abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-05-07 00:46:17 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update demos

Browse Source 
To build demos, run
`cmake .. -DENABLE_DEMOS=ON`
This commit is contained in:
Zhi Guan
2023-12-16 11:42:10 +08:00
parent 508206223b
commit 2c988b008b
84 changed files with 3130 additions and 864 deletions
Download Patch File Download Diff File Expand all files Collapse all files

100
CMakeLists.txt
View File

@@ -160,29 +160,78 @@ set(tests
) )
set(demos set(demos
demo_sm2_encrypt asn1_oid_from_der_demo
demo_sm2_keygen asn1_oid_to_der_demo
demo_sm2_keyparse base64_demo
demo_sm2_private_key http_get_demo
demo_sm2_private_key_parse password_to_key_demo
demo_sm2_public_key pem_from_der_demo
demo_sm2_sign pem_to_der_demo
demo_sm2_sign_ctx rand_demo
demo_sm3 sdf_info_demo
demo_sm3_hmac sdf_rand_demo
demo_sm3_kdf sdf_sign_demo
demo_sm4 sha256_digest_demo
demo_sm4_cbc sha512_256_digest_demo
demo_sm4_cbc_decrypt_update sha512_digest_demo
demo_sm4_cbc_encrypt_update #sm2_ciphertext_to_der_demo
demo_sm4_cbc_padding sm2_ecdh_demo
demo_sm4_ctr sm2_encrypt_demo
demo_sm4_ctr_encrypt_update sm2_encrypt_fixlen_demo
demo_sm4_gcm sm2_id_demo
demo_sm9_encrypt sm2_keygen_demo
demo_sm9_keygen sm2_keyparse_demo
demo_sm9_sign sm2_point_demo
demo_zuc sm2_point_from_bin_demo
sm2_point_from_hash_demo
sm2_point_from_octets_demo
sm2_point_to_bin_demo
sm2_point_to_octets_demo
sm2_private_key_demo
sm2_private_key_parse_demo
sm2_public_key_demo
sm2_sig_from_bin_demo
#sm2_sig_from_der_demo
sm2_sig_to_der_demo
sm2_sign_ctx_demo
sm2_sign_ctx_fixlen_demo
sm2_sign_demo
#sm2_sign_digest_demo
sm3_ctx_demo
sm3_ctx_stdin_demo
sm3_demo
sm3_hmac_ctx_demo
sm3_hmac_demo
sm4_cbc_ctx_decrypt_stdin_demo
sm4_cbc_ctx_encrypt_stdin_demo
sm4_cbc_demo
sm4_cbc_padding_demo
sm4_cbc_sm3_hmac_demo
sm4_consts_demo
sm4_ctr_demo
sm4_ctr_encrypt_update_demo
sm4_ctr_sm3_hmac_demo
sm4_demo
sm4_ecb_demo
sm4_gcm_ctx_demo
sm4_gcm_demo
sm4_key_demo
sm9_encrypt_demo
sm9_keygen_demo
sm9_sign_demo
#tlcp_get_demo
#tlcp_post_demo
version_demo
x509_cert_check_demo
x509_cert_parse_demo
x509_cert_print_demo
x509_cert_verify_demo
x509_crl_download_demo
#x509_crl_find_revoked_cert_demo
x509_crl_print_demo
#x509_crl_verify_demo
zuc_demo
zuc_encrypt_stdin_demo
) )
include(CheckSymbolExists) include(CheckSymbolExists)
@@ -201,7 +250,7 @@ option(ENABLE_SM2_PRIVATE_KEY_EXPORT "Enable export un-encrypted SM2 private key
if (ENABLE_SM2_PRIVATE_KEY_EXPORT) if (ENABLE_SM2_PRIVATE_KEY_EXPORT)
message(STATUS "ENABLE_SM2_PRIVATE_KEY_EXPORT") message(STATUS "ENABLE_SM2_PRIVATE_KEY_EXPORT")
add_definitions(-DSM2_PRIVATE_KEY_EXPORT) add_definitions(-DSM2_PRIVATE_KEY_EXPORT)
list(APPEND demos demo_sm2_key_export) list(APPEND demos sm2_key_export_demo)
endif() endif()
@@ -249,6 +298,7 @@ if (ENABLE_BROKEN_CRYPTO)
message(STATUS "ENABLE_BROKEN_CRYPTO") message(STATUS "ENABLE_BROKEN_CRYPTO")
list(APPEND src src/sha1.c) list(APPEND src src/sha1.c)
list(APPEND tests sha1) list(APPEND tests sha1)
list(APPEND demos sha1_digest_demo)
endif() endif()
@@ -265,6 +315,7 @@ if (ENABLE_INTEL_RDRAND)
message(STATUS "ENABLE_INTEL_RDRAND") message(STATUS "ENABLE_INTEL_RDRAND")
add_definitions(-DINTEL_RDRAND) add_definitions(-DINTEL_RDRAND)
list(APPEND src src/rdrand.c) list(APPEND src src/rdrand.c)
list(APPEND demos rdrand_demo)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -mrdrnd") set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -mrdrnd")
endif() endif()
if (ENABLE_INTEL_RDSEED) if (ENABLE_INTEL_RDSEED)
@@ -286,6 +337,7 @@ if (ENABLE_GMT_0105_RNG)
message(STATUS "ENABLE_GMT_0105_RNG") message(STATUS "ENABLE_GMT_0105_RNG")
list(APPEND src src/sm3_rng.c src/sm4_cbc_mac.c src/sm4_rng.c) list(APPEND src src/sm3_rng.c src/sm4_cbc_mac.c src/sm4_rng.c)
list(APPEND tests sm3_rng sm4_cbc_mac sm4_rng) list(APPEND tests sm3_rng sm4_cbc_mac sm4_rng)
list(APPEND demos sm4_cbc_mac_demo)
endif() endif()

44
demos/src/asn1_oid_from_der_demo.c Normal file
View File

@@ -0,0 +1,44 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/oid.h>
#include <gmssl/asn1.h>
int main(int argc, char **argv)
{
int ret = -1;
uint8_t der[] = { 0x06,0x06,0x2a,0x81,0x1c,0xcf,0x55,0x01 };
uint32_t oid[32];
size_t oid_num;
const uint8_t *cp;
size_t len;
size_t i;
cp = der;
len = sizeof(der);
if (asn1_object_identifier_from_der(oid, &oid_num, &cp, &len) != 1) {
fprintf(stderr, "asn1_object_identifier_from_der() error\n");
goto err;
}
printf("oid: ");
for (i = 0; i < oid_num; i++) {
printf("%u ", oid[i]);
}
printf("\n");
ret = 0;
err:
return ret;
}

49
demos/src/asn1_oid_to_der_demo.c Normal file
View File

@@ -0,0 +1,49 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/oid.h>
#include <gmssl/asn1.h>
int main(int argc, char **argv)
{
int ret = -1;
uint32_t oid[] = {1,2,156,10197,1};
uint8_t buf[64];
uint8_t *p;
size_t len;
size_t i;
p = buf;
len = 0;
if (asn1_object_identifier_to_der(oid, sizeof(oid)/sizeof(oid[0]), &p, &len) != 1) {
fprintf(stderr, "asn1_object_identifier_to_der() error\n");
goto err;
}
printf("oid: ");
for (i = 0; i < sizeof(oid)/sizeof(oid[0]); i++) {
printf("%u ", oid[i]);
}
printf("\n");
printf("der: ");
for (i = 0; i < len; i++) {
printf("%02x ", buf[i]);
}
printf("\n");
ret = 0;
err:
return ret;
}

56
demos/src/base64_demo.c Normal file
View File

@@ -0,0 +1,56 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/base64.h>
#include <gmssl/error.h>
#include <gmssl/rand.h>
int main(void)
{
BASE64_CTX ctx;
uint8_t buf[200];
char base64[400] = {0};
uint8_t *in = buf;
uint8_t *out = (uint8_t *)base64;
int len;
int i;
int inlen = 47;
rand_bytes(buf, sizeof(buf));
base64_encode_init(&ctx);
base64_encode_update(&ctx, in, inlen, out, &len);
out += len;
in += inlen;
printf("1 %s\n", base64);
base64_encode_update(&ctx, in, inlen, out, &len);
out += len;
in += inlen;
printf("2 %s\n", base64);
base64_encode_update(&ctx, in, 30, out, &len);
out += len;
in += 48;
printf("3 %s\n", base64);
base64_encode_update(&ctx, in, 30, out, &len);
out += len;
in += 48;
printf("4 %s\n", base64);
return 0;
}

258
demos/src/demo_cert_gen.c
View File

@@ -1,258 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <errno.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/mem.h>
#include <gmssl/rand.h>
#include <gmssl/pkcs8.h>
#include <gmssl/error.h>
#include <gmssl/hex.h>
#include <gmssl/x509.h>
#include <gmssl/x509_ext.h>
static int ext_key_usage_set(int *usages, const char *usage_name)
{
int flag;
if (x509_key_usage_from_name(&flag, usage_name) != 1) {
error_print();
return -1;
}
*usages |= flag;
return 1;
}
int main(int argc, char *argv[])
{
int ret = 1;
char *prog = argv[0];
char *str;
// SerialNumber
uint8_t serial[20];
int serial_len = 12;
// Issuer, Subject
uint8_t name[256];
size_t namelen;
char *country = "CN";
char *state = "Beijing";
char *locality = "Haidian";
char *org = "PKU";
char *org_unit = "CS";
char *common_name = "ROOTCA";
// Validity
int days = 3650;
time_t not_before;
time_t not_after;
// Private Key
char *keyfile="rootcakey.pem"; //可由/demos/scripts/cert_gen.sh生成
FILE *keyfp = NULL;
char *pass = "1234";
SM2_KEY sm2_key;
char signer_id[SM2_MAX_ID_LENGTH + 1] = {0};
size_t signer_id_len = 0;
uint8_t *cert = NULL;
size_t certlen = 0;
FILE *outfp = stdout;
char *outfile = "rootcacert.pem";
uint8_t *p;
// Extensions
uint8_t exts[4096];
size_t extslen = 0;
// AuthorityKeyIdentifier
int gen_authority_key_id = 0;
// SubjectKeyIdentifier
int gen_subject_key_id = 0;
// KeyUsage
int key_usage = 0;
char *keyusage1="keyCertSign";
char *keyusage2="cRLSign";
// SubjectAltName
uint8_t subject_alt_name[2048];
size_t subject_alt_name_len = 0;
// IssuerAltName
uint8_t issuer_alt_name[512];
size_t issuer_alt_name_len = 0;
// BasicConstraints
int ca = 1;
int path_len_constraint = 6;
// ExtKeyUsageSyntax
int ext_key_usages[12];
size_t ext_key_usages_cnt = 0;
// CRLDistributionPoints
char *crl_http_uri = "http://pku.edu.cn/ca.crl";
char *crl_ldap_uri = NULL;
// InhibitAnyPolicy
int inhibit_any_policy = -1;
// FreshestCRL
char *ca_issuers_uri = "http://pku.edu.cn/ca.crt";
char *ocsp_uri = "http://ocsp.pku.edu.cn";
if (!(keyfp = fopen(keyfile, "rb"))) {
fprintf(stderr, "%s: open '%s' failure : %s\n", prog, keyfile, strerror(errno));
goto end;
}
if (ext_key_usage_set(&key_usage, keyusage1) != 1) {
fprintf(stderr, "%s: invalid `-key_usage` value '%s'\n", prog, keyusage1);
goto end;
}
if (ext_key_usage_set(&key_usage, keyusage2) != 1) {
fprintf(stderr, "%s: invalid `-key_usage` value '%s'\n", prog, keyusage2);
goto end;
}
if (!(outfp = fopen(outfile, "wb"))) {
fprintf(stderr, "%s: open '%s' failure : %s\n", prog, outfile, strerror(errno));
goto end;
}
if (!signer_id_len) {
strcpy(signer_id, SM2_DEFAULT_ID);
signer_id_len = strlen(SM2_DEFAULT_ID);
}
if (sm2_private_key_info_decrypt_from_pem(&sm2_key, pass, keyfp) != 1) {
fprintf(stderr, "%s: load private key failed\n", prog);
goto end;
}
// Issuer, Subject
if (x509_name_set(name, &namelen, sizeof(name), country, state, locality, org, org_unit, common_name) != 1) {
fprintf(stderr, "%s: set Issuer/Subject Name error\n", prog);
goto end;
}
// Validity
time(&not_before);
if (x509_validity_add_days(&not_after, not_before, days) != 1) {
fprintf(stderr, "%s: set Validity failure\n", prog);
goto end;
}
if (key_usage) {
if (x509_exts_add_key_usage(exts, &extslen, sizeof(exts), X509_critical, key_usage) != 1) {
fprintf(stderr, "%s: set KeyUsage extension failure\n", prog);
goto end;
}
}
// no SubjectDirectoryAttributes
if (ca >= 0 || path_len_constraint >= 0) {
if (x509_exts_add_basic_constraints(exts, &extslen, sizeof(exts),
X509_critical, ca, path_len_constraint) != 1) {
fprintf(stderr, "%s: set BasicConstraints extension failure\n", prog);
goto end;
}
}
// no NameConstraints
// no PolicyConstraints
if (crl_http_uri || crl_ldap_uri) {
if (x509_exts_add_crl_distribution_points(exts, &extslen, sizeof(exts),
-1,
crl_http_uri, crl_http_uri ? strlen(crl_http_uri) : 0,
crl_ldap_uri, crl_ldap_uri ? strlen(crl_ldap_uri) : 0) != 1) {
fprintf(stderr, "%s: set CRLDistributionPoints extension failure\n", prog);
return -1;
}
}
if (ca_issuers_uri || ocsp_uri) {
if (x509_exts_add_authority_info_access(exts, &extslen, sizeof(exts), 0,
ca_issuers_uri, ca_issuers_uri ? strlen(ca_issuers_uri) : 0,
ocsp_uri, ocsp_uri ? strlen(ocsp_uri) : 0) != 1) {
fprintf(stderr, "%s: set AuthorityInfoAccess extension failure\n", prog);
goto end;
}
}
if (x509_cert_sign_to_der(
X509_version_v3,
serial, serial_len,
OID_sm2sign_with_sm3,
name, namelen,
not_before, not_after,
name, namelen,
&sm2_key,
NULL, 0,
NULL, 0,
exts, extslen,
&sm2_key, signer_id, signer_id_len,
NULL, &certlen) != 1) {
fprintf(stderr, "%s: certificate generation failure\n", prog);
goto end;
}
if (!(cert = malloc(certlen))) {
fprintf(stderr, "%s: malloc failure\n", prog);
goto end;
}
p = cert;
certlen = 0;
if (x509_cert_sign_to_der(
X509_version_v3,
serial, serial_len,
OID_sm2sign_with_sm3,
name, namelen,
not_before, not_after,
name, namelen,
&sm2_key,
NULL, 0,
NULL, 0,
exts, extslen,
&sm2_key, signer_id, signer_id_len,
&p, &certlen) != 1) {
fprintf(stderr, "%s: certificate generation failure\n", prog);
goto end;
}
if (x509_cert_to_pem(cert, certlen, outfp) != 1) {
fprintf(stderr, "%s: output certificate failed\n", prog);
goto end;
}
ret = 0;
end:
gmssl_secure_clear(&sm2_key, sizeof(SM2_KEY));
if (cert) free(cert);
if (keyfp) fclose(keyfp);
if (outfile && outfp) fclose(outfp);
return ret;
}

