Loading test/testgen.com +18 −6 Original line number Diff line number Diff line Loading @@ -16,23 +16,35 @@ $ set on $ $ write sys$output "generating certificate request" $ $ write sys$output "There should be a 2 sequences of .'s and some +'s." $ write sys$output "There should not be more that at most 80 per line" $ write sys$output "This could take some time." $ $ append/new nl: .rnd $ open/append random_file .rnd $ write random_file "string to make the random number generator think it has entropy" $ close random_file $ $ mcr 'exe_dir'openssl req -config test.cnf -new -out testreq.pem $ set noon $ define/user sys$output nla0: $ mcr 'exe_dir'openssl no-rsa $ save_severity=$SEVERITY $ set on $ if save_severity $ then $ req_new="-newkey dsa:[-.apps]dsa512.pem" $ else $ req_new="-new" $ write sys$output "There should be a 2 sequences of .'s and some +'s." $ write sys$output "There should not be more that at most 80 per line" $ endif $ $ write sys$output "This could take some time." $ $ mcr 'exe_dir'openssl req -config test.cnf 'req_new' -out testreq.pem $ if $severity .ne. 1 $ then $ write sys$output "problems creating request" $ exit 3 $ endif $ $ mcr 'exe_dir'openssl req -verify -in testreq.pem -noout $ mcr 'exe_dir'openssl req -config test.cnf -verify -in testreq.pem -noout $ if $severity .ne. 1 $ then $ write sys$output "signature on req is wrong" Loading test/tests.com +55 −34 Original line number Diff line number Diff line Loading @@ -23,7 +23,7 @@ $ tests := - test_rmd,test_rc2,test_rc4,test_rc5,test_bf,test_cast,- test_rand,test_bn,test_enc,test_x509,test_rsa,test_crl,test_sid,- test_gen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,- test_ss,test_ssl,test_ca test_ss,test_ca,test_ssl $ endif $ tests = f$edit(tests,"COLLAPSE") $ Loading Loading @@ -55,54 +55,55 @@ $ loop_tests: $ tests_e = f$element(tests_i,",",tests) $ tests_i = tests_i + 1 $ if tests_e .eqs. "," then goto exit $ goto 'tests_e' $ gosub 'tests_e' $ goto loop_tests $ $ test_des: $ mcr 'texe_dir''destest' $ goto loop_tests $ return $ test_idea: $ mcr 'texe_dir''ideatest' $ goto loop_tests $ return $ test_sha: $ mcr 'texe_dir''shatest' $ mcr 'texe_dir''sha1test' $ goto loop_tests $ return $ test_mdc2: $ mcr 'texe_dir''mdc2test' $ goto loop_tests $ return $ test_md5: $ mcr 'texe_dir''md5test' $ goto loop_tests $ return $ test_hmac: $ mcr 'texe_dir''hmactest' $ goto loop_tests $ return $ test_md2: $ mcr 'texe_dir''md2test' $ goto loop_tests $ return $ test_rmd: $ mcr 'texe_dir''rmdtest' $ goto loop_tests $ return $ test_bf: $ mcr 'texe_dir''bftest' $ goto loop_tests $ return $ test_cast: $ mcr 'texe_dir''casttest' $ goto loop_tests $ return $ test_rc2: $ mcr 'texe_dir''rc2test' $ goto loop_tests $ return $ test_rc4: $ mcr 'texe_dir''rc4test' $ goto loop_tests $ return $ test_rc5: $ mcr 'texe_dir''rc5test' $ goto loop_tests $ return $ test_rand: $ mcr 'texe_dir''randtest' $ goto loop_tests $ return $ test_enc: $ @testenc.com $ goto loop_tests $ return $ test_x509: $ define sys$error nla0: $ write sys$output "test normal x509v1 certificate" Loading @@ -112,35 +113,35 @@ $ @tx509.com v3-cert1.pem $ write sys$output "test second x509v3 certificate" $ @tx509.com v3-cert2.pem $ deassign sys$error $ goto loop_tests $ return $ test_rsa: $ define sys$error nla0: $ @trsa.com $ deassign sys$error $ mcr 'texe_dir''rsatest' $ goto loop_tests $ return $ test_crl: $ define sys$error nla0: $ @tcrl.com $ deassign sys$error $ goto loop_tests $ return $ test_sid: $ define sys$error nla0: $ @tsid.com $ deassign sys$error $ goto loop_tests $ return $ test_req: $ define sys$error nla0: $ @treq.com $ @treq.com testreq2.pem $ deassign sys$error $ goto loop_tests $ return $ test_pkcs7: $ define sys$error nla0: $ @tpkcs7.com $ @tpkcs7d.com $ deassign sys$error $ goto loop_tests $ return $ test_bn: $ write sys$output "starting big number library test, could take a while..." $ create bntest-vms.fdl Loading @@ -164,36 +165,56 @@ $ write sys$output "-- through sh or bash to verify that the bignum operations w $ write sys$output "" $ write sys$output "test a^b%c implementations" $ mcr 'texe_dir''exptest' $ goto loop_tests $ return $ test_verify: $ write sys$output "The following command should have some OK's and some failures" $ write sys$output "There are definitly a few expired certificates" $ @tverify.com $ goto loop_tests $ return $ test_dh: $ write sys$output "Generate a set of DH parameters" $ mcr 'texe_dir''dhtest' $ goto loop_tests $ return $ test_dsa: $ write sys$output "Generate a set of DSA parameters" $ mcr 'texe_dir''dsatest' $ goto loop_tests $ return $ test_gen: $ write sys$output "Generate and verify a certificate request" $ @testgen.com $ goto loop_tests $ return $ maybe_test_ss: $ testss_RDT = f$cvtime(f$file_attributes("testss.com","RDT")) $ if f$cvtime(f$file_attributes("keyU.ss","RDT")) .les. testss_RDT then - goto test_ss $ if f$cvtime(f$file_attributes("certU.ss","RDT")) .les. testss_RDT then - goto test_ss $ if f$cvtime(f$file_attributes("certCA.ss","RDT")) .les. testss_RDT then - goto test_ss $ return $ test_ss: $ write sys$output "Generate and certify a test certificate" $ @testss.com $ goto loop_tests $ return $ test_ssl: $ write sys$output "test SSL protocol" $ @testssl.com $ goto loop_tests $ gosub maybe_test_ss $ @testssl.com keyU.ss certU.ss certCA.ss $ return $ test_ca: $ set noon $ define/user sys$output nla0: $ mcr 'exe_dir'openssl no-rsa $ save_severity=$SEVERITY $ set on $ if save_severity $ then $ write sys$output "skipping CA.com test -- requires RSA" $ else $ write sys$output "Generate and certify a test certificate via the 'ca' program" $ @testca.com $ goto loop_tests $ endif $ return $ $ $ exit: Loading test/testss.com +16 −3 Original line number Diff line number Diff line Loading @@ -4,7 +4,7 @@ $ __arch := VAX $ if f$getsyi("cpu") .ge. 128 then __arch := AXP $ exe_dir := sys$disk:[-.'__arch'.exe.apps] $ $ digest="-mdc2" $ digest="-md5" $ reqcmd := mcr 'exe_dir'openssl req $ x509cmd := mcr 'exe_dir'openssl x509 'digest' $ verifycmd := mcr 'exe_dir'openssl verify Loading @@ -23,7 +23,20 @@ $ Ucert="""certU.ss""" $ $ write sys$output "" $ write sys$output "make a certificate request using 'req'" $ 'reqcmd' -config 'CAconf' -out 'CAreq' -keyout 'CAkey' -new ! -out err.ss $ $ set noon $ define/user sys$output nla0: $ mcr 'exe_dir'openssl no-rsa $ save_severity=$SEVERITY $ set on $ if save_severity $ then $ req_new="-newkey dsa:[-.apps]dsa512.pem" $ else $ req_new="-new" $ endif $ $ 'reqcmd' -config 'CAconf' -out 'CAreq' -keyout 'CAkey' 'req_new' ! -out err.ss $ if $severity .ne. 1 $ then $ write sys$output "error using 'req' to generate a certificate request" Loading Loading @@ -73,7 +86,7 @@ $ $ write sys$output "" $ write sys$output "make another certificate request using 'req'" $ define /user sys$output err.ss $ 'reqcmd' -config 'Uconf' -out 'Ureq' -keyout 'Ukey' -new $ 'reqcmd' -config 'Uconf' -out 'Ureq' -keyout 'Ukey' 'req_new' $ if $severity .ne. 1 $ then $ write sys$output "error using 'req' to generate a certificate request" Loading test/testssl.com +112 −41 Original line number Diff line number Diff line Loading @@ -2,113 +2,184 @@ $! TESTSSL.COM $ $ __arch := VAX $ if f$getsyi("cpu") .ge. 128 then __arch := AXP $ exe_dir := sys$disk:[-.'