基于GmSSL的国密SSL单向验证客户端C源码

已于 2022-05-18 10:00:50 修改
阅读量4.5k 收藏 3
点赞数 3
分类专栏: GmSSL 文章标签: ssl https
于 2022-04-12 09:52:57 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/hlovefp/article/details/124116335
版权
1 搭建测试服务器

基于GmSSL搭建Nginx国密反代服务器

2 C 源码
#include <stdio.h>
#include <string.h>
#include <errno.h>
#include <signal.h>
#include <netdb.h>
#include <unistd.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <openssl/err.h>
#include <openssl/ssl.h>

#define Eprintf printf("[%s][%s][%d] ",__FILE__,__func__,__LINE__);printf

#define CONNECT_TIME_OUT    5
#define SEND_TIME_OUT       5
#define RECV_TIME_OUT       5
#define SSL_IS_TIMEOUT      (-1 == ssl_alarm_flag)

int ssl_alarm_flag;

void ssl_sigset_alarm(int sig)
{
	ssl_alarm_flag = -1;
    alarm(0);
    signal(SIGALRM, SIG_DFL);
}

void ssl_set_alarm(int time_out)
{
	ssl_alarm_flag = 0;
	signal(SIGALRM , ssl_sigset_alarm);
	alarm(time_out);
}

void ssl_unset_alarm(void)
{
    alarm(0);
    signal(SIGALRM, SIG_DFL);
}

void ssl_print_x509(X509 *cert)
{
    char *line;
    char buf[1024];
    int  len;
    X509_NAME *p=NULL;
    ASN1_TIME *t=NULL;
    char oid[128] = {0};

    if (NULL == cert) {
        Eprintf("无证书信息!\n");
    	return;
    }

    Eprintf("版本         : V%ld\n", X509_get_version(cert)+1);
    Eprintf("序列号       : %x\n", ASN1_INTEGER_get(X509_get_serialNumber(cert)));

    int nid = X509_get_signature_nid(cert);

/* openssl 1.1.1 不允许访问结构体成员变量
    //签名算法Oid
    ASN1_OBJECT* salg = cert->sig_alg->algorithm;
*/
    ASN1_OBJECT* salg = OBJ_nid2obj(nid);
    if (NULL != salg) {
        memset(oid,0x00,sizeof(oid));
        OBJ_obj2txt(oid, 128, salg, 1);
        Eprintf("签名算法Oid  : %s\n", oid);
    }

    Eprintf("%d %s\n",nid, OBJ_nid2ln(nid));
    Eprintf("%d %s\n",nid, OBJ_nid2sn(nid));

    p = X509_get_issuer_name(cert);
    if (NULL != p) {
        if (NULL != (line = X509_NAME_oneline(p, 0, 0))) {
            Eprintf("颁发者       : %s\n", line);
            free(line);
        }
    }

    t = X509_get_notBefore(cert);
    if (NULL != t) {
        Eprintf("有效期从     : %s\n", ASN1_STRING_data(t));
    }

    t = X509_get_notAfter(cert);
    if (NULL != t) {
        Eprintf("到           : %s\n", ASN1_STRING_data(t));
    }

    p = X509_get_subject_name(cert);
    if (NULL != p) {
        if (NULL != (line = X509_NAME_oneline(p, 0, 0))) {
            Eprintf("使用者       : %s\n", line);
            free(line);
        }

        memset(buf, 0x00, sizeof(buf));
        X509_NAME_get_text_by_NID(p, NID_countryName, buf, sizeof(buf));
        Eprintf("      双字母国家/地区代码 C=%s\n", buf);

        memset(buf, 0x00, sizeof(buf));
        X509_NAME_get_text_by_NID(p, NID_organizationName, buf, sizeof(buf));
        Eprintf("      组织名称 O=%s\n", buf);

        memset(buf, 0x00, sizeof(buf));
        X509_NAME_get_text_by_NID(p, NID_organizationalUnitName, buf, sizeof(buf));
        Eprintf("      组织单位名称 OU=%s\n", buf);

        memset(buf, 0x00, sizeof(buf));
        X509_NAME_get_text_by_NID(p, NID_commonName, buf, sizeof(buf));
        Eprintf("      域名 CN=%s\n", buf);

        memset(buf, 0x00, sizeof(buf));
        X509_NAME_get_text_by_NID(p, NID_localityName, buf, sizeof(buf));
        Eprintf("      城市或区域名称 L=%s\n", buf);

        memset(buf, 0x00, sizeof(buf));
        X509_NAME_get_text_by_NID(p, NID_stateOrProvinceName, buf, sizeof(buf));
        Eprintf("      省/市/自治区名称 ST=%s\n", buf);
    }


