
sm2_key_generate(&sm2_key);
sm2_sign(&sm2_key, dgst, sig, &siglen);
format_bytes(stdout, 0, 0, "signature", sig, siglen);
memcpy(&pub_key, &sm2_key, sizeof(SM2_POINT));
if ((ret = sm2_verify(&pub_key, dgst, sig, siglen)) != 1) {
fprintf(stderr, "verify failed\n");
} else {
printf("verify success\n");
}
return 0;
}

69
demos/sm2/sm2keyparse.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,36 +7,37 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
int main(int argc, char **argv)
{
uint8_t buf[4096];
ssize_t len;
uint8_t dgst[32];
int i;
for (i = 0; i < sizeof(dgst); i++) {
printf("%02x", dgst[i]);
}
printf("\n");
return 0;
}
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
int main(int argc, char **argv)
{
uint8_t buf[4096];
ssize_t len;
uint8_t dgst[32];
int i;
for (i = 0; i < sizeof(dgst); i++) {
printf("%02x", dgst[i]);
}
printf("\n");
return 0;
}

20
demos/sm2demo.sh
View File

@@ -1,10 +1,10 @@
#!/bin/bash
gmssl sm2keygen -pass 1234 -out sm2.pem -pubout sm2pub.pem
echo hello | gmssl sm2sign -key sm2.pem -pass 1234 -out sm2.sig #-id 1234567812345678
echo hello | gmssl sm2verify -pubkey sm2pub.pem -sig sm2.sig -id 1234567812345678
echo hello | gmssl sm2encrypt -pubkey sm2pub.pem -out sm2.der
gmssl sm2decrypt -key sm2.pem -pass 1234 -in sm2.der
#!/bin/bash
gmssl sm2keygen -pass 1234 -out sm2.pem -pubout sm2pub.pem
echo hello | gmssl sm2sign -key sm2.pem -pass 1234 -out sm2.sig #-id 1234567812345678
echo hello | gmssl sm2verify -pubkey sm2pub.pem -sig sm2.sig -id 1234567812345678
echo hello | gmssl sm2encrypt -pubkey sm2pub.pem -out sm2.der
gmssl sm2decrypt -key sm2.pem -pass 1234 -in sm2.der

24
demos/sm3/CMakeLists.txt
View File

@@ -1,12 +1,12 @@
cmake_minimum_required(VERSION 3.0)
project(sm3demo)
include_directories(/usr/local/include)
link_directories(/usr/local/lib)
add_executable(sm3_demo sm3_demo.c)
add_executable(sm3_hmac_demo sm3_hmac_demo.c)
add_executable(sm3_kdf_demo sm3_kdf_demo.c)
target_link_libraries(sm3_demo gmssl)
target_link_libraries(sm3_hmac_demo gmssl)
target_link_libraries(sm3_kdf_demo gmssl)
cmake_minimum_required(VERSION 3.0)
project(sm3demo)
include_directories(/usr/local/include)
link_directories(/usr/local/lib)
add_executable(sm3_demo sm3_demo.c)
add_executable(sm3_hmac_demo sm3_hmac_demo.c)
add_executable(sm3_kdf_demo sm3_kdf_demo.c)
target_link_libraries(sm3_demo gmssl)
target_link_libraries(sm3_hmac_demo gmssl)
target_link_libraries(sm3_kdf_demo gmssl)

18
demos/sm3/Makefile
View File

@@ -1,9 +1,9 @@
all:
cc sm3_demo.c -lgmssl -o sm3_demo
cc sm3_hmac_demo.c -lgmssl -o sm3_hmac_demo
cc sm3_kdf_demo.c -lgmssl -o sm3_kdf_demo
clean:
rm -fr sm3_demo
rm -fr sm3_hmac_demo
rm -fr sm3_kdf_demo
all:
cc sm3_demo.c -lgmssl -o sm3_demo
cc sm3_hmac_demo.c -lgmssl -o sm3_hmac_demo
cc sm3_kdf_demo.c -lgmssl -o sm3_kdf_demo
clean:
rm -fr sm3_demo
rm -fr sm3_hmac_demo
rm -fr sm3_kdf_demo

57
demos/sm3/sm3_demo.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,30 +7,31 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm3.h>
int main(int argc, char **argv)
{
SM3_CTX sm3_ctx;
uint8_t buf[4096];
ssize_t len;
uint8_t dgst[32];
int i;
sm3_init(&sm3_ctx);
while ((len = fread(buf, 1, sizeof(buf), stdin)) > 0) {
sm3_update(&sm3_ctx, buf, len);
}
sm3_finish(&sm3_ctx, dgst);
for (i = 0; i < sizeof(dgst); i++) {
printf("%02x", dgst[i]);
}
printf("\n");
return 0;
}
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm3.h>
int main(int argc, char **argv)
{
SM3_CTX sm3_ctx;
uint8_t buf[4096];
ssize_t len;
uint8_t dgst[32];
int i;
sm3_init(&sm3_ctx);
while ((len = fread(buf, 1, sizeof(buf), stdin)) > 0) {
sm3_update(&sm3_ctx, buf, len);
}
sm3_finish(&sm3_ctx, dgst);
for (i = 0; i < sizeof(dgst); i++) {
printf("%02x", dgst[i]);
}
printf("\n");
return 0;
}

87
demos/sm3/sm3_hmac_demo.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,45 +7,46 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm3.h>
int main(void)
{
SM3_HMAC_CTX hmac_ctx;
unsigned char key[16] = {
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
0x01,0xf2,0x03,0x04,0x05,0x06,0x07,0x08,
};
unsigned char mbuf[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char hmac[32] = {0};
int i;
sm3_hmac_init(&hmac_ctx, key, sizeof(key));
sm3_hmac_update(&hmac_ctx, mbuf, sizeof(mbuf));
sm3_hmac_finish(&hmac_ctx, hmac);
printf("hmac: ");
for (i = 0; i < sizeof(hmac); i++) {
printf("%02X", hmac[i]);
}
printf("\n");
memset(hmac, 0, sizeof(hmac));
sm3_hmac(key, sizeof(key), mbuf, sizeof(mbuf), hmac);
printf("hmac: ");
for (i = 0; i < sizeof(hmac); i++) {
printf("%02X", hmac[i]);
}
printf("\n");
return 0;
}
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm3.h>
int main(void)
{
SM3_HMAC_CTX hmac_ctx;
unsigned char key[16] = {
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
0x01,0xf2,0x03,0x04,0x05,0x06,0x07,0x08,
};
unsigned char mbuf[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char hmac[32] = {0};
int i;
sm3_hmac_init(&hmac_ctx, key, sizeof(key));
sm3_hmac_update(&hmac_ctx, mbuf, sizeof(mbuf));
sm3_hmac_finish(&hmac_ctx, hmac);
printf("hmac: ");
for (i = 0; i < sizeof(hmac); i++) {
printf("%02X", hmac[i]);
}
printf("\n");
memset(hmac, 0, sizeof(hmac));
sm3_hmac(key, sizeof(key), mbuf, sizeof(mbuf), hmac);
printf("hmac: ");
for (i = 0; i < sizeof(hmac); i++) {
printf("%02X", hmac[i]);
}
printf("\n");
return 0;
}

59
demos/sm3/sm3_kdf_demo.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,31 +7,32 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm3.h>
int main(void)
{
SM3_KDF_CTX kdf_ctx;
unsigned char key[16] = {0};
unsigned char raw[32] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
int i;
sm3_kdf_init(&kdf_ctx, sizeof(key));
sm3_kdf_update(&kdf_ctx, raw, sizeof(raw));
sm3_kdf_finish(&kdf_ctx, key);
printf("key: ");
for (i = 0; i < sizeof(key); i++) {
printf("%02X", key[i]);
}
printf("\n");
return 0;
}
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm3.h>
int main(void)
{
SM3_KDF_CTX kdf_ctx;
unsigned char key[16] = {0};
unsigned char raw[32] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
int i;
sm3_kdf_init(&kdf_ctx, sizeof(key));
sm3_kdf_update(&kdf_ctx, raw, sizeof(raw));
sm3_kdf_finish(&kdf_ctx, key);
printf("key: ");
for (i = 0; i < sizeof(key); i++) {
printf("%02X", key[i]);
}
printf("\n");
return 0;
}

20
demos/sm3demo.sh
View File

@@ -1,10 +1,10 @@
#!/bin/bash
echo -n abc | gmssl sm3
gmssl sm2keygen -pass 1234 -out sm2.pem -pubout sm2pub.pem
echo -n abc | gmssl sm3 -pubkey sm2pub.pem -id 1234567812345678
echo -n abc | gmssl sm3hmac -key 11223344556677881122334455667788
#!/bin/bash
echo -n abc | gmssl sm3
gmssl sm2keygen -pass 1234 -out sm2.pem -pubout sm2pub.pem
echo -n abc | gmssl sm3 -pubkey sm2pub.pem -id 1234567812345678
echo -n abc | gmssl sm3hmac -key 11223344556677881122334455667788

