This commit was manufactured by cvs2git to create branch 'OPENBSD_2_5'.OPENBSD_2_5

author: cvs2svn <admin@example.com> 1999-03-26 18:24:03 +0000
committer: cvs2svn <admin@example.com> 1999-03-26 18:24:03 +0000
commit: 3fc228fb4c1a39aceaee3d7013365042a6077bd0 (patch)
tree: af769f6648929b3b2c1f9e053a3754fa989ce302 /src/regress/lib/libssl
parent: 536c76cbb863bab152f19842ab88772c01e922c7 (diff)
download: openbsd-OPENBSD_2_5.tar.gz
openbsd-OPENBSD_2_5.tar.bz2
openbsd-OPENBSD_2_5.zip
8 files changed, 192 insertions, 0 deletions
diff --git a/src/regress/lib/libssl/Makefile b/src/regress/lib/libssl/Makefile
new file mode 100644
index 0000000000..3f7d48fd2e
--- /dev/null
+++ b/src/regress/lib/libssl/Makefile
@@ -0,0 +1,11 @@
+CLEANFILES+= testdsa.key testdsa.pem rsakey.pem rsacert.pem dsa512.pem
+install:
+regress:
+        sh ${.CURDIR}/testenc.sh ${.OBJDIR} ${.CURDIR}
+        sh ${.CURDIR}/testdsa.sh ${.OBJDIR} ${.CURDIR}
+#       sh ${.CURDIR}/testrsa.sh ${.OBJDIR} ${.CURDIR}
+.include <bsd.prog.mk>
diff --git a/src/regress/lib/libssl/README b/src/regress/lib/libssl/README
new file mode 100644
index 0000000000..b1bab65fd1
--- /dev/null
+++ b/src/regress/lib/libssl/README
@@ -0,0 +1,8 @@
+testenc.sh tests encryption routines
+testdsa.sh tests DSA certificate generation
+test_server.sh starts a tls1 server using the above generated certificate
+test_client.sh starts a client to talk to the server.
+testrsa.sh tests RSA certificate generation - this SHOULD FAIL with the
+           version of the library in openbsd because all the RSA routines 
+           are (currently) stubbed.
diff --git a/src/regress/lib/libssl/ssleay.cnf b/src/regress/lib/libssl/ssleay.cnf
new file mode 100644
index 0000000000..c8439860c3
--- /dev/null
+++ b/src/regress/lib/libssl/ssleay.cnf
@@ -0,0 +1,27 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# hacked by iang to do DSA certs - Server
+RANDFILE              = ./.rnd
+####################################################################
+[ req ]
+distinguished_name    = req_distinguished_name
+encrypt_rsa_key               = no
+[ req_distinguished_name ]
+countryName                   = Country Name (2 letter code)
+countryName_default           = CA
+countryName_value             = CA
+organizationName                = Organization Name (eg, company)
+organizationName_value          = Shake it Vera 
+0.commonName                  = Common Name (eg, YOUR name)
+0.commonName_value            = Wastelandus
+1.commonName                  = Common Name (eg, YOUR name)
+1.commonName_value            = Maximus
diff --git a/src/regress/lib/libssl/test_client.sh b/src/regress/lib/libssl/test_client.sh
new file mode 100644
index 0000000000..36a8f84532
--- /dev/null
+++ b/src/regress/lib/libssl/test_client.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+echo
+echo This starts a tls1 mode client to talk to the server run by 
+echo ./testserver.sh. You should start the server first. 
+echo
+echo type in this window after ssl negotiation and your output should
+echo be echoed by the server. 
+echo
+echo
+/usr/sbin/ssleay s_client -tls1
diff --git a/src/regress/lib/libssl/test_server.sh b/src/regress/lib/libssl/test_server.sh
new file mode 100644
index 0000000000..5467c52459
--- /dev/null
+++ b/src/regress/lib/libssl/test_server.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+echo This starts a tls1 mode server using the DSA certificate in ./server.pem
+echo Run ./testclient.sh in another window and type at it, you should 
+echo see the results of the ssl negotiation, and stuff you type in the client
+echo should echo in this window
+echo
+echo
+/usr/sbin/ssleay s_server -tls1 -key testdsa.key -cert testdsa.pem
