Update version to beta

Fix the record_do_recv bug and update version
2026-05-06 16:36:16 +08:00 · 2022-07-27 17:50:01 +08:00
parent bb1dea9160
commit cda0fae675
8 changed files with 79 additions and 42 deletions
--- a/demos/tlcp_client.sh
+++ b/demos/tlcp_client.sh
@@ -0,0 +1,8 @@
 #!/bin/bash -x
 # https://ebssec.boc.cn
 gmssl tlcp_client -host 123.124.191.183
 # https://zffw.jxzwfww.gov.cn
 gmssl tlcp_client -host 218.87.21.62
--- a/demos/tlcp_server.sh
+++ b/demos/tlcp_server.sh
@@ -0,0 +1,39 @@
 #!/bin/bash -x
 gmssl sm2keygen -pass 1234 -out rootcakey.pem
 gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass 1234 -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign
 gmssl certparse -in rootcacert.pem
 gmssl sm2keygen -pass 1234 -out cakey.pem
 gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -days 3650 -key cakey.pem -pass 1234 -out careq.pem
 gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass 1234 -out cacert.pem
 gmssl certparse -in cacert.pem
 gmssl sm2keygen -pass 1234 -out signkey.pem
 gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key signkey.pem -pass 1234 -out signreq.pem
 gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out signcert.pem
 gmssl certparse -in signcert.pem
 gmssl sm2keygen -pass 1234 -out enckey.pem
 gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -days 365 -key enckey.pem -pass 1234 -out encreq.pem
 gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem
 gmssl certparse -in enccert.pem
 cat signcert.pem > double_certs.pem
 cat enccert.pem >> double_certs.pem
 cat cacert.pem >> double_certs.pem
 sudo gmssl tlcp_server -port 443 -cert double_certs.pem -key signkey.pem -pass 1234 -ex_key enckey.pem -ex_pass 1234 -cacert cacert.pem  1>/dev/null  2>/dev/null &
 sleep 3
 gmssl sm2keygen -pass 1234 -out clientkey.pem
 gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN Client -days 365 -key clientkey.pem -pass 1234 -out clientreq.pem
 gmssl reqsign -in clientreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass 1234 -out clientcert.pem
 gmssl certparse -in clientcert.pem
 # build and install BabaSSL 8.3.1
 openssl version
 openssl s_client -enable_ntls -ntls -connect localhost:443 -no_ticket -CAfile rootcacert.pem
--- a/include/gmssl/asn1.h
+++ b/include/gmssl/asn1.h
@@ -46,8 +46,6 @@
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 // https://www.obj-sys.com/asn1tutorial/node128.html
 #ifndef GMSSL_ASN1_H
 #define GMSSL_ASN1_H
@@ -111,12 +109,12 @@ const char *asn1_tag_name(int tag);
 int asn1_tag_to_der(int tag, uint8_t **out, size_t *outlen);
 int asn1_tag_from_der(int tag, const uint8_t **in, size_t *inlen);
 int asn1_any_tag_from_der(int *tag, const uint8_t **in, size_t *inlen);
-int asn1_tag_get(int *tag, const uint8_t **in, size_t *inlen); // 这个函数是看看下一个tag是什么，并不修改in,inlen
+int asn1_tag_get(int *tag, const uint8_t **in, size_t *inlen); // 尝试读取下一个tag，但是并不修改in,inlen
 int asn1_tag_is_cstring(int tag);
 int asn1_length_to_der(size_t dlen, uint8_t **out, size_t *outlen);
 int asn1_length_from_der(size_t *dlen, const uint8_t **in, size_t *inlen);
 int asn1_length_is_zero(size_t len);
-int asn1_length_le(size_t len1, size_t len2);
+int asn1_length_le(size_t len1, size_t len2); // less than
 int asn1_data_to_der(const uint8_t *d, size_t dlen, uint8_t **out, size_t *outlen);
 int asn1_data_from_der(const uint8_t **d, size_t dlen, const uint8_t **in, size_t *inlen);
@@ -124,7 +122,7 @@ int asn1_type_to_der(int tag, const uint8_t *d, size_t dlen, uint8_t **out, size
 int asn1_type_from_der(int tag, const uint8_t **d, size_t *dlen, const uint8_t **in, size_t *inlen);
