Add some demo scripts

2026-05-07 08:56:17 +08:00 · 2018-10-20 11:41:48 +08:00
parent 6fe883cd3a
commit 5ff8ef6136
12 changed files with 228 additions and 2 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -183,21 +183,30 @@ Makefile.save
 cscope.*
 *.d

+# macOS
+.DS_Store
+*.tar.gz
+
 # add by LiTianjue for GmSSL
 # auto create by Configure
 crypto/opensslconf.h
 tool/c_rehash
 # exec file
 apps/gmssl
+apps/gmca/.ca

 # gmtls
 /ssl/ssl_load.c

+# demos
+/demos/kdf
+
 # engines
 /engines/e_skf*
 /engines/e_sdf*
 /engines/e_gmi*
 /engines/sdf
+/engines/skf

 # apps
 /apps/sm2.c
@@ -207,5 +216,3 @@ apps/gmssl
 include/openssl/srp.h

 /*.sh
-
-
--- a/demos/scripts/ciphers.sh
+++ b/demos/scripts/ciphers.sh
@@ -0,0 +1,34 @@
+#!/bin/bash -x
+# Copyright (c) 2014 - 2018 The GmSSL Project.  All rights reserved.
+
+gmssl=gmssl
+
+echo "SSL/TLS Cipher Suites:"
+$gmssl ciphers
+echo
+$gmssl ciphers -v
+echo
+$gmssl ciphers -V
+echo
+
+# show detailed information of a cipher suite
+$gmssl ciphers -V SM2-WITH-SMS4-SM3
+
+# show if the specified cipher is supported
+$gmssl ciphers -s -tls1 SM2-WITH-SMS4-SM3
+
+echo "Supported Cipher Suites:"
+$gmssl ciphers -s
+echo
+
+echo "TLS 1.2 Cipher Suites:"
+$gmssl ciphers -tls1_2
+echo
+
+echo "PSK (Pre-Shared Key) Cipher Suites:"
+$gmssl ciphers -psk
+echo
+
+echo "SRP (Secure Remote Password) Cipher Suites:"
+$gmssl ciphers -srp
+echo
--- a/demos/scripts/dgst.sh
+++ b/demos/scripts/dgst.sh
@@ -0,0 +1,20 @@
+#!/bin/bash -x
+# Copyright (c) 2014 - 2018 The GmSSL Project.  All rights reserved.
+
+gmssl=gmssl
+
+echo -n "abc" | $gmssl sm3
+echo -n "abcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcd" | $gmssl sm3
+echo -n "abc" | $gmssl dgst -sm3 -binary -out sm3dgst.bin
+echo -n "abc" | $gmssl dgst -sm3 -hmac "hmackeystring"
+
+# digest and sign/verify
+filename=dgst.sh
+$gmssl dgst -sm3 -sign sm2key.pem -out $filename.sig $filename
+$gmssl dgst -sm3 -verify sm2pubkey.pem -signature $filename.sig $filename
+
+# cmac
+echo hello | $gmssl dgst -sm3 -mac hmac -macopt key:ehllo
+
+# engine
+
--- a/demos/scripts/ec.sh
+++ b/demos/scripts/ec.sh
@@ -0,0 +1,26 @@
+#!/bin/bash
+# Copyright (c) 2014 - 2018 The GmSSL Project.  All rights reserved.
+
+gmssl=gmssl
+
+paramfile=ecparam.pem
+keyfile=eckey.pem
+pubkeyfile=ecpubkey.pem
+pkeyopt="-pkeyopt ec_paramgen_curve:sm2p256v1"
+
+$gmssl ecparam -list_curves | grep sm2
+$gmssl ecparam -text -noout -name sm2p256v1 -param_enc explicit
+$gmssl genpkey -genparam -algorithm EC -out sm2p256v1.pem -pkeyopt ec_paramgen_curve:sm2p256v1 -pkeyopt ec_param_enc:named_curve
+$gmssl genpkey -algorithm EC -out sm2key.pem -pkeyopt ec_paramgen_curve:sm2p256v1 -pkeyopt ec_param_enc:named_curve
+$gmssl pkey -text -noout -in sm2key.pem
+$gmssl pkey -in sm2key.pem -pubout -out sm2pubkey.pem
+$gmssl pkey -text -noout -pubin -in $pubkeyfile
+
+echo hello | $gmssl pkeyutl -sign -inkey sm2key.pem -pkeyopt ec_scheme:sm2 > sm2sig.der
