基于GmSSL的国密SSL单向验证客户端C源码
2024-06-16 13:28:58
1 搭建测试服务器
基于GmSSL搭建Nginx国密反代服务器
2 C 源码
#include <stdio.h>
#include <string.h>
#include <errno.h>
#include <signal.h>
#include <netdb.h>
#include <unistd.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <openssl/err.h>
#include <openssl/ssl.h>#define Eprintf printf("[%s][%s][%d] ",__FILE__,__func__,__LINE__);printf#define CONNECT_TIME_OUT 5
#define SEND_TIME_OUT 5
#define RECV_TIME_OUT 5
#define SSL_IS_TIMEOUT (-1 == ssl_alarm_flag)int ssl_alarm_flag;void ssl_sigset_alarm(int sig)
{ssl_alarm_flag = -1;alarm(0);signal(SIGALRM, SIG_DFL);
}void ssl_set_alarm(int time_out)
{ssl_alarm_flag = 0;signal(SIGALRM , ssl_sigset_alarm);alarm(time_out);
}void ssl_unset_alarm(void)
{alarm(0);signal(SIGALRM, SIG_DFL);
}void ssl_print_x509(X509 *cert)
{char *line;char buf[1024];int len;X509_NAME *p=NULL;ASN1_TIME *t=NULL;char oid[128] = {0};if (NULL == cert) {Eprintf("无证书信息!\n");return;}Eprintf("版本 : V%ld\n", X509_get_version(cert)+1);Eprintf("序列号 : %x\n", ASN1_INTEGER_get(X509_get_serialNumber(cert)));int nid = X509_get_signature_nid(cert);/* openssl 1.1.1 不允许访问结构体成员变量//签名算法OidASN1_OBJECT* salg = cert->sig_alg->algorithm;
*/ASN1_OBJECT* salg = OBJ_nid2obj(nid);if (NULL != salg) {memset(oid,0x00,sizeof(oid));OBJ_obj2txt(oid, 128, salg, 1);Eprintf("签名算法Oid : %s\n", oid);}Eprintf("%d %s\n",nid, OBJ_nid2ln(nid));Eprintf("%d %s\n",nid, OBJ_nid2sn(nid));p = X509_get_issuer_name(cert);if (NULL != p) {if (NULL != (line = X509_NAME_oneline(p, 0, 0))) {Eprintf("颁发者 : %s\n", line);free(line);}}t = X509_get_notBefore(cert);if (NULL != t) {Eprintf("有效期从 : %s\n", ASN1_STRING_data(t));}t = X509_get_notAfter(cert);if (NULL != t) {Eprintf("到 : %s\n", ASN1_STRING_data(t));}p = X509_get_subject_name(cert);if (NULL != p) {if (NULL != (line = X509_NAME_oneline(p, 0, 0))) {Eprintf("使用者 : %s\n", line);free(line);}memset(buf, 0x00, sizeof(buf));X509_NAME_get_text_by_NID(p, NID_countryName, buf, sizeof(buf));Eprintf(" 双字母国家/地区代码 C=%s\n", buf);memset(buf, 0x00, sizeof(buf));X509_NAME_get_text_by_NID(p, NID_organizationName, buf, sizeof(buf));Eprintf(" 组织名称 O=%s\n", buf);memset(buf, 0x00, sizeof(buf));X509_NAME_get_text_by_NID(p, NID_organizationalUnitName, buf, sizeof(buf));Eprintf(" 组织单位名称 OU=%s\n", buf);memset(buf, 0x00, sizeof(buf));X509_NAME_get_text_by_NID(p, NID_commonName, buf, sizeof(buf));Eprintf(" 域名 CN=%s\n", buf);memset(buf, 0x00, sizeof(buf));X509_NAME_get_text_by_NID(p, NID_localityName, buf, sizeof(buf));Eprintf(" 城市或区域名称 L=%s\n", buf);memset(buf, 0x00, sizeof(buf));X509_NAME_get_text_by_NID(p, NID_stateOrProvinceName, buf, sizeof(buf));Eprintf(" 省/市/自治区名称 ST=%s\n", buf);}//X509_PUBKEY *X509_get_X509_PUBKEY(const X509 *x);//公钥算法//目前常见的证书算法为RSA和ECC,ECC在国内又成为SM2。//SM2是国家密码管理局基于椭圆算法(ECC)制定的国内非对称算法标准。EVP_PKEY *pk = X509_get_pubkey(cert);if (NULL != pk) {//switch (pk->type) { //openssl 1.1.1不允许访问成员变量switch(EVP_PKEY_base_id(pk)) {case EVP_PKEY_RSA : Eprintf("公钥 : RSA\n"); break;case EVP_PKEY_EC : Eprintf("公钥 : ECC\n"); break;case EVP_PKEY_DSA : Eprintf("公钥 : DSA\n"); break;case EVP_PKEY_DH : Eprintf("公钥 : DH\n"); break;default : Eprintf("公钥 : 未知\n"); break;}}// 证书按用途分为"签名证书"和"加密证书"。// "签名证书"的公钥用来验证签名,而"加密证书"的公钥则用来加密数据。//X509_check_ca(cert);//if ((cert->ex_kusage & X509v3_KU_DATA_ENCIPHERMENT) == X509v3_KU_DATA_ENCIPHERMENT) {if ((X509_get_key_usage(cert) & X509v3_KU_DATA_ENCIPHERMENT) == X509v3_KU_DATA_ENCIPHERMENT) {Eprintf("证书用途 : 加密\n");} else if ((X509_get_key_usage(cert) & X509v3_KU_DIGITAL_SIGNATURE) == X509v3_KU_DIGITAL_SIGNATURE) {Eprintf("证书用途 : 签名\n");}//证书的指纹算法//int X509_get_signature_type(const X509 *x);Eprintf("签名算法=%d\n", X509_get_signature_type(cert));//证书发行者对证书的签名(指纹)}void ssl_print_info(const SSL *ssl)
