8 files changed, 464 insertions, 0 deletions
diff --git a/src/regress/lib/libssl/Makefile b/src/regress/lib/libssl/Makefile
new file mode 100644
index 0000000000..2a5fbb4119
--- /dev/null
+++ b/src/regress/lib/libssl/Makefile
@@ -0,0 +1,277 @@
+#       $OpenBSD: Makefile,v 1.13 2008/09/06 12:21:54 djm Exp $
+CLEANFILES+= testdsa.key testdsa.pem rsakey.pem rsacert.pem dsa512.pem
+REGRESS_TARGETS=ossltests ssl-enc ssl-dsa ssl-rsa 
+OPENSSL=/usr/sbin/openssl
+CLEAR1=p
+CIPHER=cipher
+CLEAR2=clear
+LIBCRYPTO=-lcrypto
+BFTEST=         bftest
+BNTEST=         bntest
+CASTTEST=       casttest
+DESTEST=        destest
+DHTEST=         dhtest
+DSATEST=        dsatest
+ECDHTEST=       ecdhtest
+ECDSATEST=      ecdsatest
+ECTEST=         ectest
+ENGINETEST=     enginetest
+EVPTEST=        evp_test
+EXPTEST=        exptest
+HMACTEST=       hmactest
+IGETEST=        igetest
+MD2TEST=        md2test
+MD4TEST=        md4test
+MD5TEST=        md5test
+RANDTEST=       randtest
+RC2TEST=        rc2test
+RC4TEST=        rc4test
+RMDTEST=        rmdtest
+RSATEST=        rsa_test
+SHA1TEST=       sha1test
+SHA256TEST=     sha256t
+SHA512TEST=     sha512t
+SHATEST=        shatest
+SSLDIR= ${.CURDIR}/../../../lib/libssl/src/crypto
+CFLAGS= -O -g -Wall -I${SSLDIR} -I${SSLDIR}/..
+CLEANFILES+=    $(BNTEST).c $(ECTEST).c $(HMACTEST).c \
+        $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
+        $(RANDTEST).c $(DHTEST).c $(ENGINETEST).c \
+        $(CASTTEST).c $(EXPTEST).c $(DSATEST).c $(RSATEST).c \
+        $(EVPTEST).c $(DESTEST).c ${RC2TEST}.c ${RC4TEST}.c ${MD2TEST}.c \
+        ${MD4TEST}.c ${MD5TEST}.c ${BFTEST}.c ${ECDHTEST}.c ${ECDSATEST}.c \
+        ${IGETEST}.c ${SHA256TEST}.c ${SHA512TEST}.c
+CLEANFILES+=    $(BNTEST) $(ECTEST) $(HMACTEST) \
+        $(SHATEST) $(SHA1TEST) $(MDC2TEST) $(RMDTEST) \
+        $(RANDTEST) $(DHTEST) $(ENGINETEST) \
+        $(CASTTEST) $(EXPTEST) $(DSATEST) $(RSATEST) \
+        $(EVPTEST) $(DESTEST) ${RC2TEST} ${RC4TEST} ${MD2TEST} ${MD4TEST} \
+        ${MD5TEST} ${BFTEST} ${ECDHTEST} ${ECDSATEST} ${IGETEST} \
+        ${SHA256TEST} ${SHA512TEST}
+CLEANFILES+= ${BNTEST}.out
+OTESTS= ${ENGINETEST}  \
+        ${EXPTEST} ${RANDTEST} \
+        ${MD2TEST} ${MD4TEST} ${MD5TEST} \
+        ${SHATEST} ${SHA1TEST} ${HMACTEST} ${RMDTEST} ${MDC2TEST} \
+        ${CASTTEST} ${BFTEST} ${RC2TEST} ${RC4TEST} ${DESTEST} \
+        ${DHTEST} ${DSATEST} ${RSATEST} \
+        ${ECTEST} ${ECDHTEST} ${ECDSATEST} $(IGETEST) \
+        $(SHA256TEST) $(SHA512TEST)
+${CLEAR1}: openssl.cnf
+        cat ${.CURDIR}/openssl.cnf > ${CLEAR1}
+CLEANFILES+=${CLEAR1}
+ENCTARGETS=aes-128-cbc aes-128-cfb aes-128-cfb1 aes-128-cfb8
+ENCTARGETS+=aes-128-ecb aes-128-ofb aes-192-cbc aes-192-cfb
+ENCTARGETS+=aes-192-cfb1 aes-192-cfb8 aes-192-ecb aes-192-ofb
+ENCTARGETS+=aes-256-cbc aes-256-cfb aes-256-cfb1 aes-256-cfb8
+ENCTARGETS+=aes-256-ecb aes-256-ofb
+ENCTARGETS+=bf-cbc bf-cfb bf-ecb bf-ofb
+ENCTARGETS+=cast-cbc cast5-cbc cast5-cfb cast5-ecb cast5-ofb
+ENCTARGETS+=des-cbc des-cfb des-cfb8 des-ecb des-ede
+ENCTARGETS+=des-ede-cbc des-ede-cfb des-ede-ofb des-ede3
+ENCTARGETS+=des-ede3-cbc des-ede3-cfb des-ede3-ofb des-ofb desx-cbc
+ENCTARGETS+=rc2-40-cbc rc2-64-cbc rc2-cbc rc2-cfb rc2-ecb rc2-ofb
+ENCTARGETS+=rc4 rc4-40
+.for ENC in ${ENCTARGETS}
+${CIPHER}.${ENC}: ${CLEAR1}
+        ${OPENSSL} enc -${ENC} -bufsize 113 -e -k test < ${CLEAR1} > ${CIPHER}.${ENC}
+${CIPHER}.${ENC}.b64: ${CLEAR1}
+        ${OPENSSL} enc -${ENC} -bufsize 113 -a -e -k test < ${CLEAR1} > ${CIPHER}.${ENC}.b64
+${CLEAR2}.${ENC}: ${CIPHER}.${ENC}
+        ${OPENSSL} enc -${ENC} -bufsize 157 -d -k test < ${CIPHER}.${ENC} > ${CLEAR2}.${ENC}
+${CLEAR2}.${ENC}.b64: ${CIPHER}.${ENC}.b64
+        ${OPENSSL} enc -${ENC} -bufsize 157 -a -d -k test < ${CIPHER}.${ENC}.b64 > ${CLEAR2}.${ENC}.b64
+ssl-enc-${ENC}: ${CLEAR1} ${CLEAR2}.${ENC}
+        cmp ${CLEAR1} ${CLEAR2}.${ENC}
+ssl-enc-${ENC}.b64: ${CLEAR1} ${CLEAR2}.${ENC}.b64
+        cmp ${CLEAR1} ${CLEAR2}.${ENC}.b64
+REGRESS_TARGETS+=ssl-enc-${ENC} ssl-enc-${ENC}.b64
+CLEANFILES+=${CIPHER}.${ENC} ${CIPHER}.${ENC}.b64 ${CLEAR2}.${ENC} ${CLEAR2}.${ENC}.b64 .rnd
+.endfor
+ssl-enc:
+        sh ${.CURDIR}/testenc.sh ${.OBJDIR} ${.CURDIR}
+ssl-dsa:
+        sh ${.CURDIR}/testdsa.sh ${.OBJDIR} ${.CURDIR}
+ssl-rsa:
+        sh ${.CURDIR}/testrsa.sh ${.OBJDIR} ${.CURDIR}
+ossltests: ${OTESTS} ${BNTEST} ${EVPTEST}
+        @echo running ${BNTEST}, check ${.OBJDIR}/${BNTEST}.out if this fails.
