mirror of
https://github.com/guanzhi/GmSSL.git
synced 2026-05-06 16:36:16 +08:00
Remove warnings
This commit is contained in:
Zhi Guan
@@ -1,53 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
YEAR=`date "+%Y"`
|
||||
COPYRIGHT=""
|
||||
COPYRIGHT+="/*"$'\n'
|
||||
COPYRIGHT+=" * Copyright 2014-$YEAR The GmSSL Project. All Rights Reserved."$'\n'
|
||||
COPYRIGHT+=" *"$'\n'
|
||||
COPYRIGHT+=" * Licensed under the Apache License, Version 2.0 (the "License"); you may"$'\n'
|
||||
COPYRIGHT+=" * not use this file except in compliance with the License."$'\n'
|
||||
COPYRIGHT+=" *"$'\n'
|
||||
COPYRIGHT+=" * http://www.apache.org/licenses/LICENSE-2.0"$'\n'
|
||||
COPYRIGHT+=" */"
|
||||
COPYRIGHT_FILE=copyright.txt
|
||||
echo "$COPYRIGHT" > $COPYRIGHT_FILE
|
||||
TEMP_FILE=tempfile.temp
|
||||
touch $TEMP_FILE
|
||||
copyright_start_string="/*"
|
||||
copyright_end_string="*/"
|
||||
|
||||
function modify_copyright(){
|
||||
file_path=$1
|
||||
copyright_start_line=`grep -n "/\*" $file_path | head -1 | cut -d ':' -f 1`
|
||||
copyright_end_line=`grep -n "\*/" $file_path | head -1| cut -d ':' -f 1`
|
||||
echo $file_path $copyright_start_line $copyright_end_line
|
||||
if [[ $copyright_start_line && $copyright_end_line ]];then
|
||||
sed -i $copyright_start_line,$copyright_end_line'd' $file_path
|
||||
fi
|
||||
|
||||
cat $COPYRIGHT_FILE > $TEMP_FILE
|
||||
cat $file_path >> $TEMP_FILE
|
||||
mv $TEMP_FILE $file_path
|
||||
|
||||
}
|
||||
|
||||
function getDir() {
|
||||
for filename in $1/*
|
||||
do
|
||||
if [[ -d $filename ]];
|
||||
then
|
||||
getDir $filename
|
||||
else
|
||||
if [[ "${filename##*.}" == 'h' || "${filename##*.}" == 'c' ]]
|
||||
then
|
||||
modify_copyright $filename
|
||||
#sed -i "1i\/*$filename*/" $filename
|
||||
fi
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
getDir ..
|
||||
|
||||
rm -f $COPYRIGHT_FILE
|
||||
@@ -23,7 +23,6 @@ extern int crlget_main(int argc, char **argv);
|
||||
extern int crlgen_main(int argc, char **argv);
|
||||
extern int crlparse_main(int argc, char **argv);
|
||||
extern int crlverify_main(int argc, char **argv);
|
||||
extern int pbkdf2_main(int argc, char **argv);
|
||||
extern int reqgen_main(int argc, char **argv);
|
||||
extern int reqparse_main(int argc, char **argv);
|
||||
extern int reqsign_main(int argc, char **argv);
|
||||
@@ -34,8 +33,8 @@ extern int sm2encrypt_main(int argc, char **argv);
|
||||
extern int sm2decrypt_main(int argc, char **argv);
|
||||
extern int sm3_main(int argc, char **argv);
|
||||
extern int sm3hmac_main(int argc, char **argv);
|
||||
extern int sm3_pbkdf2_main(int argc, char **argv);
|
||||
extern int sm3xmss_keygen_main(int argc, char **argv);
|
||||
extern int sm4_main(int argc, char **argv);
|
||||
extern int sm4_ecb_main(int argc, char **argv);
|
||||
extern int sm4_cbc_main(int argc, char **argv);
|
||||
extern int sm4_ctr_main(int argc, char **argv);
|
||||
@@ -68,6 +67,7 @@ extern int tls13_client_main(int argc, char **argv);
|
||||
extern int tls13_server_main(int argc, char **argv);
|
||||
#ifdef ENABLE_SDF
|
||||
extern int sdfutil_main(int argc, char **argv);
|
||||
extern int sdftest_main(int argc, char **argv);
|
||||
#endif
|
||||
#ifdef ENABLE_SKF
|
||||
extern int skfutil_main(int argc, char **argv);
|
||||
@@ -88,8 +88,8 @@ static const char *options =
|
||||
" sm2decrypt Decrypt with SM2 private key\n"
|
||||
" sm3 Generate SM3 hash\n"
|
||||
" sm3hmac Generate SM3 HMAC tag\n"
|
||||
" sm3_pbkdf2 Hash password into key using PBKDF2 algoritm\n"
|
||||
" sm3xmss_keygen Generate SM3-XMSS keypair\n"
|
||||
" sm4 Encrypt or decrypt with SM4\n"
|
||||
" sm4_ecb Encrypt or decrypt with SM4 ECB\n"
|
||||
" sm4_cbc Encrypt or decrypt with SM4 CBC\n"
|
||||
" sm4_ctr Encrypt or decrypt with SM4 CTR\n"
|
||||
@@ -109,7 +109,6 @@ static const char *options =
|
||||
" sm9verify Verify SM9 signature\n"
|
||||
" sm9encrypt SM9 public key encryption\n"
|
||||
