GMSSLGMSSL double certificate generation for novice

First of all, I'm not a professional in cryptography. I don't have the knowledge base in this area. This blog and the next blog are all based on the materials and blogs I can find on the Internet. I've explored and summed them up a little bit. I asked many predecessors and bloggers, but I didn't see them and didn't reply to them. But the project has to be done involuntarily, but we have to try it on our own.

If there is anything wrong, please point out and let me learn. Thank you!

The reference address of the blog will give the reference content in the article. I can refer to the original text for the unclear steps I summarized.

I believe that the students who read this blog should know more about openssl than I do, so I won't teach them how to deal with it. Maybe the field of national secret is too small for other technologies, there are too few tutorials to refer to, and the algorithms of national secret implemented by individuals have not been strictly tested, and the problem solving is not very fast. The purpose of this article is to record the holes and solutions that we encountered in the process of https trial. It may be helpful to the novice who just entered the hole, and will not have no clue like me.

Let's start with less nonsense

1, Double certificate generation

On the issue of guomi double certificate, please refer to What? Double certificate? The content of this blog:

The national security standard is not very clear about the definition of SSL communication. The only standard that can be relied on is GMT 0024-2014 SSL VPN technical specification. It is mentioned in the document that the national secret TLS needs to have a signing certificate and an encryption certificate.

No matter for the sake of security or anything else, the national secret standard requires this, so it's better to take this into consideration when we build the national secret certificate ourselves.

I read a lot of blogs. Everyone follows TASSL Tassl of_ demo/mk_ tls_ Under cert directory SM2certgen.sh This script was generated, but I had some problems when I used it in Windows environment, but I still had to use it. I roughly figured out the steps and modified them according to my actual needs:

# For a list of supported curves, use "apps/openssl ecparam -list_curves".

# Path to the openssl distribution
OPENSSL_DIR=.
# Path to the openssl program
OPENSSL_CMD=gmssl
# Option to find configuration file
OPENSSL_CNF="-config ./openssl.cnf"
# Directory where certificates are stored
CERTS_DIR=./sm2Certs
# Directory where private key files are stored
KEYS_DIR=$CERTS_DIR
# Directory where combo files (containing a certificate and corresponding
# private key together) are stored
COMBO_DIR=$CERTS_DIR
# cat command
CAT="C:/Progra~1/Git/usr/bin/cat.exe"
# rm command
RM="C:/Progra~1/Git/usr/bin/rm.exe"
# mkdir command
MKDIR="C:/Progra~1/Git/usr/bin/mkdir.exe"
# The certificate will expire these many days after the issue date.
DAYS=1500
TEST_CA_CURVE=SM2
TEST_CA_FILE=CA
TEST_CA_DN="//skip=yes/C=CN/ST=BJ/L=HaiDian/O=Beijing JNTA Technology LTD./OU=SORB of TASS/CN=Test CA (SM2)"

TEST_SERVER_CURVE=SM2
TEST_SERVER_FILE=SS
TEST_SERVER_DN="//skip=yes/C=CN/ST=BJ/L=HaiDian/O=Beijing JNTA Technology LTD./OU=BSRC of TASS/CN=server sign (SM2)"

TEST_SERVER_ENC_FILE=SE
TEST_SERVER_ENC_DN="//skip=yes/C=CN/ST=BJ/L=HaiDian/O=Beijing JNTA Technology LTD./OU=BSRC of TASS/CN=server enc (SM2)"

TEST_CLIENT_CURVE=SM2
TEST_CLIENT_FILE=CS
TEST_CLIENT_DN="//skip=yes/C=CN/ST=BJ/L=HaiDian/O=Beijing JNTA Technology LTD./OU=BSRC of TASS/CN=client sign (SM2)"

TEST_CLIENT_ENC_FILE=CE
TEST_CLIENT_ENC_DN="//skip=yes/C=CN/ST=BJ/L=HaiDian/O=Beijing JNTA Technology LTD./OU=BSRC of TASS/CN=client sign (SM2)"

# Generating an EC certificate involves the following main steps
# 1. Generating curve parameters (if needed)
# 2. Generating a certificate request
# 3. Signing the certificate request 
# 4. [Optional] One can combine the cert and private key into a single
#    file and also delete the certificate request

$MKDIR -p $CERTS_DIR
$MKDIR -p $KEYS_DIR
$MKDIR -p $COMBO_DIR

echo "Generating self-signed CA certificate (on curve $TEST_CA_CURVE)"
echo "==============================================================="
$OPENSSL_CMD ecparam -name $TEST_CA_CURVE -out $TEST_CA_CURVE.pem


# Generate a new certificate request in $TEST_CA_FILE.req.pem. A 
# new ecdsa (actually ECC) key pair is generated on the parameters in
# $TEST_CA_CURVE.pem and the private key is saved in $TEST_CA_FILE.key.pem
# WARNING: By using the -nodes option, we force the private key to be 
# stored in the clear (rather than encrypted with a password).
$OPENSSL_CMD req $OPENSSL_CNF -nodes -subj "$TEST_CA_DN" \
    -keyout $KEYS_DIR/$TEST_CA_FILE.key.pem \
    -newkey ec:$TEST_CA_CURVE.pem -new \
    -out $CERTS_DIR/$TEST_CA_FILE.req.pem

