abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-05-20 07:16:24 +08:00
Code Issues Packages Projects Releases Wiki Activity

first commit, SM2-DSA only

Browse Source
This commit is contained in:
Zhi Guan
2014-12-01 10:40:26 +08:00
commit 57954c4567
2230 changed files with 569407 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
test/CAss.cnf Normal file
View File

@@ -0,0 +1,76 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
RANDFILE = ./.rnd
####################################################################
[ req ]
default_bits = 512
default_keyfile = keySS.pem
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
default_md = sha1
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = AU
countryName_value = AU
organizationName = Organization Name (eg, company)
organizationName_value = Dodgy Brothers
commonName = Common Name (eg, YOUR name)
commonName_value = Dodgy CA
####################################################################
[ ca ]
default_ca = CA_default # The default ca section
####################################################################
[ CA_default ]
dir = ./demoCA # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file.
#unique_subject = no # Set to 'no' to allow creation of
# several ctificates with same subject.
new_certs_dir = $dir/newcerts # default place for new certs.
certificate = $dir/cacert.pem # The CA certificate
serial = $dir/serial # The current serial number
crl = $dir/crl.pem # The current CRL
private_key = $dir/private/cakey.pem# The private key
RANDFILE = $dir/private/.rand # private random number file
x509_extensions = v3_ca # The extentions to add to the cert
name_opt = ca_default # Subject Name options
cert_opt = ca_default # Certificate field options
default_days = 365 # how long to certify for
default_crl_days= 30 # how long before next CRL
default_md = md5 # which md to use.
preserve = no # keep passed DN ordering
policy = policy_anything
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
[ v3_ca ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
basicConstraints = CA:true,pathlen:1
keyUsage = cRLSign, keyCertSign
issuerAltName=issuer:copy

24
test/CAssdh.cnf Normal file
View File

@@ -0,0 +1,24 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
# hacked by iang to do DH certs - CA
RANDFILE = ./.rnd
####################################################################
[ req ]
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = CU
countryName_value = CU
organizationName = Organization Name (eg, company)
organizationName_value = La Junta de la Revolucion
commonName = Common Name (eg, YOUR name)
commonName_value = Junta

23
test/CAssdsa.cnf Normal file
View File

@@ -0,0 +1,23 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
# hacked by iang to do DSA certs - CA
RANDFILE = ./.rnd
####################################################################
[ req ]
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = ES
countryName_value = ES
organizationName = Organization Name (eg, company)
organizationName_value = Hermanos Locos
commonName = Common Name (eg, YOUR name)
commonName_value = Hermanos Locos CA

24
test/CAssrsa.cnf Normal file
View File

@@ -0,0 +1,24 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
# create RSA certs - CA
RANDFILE = ./.rnd
####################################################################
[ req ]
distinguished_name = req_distinguished_name
encrypt_key = no
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = ES
countryName_value = ES
organizationName = Organization Name (eg, company)
organizationName_value = Hermanos Locos
commonName = Common Name (eg, YOUR name)
commonName_value = Hermanos Locos CA

163
test/CAtsa.cnf Normal file
View File

@@ -0,0 +1,163 @@
#
# This config is used by the Time Stamp Authority tests.
#
RANDFILE = ./.rnd
# Extra OBJECT IDENTIFIER info:
oid_section = new_oids
TSDNSECT = ts_cert_dn
INDEX = 1
[ new_oids ]
# Policies used by the TSA tests.
tsa_policy1 = 1.2.3.4.1
tsa_policy2 = 1.2.3.4.5.6
tsa_policy3 = 1.2.3.4.5.7
#----------------------------------------------------------------------
[ ca ]
default_ca = CA_default # The default ca section
[ CA_default ]
dir = ./demoCA
certs = $dir/certs # Where the issued certs are kept
database = $dir/index.txt # database index file.
new_certs_dir = $dir/newcerts # default place for new certs.
certificate = $dir/cacert.pem # The CA certificate
serial = $dir/serial # The current serial number
private_key = $dir/private/cakey.pem# The private key
RANDFILE = $dir/private/.rand # private random number file
default_days = 365 # how long to certify for
default_md = sha1 # which md to use.
preserve = no # keep passed DN ordering
policy = policy_match
# For the CA policy
[ policy_match ]
countryName = supplied
stateOrProvinceName = supplied
organizationName = supplied
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
#----------------------------------------------------------------------
[ req ]
default_bits = 1024
default_md = sha1
distinguished_name = $ENV::TSDNSECT
encrypt_rsa_key = no
prompt = no
# attributes = req_attributes
x509_extensions = v3_ca # The extentions to add to the self signed cert
string_mask = nombstr
[ ts_ca_dn ]
countryName = HU
stateOrProvinceName = Budapest
localityName = Budapest
organizationName = Gov-CA Ltd.
commonName = ca1
[ ts_cert_dn ]
countryName = HU
stateOrProvinceName = Budapest
localityName = Buda
organizationName = Hun-TSA Ltd.
commonName = tsa$ENV::INDEX
[ tsa_cert ]
# TSA server cert is not a CA cert.
basicConstraints=CA:FALSE
# The following key usage flags are needed for TSA server certificates.
keyUsage = nonRepudiation, digitalSignature
extendedKeyUsage = critical,timeStamping
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
[ non_tsa_cert ]
# This is not a CA cert and not a TSA cert, either (timeStamping usage missing)
basicConstraints=CA:FALSE
# The following key usage flags are needed for TSA server certificates.
keyUsage = nonRepudiation, digitalSignature
# timeStamping is not supported by this certificate
# extendedKeyUsage = critical,timeStamping
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
[ v3_req ]
# Extensions to add to a certificate request
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature
[ v3_ca ]
# Extensions for a typical CA
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
basicConstraints = critical,CA:true
keyUsage = cRLSign, keyCertSign
#----------------------------------------------------------------------
[ tsa ]
default_tsa = tsa_config1 # the default TSA section
[ tsa_config1 ]
# These are used by the TSA reply generation only.
dir = . # TSA root directory
serial = $dir/tsa_serial # The current serial number (mandatory)
signer_cert = $dir/tsa_cert1.pem # The TSA signing certificate
# (optional)
certs = $dir/tsaca.pem # Certificate chain to include in reply
# (optional)
signer_key = $dir/tsa_key1.pem # The TSA private key (optional)
default_policy = tsa_policy1 # Policy if request did not specify it
# (optional)
other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional)
digests = md5, sha1 # Acceptable message digests (mandatory)
accuracy = secs:1, millisecs:500, microsecs:100 # (optional)
ordering = yes # Is ordering defined for timestamps?
# (optional, default: no)
tsa_name = yes # Must the TSA name be included in the reply?
# (optional, default: no)
ess_cert_id_chain = yes # Must the ESS cert id chain be included?
# (optional, default: no)
[ tsa_config2 ]
# This configuration uses a certificate which doesn't have timeStamping usage.
# These are used by the TSA reply generation only.
dir = . # TSA root directory
serial = $dir/tsa_serial # The current serial number (mandatory)
signer_cert = $dir/tsa_cert2.pem # The TSA signing certificate
# (optional)
certs = $dir/demoCA/cacert.pem# Certificate chain to include in reply
# (optional)
signer_key = $dir/tsa_key2.pem # The TSA private key (optional)
default_policy = tsa_policy1 # Policy if request did not specify it
# (optional)
other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional)
digests = md5, sha1 # Acceptable message digests (mandatory)

698
test/Makefile Normal file
View File

@@ -0,0 +1,698 @@
#
# test/Makefile
#
DIR= test
TOP= ..
CC= cc
INCLUDES= -I$(TOP) -I../include $(KRB5_INCLUDES)
CFLAG= -g
MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
PERL= perl
# KRB5 stuff
KRB5_INCLUDES=
LIBKRB5=
PEX_LIBS=
EX_LIBS= #-lnsl -lsocket
CFLAGS= $(INCLUDES) $(CFLAG)
GENERAL=Makefile maketests.com \
tests.com testenc.com tx509.com trsa.com tcrl.com tsid.com treq.com \
tpkcs7.com tpkcs7d.com tverify.com testgen.com testss.com testssl.com \
testca.com VMSca-response.1 VMSca-response.2
DLIBCRYPTO= ../libcrypto.a
DLIBSSL= ../libssl.a
LIBCRYPTO= -L.. -lcrypto
LIBSSL= -L.. -lssl
BNTEST= bntest
ECTEST= ectest
ECDSATEST= ecdsatest
ECDHTEST= ecdhtest
EXPTEST= exptest
IDEATEST= ideatest
SHATEST= shatest
SHA1TEST= sha1test
SHA256TEST= sha256t
SHA512TEST= sha512t
MDC2TEST= mdc2test
RMDTEST= rmdtest
MD2TEST= md2test
MD4TEST= md4test
MD5TEST= md5test
HMACTEST= hmactest
WPTEST= wp_test
RC2TEST= rc2test
RC4TEST= rc4test
RC5TEST= rc5test
BFTEST= bftest
CASTTEST= casttest
DESTEST= destest
RANDTEST= randtest
DHTEST= dhtest
DSATEST= dsatest
METHTEST= methtest
SSLTEST= ssltest
RSATEST= rsa_test
ENGINETEST= enginetest
EVPTEST= evp_test
IGETEST= igetest
JPAKETEST= jpaketest
ASN1TEST= asn1test
TESTS= alltests
EXE= $(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT) $(ECDSATEST)$(EXE_EXT) $(ECDHTEST)$(EXE_EXT) $(IDEATEST)$(EXE_EXT) \
$(MD2TEST)$(EXE_EXT) $(MD4TEST)$(EXE_EXT) $(MD5TEST)$(EXE_EXT) $(HMACTEST)$(EXE_EXT) $(WPTEST)$(EXE_EXT) \
$(RC2TEST)$(EXE_EXT) $(RC4TEST)$(EXE_EXT) $(RC5TEST)$(EXE_EXT) \
$(DESTEST)$(EXE_EXT) $(SHATEST)$(EXE_EXT) $(SHA1TEST)$(EXE_EXT) $(SHA256TEST)$(EXE_EXT) $(SHA512TEST)$(EXE_EXT) \
$(MDC2TEST)$(EXE_EXT) $(RMDTEST)$(EXE_EXT) \
$(RANDTEST)$(EXE_EXT) $(DHTEST)$(EXE_EXT) $(ENGINETEST)$(EXE_EXT) \
$(BFTEST)$(EXE_EXT) $(CASTTEST)$(EXE_EXT) $(SSLTEST)$(EXE_EXT) $(EXPTEST)$(EXE_EXT) $(DSATEST)$(EXE_EXT) $(RSATEST)$(EXE_EXT) \
$(EVPTEST)$(EXE_EXT) $(IGETEST)$(EXE_EXT) $(JPAKETEST)$(EXE_EXT) \
$(ASN1TEST)$(EXE_EXT)
# $(METHTEST)$(EXE_EXT)
OBJ= $(BNTEST).o $(ECTEST).o $(ECDSATEST).o $(ECDHTEST).o $(IDEATEST).o \
$(MD2TEST).o $(MD4TEST).o $(MD5TEST).o \
$(HMACTEST).o $(WPTEST).o \
$(RC2TEST).o $(RC4TEST).o $(RC5TEST).o \
$(DESTEST).o $(SHATEST).o $(SHA1TEST).o $(SHA256TEST).o $(SHA512TEST).o \
$(MDC2TEST).o $(RMDTEST).o \
$(RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \
$(BFTEST).o $(SSLTEST).o $(DSATEST).o $(EXPTEST).o $(RSATEST).o \
$(EVPTEST).o $(IGETEST).o $(JPAKETEST).o $(ASN1TEST).o
SRC= $(BNTEST).c $(ECTEST).c $(ECDSATEST).c $(ECDHTEST).c $(IDEATEST).c \
$(MD2TEST).c $(MD4TEST).c $(MD5TEST).c \
$(HMACTEST).c $(WPTEST).c \
$(RC2TEST).c $(RC4TEST).c $(RC5TEST).c \
$(DESTEST).c $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
$(RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \
$(BFTEST).c $(SSLTEST).c $(DSATEST).c $(EXPTEST).c $(RSATEST).c \
$(EVPTEST).c $(IGETEST).c $(JPAKETEST).c $(ASN1TEST).c
EXHEADER=
HEADER= $(EXHEADER)
ALL= $(GENERAL) $(SRC) $(HEADER)
top:
(cd ..; $(MAKE) DIRS=$(DIR) TESTS=$(TESTS) all)
all: exe
exe: $(EXE) dummytest$(EXE_EXT)
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
links:
generate: $(SRC)
$(SRC):
@sh $(TOP)/util/point.sh dummytest.c $@
errors:
install:
tags:
ctags $(SRC)
tests: exe apps $(TESTS)
apps:
@(cd ..; $(MAKE) DIRS=apps all)
alltests: \
test_des test_idea test_sha test_md4 test_md5 test_hmac \
test_md2 test_mdc2 test_wp \
test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_aes \
test_rand test_bn test_ec test_ecdsa test_ecdh \
test_enc test_x509 test_rsa test_crl test_sid \
test_gen test_req test_pkcs7 test_verify test_dh test_dsa \
test_ss test_ca test_engine test_evp test_ssl test_tsa test_ige \
test_jpake test_cms
test_evp:
../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt
test_des:
../util/shlib_wrap.sh ./$(DESTEST)
test_idea:
../util/shlib_wrap.sh ./$(IDEATEST)
test_sha:
../util/shlib_wrap.sh ./$(SHATEST)
../util/shlib_wrap.sh ./$(SHA1TEST)
../util/shlib_wrap.sh ./$(SHA256TEST)
../util/shlib_wrap.sh ./$(SHA512TEST)
test_mdc2:
../util/shlib_wrap.sh ./$(MDC2TEST)
test_md5:
../util/shlib_wrap.sh ./$(MD5TEST)
test_md4:
../util/shlib_wrap.sh ./$(MD4TEST)
test_hmac:
../util/shlib_wrap.sh ./$(HMACTEST)
test_wp:
../util/shlib_wrap.sh ./$(WPTEST)
test_md2:
../util/shlib_wrap.sh ./$(MD2TEST)
test_rmd:
../util/shlib_wrap.sh ./$(RMDTEST)
test_bf:
../util/shlib_wrap.sh ./$(BFTEST)
test_cast:
../util/shlib_wrap.sh ./$(CASTTEST)
test_rc2:
../util/shlib_wrap.sh ./$(RC2TEST)
test_rc4:
../util/shlib_wrap.sh ./$(RC4TEST)
test_rc5:
../util/shlib_wrap.sh ./$(RC5TEST)
test_rand:
../util/shlib_wrap.sh ./$(RANDTEST)
test_enc:
@sh ./testenc
test_x509:
echo test normal x509v1 certificate
sh ./tx509 2>/dev/null
echo test first x509v3 certificate
sh ./tx509 v3-cert1.pem 2>/dev/null
echo test second x509v3 certificate
sh ./tx509 v3-cert2.pem 2>/dev/null
test_rsa: $(RSATEST)$(EXE_EXT)
@sh ./trsa 2>/dev/null
../util/shlib_wrap.sh ./$(RSATEST)
test_crl:
@sh ./tcrl 2>/dev/null
test_sid:
@sh ./tsid 2>/dev/null
test_req:
@sh ./treq 2>/dev/null
@sh ./treq testreq2.pem 2>/dev/null
test_pkcs7:
@sh ./tpkcs7 2>/dev/null
@sh ./tpkcs7d 2>/dev/null
test_bn:
@echo starting big number library test, could take a while...
@../util/shlib_wrap.sh ./$(BNTEST) >tmp.bntest
@echo quit >>tmp.bntest
@echo "running bc"
@<tmp.bntest sh -c "`sh ./bctest ignore`" | $(PERL) -e '$$i=0; while (<STDIN>) {if (/^test (.*)/) {print STDERR "\nverify $$1";} elsif (!/^0$$/) {die "\nFailed! bc: $$_";} else {print STDERR "."; $$i++;}} print STDERR "\n$$i tests passed\n"'
@echo 'test a^b%c implementations'
../util/shlib_wrap.sh ./$(EXPTEST)
test_ec:
@echo 'test elliptic curves'
../util/shlib_wrap.sh ./$(ECTEST)
test_ecdsa:
@echo 'test ecdsa'
../util/shlib_wrap.sh ./$(ECDSATEST)
test_ecdh:
@echo 'test ecdh'
../util/shlib_wrap.sh ./$(ECDHTEST)
test_verify:
@echo "The following command should have some OK's and some failures"
@echo "There are definitly a few expired certificates"
../util/shlib_wrap.sh ../apps/openssl verify -CApath ../certs ../certs/*.pem
test_dh:
@echo "Generate a set of DH parameters"
../util/shlib_wrap.sh ./$(DHTEST)
test_dsa:
@echo "Generate a set of DSA parameters"
../util/shlib_wrap.sh ./$(DSATEST)
../util/shlib_wrap.sh ./$(DSATEST) -app2_1
test_gen:
@echo "Generate and verify a certificate request"
@sh ./testgen
test_ss keyU.ss certU.ss certCA.ss certP1.ss keyP1.ss certP2.ss keyP2.ss \
intP1.ss intP2.ss: testss
@echo "Generate and certify a test certificate"
@sh ./testss
@cat certCA.ss certU.ss > intP1.ss
@cat certCA.ss certU.ss certP1.ss > intP2.ss
test_engine:
@echo "Manipulate the ENGINE structures"
../util/shlib_wrap.sh ./$(ENGINETEST)
test_ssl: keyU.ss certU.ss certCA.ss certP1.ss keyP1.ss certP2.ss keyP2.ss \
intP1.ss intP2.ss
@echo "test SSL protocol"
../util/shlib_wrap.sh ./$(SSLTEST) -test_cipherlist
@sh ./testssl keyU.ss certU.ss certCA.ss
@sh ./testsslproxy keyP1.ss certP1.ss intP1.ss
@sh ./testsslproxy keyP2.ss certP2.ss intP2.ss
test_ca:
@if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then \
echo "skipping CA.sh test -- requires RSA"; \
else \
echo "Generate and certify a test certificate via the 'ca' program"; \
sh ./testca; \
fi
test_aes: #$(AESTEST)
# @echo "test Rijndael"
# ../util/shlib_wrap.sh ./$(AESTEST)
test_tsa:
@if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then \
echo "skipping testtsa test -- requires RSA"; \
else \
sh ./testtsa; \
fi
test_ige: $(IGETEST)$(EXE_EXT)
@echo "Test IGE mode"
../util/shlib_wrap.sh ./$(IGETEST)
test_jpake: $(JPAKETEST)$(EXE_EXT)
@echo "Test JPAKE"
../util/shlib_wrap.sh ./$(JPAKETEST)
test_cms:
@echo "CMS consistency test"
$(PERL) cms-test.pl
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
depend:
@if [ -z "$(THIS)" ]; then \
$(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
else \
$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC); \
fi
dclean:
$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
mv -f Makefile.new $(MAKEFILE)
rm -f $(SRC) $(SHA256TEST).c $(SHA512TEST).c evptests.txt newkey.pem testkey.pem \
testreq.pem
clean:
rm -f .rnd tmp.bntest tmp.bctest *.o *.obj *.dll lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss *.srl log dummytest
$(DLIBSSL):
(cd ..; $(MAKE) DIRS=ssl all)
$(DLIBCRYPTO):
(cd ..; $(MAKE) DIRS=crypto all)
BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
shlib_target="$(SHLIB_TARGET)"; \
fi; \
LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \
$(MAKE) -f $(TOP)/Makefile.shared -e \
APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
link_app.$${shlib_target}
$(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
@target=$(RSATEST); $(BUILD_CMD)
$(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO)
@target=$(BNTEST); $(BUILD_CMD)
$(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO)
@target=$(ECTEST); $(BUILD_CMD)
$(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO)
@target=$(EXPTEST); $(BUILD_CMD)
$(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO)
@target=$(IDEATEST); $(BUILD_CMD)
$(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO)
@target=$(MD2TEST); $(BUILD_CMD)
$(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO)
@target=$(SHATEST); $(BUILD_CMD)
$(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO)
@target=$(SHA1TEST); $(BUILD_CMD)
$(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO)
@target=$(SHA256TEST); $(BUILD_CMD)
$(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO)
@target=$(SHA512TEST); $(BUILD_CMD)
$(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
@target=$(RMDTEST); $(BUILD_CMD)
$(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO)
@target=$(MDC2TEST); $(BUILD_CMD)
$(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO)
@target=$(MD4TEST); $(BUILD_CMD)
$(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO)
@target=$(MD5TEST); $(BUILD_CMD)
$(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO)
@target=$(HMACTEST); $(BUILD_CMD)
$(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO)
@target=$(WPTEST); $(BUILD_CMD)
$(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO)
@target=$(RC2TEST); $(BUILD_CMD)
$(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO)
@target=$(BFTEST); $(BUILD_CMD)
$(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO)
@target=$(CASTTEST); $(BUILD_CMD)
$(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO)
@target=$(RC4TEST); $(BUILD_CMD)
$(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO)
@target=$(RC5TEST); $(BUILD_CMD)
$(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO)
@target=$(DESTEST); $(BUILD_CMD)
$(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO)
@target=$(RANDTEST); $(BUILD_CMD)
$(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO)
@target=$(DHTEST); $(BUILD_CMD)
$(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO)
@target=$(DSATEST); $(BUILD_CMD)
$(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO)
@target=$(METHTEST); $(BUILD_CMD)
$(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
@target=$(SSLTEST); $(BUILD_CMD)
$(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
@target=$(ENGINETEST); $(BUILD_CMD)
$(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO)
@target=$(EVPTEST); $(BUILD_CMD)
$(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO)
@target=$(ECDSATEST); $(BUILD_CMD)
$(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO)
@target=$(ECDHTEST); $(BUILD_CMD)
$(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO)
@target=$(IGETEST); $(BUILD_CMD)
$(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO)
@target=$(JPAKETEST); $(BUILD_CMD)
$(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO)
@target=$(ASN1TEST); $(BUILD_CMD)
#$(AESTEST).o: $(AESTEST).c
# $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
#$(AESTEST)$(EXE_EXT): $(AESTEST).o $(DLIBCRYPTO)
# if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
# $(CC) -o $(AESTEST)$(EXE_EXT) $(CFLAGS) $(AESTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
# else \
# $(CC) -o $(AESTEST)$(EXE_EXT) $(CFLAGS) $(AESTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
# fi
dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
@target=dummytest; $(BUILD_CMD)
# DO NOT DELETE THIS LINE -- make depend depends on it.
asn1test.o: ../include/openssl/asn1.h ../include/openssl/asn1_mac.h
asn1test.o: ../include/openssl/bio.h ../include/openssl/buffer.h
asn1test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
asn1test.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
asn1test.o: ../include/openssl/ecdsa.h ../include/openssl/evp.h
asn1test.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
asn1test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
asn1test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
asn1test.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
asn1test.o: ../include/openssl/sha.h ../include/openssl/stack.h
asn1test.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
asn1test.o: ../include/openssl/x509_vfy.h asn1test.c
bftest.o: ../e_os.h ../include/openssl/blowfish.h ../include/openssl/e_os2.h
bftest.o: ../include/openssl/opensslconf.h bftest.c
bntest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
bntest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
bntest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
bntest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
bntest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
bntest.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
bntest.o: ../include/openssl/evp.h ../include/openssl/lhash.h
bntest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
bntest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
bntest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
bntest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
bntest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
bntest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
bntest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h bntest.c
casttest.o: ../e_os.h ../include/openssl/cast.h ../include/openssl/e_os2.h
casttest.o: ../include/openssl/opensslconf.h casttest.c
destest.o: ../include/openssl/des.h ../include/openssl/des_old.h
destest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
destest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
destest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
destest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h destest.c
dhtest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
dhtest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
dhtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
dhtest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
dhtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
dhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h
dhtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h dhtest.c
dsatest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
dsatest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
dsatest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
dsatest.o: ../include/openssl/err.h ../include/openssl/lhash.h
dsatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
dsatest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
dsatest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
dsatest.o: ../include/openssl/symhacks.h dsatest.c
ecdhtest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
ecdhtest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
ecdhtest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
ecdhtest.o: ../include/openssl/ecdh.h ../include/openssl/err.h
ecdhtest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
ecdhtest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
ecdhtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
ecdhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h
ecdhtest.o: ../include/openssl/sha.h ../include/openssl/stack.h
ecdhtest.o: ../include/openssl/symhacks.h ecdhtest.c
ecdsatest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
ecdsatest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
ecdsatest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
ecdsatest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
ecdsatest.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
ecdsatest.o: ../include/openssl/err.h ../include/openssl/evp.h
ecdsatest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
ecdsatest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
ecdsatest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
ecdsatest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
ecdsatest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
ecdsatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
ecdsatest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
ecdsatest.o: ecdsatest.c
ectest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
ectest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
ectest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
ectest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
ectest.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
ectest.o: ../include/openssl/err.h ../include/openssl/evp.h
ectest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
ectest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
ectest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
ectest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
ectest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
ectest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
ectest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ectest.c
enginetest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
enginetest.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
enginetest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
enginetest.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
enginetest.o: ../include/openssl/engine.h ../include/openssl/err.h
enginetest.o: ../include/openssl/evp.h ../include/openssl/lhash.h
enginetest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
enginetest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
enginetest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
enginetest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
enginetest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
enginetest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
enginetest.o: enginetest.c
evp_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
evp_test.o: ../include/openssl/buffer.h ../include/openssl/conf.h
evp_test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
evp_test.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
evp_test.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
evp_test.o: ../include/openssl/err.h ../include/openssl/evp.h
evp_test.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
evp_test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
evp_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
evp_test.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
evp_test.o: ../include/openssl/sha.h ../include/openssl/stack.h
evp_test.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
evp_test.o: ../include/openssl/x509_vfy.h evp_test.c
exptest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
exptest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
exptest.o: ../include/openssl/err.h ../include/openssl/lhash.h
exptest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
exptest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
exptest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
exptest.o: ../include/openssl/symhacks.h exptest.c
hmactest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
hmactest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
hmactest.o: ../include/openssl/evp.h ../include/openssl/hmac.h
hmactest.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
hmactest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
hmactest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
hmactest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
hmactest.o: ../include/openssl/symhacks.h hmactest.c
ideatest.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/idea.h
ideatest.o: ../include/openssl/opensslconf.h ideatest.c
igetest.o: ../include/openssl/aes.h ../include/openssl/e_os2.h
igetest.o: ../include/openssl/opensslconf.h ../include/openssl/ossl_typ.h
igetest.o: ../include/openssl/rand.h igetest.c
jpaketest.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
jpaketest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
jpaketest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
jpaketest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
jpaketest.o: ../include/openssl/symhacks.h jpaketest.c
md2test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
md2test.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
md2test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
md2test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
md2test.o: ../include/openssl/symhacks.h md2test.c
md4test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
md4test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
md4test.o: ../include/openssl/evp.h ../include/openssl/md4.h
md4test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
md4test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
md4test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
md4test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h md4test.c
md5test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
md5test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
md5test.o: ../include/openssl/evp.h ../include/openssl/md5.h
md5test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
md5test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
md5test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
md5test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h md5test.c
mdc2test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
mdc2test.o: ../include/openssl/crypto.h ../include/openssl/des.h
mdc2test.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
mdc2test.o: ../include/openssl/evp.h ../include/openssl/mdc2.h
mdc2test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
mdc2test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
mdc2test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
mdc2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
mdc2test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h mdc2test.c
randtest.o: ../e_os.h ../include/openssl/e_os2.h
randtest.o: ../include/openssl/opensslconf.h ../include/openssl/ossl_typ.h
randtest.o: ../include/openssl/rand.h randtest.c
rc2test.o: ../e_os.h ../include/openssl/e_os2.h
rc2test.o: ../include/openssl/opensslconf.h ../include/openssl/rc2.h rc2test.c
rc4test.o: ../e_os.h ../include/openssl/e_os2.h
rc4test.o: ../include/openssl/opensslconf.h ../include/openssl/rc4.h
rc4test.o: ../include/openssl/sha.h rc4test.c
rc5test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
rc5test.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
rc5test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
rc5test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
rc5test.o: ../include/openssl/symhacks.h rc5test.c
rmdtest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
rmdtest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
rmdtest.o: ../include/openssl/evp.h ../include/openssl/obj_mac.h
rmdtest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
rmdtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
rmdtest.o: ../include/openssl/ripemd.h ../include/openssl/safestack.h
rmdtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h rmdtest.c
rsa_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
rsa_test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
rsa_test.o: ../include/openssl/e_os2.h ../include/openssl/err.h
rsa_test.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
rsa_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
rsa_test.o: ../include/openssl/rand.h ../include/openssl/rsa.h
rsa_test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
rsa_test.o: ../include/openssl/symhacks.h rsa_test.c
sha1test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
sha1test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
sha1test.o: ../include/openssl/evp.h ../include/openssl/obj_mac.h
sha1test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
sha1test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
sha1test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
sha1test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h sha1test.c
shatest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
shatest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
shatest.o: ../include/openssl/evp.h ../include/openssl/obj_mac.h
shatest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
shatest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
shatest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
shatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h shatest.c
ssltest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
ssltest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
ssltest.o: ../include/openssl/comp.h ../include/openssl/conf.h
ssltest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
ssltest.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
ssltest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
ssltest.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
ssltest.o: ../include/openssl/engine.h ../include/openssl/err.h
ssltest.o: ../include/openssl/evp.h ../include/openssl/hmac.h
ssltest.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
ssltest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
ssltest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
ssltest.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
ssltest.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
ssltest.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
ssltest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
ssltest.o: ../include/openssl/sha.h ../include/openssl/ssl.h
ssltest.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
ssltest.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
ssltest.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
ssltest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
ssltest.o: ../include/openssl/x509v3.h ssltest.c
wp_test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
wp_test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
wp_test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
wp_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
wp_test.o: ../include/openssl/whrlpool.h wp_test.c

37
test/P1ss.cnf Normal file
View File

@@ -0,0 +1,37 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
RANDFILE = ./.rnd
####################################################################
[ req ]
default_bits = 512
default_keyfile = keySS.pem
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
default_md = md2
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = AU
countryName_value = AU
organizationName = Organization Name (eg, company)
organizationName_value = Dodgy Brothers
0.commonName = Common Name (eg, YOUR name)
0.commonName_value = Brother 1
1.commonName = Common Name (eg, YOUR name)
1.commonName_value = Brother 2
2.commonName = Common Name (eg, YOUR name)
2.commonName_value = Proxy 1
[ v3_proxy ]
basicConstraints=CA:FALSE
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:1,policy:text:AB

45
test/P2ss.cnf Normal file
View File

@@ -0,0 +1,45 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
RANDFILE = ./.rnd
####################################################################
[ req ]
default_bits = 512
default_keyfile = keySS.pem
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
default_md = md2
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = AU
countryName_value = AU
organizationName = Organization Name (eg, company)
organizationName_value = Dodgy Brothers
0.commonName = Common Name (eg, YOUR name)
0.commonName_value = Brother 1
1.commonName = Common Name (eg, YOUR name)
1.commonName_value = Brother 2
2.commonName = Common Name (eg, YOUR name)
2.commonName_value = Proxy 1
3.commonName = Common Name (eg, YOUR name)
3.commonName_value = Proxy 2
[ v3_proxy ]
basicConstraints=CA:FALSE
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
proxyCertInfo=critical,@proxy_ext
[ proxy_ext ]
language=id-ppl-anyLanguage
pathlen=0
policy=text:BC

27
test/Sssdsa.cnf Normal file
View File

@@ -0,0 +1,27 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
# hacked by iang to do DSA certs - Server
RANDFILE = ./.rnd
####################################################################
[ req ]
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = ES
countryName_value = ES
organizationName = Organization Name (eg, company)
organizationName_value = Tortilleras S.A.
0.commonName = Common Name (eg, YOUR name)
0.commonName_value = Torti
1.commonName = Common Name (eg, YOUR name)
1.commonName_value = Gordita

26
test/Sssrsa.cnf Normal file
View File

@@ -0,0 +1,26 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
# create RSA certs - Server
RANDFILE = ./.rnd
####################################################################
[ req ]
distinguished_name = req_distinguished_name
encrypt_key = no
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = ES
countryName_value = ES
organizationName = Organization Name (eg, company)
organizationName_value = Tortilleras S.A.
0.commonName = Common Name (eg, YOUR name)
0.commonName_value = Torti
1.commonName = Common Name (eg, YOUR name)
1.commonName_value = Gordita

36
test/Uss.cnf Normal file
View File

@@ -0,0 +1,36 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
RANDFILE = ./.rnd
####################################################################
[ req ]
default_bits = 512
default_keyfile = keySS.pem
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
default_md = md2
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = AU
countryName_value = AU
organizationName = Organization Name (eg, company)
organizationName_value = Dodgy Brothers
0.commonName = Common Name (eg, YOUR name)
0.commonName_value = Brother 1
1.commonName = Common Name (eg, YOUR name)
1.commonName_value = Brother 2
[ v3_ee ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
basicConstraints = CA:false
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
issuerAltName=issuer:copy

1
test/VMSca-response.1 Normal file
View File

@@ -0,0 +1 @@

2
test/VMSca-response.2 Normal file
View File

@@ -0,0 +1,2 @@
y
y

22
test/asn1test.c Executable file
View File

@@ -0,0 +1,22 @@
#include <openssl/x509.h>
#include <openssl/asn1_mac.h>
typedef struct X
{
STACK_OF(X509_EXTENSION) *ext;
} X;
/* This isn't meant to run particularly, it's just to test type checking */
int main(int argc, char **argv)
{
X *x = NULL;
unsigned char **pp = NULL;
M_ASN1_I2D_vars(x);
M_ASN1_I2D_len_SEQUENCE_opt_type(X509_EXTENSION, x->ext,
i2d_X509_EXTENSION);
M_ASN1_I2D_seq_total();
M_ASN1_I2D_put_SEQUENCE_opt_type(X509_EXTENSION, x->ext,
i2d_X509_EXTENSION);
M_ASN1_I2D_finish();
}

111
test/bctest Executable file
View File

@@ -0,0 +1,111 @@
#!/bin/sh
# This script is used by test/Makefile.ssl to check whether a sane 'bc'
# is installed.
# ('make test_bn' should not try to run 'bc' if it does not exist or if
# it is a broken 'bc' version that is known to cause trouble.)
#
# If 'bc' works, we also test if it knows the 'print' command.
#
# In any case, output an appropriate command line for running (or not
# running) bc.
IFS=:
try_without_dir=true
# First we try "bc", then "$dir/bc" for each item in $PATH.
for dir in dummy:$PATH; do
if [ "$try_without_dir" = true ]; then
# first iteration
bc=bc
try_without_dir=false
else
# second and later iterations
bc="$dir/bc"
if [ ! -f "$bc" ]; then # '-x' is not available on Ultrix
bc=''
fi
fi
if [ ! "$bc" = '' ]; then
failure=none
# Test for SunOS 5.[78] bc bug
"$bc" >tmp.bctest <<\EOF
obase=16
ibase=16
a=AD88C418F31B3FC712D0425001D522B3AE9134FF3A98C13C1FCC1682211195406C1A6C66C6A\
CEEC1A0EC16950233F77F1C2F2363D56DD71A36C57E0B2511FC4BA8F22D261FE2E9356D99AF57\
10F3817C0E05BF79C423C3F66FDF321BE8D3F18F625D91B670931C1EF25F28E489BDA1C5422D1\
C3F6F7A1AD21585746ECC4F10A14A778AF56F08898E965E9909E965E0CB6F85B514150C644759\
3BE731877B16EA07B552088FF2EA728AC5E0FF3A23EB939304519AB8B60F2C33D6BA0945B66F0\
4FC3CADF855448B24A9D7640BCF473E
b=DCE91E7D120B983EA9A104B5A96D634DD644C37657B1C7860B45E6838999B3DCE5A555583C6\
9209E41F413422954175A06E67FFEF6746DD652F0F48AEFECC3D8CAC13523BDAAD3F5AF4212BD\
8B3CD64126E1A82E190228020C05B91C8B141F1110086FC2A4C6ED631EBA129D04BB9A19FC53D\
3ED0E2017D60A68775B75481449
(a/b)*b + (a%b) - a
EOF
if [ 0 != "`cat tmp.bctest`" ]; then
failure=SunOStest
fi
if [ "$failure" = none ]; then
# Test for SCO bc bug.
"$bc" >tmp.bctest <<\EOF
obase=16
ibase=16
-FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4AEC6F15AC177F176F2274D2\
9DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7F5ADFACEE54573F5D256A06\
11B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99FB9812A0E4A5773D8B254117\
1239157EC6E3D8D50199 * -FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4\
AEC6F15AC177F176F2274D29DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7\
F5ADFACEE54573F5D256A0611B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99F\
B9812A0E4A5773D8B2541171239157EC6E3D8D50199 - FFBACC221682DA464B6D7F123482522\
02EDAEDCA38C3B69E9B7BBCD6165A9CD8716C4903417F23C09A85B851961F92C217258CEEB866\
85EFCC5DD131853A02C07A873B8E2AF2E40C6D5ED598CD0E8F35AD49F3C3A17FDB7653E4E2DC4\
A8D23CC34686EE4AD01F7407A7CD74429AC6D36DBF0CB6A3E302D0E5BDFCD048A3B90C1BE5AA8\
E16C3D5884F9136B43FF7BB443764153D4AEC176C681B078F4CC53D6EB6AB76285537DDEE7C18\
8C72441B52EDBDDBC77E02D34E513F2AABF92F44109CAFE8242BD0ECBAC5604A94B02EA44D43C\
04E9476E6FBC48043916BFA1485C6093603600273C9C33F13114D78064AE42F3DC466C7DA543D\
89C8D71
AD534AFBED2FA39EE9F40E20FCF9E2C861024DB98DDCBA1CD118C49CA55EEBC20D6BA51B2271C\
928B693D6A73F67FEB1B4571448588B46194617D25D910C6A9A130CC963155CF34079CB218A44\
8A1F57E276D92A33386DDCA3D241DB78C8974ABD71DD05B0FA555709C9910D745185E6FE108E3\
37F1907D0C56F8BFBF52B9704 % -E557905B56B13441574CAFCE2BD257A750B1A8B2C88D0E36\
E18EF7C38DAC80D3948E17ED63AFF3B3467866E3B89D09A81B3D16B52F6A3C7134D3C6F5123E9\
F617E3145BBFBE9AFD0D6E437EA4FF6F04BC67C4F1458B4F0F47B64 - 1C2BBBB19B74E86FD32\
9E8DB6A8C3B1B9986D57ED5419C2E855F7D5469E35E76334BB42F4C43E3F3A31B9697C171DAC4\
D97935A7E1A14AD209D6CF811F55C6DB83AA9E6DFECFCD6669DED7171EE22A40C6181615CAF3F\
5296964
EOF
if [ "0
0" != "`cat tmp.bctest`" ]; then
failure=SCOtest
fi
fi
if [ "$failure" = none ]; then
# bc works; now check if it knows the 'print' command.
if [ "OK" = "`echo 'print \"OK\"' | $bc 2>/dev/null`" ]
then
echo "$bc"
else
echo "sed 's/print.*//' | $bc"
fi
exit 0
fi
echo "$bc does not work properly ('$failure' failed). Looking for another bc ..." >&2
fi
done
echo "No working bc found. Consider installing GNU bc." >&2
if [ "$1" = ignore ]; then
echo "cat >/dev/null"
exit 0
fi
exit 1

