Google Git
Sign in
flutter / third_party / openssl / 5e31a40f47c6bfd09c718d2af42ba8d8fe6bb932 / . / test / testssl
blob: 3a63e5d1e5bc2e32b1bc092b8cac8e749fba8ec5 [file] [log] [blame]
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]1#!/bin/sh
2
Bodo Möller65b002f2000-03-13 19:24:39 +0000[diff] [blame]3if [ "$1" = "" ]; then
4 key=../apps/server.pem
5else
6 key="$1"
7fi
8if [ "$2" = "" ]; then
9 cert=../apps/server.pem
10else
11 cert="$2"
12fi
Andy Polyakov62d27932005-02-01 23:48:37 +0000[diff] [blame]13ssltest="../util/shlib_wrap.sh ./ssltest -key $key -cert $cert -c_key $key -c_cert $cert"
Bodo Möller65b002f2000-03-13 19:24:39 +0000[diff] [blame]14
Andy Polyakov62d27932005-02-01 23:48:37 +0000[diff] [blame]15if ../util/shlib_wrap.sh ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
Bodo Möller65b002f2000-03-13 19:24:39 +0000[diff] [blame]16 dsa_cert=YES
17else
18 dsa_cert=NO
19fi
20
21if [ "$3" = "" ]; then
22 CA="-CApath ../certs"
23else
24 CA="-CAfile $3"
25fi
26
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]27if [ "$4" = "" ]; then
28 extra=""
29else
30 extra="$4"
31fi
32
Trevora398f822013-05-12 18:55:27 -0700[diff] [blame]33serverinfo="./serverinfo.pem"
34
Bodo Möller65b002f2000-03-13 19:24:39 +0000[diff] [blame]35#############################################################################
36
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]37echo test sslv2
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]38$ssltest -ssl2 $extra || exit 1
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]39
40echo test sslv2 with server authentication
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]41$ssltest -ssl2 -server_auth $CA $extra || exit 1
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]42
Bodo Möller65b002f2000-03-13 19:24:39 +0000[diff] [blame]43if [ $dsa_cert = NO ]; then
44 echo test sslv2 with client authentication
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]45 $ssltest -ssl2 -client_auth $CA $extra || exit 1
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]46
Bodo Möller65b002f2000-03-13 19:24:39 +0000[diff] [blame]47 echo test sslv2 with both client and server authentication
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]48 $ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1
Bodo Möller65b002f2000-03-13 19:24:39 +0000[diff] [blame]49fi
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]50
51echo test sslv3
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]52$ssltest -ssl3 $extra || exit 1
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]53
54echo test sslv3 with server authentication
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]55$ssltest -ssl3 -server_auth $CA $extra || exit 1
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]56
57echo test sslv3 with client authentication
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]58$ssltest -ssl3 -client_auth $CA $extra || exit 1
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]59
60echo test sslv3 with both client and server authentication
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]61$ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]62
63echo test sslv2/sslv3
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]64$ssltest $extra || exit 1
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]65
66echo test sslv2/sslv3 with server authentication
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]67$ssltest -server_auth $CA $extra || exit 1
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]68
69echo test sslv2/sslv3 with client authentication
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]70$ssltest -client_auth $CA $extra || exit 1
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]71
72echo test sslv2/sslv3 with both client and server authentication
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]73$ssltest -server_auth -client_auth $CA $extra || exit 1
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]74
Bodo Möller95d29591999-06-12 01:03:40 +0000[diff] [blame]75echo test sslv2 via BIO pair
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]76$ssltest -bio_pair -ssl2 $extra || exit 1
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]77
Bodo Möller95d29591999-06-12 01:03:40 +0000[diff] [blame]78echo test sslv2 with server authentication via BIO pair
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]79$ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1
Bodo Möller95d29591999-06-12 01:03:40 +0000[diff] [blame]80
Bodo Möller65b002f2000-03-13 19:24:39 +0000[diff] [blame]81if [ $dsa_cert = NO ]; then
82 echo test sslv2 with client authentication via BIO pair