353
demos/src/demo_cert_sign.c
View File

@@ -1,353 +0,0 @@
/*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <errno.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/hex.h>
#include <gmssl/mem.h>
#include <gmssl/rand.h>
#include <gmssl/x509.h>
#include <gmssl/x509_ext.h>
#include <gmssl/x509_req.h>
static int ext_key_usage_set(int *usages, const char *usage_name)
{
int flag = 0;
if (x509_key_usage_from_name(&flag, usage_name) != 1) {
return -1;
}
*usages |= flag;
return 1;
}
int main(int argc, char **argv)
{
int ret = 1;
char *prog = argv[0];
char *str;
// Input Req/CSR
char *infile = "careq.pem";
FILE *infp = NULL;
uint8_t req[512];
size_t reqlen;
char req_id[SM2_MAX_ID_LENGTH + 1] = {0};
size_t req_id_len = 0;
// SerialNumber
uint8_t serial[20];
int serial_len = 12;
// Validity
int days = 365;
time_t not_before;
time_t not_after;
// Subject from Req
const uint8_t *subject;
size_t subject_len;
SM2_KEY subject_public_key;
// CA certficate and Private Key
uint8_t *cacert = NULL;
char *rootcacert="rootcacert.pem";
size_t cacertlen;
FILE *keyfp = NULL;
char *rootcakey="rootcakey.pem";
char *pass = "1234";
SM2_KEY sm2_key;
char signer_id[SM2_MAX_ID_LENGTH + 1] = {0};
size_t signer_id_len = 0;
// Issuer from CA certificate
const uint8_t *issuer;
size_t issuer_len;
SM2_KEY issuer_public_key;
// Output
char *outfile = "cacert.pem";
FILE *outfp = stdout;
uint8_t *cert = NULL;
size_t certlen = 0;
uint8_t *p;
// Extensions
uint8_t exts[4096];
size_t extslen = 0;
// AuthorityKeyIdentifier
int gen_authority_key_id = 0;
// SubjectKeyIdentifier
int gen_subject_key_id = 0;
// KeyUsage
int key_usage = 0;
char *keyusage="keyCertSign";
// SubjectAltName
uint8_t subject_alt_name[2048];
size_t subject_alt_name_len = 0;
// IssuerAltName
uint8_t issuer_alt_name[512];
size_t issuer_alt_name_len = 0;
// BasicConstraints
int ca = -1;
int path_len_constraint = 0;
// ExtKeyUsageSyntax
int ext_key_usages[12];
size_t ext_key_usages_cnt = 0;
// CRLDistributionPoints
char *crl_http_uri = NULL;
char *crl_ldap_uri = NULL;
// InhibitAnyPolicy
int inhibit_any_policy = -1;
// FreshestCRL
char *ca_issuers_uri = NULL;
char *ocsp_uri = NULL;
if (!(infp = fopen(infile, "rb"))) {
fprintf(stderr, "%s: open '%s' failure : %s\n", prog, infile, strerror(errno));
goto end;
}
if (!(outfp = fopen(outfile, "wb"))) {
fprintf(stderr, "%s: open '%s' failure : %s\n", prog, outfile, strerror(errno));
goto end;
}
if (x509_cert_new_from_file(&cacert, &cacertlen, rootcacert) != 1) {
fprintf(stderr, "%s: load ca certificate '%s' failure\n", prog, rootcacert);
goto end;
}
if (!(keyfp = fopen(rootcakey, "rb"))) {
fprintf(stderr, "%s: open '%s' failure : %s\n", prog, rootcakey, strerror(errno));
goto end;
}
if (ext_key_usage_set(&key_usage, keyusage) != 1) {
fprintf(stderr, "%s: invalid `-key_usage` value '%s'\n", prog, keyusage);
goto end;
}
if (!days) {
fprintf(stderr, "%s: '-days' option required\n", prog);
goto end;
}
if (!cacert) {
fprintf(stderr, "%s: '-cacert' option required\n", prog);
goto end;
}
if (!keyfp) {
fprintf(stderr, "%s: '-key' option required\n", prog);
goto end;
}
if (!pass) {
fprintf(stderr, "%s: '-pass' option required\n", prog);
goto end;
}
if (x509_req_from_pem(req, &reqlen, sizeof(req), infp) != 1) {
fprintf(stderr, "%s: parse CSR failure\n", prog);
goto end;
}
if (!req_id_len) {
strcpy(req_id, SM2_DEFAULT_ID);
req_id_len = strlen(SM2_DEFAULT_ID);
}
if (x509_req_verify(req, reqlen, req_id, req_id_len) != 1) {
fprintf(stderr, "%s: signature verification failure\n", prog);
goto end;
}
if (x509_req_get_details(req, reqlen,
NULL, &subject, &subject_len, &subject_public_key,
NULL, NULL, NULL, NULL, NULL) != 1) {
fprintf(stderr, "%s: parse CSR failure\n", prog);
goto end;
}
if (x509_cert_get_subject(cacert, cacertlen, &issuer, &issuer_len) != 1
|| x509_cert_get_subject_public_key(cacert, cacertlen, &issuer_public_key) != 1) {
fprintf(stderr, "%s: parse CA certificate failure\n", prog);
goto end;
}
if (sm2_private_key_info_decrypt_from_pem(&sm2_key, pass, keyfp) != 1) {
fprintf(stderr, "%s: load private key failure\n", prog);
goto end;
}
if (sm2_public_key_equ(&sm2_key, &issuer_public_key) != 1) {
fprintf(stderr, "%s: private key and CA certificate not match\n", prog);
goto end;
}
if (!signer_id_len) {
strcpy(signer_id, SM2_DEFAULT_ID);
signer_id_len = strlen(SM2_DEFAULT_ID);
}
if (rand_bytes(serial, serial_len) != 1) {
fprintf(stderr, "%s: random number generator error\n", prog);
goto end;
}
time(&not_before);
if (x509_validity_add_days(&not_after, not_before, days) != 1) {
fprintf(stderr, "%s: set Validity failure\n", prog);
goto end;
}
// following code copy from certgen.c
// Extensions
if (gen_authority_key_id) {
if (x509_exts_add_default_authority_key_identifier(exts, &extslen, sizeof(exts), &sm2_key) != 1) {
fprintf(stderr, "%s: set AuthorityKeyIdentifier extension failure\n", prog);
goto end;
}
}
if (gen_subject_key_id) {
if (x509_exts_add_subject_key_identifier_ex(exts, &extslen, sizeof(exts), -1, &sm2_key) != 1) {
fprintf(stderr, "%s: set SubjectKeyIdentifier extension failure\n", prog);
goto end;
}
}
if (key_usage) {
if (x509_exts_add_key_usage(exts, &extslen, sizeof(exts), X509_critical, key_usage) != 1) {
fprintf(stderr, "%s: set KeyUsage extension failure\n", prog);
goto end;
}
}
// no CertificatePolicies
// no PolicyMappings
if (subject_alt_name_len) {
if (x509_exts_add_subject_alt_name(exts, &extslen, sizeof(exts),
-1, subject_alt_name, subject_alt_name_len) != 1) {
fprintf(stderr, "%s: set SubjectAltName extension failure\n", prog);
goto end;
}
}
if (issuer_alt_name_len) {
if (x509_exts_add_issuer_alt_name(exts, &extslen, sizeof(exts),
-1, issuer_alt_name, issuer_alt_name_len) != 1) {
fprintf(stderr, "%s: set IssuerAltName extension failure\n", prog);
goto end;
}
}
// no SubjectDirectoryAttributes
if (ca >= 0 || path_len_constraint >= 0) {
if (x509_exts_add_basic_constraints(exts, &extslen, sizeof(exts),
X509_critical, ca, path_len_constraint) != 1) {
fprintf(stderr, "%s: set BasicConstraints extension failure\n", prog);
goto end;
}
}
// no NameConstraints
// no PolicyConstraints
if (ext_key_usages_cnt) {
if (x509_exts_add_ext_key_usage(exts, &extslen, sizeof(exts),
-1, ext_key_usages, ext_key_usages_cnt) != 1) {
fprintf(stderr, "%s: set ExtKeyUsage extension failure\n", prog);
goto end;
}
}
if (crl_http_uri || crl_ldap_uri) {
if (x509_exts_add_crl_distribution_points(exts, &extslen, sizeof(exts),
-1,
crl_http_uri, crl_http_uri ? strlen(crl_http_uri) : 0,
crl_ldap_uri, crl_ldap_uri ? strlen(crl_ldap_uri) : 0) != 1) {
fprintf(stderr, "%s: set CRLDistributionPoints extension failure\n", prog);
return -1;
}
}
if (inhibit_any_policy >= 0) {
if (x509_exts_add_inhibit_any_policy(exts, &extslen, sizeof(exts),
X509_critical, inhibit_any_policy) != 1) {
fprintf(stderr, "%s: set InhibitAnyPolicy extension failure\n", prog);
goto end;
}
}
if (ca_issuers_uri || ocsp_uri) {
if (x509_exts_add_authority_info_access(exts, &extslen, sizeof(exts), 0,
ca_issuers_uri, ca_issuers_uri ? strlen(ca_issuers_uri) : 0,
ocsp_uri, ocsp_uri ? strlen(ocsp_uri) : 0) != 1) {
fprintf(stderr, "%s: set AuthorityInfoAccess extension failure\n", prog);
goto end;
}
}
if (x509_cert_sign_to_der(
X509_version_v3,
serial, serial_len,
OID_sm2sign_with_sm3,
issuer, issuer_len,
not_before, not_after,
subject, subject_len,
&subject_public_key,
NULL, 0,
NULL, 0,
exts, extslen,
&sm2_key, signer_id, signer_id_len,
NULL, &certlen) != 1) {
fprintf(stderr, "%s: certificate generation failure\n", prog);
goto end;
}
if (!(cert = malloc(certlen))) {
fprintf(stderr, "%s: malloc failure\n", prog);
goto end;
}
p = cert;
certlen = 0;
if (x509_cert_sign_to_der(
X509_version_v3,
serial, serial_len,
OID_sm2sign_with_sm3,
issuer, issuer_len,
not_before, not_after,
subject, subject_len,
&subject_public_key,
NULL, 0,
NULL, 0,
exts, extslen,
&sm2_key, signer_id, signer_id_len,
&p, &certlen) != 1) {
fprintf(stderr, "%s: certificate generation failure\n", prog);
goto end;
}
if (x509_cert_to_pem(cert, certlen, outfp) != 1) {
fprintf(stderr, "%s: output certificate failed\n", prog);
goto end;
}
ret = 0;
end:
gmssl_secure_clear(&sm2_key, sizeof(SM2_KEY));
if (cert) free(cert);
if (keyfp) fclose(keyfp);
if (infile && infp) fclose(infp);
if (outfile && outfp) fclose(outfp);
return ret;
}

37
demos/src/demo_sm2_public_key_copy.c
View File

@@ -1,37 +0,0 @@
/*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/mem.h>
#include <gmssl/sm2.h>
int main(void){
SM2_KEY sm2_key;
SM2_KEY pub_key;
printf("Read SM2 public key file (PEM) from stdin ...\n");
if (sm2_public_key_info_from_pem(&sm2_key, stdin) != 1) {
fprintf(stderr, "error\n");
return 1;
}
if (sm2_public_key_copy(&pub_key, &sm2_key) != 1) {
fprintf(stderr, "error\n");
return 1;
}
sm2_public_key_print(stdout, 0, 0, "SM2PublicKey", &pub_key);
gmssl_secure_clear(&sm2_key, sizeof(sm2_key));
gmssl_secure_clear(&pub_key, sizeof(pub_key));
return 0;
}

41
demos/src/demo_sm2_public_key_digest.c
View File

@@ -1,41 +0,0 @@
/*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/mem.h>
#include <gmssl/sm2.h>
#include <gmssl/sm3.h>
int main(void){
SM2_KEY sm2_key;
uint8_t dgst[32];
int i;
printf("Read SM2 public key file (PEM) from stdin ...\n");
if (sm2_public_key_info_from_pem(&sm2_key, stdin) != 1) {
fprintf(stderr, "error\n");
return 1;
}
if (sm2_public_key_digest(&sm2_key, dgst) != 1) {
fprintf(stderr, "error\n");
return 1;
}
for (i = 0; i < sizeof(dgst); i++) {
printf("%02x", dgst[i]);
}
printf("\n");
gmssl_secure_clear(&sm2_key, sizeof(sm2_key));
return 0;
}

43
demos/src/demo_sm2_public_key_equ.c
View File

@@ -1,43 +0,0 @@
/*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/mem.h>
#include <gmssl/sm2.h>
int main(void){
SM2_KEY sm2_key;
SM2_KEY pub_key;
printf("Read SM2 public key1 file (PEM) from stdin ...\n");
if (sm2_public_key_info_from_pem(&sm2_key, stdin) != 1) {
fprintf(stderr, "error\n");
return 1;
}
printf("Read SM2 public key2 file (PEM) from stdin ...\n");
if (sm2_public_key_info_from_pem(&pub_key, stdin) != 1) {
fprintf(stderr, "error\n");
return 1;
}
if (sm2_public_key_equ(&sm2_key, &pub_key) == 1) {
printf("equal\n");
} else {
printf("not equal\n");
}
gmssl_secure_clear(&sm2_key, sizeof(sm2_key));
gmssl_secure_clear(&pub_key, sizeof(pub_key));
return 0;
}

32
demos/src/demo_sm2_public_key_parse.c
View File

@@ -1,32 +0,0 @@
/*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/mem.h>
#include <gmssl/sm2.h>
int main(void)
{
SM2_KEY sm2_key;
printf("Read SM2 public key file (PEM) from stdin ...\n");
if (sm2_public_key_info_from_pem(&sm2_key, stdin) != 1) {
fprintf(stderr, "error\n");
return 1;
}
sm2_public_key_print(stdout, 0, 0, "SM2PublicKey", &sm2_key);
gmssl_secure_clear(&sm2_key, sizeof(sm2_key));
return 0;
}

57
demos/src/http_get_demo.c Normal file
View File

@@ -0,0 +1,57 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/http.h>
#include <gmssl/error.h>
char *http_uri = "http://mscrl.microsoft.com/pki/mscorp/crl/Microsoft%20RSA%20TLS%20CA%2002.crl";
char *file_name = "Microsoft RSA TLS CA 02.crl";
int main(int argc, char **argv)
{
uint8_t *buf = NULL;
size_t buflen;
size_t len;
FILE *fp = NULL;
printf("http_get %s\n", http_uri);
if (http_get(http_uri, NULL, &buflen, 0) != 1) {
fprintf(stderr, "http_get() error\n");
goto err;
}
if (!(buf = malloc(len))) {
fprintf(stderr, "malloc() error\n");
goto err;
}
if (http_get(http_uri, buf, &len, buflen) != 1) {
fprintf(stderr, "http_get() error\n");
goto err;
}
if (!(fp = fopen(file_name, "wb"))) {
fprintf(stderr, "fopen() error\n");
goto err;
}
fwrite(buf, 1, len, fp);
printf("save to %s\n", file_name);
err:
if (buf) free(buf);
if (fp) fclose(fp);
return 0;
}

77
demos/src/list.c Normal file
View File

@@ -0,0 +1,77 @@
asn1_oid_from_der_demo.c
asn1_oid_to_der_demo.c
base64_demo.c
http_get_demo.c
list.txt
password_to_key_demo.c
pem_from_der_demo.c
pem_to_der_demo.c
rand_demo.c
rdrand_demo.c
sdf_info_demo.c
sdf_rand_demo.c
sdf_sign_demo.c
sha1_digest_demo.c
sha256_digest_demo.c
sha512_256_digest_demo.c
sha512_digest_demo.c
sm2_ciphertext_to_der_demo.c
sm2_ecdh_demo.c
sm2_encrypt_demo.c
sm2_encrypt_fixlen_demo.c
sm2_id_demo.c
sm2_key_export_demo.c
sm2_keygen_demo.c
sm2_keyparse_demo.c
sm2_point_demo.c
sm2_point_from_bin_demo.c
sm2_point_from_hash_demo.c
sm2_point_from_octets_demo.c
sm2_point_to_bin_demo.c
sm2_point_to_octets_demo.c
sm2_private_key_demo.c
sm2_private_key_parse_demo.c
sm2_public_key_demo.c
sm2_sig_from_bin_demo.c
sm2_sig_from_der_demo.c
sm2_sig_to_der_demo.c
sm2_sign_ctx_demo.c
sm2_sign_ctx_fixlen_demo.c
sm2_sign_demo.c
sm2_sign_digest_demo.c
sm3_ctx_demo.c
sm3_ctx_stdin_demo.c
sm3_demo.c
sm3_hmac_ctx_demo.c
sm3_hmac_demo.c
sm4_cbc_ctx_decrypt_stdin_demo.c
sm4_cbc_ctx_encrypt_stdin_demo.c
sm4_cbc_demo.c
sm4_cbc_mac_demo.c
sm4_cbc_padding_demo.c
sm4_cbc_sm3_hmac_demo.c
sm4_consts_demo.c
sm4_ctr_demo.c
sm4_ctr_encrypt_update_demo.c
sm4_ctr_sm3_hmac_demo.c
sm4_demo.c
sm4_ecb_demo.c
sm4_gcm_ctx_demo.c
sm4_gcm_demo.c
sm4_key_demo.c
sm9_encrypt_demo.c
sm9_keygen_demo.c
sm9_sign_demo.c
tlcp_get_demo.c
tlcp_post_demo.c
version_demo.c
x509_cert_check_demo.c
x509_cert_parse_demo.c
x509_cert_print_demo.c
x509_cert_verify_demo.c
x509_crl_download_demo.c
x509_crl_find_revoked_cert_demo.c
x509_crl_print_demo.c
x509_crl_verify_demo.c
zuc_demo.c
zuc_encrypt_stdin_demo.c

