Skip to content

Commit

Permalink
Add examples to tools
Browse files Browse the repository at this point in the history
  • Loading branch information
guanzhi committed May 20, 2024
1 parent 926e063 commit 8a52a21
Show file tree
Hide file tree
Showing 5 changed files with 162 additions and 84 deletions.
51 changes: 34 additions & 17 deletions tools/sm2decrypt.c
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2024 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
Expand All @@ -16,7 +16,23 @@
#include <gmssl/sm2.h>


static const char *options = "-key pem -pass str [-in file] [-out file]";
static const char *usage = "-key pem -pass str [-in file] [-out file]";

static const char *options =
"\n"
"Options\n"
"\n"
" -key pem Decryption private key file in PEM format\n"
" -pass str Password to open the private key\n"
" -in file | stdin Input ciphertext in binary DER-encoding\n"
" -in file | stdout Output decrypted data\n"
"\n"
"Examples\n"
"\n"
" $ gmssl sm2keygen -pass P@ssw0rd -out sm2.pem -pubout sm2pub.pem\n"
" $ echo 'Secret message' | gmssl sm2encrypt -pubkey sm2pub.pem -out sm2.der\n"
" $ gmssl sm2decrypt -key sm2.pem -pass P@ssw0rd -in sm2.der\n"
"\n";

int sm2decrypt_main(int argc, char **argv)
{
Expand All @@ -39,20 +55,21 @@ int sm2decrypt_main(int argc, char **argv)
argv++;

if (argc < 1) {
fprintf(stderr, "usage: %s %s\n", prog, options);
fprintf(stderr, "usage: gmssl %s %s\n", prog, usage);
return 1;
}

while (argc > 0) {
if (!strcmp(*argv, "-help")) {
printf("usage: %s %s\n", prog, options);
printf("usage: gmssl %s %s\n", prog, usage);
printf("%s\n", options);
ret = 0;
goto end;
} else if (!strcmp(*argv, "-key")) {
if (--argc < 1) goto bad;
keyfile = *(++argv);
if (!(keyfp = fopen(keyfile, "rb"))) {
fprintf(stderr, "%s: open '%s' failure : %s\n", prog, keyfile, strerror(errno));
fprintf(stderr, "gmssl %s: open '%s' failure : %s\n", prog, keyfile, strerror(errno));
goto end;
}
} else if (!strcmp(*argv, "-pass")) {
Expand All @@ -62,21 +79,21 @@ int sm2decrypt_main(int argc, char **argv)
if (--argc < 1) goto bad;
infile = *(++argv);
if (!(infp = fopen(infile, "rb"))) {
fprintf(stderr, "%s: open '%s' failure : %s\n", prog, infile, strerror(errno));
fprintf(stderr, "gmssl %s: open '%s' failure : %s\n", prog, infile, strerror(errno));
goto end;
}
} else if (!strcmp(*argv, "-out")) {
if (--argc < 1) goto bad;
outfile = *(++argv);
if (!(outfp = fopen(outfile, "wb"))) {
fprintf(stderr, "%s: open '%s' failure : %s\n", prog, outfile, strerror(errno));
fprintf(stderr, "gmssl %s: open '%s' failure : %s\n", prog, outfile, strerror(errno));
goto end;
}
} else {
fprintf(stderr, "%s: illegal option '%s'\n", prog, *argv);
fprintf(stderr, "gmssl %s: illegal option '%s'\n", prog, *argv);
goto end;
bad:
fprintf(stderr, "%s: '%s' option value missing\n", prog, *argv);
fprintf(stderr, "gmssl %s: '%s' option value missing\n", prog, *argv);
goto end;
}