{X509 *cert = NULL;if (NULL == ssl)return;// 支持的算法列表const char *cl = NULL;int priority = 0;for(priority=0; priority < 10000; priority++){if( (cl = SSL_get_cipher_list(ssl, priority)) != NULL) {Eprintf("SSL cipher list: %d %s\n", priority, cl);}}Eprintf( "SSL using cipher : %s\n", SSL_get_cipher(ssl)); // SM2-WITH-SMS4-SM3Eprintf( "SSL using cipher_name : %s\n", SSL_get_cipher_name(ssl));Eprintf( "SSL using cipher_version: %s\n", SSL_get_cipher_version(ssl));// 服务端证书//cert = SSL_get_peer_certificate(ssl);STACK_OF(X509) *sk = SSL_get_peer_cert_chain(ssl);while(NULL != (cert = sk_X509_pop(sk))) {ssl_print_x509(cert);}
}int ssl_send(const char* ip, const int port, const char *send_buf, char *recv_buf, int recv_buf_size)
{int ret;int client_fd = -1;int total_len = 0;int len = 0;struct sockaddr_in stSockAddr;SSL_CTX *ctx = NULL;SSL *ssl = NULL;const SSL_METHOD *meth = NULL;meth = GMTLS_client_method(); //使用GMTLSv1.1协议if(meth == NULL) {Eprintf("SSLv23_client_method err [%d:%s]\n", errno,strerror(errno));ret = -1;goto _ErrorRet;}ctx = SSL_CTX_new(meth); //申请SSL会话环境if(ctx == NULL){Eprintf("SSL_CTX_new err [%d:%s]\n", errno,strerror(errno));ret = -1;goto _ErrorRet;}#if 0 // 指定使用的算法const char * cipher_list = "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH";if (SSL_CTX_set_cipher_list(ctx, cipher_list) == 0) {Eprintf("Failed to set cipher list: %s\n", cipher_list);ret = -1;goto _ErrorRet;}
#endif//建立普通的TCP连接client_fd = socket(AF_INET, SOCK_STREAM, 0);if(client_fd < 0){Eprintf("socket fail, err[%d:%s]\n", errno, strerror(errno));ret = -1;goto _ErrorRet;}memset(&stSockAddr, 0, sizeof(stSockAddr));stSockAddr.sin_family = AF_INET;stSockAddr.sin_port = htons(port);stSockAddr.sin_addr.s_addr = inet_addr(ip);Eprintf("connect[%s:%d]\n" , ip, port);ssl_set_alarm(CONNECT_TIME_OUT);ret = connect(client_fd,(struct sockaddr *) &stSockAddr, sizeof(stSockAddr));ssl_unset_alarm();if (SSL_IS_TIMEOUT) {Eprintf("connect server[%s:%d] time out\n", ip,port);ret = -1;goto _ErrorRet;} else if(ret != 0) {Eprintf("connect server[%s:%d] fail, err[%d:%s]\n", ip, port, errno, strerror(errno));ret = -1;goto _ErrorRet;}ssl = SSL_new(ctx); //创建SSL套接字if(ssl == NULL){Eprintf("SSL_new err [%d:%s]\n", errno,strerror(errno));ret = -1;goto _ErrorRet;}SSL_set_fd(ssl, client_fd); //将TCP套接字与SSL套接字联系起来ssl_set_alarm(CONNECT_TIME_OUT);ret = SSL_connect(ssl); //启动SSL链接ssl_unset_alarm();if (SSL_IS_TIMEOUT) {Eprintf("SSL_connect [%s:%d] time out\n", ip,port);ret = -1;goto _ErrorRet;} else if(ret <= 0) {ERR_print_errors_fp(stderr);Eprintf("SSL_connect ret[%d][%d:%s]\n", ret, errno, strerror(errno));ret = -1;goto _ErrorRet;}ssl_print_info(ssl);Eprintf("SSL_write[%s]\n" , send_buf);total_len = strlen(send_buf);len = 0;while (len < total_len) {ssl_set_alarm(SEND_TIME_OUT);ret = SSL_write(ssl, send_buf+len, total_len-len);ssl_unset_alarm();if (SSL_IS_TIMEOUT) {Eprintf("SSL_write server[%s:%d] time out\n", ip,port);ret = -1;goto _ErrorRet;} else if(ret <= 0) {Eprintf("SSL_write err [%d:%s]\n", errno,strerror(errno));ret = -1;goto _ErrorRet;}len += ret;}//read from the TLS/SSL connectionssl_set_alarm(RECV_TIME_OUT);ret = SSL_read(ssl, recv_buf, recv_buf_size-1);ssl_unset_alarm();if (SSL_IS_TIMEOUT) {Eprintf("SSL_read server[%s:%d] time out\n", ip,port);ret = -1;goto _ErrorRet;} else if(ret <= 0) {Eprintf("SSL_read err [%d:%s]", errno,strerror(errno));ret = -1;goto _ErrorRet;}recv_buf[ret] = '\0';Eprintf("SSL_read[%s]\n" , recv_buf);ret = 0;_ErrorRet:if(NULL != ssl) {SSL_shutdown(ssl); //结束SSL通信SSL_free(ssl); //释放SSL套接字}if(-1 != client_fd) {close(client_fd);}if(NULL != ctx) {SSL_CTX_free(ctx); //释放SSL会话环境}return ret;
