Skip to content

Instantly share code, notes, and snippets.

@ipid
Last active December 6, 2022 18:21
Show Gist options
  • Save ipid/369877b7055dd7b2970fae3181fc9e54 to your computer and use it in GitHub Desktop.
Save ipid/369877b7055dd7b2970fae3181fc9e54 to your computer and use it in GitHub Desktop.
使用 GmSSL v3.0.0 验证国密证书签名合法性,并显示证书、证书签名非法原因。
#include <stdint.h>
#include <stdio.h>
#include <string.h>
#include <cstdint>
#include <iostream>
#include <memory>
#include <gmssl/oid.h>
#include <gmssl/sm2.h>
#include <gmssl/x509.h>
#include <time.h>
enum {
GuoMiVerify_OK = 0,
GuoMiVerify_CERT_NOT_YET_VALID = 1,
GuoMiVerify_CERT_EXPIRED = 2,
GuoMiVerify_CERT_SIGN_INVALID = 3,
GuoMiVerify_CERT_INVALID = 4,
GuoMiVerify_CA_CERT_INVALID = 5,
};
const uint8_t *myCert1 = (const uint8_t *)"\x30\x82\x02\xCF\x30\x82\x02\x72\xA0\x03\x02\x01\x02\x02\x05\x13\x36\x39\x33\x70\x30\x0C\x06\x08\x2A\x81\x1C\xCF\x55\x01\x83\x75\x05\x00\x30\x25\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x4E\x31\x16\x30\x14\x06\x03\x55\x04\x0A\x0C\x0D\x43\x46\x43\x41\x20\x53\x4D\x32\x20\x4F\x43\x41\x31\x30\x1E\x17\x0D\x32\x31\x30\x36\x31\x31\x30\x39\x30\x35\x32\x30\x5A\x17\x0D\x32\x36\x30\x36\x31\x39\x30\x38\x31\x36\x35\x36\x5A\x30\x81\x91\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x4E\x31\x0F\x30\x0D\x06\x03\x55\x04\x08\x0C\x06\xE5\x8C\x97\xE4\xBA\xAC\x31\x0F\x30\x0D\x06\x03\x55\x04\x07\x0C\x06\xE5\x8C\x97\xE4\xBA\xAC\x31\x27\x30\x25\x06\x03\x55\x04\x0A\x0C\x1E\xE4\xB8\xAD\xE5\x9B\xBD\xE9\x93\xB6\xE8\xA1\x8C\xE8\x82\xA1\xE4\xBB\xBD\xE6\x9C\x89\xE9\x99\x90\xE5\x85\xAC\xE5\x8F\xB8\x31\x11\x30\x0F\x06\x03\x55\x04\x0B\x0C\x08\x4C\x6F\x63\x61\x6C\x20\x52\x41\x31\x0C\x30\x0A\x06\x03\x55\x04\x0B\x0C\x03\x53\x53\x4C\x31\x16\x30\x14\x06\x03\x55\x04\x03\x0C\x0D\x65\x62\x73\x73\x65\x63\x2E\x62\x6F\x63\x2E\x63\x6E\x30\x59\x30\x13\x06\x07\x2A\x86\x48\xCE\x3D\x02\x01\x06\x08\x2A\x81\x1C\xCF\x55\x01\x82\x2D\x03\x42\x00\x04\xFB\x0D\x52\x7A\x19\x40\xCF\x42\x4A\x7B\xC2\xE7\xB4\xDB\xBD\xD7\xF2\x39\x30\xAE\x3C\xE4\xA5\x66\x63\xC0\xCB\x10\x4A\x16\x3F\x98\xD5\x01\xFF\xC6\x5B\x9B\x1D\xD5\x5F\xE5\x7A\x87\xAC\xED\x63\x08\x34\x62\xED\xA3\x79\x20\xA1\x97\x40\x5D\x78\xF7\x67\x3C\xD3\x73\xA3\x82\x01\x1E\x30\x82\x01\x1A\x