[thirdparty/openssl.git] / Netware / do_tests.pl

# perl script to run OpenSSL tests


my $base_path      = "\\openssl";

my $output_path    = "$base_path\\test_out";
my $cert_path      = "$base_path\\certs";
my $test_path      = "$base_path\\test";
my $app_path       = "$base_path\\apps";

my $tmp_cert       = "$output_path\\cert.tmp";
my $OpenSSL_config = "$app_path\\openssl.cnf";
my $log_file       = "$output_path\\tests.log";

my $pause = 0;


#  process the command line args to see if they wanted us to pause
#  between executing each command
foreach $i (@ARGV)
{
   if ($i =~ /^-p$/)
   { $pause=1; }
}


main();


############################################################################
sub main()
{
   # delete all the output files in the output directory
   unlink <$output_path\\*.*>;

   # open the main log file 
   open(OUT, ">$log_file") || die "unable to open $log_file\n";

   
   algorithm_tests();
   encryption_tests();
   pem_tests();
   verify_tests();
   ssl_tests();
   ca_tests();

   close(OUT);

   print("\nCompleted running tests.\n\n");
   print("Check log file for errors: $log_file\n");
}

############################################################################
sub algorithm_tests
{
   my $i;
   my $outFile;
   my @tests = ( rsa_test, destest, ideatest, bftest, shatest, sha1test,
                 md5test, dsatest, md2test, mdc2test, rc2test, rc4test, randtest,
                 dhtest, exptest );

   print( "\nRUNNING CRYPTO ALGORITHM TESTS:\n\n");

   print( OUT "\n========================================================\n");
   print( OUT "CRYPTO ALGORITHM TESTS:\n\n");

   foreach $i (@tests)
   {
      $outFile = "$output_path\\$i.out";
      system("$i > $outFile");
      log_desc("Test: $i\.nlm:");
      log_output("", $outFile );
   }
}

############################################################################
sub encryption_tests
{
   my $i;
   my $outFile;
   my @enc_tests = ( "enc", "rc4", "des-cfb", "des-ede-cfb", "des-ede3-cfb",
                     "des-ofb", "des-ede-ofb", "des-ede3-ofb",
                     "des-ecb", "des-ede", "des-ede3", "des-cbc",
                     "des-ede-cbc", "des-ede3-cbc", "idea-ecb", "idea-cfb",
                     "idea-ofb", "idea-cbc", "rc2-ecb", "rc2-cfb",
                     "rc2-ofb", "rc2-cbc", "bf-ecb", "bf-cfb",
                     "bf-ofb", "bf-cbc" );

   my $input = "$base_path\\do_tests.pl";
   my $cipher = "$output_path\\cipher.out";
   my $clear = "$output_path\\clear.out";

   print( "\nRUNNING ENCRYPTION & DECRYPTION TESTS:\n\n");

   print( OUT "\n========================================================\n");
   print( OUT "FILE ENCRYPTION & DECRYPTION TESTS:\n\n");

   foreach $i (@enc_tests)
   {
      log_desc("Testing: $i");

      # do encryption
      $outFile = "$output_path\\enc.out";
      system("openssl2 $i -e -bufsize 113 -k test -in $input -out $cipher > $outFile" );
      log_output("Encrypting: $input --> $cipher", $outFile);

      # do decryption
      $outFile = "$output_path\\dec.out";
      system("openssl2 $i -d -bufsize 157 -k test -in $cipher -out $clear > $outFile");
      log_output("Decrypting: $cipher --> $clear", $outFile);

      # compare files
      $x = compare_files( $input, $clear, 1);
      if ( $x == 0 )
      {
         print( "SUCCESS - files match: $input, $clear\n");
         print( OUT "SUCCESS - files match: $input, $clear\n");
      }
      else
      {
         print( "ERROR: files don't match\n");
         print( OUT "ERROR: files don't match\n");
      }

      do_wait();

      # Now do the same encryption but use Base64

      # do encryption B64
      $outFile = "$output_path\\B64enc.out";
      system("openssl2 $i -a -e -bufsize 113 -k test -in $input -out $cipher > $outFile");
      log_output("Encrypting(B64): $cipher --> $clear", $outFile);

      # do decryption B64
      $outFile = "$output_path\\B64dec.out";
      system("openssl2 $i -a -d -bufsize 157 -k test -in $cipher -out $clear > $outFile");
      log_output("Decrypting(B64): $cipher --> $clear", $outFile);

      # compare files
      $x = compare_files( $input, $clear, 1);
      if ( $x == 0 )
      {
         print( "SUCCESS - files match: $input, $clear\n");
         print( OUT "SUCCESS - files match: $input, $clear\n");
      }
      else
      {
         print( "ERROR: files don't match\n");
         print( OUT "ERROR: files don't match\n");
      }

      do_wait();

   } # end foreach

   # delete the temporary files
   unlink($cipher);
   unlink($clear);
}


############################################################################
sub pem_tests
{
   my $i;
   my $tmp_out;
   my $outFile = "$output_path\\pem.out";

   my %pem_tests = (
         "crl"      => "testcrl.pem",
          "pkcs7"   => "testp7.pem",
          "req"     => "testreq2.pem",
          "rsa"     => "testrsa.pem",
          "x509"    => "testx509.pem",
          "x509"    => "v3-cert1.pem",
          "sess_id" => "testsid.pem"  );


   print( "\nRUNNING PEM TESTS:\n\n");

   print( OUT "\n========================================================\n");
   print( OUT "PEM TESTS:\n\n");

   foreach $i (keys(%pem_tests))
   {
      log_desc( "Testing: $i");

      my $input = "$test_path\\$pem_tests{$i}";

