1 /*
2 * Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
3 *
4 * Licensed under the Apache License, Version 2.0 (the License); you may
5 * not use this file except in compliance with the License.
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 */
9
10
11 #include <stdio.h>
12 #include <string.h>
13 #include <stdlib.h>
14 #include <gmssl/oid.h>
15 #include <gmssl/sm2.h>
16 #include <gmssl/asn1.h>
17 #include <gmssl/pkcs8.h>
18 #include <gmssl/error.h>
19
20
test_pbkdf2_params(void)21 static int test_pbkdf2_params(void)
22 {
23 uint8_t salt[8] = {0};
24 size_t saltlen;
25 int iter = 65536;
26 int keylen = 16;
27 int prf = OID_hmac_sm3;
28
29 uint8_t buf[128];
30 uint8_t *p = buf;
31 const uint8_t *cp = buf;
32 size_t len = 0;
33
34 const uint8_t *d;
35 size_t dlen;
36 const uint8_t *psalt;
37
38 if (pbkdf2_params_to_der(salt, sizeof(salt), iter, keylen, prf, &p, &len) != 1
39 || asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
40 || asn1_length_is_zero(len) != 1) {
41 error_print();
42 return -1;
43 }
44 pbkdf2_params_print(stderr, 0, 0, "PBKDF2-params", d, dlen);
45
46 p = buf;
47 cp = buf;
48 len = 0;
49 keylen = -1;
50 prf = -1;
51 if (pbkdf2_params_to_der(salt, sizeof(salt), iter, keylen, prf, &p, &len) != 1
52 || asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
53 || asn1_length_is_zero(len) != 1) {
54 error_print();
55 return -1;
56 }
57 pbkdf2_params_print(stderr, 0, 0, "PBKDF2-params", d, dlen);
58
59 p = buf;
60 cp = buf;
61 len = 0;
62 keylen = -1;
63 prf = -1;
64 if (pbkdf2_params_to_der(salt, sizeof(salt), iter, keylen, prf, &p, &len) != 1
65 || pbkdf2_params_from_der(&psalt, &saltlen, &iter, &keylen, &prf, &cp, &len) != 1
66 || asn1_length_is_zero(len) != 1) {
67 error_print();
68 return -1;
69 }
70 format_print(stderr, 0, 0, "PBKDF2-params\n");
71 format_bytes(stderr, 0, 4, "salt", psalt, saltlen);
72 format_print(stderr, 0, 4, "iterationCount: %d\n", iter);
73 format_print(stderr, 0, 4, "keyLength: %d\n", keylen);
74 format_print(stderr, 0, 4, "prf: %d\n", prf);
75
76 printf("%s() ok\n", __FUNCTION__);
77 return 0;
78 }
79
test_pbkdf2_algor(void)80 static int test_pbkdf2_algor(void)
81 {
82 uint8_t salt[8] = {0};
83 size_t saltlen;
84 int iter = 65536;
85 int keylen = 16;
86 int prf = OID_hmac_sm3;
87
88 uint8_t buf[128];
89 uint8_t *p = buf;
90 const uint8_t *cp = buf;
91 size_t len = 0;
92
93 const uint8_t *d;
94 size_t dlen;
95 const uint8_t *psalt;
96
97 if (pbkdf2_algor_to_der(salt, sizeof(salt), iter, keylen, prf, &p, &len) != 1
98 || asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
99 || asn1_length_is_zero(len) != 1) {
100 error_print();
101 return -1;
102 }
103 pbkdf2_algor_print(stderr, 0, 0, "PBKDF2", d, dlen);
104
105 p = buf;
106 cp = buf;
107 len = 0;
108 if (pbkdf2_algor_to_der(salt, sizeof(salt), iter, keylen, prf, &p, &len) != 1
