8 files changed, 424 insertions, 0 deletions
diff --git a/src/regress/lib/libssl/Makefile b/src/regress/lib/libssl/Makefile
new file mode 100644
index 0000000000..85608b9679
--- /dev/null
+++ b/src/regress/lib/libssl/Makefile
@@ -0,0 +1,237 @@
+#       $OpenBSD: Makefile,v 1.9 2002/09/02 20:01:43 avsm Exp $
+CLEANFILES+= testdsa.key testdsa.pem rsakey.pem rsacert.pem dsa512.pem
+REGRESS_TARGETS=ossltests ssl-enc ssl-dsa ssl-rsa 
+OPENSSL=/usr/sbin/openssl
+CLEAR1=p
+CIPHER=cipher
+CLEAR2=clear
+BNTEST=         bntest
+ECTEST=         ectest
+EXPTEST=        exptest
+SHATEST=        shatest
+SHA1TEST=       sha1test
+MDC2TEST=       mdc2test
+RMDTEST=        rmdtest
+MD2TEST=        md2test
+MD4TEST=        md4test
+MD5TEST=        md5test
+HMACTEST=       hmactest
+RC2TEST=        rc2test
+RC4TEST=        rc4test
+BFTEST=         bftest
+CASTTEST=       casttest
+DESTEST=        destest
+RANDTEST=       randtest
+DHTEST=         dhtest
+DSATEST=        dsatest
+RSATEST=        rsa_test
+ENGINETEST=     enginetest
+EVPTEST=        evp_test
+CLEANFILES+=    $(BNTEST).c $(ECTEST).c $(HMACTEST).c \
+        $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
+        $(RANDTEST).c $(DHTEST).c $(ENGINETEST).c \
+        $(CASTTEST).c $(EXPTEST).c $(DSATEST).c $(RSATEST).c \
+        $(EVPTEST).c $(DESTEST).c ${RC2TEST}.c ${RC4TEST}.c ${MD2TEST}.c \
+        ${MD4TEST}.c ${MD5TEST}.c
+CLEANFILES+=    $(BNTEST) $(ECTEST) $(HMACTEST) \
+        $(SHATEST) $(SHA1TEST) $(MDC2TEST) $(RMDTEST) \
+        $(RANDTEST) $(DHTEST) $(ENGINETEST) \
+        $(CASTTEST) $(EXPTEST) $(DSATEST) $(RSATEST) \
+        $(EVPTEST) $(DESTEST) ${RC2TEST} ${RC4TEST} ${MD2TEST} ${MD4TEST} \
+        ${MD5TEST}\
+CLEANFILES+= ${BNTEST}.out
+OTESTS= ${ENGINETEST}  \
+        ${EXPTEST} ${RANDTEST} \
+        ${MD2TEST} ${MD4TEST} ${MD5TEST} \
+        ${SHATEST} ${SHA1TEST} ${HMACTEST} ${RMDTEST} ${MDC2TEST} \
+        ${CASTTEST} ${RC2TEST} ${RC4TEST} ${DESTEST} \
+        ${DHTEST} ${DSATEST} ${RSATEST} \
+        ${ECTEST}
+${CLEAR1}: openssl.cnf
+        cat ${.CURDIR}/openssl.cnf > ${CLEAR1}
+CLEANFILES+=${CLEAR1}
+ENCTARGETS=rc4 des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb
+ENCTARGETS+=des-ecb des-ede des-ede3 desx des-cbc des-ede-cbc des-ede3-cbc
+ENCTARGETS+=rc2-ecb rc2-cfb rc2-ofb rc2-cbc bf-ecb bf-cfb bf-ofb bf-cbc rc4
+ENCTARGETS+=cast5-ecb cast5-cfb cast5-ofb cast5-cbc
+.for ENC in ${ENCTARGETS}
+${CIPHER}.${ENC}: ${CLEAR1}
+        ${OPENSSL} ${ENC} -bufsize 113 -e -k test < ${CLEAR1} > ${CIPHER}.${ENC}
+${CIPHER}.${ENC}.b64: ${CLEAR1}
+        ${OPENSSL} ${ENC} -bufsize 113 -a -e -k test < ${CLEAR1} > ${CIPHER}.${ENC}.b64
+${CLEAR2}.${ENC}: ${CIPHER}.${ENC}
+        ${OPENSSL} ${ENC} -bufsize 157 -d -k test < ${CIPHER}.${ENC} > ${CLEAR2}.${ENC}
+${CLEAR2}.${ENC}.b64: ${CIPHER}.${ENC}.b64
+        ${OPENSSL} ${ENC} -bufsize 157 -a -d -k test < ${CIPHER}.${ENC}.b64 > ${CLEAR2}.${ENC}.b64
+ssl-enc-${ENC}: ${CLEAR1} ${CLEAR2}.${ENC}
+        cmp ${CLEAR1} ${CLEAR2}.${ENC}
+ssl-enc-${ENC}.b64: ${CLEAR1} ${CLEAR2}.${ENC}.b64
+        cmp ${CLEAR1} ${CLEAR2}.${ENC}.b64
+REGRESS_TARGETS+=ssl-enc-${ENC} ssl-enc-${ENC}.b64
+CLEANFILES+=${CIPHER}.${ENC} ${CIPHER}.${ENC}.b64 ${CLEAR2}.${ENC} ${CLEAR2}.${ENC}.b64 e_os.h .rnd
+.endfor
+ssl-enc:
+        sh ${.CURDIR}/testenc.sh ${.OBJDIR} ${.CURDIR}
+ssl-dsa:
+        sh ${.CURDIR}/testdsa.sh ${.OBJDIR} ${.CURDIR}
+ssl-rsa:
+        sh ${.CURDIR}/testrsa.sh ${.OBJDIR} ${.CURDIR}
+e_os.h: ${.CURDIR}/../../../lib/libssl/src/e_os.h
+        cp ${.CURDIR}/../../../lib/libssl/src/e_os.h ${.OBJDIR}
+ossltests: ${OTESTS} ${BNTEST} ${EVPTEST}
+        @echo running ${BNTEST}, check ${.OBJDIR}/${BNTEST}.out if this fails.
