abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-05-06 16:36:16 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update tests and tools

Browse Source
This commit is contained in:
Zhi Guan
2022-03-16 15:12:29 +08:00
parent 2c2425d230
commit ea4cc6585c
52 changed files with 3600 additions and 3216 deletions
Download Patch File Download Diff File Expand all files Collapse all files

159
tests/aestest.c
View File

@@ -55,50 +55,6 @@
#include <gmssl/error.h>
int test_aes_ctr(void)
{
// NIST SP 800-38A F.5.1
char *hex_key = "2b7e151628aed2a6abf7158809cf4f3c";
char *hex_ctr = "f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff";
char *hex_msg = "6bc1bee22e409f96e93d7e117393172a"
"ae2d8a571e03ac9c9eb76fac45af8e51"
"30c81c46a35ce411e5fbc1191a0a52ef"
"f69f2445df4f9b17ad2b417be66c3710";
char *hex_out = "874d6191b620e3261bef6864990db6ce"
"9806f66b7970fdff8617187bb9fffdff"
"5ae4df3edbd5d35e5b4f09020db03eab"
"1e031dda2fbe03d1792170a0f3009cee";
int err = 0;
AES_KEY aes_key;
uint8_t key[32];
uint8_t ctr[16];
uint8_t msg[64];
uint8_t out[64];
uint8_t buf[64];
size_t keylen, ctrlen, msglen, outlen, buflen;
hex_to_bytes(hex_key, strlen(hex_key), key, &keylen);
hex_to_bytes(hex_ctr, strlen(hex_ctr), ctr, &ctrlen);
hex_to_bytes(hex_msg, strlen(hex_msg), msg, &msglen);
hex_to_bytes(hex_out, strlen(hex_out), out, &outlen);
aes_set_encrypt_key(&aes_key, key, keylen);
aes_ctr_encrypt(&aes_key, ctr, msg, msglen, buf);
buflen = msglen;
format_bytes(stdout, 0, 0, "aes_ctr(msg) = ", buf, buflen);
format_bytes(stdout, 0, 0, " = ", out, outlen);
hex_to_bytes(hex_ctr, strlen(hex_ctr), ctr, &ctrlen);
aes_ctr_encrypt(&aes_key, ctr, buf, buflen, buf);
format_bytes(stdout, 0, 0, "msg = ", msg, msglen);
format_bytes(stdout, 0, 0, " = ", buf, buflen);
return 1;
}
int test_aes(void)
{
int err = 0;
@@ -230,7 +186,65 @@ int test_aes(void)
printf("ok\n");
}
return 0;
return err;
}
int test_aes_ctr(void)
{
int err = 0;
// NIST SP 800-38A F.5.1
char *hex_key = "2b7e151628aed2a6abf7158809cf4f3c";
char *hex_ctr = "f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff";
char *hex_msg = "6bc1bee22e409f96e93d7e117393172a"
"ae2d8a571e03ac9c9eb76fac45af8e51"
"30c81c46a35ce411e5fbc1191a0a52ef"
"f69f2445df4f9b17ad2b417be66c3710";
char *hex_out = "874d6191b620e3261bef6864990db6ce"
"9806f66b7970fdff8617187bb9fffdff"
"5ae4df3edbd5d35e5b4f09020db03eab"
"1e031dda2fbe03d1792170a0f3009cee";
AES_KEY aes_key;
uint8_t key[32];
uint8_t ctr[16];
uint8_t msg[64];
uint8_t out[64];
uint8_t buf[64];
size_t keylen, ctrlen, msglen, outlen, buflen;
hex_to_bytes(hex_key, strlen(hex_key), key, &keylen);
hex_to_bytes(hex_ctr, strlen(hex_ctr), ctr, &ctrlen);
hex_to_bytes(hex_msg, strlen(hex_msg), msg, &msglen);
hex_to_bytes(hex_out, strlen(hex_out), out, &outlen);
aes_set_encrypt_key(&aes_key, key, keylen);
aes_ctr_encrypt(&aes_key, ctr, msg, msglen, buf);
buflen = msglen;
printf("aes ctr test 1 ");
if (memcmp(buf, out, outlen) != 0) {
printf("failed\n");
err++;
format_bytes(stdout, 0, 0, "aes_ctr(msg) = ", buf, buflen);
format_bytes(stdout, 0, 0, " != ", out, outlen);
} else {
printf("ok\n");
}
printf("aes ctr test 2 ");
hex_to_bytes(hex_ctr, strlen(hex_ctr), ctr, &ctrlen);
aes_ctr_decrypt(&aes_key, ctr, buf, buflen, buf);
if (memcmp(buf, msg, msglen) != 0) {
printf("failed\n");
format_bytes(stdout, 0, 0, "msg = ", msg, msglen);
format_bytes(stdout, 0, 0, " = ", buf, buflen);
err++;
} else {
printf("ok\n");
}
return err;
}
@@ -340,6 +354,7 @@ struct {
int test_aes_gcm(void)
{
int err = 0;
uint8_t K[32];
uint8_t P[64];
uint8_t A[32];
@@ -354,8 +369,6 @@ int test_aes_gcm(void)
uint8_t buf[64];
int i;
printf("%s\n", __FUNCTION__);
for (i = 0; i < sizeof(aes_gcm_tests)/sizeof(aes_gcm_tests[0]); i++) {
int ok = 1;
@@ -369,43 +382,33 @@ int test_aes_gcm(void)
aes_set_encrypt_key(&aes_key, K, Klen);
aes_gcm_encrypt(&aes_key, IV, IVlen, A, Alen, P, Plen, out, Tlen, tag);
if (aes_gcm_decrypt(&aes_key, IV, IVlen, A, Alen, out, Plen, tag, Tlen, buf) != 1) {
error_print();
ok = 0;
printf("aes gcm test %d ", i + 1);
if (aes_gcm_decrypt(&aes_key, IV, IVlen, A, Alen, out, Plen, tag, Tlen, buf) != 1
|| memcmp(buf, P, Plen) != 0) {
printf("failed\n");
format_print(stdout, 0, 2, "K = %s\n", aes_gcm_tests[i].K);
format_print(stdout, 0, 2, "P = %s\n", aes_gcm_tests[i].P);
format_print(stdout, 0, 2, "A = %s\n", aes_gcm_tests[i].A);
format_print(stdout, 0, 2, "IV = %s\n", aes_gcm_tests[i].IV);
format_print(stdout, 0, 2, "C = %s\n", aes_gcm_tests[i].C);
format_bytes(stdout, 0, 2, " = ", out, Plen);
format_print(stdout, 0, 2, "T = %s\n", aes_gcm_tests[i].T);
format_bytes(stdout, 0, 2, " = ", tag, Tlen);
err++;
} else {
printf("ok\n");
}
if (memcmp(buf, P, Plen) != 0) {
error_print();
ok = 0;
}
printf(" test %d %s\n", i + 1, ok ? "ok" : "error");
/*
format_print(stdout, 0, 2, "K = %s\n", aes_gcm_tests[i].K);
format_print(stdout, 0, 2, "P = %s\n", aes_gcm_tests[i].P);
format_print(stdout, 0, 2, "A = %s\n", aes_gcm_tests[i].A);
format_print(stdout, 0, 2, "IV = %s\n", aes_gcm_tests[i].IV);
format_print(stdout, 0, 2, "C = %s\n", aes_gcm_tests[i].C);
format_bytes(stdout, 0, 2, " = ", out, Plen);
format_print(stdout, 0, 2, "T = %s\n", aes_gcm_tests[i].T);
format_bytes(stdout, 0, 2, " = ", tag, Tlen);
printf("\n");
*/
}
return 0;
return err;
}
int main(void)
{
test_aes();
test_aes_ctr();
test_aes_gcm();
return 0;
int err = 0;
err += test_aes();
err += test_aes_ctr();
err += test_aes_gcm();
return err;
}

