test/testssl.com - third_party/openssl - Git at Google

 $! TESTSSL.COM
 $
 $	__arch := VAX
 $	if f$getsyi("cpu") .ge. 128 then __arch := AXP
 $	texe_dir := sys$disk:[-.'__arch'.exe.test]
 $	exe_dir := sys$disk:[-.'__arch'.exe.apps]
 $
 $	if p1 .eqs. ""
 $	then
 $	    key="[-.apps]server.pem"
 $	else
 $	    key=p1
 $	endif
 $	if p2 .eqs. ""
 $	then
 $	    cert="[-.apps]server.pem"
 $	else
 $	    cert=p2
 $	endif
 $	ssltest := mcr 'texe_dir'ssltest -key 'key' -cert 'cert' -c_key 'key' -c_cert 'cert'
 $
 $	define/user sys$output testssl-x509-output.
 $	define/user sys$error nla0:
 $	mcr 'exe_dir'openssl x509 -in 'cert' -text -noout
 $	set noon
 $	define/user sys$error nla0:
 $	search/output=nla0: testssl-x509-output. "DSA Public Key"/exact
 $	if $severity .eq. 1
 $	then
 $	    dsa_cert := YES
 $	else
 $	    dsa_cert := NO
 $	endif
 $	set on
 $	delete testssl-x509-output.;*
 $
 $	if p3 .eqs. ""
 $	then
 $	    copy/concatenate [-.certs]*.pem certs.tmp
 $	    CA = """-CAfile"" certs.tmp"
 $	else
 $	    CA = """-CAfile"" "+p3
 $	endif
 $
 $!###########################################################################
 $
 $	write sys$output "test sslv2"
 $	'ssltest' -ssl2
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv2 with server authentication"
 $	'ssltest' -ssl2 -server_auth 'CA'
 $	if $severity .ne. 1 then goto exit3
 $
 $	if .not. dsa_cert
 $	then
 $	    write sys$output "test sslv2 with client authentication"
 $	    'ssltest' -ssl2 -client_auth 'CA'
 $	    if $severity .ne. 1 then goto exit3
 $
 $	    write sys$output "test sslv2 with both client and server authentication"
 $	    'ssltest' -ssl2 -server_auth -client_auth 'CA'
 $	    if $severity .ne. 1 then goto exit3
 $	endif
 $
 $	write sys$output "test sslv3"
 $	'ssltest' -ssl3
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv3 with server authentication"
 $	'ssltest' -ssl3 -server_auth 'CA'
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv3 with client authentication"
 $	'ssltest' -ssl3 -client_auth 'CA'
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv3 with both client and server authentication"
 $	'ssltest' -ssl3 -server_auth -client_auth 'CA'
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv2/sslv3"
 $	'ssltest'
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv2/sslv3 with server authentication"
 $	'ssltest' -server_auth 'CA'
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv2/sslv3 with client authentication"
 $	'ssltest' -client_auth 'CA'
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv2/sslv3 with both client and server authentication"
 $	'ssltest' -server_auth -client_auth 'CA'
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv2 via BIO pair"
 $	'ssltest' -bio_pair -ssl2
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv2 with server authentication via BIO pair"
 $	'ssltest' -bio_pair -ssl2 -server_auth 'CA'
 $	if $severity .ne. 1 then goto exit3
 $
 $	if .not. dsa_cert
 $	then
 $	    write sys$output "test sslv2 with client authentication via BIO pair"
 $	    'ssltest' -bio_pair -ssl2 -client_auth 'CA'
 $	    if $severity .ne. 1 then goto exit3
 $
 $	    write sys$output "test sslv2 with both client and server authentication via BIO pair"
 $	    'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA'
 $	    if $severity .ne. 1 then goto exit3
 $	endif
 $
 $	write sys$output "test sslv3 via BIO pair"
 $	'ssltest' -bio_pair -ssl3
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv3 with server authentication via BIO pair"
 $	'ssltest' -bio_pair -ssl3 -server_auth 'CA'
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv3 with client authentication via BIO pair"
 $	'ssltest' -bio_pair -ssl3 -client_auth 'CA'
 $	if $severity .ne. 1 then goto exit3

 $	write sys$output "test sslv3 with both client and server authentication via BIO pair"