109 || asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
110 || asn1_length_is_zero(len) != 1) {
111 error_print();
112 return -1;
113 }
114 format_print(stderr, 0, 0, "PBKDF2\n");
115 format_bytes(stderr, 0, 4, "salt", psalt, saltlen);
116 format_print(stderr, 0, 4, "iterationCount: %d\n", iter);
117 format_print(stderr, 0, 4, "keyLength: %d\n", keylen);
118 format_print(stderr, 0, 4, "prf: %d\n", prf);
119
120 printf("%s() ok\n", __FUNCTION__);
121 return 0;
122 }
123
test_pbes2_enc_algor(void)124 static int test_pbes2_enc_algor(void)
125 {
126 int cipher = OID_sm4_cbc;
127 uint8_t iv[16] = {1};
128
129 uint8_t buf[128];
130 uint8_t *p = buf;
131 const uint8_t *cp = buf;
132 size_t len = 0;
133
134 const uint8_t *d;
135 size_t dlen;
136 const uint8_t *piv;
137 size_t ivlen;
138
139 if (pbes2_enc_algor_to_der(cipher, iv, sizeof(iv), &p, &len) != 1
140 || asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
141 || asn1_length_is_zero(len) != 1) {
142 error_print();
143 return -1;
144 }
145 pbes2_enc_algor_print(stderr, 0, 0, "PBES2-Enc", d, dlen);
146
147 p = buf;
148 cp = buf;
149 len = 0;
150
151 if (pbes2_enc_algor_to_der(cipher, iv, sizeof(iv), &p, &len) != 1
152 || pbes2_enc_algor_from_der(&cipher, &piv, &ivlen, &cp, &len) != 1
153 || asn1_check(cipher == OID_sm4_cbc) != 1
154 || asn1_check(ivlen == sizeof(iv)) != 1
155 || asn1_length_is_zero(len) != 1) {
156 error_print();
157 return -1;
158 }
159
160 printf("%s() ok\n", __FUNCTION__);
161 return 0;
162 }
163
test_pbes2_params(void)164 static int test_pbes2_params(void)
165 {
166 uint8_t salt[8] = {0};
167 size_t saltlen;
168 int iter = 65536;
169 int keylen = -1;
170 int prf = OID_hmac_sm3;
171 int cipher = OID_sm4_cbc;
172 uint8_t iv[16];
173
174 uint8_t buf[256];
175 uint8_t *p = buf;
176 const uint8_t *cp = buf;
177 size_t len = 0;
178
179 const uint8_t *d;
180 size_t dlen;
181 const uint8_t *psalt;
182 const uint8_t *piv;
183 size_t ivlen;
184
185 if (pbes2_params_to_der(salt, sizeof(salt), iter, keylen, prf, cipher, iv, sizeof(iv), &p, &len) != 1
186 || asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
187 || asn1_length_is_zero(len) != 1) {
188 error_print();
189 return -1;
190 }
191 pbes2_params_print(stderr, 0, 0, "PBES2-params", d, dlen);
192
193 p = buf;
194 cp = buf;
195 len = 0;
196
197 if (pbes2_params_to_der(salt, sizeof(salt), iter, keylen, prf, cipher, iv, sizeof(iv), &p, &len) != 1
198 || pbes2_params_from_der(&psalt, &saltlen, &iter, &keylen, &prf, &cipher, &piv, &ivlen, &cp, &len) != 1
199 || asn1_check(saltlen == sizeof(salt)) != 1
200 || asn1_check(iter == 65536) != 1
201 || asn1_check(keylen == -1) != 1
202 || asn1_check(prf == OID_hmac_sm3) != 1
203 || asn1_check(cipher == OID_sm4_cbc) != 1
204 || asn1_check(ivlen == sizeof(iv)) != 1
205 || asn1_length_is_zero(len) != 1) {
206 error_print();
207 return -1;