__arch'.exe.test] $ $ texe_dir := sys$disk:[-.'__arch'.exe.test] $ exe_dir := sys$disk:[-.'__arch'.exe.apps] $ $ if p1 .eqs. "" $ then $ key="[-.apps]server.pem" $ else $ key=p1 $ endif $ if p2 .eqs. "" $ then $ cert="[-.apps]server.pem" $ else $ cert=p2 $ endif $ ssltest := mcr 'texe_dir'ssltest -key 'key' -cert 'cert' -c_key 'key' -c_cert 'cert' $ $ define/user sys$output test-ssltest-output. $ define/user sys$error nla0: $ mcr 'exe_dir'openssl x509 -in 'cert' -text -noout $ set noon $ define/user sys$error nla0: $ search/output=nla0: testssl-ssltest-output. "DSA Public Key"/exact $ if $severity .eq. 1 $ then $ dsa_cert := YES $ else $ dsa_cert := NO $ endif $ set on $ delete testssl-ssltest-output.;* $ $ if p3 .eqs. "" $ then $ copy/concatenate [-.certs]*.pem certs.tmp $ CA = """-CAfile"" certs.tmp" $ else $ CA = """-CAfile"" "+p3 $ endif $ $!########################################################################### $ $ write sys$output "test sslv2" $ mcr 'exe_dir'ssltest -ssl2 $ 'ssltest' -ssl2 $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2 with server authentication" $ mcr 'exe_dir'ssltest -ssl2 -server_auth "-CAfile" certs.tmp $ 'ssltest' -ssl2 -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ if .not. dsa_cert $ then $ write sys$output "test sslv2 with client authentication" $ mcr 'exe_dir'ssltest -ssl2 -client_auth "-CAfile" certs.tmp $ 'ssltest' -ssl2 -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2 with both client and server authentication" $ mcr 'exe_dir'ssltest -ssl2 -server_auth -client_auth "-CAfile" certs.tmp $ 'ssltest' -ssl2 -server_auth -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ endif $ $ write sys$output "test sslv3" $ mcr 'exe_dir'ssltest -ssl3 $ 'ssltest' -ssl3 $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv3 with server authentication" $ mcr 'exe_dir'ssltest -ssl3 -server_auth "-CAfile" certs.tmp $ 'ssltest' -ssl3 -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv3 with client authentication" $ mcr 'exe_dir'ssltest -ssl3 -client_auth "-CAfile" certs.tmp $ 'ssltest' -ssl3 -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv3 with both client and server authentication" $ mcr 'exe_dir'ssltest -ssl3 -server_auth -client_auth "-CAfile" certs.tmp $ 'ssltest' -ssl3 -server_auth -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3" $ mcr 'exe_dir'ssltest $ 'ssltest' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with server authentication" $ mcr 'exe_dir'ssltest -server_auth "-CAfile" certs.tmp $ 'ssltest' -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with client authentication" $ mcr 'exe_dir'ssltest -client_auth "-CAfile" certs.tmp $ 'ssltest' -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with both client and server authentication" $ mcr 'exe_dir'ssltest -server_auth -client_auth "-CAfile" certs.tmp $ 'ssltest' -server_auth -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2 via BIO pair" $ mcr 'exe_dir'ssltest -bio_pair -ssl2 $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair" $ mcr 'exe_dir'ssltest -bio_pair -dhe1024 -v $ 'ssltest' -bio_pair -ssl2 $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2 with server authentication via BIO pair" $ mcr 'exe_dir'ssltest -bio_pair -ssl2 -server_auth "-CAfile" certs.tmp $ 'ssltest' -bio_pair -ssl2 -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ if .not. dsa_cert $ then $ write sys$output "test sslv2 with client authentication via BIO pair" $ mcr 'exe_dir'ssltest -bio_pair -ssl2 -client_auth "-CAfile" certs.tmp $ 'ssltest' -bio_pair -ssl2 -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2 with both client and server authentication via BIO pair" $ mcr 'exe_dir'ssltest -bio_pair -ssl2 -server_auth -client_auth "-CAfile" certs.tmp $ 'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ endif $ $ write sys$output "test sslv3 via BIO pair" $ mcr 'exe_dir'ssltest -bio_pair -ssl3 $ 'ssltest' -bio_pair -ssl3 $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv3 with server authentication via BIO pair" $ mcr 'exe_dir'ssltest -bio_pair -ssl3 -server_auth "-CAfile" certs.tmp $ 'ssltest' -bio_pair -ssl3 -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv3 with client authentication via BIO pair" $ mcr 'exe_dir'ssltest -bio_pair -ssl3 -client_auth "-CAfile" certs.tmp $ 'ssltest' -bio_pair -ssl3 -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ write sys$output "test sslv3 with both client and server authentication via BIO pair" $ mcr 'exe_dir'ssltest -bio_pair -ssl3 -server_auth -client_auth "-CAfile" certs.tmp $ 'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 via BIO pair" $ mcr 'exe_dir'ssltest $ 'ssltest' $ if $severity .ne. 1 then goto exit3 $ $ if .not. dsa_cert $ then $ write sys$output "test sslv2/sslv3 w/o DHE via BIO pair" $ mcr 'exe_dir'ssltest -bio_pair -no_dhe $ 'ssltest' -bio_pair -no_dhe $ if $severity .ne. 1 then goto exit3 $ endif $ $ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair" $ 'ssltest' -bio_pair -dhe1024dsa -v $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with server authentication" $ mcr 'exe_dir'ssltest -bio_pair -server_auth "-CAfile" certs.tmp $ 'ssltest' -bio_pair -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with client authentication via BIO pair" $ mcr 'exe_dir'ssltest -bio_pair -client_auth "-CAfile" certs.tmp $ 'ssltest' -bio_pair -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair" $ mcr 'exe_dir'ssltest -bio_pair -server_auth -client_auth "-CAfile" certs.tmp $ 'ssltest' -bio_pair -server_auth -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $!########################################################################### $ $ write sys$output "test tls1 with 1024bti anonymous SH, multiple handshakes" $ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time $ if $severity .ne. 1 then goto exit3 $ $ set noon $ define/user sys$output nla0: $ mcr 'exe_dir'openssl no-rsa $ save_severity=$SEVERITY $ set on $ if save_severity $ then $ write sys$output "skipping RSA tests" $ else $ write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes" $ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes" $ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time $ if $severity .ne. 1 then goto exit3 $ endif $ $ RET = 1 $ goto exit Loading test/trsa.com +8 −13 Original line number Diff line number Diff line Loading @@ -4,21 +4,16 @@ $ __arch := VAX $ if f$getsyi("cpu") .ge. 128 then __arch := AXP $ exe_dir := sys$disk:[-.'__arch'.exe.apps] $ $ found_it := NO $ define/user sys$output trsa-standard-commands. $ mcr 'exe_dir'openssl list-standard-commands $ open/read f trsa-standard-commands. $ loop_standard_commands: $ read/end=loop_standard_commands_end f i $ if f$edit(i,"lowercase") .eqs. "rsa" $ set noon $ define/user sys$output nla0: $ mcr 'exe_dir'openssl no-rsa $ save_severity=$SEVERITY $ set on $ if save_severity $ then $ found_it := YES $ goto loop_standard_commands_end $ write sys$output "skipping RSA conversion test" $ exit $ endif $ goto loop_standard_commands $ loop_standard_commands_end: $ close f $ delete trsa-standard-commands.;* $ $ cmd := mcr 'exe_dir'openssl rsa $ Loading Loading