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]83 $ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1
Bodo Möller95d29591999-06-12 01:03:40 +0000[diff] [blame]84
Bodo Möller65b002f2000-03-13 19:24:39 +0000[diff] [blame]85 echo test sslv2 with both client and server authentication via BIO pair
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]86 $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1
Bodo Möller65b002f2000-03-13 19:24:39 +0000[diff] [blame]87fi
Bodo Möller95d29591999-06-12 01:03:40 +0000[diff] [blame]88
89echo test sslv3 via BIO pair
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]90$ssltest -bio_pair -ssl3 $extra || exit 1
Bodo Möller95d29591999-06-12 01:03:40 +0000[diff] [blame]91
92echo test sslv3 with server authentication via BIO pair
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]93$ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1
Bodo Möller95d29591999-06-12 01:03:40 +0000[diff] [blame]94
95echo test sslv3 with client authentication via BIO pair
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]96$ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1
Bodo Möller95d29591999-06-12 01:03:40 +0000[diff] [blame]97
98echo test sslv3 with both client and server authentication via BIO pair
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]99$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1
Bodo Möller95d29591999-06-12 01:03:40 +0000[diff] [blame]100
101echo test sslv2/sslv3 via BIO pair
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]102$ssltest $extra || exit 1
Bodo Möller95d29591999-06-12 01:03:40 +0000[diff] [blame]103
Bodo Möller65b002f2000-03-13 19:24:39 +0000[diff] [blame]104if [ $dsa_cert = NO ]; then
Bodo Möller8bfc6472011-10-13 15:07:08 +0000[diff] [blame]105 echo 'test sslv2/sslv3 w/o (EC)DHE via BIO pair'
106 $ssltest -bio_pair -no_dhe -no_ecdhe $extra || exit 1
Bodo Möller65b002f2000-03-13 19:24:39 +0000[diff] [blame]107fi
Bodo Möller77fa04a1999-09-03 16:31:36 +0000[diff] [blame]108
Bodo Möller563f1502000-03-13 15:06:54 +0000[diff] [blame]109echo test sslv2/sslv3 with 1024bit DHE via BIO pair
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]110$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
Bodo Möllera87030a2000-01-30 02:23:03 +0000[diff] [blame]111
Bodo Möller95d29591999-06-12 01:03:40 +0000[diff] [blame]112echo test sslv2/sslv3 with server authentication
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]113$ssltest -bio_pair -server_auth $CA $extra || exit 1
Bodo Möller95d29591999-06-12 01:03:40 +0000[diff] [blame]114
115echo test sslv2/sslv3 with client authentication via BIO pair
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]116$ssltest -bio_pair -client_auth $CA $extra || exit 1
Bodo Möller95d29591999-06-12 01:03:40 +0000[diff] [blame]117
118echo test sslv2/sslv3 with both client and server authentication via BIO pair
Richard Levitte23f80f42000-11-30 11:57:31 +0000[diff] [blame]119$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
Bodo Möller95d29591999-06-12 01:03:40 +0000[diff] [blame]120
Bodo Möller023ec152002-02-28 10:52:56 +0000[diff] [blame]121echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
122$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
123
Adam Langley32620fe2013-02-06 16:05:40 +0000[diff] [blame]124echo "Testing ciphersuites"
125for protocol in TLSv1.2 SSLv3; do
126 echo "Testing ciphersuites for $protocol"
127 for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do
128 echo "Testing $cipher"
129 prot=""
130 if [ $protocol = "SSLv3" ] ; then
131 prot="-ssl3"
132 fi
133 $ssltest -cipher $cipher $prot
134 if [ $? -ne 0 ] ; then
135 echo "Failed $cipher"
136 exit 1
137 fi
138 done
139done
140
Bodo Möller65b002f2000-03-13 19:24:39 +0000[diff] [blame]141#############################################################################
Bodo Möller563f1502000-03-13 15:06:54 +0000[diff] [blame]142
Andy Polyakov62d27932005-02-01 23:48:37 +0000[diff] [blame]143if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
Richard Levitte0d3f2cc2002-12-12 18:43:10 +0000[diff] [blame]144 echo skipping anonymous DH tests
145else
146 echo test tls1 with 1024bit anonymous DH, multiple handshakes
147 $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
148fi
Bodo Möllerd58d6c22000-03-13 19:44:45 +0000[diff] [blame]149
Andy Polyakov62d27932005-02-01 23:48:37 +0000[diff] [blame]150if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
Bodo Möller46c46472000-03-13 20:31:46 +0000[diff] [blame]151 echo skipping RSA tests
152else
Bodo Möller8bfc6472011-10-13 15:07:08 +0000[diff] [blame]153 echo 'test tls1 with 1024bit RSA, no (EC)DHE, multiple handshakes'
154 ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -no_ecdhe -num 10 -f -time $extra || exit 1
