mirror of
https://github.com/guanzhi/GmSSL.git
synced 2026-06-27 15:43:42 +08:00
Update tests
This commit is contained in:
Zhi Guan
155
CMakeLists.txt
155
CMakeLists.txt
@@ -748,10 +748,43 @@ if (CMAKE_C_COMPILER_ID MATCHES "MSVC")
|
|||||||
endif()
|
endif()
|
||||||
|
|
||||||
|
|
||||||
add_test(NAME sm3_commands COMMAND ${CMAKE_COMMAND} -P "${CMAKE_SOURCE_DIR}/cmake/sm3_commands.cmake")
|
add_test(NAME tool_sm3 COMMAND ${CMAKE_COMMAND} -P "${CMAKE_SOURCE_DIR}/cmake/tool_sm3.cmake")
|
||||||
add_test(NAME sm2_commands COMMAND ${CMAKE_COMMAND} -P "${CMAKE_SOURCE_DIR}/cmake/sm2_commands.cmake")
|
add_test(NAME tool_sm2 COMMAND ${CMAKE_COMMAND} -P "${CMAKE_SOURCE_DIR}/cmake/tool_sm2.cmake")
|
||||||
add_test(NAME cert_commands COMMAND ${CMAKE_COMMAND} -P "${CMAKE_SOURCE_DIR}/cmake/cert_commands.cmake")
|
add_test(NAME tool_rand COMMAND ${CMAKE_COMMAND} -P "${CMAKE_SOURCE_DIR}/cmake/tool_rand.cmake")
|
||||||
set_tests_properties(cert_commands PROPERTIES FIXTURES_SETUP gmssl_cert_files)
|
add_test(NAME tool_sm4 COMMAND ${CMAKE_COMMAND}
|
||||||
|
-DENABLE_SM4_ECB=${ENABLE_SM4_ECB}
|
||||||
|
-DENABLE_SM4_CFB=${ENABLE_SM4_CFB}
|
||||||
|
-DENABLE_SM4_OFB=${ENABLE_SM4_OFB}
|
||||||
|
-DENABLE_SM4_CCM=${ENABLE_SM4_CCM}
|
||||||
|
-DENABLE_SM4_XTS=${ENABLE_SM4_XTS}
|
||||||
|
-DENABLE_SM4_CBC_MAC=${ENABLE_SM4_CBC_MAC}
|
||||||
|
-P "${CMAKE_SOURCE_DIR}/cmake/tool_sm4.cmake")
|
||||||
|
if(ENABLE_ZUC)
|
||||||
|
add_test(NAME tool_zuc COMMAND ${CMAKE_COMMAND} -P "${CMAKE_SOURCE_DIR}/cmake/tool_zuc.cmake")
|
||||||
|
endif()
|
||||||
|
if(ENABLE_GHASH)
|
||||||
|
add_test(NAME tool_ghash COMMAND ${CMAKE_COMMAND} -P "${CMAKE_SOURCE_DIR}/cmake/tool_ghash.cmake")
|
||||||
|
endif()
|
||||||
|
if(ENABLE_SM9)
|
||||||
|
add_test(NAME tool_sm9 COMMAND ${CMAKE_COMMAND} -P "${CMAKE_SOURCE_DIR}/cmake/tool_sm9.cmake")
|
||||||
|
endif()
|
||||||
|
if(ENABLE_LMS OR ENABLE_XMSS OR ENABLE_SPHINCS OR ENABLE_KYBER)
|
||||||
|
add_test(NAME tool_pqc COMMAND ${CMAKE_COMMAND}
|
||||||
|
-DENABLE_LMS=${ENABLE_LMS}
|
||||||
|
-DENABLE_XMSS=${ENABLE_XMSS}
|
||||||
|
-DENABLE_SPHINCS=${ENABLE_SPHINCS}
|
||||||
|
-DENABLE_KYBER=${ENABLE_KYBER}
|
||||||
|
-P "${CMAKE_SOURCE_DIR}/cmake/tool_pqc.cmake")
|
||||||
|
endif()
|
||||||
|
add_test(NAME tool_cert COMMAND ${CMAKE_COMMAND} -P "${CMAKE_SOURCE_DIR}/cmake/tool_cert.cmake")
|
||||||
|
set_tests_properties(tool_cert PROPERTIES FIXTURES_SETUP gmssl_cert_files)
|
||||||
|
add_test(NAME tool_crl COMMAND ${CMAKE_COMMAND} -P "${CMAKE_SOURCE_DIR}/cmake/tool_crl.cmake")
|
||||||
|
add_test(NAME tool_ocsp COMMAND ${CMAKE_COMMAND} -P "${CMAKE_SOURCE_DIR}/cmake/tool_ocsp.cmake")
|
||||||
|
set_tests_properties(tool_crl tool_ocsp PROPERTIES FIXTURES_REQUIRED gmssl_cert_files)
|
||||||
|
if(ENABLE_CMS)
|
||||||
|
add_test(NAME tool_cms COMMAND ${CMAKE_COMMAND} -P "${CMAKE_SOURCE_DIR}/cmake/tool_cms.cmake")
|
||||||
|
set_tests_properties(tool_cms PROPERTIES FIXTURES_REQUIRED gmssl_cert_files)
|
||||||
|
endif()
|
||||||
if(ENABLE_TLS AND NOT WIN32)
|
if(ENABLE_TLS AND NOT WIN32)
|
||||||
find_program(OPENSSL_EXECUTABLE openssl)
|
find_program(OPENSSL_EXECUTABLE openssl)
|
||||||
set(GMSSL_OPENSSL_INTEROP_ENABLED OFF)
|
set(GMSSL_OPENSSL_INTEROP_ENABLED OFF)
|
||||||
@@ -760,71 +793,71 @@ if(ENABLE_TLS AND NOT WIN32)
|
|||||||
else()
|
else()
|
||||||
message(STATUS "OpenSSL TLS interop tests require ENABLE_AES=ON, ENABLE_SHA2=ON and ENABLE_SECP256R1=ON; skipping")
|
message(STATUS "OpenSSL TLS interop tests require ENABLE_AES=ON, ENABLE_SHA2=ON and ENABLE_SECP256R1=ON; skipping")
|
||||||
endif()
|
endif()
|
||||||
add_test(NAME tlcp_sm4_gcm_sni COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tlcp_sm4_gcm_sni -P "${CMAKE_SOURCE_DIR}/cmake/tlcp_commands.cmake")
|
add_test(NAME tool_tlcp_sm4_gcm_sni COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tlcp_sm4_gcm_sni -P "${CMAKE_SOURCE_DIR}/cmake/tlcp_commands.cmake")
|
||||||
add_test(NAME tlcp_sm4_cbc_sni COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tlcp_sm4_cbc_sni -P "${CMAKE_SOURCE_DIR}/cmake/tlcp_commands.cmake")
|
add_test(NAME tool_tlcp_sm4_cbc_sni COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tlcp_sm4_cbc_sni -P "${CMAKE_SOURCE_DIR}/cmake/tlcp_commands.cmake")
|
||||||
add_test(NAME tlcp_sm4_gcm_client_cert COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tlcp_sm4_gcm_client_cert -P "${CMAKE_SOURCE_DIR}/cmake/tlcp_commands.cmake")
|
add_test(NAME tool_tlcp_sm4_gcm_client_cert COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tlcp_sm4_gcm_client_cert -P "${CMAKE_SOURCE_DIR}/cmake/tlcp_commands.cmake")
|
||||||
add_test(NAME tls12_sm4_gcm_sni COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tls12_sm4_gcm_sni -P "${CMAKE_SOURCE_DIR}/cmake/tls12_commands.cmake")
|
add_test(NAME tool_tls12_sm4_gcm_sni COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tls12_sm4_gcm_sni -P "${CMAKE_SOURCE_DIR}/cmake/tls12_commands.cmake")
|
||||||
add_test(NAME tls12_sm4_cbc_sni COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tls12_sm4_cbc_sni -P "${CMAKE_SOURCE_DIR}/cmake/tls12_commands.cmake")
|
add_test(NAME tool_tls12_sm4_cbc_sni COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tls12_sm4_cbc_sni -P "${CMAKE_SOURCE_DIR}/cmake/tls12_commands.cmake")
|
||||||
add_test(NAME tls12_sm4_gcm_client_cert COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tls12_sm4_gcm_client_cert -P "${CMAKE_SOURCE_DIR}/cmake/tls12_commands.cmake")
