abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-06-19 11:23:38 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update Makefile and code style in tests

Browse Source
This commit is contained in:
Zhi Guan
2022-07-28 16:42:54 +08:00
parent f1da2d5528
commit 5dadb639a8
13 changed files with 340 additions and 358 deletions
Download Patch File Download Diff File Expand all files Collapse all files

351
CMakeLists.txt
View File

@@ -20,63 +20,57 @@ include_directories(include)
add_library(
gmssl
# SHARED
src/aes.c
src/aes_modes.c
src/asn1.c
src/base64.c
src/block_cipher.c
src/chacha20.c
src/cms.c
src/version.c
src/debug.c
src/des.c
src/digest.c
src/ec.c
src/gcm.c
src/gf128.c
src/hash_drbg.c
src/hex.c
src/hkdf.c
src/hmac.c
src/md5.c
src/pbkdf2.c
src/pem.c
src/pkcs8.c
src/rand.c
src/rc4.c
# src/rdrand.c
src/rsa.c
src/sha1.c
src/sha256.c
src/sha512.c
src/sm2_alg.c
src/sm2_key.c
src/sm2_lib.c
src/sm3.c
src/sm3_hmac.c
src/sm3_kdf.c
src/sm4_common.c
src/sm4_enc.c
src/sm4_modes.c
src/sm4_setkey.c
src/sm3.c
src/sm3_hmac.c
src/sm3_kdf.c
src/sm2_alg.c
src/sm2_key.c
src/sm2_lib.c
src/sm9_alg.c
src/sm9_key.c
src/sm9_lib.c
src/tlcp.c
src/tls.c
src/tls12.c
src/tls13.c
src/tls_ext.c
src/tls_trace.c
src/version.c
src/x509_alg.c
src/x509_cer.c
src/x509_crl.c
src/x509_ext.c
src/x509_oid.c
src/x509_req.c
src/x509_str.c
src/zuc.c
src/zuc_modes.c
src/aes.c
src/aes_modes.c
src/sha256.c
src/sha512.c
src/chacha20.c
src/des.c
src/sha1.c
src/md5.c
src/rc4.c
src/rand.c
src/hash_drbg.c
# src/rdrand.c
src/block_cipher.c
src/digest.c
src/hmac.c
src/hkdf.c
src/pbkdf2.c
src/gf128.c
src/gcm.c
src/pkcs8.c
src/ec.c
src/rsa.c
src/asn1.c
src/hex.c
src/base64.c
src/pem.c
src/x509_oid.c
src/x509_alg.c
src/x509_str.c
src/x509_cer.c
src/x509_ext.c
src/x509_req.c
src/x509_crl.c
src/cms.c
src/sdf/sdf.c
src/sdf/sdf_lib.c
src/sdf/sdf_meth.c
@@ -88,7 +82,14 @@ add_library(
src/skf/skf_ext.c
src/skf/skf_prn.c
src/skf/skf_wisec.c
src/tls.c
src/tls_ext.c
src/tls_trace.c
src/tlcp.c
src/tls12.c
src/tls13.c
)
target_link_libraries(gmssl dl)
SET_TARGET_PROPERTIES(gmssl PROPERTIES VERSION 3.0 SOVERSION 3)
@@ -98,31 +99,34 @@ SET_TARGET_PROPERTIES(sdf_dummy PROPERTIES VERSION 3.0 SOVERSION 3)
add_library(skf_dummy SHARED src/skf/skf_dummy.c)
SET_TARGET_PROPERTIES(skf_dummy PROPERTIES VERSION 3.0 SOVERSION 3)
# tools
add_executable(
gmssl-bin
tools/gmssl.c
tools/version.c
tools/rand.c
tools/sm4.c
tools/sm3.c
tools/sm3hmac.c
tools/sm2keygen.c
tools/sm2sign.c
tools/sm2verify.c
tools/sm2encrypt.c
tools/sm2decrypt.c
tools/sm3.c
tools/sm3hmac.c
tools/sm4.c
tools/zuc.c
tools/sm9setup.c
tools/sm9keygen.c
tools/sm9sign.c
tools/sm9verify.c
tools/sm9encrypt.c
tools/sm9decrypt.c
tools/zuc.c
tools/rand.c
tools/pbkdf2.c
tools/certgen.c
tools/certparse.c
tools/certverify.c
tools/reqgen.c
tools/reqparse.c
tools/reqsign.c
tools/crlparse.c
tools/crlverify.c
tools/cmssign.c
@@ -130,114 +134,120 @@ add_executable(
tools/cmsencrypt.c
tools/cmsdecrypt.c
tools/cmsparse.c
tools/pbkdf2.c
tools/reqgen.c
tools/reqparse.c
tools/reqsign.c
tools/sdfutil.c
tools/skfutil.c
tools/tlcp_client.c
tools/tlcp_server.c
tools/tls12_client.c
tools/tls12_server.c
tools/tls13_client.c
tools/tls13_server.c
tools/sdfutil.c
tools/skfutil.c
)
target_link_libraries (gmssl-bin LINK_PUBLIC gmssl)
set_target_properties (gmssl-bin PROPERTIES RUNTIME_OUTPUT_NAME gmssl)
# tests
enable_testing()
add_executable(aestest tests/aestest.c)
target_link_libraries (aestest LINK_PUBLIC gmssl)
add_test(NAME sm4 COMMAND sm4test)
add_test(NAME sm3 COMMAND sm3test)
add_test(NAME sm2 COMMAND sm2test)
add_test(NAME sm9 COMMAND sm9test)
add_test(NAME zuc COMMAND zuctest)
add_test(NAME aes COMMAND aestest)
add_test(NAME sha224 COMMAND sha224test)
add_test(NAME sha256 COMMAND sha256test)
add_test(NAME sha384 COMMAND sha384test)
add_test(NAME sha512 COMMAND sha512test)
add_test(NAME chacha20 COMMAND chacha20test)
add_test(NAME des COMMAND destest)
add_test(NAME sha1 COMMAND sha1test)
add_test(NAME md5 COMMAND md5test)
add_test(NAME rc4 COMMAND rc4test)
add_test(NAME hash_drbg COMMAND hash_drbgtest)
add_test(NAME block_cipher COMMAND block_ciphertest)
add_test(NAME digest COMMAND digesttest)
add_test(NAME hmac COMMAND hmactest)
add_test(NAME hkdf COMMAND hkdftest)
add_test(NAME pbkdf2 COMMAND pbkdf2test)
add_test(NAME gf128 COMMAND gf128test)
add_test(NAME gcm COMMAND gcmtest)
add_test(NAME pkcs8 COMMAND pkcs8test)
add_test(NAME ec COMMAND ectest)
add_test(NAME asn1 COMMAND asn1test)
add_test(NAME hex COMMAND hextest)