43
demos/src/password_to_key_demo.c Normal file
View File

@@ -0,0 +1,43 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/rand.h>
#include <gmssl/pbkdf2.h>
int main(int argc, char **argv)
{
char *pass = "P@ssw0rd";
uint8_t salt[8];
size_t iter = 8000;
uint8_t key[16];
size_t i;
if (rand_bytes(salt, sizeof(salt)) != 1) {
fprintf(stderr, "rand_bytes() error\n");
return -1;
}
if (pbkdf2_hmac_sm3_genkey(pass, strlen(pass), salt, sizeof(salt), iter, sizeof(key), key) != 1) {
fprintf(stderr, "pbkdf2 error\n");
return -1;
}
printf("pbkdf2('%s') = ", pass);
for (i = 0; i < sizeof(key); i++) {
printf("%02x", key[i]);
}
printf("\n");
return 0;
}

103
demos/src/pem_from_der_demo.c Normal file
View File

@@ -0,0 +1,103 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/pem.h>
uint8_t crl_der[] = {
0x30,0x82,0x04,0x09,0x30,0x82,0x03,0xb0,0x02,0x01,0x01,0x30,0x0a,0x06,0x08,0x2a,
0x81,0x1c,0xcf,0x55,0x01,0x83,0x75,0x30,0x2e,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,
0x04,0x06,0x13,0x02,0x43,0x4e,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x0a,0x0c,
0x05,0x4e,0x52,0x43,0x41,0x43,0x31,0x0f,0x30,0x0d,0x06,0x03,0x55,0x04,0x03,0x0c,
0x06,0x52,0x4f,0x4f,0x54,0x43,0x41,0x17,0x0d,0x32,0x32,0x30,0x35,0x30,0x35,0x30,
0x36,0x32,0x30,0x35,0x34,0x5a,0x17,0x0d,0x32,0x32,0x30,0x36,0x30,0x34,0x30,0x36,
0x32,0x30,0x35,0x34,0x5a,0x30,0x82,0x03,0x1e,0x30,0x21,0x02,0x10,0x12,0xf2,0xd0,
0x93,0x24,0xb0,0xa3,0xeb,0x71,0x32,0xaa,0x7f,0x24,0xa8,0x14,0x9a,0x17,0x0d,0x31,
0x34,0x30,0x36,0x32,0x36,0x30,0x36,0x35,0x38,0x34,0x38,0x5a,0x30,0x2f,0x02,0x10,
0x17,0x59,0x1f,0x6e,0x22,0x4b,0x3e,0xb6,0x0a,0x35,0xdc,0x48,0x27,0x8c,0x37,0x74,
0x17,0x0d,0x32,0x32,0x30,0x33,0x31,0x30,0x30,0x37,0x32,0x36,0x34,0x36,0x5a,0x30,
0x0c,0x30,0x0a,0x06,0x03,0x55,0x1d,0x15,0x04,0x03,0x0a,0x01,0x05,0x30,0x2f,0x02,
0x10,0x21,0x6b,0xbe,0xb7,0x4c,0x02,0xb6,0x80,0x24,0xa0,0xed,0x70,0xe8,0xa9,0x25,
0x8c,0x17,0x0d,0x31,0x34,0x30,0x33,0x31,0x31,0x30,0x32,0x31,0x38,0x34,0x37,0x5a,
0x30,0x0c,0x30,0x0a,0x06,0x03,0x55,0x1d,0x15,0x04,0x03,0x0a,0x01,0x04,0x30,0x2f,
0x02,0x10,0x2c,0xa3,0x5f,0xa2,0xf0,0x60,0x79,0x1b,0xb1,0xf3,0x7d,0xb6,0x5c,0x1c,
0x77,0x1f,0x17,0x0d,0x31,0x38,0x30,0x35,0x32,0x38,0x30,0x36,0x35,0x30,0x34,0x38,
0x5a,0x30,0x0c,0x30,0x0a,0x06,0x03,0x55,0x1d,0x15,0x04,0x03,0x0a,0x01,0x04,0x30,
0x21,0x02,0x10,0x2e,0x7f,0x89,0x45,0x69,0xce,0x6d,0xf5,0x2d,0x7e,0xe2,0x84,0x67,
0xd2,0xe4,0xdf,0x17,0x0d,0x31,0x35,0x30,0x37,0x31,0x30,0x30,0x36,0x31,0x36,0x34,
0x33,0x5a,0x30,0x2f,0x02,0x10,0x31,0xbc,0x81,0x40,0x9c,0x89,0x35,0x13,0x14,0x22,
0x94,0xb6,0xbb,0x97,0x2e,0xdf,0x17,0x0d,0x32,0x32,0x30,0x31,0x32,0x30,0x30,0x32,
0x30,0x39,0x30,0x37,0x5a,0x30,0x0c,0x30,0x0a,0x06,0x03,0x55,0x1d,0x15,0x04,0x03,
0x0a,0x01,0x04,0x30,0x21,0x02,0x10,0x42,0xaa,0xc5,0x23,0x6b,0x62,0xf6,0x02,0x6f,
0x47,0xef,0xd4,0x89,0x14,0x75,0x27,0x17,0x0d,0x31,0x32,0x31,0x30,0x31,0x33,0x30,
0x37,0x32,0x34,0x30,0x31,0x5a,0x30,0x2f,0x02,0x10,0x4a,0xa5,0x3f,0x14,0x67,0x70,
0xca,0x9f,0x98,0x9c,0x85,0x55,0x33,0x2c,0x79,0x92,0x17,0x0d,0x32,0x32,0x30,0x34,
0x31,0x32,0x30,0x37,0x32,0x32,0x30,0x30,0x5a,0x30,0x0c,0x30,0x0a,0x06,0x03,0x55,
0x1d,0x15,0x04,0x03,0x0a,0x01,0x04,0x30,0x21,0x02,0x10,0x4c,0x0f,0x16,0xed,0xaa,
0x13,0x37,0xb4,0x88,0xb2,0xf6,0x0e,0x43,0x4a,0x68,0x17,0x17,0x0d,0x31,0x33,0x30,
0x36,0x30,0x34,0x30,0x32,0x34,0x35,0x31,0x39,0x5a,0x30,0x2f,0x02,0x10,0x52,0xe1,
0xbb,0x7d,0x5f,0x1f,0x20,0x39,0x03,0xc1,0x5c,0xca,0x1a,0x4c,0x83,0x76,0x17,0x0d,
0x31,0x38,0x30,0x36,0x30,0x35,0x30,0x32,0x32,0x37,0x35,0x39,0x5a,0x30,0x0c,0x30,
0x0a,0x06,0x03,0x55,0x1d,0x15,0x04,0x03,0x0a,0x01,0x04,0x30,0x2f,0x02,0x10,0x5c,
0x15,0x8a,0x4c,0xbf,0x15,0xd7,0xee,0x15,0x40,0xad,0xce,0x01,0x08,0x79,0x32,0x17,
0x0d,0x31,0x38,0x31,0x31,0x30,0x39,0x30,0x32,0x30,0x38,0x32,0x32,0x5a,0x30,0x0c,
0x30,0x0a,0x06,0x03,0x55,0x1d,0x15,0x04,0x03,0x0a,0x01,0x04,0x30,0x2f,0x02,0x10,
0x66,0x5f,0x88,0xb8,0xdd,0x4b,0x55,0xfa,0x7d,0x04,0x51,0x1c,0xf0,0x1a,0xba,0x17,
0x17,0x0d,0x32,0x32,0x30,0x34,0x32,0x31,0x30,0x38,0x30,0x31,0x34,0x34,0x5a,0x30,
0x0c,0x30,0x0a,0x06,0x03,0x55,0x1d,0x15,0x04,0x03,0x0a,0x01,0x04,0x30,0x2f,0x02,
0x10,0x69,0x70,0x58,0x15,0xa8,0x93,0x5e,0x56,0x18,0x76,0xdd,0xe1,0x5d,0x71,0x98,
0x29,0x17,0x0d,0x32,0x30,0x31,0x30,0x32,0x39,0x30,0x30,0x31,0x36,0x31,0x30,0x5a,
0x30,0x0c,0x30,0x0a,0x06,0x03,0x55,0x1d,0x15,0x04,0x03,0x0a,0x01,0x04,0x30,0x2f,
0x02,0x10,0x6d,0x62,0x99,0x0b,0x63,0x49,0xe7,0x85,0xe6,0xb2,0x5b,0xf6,0x51,0x2e,
0x89,0xcd,0x17,0x0d,0x32,0x32,0x30,0x32,0x32,0x38,0x30,0x37,0x31,0x36,0x34,0x35,
0x5a,0x30,0x0c,0x30,0x0a,0x06,0x03,0x55,0x1d,0x15,0x04,0x03,0x0a,0x01,0x04,0x30,
0x21,0x02,0x10,0x6e,0x5d,0x72,0xce,0x80,0xdc,0x72,0x56,0x45,0xb7,0x4c,0xea,0xa7,
0xc8,0x85,0xc1,0x17,0x0d,0x31,0x32,0x31,0x30,0x31,0x33,0x30,0x38,0x34,0x38,0x32,
0x33,0x5a,0x30,0x2f,0x02,0x10,0x76,0x59,0x40,0x26,0x0b,0xb4,0xd6,0xf5,0xdb,0x3f,
0xe8,0xad,0x95,0x58,0x6b,0x1f,0x17,0x0d,0x32,0x31,0x31,0x32,0x30,0x38,0x31,0x30,
0x32,0x34,0x35,0x35,0x5a,0x30,0x0c,0x30,0x0a,0x06,0x03,0x55,0x1d,0x15,0x04,0x03,
0x0a,0x01,0x05,0x30,0x2f,0x02,0x10,0x79,0x1c,0x2d,0x38,0x15,0x8d,0x88,0xab,0x00,
0x4b,0x00,0x91,0xda,0x2e,0x90,0x7e,0x17,0x0d,0x32,0x32,0x30,0x34,0x32,0x30,0x30,
0x38,0x32,0x36,0x34,0x35,0x5a,0x30,0x0c,0x30,0x0a,0x06,0x03,0x55,0x1d,0x15,0x04,
0x03,0x0a,0x01,0x04,0x30,0x21,0x02,0x10,0x7e,0x15,0xe7,0xdf,0x22,0x39,0x96,0xf2,
0x2d,0xd4,0x66,0x05,0xa7,0x68,0xad,0xf7,0x17,0x0d,0x31,0x32,0x31,0x30,0x31,0x33,
0x30,0x38,0x34,0x37,0x34,0x38,0x5a,0xa0,0x2f,0x30,0x2d,0x30,0x1f,0x06,0x03,0x55,
0x1d,0x23,0x04,0x18,0x30,0x16,0x80,0x14,0x4c,0x32,0xb1,0x97,0xd9,0x33,0x1b,0xc4,
0xa6,0x05,0xc1,0xc6,0xe5,0x8b,0x62,0x5b,0xf0,0x97,0x76,0x58,0x30,0x0a,0x06,0x03,
0x55,0x1d,0x14,0x04,0x03,0x02,0x01,0x00,0x30,0x0a,0x06,0x08,0x2a,0x81,0x1c,0xcf,
0x55,0x01,0x83,0x75,0x03,0x47,0x00,0x30,0x44,0x02,0x20,0x3c,0x84,0xcf,0x42,0x86,
0x30,0xdb,0xc4,0xd4,0x27,0xb9,0x9c,0xdb,0xdf,0x3d,0xa8,0x39,0xa1,0x25,0xf1,0x89,
0xf6,0xe7,0x75,0x23,0xf4,0x5f,0xaf,0x31,0x8d,0x36,0x66,0x02,0x20,0x3a,0x22,0x79,
0xd2,0x7f,0x6d,0x6e,0x96,0x10,0x86,0xbc,0xe1,0x78,0x93,0x33,0xdd,0xef,0x6b,0xfc,
0x08,0xe6,0x0f,0x16,0x4b,0xc9,0xab,0x4e,0x90,0xc0,0xf7,0xd4,0xc2,};
int main(int argc, char **argv)
{
int ret = -1;
FILE *fp = NULL;
if (!(fp = fopen("crl.pem", "wb"))) {
fprintf(stderr, "open crl.pem error\n");
goto err;
}
if (pem_write(fp, "X509 CRL", crl_der, sizeof(crl_der)) != 1) {
fprintf(stderr, "pem_write() error\n");
goto err;
}
ret = 0;
err:
fclose(fp);
return ret;
}

92
demos/src/pem_to_der_demo.c Normal file
View File

@@ -0,0 +1,92 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/pem.h>
char *pem =
"-----BEGIN X509 CRL-----\n"
"MIIECTCCA7ACAQEwCgYIKoEcz1UBg3UwLjELMAkGA1UEBhMCQ04xDjAMBgNVBAoM\n"
"BU5SQ0FDMQ8wDQYDVQQDDAZST09UQ0EXDTIyMDUwNTA2MjA1NFoXDTIyMDYwNDA2\n"
"MjA1NFowggMeMCECEBLy0JMksKPrcTKqfySoFJoXDTE0MDYyNjA2NTg0OFowLwIQ\n"
"F1kfbiJLPrYKNdxIJ4w3dBcNMjIwMzEwMDcyNjQ2WjAMMAoGA1UdFQQDCgEFMC8C\n"
"ECFrvrdMAraAJKDtcOipJYwXDTE0MDMxMTAyMTg0N1owDDAKBgNVHRUEAwoBBDAv\n"
"AhAso1+i8GB5G7HzfbZcHHcfFw0xODA1MjgwNjUwNDhaMAwwCgYDVR0VBAMKAQQw\n"
"IQIQLn+JRWnObfUtfuKEZ9Lk3xcNMTUwNzEwMDYxNjQzWjAvAhAxvIFAnIk1ExQi\n"
"lLa7ly7fFw0yMjAxMjAwMjA5MDdaMAwwCgYDVR0VBAMKAQQwIQIQQqrFI2ti9gJv\n"
"R+/UiRR1JxcNMTIxMDEzMDcyNDAxWjAvAhBKpT8UZ3DKn5ichVUzLHmSFw0yMjA0\n"
"MTIwNzIyMDBaMAwwCgYDVR0VBAMKAQQwIQIQTA8W7aoTN7SIsvYOQ0poFxcNMTMw\n"
"NjA0MDI0NTE5WjAvAhBS4bt9Xx8gOQPBXMoaTIN2Fw0xODA2MDUwMjI3NTlaMAww\n"
"CgYDVR0VBAMKAQQwLwIQXBWKTL8V1+4VQK3OAQh5MhcNMTgxMTA5MDIwODIyWjAM\n"
"MAoGA1UdFQQDCgEEMC8CEGZfiLjdS1X6fQRRHPAauhcXDTIyMDQyMTA4MDE0NFow\n"
"DDAKBgNVHRUEAwoBBDAvAhBpcFgVqJNeVhh23eFdcZgpFw0yMDEwMjkwMDE2MTBa\n"
"MAwwCgYDVR0VBAMKAQQwLwIQbWKZC2NJ54Xmslv2US6JzRcNMjIwMjI4MDcxNjQ1\n"
"WjAMMAoGA1UdFQQDCgEEMCECEG5dcs6A3HJWRbdM6qfIhcEXDTEyMTAxMzA4NDgy\n"
"M1owLwIQdllAJgu01vXbP+itlVhrHxcNMjExMjA4MTAyNDU1WjAMMAoGA1UdFQQD\n"
"CgEFMC8CEHkcLTgVjYirAEsAkdoukH4XDTIyMDQyMDA4MjY0NVowDDAKBgNVHRUE\n"
"AwoBBDAhAhB+FeffIjmW8i3UZgWnaK33Fw0xMjEwMTMwODQ3NDhaoC8wLTAfBgNV\n"
"HSMEGDAWgBRMMrGX2TMbxKYFwcbli2Jb8Jd2WDAKBgNVHRQEAwIBADAKBggqgRzP\n"
"VQGDdQNHADBEAiA8hM9ChjDbxNQnuZzb3z2oOaEl8Yn253Uj9F+vMY02ZgIgOiJ5\n"
"0n9tbpYQhrzheJMz3e9r/AjmDxZLyatOkMD31MI=\n"
"-----END X509 CRL-----\n";
static int prepare_pem_file(void)
{
FILE *fp;
if (!(fp = fopen("crl.pem", "wb"))) {
fprintf(stderr, "fopen() error\n");
return -1;
}
if (fwrite(pem, 1, strlen(pem), fp) != strlen(pem)) {
fprintf(stderr, "fwrite() error\n");
return -1;
}
fclose(fp);
return 1;
}
int main(int argc, char **argv)
{
int ret = -1;
FILE *fp = NULL;
uint8_t buf[4096];
size_t len;
size_t i;
(void)prepare_pem_file();
if (!(fp = fopen("crl.pem", "rb"))) {
fprintf(stderr, "open crl.pem error\n");
goto err;
}
if (pem_read(fp, "X509 CRL", buf, &len, sizeof(buf)) != 1) {
fprintf(stderr, "pem_read() error\n");
goto err;
}
printf("uint8_t crl_der[] = {");
for (i = 0; i < len; i++) {
if (i % 16 == 0) printf("\n");
printf("0x%02x,", buf[i]);
}
printf("};\n");
ret = 0;
err:
fclose(fp);
return ret;
}