+        ${.OBJDIR}/${BNTEST} > ${.OBJDIR}/${BNTEST}.out 2>&1
+.for OT in ${OTESTS}
+        @echo running ${OT}
+        ${.OBJDIR}/${OT} 
+.endfor
+        @echo running ${EVPTEST}
+        ${.OBJDIR}/${EVPTEST} ${.CURDIR}/../../../lib/libssl/src/crypto/evp/evptests.txt
+$(BNTEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/bn/bntest.c
+        cp ${.CURDIR}/../../../lib/libssl/src/crypto/bn/bntest.c ${.OBJDIR}
+$(BNTEST): ${BNTEST}.c e_os.h
+        cc -O -o $(BNTEST) ${BNTEST}.c -lcrypto
+$(EXPTEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/bn/exptest.c
+        cp ${.CURDIR}/../../../lib/libssl/src/crypto/bn/exptest.c ${.OBJDIR}
+$(EXPTEST): ${EXPTEST}.c e_os.h
+        cc -O -o $(EXPTEST) ${EXPTEST}.c -lcrypto
+$(ECTEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/ec/ectest.c
+        cp ${.CURDIR}/../../../lib/libssl/src/crypto/ec/ectest.c ${.OBJDIR}
+$(ECTEST): ${ECTEST}.c e_os.h
+        cc -O -o $(ECTEST) ${ECTEST}.c -lcrypto
+$(EVPTEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/evp/${EVPTEST}.c
+        cp ${.CURDIR}/../../../lib/libssl/src/crypto/evp/${EVPTEST}.c ${.OBJDIR}
+$(EVPTEST): ${EVPTEST}.c e_os.h
+        cc -O -o $(EVPTEST) ${EVPTEST}.c -lcrypto
+$(SHATEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/sha/${SHATEST}.c
+        cp ${.CURDIR}/../../../lib/libssl/src/crypto/sha/${SHATEST}.c ${.OBJDIR}
+$(SHATEST): ${SHATEST}.c e_os.h
+        cc -O -o $(SHATEST) ${SHATEST}.c -lcrypto
+$(SHA1TEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/sha/${SHA1TEST}.c
+        cp ${.CURDIR}/../../../lib/libssl/src/crypto/sha/${SHA1TEST}.c ${.OBJDIR}
+$(SHA1TEST): ${SHA1TEST}.c e_os.h
+        cc -O -o $(SHA1TEST) ${SHA1TEST}.c -lcrypto
+$(RANDTEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/rand/${RANDTEST}.c
+        cp ${.CURDIR}/../../../lib/libssl/src/crypto/rand/${RANDTEST}.c ${.OBJDIR}
+$(RANDTEST): ${RANDTEST}.c e_os.h
+        cc -O -o $(RANDTEST) ${RANDTEST}.c -lcrypto
+$(MDC2TEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/mdc2/${MDC2TEST}.c
+        cp ${.CURDIR}/../../../lib/libssl/src/crypto/mdc2/${MDC2TEST}.c ${.OBJDIR}
+$(MDC2TEST): ${MDC2TEST}.c e_os.h
+        cc -O -o $(MDC2TEST) ${MDC2TEST}.c -lcrypto
+$(RMDTEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/ripemd/${RMDTEST}.c
+        cp ${.CURDIR}/../../../lib/libssl/src/crypto/ripemd/${RMDTEST}.c ${.OBJDIR}
+$(RMDTEST): ${RMDTEST}.c e_os.h
+        cc -O -o $(RMDTEST) ${RMDTEST}.c -lcrypto
+$(DHTEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/dh/${DHTEST}.c
+        cp ${.CURDIR}/../../../lib/libssl/src/crypto/dh/${DHTEST}.c ${.OBJDIR}
+$(DHTEST): ${DHTEST}.c e_os.h
+        cc -O -o $(DHTEST) ${DHTEST}.c -lcrypto
+$(ENGINETEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/engine/${ENGINETEST}.c
+        cp ${.CURDIR}/../../../lib/libssl/src/crypto/engine/${ENGINETEST}.c ${.OBJDIR}
+$(ENGINETEST): ${ENGINETEST}.c e_os.h
+        cc -O -o $(ENGINETEST) ${ENGINETEST}.c -lcrypto
+$(CASTTEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/cast/${CASTTEST}.c
+        cp ${.CURDIR}/../../../lib/libssl/src/crypto/cast/${CASTTEST}.c ${.OBJDIR}
+$(CASTTEST): ${CASTTEST}.c e_os.h
+        cc -O -o $(CASTTEST) ${CASTTEST}.c -lcrypto
+$(RSATEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/rsa/${RSATEST}.c
+        cp ${.CURDIR}/../../../lib/libssl/src/crypto/rsa/${RSATEST}.c ${.OBJDIR}
+$(RSATEST): ${RSATEST}.c e_os.h
+        cc -O -o $(RSATEST) ${RSATEST}.c -lcrypto
+$(DSATEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/dsa/${DSATEST}.c
+        cp ${.CURDIR}/../../../lib/libssl/src/crypto/dsa/${DSATEST}.c ${.OBJDIR}
+$(DSATEST): ${DSATEST}.c e_os.h
+        cc -O -o $(DSATEST) ${DSATEST}.c -lcrypto
+$(HMACTEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/hmac/${HMACTEST}.c
+        cp ${.CURDIR}/../../../lib/libssl/src/crypto/hmac/${HMACTEST}.c ${.OBJDIR}