|
add_test(NAME tool_tls12_sm4_gcm_client_cert COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tls12_sm4_gcm_client_cert -P "${CMAKE_SOURCE_DIR}/cmake/tls12_commands.cmake")
|
||||||
add_test(NAME tls12_sm4_gcm_renegotiation_info COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tls12_sm4_gcm_renegotiation_info -P "${CMAKE_SOURCE_DIR}/cmake/tls12_commands.cmake")
|
add_test(NAME tool_tls12_sm4_gcm_renegotiation_info COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tls12_sm4_gcm_renegotiation_info -P "${CMAKE_SOURCE_DIR}/cmake/tls12_commands.cmake")
|
||||||
add_test(NAME tls12_sm4_gcm_renegotiation_info_scsv COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tls12_sm4_gcm_renegotiation_info_scsv -P "${CMAKE_SOURCE_DIR}/cmake/tls12_commands.cmake")
|
add_test(NAME tool_tls12_sm4_gcm_renegotiation_info_scsv COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tls12_sm4_gcm_renegotiation_info_scsv -P "${CMAKE_SOURCE_DIR}/cmake/tls12_commands.cmake")
|
||||||
add_test(NAME tls12_client_reject_renegotiation_info_both
|
add_test(NAME tool_tls12_client_reject_renegotiation_info_both
|
||||||
COMMAND bash -c "bin/gmssl tls12_client -host 127.0.0.1 -renegotiation_info -renegotiation_info_scsv > tls12_client_reject_renegotiation_info_both.log 2>&1; test $? -ne 0 && grep -q 'should not be used together' tls12_client_reject_renegotiation_info_both.log")
|
COMMAND bash -c "bin/gmssl tls12_client -host 127.0.0.1 -renegotiation_info -renegotiation_info_scsv > tls12_client_reject_renegotiation_info_both.log 2>&1; test $? -ne 0 && grep -q 'should not be used together' tls12_client_reject_renegotiation_info_both.log")
|
||||||
add_test(NAME tls13_sm4_gcm_sni COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tls13_sm4_gcm_sni -P "${CMAKE_SOURCE_DIR}/cmake/tls13_commands.cmake")
|
add_test(NAME tool_tls13_sm4_gcm_sni COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tls13_sm4_gcm_sni -P "${CMAKE_SOURCE_DIR}/cmake/tls13_commands.cmake")
|
||||||
add_test(NAME tls13_sm4_gcm_client_cert COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tls13_sm4_gcm_client_cert -P "${CMAKE_SOURCE_DIR}/cmake/tls13_commands.cmake")
|
add_test(NAME tool_tls13_sm4_gcm_client_cert COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tls13_sm4_gcm_client_cert -P "${CMAKE_SOURCE_DIR}/cmake/tls13_commands.cmake")
|
||||||
add_test(NAME tls13_hrr_sm4_gcm COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tls13_hrr_sm4_gcm -P "${CMAKE_SOURCE_DIR}/cmake/tls13_commands.cmake")
|
add_test(NAME tool_tls13_hrr_sm4_gcm COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tls13_hrr_sm4_gcm -P "${CMAKE_SOURCE_DIR}/cmake/tls13_commands.cmake")
|
||||||
add_test(NAME tls13_psk_dhe_sm4_gcm COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tls13_psk_dhe_sm4_gcm -P "${CMAKE_SOURCE_DIR}/cmake/tls13_commands.cmake")
|
add_test(NAME tool_tls13_psk_dhe_sm4_gcm COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tls13_psk_dhe_sm4_gcm -P "${CMAKE_SOURCE_DIR}/cmake/tls13_commands.cmake")
|
||||||
add_test(NAME tls13_psk_only_sm4_gcm COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tls13_psk_only_sm4_gcm -P "${CMAKE_SOURCE_DIR}/cmake/tls13_commands.cmake")
|
add_test(NAME tool_tls13_psk_only_sm4_gcm COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tls13_psk_only_sm4_gcm -P "${CMAKE_SOURCE_DIR}/cmake/tls13_commands.cmake")
|
||||||
add_test(NAME tls13_early_data_sm4_gcm COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tls13_early_data_sm4_gcm -P "${CMAKE_SOURCE_DIR}/cmake/tls13_commands.cmake")
|
add_test(NAME tool_tls13_early_data_sm4_gcm COMMAND ${CMAKE_COMMAND} -DTEST_CASE=tls13_early_data_sm4_gcm -P "${CMAKE_SOURCE_DIR}/cmake/tls13_commands.cmake")
|
||||||
set_tests_properties(
|
set_tests_properties(
|
||||||
tlcp_sm4_gcm_sni
|
tool_tlcp_sm4_gcm_sni
|
||||||
tlcp_sm4_cbc_sni
|
tool_tlcp_sm4_cbc_sni
|
||||||
tlcp_sm4_gcm_client_cert
|
tool_tlcp_sm4_gcm_client_cert
|
||||||
tls12_sm4_gcm_sni
|
tool_tls12_sm4_gcm_sni
|
||||||
tls12_sm4_cbc_sni
|
tool_tls12_sm4_cbc_sni
|
||||||
tls12_sm4_gcm_client_cert
|
tool_tls12_sm4_gcm_client_cert
|
||||||
tls12_sm4_gcm_renegotiation_info
|
tool_tls12_sm4_gcm_renegotiation_info
|
||||||
tls12_sm4_gcm_renegotiation_info_scsv
|
tool_tls12_sm4_gcm_renegotiation_info_scsv
|
||||||
tls13_sm4_gcm_sni
|
tool_tls13_sm4_gcm_sni
|
||||||
tls13_sm4_gcm_client_cert
|
tool_tls13_sm4_gcm_client_cert
|
||||||
tls13_hrr_sm4_gcm
|
tool_tls13_hrr_sm4_gcm
|
||||||
tls13_psk_dhe_sm4_gcm
|
tool_tls13_psk_dhe_sm4_gcm
|
||||||
tls13_psk_only_sm4_gcm
|
tool_tls13_psk_only_sm4_gcm
|
||||||
tls13_early_data_sm4_gcm
|
tool_tls13_early_data_sm4_gcm
|
||||||
PROPERTIES FIXTURES_REQUIRED gmssl_cert_files)
|
PROPERTIES FIXTURES_REQUIRED gmssl_cert_files)
|
||||||
set_tests_properties(
|
set_tests_properties(
|
||||||
tls13_hrr_sm4_gcm
|
tool_tls13_hrr_sm4_gcm
|
||||||
tls13_psk_only_sm4_gcm
|
tool_tls13_psk_only_sm4_gcm
|
||||||
tls13_early_data_sm4_gcm
|
tool_tls13_early_data_sm4_gcm
|
||||||
PROPERTIES DISABLED TRUE)
|
PROPERTIES DISABLED TRUE)
|
||||||
if(OPENSSL_EXECUTABLE AND GMSSL_OPENSSL_INTEROP_ENABLED)
|
if(OPENSSL_EXECUTABLE AND GMSSL_OPENSSL_INTEROP_ENABLED)
|
||||||
add_test(NAME tls12_openssl_server COMMAND ${CMAKE_COMMAND} -DOPENSSL_EXECUTABLE=${OPENSSL_EXECUTABLE} -DTEST_CASE=tls12_openssl_server -P "${CMAKE_SOURCE_DIR}/cmake/openssl_interop_commands.cmake")
|
