abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-06-30 17:53:39 +08:00
Code Issues Packages Projects Releases Wiki Activity

More tests

Browse Source
This commit is contained in:
Zhi Guan
2022-03-21 13:11:41 +08:00
parent ad1a4d66f9
commit 5ea884ce8f
50 changed files with 3319 additions and 1040 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
tests/aestest.c
View File

@@ -411,4 +411,3 @@ int main(void)
err += test_aes_gcm();
return err;
}

1
tests/asn1test.c
View File

@@ -629,6 +629,5 @@ int main(void)
err += test_asn1_ia5_string();
err += test_asn1_utc_time();
err += test_asn1_generalized_time();
return err;
}

3
tests/block_ciphertest.c
View File

@@ -53,5 +53,6 @@
int main(void)
{
return 0;
int err = 0;
return err;
}

553
tests/cmstest.c
View File

@@ -56,7 +56,558 @@
#include <gmssl/sm4.h>
#include <gmssl/cms.h>
int main(int argc, char **argv)
static int test_cms_content_type(void)
{
int tests[] = {
OID_cms_data,
OID_cms_signed_data,
OID_cms_enveloped_data,
OID_cms_signed_and_enveloped_data,
OID_cms_encrypted_data,
OID_cms_key_agreement_info,
};
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
int i;
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
if (cms_content_type_to_der(tests[i], &p, &len) != 1) {
error_print();
return -1;
}
format_bytes(stderr, 0, 4, "", buf, len);
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
int oid;
if (cms_content_type_from_der(&oid, &cp, &len) != 1
|| asn1_check(oid == tests[i]) != 1) {
error_print();
return -1;
}
format_print(stderr, 0, 4, "%s\n", cms_content_type_name(oid));
}
(void)asn1_length_is_zero(len);
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_cms_content_info(void)
{
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
uint8_t data[20] = { 0x01,0x02 };
int oid;
const uint8_t *d;
size_t dlen;
if (cms_content_info_to_der(OID_cms_data, data, sizeof(data), &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
cms_content_info_print(stderr, 0, 0, "ContentInfo", d, dlen);
p = buf;
cp = buf;
len = 0;
// 当类型为OID_cms_data, 数据是OCTET STRING需要再解析一次
if (cms_content_info_to_der(OID_cms_data, data, sizeof(data), &p, &len) != 1
|| cms_content_info_from_der(&oid, &d, &dlen, &cp, &len) != 1
|| asn1_check(oid == OID_cms_data) != 1
// || asn1_check(dlen == sizeof(data)) != 1
// || asn1_check(memcmp(data, d, dlen) == 0) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_cms_enced_content_info(void)
{
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
uint8_t iv[16] = {0};
uint8_t enced[32] = { 0x01,0x02 };
const uint8_t *d;
size_t dlen;
int oid;
int cipher;
const uint8_t *piv;
size_t ivlen;
const uint8_t *shared_info1;
size_t shared_info1_len;
const uint8_t *shared_info2;
size_t shared_info2_len;
if (cms_enced_content_info_to_der(OID_cms_data,
OID_sm4_cbc, iv, sizeof(iv), enced, sizeof(enced),
NULL, 0, NULL, 0, &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
cms_enced_content_info_print(stderr, 0, 0, "EncryptedContentInfo", d, dlen);
p = buf;
cp = buf;
len = 0;
if (cms_enced_content_info_to_der(OID_cms_data,
OID_sm4_cbc, iv, sizeof(iv), enced, sizeof(enced),
NULL, 0, NULL, 0, &p, &len) != 1
|| cms_enced_content_info_from_der(&oid,
&cipher, &piv, &ivlen, &d, &dlen,
&shared_info1, &shared_info1_len,
&shared_info2, &shared_info2_len, &cp, &len) != 1
|| asn1_check(oid == OID_cms_data) != 1
|| asn1_check(cipher == OID_sm4_cbc) != 1
|| asn1_check(ivlen == sizeof(iv)) != 1
|| asn1_check(dlen == sizeof(enced)) != 1
|| asn1_check(shared_info1 == NULL) != 1
|| asn1_check(shared_info1_len == 0) != 1
|| asn1_check(shared_info2 == NULL) != 1
|| asn1_check(shared_info2_len == 0) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_cms_enced_content_info_encrypt(void)
{
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
uint8_t key[16] = {0};
uint8_t iv[16] = {1};
uint8_t data[20] = {2};
const uint8_t *d;
size_t dlen;
int oid;
int cipher;
const uint8_t *piv;
size_t ivlen;
uint8_t data2[256];
const uint8_t *shared_info1;
size_t shared_info1_len;
const uint8_t *shared_info2;
size_t shared_info2_len;
if (cms_enced_content_info_encrypt_to_der(
OID_sm4_cbc,
key, sizeof(key),
iv, sizeof(iv),
OID_cms_data, data, sizeof(data),
NULL, 0,
NULL, 0,
&p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
cms_enced_content_info_print(stderr, 0, 0, "EncryptedContentInfo", d, dlen);
p = buf;
cp = buf;
len = 0;
if (cms_enced_content_info_encrypt_to_der(
OID_sm4_cbc,
key, sizeof(key),
iv, sizeof(iv),
OID_cms_data, data, sizeof(data),
NULL, 0,
NULL, 0,
&p, &len) != 1
// 显然这个解密函数是有问题的在from_der的时候不知道密文的长度因此无法知道需要的输出缓冲长度
|| cms_enced_content_info_decrypt_from_der(
&cipher,
key, sizeof(key),
&oid, data2, &dlen,
&shared_info1, &shared_info1_len,
&shared_info2, &shared_info2_len,
&cp, &len) != 1
|| asn1_check(cipher == OID_sm4_cbc) != 1
|| asn1_check(oid = OID_cms_data) != 1
|| asn1_check(dlen == sizeof(data)) != 1
|| asn1_check(memcmp(data, data2, dlen) == 0) != 1
|| asn1_check(shared_info1 == NULL) != 1
|| asn1_check(shared_info2 == NULL) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_cms_issuer_and_serial_number(void)
{
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
uint8_t issuer[256];
size_t issuer_len;
uint8_t serial[20] = {1};
const uint8_t *d;
size_t dlen;
const uint8_t *pissuer;
const uint8_t *pserial;
size_t serial_len;
if (x509_name_set(issuer, &issuer_len, sizeof(issuer),
"CN", "Beijing", "Haidian", "PKU", "CS", "CA") != 1
|| cms_issuer_and_serial_number_to_der(
issuer, issuer_len, serial, sizeof(serial), &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
cms_issuer_and_serial_number_print(stderr, 0, 0, "IssuerAndSerialNumber", d, dlen);
p = buf;
cp = buf;
len = 0;
if (x509_name_set(issuer, &issuer_len, sizeof(issuer),
"CN", "Beijing", "Haidian", "PKU", "CS", "CA") != 1
|| cms_issuer_and_serial_number_to_der(
issuer, issuer_len, serial, sizeof(serial), &p, &len) != 1
|| cms_issuer_and_serial_number_from_der(
&pissuer, &issuer_len, &pserial, &serial_len, &cp, &len) != 1
|| asn1_check(memcmp(pissuer, issuer, issuer_len) == 0) != 1
|| asn1_check(serial_len == sizeof(serial)) != 1
|| asn1_check(memcmp(serial, pserial, serial_len) == 0) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_cms_signer_info(void)
{
uint8_t buf[512];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
uint8_t issuer_buf[256];
size_t issuer_len;
uint8_t serial_buf[20];
uint8_t sig_buf[256];
size_t siglen;
int version;
const uint8_t *issuer;
const uint8_t *serial;
size_t serial_len;
int digest_alg;
const uint8_t *auth_attrs;
size_t auth_attrs_len;
int sig_alg;
const uint8_t *sig;
const uint8_t *unauth_attrs;
size_t unauth_attrs_len;
if (x509_name_set(issuer_buf, &issuer_len, sizeof(issuer_buf),
"CN", "Beijing", "Haidian", "PKU", "CS", "CA") != 1) {
error_print();
return -1;
}
if (cms_signer_info_to_der(
CMS_version_v1,
issuer_buf, issuer_len,
serial_buf, sizeof(serial_buf),
OID_sm3,
NULL, 0,
OID_sm2sign_with_sm3,
sig_buf, siglen,
NULL, 0,
&p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
cms_signer_info_print(stderr, 0, 0, "SignerInfo", d, dlen);
cp = p = buf; len = 0;
if (cms_signer_info_to_der(
CMS_version_v1,
issuer_buf, issuer_len,
serial_buf, sizeof(serial_buf),
OID_sm3,
NULL, 0,
OID_sm2sign_with_sm3,
sig_buf, siglen,
NULL, 0,
&p, &len) != 1
|| cms_signer_info_from_der(
&version,
&issuer, &issuer_len,
&serial, &serial_len,
&digest_alg,
&auth_attrs, &auth_attrs_len,
&sig_alg,
&sig, &siglen,
&unauth_attrs, &unauth_attrs_len,
&cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_cms_signer_info_sign(void)
{
uint8_t buf[512];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
SM3_CTX sm3_ctx;
SM2_KEY sm2_key;
uint8_t issuer_buf[256];
size_t issuer_len;
uint8_t serial_buf[20];
uint8_t auth_attrs_buf[80];
// 这个函数的验证是需要证书的
uint8_t certs[1024];
size_t certslen;
const uint8_t *cert;
size_t certlen;
const uint8_t *issuer;
const uint8_t *serial;
size_t serial_len;
const uint8_t *auth_attrs;
size_t auth_attrs_len;
const uint8_t *unauth_attrs;
size_t unauth_attrs_len;
sm2_key_generate(&sm2_key);
sm3_init(&sm3_ctx);
sm3_update(&sm3_ctx, (uint8_t *)"hello", 5);
x509_name_set(issuer_buf, &issuer_len, sizeof(issuer_buf), "CN", "Beijing", "Haidian", "PKU", "CS", "CA");
if (cms_signer_info_sign_to_der(
&sm3_ctx, &sm2_key,
issuer_buf, issuer_len,
serial_buf, sizeof(serial_buf),
NULL, 0,
NULL, 0,
&p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
cms_signer_info_print(stderr, 0, 0, "SignerInfo", d, dlen);
cp = p = buf; len = 0;
if (cms_signer_info_sign_to_der(
&sm3_ctx, &sm2_key,
issuer_buf, issuer_len,
serial_buf, sizeof(serial_buf),
NULL, 0,
NULL, 0,
&p, &len) != 1
|| cms_signer_info_verify_from_der(
&sm3_ctx, certs, certslen,
&cert, &certlen,
&issuer, &issuer_len,
&serial, &serial_len,
&auth_attrs, &auth_attrs_len,
&unauth_attrs, &unauth_attrs_len,
&cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_cms_signer_infos(void)
{
uint8_t buf[1280];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
uint8_t signer_infos[1024];
size_t signer_infos_len = 0;
SM3_CTX sm3_ctx;
SM2_KEY sm2_key;
uint8_t issuer_buf[256];
size_t issuer_len;
uint8_t serial_buf[20];
sm2_key_generate(&sm2_key);
sm3_init(&sm3_ctx);
sm3_update(&sm3_ctx, (uint8_t *)"hello", 5);
x509_name_set(issuer_buf, &issuer_len, sizeof(issuer_buf), "CN", "Beijing", "Haidian", "PKU", "CS", "CA");
if (cms_signer_infos_add_signer_info(
signer_infos, &signer_infos_len, sizeof(signer_infos),
&sm3_ctx, &sm2_key,
issuer_buf, issuer_len,
serial_buf, sizeof(serial_buf),
NULL, 0,
NULL, 0) != 1
|| cms_signer_infos_add_signer_info(
signer_infos, &signer_infos_len, sizeof(signer_infos),
&sm3_ctx, &sm2_key,
issuer_buf, issuer_len,
serial_buf, sizeof(serial_buf),
NULL, 0,
NULL, 0) != 1
|| cms_signer_infos_add_signer_info(
signer_infos, &signer_infos_len, sizeof(signer_infos),
&sm3_ctx, &sm2_key,
issuer_buf, issuer_len,
serial_buf, sizeof(serial_buf),
NULL, 0,
NULL, 0) != 1
|| cms_signer_infos_to_der(signer_infos, signer_infos_len, &p, &len) != 1
|| cms_signer_infos_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1){
error_print();
return -1;
}
cms_signer_infos_print(stderr, 0, 0, "SET OF SignerInfo", d, dlen);
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_cms_digest_algors(void)
{
uint8_t buf[512];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
int oids[] = {
OID_sm3,
OID_md5,
OID_sha1,
OID_sha256,
OID_sha512,
};
int algs[16];
size_t algs_cnt;
if (cms_digest_algors_to_der(oids, sizeof(oids)/sizeof(oids[0]), &p, &len) != 1
|| asn1_set_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
cms_digest_algors_print(stderr, 0, 0, "digestAlgorithms", d, dlen);
if (cms_digest_algors_to_der(oids, sizeof(oids)/sizeof(oids[0]), &p, &len) != 1
|| cms_digest_algors_from_der(algs, &algs_cnt, sizeof(algs)/sizeof(algs[0]), &cp, &len) != 1
|| asn1_check(algs_cnt == sizeof(oids)/sizeof(oids[0])) != 1
|| asn1_check(memcmp(algs, oids, sizeof(oids)) == 0) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_cms_signed_data(void)
{
// 这个函数需要证书了,我们需要一个很容易生成证书的函数。
return -1;
}
int main(int argc, char **argv)
{
int err;
err += test_cms_content_type();
err += test_cms_content_info();
err += test_cms_enced_content_info();
err += test_cms_enced_content_info_encrypt();
err += test_cms_issuer_and_serial_number();
err += test_cms_signer_info();
err += test_cms_signer_info_sign();
err += test_cms_signer_infos();
err += test_cms_digest_algors();
return err;
}

