diff --git a/CMakeLists.txt b/CMakeLists.txt index bd885639..83680542 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -20,7 +20,7 @@ else() endif() option(ENABLE_TEST_SPEED "Enable test speed" OFF) -option(ENABLE_LONG_TEST "Enable long-running tests" OFF) +option(ENABLE_SLOW_TEST "Enable slow tests" OFF) @@ -46,38 +46,37 @@ option(ENABLE_SM4_CL "Enable SM4 OpenCL" OFF) option(ENABLE_INTEL_RDRAND "Enable Intel RDRAND instructions" OFF) option(ENABLE_INTEL_RDSEED "Enable Intel RDSEED instructions" OFF) -option(ENABLE_SM4_ECB "Enable SM4 ECB mode" OFF) -option(ENABLE_SM4_OFB "Enable SM4 OFB mode" OFF) -option(ENABLE_SM4_CFB "Enable SM4 CFB mode" OFF) -option(ENABLE_SM4_CCM "Enable SM4 CCM mode" OFF) -option(ENABLE_SM4_XTS "Enable SM4 XTS mode" OFF) -option(ENABLE_SM4_CBC_MAC "Enable SM4-CBC-MAC" OFF) +option(ENABLE_SM4_ECB "Enable SM4 ECB mode" ON) +option(ENABLE_SM4_OFB "Enable SM4 OFB mode" ON) +option(ENABLE_SM4_CFB "Enable SM4 CFB mode" ON) +option(ENABLE_SM4_CCM "Enable SM4 CCM mode" ON) +option(ENABLE_SM4_XTS "Enable SM4 XTS mode" ON) +option(ENABLE_SM4_CBC_MAC "Enable SM4-CBC-MAC" ON) -option(ENABLE_SM2_EXTS "Enable SM2 Extensions" OFF) option(ENABLE_SM9 "Enable SM9" ON) option(ENABLE_CMS "Enable CMS" ON) option(ENABLE_SECP256R1 "Enable ECDH/ECDSA on curve secp256r1" ON) -option(ENABLE_LMS "Enable LMS/HSS signature" OFF) -option(ENABLE_XMSS "Enable XMSS/XMSS^MT signature" OFF) -option(ENABLE_SPHINCS "Enable SPHINCS+ signature" OFF) -option(ENABLE_KYBER "Enable Kyber" OFF) +option(ENABLE_LMS "Enable LMS/HSS signature" ON) +option(ENABLE_XMSS "Enable XMSS/XMSS^MT signature" ON) +option(ENABLE_SPHINCS "Enable SPHINCS+ signature" ON) +option(ENABLE_KYBER "Enable Kyber" ON) -option(ENABLE_SHA1 "Enable SHA1" OFF) +option(ENABLE_SHA1 "Enable SHA1" ON) option(ENABLE_SHA2 "Enable SHA2" ON) option(ENABLE_AES "Enable AES" ON) -option(ENABLE_AES_CCM "Enable AES CCM mode" OFF) -option(ENABLE_CHACHA20 "Enable Chacha20" OFF) +option(ENABLE_AES_CCM "Enable AES CCM mode" ON) +option(ENABLE_CHACHA20 "Enable Chacha20" ON) option(ENABLE_ZUC "Enable ZUC" ON) -option(ENABLE_GHASH "Enable standalone GHASH command and test" OFF) +option(ENABLE_GHASH "Enable standalone GHASH command and test" ON) -option(ENABLE_SKF "Enable SKF module" OFF) -option(ENABLE_SDF "Enable SDF module" OFF) +option(ENABLE_SKF "Enable SKF module" ON) +option(ENABLE_SDF "Enable SDF module" ON) option(ENABLE_ASM_UNDERSCORE_PREFIX "Add prefix `_` to assembly symbols" ON) -option(ENABLE_TLS "Enable TLS and TLCP protocol support" OFF) +option(ENABLE_TLS "Enable TLS and TLCP protocol support" ON) option(ENABLE_TLS_DEBUG "Enable TLS and TLCP print debug message" OFF) option (ENABLE_SM2_ENC_PRE_COMPUTE "Enable SM2 encryption precomputing" ON) @@ -219,9 +218,9 @@ if (ENABLE_TEST_SPEED) add_definitions(-DENABLE_TEST_SPEED) endif() -if (ENABLE_LONG_TEST) - message(STATUS "ENABLE_LONG_TEST is ON") - add_definitions(-DENABLE_LONG_TEST) +if (ENABLE_SLOW_TEST) + message(STATUS "ENABLE_SLOW_TEST is ON") + add_definitions(-DENABLE_SLOW_TEST) endif() @@ -822,7 +821,7 @@ endif() # set(CPACK_PACKAGE_NAME "GmSSL") set(CPACK_PACKAGE_VENDOR "GmSSL develop team") -set(CPACK_PACKAGE_VERSION "3.2.0-dev.1109") +set(CPACK_PACKAGE_VERSION "3.2.0-dev.1110") set(CPACK_PACKAGE_DESCRIPTION_FILE ${PROJECT_SOURCE_DIR}/README.md) set(CPACK_NSIS_MODIFY_PATH ON) include(CPack) diff --git a/include/gmssl/version.h b/include/gmssl/version.h index 4f55238c..976231dd 100644 --- a/include/gmssl/version.h +++ b/include/gmssl/version.h @@ -18,7 +18,7 @@ extern "C" { #define GMSSL_VERSION_NUM 30200 -#define GMSSL_VERSION_STR "GmSSL 3.2.0-dev.1109" +#define GMSSL_VERSION_STR "GmSSL 3.2.0-dev.1110" int gmssl_version_num(void); const char *gmssl_version_str(void); diff --git a/src/tls12.c b/src/tls12.c index 5ee035d1..40afa771 100644 --- a/src/tls12.c +++ b/src/tls12.c @@ -52,7 +52,7 @@ const int tls12_cipher_suites[] = { TLS_cipher_ecdhe_ecdsa_with_aes_128_cbc_sha256, TLS_cipher_ecdhe_ecdsa_with_aes_128_gcm_sha256, #ifdef ENABLE_AES_CCM - TLS_cipher_ecdhe_ecdsa_with_aes_128_ccm_sha256, + TLS_cipher_ecdhe_ecdsa_with_aes_128_ccm, #endif #endif }; @@ -3168,7 +3168,7 @@ int tls12_send(TLS_CONNECT *conn, const uint8_t *in, size_t inlen, size_t *sentl break; #ifdef ENABLE_AES_CCM - case TLS_cipher_ecdhe_ecdsa_aes_128_ccm_sha256: + case TLS_cipher_ecdhe_ecdsa_with_aes_128_ccm: if (tls_ccm_encrypt(enc_key, fixed_iv, seq_num, conn->databuf, conn->databuf + 5, tls_record_data_length(conn->databuf), conn->record + 5, &recordlen) != 1) { diff --git a/tests/lmstest.c b/tests/lmstest.c index d1253bbe..89cb24e6 100644 --- a/tests/lmstest.c +++ b/tests/lmstest.c @@ -10,11 +10,18 @@ #include #include #include +#include #include #include #include #include +static void test_print_elapsed(const char *func, clock_t start) +{ + printf(" %s() elapsed: %.3f seconds\n", + func, (double)(clock() - start)/CLOCKS_PER_SEC); +} + static int lms_types[] = { LMS_HASH256_M32_H5, @@ -305,6 +312,7 @@ static int test_lms_key_generate(void) { LMS_KEY lms_key; int lms_type = lms_types[0]; + clock_t start = clock(); if (lms_key_generate(&lms_key, lms_type) != 1) { error_print(); @@ -312,6 +320,7 @@ static int test_lms_key_generate(void) } lms_private_key_print(stdout, 0, 0, "lms_private_key", &lms_key); + test_print_elapsed(__FUNCTION__, start); printf("%s() ok\n", __FUNCTION__); return 1; } @@ -456,6 +465,7 @@ static int test_lms_sign(void) uint8_t sig[LMS_SIGNATURE_MAX_SIZE]; size_t siglen; int ret; + clock_t start = clock(); if (lms_key_generate(&key, lms_type) != 1) { error_print(); @@ -517,6 +527,7 @@ static int test_lms_sign(void) return -1; } + test_print_elapsed(__FUNCTION__, start); printf("%s() ok\n", __FUNCTION__); return 1; } @@ -548,6 +559,7 @@ static int test_lms_max_sigs(void) static int test_hss_key_generate(void) { HSS_KEY key; + clock_t start = clock(); if (hss_key_generate(&key, lms_types, sizeof(lms_types)/sizeof(lms_types[0])) != 1) { error_print(); @@ -557,6 +569,7 @@ static int test_hss_key_generate(void) hss_public_key_print(stdout, 0, 4, "hss_public_key", &key); hss_private_key_print(stdout, 0, 4, "hss_key", &key); + test_print_elapsed(__FUNCTION__, start); printf("%s() ok\n", __FUNCTION__); return 1; } @@ -834,6 +847,7 @@ static int test_hss_sign_level1(void) uint8_t msg[200]; uint8_t buf[sizeof(HSS_SIGNATURE)]; size_t len; + clock_t start = clock(); if (hss_key_generate(&key, lms_types, levels) != 1) { error_print(); @@ -866,6 +880,7 @@ static