      $tmp_out = "$output_path\\$pem_tests{$i}";

      if ($i ne "req" )
      {
         system("openssl2 $i -in $input -out $tmp_out > $outFile");
         log_output( "openssl2 $i -in $input -out $tmp_out", $outFile);
      }
      else
      {
         system("openssl2 $i -in $input -out $tmp_out -config $OpenSSL_config > $outFile");
         log_output( "openssl2 $i -in $input -out $tmp_out -config $OpenSSL_config", $outFile );
      }

      $x = compare_files( $input, $tmp_out);
      if ( $x == 0 )
      {
         print( "SUCCESS - files match: $input, $tmp_out\n");
         print( OUT "SUCCESS - files match: $input, $tmp_out\n");
      }
      else
      {
         print( "ERROR: files don't match\n");
         print( OUT "ERROR: files don't match\n");
      }
      do_wait();

   } # end foreach
}


############################################################################
sub verify_tests
{
   my $i;
   my $outFile = "$output_path\\verify.out";

   my @cert_files = <$cert_path\\*.pem>;

   print( "\nRUNNING VERIFY TESTS:\n\n");

   print( OUT "\n========================================================\n");
   print( OUT "VERIFY TESTS:\n\n");

   make_tmp_cert_file();

   foreach $i (@cert_files)
   {
      system("openssl2 verify -CAfile $tmp_cert $i >$outFile");
      log_desc("Verifying cert: $i");
      log_output("openssl2 verify -CAfile $tmp_cert $i", $outFile);
   }
}


############################################################################
sub ssl_tests
{
   my $outFile = "$output_path\\ssl_tst.out";

   print( "\nRUNNING SSL TESTS:\n\n");

   print( OUT "\n========================================================\n");
   print( OUT "SSL TESTS:\n\n");

   make_tmp_cert_file();

   system("ssltest -ssl2 >$outFile");
   log_desc("Testing sslv2:");
   log_output("ssltest -ssl2", $outFile);

   system("ssltest -ssl2 -server_auth -CAfile $tmp_cert >$outFile");
   log_desc("Testing sslv2 with server authentication:");
   log_output("ssltest -ssl2 -server_auth -CAfile $tmp_cert", $outFile);

   system("ssltest -ssl2 -client_auth -CAfile $tmp_cert >$outFile");
   log_desc("Testing sslv2 with client authentication:");
   log_output("ssltest -ssl2 -client_auth -CAfile $tmp_cert", $outFile);

   system("ssltest -ssl2 -server_auth -client_auth -CAfile $tmp_cert >$outFile");
   log_desc("Testing sslv2 with both client and server authentication:");
   log_output("ssltest -ssl2 -server_auth -client_auth -CAfile $tmp_cert", $outFile);

   system("ssltest -ssl3 >$outFile");
   log_desc("Testing sslv3:");
   log_output("ssltest -ssl3", $outFile);

   system("ssltest -ssl3 -server_auth -CAfile $tmp_cert >$outFile");
   log_desc("Testing sslv3 with server authentication:");
   log_output("ssltest -ssl3 -server_auth -CAfile $tmp_cert", $outFile);

   system("ssltest -ssl3 -client_auth -CAfile $tmp_cert >$outFile");
   log_desc("Testing sslv3 with client authentication:");
   log_output("ssltest -ssl3 -client_auth -CAfile $tmp_cert", $outFile);

   system("ssltest -ssl3 -server_auth -client_auth -CAfile $tmp_cert >$outFile");
   log_desc("Testing sslv3 with both client and server authentication:");
   log_output("ssltest -ssl3 -server_auth -client_auth -CAfile $tmp_cert", $outFile);

   system("ssltest >$outFile");
   log_desc("Testing sslv2/sslv3:");
   log_output("ssltest", $outFile);

   system("ssltest -server_auth -CAfile $tmp_cert >$outFile");
   log_desc("Testing sslv2/sslv3 with server authentication:");
   log_output("ssltest -server_auth -CAfile $tmp_cert", $outFile);

   system("ssltest -client_auth -CAfile $tmp_cert >$outFile");
   log_desc("Testing sslv2/sslv3 with client authentication:");
   log_output("ssltest -client_auth -CAfile $tmp_cert", $outFile);

   system("ssltest -server_auth -client_auth -CAfile $tmp_cert >$outFile");
   log_desc("Testing sslv2/sslv3 with both client and server authentication:");
   log_output("ssltest -server_auth -client_auth -CAfile $tmp_cert", $outFile);

   system("ssltest -bio_pair -ssl2 >$outFile");
   log_desc("Testing sslv2 via BIO pair:");
   log_output("ssltest -bio_pair -ssl2", $outFile);

   system("ssltest -bio_pair -dhe1024dsa -v >$outFile");
   log_desc("Testing sslv2/sslv3 with 1024 bit DHE via BIO pair:");
   log_output("ssltest -bio_pair -dhe1024dsa -v", $outFile);

