From 6ab364149d8b76b5d2341a2e708e727cad060416 Mon Sep 17 00:00:00 2001 From: Rich Salz Date: Sat, 27 Feb 2016 12:32:42 -0500 Subject: [PATCH] Remove some old files. I read the PROBLEMS, and they're outdated; nothing I'd put in the online FAQ, for example. Test-builds work without using these files. Had to remove the rehash.time stuff from Makefile.in Reviewed-by: Richard Levitte --- Configurations/descrip.mms.tmpl | 12 +- Configurations/unix-Makefile.tmpl | 20 +- GitConfigure | 10 - GitMake | 7 - Makefile.in | 17 +- PROBLEMS | 213 ---------- certs/README.RootCerts | 4 - certs/demo/ca-cert.pem | 32 -- certs/demo/dsa-ca.pem | 47 --- certs/demo/dsa-pca.pem | 47 --- certs/demo/pca-cert.pem | 32 -- certs/expired/ICE.crl | 9 - openssl.doxy | 7 - test/Attic/VMSca-response.1 | 1 - test/Attic/VMSca-response.2 | 2 - test/Attic/bctest | 111 ------ test/Attic/bctest.com | 152 -------- test/Attic/bntest.com | 76 ---- test/Attic/cms-test.pl | 629 ------------------------------ test/Attic/tcrl | 37 -- test/Attic/tcrl.com | 88 ----- test/Attic/testca | 31 -- test/Attic/testca.com | 52 --- test/Attic/testenc | 36 -- test/Attic/testenc.com | 66 ---- test/Attic/testgen | 36 -- test/Attic/testgen.com | 58 --- test/Attic/testss | 143 ------- test/Attic/testss.com | 123 ------ test/Attic/testssl | 266 ------------- test/Attic/testssl.com | 170 -------- test/Attic/testsslproxy | 10 - test/Attic/testtsa | 147 ------- test/Attic/testtsa.com | 255 ------------ test/Attic/tkey | 73 ---- test/Attic/tocsp | 147 ------- test/Attic/tocsp.com | 165 -------- test/Attic/tpkcs7 | 36 -- test/Attic/tpkcs7.com | 59 --- test/Attic/tpkcs7d | 33 -- test/Attic/tpkcs7d.com | 52 --- test/Attic/treq | 41 -- test/Attic/treq.com | 88 ----- test/Attic/trsa.com | 99 ----- test/Attic/tsid | 36 -- test/Attic/tsid.com | 88 ----- test/Attic/tverify.com | 65 --- test/Attic/tx509 | 37 -- test/Attic/tx509.com | 88 ----- 49 files changed, 5 insertions(+), 4048 deletions(-) delete mode 100755 GitConfigure delete mode 100755 GitMake delete mode 100644 PROBLEMS delete mode 100644 certs/README.RootCerts delete mode 100644 certs/demo/ca-cert.pem delete mode 100644 certs/demo/dsa-ca.pem delete mode 100644 certs/demo/dsa-pca.pem delete mode 100644 certs/demo/pca-cert.pem delete mode 100644 certs/expired/ICE.crl delete mode 100644 openssl.doxy delete mode 100644 test/Attic/VMSca-response.1 delete mode 100644 test/Attic/VMSca-response.2 delete mode 100755 test/Attic/bctest delete mode 100644 test/Attic/bctest.com delete mode 100644 test/Attic/bntest.com delete mode 100644 test/Attic/cms-test.pl delete mode 100644 test/Attic/tcrl delete mode 100644 test/Attic/tcrl.com delete mode 100644 test/Attic/testca delete mode 100644 test/Attic/testca.com delete mode 100644 test/Attic/testenc delete mode 100644 test/Attic/testenc.com delete mode 100644 test/Attic/testgen delete mode 100644 test/Attic/testgen.com delete mode 100644 test/Attic/testss delete mode 100644 test/Attic/testss.com delete mode 100644 test/Attic/testssl delete mode 100644 test/Attic/testssl.com delete mode 100644 test/Attic/testsslproxy delete mode 100644 test/Attic/testtsa delete mode 100644 test/Attic/testtsa.com delete mode 100644 test/Attic/tkey delete mode 100644 test/Attic/tocsp delete mode 100644 test/Attic/tocsp.com delete mode 100644 test/Attic/tpkcs7 delete mode 100644 test/Attic/tpkcs7.com delete mode 100644 test/Attic/tpkcs7d delete mode 100644 test/Attic/tpkcs7d.com delete mode 100644 test/Attic/treq delete mode 100644 test/Attic/treq.com delete mode 100644 test/Attic/trsa.com delete mode 100644 test/Attic/tsid delete mode 100644 test/Attic/tsid.com delete mode 100644 test/Attic/tverify.com delete mode 100644 test/Attic/tx509 delete mode 100644 test/Attic/tx509.com diff --git a/Configurations/descrip.mms.tmpl b/Configurations/descrip.mms.tmpl index 5b52a091b4..eb60b4ad81 100644 --- a/Configurations/descrip.mms.tmpl +++ b/Configurations/descrip.mms.tmpl @@ -217,7 +217,7 @@ build_tests_nodep : $(TESTPROGS) test tests : configdata.pm, - build_apps_nodep, build_engines_nodep, build_tests_nodep, - - depend, rehash + depend SET DEFAULT [.test]{- move("test") -} DEFINE SRCTOP {- sourcedir() -} DEFINE BLDTOP {- builddir() -} @@ -384,16 +384,6 @@ check_INSTALLTOP : # Helper targets ##################################################### -rehash : copy-certs, build_apps_nodep - !MCR [.apps]openssl.exe rehash {- builddir("certs", "demo") -} - $(PERL) [.tools]c_rehash. [.certs.demo] - -copy-certs : - @ IF F$SEARCH("{- buildfile("certs.dir") -}") .EQS. "" THEN - - CREATE/DIR {- builddir("certs") -} - -@ IF "{- sourcedir("certs") -}" .NES. "{- builddir("certs") -}" THEN - - COPY {- tree(sourcedir("certs")) -}*.* {- tree(builddir("certs")) -} - # Developer targets ################################################## debug_logicals : diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl index 0e91fb0f27..b9fc5f87e7 100644 --- a/Configurations/unix-Makefile.tmpl +++ b/Configurations/unix-Makefile.tmpl @@ -211,7 +211,7 @@ build_apps_nodep: $(PROGRAMS) $(SCRIPTS) build_tests: configdata.pm build_tests_nodep depend build_tests_nodep: $(TESTPROGS) -test tests: build_tests_nodep build_apps_nodep build_engines_nodep depend rehash +test tests: build_tests_nodep build_apps_nodep build_engines_nodep depend ( cd test; \ SRCTOP=../$(SRCDIR) \ BLDTOP=../$(BLDDIR) \ @@ -242,7 +242,7 @@ clean: libclean rm -f $(PROGRAMS) $(TESTPROGS) rm -f `find $(BLDDIR) -name '*{- $depext -}'` rm -f `find $(BLDDIR) -name '*{- $objext -}'` - rm -f $(BLDDIR)/core $(BLDDIR)/rehash.time + rm -f $(BLDDIR)/core rm -f $(BLDDIR)/tags $(BLDDIR)/TAGS rm -f $(BLDDIR)/openssl.pc $(BLDDIR)/libcrypto.pc $(BLDDIR)/libssl.pc -rm -f `find $(BLDDIR) -type l` @@ -693,17 +693,6 @@ dist: # Helper targets ##################################################### -rehash: link-utils copy-certs build_apps_nodep - @if [ -z "$(CROSS_COMPILE)" ]; then \ - (OPENSSL="$(BLDDIR)/util/shlib_wrap.sh apps/openssl"; \ - [ -x "$(BLDDIR)/openssl.exe" ] && OPENSSL="$(BLDDIR)/openssl.exe" || :; \ - OPENSSL_DEBUG_MEMORY=on; OPENSSL_CONF=/dev/null ; \ - export OPENSSL OPENSSL_DEBUG_MEMORY OPENSSL_CONF; \ - $$OPENSSL rehash certs/demo \ - || $(PERL) tools/c_rehash certs/demo) && \ - touch rehash.time; \ - else :; fi - link-utils: $(BLDDIR)/util/opensslwrap.sh $(BLDDIR)/util/shlib_wrap.sh $(BLDDIR)/util/opensslwrap.sh: configdata.pm @@ -717,11 +706,6 @@ $(BLDDIR)/util/shlib_wrap.sh: configdata.pm ln -sf "../$(SRCDIR)/util/shlib_wrap.sh" "$(BLDDIR)/util"; \ fi -copy-certs: FORCE - @if [ "$(SRCDIR)" != "$(BLDDIR)" ]; then \ - cp -R "$(SRCDIR)/certs" "$(BLDDIR)/"; \ - fi - $(SRCDIR)/apps/openssl-vms.cnf: $(SRCDIR)/apps/openssl.cnf $(PERL) $(SRCDIR)/VMS/VMSify-conf.pl \ < $(SRCDIR)/apps/openssl.cnf > $(SRCDIR)/apps/openssl-vms.cnf diff --git a/GitConfigure b/GitConfigure deleted file mode 100755 index 3451553245..0000000000 --- a/GitConfigure +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/sh - -BRANCH=`git rev-parse --abbrev-ref HEAD` - -./Configure $@ -make files -util/mk1mf.pl OUT=out.$BRANCH TMP=tmp.$BRANCH INC=inc.$BRANCH copy > makefile.$BRANCH -MAKE=make -which bsdmake > /dev/null && MAKE=bsdmake -$MAKE -f makefile.$BRANCH init diff --git a/GitMake b/GitMake deleted file mode 100755 index db300045bb..0000000000 --- a/GitMake +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -BRANCH=`git rev-parse --abbrev-ref HEAD` - -MAKE=make -which bsdmake > /dev/null && MAKE=bsdmake -$MAKE -f makefile.$BRANCH $@ diff --git a/Makefile.in b/Makefile.in index 4e7aa7121d..611130974a 100644 --- a/Makefile.in +++ b/Makefile.in @@ -451,7 +451,7 @@ libclean: rm -f *.map *.so *.so.* *.dylib *.dll engines/*.so engines/*.dll engines/*.dylib *.a engines/*.a */lib */*/lib clean: libclean - rm -f */*/*.o */*.o *.o core a.out fluff rehash.time testlog make.log cctest cctest.c + rm -f */*/*.o */*.o *.o core a.out fluff testlog make.log cctest cctest.c rm -rf *.bak certs/.0 @set -e; target=clean; $(RECURSIVE_BUILD_CMD) rm -f $(LIBS) tags TAGS @@ -471,22 +471,9 @@ gentests: @(cd test && echo "generating dummy tests (if needed)..." && \ $(CLEARENV) && $(MAKE) -e $(BUILDENV) TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on generate ); -rehash: rehash.time -rehash.time: certs build_apps build_tools - @if [ -z "$(CROSS_COMPILE)" ]; then \ - (OPENSSL="`pwd`/util/opensslwrap.sh"; \ - [ -x "apps/openssl.exe" ] && OPENSSL="apps/openssl.exe" || :; \ - OPENSSL_DEBUG_MEMORY=on; OPENSSL_CONF=/dev/null ; \ - export OPENSSL OPENSSL_DEBUG_MEMORY OPENSSL_CONF; \ - $$OPENSSL rehash certs/demo \ - || $(PERL) tools/c_rehash certs/demo) && \ - touch rehash.time; \ - else :; fi - test: files tests - -tests: build_tests rehash +tests: build_tests @(cd test && echo "testing..." && \ $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf tests ); @if [ -z "$(CROSS_COMPILE)" ]; then \ diff --git a/PROBLEMS b/PROBLEMS deleted file mode 100644 index 6ff48dc9e9..0000000000 --- a/PROBLEMS +++ /dev/null @@ -1,213 +0,0 @@ -* System libcrypto.dylib and libssl.dylib are used by system ld on MacOS X. - - - NOTE: The problem described here only applies when OpenSSL isn't built - with shared library support (i.e. without the "shared" configuration - option). If you build with shared library support, you will have no - problems as long as you set up DYLD_LIBRARY_PATH properly at all times. - - -This is really a misfeature in ld, which seems to look for .dylib libraries -along the whole library path before it bothers looking for .a libraries. This -means that -L switches won't matter unless OpenSSL is built with shared -library support. - -The workaround may be to change the following lines in apps/Makefile and -test/Makefile: - - LIBCRYPTO=-L.. -lcrypto - LIBSSL=-L.. -lssl - -to: - - LIBCRYPTO=../libcrypto.a - LIBSSL=../libssl.a - -It's possible that something similar is needed for shared library support -as well. That hasn't been well tested yet. - - -Another solution that many seem to recommend is to move the libraries -/usr/lib/libcrypto.0.9.dylib, /usr/lib/libssl.0.9.dylib to a different -directory, build and install OpenSSL and anything that depends on your -build, then move libcrypto.0.9.dylib and libssl.0.9.dylib back to their -original places. Note that the version numbers on those two libraries -may differ on your machine. - - -As long as Apple doesn't fix the problem with ld, this problem building -OpenSSL will remain as is. Well, the problem was addressed in 0.9.8f by -passing -Wl,-search_paths_first, but it's unknown if the flag was -supported from the initial MacOS X release. - - -* Parallell make leads to errors - -While running tests, running a parallell make is a bad idea. Many test -scripts use the same name for output and input files, which means different -will interfere with each other and lead to test failure. - -The solution is simple for now: don't run parallel make when testing. - - -* Bugs in gcc triggered - -- According to a problem report, there are bugs in gcc 3.0 that are - triggered by some of the code in OpenSSL, more specifically in - PEM_get_EVP_CIPHER_INFO(). The triggering code is the following: - - header+=11; - if (*header != '4') return(0); header++; - if (*header != ',') return(0); header++; - - What happens is that gcc might optimize a little too agressively, and - you end up with an extra incrementation when *header != '4'. - - We recommend that you upgrade gcc to as high a 3.x version as you can. - -- According to multiple problem reports, some of our message digest - implementations trigger bug[s] in code optimizer in gcc 3.3 for sparc64 - and gcc 2.96 for ppc. Former fails to complete RIPEMD160 test, while - latter - SHA one. - - The recomendation is to upgrade your compiler. This naturally applies to - other similar cases. - -- There is a subtle Solaris x86-specific gcc run-time environment bug, which - "falls between" OpenSSL [0.9.8 and later], Solaris ld and GCC. The bug - manifests itself as Segmentation Fault upon early application start-up. - The problem can be worked around by patching the environment according to - http://www.openssl.org/~appro/values.c. - -* solaris64-sparcv9-cc SHA-1 performance with WorkShop 6 compiler. - -As subject suggests SHA-1 might perform poorly (4 times slower) -if compiled with WorkShop 6 compiler and -xarch=v9. The cause for -this seems to be the fact that compiler emits multiplication to -perform shift operations:-( To work the problem around configure -with './Configure solaris64-sparcv9-cc -DMD32_REG_T=int'. - -* Problems with hp-parisc2-cc target when used with "no-asm" flag - -When using the hp-parisc2-cc target, wrong bignum code is generated. -This is due to the SIXTY_FOUR_BIT build being compiled with the +O3 -aggressive optimization. -The problem manifests itself by the BN_kronecker test hanging in an -endless loop. Reason: the BN_kronecker test calls BN_generate_prime() -which itself hangs. The reason could be tracked down to the bn_mul_comba8() -function in bn_asm.c. At some occasions the higher 32bit value of r[7] -is off by 1 (meaning: calculated=shouldbe+1). Further analysis failed, -as no debugger support possible at +O3 and additional fprintf()'s -introduced fixed the bug, therefore it is most likely a bug in the -optimizer. -The bug was found in the BN_kronecker test but may also lead to -failures in other parts of the code. -(See Ticket #426.) - -Workaround: modify the target to +O2 when building with no-asm. - -* Problems building shared libraries on SCO OpenServer Release 5.0.6 - with gcc 2.95.3 - -The symptoms appear when running the test suite, more specifically -test/ectest, with the following result: - -OSSL_LIBPATH="`cd ..; pwd`"; LD_LIBRARY_PATH="$OSSL_LIBPATH:$LD_LIBRARY_PATH"; DYLD_LIBRARY_PATH="$OSSL_LIBPATH:$DYLD_LIBRARY_PATH"; SHLIB_PATH="$OSSL_LIBPATH:$SHLIB_PATH"; LIBPATH="$OSSL_LIBPATH:$LIBPATH"; if [ "debug-sco5-gcc" = "Cygwin" ]; then PATH="${LIBPATH}:$PATH"; fi; export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; ./ectest -ectest.c:186: ABORT - -The cause of the problem seems to be that isxdigit(), called from -BN_hex2bn(), returns 0 on a perfectly legitimate hex digit. Further -investigation shows that any of the isxxx() macros return 0 on any -input. A direct look in the information array that the isxxx() use, -called __ctype, shows that it contains all zeroes... - -Taking a look at the newly created libcrypto.so with nm, one can see -that the variable __ctype is defined in libcrypto's .bss (which -explains why it is filled with zeroes): - -$ nm -Pg libcrypto.so | grep __ctype -__ctype B 0011659c -__ctype2 U - -Curiously, __ctype2 is undefined, in spite of being declared in -/usr/include/ctype.h in exactly the same way as __ctype. - -Any information helping to solve this issue would be deeply -appreciated. - -NOTE: building non-shared doesn't come with this problem. - -* ULTRIX build fails with shell errors, such as "bad substitution" - and "test: argument expected" - -The problem is caused by ULTRIX /bin/sh supporting only original -Bourne shell syntax/semantics, and the trouble is that the vast -majority is so accustomed to more modern syntax, that very few -people [if any] would recognize the ancient syntax even as valid. -This inevitably results in non-trivial scripts breaking on ULTRIX, -and OpenSSL isn't an exclusion. Fortunately there is workaround, -hire /bin/ksh to do the job /bin/sh fails to do. - -1. Trick make(1) to use /bin/ksh by setting up following environ- - ment variables *prior* you execute ./Configure and make: - - PROG_ENV=POSIX - MAKESHELL=/bin/ksh - export PROG_ENV MAKESHELL - - or if your shell is csh-compatible: - - setenv PROG_ENV POSIX - setenv MAKESHELL /bin/ksh - -2. Trick /bin/sh to use alternative expression evaluator. Create - following 'test' script for example in /tmp: - - #!