# Sign the certificate request in $TEST_CA_FILE.req.pem using the
# private key in $TEST_CA_FILE.key.pem and include the CA extension.
# Make the certificate valid for 1500 days from the time of signing.
# The certificate is written into $TEST_CA_FILE.cert.pem
$OPENSSL_CMD x509 -req -days $DAYS \
    -in $CERTS_DIR/$TEST_CA_FILE.req.pem \
    -extfile $OPENSSL_DIR/openssl.cnf \
    -extensions v3_ca \
    -signkey $KEYS_DIR/$TEST_CA_FILE.key.pem \
    -out $CERTS_DIR/$TEST_CA_FILE.cert.pem

# Display the certificate
$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_CA_FILE.cert.pem -text

# Place the certificate and key in a common file
$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_CA_FILE.cert.pem -issuer -subject \
	 > $COMBO_DIR/$TEST_CA_FILE.pem
$CAT $KEYS_DIR/$TEST_CA_FILE.key.pem >> $COMBO_DIR/$TEST_CA_FILE.pem

# Remove the cert request file (no longer needed)
$RM $CERTS_DIR/$TEST_CA_FILE.req.pem

echo "GENERATING A TEST SERVER CERTIFICATE (on elliptic curve $TEST_SERVER_CURVE)"
echo "=========================================================================="
# Generate a new certificate request in $TEST_SERVER_FILE.req.pem. A 
# new ecdsa (actually ECC) key pair is generated on the parameters in
# $TEST_SERVER_CURVE.pem and the private key is saved in 
# $TEST_SERVER_FILE.key.pem
# WARNING: By using the -nodes option, we force the private key to be 
# stored in the clear (rather than encrypted with a password).
$OPENSSL_CMD req $OPENSSL_CNF -nodes -subj "$TEST_SERVER_DN" \
    -keyout $KEYS_DIR/$TEST_SERVER_FILE.key.pem \
    -newkey ec:$TEST_SERVER_CURVE.pem -new \
    -out $CERTS_DIR/$TEST_SERVER_FILE.req.pem

# Sign the certificate request in $TEST_SERVER_FILE.req.pem using the
# CA certificate in $TEST_CA_FILE.cert.pem and the CA private key in
# $TEST_CA_FILE.key.pem. Since we do not have an existing serial number
# file for this CA, create one. Make the certificate valid for $DAYS days
# from the time of signing. The certificate is written into 
# $TEST_SERVER_FILE.cert.pem
$OPENSSL_CMD x509 -req -days $DAYS \
    -in $CERTS_DIR/$TEST_SERVER_FILE.req.pem \
    -CA $CERTS_DIR/$TEST_CA_FILE.cert.pem \
    -CAkey $KEYS_DIR/$TEST_CA_FILE.key.pem \
	-extfile $OPENSSL_DIR/openssl.cnf \
	-extensions v3_req \
    -out $CERTS_DIR/$TEST_SERVER_FILE.cert.pem -CAcreateserial

# Display the certificate 
$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_SERVER_FILE.cert.pem -text

# Place the certificate and key in a common file
$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_SERVER_FILE.cert.pem -issuer -subject \
	 > $COMBO_DIR/$TEST_SERVER_FILE.pem
$CAT $KEYS_DIR/$TEST_SERVER_FILE.key.pem >> $COMBO_DIR/$TEST_SERVER_FILE.pem

# Remove the cert request file (no longer needed)
$RM $CERTS_DIR/$TEST_SERVER_FILE.req.pem

echo "	GENERATING A TEST SERVER ENCRYPT CERTIFICATE (on elliptic curve $TEST_SERVER_CURVE)"
echo "  ==================================================================================="
# Generate a new certificate request in $TEST_SERVER_FILE.req.pem. A 
# new ecdsa (actually ECC) key pair is generated on the parameters in
# $TEST_SERVER_CURVE.pem and the private key is saved in 
# $TEST_SERVER_FILE.key.pem
# WARNING: By using the -nodes option, we force the private key to be 
# stored in the clear (rather than encrypted with a password).
$OPENSSL_CMD req $OPENSSL_CNF -nodes -subj "$TEST_SERVER_ENC_DN" \
    -keyout $KEYS_DIR/$TEST_SERVER_ENC_FILE.key.pem \
    -newkey ec:$TEST_SERVER_CURVE.pem -new \
    -out $CERTS_DIR/$TEST_SERVER_ENC_FILE.req.pem

# Sign the certificate request in $TEST_SERVER_FILE.req.pem using the
# CA certificate in $TEST_CA_FILE.cert.pem and the CA private key in
# $TEST_CA_FILE.key.pem. Since we do not have an existing serial number
# file for this CA, create one. Make the certificate valid for $DAYS days
# from the time of signing. The certificate is written into 
# $TEST_SERVER_FILE.cert.pem
$OPENSSL_CMD x509 -req -days $DAYS \
    -in $CERTS_DIR/$TEST_SERVER_ENC_FILE.req.pem \
    -CA $CERTS_DIR/$TEST_CA_FILE.cert.pem \
    -CAkey $KEYS_DIR/$TEST_CA_FILE.key.pem \
	-extfile $OPENSSL_DIR/openssl.cnf \
	-extensions v3enc_req \
    -out $CERTS_DIR/$TEST_SERVER_ENC_FILE.cert.pem -CAcreateserial

