]> git.ipfire.org Git - thirdparty/openssl.git/blob - Netware/do_tests.pl
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Remove SSLv2 support
[thirdparty/openssl.git] / Netware / do_tests.pl
1 # perl script to run OpenSSL tests
2
3
4 my $base_path = "\\openssl";
5
6 my $output_path = "$base_path\\test_out";
7 my $cert_path = "$base_path\\certs";
8 my $test_path = "$base_path\\test";
9 my $app_path = "$base_path\\apps";
10
11 my $tmp_cert = "$output_path\\cert.tmp";
12 my $OpenSSL_config = "$app_path\\openssl.cnf";
13 my $log_file = "$output_path\\tests.log";
14
15 my $pause = 0;
16
17
18 # process the command line args to see if they wanted us to pause
19 # between executing each command
20 foreach $i (@ARGV)
21 {
22 if ($i =~ /^-p$/)
23 { $pause=1; }
24 }
25
26
27
28 main();
29
30
31 ############################################################################
32 sub main()
33 {
34 # delete all the output files in the output directory
35 unlink <$output_path\\*.*>;
36
37 # open the main log file
38 open(OUT, ">$log_file") || die "unable to open $log_file\n";
39
40 print( OUT "========================================================\n");
41 my $outFile = "$output_path\\version.out";
42 system("openssl2 version (CLIB_OPT)/>$outFile");
43 log_output("CHECKING FOR OPENSSL VERSION:", $outFile);
44
45 algorithm_tests();
46 encryption_tests();
47 evp_tests();
48 pem_tests();
49 verify_tests();
50 ca_tests();
51 ssl_tests();
52
53 close(OUT);
54
55 print("\nCompleted running tests.\n\n");
56 print("Check log file for errors: $log_file\n");
57 }
58
59 ############################################################################
60 sub algorithm_tests
61 {
62 my $i;
63 my $outFile;
64 my @tests = ( rsa_test, destest, ideatest, bftest, bntest, shatest, sha1test,
65 sha256t, sha512t, dsatest, md2test, md4test, md5test, mdc2test,
66 rc2test, rc4test, rc5test, randtest, rmdtest, dhtest, ecdhtest,
67 ecdsatest, ectest, exptest, casttest, hmactest );
68
69 print( "\nRUNNING CRYPTO ALGORITHM TESTS:\n\n");
70
71 print( OUT "\n========================================================\n");
72 print( OUT "CRYPTO ALGORITHM TESTS:\n\n");
73
74 foreach $i (@tests)
75 {
76 if (-e "$base_path\\$i.nlm")
77 {
78 $outFile = "$output_path\\$i.out";
79 system("$i (CLIB_OPT)/>$outFile");
80 log_desc("Test: $i\.nlm:");
81 log_output("", $outFile );
82 }
83 else
84 {
85 log_desc("Test: $i\.nlm: file not found");
86 }
87 }
88 }
89
90 ############################################################################
91 sub encryption_tests
92 {
93 my $i;
94 my $outFile;
95 my @enc_tests = ( "enc", "rc4", "des-cfb", "des-ede-cfb", "des-ede3-cfb",
96 "des-ofb", "des-ede-ofb", "des-ede3-ofb",
97 "des-ecb", "des-ede", "des-ede3", "des-cbc",
98 "des-ede-cbc", "des-ede3-cbc", "idea-ecb", "idea-cfb",
99 "idea-ofb", "idea-cbc", "rc2-ecb", "rc2-cfb",
100 "rc2-ofb", "rc2-cbc", "bf-ecb", "bf-cfb",
101 "bf-ofb", "bf-cbc" );
102
103 my $input = "$base_path\\do_tests.pl";
104 my $cipher = "$output_path\\cipher.out";
105 my $clear = "$output_path\\clear.out";
106
107 print( "\nRUNNING ENCRYPTION & DECRYPTION TESTS:\n\n");
108
109 print( OUT "\n========================================================\n");
110 print( OUT "FILE ENCRYPTION & DECRYPTION TESTS:\n\n");
111
112 foreach $i (@enc_tests)
113 {
114 log_desc("Testing: $i");
115
116 # do encryption
117 $outFile = "$output_path\\enc.out";
118 system("openssl2 $i -e -bufsize 113 -k test -in $input -out $cipher (CLIB_OPT)/>$outFile" );
119 log_output("Encrypting: $input --> $cipher", $outFile);
120
121 # do decryption
122 $outFile = "$output_path\\dec.out";
123 system("openssl2 $i -d -bufsize 157 -k test -in $cipher -out $clear (CLIB_OPT)/>$outFile");
