abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-06-30 01:33:39 +08:00
Code Issues Packages Projects Releases Wiki Activity

Remove demos

Browse Source
This commit is contained in:
Zhi Guan
2024-05-25 23:19:46 +08:00
parent e172df55ca
commit 834fc0bd0c
96 changed files with 0 additions and 4801 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
demos/certs/ca/Ant Financial Certification Authority S1.pem
View File

@@ -1,18 +0,0 @@
-----BEGIN CERTIFICATE-----
MIICzjCCAnKgAwIBAgIQZMsSZdRKbxEiVT+tvsQxfzAMBggqgRzPVQGDdQUAMC4x
CzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVOUkNBQzEPMA0GA1UEAwwGUk9PVENBMB4X
DTE4MDMwNTA3MDEwOFoXDTM4MDIyODA3MDEwOFowejELMAkGA1UEBhMCQ04xFjAU
BgNVBAoMDUFudCBGaW5hbmNpYWwxIDAeBgNVBAsMF0NlcnRpZmljYXRpb24gQXV0
aG9yaXR5MTEwLwYDVQQDDChBbnQgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0
aG9yaXR5IFMxMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAEGmfMCs2ZerI5lvrO
bxfY8HJyIcTwfMtXb3R1KgqJmUTmsdlb3g13lkvkp2GwqGOpptUOxE09hZAeF4tY
QzSkSaOCASIwggEeMB8GA1UdIwQYMBaAFEwysZfZMxvEpgXBxuWLYlvwl3ZYMA8G
A1UdEwEB/wQFMAMBAf8wgboGA1UdHwSBsjCBrzBBoD+gPaQ7MDkxCzAJBgNVBAYT
AkNOMQ4wDAYDVQQKDAVOUkNBQzEMMAoGA1UECwwDQVJMMQwwCgYDVQQDDANhcmww
KqAooCaGJGh0dHA6Ly93d3cucm9vdGNhLmdvdi5jbi9hcmwvYXJsLmNybDA+oDyg
OoY4bGRhcDovL2xkYXAucm9vdGNhLmdvdi5jbjozODkvQ049YXJsLE9VPUFSTCxP
PU5SQ0FDLEM9Q04wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBQ3NFyrGaAF5BAy
72g+BP4NTGdGEzAMBggqgRzPVQGDdQUAA0gAMEUCIQCXq5uO1PaKFI764ak1Ah5R
5vc7E6WGBsO7Jv8+GM8xFgIgbCi8GfqKKiAAhJ3grv5vbQy5kPeC5I/8X3igW4k5
1Tc=
-----END CERTIFICATE-----

18
demos/certs/ca/TJCA.pem
View File

@@ -1,18 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIC7jCCApKgAwIBAgIQS66cxft/wk8MdWCL2qSImjAMBggqgRzPVQGDdQUAMDox
CzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVOUkNBQzEbMBkGA1UEAwwSQ2l2aWwgU2Vy
dmFudCBST09UMB4XDTE3MTIwNjAyNTczMFoXDTM3MTIwMTAyNTczMFowVjELMAkG
A1UEBhMCQ04xEjAQBgNVBAgMCeWkqea0peW4gjEkMCIGA1UECgwb5aSp5rSl5biC
55S15a2Q6K6k6K+B5Lit5b+DMQ0wCwYDVQQDDARUSkNBMFkwEwYHKoZIzj0CAQYI
KoEcz1UBgi0DQgAE2GJUeLtgaq271GSkgvmvBHJVxrg6K8Nx6AogQxNB/qoQjup4
YDw9odBrYiqdTbOgYL5I+iiPCXJg+6xKL3VA6aOCAVowggFWMB8GA1UdIwQYMBaA
FJ/cX1elCW5m8PJ1du0BYnAE/PpUMA8GA1UdEwEB/wQFMAMBAf8wgfIGA1UdHwSB
6jCB5zBPoE2gS6RJMEcxCzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVOUkNBQzEMMAoG
A1UECwwDQVJMMRowGAYDVQQDDBFDaXZpbF9TZXJ2YW50X0FSTDBGoESgQoZAaHR0
cDovL3d3dy5yb290Y2EuZ292LmNuL0NpdmlsX1NlcnZhbnRfYXJsL0NpdmlsX1Nl
cnZhbnRfQVJMLmNybDBMoEqgSIZGbGRhcDovL2xkYXAucm9vdGNhLmdvdi5jbjoz
OTAvQ049Q2l2aWxfU2VydmFudF9BUkwsT1U9QVJMLE89TlJDQUMsQz1DTjAOBgNV
HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFE6BR1+l7EDGRDMxpkHLpByil04oMAwGCCqB
HM9VAYN1BQADSAAwRQIgC79X9bYZNHi88AOzS1mcL8iMOTnuOhISxkw6Hbou9bIC
IQCGFTlCuEYGX3Qc+HlufzqyKjyYyUCTb0FkfhOfhcEU+g==
-----END CERTIFICATE-----

16
demos/certs/ca/Taier CA.pem
View File

@@ -1,16 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIChDCCAiigAwIBAgIQLXrZ9QK+bZE4WSoVyuo7GzAMBggqgRzPVQGDdQUAMC4x
CzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVOUkNBQzEPMA0GA1UEAwwGUk9PVENBMB4X
DTE2MDcxMzA4MjQ1NFoXDTM2MDcwODA4MjQ1NFowMDELMAkGA1UEBhMCQ04xDjAM
BgNVBAoMBUNBSUNUMREwDwYDVQQDDAhUYWllciBDQTBZMBMGByqGSM49AgEGCCqB
HM9VAYItA0IABAxbfsHfqwv8GmfhJYnj0R+fFFqkegyvdZgzRtnnnEDmoy4GNwQa
kVNElUTsMFIJDOEbXTfYazvOghVNsR1UFRujggEiMIIBHjAfBgNVHSMEGDAWgBRM
MrGX2TMbxKYFwcbli2Jb8Jd2WDAPBgNVHRMBAf8EBTADAQH/MIG6BgNVHR8EgbIw
ga8wQaA/oD2kOzA5MQswCQYDVQQGEwJDTjEOMAwGA1UECgwFTlJDQUMxDDAKBgNV
BAsMA0FSTDEMMAoGA1UEAwwDYXJsMCqgKKAmhiRodHRwOi8vd3d3LnJvb3RjYS5n
b3YuY24vYXJsL2FybC5jcmwwPqA8oDqGOGxkYXA6Ly9sZGFwLnJvb3RjYS5nb3Yu
Y246Mzg5L0NOPWFybCxPVT1BUkwsTz1OUkNBQyxDPUNOMA4GA1UdDwEB/wQEAwIB
BjAdBgNVHQ4EFgQUi2kQa6VC3y6m96DZs4ykCLs9UDkwDAYIKoEcz1UBg3UFAANI
ADBFAiAnOTxqRKjk7+RlMuu6dRIoncmZPPkmVytXeGkvxmN8zAIhAI4zYqRtqy4e
754IdYX8fZDRQi9Mf2ZIkEEgIy9o1+Gf
-----END CERTIFICATE-----

BIN
demos/certs/crl/Civil Servant ROOT.crl
View File

Binary file not shown.

BIN
demos/certs/crl/Device ROOT.crl
View File

Binary file not shown.

BIN
demos/certs/crl/ROOTCA.crl
View File

Binary file not shown.

12
demos/certs/rootca/Civil Servant ROOT.pem
View File

@@ -1,12 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIB0jCCAXegAwIBAgIQEdZMMEt/UB6aBlClCPrHdDAMBggqgRzPVQGDdQUAMDox
CzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVOUkNBQzEbMBkGA1UEAwwSQ2l2aWwgU2Vy
dmFudCBST09UMB4XDTE0MDcxNTA2NDg1NloXDTQ0MDcwNzA2NDg1NlowOjELMAkG
A1UEBhMCQ04xDjAMBgNVBAoMBU5SQ0FDMRswGQYDVQQDDBJDaXZpbCBTZXJ2YW50
IFJPT1QwWTATBgcqhkjOPQIBBggqgRzPVQGCLQNCAAR1whSysIMDakj11nL+KgJ1
J+HtXJU2D/EhV+QC1b+/yDXWdcZay7X79wC/g4vJdUIAdyZfLVy3lYYFc3aJ2smr
o10wWzAfBgNVHSMEGDAWgBSf3F9XpQluZvDydXbtAWJwBPz6VDAMBgNVHRMEBTAD
AQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUn9xfV6UJbmbw8nV27QFicAT8+lQw
DAYIKoEcz1UBg3UFAANHADBEAiAkrV4rtXx+4fdJBIVSxHFKh2znz2vnSgk/eBIl
gNQK7AIgNVusahBBOxafSdIB1cX8zJCnq+OcCNLRezYSbXQ45Jg=
-----END CERTIFICATE-----

12
demos/certs/rootca/Device ROOT.pem
View File

@@ -1,12 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIBxjCCAWmgAwIBAgIQVWEAYiD7bkTypcG5eLcUIzAMBggqgRzPVQGDdQUAMDMx
CzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVOUkNBQzEUMBIGA1UEAwwLRGV2aWNlIFJP
T1QwHhcNMTQwNzE1MDY0OTE0WhcNNDQwNzA3MDY0OTE0WjAzMQswCQYDVQQGEwJD
TjEOMAwGA1UECgwFTlJDQUMxFDASBgNVBAMMC0RldmljZSBST09UMFkwEwYHKoZI
zj0CAQYIKoEcz1UBgi0DQgAErrT3rKewd5fIH38K5dUcB6dxxYcFCqHlklxWnwiU
n39eP3O8D3h7gncGBJoxX5XToyqwy4saICZq3MEIBf6XKqNdMFswHwYDVR0jBBgw
FoAUodkX9LXKzt+c9s0ZP86nFwz5gPUwDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMC
AQYwHQYDVR0OBBYEFKHZF/S1ys7fnPbNGT/OpxcM+YD1MAwGCCqBHM9VAYN1BQAD
SQAwRgIhAO6XHWXfSyMUt/fn6yB5vPH9bHofYkylecmwqbN7jNlBAiEA2b8vR1TR
u1rh597JnGgp8tdjAiBbPWYjHcJDRBGcljA=
-----END CERTIFICATE-----

12
demos/certs/rootca/ROOTCA.pem
View File

@@ -1,12 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIBszCCAVegAwIBAgIIaeL+wBcKxnswDAYIKoEcz1UBg3UFADAuMQswCQYDVQQG
EwJDTjEOMAwGA1UECgwFTlJDQUMxDzANBgNVBAMMBlJPT1RDQTAeFw0xMjA3MTQw
MzExNTlaFw00MjA3MDcwMzExNTlaMC4xCzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVO
UkNBQzEPMA0GA1UEAwwGUk9PVENBMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAE
MPCca6pmgcchsTf2UnBeL9rtp4nw+itk1Kzrmbnqo05lUwkwlWK+4OIrtFdAqnRT
V7Q9v1htkv42TsIutzd126NdMFswHwYDVR0jBBgwFoAUTDKxl9kzG8SmBcHG5Yti
W/CXdlgwDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFEwysZfZ
MxvEpgXBxuWLYlvwl3ZYMAwGCCqBHM9VAYN1BQADSAAwRQIgG1bSLeOXp3oB8H7b
53W+CKOPl2PknmWEq/lMhtn25HkCIQDaHDgWxWFtnCrBjH16/W3Ezn7/U/Vjo5xI
pDoiVhsLwg==
-----END CERTIFICATE-----

44
demos/scripts/cademo.sh
View File

@@ -1,44 +0,0 @@
#!/bin/bash -x
set -e
gmssl sm2keygen -pass 1234 -out rootcakey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign
gmssl certparse -in rootcacert.pem
gmssl sm2keygen -pass 1234 -out cakey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -key cakey.pem -pass 1234 -out careq.pem
gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem
gmssl certparse -in cacert.pem
gmssl sm2keygen -pass 1234 -out signkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem
gmssl sm2keygen -pass 1234 -out enckey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -key enckey.pem -pass 1234 -out encreq.pem
gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem
gmssl certparse -in enccert.pem
rm -fr revoked_certs.der
gmssl certrevoke -in signcert.pem -reason keyCompromise -out revoked_certs.der
gmssl certrevoke -in enccert.pem -reason keyCompromise -out revoked_certs.der
gmssl crlgen -in revoked_certs.der -cacert cacert.pem -key cakey.pem -pass 1234 -next_update 20240101000000Z -gen_authority_key_id -crl_num 1 -out crl.der
gmssl crlparse -in crl.der
rm -fr rootcakey.pem
rm -fr rootcacert.pem
rm -fr cakey.pem
rm -fr careq.pem
rm -fr cacert.pem
rm -fr signkey.pem
rm -fr signreq.pem
rm -fr signcert.pem
rm -fr enckey.pem
rm -fr encreq.pem
rm -fr enccert.pem
rm -fr revoked_certs.der
rm -fr crl.der
echo "all ok"

43
demos/scripts/certdemo.sh
View File

@@ -1,43 +0,0 @@
#!/bin/bash -x
set -e
gmssl sm2keygen -pass 1234 -out rootcakey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 \
-key rootcakey.pem -pass 1234 \
-out rootcacert.pem \
-ca -path_len_constraint 6 \
-key_usage keyCertSign -key_usage cRLSign \
-crl_http_uri http://pku.edu.cn/ca.crl -ca_issuers_uri http://pku.edu.cn/ca.crt -ocsp_uri http://ocsp.pku.edu.cn
gmssl certparse -in rootcacert.pem
gmssl sm2keygen -pass 1234 -out cakey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -key cakey.pem -pass 1234 -out careq.pem
gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem \
-crl_http_uri http://pku.edu.cn/ca.crl -ca_issuers_uri http://pku.edu.cn/ca.crt -ocsp_uri http://ocsp.pku.edu.cn
gmssl certparse -in cacert.pem
gmssl sm2keygen -pass 1234 -out signkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem \
-crl_http_uri http://github.com/guanzhi/GmSSL/raw/master/demos/certs/SubCA-1.crl
gmssl certparse -in signcert.pem
gmssl sm2keygen -pass 1234 -out enckey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -key enckey.pem -pass 1234 -out encreq.pem
gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem \
-crl_http_uri http://github.com/guanzhi/GmSSL/raw/master/demos/certs/SubCA-1.crl
gmssl certparse -in enccert.pem
cat signcert.pem > certs.pem
cat cacert.pem >> certs.pem
gmssl certverify -in certs.pem -cacert rootcacert.pem #-check_crl
cat signcert.pem > dbl_certs.pem
cat enccert.pem >> dbl_certs.pem
cat cacert.pem >> dbl_certs.pem
gmssl certverify -double_certs -in dbl_certs.pem -cacert rootcacert.pem #-check_crl
echo ok

27
demos/scripts/certs.sh
View File

@@ -1,27 +0,0 @@
#!/bin/bash -x
set -e
cd ../certs
gmssl certparse -in "rootca/Civil Servant ROOT.pem"
gmssl certverify -in "rootca/Civil Servant ROOT.pem" -cacert "rootca/Civil Servant ROOT.pem"
gmssl crlparse -in "crl/Civil Servant ROOT.crl"
gmssl crlverify -in "crl/Civil Servant ROOT.crl" -cacert "rootca/Civil Servant ROOT.pem"
gmssl certparse -in "rootca/Device ROOT.pem"
gmssl certverify -in "rootca/Device ROOT.pem" -cacert "rootca/Device ROOT.pem"
gmssl crlparse -in "crl/Device ROOT.crl"
gmssl crlverify -in "crl/Device ROOT.crl" -cacert "rootca/Device ROOT.pem"
gmssl certparse -in "rootca/ROOTCA.pem"
gmssl certverify -in "rootca/ROOTCA.pem" -cacert "rootca/ROOTCA.pem"
gmssl crlparse -in "crl/ROOTCA.crl"
gmssl crlverify -in "crl/ROOTCA.crl" -cacert "rootca/ROOTCA.pem" # now > next_update
# The CRL URI of ROOTCA.pem is in Base64 format, not DER
gmssl certverify -in "ca/TJCA.pem" -cacert "rootca/Civil Servant ROOT.pem" #-check_crl
gmssl certverify -in "ca/Taier CA.pem" -cacert "rootca/ROOTCA.pem" #-check_crl
gmssl certverify -in "ca/Ant Financial Certification Authority S1.pem" -cacert "rootca/ROOTCA.pem" #-check_crl
echo ok