5
tests/destest.c
View File

@@ -53,8 +53,9 @@
#include <gmssl/des.h>
int main(int argc, char **argv)
int main(void)
{
return 0;
int err = 0;
return err;
}

101
tests/ectest.c
View File

@@ -49,9 +49,108 @@
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/ec.h>
#include <gmssl/error.h>
static int test_ec_named_curve(void)
{
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
char *curves[] = {
"sm2p256v1",
"prime192v1",
"prime256v1",
"secp256k1",
"secp384r1",
"secp521r1",
};
int oid;
int i;
for (i = 0; i < sizeof(curves)/sizeof(curves[0]); i++) {
if ((oid = ec_named_curve_from_name(curves[i])) == OID_undef) {
error_print();
return -1;
}
if (ec_named_curve_to_der(oid, &p, &len) != 1) {
error_print();
return -1;
}
}
for (i = 0; i < sizeof(curves)/sizeof(curves[0]); i++) {
if (ec_named_curve_from_der(&oid, &cp, &len) != 1) {
error_print();
return -1;
}
if (oid != ec_named_curve_from_name(curves[i])) {
error_print();
return -1;
}
format_print(stderr, 0, 4, "%s\n", ec_named_curve_name(oid));
}
(void)asn1_length_is_zero(len);
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_ec_point_print(void)
{
SM2_KEY sm2_key;
uint8_t buf[256];
uint8_t *p = buf;
size_t len = 0;
if (sm2_key_generate(&sm2_key) != 1) {
error_print();
return -1;
}
if (sm2_point_to_der(&(sm2_key.public_key), &p, &len) != 1) {
error_print();
return -1;
}
ec_point_print(stderr, 0, 4, "ECPoint", buf, len);
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_ec_private_key_print(void)
{
SM2_KEY sm2_key;
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
if (sm2_key_generate(&sm2_key) != 1) {
error_print();
return -1;
}
if (sm2_private_key_to_der(&sm2_key, &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
ec_private_key_print(stderr, 0, 4, "ECPrivateKey", d, dlen);
printf("%s() ok\n", __FUNCTION__);
return 0;
}
int main(void)
{
return 0;
int err = 0;
err += test_ec_named_curve();
err += test_ec_point_print();
err += test_ec_private_key_print();
return err;
}