44
demos/sm4/Makefile
View File

@@ -1,22 +1,22 @@
all:
cc sm4_demo.c -lgmssl -o sm4_demo
cc sm4_cbc_demo.c -lgmssl -o sm4_cbc_demo
cc sm4_cbc_padding_demo.c -lgmssl -o sm4_cbc_padding_demo
cc sm4_ctr_demo.c -lgmssl -o sm4_ctr_demo
cc sm4_gcm_demo.c -lgmssl -o sm4_gcm_demo
cc sm4_cbc_encrypt_update_demo.c -lgmssl -o sm4_cbc_encrypt_update_demo
cc sm4_cbc_decrypt_update_demo.c -lgmssl -o sm4_cbc_decrypt_update_demo
cc sm4_ctr_encrypt_update_demo.c -lgmssl -o sm4_ctr_encrypt_update_demo
cc sm4_ctr_encrypt_update_demo.c -lgmssl -o sm4_ctr_decrypt_update_demo
clean:
rm -fr sm4_demo
rm -fr sm4_cbc_demo
rm -fr sm4_cbc_padding_demo
rm -fr sm4_ctr_demo
rm -fr sm4_gcm_demo
rm -fr sm4_cbc_encrypt_update_demo
rm -fr sm4_cbc_decrypt_update_demo
rm -fr sm4_ctr_encrypt_update_demo
rm -fr sm4_ctr_decrypt_update_demo
all:
cc sm4_demo.c -lgmssl -o sm4_demo
cc sm4_cbc_demo.c -lgmssl -o sm4_cbc_demo
cc sm4_cbc_padding_demo.c -lgmssl -o sm4_cbc_padding_demo
cc sm4_ctr_demo.c -lgmssl -o sm4_ctr_demo
cc sm4_gcm_demo.c -lgmssl -o sm4_gcm_demo
cc sm4_cbc_encrypt_update_demo.c -lgmssl -o sm4_cbc_encrypt_update_demo
cc sm4_cbc_decrypt_update_demo.c -lgmssl -o sm4_cbc_decrypt_update_demo
cc sm4_ctr_encrypt_update_demo.c -lgmssl -o sm4_ctr_encrypt_update_demo
cc sm4_ctr_encrypt_update_demo.c -lgmssl -o sm4_ctr_decrypt_update_demo
clean:
rm -fr sm4_demo
rm -fr sm4_cbc_demo
rm -fr sm4_cbc_padding_demo
rm -fr sm4_ctr_demo
rm -fr sm4_gcm_demo
rm -fr sm4_cbc_encrypt_update_demo
rm -fr sm4_cbc_decrypt_update_demo
rm -fr sm4_ctr_encrypt_update_demo
rm -fr sm4_ctr_decrypt_update_demo

87
demos/sm4/sm4_cbc_decrypt_update_demo.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,45 +7,46 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/rand.h>
int main(void)
{
SM4_CBC_CTX cbc_ctx;
unsigned char key[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char iv[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char inbuf[1024];
unsigned char outbuf[1024 + 32];
ssize_t inlen;
size_t outlen;
if (sm4_cbc_decrypt_init(&cbc_ctx, key, iv) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) {
if (sm4_cbc_decrypt_update(&cbc_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
fwrite(outbuf, 1, outlen, stdout);
}
if (sm4_cbc_decrypt_finish(&cbc_ctx, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
fwrite(outbuf, 1, outlen, stdout);
return 0;
}
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/rand.h>
int main(void)
{
SM4_CBC_CTX cbc_ctx;
unsigned char key[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char iv[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char inbuf[1024];
unsigned char outbuf[1024 + 32];
ssize_t inlen;
size_t outlen;
if (sm4_cbc_decrypt_init(&cbc_ctx, key, iv) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) {
if (sm4_cbc_decrypt_update(&cbc_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
fwrite(outbuf, 1, outlen, stdout);
}
if (sm4_cbc_decrypt_finish(&cbc_ctx, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
fwrite(outbuf, 1, outlen, stdout);
return 0;
}

129
demos/sm4/sm4_cbc_demo.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,66 +7,67 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/rand.h>
int main(void)
{
SM4_KEY sm4_key;
unsigned char key[16];
unsigned char iv[16];
unsigned char mbuf[32] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char cbuf[32] = {0};
unsigned char pbuf[32] = {0};
int i;
rand_bytes(key, sizeof(key));
rand_bytes(iv, sizeof(iv));
printf("key: ");
for (i = 0; i < sizeof(key); i++) {
printf("%02X", key[i]);
}
printf("\n");
printf("iv: ");
for (i = 0; i < sizeof(iv); i++) {
printf("%02X", iv[i]);
}
printf("\n");
printf("plaintext: ");
for (i = 0; i < sizeof(mbuf); i++) {
printf("%02X", mbuf[i]);
}
printf("\n");
sm4_set_encrypt_key(&sm4_key, key);
sm4_cbc_encrypt(&sm4_key, iv, mbuf, sizeof(mbuf)/SM4_BLOCK_SIZE, cbuf);
printf("ciphertext: ");
for (i = 0; i < sizeof(cbuf); i++) {
printf("%02X", cbuf[i]);
}
printf("\n");
sm4_set_decrypt_key(&sm4_key, key);
sm4_cbc_decrypt(&sm4_key, iv, cbuf, sizeof(cbuf)/SM4_BLOCK_SIZE, pbuf);
printf("decrypted: ");
for (i = 0; i < sizeof(pbuf); i++) {
printf("%02X", pbuf[i]);
}
printf("\n");
return 0;
}
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/rand.h>
int main(void)
{
SM4_KEY sm4_key;
unsigned char key[16];
unsigned char iv[16];
unsigned char mbuf[32] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char cbuf[32] = {0};
unsigned char pbuf[32] = {0};
int i;
rand_bytes(key, sizeof(key));
rand_bytes(iv, sizeof(iv));
printf("key: ");
for (i = 0; i < sizeof(key); i++) {
printf("%02X", key[i]);
}
printf("\n");
printf("iv: ");
for (i = 0; i < sizeof(iv); i++) {
printf("%02X", iv[i]);
}
printf("\n");
printf("plaintext: ");
for (i = 0; i < sizeof(mbuf); i++) {
printf("%02X", mbuf[i]);
}
printf("\n");
sm4_set_encrypt_key(&sm4_key, key);
sm4_cbc_encrypt(&sm4_key, iv, mbuf, sizeof(mbuf)/SM4_BLOCK_SIZE, cbuf);
printf("ciphertext: ");
for (i = 0; i < sizeof(cbuf); i++) {
printf("%02X", cbuf[i]);
}
printf("\n");
sm4_set_decrypt_key(&sm4_key, key);
sm4_cbc_decrypt(&sm4_key, iv, cbuf, sizeof(cbuf)/SM4_BLOCK_SIZE, pbuf);
printf("decrypted: ");
for (i = 0; i < sizeof(pbuf); i++) {
printf("%02X", pbuf[i]);
}
printf("\n");
return 0;
}

87
demos/sm4/sm4_cbc_encrypt_update_demo.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,45 +7,46 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/rand.h>
int main(void)
{
SM4_CBC_CTX cbc_ctx;
unsigned char key[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char iv[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char inbuf[1024];
unsigned char outbuf[1024 + 32];
ssize_t inlen;
size_t outlen;
if (sm4_cbc_encrypt_init(&cbc_ctx, key, iv) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) {
if (sm4_cbc_encrypt_update(&cbc_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
fwrite(outbuf, 1, outlen, stdout);
}
if (sm4_cbc_encrypt_finish(&cbc_ctx, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
fwrite(outbuf, 1, outlen, stdout);
return 0;
}
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/rand.h>
int main(void)
{
SM4_CBC_CTX cbc_ctx;
unsigned char key[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char iv[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char inbuf[1024];
unsigned char outbuf[1024 + 32];
ssize_t inlen;
size_t outlen;
if (sm4_cbc_encrypt_init(&cbc_ctx, key, iv) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) {
if (sm4_cbc_encrypt_update(&cbc_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
fwrite(outbuf, 1, outlen, stdout);
}
if (sm4_cbc_encrypt_finish(&cbc_ctx, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
fwrite(outbuf, 1, outlen, stdout);
return 0;
}

195
demos/sm4/sm4_cbc_padding_demo.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,99 +7,100 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/rand.h>
int main(void)
{
SM4_KEY sm4_key;
unsigned char key[16];
unsigned char iv[16];
unsigned char mbuf[32] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char cbuf[32] = {0};
unsigned char pbuf[32] = {0};
size_t mlen1 = 20, mlen2 = 16;
size_t clen1, clen2;
size_t plen1, plen2;
int i;
rand_bytes(key, sizeof(key));
rand_bytes(iv, sizeof(iv));
printf("key: ");
for (i = 0; i < sizeof(key); i++) {
printf("%02X", key[i]);
}
printf("\n");
printf("iv: ");
for (i = 0; i < sizeof(iv); i++) {
printf("%02X", iv[i]);
}
printf("\n");
printf("sm4_cbc_pading encrypt %zu bytes\n", mlen1);
printf("plaintext: ");
for (i = 0; i < mlen1; i++) {
printf("%02X", mbuf[i]);
}
printf("\n");
sm4_set_encrypt_key(&sm4_key, key);
sm4_cbc_padding_encrypt(&sm4_key, iv, mbuf, mlen1, cbuf, &clen1);
printf("ciphertext: ");
for (i = 0; i < clen1; i++) {
printf("%02X", cbuf[i]);
}
printf("\n");
sm4_set_decrypt_key(&sm4_key, key);
sm4_cbc_padding_decrypt(&sm4_key, iv, cbuf, clen1, pbuf, &plen1);
printf("decrypted: ");
for (i = 0; i < plen1; i++) {
printf("%02X", pbuf[i]);
}
printf("\n");
printf("sm4_cbc_pading encrypt %zu bytes\n", mlen2);
printf("plaintext: ");
for (i = 0; i < mlen2; i++) {
printf("%02X", mbuf[i]);
}
printf("\n");
sm4_set_encrypt_key(&sm4_key, key);
sm4_cbc_padding_encrypt(&sm4_key, iv, mbuf, mlen2, cbuf, &clen2);
printf("ciphertext: ");
for (i = 0; i < clen2; i++) {
printf("%02X", cbuf[i]);
}
printf("\n");
sm4_set_decrypt_key(&sm4_key, key);
sm4_cbc_padding_decrypt(&sm4_key, iv, cbuf, clen2, pbuf, &plen2);
printf("decrypted: ");
for (i = 0; i < plen2; i++) {
printf("%02X", pbuf[i]);
}
printf("\n");
return 0;
}
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/rand.h>
int main(void)
{
SM4_KEY sm4_key;
unsigned char key[16];
unsigned char iv[16];
unsigned char mbuf[32] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char cbuf[32] = {0};
unsigned char pbuf[32] = {0};
size_t mlen1 = 20, mlen2 = 16;
size_t clen1, clen2;
size_t plen1, plen2;
int i;
rand_bytes(key, sizeof(key));
rand_bytes(iv, sizeof(iv));
printf("key: ");
for (i = 0; i < sizeof(key); i++) {
printf("%02X", key[i]);
}
printf("\n");
printf("iv: ");
for (i = 0; i < sizeof(iv); i++) {
printf("%02X", iv[i]);
}
printf("\n");
printf("sm4_cbc_pading encrypt %zu bytes\n", mlen1);
printf("plaintext: ");
for (i = 0; i < mlen1; i++) {
printf("%02X", mbuf[i]);
}
printf("\n");
sm4_set_encrypt_key(&sm4_key, key);
sm4_cbc_padding_encrypt(&sm4_key, iv, mbuf, mlen1, cbuf, &clen1);
printf("ciphertext: ");
for (i = 0; i < clen1; i++) {
printf("%02X", cbuf[i]);
}
printf("\n");
sm4_set_decrypt_key(&sm4_key, key);
sm4_cbc_padding_decrypt(&sm4_key, iv, cbuf, clen1, pbuf, &plen1);
printf("decrypted: ");
for (i = 0; i < plen1; i++) {
printf("%02X", pbuf[i]);
}
printf("\n");
printf("sm4_cbc_pading encrypt %zu bytes\n", mlen2);
printf("plaintext: ");
for (i = 0; i < mlen2; i++) {
printf("%02X", mbuf[i]);
}
printf("\n");
sm4_set_encrypt_key(&sm4_key, key);
sm4_cbc_padding_encrypt(&sm4_key, iv, mbuf, mlen2, cbuf, &clen2);
printf("ciphertext: ");
for (i = 0; i < clen2; i++) {
printf("%02X", cbuf[i]);
}
printf("\n");
sm4_set_decrypt_key(&sm4_key, key);
sm4_cbc_padding_decrypt(&sm4_key, iv, cbuf, clen2, pbuf, &plen2);
printf("decrypted: ");
for (i = 0; i < plen2; i++) {
printf("%02X", pbuf[i]);
}
printf("\n");
return 0;
}

