summaryrefslogtreecommitdiff
path: root/src/regress/lib/libssl/ssl/testssl
diff options
context:
space:
mode:
Diffstat (limited to 'src/regress/lib/libssl/ssl/testssl')
-rw-r--r--src/regress/lib/libssl/ssl/testssl161
1 files changed, 161 insertions, 0 deletions
diff --git a/src/regress/lib/libssl/ssl/testssl b/src/regress/lib/libssl/ssl/testssl
new file mode 100644
index 0000000000..ad5624d917
--- /dev/null
+++ b/src/regress/lib/libssl/ssl/testssl
@@ -0,0 +1,161 @@
1#!/bin/sh
2
3key="$1"
4cert="$2"
5CA="-CAfile $3"
6extra="$4"
7
8ssltest="./ssltest -key $key -cert $cert -c_key $key -c_cert $cert"
9
10if openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
11 dsa_cert=YES
12else
13 dsa_cert=NO
14fi
15
16#############################################################################
17
18echo test sslv2
19$ssltest -ssl2 $extra || exit 1
20
21echo test sslv2 with server authentication
22$ssltest -ssl2 -server_auth $CA $extra || exit 1
23
24if [ $dsa_cert = NO ]; then
25 echo test sslv2 with client authentication
26 $ssltest -ssl2 -client_auth $CA $extra || exit 1
27
28 echo test sslv2 with both client and server authentication
29 $ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1
30fi
31
32echo test sslv3
33$ssltest -ssl3 $extra || exit 1
34
35echo test sslv3 with server authentication
36$ssltest -ssl3 -server_auth $CA $extra || exit 1
37
38echo test sslv3 with client authentication
39$ssltest -ssl3 -client_auth $CA $extra || exit 1
40
41echo test sslv3 with both client and server authentication
42$ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1
43
44echo test sslv2/sslv3
45$ssltest $extra || exit 1
46
47echo test sslv2/sslv3 with server authentication
48$ssltest -server_auth $CA $extra || exit 1
49
50echo test sslv2/sslv3 with client authentication
51$ssltest -client_auth $CA $extra || exit 1
52
53echo test sslv2/sslv3 with both client and server authentication
54$ssltest -server_auth -client_auth $CA $extra || exit 1
55
56echo test sslv2 via BIO pair
57$ssltest -bio_pair -ssl2 $extra || exit 1
58
59echo test sslv2 with server authentication via BIO pair
60$ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1
61
62if [ $dsa_cert = NO ]; then
63 echo test sslv2 with client authentication via BIO pair
64 $ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1
65
66 echo test sslv2 with both client and server authentication via BIO pair
67 $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1
68fi
69
70echo test sslv3 via BIO pair
71$ssltest -bio_pair -ssl3 $extra || exit 1
72
73echo test sslv3 with server authentication via BIO pair
74$ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1
75
76echo test sslv3 with client authentication via BIO pair
77$ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1
78
79echo test sslv3 with both client and server authentication via BIO pair
80$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1
81
82echo test sslv2/sslv3 via BIO pair
83$ssltest $extra || exit 1
84
85if [ $dsa_cert = NO ]; then
86 echo 'test sslv2/sslv3 w/o (EC)DHE via BIO pair'
87 $ssltest -bio_pair -no_dhe -no_ecdhe $extra || exit 1
88fi
89
90echo test sslv2/sslv3 with 1024bit DHE via BIO pair
91$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
92
93echo test sslv2/sslv3 with server authentication
94$ssltest -bio_pair -server_auth $CA $extra || exit 1
95
96echo test sslv2/sslv3 with client authentication via BIO pair
97$ssltest -bio_pair -client_auth $CA $extra || exit 1
98
99echo test sslv2/sslv3 with both client and server authentication via BIO pair
100$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
101
102echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
103$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
104
105echo "Testing ciphersuites"
106for protocol in TLSv1.2 SSLv3; do
107 echo "Testing ciphersuites for $protocol"
108 for cipher in `openssl ciphers "RSA+$protocol" | tr ':' ' '`; do
109 echo "Testing $cipher"
110 prot=""
111 if [ $protocol = "SSLv3" ] ; then
112 prot="-ssl3"
113 fi
114 $ssltest -cipher $cipher $prot
115 if [ $? -ne 0 ] ; then
116 echo "Failed $cipher"
117 exit 1
118 fi
119 done
120done
121
122#############################################################################
123
124if openssl no-dh; then
125 echo skipping anonymous DH tests
126else
127 echo test tls1 with 1024bit anonymous DH, multiple handshakes
128 $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
129fi
130
131#if openssl no-rsa; then
132# echo skipping RSA tests
133#else
134# echo 'test tls1 with 1024bit RSA, no (EC)DHE, multiple handshakes'
135# ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -no_ecdhe -num 10 -f -time $extra || exit 1
136#
137# if openssl no-dh; then
138# echo skipping RSA+DHE tests
139# else
140# echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
141# ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
142# fi
143#fi
144
145echo test tls1 with PSK
146$ssltest -tls1 -cipher PSK -psk abc123 $extra || exit 1
147
148echo test tls1 with PSK via BIO pair
149$ssltest -bio_pair -tls1 -cipher PSK -psk abc123 $extra || exit 1
150
151if openssl no-srp; then
152 echo skipping SRP tests
153else
154 echo test tls1 with SRP
155 $ssltest -tls1 -cipher SRP -srpuser test -srppass abc123
156
157 echo test tls1 with SRP via BIO pair
158 $ssltest -bio_pair -tls1 -cipher SRP -srpuser test -srppass abc123
159fi
160
161exit 0
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-05-02 21:29:32 +0000