/bin/ksh - ${0##*/} "$@" - - Then 'chmod a+x /tmp/test; ln /tmp/test /tmp/[' and *prepend* - your $PATH with chosen location, e.g. PATH=/tmp:$PATH. Alter- - natively just replace system /bin/test and /bin/[ with the - above script. - -* hpux64-ia64-cc fails blowfish test. - -Compiler bug, presumably at particular patch level. It should be noted -that same compiler generates correct 32-bit code, a.k.a. hpux-ia64-cc -target. Drop optimization level to +O2 when compiling 64-bit bf_skey.o. - -* no-engines generates errors. - -Unfortunately, the 'no-engines' configuration option currently doesn't -work properly. Use 'no-hw' and you'll will at least get no hardware -support. We'll see how we fix that on OpenSSL versions past 0.9.8. - -* 'make test' fails in BN_sqr [commonly with "error 139" denoting SIGSEGV] - if elder GNU binutils were deployed to link shared libcrypto.so. - -As subject suggests the failure is caused by a bug in elder binutils, -either as or ld, and was observed on FreeBSD and Linux. There are two -options. First is naturally to upgrade binutils, the second one - to -reconfigure with additional no-sse2 [or 386] option passed to ./config. - -* If configured with ./config no-dso, toolkit still gets linked with -ldl, - which most notably poses a problem when linking with dietlibc. - -We don't have framework to associate -ldl with no-dso, therefore the only -way is to edit Makefile right after ./config no-dso and remove -ldl from -EX_LIBS line. - -* hpux-parisc2-cc no-asm build fails with SEGV in ECDSA/DH. - -Compiler bug, presumably at particular patch level. Remaining -hpux*-parisc*-cc configurations can be affected too. Drop optimization -level to +O2 when compiling bn_nist.o. - -* solaris64-sparcv9-cc link failure - -Solaris 8 ar can fail to maintain symbol table in .a, which results in -link failures. Apply 109147-09 or later or modify Makefile generated -by ./Configure solaris64-sparcv9-cc and replace RANLIB assignment with - - RANLIB= /usr/ccs/bin/ar rs diff --git a/certs/README.RootCerts b/certs/README.RootCerts deleted file mode 100644 index c760b61033..0000000000 --- a/certs/README.RootCerts +++ /dev/null @@ -1,4 +0,0 @@ -The OpenSSL project does not (any longer) include root CA certificates. - -Please check out the FAQ: - * How can I set up a bundle of commercial root CA certificates? diff --git a/certs/demo/ca-cert.pem b/certs/demo/ca-cert.pem deleted file mode 100644 index d209f94b88..0000000000 --- a/certs/demo/ca-cert.pem +++ /dev/null @@ -1,32 +0,0 @@ -issuer= C = AU, ST = Queensland, O = CryptSoft Pty Ltd, CN = Test PCA (1024 bit) -subject= C = AU, ST = Queensland, O = CryptSoft Pty Ltd, CN = Test CA (1024 bit) ------BEGIN CERTIFICATE----- -MIICMDCCAZkCCQC7xcpM4/Y5pTANBgkqhkiG9w0BAQsFADBcMQswCQYDVQQGEwJB -VTETMBEGA1UECAwKUXVlZW5zbGFuZDEaMBgGA1UECgwRQ3J5cHRTb2Z0IFB0eSBM -dGQxHDAaBgNVBAMME1Rlc3QgUENBICgxMDI0IGJpdCkwIBcNMTYwMTEzMjE1MTA0 -WhgPMjExNjAxMTQyMTUxMDRaMFsxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVl -bnNsYW5kMRowGAYDVQQKDBFDcnlwdFNvZnQgUHR5IEx0ZDEbMBkGA1UEAwwSVGVz -dCBDQSAoMTAyNCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+LUDc -isuFNs1+pSGbzkQdXnZsDMCIEgeHIKBRAqxuaYsc2MSmrmZAMChvf/i+AwfKl0Y3 -11nL2n3DlA5WKUUTspCe8BpIqpqm2cq8WPA1o5OWWUF4kroWDgCQfhcn29dSWVev -grwUF/9YPr4Sa9/RpqeqAHrKGK4/dHnKMwpZpwIDAQABMA0GCSqGSIb3DQEBCwUA -A4GBAHzNks+UQzxQG9gvct4nGFaR86YW28mW9oUpVevokvEaGqEGtb9uMbzJf5ER -HJ0GPtjIRIPuHPcACPN2gvh8kipGb4Hj2bJMIgWwoj7adViiJot4slHOINIXrQAq -+fFYyHYHLTcUpJEe9BZNmEJ5I8U1tWlVdubfQwPb8/ZRqkYg ------END CERTIFICATE----- ------BEGIN PRIVATE KEY----- -MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAL4tQNyKy4U2zX6l -IZvORB1edmwMwIgSB4cgoFECrG5pixzYxKauZkAwKG9/+L4DB8qXRjfXWcvafcOU -DlYpRROykJ7wGkiqmqbZyrxY8DWjk5ZZQXiSuhYOAJB+Fyfb11JZV6+CvBQX/1g+ -vhJr39Gmp6oAesoYrj90ecozClmnAgMBAAECgYA3j6sSg+5f9hnldUMzbPjTh8Sb -XsJlPrc6UFrmMBzGiUleXSpe9Dbla+x0XvQCN4pwMvAN4nnWp/f0Su5BV/9Y93nb -im5ijGNrfN9i6QrnqGCr+MMute+4E8HR2pCScX0mBLDDf40SmDvMzCaxtd21keyr -9DqHgInQZNEi6NKlkQJBAPCbUTFg6iQ6VTCQ8CsEf5q2xHhuTK23fJ999lvWVxN7 -QsvWb9RP9Ng34HVtvB7Pl6P7FyHLQYiDJhhvYR0L0+kCQQDKV/09Kt6Wjf5Omp1I -wd3A+tFnipdqnPw+qNHGjevv0hYiEIWQOYbx00zXgaX+WN/pzV9eeNN2XAxlNJ++ -dxcPAkBrzeuPKFFAcjKBVC+H1rgl5gYZv7Hzk+buv02G0H6rZ+sB0c7BXiHiTwbv -Fn/XfkP/YR14Ms3mEH0dLaphjU8hAkEAh3Ar/rRiN04mCcEuRFQXtaNtZSv8PA2G -Pf7MI2Y9pdHupLCAZlBLRjTUO2/5hu1AO4QPMPIZQSFN3rRBtMCL+wJAMp/m2hvI -TmtbMp/IrKGfma09e3yFiCmoNn7cHLJ7jLvXcacV2XNzpr9YHfBxiZo0g9FqZKvv -PZoQ5B2XJ7bhTQ== ------END PRIVATE KEY----- diff --git a/certs/demo/dsa-ca.pem b/certs/demo/dsa-ca.pem deleted file mode 100644 index 00087a4d50..0000000000 --- a/certs/demo/dsa-ca.pem +++ /dev/null @@ -1,47 +0,0 @@ ------BEGIN DSA PRIVATE KEY----- -MIIBugIBAAKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQ -PnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtel -u+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcH -Me36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLso -hkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbu -SXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7Y -Mu0OArgCgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuHvSLw9YUrJahcBHmbpvt4 -94lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUqAylOVFJJJXuirVJ+o+0T -tOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u3enxhqnDGQIUB78dhW77 -J6zsFbSEHaQGUmfSeoM= ------END DSA PRIVATE KEY----- ------BEGIN CERTIFICATE REQUEST----- -MIICVzCCAhMCAQAwUjELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx -ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDELMAkGA1UEAwwCQ0Ew -ggG2MIIBKwYHKoZIzjgEATCCAR4CgYEApz9uhb9Bail98J9HGTCQmgkd2mozHsU9 -hpazFeBTLo/gWYJzkD51MZlHelL7heTZpns4m2iKhJuHxh61foZLU1tZz3FlGYhu -zmaua4g2++wo3MLXpbvlLDkmS9qacBiVN5UQViP2Fe26BF7eOU/9t0MftaRlb82A -EeRwlVtQzUkCFQD3BzHt+mwGA9WFihysnGXnUGZlbwKBgE3fTAOmkYr1GW9QRiWZ -5WhvMONp4eWzXZi7KIZI/N6ZBD9fiAyccyQNIF25Kpo/GJYn5GKHwXt0YlP8YSeo -epEJnbbxTZxUD1gG7kl0B85VfiPOFvbK3FphAX7JcbVN9tw0KYdo9l4gk7Pb9eQJ -bEEXlZLrAbVzpWp+2DLtDgK4A4GEAAKBgBqmWXqKrP1etkWWTYYJVwH4qKHFacfs -i4e9IvD1hSslqFwEeZum+3j3iUXiALnDdY8z69cmh9u6yTgahAQSxA0wNpqHibj2 -5SoDKU5UUkkle6KtUn6j7RO04UMhMQCX5hllquJc4Pu105I6X1Esw8Lr51ocpL17 -ry7d6fGGqcMZoAAwCwYJYIZIAWUDBAMCAzEAMC4CFQCRILcFM8uPOMS9A3ISHIHn -DinR1gIVAIm8wedax7I6YgQ1iJukchwZnsO1 ------END CERTIFICATE REQUEST----- ------BEGIN CERTIFICATE----- -MIIDLzCCAuygAwIBAgIBAjALBglghkgBZQMEAwIwUzELMAkGA1UEBhMCQVUxEzAR -BgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5 -IEx0ZDEMMAoGA1UEAwwDUENBMCAXDTE2MDExMzIxNTczOFoYDzIxMTYwMTE0MjE1 -NzM4WjBSMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UE -CgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQswCQYDVQQDDAJDQTCCAbYwggEr -BgcqhkjOOAQBMIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMu -j+BZgnOQPnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb7 -7Cjcwtelu+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DN -SQIVAPcHMe36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh -5bNdmLsohkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFN -nFQPWAbuSXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusB -tXOlan7YMu0OArgDgYQAAoGAGqZZeoqs/V62RZZNhglXAfioocVpx+yLh70i8PWF -KyWoXAR5m6b7ePeJReIAucN1jzPr1yaH27rJOBqEBBLEDTA2moeJuPblKgMpTlRS -SSV7oq1SfqPtE7ThQyExAJfmGWWq4lzg+7XTkjpfUSzDwuvnWhykvXuvLt3p8Yap -wxmjUDBOMB0GA1UdDgQWBBTMZcORcBEVlqO/CD4pf4V6N1NM1zAfBgNVHSMEGDAW -gBTGjwJ33uvjSa20RNrMKWoGptOLdDAMBgNVHRMEBTADAQH/MAsGCWCGSAFlAwQD -AgMwADAtAhUA0NuSQB0Odv7ZToHGhHWQn9+2InICFHYweVbdh+GXaV7ulMrvK7+d -ghUP ------END CERTIFICATE----- diff --git a/certs/demo/dsa-pca.pem b/certs/demo/dsa-pca.pem deleted file mode 100644 index d57549ccb4..0000000000 --- a/certs/demo/dsa-pca.pem +++ /dev/null @@ -1,47 +0,0 @@ ------BEGIN DSA PRIVATE KEY----- -MIIBvAIBAAKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQ -PnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtel -u+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcH -Me36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLso -hkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbu -SXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7Y -Mu0OArgCgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk -umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A -29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUCFQDNvrBz -6TicfImU7UFRn9h00j0lJQ== ------END DSA PRIVATE KEY----- ------BEGIN CERTIFICATE REQUEST----- -MIICWDCCAhUCAQAwUzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx -ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAwwDUENB -MIIBtzCCASsGByqGSM44BAEwggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7F -PYaWsxXgUy6P4FmCc5A+dTGZR3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmI -bs5mrmuINvvsKNzC16W75Sw5JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/N -gBHkcJVbUM1JAhUA9wcx7fpsBgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYl -meVobzDjaeHls12YuyiGSPzemQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEn -qHqRCZ228U2cVA9YBu5JdAfOVX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/Xk -CWxBF5WS6wG1c6Vqftgy7Q4CuAOBhQACgYEApu25HkB1b4gKMIV7aLGNSIknMzYg -rB7o1kQxeDf34dDVRM9OZ8tkumz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQ -lNnKvbtlmMDULpqkZJD0bO7A29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgT -mvTPT2j9TPjq7RWgADALBglghkgBZQMEAwIDMAAwLQIUIBpERkvZqoeQ03rJkgyg -hIdRhAICFQCJIHDcjc1sBoSDGTPkrejqfQRgHQ== ------END CERTIFICATE REQUEST----- ------BEGIN CERTIFICATE----- -MIIDMTCCAu6gAwIBAgIBATALBglghkgBZQMEAwIwUzELMAkGA1UEBhMCQVUxEzAR -BgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5 -IEx0ZDEMMAoGA1UEAwwDUENBMCAXDTE2MDExMzIxNTczN1oYDzIxMTYwMTE0MjE1 -NzM3WjBTMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UE -CgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQwwCgYDVQQDDANQQ0EwggG3MIIB -KwYHKoZIzjgEATCCAR4CgYEApz9uhb9Bail98J9HGTCQmgkd2mozHsU9hpazFeBT -Lo/gWYJzkD51MZlHelL7heTZpns4m2iKhJuHxh61foZLU1tZz3FlGYhuzmaua4g2 -++wo3MLXpbvlLDkmS9qacBiVN5UQViP2Fe26BF7eOU/9t0MftaRlb82AEeRwlVtQ -zUkCFQD3BzHt+mwGA9WFihysnGXnUGZlbwKBgE3fTAOmkYr1GW9QRiWZ5WhvMONp -4eWzXZi7KIZI/N6ZBD9fiAyccyQNIF25Kpo/GJYn5GKHwXt0YlP8YSeoepEJnbbx -TZxUD1gG7kl0B85VfiPOFvbK3FphAX7JcbVN9tw0KYdo9l4gk7Pb9eQJbEEXlZLr -AbVzpWp+2DLtDgK4A4GFAAKBgQCm7bkeQHVviAowhXtosY1IiSczNiCsHujWRDF4 -N/fh0NVEz05ny2S6bPq2X6JRw17kSjF2xhXUhdJ12M6LTws4uxmrsBCU2cq9u2WY -wNQumqRkkPRs7sDb2eKwl8rLVRGoAEvDkOB9w+HVkte2YN9SAm+aOBOa9M9PaP1M -+OrtFaNQME4wHQYDVR0OBBYEFMaPAnfe6+NJrbRE2swpagam04t0MB8GA1UdIwQY -MBaAFMaPAnfe6+NJrbRE2swpagam04t0MAwGA1UdEwQFMAMBAf8wCwYJYIZIAWUD -BAMCAzAAMC0CFQC7Vz9FtzDUMURr3BW91+5FAZodbgIULxZ2l5jCqnwVjKuruM4o -FdkQZUQ= ------END CERTIFICATE----- diff --git a/certs/demo/pca-cert.pem b/certs/demo/pca-cert.pem deleted file mode 100644 index f49206f89e..0000000000 --- a/certs/demo/pca-cert.pem +++ /dev/null @@ -1,32 +0,0 @@ -issuer= C = AU, ST = Queensland, O = CryptSoft Pty Ltd, CN = Test PCA (1024 bit) -subject= C = AU, ST = Queensland, O = CryptSoft Pty Ltd, CN = Test PCA (1024 bit) ------BEGIN CERTIFICATE----- -MIICMTCCAZoCCQCDpmqfcg3yQzANBgkqhkiG9w0BAQsFADBcMQswCQYDVQQGEwJB -VTETMBEGA1UECAwKUXVlZW5zbGFuZDEaMBgGA1UECgwRQ3J5cHRTb2Z0IFB0eSBM -dGQxHDAaBgNVBAMME1Rlc3QgUENBICgxMDI0IGJpdCkwIBcNMTYwMTEzMjE1MTA0 -WhgPMjExNjAxMTQyMTUxMDRaMFwxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVl -bnNsYW5kMRowGAYDVQQKDBFDcnlwdFNvZnQgUHR5IEx0ZDEcMBoGA1UEAwwTVGVz -dCBQQ0EgKDEwMjQgYml0KTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAthiO -O2kuz+V+Q8XEAVnhXcd7mZkVuwRqQr1sDZ9BqvKt5HDJ+FtdsMkfIFX5zjEjl9ua -ZV3a3+6ziTisyEawG0vz1KoIQeE8mksXLCJBWYlMCMA1itaRkrm5H/75iZnLO4t8 -8csG624rpwUYpfDc01OjGNiigx/SZp3as9fdwpMCAwEAATANBgkqhkiG9w0BAQsF -AAOBgQBTi1otT7r7eplhrk/bjuxs8Gq3DCmd+kyr50kXgmWPFPEexDAQ1I49NUEO -wYbPxgxMoqYTGvoQm59BSvr8zl+G/Y4ghlb3wK8N+be+IKYHMofYBC04CYsd5oMI -AUDVWBv7CUTM+B7HLIkd8kCCqUQIEHJPXcXtS745EHH+EUmVpA== ------END CERTIFICATE----- ------BEGIN PRIVATE KEY----- -MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALYYjjtpLs/lfkPF -xAFZ4V3He5mZFbsEakK9bA2fQaryreRwyfhbXbDJHyBV+c4xI5fbmmVd2t/us4k4 -rMhGsBtL89SqCEHhPJpLFywiQVmJTAjANYrWkZK5uR/++YmZyzuLfPHLButuK6cF -GKXw3NNToxjYooMf0mad2rPX3cKTAgMBAAECgYBvrJ+Nz/Pli9jjt2V9bqHH4Y7r -o/avuwVv6Ltbn0+mhy4d6w3yQhYzVSTBr/iDe59YglUt1WFl8/4nKZrNOIzHJlav -Sw4hd3fYBHxbT+DgZMQ9ikjHECWRdDffrnlTLsSJAcxnpMJBPe3dKCRDMUrqWUvB -IIKaxyqmXJms5Y/wAQJBAPFL9NMKJcWBftMKXCasxsV0ZGjgqHGZODYjtGFN9jJO -6AbZrxfCcapTWG4RCC2o/EDEMN8aArEhfdrYY3lhXGsCQQDBMRzFevkD7SYXTw5G -NA/gJOAsFMYbt7tebcCRsHT7t3ymVfO2QwK7ZF0f/SYvi7cMAPraHvO7s3kFdGTB -kDx5AkAHBICASsFCdzurA5gef9PgFjx9WFtNwnkCChPK6KuKVwUkfdw7wqnvnDDs -Mo6cVVfQwmPxeR4u7JxuavCprQ01AkEAp5ZGAh1J9Jj9CQ1AMbAp8WOrvzGKJTM9 -641Dll4/LLif/d7j2kDJFuvaSMyeGnKVqGkVMq/U+QeYPR4Z5TuM6QJAWK05qFed -wYgTZyVN0MY53ZOMAIWwjz0cr24TvDfmsZqIvguGL616GKQZKdKDZQyQHg+dCzqJ -HgIoacuFDKz5CA== ------END PRIVATE KEY----- diff --git a/certs/expired/ICE.crl b/certs/expired/ICE.crl deleted file mode 100644 index 21939e8cc4..0000000000 --- a/certs/expired/ICE.crl +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN X509 CRL----- -MIIBNDCBnjANBgkqhkiG9w0BAQIFADBFMSEwHwYDVQQKExhFdXJvcGVhbiBJQ0Ut -VEVMIFByb2plY3QxIDAeBgNVBAsTF0NlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05 -NzA2MDkxNDQyNDNaFw05NzA3MDkxNDQyNDNaMCgwEgIBChcNOTcwMzAzMTQ0MjU0 -WjASAgEJFw05NjEwMDIxMjI5MjdaMA0GCSqGSIb3DQEBAgUAA4GBAH4vgWo2Tej/ -i7kbiw4Imd30If91iosjClNpBFwvwUDBclPEeMuYimHbLOk4H8Nofc0fw11+U/IO -KSNouUDcqG7B64oY7c4SXKn+i1MWOb5OJiWeodX3TehHjBlyWzoNMWCnYA8XqFP1 -mOKp8Jla1BibEZf14+/HqCi2hnZUiEXh ------END X509 CRL----- diff --git a/openssl.doxy b/openssl.doxy deleted file mode 100644 index 479c311470..0000000000 --- a/openssl.doxy +++ /dev/null @@ -1,7 +0,0 @@ -PROJECT_NAME=OpenSSL -GENERATE_LATEX=no -OUTPUT_DIRECTORY=doxygen -INPUT=ssl include -FILE_PATTERNS=*.c *.h -RECURSIVE=yes -PREDEFINED=DOXYGEN diff --git a/test/Attic/VMSca-response.1 b/test/Attic/VMSca-response.1 deleted file mode 100644 index 8b13789179..0000000000 --- a/test/Attic/VMSca-response.1 +++ /dev/null @@ -1 +0,0 @@ - diff --git a/test/Attic/VMSca-response.2 b/test/Attic/VMSca-response.2 deleted file mode 100644 index 9b48ee4cf9..0000000000 --- a/test/Attic/VMSca-response.2 +++ /dev/null @@ -1,2 +0,0 @@ -y -y diff --git a/test/Attic/bctest b/test/Attic/bctest deleted file mode 100755 index bdb3218f7a..0000000000 --- a/test/Attic/bctest +++ /dev/null @@ -1,111 +0,0 @@ -#!/bin/sh - -# This script is used by test/Makefile.ssl to check whether a sane 'bc' -# is installed. -# ('make test_bn' should not try to run 'bc' if it does not exist or if -# it is a broken 'bc' version that is known to cause trouble.) -# -# If 'bc' works, we also test if it knows the 'print' command. -# -# In any case, output an appropriate command line for running (or not -# running) bc. - - -IFS=: -try_without_dir=true -# First we try "bc", then "$dir/bc" for each item in $PATH. -for dir in dummy:$PATH; do - if [ "$try_without_dir" = true ]; then - # first iteration - bc=bc - try_without_dir=false - else - # second and later iterations - bc="$dir/bc" - if [ ! -f "$bc" ]; then # '-x' is not available on Ultrix - bc='' - fi - fi - - if [ ! "$bc" = '' ]; then - failure=none - - - # Test for SunOS 5.[78] bc bug - "$bc" >tmp.bctest <<\EOF -obase=16 -ibase=16 -a=AD88C418F31B3FC712D0425001D522B3AE9134FF3A98C13C1FCC1682211195406C1A6C66C6A\ -CEEC1A0EC16950233F77F1C2F2363D56DD71A36C57E0B2511FC4BA8F22D261FE2E9356D99AF57\ -10F3817C0E05BF79C423C3F66FDF321BE8D3F18F625D91B670931C1EF25F28E489BDA1C5422D1\ -C3F6F7A1AD21585746ECC4F10A14A778AF56F08898E965E9909E965E0CB6F85B514150C644759\ -3BE731877B16EA07B552088FF2EA728AC5E0FF3A23EB939304519AB8B60F2C33D6BA0945B66F0\ -4FC3CADF855448B24A9D7640BCF473E -b=DCE91E7D120B983EA9A104B5A96D634DD644C37657B1C7860B45E6838999B3DCE5A555583C6\ -9209E41F413422954175A06E67FFEF6746DD652F0F48AEFECC3D8CAC13523BDAAD3F5AF4212BD\ -8B3CD64126E1A82E190228020C05B91C8B141F1110086FC2A4C6ED631EBA129D04BB9A19FC53D\ -3ED0E2017D60A68775B75481449 -(a/b)*b + (a%b) - a -EOF - if [ 0 != "`cat tmp.bctest`" ]; then - failure=SunOStest - fi - - - if [ "$failure" = none ]; then - # Test for SCO bc bug. - "$bc" >tmp.bctest <<\EOF -obase=16 -ibase=16 --FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4AEC6F15AC177F176F2274D2\ -9DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7F5ADFACEE54573F5D256A06\ -11B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99FB9812A0E4A5773D8B254117\ -1239157EC6E3D8D50199 * -FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4\ -AEC6F15AC177F176F2274D29DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7\ -F5ADFACEE54573F5D256A0611B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99F\ -B9812A0E4A5773D8B2541171239157EC6E3D8D50199 - FFBACC221682DA464B6D7F123482522\ -02EDAEDCA38C3B69E9B7BBCD6165A9CD8716C4903417F23C09A85B851961F92C217258CEEB866\ -85EFCC5DD131853A02C07A873B8E2AF2E40C6D5ED598CD0E8F35AD49F3C3A17FDB7653E4E2DC4\ -A8D23CC34686EE4AD01F7407A7CD74429AC6D36DBF0CB6A3E302D0E5BDFCD048A3B90C1BE5AA8\ -E16C3D5884F9136B43FF7BB443764153D4AEC176C681B078F4CC53D6EB6AB76285537DDEE7C18\ -8C72441B52EDBDDBC77E02D34E513F2AABF92F44109CAFE8242BD0ECBAC5604A94B02EA44D43C\ -04E9476E6FBC48043916BFA1485C6093603600273C9C33F13114D78064AE42F3DC466C7DA543D\ -89C8D71 -AD534AFBED2FA39EE9F40E20FCF9E2C861024DB98DDCBA1CD118C49CA55EEBC20D6BA51B2271C\ -928B693D6A73F67FEB1B4571448588B46194617D25D910C6A9A130CC963155CF34079CB218A44\ -8A1F57E276D92A33386DDCA3D241DB78C8974ABD71DD05B0FA555709C9910D745185E6FE108E3\ -37F1907D0C56F8BFBF52B9704 % -E557905B56B13441574CAFCE2BD257A750B1A8B2C88D0E36\ -E18EF7C38DAC80D3948E17ED63AFF3B3467866E3B89D09A81B3D16B52F6A3C7134D3C6F5123E9\ -F617E3145BBFBE9AFD0D6E437EA4FF6F04BC67C4F1458B4F0F47B64 - 1C2BBBB19B74E86FD32\ -9E8DB6A8C3B1B9986D57ED5419C2E855F7D5469E35E76334BB42F4C43E3F3A31B9697C171DAC4\ -D97935A7E1A14AD209D6CF811F55C6DB83AA9E6DFECFCD6669DED7171EE22A40C6181615CAF3F\ -5296964 -EOF - if [ "0 -0" != "`cat tmp.bctest`" ]; then - failure=SCOtest - fi - fi - - - if [ "$failure" = none ]; then - # bc works; now check if it knows the 'print' command. - if [ "OK" = "`echo 'print \"OK\"' | $bc 2>/dev/null`" ] - then - echo "$bc" - else - echo "sed 's/print.*//' | $bc" - fi - exit 0 - fi - - echo "$bc does not work properly ('$failure' failed). Looking for another bc ..." >&2 - fi -done - -echo "No working bc found. Consider installing GNU bc." >&2 -if [ "$1" = ignore ]; then - echo "cat >/dev/null" - exit 0 -fi -exit 1 diff --git a/test/Attic/bctest.com b/test/Attic/bctest.com deleted file mode 100644 index d7e5ec139e..0000000000 --- a/test/Attic/bctest.com +++ /dev/null @@ -1,152 +0,0 @@ -$! -$! Check operation of "bc". -$! -$! 2010-04-05 SMS. New. Based (loosely) on "bctest". -$! -$! -$ tmp_file_name = "tmp.bctest" -$ failure = "" -$! -$! Basic command test. -$! -$ on warning then goto bc_fail -$ bc -$ on error then exit -$! -$! Test for SunOS 5.