/* * Copyright 2014-2026 The GmSSL Project. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the License); you may * not use this file except in compliance with the License. * * http://www.apache.org/licenses/LICENSE-2.0 */ "\n" "Supported cipher suites:\n" " TLS_ECC_SM4_GCM_SM3\n" " TLS_ECC_SM4_CBC_SM3\n" "\n" "\n" "Examples\n" "\n" " gmssl sm2keygen -pass P@ssw0rd -out sm2_root_ca_key.pem\n" " gmssl certgen -C CN -ST Beijing -L Haidian -O GmSSL -OU Test -CN \"GmSSL SM2 Test Root CA\" \\\n" " -days 3650 -key sm2_root_ca_key.pem -pass P@ssw0rd -out sm2_root_ca_cert.pem \\\n" " -key_usage keyCertSign -key_usage cRLSign -ca\n" "\n" " gmssl sm2keygen -pass P@ssw0rd -out sm2_tlcp_ca_key.pem\n" " gmssl reqgen -C CN -ST Beijing -L Haidian -O GmSSL -OU Test -CN \"GmSSL SM2 TLCP CA\" \\\n" " -key sm2_tlcp_ca_key.pem -pass P@ssw0rd -out sm2_tlcp_ca_req.pem\n" " gmssl reqsign -in sm2_tlcp_ca_req.pem -days 1825 -key_usage keyCertSign \\\n" " -key_usage cRLSign -path_len_constraint 0 -cacert sm2_root_ca_cert.pem \\\n" " -key sm2_root_ca_key.pem -pass P@ssw0rd -out sm2_tlcp_ca_cert.pem -ca\n" "\n" " gmssl sm2keygen -pass P@ssw0rd -out sm2_tlcp_server_sign_key.pem\n" " gmssl reqgen -C CN -ST Beijing -L Haidian -O GmSSL -OU Test -CN \"GmSSL SM2 TLCP Server\" \\\n" " -key sm2_tlcp_server_sign_key.pem -pass P@ssw0rd -out sm2_tlcp_server_sign_req.pem\n" " gmssl reqsign -in sm2_tlcp_server_sign_req.pem -days 365 -key_usage digitalSignature \\\n" " -ext_key_usage serverAuth -subject_dns_name localhost -cacert sm2_tlcp_ca_cert.pem \\\n" " -key sm2_tlcp_ca_key.pem -pass P@ssw0rd -out sm2_tlcp_server_sign_cert.pem\n" " gmssl sm2keygen -pass P@ssw0rd -out sm2_tlcp_server_enc_key.pem\n" " gmssl reqgen -C CN -ST Beijing -L Haidian -O GmSSL -OU Test -CN \"GmSSL SM2 TLCP Server\" \\\n" " -key sm2_tlcp_server_enc_key.pem -pass P@ssw0rd -out sm2_tlcp_server_enc_req.pem\n" " gmssl reqsign -in sm2_tlcp_server_enc_req.pem -days 365 -key_usage keyEncipherment \\\n" " -ext_key_usage serverAuth -subject_dns_name localhost -cacert sm2_tlcp_ca_cert.pem \\\n" " -key sm2_tlcp_ca_key.pem -pass P@ssw0rd -out sm2_tlcp_server_enc_cert.pem\n" "\n" " cat sm2_tlcp_server_sign_cert.pem > sm2_tlcp_server_certs.pem\n" " cat sm2_tlcp_server_enc_cert.pem >> sm2_tlcp_server_certs.pem\n" " cat sm2_tlcp_ca_cert.pem >> sm2_tlcp_server_certs.pem\n" " cat sm2_tlcp_server_sign_key.pem > sm2_tlcp_server_keys.pem\n" " cat sm2_tlcp_server_enc_key.pem >> sm2_tlcp_server_keys.pem\n" "\n" " gmssl sm2keygen -pass P@ssw0rd -out sm2_tls_client_key.pem\n" " gmssl reqgen -C CN -ST Beijing -L Haidian -O GmSSL -OU Test -CN \"GmSSL SM2 TLS Client\" \\\n" " -key sm2_tls_client_key.pem -pass P@ssw0rd -out sm2_tls_client_req.pem\n" " gmssl reqsign -in sm2_tls_client_req.pem -days 365 -key_usage digitalSignature \\\n" " -ext_key_usage clientAuth -cacert sm2_tlcp_ca_cert.pem -key sm2_tlcp_ca_key.pem \\\n" " -pass P@ssw0rd -out sm2_tls_client_cert.pem\n" " cat sm2_tls_client_cert.pem > sm2_tls_client_certs.pem\n" " cat sm2_tlcp_ca_cert.pem >> sm2_tls_client_certs.pem\n" "\n" " printf 'hello tlcp\\n' > message.txt\n" "\n" " gmssl tlcp_server -port 4431 -cert sm2_tlcp_server_certs.pem -key sm2_tlcp_server_keys.pem -pass P@ssw0rd \\\n" " -cipher_suite TLS_ECC_SM4_CBC_SM3\n" " gmssl tlcp_client -host 127.0.0.1 -port 4431 -server_name localhost -cacert sm2_root_ca_cert.pem \\\n" " -cipher_suite TLS_ECC_SM4_CBC_SM3 -in message.txt\n" "\n" " gmssl tlcp_server -port 4436 -cert sm2_tlcp_server_certs.pem -key sm2_tlcp_server_keys.pem -pass P@ssw0rd \\\n" " -cipher_suite TLS_ECC_SM4_GCM_SM3 -cacert sm2_root_ca_cert.pem -cert_request\n" " gmssl tlcp_client -host 127.0.0.1 -port 4436 -server_name localhost -cacert sm2_root_ca_cert.pem \\\n" " -cipher_suite TLS_ECC_SM4_GCM_SM3 \\\n" " -cert sm2_tls_client_certs.pem -key sm2_tls_client_key.pem -pass P@ssw0rd \\\n" " -in message.txt\n" "\n"