129
demos/scripts/certverify.sh
View File

@@ -1,129 +0,0 @@
#!/bin/bash -x
set -e
signcert=ebssec.boc.cn-sign.pem
enccert=ebssec.boc.cn-enc.pem
crl=CFCA_SM2_OCA1.crl
cacert=CFCA_SM2_OCA1.pem
rootcacert=CFCA_CS_SM2_CA.pem
cat << EOF > $signcert
-----BEGIN CERTIFICATE-----
MIICzzCCAnKgAwIBAgIFEzY5M3AwDAYIKoEcz1UBg3UFADAlMQswCQYDVQQGEwJD
TjEWMBQGA1UECgwNQ0ZDQSBTTTIgT0NBMTAeFw0yMTA2MTEwOTA1MjBaFw0yNjA2
MTkwODE2NTZaMIGRMQswCQYDVQQGEwJDTjEPMA0GA1UECAwG5YyX5LqsMQ8wDQYD
VQQHDAbljJfkuqwxJzAlBgNVBAoMHuS4reWbvemTtuihjOiCoeS7veaciemZkOWF
rOWPuDERMA8GA1UECwwITG9jYWwgUkExDDAKBgNVBAsMA1NTTDEWMBQGA1UEAwwN
ZWJzc2VjLmJvYy5jbjBZMBMGByqGSM49AgEGCCqBHM9VAYItA0IABPsNUnoZQM9C
SnvC57TbvdfyOTCuPOSlZmPAyxBKFj+Y1QH/xlubHdVf5XqHrO1jCDRi7aN5IKGX
QF1492c803OjggEeMIIBGjAfBgNVHSMEGDAWgBRck1ggWiRzVhAbZFAQ7OmnygdB
ETAMBgNVHRMBAf8EAjAAMEgGA1UdIARBMD8wPQYIYIEchu8qAQEwMTAvBggrBgEF
BQcCARYjaHR0cDovL3d3dy5jZmNhLmNvbS5jbi91cy91cy0xNC5odG0wNwYDVR0f
BDAwLjAsoCqgKIYmaHR0cDovL2NybC5jZmNhLmNvbS5jbi9TTTIvY3JsNTYxOC5j
cmwwGAYDVR0RBBEwD4INZWJzc2VjLmJvYy5jbjAOBgNVHQ8BAf8EBAMCBsAwHQYD
VR0OBBYEFJ6oFo/OrKgDhHFORpaq04kX7T1KMB0GA1UdJQQWMBQGCCsGAQUFBwMC
BggrBgEFBQcDATAMBggqgRzPVQGDdQUAA0kAMEYCIQCvhSvbv5h6ERl1YcCLg+fz
9UleQbaPfBYwUjUD2dAHVQIhAMRC4k9S/mSC0UpUvCqh/DQC2Ui8Tccd5G2IgYSs
cnUN
-----END CERTIFICATE-----
EOF
cat << EOF > $enccert
-----BEGIN CERTIFICATE-----
MIICzjCCAnKgAwIBAgIFEzY5M3EwDAYIKoEcz1UBg3UFADAlMQswCQYDVQQGEwJD
TjEWMBQGA1UECgwNQ0ZDQSBTTTIgT0NBMTAeFw0yMTA2MTEwOTA1MjBaFw0yNjA2
MTkwODE2NTZaMIGRMQswCQYDVQQGEwJDTjEPMA0GA1UECAwG5YyX5LqsMQ8wDQYD
VQQHDAbljJfkuqwxJzAlBgNVBAoMHuS4reWbvemTtuihjOiCoeS7veaciemZkOWF
rOWPuDERMA8GA1UECwwITG9jYWwgUkExDDAKBgNVBAsMA1NTTDEWMBQGA1UEAwwN
ZWJzc2VjLmJvYy5jbjBZMBMGByqGSM49AgEGCCqBHM9VAYItA0IABMn1q+hbV0i1
qnKAy7QeZ3ZfAD+gqHX4F5MqIhsarODlWsavf/dcprC0F277zc44aYBB/3ucy4PF
qXaRHQp8PEyjggEeMIIBGjAfBgNVHSMEGDAWgBRck1ggWiRzVhAbZFAQ7OmnygdB
ETAMBgNVHRMBAf8EAjAAMEgGA1UdIARBMD8wPQYIYIEchu8qAQEwMTAvBggrBgEF
BQcCARYjaHR0cDovL3d3dy5jZmNhLmNvbS5jbi91cy91cy0xNC5odG0wNwYDVR0f
BDAwLjAsoCqgKIYmaHR0cDovL2NybC5jZmNhLmNvbS5jbi9TTTIvY3JsNTYxOC5j
cmwwGAYDVR0RBBEwD4INZWJzc2VjLmJvYy5jbjAOBgNVHQ8BAf8EBAMCAzgwHQYD
VR0OBBYEFF/a1JHvzLzbpFbBljX7hNxRpj/2MB0GA1UdJQQWMBQGCCsGAQUFBwMC
BggrBgEFBQcDATAMBggqgRzPVQGDdQUAA0gAMEUCIQDCOFi1eZcgiN6t+h6lxLwS
grAh3Jall+ZyA2ePw6xcjwIgNyDvo761dpwJhcyWfyVCAnaTf0Vf4DLWI1K+S7po
Ur8=
-----END CERTIFICATE-----
EOF
cat << EOF > $cacert
-----BEGIN CERTIFICATE-----
MIICNTCCAdmgAwIBAgIFEAAAAAgwDAYIKoEcz1UBg3UFADBYMQswCQYDVQQGEwJD
TjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9y
aXR5MRcwFQYDVQQDDA5DRkNBIENTIFNNMiBDQTAeFw0xMzAxMjQwODQ2NDBaFw0z
MzAxMTkwODQ2NDBaMCUxCzAJBgNVBAYTAkNOMRYwFAYDVQQKDA1DRkNBIFNNMiBP
Q0ExMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAEfJqQoo0+JoyCRy0msS2Ym076
8nV1pSLuK9utS1ij38obWDymq0oMRRwUzDMEQI19Cajo3JUoGFxOvsA+YWu3XKOB
wDCBvTAfBgNVHSMEGDAWgBTkjt3Uo+e2D+4dJ5bNddwlJXJp3TAMBgNVHRMEBTAD
AQH/MGAGA1UdHwRZMFcwVaBToFGkTzBNMQswCQYDVQQGEwJDTjETMBEGA1UECgwK
Q0ZDQSBDUyBDQTEMMAoGA1UECwwDQ1JMMQwwCgYDVQQLDANTTTIxDTALBgNVBAMM
BGNybDEwCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBRck1ggWiRzVhAbZFAQ7OmnygdB
ETAMBggqgRzPVQGDdQUAA0gAMEUCIBVscoZJhUy4eToK4C//LjvhjKK2qpBFac/h
Pr6yYTLzAiEAiyqrqsGUU5vGkDo5bEpmF1EbnY8xovsM9vCx98yBrVM=
-----END CERTIFICATE-----
EOF
cat << EOF > $rootcacert
-----BEGIN CERTIFICATE-----
MIICAzCCAaegAwIBAgIEFy9CWTAMBggqgRzPVQGDdQUAMFgxCzAJBgNVBAYTAkNO
MTAwLgYDVQQKDCdDaGluYSBGaW5hbmNpYWwgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
dHkxFzAVBgNVBAMMDkNGQ0EgQ1MgU00yIENBMB4XDTEyMDgzMTAyMDY1OVoXDTQy
MDgyNDAyMDY1OVowWDELMAkGA1UEBhMCQ04xMDAuBgNVBAoMJ0NoaW5hIEZpbmFu
Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEXMBUGA1UEAwwOQ0ZDQSBDUyBT
TTIgQ0EwWTATBgcqhkjOPQIBBggqgRzPVQGCLQNCAATuRh26wmtyKNMz+Pmneo3a
Sme+BCjRon8SvAxZBgLSuIxNUewq4kNujeb1I4A0yg7xNcjuOgXglAoQv+Tc+P0V
o10wWzAfBgNVHSMEGDAWgBTkjt3Uo+e2D+4dJ5bNddwlJXJp3TAMBgNVHRMEBTAD
AQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQU5I7d1KPntg/uHSeWzXXcJSVyad0w
DAYIKoEcz1UBg3UFAANIADBFAiBhP/rmIvles3RK1FfcmmEeS9RZdu+5lCzxF0nk
cof2QAIhAPVRpqOuceEQHsR77FBe/DgVPqF6lOyoZs0TzTDHrN8c
-----END CERTIFICATE-----
EOF
gmssl certverify -in $signcert -cacert $cacert
gmssl certverify -in $enccert -cacert $cacert
gmssl certverify -in $cacert -cacert $rootcacert
chain=chain.pem
cat $signcert > $chain
cat $cacert >> $chain
gmssl certverify -in $chain -cacert $rootcacert
chain_with_root=chain_with_root.pem
cp $chain $chain_with_root
cat $rootcacert >> $chain_with_root
gmssl certverify -in $chain_with_root -cacert $rootcacert
double_certs=double_certs.pem
cat $signcert > $double_certs
cat $enccert >> $double_certs
gmssl certverify -in $double_certs -cacert $cacert -double_certs
double_chain=double_chain.pem
cat $double_certs > $double_chain
cat $cacert >> $double_chain
gmssl certverify -in $double_chain -cacert $rootcacert -double_certs
gmssl certparse -in $double_chain
gmssl certverify -in $double_chain -cacert $rootcacert -double_certs -check_crl
gmssl crlget -cert $signcert -out $crl
gmssl crlparse -in $crl
rm -fr $signcert
rm -fr $enccert
rm -fr $crl
rm -fr $cacert
rm -fr $rootcacert
rm -fr $chain
rm -fr $chain_with_root
rm -fr $double_certs
rm -fr $double_chain
echo ok

17
demos/scripts/cmsdemo.sh
View File

@@ -1,17 +0,0 @@
#!/bin/bash
gmssl sm2keygen -pass 1234 -out key.pem -pubout keypub.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Alice -key_usage dataEncipherment -days 365 -key key.pem -pass 1234 -out cert.pem
echo "<html>The plaintext message.</html>" > plain.txt
gmssl cmsencrypt -in plain.txt -rcptcert cert.pem -out enveloped_data.pem
gmssl cmsparse -in enveloped_data.pem
gmssl cmsdecrypt -key key.pem -pass 1234 -cert cert.pem -in enveloped_data.pem
gmssl cmssign -key key.pem -pass 1234 -cert cert.pem -in plain.txt -out signed_data.pem
gmssl cmsparse -in signed_data.pem
gmssl cmsverify -in signed_data.pem -out signed_data.txt
cat signed_data.txt

42
demos/scripts/reqdemo.sh
View File

@@ -1,42 +0,0 @@
#!/bin/bash -x
set -e
# generate self-signed CA certificate
gmssl sm2keygen -pass 1234 -out cakey.pem -pubout pubkey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN CA -days 365 -key cakey.pem -pass 1234 -out cacert.pem
gmssl certparse -in cacert.pem
# generate a req and sign by CA certificate
gmssl sm2keygen -pass 1234 -out signkey.pem -pubout pubkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Alice -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem
# sign a encryption certificate with the same DN, different KeyUsage extension
gmssl sm2keygen -pass 1234 -out enckey.pem -pubout pubkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Alice -key enckey.pem -pass 1234 -out encreq.pem
gmssl reqsign -in encreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem
gmssl certparse -in enccert.pem
# 中文
gmssl sm2keygen -pass 1234 -out alicekey.pem -pubout alicepubkey.pem
gmssl reqgen -O "北京大学" -CN "爱丽丝" -key alicekey.pem -pass 1234 -out alicereq.pem
gmssl reqsign -in alicereq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out alicecert.pem
gmssl certparse -in alicecert.pem
rm -fr pubkey.pem
rm -fr cacert.pem
rm -fr signkey.pem
rm -fr signreq.pem
rm -fr signcert.pem
rm -fr enckey.pem
rm -fr encreq.pem
rm -fr enccert.pem
rm -fr alicekey.pem
rm -fr alicepubkey.pem
rm -fr alicereq.pem
rm -fr alicecert.pem
echo ok

8
demos/scripts/tlcp_client.sh
View File

@@ -1,8 +0,0 @@
#!/bin/bash -x
# https://ebssec.boc.cn
gmssl tlcp_client -host 123.124.191.183
# https://zffw.jxzwfww.gov.cn
gmssl tlcp_client -host 218.87.21.62

49
demos/scripts/tlcp_server.sh
View File

@@ -1,49 +0,0 @@
#!/bin/bash -x
gmssl sm2keygen -pass 1234 -out rootcakey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign -ca
gmssl certparse -in rootcacert.pem
gmssl sm2keygen -pass 1234 -out cakey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -key cakey.pem -pass 1234 -out careq.pem
gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem -ca
gmssl certparse -in cacert.pem
gmssl sm2keygen -pass 1234 -out signkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem
gmssl sm2keygen -pass 1234 -out enckey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -key enckey.pem -pass 1234 -out encreq.pem
gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem
gmssl certparse -in enccert.pem
cat signcert.pem > double_certs.pem
cat enccert.pem >> double_certs.pem
cat cacert.pem >> double_certs.pem
sudo gmssl tlcp_server -port 443 -cert double_certs.pem -key signkey.pem -pass 1234 -ex_key enckey.pem -ex_pass 1234 -cacert cacert.pem 1>/dev/null 2>/dev/null &
#sudo gmssl tlcp_server -port 443 -cert double_certs.pem -key signkey.pem -pass 1234 -ex_key enckey.pem -ex_pass 1234 1>/dev/null 2>/dev/null &
sleep 3
gmssl sm2keygen -pass 1234 -out clientkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Client -key clientkey.pem -pass 1234 -out clientreq.pem
gmssl reqsign -in clientreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out clientcert.pem
gmssl certparse -in clientcert.pem
# build and install BabaSSL 8.3.2
# Download
# ./config enable-ntls; make; sudo make install
# current /demos/scripts
# /build/bin
openssl version
../../build/bin/demo_sm2_key_export clientkey.pem 1234 > clientpkey.pem
#openssl s_client -enable_ntls -ntls -connect localhost:443 -no_ticket -CAfile rootcacert.pem -sign_cert clientcert.pem -sign_key clientpkey.pem -pass pass:1234

36
demos/scripts/tls12demo.sh
View File

@@ -1,36 +0,0 @@
#!/bin/bash -x
gmssl sm2keygen -pass 1234 -out rootcakey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign -ca
gmssl certparse -in rootcacert.pem
gmssl sm2keygen -pass 1234 -out cakey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -key cakey.pem -pass 1234 -out careq.pem
gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem -ca -path_len_constraint 0
gmssl certparse -in cacert.pem
gmssl sm2keygen -pass 1234 -out signkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem
cat signcert.pem > certs.pem
cat cacert.pem >> certs.pem
# If port is already in use, `gmssl` will fail, use `ps aux | grep gmssl` and `sudo kill -9` to kill existing proc
# TODO: check if `gmssl` is failed
which sudo
if [ $? -eq 0 ]; then
SUDO=sudo
fi
$SUDO gmssl tls12_server -port 4430 -cert certs.pem -key signkey.pem -pass 1234 -cacert cacert.pem & #1>/dev/null 2>/dev/null &
sleep 3
gmssl sm2keygen -pass 1234 -out clientkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Client -key clientkey.pem -pass 1234 -out clientreq.pem
gmssl reqsign -in clientreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out clientcert.pem
gmssl certparse -in clientcert.pem
gmssl tls12_client -host 127.0.0.1 -port 4430 -cacert rootcacert.pem -cert clientcert.pem -key clientkey.pem -pass 1234

36
demos/scripts/tls13demo.sh
View File

@@ -1,36 +0,0 @@
#!/bin/bash -x
gmssl sm2keygen -pass 1234 -out rootcakey.pem
gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign -ca
gmssl certparse -in rootcacert.pem
gmssl sm2keygen -pass 1234 -out cakey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -key cakey.pem -pass 1234 -out careq.pem
gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -ca -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem
gmssl certparse -in cacert.pem
gmssl sm2keygen -pass 1234 -out signkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -key signkey.pem -pass 1234 -out signreq.pem
gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
gmssl certparse -in signcert.pem
cat signcert.pem > certs.pem
cat cacert.pem >> certs.pem
# If port is already in use, `gmssl` will fail, use `ps aux | grep gmssl` and `sudo kill -9` to kill existing proc
# TODO: check if `gmssl` is failed
which sudo
if [ $? -eq 0 ]; then
SUDO=sudo
fi
$SUDO gmssl tls13_server -port 4433 -cert certs.pem -key signkey.pem -pass 1234 -cacert cacert.pem & # 1>/dev/null 2>/dev/null &
sleep 3
gmssl sm2keygen -pass 1234 -out clientkey.pem
gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Client -key clientkey.pem -pass 1234 -out clientreq.pem
gmssl reqsign -in clientreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out clientcert.pem
gmssl certparse -in clientcert.pem
gmssl tls13_client -host 127.0.0.1 -port 4433 -cacert rootcacert.pem -cert clientcert.pem -key clientkey.pem -pass 1234

44
demos/src/asn1_oid_from_der_demo.c
View File

@@ -1,44 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/oid.h>
#include <gmssl/asn1.h>
int main(int argc, char **argv)
{
int ret = -1;
uint8_t der[] = { 0x06,0x06,0x2a,0x81,0x1c,0xcf,0x55,0x01 };
uint32_t oid[32];
size_t oid_num;
const uint8_t *cp;
size_t len;
size_t i;
cp = der;
len = sizeof(der);
if (asn1_object_identifier_from_der(oid, &oid_num, &cp, &len) != 1) {
fprintf(stderr, "asn1_object_identifier_from_der() error\n");
goto err;
}
printf("oid: ");
for (i = 0; i < oid_num; i++) {
printf("%u ", oid[i]);
}
printf("\n");
ret = 0;
err:
return ret;
}

49
demos/src/asn1_oid_to_der_demo.c
View File

@@ -1,49 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/oid.h>
#include <gmssl/asn1.h>
int main(int argc, char **argv)
{
int ret = -1;
uint32_t oid[] = {1,2,156,10197,1};
uint8_t buf[64];
uint8_t *p;
size_t len;
size_t i;
p = buf;
len = 0;
if (asn1_object_identifier_to_der(oid, sizeof(oid)/sizeof(oid[0]), &p, &len) != 1) {
fprintf(stderr, "asn1_object_identifier_to_der() error\n");
goto err;
}
printf("oid: ");
for (i = 0; i < sizeof(oid)/sizeof(oid[0]); i++) {
printf("%u ", oid[i]);
}
printf("\n");
printf("der: ");
for (i = 0; i < len; i++) {
printf("%02x ", buf[i]);
}
printf("\n");
ret = 0;
err:
return ret;
}

56
demos/src/base64_demo.c
View File

@@ -1,56 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/base64.h>
#include <gmssl/error.h>
#include <gmssl/rand.h>
int main(void)
{
BASE64_CTX ctx;
uint8_t buf[200];
char base64[400] = {0};
uint8_t *in = buf;
uint8_t *out = (uint8_t *)base64;
int len;
int i;
int inlen = 47;
rand_bytes(buf, sizeof(buf));
base64_encode_init(&ctx);
base64_encode_update(&ctx, in, inlen, out, &len);
out += len;
in += inlen;
printf("1 %s\n", base64);
base64_encode_update(&ctx, in, inlen, out, &len);
out += len;
in += inlen;
printf("2 %s\n", base64);
base64_encode_update(&ctx, in, 30, out, &len);
out += len;
in += 48;
printf("3 %s\n", base64);
base64_encode_update(&ctx, in, 30, out, &len);
out += len;
in += 48;
printf("4 %s\n", base64);
return 0;
}

57
demos/src/http_get_demo.c
View File

@@ -1,57 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/http.h>
#include <gmssl/error.h>
char *http_uri = "http://mscrl.microsoft.com/pki/mscorp/crl/Microsoft%20RSA%20TLS%20CA%2002.crl";
char *file_name = "Microsoft RSA TLS CA 02.crl";
int main(int argc, char **argv)
{
uint8_t *buf = NULL;
size_t buflen;
size_t len;
FILE *fp = NULL;
printf("http_get %s\n", http_uri);
if (http_get(http_uri, NULL, &buflen, 0) != 1) {
fprintf(stderr, "http_get() error\n");
goto err;
}
if (!(buf = malloc(len))) {
fprintf(stderr, "malloc() error\n");
goto err;
}
if (http_get(http_uri, buf, &len, buflen) != 1) {
fprintf(stderr, "http_get() error\n");
goto err;
}
if (!(fp = fopen(file_name, "wb"))) {
fprintf(stderr, "fopen() error\n");
goto err;
}
fwrite(buf, 1, len, fp);
printf("save to %s\n", file_name);
err:
if (buf) free(buf);
if (fp) fclose(fp);
return 0;
}