" sm9decrypt SM9 decryption\n"
|
||||
" pbkdf2 Generate key from password\n"
|
||||
" reqgen Generate certificate signing request (CSR)\n"
|
||||
" reqsign Generate certificate from CSR\n"
|
||||
" reqparse Parse and print a CSR\n"
|
||||
@@ -128,6 +127,7 @@ static const char *options =
|
||||
" cmsverify Verify CMS SignedData\n"
|
||||
#ifdef ENABLE_SDF
|
||||
" sdfutil SDF crypto device utility\n"
|
||||
" sdftest Test vendor's SDF library and device\n"
|
||||
#endif
|
||||
#ifdef ENABLE_SKF
|
||||
" skfutil SKF crypto device utility\n"
|
||||
@@ -186,8 +186,6 @@ int main(int argc, char **argv)
|
||||
return reqparse_main(argc, argv);
|
||||
} else if (!strcmp(*argv, "reqsign")) {
|
||||
return reqsign_main(argc, argv);
|
||||
} else if (!strcmp(*argv, "pbkdf2")) {
|
||||
return pbkdf2_main(argc, argv);
|
||||
} else if (!strcmp(*argv, "sm2keygen")) {
|
||||
return sm2keygen_main(argc, argv);
|
||||
} else if (!strcmp(*argv, "sm2sign")) {
|
||||
@@ -202,10 +200,10 @@ int main(int argc, char **argv)
|
||||
return sm3_main(argc, argv);
|
||||
} else if (!strcmp(*argv, "sm3hmac")) {
|
||||
return sm3hmac_main(argc, argv);
|
||||
} else if (!strcmp(*argv, "sm3_pbkdf2")) {
|
||||
return sm3_pbkdf2_main(argc, argv);
|
||||
} else if (!strcmp(*argv, "sm3xmss_keygen")) {
|
||||
return sm3xmss_keygen_main(argc, argv);
|
||||
} else if (!strcmp(*argv, "sm4")) {
|
||||
return sm4_main(argc, argv);
|
||||
#if ENABLE_SM4_ECB
|
||||
} else if (!strcmp(*argv, "sm4_ecb")) {
|
||||
return sm4_ecb_main(argc, argv);
|
||||
@@ -281,6 +279,8 @@ int main(int argc, char **argv)
|
||||
#ifdef ENABLE_SDF
|
||||
} else if (!strcmp(*argv, "sdfutil")) {
|
||||
return sdfutil_main(argc, argv);
|
||||
} else if (!strcmp(*argv, "sdftest")) {
|
||||
return sdftest_main(argc, argv);
|
||||
#endif
|
||||
#ifdef ENABLE_SKF
|
||||
} else if (!strcmp(*argv, "skfutil")) {
|
||||
|
||||
493
tools/sdftest.c
493
tools/sdftest.c
@@ -21,294 +21,24 @@
|
||||
|
||||
|
||||
|
||||
#define TEST_KEK_INDEX 1
|
||||
#define TEST_SM2_KEY_INDEX 1
|
||||
#define TEST_SM2_KEY_PASS "123456"
|
||||
static const char *usage = "-lib so_path -kek num -key num -pass str";
|
||||
|
||||
static const char *options =
|
||||
"\n"
|
||||
"Options\n"
|
||||
"\n"
|
||||
" -lib so_path Path to vendor's SDF dynamic lib (.so or .dylib)\n"
|
||||
" -kek num KEK index\n"
|
||||
" -key num Private key index\n"
|
||||
" -pass str Password for accessing the private key\n"
|
||||
"\n"
|
||||
"Examples\n"
|
||||
"\n"
|
||||
" $ gmssl sdftest -lib soft_sdf.so -kek 1 -key 1 -pass P@ssw0rd\n"
|
||||
"\n";
|
||||
|
||||
|
||||
// TODO: move soft_sdf init functions into soft_sdf.c
|
||||
|
||||
static int generate_kek(unsigned int uiKEKIndex)
|
||||
{
|
||||
char filename[256];
|
||||
uint8_t kek[16];
|
||||
FILE *file;
|
||||
|
||||
if (rand_bytes(kek, sizeof(kek)) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
|
||||
snprintf(filename, sizeof(filename), "kek-%u.key", uiKEKIndex);
|
||||
if (!(file = fopen(filename, "wb"))) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
if (fwrite(kek, 1, sizeof(kek), file) != sizeof(kek)) {
|
||||
fclose(file);
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
fclose(file);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int generate_sign_key(unsigned int uiKeyIndex, const char *pass)
|
||||
{
|
||||
SM2_KEY sm2_key;
|
||||
SM2_POINT point;
|
||||
|
||||
uint8_t data[32];
|
||||
SM2_SIGNATURE sig;
|
||||
char filename[256];
|
||||
FILE *file;
|
||||
int i;
|
||||
|
||||
if (sm2_key_generate(&sm2_key) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
|
||||
sm2_key_print(stderr, 0, 0, "SDF SignKey", &sm2_key);
|
||||
|
||||
snprintf(filename, sizeof(filename), "sm2sign-%u.pem", uiKeyIndex);
|
||||
if ((file = fopen(filename, "wb")) == NULL) {
|
||||
fclose(file);
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
if (sm2_private_key_info_encrypt_to_pem(&sm2_key, pass, file) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