[78] bc bug. -$! -$ if (failure .eqs. "") -$ then -$! -$ define /user_mode sys$output 'tmp_file_name' -$ bc -obase=16 -ibase=16 -a=AD88C418F31B3FC712D0425001D522B3AE9134FF3A98C13C1FCC1682211195406C1A6C66C6A\ -CEEC1A0EC16950233F77F1C2F2363D56DD71A36C57E0B2511FC4BA8F22D261FE2E9356D99AF57\ -10F3817C0E05BF79C423C3F66FDF321BE8D3F18F625D91B670931C1EF25F28E489BDA1C5422D1\ -C3F6F7A1AD21585746ECC4F10A14A778AF56F08898E965E9909E965E0CB6F85B514150C644759\ -3BE731877B16EA07B552088FF2EA728AC5E0FF3A23EB939304519AB8B60F2C33D6BA0945B66F0\ -4FC3CADF855448B24A9D7640BCF473E -b=DCE91E7D120B983EA9A104B5A96D634DD644C37657B1C7860B45E6838999B3DCE5A555583C6\ -9209E41F413422954175A06E67FFEF6746DD652F0F48AEFECC3D8CAC13523BDAAD3F5AF4212BD\ -8B3CD64126E1A82E190228020C05B91C8B141F1110086FC2A4C6ED631EBA129D04BB9A19FC53D\ -3ED0E2017D60A68775B75481449 -(a/b)*b + (a%b) - a -$ status = $status -$ output_expected = "0" -$ gosub check_output -$ if (output .ne. 1) -$ then -$ failure = "SunOStest" -$ else -$ delete 'f$parse( tmp_file_name)' -$ endif -$ endif -$! -$! Test for SCO bc bug. -$! -$ if (failure .eqs. "") -$ then -$! -$ define /user_mode sys$output 'tmp_file_name' -$ bc -obase=16 -ibase=16 --FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4AEC6F15AC177F176F2274D2\ -9DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7F5ADFACEE54573F5D256A06\ -11B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99FB9812A0E4A5773D8B254117\ -1239157EC6E3D8D50199 * -FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4\ -AEC6F15AC177F176F2274D29DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7\ -F5ADFACEE54573F5D256A0611B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99F\ -B9812A0E4A5773D8B2541171239157EC6E3D8D50199 - FFBACC221682DA464B6D7F123482522\ -02EDAEDCA38C3B69E9B7BBCD6165A9CD8716C4903417F23C09A85B851961F92C217258CEEB866\ -85EFCC5DD131853A02C07A873B8E2AF2E40C6D5ED598CD0E8F35AD49F3C3A17FDB7653E4E2DC4\ -A8D23CC34686EE4AD01F7407A7CD74429AC6D36DBF0CB6A3E302D0E5BDFCD048A3B90C1BE5AA8\ -E16C3D5884F9136B43FF7BB443764153D4AEC176C681B078F4CC53D6EB6AB76285537DDEE7C18\ -8C72441B52EDBDDBC77E02D34E513F2AABF92F44109CAFE8242BD0ECBAC5604A94B02EA44D43C\ -04E9476E6FBC48043916BFA1485C6093603600273C9C33F13114D78064AE42F3DC466C7DA543D\ -89C8D71 -AD534AFBED2FA39EE9F40E20FCF9E2C861024DB98DDCBA1CD118C49CA55EEBC20D6BA51B2271C\ -928B693D6A73F67FEB1B4571448588B46194617D25D910C6A9A130CC963155CF34079CB218A44\ -8A1F57E276D92A33386DDCA3D241DB78C8974ABD71DD05B0FA555709C9910D745185E6FE108E3\ -37F1907D0C56F8BFBF52B9704 % -E557905B56B13441574CAFCE2BD257A750B1A8B2C88D0E36\ -E18EF7C38DAC80D3948E17ED63AFF3B3467866E3B89D09A81B3D16B52F6A3C7134D3C6F5123E9\ -F617E3145BBFBE9AFD0D6E437EA4FF6F04BC67C4F1458B4F0F47B64 - 1C2BBBB19B74E86FD32\ -9E8DB6A8C3B1B9986D57ED5419C2E855F7D5469E35E76334BB42F4C43E3F3A31B9697C171DAC4\ -D97935A7E1A14AD209D6CF811F55C6DB83AA9E6DFECFCD6669DED7171EE22A40C6181615CAF3F\ -5296964 -$ status = $status -$ output_expected = "0\0" -$ gosub check_output -$ if (output .ne. 1) -$ then -$ failure = "SCOtest" -$ else -$ delete 'f$parse( tmp_file_name)' -$ endif -$ endif -$! -$! Test for working 'print' command. -$! -$ if (failure .eqs. "") -$ then -$! -$ define /user_mode sys$output 'tmp_file_name' -$ bc -print "OK" -$ status = $status -$ output_expected = "OK" -$ gosub check_output -$ if (output .ne. 1) -$ then -$ failure = "printtest" -$ else -$ delete 'f$parse( tmp_file_name)' -$ endif -$ endif -$! -$ if (failure .nes. "") -$ then -$ write sys$output - - "No working bc found. Consider installing GNU bc." -$ exit %X00030000 ! %DCL-W-NORMAL -$ endif -$! -$ exit -$! -$! -$! Complete "bc" command failure. -$! -$ bc_fail: -$ write sys$output - - "No ""bc"" program/symbol found. Consider installing GNU bc." -$ exit %X00030000 ! %DCL-W-NORMAL -$! -$! -$! Output check subroutine. -$! -$ check_output: -$ eof = 0 -$ line_nr = 0 -$ open /read tmp_file 'tmp_file_name' -$ c_o_loop: -$ read /error = error_read tmp_file line -$ goto ok_read -$ error_read: -$ eof = 1 -$ ok_read: -$ line_expected = f$element( line_nr, "\", output_expected) -$ line_nr = line_nr+ 1 -$ if ((line_expected .nes. "\") .and. (.not. eof) .and. - - (line_expected .eqs. line)) then goto c_o_loop -$! -$ if ((line_expected .eqs. "\") .and. eof) -$ then -$ output = 1 -$ else -$ output = 0 -$ endif -$ close tmp_file -$ return -$! diff --git a/test/Attic/bntest.com b/test/Attic/bntest.com deleted file mode 100644 index 6545d2e5a5..0000000000 --- a/test/Attic/bntest.com +++ /dev/null @@ -1,76 +0,0 @@ -$! -$! Analyze bntest output file. -$! -$! Exit status = 1 (success) if all tests passed, -$! 0 (warning) if any test failed. -$! -$! 2011-02-20 SMS. Added code to skip "#" comments in the input file. -$! -$! 2010-04-05 SMS. New. Based (loosely) on perl code in bntest-vms.sh. -$! -$! Expect data like: -$! test test_name1 -$! 0 -$! [...] -$! test test_name2 -$! 0 -$! [...] -$! [...] -$! -$! Some tests have no following "0" lines. -$! -$ result_file_name = f$edit( p1, "TRIM") -$ if (result_file_name .eqs. "") -$ then -$ result_file_name = "bntest-vms.out" -$ endif -$! -$ fail = 0 -$ passed = 0 -$ tests = 0 -$! -$ on control_c then goto tidy -$ on error then goto tidy -$! -$ open /read result_file 'result_file_name' -$! -$ read_loop: -$ read /end = read_loop_end /error = tidy result_file line -$ t1 = f$element( 0, " ", line) -$! -$! Skip "#" comment lines. -$ if (f$extract( 0, 1, f$edit( line, "TRIM")) .eqs. "#") then - - goto read_loop -$! -$ if (t1 .eqs. "test") -$ then -$ passed = passed+ 1 -$ tests = tests+ 1 -$ fail = 1 -$ t2 = f$extract( 5, 1000, line) -$ write sys$output "verify ''t2'" -$ else -$ if (t1 .nes. "0") -$ then -$ write sys$output "Failed! bc: ''line'" -$ passed = passed- fail -$ fail = 0 -$ endif -$ endif -$ goto read_loop -$ read_loop_end: -$ write sys$output "''passed'/''tests' tests passed" -$! -$ tidy: -$ if f$trnlnm( "result_file", "LNM$PROCESS_TABLE", , "SUPERVISOR", , "CONFINE") -$ then -$ close result_file -$ endif -$! -$ if ((tests .gt. 0) .and. (tests .eq. passed)) -$ then -$ exit 1 -$ else -$ exit 0 -$ endif -$! diff --git a/test/Attic/cms-test.pl b/test/Attic/cms-test.pl deleted file mode 100644 index 1ee3f02e87..0000000000 --- a/test/Attic/cms-test.pl +++ /dev/null @@ -1,629 +0,0 @@ -# test/cms-test.pl -# Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL -# project. -# -# ==================================================================== -# Copyright (c) 2008 The OpenSSL Project. All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in -# the documentation and/or other materials provided with the -# distribution. -# -# 3. All advertising materials mentioning features or use of this -# software must display the following acknowledgment: -# "This product includes software developed by the OpenSSL Project -# for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" -# -# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -# endorse or promote products derived from this software without -# prior written permission. For written permission, please contact -# licensing@OpenSSL.org. -# -# 5. Products derived from this software may not be called "OpenSSL" -# nor may "OpenSSL" appear in their names without prior written -# permission of the OpenSSL Project. -# -# 6. Redistributions of any form whatsoever must retain the following -# acknowledgment: -# "This product includes software developed by the OpenSSL Project -# for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" -# -# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -# OF THE POSSIBILITY OF SUCH DAMAGE. -# ==================================================================== - -# CMS, PKCS7 consistency test script. Run extensive tests on -# OpenSSL PKCS#7 and CMS implementations. - -my $ossl_path; -my $redir = " 2> cms.err > cms.out"; -# Make VMS work -if ( $^O eq "VMS" && -f "OSSLX:openssl.exe" ) { - $ossl_path = "pipe mcr OSSLX:openssl"; - $null_path = "NL:"; - # On VMS, the lowest 3 bits of the exit code indicates severity - # 1 is success (perl translates it to 0 for $?), 2 is error - # (perl doesn't translate it) - $failure_code = 512; # 2 << 8 = 512 -} -# Make MSYS work -elsif ( $^O eq "MSWin32" && -f "../apps/openssl.exe" ) { - $ossl_path = "cmd /c ..\\apps\\openssl"; - $null_path = "NUL"; - $failure_code = 256; -} -elsif ( -f "../apps/openssl$ENV{EXE_EXT}" ) { - $ossl_path = "../util/shlib_wrap.sh ../apps/openssl"; - $null_path = "/dev/null"; - $failure_code = 256; -} -elsif ( -f "..\\out32dll\\openssl.exe" ) { - $ossl_path = "..\\out32dll\\openssl.exe"; - $null_path = "NUL"; - $failure_code = 256; -} -elsif ( -f "..\\out32\\openssl.exe" ) { - $ossl_path = "..\\out32\\openssl.exe"; - $null_path = "NUL"; - $failure_code = 256; -} -else { - die "Can't find OpenSSL executable"; -} - -my $pk7cmd = "$ossl_path smime "; -my $cmscmd = "$ossl_path cms "; -my $smdir = "smime-certs"; -my $halt_err = 1; - -my $badcmd = 0; -my $no_ec; -my $no_ec2m; -my $no_ecdh; -my $ossl8 = `$ossl_path version -v` =~ /0\.9\.8/; - -system ("$ossl_path no-cms > $null_path"); -if ($? == 0) - { - print "CMS disabled\n"; - exit 0; - } - -system ("$ossl_path no-ec > $null_path"); -if ($? == 0) - { - $no_ec = 1; - } -elsif ($? == $failure_code) - { - $no_ec = 0; - } -else - { - die "Error checking for EC support\n"; - } - -system ("$ossl_path no-ec2m > $null_path"); -if ($? == 0) - { - $no_ec2m = 1; - } -elsif ($? == $failure_code) - { - $no_ec2m = 0; - } -else - { - die "Error checking for EC2M support\n"; - } - -system ("$ossl_path no-ec > $null_path"); -if ($? == 0) - { - $no_ecdh = 1; - } -elsif ($? == $failure_code) - { - $no_ecdh = 0; - } -else - { - die "Error checking for ECDH support\n"; - } - -my @smime_pkcs7_tests = ( - - [ - "signed content DER format, RSA key", - "-sign -in smcont.txt -outform \"DER\" -nodetach" - . " -certfile $smdir/smroot.pem" - . " -signer $smdir/smrsa1.pem -out test.cms", - "-verify -in test.cms -inform \"DER\" " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ - "signed detached content DER format, RSA key", - "-sign -in smcont.txt -outform \"DER\"" - . " -signer $smdir/smrsa1.pem -out test.cms", - "-verify -in test.cms -inform \"DER\" " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt" - ], - - [ - "signed content test streaming BER format, RSA", - "-sign -in smcont.txt -outform \"DER\" -nodetach" - . " -stream -signer $smdir/smrsa1.pem -out test.cms", - "-verify -in test.cms -inform \"DER\" " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ - "signed content DER format, DSA key", - "-sign -in smcont.txt -outform \"DER\" -nodetach" - . " -signer $smdir/smdsa1.pem -out test.cms", - "-verify -in test.cms -inform \"DER\" " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ - "signed detached content DER format, DSA key", - "-sign -in smcont.txt -outform \"DER\"" - . " -signer $smdir/smdsa1.pem -out test.cms", - "-verify -in test.cms -inform \"DER\" " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt" - ], - - [ - "signed detached content DER format, add RSA signer", - "-resign -inform \"DER\" -in test.cms -outform \"DER\"" - . " -signer $smdir/smrsa1.pem -out test2.cms", - "-verify -in test2.cms -inform \"DER\" " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt" - ], - - [ - "signed content test streaming BER format, DSA key", - "-sign -in smcont.txt -outform \"DER\" -nodetach" - . " -stream -signer $smdir/smdsa1.pem -out test.cms", - "-verify -in test.cms -inform \"DER\" " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ - "signed content test streaming BER format, 2 DSA and 2 RSA keys", - "-sign -in smcont.txt -outform \"DER\" -nodetach" - . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem" - . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem" - . " -stream -out test.cms", - "-verify -in test.cms -inform \"DER\" " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ -"signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes", - "-sign -in smcont.txt -outform \"DER\" -noattr -nodetach" - . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem" - . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem" - . " -stream -out test.cms", - "-verify -in test.cms -inform \"DER\" " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ - "signed content test streaming S/MIME format, 2 DSA and 2 RSA keys", - "-sign -in smcont.txt -nodetach" - . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem" - . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem" - . " -stream -out test.cms", - "-verify -in test.cms " . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ -"signed content test streaming multipart S/MIME format, 2 DSA and 2 RSA keys", - "-sign -in smcont.txt" - . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem" - . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem" - . " -stream -out test.cms", - "-verify -in test.cms " . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ - "enveloped content test streaming S/MIME format, 3 recipients", - "-encrypt -in smcont.txt" - . " -stream -out test.cms" - . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ", - "-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt" - ], - - [ -"enveloped content test streaming S/MIME format, 3 recipients, 3rd used", - "-encrypt -in smcont.txt" - . " -stream -out test.cms" - . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ", - "-decrypt -recip $smdir/smrsa3.pem -in test.cms -out smtst.txt" - ], - - [ -"enveloped content test streaming S/MIME format, 3 recipients, key only used", - "-encrypt -in smcont.txt" - . " -stream -out test.cms" - . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ", - "-decrypt -inkey $smdir/smrsa3.pem -in test.cms -out smtst.txt" - ], - - [ -"enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients", - "-encrypt -in smcont.txt" - . " -aes256 -stream -out test.cms" - . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ", - "-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt" - ], - -); - -my @smime_cms_tests = ( - - [ - "signed content test streaming BER format, 2 DSA and 2 RSA keys, keyid", - "-sign -in smcont.txt -outform \"DER\" -nodetach -keyid" - . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem" - . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem" - . " -stream -out test.cms", - "-verify -in test.cms -inform \"DER\" " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ - "signed content test streaming PEM format, 2 DSA and 2 RSA keys", - "-sign -in smcont.txt -outform PEM -nodetach" - . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem" - . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem" - . " -stream -out test.cms", - "-verify -in test.cms -inform PEM " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ - "signed content MIME format, RSA key, signed receipt request", - "-sign -in smcont.txt -signer $smdir/smrsa1.pem -nodetach" - . " -receipt_request_to test\@openssl.org -receipt_request_all" - . " -out test.cms", - "-verify -in test.cms " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ - "signed receipt MIME format, RSA key", - "-sign_receipt -in test.cms" - . " -signer $smdir/smrsa2.pem" - . " -out test2.cms", - "-verify_receipt test2.cms -in test.cms" - . " \"-CAfile\" $smdir/smroot.pem" - ], - - [ - "enveloped content test streaming S/MIME format, 3 recipients, keyid", - "-encrypt -in smcont.txt" - . " -stream -out test.cms -keyid" - . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ", - "-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt" - ], - - [ - "enveloped content test streaming PEM format, KEK", - "-encrypt -in smcont.txt -outform PEM -aes128" - . " -stream -out test.cms " - . " -secretkey 000102030405060708090A0B0C0D0E0F " - . " -secretkeyid C0FEE0", - "-decrypt -in test.cms -out smtst.txt -inform PEM" - . " -secretkey 000102030405060708090A0B0C0D0E0F " - . " -secretkeyid C0FEE0" - ], - - [ - "enveloped content test streaming PEM format, KEK, key only", - "-encrypt -in smcont.txt -outform PEM -aes128" - . " -stream -out test.cms " - . " -secretkey 000102030405060708090A0B0C0D0E0F " - . " -secretkeyid C0FEE0", - "-decrypt -in test.cms -out smtst.txt -inform PEM" - . " -secretkey 000102030405060708090A0B0C0D0E0F " - ], - - [ - "data content test streaming PEM format", - "-data_create -in smcont.txt -outform PEM -nodetach" - . " -stream -out test.cms", - "-data_out -in test.cms -inform PEM -out smtst.txt" - ], - - [ - "encrypted content test streaming PEM format, 128 bit RC2 key", - "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM" - . " -rc2 -secretkey 000102030405060708090A0B0C0D0E0F" - . " -stream -out test.cms", - "\"-EncryptedData_decrypt\" -in test.cms -inform PEM " - . " -secretkey 000102030405060708090A0B0C0D0E0F -out smtst.txt" - ], - - [ - "encrypted content test streaming PEM format, 40 bit RC2 key", - "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM" - . " -rc2 -secretkey 0001020304" - . " -stream -out test.cms", - "\"-EncryptedData_decrypt\" -in test.cms -inform PEM " - . " -secretkey 0001020304 -out smtst.txt" - ], - - [ - "encrypted content test streaming PEM format, triple DES key", - "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM" - . " -des3 -secretkey 000102030405060708090A0B0C0D0E0F1011121314151617" - . " -stream -out test.cms", - "\"-EncryptedData_decrypt\" -in test.cms -inform PEM " - . " -secretkey 000102030405060708090A0B0C0D0E0F1011121314151617" - . " -out smtst.txt" - ], - - [ - "encrypted content test streaming PEM format, 128 bit AES key", - "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM" - . " -aes128 -secretkey 000102030405060708090A0B0C0D0E0F" - . " -stream -out test.cms", - "\"-EncryptedData_decrypt\" -in test.cms -inform PEM " - . " -secretkey 000102030405060708090A0B0C0D0E0F -out smtst.txt" - ], - -); - -my @smime_cms_comp_tests = ( - - [ - "compressed content test streaming PEM format", - "-compress -in smcont.txt -outform PEM -nodetach" - . " -stream -out test.cms", - "-uncompress -in test.cms -inform PEM -out smtst.txt" - ] - -); - -my @smime_cms_param_tests = ( - [ - "signed content test streaming PEM format, RSA keys, PSS signature", - "-sign -in smcont.txt -outform PEM -nodetach" - . " -signer $smdir/smrsa1.pem -keyopt rsa_padding_mode:pss" - . " -out test.cms", - "-verify -in test.cms -inform PEM " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ - "signed content test streaming PEM format, RSA keys, PSS signature, no attributes", - "-sign -in smcont.txt -outform PEM -nodetach -noattr" - . " -signer $smdir/smrsa1.pem -keyopt rsa_padding_mode:pss" - . " -out test.cms", - "-verify -in test.cms -inform PEM " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ - "signed content test streaming PEM format, RSA keys, PSS signature, SHA384 MGF1", - "-sign -in smcont.txt -outform PEM -nodetach" - . " -signer $smdir/smrsa1.pem -keyopt rsa_padding_mode:pss" - . " -keyopt rsa_mgf1_md:sha384 -out test.cms", - "-verify -in test.cms -inform PEM " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ -"enveloped content test streaming S/MIME format, OAEP default parameters", - "-encrypt -in smcont.txt" - . " -stream -out test.cms" - . " -recip $smdir/smrsa1.pem -keyopt rsa_padding_mode:oaep", - "-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt" - ], - - [ -"enveloped content test streaming S/MIME format, OAEP SHA256", - "-encrypt -in smcont.txt" - . " -stream -out test.cms" - . " -recip $smdir/smrsa1.pem -keyopt rsa_padding_mode:oaep" - . " -keyopt rsa_oaep_md:sha256", - "-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt" - ], - - [ -"enveloped content test streaming S/MIME format, ECDH", - "-encrypt -in smcont.txt" - . " -stream -out test.cms" - . " -recip $smdir/smec1.pem", - "-decrypt -recip $smdir/smec1.pem -in test.cms -out smtst.txt" - ], - - [ -"enveloped content test streaming S/MIME format, ECDH, key identifier", - "-encrypt -keyid -in smcont.txt" - . " -stream -out test.cms" - . " -recip $smdir/smec1.pem", - "-decrypt -recip $smdir/smec1.pem -in test.cms -out smtst.txt" - ], - - [ -"enveloped content test streaming S/MIME format, ECDH, AES128, SHA256 KDF", - "-encrypt -in smcont.txt" - . " -stream -out test.cms" - . " -recip $smdir/smec1.pem -aes128 -keyopt ecdh_kdf_md:sha256", - "-decrypt -recip $smdir/smec1.pem -in test.cms -out smtst.txt" - ], - - [ -"enveloped content test streaming S/MIME format, ECDH, K-283, cofactor DH", - "-encrypt -in smcont.txt" - . " -stream -out test.cms" - . " -recip $smdir/smec2.pem -aes128" - . " -keyopt ecdh_kdf_md:sha256 -keyopt ecdh_cofactor_mode:1", - "-decrypt -recip $smdir/smec2.pem -in test.cms -out smtst.txt" - ], - - [ -"enveloped content test streaming S/MIME format, X9.42 DH", - "-encrypt -in smcont.txt" - . " -stream -out test.cms" - . " -recip $smdir/smdh.pem -aes128", - "-decrypt -recip $smdir/smdh.pem -in test.cms -out smtst.txt" - ] -); - -print "CMS => PKCS#7 compatibility tests\n"; - -run_smime_tests( \$badcmd, \@smime_pkcs7_tests, $cmscmd, $pk7cmd ); - -print "CMS <= PKCS#7 compatibility tests\n"; - -run_smime_tests( \$badcmd, \@smime_pkcs7_tests, $pk7cmd, $cmscmd ); - -print "CMS <=> CMS consistency tests\n"; - -run_smime_tests( \$badcmd, \@smime_pkcs7_tests, $cmscmd, $cmscmd ); -run_smime_tests( \$badcmd, \@smime_cms_tests, $cmscmd, $cmscmd ); - -print "CMS <=> CMS consistency tests, modified key parameters\n"; -run_smime_tests( \$badcmd, \@smime_cms_param_tests, $cmscmd, $cmscmd ); - -if ( `$ossl_path version -f` =~ /ZLIB/ ) { - run_smime_tests( \$badcmd, \@smime_cms_comp_tests, $cmscmd, $cmscmd ); -} -else { - print "Zlib not supported: compression tests skipped\n"; -} - -print "Running modified tests for OpenSSL 0.9.8 cms backport\n" if($ossl8); - -if ($badcmd) { - print "$badcmd TESTS FAILED!!\n"; -} -else { - print "ALL TESTS SUCCESSFUL.\n"; -} - -unlink "test.cms"; -unlink "test2.cms"; -unlink "smtst.txt"; -unlink "cms.out"; -unlink "cms.err"; - -sub run_smime_tests { - my ( $rv, $aref, $scmd, $vcmd ) = @_; - - foreach $smtst (@$aref) { - my ( $tnam, $rscmd, $rvcmd ) = @$smtst; - if ($ossl8) - { - # Skip smime resign: 0.9.8 smime doesn't support -resign - next if ($scmd =~ /smime/ && $rscmd =~ /-resign/); - # Disable streaming: option not supported in 0.9.8 - $tnam =~ s/streaming//; - $rscmd =~ s/-stream//; - $rvcmd =~ s/-stream//; - } - if ($no_ec && $tnam =~ /ECDH/) - { - print "$tnam: skipped, EC disabled\n"; - next; - } - if ($no_ecdh && $tnam =~ /ECDH/) - { - print "$tnam: skipped, ECDH disabled\n"; - next; - } - if ($no_ec2m && $tnam =~ /K-283/) - { - print "$tnam: skipped, EC2M disabled\n"; - next; - } - system("$scmd$rscmd$redir"); - if ($?) { - print "$tnam: generation error\n"; - $$rv++; - exit 1 if $halt_err; - next; - } - system("$vcmd$rvcmd$redir"); - if ($?) { - print "$tnam: verify error\n"; - $$rv++; - exit 1 if $halt_err; - next; - } - if (!cmp_files("smtst.txt", "smcont.txt")) { - print "$tnam: content verify error\n"; - $$rv++; - exit 1 if $halt_err; - next; - } - print "$tnam: OK\n"; - } -} - -sub cmp_files { - use FileHandle; - my ( $f1, $f2 ) = @_; - my $fp1 = FileHandle->new(); - my $fp2 = FileHandle->new(); - - my ( $rd1, $rd2 ); - - if ( !open( $fp1, "<$f1" ) ) { - print STDERR "Can't Open file $f1\n"; - return 0; - } - - if ( !open( $fp2, "<$f2" ) ) { - print STDERR "Can't Open file $f2\n"; - return 0; - } - - binmode $fp1; - binmode $fp2; - - my $ret = 0; - - for ( ; ; ) { - $n1 = sysread $fp1, $rd1, 4096; - $n2 = sysread $fp2, $rd2, 4096; - last if ( $n1 != $n2 ); - last if ( $rd1 ne $rd2 ); - - if ( $n1 == 0 ) { - $ret = 1; - last; - } - - } - - close $fp1; - close $fp2; - - return $ret; - -} - diff --git a/test/Attic/tcrl b/test/Attic/tcrl deleted file mode 100644 index 951c9ddc11..0000000000 --- a/test/Attic/tcrl +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/sh - -cmd='../util/shlib_wrap.sh ../apps/openssl crl' - -if [ "$1"x != "x" ]; then - t=$1 -else - t=testcrl.pem -fi - -echo testing crl conversions -cp $t crl-fff.p - -echo "p -> d" -$cmd -in crl-fff.p -inform p -outform d >crl-f.d || exit 1 -echo "p -> p" -$cmd -in crl-fff.p -inform p -outform p >crl-f.p || exit 1 - -echo "d -> d" -$cmd -in crl-f.d -inform d -outform d >crl-ff.d1 || exit 1 -echo "p -> d" -$cmd -in crl-f.p -inform p -outform d >crl-ff.d3 || exit 1 - - -echo "d -> p" -$cmd -in crl-f.d -inform d -outform p >crl-ff.p1 || exit 1 -echo "p -> p" -$cmd -in crl-f.p -inform p -outform p >crl-ff.p3 || exit 1 - -cmp crl-fff.p crl-f.p || exit 1 -cmp crl-fff.p crl-ff.p1 || exit 1 -cmp crl-fff.p crl-ff.p3 || exit 1 -cmp crl-f.p crl-ff.p1 || exit 1 -cmp crl-f.p crl-ff.p3 || exit 1 - -/bin/rm -f crl-f.* crl-ff.* crl-fff.* -exit 0 diff --git a/test/Attic/tcrl.com b/test/Attic/tcrl.com deleted file mode 100644 index dd96a2b6dd..0000000000 --- a/test/Attic/tcrl.com +++ /dev/null @@ -1,88 +0,0 @@ -$! TCRL.COM -- Tests crl keys -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p2 .eqs. "64") then __arch = __arch+ "_64" -$! -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ -$ cmd = "mcr ''exe_dir'openssl crl" -$ -$ t = "testcrl.pem" -$ if p1 .nes. "" then t = p1 -$ -$ write sys$output "testing CRL conversions" -$ if f$search("fff.*") .nes "" then delete fff.*;* -$ if f$search("ff.*") .nes "" then delete ff.*;* -$ if f$search("f.*") .nes "" then delete f.*;* -$ convert/fdl=sys$input: 't' fff.p -RECORD - FORMAT STREAM_LF -$ -$ write sys$output "p -> d" -$ 'cmd' -in fff.p -inform p -outform d -out f.d -$ if $severity .ne. 1 then exit 3 -$! write sys$output "p -> t" -$! 'cmd' -in fff.p -inform p -outform t -out f.t -$! if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in fff.p -inform p -outform p -out f.p -$ if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> d" -$ 'cmd' -in f.d -inform d -outform d -out ff.d1 -$ if $severity .ne. 1 then exit 3 -$! write sys$output "t -> d" -$! 'cmd' -in f.t -inform t -outform d -out ff.d2 -$! if $severity .ne. 1 then exit 3 -$ write sys$output "p -> d" -$ 'cmd' -in f.p -inform p -outform d -out ff.d3 -$ if $severity .ne. 1 then exit 3 -$ -$! write sys$output "d -> t" -$! 'cmd' -in f.d -inform d -outform t -out ff.t1 -$! if $severity .ne. 1 then exit 3 -$! write sys$output "t -> t" -$! 'cmd' -in f.t -inform t -outform t -out ff.t2 -$! if $severity .ne. 1 then exit 3 -$! write sys$output "p -> t" -$! 'cmd' -in f.p -inform p -outform t -out ff.t3 -$! if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> p" -$ 'cmd' -in f.d -inform d -outform p -out ff.p1 -$ if $severity .ne. 1 then exit 3 -$! write sys$output "t -> p" -$! 'cmd' -in f.t -inform t -outform p -out ff.p2 -$! if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in f.p -inform p -outform p -out ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ backup/compare fff.p f.p -$ if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$! backup/compare fff.p ff.p2 -$! if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$! backup/compare f.t ff.t1 -$! if $severity .ne. 1 then exit 3 -$! backup/compare f.t ff.t2 -$! if $severity .ne. 1 then exit 3 -$! backup/compare f.t ff.t3 -$! if $severity .ne. 1 then exit 3 -$ -$ backup/compare f.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$! backup/compare f.p ff.p2 -$! if $severity .ne. 1 then exit 3 -$ backup/compare f.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ delete f.*;*,ff.*;*,fff.*;* diff --git a/test/Attic/testca b/test/Attic/testca deleted file mode 100644 index 452558bfc6..0000000000 --- a/test/Attic/testca +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/sh - -set -e - -PERL="$1" - -if test "$OSTYPE" = msdosdjgpp; then - PATH="../apps\;$PATH" -else - PATH="../apps:$PATH" -fi -export PATH - -export SSLEAY_CONFIG OPENSSL - -/bin/rm -fr demoCA - -SSLEAY_CONFIG="-config CAss.cnf" -OPENSSL="`pwd`/../util/opensslwrap.sh" - -$PERL ../apps/CA.pl -newca $test; - -echo cat -$cmd enc < $test > $test.cipher -$cmd enc < $test.cipher >$test.clear -cmp $test $test.clear || exit 1 -/bin/rm $test.cipher $test.clear - -echo base64 -$cmd enc -a -e < $test > $test.cipher -$cmd enc -a -d < $test.cipher >$test.clear -cmp $test $test.clear || exit 1 -/bin/rm $test.cipher $test.clear - -for i in `$cmd list -cipher-commands` -do - echo $i - $cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher - $cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear - cmp $test $test.$i.clear || exit 1 - /bin/rm $test.$i.cipher $test.$i.clear - - echo $i base64 - $cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher - $cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear - cmp $test $test.$i.clear || exit 1 - /bin/rm $test.$i.cipher $test.$i.clear -done -rm -f $test diff --git a/test/Attic/testenc.com b/test/Attic/testenc.com deleted file mode 100644 index fcd66399d6..0000000000 --- a/test/Attic/testenc.com +++ /dev/null @@ -1,66 +0,0 @@ -$! TESTENC.COM -- Test encoding and decoding -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p1 .eqs. 64) then __arch = __arch+ "_64" -$ -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ testsrc = "makefile." -$ test = "p.txt" -$ cmd = "mcr ''exe_dir'openssl" -$ -$ if f$search(test) .nes. "" then delete 'test';* -$ convert/fdl=sys$input: 'testsrc' 'test' -RECORD - FORMAT STREAM_LF -$ -$ if f$search(test+"-cipher") .nes. "" then delete 'test'-cipher;* -$ if f$search(test+"-clear") .nes. "" then delete 'test'-clear;* -$ -$ write sys$output "cat" -$ 'cmd' enc -in 'test' -out 'test'-cipher -$ 'cmd' enc -in 'test'-cipher -out 'test'-clear -$ backup/compare 'test' 'test'-clear -$ if $severity .ne. 1 then exit 3 -$ delete 'test'-cipher;*,'test'-clear;* -$ -$ write sys$output "base64" -$ 'cmd' enc -a -e -in 'test' -out 'test'-cipher -$ 'cmd' enc -a -d -in 'test'-cipher -out 'test'-clear -$ backup/compare 'test' 'test'-clear -$ if $severity .ne. 1 then exit 3 -$ delete 'test'-cipher;*,'test'-clear;* -$ -$ define/user sys$output 'test'-cipher-commands -$ 'cmd' list -cipher-commands -$ open/read f 'test'-cipher-commands -$ loop_cipher_commands: -$ read/end=loop_cipher_commands_end f i -$ write sys$output i -$ -$ if f$search(test+"-"+i+"-cipher") .nes. "" then - - delete 'test'-'i'-cipher;* -$ if f$search(test+"-"+i+"-clear") .nes. "" then - - delete 'test'-'i'-clear;* -$ -$ 'cmd' 'i' -bufsize 113 -e -k test -in 'test' -out 'test'-'i'-cipher -$ 'cmd' 'i' -bufsize 157 -d -k test -in 'test'-'i'-cipher -out 'test'-'i'-clear -$ backup/compare 'test' 'test'-'i'-clear -$ if $severity .ne. 1 then exit 3 -$ delete 'test'-'i'-cipher;*,'test'-'i'-clear;* -$ -$ write sys$output i," base64" -$ 'cmd' 'i' -bufsize 113 -a -e -k test -in 'test' -out 'test'-'i'-cipher -$ 'cmd' 'i' -bufsize 157 -a -d -k test -in 'test'-'i'-cipher -out 'test'-'i'-clear -$ backup/compare 'test' 'test'-'i'-clear -$ if $severity .ne. 1 then exit 3 -$ delete 'test'-'i'-cipher;*,'test'-'i'-clear;* -$ -$ goto loop_cipher_commands -$ loop_cipher_commands_end: -$ close f -$ delete 'test'-cipher-commands;* -$ delete 'test';* diff --git a/test/Attic/testgen b/test/Attic/testgen deleted file mode 100644 index 1140f8ac96..0000000000 --- a/test/Attic/testgen +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/sh - -T=testcert -KEY=512 -CA=../certs/testca.pem - -/bin/rm -f $T.1 $T.2 $T.key - -if test "$OSTYPE" = msdosdjgpp; then - PATH=../apps\;$PATH; -else - PATH=../apps:$PATH; -fi -export PATH - -echo "generating certificate request" - -echo "string to make the random number generator think it has entropy" >> ./.rnd - -if ../util/shlib_wrap.sh ../apps/openssl no-rsa >/dev/null; then - req_new='-newkey dsa:../apps/dsa512.pem' -else - req_new='-new' - echo "There should be a 2 sequences of .'s and some +'s." - echo "There should not be more that at most 80 per line" -fi - -rm -f testkey.pem testreq.pem - -echo Generating request -../util/shlib_wrap.sh ../apps/openssl req -config test.cnf $req_new -out testreq.pem || exit 1 - -echo Verifying signature on request -../util/shlib_wrap.sh ../apps/openssl req -config test.cnf -verify -in testreq.pem -noout || exit 1 - -exit 0 diff --git a/test/Attic/testgen.com b/test/Attic/testgen.com deleted file mode 100644 index e076da2f30..0000000000 --- a/test/Attic/testgen.com +++ /dev/null @@ -1,58 +0,0 @@ -$! TESTGEN.COM -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$ if (p1 .eqs. 64) then __arch = __arch+ "_64" -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ -$ T = "testcert" -$ KEY = 512 -$ CA = "[-.certs]testca.pem" -$ -$ set noon -$ if f$search(T+".1;*") .nes. "" then delete 'T'.1;* -$ if f$search(T+".2;*") .nes. "" then delete 'T'.2;* -$ if f$search(T+".key;*") .nes. "" then delete 'T'.key;* -$ set on -$ -$ write sys$output "generating certificate request" -$ -$ append/new nl: .rnd -$ open/append random_file .rnd -$ write random_file - - "string to make the random number generator think it has entropy" -$ close random_file -$ -$ set noon -$ define/user sys$output nla0: -$ mcr 'exe_dir'openssl no-rsa -$ save_severity=$SEVERITY -$ set on -$ if save_severity -$ then -$ req_new="-newkey dsa:[-.apps]dsa512.pem" -$ else -$ req_new="-new" -$ write sys$output - - "There should be a 2 sequences of .'s and some +'s." -$ write sys$output - - "There should not be more that at most 80 per line" -$ endif -$ -$ write sys$output "This could take some time." -$ -$ mcr 'exe_dir'openssl req -config test.cnf 'req_new' -out testreq.pem -$ if $severity .ne. 1 -$ then -$ write sys$output "problems creating request" -$ exit 3 -$ endif -$ -$ mcr 'exe_dir'openssl req -config test.cnf -verify -in testreq.pem -noout -$ if $severity .ne. 1 -$ then -$ write sys$output "signature on req is wrong" -$ exit 3 -$ endif diff --git a/test/Attic/testss b/test/Attic/testss deleted file mode 100644 index 45aedc859d..0000000000 --- a/test/Attic/testss +++ /dev/null @@ -1,143 +0,0 @@ -#!