77
demos/src/list.c
View File

@@ -1,77 +0,0 @@
asn1_oid_from_der_demo.c
asn1_oid_to_der_demo.c
base64_demo.c
http_get_demo.c
list.txt
password_to_key_demo.c
pem_from_der_demo.c
pem_to_der_demo.c
rand_demo.c
rdrand_demo.c
sdf_info_demo.c
sdf_rand_demo.c
sdf_sign_demo.c
sha1_digest_demo.c
sha256_digest_demo.c
sha512_256_digest_demo.c
sha512_digest_demo.c
sm2_ciphertext_to_der_demo.c
sm2_ecdh_demo.c
sm2_encrypt_demo.c
sm2_encrypt_fixlen_demo.c
sm2_id_demo.c
sm2_key_export_demo.c
sm2_keygen_demo.c
sm2_keyparse_demo.c
sm2_point_demo.c
sm2_point_from_bin_demo.c
sm2_point_from_hash_demo.c
sm2_point_from_octets_demo.c
sm2_point_to_bin_demo.c
sm2_point_to_octets_demo.c
sm2_private_key_demo.c
sm2_private_key_parse_demo.c
sm2_public_key_demo.c
sm2_sig_from_bin_demo.c
sm2_sig_from_der_demo.c
sm2_sig_to_der_demo.c
sm2_sign_ctx_demo.c
sm2_sign_ctx_fixlen_demo.c
sm2_sign_demo.c
sm2_sign_digest_demo.c
sm3_ctx_demo.c
sm3_ctx_stdin_demo.c
sm3_demo.c
sm3_hmac_ctx_demo.c
sm3_hmac_demo.c
sm4_cbc_ctx_decrypt_stdin_demo.c
sm4_cbc_ctx_encrypt_stdin_demo.c
sm4_cbc_demo.c
sm4_cbc_mac_demo.c
sm4_cbc_padding_demo.c
sm4_cbc_sm3_hmac_demo.c
sm4_consts_demo.c
sm4_ctr_demo.c
sm4_ctr_encrypt_update_demo.c
sm4_ctr_sm3_hmac_demo.c
sm4_demo.c
sm4_ecb_demo.c
sm4_gcm_ctx_demo.c
sm4_gcm_demo.c
sm4_key_demo.c
sm9_encrypt_demo.c
sm9_keygen_demo.c
sm9_sign_demo.c
tlcp_get_demo.c
tlcp_post_demo.c
version_demo.c
x509_cert_check_demo.c
x509_cert_parse_demo.c
x509_cert_print_demo.c
x509_cert_verify_demo.c
x509_crl_download_demo.c
x509_crl_find_revoked_cert_demo.c
x509_crl_print_demo.c
x509_crl_verify_demo.c
zuc_demo.c
zuc_encrypt_stdin_demo.c

43
demos/src/password_to_key_demo.c
View File

@@ -1,43 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/rand.h>
#include <gmssl/pbkdf2.h>
int main(int argc, char **argv)
{
char *pass = "P@ssw0rd";
uint8_t salt[8];
size_t iter = 8000;
uint8_t key[16];
size_t i;
if (rand_bytes(salt, sizeof(salt)) != 1) {
fprintf(stderr, "rand_bytes() error\n");
return -1;
}
if (pbkdf2_hmac_sm3_genkey(pass, strlen(pass), salt, sizeof(salt), iter, sizeof(key), key) != 1) {
fprintf(stderr, "pbkdf2 error\n");
return -1;
}
printf("pbkdf2('%s') = ", pass);
for (i = 0; i < sizeof(key); i++) {
printf("%02x", key[i]);
}
printf("\n");
return 0;
}

103
demos/src/pem_from_der_demo.c
View File

@@ -1,103 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/pem.h>
uint8_t crl_der[] = {
0x30,0x82,0x04,0x09,0x30,0x82,0x03,0xb0,0x02,0x01,0x01,0x30,0x0a,0x06,0x08,0x2a,
0x81,0x1c,0xcf,0x55,0x01,0x83,0x75,0x30,0x2e,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,
0x04,0x06,0x13,0x02,0x43,0x4e,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x0a,0x0c,
0x05,0x4e,0x52,0x43,0x41,0x43,0x31,0x0f,0x30,0x0d,0x06,0x03,0x55,0x04,0x03,0x0c,
0x06,0x52,0x4f,0x4f,0x54,0x43,0x41,0x17,0x0d,0x32,0x32,0x30,0x35,0x30,0x35,0x30,
0x36,0x32,0x30,0x35,0x34,0x5a,0x17,0x0d,0x32,0x32,0x30,0x36,0x30,0x34,0x30,0x36,
0x32,0x30,0x35,0x34,0x5a,0x30,0x82,0x03,0x1e,0x30,0x21,0x02,0x10,0x12,0xf2,0xd0,
0x93,0x24,0xb0,0xa3,0xeb,0x71,0x32,0xaa,0x7f,0x24,0xa8,0x14,0x9a,0x17,0x0d,0x31,
0x34,0x30,0x36,0x32,0x36,0x30,0x36,0x35,0x38,0x34,0x38,0x5a,0x30,0x2f,0x02,0x10,
0x17,0x59,0x1f,0x6e,0x22,0x4b,0x3e,0xb6,0x0a,0x35,0xdc,0x48,0x27,0x8c,0x37,0x74,
0x17,0x0d,0x32,0x32,0x30,0x33,0x31,0x30,0x30,0x37,0x32,0x36,0x34,0x36,0x5a,0x30,
0x0c,0x30,0x0a,0x06,0x03,0x55,0x1d,0x15,0x04,0x03,0x0a,0x01,0x05,0x30,0x2f,0x02,
0x10,0x21,0x6b,0xbe,0xb7,0x4c,0x02,0xb6,0x80,0x24,0xa0,0xed,0x70,0xe8,0xa9,0x25,
0x8c,0x17,0x0d,0x31,0x34,0x30,0x33,0x31,0x31,0x30,0x32,0x31,0x38,0x34,0x37,0x5a,
0x30,0x0c,0x30,0x0a,0x06,0x03,0x55,0x1d,0x15,0x04,0x03,0x0a,0x01,0x04,0x30,0x2f,
0x02,0x10,0x2c,0xa3,0x5f,0xa2,0xf0,0x60,0x79,0x1b,0xb1,0xf3,0x7d,0xb6,0x5c,0x1c,
0x77,0x1f,0x17,0x0d,0x31,0x38,0x30,0x35,0x32,0x38,0x30,0x36,0x35,0x30,0x34,0x38,
0x5a,0x30,0x0c,0x30,0x0a,0x06,0x03,0x55,0x1d,0x15,0x04,0x03,0x0a,0x01,0x04,0x30,
0x21,0x02,0x10,0x2e,0x7f,0x89,0x45,0x69,0xce,0x6d,0xf5,0x2d,0x7e,0xe2,0x84,0x67,
0xd2,0xe4,0xdf,0x17,0x0d,0x31,0x35,0x30,0x37,0x31,0x30,0x30,0x36,0x31,0x36,0x34,
0x33,0x5a,0x30,0x2f,0x02,0x10,0x31,0xbc,0x81,0x40,0x9c,0x89,0x35,0x13,0x14,0x22,
0x94,0xb6,0xbb,0x97,0x2e,0xdf,0x17,0x0d,0x32,0x32,0x30,0x31,0x32,0x30,0x30,0x32,
0x30,0x39,0x30,0x37,0x5a,0x30,0x0c,0x30,0x0a,0x06,0x03,0x55,0x1d,0x15,0x04,0x03,
0x0a,0x01,0x04,0x30,0x21,0x02,0x10,0x42,0xaa,0xc5,0x23,0x6b,0x62,0xf6,0x02,0x6f,
0x47,0xef,0xd4,0x89,0x14,0x75,0x27,0x17,0x0d,0x31,0x32,0x31,0x30,0x31,0x33,0x30,
0x37,0x32,0x34,0x30,0x31,0x5a,0x30,0x2f,0x02,0x10,0x4a,0xa5,0x3f,0x14,0x67,0x70,
0xca,0x9f,0x98,0x9c,0x85,0x55,0x33,0x2c,0x79,0x92,0x17,0x0d,0x32,0x32,0x30,0x34,
0x31,0x32,0x30,0x37,0x32,0x32,0x30,0x30,0x5a,0x30,0x0c,0x30,0x0a,0x06,0x03,0x55,
0x1d,0x15,0x04,0x03,0x0a,0x01,0x04,0x30,0x21,0x02,0x10,0x4c,0x0f,0x16,0xed,0xaa,
0x13,0x37,0xb4,0x88,0xb2,0xf6,0x0e,0x43,0x4a,0x68,0x17,0x17,0x0d,0x31,0x33,0x30,
0x36,0x30,0x34,0x30,0x32,0x34,0x35,0x31,0x39,0x5a,0x30,0x2f,0x02,0x10,0x52,0xe1,
0xbb,0x7d,0x5f,0x1f,0x20,0x39,0x03,0xc1,0x5c,0xca,0x1a,0x4c,0x83,0x76,0x17,0x0d,
0x31,0x38,0x30,0x36,0x30,0x35,0x30,0x32,0x32,0x37,0x35,0x39,0x5a,0x30,0x0c,0x30,
0x0a,0x06,0x03,0x55,0x1d,0x15,0x04,0x03,0x0a,0x01,0x04,0x30,0x2f,0x02,0x10,0x5c,
0x15,0x8a,0x4c,0xbf,0x15,0xd7,0xee,0x15,0x40,0xad,0xce,0x01,0x08,0x79,0x32,0x17,
0x0d,0x31,0x38,0x31,0x31,0x30,0x39,0x30,0x32,0x30,0x38,0x32,0x32,0x5a,0x30,0x0c,
0x30,0x0a,0x06,0x03,0x55,0x1d,0x15,0x04,0x03,0x0a,0x01,0x04,0x30,0x2f,0x02,0x10,
0x66,0x5f,0x88,0xb8,0xdd,0x4b,0x55,0xfa,0x7d,0x04,0x51,0x1c,0xf0,0x1a,0xba,0x17,
0x17,0x0d,0x32,0x32,0x30,0x34,0x32,0x31,0x30,0x38,0x30,0x31,0x34,0x34,0x5a,0x30,
0x0c,0x30,0x0a,0x06,0x03,0x55,0x1d,0x15,0x04,0x03,0x0a,0x01,0x04,0x30,0x2f,0x02,
0x10,0x69,0x70,0x58,0x15,0xa8,0x93,0x5e,0x56,0x18,0x76,0xdd,0xe1,0x5d,0x71,0x98,
0x29,0x17,0x0d,0x32,0x30,0x31,0x30,0x32,0x39,0x30,0x30,0x31,0x36,0x31,0x30,0x5a,
0x30,0x0c,0x30,0x0a,0x06,0x03,0x55,0x1d,0x15,0x04,0x03,0x0a,0x01,0x04,0x30,0x2f,
0x02,0x10,0x6d,0x62,0x99,0x0b,0x63,0x49,0xe7,0x85,0xe6,0xb2,0x5b,0xf6,0x51,0x2e,
0x89,0xcd,0x17,0x0d,0x32,0x32,0x30,0x32,0x32,0x38,0x30,0x37,0x31,0x36,0x34,0x35,
0x5a,0x30,0x0c,0x30,0x0a,0x06,0x03,0x55,0x1d,0x15,0x04,0x03,0x0a,0x01,0x04,0x30,
0x21,0x02,0x10,0x6e,0x5d,0x72,0xce,0x80,0xdc,0x72,0x56,0x45,0xb7,0x4c,0xea,0xa7,
0xc8,0x85,0xc1,0x17,0x0d,0x31,0x32,0x31,0x30,0x31,0x33,0x30,0x38,0x34,0x38,0x32,
0x33,0x5a,0x30,0x2f,0x02,0x10,0x76,0x59,0x40,0x26,0x0b,0xb4,0xd6,0xf5,0xdb,0x3f,
0xe8,0xad,0x95,0x58,0x6b,0x1f,0x17,0x0d,0x32,0x31,0x31,0x32,0x30,0x38,0x31,0x30,
0x32,0x34,0x35,0x35,0x5a,0x30,0x0c,0x30,0x0a,0x06,0x03,0x55,0x1d,0x15,0x04,0x03,
0x0a,0x01,0x05,0x30,0x2f,0x02,0x10,0x79,0x1c,0x2d,0x38,0x15,0x8d,0x88,0xab,0x00,
0x4b,0x00,0x91,0xda,0x2e,0x90,0x7e,0x17,0x0d,0x32,0x32,0x30,0x34,0x32,0x30,0x30,
0x38,0x32,0x36,0x34,0x35,0x5a,0x30,0x0c,0x30,0x0a,0x06,0x03,0x55,0x1d,0x15,0x04,
0x03,0x0a,0x01,0x04,0x30,0x21,0x02,0x10,0x7e,0x15,0xe7,0xdf,0x22,0x39,0x96,0xf2,
0x2d,0xd4,0x66,0x05,0xa7,0x68,0xad,0xf7,0x17,0x0d,0x31,0x32,0x31,0x30,0x31,0x33,
0x30,0x38,0x34,0x37,0x34,0x38,0x5a,0xa0,0x2f,0x30,0x2d,0x30,0x1f,0x06,0x03,0x55,
0x1d,0x23,0x04,0x18,0x30,0x16,0x80,0x14,0x4c,0x32,0xb1,0x97,0xd9,0x33,0x1b,0xc4,
0xa6,0x05,0xc1,0xc6,0xe5,0x8b,0x62,0x5b,0xf0,0x97,0x76,0x58,0x30,0x0a,0x06,0x03,
0x55,0x1d,0x14,0x04,0x03,0x02,0x01,0x00,0x30,0x0a,0x06,0x08,0x2a,0x81,0x1c,0xcf,
0x55,0x01,0x83,0x75,0x03,0x47,0x00,0x30,0x44,0x02,0x20,0x3c,0x84,0xcf,0x42,0x86,
0x30,0xdb,0xc4,0xd4,0x27,0xb9,0x9c,0xdb,0xdf,0x3d,0xa8,0x39,0xa1,0x25,0xf1,0x89,
0xf6,0xe7,0x75,0x23,0xf4,0x5f,0xaf,0x31,0x8d,0x36,0x66,0x02,0x20,0x3a,0x22,0x79,
0xd2,0x7f,0x6d,0x6e,0x96,0x10,0x86,0xbc,0xe1,0x78,0x93,0x33,0xdd,0xef,0x6b,0xfc,
0x08,0xe6,0x0f,0x16,0x4b,0xc9,0xab,0x4e,0x90,0xc0,0xf7,0xd4,0xc2,};
int main(int argc, char **argv)
{
int ret = -1;
FILE *fp = NULL;
if (!(fp = fopen("crl.pem", "wb"))) {
fprintf(stderr, "open crl.pem error\n");
goto err;
}
if (pem_write(fp, "X509 CRL", crl_der, sizeof(crl_der)) != 1) {
fprintf(stderr, "pem_write() error\n");
goto err;
}
ret = 0;
err:
fclose(fp);
return ret;
}

92
demos/src/pem_to_der_demo.c
View File

@@ -1,92 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/pem.h>
char *pem =
"-----BEGIN X509 CRL-----\n"
"MIIECTCCA7ACAQEwCgYIKoEcz1UBg3UwLjELMAkGA1UEBhMCQ04xDjAMBgNVBAoM\n"
"BU5SQ0FDMQ8wDQYDVQQDDAZST09UQ0EXDTIyMDUwNTA2MjA1NFoXDTIyMDYwNDA2\n"
"MjA1NFowggMeMCECEBLy0JMksKPrcTKqfySoFJoXDTE0MDYyNjA2NTg0OFowLwIQ\n"
"F1kfbiJLPrYKNdxIJ4w3dBcNMjIwMzEwMDcyNjQ2WjAMMAoGA1UdFQQDCgEFMC8C\n"
"ECFrvrdMAraAJKDtcOipJYwXDTE0MDMxMTAyMTg0N1owDDAKBgNVHRUEAwoBBDAv\n"
"AhAso1+i8GB5G7HzfbZcHHcfFw0xODA1MjgwNjUwNDhaMAwwCgYDVR0VBAMKAQQw\n"
"IQIQLn+JRWnObfUtfuKEZ9Lk3xcNMTUwNzEwMDYxNjQzWjAvAhAxvIFAnIk1ExQi\n"
"lLa7ly7fFw0yMjAxMjAwMjA5MDdaMAwwCgYDVR0VBAMKAQQwIQIQQqrFI2ti9gJv\n"
"R+/UiRR1JxcNMTIxMDEzMDcyNDAxWjAvAhBKpT8UZ3DKn5ichVUzLHmSFw0yMjA0\n"
"MTIwNzIyMDBaMAwwCgYDVR0VBAMKAQQwIQIQTA8W7aoTN7SIsvYOQ0poFxcNMTMw\n"
"NjA0MDI0NTE5WjAvAhBS4bt9Xx8gOQPBXMoaTIN2Fw0xODA2MDUwMjI3NTlaMAww\n"
"CgYDVR0VBAMKAQQwLwIQXBWKTL8V1+4VQK3OAQh5MhcNMTgxMTA5MDIwODIyWjAM\n"
"MAoGA1UdFQQDCgEEMC8CEGZfiLjdS1X6fQRRHPAauhcXDTIyMDQyMTA4MDE0NFow\n"
"DDAKBgNVHRUEAwoBBDAvAhBpcFgVqJNeVhh23eFdcZgpFw0yMDEwMjkwMDE2MTBa\n"
"MAwwCgYDVR0VBAMKAQQwLwIQbWKZC2NJ54Xmslv2US6JzRcNMjIwMjI4MDcxNjQ1\n"
"WjAMMAoGA1UdFQQDCgEEMCECEG5dcs6A3HJWRbdM6qfIhcEXDTEyMTAxMzA4NDgy\n"
"M1owLwIQdllAJgu01vXbP+itlVhrHxcNMjExMjA4MTAyNDU1WjAMMAoGA1UdFQQD\n"
"CgEFMC8CEHkcLTgVjYirAEsAkdoukH4XDTIyMDQyMDA4MjY0NVowDDAKBgNVHRUE\n"
"AwoBBDAhAhB+FeffIjmW8i3UZgWnaK33Fw0xMjEwMTMwODQ3NDhaoC8wLTAfBgNV\n"
"HSMEGDAWgBRMMrGX2TMbxKYFwcbli2Jb8Jd2WDAKBgNVHRQEAwIBADAKBggqgRzP\n"
"VQGDdQNHADBEAiA8hM9ChjDbxNQnuZzb3z2oOaEl8Yn253Uj9F+vMY02ZgIgOiJ5\n"
"0n9tbpYQhrzheJMz3e9r/AjmDxZLyatOkMD31MI=\n"
"-----END X509 CRL-----\n";
static int prepare_pem_file(void)
{
FILE *fp;
if (!(fp = fopen("crl.pem", "wb"))) {
fprintf(stderr, "fopen() error\n");
return -1;
}
if (fwrite(pem, 1, strlen(pem), fp) != strlen(pem)) {
fprintf(stderr, "fwrite() error\n");
return -1;
}
fclose(fp);
return 1;
}
int main(int argc, char **argv)
{
int ret = -1;
FILE *fp = NULL;
uint8_t buf[4096];
size_t len;
size_t i;
(void)prepare_pem_file();
if (!(fp = fopen("crl.pem", "rb"))) {
fprintf(stderr, "open crl.pem error\n");
goto err;
}
if (pem_read(fp, "X509 CRL", buf, &len, sizeof(buf)) != 1) {
fprintf(stderr, "pem_read() error\n");
goto err;
}
printf("uint8_t crl_der[] = {");
for (i = 0; i < len; i++) {
if (i % 16 == 0) printf("\n");
printf("0x%02x,", buf[i]);
}
printf("};\n");
ret = 0;
err:
fclose(fp);
return ret;
}

