8 files changed, 418 insertions, 0 deletions
diff --git a/src/regress/lib/libssl/Makefile b/src/regress/lib/libssl/Makefile
new file mode 100644
index 0000000000..bbd7d0721a
--- /dev/null
+++ b/src/regress/lib/libssl/Makefile
@@ -0,0 +1,231 @@
+#       $OpenBSD: Makefile,v 1.12 2003/06/16 03:15:14 mickey Exp $
+CLEANFILES+= testdsa.key testdsa.pem rsakey.pem rsacert.pem dsa512.pem
+REGRESS_TARGETS=ossltests ssl-enc ssl-dsa ssl-rsa 
+OPENSSL=/usr/sbin/openssl
+CLEAR1=p
+CIPHER=cipher
+CLEAR2=clear
+BNTEST=         bntest
+ECTEST=         ectest
+EXPTEST=        exptest
+SHATEST=        shatest
+SHA1TEST=       sha1test
+RMDTEST=        rmdtest
+MD2TEST=        md2test
+MD4TEST=        md4test
+MD5TEST=        md5test
+HMACTEST=       hmactest
+RC2TEST=        rc2test
+RC4TEST=        rc4test
+BFTEST=         bftest
+CASTTEST=       casttest
+DESTEST=        destest
+RANDTEST=       randtest
+DHTEST=         dhtest
+DSATEST=        dsatest
+RSATEST=        rsa_test
+ENGINETEST=     enginetest
+EVPTEST=        evp_test
+SSLDIR= ${.CURDIR}/../../../lib/libssl/src/crypto
+CFLAGS= -O -I${SSLDIR} -I${SSLDIR}/..
+CLEANFILES+=    $(BNTEST).c $(ECTEST).c $(HMACTEST).c \
+        $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
+        $(RANDTEST).c $(DHTEST).c $(ENGINETEST).c \
+        $(CASTTEST).c $(EXPTEST).c $(DSATEST).c $(RSATEST).c \
+        $(EVPTEST).c $(DESTEST).c ${RC2TEST}.c ${RC4TEST}.c ${MD2TEST}.c \
+        ${MD4TEST}.c ${MD5TEST}.c ${BFTEST}.c
+CLEANFILES+=    $(BNTEST) $(ECTEST) $(HMACTEST) \
+        $(SHATEST) $(SHA1TEST) $(MDC2TEST) $(RMDTEST) \
+        $(RANDTEST) $(DHTEST) $(ENGINETEST) \
+        $(CASTTEST) $(EXPTEST) $(DSATEST) $(RSATEST) \
+        $(EVPTEST) $(DESTEST) ${RC2TEST} ${RC4TEST} ${MD2TEST} ${MD4TEST} \
+        ${MD5TEST} ${BFTEST}
+CLEANFILES+= ${BNTEST}.out
+OTESTS= ${ENGINETEST}  \
+        ${EXPTEST} ${RANDTEST} \
+        ${MD2TEST} ${MD4TEST} ${MD5TEST} \
+        ${SHATEST} ${SHA1TEST} ${HMACTEST} ${RMDTEST} ${MDC2TEST} \
+        ${CASTTEST} ${BFTEST} ${RC2TEST} ${RC4TEST} ${DESTEST} \
+        ${DHTEST} ${DSATEST} ${RSATEST} \
+        ${ECTEST}
+${CLEAR1}: openssl.cnf
+        cat ${.CURDIR}/openssl.cnf > ${CLEAR1}
+CLEANFILES+=${CLEAR1}
+ENCTARGETS=rc4 des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb
+ENCTARGETS+=des-ecb des-ede des-ede3 desx des-cbc des-ede-cbc des-ede3-cbc
+ENCTARGETS+=rc2-ecb rc2-cfb rc2-ofb rc2-cbc bf-ecb bf-cfb bf-ofb bf-cbc rc4
+ENCTARGETS+=cast5-ecb cast5-cfb cast5-ofb cast5-cbc
+.for ENC in ${ENCTARGETS}
+${CIPHER}.${ENC}: ${CLEAR1}
+        ${OPENSSL} ${ENC} -bufsize 113 -e -k test < ${CLEAR1} > ${CIPHER}.${ENC}
+${CIPHER}.${ENC}.b64: ${CLEAR1}
+        ${OPENSSL} ${ENC} -bufsize 113 -a -e -k test < ${CLEAR1} > ${CIPHER}.${ENC}.b64
+${CLEAR2}.${ENC}: ${CIPHER}.${ENC}
+        ${OPENSSL} ${ENC} -bufsize 157 -d -k test < ${CIPHER}.${ENC} > ${CLEAR2}.${ENC}
+${CLEAR2}.${ENC}.b64: ${CIPHER}.${ENC}.b64
+        ${OPENSSL} ${ENC} -bufsize 157 -a -d -k test < ${CIPHER}.${ENC}.b64 > ${CLEAR2}.${ENC}.b64
+ssl-enc-${ENC}: ${CLEAR1} ${CLEAR2}.${ENC}
+        cmp ${CLEAR1} ${CLEAR2}.${ENC}
+ssl-enc-${ENC}.b64: ${CLEAR1} ${CLEAR2}.${ENC}.b64
+        cmp ${CLEAR1} ${CLEAR2}.${ENC}.b64
+REGRESS_TARGETS+=ssl-enc-${ENC} ssl-enc-${ENC}.b64
+CLEANFILES+=${CIPHER}.${ENC} ${CIPHER}.${ENC}.b64 ${CLEAR2}.${ENC} ${CLEAR2}.${ENC}.b64 .rnd
+.endfor
+ssl-enc:
+        sh ${.CURDIR}/testenc.sh ${.OBJDIR} ${.CURDIR}
+ssl-dsa:
+        sh ${.CURDIR}/testdsa.sh ${.OBJDIR} ${.CURDIR}
+ssl-rsa:
+        sh ${.CURDIR}/testrsa.sh ${.OBJDIR} ${.CURDIR}
+ossltests: ${OTESTS} ${BNTEST} ${EVPTEST}
+        @echo running ${BNTEST}, check ${.OBJDIR}/${BNTEST}.out if this fails.