+        ${.OBJDIR}/${BNTEST} > ${.OBJDIR}/${BNTEST}.out 2>&1
+.for OT in ${OTESTS}
+        @echo running ${OT}
+        ${.OBJDIR}/${OT} 
+.endfor
+        @echo running ${EVPTEST}
+        ${.OBJDIR}/${EVPTEST} ${SSLDIR}/evp/evptests.txt
+$(BNTEST).c: ${SSLDIR}/bn/bntest.c
+        cp ${SSLDIR}/bn/bntest.c ${.OBJDIR}
+$(BNTEST): ${BNTEST}.c
+        cc ${CFLAGS} -o $(BNTEST) ${BNTEST}.c $(LIBCRYPTO)
+$(EXPTEST).c: ${SSLDIR}/bn/exptest.c
+        cp ${SSLDIR}/bn/exptest.c ${.OBJDIR}
+$(EXPTEST): ${EXPTEST}.c
+        cc ${CFLAGS} -o $(EXPTEST) ${EXPTEST}.c $(LIBCRYPTO)
+$(ECTEST).c: ${SSLDIR}/ec/ectest.c
+        cp ${SSLDIR}/ec/ectest.c ${.OBJDIR}
+$(ECTEST): ${ECTEST}.c
+        cc ${CFLAGS} -o $(ECTEST) ${ECTEST}.c $(LIBCRYPTO)
+$(EVPTEST).c: ${SSLDIR}/evp/${EVPTEST}.c
+        cp ${SSLDIR}/evp/${EVPTEST}.c ${.OBJDIR}
+$(EVPTEST): ${EVPTEST}.c
+        cc ${CFLAGS} -o $(EVPTEST) ${EVPTEST}.c $(LIBCRYPTO)
+$(SHATEST).c: ${SSLDIR}/sha/${SHATEST}.c
+        cp ${SSLDIR}/sha/${SHATEST}.c ${.OBJDIR}
+$(SHATEST): ${SHATEST}.c
+        cc ${CFLAGS} -o $(SHATEST) ${SHATEST}.c $(LIBCRYPTO)
+$(SHA1TEST).c: ${SSLDIR}/sha/${SHA1TEST}.c
+        cp ${SSLDIR}/sha/${SHA1TEST}.c ${.OBJDIR}
+$(SHA1TEST): ${SHA1TEST}.c
+        cc ${CFLAGS} -o $(SHA1TEST) ${SHA1TEST}.c $(LIBCRYPTO)
+$(RANDTEST).c: ${SSLDIR}/rand/${RANDTEST}.c
+        cp ${SSLDIR}/rand/${RANDTEST}.c ${.OBJDIR}
+$(RANDTEST): ${RANDTEST}.c
+        cc ${CFLAGS} -o $(RANDTEST) ${RANDTEST}.c $(LIBCRYPTO)
+$(RMDTEST).c: ${SSLDIR}/ripemd/${RMDTEST}.c
+        cp ${SSLDIR}/ripemd/${RMDTEST}.c ${.OBJDIR}
+$(RMDTEST): ${RMDTEST}.c
+        cc ${CFLAGS} -o $(RMDTEST) ${RMDTEST}.c $(LIBCRYPTO)
+$(DHTEST).c: ${SSLDIR}/dh/${DHTEST}.c
+        cp ${SSLDIR}/dh/${DHTEST}.c ${.OBJDIR}
+$(DHTEST): ${DHTEST}.c
+        cc ${CFLAGS} -o $(DHTEST) ${DHTEST}.c $(LIBCRYPTO)
+$(ENGINETEST).c: ${SSLDIR}/engine/${ENGINETEST}.c
+        cp ${SSLDIR}/engine/${ENGINETEST}.c ${.OBJDIR}
+$(ENGINETEST): ${ENGINETEST}.c
+        cc ${CFLAGS} -o $(ENGINETEST) ${ENGINETEST}.c $(LIBCRYPTO)
+$(CASTTEST).c: ${SSLDIR}/cast/${CASTTEST}.c
+        cp ${SSLDIR}/cast/${CASTTEST}.c ${.OBJDIR}
+$(CASTTEST): ${CASTTEST}.c
+        cc ${CFLAGS} -o $(CASTTEST) ${CASTTEST}.c $(LIBCRYPTO)
+$(RSATEST).c: ${SSLDIR}/rsa/${RSATEST}.c
+        cp ${SSLDIR}/rsa/${RSATEST}.c ${.OBJDIR}
+$(RSATEST): ${RSATEST}.c
+        cc ${CFLAGS} -o $(RSATEST) ${RSATEST}.c $(LIBCRYPTO)
+$(DSATEST).c: ${SSLDIR}/dsa/${DSATEST}.c
+        cp ${SSLDIR}/dsa/${DSATEST}.c ${.OBJDIR}
+$(DSATEST): ${DSATEST}.c
+        cc ${CFLAGS} -o $(DSATEST) ${DSATEST}.c $(LIBCRYPTO)
+$(HMACTEST).c: ${SSLDIR}/hmac/${HMACTEST}.c
+        cp ${SSLDIR}/hmac/${HMACTEST}.c ${.OBJDIR}
+$(HMACTEST): ${HMACTEST}.c
+        cc ${CFLAGS} -o $(HMACTEST) ${HMACTEST}.c $(LIBCRYPTO)
+$(DESTEST).c: ${SSLDIR}/des/${DESTEST}.c
+        cp ${SSLDIR}/des/${DESTEST}.c ${.OBJDIR}
+$(DESTEST): ${DESTEST}.c
+        cc ${CFLAGS} -o $(DESTEST) ${DESTEST}.c $(LIBCRYPTO)
+$(BFTEST).c: ${SSLDIR}/bf/${BFTEST}.c
+        cp ${SSLDIR}/bf/${BFTEST}.c ${.OBJDIR}
+$(BFTEST): ${BFTEST}.c
+        cc ${CFLAGS} -o $(BFTEST) ${BFTEST}.c $(LIBCRYPTO)
+$(RC2TEST).c: ${SSLDIR}/rc2/${RC2TEST}.c
+        cp ${SSLDIR}/rc2/${RC2TEST}.c ${.OBJDIR}
+$(RC2TEST): ${RC2TEST}.c
+        cc ${CFLAGS} -o $(RC2TEST) ${RC2TEST}.c $(LIBCRYPTO)
+$(RC4TEST).c: ${SSLDIR}/rc4/${RC4TEST}.c
+        cp ${SSLDIR}/rc4/${RC4TEST}.c ${.OBJDIR}
+$(RC4TEST): ${RC4TEST}.c
+        cc ${CFLAGS} -o $(RC4TEST) ${RC4TEST}.c $(LIBCRYPTO)