38
demos/src/rand_demo.c
View File

@@ -1,38 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/rand.h>
int main(int argc, char **argv)
{
uint8_t buf[1024];
size_t i;
if (rand_bytes(buf, 32) != 1) {
fprintf(stderr, "rand_bytes() failure\n");
return 1;
}
printf("rand_bytes() output: ");
for (i = 0; i < 32; i++) {
printf("%02x", buf[i]);
}
printf("\n");
if (rand_bytes(buf, sizeof(buf)) != 1) {
fprintf(stderr, "rand_bytes() failure, maybe %zu is too long\n", sizeof(buf));
return 1;
}
return 0;
}

30
demos/src/rdrand_demo.c
View File

@@ -1,30 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/rdrand.h>
#include <gmssl/error.h>
int main(void)
{
uint8_t buf[32];
if (rdrand_bytes(buf, sizeof(buf)) != 1) {
error_print();
return -1;
}
format_bytes(stdout, 0, 0, "rdrand output", buf, sizeof(buf));
return 0;
}

41
demos/src/sdf_info_demo.c
View File

@@ -1,41 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sdf.h>
#include <gmssl/error.h>
int main(void)
{
int ret = -1;
char *so_path = "libsdf_dummy.so";
SDF_DEVICE dev;
if (sdf_load_library(so_path, NULL) != 1) {
error_print();
return -1;
}
if (sdf_open_device(&dev) != 1) {
error_print();
goto err;
}
sdf_print_device_info(stdout, 0, 0, "SDF Device Info", &dev);
ret = 0;
err:
sdf_close_device(&dev);
sdf_unload_library();
return ret;
}

47
demos/src/sdf_rand_demo.c
View File

@@ -1,47 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sdf.h>
#include <gmssl/error.h>
int main(void)
{
int ret = -1;
char *so_path = "libsdf_dummy.so";
SDF_DEVICE dev;
uint8_t buf[32];
if (sdf_load_library(so_path, NULL) != 1) {
error_print();
return -1;
}
if (sdf_open_device(&dev) != 1) {
error_print();
goto err;
}
if (sdf_rand_bytes(&dev, buf, sizeof(buf)) != 1) {
error_print();
goto err;
}
format_bytes(stdout, 0, 0, "sdf_rand_bytes", buf, sizeof(buf));
ret = 0;
err:
sdf_close_device(&dev);
sdf_unload_library();
return ret;
}

67
demos/src/sdf_sign_demo.c
View File

@@ -1,67 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sdf.h>
#include <gmssl/error.h>
int main(void)
{
int ret = -1;
char *so_path = "libsdf_dummy.so";
SDF_DEVICE dev;
SDF_KEY sign_key;
int key_index = 0;
char *key_pass = "P@ssw0rd";
uint8_t dgst[32];
uint8_t sig[SM2_MAX_SIGNATURE_SIZE];
size_t siglen;
if (sdf_load_library(so_path, NULL) != 1) {
error_print();
return -1;
}
if (sdf_open_device(&dev) != 1) {
error_print();
goto err;
}
if (sdf_load_sign_key(&dev, &sign_key, key_index, key_pass) != 1) {
error_print();
goto err;
}
if (sdf_sign(&sign_key, dgst, sig, &siglen) != 1) {
error_print();
goto err;
}
#if 0
// TODO: verify_key ...
if (sm2_verify(&verify_key, dgst, sig, siglen) != 1) {
error_print();
goto err;
}
#endif
ret = 0;
err:
sdf_release_key(&sign_key);
sdf_close_device(&dev);
sdf_unload_library();
return ret;
}

31
demos/src/sha1_digest_demo.c
View File

@@ -1,31 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sha1.h>
int main(int argc, char **argv)
{
uint8_t dgst[SHA1_DIGEST_SIZE];
size_t i;
sha1_digest((uint8_t *)"abc", 3, dgst);
printf("sha1('abc') = ");
for (i = 0; i < sizeof(dgst); i++) {
printf("%02x", dgst[i]);
}
printf("\n");
return 0;
}

31
demos/src/sha256_digest_demo.c
View File

@@ -1,31 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sha2.h>
int main(int argc, char **argv)
{
uint8_t dgst[SHA256_DIGEST_SIZE];
size_t i;
sha256_digest((uint8_t *)"abc", 3, dgst);
printf("sha256('abc') = ");
for (i = 0; i < sizeof(dgst); i++) {
printf("%02x", dgst[i]);
}
printf("\n");
return 0;
}

31
demos/src/sha512_256_digest_demo.c
View File

@@ -1,31 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sha2.h>
int main(int argc, char **argv)
{
uint8_t dgst[SHA512_DIGEST_SIZE];
size_t i;
sha512_digest((uint8_t *)"abc", 3, dgst);
printf("sha512_256('abc') = ");
for (i = 0; i < 256/8; i++) {
printf("%02x", dgst[i]);
}
printf("\n");
return 0;
}

31
demos/src/sha512_digest_demo.c
View File

@@ -1,31 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sha2.h>
int main(int argc, char **argv)
{
uint8_t dgst[SHA512_DIGEST_SIZE];
size_t i;
sha512_digest((uint8_t *)"abc", 3, dgst);
printf("sha512('abc') = ");
for (i = 0; i < sizeof(dgst); i++) {
printf("%02x", dgst[i]);
}
printf("\n");
return 0;
}

43
demos/src/sm2_ciphertext_to_der_demo.c
View File

@@ -1,43 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/error.h>
void gen_ciphertext(void)
{
SM2_KEY sm2_key;
SM2_CIPHERTEXT ciphertext;
sm2_key_generate(&sm2_key);
sm2_do_encrypt(&sm2_key, (uint8_t *)"P@ssw0rd", 8, &ciphertext);
// 这里我们需要把密文的各个部分输出乘C的数组
}
// 这个例子要把一个来自于其他软件的密文转换为GmSSL的密文
int main(void)
{
SM2_CIPHERTEXT C;
uint8_t ciphertext_der[SM2_MAX_CIPHERTEXT_SIZE];
if (sm2_ciphertext_to_der(&C, &p, &len) != 1) {
fprintf(stderr, "sm2_ciphertext_to_der() error\n");
goto err;
}
format_bytes(stdout, 0, 0, "Ciphertext", der, derlen);
return 0;
}

66
demos/src/sm2_ecdh_demo.c
View File

@@ -1,66 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
int main(void)
{
// Alice Bob
SM2_KEY alice_ecdhe; SM2_KEY bob_ecdhe;
uint8_t alice_public[65]; uint8_t bob_public[65];
SM2_POINT alice_share_point; SM2_POINT bob_share_point;
SM3_KDF_CTX alice_ctx; SM3_KDF_CTX bob_ctx;
uint8_t alice_share_key[32]; uint8_t bob_share_key[32];
sm2_key_generate(&alice_ecdhe); sm2_key_generate(&bob_ecdhe);
sm2_point_to_uncompressed_octets(
&alice_ecdhe.public_key,
alice_public);
// alice_public
// ====================>
sm2_point_to_uncompressed_octets(
&bob_ecdhe.public_key,
bob_public);
if (sm2_ecdh(&bob_ecdhe,
alice_public, sizeof(alice_public),
&bob_share_point) != 1) {
fprintf(stderr, "bob error\n");
goto err;
}
sm3_kdf_init(&bob_ctx, 32);
sm3_kdf_update(&bob_ctx,
(uint8_t *)&bob_share_point, sizeof(SM2_POINT));
sm3_kdf_finish(&bob_ctx, bob_share_key);
// bob_public
// <====================
if (sm2_ecdh(&alice_ecdhe,
bob_public, sizeof(bob_public),
&alice_share_point) != 1) {
fprintf(stderr, "Alice failed\n");
goto err;
}
sm3_kdf_init(&alice_ctx, 32);
sm3_kdf_update(&alice_ctx, (uint8_t *)&alice_share_point, sizeof(SM2_POINT));
sm3_kdf_finish(&alice_ctx, alice_share_key);
err:
// FIXME: clean all
return 0;
}

39
demos/src/sm2_encrypt_demo.c
View File

@@ -1,39 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/error.h>
int main(void)
{
SM2_KEY sm2_key;
SM2_KEY pub_key;
unsigned char plaintext[SM2_MAX_PLAINTEXT_SIZE];
unsigned char ciphertext[SM2_MAX_CIPHERTEXT_SIZE];
size_t len;
sm2_key_generate(&sm2_key);
memcpy(&pub_key, &sm2_key, sizeof(SM2_POINT));
sm2_encrypt(&pub_key, (uint8_t *)"hello world", strlen("hello world"), ciphertext, &len);
format_bytes(stdout, 0, 0, "ciphertext", ciphertext, len);
if (sm2_decrypt(&sm2_key, ciphertext, len, plaintext, &len) != 1) {
fprintf(stderr, "error\n");
return 1;
}
plaintext[len] = 0;
printf("plaintext: %s\n", plaintext);
return 0;
}

35
demos/src/sm2_encrypt_fixlen_demo.c
View File

@@ -1,35 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/error.h>
int main(void)
{
SM2_KEY sm2_key;
SM2_KEY pub_key;
unsigned char plaintext[SM2_MAX_PLAINTEXT_SIZE];
unsigned char ciphertext[SM2_MAX_CIPHERTEXT_SIZE];
size_t len;
sm2_key_generate(&sm2_key);
memcpy(&pub_key, &sm2_key, sizeof(SM2_POINT));
return 0;
}

60
demos/src/sm2_id_demo.c
View File

@@ -1,60 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/mem.h>
#include <gmssl/sm2.h>
#include <gmssl/error.h>
int main(int argc, char **argv)
{
char *prog = argv[0];
char *keyfile;
char *pass;
FILE *keyfp = NULL;
SM2_KEY sm2_key;
uint8_t z[32];
if (argc < 2) {
fprintf(stderr, "usage: %s <key.pem> <pass>\n", prog);
return -1;
}
keyfile = argv[1];
if (!(keyfp = fopen(keyfile, "rb"))) {
fprintf(stderr, "%s: open file '%s' failure\n", prog, keyfile);
return -1;
}
if (sm2_public_key_info_from_pem(&sm2_key, keyfp) != 1) {
fprintf(stderr, "%s: load key failure\n", prog);
fclose(keyfp);
return -1;
}
sm2_compute_z(z, &sm2_key.public_key, SM2_DEFAULT_ID, strlen(SM2_DEFAULT_ID));
format_bytes(stdout, 0, 0, "z", z, sizeof(z));
fclose(keyfp);
return 0;
}

64
demos/src/sm2_key_export_demo.c
View File

@@ -1,64 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/mem.h>
#include <gmssl/sm2.h>
int main(int argc, char **argv)
{
int ret = -1;
char *prog = argv[0];
char *keyfile;
char *pass;
FILE *keyfp = NULL;
SM2_KEY sm2_key;
if (argc < 3) {
fprintf(stderr, "usage: %s <key.pem> <pass>\n", prog);
return -1;
}
keyfile = argv[1];
pass = argv[2];
if (!(keyfp = fopen(keyfile, "rb"))) {
fprintf(stderr, "%s: open file '%s' failure\n", prog, keyfile);
return -1;
}
if (sm2_private_key_info_decrypt_from_pem(&sm2_key, pass, keyfp) != 1) {
fprintf(stderr, "%s: load key failure\n", prog);
goto end;
}
if (sm2_private_key_info_to_pem(&sm2_key, stdout) != 1) {
fprintf(stderr, "%s: export failure\n", prog);
goto end;
}
ret = 0;
end:
gmssl_secure_clear(&sm2_key, sizeof(sm2_key));
if (keyfp) fclose(keyfp);
return ret;
}

28
demos/src/sm2_keygen_demo.c
View File

@@ -1,28 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
int main(void)
{
SM2_KEY sm2_key;
if (sm2_key_generate(&sm2_key) != 1) {
fprintf(stderr, "error\n");
return 1;
}
sm2_key_print(stdout, 0, 0, "SM2PrivateKey", &sm2_key);
sm2_public_key_print(stdout, 0, 0, "SM2PublicKey", &sm2_key);
return 0;
}

60
demos/src/sm2_keyparse_demo.c
View File

@@ -1,60 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/mem.h>
#include <gmssl/sm2.h>
int main(int argc, char **argv)
{
char *prog = argv[0];
char *keyfile;
char *pass;
FILE *keyfp = NULL;
SM2_KEY sm2_key;
if (argc < 3) {
fprintf(stderr, "usage: %s <key.pem> <pass>\n", prog);
return -1;
}
keyfile = argv[1];
pass = argv[2];
if (!(keyfp = fopen(keyfile, "rb"))) {
fprintf(stderr, "%s: open file '%s' failure\n", prog, keyfile);
return -1;
}
if (sm2_private_key_info_decrypt_from_pem(&sm2_key, pass, keyfp) != 1) {
fprintf(stderr, "%s: load key failure\n", prog);
fclose(keyfp);
return -1;
}
sm2_key_print(stdout, 0, 0, "SM2_KEY", &sm2_key);
gmssl_secure_clear(&sm2_key, sizeof(sm2_key));
fclose(keyfp);
return 0;
}

54
demos/src/sm2_point_demo.c
View File

@@ -1,54 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
int main(void)
{
SM2_POINT A;
SM2_POINT B;
SM2_POINT C;
uint8_t a[32] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3};
uint8_t b[32] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5};
uint8_t c[32] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4};
uint8_t zero[32] = {0};
sm2_point_mul_generator(&A, a);
sm2_point_mul_generator(&B, b);
sm2_point_mul_generator(&C, c);
printf("G is the generator point on SM2 curve\n");
sm2_point_print(stdout, 0, 0, "3G", &A);
sm2_point_print(stdout, 0, 0, "5G", &B);
sm2_point_print(stdout, 0, 0, "4G", &C);
sm2_point_add(&A, &A, &B);
sm2_point_dbl(&C, &C);
sm2_point_print(stdout, 0, 0, "3G + 5G", &A);
sm2_point_print(stdout, 0, 0, "2 * 4G", &C);
sm2_point_mul_generator(&C, c);
sm2_point_add(&C, &C, &C);
sm2_point_print(stdout, 0, 0, "4G + 4G", &C);
sm2_point_mul_generator(&C, zero);
sm2_point_print(stdout, 0, 0, "0 * G", &C);
if (sm2_point_is_on_curve(&C) == 1) {
printf("0 * G is on SM2 curve\n");
}
return 0;
}

60
demos/src/sm2_point_from_bin_demo.c
View File

@@ -1,60 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/rand.h>
/*
void gen_point(void)
{
SM2_KEY sm2_key;
size_t i;
uint8_t *p = &sm2_key;
sm2_key_generate(&sm2_key);
for (i = 0; i < 64; i++) {
printf("0x%02x,", p[i]);
}
printf("\n");
}
*/
int main(void)
{
SM2_POINT P;
uint8_t bin[64] = {
0x0e,0x90,0x75,0x97,0x92,0x4f,0x48,0x6d,
0x9f,0xa9,0x58,0x63,0xeb,0xb2,0x7b,0xa5,
0xd2,0xc7,0x77,0x64,0x2c,0x94,0x8f,0x32,
0xda,0x3a,0xd6,0xef,0xef,0xe4,0xda,0xaf,
0x41,0x70,0x92,0x65,0x4f,0xf8,0x81,0x57,
0x70,0x83,0x00,0xab,0x71,0xae,0xb0,0xaf,
0x7b,0x55,0xe1,0x45,0xc7,0x9d,0xfb,0xcc,
0xf4,0x10,0xff,0xe3,0x32,0xc4,0xcb,0x07,
};
if (sm2_point_from_xy(&P, bin, bin + 32) != 1) {
fprintf(stderr, "sm2_point_from_xy() error\n");
goto err;
}
sm2_point_print(stdout, 0, 0, "SM2_POINT", &P);
rand_bytes(bin, 64);
if (sm2_point_from_xy(&P, bin, bin + 32) != 1) {
fprintf(stderr, "sm2_point_from_xy() error on random data\n");
goto err;
}
err:
return 0;
}

31
demos/src/sm2_point_from_hash_demo.c
View File

@@ -1,31 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/rand.h>
#include <gmssl/error.h>
int main(void)
{
SM2_POINT P;
if (sm2_point_from_hash(&P, (uint8_t *)"Alice", strlen("Alice")) != 1) {
fprintf(stderr, "sm2_point_from_hash() error\n");
goto err;
}
sm2_point_print(stdout, 0, 0, "SM2_POINT = Hash(\"Alice\")", &P);
err:
return 0;
}