   system("ssltest -bio_pair -ssl2 -server_auth -CAfile $tmp_cert >$outFile");
   log_desc("Testing sslv2 with server authentication via BIO pair:");
   log_output("ssltest -bio_pair -ssl2 -server_auth -CAfile $tmp_cert", $outFile);

   system("ssltest -bio_pair -ssl2 -client_auth -CAfile $tmp_cert >$outFile");
   log_desc("Testing sslv2 with client authentication via BIO pair:");
   log_output("ssltest -bio_pair -ssl2 -client_auth -CAfile $tmp_cert", $outFile);

   system("ssltest -bio_pair -ssl2 -server_auth -client_auth -CAfile $tmp_cert >$outFile");
   log_desc("Testing sslv2 with both client and server authentication via BIO pair:");
   log_output("ssltest -bio_pair -ssl2 -server_auth -client_auth -CAfile $tmp_cert", $outFile);

   system("ssltest -bio_pair -ssl3 >$outFile");
   log_desc("Testing sslv3 via BIO pair:");
   log_output("ssltest -bio_pair -ssl3", $outFile);

   system("ssltest -bio_pair -ssl3 -server_auth -CAfile $tmp_cert >$outFile");
   log_desc("Testing sslv3 with server authentication via BIO pair:");
   log_output("ssltest -bio_pair -ssl3 -server_auth -CAfile $tmp_cert", $outFile);

   system("ssltest -bio_pair -ssl3 -client_auth -CAfile $tmp_cert >$outFile");
   log_desc("Testing sslv3 with client authentication  via BIO pair:");
   log_output("ssltest -bio_pair -ssl3 -client_auth -CAfile $tmp_cert", $outFile);

   system("ssltest -bio_pair -ssl3 -server_auth -client_auth -CAfile $tmp_cert >$outFile");
   log_desc("Testing sslv3 with both client and server authentication via BIO pair:");
   log_output("ssltest -bio_pair -ssl3 -server_auth -client_auth -CAfile $tmp_cert", $outFile);

   system("ssltest -bio_pair >$outFile");
   log_desc("Testing sslv2/sslv3 via BIO pair:");
   log_output("ssltest -bio_pair", $outFile);

   system("ssltest -bio_pair -server_auth -CAfile $tmp_cert >$outFile");
   log_desc("Testing sslv2/sslv3 with server authentication via BIO pair:");
   log_output("ssltest -bio_pair -server_auth -CAfile $tmp_cert", $outFile);

   system("ssltest -bio_pair -client_auth -CAfile $tmp_cert >$outFile");
   log_desc("Testing sslv2/sslv3 with client authentication via BIO pair:");
   log_output("ssltest -bio_pair -client_auth -CAfile $tmp_cert", $outFile);

   system("ssltest -bio_pair -server_auth -client_auth -CAfile $tmp_cert >$outFile");
   log_desc("Testing sslv2/sslv3 with both client and server authentication via BIO pair:");
   log_output("ssltest -bio_pair -server_auth -client_auth -CAfile $tmp_cert", $outFile);
}


############################################################################
sub ca_tests
{
   my $outFile = "$output_path\\ca_tst.out";

   my($CAkey)     = "$output_path\\keyCA.ss";
   my($CAcert)    = "$output_path\\certCA.ss";
   my($CAserial)  = "$output_path\\certCA.srl";
   my($CAreq)     = "$output_path\\reqCA.ss";
   my($CAreq2)    = "$output_path\\req2CA.ss";

   my($CAconf)    = "$test_path\\CAss.cnf";

   my($Uconf)     = "$test_path\\Uss.cnf";

   my($Ukey)      = "$output_path\\keyU.ss";
   my($Ureq)      = "$output_path\\reqU.ss";
   my($Ucert)     = "$output_path\\certU.ss";

   print( "\nRUNNING CA TESTS:\n\n");

   print( OUT "\n========================================================\n");
   print( OUT "CA TESTS:\n");

   system("openssl2 req -config $CAconf -out $CAreq -keyout $CAkey -new >$outFile");
   log_desc("Make a certificate request using req:");
   log_output("openssl2 req -config $CAconf -out $CAreq -keyout $CAkey -new", $outFile);

   system("openssl2 x509 -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey >$outFile");
   log_desc("Convert the certificate request into a self signed certificate using x509:");
   log_output("openssl2 x509 -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey", $outFile);

   system("openssl2 x509 -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >$outFile");
   log_desc("Convert a certificate into a certificate request using 'x509':");
   log_output("openssl2 x509 -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2", $outFile);

   system("openssl2 req -config $OpenSSL_config -verify -in $CAreq -noout >$outFile");
   log_output("openssl2 req -config $OpenSSL_config -verify -in $CAreq -noout", $outFile);

   system("openssl2 req -config $OpenSSL_config -verify -in $CAreq2 -noout >$outFile");
   log_output( "openssl2 req -config $OpenSSL_config -verify -in $CAreq2 -noout", $outFile);

   system("openssl2 verify -CAfile $CAcert $CAcert >$outFile");
   log_output("openssl2 verify -CAfile $CAcert $CAcert", $outFile);