}int main(void)
{//初始化 openssl 环境SSLeay_add_ssl_algorithms(); // 添加SSL的加密/HASH算法SSL_load_error_strings(); // 加载SSL错误信息char *host = "192.168.218.141";int port = 1443;char *body = "{\"loginName\":\"jiean\"}";char send_buf[1024];char recv_buf[1024];memset(send_buf, 0x00, sizeof(send_buf));memset(recv_buf, 0x00, sizeof(recv_buf));snprintf(send_buf, sizeof(send_buf),"POST /horn/pushmsg HTTP/1.1\r\n" \"Accept: */*\r\n" \"Accept-Language: zh-cn\r\n" \"Content-Type: application/json\r\n" \"User-Agent: herve\r\n" \"Host: %s:%d\r\n" \"Content-Length: %d\r\n" \"Connection: close\r\n" \"Cache-Control: no-cache\r\n\r\n%s",host, port, strlen(body), body);ssl_send(host,port,send_buf,recv_buf,sizeof(recv_buf));return 0;
}
3 编译执行
>gcc GmSSLC.c -o GmSSLC -lssl -lcrypto
>./GmSSLC
[GmSSLC.c][ssl_send][245] connect[192.168.218.141:1443]
Z=297C46B49FA33064B85EE53C6A6F333AC1CBF4F0A4FA3F250F5F20A92195511A
C=00021930820215308201BCA00302010202043B9AD1D1300A06082A811CCF55018375307F310B300906035504061302434E3111300F06035504080C084775616E446F6E673111300F06035504070C085368656E5A68656E31233021060355040A0C1A4E455720504F5320544543484E4F4C4F4759204C494D4954454431163014060355040B0C0D53797320536F66742044657074310D300B06035504030C04526F6F74301E170D3232303332393037303633305A170D3332303332363037303633305A30818A310B300906035504061302434E3111300F06035504080C084775616E446F6E673111300F06035504070C085368656E5A68656E31233021060355040A0C1A4E455720504F5320544543484E4F4C4F4759204C494D4954454431163014060355040B0C0D53797320536F667420446570743118301606035504030C0F3139322E3136382E3231382E3134313059301306072A8648CE3D020106082A811CCF5501822D03420004126303D018D4812AD1057DA8AF11A55959DB6912A0E222C5717253224E32B167EC11AC78700C6319129A2BE6563B3D90FBAEF83094B9BA6C43983B0731432A0DA31A301830090603551D1304023000300B0603551D0F040403020338300A06082A811CCF550183750347003044022065A52BBECFD0B03C0E805A5FD792A8B1109D792CCD413486971CB75E1AEC549802205192FF4C6C2FC7B79669F0FB9B5799CED5DC318A2A440BA985F21A02088A5DF1
ssl_get_algorithm2=41e99a3508x
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 0 ECDHE-ECDSA-AES256-GCM-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 1 ECDHE-RSA-AES256-GCM-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 2 DHE-RSA-AES256-GCM-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 3 ECDHE-ECDSA-CHACHA20-POLY1305
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 4 ECDHE-RSA-CHACHA20-POLY1305
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 5 DHE-RSA-CHACHA20-POLY1305
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 6 ECDHE-ECDSA-AES128-GCM-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 7 ECDHE-RSA-AES128-GCM-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 8 DHE-RSA-AES128-GCM-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 9 ECDHE-SM2-WITH-SMS4-GCM-SM3
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 10 ECDHE-ECDSA-AES256-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 11 ECDHE-RSA-AES256-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 12 DHE-RSA-AES256-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 13 ECDHE-ECDSA-AES128-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 14 ECDHE-RSA-AES128-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 15 DHE-RSA-AES128-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 16 ECDHE-SM2-WITH-SMS4-SM3