+echo hello | $gmssl pkeyutl -verify -inkey sm2key.pem -sigfile sm2sig.der -pkeyopt ec_scheme:sm2
+echo hello | $gmssl pkeyutl -encrypt -inkey sm2key.pem -pkeyopt ec_scheme:sm2 > sm2ciphertext.bin
+
+cat sm2ciphertext.bin | $gmssl pkeyutl -decrypt -inkey sm2key.pem -pkeyopt ec_scheme:sm2
+
+#$gmssl req -new -x509 -days 3650 -key sm2key.pem -out cert.pem
+#$gmssl x509 -text -noout -in $DIR/cacert.pem
--- a/demos/scripts/list.sh
+++ b/demos/scripts/list.sh
@@ -0,0 +1,32 @@
+#!/bin/bash
+# Copyright (c) 2014 - 2018 The GmSSL Project.  All rights reserved.
+
+gmssl=gmssl
+
+echo "Commands:"
+$gmssl list -commands
+echo
+
+echo "Digest Commands:"
+$gmssl list -digest-commands
+echo
+
+echo "Digest Algorithms:"
+$gmssl list -digest-algorithms
+echo
+
+echo "Ciphers Commands:"
+$gmssl list -cipher-commands
+echo
+
+echo "Cipher Algorithms:"
+$gmssl list -cipher-algorithms
+echo
+
+echo "Public Key Algorithms:"
+$gmssl list -public-key-algorithms
+echo
+
+# FIXME: gmssl disabled features are not listed!
+$gmssl list -disabled
+echo
--- a/demos/scripts/passwd.sh
+++ b/demos/scripts/passwd.sh
@@ -0,0 +1,8 @@
+#!/bin/bash -x
+# Copyright (c) 2014 - 2018 The GmSSL Project.  All rights reserved.
+
+gmssl=gmssl
+
+$gmssl passwd -crypt -salt xx password
+$gmssl passwd -1     -salt xxxxxxxx password
+$gmssl passwd -apr1  -salt xxxxxxxx password
--- a/demos/scripts/pkey.sh
+++ b/demos/scripts/pkey.sh
@@ -0,0 +1,26 @@
+#!/bin/bash -x
+
+gmssl=~/code/github/gmssl/apps/gmssl
+
+$gmssl genpkey -genparam -algorithm EC -pkeyopt ec_paramgen_curve:sm2p256v1 -pkeyopt ec_param_enc:named_curve -out sm2p256v1.pem
+$gmssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:sm2p256v1 -pkeyopt ec_param_enc:named_curve -out sm2key.pem
+$gmssl pkey -text -noout -in sm2key.pem
+$gmssl pkey -pubout -in sm2key.pem -out sm2pubkey.pem
+$gmssl pkey -text -noout -pubin -in sm2pubkey.pem
+
+message="This is the message to be signed."
+sigfile="sm2sig.der"
+echo $message | $gmssl pkeyutl   -sign -pkeyopt ec_scheme:sm2        -inkey sm2key.pem        -out $sigfile
+echo $message | $gmssl pkeyutl -verify -pkeyopt ec_scheme:sm2 -pubin -inkey sm2pubkey.pem -sigfile $sigfile
+
+echo "Message : $message"
+echo "Signature :"
+$gmssl asn1parse -inform DER -in $sigfile
+
+plaintext="This is the plaintext to be encrypted."
+ciphertext=ciphertext.der
+echo $plaintext | $gmssl pkeyutl -encrypt -pkeyopt ec_scheme:sm2 -inkey sm2key.pem -out $ciphertext
+cat $ciphertext | $gmssl pkeyutl -decrypt -pkeyopt ec_scheme:sm2 -inkey sm2key.pem
+
+echo $plaintext
+$gmssl asn1parse -inform DER -in $ciphertext
--- a/demos/scripts/quickstart.sh
+++ b/demos/scripts/quickstart.sh
@@ -0,0 +1,17 @@
+#!/bin/bash
+# Copyright (c) 2014 - 2018 The GmSSL Project.  All rights reserved.
+
+gmssl=gmssl
+
+echo -n "abc" | $gmssl sm3
+echo "SM4 Decrypted Successfully" | $gmssl sms4 -e -K 1234567890ABCDEF1234567890ABCDEF -iv 11223344556677889900AABBCCDDEEFF -out README.sms4
+$gmssl sms4 -d -K 1234567890ABCDEF1234567890ABCDEF -iv 11223344556677889900AABBCCDDEEFF -in README.sms4 -out README-2.md
+$gmssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:sm2p256v1 -pkeyopt ec_param_enc:named_curve -out skey.pem
+$gmssl pkey -pubout -in skey.pem -out vkey.pem
+$gmssl pkeyutl -sign -pkeyopt ec_scheme:sm2 -inkey skey.pem -in README.md -out README.md.sig
+$gmssl pkeyutl -verify -pkeyopt ec_scheme:sm2 -pubin -inkey vkey.pem -in README.md -sigfile README.md.sig
+$gmssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:sm2p256v1 -pkeyopt ec_param_enc:named_curve -out dkey.pem
+$gmssl pkey -pubout -in dkey.pem -out ekey.pem
+echo "Ciphertext Decrypted Successfully" | $gmssl pkeyutl -encrypt -pkeyopt ec_scheme:sm2 -pubin -inkey ekey.pem -out ciphertext.sm2
+$gmssl pkeyutl -decrypt -pkeyopt ec_scheme:sm2 -inkey dkey.pem -in ciphertext.sm2
+#$gmssl req -new -x509 -key skey.pem -out cert.pem
--- a/demos/scripts/rand.sh
+++ b/demos/scripts/rand.sh
@@ -0,0 +1,10 @@
+#!/bin/bash
+# Copyright (c) 2014 - 2018 The GmSSL Project.  All rights reserved.
+
+gmssl=gmssl
+randfile=rand.bin
+
+num=32
+$gmssl rand -hex $num
+$gmssl rand -base64 $num
+$gmssl rand -out $randfile $num
--- a/demos/scripts/speed.sh
+++ b/demos/scripts/speed.sh
@@ -0,0 +1,10 @@
+#!/bin/bash
+# Copyright (c) 2014 - 2018 The GmSSL Project.  All rights reserved.
+
+gmssl=$gmssl
+
+$gmssl speed sm2
+$gmssl speed -evp sm3
+$gmssl speed -evp sms4
+$gmssl speed -evp sms4 -decrypt
+$gmssl speed -evp sm3 -engine skf
--- a/demos/scripts/version.sh
+++ b/demos/scripts/version.sh
@@ -0,0 +1,10 @@
+#!/bin/bash -x
+# Copyright (c) 2014 - 2018 The GmSSL Project.  All rights reserved.
+
+gmssl=gmssl
+
+$gmssl version
+$gmssl version -v
+$gmssl version -e
+$gmssl version -d
+$gmssl version -a
--- a/demos/scripts/x509.sh
+++ b/demos/scripts/x509.sh
@@ -0,0 +1,26 @@
+#!/bin/bash
+# Copyright (c) 2014 - 2018 The GmSSL Project.  All rights reserved.
+
+gmssl=gmssl
+
+paramfile=ecparam.pem
+keyfile=eckey.pem
+pubkeyfile=ecpubkey.pem
+pkeyopt="-pkeyopt ec_paramgen_curve:sm2p256v1"
+
+$gmssl ecparam -list_curves | grep sm2
+$gmssl ecparam -text -noout -name sm2p256v1 -param_enc explicit
+$gmssl genpkey -genparam -algorithm EC -out sm2p256v1.pem -pkeyopt ec_paramgen_curve:sm2p256v1 -pkeyopt ec_param_enc:named_curve
+$gmssl genpkey -algorithm EC -out sm2key.pem -pkeyopt ec_paramgen_curve:sm2p256v1 -pkeyopt ec_param_enc:named_curve
+$gmssl pkey -text -noout -in sm2key.pem
+$gmssl pkey -in sm2key.pem -pubout -out sm2pubkey.pem
+$gmssl pkey -text -noout -pubin -in $pubkeyfile
+
+echo hello | $gmssl pkeyutl -sign -inkey sm2key.pem -pkeyopt ec_scheme:sm2 > sm2sig.der
+echo hello | $gmssl pkeyutl -verify -inkey sm2key.pem -sigfile sm2sig.der -pkeyopt ec_scheme:sm2
+echo hello | $gmssl pkeyutl -encrypt -inkey sm2key.pem -pkeyopt ec_scheme:sm2 > sm2ciphertext.bin
+
+cat sm2ciphertext.bin | $gmssl pkeyutl -decrypt -inkey sm2key.pem -pkeyopt ec_scheme:sm2
+
+#$gmssl req -new -x509 -days 3650 -key sm2key.pem -out cert.pem
+#$gmssl x509 -text -noout -in $DIR/cacert.pem