    //X509_PUBKEY *X509_get_X509_PUBKEY(const X509 *x);
    //公钥算法
    //目前常见的证书算法为RSA和ECC,ECC在国内又成为SM2。
    //SM2是国家密码管理局基于椭圆算法(ECC)制定的国内非对称算法标准。
    EVP_PKEY *pk = X509_get_pubkey(cert);
    if (NULL != pk) {
        //switch (pk->type) { //openssl 1.1.1不允许访问成员变量
        switch(EVP_PKEY_base_id(pk)) {
            case EVP_PKEY_RSA : Eprintf("公钥        : RSA\n"); break;
            case EVP_PKEY_EC  : Eprintf("公钥        : ECC\n"); break;
            case EVP_PKEY_DSA : Eprintf("公钥        : DSA\n"); break;
            case EVP_PKEY_DH  : Eprintf("公钥        : DH\n"); break;
            default : Eprintf("公钥   : 未知\n"); break;
        }
    }
    
    // 证书按用途分为"签名证书"和"加密证书"。
    // "签名证书"的公钥用来验证签名,而"加密证书"的公钥则用来加密数据。
    //X509_check_ca(cert);
    //if ((cert->ex_kusage & X509v3_KU_DATA_ENCIPHERMENT) == X509v3_KU_DATA_ENCIPHERMENT) {
    if ((X509_get_key_usage(cert) & X509v3_KU_DATA_ENCIPHERMENT) == X509v3_KU_DATA_ENCIPHERMENT) {
        Eprintf("证书用途    : 加密\n");
    } else if ((X509_get_key_usage(cert) & X509v3_KU_DIGITAL_SIGNATURE) == X509v3_KU_DIGITAL_SIGNATURE) {
        Eprintf("证书用途    : 签名\n");
    }


    //证书的指纹算法
    //int X509_get_signature_type(const X509 *x);
    Eprintf("签名算法=%d\n", X509_get_signature_type(cert));
    //证书发行者对证书的签名(指纹)

}

void ssl_print_info(const SSL *ssl)
{
    X509 *cert = NULL;

    if (NULL == ssl)
    	return;

    // 支持的算法列表
    const char *cl = NULL;
    int priority = 0;
    for(priority=0; priority < 10000; priority++){
        if( (cl = SSL_get_cipher_list(ssl, priority)) != NULL) {
        	Eprintf("SSL cipher list: %d %s\n", priority, cl);
        }
    }

    Eprintf( "SSL using cipher        : %s\n", SSL_get_cipher(ssl)); // SM2-WITH-SMS4-SM3
    Eprintf( "SSL using cipher_name   : %s\n", SSL_get_cipher_name(ssl));
    Eprintf( "SSL using cipher_version: %s\n", SSL_get_cipher_version(ssl));

    // 服务端证书
    //cert = SSL_get_peer_certificate(ssl);
    STACK_OF(X509) *sk = SSL_get_peer_cert_chain(ssl);
    while(NULL != (cert = sk_X509_pop(sk))) {
        ssl_print_x509(cert);
    }
}

int ssl_send(const char* ip, const int port, const char *send_buf, char *recv_buf, int recv_buf_size)
{
    int    ret;
	int	   client_fd = -1;
    int    total_len = 0;
    int    len       = 0;
    struct sockaddr_in stSockAddr;

    SSL_CTX          *ctx  = NULL;
    SSL              *ssl  = NULL;
	const SSL_METHOD *meth = NULL;

    meth = GMTLS_client_method();  //使用GMTLSv1.1协议
    if(meth == NULL) {
    	Eprintf("SSLv23_client_method err [%d:%s]\n", errno,strerror(errno));
    	ret = -1;
    	goto _ErrorRet;
    }

    ctx = SSL_CTX_new(meth);         //申请SSL会话环境
    if(ctx == NULL)
    {
        Eprintf("SSL_CTX_new err [%d:%s]\n", errno,strerror(errno));
        ret = -1;
        goto _ErrorRet;
    }