add_test(NAME base64 COMMAND base64test)
add_test(NAME pem COMMAND pemtest)
add_test(NAME x509 COMMAND x509test)
add_test(NAME x509_oid COMMAND x509_oidtest)
add_test(NAME x509_alg COMMAND x509_algtest)
add_test(NAME x509_str COMMAND x509_strtest)
add_test(NAME x509_ext COMMAND x509_exttest)
add_test(NAME x509_req COMMAND x509_reqtest)
add_test(NAME x509_crl COMMAND x509_crltest)
add_test(NAME cms COMMAND cmstest)
add_test(NAME tls COMMAND tlstest)
add_test(NAME tls13 COMMAND tls13test)
add_executable(asn1test tests/asn1test.c)
target_link_libraries (asn1test LINK_PUBLIC gmssl)
add_executable(base64test tests/base64test.c)
target_link_libraries (base64test LINK_PUBLIC gmssl)
add_executable(block_ciphertest tests/block_ciphertest.c)
target_link_libraries (block_ciphertest LINK_PUBLIC gmssl)
add_executable(chacha20test tests/chacha20test.c)
target_link_libraries (chacha20test LINK_PUBLIC gmssl)
add_executable(cmstest tests/cmstest.c)
target_link_libraries (cmstest LINK_PUBLIC gmssl)
add_executable(destest tests/destest.c)
target_link_libraries (destest LINK_PUBLIC gmssl)
add_executable(digesttest tests/digesttest.c)
target_link_libraries (digesttest LINK_PUBLIC gmssl)
add_executable(ectest tests/ectest.c)
target_link_libraries (ectest LINK_PUBLIC gmssl)
add_executable(gcmtest tests/gcmtest.c)
target_link_libraries (gcmtest LINK_PUBLIC gmssl)
add_executable(gf128test tests/gf128test.c)
target_link_libraries (gf128test LINK_PUBLIC gmssl)
add_executable(hash_drbgtest tests/hash_drbgtest.c)
target_link_libraries (hash_drbgtest LINK_PUBLIC gmssl)
add_executable(hextest tests/hextest.c)
target_link_libraries (hextest LINK_PUBLIC gmssl)
add_executable(hkdftest tests/hkdftest.c)
target_link_libraries (hkdftest LINK_PUBLIC gmssl)
add_executable(hmactest tests/hmactest.c)
target_link_libraries (hmactest LINK_PUBLIC gmssl)
add_executable(md5test tests/md5test.c)
target_link_libraries (md5test LINK_PUBLIC gmssl)
add_executable(pbkdf2test tests/pbkdf2test.c)
target_link_libraries (pbkdf2test LINK_PUBLIC gmssl)
add_executable(pemtest tests/pemtest.c)
target_link_libraries (pemtest LINK_PUBLIC gmssl)
add_executable(pkcs8test tests/pkcs8test.c)
target_link_libraries (pkcs8test LINK_PUBLIC gmssl)
add_executable(rc4test tests/rc4test.c)
target_link_libraries (rc4test LINK_PUBLIC gmssl)
add_executable(sha1test tests/sha1test.c)
target_link_libraries (sha1test LINK_PUBLIC gmssl)
add_executable(sha224test tests/sha224test.c)
target_link_libraries (sha224test LINK_PUBLIC gmssl)
add_executable(sha256test tests/sha256test.c)
target_link_libraries (sha256test LINK_PUBLIC gmssl)
add_executable(sha384test tests/sha384test.c)
target_link_libraries (sha384test LINK_PUBLIC gmssl)
add_executable(sha512test tests/sha512test.c)
target_link_libraries (sha512test LINK_PUBLIC gmssl)
add_executable(sm2test tests/sm2test.c)
target_link_libraries (sm2test LINK_PUBLIC gmssl)
add_executable(sm3test tests/sm3test.c)
target_link_libraries (sm3test LINK_PUBLIC gmssl)
add_executable(sm4test tests/sm4test.c)
target_link_libraries (sm4test LINK_PUBLIC gmssl)
add_executable(sm3test tests/sm3test.c)
target_link_libraries (sm3test LINK_PUBLIC gmssl)
add_executable(sm2test tests/sm2test.c)
target_link_libraries (sm2test LINK_PUBLIC gmssl)
add_executable(sm9test tests/sm9test.c)
target_link_libraries (sm9test LINK_PUBLIC gmssl)
add_executable(zuctest tests/zuctest.c)
target_link_libraries (zuctest LINK_PUBLIC gmssl)
add_executable(aestest tests/aestest.c)
target_link_libraries (aestest LINK_PUBLIC gmssl)
add_executable(sha224test tests/sha224test.c)
target_link_libraries (sha224test LINK_PUBLIC gmssl)
add_executable(sha256test tests/sha256test.c)
target_link_libraries (sha256test LINK_PUBLIC gmssl)
add_executable(sha384test tests/sha384test.c)
target_link_libraries (sha384test LINK_PUBLIC gmssl)
add_executable(sha512test tests/sha512test.c)
target_link_libraries (sha512test LINK_PUBLIC gmssl)
add_executable(chacha20test tests/chacha20test.c)
target_link_libraries (chacha20test LINK_PUBLIC gmssl)
add_executable(destest tests/destest.c)
target_link_libraries (destest LINK_PUBLIC gmssl)
add_executable(sha1test tests/sha1test.c)
target_link_libraries (sha1test LINK_PUBLIC gmssl)
add_executable(md5test tests/md5test.c)
target_link_libraries (md5test LINK_PUBLIC gmssl)
add_executable(rc4test tests/rc4test.c)
target_link_libraries (rc4test LINK_PUBLIC gmssl)
add_executable(hash_drbgtest tests/hash_drbgtest.c)
target_link_libraries (hash_drbgtest LINK_PUBLIC gmssl)
