abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-05-06 16:36:16 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add X509_KEY to support different public key algos

Browse Source
This commit is contained in:
Zhi Guan
2026-01-16 17:25:17 +08:00
parent d7f93bf379
commit 47639a9e23
37 changed files with 1539 additions and 364 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
tests/asn1test.c
View File

@@ -841,6 +841,7 @@ static int test_asn1_from_der_null_args(void)
int main(void)
{
if (test_asn1_tag() != 1) goto err;
/*
if (test_asn1_length() != 1) goto err;
if (test_asn1_length_from_ber() != 1) goto err;
if (test_asn1_boolean() != 1) goto err;
@@ -857,6 +858,7 @@ int main(void)
if (test_asn1_utc_time() != 1) goto err;
if (test_asn1_generalized_time() != 1) goto err;
if (test_asn1_from_der_null_args() != 1) goto err;
*/
printf("%s all tests passed\n", __FILE__);
return 0;
err:

117
tests/cmstest.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2026 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -17,6 +17,7 @@
#include <gmssl/error.h>
#include <gmssl/sm4.h>
#include <gmssl/cms.h>
#include <gmssl/x509_key.h>
static int test_cms_content_type(void)
@@ -366,7 +367,7 @@ static int test_cms_signer_info_sign(void)
const uint8_t *d;
size_t dlen;
SM2_KEY sm2_key;
X509_KEY x509_key;
uint8_t serial_buf[20];
uint8_t name[256];
size_t namelen;
@@ -385,7 +386,7 @@ static int test_cms_signer_info_sign(void)
const uint8_t *unauth_attrs;
size_t serial_len, issuer_len, auth_attrs_len, unauth_attrs_len;
if (sm2_key_generate(&sm2_key) != 1
if (x509_key_generate(&x509_key, OID_ec_public_key, OID_sm2) != 1
|| rand_bytes(serial_buf, sizeof(serial_buf)) != 1
|| x509_name_set(name, &namelen, sizeof(name), "CN", "Beijing", "Haidian", "PKU", "CS", "Alice") != 1
|| time(&not_before) == -1
@@ -396,8 +397,8 @@ static int test_cms_signer_info_sign(void)
name, namelen,
not_before, not_after,
name, namelen,
&sm2_key, NULL, 0, NULL, 0, NULL, 0,
&sm2_key, SM2_DEFAULT_ID, SM2_DEFAULT_ID_LENGTH,
&x509_key, NULL, 0, NULL, 0, NULL, 0,
&x509_key, SM2_DEFAULT_ID, SM2_DEFAULT_ID_LENGTH,
&pcerts, &certslen) != 1) {
error_print();
return -1;
@@ -408,7 +409,7 @@ static int test_cms_signer_info_sign(void)
cp = p = buf; len = 0;
if (cms_signer_info_sign_to_der(
&sm3_ctx, &sm2_key,
&sm3_ctx, &x509_key,
name, namelen, serial_buf, sizeof(serial_buf),
NULL, 0, NULL, 0,
&p, &len) != 1
@@ -421,7 +422,7 @@ static int test_cms_signer_info_sign(void)
cp = p = buf; len = 0;
if (cms_signer_info_sign_to_der(
&sm3_ctx, &sm2_key,
&sm3_ctx, &x509_key,
name, namelen, serial_buf, sizeof(serial_buf),
NULL, 0, NULL, 0,
&p, &len) != 1
@@ -455,13 +456,17 @@ static int test_cms_signer_infos(void)
size_t signer_infos_len = 0;
SM3_CTX sm3_ctx;
SM2_KEY sm2_key;
X509_KEY x509_key;
uint8_t issuer_buf[256];
size_t issuer_len;
uint8_t serial_buf[20];
sm2_key_generate(&sm2_key);
if (x509_key_generate(&x509_key, OID_ec_public_key, OID_sm2) != 1) {
error_print();
return -1;
}
sm3_init(&sm3_ctx);
sm3_update(&sm3_ctx, (uint8_t *)"hello", 5);
x509_name_set(issuer_buf, &issuer_len, sizeof(issuer_buf), "CN", "Beijing", "Haidian", "PKU", "CS", "CA");