+        ${.OBJDIR}/${BNTEST} > ${.OBJDIR}/${BNTEST}.out 2>&1
+.for OT in ${OTESTS}
+        @echo running ${OT}
+        ${.OBJDIR}/${OT} 
+.endfor
+        @echo running ${EVPTEST}
+        ${.OBJDIR}/${EVPTEST} ${SSLDIR}/evp/evptests.txt
+$(BNTEST).c: ${SSLDIR}/bn/bntest.c
+        cp ${SSLDIR}/bn/bntest.c ${.OBJDIR}
+$(BNTEST): ${BNTEST}.c
+        cc ${CFLAGS} -o $(BNTEST) ${BNTEST}.c -lcrypto
+$(EXPTEST).c: ${SSLDIR}/bn/exptest.c
+        cp ${SSLDIR}/bn/exptest.c ${.OBJDIR}
+$(EXPTEST): ${EXPTEST}.c
+        cc ${CFLAGS} -o $(EXPTEST) ${EXPTEST}.c -lcrypto
+$(ECTEST).c: ${SSLDIR}/ec/ectest.c
+        cp ${SSLDIR}/ec/ectest.c ${.OBJDIR}
+$(ECTEST): ${ECTEST}.c
+        cc ${CFLAGS} -o $(ECTEST) ${ECTEST}.c -lcrypto
+$(EVPTEST).c: ${SSLDIR}/evp/${EVPTEST}.c
+        cp ${SSLDIR}/evp/${EVPTEST}.c ${.OBJDIR}
+$(EVPTEST): ${EVPTEST}.c
+        cc ${CFLAGS} -o $(EVPTEST) ${EVPTEST}.c -lcrypto
+$(SHATEST).c: ${SSLDIR}/sha/${SHATEST}.c
+        cp ${SSLDIR}/sha/${SHATEST}.c ${.OBJDIR}
+$(SHATEST): ${SHATEST}.c
+        cc ${CFLAGS} -o $(SHATEST) ${SHATEST}.c -lcrypto
+$(SHA1TEST).c: ${SSLDIR}/sha/${SHA1TEST}.c
+        cp ${SSLDIR}/sha/${SHA1TEST}.c ${.OBJDIR}
+$(SHA1TEST): ${SHA1TEST}.c
+        cc ${CFLAGS} -o $(SHA1TEST) ${SHA1TEST}.c -lcrypto
+$(RANDTEST).c: ${SSLDIR}/rand/${RANDTEST}.c
+        cp ${SSLDIR}/rand/${RANDTEST}.c ${.OBJDIR}
+$(RANDTEST): ${RANDTEST}.c
+        cc ${CFLAGS} -o $(RANDTEST) ${RANDTEST}.c -lcrypto
+$(RMDTEST).c: ${SSLDIR}/ripemd/${RMDTEST}.c
+        cp ${SSLDIR}/ripemd/${RMDTEST}.c ${.OBJDIR}
+$(RMDTEST): ${RMDTEST}.c
+        cc ${CFLAGS} -o $(RMDTEST) ${RMDTEST}.c -lcrypto
+$(DHTEST).c: ${SSLDIR}/dh/${DHTEST}.c
+        cp ${SSLDIR}/dh/${DHTEST}.c ${.OBJDIR}
+$(DHTEST): ${DHTEST}.c
+        cc ${CFLAGS} -o $(DHTEST) ${DHTEST}.c -lcrypto
+$(ENGINETEST).c: ${SSLDIR}/engine/${ENGINETEST}.c
+        cp ${SSLDIR}/engine/${ENGINETEST}.c ${.OBJDIR}
+$(ENGINETEST): ${ENGINETEST}.c
+        cc ${CFLAGS} -o $(ENGINETEST) ${ENGINETEST}.c -lcrypto
+$(CASTTEST).c: ${SSLDIR}/cast/${CASTTEST}.c
+        cp ${SSLDIR}/cast/${CASTTEST}.c ${.OBJDIR}
+$(CASTTEST): ${CASTTEST}.c
+        cc ${CFLAGS} -o $(CASTTEST) ${CASTTEST}.c -lcrypto
+$(RSATEST).c: ${SSLDIR}/rsa/${RSATEST}.c
+        cp ${SSLDIR}/rsa/${RSATEST}.c ${.OBJDIR}
+$(RSATEST): ${RSATEST}.c
+        cc ${CFLAGS} -o $(RSATEST) ${RSATEST}.c -lcrypto
+$(DSATEST).c: ${SSLDIR}/dsa/${DSATEST}.c
+        cp ${SSLDIR}/dsa/${DSATEST}.c ${.OBJDIR}
+$(DSATEST): ${DSATEST}.c
+        cc ${CFLAGS} -o $(DSATEST) ${DSATEST}.c -lcrypto
+$(HMACTEST).c: ${SSLDIR}/hmac/${HMACTEST}.c
+        cp ${SSLDIR}/hmac/${HMACTEST}.c ${.OBJDIR}
+$(HMACTEST): ${HMACTEST}.c
+        cc ${CFLAGS} -o $(HMACTEST) ${HMACTEST}.c -lcrypto
+$(DESTEST).c: ${SSLDIR}/des/${DESTEST}.c
+        cp ${SSLDIR}/des/${DESTEST}.c ${.OBJDIR}
+$(DESTEST): ${DESTEST}.c
+        cc ${CFLAGS} -o $(DESTEST) ${DESTEST}.c -lcrypto
+$(BFTEST).c: ${SSLDIR}/bf/${BFTEST}.c
+        cp ${SSLDIR}/bf/${BFTEST}.c ${.OBJDIR}
+$(BFTEST): ${BFTEST}.c