152
test/bctest.com Normal file
View File

@@ -0,0 +1,152 @@
$!
$! Check operation of "bc".
$!
$! 2010-04-05 SMS. New. Based (loosely) on "bctest".
$!
$!
$ tmp_file_name = "tmp.bctest"
$ failure = ""
$!
$! Basic command test.
$!
$ on warning then goto bc_fail
$ bc
$ on error then exit
$!
$! Test for SunOS 5.[78] bc bug.
$!
$ if (failure .eqs. "")
$ then
$!
$ define /user_mode sys$output 'tmp_file_name'
$ bc
obase=16
ibase=16
a=AD88C418F31B3FC712D0425001D522B3AE9134FF3A98C13C1FCC1682211195406C1A6C66C6A\
CEEC1A0EC16950233F77F1C2F2363D56DD71A36C57E0B2511FC4BA8F22D261FE2E9356D99AF57\
10F3817C0E05BF79C423C3F66FDF321BE8D3F18F625D91B670931C1EF25F28E489BDA1C5422D1\
C3F6F7A1AD21585746ECC4F10A14A778AF56F08898E965E9909E965E0CB6F85B514150C644759\
3BE731877B16EA07B552088FF2EA728AC5E0FF3A23EB939304519AB8B60F2C33D6BA0945B66F0\
4FC3CADF855448B24A9D7640BCF473E
b=DCE91E7D120B983EA9A104B5A96D634DD644C37657B1C7860B45E6838999B3DCE5A555583C6\
9209E41F413422954175A06E67FFEF6746DD652F0F48AEFECC3D8CAC13523BDAAD3F5AF4212BD\
8B3CD64126E1A82E190228020C05B91C8B141F1110086FC2A4C6ED631EBA129D04BB9A19FC53D\
3ED0E2017D60A68775B75481449
(a/b)*b + (a%b) - a
$ status = $status
$ output_expected = "0"
$ gosub check_output
$ if (output .ne. 1)
$ then
$ failure = "SunOStest"
$ else
$ delete 'f$parse( tmp_file_name)'
$ endif
$ endif
$!
$! Test for SCO bc bug.
$!
$ if (failure .eqs. "")
$ then
$!
$ define /user_mode sys$output 'tmp_file_name'
$ bc
obase=16
ibase=16
-FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4AEC6F15AC177F176F2274D2\
9DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7F5ADFACEE54573F5D256A06\
11B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99FB9812A0E4A5773D8B254117\
1239157EC6E3D8D50199 * -FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4\
AEC6F15AC177F176F2274D29DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7\
F5ADFACEE54573F5D256A0611B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99F\
B9812A0E4A5773D8B2541171239157EC6E3D8D50199 - FFBACC221682DA464B6D7F123482522\
02EDAEDCA38C3B69E9B7BBCD6165A9CD8716C4903417F23C09A85B851961F92C217258CEEB866\
85EFCC5DD131853A02C07A873B8E2AF2E40C6D5ED598CD0E8F35AD49F3C3A17FDB7653E4E2DC4\
A8D23CC34686EE4AD01F7407A7CD74429AC6D36DBF0CB6A3E302D0E5BDFCD048A3B90C1BE5AA8\
E16C3D5884F9136B43FF7BB443764153D4AEC176C681B078F4CC53D6EB6AB76285537DDEE7C18\
8C72441B52EDBDDBC77E02D34E513F2AABF92F44109CAFE8242BD0ECBAC5604A94B02EA44D43C\
04E9476E6FBC48043916BFA1485C6093603600273C9C33F13114D78064AE42F3DC466C7DA543D\
89C8D71
AD534AFBED2FA39EE9F40E20FCF9E2C861024DB98DDCBA1CD118C49CA55EEBC20D6BA51B2271C\
928B693D6A73F67FEB1B4571448588B46194617D25D910C6A9A130CC963155CF34079CB218A44\
8A1F57E276D92A33386DDCA3D241DB78C8974ABD71DD05B0FA555709C9910D745185E6FE108E3\
37F1907D0C56F8BFBF52B9704 % -E557905B56B13441574CAFCE2BD257A750B1A8B2C88D0E36\
E18EF7C38DAC80D3948E17ED63AFF3B3467866E3B89D09A81B3D16B52F6A3C7134D3C6F5123E9\
F617E3145BBFBE9AFD0D6E437EA4FF6F04BC67C4F1458B4F0F47B64 - 1C2BBBB19B74E86FD32\
9E8DB6A8C3B1B9986D57ED5419C2E855F7D5469E35E76334BB42F4C43E3F3A31B9697C171DAC4\
D97935A7E1A14AD209D6CF811F55C6DB83AA9E6DFECFCD6669DED7171EE22A40C6181615CAF3F\
5296964
$ status = $status
$ output_expected = "0\0"
$ gosub check_output
$ if (output .ne. 1)
$ then
$ failure = "SCOtest"
$ else
$ delete 'f$parse( tmp_file_name)'
$ endif
$ endif
$!
$! Test for working 'print' command.
$!
$ if (failure .eqs. "")
$ then
$!
$ define /user_mode sys$output 'tmp_file_name'
$ bc
print "OK"
$ status = $status
$ output_expected = "OK"
$ gosub check_output
$ if (output .ne. 1)
$ then
$ failure = "printtest"
$ else
$ delete 'f$parse( tmp_file_name)'
$ endif
$ endif
$!
$ if (failure .nes. "")
$ then
$ write sys$output -
"No working bc found. Consider installing GNU bc."
$ exit %X00030000 ! %DCL-W-NORMAL
$ endif
$!
$ exit
$!
$!
$! Complete "bc" command failure.
$!
$ bc_fail:
$ write sys$output -
"No ""bc"" program/symbol found. Consider installing GNU bc."
$ exit %X00030000 ! %DCL-W-NORMAL
$!
$!
$! Output check subroutine.
$!
$ check_output:
$ eof = 0
$ line_nr = 0
$ open /read tmp_file 'tmp_file_name'
$ c_o_loop:
$ read /error = error_read tmp_file line
$ goto ok_read
$ error_read:
$ eof = 1
$ ok_read:
$ line_expected = f$element( line_nr, "\", output_expected)
$ line_nr = line_nr+ 1
$ if ((line_expected .nes. "\") .and. (.not. eof) .and. -
(line_expected .eqs. line)) then goto c_o_loop
$!
$ if ((line_expected .eqs. "\") .and. eof)
$ then
$ output = 1
$ else
$ output = 0
$ endif
$ close tmp_file
$ return
$!

1
test/bftest.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/bf/bftest.c

1
test/bntest.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/bn/bntest.c

69
test/bntest.com Normal file
View File

@@ -0,0 +1,69 @@
$!
$! Analyze bntest output file.
$!
$! Exit status = 1 (success) if all tests passed,
$! 0 (warning) if any test failed.
$!
$! 2010-04-05 SMS. New. Based (loosely) on perl code in bntest-vms.sh.
$!
$! Expect data like:
$! test test_name1
$! 0
$! [...]
$! test test_name2
$! 0
$! [...]
$! [...]
$!
$! Some tests have no following "0" lines.
$!
$ result_file_name = f$edit( p1, "TRIM")
$ if (result_file_name .eqs. "")
$ then
$ result_file_name = "bntest-vms.out"
$ endif
$!
$ fail = 0
$ passed = 0
$ tests = 0
$!
$ on control_c then goto tidy
$ on error then goto tidy
$!
$ open /read result_file 'result_file_name'
$!
$ read_loop:
$ read /end = read_loop_end /error = tidy result_file line
$ t1 = f$element( 0, " ", line)
$ if (t1 .eqs. "test")
$ then
$ passed = passed+ 1
$ tests = tests+ 1
$ fail = 1
$ t2 = f$extract( 5, 1000, line)
$ write sys$output "verify ''t2'"
$ else
$ if (t1 .nes. "0")
$ then
$ write sys$output "Failed! bc: ''line'"
$ passed = passed- fail
$ fail = 0
$ endif
$ endif
$ goto read_loop
$ read_loop_end:
$ write sys$output "''passed'/''tests' tests passed"
$!
$ tidy:
$ if f$trnlnm( "result_file", "LNM$PROCESS_TABLE", , "SUPERVISOR", , "CONFINE")
$ then
$ close result_file
$ endif
$!
$ if ((tests .gt. 0) .and. (tests .eq. passed))
$ then
$ exit 1
$ else
$ exit 0
$ endif
$!

1
test/casttest.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/cast/casttest.c

409
test/cms-examples.pl Normal file
View File

@@ -0,0 +1,409 @@
# test/cms-examples.pl
# Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
# project.
#
# ====================================================================
# Copyright (c) 2008 The OpenSSL Project. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
#
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in
# the documentation and/or other materials provided with the
# distribution.
#
# 3. All advertising materials mentioning features or use of this
# software must display the following acknowledgment:
# "This product includes software developed by the OpenSSL Project
# for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
#
# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
# endorse or promote products derived from this software without
# prior written permission. For written permission, please contact
# licensing@OpenSSL.org.
#
# 5. Products derived from this software may not be called "OpenSSL"
# nor may "OpenSSL" appear in their names without prior written
# permission of the OpenSSL Project.
#
# 6. Redistributions of any form whatsoever must retain the following
# acknowledgment:
# "This product includes software developed by the OpenSSL Project
# for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
#
# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
# OF THE POSSIBILITY OF SUCH DAMAGE.
# ====================================================================
# Perl script to run tests against S/MIME examples in RFC4134
# Assumes RFC is in current directory and called "rfc4134.txt"
use MIME::Base64;
my $badttest = 0;
my $verbose = 1;
my $cmscmd;
my $exdir = "./";
my $exfile = "./rfc4134.txt";
if (-f "../apps/openssl")
{
$cmscmd = "../util/shlib_wrap.sh ../apps/openssl cms";
}
elsif (-f "..\\out32dll\\openssl.exe")
{
$cmscmd = "..\\out32dll\\openssl.exe cms";
}
elsif (-f "..\\out32\\openssl.exe")
{
$cmscmd = "..\\out32\\openssl.exe cms";
}
my @test_list = (
[ "3.1.bin" => "dataout" ],
[ "3.2.bin" => "encode, dataout" ],
[ "4.1.bin" => "encode, verifyder, cont, dss" ],
[ "4.2.bin" => "encode, verifyder, cont, rsa" ],
[ "4.3.bin" => "encode, verifyder, cont_extern, dss" ],
[ "4.4.bin" => "encode, verifyder, cont, dss" ],
[ "4.5.bin" => "verifyder, cont, rsa" ],
[ "4.6.bin" => "encode, verifyder, cont, dss" ],
[ "4.7.bin" => "encode, verifyder, cont, dss" ],
[ "4.8.eml" => "verifymime, dss" ],
[ "4.9.eml" => "verifymime, dss" ],
[ "4.10.bin" => "encode, verifyder, cont, dss" ],
[ "4.11.bin" => "encode, certsout" ],
[ "5.1.bin" => "encode, envelopeder, cont" ],
[ "5.2.bin" => "encode, envelopeder, cont" ],
[ "5.3.eml" => "envelopemime, cont" ],
[ "6.0.bin" => "encode, digest, cont" ],
[ "7.1.bin" => "encode, encrypted, cont" ],
[ "7.2.bin" => "encode, encrypted, cont" ]
);
# Extract examples from RFC4134 text.
# Base64 decode all examples, certificates and
# private keys are converted to PEM format.
my ( $filename, $data );
my @cleanup = ( "cms.out", "cms.err", "tmp.der", "tmp.txt" );
$data = "";
open( IN, $exfile ) || die "Can't Open RFC examples file $exfile";
while (<IN>) {
next unless (/^\|/);
s/^\|//;
next if (/^\*/);
if (/^>(.*)$/) {
$filename = $1;
next;
}
if (/^</) {
$filename = "$exdir/$filename";
if ( $filename =~ /\.bin$/ || $filename =~ /\.eml$/ ) {
$data = decode_base64($data);
open OUT, ">$filename";
binmode OUT;
print OUT $data;
close OUT;
push @cleanup, $filename;
}
elsif ( $filename =~ /\.cer$/ ) {
write_pem( $filename, "CERTIFICATE", $data );
}
elsif ( $filename =~ /\.pri$/ ) {
write_pem( $filename, "PRIVATE KEY", $data );
}
$data = "";
$filename = "";
}
else {
$data .= $_;
}
}
my $secretkey =
"73:7c:79:1f:25:ea:d0:e0:46:29:25:43:52:f7:dc:62:91:e5:cb:26:91:7a:da:32";
foreach (@test_list) {
my ( $file, $tlist ) = @$_;
print "Example file $file:\n";
if ( $tlist =~ /encode/ ) {
run_reencode_test( $exdir, $file );
}
if ( $tlist =~ /certsout/ ) {
run_certsout_test( $exdir, $file );
}
if ( $tlist =~ /dataout/ ) {
run_dataout_test( $exdir, $file );
}
if ( $tlist =~ /verify/ ) {
run_verify_test( $exdir, $tlist, $file );
}
if ( $tlist =~ /digest/ ) {
run_digest_test( $exdir, $tlist, $file );
}
if ( $tlist =~ /encrypted/ ) {
run_encrypted_test( $exdir, $tlist, $file, $secretkey );
}
if ( $tlist =~ /envelope/ ) {
run_envelope_test( $exdir, $tlist, $file );
}
}
foreach (@cleanup) {
unlink $_;
}
if ($badtest) {
print "\n$badtest TESTS FAILED!!\n";
}
else {
print "\n***All tests successful***\n";
}
sub write_pem {
my ( $filename, $str, $data ) = @_;
$filename =~ s/\.[^.]*$/.pem/;
push @cleanup, $filename;
open OUT, ">$filename";
print OUT "-----BEGIN $str-----\n";
print OUT $data;
print OUT "-----END $str-----\n";
close OUT;
}
sub run_reencode_test {
my ( $cmsdir, $tfile ) = @_;
unlink "tmp.der";
system( "$cmscmd -cmsout -inform DER -outform DER"
. " -in $cmsdir/$tfile -out tmp.der" );
if ($?) {
print "\tReencode command FAILED!!\n";
$badtest++;
}
elsif ( !cmp_files( "$cmsdir/$tfile", "tmp.der" ) ) {
print "\tReencode FAILED!!\n";
$badtest++;
}
else {
print "\tReencode passed\n" if $verbose;
}
}
sub run_certsout_test {
my ( $cmsdir, $tfile ) = @_;
unlink "tmp.der";
unlink "tmp.pem";
system( "$cmscmd -cmsout -inform DER -certsout tmp.pem"
. " -in $cmsdir/$tfile -out tmp.der" );
if ($?) {
print "\tCertificate output command FAILED!!\n";
$badtest++;
}
else {
print "\tCertificate output passed\n" if $verbose;
}
}
sub run_dataout_test {
my ( $cmsdir, $tfile ) = @_;
unlink "tmp.txt";
system(
"$cmscmd -data_out -inform DER" . " -in $cmsdir/$tfile -out tmp.txt" );
if ($?) {
print "\tDataout command FAILED!!\n";
$badtest++;
}
elsif ( !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) ) {
print "\tDataout compare FAILED!!\n";
$badtest++;
}
else {
print "\tDataout passed\n" if $verbose;
}
}
sub run_verify_test {
my ( $cmsdir, $tlist, $tfile ) = @_;
unlink "tmp.txt";
$form = "DER" if $tlist =~ /verifyder/;
$form = "SMIME" if $tlist =~ /verifymime/;
$cafile = "$cmsdir/CarlDSSSelf.pem" if $tlist =~ /dss/;
$cafile = "$cmsdir/CarlRSASelf.pem" if $tlist =~ /rsa/;
$cmd =
"$cmscmd -verify -inform $form"
. " -CAfile $cafile"
. " -in $cmsdir/$tfile -out tmp.txt";
$cmd .= " -content $cmsdir/ExContent.bin" if $tlist =~ /cont_extern/;
system("$cmd 2>cms.err 1>cms.out");
if ($?) {
print "\tVerify command FAILED!!\n";
$badtest++;
}
elsif ( $tlist =~ /cont/
&& !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
{
print "\tVerify content compare FAILED!!\n";
$badtest++;
}
else {
print "\tVerify passed\n" if $verbose;
}
}
sub run_envelope_test {
my ( $cmsdir, $tlist, $tfile ) = @_;
unlink "tmp.txt";
$form = "DER" if $tlist =~ /envelopeder/;
$form = "SMIME" if $tlist =~ /envelopemime/;
$cmd =
"$cmscmd -decrypt -inform $form"
. " -recip $cmsdir/BobRSASignByCarl.pem"
. " -inkey $cmsdir/BobPrivRSAEncrypt.pem"
. " -in $cmsdir/$tfile -out tmp.txt";
system("$cmd 2>cms.err 1>cms.out");
if ($?) {
print "\tDecrypt command FAILED!!\n";
$badtest++;
}
elsif ( $tlist =~ /cont/
&& !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
{
print "\tDecrypt content compare FAILED!!\n";
$badtest++;
}
else {
print "\tDecrypt passed\n" if $verbose;
}
}
sub run_digest_test {
my ( $cmsdir, $tlist, $tfile ) = @_;
unlink "tmp.txt";
my $cmd =
"$cmscmd -digest_verify -inform DER" . " -in $cmsdir/$tfile -out tmp.txt";
system("$cmd 2>cms.err 1>cms.out");
if ($?) {
print "\tDigest verify command FAILED!!\n";
$badtest++;
}
elsif ( $tlist =~ /cont/
&& !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
{
print "\tDigest verify content compare FAILED!!\n";
$badtest++;
}
else {
print "\tDigest verify passed\n" if $verbose;
}
}
sub run_encrypted_test {
my ( $cmsdir, $tlist, $tfile, $key ) = @_;
unlink "tmp.txt";
system( "$cmscmd -EncryptedData_decrypt -inform DER"
. " -secretkey $key"
. " -in $cmsdir/$tfile -out tmp.txt" );
if ($?) {
print "\tEncrypted Data command FAILED!!\n";
$badtest++;
}
elsif ( $tlist =~ /cont/
&& !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
{
print "\tEncrypted Data content compare FAILED!!\n";
$badtest++;
}
else {
print "\tEncryptedData verify passed\n" if $verbose;
}
}
sub cmp_files {
my ( $f1, $f2 ) = @_;
my ( $fp1, $fp2 );
my ( $rd1, $rd2 );
if ( !open( $fp1, "<$f1" ) ) {
print STDERR "Can't Open file $f1\n";
return 0;
}
if ( !open( $fp2, "<$f2" ) ) {
print STDERR "Can't Open file $f2\n";
return 0;
}
binmode $fp1;
binmode $fp2;
my $ret = 0;
for ( ; ; ) {
$n1 = sysread $fp1, $rd1, 4096;
$n2 = sysread $fp2, $rd2, 4096;
last if ( $n1 != $n2 );
last if ( $rd1 ne $rd2 );
if ( $n1 == 0 ) {
$ret = 1;
last;
}
}
close $fp1;
close $fp2;
return $ret;
}

457
test/cms-test.pl Normal file
View File

@@ -0,0 +1,457 @@
# test/cms-test.pl
# Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
# project.
#
# ====================================================================
# Copyright (c) 2008 The OpenSSL Project. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
#
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in
# the documentation and/or other materials provided with the
# distribution.
#
# 3. All advertising materials mentioning features or use of this
# software must display the following acknowledgment:
# "This product includes software developed by the OpenSSL Project
# for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
#
# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
# endorse or promote products derived from this software without
# prior written permission. For written permission, please contact
# licensing@OpenSSL.org.
#
# 5. Products derived from this software may not be called "OpenSSL"
# nor may "OpenSSL" appear in their names without prior written
# permission of the OpenSSL Project.
#
# 6. Redistributions of any form whatsoever must retain the following
# acknowledgment:
# "This product includes software developed by the OpenSSL Project
# for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
#
# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
# OF THE POSSIBILITY OF SUCH DAMAGE.
# ====================================================================
# CMS, PKCS7 consistency test script. Run extensive tests on
# OpenSSL PKCS#7 and CMS implementations.
my $ossl_path;
my $redir = " 2> cms.err > cms.out";
# Make VMS work
if ( $^O eq "VMS" && -f "$ENV{EXE_DIR}openssl.exe" ) {
$ossl_path = "pipe mcr $ENV{EXE_DIR}openssl.exe";
}
# Make MSYS work
elsif ( $^O eq "MSWin32" && -f "../apps/openssl.exe" ) {
$ossl_path = "cmd /c ..\\apps\\openssl";
}
elsif ( -f "../apps/openssl$ENV{EXE_EXT}" ) {
$ossl_path = "../util/shlib_wrap.sh ../apps/openssl";
}
elsif ( -f "..\\out32dll\\openssl.exe" ) {
$ossl_path = "..\\out32dll\\openssl.exe";
}
elsif ( -f "..\\out32\\openssl.exe" ) {
$ossl_path = "..\\out32\\openssl.exe";
}
else {
die "Can't find OpenSSL executable";
}
my $pk7cmd = "$ossl_path smime ";
my $cmscmd = "$ossl_path cms ";
my $smdir = "smime-certs";
my $halt_err = 1;
my $badcmd = 0;
my $ossl8 = `$ossl_path version -v` =~ /0\.9\.8/;
my @smime_pkcs7_tests = (
[
"signed content DER format, RSA key",
"-sign -in smcont.txt -outform \"DER\" -nodetach"
. " -certfile $smdir/smroot.pem"
. " -signer $smdir/smrsa1.pem -out test.cms",
"-verify -in test.cms -inform \"DER\" "
. " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"signed detached content DER format, RSA key",
"-sign -in smcont.txt -outform \"DER\""
. " -signer $smdir/smrsa1.pem -out test.cms",
"-verify -in test.cms -inform \"DER\" "
. " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt"
],
[
"signed content test streaming BER format, RSA",
"-sign -in smcont.txt -outform \"DER\" -nodetach"
. " -stream -signer $smdir/smrsa1.pem -out test.cms",
"-verify -in test.cms -inform \"DER\" "
. " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"signed content DER format, DSA key",
"-sign -in smcont.txt -outform \"DER\" -nodetach"
. " -signer $smdir/smdsa1.pem -out test.cms",
"-verify -in test.cms -inform \"DER\" "
. " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"signed detached content DER format, DSA key",
"-sign -in smcont.txt -outform \"DER\""
. " -signer $smdir/smdsa1.pem -out test.cms",
"-verify -in test.cms -inform \"DER\" "
. " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt"
],
[
"signed detached content DER format, add RSA signer",
"-resign -inform \"DER\" -in test.cms -outform \"DER\""
. " -signer $smdir/smrsa1.pem -out test2.cms",
"-verify -in test2.cms -inform \"DER\" "
. " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt"
],
[
"signed content test streaming BER format, DSA key",
"-sign -in smcont.txt -outform \"DER\" -nodetach"
. " -stream -signer $smdir/smdsa1.pem -out test.cms",
"-verify -in test.cms -inform \"DER\" "
. " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"signed content test streaming BER format, 2 DSA and 2 RSA keys",
"-sign -in smcont.txt -outform \"DER\" -nodetach"
. " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
. " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
. " -stream -out test.cms",
"-verify -in test.cms -inform \"DER\" "
. " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes",
"-sign -in smcont.txt -outform \"DER\" -noattr -nodetach"
. " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
. " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
. " -stream -out test.cms",
"-verify -in test.cms -inform \"DER\" "
. " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"signed content test streaming S/MIME format, 2 DSA and 2 RSA keys",
"-sign -in smcont.txt -nodetach"
. " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
. " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
. " -stream -out test.cms",
"-verify -in test.cms " . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"signed content test streaming multipart S/MIME format, 2 DSA and 2 RSA keys",
"-sign -in smcont.txt"
. " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
. " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
. " -stream -out test.cms",
"-verify -in test.cms " . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"enveloped content test streaming S/MIME format, 3 recipients",
"-encrypt -in smcont.txt"
. " -stream -out test.cms"
. " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
"-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt"
],
[
"enveloped content test streaming S/MIME format, 3 recipients, 3rd used",
"-encrypt -in smcont.txt"
. " -stream -out test.cms"
. " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
"-decrypt -recip $smdir/smrsa3.pem -in test.cms -out smtst.txt"
],
[
"enveloped content test streaming S/MIME format, 3 recipients, key only used",
"-encrypt -in smcont.txt"
. " -stream -out test.cms"
. " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
"-decrypt -inkey $smdir/smrsa3.pem -in test.cms -out smtst.txt"
],
[
"enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients",
"-encrypt -in smcont.txt"
. " -aes256 -stream -out test.cms"
. " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
"-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt"
],
);
my @smime_cms_tests = (
[
"signed content test streaming BER format, 2 DSA and 2 RSA keys, keyid",
"-sign -in smcont.txt -outform \"DER\" -nodetach -keyid"
. " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
. " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
. " -stream -out test.cms",
"-verify -in test.cms -inform \"DER\" "
. " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"signed content test streaming PEM format, 2 DSA and 2 RSA keys",
"-sign -in smcont.txt -outform PEM -nodetach"
. " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
. " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
. " -stream -out test.cms",
"-verify -in test.cms -inform PEM "
. " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"signed content MIME format, RSA key, signed receipt request",
"-sign -in smcont.txt -signer $smdir/smrsa1.pem -nodetach"
. " -receipt_request_to test\@openssl.org -receipt_request_all"
. " -out test.cms",
"-verify -in test.cms "
. " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"signed receipt MIME format, RSA key",
"-sign_receipt -in test.cms"
. " -signer $smdir/smrsa2.pem"
. " -out test2.cms",
"-verify_receipt test2.cms -in test.cms"
. " \"-CAfile\" $smdir/smroot.pem"
],
[
"enveloped content test streaming S/MIME format, 3 recipients, keyid",
"-encrypt -in smcont.txt"
. " -stream -out test.cms -keyid"
. " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
"-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt"
],
[
"enveloped content test streaming PEM format, KEK",
"-encrypt -in smcont.txt -outform PEM -aes128"
. " -stream -out test.cms "
. " -secretkey 000102030405060708090A0B0C0D0E0F "
. " -secretkeyid C0FEE0",
"-decrypt -in test.cms -out smtst.txt -inform PEM"
. " -secretkey 000102030405060708090A0B0C0D0E0F "
. " -secretkeyid C0FEE0"
],
[
"enveloped content test streaming PEM format, KEK, key only",
"-encrypt -in smcont.txt -outform PEM -aes128"
. " -stream -out test.cms "
. " -secretkey 000102030405060708090A0B0C0D0E0F "
. " -secretkeyid C0FEE0",
"-decrypt -in test.cms -out smtst.txt -inform PEM"
. " -secretkey 000102030405060708090A0B0C0D0E0F "
],
[
"data content test streaming PEM format",
"-data_create -in smcont.txt -outform PEM -nodetach"
. " -stream -out test.cms",
"-data_out -in test.cms -inform PEM -out smtst.txt"
],
[
"encrypted content test streaming PEM format, 128 bit RC2 key",
"\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
. " -rc2 -secretkey 000102030405060708090A0B0C0D0E0F"
. " -stream -out test.cms",
"\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
. " -secretkey 000102030405060708090A0B0C0D0E0F -out smtst.txt"
],
[
"encrypted content test streaming PEM format, 40 bit RC2 key",
"\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
. " -rc2 -secretkey 0001020304"
. " -stream -out test.cms",
"\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
. " -secretkey 0001020304 -out smtst.txt"
],
[
"encrypted content test streaming PEM format, triple DES key",
"\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
. " -des3 -secretkey 000102030405060708090A0B0C0D0E0F1011121314151617"
. " -stream -out test.cms",
"\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
. " -secretkey 000102030405060708090A0B0C0D0E0F1011121314151617"
. " -out smtst.txt"
],
[
"encrypted content test streaming PEM format, 128 bit AES key",
"\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
. " -aes128 -secretkey 000102030405060708090A0B0C0D0E0F"
. " -stream -out test.cms",
"\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
. " -secretkey 000102030405060708090A0B0C0D0E0F -out smtst.txt"
],
);
my @smime_cms_comp_tests = (
[
"compressed content test streaming PEM format",
"-compress -in smcont.txt -outform PEM -nodetach"
. " -stream -out test.cms",
"-uncompress -in test.cms -inform PEM -out smtst.txt"
]
);
print "CMS => PKCS#7 compatibility tests\n";
run_smime_tests( \$badcmd, \@smime_pkcs7_tests, $cmscmd, $pk7cmd );
print "CMS <= PKCS#7 compatibility tests\n";
run_smime_tests( \$badcmd, \@smime_pkcs7_tests, $pk7cmd, $cmscmd );
print "CMS <=> CMS consistency tests\n";
run_smime_tests( \$badcmd, \@smime_pkcs7_tests, $cmscmd, $cmscmd );
run_smime_tests( \$badcmd, \@smime_cms_tests, $cmscmd, $cmscmd );
if ( `$ossl_path version -f` =~ /ZLIB/ ) {
run_smime_tests( \$badcmd, \@smime_cms_comp_tests, $cmscmd, $cmscmd );
}
else {
print "Zlib not supported: compression tests skipped\n";
}
print "Running modified tests for OpenSSL 0.9.8 cms backport\n" if($ossl8);
if ($badcmd) {
print "$badcmd TESTS FAILED!!\n";
}
else {
print "ALL TESTS SUCCESSFUL.\n";
}
unlink "test.cms";
unlink "test2.cms";
unlink "smtst.txt";
unlink "cms.out";
unlink "cms.err";
sub run_smime_tests {
my ( $rv, $aref, $scmd, $vcmd ) = @_;
foreach $smtst (@$aref) {
my ( $tnam, $rscmd, $rvcmd ) = @$smtst;
if ($ossl8)
{
# Skip smime resign: 0.9.8 smime doesn't support -resign
next if ($scmd =~ /smime/ && $rscmd =~ /-resign/);
# Disable streaming: option not supported in 0.9.8
$tnam =~ s/streaming//;
$rscmd =~ s/-stream//;
$rvcmd =~ s/-stream//;
}
system("$scmd$rscmd$redir");
if ($?) {
print "$tnam: generation error\n";
$$rv++;
exit 1 if $halt_err;
next;
}
system("$vcmd$rvcmd$redir");
if ($?) {
print "$tnam: verify error\n";
$$rv++;
exit 1 if $halt_err;
next;
}
if (!cmp_files("smtst.txt", "smcont.txt")) {
print "$tnam: content verify error\n";
$$rv++;
exit 1 if $halt_err;
next;
}
print "$tnam: OK\n";
}
}
sub cmp_files {
my ( $f1, $f2 ) = @_;
my ( $fp1, $fp2 );
my ( $rd1, $rd2 );
if ( !open( $fp1, "<$f1" ) ) {
print STDERR "Can't Open file $f1\n";
return 0;
}
if ( !open( $fp2, "<$f2" ) ) {
print STDERR "Can't Open file $f2\n";
return 0;
}
binmode $fp1;
binmode $fp2;
my $ret = 0;
for ( ; ; ) {
$n1 = sysread $fp1, $rd1, 4096;
$n2 = sysread $fp2, $rd2, 4096;
last if ( $n1 != $n2 );
last if ( $rd1 ne $rd2 );
if ( $n1 == 0 ) {
$ret = 1;
last;
}
}
close $fp1;
close $fp2;
return $ret;
}

1
test/destest.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/des/destest.c

1
test/dhtest.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/dh/dhtest.c

1
test/dsatest.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/dsa/dsatest.c

48
test/dummytest.c Normal file
View File

@@ -0,0 +1,48 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#include <openssl/e_os2.h>
#include <openssl/buffer.h>
#include <openssl/crypto.h>
int main(int argc, char *argv[])
{
char *p, *q = 0, *program;
p = strrchr(argv[0], '/');
if (!p) p = strrchr(argv[0], '\\');
#ifdef OPENSSL_SYS_VMS
if (!p) p = strrchr(argv[0], ']');
if (p) q = strrchr(p, '>');
if (q) p = q;
if (!p) p = strrchr(argv[0], ':');
q = 0;
#endif
if (p) p++;
if (!p) p = argv[0];
if (p) q = strchr(p, '.');
if (p && !q) q = p + strlen(p);
if (!p)
program = BUF_strdup("(unknown)");
else
{
program = OPENSSL_malloc((q - p) + 1);
strncpy(program, p, q - p);
program[q - p] = '\0';
}
for(p = program; *p; p++)
if (islower((unsigned char)(*p)))
*p = toupper((unsigned char)(*p));
q = strstr(program, "TEST");
if (q > p && q[-1] == '_') q--;
*q = '\0';
printf("No %s support\n", program);
OPENSSL_free(program);
return(0);
}

1
test/ecdhtest.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/ecdh/ecdhtest.c

1
test/ecdsatest.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/ecdsa/ecdsatest.c

1
test/ectest.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/ec/ectest.c

1
test/enginetest.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/engine/enginetest.c

1
test/evp_test.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/evp/evp_test.c