137
demos/sm4/sm4_ctr_demo.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,70 +7,71 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/rand.h>
int main(void)
{
SM4_KEY sm4_key;
unsigned char key[16];
unsigned char iv[16];
unsigned char ctr[16];
unsigned char mbuf[20] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,
};
unsigned char cbuf[20] = {0};
unsigned char pbuf[20] = {0};
int i;
rand_bytes(key, sizeof(key));
rand_bytes(iv, sizeof(iv));
printf("key: ");
for (i = 0; i < sizeof(key); i++) {
printf("%02X", key[i]);
}
printf("\n");
printf("ctr: ");
for (i = 0; i < sizeof(iv); i++) {
printf("%02X", iv[i]);
}
printf("\n");
sm4_set_encrypt_key(&sm4_key, key);
printf("sm4 ctr encrypt %zu bytes\n", sizeof(mbuf));
printf("plaintext: ");
for (i = 0; i < sizeof(mbuf); i++) {
printf("%02X", mbuf[i]);
}
printf("\n");
memcpy(ctr, iv, 16);
sm4_ctr_encrypt(&sm4_key, ctr, mbuf, sizeof(mbuf), cbuf);
printf("ciphertext: ");
for (i = 0; i < sizeof(cbuf); i++) {
printf("%02X", cbuf[i]);
}
printf("\n");
memcpy(ctr, iv, 16);
sm4_ctr_decrypt(&sm4_key, ctr, cbuf, sizeof(cbuf), pbuf);
printf("decrypted: ");
for (i = 0; i < sizeof(pbuf); i++) {
printf("%02X", pbuf[i]);
}
printf("\n");
return 0;
}
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/rand.h>
int main(void)
{
SM4_KEY sm4_key;
unsigned char key[16];
unsigned char iv[16];
unsigned char ctr[16];
unsigned char mbuf[20] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,
};
unsigned char cbuf[20] = {0};
unsigned char pbuf[20] = {0};
int i;
rand_bytes(key, sizeof(key));
rand_bytes(iv, sizeof(iv));
printf("key: ");
for (i = 0; i < sizeof(key); i++) {
printf("%02X", key[i]);
}
printf("\n");
printf("ctr: ");
for (i = 0; i < sizeof(iv); i++) {
printf("%02X", iv[i]);
}
printf("\n");
sm4_set_encrypt_key(&sm4_key, key);
printf("sm4 ctr encrypt %zu bytes\n", sizeof(mbuf));
printf("plaintext: ");
for (i = 0; i < sizeof(mbuf); i++) {
printf("%02X", mbuf[i]);
}
printf("\n");
memcpy(ctr, iv, 16);
sm4_ctr_encrypt(&sm4_key, ctr, mbuf, sizeof(mbuf), cbuf);
printf("ciphertext: ");
for (i = 0; i < sizeof(cbuf); i++) {
printf("%02X", cbuf[i]);
}
printf("\n");
memcpy(ctr, iv, 16);
sm4_ctr_decrypt(&sm4_key, ctr, cbuf, sizeof(cbuf), pbuf);
printf("decrypted: ");
for (i = 0; i < sizeof(pbuf); i++) {
printf("%02X", pbuf[i]);
}
printf("\n");
return 0;
}

87
demos/sm4/sm4_ctr_encrypt_update_demo.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,45 +7,46 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/rand.h>
int main(void)
{
SM4_CTR_CTX cbc_ctx;
unsigned char key[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char ctr[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char inbuf[1024];
unsigned char outbuf[1024 + 32];
ssize_t inlen;
size_t outlen;
if (sm4_ctr_encrypt_init(&cbc_ctx, key, ctr) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) {
if (sm4_ctr_encrypt_update(&cbc_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
fwrite(outbuf, 1, outlen, stdout);
}
if (sm4_ctr_encrypt_finish(&cbc_ctx, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
fwrite(outbuf, 1, outlen, stdout);
return 0;
}
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/rand.h>
int main(void)
{
SM4_CTR_CTX cbc_ctx;
unsigned char key[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char ctr[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char inbuf[1024];
unsigned char outbuf[1024 + 32];
ssize_t inlen;
size_t outlen;
if (sm4_ctr_encrypt_init(&cbc_ctx, key, ctr) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) {
if (sm4_ctr_encrypt_update(&cbc_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
fwrite(outbuf, 1, outlen, stdout);
}
if (sm4_ctr_encrypt_finish(&cbc_ctx, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
fwrite(outbuf, 1, outlen, stdout);
return 0;
}

113
demos/sm4/sm4_demo.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,58 +7,59 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
// sm4 demo1: encrypt and decrypt a block of message (16 bytes)
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
int main(void)
{
SM4_KEY sm4_key;
unsigned char key[16] = {
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
0x01,0xf2,0x03,0x04,0x05,0x06,0x07,0x08,
};
unsigned char mbuf[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char cbuf[16];
unsigned char pbuf[16];
int i;
printf("key: ");
for (i = 0; i < sizeof(key); i++) {
printf("%02X", key[i]);
}
printf("\n");
printf("plaintext: ");
for (i = 0; i < sizeof(mbuf); i++) {
printf("%02X", mbuf[i]);
}
printf("\n");
sm4_set_encrypt_key(&sm4_key, key);
sm4_encrypt(&sm4_key, mbuf, cbuf);
printf("ciphertext: ");
for (i = 0; i < sizeof(cbuf); i++) {
printf("%02X", cbuf[i]);
}
printf("\n");
sm4_set_decrypt_key(&sm4_key, key);
sm4_decrypt(&sm4_key, cbuf, pbuf);
printf("decrypted: ");
for (i = 0; i < sizeof(pbuf); i++) {
printf("%02X", pbuf[i]);
}
printf("\n");
return 0;
}
// sm4 demo1: encrypt and decrypt a block of message (16 bytes)
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
int main(void)
{
SM4_KEY sm4_key;
unsigned char key[16] = {
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
0x01,0xf2,0x03,0x04,0x05,0x06,0x07,0x08,
};
unsigned char mbuf[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char cbuf[16];
unsigned char pbuf[16];
int i;
printf("key: ");
for (i = 0; i < sizeof(key); i++) {
printf("%02X", key[i]);
}
printf("\n");
printf("plaintext: ");
for (i = 0; i < sizeof(mbuf); i++) {
printf("%02X", mbuf[i]);
}
printf("\n");
sm4_set_encrypt_key(&sm4_key, key);
sm4_encrypt(&sm4_key, mbuf, cbuf);
printf("ciphertext: ");
for (i = 0; i < sizeof(cbuf); i++) {
printf("%02X", cbuf[i]);
}
printf("\n");
sm4_set_decrypt_key(&sm4_key, key);
sm4_decrypt(&sm4_key, cbuf, pbuf);
printf("decrypted: ");
for (i = 0; i < sizeof(pbuf); i++) {
printf("%02X", pbuf[i]);
}
printf("\n");
return 0;
}