add_test(NAME tool_tls12_openssl_server COMMAND ${CMAKE_COMMAND} -DOPENSSL_EXECUTABLE=${OPENSSL_EXECUTABLE} -DTEST_CASE=tls12_openssl_server -P "${CMAKE_SOURCE_DIR}/cmake/openssl_interop_commands.cmake")
|
||||||
add_test(NAME tls12_openssl_server_renegotiation_info COMMAND ${CMAKE_COMMAND} -DOPENSSL_EXECUTABLE=${OPENSSL_EXECUTABLE} -DTEST_CASE=tls12_openssl_server_renegotiation_info -P "${CMAKE_SOURCE_DIR}/cmake/openssl_interop_commands.cmake")
|
add_test(NAME tool_tls12_openssl_server_renegotiation_info COMMAND ${CMAKE_COMMAND} -DOPENSSL_EXECUTABLE=${OPENSSL_EXECUTABLE} -DTEST_CASE=tls12_openssl_server_renegotiation_info -P "${CMAKE_SOURCE_DIR}/cmake/openssl_interop_commands.cmake")
|
||||||
add_test(NAME tls12_openssl_server_renegotiation_info_scsv COMMAND ${CMAKE_COMMAND} -DOPENSSL_EXECUTABLE=${OPENSSL_EXECUTABLE} -DTEST_CASE=tls12_openssl_server_renegotiation_info_scsv -P "${CMAKE_SOURCE_DIR}/cmake/openssl_interop_commands.cmake")
|
add_test(NAME tool_tls12_openssl_server_renegotiation_info_scsv COMMAND ${CMAKE_COMMAND} -DOPENSSL_EXECUTABLE=${OPENSSL_EXECUTABLE} -DTEST_CASE=tls12_openssl_server_renegotiation_info_scsv -P "${CMAKE_SOURCE_DIR}/cmake/openssl_interop_commands.cmake")
|
||||||
add_test(NAME tls12_openssl_client COMMAND ${CMAKE_COMMAND} -DOPENSSL_EXECUTABLE=${OPENSSL_EXECUTABLE} -DTEST_CASE=tls12_openssl_client -P "${CMAKE_SOURCE_DIR}/cmake/openssl_interop_commands.cmake")
|
add_test(NAME tool_tls12_openssl_client COMMAND ${CMAKE_COMMAND} -DOPENSSL_EXECUTABLE=${OPENSSL_EXECUTABLE} -DTEST_CASE=tls12_openssl_client -P "${CMAKE_SOURCE_DIR}/cmake/openssl_interop_commands.cmake")
|
||||||
add_test(NAME tls13_openssl_server COMMAND ${CMAKE_COMMAND} -DOPENSSL_EXECUTABLE=${OPENSSL_EXECUTABLE} -DTEST_CASE=tls13_openssl_server -P "${CMAKE_SOURCE_DIR}/cmake/openssl_interop_commands.cmake")
|
add_test(NAME tool_tls13_openssl_server COMMAND ${CMAKE_COMMAND} -DOPENSSL_EXECUTABLE=${OPENSSL_EXECUTABLE} -DTEST_CASE=tls13_openssl_server -P "${CMAKE_SOURCE_DIR}/cmake/openssl_interop_commands.cmake")
|
||||||
add_test(NAME tls13_openssl_client COMMAND ${CMAKE_COMMAND} -DOPENSSL_EXECUTABLE=${OPENSSL_EXECUTABLE} -DTEST_CASE=tls13_openssl_client -P "${CMAKE_SOURCE_DIR}/cmake/openssl_interop_commands.cmake")
|
add_test(NAME tool_tls13_openssl_client COMMAND ${CMAKE_COMMAND} -DOPENSSL_EXECUTABLE=${OPENSSL_EXECUTABLE} -DTEST_CASE=tls13_openssl_client -P "${CMAKE_SOURCE_DIR}/cmake/openssl_interop_commands.cmake")
|
||||||
add_test(NAME tls13_hrr_openssl_client COMMAND ${CMAKE_COMMAND} -DOPENSSL_EXECUTABLE=${OPENSSL_EXECUTABLE} -DTEST_CASE=tls13_hrr_openssl_client -P "${CMAKE_SOURCE_DIR}/cmake/openssl_interop_commands.cmake")
|
add_test(NAME tool_tls13_hrr_openssl_client COMMAND ${CMAKE_COMMAND} -DOPENSSL_EXECUTABLE=${OPENSSL_EXECUTABLE} -DTEST_CASE=tls13_hrr_openssl_client -P "${CMAKE_SOURCE_DIR}/cmake/openssl_interop_commands.cmake")
|
||||||
add_test(NAME tls13_psk_dhe_openssl_server COMMAND ${CMAKE_COMMAND} -DOPENSSL_EXECUTABLE=${OPENSSL_EXECUTABLE} -DTEST_CASE=tls13_psk_dhe_openssl_server -P "${CMAKE_SOURCE_DIR}/cmake/openssl_interop_commands.cmake")
|
add_test(NAME tool_tls13_psk_dhe_openssl_server COMMAND ${CMAKE_COMMAND} -DOPENSSL_EXECUTABLE=${OPENSSL_EXECUTABLE} -DTEST_CASE=tls13_psk_dhe_openssl_server -P "${CMAKE_SOURCE_DIR}/cmake/openssl_interop_commands.cmake")
|
||||||
add_test(NAME tls13_psk_dhe_openssl_client COMMAND ${CMAKE_COMMAND} -DOPENSSL_EXECUTABLE=${OPENSSL_EXECUTABLE} -DTEST_CASE=tls13_psk_dhe_openssl_client -P "${CMAKE_SOURCE_DIR}/cmake/openssl_interop_commands.cmake")
|
add_test(NAME tool_tls13_psk_dhe_openssl_client COMMAND ${CMAKE_COMMAND} -DOPENSSL_EXECUTABLE=${OPENSSL_EXECUTABLE} -DTEST_CASE=tls13_psk_dhe_openssl_client -P "${CMAKE_SOURCE_DIR}/cmake/openssl_interop_commands.cmake")
|
||||||
add_test(NAME tls13_psk_only_openssl_server COMMAND ${CMAKE_COMMAND} -DOPENSSL_EXECUTABLE=${OPENSSL_EXECUTABLE} -DTEST_CASE=tls13_psk_only_openssl_server -P "${CMAKE_SOURCE_DIR}/cmake/openssl_interop_commands.cmake")
|
add_test(NAME tool_tls13_psk_only_openssl_server COMMAND ${CMAKE_COMMAND} -DOPENSSL_EXECUTABLE=${OPENSSL_EXECUTABLE} -DTEST_CASE=tls13_psk_only_openssl_server -P "${CMAKE_SOURCE_DIR}/cmake/openssl_interop_commands.cmake")
|
||||||
add_test(NAME tls13_psk_only_openssl_client COMMAND ${CMAKE_COMMAND} -DOPENSSL_EXECUTABLE=${OPENSSL_EXECUTABLE} -DTEST_CASE=tls13_psk_only_openssl_client -P "${CMAKE_SOURCE_DIR}/cmake/openssl_interop_commands.cmake")
|
add_test(NAME tool_tls13_psk_only_openssl_client COMMAND ${CMAKE_COMMAND} -DOPENSSL_EXECUTABLE=${OPENSSL_EXECUTABLE} -DTEST_CASE=tls13_psk_only_openssl_client -P "${CMAKE_SOURCE_DIR}/cmake/openssl_interop_commands.cmake")
|
||||||
set_tests_properties(
|
set_tests_properties(
|
||||||
tls12_openssl_server
|
tool_tls12_openssl_server
|
||||||
tls12_openssl_server_renegotiation_info
|
tool_tls12_openssl_server_renegotiation_info
|
||||||
tls12_openssl_server_renegotiation_info_scsv
|
tool_tls12_openssl_server_renegotiation_info_scsv
|
||||||
tls12_openssl_client
|
tool_tls12_openssl_client
|
||||||
tls13_openssl_server
|
tool_tls13_openssl_server
|
||||||
tls13_openssl_client
|
tool_tls13_openssl_client
|
||||||
tls13_hrr_openssl_client
|
tool_tls13_hrr_openssl_client
|
||||||
tls13_psk_dhe_openssl_server
|
tool_tls13_psk_dhe_openssl_server
|
||||||
tls13_psk_dhe_openssl_client
|
tool_tls13_psk_dhe_openssl_client
|
||||||
tls13_psk_only_openssl_server
|
tool_tls13_psk_only_openssl_server