Bodo Möller65b002f2000-03-13 19:24:39 +0000[diff] [blame]155
Andy Polyakov62d27932005-02-01 23:48:37 +0000[diff] [blame]156 if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
Richard Levitte0d3f2cc2002-12-12 18:43:10 +0000[diff] [blame]157 echo skipping RSA+DHE tests
158 else
159 echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
Andy Polyakov62d27932005-02-01 23:48:37 +0000[diff] [blame]160 ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
Richard Levitte0d3f2cc2002-12-12 18:43:10 +0000[diff] [blame]161 fi
Bodo Möller65b002f2000-03-13 19:24:39 +0000[diff] [blame]162fi
163
Bodo Möller2c472782011-09-05 13:43:56 +0000[diff] [blame]164echo test tls1 with PSK
165$ssltest -tls1 -cipher PSK -psk abc123 $extra || exit 1
Nils Larschddac1972006-03-10 23:06:27 +0000[diff] [blame]166
167echo test tls1 with PSK via BIO pair
168$ssltest -bio_pair -tls1 -cipher PSK -psk abc123 $extra || exit 1
169
Ben Lauried9a268b2010-09-05 16:35:10 +0000[diff] [blame]170#############################################################################
171# Next Protocol Negotiation Tests
172
173$ssltest -bio_pair -tls1 -npn_client || exit 1
174$ssltest -bio_pair -tls1 -npn_server || exit 1
175$ssltest -bio_pair -tls1 -npn_server_reject || exit 1
176$ssltest -bio_pair -tls1 -npn_client -npn_server_reject || exit 1
177$ssltest -bio_pair -tls1 -npn_client -npn_server || exit 1
178$ssltest -bio_pair -tls1 -npn_client -npn_server -num 2 || exit 1
179$ssltest -bio_pair -tls1 -npn_client -npn_server -num 2 -reuse || exit 1
180
Trevora398f822013-05-12 18:55:27 -0700[diff] [blame]181#############################################################################
Trevor9cd50f72013-06-13 22:36:45 -0700[diff] [blame]182# Custom Extension tests
183
184echo test tls1 with custom extensions
185$ssltest -bio_pair -tls1 -custom_ext || exit 1
186
187#############################################################################
Trevora398f822013-05-12 18:55:27 -0700[diff] [blame]188# Serverinfo tests
189
Trevor9cd50f72013-06-13 22:36:45 -0700[diff] [blame]190echo test tls1 with serverinfo
Trevora398f822013-05-12 18:55:27 -0700[diff] [blame]191$ssltest -bio_pair -tls1 -serverinfo_file $serverinfo || exit 1
192$ssltest -bio_pair -tls1 -serverinfo_file $serverinfo -serverinfo_sct || exit 1
193$ssltest -bio_pair -tls1 -serverinfo_file $serverinfo -serverinfo_tack || exit 1
194$ssltest -bio_pair -tls1 -serverinfo_file $serverinfo -serverinfo_sct -serverinfo_tack || exit 1
Trevor9cd50f72013-06-13 22:36:45 -0700[diff] [blame]195$ssltest -bio_pair -tls1 -custom_ext -serverinfo_file $serverinfo -serverinfo_sct -serverinfo_tack || exit 1
196
Trevora398f822013-05-12 18:55:27 -0700[diff] [blame]197
Adam Langleya8989362013-07-15 15:57:16 -0400[diff] [blame]198#############################################################################
199# ALPN tests
200
201$ssltest -bio_pair -tls1 -alpn_client foo -alpn_server bar || exit 1
202$ssltest -bio_pair -tls1 -alpn_client foo -alpn_server foo -alpn_expected foo || exit 1
203$ssltest -bio_pair -tls1 -alpn_client foo,bar -alpn_server foo -alpn_expected foo || exit 1
204$ssltest -bio_pair -tls1 -alpn_client bar,foo -alpn_server foo -alpn_expected foo || exit 1
205$ssltest -bio_pair -tls1 -alpn_client bar,foo -alpn_server foo,bar -alpn_expected foo || exit 1
206$ssltest -bio_pair -tls1 -alpn_client bar,foo -alpn_server bar,foo -alpn_expected bar || exit 1
207$ssltest -bio_pair -tls1 -alpn_client foo,bar -alpn_server bar,foo -alpn_expected bar || exit 1
208$ssltest -bio_pair -tls1 -alpn_client baz -alpn_server bar,foo || exit 1
209
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]210if ../util/shlib_wrap.sh ../apps/openssl no-srp; then
211 echo skipping SRP tests
212else
213 echo test tls1 with SRP
214 $ssltest -tls1 -cipher SRP -srpuser test -srppass abc123
215
216 echo test tls1 with SRP via BIO pair
217 $ssltest -bio_pair -tls1 -cipher SRP -srpuser test -srppass abc123
Dr. Stephen Henson562fd0d2014-08-08 11:19:39 +0100[diff] [blame]218
219 echo test tls1 with SRP auth
220 $ssltest -tls1 -cipher aSRP -srpuser test -srppass abc123
221
222 echo test tls1 with SRP auth via BIO pair
223 $ssltest -bio_pair -tls1 -cipher aSRP -srpuser test -srppass abc123
Ben Laurieedc032b2011-03-12 17:01:19 +0000[diff] [blame]224fi
225
Andy Polyakov77a27a52014-06-11 20:40:51 +0200[diff] [blame]226#############################################################################
227# Multi-buffer tests
228
229if [ -z "$extra" -a `uname -m` = "x86_64" ]; then
230 $ssltest -cipher AES128-SHA -bytes 8m || exit 1
231 $ssltest -cipher AES128-SHA256 -bytes 8m || exit 1
232fi
233
Bodo Möller95d29591999-06-12 01:03:40 +0000[diff] [blame]234exit 0