38
demos/src/rand_demo.c Normal file
View File

@@ -0,0 +1,38 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/rand.h>
int main(int argc, char **argv)
{
uint8_t buf[1024];
size_t i;
if (rand_bytes(buf, 32) != 1) {
fprintf(stderr, "rand_bytes() failure\n");
return 1;
}
printf("rand_bytes() output: ");
for (i = 0; i < 32; i++) {
printf("%02x", buf[i]);
}
printf("\n");
if (rand_bytes(buf, sizeof(buf)) != 1) {
fprintf(stderr, "rand_bytes() failure, maybe %zu is too long\n", sizeof(buf));
return 1;
}
return 0;
}

21
demos/src/demo_wget.c → demos/src/rdrand_demo.c
View File

@@ -11,23 +11,20 @@
#include <stdio.h> #include <stdio.h>
#include <string.h> #include <string.h>
#include <stdlib.h> #include <stdlib.h>
#include <gmssl/http.h> #include <gmssl/rdrand.h>
#include <gmssl/error.h> #include <gmssl/error.h>
int main(int argc, char **argv)
{
uint8_t buf[65536];
uint8_t *content;
size_t contentlen;
if (argc < 2) { int main(void)
printf("usage: %s <uri>\n", argv[0]); {
return 1; uint8_t buf[32];
}
if (http_get(argv[1], buf, sizeof(buf), &content, &contentlen) != 1) { if (rdrand_bytes(buf, sizeof(buf)) != 1) {
error_print(); error_print();
return -1; return -1;
} }
fwrite(content, contentlen, 1, stdout);
format_bytes(stdout, 0, 0, "rdrand output", buf, sizeof(buf));
return 0; return 0;
} }

41
demos/src/sdf_info_demo.c Normal file
View File

@@ -0,0 +1,41 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sdf.h>
#include <gmssl/error.h>
int main(void)
{
int ret = -1;
char *so_path = "libsdf_dummy.so";
SDF_DEVICE dev;
if (sdf_load_library(so_path, NULL) != 1) {
error_print();
return -1;
}
if (sdf_open_device(&dev) != 1) {
error_print();
goto err;
}
sdf_print_device_info(stdout, 0, 0, "SDF Device Info", &dev);
ret = 0;
err:
sdf_close_device(&dev);
sdf_unload_library();
return ret;
}

47
demos/src/sdf_rand_demo.c Normal file
View File

@@ -0,0 +1,47 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sdf.h>
#include <gmssl/error.h>
int main(void)
{
int ret = -1;
char *so_path = "libsdf_dummy.so";
SDF_DEVICE dev;
uint8_t buf[32];
if (sdf_load_library(so_path, NULL) != 1) {
error_print();
return -1;
}
if (sdf_open_device(&dev) != 1) {
error_print();
goto err;
}
if (sdf_rand_bytes(&dev, buf, sizeof(buf)) != 1) {
error_print();
goto err;
}
format_bytes(stdout, 0, 0, "sdf_rand_bytes", buf, sizeof(buf));
ret = 0;
err:
sdf_close_device(&dev);
sdf_unload_library();
return ret;
}

67
demos/src/sdf_sign_demo.c Normal file
View File

@@ -0,0 +1,67 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sdf.h>
#include <gmssl/error.h>
int main(void)
{
int ret = -1;
char *so_path = "libsdf_dummy.so";
SDF_DEVICE dev;
SDF_KEY sign_key;
int key_index = 0;
char *key_pass = "P@ssw0rd";
uint8_t dgst[32];
uint8_t sig[SM2_MAX_SIGNATURE_SIZE];
size_t siglen;
if (sdf_load_library(so_path, NULL) != 1) {
error_print();
return -1;
}
if (sdf_open_device(&dev) != 1) {
error_print();
goto err;
}
if (sdf_load_sign_key(&dev, &sign_key, key_index, key_pass) != 1) {
error_print();
goto err;
}
if (sdf_sign(&sign_key, dgst, sig, &siglen) != 1) {
error_print();
goto err;
}
#if 0
// TODO: verify_key ...
if (sm2_verify(&verify_key, dgst, sig, siglen) != 1) {
error_print();
goto err;
}
#endif
ret = 0;
err:
sdf_release_key(&sign_key);
sdf_close_device(&dev);
sdf_unload_library();
return ret;
}

31
demos/src/sha1_digest_demo.c Normal file
View File

@@ -0,0 +1,31 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sha1.h>
int main(int argc, char **argv)
{
uint8_t dgst[SHA1_DIGEST_SIZE];
size_t i;
sha1_digest((uint8_t *)"abc", 3, dgst);
printf("sha1('abc') = ");
for (i = 0; i < sizeof(dgst); i++) {
printf("%02x", dgst[i]);
}
printf("\n");
return 0;
}

31
demos/src/sha256_digest_demo.c Normal file
View File

@@ -0,0 +1,31 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sha2.h>
int main(int argc, char **argv)
{
uint8_t dgst[SHA256_DIGEST_SIZE];
size_t i;
sha256_digest((uint8_t *)"abc", 3, dgst);
printf("sha256('abc') = ");
for (i = 0; i < sizeof(dgst); i++) {
printf("%02x", dgst[i]);
}
printf("\n");
return 0;
}

31
demos/src/sha512_256_digest_demo.c Normal file
View File

@@ -0,0 +1,31 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sha2.h>
int main(int argc, char **argv)
{
uint8_t dgst[SHA512_DIGEST_SIZE];
size_t i;
sha512_digest((uint8_t *)"abc", 3, dgst);
printf("sha512_256('abc') = ");
for (i = 0; i < 256/8; i++) {
printf("%02x", dgst[i]);
}
printf("\n");
return 0;
}

31
demos/src/sha512_digest_demo.c Normal file
View File

@@ -0,0 +1,31 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sha2.h>
int main(int argc, char **argv)
{
uint8_t dgst[SHA512_DIGEST_SIZE];
size_t i;
sha512_digest((uint8_t *)"abc", 3, dgst);
printf("sha512('abc') = ");
for (i = 0; i < sizeof(dgst); i++) {
printf("%02x", dgst[i]);
}
printf("\n");
return 0;
}

43
demos/src/sm2_ciphertext_to_der_demo.c Normal file
View File

@@ -0,0 +1,43 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/error.h>
void gen_ciphertext(void)
{
SM2_KEY sm2_key;
SM2_CIPHERTEXT ciphertext;
sm2_key_generate(&sm2_key);
sm2_do_encrypt(&sm2_key, (uint8_t *)"P@ssw0rd", 8, &ciphertext);
// 这里我们需要把密文的各个部分输出乘C的数组
}
// 这个例子要把一个来自于其他软件的密文转换为GmSSL的密文
int main(void)
{
SM2_CIPHERTEXT C;
uint8_t ciphertext_der[SM2_MAX_CIPHERTEXT_SIZE];
if (sm2_ciphertext_to_der(&C, &p, &len) != 1) {
fprintf(stderr, "sm2_ciphertext_to_der() error\n");
goto err;
}
format_bytes(stdout, 0, 0, "Ciphertext", der, derlen);
return 0;
}

66
demos/src/sm2_ecdh_demo.c Normal file
View File

@@ -0,0 +1,66 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
int main(void)
{
// Alice Bob
SM2_KEY alice_ecdhe; SM2_KEY bob_ecdhe;
uint8_t alice_public[65]; uint8_t bob_public[65];
SM2_POINT alice_share_point; SM2_POINT bob_share_point;
SM3_KDF_CTX alice_ctx; SM3_KDF_CTX bob_ctx;
uint8_t alice_share_key[32]; uint8_t bob_share_key[32];
sm2_key_generate(&alice_ecdhe); sm2_key_generate(&bob_ecdhe);
sm2_point_to_uncompressed_octets(
&alice_ecdhe.public_key,
alice_public);
// alice_public
// ====================>
sm2_point_to_uncompressed_octets(
&bob_ecdhe.public_key,
bob_public);
if (sm2_ecdh(&bob_ecdhe,
alice_public, sizeof(alice_public),
&bob_share_point) != 1) {
fprintf(stderr, "bob error\n");
goto err;
}
sm3_kdf_init(&bob_ctx, 32);
sm3_kdf_update(&bob_ctx,
(uint8_t *)&bob_share_point, sizeof(SM2_POINT));
sm3_kdf_finish(&bob_ctx, bob_share_key);
// bob_public
// <====================
if (sm2_ecdh(&alice_ecdhe,
bob_public, sizeof(bob_public),
&alice_share_point) != 1) {
fprintf(stderr, "Alice failed\n");
goto err;
}
sm3_kdf_init(&alice_ctx, 32);
sm3_kdf_update(&alice_ctx, (uint8_t *)&alice_share_point, sizeof(SM2_POINT));
sm3_kdf_finish(&alice_ctx, alice_share_key);
err:
// FIXME: clean all
return 0;
}

2
demos/src/demo_sm2_encrypt.c → demos/src/sm2_encrypt_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.

35
demos/src/sm2_encrypt_fixlen_demo.c Normal file
View File

@@ -0,0 +1,35 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/error.h>
int main(void)
{
SM2_KEY sm2_key;
SM2_KEY pub_key;
unsigned char plaintext[SM2_MAX_PLAINTEXT_SIZE];
unsigned char ciphertext[SM2_MAX_CIPHERTEXT_SIZE];
size_t len;
sm2_key_generate(&sm2_key);
memcpy(&pub_key, &sm2_key, sizeof(SM2_POINT));
return 0;
}

60
demos/src/sm2_id_demo.c Normal file
View File

@@ -0,0 +1,60 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/mem.h>
#include <gmssl/sm2.h>
#include <gmssl/error.h>
int main(int argc, char **argv)
{
char *prog = argv[0];
char *keyfile;
char *pass;
FILE *keyfp = NULL;
SM2_KEY sm2_key;
uint8_t z[32];
if (argc < 2) {
fprintf(stderr, "usage: %s <key.pem> <pass>\n", prog);
return -1;
}
keyfile = argv[1];
if (!(keyfp = fopen(keyfile, "rb"))) {
fprintf(stderr, "%s: open file '%s' failure\n", prog, keyfile);
return -1;
}
if (sm2_public_key_info_from_pem(&sm2_key, keyfp) != 1) {
fprintf(stderr, "%s: load key failure\n", prog);
fclose(keyfp);
return -1;
}
sm2_compute_z(z, &sm2_key.public_key, SM2_DEFAULT_ID, strlen(SM2_DEFAULT_ID));
format_bytes(stdout, 0, 0, "z", z, sizeof(z));
fclose(keyfp);
return 0;
}

2
demos/src/demo_sm2_key_export.c → demos/src/sm2_key_export_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.

2
demos/src/demo_sm2_keygen.c → demos/src/sm2_keygen_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.

2
demos/src/demo_sm2_keyparse.c → demos/src/sm2_keyparse_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.

54
demos/src/sm2_point_demo.c Normal file
View File

@@ -0,0 +1,54 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
int main(void)
{
SM2_POINT A;
SM2_POINT B;
SM2_POINT C;
uint8_t a[32] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3};
uint8_t b[32] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5};
uint8_t c[32] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4};
uint8_t zero[32] = {0};
sm2_point_mul_generator(&A, a);
sm2_point_mul_generator(&B, b);
sm2_point_mul_generator(&C, c);
printf("G is the generator point on SM2 curve\n");
sm2_point_print(stdout, 0, 0, "3G", &A);
sm2_point_print(stdout, 0, 0, "5G", &B);
sm2_point_print(stdout, 0, 0, "4G", &C);
sm2_point_add(&A, &A, &B);
sm2_point_dbl(&C, &C);
sm2_point_print(stdout, 0, 0, "3G + 5G", &A);
sm2_point_print(stdout, 0, 0, "2 * 4G", &C);
sm2_point_mul_generator(&C, c);
sm2_point_add(&C, &C, &C);
sm2_point_print(stdout, 0, 0, "4G + 4G", &C);
sm2_point_mul_generator(&C, zero);
sm2_point_print(stdout, 0, 0, "0 * G", &C);
if (sm2_point_is_on_curve(&C) == 1) {
printf("0 * G is on SM2 curve\n");
}
return 0;
}

60
demos/src/sm2_point_from_bin_demo.c Normal file
View File

@@ -0,0 +1,60 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/rand.h>
/*
void gen_point(void)
{
SM2_KEY sm2_key;
size_t i;
uint8_t *p = &sm2_key;
sm2_key_generate(&sm2_key);
for (i = 0; i < 64; i++) {
printf("0x%02x,", p[i]);
}
printf("\n");
}
*/
int main(void)
{
SM2_POINT P;
uint8_t bin[64] = {
0x0e,0x90,0x75,0x97,0x92,0x4f,0x48,0x6d,
0x9f,0xa9,0x58,0x63,0xeb,0xb2,0x7b,0xa5,
0xd2,0xc7,0x77,0x64,0x2c,0x94,0x8f,0x32,
0xda,0x3a,0xd6,0xef,0xef,0xe4,0xda,0xaf,
0x41,0x70,0x92,0x65,0x4f,0xf8,0x81,0x57,
0x70,0x83,0x00,0xab,0x71,0xae,0xb0,0xaf,
0x7b,0x55,0xe1,0x45,0xc7,0x9d,0xfb,0xcc,
0xf4,0x10,0xff,0xe3,0x32,0xc4,0xcb,0x07,
};
if (sm2_point_from_xy(&P, bin, bin + 32) != 1) {
fprintf(stderr, "sm2_point_from_xy() error\n");
goto err;
}
sm2_point_print(stdout, 0, 0, "SM2_POINT", &P);
rand_bytes(bin, 64);
if (sm2_point_from_xy(&P, bin, bin + 32) != 1) {
fprintf(stderr, "sm2_point_from_xy() error on random data\n");
goto err;
}
err:
return 0;
}

31
demos/src/sm2_point_from_hash_demo.c Normal file
View File

@@ -0,0 +1,31 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/rand.h>
#include <gmssl/error.h>
int main(void)
{
SM2_POINT P;
if (sm2_point_from_hash(&P, (uint8_t *)"Alice", strlen("Alice")) != 1) {
fprintf(stderr, "sm2_point_from_hash() error\n");
goto err;
}
sm2_point_print(stdout, 0, 0, "SM2_POINT = Hash(\"Alice\")", &P);
err:
return 0;
}