30\x1F\x06\x03\x55\x1D\x23\x04\x18\x30\x16\x80\x14\x5C\x93\x58\x20\x5A\x24\x73\x56\x10\x1B\x64\x50\x10\xEC\xE9\xA7\xCA\x07\x41\x11\x30\x0C\x06\x03\x55\x1D\x13\x01\x01\xFF\x04\x02\x30\x00\x30\x48\x06\x03\x55\x1D\x20\x04\x41\x30\x3F\x30\x3D\x06\x08\x60\x81\x1C\x86\xEF\x2A\x01\x01\x30\x31\x30\x2F\x06\x08\x2B\x06\x01\x05\x05\x07\x02\x01\x16\x23\x68\x74\x74\x70\x3A\x2F\x2F\x77\x77\x77\x2E\x63\x66\x63\x61\x2E\x63\x6F\x6D\x2E\x63\x6E\x2F\x75\x73\x2F\x75\x73\x2D\x31\x34\x2E\x68\x74\x6D\x30\x37\x06\x03\x55\x1D\x1F\x04\x30\x30\x2E\x30\x2C\xA0\x2A\xA0\x28\x86\x26\x68\x74\x74\x70\x3A\x2F\x2F\x63\x72\x6C\x2E\x63\x66\x63\x61\x2E\x63\x6F\x6D\x2E\x63\x6E\x2F\x53\x4D\x32\x2F\x63\x72\x6C\x35\x36\x31\x38\x2E\x63\x72\x6C\x30\x18\x06\x03\x55\x1D\x11\x04\x11\x30\x0F\x82\x0D\x65\x62\x73\x73\x65\x63\x2E\x62\x6F\x63\x2E\x63\x6E\x30\x0E\x06\x03\x55\x1D\x0F\x01\x01\xFF\x04\x04\x03\x02\x06\xC0\x30\x1D\x06\x03\x55\x1D\x0E\x04\x16\x04\x14\x9E\xA8\x16\x8F\xCE\xAC\xA8\x03\x84\x71\x4E\x46\x96\xAA\xD3\x89\x17\xED\x3D\x4A\x30\x1D\x06\x03\x55\x1D\x25\x04\x16\x30\x14\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x02\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x01\x30\x0C\x06\x08\x2A\x81\x1C\xCF\x55\x01\x83\x75\x05\x00\x03\x49\x00\x30\x46\x02\x21\x00\xAF\x85\x2B\xDB\xBF\x98\x7A\x11\x19\x75\x61\xC0\x8B\x83\xE7\xF3\xF5\x49\x5E\x41\xB6\x8F\x7C\x16\x30\x52\x35\x03\xD9\xD0\x07\x55\x02\x21\x00\xC4\x42\xE2\x4F\x52\xFE\x64\x82\xD1\x4A\x54\xBC\x2A\xA1\xFC\x34\x02\xD9\x48\xBC\x4D\xC7\x1D\xE4\x6D\x88\x81\x84\xAC\x72\x75\x0D";
constexpr size_t myCert1Length = 723;
const uint8_t *myCert2 = (const uint8_t *)"\x30\x82\x02\xCE\x30\x82\x02\x72\xA0\x03\x02\x01\x02\x02\x05\x13\x36\x39\x33\x71\x30\x0C\x06\x08\x2A\x81\x1C\xCF\x55\x01\x83\x75\x05\x00\x30\x25\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x4E\x31\x16\x30\x14\x06\x03\x55\x04\x0A\x0C\x0D\x43\x46\x43\x41\x20\x53\x4D\x32\x20\x4F\x43\x41\x31\x30\x1E\x17\x0D\x32\x31\x30\x36\x31\x31\x30\x39\x30\x35\x32\x30\x5A\x17\x0D\x32\x36\x30\x36\x31\x39\x30\x38\x31\x36\x35\x36\x5A\x30\x81\x91\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x4E\x31\x0F\x30\x0D\x06\x03\x55\x04\x08\x0C\x06\xE5\x8C\x97\xE4\xBA\xAC\x31\x0F\x30\x0D\x06\x03\x55\x04\x07\x0C\x06\xE