From 5514995a9d5ed91db089875adb509c7781357c0e Mon Sep 17 00:00:00 2001 From: markus <> Date: Thu, 5 Sep 2002 12:51:52 +0000 Subject: import openssl-0.9.7-beta1 --- src/lib/libssl/test/maketests.com | 32 ++++---- src/lib/libssl/test/tcrl.com | 23 +++--- src/lib/libssl/test/testca.com | 4 +- src/lib/libssl/test/testenc.com | 18 ++++- src/lib/libssl/test/testgen.com | 25 ++++++- src/lib/libssl/test/tests.com | 137 ++++++++++++++++++++++------------ src/lib/libssl/test/testss.com | 19 ++++- src/lib/libssl/test/testssl.com | 151 +++++++++++++++++++++++++++++--------- src/lib/libssl/test/tpkcs7.com | 13 ++-- src/lib/libssl/test/tpkcs7d.com | 7 +- src/lib/libssl/test/treq.com | 23 +++--- src/lib/libssl/test/trsa.com | 34 ++++++--- src/lib/libssl/test/tsid.com | 23 +++--- src/lib/libssl/test/tx509.com | 23 +++--- 14 files changed, 367 insertions(+), 165 deletions(-) (limited to 'src/lib/libssl/test') diff --git a/src/lib/libssl/test/maketests.com b/src/lib/libssl/test/maketests.com index e4b052e688..f7ff8fe407 100644 --- a/src/lib/libssl/test/maketests.com +++ b/src/lib/libssl/test/maketests.com @@ -143,11 +143,12 @@ $ GOSUB CHECK_OPT_FILE $! $! Define The TEST Files. $! -$ TEST_FILES = "BNTEST,IDEATEST,MD2TEST,MD5TEST,HMACTEST,"+ - +$ TEST_FILES = "BNTEST,ECTEST,IDEATEST,MD2TEST,MD4TEST,MD5TEST,HMACTEST,"+ - "RC2TEST,RC4TEST,RC5TEST,"+ - "DESTEST,SHATEST,SHA1TEST,MDC2TEST,RMDTEST,"+ - - "RANDTEST,DHTEST,"+ - - "BFTEST,CASTTEST,SSLTEST,EXPTEST,DSATEST,RSA_OAEP_TEST" + "RANDTEST,DHTEST,ENGINETEST,"+ - + "BFTEST,CASTTEST,SSLTEST,EXPTEST,DSATEST,RSA_TEST,"+ - + "EVP_TEST" $ TCPIP_PROGRAMS = ",," $ IF COMPILER .EQS. "VAXC" THEN - TCPIP_PROGRAMS = ",SSLTEST," @@ -514,6 +515,7 @@ $ CHECK_OPTIONS: $! $! Check To See If P1 Is Blank. $! +$ P1 = "NORSAREF" $ IF (P1.EQS."NORSAREF") $ THEN $! @@ -729,13 +731,13 @@ $ ENDIF $! $! Set Up Initial CC Definitions, Possibly With User Ones $! -$ CCDEFS = "VMS=1,TCPIP_TYPE_''P4'" +$ CCDEFS = "TCPIP_TYPE_''P4'" $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS $ CCEXTRAFLAGS = "" $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS -$ CCDISABLEWARNINGS = "" +$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX" $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - - CCDISABLEWARNINGS = USER_CCDISABLEWARNINGS + CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS $! $! Check To See If The User Entered A Valid Paramter. $! @@ -761,7 +763,8 @@ $ CC = "CC" $ IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" - THEN CC = "CC/DECC" $ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + - - "/NOLIST/PREFIX=ALL" + CCEXTRAFLAGS + "/NOLIST/PREFIX=ALL" + - + "/INCLUDE=(SYS$DISK:[-])" + CCEXTRAFLAGS $! $! Define The Linker Options File Name. $! @@ -793,7 +796,8 @@ $ WRITE SYS$OUTPUT "There is no VAX C on Alpha!" $ EXIT $ ENDIF $ IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC" -$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + CCEXTRAFLAGS +$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + - + "/INCLUDE=(SYS$DISK:[-])" + CCEXTRAFLAGS $ CCDEFS = CCDEFS + ",""VAXC""" $! $! Define As SYS$COMMON:[SYSLIB] @@ -823,7 +827,8 @@ $ WRITE SYS$OUTPUT "Using GNU 'C' Compiler." $! $! Use GNU C... $! -$ CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + CCEXTRAFLAGS +$ CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + - + "/INCLUDE=(SYS$DISK:[-])" + CCEXTRAFLAGS $! $! Define The Linker Options File Name. $! @@ -915,7 +920,7 @@ $ THEN $! $! Set the library to use SOCKETSHR $! -$ TCPIP_LIB = "[-.VMS]SOCKETSHR_SHR.OPT/OPT" +$ TCPIP_LIB = "SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT/OPT" $! $! Done with SOCKETSHR $! @@ -941,13 +946,13 @@ $ THEN $! $! Set the library to use UCX. $! -$ TCPIP_LIB = "[-.VMS]UCX_SHR_DECC.OPT/OPT" +$ TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT/OPT" $ IF F$TRNLNM("UCX$IPC_SHR") .NES. "" $ THEN -$ TCPIP_LIB = "[-.VMS]UCX_SHR_DECC_LOG.OPT/OPT" +$ TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC_LOG.OPT/OPT" $ ELSE $ IF COMPILER .NES. "DECC" .AND. ARCH .EQS. "VAX" THEN - - TCPIP_LIB = "[-.VMS]UCX_SHR_VAXC.OPT/OPT" + TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_VAXC.OPT/OPT" $ ENDIF $! $! Done with UCX @@ -1026,6 +1031,7 @@ $! $! Save directory information $! $ __HERE = F$PARSE(F$PARSE("A.;",F$ENVIRONMENT("PROCEDURE"))-"A.;","[]A.;") - "A.;" +$ __HERE = F$EDIT(__HERE,"UPCASE") $ __TOP = __HERE - "TEST]" $ __INCLUDE = __TOP + "INCLUDE.OPENSSL]" $! diff --git a/src/lib/libssl/test/tcrl.com b/src/lib/libssl/test/tcrl.com index cef21467bb..2e6ab2814d 100644 --- a/src/lib/libssl/test/tcrl.com +++ b/src/lib/libssl/test/tcrl.com @@ -10,6 +10,9 @@ $ t := testcrl.pem $ if p1 .nes. "" then t = p1 $ $ write sys$output "testing CRL conversions" +$ if f$search("fff.