+$(MD2TEST).c: ${SSLDIR}/md2/${MD2TEST}.c
+        cp ${SSLDIR}/md2/${MD2TEST}.c ${.OBJDIR}
+$(MD2TEST): ${MD2TEST}.c
+        cc ${CFLAGS} -o $(MD2TEST) ${MD2TEST}.c $(LIBCRYPTO)
+$(MD4TEST).c: ${SSLDIR}/md4/${MD4TEST}.c
+        cp ${SSLDIR}/md4/${MD4TEST}.c ${.OBJDIR}
+$(MD4TEST): ${MD4TEST}.c
+        cc ${CFLAGS} -o $(MD4TEST) ${MD4TEST}.c $(LIBCRYPTO)
+$(MD5TEST).c: ${SSLDIR}/md5/${MD5TEST}.c
+        cp ${SSLDIR}/md5/${MD5TEST}.c ${.OBJDIR}
+$(MD5TEST): ${MD5TEST}.c
+        cc ${CFLAGS} -o $(MD5TEST) ${MD5TEST}.c $(LIBCRYPTO)
+$(ECDHTEST).c: ${SSLDIR}/ecdh/${ECDHTEST}.c
+        cp ${SSLDIR}/ecdh/${ECDHTEST}.c ${.OBJDIR}
+$(ECDHTEST): ${ECDHTEST}.c
+        cc ${CFLAGS} -o $(ECDHTEST) ${ECDHTEST}.c $(LIBCRYPTO)
+$(ECDSATEST).c: ${SSLDIR}/ecdsa/${ECDSATEST}.c
+        cp ${SSLDIR}/ecdsa/${ECDSATEST}.c ${.OBJDIR}
+$(ECDSATEST): ${ECDSATEST}.c
+        cc ${CFLAGS} -o $(ECDSATEST) ${ECDSATEST}.c $(LIBCRYPTO)
+$(IGETEST).c: ${SSLDIR}/../test/${IGETEST}.c
+        cp ${SSLDIR}/../test/${IGETEST}.c ${.OBJDIR}
+$(IGETEST): ${IGETEST}.c
+        cc ${CFLAGS} -o $(IGETEST) ${IGETEST}.c $(LIBCRYPTO)
+$(SHA256TEST).c: ${SSLDIR}/sha/${SHA256TEST}.c
+        cp ${SSLDIR}/sha/${SHA256TEST}.c ${.OBJDIR}
+$(SHA256TEST): ${SHA256TEST}.c
+        cc ${CFLAGS} -o $(SHA256TEST) ${SHA256TEST}.c $(LIBCRYPTO)
+$(SHA512TEST).c: ${SSLDIR}/sha/${SHA512TEST}.c
+        cp ${SSLDIR}/sha/${SHA512TEST}.c ${.OBJDIR}
+$(SHA512TEST): ${SHA512TEST}.c
+        cc ${CFLAGS} -o $(SHA512TEST) ${SHA512TEST}.c $(LIBCRYPTO)
+.include <bsd.regress.mk>
diff --git a/src/regress/lib/libssl/README b/src/regress/lib/libssl/README
new file mode 100644
index 0000000000..878feca400
--- /dev/null
+++ b/src/regress/lib/libssl/README
@@ -0,0 +1,6 @@
+testenc.sh tests encryption routines
+testdsa.sh tests DSA certificate generation
+test_server.sh starts a tls1 server using the above generated certificate
+test_client.sh starts a client to talk to the server.
+testrsa.sh tests RSA certificate generation
diff --git a/src/regress/lib/libssl/openssl.cnf b/src/regress/lib/libssl/openssl.cnf
new file mode 100644
index 0000000000..9b6cf400c6
--- /dev/null
+++ b/src/regress/lib/libssl/openssl.cnf
@@ -0,0 +1,29 @@
+#       $OpenBSD: openssl.cnf,v 1.2 2001/01/29 02:05:46 niklas Exp $
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# hacked by iang to do DSA certs - Server
+RANDFILE              = ./.rnd
+####################################################################
+[ req ]
+distinguished_name    = req_distinguished_name
+encrypt_rsa_key               = no
+[ req_distinguished_name ]
+countryName                   = Country Name (2 letter code)
+countryName_default           = CA
+countryName_value             = CA
+organizationName                = Organization Name (eg, company)
+organizationName_value          = Shake it Vera 
+0.commonName                  = Common Name (eg, YOUR name)
+0.commonName_value            = Wastelandus
+1.commonName                  = Common Name (eg, YOUR name)
+1.commonName_value            = Maximus
diff --git a/src/regress/lib/libssl/test_client.sh b/src/regress/lib/libssl/test_client.sh
new file mode 100644
index 0000000000..4f17fad80e
--- /dev/null
+++ b/src/regress/lib/libssl/test_client.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+#       $OpenBSD: test_client.sh,v 1.3 2001/01/29 02:05:48 niklas Exp $
+echo
+echo This starts a tls1 mode client to talk to the server run by 
+echo ./testserver.sh. You should start the server first. 