124 log_output("Decrypting: $cipher --> $clear", $outFile);
125
126 # compare files
127 $x = compare_files( $input, $clear, 1);
128 if ( $x == 0 )
129 {
130 print( "\rSUCCESS - files match: $input, $clear\n");
131 print( OUT "SUCCESS - files match: $input, $clear\n");
132 }
133 else
134 {
135 print( "\rERROR: files don't match\n");
136 print( OUT "ERROR: files don't match\n");
137 }
138
139 do_wait();
140
141 # Now do the same encryption but use Base64
142
143 # do encryption B64
144 $outFile = "$output_path\\B64enc.out";
145 system("openssl2 $i -a -e -bufsize 113 -k test -in $input -out $cipher (CLIB_OPT)/>$outFile");
146 log_output("Encrypting(B64): $cipher --> $clear", $outFile);
147
148 # do decryption B64
149 $outFile = "$output_path\\B64dec.out";
150 system("openssl2 $i -a -d -bufsize 157 -k test -in $cipher -out $clear (CLIB_OPT)/>$outFile");
151 log_output("Decrypting(B64): $cipher --> $clear", $outFile);
152
153 # compare files
154 $x = compare_files( $input, $clear, 1);
155 if ( $x == 0 )
156 {
157 print( "\rSUCCESS - files match: $input, $clear\n");
158 print( OUT "SUCCESS - files match: $input, $clear\n");
159 }
160 else
161 {
162 print( "\rERROR: files don't match\n");
163 print( OUT "ERROR: files don't match\n");
164 }
165
166 do_wait();
167
168 } # end foreach
169
170 # delete the temporary files
171 unlink($cipher);
172 unlink($clear);
173 }
174
175
176 ############################################################################
177 sub pem_tests
178 {
179 my $i;
180 my $tmp_out;
181 my $outFile = "$output_path\\pem.out";
182
183 my %pem_tests = (
184 "crl" => "testcrl.pem",
185 "pkcs7" => "testp7.pem",
186 "req" => "testreq2.pem",
187 "rsa" => "testrsa.pem",
188 "x509" => "testx509.pem",
189 "x509" => "v3-cert1.pem",
190 "sess_id" => "testsid.pem" );
191
192
193 print( "\nRUNNING PEM TESTS:\n\n");
194
195 print( OUT "\n========================================================\n");
196 print( OUT "PEM TESTS:\n\n");
197
198 foreach $i (keys(%pem_tests))
199 {
200 log_desc( "Testing: $i");
201
202 my $input = "$test_path\\$pem_tests{$i}";
203
204 $tmp_out = "$output_path\\$pem_tests{$i}";
205
206 if ($i ne "req" )
207 {
208 system("openssl2 $i -in $input -out $tmp_out (CLIB_OPT)/>$outFile");
209 log_output( "openssl2 $i -in $input -out $tmp_out", $outFile);
210 }
211 else
212 {
213 system("openssl2 $i -in $input -out $tmp_out -config $OpenSSL_config (CLIB_OPT)/>$outFile");
214 log_output( "openssl2 $i -in $input -out $tmp_out -config $OpenSSL_config", $outFile );
215 }
216
217 $x = compare_files( $input, $tmp_out);
218 if ( $x == 0 )
219 {
220 print( "\rSUCCESS - files match: $input, $tmp_out\n");
221 print( OUT "SUCCESS - files match: $input, $tmp_out\n");
222 }
223 else
224 {
225 print( "\rERROR: files don't match\n");
226 print( OUT "ERROR: files don't match\n");
227 }
228 do_wait();
229
230 } # end foreach
231 }
232
233
234 ############################################################################
235 sub verify_tests
236 {
237 my $i;
238 my $outFile = "$output_path\\verify.out";
239
240 $cert_path =~ s/\\/\//g;
241 my @cert_files = <$cert_path/*.pem>;
242
243 print( "\nRUNNING VERIFY TESTS:\n\n");
244
245 print( OUT "\n========================================================\n");
246 print( OUT "VERIFY TESTS:\n\n");
247
248 make_tmp_cert_file();
249
250 foreach $i (@cert_files)
251 {
252 system("openssl2 verify -CAfile $tmp_cert $i (CLIB_OPT)/>$outFile");
253 log_desc("Verifying cert: $i");
254 log_output("openssl2 verify -CAfile $tmp_cert $i", $outFile);
255 }
256 }
257
258
259 ############################################################################
260 sub ssl_tests
261 {