321
test/evptests.txt Normal file
View File

@@ -0,0 +1,321 @@
#cipher:key:iv:plaintext:ciphertext:0/1(decrypt/encrypt)
#digest:::input:output
# SHA(1) tests (from shatest.c)
SHA1:::616263:a9993e364706816aba3e25717850c26c9cd0d89d
# MD5 tests (from md5test.c)
MD5::::d41d8cd98f00b204e9800998ecf8427e
MD5:::61:0cc175b9c0f1b6a831c399e269772661
MD5:::616263:900150983cd24fb0d6963f7d28e17f72
MD5:::6d65737361676520646967657374:f96b697d7cb7938d525a2f31aaf161d0
MD5:::6162636465666768696a6b6c6d6e6f707172737475767778797a:c3fcd3d76192e4007dfb496cca67e13b
MD5:::4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839:d174ab98d277d9f5a5611c2c9f419d9f
MD5:::3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930:57edf4a22be3c955ac49da2e2107b67a
# AES 128 ECB tests (from FIPS-197 test vectors, encrypt)
AES-128-ECB:000102030405060708090A0B0C0D0E0F::00112233445566778899AABBCCDDEEFF:69C4E0D86A7B0430D8CDB78070B4C55A:1
# AES 192 ECB tests (from FIPS-197 test vectors, encrypt)
AES-192-ECB:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF:DDA97CA4864CDFE06EAF70A0EC0D7191:1
# AES 256 ECB tests (from FIPS-197 test vectors, encrypt)
AES-256-ECB:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF:8EA2B7CA516745BFEAFC49904B496089:1
# AES 128 ECB tests (from NIST test vectors, encrypt)
#AES-128-ECB:00000000000000000000000000000000::00000000000000000000000000000000:C34C052CC0DA8D73451AFE5F03BE297F:1
# AES 128 ECB tests (from NIST test vectors, decrypt)
#AES-128-ECB:00000000000000000000000000000000::44416AC2D1F53C583303917E6BE9EBE0:00000000000000000000000000000000:0
# AES 192 ECB tests (from NIST test vectors, decrypt)
#AES-192-ECB:000000000000000000000000000000000000000000000000::48E31E9E256718F29229319C19F15BA4:00000000000000000000000000000000:0
# AES 256 ECB tests (from NIST test vectors, decrypt)
#AES-256-ECB:0000000000000000000000000000000000000000000000000000000000000000::058CCFFDBBCB382D1F6F56585D8A4ADE:00000000000000000000000000000000:0
# AES 128 CBC tests (from NIST test vectors, encrypt)
#AES-128-CBC:00000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:8A05FC5E095AF4848A08D328D3688E3D:1
# AES 192 CBC tests (from NIST test vectors, encrypt)
#AES-192-CBC:000000000000000000000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:7BD966D53AD8C1BB85D2ADFAE87BB104:1
# AES 256 CBC tests (from NIST test vectors, encrypt)
#AES-256-CBC:0000000000000000000000000000000000000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:FE3C53653E2F45B56FCD88B2CC898FF0:1
# AES 128 CBC tests (from NIST test vectors, decrypt)
#AES-128-CBC:00000000000000000000000000000000:00000000000000000000000000000000:FACA37E0B0C85373DF706E73F7C9AF86:00000000000000000000000000000000:0
# AES tests from NIST document SP800-38A
# For all ECB encrypts and decrypts, the transformed sequence is
# AES-bits-ECB:key::plaintext:ciphertext:encdec
# ECB-AES128.Encrypt and ECB-AES128.Decrypt
AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::6BC1BEE22E409F96E93D7E117393172A:3AD77BB40D7A3660A89ECAF32466EF97
AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::AE2D8A571E03AC9C9EB76FAC45AF8E51:F5D3D58503B9699DE785895A96FDBAAF
AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::30C81C46A35CE411E5FBC1191A0A52EF:43B1CD7F598ECE23881B00E3ED030688
AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::F69F2445DF4F9B17AD2B417BE66C3710:7B0C785E27E8AD3F8223207104725DD4
# ECB-AES192.Encrypt and ECB-AES192.Decrypt
AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::6BC1BEE22E409F96E93D7E117393172A:BD334F1D6E45F25FF712A214571FA5CC
AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::AE2D8A571E03AC9C9EB76FAC45AF8E51:974104846D0AD3AD7734ECB3ECEE4EEF
AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::30C81C46A35CE411E5FBC1191A0A52EF:EF7AFD2270E2E60ADCE0BA2FACE6444E
AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::F69F2445DF4F9B17AD2B417BE66C3710:9A4B41BA738D6C72FB16691603C18E0E
# ECB-AES256.Encrypt and ECB-AES256.Decrypt
AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::6BC1BEE22E409F96E93D7E117393172A:F3EED1BDB5D2A03C064B5A7E3DB181F8
AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::AE2D8A571E03AC9C9EB76FAC45AF8E51:591CCB10D410ED26DC5BA74A31362870
AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::30C81C46A35CE411E5FBC1191A0A52EF:B6ED21B99CA6F4F9F153E7B1BEAFED1D
AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::F69F2445DF4F9B17AD2B417BE66C3710:23304B7A39F9F3FF067D8D8F9E24ECC7
# For all CBC encrypts and decrypts, the transformed sequence is
# AES-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec
# CBC-AES128.Encrypt and CBC-AES128.Decrypt
AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:7649ABAC8119B246CEE98E9B12E9197D
AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:7649ABAC8119B246CEE98E9B12E9197D:AE2D8A571E03AC9C9EB76FAC45AF8E51:5086CB9B507219EE95DB113A917678B2
AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:5086CB9B507219EE95DB113A917678B2:30C81C46A35CE411E5FBC1191A0A52EF:73BED6B8E3C1743B7116E69E22229516
AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:73BED6B8E3C1743B7116E69E22229516:F69F2445DF4F9B17AD2B417BE66C3710:3FF1CAA1681FAC09120ECA307586E1A7
# CBC-AES192.Encrypt and CBC-AES192.Decrypt
AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:4F021DB243BC633D7178183A9FA071E8
AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:4F021DB243BC633D7178183A9FA071E8:AE2D8A571E03AC9C9EB76FAC45AF8E51:B4D9ADA9AD7DEDF4E5E738763F69145A
AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:B4D9ADA9AD7DEDF4E5E738763F69145A:30C81C46A35CE411E5FBC1191A0A52EF:571B242012FB7AE07FA9BAAC3DF102E0
AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:571B242012FB7AE07FA9BAAC3DF102E0:F69F2445DF4F9B17AD2B417BE66C3710:08B0E27988598881D920A9E64F5615CD
# CBC-AES256.Encrypt and CBC-AES256.Decrypt
AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:F58C4C04D6E5F1BA779EABFB5F7BFBD6
AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:F58C4C04D6E5F1BA779EABFB5F7BFBD6:AE2D8A571E03AC9C9EB76FAC45AF8E51:9CFC4E967EDB808D679F777BC6702C7D
AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:9CFC4E967EDB808D679F777BC6702C7D:30C81C46A35CE411E5FBC1191A0A52EF:39F23369A9D9BACFA530E26304231461
AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39F23369A9D9BACFA530E26304231461:F69F2445DF4F9B17AD2B417BE66C3710:B2EB05E2C39BE9FCDA6C19078C6A9D1B
# We don't support CFB{1,8}-AESxxx.{En,De}crypt
# For all CFB128 encrypts and decrypts, the transformed sequence is
# AES-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec
# CFB128-AES128.Encrypt
AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:1
AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:3B3FD92EB72DAD20333449F8E83CFB4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:C8A64537A0B3A93FCDE3CDAD9F1CE58B:1
AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:C8A64537A0B3A93FCDE3CDAD9F1CE58B:30C81C46A35CE411E5FBC1191A0A52EF:26751F67A3CBB140B1808CF187A4F4DF:1
AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:26751F67A3CBB140B1808CF187A4F4DF:F69F2445DF4F9B17AD2B417BE66C3710:C04B05357C5D1C0EEAC4C66F9FF7F2E6:1
# CFB128-AES128.Decrypt
AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:0
AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:3B3FD92EB72DAD20333449F8E83CFB4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:C8A64537A0B3A93FCDE3CDAD9F1CE58B:0
AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:C8A64537A0B3A93FCDE3CDAD9F1CE58B:30C81C46A35CE411E5FBC1191A0A52EF:26751F67A3CBB140B1808CF187A4F4DF:0
AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:26751F67A3CBB140B1808CF187A4F4DF:F69F2445DF4F9B17AD2B417BE66C3710:C04B05357C5D1C0EEAC4C66F9FF7F2E6:0
# CFB128-AES192.Encrypt
AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:1
AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:CDC80D6FDDF18CAB34C25909C99A4174:AE2D8A571E03AC9C9EB76FAC45AF8E51:67CE7F7F81173621961A2B70171D3D7A:1
AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:67CE7F7F81173621961A2B70171D3D7A:30C81C46A35CE411E5FBC1191A0A52EF:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:1
AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:F69F2445DF4F9B17AD2B417BE66C3710:C05F9F9CA9834FA042AE8FBA584B09FF:1
# CFB128-AES192.Decrypt
AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:0
AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:CDC80D6FDDF18CAB34C25909C99A4174:AE2D8A571E03AC9C9EB76FAC45AF8E51:67CE7F7F81173621961A2B70171D3D7A:0
AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:67CE7F7F81173621961A2B70171D3D7A:30C81C46A35CE411E5FBC1191A0A52EF:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:0
AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:F69F2445DF4F9B17AD2B417BE66C3710:C05F9F9CA9834FA042AE8FBA584B09FF:0
# CFB128-AES256.Encrypt
AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:1
AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DC7E84BFDA79164B7ECD8486985D3860:AE2D8A571E03AC9C9EB76FAC45AF8E51:39FFED143B28B1C832113C6331E5407B:1
AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39FFED143B28B1C832113C6331E5407B:30C81C46A35CE411E5FBC1191A0A52EF:DF10132415E54B92A13ED0A8267AE2F9:1
AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DF10132415E54B92A13ED0A8267AE2F9:F69F2445DF4F9B17AD2B417BE66C3710:75A385741AB9CEF82031623D55B1E471:1
# CFB128-AES256.Decrypt
AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:0
AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DC7E84BFDA79164B7ECD8486985D3860:AE2D8A571E03AC9C9EB76FAC45AF8E51:39FFED143B28B1C832113C6331E5407B:0
AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39FFED143B28B1C832113C6331E5407B:30C81C46A35CE411E5FBC1191A0A52EF:DF10132415E54B92A13ED0A8267AE2F9:0
AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DF10132415E54B92A13ED0A8267AE2F9:F69F2445DF4F9B17AD2B417BE66C3710:75A385741AB9CEF82031623D55B1E471:0
# For all OFB encrypts and decrypts, the transformed sequence is
# AES-bits-CFB:key:IV/output':plaintext:ciphertext:encdec
# OFB-AES128.Encrypt
AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:1
AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:7789508D16918F03F53C52DAC54ED825:1
AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:9740051E9C5FECF64344F7A82260EDCC:1
AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:304C6528F659C77866A510D9C1D6AE5E:1
# OFB-AES128.Decrypt
AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:0
AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:7789508D16918F03F53C52DAC54ED825:0
AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:9740051E9C5FECF64344F7A82260EDCC:0
AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:304C6528F659C77866A510D9C1D6AE5E:0
# OFB-AES192.Encrypt
AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:1
AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:FCC28B8D4C63837C09E81700C1100401:1
AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:8D9A9AEAC0F6596F559C6D4DAF59A5F2:1
AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:6D9F200857CA6C3E9CAC524BD9ACC92A:1
# OFB-AES192.Decrypt
AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:0
AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:FCC28B8D4C63837C09E81700C1100401:0
AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:8D9A9AEAC0F6596F559C6D4DAF59A5F2:0
AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:6D9F200857CA6C3E9CAC524BD9ACC92A:0
# OFB-AES256.Encrypt
AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:1
AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:4FEBDC6740D20B3AC88F6AD82A4FB08D:1
AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:71AB47A086E86EEDF39D1C5BBA97C408:1
AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0126141D67F37BE8538F5A8BE740E484:1
# OFB-AES256.Decrypt
AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:0
AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:4FEBDC6740D20B3AC88F6AD82A4FB08D:0
AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:71AB47A086E86EEDF39D1C5BBA97C408:0
AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0126141D67F37BE8538F5A8BE740E484:0
# DES ECB tests (from destest)
DES-ECB:0000000000000000::0000000000000000:8CA64DE9C1B123A7
DES-ECB:FFFFFFFFFFFFFFFF::FFFFFFFFFFFFFFFF:7359B2163E4EDC58
DES-ECB:3000000000000000::1000000000000001:958E6E627A05557B
DES-ECB:1111111111111111::1111111111111111:F40379AB9E0EC533
DES-ECB:0123456789ABCDEF::1111111111111111:17668DFC7292532D
DES-ECB:1111111111111111::0123456789ABCDEF:8A5AE1F81AB8F2DD
DES-ECB:FEDCBA9876543210::0123456789ABCDEF:ED39D950FA74BCC4
# DESX-CBC tests (from destest)
DESX-CBC:0123456789abcdeff1e0d3c2b5a49786fedcba9876543210:fedcba9876543210:37363534333231204E6F77206973207468652074696D6520666F722000000000:846B2914851E9A2954732F8AA0A611C115CDC2D7951B1053A63C5E03B21AA3C4
# DES EDE3 CBC tests (from destest)
DES-EDE3-CBC:0123456789abcdeff1e0d3c2b5a49786fedcba9876543210:fedcba9876543210:37363534333231204E6F77206973207468652074696D6520666F722000000000:3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675
# RC4 tests (from rc4test)
RC4:0123456789abcdef0123456789abcdef::0123456789abcdef:75b7878099e0c596
RC4:0123456789abcdef0123456789abcdef::0000000000000000:7494c2e7104b0879
RC4:00000000000000000000000000000000::0000000000000000:de188941a3375d3a
RC4:ef012345ef012345ef012345ef012345::0000000000000000000000000000000000000000:d6a141a7ec3c38dfbd615a1162e1c7ba36b67858
RC4:0123456789abcdef0123456789abcdef::123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345678:66a0949f8af7d6891f7f832ba833c00c892ebe30143ce28740011ecf
RC4:ef012345ef012345ef012345ef012345::00000000000000000000:d6a141a7ec3c38dfbd61
# Camellia tests from RFC3713
# For all ECB encrypts and decrypts, the transformed sequence is
# CAMELLIA-bits-ECB:key::plaintext:ciphertext:encdec
CAMELLIA-128-ECB:0123456789abcdeffedcba9876543210::0123456789abcdeffedcba9876543210:67673138549669730857065648eabe43
CAMELLIA-192-ECB:0123456789abcdeffedcba98765432100011223344556677::0123456789abcdeffedcba9876543210:b4993401b3e996f84ee5cee7d79b09b9
CAMELLIA-256-ECB:0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff::0123456789abcdeffedcba9876543210:9acc237dff16d76c20ef7c919e3a7509
# ECB-CAMELLIA128.Encrypt
CAMELLIA-128-ECB:000102030405060708090A0B0C0D0E0F::00112233445566778899AABBCCDDEEFF:77CF412067AF8270613529149919546F:1
CAMELLIA-192-ECB:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF:B22F3C36B72D31329EEE8ADDC2906C68:1
CAMELLIA-256-ECB:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF:2EDF1F3418D53B88841FC8985FB1ECF2:1
# ECB-CAMELLIA128.Encrypt and ECB-CAMELLIA128.Decrypt
CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::6BC1BEE22E409F96E93D7E117393172A:432FC5DCD628115B7C388D770B270C96
CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::AE2D8A571E03AC9C9EB76FAC45AF8E51:0BE1F14023782A22E8384C5ABB7FAB2B
CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::30C81C46A35CE411E5FBC1191A0A52EF:A0A1ABCD1893AB6FE0FE5B65DF5F8636
CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::F69F2445DF4F9B17AD2B417BE66C3710:E61925E0D5DFAA9BB29F815B3076E51A
# ECB-CAMELLIA192.Encrypt and ECB-CAMELLIA192.Decrypt
CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::6BC1BEE22E409F96E93D7E117393172A:CCCC6C4E138B45848514D48D0D3439D3
CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::AE2D8A571E03AC9C9EB76FAC45AF8E51:5713C62C14B2EC0F8393B6AFD6F5785A
CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::30C81C46A35CE411E5FBC1191A0A52EF:B40ED2B60EB54D09D030CF511FEEF366
CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::F69F2445DF4F9B17AD2B417BE66C3710:909DBD95799096748CB27357E73E1D26
# ECB-CAMELLIA256.Encrypt and ECB-CAMELLIA256.Decrypt
CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::6BC1BEE22E409F96E93D7E117393172A:BEFD219B112FA00098919CD101C9CCFA
CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::AE2D8A571E03AC9C9EB76FAC45AF8E51:C91D3A8F1AEA08A9386CF4B66C0169EA
CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::30C81C46A35CE411E5FBC1191A0A52EF:A623D711DC5F25A51BB8A80D56397D28
CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::F69F2445DF4F9B17AD2B417BE66C3710:7960109FB6DC42947FCFE59EA3C5EB6B
# For all CBC encrypts and decrypts, the transformed sequence is
# CAMELLIA-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec
# CBC-CAMELLIA128.Encrypt and CBC-CAMELLIA128.Decrypt
CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:1607CF494B36BBF00DAEB0B503C831AB
CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:1607CF494B36BBF00DAEB0B503C831AB:AE2D8A571E03AC9C9EB76FAC45AF8E51:A2F2CF671629EF7840C5A5DFB5074887
CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:A2F2CF671629EF7840C5A5DFB5074887:30C81C46A35CE411E5FBC1191A0A52EF:0F06165008CF8B8B5A63586362543E54
CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:36A84CDAFD5F9A85ADA0F0A993D6D577:F69F2445DF4F9B17AD2B417BE66C3710:74C64268CDB8B8FAF5B34E8AF3732980
# CBC-CAMELLIA192.Encrypt and CBC-CAMELLIA192.Decrypt
CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:2A4830AB5AC4A1A2405955FD2195CF93
CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:2A4830AB5AC4A1A2405955FD2195CF93:AE2D8A571E03AC9C9EB76FAC45AF8E51:5D5A869BD14CE54264F892A6DD2EC3D5
CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:5D5A869BD14CE54264F892A6DD2EC3D5:30C81C46A35CE411E5FBC1191A0A52EF:37D359C3349836D884E310ADDF68C449
CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:37D359C3349836D884E310ADDF68C449:F69F2445DF4F9B17AD2B417BE66C3710:01FAAA930B4AB9916E9668E1428C6B08
# CBC-CAMELLIA256.Encrypt and CBC-CAMELLIA256.Decrypt
CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:E6CFA35FC02B134A4D2C0B6737AC3EDA
CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E6CFA35FC02B134A4D2C0B6737AC3EDA:AE2D8A571E03AC9C9EB76FAC45AF8E51:36CBEB73BD504B4070B1B7DE2B21EB50
CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:36CBEB73BD504B4070B1B7DE2B21EB50:30C81C46A35CE411E5FBC1191A0A52EF:E31A6055297D96CA3330CDF1B1860A83
CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E31A6055297D96CA3330CDF1B1860A83:F69F2445DF4F9B17AD2B417BE66C3710:5D563F6D1CCCF236051C0C5C1C58F28F
# We don't support CFB{1,8}-CAMELLIAxxx.{En,De}crypt
# For all CFB128 encrypts and decrypts, the transformed sequence is
# CAMELLIA-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec
# CFB128-CAMELLIA128.Encrypt
CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:1
CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:14F7646187817EB586599146B82BD719:AE2D8A571E03AC9C9EB76FAC45AF8E51:A53D28BB82DF741103EA4F921A44880B:1
CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:A53D28BB82DF741103EA4F921A44880B:30C81C46A35CE411E5FBC1191A0A52EF:9C2157A664626D1DEF9EA420FDE69B96:1
CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:9C2157A664626D1DEF9EA420FDE69B96:F69F2445DF4F9B17AD2B417BE66C3710:742A25F0542340C7BAEF24CA8482BB09:1
# CFB128-CAMELLIA128.Decrypt
CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:0
CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:14F7646187817EB586599146B82BD719:AE2D8A571E03AC9C9EB76FAC45AF8E51:A53D28BB82DF741103EA4F921A44880B:0
CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:A53D28BB82DF741103EA4F921A44880B:30C81C46A35CE411E5FBC1191A0A52EF:9C2157A664626D1DEF9EA420FDE69B96:0
CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:9C2157A664626D1DEF9EA420FDE69B96:F69F2445DF4F9B17AD2B417BE66C3710:742A25F0542340C7BAEF24CA8482BB09:0
# CFB128-CAMELLIA192.Encrypt
CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:1
CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:C832BB9780677DAA82D9B6860DCD565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:86F8491627906D780C7A6D46EA331F98:1
CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:86F8491627906D780C7A6D46EA331F98:30C81C46A35CE411E5FBC1191A0A52EF:69511CCE594CF710CB98BB63D7221F01:1
CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:69511CCE594CF710CB98BB63D7221F01:F69F2445DF4F9B17AD2B417BE66C3710:D5B5378A3ABED55803F25565D8907B84:1
# CFB128-CAMELLIA192.Decrypt
CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:0
CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:C832BB9780677DAA82D9B6860DCD565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:86F8491627906D780C7A6D46EA331F98:0
CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:86F8491627906D780C7A6D46EA331F98:30C81C46A35CE411E5FBC1191A0A52EF:69511CCE594CF710CB98BB63D7221F01:0
CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:69511CCE594CF710CB98BB63D7221F01:F69F2445DF4F9B17AD2B417BE66C3710:D5B5378A3ABED55803F25565D8907B84:0
# CFB128-CAMELLIA256.Encrypt
CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:1
CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:CF6107BB0CEA7D7FB1BD31F5E7B06C93:AE2D8A571E03AC9C9EB76FAC45AF8E51:89BEDB4CCDD864EA11BA4CBE849B5E2B:1
CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:89BEDB4CCDD864EA11BA4CBE849B5E2B:30C81C46A35CE411E5FBC1191A0A52EF:555FC3F34BDD2D54C62D9E3BF338C1C4:1
CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:555FC3F34BDD2D54C62D9E3BF338C1C4:F69F2445DF4F9B17AD2B417BE66C3710:5953ADCE14DB8C7F39F1BD39F359BFFA:1
# CFB128-CAMELLIA256.Decrypt
CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:0
CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:CF6107BB0CEA7D7FB1BD31F5E7B06C93:AE2D8A571E03AC9C9EB76FAC45AF8E51:89BEDB4CCDD864EA11BA4CBE849B5E2B:0
CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:89BEDB4CCDD864EA11BA4CBE849B5E2B:30C81C46A35CE411E5FBC1191A0A52EF:555FC3F34BDD2D54C62D9E3BF338C1C4:0
CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:555FC3F34BDD2D54C62D9E3BF338C1C4:F69F2445DF4F9B17AD2B417BE66C3710:5953ADCE14DB8C7F39F1BD39F359BFFA:0
# For all OFB encrypts and decrypts, the transformed sequence is
# CAMELLIA-bits-OFB:key:IV/output':plaintext:ciphertext:encdec
# OFB-CAMELLIA128.Encrypt
CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:1
CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:25623DB569CA51E01482649977E28D84:1
CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:C776634A60729DC657D12B9FCA801E98:1
CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:D776379BE0E50825E681DA1A4C980E8E:1
# OFB-CAMELLIA128.Decrypt
CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:0
CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:25623DB569CA51E01482649977E28D84:0
CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:C776634A60729DC657D12B9FCA801E98:0
CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:D776379BE0E50825E681DA1A4C980E8E:0
# OFB-CAMELLIA192.Encrypt
CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:1
CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:8ECEB7D0350D72C7F78562AEBDF99339:1
CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:BDD62DBBB9700846C53B507F544696F0:1
CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:E28014E046B802F385C4C2E13EAD4A72:1
# OFB-CAMELLIA192.Decrypt
CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:0
CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:8ECEB7D0350D72C7F78562AEBDF99339:0
CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:BDD62DBBB9700846C53B507F544696F0:0
CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:E28014E046B802F385C4C2E13EAD4A72:0
# OFB-CAMELLIA256.Encrypt
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:1
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:127AD97E8E3994E4820027D7BA109368:1
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:6BFF6265A6A6B7A535BC65A80B17214E:1
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0A4A0404E26AA78A27CB271E8BF3CF20:1
# OFB-CAMELLIA256.Decrypt
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:0
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:127AD97E8E3994E4820027D7BA109368:0
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:6BFF6265A6A6B7A535BC65A80B17214E:0
CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0A4A0404E26AA78A27CB271E8BF3CF20:0
# SEED test vectors from RFC4269
SEED-ECB:00000000000000000000000000000000::000102030405060708090A0B0C0D0E0F:5EBAC6E0054E166819AFF1CC6D346CDB:0
SEED-ECB:000102030405060708090A0B0C0D0E0F::00000000000000000000000000000000:C11F22F20140505084483597E4370F43:0
SEED-ECB:4706480851E61BE85D74BFB3FD956185::83A2F8A288641FB9A4E9A5CC2F131C7D:EE54D13EBCAE706D226BC3142CD40D4A:0
SEED-ECB:28DBC3BC49FFD87DCFA509B11D422BE7::B41E6BE2EBA84A148E2EED84593C5EC7:9B9B7BFCD1813CB95D0B3618F40F5122:0
SEED-ECB:00000000000000000000000000000000::000102030405060708090A0B0C0D0E0F:5EBAC6E0054E166819AFF1CC6D346CDB:1
SEED-ECB:000102030405060708090A0B0C0D0E0F::00000000000000000000000000000000:C11F22F20140505084483597E4370F43:1
SEED-ECB:4706480851E61BE85D74BFB3FD956185::83A2F8A288641FB9A4E9A5CC2F131C7D:EE54D13EBCAE706D226BC3142CD40D4A:1
SEED-ECB:28DBC3BC49FFD87DCFA509B11D422BE7::B41E6BE2EBA84A148E2EED84593C5EC7:9B9B7BFCD1813CB95D0B3618F40F5122:1

1
test/exptest.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/bn/exptest.c

1
test/hmactest.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/hmac/hmactest.c

1
test/ideatest.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/idea/ideatest.c

503
test/igetest.c Normal file
View File

@@ -0,0 +1,503 @@
/* test/igetest.c -*- mode:C; c-file-style: "eay" -*- */
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#include <openssl/aes.h>
#include <openssl/rand.h>
#include <stdio.h>
#include <string.h>
#include <assert.h>
#define TEST_SIZE 128
#define BIG_TEST_SIZE 10240
static void hexdump(FILE *f,const char *title,const unsigned char *s,int l)
{
int n=0;
fprintf(f,"%s",title);
for( ; n < l ; ++n)
{
if((n%16) == 0)
fprintf(f,"\n%04x",n);
fprintf(f," %02x",s[n]);
}
fprintf(f,"\n");
}
#define MAX_VECTOR_SIZE 64
struct ige_test
{
const unsigned char key[16];
const unsigned char iv[32];
const unsigned char in[MAX_VECTOR_SIZE];
const unsigned char out[MAX_VECTOR_SIZE];
const size_t length;
const int encrypt;
};
static struct ige_test const ige_test_vectors[] = {
{ { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, /* key */
{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, /* iv */
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, /* in */
{ 0x1a, 0x85, 0x19, 0xa6, 0x55, 0x7b, 0xe6, 0x52,
0xe9, 0xda, 0x8e, 0x43, 0xda, 0x4e, 0xf4, 0x45,
0x3c, 0xf4, 0x56, 0xb4, 0xca, 0x48, 0x8a, 0xa3,
0x83, 0xc7, 0x9c, 0x98, 0xb3, 0x47, 0x97, 0xcb }, /* out */
32, AES_ENCRYPT }, /* test vector 0 */
{ { 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
0x61, 0x6e, 0x20, 0x69, 0x6d, 0x70, 0x6c, 0x65 }, /* key */
{ 0x6d, 0x65, 0x6e, 0x74, 0x61, 0x74, 0x69, 0x6f,
0x6e, 0x20, 0x6f, 0x66, 0x20, 0x49, 0x47, 0x45,
0x20, 0x6d, 0x6f, 0x64, 0x65, 0x20, 0x66, 0x6f,
0x72, 0x20, 0x4f, 0x70, 0x65, 0x6e, 0x53, 0x53 }, /* iv */
{ 0x4c, 0x2e, 0x20, 0x4c, 0x65, 0x74, 0x27, 0x73,
0x20, 0x68, 0x6f, 0x70, 0x65, 0x20, 0x42, 0x65,
0x6e, 0x20, 0x67, 0x6f, 0x74, 0x20, 0x69, 0x74,
0x20, 0x72, 0x69, 0x67, 0x68, 0x74, 0x21, 0x0a }, /* in */
{ 0x99, 0x70, 0x64, 0x87, 0xa1, 0xcd, 0xe6, 0x13,
0xbc, 0x6d, 0xe0, 0xb6, 0xf2, 0x4b, 0x1c, 0x7a,
0xa4, 0x48, 0xc8, 0xb9, 0xc3, 0x40, 0x3e, 0x34,
0x67, 0xa8, 0xca, 0xd8, 0x93, 0x40, 0xf5, 0x3b }, /* out */
32, AES_DECRYPT }, /* test vector 1 */
};
struct bi_ige_test
{
const unsigned char key1[32];
const unsigned char key2[32];
const unsigned char iv[64];
const unsigned char in[MAX_VECTOR_SIZE];
const unsigned char out[MAX_VECTOR_SIZE];
const size_t keysize;
const size_t length;
const int encrypt;
};
static struct bi_ige_test const bi_ige_test_vectors[] = {
{ { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, /* key1 */
{ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, /* key2 */
{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f }, /* iv */
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, /* in */
{ 0x14, 0x40, 0x6f, 0xae, 0xa2, 0x79, 0xf2, 0x56,
0x1f, 0x86, 0xeb, 0x3b, 0x7d, 0xff, 0x53, 0xdc,
0x4e, 0x27, 0x0c, 0x03, 0xde, 0x7c, 0xe5, 0x16,
0x6a, 0x9c, 0x20, 0x33, 0x9d, 0x33, 0xfe, 0x12 }, /* out */
16, 32, AES_ENCRYPT }, /* test vector 0 */
{ { 0x58, 0x0a, 0x06, 0xe9, 0x97, 0x07, 0x59, 0x5c,
0x9e, 0x19, 0xd2, 0xa7, 0xbb, 0x40, 0x2b, 0x7a,
0xc7, 0xd8, 0x11, 0x9e, 0x4c, 0x51, 0x35, 0x75,
0x64, 0x28, 0x0f, 0x23, 0xad, 0x74, 0xac, 0x37 }, /* key1 */
{ 0xd1, 0x80, 0xa0, 0x31, 0x47, 0xa3, 0x11, 0x13,
0x86, 0x26, 0x9e, 0x6d, 0xff, 0xaf, 0x72, 0x74,
0x5b, 0xa2, 0x35, 0x81, 0xd2, 0xa6, 0x3d, 0x21,
0x67, 0x7b, 0x58, 0xa8, 0x18, 0xf9, 0x72, 0xe4 }, /* key2 */
{ 0x80, 0x3d, 0xbd, 0x4c, 0xe6, 0x7b, 0x06, 0xa9,
0x53, 0x35, 0xd5, 0x7e, 0x71, 0xc1, 0x70, 0x70,
0x74, 0x9a, 0x00, 0x28, 0x0c, 0xbf, 0x6c, 0x42,
0x9b, 0xa4, 0xdd, 0x65, 0x11, 0x77, 0x7c, 0x67,
0xfe, 0x76, 0x0a, 0xf0, 0xd5, 0xc6, 0x6e, 0x6a,
0xe7, 0x5e, 0x4c, 0xf2, 0x7e, 0x9e, 0xf9, 0x20,
0x0e, 0x54, 0x6f, 0x2d, 0x8a, 0x8d, 0x7e, 0xbd,
0x48, 0x79, 0x37, 0x99, 0xff, 0x27, 0x93, 0xa3 }, /* iv */
{ 0xf1, 0x54, 0x3d, 0xca, 0xfe, 0xb5, 0xef, 0x1c,
0x4f, 0xa6, 0x43, 0xf6, 0xe6, 0x48, 0x57, 0xf0,
0xee, 0x15, 0x7f, 0xe3, 0xe7, 0x2f, 0xd0, 0x2f,
0x11, 0x95, 0x7a, 0x17, 0x00, 0xab, 0xa7, 0x0b,
0xbe, 0x44, 0x09, 0x9c, 0xcd, 0xac, 0xa8, 0x52,
0xa1, 0x8e, 0x7b, 0x75, 0xbc, 0xa4, 0x92, 0x5a,
0xab, 0x46, 0xd3, 0x3a, 0xa0, 0xd5, 0x35, 0x1c,
0x55, 0xa4, 0xb3, 0xa8, 0x40, 0x81, 0xa5, 0x0b}, /* in */
{ 0x42, 0xe5, 0x28, 0x30, 0x31, 0xc2, 0xa0, 0x23,
0x68, 0x49, 0x4e, 0xb3, 0x24, 0x59, 0x92, 0x79,
0xc1, 0xa5, 0xcc, 0xe6, 0x76, 0x53, 0xb1, 0xcf,
0x20, 0x86, 0x23, 0xe8, 0x72, 0x55, 0x99, 0x92,
0x0d, 0x16, 0x1c, 0x5a, 0x2f, 0xce, 0xcb, 0x51,
0xe2, 0x67, 0xfa, 0x10, 0xec, 0xcd, 0x3d, 0x67,
0xa5, 0xe6, 0xf7, 0x31, 0x26, 0xb0, 0x0d, 0x76,
0x5e, 0x28, 0xdc, 0x7f, 0x01, 0xc5, 0xa5, 0x4c}, /* out */
32, 64, AES_ENCRYPT }, /* test vector 1 */
};
static int run_test_vectors(void)
{
unsigned int n;
int errs = 0;
for(n=0 ; n < sizeof(ige_test_vectors)/sizeof(ige_test_vectors[0]) ; ++n)
{
const struct ige_test * const v = &ige_test_vectors[n];
AES_KEY key;
unsigned char buf[MAX_VECTOR_SIZE];
unsigned char iv[AES_BLOCK_SIZE*2];
assert(v->length <= MAX_VECTOR_SIZE);
if(v->encrypt == AES_ENCRYPT)
AES_set_encrypt_key(v->key, 8*sizeof v->key, &key);
else
AES_set_decrypt_key(v->key, 8*sizeof v->key, &key);
memcpy(iv, v->iv, sizeof iv);
AES_ige_encrypt(v->in, buf, v->length, &key, iv, v->encrypt);
if(memcmp(v->out, buf, v->length))
{
printf("IGE test vector %d failed\n", n);
hexdump(stdout, "key", v->key, sizeof v->key);
hexdump(stdout, "iv", v->iv, sizeof v->iv);
hexdump(stdout, "in", v->in, v->length);
hexdump(stdout, "expected", v->out, v->length);
hexdump(stdout, "got", buf, v->length);
++errs;
}
/* try with in == out */
memcpy(iv, v->iv, sizeof iv);
memcpy(buf, v->in, v->length);
AES_ige_encrypt(buf, buf, v->length, &key, iv, v->encrypt);
if(memcmp(v->out, buf, v->length))
{
printf("IGE test vector %d failed (with in == out)\n", n);
hexdump(stdout, "key", v->key, sizeof v->key);
hexdump(stdout, "iv", v->iv, sizeof v->iv);
hexdump(stdout, "in", v->in, v->length);
hexdump(stdout, "expected", v->out, v->length);
hexdump(stdout, "got", buf, v->length);
++errs;
}
}
for(n=0 ; n < sizeof(bi_ige_test_vectors)/sizeof(bi_ige_test_vectors[0])
; ++n)
{
const struct bi_ige_test * const v = &bi_ige_test_vectors[n];
AES_KEY key1;
AES_KEY key2;
unsigned char buf[MAX_VECTOR_SIZE];
assert(v->length <= MAX_VECTOR_SIZE);
if(v->encrypt == AES_ENCRYPT)
{
AES_set_encrypt_key(v->key1, 8*v->keysize, &key1);
AES_set_encrypt_key(v->key2, 8*v->keysize, &key2);
}
else
{
AES_set_decrypt_key(v->key1, 8*v->keysize, &key1);
AES_set_decrypt_key(v->key2, 8*v->keysize, &key2);
}
AES_bi_ige_encrypt(v->in, buf, v->length, &key1, &key2, v->iv,
v->encrypt);
if(memcmp(v->out, buf, v->length))
{
printf("Bidirectional IGE test vector %d failed\n", n);
hexdump(stdout, "key 1", v->key1, sizeof v->key1);
hexdump(stdout, "key 2", v->key2, sizeof v->key2);
hexdump(stdout, "iv", v->iv, sizeof v->iv);
hexdump(stdout, "in", v->in, v->length);
hexdump(stdout, "expected", v->out, v->length);
hexdump(stdout, "got", buf, v->length);
++errs;
}
}
return errs;
}
int main(int argc, char **argv)
{
unsigned char rkey[16];
unsigned char rkey2[16];
AES_KEY key;
AES_KEY key2;
unsigned char plaintext[BIG_TEST_SIZE];
unsigned char ciphertext[BIG_TEST_SIZE];
unsigned char checktext[BIG_TEST_SIZE];
unsigned char iv[AES_BLOCK_SIZE*4];
unsigned char saved_iv[AES_BLOCK_SIZE*4];
int err = 0;
unsigned int n;
unsigned matches;
assert(BIG_TEST_SIZE >= TEST_SIZE);
RAND_pseudo_bytes(rkey, sizeof rkey);
RAND_pseudo_bytes(plaintext, sizeof plaintext);
RAND_pseudo_bytes(iv, sizeof iv);
memcpy(saved_iv, iv, sizeof saved_iv);
/* Forward IGE only... */
/* Straight encrypt/decrypt */
AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE, &key, iv,
AES_ENCRYPT);
AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
memcpy(iv, saved_iv, sizeof iv);
AES_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, iv,
AES_DECRYPT);
if(memcmp(checktext, plaintext, TEST_SIZE))
{
printf("Encrypt+decrypt doesn't match\n");
hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
hexdump(stdout, "Checktext", checktext, TEST_SIZE);
++err;
}
/* Now check encrypt chaining works */
AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
memcpy(iv, saved_iv, sizeof iv);
AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE/2, &key, iv,
AES_ENCRYPT);
AES_ige_encrypt(plaintext+TEST_SIZE/2,
ciphertext+TEST_SIZE/2, TEST_SIZE/2,
&key, iv, AES_ENCRYPT);
AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
memcpy(iv, saved_iv, sizeof iv);
AES_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, iv,
AES_DECRYPT);
if(memcmp(checktext, plaintext, TEST_SIZE))
{
printf("Chained encrypt+decrypt doesn't match\n");
hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
hexdump(stdout, "Checktext", checktext, TEST_SIZE);
++err;
}
/* And check decrypt chaining */
AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
memcpy(iv, saved_iv, sizeof iv);
AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE/2, &key, iv,
AES_ENCRYPT);
AES_ige_encrypt(plaintext+TEST_SIZE/2,
ciphertext+TEST_SIZE/2, TEST_SIZE/2,
&key, iv, AES_ENCRYPT);
AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
memcpy(iv, saved_iv, sizeof iv);
AES_ige_encrypt(ciphertext, checktext, TEST_SIZE/2, &key, iv,
AES_DECRYPT);
AES_ige_encrypt(ciphertext+TEST_SIZE/2,
checktext+TEST_SIZE/2, TEST_SIZE/2, &key, iv,
AES_DECRYPT);
if(memcmp(checktext, plaintext, TEST_SIZE))
{
printf("Chained encrypt+chained decrypt doesn't match\n");
hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
hexdump(stdout, "Checktext", checktext, TEST_SIZE);
++err;
}
/* make sure garble extends forwards only */
AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
memcpy(iv, saved_iv, sizeof iv);
AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
AES_ENCRYPT);
/* corrupt halfway through */
++ciphertext[sizeof ciphertext/2];
AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
memcpy(iv, saved_iv, sizeof iv);
AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
AES_DECRYPT);
matches=0;
for(n=0 ; n < sizeof checktext ; ++n)
if(checktext[n] == plaintext[n])
++matches;
if(matches > sizeof checktext/2+sizeof checktext/100)
{
printf("More than 51%% matches after garbling\n");
++err;
}
if(matches < sizeof checktext/2)
{
printf("Garble extends backwards!\n");
++err;
}
/* Bi-directional IGE */
/* Note that we don't have to recover the IV, because chaining isn't */
/* possible with biIGE, so the IV is not updated. */
RAND_pseudo_bytes(rkey2, sizeof rkey2);
/* Straight encrypt/decrypt */
AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
AES_set_encrypt_key(rkey2, 8*sizeof rkey2, &key2);
AES_bi_ige_encrypt(plaintext, ciphertext, TEST_SIZE, &key, &key2, iv,
AES_ENCRYPT);
AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
AES_set_decrypt_key(rkey2, 8*sizeof rkey2, &key2);
AES_bi_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, &key2, iv,
AES_DECRYPT);
if(memcmp(checktext, plaintext, TEST_SIZE))
{
printf("Encrypt+decrypt doesn't match\n");
hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
hexdump(stdout, "Checktext", checktext, TEST_SIZE);
++err;
}
/* make sure garble extends both ways */
AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
AES_set_encrypt_key(rkey2, 8*sizeof rkey2, &key2);
AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
AES_ENCRYPT);
/* corrupt halfway through */
++ciphertext[sizeof ciphertext/2];
AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
AES_set_decrypt_key(rkey2, 8*sizeof rkey2, &key2);
AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
AES_DECRYPT);
matches=0;
for(n=0 ; n < sizeof checktext ; ++n)
if(checktext[n] == plaintext[n])
++matches;
if(matches > sizeof checktext/100)
{
printf("More than 1%% matches after bidirectional garbling\n");
++err;
}
/* make sure garble extends both ways (2) */
AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
AES_set_encrypt_key(rkey2, 8*sizeof rkey2, &key2);
AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
AES_ENCRYPT);
/* corrupt right at the end */
++ciphertext[sizeof ciphertext-1];
AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
AES_set_decrypt_key(rkey2, 8*sizeof rkey2, &key2);
AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
AES_DECRYPT);
matches=0;
for(n=0 ; n < sizeof checktext ; ++n)
if(checktext[n] == plaintext[n])
++matches;
if(matches > sizeof checktext/100)
{
printf("More than 1%% matches after bidirectional garbling (2)\n");
++err;
}
/* make sure garble extends both ways (3) */
AES_set_encrypt_key(rkey, 8*sizeof rkey, &key);
AES_set_encrypt_key(rkey2, 8*sizeof rkey2, &key2);
AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
AES_ENCRYPT);
/* corrupt right at the start */
++ciphertext[0];
AES_set_decrypt_key(rkey, 8*sizeof rkey, &key);
AES_set_decrypt_key(rkey2, 8*sizeof rkey2, &key2);
AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
AES_DECRYPT);
matches=0;
for(n=0 ; n < sizeof checktext ; ++n)
if(checktext[n] == plaintext[n])
++matches;
if(matches > sizeof checktext/100)
{
printf("More than 1%% matches after bidirectional garbling (3)\n");
++err;
}
err += run_test_vectors();
return err;
}

48
test/jpaketest.c Normal file
View File

@@ -0,0 +1,48 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#include <openssl/e_os2.h>
#include <openssl/buffer.h>
#include <openssl/crypto.h>
int main(int argc, char *argv[])
{
char *p, *q = 0, *program;
p = strrchr(argv[0], '/');
if (!p) p = strrchr(argv[0], '\\');
#ifdef OPENSSL_SYS_VMS
if (!p) p = strrchr(argv[0], ']');
if (p) q = strrchr(p, '>');
if (q) p = q;
if (!p) p = strrchr(argv[0], ':');
q = 0;
#endif
if (p) p++;
if (!p) p = argv[0];
if (p) q = strchr(p, '.');
if (p && !q) q = p + strlen(p);
if (!p)
program = BUF_strdup("(unknown)");
else
{
program = OPENSSL_malloc((q - p) + 1);
strncpy(program, p, q - p);
program[q - p] = '\0';
}
for(p = program; *p; p++)
if (islower((unsigned char)(*p)))
*p = toupper((unsigned char)(*p));
q = strstr(program, "TEST");
if (q > p && q[-1] == '_') q--;
*q = '\0';
printf("No %s support\n", program);
OPENSSL_free(program);
return(0);
}