47
demos/src/sm2_point_from_octets_demo.c
View File

@@ -1,47 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/rand.h>
#include <gmssl/error.h>
int main(void)
{
SM2_POINT P;
uint8_t uncompressed[65] = {
0x04,
0x0e,0x90,0x75,0x97,0x92,0x4f,0x48,0x6d,
0x9f,0xa9,0x58,0x63,0xeb,0xb2,0x7b,0xa5,
0xd2,0xc7,0x77,0x64,0x2c,0x94,0x8f,0x32,
0xda,0x3a,0xd6,0xef,0xef,0xe4,0xda,0xaf,
0x41,0x70,0x92,0x65,0x4f,0xf8,0x81,0x57,
0x70,0x83,0x00,0xab,0x71,0xae,0xb0,0xaf,
0x7b,0x55,0xe1,0x45,0xc7,0x9d,0xfb,0xcc,
0xf4,0x10,0xff,0xe3,0x32,0xc4,0xcb,0x07,
};
if (sm2_point_from_octets(&P, uncompressed, 65) != 1) {
fprintf(stderr, "sm2_point_from_octets() error\n");
goto err;
}
printf("sm2_point_from_octets() success\n");
rand_bytes(uncompressed + 1, 64);
if (sm2_point_from_octets(&P, uncompressed, 65) != 1) {
fprintf(stderr, "sm2_point_from_octets() error\n");
goto err;
}
err:
return 0;
}

36
demos/src/sm2_point_to_bin_demo.c
View File

@@ -1,36 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/error.h>
int main(void)
{
SM2_POINT P = {
{0x0e,0x90,0x75,0x97,0x92,0x4f,0x48,0x6d,
0x9f,0xa9,0x58,0x63,0xeb,0xb2,0x7b,0xa5,
0xd2,0xc7,0x77,0x64,0x2c,0x94,0x8f,0x32,
0xda,0x3a,0xd6,0xef,0xef,0xe4,0xda,0xaf,},
{0x41,0x70,0x92,0x65,0x4f,0xf8,0x81,0x57,
0x70,0x83,0x00,0xab,0x71,0xae,0xb0,0xaf,
0x7b,0x55,0xe1,0x45,0xc7,0x9d,0xfb,0xcc,
0xf4,0x10,0xff,0xe3,0x32,0xc4,0xcb,0x07,},
};
uint8_t bin[64];
memcpy(bin, &P, 64);
format_bytes(stdout, 0, 0, "SM2_POITN RAW (64-byte)", bin, 64);
return 0;
}

34
demos/src/sm2_point_to_octets_demo.c
View File

@@ -1,34 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/error.h>
int main(void)
{
SM2_KEY sm2_key;
SM2_POINT P;
uint8_t compressed[33] = {0};
uint8_t uncompressed[65] = {0};
sm2_key_generate(&sm2_key);
P = sm2_key.public_key;
sm2_point_to_uncompressed_octets(&P, uncompressed);
format_bytes(stdout, 0, 0, "SM2 Point (uncompressed) ", uncompressed, 65);
sm2_point_to_compressed_octets(&P, compressed);
format_bytes(stdout, 0, 0, "SM2 Point (compressed) ", compressed, 33);
return 0;
}

31
demos/src/sm2_private_key_demo.c
View File

@@ -1,31 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
int main(void)
{
SM2_KEY sm2_key;
char *password = "123456";
if (sm2_key_generate(&sm2_key) != 1) {
fprintf(stderr, "error\n");
return 1;
}
if (sm2_private_key_info_encrypt_to_pem(&sm2_key, password, stdout) != 1) {
fprintf(stderr, "error\n");
return 1;
}
return 0;
}

41
demos/src/sm2_private_key_parse_demo.c
View File

@@ -1,41 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/mem.h>
#include <gmssl/sm2.h>
int main(void)
{
SM2_KEY sm2_key;
char *password = "123456";
unsigned char buf[512];
unsigned char *p;
size_t len;
printf("Read SM2 private key file (PEM) from stdin ...\n");
if (sm2_private_key_info_decrypt_from_pem(&sm2_key, password, stdin) != 1) {
fprintf(stderr, "error\n");
return 1;
}
p = buf;
len = 0;
if (sm2_private_key_to_der(&sm2_key, &p, &len) != 1) {
fprintf(stderr, "error\n");
return 1;
}
fwrite(buf, 1, len, stdout);
gmssl_secure_clear(&sm2_key, sizeof(sm2_key));
return 0;
}

33
demos/src/sm2_public_key_demo.c
View File

@@ -1,33 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/mem.h>
#include <gmssl/sm2.h>
int main(void)
{
SM2_KEY sm2_key;
char *password = "123456";
printf("Read SM2 private key file (PEM) from stdin ...\n");
if (sm2_private_key_info_decrypt_from_pem(&sm2_key, password, stdin) != 1) {
fprintf(stderr, "error\n");
return 1;
}
// openssl ec -pubin -in sm2pub.pem -text
sm2_public_key_info_to_pem(&sm2_key, stdout);
gmssl_secure_clear(&sm2_key, sizeof(sm2_key));
return 0;
}

29
demos/src/sm2_sig_from_bin_demo.c
View File

@@ -1,29 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
int main(void)
{
SM2_SIGNATURE sig;
// the signatue binary data might be invalid, and will not pass verification
uint8_t r[32] = { 1, 2, 3, };
uint8_t s[32] = { 4, 5, 6, };
memcpy(sig.r, r, 32);
memcpy(sig.s, s, 32);
return 0;
}

37
demos/src/sm2_sig_from_der_demo.c
View File

@@ -1,37 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/hex.h>
#include <gmssl/error.h>
int main(void)
{
SM2_SIGNATURE sig;
uint8_t der[SM2_MAX_SIGNATURE_SIZE];
size_t derlen;
if (sm2_signature_from_der(&sig, &cp, &derlen) != 1) {
fprintf(stderr, "sm2_signature_from_der() error\n");
goto err;
}
if (dlen > 0) {
fprintf(stderr, "signature followed by other data\n");
goto err;
}
err:
return 0;
}

40
demos/src/sm2_sig_to_der_demo.c
View File

@@ -1,40 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/error.h>
int main(void)
{
SM2_KEY sm2_key;
uint8_t dgst[32] = {0};
SM2_SIGNATURE sig;
uint8_t der[SM2_MAX_SIGNATURE_SIZE];
uint8_t *p = der;
size_t derlen = 0;
sm2_key_generate(&sm2_key);
sm2_do_sign(&sm2_key, dgst, &sig);
if (sm2_signature_to_der(&sig, &p, &derlen) != 1) {
fprintf(stderr, "sm2_signature_to_der() error\n");
return -1;
}
format_bytes(stdout, 0, 0, "signature", der, derlen);
printf("signature length = %zu bytes\n", derlen);
return 0;
}

62
demos/src/sm2_sign_ctx_demo.c
View File

@@ -1,62 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/error.h>
int main(void)
{
SM2_KEY sm2_key;
SM2_KEY pub_key;
SM2_SIGN_CTX sign_ctx;
unsigned char dgst[32];
unsigned char sig[SM2_MAX_SIGNATURE_SIZE];
size_t siglen;
int ret;
sm2_key_generate(&sm2_key);
memcpy(&pub_key, &sm2_key, sizeof(SM2_POINT));
// sign without signer ID (and Z value)
sm2_sign_init(&sign_ctx, &sm2_key, NULL, 0);
sm2_sign_update(&sign_ctx, (unsigned char *)"hello ", strlen("hello "));
sm2_sign_update(&sign_ctx, (unsigned char *)"world", strlen("world"));
sm2_sign_finish(&sign_ctx, sig, &siglen);
format_bytes(stdout, 0, 0, "signature", sig, siglen);
// digest and verify
sm3_digest((unsigned char *)"hello world", strlen("hello world"), dgst);
ret = sm2_verify(&pub_key, dgst, sig, siglen);
printf("verify result: %s\n", ret == 1 ? "success" : "failure");
// use verify update API
sm2_verify_init(&sign_ctx, &pub_key, NULL, 0);
sm2_verify_update(&sign_ctx, (unsigned char *)"hello world", strlen("hello world"));
ret = sm2_verify_finish(&sign_ctx, sig, siglen);
printf("verify result: %s\n", ret == 1 ? "success" : "failure");
// sign use default signer ID
sm2_sign_init(&sign_ctx, &sm2_key, SM2_DEFAULT_ID, SM2_DEFAULT_ID_LENGTH);
sm2_sign_update(&sign_ctx, (unsigned char *)"hello ", strlen("hello "));
sm2_sign_update(&sign_ctx, (unsigned char *)"world", strlen("world"));
sm2_sign_finish(&sign_ctx, sig, &siglen);
format_bytes(stdout, 0, 0, "signature", sig, siglen);
sm2_verify_init(&sign_ctx, &pub_key, SM2_DEFAULT_ID, SM2_DEFAULT_ID_LENGTH);
sm2_verify_update(&sign_ctx, (unsigned char *)"hello world", strlen("hello world"));
ret = sm2_verify_finish(&sign_ctx, sig, siglen);
printf("verify result: %s\n", ret == 1 ? "success" : "failure");
return 0;
}

65
demos/src/sm2_sign_ctx_fixlen_demo.c
View File

@@ -1,65 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/error.h>
int main(void)
{
SM2_KEY sm2_key;
SM2_SIGN_CTX sign_ctx;
unsigned char sig[SM2_MAX_SIGNATURE_SIZE];
size_t siglen;
sm2_key_generate(&sm2_key);
siglen = SM2_signature_compact_size;
memset(sig, 0, sizeof(sig));
if (sm2_sign_init(&sign_ctx, &sm2_key, SM2_DEFAULT_ID, strlen(SM2_DEFAULT_ID)) != 1
|| sm2_sign_update(&sign_ctx, (uint8_t *)"hello ", strlen("hello ")) != 1
|| sm2_sign_update(&sign_ctx, (uint8_t *)"world", strlen("world")) != 1
|| sm2_sign_finish_fixlen(&sign_ctx, siglen, sig) != 1) {
fprintf(stderr, "error\n");
goto err;
}
format_bytes(stdout, 0, 0, "sig", sig, sizeof(sig));
siglen = SM2_signature_typical_size;
memset(sig, 0, sizeof(sig));
if (sm2_sign_init(&sign_ctx, &sm2_key, SM2_DEFAULT_ID, strlen(SM2_DEFAULT_ID)) != 1
|| sm2_sign_update(&sign_ctx, (uint8_t *)"hello ", strlen("hello ")) != 1
|| sm2_sign_update(&sign_ctx, (uint8_t *)"world", strlen("world")) != 1
|| sm2_sign_finish_fixlen(&sign_ctx, siglen, sig) != 1) {
fprintf(stderr, "error\n");
goto err;
}
format_bytes(stdout, 0, 0, "sig", sig, sizeof(sig));
siglen = SM2_signature_max_size;
memset(sig, 0, sizeof(sig));
if (sm2_sign_init(&sign_ctx, &sm2_key, SM2_DEFAULT_ID, strlen(SM2_DEFAULT_ID)) != 1
|| sm2_sign_update(&sign_ctx, (uint8_t *)"hello ", strlen("hello ")) != 1
|| sm2_sign_update(&sign_ctx, (uint8_t *)"world", strlen("world")) != 1
|| sm2_sign_finish_fixlen(&sign_ctx, siglen, sig) != 1) {
fprintf(stderr, "error\n");
goto err;
}
format_bytes(stdout, 0, 0, "sig", sig, sizeof(sig));
err:
return 0;
}

43
demos/src/sm2_sign_demo.c
View File

@@ -1,43 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
#include <gmssl/error.h>
int main(void)
{
SM2_KEY sm2_key;
SM2_KEY pub_key;
unsigned char dgst[32];
unsigned char sig[SM2_MAX_SIGNATURE_SIZE];
size_t siglen;
int ret;
sm3_digest((unsigned char *)"hello world", strlen("hello world"), dgst);
format_bytes(stdout, 0, 0, "to be signed digest", dgst, sizeof(dgst));
sm2_key_generate(&sm2_key);
sm2_sign(&sm2_key, dgst, sig, &siglen);
format_bytes(stdout, 0, 0, "signature", sig, siglen);
memcpy(&pub_key, &sm2_key, sizeof(SM2_POINT));
if ((ret = sm2_verify(&pub_key, dgst, sig, siglen)) != 1) {
fprintf(stderr, "verify failed\n");
} else {
printf("verify success\n");
}
return 0;
}

31
demos/src/sm2_sign_digest_demo.c
View File

@@ -1,31 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm2.h>
int main(void)
{
SM2_KEY sm2_key;
uint8_t dgst[32];
uint8_t sig[SM2_MAX_SIGNATURE_SIZE] = {0};
size_t siglen;
sm2_key_generate(&sm2_key);
sm3_digest((uint8_t *)"abc", 3, dgst);
if (sm2_sign(&key,
return 0;
}

35
demos/src/sm3_ctx_demo.c
View File

@@ -1,35 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm3.h>
int main(void)
{
SM3_CTX sm3_ctx;
uint8_t dgst[SM3_DIGEST_SIZE];
size_t i;
sm3_init(&sm3_ctx);
sm3_update(&sm3_ctx, (uint8_t *)"a", 1);
sm3_update(&sm3_ctx, (uint8_t *)"bc", 2);
sm3_finish(&sm3_ctx, dgst);
printf("sm3('abc') = ");
for (i = 0; i < sizeof(dgst); i++) {
printf("%02x", dgst[i]);
}
printf("\n");
return 0;
}

38
demos/src/sm3_ctx_stdin_demo.c
View File

@@ -1,38 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm3.h>
int main(int argc, char **argv)
{
SM3_CTX sm3_ctx;
uint8_t buf[4096];
size_t len;
uint8_t dgst[32];
int i;
printf("read from stdin ...\n");
sm3_init(&sm3_ctx);
while ((len = fread(buf, 1, sizeof(buf), stdin)) > 0) {
sm3_update(&sm3_ctx, buf, len);
}
sm3_finish(&sm3_ctx, dgst);
for (i = 0; i < sizeof(dgst); i++) {
printf("%02x", dgst[i]);
}
printf("\n");
return 0;
}

31
demos/src/sm3_demo.c
View File

@@ -1,31 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm3.h>
int main(void)
{
uint8_t dgst[SM3_DIGEST_SIZE];
size_t i;
sm3_digest((uint8_t *)"abc", 3, dgst);
printf("sm3('abc') = ");
for (i = 0; i < sizeof(dgst); i++) {
printf("%02x", dgst[i]);
}
printf("\n");
return 0;
}

46
demos/src/sm3_hmac_ctx_demo.c
View File

@@ -1,46 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm3.h>
#include <gmssl/mem.h>
int main(void)
{
SM3_HMAC_CTX hmac_ctx;
unsigned char key[16] = {
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
0x01,0xf2,0x03,0x04,0x05,0x06,0x07,0x08,
};
unsigned char data[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char hmac[32] = {0};
int i;
sm3_hmac_init(&hmac_ctx, key, sizeof(key));
sm3_hmac_update(&hmac_ctx, data, 8);
sm3_hmac_update(&hmac_ctx, data + 8, sizeof(data) - 8);
sm3_hmac_finish(&hmac_ctx, hmac);
printf("hmac: ");
for (i = 0; i < sizeof(hmac); i++) {
printf("%02X", hmac[i]);
}
printf("\n");
gmssl_secure_clear(&hmac_ctx, sizeof(hmac_ctx));
return 0;
}

38
demos/src/sm3_hmac_demo.c
View File

@@ -1,38 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm3.h>
int main(void)
{
unsigned char key[16] = {
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
0x01,0xf2,0x03,0x04,0x05,0x06,0x07,0x08,
};
unsigned char data[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char hmac[32] = {0};
int i;
sm3_hmac(key, sizeof(key), data, sizeof(data), hmac);
printf("hmac: ");
for (i = 0; i < sizeof(hmac); i++) {
printf("%02x", hmac[i]);
}
printf("\n");
return 0;
}

59
demos/src/sm4_cbc_ctx_decrypt_stdin_demo.c
View File

@@ -1,59 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/mem.h>
#include <gmssl/rand.h>
#include <gmssl/error.h>
int main(void)
{
unsigned char key[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char iv[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
SM4_CBC_CTX cbc_ctx;
unsigned char inbuf[1024];
unsigned char outbuf[1024 + 32];
size_t inlen;
size_t outlen;
if (sm4_cbc_decrypt_init(&cbc_ctx, key, iv) != 1) {
error_print();
goto err;
}
fprintf(stderr, "read from stdin ...\n");
while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) {
if (sm4_cbc_decrypt_update(&cbc_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
error_print();
goto err;
}
fwrite(outbuf, 1, outlen, stdout);
}
if (sm4_cbc_decrypt_finish(&cbc_ctx, outbuf, &outlen) != 1) {
error_print();
goto err;
}
fwrite(outbuf, 1, outlen, stdout);
err:
gmssl_secure_clear(&cbc_ctx, sizeof(cbc_ctx));
return 0;
}

59
demos/src/sm4_cbc_ctx_encrypt_stdin_demo.c
View File

@@ -1,59 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/mem.h>
#include <gmssl/rand.h>
#include <gmssl/error.h>
int main(void)
{
unsigned char key[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char iv[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
SM4_CBC_CTX cbc_ctx;
unsigned char inbuf[1024];
unsigned char outbuf[1024 + 32];
size_t inlen;
size_t outlen;
if (sm4_cbc_encrypt_init(&cbc_ctx, key, iv) != 1) {
error_print();
goto err;
}
fprintf(stderr, "read from stdin ...\n");
while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) {
if (sm4_cbc_encrypt_update(&cbc_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
error_print();
goto err;
}
fwrite(outbuf, 1, outlen, stdout);
}
if (sm4_cbc_encrypt_finish(&cbc_ctx, outbuf, &outlen) != 1) {
error_print();
goto err;
}
fwrite(outbuf, 1, outlen, stdout);
err:
gmssl_secure_clear(&cbc_ctx, sizeof(cbc_ctx));
return 0;
}

72
demos/src/sm4_cbc_demo.c
View File

@@ -1,72 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/rand.h>
int main(void)
{
SM4_KEY sm4_key;
unsigned char key[16];
unsigned char iv[16];
unsigned char mbuf[32] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char cbuf[32] = {0};
unsigned char pbuf[32] = {0};
int i;
rand_bytes(key, sizeof(key));
rand_bytes(iv, sizeof(iv));
printf("key: ");
for (i = 0; i < sizeof(key); i++) {
printf("%02X", key[i]);
}
printf("\n");
printf("iv: ");
for (i = 0; i < sizeof(iv); i++) {
printf("%02X", iv[i]);
}
printf("\n");
printf("plaintext: ");
for (i = 0; i < sizeof(mbuf); i++) {
printf("%02X", mbuf[i]);
}
printf("\n");
sm4_set_encrypt_key(&sm4_key, key);
sm4_cbc_encrypt(&sm4_key, iv, mbuf, sizeof(mbuf)/SM4_BLOCK_SIZE, cbuf);
printf("ciphertext: ");
for (i = 0; i < sizeof(cbuf); i++) {
printf("%02X", cbuf[i]);
}
printf("\n");
sm4_set_decrypt_key(&sm4_key, key);
sm4_cbc_decrypt(&sm4_key, iv, cbuf, sizeof(cbuf)/SM4_BLOCK_SIZE, pbuf);
printf("decrypted: ");
for (i = 0; i < sizeof(pbuf); i++) {
printf("%02X", pbuf[i]);
}
printf("\n");
return 0;
}

