test_rmd,test_rc2,test_rc4,test_rc5,test_bf,test_cast,-
test_rand,test_bn,test_enc,test_x509,test_rsa,test_crl,test_sid,-
test_gen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,-
- test_ss,test_ssl,test_ca
+ test_ss,test_ca,test_ssl
$ endif
$ tests = f$edit(tests,"COLLAPSE")
$
$ tests_e = f$element(tests_i,",",tests)
$ tests_i = tests_i + 1
$ if tests_e .eqs. "," then goto exit
-$ goto 'tests_e'
+$ gosub 'tests_e'
+$ goto loop_tests
$
$ test_des:
$ mcr 'texe_dir''destest'
-$ goto loop_tests
+$ return
$ test_idea:
$ mcr 'texe_dir''ideatest'
-$ goto loop_tests
+$ return
$ test_sha:
$ mcr 'texe_dir''shatest'
$ mcr 'texe_dir''sha1test'
-$ goto loop_tests
+$ return
$ test_mdc2:
$ mcr 'texe_dir''mdc2test'
-$ goto loop_tests
+$ return
$ test_md5:
$ mcr 'texe_dir''md5test'
-$ goto loop_tests
+$ return
$ test_hmac:
$ mcr 'texe_dir''hmactest'
-$ goto loop_tests
+$ return
$ test_md2:
$ mcr 'texe_dir''md2test'
-$ goto loop_tests
+$ return
$ test_rmd:
$ mcr 'texe_dir''rmdtest'
-$ goto loop_tests
+$ return
$ test_bf:
$ mcr 'texe_dir''bftest'
-$ goto loop_tests
+$ return
$ test_cast:
$ mcr 'texe_dir''casttest'
-$ goto loop_tests
+$ return
$ test_rc2:
$ mcr 'texe_dir''rc2test'
-$ goto loop_tests
+$ return
$ test_rc4:
$ mcr 'texe_dir''rc4test'
-$ goto loop_tests
+$ return
$ test_rc5:
$ mcr 'texe_dir''rc5test'
-$ goto loop_tests
+$ return
$ test_rand:
$ mcr 'texe_dir''randtest'
-$ goto loop_tests
+$ return
$ test_enc:
$ @testenc.com
-$ goto loop_tests
+$ return
$ test_x509:
$ define sys$error nla0:
$ write sys$output "test normal x509v1 certificate"
$ write sys$output "test second x509v3 certificate"
$ @tx509.com v3-cert2.pem
$ deassign sys$error
-$ goto loop_tests
+$ return
$ test_rsa:
$ define sys$error nla0:
$ @trsa.com
$ deassign sys$error
$ mcr 'texe_dir''rsatest'
-$ goto loop_tests
+$ return
$ test_crl:
$ define sys$error nla0:
$ @tcrl.com
$ deassign sys$error
-$ goto loop_tests
+$ return
$ test_sid:
$ define sys$error nla0:
$ @tsid.com
$ deassign sys$error
-$ goto loop_tests
+$ return
$ test_req:
$ define sys$error nla0:
$ @treq.com
$ @treq.com testreq2.pem
$ deassign sys$error
-$ goto loop_tests
+$ return
$ test_pkcs7:
$ define sys$error nla0:
$ @tpkcs7.com
$ @tpkcs7d.com
$ deassign sys$error
-$ goto loop_tests
+$ return
$ test_bn:
$ write sys$output "starting big number library test, could take a while..."