@@ -469,21 +474,21 @@ static int test_cms_signer_infos(void)
if (cms_signer_infos_add_signer_info(
signer_infos, &signer_infos_len, sizeof(signer_infos),
&sm3_ctx, &sm2_key,
&sm3_ctx, &x509_key,
issuer_buf, issuer_len,
serial_buf, sizeof(serial_buf),
NULL, 0,
NULL, 0) != 1
|| cms_signer_infos_add_signer_info(
signer_infos, &signer_infos_len, sizeof(signer_infos),
&sm3_ctx, &sm2_key,
&sm3_ctx, &x509_key,
issuer_buf, issuer_len,
serial_buf, sizeof(serial_buf),
NULL, 0,
NULL, 0) != 1
|| cms_signer_infos_add_signer_info(
signer_infos, &signer_infos_len, sizeof(signer_infos),
&sm3_ctx, &sm2_key,
&sm3_ctx, &x509_key,
issuer_buf, issuer_len,
serial_buf, sizeof(serial_buf),
NULL, 0,
@@ -544,7 +549,9 @@ static int test_cms_digest_algors(void)
static int test_cms_signed_data(void)
{
SM2_KEY sm2_key;
int algor = OID_ec_public_key;
int algor_param = OID_sm2;
X509_KEY x509_key;
uint8_t cert[4096];
size_t certlen = 0;
CMS_CERTS_AND_KEY signers[1];
@@ -556,7 +563,10 @@ static int test_cms_signed_data(void)
const uint8_t *d;
size_t dlen;
sm2_key_generate(&sm2_key);
if (x509_key_generate(&x509_key, algor, algor_param) != 1) {
error_print();
return -1;
}
{
uint8_t serial[20];
@@ -580,11 +590,11 @@ static int test_cms_signed_data(void)
name, namelen,
not_before, not_after,
name, namelen,
&sm2_key,
&x509_key,
NULL, 0,
NULL, 0,
NULL, 0,
&sm2_key, SM2_DEFAULT_ID, SM2_DEFAULT_ID_LENGTH,
&x509_key, SM2_DEFAULT_ID, SM2_DEFAULT_ID_LENGTH,
&p, &certlen) != 1) {
error_print();
return -1;
@@ -593,7 +603,7 @@ static int test_cms_signed_data(void)
signers[0].certs = cert;
signers[0].certs_len = certlen;
signers[0].sign_key = &sm2_key;
signers[0].sign_key = &x509_key;
if (cms_signed_data_sign_to_der(
signers, sizeof(signers)/sizeof(signers[0]),
@@ -644,7 +654,9 @@ static int test_cms_signed_data(void)
static int test_cms_recipient_info(void)
{
SM2_KEY sm2_key;
int algor = OID_ec_public_key;
int algor_param = OID_sm2;
X509_KEY x509_key;
uint8_t name[256];
size_t namelen;
uint8_t serial_buf[20];
@@ -671,12 +683,16 @@ static int test_cms_recipient_info(void)
uint8_t out[sizeof(in)];
size_t outlen;
sm2_key_generate(&sm2_key);
if (x509_key_generate(&x509_key, algor, algor_param) != 1) {
error_print();
return -1;
}
x509_name_set(name, &namelen, sizeof(name), "US", "CA", NULL, "BB", "AA", "CC");
rand_bytes(serial_buf, sizeof(serial_buf));
rand_bytes(in, sizeof(in));
if (cms_recipient_info_encrypt_to_der(&sm2_key,
if (cms_recipient_info_encrypt_to_der(&x509_key,
name, namelen,
serial_buf, sizeof(serial_buf),
in, sizeof(in),
@@ -690,7 +706,7 @@ static int test_cms_recipient_info(void)
cp = p = buf; len = 0;
if (cms_recipient_info_encrypt_to_der(&sm2_key,
if (cms_recipient_info_encrypt_to_der(&x509_key,
name, namelen,
serial_buf, sizeof(serial_buf),
in, sizeof(in),
@@ -710,13 +726,13 @@ static int test_cms_recipient_info(void)
cp = p = buf; len = 0;
if (cms_recipient_info_encrypt_to_der(
&sm2_key,
&x509_key,
name, namelen,
serial_buf, sizeof(serial_buf),
in, sizeof(in),
&p, &len) != 1
|| cms_recipient_info_decrypt_from_der(
&sm2_key,
&x509_key,
name, namelen,
serial_buf, sizeof(serial_buf),
out, &outlen, sizeof(out),