690
tests/asn1test.c
View File

@@ -53,22 +53,6 @@
#include <gmssl/asn1.h>
#include <gmssl/error.h>
#define BOOL_1 0
#define BOOL_2 1
#define INT_1 "\x00"
#define INT_2 "\x7f"
#define INT_3 "\x80"
#define INT_4 "\xff\xf0"
#define BITS_1 "\xff\xf0"
#define BITS_1_LEN 12
#define OCTETS_1 "\x12\x34\x45\x56"
#if 0
static void print_buf(const uint8_t *a, size_t len)
{
size_t i;
@@ -110,342 +94,432 @@ static void print_octets(const uint8_t *o, size_t olen)
static int test_asn1_tag(void)
{
int i = 0;
for (i = 0; i < 32; i++) {
printf("%s\n", asn1_tag_name(i));
int i;
format_print(stderr, 0, 0, "Tags:\n");
for (i = 1; i <= 13; i++) {
format_print(stderr, 0, 4, "%s (0x%02x)\n", asn1_tag_name(i), i);
}
for (i = 18; i <= 30; i++) {
format_print(stderr, 0, 4, "%s (0x%02x)\n", asn1_tag_name(i), i);
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_asn1_length(void)
{
int err = 0;
size_t tests[] = {5, 127, 128, 256, 65537, 1<<23, (size_t)1<<31, };
size_t val;
uint8_t buf[1024] = {0};
size_t tests[] = {
0,
5,
127,
128,
256,
344,
65537,
1<<23,
(size_t)1<<31,
};
size_t length;
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
size_t left = ((size_t)1 << 32);
size_t i;
int rv;
printf("%s\n", __FUNCTION__);
format_print(stderr, 0, 0, "Length:\n");
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
printf("%zu ", tests[i]);
}
printf("\n");
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
asn1_length_to_der(tests[i], &p, &len);
print_buf(buf, len);
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
rv = asn1_length_from_der(&val, &cp, &left);
assert(rv > 0);
if (val != tests[i]) {
error_print_msg("error decoding %zu-th length: get %zu, should be %zu", i, val, tests[i]);
err++;
if (asn1_length_to_der(tests[i], &p, &len) != 1) {
error_print();
return -1;
}
format_bytes(stderr, 0, 4, "", buf, len);
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
int ret;
ret = asn1_length_from_der(&length, &cp, &len);
if (ret != 1 && ret != -2) {
error_print();
return -1;
}
if (length != tests[i]) {
error_print();
return -1;
}
format_print(stderr, 0, 4, "%zd\n", length);
}
if (len != 0) {
error_print();
return -1;
}
printf("\n");
return err;
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_asn1_boolean(void)
{
int err = 0;
int tests[] = {0, 1};
int val;
uint8_t buf[1024] = {0};
uint8_t buf[128] = {0};
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
size_t left = sizeof(buf);
size_t i;
int rv;
printf("%s\n", __FUNCTION__);
format_print(stderr, 0, 0, "%s\n", asn1_tag_name(ASN1_TAG_BOOLEAN));
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
printf("%d ", tests[i]);
}
printf("\n");
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
asn1_boolean_to_der(tests[i], &p, &len);
print_buf(buf, len);
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
rv = asn1_boolean_from_der(&val, &cp, &left);
assert(rv > 0);
if (val != tests[i]) {
error_print_msg("error decoding %zu-th: get %d, should be %d", i, val, tests[i]);
err++;
if (asn1_boolean_to_der(tests[i], &p, &len) != 1) {
error_print();
return -1;
}
format_bytes(stderr, 0, 4, "", buf, len);
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
if (asn1_boolean_from_der(&val, &cp, &len) != 1
|| asn1_check(val == tests[i]) != 1) {
error_print();
return -1;
}
format_print(stderr, 0, 4, "%s\n", val ? "true" : "false");
}
if (len != 0) {
error_print();
return -1;
}
printf("\n");
return err;
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_asn1_integer(void)
static int test_asn1_int(void)
{
int err = 0;
int tests[] = {1, 127, 128, 65535, 65537, 1<<23, 1<<30, /* 0, -1 */ };
int tests[] = {
0,
1,
127,
128,
65535,
65537,
1<<23,
1<<30,
};
int val;
uint8_t buf[1024] = {0};
uint8_t buf[256] = {0};
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
size_t left = sizeof(buf);
size_t i;
int rv;
printf("%s\n", __FUNCTION__);
format_print(stderr, 0, 0, "%s\n", asn1_tag_name(ASN1_TAG_INTEGER));
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
printf("%d ", tests[i]);
}
printf("\n");
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
asn1_int_to_der(tests[i], &p, &len);
print_buf(buf, len);
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
rv = asn1_int_from_der(&val, &cp, &left);
assert(rv > 0);
if (val != tests[i]) {
error_print_msg("error decoding %zu-th: get %d, should be %d", i, val, tests[i]);
err++;
if (asn1_int_to_der(tests[i], &p, &len) != 1) {
error_print();
return -1;
}
format_bytes(stderr, 0, 4, "", buf, len);
}
// 测试 -1 表示默认不编码
if (asn1_int_to_der(-1, &p, &len) != 0) {
error_print();
return -1;
}
printf("\n");
return err;
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
if (asn1_int_from_der(&val, &cp, &len) != 1
|| asn1_check(val == tests[i]) != 1) {
error_print();
return -1;
}
format_print(stderr, 0, 4, "%d\n", val);
}
if (len != 0) {
error_print();
return -1;
}
// 测试返回0时是否对val值做初始化
if (asn1_int_from_der(&val, &cp, &len) != 0) {
error_print();
return -1;
}
if (val != -1) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_asn1_bit_string(void)
static int test_asn1_bits(void)
{
int err = 0;
int tests[] = {1, 0xfe, 0xff, 0xffff, 0xfffff };
int val;
uint8_t buf[1024] = {0};
int tests[] = {
0x01,
0x02,
0x03,
0x7f,
0xfe,
0xff,
0xffff,
0xfffff,
};
uint8_t der[] = {
0x03,0x02,0x07,0x80,
0x03,0x02,0x06,0x40,
0x03,0x02,0x06,0xC0,
0x03,0x02,0x01,0xFE,
0x03,0x02,0x00,0x7F,
0x03,0x02,0x00,0xFF,
0x03,0x03,0x00,0xFF,0xFF,
0x03,0x04,0x04,0xFF,0xFF,0xF0,
};
int bits;
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
size_t left = sizeof(buf);
size_t i;
int rv;
printf("%s\n", __FUNCTION__);
format_print(stderr, 0, 0, "%s\n", asn1_tag_name(ASN1_TAG_BIT_STRING));
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
printf("%d ", tests[i]);
}
printf("\n");
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
asn1_bits_to_der(tests[i], &p, &len);
print_buf(buf, len);
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
rv = asn1_bits_from_der(&val, &cp, &left);
assert(rv > 0);
if (val != tests[i]) {
error_print_msg("error decoding %zu-th: get %d, should be %d", i, val, tests[i]);
err++;
if (asn1_bits_to_der(tests[i], &p, &len) != 1) {
error_print();
return -1;
}
format_bytes(stderr, 0, 4, "", buf, len);
}
printf("\n");
return err;
if (sizeof(der) != len
|| memcmp(der, buf, len) != 0) {
error_print();
return -1;
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
if (asn1_bits_from_der(&bits, &cp, &len) != 1
|| asn1_check(bits == tests[i]) != 1) {
error_print();
return 1;
}
format_print(stderr, 0, 4, "%x\n", bits);
}
if (len != 0) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_asn1_null(void)
{
int err = 0;
int tests[6];
uint8_t buf[1024] = {0};
uint8_t buf[256] = {0};
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
size_t left = sizeof(buf);
size_t i;
int rv;
printf("%s\n", __FUNCTION__);
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
printf("null ");
format_print(stderr, 0, 0, "NULL\n");
for (i = 0; i < 3; i++) {
if (asn1_null_to_der(&p, &len) != 1) {
error_print();
return -1;
}
format_bytes(stderr, 0, 4, "", buf, len);
}
printf("\n");
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
asn1_null_to_der(&p, &len);
print_buf(buf, len);
for (i = 0; i < 3; i++) {
if (asn1_null_from_der(&cp, &len) != 1) {
error_print();
return -1;
}
format_print(stderr, 0, 4, "%s\n", asn1_tag_name(ASN1_TAG_NULL));
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
rv = asn1_null_from_der(&cp, &left);
assert(rv > 0);
if (asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
printf("\n");
return err;
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_asn1_object_identifier(void)
{
int err = 0;
int tests[] = {1, 2, 3, 4, 5, 6};
int val;
uint32_t nodes[32];
size_t nodes_count;
uint8_t buf[1024] = {0};
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
size_t left = sizeof(buf);
size_t i;
int rv;
format_print(stderr, 0, 0, "%s\n", asn1_tag_name(ASN1_TAG_OBJECT_IDENTIFIER));
printf("%s\n", __FUNCTION__);
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
printf("%d ", tests[i]);
}
printf("\n");
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
asn1_object_identifier_to_der(tests[i], NULL, 0, &p, &len);
print_buf(buf, len);
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
rv = asn1_object_identifier_from_der(&val, nodes, &nodes_count, &cp, &left);
assert(rv > 0);
if (val != tests[i]) {
error_print_msg("error decoding %zu-th: get %d, should be %d", i, val, tests[i]);
if (1) {
char *name = "sm2";
uint32_t oid[] = { 1,2,156,10197,1,301 };
uint8_t der[] = { 0x06, 0x08, 0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x82, 0x2D };
uint32_t nodes[32];
size_t nodes_cnt;
uint8_t buf[128];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
format_print(stderr, 0 ,4, "%s ", name);
if (asn1_object_identifier_to_der(oid, sizeof(oid)/sizeof(int), &p, &len) != 1
|| asn1_check(len == sizeof(der)) != 1
|| asn1_check(memcmp(buf, der, sizeof(der)) == 0) != 1
|| asn1_object_identifier_from_der(nodes, &nodes_cnt, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1
|| asn1_object_identifier_equ(nodes, nodes_cnt, oid, sizeof(oid)/sizeof(int)) != 1) {
printf("failed\n");
error_print();
err++;
} else {
printf("ok\n");
}
printf("%s\n", asn1_object_identifier_name(val));
}
printf("\n");
if (2) {
char *name = "x9.62-ecPublicKey";
uint32_t oid[] = { 1,2,840,10045,2,1 };
uint8_t der[] = { 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01 };
uint8_t buf[128];
uint32_t nodes[32];
size_t nodes_cnt;
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
format_print(stderr, 0 ,4, "%s ", name);
if (asn1_object_identifier_to_der(oid, sizeof(oid)/sizeof(int), &p, &len) != 1
|| asn1_check(len == sizeof(der)) != 1
|| asn1_check(memcmp(buf, der, sizeof(der)) == 0) != 1
|| asn1_object_identifier_from_der(nodes, &nodes_cnt, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1
|| asn1_object_identifier_equ(nodes, nodes_cnt, oid, sizeof(oid)/sizeof(int)) != 1) {
printf("failed\n");
error_print();
err++;
} else {
printf("ok\n");
}
}
if (!err) printf("%s() ok\n", __FUNCTION__);
return err;
}
static int test_asn1_printable_string(void)
{
int err = 0;
char *tests[] = {"hello", "world", "Just do it!"};
const char *val;
size_t vallen;
uint32_t nodes[32];
size_t nodes_count;
uint8_t buf[1024] = {0};
char *tests[] = {
"hello",
"world",
"Just do it!",
};
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
size_t left = sizeof(buf);
size_t i;
int rv;
printf("%s\n", __FUNCTION__);
format_print(stderr, 0, 0, "%s\n", asn1_tag_name(ASN1_TAG_PrintableString));
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
printf("%s\n", tests[i]);
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
asn1_printable_string_to_der(tests[i], &p, &len);
print_buf(buf, len);
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
char str[256] = {0};
rv = asn1_printable_string_from_der(&val, &vallen, &cp, &left);
assert(rv > 0);
memcpy(str, val, vallen);
if (strcmp(str, tests[i]) != 0) {
error_print_msg("error decoding %zu-th: get %s, should be %s", i, str, tests[i]);
err++;
if (asn1_printable_string_to_der(tests[i], strlen(tests[i]), &p, &len) != 1) {
error_print();
return 1;
}
printf("%s\n", str);
format_bytes(stderr, 0, 4, "", buf, len);
}
printf("\n");
return err;
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
const char *d;
size_t dlen;
if (asn1_printable_string_from_der(&d, &dlen, &cp, &len) != 1
|| strlen(tests[i]) != dlen
|| memcmp(tests[i], d, dlen) != 0) {
error_print();
return 1;
}
format_string(stderr, 0, 4, "", (uint8_t *)d, dlen);
}
if (len != 0) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_asn1_utf8_string(void)
{
int err = 0;
char *tests[] = {"hello", "world", "Just do it!"};
const char *val;
size_t vallen;
uint32_t nodes[32];
size_t nodes_count;
uint8_t buf[1024] = {0};
char *tests[] = {
"hello",
"world",
"Just do it!",
};
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
size_t left = sizeof(buf);
size_t i;
int rv;
printf("%s\n", __FUNCTION__);
format_print(stderr, 0, 0, "%s\n", asn1_tag_name(ASN1_TAG_UTF8String));
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
printf("%s\n", tests[i]);
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
asn1_utf8_string_to_der(tests[i], &p, &len);
print_buf(buf, len);
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
char str[256] = {0};
rv = asn1_utf8_string_from_der(&val, &vallen, &cp, &left);
assert(rv > 0);
memcpy(str, val, vallen);
if (strcmp(str, tests[i]) != 0) {
error_print_msg("error decoding %zu-th: get %s, should be %s", i, str, tests[i]);
err++;
if (asn1_utf8_string_to_der(tests[i], strlen(tests[i]), &p, &len) != 1) {
error_print();
return 1;
}
printf("%s\n", str);
format_bytes(stderr, 0, 4, "", buf, len);
}
printf("\n");
return err;
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
const char *d;
size_t dlen;
if (asn1_utf8_string_from_der(&d, &dlen, &cp, &len) != 1
|| strlen(tests[i]) != dlen
|| memcmp(tests[i], d, dlen) != 0) {
error_print();
return 1;
}
format_string(stderr, 0, 4, "", (uint8_t *)d, dlen);
}
if (len != 0) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_asn1_ia5_string(void)
{
int err = 0;
char *tests[] = {"hello", "world", "Just do it!"};
const char *val;
size_t vallen;
uint32_t nodes[32];
size_t nodes_count;
uint8_t buf[1024] = {0};
char *tests[] = {
"hello",
"world",
"Just do it!",
};
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
size_t left = sizeof(buf);
size_t i;
int rv;
printf("%s\n", __FUNCTION__);
format_print(stderr, 0, 0, "%s\n", asn1_tag_name(ASN1_TAG_IA5String));
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
printf("%s\n", tests[i]);
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
asn1_ia5_string_to_der(tests[i], &p, &len);
print_buf(buf, len);
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
char str[256] = {0};
rv = asn1_ia5_string_from_der(&val, &vallen, &cp, &left);
assert(rv > 0);
memcpy(str, val, vallen);
if (strcmp(str, tests[i]) != 0) {
error_print_msg("error decoding %zu-th: get %s, should be %s", i, str, tests[i]);
err++;
if (asn1_ia5_string_to_der(tests[i], strlen(tests[i]), &p, &len) != 1) {
error_print();
return 1;
}
printf("%s\n", str);
format_bytes(stderr, 0, 4, "", buf, len);
}
printf("\n");
return err;
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
const char *d;
size_t dlen;
if (asn1_ia5_string_from_der(&d, &dlen, &cp, &len) != 1
|| strlen(tests[i]) != dlen
|| memcmp(tests[i], d, dlen) != 0) {
error_print();
return 1;
}
format_string(stderr, 0, 4, "", (uint8_t *)d, dlen);
}
if (len != 0) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_time(void)
@@ -455,7 +529,6 @@ static int test_time(void)
time(&tval);
printf("%s", ctime(&tval));
printf("%08x%08x\n", (uint32_t)(tval >> 32), (uint32_t)tval);
return 0;
@@ -463,110 +536,99 @@ static int test_time(void)
static int test_asn1_utc_time(void)
{
int err = 0;
time_t tests[] = {0, 0, 1<<30 };
time_t val;
uint8_t buf[1024] = {0};
time_t tests[] = {
0,
0,
1<<30,
};
time_t tv;
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
size_t left = sizeof(buf);
size_t i;
int rv;
time(&tests[0]);
time(&tests[1]);
printf("%s\n", __FUNCTION__);
format_print(stderr, 0, 0, "%s\n", asn1_tag_name(ASN1_TAG_UTCTime));
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
printf("%s", ctime(&tests[i]));
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
asn1_utc_time_to_der(tests[i], &p, &len);
print_buf(buf, len);
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
rv = asn1_utc_time_from_der(&val, &cp, &left);
assert(rv > 0);
if (val != tests[i]) {
error_print_msg("error decoding %zu-th: get %zu, should be %zu", i, val, tests[i]);
err++;
if (asn1_utc_time_to_der(tests[i], &p, &len) != 1) {
error_print();
return -1;
}
printf("%s", ctime(&val));
format_bytes(stderr, 0, 4, "", buf, len);
}
printf("\n");
return err;
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
if (asn1_utc_time_from_der(&tv, &cp, &len) != 1
|| asn1_check(tv == tests[i]) != 1) {
error_print();
return -1;
}
format_print(stderr, 0, 4, "%s", ctime(&tv));
}
if (len != 0) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_asn1_generalized_time(void)
{
int err = 0;
time_t tests[] = {0, 1<<30};
time_t val;
uint8_t buf[1024] = {0};
time_t tests[] = {
0,
1<<30,
};
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
size_t left = sizeof(buf);
size_t i;
int rv;
time(&tests[0]);
printf("%s\n", __FUNCTION__);
format_print(stderr, 0, 0, "%s\n", asn1_tag_name(ASN1_TAG_GeneralizedTime));
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
printf("%s", ctime(&tests[i]));
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
asn1_generalized_time_to_der(tests[i], &p, &len);
print_buf(buf, len);
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
rv = asn1_generalized_time_from_der(&val, &cp, &left);
assert(rv > 0);
if (val != tests[i]) {
error_print_msg("error decoding %zu-th: get %zu, should be %zu", i, val, tests[i]);
err++;
if (asn1_generalized_time_to_der(tests[i], &p, &len) != 1) {
error_print();
return 1;
}
printf("%s", ctime(&val));
format_bytes(stderr, 0, 4, "", buf, len);
}
printf("\n");
return err;
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
time_t tv;
if (asn1_generalized_time_from_der(&tv, &cp, &len) != 1
|| asn1_check(tv == tests[i]) != 1) {
error_print();
return 1;
}
format_print(stderr, 0, 4, "%s", ctime(&tv));
}
if (len != 0) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
#endif
int main(void)
{
int err = 0;
//err += test_asn1_tag();
//err += test_asn1_length();
//err += test_asn1_boolean();
//err += test_asn1_integer();
//err += test_asn1_bit_string();
//err += test_asn1_null();
//err += test_asn1_object_identifier();
//err += test_asn1_printable_string();
//err += test_asn1_utf8_string();
//err += test_asn1_ia5_string();
//err += test_asn1_utc_time();
//err += test_asn1_generalized_time();
err += test_asn1_tag();
err += test_asn1_length();
err += test_asn1_boolean();
err += test_asn1_int();
err += test_asn1_bits();
err += test_asn1_null();
err += test_asn1_object_identifier();
err += test_asn1_printable_string();
err += test_asn1_utf8_string();
err += test_asn1_ia5_string();
err += test_asn1_utc_time();
err += test_asn1_generalized_time();
return err;
}

32
tests/base64test.c
View File

@@ -55,13 +55,14 @@
int test_base64(void)
{
int err = 0;
uint8_t bin1[50];
uint8_t bin2[100];
uint8_t bin3[200];
uint8_t buf1[8000] = {0};
uint8_t buf2[8000] = {0};
int err = 0;
BASE64_CTX ctx;
uint8_t *p;
int len;
@@ -78,8 +79,6 @@ int test_base64(void)
base64_encode_update(&ctx, bin3, sizeof(bin3), p, &len); p += len;
base64_encode_finish(&ctx, p, &len); p += len;
len = (int)(p - buf1);
printf("%s\n", buf1);
p = buf2;
base64_decode_init(&ctx);
@@ -87,24 +86,23 @@ int test_base64(void)
base64_decode_finish(&ctx, p, &len); p += len;
len = (int)(p - buf2);
printf("len = %d\n", len);
print_der(buf2, len);
printf("\n");
printf("base64 test ");
if (len != sizeof(bin1) + sizeof(bin2) + sizeof(bin3)
|| memcmp(buf2, bin1, sizeof(bin1)) != 0
|| memcmp(buf2 + sizeof(bin1), bin2, sizeof(bin2)) != 0
|| memcmp(buf2 + sizeof(bin1) + sizeof(bin2), bin3, sizeof(bin3)) != 0) {
printf("failed\n");
err++;
} else {
printf("ok\n");
}
return err;
}
int main(void)
{
test_base64();
return 0;
int err = 0;
err += test_base64();
return err;
}

12
tests/chacha20test.c
View File

@@ -55,7 +55,8 @@
int main(void)
{
int e = 0, i;
int err = 0;
int i;
const unsigned char key[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
@@ -83,13 +84,14 @@ int main(void)
chacha20_init(&state, key, nonce, counter);
chacha20_generate_keystream(&state, 1, buf);
printf("chacha20 test ");
if (memcmp(buf, testdata, sizeof(testdata)) != 0) {
printf("chacha20 test 1 failed\n");
return -1;
printf("failed\n");
err++;
} else {
printf("chacha20 test 1 ok\n");
printf("ok\n");
}
return 0;
return err;
}

