Synchronise with Unixly tests
This commit is contained in:
parent
df1ff3f1b3
commit
c13ee21492
5 changed files with 208 additions and 96 deletions
|
@ -16,23 +16,35 @@ $ set on
|
||||||
$
|
$
|
||||||
$ write sys$output "generating certificate request"
|
$ write sys$output "generating certificate request"
|
||||||
$
|
$
|
||||||
$ write sys$output "There should be a 2 sequences of .'s and some +'s."
|
|
||||||
$ write sys$output "There should not be more that at most 80 per line"
|
|
||||||
$ write sys$output "This could take some time."
|
|
||||||
$
|
|
||||||
$ append/new nl: .rnd
|
$ append/new nl: .rnd
|
||||||
$ open/append random_file .rnd
|
$ open/append random_file .rnd
|
||||||
$ write random_file "string to make the random number generator think it has entropy"
|
$ write random_file "string to make the random number generator think it has entropy"
|
||||||
$ close random_file
|
$ close random_file
|
||||||
$
|
$
|
||||||
$ mcr 'exe_dir'openssl req -config test.cnf -new -out testreq.pem
|
$ set noon
|
||||||
|
$ define/user sys$output nla0:
|
||||||
|
$ mcr 'exe_dir'openssl no-rsa
|
||||||
|
$ save_severity=$SEVERITY
|
||||||
|
$ set on
|
||||||
|
$ if save_severity
|
||||||
|
$ then
|
||||||
|
$ req_new="-newkey dsa:[-.apps]dsa512.pem"
|
||||||
|
$ else
|
||||||
|
$ req_new="-new"
|
||||||
|
$ write sys$output "There should be a 2 sequences of .'s and some +'s."
|
||||||
|
$ write sys$output "There should not be more that at most 80 per line"
|
||||||
|
$ endif
|
||||||
|
$
|
||||||
|
$ write sys$output "This could take some time."
|
||||||
|
$
|
||||||
|
$ mcr 'exe_dir'openssl req -config test.cnf 'req_new' -out testreq.pem
|
||||||
$ if $severity .ne. 1
|
$ if $severity .ne. 1
|
||||||
$ then
|
$ then
|
||||||
$ write sys$output "problems creating request"
|
$ write sys$output "problems creating request"
|
||||||
$ exit 3
|
$ exit 3
|
||||||
$ endif
|
$ endif
|
||||||
$
|
$
|
||||||
$ mcr 'exe_dir'openssl req -verify -in testreq.pem -noout
|
$ mcr 'exe_dir'openssl req -config test.cnf -verify -in testreq.pem -noout
|
||||||
$ if $severity .ne. 1
|
$ if $severity .ne. 1
|
||||||
$ then
|
$ then
|
||||||
$ write sys$output "signature on req is wrong"
|
$ write sys$output "signature on req is wrong"
|
||||||
|
|
|
@ -23,7 +23,7 @@ $ tests := -
|
||||||
test_rmd,test_rc2,test_rc4,test_rc5,test_bf,test_cast,-
|
test_rmd,test_rc2,test_rc4,test_rc5,test_bf,test_cast,-
|
||||||
test_rand,test_bn,test_enc,test_x509,test_rsa,test_crl,test_sid,-
|
test_rand,test_bn,test_enc,test_x509,test_rsa,test_crl,test_sid,-
|
||||||
test_gen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,-
|
test_gen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,-
|
||||||
test_ss,test_ssl,test_ca
|
test_ss,test_ca,test_ssl
|
||||||
$ endif
|
$ endif
|
||||||
$ tests = f$edit(tests,"COLLAPSE")
|
$ tests = f$edit(tests,"COLLAPSE")
|
||||||
$
|
$
|
||||||
|
@ -55,54 +55,55 @@ $ loop_tests:
|
||||||
$ tests_e = f$element(tests_i,",",tests)
|
$ tests_e = f$element(tests_i,",",tests)
|
||||||
$ tests_i = tests_i + 1
|
$ tests_i = tests_i + 1
|
||||||
$ if tests_e .eqs. "," then goto exit
|
$ if tests_e .eqs. "," then goto exit
|
||||||
$ goto 'tests_e'
|
$ gosub 'tests_e'
|
||||||
|
$ goto loop_tests
|
||||||
$
|
$
|
||||||
$ test_des:
|
$ test_des:
|
||||||
$ mcr 'texe_dir''destest'
|
$ mcr 'texe_dir''destest'
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_idea:
|
$ test_idea:
|
||||||
$ mcr 'texe_dir''ideatest'
|
$ mcr 'texe_dir''ideatest'
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_sha:
|
$ test_sha:
|
||||||
$ mcr 'texe_dir''shatest'
|
$ mcr 'texe_dir''shatest'
|
||||||