@@ -737,12 +753,14 @@ static int test_cms_recipient_info(void)
int test_cms_enveloped_data(void)
{
SM2_KEY sm2_key1;
int algor = OID_ec_public_key;
int algor_param = OID_sm2;
X509_KEY x509_key1;
uint8_t name1[256];
size_t name1_len;
uint8_t serial1[20];
SM2_KEY sm2_key2;
X509_KEY x509_key2;
uint8_t name2[256];
size_t name2_len;
uint8_t serial2[20];
@@ -777,8 +795,12 @@ int test_cms_enveloped_data(void)
p = certs;
certslen = 0;
if (sm2_key_generate(&sm2_key1) != 1
|| rand_bytes(serial1, sizeof(serial1)) != 1
if (x509_key_generate(&x509_key1, algor, algor_param) != 1) {
error_print();
return -1;
}
if (rand_bytes(serial1, sizeof(serial1)) != 1
|| x509_name_set(name1, &name1_len, sizeof(name1), "CN", "Beijing", "Haidian", "PKU", "CS", "Alice") != 1
|| x509_cert_sign_to_der(
X509_version_v3,
@@ -787,15 +809,19 @@ int test_cms_enveloped_data(void)
name1, name1_len,
not_before, not_after,
name1, name1_len,
&sm2_key1, NULL, 0, NULL, 0, NULL, 0,
&sm2_key1, SM2_DEFAULT_ID, SM2_DEFAULT_ID_LENGTH,
&x509_key1, NULL, 0, NULL, 0, NULL, 0,
&x509_key1, SM2_DEFAULT_ID, SM2_DEFAULT_ID_LENGTH,
&p, &certslen) != 1) {
error_print();
return -1;
}
if (sm2_key_generate(&sm2_key2) != 1
|| rand_bytes(serial2, sizeof(serial2)) != 1
if (x509_key_generate(&x509_key2, algor, algor_param) != 1) {
error_print();
return -1;
}
if (rand_bytes(serial2, sizeof(serial2)) != 1
|| x509_name_set(name2, &name2_len, sizeof(name2), "CN", "Beijing", "Haidian", "PKU", "CS", "Bob") != 1
|| x509_cert_sign_to_der(
X509_version_v3,
@@ -804,8 +830,8 @@ int test_cms_enveloped_data(void)
name2, name2_len,
not_before, not_after,
name2, name2_len,
&sm2_key2, NULL, 0, NULL, 0, NULL, 0,
&sm2_key2, SM2_DEFAULT_ID, SM2_DEFAULT_ID_LENGTH,
&x509_key2, NULL, 0, NULL, 0, NULL, 0,
&x509_key2, SM2_DEFAULT_ID, SM2_DEFAULT_ID_LENGTH,
&p, &certslen) != 1) {
error_print();
return -1;
@@ -852,7 +878,7 @@ int test_cms_enveloped_data(void)
size_t rcpt_infos_len, shared_info1_len, shared_info2_len;
if (cms_enveloped_data_decrypt_from_der(
&sm2_key1,
&x509_key1,
name1, name1_len,
serial1, sizeof(serial1),
&content_type, out, &outlen,
@@ -887,7 +913,9 @@ static int test_cms_signed_and_enveloped_data(void)
static int test_cms_key_agreement_info(void)
{
SM2_KEY sm2_key;
int algor = OID_ec_public_key;
int algor_param = OID_sm2;
X509_KEY x509_key;
uint8_t name[256];
size_t namelen;
uint8_t serial[20];
@@ -903,15 +931,18 @@ static int test_cms_key_agreement_info(void)
size_t dlen;
int version;
SM2_KEY public_key;
X509_KEY public_key;
const uint8_t *pcert;
size_t pcertlen;
const uint8_t *id;
size_t idlen;
p = cert;
if (sm2_key_generate(&sm2_key) != 1
|| rand_bytes(serial, sizeof(serial)) != 1
if (x509_key_generate(&x509_key, algor, algor_param) != 1) {
error_print();
return -1;
}
if (rand_bytes(serial, sizeof(serial)) != 1
|| x509_name_set(name, &namelen, sizeof(name), "CN", "Beijing", "Haidian", "PKU", "CS", "Alice") != 1
|| time(&not_before) == - 1
|| x509_validity_add_days(&not_after, not_before, 365) != 1
@@ -922,8 +953,8 @@ static int test_cms_key_agreement_info(void)
name, namelen,
not_before, not_after,
name, namelen,
&sm2_key, NULL, 0, NULL, 0, NULL, 0,
&sm2_key, SM2_DEFAULT_ID, SM2_DEFAULT_ID_LENGTH,