567
tests/cmstest.c
View File

@@ -56,572 +56,7 @@
#include <gmssl/sm4.h>
#include <gmssl/cms.h>
#if 0
static int test_cms_data(void)
int main(int argc, char **argv)
{
uint8_t data[20];
uint8_t der[512];
uint8_t *p = der;
size_t len = 0;
int i;
memset(data, 'A', sizeof(data));
if (cms_content_info_to_der(CMS_data, data, sizeof(data), &p, &len) != 1
|| cms_content_info_print(stdout, der, len, 0, 0) != 1) {
error_print();
return -1;
}
return 0;
}
static int test_cms_enced_content_info(void)
{
SM4_KEY sm4_key;
uint8_t key[16] = {0};
uint8_t iv[16] = {0};
uint8_t data[] = "Hello!";
uint8_t buf[512];
const uint8_t *cp = buf;
uint8_t *p = buf;
size_t len = 0;
int content_type;
uint8_t content[512] = {0};
const uint8_t *shared_info1;
const uint8_t *shared_info2;
size_t content_len;
size_t shared_info1_len;
size_t shared_info2_len;
sm4_set_encrypt_key(&sm4_key, key);
if (cms_enced_content_info_encrypt_to_der(&sm4_key, iv,
CMS_data, data, sizeof(data),
NULL, 0, NULL, 0, &p, &len) != 1) {
error_print();
return -1;
}
sm4_set_decrypt_key(&sm4_key, key);
if (cms_enced_content_info_decrypt_from_der(&sm4_key, &content_type, content, &content_len,
&shared_info1, &shared_info1_len,
&shared_info2, &shared_info2_len,
&cp, &len) != 1) {
error_print();
return -1;
}
printf("ContentType: %s\n", cms_content_type_name(content_type));
printf("Content: %s\n", (char *)content);
printf("SharedInfo1: %s\n", (char *)shared_info1);
printf("SharedInfo2: %s\n", (char *)shared_info2);
return 0;
}
static int test_cms_encrypt(void)
{
uint8_t key[16];
uint8_t msg[] = "Hello world!";
uint8_t cbuf[512];
uint8_t mbuf[512] = {0};
size_t clen, mlen;
int content_type = 0;
const uint8_t *shared_info1 = NULL;
const uint8_t *shared_info2 = NULL;
size_t shared_info1_len, shared_info2_len;
printf("%s()\n", __FUNCTION__);
if (cms_encrypt(key, msg, sizeof(msg), cbuf, &clen) != 1) {
error_print();
return -1;
}
cms_content_info_print(stdout, cbuf, clen, 0, 0);
if (cms_decrypt(key, cbuf, clen, &content_type, mbuf, &mlen) != 1) {
error_print();
return -1;
}
printf(" ContentType : %s\n", cms_content_type_name(content_type));
printf(" Content: %s\n", mbuf);
return 0;
}
static int test_cms_key_agreement_info(void)
{
SM2_KEY sm2_key;
X509_CERTIFICATE cert;
FILE *key_fp = fopen("sign_key.pem", "r");
FILE *cert_fp = fopen("sign_cert.pem", "r");
uint8_t buf[512];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *id;
size_t idlen;
if (sm2_private_key_from_pem(&sm2_key, key_fp) != 1) {
error_print();
return -1;
}
if (x509_certificate_from_pem(&cert, cert_fp) != 1) {
error_print();
return -1;
}
if (cms_key_agreement_info_to_der(&sm2_key, &cert, (uint8_t *)"Alice", strlen("Alice"), &p, &len) != 1) {
error_print();
return -1;
}
cms_key_agreement_info_print(stdout, buf, len, 0, 0);
if (cms_key_agreement_info_from_der(&sm2_key, &cert, &id, &idlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
return 0;
}
static int test_cms_issuer_and_serial_number(void)
{
FILE *cert_fp = fopen("sign_cert.pem", "r");
X509_CERTIFICATE cert;
X509_NAME issuer;
const X509_NAME *issuer_ptr;
const uint8_t *serial_number;
size_t serial_number_len;
const SM2_KEY *sm2_key;
uint8_t buf[512];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
if (x509_certificate_from_pem(&cert, cert_fp) != 1) {
error_print();
return -1;
}
if (cms_issuer_and_serial_number_from_certificate(&issuer_ptr,
&serial_number, &serial_number_len, &cert) != 1) {
error_print();
return -1;
}
if (cms_issuer_and_serial_number_to_der(issuer_ptr, serial_number, serial_number_len, &p, &len) != 1) {
error_print();
return -1;
}
if (cms_issuer_and_serial_number_from_der(&issuer, &serial_number, &serial_number_len, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
cms_issuer_and_serial_number_print(stdout, &issuer, serial_number, serial_number_len, 0, 0);
return 0;
}
// 从这个测试可以看出由于CMS类型非常复杂因此最好能够将其打包称为一个struct但是要区分指针类型和存储类型
static int test_cms_recipient_info(void)
{
FILE *key_fp = fopen("sign_key.pem", "r");
FILE *cert_fp = fopen("sign_cert.pem", "r");
X509_CERTIFICATE cert;
X509_NAME issuer;
SM2_KEY sm2_key;
const X509_NAME *issuer_ptr;
const uint8_t *serial_number;
size_t serial_number_len;
const SM2_KEY *pub_key;
uint8_t key[128] = {1,2,3};
size_t keylen = 16;
uint8_t buf[512];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
if (x509_certificate_from_pem(&cert, cert_fp) != 1) {
error_print();
return -1;
}
if (cms_public_key_from_certificate(&pub_key, &cert) != 1) {
error_print();
return -1;
}
sm2_key_print(stdout, pub_key, 0, 0);
if (cms_recipient_info_from_x509_certificate(&pub_key, &issuer_ptr, &serial_number, &serial_number_len, &cert) != 1) {
error_print();
return -1;
}
if (cms_recipient_info_encrypt_to_der(pub_key, issuer_ptr, serial_number, serial_number_len, key, keylen, &p, &len) != 1) {
error_print();
return -1;
}
int version;
int pke_algor;
const uint8_t *params;
size_t paramslen;
const uint8_t *enced_key;
size_t enced_key_len;
/*
// 这个函数导致cp, len的长度发生变化
if (cms_recipient_info_from_der(&version, &issuer, &serial_number, &serial_number_len,
&pke_algor, &params, &paramslen,
&enced_key, &enced_key_len,
&cp, &len) != 1) {
error_print();
return -1;
}
cms_recipient_info_print(stdout,
version, &issuer, serial_number, serial_number_len,
pke_algor, params, paramslen,
enced_key, enced_key_len,
0, 0);
*/
if (sm2_private_key_from_pem(&sm2_key, key_fp) != 1) {
error_print();
return -1;
}
sm2_key_print(stdout, &sm2_key, 0, 0);
if (cms_recipient_info_decrypt_from_der(&sm2_key, &issuer, &serial_number, &serial_number_len, key, &keylen, &cp, &len) != 1) {
error_print();
return -1;
}
format_bytes(stdout, 0, 0, "decrypted_key : ", key, keylen);
return 0;
}
static int test_cms_enveloped_data(void)
{
FILE *key_fp = fopen("sign_key.pem", "r");
FILE *cert_fp = fopen("sign_cert.pem", "r");
X509_CERTIFICATE cert;
X509_NAME issuer;
SM2_KEY sm2_key;
const X509_NAME *issuer_ptr;
const uint8_t *serial_number;
size_t serial_number_len;
const SM2_KEY *pub_key;
uint8_t key[128] = {1,2,3};
size_t keylen = 16;
uint8_t buf[512];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
if (x509_certificate_from_pem(&cert, cert_fp) != 1) {
error_print();
return -1;
}
uint8_t data[8];
if (cms_enveloped_data_encrypt_to_der(&cert, 1,
CMS_data, data, sizeof(data),
NULL, 0, NULL, 0, &p, &len) != 1) {
error_print();
return -1;
}
error_print_msg("len = %zu\n", len);
//cms_enveloped_data_print(stdout, cp, len, 0, 0);
//return 0;
if (sm2_private_key_from_pem(&sm2_key, key_fp) != 1) {
error_print();
return -1;
}
int content_type;
uint8_t content[512];
size_t content_len;
const uint8_t *shared_info1, *shared_info2;
size_t shared_info1_len, shared_info2_len;
if (cms_enveloped_data_decrypt_from_der(
&sm2_key, &cert,
&content_type, content, &content_len,
&shared_info1, &shared_info1_len,
&shared_info2, &shared_info2_len,
&cp, &len) != 1) {
error_print();
return -1;
}
return 0;
}
static int test_cms_signer_info(void)
{
FILE *key_fp = fopen("sign_key.pem", "r");
FILE *cert_fp = fopen("sign_cert.pem", "r");
X509_CERTIFICATE cert;
X509_NAME issuer;
SM2_KEY sm2_key;
const X509_NAME *issuer_ptr;
const uint8_t *serial_number;
size_t serial_number_len;
const SM2_KEY *pub_key;
uint8_t key[128] = {1,2,3};
size_t keylen = 16;
uint8_t buf[512];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
if (x509_certificate_from_pem(&cert, cert_fp) != 1) {
error_print();
return -1;
}
if (cms_issuer_and_serial_number_from_certificate(&issuer_ptr,
&serial_number, &serial_number_len, &cert) != 1) {
error_print();
return -1;
}
uint8_t attrs[10];
if (cms_signer_info_to_der(
issuer_ptr,
serial_number, serial_number_len,
OID_sm3,
attrs, sizeof(attrs),
attrs, sizeof(attrs),
attrs, sizeof(attrs),
&p, &len) != 1) {
error_print();
return -1;
}
const uint8_t *authed_attrs, *unauthed_attrs, *sig;
size_t authed_attrs_len, unauthed_attrs_len, siglen;
int dgst_algor, sign_algor;
if (cms_signer_info_from_der(
&issuer,
&serial_number, &serial_number_len,
&dgst_algor,
&authed_attrs, &authed_attrs_len,
&sign_algor,
&sig, &siglen,
&unauthed_attrs, &unauthed_attrs_len,
&cp, &len) != 1) {
error_print();
return -1;
}
cms_signer_info_print(stdout,
1,
&issuer, serial_number, serial_number_len,
dgst_algor, NULL, 0,
authed_attrs, authed_attrs_len,
sign_algor, NULL, 0,
sig, siglen,
unauthed_attrs, unauthed_attrs_len,
0, 0);
p = buf;
cp = buf;
len = 0;
SM3_CTX sm3_ctx;
// 这里根本没有测试验证过程
/*
270 int cms_signer_info_from_der(X509_NAME *issuer,
271 const uint8_t **serial_number, size_t *serial_number_len,
272 int *digest_algor,
273 const uint8_t **authed_attrs, size_t *authed_attrs_len,
274 int *sign_algor,
275 const uint8_t **enced_digest, size_t *enced_digest_len,
276 const uint8_t **unauthed_attrs, size_t *unauthed_attrs_len,
277 const uint8_t **in, size_t *inlen);
*/
return 0;
}
static int test_cms_signed_data(void)
{
FILE *key_fp = fopen("sign_key.pem", "r");
FILE *cert_fp = fopen("sign_cert.pem", "r");
X509_CERTIFICATE cert;
X509_NAME issuer;
SM2_KEY sm2_key;
const X509_NAME *issuer_ptr;
const uint8_t *serial_number;
size_t serial_number_len;
const SM2_KEY *pub_key;
uint8_t key[128] = {1,2,3};
size_t keylen = 16;
uint8_t buf[1512];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
uint8_t data[10] = {0};
if (x509_certificate_from_pem(&cert, cert_fp) != 1) {
error_print();
return -1;
}
if (sm2_private_key_from_pem(&sm2_key, key_fp) != 1) {
error_print();
return -1;
}
if (cms_signed_data_sign_to_der(&sm2_key, &cert, 1,
CMS_data, data, sizeof(data),
NULL, 0,
&p, &len) != 1) {
error_print();
return -1;
}
cms_signed_data_print(stdout, buf, len, 0, 0);
// 这个函数有问题因为from_der返回的0和验证签名返回的0可能产生冲突
// 还是应该直接提供一个函数只做verify不做from_der
int content_type;
const uint8_t *dgst_algors, *content, *certs, *crls, *signer_infos;
size_t dgst_algors_len, content_len, certs_len, crls_len, signer_infos_len;
if (cms_signed_data_from_der(
&dgst_algors, &dgst_algors_len,
&content_type, &content, &content_len,
&certs, &certs_len,
&crls, &crls_len,
&signer_infos, &signer_infos_len,
&cp, &len) != 1) {
error_print();
return -1;
}
if (cms_signed_data_verify(
content_type, content, content_len,
certs, certs_len,
signer_infos, signer_infos_len) != 1) {
error_print();
return -1;
}
return 0;
}
static int test_cms_sign(void)
{
SM2_KEY sign_key;
X509_CERTIFICATE sign_cert;
uint8_t in[20];
uint8_t out[1024];
size_t outlen = 0;
FILE *key_fp = fopen("sign_key.pem", "r");
FILE *cert_fp = fopen("sign_cert.pem", "r");
if (sm2_private_key_from_pem(&sign_key, key_fp) != 1) {
error_print();
return -1;
}
if (x509_certificate_from_pem(&sign_cert, cert_fp) != 1) {
error_print();
return -1;
}
if (cms_sign(&sign_key, &sign_cert, 1, in, sizeof(in), out, &outlen) != 1) {
error_print();
return -1;
}
cms_content_info_print(stdout, out, outlen, 0, 0);
int content_type;
const uint8_t *content, *certs, *crls, *signer_infos;
size_t content_len, certs_len, crls_len, signer_infos_len;
if (cms_verify(&content_type, &content, &content_len,
&certs, &certs_len,
&crls, &crls_len,
&signer_infos, &signer_infos_len,
out, outlen) != 1) {
error_print();
return -1;
}
return 1;
}
#endif
int main(void)
{
//test_cms_data();
//test_cms_enced_content_info();
//test_cms_encrypt();
//test_cms_key_agreement_info();
//test_cms_issuer_and_serial_number();
//test_cms_recipient_info();
//test_cms_signer_info();
//test_cms_signed_data();
//test_cms_enveloped_data();
//test_cms_sign();
return 0;
}

9
tests/gcmtest.c
View File

@@ -148,12 +148,13 @@ int test_ghash(void)
format_print(stdout, 0, 2, " = %s\n\n", ghash_tests[i].T);
*/
}
return 1;
return 0;
}
int main(void)
int main(int argc, char **argv)
{
test_ghash();
return 1;
int err = 0;
err += test_ghash();
return err;
}

4
tests/gf128test.c
View File

@@ -91,9 +91,5 @@ int main(void)
gf128_print("H = ", H);
gf128_print("C * H = ", T);
return 0;
}

62
tests/oidtest.c
View File

@@ -1,62 +0,0 @@
/*
* Copyright (c) 2014 - 2020 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <stdint.h>
#include <gmssl/oid.h>
#include <gmssl/asn1.h>
int main(void)
{
// test_asn1_oid();
test_asn1_object_identifier();
return 1;
}

34
tests/pbkdf2test.c
View File

@@ -52,7 +52,7 @@
#include <stdlib.h>
#include <gmssl/hex.h>
#include <gmssl/pbkdf2.h>
#include <gmssl/error.h>
struct {
@@ -85,13 +85,15 @@ struct {
20,
"4b007901b765489abead49d926f721d065a429c1",
},
/*
{
"password",
"salt",
16777216,
16777216, // very slow
20,
"eefe3d61cd4da4e4e9945b3d6ba2158c2634e984",
},
*/
{
"passwordPASSWORDpassword",
"saltSALTsaltSALTsaltSALTsaltSALTsalt",
@@ -101,7 +103,7 @@ struct {
},
};
/*
void test(void)
{
HMAC_CTX ctx;
@@ -133,8 +135,9 @@ void test(void)
}
printf("\n");
}
*/
int main(void)
static int test_pbkdf2_genkey(void)
{
int i;
uint8_t key[64];
@@ -144,17 +147,28 @@ int main(void)
for (i = 0; i < sizeof(pbkdf2_hmac_sha1_tests)/sizeof(pbkdf2_hmac_sha1_tests[0]); i++) {
hex_to_bytes(pbkdf2_hmac_sha1_tests[i].dk, strlen(pbkdf2_hmac_sha1_tests[i].dk), buf, &len);
pbkdf2_genkey(DIGEST_sha1(),
if (pbkdf2_genkey(DIGEST_sha1(),
pbkdf2_hmac_sha1_tests[i].pass, strlen(pbkdf2_hmac_sha1_tests[i].pass),
(uint8_t *)pbkdf2_hmac_sha1_tests[i].salt, strlen(pbkdf2_hmac_sha1_tests[i].salt),
pbkdf2_hmac_sha1_tests[i].iter, pbkdf2_hmac_sha1_tests[i].dklen, key);
pbkdf2_hmac_sha1_tests[i].iter, pbkdf2_hmac_sha1_tests[i].dklen, key) != 1) {
error_print();
return -1;
}
if (memcmp(key, buf, pbkdf2_hmac_sha1_tests[i].dklen) != 0) {
printf("%d failed\n", i);
fprintf(stderr, "test_pbkdf2_genkey test %d failed\n", i);
return -1;
} else {
printf("%d ok\n", i);
fprintf(stderr, "test_pbkdf2_genkey test %d ok\n", i);
}
}
return 1;
printf("%s() ok\n", __FUNCTION__);
return 0;
}
int main(int argc, char **argv)
{
int err = 0;
err += test_pbkdf2_genkey();
return err;
}