Expand All @@ -85,38 +102,38 @@ int sm2decrypt_main(int argc, char **argv)
}

if (!keyfile) {
fprintf(stderr, "%s: '-key' option required\n", prog);
fprintf(stderr, "gmssl %s: '-key' option required\n", prog);
goto end;
}
if (!pass) {
fprintf(stderr, "%s: '-pass' option required\n", prog);
fprintf(stderr, "gmssl %s: '-pass' option required\n", prog);
goto end;
}

if (sm2_private_key_info_decrypt_from_pem(&key, pass, keyfp) != 1) {
fprintf(stderr, "%s: private key decryption failure\n", prog);
fprintf(stderr, "gmssl %s: private key decryption failure\n", prog);
goto end;
}

if ((inlen = fread(inbuf, 1, sizeof(inbuf), infp)) <= 0) {
fprintf(stderr, "%s: read input failed : %s\n", prog, strerror(errno));
fprintf(stderr, "gmssl %s: read input failed : %s\n", prog, strerror(errno));
goto end;
}

if (sm2_decrypt_init(&ctx) != 1) {
fprintf(stderr, "%s: sm2_decrypt_init failed\n", prog);
fprintf(stderr, "gmssl %s: sm2_decrypt_init failed\n", prog);
goto end;
}
if (sm2_decrypt_update(&ctx, inbuf, inlen) != 1) {
fprintf(stderr, "%s: sm2_decyrpt_update failed\n", prog);
fprintf(stderr, "gmssl %s: sm2_decyrpt_update failed\n", prog);
goto end;
}
if (sm2_decrypt_finish(&ctx, &key, outbuf, &outlen) != 1) {
fprintf(stderr, "%s: decryption failure\n", prog);
fprintf(stderr, "gmssl %s: decryption failure\n", prog);
goto end;
}
if (outlen != fwrite(outbuf, 1, outlen, outfp)) {
fprintf(stderr, "%s: output plaintext failed : %s\n", prog, strerror(errno));
fprintf(stderr, "gmssl %s: output plaintext failed : %s\n", prog, strerror(errno));
goto end;
}
ret = 0;
Expand Down
61 changes: 39 additions & 22 deletions tools/sm2encrypt.c
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2024 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
Expand All @@ -16,7 +16,23 @@
#include <gmssl/sm2.h>
#include <gmssl/x509.h>

static const char *options = "(-pubkey pem | -cert pem) [-in file] [-out file]";
static const char *usage = "(-pubkey pem | -cert pem) [-in file] [-out file]";

static const char *options =
"\n"
"Options\n"
"\n"
" -pubkey pem Recepient's public key file in PEM format\n"
" -cert pem Recipient's certificate in PEM format\n"
" -in file | stdin To be encrypted data, at most 255 bytes\n"
" -out file | stdout Output ciphertext in binary DER-encoding\n"
"\n"
"Examples\n"
"\n"
" $ gmssl sm2keygen -pass P@ssw0rd -out sm2.pem -pubout sm2pub.pem\n"
" $ echo 'Secret message' | gmssl sm2encrypt -pubkey sm2pub.pem -out sm2.der\n"
" $ gmssl sm2decrypt -key sm2.pem -pass P@ssw0rd -in sm2.der\n"
"\n";

int sm2encrypt_main(int argc, char **argv)
{
Expand All @@ -42,56 +58,57 @@ int sm2encrypt_main(int argc, char **argv)
argv++;

if (argc < 1) {
fprintf(stderr, "usage: %s %s\n", prog, options);
fprintf(stderr, "usage: gmssl %s %s\n", prog, usage);
return 1;
}