add_executable(block_ciphertest tests/block_ciphertest.c)
target_link_libraries (block_ciphertest LINK_PUBLIC gmssl)
add_executable(digesttest tests/digesttest.c)
target_link_libraries (digesttest LINK_PUBLIC gmssl)
add_executable(hmactest tests/hmactest.c)
target_link_libraries (hmactest LINK_PUBLIC gmssl)
add_executable(hkdftest tests/hkdftest.c)
target_link_libraries (hkdftest LINK_PUBLIC gmssl)
add_executable(pbkdf2test tests/pbkdf2test.c)
target_link_libraries (pbkdf2test LINK_PUBLIC gmssl)
add_executable(gf128test tests/gf128test.c)
target_link_libraries (gf128test LINK_PUBLIC gmssl)
add_executable(gcmtest tests/gcmtest.c)
target_link_libraries (gcmtest LINK_PUBLIC gmssl)
add_executable(pkcs8test tests/pkcs8test.c)
target_link_libraries (pkcs8test LINK_PUBLIC gmssl)
add_executable(ectest tests/ectest.c)
target_link_libraries (ectest LINK_PUBLIC gmssl)
add_executable(asn1test tests/asn1test.c)
target_link_libraries (asn1test LINK_PUBLIC gmssl)
add_executable(hextest tests/hextest.c)
target_link_libraries (hextest LINK_PUBLIC gmssl)
add_executable(base64test tests/base64test.c)
target_link_libraries (base64test LINK_PUBLIC gmssl)
add_executable(pemtest tests/pemtest.c)
target_link_libraries (pemtest LINK_PUBLIC gmssl)
add_executable(x509test tests/x509test.c)
target_link_libraries (x509test LINK_PUBLIC gmssl)
add_executable(x509_oidtest tests/x509_oidtest.c)
@@ -246,63 +256,20 @@ add_executable(x509_algtest tests/x509_algtest.c)
target_link_libraries (x509_algtest LINK_PUBLIC gmssl)
add_executable(x509_strtest tests/x509_strtest.c)
target_link_libraries (x509_strtest LINK_PUBLIC gmssl)
add_executable(x509_exttest tests/x509_exttest.c)
target_link_libraries (x509_exttest LINK_PUBLIC gmssl)
add_executable(x509_reqtest tests/x509_reqtest.c)
target_link_libraries (x509_reqtest LINK_PUBLIC gmssl)
add_executable(x509_crltest tests/x509_crltest.c)
target_link_libraries (x509_crltest LINK_PUBLIC gmssl)
#add_executable(x509_exttest tests/x509_exttest.c)
#target_link_libraries (x509_exttest LINK_PUBLIC gmssl)
add_executable(zuctest tests/zuctest.c)
target_link_libraries (zuctest LINK_PUBLIC gmssl)
#add_executable(tlstest tests/tlstest.c)
#target_link_libraries (tlstest LINK_PUBLIC gmssl)
add_executable(cmstest tests/cmstest.c)
target_link_libraries (cmstest LINK_PUBLIC gmssl)
add_executable(tlstest tests/tlstest.c)
target_link_libraries (tlstest LINK_PUBLIC gmssl)
add_executable(tls13test tests/tls13test.c)
target_link_libraries (tls13test LINK_PUBLIC gmssl)
enable_testing()
add_test(NAME aes COMMAND aestest)
add_test(NAME asn1 COMMAND asn1test)
add_test(NAME base64 COMMAND base64test)
add_test(NAME block_cipher COMMAND block_ciphertest)
add_test(NAME chacha20 COMMAND chacha20test)
add_test(NAME cms COMMAND cmstest)
add_test(NAME des COMMAND destest)
add_test(NAME digest COMMAND digesttest)
add_test(NAME ec COMMAND ectest)
add_test(NAME gcm COMMAND gcmtest)
add_test(NAME gf128 COMMAND gf128test)
add_test(NAME hash_drbg COMMAND hash_drbgtest)
add_test(NAME hkdf COMMAND hkdftest)
add_test(NAME hex COMMAND hextest)
add_test(NAME hmac COMMAND hmactest)
add_test(NAME md5 COMMAND md5test)
add_test(NAME pbkdf2 COMMAND pbkdf2test)
add_test(NAME pem COMMAND pemtest)
add_test(NAME pkcs8 COMMAND pkcs8test)
add_test(NAME rc4 COMMAND rc4test)
add_test(NAME sha1 COMMAND sha1test)
add_test(NAME sha224 COMMAND sha224test)
add_test(NAME sha256 COMMAND sha256test)
add_test(NAME sha384 COMMAND sha384test)
add_test(NAME sha512 COMMAND sha512test)
add_test(NAME sm2 COMMAND sm2test)
add_test(NAME sm3 COMMAND sm3test)
add_test(NAME sm4 COMMAND sm4test)
add_test(NAME sm9 COMMAND sm9test)
add_test(NAME tls13 COMMAND tls13test)
add_test(NAME x509 COMMAND x509test)
add_test(NAME x509_oid COMMAND x509_oidtest)
add_test(NAME x509_alg COMMAND x509_algtest)
add_test(NAME x509_str COMMAND x509_strtest)
add_test(NAME x509_req COMMAND x509_reqtest)
add_test(NAME x509_crl COMMAND x509_crltest)
#add_test(NAME x509_ext COMMAND x509_exttest)
add_test(NAME zuc COMMAND zuctest)
INSTALL(TARGETS gmssl ARCHIVE DESTINATION lib LIBRARY DESTINATION lib)
INSTALL(DIRECTORY ${CMAKE_SOURCE_DIR}/include/gmssl DESTINATION include)
INSTALL(TARGETS gmssl-bin RUNTIME DESTINATION bin)

44
README.md
View File

@@ -1,14 +1,15 @@
# GmSSL 3.0 Dev
# GmSSL 3.0
[![CMake](https://github.com/guanzhi/GmSSL/workflows/CMake/badge.svg)](https://github.com/guanzhi/GmSSL/actions/workflows/cmake.yml)