test/testgen.com +18 −6 Original line number Diff line number Diff line Loading @@ -16,23 +16,35 @@ $ set on $ $ write sys$output "generating certificate request" $ $ write sys$output "There should be a 2 sequences of .'s and some +'s." $ write sys$output "There should not be more that at most 80 per line" $ write sys$output "This could take some time." $ $ append/new nl: .rnd $ open/append random_file .rnd $ write random_file "string to make the random number generator think it has entropy" $ close random_file $ $ mcr 'exe_dir'openssl req -config test.cnf -new -out testreq.pem $ set noon $ define/user sys$output nla0: $ mcr 'exe_dir'openssl no-rsa $ save_severity=$SEVERITY $ set on $ if save_severity $ then $ req_new="-newkey dsa:[-.apps]dsa512.pem" $ else $ req_new="-new" $ write sys$output "There should be a 2 sequences of .'s and some +'s." $ write sys$output "There should not be more that at most 80 per line" $ endif $ $ write sys$output "This could take some time." $ $ mcr 'exe_dir'openssl req -config test.cnf 'req_new' -out testreq.pem $ if $severity .ne. 1 $ then $ write sys$output "problems creating request" $ exit 3 $ endif $ $ mcr 'exe_dir'openssl req -verify -in testreq.pem -noout $ mcr 'exe_dir'openssl req -config test.cnf -verify -in testreq.pem -noout $ if $severity .ne. 1 $ then $ write sys$output "signature on req is wrong" Loading
test/tests.com +55 −34 Original line number Diff line number Diff line Loading @@ -23,7 +23,7 @@ $ tests := - test_rmd,test_rc2,test_rc4,test_rc5,test_bf,test_cast,- test_rand,test_bn,test_enc,test_x509,test_rsa,test_crl,test_sid,- test_gen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,- test_ss,test_ssl,test_ca test_ss,test_ca,test_ssl $ endif $ tests = f$edit(tests,"COLLAPSE") $ Loading Loading @@ -55,54 +55,55 @@ $ loop_tests: $ tests_e = f$element(tests_i,",",tests) $ tests_i = tests_i + 1 $ if tests_e .eqs. "," then goto exit $ goto 'tests_e' $ gosub 'tests_e' $ goto loop_tests $ $ test_des: $ mcr 'texe_dir''destest' $ goto loop_tests $ return $ test_idea: $ mcr 'texe_dir''ideatest' $ goto loop_tests $ return $ test_sha: $ mcr 'texe_dir''shatest' $ mcr 'texe_dir''sha1test' $ goto loop_tests $ return $ test_mdc2: $ mcr 'texe_dir''mdc2test' $ goto loop_tests $ return $ test_md5: $ mcr 'texe_dir''md5test' $ goto loop_tests $ return $ test_hmac: $ mcr 'texe_dir''hmactest' $ goto loop_tests $ return $ test_md2: $ mcr 'texe_dir''md2test' $ goto loop_tests $ return $ test_rmd: $ mcr 'texe_dir''rmdtest' $ goto loop_tests $ return $ test_bf: $ mcr 'texe_dir''bftest' $ goto loop_tests $ return $ test_cast: $ mcr 'texe_dir''casttest' $ goto loop_tests $ return $ test_rc2: $ mcr 'texe_dir''rc2test' $ goto loop_tests $ return $ test_rc4: $ mcr 'texe_dir''rc4test' $ goto loop_tests $ return $ test_rc5: $ mcr 'texe_dir''rc5test' $ goto loop_tests $ return $ test_rand: $ mcr 'texe_dir''randtest' $ goto loop_tests $ return $ test_enc: $ @testenc.com $ goto loop_tests $ return $ test_x509: $ define sys$error nla0: $ write sys$output "test normal x509v1 certificate" Loading @@ -112,35 +113,35 @@ $ @tx509.com v3-cert1.pem $ write sys$output "test second x509v3 certificate" $ @tx509.com v3-cert2.pem $ deassign sys$error $ goto loop_tests $ return $ test_rsa: $ define sys$error nla0: $ @trsa.com $ deassign sys$error $ mcr 'texe_dir''rsatest' $ goto loop_tests $ return $ test_crl: $ define sys$error nla0: $ @tcrl.com $ deassign sys$error $ goto loop_tests $ return $ test_sid: $ define sys$error nla0: $ @tsid.com $ deassign sys$error $ goto loop_tests $ return $ test_req: $ define sys$error nla0: $ @treq.com $ @treq.com testreq2.pem $ deassign sys$error $ goto