fclose(file);
|
||||
|
||||
snprintf(filename, sizeof(filename), "sm2signpub-%u.pem", uiKeyIndex);
|
||||
if ((file = fopen(filename, "wb")) == NULL) {
|
||||
fclose(file);
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
if (sm2_public_key_info_to_pem(&sm2_key, file) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
fclose(file);
|
||||
|
||||
|
||||
// print public key as ECCrefPublicKey
|
||||
sm2_z256_point_to_bytes(&sm2_key.public_key, (uint8_t *)&point);
|
||||
|
||||
printf("ECCrefPublicKey eccPublicKey = {\n");
|
||||
printf("256,\n");
|
||||
|
||||
printf("{\n");
|
||||
for (i = 0; i < 32; i++) {
|
||||
printf("0x00,");
|
||||
printf("%s", (i + 1) % 8 ? " " : "\n");
|
||||
}
|
||||
for (i = 0; i < 32; i++) {
|
||||
printf("0x%02x,", point.x[i]);
|
||||
printf("%s", (i + 1) % 8 ? " " : "\n");
|
||||
}
|
||||
printf("},\n");
|
||||
|
||||
printf("{\n");
|
||||
for (i = 0; i < 32; i++) {
|
||||
printf("0x00,");
|
||||
printf("%s", (i + 1) % 8 ? " " : "\n");
|
||||
}
|
||||
for (i = 0; i < 32; i++) {
|
||||
printf("0x%02x,", point.y[i]);
|
||||
printf("%s", (i + 1) % 8 ? " " : "\n");
|
||||
}
|
||||
printf("},\n");
|
||||
|
||||
printf("};\n");
|
||||
|
||||
|
||||
|
||||
// print to be signed data
|
||||
rand_bytes(data, sizeof(data));
|
||||
printf("unsigned char ucData[] = {\n");
|
||||
for (i = 0; i < sizeof(data); i++) {
|
||||
printf("0x%02x,", data[i]);
|
||||
printf("%s", (i + 1) % 8 ? " " : "\n");
|
||||
}
|
||||
printf("};\n");
|
||||
|
||||
sm2_do_sign(&sm2_key, data, &sig);
|
||||
|
||||
// print ECCSignature
|
||||
|
||||
printf("ECCSignature eccSignature = {\n");
|
||||
|
||||
printf("{\n");
|
||||
for (i = 0; i < 32; i++) {
|
||||
printf("0x00,");
|
||||
printf("%s", (i + 1) % 8 ? " " : "\n");
|
||||
}
|
||||
for (i = 0; i < 32; i++) {
|
||||
printf("0x%02x,", sig.r[i]);
|
||||
printf("%s", (i + 1) % 8 ? " " : "\n");
|
||||
}
|
||||
printf("},\n");
|
||||
|
||||
printf("{\n");
|
||||
for (i = 0; i < 32; i++) {
|
||||
printf("0x00,");
|
||||
printf("%s", (i + 1) % 8 ? " " : "\n");
|
||||
}
|
||||
for (i = 0; i < 32; i++) {
|
||||
printf("0x%02x,", sig.s[i]);
|
||||
printf("%s", (i + 1) % 8 ? " " : "\n");
|
||||
}
|
||||
printf("},\n");
|
||||
|
||||
printf("};\n");
|
||||
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int generate_enc_key(unsigned int uiKeyIndex, const char *pass)
|
||||
{
|
||||
SM2_KEY sm2_key;
|
||||
char filename[256];
|
||||
FILE *file;
|
||||
size_t i;
|
||||
|
||||
if (sm2_key_generate(&sm2_key) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
|
||||
snprintf(filename, sizeof(filename), "sm2enc-%u.pem", uiKeyIndex);
|
||||
if ((file = fopen(filename, "wb")) == NULL) {
|
||||
fclose(file);
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
if (sm2_private_key_info_encrypt_to_pem(&sm2_key, pass, file) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
fclose(file);
|
||||
|
||||
snprintf(filename, sizeof(filename), "sm2encpub-%u.pem", uiKeyIndex);
|
||||
if ((file = fopen(filename, "wb")) == NULL) {
|
||||
fclose(file);
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
if (sm2_public_key_info_to_pem(&sm2_key, file) != 1) {
|
||||
error_print();
|
||||
return -1;
|
||||
}
|
||||
fclose(file);
|
||||
|
||||
SM2_POINT point;
|
||||
|
||||
// print public key as ECCrefPublicKey
|
||||
sm2_z256_point_to_bytes(&sm2_key.public_key, (uint8_t *)&point);
|
||||
|
||||
printf("ECCrefPublicKey eccPublicKey = {\n");
|
||||
printf("256,\n");
|
||||
|
||||
printf("{\n");
|
||||
for (i = 0; i < 32; i++) {
|
||||
printf("0x00,");
|
||||
printf("%s", (i + 1) % 8 ? " " : "\n");
|
||||
}
|
||||
for (i = 0; i < 32; i++) {
|
||||
printf("0x%02x,", point.x[i]);
|
||||
printf("%s", (i + 1) % 8 ? " " : "\n");
|
||||
}
|
||||
printf("},\n");
|
||||
|
||||
printf("{\n");
|
||||
for (i = 0; i < 32; i++) {
|
||||
printf("0x00,");
|
||||
printf("%s", (i + 1) % 8 ? " " : "\n");
|
||||
}
|
||||
for (i = 0; i < 32; i++) {
|