986
test/maketests.com Normal file
View File

@@ -0,0 +1,986 @@
$!
$! MAKETESTS.COM
$! Written By: Robert Byer
$! Vice-President
$! A-Com Computing, Inc.
$! byer@mail.all-net.net
$!
$! Changes by Richard Levitte <richard@levitte.org>
$!
$! This command files compiles and creates all the various different
$! "test" programs for the different types of encryption for OpenSSL.
$! It was written so it would try to determine what "C" compiler to
$! use or you can specify which "C" compiler to use.
$!
$! The test "executables" will be placed in a directory called
$! [.xxx.EXE.TEST] where "xxx" denotes ALPHA, IA64, or VAX, depending
$! on your machine architecture.
$!
$! Specify DEBUG or NODEBUG P1 to compile with or without debugger
$! information.
$!
$! Specify which compiler at P2 to try to compile under.
$!
$! VAXC For VAX C.
$! DECC For DEC C.
$! GNUC For GNU C.
$!
$! If you don't speficy a compiler, it will try to determine which
$! "C" compiler to use.
$!
$! P3, if defined, sets a TCP/IP library to use, through one of the following
$! keywords:
$!
$! UCX for UCX
$! SOCKETSHR for SOCKETSHR+NETLIB
$!
$! P4, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
$!
$! For 64 bit architectures (Alpha and IA64), specify the pointer size as P5.
$! For 32 bit architectures (VAX), P5 is ignored.
$! Currently supported values are:
$!
$! 32 To ge a library compiled with /POINTER_SIZE=32
$! 64 To ge a library compiled with /POINTER_SIZE=64
$!
$!
$! Define A TCP/IP Library That We Will Need To Link To.
$! (That is, If Wee Need To Link To One.)
$!
$ TCPIP_LIB = ""
$!
$! Check Which Architecture We Are Using.
$!
$ if (f$getsyi( "HW_MODEL") .lt. 1024)
$ then
$ arch = "VAX"
$ else
$ arch = ""
$ arch = arch+ f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
$ if (arch .eqs. "") then arch = "UNK"
$ endif
$!
$! Define The OBJ and EXE Directories (EXE before CHECK_OPTIONS).
$!
$ OBJ_DIR := SYS$DISK:[-.'ARCH'.OBJ.TEST]
$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.TEST]
$!
$! Check To Make Sure We Have Valid Command Line Parameters.
$!
$ GOSUB CHECK_OPTIONS
$!
$! Initialise logical names and such
$!
$ GOSUB INITIALISE
$!
$! Tell The User What Kind of Machine We Run On.
$!
$ WRITE SYS$OUTPUT "Compiling On ''ARCH'."
$!
$! Define The CRYPTO-LIB We Are To Use.
$!
$ CRYPTO_LIB := SYS$DISK:[-.'ARCH'.EXE.CRYPTO]LIBCRYPTO'LIB32'.OLB
$!
$! Define The SSL We Are To Use.
$!
$ SSL_LIB := SYS$DISK:[-.'ARCH'.EXE.SSL]LIBSSL'LIB32'.OLB
$!
$! Create the OBJ and EXE Directories, if needed.
$!
$ IF (F$PARSE(OBJ_DIR).EQS."") THEN -
CREATE /DIRECTORY 'OBJ_DIR'
$ IF (F$PARSE(EXE_DIR).EQS."") THEN -
CREATE /DIRECTORY 'EXE_DIR'
$!
$! Check To See If We Have The Proper Libraries.
$!
$ GOSUB LIB_CHECK
$!
$! Check To See If We Have A Linker Option File.
$!
$ GOSUB CHECK_OPT_FILE
$!
$! Define The TEST Files.
$! NOTE: Some might think this list ugly. However, it's made this way to
$! reflect the EXE variable in Makefile as closely as possible,
$! thereby making it fairly easy to verify that the lists are the same.
$!
$ TEST_FILES = "BNTEST,ECTEST,ECDSATEST,ECDHTEST,IDEATEST,"+ -
"MD2TEST,MD4TEST,MD5TEST,HMACTEST,WP_TEST,"+ -
"RC2TEST,RC4TEST,RC5TEST,"+ -
"DESTEST,SHATEST,SHA1TEST,SHA256T,SHA512T,"+ -
"MDC2TEST,RMDTEST,"+ -
"RANDTEST,DHTEST,ENGINETEST,"+ -
"BFTEST,CASTTEST,SSLTEST,EXPTEST,DSATEST,RSA_TEST,"+ -
"EVP_TEST,IGETEST,JPAKETEST,ASN1TEST"
$! Should we add MTTEST,PQ_TEST,LH_TEST,DIVTEST,TABTEST as well?
$!
$! Additional directory information.
$ T_D_BNTEST := [-.crypto.bn]
$ T_D_ECTEST := [-.crypto.ec]
$ T_D_ECDSATEST := [-.crypto.ecdsa]
$ T_D_ECDHTEST := [-.crypto.ecdh]
$ T_D_IDEATEST := [-.crypto.idea]
$ T_D_MD2TEST := [-.crypto.md2]
$ T_D_MD4TEST := [-.crypto.md4]
$ T_D_MD5TEST := [-.crypto.md5]
$ T_D_HMACTEST := [-.crypto.hmac]
$ T_D_WP_TEST := [-.crypto.whrlpool]
$ T_D_RC2TEST := [-.crypto.rc2]
$ T_D_RC4TEST := [-.crypto.rc4]
$ T_D_RC5TEST := [-.crypto.rc5]
$ T_D_DESTEST := [-.crypto.des]
$ T_D_SHATEST := [-.crypto.sha]
$ T_D_SHA1TEST := [-.crypto.sha]
$ T_D_SHA256T := [-.crypto.sha]
$ T_D_SHA512T := [-.crypto.sha]
$ T_D_MDC2TEST := [-.crypto.mdc2]
$ T_D_RMDTEST := [-.crypto.ripemd]
$ T_D_RANDTEST := [-.crypto.rand]
$ T_D_DHTEST := [-.crypto.dh]
$ T_D_ENGINETEST := [-.crypto.engine]
$ T_D_BFTEST := [-.crypto.bf]
$ T_D_CASTTEST := [-.crypto.cast]
$ T_D_SSLTEST := [-.ssl]
$ T_D_EXPTEST := [-.crypto.bn]
$ T_D_DSATEST := [-.crypto.dsa]
$ T_D_RSA_TEST := [-.crypto.rsa]
$ T_D_EVP_TEST := [-.crypto.evp]
$ T_D_IGETEST := [-.test]
$ T_D_JPAKETEST := [-.crypto.jpake]
$ T_D_ASN1TEST := [-.test]
$!
$ TCPIP_PROGRAMS = ",,"
$ IF COMPILER .EQS. "VAXC" THEN -
TCPIP_PROGRAMS = ",SSLTEST,"
$!
$! Define A File Counter And Set It To "0".
$!
$ FILE_COUNTER = 0
$!
$! Top Of The File Loop.
$!
$ NEXT_FILE:
$!
$! O.K, Extract The File Name From The File List.
$!
$ FILE_NAME = F$ELEMENT(FILE_COUNTER,",",TEST_FILES)
$!
$! Check To See If We Are At The End Of The File List.
$!
$ IF (FILE_NAME.EQS.",") THEN GOTO FILE_DONE
$!
$! Increment The Counter.
$!
$ FILE_COUNTER = FILE_COUNTER + 1
$!
$! Create The Source File Name.
$!
$ SOURCE_FILE = "SYS$DISK:" + T_D_'FILE_NAME' + FILE_NAME + ".C"
$!
$! Create The Object File Name.
$!
$ OBJECT_FILE = OBJ_DIR + FILE_NAME + ".OBJ"
$!
$! Create The Executable File Name.
$!
$ EXE_FILE = EXE_DIR + FILE_NAME + ".EXE"
$ ON WARNING THEN GOTO NEXT_FILE
$!
$! Check To See If The File We Want To Compile Actually Exists.
$!
$ IF (F$SEARCH(SOURCE_FILE).EQS."")
$ THEN
$!
$! Tell The User That The File Dosen't Exist.
$!
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "The File ",SOURCE_FILE," Dosen't Exist."
$ WRITE SYS$OUTPUT ""
$!
$! Exit The Build.
$!
$ GOTO EXIT
$ ENDIF
$!
$! Tell The User What We Are Building.
$!
$ WRITE SYS$OUTPUT "Building The ",FILE_NAME," Test Program."
$!
$! Compile The File.
$!
$ ON ERROR THEN GOTO NEXT_FILE
$ CC /OBJECT='OBJECT_FILE' 'SOURCE_FILE'
$ ON WARNING THEN GOTO NEXT_FILE
$!
$! Check If What We Are About To Compile Works Without A TCP/IP Library.
$!
$ IF ((TCPIP_LIB.EQS."").AND.((TCPIP_PROGRAMS-FILE_NAME).NES.TCPIP_PROGRAMS))
$ THEN
$!
$! Inform The User That A TCP/IP Library Is Needed To Compile This Program.
$!
$ WRITE SYS$OUTPUT -
FILE_NAME," Needs A TCP/IP Library. Can't Link. Skipping..."
$ GOTO NEXT_FILE
$!
$! End The TCP/IP Library Check.
$!
$ ENDIF
$!
$! Link The Program, Check To See If We Need To Link With RSAREF Or Not.
$! Check To See If We Are To Link With A Specific TCP/IP Library.
$!
$ IF (TCPIP_LIB.NES."")
$ THEN
$!
$! Don't Link With The RSAREF Routines And TCP/IP Library.
$!
$ LINK /'DEBUGGER' /'TRACEBACK' /EXECTABLE = 'EXE_FILE' -
'OBJECT_FILE', -
'SSL_LIB' /LIBRARY, -
'CRYPTO_LIB' /LIBRARY, -
'TCPIP_LIB', -
'OPT_FILE' /OPTIONS
$!
$! Else...
$!
$ ELSE
$!
$! Don't Link With The RSAREF Routines And Link With A TCP/IP Library.
$!
$ LINK /'DEBUGGER' /'TRACEBACK' /EXECUTABLE = 'EXE_FILE' -
'OBJECT_FILE', -
'SSL_LIB' /LIBRARY, -
'CRYPTO_LIB' /LIBRARY, -
'OPT_FILE' /OPTIONS
$!
$! End The TCP/IP Library Check.
$!
$ ENDIF
$!
$! Go Back And Do It Again.
$!
$ GOTO NEXT_FILE
$!
$! All Done With This Library Part.
$!
$ FILE_DONE:
$!
$! All Done, Time To Exit.
$!
$ EXIT:
$ GOSUB CLEANUP
$ EXIT
$!
$! Check For The Link Option FIle.
$!
$ CHECK_OPT_FILE:
$!
$! Check To See If We Need To Make A VAX C Option File.
$!
$ IF (COMPILER.EQS."VAXC")
$ THEN
$!
$! Check To See If We Already Have A VAX C Linker Option File.
$!
$ IF (F$SEARCH(OPT_FILE).EQS."")
$ THEN
$!
$! We Need A VAX C Linker Option File.
$!
$ CREATE 'OPT_FILE'
$DECK
!
! Default System Options File To Link Against
! The Sharable VAX C Runtime Library.
!
SYS$SHARE:VAXCRTL.EXE /SHAREABLE
$EOD
$!
$! End The Option File Check.
$!
$ ENDIF
$!
$! End The VAXC Check.
$!
$ ENDIF
$!
$! Check To See If We Need A GNU C Option File.
$!
$ IF (COMPILER.EQS."GNUC")
$ THEN
$!
$! Check To See If We Already Have A GNU C Linker Option File.
$!
$ IF (F$SEARCH(OPT_FILE).EQS."")
$ THEN
$!
$! We Need A GNU C Linker Option File.
$!
$ CREATE 'OPT_FILE'
$DECK
!
! Default System Options File To Link Agianst
! The Sharable C Runtime Library.
!
GNU_CC:[000000]GCCLIB.OLB /LIBRARY
SYS$SHARE:VAXCRTL.EXE /SHAREABLE
$EOD
$!
$! End The Option File Check.
$!
$ ENDIF
$!
$! End The GNU C Check.
$!
$ ENDIF
$!
$! Check To See If We Need A DEC C Option File.
$!
$ IF (COMPILER.EQS."DECC")
$ THEN
$!
$! Check To See If We Already Have A DEC C Linker Option File.
$!
$ IF (F$SEARCH(OPT_FILE).EQS."")
$ THEN
$!
$! Figure Out If We Need A non-VAX Or A VAX Linker Option File.
$!
$ IF (ARCH.EQS."VAX")
$ THEN
$!
$! We Need A DEC C Linker Option File For VAX.
$!
$ CREATE 'OPT_FILE'
$DECK
!
! Default System Options File To Link Agianst
! The Sharable DEC C Runtime Library.
!
SYS$SHARE:DECC$SHR.EXE /SHAREABLE
$EOD
$!
$! Else...
$!
$ ELSE
$!
$! Create The non-VAX Linker Option File.
$!
$ CREATE 'OPT_FILE'
$DECK
!
! Default System Options File For non-VAX To Link Agianst
! The Sharable C Runtime Library.
!
SYS$SHARE:CMA$OPEN_LIB_SHR.EXE /SHAREABLE
SYS$SHARE:CMA$OPEN_RTL.EXE /SHAREABLE
$EOD
$!
$! End The DEC C Option File Check.
$!
$ ENDIF
$!
$! End The Option File Search.
$!
$ ENDIF
$!
$! End The DEC C Check.
$!
$ ENDIF
$!
$! Tell The User What Linker Option File We Are Using.
$!
$ WRITE SYS$OUTPUT "Using Linker Option File ",OPT_FILE,"."
$!
$! Time To RETURN.
$!
$ RETURN
$!
$! Check To See If We Have The Appropiate Libraries.
$!
$ LIB_CHECK:
$!
$! Look For The Library LIBCRYPTO.OLB.
$!
$ IF (F$SEARCH(CRYPTO_LIB).EQS."")
$ THEN
$!
$! Tell The User We Can't Find The LIBCRYPTO.OLB Library.
$!
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "Can't Find The Library ",CRYPTO_LIB,"."
$ WRITE SYS$OUTPUT "We Can't Link Without It."
$ WRITE SYS$OUTPUT ""
$!
$! Since We Can't Link Without It, Exit.
$!
$ EXIT
$!
$! End The Crypto Library Check.
$!
$ ENDIF
$!
$! Look For The Library LIBSSL.OLB.
$!
$ IF (F$SEARCH(SSL_LIB).EQS."")
$ THEN
$!
$! Tell The User We Can't Find The LIBSSL.OLB Library.
$!
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "Can't Find The Library ",SSL_LIB,"."
$ WRITE SYS$OUTPUT "Some Of The Test Programs Need To Link To It."
$ WRITE SYS$OUTPUT ""
$!
$! Since We Can't Link Without It, Exit.
$!
$ EXIT
$!
$! End The SSL Library Check.
$!
$ ENDIF
$!
$! Time To Return.
$!
$ RETURN
$!
$! Check The User's Options.
$!
$ CHECK_OPTIONS:
$!
$! Check To See If P1 Is Blank.
$!
$ IF (P1.EQS."NODEBUG")
$ THEN
$!
$! P1 Is NODEBUG, So Compile Without Debugger Information.
$!
$ DEBUGGER = "NODEBUG"
$ TRACEBACK = "NOTRACEBACK"
$ GCC_OPTIMIZE = "OPTIMIZE"
$ CC_OPTIMIZE = "OPTIMIZE"
$ WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile."
$ WRITE SYS$OUTPUT "Compiling With Compiler Optimization."
$!
$! Else...
$!
$ ELSE
$!
$! Check To See If We Are To Compile With Debugger Information.
$!
$ IF (P1.EQS."DEBUG")
$ THEN
$!
$! Compile With Debugger Information.
$!
$ DEBUGGER = "DEBUG"
$ TRACEBACK = "TRACEBACK"
$ GCC_OPTIMIZE = "NOOPTIMIZE"
$ CC_OPTIMIZE = "NOOPTIMIZE"
$ WRITE SYS$OUTPUT "Debugger Information Will Be Produced During Compile."
$ WRITE SYS$OUTPUT "Compiling Without Compiler Optimization."
$!
$! Else...
$!
$ ELSE
$!
$! Tell The User Entered An Invalid Option..
$!
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "The Option ",P1," Is Invalid. The Valid Options Are:"
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT " DEBUG : Compile With The Debugger Information."
$ WRITE SYS$OUTPUT " NODEBUG : Compile Without The Debugger Information."
$ WRITE SYS$OUTPUT ""
$!
$! Time To EXIT.
$!
$ EXIT
$!
$! End The Valid Arguement Check.
$!
$ ENDIF
$!
$! End The P1 Check.
$!
$ ENDIF
$!
$! Check To See If P5 Is Blank.
$!
$ IF (P5.EQS."")
$ THEN
$ POINTER_SIZE = ""
$ ELSE
$!
$! Check is P5 Is Valid
$!
$ IF (P5.EQS."32")
$ THEN
$ POINTER_SIZE = "/POINTER_SIZE=32"
$ IF ARCH .EQS. "VAX"
$ THEN
$ LIB32 = ""
$ ELSE
$ LIB32 = "32"
$ ENDIF
$ ELSE
$ IF (P5.EQS."64")
$ THEN
$ LIB32 = ""
$ IF ARCH .EQS. "VAX"
$ THEN
$ POINTER_SIZE = "/POINTER_SIZE=32"
$ ELSE
$ POINTER_SIZE = "/POINTER_SIZE=64"
$ ENDIF
$ ELSE
$!
$! Tell The User Entered An Invalid Option..
$!
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "The Option ",P5," Is Invalid. The Valid Options Are:"
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT " 32 : Compile with 32 bit pointer size"
$ WRITE SYS$OUTPUT " 64 : Compile with 64 bit pointer size"
$ WRITE SYS$OUTPUT ""
$!
$! Time To EXIT.
$!
$ GOTO TIDY
$!
$! End The Valid Arguement Check.
$!
$ ENDIF
$ ENDIF
$!
$! End The P5 Check.
$!
$ ENDIF
$!
$! Check To See If P2 Is Blank.
$!
$ IF (P2.EQS."")
$ THEN
$!
$! O.K., The User Didn't Specify A Compiler, Let's Try To
$! Find Out Which One To Use.
$!
$! Check To See If We Have GNU C.
$!
$ IF (F$TRNLNM("GNU_CC").NES."")
$ THEN
$!
$! Looks Like GNUC, Set To Use GNUC.
$!
$ P2 = "GNUC"
$!
$! End The GNU C Compiler Check.
$!
$ ELSE
$!
$! Check To See If We Have VAXC Or DECC.
$!
$ IF (ARCH.NES."VAX").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
$ THEN
$!
$! Looks Like DECC, Set To Use DECC.
$!
$ P2 = "DECC"
$!
$! Else...
$!
$ ELSE
$!
$! Looks Like VAXC, Set To Use VAXC.
$!
$ P2 = "VAXC"
$!
$! End The VAXC Compiler Check.
$!
$ ENDIF
$!
$! End The DECC & VAXC Compiler Check.
$!
$ ENDIF
$!
$! End The Compiler Check.
$!
$ ENDIF
$!
$! Check To See If We Have A Option For P3.
$!
$ IF (P3.EQS."")
$ THEN
$!
$! Find out what socket library we have available
$!
$ IF F$PARSE("SOCKETSHR:") .NES. ""
$ THEN
$!
$! We have SOCKETSHR, and it is my opinion that it's the best to use.
$!
$ P3 = "SOCKETSHR"
$!
$! Tell the user
$!
$ WRITE SYS$OUTPUT "Using SOCKETSHR for TCP/IP"
$!
$! Else, let's look for something else
$!
$ ELSE
$!
$! Like UCX (the reason to do this before Multinet is that the UCX
$! emulation is easier to use...)
$!
$ IF F$TRNLNM("UCX$IPC_SHR") .NES. "" -
.OR. F$PARSE("SYS$SHARE:UCX$IPC_SHR.EXE") .NES. "" -
.OR. F$PARSE("SYS$LIBRARY:UCX$IPC.OLB") .NES. ""
$ THEN
$!
$! Last resort: a UCX or UCX-compatible library
$!
$ P3 = "UCX"
$!
$! Tell the user
$!
$ WRITE SYS$OUTPUT "Using UCX or an emulation thereof for TCP/IP"
$!
$! That was all...
$!
$ ENDIF
$ ENDIF
$ ENDIF
$!
$! Set Up Initial CC Definitions, Possibly With User Ones
$!
$ CCDEFS = "TCPIP_TYPE_''P3'"
$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
$ CCEXTRAFLAGS = ""
$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
$!
$! Check To See If The User Entered A Valid Paramter.
$!
$ IF (P2.EQS."VAXC").OR.(P2.EQS."DECC").OR.(P2.EQS."GNUC")
$ THEN
$!
$! Check To See If The User Wanted DECC.
$!
$ IF (P2.EQS."DECC")
$ THEN
$!
$! Looks Like DECC, Set To Use DECC.
$!
$ COMPILER = "DECC"
$!
$! Tell The User We Are Using DECC.
$!
$ WRITE SYS$OUTPUT "Using DECC 'C' Compiler."
$!
$! Use DECC...
$!
$ CC = "CC"
$ IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
THEN CC = "CC /DECC"
$ CC = CC + "/''CC_OPTIMIZE' /''DEBUGGER' /STANDARD=ANSI89 ''POINTER_SIZE'" + -
"/NOLIST /PREFIX=ALL" + -
"/INCLUDE=(SYS$DISK:[-],SYS$DISK:[-.CRYPTO])" + CCEXTRAFLAGS
$!
$! Define The Linker Options File Name.
$!
$ OPT_FILE = "''EXE_DIR'VAX_DECC_OPTIONS.OPT"
$!
$! End DECC Check.
$!
$ ENDIF
$!
$! Check To See If We Are To Use VAXC.
$!
$ IF (P2.EQS."VAXC")
$ THEN
$!
$! Looks Like VAXC, Set To Use VAXC.
$!
$ COMPILER = "VAXC"
$!
$! Tell The User We Are Using VAX C.
$!
$ WRITE SYS$OUTPUT "Using VAXC 'C' Compiler."
$!
$! Compile Using VAXC.
$!
$ CC = "CC"
$ IF ARCH.NES."VAX"
$ THEN
$ WRITE SYS$OUTPUT "There is no VAX C on ''ARCH'!"
$ EXIT
$ ENDIF
$ IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC /VAXC"
$ CC = CC + "/''CC_OPTIMIZE' /''DEBUGGER' /NOLIST" + -
"/INCLUDE=(SYS$DISK:[-],SYS$DISK:[-.CRYPTO])" + CCEXTRAFLAGS
$ CCDEFS = CCDEFS + ",""VAXC"""
$!
$! Define <sys> As SYS$COMMON:[SYSLIB]
$!
$ DEFINE /NOLOG SYS SYS$COMMON:[SYSLIB]
$!
$! Define The Linker Options File Name.
$!
$ OPT_FILE = "''EXE_DIR'VAX_VAXC_OPTIONS.OPT"
$!
$! End VAXC Check
$!
$ ENDIF
$!
$! Check To See If We Are To Use GNU C.
$!
$ IF (P2.EQS."GNUC")
$ THEN
$!
$! Looks Like GNUC, Set To Use GNUC.
$!
$ COMPILER = "GNUC"
$!
$! Tell The User We Are Using GNUC.
$!
$ WRITE SYS$OUTPUT "Using GNU 'C' Compiler."
$!
$! Use GNU C...
$!
$ CC = "GCC /NOCASE_HACK /''GCC_OPTIMIZE' /''DEBUGGER' /NOLIST" + -
"/INCLUDE=(SYS$DISK:[-],SYS$DISK:[-.CRYPTO])" + CCEXTRAFLAGS
$!
$! Define The Linker Options File Name.
$!
$ OPT_FILE = "''EXE_DIR'VAX_GNUC_OPTIONS.OPT"
$!
$! End The GNU C Check.
$!
$ ENDIF
$!
$! Set up default defines
$!
$ CCDEFS = """FLAT_INC=1""," + CCDEFS
$!
$! Finish up the definition of CC.
$!
$ IF COMPILER .EQS. "DECC"
$ THEN
$ IF CCDISABLEWARNINGS .EQS. ""
$ THEN
$ CC4DISABLEWARNINGS = "DOLLARID"
$ ELSE
$ CC4DISABLEWARNINGS = CCDISABLEWARNINGS + ",DOLLARID"
$ CCDISABLEWARNINGS = "/WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
$ ENDIF
$ CC4DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))"
$ ELSE
$ CCDISABLEWARNINGS = ""
$ CC4DISABLEWARNINGS = ""
$ ENDIF
$ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
$!
$! Show user the result
$!
$ WRITE /SYMBOL SYS$OUTPUT "Main Compiling Command: ", CC
$!
$! Else The User Entered An Invalid Arguement.
$!
$ ELSE
$!
$! Tell The User We Don't Know What They Want.
$!
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "The Option ",P2," Is Invalid. The Valid Options Are:"
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT " VAXC : To Compile With VAX C."
$ WRITE SYS$OUTPUT " DECC : To Compile With DEC C."
$ WRITE SYS$OUTPUT " GNUC : To Compile With GNU C."
$ WRITE SYS$OUTPUT ""
$!
$! Time To EXIT.
$!
$ EXIT
$ ENDIF
$!
$! Time to check the contents, and to make sure we get the correct library.
$!
$ IF P3.EQS."SOCKETSHR" .OR. P3.EQS."MULTINET" .OR. P3.EQS."UCX" -
.OR. P3.EQS."TCPIP" .OR. P3.EQS."NONE"
$ THEN
$!
$! Check to see if SOCKETSHR was chosen
$!
$ IF P3.EQS."SOCKETSHR"
$ THEN
$!
$! Set the library to use SOCKETSHR
$!
$ TCPIP_LIB = "SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT /OPTIONS"
$!
$! Done with SOCKETSHR
$!
$ ENDIF
$!
$! Check to see if MULTINET was chosen
$!
$ IF P3.EQS."MULTINET"
$ THEN
$!
$! Set the library to use UCX emulation.
$!
$ P3 = "UCX"
$!
$! Done with MULTINET
$!
$ ENDIF
$!
$! Check to see if UCX was chosen
$!
$ IF P3.EQS."UCX"
$ THEN
$!
$! Set the library to use UCX.
$!
$ TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT /OPTIONS"
$ IF F$TRNLNM("UCX$IPC_SHR") .NES. ""
$ THEN
$ TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC_LOG.OPT /OPTIONS"
$ ELSE
$ IF COMPILER .NES. "DECC" .AND. ARCH .EQS. "VAX" THEN -
TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_VAXC.OPT /OPTIONS"
$ ENDIF
$!
$! Done with UCX
$!
$ ENDIF
$!
$! Check to see if TCPIP was chosen
$!
$ IF P3.EQS."TCPIP"
$ THEN
$!
$! Set the library to use TCPIP (post UCX).
$!
$ TCPIP_LIB = "SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT /OPTIONS"
$!
$! Done with TCPIP
$!
$ ENDIF
$!
$! Check to see if NONE was chosen
$!
$ IF P3.EQS."NONE"
$ THEN
$!
$! Do not use a TCPIP library.
$!
$ TCPIP_LIB = ""
$!
$! Done with NONE
$!
$ ENDIF
$!
$! Print info
$!
$ WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB
$!
$! Else The User Entered An Invalid Arguement.
$!
$ ELSE
$!
$! Tell The User We Don't Know What They Want.
$!
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT "The Option ",P3," Is Invalid. The Valid Options Are:"
$ WRITE SYS$OUTPUT ""
$ WRITE SYS$OUTPUT " SOCKETSHR : To link with SOCKETSHR TCP/IP library."
$ WRITE SYS$OUTPUT " UCX : To link with UCX TCP/IP library."
$ WRITE SYS$OUTPUT " TCPIP : To link with TCPIP (post UCX) TCP/IP library."
$ WRITE SYS$OUTPUT ""
$!
$! Time To EXIT.
$!
$ EXIT
$!
$! Done with TCP/IP libraries
$!
$ ENDIF
$!
$! Special Threads For OpenVMS v7.1 Or Later
$!
$! Written By: Richard Levitte
$! richard@levitte.org
$!
$!
$! Check To See If We Have A Option For P4.
$!
$ IF (P4.EQS."")
$ THEN
$!
$! Get The Version Of VMS We Are Using.
$!
$ ISSEVEN :=
$ TMP = F$ELEMENT(0,"-",F$EXTRACT(1,4,F$GETSYI("VERSION")))
$ TMP = F$INTEGER(F$ELEMENT(0,".",TMP)+F$ELEMENT(1,".",TMP))
$!
$! Check To See If The VMS Version Is v7.1 Or Later.
$!
$ IF (TMP.GE.71)
$ THEN
$!
$! We Have OpenVMS v7.1 Or Later, So Use The Special Threads.
$!
$ ISSEVEN := ,PTHREAD_USE_D4
$!
$! End The VMS Version Check.
$!
$ ENDIF
$!
$! End The P4 Check.
$!
$ ENDIF
$!
$! Time To RETURN...
$!
$ RETURN
$!
$ INITIALISE:
$!
$! Save old value of the logical name OPENSSL
$!
$ __SAVE_OPENSSL = F$TRNLNM("OPENSSL","LNM$PROCESS_TABLE")
$!
$! Save directory information
$!
$ __HERE = F$PARSE(F$PARSE("A.;",F$ENVIRONMENT("PROCEDURE"))-"A.;","[]A.;") - "A.;"
$ __HERE = F$EDIT(__HERE,"UPCASE")
$ __TOP = __HERE - "TEST]"
$ __INCLUDE = __TOP + "INCLUDE.OPENSSL]"
$!
$! Set up the logical name OPENSSL to point at the include directory
$!
$ DEFINE OPENSSL /NOLOG '__INCLUDE'
$!
$! Done
$!
$ RETURN
$!
$ CLEANUP:
$!
$! Restore the logical name OPENSSL if it had a value
$!
$ IF __SAVE_OPENSSL .EQS. ""
$ THEN
$ DEASSIGN OPENSSL
$ ELSE
$ DEFINE /NOLOG OPENSSL '__SAVE_OPENSSL'
$ ENDIF
$!
$! Done
$!
$ RETURN

48
test/md2test.c Normal file
View File

@@ -0,0 +1,48 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#include <openssl/e_os2.h>
#include <openssl/buffer.h>
#include <openssl/crypto.h>
int main(int argc, char *argv[])
{
char *p, *q = 0, *program;
p = strrchr(argv[0], '/');
if (!p) p = strrchr(argv[0], '\\');
#ifdef OPENSSL_SYS_VMS
if (!p) p = strrchr(argv[0], ']');
if (p) q = strrchr(p, '>');
if (q) p = q;
if (!p) p = strrchr(argv[0], ':');
q = 0;
#endif
if (p) p++;
if (!p) p = argv[0];
if (p) q = strchr(p, '.');
if (p && !q) q = p + strlen(p);
if (!p)
program = BUF_strdup("(unknown)");
else
{
program = OPENSSL_malloc((q - p) + 1);
strncpy(program, p, q - p);
program[q - p] = '\0';
}
for(p = program; *p; p++)
if (islower((unsigned char)(*p)))
*p = toupper((unsigned char)(*p));
q = strstr(program, "TEST");
if (q > p && q[-1] == '_') q--;
*q = '\0';
printf("No %s support\n", program);
OPENSSL_free(program);
return(0);
}

1
test/md4test.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/md4/md4test.c

1
test/md5test.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/md5/md5test.c

1
test/mdc2test.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/mdc2/mdc2test.c

105
test/methtest.c Normal file
View File

@@ -0,0 +1,105 @@
/* test/methtest.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include <stdlib.h>
#include <openssl/rsa.h>
#include <openssl/x509.h>
#include "meth.h"
#include <openssl/err.h>
int main(argc,argv)
int argc;
char *argv[];
{
METHOD_CTX *top,*tmp1,*tmp2;
top=METH_new(x509_lookup()); /* get a top level context */
if (top == NULL) goto err;
tmp1=METH_new(x509_by_file());
if (top == NULL) goto err;
METH_arg(tmp1,METH_TYPE_FILE,"cafile1");
METH_arg(tmp1,METH_TYPE_FILE,"cafile2");
METH_push(top,METH_X509_CA_BY_SUBJECT,tmp1);
tmp2=METH_new(x509_by_dir());
METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/.CAcerts");
METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/SSLeay/certs");
METH_arg(tmp2,METH_TYPE_DIR,"/usr/local/ssl/certs");
METH_push(top,METH_X509_CA_BY_SUBJECT,tmp2);
/* tmp=METH_new(x509_by_issuer_dir);
METH_arg(tmp,METH_TYPE_DIR,"/home/eay/.mycerts");
METH_push(top,METH_X509_BY_ISSUER,tmp);
tmp=METH_new(x509_by_issuer_primary);
METH_arg(tmp,METH_TYPE_FILE,"/home/eay/.mycerts/primary.pem");
METH_push(top,METH_X509_BY_ISSUER,tmp);
*/
METH_init(top);
METH_control(tmp1,METH_CONTROL_DUMP,stdout);
METH_control(tmp2,METH_CONTROL_DUMP,stdout);
EXIT(0);
err:
ERR_load_crypto_strings();
ERR_print_errors_fp(stderr);
EXIT(1);
return(0);
}

15
test/pkcs7-1.pem Normal file
View File

@@ -0,0 +1,15 @@
-----BEGIN PKCS7-----
MIICUAYJKoZIhvcNAQcCoIICQTCCAj0CAQExDjAMBggqhkiG9w0CAgUAMCgGCSqG
SIb3DQEHAaAbBBlFdmVyeW9uZSBnZXRzIEZyaWRheSBvZmYuoIIBXjCCAVowggEE
AgQUAAApMA0GCSqGSIb3DQEBAgUAMCwxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRF
eGFtcGxlIE9yZ2FuaXphdGlvbjAeFw05MjA5MDkyMjE4MDZaFw05NDA5MDkyMjE4
MDVaMEIxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRFeGFtcGxlIE9yZ2FuaXphdGlv
bjEUMBIGA1UEAxMLVGVzdCBVc2VyIDEwWzANBgkqhkiG9w0BAQEFAANKADBHAkAK
ZnkdxpiBaN56t3QZu3+wwAHGJxAnAHUUKULhmo2MUdBTs+N4Kh3l3Fr06+mUaBcB
FKHf5nzcmpr1XWVWILurAgMBAAEwDQYJKoZIhvcNAQECBQADQQBFGqHhqncgSl/N
9XYGnQL3MsJvNnsNV4puZPOakR9Hld8JlDQFEaDR30ogsmp3TMrvdfxpLlTCoZN8
BxEmnZsWMYGbMIGYAgEBMDQwLDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFEV4YW1w
bGUgT3JnYW5pemF0aW9uAgQUAAApMAwGCCqGSIb3DQICBQAwDQYJKoZIhvcNAQEB
BQAEQAX6aoEvx9+L9PJUJQngPoRuEbnGIL4gCe+0QO+8xmkhaZSsBPNBtX0FIC1C
j7Kie1x339mxW/w9VZNTUDQQweHh
-----END PKCS7-----

54
test/pkcs7.pem Normal file
View File

@@ -0,0 +1,54 @@
MIAGCSqGSIb3DQEHAqCAMIACAQExADCABgkqhkiG9w0BBwEAAKCAMIIE+DCCBGGg
AwIBAgIQaGSF/JpbS1C223+yrc+N1DANBgkqhkiG9w0BAQQFADBiMREwDwYDVQQH
EwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1Zl
cmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIwHhcNOTYw
ODEyMDAwMDAwWhcNOTYwODE3MjM1OTU5WjCCASAxETAPBgNVBAcTCEludGVybmV0
MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjE3MDUGA1UECxMuRGlnaXRh
bCBJRCBDbGFzcyAxIC0gU01JTUUgVmVyaVNpZ24sIEluYy4gVEVTVDFGMEQGA1UE
CxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L0NQUyBJbmNvcnAuIGJ5IFJl
Zi4sTElBQi5MVEQoYyk5NjEZMBcGA1UEAxMQQWxleGFuZHJlIERlYWNvbjEgMB4G
CSqGSIb3DQEJARYRYWxleEB2ZXJpc2lnbi5jb20wWzANBgkqhkiG9w0BAQEFAANK
ADBHAkAOy7xxCAIkOfuIA2LyRpxgKlDORl8htdXYhF5iBGUx1GYaK6KF+bK/CCI0
l4j2OfWGFBUrwGoWqxTNcWgTfMzRAgMBAAGjggIyMIICLjAJBgNVHRMEAjAAMIIC
HwYDVR0DBIICFjCCAhIwggIOMIICCgYLYIZIAYb4RQEHAQEwggH5FoIBp1RoaXMg
Y2VydGlmaWNhdGUgaW5jb3Jwb3JhdGVzIGJ5IHJlZmVyZW5jZSwgYW5kIGl0cyB1
c2UgaXMgc3RyaWN0bHkgc3ViamVjdCB0bywgdGhlIFZlcmlTaWduIENlcnRpZmlj
YXRpb24gUHJhY3RpY2UgU3RhdGVtZW50IChDUFMpLCBhdmFpbGFibGUgYXQ6IGh0
dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9DUFM7IGJ5IEUtbWFpbCBhdCBDUFMtcmVx
dWVzdHNAdmVyaXNpZ24uY29tOyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMu
LCAyNTkzIENvYXN0IEF2ZS4sIE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBU
ZWwuICsxICg0MTUpIDk2MS04ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2ln
biwgSW5jLiAgQWxsIFJpZ2h0cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVT
IERJU0NMQUlNRUQgYW5kIExJQUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcB
AQGhDgYMYIZIAYb4RQEHAQECMCwwKhYoaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
L3JlcG9zaXRvcnkvQ1BTIDANBgkqhkiG9w0BAQQFAAOBgQAimWMGQwwwxk+b3KAL
HlSWXtU7LWHe29CEG8XeVNTvrqs6SBqT7OoENOkGxpfdpVgZ3Qw2SKjxDvbvpfSF
slsqcxWSgB/hWuaVuZCkvTw/dYGGOxkTJGxvDCfl1PZjX4dKbatslsi9Z9HpGWT7
ttItRwKqcBKgmCJvKi1pGWED0zCCAnkwggHioAMCAQICEDURpVKQb+fQKaRAGdQR
/D4wDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlT
aWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRp
ZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2MDYyNzAwMDAwMFoXDTk3MDYyNzIzNTk1
OVowYjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMu
MTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJz
Y3JpYmVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2FKbPTdAFDdjKI9Bv
qrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7jW80GqLd5HUQq7XPy
sVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cariQPJUObwW7s987Lrb
P2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABozMwMTAPBgNVHRMECDAGAQH/AgEBMAsG
A1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADgYEA
KeXHoBmnbxRCgk0jM9e9mDppdxpsipIna/J8DOHEUuD4nONAr4+xOg73SBl026n7
Bk55A2wvAMGo7+kKTZ+rHaFDDcmq4O+rzFri2RIOeGAncj1IcGptAQhvXoIhFMG4
Jlzg1KlHZHqy7D3jex78zcSU7kKOu8f5tAX1jC3+sToAAKGAMIIBJzCBkTANBgkq
hkiG9w0BAQIFADBiMREwDwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNp
Z24sIEluYy4xNDAyBgNVBAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlk
dWFsIFN1YnNjcmliZXIXDTk2MDcwMTE3MzA0MFoXDTk3MDcwMTAwMDAwMFowDQYJ
KoZIhvcNAQECBQADgYEAGLuQ6PX8A7AiqBEtWzYtl6lZNSDI0bR5YUo+D2Jzkw30
dxQnJSbKXEc6XYuzAW5HvrzATXu5c19WWPT4cRDwmjH71i9QcDysWwf/wE0qGTiW
I3tQT0I5VGh7jIJD07nlBw3R4Xl8dH9kr85JsWinqDH5YKpIo9o8knY5n7+qjOow
ggEkMIGOMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5W
ZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMSBQdWJsaWMgUHJpbWFyeSBD
ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eRcNOTYwNzE2MjMxMTI5WhcNOTYwODE1MDAw
MDAwWjANBgkqhkiG9w0BAQIFAAOBgQAXsLE4vnsY6sY67QrmWec7iaU2ehzxanEK
/9wKHZNuhlNzk+qGZZw2evxfUe2OaRbYpl8zuZvhK9BHD3ad14OSe9/zx5hOPgP/
DQXt6R4R8Q/1JheBrolrgbavjvI2wKS8/Psp2prBrkF4T48+AKRmS8Zzh1guxgvP
b+xSu/jH0gAAMYAAAAAAAAAAAA==