loop_tests $ return $ test_pkcs7: $ define sys$error nla0: $ @tpkcs7.com $ @tpkcs7d.com $ deassign sys$error $ goto loop_tests $ return $ test_bn: $ write sys$output "starting big number library test, could take a while..." $ create bntest-vms.fdl Loading @@ -164,36 +165,56 @@ $ write sys$output "-- through sh or bash to verify that the bignum operations w $ write sys$output "" $ write sys$output "test a^b%c implementations" $ mcr 'texe_dir''exptest' $ goto loop_tests $ return $ test_verify: $ write sys$output "The following command should have some OK's and some failures" $ write sys$output "There are definitly a few expired certificates" $ @tverify.com $ goto loop_tests $ return $ test_dh: $ write sys$output "Generate a set of DH parameters" $ mcr 'texe_dir''dhtest' $ goto loop_tests $ return $ test_dsa: $ write sys$output "Generate a set of DSA parameters" $ mcr 'texe_dir''dsatest' $ goto loop_tests $ return $ test_gen: $ write sys$output "Generate and verify a certificate request" $ @testgen.com $ goto loop_tests $ return $ maybe_test_ss: $ testss_RDT = f$cvtime(f$file_attributes("testss.com","RDT")) $ if f$cvtime(f$file_attributes("keyU.ss","RDT")) .les. testss_RDT then - goto test_ss $ if f$cvtime(f$file_attributes("certU.ss","RDT")) .les. testss_RDT then - goto test_ss $ if f$cvtime(f$file_attributes("certCA.ss","RDT")) .les. testss_RDT then - goto test_ss $ return $ test_ss: $ write sys$output "Generate and certify a test certificate" $ @testss.com $ goto loop_tests $ return $ test_ssl: $ write sys$output "test SSL protocol" $ @testssl.com $ goto loop_tests $ gosub maybe_test_ss $ @testssl.com keyU.ss certU.ss certCA.ss $ return $ test_ca: $ set noon $ define/user sys$output nla0: $ mcr 'exe_dir'openssl no-rsa $ save_severity=$SEVERITY $ set on $ if save_severity $ then $ write sys$output "skipping CA.com test -- requires RSA" $ else $ write sys$output "Generate and certify a test certificate via the 'ca' program" $ @testca.com $ goto loop_tests $ endif $ return $ $ $ exit: Loading
test/testss.com +16 −3 Original line number Diff line number Diff line Loading @@ -4,7 +4,7 @@ $ __arch := VAX $ if f$getsyi("cpu") .ge. 128 then __arch := AXP $ exe_dir := sys$disk:[-.'__arch'.exe.apps] $ $ digest="-mdc2" $ digest="-md5" $ reqcmd := mcr 'exe_dir'openssl req $ x509cmd := mcr 'exe_dir'openssl x509 'digest' $ verifycmd := mcr 'exe_dir'openssl verify Loading @@ -23,7 +23,20 @@ $ Ucert="""certU.ss""" $ $ write sys$output "" $ write sys$output "make a certificate request using 'req'" $ 'reqcmd' -config 'CAconf' -out 'CAreq' -keyout 'CAkey' -new ! -out err.ss $ $ set noon $ define/user sys$output nla0: $ mcr 'exe_dir'openssl no-rsa $ save_severity=$SEVERITY $ set on $ if save_severity $ then $ req_new="-newkey dsa:[-.apps]dsa512.pem" $ else $ req_new="-new" $ endif $ $ 'reqcmd' -config 'CAconf' -out 'CAreq' -keyout 'CAkey' 'req_new' ! -out err.ss $ if $severity .ne. 1 $ then $ write sys$output "error using 'req' to generate a certificate request" Loading Loading @@ -73,7 +86,7 @@ $ $ write sys$output "" $ write sys$output "make another certificate request using 'req'" $ define /user sys$output err.ss $ 'reqcmd' -config 'Uconf' -out 'Ureq' -keyout 'Ukey' -new $ 'reqcmd' -config 'Uconf' -out 'Ureq' -keyout 'Ukey' 'req_new' $ if $severity .ne. 1 $ then $ write sys$output "error using 'req' to generate a certificate request" Loading