383
tests/pkcs8test.c
View File

@@ -13,7 +13,7 @@
* the documentation and/or other materials provided with the
* distribution.
*
sm2_enced_private_key_info_from_der * 3. All advertising materials mentioning features or use of this
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
@@ -51,216 +51,312 @@ sm2_enced_private_key_info_from_der * 3. All advertising materials mentioning fe
#include <stdlib.h>
#include <gmssl/oid.h>
#include <gmssl/sm2.h>
#include <gmssl/asn1.h>
#include <gmssl/pkcs8.h>
#include <gmssl/error.h>
static int test_pbkdf2_params(void)
{
int err = 0;
uint8_t salt[8] = {0};
const uint8_t *psalt;
size_t saltlen;
int iter = 65536;
int keylen;
int keylen = 16;
int prf = OID_hmac_sm3;
uint8_t buf[128];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
keylen = -1;
if (pbkdf2_params_to_der(salt, sizeof(salt), iter, keylen, prf, &p, &len) != 1) {
error_print();
err++;
goto end;
}
if (pbkdf2_params_from_der(&psalt, &saltlen, &iter, &keylen, &prf, &cp, &len) != 1
|| len > 0) {
error_print();
err++;
goto end;
}
const uint8_t *d;
size_t dlen;
const uint8_t *psalt;
keylen = 16;
if (pbkdf2_params_to_der(salt, sizeof(salt), iter, keylen, prf, &p, &len) != 1) {
if (pbkdf2_params_to_der(salt, sizeof(salt), iter, keylen, prf, &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
err++;
goto end;
return -1;
}
if (pbkdf2_params_from_der(&psalt, &saltlen, &iter, &keylen, &prf, &cp, &len) != 1
|| len > 0) {
pbkdf2_params_print(stderr, 0, 0, "PBKDF2-params", d, dlen);
p = buf;
cp = buf;
len = 0;
keylen = -1;
prf = -1;
if (pbkdf2_params_to_der(salt, sizeof(salt), iter, keylen, prf, &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
err++;
goto end;
return -1;
}
printf("%s : ok\n", __func__);
end:
return err;
pbkdf2_params_print(stderr, 0, 0, "PBKDF2-params", d, dlen);
p = buf;
cp = buf;
len = 0;
keylen = -1;
prf = -1;
if (pbkdf2_params_to_der(salt, sizeof(salt), iter, keylen, prf, &p, &len) != 1
|| pbkdf2_params_from_der(&psalt, &saltlen, &iter, &keylen, &prf, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
format_print(stderr, 0, 0, "PBKDF2-params\n");
format_bytes(stderr, 0, 4, "salt", psalt, saltlen);
format_print(stderr, 0, 4, "iterationCount: %d\n", iter);
format_print(stderr, 0, 4, "keyLength: %d\n", keylen);
format_print(stderr, 0, 4, "prf: %d\n", prf);
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_pbkdf2_algor(void)
{
int err = 0;
uint8_t salt[8] = {0};
const uint8_t *psalt;
size_t saltlen;
int iter = 65536;
int keylen;
int keylen = 16;
int prf = OID_hmac_sm3;
uint8_t buf[128];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
keylen = -1;
if (pbkdf2_algor_to_der(salt, sizeof(salt), iter, keylen, prf, &p, &len) != 1) {
error_print();
err++;
goto end;
}
if (pbkdf2_algor_from_der(&psalt, &saltlen, &iter, &keylen, &prf, &cp, &len) != 1
|| len > 0) {
error_print();
err++;
goto end;
}
printf("%s : ok\n", __func__);
end:
return err;
}
const uint8_t *d;
size_t dlen;
const uint8_t *psalt;
if (pbkdf2_algor_to_der(salt, sizeof(salt), iter, keylen, prf, &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
pbkdf2_algor_print(stderr, 0, 0, "PBKDF2", d, dlen);
p = buf;
cp = buf;
len = 0;
if (pbkdf2_algor_to_der(salt, sizeof(salt), iter, keylen, prf, &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
format_print(stderr, 0, 0, "PBKDF2\n");
format_bytes(stderr, 0, 4, "salt", psalt, saltlen);
format_print(stderr, 0, 4, "iterationCount: %d\n", iter);
format_print(stderr, 0, 4, "keyLength: %d\n", keylen);
format_print(stderr, 0, 4, "prf: %d\n", prf);
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_pbes2_enc_algor(void)
{
int err = 0;
int cipher = OID_sm4_cbc;
uint8_t iv[16] = {1};
const uint8_t *piv;
size_t ivlen;
uint8_t buf[128];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
if (pbes2_enc_algor_to_der(OID_sm4_cbc, iv, sizeof(iv), &p, &len) != 1) {
const uint8_t *d;
size_t dlen;
const uint8_t *piv;
size_t ivlen;
if (pbes2_enc_algor_to_der(cipher, iv, sizeof(iv), &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
err++;
goto end;
return -1;
}
if (pbes2_enc_algor_from_der(&cipher, &piv, &ivlen, &cp, &len) != 1
|| len > 0) {
pbes2_enc_algor_print(stderr, 0, 0, "PBES2-Enc", d, dlen);
p = buf;
cp = buf;
len = 0;
if (pbes2_enc_algor_to_der(cipher, iv, sizeof(iv), &p, &len) != 1
|| pbes2_enc_algor_from_der(&cipher, &piv, &ivlen, &cp, &len) != 1
|| asn1_check(cipher == OID_sm4_cbc) != 1
|| asn1_check(ivlen == sizeof(iv)) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
err++;
goto end;
return -1;
}
printf("%s : ok\n", __func__);
end:
return err;
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_pbes2_params(void)
{
int err = 0;
uint8_t salt[8] = {0};
const uint8_t *psalt;
size_t saltlen;
int iter = 65536;
int keylen = -1;
int prf = OID_hmac_sm3;
int cipher = OID_sm4_cbc;
uint8_t iv[16];
const uint8_t *piv;
size_t ivlen;
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
if (pbes2_params_to_der(salt, sizeof(salt), iter, prf, cipher, iv, sizeof(iv), &p, &len) != 1) {
const uint8_t *d;
size_t dlen;
const uint8_t *psalt;
const uint8_t *piv;
size_t ivlen;
if (pbes2_params_to_der(salt, sizeof(salt), iter, keylen, prf, cipher, iv, sizeof(iv), &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
err++;
goto end;
return -1;
}
if (pbes2_params_from_der(&psalt, &saltlen, &iter, &prf, &cipher, &piv, &ivlen, &cp, &len) != 1
|| len > 0) {
pbes2_params_print(stderr, 0, 0, "PBES2-params", d, dlen);
p = buf;
cp = buf;
len = 0;
if (pbes2_params_to_der(salt, sizeof(salt), iter, keylen, prf, cipher, iv, sizeof(iv), &p, &len) != 1
|| pbes2_params_from_der(&psalt, &saltlen, &iter, &keylen, &prf, &cipher, &piv, &ivlen, &cp, &len) != 1
|| asn1_check(saltlen == sizeof(salt)) != 1
|| asn1_check(iter == 65536) != 1
|| asn1_check(keylen == -1) != 1
|| asn1_check(prf == OID_hmac_sm3) != 1
|| asn1_check(cipher == OID_sm4_cbc) != 1
|| asn1_check(ivlen == sizeof(iv)) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
err++;
goto end;
return -1;
}
printf("%s : ok\n", __func__);
end:
return err;
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_pbes2_algor(void)
{
int err = 0;
uint8_t salt[8] = {0};
const uint8_t *psalt;
size_t saltlen;
int iter = 65536;
int keylen = -1;
int prf = OID_hmac_sm3;
int cipher = OID_sm4_cbc;
uint8_t iv[16];
const uint8_t *piv;
size_t ivlen;
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
if (pbes2_algor_to_der(salt, sizeof(salt), iter, prf, cipher, iv, sizeof(iv), &p, &len) != 1) {
const uint8_t *d;
size_t dlen;
const uint8_t *psalt;
const uint8_t *piv;
size_t ivlen;
if (pbes2_algor_to_der(salt, sizeof(salt), iter, keylen, prf, cipher, iv, sizeof(iv), &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
err++;
goto end;
return -1;
}
if (pbes2_algor_from_der(&psalt, &saltlen, &iter, &prf, &cipher, &piv, &ivlen, &cp, &len) != 1
|| len > 0) {
pbes2_algor_print(stderr, 0, 0, "PBES2", d, dlen);
p = buf;
cp = buf;
len = 0;
if (pbes2_algor_to_der(salt, sizeof(salt), iter, keylen, prf, cipher, iv, sizeof(iv), &p, &len) != 1
|| pbes2_algor_from_der(&psalt, &saltlen, &iter, &keylen, &prf, &cipher, &piv, &ivlen, &cp, &len) != 1
|| asn1_check(saltlen == sizeof(salt)) != 1
|| asn1_check(iter == 65536) != 1
|| asn1_check(keylen == -1) != 1
|| asn1_check(prf == OID_hmac_sm3) != 1
|| asn1_check(cipher == OID_sm4_cbc) != 1
|| asn1_check(ivlen == sizeof(iv)) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
err++;
goto end;
return -1;
}
printf("%s : ok\n", __func__);
end:
return err;
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_pkcs8_enced_private_key_info(void)
{
int err = 0;
uint8_t salt[8] = {0};
const uint8_t *psalt;
size_t saltlen;
uint8_t salt[8] = { 1,0 };
int iter = 65536;
int keylen = -1;
int prf = OID_hmac_sm3;
int cipher = OID_sm4_cbc;
uint8_t iv[16];
const uint8_t *piv;
size_t ivlen;
uint8_t enced[128];
const uint8_t *penced;
size_t encedlen;
uint8_t iv[16] = { 2,0 };
uint8_t enced[128] = { 3,0 };
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
if (pkcs8_enced_private_key_info_to_der(salt, sizeof(salt), iter, prf, cipher, iv, sizeof(iv),
enced, sizeof(enced), &p, &len) != 1) {
const uint8_t *d;
size_t dlen;
const uint8_t *psalt;
size_t saltlen;
const uint8_t *piv;
size_t ivlen;
const uint8_t *penced;
size_t encedlen;
if (pkcs8_enced_private_key_info_to_der(
salt, sizeof(salt), iter, keylen, prf,
cipher, iv, sizeof(iv),
enced, sizeof(enced), &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
err++;
goto end;
return -1;
}
if (pkcs8_enced_private_key_info_from_der(&psalt, &saltlen, &iter, &prf, &cipher, &piv, &ivlen,
&penced, &encedlen, &cp, &len) != 1
|| len > 0) {
pkcs8_enced_private_key_info_print(stderr, 0, 0, "EncryptedPrivateKeyInfo", d, dlen);
p = buf;
cp = buf;
len = 0;
if (pkcs8_enced_private_key_info_to_der(
salt, sizeof(salt), iter, keylen, prf,
cipher, iv, sizeof(iv),
enced, sizeof(enced), &p, &len) != 1
|| pkcs8_enced_private_key_info_from_der(
&psalt, &saltlen, &iter, &keylen, &prf,
&cipher, &piv, &ivlen,
&penced, &encedlen, &cp, &len) != 1
|| asn1_check(saltlen == sizeof(salt)) != 1
|| asn1_check(keylen == -1) != 1
|| asn1_check(prf == OID_hmac_sm3) != 1
|| asn1_check(cipher == OID_sm4_cbc) != 1
|| asn1_check(ivlen == sizeof(iv)) != 1
|| asn1_check(encedlen == sizeof(enced)) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
err++;
goto end;
return -1;
}
printf("%s : ok\n", __func__);
end:
return err;
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_pkcs8(void)
@@ -277,31 +373,69 @@ static int test_pkcs8(void)
sm2_key_generate(&sm2_key);
memcpy(&sm2_buf, &sm2_key, sizeof(sm2_key));
//sm2_key_print(stdout, &sm2_key, 0, 0);
sm2_key_print(stderr, 0, 0, "SM2_KEY", &sm2_key);
if (sm2_enced_private_key_info_to_der(&sm2_key, "passowrd", &p, &len) != 1) {
if (sm2_private_key_info_encrypt_to_der(&sm2_key, "password", &p, &len) != 1) {
error_print();
err++;
goto end;
return -1;
}
{
const uint8_t *a = buf;
size_t alen = len;
const uint8_t *d;
size_t dlen;
if (asn1_sequence_from_der(&d, &dlen, &a, &alen) != 1
|| asn1_length_is_zero(alen) != 1) {
error_print();
return -1;
}
pkcs8_enced_private_key_info_print(stderr, 0, 0, "test_pkcs8: 392", d, dlen);
}
memset(&sm2_key, 0, sizeof(sm2_key));
if (sm2_enced_private_key_info_from_der(&sm2_key, &attrs, &attrslen, "password", &cp, &len) != 1
|| len > 0) {
if (sm2_private_key_info_decrypt_from_der(&sm2_key, &attrs, &attrslen, "password", &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
err++;
goto end;
return -1;
}
//sm2_key_print(stdout, &sm2_key, 0, 0);
sm2_key_print(stderr, 0, 0, "SM2_KEY", &sm2_key);
if (memcmp(&sm2_key, &sm2_buf, sizeof(sm2_key)) != 0) {
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_pkcs8_pem(void)
{
int err = 0;
char *file = "test_pkcs8_pem.pem";
char *pass = "password";
SM2_KEY sm2_key;
SM2_KEY sm2_buf;
const uint8_t *attrs;
size_t attrs_len;
FILE *fp;
sm2_key_generate(&sm2_key);
memcpy(&sm2_buf, &sm2_key, sizeof(sm2_key));
sm2_key_print(stderr, 0, 0, "SM2_KEY", &sm2_key);
if (!(fp = fopen(file, "w"))
|| sm2_private_key_info_encrypt_to_pem(&sm2_key, pass, fp) != 1) {
error_print();
err++;
goto end;
return -1;
}
printf("%s : ok\n", __func__);
end:
return err;
fclose(fp);
memset(&sm2_key, 0, sizeof(sm2_key));
if (!(fp = fopen(file, "r"))
|| sm2_private_key_info_decrypt_from_pem(&sm2_key, pass, fp) != 1) {
error_print();
return -1;
}
sm2_key_print(stderr, 0, 0, "SM2_KEY", &sm2_key);
printf("%s() ok\n", __FUNCTION__);
return 0;
}
int main(void)
@@ -314,5 +448,6 @@ int main(void)
err += test_pbes2_algor();
err += test_pkcs8_enced_private_key_info();
err += test_pkcs8();
err += test_pkcs8_pem();
return err;
}