$ mcr 'texe_dir''sha1test'
|
$ mcr 'texe_dir''sha1test'
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_mdc2:
|
$ test_mdc2:
|
||||||
$ mcr 'texe_dir''mdc2test'
|
$ mcr 'texe_dir''mdc2test'
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_md5:
|
$ test_md5:
|
||||||
$ mcr 'texe_dir''md5test'
|
$ mcr 'texe_dir''md5test'
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_hmac:
|
$ test_hmac:
|
||||||
$ mcr 'texe_dir''hmactest'
|
$ mcr 'texe_dir''hmactest'
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_md2:
|
$ test_md2:
|
||||||
$ mcr 'texe_dir''md2test'
|
$ mcr 'texe_dir''md2test'
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_rmd:
|
$ test_rmd:
|
||||||
$ mcr 'texe_dir''rmdtest'
|
$ mcr 'texe_dir''rmdtest'
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_bf:
|
$ test_bf:
|
||||||
$ mcr 'texe_dir''bftest'
|
$ mcr 'texe_dir''bftest'
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_cast:
|
$ test_cast:
|
||||||
$ mcr 'texe_dir''casttest'
|
$ mcr 'texe_dir''casttest'
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_rc2:
|
$ test_rc2:
|
||||||
$ mcr 'texe_dir''rc2test'
|
$ mcr 'texe_dir''rc2test'
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_rc4:
|
$ test_rc4:
|
||||||
$ mcr 'texe_dir''rc4test'
|
$ mcr 'texe_dir''rc4test'
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_rc5:
|
$ test_rc5:
|
||||||
$ mcr 'texe_dir''rc5test'
|
$ mcr 'texe_dir''rc5test'
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_rand:
|
$ test_rand:
|
||||||
$ mcr 'texe_dir''randtest'
|
$ mcr 'texe_dir''randtest'
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_enc:
|
$ test_enc:
|
||||||
$ @testenc.com
|
$ @testenc.com
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_x509:
|
$ test_x509:
|
||||||
$ define sys$error nla0:
|
$ define sys$error nla0:
|
||||||
$ write sys$output "test normal x509v1 certificate"
|
$ write sys$output "test normal x509v1 certificate"
|
||||||
|
@ -112,35 +113,35 @@ $ @tx509.com v3-cert1.pem
|
||||||
$ write sys$output "test second x509v3 certificate"
|
$ write sys$output "test second x509v3 certificate"
|
||||||
$ @tx509.com v3-cert2.pem
|
$ @tx509.com v3-cert2.pem
|
||||||
$ deassign sys$error
|
$ deassign sys$error
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_rsa:
|
$ test_rsa:
|
||||||
$ define sys$error nla0:
|
$ define sys$error nla0:
|
||||||
$ @trsa.com
|
$ @trsa.com
|
||||||
$ deassign sys$error
|
$ deassign sys$error
|
||||||
$ mcr 'texe_dir''rsatest'
|
$ mcr 'texe_dir''rsatest'
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_crl:
|
$ test_crl:
|
||||||
$ define sys$error nla0:
|
$ define sys$error nla0:
|
||||||
$ @tcrl.com
|
$ @tcrl.com
|
||||||
$ deassign sys$error
|
$ deassign sys$error
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_sid:
|
$ test_sid:
|
||||||
$ define sys$error nla0:
|
$ define sys$error nla0:
|
||||||
$ @tsid.com
|
$ @tsid.com
|
||||||
$ deassign sys$error
|
$ deassign sys$error
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_req:
|
$ test_req:
|
||||||
$ define sys$error nla0:
|
$ define sys$error nla0:
|
||||||
$ @treq.com
|
$ @treq.com
|
||||||
$ @treq.com testreq2.pem
|
$ @treq.com testreq2.pem
|
||||||
$ deassign sys$error
|
$ deassign sys$error
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_pkcs7:
|
$ test_pkcs7:
|
||||||
$ define sys$error nla0:
|
$ define sys$error nla0:
|
||||||
$ @tpkcs7.com
|
$ @tpkcs7.com
|
||||||
$ @tpkcs7d.com
|
$ @tpkcs7d.com
|
||||||
$ deassign sys$error
|
$ deassign sys$error
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_bn:
|
$ test_bn:
|
||||||
$ write sys$output "starting big number library test, could take a while..."