# Display the certificate 
$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_SERVER_ENC_FILE.cert.pem -text

# Place the certificate and key in a common file
$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_SERVER_ENC_FILE.cert.pem -issuer -subject \
	 > $COMBO_DIR/$TEST_SERVER_ENC_FILE.pem
$CAT $KEYS_DIR/$TEST_SERVER_ENC_FILE.key.pem >> $COMBO_DIR/$TEST_SERVER_ENC_FILE.pem

# Remove the cert request file (no longer needed)
$RM $CERTS_DIR/$TEST_SERVER_ENC_FILE.req.pem



echo "GENERATING A TEST CLIENT CERTIFICATE (on elliptic curve $TEST_CLIENT_CURVE)"
echo "=========================================================================="
# Generate a new certificate request in $TEST_CLIENT_FILE.req.pem. A 
# new ecdsa (actually ECC) key pair is generated on the parameters in
# $TEST_CLIENT_CURVE.pem and the private key is saved in 
# $TEST_CLIENT_FILE.key.pem
# WARNING: By using the -nodes option, we force the private key to be 
# stored in the clear (rather than encrypted with a password).
$OPENSSL_CMD req $OPENSSL_CNF -nodes -subj "$TEST_CLIENT_DN" \
	     -keyout $KEYS_DIR/$TEST_CLIENT_FILE.key.pem \
	     -newkey ec:$TEST_CLIENT_CURVE.pem -new \
	     -out $CERTS_DIR/$TEST_CLIENT_FILE.req.pem

# Sign the certificate request in $TEST_CLIENT_FILE.req.pem using the
# CA certificate in $TEST_CA_FILE.cert.pem and the CA private key in
# $TEST_CA_FILE.key.pem. Since we do not have an existing serial number
# file for this CA, create one. Make the certificate valid for $DAYS days
# from the time of signing. The certificate is written into 
# $TEST_CLIENT_FILE.cert.pem
$OPENSSL_CMD x509 -req -days $DAYS \
    -in $CERTS_DIR/$TEST_CLIENT_FILE.req.pem \
    -CA $CERTS_DIR/$TEST_CA_FILE.cert.pem \
    -CAkey $KEYS_DIR/$TEST_CA_FILE.key.pem \
	-extfile $OPENSSL_DIR/openssl.cnf \
	-extensions v3_req \
    -out $CERTS_DIR/$TEST_CLIENT_FILE.cert.pem -CAcreateserial

# Display the certificate 
$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_CLIENT_FILE.cert.pem -text

# Place the certificate and key in a common file
$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_CLIENT_FILE.cert.pem -issuer -subject \
	 > $COMBO_DIR/$TEST_CLIENT_FILE.pem
$CAT $KEYS_DIR/$TEST_CLIENT_FILE.key.pem >> $COMBO_DIR/$TEST_CLIENT_FILE.pem

# Remove the cert request file (no longer needed)
$RM $CERTS_DIR/$TEST_CLIENT_FILE.req.pem


echo "	GENERATING A TEST CLIENT ENCRYPT CERTIFICATE (on elliptic curve $TEST_CLIENT_CURVE)"
echo "	==================================================================================="
# Generate a new certificate request in $TEST_CLIENT_FILE.req.pem. A 
# new ecdsa (actually ECC) key pair is generated on the parameters in
# $TEST_CLIENT_CURVE.pem and the private key is saved in 
# $TEST_CLIENT_FILE.key.pem
# WARNING: By using the -nodes option, we force the private key to be 
# stored in the clear (rather than encrypted with a password).
$OPENSSL_CMD req $OPENSSL_CNF -nodes -subj "$TEST_CLIENT_ENC_DN" \
	     -keyout $KEYS_DIR/$TEST_CLIENT_ENC_FILE.key.pem \
	     -newkey ec:$TEST_CLIENT_CURVE.pem -new \
	     -out $CERTS_DIR/$TEST_CLIENT_ENC_FILE.req.pem

# Sign the certificate request in $TEST_CLIENT_FILE.req.pem using the
# CA certificate in $TEST_CA_FILE.cert.pem and the CA private key in
# $TEST_CA_FILE.key.pem. Since we do not have an existing serial number
# file for this CA, create one. Make the certificate valid for $DAYS days
# from the time of signing. The certificate is written into 
# $TEST_CLIENT_FILE.cert.pem
$OPENSSL_CMD x509 -req -days $DAYS \
    -in $CERTS_DIR/$TEST_CLIENT_ENC_FILE.req.pem \
    -CA $CERTS_DIR/$TEST_CA_FILE.cert.pem \
    -CAkey $KEYS_DIR/$TEST_CA_FILE.key.pem \
	-extfile $OPENSSL_DIR/openssl.cnf \
	-extensions v3enc_req \
    -out $CERTS_DIR/$TEST_CLIENT_ENC_FILE.cert.pem -CAcreateserial