+        cc ${CFLAGS} -o $(BFTEST) ${BFTEST}.c -lcrypto
+$(RC2TEST).c: ${SSLDIR}/rc2/${RC2TEST}.c
+        cp ${SSLDIR}/rc2/${RC2TEST}.c ${.OBJDIR}
+$(RC2TEST): ${RC2TEST}.c
+        cc ${CFLAGS} -o $(RC2TEST) ${RC2TEST}.c -lcrypto
+$(RC4TEST).c: ${SSLDIR}/rc4/${RC4TEST}.c
+        cp ${SSLDIR}/rc4/${RC4TEST}.c ${.OBJDIR}
+$(RC4TEST): ${RC4TEST}.c
+        cc ${CFLAGS} -o $(RC4TEST) ${RC4TEST}.c -lcrypto
+$(MD2TEST).c: ${SSLDIR}/md2/${MD2TEST}.c
+        cp ${SSLDIR}/md2/${MD2TEST}.c ${.OBJDIR}
+$(MD2TEST): ${MD2TEST}.c
+        cc ${CFLAGS} -o $(MD2TEST) ${MD2TEST}.c -lcrypto
+$(MD4TEST).c: ${SSLDIR}/md4/${MD4TEST}.c
+        cp ${SSLDIR}/md4/${MD4TEST}.c ${.OBJDIR}
+$(MD4TEST): ${MD4TEST}.c
+        cc ${CFLAGS} -o $(MD4TEST) ${MD4TEST}.c -lcrypto
+$(MD5TEST).c: ${SSLDIR}/md5/${MD5TEST}.c
+        cp ${SSLDIR}/md5/${MD5TEST}.c ${.OBJDIR}
+$(MD5TEST): ${MD5TEST}.c
+        cc ${CFLAGS} -o $(MD5TEST) ${MD5TEST}.c -lcrypto
+.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/README b/src/regress/lib/libssl/README
new file mode 100644
index 0000000000..878feca400
--- /dev/null
+++ b/src/regress/lib/libssl/README
@@ -0,0 +1,6 @@
+testenc.sh tests encryption routines
+testdsa.sh tests DSA certificate generation
+test_server.sh starts a tls1 server using the above generated certificate
+test_client.sh starts a client to talk to the server.
+testrsa.sh tests RSA certificate generation
diff --git a/src/regress/lib/libssl/openssl.cnf b/src/regress/lib/libssl/openssl.cnf
new file mode 100644
index 0000000000..9b6cf400c6
--- /dev/null
+++ b/src/regress/lib/libssl/openssl.cnf
@@ -0,0 +1,29 @@
+#       $OpenBSD: openssl.cnf,v 1.2 2001/01/29 02:05:46 niklas Exp $
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# hacked by iang to do DSA certs - Server
+RANDFILE              = ./.rnd
+####################################################################
+[ req ]
+distinguished_name    = req_distinguished_name
+encrypt_rsa_key               = no
+[ req_distinguished_name ]
+countryName                   = Country Name (2 letter code)
+countryName_default           = CA
+countryName_value             = CA
+organizationName                = Organization Name (eg, company)
+organizationName_value          = Shake it Vera 
+0.commonName                  = Common Name (eg, YOUR name)
+0.commonName_value            = Wastelandus
+1.commonName                  = Common Name (eg, YOUR name)
+1.commonName_value            = Maximus
diff --git a/src/regress/lib/libssl/test_client.sh b/src/regress/lib/libssl/test_client.sh
new file mode 100644
index 0000000000..4f17fad80e
--- /dev/null
+++ b/src/regress/lib/libssl/test_client.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+#       $OpenBSD: test_client.sh,v 1.3 2001/01/29 02:05:48 niklas Exp $
+echo
+echo This starts a tls1 mode client to talk to the server run by 
+echo ./testserver.sh. You should start the server first. 
+echo
+echo type in this window after ssl negotiation and your output should
+echo be echoed by the server. 