7
tests/hkdftest.c
View File

@@ -243,11 +243,12 @@ int test_hkdf(void)
printf("\n");
}
return 1;
return 0;
}
int main(void)
{
test_hkdf();
return 0;
int err = 0;
err += test_hkdf();
return err;
}

6
tests/pkcs8test.c
View File

@@ -390,6 +390,7 @@ static int test_pkcs8(void)
return -1;
}
pkcs8_enced_private_key_info_print(stderr, 0, 0, "test_pkcs8: 392", d, dlen);
fprintf(stderr, "\n");
}
memset(&sm2_key, 0, sizeof(sm2_key));
@@ -398,6 +399,7 @@ static int test_pkcs8(void)
error_print();
return -1;
}
fprintf(stderr, "\n");
sm2_key_print(stderr, 0, 0, "SM2_KEY", &sm2_key);
printf("%s() ok\n", __FUNCTION__);
@@ -441,13 +443,15 @@ static int test_pkcs8_pem(void)
int main(void)
{
int err = 0;
/*
err += test_pbkdf2_params();
err += test_pbkdf2_algor();
err += test_pbes2_enc_algor();
err += test_pbes2_params();
err += test_pbes2_algor();
err += test_pkcs8_enced_private_key_info();
*/
err += test_pkcs8();
err += test_pkcs8_pem();
// err += test_pkcs8_pem();
return err;
}

