1 files changed, 206 insertions, 0 deletions
diff --git a/src/lib/libssl/test/testssl.com b/src/lib/libssl/test/testssl.com
new file mode 100644
index 0000000000..9c83afba04
--- /dev/null
+++ b/src/lib/libssl/test/testssl.com
@@ -0,0 +1,206 @@
+$! TESTSSL.COM
+$
+$       __arch := VAX
+$       if f$getsyi("cpu") .ge. 128 then -
+           __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$       if __arch .eqs. "" then __arch := UNK
+$       texe_dir := sys$disk:[-.'__arch'.exe.test]
+$       exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$
+$       if p1 .eqs. ""
+$       then
+$           key="[-.apps]server.pem"
+$       else
+$           key=p1
+$       endif
+$       if p2 .eqs. ""
+$       then
+$           cert="[-.apps]server.pem"
+$       else
+$           cert=p2
+$       endif
+$       ssltest := mcr 'texe_dir'ssltest -key 'key' -cert 'cert' -c_key 'key' -c_cert 'cert'
+$
+$       define/user sys$output testssl-x509-output.
+$       define/user sys$error nla0:
+$       mcr 'exe_dir'openssl x509 -in 'cert' -text -noout
+$       set noon
+$       define/user sys$error nla0:
+$       search/output=nla0: testssl-x509-output. "DSA Public Key"/exact
+$       if $severity .eq. 1
+$       then
+$           dsa_cert := YES
+$       else
+$           dsa_cert := NO
+$       endif
+$       set on
+$       delete testssl-x509-output.;*
+$
+$       if p3 .eqs. ""
+$       then
+$           copy/concatenate [-.certs]*.pem certs.tmp
+$           CA = """-CAfile"" certs.tmp"
+$       else
+$           CA = """-CAfile"" "+p3
+$       endif
+$
+$!###########################################################################
+$
+$       write sys$output "test sslv2"
+$       'ssltest' -ssl2
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv2 with server authentication"
+$       'ssltest' -ssl2 -server_auth 'CA'
+$       if $severity .ne. 1 then goto exit3
+$
+$       if .not. dsa_cert
+$       then
+$           write sys$output "test sslv2 with client authentication"
+$           'ssltest' -ssl2 -client_auth 'CA'
+$           if $severity .ne. 1 then goto exit3
+$
+$           write sys$output "test sslv2 with both client and server authentication"
+$           'ssltest' -ssl2 -server_auth -client_auth 'CA'
+$           if $severity .ne. 1 then goto exit3
+$       endif
+$
+$       write sys$output "test sslv3"
+$       'ssltest' -ssl3
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv3 with server authentication"
+$       'ssltest' -ssl3 -server_auth 'CA'
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv3 with client authentication"
+$       'ssltest' -ssl3 -client_auth 'CA'
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv3 with both client and server authentication"
+$       'ssltest' -ssl3 -server_auth -client_auth 'CA'
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv2/sslv3"
+$       'ssltest'
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv2/sslv3 with server authentication"
+$       'ssltest' -server_auth 'CA'
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv2/sslv3 with client authentication"
+$       'ssltest' -client_auth 'CA'
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv2/sslv3 with both client and server authentication"
+$       'ssltest' -server_auth -client_auth 'CA'
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv2 via BIO pair"
+$       'ssltest' -bio_pair -ssl2 
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv2 with server authentication via BIO pair"
+$       'ssltest' -bio_pair -ssl2 -server_auth 'CA' 
+$       if $severity .ne. 1 then goto exit3
+$
+$       if .not. dsa_cert
+$       then
+$           write sys$output "test sslv2 with client authentication via BIO pair"
+$           'ssltest' -bio_pair -ssl2 -client_auth 'CA' 
+$           if $severity .ne. 1 then goto exit3
+$
+$           write sys$output "test sslv2 with both client and server authentication via BIO pair"
+$           'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA' 