#if 0 // 指定使用的算法
	const char * cipher_list = "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH";
	if (SSL_CTX_set_cipher_list(ctx, cipher_list) == 0) {
		Eprintf("Failed to set cipher list: %s\n", cipher_list);
		ret = -1;
		goto _ErrorRet;
	}
#endif



    //建立普通的TCP连接
    client_fd = socket(AF_INET, SOCK_STREAM, 0);
    if(client_fd < 0)
    {
        Eprintf("socket fail, err[%d:%s]\n", errno, strerror(errno));
        ret = -1;
        goto _ErrorRet;
    }

    memset(&stSockAddr, 0, sizeof(stSockAddr));
    stSockAddr.sin_family = AF_INET;
    stSockAddr.sin_port = htons(port);
    stSockAddr.sin_addr.s_addr = inet_addr(ip);

    Eprintf("connect[%s:%d]\n" , ip, port);

    ssl_set_alarm(CONNECT_TIME_OUT);
    ret = connect(client_fd,(struct sockaddr *) &stSockAddr, sizeof(stSockAddr));
    ssl_unset_alarm();
    if (SSL_IS_TIMEOUT) {
    	Eprintf("connect server[%s:%d] time out\n", ip,port);
		ret = -1;
		goto _ErrorRet;
    } else if(ret != 0) {
        Eprintf("connect server[%s:%d] fail, err[%d:%s]\n", ip, port, errno, strerror(errno));
        ret = -1;
        goto _ErrorRet;
    }
    

    ssl = SSL_new(ctx);   //创建SSL套接字
    if(ssl == NULL)
    {
        Eprintf("SSL_new err [%d:%s]\n", errno,strerror(errno));
        ret = -1;
        goto _ErrorRet;
    }

    SSL_set_fd(ssl, client_fd); //将TCP套接字与SSL套接字联系起来

    ssl_set_alarm(CONNECT_TIME_OUT);
    ret = SSL_connect(ssl);     //启动SSL链接
    ssl_unset_alarm();

	if (SSL_IS_TIMEOUT) {
		Eprintf("SSL_connect [%s:%d] time out\n", ip,port);
		ret = -1;
		goto _ErrorRet;
	} else if(ret <= 0) {
        ERR_print_errors_fp(stderr);
        Eprintf("SSL_connect ret[%d][%d:%s]\n", ret, errno, strerror(errno));
        ret = -1;
        goto _ErrorRet;
    }

    ssl_print_info(ssl);


    Eprintf("SSL_write[%s]\n" , send_buf);

    total_len = strlen(send_buf);
    len       = 0;
    while (len < total_len) {
    	ssl_set_alarm(SEND_TIME_OUT);
		ret = SSL_write(ssl, send_buf+len, total_len-len);
		ssl_unset_alarm();

		if (SSL_IS_TIMEOUT) {
			Eprintf("SSL_write server[%s:%d] time out\n", ip,port);
			ret = -1;
			goto _ErrorRet;
		} else if(ret <= 0) {
			Eprintf("SSL_write err [%d:%s]\n", errno,strerror(errno));
			ret = -1;
			goto _ErrorRet;
		}

		len += ret;
    }

    //read from the TLS/SSL connection
    ssl_set_alarm(RECV_TIME_OUT);
	ret = SSL_read(ssl, recv_buf, recv_buf_size-1);
	ssl_unset_alarm();
	if (SSL_IS_TIMEOUT) {
		Eprintf("SSL_read server[%s:%d] time out\n", ip,port);
		ret = -1;
		goto _ErrorRet;
	} else if(ret <= 0) {
		Eprintf("SSL_read err [%d:%s]", errno,strerror(errno));
		ret = -1;
		goto _ErrorRet;
	}
    recv_buf[ret] = '\0';

    Eprintf("SSL_read[%s]\n" , recv_buf);

    ret = 0;