165
demos/sm4/sm4_gcm_demo.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,84 +7,85 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/rand.h>
int main(void)
{
SM4_KEY sm4_key;
unsigned char key[16];
unsigned char iv[16];
unsigned char aad[20];
unsigned char mbuf[64] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,
};
unsigned char cbuf[64] = {0};
unsigned char pbuf[64] = {0};
unsigned char tag[16];
int i;
rand_bytes(key, sizeof(key));
rand_bytes(iv, sizeof(iv));
printf("key: ");
for (i = 0; i < sizeof(key); i++) {
printf("%02X", key[i]);
}
printf("\n");
printf("iv: ");
for (i = 0; i < sizeof(iv); i++) {
printf("%02X", iv[i]);
}
printf("\n");
sm4_set_encrypt_key(&sm4_key, key);
printf("sm4 gcm encrypt\n");
printf("auth-only data: ");
for (i = 0; i < sizeof(aad); i++) {
printf("%02X", aad[i]);
}
printf("\n");
printf("plaintext: ");
for (i = 0; i < sizeof(mbuf); i++) {
printf("%02X", mbuf[i]);
}
printf("\n");
sm4_gcm_encrypt(&sm4_key, iv, sizeof(iv), aad, sizeof(aad), mbuf, sizeof(mbuf), cbuf, sizeof(tag), tag);
printf("ciphertext: ");
for (i = 0; i < sizeof(cbuf); i++) {
printf("%02X", cbuf[i]);
}
printf("\n");
printf("mac-tag: ");
for (i = 0; i < sizeof(tag); i++) {
printf("%02X", tag[i]);
}
printf("\n");
if (sm4_gcm_decrypt(&sm4_key, iv, sizeof(iv), aad, sizeof(aad), cbuf, sizeof(mbuf), tag, sizeof(tag), pbuf) != 1) {
fprintf(stderr, "sm4 gcm decrypt failed\n");
return 1;
}
printf("decrypted: ");
for (i = 0; i < sizeof(pbuf); i++) {
printf("%02X", pbuf[i]);
}
printf("\n");
return 0;
}
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/rand.h>
int main(void)
{
SM4_KEY sm4_key;
unsigned char key[16];
unsigned char iv[16];
unsigned char aad[20];
unsigned char mbuf[64] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,
};
unsigned char cbuf[64] = {0};
unsigned char pbuf[64] = {0};
unsigned char tag[16];
int i;
rand_bytes(key, sizeof(key));
rand_bytes(iv, sizeof(iv));
printf("key: ");
for (i = 0; i < sizeof(key); i++) {
printf("%02X", key[i]);
}
printf("\n");
printf("iv: ");
for (i = 0; i < sizeof(iv); i++) {
printf("%02X", iv[i]);
}
printf("\n");
sm4_set_encrypt_key(&sm4_key, key);
printf("sm4 gcm encrypt\n");
printf("auth-only data: ");
for (i = 0; i < sizeof(aad); i++) {
printf("%02X", aad[i]);
}
printf("\n");
printf("plaintext: ");
for (i = 0; i < sizeof(mbuf); i++) {
printf("%02X", mbuf[i]);
}
printf("\n");
sm4_gcm_encrypt(&sm4_key, iv, sizeof(iv), aad, sizeof(aad), mbuf, sizeof(mbuf), cbuf, sizeof(tag), tag);
printf("ciphertext: ");
for (i = 0; i < sizeof(cbuf); i++) {
printf("%02X", cbuf[i]);
}
printf("\n");
printf("mac-tag: ");
for (i = 0; i < sizeof(tag); i++) {
printf("%02X", tag[i]);
}
printf("\n");
if (sm4_gcm_decrypt(&sm4_key, iv, sizeof(iv), aad, sizeof(aad), cbuf, sizeof(mbuf), tag, sizeof(tag), pbuf) != 1) {
fprintf(stderr, "sm4 gcm decrypt failed\n");
return 1;
}
printf("decrypted: ");
for (i = 0; i < sizeof(pbuf); i++) {
printf("%02X", pbuf[i]);
}
printf("\n");
return 0;
}

24
demos/sm4demo.sh
View File

@@ -1,12 +1,12 @@
#!/bin/bash
KEY=11223344556677881122334455667788
IV=11223344556677881122334455667788
echo hello | gmssl sm4 -cbc -encrypt -key $KEY -iv $IV -out sm4.cbc
gmssl sm4 -cbc -decrypt -key $KEY -iv $IV -in sm4.cbc
echo hello | gmssl sm4 -ctr -encrypt -key $KEY -iv $IV -out sm4.ctr
gmssl sm4 -ctr -decrypt -key $KEY -iv $IV -in sm4.ctr
#!/bin/bash
KEY=11223344556677881122334455667788
IV=11223344556677881122334455667788
echo hello | gmssl sm4 -cbc -encrypt -key $KEY -iv $IV -out sm4.cbc
gmssl sm4 -cbc -decrypt -key $KEY -iv $IV -in sm4.cbc
echo hello | gmssl sm4 -ctr -encrypt -key $KEY -iv $IV -out sm4.ctr
gmssl sm4 -ctr -decrypt -key $KEY -iv $IV -in sm4.ctr

20
demos/sm9/Makefile
View File

@@ -1,10 +1,10 @@
all:
cc sm9_keygen_demo.c -lgmssl -o sm9_keygen_demo
cc sm9_sign_demo.c -lgmssl -o sm9_sign_demo
cc sm9_encrypt_demo.c -lgmssl -o sm9_encrypt_demo
clean:
rm -fr sm9_keygen_demo
rm -fr sm9_sign_demo
rm -fr sm9_encrypt_demo
all:
cc sm9_keygen_demo.c -lgmssl -o sm9_keygen_demo
cc sm9_sign_demo.c -lgmssl -o sm9_sign_demo
cc sm9_encrypt_demo.c -lgmssl -o sm9_encrypt_demo
clean:
rm -fr sm9_keygen_demo
rm -fr sm9_sign_demo
rm -fr sm9_encrypt_demo

79
demos/sm9/sm9_encrypt_demo.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,41 +7,42 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm9.h>
#include <gmssl/error.h>
int main(void)
{
SM9_ENC_MASTER_KEY master;
SM9_ENC_MASTER_KEY master_public;
SM9_ENC_KEY key;
const char *id = "Alice";
uint8_t buf[512];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len;
char mbuf[256];
size_t mlen;
int ret;
sm9_enc_master_key_generate(&master);
sm9_enc_master_key_extract_key(&master, id, strlen(id), &key);
sm9_enc_master_public_key_to_der(&master, &p, &len);
sm9_enc_master_public_key_from_der(&master_public, &cp, &len);
sm9_encrypt(&master_public, id, strlen(id), (uint8_t *)"hello", strlen("hello"), buf, &len);
ret = sm9_decrypt(&key, id, strlen(id), buf, len, (uint8_t *)mbuf, &mlen);
if (ret != 1) {
fprintf(stderr, "decrypt failed\n");
return 1;
}
mbuf[mlen] = 0;
printf("decrypt result: %s\n", mbuf);
return 0;
}
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm9.h>
#include <gmssl/error.h>
int main(void)
{
SM9_ENC_MASTER_KEY master;
SM9_ENC_MASTER_KEY master_public;
SM9_ENC_KEY key;
const char *id = "Alice";
uint8_t buf[512];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len;
char mbuf[256];
size_t mlen;
int ret;
sm9_enc_master_key_generate(&master);
sm9_enc_master_key_extract_key(&master, id, strlen(id), &key);
sm9_enc_master_public_key_to_der(&master, &p, &len);
sm9_enc_master_public_key_from_der(&master_public, &cp, &len);
sm9_encrypt(&master_public, id, strlen(id), (uint8_t *)"hello", strlen("hello"), buf, &len);
ret = sm9_decrypt(&key, id, strlen(id), buf, len, (uint8_t *)mbuf, &mlen);
if (ret != 1) {
fprintf(stderr, "decrypt failed\n");
return 1;
}
mbuf[mlen] = 0;
printf("decrypt result: %s\n", mbuf);
return 0;
}

55
demos/sm9/sm9_keygen_demo.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,29 +7,30 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm9.h>
int main(void)
{
SM9_SIGN_MASTER_KEY sign_master;
SM9_SIGN_KEY sign_key;
sm9_sign_master_key_generate(&sign_master);
printf("SM9 Master Secret\n");
sm9_sign_master_key_info_encrypt_to_pem(&sign_master, "P@ssw0rd", stdout);
printf("SM9 Public Parameters\n");
sm9_sign_master_public_key_to_pem(&sign_master, stdout);
sm9_sign_master_key_extract_key(&sign_master, "alice", strlen("alice"), &sign_key);
printf("SM9 private key for ID '%s'\n", "alice");
sm9_sign_key_info_encrypt_to_pem(&sign_key, "123456", stdout);
return 0;
}
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm9.h>
int main(void)
{
SM9_SIGN_MASTER_KEY sign_master;
SM9_SIGN_KEY sign_key;
sm9_sign_master_key_generate(&sign_master);
printf("SM9 Master Secret\n");
sm9_sign_master_key_info_encrypt_to_pem(&sign_master, "P@ssw0rd", stdout);
printf("SM9 Public Parameters\n");
sm9_sign_master_public_key_to_pem(&sign_master, stdout);
sm9_sign_master_key_extract_key(&sign_master, "alice", strlen("alice"), &sign_key);
printf("SM9 private key for ID '%s'\n", "alice");
sm9_sign_key_info_encrypt_to_pem(&sign_key, "123456", stdout);
return 0;
}

91
demos/sm9/sm9_sign_demo.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,47 +7,48 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm9.h>
#include <gmssl/error.h>
int main(void)
{
SM9_SIGN_MASTER_KEY sign_master;
SM9_SIGN_MASTER_KEY sign_master_public;
SM9_SIGN_KEY sign_key;
SM9_SIGN_CTX sign_ctx;
const char *id = "Alice";
uint8_t sig[SM9_SIGNATURE_SIZE];
size_t siglen;
uint8_t buf[512];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len;
int ret;
sm9_sign_master_key_generate(&sign_master);
sm9_sign_master_key_extract_key(&sign_master, id, strlen(id), &sign_key);
sm9_sign_init(&sign_ctx);
sm9_sign_update(&sign_ctx, (uint8_t *)"hello world", strlen("hello world"));
sm9_sign_finish(&sign_ctx, &sign_key, sig, &siglen);
format_bytes(stdout, 0, 0, "signature", sig, siglen);
sm9_sign_master_public_key_to_der(&sign_master, &p, &len);
sm9_sign_master_public_key_from_der(&sign_master_public, &cp, &len);
sm9_verify_init(&sign_ctx);
sm9_verify_update(&sign_ctx, (uint8_t *)"hello world", strlen("hello world"));
ret = sm9_verify_finish(&sign_ctx, sig, siglen, &sign_master_public, id, strlen(id));
printf("verify %s\n", ret == 1 ? "success" : "failure");
return 0;
}
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm9.h>
#include <gmssl/error.h>
int main(void)
{
SM9_SIGN_MASTER_KEY sign_master;
SM9_SIGN_MASTER_KEY sign_master_public;
SM9_SIGN_KEY sign_key;
SM9_SIGN_CTX sign_ctx;
const char *id = "Alice";
uint8_t sig[SM9_SIGNATURE_SIZE];
size_t siglen;
uint8_t buf[512];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len;
int ret;
sm9_sign_master_key_generate(&sign_master);
sm9_sign_master_key_extract_key(&sign_master, id, strlen(id), &sign_key);
sm9_sign_init(&sign_ctx);
sm9_sign_update(&sign_ctx, (uint8_t *)"hello world", strlen("hello world"));
sm9_sign_finish(&sign_ctx, &sign_key, sig, &siglen);
format_bytes(stdout, 0, 0, "signature", sig, siglen);
sm9_sign_master_public_key_to_der(&sign_master, &p, &len);
sm9_sign_master_public_key_from_der(&sign_master_public, &cp, &len);
sm9_verify_init(&sign_ctx);
sm9_verify_update(&sign_ctx, (uint8_t *)"hello world", strlen("hello world"));
ret = sm9_verify_finish(&sign_ctx, sig, siglen, &sign_master_public, id, strlen(id));
printf("verify %s\n", ret == 1 ? "success" : "failure");
return 0;
}

