diff options
author | Rich Salz <rsalz@akamai.com> | 2016-02-27 12:32:42 -0500 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2016-02-27 13:39:46 -0500 |
commit | 6ab364149d8b76b5d2341a2e708e727cad060416 (patch) | |
tree | 5d9a6cc432c6eb0fcf900ddef6e1864c1f12ecdc /test | |
parent | b23238f9aa95bcc31a369d3b24616f4f99691052 (diff) | |
download | openssl-6ab364149d8b76b5d2341a2e708e727cad060416.zip openssl-6ab364149d8b76b5d2341a2e708e727cad060416.tar.gz openssl-6ab364149d8b76b5d2341a2e708e727cad060416.tar.bz2 |
Remove some old files.
I read the PROBLEMS, and they're outdated; nothing I'd put in the
online FAQ, for example. Test-builds work without using these files.
Had to remove the rehash.time stuff from Makefile.in
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'test')
36 files changed, 0 insertions, 3596 deletions
diff --git a/test/Attic/VMSca-response.1 b/test/Attic/VMSca-response.1 deleted file mode 100644 index 8b13789..0000000 --- a/test/Attic/VMSca-response.1 +++ /dev/null @@ -1 +0,0 @@ - diff --git a/test/Attic/VMSca-response.2 b/test/Attic/VMSca-response.2 deleted file mode 100644 index 9b48ee4..0000000 --- a/test/Attic/VMSca-response.2 +++ /dev/null @@ -1,2 +0,0 @@ -y -y diff --git a/test/Attic/bctest b/test/Attic/bctest deleted file mode 100755 index bdb3218..0000000 --- a/test/Attic/bctest +++ /dev/null @@ -1,111 +0,0 @@ -#!/bin/sh - -# This script is used by test/Makefile.ssl to check whether a sane 'bc' -# is installed. -# ('make test_bn' should not try to run 'bc' if it does not exist or if -# it is a broken 'bc' version that is known to cause trouble.) -# -# If 'bc' works, we also test if it knows the 'print' command. -# -# In any case, output an appropriate command line for running (or not -# running) bc. - - -IFS=: -try_without_dir=true -# First we try "bc", then "$dir/bc" for each item in $PATH. -for dir in dummy:$PATH; do - if [ "$try_without_dir" = true ]; then - # first iteration - bc=bc - try_without_dir=false - else - # second and later iterations - bc="$dir/bc" - if [ ! -f "$bc" ]; then # '-x' is not available on Ultrix - bc='' - fi - fi - - if [ ! "$bc" = '' ]; then - failure=none - - - # Test for SunOS 5.[78] bc bug - "$bc" >tmp.bctest <<\EOF -obase=16 -ibase=16 -a=AD88C418F31B3FC712D0425001D522B3AE9134FF3A98C13C1FCC1682211195406C1A6C66C6A\ -CEEC1A0EC16950233F77F1C2F2363D56DD71A36C57E0B2511FC4BA8F22D261FE2E9356D99AF57\ -10F3817C0E05BF79C423C3F66FDF321BE8D3F18F625D91B670931C1EF25F28E489BDA1C5422D1\ -C3F6F7A1AD21585746ECC4F10A14A778AF56F08898E965E9909E965E0CB6F85B514150C644759\ -3BE731877B16EA07B552088FF2EA728AC5E0FF3A23EB939304519AB8B60F2C33D6BA0945B66F0\ -4FC3CADF855448B24A9D7640BCF473E -b=DCE91E7D120B983EA9A104B5A96D634DD644C37657B1C7860B45E6838999B3DCE5A555583C6\ -9209E41F413422954175A06E67FFEF6746DD652F0F48AEFECC3D8CAC13523BDAAD3F5AF4212BD\ -8B3CD64126E1A82E190228020C05B91C8B141F1110086FC2A4C6ED631EBA129D04BB9A19FC53D\ -3ED0E2017D60A68775B75481449 -(a/b)*b + (a%b) - a -EOF - if [ 0 != "`cat tmp.bctest`" ]; then - failure=SunOStest - fi - - - if [ "$failure" = none ]; then - # Test for SCO bc bug. - "$bc" >tmp.bctest <<\EOF -obase=16 -ibase=16 --FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4AEC6F15AC177F176F2274D2\ -9DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7F5ADFACEE54573F5D256A06\ -11B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99FB9812A0E4A5773D8B254117\ -1239157EC6E3D8D50199 * -FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4\ -AEC6F15AC177F176F2274D29DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7\ -F5ADFACEE54573F5D256A0611B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99F\ -B9812A0E4A5773D8B2541171239157EC6E3D8D50199 - FFBACC221682DA464B6D7F123482522\ -02EDAEDCA38C3B69E9B7BBCD6165A9CD8716C4903417F23C09A85B851961F92C217258CEEB866\ -85EFCC5DD131853A02C07A873B8E2AF2E40C6D5ED598CD0E8F35AD49F3C3A17FDB7653E4E2DC4\ -A8D23CC34686EE4AD01F7407A7CD74429AC6D36DBF0CB6A3E302D0E5BDFCD048A3B90C1BE5AA8\ -E16C3D5884F9136B43FF7BB443764153D4AEC176C681B078F4CC53D6EB6AB76285537DDEE7C18\ -8C72441B52EDBDDBC77E02D34E513F2AABF92F44109CAFE8242BD0ECBAC5604A94B02EA44D43C\ -04E9476E6FBC48043916BFA1485C6093603600273C9C33F13114D78064AE42F3DC466C7DA543D\ -89C8D71 -AD534AFBED2FA39EE9F40E20FCF9E2C861024DB98DDCBA1CD118C49CA55EEBC20D6BA51B2271C\ -928B693D6A73F67FEB1B4571448588B46194617D25D910C6A9A130CC963155CF34079CB218A44\ -8A1F57E276D92A33386DDCA3D241DB78C8974ABD71DD05B0FA555709C9910D745185E6FE108E3\ -37F1907D0C56F8BFBF52B9704 % -E557905B56B13441574CAFCE2BD257A750B1A8B2C88D0E36\ -E18EF7C38DAC80D3948E17ED63AFF3B3467866E3B89D09A81B3D16B52F6A3C7134D3C6F5123E9\ -F617E3145BBFBE9AFD0D6E437EA4FF6F04BC67C4F1458B4F0F47B64 - 1C2BBBB19B74E86FD32\ -9E8DB6A8C3B1B9986D57ED5419C2E855F7D5469E35E76334BB42F4C43E3F3A31B9697C171DAC4\ -D97935A7E1A14AD209D6CF811F55C6DB83AA9E6DFECFCD6669DED7171EE22A40C6181615CAF3F\ -5296964 -EOF - if [ "0 -0" != "`cat tmp.bctest`" ]; then - failure=SCOtest - fi - fi - - - if [ "$failure" = none ]; then - # bc works; now check if it knows the 'print' command. - if [ "OK" = "`echo 'print \"OK\"' | $bc 2>/dev/null`" ] - then - echo "$bc" - else - echo "sed 's/print.*//' | $bc" - fi - exit 0 - fi - - echo "$bc does not work properly ('$failure' failed). Looking for another bc ..." >&2 - fi -done - -echo "No working bc found. Consider installing GNU bc." >&2 -if [ "$1" = ignore ]; then - echo "cat >/dev/null" - exit 0 -fi -exit 1 diff --git a/test/Attic/bctest.com b/test/Attic/bctest.com deleted file mode 100644 index d7e5ec1..0000000 --- a/test/Attic/bctest.com +++ /dev/null @@ -1,152 +0,0 @@ -$! -$! Check operation of "bc". -$! -$! 2010-04-05 SMS. New. Based (loosely) on "bctest". -$! -$! -$ tmp_file_name = "tmp.bctest" -$ failure = "" -$! -$! Basic command test. -$! -$ on warning then goto bc_fail -$ bc -$ on error then exit -$! -$! Test for SunOS 5.[78] bc bug. -$! -$ if (failure .eqs. "") -$ then -$! -$ define /user_mode sys$output 'tmp_file_name' -$ bc -obase=16 -ibase=16 -a=AD88C418F31B3FC712D0425001D522B3AE9134FF3A98C13C1FCC1682211195406C1A6C66C6A\ -CEEC1A0EC16950233F77F1C2F2363D56DD71A36C57E0B2511FC4BA8F22D261FE2E9356D99AF57\ -10F3817C0E05BF79C423C3F66FDF321BE8D3F18F625D91B670931C1EF25F28E489BDA1C5422D1\ -C3F6F7A1AD21585746ECC4F10A14A778AF56F08898E965E9909E965E0CB6F85B514150C644759\ -3BE731877B16EA07B552088FF2EA728AC5E0FF3A23EB939304519AB8B60F2C33D6BA0945B66F0\ -4FC3CADF855448B24A9D7640BCF473E -b=DCE91E7D120B983EA9A104B5A96D634DD644C37657B1C7860B45E6838999B3DCE5A555583C6\ -9209E41F413422954175A06E67FFEF6746DD652F0F48AEFECC3D8CAC13523BDAAD3F5AF4212BD\ -8B3CD64126E1A82E190228020C05B91C8B141F1110086FC2A4C6ED631EBA129D04BB9A19FC53D\ -3ED0E2017D60A68775B75481449 -(a/b)*b + (a%b) - a -$ status = $status -$ output_expected = "0" -$ gosub check_output -$ if (output .ne. 1) -$ then -$ failure = "SunOStest" -$ else -$ delete 'f$parse( tmp_file_name)' -$ endif -$ endif -$! -$! Test for SCO bc bug. -$! -$ if (failure .eqs. "") -$ then -$! -$ define /user_mode sys$output 'tmp_file_name' -$ bc -obase=16 -ibase=16 --FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4AEC6F15AC177F176F2274D2\ -9DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7F5ADFACEE54573F5D256A06\ -11B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99FB9812A0E4A5773D8B254117\ -1239157EC6E3D8D50199 * -FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4\ -AEC6F15AC177F176F2274D29DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7\ -F5ADFACEE54573F5D256A0611B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99F\ -B9812A0E4A5773D8B2541171239157EC6E3D8D50199 - FFBACC221682DA464B6D7F123482522\ -02EDAEDCA38C3B69E9B7BBCD6165A9CD8716C4903417F23C09A85B851961F92C217258CEEB866\ -85EFCC5DD131853A02C07A873B8E2AF2E40C6D5ED598CD0E8F35AD49F3C3A17FDB7653E4E2DC4\ -A8D23CC34686EE4AD01F7407A7CD74429AC6D36DBF0CB6A3E302D0E5BDFCD048A3B90C1BE5AA8\ -E16C3D5884F9136B43FF7BB443764153D4AEC176C681B078F4CC53D6EB6AB76285537DDEE7C18\ -8C72441B52EDBDDBC77E02D34E513F2AABF92F44109CAFE8242BD0ECBAC5604A94B02EA44D43C\ -04E9476E6FBC48043916BFA1485C6093603600273C9C33F13114D78064AE42F3DC466C7DA543D\ -89C8D71 -AD534AFBED2FA39EE9F40E20FCF9E2C861024DB98DDCBA1CD118C49CA55EEBC20D6BA51B2271C\ -928B693D6A73F67FEB1B4571448588B46194617D25D910C6A9A130CC963155CF34079CB218A44\ -8A1F57E276D92A33386DDCA3D241DB78C8974ABD71DD05B0FA555709C9910D745185E6FE108E3\ -37F1907D0C56F8BFBF52B9704 % -E557905B56B13441574CAFCE2BD257A750B1A8B2C88D0E36\ -E18EF7C38DAC80D3948E17ED63AFF3B3467866E3B89D09A81B3D16B52F6A3C7134D3C6F5123E9\ -F617E3145BBFBE9AFD0D6E437EA4FF6F04BC67C4F1458B4F0F47B64 - 1C2BBBB19B74E86FD32\ -9E8DB6A8C3B1B9986D57ED5419C2E855F7D5469E35E76334BB42F4C43E3F3A31B9697C171DAC4\ -D97935A7E1A14AD209D6CF811F55C6DB83AA9E6DFECFCD6669DED7171EE22A40C6181615CAF3F\ -5296964 -$ status = $status -$ output_expected = "0\0" -$ gosub check_output -$ if (output .ne. 1) -$ then -$ failure = "SCOtest" -$ else -$ delete 'f$parse( tmp_file_name)' -$ endif -$ endif -$! -$! Test for working 'print' command. -$! -$ if (failure .eqs. "") -$ then -$! -$ define /user_mode sys$output 'tmp_file_name' -$ bc -print "OK" -$ status = $status -$ output_expected = "OK" -$ gosub check_output -$ if (output .ne. 1) -$ then -$ failure = "printtest" -$ else -$ delete 'f$parse( tmp_file_name)' -$ endif -$ endif -$! -$ if (failure .nes. "") -$ then -$ write sys$output - - "No working bc found. Consider installing GNU bc." -$ exit %X00030000 ! %DCL-W-NORMAL -$ endif -$! -$ exit -$! -$! -$! Complete "bc" command failure. -$! -$ bc_fail: -$ write sys$output - - "No ""bc"" program/symbol found. Consider installing GNU bc." -$ exit %X00030000 ! %DCL-W-NORMAL -$! -$! -$! Output check subroutine. -$! -$ check_output: -$ eof = 0 -$ line_nr = 0 -$ open /read tmp_file 'tmp_file_name' -$ c_o_loop: -$ read /error = error_read tmp_file line -$ goto ok_read -$ error_read: -$ eof = 1 -$ ok_read: -$ line_expected = f$element( line_nr, "\", output_expected) -$ line_nr = line_nr+ 1 -$ if ((line_expected .nes. "\") .and. (.not. eof) .and. - - (line_expected .eqs. line)) then goto c_o_loop -$! -$ if ((line_expected .eqs. "\") .and. eof) -$ then -$ output = 1 -$ else -$ output = 0 -$ endif -$ close tmp_file -$ return -$! diff --git a/test/Attic/bntest.com b/test/Attic/bntest.com deleted file mode 100644 index 6545d2e..0000000 --- a/test/Attic/bntest.com +++ /dev/null @@ -1,76 +0,0 @@ -$! -$! Analyze bntest output file. -$! -$! Exit status = 1 (success) if all tests passed, -$! 0 (warning) if any test failed. -$! -$! 2011-02-20 SMS. Added code to skip "#" comments in the input file. -$! -$! 2010-04-05 SMS. New. Based (loosely) on perl code in bntest-vms.sh. -$! -$! Expect data like: -$! test test_name1 -$! 0 -$! [...] -$! test test_name2 -$! 0 -$! [...] -$! [...] -$! -$! Some tests have no following "0" lines. -$! -$ result_file_name = f$edit( p1, "TRIM") -$ if (result_file_name .eqs. "") -$ then -$ result_file_name = "bntest-vms.out" -$ endif -$! -$ fail = 0 -$ passed = 0 -$ tests = 0 -$! -$ on control_c then goto tidy -$ on error then goto tidy -$! -$ open /read result_file 'result_file_name' -$! -$ read_loop: -$ read /end = read_loop_end /error = tidy result_file line -$ t1 = f$element( 0, " ", line) -$! -$! Skip "#" comment lines. -$ if (f$extract( 0, 1, f$edit( line, "TRIM")) .eqs. "#") then - - goto read_loop -$! -$ if (t1 .eqs. "test") -$ then -$ passed = passed+ 1 -$ tests = tests+ 1 -$ fail = 1 -$ t2 = f$extract( 5, 1000, line) -$ write sys$output "verify ''t2'" -$ else -$ if (t1 .nes. "0") -$ then -$ write sys$output "Failed! bc: ''line'" -$ passed = passed- fail -$ fail = 0 -$ endif -$ endif -$ goto read_loop -$ read_loop_end: -$ write sys$output "''passed'/''tests' tests passed" -$! -$ tidy: -$ if f$trnlnm( "result_file", "LNM$PROCESS_TABLE", , "SUPERVISOR", , "CONFINE") -$ then -$ close result_file -$ endif -$! -$ if ((tests .gt. 0) .and. (tests .eq. passed)) -$ then -$ exit 1 -$ else -$ exit 0 -$ endif -$! diff --git a/test/Attic/cms-test.pl b/test/Attic/cms-test.pl deleted file mode 100644 index 1ee3f02..0000000 --- a/test/Attic/cms-test.pl +++ /dev/null @@ -1,629 +0,0 @@ -# test/cms-test.pl -# Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL -# project. -# -# ==================================================================== -# Copyright (c) 2008 The OpenSSL Project. All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in -# the documentation and/or other materials provided with the -# distribution. -# -# 3. All advertising materials mentioning features or use of this -# software must display the following acknowledgment: -# "This product includes software developed by the OpenSSL Project -# for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" -# -# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -# endorse or promote products derived from this software without -# prior written permission. For written permission, please contact -# licensing@OpenSSL.org. -# -# 5. Products derived from this software may not be called "OpenSSL" -# nor may "OpenSSL" appear in their names without prior written -# permission of the OpenSSL Project. -# -# 6. Redistributions of any form whatsoever must retain the following -# acknowledgment: -# "This product includes software developed by the OpenSSL Project -# for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" -# -# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -# OF THE POSSIBILITY OF SUCH DAMAGE. -# ==================================================================== - -# CMS, PKCS7 consistency test script. Run extensive tests on -# OpenSSL PKCS#7 and CMS implementations. - -my $ossl_path; -my $redir = " 2> cms.err > cms.out"; -# Make VMS work -if ( $^O eq "VMS" && -f "OSSLX:openssl.exe" ) { - $ossl_path = "pipe mcr OSSLX:openssl"; - $null_path = "NL:"; - # On VMS, the lowest 3 bits of the exit code indicates severity - # 1 is success (perl translates it to 0 for $?), 2 is error - # (perl doesn't translate it) - $failure_code = 512; # 2 << 8 = 512 -} -# Make MSYS work -elsif ( $^O eq "MSWin32" && -f "../apps/openssl.exe" ) { - $ossl_path = "cmd /c ..\\apps\\openssl"; - $null_path = "NUL"; - $failure_code = 256; -} -elsif ( -f "../apps/openssl$ENV{EXE_EXT}" ) { - $ossl_path = "../util/shlib_wrap.sh ../apps/openssl"; - $null_path = "/dev/null"; - $failure_code = 256; -} -elsif ( -f "..\\out32dll\\openssl.exe" ) { - $ossl_path = "..\\out32dll\\openssl.exe"; - $null_path = "NUL"; - $failure_code = 256; -} -elsif ( -f "..\\out32\\openssl.exe" ) { - $ossl_path = "..\\out32\\openssl.exe"; - $null_path = "NUL"; - $failure_code = 256; -} -else { - die "Can't find OpenSSL executable"; -} - -my $pk7cmd = "$ossl_path smime "; -my $cmscmd = "$ossl_path cms "; -my $smdir = "smime-certs"; -my $halt_err = 1; - -my $badcmd = 0; -my $no_ec; -my $no_ec2m; -my $no_ecdh; -my $ossl8 = `$ossl_path version -v` =~ /0\.9\.8/; - -system ("$ossl_path no-cms > $null_path"); -if ($? == 0) - { - print "CMS disabled\n"; - exit 0; - } - -system ("$ossl_path no-ec > $null_path"); -if ($? == 0) - { - $no_ec = 1; - } -elsif ($? == $failure_code) - { - $no_ec = 0; - } -else - { - die "Error checking for EC support\n"; - } - -system ("$ossl_path no-ec2m > $null_path"); -if ($? == 0) - { - $no_ec2m = 1; - } -elsif ($? == $failure_code) - { - $no_ec2m = 0; - } -else - { - die "Error checking for EC2M support\n"; - } - -system ("$ossl_path no-ec > $null_path"); -if ($? == 0) - { - $no_ecdh = 1; - } -elsif ($? == $failure_code) - { - $no_ecdh = 0; - } -else - { - die "Error checking for ECDH support\n"; - } - -my @smime_pkcs7_tests = ( - - [ - "signed content DER format, RSA key", - "-sign -in smcont.txt -outform \"DER\" -nodetach" - . " -certfile $smdir/smroot.pem" - . " -signer $smdir/smrsa1.pem -out test.cms", - "-verify -in test.cms -inform \"DER\" " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ - "signed detached content DER format, RSA key", - "-sign -in smcont.txt -outform \"DER\"" - . " -signer $smdir/smrsa1.pem -out test.cms", - "-verify -in test.cms -inform \"DER\" " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt" - ], - - [ - "signed content test streaming BER format, RSA", - "-sign -in smcont.txt -outform \"DER\" -nodetach" - . " -stream -signer $smdir/smrsa1.pem -out test.cms", - "-verify -in test.cms -inform \"DER\" " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ - "signed content DER format, DSA key", - "-sign -in smcont.txt -outform \"DER\" -nodetach" - . " -signer $smdir/smdsa1.pem -out