|
||||||
tls13_psk_only_openssl_client
|
tool_tls13_psk_only_openssl_client
|
||||||
PROPERTIES FIXTURES_REQUIRED gmssl_cert_files)
|
PROPERTIES FIXTURES_REQUIRED gmssl_cert_files)
|
||||||
set_tests_properties(
|
set_tests_properties(
|
||||||
tls13_psk_only_openssl_server
|
tool_tls13_psk_only_openssl_server
|
||||||
tls13_psk_only_openssl_client
|
tool_tls13_psk_only_openssl_client
|
||||||
PROPERTIES DISABLED TRUE)
|
PROPERTIES DISABLED TRUE)
|
||||||
elseif(NOT OPENSSL_EXECUTABLE)
|
elseif(NOT OPENSSL_EXECUTABLE)
|
||||||
message(STATUS "openssl executable not found; skipping OpenSSL TLS interop tests")
|
message(STATUS "openssl executable not found; skipping OpenSSL TLS interop tests")
|
||||||
@@ -841,7 +874,7 @@ endif()
|
|||||||
#
|
#
|
||||||
set(CPACK_PACKAGE_NAME "GmSSL")
|
set(CPACK_PACKAGE_NAME "GmSSL")
|
||||||
set(CPACK_PACKAGE_VENDOR "GmSSL develop team")
|
set(CPACK_PACKAGE_VENDOR "GmSSL develop team")
|
||||||
set(CPACK_PACKAGE_VERSION "3.2.0-dev.1123")
|
set(CPACK_PACKAGE_VERSION "3.2.0-dev.1124")
|
||||||
set(CPACK_PACKAGE_DESCRIPTION_FILE ${PROJECT_SOURCE_DIR}/README.md)
|
set(CPACK_PACKAGE_DESCRIPTION_FILE ${PROJECT_SOURCE_DIR}/README.md)
|
||||||
set(CPACK_NSIS_MODIFY_PATH ON)
|
set(CPACK_NSIS_MODIFY_PATH ON)
|
||||||
include(CPack)
|
include(CPack)
|
||||||
|
|||||||
@@ -1,14 +0,0 @@
|
|||||||
execute_process(
|
|
||||||
COMMAND bin/gmssl sm3 -in_str abc
|
|
||||||
RESULT_VARIABLE TEST_RESULT
|
|
||||||
ERROR_VARIABLE TEST_STDERR
|
|
||||||
OUTPUT_VARIABLE TEST_OUTPUT
|
|
||||||
)
|
|
||||||
|
|
||||||
if(NOT ${TEST_RESULT} EQUAL 0)
|
|
||||||
message(FATAL_ERROR "stderr: ${TEST_STDERR}")
|
|
||||||
endif()
|
|
||||||
|
|
||||||
if(NOT ${TEST_OUTPUT} STREQUAL "66c7f0f462eeedd9d1f2d46bdc10e4e24167c4875cf2f7a2297da02b8f4ba8e0\n")
|
|
||||||
message(FATAL_ERROR "stdout: ${TEST_OUTPUT}")
|
|
||||||
endif()
|
|
||||||
@@ -203,3 +203,23 @@ gmssl_write_bundle(sm2_tlcp_server_keys.pem
|
|||||||
|
|
||||||
gmssl_write_bundle(test_root_certs.pem
|
gmssl_write_bundle(test_root_certs.pem
|
||||||
sm2_root_ca_cert.pem p256_root_ca_cert.pem)
|
sm2_root_ca_cert.pem p256_root_ca_cert.pem)
|
||||||
|
|
||||||
|
gmssl_run(bin/gmssl certparse -in sm2_tlcp_server_certs.pem -out tool_certparse.txt)
|
||||||
|
gmssl_require_generated_file(tool_certparse.txt)
|
||||||
|
|
||||||
|
gmssl_run(bin/gmssl certverify
|
||||||
|
-tlcp_server
|
||||||
|
-in sm2_tlcp_server_certs.pem
|
||||||
|
-cacert sm2_root_ca_cert.pem
|
||||||
|
-hostname localhost)
|
||||||
|
|
||||||
|
gmssl_run(bin/gmssl certverify
|
||||||
|
-server
|
||||||
|
-in sm2_tls_server_certs.pem
|
||||||
|
-cacert sm2_root_ca_cert.pem
|
||||||
|
-hostname LOCALHOST)
|
||||||
|
|
||||||
|
gmssl_run(bin/gmssl certverify
|
||||||
|
-client
|
||||||
|
-in sm2_tls_client_certs.pem
|
||||||
|
-cacert sm2_root_ca_cert.pem)
|
||||||
32
cmake/tool_cms.cmake
Normal file
32
cmake/tool_cms.cmake
Normal file
@@ -0,0 +1,32 @@
|
|||||||
|
include("${CMAKE_CURRENT_LIST_DIR}/tool_helpers.cmake")
|
||||||
|
|
||||||
|
file(WRITE tool_cms_message.txt "CMS command line test message")
|
||||||
|
|
||||||
|
gmssl_run(cmssign
|
||||||
|
-key sm2_tls_server_key.pem
|
||||||
|
-pass P@ssw0rd
|
||||||
|
-cert sm2_tls_server_cert.pem
|
||||||
|
-in tool_cms_message.txt
|
||||||
|
-out tool_cms_signed.pem)
|
||||||
|
gmssl_require_file(tool_cms_signed.pem)
|
||||||
|
|
||||||
|
gmssl_run(cmsparse -in tool_cms_signed.pem)
|
||||||
|
|
||||||
|
gmssl_run(cmsverify
|
||||||
|
-in tool_cms_signed.pem
|
||||||
|
-out tool_cms_verified.txt)
|
||||||
|
gmssl_expect_file_text(tool_cms_verified.txt "CMS command line test message")
|
||||||
|
|
||||||
|
gmssl_run(cmsencrypt
|
||||||
|
-rcptcert sm2_tlcp_server_enc_cert.pem
|
||||||
|
-in tool_cms_message.txt
|
||||||
|
-out tool_cms_enveloped.pem)
|
||||||
|
gmssl_require_file(tool_cms_enveloped.pem)
|
||||||
|
|
||||||
|
gmssl_run(cmsdecrypt
|
||||||
|
-key sm2_tlcp_server_enc_key.pem
|
||||||
|
-pass P@ssw0rd
|
||||||
|
-cert sm2_tlcp_server_enc_cert.pem
|
||||||
|
-in tool_cms_enveloped.pem
|
||||||
|
-out tool_cms_decrypted.txt)
|
||||||
|
gmssl_expect_file_text(tool_cms_decrypted.txt "CMS command line test message")
|
||||||
25
cmake/tool_crl.cmake
Normal file
25
cmake/tool_crl.cmake
Normal file
@@ -0,0 +1,25 @@
|
|||||||
|
include("${CMAKE_CURRENT_LIST_DIR}/tool_helpers.cmake")
|
||||||
|
|
||||||
|
gmssl_run(certrevoke
|
||||||
|
-in sm2_tls_server_cert.pem
|
||||||
|
-reason keyCompromise
|
||||||
|
-invalid_date 20260101000000Z
|
||||||
|
-out tool_revoked_certs.der)
|
||||||
|
gmssl_require_file(tool_revoked_certs.der)
|
||||||
|
|
||||||
|
gmssl_run(crlgen
|
||||||
|
-in tool_revoked_certs.der
|
||||||
|
-cacert sm2_tls_server_ca2_cert.pem
|
||||||
|
-key sm2_tls_server_ca2_key.pem
|
||||||
|
-pass P@ssw0rd
|
||||||
|
-next_update 20270101000000Z
|
||||||
|
-gen_authority_key_id
|
||||||
|
-crl_num 1
|
||||||
|
-out tool_crl.der)
|
||||||
|
gmssl_require_file(tool_crl.der)
|
||||||
|
|
||||||
|
gmssl_run(crlparse -in tool_crl.der -out tool_crl.txt)
|
||||||
|
gmssl_require_file(tool_crl.txt)
|
||||||
|
|
||||||
|
gmssl_expect_stdout("Verification success\n"
|
||||||
|
crlverify -in tool_crl.der -cacert sm2_tls_server_ca2_cert.pem)
|
||||||
9
cmake/tool_ghash.cmake
Normal file
9
cmake/tool_ghash.cmake
Normal file
@@ -0,0 +1,9 @@
|
|||||||
|
include("${CMAKE_CURRENT_LIST_DIR}/tool_helpers.cmake")
|
||||||
|
|
||||||
|