262 my $outFile = "$output_path\\ssl_tst.out";
263 my($CAcert) = "$output_path\\certCA.ss";
264 my($Ukey) = "$output_path\\keyU.ss";
265 my($Ucert) = "$output_path\\certU.ss";
266 my($ssltest)= "ssltest -key $Ukey -cert $Ucert -c_key $Ukey -c_cert $Ucert -CAfile $CAcert";
267
268 print( "\nRUNNING SSL TESTS:\n\n");
269
270 print( OUT "\n========================================================\n");
271 print( OUT "SSL TESTS:\n\n");
272
273 system("ssltest -ssl3 (CLIB_OPT)/>$outFile");
274 log_desc("Testing sslv3:");
275 log_output("ssltest -ssl3", $outFile);
276
277 system("$ssltest -ssl3 -server_auth (CLIB_OPT)/>$outFile");
278 log_desc("Testing sslv3 with server authentication:");
279 log_output("$ssltest -ssl3 -server_auth", $outFile);
280
281 system("$ssltest -ssl3 -client_auth (CLIB_OPT)/>$outFile");
282 log_desc("Testing sslv3 with client authentication:");
283 log_output("$ssltest -ssl3 -client_auth", $outFile);
284
285 system("$ssltest -ssl3 -server_auth -client_auth (CLIB_OPT)/>$outFile");
286 log_desc("Testing sslv3 with both client and server authentication:");
287 log_output("$ssltest -ssl3 -server_auth -client_auth", $outFile);
288
289 system("ssltest (CLIB_OPT)/>$outFile");
290 log_desc("Testing sslv2/sslv3:");
291 log_output("ssltest", $outFile);
292
293 system("$ssltest -server_auth (CLIB_OPT)/>$outFile");
294 log_desc("Testing sslv2/sslv3 with server authentication:");
295 log_output("$ssltest -server_auth", $outFile);
296
297 system("$ssltest -client_auth (CLIB_OPT)/>$outFile");
298 log_desc("Testing sslv2/sslv3 with client authentication:");
299 log_output("$ssltest -client_auth ", $outFile);
300
301 system("$ssltest -server_auth -client_auth (CLIB_OPT)/>$outFile");
302 log_desc("Testing sslv2/sslv3 with both client and server authentication:");
303 log_output("$ssltest -server_auth -client_auth", $outFile);
304
305 system("ssltest -bio_pair -dhe1024dsa -v (CLIB_OPT)/>$outFile");
306 log_desc("Testing sslv2/sslv3 with 1024 bit DHE via BIO pair:");
307 log_output("ssltest -bio_pair -dhe1024dsa -v", $outFile);
308
309 system("ssltest -bio_pair -ssl3 (CLIB_OPT)/>$outFile");
310 log_desc("Testing sslv3 via BIO pair:");
311 log_output("ssltest -bio_pair -ssl3", $outFile);
312
313 system("$ssltest -bio_pair -ssl3 -server_auth (CLIB_OPT)/>$outFile");
314 log_desc("Testing sslv3 with server authentication via BIO pair:");
315 log_output("$ssltest -bio_pair -ssl3 -server_auth", $outFile);
316
317 system("$ssltest -bio_pair -ssl3 -client_auth (CLIB_OPT)/>$outFile");
318 log_desc("Testing sslv3 with client authentication via BIO pair:");
319 log_output("$ssltest -bio_pair -ssl3 -client_auth", $outFile);
320
321 system("$ssltest -bio_pair -ssl3 -server_auth -client_auth (CLIB_OPT)/>$outFile");
322 log_desc("Testing sslv3 with both client and server authentication via BIO pair:");
323 log_output("$ssltest -bio_pair -ssl3 -server_auth -client_auth", $outFile);
324
325 system("ssltest -bio_pair (CLIB_OPT)/>$outFile");
326 log_desc("Testing sslv2/sslv3 via BIO pair:");
327 log_output("ssltest -bio_pair", $outFile);
328
329 system("$ssltest -bio_pair -server_auth (CLIB_OPT)/>$outFile");
330 log_desc("Testing sslv2/sslv3 with server authentication via BIO pair:");
331 log_output("$ssltest -bio_pair -server_auth", $outFile);
332
333 system("$ssltest -bio_pair -client_auth (CLIB_OPT)/>$outFile");
334 log_desc("Testing sslv2/sslv3 with client authentication via BIO pair:");
335 log_output("$ssltest -bio_pair -client_auth", $outFile);
336
337 system("$ssltest -bio_pair -server_auth -client_auth (CLIB_OPT)/>$outFile");
338 log_desc("Testing sslv2/sslv3 with both client and server authentication via BIO pair:");
