]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/testss.com
Because -rpath/-R may have been used, our settings of LD_LIBRARY_PATH
[thirdparty/openssl.git] / test / testss.com
1 $! TESTSS.COM
2 $
3 $ __arch := VAX
4 $ if f$getsyi("cpu") .ge. 128 then __arch := AXP
5 $ exe_dir := sys$disk:[-.'__arch'.exe.apps]
6 $
7 $ digest="-md5"
8 $ reqcmd := mcr 'exe_dir'openssl req
9 $ x509cmd := mcr 'exe_dir'openssl x509 'digest'
10 $ verifycmd := mcr 'exe_dir'openssl verify
11 $ dummycnf := sys$disk:[-.apps]openssl-vms.cnf
12 $
13 $ CAkey="""keyCA.ss"""
14 $ CAcert="""certCA.ss"""
15 $ CAreq="""reqCA.ss"""
16 $ CAconf="""CAss.cnf"""
17 $ CAreq2="""req2CA.ss""" ! temp
18 $
19 $ Uconf="""Uss.cnf"""
20 $ Ukey="""keyU.ss"""
21 $ Ureq="""reqU.ss"""
22 $ Ucert="""certU.ss"""
23 $
24 $ write sys$output ""
25 $ write sys$output "make a certificate request using 'req'"
26 $
27 $ set noon
28 $ define/user sys$output nla0:
29 $ mcr 'exe_dir'openssl no-rsa
30 $ save_severity=$SEVERITY
31 $ set on
32 $ if save_severity
33 $ then
34 $ req_new="-newkey dsa:[-.apps]dsa512.pem"
35 $ else
36 $ req_new="-new"
37 $ endif
38 $
39 $ 'reqcmd' -config 'CAconf' -out 'CAreq' -keyout 'CAkey' 'req_new' ! -out err.ss
40 $ if $severity .ne. 1
41 $ then
42 $ write sys$output "error using 'req' to generate a certificate request"
43 $ exit 3
44 $ endif
45 $ write sys$output ""
46 $ write sys$output "convert the certificate request into a self signed certificate using 'x509'"
47 $ define /user sys$output err.ss
48 $ 'x509cmd' "-CAcreateserial" -in 'CAreq' -days 30 -req -out 'CAcert' -signkey 'CAkey'
49 $ if $severity .ne. 1
50 $ then
51 $ write sys$output "error using 'x509' to self sign a certificate request"
52 $ exit 3
53 $ endif
54 $
55 $ write sys$output ""
56 $ write sys$output "convert a certificate into a certificate request using 'x509'"
57 $ define /user sys$output err.ss
58 $ 'x509cmd' -in 'CAcert' -x509toreq -signkey 'CAkey' -out 'CAreq2'
59 $ if $severity .ne. 1
60 $ then
61 $ write sys$output "error using 'x509' convert a certificate to a certificate request"
62 $ exit 3
63 $ endif
64 $
65 $ 'reqcmd' -config 'dummycnf' -verify -in 'CAreq' -noout
66 $ if $severity .ne. 1
67 $ then
68 $ write sys$output "first generated request is invalid"
69 $ exit 3
70 $ endif
71 $
72 $ 'reqcmd' -config 'dummycnf' -verify -in 'CAreq2' -noout
73 $ if $severity .ne. 1
74 $ then
75 $ write sys$output "second generated request is invalid"
76 $ exit 3
77 $ endif
78 $
79 $ 'verifycmd' "-CAfile" 'CAcert' 'CAcert'
80 $ if $severity .ne. 1
81 $ then
82 $ write sys$output "first generated cert is invalid"
83 $ exit 3
84 $ endif
85 $
86 $ write sys$output ""
87 $ write sys$output "make another certificate request using 'req'"
88 $ define /user sys$output err.ss
89 $ 'reqcmd' -config 'Uconf' -out 'Ureq' -keyout 'Ukey' 'req_new'
90 $ if $severity .ne. 1
91 $ then
92 $ write sys$output "error using 'req' to generate a certificate request"
93 $ exit 3
94 $ endif
95 $
96 $ write sys$output ""
97 $ write sys$output "sign certificate request with the just created CA via 'x509'"
98 $ define /user sys$output err.ss
99 $ 'x509cmd' "-CAcreateserial" -in 'Ureq' -days 30 -req -out 'Ucert' "-CA" 'CAcert' "-CAkey" 'CAkey'
100 $ if $severity .ne. 1
101 $ then
102 $ write sys$output "error using 'x509' to sign a certificate request"
103 $ exit 3
104 $ endif
105 $
106 $ 'verifycmd' "-CAfile" 'CAcert' 'Ucert'
107 $ write sys$output ""
108 $ write sys$output "Certificate details"
109 $ 'x509cmd' -subject -issuer -startdate -enddate -noout -in 'Ucert'
110 $
111 $ write sys$output ""
112 $ write sys$output "The generated CA certificate is ",CAcert
113 $ write sys$output "The generated CA private key is ",CAkey
114 $
115 $ write sys$output "The generated user certificate is ",Ucert
116 $ write sys$output "The generated user private key is ",Ukey
117 $
118 $ if f$search("err.ss;*") .nes. "" then delete err.ss;*