47
demos/src/sm2_point_from_octets_demo.c Normal file
View File

@@ -0,0 +1,47 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/rand.h>
#include <gmssl/error.h>
int main(void)
{
SM2_POINT P;
uint8_t uncompressed[65] = {
0x04,
0x0e,0x90,0x75,0x97,0x92,0x4f,0x48,0x6d,
0x9f,0xa9,0x58,0x63,0xeb,0xb2,0x7b,0xa5,
0xd2,0xc7,0x77,0x64,0x2c,0x94,0x8f,0x32,
0xda,0x3a,0xd6,0xef,0xef,0xe4,0xda,0xaf,
0x41,0x70,0x92,0x65,0x4f,0xf8,0x81,0x57,
0x70,0x83,0x00,0xab,0x71,0xae,0xb0,0xaf,
0x7b,0x55,0xe1,0x45,0xc7,0x9d,0xfb,0xcc,
0xf4,0x10,0xff,0xe3,0x32,0xc4,0xcb,0x07,
};
if (sm2_point_from_octets(&P, uncompressed, 65) != 1) {
fprintf(stderr, "sm2_point_from_octets() error\n");
goto err;
}
printf("sm2_point_from_octets() success\n");
rand_bytes(uncompressed + 1, 64);
if (sm2_point_from_octets(&P, uncompressed, 65) != 1) {
fprintf(stderr, "sm2_point_from_octets() error\n");
goto err;
}
err:
return 0;
}

36
demos/src/sm2_point_to_bin_demo.c Normal file
View File

@@ -0,0 +1,36 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/error.h>
int main(void)
{
SM2_POINT P = {
{0x0e,0x90,0x75,0x97,0x92,0x4f,0x48,0x6d,
0x9f,0xa9,0x58,0x63,0xeb,0xb2,0x7b,0xa5,
0xd2,0xc7,0x77,0x64,0x2c,0x94,0x8f,0x32,
0xda,0x3a,0xd6,0xef,0xef,0xe4,0xda,0xaf,},
{0x41,0x70,0x92,0x65,0x4f,0xf8,0x81,0x57,
0x70,0x83,0x00,0xab,0x71,0xae,0xb0,0xaf,
0x7b,0x55,0xe1,0x45,0xc7,0x9d,0xfb,0xcc,
0xf4,0x10,0xff,0xe3,0x32,0xc4,0xcb,0x07,},
};
uint8_t bin[64];
memcpy(bin, &P, 64);
format_bytes(stdout, 0, 0, "SM2_POITN RAW (64-byte)", bin, 64);
return 0;
}

34
demos/src/sm2_point_to_octets_demo.c Normal file
View File

@@ -0,0 +1,34 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/error.h>
int main(void)
{
SM2_KEY sm2_key;
SM2_POINT P;
uint8_t compressed[33] = {0};
uint8_t uncompressed[65] = {0};
sm2_key_generate(&sm2_key);
P = sm2_key.public_key;
sm2_point_to_uncompressed_octets(&P, uncompressed);
format_bytes(stdout, 0, 0, "SM2 Point (uncompressed) ", uncompressed, 65);
sm2_point_to_compressed_octets(&P, compressed);
format_bytes(stdout, 0, 0, "SM2 Point (compressed) ", compressed, 33);
return 0;
}

2
demos/src/demo_sm2_private_key.c → demos/src/sm2_private_key_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.

7
demos/src/demo_sm2_private_key_parse.c → demos/src/sm2_private_key_parse_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -12,7 +12,7 @@
#include <stdlib.h> #include <stdlib.h>
#include <gmssl/mem.h> #include <gmssl/mem.h>
#include <gmssl/sm2.h> #include <gmssl/sm2.h>
#include <gmssl/error.h>
int main(void) int main(void)
{ {
@@ -34,8 +34,7 @@ int main(void)
fprintf(stderr, "error\n"); fprintf(stderr, "error\n");
return 1; return 1;
} }
format_bytes(stdout, 0, 0, "buf", buf, len); fwrite(buf, 1, len, stdout);
sm2_key_print(stdout, 0, 0, "SM2PrivateKey", &sm2_key);
gmssl_secure_clear(&sm2_key, sizeof(sm2_key)); gmssl_secure_clear(&sm2_key, sizeof(sm2_key));
return 0; return 0;

2
demos/src/demo_sm2_public_key.c → demos/src/sm2_public_key_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.

29
demos/src/sm2_sig_from_bin_demo.c Normal file
View File

@@ -0,0 +1,29 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
int main(void)
{
SM2_SIGNATURE sig;
// the signatue binary data might be invalid, and will not pass verification
uint8_t r[32] = { 1, 2, 3, };
uint8_t s[32] = { 4, 5, 6, };
memcpy(sig.r, r, 32);
memcpy(sig.s, s, 32);
return 0;
}

37
demos/src/sm2_sig_from_der_demo.c Normal file
View File

@@ -0,0 +1,37 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/hex.h>
#include <gmssl/error.h>
int main(void)
{
SM2_SIGNATURE sig;
uint8_t der[SM2_MAX_SIGNATURE_SIZE];
size_t derlen;
if (sm2_signature_from_der(&sig, &cp, &derlen) != 1) {
fprintf(stderr, "sm2_signature_from_der() error\n");
goto err;
}
if (dlen > 0) {
fprintf(stderr, "signature followed by other data\n");
goto err;
}
err:
return 0;
}

40
demos/src/sm2_sig_to_der_demo.c Normal file
View File

@@ -0,0 +1,40 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/error.h>
int main(void)
{
SM2_KEY sm2_key;
uint8_t dgst[32] = {0};
SM2_SIGNATURE sig;
uint8_t der[SM2_MAX_SIGNATURE_SIZE];
uint8_t *p = der;
size_t derlen = 0;
sm2_key_generate(&sm2_key);
sm2_do_sign(&sm2_key, dgst, &sig);
if (sm2_signature_to_der(&sig, &p, &derlen) != 1) {
fprintf(stderr, "sm2_signature_to_der() error\n");
return -1;
}
format_bytes(stdout, 0, 0, "signature", der, derlen);
printf("signature length = %zu bytes\n", derlen);
return 0;
}

2
demos/src/demo_sm2_sign_ctx.c → demos/src/sm2_sign_ctx_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.

65
demos/src/sm2_sign_ctx_fixlen_demo.c Normal file
View File

@@ -0,0 +1,65 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/error.h>
int main(void)
{
SM2_KEY sm2_key;
SM2_SIGN_CTX sign_ctx;
unsigned char sig[SM2_MAX_SIGNATURE_SIZE];
size_t siglen;
sm2_key_generate(&sm2_key);
siglen = SM2_signature_compact_size;
memset(sig, 0, sizeof(sig));
if (sm2_sign_init(&sign_ctx, &sm2_key, SM2_DEFAULT_ID, strlen(SM2_DEFAULT_ID)) != 1
|| sm2_sign_update(&sign_ctx, (uint8_t *)"hello ", strlen("hello ")) != 1
|| sm2_sign_update(&sign_ctx, (uint8_t *)"world", strlen("world")) != 1
|| sm2_sign_finish_fixlen(&sign_ctx, siglen, sig) != 1) {
fprintf(stderr, "error\n");
goto err;
}
format_bytes(stdout, 0, 0, "sig", sig, sizeof(sig));
siglen = SM2_signature_typical_size;
memset(sig, 0, sizeof(sig));
if (sm2_sign_init(&sign_ctx, &sm2_key, SM2_DEFAULT_ID, strlen(SM2_DEFAULT_ID)) != 1
|| sm2_sign_update(&sign_ctx, (uint8_t *)"hello ", strlen("hello ")) != 1
|| sm2_sign_update(&sign_ctx, (uint8_t *)"world", strlen("world")) != 1
|| sm2_sign_finish_fixlen(&sign_ctx, siglen, sig) != 1) {
fprintf(stderr, "error\n");
goto err;
}
format_bytes(stdout, 0, 0, "sig", sig, sizeof(sig));
siglen = SM2_signature_max_size;
memset(sig, 0, sizeof(sig));
if (sm2_sign_init(&sign_ctx, &sm2_key, SM2_DEFAULT_ID, strlen(SM2_DEFAULT_ID)) != 1
|| sm2_sign_update(&sign_ctx, (uint8_t *)"hello ", strlen("hello ")) != 1
|| sm2_sign_update(&sign_ctx, (uint8_t *)"world", strlen("world")) != 1
|| sm2_sign_finish_fixlen(&sign_ctx, siglen, sig) != 1) {
fprintf(stderr, "error\n");
goto err;
}
format_bytes(stdout, 0, 0, "sig", sig, sizeof(sig));
err:
return 0;
}

2
demos/src/demo_sm2_sign.c → demos/src/sm2_sign_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.

31
demos/src/sm2_sign_digest_demo.c Normal file
View File

@@ -0,0 +1,31 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
int main(void)
{
SM2_KEY sm2_key;
uint8_t dgst[32];
uint8_t sig[SM2_MAX_SIGNATURE_SIZE] = {0};
size_t siglen;
sm2_key_generate(&sm2_key);
sm3_digest((uint8_t *)"abc", 3, dgst);
if (sm2_sign(&key,
return 0;
}

35
demos/src/sm3_ctx_demo.c Normal file
View File

@@ -0,0 +1,35 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm3.h>
int main(void)
{
SM3_CTX sm3_ctx;
uint8_t dgst[SM3_DIGEST_SIZE];
size_t i;
sm3_init(&sm3_ctx);
sm3_update(&sm3_ctx, (uint8_t *)"a", 1);
sm3_update(&sm3_ctx, (uint8_t *)"bc", 2);
sm3_finish(&sm3_ctx, dgst);
printf("sm3('abc') = ");
for (i = 0; i < sizeof(dgst); i++) {
printf("%02x", dgst[i]);
}
printf("\n");
return 0;
}

4
demos/src/demo_sm3.c → demos/src/sm3_ctx_stdin_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -22,6 +22,8 @@ int main(int argc, char **argv)
uint8_t dgst[32]; uint8_t dgst[32];
int i; int i;
printf("read from stdin ...\n");
sm3_init(&sm3_ctx); sm3_init(&sm3_ctx);
while ((len = fread(buf, 1, sizeof(buf), stdin)) > 0) { while ((len = fread(buf, 1, sizeof(buf), stdin)) > 0) {
sm3_update(&sm3_ctx, buf, len); sm3_update(&sm3_ctx, buf, len);

31
demos/src/sm3_demo.c Normal file
View File

@@ -0,0 +1,31 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm3.h>
int main(void)
{
uint8_t dgst[SM3_DIGEST_SIZE];
size_t i;
sm3_digest((uint8_t *)"abc", 3, dgst);
printf("sm3('abc') = ");
for (i = 0; i < sizeof(dgst); i++) {
printf("%02x", dgst[i]);
}
printf("\n");
return 0;
}

17
demos/src/demo_sm3_hmac.c → demos/src/sm3_hmac_ctx_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -11,6 +11,7 @@
#include <string.h> #include <string.h>
#include <stdlib.h> #include <stdlib.h>
#include <gmssl/sm3.h> #include <gmssl/sm3.h>
#include <gmssl/mem.h>
int main(void) int main(void)
@@ -20,7 +21,7 @@ int main(void)
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08, 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
0x01,0xf2,0x03,0x04,0x05,0x06,0x07,0x08, 0x01,0xf2,0x03,0x04,0x05,0x06,0x07,0x08,
}; };
unsigned char mbuf[16] = { unsigned char data[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
}; };
@@ -29,7 +30,8 @@ int main(void)
sm3_hmac_init(&hmac_ctx, key, sizeof(key)); sm3_hmac_init(&hmac_ctx, key, sizeof(key));
sm3_hmac_update(&hmac_ctx, mbuf, sizeof(mbuf)); sm3_hmac_update(&hmac_ctx, data, 8);
sm3_hmac_update(&hmac_ctx, data + 8, sizeof(data) - 8);
sm3_hmac_finish(&hmac_ctx, hmac); sm3_hmac_finish(&hmac_ctx, hmac);
printf("hmac: "); printf("hmac: ");
@@ -38,14 +40,7 @@ int main(void)
} }
printf("\n"); printf("\n");
memset(hmac, 0, sizeof(hmac)); gmssl_secure_clear(&hmac_ctx, sizeof(hmac_ctx));
sm3_hmac(key, sizeof(key), mbuf, sizeof(mbuf), hmac);
printf("hmac: ");
for (i = 0; i < sizeof(hmac); i++) {
printf("%02X", hmac[i]);
}
printf("\n");
return 0; return 0;
} }

21
demos/src/demo_sm3_kdf.c → demos/src/sm3_hmac_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -15,21 +15,22 @@
int main(void) int main(void)
{ {
SM3_KDF_CTX kdf_ctx; unsigned char key[16] = {
unsigned char key[16] = {0}; 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
unsigned char raw[32] = { 0x01,0xf2,0x03,0x04,0x05,0x06,0x07,0x08,
};
unsigned char data[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
}; };
unsigned char hmac[32] = {0};
int i; int i;
sm3_kdf_init(&kdf_ctx, sizeof(key)); sm3_hmac(key, sizeof(key), data, sizeof(data), hmac);
sm3_kdf_update(&kdf_ctx, raw, sizeof(raw));
sm3_kdf_finish(&kdf_ctx, key);
printf("key: "); printf("hmac: ");
for (i = 0; i < sizeof(key); i++) { for (i = 0; i < sizeof(hmac); i++) {
printf("%02X", key[i]); printf("%02x", hmac[i]);
} }
printf("\n"); printf("\n");

24
demos/src/demo_sm4_cbc_decrypt_update.c → demos/src/sm4_cbc_ctx_decrypt_stdin_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -11,12 +11,13 @@
#include <string.h> #include <string.h>
#include <stdlib.h> #include <stdlib.h>
#include <gmssl/sm4.h> #include <gmssl/sm4.h>
#include <gmssl/mem.h>
#include <gmssl/rand.h> #include <gmssl/rand.h>
#include <gmssl/error.h>
int main(void) int main(void)
{ {
SM4_CBC_CTX cbc_ctx;
unsigned char key[16] = { unsigned char key[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
@@ -25,27 +26,34 @@ int main(void)
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
}; };
SM4_CBC_CTX cbc_ctx;
unsigned char inbuf[1024]; unsigned char inbuf[1024];
unsigned char outbuf[1024 + 32]; unsigned char outbuf[1024 + 32];
size_t inlen; size_t inlen;
size_t outlen; size_t outlen;
if (sm4_cbc_decrypt_init(&cbc_ctx, key, iv) != 1) { if (sm4_cbc_decrypt_init(&cbc_ctx, key, iv) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__); error_print();
return 1; goto err;
} }
fprintf(stderr, "read from stdin ...\n");
while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) { while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) {
if (sm4_cbc_decrypt_update(&cbc_ctx, inbuf, inlen, outbuf, &outlen) != 1) { if (sm4_cbc_decrypt_update(&cbc_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__); error_print();
return 1; goto err;
} }
fwrite(outbuf, 1, outlen, stdout); fwrite(outbuf, 1, outlen, stdout);
} }
if (sm4_cbc_decrypt_finish(&cbc_ctx, outbuf, &outlen) != 1) { if (sm4_cbc_decrypt_finish(&cbc_ctx, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__); error_print();
return 1; goto err;
} }
fwrite(outbuf, 1, outlen, stdout); fwrite(outbuf, 1, outlen, stdout);
err:
gmssl_secure_clear(&cbc_ctx, sizeof(cbc_ctx));
return 0; return 0;
} }

24
demos/src/demo_sm4_cbc_encrypt_update.c → demos/src/sm4_cbc_ctx_encrypt_stdin_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -11,12 +11,13 @@
#include <string.h> #include <string.h>
#include <stdlib.h> #include <stdlib.h>
#include <gmssl/sm4.h> #include <gmssl/sm4.h>
#include <gmssl/mem.h>
#include <gmssl/rand.h> #include <gmssl/rand.h>
#include <gmssl/error.h>
int main(void) int main(void)
{ {
SM4_CBC_CTX cbc_ctx;
unsigned char key[16] = { unsigned char key[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
@@ -25,27 +26,34 @@ int main(void)
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38, 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
}; };
SM4_CBC_CTX cbc_ctx;
unsigned char inbuf[1024]; unsigned char inbuf[1024];
unsigned char outbuf[1024 + 32]; unsigned char outbuf[1024 + 32];
size_t inlen; size_t inlen;
size_t outlen; size_t outlen;
if (sm4_cbc_encrypt_init(&cbc_ctx, key, iv) != 1) { if (sm4_cbc_encrypt_init(&cbc_ctx, key, iv) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__); error_print();
return 1; goto err;
} }
fprintf(stderr, "read from stdin ...\n");
while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) { while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) {
if (sm4_cbc_encrypt_update(&cbc_ctx, inbuf, inlen, outbuf, &outlen) != 1) { if (sm4_cbc_encrypt_update(&cbc_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__); error_print();
return 1; goto err;
} }
fwrite(outbuf, 1, outlen, stdout); fwrite(outbuf, 1, outlen, stdout);
} }
if (sm4_cbc_encrypt_finish(&cbc_ctx, outbuf, &outlen) != 1) { if (sm4_cbc_encrypt_finish(&cbc_ctx, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__); error_print();
return 1; goto err;
} }
fwrite(outbuf, 1, outlen, stdout); fwrite(outbuf, 1, outlen, stdout);
err:
gmssl_secure_clear(&cbc_ctx, sizeof(cbc_ctx));
return 0; return 0;
} }

2
demos/src/demo_sm4_cbc.c → demos/src/sm4_cbc_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.

