Update record_print

2026-06-27 15:43:42 +08:00 · 2026-06-20 11:05:46 +08:00
parent e27300f00a
commit 9a25e2a444
6 changed files with 61 additions and 28 deletions
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -831,7 +831,7 @@ endif()
 #
 set(CPACK_PACKAGE_NAME "GmSSL")
 set(CPACK_PACKAGE_VENDOR "GmSSL develop team")
-set(CPACK_PACKAGE_VERSION "3.2.0-dev.1115")
+set(CPACK_PACKAGE_VERSION "3.2.0-dev.1116")
 set(CPACK_PACKAGE_DESCRIPTION_FILE ${PROJECT_SOURCE_DIR}/README.md)
 set(CPACK_NSIS_MODIFY_PATH ON)
 include(CPack)
--- a/include/gmssl/version.h
+++ b/include/gmssl/version.h
@@ -18,7 +18,7 @@ extern "C" {


 #define GMSSL_VERSION_NUM	30200
-#define GMSSL_VERSION_STR	"GmSSL 3.2.0-dev.1115"
+#define GMSSL_VERSION_STR	"GmSSL 3.2.0-dev.1116"

 int gmssl_version_num(void);
 const char *gmssl_version_str(void);
--- a/src/tlcp.c
+++ b/src/tlcp.c
@@ -1412,17 +1412,6 @@ int tlcp_recv_client_hello(TLS_CONNECT *conn)
 		return -1;
 	}

-	//sm3_update(&conn->sm3_ctx, conn->record + 5, conn->recordlen - 5);
-	//tlcp_handshake_digest_print(stderr, 0, 0, "ClientHello", &conn->sm3_ctx);
-
-	/*
-	if (client_verify)
-		tls_client_verify_update(&conn->client_verify_ctx, conn->record + 5, conn->recordlen - 5);
-	*/
-
-	if(conn->verbose) {
-		fprintf(stderr, "end of recv_client_hello\n");
-	}
 	tls_clean_record(conn);

 	return 1;
--- a/src/tls_trace.c
+++ b/src/tls_trace.c
@@ -901,7 +901,7 @@ int tls_certificate_subjects_print(FILE *fp, int fmt, int ind, const char *label
 	return 1;
 }

-int tls_certificate_request_print(FILE *fp, const uint8_t *data, size_t datalen, int fmt, int ind)
+int tls_certificate_request_print(FILE *fp, int protocol, const uint8_t *data, size_t datalen, int fmt, int ind)
 {
 	const uint8_t *cert_types;
 	const uint8_t *sig_algs;
@@ -915,16 +915,24 @@ int tls_certificate_request_print(FILE *fp, const uint8_t *data, size_t datalen,
 		int cert_type = *cert_types++;
 		format_print(fp, fmt, ind + 4, "%s (%d)\n", tls_cert_type_name(cert_type), cert_type);
 	}
-	if (tls_uint16array_from_bytes(&sig_algs, &sig_algs_len, &data, &datalen) != 1) goto bad;
-	format_print(fp, fmt, ind, "signature_algorithms\n");
-	while (sig_algs_len) {
-		const char *sig_alg_name;
-		uint16_t sig_alg;
+	switch (protocol) {
+	case TLS_protocol_tls12:
+		if (tls_uint16array_from_bytes(&sig_algs, &sig_algs_len, &data, &datalen) != 1) goto bad;
+		format_print(fp, fmt, ind, "signature_algorithms\n");
+		while (sig_algs_len) {
+			const char *sig_alg_name;
+			uint16_t sig_alg;

-		if (tls_uint16_from_bytes(&sig_alg, &sig_algs, &sig_algs_len) != 1) goto bad;
-		sig_alg_name = tls_signature_scheme_name(sig_alg);
-		format_print(fp, fmt, ind + 4, "%s (0x%04x)\n",
-			sig_alg_name ? sig_alg_name : "unknown", sig_alg);
+			if (tls_uint16_from_bytes(&sig_alg, &sig_algs, &sig_algs_len) != 1) goto bad;
+			sig_alg_name = tls_signature_scheme_name(sig_alg);
+			format_print(fp, fmt, ind + 4, "%s (0x%04x)\n",
+				sig_alg_name ? sig_alg_name : "unknown", sig_alg);
+		}
+		break;
+	case TLS_protocol_tlcp:
+		break;
+	default:
+		goto bad;
 	}
 	if (tls_uint16array_from_bytes(&ca_names, &ca_names_len, &data, &datalen) != 1) goto bad;
 	tls_certificate_subjects_print(fp, fmt, ind, "CAnames", ca_names, ca_names_len);
@@ -1050,8 +1058,6 @@ int tls_handshake_print(FILE *fp, int fmt, int ind, int protocol, int cipher_sui
 	const uint8_t *data;
 	uint24_t datalen;

