abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-05-11 10:56:17 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update some demos

Browse Source
This commit is contained in:
Zhi Guan
2018-11-01 11:21:14 +08:00
parent 676076278d
commit d58931925b
18 changed files with 492 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
demos/sdf/README.md Normal file
View File

@@ -0,0 +1,14 @@
# SDF Demos
- sdf-dev.sh - open device
- sdf-sm1.sh - encrypt/decrypt with sm1
- sdf-sm2enc.sh - encypt with sm2
- sdf-sm2sign.sh - sm2 sign/verify
- sdf-sm3.sh - sm3 test
- sdf-sm4.sh - sm4
- sdf-ssf33.sh - ssf33
- sdf-ssl-server.sh - TLS 1.2 server
- sdf-zuc.sh - zuc
- sdf.c - sdf open device
- sdf.cnf - configuration file for sdf engine

18
demos/sdf/sdf-dev.sh Executable file
View File

@@ -0,0 +1,18 @@
#!/bin/bash -x
SO_PATH="./libsdf.so"
echo "[Commands]"
gmssl engine sdf -vvvv
echo "[Capabilities]"
gmssl engine sdf -c
echo "[Change Device Label and Auth key]"
gmssl engine sdf -pre SO_PATH:$SO_PATH -pre OPEN_DEV
#gmssl engine sdf -pre SO_PATH:$SO_PATH -pre OPEN_DEV -pre OPEN_CONTAINER:1
echo "[Import/Export File]"
gmssl engine sdf -pre SO_PATH:$SO_PATH -pre IMPORT_FILE:localhost-signcer.pem

16
demos/sdf/sdf-sm1.sh Executable file
View File

@@ -0,0 +1,16 @@
#!/bin/bash -x
#key=00000000000000000000000000000000
#iv=00000000000000000000000000000000
key=12345678123456781234567812345678
iv=12345678123456781234567812345678
plaintext="This is the plaintext message."
# FIXME: sm1/ssf33 is unkonwn to enc command
ciphertext=`echo $plaintext | sudo gmssl enc -sm1 -engine sdf -K $key -iv $iv -a`
plaintext=`echo $ciphertext | sudo gmssl enc -sm1 -d -engine sdf -K $key -iv $iv -a`
echo "Ciphertext: $ciphertext"
echo "Plaintext: $plaintext"

21
demos/sdf/sdf-sm2enc.sh Executable file
View File

@@ -0,0 +1,21 @@
#!/bin/bash -x
echo "######################################################################"
echo "# #"
echo "# Default PIN: 11111111 #"
echo "# #"
echo "######################################################################"
echo "secret" | \
sudo gmssl pkeyutl -encrypt -engine sdf -keyform engine -inkey ecc_1.exch -out sm2ciphertext.der
# export the public key of the default encrypt/keyexchagne SM2 private key
# the default ID of the key container is `ecc_1.exch`
sudo gmssl pkey -engine sdf -inform engine -in ecc_1.exch -pubout -out sm2enckey.pem
echo "secret" | \
gmssl pkeyutl -encrypt -pkeyopt ec_scheme:sm2 -pkeyopt ec_encrypt_param:sm3 -pubin -inkey sm2enckey.pem -out sm2ciphertext2.der
sudo gmssl pkeyutl -decrypt -engine sdf -keyform engine -inkey ecc_1.exch -in sm2ciphertext.der
sudo gmssl pkeyutl -decrypt -engine sdf -keyform engine -inkey ecc_1.exch -in sm2ciphertext2.der