/bin/sh - -digest='-sha1' -reqcmd="../util/shlib_wrap.sh ../apps/openssl req" -x509cmd="../util/shlib_wrap.sh ../apps/openssl x509 $digest" -verifycmd="../util/shlib_wrap.sh ../apps/openssl verify" -dummycnf="../apps/openssl.cnf" - -CAkey="keyCA.ss" -CAcert="certCA.ss" -CAserial="certCA.srl" -CAreq="reqCA.ss" -CAconf="CAss.cnf" -CAreq2="req2CA.ss" # temp - -Uconf="Uss.cnf" -Ukey="keyU.ss" -Ureq="reqU.ss" -Ucert="certU.ss" - -Dkey="keyD.ss" -Dreq="reqD.ss" -Dcert="certD.ss" - -Ekey="keyE.ss" -Ereq="reqE.ss" -Ecert="certE.ss" - -P1conf="P1ss.cnf" -P1key="keyP1.ss" -P1req="reqP1.ss" -P1cert="certP1.ss" -P1intermediate="tmp_intP1.ss" - -P2conf="P2ss.cnf" -P2key="keyP2.ss" -P2req="reqP2.ss" -P2cert="certP2.ss" -P2intermediate="tmp_intP2.ss" - - -echo string to make the random number generator think it has entropy >> ./.rnd - -req_dsa='-newkey dsa:../apps/dsa1024.pem' - -if ../util/shlib_wrap.sh ../apps/openssl no-rsa >/dev/null; then - req_new=$req_dsa -else - req_new='-new' -fi - -echo make cert request -$reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new || exit 1 - -echo convert request into self-signed cert -$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey -extfile $CAconf -extensions v3_ca >err.ss || exit 1 - -echo convert cert into a cert request -$x509cmd -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >err.ss || exit 1 - -echo verify request 1 -$reqcmd -config $dummycnf -verify -in $CAreq -noout || exit 1 - -echo verify request 1 -$reqcmd -config $dummycnf -verify -in $CAreq2 -noout || exit 1 - -echo verify signature -$verifycmd -CAfile $CAcert $CAcert || exit 1 - -echo make a user cert request -$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new >err.ss || exit 1 - -echo sign user cert request -$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial -extfile $Uconf -extensions v3_ee >err.ss || exit 1 -$verifycmd -CAfile $CAcert $Ucert || exit 1 - -echo Certificate details -$x509cmd -subject -issuer -startdate -enddate -noout -in $Ucert || exit 1 - -if ../util/shlib_wrap.sh ../apps/openssl no-dsa >/dev/null; then - echo skipping DSA certificate creation -else - echo make a DSA user cert request - CN2="DSA Certificate" $reqcmd -config $Uconf -out $Dreq -keyout $Dkey $req_dsa >err.ss || exit 1 - - echo sign DSA user cert request - $x509cmd -CAcreateserial -in $Dreq -days 30 -req -out $Dcert -CA $CAcert -CAkey $CAkey -CAserial $CAserial -extfile $Uconf -extensions v3_ee_dsa >err.ss || exit 1 - $verifycmd -CAfile $CAcert $Dcert || exit 1 - - echo DSA Certificate details - $x509cmd -subject -issuer -startdate -enddate -noout -in $Dcert || exit 1 - -fi - -if ../util/shlib_wrap.sh ../apps/openssl no-ec >/dev/null; then - echo skipping ECDSA/ECDH certificate creation -else - echo make an ECDSA/ECDH user cert request - ../util/shlib_wrap.sh ../apps/openssl ecparam -name P-256 -out ecp.ss || exit 1 - CN2="ECDSA Certificate" $reqcmd -config $Uconf -out $Ereq -keyout $Ekey -newkey ec:ecp.ss >err.ss || exit 1 - - echo sign ECDSA/ECDH user cert request - $x509cmd -CAcreateserial -in $Ereq -days 30 -req -out $Ecert -CA $CAcert -CAkey $CAkey -CAserial $CAserial -extfile $Uconf -extensions v3_ee_ec >err.ss || exit 1 - $verifycmd -CAfile $CAcert $Ecert || exit 1 - - echo ECDSA Certificate details - $x509cmd -subject -issuer -startdate -enddate -noout -in $Ecert || exit 1 - -fi - -echo make a proxy cert request -$reqcmd -config $P1conf -out $P1req -keyout $P1key $req_new >err.ss || exit 1 - -echo sign proxy with user cert -$x509cmd -CAcreateserial -in $P1req -days 30 -req -out $P1cert -CA $Ucert -CAkey $Ukey -extfile $P1conf -extensions v3_proxy >err.ss || exit 1 - -cat $Ucert > $P1intermediate -$verifycmd -CAfile $CAcert -untrusted $P1intermediate $P1cert -echo Certificate details -$x509cmd -subject -issuer -startdate -enddate -noout -in $P1cert - -echo make another proxy cert request -$reqcmd -config $P2conf -out $P2req -keyout $P2key $req_new >err.ss || exit 1 - -echo sign second proxy cert request with the first proxy cert -$x509cmd -CAcreateserial -in $P2req -days 30 -req -out $P2cert -CA $P1cert -CAkey $P1key -extfile $P2conf -extensions v3_proxy >err.ss || exit 1 - -echo Certificate details -cat $Ucert $P1cert > $P2intermediate -$verifycmd -CAfile $CAcert -untrusted $P2intermediate $P2cert -$x509cmd -subject -issuer -startdate -enddate -noout -in $P2cert - -echo The generated CA certificate is $CAcert -echo The generated CA private key is $CAkey -echo The generated user certificate is $Ucert -echo The generated user private key is $Ukey -echo The first generated proxy certificate is $P1cert -echo The first generated proxy private key is $P1key -echo The second generated proxy certificate is $P2cert -echo The second generated proxy private key is $P2key - -/bin/rm err.ss -exit 0 diff --git a/test/Attic/testss.com b/test/Attic/testss.com deleted file mode 100644 index 32a74d0fc2..0000000000 --- a/test/Attic/testss.com +++ /dev/null @@ -1,123 +0,0 @@ -$! TESTSS.COM -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p1 .eqs. "64") then __arch = __arch+ "_64" -$! -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ -$ digest="-md5" -$ reqcmd = "mcr ''exe_dir'openssl req" -$ x509cmd = "mcr ''exe_dir'openssl x509 ''digest'" -$ verifycmd = "mcr ''exe_dir'openssl verify" -$ dummycnf = "sys$disk:[-.apps]openssl-vms.cnf" -$ -$ CAkey="""keyCA.ss""" -$ CAcert="""certCA.ss""" -$ CAreq="""reqCA.ss""" -$ CAconf="""CAss.cnf""" -$ CAreq2="""req2CA.ss""" ! temp -$ -$ Uconf="""Uss.cnf""" -$ Ukey="""keyU.ss""" -$ Ureq="""reqU.ss""" -$ Ucert="""certU.ss""" -$ -$ write sys$output "" -$ write sys$output "make a certificate request using 'req'" -$ -$ set noon -$ define/user sys$output nla0: -$ mcr 'exe_dir'openssl no-rsa -$ save_severity=$SEVERITY -$ set on -$ if save_severity -$ then -$ req_new="-newkey dsa:[-.apps]dsa512.pem" -$ else -$ req_new="-new" -$ endif -$ -$ 'reqcmd' -config 'CAconf' -out 'CAreq' -keyout 'CAkey' 'req_new' ! -out err.ss -$ if $severity .ne. 1 -$ then -$ write sys$output "error using 'req' to generate a certificate request" -$ exit 3 -$ endif -$ write sys$output "" -$ write sys$output "convert the certificate request into a self signed certificate using 'x509'" -$ define /user sys$output err.ss -$ 'x509cmd' "-CAcreateserial" -in 'CAreq' -days 30 -req -out 'CAcert' -signkey 'CAkey' -$ if $severity .ne. 1 -$ then -$ write sys$output "error using 'x509' to self sign a certificate request" -$ exit 3 -$ endif -$ -$ write sys$output "" -$ write sys$output "convert a certificate into a certificate request using 'x509'" -$ define /user sys$output err.ss -$ 'x509cmd' -in 'CAcert' -x509toreq -signkey 'CAkey' -out 'CAreq2' -$ if $severity .ne. 1 -$ then -$ write sys$output "error using 'x509' convert a certificate to a certificate request" -$ exit 3 -$ endif -$ -$ 'reqcmd' -config 'dummycnf' -verify -in 'CAreq' -noout -$ if $severity .ne. 1 -$ then -$ write sys$output "first generated request is invalid" -$ exit 3 -$ endif -$ -$ 'reqcmd' -config 'dummycnf' -verify -in 'CAreq2' -noout -$ if $severity .ne. 1 -$ then -$ write sys$output "second generated request is invalid" -$ exit 3 -$ endif -$ -$ 'verifycmd' "-CAfile" 'CAcert' 'CAcert' -$ if $severity .ne. 1 -$ then -$ write sys$output "first generated cert is invalid" -$ exit 3 -$ endif -$ -$ write sys$output "" -$ write sys$output "make another certificate request using 'req'" -$ define /user sys$output err.ss -$ 'reqcmd' -config 'Uconf' -out 'Ureq' -keyout 'Ukey' 'req_new' -$ if $severity .ne. 1 -$ then -$ write sys$output "error using 'req' to generate a certificate request" -$ exit 3 -$ endif -$ -$ write sys$output "" -$ write sys$output "sign certificate request with the just created CA via 'x509'" -$ define /user sys$output err.ss -$ 'x509cmd' "-CAcreateserial" -in 'Ureq' -days 30 -req -out 'Ucert' "-CA" 'CAcert' "-CAkey" 'CAkey' -$ if $severity .ne. 1 -$ then -$ write sys$output "error using 'x509' to sign a certificate request" -$ exit 3 -$ endif -$ -$ 'verifycmd' "-CAfile" 'CAcert' 'Ucert' -$ write sys$output "" -$ write sys$output "Certificate details" -$ 'x509cmd' -subject -issuer -startdate -enddate -noout -in 'Ucert' -$ -$ write sys$output "" -$ write sys$output "The generated CA certificate is ",CAcert -$ write sys$output "The generated CA private key is ",CAkey -$ -$ write sys$output "The generated user certificate is ",Ucert -$ write sys$output "The generated user private key is ",Ukey -$ -$ if f$search("err.ss;*") .nes. "" then delete err.ss;* diff --git a/test/Attic/testssl b/test/Attic/testssl deleted file mode 100644 index d41a4bdf63..0000000000 --- a/test/Attic/testssl +++ /dev/null @@ -1,266 +0,0 @@ -#!/bin/sh - -if [ "$1" = "" ]; then - key=../apps/server.pem -else - key="$1" -fi -if [ "$2" = "" ]; then - cert=../apps/server.pem -else - cert="$2" -fi -ssltest="../util/shlib_wrap.sh ./ssltest -s_key $key -s_cert $cert -c_key $key -c_cert $cert" - -if ../util/shlib_wrap.sh ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then - dsa_cert=YES -else - dsa_cert=NO -fi - -if [ "$3" = "" ]; then - CA="-CApath ../certs" -else - CA="-CAfile $3" -fi - -if [ "$4" = "" ]; then - extra="" -else - extra="$4" -fi - -serverinfo="./serverinfo.pem" - -############################################################################# - -echo test sslv3 -$ssltest -ssl3 $extra || exit 1 - -echo test sslv3 with server authentication -$ssltest -ssl3 -server_auth $CA $extra || exit 1 - -echo test sslv3 with client authentication -$ssltest -ssl3 -client_auth $CA $extra || exit 1 - -echo test sslv3 with both client and server authentication -$ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1 - -echo test sslv2/sslv3 -$ssltest $extra || exit 1 - -echo test sslv2/sslv3 with server authentication -$ssltest -server_auth $CA $extra || exit 1 - -echo test sslv2/sslv3 with client authentication -$ssltest -client_auth $CA $extra || exit 1 - -echo test sslv2/sslv3 with both client and server authentication -$ssltest -server_auth -client_auth $CA $extra || exit 1 - -echo test sslv3 via BIO pair -$ssltest -bio_pair -ssl3 $extra || exit 1 - -echo test sslv3 with server authentication via BIO pair -$ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1 - -echo test sslv3 with client authentication via BIO pair -$ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1 - -echo test sslv3 with both client and server authentication via BIO pair -$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1 - -echo test sslv2/sslv3 via BIO pair -$ssltest $extra || exit 1 - -echo test dtlsv1 -$ssltest -dtls1 $extra || exit 1 - -echo test dtlsv1 with server authentication -$ssltest -dtls1 -server_auth $CA $extra || exit 1 - -echo test dtlsv1 with client authentication -$ssltest -dtls1 -client_auth $CA $extra || exit 1 - -echo test dtlsv1 with both client and server authentication -$ssltest -dtls1 -server_auth -client_auth $CA $extra || exit 1 - -echo test dtlsv1.2 -$ssltest -dtls12 $extra || exit 1 - -echo test dtlsv1.2 with server authentication -$ssltest -dtls12 -server_auth $CA $extra || exit 1 - -echo test dtlsv1.2 with client authentication -$ssltest -dtls12 -client_auth $CA $extra || exit 1 - -echo test dtlsv1.2 with both client and server authentication -$ssltest -dtls12 -server_auth -client_auth $CA $extra || exit 1 - -if [ $dsa_cert = NO ]; then - echo 'test sslv2/sslv3 w/o (EC)DHE via BIO pair' - $ssltest -bio_pair -no_dhe -no_ecdhe $extra || exit 1 -fi - -echo test sslv2/sslv3 with 1024bit DHE via BIO pair -$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1 - -echo test sslv2/sslv3 with server authentication -$ssltest -bio_pair -server_auth $CA $extra || exit 1 - -echo test sslv2/sslv3 with client authentication via BIO pair -$ssltest -bio_pair -client_auth $CA $extra || exit 1 - -echo test sslv2/sslv3 with both client and server authentication via BIO pair -$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1 - -echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify -$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1 - -test_cipher() { - _cipher=$1 - echo "Testing $_cipher" - prot="" - if [ $2 = "SSLv3" ] ; then - prot="-ssl3" - fi - _exarg=$3 - $ssltest $_exarg -cipher $_cipher $prot - if [ $? -ne 0 ] ; then - echo "Failed $_cipher" - exit 1 - fi -} - -echo "Testing ciphersuites" -exkeys="" -ciphers="-EXP:-PSK:-SRP:-kDH:-kECDHe" -if ../util/shlib_wrap.sh ../apps/openssl no-dhparam >/dev/null; then - echo "skipping DHE tests" - ciphers="$ciphers:-kDHE" -fi -if ../util/shlib_wrap.sh ../apps/openssl no-dsa >/dev/null; then - echo "skipping DSA tests" - ciphers="$ciphers:-aDSA" -else - exkeys="$exkeys -s_cert certD.ss -s_key keyD.ss" -fi - -if ../util/shlib_wrap.sh ../apps/openssl no-ec >/dev/null; then - echo "skipping EC tests" - ciphers="$ciphers:!aECDSA:!kECDH" -else - exkeys="$exkeys -s_cert certE.ss -s_key keyE.ss" -fi - -for protocol in TLSv1.2 SSLv3; do - echo "Testing ciphersuites for $protocol" - for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "$protocol:$ciphers" | tr ':' ' '`; do - test_cipher $cipher $protocol "$exkeys" - done - echo "testing connection with weak DH, expecting failure" - if [ $protocol = "SSLv3" ] ; then - $ssltest -s_cipher "EDH" -c_cipher "EDH:@SECLEVEL=1" -dhe512 -ssl3 - else - $ssltest -s_cipher "EDH" -c_cipher "EDH:@SECLEVEL=1" -dhe512 - fi - if [ $? -eq 0 ]; then - echo "FAIL: connection with weak DH succeeded" - exit 1 - fi -done - -############################################################################# - -if ../util/shlib_wrap.sh ../apps/openssl no-dhparam; then - echo skipping anonymous DH tests -else - echo test tls1 with 1024bit anonymous DH, multiple handshakes - $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1 -fi - -if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then - echo skipping RSA tests -else - echo 'test tls1 with 1024bit RSA, no (EC)DHE, multiple handshakes' - ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -s_cert ../apps/server2.pem -no_dhe -no_ecdhe -num 10 -f -time $extra || exit 1 - - if ../util/shlib_wrap.sh ../apps/openssl no-dhparam; then - echo skipping RSA+DHE tests - else - echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes - ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -s_cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1 - fi -fi - -echo test tls1 with PSK -$ssltest -tls1 -cipher PSK -psk abc123 $extra || exit 1 - -echo test tls1 with PSK via BIO pair -$ssltest -bio_pair -tls1 -cipher PSK -psk abc123 $extra || exit 1 - -############################################################################# -# Next Protocol Negotiation Tests - -$ssltest -bio_pair -tls1 -npn_client || exit 1 -$ssltest -bio_pair -tls1 -npn_server || exit 1 -$ssltest -bio_pair -tls1 -npn_server_reject || exit 1 -$ssltest -bio_pair -tls1 -npn_client -npn_server_reject || exit 1 -$ssltest -bio_pair -tls1 -npn_client -npn_server || exit 1 -$ssltest -bio_pair -tls1 -npn_client -npn_server -num 2 || exit 1 -$ssltest -bio_pair -tls1 -npn_client -npn_server -num 2 -reuse || exit 1 - -############################################################################# -# Custom Extension tests - -echo test tls1 with custom extensions -$ssltest -bio_pair -tls1 -custom_ext || exit 1 - -############################################################################# -# Serverinfo tests - -echo test tls1 with serverinfo -$ssltest -bio_pair -tls1 -serverinfo_file $serverinfo || exit 1 -$ssltest -bio_pair -tls1 -serverinfo_file $serverinfo -serverinfo_sct || exit 1 -$ssltest -bio_pair -tls1 -serverinfo_file $serverinfo -serverinfo_tack || exit 1 -$ssltest -bio_pair -tls1 -serverinfo_file $serverinfo -serverinfo_sct -serverinfo_tack || exit 1 -$ssltest -bio_pair -tls1 -custom_ext -serverinfo_file $serverinfo -serverinfo_sct -serverinfo_tack || exit 1 - - -############################################################################# -# ALPN tests - -$ssltest -bio_pair -tls1 -alpn_client foo -alpn_server bar || exit 1 -$ssltest -bio_pair -tls1 -alpn_client foo -alpn_server foo -alpn_expected foo || exit 1 -$ssltest -bio_pair -tls1 -alpn_client foo,bar -alpn_server foo -alpn_expected foo || exit 1 -$ssltest -bio_pair -tls1 -alpn_client bar,foo -alpn_server foo -alpn_expected foo || exit 1 -$ssltest -bio_pair -tls1 -alpn_client bar,foo -alpn_server foo,bar -alpn_expected foo || exit 1 -$ssltest -bio_pair -tls1 -alpn_client bar,foo -alpn_server bar,foo -alpn_expected bar || exit 1 -$ssltest -bio_pair -tls1 -alpn_client foo,bar -alpn_server bar,foo -alpn_expected bar || exit 1 -$ssltest -bio_pair -tls1 -alpn_client baz -alpn_server bar,foo || exit 1 - -if ../util/shlib_wrap.sh ../apps/openssl no-srp; then - echo skipping SRP tests -else - echo test tls1 with SRP - $ssltest -tls1 -cipher SRP -srpuser test -srppass abc123 || exit 1 - - echo test tls1 with SRP via BIO pair - $ssltest -bio_pair -tls1 -cipher SRP -srpuser test -srppass abc123 || exit 1 - - echo test tls1 with SRP auth - $ssltest -tls1 -cipher aSRP -srpuser test -srppass abc123 || exit 1 - - echo test tls1 with SRP auth via BIO pair - $ssltest -bio_pair -tls1 -cipher aSRP -srpuser test -srppass abc123 || exit 1 -fi - -############################################################################# -# Multi-buffer tests - -if [ -z "$extra" -a `uname -m` = "x86_64" ]; then - $ssltest -cipher AES128-SHA -bytes 8m || exit 1 - $ssltest -cipher AES128-SHA256 -bytes 8m || exit 1 -fi - -exit 0 diff --git a/test/Attic/testssl.com b/test/Attic/testssl.com deleted file mode 100644 index 6f9b233e45..0000000000 --- a/test/Attic/testssl.com +++ /dev/null @@ -1,170 +0,0 @@ -$! TESTSSL.COM -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p4 .eqs. "64") then __arch = __arch+ "_64" -$! -$ texe_dir = "sys$disk:[-.''__arch'.exe.test]" -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ -$ if p1 .eqs. "" -$ then -$ key="[-.apps]server.pem" -$ else -$ key=p1 -$ endif -$ if p2 .eqs. "" -$ then -$ cert="[-.apps]server.pem" -$ else -$ cert=p2 -$ endif -$ ssltest = "mcr ''texe_dir'ssltest -key ''key'"+ - - " -cert ''cert' -c_key ''key' -c_cert ''cert'" -$! -$ set noon -$ define/user sys$output testssl-x509-output. -$ define/user sys$error nla0: -$ mcr 'exe_dir'openssl x509 -in 'cert' -text -noout -$ define/user sys$error nla0: -$ search/output=nla0: testssl-x509-output. "DSA Public Key"/exact -$ if $severity .eq. 1 -$ then -$ dsa_cert = "YES" -$ else -$ dsa_cert = "NO" -$ endif -$ delete testssl-x509-output.;* -$ -$ if p3 .eqs. "" -$ then -$ copy/concatenate [-.certs]*.pem certs.tmp -$ CA = """-CAfile"" certs.tmp" -$ else -$ CA = """-CAfile"" "+p3 -$ endif -$ -$!