|
$ write sys$output "starting big number library test, could take a while..."
|
||||||
$ create bntest-vms.fdl
|
$ create bntest-vms.fdl
|
||||||
|
@ -164,36 +165,56 @@ $ write sys$output "-- through sh or bash to verify that the bignum operations w
|
||||||
$ write sys$output ""
|
$ write sys$output ""
|
||||||
$ write sys$output "test a^b%c implementations"
|
$ write sys$output "test a^b%c implementations"
|
||||||
$ mcr 'texe_dir''exptest'
|
$ mcr 'texe_dir''exptest'
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_verify:
|
$ test_verify:
|
||||||
$ write sys$output "The following command should have some OK's and some failures"
|
$ write sys$output "The following command should have some OK's and some failures"
|
||||||
$ write sys$output "There are definitly a few expired certificates"
|
$ write sys$output "There are definitly a few expired certificates"
|
||||||
$ @tverify.com
|
$ @tverify.com
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_dh:
|
$ test_dh:
|
||||||
$ write sys$output "Generate a set of DH parameters"
|
$ write sys$output "Generate a set of DH parameters"
|
||||||
$ mcr 'texe_dir''dhtest'
|
$ mcr 'texe_dir''dhtest'
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_dsa:
|
$ test_dsa:
|
||||||
$ write sys$output "Generate a set of DSA parameters"
|
$ write sys$output "Generate a set of DSA parameters"
|
||||||
$ mcr 'texe_dir''dsatest'
|
$ mcr 'texe_dir''dsatest'
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_gen:
|
$ test_gen:
|
||||||
$ write sys$output "Generate and verify a certificate request"
|
$ write sys$output "Generate and verify a certificate request"
|
||||||
$ @testgen.com
|
$ @testgen.com
|
||||||
$ goto loop_tests
|
$ return
|
||||||
|
$ maybe_test_ss:
|
||||||
|
$ testss_RDT = f$cvtime(f$file_attributes("testss.com","RDT"))
|
||||||
|
$ if f$cvtime(f$file_attributes("keyU.ss","RDT")) .les. testss_RDT then -
|
||||||
|
goto test_ss
|
||||||
|
$ if f$cvtime(f$file_attributes("certU.ss","RDT")) .les. testss_RDT then -
|
||||||
|
goto test_ss
|
||||||
|
$ if f$cvtime(f$file_attributes("certCA.ss","RDT")) .les. testss_RDT then -
|
||||||
|
goto test_ss
|
||||||
|
$ return
|
||||||
$ test_ss:
|
$ test_ss:
|
||||||
$ write sys$output "Generate and certify a test certificate"
|
$ write sys$output "Generate and certify a test certificate"
|
||||||
$ @testss.com
|
$ @testss.com
|
||||||
$ goto loop_tests
|
$ return
|
||||||
$ test_ssl:
|
$ test_ssl:
|
||||||
$ write sys$output "test SSL protocol"
|
$ write sys$output "test SSL protocol"
|
||||||
$ @testssl.com
|
$ gosub maybe_test_ss
|
||||||
$ goto loop_tests
|
$ @testssl.com keyU.ss certU.ss certCA.ss
|
||||||
|
$ return
|
||||||
$ test_ca:
|
$ test_ca:
|
||||||
|
$ set noon
|
||||||
|
$ define/user sys$output nla0:
|
||||||
|
$ mcr 'exe_dir'openssl no-rsa
|
||||||
|
$ save_severity=$SEVERITY
|
||||||
|
$ set on
|
||||||
|
$ if save_severity
|
||||||
|
$ then
|
||||||
|
$ write sys$output "skipping CA.com test -- requires RSA"
|
||||||
|
$ else
|
||||||
$ write sys$output "Generate and certify a test certificate via the 'ca' program"
|
$ write sys$output "Generate and certify a test certificate via the 'ca' program"
|
||||||
$ @testca.com
|
$ @testca.com
|
||||||
$ goto loop_tests
|
$ endif
|
||||||
|