||||
printf("0x%02x,", point.y[i]);
|
||||
printf("%s", (i + 1) % 8 ? " " : "\n");
|
||||
}
|
||||
printf("},\n");
|
||||
|
||||
printf("};\n");
|
||||
|
||||
|
||||
// 准备待加密的数据
|
||||
uint8_t data[48];
|
||||
|
||||
rand_bytes(data, sizeof(data));
|
||||
|
||||
printf("unsigned char ucData[] = {\n");
|
||||
for (i = 0; i < sizeof(data); i++) {
|
||||
printf("0x%02x,", data[i]);
|
||||
printf("%s", (i + 1) % 8 ? " " : "\n");
|
||||
}
|
||||
printf("};\n");
|
||||
|
||||
|
||||
// 现在要加密了
|
||||
SM2_CIPHERTEXT ciphertext;
|
||||
|
||||
sm2_do_encrypt(&sm2_key, data, sizeof(data), &ciphertext);
|
||||
|
||||
|
||||
// 打印CIPHERTEXT
|
||||
|
||||
printf("ECCCipher eccCipher = {\n");
|
||||
|
||||
printf("{\n");
|
||||
for (i = 0; i < ECCref_MAX_LEN - 32; i++) {
|
||||
printf("0x00,");
|
||||
printf("%s", (i + 1) % 8 ? " " : "\n");
|
||||
}
|
||||
for (i = 0; i < 32; i++) {
|
||||
printf("0x%02x,", ciphertext.point.x[i]);
|
||||
printf("%s", (i + 1) % 8 ? " " : "\n");
|
||||
}
|
||||
printf("},\n");
|
||||
|
||||
printf("{\n");
|
||||
for (i = 0; i < ECCref_MAX_LEN - 32; i++) {
|
||||
printf("0x00,");
|
||||
printf("%s", (i + 1) % 8 ? " " : "\n");
|
||||
}
|
||||
for (i = 0; i < 32; i++) {
|
||||
printf("0x%02x,", ciphertext.point.y[i]);
|
||||
printf("%s", (i + 1) % 8 ? " " : "\n");
|
||||
}
|
||||
printf("},\n");
|
||||
|
||||
printf("{\n");
|
||||
for (i = 0; i < 32; i++) {
|
||||
printf("0x%02x,", ciphertext.hash[i]);
|
||||
printf("%s", (i + 1) % 8 ? " " : "\n");
|
||||
}
|
||||
printf("},\n");
|
||||
|
||||
printf("%u,\n", ciphertext.ciphertext_size);
|
||||
|
||||
printf("{\n");
|
||||
for (i = 0; i < ciphertext.ciphertext_size; i++) {
|
||||
printf("0x%02x,", ciphertext.ciphertext[i]);
|
||||
printf("%s", (i + 1) % 8 ? " " : "\n");
|
||||
}
|
||||
printf("},\n");
|
||||
|
||||
|
||||
printf("};\n");
|
||||
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
/*
|
||||
static int test_SDF_GetDeviceInfo(void)
|
||||
{
|
||||
void *hDeviceHandle = NULL;
|
||||
@@ -374,6 +104,7 @@ static int test_SDF_GetDeviceInfo(void)
|
||||
printf("%s() ok\n", __FUNCTION__);
|
||||
return 1;
|
||||
}
|
||||
*/
|
||||
|
||||
static int test_SDF_GenerateRandom(void)
|
||||
{
|
||||
@@ -420,12 +151,11 @@ static int test_SDF_GenerateRandom(void)
|
||||
}
|
||||
|
||||
// FIXME: check generated public key is not [n-1]G, i.e. -G
|
||||
int test_SDF_ExportSignPublicKey_ECC(void)
|
||||
int test_SDF_ExportSignPublicKey_ECC(int key)
|
||||
{
|
||||
void *hDeviceHandle = NULL;
|
||||
void *hSessionHandle = NULL;
|
||||
unsigned int uiKeyIndex = TEST_SM2_KEY_INDEX;
|
||||
unsigned char *pucPassword = (unsigned char *)TEST_SM2_KEY_PASS;
|
||||
unsigned int uiKeyIndex = (unsigned int)key;
|
||||
ECCrefPublicKey eccPublicKey;
|
||||
uint8_t zeros[ECCref_MAX_LEN] = {0};
|
||||
SM2_POINT point;
|
||||
@@ -477,12 +207,11 @@ int test_SDF_ExportSignPublicKey_ECC(void)
|
||||
return 1;
|
||||
}
|
||||
|
||||
int test_SDF_ExportEncPublicKey_ECC(void)
|
||||
int test_SDF_ExportEncPublicKey_ECC(int key)
|
||||
{
|
||||
void *hDeviceHandle = NULL;
|
||||
void *hSessionHandle = NULL;
|
||||
unsigned int uiKeyIndex = TEST_SM2_KEY_INDEX;
|
||||
unsigned char *pucPassword = (unsigned char *)TEST_SM2_KEY_PASS;
|
||||
unsigned int uiKeyIndex = (unsigned int)key;
|
||||
ECCrefPublicKey eccPublicKey;
|
||||
uint8_t zeros[ECCref_MAX_LEN] = {0};
|
||||
SM2_POINT point;
|
||||
@@ -534,38 +263,6 @@ int test_SDF_ExportEncPublicKey_ECC(void)
|
||||
return 1;
|
||||
}
|
||||
|
||||
// FIXME: use format_bytes
|
||||
void printECCPublicKey(const ECCrefPublicKey *publicKey)
|
||||
{
|
||||
int i;
|
||||
printf("ECC Public Key:\n");
|
||||
printf("Bits: %u\n", publicKey->bits);
|
||||
|
||||
printf("X: ");
|
||||
for (int i = 0; i < ECCref_MAX_LEN; i++) {
|
||||
printf("%02X", publicKey->x[i]);
|
||||
}
|
||||
printf("\n");
|
||||
|
||||
printf("Y: ");
|
||||
for (i = 0; i < ECCref_MAX_LEN; i++) {
|
||||
printf("%02X", publicKey->y[i]);