339 log_output("$ssltest -bio_pair -server_auth -client_auth", $outFile);
340 }
341
342
343 ############################################################################
344 sub ca_tests
345 {
346 my $outFile = "$output_path\\ca_tst.out";
347
348 my($CAkey) = "$output_path\\keyCA.ss";
349 my($CAcert) = "$output_path\\certCA.ss";
350 my($CAserial) = "$output_path\\certCA.srl";
351 my($CAreq) = "$output_path\\reqCA.ss";
352 my($CAreq2) = "$output_path\\req2CA.ss";
353
354 my($CAconf) = "$test_path\\CAss.cnf";
355
356 my($Uconf) = "$test_path\\Uss.cnf";
357
358 my($Ukey) = "$output_path\\keyU.ss";
359 my($Ureq) = "$output_path\\reqU.ss";
360 my($Ucert) = "$output_path\\certU.ss";
361
362 print( "\nRUNNING CA TESTS:\n\n");
363
364 print( OUT "\n========================================================\n");
365 print( OUT "CA TESTS:\n");
366
367 system("openssl2 req -config $CAconf -out $CAreq -keyout $CAkey -new (CLIB_OPT)/>$outFile");
368 log_desc("Make a certificate request using req:");
369 log_output("openssl2 req -config $CAconf -out $CAreq -keyout $CAkey -new", $outFile);
370
371 system("openssl2 x509 -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey (CLIB_OPT)/>$outFile");
372 log_desc("Convert the certificate request into a self signed certificate using x509:");
373 log_output("openssl2 x509 -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey", $outFile);
374
375 system("openssl2 x509 -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 (CLIB_OPT)/>$outFile");
376 log_desc("Convert a certificate into a certificate request using 'x509':");
377 log_output("openssl2 x509 -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2", $outFile);
378
379 system("openssl2 req -config $OpenSSL_config -verify -in $CAreq -noout (CLIB_OPT)/>$outFile");
380 log_output("openssl2 req -config $OpenSSL_config -verify -in $CAreq -noout", $outFile);
381
382 system("openssl2 req -config $OpenSSL_config -verify -in $CAreq2 -noout (CLIB_OPT)/>$outFile");
383 log_output( "openssl2 req -config $OpenSSL_config -verify -in $CAreq2 -noout", $outFile);
384
385 system("openssl2 verify -CAfile $CAcert $CAcert (CLIB_OPT)/>$outFile");
386 log_output("openssl2 verify -CAfile $CAcert $CAcert", $outFile);
387
388 system("openssl2 req -config $Uconf -out $Ureq -keyout $Ukey -new (CLIB_OPT)/>$outFile");
389 log_desc("Make another certificate request using req:");
390 log_output("openssl2 req -config $Uconf -out $Ureq -keyout $Ukey -new", $outFile);
391
392 system("openssl2 x509 -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial (CLIB_OPT)/>$outFile");
393 log_desc("Sign certificate request with the just created CA via x509:");
394 log_output("openssl2 x509 -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial", $outFile);
395
396 system("openssl2 verify -CAfile $CAcert $Ucert (CLIB_OPT)/>$outFile");
397 log_output("openssl2 verify -CAfile $CAcert $Ucert", $outFile);
398
399 system("openssl2 x509 -subject -issuer -startdate -enddate -noout -in $Ucert (CLIB_OPT)/>$outFile");
400 log_desc("Certificate details");
401 log_output("openssl2 x509 -subject -issuer -startdate -enddate -noout -in $Ucert", $outFile);
402
403 print(OUT "--\n");
404 print(OUT "The generated CA certificate is $CAcert\n");
405 print(OUT "The generated CA private key is $CAkey\n");
406 print(OUT "The current CA signing serial number is in $CAserial\n");
407
408 print(OUT "The generated user certificate is $Ucert\n");
409 print(OUT "The generated user private key is $Ukey\n");
410 print(OUT "--\n");
411 }
412
413 ############################################################################
414 sub evp_tests
415 {
416 my $i = 'evp_test';
417
418 print( "\nRUNNING EVP TESTS:\n\n");
419