&x509_key, NULL, 0, NULL, 0, NULL, 0,
&x509_key, SM2_DEFAULT_ID, SM2_DEFAULT_ID_LENGTH,
&p, &certlen) != 1) {
error_print();
return -1;
@@ -932,7 +963,7 @@ static int test_cms_key_agreement_info(void)
cp = p = buf; len = 0;
if (cms_key_agreement_info_to_der(
CMS_version_v1,
&sm2_key,
&x509_key,
cert, certlen,
(uint8_t *)SM2_DEFAULT_ID, SM2_DEFAULT_ID_LENGTH,
&p, &len) != 1
@@ -947,7 +978,7 @@ static int test_cms_key_agreement_info(void)
cp = p = buf; len = 0;
if (cms_key_agreement_info_to_der(
CMS_version_v1,
&sm2_key,
&x509_key,
cert, certlen,
(uint8_t *)SM2_DEFAULT_ID, SM2_DEFAULT_ID_LENGTH,
&p, &len) != 1
@@ -962,7 +993,7 @@ static int test_cms_key_agreement_info(void)
error_print();
return -1;
}
if (sm2_public_key_equ(&sm2_key, &public_key) != 1) {
if (sm2_public_key_equ(&x509_key.u.sm2_key, &public_key.u.sm2_key) != 1) {
error_print();
return -1;
}

9
tests/sm2_keytest.c
View File

@@ -32,7 +32,7 @@ static int test_sm2_private_key(void)
error_print();
return -1;
}
sm2_key_print(stderr, 0, 4, "SM2_KEY", &sm2_key);
sm2_key_print(stderr, 0, 4, "sm2_key", &sm2_key);
if (sm2_private_key_to_der(&sm2_key, &p, &len) != 1) {
error_print();
@@ -46,12 +46,7 @@ static int test_sm2_private_key(void)
return -1;
}
if (memcmp(&tmp_key, &sm2_key, sizeof(SM2_KEY)) != 0) {
sm2_key_print(stderr, 0, 0, "sm2_key", &sm2_key);
sm2_key_print(stderr, 0, 0, "tmp_key", &tmp_key);
if (memcmp(&tmp_key, &sm2_key, SM2_PRIVATE_KEY_SIZE) != 0) {
error_print();
return -1;
}

19
tests/x509_exttest.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2026 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -787,7 +787,7 @@ static int test_x509_cert_with_exts(void)
uint8_t name[256];
size_t namelen;
time_t not_before, not_after;
SM2_KEY sm2_key;
X509_KEY x509_key;
uint8_t uniq_id[32];
uint8_t exts[512];
size_t extslen = 0;
@@ -798,9 +798,16 @@ static int test_x509_cert_with_exts(void)
x509_name_set(name, &namelen, sizeof(name), "CN", "Beijing", "Haidian", "PKU", "CS", "CA");
time(&not_before);
x509_validity_add_days(&not_after, not_before, 365);
sm2_key_generate(&sm2_key);
sm2_public_key_digest(&sm2_key, uniq_id);
if (x509_key_generate(&x509_key, OID_ec_public_key, OID_sm2) != 1) {
error_print();
return -1;
}
if (x509_public_key_digest(&x509_key, uniq_id) != 1) {
error_print();
return -1;
}
if (x509_exts_add_authority_key_identifier(exts, &extslen, sizeof(exts), 1,
keyid, sizeof(keyid),
@@ -821,11 +828,11 @@ static int test_x509_cert_with_exts(void)
name, namelen,
not_before, not_after,
name, namelen,
&sm2_key,
&x509_key,
uniq_id, sizeof(uniq_id),
uniq_id, sizeof(uniq_id),
exts, extslen,
&sm2_key,
&x509_key,
SM2_DEFAULT_ID, strlen(SM2_DEFAULT_ID),
&p, &certlen) != 1) {
error_print();

37
tests/x509_reqtest.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2026 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -21,9 +21,11 @@
static int test_x509_request_info(void)
{
int algor = OID_ec_public_key;
int algor_param = OID_sm2;
uint8_t subject[256];
size_t subject_len;
SM2_KEY sm2_key;
X509_KEY x509_key;
uint8_t attrs_buf[512];
size_t attrs_len = 0;
@@ -38,12 +40,16 @@ static int test_x509_request_info(void)
int version;
