Add more gmssl command tests

CMakeLists.txt

@@ -657,9 +657,10 @@ if (CMAKE_C_COMPILER_ID MATCHES "MSVC")
 endif()
 
 
-add_test(NAME gmssl_sm3
-         COMMAND ${CMAKE_COMMAND} -P "${CMAKE_SOURCE_DIR}/cmake/gmssl_sm3.cmake")
-
+add_test(NAME gmssl_sm3 COMMAND ${CMAKE_COMMAND} -P "${CMAKE_SOURCE_DIR}/cmake/gmssl_sm3.cmake")
+add_test(NAME gmssl_sm2 COMMAND ${CMAKE_COMMAND} -P "${CMAKE_SOURCE_DIR}/cmake/gmssl_sm2.cmake")
+add_test(NAME gmssl_cert COMMAND ${CMAKE_COMMAND} -P "${CMAKE_SOURCE_DIR}/cmake/gmssl_cert.cmake")
+add_test(NAME gmssl_tlcp COMMAND ${CMAKE_COMMAND} -P "${CMAKE_SOURCE_DIR}/cmake/gmssl_tlcp.cmake")
 
 # Generate install package with cpack
 #	cpack -G TGZ

cmake/gmssl_cert.cmake

@@ -0,0 +1,144 @@
+
+
+execute_process(
+	COMMAND gmssl sm2keygen -pass P@ssw0rd -out rootcakey.pem
+	RESULT_VARIABLE TEST_RESULT
+	ERROR_VARIABLE TEST_STDERR
+	OUTPUT_VARIABLE TEST_OUTPUT
+)
+if(NOT ${TEST_RESULT} EQUAL 0)
+	message(FATAL_ERROR "stderr: ${TEST_STDERR}")
+endif()
+
+if(NOT EXISTS sm2.pem)
+    message(FATAL_ERROR "Generated file does not exist")
+endif()
+
+if(NOT EXISTS sm2pub.pem)
+    message(FATAL_ERROR "Generated file does not exist")
+endif()
+
+
+
+execute_process(
+	COMMAND gmssl certgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN ROOTCA -days 3650 -key rootcakey.pem -pass P@ssw0rd -out rootcacert.pem -key_usage keyCertSign -key_usage cRLSign -ca
+	RESULT_VARIABLE TEST_RESULT
+	ERROR_VARIABLE TEST_STDERR
+	OUTPUT_VARIABLE TEST_OUTPUT
+)
+if(NOT ${TEST_RESULT} EQUAL 0)
+	message(FATAL_ERROR "stderr: ${TEST_STDERR}")
+endif()
+
+
+
+execute_process(
+	COMMAND gmssl sm2keygen -pass P@ssw0rd -out cakey.pem
+	RESULT_VARIABLE TEST_RESULT
+	ERROR_VARIABLE TEST_STDERR
+	OUTPUT_VARIABLE TEST_OUTPUT
+)
+if(NOT ${TEST_RESULT} EQUAL 0)
+	message(FATAL_ERROR "stderr: ${TEST_STDERR}")
+endif()
+
+
+execute_process(
+	COMMAND gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN "Sub CA" -key cakey.pem -pass P@ssw0rd -out careq.pem
+	RESULT_VARIABLE TEST_RESULT
+	ERROR_VARIABLE TEST_STDERR
+)
+if(NOT ${TEST_RESULT} EQUAL 0)
+	message(FATAL_ERROR "stderr: ${TEST_STDERR}")
+endif()
+
+
+
+execute_process(
+	COMMAND gmssl reqsign -in careq.pem -days 365 -key_usage keyCertSign -path_len_constraint 0 -cacert rootcacert.pem -key rootcakey.pem -pass P@ssw0rd -out cacert.pem -ca
+	RESULT_VARIABLE TEST_RESULT
+	ERROR_VARIABLE TEST_STDERR
+)
+if(NOT ${TEST_RESULT} EQUAL 0)
