mirror of
https://github.com/guanzhi/GmSSL.git
synced 2026-06-13 08:23:50 +08:00
Update tls12, tlcp
This commit is contained in:
Zhi Guan
@@ -41,34 +41,7 @@ static const char *help =
|
||||
" -outcerts file Save server certificates to a PEM file\n"
|
||||
" -quiet Without printing any status message\n"
|
||||
"\n"
|
||||
"Examples\n"
|
||||
"\n"
|
||||
" gmssl tlcp_client -host www.pbc.gov.cn -get / -outcerts certs.pem\n"
|
||||
"\n"
|
||||
" gmssl tlcp_client -host www.pbc.gov.cn -port 443\n"
|
||||
"\n"
|
||||
"Examples\n"
|
||||
"\n"
|
||||
" gmssl sm2keygen -pass 1234 -out rootcakey.pem\n"
|
||||
" gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign -ca\n"
|
||||
" gmssl sm2keygen -pass 1234 -out cakey.pem\n"
|
||||
" gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN \"Sub CA\" -key cakey.pem -pass 1234 -out careq.pem\n"
|
||||
" gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -ca -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem\n"
|
||||
"\n"
|
||||
" gmssl sm2keygen -pass 1234 -out signkey.pem\n"
|
||||
" gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -key signkey.pem -pass 1234 -out signreq.pem\n"
|
||||
" gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem\n"
|
||||
"\n"
|
||||
" gmssl sm2keygen -pass 1234 -out enckey.pem\n"
|
||||
" gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -key enckey.pem -pass 1234 -out encreq.pem\n"
|
||||
" gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem\n"
|
||||
"\n"
|
||||
" cat signcert.pem > double_certs.pem\n"
|
||||
" cat enccert.pem >> double_certs.pem\n"
|
||||
" cat cacert.pem >> double_certs.pem\n"
|
||||
"\n"
|
||||
" sudo gmssl tlcp_server -port 443 -cert double_certs.pem -key signkey.pem -pass 1234 -ex_key enckey.pem -ex_pass 1234\n"
|
||||
" gmssl tlcp_client -host 127.0.0.1 -cacert rootcacert.pem\n"
|
||||
#include "tlcp_help.h"
|
||||
"\n";
|
||||
|
||||
|
||||
|
||||
38
tools/tlcp_help.h
Normal file
38
tools/tlcp_help.h
Normal file
@@ -0,0 +1,38 @@
|
||||
/*
|
||||
* Copyright 2014-2026 The GmSSL Project. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the License); you may
|
||||
* not use this file except in compliance with the License.
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*/
|
||||
|
||||
"Examples\n"
|
||||
"\n"
|
||||
" gmssl tlcp_client -host www.pbc.gov.cn -get / -outcerts certs.pem\n"
|
||||
"\n"
|
||||
" gmssl tlcp_client -host www.pbc.gov.cn -port 443\n"
|
||||
"\n"
|
||||
"Examples\n"
|
||||
"\n"
|
||||
" gmssl sm2keygen -pass 1234 -out rootcakey.pem\n"
|
||||
" gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign -ca\n"
|
||||
" gmssl sm2keygen -pass 1234 -out cakey.pem\n"
|
||||
" gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN \"Sub CA\" -key cakey.pem -pass 1234 -out careq.pem\n"
|
||||
" gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -ca -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem\n"
|
||||
"\n"
|
||||
" gmssl sm2keygen -pass 1234 -out signkey.pem\n"
|
||||
" gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -key signkey.pem -pass 1234 -out signreq.pem\n"
|
||||
" gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem\n"
|
||||
"\n"
|
||||
" gmssl sm2keygen -pass 1234 -out enckey.pem\n"
|
||||
" gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -key enckey.pem -pass 1234 -out encreq.pem\n"
|
||||
" gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem\n"
|
||||
"\n"
|
||||
" cat signcert.pem > double_certs.pem\n"
|
||||
" cat enccert.pem >> double_certs.pem\n"
|
||||
" cat cacert.pem >> double_certs.pem\n"
|
||||
"\n"
|
||||
" gmssl tlcp_server -port 443 -cert double_certs.pem -key signkey.pem -pass 1234 -ex_key enckey.pem -ex_pass 1234\n"
|
||||
" gmssl tlcp_client -host 127.0.0.1 -cacert rootcacert.pem\n"
|
||||
|
||||
@@ -30,28 +30,7 @@ static const char *help =
|
||||
" -pass str Password to decrypt private key\n"
|
||||
" -cacert file CA certificate for client certificate verification\n"
|
||||
"\n"
|
||||
"Examples\n"
|
||||
"\n"
|
||||
" gmssl sm2keygen -pass 1234 -out rootcakey.pem\n"
|
||||
" gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign -ca\n"
|
||||
" gmssl sm2keygen -pass 1234 -out cakey.pem\n"
|
||||
" gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN \"Sub CA\" -key cakey.pem -pass 1234 -out careq.pem\n"
|
||||
" gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -ca -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem\n"
|
||||
"\n"
|
||||
" gmssl sm2keygen -pass 1234 -out signkey.pem\n"
|
||||
" gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -key signkey.pem -pass 1234 -out signreq.pem\n"
|
||||
" gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem\n"
|
||||
"\n"
|
||||
" gmssl sm2keygen -pass 1234 -out enckey.pem\n"
|
||||
" gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -key enckey.pem -pass 1234 -out encreq.pem\n"
|
||||
" gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem\n"
|
||||
"\n"
|
||||
