[thirdparty/openssl.git] / test / testssl.com

$! TESTSSL.COM
$
$	__arch := VAX
$	if f$getsyi("cpu") .ge. 128 then -
	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
$	if __arch .eqs. "" then __arch := UNK
$	texe_dir := sys$disk:[-.'__arch'.exe.test]
$	exe_dir := sys$disk:[-.'__arch'.exe.apps]
$
$	if p1 .eqs. ""
$	then
$	    key="[-.apps]server.pem"
$	else
$	    key=p1
$	endif
$	if p2 .eqs. ""
$	then
$	    cert="[-.apps]server.pem"
$	else
$	    cert=p2
$	endif
$	ssltest := mcr 'texe_dir'ssltest -key 'key' -cert 'cert' -c_key 'key' -c_cert 'cert'
$
$	define/user sys$output testssl-x509-output.
$	define/user sys$error nla0:
$	mcr 'exe_dir'openssl x509 -in 'cert' -text -noout
$	set noon
$	define/user sys$error nla0:
$	search/output=nla0: testssl-x509-output. "DSA Public Key"/exact
$	if $severity .eq. 1
$	then
$	    dsa_cert := YES
$	else
$	    dsa_cert := NO
$	endif
$	set on
$	delete testssl-x509-output.;*
$
$	if p3 .eqs. ""
$	then
$	    copy/concatenate [-.certs]*.pem certs.tmp
$	    CA = """-CAfile"" certs.tmp"
$	else
$	    CA = """-CAfile"" "+p3
$	endif
$
$!###########################################################################
$
$	write sys$output "test sslv2"
$	'ssltest' -ssl2
$	if $severity .ne. 1 then goto exit3
$
$	write sys$output "test sslv2 with server authentication"
$	'ssltest' -ssl2 -server_auth 'CA'
$	if $severity .ne. 1 then goto exit3
$
$	if .not. dsa_cert
$	then
$	    write sys$output "test sslv2 with client authentication"
$	    'ssltest' -ssl2 -client_auth 'CA'
$	    if $severity .ne. 1 then goto exit3
$
$	    write sys$output "test sslv2 with both client and server authentication"
$	    'ssltest' -ssl2 -server_auth -client_auth 'CA'
$	    if $severity .ne. 1 then goto exit3
$	endif
$
$	write sys$output "test sslv3"
$	'ssltest' -ssl3
$	if $severity .ne. 1 then goto exit3
$
$	write sys$output "test sslv3 with server authentication"
$	'ssltest' -ssl3 -server_auth 'CA'
$	if $severity .ne. 1 then goto exit3
$
$	write sys$output "test sslv3 with client authentication"
$	'ssltest' -ssl3 -client_auth 'CA'
$	if $severity .ne. 1 then goto exit3
$
$	write sys$output "test sslv3 with both client and server authentication"
$	'ssltest' -ssl3 -server_auth -client_auth 'CA'
$	if $severity .ne. 1 then goto exit3
$
$	write sys$output "test sslv2/sslv3"
$	'ssltest'
$	if $severity .ne. 1 then goto exit3
$
$	write sys$output "test sslv2/sslv3 with server authentication"
$	'ssltest' -server_auth 'CA'
$	if $severity .ne. 1 then goto exit3
$
$	write sys$output "test sslv2/sslv3 with client authentication"
$	'ssltest' -client_auth 'CA'
$	if $severity .ne. 1 then goto exit3
$
$	write sys$output "test sslv2/sslv3 with both client and server authentication"
$	'ssltest' -server_auth -client_auth 'CA'
$	if $severity .ne. 1 then goto exit3
$
$	write sys$output "test sslv2 via BIO pair"
$	'ssltest' -bio_pair -ssl2 
$	if $severity .ne. 1 then goto exit3
$
$	write sys$output "test sslv2 with server authentication via BIO pair"
$	'ssltest' -bio_pair -ssl2 -server_auth 'CA' 
$	if $severity .ne. 1 then goto exit3
$
$	if .not. dsa_cert
$	then
$	    write sys$output "test sslv2 with client authentication via BIO pair"
$	    'ssltest' -bio_pair -ssl2 -client_auth 'CA' 
$	    if $severity .ne. 1 then goto exit3
$
$	    write sys$output "test sslv2 with both client and server authentication via BIO pair"
$	    'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA' 