$ return
|
||||||
$
|
$
|
||||||
$
|
$
|
||||||
$ exit:
|
$ exit:
|
||||||
|
|
|
@ -4,7 +4,7 @@ $ __arch := VAX
|
||||||
$ if f$getsyi("cpu") .ge. 128 then __arch := AXP
|
$ if f$getsyi("cpu") .ge. 128 then __arch := AXP
|
||||||
$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
|
$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
|
||||||
$
|
$
|
||||||
$ digest="-mdc2"
|
$ digest="-md5"
|
||||||
$ reqcmd := mcr 'exe_dir'openssl req
|
$ reqcmd := mcr 'exe_dir'openssl req
|
||||||
$ x509cmd := mcr 'exe_dir'openssl x509 'digest'
|
$ x509cmd := mcr 'exe_dir'openssl x509 'digest'
|
||||||
$ verifycmd := mcr 'exe_dir'openssl verify
|
$ verifycmd := mcr 'exe_dir'openssl verify
|
||||||
|
@ -23,7 +23,20 @@ $ Ucert="""certU.ss"""
|
||||||
$
|
$
|
||||||
$ write sys$output ""
|
$ write sys$output ""
|
||||||
$ write sys$output "make a certificate request using 'req'"
|
$ write sys$output "make a certificate request using 'req'"
|
||||||
$ 'reqcmd' -config 'CAconf' -out 'CAreq' -keyout 'CAkey' -new ! -out err.ss
|
$
|
||||||
|
$ set noon
|
||||||
|
$ define/user sys$output nla0:
|
||||||
|
$ mcr 'exe_dir'openssl no-rsa
|
||||||
|
$ save_severity=$SEVERITY
|
||||||
|
$ set on
|
||||||
|
$ if save_severity
|
||||||
|
$ then
|
||||||
|
$ req_new="-newkey dsa:[-.apps]dsa512.pem"
|
||||||
|
$ else
|
||||||
|
$ req_new="-new"
|
||||||
|
$ endif
|
||||||
|
$
|
||||||
|
$ 'reqcmd' -config 'CAconf' -out 'CAreq' -keyout 'CAkey' 'req_new' ! -out err.ss
|
||||||
$ if $severity .ne. 1
|
$ if $severity .ne. 1
|
||||||
$ then
|
$ then
|
||||||
$ write sys$output "error using 'req' to generate a certificate request"
|
$ write sys$output "error using 'req' to generate a certificate request"
|
||||||
|
@ -73,7 +86,7 @@ $
|
||||||
$ write sys$output ""
|
$ write sys$output ""
|
||||||
$ write sys$output "make another certificate request using 'req'"
|
$ write sys$output "make another certificate request using 'req'"
|
||||||
$ define /user sys$output err.ss
|
$ define /user sys$output err.ss
|
||||||
$ 'reqcmd' -config 'Uconf' -out 'Ureq' -keyout 'Ukey' -new
|
$ 'reqcmd' -config 'Uconf' -out 'Ureq' -keyout 'Ukey' 'req_new'
|
||||||
$ if $severity .ne. 1
|
$ if $severity .ne. 1
|
||||||
$ then
|
$ then
|
||||||
$ write sys$output "error using 'req' to generate a certificate request"
|
$ write sys$output "error using 'req' to generate a certificate request"
|
||||||
|
|
131
test/testssl.com
131
test/testssl.com
|
@ -2,114 +2,185 @@ $! TESTSSL.COM
|
||||||
$
|
$
|
||||||
$ __arch := VAX
|
$ __arch := VAX
|
||||||
$ if f$getsyi("cpu") .ge. 128 then __arch := AXP
|
$ if f$getsyi("cpu") .ge. 128 then __arch := AXP
|
||||||
$ exe_dir := sys$disk:[-.'__arch'.exe.test]
|
$ texe_dir := sys$disk:[-.'__arch'.exe.test]
|
||||||
|
$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
|
||||||
$
|
$
|
||||||
|
$ if p1 .eqs. ""
|
||||||
|
$ then
|
||||||
|
$ key="[-.apps]server.pem"
|
||||||
|
$ else
|
||||||
|
$ key=p1
|
||||||
|
$ endif
|
||||||
|
$ if p2 .eqs. ""
|
||||||
|
$ then
|
||||||
|
$ cert="[-.apps]server.pem"
|
||||||
|
$ else
|
||||||
|
$ cert=p2
|
||||||
|
$ endif
|
||||||
|
$ ssltest := mcr 'texe_dir'ssltest -key 'key' -cert 'cert' -c_key 'key' -c_cert 'cert'
|
||||||
|
$
|
||||||
|
$ define/user sys$output test-ssltest-output.
