From ad993f95f7233dab030ff796264396c977cb3248 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Tue, 26 Aug 2014 17:50:07 +0000
Subject: Update regress to follow openssl(1) move.

---
 src/regress/lib/libcrypto/sha2/Makefile    |  4 +-
 src/regress/usr.bin/openssl/Makefile       | 58 +++++++++++++++++++++++++
 src/regress/usr.bin/openssl/README         |  6 +++
 src/regress/usr.bin/openssl/openssl.cnf    | 29 +++++++++++++
 src/regress/usr.bin/openssl/test_client.sh | 12 ++++++
 src/regress/usr.bin/openssl/test_server.sh | 10 +++++
 src/regress/usr.bin/openssl/testdsa.sh     | 29 +++++++++++++
 src/regress/usr.bin/openssl/testenc.sh     | 69 ++++++++++++++++++++++++++++++
 src/regress/usr.bin/openssl/testrsa.sh     | 29 +++++++++++++
 9 files changed, 244 insertions(+), 2 deletions(-)
 create mode 100644 src/regress/usr.bin/openssl/Makefile
 create mode 100644 src/regress/usr.bin/openssl/README
 create mode 100644 src/regress/usr.bin/openssl/openssl.cnf
 create mode 100644 src/regress/usr.bin/openssl/test_client.sh
 create mode 100644 src/regress/usr.bin/openssl/test_server.sh
 create mode 100644 src/regress/usr.bin/openssl/testdsa.sh
 create mode 100644 src/regress/usr.bin/openssl/testenc.sh
 create mode 100644 src/regress/usr.bin/openssl/testrsa.sh

diff --git a/src/regress/lib/libcrypto/sha2/Makefile b/src/regress/lib/libcrypto/sha2/Makefile
index 2edf10b0f4..e2bbb02d15 100644
--- a/src/regress/lib/libcrypto/sha2/Makefile
+++ b/src/regress/lib/libcrypto/sha2/Makefile
@@ -1,7 +1,7 @@
-#	$OpenBSD: Makefile,v 1.1 2014/05/02 19:27:06 miod Exp $
+#	$OpenBSD: Makefile,v 1.2 2014/08/26 17:50:07 jsing Exp $
 
 REGRESS_TARGETS=regress-sha2
-OPENSSL=/usr/sbin/openssl
+OPENSSL=/usr/bin/openssl
 
 HASHES= \
 	sha224 \
diff --git a/src/regress/usr.bin/openssl/Makefile b/src/regress/usr.bin/openssl/Makefile
new file mode 100644
index 0000000000..800e2fd061
--- /dev/null
+++ b/src/regress/usr.bin/openssl/Makefile
@@ -0,0 +1,58 @@
+#	$OpenBSD: Makefile,v 1.1 2014/08/26 17:50:07 jsing Exp $
+
+CLEANFILES+= testdsa.key testdsa.pem rsakey.pem rsacert.pem dsa512.pem
+
+REGRESS_TARGETS=ssl-enc ssl-dsa ssl-rsa 
+
+OPENSSL=/usr/bin/openssl
+CLEAR1=p
+CIPHER=cipher
+CLEAR2=clear
+LIBCRYPTO=-lcrypto
+
+${CLEAR1}: openssl.cnf
+	cat ${.CURDIR}/openssl.cnf > ${CLEAR1}
+
+CLEANFILES+=${CLEAR1}
+
+ENCTARGETS=aes-128-cbc aes-128-cfb aes-128-cfb1 aes-128-cfb8
+ENCTARGETS+=aes-128-ecb aes-128-ofb aes-192-cbc aes-192-cfb
+ENCTARGETS+=aes-192-cfb1 aes-192-cfb8 aes-192-ecb aes-192-ofb
+ENCTARGETS+=aes-256-cbc aes-256-cfb aes-256-cfb1 aes-256-cfb8
+ENCTARGETS+=aes-256-ecb aes-256-ofb
+ENCTARGETS+=bf-cbc bf-cfb bf-ecb bf-ofb
+ENCTARGETS+=cast-cbc cast5-cbc cast5-cfb cast5-ecb cast5-ofb
+ENCTARGETS+=des-cbc des-cfb des-cfb8 des-ecb des-ede
+ENCTARGETS+=des-ede-cbc des-ede-cfb des-ede-ofb des-ede3
+ENCTARGETS+=des-ede3-cbc des-ede3-cfb des-ede3-ofb des-ofb desx-cbc
+ENCTARGETS+=rc2-40-cbc rc2-64-cbc rc2-cbc rc2-cfb rc2-ecb rc2-ofb
+ENCTARGETS+=rc4 rc4-40
+
+.for ENC in ${ENCTARGETS}
+${CIPHER}.${ENC}: ${CLEAR1}
+	${OPENSSL} enc -${ENC} -bufsize 113 -e -k test < ${CLEAR1} > ${CIPHER}.${ENC}