gmssl_expect_stdout("50db43e2ab4a2bbddd6e1182de2cc22b\n"
|
||||||
|
ghash -h 0123456789abcdeffedcba9876543210 -aad_hex 001122 -in_str abc)
|
||||||
|
|
||||||
|
file(WRITE tool_ghash_input.txt "abc")
|
||||||
|
gmssl_run(ghash -h 0123456789abcdeffedcba9876543210 -aad "aad" -bin
|
||||||
|
-in tool_ghash_input.txt -out tool_ghash.bin)
|
||||||
|
gmssl_require_file(tool_ghash.bin)
|
||||||
67
cmake/tool_helpers.cmake
Normal file
67
cmake/tool_helpers.cmake
Normal file
@@ -0,0 +1,67 @@
|
|||||||
|
set(GMSSL_BIN bin/gmssl)
|
||||||
|
|
||||||
|
function(gmssl_run)
|
||||||
|
execute_process(
|
||||||
|
COMMAND ${GMSSL_BIN} ${ARGN}
|
||||||
|
RESULT_VARIABLE TEST_RESULT
|
||||||
|
ERROR_VARIABLE TEST_STDERR
|
||||||
|
OUTPUT_VARIABLE TEST_STDOUT
|
||||||
|
)
|
||||||
|
if(NOT TEST_RESULT EQUAL 0)
|
||||||
|
message(FATAL_ERROR "command failed: ${GMSSL_BIN} ${ARGN}\nstderr: ${TEST_STDERR}\nstdout: ${TEST_STDOUT}")
|
||||||
|
endif()
|
||||||
|
endfunction()
|
||||||
|
|
||||||
|
function(gmssl_run_capture out_var)
|
||||||
|
execute_process(
|
||||||
|
COMMAND ${GMSSL_BIN} ${ARGN}
|
||||||
|
RESULT_VARIABLE TEST_RESULT
|
||||||
|
ERROR_VARIABLE TEST_STDERR
|
||||||
|
OUTPUT_VARIABLE TEST_STDOUT
|
||||||
|
)
|
||||||
|
if(NOT TEST_RESULT EQUAL 0)
|
||||||
|
message(FATAL_ERROR "command failed: ${GMSSL_BIN} ${ARGN}\nstderr: ${TEST_STDERR}\nstdout: ${TEST_STDOUT}")
|
||||||
|
endif()
|
||||||
|
set(${out_var} "${TEST_STDOUT}" PARENT_SCOPE)
|
||||||
|
endfunction()
|
||||||
|
|
||||||
|
function(gmssl_expect_stdout expected)
|
||||||
|
gmssl_run_capture(TEST_STDOUT ${ARGN})
|
||||||
|
if(NOT TEST_STDOUT STREQUAL "${expected}")
|
||||||
|
message(FATAL_ERROR "unexpected stdout for ${GMSSL_BIN} ${ARGN}\nexpected: ${expected}\nactual: ${TEST_STDOUT}")
|
||||||
|
endif()
|
||||||
|
endfunction()
|
||||||
|
|
||||||
|
function(gmssl_require_file file)
|
||||||
|
if(NOT EXISTS "${file}")
|
||||||
|
message(FATAL_ERROR "generated file does not exist: ${file}")
|
||||||
|
endif()
|
||||||
|
endfunction()
|
||||||
|
|
||||||
|
function(gmssl_files_equal expected actual)
|
||||||
|
gmssl_require_file("${expected}")
|
||||||
|
gmssl_require_file("${actual}")
|
||||||
|
file(SHA256 "${expected}" EXPECTED_HASH)
|
||||||
|
file(SHA256 "${actual}" ACTUAL_HASH)
|
||||||
|
if(NOT EXPECTED_HASH STREQUAL ACTUAL_HASH)
|
||||||
|
message(FATAL_ERROR "file mismatch: ${expected} ${actual}")
|
||||||
|
endif()
|
||||||
|
endfunction()
|
||||||
|
|
||||||
|
function(gmssl_expect_file_hex file expected_hex)
|
||||||
|
gmssl_require_file("${file}")
|
||||||
|
file(READ "${file}" ACTUAL_HEX HEX)
|
||||||
|
string(TOLOWER "${ACTUAL_HEX}" ACTUAL_HEX)
|
||||||
|
string(TOLOWER "${expected_hex}" EXPECTED_HEX)
|
||||||
|
if(NOT ACTUAL_HEX STREQUAL EXPECTED_HEX)
|
||||||
|
message(FATAL_ERROR "unexpected hex in ${file}\nexpected: ${EXPECTED_HEX}\nactual: ${ACTUAL_HEX}")
|
||||||
|
endif()
|
||||||
|
endfunction()
|
||||||
|
|
||||||
|
function(gmssl_expect_file_text file expected_text)
|
||||||
|
gmssl_require_file("${file}")
|
||||||
|
file(READ "${file}" ACTUAL_TEXT)
|
||||||
|
if(NOT ACTUAL_TEXT STREQUAL "${expected_text}")
|
||||||
|
message(FATAL_ERROR "unexpected text in ${file}\nexpected: ${expected_text}\nactual: ${ACTUAL_TEXT}")
|
||||||
|
endif()
|
||||||
|
endfunction()
|
||||||
34
cmake/tool_ocsp.cmake
Normal file
34
cmake/tool_ocsp.cmake
Normal file
@@ -0,0 +1,34 @@
|
|||||||
|
include("${CMAKE_CURRENT_LIST_DIR}/tool_helpers.cmake")
|
||||||
|
|
||||||
|
file(READ sm2_tls_server_cert.pem OCSP_CERT)
|
||||||
|
file(READ sm2_tls_server_ca2_cert.pem OCSP_ISSUER)
|
||||||
|
file(WRITE tool_ocsp_chain.pem "${OCSP_CERT}${OCSP_ISSUER}")
|
||||||
|
|
||||||
|
gmssl_run(ocspreq
|
||||||
|
-in tool_ocsp_chain.pem
|
||||||
|
-digest sm3
|
||||||
|
-out tool_ocsp_req.der
|
||||||
|
-verbose)
|
||||||
|
gmssl_require_file(tool_ocsp_req.der)
|
||||||
|
|
||||||
|
gmssl_run(ocspsign
|
||||||
|
-reqin tool_ocsp_req.der
|
||||||
|
-cacert sm2_tls_server_ca2_cert.pem
|
||||||
|
-signer sm2_ocsp_responder_cert.pem
|
||||||
|
-key sm2_ocsp_responder_key.pem
|
||||||
|
-pass P@ssw0rd
|
||||||
|
-status good
|
||||||
|
-certs sm2_ocsp_responder_cert.pem
|
||||||
|
-out tool_ocsp_resp.der
|
||||||
|
-verbose)
|
||||||
|
gmssl_require_file(tool_ocsp_resp.der)
|
||||||
|
|
||||||
|
gmssl_expect_stdout("Verification success\n"
|
||||||
|
ocspverify
|
||||||
|
-reqin tool_ocsp_req.der
|
||||||
|
-respin tool_ocsp_resp.der
|
||||||
|
-cacert sm2_tls_server_ca2_cert.pem
|
||||||
|
-signer sm2_ocsp_responder_cert.pem
|
||||||
|
-certs sm2_ocsp_responder_cert.pem
|
||||||
|
-clock_skew 300
|
||||||
|
-verbose)
|
||||||
40
cmake/tool_pqc.cmake
Normal file
40
cmake/tool_pqc.cmake
Normal file
@@ -0,0 +1,40 @@
|
|||||||
|
include("${CMAKE_CURRENT_LIST_DIR}/tool_helpers.cmake")
|
||||||
|
|
||||||
|
file(WRITE tool_pqc_message.txt "PQC command line test message")
|
||||||
|
|
||||||
|
function(gmssl_signature_roundtrip name keygen sign verify)
|
||||||
|
cmake_parse_arguments(ARG "" "" "KEYGEN_ARGS;SIGN_ARGS;VERIFY_ARGS" ${ARGN})
|
||||||
|
gmssl_run(${keygen} ${ARG_KEYGEN_ARGS}
|
||||||
|
-out "${name}_key.pem" -pubout "${name}_pub.pem")
|
||||||
|
gmssl_run(${sign} -key "${name}_key.pem"
|
||||||
|
-in tool_pqc_message.txt -out "${name}.sig" ${ARG_SIGN_ARGS})
|
||||||
|
gmssl_run(${verify} -pubkey "${name}_pub.pem"
|
||||||
|
-in tool_pqc_message.txt -sig "${name}.sig" ${ARG_VERIFY_ARGS})