const uint8_t *subj;
size_t subj_len;
SM2_KEY pub_key;
X509_KEY pub_key;
const uint8_t *attrs;
if (sm2_key_generate(&sm2_key) != 1
|| x509_name_set(subject, &subject_len, sizeof(subject), "CN", "Beijing", "Haidian", "PKU", "CS", "CA") != 1
|| x509_request_info_to_der(X509_version_v1, subject, subject_len, &sm2_key, attrs_buf, attrs_len, &p, &len) != 1
if (x509_key_generate(&x509_key, algor, algor_param) != 1) {
error_print();
return -1;
}
if (x509_name_set(subject, &subject_len, sizeof(subject), "CN", "Beijing", "Haidian", "PKU", "CS", "CA") != 1
|| x509_request_info_to_der(X509_version_v1, subject, subject_len, &x509_key, attrs_buf, attrs_len, &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
@@ -55,7 +61,7 @@ static int test_x509_request_info(void)
cp = buf;
len = 0;
if (x509_request_info_to_der(X509_version_v1, subject, subject_len, &sm2_key, attrs_buf, attrs_len, &p, &len) != 1
if (x509_request_info_to_der(X509_version_v1, subject, subject_len, &x509_key, attrs_buf, attrs_len, &p, &len) != 1
|| x509_request_info_from_der(&version, &subj, &subj_len, &pub_key, &attrs, &attrs_len, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
@@ -64,7 +70,7 @@ static int test_x509_request_info(void)
format_print(stderr, 0, 0, "CertificationRequestInfo\n");
format_print(stderr, 0, 4, "version: %d\n", version);
x509_name_print(stderr, 0, 4, "subject", subj, subj_len);
sm2_public_key_print(stderr, 0, 4, "publicKey", &pub_key);
sm2_public_key_print(stderr, 0, 4, "publicKey", &pub_key.u.sm2_key); // FIXME: replace with x509_public_key_print
format_bytes(stderr, 0, 4, "attributes", attrs, attrs_len);
printf("%s() ok\n", __FUNCTION__);
@@ -134,9 +140,11 @@ static int test_x509_request(void)
static int test_x509_req(void)
{
int algor = OID_ec_public_key;
int algor_param = OID_sm2;
X509_KEY x509_key;
uint8_t subject[256];
size_t subject_len;
SM2_KEY sm2_key;
uint8_t attrs[256];
size_t attrs_len = 0;
@@ -144,11 +152,14 @@ static int test_x509_req(void)
uint8_t *p = req;
size_t reqlen = 0;
if (sm2_key_generate(&sm2_key) != 1
|| x509_name_set(subject, &subject_len, sizeof(subject), "CN", "Beijing", "Haidian", "PKU", "CS", "CA") != 1
if (x509_key_generate(&x509_key, algor, algor_param) != 1) {
error_print();
return -1;
}
if (x509_name_set(subject, &subject_len, sizeof(subject), "CN", "Beijing", "Haidian", "PKU", "CS", "CA") != 1
|| x509_req_sign_to_der(
X509_version_v1, subject, subject_len, &sm2_key, attrs, attrs_len,
OID_sm2sign_with_sm3, &sm2_key, SM2_DEFAULT_ID, strlen(SM2_DEFAULT_ID),
X509_version_v1, subject, subject_len, &x509_key, attrs, attrs_len,
OID_sm2sign_with_sm3, &x509_key, SM2_DEFAULT_ID, strlen(SM2_DEFAULT_ID),
&p, &reqlen) != 1) {
error_print();
return -1;

172
tests/x509test.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2026 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
@@ -21,6 +21,8 @@
static int test_x509_version(void)
{
// X509v1 cert has no version, so version in X509v2, X509v3 is explicit
// version = -1 means do not encode version (for X509v1)
int tests[] = {
X509_version_v1,
X509_version_v2,
@@ -33,14 +35,16 @@ static int test_x509_version(void)
size_t len = 0;
int i;