+$           if $severity .ne. 1 then goto exit3
+$       endif
+$
+$       write sys$output "test sslv3 via BIO pair"
+$       'ssltest' -bio_pair -ssl3 
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv3 with server authentication via BIO pair"
+$       'ssltest' -bio_pair -ssl3 -server_auth 'CA' 
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv3 with client authentication via BIO pair"
+$       'ssltest' -bio_pair -ssl3 -client_auth 'CA' 
+$       if $severity .ne. 1 then goto exit3
+ 
+$       write sys$output "test sslv3 with both client and server authentication via BIO pair"
+$       'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA' 
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv2/sslv3 via BIO pair"
+$       'ssltest' 
+$       if $severity .ne. 1 then goto exit3
+$
+$       if .not. dsa_cert
+$       then
+$           write sys$output "test sslv2/sslv3 w/o DHE via BIO pair"
+$           'ssltest' -bio_pair -no_dhe
+$           if $severity .ne. 1 then goto exit3
+$       endif
+$
+$       write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair"
+$       'ssltest' -bio_pair -dhe1024dsa -v
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv2/sslv3 with server authentication"
+$       'ssltest' -bio_pair -server_auth 'CA' 
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv2/sslv3 with client authentication via BIO pair"
+$       'ssltest' -bio_pair -client_auth 'CA' 
+$       if $severity .ne. 1 then goto exit3
+$
+$       write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair"
+$       'ssltest' -bio_pair -server_auth -client_auth 'CA' 
+$       if $severity .ne. 1 then goto exit3
+$
+$!###########################################################################
+$
+$       set noon
+$       define/user sys$output nla0:
+$       mcr 'exe_dir'openssl no-rsa
+$       no_rsa=$SEVERITY
+$       define/user sys$output nla0:
+$       mcr 'exe_dir'openssl no-dh
+$       no_dh=$SEVERITY
+$       set on
+$
+$       if no_dh
+$       then
+$           write sys$output "skipping anonymous DH tests"
+$       else
+$           write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes"
+$           'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time
+$           if $severity .ne. 1 then goto exit3
+$       endif
+$
+$       if no_rsa
+$       then
+$           write sys$output "skipping RSA tests"
+$       else
+$           write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes"
+$           mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time
+$           if $severity .ne. 1 then goto exit3
+$
+$           if no_dh
+$           then
+$               write sys$output "skipping RSA+DHE tests"
+$           else
+$               write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes"
+$               mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time
+$               if $severity .ne. 1 then goto exit3
+$           endif
+$       endif
+$
+$       RET = 1
+$       goto exit
+$ exit3:
+$       RET = 3
+$ exit:
+$       if p3 .eqs. "" then delete certs.tmp;*
+$       exit 'RET'

diff --git a/src/lib/libssl/test/testssl.com b/src/lib/libssl/test/testssl.com new file mode 100644 index 0000000000..9c83afba04 --- /dev/null +++ b/src/lib/libssl/test/testssl.com
@@ -0,0 +1,206 @@
	1	$! TESTSSL.COM
	2	$
	3	$ __arch := VAX
	4	$ if f$getsyi("cpu") .ge. 128 then -
	5	__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
	6	$ if __arch .eqs. "" then __arch := UNK
	7	$ texe_dir := sys$disk:[-.'__arch'.exe.test]
	8	$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
	9	$
	10	$ if p1 .eqs. ""
	11	$ then
	12	$ key="[-.apps]server.pem"
	13	$ else
	14	$ key=p1
	15	$ endif
	16	$ if p2 .eqs. ""
	17	$ then
	18	$ cert="[-.apps]server.pem"
	19	$ else
	20	$ cert=p2
	21	$ endif
	22	$ ssltest := mcr 'texe_dir'ssltest -key 'key' -cert 'cert' -c_key 'key' -c_cert 'cert'
	23	$
	24	$ define/user sys$output testssl-x509-output.