5\x8C\x97\xE4\xBA\xAC\x31\x27\x30\x25\x06\x03\x55\x04\x0A\x0C\x1E\xE4\xB8\xAD\xE5\x9B\xBD\xE9\x93\xB6\xE8\xA1\x8C\xE8\x82\xA1\xE4\xBB\xBD\xE6\x9C\x89\xE9\x99\x90\xE5\x85\xAC\xE5\x8F\xB8\x31\x11\x30\x0F\x06\x03\x55\x04\x0B\x0C\x08\x4C\x6F\x63\x61\x6C\x20\x52\x41\x31\x0C\x30\x0A\x06\x03\x55\x04\x0B\x0C\x03\x53\x53\x4C\x31\x16\x30\x14\x06\x03\x55\x04\x03\x0C\x0D\x65\x62\x73\x73\x65\x63\x2E\x62\x6F\x63\x2E\x63\x6E\x30\x59\x30\x13\x06\x07\x2A\x86\x48\xCE\x3D\x02\x01\x06\x08\x2A\x81\x1C\xCF\x55\x01\x82\x2D\x03\x42\x00\x04\xC9\xF5\xAB\xE8\x5B\x57\x48\xB5\xAA\x72\x80\xCB\xB4\x1E\x67\x76\x5F\x00\x3F\xA0\xA8\x75\xF8\x17\x93\x2A\x22\x1B\x1A\xAC\xE0\xE5\x5A\xC6\xAF\x7F\xF7\x5C\xA6\xB0\xB4\x17\x6E\xFB\xCD\xCE\x38\x69\x80\x41\xFF\x7B\x9C\xCB\x83\xC5\xA9\x76\x91\x1D\x0A\x7C\x3C\x4C\xA3\x82\x01\x1E\x30\x82\x01\x1A\x30\x1F\x06\x03\x55\x1D\x23\x04\x18\x30\x16\x80\x14\x5C\x93\x58\x20\x5A\x24\x73\x56\x10\x1B\x64\x50\x10\xEC\xE9\xA7\xCA\x07\x41\x11\x30\x0C\x06\x03\x55\x1D\x13\x01\x01\xFF\x04\x02\x30\x00\x30\x48\x06\x03\x55\x1D\x20\x04\x41\x30\x3F\x30\x3D\x06\x08\x60\x81\x1C\x86\xEF\x2A\x01\x01\x30\x31\x30\x2F\x06\x08\x2B\x06\x01\x05\x05\x07\x02\x01\x16\x23\x68\x74\x74\x70\x3A\x2F\x2F\x77\x77\x77\x2E\x63\x66\x63\x61\x2E\x63\x6F\x6D\x2E\x63\x6E\x2F\x75\x73\x2F\x75\x73\x2D\x31\x34\x2E\x68\x74\x6D\x30\x37\x06\x03\x55\x1D\x1F\x04\x30\x30\x2E\x30\x2C\xA0\x2A\xA0\x28\x86\x26\x68\x74\x74\x70\x3A\x2F\x2F\x63\x72\x6C\x2E\x63\x66\x63\x61\x2E\x63\x6F\x6D\x2E\x63\x6E\x2F\x53\x4D\x32\x2F\x63\x72\x6C\x35\x36\x31\x38\x2E\x63\x72\x6C\x30\x18\x06\x03\x55\x1D\x11\x04\x11\x30\x0F\x82\x0D\x65\x62\x73\x73\x65\x63\x2E\x62\x6F\x63\x2E\x63\x6E\x30\x0E\x06\x03\x55\x1D\x0F\x01\x01\xFF\x04\x04\x03\x02\x03\x38\x30\x1D\x06\x03\x55\x1D\x0E\x04\x16\x04\x14\x5F\xDA\xD4\x91\xEF\xCC\xBC\xDB\xA4\x56\xC1\x96\x35\xFB\x84\xDC\x51\xA6\x3F\xF6\x30\x1D\x06\x03\x55\x1D\x25\x04\x16\x30\x14\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x02\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x01\x30\x0C\x06\x08\x2A\x81\x1C\xCF\x55\x01\x83\x75\x05\x00\x03\x48\x00\x30\x45\x02\x21\x00\xC2\x38\x58\xB5\x79\x97\x20\x88\xDE\xAD\xFA\x1E\xA5\xC4\xBC\x12\x82\xB0\x21\xDC\x96\xA5\x97\xE6\x72\x03\x67\x8F\xC3\xAC\x5C\x8F\x02\x20\x37\x20\xEF\xA3\xBE\xB5\x76\x9C\x09\x85\xCC\x96\x7F\x25\x42\x02\x76\x93\x7F\x45\x5F\xE0\x32\xD6\x23\x52\xBE\x4B\xBA\x68\x52\xBF";
