X-Git-Url: http://git.osdn.net/view?p=bytom%2Fvapor.git;a=blobdiff_plain;f=crypto%2Fsm2%2Fsm2_test.go;fp=crypto%2Fsm2%2Fsm2_test.go;h=0820118a21561b3a770f3cfd63714516400b8676;hp=0000000000000000000000000000000000000000;hb=db158dcf09436b003defd333f1a665e7e051d820;hpb=d09b7a78d44dc259725902b8141cdba0d716b121

diff --git a/crypto/sm2/sm2_test.go b/crypto/sm2/sm2_test.go
new file mode 100644
index 00000000..0820118a
--- /dev/null
+++ b/crypto/sm2/sm2_test.go
@@ -0,0 +1,219 @@
+/*
+Copyright Suzhou Tongji Fintech Research Institute 2017 All Rights Reserved.
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+                 http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package sm2
+
+import (
+	"crypto/rand"
+	"crypto/x509/pkix"
+	"encoding/asn1"
+	"fmt"
+	"io/ioutil"
+	"log"
+	"math/big"
+	"net"
+	"os"
+	"testing"
+	"time"
+)
+
+func TestSm2(t *testing.T) {
+	priv, err := GenerateKey() // çæå¯é¥å¯¹
+	if err != nil {
+		log.Fatal(err)
+	}
+	fmt.Printf("%v\n", priv.Curve.IsOnCurve(priv.X, priv.Y)) // éªè¯æ¯å¦ä¸ºsm2çæ²çº¿
+	pub := &priv.PublicKey
+	msg := []byte("123456")
+	d0, err := pub.Encrypt(msg)
+	if err != nil {
+		fmt.Printf("Error: failed to encrypt %s: %v\n", msg, err)
+		return
+	}
+	fmt.Printf("Cipher text = %v\n", d0)
+	d1, err := priv.Decrypt(d0)
+	if err != nil {
+		fmt.Printf("Error: failed to decrypt: %v\n", err)
+	}
+	fmt.Printf("clear text = %s\n", d1)
+	ok, err := WritePrivateKeytoPem("priv.pem", priv, nil) // çæå¯é¥æä»¶
+	if ok != true {
+		log.Fatal(err)
+	}
+	pubKey, _ := priv.Public().(*PublicKey)
+	ok, err = WritePublicKeytoPem("pub.pem", pubKey, nil) // çæå¬é¥æä»¶
+	if ok != true {
+		log.Fatal(err)
+	}
+	msg = []byte("test")
+	err = ioutil.WriteFile("ifile", msg, os.FileMode(0644)) // çææµè¯æä»¶
+	if err != nil {
+		log.Fatal(err)
+	}
+	privKey, err := ReadPrivateKeyFromPem("priv.pem", nil) // è¯»åå¯é¥
+	if err != nil {
+		log.Fatal(err)
+	}
+	pubKey, err = ReadPublicKeyFromPem("pub.pem", nil) // è¯»åå¬é¥
+	if err != nil {
+		log.Fatal(err)
+	}
+	msg, _ = ioutil.ReadFile("ifile")                // ä»æä»¶è¯»åæ°æ®
+	sign, err := privKey.Sign(rand.Reader, msg, nil) // ç­¾å
+	if err != nil {
+		log.Fatal(err)
+	}
+	err = ioutil.WriteFile("ofile", sign, os.FileMode(0644))
+	if err != nil {
+		log.Fatal(err)
+	}
+	signdata, _ := ioutil.ReadFile("ofile")
+	ok = privKey.Verify(msg, signdata) // å¯é¥éªè¯
+	if ok != true {
+		fmt.Printf("Verify error\n")
+	} else {
+		fmt.Printf("Verify ok\n")
+	}
+	ok = pubKey.Verify(msg, signdata) // å¬é¥éªè¯
+	if ok != true {
+		fmt.Printf("Verify error\n")
+	} else {
+		fmt.Printf("Verify ok\n")
+	}
+	templateReq := CertificateRequest{
+		Subject: pkix.Name{
+			CommonName:   "test.example.com",
+			Organization: []string{"Test"},
+		},
+		//		SignatureAlgorithm: ECDSAWithSHA256,
+		SignatureAlgorithm: SM2WithSM3,
+	}
+	_, err = CreateCertificateRequestToPem("req.pem", &templateReq, privKey)
+	if err != nil {
+		log.Fatal(err)
+	}
+	req, err := ReadCertificateRequestFromPem("req.pem")
+	if err != nil {
+		log.Fatal(err)
+	}
+	err = req.CheckSignature()
+	if err != nil {
+		log.Fatal(err)
+	} else {
+		fmt.Printf("CheckSignature ok\n")
+	}
+	testExtKeyUsage := []ExtKeyUsage{ExtKeyUsageClientAuth, ExtKeyUsageServerAuth}
+	testUnknownExtKeyUsage := []asn1.ObjectIdentifier{[]int{1, 2, 3}, []int{2, 59, 1}}
+	extraExtensionData := []byte("extra extension")
+	commonName := "test.example.com"
+	template := Certificate{
+		// SerialNumber is negative to ensure that negative
+		// values are parsed. This is due to the prevalence of
+		// buggy code that produces certificates with negative
+		// serial numbers.
