mirror of
https://github.com/guanzhi/GmSSL.git
synced 2026-05-06 16:36:16 +08:00
Update TLS 1.3
This commit is contained in:
Zhi Guan
@@ -20,6 +20,33 @@
|
||||
#include <gmssl/sm4.h>
|
||||
|
||||
|
||||
|
||||
static int test_tls_ext(void)
|
||||
{
|
||||
uint8_t ext_data[30];
|
||||
uint8_t buf[256];
|
||||
uint8_t *p = buf;
|
||||
const uint8_t *cp = buf;
|
||||
size_t len = 0;
|
||||
|
||||
if (tls_ext_to_bytes(TLS_extension_max_fragment_length, NULL, sizeof(ext_data), &p, &len) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
if (len != 4 + sizeof(ext_data)) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
if (p != buf + 4 + sizeof(ext_data)) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
|
||||
printf("%s() ok\n", __FUNCTION__);
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
static int test_tls13_gcm(void)
|
||||
{
|
||||
|
||||
@@ -499,11 +526,104 @@ static int test_tls13_ticket(void)
|
||||
}
|
||||
|
||||
|
||||
#if 0
|
||||
static int test_tls13_psk_key_exchange_modes(void)
|
||||
{
|
||||
int modes[] = {
|
||||
TLS_psk_key_exchange_modes_psk_dhe,
|
||||
TLS_psk_key_exchange_modes_psk_only,
|
||||
TLS_psk_key_exchange_modes_both,
|
||||
};
|
||||
|
||||
uint8_t buf[128];
|
||||
uint8_t *p = buf;
|
||||
const uint8_t *cp = buf;
|
||||
size_t len = 0;
|
||||
size_t i;
|
||||
|
||||
for (i = 0; i < sizeof(modes)/sizeof(modes[0]); i++) {
|
||||
if (tls13_psk_key_exchange_modes_ext_to_bytes(modes[i], &p, &len) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
for (i = 0; i < sizeof(modes)/sizeof(modes[0]); i++) {
|
||||
int type;
|
||||
const uint8_t *d;
|
||||
size_t dlen;
|
||||
int mode;
|
||||
|
||||
if (tls_ext_from_bytes(&type, &d, &dlen, &cp, &len) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
if (type != TLS_extension_psk_key_exchange_modes) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
format_print(stderr, 0, 4, "psk_key_exchange_modes\n");
|
||||
tls13_psk_key_exchange_modes_print(stderr, 0, 8, d, dlen);
|
||||
|
||||
if (tls13_psk_key_exchange_modes_from_bytes(&mode, d, dlen) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
if (mode != modes[i]) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
|
||||
}
|
||||
if (len) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
|
||||
printf("%s() ok\n", __FUNCTION__);
|
||||
return 1;
|
||||
}
|
||||
#endif
|
||||
|
||||
static int test_tls_server_name_ext(void)
|
||||
{
|
||||
uint8_t buf[256];
|
||||
uint8_t *p = buf;
|
||||
const uint8_t *cp = buf;
|
||||
size_t len = 0;
|
||||
int ext_type;
|
||||
const uint8_t *ext_data;
|
||||
size_t ext_datalen;
|
||||
const uint8_t *hostname;
|
||||
size_t hostname_len;
|
||||
|
||||
|
||||
if (tls_server_name_ext_to_bytes((uint8_t *)"www.pku.edu.cn", sizeof("www.pku.edu.cn"), &p, &len) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
if (tls_ext_from_bytes(&ext_type, &ext_data, &ext_datalen, &cp, &len) != 1
|
||||
|| tls_length_is_zero(len) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
if (tls_server_name_from_bytes(&hostname, &hostname_len, ext_data, ext_datalen) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
tls_server_name_print(stderr, 0, 0, ext_data, ext_datalen);
|
||||
|
||||
|
||||
// 这里应该补充一个包含多个host_name的例子
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
printf("%s() ok\n", __FUNCTION__);
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -541,15 +661,19 @@ static int test_tls13_ticket(void)
|
||||
|
||||
int main(void)
|
||||
{
|
||||
if (test_tls_ext() != 1) goto err;
|
||||
if (test_tls13_gcm() != 1) goto err;
|
||||
if (test_tls13_supported_versions_ext() != 1) goto err;
|
||||
if (test_tls13_key_share_ext() != 1) goto err;
|
||||
if (test_tls_supported_groups_ext() != 1) goto err;
|
||||
if (test_tls_signature_algorithms_ext() != 1) goto err;
|
||||
if (test_tls13_signature_algorithms_cert_ext() != 1) goto err;
|
||||