42
demos/src/sm4_cbc_mac_demo.c
View File

@@ -1,42 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4_cbc_mac.h>
int main(int argc, char **argv)
{
SM4_CBC_MAC_CTX ctx;
uint8_t key[16] = {0};
uint8_t data[16 * 3] = {0};
uint8_t mac[16] = {0};
size_t i;
if (sizeof(data) % SM4_BLOCK_SIZE != 0) {
fprintf(stderr, "CBC_MAC data length error\n");
goto err;
}
sm4_cbc_mac_init(&ctx, key);
sm4_cbc_mac_update(&ctx, data, sizeof(data));
sm4_cbc_mac_finish(&ctx, mac);
printf("cbc_mac = ");
for (i = 0; i < sizeof(mac); i++) {
printf("%02x", mac[i]);
}
printf("\n");
err:
return 0;
}

105
demos/src/sm4_cbc_padding_demo.c
View File

@@ -1,105 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/rand.h>
int main(void)
{
SM4_KEY sm4_key;
unsigned char key[16];
unsigned char iv[16];
unsigned char mbuf[32] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char cbuf[32] = {0};
unsigned char pbuf[32] = {0};
size_t mlen1 = 20, mlen2 = 16;
size_t clen1, clen2;
size_t plen1, plen2;
int i;
rand_bytes(key, sizeof(key));
rand_bytes(iv, sizeof(iv));
printf("key: ");
for (i = 0; i < sizeof(key); i++) {
printf("%02X", key[i]);
}
printf("\n");
printf("iv: ");
for (i = 0; i < sizeof(iv); i++) {
printf("%02X", iv[i]);
}
printf("\n");
printf("sm4_cbc_pading encrypt %zu bytes\n", mlen1);
printf("plaintext: ");
for (i = 0; i < mlen1; i++) {
printf("%02X", mbuf[i]);
}
printf("\n");
sm4_set_encrypt_key(&sm4_key, key);
sm4_cbc_padding_encrypt(&sm4_key, iv, mbuf, mlen1, cbuf, &clen1);
printf("ciphertext: ");
for (i = 0; i < clen1; i++) {
printf("%02X", cbuf[i]);
}
printf("\n");
sm4_set_decrypt_key(&sm4_key, key);
sm4_cbc_padding_decrypt(&sm4_key, iv, cbuf, clen1, pbuf, &plen1);
printf("decrypted: ");
for (i = 0; i < plen1; i++) {
printf("%02X", pbuf[i]);
}
printf("\n");
printf("sm4_cbc_pading encrypt %zu bytes\n", mlen2);
printf("plaintext: ");
for (i = 0; i < mlen2; i++) {
printf("%02X", mbuf[i]);
}
printf("\n");
sm4_set_encrypt_key(&sm4_key, key);
sm4_cbc_padding_encrypt(&sm4_key, iv, mbuf, mlen2, cbuf, &clen2);
printf("ciphertext: ");
for (i = 0; i < clen2; i++) {
printf("%02X", cbuf[i]);
}
printf("\n");
sm4_set_decrypt_key(&sm4_key, key);
sm4_cbc_padding_decrypt(&sm4_key, iv, cbuf, clen2, pbuf, &plen2);
printf("decrypted: ");
for (i = 0; i < plen2; i++) {
printf("%02X", pbuf[i]);
}
printf("\n");
return 0;
}

100
demos/src/sm4_cbc_sm3_hmac_demo.c
View File

@@ -1,100 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/mem.h>
#include <gmssl/rand.h>
#include <gmssl/aead.h>
int main(int argc, char **argv)
{
int ret = -1;
uint8_t key[SM4_CBC_SM3_HMAC_KEY_SIZE];
uint8_t iv[SM4_CBC_SM3_HMAC_IV_SIZE];
SM4_CBC_SM3_HMAC_CTX ctx;
uint8_t aad[] = "Additianal Authenticated Data, authenticated only, not encrypted";
uint8_t m1[] = "Plaintext part 1, to be encrypted and authenticated.";
uint8_t m2[] = "Plaintext part 2, to be encrypted and authenticated.";
uint8_t c[256];
uint8_t d[256];
uint8_t *p;
size_t clen, dlen, len;
if (rand_bytes(key, sizeof(key)) != 1
|| rand_bytes(iv, sizeof(iv)) != 1) {
fprintf(stderr, "rand_bytes() error\n");
goto end;
}
// encrypt
if (sm4_cbc_sm3_hmac_encrypt_init(&ctx, key, sizeof(key), iv, sizeof(iv), aad, sizeof(aad)) != 1) {
fprintf(stderr, "sm4_cbc_sm3_hmac_encrypt_init() error\n");
goto end;
}
p = c;
clen = 0;
if (sm4_cbc_sm3_hmac_encrypt_update(&ctx, m1, sizeof(m1)-1, p, &len) != 1) {
fprintf(stderr, "sm4_cbc_sm3_hmac_encrypt_update() error\n");
goto end;
}
p += len;
clen += len;
if (sm4_cbc_sm3_hmac_encrypt_update(&ctx, m2, sizeof(m2), p, &len) != 1) {
fprintf(stderr, "sm4_cbc_sm3_hmac_encrypt_update() error\n");
goto end;
}
p += len;
clen += len;
if (sm4_cbc_sm3_hmac_encrypt_finish(&ctx, p, &len) != 1) {
fprintf(stderr, "sm4_cbc_sm3_hmac_encrypt_finish() error\n");
goto end;
}
clen += len;
// decrypt
if (sm4_cbc_sm3_hmac_decrypt_init(&ctx, key, sizeof(key), iv, sizeof(iv), aad, sizeof(aad)) != 1) {
fprintf(stderr, "sm4_cbc_sm3_hmac_decrypt_init() error\n");
goto end;
}
p = d;
dlen = 0;
if (sm4_cbc_sm3_hmac_decrypt_update(&ctx, c, clen, p, &len) != 1) {
fprintf(stderr, "sm4_cbc_sm3_hmac_decrypt_update() error\n");
goto end;
}
p += len;
dlen += len;
if (sm4_cbc_sm3_hmac_decrypt_finish(&ctx, p, &len) != 1) {
fprintf(stderr, "sm4_cbc_sm3_hmac_decrypt_finish() error\n");
goto end;
}
dlen += len;
printf("Decrypted: %s\n", (char *)d);
ret = 0;
end:
gmssl_secure_clear(key, sizeof(key));
gmssl_secure_clear(&ctx, sizeof(ctx));
return ret;
}

22
demos/src/sm4_consts_demo.c
View File

@@ -1,22 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
int main(void)
{
printf("%lld\n", SM4_GCM_IV_MAX_SIZE);
printf("%lld\n", SM4_GCM_MAX_AAD_SIZE);
printf("%lld\n", SM4_GCM_MAX_PLAINTEXT_SIZE);
return 0;
}

76
demos/src/sm4_ctr_demo.c
View File

@@ -1,76 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/rand.h>
int main(void)
{
SM4_KEY sm4_key;
unsigned char key[16];
unsigned char iv[16];
unsigned char ctr[16];
unsigned char mbuf[20] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,
};
unsigned char cbuf[20] = {0};
unsigned char pbuf[20] = {0};
int i;
rand_bytes(key, sizeof(key));
rand_bytes(iv, sizeof(iv));
printf("key: ");
for (i = 0; i < sizeof(key); i++) {
printf("%02X", key[i]);
}
printf("\n");
printf("ctr: ");
for (i = 0; i < sizeof(iv); i++) {
printf("%02X", iv[i]);
}
printf("\n");
sm4_set_encrypt_key(&sm4_key, key);
printf("sm4 ctr encrypt %zu bytes\n", sizeof(mbuf));
printf("plaintext: ");
for (i = 0; i < sizeof(mbuf); i++) {
printf("%02X", mbuf[i]);
}
printf("\n");
memcpy(ctr, iv, 16);
sm4_ctr_encrypt(&sm4_key, ctr, mbuf, sizeof(mbuf), cbuf);
printf("ciphertext: ");
for (i = 0; i < sizeof(cbuf); i++) {
printf("%02X", cbuf[i]);
}
printf("\n");
memcpy(ctr, iv, 16);
sm4_ctr_decrypt(&sm4_key, ctr, cbuf, sizeof(cbuf), pbuf);
printf("decrypted: ");
for (i = 0; i < sizeof(pbuf); i++) {
printf("%02X", pbuf[i]);
}
printf("\n");
return 0;
}

51
demos/src/sm4_ctr_encrypt_update_demo.c
View File

@@ -1,51 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/rand.h>
int main(void)
{
SM4_CTR_CTX cbc_ctx;
unsigned char key[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char ctr[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char inbuf[1024];
unsigned char outbuf[1024 + 32];
size_t inlen;
size_t outlen;
if (sm4_ctr_encrypt_init(&cbc_ctx, key, ctr) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) {
if (sm4_ctr_encrypt_update(&cbc_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
fwrite(outbuf, 1, outlen, stdout);
}
if (sm4_ctr_encrypt_finish(&cbc_ctx, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
fwrite(outbuf, 1, outlen, stdout);
return 0;
}

102
demos/src/sm4_ctr_sm3_hmac_demo.c
View File

@@ -1,102 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/mem.h>
#include <gmssl/rand.h>
#include <gmssl/aead.h>
int main(int argc, char **argv)
{
int ret = -1;
uint8_t key[SM4_CTR_SM3_HMAC_KEY_SIZE];
uint8_t iv[SM4_CTR_SM3_HMAC_IV_SIZE];
SM4_CTR_SM3_HMAC_CTX ctx;
uint8_t aad[] = "Additianal Authenticated Data, authenticated only, not encrypted";
uint8_t m1[] = "Plaintext part 1, to be encrypted and authenticated.";
size_t m1len = sizeof(m1) - 1;
uint8_t m2[] = "Plaintext part 2, to be encrypted and authenticated.";
uint8_t c[256];
uint8_t d[256];
uint8_t *p;
size_t clen, dlen, len;
if (rand_bytes(key, sizeof(key)) != 1
|| rand_bytes(iv, sizeof(iv)) != 1) {
fprintf(stderr, "rand_bytes() error\n");
goto end;
}
// encrypt
if (sm4_ctr_sm3_hmac_encrypt_init(&ctx, key, sizeof(key), iv, sizeof(iv), aad, sizeof(aad)) != 1) {
fprintf(stderr, "sm4_ctr_sm3_hmac_encrypt_init() error\n");
goto end;
}
p = c;
clen = 0;
if (sm4_ctr_sm3_hmac_encrypt_update(&ctx, m1, sizeof(m1)-1, p, &len) != 1) {
fprintf(stderr, "sm4_ctr_sm3_hmac_encrypt_update() error\n");
goto end;
}
p += len;
clen += len;
if (sm4_ctr_sm3_hmac_encrypt_update(&ctx, m2, sizeof(m2), p, &len) != 1) {
fprintf(stderr, "sm4_ctr_sm3_hmac_encrypt_update() error\n");
goto end;
}
p += len;
clen += len;
if (sm4_ctr_sm3_hmac_encrypt_finish(&ctx, p, &len) != 1) {
fprintf(stderr, "sm4_ctr_sm3_hmac_encrypt_finish() error\n");
goto end;
}
clen += len;
// decrypt
if (sm4_ctr_sm3_hmac_decrypt_init(&ctx, key, sizeof(key), iv, sizeof(iv), aad, sizeof(aad)) != 1) {
fprintf(stderr, "sm4_ctr_sm3_hmac_decrypt_init() error\n");
goto end;
}
p = d;
dlen = 0;
if (sm4_ctr_sm3_hmac_decrypt_update(&ctx, c, clen, p, &len) != 1) {
fprintf(stderr, "sm4_ctr_sm3_hmac_decrypt_update() error\n");
goto end;
}
p += len;
dlen += len;
if (sm4_ctr_sm3_hmac_decrypt_finish(&ctx, p, &len) != 1) {
fprintf(stderr, "sm4_ctr_sm3_hmac_decrypt_finish() error\n");
goto end;
}
dlen += len;
printf("Decrypted: %s\n", (char *)d);
ret = 0;
end:
gmssl_secure_clear(key, sizeof(key));
gmssl_secure_clear(&ctx, sizeof(ctx));
return ret;
}

66
demos/src/sm4_demo.c
View File

@@ -1,66 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
// sm4 demo1: encrypt and decrypt a block of message (16 bytes)
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
int main(void)
{
SM4_KEY sm4_key;
unsigned char key[16] = {
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
0x01,0xf2,0x03,0x04,0x05,0x06,0x07,0x08,
};
unsigned char mbuf[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char cbuf[16];
unsigned char pbuf[16];
int i;
printf("key: ");
for (i = 0; i < sizeof(key); i++) {
printf("%02X", key[i]);
}
printf("\n");
printf("plaintext : ");
for (i = 0; i < sizeof(mbuf); i++) {
printf("%02X", mbuf[i]);
}
printf("\n");
// SM4 encrypt a block
sm4_set_encrypt_key(&sm4_key, key);
sm4_encrypt(&sm4_key, mbuf, cbuf);
printf("ciphertext: ");
for (i = 0; i < sizeof(cbuf); i++) {
printf("%02X", cbuf[i]);
}
printf("\n");
// SM4 decrypt a block
sm4_set_decrypt_key(&sm4_key, key);
sm4_decrypt(&sm4_key, cbuf, pbuf);
printf("decrypted : ");
for (i = 0; i < sizeof(pbuf); i++) {
printf("%02X", pbuf[i]);
}
printf("\n");
return 0;
}

56
demos/src/sm4_ecb_demo.c
View File

@@ -1,56 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/rand.h>
#include <gmssl/error.h>
int main(void)
{
SM4_KEY sm4_key;
unsigned char key[SM4_KEY_SIZE];
uint8_t data[SM4_BLOCK_SIZE * 3];
uint8_t *p;
size_t i;
rand_bytes(key, sizeof(key));
// Plaintext block #1 and #3 are the same
rand_bytes(data, SM4_BLOCK_SIZE * 2);
memcpy(data + SM4_BLOCK_SIZE * 2, data, SM4_BLOCK_SIZE);
format_bytes(stdout, 0, 0, "key", key, sizeof(key));
format_bytes(stdout, 0, 0, "ECB Plaintext ", data, sizeof(data));
// SM4-ECB encrypt
sm4_set_encrypt_key(&sm4_key, key);
p = data;
for (i = 0; i < sizeof(data)/SM4_BLOCK_SIZE; i++) {
sm4_encrypt(&sm4_key, p, p);
p += SM4_BLOCK_SIZE;
}
format_bytes(stdout, 0, 0, "ECB Ciphertext", data, sizeof(data));
// SM4-ECB decrypt
sm4_set_decrypt_key(&sm4_key, key);
p = data;
for (i = 0; i < sizeof(data)/SM4_BLOCK_SIZE; i++) {
sm4_decrypt(&sm4_key, p, p);
p += SM4_BLOCK_SIZE;
}
format_bytes(stdout, 0, 0, "ECB Plaintext ", data, sizeof(data));
return 0;
}

100
demos/src/sm4_gcm_ctx_demo.c
View File

@@ -1,100 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/mem.h>
#include <gmssl/rand.h>
#include <gmssl/aead.h>
int main(int argc, char **argv)
{
int ret = -1;
uint8_t key[SM4_GCM_KEY_SIZE];
uint8_t iv[SM4_GCM_DEFAULT_IV_SIZE];
SM4_GCM_CTX ctx;
uint8_t aad[] = "Additianal Authenticated Data, authenticated only, not encrypted";
uint8_t m1[] = "Plaintext part 1, to be encrypted and authenticated.";
uint8_t m2[] = "Plaintext part 2, to be encrypted and authenticated.";
uint8_t c[256];
uint8_t d[256];
uint8_t *p;
size_t clen, dlen, len;
if (rand_bytes(key, sizeof(key)) != 1
|| rand_bytes(iv, sizeof(iv)) != 1) {
fprintf(stderr, "rand_bytes() error\n");
goto end;
}
// encrypt
if (sm4_gcm_encrypt_init(&ctx, key, sizeof(key), iv, sizeof(iv), aad, sizeof(aad), SM4_GCM_DEFAULT_TAG_SIZE) != 1) {
fprintf(stderr, "sm4_gcm_encrypt_init() error\n");
goto end;
}
p = c;
clen = 0;
if (sm4_gcm_encrypt_update(&ctx, m1, sizeof(m1)-1, p, &len) != 1) {
fprintf(stderr, "sm4_gcm_encrypt_update() error\n");
goto end;
}
p += len;
clen += len;
if (sm4_gcm_encrypt_update(&ctx, m2, sizeof(m2), p, &len) != 1) {
fprintf(stderr, "sm4_gcm_encrypt_update() error\n");
goto end;
}
p += len;
clen += len;
if (sm4_gcm_encrypt_finish(&ctx, p, &len) != 1) {
fprintf(stderr, "sm4_gcm_encrypt_finish() error\n");
goto end;
}
clen += len;
// decrypt
if (sm4_gcm_decrypt_init(&ctx, key, sizeof(key), iv, sizeof(iv), aad, sizeof(aad), SM4_GCM_DEFAULT_TAG_SIZE) != 1) {
fprintf(stderr, "sm4_gcm_decrypt_init() error\n");
goto end;
}
p = d;
dlen = 0;
if (sm4_gcm_decrypt_update(&ctx, c, clen, p, &len) != 1) {
fprintf(stderr, "sm4_gcm_decrypt_update() error\n");
goto end;
}
p += len;
dlen += len;
if (sm4_gcm_decrypt_finish(&ctx, p, &len) != 1) {
fprintf(stderr, "sm4_gcm_decrypt_finish() error\n");
goto end;
}
dlen += len;
printf("Decrypted: %s\n", (char *)d);
ret = 0;
end:
gmssl_secure_clear(key, sizeof(key));
gmssl_secure_clear(&ctx, sizeof(ctx));
return ret;
}