+echo
+echo type in this window after ssl negotiation and your output should
+echo be echoed by the server. 
+echo
+echo
+/usr/sbin/openssl s_client -tls1
diff --git a/src/regress/lib/libssl/test_server.sh b/src/regress/lib/libssl/test_server.sh
new file mode 100644
index 0000000000..a9e2c84d4f
--- /dev/null
+++ b/src/regress/lib/libssl/test_server.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+#       $OpenBSD: test_server.sh,v 1.3 2001/01/29 02:05:48 niklas Exp $
+echo This starts a tls1 mode server using the DSA certificate in ./server.pem
+echo Run ./testclient.sh in another window and type at it, you should 
+echo see the results of the ssl negotiation, and stuff you type in the client
+echo should echo in this window
+echo
+echo
+/usr/sbin/openssl s_server -tls1 -key testdsa.key -cert testdsa.pem
diff --git a/src/regress/lib/libssl/testdsa.sh b/src/regress/lib/libssl/testdsa.sh
new file mode 100644
index 0000000000..48526eec11
--- /dev/null
+++ b/src/regress/lib/libssl/testdsa.sh
@@ -0,0 +1,29 @@
+#!/bin/sh
+#       $OpenBSD: testdsa.sh,v 1.4 2001/01/29 02:05:48 niklas Exp $
+#Test DSA certificate generation of openssl
+cd $1
+# Generate DSA paramter set
+openssl dsaparam 512 -out dsa512.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+# Denerate a DSA certificate
+openssl req -config $2/openssl.cnf -x509 -newkey dsa:dsa512.pem -out testdsa.pem -keyout testdsa.key
+if [ $? != 0 ]; then
+        exit 1;
+fi
+# Now check the certificate
+openssl x509 -text -in testdsa.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+exit 0
diff --git a/src/regress/lib/libssl/testenc.sh b/src/regress/lib/libssl/testenc.sh
new file mode 100644
index 0000000000..355e9cd923
--- /dev/null
+++ b/src/regress/lib/libssl/testenc.sh
@@ -0,0 +1,70 @@
+#!/bin/sh
+#       $OpenBSD: testenc.sh,v 1.6 2002/01/15 18:51:39 art Exp $
+testsrc=$2/openssl.cnf
+test=$1/p
+cmd=/usr/sbin/openssl
+cd $1
+cat $testsrc >$test;
+echo cat
+$cmd enc < $test > $test.cipher
+$cmd enc < $test.cipher >$test.clear
+cmp $test $test.clear
+if [ $? != 0 ]
+then
+        exit 1
+else
+        /bin/rm $test.cipher $test.clear
+fi
+echo base64
+$cmd enc -a -e < $test > $test.cipher
+$cmd enc -a -d < $test.cipher >$test.clear
+cmp $test $test.clear
+if [ $? != 0 ]
+then
+        exit 1
+else
+        /bin/rm $test.cipher $test.clear
+fi
+/bin/rm -f $test
+exit 0
+# These tests are now done by the makefile.
+for i in rc4 \
+        des-cfb des-ede-cfb des-ede3-cfb \
+        des-ofb des-ede-ofb des-ede3-ofb \
+        des-ecb des-ede des-ede3 desx \
+        des-cbc des-ede-cbc des-ede3-cbc \
+        rc2-ecb rc2-cfb rc2-ofb rc2-cbc \
+        bf-ecb bf-cfb bf-ofb bf-cbc rc4 \
+        cast5-ecb cast5-cfb cast5-ofb cast5-cbc
+do
+        echo $i
+        $cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher
+        $cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear
+        cmp $test $test.$i.clear
+        if [ $? != 0 ]
+        then
+                exit 1
+        else
+                /bin/rm $test.$i.cipher $test.$i.clear
+        fi
+        echo $i base64
+        $cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher
+        $cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
+        cmp $test $test.$i.clear
+        if [ $? != 0 ]
+        then
+                exit 1
+        else
+                /bin/rm $test.$i.cipher $test.$i.clear
+        fi
+done
+rm -f $test
diff --git a/src/regress/lib/libssl/testrsa.sh b/src/regress/lib/libssl/testrsa.sh
new file mode 100644
index 0000000000..17c6abf7ce
--- /dev/null
+++ b/src/regress/lib/libssl/testrsa.sh
@@ -0,0 +1,29 @@
+#!/bin/sh
+#       $OpenBSD: testrsa.sh,v 1.6 2002/01/02 15:13:18 art Exp $
+#Test RSA certificate generation of openssl
+cd $1
+# Generate RSA private key
+openssl genrsa -out rsakey.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+# Generate an RSA certificate
+openssl req -config $2/openssl.cnf -key rsakey.pem -new -x509 -days 365 -out rsacert.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+# Now check the certificate
+openssl x509 -text -in rsacert.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+exit 0

diff --git a/src/regress/lib/libssl/Makefile b/src/regress/lib/libssl/Makefile new file mode 100644 index 0000000000..2a5fbb4119 --- /dev/null +++ b/src/regress/lib/libssl/Makefile