+	message(FATAL_ERROR "stderr: ${TEST_STDERR}")
+endif()
+
+
+# gmssl sm2keygen -pass P@ssw0rd -out signkey.pem
+# gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -key signkey.pem -pass P@ssw0rd -out signreq.pem
+# gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass P@ssw0rd -out signcert.pem
+
+execute_process(
+	COMMAND gmssl sm2keygen -pass P@ssw0rd -out signkey.pem
+	RESULT_VARIABLE TEST_RESULT
+	ERROR_VARIABLE TEST_STDERR
+)
+if(NOT ${TEST_RESULT} EQUAL 0)
+	message(FATAL_ERROR "stderr: ${TEST_STDERR}")
+endif()
+
+execute_process(
+	COMMAND gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -key signkey.pem -pass P@ssw0rd -out signreq.pem
+	RESULT_VARIABLE TEST_RESULT
+	ERROR_VARIABLE TEST_STDERR
+)
+if(NOT ${TEST_RESULT} EQUAL 0)
+	message(FATAL_ERROR "stderr: ${TEST_STDERR}")
+endif()
+
+execute_process(
+	COMMAND gmssl reqsign -in signreq.pem -days 365 -key_usage digitalSignature -cacert cacert.pem -key cakey.pem -pass P@ssw0rd -out signcert.pem
+	RESULT_VARIABLE TEST_RESULT
+	ERROR_VARIABLE TEST_STDERR
+)
+if(NOT ${TEST_RESULT} EQUAL 0)
+	message(FATAL_ERROR "stderr: ${TEST_STDERR}")
+endif()
+
+
+# gmssl sm2keygen -pass P@ssw0rd -out enckey.pem
+# gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -key enckey.pem -pass P@ssw0rd -out encreq.pem
+# gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass P@ssw0rd -out enccert.pem
+
+
+execute_process(
+	COMMAND gmssl sm2keygen -pass P@ssw0rd -out enckey.pem
+	RESULT_VARIABLE TEST_RESULT
+	ERROR_VARIABLE TEST_STDERR
+)
+if(NOT ${TEST_RESULT} EQUAL 0)
+	message(FATAL_ERROR "stderr: ${TEST_STDERR}")
+endif()
+
+execute_process(
+	COMMAND gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -key enckey.pem -pass P@ssw0rd -out encreq.pem
+	RESULT_VARIABLE TEST_RESULT
+	ERROR_VARIABLE TEST_STDERR
+)
+if(NOT ${TEST_RESULT} EQUAL 0)
+	message(FATAL_ERROR "stderr: ${TEST_STDERR}")
+endif()
+
+execute_process(
+	COMMAND gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass P@ssw0rd -out enccert.pem
+	RESULT_VARIABLE TEST_RESULT
+	ERROR_VARIABLE TEST_STDERR
+)
+if(NOT ${TEST_RESULT} EQUAL 0)
+	message(FATAL_ERROR "stderr: ${TEST_STDERR}")
+endif()
+
+
+
+file(WRITE double_certs.pem "")
+file(READ signcert.pem CERT_CONTENT)
+file(APPEND double_certs.pem "${CERT_CONTENT}")
+file(READ enccert.pem CERT_CONTENT)
+file(APPEND double_certs.pem "${CERT_CONTENT}")
+file(READ cacert.pem CERT_CONTENT)
+file(APPEND double_certs.pem "${CERT_CONTENT}")
+
+
+
+
+