*") .nes "" then delete fff.*;* +$ if f$search("ff.*") .nes "" then delete ff.*;* +$ if f$search("f.*") .nes "" then delete f.*;* $ copy 't' fff.p $ $ write sys$output "p -> d" @@ -52,27 +55,27 @@ $ write sys$output "p -> p" $ 'cmd' -in f.p -inform p -outform p -out ff.p3 $ if $severity .ne. 1 then exit 3 $ -$ difference/output=nl: fff.p f.p +$ backup/compare fff.p f.p $ if $severity .ne. 1 then exit 3 -$ difference/output=nl: fff.p ff.p1 +$ backup/compare fff.p ff.p1 $ if $severity .ne. 1 then exit 3 -$! difference/output=nl: fff.p ff.p2 +$! backup/compare fff.p ff.p2 $! if $severity .ne. 1 then exit 3 -$ difference/output=nl: fff.p ff.p3 +$ backup/compare fff.p ff.p3 $ if $severity .ne. 1 then exit 3 $ -$! difference/output=nl: f.t ff.t1 +$! backup/compare f.t ff.t1 $! if $severity .ne. 1 then exit 3 -$! difference/output=nl: f.t ff.t2 +$! backup/compare f.t ff.t2 $! if $severity .ne. 1 then exit 3 -$! difference/output=nl: f.t ff.t3 +$! backup/compare f.t ff.t3 $! if $severity .ne. 1 then exit 3 $ -$ difference/output=nl: f.p ff.p1 +$ backup/compare f.p ff.p1 $ if $severity .ne. 1 then exit 3 -$! difference/output=nl: f.p ff.p2 +$! backup/compare f.p ff.p2 $! if $severity .ne. 1 then exit 3 -$ difference/output=nl: f.p ff.p3 +$ backup/compare f.p ff.p3 $ if $severity .ne. 1 then exit 3 $ $ delete f.*;*,ff.*;*,fff.*;* diff --git a/src/lib/libssl/test/testca.com b/src/lib/libssl/test/testca.com index ea75479cd5..c670f2bf5f 100644 --- a/src/lib/libssl/test/testca.com +++ b/src/lib/libssl/test/testca.com @@ -40,7 +40,9 @@ $ $ set noon $ call deltree [.demoCA]*.* $ set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) demoCA.dir;* -$ delete demoCA.dir;*,newcert.pem;*,newreq.pem;* +$ delete demoCA.dir;* +$ if f$search("newcert.pem") .nes. "" then delete newcert.pem;* +$ if f$search("newcert.pem") .nes. "" then delete newreq.pem;* $ set on $! #usage: CA -newcert|-newreq|-newca|-sign|-verify $ diff --git a/src/lib/libssl/test/testenc.com b/src/lib/libssl/test/testenc.com index 0756e8bada..3b66f2e0d0 100644 --- a/src/lib/libssl/test/testenc.com +++ b/src/lib/libssl/test/testenc.com @@ -8,19 +8,23 @@ $ testsrc := makefile.ssl $ test := p.txt $ cmd := mcr 'exe_dir'openssl $ +$ if f$search(test) .nes. "" then delete 'test';* $ copy 'testsrc' 'test' $ +$ if f$search(test+"-cipher") .nes. "" then delete 'test'-cipher;* +$ if f$search(test+"-clear") .nes. "" then delete 'test'-clear;* +$ $ write sys$output "cat" $ 'cmd' enc -in 'test' -out 'test'-cipher $ 'cmd' enc -in 'test'-cipher -out 'test'-clear -$ difference/output=nl: 'test' 'test'-clear +$ backup/compare 'test' 'test'-clear $ if $severity .ne. 1 then exit 3 $ delete 'test'-cipher;*,'test'-clear;* $ $ write sys$output "base64" $ 'cmd' enc -a -e -in 'test' -out 'test'-cipher $ 'cmd' enc -a -d -in 'test'-cipher -out 'test'-clear -$ difference/output=nl: 'test' 'test'-clear +$ backup/compare 'test' 'test'-clear $ if $severity .ne. 1 then exit 3 $ delete 'test'-cipher;*,'test'-clear;* $ @@ -30,16 +34,22 @@ $ open/read f 'test'-cipher-commands $ loop_cipher_commands: $ read/end=loop_cipher_commands_end f i $ write sys$output i +$ +$ if f$search(test+"-"+i+"-cipher") .nes. "" then - + delete 'test'-'i'-cipher;* +$ if f$search(test+"-"+i+"-clear") .nes. "" then - + delete 'test'-'i'-clear;* +$ $ 'cmd' 'i' -bufsize 113 -e -k test -in 'test' -out 'test'-'i'-cipher $ 'cmd' 'i' -bufsize 157 -d -k test -in 'test'-'i'-cipher -out 'test'-'i'-clear -$ difference/output=nl: 'test' 'test'-'i'-clear +$ backup/compare 'test' 'test'-'i'-clear $ if $severity .ne. 1 then exit 3 $ delete 'test'-'i'-cipher;*,'test'-'i'-clear;* $ $ write sys$output i," base64" $ 'cmd' 'i' -bufsize 113 -a -e -k test -in 'test' -out 'test'-'i'-cipher $ 'cmd' 'i' -bufsize 157 -a -d -k test -in 'test'-'i'-cipher -out 'test'-'i'-clear -$ difference/output=nl: 'test' 'test'-'i'-clear +$ backup/compare 'test' 'test'-'i'-clear $ if $severity .ne. 1 then exit 3 $ delete 'test'-'i'-cipher;*,'test'-'i'-clear;* $ diff --git