constexpr size_t myCert2Length = 722;
const uint8_t *caCert = (const uint8_t *)"\x30\x82\x02\x7B\x30\x82\x02\x1E\xA0\x03\x02\x01\x02\x02\x10\x25\x10\x01\xB3\x57\x65\x3E\x7F\xBC\xEA\x96\xFB\x6D\x3E\xF8\xC2\x30\x0C\x06\x08\x2A\x81\x1C\xCF\x55\x01\x83\x75\x05\x00\x30\x58\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x4E\x31\x30\x30\x2E\x06\x03\x55\x04\x0A\x0C\x27\x43\x68\x69\x6E\x61\x20\x46\x69\x6E\x61\x6E\x63\x69\x61\x6C\x20\x43\x65\x72\x74\x69\x66\x69\x63\x61\x74\x69\x6F\x6E\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x17\x30\x15\x06\x03\x55\x04\x03\x0C\x0E\x43\x46\x43\x41\x20\x43\x53\x20\x53\x4D\x32\x20\x43\x41\x30\x1E\x17\x0D\x31\x35\x30\x37\x31\x31\x30\x33\x31\x35\x31\x33\x5A\x17\x0D\x33\x35\x30\x37\x30\x34\x30\x33\x31\x35\x31\x33\x5A\x30\x25\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x4E\x31\x16\x30\x14\x06\x03\x55\x04\x0A\x0C\x0D\x43\x46\x43\x41\x20\x53\x4D\x32\x20\x4F\x43\x41\x31\x30\x59\x30\x13\x06\x07\x2A\x86\x48\xCE\x3D\x02\x01\x06\x08\x2A\x81\x1C\xCF\x55\x01\x82\x2D\x03\x42\x00\x04\x7C\x9A\x90\xA2\x8D\x3E\x26\x8C\x82\x47\x2D\x26\xB1\x2D\x98\x9B\x4E\xFA\xF2\x75\x75\xA5\x22\xEE\x2B\xDB\xAD\x4B\x58\xA3\xDF\xCA\x1B\x58\x3C\xA6\xAB\x4A\x0C\x45\x1C\x14\xCC\x33\x04\x40\x8D\x7D\x09\xA8\xE8\xDC\x95\x28\x18\x5C\x4E\xBE\xC0\x3E\x61\x6B\xB7\x5C\xA3\x81\xFA\x30\x81\xF7\x30\x1F\x06\x03\x55\x1D\x23\x04\x18\x30\x16\x80\x14\xE4\x8E\xDD\xD4\xA3\xE7\xB6\x0F\xEE\x1D\x27\x96\xCD\x75\xDC\x25\x25\x72\x69\xDD\x30\x0F\x06\x03\x55\x1D\x13\x01\x01\xFF\x04\x05\x30\x03\x01\x01\xFF\x30\x81\x93\x06\x03\x55\x1D\x1F\x04\x81\x8B\x30\x81\x88\x30\x55\xA0\x53\xA0\x51\xA4\x4F\x30\x4D\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x4E\x31\x13\x30\x11\x06\x03\x55\x04\x0A\x0C\x0A\x43\x46\x43\x41\x20\x43\x53\x20\x43\x41\x31\x0C\x30\x0A\x06\x03\x55\x04\x0B\x0C\x03\x43\x52\x4C\x31\x0C\x30\x0A\x06\x03\x55\x04\x0B\x0C\x03\x53\x4D\x32\x31\x0D\x30\x0B\x06\x03\x55\x04\x03\x0C\x04\x63\x72\x6C\x31\x30\x2F\xA0\x2D\xA0\x2B\x86\x29\x68\x74\x74\x70\x3A\x2F\x2F\x63\x72\x6C\x2E\x63\x66\x63\x61\x2E\x63\x6F\x6D\x2E\x63\x6E\x2F\x63\x73\x72\x63\x61\x2F\x53\x4D\x32\x2F\x63\x72\