format_print(stderr, 0, 0, "Version\n");
format_print(stderr, 0, 4, "EXPLICIT Version(s) to DER\n");
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
if (x509_explicit_version_to_der(i, tests[i], &p, &len) < 0) {
error_print();
return -1;
}
format_bytes(stderr, 0, 4, "", buf, len);
format_bytes(stderr, 0, 8, "", buf, len);
}
format_print(stderr, 0, 4, "EXPLICIT Version from DER\n");
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
int ver;
if (x509_explicit_version_from_der(i, &ver, &cp, &len) < 0
@@ -48,11 +52,12 @@ static int test_x509_version(void)
error_print();
return -1;
}
format_print(stderr, 0, 4, "%s\n", x509_version_name(ver));
format_print(stderr, 0, 8, "%s\n", x509_version_name(ver));
}
(void)asn1_length_is_zero(len);
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
@@ -60,6 +65,9 @@ static int test_x509_validity(void)
{
time_t not_before, not_before_;
time_t not_after, not_after_;
time_t now;
int days = 365;
int max_secs = 60 * 60 * 24 * days;
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
@@ -67,22 +75,43 @@ static int test_x509_validity(void)
time(&not_before);
format_print(stderr, 0, 0, "Validity\n");
if (x509_validity_add_days(&not_after, not_before, 365) != 1
if (x509_validity_add_days(&not_after, not_before, days) != 1
|| x509_validity_to_der(not_before, not_after, &p, &len) != 1) {
error_print();
return -1;
}
format_bytes(stderr, 0, 4, "", buf, len);
format_bytes(stderr, 0, 4, "Validity (DER)", buf, len);
if (x509_validity_from_der(&not_before_, &not_after_, &cp, &len) != 1
|| asn1_check(not_before == not_before_) != 1
|| asn1_check(not_after == not_after_) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return 1;
return -1;
}
time(&now);
if (x509_validity_check(not_before, not_after, now, max_secs) != 1) {
error_print();
return -1;
}
// x509_validity_print need the V(Value) of Validity TLV
{
const uint8_t *d;
size_t dlen;
cp = buf;
len = sizeof(buf);
if (asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1) {
error_print();
return -1;
}
x509_validity_print(stderr, 0, 4, "Validity", d, dlen);
}
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int test_x509_attr_type_and_value(void)
@@ -96,7 +125,7 @@ static int test_x509_attr_type_and_value(void)
const uint8_t *cp = buf;
size_t len = 0;
format_print(stderr, 0, 0, "AttributeTypeAndValue\n");
format_print(stderr, 0, 4, "AttributeTypeAndValue\n");
if (x509_attr_type_and_value_to_der(OID_at_locality_name, ASN1_TAG_PrintableString, (uint8_t *)"Haidian", strlen("Haidian"), &p, &len) != 1) {
error_print();
return -1;
@@ -113,8 +142,9 @@ static int test_x509_attr_type_and_value(void)
}
format_print(stderr, 0, 4, "%s : %s ", x509_name_type_name(oid), asn1_tag_name(tag));
format_string(stderr, 0, 0, "", d, dlen);
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int test_x509_rdn(void)
@@ -130,7 +160,7 @@ static int test_x509_rdn(void)
const uint8_t *cp = buf;
size_t len = 0;
format_print(stderr, 0, 0, "RDN\n");
format_print(stderr, 0, 4, "RDN\n");
if (x509_rdn_to_der(OID_at_locality_name, ASN1_TAG_PrintableString,
(uint8_t *)"Haidian", strlen("Haidian"), NULL, 0, &p, &len) != 1) {
error_print();