180
tests/sm2asn1test.c
View File

@@ -1,180 +0,0 @@
/*
* Copyright (c) 2021 - 2021 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/oid.h>
#include <gmssl/sm2.h>
#include <gmssl/error.h>
static int test_sm2_point_octets(void)
{
int err = 0;
SM2_KEY sm2_key;
SM2_POINT point;
uint8_t buf[65];
int i;
// compress
for (i = 0; i < 8; i++) {
uint8_t buf[33];
sm2_key_generate(&sm2_key);
sm2_point_to_compressed_octets(&sm2_key.public_key, buf);
if (sm2_point_from_octets(&point, buf, sizeof(buf)) != 1) {
error_print();
err++;
break;
}
if (memcmp(&sm2_key.public_key, &point, sizeof(SM2_POINT)) != 0) {
error_print();
err++;
break;
}
}
// uncompress
for (i = 0; i < 8; i++) {
uint8_t buf[65];
sm2_key_generate(&sm2_key);
sm2_point_to_uncompressed_octets(&sm2_key.public_key, buf);
if (sm2_point_from_octets(&point, buf, sizeof(buf)) != 1) {
error_print();
err++;
break;
}
if (memcmp(&sm2_key.public_key, &point, sizeof(SM2_POINT)) != 0) {
error_print();
err++;
break;
}
}
printf("%s : %s\n", __func__, err ? "failed" : "ok");
return err;
}
static int test_sm2_private_key(void)
{
int err = 0;
SM2_KEY sm2_key;
SM2_KEY sm2_tmp;
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
sm2_key_generate(&sm2_key);
if (sm2_private_key_to_der(&sm2_key, &p, &len) != 1) {
error_print();
err++;
goto end;
}
if (sm2_private_key_from_der(&sm2_tmp, &cp, &len) != 1
|| len > 0) {
error_print();
err++;
goto end;
}
if (memcmp(&sm2_tmp, &sm2_key, sizeof(SM2_KEY)) != 0) {
error_print();
err++;
goto end;
}
printf("%s : ok\n", __func__);
end:
return err;
}
static int test_sm2_public_key_info(void)
{
int err = 0;
SM2_KEY sm2_key;
SM2_KEY sm2_tmp;
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
sm2_key_generate(&sm2_key);
if (sm2_public_key_info_to_der(&sm2_key, &p, &len) != 1) {
error_print();
err++;
goto end;
}
if (sm2_public_key_info_from_der(&sm2_tmp, &cp, &len) != 1
|| len > 0) {
error_print();
err++;
goto end;
}
if (memcmp(&sm2_key.public_key, &sm2_tmp.public_key, sizeof(SM2_POINT)) != 0) {
error_print();
err++;
goto end;
}
printf("%s : ok\n", __func__);
end:
return err;
}
int main(void)
{
test_sm2_point_octets();
test_sm2_private_key();
test_sm2_public_key_info();
return 0;
}

136
tests/sm2test.c
View File

@@ -49,6 +49,7 @@
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/error.h>
#include <gmssl/sm2.h>
@@ -96,7 +97,7 @@ static int test_sm2_point(void)
i = sm2_point_is_on_curve(&P);
printf("point_is_on_curve: %d\n", i);
return 1;
return 0;
}
@@ -119,7 +120,7 @@ static int test_sm2_do_encrypt(void)
sm2_do_decrypt(&key, ciphertext, plainbuf, &plainlen);
printf("plaintext = %s\n", (char *)plainbuf);
return r;
return 0;
}
static int test_sm2_sign(void)
@@ -149,13 +150,130 @@ static int test_sm2_sign(void)
return 0;
}
static int test_sm2_point_octets(void)
{
int err = 0;
SM2_KEY sm2_key;
SM2_POINT point;
uint8_t buf[65];
int i;
// compress
for (i = 0; i < 8; i++) {
uint8_t buf[33];
sm2_key_generate(&sm2_key);
sm2_point_to_compressed_octets(&sm2_key.public_key, buf);
if (sm2_point_from_octets(&point, buf, sizeof(buf)) != 1) {
error_print();
err++;
break;
}
if (memcmp(&sm2_key.public_key, &point, sizeof(SM2_POINT)) != 0) {
error_print();
err++;
break;
}
}
// uncompress
for (i = 0; i < 8; i++) {
uint8_t buf[65];
sm2_key_generate(&sm2_key);
sm2_point_to_uncompressed_octets(&sm2_key.public_key, buf);
if (sm2_point_from_octets(&point, buf, sizeof(buf)) != 1) {
error_print();
err++;
break;
}
if (memcmp(&sm2_key.public_key, &point, sizeof(SM2_POINT)) != 0) {
error_print();
err++;
break;
}
}
printf("%s : %s\n", __func__, err ? "failed" : "ok");
return err;
}
static int test_sm2_private_key(void)
{
int err = 0;
SM2_KEY sm2_key;
SM2_KEY sm2_tmp;
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
sm2_key_generate(&sm2_key);
if (sm2_private_key_to_der(&sm2_key, &p, &len) != 1) {
error_print();
err++;
goto end;
}
if (sm2_private_key_from_der(&sm2_tmp, &cp, &len) != 1
|| len > 0) {
error_print();
err++;
goto end;
}
if (memcmp(&sm2_tmp, &sm2_key, sizeof(SM2_KEY)) != 0) {
error_print();
err++;
goto end;
}
printf("%s : ok\n", __func__);
end:
printf("%s : %s\n", __func__, err ? "failed" : "ok");
return err;
}
static int test_sm2_public_key_info(void)
{
int err = 0;
SM2_KEY sm2_key;
SM2_KEY sm2_tmp;
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
sm2_key_generate(&sm2_key);
if (sm2_public_key_info_to_der(&sm2_key, &p, &len) != 1) {
error_print();
err++;
goto end;
}
if (sm2_public_key_info_from_der(&sm2_tmp, &cp, &len) != 1
|| len > 0) {
error_print();
err++;
goto end;
}
if (memcmp(&sm2_key.public_key, &sm2_tmp.public_key, sizeof(SM2_POINT)) != 0) {
error_print();
err++;
goto end;
}
printf("%s : ok\n", __func__);
end:
printf("%s : %s\n", __func__, err ? "failed" : "ok");
return err;
}
int main(void)
{
sm2_selftest();
//test_sm2_point();
//test_sm2_sign();
test_sm2_do_encrypt();
return 0;
int err = 0;
err += sm2_selftest();
err += test_sm2_point();
err += test_sm2_sign();
err += test_sm2_do_encrypt();
err += test_sm2_point_octets();
err += test_sm2_private_key();
err += test_sm2_public_key_info();
return err;
}

2
tests/sm3test.c
View File

@@ -179,7 +179,7 @@ int main(int argc, char **argv)
{
int err = 0;
char *p;
uint8_t testbuf[sizeof(testhex)/2];
uint8_t testbuf[sizeof(testhex)/2 + 1000];
uint8_t dgstbuf[32];
size_t testbuflen, dgstbuflen;
uint8_t dgst[32];

79
tests/sm4test.c
View File

@@ -50,6 +50,7 @@
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/error.h>
# ifdef SM4_AVX2
void sm4_avx2_ecb_encrypt_blocks(const unsigned char *in,
@@ -93,13 +94,15 @@ static int test_ecb(int avx)
# endif
default:
printf("avx shuold be in {2}\n");
return 0;
error_print();
return -1;
}
if (memcmp(out1, out2, sizeof(out1)) != 0) {
return 0;
error_print();
return -1;
}
return 1;
return 0;
}
static void xor_block(unsigned char *out, const unsigned char *in)
@@ -151,13 +154,15 @@ static int test_ctr32(int avx)
break;
default:
printf("avx should be in {0, 2}\n");
return 0;
error_print();
return -1;
}
if (memcmp(out1, out2, sizeof(out1)) != 0) {
return 0;
error_print();
return -1;
}
return 1;
return 0;
}
@@ -197,7 +202,7 @@ static int test_ede(void)
}
*/
int main(int argc, char **argv)
int test_sm4(void)
{
int err = 0;
int i;
@@ -309,3 +314,63 @@ end:
return err;
}
static int test_sm4_cbc(void)
{
SM4_KEY sm4_key;
uint8_t key[16] = {0};
uint8_t iv[16];
uint8_t buf1[2] = {0};
uint8_t buf2[32] = {0};
uint8_t buf3[47] = {0};
uint8_t buf4[96] = {0};
uint8_t buf5[96];
int i;
sm4_set_encrypt_key(&sm4_key, key);
sm4_cbc_encrypt(&sm4_key, iv, buf2, 2, buf4);
for (i = 0; i < 32; i++) {
printf("%02x", buf4[i]);
}
printf("\n");
return 0;
}
static int test_sm4_cbc_padding(void)
{
SM4_KEY enc_key;
SM4_KEY dec_key;
uint8_t key[16] = {0};
uint8_t iv[16] = {0};
uint8_t in[64];
uint8_t out[128];
uint8_t buf[128];
size_t len1, len2, i;
for (i = 0; i < sizeof(in); i++) {
in[i] = i;
}
sm4_set_encrypt_key(&enc_key, key);
sm4_set_decrypt_key(&dec_key, key);
sm4_cbc_padding_encrypt(&enc_key, iv, in, 33, out, &len1);
printf("c = (%zu) ", len1); for (i = 0; i < len1; i++) printf("%02x", out[i]); printf("\n");
sm4_cbc_padding_decrypt(&dec_key, iv, out, len1, buf, &len2);
printf("m = (%zu) ", len2); for (i = 0; i < len2; i++) printf("%02x", buf[i]); printf("\n");
return 0;
}
int main(void)
{
int err = 0;
err += test_sm4();
err += test_sm4_cbc();
err += test_sm4_cbc_padding();
return err;
}

164
tests/x509_algortest.c → tests/x509_algtest.c
View File

@@ -50,80 +50,94 @@
#include <string.h>
#include <stdlib.h>
#include <gmssl/oid.h>
#include <gmssl/x509_alg.h>
#include <gmssl/x509.h>
#include <gmssl/rand.h>
#include <gmssl/error.h>
static int test_x509_digest_algor(void)
{
char *names[] = {"sm3", "md5", "sha1", "sha224", "sha256", "sha384", "sha512" };
char *names[] = {
"sm3",
"md5",
"sha1",
"sha224",
"sha256",
"sha384",
"sha512",
};
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
int algor;
uint32_t nodes[32];
size_t nodes_count;
int i, j;
int oid;
int i;
printf("\n%s\n", __FUNCTION__);
format_print(stderr, 0, 0, "DER\n");
for (i = 0; i < sizeof(names)/sizeof(names[0]); i++) {
oid = x509_digest_algor_from_name(names[i]);
if (x509_digest_algor_to_der(oid, &p, &len) != 1) {
error_print();
return 1;
}
format_bytes(stderr, 0, 4, "", buf, len);
}
format_print(stderr, 0, 0, "OID\n");
for (i = 0; i < sizeof(names)/sizeof(names[0]); i++) {
algor = x509_digest_algor_from_name(names[i]);
if (x509_digest_algor_to_der(algor, &p, &len) != 1) {
if (x509_digest_algor_from_der(&oid, &cp, &len) != 1) {
error_print();
return -1;
return 1;
}
}
for (i = 0; i < sizeof(names)/sizeof(names[0]); i++) {
if (x509_digest_algor_from_der(&algor, nodes, &nodes_count, &cp, &len) != 1) {
if (oid != x509_digest_algor_from_name(names[i])) {
error_print();
return -1;
return 1;
}
printf(" %s : ", x509_digest_algor_name(algor));
for (j = 0; j < nodes_count; j++) {
printf("%d ", nodes[j]);
}
printf("\n");
format_print(stderr, 0, 4, "%s\n", x509_digest_algor_name(oid));
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_encryption_algor(void)
{
char *names[] = { "sm4-cbc", "aes128-cbc", "aes192-cbc", "aes256-cbc" };
char *names[] = {
"sm4-cbc",
"aes128-cbc",
"aes192-cbc",
"aes256-cbc",
};
uint8_t iv[16] = {0};
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
int algor;
uint32_t nodes[32];
size_t nodes_count;
int oid;
const uint8_t *params;
size_t paramslen;
int i, j;
printf("\n%s\n", __FUNCTION__);
int i;
format_print(stderr, 0, 0, "DER\n");
for (i = 0; i < sizeof(names)/sizeof(names[0]); i++) {
algor = x509_encryption_algor_from_name(names[i]);
if (x509_encryption_algor_to_der(algor, iv, sizeof(iv), &p, &len) != 1) {
oid = x509_encryption_algor_from_name(names[i]);
if (x509_encryption_algor_to_der(oid, iv, sizeof(iv), &p, &len) != 1) {
error_print();
return -1;
return 1;
}
format_bytes(stderr, 0, 4, "", buf, len);
}
format_print(stderr, 0, 0, "OID\n");
for (i = 0; i < sizeof(names)/sizeof(names[0]); i++) {
if (x509_encryption_algor_from_der(&algor, nodes, &nodes_count, &params, &paramslen, &cp, &len) != 1) {
if (x509_encryption_algor_from_der(&oid, &params, &paramslen, &cp, &len) != 1
|| asn1_check(params != NULL) != 1
|| asn1_check(paramslen == sizeof(iv)) != 1) {
error_print();
return -1;
return 1;
}
printf(" %s : ", x509_encryption_algor_name(algor));
for (j = 0; j < nodes_count; j++) {
printf("%d ", nodes[j]);
}
printf("\n");
format_print(stderr, 0, 4, "%s\n", x509_encryption_algor_name(oid));
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
@@ -147,89 +161,67 @@ static int test_x509_signature_algor(void)
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
int algor;
uint32_t nodes[32];
size_t nodes_count;
int i, j;
printf("\n%s\n", __FUNCTION__);
int oid;
int i;
format_print(stderr, 0, 0, "DER\n");
for (i = 0; i < sizeof(names)/sizeof(names[0]); i++) {
algor = x509_signature_algor_from_name(names[i]);
if (x509_signature_algor_to_der(algor, &p, &len) != 1) {
oid = x509_signature_algor_from_name(names[i]);
if (x509_signature_algor_to_der(oid, &p, &len) != 1) {
error_print();
return -1;
return 1;
}
format_bytes(stderr, 0, 4, "", buf, len);
}
format_print(stderr, 0, 0, "OID\n");
for (i = 0; i < sizeof(names)/sizeof(names[0]); i++) {
if (x509_signature_algor_from_der(&algor, nodes, &nodes_count, &cp, &len) != 1) {
if (x509_signature_algor_from_der(&oid, &cp, &len) != 1) {
error_print();
return -1;
return 1;
}
printf(" %s : ", x509_signature_algor_name(algor));
for (j = 0; j < nodes_count; j++) {
printf("%d ", nodes[j]);
}
printf("\n");
format_print(stderr, 0, 4, "%s\n", x509_signature_algor_name(oid));
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_public_key_encryption_algor(void)
{
char *names[] = {"sm2encrypt", "rsaesOAEP", "rsaEncryption" };
char *names[] = {
"sm2encrypt",
// "rsaesOAEP",
// "rsaEncryption",
};
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
int algor;
uint32_t nodes[32];
size_t nodes_count;
int oid;
const uint8_t *params;
size_t paramslen;
int i, j;
printf("\n%s\n", __FUNCTION__);
int i;
format_print(stderr, 0, 0, "DER\n");
for (i = 0; i < sizeof(names)/sizeof(names[0]); i++) {
algor = x509_public_key_encryption_algor_from_name(names[i]);
if (x509_public_key_encryption_algor_to_der(algor, &p, &len) != 1) {
oid = x509_public_key_encryption_algor_from_name(names[i]);
if (x509_public_key_encryption_algor_to_der(oid, &p, &len) != 1) {
error_print();
return -1;
return 1;
}
format_bytes(stderr, 0, 4, "", buf, len);
}
format_print(stderr, 0, 0, "OID\n");
for (i = 0; i < sizeof(names)/sizeof(names[0]); i++) {
if (x509_public_key_encryption_algor_from_der(&algor, nodes, &nodes_count, &params, &paramslen, &cp, &len) != 1) {
if (x509_public_key_encryption_algor_from_der(&oid, &params, &paramslen, &cp, &len) != 1) {
error_print();
return -1;
return 1;
}
printf(" %s : ", x509_public_key_encryption_algor_name(algor));
for (j = 0; j < nodes_count; j++) {
printf("%d ", nodes[j]);
}
printf("\n");
format_print(stderr, 0, 4, "%s\n", x509_public_key_encryption_algor_name(oid));
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
int main(void)
{
int err = 0;