# Display the certificate 
$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_CLIENT_ENC_FILE.cert.pem -text

# Place the certificate and key in a common file
$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_CLIENT_ENC_FILE.cert.pem -issuer -subject \
	 > $COMBO_DIR/$TEST_CLIENT_ENC_FILE.pem
$CAT $KEYS_DIR/$TEST_CLIENT_ENC_FILE.key.pem >> $COMBO_DIR/$TEST_CLIENT_ENC_FILE.pem

# Remove the cert request file (no longer needed)
$RM $CERTS_DIR/$TEST_CLIENT_ENC_FILE.req.pem

One thing to note here is that

TEST_CA_DN="//skip=yes/C=CN/ST=BJ/L=HaiDian/O=Beijing JNTA Technology LTD./OU=SORB of TASS/CN=Test CA (SM2)"

This was originally:

TEST_CA_DN="/C=CN/ST=BJ/L=HaiDian/O=Beijing JNTA Technology LTD./OU=SORB of TASS/CN=Test CA (SM2)"

However, if this command is executed, an error will be reported:

OPENSSL_CMD req $OPENSSL_CNF -nodes -subj "$TEST_CA_DN" 

reference resources BUG when using OpenSSL to create Certificate in MinGW This blog method can be modified.  

According to the above files, corresponding key and certificate files can be generated:

The certificate is generated in the sm2Certs subdirectory, where:

  • CA.key.pem and CA.cert.pem They are the CA private key and the CA certificate.

  • CE.cert.pem and CE.key.pem They are the client's encryption certificate and the corresponding private key.

  • CS.cert.pem and CS.key.pem They are the client's signing certificate and the corresponding private key.

  • SE.cert.pem and SE.key.pem They are the encryption certificate of the server and the corresponding private key.

  • SS.cert.pem and SS.key.pem They are the server's signing certificate and the corresponding private key.

2, Dual Certificate Operation Service

How to use s of openssl_ I have also checked the server command to run double certificates for a long time. I have no clear explanation from the blog. I don't know if this is right.

I checked the official interface description, OpenSSL s_ We are familiar with - cert and - key in the parameters of server. CA and other parameters are more unlikely to be confused, but there is another parameter - dcert and - dkey that do not quite understand this usage.

official Explained as follows:

-dcert filename-dkey keyname

specify an additional certificate and private key, these behave in the same manner as the -cert and -key options except there is no default if they are not specified (no additional certificate and key is used). As noted above some cipher suites require a certificate containing a key of a certain type. Some cipher suites need a certificate carrying an RSA key and some a DSS (DSA) key. By using RSA and DSS certificates and keys a server can support clients which only support RSA or DSS cipher suites by using an appropriate certificate.

I think double certificates should be added here

But I tried:

gmssl s_server -accept 44330 -key .\SE.key.pem -cert .\SE.cert.pem -dkey .\SS.key.pem -dcert .\SS.cert.pem  -CAfile .\CA.cert.pem

Wrong report:

gmssl s_server -accept 44330 -key .\SE.key.pem -cert .\SE.cert.pem -dkey .\SS.key.pem -dcert .\SS.cert.pem  -CAfile .\CA.cert.pem

Using default temp DH parameters
[GMTLS_DEBUG] set sm2 encryption certificate
[GMTLS_DEBUG] set sm2 decryption private key
[GMTLS_DEBUG] set sm2 signing certificate
error setting private key
2419748:error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch:crypto\x509\x509_cmp.c:288:

At this time, I see GmSSL programming for gmtls protocol C/S Communication (BIO version) One sentence from this blog:

When setting up a double certificate, you need to first set up a signing certificate, and then set up an encryption certificate. For details, please refer to the source code.

I don't have time to nibble on the source code, but here I am prompted to change the command to:

gmssl s_server -accept 44330 -key .\SS.key.pem -cert .\SS.cert.pem  -dkey .\SE.key.pem -dcert .\SE.cert.pem -CAfile .\CA.cert.pem

Ha ha, you can get the result

gmssl s_server -accept 44330 -key .\SS.key.pem -cert .\SS.cert.pem  -dkey .\SE.key.pem -dcert .\SE.cert.pem -CAfile .\CA.cert.pem

Using default temp DH parameters
[GMTLS_DEBUG] set sm2 signing certificate
[GMTLS_DEBUG] set sm2 signing private key
[GMTLS_DEBUG] set sm2 encryption certificate
[GMTLS_DEBUG] set sm2 decryption private key
ACCEPT

If I don't guess wrong, it should be a success. The next step is to use s_client tested:

gmssl s_client -connect localhost:44330 -key .\CS.key.pem -cert .\CS.cert.pem -CAfile .\CA.cert.pem

Results:

gmssl s_client -connect localhost:44330 -key .\CS.key.pem -cert .\CS.cert.pem -CAfile .\CA.cert.pem