$	    if $severity .ne. 1 then goto exit3
$	endif
$
$	write sys$output "test sslv3 via BIO pair"
$	'ssltest' -bio_pair -ssl3 
$	if $severity .ne. 1 then goto exit3
$
$	write sys$output "test sslv3 with server authentication via BIO pair"
$	'ssltest' -bio_pair -ssl3 -server_auth 'CA' 
$	if $severity .ne. 1 then goto exit3
$
$	write sys$output "test sslv3 with client authentication via BIO pair"
$	'ssltest' -bio_pair -ssl3 -client_auth 'CA' 
$	if $severity .ne. 1 then goto exit3
 
$	write sys$output "test sslv3 with both client and server authentication via BIO pair"
$	'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA' 
$	if $severity .ne. 1 then goto exit3
$
$	write sys$output "test sslv2/sslv3 via BIO pair"
$	'ssltest' 
$	if $severity .ne. 1 then goto exit3
$
$	if .not. dsa_cert
$	then
$	    write sys$output "test sslv2/sslv3 w/o DHE via BIO pair"
$	    'ssltest' -bio_pair -no_dhe
$	    if $severity .ne. 1 then goto exit3
$	endif
$
$	write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair"
$	'ssltest' -bio_pair -dhe1024dsa -v
$	if $severity .ne. 1 then goto exit3
$
$	write sys$output "test sslv2/sslv3 with server authentication"
$	'ssltest' -bio_pair -server_auth 'CA' 
$	if $severity .ne. 1 then goto exit3
$
$	write sys$output "test sslv2/sslv3 with client authentication via BIO pair"
$	'ssltest' -bio_pair -client_auth 'CA' 
$	if $severity .ne. 1 then goto exit3
$
$	write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair"
$	'ssltest' -bio_pair -server_auth -client_auth 'CA' 
$	if $severity .ne. 1 then goto exit3
$
$!###########################################################################
$
$	set noon
$	define/user sys$output nla0:
$	mcr 'exe_dir'openssl no-rsa
$	no_rsa=$SEVERITY
$	define/user sys$output nla0:
$	mcr 'exe_dir'openssl no-dh
$	no_dh=$SEVERITY
$	set on
$
$	if no_dh
$	then
$	    write sys$output "skipping anonymous DH tests"
$	else
$	    write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes"
$	    'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time
$	    if $severity .ne. 1 then goto exit3
$	endif
$
$	if no_rsa
$	then
$	    write sys$output "skipping RSA tests"
$	else
$	    write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes"
$	    mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time
$	    if $severity .ne. 1 then goto exit3
$
$	    if no_dh
$	    then
$		write sys$output "skipping RSA+DHE tests"
$	    else
$		write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes"
$		mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time
$		if $severity .ne. 1 then goto exit3
$	    endif
$	endif
$
$	RET = 1
$	goto exit
$ exit3:
$	RET = 3
$ exit:
$	if p3 .eqs. "" then delete certs.tmp;*
$	exit 'RET'
Commit	Line	Data
7d7d2cbc UM	1	$! TESTSSL.COM
	2	$
	3	$ __arch := VAX
48f48d96	4	$ if f$getsyi("cpu") .ge. 128 then -
3acd3158	5	__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
48f48d96	6	$ if __arch .eqs. "" then __arch := UNK
c13ee214 RL	7	$ texe_dir := sys$disk:[-.'__arch'.exe.test]
	8	$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
	9	$
	10	$ if p1 .eqs. ""
	11	$ then
	12	$ key="[-.apps]server.pem"
	13	$ else
	14	$ key=p1
	15	$ endif
	16	$ if p2 .eqs. ""
	17	$ then
	18	$ cert="[-.apps]server.pem"
	19	$ else
	20	$ cert=p2
	21	$ endif
	22	$ ssltest := mcr 'texe_dir'ssltest -key 'key' -cert 'cert' -c_key 'key' -c_cert 'cert'
	23	$
cde245bd	24	$ define/user sys$output testssl-x509-output.