int test_hss_sign_level1(void) return -1; } + test_print_elapsed(__FUNCTION__, start); printf("%s() ok\n", __FUNCTION__); return 1; } @@ -879,6 +894,7 @@ static int test_hss_sign_level2(void) uint8_t msg[200]; uint8_t buf[sizeof(HSS_SIGNATURE)]; size_t len; + clock_t start = clock(); if (hss_key_generate(&key, lms_types, levels) != 1) { error_print(); @@ -915,6 +931,7 @@ static int test_hss_sign_level2(void) return -1; } + test_print_elapsed(__FUNCTION__, start); printf("%s() ok\n", __FUNCTION__); return 1; } @@ -927,6 +944,7 @@ static int test_hss_sign(void) uint8_t msg[200]; uint8_t buf[sizeof(HSS_SIGNATURE)]; size_t len; + clock_t start = clock(); if (hss_key_generate(&key, lms_types, sizeof(lms_types)/sizeof(lms_types[0])) != 1) { error_print(); @@ -963,6 +981,7 @@ static int test_hss_sign(void) return -1; } + test_print_elapsed(__FUNCTION__, start); printf("%s() ok\n", __FUNCTION__); return 1; } diff --git a/tests/pbkdf2test.c b/tests/pbkdf2test.c index 7fecfaa3..3899486c 100644 --- a/tests/pbkdf2test.c +++ b/tests/pbkdf2test.c @@ -20,7 +20,7 @@ #define TEST_PBKDF2_MAX_SALT_SIZE 36 #define TEST_PBKDF2_MAX_DK_SIZE 65 -#ifndef ENABLE_LONG_TEST +#ifndef ENABLE_SLOW_TEST #define TEST_PBKDF2_MAX_ITERATION_COUNT 1000000 #endif @@ -70,7 +70,7 @@ static int test_pbkdf2_hmac_wycheproof(const char *name, const DIGEST *digest, size_t expected_len; int ret; -#ifndef ENABLE_LONG_TEST +#ifndef ENABLE_SLOW_TEST if (tv->iteration_count > TEST_PBKDF2_MAX_ITERATION_COUNT) { fprintf(stderr, "%s tcId %d skipped: iteration_count = %zu\n", name, tv->tc_id, tv->iteration_count); diff --git a/tests/sphincstest.c b/tests/sphincstest.c index 743fff79..bfab4304 100644 --- a/tests/sphincstest.c +++ b/tests/sphincstest.c @@ -10,12 +10,19 @@ #include #include #include +#include #include #include #include #include #include +static void test_print_elapsed(const char *func, clock_t start) +{ + printf(" %s() elapsed: %.3f seconds\n", + func, (double)(clock() - start)/CLOCKS_PER_SEC); +} + typedef struct { char *name; @@ -157,9 +164,11 @@ static int test_sphincs_wots_sign(void) sphincs_adrs_t adrs; sphincs_hash128_t dgst; sphincs_wots_sig_t wots_sig; + clock_t start = clock(); sphincs_wots_sign(wots_sk, seed, adrs, dgst, wots_sig); + test_print_elapsed(__FUNCTION__, start); printf("%s() ok\n", __FUNCTION__); return 1; } @@ -191,6 +200,7 @@ static int test_sphincs_wots_sign_verify(void) sphincs_wots_key_t wots_pk2; sphincs_hash128_t wots_root; int i; + clock_t start = clock(); sphincs_adrs_set_layer_address(adrs, 0); sphincs_adrs_set_tree_address(adrs, 0); @@ -241,6 +251,7 @@ static int test_sphincs_wots_sign_verify(void) + test_print_elapsed(__FUNCTION__, start); printf("%s() ok\n", __FUNCTION__); return 1; } @@ -329,6 +340,7 @@ static int test_sphincs_xmss_sign(void) SPHINCS_XMSS_SIGNATURE sig; sphincs_hash128_t xmss_root; sphincs_hash128_t auth_path[SPHINCS_XMSS_HEIGHT]; + clock_t start = clock(); sphincs_xmss_build_tree(secret, seed, adrs, xmss_tree); @@ -351,6 +363,7 @@ static int test_sphincs_xmss_sign(void) return -1; } + test_print_elapsed(__FUNCTION__, start); printf("%s() ok\n", __FUNCTION__); return 1; } @@ -440,6 +453,7 @@ static int test_sphincs_hypertree_sign(void) sphincs_hash128_t