[GMTLS_DEBUG] set sm2 signing certificate
[GMTLS_DEBUG] set sm2 signing private key
CONNECTED(00000230)
depth=1 C = CN, ST = BJ, L = HaiDian, O = Beijing JNTA Technology LTD., OU = SORB of TASS, CN = Test CA (SM2)
verify return:1
depth=0 C = CN, ST = BJ, L = HaiDian, O = Beijing JNTA Technology LTD., OU = BSRC of TASS, CN = server sign (SM2)
verify return:1
---
Certificate chain
 0 s:/C=CN/ST=BJ/L=HaiDian/O=Beijing JNTA Technology LTD./OU=BSRC of TASS/CN=server sign (SM2)
   i:/C=CN/ST=BJ/L=HaiDian/O=Beijing JNTA Technology LTD./OU=SORB of TASS/CN=Test CA (SM2)
 1 s:/C=CN/ST=BJ/L=HaiDian/O=Beijing JNTA Technology LTD./OU=SORB of TASS/CN=Test CA (SM2)
   i:/C=CN/ST=BJ/L=HaiDian/O=Beijing JNTA Technology LTD./OU=SORB of TASS/CN=Test CA (SM2)
---
Server certificate
-----BEGIN CERTIFICATE-----
MIICGjCCAcGgAwIBAgIJAIVjx+dwZIdkMAoGCCqBHM9VAYN1MIGCMQswCQYDVQQG
EwJDTjELMAkGA1UECAwCQkoxEDAOBgNVBAcMB0hhaURpYW4xJTAjBgNVBAoMHEJl
aWppbmcgSk5UQSBUZWNobm9sb2d5IExURC4xFTATBgNVBAsMDFNPUkIgb2YgVEFT
UzEWMBQGA1UEAwwNVGVzdCBDQSAoU00yKTAeFw0yMDA2MjAxMDE4MjVaFw0yNDA3
MjkxMDE4MjVaMIGGMQswCQYDVQQGEwJDTjELMAkGA1UECAwCQkoxEDAOBgNVBAcM
B0hhaURpYW4xJTAjBgNVBAoMHEJlaWppbmcgSk5UQSBUZWNobm9sb2d5IExURC4x
FTATBgNVBAsMDEJTUkMgb2YgVEFTUzEaMBgGA1UEAwwRc2VydmVyIHNpZ24gKFNN
MikwWTATBgcqhkjOPQIBBggqgRzPVQGCLQNCAAS0lHzt7CkOzCtyf6VwCqoT2PYD
CL/AJrCsHa+6lE8wDZ7DShI2bvfmrpavndEW67CHQOlO0q6/aoEB0PoAgpopoxow
GDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIGwDAKBggqgRzPVQGDdQNHADBEAiB06JWp
uxFbGBfvG9juhe2Umu/auI1H2XeMdvDjbOtfuQIgMXT8jewkzq9TR3OPzRTkZCRH
3H+xKEb8r8JsEEStwaU=
-----END CERTIFICATE-----
subject=/C=CN/ST=BJ/L=HaiDian/O=Beijing JNTA Technology LTD./OU=BSRC of TASS/CN=server sign (SM2)
issuer=/C=CN/ST=BJ/L=HaiDian/O=Beijing JNTA Technology LTD./OU=SORB of TASS/CN=Test CA (SM2)
---
No client certificate CA names sent
Peer signing digest: SM3
Server Temp Key: ECDH, SM2, 256 bits
---
SSL handshake has read 1625 bytes and written 322 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-SM2-WITH-SMS4-GCM-SM3
Server public key is 256 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-SM2-WITH-SMS4-GCM-SM3
    Session-ID: 07C747B77FFA3A856AD6344443AC9232A546EE8610A465538E4973DC53B5C00D
    Session-ID-ctx:
    Master-Key: FB16D89B2711388BFA315B6AAD2449A18DCE9F21AEBC51515A8B6ABDA27BFD67E0DB2BFA3DC8CCA311F828F14D4BC57C
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 7200 (seconds)
    TLS session ticket:
    0000 - 19 41 b1 2a f1 40 bf d7-1d 83 92 a1 86 bb 44 a5   .A.*.@........D.
    0010 - cf 4a 04 65 e9 37 56 57-26 d6 0d bd fd c2 da c9   .J.e.7VW&.......
    0020 - 8c fb 13 75 62 2b a1 fd-47 7c 19 ce 72 96 2f 8b   ...ub+..G|..r./.
    0030 - ca 11 d6 1f ef fc b0 2b-ff 3b d9 d4 dd fd 83 5b   .......+.;.....[
    0040 - 48 bb 8d 3e 90 57 91 7b-fd ae 3d 42 7d fb f6 8b   H..>.W.{..=B}...
    0050 - 33 3f b8 5c a2 ef 2a 53-e1 a9 6d 06 b3 00 e4 37   3?.\..*S..m....7
    0060 - 63 d8 90 64 ae 31 9b e8-41 d5 d7 55 93 14 37 4d   c..d.1..A..U..7M
    0070 - 1b cc 49 bd 6e ff fc 67-f0 52 f9 19 7d 8d f8 93   ..I.n..g.R..}...
    0080 - 19 39 80 91 57 91 e8 28-e3 f9 32 ce 86 06 41 94   .9..W..(..2...A.
    0090 - aa 94 54 ce 5b f8 32 e1-36 e6 08 f7 0c 54 fc 49   ..T.[.2.6....T.I