42
demos/src/sm4_cbc_mac_demo.c Normal file
View File

@@ -0,0 +1,42 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4_cbc_mac.h>
int main(int argc, char **argv)
{
SM4_CBC_MAC_CTX ctx;
uint8_t key[16] = {0};
uint8_t data[16 * 3] = {0};
uint8_t mac[16] = {0};
size_t i;
if (sizeof(data) % SM4_BLOCK_SIZE != 0) {
fprintf(stderr, "CBC_MAC data length error\n");
goto err;
}
sm4_cbc_mac_init(&ctx, key);
sm4_cbc_mac_update(&ctx, data, sizeof(data));
sm4_cbc_mac_finish(&ctx, mac);
printf("cbc_mac = ");
for (i = 0; i < sizeof(mac); i++) {
printf("%02x", mac[i]);
}
printf("\n");
err:
return 0;
}

2
demos/src/demo_sm4_cbc_padding.c → demos/src/sm4_cbc_padding_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.

100
demos/src/sm4_cbc_sm3_hmac_demo.c Normal file
View File

@@ -0,0 +1,100 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/mem.h>
#include <gmssl/rand.h>
#include <gmssl/aead.h>
int main(int argc, char **argv)
{
int ret = -1;
uint8_t key[SM4_CBC_SM3_HMAC_KEY_SIZE];
uint8_t iv[SM4_CBC_SM3_HMAC_IV_SIZE];
SM4_CBC_SM3_HMAC_CTX ctx;
uint8_t aad[] = "Additianal Authenticated Data, authenticated only, not encrypted";
uint8_t m1[] = "Plaintext part 1, to be encrypted and authenticated.";
uint8_t m2[] = "Plaintext part 2, to be encrypted and authenticated.";
uint8_t c[256];
uint8_t d[256];
uint8_t *p;
size_t clen, dlen, len;
if (rand_bytes(key, sizeof(key)) != 1
|| rand_bytes(iv, sizeof(iv)) != 1) {
fprintf(stderr, "rand_bytes() error\n");
goto end;
}
// encrypt
if (sm4_cbc_sm3_hmac_encrypt_init(&ctx, key, sizeof(key), iv, sizeof(iv), aad, sizeof(aad)) != 1) {
fprintf(stderr, "sm4_cbc_sm3_hmac_encrypt_init() error\n");
goto end;
}
p = c;
clen = 0;
if (sm4_cbc_sm3_hmac_encrypt_update(&ctx, m1, sizeof(m1)-1, p, &len) != 1) {
fprintf(stderr, "sm4_cbc_sm3_hmac_encrypt_update() error\n");
goto end;
}
p += len;
clen += len;
if (sm4_cbc_sm3_hmac_encrypt_update(&ctx, m2, sizeof(m2), p, &len) != 1) {
fprintf(stderr, "sm4_cbc_sm3_hmac_encrypt_update() error\n");
goto end;
}
p += len;
clen += len;
if (sm4_cbc_sm3_hmac_encrypt_finish(&ctx, p, &len) != 1) {
fprintf(stderr, "sm4_cbc_sm3_hmac_encrypt_finish() error\n");
goto end;
}
clen += len;
// decrypt
if (sm4_cbc_sm3_hmac_decrypt_init(&ctx, key, sizeof(key), iv, sizeof(iv), aad, sizeof(aad)) != 1) {
fprintf(stderr, "sm4_cbc_sm3_hmac_decrypt_init() error\n");
goto end;
}
p = d;
dlen = 0;
if (sm4_cbc_sm3_hmac_decrypt_update(&ctx, c, clen, p, &len) != 1) {
fprintf(stderr, "sm4_cbc_sm3_hmac_decrypt_update() error\n");
goto end;
}
p += len;
dlen += len;
if (sm4_cbc_sm3_hmac_decrypt_finish(&ctx, p, &len) != 1) {
fprintf(stderr, "sm4_cbc_sm3_hmac_decrypt_finish() error\n");
goto end;
}
dlen += len;
printf("Decrypted: %s\n", (char *)d);
ret = 0;
end:
gmssl_secure_clear(key, sizeof(key));
gmssl_secure_clear(&ctx, sizeof(ctx));
return ret;
}

22
demos/src/sm4_consts_demo.c Normal file
View File

@@ -0,0 +1,22 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
int main(void)
{
printf("%lld\n", SM4_GCM_IV_MAX_SIZE);
printf("%lld\n", SM4_GCM_MAX_AAD_SIZE);
printf("%lld\n", SM4_GCM_MAX_PLAINTEXT_SIZE);
return 0;
}

2
demos/src/demo_sm4_ctr.c → demos/src/sm4_ctr_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.

2
demos/src/demo_sm4_ctr_encrypt_update.c → demos/src/sm4_ctr_encrypt_update_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.

102
demos/src/sm4_ctr_sm3_hmac_demo.c Normal file
View File

@@ -0,0 +1,102 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/mem.h>
#include <gmssl/rand.h>
#include <gmssl/aead.h>
int main(int argc, char **argv)
{
int ret = -1;
uint8_t key[SM4_CTR_SM3_HMAC_KEY_SIZE];
uint8_t iv[SM4_CTR_SM3_HMAC_IV_SIZE];
SM4_CTR_SM3_HMAC_CTX ctx;
uint8_t aad[] = "Additianal Authenticated Data, authenticated only, not encrypted";
uint8_t m1[] = "Plaintext part 1, to be encrypted and authenticated.";
size_t m1len = sizeof(m1) - 1;
uint8_t m2[] = "Plaintext part 2, to be encrypted and authenticated.";
uint8_t c[256];
uint8_t d[256];
uint8_t *p;
size_t clen, dlen, len;
if (rand_bytes(key, sizeof(key)) != 1
|| rand_bytes(iv, sizeof(iv)) != 1) {
fprintf(stderr, "rand_bytes() error\n");
goto end;
}
// encrypt
if (sm4_ctr_sm3_hmac_encrypt_init(&ctx, key, sizeof(key), iv, sizeof(iv), aad, sizeof(aad)) != 1) {
fprintf(stderr, "sm4_ctr_sm3_hmac_encrypt_init() error\n");
goto end;
}
p = c;
clen = 0;
if (sm4_ctr_sm3_hmac_encrypt_update(&ctx, m1, sizeof(m1)-1, p, &len) != 1) {
fprintf(stderr, "sm4_ctr_sm3_hmac_encrypt_update() error\n");
goto end;
}
p += len;
clen += len;
if (sm4_ctr_sm3_hmac_encrypt_update(&ctx, m2, sizeof(m2), p, &len) != 1) {
fprintf(stderr, "sm4_ctr_sm3_hmac_encrypt_update() error\n");
goto end;
}
p += len;
clen += len;
if (sm4_ctr_sm3_hmac_encrypt_finish(&ctx, p, &len) != 1) {
fprintf(stderr, "sm4_ctr_sm3_hmac_encrypt_finish() error\n");
goto end;
}
clen += len;
// decrypt
if (sm4_ctr_sm3_hmac_decrypt_init(&ctx, key, sizeof(key), iv, sizeof(iv), aad, sizeof(aad)) != 1) {
fprintf(stderr, "sm4_ctr_sm3_hmac_decrypt_init() error\n");
goto end;
}
p = d;
dlen = 0;
if (sm4_ctr_sm3_hmac_decrypt_update(&ctx, c, clen, p, &len) != 1) {
fprintf(stderr, "sm4_ctr_sm3_hmac_decrypt_update() error\n");
goto end;
}
p += len;
dlen += len;
if (sm4_ctr_sm3_hmac_decrypt_finish(&ctx, p, &len) != 1) {
fprintf(stderr, "sm4_ctr_sm3_hmac_decrypt_finish() error\n");
goto end;
}
dlen += len;
printf("Decrypted: %s\n", (char *)d);
ret = 0;
end:
gmssl_secure_clear(key, sizeof(key));
gmssl_secure_clear(&ctx, sizeof(ctx));
return ret;
}

8
demos/src/demo_sm4.c → demos/src/sm4_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -36,12 +36,13 @@ int main(void)
} }
printf("\n"); printf("\n");
printf("plaintext: "); printf("plaintext : ");
for (i = 0; i < sizeof(mbuf); i++) { for (i = 0; i < sizeof(mbuf); i++) {
printf("%02X", mbuf[i]); printf("%02X", mbuf[i]);
} }
printf("\n"); printf("\n");
// SM4 encrypt a block
sm4_set_encrypt_key(&sm4_key, key); sm4_set_encrypt_key(&sm4_key, key);
sm4_encrypt(&sm4_key, mbuf, cbuf); sm4_encrypt(&sm4_key, mbuf, cbuf);
@@ -51,10 +52,11 @@ int main(void)
} }
printf("\n"); printf("\n");
// SM4 decrypt a block
sm4_set_decrypt_key(&sm4_key, key); sm4_set_decrypt_key(&sm4_key, key);
sm4_decrypt(&sm4_key, cbuf, pbuf); sm4_decrypt(&sm4_key, cbuf, pbuf);
printf("decrypted: "); printf("decrypted : ");
for (i = 0; i < sizeof(pbuf); i++) { for (i = 0; i < sizeof(pbuf); i++) {
printf("%02X", pbuf[i]); printf("%02X", pbuf[i]);
} }

56
demos/src/sm4_ecb_demo.c Normal file
View File

@@ -0,0 +1,56 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/rand.h>
#include <gmssl/error.h>
int main(void)
{
SM4_KEY sm4_key;
unsigned char key[SM4_KEY_SIZE];
uint8_t data[SM4_BLOCK_SIZE * 3];
uint8_t *p;
size_t i;
rand_bytes(key, sizeof(key));
// Plaintext block #1 and #3 are the same
rand_bytes(data, SM4_BLOCK_SIZE * 2);
memcpy(data + SM4_BLOCK_SIZE * 2, data, SM4_BLOCK_SIZE);
format_bytes(stdout, 0, 0, "key", key, sizeof(key));
format_bytes(stdout, 0, 0, "ECB Plaintext ", data, sizeof(data));
// SM4-ECB encrypt
sm4_set_encrypt_key(&sm4_key, key);
p = data;
for (i = 0; i < sizeof(data)/SM4_BLOCK_SIZE; i++) {
sm4_encrypt(&sm4_key, p, p);
p += SM4_BLOCK_SIZE;
}
format_bytes(stdout, 0, 0, "ECB Ciphertext", data, sizeof(data));
// SM4-ECB decrypt
sm4_set_decrypt_key(&sm4_key, key);
p = data;
for (i = 0; i < sizeof(data)/SM4_BLOCK_SIZE; i++) {
sm4_decrypt(&sm4_key, p, p);
p += SM4_BLOCK_SIZE;
}
format_bytes(stdout, 0, 0, "ECB Plaintext ", data, sizeof(data));
return 0;
}

100
demos/src/sm4_gcm_ctx_demo.c Normal file
View File

@@ -0,0 +1,100 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/mem.h>
#include <gmssl/rand.h>
#include <gmssl/aead.h>
int main(int argc, char **argv)
{
int ret = -1;
uint8_t key[SM4_GCM_KEY_SIZE];
uint8_t iv[SM4_GCM_DEFAULT_IV_SIZE];
SM4_GCM_CTX ctx;
uint8_t aad[] = "Additianal Authenticated Data, authenticated only, not encrypted";
uint8_t m1[] = "Plaintext part 1, to be encrypted and authenticated.";
uint8_t m2[] = "Plaintext part 2, to be encrypted and authenticated.";
uint8_t c[256];
uint8_t d[256];
uint8_t *p;
size_t clen, dlen, len;
if (rand_bytes(key, sizeof(key)) != 1
|| rand_bytes(iv, sizeof(iv)) != 1) {
fprintf(stderr, "rand_bytes() error\n");
goto end;
}
// encrypt
if (sm4_gcm_encrypt_init(&ctx, key, sizeof(key), iv, sizeof(iv), aad, sizeof(aad), SM4_GCM_DEFAULT_TAG_SIZE) != 1) {
fprintf(stderr, "sm4_gcm_encrypt_init() error\n");
goto end;
}
p = c;
clen = 0;
if (sm4_gcm_encrypt_update(&ctx, m1, sizeof(m1)-1, p, &len) != 1) {
fprintf(stderr, "sm4_gcm_encrypt_update() error\n");
goto end;
}
p += len;
clen += len;
if (sm4_gcm_encrypt_update(&ctx, m2, sizeof(m2), p, &len) != 1) {
fprintf(stderr, "sm4_gcm_encrypt_update() error\n");
goto end;
}
p += len;
clen += len;
if (sm4_gcm_encrypt_finish(&ctx, p, &len) != 1) {
fprintf(stderr, "sm4_gcm_encrypt_finish() error\n");
goto end;
}
clen += len;
// decrypt
if (sm4_gcm_decrypt_init(&ctx, key, sizeof(key), iv, sizeof(iv), aad, sizeof(aad), SM4_GCM_DEFAULT_TAG_SIZE) != 1) {
fprintf(stderr, "sm4_gcm_decrypt_init() error\n");
goto end;
}
p = d;
dlen = 0;
if (sm4_gcm_decrypt_update(&ctx, c, clen, p, &len) != 1) {
fprintf(stderr, "sm4_gcm_decrypt_update() error\n");
goto end;
}
p += len;
dlen += len;
if (sm4_gcm_decrypt_finish(&ctx, p, &len) != 1) {
fprintf(stderr, "sm4_gcm_decrypt_finish() error\n");
goto end;
}
dlen += len;
printf("Decrypted: %s\n", (char *)d);
ret = 0;
end:
gmssl_secure_clear(key, sizeof(key));
gmssl_secure_clear(&ctx, sizeof(ctx));
return ret;
}

2
demos/src/demo_sm4_gcm.c → demos/src/sm4_gcm_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.

46
demos/src/sm4_key_demo.c Normal file
View File

@@ -0,0 +1,46 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/rand.h>
#include <gmssl/error.h>
int main(void)
{
SM4_KEY sm4_key;
uint8_t key[SM4_KEY_SIZE];
int i;
rand_bytes(key, sizeof(key));
format_bytes(stdout, 0, 0, "SM4 Raw Key", key, sizeof(key));
printf("\n");
sm4_set_encrypt_key(&sm4_key, key);
printf("SM4 Round Keys for Encryption\n");
for (i = 0; i < SM4_NUM_ROUNDS; i++) {
printf(" %08x\n", sm4_key.rk[i]);
}
printf("\n");
sm4_set_decrypt_key(&sm4_key, key);
printf("SM4 Round Keys for Decryption\n");
for (i = 0; i < SM4_NUM_ROUNDS; i++) {
printf(" %08x\n", sm4_key.rk[i]);
}
printf("\n");
return 0;
}

2
demos/src/demo_sm9_encrypt.c → demos/src/sm9_encrypt_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.