a/src/lib/libssl/test/testgen.com b/src/lib/libssl/test/testgen.com index ec302f524a..5d28ebec72 100644 --- a/src/lib/libssl/test/testgen.com +++ b/src/lib/libssl/test/testgen.com @@ -16,18 +16,35 @@ $ set on $ $ write sys$output "generating certificate request" $ -$ write sys$output "There should be a 2 sequences of .'s and some +'s." -$ write sys$output "There should not be more that at most 80 per line" +$ append/new nl: .rnd +$ open/append random_file .rnd +$ write random_file "string to make the random number generator think it has entropy" +$ close random_file +$ +$ set noon +$ define/user sys$output nla0: +$ mcr 'exe_dir'openssl no-rsa +$ save_severity=$SEVERITY +$ set on +$ if save_severity +$ then +$ req_new="-newkey dsa:[-.apps]dsa512.pem" +$ else +$ req_new="-new" +$ write sys$output "There should be a 2 sequences of .'s and some +'s." +$ write sys$output "There should not be more that at most 80 per line" +$ endif +$ $ write sys$output "This could take some time." $ -$ mcr 'exe_dir'openssl req -config test.cnf -new -out testreq.pem +$ mcr 'exe_dir'openssl req -config test.cnf 'req_new' -out testreq.pem $ if $severity .ne. 1 $ then $ write sys$output "problems creating request" $ exit 3 $ endif $ -$ mcr 'exe_dir'openssl req -verify -in testreq.pem -noout +$ mcr 'exe_dir'openssl req -config test.cnf -verify -in testreq.pem -noout $ if $severity .ne. 1 $ then $ write sys$output "signature on req is wrong" diff --git a/src/lib/libssl/test/tests.com b/src/lib/libssl/test/tests.com index 147b8aa838..07a3c7f16d 100644 --- a/src/lib/libssl/test/tests.com +++ b/src/lib/libssl/test/tests.com @@ -19,15 +19,17 @@ $ then $ tests = p1 $ else $ tests := - - test_des,test_idea,test_sha,test_md5,test_hmac,test_md2,test_mdc2,- - test_rc2,test_rc4,test_rc5,test_bf,test_cast,- - test_rand,test_bn,test_enc,test_x509,test_rsa,test_crl,test_sid,- - test_reqgen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,- - test_ss,test_ssl,test_ca + test_des,test_idea,test_sha,test_md4,test_md5,test_hmac,- + test_md2,test_mdc2,- + test_rmd,test_rc2,test_rc4,test_rc5,test_bf,test_cast,test_rd,- + test_rand,test_bn,test_ec,test_enc,test_x509,test_rsa,test_crl,test_sid,- + test_gen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,- + test_ss,test_ca,test_engine,test_ssl,test_evp $ endif $ tests = f$edit(tests,"COLLAPSE") $ $ BNTEST := bntest +$ ECTEST := ectest $ EXPTEST := exptest $ IDEATEST := ideatest $ SHATEST := shatest @@ -35,6 +37,7 @@ $ SHA1TEST := sha1test $ MDC2TEST := mdc2test $ RMDTEST := rmdtest $ MD2TEST := md2test +$ MD4TEST := md4test $ MD5TEST := md5test $ HMACTEST := hmactest $ RC2TEST := rc2test @@ -48,61 +51,70 @@ $ DHTEST := dhtest $ DSATEST := dsatest $ METHTEST := methtest $ SSLTEST := ssltest -$ RSATEST := rsa_oaep_test +$ RSATEST := rsa_test +$ ENGINETEST := enginetest +$ EVPTEST := evp_test $ $ tests_i = 0 $ loop_tests: $ tests_e = f$element(tests_i,",",tests) $ tests_i = tests_i + 1 $ if tests_e .eqs. "," then goto exit -$ goto 'tests_e' +$ gosub 'tests_e' +$ goto loop_tests $ +$ test_evp: +$ mcr 'texe_dir''evptest' evptests.txt +$ return $ test_des: $ mcr 'texe_dir''destest' -$ goto loop_tests +$ return $ test_idea: $ mcr 'texe_dir''ideatest' -$ goto loop_tests +$ return $ test_sha: $ mcr 'texe_dir''shatest' $ mcr 'texe_dir''sha1test' -$ goto loop_tests +$ return $ test_mdc2: $ mcr 'texe_dir''mdc2test' -$ goto loop_tests +$ return $ test_md5: $ mcr 'texe_dir''md5test' -$ goto loop_tests +$ return +$ test_md4: +$ mcr 'texe_dir''md4test' +$ return $ test_hmac: $ mcr 'texe_dir''hmactest' -$ goto loop_tests +$ return $ test_md2: $ mcr 'texe_dir''md2test' -$ goto loop_tests +$ return $ test_rmd: $ mcr 'texe_dir''rmdtest' -$ goto loop_tests +$ return $ test_bf: $ mcr 'texe_dir''bftest' -$ goto loop_tests +$ return $ test_cast: $ mcr 'texe_dir''casttest' -$ goto loop_tests +$ return $ test_rc2: $ mcr 'texe_dir''rc2test' -$ goto loop_tests +$ return $ test_rc4: $ mcr 'texe_dir''rc4test' -$ goto loop_tests +$ return $ test_rc5: $ mcr 'texe_dir''rc5test' -$ goto loop_tests +$ return $ test_rand: $ mcr 'texe_dir''randtest' -$ goto loop_tests +$ return $ test_enc: $ @testenc.com -$ goto loop_tests +$ return $ test_x509: $ define sys$error nla0: $ write sys$output "test normal x509v1 certificate" @@ -112,35 +124,35 @@ $ @tx509.com v3-cert1.pem $ write sys$output "test second x509v3 certificate" $ @tx509.com