    Start Time: 1592931339
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: yes
---
hello
I
read:errno=0
PS D:\Surveying and Mapping Institute Project\usrTest\sm2Certs> gmssl s_client -connect localhost:44330 -key .\CS.key.pem -c
ert .\CS.cert.pem -CAfile .\CA.cert.pem
[GMTLS_DEBUG] set sm2 signing certificate
[GMTLS_DEBUG] set sm2 signing private key
CONNECTED(00000234)
2415044:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:ssl\record\rec_layer_s3.c:1385:SSL alert number 40
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 196 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1592969606
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
---
PS D:\Surveying and Mapping Institute Project\usrTest\sm2Certs> gmssl s_client -connect localhost:44330 -key .\CS.key.pem -c
ert .\CS.cert.pem -CAfile .\CA.cert.pem
[GMTLS_DEBUG] set sm2 signing certificate
[GMTLS_DEBUG] set sm2 signing private key
CONNECTED(0000022C)
depth=1 C = CN, ST = BJ, L = HaiDian, O = Beijing JNTA Technology LTD., OU = SORB of TASS, CN = Test CA (SM2)
verify return:1
depth=0 C = CN, ST = BJ, L = HaiDian, O = Beijing JNTA Technology LTD., OU = BSRC of TASS, CN = server sign (SM2)
verify return:1
---
Certificate chain
 0 s:/C=CN/ST=BJ/L=HaiDian/O=Beijing JNTA Technology LTD./OU=BSRC of TASS/CN=server sign (SM2)
   i:/C=CN/ST=BJ/L=HaiDian/O=Beijing JNTA Technology LTD./OU=SORB of TASS/CN=Test CA (SM2)
 1 s:/C=CN/ST=BJ/L=HaiDian/O=Beijing JNTA Technology LTD./OU=SORB of TASS/CN=Test CA (SM2)
   i:/C=CN/ST=BJ/L=HaiDian/O=Beijing JNTA Technology LTD./OU=SORB of TASS/CN=Test CA (SM2)
---
Server certificate
-----BEGIN CERTIFICATE-----
MIICGjCCAcGgAwIBAgIJAIVjx+dwZIdkMAoGCCqBHM9VAYN1MIGCMQswCQYDVQQG
EwJDTjELMAkGA1UECAwCQkoxEDAOBgNVBAcMB0hhaURpYW4xJTAjBgNVBAoMHEJl
aWppbmcgSk5UQSBUZWNobm9sb2d5IExURC4xFTATBgNVBAsMDFNPUkIgb2YgVEFT
UzEWMBQGA1UEAwwNVGVzdCBDQSAoU00yKTAeFw0yMDA2MjAxMDE4MjVaFw0yNDA3
MjkxMDE4MjVaMIGGMQswCQYDVQQGEwJDTjELMAkGA1UECAwCQkoxEDAOBgNVBAcM
B0hhaURpYW4xJTAjBgNVBAoMHEJlaWppbmcgSk5UQSBUZWNobm9sb2d5IExURC4x
FTATBgNVBAsMDEJTUkMgb2YgVEFTUzEaMBgGA1UEAwwRc2VydmVyIHNpZ24gKFNN
MikwWTATBgcqhkjOPQIBBggqgRzPVQGCLQNCAAS0lHzt7CkOzCtyf6VwCqoT2PYD
CL/AJrCsHa+6lE8wDZ7DShI2bvfmrpavndEW67CHQOlO0q6/aoEB0PoAgpopoxow
GDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIGwDAKBggqgRzPVQGDdQNHADBEAiB06JWp
uxFbGBfvG9juhe2Umu/auI1H2XeMdvDjbOtfuQIgMXT8jewkzq9TR3OPzRTkZCRH
3H+xKEb8r8JsEEStwaU=
-----END CERTIFICATE-----
subject=/C=CN/ST=BJ/L=HaiDian/O=Beijing JNTA Technology LTD./OU=BSRC of TASS/CN=server sign (SM2)
issuer=/C=CN/ST=BJ/L=HaiDian/O=Beijing JNTA Technology LTD./OU=SORB of TASS/CN=Test CA (SM2)
---
No client certificate CA names sent
Peer signing digest: SM3
Server Temp Key: ECDH, SM2, 256 bits
---
SSL handshake has read 1623 bytes and written 322 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-SM2-WITH-SMS4-GCM-SM3
Server public key is 256 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-SM2-WITH-SMS4-GCM-SM3
    Session-ID: 1DCC6B0179ADDBB29C5EFF24DD602676AC8B1BBE5FC435507822C9A53D1C47BA
    Session-ID-ctx:
    Master-Key: 539960E1EFA21DE2849C345C8993FDCD52BF8708048E560D7CA98998797DB2EBDE4B84892378B356294808C029FBD15F
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 7200 (seconds)
    TLS session ticket:
    0000 - 51 0b cf 65 b8 52 33 d2-93 a6 88 92 86 97 bc d4   Q..e.R3.........
    0010 - cb 26 c6 90 73 8c 99 74-6c e3 65 c8 d0 02 03 cb   .&..s..tl.e.....
    0020 - 91 ed 0f c5 45 90 14 00-b7 8a 16 23 6b c4 0c 2a   ....E......#k..*
    0030 - bf 14 55 aa 28 5e f6 ac-5e 93 7d 82 27 96 29 63   ..U.(^..^.}.'.)c
    0040 - 4a 8f 10 19 66 76 b4 f4-51 5a 3d 05 0c 3c 6d 19   J...fv..QZ=..<m.
    0050 - 87 01 87 c2 84 79 d2 ec-c0 21 2f 86 18 8b 26 57   .....y...!/...&W
    0060 - 34 14 4d e9 98 f5 8b 58-a4 f8 99 57 60 a9 d7 4a   4.M....X...W`..J
    0070 - 9a e6 ab 35 ea 62 4f 60-a9 c8 11 e3 84 0b ab 21   ...5.bO`.......!
    0080 - 98 fb 1c c3 df 11 e6 82-c8 88 f4 5e ce bb ed 65   ...........^...e
    0090 - f8 fc e2 76 9e b3 f2 c1-23 ad d5 16 80 c2 c4 ec   ...v....#.......