+echo
+echo
+/usr/sbin/openssl s_client -tls1
diff --git a/src/regress/lib/libssl/test_server.sh b/src/regress/lib/libssl/test_server.sh
new file mode 100644
index 0000000000..a9e2c84d4f
--- /dev/null
+++ b/src/regress/lib/libssl/test_server.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+#       $OpenBSD: test_server.sh,v 1.3 2001/01/29 02:05:48 niklas Exp $
+echo This starts a tls1 mode server using the DSA certificate in ./server.pem
+echo Run ./testclient.sh in another window and type at it, you should 
+echo see the results of the ssl negotiation, and stuff you type in the client
+echo should echo in this window
+echo
+echo
+/usr/sbin/openssl s_server -tls1 -key testdsa.key -cert testdsa.pem
diff --git a/src/regress/lib/libssl/testdsa.sh b/src/regress/lib/libssl/testdsa.sh
new file mode 100644
index 0000000000..48526eec11
--- /dev/null
+++ b/src/regress/lib/libssl/testdsa.sh
@@ -0,0 +1,29 @@
+#!/bin/sh
+#       $OpenBSD: testdsa.sh,v 1.4 2001/01/29 02:05:48 niklas Exp $
+#Test DSA certificate generation of openssl
+cd $1
+# Generate DSA paramter set
+openssl dsaparam 512 -out dsa512.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+# Denerate a DSA certificate
+openssl req -config $2/openssl.cnf -x509 -newkey dsa:dsa512.pem -out testdsa.pem -keyout testdsa.key
+if [ $? != 0 ]; then
+        exit 1;
+fi
+# Now check the certificate
+openssl x509 -text -in testdsa.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+exit 0
diff --git a/src/regress/lib/libssl/testenc.sh b/src/regress/lib/libssl/testenc.sh
new file mode 100644
index 0000000000..355e9cd923
--- /dev/null
+++ b/src/regress/lib/libssl/testenc.sh
@@ -0,0 +1,70 @@
+#!/bin/sh
+#       $OpenBSD: testenc.sh,v 1.6 2002/01/15 18:51:39 art Exp $
+testsrc=$2/openssl.cnf
+test=$1/p
+cmd=/usr/sbin/openssl
+cd $1
+cat $testsrc >$test;
+echo cat
+$cmd enc < $test > $test.cipher
+$cmd enc < $test.cipher >$test.clear
+cmp $test $test.clear
+if [ $? != 0 ]
+then
+        exit 1
+else
+        /bin/rm $test.cipher $test.clear
+fi
+echo base64
+$cmd enc -a -e < $test > $test.cipher
+$cmd enc -a -d < $test.cipher >$test.clear
+cmp $test $test.clear
+if [ $? != 0 ]
+then
+        exit 1
+else
+        /bin/rm $test.cipher $test.clear
+fi
+/bin/rm -f $test
+exit 0
+# These tests are now done by the makefile.
+for i in rc4 \
+        des-cfb des-ede-cfb des-ede3-cfb \
+        des-ofb des-ede-ofb des-ede3-ofb \
+        des-ecb des-ede des-ede3 desx \
+        des-cbc des-ede-cbc des-ede3-cbc \
+        rc2-ecb rc2-cfb rc2-ofb rc2-cbc \
+        bf-ecb bf-cfb bf-ofb bf-cbc rc4 \
+        cast5-ecb cast5-cfb cast5-ofb cast5-cbc
+do
+        echo $i
+        $cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher
+        $cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear
+        cmp $test $test.$i.clear
+        if [ $? != 0 ]
+        then
+                exit 1
+        else
+                /bin/rm $test.$i.cipher $test.$i.clear
+        fi
+        echo $i base64
+        $cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher
+        $cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
+        cmp $test $test.$i.clear
+        if [ $? != 0 ]
+        then
+                exit 1
+        else
+                /bin/rm $test.$i.cipher $test.$i.clear
+        fi
+done
+rm -f $test
diff --git a/src/regress/lib/libssl/testrsa.sh b/src/regress/lib/libssl/testrsa.sh
new file mode 100644
index 0000000000..17c6abf7ce
--- /dev/null
+++ b/src/regress/lib/libssl/testrsa.sh
@@ -0,0 +1,29 @@
+#!/bin/sh
+#       $OpenBSD: testrsa.sh,v 1.6 2002/01/02 15:13:18 art Exp $
+#Test RSA certificate generation of openssl
+cd $1
+# Generate RSA private key
+openssl genrsa -out rsakey.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+# Generate an RSA certificate
+openssl req -config $2/openssl.cnf -key rsakey.pem -new -x509 -days 365 -out rsacert.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+# Now check the certificate
+openssl x509 -text -in rsacert.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+exit 0

diff --git a/src/regress/lib/libssl/Makefile b/src/regress/lib/libssl/Makefile new file mode 100644 index 0000000000..bbd7d0721a --- /dev/null +++ b/src/regress/lib/libssl/Makefile