|
||||
}
|
||||
printf("\n");
|
||||
}
|
||||
|
||||
void printECCPrivateKey(const ECCrefPrivateKey *eccRefPrivateKey)
|
||||
{
|
||||
int i;
|
||||
printf("ECC Private Key:\n");
|
||||
printf("Bits: %u\n", eccRefPrivateKey->bits);
|
||||
printf("K Value: ");
|
||||
for (i = 0; i < ECCref_MAX_LEN; i++) {
|
||||
printf("%02X", eccRefPrivateKey->K[i]);
|
||||
}
|
||||
printf("\n");
|
||||
}
|
||||
|
||||
// FIXME: check generated public key is not [n-1]G, i.e. -G
|
||||
static int test_SDF_GenerateKeyPair_ECC(void)
|
||||
{
|
||||
@@ -852,6 +549,7 @@ static int test_SDF_ExternalEncrypt_ECC(void)
|
||||
return 1;
|
||||
}
|
||||
|
||||
/*
|
||||
void printECCCipher(const ECCCipher *cipher)
|
||||
{
|
||||
printf("ECCCipher:\n");
|
||||
@@ -881,6 +579,7 @@ void printECCCipher(const ECCCipher *cipher)
|
||||
}
|
||||
printf("\n");
|
||||
}
|
||||
*/
|
||||
|
||||
int test_SDF_GenerateKeyWithEPK_ECC(void)
|
||||
{
|
||||
@@ -949,13 +648,13 @@ int test_SDF_GenerateKeyWithEPK_ECC(void)
|
||||
return 1;
|
||||
}
|
||||
|
||||
int test_SDF_GenerateKeyWithKEK(void)
|
||||
int test_SDF_GenerateKeyWithKEK(int kek)
|
||||
{
|
||||
void *hDeviceHandle = NULL;
|
||||
void *hSessionHandle = NULL;
|
||||
void *hKeyHandle = NULL;
|
||||
unsigned int uiKeyBits = 128;
|
||||
unsigned int uiKEKIndex = TEST_KEK_INDEX;
|
||||
unsigned int uiKEKIndex = (unsigned int)kek;
|
||||
unsigned char ucKey[64]; // encrypted key with SGD_SM4_CBC
|
||||
unsigned int uiKeyLength;
|
||||
int ret;
|
||||
@@ -1166,14 +865,15 @@ static int test_SDF_Hash_Z(void)
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int test_SDF_GenerateKeyWithIPK_ECC(void)
|
||||
// 这个函数是否做的太多了?
|
||||
static int test_SDF_GenerateKeyWithIPK_ECC(int key, char *pass)
|
||||
{
|
||||
void *hDeviceHandle = NULL;
|
||||
void *hSessionHandle = NULL;
|
||||
void *hKeyHandle = NULL;
|
||||
unsigned int uiIPKIndex = TEST_SM2_KEY_INDEX;
|
||||
unsigned char *pucPassword = (unsigned char *)TEST_SM2_KEY_PASS;
|
||||
unsigned int uiPwdLength = (unsigned int)strlen((char *)pucPassword);
|
||||
unsigned int uiIPKIndex =(unsigned int)key;
|
||||
unsigned char *pucPassword = (unsigned char *)pass;
|
||||
unsigned int uiPwdLength = (unsigned int)strlen(pass);
|
||||
unsigned int uiKeyBits = 128;
|
||||
ECCCipher eccCipher;
|
||||
unsigned char ucIV[16];
|
||||
@@ -1272,7 +972,7 @@ static int test_SDF_GenerateKeyWithIPK_ECC(void)
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int test_SDF_Encrypt_SM4_CBC(void)
|
||||
static int test_SDF_Encrypt_SM4_CBC(int key, char *pass)
|
||||
{
|
||||
void *hDeviceHandle = NULL;
|
||||
void *hSessionHandle = NULL;
|
||||
@@ -1284,9 +984,9 @@ static int test_SDF_Encrypt_SM4_CBC(void)
|
||||
unsigned int uiEncDataLength = (unsigned int)sizeof(pucEncData);
|
||||
unsigned char pucCiphertext[64];
|
||||
|
||||
unsigned int uiIPKIndex = TEST_SM2_KEY_INDEX;
|
||||
unsigned char *pucPassword = (unsigned char *)TEST_SM2_KEY_PASS;
|
||||
unsigned int uiPwdLength = (unsigned int)strlen((char *)pucPassword);
|
||||
unsigned int uiIPKIndex = (unsigned int)key;
|
||||
unsigned char *pucPassword = (unsigned char *)pass;
|
||||
unsigned int uiPwdLength = (unsigned int)strlen(pass);
|
||||
ECCCipher eccCipher;
|
||||
int ret;
|
||||
|
||||
@@ -1355,13 +1055,13 @@ static int test_SDF_Encrypt_SM4_CBC(void)
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int test_SDF_Encrypt(void)
|
||||
static int test_SDF_Encrypt(int kek)
|
||||
{
|
||||
void *hDeviceHandle = NULL;
|
||||
void *hSessionHandle = NULL;
|
||||
void *hKeyHandle = NULL;
|
||||
unsigned int uiKeyBits = 128;
|
||||
unsigned int uiKEKIndex = TEST_KEK_INDEX;
|
||||
unsigned int uiKEKIndex = (unsigned int)kek;
|
||||
unsigned char pucKey[64];
|
||||
unsigned int uiKeyLength = (unsigned int)sizeof(pucKey);
|
||||
unsigned char pucIV[16];
|
||||
@@ -1434,14 +1134,14 @@ static int test_SDF_Encrypt(void)
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int test_SDF_CalculateMAC(void)