GmSSL的2.x版本的开发始于2016年目前主分支在功能上实现了对主要国密算法、标准和协议的覆盖并成功应用于多种互联网场景中。但是随着GmSSL在物联网、区块链等新场景中的应用及在密码产品合规检测过程中的实践我们发现应用对GmSSL提出了一些新的需求。由于很难在基于OpenSSL的GmSSL 2.x版本上满足新需求因此我们重新设计了GmSSL的架构GmSSL也迎来第三个大版本——GmSSL 3.0。
## 典型应用
## 主要特性
#### Nginx-with-GmSSL3.0
目前GmSSL项目组已经实现了Nginx对GmSSL3.0的支持并提供了Docker实现具体参见[Nginx-with-GmSSL3.0](https://github.com/zhaoxiaomeng/Nginx-with-GmSSLv3)
* 超轻量:GmSSL 3.0大幅度降低了内存需求和二进制代码体积,不依赖动态内存,可以用于无操作系统的低功耗嵌入式环境(MCU、SOC等)开发者也可以更容易地将国密算法和SSL协议嵌入到现有的项目中。
* 更合规GmSSL 3.0 可以配置为仅包含国密算法和国密协议(TLCP协议)依赖GmSSL 的密码应用更容易满足密码产品型号检测的要求,避免由于混杂非国密算法、不安全算法等导致的安全问题和合规问题。
* 更安全TLS 1.3在安全性和通信延迟上相对之前的TLS协议有巨大的提升GmSSL 3.0支持TLS 1.3协议和RFC 8998的国密套件。GmSSL 3.0默认支持密钥的加密保护,提升了密码算法的抗侧信道攻击能力。
* 跨平台GmSSL 3.0更容易跨平台构建系统不再依赖Perl默认的CMake构建系统可以容易地和Visual Studio、Android NDK等默认编译工具配合使用开发者也可以手工编写Makefile在特殊环境中编译、剪裁。
## 编译与安装
@@ -23,35 +24,32 @@ make test
sudo make install
```
## 主要新特性
* 超轻量GmSSL 3.0大幅度降低了内存需求和二进制代码体积,不依赖动态内存,可以用于无操作系统的低功耗嵌入式环境(MCU、SOC等)开发者也可以更容易地将国密算法和SSL协议嵌入到现有的项目中。
* 更合规GmSSL 3.0 可以配置为仅包含国密算法和国密协议(TLCP协议)依赖GmSSL 的密码应用更容易满足密码产品型号检测的要求,避免由于混杂非国密算法、不安全算法等导致的安全问题和合规问题。
* 更安全TLS 1.3在安全性和通信延迟上相对之前的TLS协议有巨大的提升GmSSL 3.0支持TLS 1.3协议和RFC 8998的国密套件。GmSSL 3.0默认支持密钥的加密保护,提升了密码算法的抗侧信道攻击能力。
* 跨平台GmSSL 3.0更容易跨平台构建系统不再依赖Perl默认的CMake构建系统可以容易地和Visual Studio、Android NDK等默认编译工具配合使用开发者也可以手工编写Makefile在特殊环境中编译、剪裁。
## 主要功能
### 密码算法
* 分组密码SM4 (CBC, CTR, GCM), AES (GCM)
* 分组密码SM4 (CBC/CTR/GCM), AES (CBC/CTR/GCM)
* 序列密码ZUC/ZUC-256, ChaCha20, RC4
* 哈希函数: SM3, SHA-224/256/384/512, SHA-1, MD5
* 公钥密码算法SM2, SM9, ECDH, ECDSA
* 椭圆曲线参数SM2, NIST-P256
* 伪随机数生成器HASH_DRBG (NIST.SP.800-90A)
* 公钥密码SM2加密/签名, SM9加密/签名
* MAC算法HMAC, GHASH
* 密钥导出函数PBKDF2、HKDF
* 随机数生成器Intel RDRAND, HASH_DRBG (NIST.SP.800-90A)
### PKI相关标准
### 证书和数字信封
* 数字证书X.509证书, CRL, CSR (PKCS #10)
* 私钥加密格式:口令加密私钥PEM格式 (PKCS #8)
* 数字信封SM2加密签名消 (GM/T 0010-2012)
* 数字证书X.509证书, CRL证书注销列表, CSR (PKCS #10) 证书签名请求
* 私钥加密:基于SM4/SM3口令加密PEM格式私钥 (PKCS #8)
* 数字信封SM2密码消息 (GM/T 0010-2012)
### SSL协议
* TLCP 1.1,支持密码套件:`ECDHE_SM4_CBC_SM3 {0xE0,0x11}` (GB/T 38636-2020、GM/T 0024-2014)
* TLS 1.2,支持密码套件`ECDHE_SM4_CBC_SM3 {0xE0,0x11}` (GB/T 38636-2020、GM/T 0024-2014、RFC 5246)
* TLS 1.3,支持密码套件`TLS_SM4_GCM_SM3 {0x00,0xC6}` +ECDHE/SM2 (RFC 8998), `TLS_AES_128_GCM_SHA256` + ECDHE/ECDSA/NIST-P256
* TLCP 1.1,支持密码套`TLS_ECC_SM4_CBC_SM3 {0xE0,0x13}` (GB/T 38636-2020、GM/T 0024-2014)
* TLS 1.2,支持密码套件`TLS_ECDHE_SM4_CBC_SM3 {0xE0,0x11}` (GB/T 38636-2020、GM/T 0024-2014)
* TLS 1.3,支持密码套件`TLS_SM4_GCM_SM3 {0x00,0xC6}` (RFC 8998)
## 典型应用
#### Nginx-with-GmSSL3.0
GmSSL支持Nginx的适配并提供了Docker实现具体参见[Nginx-with-GmSSL3.0](https://github.com/zhaoxiaomeng/Nginx-with-GmSSLv3) 项目。

2
include/gmssl/tls.h
View File

@@ -889,7 +889,7 @@ int tls13_gcm_decrypt(const BLOCK_CIPHER_KEY *key, const uint8_t iv[12],
#define TLS_DEBUG
//#define TLS_DEBUG
#ifdef TLS_DEBUG
# define tls_trace(s) fprintf(stderr,(s))

2
src/sm2_alg.c
View File

@@ -342,8 +342,6 @@ void sm2_bn_rand_range(SM2_BN r, const SM2_BN range)
} while (sm2_bn_cmp(r, range) >= 0);
}
typedef SM2_BN SM2_Fp;
void sm2_fp_add(SM2_Fp r, const SM2_Fp a, const SM2_Fp b)
{
sm2_bn_add(r, a, b);

4
src/tlcp.c
View File

@@ -446,12 +446,14 @@ int tlcp_do_connect(TLS_CONNECT *conn)
sm3_hmac_init(&conn->server_write_mac_ctx, conn->key_block + 32, 32);
sm4_set_encrypt_key(&conn->client_write_enc_key, conn->key_block + 64);
sm4_set_decrypt_key(&conn->server_write_enc_key, conn->key_block + 80);
/*
tls_secrets_print(stderr,
pre_master_secret, 48,
client_random, server_random,
conn->master_secret,
conn->key_block, 96,
0, 4);
*/
// send ClientKeyExchange
tls_trace("send ClientKeyExchange\n");
@@ -926,12 +928,14 @@ int tlcp_do_accept(TLS_CONNECT *conn)
sm3_hmac_init(&conn->server_write_mac_ctx, conn->key_block + 32, 32);
sm4_set_decrypt_key(&conn->client_write_enc_key, conn->key_block + 64);
sm4_set_encrypt_key(&conn->server_write_enc_key, conn->key_block + 80);
/*
tls_secrets_print(stderr,
pre_master_secret, 48,
client_random, server_random,
conn->master_secret,
conn->key_block, 96,
0, 4);
*/
// recv [ChangeCipherSpec]
tls_trace("recv [ChangeCipherSpec]\n");

8
src/tls.c
View File

@@ -308,7 +308,6 @@ int tls_record_set_data(uint8_t *record, const uint8_t *data, size_t datalen)
return 1;
}
int tls_cbc_encrypt(const SM3_HMAC_CTX *inited_hmac_ctx, const SM4_KEY *enc_key,
const uint8_t seq_num[8], const uint8_t header[5],
const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen)
@@ -327,6 +326,10 @@ int tls_cbc_encrypt(const SM3_HMAC_CTX *inited_hmac_ctx, const SM4_KEY *enc_key,
error_print_msg("invalid tls record data length %zu\n", inlen);
return -1;
}