c13ee214 RL	25	$ define/user sys$error nla0:
	26	$ mcr 'exe_dir'openssl x509 -in 'cert' -text -noout
	27	$ set noon
	28	$ define/user sys$error nla0:
cde245bd	29	$ search/output=nla0: testssl-x509-output. "DSA Public Key"/exact
c13ee214 RL	30	$ if $severity .eq. 1
	31	$ then
	32	$ dsa_cert := YES
	33	$ else
	34	$ dsa_cert := NO
	35	$ endif
	36	$ set on
cde245bd	37	$ delete testssl-x509-output.;*
c13ee214 RL	38	$
	39	$ if p3 .eqs. ""
	40	$ then
	41	$ copy/concatenate [-.certs]*.pem certs.tmp
	42	$ CA = """-CAfile"" certs.tmp"
	43	$ else
	44	$ CA = """-CAfile"" "+p3
	45	$ endif
	46	$
	47	$!###########################################################################
7d7d2cbc UM	48	$
7d7d2cbc UM	49	$ write sys$output "test sslv2"
c13ee214	50	$ 'ssltest' -ssl2
7d7d2cbc UM	51	$ if $severity .ne. 1 then goto exit3
	52	$
	53	$ write sys$output "test sslv2 with server authentication"
c13ee214	54	$ 'ssltest' -ssl2 -server_auth 'CA'
7d7d2cbc UM	55	$ if $severity .ne. 1 then goto exit3
7d7d2cbc UM	56	$
c13ee214 RL	57	$ if .not. dsa_cert
	58	$ then
	59	$ write sys$output "test sslv2 with client authentication"
	60	$ 'ssltest' -ssl2 -client_auth 'CA'
	61	$ if $severity .ne. 1 then goto exit3
7d7d2cbc	62	$
c13ee214 RL	63	$ write sys$output "test sslv2 with both client and server authentication"
	64	$ 'ssltest' -ssl2 -server_auth -client_auth 'CA'
	65	$ if $severity .ne. 1 then goto exit3
	66	$ endif
7d7d2cbc UM	67	$
7d7d2cbc UM	68	$ write sys$output "test sslv3"
c13ee214	69	$ 'ssltest' -ssl3
7d7d2cbc UM	70	$ if $severity .ne. 1 then goto exit3
	71	$
	72	$ write sys$output "test sslv3 with server authentication"
c13ee214	73	$ 'ssltest' -ssl3 -server_auth 'CA'
7d7d2cbc UM	74	$ if $severity .ne. 1 then goto exit3
	75	$
	76	$ write sys$output "test sslv3 with client authentication"
c13ee214	77	$ 'ssltest' -ssl3 -client_auth 'CA'
7d7d2cbc UM	78	$ if $severity .ne. 1 then goto exit3
	79	$
	80	$ write sys$output "test sslv3 with both client and server authentication"
c13ee214	81	$ 'ssltest' -ssl3 -server_auth -client_auth 'CA'
7d7d2cbc UM	82	$ if $severity .ne. 1 then goto exit3
	83	$
	84	$ write sys$output "test sslv2/sslv3"
c13ee214	85	$ 'ssltest'
7d7d2cbc UM	86	$ if $severity .ne. 1 then goto exit3
	87	$
	88	$ write sys$output "test sslv2/sslv3 with server authentication"
c13ee214	89	$ 'ssltest' -server_auth 'CA'
7d7d2cbc UM	90	$ if $severity .ne. 1 then goto exit3
	91	$
	92	$ write sys$output "test sslv2/sslv3 with client authentication"
c13ee214	93	$ 'ssltest' -client_auth 'CA'
7d7d2cbc UM	94	$ if $severity .ne. 1 then goto exit3
	95	$
	96	$ write sys$output "test sslv2/sslv3 with both client and server authentication"
c13ee214	97	$ 'ssltest' -server_auth -client_auth 'CA'
7d7d2cbc UM	98	$ if $severity .ne. 1 then goto exit3
7d7d2cbc UM	99	$
8c197cc5	100	$ write sys$output "test sslv2 via BIO pair"
c13ee214	101	$ 'ssltest' -bio_pair -ssl2
da0fc5bf RL	102	$ if $severity .ne. 1 then goto exit3
da0fc5bf RL	103	$
8c197cc5	104	$ write sys$output "test sslv2 with server authentication via BIO pair"
c13ee214	105	$ 'ssltest' -bio_pair -ssl2 -server_auth 'CA'
8c197cc5 UM	106	$ if $severity .ne. 1 then goto exit3
8c197cc5 UM	107	$
c13ee214 RL	108	$ if .not. dsa_cert
	109	$ then
	110	$ write sys$output "test sslv2 with client authentication via BIO pair"
	111	$ 'ssltest' -bio_pair -ssl2 -client_auth 'CA'
	112	$ if $severity .ne. 1 then goto exit3
8c197cc5	113	$
c13ee214 RL	114	$ write sys$output "test sslv2 with both client and server authentication via BIO pair"