@@ -0,0 +1,277 @@
	1	# $OpenBSD: Makefile,v 1.13 2008/09/06 12:21:54 djm Exp $
	2
	3	CLEANFILES+= testdsa.key testdsa.pem rsakey.pem rsacert.pem dsa512.pem
	4
	5	REGRESS_TARGETS=ossltests ssl-enc ssl-dsa ssl-rsa
	6
	7	OPENSSL=/usr/sbin/openssl
	8	CLEAR1=p
	9	CIPHER=cipher
	10	CLEAR2=clear
	11	LIBCRYPTO=-lcrypto
	12
	13	BFTEST= bftest
	14	BNTEST= bntest
	15	CASTTEST= casttest
	16	DESTEST= destest
	17	DHTEST= dhtest
	18	DSATEST= dsatest
	19	ECDHTEST= ecdhtest
	20	ECDSATEST= ecdsatest
	21	ECTEST= ectest
	22	ENGINETEST= enginetest
	23	EVPTEST= evp_test
	24	EXPTEST= exptest
	25	HMACTEST= hmactest
	26	IGETEST= igetest
	27	MD2TEST= md2test
	28	MD4TEST= md4test
	29	MD5TEST= md5test
	30	RANDTEST= randtest
	31	RC2TEST= rc2test
	32	RC4TEST= rc4test
	33	RMDTEST= rmdtest
	34	RSATEST= rsa_test
	35	SHA1TEST= sha1test
	36	SHA256TEST= sha256t
	37	SHA512TEST= sha512t
	38	SHATEST= shatest
	39
	40	SSLDIR= ${.CURDIR}/../../../lib/libssl/src/crypto
	41	CFLAGS= -O -g -Wall -I${SSLDIR} -I${SSLDIR}/..
	42
	43	CLEANFILES+= $(BNTEST).c $(ECTEST).c $(HMACTEST).c \
	44	$(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
	45	$(RANDTEST).c $(DHTEST).c $(ENGINETEST).c \
	46	$(CASTTEST).c $(EXPTEST).c $(DSATEST).c $(RSATEST).c \
	47	$(EVPTEST).c $(DESTEST).c ${RC2TEST}.c ${RC4TEST}.c ${MD2TEST}.c \
	48	${MD4TEST}.c ${MD5TEST}.c ${BFTEST}.c ${ECDHTEST}.c ${ECDSATEST}.c \
	49	${IGETEST}.c ${SHA256TEST}.c ${SHA512TEST}.c
	50
	51	CLEANFILES+= $(BNTEST) $(ECTEST) $(HMACTEST) \
	52	$(SHATEST) $(SHA1TEST) $(MDC2TEST) $(RMDTEST) \
	53	$(RANDTEST) $(DHTEST) $(ENGINETEST) \
	54	$(CASTTEST) $(EXPTEST) $(DSATEST) $(RSATEST) \
	55	$(EVPTEST) $(DESTEST) ${RC2TEST} ${RC4TEST} ${MD2TEST} ${MD4TEST} \
	56	${MD5TEST} ${BFTEST} ${ECDHTEST} ${ECDSATEST} ${IGETEST} \
	57	${SHA256TEST} ${SHA512TEST}
	58
	59	CLEANFILES+= ${BNTEST}.out
	60
	61	OTESTS= ${ENGINETEST} \
	62	${EXPTEST} ${RANDTEST} \
	63	${MD2TEST} ${MD4TEST} ${MD5TEST} \
	64	${SHATEST} ${SHA1TEST} ${HMACTEST} ${RMDTEST} ${MDC2TEST} \
	65	${CASTTEST} ${BFTEST} ${RC2TEST} ${RC4TEST} ${DESTEST} \
	66	${DHTEST} ${DSATEST} ${RSATEST} \
	67	${ECTEST} ${ECDHTEST} ${ECDSATEST} $(IGETEST) \
	68	$(SHA256TEST) $(SHA512TEST)
	69
	70	${CLEAR1}: openssl.cnf
	71	cat ${.CURDIR}/openssl.cnf > ${CLEAR1}
	72
	73	CLEANFILES+=${CLEAR1}
	74
	75	ENCTARGETS=aes-128-cbc aes-128-cfb aes-128-cfb1 aes-128-cfb8
	76	ENCTARGETS+=aes-128-ecb aes-128-ofb aes-192-cbc aes-192-cfb
	77	ENCTARGETS+=aes-192-cfb1 aes-192-cfb8 aes-192-ecb aes-192-ofb
	78	ENCTARGETS+=aes-256-cbc aes-256-cfb aes-256-cfb1 aes-256-cfb8
	79	ENCTARGETS+=aes-256-ecb aes-256-ofb
	80	ENCTARGETS+=bf-cbc bf-cfb bf-ecb bf-ofb
	81	ENCTARGETS+=cast-cbc cast5-cbc cast5-cfb cast5-ecb cast5-ofb
	82	ENCTARGETS+=des-cbc des-cfb des-cfb8 des-ecb des-ede
	83	ENCTARGETS+=des-ede-cbc des-ede-cfb des-ede-ofb des-ede3
	84	ENCTARGETS+=des-ede3-cbc des-ede3-cfb des-ede3-ofb des-ofb desx-cbc
	85	ENCTARGETS+=rc2-40-cbc rc2-64-cbc rc2-cbc rc2-cfb rc2-ecb rc2-ofb
	86	ENCTARGETS+=rc4 rc4-40
	87
	88	.for ENC in ${ENCTARGETS}
	89	${CIPHER}.${ENC}: ${CLEAR1}
	90	${OPENSSL} enc -${ENC} -bufsize 113 -e -k test < ${CLEAR1} > ${CIPHER}.${ENC}
	91	${CIPHER}.${ENC}.b64: ${CLEAR1}
	92	${OPENSSL} enc -${ENC} -bufsize 113 -a -e -k test < ${CLEAR1} > ${CIPHER}.${ENC}.b64
	93
	94	${CLEAR2}.${ENC}: ${CIPHER}.${ENC}
	95	${OPENSSL} enc -${ENC} -bufsize 157 -d -k test < ${CIPHER}.${ENC} > ${CLEAR2}.${ENC}
	96	${CLEAR2}.${ENC}.b64: ${CIPHER}.${ENC}.b64
	97	${OPENSSL} enc -${ENC} -bufsize 157 -a -d -k test < ${CIPHER}.${ENC}.b64 > ${CLEAR2}.${ENC}.b64
	98
	99	ssl-enc-${ENC}: ${CLEAR1} ${CLEAR2}.${ENC}
	100	cmp ${CLEAR1} ${CLEAR2}.${ENC}
	101	ssl-enc-${ENC}.b64: ${CLEAR1} ${CLEAR2}.${ENC}.b64
	102	cmp ${CLEAR1} ${CLEAR2}.${ENC}.b64
	103
	104	REGRESS_TARGETS+=ssl-enc-${ENC} ssl-enc-${ENC}.b64
	105	CLEANFILES+=${CIPHER}.${ENC} ${CIPHER}.${ENC}.b64 ${CLEAR2}.${ENC} ${CLEAR2}.${ENC}.b64 .rnd
	106	.endfor
	107
	108	ssl-enc:
	109	sh ${.CURDIR}/testenc.sh ${.OBJDIR} ${.CURDIR}
	110	ssl-dsa:
	111	sh ${.CURDIR}/testdsa.sh ${.OBJDIR} ${.CURDIR}
	112	ssl-rsa:
	113	sh ${.CURDIR}/testrsa.sh ${.OBJDIR} ${.CURDIR}
	114
	115	ossltests: ${OTESTS} ${BNTEST} ${EVPTEST}
	116	@echo running ${BNTEST}, check ${.OBJDIR}/${BNTEST}.out if this fails.