########################################################################### -$ -$ write sys$output "test sslv3" -$ 'ssltest' -ssl3 -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv3 with server authentication" -$ 'ssltest' -ssl3 -server_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv3 with client authentication" -$ 'ssltest' -ssl3 -client_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv3 with both client and server authentication" -$ 'ssltest' -ssl3 -server_auth -client_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv2/sslv3" -$ 'ssltest' -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv2/sslv3 with server authentication" -$ 'ssltest' -server_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv2/sslv3 with client authentication" -$ 'ssltest' -client_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv2/sslv3 with both client and server authentication" -$ 'ssltest' -server_auth -client_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv3 via BIO pair" -$ 'ssltest' -bio_pair -ssl3 -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv3 with server authentication via BIO pair" -$ 'ssltest' -bio_pair -ssl3 -server_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv3 with client authentication via BIO pair" -$ 'ssltest' -bio_pair -ssl3 -client_auth 'CA' -$ if $severity .ne. 1 then goto exit3 - -$ write sys$output "test sslv3 with both client and server authentication via BIO pair" -$ 'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv2/sslv3 via BIO pair" -$ 'ssltest' -$ if $severity .ne. 1 then goto exit3 -$ -$ if .not. dsa_cert -$ then -$ write sys$output "test sslv2/sslv3 w/o DHE via BIO pair" -$ 'ssltest' -bio_pair -no_dhe -$ if $severity .ne. 1 then goto exit3 -$ endif -$ -$ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair" -$ 'ssltest' -bio_pair -dhe1024dsa -v -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv2/sslv3 with server authentication" -$ 'ssltest' -bio_pair -server_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv2/sslv3 with client authentication via BIO pair" -$ 'ssltest' -bio_pair -client_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair" -$ 'ssltest' -bio_pair -server_auth -client_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$!########################################################################### -$ -$ define/user sys$output nla0: -$ mcr 'exe_dir'openssl no-rsa -$ no_rsa=$SEVERITY -$ define/user sys$output nla0: -$ mcr 'exe_dir'openssl no-dhparam -$ no_dh=$SEVERITY -$ -$ if no_dh -$ then -$ write sys$output "skipping anonymous DH tests" -$ else -$ write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes" -$ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time -$ if $severity .ne. 1 then goto exit3 -$ endif -$ -$ if no_rsa -$ then -$ write sys$output "skipping RSA tests" -$ else -$ write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes" -$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time -$ if $severity .ne. 1 then goto exit3 -$ -$ if no_dh -$ then -$ write sys$output "skipping RSA+DHE tests" -$ else -$ write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes" -$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time -$ if $severity .ne. 1 then goto exit3 -$ endif -$ endif -$ -$ RET = 1 -$ goto exit -$ exit3: -$ RET = 3 -$ exit: -$ if p3 .eqs. "" then delete certs.tmp;* -$ set on -$ exit 'RET' diff --git a/test/Attic/testsslproxy b/test/Attic/testsslproxy deleted file mode 100644 index 58bbda8ab7..0000000000 --- a/test/Attic/testsslproxy +++ /dev/null @@ -1,10 +0,0 @@ -#! /bin/sh - -echo 'Testing a lot of proxy conditions.' -echo 'Some of them may turn out being invalid, which is fine.' -for auth in A B C BC; do - for cond in A B C 'A|B&!C'; do - sh ./testssl $1 $2 $3 "-proxy -proxy_auth $auth -proxy_cond $cond" - if [ $? = 3 ]; then exit 1; fi - done -done diff --git a/test/Attic/testtsa b/test/Attic/testtsa deleted file mode 100644 index fc68ff906c..0000000000 --- a/test/Attic/testtsa +++ /dev/null @@ -1,147 +0,0 @@ -#!/bin/sh - -# -# A few very basic tests for the 'ts' time stamping authority command. -# - -SH="/bin/sh" -if test "$OSTYPE" = msdosdjgpp; then - PATH="../apps\;$PATH" -else - PATH="../apps:$PATH" -fi -export SH PATH - -OPENSSL_CONF="../CAtsa.cnf" -export OPENSSL_CONF -# Because that's what ../apps/CA.pl really looks at -SSLEAY_CONFIG="-config $OPENSSL_CONF" -export SSLEAY_CONFIG - -OPENSSL="`pwd`/../util/opensslwrap.sh" -export OPENSSL - -RUN () { - ../../util/shlib_wrap.sh ../../apps/openssl ts $* -} - -create_tsa_cert () { - INDEX=$1 - export INDEX - EXT=$2 - TSDNSECT=ts_cert_dn - export TSDNSECT - - ../../util/shlib_wrap.sh ../../apps/openssl req -new \ - -out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem || exit 1 - echo using extension $EXT - ../../util/shlib_wrap.sh ../../apps/openssl x509 -req \ - -in tsa_req${INDEX}.pem -out tsa_cert${INDEX}.pem \ - -CA tsaca.pem -CAkey tsacakey.pem -CAcreateserial \ - -extfile $OPENSSL_CONF -extensions $EXT || exit 1 -} - -create_time_stamp_response () { - RUN -reply -section $3 -queryfile $1 -out $2 || exit 1 -} - -verify_time_stamp_response () { - RUN -verify -queryfile $1 -in $2 -CAfile tsaca.pem \ - -untrusted tsa_cert1.pem || exit 1 - RUN -verify -data $3 -in $2 -CAfile tsaca.pem \ - -untrusted tsa_cert1.pem || exit 1 -} - -verify_time_stamp_response_fail () { - RUN -verify -queryfile $1 -in $2 -CAfile tsaca.pem \ - -untrusted tsa_cert1.pem && exit 1 - echo ok -} - -# main functions - -echo setting up TSA test directory -rm -rf tsa 2>/dev/null -mkdir tsa -cd ./tsa - -echo creating a new CA for the TSA tests -TSDNSECT=ts_ca_dn -export TSDNSECT -../../util/shlib_wrap.sh ../../apps/openssl req -new -x509 -nodes \ - -out tsaca.pem -keyout tsacakey.pem || exit 1 - -echo creating tsa_cert1.pem TSA server cert -create_tsa_cert 1 tsa_cert - -echo creating tsa_cert2.pem non-TSA server cert -create_tsa_cert 2 non_tsa_cert - -echo creating req1.req time stamp request for file testtsa -RUN -query -data ../testtsa -policy tsa_policy1 -cert -out req1.tsq || exit 1 - -echo printing req1.req -RUN -query -in req1.tsq -text - -echo generating valid response for req1.req -create_time_stamp_response req1.tsq resp1.tsr tsa_config1 - -echo printing response -RUN -reply -in resp1.tsr -text || exit 1 - -echo verifying valid response -verify_time_stamp_response req1.tsq resp1.tsr ../testtsa - -echo verifying valid token -RUN -reply -in resp1.tsr -out resp1.tsr.token -token_out || exit 1 -RUN -verify -queryfile req1.tsq -in resp1.tsr.token -token_in \ - -CAfile tsaca.pem -untrusted tsa_cert1.pem || exit 1 -RUN -verify -data ../testtsa -in resp1.tsr.token -token_in \ - -CAfile tsaca.pem -untrusted tsa_cert1.pem || exit 1 - -echo creating req2.req time stamp request for file testtsa -RUN -query -data ../testtsa -policy tsa_policy2 -no_nonce \ - -out req2.tsq || exit 1 - -echo printing req2.req -RUN -query -in req2.tsq -text - -echo generating valid response for req2.req -create_time_stamp_response req2.tsq resp2.tsr tsa_config1 - -echo checking -token_in and -token_out options with -reply -RESPONSE2=resp2.tsr.copy.tsr -TOKEN_DER=resp2.tsr.token.der -RUN -reply -in resp2.tsr -out $TOKEN_DER -token_out || exit 1 -RUN -reply -in $TOKEN_DER -token_in -out $RESPONSE2 || exit 1 -cmp $RESPONSE2 resp2.tsr || exit 1 -RUN -reply -in resp2.tsr -text -token_out || exit 1 -RUN -reply -in $TOKEN_DER -token_in -text -token_out || exit 1 -RUN -reply -queryfile req2.tsq -text -token_out || exit 1 - -echo printing response -RUN -reply -in resp2.tsr -text || exit 1 - -echo verifying valid response -verify_time_stamp_response req2.tsq resp2.tsr ../testtsa - -echo verifying response against wrong request, it should fail -verify_time_stamp_response_fail req1.tsq resp2.tsr - -echo verifying response against wrong request, it should fail -verify_time_stamp_response_fail req2.tsq resp1.tsr - -echo creating req3.req time stamp request for file CAtsa.cnf -RUN -query -data ../CAtsa.cnf -no_nonce -out req3.tsq || exit 1 - -echo printing req3.req -RUN -query -in req3.tsq -text - -echo verifying response against wrong request, it should fail -verify_time_stamp_response_fail req3.tsq resp1.tsr - -echo cleaning up -cd .. -rm -rf tsa - -exit 0 diff --git a/test/Attic/testtsa.com b/test/Attic/testtsa.com deleted file mode 100644 index 8503633e86..0000000000 --- a/test/Attic/testtsa.com +++ /dev/null @@ -1,255 +0,0 @@ -$! -$! A few very basic tests for the 'ts' time stamping authority command. -$! -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p4 .eqs. "64") then __arch = __arch+ "_64" -$! -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ -$ openssl = "mcr ''f$parse(exe_dir+"openssl.exe")'" -$ OPENSSL_CONF = "[-]CAtsa.cnf" -$ ! Because that's what ../apps/CA.pl really looks at -$ SSLEAY_CONFIG = "-config " + OPENSSL_CONF -$ -$ error: -$ subroutine -$ write sys$error "TSA test failed!" -$ exit 3 -$ endsubroutine -$ -$ setup_dir: -$ subroutine -$ -$ if f$search("tsa.dir") .nes "" -$ then -$ @[-.util]deltree [.tsa]*.* -$ set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) tsa.dir;* -$ delete tsa.dir;* -$ endif -$ -$ create/dir [.tsa] -$ set default [.tsa] -$ endsubroutine -$ -$ clean_up_dir: -$ subroutine -$ -$ set default [-] -$ @[-.util]deltree [.tsa]*.* -$ set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) tsa.dir;* -$ delete tsa.dir;* -$ endsubroutine -$ -$ create_ca: -$ subroutine -$ -$ write sys$output "Creating a new CA for the TSA tests..." -$ TSDNSECT = "ts_ca_dn" -$ openssl req -new -x509 -nodes - - -out tsaca.pem -keyout tsacakey.pem -$ if $severity .ne. 1 then call error -$ endsubroutine -$ -$ create_tsa_cert: -$ subroutine -$ -$ INDEX=p1 -$ EXT=p2 -$ TSDNSECT = "ts_cert_dn" -$ -$ openssl req -new - - -out tsa_req'INDEX'.pem -keyout tsa_key'INDEX'.pem -$ if $severity .ne. 1 then call error -$ -$ write sys$output "Using extension ''EXT'" -$ openssl x509 -req - - -in tsa_req'INDEX'.pem -out tsa_cert'INDEX'.pem - - "-CA" tsaca.pem "-CAkey" tsacakey.pem "-CAcreateserial" - - -extfile 'OPENSSL_CONF' -extensions "''EXT'" -$ if $severity .ne. 1 then call error -$ endsubroutine -$ -$ print_request: -$ subroutine -$ -$ openssl ts -query -in 'p1' -text -$ endsubroutine -$ -$ create_time_stamp_request1: subroutine -$ -$ openssl ts -query -data [-]testtsa.com -policy tsa_policy1 - - -cert -out req1.tsq -$ if $severity .ne. 1 then call error -$ endsubroutine -$ -$ create_time_stamp_request2: subroutine -$ -$ openssl ts -query -data [-]testtsa.com -policy tsa_policy2 - - -no_nonce -out req2.tsq -$ if $severity .ne. 1 then call error -$ endsubroutine -$ -$ create_time_stamp_request3: subroutine -$ -$ openssl ts -query -data [-]CAtsa.cnf -no_nonce -out req3.tsq -$ if $severity .ne. 1 then call error -$ endsubroutine -$ -$ print_response: -$ subroutine -$ -$ openssl ts -reply -in 'p1' -text -$ if $severity .ne. 1 then call error -$ endsubroutine -$ -$ create_time_stamp_response: -$ subroutine -$ -$ openssl ts -reply -section 'p3' -queryfile 'p1' -out 'p2' -$ if $severity .ne. 1 then call error -$ endsubroutine -$ -$ time_stamp_response_token_test: -$ subroutine -$ -$ RESPONSE2 = p2+ "-copy_tsr" -$ TOKEN_DER = p2+ "-token_der" -$ openssl ts -reply -in 'p2' -out 'TOKEN_DER' -token_out -$ if $severity .ne. 1 then call error -$ openssl ts -reply -in 'TOKEN_DER' -token_in -out 'RESPONSE2' -$ if $severity .ne. 1 then call error -$ backup/compare 'RESPONSE2' 'p2' -$ if $severity .ne. 1 then call error -$ openssl ts -reply -in 'p2' -text -token_out -$ if $severity .ne. 1 then call error -$ openssl ts -reply -in 'TOKEN_DER' -token_in -text -token_out -$ if $severity .ne. 1 then call error -$ openssl ts -reply -queryfile 'p1' -text -token_out -$ if $severity .ne. 1 then call error -$ endsubroutine -$ -$ verify_time_stamp_response: -$ subroutine -$ -$ openssl ts -verify -queryfile 'p1' -in 'p2' - - "-CAfile" tsaca.pem -untrusted tsa_cert1.pem -$ if $severity .ne. 1 then call error -$ openssl ts -verify -data 'p3' -in 'p2' - - "-CAfile" tsaca.pem -untrusted tsa_cert1.pem -$ if $severity .ne. 1 then call error -$ endsubroutine -$ -$ verify_time_stamp_token: -$ subroutine -$ -$ ! create the token from the response first -$ openssl ts -reply -in "''p2'" -out "''p2'-token" -token_out -$ if $severity .ne. 1 then call error -$ openssl ts -verify -queryfile "''p1'" -in "''p2'-token" - - -token_in "-CAfile" tsaca.pem -untrusted tsa_cert1.pem -$ if $severity .ne. 1 then call error -$ openssl ts -verify -data "''p3'" -in "''p2'-token" - - -token_in "-CAfile" tsaca.pem -untrusted tsa_cert1.pem -$ if $severity .ne. 1 then call error -$ endsubroutine -$ -$ verify_time_stamp_response_fail: -$ subroutine -$ -$ openssl ts -verify -queryfile 'p1' -in 'p2' - - "-CAfile" tsaca.pem -untrusted tsa_cert1.pem -$ ! Checks if the verification failed, as it should have. -$ if $severity .eq. 1 then call error -$ write sys$output "Ok" -$ endsubroutine -$ -$ ! Main body ---------------------------------------------------------- -$ -$ set noon -$ -$ write sys$output "Setting up TSA test directory..." -$ call setup_dir -$ -$ write sys$output "Creating CA for TSA tests..." -$ call create_ca -$ -$ write sys$output "Creating tsa_cert1.pem TSA server cert..." -$ call create_tsa_cert 1 "tsa_cert" -$ -$ write sys$output "Creating tsa_cert2.pem non-TSA server cert..." -$ call create_tsa_cert 2 "non_tsa_cert" -$ -$ write sys$output "Creating req1.req time stamp request for file testtsa..." -$ call create_time_stamp_request1 -$ -$ write sys$output "Printing req1.req..." -$ call print_request "req1.tsq" -$ -$ write sys$output "Generating valid response for req1.req..." -$ call create_time_stamp_response "req1.tsq" "resp1.tsr" "tsa_config1" -$ -$ write sys$output "Printing response..." -$ call print_response "resp1.tsr" -$ -$ write sys$output "Verifying valid response..." -$ call verify_time_stamp_response "req1.tsq" "resp1.tsr" "[-]testtsa.com" -$ -$ write sys$output "Verifying valid token..." -$ call verify_time_stamp_token "req1.tsq" "resp1.tsr" "[-]testtsa.com" -$ -$ ! The tests below are commented out, because invalid signer certificates -$ ! can no longer be specified in the config file. -$ -$ ! write sys$output "Generating _invalid_ response for req1.req..." -$ ! call create_time_stamp_response "req1.tsq" "resp1_bad.tsr" "tsa_config2" -$ -$ ! write sys$output "Printing response..." -$ ! call print_response "resp1_bad.tsr" -$ -$ ! write sys$output "Verifying invalid response, it should fail..." -$ ! call verify_time_stamp_response_fail "req1.tsq" "resp1_bad.tsr" -$ -$ write sys$output "Creating req2.req time stamp request for file testtsa..." -$ call create_time_stamp_request2 -$ -$ write sys$output "Printing req2.req..." -$ call print_request "req2.tsq" -$ -$ write sys$output "Generating valid response for req2.req..." -$ call create_time_stamp_response "req2.tsq" "resp2.tsr" "tsa_config1" -$ -$ write sys$output "Checking '-token_in' and '-token_out' options with '-reply'..." -$ call time_stamp_response_token_test "req2.tsq" "resp2.tsr" -$ -$ write sys$output "Printing response..." -$ call print_response "resp2.tsr" -$ -$ write sys$output "Verifying valid response..." -$ call verify_time_stamp_response "req2.tsq" "resp2.tsr" "[-]testtsa.com" -$ -$ write sys$output "Verifying response against wrong request, it should fail..." -$ call verify_time_stamp_response_fail "req1.tsq" "resp2.tsr" -$ -$ write sys$output "Verifying response against wrong request, it should fail..." -$ call verify_time_stamp_response_fail "req2.tsq" "resp1.tsr" -$ -$ write sys$output "Creating req3.req time stamp request for file CAtsa.cnf..." -$ call create_time_stamp_request3 -$ -$ write sys$output "Printing req3.req..." -$ call print_request "req3.tsq" -$ -$ write sys$output "Verifying response against wrong request, it should fail..." -$ call verify_time_stamp_response_fail "req3.tsq" "resp1.tsr" -$ -$ write sys$output "Cleaning up..." -$ call clean_up_dir -$ -$ set on -$ -$ exit diff --git a/test/Attic/tkey b/test/Attic/tkey deleted file mode 100644 index 47ac1be8fc..0000000000 --- a/test/Attic/tkey +++ /dev/null @@ -1,73 +0,0 @@ -#!/bin/sh - -t=$1 -ktype=$2 -ptype=$3 - -if ../util/shlib_wrap.sh ../apps/openssl no-$ktype; then - echo skipping $ktype $ptype conversion test - exit 0 -fi - -if [ $ptype = "public" ]; then - cmd="../util/shlib_wrap.sh ../apps/openssl $ktype -pubin -pubout" -else - cmd="../util/shlib_wrap.sh ../apps/openssl $ktype" -fi - -echo testing $ktype $ptype conversions -cp $t $ktype-fff.p - -echo "p -> d" -$cmd -in $ktype-fff.p -inform p -outform d >$ktype-f.d || exit 1 -echo "p -> p" -$cmd -in $ktype-fff.p -inform p -outform p >$ktype-f.p || exit 1 - -echo "d -> d" -$cmd -in $ktype-f.d -inform d -outform d >$ktype-ff.d1 || exit 1 -echo "p -> d" -$cmd -in $ktype-f.p -inform p -outform d >$ktype-ff.d3 || exit 1 - -echo "d -> p" -$cmd -in $ktype-f.d -inform d -outform p >$ktype-ff.p1 || exit 1 -echo "p -> p" -$cmd -in $ktype-f.p -inform p -outform p >$ktype-ff.p3 || exit 1 - -cmp $ktype-fff.p $ktype-f.p || exit 1 -cmp $ktype-fff.p $ktype-ff.p1 || exit 1 -cmp $ktype-fff.p $ktype-ff.p3 || exit 1 -cmp $ktype-f.p $ktype-ff.p1 || exit 1 -cmp $ktype-f.p $ktype-ff.p3 || exit 1 - -/bin/rm -f $ktype-f.* $ktype-ff.* $ktype-fff.* - -[ $ptype = "public" ] && exit 0 - - -echo testing $ktype PKCS#8 conversions -cmd="../util/shlib_wrap.sh ../apps/openssl pkey" - -$cmd -in $t -out $ktype-fff.p - -echo "p -> d" -$cmd -in $ktype-fff.p -inform p -outform d >$ktype-f.d || exit 1 -echo "p -> p" -$cmd -in $ktype-fff.p -inform p -outform p >$ktype-f.p || exit 1 - -echo "d -> d" -$cmd -in $ktype-f.d -inform d -outform d >$ktype-ff.d1 || exit 1 -echo "p -> d" -$cmd -in $ktype-f.p -inform p -outform d >$ktype-ff.d3 || exit 1 - -echo "d -> p" -$cmd -in $ktype-f.d -inform d -outform p >$ktype-ff.p1 || exit 1 -echo "p -> p" -$cmd -in $ktype-f.p -inform p -outform p >$ktype-ff.p3 || exit 1 - -cmp $ktype-fff.p $ktype-f.p || exit 1 -cmp $ktype-fff.p $ktype-ff.p1 || exit 1 -cmp $ktype-fff.p $ktype-ff.p3 || exit 1 -cmp $ktype-f.p $ktype-ff.p1 || exit 1 -cmp $ktype-f.p $ktype-ff.p3 || exit 1 - -/bin/rm -f $ktype-f.