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 17 ECDHE-ECDSA-AES256-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 18 ECDHE-RSA-AES256-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 19 DHE-RSA-AES256-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 20 ECDHE-ECDSA-AES128-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 21 ECDHE-RSA-AES128-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 22 DHE-RSA-AES128-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 23 RSA-PSK-AES256-GCM-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 24 DHE-PSK-AES256-GCM-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 25 RSA-PSK-CHACHA20-POLY1305
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 26 DHE-PSK-CHACHA20-POLY1305
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 27 ECDHE-PSK-CHACHA20-POLY1305
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 28 AES256-GCM-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 29 PSK-AES256-GCM-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 30 PSK-CHACHA20-POLY1305
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 31 RSA-PSK-AES128-GCM-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 32 DHE-PSK-AES128-GCM-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 33 AES128-GCM-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 34 PSK-AES128-GCM-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 35 AES256-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 36 AES128-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 37 ECDHE-PSK-AES256-CBC-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 38 ECDHE-PSK-AES256-CBC-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 39 SRP-RSA-AES-256-CBC-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 40 SRP-AES-256-CBC-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 41 RSA-PSK-AES256-CBC-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 42 DHE-PSK-AES256-CBC-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 43 RSA-PSK-AES256-CBC-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 44 DHE-PSK-AES256-CBC-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 45 AES256-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 46 PSK-AES256-CBC-SHA384
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 47 PSK-AES256-CBC-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 48 ECDHE-PSK-AES128-CBC-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 49 ECDHE-PSK-AES128-CBC-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 50 SRP-RSA-AES-128-CBC-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 51 SRP-AES-128-CBC-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 52 RSA-PSK-AES128-CBC-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 53 DHE-PSK-AES128-CBC-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 54 RSA-PSK-AES128-CBC-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 55 DHE-PSK-AES128-CBC-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 56 ECDHE-PSK-WITH-SMS4-CBC-SM3
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 57 SM9-WITH-SMS4-SM3
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 58 SM9DHE-WITH-SMS4-SM3
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 59 SM2-WITH-SMS4-SM3