	25	$ define/user sys$error nla0:
	26	$ mcr 'exe_dir'openssl x509 -in 'cert' -text -noout
	27	$ set noon
	28	$ define/user sys$error nla0:
	29	$ search/output=nla0: testssl-x509-output. "DSA Public Key"/exact
	30	$ if $severity .eq. 1
	31	$ then
	32	$ dsa_cert := YES
	33	$ else
	34	$ dsa_cert := NO
	35	$ endif
	36	$ set on
	37	$ delete testssl-x509-output.;*
	38	$
	39	$ if p3 .eqs. ""
	40	$ then
	41	$ copy/concatenate [-.certs]*.pem certs.tmp
	42	$ CA = """-CAfile"" certs.tmp"
	43	$ else
	44	$ CA = """-CAfile"" "+p3
	45	$ endif
	46	$
	47	$!###########################################################################
	48	$
	49	$ write sys$output "test sslv2"
	50	$ 'ssltest' -ssl2
	51	$ if $severity .ne. 1 then goto exit3
	52	$
	53	$ write sys$output "test sslv2 with server authentication"
	54	$ 'ssltest' -ssl2 -server_auth 'CA'
	55	$ if $severity .ne. 1 then goto exit3
	56	$
	57	$ if .not. dsa_cert
	58	$ then
	59	$ write sys$output "test sslv2 with client authentication"
	60	$ 'ssltest' -ssl2 -client_auth 'CA'
	61	$ if $severity .ne. 1 then goto exit3
	62	$
	63	$ write sys$output "test sslv2 with both client and server authentication"
	64	$ 'ssltest' -ssl2 -server_auth -client_auth 'CA'
	65	$ if $severity .ne. 1 then goto exit3
	66	$ endif
	67	$
	68	$ write sys$output "test sslv3"
	69	$ 'ssltest' -ssl3
	70	$ if $severity .ne. 1 then goto exit3
	71	$
	72	$ write sys$output "test sslv3 with server authentication"
	73	$ 'ssltest' -ssl3 -server_auth 'CA'
	74	$ if $severity .ne. 1 then goto exit3
	75	$
	76	$ write sys$output "test sslv3 with client authentication"
	77	$ 'ssltest' -ssl3 -client_auth 'CA'
	78	$ if $severity .ne. 1 then goto exit3
	79	$
	80	$ write sys$output "test sslv3 with both client and server authentication"
	81	$ 'ssltest' -ssl3 -server_auth -client_auth 'CA'
	82	$ if $severity .ne. 1 then goto exit3
	83	$
	84	$ write sys$output "test sslv2/sslv3"
	85	$ 'ssltest'
	86	$ if $severity .ne. 1 then goto exit3
	87	$
	88	$ write sys$output "test sslv2/sslv3 with server authentication"
	89	$ 'ssltest' -server_auth 'CA'
	90	$ if $severity .ne. 1 then goto exit3
	91	$
	92	$ write sys$output "test sslv2/sslv3 with client authentication"
	93	$ 'ssltest' -client_auth 'CA'
	94	$ if $severity .ne. 1 then goto exit3
	95	$
	96	$ write sys$output "test sslv2/sslv3 with both client and server authentication"
	97	$ 'ssltest' -server_auth -client_auth 'CA'
	98	$ if $severity .ne. 1 then goto exit3
	99	$
	100	$ write sys$output "test sslv2 via BIO pair"
	101	$ 'ssltest' -bio_pair -ssl2
	102	$ if $severity .ne. 1 then goto exit3
	103	$
	104	$ write sys$output "test sslv2 with server authentication via BIO pair"
	105	$ 'ssltest' -bio_pair -ssl2 -server_auth 'CA'
	106	$ if $severity .ne. 1 then goto exit3
	107	$
	108	$ if .not. dsa_cert
	109	$ then
	110	$ write sys$output "test sslv2 with client authentication via BIO pair"
	111	$ 'ssltest' -bio_pair -ssl2 -client_auth 'CA'
	112	$ if $severity .ne. 1 then goto exit3
	113	$
	114	$ write sys$output "test sslv2 with both client and server authentication via BIO pair"
	115	$ 'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA'