if (test_tls13_ticket() != 1) goto err;
|
||||
// if (test_tls13_ticket() != 1) goto err;
|
||||
// if (test_tls13_psk_key_exchange_modes() != 1) goto err;
|
||||
|
||||
|
||||
if (test_tls_server_name_ext() != 1) goto err;
|
||||
|
||||
printf("%s all tests passed\n", __FILE__);
|
||||
return 0;
|
||||
err:
|
||||
|
||||
@@ -63,6 +63,22 @@ static int test_tls_encode(void)
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int test_tls_null_to_bytes(void)
|
||||
{
|
||||
uint8_t buf[10];
|
||||
uint8_t *p = buf;
|
||||
const uint8_t *cp = buf;
|
||||
size_t len = 0;
|
||||
|
||||
tls_uint16array_to_bytes(buf, sizeof(buf), NULL, &len);
|
||||
|
||||
// this will segment fault
|
||||
//p = NULL;
|
||||
//tls_uint16array_to_bytes(buf, sizeof(buf), &p, &len);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int test_tls_cbc(void)
|
||||
{
|
||||
uint8_t key[32] = {0};
|
||||
@@ -320,8 +336,26 @@ static int test_tls_application_data(void)
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int test_tls_status_request_ext(void)
|
||||
{
|
||||
uint8_t ocsp_response[5];
|
||||
uint8_t buf[256];
|
||||
uint8_t *p = buf;
|
||||
const uint8_t *cp = buf;
|
||||
size_t len = 0;
|
||||
|
||||
memset(ocsp_response, 0xff, sizeof(ocsp_response));
|
||||
|
||||
|
||||
|
||||
printf("%s() ok\n", __FUNCTION__);
|
||||
return 1;
|
||||
}
|
||||
|
||||
int main(void)
|
||||
{
|
||||
if (test_tls_null_to_bytes() != 1) goto err;
|
||||
/*
|
||||
if (test_tls_encode() != 1) goto err;
|
||||
if (test_tls_cbc() != 1) goto err;
|
||||
if (test_tls_random() != 1) goto err;
|
||||
@@ -334,6 +368,8 @@ int main(void)
|
||||
if (test_tls_alert() != 1) goto err;
|
||||
if (test_tls_change_cipher_spec() != 1) goto err;
|
||||
if (test_tls_application_data() != 1) goto err;
|
||||
*/
|
||||
if (test_tls_status_request_ext() != 1) goto err;
|
||||
printf("%s all tests passed\n", __FILE__);
|
||||
return 0;
|
||||
err:
|
||||
|
||||
@@ -352,6 +352,49 @@ static int test_x509_private_key_info_encrypt_to_pem(void)
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int test_x509_private_key_info_decrypt_from_pem(void)
|
||||
{
|
||||
const char *file = "test_x509_private_key_info_decrypt_from_pem.pem";
|
||||
const char *pass = "P@ssw0rd";
|
||||
FILE *fp;
|
||||
int i;
|
||||
|
||||
if (!(fp = fopen(file, "w"))) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
for (i = 0; i < sizeof(tests)/sizeof(tests[0]) && tests[i].algor == OID_ec_public_key; i++) {
|
||||
if (x509_private_key_info_encrypt_to_pem(&x509_keys[i], pass, fp) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
|
||||
}
|
||||
fclose(fp);
|
||||
|
||||
if (!(fp = fopen(file, "r"))) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
while (1) {
|
||||
int ret;
|
||||
X509_KEY key;
|
||||
const uint8_t *attrs;
|
||||
size_t attrslen;
|
||||
|
||||
if ((ret = x509_private_key_info_decrypt_from_pem(&key, &attrs, &attrslen, pass, fp)) < 0) {
|
||||
error_print();
|
||||
return -1;
|
||||
} else if (ret == 0) {
|
||||
break;
|
||||
}
|
||||
}
|
||||
fclose(fp);
|
||||
|
||||
printf("%s() ok\n", __FUNCTION__);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int test_x509_sign(void)
|
||||
{
|
||||
size_t i;
|
||||
@@ -559,7 +602,6 @@ static int test_x509_kem(void)
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
int main(void)
|
||||
{
|
||||
if (test_x509_key_generate() != 1) goto err;
|
||||
@@ -569,6 +611,7 @@ int main(void)
|
||||
if (test_x509_private_key_info_to_der() != 1) goto err;
|
||||
if (test_x509_private_key_info_encrypt_to_der() != 1) goto err;
|
||||
if (test_x509_private_key_info_encrypt_to_pem() != 1) goto err;
|
||||
if (test_x509_private_key_info_decrypt_from_pem() != 1) goto err;
|
||||
if (test_x509_sign() != 1) goto err;
|
||||
if (test_x509_sign_sm9() != 1) goto err;
|
||||
if (test_x509_key_exchange() != 1) goto err;
|
||||
|
||||
Reference in New Issue
Block a user