+$(HMACTEST): ${HMACTEST}.c e_os.h
+        cc -O -o $(HMACTEST) ${HMACTEST}.c -lcrypto
+$(DESTEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/des/${DESTEST}.c
+        cp ${.CURDIR}/../../../lib/libssl/src/crypto/des/${DESTEST}.c ${.OBJDIR}
+$(DESTEST): ${DESTEST}.c e_os.h
+        cc -O -o $(DESTEST) ${DESTEST}.c -lcrypto
+$(BFTEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/bf/${BFTEST}.c
+        cp ${.CURDIR}/../../../lib/libssl/src/crypto/bf/${BFTEST}.c ${.OBJDIR}
+$(BFTEST): ${BFTEST}.c e_os.h
+        cc -O -o $(BFTEST) ${BFTEST}.c -lcrypto
+$(RC2TEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/rc2/${RC2TEST}.c
+        cp ${.CURDIR}/../../../lib/libssl/src/crypto/rc2/${RC2TEST}.c ${.OBJDIR}
+$(RC2TEST): ${RC2TEST}.c e_os.h
+        cc -O -o $(RC2TEST) ${RC2TEST}.c -lcrypto
+$(RC4TEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/rc4/${RC4TEST}.c
+        cp ${.CURDIR}/../../../lib/libssl/src/crypto/rc4/${RC4TEST}.c ${.OBJDIR}
+$(RC4TEST): ${RC4TEST}.c e_os.h
+        cc -O -o $(RC4TEST) ${RC4TEST}.c -lcrypto
+$(MD2TEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/md2/${MD2TEST}.c
+        cp ${.CURDIR}/../../../lib/libssl/src/crypto/md2/${MD2TEST}.c ${.OBJDIR}
+$(MD2TEST): ${MD2TEST}.c e_os.h
+        cc -O -o $(MD2TEST) ${MD2TEST}.c -lcrypto
+$(MD4TEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/md4/${MD4TEST}.c
+        cp ${.CURDIR}/../../../lib/libssl/src/crypto/md4/${MD4TEST}.c ${.OBJDIR}
+$(MD4TEST): ${MD4TEST}.c e_os.h
+        cc -O -o $(MD4TEST) ${MD4TEST}.c -lcrypto
+$(MD5TEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/md5/${MD5TEST}.c
+        cp ${.CURDIR}/../../../lib/libssl/src/crypto/md5/${MD5TEST}.c ${.OBJDIR}
+$(MD5TEST): ${MD5TEST}.c e_os.h
+        cc -O -o $(MD5TEST) ${MD5TEST}.c -lcrypto
+.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/README b/src/regress/lib/libssl/README
new file mode 100644
index 0000000000..878feca400
--- /dev/null
+++ b/src/regress/lib/libssl/README
@@ -0,0 +1,6 @@
+testenc.sh tests encryption routines
+testdsa.sh tests DSA certificate generation
+test_server.sh starts a tls1 server using the above generated certificate
+test_client.sh starts a client to talk to the server.
+testrsa.sh tests RSA certificate generation
diff --git a/src/regress/lib/libssl/openssl.cnf b/src/regress/lib/libssl/openssl.cnf
new file mode 100644
index 0000000000..9b6cf400c6
--- /dev/null
+++ b/src/regress/lib/libssl/openssl.cnf
@@ -0,0 +1,29 @@
+#       $OpenBSD: openssl.cnf,v 1.2 2001/01/29 02:05:46 niklas Exp $
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# hacked by iang to do DSA certs - Server
+RANDFILE              = ./.rnd
+####################################################################
+[ req ]
+distinguished_name    = req_distinguished_name
+encrypt_rsa_key               = no
+[ req_distinguished_name ]
+countryName                   = Country Name (2 letter code)
+countryName_default           = CA
+countryName_value             = CA
+organizationName                = Organization Name (eg, company)
+organizationName_value          = Shake it Vera 
+0.commonName                  = Common Name (eg, YOUR name)
+0.commonName_value            = Wastelandus
+1.commonName                  = Common Name (eg, YOUR name)
+1.commonName_value            = Maximus
diff --git a/src/regress/lib/libssl/test_client.sh b/src/regress/lib/libssl/test_client.sh
new file mode 100644
index 0000000000..4f17fad80e
--- /dev/null
+++ b/src/regress/lib/libssl/test_client.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+#       $OpenBSD: test_client.sh,v 1.3 2001/01/29 02:05:48 niklas Exp $
+echo
+echo This starts a tls1 mode client to talk to the server run by 
+echo ./testserver.sh. You should start the server first. 
+echo
+echo type in this window after ssl negotiation and your output should
+echo be echoed by the server. 