|
||||
static int test_SDF_CalculateMAC(int kek)
|
||||
{
|
||||
void *hDeviceHandle = NULL;
|
||||
void *hSessionHandle = NULL;
|
||||
void *hKeyHandle = NULL;
|
||||
unsigned int uiHMACKeyBits = 256;
|
||||
unsigned int uiKeyEncAlgID = SGD_SM4_CBC;
|
||||
unsigned int uiKEKIndex = TEST_KEK_INDEX;
|
||||
unsigned int uiKEKIndex = (unsigned int)kek;
|
||||
unsigned char ucEncedKey[256];
|
||||
unsigned int uiEncedKeyLength = (unsigned int)sizeof(ucEncedKey);
|
||||
unsigned int uiMACAlgID = SGD_SM3;
|
||||
@@ -1488,13 +1188,13 @@ static int test_SDF_CalculateMAC(void)
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int test_SDF_InternalSign_ECC(void)
|
||||
static int test_SDF_InternalSign_ECC(int key, char *pass)
|
||||
{
|
||||
void *hDeviceHandle = NULL;
|
||||
void *hSessionHandle = NULL;
|
||||
unsigned int uiIPKIndex = TEST_SM2_KEY_INDEX;
|
||||
unsigned char *ucPassword = (unsigned char *)TEST_SM2_KEY_PASS;
|
||||
unsigned int uiPwdLength = (unsigned int)strlen((char *)ucPassword);
|
||||
unsigned int uiIPKIndex = (unsigned int)key;
|
||||
unsigned char *ucPassword = (unsigned char *)pass;
|
||||
unsigned int uiPwdLength = (unsigned int)strlen(pass);
|
||||
unsigned char ucData[32] = { 1,2,3,4 };
|
||||
unsigned int uiDataLength = 32;
|
||||
ECCSignature eccSignature;
|
||||
@@ -1546,13 +1246,13 @@ static int test_SDF_InternalSign_ECC(void)
|
||||
|
||||
}
|
||||
|
||||
static int test_SDF_InternalEncrypt_ECC(void)
|
||||
static int test_SDF_InternalEncrypt_ECC(int key, char *pass)
|
||||
{
|
||||
void *hDeviceHandle = NULL;
|
||||
void *hSessionHandle = NULL;
|
||||
unsigned int uiIPKIndex = TEST_SM2_KEY_INDEX;
|
||||
unsigned char *ucPassword = (unsigned char *)TEST_SM2_KEY_PASS;
|
||||
unsigned int uiPwdLength = (unsigned int)strlen((char *)ucPassword);
|
||||
unsigned int uiIPKIndex = (unsigned int)key;
|
||||
unsigned char *ucPassword = (unsigned char *)pass;
|
||||
unsigned int uiPwdLength = (unsigned int)strlen(pass);
|
||||
unsigned char ucData[48] = { 1,2,3,4 };
|
||||
unsigned int uiDataLength = (unsigned int)sizeof(ucData);
|
||||
ECCCipher eccCipher;
|
||||
@@ -1616,49 +1316,98 @@ static int test_SDF_InternalEncrypt_ECC(void)
|
||||
return 1;
|
||||
}
|
||||
|
||||
int main(void)
|
||||
int sdftest_main(int argc, char **argv)
|
||||
{
|
||||
/*
|
||||
if (generate_kek(TEST_KEK_INDEX) != 1) {
|
||||
error_print();
|
||||
goto err;
|
||||
}
|
||||
if (generate_sign_key(TEST_SM2_KEY_INDEX, TEST_SM2_KEY_PASS) != 1) {
|
||||
error_print();
|
||||
goto err;
|
||||
}
|
||||
if (generate_enc_key(TEST_SM2_KEY_INDEX, TEST_SM2_KEY_PASS) != 1) {
|
||||
error_print();
|
||||
goto err;
|
||||
}
|
||||
*/
|
||||
int ret = 1;
|
||||
char *prog = argv[0];
|
||||
char *so_path = NULL;
|
||||
int kek = 1;
|
||||
int key = 1;
|
||||
char *pass = NULL;
|
||||
|
||||
if (SDF_LoadLibrary("libsoft_sdf.dylib", NULL) != SDR_OK) {
|
||||
argc--;
|
||||
argv++;
|
||||
|
||||
if (argc < 1) {
|
||||
fprintf(stderr, "usage: gmssl %s %s\n", prog, usage);
|
||||
return 1;
|
||||
}
|
||||
|
||||
while (argc > 0) {
|
||||
if (!strcmp(*argv, "-help")) {
|
||||
printf("usage: gmssl %s %s\n", prog, usage);
|
||||
printf("%s\n", options);
|
||||
ret = 0;
|
||||
goto end;
|
||||
} else if (!strcmp(*argv, "-lib")) {
|
||||
if (--argc < 1) goto bad;
|
||||
so_path = *(++argv);
|
||||
} else if (!strcmp(*argv, "-kek")) {
|
||||
if (--argc < 1) goto bad;
|
||||
kek = atoi(*(++argv));
|
||||
if (kek < 1 || kek > 4096) {
|
||||
fprintf(stderr, "gmssl %s: `-kek` invalid index\n", prog);
|
||||
goto end;
|
||||
}
|
||||
} else if (!strcmp(*argv, "-key")) {
|
||||
if (--argc < 1) goto bad;
|
||||
key = atoi(*(++argv));
|
||||
if (key < 0 || key > 4096) {
|
||||
fprintf(stderr, "gmssl %s: `-key` invalid index\n", prog);
|
||||
goto end;
|
||||
}
|
||||
} else if (!strcmp(*argv, "-pass")) {
|
||||
if (--argc < 1) goto bad;
|
||||
pass = *(++argv);
|
||||
} else {
|
||||