90
demos/src/sm4_gcm_demo.c
View File

@@ -1,90 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/rand.h>
int main(void)
{
SM4_KEY sm4_key;
unsigned char key[16];
unsigned char iv[16];
unsigned char aad[20];
unsigned char mbuf[64] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,
};
unsigned char cbuf[64] = {0};
unsigned char pbuf[64] = {0};
unsigned char tag[16];
int i;
rand_bytes(key, sizeof(key));
rand_bytes(iv, sizeof(iv));
printf("key: ");
for (i = 0; i < sizeof(key); i++) {
printf("%02X", key[i]);
}
printf("\n");
printf("iv: ");
for (i = 0; i < sizeof(iv); i++) {
printf("%02X", iv[i]);
}
printf("\n");
sm4_set_encrypt_key(&sm4_key, key);
printf("sm4 gcm encrypt\n");
printf("auth-only data: ");
for (i = 0; i < sizeof(aad); i++) {
printf("%02X", aad[i]);
}
printf("\n");
printf("plaintext: ");
for (i = 0; i < sizeof(mbuf); i++) {
printf("%02X", mbuf[i]);
}
printf("\n");
sm4_gcm_encrypt(&sm4_key, iv, sizeof(iv), aad, sizeof(aad), mbuf, sizeof(mbuf), cbuf, sizeof(tag), tag);
printf("ciphertext: ");
for (i = 0; i < sizeof(cbuf); i++) {
printf("%02X", cbuf[i]);
}
printf("\n");
printf("mac-tag: ");
for (i = 0; i < sizeof(tag); i++) {
printf("%02X", tag[i]);
}
printf("\n");
if (sm4_gcm_decrypt(&sm4_key, iv, sizeof(iv), aad, sizeof(aad), cbuf, sizeof(mbuf), tag, sizeof(tag), pbuf) != 1) {
fprintf(stderr, "sm4 gcm decrypt failed\n");
return 1;
}
printf("decrypted: ");
for (i = 0; i < sizeof(pbuf); i++) {
printf("%02X", pbuf[i]);
}
printf("\n");
return 0;
}

46
demos/src/sm4_key_demo.c
View File

@@ -1,46 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/rand.h>
#include <gmssl/error.h>
int main(void)
{
SM4_KEY sm4_key;
uint8_t key[SM4_KEY_SIZE];
int i;
rand_bytes(key, sizeof(key));
format_bytes(stdout, 0, 0, "SM4 Raw Key", key, sizeof(key));
printf("\n");
sm4_set_encrypt_key(&sm4_key, key);
printf("SM4 Round Keys for Encryption\n");
for (i = 0; i < SM4_NUM_ROUNDS; i++) {
printf(" %08x\n", sm4_key.rk[i]);
}
printf("\n");
sm4_set_decrypt_key(&sm4_key, key);
printf("SM4 Round Keys for Decryption\n");
for (i = 0; i < SM4_NUM_ROUNDS; i++) {
printf(" %08x\n", sm4_key.rk[i]);
}
printf("\n");
return 0;
}

47
demos/src/sm9_encrypt_demo.c
View File

@@ -1,47 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm9.h>
#include <gmssl/error.h>
int main(void)
{
SM9_ENC_MASTER_KEY master;
SM9_ENC_MASTER_KEY master_public;
SM9_ENC_KEY key;
const char *id = "Alice";
uint8_t buf[512];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len;
char mbuf[256];
size_t mlen;
int ret;
sm9_enc_master_key_generate(&master);
sm9_enc_master_key_extract_key(&master, id, strlen(id), &key);
sm9_enc_master_public_key_to_der(&master, &p, &len);
sm9_enc_master_public_key_from_der(&master_public, &cp, &len);
sm9_encrypt(&master_public, id, strlen(id), (uint8_t *)"hello", strlen("hello"), buf, &len);
ret = sm9_decrypt(&key, id, strlen(id), buf, len, (uint8_t *)mbuf, &mlen);
if (ret != 1) {
fprintf(stderr, "decrypt failed\n");
return 1;
}
mbuf[mlen] = 0;
printf("decrypt result: %s\n", mbuf);
return 0;
}

35
demos/src/sm9_keygen_demo.c
View File

@@ -1,35 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm9.h>
int main(void)
{
SM9_SIGN_MASTER_KEY sign_master;
SM9_SIGN_KEY sign_key;
sm9_sign_master_key_generate(&sign_master);
printf("SM9 Master Secret\n");
sm9_sign_master_key_info_encrypt_to_pem(&sign_master, "P@ssw0rd", stdout);
printf("SM9 Public Parameters\n");
sm9_sign_master_public_key_to_pem(&sign_master, stdout);
sm9_sign_master_key_extract_key(&sign_master, "alice", strlen("alice"), &sign_key);
printf("SM9 private key for ID '%s'\n", "alice");
sm9_sign_key_info_encrypt_to_pem(&sign_key, "123456", stdout);
return 0;
}

51
demos/src/sm9_sign_demo.c
View File

@@ -1,51 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm9.h>
#include <gmssl/error.h>
int main(void)
{
SM9_SIGN_MASTER_KEY sign_master;
SM9_SIGN_MASTER_KEY sign_master_public;
SM9_SIGN_KEY sign_key;
SM9_SIGN_CTX sign_ctx;
const char *id = "Alice";
uint8_t sig[SM9_SIGNATURE_SIZE];
size_t siglen;
uint8_t buf[512];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len;
int ret;
sm9_sign_master_key_generate(&sign_master);
sm9_sign_master_key_extract_key(&sign_master, id, strlen(id), &sign_key);
sm9_sign_init(&sign_ctx);
sm9_sign_update(&sign_ctx, (uint8_t *)"hello world", strlen("hello world"));
sm9_sign_finish(&sign_ctx, &sign_key, sig, &siglen);
format_bytes(stdout, 0, 0, "signature", sig, siglen);
sm9_sign_master_public_key_to_der(&sign_master, &p, &len);
sm9_sign_master_public_key_from_der(&sign_master_public, &cp, &len);
sm9_verify_init(&sign_ctx);
sm9_verify_update(&sign_ctx, (uint8_t *)"hello world", strlen("hello world"));
ret = sm9_verify_finish(&sign_ctx, sig, siglen, &sign_master_public, id, strlen(id));
printf("verify %s\n", ret == 1 ? "success" : "failure");
return 0;
}

106
demos/src/tlcp_get_demo.c
View File

@@ -1,106 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <errno.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/socket.h>
#include <gmssl/tls.h>
#include <gmssl/error.h>
int main(int argc, char *argv[])
{
int ret = -1;
const int cipher = TLS_cipher_ecc_sm4_cbc_sm3;
struct hostent *hp;
int port = 443;
struct sockaddr_in server;
int sock;
TLS_CTX ctx;
TLS_CONNECT conn;
char request[1024];
uint8_t buf[16800];
char *p;
size_t len;
if (argc != 2) {
fprintf(stderr, "example: tlcp_get https://sm2only.ovssl.cn\n");
return 1;
}
if (!(url = parse_url(argv[1]))) {
fprintf(stderr, "parse url '%s' failure\n", argv[1]);
return 1;
}
if (!(hp = gethostbyname(url->host))) {
herror("tlcp_client: '-host' invalid");
goto end;
}
if (url->port != -1) {
port = url->port;
}
server.sin_addr = *((struct in_addr *)hp->h_addr_list[0]);
server.sin_family = AF_INET;
server.sin_port = htons(port);
if ((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
perror("socket");
goto end;
}
if (connect(sock, (struct sockaddr *)&server , sizeof(server)) < 0) {
perror("connect");
goto end;
}
memset(&ctx, 0, sizeof(ctx));
memset(&conn, 0, sizeof(conn));
tls_ctx_init(&ctx, TLS_protocol_tlcp, TLS_client_mode);
tls_ctx_set_cipher_suites(&ctx, &cipher, 1);
tls_init(&conn, &ctx);
tls_set_socket(&conn, sock);
if (tls_do_handshake(&conn) != 1) {
fprintf(stderr, "%s: error\n", prog);
goto end;
}
snprintf(request, sizeof(request)-1, "GET %s HTTP/1.1\r\nHost: %s\r\n\r\n",
url->path ? url->path : "/",
url->host);
tls_send(&conn, (uint8_t *)request, strlen(request), &len);
if (tls_recv(&conn, buf, sizeof(buf), &len) != 1) {
fprintf(stderr, "recv failure\n");
goto end;
}
buf[len] = 0;
p = strstr((char *)buf, "\r\n\r\n");
if (p) {
printf("%s", p + 4);
fflush(stdout);
}
end:
free_url_components(url);
close(sock);
tls_ctx_cleanup(&ctx);
tls_cleanup(&conn);
return 0;
}

113
demos/src/tlcp_post_demo.c
View File

@@ -1,113 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <errno.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include <netdb.h>
#include <sys/types.h>
#include <arpa/inet.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <gmssl/tls.h>
#include <gmssl/error.h>
int main(int argc, char *argv[])
{
int ret = -1;
char *prog = argv[0];
const int cipher = TLS_cipher_ecc_sm4_cbc_sm3;
URL_COMPONENTS *url;
struct hostent *hp;
int port = 443;
struct sockaddr_in server;
int sock;
TLS_CTX ctx;
TLS_CONNECT conn;
char request[1024];
uint8_t buf[16800];
char *p;
size_t len;
if (argc != 2) {
fprintf(stderr, "example: echo \"key=word\" | tlcp_post https://sm2only.ovssl.cn\n");
return 1;
}
if (!(url = parse_url(argv[1]))) {
fprintf(stderr, "parse url '%s' failure\n", argv[1]);
return 1;
}
if (!(hp = gethostbyname(url->host))) {
herror("tlcp_client: '-host' invalid");
goto end;
}
if (url->port != -1) {
port = url->port;
}
server.sin_addr = *((struct in_addr *)hp->h_addr_list[0]);
server.sin_family = AF_INET;
server.sin_port = htons(port);
if ((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
perror("socket");
goto end;
}
if (connect(sock, (struct sockaddr *)&server , sizeof(server)) < 0) {
perror("connect");
goto end;
}
memset(&ctx, 0, sizeof(ctx));
memset(&conn, 0, sizeof(conn));
tls_ctx_init(&ctx, TLS_protocol_tlcp, TLS_client_mode);
tls_ctx_set_cipher_suites(&ctx, &cipher, 1);
tls_init(&conn, &ctx);
tls_set_socket(&conn, sock);
if (tls_do_handshake(&conn) != 1) {
fprintf(stderr, "%s: error\n", prog);
goto end;
}
snprintf(request, sizeof(request)-1, "POST %s HTTP/1.1\r\nHost: %s\r\n\r\n",
url->path ? url->path : "/",
url->host);
tls_send(&conn, (uint8_t *)request, strlen(request), &len);
len = fread(buf, 1, sizeof(buf), stdin);
if (len) {
tls_send(&conn, buf, len, &len);
}
if (tls_recv(&conn, buf, sizeof(buf), &len) != 1) {
fprintf(stderr, "recv failure\n");
goto end;
}
buf[len] = 0;
p = strstr((char *)buf, "\r\n\r\n");
if (p) {
printf("%s", p + 4);
fflush(stdout);
}
end:
free_url_components(url);
close(sock);
tls_ctx_cleanup(&ctx);
tls_cleanup(&conn);
return 0;
}

26
demos/src/version_demo.c
View File

@@ -1,26 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/version.h>
int main(int argc, char **argv)
{
if (gmssl_version_num() < 30100) {
fprintf(stderr, "GmSSL version is lower than 3.0.0\n");
return 1;
}
printf("GmSSL version: %s\n", gmssl_version_str());
return 0;
}

88
demos/src/x509_cert_check_demo.c
View File

@@ -1,88 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/x509_cer.h>
char *pem =
"-----BEGIN CERTIFICATE-----\n"
"MIIBszCCAVegAwIBAgIIaeL+wBcKxnswDAYIKoEcz1UBg3UFADAuMQswCQYDVQQG\n"
"EwJDTjEOMAwGA1UECgwFTlJDQUMxDzANBgNVBAMMBlJPT1RDQTAeFw0xMjA3MTQw\n"
"MzExNTlaFw00MjA3MDcwMzExNTlaMC4xCzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVO\n"
"UkNBQzEPMA0GA1UEAwwGUk9PVENBMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAE\n"
"MPCca6pmgcchsTf2UnBeL9rtp4nw+itk1Kzrmbnqo05lUwkwlWK+4OIrtFdAqnRT\n"
"V7Q9v1htkv42TsIutzd126NdMFswHwYDVR0jBBgwFoAUTDKxl9kzG8SmBcHG5Yti\n"
"W/CXdlgwDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFEwysZfZ\n"
"MxvEpgXBxuWLYlvwl3ZYMAwGCCqBHM9VAYN1BQADSAAwRQIgG1bSLeOXp3oB8H7b\n"
"53W+CKOPl2PknmWEq/lMhtn25HkCIQDaHDgWxWFtnCrBjH16/W3Ezn7/U/Vjo5xI\n"
"pDoiVhsLwg==\n"
"-----END CERTIFICATE-----\n";
static int prepare_pem_file(void)
{
FILE *fp;
if (!(fp = fopen("cert.pem", "wb"))) {
fprintf(stderr, "fopen() error\n");
return -1;
}
if (fwrite(pem, 1, strlen(pem), fp) != strlen(pem)) {
fprintf(stderr, "fwrite() error\n");
return -1;
}
fclose(fp);
return 1;
}
int main(int argc, char **argv)
{
int ret = -1;
FILE *fp = NULL;
uint8_t cert[2048];
size_t certlen;
int cert_type = X509_cert_root_ca;
/*
cert_type options:
X509_cert_server_auth,
X509_cert_client_auth,
X509_cert_server_key_encipher,
X509_cert_client_key_encipher,
X509_cert_ca,
X509_cert_root_ca,
X509_cert_crl_sign,
*/
int path_len_constraint;
(void)prepare_pem_file();
if (!(fp = fopen("cert.pem", "rb"))) {
fprintf(stderr, "fopen() cert.pem error\n");
goto err;
}
if (x509_cert_from_pem(cert, &certlen, sizeof(cert), fp) != 1) {
fprintf(stderr, "x509_cert_from_pem() error\n");
goto err;
}
if (x509_cert_check(cert, certlen, cert_type, &path_len_constraint) != 1) {
fprintf(stderr, "invalid cert\n");
goto err;
}
ret = 0;
err:
if (fp) fclose(fp);
return ret;
}

100
demos/src/x509_cert_parse_demo.c
View File

@@ -1,100 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/x509_cer.h>
char *pem =
"-----BEGIN CERTIFICATE-----\n"
"MIIBszCCAVegAwIBAgIIaeL+wBcKxnswDAYIKoEcz1UBg3UFADAuMQswCQYDVQQG\n"
"EwJDTjEOMAwGA1UECgwFTlJDQUMxDzANBgNVBAMMBlJPT1RDQTAeFw0xMjA3MTQw\n"
"MzExNTlaFw00MjA3MDcwMzExNTlaMC4xCzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVO\n"
"UkNBQzEPMA0GA1UEAwwGUk9PVENBMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAE\n"
"MPCca6pmgcchsTf2UnBeL9rtp4nw+itk1Kzrmbnqo05lUwkwlWK+4OIrtFdAqnRT\n"
"V7Q9v1htkv42TsIutzd126NdMFswHwYDVR0jBBgwFoAUTDKxl9kzG8SmBcHG5Yti\n"
"W/CXdlgwDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFEwysZfZ\n"
"MxvEpgXBxuWLYlvwl3ZYMAwGCCqBHM9VAYN1BQADSAAwRQIgG1bSLeOXp3oB8H7b\n"
"53W+CKOPl2PknmWEq/lMhtn25HkCIQDaHDgWxWFtnCrBjH16/W3Ezn7/U/Vjo5xI\n"
"pDoiVhsLwg==\n"
"-----END CERTIFICATE-----\n";
static int prepare_pem_file(void)
{
FILE *fp;
if (!(fp = fopen("cert.pem", "wb"))) {
fprintf(stderr, "fopen() error\n");
return -1;
}
if (fwrite(pem, 1, strlen(pem), fp) != strlen(pem)) {
fprintf(stderr, "fwrite() error\n");
return -1;
}
fclose(fp);
return 1;
}
int main(int argc, char **argv)
{
int ret = -1;
FILE *fp = NULL;
uint8_t cert[2048];
size_t certlen;
const uint8_t *serial;
size_t serial_len;
const uint8_t *issuer;
size_t issuer_len;
const uint8_t *subject;
size_t subject_len;
SM2_KEY subject_public_key;
size_t i;
(void)prepare_pem_file();
if (!(fp = fopen("cert.pem", "rb"))) {
fprintf(stderr, "fopen() cert.pem error\n");
goto err;
}
if (x509_cert_from_pem(cert, &certlen, sizeof(cert), fp) != 1) {
fprintf(stderr, "x509_cert_from_pem() error\n");
goto err;
}
if (x509_cert_get_issuer_and_serial_number(cert, certlen, &issuer, &issuer_len, &serial, &serial_len) != 1)
goto err;
if (x509_cert_get_subject(cert, certlen, &subject, &subject_len) != 1)
goto err;
if (x509_cert_get_subject_public_key(cert, certlen, &subject_public_key) != 1)
goto err;
if (x509_name_equ(subject, subject_len, issuer, issuer_len) == 1) {
printf("This is self-signed certificate\n");
}
printf("SerialNumber: ");
for (i = 0; i < serial_len; i++) {
printf("%02X", serial[i]);
}
printf("\n");
x509_name_print(stdout, 0, 0, "Issuer", issuer, issuer_len);
x509_name_print(stdout, 0, 0, "Subject", subject, subject_len);
sm2_public_key_print(stdout, 0, 0, "SubjectPublicKey", &subject_public_key);
ret = 0;
err:
if (fp) fclose(fp);
return ret;
}