420 print( OUT "\n========================================================\n");
421 print( OUT "EVP TESTS:\n\n");
422
423 if (-e "$base_path\\$i.nlm")
424 {
425 my $outFile = "$output_path\\$i.out";
426 system("$i $test_path\\evptests.txt (CLIB_OPT)/>$outFile");
427 log_desc("Test: $i\.nlm:");
428 log_output("", $outFile );
429 }
430 else
431 {
432 log_desc("Test: $i\.nlm: file not found");
433 }
434 }
435
436 ############################################################################
437 sub log_output( $ $ )
438 {
439 my( $desc, $file ) = @_;
440 my($error) = 0;
441 my($key);
442 my($msg);
443
444 if ($desc)
445 {
446 print("\r$desc\n");
447 print(OUT "$desc\n");
448 }
449
450 # loop waiting for test program to complete
451 while ( stat($file) == 0)
452 { print(". "); sleep(1); }
453
454
455 # copy test output to log file
456 open(IN, "<$file");
457 while (<IN>)
458 {
459 print(OUT $_);
460 if ( $_ =~ /ERROR/ )
461 {
462 $error = 1;
463 }
464 }
465 # close and delete the temporary test output file
466 close(IN);
467 unlink($file);
468
469 if ( $error == 0 )
470 {
471 $msg = "Test Succeeded";
472 }
473 else
474 {
475 $msg = "Test Failed";
476 }
477
478 print(OUT "$msg\n");
479
480 if ($pause)
481 {
482 print("$msg - press ENTER to continue...");
483 $key = getc;
484 print("\n");
485 }
486
487 # Several of the testing scripts run a loop loading the
488 # same NLM with different options.
489 # On slow NetWare machines there appears to be some delay in the
490 # OS actually unloading the test nlms and the OS complains about.
491 # the NLM already being loaded. This additional pause is to
492 # to help provide a little more time for unloading before trying to
493 # load again.
494 sleep(1);
495 }
496
497
498 ############################################################################
499 sub log_desc( $ )
500 {
501 my( $desc ) = @_;
502
503 print("\n");
504 print("$desc\n");
505
506 print(OUT "\n");
507 print(OUT "$desc\n");
508 print(OUT "======================================\n");
509 }
510
511 ############################################################################
512 sub compare_files( $ $ $ )
513 {
514 my( $file1, $file2, $binary ) = @_;
515 my( $n1, $n2, $b1, $b2 );
516 my($ret) = 1;
517
518 open(IN0, $file1) || die "\nunable to open $file1\n";
519 open(IN1, $file2) || die "\nunable to open $file2\n";
520
521 if ($binary)
522 {
523 binmode IN0;
524 binmode IN1;
525 }
526
527 for (;;)
528 {
529 $n1 = read(IN0, $b1, 512);
530 $n2 = read(IN1, $b2, 512);
531
532 if ($n1 != $n2) {last;}
533 if ($b1 != $b2) {last;}
534
535 if ($n1 == 0)
536 {
537 $ret = 0;
538 last;
539 }
540 }
541 close(IN0);
542 close(IN1);
543 return($ret);
544 }
545
546 ############################################################################
547 sub do_wait()
548 {
549 my($key);
550
551 if ($pause)
552 {
553 print("Press ENTER to continue...");
554 $key = getc;
555 print("\n");
556 }
557 }
558
559
560 ############################################################################
561 sub make_tmp_cert_file()
562 {
563 my @cert_files = <$cert_path/*.pem>;
564
565 # delete the file if it already exists
566 unlink($tmp_cert);
567
568 open( TMP_CERT, ">$tmp_cert") || die "\nunable to open $tmp_cert\n";
569
570 print("building temporary cert file\n");
571
572 # create a temporary cert file that contains all the certs
573 foreach $i (@cert_files)
574 {
575 open( IN_CERT, $i ) || die "\nunable to open $i\n";
576
577 for(;;)
578 {
579 $n = sysread(IN_CERT, $data, 1024);
580
581 if ($n == 0)
582 {
583 close(IN_CERT);
584 last;
585 };
586
587 syswrite(TMP_CERT, $data, $n);
588 }
589 }
590
591 close( TMP_CERT );
592 }
A mirror of the official openssl repository