|
||||||
|
$ define/user sys$error nla0:
|
||||||
|
$ mcr 'exe_dir'openssl x509 -in 'cert' -text -noout
|
||||||
|
$ set noon
|
||||||
|
$ define/user sys$error nla0:
|
||||||
|
$ search/output=nla0: testssl-ssltest-output. "DSA Public Key"/exact
|
||||||
|
$ if $severity .eq. 1
|
||||||
|
$ then
|
||||||
|
$ dsa_cert := YES
|
||||||
|
$ else
|
||||||
|
$ dsa_cert := NO
|
||||||
|
$ endif
|
||||||
|
$ set on
|
||||||
|
$ delete testssl-ssltest-output.;*
|
||||||
|
$
|
||||||
|
$ if p3 .eqs. ""
|
||||||
|
$ then
|
||||||
$ copy/concatenate [-.certs]*.pem certs.tmp
|
$ copy/concatenate [-.certs]*.pem certs.tmp
|
||||||
|
$ CA = """-CAfile"" certs.tmp"
|
||||||
|
$ else
|
||||||
|
$ CA = """-CAfile"" "+p3
|
||||||
|
$ endif
|
||||||
|
$
|
||||||
|
$!###########################################################################
|
||||||
$
|
$
|
||||||
$ write sys$output "test sslv2"
|
$ write sys$output "test sslv2"
|
||||||
$ mcr 'exe_dir'ssltest -ssl2
|
$ 'ssltest' -ssl2
|
||||||
$ if $severity .ne. 1 then goto exit3
|
$ if $severity .ne. 1 then goto exit3
|
||||||
$
|
$
|
||||||
$ write sys$output "test sslv2 with server authentication"
|
$ write sys$output "test sslv2 with server authentication"
|
||||||
$ mcr 'exe_dir'ssltest -ssl2 -server_auth "-CAfile" certs.tmp
|
$ 'ssltest' -ssl2 -server_auth 'CA'
|
||||||
$ if $severity .ne. 1 then goto exit3
|
$ if $severity .ne. 1 then goto exit3
|
||||||
$
|
$
|
||||||
|
$ if .not. dsa_cert
|
||||||
|
$ then
|
||||||
$ write sys$output "test sslv2 with client authentication"
|
$ write sys$output "test sslv2 with client authentication"
|
||||||
$ mcr 'exe_dir'ssltest -ssl2 -client_auth "-CAfile" certs.tmp
|
$ 'ssltest' -ssl2 -client_auth 'CA'
|
||||||
$ if $severity .ne. 1 then goto exit3
|
$ if $severity .ne. 1 then goto exit3
|
||||||
$
|
$
|
||||||
$ write sys$output "test sslv2 with both client and server authentication"
|
$ write sys$output "test sslv2 with both client and server authentication"
|
||||||
$ mcr 'exe_dir'ssltest -ssl2 -server_auth -client_auth "-CAfile" certs.tmp
|
$ 'ssltest' -ssl2 -server_auth -client_auth 'CA'
|
||||||
$ if $severity .ne. 1 then goto exit3
|
$ if $severity .ne. 1 then goto exit3
|
||||||
|
$ endif
|
||||||
$
|
$
|
||||||
$ write sys$output "test sslv3"
|
$ write sys$output "test sslv3"
|
||||||
$ mcr 'exe_dir'ssltest -ssl3
|
$ 'ssltest' -ssl3
|
||||||
$ if $severity .ne. 1 then goto exit3
|
$ if $severity .ne. 1 then goto exit3
|
||||||
$
|
$
|
||||||
$ write sys$output "test sslv3 with server authentication"
|
$ write sys$output "test sslv3 with server authentication"
|
||||||
$ mcr 'exe_dir'ssltest -ssl3 -server_auth "-CAfile" certs.tmp
|
$ 'ssltest' -ssl3 -server_auth 'CA'
|
||||||
$ if $severity .ne. 1 then goto exit3
|
$ if $severity .ne. 1 then goto exit3
|
||||||
$
|
$
|
||||||
$ write sys$output "test sslv3 with client authentication"
|
$ write sys$output "test sslv3 with client authentication"
|
||||||
$ mcr 'exe_dir'ssltest -ssl3 -client_auth "-CAfile" certs.tmp
|
$ 'ssltest' -ssl3 -client_auth 'CA'
|
||||||
$ if $severity .ne. 1 then goto exit3
|