+		SerialNumber: big.NewInt(-1),
+		Subject: pkix.Name{
+			CommonName:   commonName,
+			Organization: []string{"TEST"},
+			Country:      []string{"China"},
+			ExtraNames: []pkix.AttributeTypeAndValue{
+				{
+					Type:  []int{2, 5, 4, 42},
+					Value: "Gopher",
+				},
+				// This should override the Country, above.
+				{
+					Type:  []int{2, 5, 4, 6},
+					Value: "NL",
+				},
+			},
+		},
+		NotBefore: time.Unix(1000, 0),
+		NotAfter:  time.Unix(100000, 0),
+
+		//		SignatureAlgorithm: ECDSAWithSHA256,
+		SignatureAlgorithm: SM2WithSM3,
+
+		SubjectKeyId: []byte{1, 2, 3, 4},
+		KeyUsage:     KeyUsageCertSign,
+
+		ExtKeyUsage:        testExtKeyUsage,
+		UnknownExtKeyUsage: testUnknownExtKeyUsage,
+
+		BasicConstraintsValid: true,
+		IsCA: true,
+
+		OCSPServer:            []string{"http://ocsp.example.com"},
+		IssuingCertificateURL: []string{"http://crt.example.com/ca1.crt"},
+
+		DNSNames:       []string{"test.example.com"},
+		EmailAddresses: []string{"gopher@golang.org"},
+		IPAddresses:    []net.IP{net.IPv4(127, 0, 0, 1).To4(), net.ParseIP("2001:4860:0:2001::68")},
+
+		PolicyIdentifiers:   []asn1.ObjectIdentifier{[]int{1, 2, 3}},
+		PermittedDNSDomains: []string{".example.com", "example.com"},
+
+		CRLDistributionPoints: []string{"http://crl1.example.com/ca1.crl", "http://crl2.example.com/ca1.crl"},
+
+		ExtraExtensions: []pkix.Extension{
+			{
+				Id:    []int{1, 2, 3, 4},
+				Value: extraExtensionData,
+			},
+			// This extension should override the SubjectKeyId, above.
+			{
+				Id:       oidExtensionSubjectKeyId,
+				Critical: false,
+				Value:    []byte{0x04, 0x04, 4, 3, 2, 1},
+			},
+		},
+	}
+	pubKey, _ = priv.Public().(*PublicKey)
+	ok, _ = CreateCertificateToPem("cert.pem", &template, &template, pubKey, privKey)
+	if ok != true {
+		fmt.Printf("failed to create cert file\n")
+	}
+	cert, err := ReadCertificateFromPem("cert.pem")
+	if err != nil {
+		fmt.Printf("failed to read cert file")
+	}
+	err = cert.CheckSignature(cert.SignatureAlgorithm, cert.RawTBSCertificate, cert.Signature)
+	if err != nil {
+		log.Fatal(err)
+	} else {
+		fmt.Printf("CheckSignature ok\n")
+	}
+}
+
+func BenchmarkSM2(t *testing.B) {
+	t.ReportAllocs()
+	for i := 0; i < t.N; i++ {
+		priv, err := GenerateKey() // çæå¯é¥å¯¹
+		if err != nil {
+			log.Fatal(err)
+		}
+		msg := []byte("test")
+		sign, err := priv.Sign(rand.Reader, msg, nil) // ç­¾å
+		if err != nil {
+			log.Fatal(err)
+		}
+		ok := priv.Verify(msg, sign) // å¯é¥éªè¯
+		if ok != true {
+			fmt.Printf("Verify error\n")
+		} else {
+			fmt.Printf("Verify ok\n")
+		}
+	}
+}