$ create bntest-vms.fdl
$ write sys$output ""
$ write sys$output "test a^b%c implementations"
$ mcr 'texe_dir''exptest'
-$ goto loop_tests
+$ return
$ test_verify:
$ write sys$output "The following command should have some OK's and some failures"
$ write sys$output "There are definitly a few expired certificates"
$ @tverify.com
-$ goto loop_tests
+$ return
$ test_dh:
$ write sys$output "Generate a set of DH parameters"
$ mcr 'texe_dir''dhtest'
-$ goto loop_tests
+$ return
$ test_dsa:
$ write sys$output "Generate a set of DSA parameters"
$ mcr 'texe_dir''dsatest'
-$ goto loop_tests
+$ return
$ test_gen:
$ write sys$output "Generate and verify a certificate request"
$ @testgen.com
-$ goto loop_tests
+$ return
+$ maybe_test_ss:
+$ testss_RDT = f$cvtime(f$file_attributes("testss.com","RDT"))
+$ if f$cvtime(f$file_attributes("keyU.ss","RDT")) .les. testss_RDT then -
+ goto test_ss
+$ if f$cvtime(f$file_attributes("certU.ss","RDT")) .les. testss_RDT then -
+ goto test_ss
+$ if f$cvtime(f$file_attributes("certCA.ss","RDT")) .les. testss_RDT then -
+ goto test_ss
+$ return
$ test_ss:
$ write sys$output "Generate and certify a test certificate"
$ @testss.com
-$ goto loop_tests
+$ return
$ test_ssl:
$ write sys$output "test SSL protocol"
-$ @testssl.com
-$ goto loop_tests
+$ gosub maybe_test_ss
+$ @testssl.com keyU.ss certU.ss certCA.ss
+$ return
$ test_ca:
-$ write sys$output "Generate and certify a test certificate via the 'ca' program"
-$ @testca.com
-$ goto loop_tests
+$ set noon
+$ define/user sys$output nla0:
+$ mcr 'exe_dir'openssl no-rsa
+$ save_severity=$SEVERITY
+$ set on
+$ if save_severity
+$ then
+$ write sys$output "skipping CA.com test -- requires RSA"
+$ else
+$ write sys$output "Generate and certify a test certificate via the 'ca' program"
+$ @testca.com
+$ endif
+$ return
$
$
$ exit:
$
$ __arch := VAX
$ if f$getsyi("cpu") .ge. 128 then __arch := AXP
-$ exe_dir := sys$disk:[-.'__arch'.exe.test]
-$
-$ copy/concatenate [-.certs]*.pem certs.tmp
+$ texe_dir := sys$disk:[-.'__arch'.exe.test]
+$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$
+$ if p1 .eqs. ""
+$ then
+$ key="[-.apps]server.pem"
+$ else
+$ key=p1
+$ endif
+$ if p2 .eqs. ""
+$ then
+$ cert="[-.apps]server.pem"
+$ else
+$ cert=p2
+$ endif
+$ ssltest := mcr 'texe_dir'ssltest -key 'key' -cert 'cert' -c_key 'key' -c_cert 'cert'
+$
+$ define/user sys$output test-ssltest-output.
+$ define/user sys$error nla0:
+$ mcr 'exe_dir'openssl x509 -in 'cert' -text -noout
+$ set noon
+$ define/user sys$error nla0:
+$ search/output=nla0: testssl-ssltest-output. "DSA Public Key"/exact
+$ if $severity .eq. 1
+$ then
+$ dsa_cert := YES
+$ else
+$ dsa_cert := NO
+$ endif
+$ set on
+$ delete testssl-ssltest-output.;*
+$
+$ if p3 .eqs. ""
+$ then
+$ copy/concatenate [-.certs]*.pem certs.tmp
+$ CA = """-CAfile"" certs.tmp"
+$ else
+$ CA = """-CAfile"" "+p3
+$ endif
+$
+$!###########################################################################
$
$ write sys$output "test sslv2"
-$ mcr 'exe_dir'ssltest -ssl2
+$ 'ssltest' -ssl2
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2 with server authentication"
-$ mcr 'exe_dir'ssltest -ssl2 -server_auth "-CAfile" certs.tmp
+$ 'ssltest' -ssl2 -server_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
-$ write sys$output "test sslv2 with client authentication"
-$ mcr 'exe_dir'ssltest -ssl2 -client_auth "-CAfile" certs.tmp
-$ if $severity .ne. 1 then goto exit3
+$ if .not. dsa_cert
+$ then
+$ write sys$output "test sslv2 with client authentication"
+$ 'ssltest' -ssl2 -client_auth 'CA'
+$ if $severity .ne. 1 then goto exit3
$
-$ write sys$output "test sslv2 with both client and server authentication"
-$ mcr 'exe_dir'ssltest -ssl2 -server_auth -client_auth "-CAfile" certs.tmp
-$ if $severity .ne. 1 then goto exit3
+$ write sys$output "test sslv2 with both client and server authentication"
+$ 'ssltest' -ssl2 -server_auth -client_auth 'CA'
+$ if $severity .ne. 1 then goto exit3
+$ endif
$
$ write sys$output "test sslv3"
-$ mcr 'exe_dir'ssltest -ssl3
+$ 'ssltest' -ssl3
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv3 with server authentication"
-$ mcr 'exe_dir'ssltest -ssl3 -server_auth "-CAfile" certs.tmp
+$ 'ssltest' -ssl3 -server_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv3 with client authentication"
-$ mcr 'exe_dir'ssltest -ssl3 -client_auth "-CAfile" certs.tmp
+$ 'ssltest' -ssl3 -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv3 with both client and server authentication"
-$ mcr 'exe_dir'ssltest -ssl3 -server_auth -client_auth "-CAfile" certs.tmp
+$ 'ssltest' -ssl3 -server_auth -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3"