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 60 SM2DHE-WITH-SMS4-SM3
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 61 AES128-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 62 RSA-WITH-SMS4-SHA1
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 63 RSA-WITH-SMS4-SM3
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 64 PSK-AES128-CBC-SHA256
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 65 PSK-AES128-CBC-SHA
[GmSSLC.c][ssl_print_info][174] SSL cipher list: 66 PSK-WITH-SMS4-CBC-SM3
[GmSSLC.c][ssl_print_info][178] SSL using cipher : SM2-WITH-SMS4-SM3
[GmSSLC.c][ssl_print_info][179] SSL using cipher_name : SM2-WITH-SMS4-SM3
[GmSSLC.c][ssl_print_info][180] SSL using cipher_version: GMTLSv1.1
[GmSSLC.c][ssl_print_x509][57] 版本 : V3
[GmSSLC.c][ssl_print_x509][59] 序列号 : 3b9ad1d1
[GmSSLC.c][ssl_print_x509][71] 签名算法Oid : 1.2.156.10197.1.501
[GmSSLC.c][ssl_print_x509][74] 1125 sm2sign-with-sm3
[GmSSLC.c][ssl_print_x509][75] 1125 SM2Sign-with-SM3
[GmSSLC.c][ssl_print_x509][80] 颁发者 : /C=CN/ST=GuanDong/L=ShenZhen/O=NEW POS TECHNOLOGY LIMITED/OU=Sys Soft Dept/CN=Root
[GmSSLC.c][ssl_print_x509][87] 有效期从 : 220329070630Z
[GmSSLC.c][ssl_print_x509][92] 到 : 320326070630Z
[GmSSLC.c][ssl_print_x509][98] 使用者 : /C=CN/ST=GuanDong/L=ShenZhen/O=NEW POS TECHNOLOGY LIMITED/OU=Sys Soft Dept/CN=192.168.218.141
[GmSSLC.c][ssl_print_x509][104] 双字母国家/地区代码 C=CN
[GmSSLC.c][ssl_print_x509][108] 组织名称 O=NEW POS TECHNOLOGY LIMITED
[GmSSLC.c][ssl_print_x509][112] 组织单位名称 OU=Sys Soft Dept
[GmSSLC.c][ssl_print_x509][116] 域名 CN=192.168.218.141
[GmSSLC.c][ssl_print_x509][120] 城市或区域名称 L=ShenZhen
[GmSSLC.c][ssl_print_x509][124] 省/市/自治区名称 ST=GuanDong
[GmSSLC.c][ssl_print_x509][137] 公钥 : ECC
[GmSSLC.c][ssl_print_x509][149] 证书用途 : 加密
[GmSSLC.c][ssl_print_x509][157] 签名算法=0
[GmSSLC.c][ssl_print_x509][57] 版本 : V3
[GmSSLC.c][ssl_print_x509][59] 序列号 : 3b9aca01
[GmSSLC.c][ssl_print_x509][71] 签名算法Oid : 1.2.156.10197.1.501
[GmSSLC.c][ssl_print_x509][74] 1125 sm2sign-with-sm3
[GmSSLC.c][ssl_print_x509][75] 1125 SM2Sign-with-SM3
[GmSSLC.c][ssl_print_x509][80] 颁发者 : /C=CN/ST=GuanDong/L=ShenZhen/O=NEW POS TECHNOLOGY LIMITED/OU=Sys Soft Dept/CN=Root
[GmSSLC.c][ssl_print_x509][87] 有效期从 : 220411115047Z
[GmSSLC.c][ssl_print_x509][92] 到 : 320408115047Z
[GmSSLC.c][ssl_print_x509][98] 使用者 : /C=CN/ST=GuanDong/L=ShenZhen/O=NEW POS TECHNOLOGY LIMITED/OU=Sys Soft Dept/CN=192.168.218.141
[GmSSLC.c][ssl_print_x509][104] 双字母国家/地区代码 C=CN
[GmSSLC.c][ssl_print_x509][108] 组织名称 O=NEW POS TECHNOLOGY LIMITED
[GmSSLC.c][ssl_print_x509][112] 组织单位名称 OU=Sys Soft Dept
[GmSSLC.c][ssl_print_x509][116] 域名 CN=192.168.218.141
[GmSSLC.c][ssl_print_x509][120] 城市或区域名称 L=ShenZhen
[GmSSLC.c][ssl_print_x509][124] 省/市/自治区名称 ST=GuanDong
[GmSSLC.c][ssl_print_x509][137] 公钥 : ECC
[GmSSLC.c][ssl_print_x509][151] 证书用途 : 签名
[GmSSLC.c][ssl_print_x509][157] 签名算法=0
[GmSSLC.c][ssl_send][289] SSL_write[POST /horn/pushmsg HTTP/1.1
Accept: */*
Accept-Language: zh-cn
Content-Type: application/json
User-Agent: herve
Host: 192.168.218.141:1443
Content-Length: 21
Connection: close
Cache-Control: no-cache{"loginName":"jiean"}]
[GmSSLC.c][ssl_send][326] SSL_read[HTTP/1.1 404 Not Found
Server: nginx/1.20.1
Date: Tue, 12 Apr 2022 01:50:30 GMT
Content-Type: text/html
Content-Length: 153
Connection: close<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.20.1</center>
</body>
</html>
]基于GmSSL的国密SSL单向验证客户端C源码相关推荐
- HTTPS的SSL单向验证和双向验证
HTTPS的SSL单向验证和双向验证 HTTPs利用SSL/TLS建立安全信道,加密数据包,主要目的是提供对网站服务器的身份认证,同时保护交换数据的安全性与完整性 SSL/TLS TLS在传输 ...