v3-cert2.pem $ deassign sys$error -$ goto loop_tests +$ return $ test_rsa: $ define sys$error nla0: $ @trsa.com $ deassign sys$error $ mcr 'texe_dir''rsatest' -$ goto loop_tests +$ return $ test_crl: $ define sys$error nla0: $ @tcrl.com $ deassign sys$error -$ goto loop_tests +$ return $ test_sid: $ define sys$error nla0: $ @tsid.com $ deassign sys$error -$ goto loop_tests +$ return $ test_req: $ define sys$error nla0: $ @treq.com $ @treq.com testreq2.pem $ deassign sys$error -$ goto loop_tests +$ return $ test_pkcs7: $ define sys$error nla0: $ @tpkcs7.com $ @tpkcs7d.com $ deassign sys$error -$ goto loop_tests +$ return $ test_bn: $ write sys$output "starting big number library test, could take a while..." $ create bntest-vms.fdl @@ -151,9 +163,7 @@ RECORD $ create/fdl=bntest-vms.fdl bntest-vms.sh $ open/append foo bntest-vms.sh $ type/output=foo: sys$input: -<< __FOO__ bc | awk '{ \ -if ($$0 != "0") {print "error"; exit(1); } \ -if (((NR+1)%64) == 0) print NR+1," tests done"; }' +<< __FOO__ sh -c "`sh ./bctest`" | perl -e '$i=0; while () {if (/^test (.*)/) {print STDERR "\nverify $1";} elsif (!/^0$/) {die "\nFailed! bc: $_";} else {print STDERR "."; $i++;}} print STDERR "\n$i tests passed\n"' $ define/user sys$output bntest-vms.tmp $ mcr 'texe_dir''bntest' $ copy bntest-vms.tmp foo: @@ -161,41 +171,74 @@ $ delete bntest-vms.tmp;* $ type/output=foo: sys$input: __FOO__ $ close foo -$ write sys$output "-- copy the [.test]bntest-vms.sh file to a Unix system and run it" -$ write sys$output "-- through sh or bash to verify that the bignum operations went well." +$ write sys$output "-- copy the [.test]bntest-vms.sh and [.test]bctest files to a Unix system and" +$ write sys$output "-- run bntest-vms.sh through sh or bash to verify that the bignum operations" +$ write sys$output "-- went well." $ write sys$output "" $ write sys$output "test a^b%c implementations" $ mcr 'texe_dir''exptest' -$ goto loop_tests +$ return +$ test_ec: +$ write sys$output "test elliptic curves" +$ mcr 'texe_dir''ectest' +$ return $ test_verify: $ write sys$output "The following command should have some OK's and some failures" $ write sys$output "There are definitly a few expired certificates" $ @tverify.com -$ goto loop_tests +$ return $ test_dh: -$ write sys$output "Generate as set of DH parameters" +$ write sys$output "Generate a set of DH parameters" $ mcr 'texe_dir''dhtest' -$ goto loop_tests +$ return $ test_dsa: -$ write sys$output "Generate as set of DSA parameters" +$ write sys$output "Generate a set of DSA parameters" $ mcr 'texe_dir''dsatest' -$ goto loop_tests -$ test_reqgen: +$ return +$ test_gen: $ write sys$output "Generate and verify a certificate request" $ @testgen.com -$ goto loop_tests +$ return +$ maybe_test_ss: +$ testss_RDT = f$cvtime(f$file_attributes("testss.com","RDT")) +$ if f$cvtime(f$file_attributes("keyU.ss","RDT")) .les. testss_RDT then - + goto test_ss +$ if f$cvtime(f$file_attributes("certU.ss","RDT")) .les. testss_RDT then - + goto test_ss +$ if f$cvtime(f$file_attributes("certCA.ss","RDT")) .les. testss_RDT then - + goto test_ss +$ return $ test_ss: $ write sys$output "Generate and certify a test certificate" $ @testss.com -$ goto loop_tests +$ return +$ test_engine: +$ write sys$output "Manipulate the ENGINE structures" +$ mcr 'texe_dir''enginetest' +$ return $ test_ssl: $ write sys$output "test SSL protocol" -$ @testssl.com -$ goto loop_tests +$ gosub maybe_test_ss +$ @testssl.com keyU.ss certU.ss certCA.ss +$ return $ test_ca: -$ write sys$output "Generate and certify a test certificate via the 'ca' program" -$ @testca.com -$ goto loop_tests +$ set noon +$ define/user sys$output nla0: +$ mcr 'exe_dir'openssl no-rsa +$ save_severity=$SEVERITY +$ set on +$ if save_severity +$ then +$ write sys$output "skipping CA.com test -- requires RSA" +$ else +$ write sys$output "Generate and certify a test certificate via the 'ca' program" +$ @testca.com +$ endif +$ return +$ test_rd: +$ write sys$output "test Rijndael" +$ !mcr 'texe_dir''rdtest' +$ return $ $ $ exit: diff --git a/src/lib/libssl/test/testss.com b/src/lib/libssl/test/testss.com index ce2c4b43f6..685ae5043d 100644 --- a/src/lib/libssl/test/testss.com +++ b/src/lib/libssl/test/testss.com @@ -4,7 +4,7 @@ $ __arch := VAX $ if f$getsyi("cpu") .ge. 128 then __arch := AXP $ exe_dir := sys$disk:[-.'