" cat signcert.pem > double_certs.pem\n"
|
||||
" cat enccert.pem >> double_certs.pem\n"
|
||||
" cat cacert.pem >> double_certs.pem\n"
|
||||
"\n"
|
||||
" sudo gmssl tlcp_server -port 443 -cert double_certs.pem -key signkey.pem -pass 1234 -ex_key enckey.pem -ex_pass 1234\n"
|
||||
" gmssl tlcp_client -host 127.0.0.1 -cacert rootcacert.pem\n"
|
||||
#include "tlcp_help.h"
|
||||
"\n";
|
||||
|
||||
int tlcp_server_main(int argc , char **argv)
|
||||
|
||||
@@ -35,28 +35,7 @@ static const char *help =
|
||||
" -key file Client's encrypted private key in PEM format\n"
|
||||
" -pass str Password to decrypt private key\n"
|
||||
"\n"
|
||||
"Examples\n"
|
||||
"\n"
|
||||
" gmssl sm2keygen -pass 1234 -out rootcakey.pem\n"
|
||||
" gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 \\\n"
|
||||
" -key rootcakey.pem -pass 1234 -out rootcacert.pem \\\n"
|
||||
" -key_usage keyCertSign -key_usage cRLSign -ca\n"
|
||||
"\n"
|
||||
" gmssl sm2keygen -pass 1234 -out cakey.pem\n"
|
||||
" gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN \"Sub CA\" \\\n"
|
||||
" -key cakey.pem -pass 1234 -out careq.pem\n"
|
||||
" gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -cacert rootcacert.pem -key rootcakey.pem -pass 1234 \\\n"
|
||||
" -out cacert.pem -ca -path_len_constraint 0\n"
|
||||
"\n"
|
||||
" gmssl sm2keygen -pass 1234 -out signkey.pem\n"
|
||||
" gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -key signkey.pem -pass 1234 -out signreq.pem\n"
|
||||
" gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem\n"
|
||||
"\n"
|
||||
" cat signcert.pem > certs.pem\n"
|
||||
" cat cacert.pem >> certs.pem\n"
|
||||
"\n"
|
||||
" sudo gmssl tls12_server -port 4430 -cert certs.pem -key signkey.pem -pass 1234\n"
|
||||
" gmssl tls12_client -host 127.0.0.1 -port 4430 -cacert rootcacert.pem\n"
|
||||
#include "tls12_help.h"
|
||||
"\n";
|
||||
|
||||
int tls12_client_main(int argc, char *argv[])
|
||||
|
||||
32
tools/tls12_help.h
Normal file
32
tools/tls12_help.h
Normal file
@@ -0,0 +1,32 @@
|
||||
/*
|
||||
* Copyright 2014-2026 The GmSSL Project. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the License); you may
|
||||
* not use this file except in compliance with the License.
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*/
|
||||
|
||||
"Examples\n"
|
||||
"\n"
|
||||
" gmssl sm2keygen -pass 1234 -out rootcakey.pem\n"
|
||||
" gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 \\\n"
|
||||
" -key rootcakey.pem -pass 1234 -out rootcacert.pem \\\n"
|
||||
" -key_usage keyCertSign -key_usage cRLSign -ca\n"
|
||||
"\n"
|
||||
" gmssl sm2keygen -pass 1234 -out cakey.pem\n"
|
||||
" gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN \"Sub CA\" \\\n"
|
||||
" -key cakey.pem -pass 1234 -out careq.pem\n"
|
||||
" gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -cacert rootcacert.pem -key rootcakey.pem -pass 1234 \\\n"
|
||||
" -out cacert.pem -ca -path_len_constraint 0\n"
|
||||
"\n"
|
||||
" gmssl sm2keygen -pass 1234 -out signkey.pem\n"
|
||||
" gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -key signkey.pem -pass 1234 -out signreq.pem\n"
|
||||
" gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem\n"
|
||||
"\n"
|
||||
" cat signcert.pem > certs.pem\n"
|
||||
" cat cacert.pem >> certs.pem\n"
|
||||
"\n"
|
||||
" gmssl tls12_server -port 4430 -cert certs.pem -key signkey.pem -pass 1234\n"
|
||||
" gmssl tls12_client -host 127.0.0.1 -port 4430 -cacert rootcacert.pem\n"
|
||||
|
||||
@@ -29,28 +29,7 @@ static const char *help =
|
||||
" -pass str Password to decrypt private key\n"
|
||||
" -cacert file CA certificate for client certificate verification\n"
|
||||
"\n"
|
||||
"Examples\n"
|
||||
"\n"
|
||||
" gmssl sm2keygen -pass 1234 -out rootcakey.pem\n"
|
||||
" gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 \\\n"
|
||||
" -key rootcakey.pem -pass 1234 -out rootcacert.pem \\\n"
|
||||
" -key_usage keyCertSign -key_usage cRLSign -ca\n"
|
||||
"\n"
|
||||
" gmssl sm2keygen -pass 1234 -out cakey.pem\n"
|
||||
" gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN \"Sub CA\" \\\n"
|
||||
" -key cakey.pem -pass 1234 -out careq.pem\n"
|
||||
" gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -cacert rootcacert.pem -key rootcakey.pem -pass 1234 \\\n"
|
||||
" -out cacert.pem -ca -path_len_constraint 0\n"
|
||||
"\n"
|
||||
" gmssl sm2keygen -pass 1234 -out signkey.pem\n"
|
||||
" gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -key signkey.pem -pass 1234 -out signreq.pem\n"
|
||||
" gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem\n"
|
||||
"\n"
|
||||
" cat signcert.pem > certs.pem\n"
|
||||
" cat cacert.pem >> certs.pem\n"
|
||||
"\n"
|
||||
" sudo gmssl tls12_server -port 4430 -cert certs.pem -key signkey.pem -pass 1234\n"
|
||||
" gmssl tls12_client -host 127.0.0.1 -port 4430 -cacert rootcacert.pem\n"
|
||||
#include "tls12_help.h"
|
||||
"\n";
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user