$ if $severity .ne. 1 then goto exit3
|
||||||
$
|
$
|
||||||
$ write sys$output "test sslv3 with both client and server authentication"
|
$ write sys$output "test sslv3 with both client and server authentication"
|
||||||
$ mcr 'exe_dir'ssltest -ssl3 -server_auth -client_auth "-CAfile" certs.tmp
|
$ 'ssltest' -ssl3 -server_auth -client_auth 'CA'
|
||||||
$ if $severity .ne. 1 then goto exit3
|
$ if $severity .ne. 1 then goto exit3
|
||||||
$
|
$
|
||||||
$ write sys$output "test sslv2/sslv3"
|
$ write sys$output "test sslv2/sslv3"
|
||||||
$ mcr 'exe_dir'ssltest
|
$ 'ssltest'
|
||||||
$ if $severity .ne. 1 then goto exit3
|
$ if $severity .ne. 1 then goto exit3
|
||||||
$
|
$
|
||||||
$ write sys$output "test sslv2/sslv3 with server authentication"
|
$ write sys$output "test sslv2/sslv3 with server authentication"
|
||||||
$ mcr 'exe_dir'ssltest -server_auth "-CAfile" certs.tmp
|
$ 'ssltest' -server_auth 'CA'
|
||||||
$ if $severity .ne. 1 then goto exit3
|
$ if $severity .ne. 1 then goto exit3
|
||||||
$
|
$
|
||||||
$ write sys$output "test sslv2/sslv3 with client authentication"
|
$ write sys$output "test sslv2/sslv3 with client authentication"
|
||||||
$ mcr 'exe_dir'ssltest -client_auth "-CAfile" certs.tmp
|
$ 'ssltest' -client_auth 'CA'
|
||||||
$ if $severity .ne. 1 then goto exit3
|
$ if $severity .ne. 1 then goto exit3
|
||||||
$
|
$
|
||||||
$ write sys$output "test sslv2/sslv3 with both client and server authentication"
|
$ write sys$output "test sslv2/sslv3 with both client and server authentication"
|
||||||
$ mcr 'exe_dir'ssltest -server_auth -client_auth "-CAfile" certs.tmp
|
$ 'ssltest' -server_auth -client_auth 'CA'
|
||||||
$ if $severity .ne. 1 then goto exit3
|
$ if $severity .ne. 1 then goto exit3
|
||||||
$
|
$
|
||||||
$ write sys$output "test sslv2 via BIO pair"
|
$ write sys$output "test sslv2 via BIO pair"
|
||||||
$ mcr 'exe_dir'ssltest -bio_pair -ssl2
|
$ 'ssltest' -bio_pair -ssl2
|
||||||
$ if $severity .ne. 1 then goto exit3
|
|
||||||
$
|
|
||||||
$ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair"
|
|
||||||
$ mcr 'exe_dir'ssltest -bio_pair -dhe1024 -v
|
|
||||||
$ if $severity .ne. 1 then goto exit3
|
$ if $severity .ne. 1 then goto exit3
|
||||||
$
|
$
|
||||||
$ write sys$output "test sslv2 with server authentication via BIO pair"
|
$ write sys$output "test sslv2 with server authentication via BIO pair"
|
||||||
$ mcr 'exe_dir'ssltest -bio_pair -ssl2 -server_auth "-CAfile" certs.tmp
|
$ 'ssltest' -bio_pair -ssl2 -server_auth 'CA'
|
||||||
$ if $severity .ne. 1 then goto exit3
|
$ if $severity .ne. 1 then goto exit3
|
||||||
$
|
$
|
||||||
|
$ if .not. dsa_cert
|
||||||
|
$ then
|
||||||
$ write sys$output "test sslv2 with client authentication via BIO pair"
|
$ write sys$output "test sslv2 with client authentication via BIO pair"
|
||||||
$ mcr 'exe_dir'ssltest -bio_pair -ssl2 -client_auth "-CAfile" certs.tmp
|
$ 'ssltest' -bio_pair -ssl2 -client_auth 'CA'
|
||||||
$ if $severity .ne. 1 then goto exit3
|
$ if $severity .ne. 1 then goto exit3
|
||||||
$
|
$
|
||||||
$ write sys$output "test sslv2 with both client and server authentication via BIO pair"