* $ktype-ff.* $ktype-fff.* diff --git a/test/Attic/tocsp b/test/Attic/tocsp deleted file mode 100644 index 5fc291ca6e..0000000000 --- a/test/Attic/tocsp +++ /dev/null @@ -1,147 +0,0 @@ -#!/bin/sh - -cmd='../util/shlib_wrap.sh ../apps/openssl' -ocspdir="ocsp-tests" -# 17 December 2012 so we don't get certificate expiry errors. -check_time="-attime 1355875200" - -test_ocsp () { - - $cmd base64 -d -in $ocspdir/$1 | \ - $cmd ocsp -respin - -partial_chain $check_time \ - -CAfile $ocspdir/$2 -verify_other $ocspdir/$2 -CApath /dev/null - [ $? != $3 ] && exit 1 -} - - -echo "=== VALID OCSP RESPONSES ===" -echo "NON-DELEGATED; Intermediate CA -> EE" -test_ocsp ND1.ors ND1_Issuer_ICA.pem 0 -echo "NON-DELEGATED; Root CA -> Intermediate CA" -test_ocsp ND2.ors ND2_Issuer_Root.pem 0 -echo "NON-DELEGATED; Root CA -> EE" -test_ocsp ND3.ors ND3_Issuer_Root.pem 0 -echo "DELEGATED; Intermediate CA -> EE" -test_ocsp D1.ors D1_Issuer_ICA.pem 0 -echo "DELEGATED; Root CA -> Intermediate CA" -test_ocsp D2.ors D2_Issuer_Root.pem 0 -echo "DELEGATED; Root CA -> EE" -test_ocsp D3.ors D3_Issuer_Root.pem 0 - -echo "=== INVALID SIGNATURE on the OCSP RESPONSE ===" -echo "NON-DELEGATED; Intermediate CA -> EE" -test_ocsp ISOP_ND1.ors ND1_Issuer_ICA.pem 1 -echo "NON-DELEGATED; Root CA -> Intermediate CA" -test_ocsp ISOP_ND2.ors ND2_Issuer_Root.pem 1 -echo "NON-DELEGATED; Root CA -> EE" -test_ocsp ISOP_ND3.ors ND3_Issuer_Root.pem 1 -echo "DELEGATED; Intermediate CA -> EE" -test_ocsp ISOP_D1.ors D1_Issuer_ICA.pem 1 -echo "DELEGATED; Root CA -> Intermediate CA" -test_ocsp ISOP_D2.ors D2_Issuer_Root.pem 1 -echo "DELEGATED; Root CA -> EE" -test_ocsp ISOP_D3.ors D3_Issuer_Root.pem 1 - -echo "=== WRONG RESPONDERID in the OCSP RESPONSE ===" -echo "NON-DELEGATED; Intermediate CA -> EE" -test_ocsp WRID_ND1.ors ND1_Issuer_ICA.pem 1 -echo "NON-DELEGATED; Root CA -> Intermediate CA" -test_ocsp WRID_ND2.ors ND2_Issuer_Root.pem 1 -echo "NON-DELEGATED; Root CA -> EE" -test_ocsp WRID_ND3.ors ND3_Issuer_Root.pem 1 -echo "DELEGATED; Intermediate CA -> EE" -test_ocsp WRID_D1.ors D1_Issuer_ICA.pem 1 -echo "DELEGATED; Root CA -> Intermediate CA" -test_ocsp WRID_D2.ors D2_Issuer_Root.pem 1 -echo "DELEGATED; Root CA -> EE" -test_ocsp WRID_D3.ors D3_Issuer_Root.pem 1 - -echo "=== WRONG ISSUERNAMEHASH in the OCSP RESPONSE ===" -echo "NON-DELEGATED; Intermediate CA -> EE" -test_ocsp WINH_ND1.ors ND1_Issuer_ICA.pem 1 -echo "NON-DELEGATED; Root CA -> Intermediate CA" -test_ocsp WINH_ND2.ors ND2_Issuer_Root.pem 1 -echo "NON-DELEGATED; Root CA -> EE" -test_ocsp WINH_ND3.ors ND3_Issuer_Root.pem 1 -echo "DELEGATED; Intermediate CA -> EE" -test_ocsp WINH_D1.ors D1_Issuer_ICA.pem 1 -echo "DELEGATED; Root CA -> Intermediate CA" -test_ocsp WINH_D2.ors D2_Issuer_Root.pem 1 -echo "DELEGATED; Root CA -> EE" -test_ocsp WINH_D3.ors D3_Issuer_Root.pem 1 - -echo "=== WRONG ISSUERKEYHASH in the OCSP RESPONSE ===" -echo "NON-DELEGATED; Intermediate CA -> EE" -test_ocsp WIKH_ND1.ors ND1_Issuer_ICA.pem 1 -echo "NON-DELEGATED; Root CA -> Intermediate CA" -test_ocsp WIKH_ND2.ors ND2_Issuer_Root.pem 1 -echo "NON-DELEGATED; Root CA -> EE" -test_ocsp WIKH_ND3.ors ND3_Issuer_Root.pem 1 -echo "DELEGATED; Intermediate CA -> EE" -test_ocsp WIKH_D1.ors D1_Issuer_ICA.pem 1 -echo "DELEGATED; Root CA -> Intermediate CA" -test_ocsp WIKH_D2.ors D2_Issuer_Root.pem 1 -echo "DELEGATED; Root CA -> EE" -test_ocsp WIKH_D3.ors D3_Issuer_Root.pem 1 - -echo "=== WRONG KEY in the DELEGATED OCSP SIGNING CERTIFICATE ===" -echo "DELEGATED; Intermediate CA -> EE" -test_ocsp WKDOSC_D1.ors D1_Issuer_ICA.pem 1 -echo "DELEGATED; Root CA -> Intermediate CA" -test_ocsp WKDOSC_D2.ors D2_Issuer_Root.pem 1 -echo "DELEGATED; Root CA -> EE" -test_ocsp WKDOSC_D3.ors D3_Issuer_Root.pem 1 - -echo "=== INVALID SIGNATURE on the DELEGATED OCSP SIGNING CERTIFICATE ===" -echo "DELEGATED; Intermediate CA -> EE" -test_ocsp ISDOSC_D1.ors D1_Issuer_ICA.pem 1 -echo "DELEGATED; Root CA -> Intermediate CA" -test_ocsp ISDOSC_D2.ors D2_Issuer_Root.pem 1 -echo "DELEGATED; Root CA -> EE" -test_ocsp ISDOSC_D3.ors D3_Issuer_Root.pem 1 - -echo "=== WRONG SUBJECT NAME in the ISSUER CERTIFICATE ===" -echo "NON-DELEGATED; Intermediate CA -> EE" -test_ocsp ND1.ors WSNIC_ND1_Issuer_ICA.pem 1 -echo "NON-DELEGATED; Root CA -> Intermediate CA" -test_ocsp ND2.ors WSNIC_ND2_Issuer_Root.pem 1 -echo "NON-DELEGATED; Root CA -> EE" -test_ocsp ND3.ors WSNIC_ND3_Issuer_Root.pem 1 -echo "DELEGATED; Intermediate CA -> EE" -test_ocsp D1.ors WSNIC_D1_Issuer_ICA.pem 1 -echo "DELEGATED; Root CA -> Intermediate CA" -test_ocsp D2.ors WSNIC_D2_Issuer_Root.pem 1 -echo "DELEGATED; Root CA -> EE" -test_ocsp D3.ors WSNIC_D3_Issuer_Root.pem 1 - -echo "=== WRONG KEY in the ISSUER CERTIFICATE ===" -echo "NON-DELEGATED; Intermediate CA -> EE" -test_ocsp ND1.ors WKIC_ND1_Issuer_ICA.pem 1 -echo "NON-DELEGATED; Root CA -> Intermediate CA" -test_ocsp ND2.ors WKIC_ND2_Issuer_Root.pem 1 -echo "NON-DELEGATED; Root CA -> EE" -test_ocsp ND3.ors WKIC_ND3_Issuer_Root.pem 1 -echo "DELEGATED; Intermediate CA -> EE" -test_ocsp D1.ors WKIC_D1_Issuer_ICA.pem 1 -echo "DELEGATED; Root CA -> Intermediate CA" -test_ocsp D2.ors WKIC_D2_Issuer_Root.pem 1 -echo "DELEGATED; Root CA -> EE" -test_ocsp D3.ors WKIC_D3_Issuer_Root.pem 1 - -echo "=== INVALID SIGNATURE on the ISSUER CERTIFICATE ===" -# Expect success, because we're explicitly trusting the issuer certificate. -echo "NON-DELEGATED; Intermediate CA -> EE" -test_ocsp ND1.ors ISIC_ND1_Issuer_ICA.pem 0 -echo "NON-DELEGATED; Root CA -> Intermediate CA" -test_ocsp ND2.ors ISIC_ND2_Issuer_Root.pem 0 -echo "NON-DELEGATED; Root CA -> EE" -test_ocsp ND3.ors ISIC_ND3_Issuer_Root.pem 0 -echo "DELEGATED; Intermediate CA -> EE" -test_ocsp D1.ors ISIC_D1_Issuer_ICA.pem 0 -echo "DELEGATED; Root CA -> Intermediate CA" -test_ocsp D2.ors ISIC_D2_Issuer_Root.pem 0 -echo "DELEGATED; Root CA -> EE" -test_ocsp D3.ors ISIC_D3_Issuer_Root.pem 0 - -echo "ALL OCSP TESTS SUCCESSFUL" -exit 0 diff --git a/test/Attic/tocsp.com b/test/Attic/tocsp.com deleted file mode 100644 index 97253fe464..0000000000 --- a/test/Attic/tocsp.com +++ /dev/null @@ -1,165 +0,0 @@ -$! TOCSP.COM -- Test ocsp -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p2 .eqs. "64") then __arch = __arch+ "_64" -$! -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ -$ cmd = "mcr ''f$parse(exe_dir+"openssl.exe")'" -$ ocspdir = "ocsp-tests" -$ -$! 17 December 2012 so we don't get certificate expiry errors. -$ check_time="-attime 1355875200" -$ -$ test_ocsp: -$ subroutine -$ 'cmd' base64 -d -in [.'ocspdir']'p1' -out ocsp-test.test-bin -$ 'cmd' ocsp -respin ocsp-test.test-bin -partial_chain 'check_time' - - "-CAfile" [.'ocspdir']'p2' -verify_other [.'ocspdir']'p2' "-CApath" NLA0: -$ if $severity .ne. p3+1 -$ then -$ write sys$error "OCSP test failed!" -$ exit 3 -$ endif -$ endsubroutine -$ -$ set noon -$ -$ write sys$output "=== VALID OCSP RESPONSES ===" -$ write sys$output "NON-DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "ND1.ors" "ND1_Issuer_ICA.pem" 0 -$ write sys$output "NON-DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "ND2.ors" "ND2_Issuer_Root.pem" 0 -$ write sys$output "NON-DELEGATED; Root CA -> EE" -$ call test_ocsp "ND3.ors" "ND3_Issuer_Root.pem" 0 -$ write sys$output "DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "D1.ors" "D1_Issuer_ICA.pem" 0 -$ write sys$output "DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "D2.ors" "D2_Issuer_Root.pem" 0 -$ write sys$output "DELEGATED; Root CA -> EE" -$ call test_ocsp "D3.ors" "D3_Issuer_Root.pem" 0 -$ -$ write sys$output "=== INVALID SIGNATURE on the OCSP RESPONSE ===" -$ write sys$output "NON-DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "ISOP_ND1.ors" "ND1_Issuer_ICA.pem" 1 -$ write sys$output "NON-DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "ISOP_ND2.ors" "ND2_Issuer_Root.pem" 1 -$ write sys$output "NON-DELEGATED; Root CA -> EE" -$ call test_ocsp "ISOP_ND3.ors" "ND3_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "ISOP_D1.ors" "D1_Issuer_ICA.pem" 1 -$ write sys$output "DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "ISOP_D2.ors" "D2_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Root CA -> EE" -$ call test_ocsp "ISOP_D3.ors" "D3_Issuer_Root.pem" 1 -$ -$ write sys$output "=== WRONG RESPONDERID in the OCSP RESPONSE ===" -$ write sys$output "NON-DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "WRID_ND1.ors" "ND1_Issuer_ICA.pem" 1 -$ write sys$output "NON-DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "WRID_ND2.ors" "ND2_Issuer_Root.pem" 1 -$ write sys$output "NON-DELEGATED; Root CA -> EE" -$ call test_ocsp "WRID_ND3.ors" "ND3_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "WRID_D1.ors" "D1_Issuer_ICA.pem" 1 -$ write sys$output "DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "WRID_D2.ors" "D2_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Root CA -> EE" -$ call test_ocsp "WRID_D3.ors" "D3_Issuer_Root.pem" 1 -$ -$ write sys$output "=== WRONG ISSUERNAMEHASH in the OCSP RESPONSE ===" -$ write sys$output "NON-DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "WINH_ND1.ors" "ND1_Issuer_ICA.pem" 1 -$ write sys$output "NON-DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "WINH_ND2.ors" "ND2_Issuer_Root.pem" 1 -$ write sys$output "NON-DELEGATED; Root CA -> EE" -$ call test_ocsp "WINH_ND3.ors" "ND3_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "WINH_D1.ors" "D1_Issuer_ICA.pem" 1 -$ write sys$output "DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "WINH_D2.ors" "D2_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Root CA -> EE" -$ call test_ocsp "WINH_D3.ors" "D3_Issuer_Root.pem" 1 -$ -$ write sys$output "=== WRONG ISSUERKEYHASH in the OCSP RESPONSE ===" -$ write sys$output "NON-DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "WIKH_ND1.ors" "ND1_Issuer_ICA.pem" 1 -$ write sys$output "NON-DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "WIKH_ND2.ors" "ND2_Issuer_Root.pem" 1 -$ write sys$output "NON-DELEGATED; Root CA -> EE" -$ call test_ocsp "WIKH_ND3.ors" "ND3_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "WIKH_D1.ors" "D1_Issuer_ICA.pem" 1 -$ write sys$output "DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "WIKH_D2.ors" "D2_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Root CA -> EE" -$ call test_ocsp "WIKH_D3.ors" "D3_Issuer_Root.pem" 1 -$ -$ write sys$output "=== WRONG KEY in the DELEGATED OCSP SIGNING CERTIFICATE ===" -$ write sys$output "DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "WKDOSC_D1.ors" "D1_Issuer_ICA.pem" 1 -$ write sys$output "DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "WKDOSC_D2.ors" "D2_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Root CA -> EE" -$ call test_ocsp "WKDOSC_D3.ors" "D3_Issuer_Root.pem" 1 -$ -$ write sys$output "=== INVALID SIGNATURE on the DELEGATED OCSP SIGNING CERTIFICATE ===" -$ write sys$output "DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "ISDOSC_D1.ors" "D1_Issuer_ICA.pem" 1 -$ write sys$output "DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "ISDOSC_D2.ors" "D2_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Root CA -> EE" -$ call test_ocsp "ISDOSC_D3.ors" "D3_Issuer_Root.pem" 1 -$ -$ write sys$output "=== WRONG SUBJECT NAME in the ISSUER CERTIFICATE ===" -$ write sys$output "NON-DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "ND1.ors" "WSNIC_ND1_Issuer_ICA.pem" 1 -$ write sys$output "NON-DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "ND2.ors" "WSNIC_ND2_Issuer_Root.pem" 1 -$ write sys$output "NON-DELEGATED; Root CA -> EE" -$ call test_ocsp "ND3.ors" "WSNIC_ND3_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "D1.ors" "WSNIC_D1_Issuer_ICA.pem" 1 -$ write sys$output "DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "D2.ors" "WSNIC_D2_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Root CA -> EE" -$ call test_ocsp "D3.ors" "WSNIC_D3_Issuer_Root.pem" 1 -$ -$ write sys$output "=== WRONG KEY in the ISSUER CERTIFICATE ===" -$ write sys$output "NON-DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "ND1.ors" "WKIC_ND1_Issuer_ICA.pem" 1 -$ write sys$output "NON-DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "ND2.ors" "WKIC_ND2_Issuer_Root.pem" 1 -$ write sys$output "NON-DELEGATED; Root CA -> EE" -$ call test_ocsp "ND3.ors" "WKIC_ND3_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "D1.ors" "WKIC_D1_Issuer_ICA.pem" 1 -$ write sys$output "DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "D2.ors" "WKIC_D2_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Root CA -> EE" -$ call test_ocsp "D3.ors" "WKIC_D3_Issuer_Root.pem" 1 -$ -$ write sys$output "=== INVALID SIGNATURE on the ISSUER CERTIFICATE ===" -$! Expect success, because we're explicitly trusting the issuer certificate. -$ write sys$output "NON-DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "ND1.ors" "ISIC_ND1_Issuer_ICA.pem" 0 -$ write sys$output "NON-DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "ND2.ors" "ISIC_ND2_Issuer_Root.pem" 0 -$ write sys$output "NON-DELEGATED; Root CA -> EE" -$ call test_ocsp "ND3.ors" "ISIC_ND3_Issuer_Root.pem" 0 -$ write sys$output "DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "D1.ors" "ISIC_D1_Issuer_ICA.pem" 0 -$ write sys$output "DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "D2.ors" "ISIC_D2_Issuer_Root.pem" 0 -$ write sys$output "DELEGATED; Root CA -> EE" -$ call test_ocsp "D3.ors" "ISIC_D3_Issuer_Root.pem" 0 -$ -$ write sys$output "ALL OCSP TESTS SUCCESSFUL" -$ -$ set on -$ -$ exit diff --git a/test/Attic/tpkcs7 b/test/Attic/tpkcs7 deleted file mode 100644 index 91e304bb67..0000000000 --- a/test/Attic/tpkcs7 +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/sh - -cmd='../util/shlib_wrap.sh ../apps/openssl pkcs7' - -if [ "$1"x != "x" ]; then - t=$1 -else - t=testp7.pem -fi - -echo testing pkcs7 conversions -cp $t p7-fff.p - -echo "p -> d" -$cmd -in p7-fff.p -inform p -outform d >p7-f.d || exit 1 -echo "p -> p" -$cmd -in p7-fff.p -inform p -outform p >p7-f.p || exit 1 - -echo "d -> d" -$cmd -in p7-f.d -inform d -outform d >p7-ff.d1 || exit 1 -echo "p -> d" -$cmd -in p7-f.p -inform p -outform d >p7-ff.d3 || exit 1 - -echo "d -> p" -$cmd -in p7-f.d -inform d -outform p >p7-ff.p1 || exit 1 -echo "p -> p" -$cmd -in p7-f.p -inform p -outform p >p7-ff.p3 || exit 1 - -cmp p7-fff.p p7-f.p || exit 1 -cmp p7-fff.p p7-ff.p1 || exit 1 -cmp p7-fff.p p7-ff.p3 || exit 1 -cmp p7-f.p p7-ff.p1 || exit 1 -cmp p7-f.p p7-ff.p3 || exit 1 - -/bin/rm -f p7-f.* p7-ff.* p7-fff.* -exit 0 diff --git a/test/Attic/tpkcs7.com b/test/Attic/tpkcs7.com deleted file mode 100644 index 3fc4982bb0..0000000000 --- a/test/Attic/tpkcs7.com +++ /dev/null @@ -1,59 +0,0 @@ -$! TPKCS7.COM -- Tests pkcs7 keys -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p2 .eqs. "64") then __arch = __arch+ "_64" -$! -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ -$ cmd = "mcr ''exe_dir'openssl pkcs7" -$ -$ t = "testp7.pem" -$ if p1 .nes. "" then t = p1 -$ -$ write sys$output "testing PKCS7 conversions" -$ if f$search("fff.*") .nes "" then delete fff.*;* -$ if f$search("ff.*") .nes "" then delete ff.*;* -$ if f$search("f.*") .nes "" then delete f.*;* -$ convert/fdl=sys$input: 't' fff.p -RECORD - FORMAT STREAM_LF -$ -$ write sys$output "p -> d" -$ 'cmd' -in fff.p -inform p -outform d -out f.d -$ if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in fff.p -inform p -outform p -out f.p -$ if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> d" -$ 'cmd' -in f.d -inform d -outform d -out ff.d1 -$ if $severity .ne. 1 then exit 3 -$ write sys$output "p -> d" -$ 'cmd' -in f.p -inform p -outform d -out ff.d3 -$ if $severity .ne. 1 then exit 3 -$ -$ -$ write sys$output "d -> p" -$ 'cmd' -in f.d -inform d -outform p -out ff.p1 -$ if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in f.p -inform p -outform p -out ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ backup/compare fff.p f.p -$ if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ backup/compare f.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$ backup/compare f.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ delete f.*;*,ff.*;*,fff.*;* diff --git a/test/Attic/tpkcs7d b/test/Attic/tpkcs7d deleted file mode 100644 index c5077da80f..0000000000 --- a/test/Attic/tpkcs7d +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/sh - -cmd='../util/shlib_wrap.sh ../apps/openssl pkcs7' - -if [ "$1"x != "x" ]; then - t=$1 -else - t=pkcs7-1.pem -fi - -echo "testing pkcs7 conversions (2)" -cp $t p7d-fff.p - -echo "p -> d" -$cmd -in p7d-fff.p -inform p -outform d >p7d-f.d || exit 1 -echo "p -> p" -$cmd -in p7d-fff.p -inform p -outform p >p7d-f.p || exit 1 - -echo "d -> d" -$cmd -in p7d-f.d -inform d -outform d >p7d-ff.d1 || exit 1 -echo "p -> d" -$cmd -in p7d-f.p -inform p -outform d >p7d-ff.d3 || exit 1 - -echo "d -> p" -$cmd -in p7d-f.d -inform d -outform p >p7d-ff.p1 || exit 1 -echo "p -> p" -$cmd -in p7d-f.p -inform p -outform p >p7d-ff.p3 || exit 1 - -cmp p7d-f.p p7d-ff.p1 || exit 1 -cmp p7d-f.p p7d-ff.p3 || exit 1 - -/bin/rm -f p7d-f.