186
tests/x509_crltest.c Normal file
View File

@@ -0,0 +1,186 @@
/*
* Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/oid.h>
#include <gmssl/x509_alg.h>
#include <gmssl/x509_oid.h>
#include <gmssl/x509_crl.h>
#include <gmssl/x509.h>
#include <gmssl/rand.h>
#include <gmssl/error.h>
static int test_x509_crl_reason(void)
{
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
int reason;
int i;
for (i = 0; i < 11; i++) {
if (x509_crl_reason_to_der(i, &p, &len) != 1) {
error_print();
return -1;
}
format_bytes(stderr, 0, 4, "", buf, len);
}
for (i = 0; i < 11; i++) {
if (x509_crl_reason_from_der(&reason, &cp, &len) != 1
|| asn1_check(reason == i) != 1) {
error_print();
return -1;
}
format_print(stderr, 0, 4, "%s (%d)\n", x509_crl_reason_name(reason), reason);
}
(void)asn1_length_is_zero(len);
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_crl_entry_ext(void)
{
int exts[] = {
OID_ce_crl_reasons,
OID_ce_invalidity_date,
OID_ce_certificate_issuer,
};
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
int oid;
int i;
for (i = 0; i < sizeof(exts)/sizeof(exts[0]); i++) {
if (x509_crl_entry_ext_id_to_der(exts[i], &p, &len) != 1) {
error_print();
return -1;
}
format_bytes(stderr, 0, 4, "", buf, len);
}
for (i = 0; i < sizeof(exts)/sizeof(exts[0]); i++) {
if (x509_crl_entry_ext_id_from_der(&oid, &cp, &len) != 1
|| asn1_check(oid == exts[i]) != 1) {
error_print();
return -1;
}
format_print(stderr, 0, 4, "%s\n", x509_crl_entry_ext_id_name(oid));
}
(void)asn1_length_is_zero(len);
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_crl_entry_exts(void)
{
uint8_t exts[256];
size_t extslen = 0;
int reason = X509_cr_key_compromise;
time_t tv;
uint8_t issuer[256];
size_t issuer_len = 0;
int critical = 1;
uint8_t buf[512];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
time(&tv);
if (x509_crl_entry_exts_add_reason(exts, &extslen, sizeof(exts), critical, reason) != 1
|| x509_crl_entry_exts_add_invalidity_date(exts, &extslen, sizeof(exts), critical, tv) != 1
|| x509_crl_entry_exts_add_certificate_issuer(exts, &extslen, sizeof(exts), critical, issuer, issuer_len) != 1
|| x509_crl_entry_exts_to_der(exts, extslen, &p, &len) != 1) {
error_print();
return -1;
}
x509_crl_entry_exts_print(stderr, 0, 0, "CRL Entry Extensions", exts, extslen);
return 0;
}
static int test_x509_revoked_cert(void)
{
uint8_t serial[20] = { 0x01,0x02 };
time_t revoke_date;
uint8_t buf[512];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
time(&revoke_date);
if (x509_revoked_cert_to_der(serial, sizeof(serial), revoke_date, NULL, 0, &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
x509_revoked_cert_print(stderr, 0, 0, "RevokedCertificate", d, dlen);
return 0;
}
int main(void)
{
int err = 0;
err += test_x509_crl_reason();
err += test_x509_crl_entry_ext();
//err += test_x509_crl_entry_exts();
err += test_x509_revoked_cert();
return err;
}

334
tests/x509_exttest.c Normal file
View File

@@ -0,0 +1,334 @@
/*
* Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/oid.h>
#include <gmssl/x509_alg.h>
#include <gmssl/x509_oid.h>
#include <gmssl/x509_str.h>
#include <gmssl/x509_ext.h>
#include <gmssl/x509.h>
#include <gmssl/rand.h>
#include <gmssl/error.h>
static int test_x509_other_name(void)
{
const uint32_t oid[] = { 1,3,5 };
const uint8_t value[] = { 0x30,0x01,0x00 };
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
uint32_t nodes[32];
size_t nodes_cnt;
const uint8_t *val;
size_t vlen;
if (x509_other_name_to_der(oid, sizeof(oid)/sizeof(int), value, sizeof(value), &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
x509_other_name_print(stderr, 0, 0, "OtherName", d, dlen);
p = buf;
cp = buf;
len = 0;
if (x509_other_name_to_der(oid, sizeof(oid)/sizeof(int), value, sizeof(value), &p, &len) != 1
|| x509_other_name_from_der(nodes, &nodes_cnt, &val, &vlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
asn1_object_identifier_print(stderr, 0, 4, "type-id", NULL, nodes, nodes_cnt);
format_bytes(stderr, 0, 4, "value", val, vlen);
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_edi_party_name(void)
{
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
int assigner_tag;
const uint8_t *assigner;
size_t assigner_len;
int party_name_tag;
const uint8_t *party_name;
size_t party_name_len;
if (x509_edi_party_name_to_der(
ASN1_TAG_PrintableString, (uint8_t *)"Hello", 5,
ASN1_TAG_PrintableString, (uint8_t *)"World", 5,
&p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
x509_edi_party_name_print(stderr, 0, 0, "EDIPartyName", d, dlen);
p = buf;
cp = buf;
len = 0;
if (x509_edi_party_name_to_der(
ASN1_TAG_PrintableString, (uint8_t *)"Hello", 5,
ASN1_TAG_PrintableString, (uint8_t *)"World", 5,
&p, &len) != 1
|| x509_edi_party_name_from_der(
&assigner_tag, &assigner, &assigner_len,
&party_name_tag, &party_name, &party_name_len,
&cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
x509_directory_name_print(stderr, 0, 4, "nameAssigner", assigner_tag, assigner, assigner_len);
x509_directory_name_print(stderr, 0, 4, "partyName", party_name_tag, party_name, party_name_len);
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_general_name(void)
{
uint8_t gns[512];
size_t gnslen = 0;
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
if (x509_general_names_add_general_name(gns, &gnslen, sizeof(gns), X509_gn_rfc822_name, (uint8_t *)"guan@pku.edu.cn", 15) != 1
|| format_bytes(stderr, 0, 0, "", gns, gnslen) > 2
|| x509_general_names_add_general_name(gns, &gnslen, sizeof(gns), X509_gn_dns_name, (uint8_t *)"www.pku.edu.cn", 14) != 1
|| format_bytes(stderr, 0, 0, "", gns, gnslen) > 2
|| x509_general_names_add_general_name(gns, &gnslen, sizeof(gns), X509_gn_uniform_resource_identifier, (uint8_t *)"http://localhost", 14) != 1
|| format_bytes(stderr, 0, 0, "", gns, gnslen) > 2
|| x509_general_names_add_general_name(gns, &gnslen, sizeof(gns), X509_gn_ip_address, (uint8_t *)"10.0.0.1", 8) != 1
|| format_bytes(stderr, 0, 0, "", gns, gnslen) > 2
|| x509_general_names_to_der(gns, gnslen, &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
x509_general_names_print(stderr, 0, 0, "GeneralNames", d, dlen);
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_authority_key_identifier(void)
{
return 0;
}
static int test_x509_key_usage(void)
{
int tests[] = {
0,
1,
2,
X509_KU_NON_REPUDIATION|X509_KU_CRL_SIGN,
7,
8,
X509_KU_DIGITAL_SIGNATURE|X509_KU_NON_REPUDIATION|X509_KU_DECIPHER_ONLY,
0x1ff,
// 0x3ff, // this should return error
};
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
int usage;
int i;
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
if (x509_key_usage_to_der(tests[i], &p, &len) != 1) {
error_print();
return -1;
}
format_bytes(stderr, 0, 4, "", buf, len);
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
if (x509_key_usage_from_der(&usage, &cp, &len) != 1
|| asn1_check(usage == tests[i]) != 1) {
error_print();
return -1;
}
x509_key_usage_print(stderr, 0, 4, "KeyUsage", usage);
}
(void)asn1_length_is_zero(len);
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_notice_reference(void)
{
int notice_nums[] = { 1,2,3,4,5 };
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
int org_tag;
const uint8_t *org;
size_t orglen;
int nums[32];
size_t nums_cnt;
if (x509_notice_reference_to_der(
ASN1_TAG_IA5String, (uint8_t *)"Hello", 5,
notice_nums, sizeof(notice_nums)/sizeof(notice_nums[0]),
&p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
x509_notice_reference_print(stderr, 0, 0, "NoticeReference", d, dlen);
p = buf;
cp = buf;
len = 0;
if (x509_notice_reference_to_der(
ASN1_TAG_IA5String, (uint8_t *)"Hello", 5,
notice_nums, sizeof(notice_nums)/sizeof(notice_nums[0]),
&p, &len) != 1
|| x509_notice_reference_from_der(
&org_tag, &org, &orglen,
nums, &nums_cnt, sizeof(nums)/sizeof(nums[0]),
&cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_revoke_reasons(void)
{
int tests[] = {
0,
1,
2,
X509_RF_SUPERSEDED|X509_RF_PRIVILEGE_WITHDRAWN|X509_RF_AA_COMPROMISE,
0x1ff,
};
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
int bits;
int i;
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
if (x509_revoke_reasons_to_der(tests[i], &p, &len) != 1) {
error_print();
return -1;
}
format_bytes(stderr, 0, 4, "", buf, len);
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
if (x509_revoke_reasons_from_der(&bits, &cp, &len) != 1
|| asn1_check(bits == tests[i]) != 1) {
error_print();
return -1;
}
x509_revoke_reasons_print(stderr, 0, 4, "ReasonFlags", bits);
}
(void)asn1_length_is_zero(len);
printf("%s() ok\n", __FUNCTION__);
return 0;
}
int main(int argc, char **argv)
{
int err = 0;
err += test_x509_other_name();
err += test_x509_edi_party_name();
err += test_x509_general_name();
err += test_x509_key_usage();
err += test_x509_notice_reference();
err += test_x509_revoke_reasons();
return err;
}

322
tests/x509_oidtest.c Normal file
View File

@@ -0,0 +1,322 @@
/*
* Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/oid.h>
#include <gmssl/x509_oid.h>
#include <gmssl/x509.h>
#include <gmssl/rand.h>
#include <gmssl/error.h>
static int test_x509_name_type()
{
char *names[] = {
"name",
"surname",
"givenName",
"initials",
"generationQualifier",
"commonName",
"localityName",
"stateOrProvinceName",
"organizationName",
"organizationalUnitName",
"title",
"dnQualifier",
"countryName",
"serialNumber",
"pseudonym",
"domainComponent",
};
int oid;
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
int i;
format_print(stderr, 0, 0, "DER\n");
for (i = 0; i < sizeof(names)/sizeof(names[0]); i++) {
oid = x509_name_type_from_name(names[i]);
if (asn1_check(oid != OID_undef) != 1
|| x509_name_type_to_der(oid, &p, &len) != 1) {
error_print();
return -1;
}
format_bytes(stderr, 0, 4, "", buf, len);
}
format_print(stderr, 0, 0, "OID\n");
for (i = 0; i < sizeof(names)/sizeof(names[0]); i++) {
if (x509_name_type_from_der(&oid, &cp, &len) != 1) {
error_print();
return -1;
}
if (oid != x509_name_type_from_name(names[i])) {
error_print();
return -1;
}
format_print(stderr, 0, 4, "%s\n", x509_name_type_name(oid));
}
if (len != 0) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_ext_id()
{
char *names[] = {
"AuthorityKeyIdentifier",
"SubjectKeyIdentifier",
"KeyUsage",
"CertificatePolicies",
"PolicyMappings",
"SubjectAltName",
"IssuerAltName",
"SubjectDirectoryAttributes",
"BasicConstraints",
"NameConstraints",
"PolicyConstraints",
"ExtKeyUsage",
"CRLDistributionPoints",
"InhibitAnyPolicy",
"FreshestCRL",
};
int oid;
uint32_t nodes[32];
size_t nodes_cnt;
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
int i;
format_print(stderr, 0, 0, "DER\n");
for (i = 0; i < sizeof(names)/sizeof(names[0]); i++) {
oid = x509_ext_id_from_name(names[i]);
if (asn1_check(oid != OID_undef) != 1
|| x509_ext_id_to_der(oid, &p, &len) != 1) {
error_print();
return -1;
}
format_bytes(stderr, 0, 4, "", buf, len);
}
format_print(stderr, 0, 0, "ExtnID\n");
for (i = 0; i < sizeof(names)/sizeof(names[0]); i++) {
if (x509_ext_id_from_der(&oid, nodes, &nodes_cnt, &cp, &len) != 1) {
error_print();
return -1;
}
if (oid != x509_ext_id_from_name(names[i])) {
error_print();
return -1;
}
format_print(stderr, 0, 4, "%s\n", x509_ext_id_name(oid));
}
if (len != 0) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_qualifier_id(void)
{
char *names[] = {
"CPS",
"userNotice",
};
int oid;
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
int i;
format_print(stderr, 0, 0, "DER\n");
for (i = 0; i < sizeof(names)/sizeof(names[0]); i++) {
oid = x509_qualifier_id_from_name(names[i]);
if (asn1_check(oid != OID_undef) != 1
|| x509_qualifier_id_to_der(oid, &p, &len) != 1) {
error_print();
return -1;
}
format_bytes(stderr, 0, 4, "", buf, len);
}
format_print(stderr, 0, 0, "OID\n");
for (i = 0; i < sizeof(names)/sizeof(names[0]); i++) {
if (x509_qualifier_id_from_der(&oid, &cp, &len) != 1) {
error_print();
return -1;
}
if (asn1_check(oid == x509_qualifier_id_from_name(names[i])) != 1) {
error_print();
return -1;
}
format_print(stderr, 0, 4, "%s\n", x509_qualifier_id_name(oid));
}
if (len != 0) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_cert_policy_id(void)
{
char *names[] = {
"anyPolicy",
};
int oid;
uint32_t nodes[32];
size_t nodes_cnt;
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
int i;
format_print(stderr, 0, 0, "DER\n");
for (i = 0; i < sizeof(names)/sizeof(names[0]); i++) {
oid = x509_cert_policy_id_from_name(names[i]);
if (asn1_check(oid != OID_undef) != 1
|| x509_cert_policy_id_to_der(oid, NULL, 0, &p, &len) != 1) {
error_print();
return -1;
}
format_bytes(stderr, 0, 4, "", buf, len);
}
format_print(stderr, 0, 0, "OID\n");
for (i = 0; i < sizeof(names)/sizeof(names[0]); i++) {
if (x509_cert_policy_id_from_der(&oid, nodes, &nodes_cnt, &cp, &len) != 1) {
error_print();
return -1;
}
if (oid != x509_cert_policy_id_from_name(names[i])) {
error_print();
return -1;
}
format_print(stderr, 0, 4, "%s\n", x509_cert_policy_id_name(oid));
}
if (len != 0) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_key_purpose(void)
{
char *names[] = {
"serverAuth",
"clientAuth",
"codeSigning",
"emailProtection",
"timeStamping",
"OCSPSigning",
};
int oid;
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
int i;
format_print(stderr, 0, 0, "DER\n");
for (i = 0; i < sizeof(names)/sizeof(names[0]); i++) {
oid = x509_key_purpose_from_name(names[i]);
if (asn1_check(oid != OID_undef) != 1
|| x509_key_purpose_to_der(oid, &p, &len) != 1) {
error_print();
return -1;
}
format_bytes(stderr, 0, 4, "", buf, len);
}
format_print(stderr, 0, 0, "OID\n");
for (i = 0; i < sizeof(names)/sizeof(names[0]); i++) {
if (x509_key_purpose_from_der(&oid, &cp, &len) != 1) {
error_print();
return -1;
}
if (oid != x509_key_purpose_from_name(names[i])) {
error_print();
return -1;
}
format_print(stderr, 0, 4, "%s\n", x509_key_purpose_name(oid));
}
if (len != 0) {
error_print();
return -1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
int main(void)
{
int err = 0;
err += test_x509_name_type();
err += test_x509_ext_id();
err += test_x509_qualifier_id();
err += test_x509_cert_policy_id();
err += test_x509_key_purpose();
return err;
}

