]>
Commit | Line | Data |
---|---|---|
7d7d2cbc UM |
1 | $! TESTSSL.COM |
2 | $ | |
3 | $ __arch := VAX | |
4 | $ if f$getsyi("cpu") .ge. 128 then __arch := AXP | |
c13ee214 RL |
5 | $ texe_dir := sys$disk:[-.'__arch'.exe.test] |
6 | $ exe_dir := sys$disk:[-.'__arch'.exe.apps] | |
7 | $ | |
8 | $ if p1 .eqs. "" | |
9 | $ then | |
10 | $ key="[-.apps]server.pem" | |
11 | $ else | |
12 | $ key=p1 | |
13 | $ endif | |
14 | $ if p2 .eqs. "" | |
15 | $ then | |
16 | $ cert="[-.apps]server.pem" | |
17 | $ else | |
18 | $ cert=p2 | |
19 | $ endif | |
20 | $ ssltest := mcr 'texe_dir'ssltest -key 'key' -cert 'cert' -c_key 'key' -c_cert 'cert' | |
21 | $ | |
cde245bd | 22 | $ define/user sys$output testssl-x509-output. |
c13ee214 RL |
23 | $ define/user sys$error nla0: |
24 | $ mcr 'exe_dir'openssl x509 -in 'cert' -text -noout | |
25 | $ set noon | |
26 | $ define/user sys$error nla0: | |
cde245bd | 27 | $ search/output=nla0: testssl-x509-output. "DSA Public Key"/exact |
c13ee214 RL |
28 | $ if $severity .eq. 1 |
29 | $ then | |
30 | $ dsa_cert := YES | |
31 | $ else | |
32 | $ dsa_cert := NO | |
33 | $ endif | |
34 | $ set on | |
cde245bd | 35 | $ delete testssl-x509-output.;* |
c13ee214 RL |
36 | $ |
37 | $ if p3 .eqs. "" | |
38 | $ then | |
39 | $ copy/concatenate [-.certs]*.pem certs.tmp | |
40 | $ CA = """-CAfile"" certs.tmp" | |
41 | $ else | |
42 | $ CA = """-CAfile"" "+p3 | |
43 | $ endif | |
44 | $ | |
45 | $!########################################################################### | |
7d7d2cbc UM |
46 | $ |
47 | $ write sys$output "test sslv2" | |
c13ee214 | 48 | $ 'ssltest' -ssl2 |
7d7d2cbc UM |
49 | $ if $severity .ne. 1 then goto exit3 |
50 | $ | |
51 | $ write sys$output "test sslv2 with server authentication" | |
c13ee214 | 52 | $ 'ssltest' -ssl2 -server_auth 'CA' |
7d7d2cbc UM |
53 | $ if $severity .ne. 1 then goto exit3 |
54 | $ | |
c13ee214 RL |
55 | $ if .not. dsa_cert |
56 | $ then | |
57 | $ write sys$output "test sslv2 with client authentication" | |
58 | $ 'ssltest' -ssl2 -client_auth 'CA' | |
59 | $ if $severity .ne. 1 then goto exit3 | |
7d7d2cbc | 60 | $ |
c13ee214 RL |
61 | $ write sys$output "test sslv2 with both client and server authentication" |
62 | $ 'ssltest' -ssl2 -server_auth -client_auth 'CA' | |
63 | $ if $severity .ne. 1 then goto exit3 | |
64 | $ endif | |
7d7d2cbc UM |
65 | $ |
66 | $ write sys$output "test sslv3" | |
c13ee214 | 67 | $ 'ssltest' -ssl3 |
7d7d2cbc UM |
68 | $ if $severity .ne. 1 then goto exit3 |
69 | $ | |
70 | $ write sys$output "test sslv3 with server authentication" | |
c13ee214 | 71 | $ 'ssltest' -ssl3 -server_auth 'CA' |
7d7d2cbc UM |
72 | $ if $severity .ne. 1 then goto exit3 |
73 | $ | |
74 | $ write sys$output "test sslv3 with client authentication" | |
c13ee214 | 75 | $ 'ssltest' -ssl3 -client_auth 'CA' |
7d7d2cbc UM |
76 | $ if $severity .ne. 1 then goto exit3 |
77 | $ | |
78 | $ write sys$output "test sslv3 with both client and server authentication" | |
c13ee214 | 79 | $ 'ssltest' -ssl3 -server_auth -client_auth 'CA' |
7d7d2cbc UM |
80 | $ if $severity .ne. 1 then goto exit3 |
81 | $ | |
82 | $ write sys$output "test sslv2/sslv3" | |
c13ee214 | 83 | $ 'ssltest' |
7d7d2cbc UM |
84 | $ if $severity .ne. 1 then goto exit3 |
85 | $ | |
86 | $ write sys$output "test sslv2/sslv3 with server authentication" | |
c13ee214 | 87 | $ 'ssltest' -server_auth 'CA' |
7d7d2cbc UM |
88 | $ if $severity .ne. 1 then goto exit3 |
89 | $ | |
90 | $ write sys$output "test sslv2/sslv3 with client authentication" | |
c13ee214 | 91 | $ 'ssltest' -client_auth 'CA' |
7d7d2cbc UM |
92 | $ if $severity .ne. 1 then goto exit3 |
93 | $ | |
94 | $ write sys$output "test sslv2/sslv3 with both client and server authentication" | |
c13ee214 | 95 | $ 'ssltest' -server_auth -client_auth 'CA' |
7d7d2cbc UM |
96 | $ if $severity .ne. 1 then goto exit3 |
97 | $ | |
8c197cc5 | 98 | $ write sys$output "test sslv2 via BIO pair" |
c13ee214 | 99 | $ 'ssltest' -bio_pair -ssl2 |
da0fc5bf RL |
100 | $ if $severity .ne. 1 then goto exit3 |
101 | $ | |
8c197cc5 | 102 | $ write sys$output "test sslv2 with server authentication via BIO pair" |
c13ee214 | 103 | $ 'ssltest' -bio_pair -ssl2 -server_auth 'CA' |
8c197cc5 UM |
104 | $ if $severity .ne. 1 then goto exit3 |
105 | $ | |
c13ee214 RL |