645
tests/sm2test.c
View File

@@ -49,231 +49,594 @@
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/asn1.h>
#include <gmssl/error.h>
#include <gmssl/sm2.h>
#include <gmssl/pkcs8.h>
// SM2还需要大量的测试覆盖
/*
void sm2_point_to_compressed_octets(const SM2_POINT *P, uint8_t out[33]);
void sm2_point_to_uncompressed_octets(const SM2_POINT *P, uint8_t out[65]);
int sm2_point_from_octets(SM2_POINT *P, const uint8_t *in, size_t inlen);
int sm2_point_from_x(SM2_POINT *P, const uint8_t x[32]);
int sm2_point_from_xy(SM2_POINT *P, const uint8_t x[32], const uint8_t y[32]);
int sm2_point_is_on_curve(const SM2_POINT *P);
*/
static int test_sm2_point(void)
{
SM2_POINT P;
SM2_POINT P, Q;
uint8_t k[32] = {0};
uint8_t buf[65] = {0};
int i;
k[31] = 2;
for (i = 1; i < 8; i++) {
k[31] = (uint8_t)i;
printf("k = "); for (i = 0; i < 32; i++) printf("%02x", k[i]); printf("\n");
if (sm2_point_mul_generator(&P, k) != 1
|| sm2_point_is_on_curve(&P) != 1) {
error_print();
return -1;
}
format_print(stderr, 0, 0, "k = %d, ", i);
sm2_point_print(stderr, 0, 0, "k * G", &P);
sm2_point_mul_generator(&P, k);
memset(buf, 0, sizeof(buf));
sm2_point_to_compressed_octets(&P, buf);
format_bytes(stderr, 0, 4, "compressedPoint", buf, 33);
memset(&Q, 0, sizeof(Q));
if (sm2_point_from_x(&Q, buf + 1, buf[0]) != 1
|| memcmp(&P, &Q, sizeof(SM2_POINT)) != 0) {
sm2_point_print(stdout, 0, 4, "k * G", &P);
sm2_point_print(stderr, 0, 4, "P", &P);
sm2_point_print(stderr, 0, 4, "Q", &Q);
error_print();
return -1;
}
memset(buf, 0, sizeof(buf));
sm2_point_to_uncompressed_octets(&P, buf);
format_bytes(stderr, 0, 4, "compressedPoint", buf, 65);
memset(&Q, 0, sizeof(Q));
if (sm2_point_from_octets(&Q, buf, 65) != 1
|| memcmp(&P, &Q, sizeof(SM2_POINT)) != 0) {
error_print();
return -1;
}
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_sm2_point_der(void)
{
SM2_POINT P, Q;
uint8_t k[32] = {0};
uint8_t buf[512];
int i;
for (i = 1; i < 8; i++) {
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
k[31] = i;
memset(&P, 0, sizeof(P));
memset(&Q, 0, sizeof(Q));
if (sm2_point_mul_generator(&P, k) != 1
|| sm2_point_to_der(&P, &p, &len) != 1
|| format_bytes(stderr, 0, 4, "ECPoint", buf, len) != 1
|| sm2_point_from_der(&Q, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
if (memcmp(&P, &Q, sizeof(SM2_POINT)) != 0) {
error_print();
sm2_point_print(stderr, 0, 4, "P", &P);
sm2_point_print(stderr, 0, 4, "Q", &Q);
return -1;
}
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_sm2_point_octets(void)
{
SM2_POINT P, Q;
uint8_t k[32] = {0};
uint8_t buf[33];
int i;
for (i = 1; i < 8; i++) {
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
k[31] = i;
memset(&P, 0, sizeof(P));
memset(&Q, 0, sizeof(Q));
if (sm2_point_mul_generator(&P, k) != 1) {
error_print();
return -1;
}
sm2_point_to_compressed_octets(&P, buf);
format_bytes(stderr, 0, 4, "compressedPoint", buf, sizeof(buf));
if (sm2_point_from_octets(&Q, buf, sizeof(buf)) != 1) {
error_print();
return -1;
}
if (memcmp(&P, &Q, sizeof(SM2_POINT)) != 0) {
error_print();
sm2_point_print(stderr, 0, 4, "P", &P);
sm2_point_print(stderr, 0, 4, "Q", &Q);
return -1;
}
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_sm2_point_from_x(void)
{
SM2_POINT P, Q;
uint8_t k[32] = {0};
uint8_t buf[33];
int i;
for (i = 1; i < 8; i++) {
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
k[31] = i;
memset(&P, 0, sizeof(P));
memset(&Q, 0, sizeof(Q));
if (sm2_point_mul_generator(&P, k) != 1) {
error_print();
return -1;
}
sm2_point_to_compressed_octets(&P, buf);
if (sm2_point_from_x(&Q, buf + 1, buf[0]) != 1) {
error_print();
return -1;
}
if (memcmp(&P, &Q, sizeof(SM2_POINT)) != 0) {
error_print();
sm2_point_print(stderr, 0, 4, "P", &P);
sm2_point_print(stderr, 0, 4, "Q", &Q);
return -1;
}
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_sm2_signature(void)
{
SM2_SIGNATURE sig;
uint8_t buf[512];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
// MinLen
memset(&sig, 0x00, sizeof(sig));
cp = p = buf; len = 0;
if (sm2_signature_to_der(&sig, &p, &len) != 1) {
error_print();
return -1;
}
format_print(stderr, 0, 4, "SM2_MIN_SIGNATURE_SIZE: %zu\n", len);
format_bytes(stderr, 0, 4, "", buf, len);
sm2_signature_print(stderr, 0, 4, "signature", buf, len);
if (len != SM2_MIN_SIGNATURE_SIZE) {
error_print();
return -1;
}
if (sm2_signature_from_der(&sig, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
sm2_point_to_compressed_octets(&P, buf);
for (i = 0; i < 33; i++) printf("%02x", buf[i]); printf("\n");
// MaxLen
memset(&sig, 0x80, sizeof(sig));
cp = p = buf; len = 0;
if (sm2_signature_to_der(&sig, &p, &len) != 1) {
error_print();
return -1;
}
format_print(stderr, 0, 4, "SM2_MAX_SIGNATURE_SIZE: %zu\n", len);
format_bytes(stderr, 0, 4, "", buf, len);
sm2_signature_print(stderr, 0, 4, "signature", buf, len);
if (len != SM2_MAX_SIGNATURE_SIZE) {
error_print();
return -1;
}
if (sm2_signature_from_der(&sig, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
memset(buf, 0, sizeof(buf));
sm2_point_to_uncompressed_octets(&P, buf);
for (i = 0; i < 65; i++) printf("%02x", buf[i]); printf("\n");
memset(&P, 0, sizeof(SM2_POINT));
/*
i = sm2_point_from_x(&P, buf + 1);
printf("sm2_point_from_x: %d\n", i);
*/
printf("%s() ok\n", __FUNCTION__);
return 0;
}
sm2_point_from_octets(&P, buf, 65);
static int test_sm2_sign(void)
{
int ret;
SM2_KEY sm2_key;
SM2_SIGN_CTX sign_ctx;
uint8_t msg[] = "Hello World!";
uint8_t sig[SM2_MAX_SIGNATURE_SIZE] = {0};
size_t siglen;
i = sm2_point_is_on_curve(&P);
printf("point_is_on_curve: %d\n", i);
if (sm2_key_generate(&sm2_key) != 1) {
error_print();
return -1;
}
sm2_key_print(stderr, 0, 4, "SM2_KEY", &sm2_key);
if (sm2_sign_init(&sign_ctx, &sm2_key, SM2_DEFAULT_ID, SM2_DEFAULT_ID_LENGTH) != 1
|| sm2_sign_update(&sign_ctx, msg, sizeof(msg)) != 1
|| sm2_sign_finish(&sign_ctx, sig, &siglen) != 1) {
error_print();
return -1;
}
format_bytes(stderr, 0, 4, "signature", sig, siglen);
sm2_signature_print(stderr, 0, 4, "signature", sig, siglen);
if (sm2_verify_init(&sign_ctx, &sm2_key, SM2_DEFAULT_ID, SM2_DEFAULT_ID_LENGTH) != 1
|| sm2_verify_update(&sign_ctx, msg, sizeof(msg)) != 1
|| (ret = sm2_verify_finish(&sign_ctx, sig, siglen)) != 1) {
error_print();
return -1;
}
format_print(stderr, 0, 4, "verification: %s\n", ret ? "success" : "failed");
// FIXME: 还应该增加验证不通过的测试
// 还应该增加底层的参数
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_sm2_ciphertext(void)
{
SM2_CIPHERTEXT C;
uint8_t buf[1024];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
// {0, 0, Hash, NULL}
memset(&C, 0, sizeof(SM2_CIPHERTEXT));
cp = p = buf; len = 0;
if (sm2_ciphertext_to_der(&C, &p, &len) != 1) {
error_print();
return -1;
}
format_print(stderr, 0, 4, "SM2_NULL_CIPHERTEXT_SIZE: %zu\n", len);
format_bytes(stderr, 0, 4, "", buf, len);
if (sm2_ciphertext_from_der(&C, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
// {0, 0, Hash, MinLen}
C.ciphertext_size = SM2_MIN_PLAINTEXT_SIZE;
cp = p = buf; len = 0;
if (sm2_ciphertext_to_der(&C, &p, &len) != 1) {
error_print();
return -1;
}
format_print(stderr, 0, 4, "SM2_MIN_PLAINTEXT_SIZE: %zu\n", SM2_MIN_PLAINTEXT_SIZE);
format_print(stderr, 0, 4, "SM2_MIN_CIPHERTEXT_SIZE: %zu\n", len);
format_bytes(stderr, 0, 4, "", buf, len);
if (len != SM2_MIN_CIPHERTEXT_SIZE) {
error_print();
return -1;
}
if (sm2_ciphertext_from_der(&C, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
// { 33, 33, Hash, NULL }
memset(&C, 0x80, sizeof(SM2_POINT));
cp = p = buf; len = 0;
if (sm2_ciphertext_to_der(&C, &p, &len) != 1) {
error_print();
return -1;
}
format_print(stderr, 0, 4, "ciphertext len: %zu\n", len);
format_bytes(stderr, 0, 4, "", buf, len);
if (sm2_ciphertext_from_der(&C, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
// { 33, 33, Hash, MaxLen }
C.ciphertext_size = SM2_MAX_PLAINTEXT_SIZE;//SM2_MAX_PLAINTEXT_SIZE;
cp = p = buf; len = 0;
if (sm2_ciphertext_to_der(&C, &p, &len) != 1) {
error_print();
return -1;
}
format_print(stderr, 0, 4, "SM2_MAX_PLAINTEXT_SIZE: %zu\n", SM2_MAX_PLAINTEXT_SIZE);
format_print(stderr, 0, 4, "SM2_MAX_CIPHERTEXT_SIZE: %zu\n", len);
format_bytes(stderr, 0, 4, "", buf, len);