	117	${.OBJDIR}/${BNTEST} > ${.OBJDIR}/${BNTEST}.out 2>&1
	118	.for OT in ${OTESTS}
	119	@echo running ${OT}
	120	${.OBJDIR}/${OT}
	121	.endfor
	122	@echo running ${EVPTEST}
	123	${.OBJDIR}/${EVPTEST} ${SSLDIR}/evp/evptests.txt
	124
	125	$(BNTEST).c: ${SSLDIR}/bn/bntest.c
	126	cp ${SSLDIR}/bn/bntest.c ${.OBJDIR}
	127
	128	$(BNTEST): ${BNTEST}.c
	129	cc ${CFLAGS} -o $(BNTEST) ${BNTEST}.c $(LIBCRYPTO)
	130
	131	$(EXPTEST).c: ${SSLDIR}/bn/exptest.c
	132	cp ${SSLDIR}/bn/exptest.c ${.OBJDIR}
	133
	134	$(EXPTEST): ${EXPTEST}.c
	135	cc ${CFLAGS} -o $(EXPTEST) ${EXPTEST}.c $(LIBCRYPTO)
	136
	137	$(ECTEST).c: ${SSLDIR}/ec/ectest.c
	138	cp ${SSLDIR}/ec/ectest.c ${.OBJDIR}
	139
	140	$(ECTEST): ${ECTEST}.c
	141	cc ${CFLAGS} -o $(ECTEST) ${ECTEST}.c $(LIBCRYPTO)
	142
	143	$(EVPTEST).c: ${SSLDIR}/evp/${EVPTEST}.c
	144	cp ${SSLDIR}/evp/${EVPTEST}.c ${.OBJDIR}
	145	$(EVPTEST): ${EVPTEST}.c
	146	cc ${CFLAGS} -o $(EVPTEST) ${EVPTEST}.c $(LIBCRYPTO)
	147
	148	$(SHATEST).c: ${SSLDIR}/sha/${SHATEST}.c
	149	cp ${SSLDIR}/sha/${SHATEST}.c ${.OBJDIR}
	150	$(SHATEST): ${SHATEST}.c
	151	cc ${CFLAGS} -o $(SHATEST) ${SHATEST}.c $(LIBCRYPTO)
	152
	153	$(SHA1TEST).c: ${SSLDIR}/sha/${SHA1TEST}.c
	154	cp ${SSLDIR}/sha/${SHA1TEST}.c ${.OBJDIR}
	155	$(SHA1TEST): ${SHA1TEST}.c
	156	cc ${CFLAGS} -o $(SHA1TEST) ${SHA1TEST}.c $(LIBCRYPTO)
	157
	158	$(RANDTEST).c: ${SSLDIR}/rand/${RANDTEST}.c
	159	cp ${SSLDIR}/rand/${RANDTEST}.c ${.OBJDIR}
	160	$(RANDTEST): ${RANDTEST}.c
	161	cc ${CFLAGS} -o $(RANDTEST) ${RANDTEST}.c $(LIBCRYPTO)
	162
	163	$(RMDTEST).c: ${SSLDIR}/ripemd/${RMDTEST}.c
	164	cp ${SSLDIR}/ripemd/${RMDTEST}.c ${.OBJDIR}
	165	$(RMDTEST): ${RMDTEST}.c
	166	cc ${CFLAGS} -o $(RMDTEST) ${RMDTEST}.c $(LIBCRYPTO)
	167
	168	$(DHTEST).c: ${SSLDIR}/dh/${DHTEST}.c
	169	cp ${SSLDIR}/dh/${DHTEST}.c ${.OBJDIR}
	170
	171	$(DHTEST): ${DHTEST}.c
	172	cc ${CFLAGS} -o $(DHTEST) ${DHTEST}.c $(LIBCRYPTO)
	173
	174	$(ENGINETEST).c: ${SSLDIR}/engine/${ENGINETEST}.c
	175	cp ${SSLDIR}/engine/${ENGINETEST}.c ${.OBJDIR}
	176
	177	$(ENGINETEST): ${ENGINETEST}.c
	178	cc ${CFLAGS} -o $(ENGINETEST) ${ENGINETEST}.c $(LIBCRYPTO)
	179
	180	$(CASTTEST).c: ${SSLDIR}/cast/${CASTTEST}.c
	181	cp ${SSLDIR}/cast/${CASTTEST}.c ${.OBJDIR}
	182
	183	$(CASTTEST): ${CASTTEST}.c
	184	cc ${CFLAGS} -o $(CASTTEST) ${CASTTEST}.c $(LIBCRYPTO)
	185
	186	$(RSATEST).c: ${SSLDIR}/rsa/${RSATEST}.c
	187	cp ${SSLDIR}/rsa/${RSATEST}.c ${.OBJDIR}
	188
	189	$(RSATEST): ${RSATEST}.c
	190	cc ${CFLAGS} -o $(RSATEST) ${RSATEST}.c $(LIBCRYPTO)
	191
	192	$(DSATEST).c: ${SSLDIR}/dsa/${DSATEST}.c
	193	cp ${SSLDIR}/dsa/${DSATEST}.c ${.OBJDIR}
	194
	195	$(DSATEST): ${DSATEST}.c
	196	cc ${CFLAGS} -o $(DSATEST) ${DSATEST}.c $(LIBCRYPTO)
	197
	198
	199	$(HMACTEST).c: ${SSLDIR}/hmac/${HMACTEST}.c
	200	cp ${SSLDIR}/hmac/${HMACTEST}.c ${.OBJDIR}
	201
	202	$(HMACTEST): ${HMACTEST}.c
	203	cc ${CFLAGS} -o $(HMACTEST) ${HMACTEST}.c $(LIBCRYPTO)
	204
	205	$(DESTEST).c: ${SSLDIR}/des/${DESTEST}.c
	206	cp ${SSLDIR}/des/${DESTEST}.c ${.OBJDIR}
	207
	208	$(DESTEST): ${DESTEST}.c
	209	cc ${CFLAGS} -o $(DESTEST) ${DESTEST}.c $(LIBCRYPTO)
	210
	211	$(BFTEST).c: ${SSLDIR}/bf/${BFTEST}.c
	212	cp ${SSLDIR}/bf/${BFTEST}.c ${.OBJDIR}
	213
	214	$(BFTEST): ${BFTEST}.c
	215	cc ${CFLAGS} -o $(BFTEST) ${BFTEST}.c $(LIBCRYPTO)
	216
	217	$(RC2TEST).c: ${SSLDIR}/rc2/${RC2TEST}.c
	218	cp ${SSLDIR}/rc2/${RC2TEST}.c ${.OBJDIR}
	219
	220	$(RC2TEST): ${RC2TEST}.c
	221	cc ${CFLAGS} -o $(RC2TEST) ${RC2TEST}.c $(LIBCRYPTO)
	222
	223	$(RC4TEST).c: ${SSLDIR}/rc4/${RC4TEST}.c
	224	cp ${SSLDIR}/rc4/${RC4TEST}.c ${.OBJDIR}
	225
	226	$(RC4TEST): ${RC4TEST}.c
	227	cc ${CFLAGS} -o $(RC4TEST) ${RC4TEST}.c $(LIBCRYPTO)