-	(void)protocol;
-
 	format_print(fp, fmt, ind, "Handshake\n");
 	ind += 4;

@@ -1091,7 +1097,7 @@ int tls_handshake_print(FILE *fp, int fmt, int ind, int protocol, int cipher_sui
 		if (tls_server_key_exchange_print(fp, fmt, ind, cipher_suite, data, datalen) != 1)
 			{ error_print(); return -1; } break;
 	case TLS_handshake_certificate_request:
-		if (tls_certificate_request_print(fp, data, datalen, fmt, ind) != 1)
+		if (tls_certificate_request_print(fp, protocol, data, datalen, fmt, ind) != 1)
 			{ error_print(); return -1; } break;
 	case TLS_handshake_server_hello_done:
 		if (tls_server_hello_done_print(fp, data, datalen, fmt, ind) != 1)
--- a/src/x509_cer.c
+++ b/src/x509_cer.c
@@ -1639,8 +1639,6 @@ int x509_cert_get_subject_alt_name_dns_name(const uint8_t *a, size_t alen, const
 	// x509_exts_get_ext_by_oid 这里取出的数据是一个SEQUENCE 的 TLV
 	// 然后x509_general_names_get_first 需要提供的是其中的V

-	format_bytes(stderr, 0, 0, "general_names", general_names, general_names_len);
-
 	if ((ret = x509_general_names_get_first(general_names, general_names_len,
 		NULL, choice, dns_name, dns_name_len)) < 0) {
 		error_print();
--- a/tests/tlstest.c
+++ b/tests/tlstest.c
@@ -515,6 +515,45 @@ static int test_tls_trusted_ca_keys_ext(void)
 	return 1;
 }

+static int test_tls_certificate_request_print(void)
+{
+	uint8_t tlcp_data[] = {
+		1, TLS_cert_type_ecdsa_sign,
+		0, 0,
+	};
+	uint8_t tls12_data[] = {
+		1, TLS_cert_type_ecdsa_sign,
+		0, 2, TLS_sig_sm2sig_sm3 >> 8, TLS_sig_sm2sig_sm3 & 0xff,
+		0, 0,
+	};
+	uint8_t handshake[32];
+	uint8_t *p;
+	size_t len;
+
+	p = handshake;
+	len = 0;
+	tls_uint8_to_bytes(TLS_handshake_certificate_request, &p, &len);
+	tls_uint24array_to_bytes(tlcp_data, sizeof(tlcp_data), &p, &len);
+	if (tls_handshake_print(stderr, 0, 0, TLS_protocol_tlcp,
+		0, handshake, len) != 1) {
+		error_print();
+		return -1;
+	}
+
+	p = handshake;
+	len = 0;
+	tls_uint8_to_bytes(TLS_handshake_certificate_request, &p, &len);
+	tls_uint24array_to_bytes(tls12_data, sizeof(tls12_data), &p, &len);
+	if (tls_handshake_print(stderr, 0, 0, TLS_protocol_tls12,
+		0, handshake, len) != 1) {
+		error_print();
+		return -1;
+	}
+
+	printf("%s() ok\n", __FUNCTION__);
+	return 1;
+}
+
 int main(void)
 {
 	if (test_tls_null_to_bytes() != 1) goto err;
@@ -535,6 +574,7 @@ int main(void)
 	if (test_tls_change_cipher_spec() != 1) goto err;
 	if (test_tls_application_data() != 1) goto err;
 	*/
+	if (test_tls_certificate_request_print() != 1) goto err;
 	if (test_tls_trusted_ca_keys_ext() != 1) goto err;
 	if (test_tls_status_request_ext() != 1) goto err;
 	printf("%s all tests passed\n", __FILE__);