@@ -0,0 +1,231 @@
	1	# $OpenBSD: Makefile,v 1.12 2003/06/16 03:15:14 mickey Exp $
	2
	3	CLEANFILES+= testdsa.key testdsa.pem rsakey.pem rsacert.pem dsa512.pem
	4
	5	REGRESS_TARGETS=ossltests ssl-enc ssl-dsa ssl-rsa
	6
	7	OPENSSL=/usr/sbin/openssl
	8	CLEAR1=p
	9	CIPHER=cipher
	10	CLEAR2=clear
	11
	12	BNTEST= bntest
	13	ECTEST= ectest
	14	EXPTEST= exptest
	15	SHATEST= shatest
	16	SHA1TEST= sha1test
	17	RMDTEST= rmdtest
	18	MD2TEST= md2test
	19	MD4TEST= md4test
	20	MD5TEST= md5test
	21	HMACTEST= hmactest
	22	RC2TEST= rc2test
	23	RC4TEST= rc4test
	24	BFTEST= bftest
	25	CASTTEST= casttest
	26	DESTEST= destest
	27	RANDTEST= randtest
	28	DHTEST= dhtest
	29	DSATEST= dsatest
	30	RSATEST= rsa_test
	31	ENGINETEST= enginetest
	32	EVPTEST= evp_test
	33
	34	SSLDIR= ${.CURDIR}/../../../lib/libssl/src/crypto
	35
	36	CFLAGS= -O -I${SSLDIR} -I${SSLDIR}/..
	37
	38	CLEANFILES+= $(BNTEST).c $(ECTEST).c $(HMACTEST).c \
	39	$(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
	40	$(RANDTEST).c $(DHTEST).c $(ENGINETEST).c \
	41	$(CASTTEST).c $(EXPTEST).c $(DSATEST).c $(RSATEST).c \
	42	$(EVPTEST).c $(DESTEST).c ${RC2TEST}.c ${RC4TEST}.c ${MD2TEST}.c \
	43	${MD4TEST}.c ${MD5TEST}.c ${BFTEST}.c
	44
	45	CLEANFILES+= $(BNTEST) $(ECTEST) $(HMACTEST) \
	46	$(SHATEST) $(SHA1TEST) $(MDC2TEST) $(RMDTEST) \
	47	$(RANDTEST) $(DHTEST) $(ENGINETEST) \
	48	$(CASTTEST) $(EXPTEST) $(DSATEST) $(RSATEST) \
	49	$(EVPTEST) $(DESTEST) ${RC2TEST} ${RC4TEST} ${MD2TEST} ${MD4TEST} \
	50	${MD5TEST} ${BFTEST}
	51
	52	CLEANFILES+= ${BNTEST}.out
	53
	54	OTESTS= ${ENGINETEST} \
	55	${EXPTEST} ${RANDTEST} \
	56	${MD2TEST} ${MD4TEST} ${MD5TEST} \
	57	${SHATEST} ${SHA1TEST} ${HMACTEST} ${RMDTEST} ${MDC2TEST} \
	58	${CASTTEST} ${BFTEST} ${RC2TEST} ${RC4TEST} ${DESTEST} \
	59	${DHTEST} ${DSATEST} ${RSATEST} \
	60	${ECTEST}
	61
	62	${CLEAR1}: openssl.cnf
	63	cat ${.CURDIR}/openssl.cnf > ${CLEAR1}
	64
	65	CLEANFILES+=${CLEAR1}
	66
	67	ENCTARGETS=rc4 des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb
	68	ENCTARGETS+=des-ecb des-ede des-ede3 desx des-cbc des-ede-cbc des-ede3-cbc
	69	ENCTARGETS+=rc2-ecb rc2-cfb rc2-ofb rc2-cbc bf-ecb bf-cfb bf-ofb bf-cbc rc4
	70	ENCTARGETS+=cast5-ecb cast5-cfb cast5-ofb cast5-cbc
	71
	72	.for ENC in ${ENCTARGETS}
	73	${CIPHER}.${ENC}: ${CLEAR1}
	74	${OPENSSL} ${ENC} -bufsize 113 -e -k test < ${CLEAR1} > ${CIPHER}.${ENC}
	75	${CIPHER}.${ENC}.b64: ${CLEAR1}
	76	${OPENSSL} ${ENC} -bufsize 113 -a -e -k test < ${CLEAR1} > ${CIPHER}.${ENC}.b64
	77
	78	${CLEAR2}.${ENC}: ${CIPHER}.${ENC}
	79	${OPENSSL} ${ENC} -bufsize 157 -d -k test < ${CIPHER}.${ENC} > ${CLEAR2}.${ENC}
	80	${CLEAR2}.${ENC}.b64: ${CIPHER}.${ENC}.b64
	81	${OPENSSL} ${ENC} -bufsize 157 -a -d -k test < ${CIPHER}.${ENC}.b64 > ${CLEAR2}.${ENC}.b64
	82
	83	ssl-enc-${ENC}: ${CLEAR1} ${CLEAR2}.${ENC}
	84	cmp ${CLEAR1} ${CLEAR2}.${ENC}
	85	ssl-enc-${ENC}.b64: ${CLEAR1} ${CLEAR2}.${ENC}.b64
	86	cmp ${CLEAR1} ${CLEAR2}.${ENC}.b64
	87
	88	REGRESS_TARGETS+=ssl-enc-${ENC} ssl-enc-${ENC}.b64
	89	CLEANFILES+=${CIPHER}.${ENC} ${CIPHER}.${ENC}.b64 ${CLEAR2}.${ENC} ${CLEAR2}.${ENC}.b64 .rnd
	90	.endfor
	91
	92	ssl-enc:
	93	sh ${.CURDIR}/testenc.sh ${.OBJDIR} ${.CURDIR}
	94	ssl-dsa:
	95	sh ${.CURDIR}/testdsa.sh ${.OBJDIR} ${.CURDIR}
	96	ssl-rsa:
	97	sh ${.CURDIR}/testrsa.sh ${.OBJDIR} ${.CURDIR}
	98
	99	ossltests: ${OTESTS} ${BNTEST} ${EVPTEST}
	100	@echo running ${BNTEST}, check ${.OBJDIR}/${BNTEST}.out if this fails.
