Synchronise with Unixly tests

This commit is contained in:
Richard Levitte 2000-03-13 22:27:52 +00:00
parent df1ff3f1b3
commit c13ee21492
5 changed files with 208 additions and 96 deletions

View file

@ -16,23 +16,35 @@ $ set on
$
$ write sys$output "generating certificate request"
$
$ write sys$output "There should be a 2 sequences of .'s and some +'s."
$ write sys$output "There should not be more that at most 80 per line"
$ write sys$output "This could take some time."
$
$ append/new nl: .rnd
$ open/append random_file .rnd
$ write random_file "string to make the random number generator think it has entropy"
$ close random_file
$
$ mcr 'exe_dir'openssl req -config test.cnf -new -out testreq.pem
$ set noon
$ define/user sys$output nla0:
$ mcr 'exe_dir'openssl no-rsa
$ save_severity=$SEVERITY
$ set on
$ if save_severity
$ then
$ req_new="-newkey dsa:[-.apps]dsa512.pem"
$ else
$ req_new="-new"
$ write sys$output "There should be a 2 sequences of .'s and some +'s."
$ write sys$output "There should not be more that at most 80 per line"
$ endif
$
$ write sys$output "This could take some time."
$
$ mcr 'exe_dir'openssl req -config test.cnf 'req_new' -out testreq.pem
$ if $severity .ne. 1
$ then
$ write sys$output "problems creating request"
$ exit 3
$ endif
$
$ mcr 'exe_dir'openssl req -verify -in testreq.pem -noout
$ mcr 'exe_dir'openssl req -config test.cnf -verify -in testreq.pem -noout
$ if $severity .ne. 1
$ then
$ write sys$output "signature on req is wrong"