106 | $ if .not. dsa_cert |
107 | $ then | |
108 | $ write sys$output "test sslv2 with client authentication via BIO pair" | |
109 | $ 'ssltest' -bio_pair -ssl2 -client_auth 'CA' | |
110 | $ if $severity .ne. 1 then goto exit3 | |
8c197cc5 | 111 | $ |
c13ee214 RL |
112 | $ write sys$output "test sslv2 with both client and server authentication via BIO pair" |
113 | $ 'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA' | |
114 | $ if $severity .ne. 1 then goto exit3 | |
115 | $ endif | |
8c197cc5 UM |
116 | $ |
117 | $ write sys$output "test sslv3 via BIO pair" | |
c13ee214 | 118 | $ 'ssltest' -bio_pair -ssl3 |
8c197cc5 UM |
119 | $ if $severity .ne. 1 then goto exit3 |
120 | $ | |
121 | $ write sys$output "test sslv3 with server authentication via BIO pair" | |
c13ee214 | 122 | $ 'ssltest' -bio_pair -ssl3 -server_auth 'CA' |
8c197cc5 UM |
123 | $ if $severity .ne. 1 then goto exit3 |
124 | $ | |
125 | $ write sys$output "test sslv3 with client authentication via BIO pair" | |
c13ee214 | 126 | $ 'ssltest' -bio_pair -ssl3 -client_auth 'CA' |
8c197cc5 UM |
127 | $ if $severity .ne. 1 then goto exit3 |
128 | ||
129 | $ write sys$output "test sslv3 with both client and server authentication via BIO pair" | |
c13ee214 | 130 | $ 'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA' |
8c197cc5 UM |
131 | $ if $severity .ne. 1 then goto exit3 |
132 | $ | |
133 | $ write sys$output "test sslv2/sslv3 via BIO pair" | |
c13ee214 | 134 | $ 'ssltest' |
8c197cc5 UM |
135 | $ if $severity .ne. 1 then goto exit3 |
136 | $ | |
c13ee214 RL |
137 | $ if .not. dsa_cert |
138 | $ then | |
139 | $ write sys$output "test sslv2/sslv3 w/o DHE via BIO pair" | |
140 | $ 'ssltest' -bio_pair -no_dhe | |
141 | $ if $severity .ne. 1 then goto exit3 | |
142 | $ endif | |
143 | $ | |
144 | $ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair" | |
145 | $ 'ssltest' -bio_pair -dhe1024dsa -v | |
82a2d072 RL |
146 | $ if $severity .ne. 1 then goto exit3 |
147 | $ | |
8c197cc5 | 148 | $ write sys$output "test sslv2/sslv3 with server authentication" |
c13ee214 | 149 | $ 'ssltest' -bio_pair -server_auth 'CA' |
8c197cc5 UM |
150 | $ if $severity .ne. 1 then goto exit3 |
151 | $ | |
152 | $ write sys$output "test sslv2/sslv3 with client authentication via BIO pair" | |
c13ee214 | 153 | $ 'ssltest' -bio_pair -client_auth 'CA' |
8c197cc5 UM |
154 | $ if $severity .ne. 1 then goto exit3 |
155 | $ | |
156 | $ write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair" | |
c13ee214 | 157 | $ 'ssltest' -bio_pair -server_auth -client_auth 'CA' |
8c197cc5 UM |
158 | $ if $severity .ne. 1 then goto exit3 |
159 | $ | |
c13ee214 RL |
160 | $!########################################################################### |
161 | $ | |
c13ee214 RL |
162 | $ set noon |
163 | $ define/user sys$output nla0: | |
164 | $ mcr 'exe_dir'openssl no-rsa | |
0d3f2ccb RL |
165 | $ no_rsa=$SEVERITY |
166 | $ define/user sys$output nla0: | |
167 | $ mcr 'exe_dir'openssl no-dh | |
168 | $ no_dh=$SEVERITY | |
c13ee214 | 169 | $ set on |
0d3f2ccb RL |
170 | $ |
171 | $ if no_dh | |
172 | $ then | |
173 | $ write sys$output "skipping anonymous DH tests" | |
174 | $ else | |
175 | $ write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes" | |
176 | $ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time | |
177 | $ if $severity .ne. 1 then goto exit3 | |
178 | $ endif | |
179 | $ | |
180 | $ if no_rsa | |
c13ee214 RL |
181 | $ then |
182 | $ write sys$output "skipping RSA tests" | |
183 | $ else | |
184 | $ write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes" | |
185 | $ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time | |
186 | $ if $severity .ne. 1 then goto exit3 | |
187 | $ | |
0d3f2ccb RL |
188 | $ if no_dh |
189 | $ then | |
190 | $ write sys$output "skipping RSA+DHE tests" | |
191 | $ else | |
192 | $ write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes" | |
193 | $ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time | |
194 | $ if $severity .ne. 1 then goto exit3 | |
195 | $ endif | |
c13ee214 RL |
196 | $ endif |
197 | $ | |
7d7d2cbc UM |
198 | $ RET = 1 |
199 | $ goto exit | |
200 | $ exit3: | |
201 | $ RET = 3 | |
202 | $ exit: | |
cde245bd | 203 | $ if p3 .eqs. "" then delete certs.tmp;* |
7d7d2cbc | 204 | $ exit 'RET' |