	101	${.OBJDIR}/${BNTEST} > ${.OBJDIR}/${BNTEST}.out 2>&1
	102	.for OT in ${OTESTS}
	103	@echo running ${OT}
	104	${.OBJDIR}/${OT}
	105	.endfor
	106	@echo running ${EVPTEST}
	107	${.OBJDIR}/${EVPTEST} ${SSLDIR}/evp/evptests.txt
	108
	109	$(BNTEST).c: ${SSLDIR}/bn/bntest.c
	110	cp ${SSLDIR}/bn/bntest.c ${.OBJDIR}
	111
	112	$(BNTEST): ${BNTEST}.c
	113	cc ${CFLAGS} -o $(BNTEST) ${BNTEST}.c -lcrypto
	114
	115	$(EXPTEST).c: ${SSLDIR}/bn/exptest.c
	116	cp ${SSLDIR}/bn/exptest.c ${.OBJDIR}
	117
	118	$(EXPTEST): ${EXPTEST}.c
	119	cc ${CFLAGS} -o $(EXPTEST) ${EXPTEST}.c -lcrypto
	120
	121	$(ECTEST).c: ${SSLDIR}/ec/ectest.c
	122	cp ${SSLDIR}/ec/ectest.c ${.OBJDIR}
	123
	124	$(ECTEST): ${ECTEST}.c
	125	cc ${CFLAGS} -o $(ECTEST) ${ECTEST}.c -lcrypto
	126
	127	$(EVPTEST).c: ${SSLDIR}/evp/${EVPTEST}.c
	128	cp ${SSLDIR}/evp/${EVPTEST}.c ${.OBJDIR}
	129	$(EVPTEST): ${EVPTEST}.c
	130	cc ${CFLAGS} -o $(EVPTEST) ${EVPTEST}.c -lcrypto
	131
	132	$(SHATEST).c: ${SSLDIR}/sha/${SHATEST}.c
	133	cp ${SSLDIR}/sha/${SHATEST}.c ${.OBJDIR}
	134	$(SHATEST): ${SHATEST}.c
	135	cc ${CFLAGS} -o $(SHATEST) ${SHATEST}.c -lcrypto
	136
	137	$(SHA1TEST).c: ${SSLDIR}/sha/${SHA1TEST}.c
	138	cp ${SSLDIR}/sha/${SHA1TEST}.c ${.OBJDIR}
	139	$(SHA1TEST): ${SHA1TEST}.c
	140	cc ${CFLAGS} -o $(SHA1TEST) ${SHA1TEST}.c -lcrypto
	141
	142	$(RANDTEST).c: ${SSLDIR}/rand/${RANDTEST}.c
	143	cp ${SSLDIR}/rand/${RANDTEST}.c ${.OBJDIR}
	144	$(RANDTEST): ${RANDTEST}.c
	145	cc ${CFLAGS} -o $(RANDTEST) ${RANDTEST}.c -lcrypto
	146
	147	$(RMDTEST).c: ${SSLDIR}/ripemd/${RMDTEST}.c
	148	cp ${SSLDIR}/ripemd/${RMDTEST}.c ${.OBJDIR}
	149	$(RMDTEST): ${RMDTEST}.c
	150	cc ${CFLAGS} -o $(RMDTEST) ${RMDTEST}.c -lcrypto
	151
	152	$(DHTEST).c: ${SSLDIR}/dh/${DHTEST}.c
	153	cp ${SSLDIR}/dh/${DHTEST}.c ${.OBJDIR}
	154
	155	$(DHTEST): ${DHTEST}.c
	156	cc ${CFLAGS} -o $(DHTEST) ${DHTEST}.c -lcrypto
	157
	158	$(ENGINETEST).c: ${SSLDIR}/engine/${ENGINETEST}.c
	159	cp ${SSLDIR}/engine/${ENGINETEST}.c ${.OBJDIR}
	160
	161	$(ENGINETEST): ${ENGINETEST}.c
	162	cc ${CFLAGS} -o $(ENGINETEST) ${ENGINETEST}.c -lcrypto
	163
	164	$(CASTTEST).c: ${SSLDIR}/cast/${CASTTEST}.c
	165	cp ${SSLDIR}/cast/${CASTTEST}.c ${.OBJDIR}
	166
	167	$(CASTTEST): ${CASTTEST}.c
	168	cc ${CFLAGS} -o $(CASTTEST) ${CASTTEST}.c -lcrypto
	169
	170	$(RSATEST).c: ${SSLDIR}/rsa/${RSATEST}.c
	171	cp ${SSLDIR}/rsa/${RSATEST}.c ${.OBJDIR}
	172
	173	$(RSATEST): ${RSATEST}.c
	174	cc ${CFLAGS} -o $(RSATEST) ${RSATEST}.c -lcrypto
	175
	176	$(DSATEST).c: ${SSLDIR}/dsa/${DSATEST}.c
	177	cp ${SSLDIR}/dsa/${DSATEST}.c ${.OBJDIR}
	178
	179	$(DSATEST): ${DSATEST}.c
	180	cc ${CFLAGS} -o $(DSATEST) ${DSATEST}.c -lcrypto
	181
	182
	183	$(HMACTEST).c: ${SSLDIR}/hmac/${HMACTEST}.c
	184	cp ${SSLDIR}/hmac/${HMACTEST}.c ${.OBJDIR}
	185
	186	$(HMACTEST): ${HMACTEST}.c
	187	cc ${CFLAGS} -o $(HMACTEST) ${HMACTEST}.c -lcrypto
	188
	189	$(DESTEST).c: ${SSLDIR}/des/${DESTEST}.c
	190	cp ${SSLDIR}/des/${DESTEST}.c ${.OBJDIR}
	191
	192	$(DESTEST): ${DESTEST}.c
	193	cc ${CFLAGS} -o $(DESTEST) ${DESTEST}.c -lcrypto
	194
	195	$(BFTEST).c: ${SSLDIR}/bf/${BFTEST}.c
	196	cp ${SSLDIR}/bf/${BFTEST}.c ${.OBJDIR}
	197