View file

@ -23,7 +23,7 @@ $ tests := -
test_rmd,test_rc2,test_rc4,test_rc5,test_bf,test_cast,-
test_rand,test_bn,test_enc,test_x509,test_rsa,test_crl,test_sid,-
test_gen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,-
test_ss,test_ssl,test_ca
test_ss,test_ca,test_ssl
$ endif
$ tests = f$edit(tests,"COLLAPSE")
$
@ -55,54 +55,55 @@ $ loop_tests:
$ tests_e = f$element(tests_i,",",tests)
$ tests_i = tests_i + 1
$ if tests_e .eqs. "," then goto exit
$ goto 'tests_e'
$ gosub 'tests_e'
$ goto loop_tests
$
$ test_des:
$ mcr 'texe_dir''destest'
$ goto loop_tests
$ return
$ test_idea:
$ mcr 'texe_dir''ideatest'
$ goto loop_tests
$ return
$ test_sha:
$ mcr 'texe_dir''shatest'
$ mcr 'texe_dir''sha1test'
$ goto loop_tests
$ return
$ test_mdc2:
$ mcr 'texe_dir''mdc2test'
$ goto loop_tests
$ return
$ test_md5:
$ mcr 'texe_dir''md5test'
$ goto loop_tests
$ return
$ test_hmac:
$ mcr 'texe_dir''hmactest'
$ goto loop_tests
$ return
$ test_md2:
$ mcr 'texe_dir''md2test'
$ goto loop_tests
$ return
$ test_rmd:
$ mcr 'texe_dir''rmdtest'
$ goto loop_tests
$ return
$ test_bf:
$ mcr 'texe_dir''bftest'
$ goto loop_tests
$ return
$ test_cast:
$ mcr 'texe_dir''casttest'
$ goto loop_tests
$ return
$ test_rc2:
$ mcr 'texe_dir''rc2test'
$ goto loop_tests
$ return
$ test_rc4:
$ mcr 'texe_dir''rc4test'
$ goto loop_tests
$ return
$ test_rc5:
$ mcr 'texe_dir''rc5test'
$ goto loop_tests
$ return
$ test_rand:
$ mcr 'texe_dir''randtest'
$ goto loop_tests
$ return
$ test_enc:
$ @testenc.com
$ goto loop_tests
$ return
$ test_x509:
$ define sys$error nla0:
$ write sys$output "test normal x509v1 certificate"
@ -112,35 +113,35 @@ $ @tx509.com v3-cert1.pem
$ write sys$output "test second x509v3 certificate"
$ @tx509.com v3-cert2.pem
$ deassign sys$error
$ goto loop_tests
$ return
$ test_rsa:
$ define sys$error nla0:
$ @trsa.com
$ deassign sys$error
$ mcr 'texe_dir''rsatest'
$ goto loop_tests
$ return
$ test_crl:
$ define sys$error nla0:
$ @tcrl.com
$ deassign sys$error
$ goto loop_tests
$ return
$ test_sid:
$ define sys$error nla0:
$ @tsid.com
$ deassign sys$error
$ goto loop_tests
$ return
$ test_req:
$ define sys$error nla0:
$ @treq.com
$ @treq.com testreq2.pem
$ deassign sys$error
$ goto loop_tests
$ return
$ test_pkcs7:
$ define sys$error nla0:
$ @tpkcs7.com
$ @tpkcs7d.com
$ deassign sys$error
$ goto loop_tests
$ return
$ test_bn:
$ write sys$output "starting big number library test, could take a while..."
$ create bntest-vms.fdl
@ -164,36 +165,56 @@ $ write sys$output "-- through sh or bash to verify that the bignum operations w
$ write sys$output ""
$ write sys$output "test a^b%c implementations"
$ mcr 'texe_dir''exptest'
$ goto loop_tests
$ return
$ test_verify:
$ write sys$output "The following command should have some OK's and some failures"
$ write sys$output "There are definitly a few expired certificates"
$ @tverify.com
$ goto loop_tests
$ return
$ test_dh:
$ write sys$output "Generate a set of DH parameters"
$ mcr 'texe_dir''dhtest'
$ goto loop_tests
$ return
$ test_dsa:
$ write sys$output "Generate a set of DSA parameters"
$ mcr 'texe_dir''dsatest'
$ goto loop_tests
$ return
$ test_gen:
$ write sys$output "Generate and verify a certificate request"
$ @testgen.com
$ goto loop_tests
$ return
$ maybe_test_ss:
$ testss_RDT = f$cvtime(f$file_attributes("testss.com","RDT"))
$ if f$cvtime(f$file_attributes("keyU.ss","RDT")) .les. testss_RDT then -
goto test_ss
$ if f$cvtime(f$file_attributes("certU.ss","RDT")) .les. testss_RDT then -
goto test_ss
$ if f$cvtime(f$file_attributes("certCA.ss","RDT")) .les. testss_RDT then -
goto test_ss
$ return
$ test_ss:
$ write sys$output "Generate and certify a test certificate"
$ @testss.com
$ goto loop_tests
$ return
$ test_ssl:
$ write sys$output "test SSL protocol"
$ @testssl.com
$ goto loop_tests
$ gosub maybe_test_ss
$ @testssl.com keyU.ss certU.ss certCA.ss
$ return
$ test_ca:
$ write sys$output "Generate and certify a test certificate via the 'ca' program"
$ @testca.com
$ goto loop_tests
$ set noon
$ define/user sys$output nla0:
$ mcr 'exe_dir'openssl no-rsa
$ save_severity=$SEVERITY
$ set on
$ if save_severity
$ then
$ write sys$output "skipping CA.com test -- requires RSA"
$ else
$ write sys$output "Generate and certify a test certificate via the 'ca' program"
$ @testca.com
$ endif
$ return
$
$
$ exit:

View file

@ -4,7 +4,7 @@ $ __arch := VAX
$ if f$getsyi("cpu") .ge. 128 then __arch := AXP
$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
$
$ digest="-mdc2"
$ digest="-md5"
$ reqcmd := mcr 'exe_dir'openssl req
$ x509cmd := mcr 'exe_dir'openssl x509 'digest'
$ verifycmd := mcr 'exe_dir'openssl verify
@ -23,7 +23,20 @@ $ Ucert="""certU.ss"""
$
$ write sys$output ""
$ write sys$output "make a certificate request using 'req'"
$ 'reqcmd' -config 'CAconf' -out 'CAreq' -keyout 'CAkey' -new ! -out err.ss
$
$ set noon
$ define/user sys$output nla0:
$ mcr 'exe_dir'openssl no-rsa
$ save_severity=$SEVERITY
$ set on
$ if save_severity
$ then
$ req_new="-newkey dsa:[-.apps]dsa512.pem"
$ else
$ req_new="-new"
$ endif
$
$ 'reqcmd' -config 'CAconf' -out 'CAreq' -keyout 'CAkey' 'req_new' ! -out err.ss
$ if $severity .ne. 1
$ then
$ write sys$output "error using 'req' to generate a certificate request"
@ -73,7 +86,7 @@ $
$ write sys$output ""
$ write sys$output "make another certificate request using 'req'"
$ define /user sys$output err.ss
$ 'reqcmd' -config 'Uconf' -out 'Ureq' -keyout 'Ukey' -new
$ 'reqcmd' -config 'Uconf' -out 'Ureq' -keyout 'Ukey' 'req_new'
$ if $severity .ne. 1
$ then
$ write sys$output "error using 'req' to generate a certificate request"