fprintf(stderr, "gmssl %s: illegal option `%s`\n", prog, *argv);
|
||||
goto end;
|
||||
bad:
|
||||
fprintf(stderr, "gmssl %s: `%s` option value missing\n", prog, *argv);
|
||||
goto end;
|
||||
}
|
||||
|
||||
argc--;
|
||||
argv++;
|
||||
}
|
||||
|
||||
if (!so_path) {
|
||||
fprintf(stderr, "gmssl %s: option `-lib` missing\n", prog);
|
||||
goto end;
|
||||
}
|
||||
if (!pass) {
|
||||
fprintf(stderr, "gmssl %s: option `-pass` missing\n", prog);
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (SDF_LoadLibrary(so_path, NULL) != SDR_OK) {
|
||||
error_print();
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (test_SDF_GetDeviceInfo() != 1) goto err;
|
||||
if (test_SDF_GenerateRandom() != 1) goto err;
|
||||
if (test_SDF_Hash() != 1) goto err;
|
||||
if (test_SDF_Hash_Z() != 1) goto err;
|
||||
if (test_SDF_GenerateKeyWithKEK() != 1) goto err;
|
||||
if (test_SDF_CalculateMAC() != 1) goto err;
|
||||
if (test_SDF_Encrypt() != 1) goto err;
|
||||
if (test_SDF_Encrypt_SM4_CBC() != 1) goto err;
|
||||
if (test_SDF_GenerateKeyWithKEK(kek) != 1) goto err;
|
||||
if (test_SDF_CalculateMAC(kek) != 1) goto err;
|
||||
if (test_SDF_Encrypt(kek) != 1) goto err;
|
||||
if (test_SDF_Encrypt_SM4_CBC(key, pass) != 1) goto err;
|
||||
if (test_SDF_GenerateKeyPair_ECC() != 1) goto err;
|
||||
if (test_SDF_ExportSignPublicKey_ECC() != 1) goto err;
|
||||
if (test_SDF_ExportEncPublicKey_ECC() != 1) goto err;
|
||||
if (test_SDF_ExportSignPublicKey_ECC(key) != 1) goto err;
|
||||
if (test_SDF_ExportEncPublicKey_ECC(key) != 1) goto err;
|
||||
if (test_SDF_GenerateKeyWithEPK_ECC() != 1) goto err;
|
||||
if (test_SDF_GenerateKeyWithIPK_ECC() != 1) goto err;
|
||||
if (test_SDF_GenerateKeyWithIPK_ECC(key, pass) != 1) goto err;
|
||||
if (test_SDF_ExternalVerify_ECC() != 1) goto err;
|
||||
if (test_SDF_ExternalEncrypt_ECC() != 1) goto err; //FIXME: test this before any ECCCipher used
|
||||
if (test_SDF_InternalSign_ECC() != 1) goto err;
|
||||
if (test_SDF_InternalEncrypt_ECC() != 1) goto err;
|
||||
if (test_SDF_InternalSign_ECC(key, pass) != 1) goto err;
|
||||
if (test_SDF_InternalEncrypt_ECC(key, pass) != 1) goto err;
|
||||
|
||||
printf("%s all tests passed\n", __FILE__);
|
||||
return 0;
|
||||
|
||||
err:
|
||||
error_print();
|
||||
return 1;
|
||||
end:
|
||||
return ret;
|
||||
}
|
||||
|
||||
@@ -17,9 +17,28 @@
|
||||
#include <gmssl/sm3.h>
|
||||
|
||||
|
||||
static const char *options = "-pass str -salt hex -iter num -outlen num [-bin|-hex] [-out file]";
|
||||
static const char *usage = "-pass str -salt hex -iter num -outlen num [-bin|-hex] [-out file]";
|
||||
|
||||
int pbkdf2_main(int argc, char **argv)
|
||||
static const char *options =
|
||||
"\n"
|
||||
"Options\n"
|
||||
"\n"
|
||||
" -pass str Password to be converted into key\n"
|
||||
" -salt hex Salt value, 8 to 64 bytes\n"
|
||||
" -iter num Iteration count, larger iter make it more secure but slower\n"
|
||||
" -outlen num Generate key bytes\n"
|
||||
" -bin Output binary key\n"
|
||||
" -hex Output key in hex digits\n"
|
||||
" -out file | stdout Output data\n"
|
||||
"\n"
|
||||
"Examples\n"
|
||||
"\n"
|
||||
" $ SALT=`gmssl rand -outlen 8 -hex`\n"
|
||||
" $ gmssl sm3_pbkdf2 -pass P@ssw0rd -salt $SALT -iter 10000 -outlen 16 -hex\n"
|
||||
"\n";
|
||||
|
||||
|
||||
int sm3_pbkdf2_main(int argc, char **argv)
|
||||
{
|
||||
int ret = 1;
|
||||
char *prog = argv[0];
|
||||
@@ -39,13 +58,13 @@ int pbkdf2_main(int argc, char **argv)
|
||||
argv++;
|
||||
|
||||
if (argc < 1) {
|
||||
fprintf(stderr, "usage: %s %s\n", prog, options);
|
||||
fprintf(stderr, "usage: gmssl %s %s\n", prog, usage);
|
||||
return 1;
|
||||
}
|
||||
|
||||
while (argc > 0) {
|
||||
if (!strcmp(*argv, "-help")) {
|
||||
printf("usage: %s %s\n", prog, options);
|
||||
printf("usage: gmssl %s %s\n", prog, options);
|
||||
ret = 0;
|
||||
goto end;
|
||||
} else if (!strcmp(*argv, "-pass")) {
|
||||
@@ -55,25 +74,29 @@ int pbkdf2_main(int argc, char **argv)