x6C\x31\x2E\x63\x72\x6C\x30\x0E\x06\x03\x55\x1D\x0F\x01\x01\xFF\x04\x04\x03\x02\x01\x06\x30\x1D\x06\x03\x55\x1D\x0E\x04\x16\x04\x14\x5C\x93\x58\x20\x5A\x24\x73\x56\x10\x1B\x64\x50\x10\xEC\xE9\xA7\xCA\x07\x41\x11\x30\x0C\x06\x08\x2A\x81\x1C\xCF\x55\x01\x83\x75\x05\x00\x03\x49\x00\x30\x46\x02\x21\x00\xA4\x6B\xE5\xB8\x94\x40\xC9\x19\xB7\x68\x40\xA7\xCC\xC8\xC2\x2B\xC2\x4B\x91\x8F\x15\x78\x7D\x7B\xBE\x09\x06\x48\xB1\x81\x85\x9D\x02\x21\x00\xA1\x6C\xD6\x74\x78\x38\x71\x71\xB1\xD8\xC7\x3D\x71\xB4\x08\x1C\x7E\xD4\x2F\xBE\x28\xC3\xE7\x55\x35\x93\xB1\xF1\xFD\x7C\xA3\xDF";
constexpr size_t caCertLength = 639;
const uint8_t *malformed = (const uint8_t *)"\x31\x82\x02\x7B\x30\x82\x02\x1E\xA0\x03\x02\x01\x02\x02\x10\x25\x10\x01\xB3\x57\x65\x3E\x7F\xBC\xEA\x96\xFB\x6D\x3E\xF8\xC2\x30\x0C\x06\x08\x2A\x81\x1C\xCF\x55\x01\x83\x75\x05\x00\x30\x58\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x4E\x31\x30\x30\x2E\x06\x03\x55\x04\x0A\x0C\x27\x43\x68\x69\x6E\x61\x20\x46\x69\x6E\x61\x6E\x63\x69\x61\x6C\x20\x43\x65\x72\x74\x69\x66\x69\x63\x61\x74\x69\x6F\x6E\x20\x41\x75\x74\x68\x6F\x72\x69\x74\x79\x31\x17\x30\x15\x06\x03\x55\x04\x03\x0C\x0E\x43\x46\x43\x41\x20\x43\x53\x20\x53\x4D\x32\x20\x43\x41\x30\x1E\x17\x0D\x31\x35\x30\x37\x31\x31\x30\x33\x31\x35\x31\x33\x5A\x17\x0D\x33\x35\x30\x37\x30\x34\x30\x33\x31\x35\x31\x33\x5A\x30\x25\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x4E\x31\x16\x30\x14\x06\x03\x55\x04\x0A\x0C\x0D\x43\x46\x43\x41\x20\x53\x4D\x32\x20\x4F\x43\x41\x31\x30\x59\x30\x13\x06\x07\x2A\x86\x48\xCE\x3D\x02\x01\x06\x08\x2A\x81\x1C\xCF\x55\x01\x82\x2D\x03\x42\x00\x04\x7C\x9A\x90\xA2\x8D\x3E\x26\x8C\x82\x47\x2D\x26\xB1\x2D\x98\x9B\x4E\xFA\xF2\x75\x75\xA5\x22\xEE\x2B\xDB\xAD\x4B\x58\xA3\xDF\xCA\x1B\x58\x3C\xA6\xAB\x4A\x0C\x45\x1C\x14\xCC\x33\x04\x40\x8D\x7D\x09\xA8\xE8\xDC\x95\x28\x18\x5C\x4E\xBE\xC0\x3E\x61\x6B\xB7\x5C\xA3\x81\xFA\x30\x81\xF7\x30\x1F\x06\x03\x55\x1D\x23\x04\x18\x30\x16\x80\x14\xE4\x8E\xDD\xD4\xA3\xE7\xB6\x0F\xEE\x1D\x27\x96\xCD\x75\xDC\x25\x25\x72\x69\xDD\x30\x0F\x06\x03\x55\x1D\x13\x01\x01\xFF\x04\x05\x30\x03\x01\x01\xFF\x30\x81\x93\x06\x03\x55\x1D\x1F\x04\x81\x8B\x30\x81\x88\x30\x55\xA0\x53\xA0\x51\xA4\x4F\x30\x4D\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