_ErrorRet:
	if(NULL != ssl) {
		SSL_shutdown(ssl);    //结束SSL通信
		SSL_free(ssl);        //释放SSL套接字
	}
	if(-1 != client_fd) {
		close(client_fd);
	}
	if(NULL != ctx) {
		SSL_CTX_free(ctx);    //释放SSL会话环境
	}

	return ret;
}

int main(void)
{
    //初始化 openssl 环境
    SSLeay_add_ssl_algorithms(); // 添加SSL的加密/HASH算法
    SSL_load_error_strings();    // 加载SSL错误信息

	char  *host = "192.168.218.141";
	int    port = 1443;
	char  *body = "{\"loginName\":\"jiean\"}";
	char   send_buf[1024];
	char   recv_buf[1024];

	memset(send_buf, 0x00, sizeof(send_buf));
	memset(recv_buf, 0x00, sizeof(recv_buf));
	
	snprintf(send_buf, sizeof(send_buf),
			"POST /horn/pushmsg HTTP/1.1\r\n" \
			"Accept: */*\r\n" \
			"Accept-Language: zh-cn\r\n" \
			"Content-Type: application/json\r\n" \
			"User-Agent: herve\r\n" \
			"Host: %s:%d\r\n" \
			"Content-Length: %d\r\n" \
			"Connection: close\r\n" \
			"Cache-Control: no-cache\r\n\r\n%s",
			host, port, strlen(body), body);
	ssl_send(host,port,send_buf,recv_buf,sizeof(recv_buf));
	return 0;
}
3 编译执行
>gcc GmSSLC.c -o GmSSLC -lssl -lcrypto
>./GmSSLC
[GmSSLC.c][ssl_send][245] connect[192.168.218.141:1443]
Z=297C46B49FA33064B85EE53C6A6F333AC1CBF4F0A4FA3F250F5F20A92195511A
C=00021930820215308201BCA00302010202043B9AD1D1300A06082A811CCF55018375307F310B300906035504061302434E3111300F06035504080C084775616E446F6E673111300F06035504070C085368656E5A68656E31233021060355040A0C1A4E455720504F5320544543484E4F4C4F4759204C494D4954454431163014060355040B0C0D53797320536F66742044657074310D300B06035504030C04526F6F74301E170D3232303332393037303633305A170D3332303332363037303633305A30818A310B300906035504061302434E3111300F06035504080C084775616E446F6E673111300F06035504070C085368656E5A68656E31233021060355040A0C1A4E455720504F5320544543484E4F4C4F4759204C494D4954454431163014060355040B0C0D53797320536F667420446570743118301606035504030C0F3139322E3136382E3231382E3134313059301306072A8648CE3D020106082A811CCF5501822D03420004126303D018D4812AD1057DA8AF11A55959DB6912A0E222C5717253224E32B167EC11AC78700C6319129A2BE6563B3D90FBAEF83094B9BA6C43983B0731432A0DA31A301830090603551D1304023000300B0603551D0F040403020338300A06082A811CCF550183750347003044022065A52BBECFD0B03C0E805A5FD792A8B1109D792CCD413486971CB75E1AEC549802205192FF4C6C2FC7B79669F0FB9B5799CED5DC318A2A440BA985F21A02088A5DF1
ssl_get_algorithm2=41e99a3508x
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 0 ECDHE-ECDSA-AES256-GCM-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 1 ECDHE-RSA-AES256-GCM-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 2 DHE-RSA-AES256-GCM-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 3 ECDHE-ECDSA-CHACHA20-POLY1305
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 4 ECDHE-RSA-CHACHA20-POLY1305
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 5 DHE-RSA-CHACHA20-POLY1305
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 6 ECDHE-ECDSA-AES128-GCM-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 7 ECDHE-RSA-AES128-GCM-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 8 DHE-RSA-AES128-GCM-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 9 ECDHE-SM2-WITH-SMS4-GCM-SM3