@@ -150,13 +180,13 @@ static int test_x509_rdn(void)
}
format_print(stderr, 0, 4, "%s : %s ", x509_name_type_name(oid), asn1_tag_name(tag));
format_string(stderr, 0, 0, "", d, dlen);
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int test_x509_name(void)
{
int err = 0;
uint8_t name[512];
size_t namelen = 0;
uint8_t buf[1024];
@@ -178,18 +208,21 @@ static int test_x509_name(void)
|| format_bytes(stderr, 0, 4, "", name, namelen) > 2
) {
error_print();
return 1;
return -1;
}
format_bytes(stdout, 0, 0, "der ", name, namelen);
x509_name_print(stdout, 0, 0, "Name", name, namelen);
return 0;
format_bytes(stdout, 0, 4, "der ", name, namelen);
x509_name_print(stdout, 0, 4, "Name", name, namelen);
printf("%s() ok\n", __FUNCTION__);
return 1;
}
static int test_x509_public_key_info(void)
{
int err = 0;
SM2_KEY sm2_key;
SM2_KEY pub_key;
int algor = OID_ec_public_key;
int algor_param = OID_sm2;
X509_KEY x509_key;
X509_KEY pub_key;
uint8_t buf[256];
const uint8_t *cp = buf;
uint8_t *p = buf;
@@ -197,26 +230,32 @@ static int test_x509_public_key_info(void)
const uint8_t *d;
size_t dlen;
if (sm2_key_generate(&sm2_key) != 1
|| x509_public_key_info_to_der(&sm2_key, &p, &len) != 1
if (x509_key_generate(&x509_key, algor, algor_param) != 1) {
error_print();
return -1;
}
if (x509_public_key_info_to_der(&x509_key, &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return 1;
return -1;
}
x509_public_key_info_print(stdout, 0, 0, "PublicKeyInfo", d, dlen);
if (sm2_key_generate(&sm2_key) != 1
|| x509_public_key_info_to_der(&sm2_key, &p, &len) != 1
x509_public_key_info_print(stdout, 0, 4, "PublicKeyInfo", d, dlen);
if (x509_key_generate(&x509_key, algor, algor_param) != 1) {
error_print();
return -1;
}
if (x509_public_key_info_to_der(&x509_key, &p, &len) != 1
|| x509_public_key_info_from_der(&pub_key, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return 1;
return -1;
}
sm2_public_key_print(stdout, 0, 8, "ECPublicKey", &pub_key);
x509_public_key_print(stdout, 0, 4, "ECPublicKey", &pub_key);
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int set_x509_name(uint8_t *name, size_t *namelen, size_t maxlen)
@@ -236,13 +275,15 @@ static int set_x509_name(uint8_t *name, size_t *namelen, size_t maxlen)
static int test_x509_tbs_cert(void)
{
int algor = OID_ec_public_key;
int algor_param = OID_sm2;
uint8_t serial[20] = { 0x01, 0x00 };
uint8_t issuer[256];
size_t issuer_len = 0;
time_t not_before, not_after;
uint8_t subject[256];
size_t subject_len = 0;
SM2_KEY sm2_key;
X509_KEY x509_key;
uint8_t buf[1024] = {0};
uint8_t *p = buf;
const uint8_t *cp = buf;
@@ -254,7 +295,11 @@ static int test_x509_tbs_cert(void)
time(&not_before);
x509_validity_add_days(&not_after, not_before, 365);
set_x509_name(subject, &subject_len, sizeof(subject));
sm2_key_generate(&sm2_key);
if (x509_key_generate(&x509_key, algor, algor_param) != 1) {
error_print();
return -1;
}
if (x509_tbs_cert_to_der(
X509_version_v3,
@@ -263,7 +308,7 @@ static int test_x509_tbs_cert(void)
issuer, issuer_len,
not_before, not_after,
subject, subject_len,
&sm2_key,
&x509_key,
NULL, 0,
NULL, 0,
NULL, 0,
@@ -271,7 +316,7 @@ static int test_x509_tbs_cert(void)
error_print();