View file

@ -2,114 +2,185 @@ $! TESTSSL.COM
$
$ __arch := VAX
$ if f$getsyi("cpu") .ge. 128 then __arch := AXP
$ exe_dir := sys$disk:[-.'__arch'.exe.test]
$ texe_dir := sys$disk:[-.'__arch'.exe.test]
$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
$
$ copy/concatenate [-.certs]*.pem certs.tmp
$ if p1 .eqs. ""
$ then
$ key="[-.apps]server.pem"
$ else
$ key=p1
$ endif
$ if p2 .eqs. ""
$ then
$ cert="[-.apps]server.pem"
$ else
$ cert=p2
$ endif
$ ssltest := mcr 'texe_dir'ssltest -key 'key' -cert 'cert' -c_key 'key' -c_cert 'cert'
$
$ define/user sys$output test-ssltest-output.
$ define/user sys$error nla0:
$ mcr 'exe_dir'openssl x509 -in 'cert' -text -noout
$ set noon
$ define/user sys$error nla0:
$ search/output=nla0: testssl-ssltest-output. "DSA Public Key"/exact
$ if $severity .eq. 1
$ then
$ dsa_cert := YES
$ else
$ dsa_cert := NO
$ endif
$ set on
$ delete testssl-ssltest-output.;*
$
$ if p3 .eqs. ""
$ then
$ copy/concatenate [-.certs]*.pem certs.tmp
$ CA = """-CAfile"" certs.tmp"
$ else
$ CA = """-CAfile"" "+p3
$ endif
$
$!###########################################################################
$
$ write sys$output "test sslv2"
$ mcr 'exe_dir'ssltest -ssl2
$ 'ssltest' -ssl2
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2 with server authentication"
$ mcr 'exe_dir'ssltest -ssl2 -server_auth "-CAfile" certs.tmp
$ 'ssltest' -ssl2 -server_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2 with client authentication"
$ mcr 'exe_dir'ssltest -ssl2 -client_auth "-CAfile" certs.tmp
$ if $severity .ne. 1 then goto exit3
$ if .not. dsa_cert
$ then
$ write sys$output "test sslv2 with client authentication"
$ 'ssltest' -ssl2 -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2 with both client and server authentication"
$ mcr 'exe_dir'ssltest -ssl2 -server_auth -client_auth "-CAfile" certs.tmp
$ if $severity .ne. 1 then goto exit3
$ write sys$output "test sslv2 with both client and server authentication"
$ 'ssltest' -ssl2 -server_auth -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$ endif
$
$ write sys$output "test sslv3"
$ mcr 'exe_dir'ssltest -ssl3
$ 'ssltest' -ssl3
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv3 with server authentication"
$ mcr 'exe_dir'ssltest -ssl3 -server_auth "-CAfile" certs.tmp
$ 'ssltest' -ssl3 -server_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv3 with client authentication"
$ mcr 'exe_dir'ssltest -ssl3 -client_auth "-CAfile" certs.tmp
$ 'ssltest' -ssl3 -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv3 with both client and server authentication"
$ mcr 'exe_dir'ssltest -ssl3 -server_auth -client_auth "-CAfile" certs.tmp
$ 'ssltest' -ssl3 -server_auth -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3"
$ mcr 'exe_dir'ssltest
$ 'ssltest'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 with server authentication"
$ mcr 'exe_dir'ssltest -server_auth "-CAfile" certs.tmp
$ 'ssltest' -server_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 with client authentication"
$ mcr 'exe_dir'ssltest -client_auth "-CAfile" certs.tmp
$ 'ssltest' -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 with both client and server authentication"
$ mcr 'exe_dir'ssltest -server_auth -client_auth "-CAfile" certs.tmp
$ 'ssltest' -server_auth -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2 via BIO pair"
$ mcr 'exe_dir'ssltest -bio_pair -ssl2
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair"
$ mcr 'exe_dir'ssltest -bio_pair -dhe1024 -v
$ 'ssltest' -bio_pair -ssl2
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2 with server authentication via BIO pair"
$ mcr 'exe_dir'ssltest -bio_pair -ssl2 -server_auth "-CAfile" certs.tmp
$ 'ssltest' -bio_pair -ssl2 -server_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2 with client authentication via BIO pair"
$ mcr 'exe_dir'ssltest -bio_pair -ssl2 -client_auth "-CAfile" certs.tmp