diff --git a/src/regress/lib/libssl/testdsa.sh b/src/regress/lib/libssl/testdsa.sh
new file mode 100644
index 0000000000..dc5d7b97b5
--- /dev/null
+++ b/src/regress/lib/libssl/testdsa.sh
@@ -0,0 +1,27 @@
+#!/bin/sh
+#Test DSA certificate generation of ssleay
+cd $1
+# Generate DSA paramter set
+ssleay dsaparam 512 -out dsa512.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+# Denerate a DSA certificate
+ssleay req -config $2/ssleay.cnf -x509 -newkey dsa:dsa512.pem -out testdsa.pem -keyout testdsa.key
+if [ $? != 0 ]; then
+        exit 1;
+fi
+# Now check the certificate
+ssleay x509 -text -in testdsa.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+exit 0
diff --git a/src/regress/lib/libssl/testenc.sh b/src/regress/lib/libssl/testenc.sh
new file mode 100644
index 0000000000..85997bfbe5
--- /dev/null
+++ b/src/regress/lib/libssl/testenc.sh
@@ -0,0 +1,63 @@
+#!/bin/sh
+testsrc=$2/ssleay.cnf
+test=$1/p
+cmd=/usr/sbin/ssleay
+cd $1
+cat $testsrc >$test;
+echo cat
+$cmd enc < $test > $test.cipher
+$cmd enc < $test.cipher >$test.clear
+cmp $test $test.clear
+if [ $? != 0 ]
+then
+        exit 1
+else
+        /bin/rm $test.cipher $test.clear
+fi
+echo base64
+$cmd enc -a -e < $test > $test.cipher
+$cmd enc -a -d < $test.cipher >$test.clear
+cmp $test $test.clear
+if [ $? != 0 ]
+then
+        exit 1
+else
+        /bin/rm $test.cipher $test.clear
+fi
+for i in rc4 \
+        des-cfb des-ede-cfb des-ede3-cfb \
+        des-ofb des-ede-ofb des-ede3-ofb \
+        des-ecb des-ede des-ede3 desx \
+        des-cbc des-ede-cbc des-ede3-cbc \
+        rc2-ecb rc2-cfb rc2-ofb rc2-cbc \
+        bf-ecb bf-cfb bf-ofb bf-cbc rc4 \
+        cast5-ecb cast5-cfb cast5-ofb cast5-cbc
+do
+        echo $i
+        $cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher
+        $cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear
+        cmp $test $test.$i.clear
+        if [ $? != 0 ]
+        then
+                exit 1
+        else
+                /bin/rm $test.$i.cipher $test.$i.clear
+        fi
+        echo $i base64
+        $cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher
+        $cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
+        cmp $test $test.$i.clear
+        if [ $? != 0 ]
+        then
+                exit 1
+        else
+                /bin/rm $test.$i.cipher $test.$i.clear
+        fi
+done
+rm -f $test
diff --git a/src/regress/lib/libssl/testrsa.sh b/src/regress/lib/libssl/testrsa.sh
new file mode 100644
index 0000000000..3f4c328acd
--- /dev/null
+++ b/src/regress/lib/libssl/testrsa.sh
@@ -0,0 +1,36 @@
+#!/bin/sh
+#Test RSA certificate generation of ssleay
+echo 
+echo RSA paramters test - NOTE THAT THIS WILL ONLY WORK IF YOU HAVE
+echo compiled libssl with the src-patent tree, currently living in 
+echo ~ryker/src-patent.tar.gz on cvs. 
+echo
+echo This will *not* work with what\'s in the tree, rsa is not in that.
+echo
+sleep 3
+ 
+cd $1
+# Generate RSA private key
+ssleay genrsa -out rsakey.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+# Denerate an RSA certificate
+ssleay req -config $2/ssleay.cnf -key rsakey.pem -new -x509 -days 365 -out rsacert.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+# Now check the certificate
+ssleay x509 -text -in rsacert.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+exit 0
author	cvs2svn <admin@example.com>	1999-03-26 18:24:03 +0000
committer	cvs2svn <admin@example.com>	1999-03-26 18:24:03 +0000
commit	3fc228fb4c1a39aceaee3d7013365042a6077bd0 (patch)
tree	af769f6648929b3b2c1f9e053a3754fa989ce302 /src/regress/lib/libssl
parent	536c76cbb863bab152f19842ab88772c01e922c7 (diff)
download	openbsd-OPENBSD_2_5.tar.gz openbsd-OPENBSD_2_5.tar.bz2 openbsd-OPENBSD_2_5.zip