208 }
209 printf("%s() ok\n", __FUNCTION__);
210 return 0;
211 }
212
test_pbes2_algor(void)213 static int test_pbes2_algor(void)
214 {
215 uint8_t salt[8] = {0};
216 size_t saltlen;
217 int iter = 65536;
218 int keylen = -1;
219 int prf = OID_hmac_sm3;
220 int cipher = OID_sm4_cbc;
221 uint8_t iv[16];
222
223 uint8_t buf[256];
224 uint8_t *p = buf;
225 const uint8_t *cp = buf;
226 size_t len = 0;
227
228 const uint8_t *d;
229 size_t dlen;
230 const uint8_t *psalt;
231 const uint8_t *piv;
232 size_t ivlen;
233
234 if (pbes2_algor_to_der(salt, sizeof(salt), iter, keylen, prf, cipher, iv, sizeof(iv), &p, &len) != 1
235 || asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
236 || asn1_length_is_zero(len) != 1) {
237 error_print();
238 return -1;
239 }
240 pbes2_algor_print(stderr, 0, 0, "PBES2", d, dlen);
241
242 p = buf;
243 cp = buf;
244 len = 0;
245
246 if (pbes2_algor_to_der(salt, sizeof(salt), iter, keylen, prf, cipher, iv, sizeof(iv), &p, &len) != 1
247 || pbes2_algor_from_der(&psalt, &saltlen, &iter, &keylen, &prf, &cipher, &piv, &ivlen, &cp, &len) != 1
248 || asn1_check(saltlen == sizeof(salt)) != 1
249 || asn1_check(iter == 65536) != 1
250 || asn1_check(keylen == -1) != 1
251 || asn1_check(prf == OID_hmac_sm3) != 1
252 || asn1_check(cipher == OID_sm4_cbc) != 1
253 || asn1_check(ivlen == sizeof(iv)) != 1
254 || asn1_length_is_zero(len) != 1) {
255 error_print();
256 return -1;
257 }
258 printf("%s() ok\n", __FUNCTION__);
259 return 0;
260 }
261
test_pkcs8_enced_private_key_info(void)262 static int test_pkcs8_enced_private_key_info(void)
263 {
264 uint8_t salt[8] = { 1,0 };
265 int iter = 65536;
266 int keylen = -1;
267 int prf = OID_hmac_sm3;
268 int cipher = OID_sm4_cbc;
269 uint8_t iv[16] = { 2,0 };
270 uint8_t enced[128] = { 3,0 };
271
272 uint8_t buf[256];
273 uint8_t *p = buf;
274 const uint8_t *cp = buf;
275 size_t len = 0;
276
277 const uint8_t *d;
278 size_t dlen;
279 const uint8_t *psalt;
280 size_t saltlen;
281 const uint8_t *piv;
282 size_t ivlen;
283 const uint8_t *penced;
284 size_t encedlen;
285
286 if (pkcs8_enced_private_key_info_to_der(
287 salt, sizeof(salt), iter, keylen, prf,
288 cipher, iv, sizeof(iv),
289 enced, sizeof(enced), &p, &len) != 1
290 || asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
291 || asn1_length_is_zero(len) != 1) {
292 error_print();
293 return -1;
294 }
295 pkcs8_enced_private_key_info_print(stderr, 0, 0, "EncryptedPrivateKeyInfo", d, dlen);
296
297 p = buf;
298 cp = buf;
299 len = 0;
300
301 if (pkcs8_enced_private_key_info_to_der(
302 salt, sizeof(salt), iter, keylen, prf,
303 cipher, iv, sizeof(iv),
304 enced, sizeof(enced), &p, &len) != 1
305 || pkcs8_enced_private_key_info_from_der(
306 &psalt, &saltlen, &iter, &keylen, &prf,
307 &cipher, &piv, &ivlen,
308 &penced, &encedlen, &cp, &len) != 1
309 || asn1_check(saltlen == sizeof(salt)) != 1