|
||||||
|
endfunction()
|
||||||
|
|
||||||
|
if(ENABLE_LMS)
|
||||||
|
gmssl_signature_roundtrip(tool_lms lmskeygen lmssign lmsverify
|
||||||
|
KEYGEN_ARGS -lms_type LMS_SM3_M32_H5)
|
||||||
|
gmssl_signature_roundtrip(tool_hss hsskeygen hsssign hssverify
|
||||||
|
KEYGEN_ARGS -lms_types LMS_SM3_M32_H5:LMS_SM3_M32_H5)
|
||||||
|
endif()
|
||||||
|
|
||||||
|
if(ENABLE_XMSS)
|
||||||
|
gmssl_signature_roundtrip(tool_xmss xmsskeygen xmsssign xmssverify
|
||||||
|
KEYGEN_ARGS -xmss_type XMSS_SHA2_10_256)
|
||||||
|
gmssl_signature_roundtrip(tool_xmssmt xmssmtkeygen xmssmtsign xmssmtverify
|
||||||
|
KEYGEN_ARGS -xmssmt_type XMSSMT_SHA2_20_2_256)
|
||||||
|
endif()
|
||||||
|
|
||||||
|
if(ENABLE_SPHINCS)
|
||||||
|
gmssl_signature_roundtrip(tool_sphincs sphincskeygen sphincssign sphincsverify)
|
||||||
|
endif()
|
||||||
|
|
||||||
|
if(ENABLE_KYBER)
|
||||||
|
gmssl_run(kyberkeygen -out tool_kyber_key.pem -pubout tool_kyber_pub.pem)
|
||||||
|
gmssl_run(kyberencap -pubkey tool_kyber_pub.pem
|
||||||
|
-out tool_kyber_cipher.bin -outkey tool_kyber_secret.bin)
|
||||||
|
gmssl_run(kyberdecap -key tool_kyber_key.pem
|
||||||
|
-in tool_kyber_cipher.bin -out tool_kyber_dec_secret.bin)
|
||||||
|
gmssl_files_equal(tool_kyber_secret.bin tool_kyber_dec_secret.bin)
|
||||||
|
endif()
|
||||||
15
cmake/tool_rand.cmake
Normal file
15
cmake/tool_rand.cmake
Normal file
@@ -0,0 +1,15 @@
|
|||||||
|
include("${CMAKE_CURRENT_LIST_DIR}/tool_helpers.cmake")
|
||||||
|
|
||||||
|
gmssl_run(rand -outlen 16 -out tool_rand.bin)
|
||||||
|
file(SIZE tool_rand.bin RAND_BIN_SIZE)
|
||||||
|
if(NOT RAND_BIN_SIZE EQUAL 16)
|
||||||
|
message(FATAL_ERROR "unexpected rand output size: ${RAND_BIN_SIZE}")
|
||||||
|
endif()
|
||||||
|
|
||||||
|
gmssl_run_capture(RAND_HEX rand -hex -outlen 16)
|
||||||
|
string(STRIP "${RAND_HEX}" RAND_HEX_STRIPPED)
|
||||||
|
string(REGEX MATCH "^[0-9a-fA-F]+$" RAND_HEX_MATCH "${RAND_HEX_STRIPPED}")
|
||||||
|
string(LENGTH "${RAND_HEX_STRIPPED}" RAND_HEX_LEN)
|
||||||
|
if(NOT RAND_HEX_MATCH OR NOT RAND_HEX_LEN EQUAL 32)
|
||||||
|
message(FATAL_ERROR "unexpected rand hex output: ${RAND_HEX}")
|
||||||
|
endif()
|
||||||
@@ -64,3 +64,25 @@ if(NOT "${TEST_STDOUT}" STREQUAL "${SECRET_MESSAGE}")
|
|||||||
message(FATAL_ERROR "stdout: ${TEST_STDOUT}")
|
message(FATAL_ERROR "stdout: ${TEST_STDOUT}")
|
||||||
endif()
|
endif()
|
||||||
|
|
||||||
|
execute_process(
|
||||||
|
COMMAND bin/gmssl sm2sign -key sm2.pem -pass P@ssw0rd -id Alice -in message.txt -out sm2_id.sig
|
||||||
|
RESULT_VARIABLE TEST_RESULT
|
||||||
|
ERROR_VARIABLE TEST_STDERR
|
||||||
|
)
|
||||||
|
if(NOT ${TEST_RESULT} EQUAL 0)
|
||||||
|
message(FATAL_ERROR "stderr: ${TEST_STDERR}")
|
||||||
|
endif()
|
||||||
|
|
||||||
|
execute_process(
|
||||||
|
COMMAND bin/gmssl sm2verify -pubkey sm2pub.pem -id Alice -in message.txt -sig sm2_id.sig
|
||||||
|
RESULT_VARIABLE TEST_RESULT
|
||||||
|
ERROR_VARIABLE TEST_STDERR
|
||||||
|
OUTPUT_VARIABLE TEST_STDOUT
|
||||||
|
)
|
||||||
|
if(NOT ${TEST_RESULT} EQUAL 0)
|
||||||
|
message(FATAL_ERROR "stderr: ${TEST_STDERR}")
|
||||||
|
endif()
|
||||||
|
string(FIND "${TEST_STDOUT}" "success" VERIFY_SUCCESS)
|
||||||
|
if(VERIFY_SUCCESS EQUAL -1)
|
||||||
|
message(FATAL_ERROR "verify failure")
|
||||||
|
endif()
|
||||||
20
cmake/tool_sm3.cmake
Normal file
20
cmake/tool_sm3.cmake
Normal file
@@ -0,0 +1,20 @@
|
|||||||
|
include("${CMAKE_CURRENT_LIST_DIR}/tool_helpers.cmake")
|
||||||
|
|
||||||
|
gmssl_expect_stdout("66c7f0f462eeedd9d1f2d46bdc10e4e24167c4875cf2f7a2297da02b8f4ba8e0\n"
|
||||||
|
sm3 -in_str abc)
|
||||||
|
|
||||||
|
file(WRITE tool_sm3_input.txt "abc")
|
||||||
|
gmssl_expect_stdout("66c7f0f462eeedd9d1f2d46bdc10e4e24167c4875cf2f7a2297da02b8f4ba8e0\n"
|
||||||
|
sm3 -hex -in tool_sm3_input.txt)
|
||||||
|
gmssl_run(sm3 -bin -in tool_sm3_input.txt -out tool_sm3.bin)
|
||||||
|
gmssl_expect_file_hex(tool_sm3.bin "66c7f0f462eeedd9d1f2d46bdc10e4e24167c4875cf2f7a2297da02b8f4ba8e0")
|
||||||
|
|
||||||
|
gmssl_expect_stdout("28d8a61be67d8bf7652c4eda7092b612f88be62184f55005c57ddf076e764199\n"
|
||||||
|
sm3hmac -key 0123456789abcdeffedcba9876543210 -in_str abc)
|
||||||
|
gmssl_run(sm3hmac -key 0123456789abcdeffedcba9876543210 -bin -in tool_sm3_input.txt -out tool_sm3hmac.bin)
|
||||||
|
gmssl_expect_file_hex(tool_sm3hmac.bin "28d8a61be67d8bf7652c4eda7092b612f88be62184f55005c57ddf076e764199")
|
||||||
|
|
||||||
|
gmssl_expect_stdout("df6b713d38d5a35df6861959e529ed22\n"
|
||||||
|
sm3_pbkdf2 -pass password -salt 0011223344556677 -iter 10000 -outlen 16 -hex)
|
||||||
|
gmssl_run(sm3_pbkdf2 -pass password -salt 0011223344556677 -iter 10000 -outlen 16 -bin -out tool_sm3_pbkdf2.bin)
|
||||||
|
gmssl_expect_file_hex(tool_sm3_pbkdf2.bin "df6b713d38d5a35df6861959e529ed22")
|
||||||
56
cmake/tool_sm4.cmake
Normal file
56
cmake/tool_sm4.cmake
Normal file
@@ -0,0 +1,56 @@
|
|||||||
|
include("${CMAKE_CURRENT_LIST_DIR}/tool_helpers.cmake")
|
||||||
|
|
||||||
|
set(SM4_KEY 0123456789abcdeffedcba9876543210)
|
||||||
|
set(SM4_IV 00000000000000000000000000000000)
|
||||||
|
set(SM4_HMAC_KEY 0123456789abcdeffedcba98765432100123456789abcdeffedcba98765432100123456789abcdeffedcba9876543210)
|
||||||
|
set(SM4_XTS_KEY 0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff)
|
||||||
|
set(SM4_TEXT "0123456789abcdef0123456789abcdef")
|
||||||
|
|
||||||
|
function(gmssl_symmetric_roundtrip name)
|
||||||
|