|
$ write sys$output "test sslv2 with both client and server authentication via BIO pair"
|
||||||
$ mcr 'exe_dir'ssltest -bio_pair -ssl2 -server_auth -client_auth "-CAfile" certs.tmp
|
$ 'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA'
|
||||||
$ if $severity .ne. 1 then goto exit3
|
$ if $severity .ne. 1 then goto exit3
|
||||||
|
$ endif
|
||||||
$
|
$
|
||||||
$ write sys$output "test sslv3 via BIO pair"
|
$ write sys$output "test sslv3 via BIO pair"
|
||||||
$ mcr 'exe_dir'ssltest -bio_pair -ssl3
|
$ 'ssltest' -bio_pair -ssl3
|
||||||
$ if $severity .ne. 1 then goto exit3
|
$ if $severity .ne. 1 then goto exit3
|
||||||
$
|
$
|
||||||
$ write sys$output "test sslv3 with server authentication via BIO pair"
|
$ write sys$output "test sslv3 with server authentication via BIO pair"
|
||||||
$ mcr 'exe_dir'ssltest -bio_pair -ssl3 -server_auth "-CAfile" certs.tmp
|
$ 'ssltest' -bio_pair -ssl3 -server_auth 'CA'
|
||||||
$ if $severity .ne. 1 then goto exit3
|
$ if $severity .ne. 1 then goto exit3
|
||||||
$
|
$
|
||||||
$ write sys$output "test sslv3 with client authentication via BIO pair"
|
$ write sys$output "test sslv3 with client authentication via BIO pair"
|
||||||
$ mcr 'exe_dir'ssltest -bio_pair -ssl3 -client_auth "-CAfile" certs.tmp
|
$ 'ssltest' -bio_pair -ssl3 -client_auth 'CA'
|
||||||
$ if $severity .ne. 1 then goto exit3
|
$ if $severity .ne. 1 then goto exit3
|
||||||
|
|
||||||
$ write sys$output "test sslv3 with both client and server authentication via BIO pair"
|
$ write sys$output "test sslv3 with both client and server authentication via BIO pair"
|
||||||
$ mcr 'exe_dir'ssltest -bio_pair -ssl3 -server_auth -client_auth "-CAfile" certs.tmp
|
$ 'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA'
|
||||||
$ if $severity .ne. 1 then goto exit3
|
$ if $severity .ne. 1 then goto exit3
|
||||||
$
|
$
|
||||||
$ write sys$output "test sslv2/sslv3 via BIO pair"
|
$ write sys$output "test sslv2/sslv3 via BIO pair"
|
||||||
$ mcr 'exe_dir'ssltest
|
$ 'ssltest'
|
||||||
$ if $severity .ne. 1 then goto exit3
|
$ if $severity .ne. 1 then goto exit3
|
||||||
$
|
$
|
||||||
|
$ if .not. dsa_cert
|
||||||
|
$ then
|
||||||
$ write sys$output "test sslv2/sslv3 w/o DHE via BIO pair"
|
$ write sys$output "test sslv2/sslv3 w/o DHE via BIO pair"
|
||||||
$ mcr 'exe_dir'ssltest -bio_pair -no_dhe
|
$ 'ssltest' -bio_pair -no_dhe
|
||||||
|
$ if $severity .ne. 1 then goto exit3
|
||||||
|
$ endif
|
||||||
|
$
|
||||||
|
$ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair"
|
||||||
|
$ 'ssltest' -bio_pair -dhe1024dsa -v
|
||||||
$ if $severity .ne. 1 then goto exit3
|
$ if $severity .ne. 1 then goto exit3
|
||||||
$
|
$
|
||||||
$ write sys$output "test sslv2/sslv3 with server authentication"
|
$ write sys$output "test sslv2/sslv3 with server authentication"
|
||||||
$ mcr 'exe_dir'ssltest -bio_pair -server_auth "-CAfile" certs.tmp
|
$ 'ssltest' -bio_pair -server_auth 'CA'
|
||||||
$ if $severity .ne. 1 then goto exit3
|
$ if $severity .ne. 1 then goto exit3
|
||||||
$
|
$
|
||||||