+echo
+echo
+/usr/sbin/openssl s_client -tls1
diff --git a/src/regress/lib/libssl/test_server.sh b/src/regress/lib/libssl/test_server.sh
new file mode 100644
index 0000000000..a9e2c84d4f
--- /dev/null
+++ b/src/regress/lib/libssl/test_server.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+#       $OpenBSD: test_server.sh,v 1.3 2001/01/29 02:05:48 niklas Exp $
+echo This starts a tls1 mode server using the DSA certificate in ./server.pem
+echo Run ./testclient.sh in another window and type at it, you should 
+echo see the results of the ssl negotiation, and stuff you type in the client
+echo should echo in this window
+echo
+echo
+/usr/sbin/openssl s_server -tls1 -key testdsa.key -cert testdsa.pem
diff --git a/src/regress/lib/libssl/testdsa.sh b/src/regress/lib/libssl/testdsa.sh
new file mode 100644
index 0000000000..48526eec11
--- /dev/null
+++ b/src/regress/lib/libssl/testdsa.sh
@@ -0,0 +1,29 @@
+#!/bin/sh
+#       $OpenBSD: testdsa.sh,v 1.4 2001/01/29 02:05:48 niklas Exp $
+#Test DSA certificate generation of openssl
+cd $1
+# Generate DSA paramter set
+openssl dsaparam 512 -out dsa512.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+# Denerate a DSA certificate
+openssl req -config $2/openssl.cnf -x509 -newkey dsa:dsa512.pem -out testdsa.pem -keyout testdsa.key
+if [ $? != 0 ]; then
+        exit 1;
+fi
+# Now check the certificate
+openssl x509 -text -in testdsa.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+exit 0
diff --git a/src/regress/lib/libssl/testenc.sh b/src/regress/lib/libssl/testenc.sh
new file mode 100644
index 0000000000..355e9cd923
--- /dev/null
+++ b/src/regress/lib/libssl/testenc.sh
@@ -0,0 +1,70 @@
+#!/bin/sh
+#       $OpenBSD: testenc.sh,v 1.6 2002/01/15 18:51:39 art Exp $
+testsrc=$2/openssl.cnf
+test=$1/p
+cmd=/usr/sbin/openssl
+cd $1
+cat $testsrc >$test;
+echo cat
+$cmd enc < $test > $test.cipher
+$cmd enc < $test.cipher >$test.clear
+cmp $test $test.clear
+if [ $? != 0 ]
+then
+        exit 1
+else
+        /bin/rm $test.cipher $test.clear
+fi
+echo base64
+$cmd enc -a -e < $test > $test.cipher
+$cmd enc -a -d < $test.cipher >$test.clear
+cmp $test $test.clear
+if [ $? != 0 ]
+then
+        exit 1
+else
+        /bin/rm $test.cipher $test.clear
+fi
+/bin/rm -f $test
+exit 0
+# These tests are now done by the makefile.
+for i in rc4 \
+        des-cfb des-ede-cfb des-ede3-cfb \
+        des-ofb des-ede-ofb des-ede3-ofb \
+        des-ecb des-ede des-ede3 desx \
+        des-cbc des-ede-cbc des-ede3-cbc \
+        rc2-ecb rc2-cfb rc2-ofb rc2-cbc \
+        bf-ecb bf-cfb bf-ofb bf-cbc rc4 \
+        cast5-ecb cast5-cfb cast5-ofb cast5-cbc
+do
+        echo $i
+        $cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher
+        $cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear
+        cmp $test $test.$i.clear
+        if [ $? != 0 ]
+        then
+                exit 1
+        else
+                /bin/rm $test.$i.cipher $test.$i.clear
+        fi
+        echo $i base64
+        $cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher
+        $cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
+        cmp $test $test.$i.clear
+        if [ $? != 0 ]
+        then
+                exit 1
+        else
+                /bin/rm $test.$i.cipher $test.$i.clear
+        fi
+done
+rm -f $test
diff --git a/src/regress/lib/libssl/testrsa.sh b/src/regress/lib/libssl/testrsa.sh
new file mode 100644
index 0000000000..17c6abf7ce
--- /dev/null
+++ b/src/regress/lib/libssl/testrsa.sh
@@ -0,0 +1,29 @@
+#!/bin/sh
+#       $OpenBSD: testrsa.sh,v 1.6 2002/01/02 15:13:18 art Exp $
+#Test RSA certificate generation of openssl
+cd $1
+# Generate RSA private key
+openssl genrsa -out rsakey.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+# Generate an RSA certificate