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 10 ECDHE-ECDSA-AES256-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 11 ECDHE-RSA-AES256-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 12 DHE-RSA-AES256-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 13 ECDHE-ECDSA-AES128-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 14 ECDHE-RSA-AES128-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 15 DHE-RSA-AES128-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 16 ECDHE-SM2-WITH-SMS4-SM3
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 17 ECDHE-ECDSA-AES256-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 18 ECDHE-RSA-AES256-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 19 DHE-RSA-AES256-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 20 ECDHE-ECDSA-AES128-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 21 ECDHE-RSA-AES128-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 22 DHE-RSA-AES128-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 23 RSA-PSK-AES256-GCM-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 24 DHE-PSK-AES256-GCM-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 25 RSA-PSK-CHACHA20-POLY1305
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 26 DHE-PSK-CHACHA20-POLY1305
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 27 ECDHE-PSK-CHACHA20-POLY1305
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 28 AES256-GCM-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 29 PSK-AES256-GCM-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 30 PSK-CHACHA20-POLY1305
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 31 RSA-PSK-AES128-GCM-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 32 DHE-PSK-AES128-GCM-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 33 AES128-GCM-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 34 PSK-AES128-GCM-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 35 AES256-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 36 AES128-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 37 ECDHE-PSK-AES256-CBC-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 38 ECDHE-PSK-AES256-CBC-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 39 SRP-RSA-AES-256-CBC-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 40 SRP-AES-256-CBC-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 41 RSA-PSK-AES256-CBC-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 42 DHE-PSK-AES256-CBC-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 43 RSA-PSK-AES256-CBC-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 44 DHE-PSK-AES256-CBC-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 45 AES256-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 46 PSK-AES256-CBC-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 47 PSK-AES256-CBC-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 48 ECDHE-PSK-AES128-CBC-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 49 ECDHE-PSK-AES128-CBC-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 50 SRP-RSA-AES-128-CBC-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 51 SRP-AES-128-CBC-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 52 RSA-PSK-AES128-CBC-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 53 DHE-PSK-AES128-CBC-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 54 RSA-PSK-AES128-CBC-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 55 DHE-PSK-AES128-CBC-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 56 ECDHE-PSK-WITH-SMS4-CBC-SM3
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 57 SM9-WITH-SMS4-SM3