test/testssl.com +112 −41 Original line number Diff line number Diff line Loading @@ -2,113 +2,184 @@ $! TESTSSL.COM $ $ __arch := VAX $ if f$getsyi("cpu") .ge. 128 then __arch := AXP $ exe_dir := sys$disk:[-.'__arch'.exe.test] $ $ texe_dir := sys$disk:[-.'__arch'.exe.test] $ exe_dir := sys$disk:[-.'__arch'.exe.apps] $ $ if p1 .eqs. "" $ then $ key="[-.apps]server.pem" $ else $ key=p1 $ endif $ if p2 .eqs. "" $ then $ cert="[-.apps]server.pem" $ else $ cert=p2 $ endif $ ssltest := mcr 'texe_dir'ssltest -key 'key' -cert 'cert' -c_key 'key' -c_cert 'cert' $ $ define/user sys$output test-ssltest-output. $ define/user sys$error nla0: $ mcr 'exe_dir'openssl x509 -in 'cert' -text -noout $ set noon $ define/user sys$error nla0: $ search/output=nla0: testssl-ssltest-output. "DSA Public Key"/exact $ if $severity .eq. 1 $ then $ dsa_cert := YES $ else $ dsa_cert := NO $ endif $ set on $ delete testssl-ssltest-output.;* $ $ if p3 .eqs. "" $ then $ copy/concatenate [-.certs]*.pem certs.tmp $ CA = """-CAfile"" certs.tmp" $ else $ CA = """-CAfile"" "+p3 $ endif $ $!########################################################################### $ $ write sys$output "test sslv2" $ mcr 'exe_dir'ssltest -ssl2 $ 'ssltest' -ssl2 $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2 with server authentication" $ mcr 'exe_dir'ssltest -ssl2 -server_auth "-CAfile" certs.tmp $ 'ssltest' -ssl2 -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ if .not. dsa_cert $ then $ write sys$output "test sslv2 with client authentication" $ mcr 'exe_dir'ssltest -ssl2 -client_auth "-CAfile" certs.tmp $ 'ssltest' -ssl2 -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2 with both client and server authentication" $ mcr 'exe_dir'ssltest -ssl2 -server_auth -client_auth "-CAfile" certs.tmp $ 'ssltest' -ssl2 -server_auth -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ endif $ $ write sys$output "test sslv3" $ mcr 'exe_dir'ssltest -ssl3 $ 'ssltest' -ssl3 $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv3 with server authentication" $ mcr 'exe_dir'ssltest -ssl3 -server_auth "-CAfile" certs.tmp $ 'ssltest' -ssl3 -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv3 with client authentication" $ mcr 'exe_dir'ssltest -ssl3 -client_auth "-CAfile" certs.tmp $ 'ssltest' -ssl3 -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv3 with both client and server authentication" $ mcr 'exe_dir'ssltest -ssl3 -server_auth -client_auth "-CAfile" certs.tmp $ 'ssltest' -ssl3 -server_auth -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3" $ mcr 'exe_dir'ssltest $ 'ssltest' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with server authentication" $ mcr 'exe_dir'ssltest -server_auth "-CAfile" certs.tmp $ 'ssltest' -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with client authentication" $ mcr 'exe_dir'ssltest -client_auth "-CAfile" certs.tmp $ 'ssltest' -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with both client and server authentication" $ mcr 'exe_dir'ssltest -server_auth -client_auth "-CAfile" certs.tmp $ 'ssltest' -server_auth -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2 via BIO pair" $ mcr 'exe_dir'ssltest -bio_pair -ssl2 $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair" $ mcr 'exe_dir'ssltest -bio_pair -dhe1024 -v $ 'ssltest' -bio_pair -ssl2 $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2 with server authentication via BIO pair" $ mcr 'exe_dir'ssltest -bio_pair -ssl2 -server_auth "-CAfile" certs.tmp $ 'ssltest' -bio_pair -ssl2 -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ if .not. dsa_cert $ then $ write sys$output "test sslv2 with client authentication via BIO pair" $ mcr 'exe_dir'ssltest -bio_pair -ssl2 -client_auth "-CAfile" certs.tmp $ 'ssltest' -bio_pair -ssl2 -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2 with both client and server