	198	$(BFTEST): ${BFTEST}.c
	199	cc ${CFLAGS} -o $(BFTEST) ${BFTEST}.c -lcrypto
	200
	201	$(RC2TEST).c: ${SSLDIR}/rc2/${RC2TEST}.c
	202	cp ${SSLDIR}/rc2/${RC2TEST}.c ${.OBJDIR}
	203
	204	$(RC2TEST): ${RC2TEST}.c
	205	cc ${CFLAGS} -o $(RC2TEST) ${RC2TEST}.c -lcrypto
	206
	207	$(RC4TEST).c: ${SSLDIR}/rc4/${RC4TEST}.c
	208	cp ${SSLDIR}/rc4/${RC4TEST}.c ${.OBJDIR}
	209
	210	$(RC4TEST): ${RC4TEST}.c
	211	cc ${CFLAGS} -o $(RC4TEST) ${RC4TEST}.c -lcrypto
	212
	213	$(MD2TEST).c: ${SSLDIR}/md2/${MD2TEST}.c
	214	cp ${SSLDIR}/md2/${MD2TEST}.c ${.OBJDIR}
	215
	216	$(MD2TEST): ${MD2TEST}.c
	217	cc ${CFLAGS} -o $(MD2TEST) ${MD2TEST}.c -lcrypto
	218
	219	$(MD4TEST).c: ${SSLDIR}/md4/${MD4TEST}.c
	220	cp ${SSLDIR}/md4/${MD4TEST}.c ${.OBJDIR}
	221
	222	$(MD4TEST): ${MD4TEST}.c
	223	cc ${CFLAGS} -o $(MD4TEST) ${MD4TEST}.c -lcrypto
	224
	225	$(MD5TEST).c: ${SSLDIR}/md5/${MD5TEST}.c
	226	cp ${SSLDIR}/md5/${MD5TEST}.c ${.OBJDIR}
	227
	228	$(MD5TEST): ${MD5TEST}.c
	229	cc ${CFLAGS} -o $(MD5TEST) ${MD5TEST}.c -lcrypto
	230
	231	.include <bsd.regress.mk>


diff --git a/src/regress/lib/libssl/README b/src/regress/lib/libssl/README new file mode 100644 index 0000000000..878feca400 --- /dev/null +++ b/src/regress/lib/libssl/README
@@ -0,0 +1,6 @@
	1	testenc.sh tests encryption routines
	2	testdsa.sh tests DSA certificate generation
	3	test_server.sh starts a tls1 server using the above generated certificate
	4	test_client.sh starts a client to talk to the server.
	5	testrsa.sh tests RSA certificate generation
	6


diff --git a/src/regress/lib/libssl/openssl.cnf b/src/regress/lib/libssl/openssl.cnf new file mode 100644 index 0000000000..9b6cf400c6 --- /dev/null +++ b/src/regress/lib/libssl/openssl.cnf
@@ -0,0 +1,29 @@
	1	# $OpenBSD: openssl.cnf,v 1.2 2001/01/29 02:05:46 niklas Exp $
	2
	3	#
	4	# SSLeay example configuration file.
	5	# This is mostly being used for generation of certificate requests.
	6	#
	7	# hacked by iang to do DSA certs - Server
	8
	9	RANDFILE = ./.rnd
	10
	11	####################################################################
	12	[ req ]
	13	distinguished_name = req_distinguished_name
	14	encrypt_rsa_key = no
	15
	16	[ req_distinguished_name ]
	17	countryName = Country Name (2 letter code)
	18	countryName_default = CA
	19	countryName_value = CA
	20
	21	organizationName = Organization Name (eg, company)
	22	organizationName_value = Shake it Vera
	23
	24	0.commonName = Common Name (eg, YOUR name)
	25	0.commonName_value = Wastelandus
	26
	27	1.commonName = Common Name (eg, YOUR name)
	28	1.commonName_value = Maximus
	29


diff --git a/src/regress/lib/libssl/test_client.sh b/src/regress/lib/libssl/test_client.sh new file mode 100644 index 0000000000..4f17fad80e --- /dev/null +++ b/src/regress/lib/libssl/test_client.sh
@@ -0,0 +1,13 @@
	1	#!/bin/sh
	2	# $OpenBSD: test_client.sh,v 1.3 2001/01/29 02:05:48 niklas Exp $
	3
	4
	5	echo
	6	echo This starts a tls1 mode client to talk to the server run by
	7	echo ./testserver.sh. You should start the server first.
	8	echo
	9	echo type in this window after ssl negotiation and your output should
	10	echo be echoed by the server.