+openssl req -config $2/openssl.cnf -key rsakey.pem -new -x509 -days 365 -out rsacert.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+# Now check the certificate
+openssl x509 -text -in rsacert.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+exit 0

diff --git a/src/regress/lib/libssl/Makefile b/src/regress/lib/libssl/Makefile new file mode 100644 index 0000000000..85608b9679 --- /dev/null +++ b/src/regress/lib/libssl/Makefile
@@ -0,0 +1,237 @@
	1	# $OpenBSD: Makefile,v 1.9 2002/09/02 20:01:43 avsm Exp $
	2
	3	CLEANFILES+= testdsa.key testdsa.pem rsakey.pem rsacert.pem dsa512.pem
	4
	5	REGRESS_TARGETS=ossltests ssl-enc ssl-dsa ssl-rsa
	6
	7	OPENSSL=/usr/sbin/openssl
	8	CLEAR1=p
	9	CIPHER=cipher
	10	CLEAR2=clear
	11
	12	BNTEST= bntest
	13	ECTEST= ectest
	14	EXPTEST= exptest
	15	SHATEST= shatest
	16	SHA1TEST= sha1test
	17	MDC2TEST= mdc2test
	18	RMDTEST= rmdtest
	19	MD2TEST= md2test
	20	MD4TEST= md4test
	21	MD5TEST= md5test
	22	HMACTEST= hmactest
	23	RC2TEST= rc2test
	24	RC4TEST= rc4test
	25	BFTEST= bftest
	26	CASTTEST= casttest
	27	DESTEST= destest
	28	RANDTEST= randtest
	29	DHTEST= dhtest
	30	DSATEST= dsatest
	31	RSATEST= rsa_test
	32	ENGINETEST= enginetest
	33	EVPTEST= evp_test
	34
	35
	36	CLEANFILES+= $(BNTEST).c $(ECTEST).c $(HMACTEST).c \
	37	$(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
	38	$(RANDTEST).c $(DHTEST).c $(ENGINETEST).c \
	39	$(CASTTEST).c $(EXPTEST).c $(DSATEST).c $(RSATEST).c \
	40	$(EVPTEST).c $(DESTEST).c ${RC2TEST}.c ${RC4TEST}.c ${MD2TEST}.c \
	41	${MD4TEST}.c ${MD5TEST}.c
	42
	43	CLEANFILES+= $(BNTEST) $(ECTEST) $(HMACTEST) \
	44	$(SHATEST) $(SHA1TEST) $(MDC2TEST) $(RMDTEST) \
	45	$(RANDTEST) $(DHTEST) $(ENGINETEST) \
	46	$(CASTTEST) $(EXPTEST) $(DSATEST) $(RSATEST) \
	47	$(EVPTEST) $(DESTEST) ${RC2TEST} ${RC4TEST} ${MD2TEST} ${MD4TEST} \
	48	${MD5TEST}\
	49
	50	CLEANFILES+= ${BNTEST}.out
	51
	52	OTESTS= ${ENGINETEST} \
	53	${EXPTEST} ${RANDTEST} \
	54	${MD2TEST} ${MD4TEST} ${MD5TEST} \
	55	${SHATEST} ${SHA1TEST} ${HMACTEST} ${RMDTEST} ${MDC2TEST} \
	56	${CASTTEST} ${RC2TEST} ${RC4TEST} ${DESTEST} \
	57	${DHTEST} ${DSATEST} ${RSATEST} \
	58	${ECTEST}
	59
	60	${CLEAR1}: openssl.cnf
	61	cat ${.CURDIR}/openssl.cnf > ${CLEAR1}
	62
	63	CLEANFILES+=${CLEAR1}
	64
	65	ENCTARGETS=rc4 des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb
	66	ENCTARGETS+=des-ecb des-ede des-ede3 desx des-cbc des-ede-cbc des-ede3-cbc
	67	ENCTARGETS+=rc2-ecb rc2-cfb rc2-ofb rc2-cbc bf-ecb bf-cfb bf-ofb bf-cbc rc4
	68	ENCTARGETS+=cast5-ecb cast5-cfb cast5-ofb cast5-cbc
	69
	70	.for ENC in ${ENCTARGETS}
	71	${CIPHER}.${ENC}: ${CLEAR1}
	72	${OPENSSL} ${ENC} -bufsize 113 -e -k test < ${CLEAR1} > ${CIPHER}.${ENC}
	73	${CIPHER}.${ENC}.b64: ${CLEAR1}
	74	${OPENSSL} ${ENC} -bufsize 113 -a -e -k test < ${CLEAR1} > ${CIPHER}.${ENC}.b64
	75
	76	${CLEAR2}.${ENC}: ${CIPHER}.${ENC}
	77	${OPENSSL} ${ENC} -bufsize 157 -d -k test < ${CIPHER}.${ENC} > ${CLEAR2}.${ENC}
	78	${CLEAR2}.${ENC}.b64: ${CIPHER}.${ENC}.b64
	79	${OPENSSL} ${ENC} -bufsize 157 -a -d -k test < ${CIPHER}.${ENC}.b64 > ${CLEAR2}.${ENC}.b64
	80
	81	ssl-enc-${ENC}: ${CLEAR1} ${CLEAR2}.${ENC}
	82	cmp ${CLEAR1} ${CLEAR2}.${ENC}
	83	ssl-enc-${ENC}.b64: ${CLEAR1} ${CLEAR2}.${ENC}.b64
	84	cmp ${CLEAR1} ${CLEAR2}.${ENC}.b64
	85
	86	REGRESS_TARGETS+=ssl-enc-${ENC} ssl-enc-${ENC}.b64
	87	CLEANFILES+=${CIPHER}.${ENC} ${CIPHER}.${ENC}.b64 ${CLEAR2}.${ENC} ${CLEAR2}.${ENC}.b64 e_os.h .rnd
	88	.endfor
	89
	90	ssl-enc:
	91	sh ${.CURDIR}/testenc.sh ${.OBJDIR} ${.CURDIR}
	92	ssl-dsa:
	93	sh ${.CURDIR}/testdsa.sh ${.OBJDIR} ${.CURDIR}
	94	ssl-rsa:
	95	sh ${.CURDIR}/testrsa.sh ${.OBJDIR} ${.CURDIR}
	96
	97	e_os.h: ${.CURDIR}/../../../lib/libssl/src/e_os.h
	98	cp ${.CURDIR}/../../../lib/libssl/src/e_os.h ${.OBJDIR}
	99
	100	ossltests: ${OTESTS} ${BNTEST} ${EVPTEST}
	101	@echo running ${BNTEST}, check ${.OBJDIR}/${BNTEST}.out if this fails.