if ((((size_t)header[3]) << 8) + header[4] != inlen) {
error_print();
return -1;
}
rem = (inlen + 32) % 16;
memcpy(last_blocks, in + inlen - rem, rem);
@@ -405,6 +408,7 @@ int tls_cbc_decrypt(const SM3_HMAC_CTX *inited_hmac_ctx, const SM4_KEY *dec_key,
}
*outlen = inlen - 32 - padding_len - 1;
header[0] = enced_header[0];
header[1] = enced_header[1];
header[2] = enced_header[2];
@@ -1717,6 +1721,8 @@ int tls_send(TLS_CONNECT *conn, const uint8_t *in, size_t inlen, size_t *sentlen
tls_trace("send ApplicationData\n");
format_bytes(stderr, 0, 0, "tls_send: payload", in, inlen);
if (tls_record_set_type(record, TLS_record_application_data) != 1
|| tls_record_set_protocol(record, conn->protocol) != 1
|| tls_record_set_length(record, inlen) != 1) {

4
src/tls12.c
View File

@@ -538,12 +538,14 @@ int tls12_do_connect(TLS_CONNECT *conn)
sm3_hmac_init(&conn->server_write_mac_ctx, conn->key_block + 32, 32);
sm4_set_encrypt_key(&conn->client_write_enc_key, conn->key_block + 64);
sm4_set_decrypt_key(&conn->server_write_enc_key, conn->key_block + 80);
/*
tls_secrets_print(stderr,
pre_master_secret, 48,
client_random, server_random,
conn->master_secret,
conn->key_block, 96,
0, 4);
*/
// send ClientKeyExchange
tls_trace("send ClientKeyExchange\n");
@@ -1002,8 +1004,10 @@ int tls12_do_accept(TLS_CONNECT *conn)
sm3_hmac_init(&conn->server_write_mac_ctx, conn->key_block + 32, 32);
sm4_set_decrypt_key(&conn->client_write_enc_key, conn->key_block + 64);
sm4_set_encrypt_key(&conn->server_write_enc_key, conn->key_block + 80);
/*
tls_secrets_print(stderr, pre_master_secret, 32, client_random, server_random,
conn->master_secret, conn->key_block, 96, 0, 4);
*/
// recv [ChangeCipherSpec]
tls_trace("recv [ChangeCipherSpec]\n");

94
tests/asn1test.c
View File

@@ -53,6 +53,7 @@
#include <gmssl/asn1.h>
#include <gmssl/error.h>
static void print_buf(const uint8_t *a, size_t len)
{
size_t i;
@@ -103,7 +104,7 @@ static int test_asn1_tag(void)
format_print(stderr, 0, 4, "%s (0x%02x)\n", asn1_tag_name(i), i);
}
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int test_asn1_length(void)
@@ -153,7 +154,7 @@ static int test_asn1_length(void)
}
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int test_asn1_boolean(void)
@@ -188,7 +189,7 @@ static int test_asn1_boolean(void)
}
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int test_asn1_int(void)
@@ -249,7 +250,7 @@ static int test_asn1_int(void)
}
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int test_asn1_bits(void)
@@ -298,7 +299,7 @@ static int test_asn1_bits(void)
if (asn1_bits_from_der(&bits, &cp, &len) != 1
|| asn1_check(bits == tests[i]) != 1) {
error_print();
return 1;
return -1;
}
format_print(stderr, 0, 4, "%x\n", bits);
}
@@ -307,7 +308,7 @@ static int test_asn1_bits(void)
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int test_asn1_null(void)
@@ -338,15 +339,15 @@ static int test_asn1_null(void)
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int test_asn1_object_identifier(void)
{
int err = 0;
format_print(stderr, 0, 0, "%s\n", asn1_tag_name(ASN1_TAG_OBJECT_IDENTIFIER));
if (1) {
// test 1
{
char *name = "sm2";
uint32_t oid[] = { 1,2,156,10197,1,301 };
uint8_t der[] = { 0x06, 0x08, 0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x82, 0x2D };
@@ -364,15 +365,16 @@ static int test_asn1_object_identifier(void)
|| asn1_object_identifier_from_der(nodes, &nodes_cnt, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1
|| asn1_object_identifier_equ(nodes, nodes_cnt, oid, sizeof(oid)/sizeof(int)) != 1) {
printf("failed\n");
fprintf(stderr, "failed\n");
error_print();
err++;
return -1;
} else {
printf("ok\n");
}
}
if (2) {
// test 2
{
char *name = "x9.62-ecPublicKey";
uint32_t oid[] = { 1,2,840,10045,2,1 };
uint8_t der[] = { 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01 };
@@ -390,16 +392,16 @@ static int test_asn1_object_identifier(void)
|| asn1_object_identifier_from_der(nodes, &nodes_cnt, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1
|| asn1_object_identifier_equ(nodes, nodes_cnt, oid, sizeof(oid)/sizeof(int)) != 1) {
printf("failed\n");
fprintf(stderr, "failed\n");
error_print();
err++;
return -1;
} else {
printf("ok\n");
}
}
if (!err) printf("%s() ok\n", __FUNCTION__);
return err;
printf("%s() ok\n", __FUNCTION__);
return 1;
}
static int test_asn1_printable_string(void)
@@ -419,7 +421,7 @@ static int test_asn1_printable_string(void)
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
if (asn1_printable_string_to_der(tests[i], strlen(tests[i]), &p, &len) != 1) {