	11	echo
	12	echo
	13	/usr/sbin/openssl s_client -tls1


diff --git a/src/regress/lib/libssl/test_server.sh b/src/regress/lib/libssl/test_server.sh new file mode 100644 index 0000000000..a9e2c84d4f --- /dev/null +++ b/src/regress/lib/libssl/test_server.sh
@@ -0,0 +1,11 @@
	1	#!/bin/sh
	2	# $OpenBSD: test_server.sh,v 1.3 2001/01/29 02:05:48 niklas Exp $
	3
	4
	5	echo This starts a tls1 mode server using the DSA certificate in ./server.pem
	6	echo Run ./testclient.sh in another window and type at it, you should
	7	echo see the results of the ssl negotiation, and stuff you type in the client
	8	echo should echo in this window
	9	echo
	10	echo
	11	/usr/sbin/openssl s_server -tls1 -key testdsa.key -cert testdsa.pem


diff --git a/src/regress/lib/libssl/testdsa.sh b/src/regress/lib/libssl/testdsa.sh new file mode 100644 index 0000000000..48526eec11 --- /dev/null +++ b/src/regress/lib/libssl/testdsa.sh
@@ -0,0 +1,29 @@
	1	#!/bin/sh
	2	# $OpenBSD: testdsa.sh,v 1.4 2001/01/29 02:05:48 niklas Exp $
	3
	4
	5	#Test DSA certificate generation of openssl
	6
	7	cd $1
	8
	9	# Generate DSA paramter set
	10	openssl dsaparam 512 -out dsa512.pem
	11	if [ $? != 0 ]; then
	12	exit 1;
	13	fi
	14
	15
	16	# Denerate a DSA certificate
	17	openssl req -config $2/openssl.cnf -x509 -newkey dsa:dsa512.pem -out testdsa.pem -keyout testdsa.key
	18	if [ $? != 0 ]; then
	19	exit 1;
	20	fi
	21
	22
	23	# Now check the certificate
	24	openssl x509 -text -in testdsa.pem
	25	if [ $? != 0 ]; then
	26	exit 1;
	27	fi
	28
	29	exit 0


diff --git a/src/regress/lib/libssl/testenc.sh b/src/regress/lib/libssl/testenc.sh new file mode 100644 index 0000000000..355e9cd923 --- /dev/null +++ b/src/regress/lib/libssl/testenc.sh
@@ -0,0 +1,70 @@
	1	#!/bin/sh
	2	# $OpenBSD: testenc.sh,v 1.6 2002/01/15 18:51:39 art Exp $
	3
	4
	5	testsrc=$2/openssl.cnf
	6	test=$1/p
	7	cmd=/usr/sbin/openssl
	8
	9	cd $1
	10
	11	cat $testsrc >$test;
	12
	13	echo cat
	14	$cmd enc < $test > $test.cipher
	15	$cmd enc < $test.cipher >$test.clear
	16	cmp $test $test.clear
	17	if [ $? != 0 ]
	18	then
	19	exit 1
	20	else
	21	/bin/rm $test.cipher $test.clear
	22	fi
	23	echo base64
	24	$cmd enc -a -e < $test > $test.cipher
	25	$cmd enc -a -d < $test.cipher >$test.clear
	26	cmp $test $test.clear
	27	if [ $? != 0 ]
	28	then
	29	exit 1
	30	else
	31	/bin/rm $test.cipher $test.clear
	32	fi
	33
	34	/bin/rm -f $test
	35	exit 0
	36
	37	# These tests are now done by the makefile.
	38
	39	for i in rc4 \
	40	des-cfb des-ede-cfb des-ede3-cfb \
	41	des-ofb des-ede-ofb des-ede3-ofb \
	42	des-ecb des-ede des-ede3 desx \
	43	des-cbc des-ede-cbc des-ede3-cbc \
	44	rc2-ecb rc2-cfb rc2-ofb rc2-cbc \
	45	bf-ecb bf-cfb bf-ofb bf-cbc rc4 \
	46	cast5-ecb cast5-cfb cast5-ofb cast5-cbc
	47	do
	48	echo $i
	49	$cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher
	50	$cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear
	51	cmp $test $test.$i.clear
	52	if [ $? != 0 ]
	53	then
	54	exit 1
	55	else
	56	/bin/rm $test.$i.cipher $test.$i.clear
	57	fi
	58
	59	echo $i base64
	60	$cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher
	61	$cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
	62	cmp $test $test.$i.clear
	63	if [ $? != 0 ]
	64	then
	65	exit 1
	66	else
	67	/bin/rm $test.$i.cipher $test.$i.clear
	68	fi
	69	done
	70	rm -f $test


diff --git a/src/regress/lib/libssl/testrsa.sh b/src/regress/lib/libssl/testrsa.sh new file mode 100644 index 0000000000..17c6abf7ce --- /dev/null +++ b/src/regress/lib/libssl/testrsa.sh
@@ -0,0 +1,29 @@
	1	#!/bin/sh
	2	# $OpenBSD: testrsa.sh,v 1.6 2002/01/02 15:13:18 art Exp $
	3
	4
	5	#Test RSA certificate generation of openssl
	6
	7	cd $1
	8
	9	# Generate RSA private key
	10	openssl genrsa -out rsakey.pem
	11	if [ $? != 0 ]; then
	12	exit 1;
	13	fi
	14
	15
	16	# Generate an RSA certificate
	17	openssl req -config $2/openssl.cnf -key rsakey.pem -new -x509 -days 365 -out rsacert.pem
	18	if [ $? != 0 ]; then
	19	exit 1;
	20	fi
	21
	22
	23	# Now check the certificate
	24	openssl x509 -text -in rsacert.pem
	25	if [ $? != 0 ]; then
	26	exit 1;
	27	fi
	28
	29	exit 0