From 87cdebd8cf92cf7963e583d8572afe9eefd87423 Mon Sep 17 00:00:00 2001 From: deatil <2217957370@qq.com> Date: Wed, 6 Mar 2024 23:48:48 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=20X509=20=E7=9A=84=20SM2=20?= =?UTF-8?q?=E6=B5=8B=E8=AF=95=E8=AF=81=E4=B9=A6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- x509/x509_test.go | 66 +++++++++++++++++++++++++++++++---------------- 1 file changed, 44 insertions(+), 22 deletions(-) diff --git a/x509/x509_test.go b/x509/x509_test.go index ef47a443..a583134d 100644 --- a/x509/x509_test.go +++ b/x509/x509_test.go @@ -1167,33 +1167,39 @@ func Test_P12_Gost_222(t *testing.T) { } } -var testSM2Cert = ` +var testSM2RootCaCert = ` -----BEGIN CERTIFICATE----- -MIICTTCCAfOgAwIBAgIJAOWoGwJCndt2MAoGCCqBHM9VAYN1MGcxCzAJBgNVBAYT -AkNOMRAwDgYDVQQIDAdCZWlqaW5nMRAwDgYDVQQHDAdIYWlEaWFuMRMwEQYDVQQK -DApHTUNlcnQub3JnMR8wHQYDVQQDDBZHTUNlcnQgR00gUm9vdCBDQSAtIDAxMB4X -DTI0MDEyNDA5MDAwMFoXDTI1MDEyMzA5MDAwMFowYjELMAkGA1UEBhMCNjYxCzAJ -BgNVBAgMAjU1MQswCQYDVQQHDAI0NDELMAkGA1UEBwwCMzMxCzAJBgNVBAoMAjIy -MQswCQYDVQQKDAIxMTESMBAGA1UEAwwJdGVzdF9OVUxMMFkwEwYHKoZIzj0CAQYI -KoEcz1UBgi0DQgAEnA3ttWiJUt1tF0sEPALgYhevNXYSUa6lzJ4ZbGM8NQiHRlva -bVrlmcLIG1l1byDo/trnduv5q0dQdFmfYihh2aOBjDCBiTAMBgNVHRMBAf8EAjAA -MAsGA1UdDwQEAwIHgDAsBglghkgBhvhCAQ0EHxYdR01DZXJ0Lm9yZyBTaWduZWQg -Q2VydGlmaWNhdGUwHQYDVR0OBBYEFLgpNzezd7Hs307jtoQXYGW3oQH3MB8GA1Ud -IwQYMBaAFH9aXjsAhFkqD5i+oQ5vOZVDEE0HMAoGCCqBHM9VAYN1A0gAMEUCIQDh -KwUL+a/JnoDf8cXaUkrty+t9f7H/Ob0ElI5ETcZHdAIgYHmgM/n3M5a04b+4wrna -EUPf68vuiWz0EUndQSJ45zA= +MIIB4DCCAYagAwIBAgIBADAKBggqgRzPVQGDdTBGMQswCQYDVQQGEwJBQTELMAkG +A1UECAwCQkIxCzAJBgNVBAoMAkNDMQswCQYDVQQLDAJERDEQMA4GA1UEAwwHcm9v +dCBjYTAgFw0yMzAyMjIwMjMwMTNaGA8yMTIzMDEyOTAyMzAxM1owRjELMAkGA1UE +BhMCQUExCzAJBgNVBAgMAkJCMQswCQYDVQQKDAJDQzELMAkGA1UECwwCREQxEDAO +BgNVBAMMB3Jvb3QgY2EwWTATBgcqhkjOPQIBBggqgRzPVQGCLQNCAASN55Ju2pvU +Bi8UrWHc4ZaKnsqiFPWfcM/6H2Gu/VQ7I1oVnyPktvlTrtwhSy6K43JoCnjVPHrq +jOXxnkOtGVDVo2MwYTAdBgNVHQ4EFgQUxu7mMmVaB3vq7JRi8UEFHcxVFY4wHwYD +VR0jBBgwFoAUxu7mMmVaB3vq7JRi8UEFHcxVFY4wDwYDVR0TAQH/BAUwAwEB/zAO +BgNVHQ8BAf8EBAMCAYYwCgYIKoEcz1UBg3UDSAAwRQIhAIz7tgrp7LmOQEJGPAU3 +8m9PNzMOTqGWZqux8CxIuEGjAiB4cFVYQ4sTCYb/4fNayKYO1FH+Q2Cc7xGq7WPd +knwWpw== -----END CERTIFICATE----- ` -var testSM2Cert_PriKkey = ` ------BEGIN PRIVATE KEY----- -MIGHAgEAMBMGByqGSM49AgEGCCqBHM9VAYItBG0wawIBAQQgOa3ppbTLiG5kUG6n -kubkr/0I+Ebivvodq9BaQYMpNsKhRANCAAScDe21aIlS3W0XSwQ8AuBiF681dhJR -rqXMnhlsYzw1CIdGW9ptWuWZwsgbWXVvIOj+2ud26/mrR1B0WZ9iKGHZ ------END PRIVATE KEY----- +var testSM2SubCaCert = ` +-----BEGIN CERTIFICATE----- +MIIB4zCCAYigAwIBAgIBATAKBggqgRzPVQGDdTBGMQswCQYDVQQGEwJBQTELMAkG +A1UECAwCQkIxCzAJBgNVBAoMAkNDMQswCQYDVQQLDAJERDEQMA4GA1UEAwwHcm9v +dCBjYTAgFw0yMzAyMjIwMjMwMTNaGA8yMTIzMDEyOTAyMzAxM1owRTELMAkGA1UE +BhMCQUExCzAJBgNVBAgMAkJCMQswCQYDVQQKDAJDQzELMAkGA1UECwwCREQxDzAN +BgNVBAMMBnN1YiBjYTBZMBMGByqGSM49AgEGCCqBHM9VAYItA0IABH0feWwae0S0 +w4QQA5cBGYwaQPaxZFcLzIqph+I6BQQCGXaIAabqpO0zjAyf1twYmoM3ZRLJgbZz +HE/2rRMPBiajZjBkMB0GA1UdDgQWBBSsYesigGJZCD6WyNF/znRcAq88mTAfBgNV +HSMEGDAWgBTG7uYyZVoHe+rslGLxQQUdzFUVjjASBgNVHRMBAf8ECDAGAQH/AgEA +MA4GA1UdDwEB/wQEAwIBhjAKBggqgRzPVQGDdQNJADBGAiEApoHDue1bzGukE97O +BqQbboU1d3jqNg4gAgpMe5fFIosCIQDwndSp7Tc3DZ0QCifXKNqgykjepsWTPZ3R +NrMzM0rflg== +-----END CERTIFICATE----- ` func Test_P12_SM2(t *testing.T) { - certpem := decodePEM(testSM2Cert) + certpem := decodePEM(testSM2RootCaCert) cert, err := ParseCertificate(certpem) if err != nil { @@ -1217,6 +1223,22 @@ func Test_P12_SM2(t *testing.T) { err = cert.CheckSignature(cert.SignatureAlgorithm, cert.RawTBSCertificate, cert.Signature) if err != nil { - // t.Fatal(err) + t.Fatal(err) + } + + // ========== + + subCertpem := decodePEM(testSM2SubCaCert) + + subCert, err := ParseCertificate(subCertpem) + if err != nil { + t.Fatal(err) + } + + // use root ca PublicKey to Check Signature + subCert.PublicKey = pubKey + err = subCert.CheckSignature(subCert.SignatureAlgorithm, subCert.RawTBSCertificate, subCert.Signature) + if err != nil { + t.Fatal(err) } }