if (len != SM2_MAX_CIPHERTEXT_SIZE) {
error_print();
return -1;
}
if (sm2_ciphertext_from_der(&C, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_sm2_do_encrypt(void)
{
SM2_KEY key;
SM2_KEY sm2_key;
uint8_t plaintext[] = "Hello World!";
uint8_t cipherbuf[SM2_CIPHERTEXT_SIZE(sizeof(plaintext))] = {0};
SM2_CIPHERTEXT *ciphertext = (SM2_CIPHERTEXT *)cipherbuf;
uint8_t plainbuf[sizeof(cipherbuf)] = {0};
SM2_CIPHERTEXT ciphertext;
uint8_t plainbuf[SM2_MAX_PLAINTEXT_SIZE] = {0};
size_t plainlen = 0;
int r = 0;
sm2_key_generate(&key);
if (sm2_key_generate(&sm2_key) != 1) {
error_print();
return -1;
}
sm2_do_encrypt(&key, plaintext, sizeof(plaintext), ciphertext);
if (sm2_do_encrypt(&sm2_key, plaintext, sizeof(plaintext), &ciphertext) != 1
|| sm2_do_decrypt(&sm2_key, &ciphertext, plainbuf, &plainlen) != 1) {
error_print();
return -1;
}
//sm2_ciphertext_print(stdout, 0, 4, "ciphertext", ciphertext);
if (plainlen != sizeof(plaintext)
|| memcmp(plainbuf, plaintext, sizeof(plaintext)) != 0) {
error_print();
return -1;
}
sm2_do_decrypt(&key, ciphertext, plainbuf, &plainlen);
printf("plaintext = %s\n", (char *)plainbuf);
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_sm2_sign(void)
static int test_sm2_encrypt(void)
{
SM2_KEY key;
SM2_SIGN_CTX ctx;
uint8_t msg[] = "Hello World!";
uint8_t sig[128] = {0};
size_t siglen = sizeof(sig);
int i;
int r;
sm2_key_generate(&key);
sm2_key_print(stdout, 0, 4, "sm2_key", &key);
sm2_sign_init(&ctx, &key, SM2_DEFAULT_ID, strlen(SM2_DEFAULT_ID));
sm2_sign_update(&ctx, msg, sizeof(msg));
sm2_sign_finish(&ctx, sig, &siglen);
sm2_signature_print(stdout, 0, 4, "signature", sig, siglen);
sm2_verify_init(&ctx, &key, SM2_DEFAULT_ID, strlen(SM2_DEFAULT_ID));
sm2_verify_update(&ctx, msg, sizeof(msg));
r = sm2_verify_finish(&ctx, sig, siglen);
printf("verify %s\n", r > 0 ? "success" : "failed");
return 0;
}
static int test_sm2_point_octets(void)
{
int err = 0;
SM2_KEY sm2_key;
SM2_POINT point;
uint8_t buf[65];
uint8_t msg[SM2_MAX_PLAINTEXT_SIZE];
uint8_t cbuf[SM2_MAX_CIPHERTEXT_SIZE+100];
uint8_t mbuf[SM2_MAX_CIPHERTEXT_SIZE];
size_t lens[] = {
// 0,
1,
16,
SM2_MAX_PLAINTEXT_SIZE,
};
size_t clen, mlen;
int i;
// compress
for (i = 0; i < 8; i++) {
uint8_t buf[33];
sm2_key_generate(&sm2_key);
sm2_point_to_compressed_octets(&sm2_key.public_key, buf);
if (sm2_point_from_octets(&point, buf, sizeof(buf)) != 1) {
if (sm2_key_generate(&sm2_key) != 1) {
error_print();
return -1;
}
for (i = 0; i < sizeof(msg); i++) {
msg[i] = (uint8_t)i;
}
for (i = 0; i < sizeof(lens)/sizeof(lens[0]); i++) {
format_bytes(stderr, 0, 4, "mesg", msg, lens[i]);
if (sm2_encrypt(&sm2_key, msg, lens[i], cbuf, &clen) != 1) {
error_print();
err++;
break;
return -1;
}
if (memcmp(&sm2_key.public_key, &point, sizeof(SM2_POINT)) != 0) {
format_print(stderr, 0, 4, "inlen = %zu, outlen = %zu\n", lens[i], clen);
format_bytes(stderr, 0, 4, "", cbuf, clen);
sm2_ciphertext_print(stderr, 0, 4, "ciphertext", cbuf, clen);
if (sm2_decrypt(&sm2_key, cbuf, clen, mbuf, &mlen) != 1) {
error_print();
err++;
break;
return -1;
}
format_bytes(stderr, 0, 4, "mbuf", mbuf, mlen);
if (mlen != lens[i]
|| memcmp(mbuf, msg, lens[i]) != 0) {
error_print();
return -1;
}
}
// uncompress
for (i = 0; i < 8; i++) {
uint8_t buf[65];
sm2_key_generate(&sm2_key);
sm2_point_to_uncompressed_octets(&sm2_key.public_key, buf);
if (sm2_point_from_octets(&point, buf, sizeof(buf)) != 1) {
error_print();
err++;
break;
}
if (memcmp(&sm2_key.public_key, &point, sizeof(SM2_POINT)) != 0) {
error_print();
err++;
break;
}
}
printf("%s : %s\n", __func__, err ? "failed" : "ok");
return err;
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_sm2_private_key(void)
{
int err = 0;
SM2_KEY sm2_key;
SM2_KEY sm2_tmp;
uint8_t buf[256];
SM2_KEY tmp_key;
uint8_t buf[SM2_PRIVATE_KEY_BUF_SIZE];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
sm2_key_generate(&sm2_key);
if (sm2_key_generate(&sm2_key) != 1) {
error_print();
return -1;
}
sm2_key_print(stderr, 0, 4, "SM2_KEY", &sm2_key);
if (sm2_private_key_to_der(&sm2_key, &p, &len) != 1) {
error_print();
err++;
goto end;
return -1;
}
if (sm2_private_key_from_der(&sm2_tmp, &cp, &len) != 1
|| len > 0) {
format_bytes(stderr, 0, 4, "ECPrivateKey", buf, len);
format_print(stderr, 0, 4, "#define SM2_PRIVATE_KEY_DEFAULT_SIZE %zu\n", len);
if (sm2_private_key_from_der(&tmp_key, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1
|| memcmp(&tmp_key, &sm2_key, sizeof(SM2_KEY)) != 0) {
error_print();
err++;
goto end;
}
if (memcmp(&sm2_tmp, &sm2_key, sizeof(SM2_KEY)) != 0) {
error_print();
err++;
goto end;
return -1;
}
printf("%s : ok\n", __func__);
end:
printf("%s : %s\n", __func__, err ? "failed" : "ok");
return err;
cp = p = buf; len = 0;
memset(&tmp_key, 0, sizeof(tmp_key));
if (sm2_private_key_to_der(&sm2_key, &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
sm2_private_key_print(stderr, 0, 4, "ECPrivateKey", d, dlen);
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_sm2_public_key_info(void)
static int test_sm2_private_key_info(void)
{
int err = 0;
SM2_KEY sm2_key;
SM2_KEY sm2_tmp;
uint8_t buf[256];
uint8_t buf[512];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
sm2_key_generate(&sm2_key);
SM2_KEY sm2_key;
SM2_KEY tmp_key;
const uint8_t *attrs;
size_t attrs_len;
if (sm2_public_key_info_to_der(&sm2_key, &p, &len) != 1) {
if (sm2_key_generate(&sm2_key) != 1) {
error_print();
err++;
goto end;
return -1;
}
if (sm2_public_key_info_from_der(&sm2_tmp, &cp, &len) != 1
|| len > 0) {
sm2_key_print(stderr, 0, 4, "SM2_KEY", &sm2_key);
if (sm2_private_key_info_to_der(&sm2_key, &p, &len) != 1) {
error_print();
err++;
goto end;
return -1;
}
if (memcmp(&sm2_key.public_key, &sm2_tmp.public_key, sizeof(SM2_POINT)) != 0) {
format_bytes(stderr, 0, 4, "PrivateKeyInfo", buf, len);
format_print(stderr, 0, 4, "sizeof(PrivateKeyInfo): %zu\n", len);
if (asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
err++;
goto end;
return -1;
}
printf("%s : ok\n", __func__);
end:
printf("%s : %s\n", __func__, err ? "failed" : "ok");
return err;
sm2_private_key_info_print(stderr, 0, 4, "PrivateKeyInfo", d, dlen);
cp = p = buf; len = 0;
if (sm2_private_key_info_to_der(&sm2_key, &p, &len) != 1) {
error_print();
return -1;
}
if (sm2_private_key_info_from_der(&tmp_key, &attrs, &attrs_len, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1
|| memcmp(&tmp_key, &sm2_key, sizeof(SM2_KEY)) != 0) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_sm2_enced_private_key_info(void)
{
uint8_t buf[512];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
SM2_KEY sm2_key;
SM2_KEY tmp_key;
const uint8_t *attrs;
size_t attrs_len;
const char *pass = "Password";
if (sm2_key_generate(&sm2_key) != 1) {
error_print();
return -1;
}
sm2_key_print(stderr, 0, 4, "SM2_KEY", &sm2_key);
if (sm2_private_key_info_encrypt_to_der(&sm2_key, pass, &p, &len) != 1) {
error_print();
return -1;
}
format_bytes(stderr, 0, 4, "EncryptedPrivateKeyInfo", buf, len);
format_print(stderr, 0, 4, "sizeof(EncryptedPrivateKeyInfo): %zu\n", len);
if (asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
pkcs8_enced_private_key_info_print(stderr, 0, 4, "EncryptedPrivateKeyInfo", d, dlen);
cp = p = buf; len = 0;
if (sm2_private_key_info_encrypt_to_der(&sm2_key, pass, &p, &len) != 1) {
error_print();
return -1;
}
if (sm2_private_key_info_decrypt_from_der(&tmp_key, &attrs, &attrs_len, pass, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1
|| memcmp(&tmp_key, &sm2_key, sizeof(SM2_KEY)) != 0) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
int main(void)
{
int err = 0;
err += sm2_selftest();
err += test_sm2_point();
err += test_sm2_sign();
err += test_sm2_do_encrypt();
err += test_sm2_point_octets();
err += test_sm2_point_from_x();
err += test_sm2_point_der();
err += test_sm2_private_key();
err += test_sm2_public_key_info();
err += test_sm2_private_key_info();
err += test_sm2_enced_private_key_info();
err += test_sm2_signature();
err += test_sm2_sign();
err += test_sm2_ciphertext();
err += test_sm2_do_encrypt();
err += test_sm2_encrypt();
if (!err) printf("%s all tests passed\n", __FILE__);
return err;
}