__arch'.exe.apps] $ -$ digest="-mdc2" +$ digest="-md5" $ reqcmd := mcr 'exe_dir'openssl req $ x509cmd := mcr 'exe_dir'openssl x509 'digest' $ verifycmd := mcr 'exe_dir'openssl verify @@ -23,7 +23,20 @@ $ Ucert="""certU.ss""" $ $ write sys$output "" $ write sys$output "make a certificate request using 'req'" -$ 'reqcmd' -config 'CAconf' -out 'CAreq' -keyout 'CAkey' -new ! -out err.ss +$ +$ set noon +$ define/user sys$output nla0: +$ mcr 'exe_dir'openssl no-rsa +$ save_severity=$SEVERITY +$ set on +$ if save_severity +$ then +$ req_new="-newkey dsa:[-.apps]dsa512.pem" +$ else +$ req_new="-new" +$ endif +$ +$ 'reqcmd' -config 'CAconf' -out 'CAreq' -keyout 'CAkey' 'req_new' ! -out err.ss $ if $severity .ne. 1 $ then $ write sys$output "error using 'req' to generate a certificate request" @@ -73,7 +86,7 @@ $ $ write sys$output "" $ write sys$output "make another certificate request using 'req'" $ define /user sys$output err.ss -$ 'reqcmd' -config 'Uconf' -out 'Ureq' -keyout 'Ukey' -new +$ 'reqcmd' -config 'Uconf' -out 'Ureq' -keyout 'Ukey' 'req_new' $ if $severity .ne. 1 $ then $ write sys$output "error using 'req' to generate a certificate request" diff --git a/src/lib/libssl/test/testssl.com b/src/lib/libssl/test/testssl.com index 93a9aef802..785f262f5a 100644 --- a/src/lib/libssl/test/testssl.com +++ b/src/lib/libssl/test/testssl.com @@ -2,110 +2,189 @@ $! TESTSSL.COM $ $ __arch := VAX $ if f$getsyi("cpu") .ge. 128 then __arch := AXP -$ exe_dir := sys$disk:[-.'__arch'.exe.test] -$ -$ copy/concatenate [-.certs]*.pem certs.tmp +$ texe_dir := sys$disk:[-.'__arch'.exe.test] +$ exe_dir := sys$disk:[-.'__arch'.exe.apps] +$ +$ if p1 .eqs. "" +$ then +$ key="[-.apps]server.pem" +$ else +$ key=p1 +$ endif +$ if p2 .eqs. "" +$ then +$ cert="[-.apps]server.pem" +$ else +$ cert=p2 +$ endif +$ ssltest := mcr 'texe_dir'ssltest -key 'key' -cert 'cert' -c_key 'key' -c_cert 'cert' +$ +$ define/user sys$output testssl-x509-output. +$ define/user sys$error nla0: +$ mcr 'exe_dir'openssl x509 -in 'cert' -text -noout +$ set noon +$ define/user sys$error nla0: +$ search/output=nla0: testssl-x509-output. "DSA Public Key"/exact +$ if $severity .eq. 1 +$ then +$ dsa_cert := YES +$ else +$ dsa_cert := NO +$ endif +$ set on +$ delete testssl-x509-output.;* +$ +$ if p3 .eqs. "" +$ then +$ copy/concatenate [-.certs]*.pem certs.tmp +$ CA = """-CAfile"" certs.tmp" +$ else +$ CA = """-CAfile"" "+p3 +$ endif +$ +$!########################################################################### $ $ write sys$output "test sslv2" -$ mcr 'exe_dir'ssltest -ssl2 +$ 'ssltest' -ssl2 $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2 with server authentication" -$ mcr 'exe_dir'ssltest -ssl2 -server_auth "-CAfile" certs.tmp +$ 'ssltest' -ssl2 -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ -$ write sys$output "test sslv2 with client authentication" -$ mcr 'exe_dir'ssltest -ssl2 -client_auth "-CAfile" certs.tmp -$ if $severity .ne. 1 then goto exit3 +$ if .not. dsa_cert +$ then +$ write sys$output "test sslv2 with client authentication" +$ 'ssltest' -ssl2 -client_auth 'CA' +$ if $severity .ne. 1 then goto exit3 $ -$ write sys$output "test sslv2 with both client and server authentication" -$ mcr 'exe_dir'ssltest -ssl2 -server_auth -client_auth "-CAfile" certs.tmp -$ if $severity .ne. 1 then goto exit3 +$ write sys$output "test sslv2 with both client and server authentication" +$ 'ssltest' -ssl2 -server_auth -client_auth 'CA' +$ if $severity .ne. 1 then goto exit3 +$ endif $ $ write sys$output "test sslv3" -$ mcr 'exe_dir'ssltest -ssl3 +$ 'ssltest' -ssl3 $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv3 with server authentication" -$ mcr 'exe_dir'ssltest -ssl3 -server_auth "-CAfile" certs.tmp +$ 'ssltest' -ssl3 -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv3 with client authentication" -$ mcr 'exe_dir'ssltest -ssl3 -client_auth "-CAfile" certs.tmp +$ 'ssltest' -ssl3 -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv3 with both client and server authentication" -$ mcr 'exe_dir'ssltest -ssl3 -server_auth -client_auth "-CAfile" certs.tmp +$ 'ssltest' -ssl3 -server_auth -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3" -$ mcr 'exe_dir'ssltest +$ 'ssltest' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with server authentication" -$ mcr 'exe_dir'ssltest -server_auth "-CAfile" certs.tmp +$ 'ssltest' -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with client