	102	${.OBJDIR}/${BNTEST} > ${.OBJDIR}/${BNTEST}.out 2>&1
	103	.for OT in ${OTESTS}
	104	@echo running ${OT}
	105	${.OBJDIR}/${OT}
	106	.endfor
	107	@echo running ${EVPTEST}
	108	${.OBJDIR}/${EVPTEST} ${.CURDIR}/../../../lib/libssl/src/crypto/evp/evptests.txt
	109
	110	$(BNTEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/bn/bntest.c
	111	cp ${.CURDIR}/../../../lib/libssl/src/crypto/bn/bntest.c ${.OBJDIR}
	112
	113	$(BNTEST): ${BNTEST}.c e_os.h
	114	cc -O -o $(BNTEST) ${BNTEST}.c -lcrypto
	115
	116	$(EXPTEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/bn/exptest.c
	117	cp ${.CURDIR}/../../../lib/libssl/src/crypto/bn/exptest.c ${.OBJDIR}
	118
	119	$(EXPTEST): ${EXPTEST}.c e_os.h
	120	cc -O -o $(EXPTEST) ${EXPTEST}.c -lcrypto
	121
	122	$(ECTEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/ec/ectest.c
	123	cp ${.CURDIR}/../../../lib/libssl/src/crypto/ec/ectest.c ${.OBJDIR}
	124
	125	$(ECTEST): ${ECTEST}.c e_os.h
	126	cc -O -o $(ECTEST) ${ECTEST}.c -lcrypto
	127
	128	$(EVPTEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/evp/${EVPTEST}.c
	129	cp ${.CURDIR}/../../../lib/libssl/src/crypto/evp/${EVPTEST}.c ${.OBJDIR}
	130	$(EVPTEST): ${EVPTEST}.c e_os.h
	131	cc -O -o $(EVPTEST) ${EVPTEST}.c -lcrypto
	132
	133	$(SHATEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/sha/${SHATEST}.c
	134	cp ${.CURDIR}/../../../lib/libssl/src/crypto/sha/${SHATEST}.c ${.OBJDIR}
	135	$(SHATEST): ${SHATEST}.c e_os.h
	136	cc -O -o $(SHATEST) ${SHATEST}.c -lcrypto
	137
	138	$(SHA1TEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/sha/${SHA1TEST}.c
	139	cp ${.CURDIR}/../../../lib/libssl/src/crypto/sha/${SHA1TEST}.c ${.OBJDIR}
	140	$(SHA1TEST): ${SHA1TEST}.c e_os.h
	141	cc -O -o $(SHA1TEST) ${SHA1TEST}.c -lcrypto
	142
	143	$(RANDTEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/rand/${RANDTEST}.c
	144	cp ${.CURDIR}/../../../lib/libssl/src/crypto/rand/${RANDTEST}.c ${.OBJDIR}
	145	$(RANDTEST): ${RANDTEST}.c e_os.h
	146	cc -O -o $(RANDTEST) ${RANDTEST}.c -lcrypto
	147
	148	$(MDC2TEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/mdc2/${MDC2TEST}.c
	149	cp ${.CURDIR}/../../../lib/libssl/src/crypto/mdc2/${MDC2TEST}.c ${.OBJDIR}
	150	$(MDC2TEST): ${MDC2TEST}.c e_os.h
	151	cc -O -o $(MDC2TEST) ${MDC2TEST}.c -lcrypto
	152
	153	$(RMDTEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/ripemd/${RMDTEST}.c
	154	cp ${.CURDIR}/../../../lib/libssl/src/crypto/ripemd/${RMDTEST}.c ${.OBJDIR}
	155	$(RMDTEST): ${RMDTEST}.c e_os.h
	156	cc -O -o $(RMDTEST) ${RMDTEST}.c -lcrypto
	157
	158	$(DHTEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/dh/${DHTEST}.c
	159	cp ${.CURDIR}/../../../lib/libssl/src/crypto/dh/${DHTEST}.c ${.OBJDIR}
	160
	161	$(DHTEST): ${DHTEST}.c e_os.h
	162	cc -O -o $(DHTEST) ${DHTEST}.c -lcrypto
	163
	164	$(ENGINETEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/engine/${ENGINETEST}.c
	165	cp ${.CURDIR}/../../../lib/libssl/src/crypto/engine/${ENGINETEST}.c ${.OBJDIR}
	166
	167	$(ENGINETEST): ${ENGINETEST}.c e_os.h
	168	cc -O -o $(ENGINETEST) ${ENGINETEST}.c -lcrypto
	169
	170	$(CASTTEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/cast/${CASTTEST}.c
	171	cp ${.CURDIR}/../../../lib/libssl/src/crypto/cast/${CASTTEST}.c ${.OBJDIR}
	172
	173	$(CASTTEST): ${CASTTEST}.c e_os.h
	174	cc -O -o $(CASTTEST) ${CASTTEST}.c -lcrypto
	175
	176	$(RSATEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/rsa/${RSATEST}.c
	177	cp ${.CURDIR}/../../../lib/libssl/src/crypto/rsa/${RSATEST}.c ${.OBJDIR}
	178
	179	$(RSATEST): ${RSATEST}.c e_os.h
	180	cc -O -o $(RSATEST) ${RSATEST}.c -lcrypto
	181
	182	$(DSATEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/dsa/${DSATEST}.c
	183	cp ${.CURDIR}/../../../lib/libssl/src/crypto/dsa/${DSATEST}.c ${.OBJDIR}
	184
	185	$(DSATEST): ${DSATEST}.c e_os.h
	186	cc -O -o $(DSATEST) ${DSATEST}.c -lcrypto
	187
	188
	189	$(HMACTEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/hmac/${HMACTEST}.c
	190	cp ${.CURDIR}/../../../lib/libssl/src/crypto/hmac/${HMACTEST}.c ${.OBJDIR}
