Comments (8)
mrpre
commented on May 17, 2024
找到问题了,因为证书不可信。
我拿360自己的证书,当我服务器证书,就通了。
谁知道怎么在360中导入可信的 SM2 CA/ROOT 证书?总不能拿他们的证书或者买一个CFCA的国密证书吧。。
from gmssl.
mrpre
commented on May 17, 2024
或者有没有其他测试工具?否则 测ECDHE_SM2 就没辙了。。
from gmssl.
guanzhi
commented on May 17, 2024
360浏览器主页上有根证书的连接
gmssl源代码certs/sm2/下面有也包含了这些证书
from gmssl.
mrpre
commented on May 17, 2024
这些 SM2 证书 导入不进去 IE 和 360 里面。我这还有国密办提供的证书,导入也无效。
from gmssl.
mrpre
commented on May 17, 2024
貌似360浏览器不能导入SM证书,估计360本地可信的SM证书是硬编码(代码中写死)的。
目前已经调通了 国密SSL协议 和 ECC_SM4_SM3算法。由于本身SSL协议栈不是基于openssl的,只使用了 GMSSL 的 SM2_decrypt_with_recommended 函,数故在这里不方便直接贴出实现代码。后续会直接基于GMSSL改,方便大家参考学习。
from gmssl.
fgcmaster
commented on May 17, 2024
@mrpre @zhaoxiaomeng @guanzhi 你好,我这边基于GMSSL代码做了修改,s3_client是可以访问ebssec.boc.cn了,SSL连接建立和通信都可以,但是我启动s3_server,通过360浏览器访问,当我发送server certificate后 TCP 就 RST了,也没有alert。我试了用ebssec.boc.cn的签名证书和加密证书作为server证书发送给360,也是直接断开,没有alert。我有如下疑问:
1) 直接启的ssl server,通过ebssec.boc.cn的签名证书和加密证书作为server证书的话,360为什么直接断开?
2) 发送server certificate后,不发送server key exchange消息,360会断开TCP嘛?
3) 是否有测试用的 签名和加密证书以及对应的私钥,来测试和360的SSL连接?
多谢了。
from gmssl.
iF2007
commented on May 17, 2024
@fgcmaster 你好,想问下你是如何处理SM2的双证书的?也就是你在命令行里如何指定两个证书的?
from gmssl.
fgcmaster
commented on May 17, 2024
我没用命令行,都是代码写的client,直接注册两个证书。
from gmssl.
Related Issues (20)
- 请问 gmcurl 的默认输出可以有命令关闭吗?
- About the purpose of Text-Template-1.46
- 请教:用mingw怎么编译?
- undefined reference to HOT 1
- GmSSL-v2 asn1parse 解析出错
- Java环境 HOT 5
- 您好,我想问一下您为什么GMSSLV3的动态库编译文件CMakeLists.txt的问题
- 您好,请问ENABLE_SM3_X16_AVX512` SM3算法的AVX512指令集并行实现有实现吗 HOT 5
- GmSSL-v2在Android平台如何编译出来arm arm64两种so
- GMSSL中SM2签名与Openssl无法互通得问题 HOT 2
- 关于skfutil的使用问题 HOT 1
- 请问如何在 certgen 和 reqsign 的时候设置 policy
- 请教下这个怎么支持门限签名
- SM2与bouncycastle签名互通问题 HOT 20
- SM9签名中的密码函数H1 HOT 2
- 请问关于openvpn如何调用gmssl双证书的问题?
- 添加支持自定义的随机数生成器
- 有没有对应的JS版本SM2算法呢? HOT 3
- 多线程使用同一个tls1.3加国密套件的socket发送数据,接受端解密发送过来的数据可能会报错 HOT 3
- windows 下 vs2010 nmake 报错 HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gmssl.