	228
	229	$(MD2TEST).c: ${SSLDIR}/md2/${MD2TEST}.c
	230	cp ${SSLDIR}/md2/${MD2TEST}.c ${.OBJDIR}
	231
	232	$(MD2TEST): ${MD2TEST}.c
	233	cc ${CFLAGS} -o $(MD2TEST) ${MD2TEST}.c $(LIBCRYPTO)
	234
	235	$(MD4TEST).c: ${SSLDIR}/md4/${MD4TEST}.c
	236	cp ${SSLDIR}/md4/${MD4TEST}.c ${.OBJDIR}
	237
	238	$(MD4TEST): ${MD4TEST}.c
	239	cc ${CFLAGS} -o $(MD4TEST) ${MD4TEST}.c $(LIBCRYPTO)
	240
	241	$(MD5TEST).c: ${SSLDIR}/md5/${MD5TEST}.c
	242	cp ${SSLDIR}/md5/${MD5TEST}.c ${.OBJDIR}
	243
	244	$(MD5TEST): ${MD5TEST}.c
	245	cc ${CFLAGS} -o $(MD5TEST) ${MD5TEST}.c $(LIBCRYPTO)
	246
	247	$(ECDHTEST).c: ${SSLDIR}/ecdh/${ECDHTEST}.c
	248	cp ${SSLDIR}/ecdh/${ECDHTEST}.c ${.OBJDIR}
	249
	250	$(ECDHTEST): ${ECDHTEST}.c
	251	cc ${CFLAGS} -o $(ECDHTEST) ${ECDHTEST}.c $(LIBCRYPTO)
	252
	253	$(ECDSATEST).c: ${SSLDIR}/ecdsa/${ECDSATEST}.c
	254	cp ${SSLDIR}/ecdsa/${ECDSATEST}.c ${.OBJDIR}
	255
	256	$(ECDSATEST): ${ECDSATEST}.c
	257	cc ${CFLAGS} -o $(ECDSATEST) ${ECDSATEST}.c $(LIBCRYPTO)
	258
	259	$(IGETEST).c: ${SSLDIR}/../test/${IGETEST}.c
	260	cp ${SSLDIR}/../test/${IGETEST}.c ${.OBJDIR}
	261
	262	$(IGETEST): ${IGETEST}.c
	263	cc ${CFLAGS} -o $(IGETEST) ${IGETEST}.c $(LIBCRYPTO)
	264
	265	$(SHA256TEST).c: ${SSLDIR}/sha/${SHA256TEST}.c
	266	cp ${SSLDIR}/sha/${SHA256TEST}.c ${.OBJDIR}
	267
	268	$(SHA256TEST): ${SHA256TEST}.c
	269	cc ${CFLAGS} -o $(SHA256TEST) ${SHA256TEST}.c $(LIBCRYPTO)
	270
	271	$(SHA512TEST).c: ${SSLDIR}/sha/${SHA512TEST}.c
	272	cp ${SSLDIR}/sha/${SHA512TEST}.c ${.OBJDIR}
	273
	274	$(SHA512TEST): ${SHA512TEST}.c
	275	cc ${CFLAGS} -o $(SHA512TEST) ${SHA512TEST}.c $(LIBCRYPTO)
	276
	277	.include <bsd.regress.mk>


diff --git a/src/regress/lib/libssl/README b/src/regress/lib/libssl/README new file mode 100644 index 0000000000..878feca400 --- /dev/null +++ b/src/regress/lib/libssl/README
@@ -0,0 +1,6 @@
	1	testenc.sh tests encryption routines
	2	testdsa.sh tests DSA certificate generation
	3	test_server.sh starts a tls1 server using the above generated certificate
	4	test_client.sh starts a client to talk to the server.
	5	testrsa.sh tests RSA certificate generation
	6


diff --git a/src/regress/lib/libssl/openssl.cnf b/src/regress/lib/libssl/openssl.cnf new file mode 100644 index 0000000000..9b6cf400c6 --- /dev/null +++ b/src/regress/lib/libssl/openssl.cnf
@@ -0,0 +1,29 @@
	1	# $OpenBSD: openssl.cnf,v 1.2 2001/01/29 02:05:46 niklas Exp $
	2
	3	#
	4	# SSLeay example configuration file.
	5	# This is mostly being used for generation of certificate requests.
	6	#
	7	# hacked by iang to do DSA certs - Server
	8
	9	RANDFILE = ./.rnd
	10
	11	####################################################################
	12	[ req ]
	13	distinguished_name = req_distinguished_name
	14	encrypt_rsa_key = no
	15
	16	[ req_distinguished_name ]
	17	countryName = Country Name (2 letter code)
	18	countryName_default = CA
	19	countryName_value = CA
	20
	21	organizationName = Organization Name (eg, company)
	22	organizationName_value = Shake it Vera
	23
	24	0.commonName = Common Name (eg, YOUR name)
	25	0.commonName_value = Wastelandus
	26
	27	1.commonName = Common Name (eg, YOUR name)
	28	1.commonName_value = Maximus
	29


diff --git a/src/regress/lib/libssl/test_client.sh b/src/regress/lib/libssl/test_client.sh new file mode 100644 index 0000000000..4f17fad80e --- /dev/null +++ b/src/regress/lib/libssl/test_client.sh
@@ -0,0 +1,13 @@
	1	#!/bin/sh
	2	# $OpenBSD: test_client.sh,v 1.3 2001/01/29 02:05:48 niklas Exp $
	3
	4
	5	echo
	6	echo This starts a tls1 mode client to talk to the server run by
	7	echo ./testserver.sh. You should start the server first.