ht_root; SPHINCS_XMSS_SIGNATURE ht_sig[SPHINCS_HYPERTREE_LAYERS]; + clock_t start = clock(); sphincs_hypertree_derive_root(secret, seed, ht_root); format_bytes(stderr, 0, 4, "hypertree_root", ht_root, 16); @@ -453,6 +467,7 @@ static int test_sphincs_hypertree_sign(void) return -1; } + test_print_elapsed(__FUNCTION__, start); printf("%s() ok\n", __FUNCTION__); return 1; @@ -468,6 +483,7 @@ static int test_sphincs_fors_sign(void) sphincs_hash128_t root; sphincs_hash128_t sig_to_root; SPHINCS_FORS_SIGNATURE sig; + clock_t start = clock(); @@ -483,6 +499,7 @@ static int test_sphincs_fors_sign(void) } + test_print_elapsed(__FUNCTION__, start); printf("%s() ok\n", __FUNCTION__); return 1; } @@ -516,6 +533,7 @@ static int test_sphincs_sign(void) uint32_t i; uint8_t tbs[SPHINCS_TBS_SIZE]; + clock_t start = clock(); if (sphincs_key_generate(key) != 1) { error_print(); @@ -628,6 +646,7 @@ static int test_sphincs_sign(void) } + test_print_elapsed(__FUNCTION__, start); printf("%s() ok\n", __FUNCTION__); return 1; } @@ -641,6 +660,7 @@ static int test_sphincs_sign_update(void) uint8_t msg[100] = { 1,2,3 }; uint8_t sigbuf[SPHINCS_SIGNATURE_SIZE]; size_t siglen; + clock_t start = clock(); if (sphincs_key_generate(&key) != 1) { error_print(); @@ -725,6 +745,7 @@ static int test_sphincs_sign_update(void) + test_print_elapsed(__FUNCTION__, start); printf("%s() ok\n", __FUNCTION__); return 1; } @@ -748,12 +769,16 @@ int main(void) if (test_sphincs_xmss_sign() != 1) goto err; if (test_sphincs_hypertree() != 1) goto err; +#ifdef ENABLE_SLOW_TEST if (test_sphincs_hypertree_sign() != 1) goto err; +#endif if (test_sphincs_fors_sign() != 1) goto err; +#ifdef ENABLE_SLOW_TEST if (test_sphincs_sign() != 1) goto err; if (test_sphincs_sign_update() != 1) goto err; +#endif printf("%s all tests passed\n", __FILE__); return 0; diff --git a/tests/tlstest.c b/tests/tlstest.c index 2cdbd661..e54b6602 100644 --- a/tests/tlstest.c +++ b/tests/tlstest.c @@ -177,7 +177,7 @@ static int test_tls_ccm(void) enced_record[4] = (uint8_t)enced_recordlen; enced_recordlen += 5; - if (tls12_record_decrypt(TLS_cipher_aes_128_ccm_sha256, NULL, &aes_key, fixed_iv, seq_num, + if (tls_record_decrypt(TLS_cipher_ecdhe_ecdsa_with_aes_128_ccm, NULL, &aes_key, fixed_iv, seq_num, enced_record, enced_recordlen, buf, &buflen) != 1 || buflen != recordlen || memcmp(buf, record, recordlen) != 0) { diff --git a/tests/xmsstest.c b/tests/xmsstest.c index 558dbeb3..7f897e1c 100644 --- a/tests/xmsstest.c +++ b/tests/xmsstest.c @@ -10,6 +10,7 @@ #include #include #include +#include #include #include #include @@ -17,6 +18,12 @@ #include +static void test_print_elapsed(const char *func, clock_t start) +{ + printf(" %s() elapsed: %.3f seconds\n", + func, (double)(clock() - start)/CLOCKS_PER_SEC); +} + static int test_xmss_adrs(void) { @@ -132,6 +139,7 @@ static int test_wots_sign(void) xmss_wots_key_t sig_pk; size_t len; int i; + clock_t start = clock(); memset(secret, 0x12, sizeof(secret)); memset(seed, 0xab, sizeof(seed)); @@ -165,6 +173,7 @@ static int test_wots_sign(void) return -1; } + test_print_elapsed(__FUNCTION__, start); printf("%s() ok\n", __FUNCTION__); return 1; } @@ -342,6 +351,7 @@ static int test_xmss_key_generate(void) XMSS_KEY key; size_t