5
tests/tlstest.c
View File

@@ -184,14 +184,12 @@ static int test_tls_server_hello(void)
uint8_t version[2] = {1,1};
uint8_t random[32];
uint16_t cipher_suite = TLCP_cipher_ecdhe_sm4_cbc_sm3;
uint8_t comp_meth = 0;
tls_record_set_handshake_server_hello(record, &recordlen,
version,
random,
NULL, 0,
cipher_suite,
comp_meth,
NULL, 0);
tls_server_hello_print(stdout, record + 5 + 4, recordlen - 5 -4, 0, 0);
@@ -348,6 +346,5 @@ int main(void)
err += test_tls_alert();
err += test_tls_change_cipher_spec();
err += test_tls_application_data();
return 0;
return err;
}

36
tests/toolstest.sh Executable file
View File

@@ -0,0 +1,36 @@
#!/bin/bash -x
rm -fr *.pem
rm -fr *.der
# generate sm2 keypair and encrypt with password
sm2keygen -pass 123456 -out cakey.pem -pubout capubkey.pem
# generate a self-signed certificate
certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN CA -days 365 -key cakey.pem -pass 123456 -out cacert.pem
certparse -in cacert.pem
# generate a req and sign by ca certificate
sm2keygen -pass 123456 -out key.pem -pubout pubkey.pem
reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Alice -days 365 -key key.pem -pass 123456 -out req.pem
reqparse -in req.pem
reqsign -in req.pem -days 365 -cacert cacert.pem -key cakey.pem -pass 123456 -out cert.pem
certparse -in cert.pem
# hash and hmac
echo -n "abc" | sm3
echo -n "abc" | sm3hmac -keyhex 1122334455667788
# encrypt with public key
echo hello | sm2encrypt -pubkey pubkey.pem -out ciphertext.der
sm2decrypt -in ciphertext.der -key key.pem -pass 123456
# encrypt with certificate
echo hello | sm2encrypt -cert cert.pem -out ciphertext.der
sm2decrypt -in ciphertext.der -key key.pem -pass 123456
# sign and verify with public key and certificate
echo hello | sm2sign -key key.pem -pass 123456 -out signature.der
echo hello | sm2verify -pubkey pubkey.pem -sig signature.der
echo hello | sm2verify -cert cert.pem -sig signature.der