x43\x4E\x31\x13\x30\x11\x06\x03\x55\x04\x0A\x0C\x0A\x43\x46\x43\x41\x20\x43\x53\x20\x43\x41\x31\x0C\x30\x0A\x06\x03\x55\x04\x0B\x0C\x03\x43\x52\x4C\x31\x0C\x30\x0A\x06\x03\x55\x04\x0B\x0C\x03\x53\x4D\x32\x31\x0D\x30\x0B\x06\x03\x55\x04\x03\x0C\x04\x63\x72\x6C\x31\x30\x2F\xA0\x2D\xA0\x2B\x86\x29\x68\x74\x74\x70\x3A\x2F\x2F\x63\x72\x6C\x2E\x63\x66\x63\x61\x2E\x63\x6F\x6D\x2E\x63\x6E\x2F\x63\x73\x72\x63\x61\x2F\x53\x4D\x32\x2F\x63\x72\x6C\x31\x2E\x63\x72\x6C\x30\x0E\x06\x03\x55\x1D\x0F\x01\x01\xFF\x04\x04\x03\x02\x01\x06\x30\x1D\x06\x03\x55\x1D\x0E\x04\x16\x04\x14\x5C\x93\x58\x20\x5A\x24\x73\x56\x10\x1B\x64\x50\x10\xEC\xE9\xA7\xCA\x07\x41\x11\x30\x0C\x06\x08\x2A\x81\x1C\xCF\x55\x01\x83\x75\x05\x00\x03\x49\x00\x30\x46\x02\x21\x00\xA4\x6B\xE5\xB8\x94\x40\xC9\x19\xB7\x68\x40\xA7\xCC\xC8\xC2\x2B\xC2\x4B\x91\x8F\x15\x78\x7D\x7B\xBE\x09\x06\x48\xB1\x81\x85\x9D\x02\x21\x00\xA1\x6C\xD6\x74\x78\x38\x71\x71\xB1\xD8\xC7\x3D\x71\xB4\x08\x1C\x7E\xD4\x2F\xBE\x28\xC3\xE7\x55\x35\x93\xB1\xF1\xFD\x7C\xA3\xDF";
constexpr size_t malformedLength = 500;
bool is_cert_correct_and_sm2_signed_impl(const uint8_t *cert, size_t certlen) {
const uint8_t *tbs;
size_t tbslen;
int sig_alg;
const uint8_t *sig;
size_t siglen;
if (x509_certificate_from_der(&tbs, &tbslen, &sig_alg, &sig, &siglen, &cert, &certlen) != 1) {
return false;
}
if (certlen != 0) {
return false;
}
if (sig_alg != OID_sm2sign_with_sm3) {
return false;
}
return true;
}
int verify_cert_with_gmssl_impl(const uint8_t *cert, size_t certlen, const uint8_t *cacert, size_t cacertlen, time_t verifyTime) {
if (!is_cert_correct_and_sm2_signed_impl(cert, certlen)) {
return GuoMiVerify_CERT_INVALID;
}
if (!is_cert_correct_and_sm2_signed_impl(cacert, cacertlen)) {
return GuoMiVerify_CA_CERT_INVALID;
}
time_t not_before;
time_t not_after;
x509_cert_get_details(cert, certlen,
NULL, // version
NULL, NULL, // serial
NULL, // signature_algor
NULL, NULL, // issuer
&not_before, &not_after, // validity
NULL, NULL, // subject
NULL, // subject_public_key
NULL, NULL, // issuer_unique_id
NULL, NULL, // subject_unique_id
NULL, NULL, // extensions
NULL, // signature_algor
NULL, NULL); // signature
if (verifyTime < not_before) {
return GuoMiVerify_CERT_NOT_YET_VALID;