24
demos/sm9demo.sh
View File

@@ -1,12 +1,12 @@
#!/bin/bash
gmssl sm9setup -alg sm9sign -pass 1234 -out sign_msk.pem -pubout sign_mpk.pem
gmssl sm9keygen -alg sm9sign -in sign_msk.pem -inpass 1234 -id alice -out alice.pem -outpass 1234
echo hello | gmssl sm9sign -key alice.pem -pass 1234 -out hello.sig
echo hello | gmssl sm9verify -pubmaster sign_mpk.pem -id alice -sig hello.sig
gmssl sm9setup -alg sm9encrypt -pass 1234 -out enc_msk.pem -pubout enc_mpk.pem
gmssl sm9keygen -alg sm9encrypt -in enc_msk.pem -inpass 1234 -id bob -out bob.pem -outpass 1234
echo hello | gmssl sm9encrypt -pubmaster enc_mpk.pem -id bob -out hello.der
gmssl sm9decrypt -key bob.pem -pass 1234 -id bob -in hello.der
#!/bin/bash
gmssl sm9setup -alg sm9sign -pass 1234 -out sign_msk.pem -pubout sign_mpk.pem
gmssl sm9keygen -alg sm9sign -in sign_msk.pem -inpass 1234 -id alice -out alice.pem -outpass 1234
echo hello | gmssl sm9sign -key alice.pem -pass 1234 -out hello.sig
echo hello | gmssl sm9verify -pubmaster sign_mpk.pem -id alice -sig hello.sig
gmssl sm9setup -alg sm9encrypt -pass 1234 -out enc_msk.pem -pubout enc_mpk.pem
gmssl sm9keygen -alg sm9encrypt -in enc_msk.pem -inpass 1234 -id bob -out bob.pem -outpass 1234
echo hello | gmssl sm9encrypt -pubmaster enc_mpk.pem -id bob -out hello.der
gmssl sm9decrypt -key bob.pem -pass 1234 -id bob -in hello.der

16
demos/tlcp/Makefile
View File

@@ -1,8 +1,8 @@
all:
cc tlcp_get.c url_parser.c -lgmssl -o tlcp_get
cc tlcp_post.c url_parser.c -lgmssl -o tlcp_post
clean:
rm -fr tlcp_get
rm -fr tlcp_post
all:
cc tlcp_get.c url_parser.c -lgmssl -o tlcp_get
cc tlcp_post.c url_parser.c -lgmssl -o tlcp_post
clean:
rm -fr tlcp_get
rm -fr tlcp_post

203
demos/tlcp/tlcp_get.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,103 +7,104 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <errno.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include <netdb.h>
#include <sys/types.h>
#include <arpa/inet.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <gmssl/tls.h>
#include <gmssl/error.h>
#include "url_parser.h"
int main(int argc, char *argv[])
{
int ret = -1;
char *prog = argv[0];
const int cipher = TLS_cipher_ecc_sm4_cbc_sm3;
URL_COMPONENTS *url;
struct hostent *hp;
int port = 443;
struct sockaddr_in server;
int sock;
TLS_CTX ctx;
TLS_CONNECT conn;
char request[1024];
uint8_t buf[16800];
char *p;
size_t len;
if (argc != 2) {
fprintf(stderr, "example: tlcp_get https://sm2only.ovssl.cn\n");
return 1;
}
if (!(url = parse_url(argv[1]))) {
fprintf(stderr, "parse url '%s' failure\n", argv[1]);
return 1;
}
if (!(hp = gethostbyname(url->host))) {
herror("tlcp_client: '-host' invalid");
goto end;
}
if (url->port != -1) {
port = url->port;
}
server.sin_addr = *((struct in_addr *)hp->h_addr_list[0]);
server.sin_family = AF_INET;
server.sin_port = htons(port);
if ((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
perror("socket");
goto end;
}
if (connect(sock, (struct sockaddr *)&server , sizeof(server)) < 0) {
perror("connect");
goto end;
}
memset(&ctx, 0, sizeof(ctx));
memset(&conn, 0, sizeof(conn));
tls_ctx_init(&ctx, TLS_protocol_tlcp, TLS_client_mode);
tls_ctx_set_cipher_suites(&ctx, &cipher, 1);
tls_init(&conn, &ctx);
tls_set_socket(&conn, sock);
if (tls_do_handshake(&conn) != 1) {
fprintf(stderr, "%s: error\n", prog);
goto end;
}
snprintf(request, sizeof(request)-1, "GET %s HTTP/1.1\r\nHost: %s\r\n\r\n",
url->path ? url->path : "/",
url->host);
tls_send(&conn, (uint8_t *)request, strlen(request), &len);
if (tls_recv(&conn, buf, sizeof(buf), &len) != 1) {
fprintf(stderr, "recv failure\n");
goto end;
}
buf[len] = 0;
p = strstr((char *)buf, "\r\n\r\n");
if (p) {
printf("%s", p + 4);
fflush(stdout);
}
end:
free_url_components(url);
close(sock);
tls_ctx_cleanup(&ctx);
tls_cleanup(&conn);
return 0;
}
#include <stdio.h>
#include <errno.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include <netdb.h>
#include <sys/types.h>
#include <arpa/inet.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <gmssl/tls.h>
#include <gmssl/error.h>
#include "url_parser.h"
int main(int argc, char *argv[])
{
int ret = -1;
char *prog = argv[0];
const int cipher = TLS_cipher_ecc_sm4_cbc_sm3;
URL_COMPONENTS *url;
struct hostent *hp;
int port = 443;
struct sockaddr_in server;
int sock;
TLS_CTX ctx;
TLS_CONNECT conn;
char request[1024];
uint8_t buf[16800];
char *p;
size_t len;
if (argc != 2) {
fprintf(stderr, "example: tlcp_get https://sm2only.ovssl.cn\n");
return 1;
}
if (!(url = parse_url(argv[1]))) {
fprintf(stderr, "parse url '%s' failure\n", argv[1]);
return 1;
}
if (!(hp = gethostbyname(url->host))) {
herror("tlcp_client: '-host' invalid");
goto end;
}
if (url->port != -1) {
port = url->port;
}
server.sin_addr = *((struct in_addr *)hp->h_addr_list[0]);
server.sin_family = AF_INET;
server.sin_port = htons(port);
if ((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
perror("socket");
goto end;
}
if (connect(sock, (struct sockaddr *)&server , sizeof(server)) < 0) {
perror("connect");
goto end;
}
memset(&ctx, 0, sizeof(ctx));
memset(&conn, 0, sizeof(conn));
tls_ctx_init(&ctx, TLS_protocol_tlcp, TLS_client_mode);
tls_ctx_set_cipher_suites(&ctx, &cipher, 1);
tls_init(&conn, &ctx);
tls_set_socket(&conn, sock);
if (tls_do_handshake(&conn) != 1) {
fprintf(stderr, "%s: error\n", prog);
goto end;
}
snprintf(request, sizeof(request)-1, "GET %s HTTP/1.1\r\nHost: %s\r\n\r\n",
url->path ? url->path : "/",
url->host);
tls_send(&conn, (uint8_t *)request, strlen(request), &len);
if (tls_recv(&conn, buf, sizeof(buf), &len) != 1) {
fprintf(stderr, "recv failure\n");
goto end;
}
buf[len] = 0;
p = strstr((char *)buf, "\r\n\r\n");
if (p) {
printf("%s", p + 4);
fflush(stdout);
}
end:
free_url_components(url);
close(sock);
tls_ctx_cleanup(&ctx);
tls_cleanup(&conn);
return 0;
}

213
demos/tlcp/tlcp_post.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,108 +7,109 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <errno.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include <netdb.h>
#include <sys/types.h>
#include <arpa/inet.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <gmssl/tls.h>
#include <gmssl/error.h>
#include "url_parser.h"
int main(int argc, char *argv[])
{
int ret = -1;
char *prog = argv[0];
const int cipher = TLS_cipher_ecc_sm4_cbc_sm3;
URL_COMPONENTS *url;
struct hostent *hp;
int port = 443;
struct sockaddr_in server;
int sock;
TLS_CTX ctx;
TLS_CONNECT conn;
char request[1024];
uint8_t buf[16800];
char *p;
size_t len;
if (argc != 2) {
fprintf(stderr, "example: echo \"key=word\" | tlcp_post https://sm2only.ovssl.cn\n");
return 1;
}
if (!(url = parse_url(argv[1]))) {
fprintf(stderr, "parse url '%s' failure\n", argv[1]);
return 1;
}
if (!(hp = gethostbyname(url->host))) {
herror("tlcp_client: '-host' invalid");
goto end;
}
if (url->port != -1) {
port = url->port;
}
server.sin_addr = *((struct in_addr *)hp->h_addr_list[0]);
server.sin_family = AF_INET;
server.sin_port = htons(port);
if ((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
perror("socket");
goto end;
}
if (connect(sock, (struct sockaddr *)&server , sizeof(server)) < 0) {
perror("connect");
goto end;
}
memset(&ctx, 0, sizeof(ctx));
memset(&conn, 0, sizeof(conn));
tls_ctx_init(&ctx, TLS_protocol_tlcp, TLS_client_mode);
tls_ctx_set_cipher_suites(&ctx, &cipher, 1);
tls_init(&conn, &ctx);
tls_set_socket(&conn, sock);
if (tls_do_handshake(&conn) != 1) {
fprintf(stderr, "%s: error\n", prog);
goto end;
}
snprintf(request, sizeof(request)-1, "POST %s HTTP/1.1\r\nHost: %s\r\n\r\n",
url->path ? url->path : "/",
url->host);
tls_send(&conn, (uint8_t *)request, strlen(request), &len);
len = fread(buf, 1, sizeof(buf), stdin);
if (len) {
tls_send(&conn, buf, len, &len);
}
if (tls_recv(&conn, buf, sizeof(buf), &len) != 1) {
fprintf(stderr, "recv failure\n");
goto end;
}
buf[len] = 0;
p = strstr((char *)buf, "\r\n\r\n");
if (p) {
printf("%s", p + 4);
fflush(stdout);
}
end:
free_url_components(url);
close(sock);
tls_ctx_cleanup(&ctx);
tls_cleanup(&conn);
return 0;
}
#include <stdio.h>
#include <errno.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include <netdb.h>
#include <sys/types.h>
#include <arpa/inet.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <gmssl/tls.h>
#include <gmssl/error.h>
#include "url_parser.h"
int main(int argc, char *argv[])
{
int ret = -1;
char *prog = argv[0];
const int cipher = TLS_cipher_ecc_sm4_cbc_sm3;
URL_COMPONENTS *url;
struct hostent *hp;
int port = 443;
struct sockaddr_in server;
int sock;
TLS_CTX ctx;
TLS_CONNECT conn;
char request[1024];
uint8_t buf[16800];
char *p;
size_t len;
if (argc != 2) {
fprintf(stderr, "example: echo \"key=word\" | tlcp_post https://sm2only.ovssl.cn\n");
return 1;
}
if (!(url = parse_url(argv[1]))) {
fprintf(stderr, "parse url '%s' failure\n", argv[1]);
return 1;
}
if (!(hp = gethostbyname(url->host))) {
herror("tlcp_client: '-host' invalid");
goto end;
}
if (url->port != -1) {
port = url->port;
}
server.sin_addr = *((struct in_addr *)hp->h_addr_list[0]);
server.sin_family = AF_INET;
server.sin_port = htons(port);
if ((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
perror("socket");
goto end;
}
if (connect(sock, (struct sockaddr *)&server , sizeof(server)) < 0) {
perror("connect");
goto end;
}
memset(&ctx, 0, sizeof(ctx));
memset(&conn, 0, sizeof(conn));
tls_ctx_init(&ctx, TLS_protocol_tlcp, TLS_client_mode);
tls_ctx_set_cipher_suites(&ctx, &cipher, 1);
tls_init(&conn, &ctx);
tls_set_socket(&conn, sock);
if (tls_do_handshake(&conn) != 1) {
fprintf(stderr, "%s: error\n", prog);
goto end;
}
snprintf(request, sizeof(request)-1, "POST %s HTTP/1.1\r\nHost: %s\r\n\r\n",
url->path ? url->path : "/",
url->host);
tls_send(&conn, (uint8_t *)request, strlen(request), &len);
len = fread(buf, 1, sizeof(buf), stdin);
if (len) {
tls_send(&conn, buf, len, &len);
}
if (tls_recv(&conn, buf, sizeof(buf), &len) != 1) {
fprintf(stderr, "recv failure\n");
goto end;
}
buf[len] = 0;
p = strstr((char *)buf, "\r\n\r\n");
if (p) {
printf("%s", p + 4);
fflush(stdout);
}
end:
free_url_components(url);
close(sock);
tls_ctx_cleanup(&ctx);
tls_cleanup(&conn);
return 0;
}