   system("openssl2 req -config $Uconf -out $Ureq -keyout $Ukey -new >$outFile");
   log_desc("Make another certificate request using req:");
   log_output("openssl2 req -config $Uconf -out $Ureq -keyout $Ukey -new", $outFile);

   system("openssl2 x509 -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial >$outFile");
   log_desc("Sign certificate request with the just created CA via x509:");
   log_output("openssl2 x509 -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial", $outFile);

   system("openssl2 verify -CAfile $CAcert $Ucert >$outFile");
   log_output("openssl2 verify -CAfile $CAcert $Ucert", $outFile);

   system("openssl2 x509 -subject -issuer -startdate -enddate -noout -in $Ucert >$outFile");
   log_desc("Certificate details");
   log_output("openssl2 x509 -subject -issuer -startdate -enddate -noout -in $Ucert", $outFile);

   print(OUT "-- \n");
   print(OUT "The generated CA certificate is $CAcert\n");
   print(OUT "The generated CA private key is $CAkey\n");
   print(OUT "The current CA signing serial number is in $CAserial\n");

   print(OUT "The generated user certificate is $Ucert\n");
   print(OUT "The generated user private key is $Ukey\n");
   print(OUT "--\n");
}

############################################################################
sub log_output( $ $ )
{
   my( $desc, $file ) = @_;
   my($error) = 0;
   my($key);
   my($msg);

   if ($desc)
   {
      print("$desc\n");
      print(OUT "$desc\n");
   }

      # loop waiting for test program to complete
   while ( stat($file) == 0)
      { print(". "); sleep(1); }


      # copy test output to log file
   open(IN, "<$file");
   while (<IN>)
   { 
      print(OUT $_); 
      if ( $_ =~ /ERROR/ )
      {
         $error = 1;
      }
   }
      # close and delete the temporary test output file
   close(IN);
   unlink($file);

   if ( $error == 0 )
   {
      $msg = "Test Succeeded";
   }
   else
   {
      $msg = "Test Failed";
   }

   print(OUT "$msg\n");

   if ($pause)
   {
      print("$msg - press ENTER to continue...");
      $key = getc;
      print("\n");
   }
      
      # Several of the testing scripts run a loop loading the 
      # same NLM with different options.
      # On slow NetWare machines there appears to be some delay in the 
      # OS actually unloading the test nlms and the OS complains about.
      # the NLM already being loaded.  This additional pause is to 
      # to help provide a little more time for unloading before trying to 
      # load again.
   sleep(1);
}


############################################################################
sub log_desc( $ )
{
   my( $desc ) = @_;

   print("\n");
   print("$desc\n");

   print(OUT "\n");
   print(OUT "$desc\n");
   print(OUT "======================================\n");
}

############################################################################
sub compare_files( $ $ $ )
{
   my( $file1, $file2, $binary ) = @_;
   my( $n1, $n2, $b1, $b2 );
   my($ret) = 1;

   open(IN0, $file1) || die "\nunable to open $file1\n";
   open(IN1, $file2) || die "\nunable to open $file2\n";

  if ($binary)
  {
      binmode IN0;
      binmode IN1;
  }

   for (;;)
   {
      $n1 = read(IN0, $b1, 512);
      $n2 = read(IN1, $b2, 512);

      if ($n1 != $n2) {last;}
      if ($b1 != $b2) {last;}

      if ($n1 == 0)
      {
         $ret = 0;
         last;
      }
   }
   close(IN0);
   close(IN1);
   return($ret);
}

############################################################################
sub do_wait()
{
   my($key);

   if ($pause)
   {
      print("Press ENTER to continue...");
      $key = getc;
      print("\n");
   }
}


############################################################################
sub make_tmp_cert_file()
{
   my @cert_files = <$cert_path\\*.pem>;

      # delete the file if it already exists
   unlink($tmp_cert);

   open( TMP_CERT, ">$tmp_cert") || die "\nunable to open $tmp_cert\n";

   print("building temporary cert file\n");
   
   # create a temporary cert file that contains all the certs
   foreach $i (@cert_files)
   {
      open( IN_CERT, $i ) || die "\nunable to open $i\n";

      for(;;)
      {
         $n = sysread(IN_CERT, $data, 1024);

         if ($n == 0)
         {
            close(IN_CERT);
            last;
         };