253
tests/x509_reqtest.c Normal file
View File

@@ -0,0 +1,253 @@
/*
* Copyright (c) 2014 - 2021 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/oid.h>
#include <gmssl/x509_alg.h>
#include <gmssl/x509_oid.h>
#include <gmssl/x509_req.h>
#include <gmssl/x509.h>
#include <gmssl/rand.h>
#include <gmssl/error.h>
static int test_x509_request_info(void)
{
uint8_t subject[256];
size_t subject_len;
SM2_KEY sm2_key;
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
int version;
const uint8_t *subj;
size_t subj_len;
SM2_KEY pub_key;
const uint8_t *attrs;
size_t attrs_len;
if (sm2_key_generate(&sm2_key) != 1
|| x509_name_set(subject, &subject_len, sizeof(subject), "CN", "Beijing", "Haidian", "PKU", "CS", "CA") != 1
|| x509_request_info_to_der(X509_version_v1, subject, subject_len, &sm2_key, NULL, 0, &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
x509_request_info_print(stderr, 0, 0, "CertificationRequestInfo", d, dlen);
p = buf;
cp = buf;
len = 0;
if (x509_request_info_to_der(X509_version_v1, subject, subject_len, &sm2_key, NULL, 0, &p, &len) != 1
|| x509_request_info_from_der(&version, &subj, &subj_len, &pub_key, &attrs, &attrs_len, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
format_print(stderr, 0, 0, "CertificationRequestInfo\n");
format_print(stderr, 0, 4, "version: %d\n", version);
x509_name_print(stderr, 0, 4, "subject", subj, subj_len);
sm2_public_key_print(stderr, 0, 4, "publicKey", &pub_key);
format_bytes(stderr, 0, 4, "attributes", attrs, attrs_len);
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_request(void)
{
uint8_t subject[256];
size_t subject_len;
SM2_KEY sm2_key;
uint8_t signature[128] = { 0x01, 0x02 };
uint8_t buf[512];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
int version;
const uint8_t *subj;
size_t subj_len;
SM2_KEY pub_key;
const uint8_t *attrs;
size_t attrs_len;
int sig_alg;
const uint8_t *sig;
size_t siglen;
if (sm2_key_generate(&sm2_key) != 1
|| x509_name_set(subject, &subject_len, sizeof(subject), "CN", "Beijing", "Haidian", "PKU", "CS", "CA") != 1
|| x509_request_to_der(X509_version_v1, subject, subject_len, &sm2_key, NULL, 0,
OID_sm2sign_with_sm3, signature, sizeof(signature), &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
x509_request_print(stderr, 0, 0, "CertificationRequest", d, dlen);
p = buf;
cp = buf;
len = 0;
if (x509_request_to_der(X509_version_v1, subject, subject_len, &sm2_key, NULL, 0,
OID_sm2sign_with_sm3, signature, sizeof(signature), &p, &len) != 1
|| x509_request_from_der(&version, &subj, &subj_len, &pub_key, &attrs, &attrs_len,
&sig_alg, &sig, &siglen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
format_print(stderr, 0, 0, "CertificationRequest\n");
format_print(stderr, 0, 4, "version: %d\n", version);
x509_name_print(stderr, 0, 4, "subject", subj, subj_len);
sm2_public_key_print(stderr, 0, 4, "publicKey", &pub_key);
format_bytes(stderr, 0, 4, "attributes", attrs, attrs_len);
format_print(stderr, 0, 4, "signatureAlgor: %s\n", x509_signature_algor_name(sig_alg));
format_bytes(stderr, 0, 4, "signature", sig, siglen);
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_req(void)
{
uint8_t subject[256];
size_t subject_len;
SM2_KEY sm2_key;
uint8_t req[512];
size_t reqlen = 0;
int version;
const uint8_t *subj;
size_t subj_len;
SM2_KEY pub_key;
const uint8_t *attrs;
size_t attrs_len;
if (sm2_key_generate(&sm2_key) != 1
|| x509_name_set(subject, &subject_len, sizeof(subject), "CN", "Beijing", "Haidian", "PKU", "CS", "CA") != 1
|| x509_req_sign(req, &reqlen, sizeof(req),
X509_version_v1, subject, subject_len, &sm2_key, NULL, 0,
OID_sm2sign_with_sm3, &sm2_key, SM2_DEFAULT_ID, strlen(SM2_DEFAULT_ID)) != 1) {
error_print();
return -1;
}
x509_req_print(stderr, 0, 0, "CertificationRequest", req, reqlen);
FILE *fp;
if ((fp = fopen("req.pem", "w")) == NULL) {
error_print();
return -1;
}
if (x509_req_to_pem(req, reqlen, fp) != 1) {
error_print();
return -1;
}
fclose(fp);
x509_req_to_pem(req, reqlen, stderr);
memset(req, 0, sizeof(req));
if ((fp = fopen("req.pem", "r")) == NULL) {
error_print();
return -1;
}
if (x509_req_from_pem(req, &reqlen, sizeof(req), fp) != 1) {
error_print();
return -1;
}
if (x509_req_verify(req, reqlen, &sm2_key, SM2_DEFAULT_ID, strlen(SM2_DEFAULT_ID)) != 1) {
error_print();
return -1;
}
format_print(stderr, 0, 0, "x509_req_verify() success\n");
printf("%s() ok\n", __FUNCTION__);
return 0;
}
int main(void)
{
int err = 0;
err += test_x509_request_info();
err += test_x509_request();
err += test_x509_req();
return err;
}

94
tests/sm4cbctest.c → tests/x509_strtest.c
View File

@@ -49,64 +49,66 @@
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/sm4.h>
#include <gmssl/oid.h>
#include <gmssl/x509_str.h>
#include <gmssl/x509.h>
#include <gmssl/rand.h>
#include <gmssl/error.h>
static int test_sm4_cbc(void)
static int test_x509_directory_name(void)
{
SM4_KEY sm4_key;
uint8_t key[16] = {0};
uint8_t iv[16];
uint8_t str[] = { 'a', 'b', 'c', 0 };
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
int tag;
const uint8_t *d;
size_t dlen;
uint8_t buf1[2] = {0};
uint8_t buf2[32] = {0};
uint8_t buf3[47] = {0};
uint8_t buf4[96] = {0};
uint8_t buf5[96];
int i;
sm4_set_encrypt_key(&sm4_key, key);
sm4_cbc_encrypt(&sm4_key, iv, buf2, 2, buf4);
for (i = 0; i < 32; i++) {
printf("%02x", buf4[i]);
if (x509_directory_name_check_ex(ASN1_TAG_UTF8String, str, 3, 1, 10) != 1 // str,4 will fail
|| x509_directory_name_to_der(ASN1_TAG_UTF8String, str, 3, &p, &len) != 1
|| x509_directory_name_from_der(&tag, &d, &dlen, &cp, &len) != 1
|| asn1_check(tag == ASN1_TAG_UTF8String) != 1
|| asn1_check(dlen == 3) != 1
|| asn1_check(memcmp(str, d, dlen) == 0) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return 1;
}
printf("\n");
return 1;
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_sm4_cbc_padding(void)
static int test_x509_display_text(void)
{
SM4_KEY enc_key;
SM4_KEY dec_key;
uint8_t key[16] = {0};
uint8_t iv[16] = {0};
uint8_t in[64];
uint8_t out[128];
uint8_t buf[128];
size_t len1, len2, i;
uint8_t str[] = { 'a', 'b', 'c', 0 };
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
int tag;
const uint8_t *d;
size_t dlen;
for (i = 0; i < sizeof(in); i++) {
in[i] = i;
if (x509_display_text_check(ASN1_TAG_UTF8String, str, 3) != 1 // str,4 will fail
|| x509_display_text_to_der(ASN1_TAG_UTF8String, str, 3, &p, &len) != 1
|| x509_display_text_from_der(&tag, &d, &dlen, &cp, &len) != 1
|| asn1_check(tag == ASN1_TAG_UTF8String) != 1
|| asn1_check(dlen == 3) != 1
|| asn1_check(memcmp(str, d, dlen) == 0) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return 1;
}
sm4_set_encrypt_key(&enc_key, key);
sm4_set_decrypt_key(&dec_key, key);
sm4_cbc_padding_encrypt(&enc_key, iv, in, 33, out, &len1);
printf("c = (%zu) ", len1); for (i = 0; i < len1; i++) printf("%02x", out[i]); printf("\n");
sm4_cbc_padding_decrypt(&dec_key, iv, out, len1, buf, &len2);
printf("m = (%zu) ", len2); for (i = 0; i < len2; i++) printf("%02x", buf[i]); printf("\n");
return 1;
printf("%s() ok\n", __FUNCTION__);
return 0;
}
int main(void)
{
test_sm4_cbc();
test_sm4_cbc_padding();
return 1;
int err = 0;
err += test_x509_directory_name();
err += test_x509_display_text();
return err;
}

531
tests/x509test.c
View File

@@ -50,282 +50,397 @@
#include <string.h>
#include <stdlib.h>
#include <gmssl/oid.h>
#include <gmssl/x509_alg.h>
#include <gmssl/x509_oid.h>
#include <gmssl/x509.h>
#include <gmssl/rand.h>
#include <gmssl/error.h>
#if 0
static int test_x509_validity(void)
static int test_x509_version(void)
{
int err = 0;
X509_VALIDITY validity;
uint8_t buf[64] = {0};
const uint8_t *cp = buf;
int tests[] = {
X509_version_v1,
X509_version_v2,
X509_version_v3,
-1,
};
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
size_t i;
printf("%s\n", __FUNCTION__);
memset(&validity, 0, sizeof(X509_VALIDITY));
format_print(stderr, 0, 0, "Version\n");
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
if (x509_explicit_version_to_der(i, tests[i], &p, &len) < 0) {
error_print();
return -1;
}
format_bytes(stderr, 0, 4, "", buf, len);
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
int ver;
if (x509_explicit_version_from_der(i, &ver, &cp, &len) < 0
|| asn1_check(ver == tests[i]) != 1) {
error_print();
return -1;
}
format_print(stderr, 0, 4, "%s\n", x509_version_name(ver));
}
(void)asn1_length_is_zero(len);
printf("%s() ok\n", __FUNCTION__);
return 0;
}
x509_validity_set_days(&validity, time(NULL), 365 * 10);
x509_validity_to_der(&validity, &p, &len);
print_der(buf, len);
printf("\n");
memset(&validity, 0, sizeof(X509_VALIDITY));
x509_validity_from_der(&validity, &cp, &len);
x509_validity_print(stdout, &validity, 0, 0);
static int test_x509_validity(void)
{
time_t not_before, not_before_;
time_t not_after, not_after_;
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
size_t i;
printf("\n");
return err;
time(&not_before);
format_print(stderr, 0, 0, "Validity\n");
if (x509_validity_add_days(&not_after, not_before, 365) != 1
|| x509_validity_to_der(not_before, not_after, &p, &len) != 1) {
error_print();
return -1;
}
format_bytes(stderr, 0, 4, "", buf, len);
if (x509_validity_from_der(&not_before_, &not_after_, &cp, &len) != 1
|| asn1_check(not_before == not_before_) != 1
|| asn1_check(not_after == not_after_) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return 1;
}
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_attr_type_and_value(void)
{
int oid;
int tag;
const uint8_t *d;
size_t dlen;
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
format_print(stderr, 0, 0, "AttributeTypeAndValue\n");
if (x509_attr_type_and_value_to_der(OID_at_locality_name, ASN1_TAG_PrintableString, (uint8_t *)"Haidian", strlen("Haidian"), &p, &len) != 1) {
error_print();
return -1;
}
format_bytes(stderr, 0, 4, "", buf, len);
if (x509_attr_type_and_value_from_der(&oid, &tag, &d, &dlen, &cp, &len) != 1
|| asn1_check(oid == OID_at_locality_name) != 1
|| asn1_check(tag == ASN1_TAG_PrintableString) != 1
|| asn1_check(dlen == strlen("Haidian")) != 1
|| asn1_check(memcmp("Haidian", d, dlen) == 0) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
format_print(stderr, 0, 4, "%s : %s ", x509_name_type_name(oid), asn1_tag_name(tag));
format_string(stderr, 0, 0, "", d, dlen);
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_rdn(void)
{
int oid;
int tag;
const uint8_t *d;
size_t dlen;
const uint8_t *more;
size_t morelen;
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
format_print(stderr, 0, 0, "RDN\n");
if (x509_rdn_to_der(OID_at_locality_name, ASN1_TAG_PrintableString,
(uint8_t *)"Haidian", strlen("Haidian"), NULL, 0, &p, &len) != 1) {
error_print();
return -1;
}
format_bytes(stderr, 0, 4, "", buf, len);
if (x509_rdn_from_der(&oid, &tag, &d, &dlen, &more, &morelen, &cp, &len) != 1
|| asn1_check(oid == OID_at_locality_name) != 1
|| asn1_check(tag == ASN1_TAG_PrintableString) != 1
|| asn1_check(dlen == strlen("Haidian")) != 1
|| asn1_check(memcmp("Haidian", d, dlen) == 0) != 1
|| asn1_check(more == NULL) != 1
|| asn1_check(morelen == 0) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
format_print(stderr, 0, 4, "%s : %s ", x509_name_type_name(oid), asn1_tag_name(tag));
format_string(stderr, 0, 0, "", d, dlen);
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_name(void)
{
int err = 0;
X509_NAME name;
uint8_t name[512];
size_t namelen = 0;
uint8_t buf[1024];
const uint8_t *cp = buf;
uint8_t *p = buf;
size_t len = 0;
printf("%s\n", __FUNCTION__);
memset(&name, 0, sizeof(X509_NAME));
x509_name_add_rdn(&name, OID_at_countryName, ASN1_TAG_PrintableString, "CN");
x509_name_add_rdn(&name, OID_at_stateOrProvinceName, ASN1_TAG_PrintableString, "Beijing");
x509_name_add_rdn(&name, OID_at_organizationName, ASN1_TAG_PrintableString, "PKU");
x509_name_add_rdn(&name, OID_at_organizationalUnitName, ASN1_TAG_PrintableString, "CS");
x509_name_add_rdn(&name, OID_at_commonName, ASN1_TAG_PrintableString, "infosec");
if (x509_name_to_der(&name, &p, &len) != 1) {
if (x509_name_add_country_name(name, &namelen, sizeof(name), "CN") != 1
|| format_bytes(stderr, 0, 4, "", name, namelen) > 2
|| x509_name_add_locality_name(name, &namelen, sizeof(name), ASN1_TAG_PrintableString, (uint8_t *)"Haidian", strlen("Haidian")) != 1
|| format_bytes(stderr, 0, 4, "", name, namelen) > 2
|| x509_name_add_state_or_province_name(name, &namelen, sizeof(name), ASN1_TAG_PrintableString, (uint8_t *)"Beijing", strlen("Beijing")) != 1
|| format_bytes(stderr, 0, 4, "", name, namelen) > 2
|| x509_name_add_organization_name(name, &namelen, sizeof(name), ASN1_TAG_PrintableString, (uint8_t *)"PKU", strlen("PKU")) != 1
|| format_bytes(stderr, 0, 4, "", name, namelen) > 2
|| x509_name_add_organizational_unit_name(name, &namelen, sizeof(name), ASN1_TAG_PrintableString, (uint8_t *)"CS", strlen("CS")) != 1
|| format_bytes(stderr, 0, 4, "", name, namelen) > 2
|| x509_name_add_common_name(name, &namelen, sizeof(name), ASN1_TAG_PrintableString, (uint8_t *)"CA", strlen("CA")) != 1
|| format_bytes(stderr, 0, 4, "", name, namelen) > 2
) {
error_print();
err++;
goto end;
return 1;
}
print_der(buf, len);
printf("\n");
if (x509_name_from_der(&name, &cp, &len) != 1
|| len > 0) {
error_print();
err++;
goto end;
}
x509_name_print(stdout, &name, 0, 0);
end:
printf("\n");
return err;
}
static int test_x509_signature_algor(int oid)
{
int err = 0;
int tests[] = {OID_sm2sign_with_sm3, OID_rsasign_with_sm3};
int val;
uint32_t nodes[32];
size_t nodes_count;
uint8_t buf[128];
const uint8_t *cp = buf;
uint8_t *p = buf;
size_t len = 0;
size_t i;
printf("%s\n", __FUNCTION__);
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
printf("%s\n", asn1_object_identifier_name(tests[i]));
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
if (x509_signature_algor_to_der(tests[i], &p, &len) != 1) {
error_print();
err++;
goto end;
}
print_der(buf, len);
printf("\n");
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
if (x509_signature_algor_from_der(&val, nodes, &nodes_count, &cp, &len) != 1) {
error_print();
err++;
goto end;
}
if (val != tests[i]) {
error_print();
err++;
goto end;
}
printf("%s\n", asn1_object_identifier_name(tests[i]));
}
end:
printf("\n");
return err;
format_bytes(stdout, 0, 0, "der ", name, namelen);
x509_name_print(stdout, 0, 0, "Name", name, namelen);
return 0;
}
static int test_x509_public_key_info(void)
{
int err = 0;
SM2_KEY key;
X509_PUBLIC_KEY_INFO pkey_info;
SM2_KEY sm2_key;
SM2_KEY pub_key;
uint8_t buf[256];
const uint8_t *cp = buf;
uint8_t *p = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
printf("%s\n", __FUNCTION__);
sm2_keygen(&key);
x509_public_key_info_set_sm2(&pkey_info, &key);
if (x509_public_key_info_to_der(&pkey_info, &p, &len) != 1) {
if (sm2_key_generate(&sm2_key) != 1
|| x509_public_key_info_to_der(&sm2_key, &p, &len) != 1
|| asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
return 1;
}
print_der(buf, len);
printf("\n");
if (x509_public_key_info_from_der(&pkey_info, &cp, &len) != 1
|| len > 0) {
x509_public_key_info_print(stdout, 0, 0, "PublicKeyInfo", d, dlen);
if (sm2_key_generate(&sm2_key) != 1
|| x509_public_key_info_to_der(&sm2_key, &p, &len) != 1
|| x509_public_key_info_from_der(&pub_key, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
return 1;
}
sm2_public_key_print(stdout, 0, 8, "ECPublicKey", &pub_key);
x509_public_key_info_print(stdout, &pkey_info, 0, 0);
printf("\n");
return err;
printf("%s() ok\n", __FUNCTION__);
return 0;
}
static int test_x509_certificate(void)
static int set_x509_name(uint8_t *name, size_t *namelen, size_t maxlen)
{
int err = 0;
X509_CERTIFICATE _cert, *cert = &_cert;
int rv;
int version = X509_version_v3;
uint8_t sn[12];
X509_NAME issuer;
X509_NAME subject;
time_t not_before;
*namelen = 0;
if (x509_name_add_country_name(name, namelen, maxlen, "CN") != 1
|| x509_name_add_locality_name(name, namelen, maxlen, ASN1_TAG_PrintableString, (uint8_t *)"Haidian", strlen("Haidian")) != 1
|| x509_name_add_state_or_province_name(name, namelen, maxlen, ASN1_TAG_PrintableString, (uint8_t *)"Beijing", strlen("Beijing")) != 1
|| x509_name_add_organization_name(name, namelen, maxlen, ASN1_TAG_PrintableString, (uint8_t *)"PKU", strlen("PKU")) != 1
|| x509_name_add_organizational_unit_name(name, namelen, maxlen, ASN1_TAG_PrintableString, (uint8_t *)"CS", strlen("CS")) != 1
|| x509_name_add_common_name(name, namelen, maxlen, ASN1_TAG_PrintableString, (uint8_t *)"CA", strlen("CA")) != 1) {
error_print();
return -1;
}
return 1;
}
SM2_KEY key;
uint8_t buf[2048] = {0};
static int test_x509_tbs_cert(void)
{
uint8_t serial[20] = { 0x01, 0x00 };
size_t serial_len;
uint8_t issuer[256];
size_t issuer_len = 0;
time_t not_before, not_after;
uint8_t subject[256];
size_t subject_len = 0;
SM2_KEY sm2_key;
uint8_t buf[1024] = {0};
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
const uint8_t *d;
size_t dlen;
printf("%s\n", __FUNCTION__);
memset(cert, 0, sizeof(X509_CERTIFICATE));
rand_bytes(sn, sizeof(sn));
memset(&issuer, 0, sizeof(X509_NAME));
// add_rdn 应该用一个ex来支持长度
x509_name_add_rdn(&issuer, OID_at_countryName, ASN1_TAG_PrintableString, "CN");
x509_name_add_rdn(&issuer, OID_at_stateOrProvinceName, ASN1_TAG_PrintableString, "Beijing");
x509_name_add_rdn(&issuer, OID_at_organizationName, ASN1_TAG_PrintableString, "PKU");
x509_name_add_rdn(&issuer, OID_at_organizationalUnitName, ASN1_TAG_PrintableString, "CS");
x509_name_add_rdn(&issuer, OID_at_commonName, ASN1_TAG_PrintableString, "CA");
memset(&subject, 0, sizeof(X509_NAME));
x509_name_add_rdn(&subject, OID_at_countryName, ASN1_TAG_PrintableString, "CN");
x509_name_add_rdn(&subject, OID_at_stateOrProvinceName, ASN1_TAG_PrintableString, "Beijing");
x509_name_add_rdn(&subject, OID_at_organizationName, ASN1_TAG_PrintableString, "PKU");
x509_name_add_rdn(&subject, OID_at_organizationalUnitName, ASN1_TAG_PrintableString, "CS");
x509_name_add_rdn(&subject, OID_at_commonName, ASN1_TAG_PrintableString, "infosec");
set_x509_name(issuer, &issuer_len, sizeof(issuer));
time(&not_before);
x509_validity_add_days(&not_after, not_before, 365);
set_x509_name(subject, &subject_len, sizeof(subject));
sm2_key_generate(&sm2_key);
rv = x509_certificate_set_version(cert, version);
rv = x509_certificate_set_serial_number(cert, sn, sizeof(sn));
rv = x509_certificate_set_signature_algor(cert, OID_sm2sign_with_sm3); // 这个不是应该在设置公钥的时候一起设置吗?
rv = x509_certificate_set_issuer(cert, &issuer);
rv = x509_certificate_set_subject(cert, &subject);
rv = x509_certificate_set_validity(cert, not_before, 365);
if (x509_tbs_cert_to_der(
X509_version_v3,
serial, sizeof(serial),
OID_sm2sign_with_sm3,
issuer, issuer_len,
not_before, not_after,
subject, subject_len,
&sm2_key,
NULL, 0,
NULL, 0,
NULL, 0,
&p, &len) != 1) {
error_print();
return -1;
}
format_bytes(stderr, 0, 0, "tbs_cert", buf, len);
if (asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
|| asn1_length_is_zero(len) != 1) {
error_print();
return -1;
}
x509_tbs_cert_print(stderr, 0, 4, "TBSCertificate", d, dlen);
sm2_keygen(&key);
rv = x509_certificate_set_subject_public_key_info_sm2(cert, &key);
return 0;
}
static int test_x509_cert_get(const uint8_t *cert, size_t certlen)
{
const uint8_t *serial;
size_t serial_len;
const uint8_t *issuer;
size_t issuer_len;
const uint8_t *subject;
size_t subject_len;
SM2_KEY public_key;
if (x509_cert_get_issuer_and_serial_number(cert, certlen, &issuer, &issuer_len, &serial, &serial_len) != 1
|| x509_cert_get_subject(cert, certlen, &subject, &subject_len) != 1
|| x509_cert_get_subject_public_key(cert, certlen, &public_key) != 1) {
error_print();
return -1;
}
format_bytes(stderr, 0, 4, "SerialNumber", serial, serial_len);
x509_name_print(stderr, 0, 4, "Issuer", issuer, issuer_len);
x509_name_print(stderr, 0, 4, "Subject", subject, subject_len);
sm2_public_key_print(stderr, 0, 4, "SubjectPublicKey", &public_key);
return 0;
}
static int test_x509_cert(void)
{
uint8_t serial[20] = { 0x01, 0x00 };
size_t serial_len;
uint8_t issuer[256];
size_t issuer_len = 0;
time_t not_before, not_after;
uint8_t subject[256];
size_t subject_len = 0;
SM2_KEY sm2_key;
uint8_t cert[1024] = {0};
uint8_t *p = cert;
const uint8_t *cp = cert;
size_t certlen = 0;
set_x509_name(issuer, &issuer_len, sizeof(issuer));
time(&not_before);
x509_validity_add_days(&not_after, not_before, 365);
set_x509_name(subject, &subject_len, sizeof(subject));
sm2_key_generate(&sm2_key);
if (x509_cert_sign(
cert, &certlen, sizeof(cert),
X509_version_v3,
serial, sizeof(serial),
OID_sm2sign_with_sm3,
issuer, issuer_len,
not_before, not_after,
subject, subject_len,
&sm2_key,
NULL, 0,
NULL, 0,
NULL, 0,
&sm2_key, SM2_DEFAULT_ID, strlen(SM2_DEFAULT_ID)) != 1) {
error_print();
return -1;
}
format_bytes(stderr, 0, 4, "cert", cert, certlen);
x509_cert_print(stderr, 0, 4, "Certificate", cert, certlen);
if (x509_cert_verify(cert, certlen, &sm2_key, SM2_DEFAULT_ID, strlen(SM2_DEFAULT_ID)) != 1) {
error_print();
return -1;
}
printf("x509_cert_verify() success\n");
test_x509_cert_get(cert, certlen);
rv = x509_certificate_generate_subject_key_identifier(cert, 1);
FILE *fp;
if (!(fp = fopen("cert.pem", "w"))) {
error_print();
return -1;
}
x509_cert_to_pem(cert, certlen, fp);
x509_cert_to_pem(cert, certlen, stderr);
fclose(fp);
rv = x509_certificate_sign_sm2(cert, &key);
if (!(fp = fopen("cert.pem", "r"))) {
error_print();
return -1;
}
rv = x509_certificate_to_der(cert, &p, &len);
print_der(buf, len);
printf("\n");
memset(cert, 0, sizeof(X509_CERTIFICATE));
x509_certificate_from_der(cert, &cp, &len);
x509_certificate_print(stdout, cert, 0, 0);
memset(cert, 0, sizeof(cert));
if (x509_cert_from_pem(cert, &certlen, sizeof(cert), fp) != 1) {
error_print();
return -1;
}
x509_cert_print(stderr, 0, 4, "Certificate", cert, certlen);
return 0;
}
static int test_x509_cert_request(void)
{
int err = 0;
X509_CERT_REQUEST req;
X509_NAME subject;
SM2_KEY keypair;
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
printf("%s : \n", __func__);
memset(&subject, 0, sizeof(X509_NAME));
x509_name_add_rdn(&subject, OID_at_countryName, ASN1_TAG_PrintableString, "CN");
x509_name_add_rdn(&subject, OID_at_stateOrProvinceName, ASN1_TAG_PrintableString, "Beijing");
x509_name_add_rdn(&subject, OID_at_organizationName, ASN1_TAG_PrintableString, "PKU");
x509_name_add_rdn(&subject, OID_at_organizationalUnitName, ASN1_TAG_PrintableString, "CS");
x509_name_add_rdn(&subject, OID_at_commonName, ASN1_TAG_PrintableString, "infosec");
sm2_keygen(&keypair);
if (x509_cert_request_set_sm2(&req, &subject, &keypair) != 1
|| x509_cert_request_sign_sm2(&req, &keypair) != 1
|| x509_cert_request_to_der(&req, &p, &len) != 1) {
error_print();
err++;
goto end;
}
print_der(buf, len);
printf("\n");
memset(&req, 0, sizeof(req));
if (x509_cert_request_from_der(&req, &cp, &len) != 1) {
error_print();
err++;
goto end;
}
x509_cert_request_print(stdout, &req, 0, 0);
end:
return err;
return 0;
}
#endif
int main(void)
{
int err = 0;
//err += test_x509_validity();
//err += test_x509_signature_algor(OID_sm2sign_with_sm3);
//err += test_x509_signature_algor(OID_rsasign_with_sm3);
//err += test_x509_name();
//err += test_x509_public_key_info();
//err += test_x509_certificate();
// err += test_x509_version();
// err += test_x509_validity();
// err += test_x509_attr_type_and_value();
// err += test_x509_rdn();
// err += test_x509_name();
// err += test_x509_public_key_info();
// err += test_x509_tbs_cert();
err += test_x509_cert();
//err += test_x509_cert_request();
//test_x509_extensions();
return 1;
return err;
}

3
tests/zuctest.c
View File

@@ -1,4 +1,4 @@
/* ====================================================================
/*
* Copyright (c) 2014 - 2018 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -44,7 +44,6 @@
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <stdio.h>