 $	'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA'
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv2/sslv3 via BIO pair"
 $	'ssltest'
 $	if $severity .ne. 1 then goto exit3
 $
 $	if .not. dsa_cert
 $	then
 $	    write sys$output "test sslv2/sslv3 w/o DHE via BIO pair"
 $	    'ssltest' -bio_pair -no_dhe
 $	    if $severity .ne. 1 then goto exit3
 $	endif
 $
 $	write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair"
 $	'ssltest' -bio_pair -dhe1024dsa -v
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv2/sslv3 with server authentication"
 $	'ssltest' -bio_pair -server_auth 'CA'
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv2/sslv3 with client authentication via BIO pair"
 $	'ssltest' -bio_pair -client_auth 'CA'
 $	if $severity .ne. 1 then goto exit3
 $
 $	write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair"
 $	'ssltest' -bio_pair -server_auth -client_auth 'CA'
 $	if $severity .ne. 1 then goto exit3
 $
 $!###########################################################################
 $
 $	write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes"
 $	'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time
 $	if $severity .ne. 1 then goto exit3
 $
 $	set noon
 $	define/user sys$output nla0:
 $	mcr 'exe_dir'openssl no-rsa
 $	save_severity=$SEVERITY
 $	set on
 $	if save_severity
 $	then
 $	    write sys$output "skipping RSA tests"
 $	else
 $	    write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes"
 $	    mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time
 $	    if $severity .ne. 1 then goto exit3
 $
 $	    write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes"
 $	    mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time
 $	    if $severity .ne. 1 then goto exit3
 $	endif
 $
 $	RET = 1
 $	goto exit
 $ exit3:
 $	RET = 3
 $ exit:
 $	if p3 .eqs. "" then delete certs.tmp;*
 $	exit 'RET'
	$! TESTSSL.COM
	$
	$ __arch := VAX
	$ if f$getsyi("cpu") .ge. 128 then __arch := AXP
	$ texe_dir := sys$disk:[-.'__arch'.exe.test]
	$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
	$
	$ if p1 .eqs. ""
	$ then
	$ key="[-.apps]server.pem"
	$ else
	$ key=p1
	$ endif
	$ if p2 .eqs. ""
	$ then
	$ cert="[-.apps]server.pem"
	$ else
	$ cert=p2
	$ endif
	$ ssltest := mcr 'texe_dir'ssltest -key 'key' -cert 'cert' -c_key 'key' -c_cert 'cert'
	$
	$ define/user sys$output testssl-x509-output.
	$ define/user sys$error nla0:
	$ mcr 'exe_dir'openssl x509 -in 'cert' -text -noout
	$ set noon
	$ define/user sys$error nla0:
	$ search/output=nla0: testssl-x509-output. "DSA Public Key"/exact
	$ if $severity .eq. 1
	$ then
	$ dsa_cert := YES
	$ else
	$ dsa_cert := NO
	$ endif
	$ set on
	$ delete testssl-x509-output.;*
	$
	$ if p3 .eqs. ""
	$ then
	$ copy/concatenate [-.certs]*.pem certs.tmp
	$ CA = """-CAfile"" certs.tmp"
	$ else
	$ CA = """-CAfile"" "+p3
	$ endif
	$
	$!###########################################################################
	$
	$ write sys$output "test sslv2"
	$ 'ssltest' -ssl2
	$ if $severity .ne. 1 then goto exit3
	$
	$ write sys$output "test sslv2 with server authentication"
	$ 'ssltest' -ssl2 -server_auth 'CA'
	$ if $severity .ne. 1 then goto exit3
	$
	$ if .not. dsa_cert
	$ then
	$ write sys$output "test sslv2 with client authentication"
	$ 'ssltest' -ssl2 -client_auth 'CA'
	$ if $severity .ne. 1 then goto exit3
	$
	$ write sys$output "test sslv2 with both client and server authentication"
	$ 'ssltest' -ssl2 -server_auth -client_auth 'CA'
	$ if $severity .ne. 1 then goto exit3
	$ endif
	$
	$ write sys$output "test sslv3"
	$ 'ssltest' -ssl3
	$ if $severity .ne. 1 then goto exit3
	$
	$ write sys$output "test sslv3 with server authentication"
	$ 'ssltest' -ssl3 -server_auth 'CA'
	$ if $severity .ne. 1 then goto exit3
	$
	$ write sys$output "test sslv3 with client authentication"
	$ 'ssltest' -ssl3 -client_auth 'CA'