authentication via BIO pair" $ mcr 'exe_dir'ssltest -bio_pair -ssl2 -server_auth -client_auth "-CAfile" certs.tmp $ 'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ endif $ $ write sys$output "test sslv3 via BIO pair" $ mcr 'exe_dir'ssltest -bio_pair -ssl3 $ 'ssltest' -bio_pair -ssl3 $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv3 with server authentication via BIO pair" $ mcr 'exe_dir'ssltest -bio_pair -ssl3 -server_auth "-CAfile" certs.tmp $ 'ssltest' -bio_pair -ssl3 -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv3 with client authentication via BIO pair" $ mcr 'exe_dir'ssltest -bio_pair -ssl3 -client_auth "-CAfile" certs.tmp $ 'ssltest' -bio_pair -ssl3 -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ write sys$output "test sslv3 with both client and server authentication via BIO pair" $ mcr 'exe_dir'ssltest -bio_pair -ssl3 -server_auth -client_auth "-CAfile" certs.tmp $ 'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 via BIO pair" $ mcr 'exe_dir'ssltest $ 'ssltest' $ if $severity .ne. 1 then goto exit3 $ $ if .not. dsa_cert $ then $ write sys$output "test sslv2/sslv3 w/o DHE via BIO pair" $ mcr 'exe_dir'ssltest -bio_pair -no_dhe $ 'ssltest' -bio_pair -no_dhe $ if $severity .ne. 1 then goto exit3 $ endif $ $ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair" $ 'ssltest' -bio_pair -dhe1024dsa -v $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with server authentication" $ mcr 'exe_dir'ssltest -bio_pair -server_auth "-CAfile" certs.tmp $ 'ssltest' -bio_pair -server_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with client authentication via BIO pair" $ mcr 'exe_dir'ssltest -bio_pair -client_auth "-CAfile" certs.tmp $ 'ssltest' -bio_pair -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair" $ mcr 'exe_dir'ssltest -bio_pair -server_auth -client_auth "-CAfile" certs.tmp $ 'ssltest' -bio_pair -server_auth -client_auth 'CA' $ if $severity .ne. 1 then goto exit3 $ $!########################################################################### $ $ write sys$output "test tls1 with 1024bti anonymous SH, multiple handshakes" $ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time $ if $severity .ne. 1 then goto exit3 $ $ set noon $ define/user sys$output nla0: $ mcr 'exe_dir'openssl no-rsa $ save_severity=$SEVERITY $ set on $ if save_severity $ then $ write sys$output "skipping RSA tests" $ else $ write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes" $ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time $ if $severity .ne. 1 then goto exit3 $ $ write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes" $ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time $ if $severity .ne. 1 then goto exit3 $ endif $ $ RET = 1 $ goto exit Loading
test/trsa.com +8 −13 Original line number Diff line number Diff line Loading @@ -4,21 +4,16 @@ $ __arch := VAX $ if f$getsyi("cpu") .ge. 128 then __arch := AXP $ exe_dir := sys$disk:[-.'__arch'.exe.apps] $ $ found_it := NO $ define/user sys$output trsa-standard-commands. $ mcr 'exe_dir'openssl list-standard-commands $ open/read f trsa-standard-commands. $ loop_standard_commands: $ read/end=loop_standard_commands_end f i $ if f$edit(i,"lowercase") .eqs. "rsa" $ set noon $ define/user sys$output nla0: $ mcr 'exe_dir'openssl no-rsa $ save_severity=$SEVERITY $ set on $ if save_severity $ then $ found_it := YES $ goto loop_standard_commands_end $ write sys$output "skipping RSA conversion test" $ exit $ endif $ goto loop_standard_commands $ loop_standard_commands_end: $ close f $ delete trsa-standard-commands.;* $ $ cmd := mcr 'exe_dir'openssl rsa $ Loading