count; size_t i; + clock_t start = clock(); if (xmss_key_generate(&key, xmss_type) != 1) { error_print(); @@ -368,6 +378,7 @@ static int test_xmss_key_generate(void) return -1; } + test_print_elapsed(__FUNCTION__, start); printf("%s() ok\n", __FUNCTION__); return 1; } @@ -464,6 +475,7 @@ static int test_xmss_sign(void) XMSS_HASH256_CTX ctx; xmss_hash256_t dgst; size_t h; + clock_t start = clock(); if (xmss_key_generate(&key, xmss_type) != 1) { @@ -544,6 +556,7 @@ static int test_xmss_sign(void) return -1; } + test_print_elapsed(__FUNCTION__, start); printf("%s() ok\n", __FUNCTION__); return 1; } @@ -559,6 +572,7 @@ static int test_xmss_sign_update(void) size_t siglen; uint8_t msg[100] = {0}; int i; + clock_t start = clock(); if (xmss_key_generate(&key, xmss_type) != 1) { error_print(); @@ -594,6 +608,7 @@ static int test_xmss_sign_update(void) } xmss_key_cleanup(&key); + test_print_elapsed(__FUNCTION__, start); printf("%s() ok\n", __FUNCTION__); return 1; } @@ -641,6 +656,7 @@ static int test_xmssmt_key_generate(void) { uint32_t xmssmt_index = XMSSMT_HASH256_20_4_256; XMSSMT_KEY key; + clock_t start = clock(); if (xmssmt_key_generate(&key, xmssmt_index) != 1) { error_print(); @@ -650,6 +666,7 @@ static int test_xmssmt_key_generate(void) xmssmt_public_key_print(stderr, 0, 4, "xmssmt_public_key", &key); xmssmt_private_key_print(stderr, 0, 4, "xmssmt_private_key", &key); + test_print_elapsed(__FUNCTION__, start); printf("%s() ok\n", __FUNCTION__); return 1; } @@ -927,6 +944,7 @@ static int test_xmssmt_sign(void) uint64_t tree_address; uint32_t tree_index; uint32_t layer; + clock_t start = clock(); if (xmssmt_type_to_height_and_layers(xmssmt_type, &height, &layers) != 1) { @@ -1048,6 +1066,7 @@ static int test_xmssmt_sign(void) return -1; } + test_print_elapsed(__FUNCTION__, start); printf("%s() ok\n", __FUNCTION__); return 1; } @@ -1061,6 +1080,7 @@ static int test_xmssmt_sign_update(void) uint8_t msg[100] = {0}; uint8_t sigbuf[sizeof(XMSSMT_SIGNATURE) *2 ]; size_t siglen; + clock_t start = clock(); if (xmssmt_key_generate(&key, xmssmt_type) != 1) { error_print(); @@ -1133,6 +1153,7 @@ static int test_xmssmt_sign_update(void) + test_print_elapsed(__FUNCTION__, start); printf("%s() ok\n", __FUNCTION__); return 1; } @@ -1149,13 +1170,17 @@ int main(void) if (test_xmss_adrs() != 1) goto err; if (test_xmss_build_tree() != 1) goto err; if (test_xmss_build_root() != 1) goto err; +#ifdef ENABLE_SLOW_TEST if (test_xmss_key_generate() != 1) goto err; +#endif if (test_xmss_public_key_to_bytes() != 1) goto err; if (test_xmss_private_key_size() != 1) goto err; //if (test_xmss_private_key_to_bytes() != 1) goto err; if (test_xmss_signature_size() != 1) goto err; +#ifdef ENABLE_SLOW_TEST if (test_xmss_sign() != 1) goto err; if (test_xmss_sign_update() != 1) goto err; +#endif if (test_xmssmt_key_generate() != 1) goto err; if (test_xmssmt_index_to_bytes() != 1) goto err; if (test_xmssmt_signature_to_bytes() != 1) goto err; diff --git a/tools/gmssl.c b/tools/gmssl.c index fa4ce6d4..7d04cc6c 100644 --- a/tools/gmssl.c +++ b/tools/gmssl.c @@ -134,10 +134,10 @@ extern int skfutil_main(int argc, char **argv); #endif static const char *options = - "command [options]\n" - "command -help\n" + " [options]\n" + "\n" + "command:\n" "\n" - "Commands:\n" " help Print this help message\n" " version Print version\n" " rand Generate random bytes\n" @@ -149,26 +149,26 @@ static const char *options = " sm3 Generate SM3 hash\n" " sm3hmac Generate SM3 HMAC tag\n" " sm3_pbkdf2 Hash password into key using PBKDF2 algoritm\n" + " sm4_gcm Encrypt or decrypt with SM4 GCM\n" + " sm4_cbc Encrypt or decrypt with SM4 CBC\n" + " sm4_ctr Encrypt or decrypt with SM4 CTR\n" + " sm4_cbc_sm3_hmac Encrypt or decrypt with SM4 CBC with SM3-HMAC\n" + " sm4_ctr_sm3_hmac Encrypt or decrypt with SM4 CTR with SM3-HMAC\n" +#ifdef ENABLE_SM4_CCM + " sm4_ccm Encrypt or decrypt with SM4 CCM\n" +#endif +#ifdef ENABLE_SM4_XTS + " sm4_xts Encrypt or decrypt with SM4 XTS\n" +#endif #ifdef ENABLE_SM4_ECB " sm4_ecb Encrypt or decrypt with SM4 ECB\n" #endif - " sm4_cbc Encrypt or decrypt with SM4 CBC\n" - " sm4_ctr Encrypt or decrypt with SM4 CTR\n" #ifdef ENABLE_SM4_CFB " sm4_cfb Encrypt or decrypt with SM4 CFB\n" #endif #ifdef ENABLE_SM4_OFB " sm4_ofb Encrypt or decrypt with SM4 OFB\n" #endif -#ifdef ENABLE_SM4_CCM - " sm4_ccm Encrypt or decrypt with SM4 CCM\n" -#endif - " sm4_gcm Encrypt or decrypt with SM4 GCM\n" -#ifdef ENABLE_SM4_XTS - " sm4_xts Encrypt or decrypt with SM4 XTS\n" -#endif - " sm4_cbc_sm3_hmac Encrypt or decrypt with SM4 CBC with SM3-HMAC\n" - " sm4_ctr_sm3_hmac Encrypt or decrypt with SM4 CTR with SM3-HMAC\n" #ifdef ENABLE_SM4_CBC_MAC " sm4_cbc_mac Generate SM4 CBC-MAC\n" #endif @@ -189,24 +189,24 @@ static const char *options = " reqgen Generate certificate signing request (CSR)\n" " reqsign Generate certificate from CSR\n" " reqparse Parse and print a CSR\n" + " certgen Generate a self-signed certificate\n" + " certverify Verify certificate chain\n" + " certrevoke Revoke certificate and output RevokedCertificate record\n" + " certparse Parse and print certificates\n" " crlget Download the CRL of given certificate\n" " crlgen Sign a CRL with CA certificate and private key\n" " crlverify Verify a CRL with issuer's certificate\n" " crlparse Parse and print CRL\n" - " certgen Generate a self-signed certificate\n" - " certparse Parse and print certificates\n" - " certverify Verify certificate chain\n" - " certrevoke Revoke certificate and output RevokedCertificate record\n" " ocspreq Generate OCSPRequest\n" " ocspget Download OCSPResponse from OCSP responder\n" " ocspsign Sign OCSPResponse\n" " ocspverify Verify OCSPResponse\n" #ifdef ENABLE_CMS - " cmsparse Parse CMS (cryptographic message syntax) file\n" - " cmsencrypt Generate CMS EnvelopedData\n" - " cmsdecrypt Decrypt CMS EnvelopedData\n" " cmssign Generate CMS SignedData\n" " cmsverify Verify CMS SignedData\n" + " cmsencrypt Generate CMS EnvelopedData\n" + " cmsdecrypt Decrypt CMS EnvelopedData\n" + " cmsparse Parse CMS (cryptographic message syntax) file\n" #endif #ifdef ENABLE_SECP256R1 " p256keygen Generate P-256 (secp256r1, prime256v1) keypair\n" diff --git a/tools/xmssmtkeygen.c b/tools/xmssmtkeygen.c index c39fe8ef..8a2aae90 100644 --- a/tools/xmssmtkeygen.c +++ b/tools/xmssmtkeygen.c @@ -151,7 +151,7 @@ bad: ret = 0; end: - xmss_key_cleanup(&key); + xmssmt_key_cleanup(&key); if (out) { gmssl_secure_clear(out, outlen); free(out);