	191
	192	$(HMACTEST): ${HMACTEST}.c e_os.h
	193	cc -O -o $(HMACTEST) ${HMACTEST}.c -lcrypto
	194
	195	$(DESTEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/des/${DESTEST}.c
	196	cp ${.CURDIR}/../../../lib/libssl/src/crypto/des/${DESTEST}.c ${.OBJDIR}
	197
	198	$(DESTEST): ${DESTEST}.c e_os.h
	199	cc -O -o $(DESTEST) ${DESTEST}.c -lcrypto
	200
	201	$(BFTEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/bf/${BFTEST}.c
	202	cp ${.CURDIR}/../../../lib/libssl/src/crypto/bf/${BFTEST}.c ${.OBJDIR}
	203
	204	$(BFTEST): ${BFTEST}.c e_os.h
	205	cc -O -o $(BFTEST) ${BFTEST}.c -lcrypto
	206
	207	$(RC2TEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/rc2/${RC2TEST}.c
	208	cp ${.CURDIR}/../../../lib/libssl/src/crypto/rc2/${RC2TEST}.c ${.OBJDIR}
	209
	210	$(RC2TEST): ${RC2TEST}.c e_os.h
	211	cc -O -o $(RC2TEST) ${RC2TEST}.c -lcrypto
	212
	213	$(RC4TEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/rc4/${RC4TEST}.c
	214	cp ${.CURDIR}/../../../lib/libssl/src/crypto/rc4/${RC4TEST}.c ${.OBJDIR}
	215
	216	$(RC4TEST): ${RC4TEST}.c e_os.h
	217	cc -O -o $(RC4TEST) ${RC4TEST}.c -lcrypto
	218
	219	$(MD2TEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/md2/${MD2TEST}.c
	220	cp ${.CURDIR}/../../../lib/libssl/src/crypto/md2/${MD2TEST}.c ${.OBJDIR}
	221
	222	$(MD2TEST): ${MD2TEST}.c e_os.h
	223	cc -O -o $(MD2TEST) ${MD2TEST}.c -lcrypto
	224
	225	$(MD4TEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/md4/${MD4TEST}.c
	226	cp ${.CURDIR}/../../../lib/libssl/src/crypto/md4/${MD4TEST}.c ${.OBJDIR}
	227
	228	$(MD4TEST): ${MD4TEST}.c e_os.h
	229	cc -O -o $(MD4TEST) ${MD4TEST}.c -lcrypto
	230
	231	$(MD5TEST).c: ${.CURDIR}/../../../lib/libssl/src/crypto/md5/${MD5TEST}.c
	232	cp ${.CURDIR}/../../../lib/libssl/src/crypto/md5/${MD5TEST}.c ${.OBJDIR}
	233
	234	$(MD5TEST): ${MD5TEST}.c e_os.h
	235	cc -O -o $(MD5TEST) ${MD5TEST}.c -lcrypto
	236
	237	.include <bsd.regress.mk>


diff --git a/src/regress/lib/libssl/README b/src/regress/lib/libssl/README new file mode 100644 index 0000000000..878feca400 --- /dev/null +++ b/src/regress/lib/libssl/README
@@ -0,0 +1,6 @@
	1	testenc.sh tests encryption routines
	2	testdsa.sh tests DSA certificate generation
	3	test_server.sh starts a tls1 server using the above generated certificate
	4	test_client.sh starts a client to talk to the server.
	5	testrsa.sh tests RSA certificate generation
	6


diff --git a/src/regress/lib/libssl/openssl.cnf b/src/regress/lib/libssl/openssl.cnf new file mode 100644 index 0000000000..9b6cf400c6 --- /dev/null +++ b/src/regress/lib/libssl/openssl.cnf
@@ -0,0 +1,29 @@
	1	# $OpenBSD: openssl.cnf,v 1.2 2001/01/29 02:05:46 niklas Exp $
	2
	3	#
	4	# SSLeay example configuration file.
	5	# This is mostly being used for generation of certificate requests.
	6	#
	7	# hacked by iang to do DSA certs - Server
	8
	9	RANDFILE = ./.rnd
	10
	11	####################################################################
	12	[ req ]
	13	distinguished_name = req_distinguished_name
	14	encrypt_rsa_key = no
	15
	16	[ req_distinguished_name ]
	17	countryName = Country Name (2 letter code)
	18	countryName_default = CA
	19	countryName_value = CA
	20
	21	organizationName = Organization Name (eg, company)
	22	organizationName_value = Shake it Vera
	23
	24	0.commonName = Common Name (eg, YOUR name)
	25	0.commonName_value = Wastelandus
	26
	27	1.commonName = Common Name (eg, YOUR name)
	28	1.commonName_value = Maximus
	29


diff --git a/src/regress/lib/libssl/test_client.sh b/src/regress/lib/libssl/test_client.sh new file mode 100644 index 0000000000..4f17fad80e --- /dev/null +++ b/src/regress/lib/libssl/test_client.sh
@@ -0,0 +1,13 @@
	1	#!/bin/sh
	2	# $OpenBSD: test_client.sh,v 1.3 2001/01/29 02:05:48 niklas Exp $
	3
	4
	5	echo
	6	echo This starts a tls1 mode client to talk to the server run by
	7	echo ./testserver.sh. You should start the server first.
	8	echo
	9	echo type in this window after ssl negotiation and your output should
	10	echo be echoed by the server.