cmake/gmssl_sm2.cmake

@@ -0,0 +1,76 @@
+execute_process(
+	COMMAND gmssl sm2keygen -pass P@ssw0rd -out sm2.pem -pubout sm2pub.pem
+	RESULT_VARIABLE TEST_RESULT
+	ERROR_VARIABLE TEST_STDERR
+	OUTPUT_VARIABLE TEST_OUTPUT
+)
+
+if(NOT ${TEST_RESULT} EQUAL 0)
+	message(FATAL_ERROR "stderr: ${TEST_STDERR}")
+endif()
+
+if(NOT EXISTS sm2.pem)
+    message(FATAL_ERROR "Generated file does not exist")
+endif()
+
+if(NOT EXISTS sm2pub.pem)
+    message(FATAL_ERROR "Generated file does not exist")
+endif()
+
+# sign
+
+execute_process(
+	COMMAND bash -c "echo -n 'message to be signed' | gmssl sm2sign -key sm2.pem -pass P@ssw0rd -out sm2.sig"
+	RESULT_VARIABLE TEST_RESULT
+	ERROR_VARIABLE TEST_STDERR
+	OUTPUT_VARIABLE TEST_OUTPUT
+)
+
+if(NOT ${TEST_RESULT} EQUAL 0)
+	message(FATAL_ERROR "stderr: ${TEST_STDERR}")
+endif()
+
+# verify
+
+execute_process(
+	COMMAND bash -c "echo -n 'message to be signed' | gmssl sm2verify -pubkey sm2pub.pem -sig sm2.sig"
+	RESULT_VARIABLE TEST_RESULT
+	ERROR_VARIABLE TEST_STDERR
+	OUTPUT_VARIABLE TEST_OUTPUT
+)
+
+if(NOT ${TEST_RESULT} EQUAL 0)
+	message(FATAL_ERROR "stderr: ${TEST_STDERR}")
+endif()
+
+#encrypt
+
+execute_process(
+	COMMAND bash -c "echo 'Secret message' | gmssl sm2encrypt -pubkey sm2pub.pem -out sm2.der"
+	RESULT_VARIABLE TEST_RESULT
+	ERROR_VARIABLE TEST_STDERR
+	OUTPUT_VARIABLE TEST_OUTPUT
+)
+
+if(NOT ${TEST_RESULT} EQUAL 0)
+	message(FATAL_ERROR "stderr: ${TEST_STDERR}")
+endif()
+
+# decrypt
+
+execute_process(
+	COMMAND bash -c "echo 'Secret message' | gmssl sm2encrypt -pubkey sm2pub.pem -out sm2.der"
+	RESULT_VARIABLE TEST_RESULT
+	ERROR_VARIABLE TEST_STDERR
+	OUTPUT_VARIABLE TEST_OUTPUT
+)
+
+if(NOT ${TEST_RESULT} EQUAL 0)
+	message(FATAL_ERROR "stderr: ${TEST_STDERR}")
+endif()
+
+
+if(NOT ${TEST_OUTPUT} STREQUAL "Secret message")
+	message(FATAL_ERROR "stdout: ${TEST_OUTPUT}")
+endif()
+

cmake/gmssl_tlcp.cmake

@@ -0,0 +1,49 @@
+
+# tlcp_server [-port num] -cert file -key file [-pass str] -ex_key file [-ex_pass str] [-cacert file]
+execute_process(
+    COMMAND bash -c "sudo nohup gmssl tlcp_server -port 4433 -cert double_certs.pem -key signkey.pem -pass P@ssw0rd -ex_key enckey.pem -ex_pass P@ssw0rd > server_output.log 2>&1 &"
+    WORKING_DIRECTORY ${CMAKE_BINARY_DIR}
+    RESULT_VARIABLE SERVER_RESULT
+    TIMEOUT 5
+    COMMAND_ECHO STDOUT
+    OUTPUT_VARIABLE SERVER_OUTPUT
+    ERROR_VARIABLE SERVER_ERROR
+)
+message(STATUS "Server start output: ${SERVER_OUTPUT}")
+message(STATUS "Server start error: ${SERVER_ERROR}")
+
+if(NOT ${SERVER_RESULT} EQUAL 0)
+    message(FATAL_ERROR "Server failed to start with result: ${SERVER_RESULT}")
+endif()
+
+execute_process(COMMAND ${CMAKE_COMMAND} -E sleep 2)
+
+
+
+
+execute_process(
+    COMMAND bash -c "gmssl tlcp_client -host localhost -port 4433 -cacert rootcacert.pem 2>&1 | tee client_output.log"
+    WORKING_DIRECTORY ${CMAKE_BINARY_DIR}
+    OUTPUT_VARIABLE CLIENT_OUTPUT
+    ERROR_VARIABLE CLIENT_ERROR
+    RESULT_VARIABLE CLIENT_RESULT
+    TIMEOUT 5
+    COMMAND_ECHO STDOUT
+)
+
+message(STATUS "Client connection output: ${CLIENT_OUTPUT}")
+message(STATUS "Client connection error: ${CLIENT_ERROR}")
+
+file(READ "${CMAKE_BINARY_DIR}/client_output.log" CLIENT_LOG_CONTENT)
+string(FIND "${CLIENT_LOG_CONTENT}" "Connection established" FOUND_INDEX)
+
+if(${FOUND_INDEX} EQUAL -1)
+    message(FATAL_ERROR "Client did not establish connection with server.")
+else()
+    message(STATUS "Client successfully established connection with server.")
+endif()
+
+execute_process(
+    COMMAND sudo pkill -f "${TOOL_COMMAND} tlcp_server"
+)
+