error_print();
return 1;
return -1;
}
format_bytes(stderr, 0, 4, "", buf, len);
}
@@ -430,7 +432,7 @@ static int test_asn1_printable_string(void)
|| strlen(tests[i]) != dlen
|| memcmp(tests[i], d, dlen) != 0) {
error_print();
return 1;
return -1;
}
format_string(stderr, 0, 4, "", (uint8_t *)d, dlen);
}
@@ -439,7 +441,7 @@ static int test_asn1_printable_string(void)
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int test_asn1_utf8_string(void)
@@ -459,7 +461,7 @@ static int test_asn1_utf8_string(void)
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
if (asn1_utf8_string_to_der(tests[i], strlen(tests[i]), &p, &len) != 1) {
error_print();
return 1;
return -1;
}
format_bytes(stderr, 0, 4, "", buf, len);
}
@@ -470,7 +472,7 @@ static int test_asn1_utf8_string(void)
|| strlen(tests[i]) != dlen
|| memcmp(tests[i], d, dlen) != 0) {
error_print();
return 1;
return -1;
}
format_string(stderr, 0, 4, "", (uint8_t *)d, dlen);
}
@@ -479,7 +481,7 @@ static int test_asn1_utf8_string(void)
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int test_asn1_ia5_string(void)
@@ -499,7 +501,7 @@ static int test_asn1_ia5_string(void)
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
if (asn1_ia5_string_to_der(tests[i], strlen(tests[i]), &p, &len) != 1) {
error_print();
return 1;
return -1;
}
format_bytes(stderr, 0, 4, "", buf, len);
}
@@ -510,7 +512,7 @@ static int test_asn1_ia5_string(void)
|| strlen(tests[i]) != dlen
|| memcmp(tests[i], d, dlen) != 0) {
error_print();
return 1;
return -1;
}
format_string(stderr, 0, 4, "", (uint8_t *)d, dlen);
}
@@ -519,7 +521,7 @@ static int test_asn1_ia5_string(void)
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int test_time(void)
@@ -531,7 +533,7 @@ static int test_time(void)
printf("%08x%08x\n", (uint32_t)(tval >> 32), (uint32_t)tval);
return 0;
return 1;
}
static int test_asn1_utc_time(void)
@@ -571,7 +573,7 @@ static int test_asn1_utc_time(void)
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int test_asn1_generalized_time(void)
@@ -592,7 +594,7 @@ static int test_asn1_generalized_time(void)
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
if (asn1_generalized_time_to_der(tests[i], &p, &len) != 1) {
error_print();
return 1;
return -1;
}
format_bytes(stderr, 0, 4, "", buf, len);
}
@@ -601,7 +603,7 @@ static int test_asn1_generalized_time(void)
if (asn1_generalized_time_from_der(&tv, &cp, &len) != 1
|| asn1_check(tv == tests[i]) != 1) {
error_print();
return 1;
return -1;
}
format_print(stderr, 0, 4, "%s", ctime(&tv));
}
@@ -610,24 +612,26 @@ static int test_asn1_generalized_time(void)
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
int main(void)
{
int err = 0;
err += test_asn1_tag();
err += test_asn1_length();
err += test_asn1_boolean();
err += test_asn1_int();
err += test_asn1_bits();
err += test_asn1_null();
err += test_asn1_object_identifier();
err += test_asn1_printable_string();
err += test_asn1_utf8_string();
err += test_asn1_ia5_string();
err += test_asn1_utc_time();
err += test_asn1_generalized_time();
return err;
if (test_asn1_tag() != 1) goto err;
if (test_asn1_length() != 1) goto err;
if (test_asn1_boolean() != 1) goto err;
if (test_asn1_int() != 1) goto err;
if (test_asn1_bits() != 1) goto err;
if (test_asn1_null() != 1) goto err;
if (test_asn1_object_identifier() != 1) goto err;
if (test_asn1_printable_string() != 1) goto err;
if (test_asn1_utf8_string() != 1) goto err;
if (test_asn1_ia5_string() != 1) goto err;
if (test_asn1_utc_time() != 1) goto err;
if (test_asn1_generalized_time() != 1) goto err;
printf("%s all tests passed\n", __FILE__);
return 0;
err:
error_print();
return -1;
}

18
tests/base64test.c
View File

@@ -53,10 +53,9 @@
#include <gmssl/base64.h>
#include <gmssl/error.h>
int test_base64(void)
{
int err = 0;
static int test_base64(void)
{
uint8_t bin1[50];
uint8_t bin2[100];
uint8_t bin3[200];
@@ -92,17 +91,20 @@ int test_base64(void)
|| memcmp(buf2 + sizeof(bin1), bin2, sizeof(bin2)) != 0
|| memcmp(buf2 + sizeof(bin1) + sizeof(bin2), bin3, sizeof(bin3)) != 0) {
printf("failed\n");
err++;
return -1;
} else {
printf("ok\n");
}
return err;
return 1;
}
int main(void)
{
int err = 0;
err += test_base64();
return err;
if (test_base64() != 1) goto err;
printf("%s all tests passed\n", __FILE__);
return 0;
err:
error_print();
return -1;
}

3
tests/block_ciphertest.c
View File

@@ -53,6 +53,5 @@
int main(void)
{
int err = 0;
return err;
return 0;
}

19
tests/ectest.c
View File

@@ -96,7 +96,7 @@ static int test_ec_named_curve(void)