+${CIPHER}.${ENC}.b64: ${CLEAR1}
+	${OPENSSL} enc -${ENC} -bufsize 113 -a -e -k test < ${CLEAR1} > ${CIPHER}.${ENC}.b64
+
+${CLEAR2}.${ENC}: ${CIPHER}.${ENC}
+	${OPENSSL} enc -${ENC} -bufsize 157 -d -k test < ${CIPHER}.${ENC} > ${CLEAR2}.${ENC}
+${CLEAR2}.${ENC}.b64: ${CIPHER}.${ENC}.b64
+	${OPENSSL} enc -${ENC} -bufsize 157 -a -d -k test < ${CIPHER}.${ENC}.b64 > ${CLEAR2}.${ENC}.b64
+
+ssl-enc-${ENC}: ${CLEAR1} ${CLEAR2}.${ENC}
+	cmp ${CLEAR1} ${CLEAR2}.${ENC}
+ssl-enc-${ENC}.b64: ${CLEAR1} ${CLEAR2}.${ENC}.b64
+	cmp ${CLEAR1} ${CLEAR2}.${ENC}.b64
+
+REGRESS_TARGETS+=ssl-enc-${ENC} ssl-enc-${ENC}.b64
+CLEANFILES+=${CIPHER}.${ENC} ${CIPHER}.${ENC}.b64 ${CLEAR2}.${ENC} ${CLEAR2}.${ENC}.b64 .rnd
+.endfor
+
+ssl-enc:
+	sh ${.CURDIR}/testenc.sh ${.OBJDIR} ${.CURDIR}
+ssl-dsa:
+	sh ${.CURDIR}/testdsa.sh ${.OBJDIR} ${.CURDIR}
+ssl-rsa:
+	sh ${.CURDIR}/testrsa.sh ${.OBJDIR} ${.CURDIR}
+
+.include <bsd.regress.mk>
diff --git a/src/regress/usr.bin/openssl/README b/src/regress/usr.bin/openssl/README
new file mode 100644
index 0000000000..878feca400
--- /dev/null
+++ b/src/regress/usr.bin/openssl/README
@@ -0,0 +1,6 @@
+testenc.sh tests encryption routines
+testdsa.sh tests DSA certificate generation
+test_server.sh starts a tls1 server using the above generated certificate
+test_client.sh starts a client to talk to the server.
+testrsa.sh tests RSA certificate generation
+
diff --git a/src/regress/usr.bin/openssl/openssl.cnf b/src/regress/usr.bin/openssl/openssl.cnf
new file mode 100644
index 0000000000..8e1eeb7f16
--- /dev/null
+++ b/src/regress/usr.bin/openssl/openssl.cnf
@@ -0,0 +1,29 @@
+#	$OpenBSD: openssl.cnf,v 1.1 2014/08/26 17:50:07 jsing Exp $
+
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# hacked by iang to do DSA certs - Server
+
+RANDFILE              = ./.rnd
+
+####################################################################
+[ req ]
+distinguished_name    = req_distinguished_name
+encrypt_rsa_key               = no
+
+[ req_distinguished_name ]
+countryName                   = Country Name (2 letter code)
+countryName_default           = CA
+countryName_value             = CA
+
+organizationName                = Organization Name (eg, company)
+organizationName_value          = Shake it Vera 
+
+0.commonName                  = Common Name (eg, YOUR name)
+0.commonName_value            = Wastelandus
+
+1.commonName                  = Common Name (eg, YOUR name)
+1.commonName_value            = Maximus
+
diff --git a/src/regress/usr.bin/openssl/test_client.sh b/src/regress/usr.bin/openssl/test_client.sh
new file mode 100644
index 0000000000..36c6ac4add
--- /dev/null
+++ b/src/regress/usr.bin/openssl/test_client.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+#	$OpenBSD: test_client.sh,v 1.1 2014/08/26 17:50:07 jsing Exp $
+
+echo
+echo This starts a tls1 mode client to talk to the server run by 
+echo ./testserver.sh. You should start the server first. 
+echo
+echo type in this window after ssl negotiation and your output should
+echo be echoed by the server. 
