abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-05-07 00:46:17 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
bcad2eb8dd26c0a7a59547e2216c9ff064d4d6f8
GmSSL/tests/x509test.c
Zhi Guan bcad2eb8dd update
2021-09-10 11:29:16 +08:00

299 lines
7.6 KiB
C
Raw Blame History

/*
* Copyright 2014-2021 The GmSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <gmssl/oid.h>
#include <gmssl/x509.h>
#include <gmssl/rand.h>
#include <gmssl/error.h>
static int test_x509_validity(void)
{
int err = 0;
X509_VALIDITY validity;
uint8_t buf[64] = {0};
const uint8_t *cp = buf;
uint8_t *p = buf;
size_t len = 0;
size_t i;
printf("%s\n", __FUNCTION__);
memset(&validity, 0, sizeof(X509_VALIDITY));
x509_validity_set_days(&validity, time(NULL), 365 * 10);
x509_validity_to_der(&validity, &p, &len);
print_der(buf, len);
printf("\n");
memset(&validity, 0, sizeof(X509_VALIDITY));
x509_validity_from_der(&validity, &cp, &len);
x509_validity_print(stdout, &validity, 0, 0);
printf("\n");
return err;
}
static int test_x509_name(void)
{
int err = 0;
X509_NAME name;
uint8_t buf[1024];
const uint8_t *cp = buf;
uint8_t *p = buf;
size_t len = 0;
printf("%s\n", __FUNCTION__);
memset(&name, 0, sizeof(X509_NAME));
x509_name_add_rdn(&name, OID_at_countryName, ASN1_TAG_PrintableString, "CN");
x509_name_add_rdn(&name, OID_at_stateOrProvinceName, ASN1_TAG_PrintableString, "Beijing");
x509_name_add_rdn(&name, OID_at_organizationName, ASN1_TAG_PrintableString, "PKU");
x509_name_add_rdn(&name, OID_at_organizationalUnitName, ASN1_TAG_PrintableString, "CS");
x509_name_add_rdn(&name, OID_at_commonName, ASN1_TAG_PrintableString, "infosec");
if (x509_name_to_der(&name, &p, &len) != 1) {
error_print();
err++;
goto end;
}
print_der(buf, len);
printf("\n");
if (x509_name_from_der(&name, &cp, &len) != 1
|| len > 0) {
error_print();
err++;
goto end;
}
x509_name_print(stdout, &name, 0, 0);
end:
printf("\n");
return err;
}
static int test_x509_signature_algor(int oid)
{
int err = 0;
int tests[] = {OID_sm2sign_with_sm3, OID_rsasign_with_sm3};
int val;
uint32_t nodes[32];
size_t nodes_count;
uint8_t buf[128];
const uint8_t *cp = buf;
uint8_t *p = buf;
size_t len = 0;
size_t i;
printf("%s\n", __FUNCTION__);
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
printf("%s\n", asn1_object_identifier_name(tests[i]));
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
if (x509_signature_algor_to_der(tests[i], &p, &len) != 1) {
error_print();
err++;
goto end;
}
print_der(buf, len);
printf("\n");
}
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
if (x509_signature_algor_from_der(&val, nodes, &nodes_count, &cp, &len) != 1) {
error_print();
err++;
goto end;
}
if (val != tests[i]) {
error_print();
err++;
goto end;
}
printf("%s\n", asn1_object_identifier_name(tests[i]));
}
end:
printf("\n");
return err;
}
static int test_x509_public_key_info(void)
{
int err = 0;
SM2_KEY key;
X509_PUBLIC_KEY_INFO pkey_info;
uint8_t buf[256];
const uint8_t *cp = buf;
uint8_t *p = buf;
size_t len = 0;
printf("%s\n", __FUNCTION__);
sm2_keygen(&key);
x509_public_key_info_set_sm2(&pkey_info, &key);
if (x509_public_key_info_to_der(&pkey_info, &p, &len) != 1) {
error_print();
return -1;
}
print_der(buf, len);
printf("\n");
if (x509_public_key_info_from_der(&pkey_info, &cp, &len) != 1
|| len > 0) {
error_print();
return -1;
}
x509_public_key_info_print(stdout, &pkey_info, 0, 0);
printf("\n");
return err;
}
static int test_x509_certificate(void)
{
int err = 0;
X509_CERTIFICATE _cert, *cert = &_cert;
int rv;
int version = X509_version_v3;
uint8_t sn[12];