return -1;
}
format_bytes(stderr, 0, 0, "tbs_cert", buf, len);
format_bytes(stderr, 0, 4, "tbs_cert", buf, len);
if (asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
@@ -279,7 +324,8 @@ static int test_x509_tbs_cert(void)
}
x509_tbs_cert_print(stderr, 0, 4, "TBSCertificate", d, dlen);
return 0;
printf("%s() ok\n", __FUNCTION__);
return 1;
}
static int test_x509_cert_get(const uint8_t *cert, size_t certlen)
@@ -290,7 +336,7 @@ static int test_x509_cert_get(const uint8_t *cert, size_t certlen)
size_t issuer_len;
const uint8_t *subject;
size_t subject_len;
SM2_KEY public_key;
X509_KEY public_key;
if (x509_cert_get_issuer_and_serial_number(cert, certlen, &issuer, &issuer_len, &serial, &serial_len) != 1
|| x509_cert_get_subject(cert, certlen, &subject, &subject_len) != 1
@@ -301,19 +347,23 @@ static int test_x509_cert_get(const uint8_t *cert, size_t certlen)
format_bytes(stderr, 0, 4, "SerialNumber", serial, serial_len);
x509_name_print(stderr, 0, 4, "Issuer", issuer, issuer_len);
x509_name_print(stderr, 0, 4, "Subject", subject, subject_len);
sm2_public_key_print(stderr, 0, 4, "SubjectPublicKey", &public_key);
return 0;
x509_public_key_print(stderr, 0, 4, "SubjectPublicKey", &public_key);
printf("%s() ok\n", __FUNCTION__);
return 1;
}
static int test_x509_cert(void)
{
int algor = OID_ec_public_key;
int algor_param = OID_sm2;
uint8_t serial[20] = { 0x01, 0x00 };
uint8_t issuer[256];
size_t issuer_len = 0;
time_t not_before, not_after;
uint8_t subject[256];
size_t subject_len = 0;
SM2_KEY sm2_key;
X509_KEY x509_key;
uint8_t cert[1024] = {0};
uint8_t *p = cert;
const uint8_t *cp = cert;
@@ -323,7 +373,11 @@ static int test_x509_cert(void)
time(&not_before);
x509_validity_add_days(&not_after, not_before, 365);
set_x509_name(subject, &subject_len, sizeof(subject));
sm2_key_generate(&sm2_key);
if (x509_key_generate(&x509_key, algor, algor_param) != 1) {
error_print();
return -1;
}
if (x509_cert_sign_to_der(
X509_version_v3,
@@ -332,11 +386,11 @@ static int test_x509_cert(void)
issuer, issuer_len,
not_before, not_after,
subject, subject_len,
&sm2_key,
&x509_key,
NULL, 0,
NULL, 0,
NULL, 0,
&sm2_key, SM2_DEFAULT_ID, strlen(SM2_DEFAULT_ID),
&x509_key, SM2_DEFAULT_ID, strlen(SM2_DEFAULT_ID),
&p, &certlen) != 1) {
error_print();
return -1;
@@ -380,19 +434,27 @@ static int test_x509_cert(void)
}
x509_cert_print(stderr, 0, 4, "Certificate", cert, certlen);
return 0;
printf("%s() ok\n", __FUNCTION__);
return 1;
}
int main(void)
{
int err = 0;
err += test_x509_version();
err += test_x509_validity();
err += test_x509_attr_type_and_value();
err += test_x509_rdn();
err += test_x509_name();
err += test_x509_public_key_info();
err += test_x509_tbs_cert();
err += test_x509_cert();
return err;
if (test_x509_version() != 1) goto err;
if (test_x509_validity() != 1) goto err;
if (test_x509_attr_type_and_value() != 1) goto err;
if (test_x509_rdn() != 1) goto err;
if (test_x509_name() != 1) goto err;
if (test_x509_public_key_info() != 1) {
error_print();
goto err;
}
if (test_x509_tbs_cert() != 1) goto err;
if (test_x509_cert() != 1) goto err;
printf("%s all tests passed\n", __FILE__);
return 0;
err:
error_print();
return 1;
}