authentication" -$ mcr 'exe_dir'ssltest -client_auth "-CAfile" certs.tmp +$ 'ssltest' -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with both client and server authentication" -$ mcr 'exe_dir'ssltest -server_auth -client_auth "-CAfile" certs.tmp +$ 'ssltest' -server_auth -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2 via BIO pair" -$ mcr 'exe_dir'ssltest -bio_pair -ssl2 +$ 'ssltest' -bio_pair -ssl2 $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2 with server authentication via BIO pair" -$ mcr 'exe_dir'ssltest -bio_pair -ssl2 -server_auth "-CAfile" certs.tmp +$ 'ssltest' -bio_pair -ssl2 -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ -$ write sys$output "test sslv2 with client authentication via BIO pair" -$ mcr 'exe_dir'ssltest -bio_pair -ssl2 -client_auth "-CAfile" certs.tmp -$ if $severity .ne. 1 then goto exit3 +$ if .not. dsa_cert +$ then +$ write sys$output "test sslv2 with client authentication via BIO pair" +$ 'ssltest' -bio_pair -ssl2 -client_auth 'CA' +$ if $severity .ne. 1 then goto exit3 $ -$ write sys$output "test sslv2 with both client and server authentication via BIO pair" -$ mcr 'exe_dir'ssltest -bio_pair -ssl2 -server_auth -client_auth "-CAfile" certs.tmp -$ if $severity .ne. 1 then goto exit3 +$ write sys$output "test sslv2 with both client and server authentication via BIO pair" +$ 'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA' +$ if $severity .ne. 1 then goto exit3 +$ endif $ $ write sys$output "test sslv3 via BIO pair" -$ mcr 'exe_dir'ssltest -bio_pair -ssl3 +$ 'ssltest' -bio_pair -ssl3 $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv3 with server authentication via BIO pair" -$ mcr 'exe_dir'ssltest -bio_pair -ssl3 -server_auth "-CAfile" certs.tmp +$ 'ssltest' -bio_pair -ssl3 -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv3 with client authentication via BIO pair" -$ mcr 'exe_dir'ssltest -bio_pair -ssl3 -client_auth "-CAfile" certs.tmp +$ 'ssltest' -bio_pair -ssl3 -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ write sys$output "test sslv3 with both client and server authentication via BIO pair" -$ mcr 'exe_dir'ssltest -bio_pair -ssl3 -server_auth -client_auth "-CAfile" certs.tmp +$ 'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 via BIO pair" -$ mcr 'exe_dir'ssltest +$ 'ssltest' +$ if $severity .ne. 1 then goto exit3 +$ +$ if .not. dsa_cert +$ then +$ write sys$output "test sslv2/sslv3 w/o DHE via BIO pair" +$ 'ssltest' -bio_pair -no_dhe +$ if $severity .ne. 1 then goto exit3 +$ endif +$ +$ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair" +$ 'ssltest' -bio_pair -dhe1024dsa -v $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with server authentication" -$ mcr 'exe_dir'ssltest -bio_pair -server_auth "-CAfile" certs.tmp +$ 'ssltest' -bio_pair -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with client authentication via BIO pair" -$ mcr 'exe_dir'ssltest -bio_pair -client_auth "-CAfile" certs.tmp +$ 'ssltest' -bio_pair -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair" -$ mcr 'exe_dir'ssltest -bio_pair -server_auth -client_auth "-CAfile" certs.tmp +$ 'ssltest' -bio_pair -server_auth -client_auth 'CA' +$ if $severity .ne. 1 then goto exit3 +$ +$!########################################################################### +$ +$ write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes" +$ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time $ if $severity .ne. 1 then goto exit3 $ +$ set noon +$ define/user sys$output nla0: +$ mcr 'exe_dir'openssl no-rsa +$ save_severity=$SEVERITY +$ set on +$ if save_severity +$ then +$ write sys$output "skipping RSA tests" +$ else +$ write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes" +$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time +$ if $severity .ne. 1 then goto exit3 +$ +$ write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes" +$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time +$ if $severity .ne. 1 then goto exit3 +$ endif +$ $ RET = 1 $ goto exit $ exit3: $ RET = 3 $ exit: -$ delete certs.tmp;* +$ if p3 .eqs. "" then delete certs.tmp;* $ exit 'RET' diff --git a/src/lib/libssl/test/tpkcs7.com b/src/lib/libssl/test/tpkcs7.com index 5ed920ac34..9e345937c6 100644 --- a/src/lib/libssl/test/tpkcs7.com +++ b/src/lib/libssl/test/tpkcs7.com @@ -10,6 +10,9 @@ $ t := testp7.pem $ if p1 .nes. "" then t = p1 $ $ write sys$output "testing PKCS7 conversions" +$ if f$search("fff.