    Start Time: 1592969623
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: yes
---
PS D:\Surveying and Mapping Institute Project\usrTest\sm2Certs> gmssl s_server -accept 44330 -key .\SE.key.pem -cert .\SE.ce
rt.pem -dkey .\SS.key.pem -dcert .\SS.cert.pem  -CAfile .\CA.cert.pem
Using default temp DH parameters
[GMTLS_DEBUG] set sm2 encryption certificate
[GMTLS_DEBUG] set sm2 decryption private key
[GMTLS_DEBUG] set sm2 signing certificate
error setting private key
2419748:error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch:crypto\x509\x509_cmp.c:288:
PS D:\Surveying and Mapping Institute Project\usrTest\sm2Certs> gmssl s_server -accept 44330 -key .\SE.key.pem -cert .\SE.ce
rt.pem -dkey .\SS.key.pem -dcert .\SS.cert.pem  -CAfile .\CA.cert.pem
Using default temp DH parameters
[GMTLS_DEBUG] set sm2 encryption certificate
[GMTLS_DEBUG] set sm2 decryption private key
[GMTLS_DEBUG] set sm2 signing certificate
error setting private key
2421476:error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch:crypto\x509\x509_cmp.c:288:
PS D:\Surveying and Mapping Institute Project\usrTest\sm2Certs> gmssl s_client -connect localhost:44330 -key .\CS.key.pem -c
ert .\CS.cert.pem -CAfile .\CA.cert.pem
[GMTLS_DEBUG] set sm2 signing certificate
[GMTLS_DEBUG] set sm2 signing private key
CONNECTED(00000244)
depth=1 C = CN, ST = BJ, L = HaiDian, O = Beijing JNTA Technology LTD., OU = SORB of TASS, CN = Test CA (SM2)
verify return:1
depth=0 C = CN, ST = BJ, L = HaiDian, O = Beijing JNTA Technology LTD., OU = BSRC of TASS, CN = server sign (SM2)
verify return:1
---
Certificate chain
 0 s:/C=CN/ST=BJ/L=HaiDian/O=Beijing JNTA Technology LTD./OU=BSRC of TASS/CN=server sign (SM2)
   i:/C=CN/ST=BJ/L=HaiDian/O=Beijing JNTA Technology LTD./OU=SORB of TASS/CN=Test CA (SM2)
 1 s:/C=CN/ST=BJ/L=HaiDian/O=Beijing JNTA Technology LTD./OU=SORB of TASS/CN=Test CA (SM2)
   i:/C=CN/ST=BJ/L=HaiDian/O=Beijing JNTA Technology LTD./OU=SORB of TASS/CN=Test CA (SM2)
---
Server certificate
-----BEGIN CERTIFICATE-----
MIICGjCCAcGgAwIBAgIJAIVjx+dwZIdkMAoGCCqBHM9VAYN1MIGCMQswCQYDVQQG
EwJDTjELMAkGA1UECAwCQkoxEDAOBgNVBAcMB0hhaURpYW4xJTAjBgNVBAoMHEJl
aWppbmcgSk5UQSBUZWNobm9sb2d5IExURC4xFTATBgNVBAsMDFNPUkIgb2YgVEFT
UzEWMBQGA1UEAwwNVGVzdCBDQSAoU00yKTAeFw0yMDA2MjAxMDE4MjVaFw0yNDA3
MjkxMDE4MjVaMIGGMQswCQYDVQQGEwJDTjELMAkGA1UECAwCQkoxEDAOBgNVBAcM
B0hhaURpYW4xJTAjBgNVBAoMHEJlaWppbmcgSk5UQSBUZWNobm9sb2d5IExURC4x
FTATBgNVBAsMDEJTUkMgb2YgVEFTUzEaMBgGA1UEAwwRc2VydmVyIHNpZ24gKFNN
MikwWTATBgcqhkjOPQIBBggqgRzPVQGCLQNCAAS0lHzt7CkOzCtyf6VwCqoT2PYD
CL/AJrCsHa+6lE8wDZ7DShI2bvfmrpavndEW67CHQOlO0q6/aoEB0PoAgpopoxow
GDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIGwDAKBggqgRzPVQGDdQNHADBEAiB06JWp
uxFbGBfvG9juhe2Umu/auI1H2XeMdvDjbOtfuQIgMXT8jewkzq9TR3OPzRTkZCRH
3H+xKEb8r8JsEEStwaU=
-----END CERTIFICATE-----
subject=/C=CN/ST=BJ/L=HaiDian/O=Beijing JNTA Technology LTD./OU=BSRC of TASS/CN=server sign (SM2)
issuer=/C=CN/ST=BJ/L=HaiDian/O=Beijing JNTA Technology LTD./OU=SORB of TASS/CN=Test CA (SM2)
---
No client certificate CA names sent
Peer signing digest: SM3
Server Temp Key: ECDH, SM2, 256 bits
---
SSL handshake has read 1623 bytes and written 322 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-SM2-WITH-SMS4-GCM-SM3
Server public key is 256 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-SM2-WITH-SMS4-GCM-SM3
    Session-ID: 7156DC0D61E4CC134B10BE09808615279ADA2F5B58FD6F86692262340D51279C
    Session-ID-ctx:
    Master-Key: 2BAC73469D6274F2D4E87F11EAA049D7338839163FDCF329906F2A5208863059C577550106BECE65A721FEDD0B8E2E4E
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 7200 (seconds)
    TLS session ticket:
    0000 - aa 1c 89 11 bd b7 f2 10-b0 2c 0f e6 5f e5 a6 eb   .........,.._...
    0010 - 96 1d 6b 4d 47 0d a3 28-f7 8d 92 02 66 9d 9a c6   ..kMG..(....f...
    0020 - a5 c8 e0 4a a0 f0 18 7d-40 c8 72 0d ff 9b 8a 4b   ...J...}@.r....K
    0030 - f0 fe 16 d2 da 48 21 98-7f 25 88 14 f2 6e 9b 11   .....H!..%...n..
    0040 - 53 59 35 3d d9 16 fa a6-74 79 81 fc d8 09 c2 7b   SY5=....ty.....{
    0050 - 6e a7 5a 21 ca d8 51 e0-15 e1 2f 18 d9 23 e1 98   n.Z!..Q.../..#..
    0060 - 3f dd fd d7 99 1f c4 3d-83 2c f2 1b e0 ff a6 8a   ?......=.,......
    0070 - 35 9f ab 9a b5 f7 ef 95-27 d5 d4 c7 42 21 29 37   5.......'...B!)7
    0080 - 34 3c b9 87 83 94 56 03-ab 42 1e a3 55 be 81 19   4<....V..B..U...
    0090 - 94 58 41 5b bf 73 fe 06-0e e9 01 53 87 b3 b5 97   .XA[.s.....S....