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 58 SM9DHE-WITH-SMS4-SM3
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 59 SM2-WITH-SMS4-SM3
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 60 SM2DHE-WITH-SMS4-SM3
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 61 AES128-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 62 RSA-WITH-SMS4-SHA1
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 63 RSA-WITH-SMS4-SM3
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 64 PSK-AES128-CBC-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 65 PSK-AES128-CBC-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 66 PSK-WITH-SMS4-CBC-SM3
[GmSSLC.c][ssl_print_info][178] SSL using cipher        : SM2-WITH-SMS4-SM3
[GmSSLC.c][ssl_print_info][179] SSL using cipher_name   : SM2-WITH-SMS4-SM3
[GmSSLC.c][ssl_print_info][180] SSL using cipher_version: GMTLSv1.1
[GmSSLC.c][ssl_print_x509][57] 版本         : V3
[GmSSLC.c][ssl_print_x509][59] 序列号       : 3b9ad1d1
[GmSSLC.c][ssl_print_x509][71] 签名算法Oid  : 1.2.156.10197.1.501
[GmSSLC.c][ssl_print_x509][74] 1125 sm2sign-with-sm3
[GmSSLC.c][ssl_print_x509][75] 1125 SM2Sign-with-SM3
[GmSSLC.c][ssl_print_x509][80] 颁发者       : /C=CN/ST=GuanDong/L=ShenZhen/O=NEW POS TECHNOLOGY LIMITED/OU=Sys Soft Dept/CN=Root
[GmSSLC.c][ssl_print_x509][87] 有效期从     : 220329070630Z
[GmSSLC.c][ssl_print_x509][92] 到           : 320326070630Z
[GmSSLC.c][ssl_print_x509][98] 使用者       : /C=CN/ST=GuanDong/L=ShenZhen/O=NEW POS TECHNOLOGY LIMITED/OU=Sys Soft Dept/CN=192.168.218.141
[GmSSLC.c][ssl_print_x509][104]       双字母国家/地区代码 C=CN
[GmSSLC.c][ssl_print_x509][108]       组织名称 O=NEW POS TECHNOLOGY LIMITED
[GmSSLC.c][ssl_print_x509][112]       组织单位名称 OU=Sys Soft Dept
[GmSSLC.c][ssl_print_x509][116]       域名 CN=192.168.218.141
[GmSSLC.c][ssl_print_x509][120]       城市或区域名称 L=ShenZhen
[GmSSLC.c][ssl_print_x509][124]//自治区名称 ST=GuanDong
[GmSSLC.c][ssl_print_x509][137] 公钥        : ECC
[GmSSLC.c][ssl_print_x509][149] 证书用途    : 加密
[GmSSLC.c][ssl_print_x509][157] 签名算法=0
[GmSSLC.c][ssl_print_x509][57] 版本         : V3
[GmSSLC.c][ssl_print_x509][59] 序列号       : 3b9aca01
[GmSSLC.c][ssl_print_x509][71] 签名算法Oid  : 1.2.156.10197.1.501
[GmSSLC.c][ssl_print_x509][74] 1125 sm2sign-with-sm3
[GmSSLC.c][ssl_print_x509][75] 1125 SM2Sign-with-SM3
[GmSSLC.c][ssl_print_x509][80] 颁发者       : /C=CN/ST=GuanDong/L=ShenZhen/O=NEW POS TECHNOLOGY LIMITED/OU=Sys Soft Dept/CN=Root
[GmSSLC.c][ssl_print_x509][87] 有效期从     : 220411115047Z
[GmSSLC.c][ssl_print_x509][92] 到           : 320408115047Z
[GmSSLC.c][ssl_print_x509][98] 使用者       : /C=CN/ST=GuanDong/L=ShenZhen/O=NEW POS TECHNOLOGY LIMITED/OU=Sys Soft Dept/CN=192.168.218.141
[GmSSLC.c][ssl_print_x509][104]       双字母国家/地区代码 C=CN
[GmSSLC.c][ssl_print_x509][108]       组织名称 O=NEW POS TECHNOLOGY LIMITED
[GmSSLC.c][ssl_print_x509][112]       组织单位名称 OU=Sys Soft Dept
[GmSSLC.c][ssl_print_x509][116]       域名 CN=192.168.218.141
[GmSSLC.c][ssl_print_x509][120]       城市或区域名称 L=ShenZhen
[GmSSLC.c][ssl_print_x509][124]//自治区名称 ST=GuanDong
[GmSSLC.c][ssl_print_x509][137] 公钥        : ECC
[GmSSLC.c][ssl_print_x509][151] 证书用途    : 签名
[GmSSLC.c][ssl_print_x509][157] 签名算法=0
[GmSSLC.c][ssl_send][289] SSL_write[POST /horn/pushmsg HTTP/1.1
Accept: */*
Accept-Language: zh-cn
Content-Type: application/json
User-Agent: herve
Host: 192.168.218.141:1443
Content-Length: 21
Connection: close
Cache-Control: no-cache