X509_NAME issuer;
X509_NAME subject;
time_t not_before;
SM2_KEY key;
uint8_t buf[2048] = {0};
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
printf("%s\n", __FUNCTION__);
memset(cert, 0, sizeof(X509_CERTIFICATE));
rand_bytes(sn, sizeof(sn));
memset(&issuer, 0, sizeof(X509_NAME));
// add_rdn 应该用一个ex来支持长度
x509_name_add_rdn(&issuer, OID_at_countryName, ASN1_TAG_PrintableString, "CN");
x509_name_add_rdn(&issuer, OID_at_stateOrProvinceName, ASN1_TAG_PrintableString, "Beijing");
x509_name_add_rdn(&issuer, OID_at_organizationName, ASN1_TAG_PrintableString, "PKU");
x509_name_add_rdn(&issuer, OID_at_organizationalUnitName, ASN1_TAG_PrintableString, "CS");
x509_name_add_rdn(&issuer, OID_at_commonName, ASN1_TAG_PrintableString, "CA");
memset(&subject, 0, sizeof(X509_NAME));
x509_name_add_rdn(&subject, OID_at_countryName, ASN1_TAG_PrintableString, "CN");
x509_name_add_rdn(&subject, OID_at_stateOrProvinceName, ASN1_TAG_PrintableString, "Beijing");
x509_name_add_rdn(&subject, OID_at_organizationName, ASN1_TAG_PrintableString, "PKU");
x509_name_add_rdn(&subject, OID_at_organizationalUnitName, ASN1_TAG_PrintableString, "CS");
x509_name_add_rdn(&subject, OID_at_commonName, ASN1_TAG_PrintableString, "infosec");
time(&not_before);
rv = x509_certificate_set_version(cert, version);
rv = x509_certificate_set_serial_number(cert, sn, sizeof(sn));
rv = x509_certificate_set_signature_algor(cert, OID_sm2sign_with_sm3); // 这个不是应该在设置公钥的时候一起设置吗?
rv = x509_certificate_set_issuer(cert, &issuer);
rv = x509_certificate_set_subject(cert, &subject);
rv = x509_certificate_set_validity(cert, not_before, 365);
sm2_keygen(&key);
rv = x509_certificate_set_subject_public_key_info_sm2(cert, &key);
rv = x509_certificate_generate_subject_key_identifier(cert, 1);
rv = x509_certificate_sign_sm2(cert, &key);
rv = x509_certificate_to_der(cert, &p, &len);
print_der(buf, len);
printf("\n");
memset(cert, 0, sizeof(X509_CERTIFICATE));
x509_certificate_from_der(cert, &cp, &len);
x509_certificate_print(stdout, cert, 0, 0);
return 0;
}
static int test_x509_cert_request(void)
{
int err = 0;
X509_CERT_REQUEST req;
X509_NAME subject;
SM2_KEY keypair;
uint8_t buf[256];
uint8_t *p = buf;
const uint8_t *cp = buf;
size_t len = 0;
printf("%s : \n", __func__);
memset(&subject, 0, sizeof(X509_NAME));
x509_name_add_rdn(&subject, OID_at_countryName, ASN1_TAG_PrintableString, "CN");
x509_name_add_rdn(&subject, OID_at_stateOrProvinceName, ASN1_TAG_PrintableString, "Beijing");
x509_name_add_rdn(&subject, OID_at_organizationName, ASN1_TAG_PrintableString, "PKU");
x509_name_add_rdn(&subject, OID_at_organizationalUnitName, ASN1_TAG_PrintableString, "CS");
x509_name_add_rdn(&subject, OID_at_commonName, ASN1_TAG_PrintableString, "infosec");
sm2_keygen(&keypair);
if (x509_cert_request_set_sm2(&req, &subject, &keypair) != 1
|| x509_cert_request_sign_sm2(&req, &keypair) != 1
|| x509_cert_request_to_der(&req, &p, &len) != 1) {
error_print();
err++;
goto end;
}
print_der(buf, len);
printf("\n");
memset(&req, 0, sizeof(req));
if (x509_cert_request_from_der(&req, &cp, &len) != 1) {
error_print();
err++;
goto end;
}
x509_cert_request_print(stdout, &req, 0, 0);
end:
return err;
}
int main(void)
{
int err = 0;
//err += test_x509_validity();
err += test_x509_signature_algor(OID_sm2sign_with_sm3);
err += test_x509_signature_algor(OID_rsasign_with_sm3);
err += test_x509_name();
err += test_x509_public_key_info();
err += test_x509_certificate();
err += test_x509_cert_request();
//test_x509_extensions();
return 1;
}
Reference in New Issue View Git Blame Copy Permalink