	8	echo
	9	echo type in this window after ssl negotiation and your output should
	10	echo be echoed by the server.
	11	echo
	12	echo
	13	/usr/sbin/openssl s_client -tls1


diff --git a/src/regress/lib/libssl/test_server.sh b/src/regress/lib/libssl/test_server.sh new file mode 100644 index 0000000000..a9e2c84d4f --- /dev/null +++ b/src/regress/lib/libssl/test_server.sh
@@ -0,0 +1,11 @@
	1	#!/bin/sh
	2	# $OpenBSD: test_server.sh,v 1.3 2001/01/29 02:05:48 niklas Exp $
	3
	4
	5	echo This starts a tls1 mode server using the DSA certificate in ./server.pem
	6	echo Run ./testclient.sh in another window and type at it, you should
	7	echo see the results of the ssl negotiation, and stuff you type in the client
	8	echo should echo in this window
	9	echo
	10	echo
	11	/usr/sbin/openssl s_server -tls1 -key testdsa.key -cert testdsa.pem


diff --git a/src/regress/lib/libssl/testdsa.sh b/src/regress/lib/libssl/testdsa.sh new file mode 100644 index 0000000000..48526eec11 --- /dev/null +++ b/src/regress/lib/libssl/testdsa.sh
@@ -0,0 +1,29 @@
	1	#!/bin/sh
	2	# $OpenBSD: testdsa.sh,v 1.4 2001/01/29 02:05:48 niklas Exp $
	3
	4
	5	#Test DSA certificate generation of openssl
	6
	7	cd $1
	8
	9	# Generate DSA paramter set
	10	openssl dsaparam 512 -out dsa512.pem
	11	if [ $? != 0 ]; then
	12	exit 1;
	13	fi
	14
	15
	16	# Denerate a DSA certificate
	17	openssl req -config $2/openssl.cnf -x509 -newkey dsa:dsa512.pem -out testdsa.pem -keyout testdsa.key
	18	if [ $? != 0 ]; then
	19	exit 1;
	20	fi
	21
	22
	23	# Now check the certificate
	24	openssl x509 -text -in testdsa.pem
	25	if [ $? != 0 ]; then
	26	exit 1;
	27	fi
	28
	29	exit 0


diff --git a/src/regress/lib/libssl/testenc.sh b/src/regress/lib/libssl/testenc.sh new file mode 100644 index 0000000000..355e9cd923 --- /dev/null +++ b/src/regress/lib/libssl/testenc.sh
@@ -0,0 +1,70 @@
	1	#!/bin/sh
	2	# $OpenBSD: testenc.sh,v 1.6 2002/01/15 18:51:39 art Exp $
	3
	4
	5	testsrc=$2/openssl.cnf
	6	test=$1/p
	7	cmd=/usr/sbin/openssl
	8
	9	cd $1
	10
	11	cat $testsrc >$test;
	12
	13	echo cat
	14	$cmd enc < $test > $test.cipher
	15	$cmd enc < $test.cipher >$test.clear
	16	cmp $test $test.clear
	17	if [ $? != 0 ]
	18	then
	19	exit 1
	20	else
	21	/bin/rm $test.cipher $test.clear
	22	fi
	23	echo base64
	24	$cmd enc -a -e < $test > $test.cipher
	25	$cmd enc -a -d < $test.cipher >$test.clear
	26	cmp $test $test.clear
	27	if [ $? != 0 ]
	28	then
	29	exit 1
	30	else
	31	/bin/rm $test.cipher $test.clear
	32	fi
	33
	34	/bin/rm -f $test
	35	exit 0
	36
	37	# These tests are now done by the makefile.
	38
	39	for i in rc4 \
	40	des-cfb des-ede-cfb des-ede3-cfb \
	41	des-ofb des-ede-ofb des-ede3-ofb \
	42	des-ecb des-ede des-ede3 desx \
	43	des-cbc des-ede-cbc des-ede3-cbc \
	44	rc2-ecb rc2-cfb rc2-ofb rc2-cbc \
	45	bf-ecb bf-cfb bf-ofb bf-cbc rc4 \
	46	cast5-ecb cast5-cfb cast5-ofb cast5-cbc
	47	do
	48	echo $i
	49	$cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher
	50	$cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear
	51	cmp $test $test.$i.clear
	52	if [ $? != 0 ]
	53	then
	54	exit 1
	55	else
	56	/bin/rm $test.$i.cipher $test.$i.clear
	57	fi
	58
	59	echo $i base64
	60	$cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher
	61	$cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
	62	cmp $test $test.$i.clear
	63	if [ $? != 0 ]
	64	then
	65	exit 1
	66	else
	67	/bin/rm $test.$i.cipher $test.$i.clear
	68	fi
	69	done
	70	rm -f $test


diff --git a/src/regress/lib/libssl/testrsa.sh b/src/regress/lib/libssl/testrsa.sh new file mode 100644 index 0000000000..17c6abf7ce --- /dev/null +++ b/src/regress/lib/libssl/testrsa.sh
@@ -0,0 +1,29 @@
	1	#!/bin/sh
	2	# $OpenBSD: testrsa.sh,v 1.6 2002/01/02 15:13:18 art Exp $
	3
	4
	5	#Test RSA certificate generation of openssl
	6
	7	cd $1
	8
	9	# Generate RSA private key
	10	openssl genrsa -out rsakey.pem
	11	if [ $? != 0 ]; then
	12	exit 1;
	13	fi
	14
	15
	16	# Generate an RSA certificate
	17	openssl req -config $2/openssl.cnf -key rsakey.pem -new -x509 -days 365 -out rsacert.pem
	18	if [ $? != 0 ]; then
	19	exit 1;
	20	fi
	21
	22
	23	# Now check the certificate
	24	openssl x509 -text -in rsacert.pem
	25	if [ $? != 0 ]; then
	26	exit 1;
	27	fi
	28
	29	exit 0