         syswrite(TMP_CERT, $data, $n);
      }
   }

   close( TMP_CERT );
}
Commit	Line	Data
4d8743f4 RL	1	# perl script to run OpenSSL tests
	2
	3
	4	my $base_path = "\\openssl";
	5
	6	my $output_path = "$base_path\\test_out";
	7	my $cert_path = "$base_path\\certs";
	8	my $test_path = "$base_path\\test";
	9	my $app_path = "$base_path\\apps";
	10
	11	my $tmp_cert = "$output_path\\cert.tmp";
	12	my $OpenSSL_config = "$app_path\\openssl.cnf";
	13	my $log_file = "$output_path\\tests.log";
	14
	15	my $pause = 0;
	16
	17
	18	# process the command line args to see if they wanted us to pause
	19	# between executing each command
	20	foreach $i (@ARGV)
	21	{
	22	if ($i =~ /^-p$/)
	23	{ $pause=1; }
	24	}
	25
	26
	27
	28	main();
	29
	30
	31	############################################################################
	32	sub main()
	33	{
	34	# delete all the output files in the output directory
	35	unlink <$output_path\\.>;
	36
	37	# open the main log file
	38	open(OUT, ">$log_file") \|\| die "unable to open $log_file\n";
	39
	40
	41	algorithm_tests();
	42	encryption_tests();
	43	pem_tests();
	44	verify_tests();
	45	ssl_tests();
	46	ca_tests();
	47
	48	close(OUT);
	49
	50	print("\nCompleted running tests.\n\n");
	51	print("Check log file for errors: $log_file\n");
	52	}
	53
	54	############################################################################
	55	sub algorithm_tests
	56	{
	57	my $i;
	58	my $outFile;
	59	my @tests = ( rsa_test, destest, ideatest, bftest, shatest, sha1test,
	60	md5test, dsatest, md2test, mdc2test, rc2test, rc4test, randtest,
	61	dhtest, exptest );
	62
	63	print( "\nRUNNING CRYPTO ALGORITHM TESTS:\n\n");
	64
65	print( OUT "\n========================================================\n");
66	print( OUT "CRYPTO ALGORITHM TESTS:\n\n");
67
68	foreach $i (@tests)
69	{
70	$outFile = "$output_path\\$i.out";
71	system("$i > $outFile");
72	log_desc("Test: $i\.nlm:");
73	log_output("", $outFile );
74	}
75	}
76
77	############################################################################
78	sub encryption_tests
79	{
80	my $i;
81	my $outFile;
82	my @enc_tests = ( "enc", "rc4", "des-cfb", "des-ede-cfb", "des-ede3-cfb",
83	"des-ofb", "des-ede-ofb", "des-ede3-ofb",
84	"des-ecb", "des-ede", "des-ede3", "des-cbc",
85	"des-ede-cbc", "des-ede3-cbc", "idea-ecb", "idea-cfb",
86	"idea-ofb", "idea-cbc", "rc2-ecb", "rc2-cfb",
87	"rc2-ofb", "rc2-cbc", "bf-ecb", "bf-cfb",
88	"bf-ofb", "bf-cbc" );
89
90	my $input = "$base_path\\do_tests.pl";
91	my $cipher = "$output_path\\cipher.out";
92	my $clear = "$output_path\\clear.out";
93
94	print( "\nRUNNING ENCRYPTION & DECRYPTION TESTS:\n\n");
95
96	print( OUT "\n========================================================\n");
97	print( OUT "FILE ENCRYPTION & DECRYPTION TESTS:\n\n");
98
99	foreach $i (@enc_tests)
100	{
101	log_desc("Testing: $i");
102
103	# do encryption
104	$outFile = "$output_path\\enc.out";
105	system("openssl2 $i -e -bufsize 113 -k test -in $input -out $cipher > $outFile" );
106	log_output("Encrypting: $input --> $cipher", $outFile);
107
108	# do decryption
109	$outFile = "$output_path\\dec.out";
110	system("openssl2 $i -d -bufsize 157 -k test -in $cipher -out $clear > $outFile");
111	log_output("Decrypting: $cipher --> $clear", $outFile);
112
113	# compare files
114	$x = compare_files( $input, $clear, 1);
115	if ( $x == 0 )
116	{
117	print( "SUCCESS - files match: $input, $clear\n");
118	print( OUT "SUCCESS - files match: $input, $clear\n");
119	}
120	else
121	{
122	print( "ERROR: files don't match\n");
123	print( OUT "ERROR: files don't match\n");
124	}
125
126	do_wait();
127
128	# Now do the same encryption but use Base64
129
130	# do encryption B64
131	$outFile = "$output_path\\B64enc.out";
132	system("openssl2 $i -a -e -bufsize 113 -k test -in $input -out $cipher > $outFile");
133	log_output("Encrypting(B64): $cipher --> $clear", $outFile);
134
135	# do decryption B64
136	$outFile = "$output_path\\B64dec.out";
137	system("openssl2 $i -a -d -bufsize 157 -k test -in $cipher -out $clear > $outFile");
138	log_output("Decrypting(B64): $cipher --> $clear", $outFile);
139
140	# compare files
141	$x = compare_files( $input, $clear, 1);
142	if ( $x == 0 )
143	{
144	print( "SUCCESS - files match: $input, $clear\n");
145	print( OUT "SUCCESS - files match: $input, $clear\n");
146	}
147	else
148	{
149	print( "ERROR: files don't match\n");
150	print( OUT "ERROR: files don't match\n");
151	}
152
153	do_wait();
154
155	} # end foreach
156
157	# delete the temporary files
158	unlink($cipher);
159	unlink($clear);
160	}
161
162
163	############################################################################
164	sub pem_tests
165	{
166	my $i;
167	my $tmp_out;
168	my $outFile = "$output_path\\pem.out";