2
demos/src/demo_sm9_keygen.c → demos/src/sm9_keygen_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.

4
demos/src/demo_sm9_sign.c → demos/src/sm9_sign_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.
@@ -39,7 +39,6 @@ int main(void)
format_bytes(stdout, 0, 0, "signature", sig, siglen); format_bytes(stdout, 0, 0, "signature", sig, siglen);
sm9_sign_master_public_key_to_der(&sign_master, &p, &len); sm9_sign_master_public_key_to_der(&sign_master, &p, &len);
sm9_sign_master_public_key_from_der(&sign_master_public, &cp, &len); sm9_sign_master_public_key_from_der(&sign_master_public, &cp, &len);
@@ -48,6 +47,5 @@ int main(void)
ret = sm9_verify_finish(&sign_ctx, sig, siglen, &sign_master_public, id, strlen(id)); ret = sm9_verify_finish(&sign_ctx, sig, siglen, &sign_master_public, id, strlen(id));
printf("verify %s\n", ret == 1 ? "success" : "failure"); printf("verify %s\n", ret == 1 ? "success" : "failure");
return 0; return 0;
} }

106
demos/src/tlcp_get_demo.c Normal file
View File

@@ -0,0 +1,106 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <errno.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/socket.h>
#include <gmssl/tls.h>
#include <gmssl/error.h>
int main(int argc, char *argv[])
{
int ret = -1;
const int cipher = TLS_cipher_ecc_sm4_cbc_sm3;
struct hostent *hp;
int port = 443;
struct sockaddr_in server;
int sock;
TLS_CTX ctx;
TLS_CONNECT conn;
char request[1024];
uint8_t buf[16800];
char *p;
size_t len;
if (argc != 2) {
fprintf(stderr, "example: tlcp_get https://sm2only.ovssl.cn\n");
return 1;
}
if (!(url = parse_url(argv[1]))) {
fprintf(stderr, "parse url '%s' failure\n", argv[1]);
return 1;
}
if (!(hp = gethostbyname(url->host))) {
herror("tlcp_client: '-host' invalid");
goto end;
}
if (url->port != -1) {
port = url->port;
}
server.sin_addr = *((struct in_addr *)hp->h_addr_list[0]);
server.sin_family = AF_INET;
server.sin_port = htons(port);
if ((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
perror("socket");
goto end;
}
if (connect(sock, (struct sockaddr *)&server , sizeof(server)) < 0) {
perror("connect");
goto end;
}
memset(&ctx, 0, sizeof(ctx));
memset(&conn, 0, sizeof(conn));
tls_ctx_init(&ctx, TLS_protocol_tlcp, TLS_client_mode);
tls_ctx_set_cipher_suites(&ctx, &cipher, 1);
tls_init(&conn, &ctx);
tls_set_socket(&conn, sock);
if (tls_do_handshake(&conn) != 1) {
fprintf(stderr, "%s: error\n", prog);
goto end;
}
snprintf(request, sizeof(request)-1, "GET %s HTTP/1.1\r\nHost: %s\r\n\r\n",
url->path ? url->path : "/",
url->host);
tls_send(&conn, (uint8_t *)request, strlen(request), &len);
if (tls_recv(&conn, buf, sizeof(buf), &len) != 1) {
fprintf(stderr, "recv failure\n");
goto end;
}
buf[len] = 0;
p = strstr((char *)buf, "\r\n\r\n");
if (p) {
printf("%s", p + 4);
fflush(stdout);
}
end:
free_url_components(url);
close(sock);
tls_ctx_cleanup(&ctx);
tls_cleanup(&conn);
return 0;
}

113
demos/src/tlcp_post_demo.c Normal file
View File

@@ -0,0 +1,113 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <errno.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include <netdb.h>
#include <sys/types.h>
#include <arpa/inet.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <gmssl/tls.h>
#include <gmssl/error.h>
int main(int argc, char *argv[])
{
int ret = -1;
char *prog = argv[0];
const int cipher = TLS_cipher_ecc_sm4_cbc_sm3;
URL_COMPONENTS *url;
struct hostent *hp;
int port = 443;
struct sockaddr_in server;
int sock;
TLS_CTX ctx;
TLS_CONNECT conn;
char request[1024];
uint8_t buf[16800];
char *p;
size_t len;
if (argc != 2) {
fprintf(stderr, "example: echo \"key=word\" | tlcp_post https://sm2only.ovssl.cn\n");
return 1;
}
if (!(url = parse_url(argv[1]))) {
fprintf(stderr, "parse url '%s' failure\n", argv[1]);
return 1;
}
if (!(hp = gethostbyname(url->host))) {
herror("tlcp_client: '-host' invalid");
goto end;
}
if (url->port != -1) {
port = url->port;
}
server.sin_addr = *((struct in_addr *)hp->h_addr_list[0]);
server.sin_family = AF_INET;
server.sin_port = htons(port);
if ((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
perror("socket");
goto end;
}
if (connect(sock, (struct sockaddr *)&server , sizeof(server)) < 0) {
perror("connect");
goto end;
}
memset(&ctx, 0, sizeof(ctx));
memset(&conn, 0, sizeof(conn));
tls_ctx_init(&ctx, TLS_protocol_tlcp, TLS_client_mode);
tls_ctx_set_cipher_suites(&ctx, &cipher, 1);
tls_init(&conn, &ctx);
tls_set_socket(&conn, sock);
if (tls_do_handshake(&conn) != 1) {
fprintf(stderr, "%s: error\n", prog);
goto end;
}
snprintf(request, sizeof(request)-1, "POST %s HTTP/1.1\r\nHost: %s\r\n\r\n",
url->path ? url->path : "/",
url->host);
tls_send(&conn, (uint8_t *)request, strlen(request), &len);
len = fread(buf, 1, sizeof(buf), stdin);
if (len) {
tls_send(&conn, buf, len, &len);
}
if (tls_recv(&conn, buf, sizeof(buf), &len) != 1) {
fprintf(stderr, "recv failure\n");
goto end;
}
buf[len] = 0;
p = strstr((char *)buf, "\r\n\r\n");
if (p) {
printf("%s", p + 4);
fflush(stdout);
}
end:
free_url_components(url);
close(sock);
tls_ctx_cleanup(&ctx);
tls_cleanup(&conn);
return 0;
}

26
demos/src/version_demo.c Normal file
View File

@@ -0,0 +1,26 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/version.h>
int main(int argc, char **argv)
{
if (gmssl_version_num() < 30100) {
fprintf(stderr, "GmSSL version is lower than 3.0.0\n");
return 1;
}
printf("GmSSL version: %s\n", gmssl_version_str());
return 0;
}

88
demos/src/x509_cert_check_demo.c Normal file
View File

@@ -0,0 +1,88 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/x509_cer.h>
char *pem =
"-----BEGIN CERTIFICATE-----\n"
"MIIBszCCAVegAwIBAgIIaeL+wBcKxnswDAYIKoEcz1UBg3UFADAuMQswCQYDVQQG\n"
"EwJDTjEOMAwGA1UECgwFTlJDQUMxDzANBgNVBAMMBlJPT1RDQTAeFw0xMjA3MTQw\n"
"MzExNTlaFw00MjA3MDcwMzExNTlaMC4xCzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVO\n"
"UkNBQzEPMA0GA1UEAwwGUk9PVENBMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAE\n"
"MPCca6pmgcchsTf2UnBeL9rtp4nw+itk1Kzrmbnqo05lUwkwlWK+4OIrtFdAqnRT\n"
"V7Q9v1htkv42TsIutzd126NdMFswHwYDVR0jBBgwFoAUTDKxl9kzG8SmBcHG5Yti\n"
"W/CXdlgwDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFEwysZfZ\n"
"MxvEpgXBxuWLYlvwl3ZYMAwGCCqBHM9VAYN1BQADSAAwRQIgG1bSLeOXp3oB8H7b\n"
"53W+CKOPl2PknmWEq/lMhtn25HkCIQDaHDgWxWFtnCrBjH16/W3Ezn7/U/Vjo5xI\n"
"pDoiVhsLwg==\n"
"-----END CERTIFICATE-----\n";
static int prepare_pem_file(void)
{
FILE *fp;
if (!(fp = fopen("cert.pem", "wb"))) {
fprintf(stderr, "fopen() error\n");
return -1;
}
if (fwrite(pem, 1, strlen(pem), fp) != strlen(pem)) {
fprintf(stderr, "fwrite() error\n");
return -1;
}
fclose(fp);
return 1;
}
int main(int argc, char **argv)
{
int ret = -1;
FILE *fp = NULL;
uint8_t cert[2048];
size_t certlen;
int cert_type = X509_cert_root_ca;
/*
cert_type options:
X509_cert_server_auth,
X509_cert_client_auth,
X509_cert_server_key_encipher,
X509_cert_client_key_encipher,
X509_cert_ca,
X509_cert_root_ca,
X509_cert_crl_sign,
*/
int path_len_constraint;
(void)prepare_pem_file();
if (!(fp = fopen("cert.pem", "rb"))) {
fprintf(stderr, "fopen() cert.pem error\n");
goto err;
}
if (x509_cert_from_pem(cert, &certlen, sizeof(cert), fp) != 1) {
fprintf(stderr, "x509_cert_from_pem() error\n");
goto err;
}
if (x509_cert_check(cert, certlen, cert_type, &path_len_constraint) != 1) {
fprintf(stderr, "invalid cert\n");
goto err;
}
ret = 0;
err:
if (fp) fclose(fp);
return ret;
}

100
demos/src/x509_cert_parse_demo.c Normal file
View File

@@ -0,0 +1,100 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/x509_cer.h>
char *pem =
"-----BEGIN CERTIFICATE-----\n"
"MIIBszCCAVegAwIBAgIIaeL+wBcKxnswDAYIKoEcz1UBg3UFADAuMQswCQYDVQQG\n"
"EwJDTjEOMAwGA1UECgwFTlJDQUMxDzANBgNVBAMMBlJPT1RDQTAeFw0xMjA3MTQw\n"
"MzExNTlaFw00MjA3MDcwMzExNTlaMC4xCzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVO\n"
"UkNBQzEPMA0GA1UEAwwGUk9PVENBMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAE\n"
"MPCca6pmgcchsTf2UnBeL9rtp4nw+itk1Kzrmbnqo05lUwkwlWK+4OIrtFdAqnRT\n"
"V7Q9v1htkv42TsIutzd126NdMFswHwYDVR0jBBgwFoAUTDKxl9kzG8SmBcHG5Yti\n"
"W/CXdlgwDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFEwysZfZ\n"
"MxvEpgXBxuWLYlvwl3ZYMAwGCCqBHM9VAYN1BQADSAAwRQIgG1bSLeOXp3oB8H7b\n"
"53W+CKOPl2PknmWEq/lMhtn25HkCIQDaHDgWxWFtnCrBjH16/W3Ezn7/U/Vjo5xI\n"
"pDoiVhsLwg==\n"
"-----END CERTIFICATE-----\n";
static int prepare_pem_file(void)
{
FILE *fp;
if (!(fp = fopen("cert.pem", "wb"))) {
fprintf(stderr, "fopen() error\n");
return -1;
}
if (fwrite(pem, 1, strlen(pem), fp) != strlen(pem)) {
fprintf(stderr, "fwrite() error\n");
return -1;
}
fclose(fp);
return 1;
}
int main(int argc, char **argv)
{
int ret = -1;
FILE *fp = NULL;
uint8_t cert[2048];
size_t certlen;
const uint8_t *serial;
size_t serial_len;
const uint8_t *issuer;
size_t issuer_len;
const uint8_t *subject;
size_t subject_len;
SM2_KEY subject_public_key;
size_t i;
(void)prepare_pem_file();
if (!(fp = fopen("cert.pem", "rb"))) {
fprintf(stderr, "fopen() cert.pem error\n");
goto err;
}
if (x509_cert_from_pem(cert, &certlen, sizeof(cert), fp) != 1) {
fprintf(stderr, "x509_cert_from_pem() error\n");
goto err;
}
if (x509_cert_get_issuer_and_serial_number(cert, certlen, &issuer, &issuer_len, &serial, &serial_len) != 1)
goto err;
if (x509_cert_get_subject(cert, certlen, &subject, &subject_len) != 1)
goto err;
if (x509_cert_get_subject_public_key(cert, certlen, &subject_public_key) != 1)
goto err;
if (x509_name_equ(subject, subject_len, issuer, issuer_len) == 1) {
printf("This is self-signed certificate\n");
}
printf("SerialNumber: ");
for (i = 0; i < serial_len; i++) {
printf("%02X", serial[i]);
}
printf("\n");
x509_name_print(stdout, 0, 0, "Issuer", issuer, issuer_len);
x509_name_print(stdout, 0, 0, "Subject", subject, subject_len);
sm2_public_key_print(stdout, 0, 0, "SubjectPublicKey", &subject_public_key);
ret = 0;
err:
if (fp) fclose(fp);
return ret;
}

72
demos/src/x509_cert_print_demo.c Normal file
View File

@@ -0,0 +1,72 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/x509_cer.h>
char *pem =
"-----BEGIN CERTIFICATE-----\n"
"MIIBszCCAVegAwIBAgIIaeL+wBcKxnswDAYIKoEcz1UBg3UFADAuMQswCQYDVQQG\n"
"EwJDTjEOMAwGA1UECgwFTlJDQUMxDzANBgNVBAMMBlJPT1RDQTAeFw0xMjA3MTQw\n"
"MzExNTlaFw00MjA3MDcwMzExNTlaMC4xCzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVO\n"
"UkNBQzEPMA0GA1UEAwwGUk9PVENBMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAE\n"
"MPCca6pmgcchsTf2UnBeL9rtp4nw+itk1Kzrmbnqo05lUwkwlWK+4OIrtFdAqnRT\n"
"V7Q9v1htkv42TsIutzd126NdMFswHwYDVR0jBBgwFoAUTDKxl9kzG8SmBcHG5Yti\n"
"W/CXdlgwDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFEwysZfZ\n"
"MxvEpgXBxuWLYlvwl3ZYMAwGCCqBHM9VAYN1BQADSAAwRQIgG1bSLeOXp3oB8H7b\n"
"53W+CKOPl2PknmWEq/lMhtn25HkCIQDaHDgWxWFtnCrBjH16/W3Ezn7/U/Vjo5xI\n"
"pDoiVhsLwg==\n"
"-----END CERTIFICATE-----\n";
static int prepare_pem_file(void)
{
FILE *fp;
if (!(fp = fopen("cert.pem", "wb"))) {
fprintf(stderr, "fopen() error\n");
return -1;
}
if (fwrite(pem, 1, strlen(pem), fp) != strlen(pem)) {
fprintf(stderr, "fwrite() error\n");
return -1;
}
fclose(fp);
return 1;
}
int main(int argc, char **argv)
{
int ret = -1;
FILE *fp = NULL;
uint8_t cert[2048];
size_t certlen;
(void)prepare_pem_file();
if (!(fp = fopen("cert.pem", "rb"))) {
fprintf(stderr, "fopen() cert.pem error\n");
goto err;
}
if (x509_cert_from_pem(cert, &certlen, sizeof(cert), fp) != 1) {
fprintf(stderr, "x509_cert_from_pem() error\n");
goto err;
}
x509_cert_print(stdout, 0, 0, "Certificate", cert, certlen);
ret = 0;
err:
if (fp) fclose(fp);
return ret;
}