$ write sys$output "test sslv2/sslv3 with client authentication via BIO pair"
|
$ write sys$output "test sslv2/sslv3 with client authentication via BIO pair"
|
||||||
$ mcr 'exe_dir'ssltest -bio_pair -client_auth "-CAfile" certs.tmp
|
$ 'ssltest' -bio_pair -client_auth 'CA'
|
||||||
$ if $severity .ne. 1 then goto exit3
|
$ if $severity .ne. 1 then goto exit3
|
||||||
$
|
$
|
||||||
$ write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair"
|
$ write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair"
|
||||||
$ mcr 'exe_dir'ssltest -bio_pair -server_auth -client_auth "-CAfile" certs.tmp
|
$ 'ssltest' -bio_pair -server_auth -client_auth 'CA'
|
||||||
$ if $severity .ne. 1 then goto exit3
|
$ if $severity .ne. 1 then goto exit3
|
||||||
$
|
$
|
||||||
|
$!###########################################################################
|
||||||
|
$
|
||||||
|
$ write sys$output "test tls1 with 1024bti anonymous SH, multiple handshakes"
|
||||||
|
$ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time
|
||||||
|
$ if $severity .ne. 1 then goto exit3
|
||||||
|
$
|
||||||
|
$ set noon
|
||||||
|
$ define/user sys$output nla0:
|
||||||
|
$ mcr 'exe_dir'openssl no-rsa
|
||||||
|
$ save_severity=$SEVERITY
|
||||||
|
$ set on
|
||||||
|
$ if save_severity
|
||||||
|
$ then
|
||||||
|
$ write sys$output "skipping RSA tests"
|
||||||
|
$ else
|
||||||
|
$ write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes"
|
||||||
|
$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time
|
||||||
|
$ if $severity .ne. 1 then goto exit3
|
||||||
|
$
|
||||||
|
$ write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes"
|
||||||
|
$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time
|
||||||
|
$ if $severity .ne. 1 then goto exit3
|
||||||
|
$ endif
|
||||||
|
$
|
||||||
$ RET = 1
|
$ RET = 1
|
||||||
$ goto exit
|
$ goto exit
|
||||||
$ exit3:
|
$ exit3:
|
||||||
|
|
|
@ -4,21 +4,16 @@ $ __arch := VAX
|
||||||
$ if f$getsyi("cpu") .ge. 128 then __arch := AXP
|
$ if f$getsyi("cpu") .ge. 128 then __arch := AXP
|
||||||
$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
|
$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
|
||||||
$
|
$
|
||||||
$ found_it := NO
|
$ set noon
|
||||||
$ define/user sys$output trsa-standard-commands.
|
$ define/user sys$output nla0:
|
||||||
$ mcr 'exe_dir'openssl list-standard-commands
|
$ mcr 'exe_dir'openssl no-rsa
|
||||||
$ open/read f trsa-standard-commands.
|
$ save_severity=$SEVERITY
|
||||||
$ loop_standard_commands:
|
$ set on
|
||||||
$ read/end=loop_standard_commands_end f i
|
$ if save_severity
|
||||||
$ if f$edit(i,"lowercase") .eqs. "rsa"
|
|
||||||
$ then
|
$ then
|
||||||
$ found_it := YES
|
$ write sys$output "skipping RSA conversion test"
|
||||||
$ goto loop_standard_commands_end
|
$ exit
|
||||||
$ endif
|
$ endif
|
||||||
$ goto loop_standard_commands
|
|
||||||
$ loop_standard_commands_end:
|
|
||||||
$ close f
|
|
||||||
$ delete trsa-standard-commands.;*
|
|
||||||
$
|
$
|
||||||
$ cmd := mcr 'exe_dir'openssl rsa
|
$ cmd := mcr 'exe_dir'openssl rsa
|
||||||
$
|
$
|
||||||
|
|
Loading…
Reference in a new issue