169
170	my %pem_tests = (
171	"crl" => "testcrl.pem",
172	"pkcs7" => "testp7.pem",
173	"req" => "testreq2.pem",
174	"rsa" => "testrsa.pem",
175	"x509" => "testx509.pem",
176	"x509" => "v3-cert1.pem",
177	"sess_id" => "testsid.pem" );
178
179
180	print( "\nRUNNING PEM TESTS:\n\n");
181
182	print( OUT "\n========================================================\n");
183	print( OUT "PEM TESTS:\n\n");
184
185	foreach $i (keys(%pem_tests))
186	{
187	log_desc( "Testing: $i");
188
189	my $input = "$test_path\\$pem_tests{$i}";
190
191	$tmp_out = "$output_path\\$pem_tests{$i}";
192
193	if ($i ne "req" )
194	{
195	system("openssl2 $i -in $input -out $tmp_out > $outFile");
196	log_output( "openssl2 $i -in $input -out $tmp_out", $outFile);
197	}
198	else
199	{
200	system("openssl2 $i -in $input -out $tmp_out -config $OpenSSL_config > $outFile");
201	log_output( "openssl2 $i -in $input -out $tmp_out -config $OpenSSL_config", $outFile );
202	}
203
204	$x = compare_files( $input, $tmp_out);
205	if ( $x == 0 )
206	{
207	print( "SUCCESS - files match: $input, $tmp_out\n");
208	print( OUT "SUCCESS - files match: $input, $tmp_out\n");
209	}
210	else
211	{
212	print( "ERROR: files don't match\n");
213	print( OUT "ERROR: files don't match\n");
214	}
215	do_wait();
216
217	} # end foreach
218	}
219
220
221	############################################################################
222	sub verify_tests
223	{
224	my $i;
225	my $outFile = "$output_path\\verify.out";
226
227	my @cert_files = <$cert_path\\*.pem>;
228
229	print( "\nRUNNING VERIFY TESTS:\n\n");
230
231	print( OUT "\n========================================================\n");
232	print( OUT "VERIFY TESTS:\n\n");
233
234	make_tmp_cert_file();
235
236	foreach $i (@cert_files)
237	{
238	system("openssl2 verify -CAfile $tmp_cert $i >$outFile");
239	log_desc("Verifying cert: $i");
240	log_output("openssl2 verify -CAfile $tmp_cert $i", $outFile);
241	}
242	}
243
244
245	############################################################################
246	sub ssl_tests
247	{
248	my $outFile = "$output_path\\ssl_tst.out";
249
250	print( "\nRUNNING SSL TESTS:\n\n");
251
252	print( OUT "\n========================================================\n");
253	print( OUT "SSL TESTS:\n\n");
254
255	make_tmp_cert_file();
256
257	system("ssltest -ssl2 >$outFile");
258	log_desc("Testing sslv2:");
259	log_output("ssltest -ssl2", $outFile);
260
261	system("ssltest -ssl2 -server_auth -CAfile $tmp_cert >$outFile");
262	log_desc("Testing sslv2 with server authentication:");
263	log_output("ssltest -ssl2 -server_auth -CAfile $tmp_cert", $outFile);
264
265	system("ssltest -ssl2 -client_auth -CAfile $tmp_cert >$outFile");
266	log_desc("Testing sslv2 with client authentication:");
267	log_output("ssltest -ssl2 -client_auth -CAfile $tmp_cert", $outFile);
268
269	system("ssltest -ssl2 -server_auth -client_auth -CAfile $tmp_cert >$outFile");
270	log_desc("Testing sslv2 with both client and server authentication:");
271	log_output("ssltest -ssl2 -server_auth -client_auth -CAfile $tmp_cert", $outFile);
272
273	system("ssltest -ssl3 >$outFile");
274	log_desc("Testing sslv3:");
275	log_output("ssltest -ssl3", $outFile);
276
277	system("ssltest -ssl3 -server_auth -CAfile $tmp_cert >$outFile");
278	log_desc("Testing sslv3 with server authentication:");
279	log_output("ssltest -ssl3 -server_auth -CAfile $tmp_cert", $outFile);
280
281	system("ssltest -ssl3 -client_auth -CAfile $tmp_cert >$outFile");
282	log_desc("Testing sslv3 with client authentication:");
283	log_output("ssltest -ssl3 -client_auth -CAfile $tmp_cert", $outFile);
284
285	system("ssltest -ssl3 -server_auth -client_auth -CAfile $tmp_cert >$outFile");
286	log_desc("Testing sslv3 with both client and server authentication:");
287	log_output("ssltest -ssl3 -server_auth -client_auth -CAfile $tmp_cert", $outFile);
288
289	system("ssltest >$outFile");
290	log_desc("Testing sslv2/sslv3:");
291	log_output("ssltest", $outFile);
292
293	system("ssltest -server_auth -CAfile $tmp_cert >$outFile");
294	log_desc("Testing sslv2/sslv3 with server authentication:");
295	log_output("ssltest -server_auth -CAfile $tmp_cert", $outFile);
296
297	system("ssltest -client_auth -CAfile $tmp_cert >$outFile");
298	log_desc("Testing sslv2/sslv3 with client authentication:");
299	log_output("ssltest -client_auth -CAfile $tmp_cert", $outFile);
300
301	system("ssltest -server_auth -client_auth -CAfile $tmp_cert >$outFile");
302	log_desc("Testing sslv2/sslv3 with both client and server authentication:");
303	log_output("ssltest -server_auth -client_auth -CAfile $tmp_cert", $outFile);
304
305	system("ssltest -bio_pair -ssl2 >$outFile");
306	log_desc("Testing sslv2 via BIO pair:");