-$ mcr 'exe_dir'ssltest
+$ 'ssltest'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 with server authentication"
-$ mcr 'exe_dir'ssltest -server_auth "-CAfile" certs.tmp
+$ 'ssltest' -server_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 with client authentication"
-$ mcr 'exe_dir'ssltest -client_auth "-CAfile" certs.tmp
+$ 'ssltest' -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 with both client and server authentication"
-$ mcr 'exe_dir'ssltest -server_auth -client_auth "-CAfile" certs.tmp
+$ 'ssltest' -server_auth -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2 via BIO pair"
-$ mcr 'exe_dir'ssltest -bio_pair -ssl2
-$ if $severity .ne. 1 then goto exit3
-$
-$ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair"
-$ mcr 'exe_dir'ssltest -bio_pair -dhe1024 -v
+$ 'ssltest' -bio_pair -ssl2
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2 with server authentication via BIO pair"
-$ mcr 'exe_dir'ssltest -bio_pair -ssl2 -server_auth "-CAfile" certs.tmp
+$ 'ssltest' -bio_pair -ssl2 -server_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
-$ write sys$output "test sslv2 with client authentication via BIO pair"
-$ mcr 'exe_dir'ssltest -bio_pair -ssl2 -client_auth "-CAfile" certs.tmp
-$ if $severity .ne. 1 then goto exit3
+$ if .not. dsa_cert
+$ then
+$ write sys$output "test sslv2 with client authentication via BIO pair"
+$ 'ssltest' -bio_pair -ssl2 -client_auth 'CA'
+$ if $severity .ne. 1 then goto exit3
$
-$ write sys$output "test sslv2 with both client and server authentication via BIO pair"
-$ mcr 'exe_dir'ssltest -bio_pair -ssl2 -server_auth -client_auth "-CAfile" certs.tmp
-$ if $severity .ne. 1 then goto exit3
+$ write sys$output "test sslv2 with both client and server authentication via BIO pair"
+$ 'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA'
+$ if $severity .ne. 1 then goto exit3
+$ endif
$
$ write sys$output "test sslv3 via BIO pair"
-$ mcr 'exe_dir'ssltest -bio_pair -ssl3
+$ 'ssltest' -bio_pair -ssl3
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv3 with server authentication via BIO pair"
-$ mcr 'exe_dir'ssltest -bio_pair -ssl3 -server_auth "-CAfile" certs.tmp
+$ 'ssltest' -bio_pair -ssl3 -server_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv3 with client authentication via BIO pair"
-$ mcr 'exe_dir'ssltest -bio_pair -ssl3 -client_auth "-CAfile" certs.tmp
+$ 'ssltest' -bio_pair -ssl3 -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$ write sys$output "test sslv3 with both client and server authentication via BIO pair"
-$ mcr 'exe_dir'ssltest -bio_pair -ssl3 -server_auth -client_auth "-CAfile" certs.tmp
+$ 'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 via BIO pair"
-$ mcr 'exe_dir'ssltest
+$ 'ssltest'
$ if $severity .ne. 1 then goto exit3
$
-$ write sys$output "test sslv2/sslv3 w/o DHE via BIO pair"
-$ mcr 'exe_dir'ssltest -bio_pair -no_dhe
+$ if .not. dsa_cert
+$ then
+$ write sys$output "test sslv2/sslv3 w/o DHE via BIO pair"
+$ 'ssltest' -bio_pair -no_dhe
+$ if $severity .ne. 1 then goto exit3
+$ endif
+$
+$ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair"
+$ 'ssltest' -bio_pair -dhe1024dsa -v
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 with server authentication"
-$ mcr 'exe_dir'ssltest -bio_pair -server_auth "-CAfile" certs.tmp
+$ 'ssltest' -bio_pair -server_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 with client authentication via BIO pair"
-$ mcr 'exe_dir'ssltest -bio_pair -client_auth "-CAfile" certs.tmp
+$ 'ssltest' -bio_pair -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair"
-$ mcr 'exe_dir'ssltest -bio_pair -server_auth -client_auth "-CAfile" certs.tmp
+$ 'ssltest' -bio_pair -server_auth -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
+$!###########################################################################
+$
+$ write sys$output "test tls1 with 1024bti anonymous SH, multiple handshakes"
+$ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time
+$ if $severity .ne. 1 then goto exit3
+$
+$ set noon
+$ define/user sys$output nla0:
+$ mcr 'exe_dir'openssl no-rsa
+$ save_severity=$SEVERITY
+$ set on
+$ if save_severity
+$ then
+$ write sys$output "skipping RSA tests"
+$ else
+$ write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes"
+$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time
+$ if $severity .ne. 1 then goto exit3
+$
+$ write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes"
+$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time
+$ if $severity .ne. 1 then goto exit3
+$ endif
+$
$ RET = 1
$ goto exit
$ exit3:
projects / oweals / openssl.git / commitdiff