159
demos/src/x509_cert_verify_demo.c Normal file
View File

@@ -0,0 +1,159 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/x509_cer.h>
char *signcert_pem =
"-----BEGIN CERTIFICATE-----\n"
"MIICzzCCAnKgAwIBAgIFEzY5M3AwDAYIKoEcz1UBg3UFADAlMQswCQYDVQQGEwJD\n"
"TjEWMBQGA1UECgwNQ0ZDQSBTTTIgT0NBMTAeFw0yMTA2MTEwOTA1MjBaFw0yNjA2\n"
"MTkwODE2NTZaMIGRMQswCQYDVQQGEwJDTjEPMA0GA1UECAwG5YyX5LqsMQ8wDQYD\n"
"VQQHDAbljJfkuqwxJzAlBgNVBAoMHuS4reWbvemTtuihjOiCoeS7veaciemZkOWF\n"
"rOWPuDERMA8GA1UECwwITG9jYWwgUkExDDAKBgNVBAsMA1NTTDEWMBQGA1UEAwwN\n"
"ZWJzc2VjLmJvYy5jbjBZMBMGByqGSM49AgEGCCqBHM9VAYItA0IABPsNUnoZQM9C\n"
"SnvC57TbvdfyOTCuPOSlZmPAyxBKFj+Y1QH/xlubHdVf5XqHrO1jCDRi7aN5IKGX\n"
"QF1492c803OjggEeMIIBGjAfBgNVHSMEGDAWgBRck1ggWiRzVhAbZFAQ7OmnygdB\n"
"ETAMBgNVHRMBAf8EAjAAMEgGA1UdIARBMD8wPQYIYIEchu8qAQEwMTAvBggrBgEF\n"
"BQcCARYjaHR0cDovL3d3dy5jZmNhLmNvbS5jbi91cy91cy0xNC5odG0wNwYDVR0f\n"
"BDAwLjAsoCqgKIYmaHR0cDovL2NybC5jZmNhLmNvbS5jbi9TTTIvY3JsNTYxOC5j\n"
"cmwwGAYDVR0RBBEwD4INZWJzc2VjLmJvYy5jbjAOBgNVHQ8BAf8EBAMCBsAwHQYD\n"
"VR0OBBYEFJ6oFo/OrKgDhHFORpaq04kX7T1KMB0GA1UdJQQWMBQGCCsGAQUFBwMC\n"
"BggrBgEFBQcDATAMBggqgRzPVQGDdQUAA0kAMEYCIQCvhSvbv5h6ERl1YcCLg+fz\n"
"9UleQbaPfBYwUjUD2dAHVQIhAMRC4k9S/mSC0UpUvCqh/DQC2Ui8Tccd5G2IgYSs\n"
"cnUN\n"
"-----END CERTIFICATE-----\n";
char *enccert_pem =
"-----BEGIN CERTIFICATE-----\n"
"MIICzjCCAnKgAwIBAgIFEzY5M3EwDAYIKoEcz1UBg3UFADAlMQswCQYDVQQGEwJD\n"
"TjEWMBQGA1UECgwNQ0ZDQSBTTTIgT0NBMTAeFw0yMTA2MTEwOTA1MjBaFw0yNjA2\n"
"MTkwODE2NTZaMIGRMQswCQYDVQQGEwJDTjEPMA0GA1UECAwG5YyX5LqsMQ8wDQYD\n"
"VQQHDAbljJfkuqwxJzAlBgNVBAoMHuS4reWbvemTtuihjOiCoeS7veaciemZkOWF\n"
"rOWPuDERMA8GA1UECwwITG9jYWwgUkExDDAKBgNVBAsMA1NTTDEWMBQGA1UEAwwN\n"
"ZWJzc2VjLmJvYy5jbjBZMBMGByqGSM49AgEGCCqBHM9VAYItA0IABMn1q+hbV0i1\n"
"qnKAy7QeZ3ZfAD+gqHX4F5MqIhsarODlWsavf/dcprC0F277zc44aYBB/3ucy4PF\n"
"qXaRHQp8PEyjggEeMIIBGjAfBgNVHSMEGDAWgBRck1ggWiRzVhAbZFAQ7OmnygdB\n"
"ETAMBgNVHRMBAf8EAjAAMEgGA1UdIARBMD8wPQYIYIEchu8qAQEwMTAvBggrBgEF\n"
"BQcCARYjaHR0cDovL3d3dy5jZmNhLmNvbS5jbi91cy91cy0xNC5odG0wNwYDVR0f\n"
"BDAwLjAsoCqgKIYmaHR0cDovL2NybC5jZmNhLmNvbS5jbi9TTTIvY3JsNTYxOC5j\n"
"cmwwGAYDVR0RBBEwD4INZWJzc2VjLmJvYy5jbjAOBgNVHQ8BAf8EBAMCAzgwHQYD\n"
"VR0OBBYEFF/a1JHvzLzbpFbBljX7hNxRpj/2MB0GA1UdJQQWMBQGCCsGAQUFBwMC\n"
"BggrBgEFBQcDATAMBggqgRzPVQGDdQUAA0gAMEUCIQDCOFi1eZcgiN6t+h6lxLwS\n"
"grAh3Jall+ZyA2ePw6xcjwIgNyDvo761dpwJhcyWfyVCAnaTf0Vf4DLWI1K+S7po\n"
"Ur8=\n"
"-----END CERTIFICATE-----\n";
char *cacert_pem =
"-----BEGIN CERTIFICATE-----\n"
"MIICNTCCAdmgAwIBAgIFEAAAAAgwDAYIKoEcz1UBg3UFADBYMQswCQYDVQQGEwJD\n"
"TjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9y\n"
"aXR5MRcwFQYDVQQDDA5DRkNBIENTIFNNMiBDQTAeFw0xMzAxMjQwODQ2NDBaFw0z\n"
"MzAxMTkwODQ2NDBaMCUxCzAJBgNVBAYTAkNOMRYwFAYDVQQKDA1DRkNBIFNNMiBP\n"
"Q0ExMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAEfJqQoo0+JoyCRy0msS2Ym076\n"
"8nV1pSLuK9utS1ij38obWDymq0oMRRwUzDMEQI19Cajo3JUoGFxOvsA+YWu3XKOB\n"
"wDCBvTAfBgNVHSMEGDAWgBTkjt3Uo+e2D+4dJ5bNddwlJXJp3TAMBgNVHRMEBTAD\n"
"AQH/MGAGA1UdHwRZMFcwVaBToFGkTzBNMQswCQYDVQQGEwJDTjETMBEGA1UECgwK\n"
"Q0ZDQSBDUyBDQTEMMAoGA1UECwwDQ1JMMQwwCgYDVQQLDANTTTIxDTALBgNVBAMM\n"
"BGNybDEwCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBRck1ggWiRzVhAbZFAQ7OmnygdB\n"
"ETAMBggqgRzPVQGDdQUAA0gAMEUCIBVscoZJhUy4eToK4C//LjvhjKK2qpBFac/h\n"
"Pr6yYTLzAiEAiyqrqsGUU5vGkDo5bEpmF1EbnY8xovsM9vCx98yBrVM=\n"
"-----END CERTIFICATE-----\n";
char *rootcacert_pem =
"-----BEGIN CERTIFICATE-----\n"
"MIICAzCCAaegAwIBAgIEFy9CWTAMBggqgRzPVQGDdQUAMFgxCzAJBgNVBAYTAkNO\n"
"MTAwLgYDVQQKDCdDaGluYSBGaW5hbmNpYWwgQ2VydGlmaWNhdGlvbiBBdXRob3Jp\n"
"dHkxFzAVBgNVBAMMDkNGQ0EgQ1MgU00yIENBMB4XDTEyMDgzMTAyMDY1OVoXDTQy\n"
"MDgyNDAyMDY1OVowWDELMAkGA1UEBhMCQ04xMDAuBgNVBAoMJ0NoaW5hIEZpbmFu\n"
"Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEXMBUGA1UEAwwOQ0ZDQSBDUyBT\n"
"TTIgQ0EwWTATBgcqhkjOPQIBBggqgRzPVQGCLQNCAATuRh26wmtyKNMz+Pmneo3a\n"
"Sme+BCjRon8SvAxZBgLSuIxNUewq4kNujeb1I4A0yg7xNcjuOgXglAoQv+Tc+P0V\n"
"o10wWzAfBgNVHSMEGDAWgBTkjt3Uo+e2D+4dJ5bNddwlJXJp3TAMBgNVHRMEBTAD\n"
"AQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQU5I7d1KPntg/uHSeWzXXcJSVyad0w\n"
"DAYIKoEcz1UBg3UFAANIADBFAiBhP/rmIvles3RK1FfcmmEeS9RZdu+5lCzxF0nk\n"
"cof2QAIhAPVRpqOuceEQHsR77FBe/DgVPqF6lOyoZs0TzTDHrN8c\n"
"-----END CERTIFICATE-----\n";
static int prepare_pem_file(void)
{
FILE *fp;
if (!(fp = fopen("double_certs_chain.pem", "wb"))) {
fprintf(stderr, "fopen() error\n");
return -1;
}
if (fwrite(signcert_pem, 1, strlen(signcert_pem), fp) != strlen(signcert_pem)
|| fwrite(enccert_pem, 1, strlen(enccert_pem), fp) != strlen(enccert_pem)
|| fwrite(cacert_pem, 1, strlen(cacert_pem), fp) != strlen(cacert_pem)) {
fprintf(stderr, "fwrite() error\n");
return -1;
}
fclose(fp);
if (!(fp = fopen("rootcacert.pem", "wb"))) {
fprintf(stderr, "fopen() error\n");
return -1;
}
if (fwrite(rootcacert_pem, 1, strlen(rootcacert_pem), fp) != strlen(rootcacert_pem)) {
fprintf(stderr, "fwrite() error\n");
return -1;
}
fclose(fp);
return 1;
}
int main(int argc, char **argv)
{
int ret = -1;
FILE *fp = NULL;
uint8_t certs[4096];
size_t certslen;
uint8_t rootcacert[1024];
size_t rootcacertlen;
(void)prepare_pem_file();
if (!(fp = fopen("double_certs_chain.pem", "rb"))) {
fprintf(stderr, "fopen() error\n");
goto err;
}
if (x509_certs_from_pem(certs, &certslen, sizeof(certs), fp) != 1) {
fprintf(stderr, "x509_certs_from_pem() error\n");
goto err;
}
fclose(fp);
if (!(fp = fopen("rootcacert.pem", "rb"))) {
fprintf(stderr, "fopen() error\n");
goto err;
}
if (x509_cert_from_pem(rootcacert, &rootcacertlen, sizeof(rootcacert), fp) != 1) {
fprintf(stderr, "x509_cert_from_pem() error\n");
goto err;
}
int cert_type = X509_cert_chain_client;
int verify_result = 0;
if (x509_certs_verify_tlcp(certs, certslen, cert_type, rootcacert, rootcacertlen, 6, &verify_result) != 1) {
fprintf(stderr, "x509_certs_verify_tlcp() error\n");
goto err;
}
ret = 0;
err:
if (fp) fclose(fp);
return ret;
}

53
demos/src/x509_crl_download_demo.c Normal file
View File

@@ -0,0 +1,53 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/file.h>
#include <gmssl/x509_crl.h>
char *http_uri = "http://mscrl.microsoft.com/pki/mscorp/crl/Microsoft%20RSA%20TLS%20CA%2002.crl";
char *file_name = "Microsoft RSA TLS CA 02.crl";
int main(int argc, char **argv)
{
int ret = -1;
uint8_t *crl = NULL;
size_t crllen;
FILE *fp = NULL;
printf("Demo - Download CRL from HTTP\n\n");
printf(" Download from %s\n", http_uri);
if (x509_crl_new_from_uri(&crl, &crllen, http_uri, strlen(http_uri)) != 1) {
fprintf(stderr, "x509_crl_new_from_uri() error\n");
goto err;
}
//x509_crl_print(stdout, 0, 0, "CRL", crl, crllen);
if (!(fp = fopen(file_name, "wb"))) {
fprintf(stderr, "fopen() error\n");
goto err;
}
fwrite(crl, 1, crllen, fp);
printf(" Save to %s\n", file_name);
printf(" Run `gmssl crlparse -in \"%s\"` to print the downloaded CRL\n", file_name);
printf("\n");
ret = 0;
err:
if (crl) free(crl);
if (fp) fclose(fp);
return ret;
}

68
demos/src/x509_crl_find_revoked_cert_demo.c Normal file
View File

@@ -0,0 +1,68 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/file.h>
#include <gmssl/x509_crl.h>
// 为了这些demo应该准备好测试的文件而不是把文件都放在源代码里面
// 这样会更灵活一些
int main(int argc, char **argv)
{
int ret = -1;
uint8_t *crl;
size_t crllen;
char *cert;
size_t certlen;
const uint8_t *cert_serial;
size_t cert_serial_len;
time_t cert_revoke_date;
const uint8_t *crl_entry_exts;
size_t crl_entry_exts_len;
int revoked;
printf("Demo - Check if a Certificate has been revoked in a CRL\n");
if (x509_cert_get_issuer_and_serial_number(cert, certlen,
NULL, NULL, &cert_serial, &cert_serial_len) != 1) {
fprintf(stderr, "x509_cert_get_issuer_and_serial_number() error\n");
goto err;
}
if ((revoked = x509_crl_find_revoked_cert_by_serial_number(
crl, crllen,
cert_serial, cert_serial_len,
&cert_revoked_date,
&crl_entry_exts, &crl_entry_exts_len)) == -1) {
fprintf(stderr, "x509_crl_find_revoked_cert_by_serial_number() error\n");
goto err;
}
if (revoked) {
printf(" The certificate has been revoked\n");
format_bytes(stderr, 0, 4, "SerialNumber", cert_serial, cert_serial_len);
x509_crl_entry_exts_print(stderr, 0, 4, "CRLEntryExts", crl_entry_exts, crl_entry_exts_len);
} else {
printf(" The certificate not in the given CRL\n");
}
ret = 0;
err:
if (der) free(der);
return ret;
}

47
demos/src/x509_crl_print_demo.c Normal file
View File

@@ -0,0 +1,47 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/file.h>
#include <gmssl/x509_crl.h>
char *crl_file = "../../demos/certs/crl/Civil Servant ROOT.crl";
int main(int argc, char **argv)
{
int ret = -1;
uint8_t *der = NULL;
size_t derlen;
const uint8_t *cp;
const uint8_t *crl;
size_t crllen;
printf("Demo - Read and print CRL in DER-encoding\n");
if (file_read_all(crl_file, &der, &derlen) != 1) {
fprintf(stderr, "file_read_all() error\n");
goto err;
}
cp = der;
if (x509_crl_from_der(&crl, &crllen, &cp, &derlen) != 1) {
fprintf(stderr, "x509_crl_from_der() error\n");
goto err;
}
x509_crl_print(stdout, 0, 0, "CRL", crl, crllen);
ret = 0;
err:
if (der) free(der);
return ret;
}

46
demos/src/x509_crl_verify_demo.c Normal file
View File

@@ -0,0 +1,46 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/file.h>
#include <gmssl/x509_crl.h>
// 为了这些demo应该准备好测试的文件而不是把文件都放在源代码里面
// 这样会更灵活一些
int main(int argc, char **argv)
{
int ret = -1;
uint8_t *crl;
size_t crllen;
char *cacert;
size_t cacertlen;
printf("Demo - Check if a Certificate has been revoked in a CRL\n");
126 if ((rv = x509_crl_verify_by_ca_cert(crl, crl_len, cacert, cacertlen, SM2_DEFAULT_ID, strlen(SM2_DEFAULT_ID))) < 0) {
127 fprintf(stderr, "%s: verification inner error\n", prog);
128 goto end;
129 }
ret = 0;
err:
if (crl) free(crl);
if (cacert) free(cacert);
return ret;
}

2
demos/src/demo_zuc.c → demos/src/zuc_demo.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved. * Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
* *
* Licensed under the Apache License, Version 2.0 (the License); you may * Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License. * not use this file except in compliance with the License.

50
demos/src/zuc_encrypt_stdin_demo.c Normal file
View File

@@ -0,0 +1,50 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/zuc.h>
int main(void)
{
ZUC_CTX zuc_ctx;
unsigned char key[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char iv[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char inbuf[1024];
unsigned char outbuf[1024 + 32];
size_t inlen;
size_t outlen;
if (zuc_encrypt_init(&zuc_ctx, key, iv) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) {
if (zuc_encrypt_update(&zuc_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
fwrite(outbuf, 1, outlen, stdout);
}
if (zuc_encrypt_finish(&zuc_ctx, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
fwrite(outbuf, 1, outlen, stdout);
return 0;
}