307	log_output("ssltest -bio_pair -ssl2", $outFile);
308
309	system("ssltest -bio_pair -dhe1024dsa -v >$outFile");
310	log_desc("Testing sslv2/sslv3 with 1024 bit DHE via BIO pair:");
311	log_output("ssltest -bio_pair -dhe1024dsa -v", $outFile);
312
313	system("ssltest -bio_pair -ssl2 -server_auth -CAfile $tmp_cert >$outFile");
314	log_desc("Testing sslv2 with server authentication via BIO pair:");
315	log_output("ssltest -bio_pair -ssl2 -server_auth -CAfile $tmp_cert", $outFile);
316
317	system("ssltest -bio_pair -ssl2 -client_auth -CAfile $tmp_cert >$outFile");
318	log_desc("Testing sslv2 with client authentication via BIO pair:");
319	log_output("ssltest -bio_pair -ssl2 -client_auth -CAfile $tmp_cert", $outFile);
320
321	system("ssltest -bio_pair -ssl2 -server_auth -client_auth -CAfile $tmp_cert >$outFile");
322	log_desc("Testing sslv2 with both client and server authentication via BIO pair:");
323	log_output("ssltest -bio_pair -ssl2 -server_auth -client_auth -CAfile $tmp_cert", $outFile);
324
325	system("ssltest -bio_pair -ssl3 >$outFile");
326	log_desc("Testing sslv3 via BIO pair:");
327	log_output("ssltest -bio_pair -ssl3", $outFile);
328
329	system("ssltest -bio_pair -ssl3 -server_auth -CAfile $tmp_cert >$outFile");
330	log_desc("Testing sslv3 with server authentication via BIO pair:");
331	log_output("ssltest -bio_pair -ssl3 -server_auth -CAfile $tmp_cert", $outFile);
332
333	system("ssltest -bio_pair -ssl3 -client_auth -CAfile $tmp_cert >$outFile");
334	log_desc("Testing sslv3 with client authentication via BIO pair:");
335	log_output("ssltest -bio_pair -ssl3 -client_auth -CAfile $tmp_cert", $outFile);
336
337	system("ssltest -bio_pair -ssl3 -server_auth -client_auth -CAfile $tmp_cert >$outFile");
338	log_desc("Testing sslv3 with both client and server authentication via BIO pair:");
339	log_output("ssltest -bio_pair -ssl3 -server_auth -client_auth -CAfile $tmp_cert", $outFile);
340
341	system("ssltest -bio_pair >$outFile");
342	log_desc("Testing sslv2/sslv3 via BIO pair:");
343	log_output("ssltest -bio_pair", $outFile);
344
345	system("ssltest -bio_pair -server_auth -CAfile $tmp_cert >$outFile");
346	log_desc("Testing sslv2/sslv3 with server authentication via BIO pair:");
347	log_output("ssltest -bio_pair -server_auth -CAfile $tmp_cert", $outFile);
348
349	system("ssltest -bio_pair -client_auth -CAfile $tmp_cert >$outFile");
350	log_desc("Testing sslv2/sslv3 with client authentication via BIO pair:");
351	log_output("ssltest -bio_pair -client_auth -CAfile $tmp_cert", $outFile);
352
353	system("ssltest -bio_pair -server_auth -client_auth -CAfile $tmp_cert >$outFile");
354	log_desc("Testing sslv2/sslv3 with both client and server authentication via BIO pair:");
355	log_output("ssltest -bio_pair -server_auth -client_auth -CAfile $tmp_cert", $outFile);
356	}
357
358
359	############################################################################
360	sub ca_tests
361	{
362	my $outFile = "$output_path\\ca_tst.out";
363
364	my($CAkey) = "$output_path\\keyCA.ss";
365	my($CAcert) = "$output_path\\certCA.ss";
366	my($CAserial) = "$output_path\\certCA.srl";
367	my($CAreq) = "$output_path\\reqCA.ss";
368	my($CAreq2) = "$output_path\\req2CA.ss";
369
370	my($CAconf) = "$test_path\\CAss.cnf";
371
372	my($Uconf) = "$test_path\\Uss.cnf";
373
374	my($Ukey) = "$output_path\\keyU.ss";
375	my($Ureq) = "$output_path\\reqU.ss";
376	my($Ucert) = "$output_path\\certU.ss";
377
378	print( "\nRUNNING CA TESTS:\n\n");
379
380	print( OUT "\n========================================================\n");
381	print( OUT "CA TESTS:\n");
382
383	system("openssl2 req -config $CAconf -out $CAreq -keyout $CAkey -new >$outFile");
384	log_desc("Make a certificate request using req:");
385	log_output("openssl2 req -config $CAconf -out $CAreq -keyout $CAkey -new", $outFile);
386
387	system("openssl2 x509 -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey >$outFile");
388	log_desc("Convert the certificate request into a self signed certificate using x509:");
389	log_output("openssl2 x509 -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey", $outFile);
390
391	system("openssl2 x509 -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >$outFile");
392	log_desc("Convert a certificate into a certificate request using 'x509':");
393	log_output("openssl2 x509 -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2", $outFile);
394
395	system("openssl2 req -config $OpenSSL_config -verify -in $CAreq -noout >$outFile");
396	log_output("openssl2 req -config $OpenSSL_config -verify -in $CAreq -noout", $outFile);
397
398	system("openssl2 req -config $OpenSSL_config -verify -in $CAreq2 -noout >$outFile");