817
demos/tlcp/url_parser.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,410 +7,411 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include "url_parser.h"
#include <errno.h>
#include <stdlib.h>
#include <string.h>
static const char *_strnstr(const char *s, size_t s_len, const char *needle)
{
const char *end = s + s_len;
size_t needle_len = strlen(needle);
const char *p;
p = s;
while (p < end - needle_len + 1) {
if (strncmp(p, needle, needle_len) == 0) {
return p;
}
p++;
}
return NULL;
}
static const char *find_chars(const char *s, size_t s_len, const char *chars)
{
const char *end = s + s_len;
size_t chars_n = strlen(chars);
const char *p;
int i;
p = s;
while (p < end) {
for (i = 0 ; i < chars_n ; i++) {
if (*p == chars[i]) {
return p;
}
}
p++;
}
return NULL;
}
static const char *find_chars_reverse(const char *s, size_t s_len, const char *chars)
{
const char *end = s + s_len;
size_t chars_n = strlen(chars);
const char *p;
int i;
p = end - 1;
while (p >= s) {
for (i = 0 ; i < chars_n ; i++) {
if (*p == chars[i]) {
return p;
}
}
p--;
}
return NULL;
}
static int is_alpha(char c)
{
if ((c >= 'a' && c <= 'z') ||
(c >= 'A' && c <= 'Z')) {
return 1;
}
return 0;
}
static int is_digit(char c)
{
if (c >= '0' && c <= '9') {
return 1;
}
return 0;
}
static int is_control(char c)
{
if ((c >= 0x00 && c <= 0x1f) ||
c == 0x7f) {
return 1;
}
return 0;
}
static const char *lookup_scheme(const char *s)
{
const char *p = s;
char c;
if (strlen(s) == 0) {
return NULL;
}
if (!is_alpha(*p)) {
return NULL;
}
p++;
while (*p != '\0') {
c = *p;
if (c == ':') {
return p;
}
if (!is_alpha(c) &&
!is_digit(c) &&
c != '+' &&
c != '-' &&
c != '.') {
return NULL;
}
p++;
}
return NULL;
}
static int parse_user_password(const char *s, size_t s_len, URL_COMPONENTS *c)
{
const char *end = s + s_len;
const char *found;
found = _strnstr(s, s_len, ":");
if (found) {
c->user = strndup(s, found - s);
if (c->user == NULL) {
return -1; /* ENOMEM */
}
c->password = strndup(found + 1, end - found - 1);
if (c->password == NULL) {
return -1; /* ENOMEM */
}
} else {
c->user = strndup(s, s_len);
if (c->user == NULL) {
return -1; /* ENOMEM */
}
}
return 0;
}
static int parse_authority(const char *s, size_t s_len, URL_COMPONENTS *c)
{
const char *end = s + s_len;
const char *p, *found, *host_start, *host_end;
int port;
c->port = -1;
if (s_len == 0) { /* empty authority */
return 0;
}
found = _strnstr(s, s_len, "@");
if (found) {
if (parse_user_password(s, found - s, c) == -1) {
return -1;
}
host_start = found + 1;
} else {
host_start = s;
}
if (*host_start == '[') {
/* IP-literal host */
if (find_chars(host_start + 1, end - host_start - 1, "[")) {
errno = EINVAL;
return -1;
}
host_end = find_chars(host_start + 1, end - host_start - 1, "]");
if (!host_end) {
errno = EINVAL;
return -1;
}
/* The next character of ']' is termination or ':'. */
if (host_end + 1 != end && host_end[1] != ':') {
errno = EINVAL;
return -1;
}
host_end++;
} else {
/* IPv4address / reg-name host */
host_end = find_chars_reverse(host_start, end - host_start, ":");
if (host_end == NULL) {
host_end = end;
}
if (find_chars(host_start, host_end - host_start, "[]")) {
errno = EINVAL;
return -1;
}
}
if (find_chars(host_start, host_end - host_start, " ")) {
errno = EINVAL;
return -1;
}
/* ASSERT: host_end == end or *host_end == ':' */
if (host_end == end) {
/* without port number */
if (host_start == end) { /* empty host */
errno = EINVAL;
return -1;
}
c->host = strndup(host_start, end - host_start);
if (c->host == NULL) {
return -1; /* ENOMEM */
}
return 0;
}
/* ASSERT: *host_end == ':' */
/* host and port */
if (host_start == host_end) { /* empty host */
errno = EINVAL;
return -1;
}
if (host_end + 1 < end) {
p = host_end + 1;
port = 0;
while (p < end) {
if (*p < '0' || *p > '9') {
errno = EINVAL;
return -1;
}
port = port * 10 + *p - '0';
if (port > 65535) {
errno = EINVAL;
return -1;
}
p++;
}
} else {
/* empty port number */
port = -1;
}
c->host = strndup(host_start, (size_t) (host_end - host_start));
if (c->host == NULL) {
return -1; /* ENOMEM */
}
c->port = port;
return 0;
}
URL_COMPONENTS *parse_url(const char *url)
{
URL_COMPONENTS *c;
const char *p;
const char *end = url + strlen(url);
const char *found;
size_t len;
for (p = url ; p < end ; p++) {
if (is_control(*p)) {
errno = EINVAL;
return NULL;
}
}
c = malloc(sizeof(URL_COMPONENTS));
if (!c) {
return NULL;
}
memset(c, 0, sizeof(URL_COMPONENTS));
c->port = -1;
p = url;
/* lookup scheme */
found = lookup_scheme(p);
if (found) {
c->scheme = strndup(url, (size_t) (found - p));
if (c->scheme == NULL) {
goto error;
}
p = found + 1; /* skip a colon */
if (p >= end) {
return c;
}
}
if (strlen(p) >= 2 &&
p[0] == '/' && p[1] == '/') {
/* authority */
p = p + 2;
found = find_chars(p, strlen(p), "/?#");
if (found == NULL) {
len = strlen(p);
} else {
len = (size_t) (found - p);
}
if (parse_authority(p, len, c) == -1) {
goto error; /* ENOMEM,EINVAL */
}
if (!found) {
return c;
}
p = found;
}
if (*p != '?' && *p != '#') {
/* path */
found = find_chars(p, strlen(p), "?#");
found = NULL;
if (found == NULL) {
c->path = strdup(p);
if (c->path == NULL) {
goto error;
}
} else
{
if (found != p) {
c->path = strndup(p, (size_t) (found - p));
if (c->path == NULL) {
goto error;
}
}
}
if (!found) {
return c;
}
p = found;
}
/* ASSERT: *p is '?' or '#' */
#if 0
if (*p == '?') {
/* query */
p = p + 1;
found = find_chars(p, strlen(p), "#");
if (found == NULL) {
c->query = strdup(p);
} else {
c->query = strndup(p, (size_t) (found - p));
}
if (c->query == NULL) {
goto error;
}
if (!found) {
return c;
}
p = found;
}
#endif
/* ASSERT: *p is '#' */
/* fragment */
p = p + 1;
c->fragment = strdup(p);
if (c->fragment == NULL) {
goto error;
}
return c;
error:
free(c);
return NULL;
}
void free_url_components(URL_COMPONENTS *c)
{
if (c->scheme) {
free(c->scheme);
}
if (c->user) {
free(c->user);
}
if (c->password) {
free(c->password);
}
if (c->host) {
free(c->host);
}
if (c->path) {
free(c->path);
}
if (c->query) {
free(c->query);
}
if (c->fragment) {
free(c->fragment);
}
free(c);
}
#include "url_parser.h"
#include <errno.h>
#include <stdlib.h>
#include <string.h>
static const char *_strnstr(const char *s, size_t s_len, const char *needle)
{
const char *end = s + s_len;
size_t needle_len = strlen(needle);
const char *p;
p = s;
while (p < end - needle_len + 1) {
if (strncmp(p, needle, needle_len) == 0) {
return p;
}
p++;
}
return NULL;
}
static const char *find_chars(const char *s, size_t s_len, const char *chars)
{
const char *end = s + s_len;
size_t chars_n = strlen(chars);
const char *p;
int i;
p = s;
while (p < end) {
for (i = 0 ; i < chars_n ; i++) {
if (*p == chars[i]) {
return p;
}
}
p++;
}
return NULL;
}
static const char *find_chars_reverse(const char *s, size_t s_len, const char *chars)
{
const char *end = s + s_len;
size_t chars_n = strlen(chars);
const char *p;
int i;
p = end - 1;
while (p >= s) {
for (i = 0 ; i < chars_n ; i++) {
if (*p == chars[i]) {
return p;
}
}
p--;
}
return NULL;
}
static int is_alpha(char c)
{
if ((c >= 'a' && c <= 'z') ||
(c >= 'A' && c <= 'Z')) {
return 1;
}
return 0;
}
static int is_digit(char c)
{
if (c >= '0' && c <= '9') {
return 1;
}
return 0;
}
static int is_control(char c)
{
if ((c >= 0x00 && c <= 0x1f) ||
c == 0x7f) {
return 1;
}
return 0;
}
static const char *lookup_scheme(const char *s)
{
const char *p = s;
char c;
if (strlen(s) == 0) {
return NULL;
}
if (!is_alpha(*p)) {
return NULL;
}
p++;
while (*p != '\0') {
c = *p;
if (c == ':') {
return p;
}
if (!is_alpha(c) &&
!is_digit(c) &&
c != '+' &&
c != '-' &&
c != '.') {
return NULL;
}
p++;
}
return NULL;
}
static int parse_user_password(const char *s, size_t s_len, URL_COMPONENTS *c)
{
const char *end = s + s_len;
const char *found;
found = _strnstr(s, s_len, ":");
if (found) {
c->user = strndup(s, found - s);
if (c->user == NULL) {
return -1; /* ENOMEM */
}
c->password = strndup(found + 1, end - found - 1);
if (c->password == NULL) {
return -1; /* ENOMEM */
}
} else {
c->user = strndup(s, s_len);
if (c->user == NULL) {
return -1; /* ENOMEM */
}
}
return 0;
}
static int parse_authority(const char *s, size_t s_len, URL_COMPONENTS *c)
{
const char *end = s + s_len;
const char *p, *found, *host_start, *host_end;
int port;
c->port = -1;
if (s_len == 0) { /* empty authority */
return 0;
}
found = _strnstr(s, s_len, "@");
if (found) {
if (parse_user_password(s, found - s, c) == -1) {
return -1;
}
host_start = found + 1;
} else {
host_start = s;
}
if (*host_start == '[') {
/* IP-literal host */
if (find_chars(host_start + 1, end - host_start - 1, "[")) {
errno = EINVAL;
return -1;
}
host_end = find_chars(host_start + 1, end - host_start - 1, "]");
if (!host_end) {
errno = EINVAL;
return -1;
}
/* The next character of ']' is termination or ':'. */
if (host_end + 1 != end && host_end[1] != ':') {
errno = EINVAL;
return -1;
}
host_end++;
} else {
/* IPv4address / reg-name host */
host_end = find_chars_reverse(host_start, end - host_start, ":");
if (host_end == NULL) {
host_end = end;
}
if (find_chars(host_start, host_end - host_start, "[]")) {
errno = EINVAL;
return -1;
}
}
if (find_chars(host_start, host_end - host_start, " ")) {
errno = EINVAL;
return -1;
}
/* ASSERT: host_end == end or *host_end == ':' */
if (host_end == end) {
/* without port number */
if (host_start == end) { /* empty host */
errno = EINVAL;
return -1;
}
c->host = strndup(host_start, end - host_start);
if (c->host == NULL) {
return -1; /* ENOMEM */
}
return 0;
}
/* ASSERT: *host_end == ':' */
/* host and port */
if (host_start == host_end) { /* empty host */
errno = EINVAL;
return -1;
}
if (host_end + 1 < end) {
p = host_end + 1;
port = 0;
while (p < end) {
if (*p < '0' || *p > '9') {
errno = EINVAL;
return -1;
}
port = port * 10 + *p - '0';
if (port > 65535) {
errno = EINVAL;
return -1;
}
p++;
}
} else {
/* empty port number */
port = -1;
}
c->host = strndup(host_start, (size_t) (host_end - host_start));
if (c->host == NULL) {
return -1; /* ENOMEM */
}
c->port = port;
return 0;
}
URL_COMPONENTS *parse_url(const char *url)
{
URL_COMPONENTS *c;
const char *p;
const char *end = url + strlen(url);
const char *found;
size_t len;
for (p = url ; p < end ; p++) {
if (is_control(*p)) {
errno = EINVAL;
return NULL;
}
}
c = malloc(sizeof(URL_COMPONENTS));
if (!c) {
return NULL;
}
memset(c, 0, sizeof(URL_COMPONENTS));
c->port = -1;
p = url;
/* lookup scheme */
found = lookup_scheme(p);
if (found) {
c->scheme = strndup(url, (size_t) (found - p));
if (c->scheme == NULL) {
goto error;
}
p = found + 1; /* skip a colon */
if (p >= end) {
return c;
}
}
if (strlen(p) >= 2 &&
p[0] == '/' && p[1] == '/') {
/* authority */
p = p + 2;
found = find_chars(p, strlen(p), "/?#");
if (found == NULL) {
len = strlen(p);
} else {
len = (size_t) (found - p);
}
if (parse_authority(p, len, c) == -1) {
goto error; /* ENOMEM,EINVAL */
}
if (!found) {
return c;
}
p = found;
}
if (*p != '?' && *p != '#') {
/* path */
found = find_chars(p, strlen(p), "?#");
found = NULL;
if (found == NULL) {
c->path = strdup(p);
if (c->path == NULL) {
goto error;
}
} else
{
if (found != p) {
c->path = strndup(p, (size_t) (found - p));
if (c->path == NULL) {
goto error;
}
}
}
if (!found) {
return c;
}
p = found;
}
/* ASSERT: *p is '?' or '#' */
#if 0
if (*p == '?') {
/* query */
p = p + 1;
found = find_chars(p, strlen(p), "#");
if (found == NULL) {
c->query = strdup(p);
} else {
c->query = strndup(p, (size_t) (found - p));
}
if (c->query == NULL) {
goto error;
}
if (!found) {
return c;
}
p = found;
}
#endif
/* ASSERT: *p is '#' */
/* fragment */
p = p + 1;
c->fragment = strdup(p);
if (c->fragment == NULL) {
goto error;
}
return c;
error:
free(c);
return NULL;
}
void free_url_components(URL_COMPONENTS *c)
{
if (c->scheme) {
free(c->scheme);
}
if (c->user) {
free(c->user);
}
if (c->password) {
free(c->password);
}
if (c->host) {
free(c->host);
}
if (c->path) {
free(c->path);
}
if (c->query) {
free(c->query);
}
if (c->fragment) {
free(c->fragment);
}
free(c);
}