while (argc > 1) {
while (argc > 0) {
if (!strcmp(*argv, "-help")) {
printf("usage: %s %s\n", prog, options);
printf("usage: gmssl %s %s\n", prog, usage);
printf("%s\n", options);
ret = 0;
goto end;
} else if (!strcmp(*argv, "-pubkey")) {
if (certfile) {
fprintf(stderr, "%s: options '-pubkey' '-cert' conflict\n", prog);
fprintf(stderr, "gmssl %s: options '-pubkey' '-cert' conflict\n", prog);
goto end;
}
if (--argc < 1) goto bad;
pubkeyfile = *(++argv);
if (!(pubkeyfp = fopen(pubkeyfile, "rb"))) {
fprintf(stderr, "%s: open '%s' failure : %s\n", prog, pubkeyfile, strerror(errno));
fprintf(stderr, "gmssl %s: open '%s' failure : %s\n", prog, pubkeyfile, strerror(errno));
goto end;
}
} else if (!strcmp(*argv, "-cert")) {
if (pubkeyfile) {
fprintf(stderr, "%s: options '-pubkey' '-cert' conflict\n", prog);
fprintf(stderr, "gmssl %s: options '-pubkey' '-cert' conflict\n", prog);
goto end;
}
if (--argc < 1) goto bad;
certfile = *(++argv);
if (!(certfp = fopen(certfile, "rb"))) {
fprintf(stderr, "%s: open '%s' failure : %s\n", prog, certfile, strerror(errno));
fprintf(stderr, "gmssl %s: open '%s' failure : %s\n", prog, certfile, strerror(errno));
goto end;
}
} else if (!strcmp(*argv, "-in")) {
if (--argc < 1) goto bad;
infile = *(++argv);
if (!(infp = fopen(infile, "rb"))) {
fprintf(stderr, "%s: open '%s' failure : %s\n", prog, infile, strerror(errno));
fprintf(stderr, "gmssl %s: open '%s' failure : %s\n", prog, infile, strerror(errno));
goto end;
}
} else if (!strcmp(*argv, "-out")) {
if (--argc < 1) goto bad;
outfile = *(++argv);
if (!(outfp = fopen(outfile, "wb"))) {
fprintf(stderr, "%s: open '%s' failure : %s\n", prog, outfile, strerror(errno));
fprintf(stderr, "gmssl %s: open '%s' failure : %s\n", prog, outfile, strerror(errno));
goto end;
}
} else {
fprintf(stderr, "%s: illegal option '%s'\n", prog, *argv);
fprintf(stderr, "gmssl %s: illegal option '%s'\n", prog, *argv);
goto end;
bad:
fprintf(stderr, "%s: '%s' option value missing\n", prog, *argv);
fprintf(stderr, "gmssl %s: '%s' option value missing\n", prog, *argv);
goto end;
}

Expand All @@ -102,44 +119,44 @@ int sm2encrypt_main(int argc, char **argv)

if (pubkeyfile) {
if (sm2_public_key_info_from_pem(&key, pubkeyfp) != 1) {
fprintf(stderr, "%s: parse public key failed\n", prog);
fprintf(stderr, "gmssl %s: parse public key failed\n", prog);
goto end;
}
} else if (certfile) {
if (x509_cert_from_pem(cert, &certlen, sizeof(cert), certfp) != 1
|| x509_cert_get_subject_public_key(cert, certlen, &key) != 1) {
fprintf(stderr, "%s: parse certificate failed\n", prog);
fprintf(stderr, "gmssl %s: parse certificate failed\n", prog);
goto end;
}
} else {
fprintf(stderr, "%s: '-pubkey' or '-cert' option required\n", prog);
fprintf(stderr, "gmssl %s: '-pubkey' or '-cert' option required\n", prog);
goto end;
}

if ((inlen = fread(inbuf, 1, sizeof(inbuf), infp)) <= 0) {
fprintf(stderr, "%s: read input error : %s\n", prog, strerror(errno));
fprintf(stderr, "gmssl %s: read input error : %s\n", prog, strerror(errno));
goto end;
}
if (inlen > SM2_MAX_PLAINTEXT_SIZE) {
fprintf(stderr, "%s: input long than SM2_MAX_PLAINTEXT_SIZE (%d)\n", prog, SM2_MAX_PLAINTEXT_SIZE);
fprintf(stderr, "gmssl %s: input long than SM2_MAX_PLAINTEXT_SIZE (%d)\n", prog, SM2_MAX_PLAINTEXT_SIZE);
goto end;
}

if (sm2_encrypt_init(&ctx) != 1) {
fprintf(stderr, "%s: sm2_encrypt_init failed\n", prog);
fprintf(stderr, "gmssl %s: sm2_encrypt_init failed\n", prog);
goto end;
}
if (sm2_encrypt_update(&ctx, inbuf, inlen) != 1) {
fprintf(stderr, "%s: sm2_encrypt_update failed\n", prog);
fprintf(stderr, "gmssl %s: sm2_encrypt_update failed\n", prog);
return -1;
}
if (sm2_encrypt_finish(&ctx, &key, outbuf, &outlen) != 1) {
fprintf(stderr, "%s: sm2_encrypt_finish error\n", prog);
fprintf(stderr, "gmssl %s: sm2_encrypt_finish error\n", prog);
goto end;
}