diff --git a/src/regress/lib/libssl/Makefile b/src/regress/lib/libssl/Makefile new file mode 100644 index 0000000000..3f7d48fd2e --- /dev/null +++ b/src/regress/lib/libssl/Makefile
@@ -0,0 +1,11 @@
	1
	2	CLEANFILES+= testdsa.key testdsa.pem rsakey.pem rsacert.pem dsa512.pem
	3
	4	install:
	5
	6	regress:
	7	sh ${.CURDIR}/testenc.sh ${.OBJDIR} ${.CURDIR}
	8	sh ${.CURDIR}/testdsa.sh ${.OBJDIR} ${.CURDIR}
	9	# sh ${.CURDIR}/testrsa.sh ${.OBJDIR} ${.CURDIR}
	10
	11	.include <bsd.prog.mk>


diff --git a/src/regress/lib/libssl/README b/src/regress/lib/libssl/README new file mode 100644 index 0000000000..b1bab65fd1 --- /dev/null +++ b/src/regress/lib/libssl/README
@@ -0,0 +1,8 @@
	1	testenc.sh tests encryption routines
	2	testdsa.sh tests DSA certificate generation
	3	test_server.sh starts a tls1 server using the above generated certificate
	4	test_client.sh starts a client to talk to the server.
	5	testrsa.sh tests RSA certificate generation - this SHOULD FAIL with the
	6	version of the library in openbsd because all the RSA routines
	7	are (currently) stubbed.
	8


diff --git a/src/regress/lib/libssl/ssleay.cnf b/src/regress/lib/libssl/ssleay.cnf new file mode 100644 index 0000000000..c8439860c3 --- /dev/null +++ b/src/regress/lib/libssl/ssleay.cnf
@@ -0,0 +1,27 @@
	1	#
	2	# SSLeay example configuration file.
	3	# This is mostly being used for generation of certificate requests.
	4	#
	5	# hacked by iang to do DSA certs - Server
	6
	7	RANDFILE = ./.rnd
	8
	9	####################################################################
	10	[ req ]
	11	distinguished_name = req_distinguished_name
	12	encrypt_rsa_key = no
	13
	14	[ req_distinguished_name ]
	15	countryName = Country Name (2 letter code)
	16	countryName_default = CA
	17	countryName_value = CA
	18
	19	organizationName = Organization Name (eg, company)
	20	organizationName_value = Shake it Vera
	21
	22	0.commonName = Common Name (eg, YOUR name)
	23	0.commonName_value = Wastelandus
	24
	25	1.commonName = Common Name (eg, YOUR name)
	26	1.commonName_value = Maximus
	27


diff --git a/src/regress/lib/libssl/test_client.sh b/src/regress/lib/libssl/test_client.sh new file mode 100644 index 0000000000..36a8f84532 --- /dev/null +++ b/src/regress/lib/libssl/test_client.sh
@@ -0,0 +1,11 @@
	1	#!/bin/sh
	2
	3	echo
	4	echo This starts a tls1 mode client to talk to the server run by
	5	echo ./testserver.sh. You should start the server first.
	6	echo
	7	echo type in this window after ssl negotiation and your output should
	8	echo be echoed by the server.
	9	echo
	10	echo
	11	/usr/sbin/ssleay s_client -tls1


diff --git a/src/regress/lib/libssl/test_server.sh b/src/regress/lib/libssl/test_server.sh new file mode 100644 index 0000000000..5467c52459 --- /dev/null +++ b/src/regress/lib/libssl/test_server.sh
@@ -0,0 +1,9 @@
	1	#!/bin/sh
	2
	3	echo This starts a tls1 mode server using the DSA certificate in ./server.pem
	4	echo Run ./testclient.sh in another window and type at it, you should
	5	echo see the results of the ssl negotiation, and stuff you type in the client
	6	echo should echo in this window
	7	echo
	8	echo
	9	/usr/sbin/ssleay s_server -tls1 -key testdsa.key -cert testdsa.pem