+echo
+echo
+/usr/bin/openssl s_client -tls1
diff --git a/src/regress/usr.bin/openssl/test_server.sh b/src/regress/usr.bin/openssl/test_server.sh
new file mode 100644
index 0000000000..b4fd2560df
--- /dev/null
+++ b/src/regress/usr.bin/openssl/test_server.sh
@@ -0,0 +1,10 @@
+#!/bin/sh
+#	$OpenBSD: test_server.sh,v 1.1 2014/08/26 17:50:07 jsing Exp $
+
+echo This starts a tls1 mode server using the DSA certificate in ./server.pem
+echo Run ./testclient.sh in another window and type at it, you should 
+echo see the results of the ssl negotiation, and stuff you type in the client
+echo should echo in this window
+echo
+echo
+/usr/bin/openssl s_server -tls1 -key testdsa.key -cert testdsa.pem
diff --git a/src/regress/usr.bin/openssl/testdsa.sh b/src/regress/usr.bin/openssl/testdsa.sh
new file mode 100644
index 0000000000..32293d8ff3
--- /dev/null
+++ b/src/regress/usr.bin/openssl/testdsa.sh
@@ -0,0 +1,29 @@
+#!/bin/sh
+#	$OpenBSD: testdsa.sh,v 1.1 2014/08/26 17:50:07 jsing Exp $
+
+
+#Test DSA certificate generation of openssl
+
+cd $1
+
+# Generate DSA paramter set
+openssl dsaparam 512 -out dsa512.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+
+
+# Denerate a DSA certificate
+openssl req -config $2/openssl.cnf -x509 -newkey dsa:dsa512.pem -out testdsa.pem -keyout testdsa.key
+if [ $? != 0 ]; then
+        exit 1;
+fi
+
+
+# Now check the certificate
+openssl x509 -text -in testdsa.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+
+exit 0
diff --git a/src/regress/usr.bin/openssl/testenc.sh b/src/regress/usr.bin/openssl/testenc.sh
new file mode 100644
index 0000000000..72c87a87a9
--- /dev/null
+++ b/src/regress/usr.bin/openssl/testenc.sh
@@ -0,0 +1,69 @@
+#!/bin/sh
+#	$OpenBSD: testenc.sh,v 1.1 2014/08/26 17:50:07 jsing Exp $
+
+testsrc=$2/openssl.cnf
+test=$1/p
+cmd=/usr/bin/openssl
+
+cd $1
+
+cat $testsrc >$test;
+
+echo cat
+$cmd enc < $test > $test.cipher
+$cmd enc < $test.cipher >$test.clear
+cmp $test $test.clear
+if [ $? != 0 ]
+then
+	exit 1
+else
+	/bin/rm $test.cipher $test.clear
+fi
+echo base64
+$cmd enc -a -e < $test > $test.cipher
+$cmd enc -a -d < $test.cipher >$test.clear
+cmp $test $test.clear
+if [ $? != 0 ]
+then
+	exit 1
+else
+	/bin/rm $test.cipher $test.clear
+fi
+
+/bin/rm -f $test
+exit 0
+
+# These tests are now done by the makefile.
+
+for i in rc4 \
+	des-cfb des-ede-cfb des-ede3-cfb \
+	des-ofb des-ede-ofb des-ede3-ofb \
+	des-ecb des-ede des-ede3 desx \
+	des-cbc des-ede-cbc des-ede3-cbc \
+	rc2-ecb rc2-cfb rc2-ofb rc2-cbc \
+	bf-ecb bf-cfb bf-ofb bf-cbc rc4 \
+	cast5-ecb cast5-cfb cast5-ofb cast5-cbc
+do
+	echo $i
+	$cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher
+	$cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear
+	cmp $test $test.$i.clear
+	if [ $? != 0 ]
+	then
+		exit 1
+	else
+		/bin/rm $test.$i.cipher $test.$i.clear
+	fi
+
+	echo $i base64
+	$cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher
+	$cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
+	cmp $test $test.$i.clear
+	if [ $? != 0 ]
+	then
+		exit 1
+	else
+		/bin/rm $test.$i.cipher $test.$i.clear
+	fi
+done
+rm -f $test
diff --git a/src/regress/usr.bin/openssl/testrsa.sh b/src/regress/usr.bin/openssl/testrsa.sh
new file mode 100644
index 0000000000..a9a00f295e
--- /dev/null
+++ b/src/regress/usr.bin/openssl/testrsa.sh
@@ -0,0 +1,29 @@
+#!/bin/sh
+#	$OpenBSD: testrsa.sh,v 1.1 2014/08/26 17:50:07 jsing Exp $
+
+
+#Test RSA certificate generation of openssl
+
+cd $1
+
+# Generate RSA private key
+openssl genrsa -out rsakey.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+
+
+# Generate an RSA certificate
+openssl req -config $2/openssl.cnf -key rsakey.pem -new -x509 -days 365 -out rsacert.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+
+
+# Now check the certificate
+openssl x509 -text -in rsacert.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+
+exit 0
-- 
cgit v1.2.3-55-g6feb