610
tests/x509_exttest.c
View File

@@ -58,7 +58,7 @@
#include <gmssl/rand.h>
#include <gmssl/error.h>
#define cnt(nodes) (sizeof(nodes)/sizeof(int))
static int test_x509_other_name(void)
{
@@ -152,10 +152,6 @@ static int test_x509_edi_party_name(void)
static int test_x509_general_name(void)
{
uint8_t gns[512];
size_t gnslen = 0;
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
@@ -163,14 +159,32 @@ static int test_x509_general_name(void)
const uint8_t *d;
size_t dlen;
if (x509_general_names_add_general_name(gns, &gnslen, sizeof(gns), X509_gn_rfc822_name, (uint8_t *)"guan@pku.edu.cn", 15) != 1
|| format_bytes(stderr, 0, 0, "", gns, gnslen) > 2
|| x509_general_names_add_general_name(gns, &gnslen, sizeof(gns), X509_gn_dns_name, (uint8_t *)"www.pku.edu.cn", 14) != 1
|| format_bytes(stderr, 0, 0, "", gns, gnslen) > 2
|| x509_general_names_add_general_name(gns, &gnslen, sizeof(gns), X509_gn_uniform_resource_identifier, (uint8_t *)"http://localhost", 14) != 1
|| format_bytes(stderr, 0, 0, "", gns, gnslen) > 2
|| x509_general_names_add_general_name(gns, &gnslen, sizeof(gns), X509_gn_ip_address, (uint8_t *)"10.0.0.1", 8) != 1
|| format_bytes(stderr, 0, 0, "", gns, gnslen) > 2
uint8_t gns[512];
size_t gnslen;
uint32_t other_id[] = { 1,3,5,7 };
uint8_t value[] = { ASN1_TAG_OCTET_STRING, 0x02, 0x05, 0x05 };
uint8_t x400[] = { ASN1_TAG_SEQUENCE, 0x00 };
uint8_t name[512];
size_t namelen;
uint32_t reg_id[] = { 2,4,6,8 };
if (x509_name_set(name, &namelen, sizeof(name),
"CN", "Beijing", "Haidian", "PKU", "CS", "CA") != 1) {
error_print();
return -1;
}
gnslen = 0;
if (x509_general_names_add_other_name(gns, &gnslen, sizeof(gns), other_id, cnt(other_id), value, sizeof(value)) != 1
|| x509_general_names_add_rfc822_name(gns, &gnslen, sizeof(gns), "guan@pku.edu.cn") != 1
|| x509_general_names_add_dns_name(gns, &gnslen, sizeof(gns), "www.pku.edu.cn") != 1
|| x509_general_names_add_x400_address(gns, &gnslen, sizeof(gns), x400, sizeof(x400)) != 1
|| x509_general_names_add_directory_name(gns, &gnslen, sizeof(gns), name, namelen) != 1
|| x509_general_names_add_edi_party_name(gns, &gnslen, sizeof(gns),
ASN1_TAG_PrintableString, (uint8_t *)"Assigner", strlen("Assigner"),
ASN1_TAG_PrintableString, (uint8_t *)"PartyName", strlen("PartyName")) != 1
|| x509_general_names_add_uniform_resource_identifier(gns, &gnslen, sizeof(gns), "http://localhost") != 1
|| x509_general_names_add_ip_address(gns, &gnslen, sizeof(gns), "127.0.0.1") != 1
|| x509_general_names_add_registered_id(gns, &gnslen, sizeof(gns), reg_id, cnt(reg_id)) != 1
|| x509_general_names_to_der(gns, gnslen, &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
@@ -178,13 +192,91 @@ static int test_x509_general_name(void)
return -1;
}
x509_general_names_print(stderr, 0, 0, "GeneralNames", d, dlen);
{
size_t i;
printf("uint8_t general_names[%zu] = {", dlen);
for (i = 0; i < dlen; i++) {
if (i % 16 == 0) {
printf("\n\t");
}
printf("0x%02x,", d[i]);
}
printf("\n};\n");
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
uint8_t general_names[202] = {
0x80,0x0b,0x06,0x03,0x2b,0x05,0x07,0xa0,0x04,0x04,0x02,0x05,0x05,0x81,0x0f,0x67,
0x75,0x61,0x6e,0x40,0x70,0x6b,0x75,0x2e,0x65,0x64,0x75,0x2e,0x63,0x6e,0x82,0x0e,
0x77,0x77,0x77,0x2e,0x70,0x6b,0x75,0x2e,0x65,0x64,0x75,0x2e,0x63,0x6e,0x83,0x02,
0x30,0x00,0x84,0x59,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x43,
0x4e,0x31,0x10,0x30,0x0e,0x06,0x03,0x55,0x04,0x08,0x13,0x07,0x42,0x65,0x69,0x6a,
0x69,0x6e,0x67,0x31,0x10,0x30,0x0e,0x06,0x03,0x55,0x04,0x07,0x13,0x07,0x48,0x61,
0x69,0x64,0x69,0x61,0x6e,0x31,0x0c,0x30,0x0a,0x06,0x03,0x55,0x04,0x0a,0x13,0x03,
0x50,0x4b,0x55,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x0b,0x13,0x02,0x43,0x53,
0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x03,0x13,0x02,0x43,0x41,0x85,0x19,0xa0,
0x0a,0x13,0x08,0x41,0x73,0x73,0x69,0x67,0x6e,0x65,0x72,0xa1,0x0b,0x13,0x09,0x50,
0x61,0x72,0x74,0x79,0x4e,0x61,0x6d,0x65,0x86,0x10,0x68,0x74,0x74,0x70,0x3a,0x2f,
0x2f,0x6c,0x6f,0x63,0x61,0x6c,0x68,0x6f,0x73,0x74,0x87,0x09,0x31,0x32,0x37,0x2e,
0x30,0x2e,0x30,0x2e,0x31,0x88,0x03,0x54,0x06,0x08,
};
static int test_x509_authority_key_identifier(void)
{
uint8_t buf[512];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
uint8_t keyid[32];
uint8_t serial[20];
const uint8_t *keyidp;
size_t keyidlen;
const uint8_t *issuerp;
size_t issuerlen;
const uint8_t *serialp;
size_t seriallen;
sm3_digest((uint8_t *)"abc", 3, keyid);
rand_bytes(serial, sizeof(serial));
if (x509_authority_key_identifier_to_der(
keyid, sizeof(keyid),
general_names, sizeof(general_names),
serial, sizeof(serial),
&p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
x509_authority_key_identifier_print(stderr, 0, 0, "AuthorityKeyIdentifier", d, dlen);
p = buf;
cp = buf;
len = 0;
if (x509_authority_key_identifier_to_der(
keyid, sizeof(keyid),
general_names, sizeof(general_names),
serial, sizeof(serial),
&p, &len) != 1
|| x509_authority_key_identifier_from_der(
&keyidp, &keyidlen,
&issuerp, &issuerlen,
&serialp, &seriallen,
&cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
@@ -209,6 +301,9 @@ static int test_x509_key_usage(void)
int usage;
int i;
for (i = 0; i <= 8; i++) {
format_print(stderr, 0, 4, "%d %s\n", i, x509_key_usage_name(1 << i));
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
if (x509_key_usage_to_der(tests[i], &p, &len) != 1) {
error_print();
@@ -232,16 +327,15 @@ static int test_x509_key_usage(void)
static int test_x509_notice_reference(void)
{
int notice_nums[] = { 1,2,3,4,5 };
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
int notice_nums[] = { 1,2,3,4,5 };
int org_tag;
const uint8_t *org;
size_t orglen;
@@ -280,6 +374,383 @@ static int test_x509_notice_reference(void)
return 0;
}
static int test_x509_user_notice(void)
{
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
int notice_nums[] = { 1,2,3,4,5 };
int org_tag;
const uint8_t *org;
size_t orglen;
int nums[32];
size_t nums_cnt;
int text_tag;
const uint8_t *text;
size_t textlen;
if (x509_user_notice_to_der(
ASN1_TAG_IA5String, (uint8_t *)"Hello", 5,
notice_nums, sizeof(notice_nums)/sizeof(notice_nums[0]),
ASN1_TAG_IA5String, (uint8_t *)"World", 5,
&p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
x509_user_notice_print(stderr, 0, 0, "UserNotice", d, dlen);
p = buf;
cp = buf;
len = 0;
if (x509_user_notice_to_der(
ASN1_TAG_IA5String, (uint8_t *)"Hello", 5,
notice_nums, sizeof(notice_nums)/sizeof(notice_nums[0]),
ASN1_TAG_IA5String, (uint8_t *)"World", 5,
&p, &len) != 1
|| x509_user_notice_from_der(
&org_tag, &org, &orglen,
nums, &nums_cnt, sizeof(nums)/sizeof(nums[0]),
&text_tag, &text, &textlen,
&cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_policy_qualifier_info(void)
{
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
if (x509_policy_qualifier_info_to_der(
OID_qt_cps,
(uint8_t *)"Qualifier", strlen("Qualifier"),
&p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
x509_policy_qualifier_info_print(stderr, 0, 0, "PolicyQualifierInfo", d, dlen);
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_policy_mapping(void)
{
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
int issuer_policy_oid;
uint32_t issuer_policy_nodes[32];
size_t issuer_policy_nodes_cnt;
int subject_policy_oid;
uint32_t subject_policy_nodes[32];
size_t subject_policy_nodes_cnt;
if (x509_policy_mapping_to_der(
OID_any_policy, NULL, 0,
OID_any_policy, NULL, 0,
&p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
x509_policy_mapping_print(stderr, 0, 0, "PolicyMapping", d, dlen);
p = buf;
cp = buf;
len = 0;
if (x509_policy_mapping_to_der(
OID_any_policy, NULL, 0,
OID_any_policy, NULL, 0,
&p, &len) != 1
|| x509_policy_mapping_from_der(
&issuer_policy_oid, issuer_policy_nodes, &issuer_policy_nodes_cnt,
&subject_policy_oid, subject_policy_nodes, &subject_policy_nodes_cnt,
&cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
// 这里的一些OID应该在RFC中有但是我们不实现
static int test_x509_attribute(void)
{
return 0;
}
static int test_x509_basic_constraints(void)
{
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
int ca;
int path;
if (x509_basic_constraints_to_der(1, 4, &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
x509_basic_constraints_print(stderr, 0, 0, "BasicConstraints", d, dlen);
cp = p = buf; len = 0;