diff --git a/src/regress/lib/libssl/testdsa.sh b/src/regress/lib/libssl/testdsa.sh new file mode 100644 index 0000000000..dc5d7b97b5 --- /dev/null +++ b/src/regress/lib/libssl/testdsa.sh
@@ -0,0 +1,27 @@
	1	#!/bin/sh
	2
	3	#Test DSA certificate generation of ssleay
	4
	5	cd $1
	6
	7	# Generate DSA paramter set
	8	ssleay dsaparam 512 -out dsa512.pem
	9	if [ $? != 0 ]; then
	10	exit 1;
	11	fi
	12
	13
	14	# Denerate a DSA certificate
	15	ssleay req -config $2/ssleay.cnf -x509 -newkey dsa:dsa512.pem -out testdsa.pem -keyout testdsa.key
	16	if [ $? != 0 ]; then
	17	exit 1;
	18	fi
	19
	20
	21	# Now check the certificate
	22	ssleay x509 -text -in testdsa.pem
	23	if [ $? != 0 ]; then
	24	exit 1;
	25	fi
	26
	27	exit 0


diff --git a/src/regress/lib/libssl/testenc.sh b/src/regress/lib/libssl/testenc.sh new file mode 100644 index 0000000000..85997bfbe5 --- /dev/null +++ b/src/regress/lib/libssl/testenc.sh
@@ -0,0 +1,63 @@
	1	#!/bin/sh
	2
	3	testsrc=$2/ssleay.cnf
	4	test=$1/p
	5	cmd=/usr/sbin/ssleay
	6
	7	cd $1
	8
	9	cat $testsrc >$test;
	10
	11	echo cat
	12	$cmd enc < $test > $test.cipher
	13	$cmd enc < $test.cipher >$test.clear
	14	cmp $test $test.clear
	15	if [ $? != 0 ]
	16	then
	17	exit 1
	18	else
	19	/bin/rm $test.cipher $test.clear
	20	fi
	21	echo base64
	22	$cmd enc -a -e < $test > $test.cipher
	23	$cmd enc -a -d < $test.cipher >$test.clear
	24	cmp $test $test.clear
	25	if [ $? != 0 ]
	26	then
	27	exit 1
	28	else
	29	/bin/rm $test.cipher $test.clear
	30	fi
	31
	32	for i in rc4 \
	33	des-cfb des-ede-cfb des-ede3-cfb \
	34	des-ofb des-ede-ofb des-ede3-ofb \
	35	des-ecb des-ede des-ede3 desx \
	36	des-cbc des-ede-cbc des-ede3-cbc \
	37	rc2-ecb rc2-cfb rc2-ofb rc2-cbc \
	38	bf-ecb bf-cfb bf-ofb bf-cbc rc4 \
	39	cast5-ecb cast5-cfb cast5-ofb cast5-cbc
	40	do
	41	echo $i
	42	$cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher
	43	$cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear
	44	cmp $test $test.$i.clear
	45	if [ $? != 0 ]
	46	then
	47	exit 1
	48	else
	49	/bin/rm $test.$i.cipher $test.$i.clear
	50	fi
	51
	52	echo $i base64
	53	$cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher
	54	$cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
	55	cmp $test $test.$i.clear
	56	if [ $? != 0 ]
	57	then
	58	exit 1
	59	else
	60	/bin/rm $test.$i.cipher $test.$i.clear
	61	fi
	62	done
	63	rm -f $test


diff --git a/src/regress/lib/libssl/testrsa.sh b/src/regress/lib/libssl/testrsa.sh new file mode 100644 index 0000000000..3f4c328acd --- /dev/null +++ b/src/regress/lib/libssl/testrsa.sh
@@ -0,0 +1,36 @@
	1	#!/bin/sh
	2
	3	#Test RSA certificate generation of ssleay
	4
	5	echo
	6	echo RSA paramters test - NOTE THAT THIS WILL ONLY WORK IF YOU HAVE
	7	echo compiled libssl with the src-patent tree, currently living in
	8	echo ~ryker/src-patent.tar.gz on cvs.
	9	echo
	10	echo This will not work with what\'s in the tree, rsa is not in that.
	11	echo
	12	sleep 3
	13
	14	cd $1
	15
	16	# Generate RSA private key
	17	ssleay genrsa -out rsakey.pem
	18	if [ $? != 0 ]; then
	19	exit 1;
	20	fi
	21
	22
	23	# Denerate an RSA certificate
	24	ssleay req -config $2/ssleay.cnf -key rsakey.pem -new -x509 -days 365 -out rsacert.pem
	25	if [ $? != 0 ]; then
	26	exit 1;
	27	fi
	28
	29
	30	# Now check the certificate
	31	ssleay x509 -text -in rsacert.pem
	32	if [ $? != 0 ]; then
	33	exit 1;
	34	fi
	35
	36	exit 0