*") .nes "" then delete fff.*;* +$ if f$search("ff.*") .nes "" then delete ff.*;* +$ if f$search("f.*") .nes "" then delete f.*;* $ copy 't' fff.p $ $ write sys$output "p -> d" @@ -34,16 +37,16 @@ $ write sys$output "p -> p" $ 'cmd' -in f.p -inform p -outform p -out ff.p3 $ if $severity .ne. 1 then exit 3 $ -$ difference/output=nl: fff.p f.p +$ backup/compare fff.p f.p $ if $severity .ne. 1 then exit 3 -$ difference/output=nl: fff.p ff.p1 +$ backup/compare fff.p ff.p1 $ if $severity .ne. 1 then exit 3 -$ difference/output=nl: fff.p ff.p3 +$ backup/compare fff.p ff.p3 $ if $severity .ne. 1 then exit 3 $ -$ difference/output=nl: f.p ff.p1 +$ backup/compare f.p ff.p1 $ if $severity .ne. 1 then exit 3 -$ difference/output=nl: f.p ff.p3 +$ backup/compare f.p ff.p3 $ if $severity .ne. 1 then exit 3 $ $ delete f.*;*,ff.*;*,fff.*;* diff --git a/src/lib/libssl/test/tpkcs7d.com b/src/lib/libssl/test/tpkcs7d.com index 08d33eaa69..7d4f8794a4 100644 --- a/src/lib/libssl/test/tpkcs7d.com +++ b/src/lib/libssl/test/tpkcs7d.com @@ -10,6 +10,9 @@ $ t := pkcs7-1.pem $ if p1 .nes. "" then t = p1 $ $ write sys$output "testing PKCS7 conversions (2)" +$ if f$search("fff.*") .nes "" then delete fff.*;* +$ if f$search("ff.*") .nes "" then delete ff.*;* +$ if f$search("f.*") .nes "" then delete f.*;* $ copy 't' fff.p $ $ write sys$output "p -> d" @@ -34,9 +37,9 @@ $ write sys$output "p -> p" $ 'cmd' -in f.p -inform p -outform p -out ff.p3 $ if $severity .ne. 1 then exit 3 $ -$ difference/output=nl: f.p ff.p1 +$ backup/compare f.p ff.p1 $ if $severity .ne. 1 then exit 3 -$ difference/output=nl: f.p ff.p3 +$ backup/compare f.p ff.p3 $ if $severity .ne. 1 then exit 3 $ $ delete f.*;*,ff.*;*,fff.*;* diff --git a/src/lib/libssl/test/treq.com b/src/lib/libssl/test/treq.com index 9eb1d26f6e..22c22c3aa9 100644 --- a/src/lib/libssl/test/treq.com +++ b/src/lib/libssl/test/treq.com @@ -10,6 +10,9 @@ $ t := testreq.pem $ if p1 .nes. "" then t = p1 $ $ write sys$output "testing req conversions" +$ if f$search("fff.*") .nes "" then delete fff.*;* +$ if f$search("ff.*") .nes "" then delete ff.*;* +$ if f$search("f.*") .nes "" then delete f.*;* $ copy 't' fff.p $ $ write sys$output "p -> d" @@ -52,27 +55,27 @@ $ write sys$output "p -> p" $ 'cmd' -in f.p -inform p -outform p -out ff.p3 $ if $severity .ne. 1 then exit 3 $ -$ difference/output=nl: fff.p f.p +$ backup/compare fff.p f.p $ if $severity .ne. 1 then exit 3 -$ difference/output=nl: fff.p ff.p1 +$ backup/compare fff.p ff.p1 $ if $severity .ne. 1 then exit 3 -$! difference/output=nl: fff.p ff.p2 +$! backup/compare fff.p ff.p2 $! if $severity .ne. 1 then exit 3 -$ difference/output=nl: fff.p ff.p3 +$ backup/compare fff.p ff.p3 $ if $severity .ne. 1 then exit 3 $ -$! difference/output=nl: f.t ff.t1 +$! backup/compare f.t ff.t1 $! if $severity .ne. 1 then exit 3 -$! difference/output=nl: f.t ff.t2 +$! backup/compare f.t ff.t2 $! if $severity .ne. 1 then exit 3 -$! difference/output=nl: f.t ff.t3 +$! backup/compare f.t ff.t3 $! if $severity .ne. 1 then exit 3 $ -$ difference/output=nl: f.p ff.p1 +$ backup/compare f.p ff.p1 $ if $severity .ne. 1 then exit 3 -$! difference/output=nl: f.p ff.p2 +$! backup/compare f.p ff.p2 $! if $severity .ne. 1 then exit 3 -$ difference/output=nl: f.p ff.p3 +$ backup/compare f.p ff.p3 $ if $severity .ne. 1 then exit 3 $ $ delete f.*;*,ff.*;*,fff.*;* diff --git a/src/lib/libssl/test/trsa.com b/src/lib/libssl/test/trsa.com index 9c9083d02b..6b6c318e2b 100644 --- a/src/lib/libssl/test/trsa.com +++ b/src/lib/libssl/test/trsa.com @@ -4,12 +4,26 @@ $ __arch := VAX $ if f$getsyi("cpu") .ge. 128 then __arch := AXP $ exe_dir := sys$disk:[-.'__arch'.exe.apps] $ +$ set noon +$ define/user sys$output nla0: +$ mcr 'exe_dir'openssl no-rsa +$ save_severity=$SEVERITY +$ set on +$ if save_severity +$ then +$ write sys$output "skipping RSA conversion test" +$ exit +$ endif +$ $ cmd := mcr 'exe_dir'openssl rsa $ $ t := testrsa.pem $ if p1 .nes. "" then t = p1 $ $ write sys$output "testing RSA conversions" +$ if f$search("fff.*") .nes "" then delete fff.*;* +$ if f$search("ff.*") .nes "" then delete ff.*;* +$ if f$search("f.*") .nes "" then delete f.