file(WRITE "${name}.plain" "${SM4_TEXT}")
|
||||||
|
gmssl_run(${ARGN} -encrypt -in "${name}.plain" -out "${name}.cipher")
|
||||||
|
gmssl_run(${ARGN} -decrypt -in "${name}.cipher" -out "${name}.decrypt")
|
||||||
|
gmssl_files_equal("${name}.plain" "${name}.decrypt")
|
||||||
|
endfunction()
|
||||||
|
|
||||||
|
file(WRITE tool_sm4_cbc_kat.plain "0123456789abcdef")
|
||||||
|
gmssl_run(sm4_cbc -encrypt -key ${SM4_KEY} -iv ${SM4_IV}
|
||||||
|
-in tool_sm4_cbc_kat.plain -out tool_sm4_cbc_kat.cipher)
|
||||||
|
gmssl_expect_file_hex(tool_sm4_cbc_kat.cipher
|
||||||
|
"e6887b77dbabb572ffa07fed7548b192ceaace11f2b90b94c2b7a4d9382e471e")
|
||||||
|
gmssl_run(sm4_cbc -decrypt -key ${SM4_KEY} -iv ${SM4_IV}
|
||||||
|
-in tool_sm4_cbc_kat.cipher -out tool_sm4_cbc_kat.decrypt)
|
||||||
|
gmssl_files_equal(tool_sm4_cbc_kat.plain tool_sm4_cbc_kat.decrypt)
|
||||||
|
|
||||||
|
gmssl_symmetric_roundtrip(tool_sm4_cbc sm4_cbc -key ${SM4_KEY} -iv ${SM4_IV})
|
||||||
|
gmssl_symmetric_roundtrip(tool_sm4_ctr sm4_ctr -key ${SM4_KEY} -iv ${SM4_IV})
|
||||||
|
gmssl_symmetric_roundtrip(tool_sm4_gcm sm4_gcm -key ${SM4_KEY} -iv 000000000000000000000000 -aad_hex 001122 -taglen 16)
|
||||||
|
gmssl_symmetric_roundtrip(tool_sm4_cbc_sm3_hmac sm4_cbc_sm3_hmac -key ${SM4_HMAC_KEY} -iv ${SM4_IV} -aad_hex 001122)
|
||||||
|
gmssl_symmetric_roundtrip(tool_sm4_ctr_sm3_hmac sm4_ctr_sm3_hmac -key ${SM4_HMAC_KEY} -iv ${SM4_IV} -aad_hex 001122)
|
||||||
|
|
||||||
|
if(ENABLE_SM4_ECB)
|
||||||
|
gmssl_symmetric_roundtrip(tool_sm4_ecb sm4_ecb -key ${SM4_KEY})
|
||||||
|
endif()
|
||||||
|
if(ENABLE_SM4_CFB)
|
||||||
|
gmssl_symmetric_roundtrip(tool_sm4_cfb sm4_cfb -sbytes 16 -key ${SM4_KEY} -iv ${SM4_IV})
|
||||||
|
endif()
|
||||||
|
if(ENABLE_SM4_OFB)
|
||||||
|
gmssl_symmetric_roundtrip(tool_sm4_ofb sm4_ofb -key ${SM4_KEY} -iv ${SM4_IV})
|
||||||
|
endif()
|
||||||
|
if(ENABLE_SM4_CCM)
|
||||||
|
gmssl_symmetric_roundtrip(tool_sm4_ccm sm4_ccm -key ${SM4_KEY} -iv 000000000000000000000000 -aad_hex 001122 -taglen 16)
|
||||||
|
endif()
|
||||||
|
if(ENABLE_SM4_XTS)
|
||||||
|
file(WRITE tool_sm4_xts.plain "0123456789abcdef0123456789abcdef")
|
||||||
|
gmssl_run(sm4_xts -encrypt -key ${SM4_XTS_KEY} -iv ${SM4_IV} -data_unit_size 32
|
||||||
|
-in tool_sm4_xts.plain -out tool_sm4_xts.cipher)
|
||||||
|
gmssl_run(sm4_xts -decrypt -key ${SM4_XTS_KEY} -iv ${SM4_IV} -data_unit_size 32
|
||||||
|
-in tool_sm4_xts.cipher -out tool_sm4_xts.decrypt)
|
||||||
|
gmssl_files_equal(tool_sm4_xts.plain tool_sm4_xts.decrypt)
|
||||||
|
endif()
|
||||||
|
if(ENABLE_SM4_CBC_MAC)
|
||||||
|
gmssl_expect_stdout("9054fccff72871fdad5202c821dbea05\n"
|
||||||
|
sm4_cbc_mac -key ${SM4_KEY} -in_str abc)
|
||||||
|
gmssl_run(sm4_cbc_mac -key ${SM4_KEY} -bin -in_str abc -out tool_sm4_cbc_mac.bin)
|
||||||
|
gmssl_expect_file_hex(tool_sm4_cbc_mac.bin "9054fccff72871fdad5202c821dbea05")
|
||||||
|
endif()
|
||||||
31
cmake/tool_sm9.cmake
Normal file
31
cmake/tool_sm9.cmake
Normal file
@@ -0,0 +1,31 @@
|
|||||||
|
include("${CMAKE_CURRENT_LIST_DIR}/tool_helpers.cmake")
|
||||||
|
|
||||||
|
set(SM9_PASS P@ssw0rd)
|
||||||
|
set(SM9_USER_PASS 123456)
|
||||||
|
set(SM9_ID Alice)
|
||||||
|
set(SM9_TEXT "SM9 command line test message")
|
||||||
|
|
||||||
|
file(WRITE tool_sm9_message.txt "${SM9_TEXT}")
|
||||||
|
|
||||||
|
gmssl_run(sm9setup -alg sm9sign -pass ${SM9_PASS}
|
||||||
|
-out tool_sm9_sign_msk.pem -pubout tool_sm9_sign_mpk.pem)
|
||||||
|
gmssl_run(sm9keygen -alg sm9sign
|
||||||
|
-in tool_sm9_sign_msk.pem -inpass ${SM9_PASS}
|
||||||
|
-id ${SM9_ID}
|
||||||
|
-out tool_sm9_sign_key.pem -outpass ${SM9_USER_PASS})
|
||||||
|
gmssl_run(sm9sign -key tool_sm9_sign_key.pem -pass ${SM9_USER_PASS}
|
||||||
|
-in tool_sm9_message.txt -out tool_sm9.sig)
|
||||||
|
gmssl_run(sm9verify -pubmaster tool_sm9_sign_mpk.pem -id ${SM9_ID}
|
||||||
|
-in tool_sm9_message.txt -sig tool_sm9.sig)
|
||||||
|
|
||||||
|
gmssl_run(sm9setup -alg sm9encrypt -pass ${SM9_PASS}
|
||||||
|
-out tool_sm9_enc_msk.pem -pubout tool_sm9_enc_mpk.pem)
|
||||||
|
gmssl_run(sm9keygen -alg sm9encrypt
|
||||||
|
-in tool_sm9_enc_msk.pem -inpass ${SM9_PASS}
|
||||||
|
-id ${SM9_ID}
|
||||||
|
-out tool_sm9_enc_key.pem -outpass ${SM9_USER_PASS})
|
||||||
|
gmssl_run(sm9encrypt -pubmaster tool_sm9_enc_mpk.pem -id ${SM9_ID}
|
||||||
|
-in tool_sm9_message.txt -out tool_sm9_cipher.der)
|
||||||
|
gmssl_run(sm9decrypt -key tool_sm9_enc_key.pem -pass ${SM9_USER_PASS} -id ${SM9_ID}
|
||||||
|
-in tool_sm9_cipher.der -out tool_sm9_plain.txt)
|
||||||
|
gmssl_expect_file_text(tool_sm9_plain.txt "${SM9_TEXT}")
|
||||||
10
cmake/tool_zuc.cmake
Normal file
10
cmake/tool_zuc.cmake
Normal file
@@ -0,0 +1,10 @@
|
|||||||
|
include("${CMAKE_CURRENT_LIST_DIR}/tool_helpers.cmake")
|
||||||
|
|
||||||
|
set(ZUC_KEY 00000000000000000000000000000000)
|
||||||
|
set(ZUC_IV 00000000000000000000000000000000)
|
||||||
|
file(WRITE tool_zuc.plain "0123456789abcdef")
|
||||||
|
|
||||||
|
gmssl_run(zuc -key ${ZUC_KEY} -iv ${ZUC_IV} -in tool_zuc.plain -out tool_zuc.cipher)
|
||||||
|
gmssl_expect_file_hex(tool_zuc.cipher "178fec4735b5b4edbfed84d4fc7cda00")
|
||||||
|
gmssl_run(zuc -key ${ZUC_KEY} -iv ${ZUC_IV} -in tool_zuc.cipher -out tool_zuc.decrypt)
|
||||||
|
gmssl_files_equal(tool_zuc.plain tool_zuc.decrypt)
|
||||||
@@ -18,7 +18,7 @@ extern "C" {
|
|||||||
|
|
||||||
|
|
||||||
#define GMSSL_VERSION_NUM 30200
|
#define GMSSL_VERSION_NUM 30200