940
test/pkits-test.pl Normal file
View File

@@ -0,0 +1,940 @@
# test/pkits-test.pl
# Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
# project.
#
# ====================================================================
# Copyright (c) 2008 The OpenSSL Project. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
#
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in
# the documentation and/or other materials provided with the
# distribution.
#
# 3. All advertising materials mentioning features or use of this
# software must display the following acknowledgment:
# "This product includes software developed by the OpenSSL Project
# for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
#
# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
# endorse or promote products derived from this software without
# prior written permission. For written permission, please contact
# licensing@OpenSSL.org.
#
# 5. Products derived from this software may not be called "OpenSSL"
# nor may "OpenSSL" appear in their names without prior written
# permission of the OpenSSL Project.
#
# 6. Redistributions of any form whatsoever must retain the following
# acknowledgment:
# "This product includes software developed by the OpenSSL Project
# for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
#
# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
# OF THE POSSIBILITY OF SUCH DAMAGE.
# ====================================================================
# Perl utility to run PKITS tests for RFC3280 compliance.
my $ossl_path;
if ( -f "../apps/openssl" ) {
$ossl_path = "../util/shlib_wrap.sh ../apps/openssl";
}
elsif ( -f "..\\out32dll\\openssl.exe" ) {
$ossl_path = "..\\out32dll\\openssl.exe";
}
elsif ( -f "..\\out32\\openssl.exe" ) {
$ossl_path = "..\\out32\\openssl.exe";
}
else {
die "Can't find OpenSSL executable";
}
my $pkitsdir = "pkits/smime";
my $pkitsta = "pkits/certs/TrustAnchorRootCertificate.crt";
die "Can't find PKITS test data" if !-d $pkitsdir;
my $nist1 = "2.16.840.1.101.3.2.1.48.1";
my $nist2 = "2.16.840.1.101.3.2.1.48.2";
my $nist3 = "2.16.840.1.101.3.2.1.48.3";
my $nist4 = "2.16.840.1.101.3.2.1.48.4";
my $nist5 = "2.16.840.1.101.3.2.1.48.5";
my $nist6 = "2.16.840.1.101.3.2.1.48.6";
my $apolicy = "X509v3 Any Policy";
# This table contains the chapter headings of the accompanying PKITS
# document. They provide useful informational output and their names
# can be converted into the filename to test.
my @testlists = (
[ "4.1", "Signature Verification" ],
[ "4.1.1", "Valid Signatures Test1", 0 ],
[ "4.1.2", "Invalid CA Signature Test2", 7 ],
[ "4.1.3", "Invalid EE Signature Test3", 7 ],
[ "4.1.4", "Valid DSA Signatures Test4", 0 ],
[ "4.1.5", "Valid DSA Parameter Inheritance Test5", 0 ],
[ "4.1.6", "Invalid DSA Signature Test6", 7 ],
[ "4.2", "Validity Periods" ],
[ "4.2.1", "Invalid CA notBefore Date Test1", 9 ],
[ "4.2.2", "Invalid EE notBefore Date Test2", 9 ],
[ "4.2.3", "Valid pre2000 UTC notBefore Date Test3", 0 ],
[ "4.2.4", "Valid GeneralizedTime notBefore Date Test4", 0 ],
[ "4.2.5", "Invalid CA notAfter Date Test5", 10 ],
[ "4.2.6", "Invalid EE notAfter Date Test6", 10 ],
[ "4.2.7", "Invalid pre2000 UTC EE notAfter Date Test7", 10 ],
[ "4.2.8", "Valid GeneralizedTime notAfter Date Test8", 0 ],
[ "4.3", "Verifying Name Chaining" ],
[ "4.3.1", "Invalid Name Chaining EE Test1", 20 ],
[ "4.3.2", "Invalid Name Chaining Order Test2", 20 ],
[ "4.3.3", "Valid Name Chaining Whitespace Test3", 0 ],
[ "4.3.4", "Valid Name Chaining Whitespace Test4", 0 ],
[ "4.3.5", "Valid Name Chaining Capitalization Test5", 0 ],
[ "4.3.6", "Valid Name Chaining UIDs Test6", 0 ],
[ "4.3.7", "Valid RFC3280 Mandatory Attribute Types Test7", 0 ],
[ "4.3.8", "Valid RFC3280 Optional Attribute Types Test8", 0 ],
[ "4.3.9", "Valid UTF8String Encoded Names Test9", 0 ],
[ "4.3.10", "Valid Rollover from PrintableString to UTF8String Test10", 0 ],
[ "4.3.11", "Valid UTF8String Case Insensitive Match Test11", 0 ],
[ "4.4", "Basic Certificate Revocation Tests" ],
[ "4.4.1", "Missing CRL Test1", 3 ],
[ "4.4.2", "Invalid Revoked CA Test2", 23 ],
[ "4.4.3", "Invalid Revoked EE Test3", 23 ],
[ "4.4.4", "Invalid Bad CRL Signature Test4", 8 ],
[ "4.4.5", "Invalid Bad CRL Issuer Name Test5", 3 ],
[ "4.4.6", "Invalid Wrong CRL Test6", 3 ],
[ "4.4.7", "Valid Two CRLs Test7", 0 ],
# The test document suggests these should return certificate revoked...
# Subsquent discussion has concluded they should not due to unhandle
# critical CRL extensions.
[ "4.4.8", "Invalid Unknown CRL Entry Extension Test8", 36 ],
[ "4.4.9", "Invalid Unknown CRL Extension Test9", 36 ],
[ "4.4.10", "Invalid Unknown CRL Extension Test10", 36 ],
[ "4.4.11", "Invalid Old CRL nextUpdate Test11", 12 ],
[ "4.4.12", "Invalid pre2000 CRL nextUpdate Test12", 12 ],
[ "4.4.13", "Valid GeneralizedTime CRL nextUpdate Test13", 0 ],
[ "4.4.14", "Valid Negative Serial Number Test14", 0 ],
[ "4.4.15", "Invalid Negative Serial Number Test15", 23 ],
[ "4.4.16", "Valid Long Serial Number Test16", 0 ],
[ "4.4.17", "Valid Long Serial Number Test17", 0 ],
[ "4.4.18", "Invalid Long Serial Number Test18", 23 ],
[ "4.4.19", "Valid Separate Certificate and CRL Keys Test19", 0 ],
[ "4.4.20", "Invalid Separate Certificate and CRL Keys Test20", 23 ],
# CRL path is revoked so get a CRL path validation error
[ "4.4.21", "Invalid Separate Certificate and CRL Keys Test21", 54 ],
[ "4.5", "Verifying Paths with Self-Issued Certificates" ],
[ "4.5.1", "Valid Basic Self-Issued Old With New Test1", 0 ],
[ "4.5.2", "Invalid Basic Self-Issued Old With New Test2", 23 ],
[ "4.5.3", "Valid Basic Self-Issued New With Old Test3", 0 ],
[ "4.5.4", "Valid Basic Self-Issued New With Old Test4", 0 ],
[ "4.5.5", "Invalid Basic Self-Issued New With Old Test5", 23 ],
[ "4.5.6", "Valid Basic Self-Issued CRL Signing Key Test6", 0 ],
[ "4.5.7", "Invalid Basic Self-Issued CRL Signing Key Test7", 23 ],
[ "4.5.8", "Invalid Basic Self-Issued CRL Signing Key Test8", 20 ],
[ "4.6", "Verifying Basic Constraints" ],
[ "4.6.1", "Invalid Missing basicConstraints Test1", 24 ],
[ "4.6.2", "Invalid cA False Test2", 24 ],
[ "4.6.3", "Invalid cA False Test3", 24 ],
[ "4.6.4", "Valid basicConstraints Not Critical Test4", 0 ],
[ "4.6.5", "Invalid pathLenConstraint Test5", 25 ],
[ "4.6.6", "Invalid pathLenConstraint Test6", 25 ],
[ "4.6.7", "Valid pathLenConstraint Test7", 0 ],
[ "4.6.8", "Valid pathLenConstraint Test8", 0 ],
[ "4.6.9", "Invalid pathLenConstraint Test9", 25 ],
[ "4.6.10", "Invalid pathLenConstraint Test10", 25 ],
[ "4.6.11", "Invalid pathLenConstraint Test11", 25 ],
[ "4.6.12", "Invalid pathLenConstraint Test12", 25 ],
[ "4.6.13", "Valid pathLenConstraint Test13", 0 ],
[ "4.6.14", "Valid pathLenConstraint Test14", 0 ],
[ "4.6.15", "Valid Self-Issued pathLenConstraint Test15", 0 ],
[ "4.6.16", "Invalid Self-Issued pathLenConstraint Test16", 25 ],
[ "4.6.17", "Valid Self-Issued pathLenConstraint Test17", 0 ],
[ "4.7", "Key Usage" ],
[ "4.7.1", "Invalid keyUsage Critical keyCertSign False Test1", 20 ],
[ "4.7.2", "Invalid keyUsage Not Critical keyCertSign False Test2", 20 ],
[ "4.7.3", "Valid keyUsage Not Critical Test3", 0 ],
[ "4.7.4", "Invalid keyUsage Critical cRLSign False Test4", 35 ],
[ "4.7.5", "Invalid keyUsage Not Critical cRLSign False Test5", 35 ],
# Certificate policy tests need special handling. They can have several
# sub tests and we need to check the outputs are correct.
[ "4.8", "Certificate Policies" ],
[
"4.8.1.1",
"All Certificates Same Policy Test1",
"-policy anyPolicy -explicit_policy",
"True", $nist1, $nist1, 0
],
[
"4.8.1.2",
"All Certificates Same Policy Test1",
"-policy $nist1 -explicit_policy",
"True", $nist1, $nist1, 0
],
[
"4.8.1.3",
"All Certificates Same Policy Test1",
"-policy $nist2 -explicit_policy",
"True", $nist1, "<empty>", 43
],
[
"4.8.1.4",
"All Certificates Same Policy Test1",
"-policy $nist1 -policy $nist2 -explicit_policy",
"True", $nist1, $nist1, 0
],
[
"4.8.2.1",
"All Certificates No Policies Test2",
"-policy anyPolicy",
"False", "<empty>", "<empty>", 0
],
[
"4.8.2.2",
"All Certificates No Policies Test2",
"-policy anyPolicy -explicit_policy",
"True", "<empty>", "<empty>", 43
],
[
"4.8.3.1",
"Different Policies Test3",
"-policy anyPolicy",
"False", "<empty>", "<empty>", 0
],
[
"4.8.3.2",
"Different Policies Test3",
"-policy anyPolicy -explicit_policy",
"True", "<empty>", "<empty>", 43
],
[
"4.8.3.3",
"Different Policies Test3",
"-policy $nist1 -policy $nist2 -explicit_policy",
"True", "<empty>", "<empty>", 43
],
[
"4.8.4",
"Different Policies Test4",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.8.5",
"Different Policies Test5",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.8.6.1",
"Overlapping Policies Test6",
"-policy anyPolicy",
"True", $nist1, $nist1, 0
],
[
"4.8.6.2",
"Overlapping Policies Test6",
"-policy $nist1",
"True", $nist1, $nist1, 0
],
[
"4.8.6.3",
"Overlapping Policies Test6",
"-policy $nist2",
"True", $nist1, "<empty>", 43
],
[
"4.8.7",
"Different Policies Test7",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.8.8",
"Different Policies Test8",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.8.9",
"Different Policies Test9",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.8.10.1",
"All Certificates Same Policies Test10",
"-policy $nist1",
"True", "$nist1:$nist2", "$nist1", 0
],
[
"4.8.10.2",
"All Certificates Same Policies Test10",
"-policy $nist2",
"True", "$nist1:$nist2", "$nist2", 0
],
[
"4.8.10.3",
"All Certificates Same Policies Test10",
"-policy anyPolicy",
"True", "$nist1:$nist2", "$nist1:$nist2", 0
],
[
"4.8.11.1",
"All Certificates AnyPolicy Test11",
"-policy anyPolicy",
"True", "$apolicy", "$apolicy", 0
],
[
"4.8.11.2",
"All Certificates AnyPolicy Test11",
"-policy $nist1",
"True", "$apolicy", "$nist1", 0
],
[
"4.8.12",
"Different Policies Test12",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.8.13.1",
"All Certificates Same Policies Test13",
"-policy $nist1",
"True", "$nist1:$nist2:$nist3", "$nist1", 0
],
[
"4.8.13.2",
"All Certificates Same Policies Test13",
"-policy $nist2",
"True", "$nist1:$nist2:$nist3", "$nist2", 0
],
[
"4.8.13.3",
"All Certificates Same Policies Test13",
"-policy $nist3",
"True", "$nist1:$nist2:$nist3", "$nist3", 0
],
[
"4.8.14.1", "AnyPolicy Test14",
"-policy $nist1", "True",
"$nist1", "$nist1",
0
],
[
"4.8.14.2", "AnyPolicy Test14",
"-policy $nist2", "True",
"$nist1", "<empty>",
43
],
[
"4.8.15",
"User Notice Qualifier Test15",
"-policy anyPolicy",
"False", "$nist1", "$nist1", 0
],
[
"4.8.16",
"User Notice Qualifier Test16",
"-policy anyPolicy",
"False", "$nist1", "$nist1", 0
],
[
"4.8.17",
"User Notice Qualifier Test17",
"-policy anyPolicy",
"False", "$nist1", "$nist1", 0
],
[
"4.8.18.1",
"User Notice Qualifier Test18",
"-policy $nist1",
"True", "$nist1:$nist2", "$nist1", 0
],
[
"4.8.18.2",
"User Notice Qualifier Test18",
"-policy $nist2",
"True", "$nist1:$nist2", "$nist2", 0
],
[
"4.8.19",
"User Notice Qualifier Test19",
"-policy anyPolicy",
"False", "$nist1", "$nist1", 0
],
[
"4.8.20",
"CPS Pointer Qualifier Test20",
"-policy anyPolicy -explicit_policy",
"True", "$nist1", "$nist1", 0
],
[ "4.9", "Require Explicit Policy" ],
[
"4.9.1",
"Valid RequireExplicitPolicy Test1",
"-policy anyPolicy",
"False", "<empty>", "<empty>", 0
],
[
"4.9.2",
"Valid RequireExplicitPolicy Test2",
"-policy anyPolicy",
"False", "<empty>", "<empty>", 0
],
[
"4.9.3",
"Invalid RequireExplicitPolicy Test3",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.9.4",
"Valid RequireExplicitPolicy Test4",
"-policy anyPolicy",
"True", "$nist1", "$nist1", 0
],
[
"4.9.5",
"Invalid RequireExplicitPolicy Test5",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.9.6",
"Valid Self-Issued requireExplicitPolicy Test6",
"-policy anyPolicy",
"False", "<empty>", "<empty>", 0
],
[
"4.9.7",
"Invalid Self-Issued requireExplicitPolicy Test7",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.9.8",
"Invalid Self-Issued requireExplicitPolicy Test8",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[ "4.10", "Policy Mappings" ],
[
"4.10.1.1",
"Valid Policy Mapping Test1",
"-policy $nist1",
"True", "$nist1", "$nist1", 0
],
[
"4.10.1.2",
"Valid Policy Mapping Test1",
"-policy $nist2",
"True", "$nist1", "<empty>", 43
],
[
"4.10.1.3",
"Valid Policy Mapping Test1",
"-policy anyPolicy -inhibit_map",
"True", "<empty>", "<empty>", 43
],
[
"4.10.2.1",
"Invalid Policy Mapping Test2",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.10.2.2",
"Invalid Policy Mapping Test2",
"-policy anyPolicy -inhibit_map",
"True", "<empty>", "<empty>", 43
],
[
"4.10.3.1",
"Valid Policy Mapping Test3",
"-policy $nist1",
"True", "$nist2", "<empty>", 43
],
[
"4.10.3.2",
"Valid Policy Mapping Test3",
"-policy $nist2",
"True", "$nist2", "$nist2", 0
],
[
"4.10.4",
"Invalid Policy Mapping Test4",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.10.5.1",
"Valid Policy Mapping Test5",
"-policy $nist1",
"True", "$nist1", "$nist1", 0
],
[
"4.10.5.2",
"Valid Policy Mapping Test5",
"-policy $nist6",
"True", "$nist1", "<empty>", 43
],
[
"4.10.6.1",
"Valid Policy Mapping Test6",
"-policy $nist1",
"True", "$nist1", "$nist1", 0
],
[
"4.10.6.2",
"Valid Policy Mapping Test6",
"-policy $nist6",
"True", "$nist1", "<empty>", 43
],
[ "4.10.7", "Invalid Mapping From anyPolicy Test7", 42 ],
[ "4.10.8", "Invalid Mapping To anyPolicy Test8", 42 ],
[
"4.10.9",
"Valid Policy Mapping Test9",
"-policy anyPolicy",
"True", "$nist1", "$nist1", 0
],
[
"4.10.10",
"Invalid Policy Mapping Test10",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.10.11",
"Valid Policy Mapping Test11",
"-policy anyPolicy",
"True", "$nist1", "$nist1", 0
],
# TODO: check notice display
[
"4.10.12.1",
"Valid Policy Mapping Test12",
"-policy $nist1",
"True", "$nist1:$nist2", "$nist1", 0
],
# TODO: check notice display
[
"4.10.12.2",
"Valid Policy Mapping Test12",
"-policy $nist2",
"True", "$nist1:$nist2", "$nist2", 0
],
[
"4.10.13",
"Valid Policy Mapping Test13",
"-policy anyPolicy",
"True", "$nist1", "$nist1", 0
],
# TODO: check notice display
[
"4.10.14",
"Valid Policy Mapping Test14",
"-policy anyPolicy",
"True", "$nist1", "$nist1", 0
],
[ "4.11", "Inhibit Policy Mapping" ],
[
"4.11.1",
"Invalid inhibitPolicyMapping Test1",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.11.2",
"Valid inhibitPolicyMapping Test2",
"-policy anyPolicy",
"True", "$nist1", "$nist1", 0
],
[
"4.11.3",
"Invalid inhibitPolicyMapping Test3",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.11.4",
"Valid inhibitPolicyMapping Test4",
"-policy anyPolicy",
"True", "$nist2", "$nist2", 0
],
[
"4.11.5",
"Invalid inhibitPolicyMapping Test5",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.11.6",
"Invalid inhibitPolicyMapping Test6",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.11.7",
"Valid Self-Issued inhibitPolicyMapping Test7",
"-policy anyPolicy",
"True", "$nist1", "$nist1", 0
],
[
"4.11.8",
"Invalid Self-Issued inhibitPolicyMapping Test8",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.11.9",
"Invalid Self-Issued inhibitPolicyMapping Test9",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.11.10",
"Invalid Self-Issued inhibitPolicyMapping Test10",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.11.11",
"Invalid Self-Issued inhibitPolicyMapping Test11",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[ "4.12", "Inhibit Any Policy" ],
[
"4.12.1",
"Invalid inhibitAnyPolicy Test1",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.12.2",
"Valid inhibitAnyPolicy Test2",
"-policy anyPolicy",
"True", "$nist1", "$nist1", 0
],
[
"4.12.3.1",
"inhibitAnyPolicy Test3",
"-policy anyPolicy",
"True", "$nist1", "$nist1", 0
],
[
"4.12.3.2",
"inhibitAnyPolicy Test3",
"-policy anyPolicy -inhibit_any",
"True", "<empty>", "<empty>", 43
],
[
"4.12.4",
"Invalid inhibitAnyPolicy Test4",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.12.5",
"Invalid inhibitAnyPolicy Test5",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.12.6",
"Invalid inhibitAnyPolicy Test6",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[ "4.12.7", "Valid Self-Issued inhibitAnyPolicy Test7", 0 ],
[ "4.12.8", "Invalid Self-Issued inhibitAnyPolicy Test8", 43 ],
[ "4.12.9", "Valid Self-Issued inhibitAnyPolicy Test9", 0 ],
[ "4.12.10", "Invalid Self-Issued inhibitAnyPolicy Test10", 43 ],
[ "4.13", "Name Constraints" ],
[ "4.13.1", "Valid DN nameConstraints Test1", 0 ],
[ "4.13.2", "Invalid DN nameConstraints Test2", 47 ],
[ "4.13.3", "Invalid DN nameConstraints Test3", 47 ],
[ "4.13.4", "Valid DN nameConstraints Test4", 0 ],
[ "4.13.5", "Valid DN nameConstraints Test5", 0 ],
[ "4.13.6", "Valid DN nameConstraints Test6", 0 ],
[ "4.13.7", "Invalid DN nameConstraints Test7", 48 ],
[ "4.13.8", "Invalid DN nameConstraints Test8", 48 ],
[ "4.13.9", "Invalid DN nameConstraints Test9", 48 ],
[ "4.13.10", "Invalid DN nameConstraints Test10", 48 ],
[ "4.13.11", "Valid DN nameConstraints Test11", 0 ],
[ "4.13.12", "Invalid DN nameConstraints Test12", 47 ],
[ "4.13.13", "Invalid DN nameConstraints Test13", 47 ],
[ "4.13.14", "Valid DN nameConstraints Test14", 0 ],
[ "4.13.15", "Invalid DN nameConstraints Test15", 48 ],
[ "4.13.16", "Invalid DN nameConstraints Test16", 48 ],
[ "4.13.17", "Invalid DN nameConstraints Test17", 48 ],
[ "4.13.18", "Valid DN nameConstraints Test18", 0 ],
[ "4.13.19", "Valid Self-Issued DN nameConstraints Test19", 0 ],
[ "4.13.20", "Invalid Self-Issued DN nameConstraints Test20", 47 ],
[ "4.13.21", "Valid RFC822 nameConstraints Test21", 0 ],
[ "4.13.22", "Invalid RFC822 nameConstraints Test22", 47 ],
[ "4.13.23", "Valid RFC822 nameConstraints Test23", 0 ],
[ "4.13.24", "Invalid RFC822 nameConstraints Test24", 47 ],
[ "4.13.25", "Valid RFC822 nameConstraints Test25", 0 ],
[ "4.13.26", "Invalid RFC822 nameConstraints Test26", 48 ],
[ "4.13.27", "Valid DN and RFC822 nameConstraints Test27", 0 ],
[ "4.13.28", "Invalid DN and RFC822 nameConstraints Test28", 47 ],
[ "4.13.29", "Invalid DN and RFC822 nameConstraints Test29", 47 ],
[ "4.13.30", "Valid DNS nameConstraints Test30", 0 ],
[ "4.13.31", "Invalid DNS nameConstraints Test31", 47 ],
[ "4.13.32", "Valid DNS nameConstraints Test32", 0 ],
[ "4.13.33", "Invalid DNS nameConstraints Test33", 48 ],
[ "4.13.34", "Valid URI nameConstraints Test34", 0 ],
[ "4.13.35", "Invalid URI nameConstraints Test35", 47 ],
[ "4.13.36", "Valid URI nameConstraints Test36", 0 ],
[ "4.13.37", "Invalid URI nameConstraints Test37", 48 ],
[ "4.13.38", "Invalid DNS nameConstraints Test38", 47 ],
[ "4.14", "Distribution Points" ],
[ "4.14.1", "Valid distributionPoint Test1", 0 ],
[ "4.14.2", "Invalid distributionPoint Test2", 23 ],
[ "4.14.3", "Invalid distributionPoint Test3", 44 ],
[ "4.14.4", "Valid distributionPoint Test4", 0 ],
[ "4.14.5", "Valid distributionPoint Test5", 0 ],
[ "4.14.6", "Invalid distributionPoint Test6", 23 ],
[ "4.14.7", "Valid distributionPoint Test7", 0 ],
[ "4.14.8", "Invalid distributionPoint Test8", 44 ],
[ "4.14.9", "Invalid distributionPoint Test9", 44 ],
[ "4.14.10", "Valid No issuingDistributionPoint Test10", 0 ],
[ "4.14.11", "Invalid onlyContainsUserCerts CRL Test11", 44 ],
[ "4.14.12", "Invalid onlyContainsCACerts CRL Test12", 44 ],
[ "4.14.13", "Valid onlyContainsCACerts CRL Test13", 0 ],
[ "4.14.14", "Invalid onlyContainsAttributeCerts Test14", 44 ],
[ "4.14.15", "Invalid onlySomeReasons Test15", 23 ],
[ "4.14.16", "Invalid onlySomeReasons Test16", 23 ],
[ "4.14.17", "Invalid onlySomeReasons Test17", 3 ],
[ "4.14.18", "Valid onlySomeReasons Test18", 0 ],
[ "4.14.19", "Valid onlySomeReasons Test19", 0 ],
[ "4.14.20", "Invalid onlySomeReasons Test20", 23 ],
[ "4.14.21", "Invalid onlySomeReasons Test21", 23 ],
[ "4.14.22", "Valid IDP with indirectCRL Test22", 0 ],
[ "4.14.23", "Invalid IDP with indirectCRL Test23", 23 ],
[ "4.14.24", "Valid IDP with indirectCRL Test24", 0 ],
[ "4.14.25", "Valid IDP with indirectCRL Test25", 0 ],
[ "4.14.26", "Invalid IDP with indirectCRL Test26", 44 ],
[ "4.14.27", "Invalid cRLIssuer Test27", 3 ],
[ "4.14.28", "Valid cRLIssuer Test28", 0 ],
[ "4.14.29", "Valid cRLIssuer Test29", 0 ],
# Although this test is valid it has a circular dependency. As a result
# an attempt is made to reursively checks a CRL path and rejected due to
# a CRL path validation error. PKITS notes suggest this test does not
# need to be run due to this issue.
[ "4.14.30", "Valid cRLIssuer Test30", 54 ],
[ "4.14.31", "Invalid cRLIssuer Test31", 23 ],
[ "4.14.32", "Invalid cRLIssuer Test32", 23 ],
[ "4.14.33", "Valid cRLIssuer Test33", 0 ],
[ "4.14.34", "Invalid cRLIssuer Test34", 23 ],
[ "4.14.35", "Invalid cRLIssuer Test35", 44 ],
[ "4.15", "Delta-CRLs" ],
[ "4.15.1", "Invalid deltaCRLIndicator No Base Test1", 3 ],
[ "4.15.2", "Valid delta-CRL Test2", 0 ],
[ "4.15.3", "Invalid delta-CRL Test3", 23 ],
[ "4.15.4", "Invalid delta-CRL Test4", 23 ],
[ "4.15.5", "Valid delta-CRL Test5", 0 ],
[ "4.15.6", "Invalid delta-CRL Test6", 23 ],
[ "4.15.7", "Valid delta-CRL Test7", 0 ],
[ "4.15.8", "Valid delta-CRL Test8", 0 ],
[ "4.15.9", "Invalid delta-CRL Test9", 23 ],
[ "4.15.10", "Invalid delta-CRL Test10", 12 ],
[ "4.16", "Private Certificate Extensions" ],
[ "4.16.1", "Valid Unknown Not Critical Certificate Extension Test1", 0 ],
[ "4.16.2", "Invalid Unknown Critical Certificate Extension Test2", 34 ],
);
my $verbose = 1;
my $numtest = 0;
my $numfail = 0;
my $ossl = "ossl/apps/openssl";
my $ossl_cmd = "$ossl_path cms -verify -verify_retcode ";
$ossl_cmd .= "-CAfile pkitsta.pem -crl_check_all -x509_strict ";
$ossl_cmd .= "-policy_check -extended_crl -use_deltas -out /dev/null 2>&1 ";
system "$ossl_path x509 -inform DER -in $pkitsta -out pkitsta.pem";
die "Can't create trust anchor file" if $?;
print "Running PKITS tests:\n" if $verbose;
foreach (@testlists) {
my $argnum = @$_;
if ( $argnum == 2 ) {
my ( $tnum, $title ) = @$_;
print "$tnum $title\n" if $verbose;
}
elsif ( $argnum == 3 ) {
my ( $tnum, $title, $exp_ret ) = @$_;
my $filename = $title;
$exp_ret += 32 if $exp_ret;
$filename =~ tr/ -//d;
$filename = "Signed${filename}.eml";
if ( !-f "$pkitsdir/$filename" ) {
print "\"$filename\" not found\n";
}
else {
my $ret;
my $test_fail = 0;
my $errmsg = "";
my $cmd = $ossl_cmd;
$cmd .= "-in $pkitsdir/$filename -policy anyPolicy";
my $cmdout = `$cmd`;
$ret = $? >> 8;
if ( $? & 0xff ) {
$errmsg .= "Abnormal OpenSSL termination\n";
$test_fail = 1;
}
if ( $exp_ret != $ret ) {
$errmsg .= "Return code:$ret, ";
$errmsg .= "expected $exp_ret\n";
$test_fail = 1;
}
if ($test_fail) {
print "$tnum $title : Failed!\n";
print "Filename: $pkitsdir/$filename\n";
print $errmsg;
print "Command output:\n$cmdout\n";
$numfail++;
}
$numtest++;
}
}
elsif ( $argnum == 7 ) {
my ( $tnum, $title, $exargs, $exp_epol, $exp_aset, $exp_uset, $exp_ret )
= @$_;
my $filename = $title;
$exp_ret += 32 if $exp_ret;
$filename =~ tr/ -//d;
$filename = "Signed${filename}.eml";
if ( !-f "$pkitsdir/$filename" ) {
print "\"$filename\" not found\n";
}
else {
my $ret;
my $cmdout = "";
my $errmsg = "";
my $epol = "";
my $aset = "";
my $uset = "";
my $pol = -1;
my $test_fail = 0;
my $cmd = $ossl_cmd;
$cmd .= "-in $pkitsdir/$filename $exargs -policy_print";
@oparr = `$cmd`;
$ret = $? >> 8;
if ( $? & 0xff ) {
$errmsg .= "Abnormal OpenSSL termination\n";
$test_fail = 1;
}
foreach (@oparr) {
my $test_failed = 0;
$cmdout .= $_;
if (/^Require explicit Policy: (.*)$/) {
$epol = $1;
}
if (/^Authority Policies/) {
if (/empty/) {
$aset = "<empty>";
}
else {
$pol = 1;
}
}
$test_fail = 1 if (/leak/i);
if (/^User Policies/) {
if (/empty/) {
$uset = "<empty>";
}
else {
$pol = 2;
}
}
if (/\s+Policy: (.*)$/) {
if ( $pol == 1 ) {
$aset .= ":" if $aset ne "";
$aset .= $1;
}
elsif ( $pol == 2 ) {
$uset .= ":" if $uset ne "";
$uset .= $1;
}
}
}
if ( $epol ne $exp_epol ) {
$errmsg .= "Explicit policy:$epol, ";
$errmsg .= "expected $exp_epol\n";
$test_fail = 1;
}
if ( $aset ne $exp_aset ) {
$errmsg .= "Authority policy set :$aset, ";
$errmsg .= "expected $exp_aset\n";
$test_fail = 1;
}
if ( $uset ne $exp_uset ) {
$errmsg .= "User policy set :$uset, ";
$errmsg .= "expected $exp_uset\n";
$test_fail = 1;
}
if ( $exp_ret != $ret ) {
print "Return code:$ret, expected $exp_ret\n";
$test_fail = 1;
}
if ($test_fail) {
print "$tnum $title : Failed!\n";
print "Filename: $pkitsdir/$filename\n";
print "Command output:\n$cmdout\n";
$numfail++;
}
$numtest++;
}
}
}
if ($numfail) {
print "$numfail tests failed out of $numtest\n";
}
else {
print "All Tests Successful.\n";
}
unlink "pkitsta.pem";

57
test/r160test.c Normal file
View File

@@ -0,0 +1,57 @@
/* test/r160test.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/

1
test/randtest.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/rand/randtest.c

1
test/rc2test.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/rc2/rc2test.c

1
test/rc4test.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/rc4/rc4test.c

48
test/rc5test.c Normal file
View File

@@ -0,0 +1,48 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#include <openssl/e_os2.h>
#include <openssl/buffer.h>
#include <openssl/crypto.h>
int main(int argc, char *argv[])
{
char *p, *q = 0, *program;
p = strrchr(argv[0], '/');
if (!p) p = strrchr(argv[0], '\\');
#ifdef OPENSSL_SYS_VMS
if (!p) p = strrchr(argv[0], ']');
if (p) q = strrchr(p, '>');
if (q) p = q;
if (!p) p = strrchr(argv[0], ':');
q = 0;
#endif
if (p) p++;
if (!p) p = argv[0];
if (p) q = strchr(p, '.');
if (p && !q) q = p + strlen(p);
if (!p)
program = BUF_strdup("(unknown)");
else
{
program = OPENSSL_malloc((q - p) + 1);
strncpy(program, p, q - p);
program[q - p] = '\0';
}
for(p = program; *p; p++)
if (islower((unsigned char)(*p)))
*p = toupper((unsigned char)(*p));
q = strstr(program, "TEST");
if (q > p && q[-1] == '_') q--;
*q = '\0';
printf("No %s support\n", program);
OPENSSL_free(program);
return(0);
}

1
test/rmdtest.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/ripemd/rmdtest.c

1
test/rsa_test.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/rsa/rsa_test.c

1
test/sha1test.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/sha/sha1test.c

1
test/sha256t.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/sha/sha256t.c

1
test/sha512t.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/sha/sha512t.c

1
test/shatest.c Symbolic link
View File

@@ -0,0 +1 @@
../crypto/sha/shatest.c

1
test/smcont.txt Normal file
View File

@@ -0,0 +1 @@
Some test content for OpenSSL CMS

34
test/smime-certs/smdsa1.pem Normal file
View File

@@ -0,0 +1,34 @@
-----BEGIN DSA PRIVATE KEY-----
MIIBuwIBAAKBgQDFJfsIPOIawMO5biw+AoYUhNVxReBOLQosU3Qv4B8krac0BNr3
OjSGLh1wZxHqhlAE0QmasTaKojuk20nNWeFnczSz6vDl0IVJEhS8VYor5kt9gLqt
GcoAgsf4gRDIutJyQDaNn3IVY89uXUVIoexvQeLQDBCgQPC5O8rJdqBwtwIVAK2J
jt+dqk07eQUE59koYUEKyNorAoGBAI4IEpusf8G14kCHmRtnHXM2tG5EWJDmW6Qt
wjqvWp1GKUx5WFy1tVWR9nl5rL0Di+kNdENo+SkKj7h3uDulGOI6T0mQYbV2h1IK
+FMOGnOqvZ8eNTE2n4PGTo5puZ63LBm+QYrQsrNiUY4vakLFQ2rEK/SLwdsDFK4Z
SJCBQw5zAoGATQlPPF+OeU8nu3rsdXGDiZdJzOkuCce3KQfTABA9C+Dk4CVcvBdd
YRLGpnykumkNTO1sTO+4/Gphsuje1ujK9td4UEhdYqylCe5QjEMrszDlJtelDQF9
C0yhdjKGTP0kxofLhsGckcuQvcKEKffT2pDDKJIy4vWQO0UyJl1vjLcCFG2uiGGx
9fMUZq1v0ePD4Wo0Xkxo
-----END DSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIDpDCCAw2gAwIBAgIJAMtotfHYdEsWMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDlaFw0xNjA1MTAxMzUzMDlaMEUx
CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
ZXN0IFMvTUlNRSBFRSBEU0EgIzEwggG3MIIBLAYHKoZIzjgEATCCAR8CgYEAxSX7
CDziGsDDuW4sPgKGFITVcUXgTi0KLFN0L+AfJK2nNATa9zo0hi4dcGcR6oZQBNEJ
mrE2iqI7pNtJzVnhZ3M0s+rw5dCFSRIUvFWKK+ZLfYC6rRnKAILH+IEQyLrSckA2
jZ9yFWPPbl1FSKHsb0Hi0AwQoEDwuTvKyXagcLcCFQCtiY7fnapNO3kFBOfZKGFB
CsjaKwKBgQCOCBKbrH/BteJAh5kbZx1zNrRuRFiQ5lukLcI6r1qdRilMeVhctbVV
kfZ5eay9A4vpDXRDaPkpCo+4d7g7pRjiOk9JkGG1dodSCvhTDhpzqr2fHjUxNp+D
xk6OabmetywZvkGK0LKzYlGOL2pCxUNqxCv0i8HbAxSuGUiQgUMOcwOBhAACgYBN
CU88X455Tye7eux1cYOJl0nM6S4Jx7cpB9MAED0L4OTgJVy8F11hEsamfKS6aQ1M
7WxM77j8amGy6N7W6Mr213hQSF1irKUJ7lCMQyuzMOUm16UNAX0LTKF2MoZM/STG
h8uGwZyRy5C9woQp99PakMMokjLi9ZA7RTImXW+Mt6OBgzCBgDAdBgNVHQ4EFgQU
4Qfbhpi5yqXaXuCLXj427mR25MkwHwYDVR0jBBgwFoAUE89Lp7uJLrM4Vxd2xput
aFvl7RcwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwIAYDVR0RBBkwF4EV
c21pbWVkc2ExQG9wZW5zc2wub3JnMA0GCSqGSIb3DQEBBQUAA4GBAFrdUzKK1pWO
kd02S423KUBc4GWWyiGlVoEO7WxVhHLJ8sm67X7OtJOwe0UGt+Nc5qLtyJYSirw8
phjiTdNpQCTJ8+Kc56tWkJ6H7NAI4vTJtPL5BM/EmeYrVSU9JI9xhqpyKw9IBD+n
hRJ79W9FaiJRvaAOX+TkyTukJrxAWRyv
-----END CERTIFICATE-----