	116	$ if $severity .ne. 1 then goto exit3
	117	$ endif
	118	$
	119	$ write sys$output "test sslv3 via BIO pair"
	120	$ 'ssltest' -bio_pair -ssl3
	121	$ if $severity .ne. 1 then goto exit3
	122	$
	123	$ write sys$output "test sslv3 with server authentication via BIO pair"
	124	$ 'ssltest' -bio_pair -ssl3 -server_auth 'CA'
	125	$ if $severity .ne. 1 then goto exit3
	126	$
	127	$ write sys$output "test sslv3 with client authentication via BIO pair"
	128	$ 'ssltest' -bio_pair -ssl3 -client_auth 'CA'
	129	$ if $severity .ne. 1 then goto exit3
	130
	131	$ write sys$output "test sslv3 with both client and server authentication via BIO pair"
	132	$ 'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA'
	133	$ if $severity .ne. 1 then goto exit3
	134	$
	135	$ write sys$output "test sslv2/sslv3 via BIO pair"
	136	$ 'ssltest'
	137	$ if $severity .ne. 1 then goto exit3
	138	$
	139	$ if .not. dsa_cert
	140	$ then
	141	$ write sys$output "test sslv2/sslv3 w/o DHE via BIO pair"
	142	$ 'ssltest' -bio_pair -no_dhe
	143	$ if $severity .ne. 1 then goto exit3
	144	$ endif
	145	$
	146	$ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair"
	147	$ 'ssltest' -bio_pair -dhe1024dsa -v
	148	$ if $severity .ne. 1 then goto exit3
	149	$
	150	$ write sys$output "test sslv2/sslv3 with server authentication"
	151	$ 'ssltest' -bio_pair -server_auth 'CA'
	152	$ if $severity .ne. 1 then goto exit3
	153	$
	154	$ write sys$output "test sslv2/sslv3 with client authentication via BIO pair"
	155	$ 'ssltest' -bio_pair -client_auth 'CA'
	156	$ if $severity .ne. 1 then goto exit3
	157	$
	158	$ write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair"
	159	$ 'ssltest' -bio_pair -server_auth -client_auth 'CA'
	160	$ if $severity .ne. 1 then goto exit3
	161	$
	162	$!###########################################################################
	163	$
	164	$ set noon
	165	$ define/user sys$output nla0:
	166	$ mcr 'exe_dir'openssl no-rsa
	167	$ no_rsa=$SEVERITY
	168	$ define/user sys$output nla0:
	169	$ mcr 'exe_dir'openssl no-dh
	170	$ no_dh=$SEVERITY
	171	$ set on
	172	$
	173	$ if no_dh
	174	$ then
	175	$ write sys$output "skipping anonymous DH tests"
	176	$ else
	177	$ write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes"
	178	$ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time
	179	$ if $severity .ne. 1 then goto exit3
	180	$ endif
	181	$
	182	$ if no_rsa
	183	$ then
	184	$ write sys$output "skipping RSA tests"
	185	$ else
	186	$ write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes"
	187	$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time
	188	$ if $severity .ne. 1 then goto exit3
	189	$
	190	$ if no_dh
	191	$ then
	192	$ write sys$output "skipping RSA+DHE tests"
	193	$ else
	194	$ write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes"
	195	$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time
	196	$ if $severity .ne. 1 then goto exit3
	197	$ endif
	198	$ endif
	199	$
	200	$ RET = 1
	201	$ goto exit
	202	$ exit3:
	203	$ RET = 3
	204	$ exit:
	205	$ if p3 .eqs. "" then delete certs.tmp;*
	206	$ exit 'RET'