	11	echo
	12	echo
	13	/usr/sbin/openssl s_client -tls1


diff --git a/src/regress/lib/libssl/test_server.sh b/src/regress/lib/libssl/test_server.sh new file mode 100644 index 0000000000..a9e2c84d4f --- /dev/null +++ b/src/regress/lib/libssl/test_server.sh
@@ -0,0 +1,11 @@
	1	#!/bin/sh
	2	# $OpenBSD: test_server.sh,v 1.3 2001/01/29 02:05:48 niklas Exp $
	3
	4
	5	echo This starts a tls1 mode server using the DSA certificate in ./server.pem
	6	echo Run ./testclient.sh in another window and type at it, you should
	7	echo see the results of the ssl negotiation, and stuff you type in the client
	8	echo should echo in this window
	9	echo
	10	echo
	11	/usr/sbin/openssl s_server -tls1 -key testdsa.key -cert testdsa.pem


diff --git a/src/regress/lib/libssl/testdsa.sh b/src/regress/lib/libssl/testdsa.sh new file mode 100644 index 0000000000..48526eec11 --- /dev/null +++ b/src/regress/lib/libssl/testdsa.sh
@@ -0,0 +1,29 @@
	1	#!/bin/sh
	2	# $OpenBSD: testdsa.sh,v 1.4 2001/01/29 02:05:48 niklas Exp $
	3
	4
	5	#Test DSA certificate generation of openssl
	6
	7	cd $1
	8
	9	# Generate DSA paramter set
	10	openssl dsaparam 512 -out dsa512.pem
	11	if [ $? != 0 ]; then
	12	exit 1;
	13	fi
	14
	15
	16	# Denerate a DSA certificate
	17	openssl req -config $2/openssl.cnf -x509 -newkey dsa:dsa512.pem -out testdsa.pem -keyout testdsa.key
	18	if [ $? != 0 ]; then
	19	exit 1;
	20	fi
	21
	22
	23	# Now check the certificate
	24	openssl x509 -text -in testdsa.pem
	25	if [ $? != 0 ]; then
	26	exit 1;
	27	fi
	28
	29	exit 0


diff --git a/src/regress/lib/libssl/testenc.sh b/src/regress/lib/libssl/testenc.sh new file mode 100644 index 0000000000..355e9cd923 --- /dev/null +++ b/src/regress/lib/libssl/testenc.sh
@@ -0,0 +1,70 @@
	1	#!/bin/sh
	2	# $OpenBSD: testenc.sh,v 1.6 2002/01/15 18:51:39 art Exp $
	3
	4
	5	testsrc=$2/openssl.cnf
	6	test=$1/p
	7	cmd=/usr/sbin/openssl
	8
	9	cd $1
	10
	11	cat $testsrc >$test;
	12
	13	echo cat
	14	$cmd enc < $test > $test.cipher
	15	$cmd enc < $test.cipher >$test.clear
	16	cmp $test $test.clear
	17	if [ $? != 0 ]
	18	then
	19	exit 1
	20	else
	21	/bin/rm $test.cipher $test.clear
	22	fi
	23	echo base64
	24	$cmd enc -a -e < $test > $test.cipher
	25	$cmd enc -a -d < $test.cipher >$test.clear
	26	cmp $test $test.clear
	27	if [ $? != 0 ]
	28	then
	29	exit 1
	30	else
	31	/bin/rm $test.cipher $test.clear
	32	fi
	33
	34	/bin/rm -f $test
	35	exit 0
	36
	37	# These tests are now done by the makefile.
	38
	39	for i in rc4 \
	40	des-cfb des-ede-cfb des-ede3-cfb \
	41	des-ofb des-ede-ofb des-ede3-ofb \
	42	des-ecb des-ede des-ede3 desx \
	43	des-cbc des-ede-cbc des-ede3-cbc \
	44	rc2-ecb rc2-cfb rc2-ofb rc2-cbc \
	45	bf-ecb bf-cfb bf-ofb bf-cbc rc4 \
	46	cast5-ecb cast5-cfb cast5-ofb cast5-cbc
	47	do
	48	echo $i
	49	$cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher
	50	$cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear
	51	cmp $test $test.$i.clear
	52	if [ $? != 0 ]
	53	then
	54	exit 1
	55	else
	56	/bin/rm $test.$i.cipher $test.$i.clear
	57	fi
	58
	59	echo $i base64
	60	$cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher
	61	$cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
	62	cmp $test $test.$i.clear
	63	if [ $? != 0 ]
	64	then
	65	exit 1
	66	else
	67	/bin/rm $test.$i.cipher $test.$i.clear
	68	fi
	69	done
	70	rm -f $test


diff --git a/src/regress/lib/libssl/testrsa.sh b/src/regress/lib/libssl/testrsa.sh new file mode 100644 index 0000000000..17c6abf7ce --- /dev/null +++ b/src/regress/lib/libssl/testrsa.sh
@@ -0,0 +1,29 @@
	1	#!/bin/sh
	2	# $OpenBSD: testrsa.sh,v 1.6 2002/01/02 15:13:18 art Exp $
	3
	4
	5	#Test RSA certificate generation of openssl
	6
	7	cd $1
	8
	9	# Generate RSA private key
	10	openssl genrsa -out rsakey.pem
	11	if [ $? != 0 ]; then
	12	exit 1;
	13	fi
	14
	15
	16	# Generate an RSA certificate
	17	openssl req -config $2/openssl.cnf -key rsakey.pem -new -x509 -days 365 -out rsacert.pem
	18	if [ $? != 0 ]; then
	19	exit 1;
	20	fi
	21
	22
	23	# Now check the certificate
	24	openssl x509 -text -in rsacert.pem
	25	if [ $? != 0 ]; then
	26	exit 1;
	27	fi
	28
	29	exit 0