34
test/smime-certs/smdsa2.pem Normal file
View File

@@ -0,0 +1,34 @@
-----BEGIN DSA PRIVATE KEY-----
MIIBvAIBAAKBgQDFJfsIPOIawMO5biw+AoYUhNVxReBOLQosU3Qv4B8krac0BNr3
OjSGLh1wZxHqhlAE0QmasTaKojuk20nNWeFnczSz6vDl0IVJEhS8VYor5kt9gLqt
GcoAgsf4gRDIutJyQDaNn3IVY89uXUVIoexvQeLQDBCgQPC5O8rJdqBwtwIVAK2J
jt+dqk07eQUE59koYUEKyNorAoGBAI4IEpusf8G14kCHmRtnHXM2tG5EWJDmW6Qt
wjqvWp1GKUx5WFy1tVWR9nl5rL0Di+kNdENo+SkKj7h3uDulGOI6T0mQYbV2h1IK
+FMOGnOqvZ8eNTE2n4PGTo5puZ63LBm+QYrQsrNiUY4vakLFQ2rEK/SLwdsDFK4Z
SJCBQw5zAoGBAIPmO8BtJ+Yac58trrPwq9b/6VW3jQTWzTLWSH84/QQdqQa+Pz3v
It/+hHM0daNF5uls8ICsPL1aLXmRx0pHvIyb0aAzYae4T4Jv/COPDMTdKbA1uitJ
VbkGZrm+LIrs7I9lOkb4T0vI6kL/XdOCXY1469zsqCgJ/O2ibn6mq0nWAhR716o2
Nf8SimTZYB0/CKje6M5ufA==
-----END DSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIDpTCCAw6gAwIBAgIJAMtotfHYdEsXMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDlaFw0xNjA1MTAxMzUzMDlaMEUx
CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
ZXN0IFMvTUlNRSBFRSBEU0EgIzIwggG4MIIBLAYHKoZIzjgEATCCAR8CgYEAxSX7
CDziGsDDuW4sPgKGFITVcUXgTi0KLFN0L+AfJK2nNATa9zo0hi4dcGcR6oZQBNEJ
mrE2iqI7pNtJzVnhZ3M0s+rw5dCFSRIUvFWKK+ZLfYC6rRnKAILH+IEQyLrSckA2
jZ9yFWPPbl1FSKHsb0Hi0AwQoEDwuTvKyXagcLcCFQCtiY7fnapNO3kFBOfZKGFB
CsjaKwKBgQCOCBKbrH/BteJAh5kbZx1zNrRuRFiQ5lukLcI6r1qdRilMeVhctbVV
kfZ5eay9A4vpDXRDaPkpCo+4d7g7pRjiOk9JkGG1dodSCvhTDhpzqr2fHjUxNp+D
xk6OabmetywZvkGK0LKzYlGOL2pCxUNqxCv0i8HbAxSuGUiQgUMOcwOBhQACgYEA
g+Y7wG0n5hpzny2us/Cr1v/pVbeNBNbNMtZIfzj9BB2pBr4/Pe8i3/6EczR1o0Xm
6WzwgKw8vVoteZHHSke8jJvRoDNhp7hPgm/8I48MxN0psDW6K0lVuQZmub4siuzs
j2U6RvhPS8jqQv9d04JdjXjr3OyoKAn87aJufqarSdajgYMwgYAwHQYDVR0OBBYE
FHsAGNfVltSYUq4hC+YVYwsYtA+dMB8GA1UdIwQYMBaAFBPPS6e7iS6zOFcXdsab
rWhb5e0XMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgbAMCAGA1UdEQQZMBeB
FXNtaW1lZHNhMkBvcGVuc3NsLm9yZzANBgkqhkiG9w0BAQUFAAOBgQCx9BtCbaYF
FXjLClkuKXbESaDZA1biPgY25i00FsUzARuhCpqD2v+0tu5c33ZzIhL6xlvBRU5l
6Atw/xpZhae+hdBEtxPJoGekLLrHOau7Md3XwDjV4lFgcEJkWZoaSOOIK+4D5jF0
jZWtHjnwEzuLYlo7ScHSsbcQfjH0M1TP5A==
-----END CERTIFICATE-----

34
test/smime-certs/smdsa3.pem Normal file
View File

@@ -0,0 +1,34 @@
-----BEGIN DSA PRIVATE KEY-----
MIIBvAIBAAKBgQDFJfsIPOIawMO5biw+AoYUhNVxReBOLQosU3Qv4B8krac0BNr3
OjSGLh1wZxHqhlAE0QmasTaKojuk20nNWeFnczSz6vDl0IVJEhS8VYor5kt9gLqt
GcoAgsf4gRDIutJyQDaNn3IVY89uXUVIoexvQeLQDBCgQPC5O8rJdqBwtwIVAK2J
jt+dqk07eQUE59koYUEKyNorAoGBAI4IEpusf8G14kCHmRtnHXM2tG5EWJDmW6Qt
wjqvWp1GKUx5WFy1tVWR9nl5rL0Di+kNdENo+SkKj7h3uDulGOI6T0mQYbV2h1IK
+FMOGnOqvZ8eNTE2n4PGTo5puZ63LBm+QYrQsrNiUY4vakLFQ2rEK/SLwdsDFK4Z
SJCBQw5zAoGAYzOpPmh8Je1IDauEXhgaLz14wqYUHHcrj2VWVJ6fRm8GhdQFJSI7
GUk08pgKZSKic2lNqxuzW7/vFxKQ/nvzfytY16b+2i+BR4Q6yvMzCebE1hHVg0Ju
TwfUMwoFEOhYP6ZwHSUiQl9IBMH9TNJCMwYMxfY+VOrURFsjGTRUgpwCFQCIGt5g
Y+XZd0Sv69CatDIRYWvaIA==
-----END DSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIDpDCCAw2gAwIBAgIJAMtotfHYdEsYMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDlaFw0xNjA1MTAxMzUzMDlaMEUx
CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
ZXN0IFMvTUlNRSBFRSBEU0EgIzMwggG3MIIBLAYHKoZIzjgEATCCAR8CgYEAxSX7
CDziGsDDuW4sPgKGFITVcUXgTi0KLFN0L+AfJK2nNATa9zo0hi4dcGcR6oZQBNEJ
mrE2iqI7pNtJzVnhZ3M0s+rw5dCFSRIUvFWKK+ZLfYC6rRnKAILH+IEQyLrSckA2
jZ9yFWPPbl1FSKHsb0Hi0AwQoEDwuTvKyXagcLcCFQCtiY7fnapNO3kFBOfZKGFB
CsjaKwKBgQCOCBKbrH/BteJAh5kbZx1zNrRuRFiQ5lukLcI6r1qdRilMeVhctbVV
kfZ5eay9A4vpDXRDaPkpCo+4d7g7pRjiOk9JkGG1dodSCvhTDhpzqr2fHjUxNp+D
xk6OabmetywZvkGK0LKzYlGOL2pCxUNqxCv0i8HbAxSuGUiQgUMOcwOBhAACgYBj
M6k+aHwl7UgNq4ReGBovPXjCphQcdyuPZVZUnp9GbwaF1AUlIjsZSTTymAplIqJz
aU2rG7Nbv+8XEpD+e/N/K1jXpv7aL4FHhDrK8zMJ5sTWEdWDQm5PB9QzCgUQ6Fg/
pnAdJSJCX0gEwf1M0kIzBgzF9j5U6tREWyMZNFSCnKOBgzCBgDAdBgNVHQ4EFgQU
VhpVXqQ/EzUMdxLvP7o9EhJ8h70wHwYDVR0jBBgwFoAUE89Lp7uJLrM4Vxd2xput
aFvl7RcwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwIAYDVR0RBBkwF4EV
c21pbWVkc2EzQG9wZW5zc2wub3JnMA0GCSqGSIb3DQEBBQUAA4GBACM9e75EQa8m
k/AZkH/tROqf3yeqijULl9x8FjFatqoY+29OM6oMGM425IqSkKd2ipz7OxO0SShu
rE0O3edS7DvYBwvhWPviRaYBMyZ4iFJVup+fOzoYK/j/bASxS3BHQBwb2r4rhe25
OlTyyFEk7DJyW18YFOG97S1P52oQ5f5x
-----END CERTIFICATE-----

9
test/smime-certs/smdsap.pem Normal file
View File

@@ -0,0 +1,9 @@
-----BEGIN DSA PARAMETERS-----
MIIBHwKBgQDFJfsIPOIawMO5biw+AoYUhNVxReBOLQosU3Qv4B8krac0BNr3OjSG
Lh1wZxHqhlAE0QmasTaKojuk20nNWeFnczSz6vDl0IVJEhS8VYor5kt9gLqtGcoA
gsf4gRDIutJyQDaNn3IVY89uXUVIoexvQeLQDBCgQPC5O8rJdqBwtwIVAK2Jjt+d
qk07eQUE59koYUEKyNorAoGBAI4IEpusf8G14kCHmRtnHXM2tG5EWJDmW6Qtwjqv
Wp1GKUx5WFy1tVWR9nl5rL0Di+kNdENo+SkKj7h3uDulGOI6T0mQYbV2h1IK+FMO
GnOqvZ8eNTE2n4PGTo5puZ63LBm+QYrQsrNiUY4vakLFQ2rEK/SLwdsDFK4ZSJCB
Qw5z
-----END DSA PARAMETERS-----

30
test/smime-certs/smroot.pem Normal file
View File

@@ -0,0 +1,30 @@
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQDBV1Z/Q5gPF7lojc8pKUdyz5+Jf2B3vs4he6egekugWnoJduki
9Lnae/JchB/soIX0co3nLc11NuFFlnAWJNMDJr08l5AHAJLYNHevF5l/f9oDQwvZ
speKh1xpIAJNqCTzVeQ/ZLx6/GccIXV/xDuKIiovqJTPgR5WPkYKaw++lQIDAQAB
AoGALXnUj5SflJU4+B2652ydMKUjWl0KnL/VjkyejgGV/j6py8Ybaixz9q8Gv7oY
JDlRqMC1HfZJCFQDQrHy5VJ+CywA/H9WrqKo/Ch9U4tJAZtkig1Cmay/BAYixVu0
xBeim10aKF6hxHH4Chg9We+OCuzWBWJhqveNjuDedL/i7JUCQQDlejovcwBUCbhJ
U12qKOwlaboolWbl7yF3XdckTJZg7+1UqQHZH5jYZlLZyZxiaC92SNV0SyTLJZnS
Jh5CO+VDAkEA16/pPcuVtMMz/R6SSPpRSIAa1stLs0mFSs3NpR4pdm0n42mu05pO
1tJEt3a1g7zkreQBf53+Dwb+lA841EkjRwJBAIFmt0DifKDnCkBu/jZh9SfzwsH3
3Zpzik+hXxxdA7+ODCrdUul449vDd5zQD5t+XKU61QNLDGhxv5e9XvrCg7kCQH/a
3ldsVF0oDaxxL+QkxoREtCQ5tLEd1u7F2q6Tl56FDE0pe6Ih6bQ8RtG+g9EI60IN
U7oTrOO5kLWx5E0q4ccCQAZVgoenn9MhRU1agKOCuM6LT2DxReTu4XztJzynej+8
0J93n3ebanB1MlRpn1XJwhQ7gAC8ImaQKLJK5jdJzFc=
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIICaTCCAdKgAwIBAgIJAP6VN47boiXRMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDdaFw0xNjA1MTExMzUzMDdaMEQx
CzAJBgNVBAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRU
ZXN0IFMvTUlNRSBSU0EgUm9vdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
wVdWf0OYDxe5aI3PKSlHcs+fiX9gd77OIXunoHpLoFp6CXbpIvS52nvyXIQf7KCF
9HKN5y3NdTbhRZZwFiTTAya9PJeQBwCS2DR3rxeZf3/aA0ML2bKXiodcaSACTagk
81XkP2S8evxnHCF1f8Q7iiIqL6iUz4EeVj5GCmsPvpUCAwEAAaNjMGEwHQYDVR0O
BBYEFBPPS6e7iS6zOFcXdsabrWhb5e0XMB8GA1UdIwQYMBaAFBPPS6e7iS6zOFcX
dsabrWhb5e0XMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMA0GCSqG
SIb3DQEBBQUAA4GBAIECprq5viDvnDbkyOaiSr9ubMUmWqvycfAJMdPZRKcOZczS
l+L9R9lF3JSqbt3knOe9u6bGDBOTY2285PdCCuHRVMk2Af1f6El1fqAlRUwNqipp
r68sWFuRqrcRNtk6QQvXfkOhrqQBuDa7te/OVQLa2lGN9Dr2mQsD8ijctatG
-----END CERTIFICATE-----

31
test/smime-certs/smrsa1.pem Normal file
View File

@@ -0,0 +1,31 @@
-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQC6A978j4pmPgUtUQqF+bjh6vdhwGOGZSD7xXgFTMjm88twfv+E
ixkq2KXSDjD0ZXoQbdOaSbvGRQrIJpG2NGiKAFdYNrP025kCCdh5wF/aEI7KLEm7
JlHwXpQsuj4wkMgmkFjL3Ty4Z55aNH+2pPQIa0k+ENJXm2gDuhqgBmduAwIDAQAB
AoGBAJMuYu51aO2THyeHGwt81uOytcCbqGP7eoib62ZOJhxPRGYjpmuqX+R9/V5i
KiwGavm63JYUx0WO9YP+uIZxm1BUATzkgkS74u5LP6ajhkZh6/Bck1oIYYkbVOXl
JVrdENuH6U7nupznsyYgONByo+ykFPVUGmutgiaC7NMVo/MxAkEA6KLejWXdCIEn
xr7hGph9NlvY9xuRIMexRV/WrddcFfCdjI1PciIupgrIkR65M9yr7atm1iU6/aRf
KOr8rLZsSQJBAMyyXN71NsDNx4BP6rtJ/LJMP0BylznWkA7zWfGCbAYn9VhZVlSY
Eu9Gyr7quD1ix7G3kInKVYOEEOpockBLz+sCQQCedyMmKjcQLfpMVYW8uhbAynvW
h36qV5yXZxszO7nMcCTBsxhk5IfmLv5EbCs3+p9avCDGyoGOeUMg+kC33WORAkAg
oUIarH4o5+SoeJTTfCzTA0KF9H5U0vYt2+73h7HOnWoHxl3zqDZEfEVvf50U8/0f
QELDJETTbScBJtsnkq43AkEA38etvoZ2i4FJvvo7R/9gWBHVEcrGzcsCBYrNnIR1
SZLRwHEGaiOK1wxMsWzqp7PJwL9z/M8A8DyOFBx3GPOniA==
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIICizCCAfSgAwIBAgIJAMtotfHYdEsTMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDhaFw0xNjA1MTAxMzUzMDhaMEUx
CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
ZXN0IFMvTUlNRSBFRSBSU0EgIzEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
ALoD3vyPimY+BS1RCoX5uOHq92HAY4ZlIPvFeAVMyObzy3B+/4SLGSrYpdIOMPRl
ehBt05pJu8ZFCsgmkbY0aIoAV1g2s/TbmQIJ2HnAX9oQjsosSbsmUfBelCy6PjCQ
yCaQWMvdPLhnnlo0f7ak9AhrST4Q0lebaAO6GqAGZ24DAgMBAAGjgYMwgYAwHQYD
VR0OBBYEFE2vMvKz5jrC7Lbdg68XwZ95iL/QMB8GA1UdIwQYMBaAFBPPS6e7iS6z
OFcXdsabrWhb5e0XMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCAGA1Ud
EQQZMBeBFXNtaW1lcnNhMUBvcGVuc3NsLm9yZzANBgkqhkiG9w0BAQUFAAOBgQAi
O3GOkUl646oLnOimc36i9wxZ1tejsqs8vMjJ0Pym6Uq9FE2JoGzJ6OhB1GOsEVmj
9cQ5UNQcRYL3cqOFtl6f4Dpu/lhzfbaqgmLjv29G1mS0uuTZrixhlyCXjwcbOkNC
I/+wvHHENYIK5+T/79M9LaZ2Qk4F9MNE1VMljdz9Qw==
-----END CERTIFICATE-----

31
test/smime-certs/smrsa2.pem Normal file
View File

@@ -0,0 +1,31 @@
-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgQCwBfryW4Vu5U9wNIDKspJO/N9YF4CcTlrCUyzVlKgb+8urHlSe
59i5verR9IOCCXkemjOzZ/3nALTGqYZlnEvHp0Rjk+KdKXnKBIB+SRPpeu3LcXMT
WPgsThPa0UQxedNKG0g6aG+kLhsDlFBCoxd09jJtSpb9jmroJOq0ZYEHLwIDAQAB
AoGAKa/w4677Je1W5+r3SYoLDnvi5TkDs4D3C6ipKJgBTEdQz+DqB4w/DpZE4551
+rkFn1LDxcxuHGRVa+tAMhZW97fwq9YUbjVZEyOz79qrX+BMyl/NbHkf1lIKDo3q
dWalzQvop7nbzeLC+VmmviwZfLQUbA61AQl3jm4dswT4XykCQQDloDadEv/28NTx
bvvywvyGuvJkCkEIycm4JrIInvwsd76h/chZ3oymrqzc7hkEtK6kThqlS5y+WXl6
QzPruTKTAkEAxD2ro/VUoN+scIVaLmn0RBmZ67+9Pdn6pNSfjlK3s0T0EM6/iUWS
M06l6L9wFS3/ceu1tIifsh9BeqOGTa+udQJARIFnybTBaIqw/NZ/lA1YCVn8tpvY
iyaoZ6gjtS65TQrsdKeh/i3HCHNUXxUpoZ3F/H7QtD+6o49ODou+EbVOwQJAVmex
A2gp8wuJKaINqxIL81AybZLnCCzKJ3lXJ5tUNyLNM/lUbGStktm2Q1zHRQwTxV07
jFn7trn8YrtNjzcjYQJAUKIJRt38A8Jw3HoPT+D0WS2IgxjVL0eYGsZX1lyeammG
6rfnQ3u5uP7mEK2EH2o8mDUpAE0gclWBU9UkKxJsGA==
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIICizCCAfSgAwIBAgIJAMtotfHYdEsUMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDhaFw0xNjA1MTAxMzUzMDhaMEUx
CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
ZXN0IFMvTUlNRSBFRSBSU0EgIzIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
ALAF+vJbhW7lT3A0gMqykk7831gXgJxOWsJTLNWUqBv7y6seVJ7n2Lm96tH0g4IJ
eR6aM7Nn/ecAtMaphmWcS8enRGOT4p0pecoEgH5JE+l67ctxcxNY+CxOE9rRRDF5
00obSDpob6QuGwOUUEKjF3T2Mm1Klv2Oaugk6rRlgQcvAgMBAAGjgYMwgYAwHQYD
VR0OBBYEFIL/u+mEvaw7RuKLRuElfVkxSQjYMB8GA1UdIwQYMBaAFBPPS6e7iS6z
OFcXdsabrWhb5e0XMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCAGA1Ud
EQQZMBeBFXNtaW1lcnNhMkBvcGVuc3NsLm9yZzANBgkqhkiG9w0BAQUFAAOBgQC2
rXR5bm/9RtOMQPleNpd3y6uUX3oy+0CafK5Yl3PMnItjjnKJ0l1/DbLbDj2twehe
ewaB8CROcBCA3AMLSmGvPKgUCFMGtWam3328M4fBHzon5ka7qDXzM+imkAly/Yx2
YNdR/aNOug+5sXygHmTSKqiCpQjOIClzXoPVVeEVHw==
-----END CERTIFICATE-----

31
test/smime-certs/smrsa3.pem Normal file
View File

@@ -0,0 +1,31 @@
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQC6syTZtZNe1hRScFc4PUVyVLsr7+C1HDIZnOHmwFoLayX6RHwy
ep/TkdwiPHnemVLuwvpSjLMLZkXy/J764kSHJrNeVl3UvmCVCOm40hAtK1+F39pM
h8phkbPPD7i+hwq4/Vs79o46nzwbVKmzgoZBJhZ+codujUSYM3LjJ4aq+wIDAQAB
AoGAE1Zixrnr3bLGwBMqtYSDIOhtyos59whImCaLr17U9MHQWS+mvYO98if1aQZi
iQ/QazJ+wvYXxWJ+dEB+JvYwqrGeuAU6He/rAb4OShG4FPVU2D19gzRnaButWMeT
/1lgXV08hegGBL7RQNaN7b0viFYMcKnSghleMP0/q+Y/oaECQQDkXEwDYJW13X9p
ijS20ykWdY5lLknjkHRhhOYux0rlhOqsyMZjoUmwI2m0qj9yrIysKhrk4MZaM/uC
hy0xp3hdAkEA0Uv/UY0Kwsgc+W6YxeypECtg1qCE6FBib8n4iFy/6VcWqhvE5xrs
OdhKv9/p6aLjLneGd1sU+F8eS9LGyKIbNwJBAJPgbNzXA7uUZriqZb5qeTXxBDfj
RLfXSHYKAKEULxz3+JvRHB9SR4yHMiFrCdExiZrHXUkPgYLSHLGG5a4824UCQD6T
9XvhquUARkGCAuWy0/3Eqoihp/t6BWSdQ9Upviu7YUhtUxsyXo0REZB7F4pGrJx5
GlhXgFaewgUzuUHFzlMCQCzJMMWslWpoLntnR6sMhBMhBFHSw+Y5CbxBmFrdtSkd
VdtNO1VuDCTxjjW7W3Khj7LX4KZ1ye/5jfAgnnnXisc=
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIICizCCAfSgAwIBAgIJAMtotfHYdEsVMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDlaFw0xNjA1MTAxMzUzMDlaMEUx
CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
ZXN0IFMvTUlNRSBFRSBSU0EgIzMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
ALqzJNm1k17WFFJwVzg9RXJUuyvv4LUcMhmc4ebAWgtrJfpEfDJ6n9OR3CI8ed6Z
Uu7C+lKMswtmRfL8nvriRIcms15WXdS+YJUI6bjSEC0rX4Xf2kyHymGRs88PuL6H
Crj9Wzv2jjqfPBtUqbOChkEmFn5yh26NRJgzcuMnhqr7AgMBAAGjgYMwgYAwHQYD
VR0OBBYEFDsSFjNtYZzd0tTHafNS7tneQQj6MB8GA1UdIwQYMBaAFBPPS6e7iS6z
OFcXdsabrWhb5e0XMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCAGA1Ud
EQQZMBeBFXNtaW1lcnNhM0BvcGVuc3NsLm9yZzANBgkqhkiG9w0BAQUFAAOBgQBE
tUDB+1Dqigu4p1xtdq7JRK6S+gfA7RWmhz0j2scb2zhpS12h37JLHsidGeKAzZYq
jUjOrH/j3xcV5AnuJoqImJaN23nzzxtR4qGGX2mrq6EtObzdEGgCUaizsGM+0slJ
PYxcy8KeY/63B1BpYhj2RjGkL6HrvuAaxVORa3acoA==
-----END CERTIFICATE-----

1
test/ssltest.c Symbolic link
View File

@@ -0,0 +1 @@
../ssl/ssltest.c

78
test/tcrl Normal file
View File

@@ -0,0 +1,78 @@
#!/bin/sh
cmd='../util/shlib_wrap.sh ../apps/openssl crl'
if [ "$1"x != "x" ]; then
t=$1
else
t=testcrl.pem
fi
echo testing crl conversions
cp $t fff.p
echo "p -> d"
$cmd -in fff.p -inform p -outform d >f.d
if [ $? != 0 ]; then exit 1; fi
#echo "p -> t"
#$cmd -in fff.p -inform p -outform t >f.t
#if [ $? != 0 ]; then exit 1; fi
echo "p -> p"
$cmd -in fff.p -inform p -outform p >f.p
if [ $? != 0 ]; then exit 1; fi
echo "d -> d"
$cmd -in f.d -inform d -outform d >ff.d1
if [ $? != 0 ]; then exit 1; fi
#echo "t -> d"
#$cmd -in f.t -inform t -outform d >ff.d2
#if [ $? != 0 ]; then exit 1; fi
echo "p -> d"
$cmd -in f.p -inform p -outform d >ff.d3
if [ $? != 0 ]; then exit 1; fi
#echo "d -> t"
#$cmd -in f.d -inform d -outform t >ff.t1
#if [ $? != 0 ]; then exit 1; fi
#echo "t -> t"
#$cmd -in f.t -inform t -outform t >ff.t2
#if [ $? != 0 ]; then exit 1; fi
#echo "p -> t"
#$cmd -in f.p -inform p -outform t >ff.t3
#if [ $? != 0 ]; then exit 1; fi
echo "d -> p"
$cmd -in f.d -inform d -outform p >ff.p1
if [ $? != 0 ]; then exit 1; fi
#echo "t -> p"
#$cmd -in f.t -inform t -outform p >ff.p2
#if [ $? != 0 ]; then exit 1; fi
echo "p -> p"
$cmd -in f.p -inform p -outform p >ff.p3
if [ $? != 0 ]; then exit 1; fi
cmp fff.p f.p
if [ $? != 0 ]; then exit 1; fi
cmp fff.p ff.p1
if [ $? != 0 ]; then exit 1; fi
#cmp fff.p ff.p2
#if [ $? != 0 ]; then exit 1; fi
cmp fff.p ff.p3
if [ $? != 0 ]; then exit 1; fi
#cmp f.t ff.t1
#if [ $? != 0 ]; then exit 1; fi
#cmp f.t ff.t2
#if [ $? != 0 ]; then exit 1; fi
#cmp f.t ff.t3
#if [ $? != 0 ]; then exit 1; fi
cmp f.p ff.p1
if [ $? != 0 ]; then exit 1; fi
#cmp f.p ff.p2
#if [ $? != 0 ]; then exit 1; fi
cmp f.p ff.p3
if [ $? != 0 ]; then exit 1; fi
/bin/rm -f f.* ff.* fff.*
exit 0

85
test/tcrl.com Normal file
View File

@@ -0,0 +1,85 @@
$! TCRL.COM -- Tests crl keys
$
$ __arch := VAX
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
$ if __arch .eqs. "" then __arch := UNK
$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
$
$ cmd := mcr 'exe_dir'openssl crl
$
$ t := testcrl.pem
$ if p1 .nes. "" then t = p1
$
$ write sys$output "testing CRL conversions"
$ if f$search("fff.*") .nes "" then delete fff.*;*
$ if f$search("ff.*") .nes "" then delete ff.*;*
$ if f$search("f.*") .nes "" then delete f.*;*
$ convert/fdl=sys$input: 't' fff.p
RECORD
FORMAT STREAM_LF
$
$ write sys$output "p -> d"
$ 'cmd' -in fff.p -inform p -outform d -out f.d
$ if $severity .ne. 1 then exit 3
$! write sys$output "p -> t"
$! 'cmd' -in fff.p -inform p -outform t -out f.t
$! if $severity .ne. 1 then exit 3
$ write sys$output "p -> p"
$ 'cmd' -in fff.p -inform p -outform p -out f.p
$ if $severity .ne. 1 then exit 3
$
$ write sys$output "d -> d"
$ 'cmd' -in f.d -inform d -outform d -out ff.d1
$ if $severity .ne. 1 then exit 3
$! write sys$output "t -> d"
$! 'cmd' -in f.t -inform t -outform d -out ff.d2
$! if $severity .ne. 1 then exit 3
$ write sys$output "p -> d"
$ 'cmd' -in f.p -inform p -outform d -out ff.d3
$ if $severity .ne. 1 then exit 3
$
$! write sys$output "d -> t"
$! 'cmd' -in f.d -inform d -outform t -out ff.t1
$! if $severity .ne. 1 then exit 3
$! write sys$output "t -> t"
$! 'cmd' -in f.t -inform t -outform t -out ff.t2
$! if $severity .ne. 1 then exit 3
$! write sys$output "p -> t"
$! 'cmd' -in f.p -inform p -outform t -out ff.t3
$! if $severity .ne. 1 then exit 3
$
$ write sys$output "d -> p"
$ 'cmd' -in f.d -inform d -outform p -out ff.p1
$ if $severity .ne. 1 then exit 3
$! write sys$output "t -> p"
$! 'cmd' -in f.t -inform t -outform p -out ff.p2
$! if $severity .ne. 1 then exit 3
$ write sys$output "p -> p"
$ 'cmd' -in f.p -inform p -outform p -out ff.p3
$ if $severity .ne. 1 then exit 3
$
$ backup/compare fff.p f.p
$ if $severity .ne. 1 then exit 3
$ backup/compare fff.p ff.p1
$ if $severity .ne. 1 then exit 3
$! backup/compare fff.p ff.p2
$! if $severity .ne. 1 then exit 3
$ backup/compare fff.p ff.p3
$ if $severity .ne. 1 then exit 3
$
$! backup/compare f.t ff.t1
$! if $severity .ne. 1 then exit 3
$! backup/compare f.t ff.t2
$! if $severity .ne. 1 then exit 3
$! backup/compare f.t ff.t3
$! if $severity .ne. 1 then exit 3
$
$ backup/compare f.p ff.p1
$ if $severity .ne. 1 then exit 3
$! backup/compare f.p ff.p2
$! if $severity .ne. 1 then exit 3
$ backup/compare f.p ff.p3
$ if $severity .ne. 1 then exit 3
$
$ delete f.*;*,ff.*;*,fff.*;*

88
test/test.cnf Normal file
View File

@@ -0,0 +1,88 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
RANDFILE = ./.rnd
####################################################################
[ ca ]
default_ca = CA_default # The default ca section
####################################################################
[ CA_default ]
dir = ./demoCA # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file.
new_certs_dir = $dir/new_certs # default place for new certs.
certificate = $dir/CAcert.pem # The CA certificate
serial = $dir/serial # The current serial number
crl = $dir/crl.pem # The current CRL
private_key = $dir/private/CAkey.pem# The private key
RANDFILE = $dir/private/.rand # private random number file
default_days = 365 # how long to certify for
default_crl_days= 30 # how long before next CRL
default_md = md5 # which md to use.
# A few difference way of specifying how similar the request should look
# For type CA, the listed attributes must be the same, and the optional
# and supplied fields are just that :-)
policy = policy_match
# For the CA policy
[ policy_match ]
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
# For the 'anything' policy
# At this point in time, you must list all acceptable 'object'
# types.
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
####################################################################
[ req ]
default_bits = 512
default_keyfile = testkey.pem
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = AU
countryName_value = AU
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = Queensland
stateOrProvinceName_value =
localityName = Locality Name (eg, city)
localityName_value = Brisbane
organizationName = Organization Name (eg, company)
organizationName_default =
organizationName_value = CryptSoft Pty Ltd
organizationalUnitName = Organizational Unit Name (eg, section)
organizationalUnitName_default =
organizationalUnitName_value = .
commonName = Common Name (eg, YOUR name)
commonName_value = Eric Young
emailAddress = Email Address
emailAddress_value = eay@mincom.oz.au

64
test/test_padlock Executable file
View File

@@ -0,0 +1,64 @@
#!/bin/sh
PROG=$1
if [ -x $PROG ]; then
if expr "x`$PROG version`" : "xOpenSSL" > /dev/null; then
:
else
echo "$PROG is not OpenSSL executable"
exit 1
fi
else
echo "$PROG is not executable"
exit 1;
fi
if $PROG engine padlock | grep -v no-ACE; then
HASH=`cat $PROG | $PROG dgst -hex`
ACE_ALGS=" aes-128-ecb aes-192-ecb aes-256-ecb \
aes-128-cbc aes-192-cbc aes-256-cbc \
aes-128-cfb aes-192-cfb aes-256-cfb \
aes-128-ofb aes-192-ofb aes-256-ofb"
nerr=0
for alg in $ACE_ALGS; do
echo $alg
TEST=`( cat $PROG | \
$PROG enc -e -k "$HASH" -$alg -bufsize 999 -engine padlock | \
$PROG enc -d -k "$HASH" -$alg | \
$PROG dgst -hex ) 2>/dev/null`
if [ "$TEST" != "$HASH" ]; then
echo "-$alg encrypt test failed"
nerr=`expr $nerr + 1`
fi
TEST=`( cat $PROG | \
$PROG enc -e -k "$HASH" -$alg | \
$PROG enc -d -k "$HASH" -$alg -bufsize 999 -engine padlock | \
$PROG dgst -hex ) 2>/dev/null`
if [ "$TEST" != "$HASH" ]; then
echo "-$alg decrypt test failed"
nerr=`expr $nerr + 1`
fi
TEST=`( cat $PROG | \
$PROG enc -e -k "$HASH" -$alg -engine padlock | \
$PROG enc -d -k "$HASH" -$alg -engine padlock | \
$PROG dgst -hex ) 2>/dev/null`
if [ "$TEST" != "$HASH" ]; then
echo "-$alg en/decrypt test failed"
nerr=`expr $nerr + 1`
fi
done
if [ $nerr -gt 0 ]; then
echo "PadLock ACE test failed."
exit 1;
fi
else
echo "PadLock ACE is not available"
fi
exit 0

51
test/testca Normal file
View File

@@ -0,0 +1,51 @@
#!/bin/sh
SH="/bin/sh"
if test "$OSTYPE" = msdosdjgpp; then
PATH="../apps\;$PATH"
else
PATH="../apps:$PATH"
fi
export SH PATH
SSLEAY_CONFIG="-config CAss.cnf"
export SSLEAY_CONFIG
OPENSSL="`pwd`/../util/opensslwrap.sh"
export OPENSSL
/bin/rm -fr demoCA
$SH ../apps/CA.sh -newca <<EOF
EOF
if [ $? != 0 ]; then
exit 1;
fi
SSLEAY_CONFIG="-config Uss.cnf"
export SSLEAY_CONFIG
$SH ../apps/CA.sh -newreq
if [ $? != 0 ]; then
exit 1;
fi
SSLEAY_CONFIG="-config ../apps/openssl.cnf"
export SSLEAY_CONFIG
$SH ../apps/CA.sh -sign <<EOF
y
y
EOF
if [ $? != 0 ]; then
exit 1;
fi
$SH ../apps/CA.sh -verify newcert.pem
if [ $? != 0 ]; then
exit 1;
fi
/bin/rm -fr demoCA newcert.pem newreq.pem
#usage: CA -newcert|-newreq|-newca|-sign|-verify

50
test/testca.com Normal file
View File

@@ -0,0 +1,50 @@
$! TESTCA.COM
$
$ __arch := VAX
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
$ if __arch .eqs. "" then __arch := UNK
$
$ openssl := mcr 'exe_dir'openssl
$
$ SSLEAY_CONFIG="-config ""CAss.cnf"""
$
$ set noon
$ if f$search("demoCA.dir") .nes. ""
$ then
$ @[-.util]deltree [.demoCA]*.*
$ set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) demoCA.dir;*
$ delete demoCA.dir;*
$ endif
$ set on
$ open/read sys$ca_input VMSca-response.1
$ @[-.apps]CA.com -input sys$ca_input -newca
$ close sys$ca_input
$ if $severity .ne. 1 then exit 3
$
$
$ SSLEAY_CONFIG="-config ""Uss.cnf"""
$ @[-.apps]CA.com -newreq
$ if $severity .ne. 1 then exit 3
$
$
$ SSLEAY_CONFIG="-config [-.apps]openssl-vms.cnf"
$ open/read sys$ca_input VMSca-response.2
$ @[-.apps]CA.com -input sys$ca_input -sign
$ close sys$ca_input
$ if $severity .ne. 1 then exit 3
$
$
$ @[-.apps]CA.com -verify newcert.pem
$ if $severity .ne. 1 then exit 3
$
$ set noon
$ @[-.util]deltree [.demoCA]*.*
$ set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) demoCA.dir;*
$ delete demoCA.dir;*
$ if f$search("newcert.pem") .nes. "" then delete newcert.pem;*
$ if f$search("newcert.pem") .nes. "" then delete newreq.pem;*
$ set on
$! #usage: CA -newcert|-newreq|-newca|-sign|-verify
$
$ exit

16
test/testcrl.pem Normal file
View File

@@ -0,0 +1,16 @@
-----BEGIN X509 CRL-----
MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT
F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy
IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw
MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw
MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw
MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw
MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw
MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw
MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw
NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw
NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF
AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ
wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt
JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v
-----END X509 CRL-----

54
test/testenc Normal file
View File

@@ -0,0 +1,54 @@
#!/bin/sh
testsrc=Makefile
test=./p
cmd="../util/shlib_wrap.sh ../apps/openssl"
cat $testsrc >$test;
echo cat
$cmd enc < $test > $test.cipher
$cmd enc < $test.cipher >$test.clear
cmp $test $test.clear
if [ $? != 0 ]
then
exit 1
else
/bin/rm $test.cipher $test.clear
fi
echo base64
$cmd enc -a -e < $test > $test.cipher
$cmd enc -a -d < $test.cipher >$test.clear
cmp $test $test.clear
if [ $? != 0 ]
then
exit 1
else
/bin/rm $test.cipher $test.clear
fi
for i in `$cmd list-cipher-commands`
do
echo $i
$cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher
$cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear
cmp $test $test.$i.clear
if [ $? != 0 ]
then
exit 1
else
/bin/rm $test.$i.cipher $test.$i.clear
fi
echo $i base64
$cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher
$cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
cmp $test $test.$i.clear
if [ $? != 0 ]
then
exit 1
else
/bin/rm $test.$i.cipher $test.$i.clear
fi
done
rm -f $test

63
test/testenc.com Normal file
View File

@@ -0,0 +1,63 @@
$! TESTENC.COM -- Test encoding and decoding
$
$ __arch := VAX
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
$ if __arch .eqs. "" then __arch := UNK
$
$ testsrc := makefile.
$ test := p.txt
$ cmd := mcr 'exe_dir'openssl
$
$ if f$search(test) .nes. "" then delete 'test';*
$ convert/fdl=sys$input: 'testsrc' 'test'
RECORD
FORMAT STREAM_LF
$
$ if f$search(test+"-cipher") .nes. "" then delete 'test'-cipher;*
$ if f$search(test+"-clear") .nes. "" then delete 'test'-clear;*
$
$ write sys$output "cat"
$ 'cmd' enc -in 'test' -out 'test'-cipher
$ 'cmd' enc -in 'test'-cipher -out 'test'-clear
$ backup/compare 'test' 'test'-clear
$ if $severity .ne. 1 then exit 3
$ delete 'test'-cipher;*,'test'-clear;*
$
$ write sys$output "base64"
$ 'cmd' enc -a -e -in 'test' -out 'test'-cipher
$ 'cmd' enc -a -d -in 'test'-cipher -out 'test'-clear
$ backup/compare 'test' 'test'-clear
$ if $severity .ne. 1 then exit 3
$ delete 'test'-cipher;*,'test'-clear;*
$
$ define/user sys$output 'test'-cipher-commands
$ 'cmd' list-cipher-commands
$ open/read f 'test'-cipher-commands
$ loop_cipher_commands:
$ read/end=loop_cipher_commands_end f i
$ write sys$output i
$
$ if f$search(test+"-"+i+"-cipher") .nes. "" then -
delete 'test'-'i'-cipher;*
$ if f$search(test+"-"+i+"-clear") .nes. "" then -
delete 'test'-'i'-clear;*
$
$ 'cmd' 'i' -bufsize 113 -e -k test -in 'test' -out 'test'-'i'-cipher
$ 'cmd' 'i' -bufsize 157 -d -k test -in 'test'-'i'-cipher -out 'test'-'i'-clear
$ backup/compare 'test' 'test'-'i'-clear
$ if $severity .ne. 1 then exit 3
$ delete 'test'-'i'-cipher;*,'test'-'i'-clear;*
$
$ write sys$output i," base64"
$ 'cmd' 'i' -bufsize 113 -a -e -k test -in 'test' -out 'test'-'i'-cipher
$ 'cmd' 'i' -bufsize 157 -a -d -k test -in 'test'-'i'-cipher -out 'test'-'i'-clear
$ backup/compare 'test' 'test'-'i'-clear
$ if $severity .ne. 1 then exit 3
$ delete 'test'-'i'-cipher;*,'test'-'i'-clear;*
$
$ goto loop_cipher_commands
$ loop_cipher_commands_end:
$ close f
$ delete 'test'-cipher-commands;*
$ delete 'test';*

44
test/testgen Normal file
View File

@@ -0,0 +1,44 @@
#!/bin/sh
T=testcert
KEY=512
CA=../certs/testca.pem
/bin/rm -f $T.1 $T.2 $T.key
if test "$OSTYPE" = msdosdjgpp; then
PATH=../apps\;$PATH;
else
PATH=../apps:$PATH;
fi
export PATH
echo "generating certificate request"
echo "string to make the random number generator think it has entropy" >> ./.rnd
if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
req_new='-newkey dsa:../apps/dsa512.pem'
else
req_new='-new'
echo "There should be a 2 sequences of .'s and some +'s."
echo "There should not be more that at most 80 per line"
fi
echo "This could take some time."
rm -f testkey.pem testreq.pem
../util/shlib_wrap.sh ../apps/openssl req -config test.cnf $req_new -out testreq.pem
if [ $? != 0 ]; then
echo problems creating request
exit 1
fi
../util/shlib_wrap.sh ../apps/openssl req -config test.cnf -verify -in testreq.pem -noout
if [ $? != 0 ]; then
echo signature on req is wrong
exit 1
fi
exit 0