20
demos/sdf/sdf-sm2sign.sh Executable file
View File

@@ -0,0 +1,20 @@
#!/bin/bash -x
#
# FIXME: if App already exist, this script will fail.
#
VERBOSE=2
SO_PATH="./libsdf.so"
LABEL="MySKF"
APPNAME="MyApp1"
APPNAME2="MyApp2"
echo "[Sign/Verify with SM2 Container]"
echo "abc" | gmssl sm3 -binary | sudo gmssl pkeyutl -sign -pkeyopt ec_scheme:sm2 -engine sdf -keyform engine -inkey ecc_1.sign -out sm2.sig
echo "abc" | gmssl sm3 -binary | sudo gmssl pkeyutl -verify -pkeyopt ec_scheme:sm2 -engine sdf -keyform engine -inkey ecc_1.sign -sigfile sm2.sig
echo "[Verify with exported SM2 Verification Public Key]"
sudo gmssl pkey -engine sdf -inform engine -in ecc_1.sign -pubout -out sm2vkey.pem
echo "abc" | gmssl sm3 -binary | gmssl pkeyutl -verify -pkeyopt ec_scheme:sm2 -pubin -inkey sm2vkey.pem -sigfile sm2.sig

3
demos/sdf/sdf-sm3.sh Executable file
View File

@@ -0,0 +1,3 @@
#!/bin/bash -x
echo -n abc | sudo gmssl dgst -sm3 -engine sdf -engine_impl # -r

14
demos/sdf/sdf-sm4.sh Executable file
View File

@@ -0,0 +1,14 @@
#!/bin/bash -x
#key=00000000000000000000000000000000
#iv=00000000000000000000000000000000
key=12345678123456781234567812345678
iv=12345678123456781234567812345678
plaintext="This is the plaintext message."
ciphertext=`echo $plaintext | sudo gmssl sms4 -K $key -iv $iv -a`
echo $ciphertext
echo $plaintext | sudo gmssl sms4 -engine sdf -K $key -iv $iv -a
echo $ciphertext | sudo gmssl sms4 -d -engine sdf -K $key -iv $iv -a

16
demos/sdf/sdf-ssf33.sh Executable file
View File

@@ -0,0 +1,16 @@
#!/bin/bash -x
#key=00000000000000000000000000000000
#iv=00000000000000000000000000000000
key=12345678123456781234567812345678
iv=12345678123456781234567812345678
plaintext="This is the plaintext message."
# FIXME: sm1/ssf33 is unkonwn to enc command
ciphertext=`echo $plaintext | sudo gmssl enc -sm1 -engine sdf -K $key -iv $iv -a`
plaintext=`echo $ciphertext | sudo gmssl enc -sm1 -d -engine sdf -K $key -iv $iv -a`
echo "Ciphertext: $ciphertext"
echo "Plaintext: $plaintext"

7
demos/sdf/sdf-ssl-server.sh Executable file
View File

@@ -0,0 +1,7 @@
#!/bin/bash
# `-trace` option require `.config enable-ssl-trace`
#trace="-trace"
#sudo gmssl s_server -tls1_2 -unlink -port 443 -cipher SM2 -engine sdf -keyform ENGINE -key ecc_1.sign -cert localhost-signcer.pem -msg -rev
sudo gmssl s_server -rev $trace -tls1_2 -unlink -port 4433 -cipher SM2 -engine sdf -keyform ENGINE -cert localhost.pem -key ecc_1.sign

16
demos/sdf/sdf-zuc.sh Executable file
View File

@@ -0,0 +1,16 @@
#!/bin/bash -x
#key=00000000000000000000000000000000
#iv=00000000000000000000000000000000
key=12345678123456781234567812345678
iv=12345678123456781234567812345678
plaintext="This is the plaintext message."
# FIXME: sm1/ssf33 is unkonwn to enc command
ciphertext=`echo $plaintext | sudo gmssl enc -sm1 -engine sdf -K $key -iv $iv -a`
plaintext=`echo $ciphertext | sudo gmssl enc -sm1 -d -engine sdf -K $key -iv $iv -a`
echo "Ciphertext: $ciphertext"
echo "Plaintext: $plaintext"

16
demos/sdf/sdf.cnf Normal file
View File

@@ -0,0 +1,16 @@
# conf file for gmssl sdf engine
openssl_conf = openssl_init
[openssl_init]
engines = engine_section
[engine_section]
sdf = sdf_section
[sdf_section]
engine_id = sdf
SO_PATH = ./libswsds.so
VENDOR = sansec
OPEN_DEV =
init = 1