- gmssl 国密ssl流程测试
gmssl 国密ssl流程测试 前言 一 gmssl ssl流程测试 单证书单向认证 二 gmssl ssl 流程 单证书 双向认证 三 gmssl gmtls 流程 双证书 单向认证 四 gmssl ...
- 国密SSL通信协议详细介绍与抓包分析
最近研究有关SSL协议的物联网安全协议,看了很多资料并且结合TASSL在ubuntu上跑了一个简单的demo,因此有了一些自己的理解,那么就详细讲解一下我所知道的SSL,相信这一篇文章就可以让你全面了 ...
- gmcurl,支持国密SSL的的curl
gmcurl,支持国密SSL的的curl 1.curl是什么 cURL(客户端URL)是一个开放源代码的命令行工具,用来请求 Web和其他各种类型的服务器.curl有着大量的参数,常用来测试/调试服务 ...
- 什么是国密SSL证书?和普通SSL证书有什么区别?
SSL证书能够有效提升网站数据传输的安全性,已成为政府企业网站提升数据安全的标配.而国密SSL证书由于加密算法不同,安全等级更高,逐渐受到越来越多用户的信赖和认可.那么国密SSL证书有哪些特点,它和传 ...
- nginx服务器配置ssl协议,国密SSL协议之Nginx集成
1 背景 Nginx自身支持标准的SSL协议,但并不支持国密SSL协议.本文描述了Nginx配置的国密SSL协议(单向)的完整过程,仅供学习和参考之用. 特点:Nginx 无需改动源码.支持任意版本. ...
- 国密浏览器如何完成SM2国密SSL协议协商
国密浏览器需要遵循国密SSL协议规范GM/T 0024-2014.GM/T 0024-2014没有单独规范 SSL协议的文件,而是在SSL VPN技术规范中定义了国密SSL协议.国密SSL协议(SSL ...
- 国密SSL证书申请免费试用
沃通提供国密SSL证书免费申请试用服务,一次申请可同时签发SM2/RSA双算法证书,试用周期1个月,用于测试国密SM2 SSL证书的运行效果和SM2/RSA双证书部署效果. 试用产品:SM2/RSA双 ...
- 什么是国密SSL协议?国密证书与传统SSL证书有什么区别?
你知道什么是国密SSL协议吗?很多人听说过SSL证书.SSL协议,但是国密SSL协议却是第一次听说.一起来看看什么是国密SSL协议,以及国密证书与传统SSL证书有什么区别? 什么是国密SSL协议?国密 ...
最新文章
- wpf每隔一小时_包河区徐河排涝站24小时不间断运作 11座区管泵站全面应战保安澜...
- Scala隐式转换之隐式类
- ACM练习 校赛183F:公平的游戏(TLE)【set的使用,给迭代器增加指定偏移量】
- script标签中的async和defer
- mysql: union / union all / 自定义函数用法详解
- JS左右无缝滚动(一般方法+面向对象方法)
- Web2.0网站性能调优实践(引用王宗义)
- android phone win10下载,微软Your Phone新功能: 可在Win 10 PC 上运行 Android 应用程序...
- 中南大学 科学计算与MATLAB语言 11矩阵求值
- PMP 第十章 项目沟通管理
- 【设计鉴赏】精选字体设计鉴赏(二)
- Excel如何批量插入删除复选框
- 华为笔试c语言,华为笔试算法题汇总
- CCNA 中文读书笔记四
- java的无极分类,ThinkPHP菜单无极分类实例讲解
- java代码中实现excel表下载
- 禁止文件夹 icloud_如何更改Windows iCloud照片文件夹位置
- 2022年注册会计师(CPA)考试精选试题及答案
- GPT系列:GPT1 -> 2 -> 3 -> InstructGPT ->ChatGPT
- 斗地主吗?能学区块链那种! | 原力计划