54
test/testgen.com Normal file
View File

@@ -0,0 +1,54 @@
$! TETSGEN.COM
$
$ __arch := VAX
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
$ if __arch .eqs. "" then __arch := UNK
$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
$
$ T := testcert
$ KEY = 512
$ CA := [-.certs]testca.pem
$
$ set noon
$ if f$search(T+".1;*") .nes. "" then delete 'T'.1;*
$ if f$search(T+".2;*") .nes. "" then delete 'T'.2;*
$ if f$search(T+".key;*") .nes. "" then delete 'T'.key;*
$ set on
$
$ write sys$output "generating certificate request"
$
$ append/new nl: .rnd
$ open/append random_file .rnd
$ write random_file "string to make the random number generator think it has entropy"
$ close random_file
$
$ set noon
$ define/user sys$output nla0:
$ mcr 'exe_dir'openssl no-rsa
$ save_severity=$SEVERITY
$ set on
$ if save_severity
$ then
$ req_new="-newkey dsa:[-.apps]dsa512.pem"
$ else
$ req_new="-new"
$ write sys$output "There should be a 2 sequences of .'s and some +'s."
$ write sys$output "There should not be more that at most 80 per line"
$ endif
$
$ write sys$output "This could take some time."
$
$ mcr 'exe_dir'openssl req -config test.cnf 'req_new' -out testreq.pem
$ if $severity .ne. 1
$ then
$ write sys$output "problems creating request"
$ exit 3
$ endif
$
$ mcr 'exe_dir'openssl req -config test.cnf -verify -in testreq.pem -noout
$ if $severity .ne. 1
$ then
$ write sys$output "signature on req is wrong"
$ exit 3
$ endif

46
test/testp7.pem Normal file
View File

@@ -0,0 +1,46 @@
-----BEGIN PKCS7-----
MIIIGAYJKoZIhvcNAQcCoIIICTCCCAUCAQExADALBgkqhkiG9w0BBwGgggY8MIIE
cjCCBBygAwIBAgIQeS+OJfWJUZAx6cX0eAiMjzANBgkqhkiG9w0BAQQFADBiMREw
DwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNV
BAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIw
HhcNOTYwNzE5MDAwMDAwWhcNOTcwMzMwMjM1OTU5WjCB1TERMA8GA1UEBxMISW50
ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2ln
biBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMSgwJgYDVQQLEx9E
aWdpdGFsIElEIENsYXNzIDEgLSBTTUlNRSBUZXN0MUcwRQYDVQQLEz53d3cudmVy
aXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMCBJbmMuIGJ5IFJlZi4sTElBQi5M
VEQoYyk5NjBbMA0GCSqGSIb3DQEBAQUAA0oAMEcCQA7LvHEIAiQ5+4gDYvJGnGAq
UM5GXyG11diEXmIEZTHUZhorooX5sr8IIjSXiPY59YYUFSvAaharFM1xaBN8zNEC
AwEAAaOCAjkwggI1MAkGA1UdEwQCMAAwggImBgNVHQMEggIdMIICGTCCAhUwggIR
BgtghkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0
ZXMgYnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0
IHRvLCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1l
bnQgKENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
L0NQUy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29t
OyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4s
IE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04
ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0
cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJ
QUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQEC
MC8wLRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEu
AzANBgkqhkiG9w0BAQQFAANBAMCYDuSb/eIlYSxY31nZZTaCZkCSfHjlacMofExr
cF+A2yHoEuT+eCQkqM0pMNHXddUeoQ9RjV+VuMBNmm63DUYwggHCMIIBbKADAgEC
AhB8CYTq1bkRFJBYOd67cp9JMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVT
MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBD
QTAeFw05NjA3MTcwMDAwMDBaFw05NzA3MTcyMzU5NTlaMGIxETAPBgNVBAcTCElu
dGVybmV0MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNp
Z24gQ2xhc3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjBcMA0GCSqGSIb3
DQEBAQUAA0sAMEgCQQDsVzrNgnDhbAJZrWeLd9g1vMZJA2W67D33TTbga6yMt+ES
TWEywhS6RNP+fzLGg7utinjH4tL60cXa0G27GDsLAgMBAAGjIjAgMAsGA1UdDwQE
AwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADQQAUp6bRwkaD
2d1MBs/mjUcgTI2fXVmW8tTm/Ud6OzUwpC3vYgybiOOA4f6mOC5dbyUHrLOsrihU
47ZQ0Jo1DUfboYIBrTCBwTBtMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVT
MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBD
QRcNOTYwNzE3MTc0NDA5WhcNOTgwNzE3MDAwMDAwWjANBgkqhkiG9w0BAQIFAANB
AHitA0/xAukCjHzeh1AMT/l2oC68N+yFb+aJPHBBMxc6gG2MaKjBNwb5hcXUllMl
ExONA3ju10f7owIq3s3wx10wgeYwgZEwDQYJKoZIhvcNAQECBQAwYjERMA8GA1UE
BxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytW
ZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyFw05NjA3
MTcxNzU5MjlaFw05NzA3MTgwMDAwMDBaMA0GCSqGSIb3DQEBAgUAA0EAubVWYTsW
sQmste9f+UgMw8BkjDlM25fwQLrCfmmnLxjewey10kSROypUaJLb+r4oRALc0fG9
XfZsaiiIgotQHjEA
-----END PKCS7-----

7
test/testreq2.pem Normal file
View File

@@ -0,0 +1,7 @@
-----BEGIN CERTIFICATE REQUEST-----
MIHaMIGFAgEAMA4xDDAKBgNVBAMTA2NuNDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgC
QQCQsnkyUGDY2R3mYoeTprFJKgWuJ3f1jUjlIuW5+wfAUoeMt35c4vcFZ2mIBpEG
DtzkNQN1kr2O9ldm9zYnYhyhAgMBAAGgEjAQBgorBgEEAYI3AgEOMQIwADANBgkq
hkiG9w0BAQQFAANBAAb2szZgVIxg3vK6kYLjGSBISyuzcXJ6IvuPW6M+yzi1Qgoi
gQhazHTJp91T8ItZEzUJGZSZl2e5iXlnffWB+/U=
-----END CERTIFICATE REQUEST-----

9
test/testrsa.pem Normal file
View File

@@ -0,0 +1,9 @@
-----BEGIN RSA PRIVATE KEY-----
MIIBPAIBAAJBAKrbeqkuRk8VcRmWFmtP+LviMB3+6dizWW3DwaffznyHGAFwUJ/I
Tv0XtbsCyl3QoyKGhrOAy3RvPK5M38iuXT0CAwEAAQJAZ3cnzaHXM/bxGaR5CR1R
rD1qFBAVfoQFiOH9uPJgMaoAuoQEisPHVcZDKcOv4wEg6/TInAIXBnEigtqvRzuy
oQIhAPcgZzUq3yVooAaoov8UbXPxqHlwo6GBMqnv20xzkf6ZAiEAsP4BnIaQTM8S
mvcpHZwQJdmdHHkGKAs37Dfxi67HbkUCIQCeZGliHXFa071Fp06ZeWlR2ADonTZz
rJBhdTe0v5pCeQIhAIZfkiGgGBX4cIuuckzEm43g9WMUjxP/0GlK39vIyihxAiEA
mymehFRT0MvqW5xAKAx7Pgkt8HVKwVhc2LwGKHE0DZM=
-----END RSA PRIVATE KEY-----

339
test/tests.com Normal file
View File

@@ -0,0 +1,339 @@
$! TESTS.COM -- Performs the necessary tests
$!
$! P1 tests to be performed. Empty means all.
$
$ __proc = f$element(0,";",f$environment("procedure"))
$ __here = f$parse(f$parse("A.;",__proc) - "A.;","[]A.;") - "A.;"
$ __save_default = f$environment("default")
$ __arch := VAX
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
$ if __arch .eqs. "" then __arch := UNK
$ texe_dir := sys$disk:[-.'__arch'.exe.test]
$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
$
$ set default '__here'
$
$ ROOT = F$PARSE("sys$disk:[-]A.;0",,,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0"
$ ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY")
$ ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
- ".][000000" - "[000000." - "][" - "[" - "]"
$ ROOT = ROOT_DEV + "[" + ROOT_DIR
$ DEFINE/NOLOG SSLROOT 'ROOT'.APPS.] /TRANS=CONC
$ openssl_conf := sslroot:[000000]openssl-vms.cnf
$
$ on control_y then goto exit
$ on error then goto exit
$
$ if p1 .nes. ""
$ then
$ tests = p1
$ else
$! NOTE: This list reflects the list of dependencies following the
$! "alltests" target in Makefile. This should make it easy to see
$! if there's a difference that needs to be taken care of.
$ tests := -
test_des,test_idea,test_sha,test_md4,test_md5,test_hmac,-
test_md2,test_mdc2,test_wp,-
test_rmd,test_rc2,test_rc4,test_rc5,test_bf,test_cast,test_aes,-
test_rand,test_bn,test_ec,test_ecdsa,test_ecdh,-
test_enc,test_x509,test_rsa,test_crl,test_sid,-
test_gen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,-
test_ss,test_ca,test_engine,test_evp,test_ssl,test_tsa,test_ige,-
test_jpake,test_cms
$ endif
$ tests = f$edit(tests,"COLLAPSE")
$
$ BNTEST := bntest
$ ECTEST := ectest
$ ECDSATEST := ecdsatest
$ ECDHTEST := ecdhtest
$ EXPTEST := exptest
$ IDEATEST := ideatest
$ SHATEST := shatest
$ SHA1TEST := sha1test
$ MDC2TEST := mdc2test
$ RMDTEST := rmdtest
$ MD2TEST := md2test
$ MD4TEST := md4test
$ MD5TEST := md5test
$ HMACTEST := hmactest
$ WPTEST := wp_test
$ RC2TEST := rc2test
$ RC4TEST := rc4test
$ RC5TEST := rc5test
$ BFTEST := bftest
$ CASTTEST := casttest
$ DESTEST := destest
$ RANDTEST := randtest
$ DHTEST := dhtest
$ DSATEST := dsatest
$ METHTEST := methtest
$ SSLTEST := ssltest
$ RSATEST := rsa_test
$ ENGINETEST := enginetest
$ EVPTEST := evp_test
$ IGETEST := igetest
$ JPAKETEST := jpaketest
$ ASN1TEST := asn1test
$
$ tests_i = 0
$ loop_tests:
$ tests_e = f$element(tests_i,",",tests)
$ tests_i = tests_i + 1
$ if tests_e .eqs. "," then goto exit
$ write sys$output "---> ''tests_e'"
$ gosub 'tests_e'
$ goto loop_tests
$
$ test_evp:
$ mcr 'texe_dir''evptest' 'ROOT'.CRYPTO.EVP]evptests.txt
$ return
$ test_des:
$ mcr 'texe_dir''destest'
$ return
$ test_idea:
$ mcr 'texe_dir''ideatest'
$ return
$ test_sha:
$ mcr 'texe_dir''shatest'
$ mcr 'texe_dir''sha1test'
$ return
$ test_mdc2:
$ mcr 'texe_dir''mdc2test'
$ return
$ test_md5:
$ mcr 'texe_dir''md5test'
$ return
$ test_md4:
$ mcr 'texe_dir''md4test'
$ return
$ test_hmac:
$ mcr 'texe_dir''hmactest'
$ return
$ test_wp:
$ mcr 'texe_dir''wptest'
$ return
$ test_md2:
$ mcr 'texe_dir''md2test'
$ return
$ test_rmd:
$ mcr 'texe_dir''rmdtest'
$ return
$ test_bf:
$ mcr 'texe_dir''bftest'
$ return
$ test_cast:
$ mcr 'texe_dir''casttest'
$ return
$ test_rc2:
$ mcr 'texe_dir''rc2test'
$ return
$ test_rc4:
$ mcr 'texe_dir''rc4test'
$ return
$ test_rc5:
$ mcr 'texe_dir''rc5test'
$ return
$ test_rand:
$ mcr 'texe_dir''randtest'
$ return
$ test_enc:
$ @testenc.com
$ return
$ test_x509:
$ define sys$error nla0:
$ write sys$output "test normal x509v1 certificate"
$ @tx509.com
$ write sys$output "test first x509v3 certificate"
$ @tx509.com v3-cert1.pem
$ write sys$output "test second x509v3 certificate"
$ @tx509.com v3-cert2.pem
$ deassign sys$error
$ return
$ test_rsa:
$ define sys$error nla0:
$ @trsa.com
$ deassign sys$error
$ mcr 'texe_dir''rsatest'
$ return
$ test_crl:
$ define sys$error nla0:
$ @tcrl.com
$ deassign sys$error
$ return
$ test_sid:
$ define sys$error nla0:
$ @tsid.com
$ deassign sys$error
$ return
$ test_req:
$ define sys$error nla0:
$ @treq.com
$ @treq.com testreq2.pem
$ deassign sys$error
$ return
$ test_pkcs7:
$ define sys$error nla0:
$ @tpkcs7.com
$ @tpkcs7d.com
$ deassign sys$error
$ return
$ test_bn:
$ write sys$output -
"starting big number library test, could take a while..."
$ set noon
$ define sys$error nl:
$ define sys$output nl:
$ @ bctest.com
$ status = $status
$ deassign sys$error
$ deassign sys$output
$ on control_y then goto exit
$ on error then goto exit
$ if (status)
$ then
$ create /fdl = sys$input bntest-vms.tmp
FILE
ORGANIZATION sequential
RECORD
FORMAT stream_lf
$ define /user_mode sys$output bntest-vms.tmp
$ mcr 'texe_dir''bntest'
$ define /user_mode sys$input bntest-vms.tmp
$ define /user_mode sys$output bntest-vms.out
$ bc
$ @ bntest.com bntest-vms.out
$ status = $status
$ if (status)
$ then
$ delete bntest-vms.out;*
$ delete bntest-vms.tmp;*
$ endif
$ else
$ create /fdl = sys$input bntest-vms.sh
FILE
ORGANIZATION sequential
RECORD
FORMAT stream_lf
$ open /append bntest_file bntest-vms.sh
$ type /output = bntest_file sys$input:
<< __FOO__ sh -c "`sh ./bctest`" | perl -e '$i=0; while (<STDIN>) {if (/^test (.*)/) {print STDERR "\nverify $1";} elsif (!/^0$/) {die "\nFailed! bc: $_";} else {print STDERR "."; $i++;}} print STDERR "\n$i tests passed\n"'
$ define/user sys$output bntest-vms.tmp
$ mcr 'texe_dir''bntest'
$ copy bntest-vms.tmp bntest_file
$ delete bntest-vms.tmp;*
$ type /output = bntest_file sys$input:
__FOO__
$ close bntest_file
$ write sys$output "-- copy the [.test]bntest-vms.sh and [.test]bctest files to a Unix system and"
$ write sys$output "-- run bntest-vms.sh through sh or bash to verify that the bignum operations"
$ write sys$output "-- went well."
$ write sys$output ""
$ endif
$ write sys$output "test a^b%c implementations"
$ mcr 'texe_dir''exptest'
$ return
$ test_ec:
$ write sys$output "test elliptic curves"
$ mcr 'texe_dir''ectest'
$ return
$ test_ecdsa:
$ write sys$output "test ecdsa"
$ mcr 'texe_dir''ecdsatest'
$ return
$ test_ecdh:
$ write sys$output "test ecdh"
$ mcr 'texe_dir''ecdhtest'
$ return
$ test_verify:
$ write sys$output "The following command should have some OK's and some failures"
$ write sys$output "There are definitly a few expired certificates"
$ @tverify.com
$ return
$ test_dh:
$ write sys$output "Generate a set of DH parameters"
$ mcr 'texe_dir''dhtest'
$ return
$ test_dsa:
$ write sys$output "Generate a set of DSA parameters"
$ mcr 'texe_dir''dsatest'
$ return
$ test_gen:
$ write sys$output "Generate and verify a certificate request"
$ @testgen.com
$ return
$ maybe_test_ss:
$ testss_RDT = f$cvtime(f$file_attributes("testss.com","RDT"))
$ if f$cvtime(f$file_attributes("keyU.ss","RDT")) .les. testss_RDT then -
goto test_ss
$ if f$cvtime(f$file_attributes("certU.ss","RDT")) .les. testss_RDT then -
goto test_ss
$ if f$cvtime(f$file_attributes("certCA.ss","RDT")) .les. testss_RDT then -
goto test_ss
$ return
$ test_ss:
$ write sys$output "Generate and certify a test certificate"
$ @testss.com
$ return
$ test_engine:
$ write sys$output "Manipulate the ENGINE structures"
$ mcr 'texe_dir''enginetest'
$ return
$ test_ssl:
$ write sys$output "test SSL protocol"
$ gosub maybe_test_ss
$ @testssl.com keyU.ss certU.ss certCA.ss
$ return
$ test_ca:
$ set noon
$ define/user sys$output nla0:
$ mcr 'exe_dir'openssl no-rsa
$ save_severity=$SEVERITY
$ set on
$ if save_severity
$ then
$ write sys$output "skipping CA.com test -- requires RSA"
$ else
$ write sys$output "Generate and certify a test certificate via the 'ca' program"
$ @testca.com
$ endif
$ return
$ test_aes:
$! write sys$output "test AES"
$! !mcr 'texe_dir''aestest'
$ return
$ test_tsa:
$ set noon
$ define/user sys$output nla0:
$ mcr 'exe_dir'openssl no-rsa
$ save_severity=$SEVERITY
$ set on
$ if save_severity
$ then
$ write sys$output "skipping testtsa.com test -- requires RSA"
$ else
$ @testtsa.com
$ endif
$ return
$ test_ige:
$ write sys$output "Test IGE mode"
$ mcr 'texe_dir''igetest'
$ return
$ test_jpake:
$ write sys$output "Test JPAKE"
$ mcr 'texe_dir''jpaketest'
$ return
$ test_cms:
$ write sys$output "CMS consistency test"
$ ! The following makes perl include the DCL symbol table in the env.
$ define/user perl_env_tables clisym_local,lnm$file_dev,ctrl_env
$ perl CMS-TEST.PL
$ return
$
$
$ exit:
$ mcr 'exe_dir'openssl version -a
$ set default '__save_default'
$ deassign sslroot
$ exit

12
test/testsid.pem Normal file
View File

@@ -0,0 +1,12 @@
-----BEGIN SSL SESSION PARAMETERS-----
MIIB1gIBAQIBAgQDAQCABBCi11xa5qkOP8xrr02K/NQCBBBkIYQZM0Bt95W0EHNV
bA58oQYCBDIBr7WiBAICASyjggGGMIIBgjCCASwCAQMwDQYJKoZIhvcNAQEEBQAw
ODELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3Jz
YSB0ZXN0IENBMB4XDTk1MTAwOTIzMzEzNFoXDTk4MDcwNTIzMzEzNFowYDELMAkG
A1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRk
LjELMAkGA1UECxMCQ1MxGzAZBgNVBAMTElNTTGVheSBkZW1vIGNsaWVudDBcMA0G
CSqGSIb3DQEBAQUAA0sAMEgCQQC4pcXEL1lgVA+B5Q3TcuW/O3LZHoA73IYm8oFD
TezgCDhL2RTMn+seKWF36UtJKRIOBU9jZHCVVd0Me5ls6BEjAgMBAAEwDQYJKoZI
hvcNAQEEBQADQQBoIpOcwUY1qlVF7j3ROSGvUsbvByOBFmYWkIBgsCqR+9qo1A7L
CrWF5i8LWt/vLwAHaxWNx2YuBJMFyuK81fTvpA0EC3Rlc3Rjb250ZXh0
-----END SSL SESSION PARAMETERS-----

163
test/testss Normal file
View File

@@ -0,0 +1,163 @@
#!/bin/sh
digest='-sha1'
reqcmd="../util/shlib_wrap.sh ../apps/openssl req"
x509cmd="../util/shlib_wrap.sh ../apps/openssl x509 $digest"
verifycmd="../util/shlib_wrap.sh ../apps/openssl verify"
dummycnf="../apps/openssl.cnf"
CAkey="keyCA.ss"
CAcert="certCA.ss"
CAreq="reqCA.ss"
CAconf="CAss.cnf"
CAreq2="req2CA.ss" # temp
Uconf="Uss.cnf"
Ukey="keyU.ss"
Ureq="reqU.ss"
Ucert="certU.ss"
P1conf="P1ss.cnf"
P1key="keyP1.ss"
P1req="reqP1.ss"
P1cert="certP1.ss"
P1intermediate="tmp_intP1.ss"
P2conf="P2ss.cnf"
P2key="keyP2.ss"
P2req="reqP2.ss"
P2cert="certP2.ss"
P2intermediate="tmp_intP2.ss"
echo
echo "make a certificate request using 'req'"
echo "string to make the random number generator think it has entropy" >> ./.rnd
if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
req_new='-newkey dsa:../apps/dsa512.pem'
else
req_new='-new'
fi
$reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new #>err.ss
if [ $? != 0 ]; then
echo "error using 'req' to generate a certificate request"
exit 1
fi
echo
echo "convert the certificate request into a self signed certificate using 'x509'"
$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey -extfile $CAconf -extensions v3_ca >err.ss
if [ $? != 0 ]; then
echo "error using 'x509' to self sign a certificate request"
exit 1
fi
echo
echo "convert a certificate into a certificate request using 'x509'"
$x509cmd -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >err.ss
if [ $? != 0 ]; then
echo "error using 'x509' convert a certificate to a certificate request"
exit 1
fi
$reqcmd -config $dummycnf -verify -in $CAreq -noout
if [ $? != 0 ]; then
echo first generated request is invalid
exit 1
fi
$reqcmd -config $dummycnf -verify -in $CAreq2 -noout
if [ $? != 0 ]; then
echo second generated request is invalid
exit 1
fi
$verifycmd -CAfile $CAcert $CAcert
if [ $? != 0 ]; then
echo first generated cert is invalid
exit 1
fi
echo
echo "make a user certificate request using 'req'"
$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new >err.ss
if [ $? != 0 ]; then
echo "error using 'req' to generate a user certificate request"
exit 1
fi
echo
echo "sign user certificate request with the just created CA via 'x509'"
$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -extfile $Uconf -extensions v3_ee >err.ss
if [ $? != 0 ]; then
echo "error using 'x509' to sign a user certificate request"
exit 1
fi
$verifycmd -CAfile $CAcert $Ucert
echo
echo "Certificate details"
$x509cmd -subject -issuer -startdate -enddate -noout -in $Ucert
echo
echo "make a proxy certificate request using 'req'"
$reqcmd -config $P1conf -out $P1req -keyout $P1key $req_new >err.ss
if [ $? != 0 ]; then
echo "error using 'req' to generate a proxy certificate request"
exit 1
fi
echo
echo "sign proxy certificate request with the just created user certificate via 'x509'"
$x509cmd -CAcreateserial -in $P1req -days 30 -req -out $P1cert -CA $Ucert -CAkey $Ukey -extfile $P1conf -extensions v3_proxy >err.ss
if [ $? != 0 ]; then
echo "error using 'x509' to sign a proxy certificate request"
exit 1
fi
cat $Ucert > $P1intermediate
$verifycmd -CAfile $CAcert -untrusted $P1intermediate $P1cert
echo
echo "Certificate details"
$x509cmd -subject -issuer -startdate -enddate -noout -in $P1cert
echo
echo "make another proxy certificate request using 'req'"
$reqcmd -config $P2conf -out $P2req -keyout $P2key $req_new >err.ss
if [ $? != 0 ]; then
echo "error using 'req' to generate another proxy certificate request"
exit 1
fi
echo
echo "sign second proxy certificate request with the first proxy certificate via 'x509'"
$x509cmd -CAcreateserial -in $P2req -days 30 -req -out $P2cert -CA $P1cert -CAkey $P1key -extfile $P2conf -extensions v3_proxy >err.ss
if [ $? != 0 ]; then
echo "error using 'x509' to sign a second proxy certificate request"
exit 1
fi
cat $Ucert $P1cert > $P2intermediate
$verifycmd -CAfile $CAcert -untrusted $P2intermediate $P2cert
echo
echo "Certificate details"
$x509cmd -subject -issuer -startdate -enddate -noout -in $P2cert
echo
echo The generated CA certificate is $CAcert
echo The generated CA private key is $CAkey
echo The generated user certificate is $Ucert
echo The generated user private key is $Ukey
echo The first generated proxy certificate is $P1cert
echo The first generated proxy private key is $P1key
echo The second generated proxy certificate is $P2cert
echo The second generated proxy private key is $P2key
/bin/rm err.ss
#/bin/rm $P1intermediate
#/bin/rm $P2intermediate
exit 0

120
test/testss.com Normal file
View File

@@ -0,0 +1,120 @@
$! TESTSS.COM
$
$ __arch := VAX
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
$ if __arch .eqs. "" then __arch := UNK
$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
$
$ digest="-md5"
$ reqcmd := mcr 'exe_dir'openssl req
$ x509cmd := mcr 'exe_dir'openssl x509 'digest'
$ verifycmd := mcr 'exe_dir'openssl verify
$ dummycnf := sys$disk:[-.apps]openssl-vms.cnf
$
$ CAkey="""keyCA.ss"""
$ CAcert="""certCA.ss"""
$ CAreq="""reqCA.ss"""
$ CAconf="""CAss.cnf"""
$ CAreq2="""req2CA.ss""" ! temp
$
$ Uconf="""Uss.cnf"""
$ Ukey="""keyU.ss"""
$ Ureq="""reqU.ss"""
$ Ucert="""certU.ss"""
$
$ write sys$output ""
$ write sys$output "make a certificate request using 'req'"
$
$ set noon
$ define/user sys$output nla0:
$ mcr 'exe_dir'openssl no-rsa
$ save_severity=$SEVERITY
$ set on
$ if save_severity
$ then
$ req_new="-newkey dsa:[-.apps]dsa512.pem"
$ else
$ req_new="-new"
$ endif
$
$ 'reqcmd' -config 'CAconf' -out 'CAreq' -keyout 'CAkey' 'req_new' ! -out err.ss
$ if $severity .ne. 1
$ then
$ write sys$output "error using 'req' to generate a certificate request"
$ exit 3
$ endif
$ write sys$output ""
$ write sys$output "convert the certificate request into a self signed certificate using 'x509'"
$ define /user sys$output err.ss
$ 'x509cmd' "-CAcreateserial" -in 'CAreq' -days 30 -req -out 'CAcert' -signkey 'CAkey'
$ if $severity .ne. 1
$ then
$ write sys$output "error using 'x509' to self sign a certificate request"
$ exit 3
$ endif
$
$ write sys$output ""
$ write sys$output "convert a certificate into a certificate request using 'x509'"
$ define /user sys$output err.ss
$ 'x509cmd' -in 'CAcert' -x509toreq -signkey 'CAkey' -out 'CAreq2'
$ if $severity .ne. 1
$ then
$ write sys$output "error using 'x509' convert a certificate to a certificate request"
$ exit 3
$ endif
$
$ 'reqcmd' -config 'dummycnf' -verify -in 'CAreq' -noout
$ if $severity .ne. 1
$ then
$ write sys$output "first generated request is invalid"
$ exit 3
$ endif
$
$ 'reqcmd' -config 'dummycnf' -verify -in 'CAreq2' -noout
$ if $severity .ne. 1
$ then
$ write sys$output "second generated request is invalid"
$ exit 3
$ endif
$
$ 'verifycmd' "-CAfile" 'CAcert' 'CAcert'
$ if $severity .ne. 1
$ then
$ write sys$output "first generated cert is invalid"
$ exit 3
$ endif
$
$ write sys$output ""
$ write sys$output "make another certificate request using 'req'"
$ define /user sys$output err.ss
$ 'reqcmd' -config 'Uconf' -out 'Ureq' -keyout 'Ukey' 'req_new'
$ if $severity .ne. 1
$ then
$ write sys$output "error using 'req' to generate a certificate request"
$ exit 3
$ endif
$
$ write sys$output ""
$ write sys$output "sign certificate request with the just created CA via 'x509'"
$ define /user sys$output err.ss
$ 'x509cmd' "-CAcreateserial" -in 'Ureq' -days 30 -req -out 'Ucert' "-CA" 'CAcert' "-CAkey" 'CAkey'
$ if $severity .ne. 1
$ then
$ write sys$output "error using 'x509' to sign a certificate request"
$ exit 3
$ endif
$
$ 'verifycmd' "-CAfile" 'CAcert' 'Ucert'
$ write sys$output ""
$ write sys$output "Certificate details"
$ 'x509cmd' -subject -issuer -startdate -enddate -noout -in 'Ucert'
$
$ write sys$output ""
$ write sys$output "The generated CA certificate is ",CAcert
$ write sys$output "The generated CA private key is ",CAkey
$
$ write sys$output "The generated user certificate is ",Ucert
$ write sys$output "The generated user private key is ",Ukey
$
$ if f$search("err.ss;*") .nes. "" then delete err.ss;*

151
test/testssl Normal file
View File

@@ -0,0 +1,151 @@
#!/bin/sh
if [ "$1" = "" ]; then
key=../apps/server.pem
else
key="$1"
fi
if [ "$2" = "" ]; then
cert=../apps/server.pem
else
cert="$2"
fi
ssltest="../util/shlib_wrap.sh ./ssltest -key $key -cert $cert -c_key $key -c_cert $cert"
if ../util/shlib_wrap.sh ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
dsa_cert=YES
else
dsa_cert=NO
fi
if [ "$3" = "" ]; then
CA="-CApath ../certs"
else
CA="-CAfile $3"
fi
if [ "$4" = "" ]; then
extra=""
else
extra="$4"
fi
#############################################################################
echo test sslv2
$ssltest -ssl2 $extra || exit 1
echo test sslv2 with server authentication
$ssltest -ssl2 -server_auth $CA $extra || exit 1
if [ $dsa_cert = NO ]; then
echo test sslv2 with client authentication
$ssltest -ssl2 -client_auth $CA $extra || exit 1
echo test sslv2 with both client and server authentication
$ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1
fi
echo test sslv3
$ssltest -ssl3 $extra || exit 1
echo test sslv3 with server authentication
$ssltest -ssl3 -server_auth $CA $extra || exit 1
echo test sslv3 with client authentication
$ssltest -ssl3 -client_auth $CA $extra || exit 1
echo test sslv3 with both client and server authentication
$ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1
echo test sslv2/sslv3
$ssltest $extra || exit 1
echo test sslv2/sslv3 with server authentication
$ssltest -server_auth $CA $extra || exit 1
echo test sslv2/sslv3 with client authentication
$ssltest -client_auth $CA $extra || exit 1
echo test sslv2/sslv3 with both client and server authentication
$ssltest -server_auth -client_auth $CA $extra || exit 1
echo test sslv2 via BIO pair
$ssltest -bio_pair -ssl2 $extra || exit 1
echo test sslv2 with server authentication via BIO pair
$ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1
if [ $dsa_cert = NO ]; then
echo test sslv2 with client authentication via BIO pair
$ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1
echo test sslv2 with both client and server authentication via BIO pair
$ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1
fi
echo test sslv3 via BIO pair
$ssltest -bio_pair -ssl3 $extra || exit 1
echo test sslv3 with server authentication via BIO pair
$ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1
echo test sslv3 with client authentication via BIO pair
$ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1
echo test sslv3 with both client and server authentication via BIO pair
$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1
echo test sslv2/sslv3 via BIO pair
$ssltest $extra || exit 1
if [ $dsa_cert = NO ]; then
echo test sslv2/sslv3 w/o DHE via BIO pair
$ssltest -bio_pair -no_dhe $extra || exit 1
fi
echo test sslv2/sslv3 with 1024bit DHE via BIO pair
$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
echo test sslv2/sslv3 with server authentication
$ssltest -bio_pair -server_auth $CA $extra || exit 1
echo test sslv2/sslv3 with client authentication via BIO pair
$ssltest -bio_pair -client_auth $CA $extra || exit 1
echo test sslv2/sslv3 with both client and server authentication via BIO pair
$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
#############################################################################
if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
echo skipping anonymous DH tests
else
echo test tls1 with 1024bit anonymous DH, multiple handshakes
$ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
fi
if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
echo skipping RSA tests
else
echo test tls1 with 1024bit RSA, no DHE, multiple handshakes
../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra || exit 1
if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
echo skipping RSA+DHE tests
else
echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
fi
fi
echo test tls1 with PSK
$ssltest -tls1 -cipher PSK -psk abc123 $extra || exit 1
echo test tls1 with PSK via BIO pair
$ssltest -bio_pair -tls1 -cipher PSK -psk abc123 $extra || exit 1
exit 0

204
test/testssl.com Normal file
View File

@@ -0,0 +1,204 @@
$! TESTSSL.COM
$
$ __arch := VAX
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
$ if __arch .eqs. "" then __arch := UNK
$ texe_dir := sys$disk:[-.'__arch'.exe.test]
$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
$
$ if p1 .eqs. ""
$ then
$ key="[-.apps]server.pem"
$ else
$ key=p1
$ endif
$ if p2 .eqs. ""
$ then
$ cert="[-.apps]server.pem"
$ else
$ cert=p2
$ endif
$ ssltest := mcr 'texe_dir'ssltest -key 'key' -cert 'cert' -c_key 'key' -c_cert 'cert'
$
$ set noon
$ define/user sys$output testssl-x509-output.
$ define/user sys$error nla0:
$ mcr 'exe_dir'openssl x509 -in 'cert' -text -noout
$ define/user sys$error nla0:
$ search/output=nla0: testssl-x509-output. "DSA Public Key"/exact
$ if $severity .eq. 1
$ then
$ dsa_cert := YES
$ else
$ dsa_cert := NO
$ endif
$ delete testssl-x509-output.;*
$
$ if p3 .eqs. ""
$ then
$ copy/concatenate [-.certs]*.pem certs.tmp
$ CA = """-CAfile"" certs.tmp"
$ else
$ CA = """-CAfile"" "+p3
$ endif
$
$!###########################################################################
$
$ write sys$output "test sslv2"
$ 'ssltest' -ssl2
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2 with server authentication"
$ 'ssltest' -ssl2 -server_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ if .not. dsa_cert
$ then
$ write sys$output "test sslv2 with client authentication"
$ 'ssltest' -ssl2 -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2 with both client and server authentication"
$ 'ssltest' -ssl2 -server_auth -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$ endif
$
$ write sys$output "test sslv3"
$ 'ssltest' -ssl3
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv3 with server authentication"
$ 'ssltest' -ssl3 -server_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv3 with client authentication"
$ 'ssltest' -ssl3 -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv3 with both client and server authentication"
$ 'ssltest' -ssl3 -server_auth -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3"
$ 'ssltest'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 with server authentication"
$ 'ssltest' -server_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 with client authentication"
$ 'ssltest' -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 with both client and server authentication"
$ 'ssltest' -server_auth -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2 via BIO pair"
$ 'ssltest' -bio_pair -ssl2
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2 with server authentication via BIO pair"
$ 'ssltest' -bio_pair -ssl2 -server_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ if .not. dsa_cert
$ then
$ write sys$output "test sslv2 with client authentication via BIO pair"
$ 'ssltest' -bio_pair -ssl2 -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2 with both client and server authentication via BIO pair"
$ 'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$ endif
$
$ write sys$output "test sslv3 via BIO pair"
$ 'ssltest' -bio_pair -ssl3
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv3 with server authentication via BIO pair"
$ 'ssltest' -bio_pair -ssl3 -server_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv3 with client authentication via BIO pair"
$ 'ssltest' -bio_pair -ssl3 -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$ write sys$output "test sslv3 with both client and server authentication via BIO pair"
$ 'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 via BIO pair"
$ 'ssltest'
$ if $severity .ne. 1 then goto exit3
$
$ if .not. dsa_cert
$ then
$ write sys$output "test sslv2/sslv3 w/o DHE via BIO pair"
$ 'ssltest' -bio_pair -no_dhe
$ if $severity .ne. 1 then goto exit3
$ endif
$
$ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair"
$ 'ssltest' -bio_pair -dhe1024dsa -v
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 with server authentication"
$ 'ssltest' -bio_pair -server_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 with client authentication via BIO pair"
$ 'ssltest' -bio_pair -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$ write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair"
$ 'ssltest' -bio_pair -server_auth -client_auth 'CA'
$ if $severity .ne. 1 then goto exit3
$
$!###########################################################################
$
$ define/user sys$output nla0:
$ mcr 'exe_dir'openssl no-rsa
$ no_rsa=$SEVERITY
$ define/user sys$output nla0:
$ mcr 'exe_dir'openssl no-dh
$ no_dh=$SEVERITY
$
$ if no_dh
$ then
$ write sys$output "skipping anonymous DH tests"
$ else
$ write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes"
$ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time
$ if $severity .ne. 1 then goto exit3
$ endif
$
$ if no_rsa
$ then
$ write sys$output "skipping RSA tests"
$ else
$ write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes"
$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time
$ if $severity .ne. 1 then goto exit3
$
$ if no_dh
$ then
$ write sys$output "skipping RSA+DHE tests"
$ else
$ write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes"
$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time
$ if $severity .ne. 1 then goto exit3
$ endif
$ endif
$
$ RET = 1
$ goto exit
$ exit3:
$ RET = 3
$ exit:
$ if p3 .eqs. "" then delete certs.tmp;*
$ set on
$ exit 'RET'

10
test/testsslproxy Normal file
View File

@@ -0,0 +1,10 @@
#! /bin/sh
echo 'Testing a lot of proxy conditions.'
echo 'Some of them may turn out being invalid, which is fine.'
for auth in A B C BC; do
for cond in A B C 'A|B&!C'; do
sh ./testssl $1 $2 $3 "-proxy -proxy_auth $auth -proxy_cond $cond"
if [ $? = 3 ]; then exit 1; fi
done
done