    Start Time: 1592970114
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: yes
---

(will the content be too long? I don't know if the rich text of csdn has the function of code folding. If so, please let me know and I will modify it.)

This time s_ The server receives the message:

-----BEGIN SSL SESSION PARAMETERS-----
MFoCAQECAgMDBALhBwQABDArrHNGnWJ08tTofxHqoEnXM4g5Fj/c8ymQbypSCIYw
WcV3VQEGvs5lpyH+3QuOLk6hBgIEXvLLgqIEAgIcIKQGBAQBAAAArQMCAQE=
-----END SSL SESSION PARAMETERS-----
Shared ciphers:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-SM2-WITH-SMS4-GCM-SM3:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-SM2-WITH-SMS4-SM3:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA
Signature Algorithms: RSA+SHA512:DSA+SHA512:ECDSA+SHA512:RSA+SHA384:DSA+SHA384:ECDSA+SHA384:RSA+SHA256:DSA+SHA256:ECDSA+SHA256:RSA+SHA224:DSA+SHA224:ECDSA+SHA224:RSA+SHA1:DSA+SHA1:ECDSA+SHA1:SM2+SM3
Shared Signature Algorithms: RSA+SHA512:DSA+SHA512:ECDSA+SHA512:RSA+SHA384:DSA+SHA384:ECDSA+SHA384:RSA+SHA256:DSA+SHA256:ECDSA+SHA256:RSA+SHA224:DSA+SHA224:ECDSA+SHA224:RSA+SHA1:DSA+SHA1:ECDSA+SHA1:SM2+SM3
Supported Elliptic Curve Point Formats: uncompressed:ansiX962_compressed_prime:ansiX962_compressed_char2
Supported Elliptic Curves: SM2:X25519:P-256:P-521:P-384
Shared Elliptic curves: SM2:X25519:P-256:P-521:P-384
CIPHER is ECDHE-SM2-WITH-SMS4-GCM-SM3
Secure Renegotiation IS supported

I found out in S_ Input text on client side in S_ The server can display:

Maybe I'm ignorant, but I'm still very happy.

There is also a question about the non Dual Certificate s in the previous article_ Server tried. I don't know if it's a ciphertext or binary value. Anyway, it's like this. I don't know if there's a big guy who can help me out. Thank you!

3, Problems

In fact, it's only openssl that can hold hands internally, but I still can't try the national secret browser, which will report an error:

2160396:error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared cipher:ssl\statem\statem_srvr.c:1502:
shutting down SSL
CONNECTION CLOSED
ACCEPT
ssl_get_algorithm2=0x08x
ERROR
2160396:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:ssl\record\rec_layer_s3.c:1385:SSL alert number 46
shutting down SSL
CONNECTION CLOSED

Due to the limited space, we will leave this question to the next one.  

If you think it will help you, please like it for more people to see. Thank you!

Tags: SSL Session OpenSSL SHA1

Posted on Wed, 24 Jun 2020 00:00:29 -0400 by Xyox