72
demos/src/x509_cert_print_demo.c
View File

@@ -1,72 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/x509_cer.h>
char *pem =
"-----BEGIN CERTIFICATE-----\n"
"MIIBszCCAVegAwIBAgIIaeL+wBcKxnswDAYIKoEcz1UBg3UFADAuMQswCQYDVQQG\n"
"EwJDTjEOMAwGA1UECgwFTlJDQUMxDzANBgNVBAMMBlJPT1RDQTAeFw0xMjA3MTQw\n"
"MzExNTlaFw00MjA3MDcwMzExNTlaMC4xCzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVO\n"
"UkNBQzEPMA0GA1UEAwwGUk9PVENBMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAE\n"
"MPCca6pmgcchsTf2UnBeL9rtp4nw+itk1Kzrmbnqo05lUwkwlWK+4OIrtFdAqnRT\n"
"V7Q9v1htkv42TsIutzd126NdMFswHwYDVR0jBBgwFoAUTDKxl9kzG8SmBcHG5Yti\n"
"W/CXdlgwDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFEwysZfZ\n"
"MxvEpgXBxuWLYlvwl3ZYMAwGCCqBHM9VAYN1BQADSAAwRQIgG1bSLeOXp3oB8H7b\n"
"53W+CKOPl2PknmWEq/lMhtn25HkCIQDaHDgWxWFtnCrBjH16/W3Ezn7/U/Vjo5xI\n"
"pDoiVhsLwg==\n"
"-----END CERTIFICATE-----\n";
static int prepare_pem_file(void)
{
FILE *fp;
if (!(fp = fopen("cert.pem", "wb"))) {
fprintf(stderr, "fopen() error\n");
return -1;
}
if (fwrite(pem, 1, strlen(pem), fp) != strlen(pem)) {
fprintf(stderr, "fwrite() error\n");
return -1;
}
fclose(fp);
return 1;
}
int main(int argc, char **argv)
{
int ret = -1;
FILE *fp = NULL;
uint8_t cert[2048];
size_t certlen;
(void)prepare_pem_file();
if (!(fp = fopen("cert.pem", "rb"))) {
fprintf(stderr, "fopen() cert.pem error\n");
goto err;
}
if (x509_cert_from_pem(cert, &certlen, sizeof(cert), fp) != 1) {
fprintf(stderr, "x509_cert_from_pem() error\n");
goto err;
}
x509_cert_print(stdout, 0, 0, "Certificate", cert, certlen);
ret = 0;
err:
if (fp) fclose(fp);
return ret;
}

159
demos/src/x509_cert_verify_demo.c
View File

@@ -1,159 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/x509_cer.h>
char *signcert_pem =
"-----BEGIN CERTIFICATE-----\n"
"MIICzzCCAnKgAwIBAgIFEzY5M3AwDAYIKoEcz1UBg3UFADAlMQswCQYDVQQGEwJD\n"
"TjEWMBQGA1UECgwNQ0ZDQSBTTTIgT0NBMTAeFw0yMTA2MTEwOTA1MjBaFw0yNjA2\n"
"MTkwODE2NTZaMIGRMQswCQYDVQQGEwJDTjEPMA0GA1UECAwG5YyX5LqsMQ8wDQYD\n"
"VQQHDAbljJfkuqwxJzAlBgNVBAoMHuS4reWbvemTtuihjOiCoeS7veaciemZkOWF\n"
"rOWPuDERMA8GA1UECwwITG9jYWwgUkExDDAKBgNVBAsMA1NTTDEWMBQGA1UEAwwN\n"
"ZWJzc2VjLmJvYy5jbjBZMBMGByqGSM49AgEGCCqBHM9VAYItA0IABPsNUnoZQM9C\n"
"SnvC57TbvdfyOTCuPOSlZmPAyxBKFj+Y1QH/xlubHdVf5XqHrO1jCDRi7aN5IKGX\n"
"QF1492c803OjggEeMIIBGjAfBgNVHSMEGDAWgBRck1ggWiRzVhAbZFAQ7OmnygdB\n"
"ETAMBgNVHRMBAf8EAjAAMEgGA1UdIARBMD8wPQYIYIEchu8qAQEwMTAvBggrBgEF\n"
"BQcCARYjaHR0cDovL3d3dy5jZmNhLmNvbS5jbi91cy91cy0xNC5odG0wNwYDVR0f\n"
"BDAwLjAsoCqgKIYmaHR0cDovL2NybC5jZmNhLmNvbS5jbi9TTTIvY3JsNTYxOC5j\n"
"cmwwGAYDVR0RBBEwD4INZWJzc2VjLmJvYy5jbjAOBgNVHQ8BAf8EBAMCBsAwHQYD\n"
"VR0OBBYEFJ6oFo/OrKgDhHFORpaq04kX7T1KMB0GA1UdJQQWMBQGCCsGAQUFBwMC\n"
"BggrBgEFBQcDATAMBggqgRzPVQGDdQUAA0kAMEYCIQCvhSvbv5h6ERl1YcCLg+fz\n"
"9UleQbaPfBYwUjUD2dAHVQIhAMRC4k9S/mSC0UpUvCqh/DQC2Ui8Tccd5G2IgYSs\n"
"cnUN\n"
"-----END CERTIFICATE-----\n";
char *enccert_pem =
"-----BEGIN CERTIFICATE-----\n"
"MIICzjCCAnKgAwIBAgIFEzY5M3EwDAYIKoEcz1UBg3UFADAlMQswCQYDVQQGEwJD\n"
"TjEWMBQGA1UECgwNQ0ZDQSBTTTIgT0NBMTAeFw0yMTA2MTEwOTA1MjBaFw0yNjA2\n"
"MTkwODE2NTZaMIGRMQswCQYDVQQGEwJDTjEPMA0GA1UECAwG5YyX5LqsMQ8wDQYD\n"
"VQQHDAbljJfkuqwxJzAlBgNVBAoMHuS4reWbvemTtuihjOiCoeS7veaciemZkOWF\n"
"rOWPuDERMA8GA1UECwwITG9jYWwgUkExDDAKBgNVBAsMA1NTTDEWMBQGA1UEAwwN\n"
"ZWJzc2VjLmJvYy5jbjBZMBMGByqGSM49AgEGCCqBHM9VAYItA0IABMn1q+hbV0i1\n"
"qnKAy7QeZ3ZfAD+gqHX4F5MqIhsarODlWsavf/dcprC0F277zc44aYBB/3ucy4PF\n"
"qXaRHQp8PEyjggEeMIIBGjAfBgNVHSMEGDAWgBRck1ggWiRzVhAbZFAQ7OmnygdB\n"
"ETAMBgNVHRMBAf8EAjAAMEgGA1UdIARBMD8wPQYIYIEchu8qAQEwMTAvBggrBgEF\n"
"BQcCARYjaHR0cDovL3d3dy5jZmNhLmNvbS5jbi91cy91cy0xNC5odG0wNwYDVR0f\n"
"BDAwLjAsoCqgKIYmaHR0cDovL2NybC5jZmNhLmNvbS5jbi9TTTIvY3JsNTYxOC5j\n"
"cmwwGAYDVR0RBBEwD4INZWJzc2VjLmJvYy5jbjAOBgNVHQ8BAf8EBAMCAzgwHQYD\n"
"VR0OBBYEFF/a1JHvzLzbpFbBljX7hNxRpj/2MB0GA1UdJQQWMBQGCCsGAQUFBwMC\n"
"BggrBgEFBQcDATAMBggqgRzPVQGDdQUAA0gAMEUCIQDCOFi1eZcgiN6t+h6lxLwS\n"
"grAh3Jall+ZyA2ePw6xcjwIgNyDvo761dpwJhcyWfyVCAnaTf0Vf4DLWI1K+S7po\n"
"Ur8=\n"
"-----END CERTIFICATE-----\n";
char *cacert_pem =
"-----BEGIN CERTIFICATE-----\n"
"MIICNTCCAdmgAwIBAgIFEAAAAAgwDAYIKoEcz1UBg3UFADBYMQswCQYDVQQGEwJD\n"
"TjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9y\n"
"aXR5MRcwFQYDVQQDDA5DRkNBIENTIFNNMiBDQTAeFw0xMzAxMjQwODQ2NDBaFw0z\n"
"MzAxMTkwODQ2NDBaMCUxCzAJBgNVBAYTAkNOMRYwFAYDVQQKDA1DRkNBIFNNMiBP\n"
"Q0ExMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAEfJqQoo0+JoyCRy0msS2Ym076\n"
"8nV1pSLuK9utS1ij38obWDymq0oMRRwUzDMEQI19Cajo3JUoGFxOvsA+YWu3XKOB\n"
"wDCBvTAfBgNVHSMEGDAWgBTkjt3Uo+e2D+4dJ5bNddwlJXJp3TAMBgNVHRMEBTAD\n"
"AQH/MGAGA1UdHwRZMFcwVaBToFGkTzBNMQswCQYDVQQGEwJDTjETMBEGA1UECgwK\n"
"Q0ZDQSBDUyBDQTEMMAoGA1UECwwDQ1JMMQwwCgYDVQQLDANTTTIxDTALBgNVBAMM\n"
"BGNybDEwCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBRck1ggWiRzVhAbZFAQ7OmnygdB\n"
"ETAMBggqgRzPVQGDdQUAA0gAMEUCIBVscoZJhUy4eToK4C//LjvhjKK2qpBFac/h\n"
"Pr6yYTLzAiEAiyqrqsGUU5vGkDo5bEpmF1EbnY8xovsM9vCx98yBrVM=\n"
"-----END CERTIFICATE-----\n";
char *rootcacert_pem =
"-----BEGIN CERTIFICATE-----\n"
"MIICAzCCAaegAwIBAgIEFy9CWTAMBggqgRzPVQGDdQUAMFgxCzAJBgNVBAYTAkNO\n"
"MTAwLgYDVQQKDCdDaGluYSBGaW5hbmNpYWwgQ2VydGlmaWNhdGlvbiBBdXRob3Jp\n"
"dHkxFzAVBgNVBAMMDkNGQ0EgQ1MgU00yIENBMB4XDTEyMDgzMTAyMDY1OVoXDTQy\n"
"MDgyNDAyMDY1OVowWDELMAkGA1UEBhMCQ04xMDAuBgNVBAoMJ0NoaW5hIEZpbmFu\n"
"Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEXMBUGA1UEAwwOQ0ZDQSBDUyBT\n"
"TTIgQ0EwWTATBgcqhkjOPQIBBggqgRzPVQGCLQNCAATuRh26wmtyKNMz+Pmneo3a\n"
"Sme+BCjRon8SvAxZBgLSuIxNUewq4kNujeb1I4A0yg7xNcjuOgXglAoQv+Tc+P0V\n"
"o10wWzAfBgNVHSMEGDAWgBTkjt3Uo+e2D+4dJ5bNddwlJXJp3TAMBgNVHRMEBTAD\n"
"AQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQU5I7d1KPntg/uHSeWzXXcJSVyad0w\n"
"DAYIKoEcz1UBg3UFAANIADBFAiBhP/rmIvles3RK1FfcmmEeS9RZdu+5lCzxF0nk\n"
"cof2QAIhAPVRpqOuceEQHsR77FBe/DgVPqF6lOyoZs0TzTDHrN8c\n"
"-----END CERTIFICATE-----\n";
static int prepare_pem_file(void)
{
FILE *fp;
if (!(fp = fopen("double_certs_chain.pem", "wb"))) {
fprintf(stderr, "fopen() error\n");
return -1;
}
if (fwrite(signcert_pem, 1, strlen(signcert_pem), fp) != strlen(signcert_pem)
|| fwrite(enccert_pem, 1, strlen(enccert_pem), fp) != strlen(enccert_pem)
|| fwrite(cacert_pem, 1, strlen(cacert_pem), fp) != strlen(cacert_pem)) {
fprintf(stderr, "fwrite() error\n");
return -1;
}
fclose(fp);
if (!(fp = fopen("rootcacert.pem", "wb"))) {
fprintf(stderr, "fopen() error\n");
return -1;
}
if (fwrite(rootcacert_pem, 1, strlen(rootcacert_pem), fp) != strlen(rootcacert_pem)) {
fprintf(stderr, "fwrite() error\n");
return -1;
}
fclose(fp);
return 1;
}
int main(int argc, char **argv)
{
int ret = -1;
FILE *fp = NULL;
uint8_t certs[4096];
size_t certslen;
uint8_t rootcacert[1024];
size_t rootcacertlen;
(void)prepare_pem_file();
if (!(fp = fopen("double_certs_chain.pem", "rb"))) {
fprintf(stderr, "fopen() error\n");
goto err;
}
if (x509_certs_from_pem(certs, &certslen, sizeof(certs), fp) != 1) {
fprintf(stderr, "x509_certs_from_pem() error\n");
goto err;
}
fclose(fp);
if (!(fp = fopen("rootcacert.pem", "rb"))) {
fprintf(stderr, "fopen() error\n");
goto err;
}
if (x509_cert_from_pem(rootcacert, &rootcacertlen, sizeof(rootcacert), fp) != 1) {
fprintf(stderr, "x509_cert_from_pem() error\n");
goto err;
}
int cert_type = X509_cert_chain_client;
int verify_result = 0;
if (x509_certs_verify_tlcp(certs, certslen, cert_type, rootcacert, rootcacertlen, 6, &verify_result) != 1) {
fprintf(stderr, "x509_certs_verify_tlcp() error\n");
goto err;
}
ret = 0;
err:
if (fp) fclose(fp);
return ret;
}

53
demos/src/x509_crl_download_demo.c
View File

@@ -1,53 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/file.h>
#include <gmssl/x509_crl.h>
char *http_uri = "http://mscrl.microsoft.com/pki/mscorp/crl/Microsoft%20RSA%20TLS%20CA%2002.crl";
char *file_name = "Microsoft RSA TLS CA 02.crl";
int main(int argc, char **argv)
{
int ret = -1;
uint8_t *crl = NULL;
size_t crllen;
FILE *fp = NULL;
printf("Demo - Download CRL from HTTP\n\n");
printf(" Download from %s\n", http_uri);
if (x509_crl_new_from_uri(&crl, &crllen, http_uri, strlen(http_uri)) != 1) {
fprintf(stderr, "x509_crl_new_from_uri() error\n");
goto err;
}
//x509_crl_print(stdout, 0, 0, "CRL", crl, crllen);
if (!(fp = fopen(file_name, "wb"))) {
fprintf(stderr, "fopen() error\n");
goto err;
}
fwrite(crl, 1, crllen, fp);
printf(" Save to %s\n", file_name);
printf(" Run `gmssl crlparse -in \"%s\"` to print the downloaded CRL\n", file_name);
printf("\n");
ret = 0;
err:
if (crl) free(crl);
if (fp) fclose(fp);
return ret;
}

68
demos/src/x509_crl_find_revoked_cert_demo.c
View File

@@ -1,68 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/file.h>
#include <gmssl/x509_crl.h>
// 为了这些demo应该准备好测试的文件而不是把文件都放在源代码里面
// 这样会更灵活一些
int main(int argc, char **argv)
{
int ret = -1;
uint8_t *crl;
size_t crllen;
char *cert;
size_t certlen;
const uint8_t *cert_serial;
size_t cert_serial_len;
time_t cert_revoke_date;
const uint8_t *crl_entry_exts;
size_t crl_entry_exts_len;
int revoked;
printf("Demo - Check if a Certificate has been revoked in a CRL\n");
if (x509_cert_get_issuer_and_serial_number(cert, certlen,
NULL, NULL, &cert_serial, &cert_serial_len) != 1) {
fprintf(stderr, "x509_cert_get_issuer_and_serial_number() error\n");
goto err;
}
if ((revoked = x509_crl_find_revoked_cert_by_serial_number(
crl, crllen,
cert_serial, cert_serial_len,
&cert_revoked_date,
&crl_entry_exts, &crl_entry_exts_len)) == -1) {
fprintf(stderr, "x509_crl_find_revoked_cert_by_serial_number() error\n");
goto err;
}
if (revoked) {
printf(" The certificate has been revoked\n");
format_bytes(stderr, 0, 4, "SerialNumber", cert_serial, cert_serial_len);
x509_crl_entry_exts_print(stderr, 0, 4, "CRLEntryExts", crl_entry_exts, crl_entry_exts_len);
} else {
printf(" The certificate not in the given CRL\n");
}
ret = 0;
err:
if (der) free(der);
return ret;
}

47
demos/src/x509_crl_print_demo.c
View File

@@ -1,47 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/file.h>
#include <gmssl/x509_crl.h>
char *crl_file = "../../demos/certs/crl/Civil Servant ROOT.crl";
int main(int argc, char **argv)
{
int ret = -1;
uint8_t *der = NULL;
size_t derlen;
const uint8_t *cp;
const uint8_t *crl;
size_t crllen;
printf("Demo - Read and print CRL in DER-encoding\n");
if (file_read_all(crl_file, &der, &derlen) != 1) {
fprintf(stderr, "file_read_all() error\n");
goto err;
}
cp = der;
if (x509_crl_from_der(&crl, &crllen, &cp, &derlen) != 1) {
fprintf(stderr, "x509_crl_from_der() error\n");
goto err;
}
x509_crl_print(stdout, 0, 0, "CRL", crl, crllen);
ret = 0;
err:
if (der) free(der);
return ret;
}

46
demos/src/x509_crl_verify_demo.c
View File

@@ -1,46 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/file.h>
#include <gmssl/x509_crl.h>
// 为了这些demo应该准备好测试的文件而不是把文件都放在源代码里面
// 这样会更灵活一些
int main(int argc, char **argv)
{
int ret = -1;
uint8_t *crl;
size_t crllen;
char *cacert;
size_t cacertlen;
printf("Demo - Check if a Certificate has been revoked in a CRL\n");
126 if ((rv = x509_crl_verify_by_ca_cert(crl, crl_len, cacert, cacertlen, SM2_DEFAULT_ID, strlen(SM2_DEFAULT_ID))) < 0) {
127 fprintf(stderr, "%s: verification inner error\n", prog);
128 goto end;
129 }
ret = 0;
err:
if (crl) free(crl);
if (cacert) free(cacert);
return ret;
}

50
demos/src/zuc_demo.c
View File

@@ -1,50 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/zuc.h>
int main(void)
{
ZUC_CTX zuc_ctx;
unsigned char key[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char iv[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char inbuf[1024];
unsigned char outbuf[1024 + 32];
size_t inlen;
size_t outlen;
if (zuc_encrypt_init(&zuc_ctx, key, iv) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) {
if (zuc_encrypt_update(&zuc_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
fwrite(outbuf, 1, outlen, stdout);
}
if (zuc_encrypt_finish(&zuc_ctx, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
fwrite(outbuf, 1, outlen, stdout);
return 0;
}

50
demos/src/zuc_encrypt_stdin_demo.c
View File

@@ -1,50 +0,0 @@
/*
* Copyright 2014-2023 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/zuc.h>
int main(void)
{
ZUC_CTX zuc_ctx;
unsigned char key[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char iv[16] = {
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
};
unsigned char inbuf[1024];
unsigned char outbuf[1024 + 32];
size_t inlen;
size_t outlen;
if (zuc_encrypt_init(&zuc_ctx, key, iv) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
while ((inlen = fread(inbuf, 1, sizeof(inbuf), stdin)) > 0) {
if (zuc_encrypt_update(&zuc_ctx, inbuf, inlen, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
fwrite(outbuf, 1, outlen, stdout);
}
if (zuc_encrypt_finish(&zuc_ctx, outbuf, &outlen) != 1) {
fprintf(stderr, "%s %d: error\n", __FILE__, __LINE__);
return 1;
}
fwrite(outbuf, 1, outlen, stdout);
return 0;
}