(void)asn1_length_is_zero(len);
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int test_ec_point_print(void)
@@ -117,7 +117,7 @@ static int test_ec_point_print(void)
ec_point_print(stderr, 0, 4, "ECPoint", buf, len);
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int test_ec_private_key_print(void)
@@ -143,14 +143,17 @@ static int test_ec_private_key_print(void)
ec_private_key_print(stderr, 0, 4, "ECPrivateKey", d, dlen);
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
int main(void)
{
int err = 0;
err += test_ec_named_curve();
err += test_ec_point_print();
err += test_ec_private_key_print();
return err;
if (test_ec_named_curve() != 1) goto err;
if (test_ec_point_print() != 1) goto err;
if (test_ec_private_key_print() != 1) goto err;
printf("%s all tests passed\n", __FILE__);
return 0;
err:
error_print();
return -1;
}

133
tests/tlstest.c
View File

@@ -94,16 +94,16 @@ static int test_tls_encode(void)
|| tls_uint24array_from_bytes(&pdata, &datalen, &cp, &len) != 1 || datalen != 7 || memcmp(pdata, data, 7) != 0
|| len > 0) {
error_print();
return 1;
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int test_tls_cbc(void)
{
uint8_t key[32];
uint8_t key[32] = {0};
SM3_HMAC_CTX hmac_ctx;
SM4_KEY sm4_key;
uint8_t seq_num[8] = { 0,0,0,0,0,0,0,1 };
@@ -114,22 +114,23 @@ static int test_tls_cbc(void)
size_t len;
size_t buflen;
header[0] = TLS_record_handshake;
header[1] = TLS_protocol_tls12 >> 8;
header[2] = TLS_protocol_tls12 & 0xff;
header[3] = sizeof(in) >> 8;
header[4] = sizeof(in) & 0xff;
sm3_hmac_init(&hmac_ctx, key, 32);
sm4_set_encrypt_key(&sm4_key, key);
tls_cbc_encrypt(&hmac_ctx, &sm4_key, seq_num, header, in, sizeof(in), out, &len);
printf("%zu\n", len);
print_der(out, len);
printf("\n");
sm3_hmac_init(&hmac_ctx, key, 32);
sm4_set_decrypt_key(&sm4_key, key);
tls_cbc_decrypt(&hmac_ctx, &sm4_key, seq_num, header, out, len, buf, &buflen);
printf("%s\n", buf);
return 0;
printf("%s() ok\n", __FUNCTION__);
return 1;
}
static int test_tls_random(void)
@@ -139,7 +140,7 @@ static int test_tls_random(void)
tls_random_print(stdout, random, 0, 0);
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int test_tls_client_hello(void)
@@ -147,24 +148,25 @@ static int test_tls_client_hello(void)
uint8_t record[512];
size_t recordlen = 0;
int version = TLS_version_tlcp;
int version = TLS_protocol_tlcp;
uint8_t random[32];
int cipher_suites[] = {
TLCP_cipher_ecc_sm4_cbc_sm3,
TLCP_cipher_ecc_sm4_gcm_sm3,
TLCP_cipher_ecdhe_sm4_cbc_sm3,
TLCP_cipher_ecdhe_sm4_gcm_sm3,
TLCP_cipher_ibsdh_sm4_cbc_sm3,
TLCP_cipher_ibsdh_sm4_gcm_sm3,
TLCP_cipher_ibc_sm4_cbc_sm3,
TLCP_cipher_ibc_sm4_gcm_sm3,
TLCP_cipher_rsa_sm4_cbc_sm3,
TLCP_cipher_rsa_sm4_gcm_sm3,
TLCP_cipher_rsa_sm4_cbc_sha256,
TLCP_cipher_rsa_sm4_gcm_sha256,
TLS_cipher_ecc_sm4_cbc_sm3,
TLS_cipher_ecc_sm4_gcm_sm3,
TLS_cipher_ecdhe_sm4_cbc_sm3,
TLS_cipher_ecdhe_sm4_gcm_sm3,
TLS_cipher_ibsdh_sm4_cbc_sm3,
TLS_cipher_ibsdh_sm4_gcm_sm3,
TLS_cipher_ibc_sm4_cbc_sm3,
TLS_cipher_ibc_sm4_gcm_sm3,
TLS_cipher_rsa_sm4_cbc_sm3,
TLS_cipher_rsa_sm4_gcm_sm3,
TLS_cipher_rsa_sm4_cbc_sha256,
TLS_cipher_rsa_sm4_gcm_sha256,
};
int comp_meths[] = {0};
tls_record_set_protocol(record, TLS_protocol_tlcp);
if (tls_record_set_handshake_client_hello(record, &recordlen,
version,
random,
@@ -177,7 +179,7 @@ static int test_tls_client_hello(void)
tls_client_hello_print(stdout, record + 5 + 4, recordlen - 5 -4, 0, 4);
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int test_tls_server_hello(void)
@@ -186,12 +188,12 @@ static int test_tls_server_hello(void)
size_t recordlen = 0;
uint8_t random[32];
uint16_t cipher_suite = TLCP_cipher_ecdhe_sm4_cbc_sm3;
uint16_t cipher_suite = TLS_cipher_ecdhe_sm4_cbc_sm3;
tls_record_set_version(record, TLS_version_tlcp);
tls_record_set_protocol(record, TLS_protocol_tlcp);
if (tls_record_set_handshake_server_hello(record, &recordlen,
TLS_version_tlcp,
TLS_protocol_tlcp,
random,
NULL, 0,
cipher_suite,
@@ -202,7 +204,7 @@ static int test_tls_server_hello(void)
tls_server_hello_print(stdout, record + 5 + 4, recordlen - 5 -4, 0, 0);
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int test_tls_certificate(void)
@@ -212,6 +214,7 @@ static int test_tls_certificate(void)
FILE *fp = NULL;
// 测试函数不要有外部的依赖
// TODO: 输出一些握手过程的record字节数组和handshake字节数组作为后续测试的测试数据
/*
if (!(fp = fopen("cacert.pem", "r"))) {
@@ -226,51 +229,53 @@ static int test_tls_certificate(void)
*/
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int test_tls_server_key_exchange(void)