|
||||||
#define GMSSL_VERSION_STR "GmSSL 3.2.0-dev.1123"
|
#define GMSSL_VERSION_STR "GmSSL 3.2.0-dev.1124"
|
||||||
|
|
||||||
int gmssl_version_num(void);
|
int gmssl_version_num(void);
|
||||||
const char *gmssl_version_str(void);
|
const char *gmssl_version_str(void);
|
||||||
|
|||||||
@@ -2298,7 +2298,9 @@ int cms_deenvelop(const uint8_t *cms, size_t cmslen,
|
|||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
if (memcmp(&public_key.u.sm2_key, rcpt_key, sizeof(SM2_POINT)) != 0) {
|
if (rcpt_key->algor != OID_ec_public_key
|
||||||
|
|| rcpt_key->algor_param != OID_sm2
|
||||||
|
|| sm2_public_key_equ(&public_key.u.sm2_key, &rcpt_key->u.sm2_key) != 1) {
|
||||||
error_print();
|
error_print();
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@@ -2498,4 +2500,3 @@ err:
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -102,7 +102,7 @@ int certverify_main(int argc, char **argv)
|
|||||||
char *crlfile = NULL;
|
char *crlfile = NULL;
|
||||||
char *ocspfile = NULL;
|
char *ocspfile = NULL;
|
||||||
char *hostname = NULL;
|
char *hostname = NULL;
|
||||||
int chain_type = TLS_cert_chain_tlcp_server;
|
int chain_type = 0;
|
||||||
uint8_t *certs = NULL;
|
uint8_t *certs = NULL;
|
||||||
size_t certslen = 0;
|
size_t certslen = 0;
|
||||||
uint8_t *cacerts = NULL;
|
uint8_t *cacerts = NULL;
|
||||||
@@ -188,6 +188,9 @@ bad:
|
|||||||
fprintf(stderr, "%s: '-cacert' option required\n", prog);
|
fprintf(stderr, "%s: '-cacert' option required\n", prog);
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
|
if (!chain_type) {
|
||||||
|
chain_type = TLS_cert_chain_tlcp_server;
|
||||||
|
}
|
||||||
if (hostname && chain_type == TLS_cert_chain_client) {
|
if (hostname && chain_type == TLS_cert_chain_client) {
|
||||||
fprintf(stderr, "%s: '-hostname' only allowed with '-tlcp_server' or '-server'\n", prog);
|
fprintf(stderr, "%s: '-hostname' only allowed with '-tlcp_server' or '-server'\n", prog);
|
||||||
goto end;
|
goto end;
|
||||||
|
|||||||
@@ -35,6 +35,7 @@ int cmssign_main(int argc, char **argv)
|
|||||||
FILE *outfp = stdout;
|
FILE *outfp = stdout;
|
||||||
SM2_KEY sm2_key;
|
SM2_KEY sm2_key;
|
||||||
X509_KEY public_key;
|
X509_KEY public_key;
|
||||||
|
X509_KEY sign_key;
|
||||||
uint8_t cert[8192];
|
uint8_t cert[8192];
|
||||||
size_t certlen;
|
size_t certlen;
|
||||||
uint8_t *in = NULL;
|
uint8_t *in = NULL;
|
||||||
@@ -134,11 +135,15 @@ bad:
|
|||||||
fprintf(stderr, "%s: key and cert are not match!\n", prog);
|
fprintf(stderr, "%s: key and cert are not match!\n", prog);
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
|
if (x509_key_set_sm2_key(&sign_key, &sm2_key) != 1) {
|
||||||
|
fprintf(stderr, "%s: invalid signing key\n", prog);
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
cert_and_key.certs = cert;
|
cert_and_key.certs = cert;
|
||||||
cert_and_key.certs_len = certlen;
|
cert_and_key.certs_len = certlen;
|
||||||
cert_and_key.sign_key = &public_key;
|
cert_and_key.sign_key = &sign_key;
|
||||||
|
|
||||||
if (file_size(infp, &inlen) != 1) {
|
if (file_size(infp, &inlen) != 1) {
|
||||||
fprintf(stderr, "%s: get input length failed\n", prog);
|
fprintf(stderr, "%s: get input length failed\n", prog);
|
||||||
|
|||||||
@@ -201,6 +201,7 @@ static const char *options =
|
|||||||
" ocspget Download OCSPResponse from OCSP responder\n"
|
" ocspget Download OCSPResponse from OCSP responder\n"
|
||||||
" ocspsign Sign OCSPResponse\n"
|
" ocspsign Sign OCSPResponse\n"
|
||||||
" ocspverify Verify OCSPResponse\n"
|
" ocspverify Verify OCSPResponse\n"
|
||||||
|
" sctverify Verify Signed Certificate Timestamp list\n"
|
||||||
#ifdef ENABLE_CMS
|
#ifdef ENABLE_CMS
|
||||||
" cmssign Generate CMS SignedData\n"
|
" cmssign Generate CMS SignedData\n"
|
||||||
" cmsverify Verify CMS SignedData\n"
|
" cmsverify Verify CMS SignedData\n"
|
||||||
@@ -256,7 +257,6 @@ static const char *options =
|
|||||||
" tls12_server TLS 1.2 server\n"
|
" tls12_server TLS 1.2 server\n"
|
||||||
" tls13_client TLS 1.3 client\n"
|
" tls13_client TLS 1.3 client\n"
|
||||||
" tls13_server TLS 1.3 server\n"
|
" tls13_server TLS 1.3 server\n"
|
||||||
" sctverify Verify Signed Certificate Timestamp list\n"
|
|
||||||
#endif
|
#endif
|
||||||
"\n"
|
"\n"
|
||||||
"run `gmssl <command> -help` to print help of the given command\n"
|
"run `gmssl <command> -help` to print help of the given command\n"
|
||||||
|
|||||||
@@ -159,6 +159,10 @@ bad:
|
|||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
if (fwrite(outbuf, 1, sizeof(outbuf), outfp) != sizeof(outbuf)) {
|
||||||
|
error_print();
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
ret = 0;
|
ret = 0;
|
||||||
|
|||||||
@@ -128,11 +128,12 @@ bad:
|
|||||||
fprintf(stderr, "%s: read failure\n", prog);
|
fprintf(stderr, "%s: read failure\n", prog);
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
if ((ret = sm9_verify_finish(&ctx, sig, siglen, &mpk, id, strlen(id))) != 1) {
|
if (sm9_verify_finish(&ctx, sig, siglen, &mpk, id, strlen(id)) != 1) {
|
||||||
error_print();
|
error_print();
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
printf("%s %s\n", prog, ret ? "success" : "failure");
|
printf("%s success\n", prog);
|
||||||
|
ret = 0;
|
||||||
|
|
||||||
end:
|
end:
|
||||||
if (infile && infp) fclose(infp);
|
if (infile && infp) fclose(infp);
|
||||||
@@ -147,4 +148,3 @@ end:
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user