310 || asn1_check(keylen == -1) != 1
311 || asn1_check(prf == OID_hmac_sm3) != 1
312 || asn1_check(cipher == OID_sm4_cbc) != 1
313 || asn1_check(ivlen == sizeof(iv)) != 1
314 || asn1_check(encedlen == sizeof(enced)) != 1
315 || asn1_length_is_zero(len) != 1) {
316 error_print();
317 return -1;
318 }
319
320 printf("%s() ok\n", __FUNCTION__);
321 return 0;
322 }
323
test_pkcs8(void)324 static int test_pkcs8(void)
325 {
326 int err = 0;
327 SM2_KEY sm2_key;
328 SM2_KEY sm2_buf;
329 const uint8_t *attrs;
330 size_t attrslen;
331 uint8_t buf[1024];
332 uint8_t *p = buf;
333 const uint8_t *cp = buf;
334 size_t len = 0;
335
336 sm2_key_generate(&sm2_key);
337 memcpy(&sm2_buf, &sm2_key, sizeof(sm2_key));
338 sm2_key_print(stderr, 0, 0, "SM2_KEY", &sm2_key);
339
340 if (sm2_private_key_info_encrypt_to_der(&sm2_key, "password", &p, &len) != 1) {
341 error_print();
342 return -1;
343 }
344 {
345 const uint8_t *a = buf;
346 size_t alen = len;
347 const uint8_t *d;
348 size_t dlen;
349 if (asn1_sequence_from_der(&d, &dlen, &a, &alen) != 1
350 || asn1_length_is_zero(alen) != 1) {
351 error_print();
352 return -1;
353 }
354 pkcs8_enced_private_key_info_print(stderr, 0, 0, "test_pkcs8: 392", d, dlen);
355 fprintf(stderr, "\n");
356 }
357
358 memset(&sm2_key, 0, sizeof(sm2_key));
359 if (sm2_private_key_info_decrypt_from_der(&sm2_key, &attrs, &attrslen, "password", &cp, &len) != 1
360 || asn1_length_is_zero(len) != 1) {
361 error_print();
362 return -1;
363 }
364 fprintf(stderr, "\n");
365 sm2_key_print(stderr, 0, 0, "SM2_KEY", &sm2_key);
366
367 printf("%s() ok\n", __FUNCTION__);
368 return 0;
369 }
370
test_pkcs8_pem(void)371 static int test_pkcs8_pem(void)
372 {
373 int err = 0;
374 char *file = "test_pkcs8_pem.pem";
375 char *pass = "password";
376 SM2_KEY sm2_key;
377 SM2_KEY sm2_buf;
378 const uint8_t *attrs;
379 size_t attrs_len;
380 FILE *fp;
381
382 sm2_key_generate(&sm2_key);
383 memcpy(&sm2_buf, &sm2_key, sizeof(sm2_key));
384 sm2_key_print(stderr, 0, 0, "SM2_KEY", &sm2_key);
385
386 if (!(fp = fopen(file, "w"))
387 || sm2_private_key_info_encrypt_to_pem(&sm2_key, pass, fp) != 1) {
388 error_print();
389 return -1;
390 }
391 fclose(fp);
392
393 memset(&sm2_key, 0, sizeof(sm2_key));
394 if (!(fp = fopen(file, "r"))
395 || sm2_private_key_info_decrypt_from_pem(&sm2_key, pass, fp) != 1) {
396 error_print();
397 return -1;
398 }
399 sm2_key_print(stderr, 0, 0, "SM2_KEY", &sm2_key);
400
401 printf("%s() ok\n", __FUNCTION__);
402 return 0;
403 }
404
main(void)405 int main(void)
406 {
407 int err = 0;
408 /*
409 err += test_pbkdf2_params();
410 err += test_pbkdf2_algor();
411 err += test_pbes2_enc_algor();
412 err += test_pbes2_params();
413 err += test_pbes2_algor();
414 err += test_pkcs8_enced_private_key_info();
415 */
416 err += test_pkcs8();
417 // err += test_pkcs8_pem();
418 return err;
419 }
420