}
if (verifyTime > not_after) {
return GuoMiVerify_CERT_EXPIRED;
}
int gmSslRes = x509_cert_verify_by_ca_cert(cert, certlen, cacert, cacertlen, SM2_DEFAULT_ID,
strlen(SM2_DEFAULT_ID));
if (gmSslRes != 1) {
return GuoMiVerify_CERT_SIGN_INVALID;
}
return GuoMiVerify_OK;
}
void test1() {
int res;
res = x509_cert_verify_by_ca_cert(myCert1, myCert1Length, caCert, caCertLength, SM2_DEFAULT_ID,
strlen(SM2_DEFAULT_ID));
printf("myCert1 -> caCert, res = %d\n", res);
res = x509_cert_verify_by_ca_cert(myCert2, myCert2Length, caCert, caCertLength, SM2_DEFAULT_ID,
strlen(SM2_DEFAULT_ID));
printf("myCert2 -> caCert, res = %d\n", res);
res = x509_cert_verify_by_ca_cert(myCert1, myCert1Length, myCert2, myCert2Length, SM2_DEFAULT_ID,
strlen(SM2_DEFAULT_ID));
printf("myCert1 -> myCert2, res = %d\n", res);
}
void test2() {
printf("myCert1 format check: %s\n", is_cert_correct_and_sm2_signed_impl(myCert1, myCert1Length) ? "true" : "false");
printf("myCert2 format check: %s\n", is_cert_correct_and_sm2_signed_impl(myCert1, myCert1Length) ? "true" : "false");
printf("caCert format check: %s\n", is_cert_correct_and_sm2_signed_impl(caCert, caCertLength) ? "true" : "false");
printf("malformed format check: %s\n",
is_cert_correct_and_sm2_signed_impl(malformed, malformedLength) ? "true" : "false");
}
void test3() {
int res;
res = verify_cert_with_gmssl_impl(myCert1, myCert1Length, caCert, caCertLength, time(nullptr));
printf("myCert1 -> caCert, time = now, res = %d\n", res);
res = verify_cert_with_gmssl_impl(myCert2, myCert2Length, caCert, caCertLength, time(nullptr));
printf("myCert2 -> caCert, time = now, res = %d\n", res);
res = verify_cert_with_gmssl_impl(myCert1, myCert1Length, myCert2, myCert2Length, time(nullptr));
printf("myCert1 -> myCert2, time = now, res = %d\n", res);
res = verify_cert_with_gmssl_impl(myCert1, myCert1Length, caCert, caCertLength, 33418803661);
printf("myCert1 -> caCert, time = <year 3029>, res = %d\n", res);
res = verify_cert_with_gmssl_impl(myCert2, myCert1Length, caCert, caCertLength, 1);
printf("myCert2 -> caCert, time = <year 1970>, res = %d\n", res);
}
int main() {
test2();
test3();
return 0;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment