Update tests

2026-06-27 15:43:42 +08:00 · 2026-06-20 23:10:17 +08:00
parent 1577bc7934
commit 6736825c7a
22 changed files with 497 additions and 84 deletions
--- a/tools/certverify.c
+++ b/tools/certverify.c
@@ -102,7 +102,7 @@ int certverify_main(int argc, char **argv)
 	char *crlfile = NULL;
 	char *ocspfile = NULL;
 	char *hostname = NULL;
-	int chain_type = TLS_cert_chain_tlcp_server;
+	int chain_type = 0;
 	uint8_t *certs = NULL;
 	size_t certslen = 0;
 	uint8_t *cacerts = NULL;
@@ -188,6 +188,9 @@ bad:
 		fprintf(stderr, "%s: '-cacert' option required\n", prog);
 		goto end;
 	}
+	if (!chain_type) {
+		chain_type = TLS_cert_chain_tlcp_server;
+	}
 	if (hostname && chain_type == TLS_cert_chain_client) {
 		fprintf(stderr, "%s: '-hostname' only allowed with '-tlcp_server' or '-server'\n", prog);
 		goto end;
--- a/tools/cmssign.c
+++ b/tools/cmssign.c
@@ -35,6 +35,7 @@ int cmssign_main(int argc, char **argv)
 	FILE *outfp = stdout;
 	SM2_KEY sm2_key;
 	X509_KEY public_key;
+	X509_KEY sign_key;
 	uint8_t cert[8192];
 	size_t certlen;
 	uint8_t *in = NULL;
@@ -134,11 +135,15 @@ bad:
 		fprintf(stderr, "%s: key and cert are not match!\n", prog);
 		goto end;
 	}
+	if (x509_key_set_sm2_key(&sign_key, &sm2_key) != 1) {
+		fprintf(stderr, "%s: invalid signing key\n", prog);
+		goto end;
+	}


 	cert_and_key.certs = cert;
 	cert_and_key.certs_len = certlen;
-	cert_and_key.sign_key = &public_key;
+	cert_and_key.sign_key = &sign_key;

 	if (file_size(infp, &inlen) != 1) {
 		fprintf(stderr, "%s: get input length failed\n", prog);
--- a/tools/gmssl.c
+++ b/tools/gmssl.c
@@ -201,6 +201,7 @@ static const char *options =
 	"  ocspget           Download OCSPResponse from OCSP responder\n"
 	"  ocspsign          Sign OCSPResponse\n"
 	"  ocspverify        Verify OCSPResponse\n"
+	"  sctverify         Verify Signed Certificate Timestamp list\n"
 #ifdef ENABLE_CMS
 	"  cmssign           Generate CMS SignedData\n"
 	"  cmsverify         Verify CMS SignedData\n"
@@ -256,7 +257,6 @@ static const char *options =
 	"  tls12_server      TLS 1.2 server\n"
 	"  tls13_client      TLS 1.3 client\n"
 	"  tls13_server      TLS 1.3 server\n"
-	"  sctverify         Verify Signed Certificate Timestamp list\n"
 #endif
 	"\n"
 	"run `gmssl <command> -help` to print help of the given command\n"
--- a/tools/kyberdecap.c
+++ b/tools/kyberdecap.c
@@ -159,6 +159,10 @@ bad:


 	}
+	if (fwrite(outbuf, 1, sizeof(outbuf), outfp) != sizeof(outbuf)) {
+		error_print();
+		goto end;
+	}


 	ret = 0;
--- a/tools/sm9verify.c
+++ b/tools/sm9verify.c
@@ -128,11 +128,12 @@ bad:
 		fprintf(stderr, "%s: read failure\n", prog);
 		goto end;
 	}
-	if ((ret = sm9_verify_finish(&ctx, sig, siglen, &mpk, id, strlen(id))) != 1) {
+	if (sm9_verify_finish(&ctx, sig, siglen, &mpk, id, strlen(id)) != 1) {
 		error_print();
 		goto end;
 	}
-	printf("%s %s\n", prog, ret ? "success" : "failure");
+	printf("%s success\n", prog);
+	ret = 0;

 end:
 	if (infile && infp) fclose(infp);
@@ -147,4 +148,3 @@ end:



-