$ if $severity .ne. 1 then goto exit3
$ if .not. dsa_cert
$ then
$ write sys$output "test sslv2 with client authentication via BIO pair"
$ 'ssltest' -bio_pair -ssl2 -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2 with both client and server authentication via BIO pair"
$ mcr 'exe_dir'ssltest -bio_pair -ssl2 -server_auth -client_auth "-CAfile" certs.tmp
$ if $severity .ne. 1 then goto exit3
$ write sys$output "test sslv2 with both client and server authentication via BIO pair"
$ 'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$ endif
$
$ write sys$output "test sslv3 via BIO pair"
$ mcr 'exe_dir'ssltest -bio_pair -ssl3
$ 'ssltest' -bio_pair -ssl3
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv3 with server authentication via BIO pair"
$ mcr 'exe_dir'ssltest -bio_pair -ssl3 -server_auth "-CAfile" certs.tmp
$ 'ssltest' -bio_pair -ssl3 -server_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv3 with client authentication via BIO pair"
$ mcr 'exe_dir'ssltest -bio_pair -ssl3 -client_auth "-CAfile" certs.tmp
$ 'ssltest' -bio_pair -ssl3 -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$ write sys$output "test sslv3 with both client and server authentication via BIO pair"
$ mcr 'exe_dir'ssltest -bio_pair -ssl3 -server_auth -client_auth "-CAfile" certs.tmp
$ 'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 via BIO pair"
$ mcr 'exe_dir'ssltest
$ 'ssltest'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 w/o DHE via BIO pair"
$ mcr 'exe_dir'ssltest -bio_pair -no_dhe
$ if .not. dsa_cert
$ then
$ write sys$output "test sslv2/sslv3 w/o DHE via BIO pair"
$ 'ssltest' -bio_pair -no_dhe
$ if $severity .ne. 1 then goto exit3
$ endif
$
$ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair"
$ 'ssltest' -bio_pair -dhe1024dsa -v
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 with server authentication"
$ mcr 'exe_dir'ssltest -bio_pair -server_auth "-CAfile" certs.tmp
$ 'ssltest' -bio_pair -server_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 with client authentication via BIO pair"
$ mcr 'exe_dir'ssltest -bio_pair -client_auth "-CAfile" certs.tmp
$ 'ssltest' -bio_pair -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair"
$ mcr 'exe_dir'ssltest -bio_pair -server_auth -client_auth "-CAfile" certs.tmp
$ 'ssltest' -bio_pair -server_auth -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$!###########################################################################
$
$ write sys$output "test tls1 with 1024bti anonymous SH, multiple handshakes"
$ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time
$ if $severity .ne. 1 then goto exit3
$
$ set noon
$ define/user sys$output nla0:
$ mcr 'exe_dir'openssl no-rsa
$ save_severity=$SEVERITY
$ set on
$ if save_severity
$ then
$ write sys$output "skipping RSA tests"
$ else
$ write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes"
$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes"
$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time
$ if $severity .ne. 1 then goto exit3
$ endif
$
$ RET = 1
$ goto exit
$ exit3:

View file

@ -4,21 +4,16 @@ $ __arch := VAX
$ if f$getsyi("cpu") .ge. 128 then __arch := AXP
$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
$
$ found_it := NO
$ define/user sys$output trsa-standard-commands.
$ mcr 'exe_dir'openssl list-standard-commands
$ open/read f trsa-standard-commands.
$ loop_standard_commands:
$ read/end=loop_standard_commands_end f i
$ if f$edit(i,"lowercase") .eqs. "rsa"
$ set noon
$ define/user sys$output nla0:
$ mcr 'exe_dir'openssl no-rsa
$ save_severity=$SEVERITY
$ set on
$ if save_severity
$ then
$ found_it := YES
$ goto loop_standard_commands_end
$ write sys$output "skipping RSA conversion test"
$ exit
$ endif
$ goto loop_standard_commands
$ loop_standard_commands_end:
$ close f
$ delete trsa-standard-commands.;*
$
$ cmd := mcr 'exe_dir'openssl rsa
$