399	log_output( "openssl2 req -config $OpenSSL_config -verify -in $CAreq2 -noout", $outFile);
400
401	system("openssl2 verify -CAfile $CAcert $CAcert >$outFile");
402	log_output("openssl2 verify -CAfile $CAcert $CAcert", $outFile);
403
404	system("openssl2 req -config $Uconf -out $Ureq -keyout $Ukey -new >$outFile");
405	log_desc("Make another certificate request using req:");
406	log_output("openssl2 req -config $Uconf -out $Ureq -keyout $Ukey -new", $outFile);
407
408	system("openssl2 x509 -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial >$outFile");
409	log_desc("Sign certificate request with the just created CA via x509:");
410	log_output("openssl2 x509 -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial", $outFile);
411
412	system("openssl2 verify -CAfile $CAcert $Ucert >$outFile");
413	log_output("openssl2 verify -CAfile $CAcert $Ucert", $outFile);
414
415	system("openssl2 x509 -subject -issuer -startdate -enddate -noout -in $Ucert >$outFile");
416	log_desc("Certificate details");
417	log_output("openssl2 x509 -subject -issuer -startdate -enddate -noout -in $Ucert", $outFile);
418
419	print(OUT "-- \n");
420	print(OUT "The generated CA certificate is $CAcert\n");
421	print(OUT "The generated CA private key is $CAkey\n");
422	print(OUT "The current CA signing serial number is in $CAserial\n");
423
424	print(OUT "The generated user certificate is $Ucert\n");
425	print(OUT "The generated user private key is $Ukey\n");
426	print(OUT "--\n");
427	}
428
429	############################################################################
430	sub log_output( $ $ )
431	{
432	my( $desc, $file ) = @_;
433	my($error) = 0;
434	my($key);
435	my($msg);
436
437	if ($desc)
438	{
439	print("$desc\n");
440	print(OUT "$desc\n");
441	}
442
443	# loop waiting for test program to complete
444	while ( stat($file) == 0)
445	{ print(". "); sleep(1); }
446
447
448	# copy test output to log file
449	open(IN, "<$file");
450	while (<IN>)
451	{
452	print(OUT $_);
453	if ( $_ =~ /ERROR/ )
454	{
455	$error = 1;
456	}
457	}
458	# close and delete the temporary test output file
459	close(IN);
460	unlink($file);
461
462	if ( $error == 0 )
463	{
464	$msg = "Test Succeeded";
465	}
466	else
467	{
468	$msg = "Test Failed";
469	}
470
471	print(OUT "$msg\n");
472
473	if ($pause)
474	{
475	print("$msg - press ENTER to continue...");
476	$key = getc;
477	print("\n");
478	}
479
480	# Several of the testing scripts run a loop loading the
481	# same NLM with different options.
482	# On slow NetWare machines there appears to be some delay in the
483	# OS actually unloading the test nlms and the OS complains about.
484	# the NLM already being loaded. This additional pause is to
485	# to help provide a little more time for unloading before trying to
486	# load again.
487	sleep(1);
488	}
489
490
491	############################################################################
492	sub log_desc( $ )
493	{
494	my( $desc ) = @_;
495
496	print("\n");
497	print("$desc\n");
498
499	print(OUT "\n");
500	print(OUT "$desc\n");
501	print(OUT "======================================\n");
502	}
503
504	############################################################################
505	sub compare_files( $ $ $ )
506	{
507	my( $file1, $file2, $binary ) = @_;
508	my( $n1, $n2, $b1, $b2 );
509	my($ret) = 1;
510
511	open(IN0, $file1) \|\| die "\nunable to open $file1\n";
512	open(IN1, $file2) \|\| die "\nunable to open $file2\n";
513
514	if ($binary)
515	{
516	binmode IN0;
517	binmode IN1;
518	}
519
520	for (;;)
521	{
522	$n1 = read(IN0, $b1, 512);
523	$n2 = read(IN1, $b2, 512);
524
525	if ($n1 != $n2) {last;}
526	if ($b1 != $b2) {last;}
527
528	if ($n1 == 0)
529	{
530	$ret = 0;
531	last;
532	}
533	}
534	close(IN0);
535	close(IN1);
536	return($ret);
537	}
538
539	############################################################################
540	sub do_wait()
541	{
542	my($key);
543
544	if ($pause)
545	{
546	print("Press ENTER to continue...");
547	$key = getc;
548	print("\n");
549	}
550	}
551
552
553	############################################################################
554	sub make_tmp_cert_file()
555	{
556	my @cert_files = <$cert_path\\*.pem>;
557
558	# delete the file if it already exists
559	unlink($tmp_cert);
560
561	open( TMP_CERT, ">$tmp_cert") \|\| die "\nunable to open $tmp_cert\n";
562
563	print("building temporary cert file\n");
564
565	# create a temporary cert file that contains all the certs
566	foreach $i (@cert_files)
567	{
568	open( IN_CERT, $i ) \|\| die "\nunable to open $i\n";
569
570	for(;;)
571	{
572	$n = sysread(IN_CERT, $data, 1024);
573
574	if ($n == 0)
575	{
576	close(IN_CERT);
577	last;
578	};
579
580	syswrite(TMP_CERT, $data, $n);
581	}
582	}
583
584	close( TMP_CERT );
585	}