{"loginName":"jiean"}]
[GmSSLC.c][ssl_send][326] SSL_read[HTTP/1.1 404 Not Found
Server: nginx/1.20.1
Date: Tue, 12 Apr 2022 01:50:30 GMT
Content-Type: text/html
Content-Length: 153
Connection: close

<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.20.1</center>
</body>
</html>
]
hlovefp
关注
专栏目录
GmSSL安装源码。。
04-08
GmSSL国密算法安装源代码
gmssl源码windows库
03-06
gmssl源码再vs2013下编译出的库以及源码头文件,直接引用就行,非常方便,无需再编译,比较简单。
gmssl 国密ssl 源码测试 --非BIO接口
viqjeee的博客
03-24 1193
gmssl 国密ssl 源码测试 --非BIO接口前言一 服务端流程1 ssl初始化2 配置验证对方证书,并加载ca证书3 配置本端双证书和私钥4 开启一个socket5 建立ssl连接6 从ssl连接中读写数据二 客户端流程1 初始化ssl2 配置验证服务端证书,并加载ca证书3 加载双证书4 建立socket,连接到服务端。5 建立ssl连接6 从ssl连接中读写数据三 测试数据和日志服务端:客户端: 前言 之前的章节中使用gmssl的命令行对ssl gmtls 进行了测试,这里,使用gms
GmSSL源码与签发SM2证书
01-08
资源中包含GmSSL源码能直接编译通过,也可直接使用编译后的文件进行相关操作;包含编译方法与签发SM2证书方法
国密版本的SSL
02-08
这个一个集成了国密要求的一个SSL库,其中的readme 提供了详细的编译方法,可编译出android ,IOS,MAC平台所需的动态库
java调用Gmssl国密接口实例
03-31
java调用Gmssl国密接口进行对称与非对称加解密等运算,动态so库进行接口jni方式调用,采取接口形式对外暴露,方便对接系统调用相关java接口进行相关运算操作。
基于gmssl国密sm2 加密,解密,签名,验签代码
12-22
基于gmssl 的 sm2 加密,解密,签名,验签代码。绝对可运行的代码程序(自行编写HexToASCII,ASCIIToHex函数), 公钥,私钥均为16进制字符串形式。 编译命令g++ main.cpp -lcrypto -lKYLib -L./ -I ./ -Wl,-rpath=/...
国密SSL的wireshark解析脚本gmssl-wireshark-main.zip
05-24
《深入理解国密SSL与Wireshark解析脚本——gmssl_wireshark-main.zip详解》 国密SSL,全称为“国家商用密码SSL”,是中国自主研发的网络安全协议,旨在保护国内互联网通信的安全性和隐私性。它基于国际SSL/TLS协议...
gmssl国密算法包包括源码、编译库和Qt调用的demo文件
05-12
通过阅读源码,开发者可以深入理解国密算法如何被集成到SSL/TLS协议中,以及如何与其他加密库如OpenSSL交互。源码的学习可以帮助开发者定制自己的加密模块,以满足特定的安全需求。 2. **编译好的32位库和64位库**...
国密gmssl_linux_开发库、工具和文档资料.zip
01-06
国密gmssl_linux_开发库、工具和文档资料
GmSSL库和源码和测试程序.rar
03-09
里面包含了最新的gmssl源码和用vs2013在电脑上编译出来的windows库,库包含ssl和crypt两个模块。还有测试程序。直接调用库即可。里面还有客户端源码和服务端源码,以及测试程序需要的下载好的证书,可以直接运行。所有资源全部包括。
GMSSL2.0官网下载的编译源码
09-17
国密gmssl开源项目的源代码包,在blog中写了编译方法。
最新的国密gmssl套件,在win7x64 visio2013 下编译通过的源代码,2019年的源码
03-19
国密gmssl套件,在win7x64 visio2013 下编译通过的源代码。下载perl 按官方编译即可,版本号GmSSL 2.5.0 - OpenSSL 1.1.0d 28 Feb 2019
GmSSL master.zip源码
最新发布
07-02
GmSSL master.zip源码
GmSSL源码及vs2013编译的库
01-07
GmSSL2.4.0在VS2013下可编译的源码,以及用VS2013编译出来的可使用的动态库。
基于GmSSL实现server服务端和client客户端之间SSL通信代码(升级优化公开版)
CHYabc123456hh的博客
07-22 1446
基于GmSSL实现server服务端和client客户端之间SSL通信代码(升级优化公开版)
基于Gmssl库静态编译,实现服务端和客户端之间的SSL通信
CHYabc123456hh的博客
07-21 1060
基于Gmssl库静态编译,实现服务端和客户端之间的SSL通信
GmSSL源码在Windows 10上的编译与安装
数字人生
12-09 1448
1.下载源码https://github.com/guanzhi/GmSSL/ 2.下载perl和nasm:https://www.perl.org/get.html,https://www.nasm.us/ 3. 安装最新版Visual Studio:https://visualstudio.microsoft.com/zh-hans/vs/ 4.生成makefile:perl Configure VC-WIN64A , 或者带--prefix= 参数指定gmssl安装目录, --open...
基于GmSSL国密SSL单向验证客户端Java源码/JNI
hlovefp的专栏
04-15 3342
基于GmSSL国密SSL单向验证客户端Java源码/JNI
nginx 国密ssl
05-30
要在 Nginx 中使用国密 SSL,需要使用支持国密算法的 SSL 库,例如 GmSSL。您需要按照以下步骤进行设置: 1. 安装 GmSSL 库,并将其路径添加到系统环境变量中。 2. 生成国密 SSL 证书和密钥。您可以使用 GmSSL ...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

hlovefp

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值