45
demos/tlcp/url_parser.h
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,24 +7,25 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#ifndef URL_PARSER_H
#define URL_PARSER_H
#define URL_PARSER_VERSION 0x00000300 /* 0.0.3 */
typedef struct url_components {
char *scheme;
char *user;
char *password;
char *host;
int port;
char *path;
char *query;
char *fragment;
} URL_COMPONENTS;
extern URL_COMPONENTS *parse_url(const char *url);
extern void free_url_components(URL_COMPONENTS *c);
#endif
#ifndef URL_PARSER_H
#define URL_PARSER_H
#define URL_PARSER_VERSION 0x00000300 /* 0.0.3 */
typedef struct url_components {
char *scheme;
char *user;
char *password;
char *host;
int port;
char *path;
char *query;
char *fragment;
} URL_COMPONENTS;
extern URL_COMPONENTS *parse_url(const char *url);
extern void free_url_components(URL_COMPONENTS *c);
#endif

16
demos/tlcp_client.sh
View File

@@ -1,8 +1,8 @@
#!/bin/bash -x
# https://ebssec.boc.cn
gmssl tlcp_client -host 123.124.191.183
# https://zffw.jxzwfww.gov.cn
gmssl tlcp_client -host 218.87.21.62
#!/bin/bash -x
# https://ebssec.boc.cn
gmssl tlcp_client -host 123.124.191.183
# https://zffw.jxzwfww.gov.cn
gmssl tlcp_client -host 218.87.21.62

78
demos/tlcp_server.sh
View File

@@ -1,39 +1,39 @@
#!/bin/bash -x
gmssl sm2keygen -pass 1234 -out rootcakey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign
gmssl certparse -in rootcacert.pem
gmssl sm2keygen -pass 1234 -out cakey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -days 3650 -key cakey.pem -pass 1234 -out careq.pem
gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem
gmssl certparse -in cacert.pem
gmssl sm2keygen -pass 1234 -out signkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem
gmssl sm2keygen -pass 1234 -out enckey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key enckey.pem -pass 1234 -out encreq.pem
gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem
gmssl certparse -in enccert.pem
cat signcert.pem > double_certs.pem
cat enccert.pem >> double_certs.pem
cat cacert.pem >> double_certs.pem
sudo gmssl tlcp_server -port 443 -cert double_certs.pem -key signkey.pem -pass 1234 -ex_key enckey.pem -ex_pass 1234 -cacert cacert.pem 1>/dev/null 2>/dev/null &
sleep 3
gmssl sm2keygen -pass 1234 -out clientkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Client -days 365 -key clientkey.pem -pass 1234 -out clientreq.pem
gmssl reqsign -in clientreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out clientcert.pem
gmssl certparse -in clientcert.pem
# build and install BabaSSL 8.3.1
openssl version
openssl s_client -enable_ntls -ntls -connect localhost:443 -no_ticket -CAfile rootcacert.pem
#!/bin/bash -x
gmssl sm2keygen -pass 1234 -out rootcakey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign
gmssl certparse -in rootcacert.pem
gmssl sm2keygen -pass 1234 -out cakey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -days 3650 -key cakey.pem -pass 1234 -out careq.pem
gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem
gmssl certparse -in cacert.pem
gmssl sm2keygen -pass 1234 -out signkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem
gmssl sm2keygen -pass 1234 -out enckey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key enckey.pem -pass 1234 -out encreq.pem
gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem
gmssl certparse -in enccert.pem
cat signcert.pem > double_certs.pem
cat enccert.pem >> double_certs.pem
cat cacert.pem >> double_certs.pem
sudo gmssl tlcp_server -port 443 -cert double_certs.pem -key signkey.pem -pass 1234 -ex_key enckey.pem -ex_pass 1234 -cacert cacert.pem 1>/dev/null 2>/dev/null &
sleep 3
gmssl sm2keygen -pass 1234 -out clientkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Client -days 365 -key clientkey.pem -pass 1234 -out clientreq.pem
gmssl reqsign -in clientreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out clientcert.pem
gmssl certparse -in clientcert.pem
# build and install BabaSSL 8.3.1
openssl version
openssl s_client -enable_ntls -ntls -connect localhost:443 -no_ticket -CAfile rootcacert.pem