{
uint8_t record[1024];
size_t recordlen = 0;
uint8_t sig[77] = {0xAA, 0xBB};
uint8_t sig[SM2_MAX_SIGNATURE_SIZE] = {0xAA, 0xBB};
const uint8_t *psig;
size_t siglen;
tls_record_set_version(record, TLS_version_tlcp);
tls_record_set_protocol(record, TLS_protocol_tlcp);
if (tlcp_record_set_handshake_server_key_exchange_pke(record, &recordlen, sig, sizeof(sig)) != 1) {
error_print();
return -1;
}
if (tlcp_record_get_handshake_server_key_exchange_pke(record, sig, &siglen) != 1) {
if (tlcp_record_get_handshake_server_key_exchange_pke(record, &psig, &siglen) != 1) {
error_print();
return -1;
}
tls_server_key_exchange_print(stdout, sig, siglen, TLCP_cipher_ecc_sm4_gcm_sm3 << 8, 0);
format_bytes(stdout, 0, 0, "server_key_exchange siganture", psig, siglen);
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int test_tls_certificate_verify(void)
{
uint8_t record[1024];
size_t recordlen = 0;
uint8_t sig[77];
uint8_t sig[SM2_MAX_SIGNATURE_SIZE];
const uint8_t *psig;
size_t siglen;
tls_record_set_version(record, TLS_version_tls12);
tls_record_set_protocol(record, TLS_protocol_tls12);
if (tls_record_set_handshake_certificate_verify(record, &recordlen, sig, sizeof(sig)) != 1) {
error_print();
return -1;
}
if (tls_record_get_handshake_certificate_verify(record, sig, &siglen) != 1) {
if (tls_record_get_handshake_certificate_verify(record, &psig, &siglen) != 1) {
error_print();
return -1;
}
tls_certificate_verify_print(stdout, sig, siglen, 0, 0);
tls_certificate_verify_print(stdout, psig, siglen, 0, 0);
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int test_tls_finished(void)
@@ -278,19 +283,21 @@ static int test_tls_finished(void)
uint8_t record[1024];
size_t recordlen = 0;
uint8_t verify_data[12];
const uint8_t *verify_data_ptr;
size_t verify_data_len;
if (tls_record_set_handshake_finished(record, &recordlen, verify_data) != 1) {
if (tls_record_set_handshake_finished(record, &recordlen, verify_data, sizeof(verify_data)) != 1) {
error_print();
return -1;
}
if (tls_record_get_handshake_finished(record, verify_data) != 1) {
if (tls_record_get_handshake_finished(record, &verify_data_ptr, &verify_data_len) != 1) {
error_print();
return -1;
}
tls_finished_print(stdout, verify_data, 12, 0, 0);
tls_finished_print(stdout, verify_data_ptr, verify_data_len, 0, 0);
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int test_tls_alert(void)
@@ -311,7 +318,7 @@ static int test_tls_alert(void)
tls_alert_print(stdout, record + 5, recordlen - 5, 0, 0);
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int test_tls_change_cipher_spec(void)
@@ -330,7 +337,7 @@ static int test_tls_change_cipher_spec(void)
tls_change_cipher_spec_print(stdout, record + 5, recordlen - 5, 0, 0);
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
static int test_tls_application_data(void)
@@ -352,24 +359,26 @@ static int test_tls_application_data(void)
tls_application_data_print(stdout, p, len, 0, 0);
printf("%s() ok\n", __FUNCTION__);
return 0;
return 1;
}
int main(void)
{
int err = 0;
err += test_tls_encode();
err += test_tls_cbc();
err += test_tls_random();
err += test_tls_client_hello();
err += test_tls_server_hello();
err += test_tls_certificate();
err += test_tls_server_key_exchange();
err += test_tls_certificate_verify();
err += test_tls_finished();
err += test_tls_alert();
err += test_tls_change_cipher_spec();
err += test_tls_application_data();
if (err == 0) printf("%s all tests passed\n", __FILE__);
return err;
if (test_tls_encode() != 1) goto err;
if (test_tls_cbc() != 1) goto err;
if (test_tls_random() != 1) goto err;
if (test_tls_client_hello() != 1) goto err;
if (test_tls_server_hello() != 1) goto err;
if (test_tls_certificate() != 1) goto err;
if (test_tls_server_key_exchange() != 1) goto err;
if (test_tls_certificate_verify() != 1) goto err;
if (test_tls_finished() != 1) goto err;
if (test_tls_alert() != 1) goto err;
if (test_tls_change_cipher_spec() != 1) goto err;
if (test_tls_application_data() != 1) goto err;
printf("%s all tests passed\n", __FILE__);
return 0;
err:
error_print();
return -1;
}

16
tests/x509_exttest.c
View File

@@ -506,18 +506,10 @@ static int test_x509_policy_mapping(void)
// 这里的一些OID应该在RFC中有但是我们不实现
static int test_x509_attribute(void)
{
return -1;
// TODO
return 1;
}
static int test_x509_basic_constraints(void)
{
uint8_t buf[256];
@@ -880,10 +872,6 @@ static int test_x509_cert_with_exts(void)
return 1;
}
int main(int argc, char **argv)
{
if (test_x509_other_name() != 1) goto err;