*;* $ copy 't' fff.p $ $ write sys$output "p -> d" @@ -52,27 +66,27 @@ $ write sys$output "p -> p" $ 'cmd' -in f.p -inform p -outform p -out ff.p3 $ if $severity .ne. 1 then exit 3 $ -$ difference/output=nl: fff.p f.p +$ backup/compare fff.p f.p $ if $severity .ne. 1 then exit 3 -$ difference/output=nl: fff.p ff.p1 +$ backup/compare fff.p ff.p1 $ if $severity .ne. 1 then exit 3 -$! difference/output=nl: fff.p ff.p2 +$! backup/compare fff.p ff.p2 $! if $severity .ne. 1 then exit 3 -$ difference/output=nl: fff.p ff.p3 +$ backup/compare fff.p ff.p3 $ if $severity .ne. 1 then exit 3 $ -$! difference/output=nl: f.t ff.t1 +$! backup/compare f.t ff.t1 $! if $severity .ne. 1 then exit 3 -$! difference/output=nl: f.t ff.t2 +$! backup/compare f.t ff.t2 $! if $severity .ne. 1 then exit 3 -$! difference/output=nl: f.t ff.t3 +$! backup/compare f.t ff.t3 $! if $severity .ne. 1 then exit 3 $ -$ difference/output=nl: f.p ff.p1 +$ backup/compare f.p ff.p1 $ if $severity .ne. 1 then exit 3 -$! difference/output=nl: f.p ff.p2 +$! backup/compare f.p ff.p2 $! if $severity .ne. 1 then exit 3 -$ difference/output=nl: f.p ff.p3 +$ backup/compare f.p ff.p3 $ if $severity .ne. 1 then exit 3 $ $ delete f.*;*,ff.*;*,fff.*;* diff --git a/src/lib/libssl/test/tsid.com b/src/lib/libssl/test/tsid.com index 28d83e5c4e..bde23f9bb9 100644 --- a/src/lib/libssl/test/tsid.com +++ b/src/lib/libssl/test/tsid.com @@ -10,6 +10,9 @@ $ t := testsid.pem $ if p1 .nes. "" then t = p1 $ $ write sys$output "testing session-id conversions" +$ if f$search("fff.*") .nes "" then delete fff.*;* +$ if f$search("ff.*") .nes "" then delete ff.*;* +$ if f$search("f.*") .nes "" then delete f.*;* $ copy 't' fff.p $ $ write sys$output "p -> d" @@ -52,27 +55,27 @@ $ write sys$output "p -> p" $ 'cmd' -in f.p -inform p -outform p -out ff.p3 $ if $severity .ne. 1 then exit 3 $ -$ difference/output=nl: fff.p f.p +$ backup/compare fff.p f.p $ if $severity .ne. 1 then exit 3 -$ difference/output=nl: fff.p ff.p1 +$ backup/compare fff.p ff.p1 $ if $severity .ne. 1 then exit 3 -$! difference/output=nl: fff.p ff.p2 +$! backup/compare fff.p ff.p2 $! if $severity .ne. 1 then exit 3 -$ difference/output=nl: fff.p ff.p3 +$ backup/compare fff.p ff.p3 $ if $severity .ne. 1 then exit 3 $ -$! difference/output=nl: f.t ff.t1 +$! backup/compare f.t ff.t1 $! if $severity .ne. 1 then exit 3 -$! difference/output=nl: f.t ff.t2 +$! backup/compare f.t ff.t2 $! if $severity .ne. 1 then exit 3 -$! difference/output=nl: f.t ff.t3 +$! backup/compare f.t ff.t3 $! if $severity .ne. 1 then exit 3 $ -$ difference/output=nl: f.p ff.p1 +$ backup/compare f.p ff.p1 $ if $severity .ne. 1 then exit 3 -$! difference/output=nl: f.p ff.p2 +$! backup/compare f.p ff.p2 $! if $severity .ne. 1 then exit 3 -$ difference/output=nl: f.p ff.p3 +$ backup/compare f.p ff.p3 $ if $severity .ne. 1 then exit 3 $ $ delete f.*;*,ff.*;*,fff.*;* diff --git a/src/lib/libssl/test/tx509.com b/src/lib/libssl/test/tx509.com index bbcf0a384b..985969c566 100644 --- a/src/lib/libssl/test/tx509.com +++ b/src/lib/libssl/test/tx509.com @@ -10,6 +10,9 @@ $ t := testx509.pem $ if p1 .nes. "" then t = p1 $ $ write sys$output "testing X509 conversions" +$ if f$search("fff.*") .nes "" then delete fff.*;* +$ if f$search("ff.*") .nes "" then delete ff.*;* +$ if f$search("f.*") .nes "" then delete f.*;* $ copy 't' fff.p $ $ write sys$output "p -> d" @@ -52,27 +55,27 @@ $ write sys$output "p -> p" $ 'cmd' -in f.p -inform p -outform p -out ff.p3 $ if $severity .ne. 1 then exit 3 $ -$ difference/output=nl: fff.p f.p +$ backup/compare fff.p f.p $ if $severity .ne. 1 then exit 3 -$ difference/output=nl: fff.p ff.p1 +$ backup/compare fff.p ff.p1 $ if $severity .ne. 1 then exit 3 -$ difference/output=nl: fff.p ff.p2 +$ backup/compare fff.p ff.p2 $ if $severity .ne. 1 then exit 3 -$ difference/output=nl: fff.p ff.p3 +$ backup/compare fff.p ff.p3 $ if $severity .ne. 1 then exit 3 $ -$ difference/output=nl: f.n ff.n1 +$ backup/compare f.n ff.n1 $ if $severity .ne. 1 then exit 3 -$ difference/output=nl: f.n ff.n2 +$ backup/compare f.n ff.n2 $ if $severity .ne. 1 then exit 3 -$ difference/output=nl: f.n ff.n3 +$ backup/compare f.n ff.n3 $ if $severity .ne. 1 then exit 3 $ -$ difference/output=nl: f.p ff.p1 +$ backup/compare f.p ff.p1 $ if $severity .ne. 1 then exit 3 -$ difference/output=nl: f.p ff.p2 +$ backup/compare f.p ff.p2 $ if $severity .ne. 1 then exit 3 -$ difference/output=nl: f.p ff.p3 +$ backup/compare f.p ff.p3 $ if $severity .ne. 1 then exit 3 $ $ delete f.*;*,ff.*;*,fff.*;* -- cgit v1.2.3-55-g6feb