	$ if $severity .ne. 1 then goto exit3
	$
	$ write sys$output "test sslv3 with both client and server authentication"
	$ 'ssltest' -ssl3 -server_auth -client_auth 'CA'
	$ if $severity .ne. 1 then goto exit3
	$
	$ write sys$output "test sslv2/sslv3"
	$ 'ssltest'
	$ if $severity .ne. 1 then goto exit3
	$
	$ write sys$output "test sslv2/sslv3 with server authentication"
	$ 'ssltest' -server_auth 'CA'
	$ if $severity .ne. 1 then goto exit3
	$
	$ write sys$output "test sslv2/sslv3 with client authentication"
	$ 'ssltest' -client_auth 'CA'
	$ if $severity .ne. 1 then goto exit3
	$
	$ write sys$output "test sslv2/sslv3 with both client and server authentication"
	$ 'ssltest' -server_auth -client_auth 'CA'
	$ if $severity .ne. 1 then goto exit3
	$
	$ write sys$output "test sslv2 via BIO pair"
	$ 'ssltest' -bio_pair -ssl2
	$ if $severity .ne. 1 then goto exit3
	$
	$ write sys$output "test sslv2 with server authentication via BIO pair"
	$ 'ssltest' -bio_pair -ssl2 -server_auth 'CA'
	$ if $severity .ne. 1 then goto exit3
	$
	$ if .not. dsa_cert
	$ then
	$ write sys$output "test sslv2 with client authentication via BIO pair"
	$ 'ssltest' -bio_pair -ssl2 -client_auth 'CA'
	$ if $severity .ne. 1 then goto exit3
	$
	$ write sys$output "test sslv2 with both client and server authentication via BIO pair"
	$ 'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA'
	$ if $severity .ne. 1 then goto exit3
	$ endif
	$
	$ write sys$output "test sslv3 via BIO pair"
	$ 'ssltest' -bio_pair -ssl3
	$ if $severity .ne. 1 then goto exit3
	$
	$ write sys$output "test sslv3 with server authentication via BIO pair"
	$ 'ssltest' -bio_pair -ssl3 -server_auth 'CA'
	$ if $severity .ne. 1 then goto exit3
	$
	$ write sys$output "test sslv3 with client authentication via BIO pair"
	$ 'ssltest' -bio_pair -ssl3 -client_auth 'CA'
	$ if $severity .ne. 1 then goto exit3

	$ write sys$output "test sslv3 with both client and server authentication via BIO pair"
	$ 'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA'
	$ if $severity .ne. 1 then goto exit3
	$
	$ write sys$output "test sslv2/sslv3 via BIO pair"
	$ 'ssltest'
	$ if $severity .ne. 1 then goto exit3
	$
	$ if .not. dsa_cert
	$ then
	$ write sys$output "test sslv2/sslv3 w/o DHE via BIO pair"
	$ 'ssltest' -bio_pair -no_dhe
	$ if $severity .ne. 1 then goto exit3
	$ endif
	$
	$ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair"
	$ 'ssltest' -bio_pair -dhe1024dsa -v
	$ if $severity .ne. 1 then goto exit3
	$
	$ write sys$output "test sslv2/sslv3 with server authentication"
	$ 'ssltest' -bio_pair -server_auth 'CA'
	$ if $severity .ne. 1 then goto exit3
	$
	$ write sys$output "test sslv2/sslv3 with client authentication via BIO pair"
	$ 'ssltest' -bio_pair -client_auth 'CA'
	$ if $severity .ne. 1 then goto exit3
	$
	$ write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair"
	$ 'ssltest' -bio_pair -server_auth -client_auth 'CA'
	$ if $severity .ne. 1 then goto exit3
	$
	$!###########################################################################
	$
	$ write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes"
	$ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time
	$ if $severity .ne. 1 then goto exit3
	$
	$ set noon
	$ define/user sys$output nla0:
	$ mcr 'exe_dir'openssl no-rsa
	$ save_severity=$SEVERITY
	$ set on
	$ if save_severity
	$ then
	$ write sys$output "skipping RSA tests"
	$ else
	$ write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes"
	$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time
	$ if $severity .ne. 1 then goto exit3
	$
	$ write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes"
	$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time
	$ if $severity .ne. 1 then goto exit3
	$ endif
	$
	$ RET = 1
	$ goto exit
	$ exit3:
	$ RET = 3
	$ exit:
	$ if p3 .eqs. "" then delete certs.tmp;*
	$ exit 'RET'