abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-06-27 15:43:42 +08:00
Code Issues Packages Projects Releases Wiki Activity

Remove x509_key_get_sign_algor

Browse Source
This commit is contained in:
Zhi Guan
2026-06-22 15:02:45 +08:00
parent f0ff81c1a5
commit 84f92c0747
25 changed files with 344 additions and 130 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
cmake/tool_cert.cmake
View File

@@ -51,14 +51,26 @@ function(gmssl_generate_key alg key_file export_file)
endif()
endfunction()
function(gmssl_x509_sig_alg alg out_var)
if(alg STREQUAL SM2)
set(${out_var} sm2sign-with-sm3 PARENT_SCOPE)
elseif(alg STREQUAL P256)
set(${out_var} ecdsa-with-sha256 PARENT_SCOPE)
else()
message(FATAL_ERROR "unknown key algorithm: ${alg}")
endif()
endfunction()
function(gmssl_generate_root_ca alg prefix common_name)
gmssl_generate_key(${alg} "${prefix}_key.pem" "${prefix}_key.exp")
gmssl_x509_sig_alg(${alg} sig_alg)
gmssl_run(bin/gmssl certgen
${GMSSL_TEST_SUBJECT}
-CN "${common_name}"
-days 3650
-key "${prefix}_key.pem"
-pass ${GMSSL_TEST_PASS}
-sig_alg ${sig_alg}
-out "${prefix}_cert.pem"
-key_usage keyCertSign
-key_usage cRLSign
@@ -68,11 +80,13 @@ endfunction()
function(gmssl_generate_ca alg prefix common_name issuer_cert issuer_key path_len)
gmssl_generate_key(${alg} "${prefix}_key.pem" "${prefix}_key.exp")
gmssl_x509_sig_alg(${alg} sig_alg)
gmssl_run(bin/gmssl reqgen
${GMSSL_TEST_SUBJECT}
-CN "${common_name}"
-key "${prefix}_key.pem"
-pass ${GMSSL_TEST_PASS}
-sig_alg ${sig_alg}
-out "${prefix}_req.pem")
gmssl_read_generated_pem("${prefix}_req.pem" "-----BEGIN CERTIFICATE REQUEST-----")
gmssl_run(bin/gmssl reqsign
@@ -84,6 +98,7 @@ function(gmssl_generate_ca alg prefix common_name issuer_cert issuer_key path_le
-cacert "${issuer_cert}"
-key "${issuer_key}"
-pass ${GMSSL_TEST_PASS}
-sig_alg ${sig_alg}
-out "${prefix}_cert.pem"
-ca)
gmssl_read_generated_pem("${prefix}_cert.pem" "-----BEGIN CERTIFICATE-----")
@@ -96,11 +111,13 @@ function(gmssl_generate_end_entity alg prefix common_name issuer_cert issuer_key
set(export_file "")
endif()
gmssl_generate_key(${alg} "${prefix}_key.pem" "${export_file}")
gmssl_x509_sig_alg(${alg} sig_alg)
gmssl_run(bin/gmssl reqgen
${GMSSL_TEST_SUBJECT}
-CN "${common_name}"
-key "${prefix}_key.pem"
-pass ${GMSSL_TEST_PASS}
-sig_alg ${sig_alg}
-out "${prefix}_req.pem")
gmssl_read_generated_pem("${prefix}_req.pem" "-----BEGIN CERTIFICATE REQUEST-----")
@@ -111,6 +128,7 @@ function(gmssl_generate_end_entity alg prefix common_name issuer_cert issuer_key
-cacert "${issuer_cert}"
-key "${issuer_key}"
-pass ${GMSSL_TEST_PASS}
-sig_alg ${sig_alg}
-out "${prefix}_cert.pem")
if(ext_key_usage)
list(APPEND sign_args -ext_key_usage ${ext_key_usage})

1
cmake/tool_crl.cmake
View File

@@ -12,6 +12,7 @@ gmssl_run(crlgen
-cacert sm2_tls_server_ca2_cert.pem
-key sm2_tls_server_ca2_key.pem
-pass P@ssw0rd
-sig_alg sm2sign-with-sm3
-next_update 20270101000000Z
-gen_authority_key_id
-crl_num 1

1
cmake/tool_ocsp.cmake
View File

@@ -17,6 +17,7 @@ gmssl_run(ocspsign
-signer sm2_ocsp_responder_cert.pem
-key sm2_ocsp_responder_key.pem
-pass P@ssw0rd
-sig_alg sm2sign-with-sm3
-status good
-certs sm2_ocsp_responder_cert.pem
-out tool_ocsp_resp.der