if (x509_basic_constraints_to_der(-1, 4, &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
x509_basic_constraints_print(stderr, 0, 0, "BasicConstraints", d, dlen);
cp = p = buf; len = 0;
if (x509_basic_constraints_to_der(-1, -1, &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
x509_basic_constraints_print(stderr, 0, 0, "BasicConstraints", d, dlen);
cp = p = buf; len = 0;
if (x509_basic_constraints_to_der(1, 4, &p, &len) != 1
|| x509_basic_constraints_from_der(&ca, &path, &cp, &len) != 1
|| asn1_check(ca == 1) != 1
|| asn1_check(path == 4) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
cp = p = buf; len = 0;
if (x509_basic_constraints_to_der(-1, 4, &p, &len) != 1
|| x509_basic_constraints_from_der(&ca, &path, &cp, &len) != 1
|| asn1_check(ca == 0) != 1
|| asn1_check(path == 4) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
return 0;
cp = p = buf; len = 0;
if (x509_basic_constraints_to_der(-1, -1, &p, &len) != 1 // should return error
|| x509_basic_constraints_from_der(&ca, &path, &cp, &len) != -1) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_general_subtree(void)
{
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
uint8_t *dns = (uint8_t *)"www.pku.edu.cn";
size_t dnslen = strlen((char *)dns);
int choice;
const uint8_t *dns_name;
size_t dns_name_len;
int min_dis;
int max_dis;
if (x509_general_subtree_to_der(X509_gn_dns_name, dns, dnslen, 1, 5, &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
x509_general_subtree_print(stderr, 0, 0, "GeneralSubtree", d, dlen);
cp = p = buf; len = 0;
min_dis = max_dis = 99;
if (x509_general_subtree_to_der(X509_gn_dns_name, dns, dnslen, -1, 5, &p, &len) != 1
|| x509_general_subtree_from_der(&choice, &dns_name, &dns_name_len, &min_dis, &max_dis, &cp, &len) != 1
|| asn1_check(choice == X509_gn_dns_name) != 1
|| asn1_check(dns_name_len == dnslen && memcmp(dns_name, dns, dnslen) == 0) != 1
|| asn1_check(min_dis == 0) != 1
|| asn1_check(max_dis == 5) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
cp = p = buf; len = 0;
min_dis = max_dis = 99;
if (x509_general_subtree_to_der(X509_gn_dns_name, dns, dnslen, 1, -1, &p, &len) != 1
|| x509_general_subtree_from_der(&choice, &dns_name, &dns_name_len, &min_dis, &max_dis, &cp, &len) != 1
|| asn1_check(choice == X509_gn_dns_name) != 1
|| asn1_check(dns_name_len == dnslen && memcmp(dns_name, dns, dnslen) == 0) != 1
|| asn1_check(min_dis == 1) != 1
|| asn1_check(max_dis == -1) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_policy_constraints(void)
{
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
int val1;
int val2;
if (x509_policy_constraints_to_der(2, 5, &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
x509_policy_constraints_print(stderr, 0, 0, "PolicyConstraints", d, dlen);
cp = p = buf; len = 0;
if (x509_policy_constraints_to_der(2, -1, &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
x509_policy_constraints_print(stderr, 0, 0, "PolicyConstraints", d, dlen);
cp = p = buf; len = 0;
if (x509_policy_constraints_to_der(-1, 5, &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
x509_policy_constraints_print(stderr, 0, 0, "PolicyConstraints", d, dlen);
cp = p = buf; len = 0;
val1 = val2 = 99;
if (x509_policy_constraints_to_der(2, 5, &p, &len) != 1
|| x509_policy_constraints_from_der(&val1, &val2, &cp, &len) != 1
|| asn1_check(val1 == 2) != 1
|| asn1_check(val2 == 5) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
cp = p = buf; len = 0;
val1 = val2 = 99;
if (x509_policy_constraints_to_der(-1, -1, &p, &len) != 1
|| x509_policy_constraints_from_der(&val1, &val2, &cp, &len) != 1
|| asn1_check(val1 == -1) != 1
|| asn1_check(val2 == -1) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_ext_key_usage(void)
{
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
int kp[] = {
OID_kp_server_auth,
OID_kp_client_auth,
OID_kp_code_signing,
OID_kp_email_protection,
OID_kp_time_stamping,
OID_kp_ocsp_signing,
};
int oids[16] = {0};
size_t oids_cnt;
int i;
if (x509_ext_key_usage_to_der(kp, sizeof(kp)/sizeof(int), &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
x509_ext_key_usage_print(stderr, 0, 0, "ExtKeyUsageSyntax", d, dlen);
if (x509_ext_key_usage_to_der(kp, sizeof(kp)/sizeof(int), &p, &len) != 1
|| x509_ext_key_usage_from_der(oids, &oids_cnt, sizeof(oids)/sizeof(oids[0]), &cp, &len) != 1
|| asn1_check(oids_cnt == sizeof(kp)/sizeof(int)) != 1
|| asn1_check(memcmp(oids, kp, sizeof(kp)) == 0) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_revoke_reasons(void)
{
int tests[] = {
@@ -317,6 +788,99 @@ static int test_x509_revoke_reasons(void)
return 0;
}
static int test_x509_exts(void)
{
uint8_t buf[1024];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
uint8_t exts[512];
size_t extslen = 0;
uint8_t keyid[32] = {1};
uint8_t serial[20] = {2};
if (0
|| x509_exts_add_authority_key_identifier(exts, &extslen, sizeof(exts), 1,
keyid, sizeof(keyid),
general_names, sizeof(general_names),
serial, sizeof(serial)) != 1
|| x509_exts_add_subject_key_identifier(exts, &extslen, sizeof(exts), 0,
keyid, sizeof(keyid)) != 1
|| x509_exts_add_key_usage(exts, &extslen, sizeof(exts), 0,
X509_KU_NON_REPUDIATION|X509_KU_CRL_SIGN) != 1
|| x509_exts_to_der(exts, extslen, &p, &len) != 1
|| x509_exts_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
x509_exts_print(stderr, 0, 0, "Extensions", d, dlen);
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_cert_with_exts(void)
{
uint8_t cert[1024];
size_t certlen;
uint8_t serial[20];
uint8_t name[256];
size_t namelen;
time_t not_before, not_after;
SM2_KEY sm2_key;
uint8_t uniq_id[32];
uint8_t exts[512];
size_t extslen = 0;
uint8_t keyid[32] = {1};
rand_bytes(serial, sizeof(serial));
x509_name_set(name, &namelen, sizeof(name), "CN", "Beijing", "Haidian", "PKU", "CS", "CA");
time(&not_before);
x509_validity_add_days(&not_after, not_before, 365);
sm2_key_generate(&sm2_key);
sm3_digest((uint8_t *)&(sm2_key.public_key), sizeof(SM2_POINT), uniq_id);
if (x509_exts_add_authority_key_identifier(exts, &extslen, sizeof(exts), 1,
keyid, sizeof(keyid),
general_names, sizeof(general_names),
serial, sizeof(serial)) != 1
|| x509_exts_add_subject_key_identifier(exts, &extslen, sizeof(exts), 0,
keyid, sizeof(keyid)) != 1
|| x509_exts_add_key_usage(exts, &extslen, sizeof(exts), 0,
X509_KU_NON_REPUDIATION|X509_KU_CRL_SIGN) != 1) {
error_print();
return -1;
}
if (x509_cert_sign(
cert, &certlen, sizeof(cert),
X509_version_v3,
serial, sizeof(serial),
OID_sm2sign_with_sm3,
name, namelen,
not_before, not_after,
name, namelen,
&sm2_key,
uniq_id, sizeof(uniq_id),
uniq_id, sizeof(uniq_id),
exts, extslen,
&sm2_key,
SM2_DEFAULT_ID, strlen(SM2_DEFAULT_ID)) != 1) {
error_print();
return -1;
}
x509_cert_print(stderr, 0, 0, "Certificate", cert, certlen);
return 0;
}
@@ -324,11 +888,21 @@ static int test_x509_revoke_reasons(void)
int main(int argc, char **argv)
{
int err = 0;
err += test_x509_other_name();
err += test_x509_edi_party_name();
//err += test_x509_other_name();
//err += test_x509_edi_party_name();
err += test_x509_general_name();
err += test_x509_authority_key_identifier();
err += test_x509_key_usage();
err += test_x509_notice_reference();
err += test_x509_user_notice();
err += test_x509_policy_qualifier_info();
err += test_x509_policy_mapping();
err += test_x509_basic_constraints();
err += test_x509_general_subtree();
err += test_x509_policy_constraints();
err += test_x509_ext_key_usage();
err += test_x509_revoke_reasons();
err += test_x509_exts();
err += test_x509_cert_with_exts();
return err;
}

23
tests/x509test.c
View File

@@ -419,28 +419,19 @@ static int test_x509_cert(void)
}
x509_cert_print(stderr, 0, 4, "Certificate", cert, certlen);
return 0;
}
static int test_x509_cert_request(void)
{
return 0;
}
int main(void)
{
int err = 0;
// err += test_x509_version();
// err += test_x509_validity();
// err += test_x509_attr_type_and_value();
// err += test_x509_rdn();
// err += test_x509_name();
// err += test_x509_public_key_info();
// err += test_x509_tbs_cert();
err += test_x509_version();
err += test_x509_validity();
err += test_x509_attr_type_and_value();
err += test_x509_rdn();
err += test_x509_name();
err += test_x509_public_key_info();
err += test_x509_tbs_cert();
err += test_x509_cert();
//err += test_x509_cert_request();
//test_x509_extensions();
return err;
}