|
||||
if (--argc < 1) goto bad;
|
||||
salthex = *(++argv);
|
||||
if (strlen(salthex) > sizeof(salt) * 2) {
|
||||
fprintf(stderr, "%s: invalid salt length\n", prog);
|
||||
fprintf(stderr, "gmssl %s: invalid salt length\n", prog);
|
||||
goto end;
|
||||
}
|
||||
if (hex_to_bytes(salthex, strlen(salthex), salt, &saltlen) != 1) {
|
||||
fprintf(stderr, "%s: invalid HEX digits\n", prog);
|
||||
fprintf(stderr, "gmssl %s: invalid HEX digits\n", prog);
|
||||
goto end;
|
||||
}
|
||||
if (saltlen < 1 || saltlen > SM3_PBKDF2_MAX_SALT_SIZE) {
|
||||
fprintf(stderr, "gmssl %s: invalid salt length\n", prog);
|
||||
goto end;
|
||||
}
|
||||
} else if (!strcmp(*argv, "-iter")) {
|
||||
if (--argc < 1) goto bad;
|
||||
iter = atoi(*(++argv));
|
||||
if (iter < SM3_PBKDF2_MIN_ITER || iter > SM3_PBKDF2_MAX_ITER) {
|
||||
fprintf(stderr, "%s: invalid '-iter' value\n", prog);
|
||||
fprintf(stderr, "gmssl %s: invalid '-iter' value\n", prog);
|
||||
goto end;
|
||||
}
|
||||
} else if (!strcmp(*argv, "-outlen")) {
|
||||
if (--argc < 1) goto bad;
|
||||
outlen = atoi(*(++argv));
|
||||
if (outlen < 1 || outlen > sizeof(outbuf)) {
|
||||
fprintf(stderr, "%s: invalid outlen\n", prog);
|
||||
fprintf(stderr, "gmssl %s: invalid outlen\n", prog);
|
||||
goto end;
|
||||
}
|
||||
} else if (!strcmp(*argv, "-hex")) {
|
||||
@@ -84,14 +107,14 @@ int pbkdf2_main(int argc, char **argv)
|
||||
if (--argc < 1) goto bad;
|
||||
outfile = *(++argv);
|
||||
if (!(outfp = fopen(outfile, "wb"))) {
|
||||
fprintf(stderr, "%s: open '%s' failure : %s\n", prog, outfile, strerror(errno));
|
||||
fprintf(stderr, "gmssl %s: open '%s' failure : %s\n", prog, outfile, strerror(errno));
|
||||
goto end;
|
||||
}
|
||||
} else {
|
||||
fprintf(stderr, "%s: illegal option '%s'\n", prog, *argv);
|
||||
fprintf(stderr, "gmssl %s: illegal option '%s'\n", prog, *argv);
|
||||
goto end;
|
||||
bad:
|
||||
fprintf(stderr, "%s: '%s' option value missing\n", prog, *argv);
|
||||
fprintf(stderr, "gmssl %s: '%s' option value missing\n", prog, *argv);
|
||||
goto end;
|
||||
}
|
||||
|
||||
@@ -100,30 +123,30 @@ bad:
|
||||
}
|
||||
|
||||
if (!pass) {
|
||||
fprintf(stderr, "%s: option '-pass' required\n", prog);
|
||||
fprintf(stderr, "gmssl %s: option '-pass' required\n", prog);
|
||||
goto end;
|
||||
}
|
||||
if (!salthex) {
|
||||
fprintf(stderr, "%s: option '-salt' required\n", prog);
|
||||
fprintf(stderr, "gmssl %s: option '-salt' required\n", prog);
|
||||
goto end;
|
||||
}
|
||||
if (!iter) {
|
||||
fprintf(stderr, "%s: option '-iter' required\n", prog);
|
||||
fprintf(stderr, "gmssl %s: option '-iter' required\n", prog);
|
||||
goto end;
|
||||
}
|
||||
if (!outlen) {
|
||||
fprintf(stderr, "%s: option '-outlen' required\n", prog);
|
||||
fprintf(stderr, "gmssl %s: option '-outlen' required\n", prog);
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (sm3_pbkdf2(pass, strlen(pass), salt, saltlen, iter, outlen, outbuf) != 1) {
|
||||
fprintf(stderr, "%s: inner error\n", prog);
|
||||
fprintf(stderr, "gmssl %s: inner error\n", prog);
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (bin) {
|
||||
if (fwrite(outbuf, 1, outlen, outfp) != outlen) {
|
||||
fprintf(stderr, "%s: output failure : %s\n", prog, strerror(errno));
|
||||
fprintf(stderr, "gmssl %s: output failure : %s\n", prog, strerror(errno));
|
||||
goto end;
|
||||
}
|
||||
} else {
|
||||
@@ -267,7 +267,7 @@ bad:
|
||||
}
|
||||
|
||||
} else {
|
||||
if (inlen < taglen) {
|
||||
if (inlen < (size_t)taglen) {
|
||||
fprintf(stderr, "gmssl %s: input length (%zu bytes) shorter than tag length (%d bytes)\n",
|
||||
prog, inlen, taglen);
|
||||
goto end;
|
||||
|
||||
@@ -69,7 +69,6 @@ int tlcp_client_main(int argc, char *argv[])
|
||||
char buf[1024] = {0};
|
||||
size_t len = sizeof(buf);
|
||||
char send_buf[1024] = {0};
|
||||
size_t sentlen;
|
||||
int read_stdin = 1;
|
||||
|
||||
argc--;
|
||||
|
||||
Reference in New Issue
Block a user