 int asn1_any_type_from_der(int *tag, const uint8_t **d, size_t *dlen, const uint8_t **in, size_t *inlen);
 int asn1_any_to_der(const uint8_t *a, size_t alen, uint8_t **out, size_t *outlen); // 调用方应保证a,alen为TLV
-int asn1_any_from_der(const uint8_t **a, size_t *alen, const uint8_t **in, size_t *inlen); // 检查输入为TLV
+int asn1_any_from_der(const uint8_t **a, size_t *alen, const uint8_t **in, size_t *inlen); // 该函数会检查输入是否为TLV
 const char *asn1_boolean_name(int val);
 int asn1_boolean_from_name(int *val, const char *name);
--- a/include/gmssl/oid.h
+++ b/include/gmssl/oid.h
@@ -210,14 +210,22 @@ enum {
 	OID_cms_key_agreement_info,
 };
 // {iso(1) org(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7)}
 #define oid_pkix	1,3,6,1,5,5,7
 #define oid_pe		oid_pkix,1
 #define oid_qt		oid_pkix,2
 #define oid_kp		oid_pkix,3
 #define oid_ad		oid_pkix,48
-#define oid_pkix 1,3,6,1,5,5,7
+// {iso(1) member-body(2) us(840) rsadsi(113549)}
 #define oid_rsadsi	1,2,840,113549
 #define oid_pkcs	oid_rsadsi,1
 #define oid_pkcs5	oid_pkcs,5
 // {iso(1) member-body(2) us(840) ansi-x962(10045)}
 #define oid_x9_62	1,2,840,10045
 #define oid_pe	oid_pkix,1
 #define oid_qt	oid_pkix,2
 #define oid_kp	oid_pkix,3
 #define oid_ad	oid_pkix,48
 #define oid_at	2,5,4
@@ -226,27 +234,15 @@ enum {
 #define oid_sm		1,2,156,10197
 #define oid_sm_algors	oid_sm,1
 #define oid_sm2_cms	oid_sm,6,1,4,2
 #define oid_sm2_cms 1,2,156,10197,6,1,4,2
 /*
 rsadsi OBJECT IDENTIFIER ::= {iso(1) member-body(2) us(840) 113549}
 pkcs OBJECT IDENTIFIER   ::= {rsadsi 1}
 pkcs-5 OBJECT IDENTIFIER ::= {pkcs 5}
 id-PBKDF2 OBJECT IDENTIFIER ::= {pkcs-5 12}
 id-PBES2 OBJECT IDENTIFIER ::= {pkcs-5 13}
 */
 #define oid_rsadsi	1,2,840,113549
 #define oid_pkcs	oid_rsadsi,1
 #define oid_pkcs5	oid_pkcs,5
 #define oid_cnt(nodes)	(sizeof(nodes)/sizeof(int))
 #define oid_x9_62 1,2,840,10045
 #ifdef __cplusplus
--- a/include/gmssl/version.h
+++ b/include/gmssl/version.h
@@ -62,7 +62,7 @@ Version Public API
 */
 #define GMSSL_VERSION_NUM	30000
-#define GMSSL_VERSION_STR	"GmSSL 3.0.0 Alpha"
+#define GMSSL_VERSION_STR	"GmSSL 3.0.0 Beta"
 int gmssl_version_num(void);
 const char *gmssl_version_str(void);
--- a/src/asn1.c
+++ b/src/asn1.c
@@ -46,6 +46,8 @@
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 // https://www.obj-sys.com/asn1tutorial/node128.html
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
--- a/src/tls.c
+++ b/src/tls.c
@@ -1519,11 +1519,14 @@ int tls_record_do_recv(uint8_t *record, size_t *recordlen, int sock)
 	int type;
 	size_t len;
-	// TODO：支持非租塞socket或针对可能的网络延迟重新recv
+	len = 5;
-	if ((r = recv(sock, record, 5, 0)) < 0) {
+	while (len) {
-		perror("");
+		if ((r = recv(sock, record + 5 - len, len, 0)) < 0) {
-		error_print();
+			perror("");
-		return -1;
+			error_print();
 			return -1;
 		}
 		len -= r;
 	}
 	if (!tls_record_type_name(tls_record_type(record))) {
 		error_print();
@@ -1540,16 +1543,13 @@ int tls_record_do_recv(uint8_t *record, size_t *recordlen, int sock)
 		error_print();
 		return -1;
 	}
-	if (len) {
+	while (len) {
-		if ((r = recv(sock, record + 5, len, 0)) < 0) {
+		if ((r = recv(sock, record + *recordlen - len, len, 0)) < 0) {
-			error_print();
+			perror("");
 			return -1;
 		} else if (r != len) {
 			// FIXME: 不一定能够一次读取全部数据，需要修正这个bug
 			fprintf(stderr, "%s %d: r = %zu, len = %zu\n", __FILE__, __LINE__, r, len);
 			error_print();
 			return -1;
 		}
 		len -= r;
 	}
 	return 1;
 }
--- a/src/version.c
+++ b/src/version.c
@@ -46,12 +46,6 @@
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 /*
 ## TODO:
 1. 每次发布时，应该将当前的时间戳添加到版本中
 2. 将编译信息加入到版本的全部信息中，特别是发布二进制版专有功能时
 */
 #include <gmssl/version.h>