* p7d-ff.* p7d-fff.* -exit 0 diff --git a/test/Attic/tpkcs7d.com b/test/Attic/tpkcs7d.com deleted file mode 100644 index eea8c888ee..0000000000 --- a/test/Attic/tpkcs7d.com +++ /dev/null @@ -1,52 +0,0 @@ -$! TPKCS7.COM -- Tests pkcs7 keys -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p2 .eqs. "64") then __arch = __arch+ "_64" -$! -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ -$ cmd = "mcr ''exe_dir'openssl pkcs7" -$ -$ t = "pkcs7-1.pem" -$ if p1 .nes. "" then t = p1 -$ -$ write sys$output "testing PKCS7 conversions (2)" -$ if f$search("fff.*") .nes "" then delete fff.*;* -$ if f$search("ff.*") .nes "" then delete ff.*;* -$ if f$search("f.*") .nes "" then delete f.*;* -$ convert/fdl=sys$input: 't' fff.p -RECORD - FORMAT STREAM_LF -$ -$ write sys$output "p -> d" -$ 'cmd' -in fff.p -inform p -outform d -out f.d -$ if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in fff.p -inform p -outform p -out f.p -$ if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> d" -$ 'cmd' -in f.d -inform d -outform d -out ff.d1 -$ if $severity .ne. 1 then exit 3 -$ write sys$output "p -> d" -$ 'cmd' -in f.p -inform p -outform d -out ff.d3 -$ if $severity .ne. 1 then exit 3 -$ -$ -$ write sys$output "d -> p" -$ 'cmd' -in f.d -inform d -outform p -out ff.p1 -$ if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in f.p -inform p -outform p -out ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ backup/compare f.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$ backup/compare f.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ delete f.*;*,ff.*;*,fff.*;* diff --git a/test/Attic/treq b/test/Attic/treq deleted file mode 100644 index 2062d76fb9..0000000000 --- a/test/Attic/treq +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/sh - -cmd='../util/shlib_wrap.sh ../apps/openssl req -config ../apps/openssl.cnf' - -if [ "$1"x != "x" ]; then - t=$1 -else - t=testreq.pem -fi - -if $cmd -in $t -inform p -noout -text 2>&1 | fgrep -i 'Unknown Public Key'; then - echo "skipping req conversion test for $t" - exit 0 -fi - -echo testing req conversions -cp $t req-fff.p - -echo "p -> d" -$cmd -in req-fff.p -inform p -outform d >req-f.d || exit 1 -echo "p -> p" -$cmd -in req-fff.p -inform p -outform p >req-f.p || exit 1 - -echo "d -> d" -$cmd -verify -in req-f.d -inform d -outform d >req-ff.d1 || exit 1 -echo "p -> d" -$cmd -verify -in req-f.p -inform p -outform d >req-ff.d3 || exit 1 - -echo "d -> p" -$cmd -in req-f.d -inform d -outform p >req-ff.p1 || exit 1 -echo "p -> p" -$cmd -in req-f.p -inform p -outform p >req-ff.p3 || exit 1 - -cmp req-fff.p req-f.p || exit 1 -cmp req-fff.p req-ff.p1 || exit 1 -cmp req-fff.p req-ff.p3 || exit 1 -cmp req-f.p req-ff.p1 || exit 1 -cmp req-f.p req-ff.p3 || exit 1 - -/bin/rm -f req-f.* req-ff.* req-fff.* -exit 0 diff --git a/test/Attic/treq.com b/test/Attic/treq.com deleted file mode 100644 index acf08b79ef..0000000000 --- a/test/Attic/treq.com +++ /dev/null @@ -1,88 +0,0 @@ -$! TREQ.COM -- Tests req keys -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p2 .eqs. "64") then __arch = __arch+ "_64" -$! -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ -$ cmd = "mcr ''exe_dir'openssl req -config [-.apps]openssl-vms.cnf" -$ -$ t = "testreq.pem" -$ if p1 .nes. "" then t = p1 -$ -$ write sys$output "testing req conversions" -$ if f$search("fff.*") .nes "" then delete fff.*;* -$ if f$search("ff.*") .nes "" then delete ff.*;* -$ if f$search("f.*") .nes "" then delete f.*;* -$ convert/fdl=sys$input: 't' fff.p -RECORD - FORMAT STREAM_LF -$ -$ write sys$output "p -> d" -$ 'cmd' -in fff.p -inform p -outform d -out f.d -$ if $severity .ne. 1 then exit 3 -$! write sys$output "p -> t" -$! 'cmd' -in fff.p -inform p -outform t -out f.t -$! if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in fff.p -inform p -outform p -out f.p -$ if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> d" -$ 'cmd' -verify -in f.d -inform d -outform d -out ff.d1 -$ if $severity .ne. 1 then exit 3 -$! write sys$output "t -> d" -$! 'cmd' -verify -in f.t -inform t -outform d -out ff.d2 -$! if $severity .ne. 1 then exit 3 -$ write sys$output "p -> d" -$ 'cmd' -verify -in f.p -inform p -outform d -out ff.d3 -$ if $severity .ne. 1 then exit 3 -$ -$! write sys$output "d -> t" -$! 'cmd' -in f.d -inform d -outform t -out ff.t1 -$! if $severity .ne. 1 then exit 3 -$! write sys$output "t -> t" -$! 'cmd' -in f.t -inform t -outform t -out ff.t2 -$! if $severity .ne. 1 then exit 3 -$! write sys$output "p -> t" -$! 'cmd' -in f.p -inform p -outform t -out ff.t3 -$! if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> p" -$ 'cmd' -in f.d -inform d -outform p -out ff.p1 -$ if $severity .ne. 1 then exit 3 -$! write sys$output "t -> p" -$! 'cmd' -in f.t -inform t -outform p -out ff.p2 -$! if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in f.p -inform p -outform p -out ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ backup/compare fff.p f.p -$ if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$! backup/compare fff.p ff.p2 -$! if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$! backup/compare f.t ff.t1 -$! if $severity .ne. 1 then exit 3 -$! backup/compare f.t ff.t2 -$! if $severity .ne. 1 then exit 3 -$! backup/compare f.t ff.t3 -$! if $severity .ne. 1 then exit 3 -$ -$ backup/compare f.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$! backup/compare f.p ff.p2 -$! if $severity .ne. 1 then exit 3 -$ backup/compare f.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ delete f.*;*,ff.*;*,fff.*;* diff --git a/test/Attic/trsa.com b/test/Attic/trsa.com deleted file mode 100644 index 54180843ee..0000000000 --- a/test/Attic/trsa.com +++ /dev/null @@ -1,99 +0,0 @@ -$! TRSA.COM -- Tests rsa keys -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p2 .eqs. "64") then __arch = __arch+ "_64" -$! -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ -$ set noon -$ define/user sys$output nla0: -$ mcr 'exe_dir'openssl no-rsa -$ save_severity=$SEVERITY -$ set on -$ if save_severity -$ then -$ write sys$output "skipping RSA conversion test" -$ exit -$ endif -$ -$ cmd = "mcr ''exe_dir'openssl rsa" -$ -$ t = "testrsa.pem" -$ if p1 .nes. "" then t = p1 -$ -$ write sys$output "testing RSA conversions" -$ if f$search("fff.*") .nes "" then delete fff.*;* -$ if f$search("ff.*") .nes "" then delete ff.*;* -$ if f$search("f.*") .nes "" then delete f.*;* -$ convert/fdl=sys$input: 't' fff.p -RECORD - FORMAT STREAM_LF -$ -$ write sys$output "p -> d" -$ 'cmd' -in fff.p -inform p -outform d -out f.d -$ if $severity .ne. 1 then exit 3 -$! write sys$output "p -> t" -$! 'cmd' -in fff.p -inform p -outform t -out f.t -$! if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in fff.p -inform p -outform p -out f.p -$ if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> d" -$ 'cmd' -in f.d -inform d -outform d -out ff.d1 -$ if $severity .ne. 1 then exit 3 -$! write sys$output "t -> d" -$! 'cmd' -in f.t -inform t -outform d -out ff.d2 -$! if $severity .ne. 1 then exit 3 -$ write sys$output "p -> d" -$ 'cmd' -in f.p -inform p -outform d -out ff.d3 -$ if $severity .ne. 1 then exit 3 -$ -$! write sys$output "d -> t" -$! 'cmd' -in f.d -inform d -outform t -out ff.t1 -$! if $severity .ne. 1 then exit 3 -$! write sys$output "t -> t" -$! 'cmd' -in f.t -inform t -outform t -out ff.t2 -$! if $severity .ne. 1 then exit 3 -$! write sys$output "p -> t" -$! 'cmd' -in f.p -inform p -outform t -out ff.t3 -$! if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> p" -$ 'cmd' -in f.d -inform d -outform p -out ff.p1 -$ if $severity .ne. 1 then exit 3 -$! write sys$output "t -> p" -$! 'cmd' -in f.t -inform t -outform p -out ff.p2 -$! if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in f.p -inform p -outform p -out ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ backup/compare fff.p f.p -$ if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$! backup/compare fff.p ff.p2 -$! if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$! backup/compare f.t ff.t1 -$! if $severity .ne. 1 then exit 3 -$! backup/compare f.t ff.t2 -$! if $severity .ne. 1 then exit 3 -$! backup/compare f.t ff.t3 -$! if $severity .ne. 1 then exit 3 -$ -$ backup/compare f.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$! backup/compare f.p ff.p2 -$! if $severity .ne. 1 then exit 3 -$ backup/compare f.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ delete f.*;*,ff.*;*,fff.*;* diff --git a/test/Attic/tsid b/test/Attic/tsid deleted file mode 100644 index 546efb732a..0000000000 --- a/test/Attic/tsid +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/sh - -cmd='../util/shlib_wrap.sh ../apps/openssl sess_id' - -if [ "$1"x != "x" ]; then - t=$1 -else - t=testsid.pem -fi - -echo testing session-id conversions -cp $t sid-fff.p - -echo "p -> d" -$cmd -in sid-fff.p -inform p -outform d >sid-f.d || exit 1 -echo "p -> p" -$cmd -in sid-fff.p -inform p -outform p >sid-f.p || exit 1 - -echo "d -> d" -$cmd -in sid-f.d -inform d -outform d >sid-ff.d1 || exit 1 -echo "p -> d" -$cmd -in sid-f.p -inform p -outform d >sid-ff.d3 || exit 1 - -echo "d -> p" -$cmd -in sid-f.d -inform d -outform p >sid-ff.p1 || exit 1 -echo "p -> p" -$cmd -in sid-f.p -inform p -outform p >sid-ff.p3 || exit 1 - -cmp sid-fff.p sid-f.p || exit 1 -cmp sid-fff.p sid-ff.p1 || exit 1 -cmp sid-fff.p sid-ff.p3 || exit 1 -cmp sid-f.p sid-ff.p1 || exit 1 -cmp sid-f.p sid-ff.p3 || exit 1 - -/bin/rm -f sid-f.* sid-ff.* sid-fff.* -exit 0 diff --git a/test/Attic/tsid.com b/test/Attic/tsid.com deleted file mode 100644 index b6c4e49473..0000000000 --- a/test/Attic/tsid.com +++ /dev/null @@ -1,88 +0,0 @@ -$! TSID.COM -- Tests sid keys -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p2 .eqs. "64") then __arch = __arch+ "_64" -$! -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ -$ cmd = "mcr ''exe_dir'openssl sess_id" -$ -$ t = "testsid.pem" -$ if p1 .nes. "" then t = p1 -$ -$ write sys$output "testing session-id conversions" -$ if f$search("fff.*") .nes "" then delete fff.*;* -$ if f$search("ff.*") .nes "" then delete ff.*;* -$ if f$search("f.*") .nes "" then delete f.*;* -$ convert/fdl=sys$input: 't' fff.p -RECORD - FORMAT STREAM_LF -$ -$ write sys$output "p -> d" -$ 'cmd' -in fff.p -inform p -outform d -out f.d -$ if $severity .ne. 1 then exit 3 -$! write sys$output "p -> t" -$! 'cmd' -in fff.p -inform p -outform t -out f.t -$! if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in fff.p -inform p -outform p -out f.p -$ if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> d" -$ 'cmd' -in f.d -inform d -outform d -out ff.d1 -$ if $severity .ne. 1 then exit 3 -$! write sys$output "t -> d" -$! 'cmd' -in f.t -inform t -outform d -out ff.d2 -$! if $severity .ne. 1 then exit 3 -$ write sys$output "p -> d" -$ 'cmd' -in f.p -inform p -outform d -out ff.d3 -$ if $severity .ne. 1 then exit 3 -$ -$! write sys$output "d -> t" -$! 'cmd' -in f.d -inform d -outform t -out ff.t1 -$! if $severity .ne. 1 then exit 3 -$! write sys$output "t -> t" -$! 'cmd' -in f.t -inform t -outform t -out ff.t2 -$! if $severity .ne. 1 then exit 3 -$! write sys$output "p -> t" -$! 'cmd' -in f.p -inform p -outform t -out ff.t3 -$! if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> p" -$ 'cmd' -in f.d -inform d -outform p -out ff.p1 -$ if $severity .ne. 1 then exit 3 -$! write sys$output "t -> p" -$! 'cmd' -in f.t -inform t -outform p -out ff.p2 -$! if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in f.p -inform p -outform p -out ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ backup/compare fff.p f.p -$ if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$! backup/compare fff.p ff.p2 -$! if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$! backup/compare f.t ff.t1 -$! if $severity .ne. 1 then exit 3 -$! backup/compare f.t ff.t2 -$! if $severity .ne. 1 then exit 3 -$! backup/compare f.t ff.t3 -$! if $severity .ne. 1 then exit 3 -$ -$ backup/compare f.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$! backup/compare f.p ff.p2 -$! if $severity .ne. 1 then exit 3 -$ backup/compare f.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ delete f.*;*,ff.*;*,fff.*;* diff --git a/test/Attic/tverify.com b/test/Attic/tverify.com deleted file mode 100644 index d888344637..0000000000 --- a/test/Attic/tverify.com +++ /dev/null @@ -1,65 +0,0 @@ -$! TVERIFY.COM -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p1 .eqs. "64") then __arch = __arch+ "_64" -$! -$ line_max = 255 ! Could be longer on modern non-VAX. -$ temp_file_name = "certs_"+ f$getjpi( "", "PID")+ ".tmp" -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ cmd = "mcr ''exe_dir'openssl verify ""-CAfile"" ''temp_file_name'" -$ cmd_len = f$length( cmd) -$ pems = "[-.certs...]*.pem" -$! -$! Concatenate all the certificate files. -$! -$ copy /concatenate 'pems' 'temp_file_name' -$! -$! Loop through all the certificate files. -$! -$ args = "" -$ old_f = "" -$ loop_file: -$ f = f$search( pems) -$ if ((f .nes. "") .and. (f .nes. old_f)) -$ then -$ old_f = f -$! -$! If this file name would over-extend the command line, then -$! run the command now. -$! -$ if (cmd_len+ f$length( args)+ 1+ f$length( f) .gt. line_max) -$ then -$ if (args .eqs. "") then goto disaster -$ 'cmd''args' -$ args = "" -$ endif -$! Add the next file to the argument list. -$ args = args+ " "+ f -$ else -$! No more files in the list -$ goto loop_file_end -$ endif -$ goto loop_file -$ loop_file_end: -$! -$! Run the command for any left-over arguments. -$! -$ if (args .nes. "") -$ then -$ 'cmd''args' -$ endif -$! -$! Delete the temporary file. -$! -$ if (f$search( "''temp_file_name';*") .nes. "") then - - delete 'temp_file_name';* -$! -$ exit -$! -$ disaster: -$ write sys$output " Command line too long. Doomed." -$! diff --git a/test/Attic/tx509 b/test/Attic/tx509 deleted file mode 100644 index dc9abc680d..0000000000 --- a/test/Attic/tx509 +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/sh - -cmd='../util/shlib_wrap.sh ../apps/openssl x509' - -if [ "$1"x != "x" ]; then - t=$1 -else - t=testx509.pem -fi - -echo testing X509 conversions -cp $t x509-fff.p - -echo "p -> d" -$cmd -in x509-fff.p -inform p -outform d >x509-f.d || exit 1 -echo "p -> p" -$cmd -in x509-fff.p -inform p -outform p >x509-f.p || exit 1 - -echo "d -> d" -$cmd -in x509-f.d -inform d -outform d >x509-ff.d1 || exit 1 -echo "p -> d" -$cmd -in x509-f.p -inform p -outform d >x509-ff.d3 || exit 1 - -echo "d -> p" -$cmd -in x509-f.d -inform d -outform p >x509-ff.p1 || exit 1 -echo "p -> p" -$cmd -in x509-f.p -inform p -outform p >x509-ff.p3 || exit 1 - -cmp x509-fff.p x509-f.p || exit 1 -cmp x509-fff.p x509-ff.p1 || exit 1 -cmp x509-fff.p x509-ff.p3 || exit 1 - -cmp x509-f.p x509-ff.p1 || exit 1 -cmp x509-f.p x509-ff.p3 || exit 1 - -/bin/rm -f x509-f.* x509-ff.* x509-fff.* -exit 0 diff --git a/test/Attic/tx509.com b/test/Attic/tx509.com deleted file mode 100644 index 93ce988b41..0000000000 --- a/test/Attic/tx509.com +++ /dev/null @@ -1,88 +0,0 @@ -$! TX509.COM -- Tests x509 certificates -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p2 .eqs. "64") then __arch = __arch+ "_64" -$! -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ -$ cmd = "mcr ''exe_dir'openssl x509" -$ -$ t = "testx509.pem" -$ if p1 .nes. "" then t = p1 -$ -$ write sys$output "testing X509 conversions" -$ if f$search("fff.*") .nes "" then delete fff.*;* -$ if f$search("ff.*") .nes "" then delete ff.*;* -$ if f$search("f.*") .nes "" then delete f.*;* -$ convert/fdl=sys$input: 't' fff.p -RECORD - FORMAT STREAM_LF -$ -$ write sys$output "p -> d" -$ 'cmd' -in fff.p -inform p -outform d -out f.d -$ if $severity .ne. 1 then exit 3 -$ write sys$output "p -> n" -$ 'cmd' -in fff.p -inform p -outform n -out f.n -$ if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in fff.p -inform p -outform p -out f.p -$ if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> d" -$ 'cmd' -in f.d -inform d -outform d -out ff.d1 -$ if $severity .ne. 1 then exit 3 -$ write sys$output "n -> d" -$ 'cmd' -in f.n -inform n -outform d -out ff.d2 -$ if $severity .ne. 1 then exit 3 -$ write sys$output "p -> d" -$ 'cmd' -in f.p -inform p -outform d -out ff.d3 -$ if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> n" -$ 'cmd' -in f.d -inform d -outform n -out ff.n1 -$ if $severity .ne. 1 then exit 3 -$ write sys$output "n -> n" -$ 'cmd' -in f.n -inform n -outform n -out ff.n2 -$ if $severity .ne. 1 then exit 3 -$ write sys$output "p -> n" -$ 'cmd' -in f.p -inform p -outform n -out ff.n3 -$ if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> p" -$ 'cmd' -in f.d -inform d -outform p -out ff.p1 -$ if $severity .ne. 1 then exit 3 -$ write sys$output "n -> p" -$ 'cmd' -in f.n -inform n -outform p -out ff.p2 -$ if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in f.p -inform p -outform p -out ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ backup/compare fff.p f.p -$ if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p2 -$ if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ backup/compare f.n ff.n1 -$ if $severity .ne. 1 then exit 3 -$ backup/compare f.n ff.n2 -$ if $severity .ne. 1 then exit 3 -$ backup/compare f.n ff.n3 -$ if $severity .ne. 1 then exit 3 -$ -$ backup/compare f.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$ backup/compare f.p ff.p2 -$ if $severity .ne. 1 then exit 3 -$ backup/compare f.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ delete f.*;*,ff.*;*,fff.*;* -- 2.25.1