if (outlen != fwrite(outbuf, 1, outlen, outfp)) {
fprintf(stderr, "%s: output error : %s\n", prog, strerror(errno));
fprintf(stderr, "gmssl %s: output error : %s\n", prog, strerror(errno));
goto end;
}
ret = 0;
Expand Down
24 changes: 15 additions & 9 deletions tools/sm2keygen.c
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
* Copyright 2014-2024 The GmSSL Project. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the License); you may
* not use this file except in compliance with the License.
Expand All @@ -20,9 +20,15 @@ static const char *usage = "-pass str [-out pem] [-pubout pem]\n";

static const char *options =
"Options\n"
"\n"
" -pass pass Password to encrypt the private key\n"
" -out pem Output password-encrypted PKCS #8 private key in PEM format\n"
" -pubout pem Output public key in PEM format\n"
"\n"
"Examples\n"
"\n"
" $ gmssl sm2keygen -pass P@ssw0rd -out sm2.pem\n"
" $ gmssl sm2keygen -pass P@ssw0rd -out sm2.pem -pubout sm2pub.pem\n"
"\n";

int sm2keygen_main(int argc, char **argv)
Expand All @@ -40,13 +46,13 @@ int sm2keygen_main(int argc, char **argv)
argv++;

if (argc < 1) {
fprintf(stderr, "usage: %s %s\n", prog, options);
fprintf(stderr, "usage: gmssl %s %s\n", prog, usage);
return 1;
}

while (argc > 0) {
if (!strcmp(*argv, "-help")) {
printf("usage: %s %s\n", prog, usage);
printf("usage: gmssl %s %s\n", prog, usage);
printf("%s\n", options);
ret = 0;
goto end;
Expand All @@ -57,21 +63,21 @@ int sm2keygen_main(int argc, char **argv)
if (--argc < 1) goto bad;
outfile = *(++argv);
if (!(outfp = fopen(outfile, "wb"))) {
fprintf(stderr, "%s: open '%s' failure : %s\n", prog, outfile, strerror(errno));
fprintf(stderr, "gmssl %s: open '%s' failure : %s\n", prog, outfile, strerror(errno));
goto end;
}
} else if (!strcmp(*argv, "-pubout")) {
if (--argc < 1) goto bad;
puboutfile = *(++argv);
if (!(puboutfp = fopen(puboutfile, "wb"))) {
fprintf(stderr, "%s: open '%s' failure : %s\n", prog, outfile, strerror(errno));
fprintf(stderr, "gmssl %s: open '%s' failure : %s\n", prog, outfile, strerror(errno));
goto end;
}
} else {
fprintf(stderr, "%s: illegal option '%s'\n", prog, *argv);
fprintf(stderr, "gmssl %s: illegal option '%s'\n", prog, *argv);
goto end;
bad:
fprintf(stderr, "%s: `%s` option value missing\n", prog, *argv);
fprintf(stderr, "gmssl %s: `%s` option value missing\n", prog, *argv);
goto end;
}

Expand All @@ -80,14 +86,14 @@ int sm2keygen_main(int argc, char **argv)
}

if (!pass) {
fprintf(stderr, "%s: `-pass` option required\n", prog);
fprintf(stderr, "gmssl %s: `-pass` option required\n", prog);
goto end;
}

if (sm2_key_generate(&key) != 1
|| sm2_private_key_info_encrypt_to_pem(&key, pass, outfp) != 1
|| sm2_public_key_info_to_pem(&key, puboutfp) != 1) {
fprintf(stderr, "%s: inner failure\n", prog);
fprintf(stderr, "gmssl %s: inner failure\n", prog);
goto end;
}
ret = 0;
Expand Down
Loading

0 comments on commit 8a52a21

Please sign in to comment.