	115	$ 'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA'
	116	$ if $severity .ne. 1 then goto exit3
	117	$ endif
8c197cc5 UM	118	$
8c197cc5 UM	119	$ write sys$output "test sslv3 via BIO pair"
c13ee214	120	$ 'ssltest' -bio_pair -ssl3
8c197cc5 UM	121	$ if $severity .ne. 1 then goto exit3
	122	$
	123	$ write sys$output "test sslv3 with server authentication via BIO pair"
c13ee214	124	$ 'ssltest' -bio_pair -ssl3 -server_auth 'CA'
8c197cc5 UM	125	$ if $severity .ne. 1 then goto exit3
	126	$
	127	$ write sys$output "test sslv3 with client authentication via BIO pair"
c13ee214	128	$ 'ssltest' -bio_pair -ssl3 -client_auth 'CA'
8c197cc5 UM	129	$ if $severity .ne. 1 then goto exit3
	130
	131	$ write sys$output "test sslv3 with both client and server authentication via BIO pair"
c13ee214	132	$ 'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA'
8c197cc5 UM	133	$ if $severity .ne. 1 then goto exit3
	134	$
	135	$ write sys$output "test sslv2/sslv3 via BIO pair"
c13ee214	136	$ 'ssltest'
8c197cc5 UM	137	$ if $severity .ne. 1 then goto exit3
8c197cc5 UM	138	$
c13ee214 RL	139	$ if .not. dsa_cert
	140	$ then
	141	$ write sys$output "test sslv2/sslv3 w/o DHE via BIO pair"
	142	$ 'ssltest' -bio_pair -no_dhe
	143	$ if $severity .ne. 1 then goto exit3
	144	$ endif
	145	$
	146	$ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair"
	147	$ 'ssltest' -bio_pair -dhe1024dsa -v
82a2d072 RL	148	$ if $severity .ne. 1 then goto exit3
82a2d072 RL	149	$
8c197cc5	150	$ write sys$output "test sslv2/sslv3 with server authentication"
c13ee214	151	$ 'ssltest' -bio_pair -server_auth 'CA'
8c197cc5 UM	152	$ if $severity .ne. 1 then goto exit3
	153	$
	154	$ write sys$output "test sslv2/sslv3 with client authentication via BIO pair"
c13ee214	155	$ 'ssltest' -bio_pair -client_auth 'CA'
8c197cc5 UM	156	$ if $severity .ne. 1 then goto exit3
	157	$
	158	$ write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair"
c13ee214	159	$ 'ssltest' -bio_pair -server_auth -client_auth 'CA'
8c197cc5 UM	160	$ if $severity .ne. 1 then goto exit3
8c197cc5 UM	161	$
c13ee214 RL	162	$!###########################################################################
c13ee214 RL	163	$
c13ee214 RL	164	$ set noon
	165	$ define/user sys$output nla0:
	166	$ mcr 'exe_dir'openssl no-rsa
0d3f2ccb RL	167	$ no_rsa=$SEVERITY
	168	$ define/user sys$output nla0:
	169	$ mcr 'exe_dir'openssl no-dh
	170	$ no_dh=$SEVERITY
c13ee214	171	$ set on
0d3f2ccb RL	172	$
	173	$ if no_dh
	174	$ then
	175	$ write sys$output "skipping anonymous DH tests"
	176	$ else
	177	$ write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes"
	178	$ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time
	179	$ if $severity .ne. 1 then goto exit3
	180	$ endif
	181	$
	182	$ if no_rsa
c13ee214 RL	183	$ then
	184	$ write sys$output "skipping RSA tests"
	185	$ else
	186	$ write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes"
	187	$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time
	188	$ if $severity .ne. 1 then goto exit3
	189	$
0d3f2ccb RL	190	$ if no_dh
	191	$ then
	192	$ write sys$output "skipping RSA+DHE tests"
	193	$ else
	194	$ write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes"
	195	$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time
	196	$ if $severity .ne. 1 then goto exit3
	197	$ endif
c13ee214 RL	198	$ endif
c13ee214 RL	199	$
7d7d2cbc UM	200	$ RET = 1
	201	$ goto exit
	202	$ exit3:
	203	$ RET = 3
	204	$ exit:
cde245bd	205	$ if p3 .eqs. "" then delete certs.tmp;*
7d7d2cbc	206	$ exit 'RET'