238
test/testtsa Normal file
View File

@@ -0,0 +1,238 @@
#!/bin/sh
#
# A few very basic tests for the 'ts' time stamping authority command.
#
SH="/bin/sh"
if test "$OSTYPE" = msdosdjgpp; then
PATH="../apps\;$PATH"
else
PATH="../apps:$PATH"
fi
export SH PATH
OPENSSL_CONF="../CAtsa.cnf"
export OPENSSL_CONF
# Because that's what ../apps/CA.sh really looks at
SSLEAY_CONFIG="-config $OPENSSL_CONF"
export SSLEAY_CONFIG
OPENSSL="`pwd`/../util/opensslwrap.sh"
export OPENSSL
error () {
echo "TSA test failed!" >&2
exit 1
}
setup_dir () {
rm -rf tsa 2>/dev/null
mkdir tsa
cd ./tsa
}
clean_up_dir () {
cd ..
rm -rf tsa
}
create_ca () {
echo "Creating a new CA for the TSA tests..."
TSDNSECT=ts_ca_dn
export TSDNSECT
../../util/shlib_wrap.sh ../../apps/openssl req -new -x509 -nodes \
-out tsaca.pem -keyout tsacakey.pem
test $? != 0 && error
}
create_tsa_cert () {
INDEX=$1
export INDEX
EXT=$2
TSDNSECT=ts_cert_dn
export TSDNSECT
../../util/shlib_wrap.sh ../../apps/openssl req -new \
-out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem
test $? != 0 && error
echo Using extension $EXT
../../util/shlib_wrap.sh ../../apps/openssl x509 -req \
-in tsa_req${INDEX}.pem -out tsa_cert${INDEX}.pem \
-CA tsaca.pem -CAkey tsacakey.pem -CAcreateserial \
-extfile $OPENSSL_CONF -extensions $EXT
test $? != 0 && error
}
print_request () {
../../util/shlib_wrap.sh ../../apps/openssl ts -query -in $1 -text
}
create_time_stamp_request1 () {
../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy1 -cert -out req1.tsq
test $? != 0 && error
}
create_time_stamp_request2 () {
../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy2 -no_nonce \
-out req2.tsq
test $? != 0 && error
}
create_time_stamp_request3 () {
../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../CAtsa.cnf -no_nonce -out req3.tsq
test $? != 0 && error
}
print_response () {
../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $1 -text
test $? != 0 && error
}
create_time_stamp_response () {
../../util/shlib_wrap.sh ../../apps/openssl ts -reply -section $3 -queryfile $1 -out $2
test $? != 0 && error
}
time_stamp_response_token_test () {
RESPONSE2=$2.copy.tsr
TOKEN_DER=$2.token.der
../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $TOKEN_DER -token_out
test $? != 0 && error
../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -out $RESPONSE2
test $? != 0 && error
cmp $RESPONSE2 $2
test $? != 0 && error
../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -text -token_out
test $? != 0 && error
../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -text -token_out
test $? != 0 && error
../../util/shlib_wrap.sh ../../apps/openssl ts -reply -queryfile $1 -text -token_out
test $? != 0 && error
}
verify_time_stamp_response () {
../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
-untrusted tsa_cert1.pem
test $? != 0 && error
../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2 -CAfile tsaca.pem \
-untrusted tsa_cert1.pem
test $? != 0 && error
}
verify_time_stamp_token () {
# create the token from the response first
../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $2.token -token_out
test $? != 0 && error
../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2.token -token_in \
-CAfile tsaca.pem -untrusted tsa_cert1.pem
test $? != 0 && error
../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2.token -token_in \
-CAfile tsaca.pem -untrusted tsa_cert1.pem
test $? != 0 && error
}
verify_time_stamp_response_fail () {
../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
-untrusted tsa_cert1.pem
# Checks if the verification failed, as it should have.
test $? = 0 && error
echo Ok
}
# main functions
echo "Setting up TSA test directory..."
setup_dir
echo "Creating CA for TSA tests..."
create_ca
echo "Creating tsa_cert1.pem TSA server cert..."
create_tsa_cert 1 tsa_cert
echo "Creating tsa_cert2.pem non-TSA server cert..."
create_tsa_cert 2 non_tsa_cert
echo "Creating req1.req time stamp request for file testtsa..."
create_time_stamp_request1
echo "Printing req1.req..."
print_request req1.tsq
echo "Generating valid response for req1.req..."
create_time_stamp_response req1.tsq resp1.tsr tsa_config1
echo "Printing response..."
print_response resp1.tsr
echo "Verifying valid response..."
verify_time_stamp_response req1.tsq resp1.tsr ../testtsa
echo "Verifying valid token..."
verify_time_stamp_token req1.tsq resp1.tsr ../testtsa
# The tests below are commented out, because invalid signer certificates
# can no longer be specified in the config file.
# echo "Generating _invalid_ response for req1.req..."
# create_time_stamp_response req1.tsq resp1_bad.tsr tsa_config2
# echo "Printing response..."
# print_response resp1_bad.tsr
# echo "Verifying invalid response, it should fail..."
# verify_time_stamp_response_fail req1.tsq resp1_bad.tsr
echo "Creating req2.req time stamp request for file testtsa..."
create_time_stamp_request2
echo "Printing req2.req..."
print_request req2.tsq
echo "Generating valid response for req2.req..."
create_time_stamp_response req2.tsq resp2.tsr tsa_config1
echo "Checking '-token_in' and '-token_out' options with '-reply'..."
time_stamp_response_token_test req2.tsq resp2.tsr
echo "Printing response..."
print_response resp2.tsr
echo "Verifying valid response..."
verify_time_stamp_response req2.tsq resp2.tsr ../testtsa
echo "Verifying response against wrong request, it should fail..."
verify_time_stamp_response_fail req1.tsq resp2.tsr
echo "Verifying response against wrong request, it should fail..."
verify_time_stamp_response_fail req2.tsq resp1.tsr
echo "Creating req3.req time stamp request for file CAtsa.cnf..."
create_time_stamp_request3
echo "Printing req3.req..."
print_request req3.tsq
echo "Verifying response against wrong request, it should fail..."
verify_time_stamp_response_fail req3.tsq resp1.tsr
echo "Cleaning up..."
clean_up_dir
exit 0

252
test/testtsa.com Normal file
View File

@@ -0,0 +1,252 @@
$!
$! A few very basic tests for the 'ts' time stamping authority command.
$!
$
$ __arch := VAX
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
$ if __arch .eqs. "" then __arch := UNK
$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
$
$ openssl := mcr 'f$parse(exe_dir+"openssl.exe")'
$ OPENSSL_CONF := [-]CAtsa.cnf
$ ! Because that's what ../apps/CA.sh really looks at
$ SSLEAY_CONFIG = "-config " + OPENSSL_CONF
$
$ error:
$ subroutine
$ write sys$error "TSA test failed!"
$ exit 3
$ endsubroutine
$
$ setup_dir:
$ subroutine
$
$ if f$search("tsa.dir") .nes ""
$ then
$ @[-.util]deltree [.tsa]*.*
$ set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) tsa.dir;*
$ delete tsa.dir;*
$ endif
$
$ create/dir [.tsa]
$ set default [.tsa]
$ endsubroutine
$
$ clean_up_dir:
$ subroutine
$
$ set default [-]
$ @[-.util]deltree [.tsa]*.*
$ set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) tsa.dir;*
$ delete tsa.dir;*
$ endsubroutine
$
$ create_ca:
$ subroutine
$
$ write sys$output "Creating a new CA for the TSA tests..."
$ TSDNSECT = "ts_ca_dn"
$ openssl req -new -x509 -nodes -
-out tsaca.pem -keyout tsacakey.pem
$ if $severity .ne. 1 then call error
$ endsubroutine
$
$ create_tsa_cert:
$ subroutine
$
$ INDEX=p1
$ EXT=p2
$ TSDNSECT = "ts_cert_dn"
$
$ openssl req -new -
-out tsa_req'INDEX'.pem -keyout tsa_key'INDEX'.pem
$ if $severity .ne. 1 then call error
$
$ write sys$output "Using extension ''EXT'"
$ openssl x509 -req -
-in tsa_req'INDEX'.pem -out tsa_cert'INDEX'.pem -
"-CA" tsaca.pem "-CAkey" tsacakey.pem "-CAcreateserial" -
-extfile 'OPENSSL_CONF' -extensions "''EXT'"
$ if $severity .ne. 1 then call error
$ endsubroutine
$
$ print_request:
$ subroutine
$
$ openssl ts -query -in 'p1' -text
$ endsubroutine
$
$ create_time_stamp_request1: subroutine
$
$ openssl ts -query -data [-]testtsa.com -policy tsa_policy1 -
-cert -out req1.tsq
$ if $severity .ne. 1 then call error
$ endsubroutine
$
$ create_time_stamp_request2: subroutine
$
$ openssl ts -query -data [-]testtsa.com -policy tsa_policy2 -
-no_nonce -out req2.tsq
$ if $severity .ne. 1 then call error
$ endsubroutine
$
$ create_time_stamp_request3: subroutine
$
$ openssl ts -query -data [-]CAtsa.cnf -no_nonce -out req3.tsq
$ if $severity .ne. 1 then call error
$ endsubroutine
$
$ print_response:
$ subroutine
$
$ openssl ts -reply -in 'p1' -text
$ if $severity .ne. 1 then call error
$ endsubroutine
$
$ create_time_stamp_response:
$ subroutine
$
$ openssl ts -reply -section 'p3' -queryfile 'p1' -out 'p2'
$ if $severity .ne. 1 then call error
$ endsubroutine
$
$ time_stamp_response_token_test:
$ subroutine
$
$ RESPONSE2:='p2'.copy_tsr
$ TOKEN_DER:='p2'.token_der
$ openssl ts -reply -in 'p2' -out 'TOKEN_DER' -token_out
$ if $severity .ne. 1 then call error
$ openssl ts -reply -in 'TOKEN_DER' -token_in -out 'RESPONSE2'
$ if $severity .ne. 1 then call error
$ backup/compare 'RESPONSE2' 'p2'
$ if $severity .ne. 1 then call error
$ openssl ts -reply -in 'p2' -text -token_out
$ if $severity .ne. 1 then call error
$ openssl ts -reply -in 'TOKEN_DER' -token_in -text -token_out
$ if $severity .ne. 1 then call error
$ openssl ts -reply -queryfile 'p1' -text -token_out
$ if $severity .ne. 1 then call error
$ endsubroutine
$
$ verify_time_stamp_response:
$ subroutine
$
$ openssl ts -verify -queryfile 'p1' -in 'p2' -
"-CAfile" tsaca.pem -untrusted tsa_cert1.pem
$ if $severity .ne. 1 then call error
$ openssl ts -verify -data 'p3' -in 'p2' -
"-CAfile" tsaca.pem -untrusted tsa_cert1.pem
$ if $severity .ne. 1 then call error
$ endsubroutine
$
$ verify_time_stamp_token:
$ subroutine
$
$ ! create the token from the response first
$ openssl ts -reply -in 'p2' -out 'p2'.token -token_out
$ if $severity .ne. 1 then call error
$ openssl ts -verify -queryfile 'p1' -in 'p2'.token -token_in -
"-CAfile" tsaca.pem -untrusted tsa_cert1.pem
$ if $severity .ne. 1 then call error
$ openssl ts -verify -data 'p3' -in 'p2'.token -token_in -
"-CAfile" tsaca.pem -untrusted tsa_cert1.pem
$ if $severity .ne. 1 then call error
$ endsubroutine
$
$ verify_time_stamp_response_fail:
$ subroutine
$
$ openssl ts -verify -queryfile 'p1' -in 'p2' -
"-CAfile" tsaca.pem -untrusted tsa_cert1.pem
$ ! Checks if the verification failed, as it should have.
$ if $severity .eq. 1 then call error
$ write sys$output "Ok"
$ endsubroutine
$
$ ! Main body ----------------------------------------------------------
$
$ set noon
$
$ write sys$output "Setting up TSA test directory..."
$ call setup_dir
$
$ write sys$output "Creating CA for TSA tests..."
$ call create_ca
$
$ write sys$output "Creating tsa_cert1.pem TSA server cert..."
$ call create_tsa_cert 1 "tsa_cert"
$
$ write sys$output "Creating tsa_cert2.pem non-TSA server cert..."
$ call create_tsa_cert 2 "non_tsa_cert"
$
$ write sys$output "Creating req1.req time stamp request for file testtsa..."
$ call create_time_stamp_request1
$
$ write sys$output "Printing req1.req..."
$ call print_request req1.tsq
$
$ write sys$output "Generating valid response for req1.req..."
$ call create_time_stamp_response req1.tsq resp1.tsr tsa_config1
$
$ write sys$output "Printing response..."
$ call print_response resp1.tsr
$
$ write sys$output "Verifying valid response..."
$ call verify_time_stamp_response req1.tsq resp1.tsr [-]testtsa.com
$
$ write sys$output "Verifying valid token..."
$ call verify_time_stamp_token req1.tsq resp1.tsr [-]testtsa.com
$
$ ! The tests below are commented out, because invalid signer certificates
$ ! can no longer be specified in the config file.
$
$ ! write sys$output "Generating _invalid_ response for req1.req..."
$ ! call create_time_stamp_response req1.tsq resp1_bad.tsr tsa_config2
$
$ ! write sys$output "Printing response..."
$ ! call print_response resp1_bad.tsr
$
$ ! write sys$output "Verifying invalid response, it should fail..."
$ ! call verify_time_stamp_response_fail req1.tsq resp1_bad.tsr
$
$ write sys$output "Creating req2.req time stamp request for file testtsa..."
$ call create_time_stamp_request2
$
$ write sys$output "Printing req2.req..."
$ call print_request req2.tsq
$
$ write sys$output "Generating valid response for req2.req..."
$ call create_time_stamp_response req2.tsq resp2.tsr tsa_config1
$
$ write sys$output "Checking '-token_in' and '-token_out' options with '-reply'..."
$ call time_stamp_response_token_test req2.tsq resp2.tsr
$
$ write sys$output "Printing response..."
$ call print_response resp2.tsr
$
$ write sys$output "Verifying valid response..."
$ call verify_time_stamp_response req2.tsq resp2.tsr [-]testtsa.com
$
$ write sys$output "Verifying response against wrong request, it should fail..."
$ call verify_time_stamp_response_fail req1.tsq resp2.tsr
$
$ write sys$output "Verifying response against wrong request, it should fail..."
$ call verify_time_stamp_response_fail req2.tsq resp1.tsr
$
$ write sys$output "Creating req3.req time stamp request for file CAtsa.cnf..."
$ call create_time_stamp_request3
$
$ write sys$output "Printing req3.req..."
$ call print_request req3.tsq
$
$ write sys$output "Verifying response against wrong request, it should fail..."
$ call verify_time_stamp_response_fail req3.tsq resp1.tsr
$
$ write sys$output "Cleaning up..."
$ call clean_up_dir
$
$ set on
$
$ exit

10
test/testx509.pem Normal file
View File

@@ -0,0 +1,10 @@
-----BEGIN CERTIFICATE-----
MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz
MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF
AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO
/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE
Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ
zl9HYIMxATFyqSiD9jsx
-----END CERTIFICATE-----

113
test/times Normal file
View File

@@ -0,0 +1,113 @@
More number for the questions about SSL overheads....
The following numbers were generated on a Pentium pro 200, running Linux.
They give an indication of the SSL protocol and encryption overheads.
The program that generated them is an unreleased version of ssl/ssltest.c
which is the SSLeay ssl protocol testing program. It is a single process that
talks both sides of the SSL protocol via a non-blocking memory buffer
interface.
How do I read this? The protocol and cipher are reasonable obvious.
The next number is the number of connections being made. The next is the
number of bytes exchanged between the client and server side of the protocol.
This is the number of bytes that the client sends to the server, and then
the server sends back. Because this is all happening in one process,
the data is being encrypted, decrypted, encrypted and then decrypted again.
It is a round trip of that many bytes. Because the one process performs
both the client and server sides of the protocol and it sends this many bytes
each direction, multiply this number by 4 to generate the number
of bytes encrypted/decrypted/MACed. The first time value is how many seconds
elapsed doing a full SSL handshake, the second is the cost of one
full handshake and the rest being session-id reuse.
SSLv2 RC4-MD5 1000 x 1 12.83s 0.70s
SSLv3 NULL-MD5 1000 x 1 14.35s 1.47s
SSLv3 RC4-MD5 1000 x 1 14.46s 1.56s
SSLv3 RC4-MD5 1000 x 1 51.93s 1.62s 1024bit RSA
SSLv3 RC4-SHA 1000 x 1 14.61s 1.83s
SSLv3 DES-CBC-SHA 1000 x 1 14.70s 1.89s
SSLv3 DES-CBC3-SHA 1000 x 1 15.16s 2.16s
SSLv2 RC4-MD5 1000 x 1024 13.72s 1.27s
SSLv3 NULL-MD5 1000 x 1024 14.79s 1.92s
SSLv3 RC4-MD5 1000 x 1024 52.58s 2.29s 1024bit RSA
SSLv3 RC4-SHA 1000 x 1024 15.39s 2.67s
SSLv3 DES-CBC-SHA 1000 x 1024 16.45s 3.55s
SSLv3 DES-CBC3-SHA 1000 x 1024 18.21s 5.38s
SSLv2 RC4-MD5 1000 x 10240 18.97s 6.52s
SSLv3 NULL-MD5 1000 x 10240 17.79s 5.11s
SSLv3 RC4-MD5 1000 x 10240 20.25s 7.90s
SSLv3 RC4-MD5 1000 x 10240 58.26s 8.08s 1024bit RSA
SSLv3 RC4-SHA 1000 x 10240 22.96s 11.44s
SSLv3 DES-CBC-SHA 1000 x 10240 30.65s 18.41s
SSLv3 DES-CBC3-SHA 1000 x 10240 47.04s 34.53s
SSLv2 RC4-MD5 1000 x 102400 70.22s 57.74s
SSLv3 NULL-MD5 1000 x 102400 43.73s 31.03s
SSLv3 RC4-MD5 1000 x 102400 71.32s 58.83s
SSLv3 RC4-MD5 1000 x 102400 109.66s 59.20s 1024bit RSA
SSLv3 RC4-SHA 1000 x 102400 95.88s 82.21s
SSLv3 DES-CBC-SHA 1000 x 102400 173.22s 160.55s
SSLv3 DES-CBC3-SHA 1000 x 102400 336.61s 323.82s
What does this all mean? Well for a server, with no session-id reuse, with
a transfer size of 10240 bytes, using RC4-MD5 and a 512bit server key,
a Pentium pro 200 running Linux can handle the SSLv3 protocol overheads of
about 49 connections a second. Reality will be quite different :-).
Remember the first number is 1000 full ssl handshakes, the second is
1 full and 999 with session-id reuse. The RSA overheads for each exchange
would be one public and one private operation, but the protocol/MAC/cipher
cost would be quite similar in both the client and server.
eric (adding numbers to speculation)
--- Appendix ---
- The time measured is user time but these number a very rough.
- Remember this is the cost of both client and server sides of the protocol.
- The TCP/kernel overhead of connection establishment is normally the
killer in SSL. Often delays in the TCP protocol will make session-id
reuse look slower that new sessions, but this would not be the case on
a loaded server.
- The TCP round trip latencies, while slowing individual connections,
would have minimal impact on throughput.
- Instead of sending one 102400 byte buffer, one 8k buffer is sent until
- the required number of bytes are processed.
- The SSLv3 connections were actually SSLv2 compatible SSLv3 headers.
- A 512bit server key was being used except where noted.
- No server key verification was being performed on the client side of the
protocol. This would slow things down very little.
- The library being used is SSLeay 0.8.x.
- The normal measuring system was commands of the form
time ./ssltest -num 1000 -bytes 102400 -cipher DES-CBC-SHA -reuse
This modified version of ssltest should be in the next public release of
SSLeay.
The general cipher performance number for this platform are
SSLeay 0.8.2a 04-Sep-1997
built on Fri Sep 5 17:37:05 EST 1997
options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
C flags:gcc -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
The 'numbers' are in 1000s of bytes per second processed.
type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
md2 131.02k 368.41k 500.57k 549.21k 566.09k
mdc2 535.60k 589.10k 595.88k 595.97k 594.54k
md5 1801.53k 9674.77k 17484.03k 21849.43k 23592.96k
sha 1261.63k 5533.25k 9285.63k 11187.88k 11913.90k
sha1 1103.13k 4782.53k 7933.78k 9472.34k 10070.70k
rc4 10722.53k 14443.93k 15215.79k 15299.24k 15219.59k
des cbc 3286.57k 3827.73k 3913.39k 3931.82k 3926.70k
des ede3 1443.50k 1549.08k 1561.17k 1566.38k 1564.67k
idea cbc 2203.64k 2508.16k 2538.33k 2543.62k 2547.71k
rc2 cbc 1430.94k 1511.59k 1524.82k 1527.13k 1523.33k
blowfish cbc 4716.07k 5965.82k 6190.17k 6243.67k 6234.11k
sign verify
rsa 512 bits 0.0100s 0.0011s
rsa 1024 bits 0.0451s 0.0012s
rsa 2048 bits 0.2605s 0.0086s
rsa 4096 bits 1.6883s 0.0302s

48
test/tpkcs7 Normal file
View File

@@ -0,0 +1,48 @@
#!/bin/sh
cmd='../util/shlib_wrap.sh ../apps/openssl pkcs7'
if [ "$1"x != "x" ]; then
t=$1
else
t=testp7.pem
fi
echo testing pkcs7 conversions
cp $t fff.p
echo "p -> d"
$cmd -in fff.p -inform p -outform d >f.d
if [ $? != 0 ]; then exit 1; fi
echo "p -> p"
$cmd -in fff.p -inform p -outform p >f.p
if [ $? != 0 ]; then exit 1; fi
echo "d -> d"
$cmd -in f.d -inform d -outform d >ff.d1
if [ $? != 0 ]; then exit 1; fi
echo "p -> d"
$cmd -in f.p -inform p -outform d >ff.d3
if [ $? != 0 ]; then exit 1; fi
echo "d -> p"
$cmd -in f.d -inform d -outform p >ff.p1
if [ $? != 0 ]; then exit 1; fi
echo "p -> p"
$cmd -in f.p -inform p -outform p >ff.p3
if [ $? != 0 ]; then exit 1; fi
cmp fff.p f.p
if [ $? != 0 ]; then exit 1; fi
cmp fff.p ff.p1
if [ $? != 0 ]; then exit 1; fi
cmp fff.p ff.p3
if [ $? != 0 ]; then exit 1; fi
cmp f.p ff.p1
if [ $? != 0 ]; then exit 1; fi
cmp f.p ff.p3
if [ $? != 0 ]; then exit 1; fi
/bin/rm -f f.* ff.* fff.*
exit 0

56
test/tpkcs7.com Normal file
View File

@@ -0,0 +1,56 @@
$! TPKCS7.COM -- Tests pkcs7 keys
$
$ __arch := VAX
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
$ if __arch .eqs. "" then __arch := UNK
$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
$
$ cmd := mcr 'exe_dir'openssl pkcs7
$
$ t := testp7.pem
$ if p1 .nes. "" then t = p1
$
$ write sys$output "testing PKCS7 conversions"
$ if f$search("fff.*") .nes "" then delete fff.*;*
$ if f$search("ff.*") .nes "" then delete ff.*;*
$ if f$search("f.*") .nes "" then delete f.*;*
$ convert/fdl=sys$input: 't' fff.p
RECORD
FORMAT STREAM_LF
$
$ write sys$output "p -> d"
$ 'cmd' -in fff.p -inform p -outform d -out f.d
$ if $severity .ne. 1 then exit 3
$ write sys$output "p -> p"
$ 'cmd' -in fff.p -inform p -outform p -out f.p
$ if $severity .ne. 1 then exit 3
$
$ write sys$output "d -> d"
$ 'cmd' -in f.d -inform d -outform d -out ff.d1
$ if $severity .ne. 1 then exit 3
$ write sys$output "p -> d"
$ 'cmd' -in f.p -inform p -outform d -out ff.d3
$ if $severity .ne. 1 then exit 3
$
$
$ write sys$output "d -> p"
$ 'cmd' -in f.d -inform d -outform p -out ff.p1
$ if $severity .ne. 1 then exit 3
$ write sys$output "p -> p"
$ 'cmd' -in f.p -inform p -outform p -out ff.p3
$ if $severity .ne. 1 then exit 3
$
$ backup/compare fff.p f.p
$ if $severity .ne. 1 then exit 3
$ backup/compare fff.p ff.p1
$ if $severity .ne. 1 then exit 3
$ backup/compare fff.p ff.p3
$ if $severity .ne. 1 then exit 3
$
$ backup/compare f.p ff.p1
$ if $severity .ne. 1 then exit 3
$ backup/compare f.p ff.p3
$ if $severity .ne. 1 then exit 3
$
$ delete f.*;*,ff.*;*,fff.*;*

41
test/tpkcs7d Normal file
View File

@@ -0,0 +1,41 @@
#!/bin/sh
cmd='../util/shlib_wrap.sh ../apps/openssl pkcs7'
if [ "$1"x != "x" ]; then
t=$1
else
t=pkcs7-1.pem
fi
echo "testing pkcs7 conversions (2)"
cp $t fff.p
echo "p -> d"
$cmd -in fff.p -inform p -outform d >f.d
if [ $? != 0 ]; then exit 1; fi
echo "p -> p"
$cmd -in fff.p -inform p -outform p >f.p
if [ $? != 0 ]; then exit 1; fi
echo "d -> d"
$cmd -in f.d -inform d -outform d >ff.d1
if [ $? != 0 ]; then exit 1; fi
echo "p -> d"
$cmd -in f.p -inform p -outform d >ff.d3
if [ $? != 0 ]; then exit 1; fi
echo "d -> p"
$cmd -in f.d -inform d -outform p >ff.p1
if [ $? != 0 ]; then exit 1; fi
echo "p -> p"
$cmd -in f.p -inform p -outform p >ff.p3
if [ $? != 0 ]; then exit 1; fi
cmp f.p ff.p1
if [ $? != 0 ]; then exit 1; fi
cmp f.p ff.p3
if [ $? != 0 ]; then exit 1; fi
/bin/rm -f f.* ff.* fff.*
exit 0

49
test/tpkcs7d.com Normal file
View File

@@ -0,0 +1,49 @@
$! TPKCS7.COM -- Tests pkcs7 keys
$
$ __arch := VAX
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
$ if __arch .eqs. "" then __arch := UNK
$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
$
$ cmd := mcr 'exe_dir'openssl pkcs7
$
$ t := pkcs7-1.pem
$ if p1 .nes. "" then t = p1
$
$ write sys$output "testing PKCS7 conversions (2)"
$ if f$search("fff.*") .nes "" then delete fff.*;*
$ if f$search("ff.*") .nes "" then delete ff.*;*
$ if f$search("f.*") .nes "" then delete f.*;*
$ convert/fdl=sys$input: 't' fff.p
RECORD
FORMAT STREAM_LF
$
$ write sys$output "p -> d"
$ 'cmd' -in fff.p -inform p -outform d -out f.d
$ if $severity .ne. 1 then exit 3
$ write sys$output "p -> p"
$ 'cmd' -in fff.p -inform p -outform p -out f.p
$ if $severity .ne. 1 then exit 3
$
$ write sys$output "d -> d"
$ 'cmd' -in f.d -inform d -outform d -out ff.d1
$ if $severity .ne. 1 then exit 3
$ write sys$output "p -> d"
$ 'cmd' -in f.p -inform p -outform d -out ff.d3
$ if $severity .ne. 1 then exit 3
$
$
$ write sys$output "d -> p"
$ 'cmd' -in f.d -inform d -outform p -out ff.p1
$ if $severity .ne. 1 then exit 3
$ write sys$output "p -> p"
$ 'cmd' -in f.p -inform p -outform p -out ff.p3
$ if $severity .ne. 1 then exit 3
$
$ backup/compare f.p ff.p1
$ if $severity .ne. 1 then exit 3
$ backup/compare f.p ff.p3
$ if $severity .ne. 1 then exit 3
$
$ delete f.*;*,ff.*;*,fff.*;*

83
test/treq Normal file
View File

@@ -0,0 +1,83 @@
#!/bin/sh
cmd='../util/shlib_wrap.sh ../apps/openssl req -config ../apps/openssl.cnf'
if [ "$1"x != "x" ]; then
t=$1
else
t=testreq.pem
fi
if $cmd -in $t -inform p -noout -text 2>&1 | fgrep -i 'Unknown Public Key'; then
echo "skipping req conversion test for $t"
exit 0
fi
echo testing req conversions
cp $t fff.p
echo "p -> d"
$cmd -in fff.p -inform p -outform d >f.d
if [ $? != 0 ]; then exit 1; fi
#echo "p -> t"
#$cmd -in fff.p -inform p -outform t >f.t
#if [ $? != 0 ]; then exit 1; fi
echo "p -> p"
$cmd -in fff.p -inform p -outform p >f.p
if [ $? != 0 ]; then exit 1; fi
echo "d -> d"
$cmd -verify -in f.d -inform d -outform d >ff.d1
if [ $? != 0 ]; then exit 1; fi
#echo "t -> d"
#$cmd -in f.t -inform t -outform d >ff.d2
#if [ $? != 0 ]; then exit 1; fi
echo "p -> d"
$cmd -verify -in f.p -inform p -outform d >ff.d3
if [ $? != 0 ]; then exit 1; fi
#echo "d -> t"
#$cmd -in f.d -inform d -outform t >ff.t1
#if [ $? != 0 ]; then exit 1; fi
#echo "t -> t"
#$cmd -in f.t -inform t -outform t >ff.t2
#if [ $? != 0 ]; then exit 1; fi
#echo "p -> t"
#$cmd -in f.p -inform p -outform t >ff.t3
#if [ $? != 0 ]; then exit 1; fi
echo "d -> p"
$cmd -in f.d -inform d -outform p >ff.p1
if [ $? != 0 ]; then exit 1; fi
#echo "t -> p"
#$cmd -in f.t -inform t -outform p >ff.p2
#if [ $? != 0 ]; then exit 1; fi
echo "p -> p"
$cmd -in f.p -inform p -outform p >ff.p3
if [ $? != 0 ]; then exit 1; fi
cmp fff.p f.p
if [ $? != 0 ]; then exit 1; fi
cmp fff.p ff.p1
if [ $? != 0 ]; then exit 1; fi
#cmp fff.p ff.p2
#if [ $? != 0 ]; then exit 1; fi
cmp fff.p ff.p3
if [ $? != 0 ]; then exit 1; fi
#cmp f.t ff.t1
#if [ $? != 0 ]; then exit 1; fi
#cmp f.t ff.t2
#if [ $? != 0 ]; then exit 1; fi
#cmp f.t ff.t3
#if [ $? != 0 ]; then exit 1; fi
cmp f.p ff.p1
if [ $? != 0 ]; then exit 1; fi
#cmp f.p ff.p2
#if [ $? != 0 ]; then exit 1; fi
cmp f.p ff.p3
if [ $? != 0 ]; then exit 1; fi
/bin/rm -f f.* ff.* fff.*
exit 0

85
test/treq.com Normal file
View File

@@ -0,0 +1,85 @@
$! TREQ.COM -- Tests req keys
$
$ __arch := VAX
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
$ if __arch .eqs. "" then __arch := UNK
$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
$
$ cmd := mcr 'exe_dir'openssl req -config [-.apps]openssl-vms.cnf
$
$ t := testreq.pem
$ if p1 .nes. "" then t = p1
$
$ write sys$output "testing req conversions"
$ if f$search("fff.*") .nes "" then delete fff.*;*
$ if f$search("ff.*") .nes "" then delete ff.*;*
$ if f$search("f.*") .nes "" then delete f.*;*
$ convert/fdl=sys$input: 't' fff.p
RECORD
FORMAT STREAM_LF
$
$ write sys$output "p -> d"
$ 'cmd' -in fff.p -inform p -outform d -out f.d
$ if $severity .ne. 1 then exit 3
$! write sys$output "p -> t"
$! 'cmd' -in fff.p -inform p -outform t -out f.t
$! if $severity .ne. 1 then exit 3
$ write sys$output "p -> p"
$ 'cmd' -in fff.p -inform p -outform p -out f.p
$ if $severity .ne. 1 then exit 3
$
$ write sys$output "d -> d"
$ 'cmd' -verify -in f.d -inform d -outform d -out ff.d1
$ if $severity .ne. 1 then exit 3
$! write sys$output "t -> d"
$! 'cmd' -verify -in f.t -inform t -outform d -out ff.d2
$! if $severity .ne. 1 then exit 3
$ write sys$output "p -> d"
$ 'cmd' -verify -in f.p -inform p -outform d -out ff.d3
$ if $severity .ne. 1 then exit 3
$
$! write sys$output "d -> t"
$! 'cmd' -in f.d -inform d -outform t -out ff.t1
$! if $severity .ne. 1 then exit 3
$! write sys$output "t -> t"
$! 'cmd' -in f.t -inform t -outform t -out ff.t2
$! if $severity .ne. 1 then exit 3
$! write sys$output "p -> t"
$! 'cmd' -in f.p -inform p -outform t -out ff.t3
$! if $severity .ne. 1 then exit 3
$
$ write sys$output "d -> p"
$ 'cmd' -in f.d -inform d -outform p -out ff.p1
$ if $severity .ne. 1 then exit 3
$! write sys$output "t -> p"
$! 'cmd' -in f.t -inform t -outform p -out ff.p2
$! if $severity .ne. 1 then exit 3
$ write sys$output "p -> p"
$ 'cmd' -in f.p -inform p -outform p -out ff.p3
$ if $severity .ne. 1 then exit 3
$
$ backup/compare fff.p f.p
$ if $severity .ne. 1 then exit 3
$ backup/compare fff.p ff.p1
$ if $severity .ne. 1 then exit 3
$! backup/compare fff.p ff.p2
$! if $severity .ne. 1 then exit 3
$ backup/compare fff.p ff.p3
$ if $severity .ne. 1 then exit 3
$
$! backup/compare f.t ff.t1
$! if $severity .ne. 1 then exit 3
$! backup/compare f.t ff.t2
$! if $severity .ne. 1 then exit 3
$! backup/compare f.t ff.t3
$! if $severity .ne. 1 then exit 3
$
$ backup/compare f.p ff.p1
$ if $severity .ne. 1 then exit 3
$! backup/compare f.p ff.p2
$! if $severity .ne. 1 then exit 3
$ backup/compare f.p ff.p3
$ if $severity .ne. 1 then exit 3
$
$ delete f.*;*,ff.*;*,fff.*;*

83
test/trsa Normal file
View File

@@ -0,0 +1,83 @@
#!/bin/sh
if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
echo skipping rsa conversion test
exit 0
fi
cmd='../util/shlib_wrap.sh ../apps/openssl rsa'
if [ "$1"x != "x" ]; then
t=$1
else
t=testrsa.pem
fi
echo testing rsa conversions
cp $t fff.p
echo "p -> d"
$cmd -in fff.p -inform p -outform d >f.d
if [ $? != 0 ]; then exit 1; fi
#echo "p -> t"
#$cmd -in fff.p -inform p -outform t >f.t
#if [ $? != 0 ]; then exit 1; fi
echo "p -> p"
$cmd -in fff.p -inform p -outform p >f.p
if [ $? != 0 ]; then exit 1; fi
echo "d -> d"
$cmd -in f.d -inform d -outform d >ff.d1
if [ $? != 0 ]; then exit 1; fi
#echo "t -> d"
#$cmd -in f.t -inform t -outform d >ff.d2
#if [ $? != 0 ]; then exit 1; fi
echo "p -> d"
$cmd -in f.p -inform p -outform d >ff.d3
if [ $? != 0 ]; then exit 1; fi
#echo "d -> t"
#$cmd -in f.d -inform d -outform t >ff.t1
#if [ $? != 0 ]; then exit 1; fi
#echo "t -> t"
#$cmd -in f.t -inform t -outform t >ff.t2
#if [ $? != 0 ]; then exit 1; fi
#echo "p -> t"
#$cmd -in f.p -inform p -outform t >ff.t3
#if [ $? != 0 ]; then exit 1; fi
echo "d -> p"
$cmd -in f.d -inform d -outform p >ff.p1
if [ $? != 0 ]; then exit 1; fi
#echo "t -> p"
#$cmd -in f.t -inform t -outform p >ff.p2
#if [ $? != 0 ]; then exit 1; fi
echo "p -> p"
$cmd -in f.p -inform p -outform p >ff.p3
if [ $? != 0 ]; then exit 1; fi
cmp fff.p f.p
if [ $? != 0 ]; then exit 1; fi
cmp fff.p ff.p1
if [ $? != 0 ]; then exit 1; fi
#cmp fff.p ff.p2
#if [ $? != 0 ]; then exit 1; fi
cmp fff.p ff.p3
if [ $? != 0 ]; then exit 1; fi
#cmp f.t ff.t1
#if [ $? != 0 ]; then exit 1; fi
#cmp f.t ff.t2
#if [ $? != 0 ]; then exit 1; fi
#cmp f.t ff.t3
#if [ $? != 0 ]; then exit 1; fi
cmp f.p ff.p1
if [ $? != 0 ]; then exit 1; fi
#cmp f.p ff.p2
#if [ $? != 0 ]; then exit 1; fi
cmp f.p ff.p3
if [ $? != 0 ]; then exit 1; fi
/bin/rm -f f.* ff.* fff.*
exit 0

96
test/trsa.com Normal file
View File

@@ -0,0 +1,96 @@
$! TRSA.COM -- Tests rsa keys
$
$ __arch := VAX
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
$ if __arch .eqs. "" then __arch := UNK
$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
$
$ set noon
$ define/user sys$output nla0:
$ mcr 'exe_dir'openssl no-rsa
$ save_severity=$SEVERITY
$ set on
$ if save_severity
$ then
$ write sys$output "skipping RSA conversion test"
$ exit
$ endif
$
$ cmd := mcr 'exe_dir'openssl rsa
$
$ t := testrsa.pem
$ if p1 .nes. "" then t = p1
$
$ write sys$output "testing RSA conversions"
$ if f$search("fff.*") .nes "" then delete fff.*;*
$ if f$search("ff.*") .nes "" then delete ff.*;*
$ if f$search("f.*") .nes "" then delete f.*;*
$ convert/fdl=sys$input: 't' fff.p
RECORD
FORMAT STREAM_LF
$
$ write sys$output "p -> d"
$ 'cmd' -in fff.p -inform p -outform d -out f.d
$ if $severity .ne. 1 then exit 3
$! write sys$output "p -> t"
$! 'cmd' -in fff.p -inform p -outform t -out f.t
$! if $severity .ne. 1 then exit 3
$ write sys$output "p -> p"
$ 'cmd' -in fff.p -inform p -outform p -out f.p
$ if $severity .ne. 1 then exit 3
$
$ write sys$output "d -> d"
$ 'cmd' -in f.d -inform d -outform d -out ff.d1
$ if $severity .ne. 1 then exit 3
$! write sys$output "t -> d"
$! 'cmd' -in f.t -inform t -outform d -out ff.d2
$! if $severity .ne. 1 then exit 3
$ write sys$output "p -> d"
$ 'cmd' -in f.p -inform p -outform d -out ff.d3
$ if $severity .ne. 1 then exit 3
$
$! write sys$output "d -> t"
$! 'cmd' -in f.d -inform d -outform t -out ff.t1
$! if $severity .ne. 1 then exit 3
$! write sys$output "t -> t"
$! 'cmd' -in f.t -inform t -outform t -out ff.t2
$! if $severity .ne. 1 then exit 3
$! write sys$output "p -> t"
$! 'cmd' -in f.p -inform p -outform t -out ff.t3
$! if $severity .ne. 1 then exit 3
$
$ write sys$output "d -> p"
$ 'cmd' -in f.d -inform d -outform p -out ff.p1
$ if $severity .ne. 1 then exit 3
$! write sys$output "t -> p"
$! 'cmd' -in f.t -inform t -outform p -out ff.p2
$! if $severity .ne. 1 then exit 3
$ write sys$output "p -> p"
$ 'cmd' -in f.p -inform p -outform p -out ff.p3
$ if $severity .ne. 1 then exit 3
$
$ backup/compare fff.p f.p
$ if $severity .ne. 1 then exit 3
$ backup/compare fff.p ff.p1
$ if $severity .ne. 1 then exit 3
$! backup/compare fff.p ff.p2
$! if $severity .ne. 1 then exit 3
$ backup/compare fff.p ff.p3
$ if $severity .ne. 1 then exit 3
$
$! backup/compare f.t ff.t1
$! if $severity .ne. 1 then exit 3
$! backup/compare f.t ff.t2
$! if $severity .ne. 1 then exit 3
$! backup/compare f.t ff.t3
$! if $severity .ne. 1 then exit 3
$
$ backup/compare f.p ff.p1
$ if $severity .ne. 1 then exit 3
$! backup/compare f.p ff.p2
$! if $severity .ne. 1 then exit 3
$ backup/compare f.p ff.p3
$ if $severity .ne. 1 then exit 3
$
$ delete f.*;*,ff.*;*,fff.*;*

Some files were not shown because too many files have changed in this diff Show More