72
demos/tlcpdemo.sh
View File

@@ -1,36 +1,36 @@
#!/bin/bash -x
gmssl sm2keygen -pass 1234 -out rootcakey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign
gmssl certparse -in rootcacert.pem
gmssl sm2keygen -pass 1234 -out cakey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -days 3650 -key cakey.pem -pass 1234 -out careq.pem
gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem
gmssl certparse -in cacert.pem
gmssl sm2keygen -pass 1234 -out signkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem
gmssl sm2keygen -pass 1234 -out enckey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key enckey.pem -pass 1234 -out encreq.pem
gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem
gmssl certparse -in enccert.pem
cat signcert.pem > double_certs.pem
cat enccert.pem >> double_certs.pem
cat cacert.pem >> double_certs.pem
sudo gmssl tlcp_server -port 443 -cert double_certs.pem -key signkey.pem -pass 1234 -ex_key enckey.pem -ex_pass 1234 -cacert cacert.pem 1>/dev/null 2>/dev/null &
sleep 3
gmssl sm2keygen -pass 1234 -out clientkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Client -days 365 -key clientkey.pem -pass 1234 -out clientreq.pem
gmssl reqsign -in clientreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out clientcert.pem
gmssl certparse -in clientcert.pem
gmssl tlcp_client -host 127.0.0.1 -cacert rootcacert.pem -cert clientcert.pem -key clientkey.pem -pass 1234
#!/bin/bash -x
gmssl sm2keygen -pass 1234 -out rootcakey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign
gmssl certparse -in rootcacert.pem
gmssl sm2keygen -pass 1234 -out cakey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -days 3650 -key cakey.pem -pass 1234 -out careq.pem
gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem
gmssl certparse -in cacert.pem
gmssl sm2keygen -pass 1234 -out signkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem
gmssl sm2keygen -pass 1234 -out enckey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key enckey.pem -pass 1234 -out encreq.pem
gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem
gmssl certparse -in enccert.pem
cat signcert.pem > double_certs.pem
cat enccert.pem >> double_certs.pem
cat cacert.pem >> double_certs.pem
sudo gmssl tlcp_server -port 443 -cert double_certs.pem -key signkey.pem -pass 1234 -ex_key enckey.pem -ex_pass 1234 -cacert cacert.pem 1>/dev/null 2>/dev/null &
sleep 3
gmssl sm2keygen -pass 1234 -out clientkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Client -days 365 -key clientkey.pem -pass 1234 -out clientreq.pem
gmssl reqsign -in clientreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out clientcert.pem
gmssl certparse -in clientcert.pem
gmssl tlcp_client -host 127.0.0.1 -cacert rootcacert.pem -cert clientcert.pem -key clientkey.pem -pass 1234

60
demos/tls12demo.sh
View File

@@ -1,30 +1,30 @@
#!/bin/bash -x
gmssl sm2keygen -pass 1234 -out rootcakey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign
gmssl certparse -in rootcacert.pem
gmssl sm2keygen -pass 1234 -out cakey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -days 3650 -key cakey.pem -pass 1234 -out careq.pem
gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem
gmssl certparse -in cacert.pem
gmssl sm2keygen -pass 1234 -out signkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem
cat signcert.pem > certs.pem
cat cacert.pem >> certs.pem
sudo gmssl tls12_server -port 443 -cert certs.pem -key signkey.pem -pass 1234 -cacert cacert.pem 1>/dev/null 2>/dev/null &
sleep 3
gmssl sm2keygen -pass 1234 -out clientkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Client -days 365 -key clientkey.pem -pass 1234 -out clientreq.pem
gmssl reqsign -in clientreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out clientcert.pem
gmssl certparse -in clientcert.pem
gmssl tls12_client -host 127.0.0.1 -cacert rootcacert.pem -cert clientcert.pem -key clientkey.pem -pass 1234
#!/bin/bash -x
gmssl sm2keygen -pass 1234 -out rootcakey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign
gmssl certparse -in rootcacert.pem
gmssl sm2keygen -pass 1234 -out cakey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -days 3650 -key cakey.pem -pass 1234 -out careq.pem
gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem
gmssl certparse -in cacert.pem
gmssl sm2keygen -pass 1234 -out signkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem
cat signcert.pem > certs.pem
cat cacert.pem >> certs.pem
sudo gmssl tls12_server -port 443 -cert certs.pem -key signkey.pem -pass 1234 -cacert cacert.pem 1>/dev/null 2>/dev/null &
sleep 3
gmssl sm2keygen -pass 1234 -out clientkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Client -days 365 -key clientkey.pem -pass 1234 -out clientreq.pem
gmssl reqsign -in clientreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out clientcert.pem
gmssl certparse -in clientcert.pem
gmssl tls12_client -host 127.0.0.1 -cacert rootcacert.pem -cert clientcert.pem -key clientkey.pem -pass 1234

60
demos/tls13demo.sh
View File

@@ -1,30 +1,30 @@
#!/bin/bash -x
gmssl sm2keygen -pass 1234 -out rootcakey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign
gmssl certparse -in rootcacert.pem
gmssl sm2keygen -pass 1234 -out cakey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -days 3650 -key cakey.pem -pass 1234 -out careq.pem
gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem
gmssl certparse -in cacert.pem
gmssl sm2keygen -pass 1234 -out signkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem
cat signcert.pem > certs.pem
cat cacert.pem >> certs.pem
sudo gmssl tls13_server -port 443 -cert certs.pem -key signkey.pem -pass 1234 -cacert cacert.pem 1>/dev/null 2>/dev/null &
sleep 3
gmssl sm2keygen -pass 1234 -out clientkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Client -days 365 -key clientkey.pem -pass 1234 -out clientreq.pem
gmssl reqsign -in clientreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out clientcert.pem
gmssl certparse -in clientcert.pem
gmssl tls13_client -host 127.0.0.1 -cacert rootcacert.pem -cert clientcert.pem -key clientkey.pem -pass 1234
#!/bin/bash -x
gmssl sm2keygen -pass 1234 -out rootcakey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign
gmssl certparse -in rootcacert.pem
gmssl sm2keygen -pass 1234 -out cakey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -days 3650 -key cakey.pem -pass 1234 -out careq.pem
gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem
gmssl certparse -in cacert.pem
gmssl sm2keygen -pass 1234 -out signkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem
cat signcert.pem > certs.pem
cat cacert.pem >> certs.pem
sudo gmssl tls13_server -port 443 -cert certs.pem -key signkey.pem -pass 1234 -cacert cacert.pem 1>/dev/null 2>/dev/null &
sleep 3
gmssl sm2keygen -pass 1234 -out clientkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Client -days 365 -key clientkey.pem -pass 1234 -out clientreq.pem
gmssl reqsign -in clientreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out clientcert.pem
gmssl certparse -in clientcert.pem
gmssl tls13_client -host 127.0.0.1 -cacert rootcacert.pem -cert clientcert.pem -key clientkey.pem -pass 1234

16
demos/zuc/Makefile
View File

@@ -1,8 +1,8 @@
all:
cc zuc_demo.c -lgmssl -o zuc_encrypt_demo
cc zuc_demo.c -lgmssl -o zuc_decrypt_demo
clean:
rm -fr zuc_encrypt_demo
rm -fr zuc_decrypt_demo
all:
cc zuc_demo.c -lgmssl -o zuc_encrypt_demo
cc zuc_demo.c -lgmssl -o zuc_decrypt_demo
clean:
rm -fr zuc_encrypt_demo
rm -fr zuc_decrypt_demo

85
demos/zuc/zuc_demo.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -7,44 +7,45 @@
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/zuc.h>
int main(void)
{
ZUC_CTX zuc_ctx;
unsigned char key[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char iv[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char inbuf[1024];
unsigned char outbuf[1024 + 32];
ssize_t inlen;
size_t outlen;
if (zuc_encrypt_init(&zuc_ctx, key, iv) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) {
if (zuc_encrypt_update(&zuc_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
fwrite(outbuf, 1, outlen, stdout);
}
if (zuc_encrypt_finish(&zuc_ctx, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
fwrite(outbuf, 1, outlen, stdout);
return 0;
}
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/zuc.h>
int main(void)
{
ZUC_CTX zuc_ctx;
unsigned char key[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char iv[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char inbuf[1024];
unsigned char outbuf[1024 + 32];
ssize_t inlen;
size_t outlen;
if (zuc_encrypt_init(&zuc_ctx, key, iv) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) {
if (zuc_encrypt_update(&zuc_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
fwrite(outbuf, 1, outlen, stdout);
}
if (zuc_encrypt_finish(&zuc_ctx, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
fwrite(outbuf, 1, outlen, stdout);
return 0;
}

20
demos/zucdemo.sh
View File

@@ -1,10 +1,10 @@
#!/bin/bash
KEY=11223344556677881122334455667788
IV=11223344556677881122334455667788
echo hello | gmssl zuc -key $KEY -iv $IV -out zuc.bin
gmssl zuc -key $KEY -iv $IV -in zuc.bin
#!/bin/bash
KEY=11223344556677881122334455667788
IV=11223344556677881122334455667788
echo hello | gmssl zuc -key $KEY -iv $IV -out zuc.bin
gmssl zuc -key $KEY -iv $IV -in zuc.bin