test.cms", - "-verify -in test.cms -inform \"DER\" " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ - "signed detached content DER format, DSA key", - "-sign -in smcont.txt -outform \"DER\"" - . " -signer $smdir/smdsa1.pem -out test.cms", - "-verify -in test.cms -inform \"DER\" " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt" - ], - - [ - "signed detached content DER format, add RSA signer", - "-resign -inform \"DER\" -in test.cms -outform \"DER\"" - . " -signer $smdir/smrsa1.pem -out test2.cms", - "-verify -in test2.cms -inform \"DER\" " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt" - ], - - [ - "signed content test streaming BER format, DSA key", - "-sign -in smcont.txt -outform \"DER\" -nodetach" - . " -stream -signer $smdir/smdsa1.pem -out test.cms", - "-verify -in test.cms -inform \"DER\" " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ - "signed content test streaming BER format, 2 DSA and 2 RSA keys", - "-sign -in smcont.txt -outform \"DER\" -nodetach" - . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem" - . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem" - . " -stream -out test.cms", - "-verify -in test.cms -inform \"DER\" " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ -"signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes", - "-sign -in smcont.txt -outform \"DER\" -noattr -nodetach" - . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem" - . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem" - . " -stream -out test.cms", - "-verify -in test.cms -inform \"DER\" " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ - "signed content test streaming S/MIME format, 2 DSA and 2 RSA keys", - "-sign -in smcont.txt -nodetach" - . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem" - . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem" - . " -stream -out test.cms", - "-verify -in test.cms " . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ -"signed content test streaming multipart S/MIME format, 2 DSA and 2 RSA keys", - "-sign -in smcont.txt" - . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem" - . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem" - . " -stream -out test.cms", - "-verify -in test.cms " . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ - "enveloped content test streaming S/MIME format, 3 recipients", - "-encrypt -in smcont.txt" - . " -stream -out test.cms" - . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ", - "-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt" - ], - - [ -"enveloped content test streaming S/MIME format, 3 recipients, 3rd used", - "-encrypt -in smcont.txt" - . " -stream -out test.cms" - . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ", - "-decrypt -recip $smdir/smrsa3.pem -in test.cms -out smtst.txt" - ], - - [ -"enveloped content test streaming S/MIME format, 3 recipients, key only used", - "-encrypt -in smcont.txt" - . " -stream -out test.cms" - . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ", - "-decrypt -inkey $smdir/smrsa3.pem -in test.cms -out smtst.txt" - ], - - [ -"enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients", - "-encrypt -in smcont.txt" - . " -aes256 -stream -out test.cms" - . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ", - "-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt" - ], - -); - -my @smime_cms_tests = ( - - [ - "signed content test streaming BER format, 2 DSA and 2 RSA keys, keyid", - "-sign -in smcont.txt -outform \"DER\" -nodetach -keyid" - . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem" - . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem" - . " -stream -out test.cms", - "-verify -in test.cms -inform \"DER\" " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ - "signed content test streaming PEM format, 2 DSA and 2 RSA keys", - "-sign -in smcont.txt -outform PEM -nodetach" - . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem" - . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem" - . " -stream -out test.cms", - "-verify -in test.cms -inform PEM " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ - "signed content MIME format, RSA key, signed receipt request", - "-sign -in smcont.txt -signer $smdir/smrsa1.pem -nodetach" - . " -receipt_request_to test\@openssl.org -receipt_request_all" - . " -out test.cms", - "-verify -in test.cms " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ - "signed receipt MIME format, RSA key", - "-sign_receipt -in test.cms" - . " -signer $smdir/smrsa2.pem" - . " -out test2.cms", - "-verify_receipt test2.cms -in test.cms" - . " \"-CAfile\" $smdir/smroot.pem" - ], - - [ - "enveloped content test streaming S/MIME format, 3 recipients, keyid", - "-encrypt -in smcont.txt" - . " -stream -out test.cms -keyid" - . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ", - "-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt" - ], - - [ - "enveloped content test streaming PEM format, KEK", - "-encrypt -in smcont.txt -outform PEM -aes128" - . " -stream -out test.cms " - . " -secretkey 000102030405060708090A0B0C0D0E0F " - . " -secretkeyid C0FEE0", - "-decrypt -in test.cms -out smtst.txt -inform PEM" - . " -secretkey 000102030405060708090A0B0C0D0E0F " - . " -secretkeyid C0FEE0" - ], - - [ - "enveloped content test streaming PEM format, KEK, key only", - "-encrypt -in smcont.txt -outform PEM -aes128" - . " -stream -out test.cms " - . " -secretkey 000102030405060708090A0B0C0D0E0F " - . " -secretkeyid C0FEE0", - "-decrypt -in test.cms -out smtst.txt -inform PEM" - . " -secretkey 000102030405060708090A0B0C0D0E0F " - ], - - [ - "data content test streaming PEM format", - "-data_create -in smcont.txt -outform PEM -nodetach" - . " -stream -out test.cms", - "-data_out -in test.cms -inform PEM -out smtst.txt" - ], - - [ - "encrypted content test streaming PEM format, 128 bit RC2 key", - "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM" - . " -rc2 -secretkey 000102030405060708090A0B0C0D0E0F" - . " -stream -out test.cms", - "\"-EncryptedData_decrypt\" -in test.cms -inform PEM " - . " -secretkey 000102030405060708090A0B0C0D0E0F -out smtst.txt" - ], - - [ - "encrypted content test streaming PEM format, 40 bit RC2 key", - "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM" - . " -rc2 -secretkey 0001020304" - . " -stream -out test.cms", - "\"-EncryptedData_decrypt\" -in test.cms -inform PEM " - . " -secretkey 0001020304 -out smtst.txt" - ], - - [ - "encrypted content test streaming PEM format, triple DES key", - "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM" - . " -des3 -secretkey 000102030405060708090A0B0C0D0E0F1011121314151617" - . " -stream -out test.cms", - "\"-EncryptedData_decrypt\" -in test.cms -inform PEM " - . " -secretkey 000102030405060708090A0B0C0D0E0F1011121314151617" - . " -out smtst.txt" - ], - - [ - "encrypted content test streaming PEM format, 128 bit AES key", - "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM" - . " -aes128 -secretkey 000102030405060708090A0B0C0D0E0F" - . " -stream -out test.cms", - "\"-EncryptedData_decrypt\" -in test.cms -inform PEM " - . " -secretkey 000102030405060708090A0B0C0D0E0F -out smtst.txt" - ], - -); - -my @smime_cms_comp_tests = ( - - [ - "compressed content test streaming PEM format", - "-compress -in smcont.txt -outform PEM -nodetach" - . " -stream -out test.cms", - "-uncompress -in test.cms -inform PEM -out smtst.txt" - ] - -); - -my @smime_cms_param_tests = ( - [ - "signed content test streaming PEM format, RSA keys, PSS signature", - "-sign -in smcont.txt -outform PEM -nodetach" - . " -signer $smdir/smrsa1.pem -keyopt rsa_padding_mode:pss" - . " -out test.cms", - "-verify -in test.cms -inform PEM " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ - "signed content test streaming PEM format, RSA keys, PSS signature, no attributes", - "-sign -in smcont.txt -outform PEM -nodetach -noattr" - . " -signer $smdir/smrsa1.pem -keyopt rsa_padding_mode:pss" - . " -out test.cms", - "-verify -in test.cms -inform PEM " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ - "signed content test streaming PEM format, RSA keys, PSS signature, SHA384 MGF1", - "-sign -in smcont.txt -outform PEM -nodetach" - . " -signer $smdir/smrsa1.pem -keyopt rsa_padding_mode:pss" - . " -keyopt rsa_mgf1_md:sha384 -out test.cms", - "-verify -in test.cms -inform PEM " - . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt" - ], - - [ -"enveloped content test streaming S/MIME format, OAEP default parameters", - "-encrypt -in smcont.txt" - . " -stream -out test.cms" - . " -recip $smdir/smrsa1.pem -keyopt rsa_padding_mode:oaep", - "-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt" - ], - - [ -"enveloped content test streaming S/MIME format, OAEP SHA256", - "-encrypt -in smcont.txt" - . " -stream -out test.cms" - . " -recip $smdir/smrsa1.pem -keyopt rsa_padding_mode:oaep" - . " -keyopt rsa_oaep_md:sha256", - "-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt" - ], - - [ -"enveloped content test streaming S/MIME format, ECDH", - "-encrypt -in smcont.txt" - . " -stream -out test.cms" - . " -recip $smdir/smec1.pem", - "-decrypt -recip $smdir/smec1.pem -in test.cms -out smtst.txt" - ], - - [ -"enveloped content test streaming S/MIME format, ECDH, key identifier", - "-encrypt -keyid -in smcont.txt" - . " -stream -out test.cms" - . " -recip $smdir/smec1.pem", - "-decrypt -recip $smdir/smec1.pem -in test.cms -out smtst.txt" - ], - - [ -"enveloped content test streaming S/MIME format, ECDH, AES128, SHA256 KDF", - "-encrypt -in smcont.txt" - . " -stream -out test.cms" - . " -recip $smdir/smec1.pem -aes128 -keyopt ecdh_kdf_md:sha256", - "-decrypt -recip $smdir/smec1.pem -in test.cms -out smtst.txt" - ], - - [ -"enveloped content test streaming S/MIME format, ECDH, K-283, cofactor DH", - "-encrypt -in smcont.txt" - . " -stream -out test.cms" - . " -recip $smdir/smec2.pem -aes128" - . " -keyopt ecdh_kdf_md:sha256 -keyopt ecdh_cofactor_mode:1", - "-decrypt -recip $smdir/smec2.pem -in test.cms -out smtst.txt" - ], - - [ -"enveloped content test streaming S/MIME format, X9.42 DH", - "-encrypt -in smcont.txt" - . " -stream -out test.cms" - . " -recip $smdir/smdh.pem -aes128", - "-decrypt -recip $smdir/smdh.pem -in test.cms -out smtst.txt" - ] -); - -print "CMS => PKCS#7 compatibility tests\n"; - -run_smime_tests( \$badcmd, \@smime_pkcs7_tests, $cmscmd, $pk7cmd ); - -print "CMS <= PKCS#7 compatibility tests\n"; - -run_smime_tests( \$badcmd, \@smime_pkcs7_tests, $pk7cmd, $cmscmd ); - -print "CMS <=> CMS consistency tests\n"; - -run_smime_tests( \$badcmd, \@smime_pkcs7_tests, $cmscmd, $cmscmd ); -run_smime_tests( \$badcmd, \@smime_cms_tests, $cmscmd, $cmscmd ); - -print "CMS <=> CMS consistency tests, modified key parameters\n"; -run_smime_tests( \$badcmd, \@smime_cms_param_tests, $cmscmd, $cmscmd ); - -if ( `$ossl_path version -f` =~ /ZLIB/ ) { - run_smime_tests( \$badcmd, \@smime_cms_comp_tests, $cmscmd, $cmscmd ); -} -else { - print "Zlib not supported: compression tests skipped\n"; -} - -print "Running modified tests for OpenSSL 0.9.8 cms backport\n" if($ossl8); - -if ($badcmd) { - print "$badcmd TESTS FAILED!!\n"; -} -else { - print "ALL TESTS SUCCESSFUL.\n"; -} - -unlink "test.cms"; -unlink "test2.cms"; -unlink "smtst.txt"; -unlink "cms.out"; -unlink "cms.err"; - -sub run_smime_tests { - my ( $rv, $aref, $scmd, $vcmd ) = @_; - - foreach $smtst (@$aref) { - my ( $tnam, $rscmd, $rvcmd ) = @$smtst; - if ($ossl8) - { - # Skip smime resign: 0.9.8 smime doesn't support -resign - next if ($scmd =~ /smime/ && $rscmd =~ /-resign/); - # Disable streaming: option not supported in 0.9.8 - $tnam =~ s/streaming//; - $rscmd =~ s/-stream//; - $rvcmd =~ s/-stream//; - } - if ($no_ec && $tnam =~ /ECDH/) - { - print "$tnam: skipped, EC disabled\n"; - next; - } - if ($no_ecdh && $tnam =~ /ECDH/) - { - print "$tnam: skipped, ECDH disabled\n"; - next; - } - if ($no_ec2m && $tnam =~ /K-283/) - { - print "$tnam: skipped, EC2M disabled\n"; - next; - } - system("$scmd$rscmd$redir"); - if ($?) { - print "$tnam: generation error\n"; - $$rv++; - exit 1 if $halt_err; - next; - } - system("$vcmd$rvcmd$redir"); - if ($?) { - print "$tnam: verify error\n"; - $$rv++; - exit 1 if $halt_err; - next; - } - if (!cmp_files("smtst.txt", "smcont.txt")) { - print "$tnam: content verify error\n"; - $$rv++; - exit 1 if $halt_err; - next; - } - print "$tnam: OK\n"; - } -} - -sub cmp_files { - use FileHandle; - my ( $f1, $f2 ) = @_; - my $fp1 = FileHandle->new(); - my $fp2 = FileHandle->new(); - - my ( $rd1, $rd2 ); - - if ( !open( $fp1, "<$f1" ) ) { - print STDERR "Can't Open file $f1\n"; - return 0; - } - - if ( !open( $fp2, "<$f2" ) ) { - print STDERR "Can't Open file $f2\n"; - return 0; - } - - binmode $fp1; - binmode $fp2; - - my $ret = 0; - - for ( ; ; ) { - $n1 = sysread $fp1, $rd1, 4096; - $n2 = sysread $fp2, $rd2, 4096; - last if ( $n1 != $n2 ); - last if ( $rd1 ne $rd2 ); - - if ( $n1 == 0 ) { - $ret = 1; - last; - } - - } - - close $fp1; - close $fp2; - - return $ret; - -} - diff --git a/test/Attic/tcrl b/test/Attic/tcrl deleted file mode 100644 index 951c9dd..0000000 --- a/test/Attic/tcrl +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/sh - -cmd='../util/shlib_wrap.sh ../apps/openssl crl' - -if [ "$1"x != "x" ]; then - t=$1 -else - t=testcrl.pem -fi - -echo testing crl conversions -cp $t crl-fff.p - -echo "p -> d" -$cmd -in crl-fff.p -inform p -outform d >crl-f.d || exit 1 -echo "p -> p" -$cmd -in crl-fff.p -inform p -outform p >crl-f.p || exit 1 - -echo "d -> d" -$cmd -in crl-f.d -inform d -outform d >crl-ff.d1 || exit 1 -echo "p -> d" -$cmd -in crl-f.p -inform p -outform d >crl-ff.d3 || exit 1 - - -echo "d -> p" -$cmd -in crl-f.d -inform d -outform p >crl-ff.p1 || exit 1 -echo "p -> p" -$cmd -in crl-f.p -inform p -outform p >crl-ff.p3 || exit 1 - -cmp crl-fff.p crl-f.p || exit 1 -cmp crl-fff.p crl-ff.p1 || exit 1 -cmp crl-fff.p crl-ff.p3 || exit 1 -cmp crl-f.p crl-ff.p1 || exit 1 -cmp crl-f.p crl-ff.p3 || exit 1 - -/bin/rm -f crl-f.* crl-ff.* crl-fff.* -exit 0 diff --git a/test/Attic/tcrl.com b/test/Attic/tcrl.com deleted file mode 100644 index dd96a2b..0000000 --- a/test/Attic/tcrl.com +++ /dev/null @@ -1,88 +0,0 @@ -$! TCRL.COM -- Tests crl keys -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p2 .eqs. "64") then __arch = __arch+ "_64" -$! -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ -$ cmd = "mcr ''exe_dir'openssl crl" -$ -$ t = "testcrl.pem" -$ if p1 .nes. "" then t = p1 -$ -$ write sys$output "testing CRL conversions" -$ if f$search("fff.*") .nes "" then delete fff.*;* -$ if f$search("ff.*") .nes "" then delete ff.*;* -$ if f$search("f.*") .nes "" then delete f.*;* -$ convert/fdl=sys$input: 't' fff.p -RECORD - FORMAT STREAM_LF -$ -$ write sys$output "p -> d" -$ 'cmd' -in fff.p -inform p -outform d -out f.d -$ if $severity .ne. 1 then exit 3 -$! write sys$output "p -> t" -$! 'cmd' -in fff.p -inform p -outform t -out f.t -$! if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in fff.p -inform p -outform p -out f.p -$ if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> d" -$ 'cmd' -in f.d -inform d -outform d -out ff.d1 -$ if $severity .ne. 1 then exit 3 -$! write sys$output "t -> d" -$! 'cmd' -in f.t -inform t -outform d -out ff.d2 -$! if $severity .ne. 1 then exit 3 -$ write sys$output "p -> d" -$ 'cmd' -in f.p -inform p -outform d -out ff.d3 -$ if $severity .ne. 1 then exit 3 -$ -$! write sys$output "d -> t" -$! 'cmd' -in f.d -inform d -outform t -out ff.t1 -$! if $severity .ne. 1 then exit 3 -$! write sys$output "t -> t" -$! 'cmd' -in f.t -inform t -outform t -out ff.t2 -$! if $severity .ne. 1 then exit 3 -$! write sys$output "p -> t" -$! 'cmd' -in f.p -inform p -outform t -out ff.t3 -$! if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> p" -$ 'cmd' -in f.d -inform d -outform p -out ff.p1 -$ if $severity .ne. 1 then exit 3 -$! write sys$output "t -> p" -$! 'cmd' -in f.t -inform t -outform p -out ff.p2 -$! if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in f.p -inform p -outform p -out ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ backup/compare fff.p f.p -$ if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$! backup/compare fff.p ff.p2 -$! if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$! backup/compare f.t ff.t1 -$! if $severity .ne. 1 then exit 3 -$! backup/compare f.t ff.t2 -$! if $severity .ne. 1 then exit 3 -$! backup/compare f.t ff.t3 -$! if $severity .ne. 1 then exit 3 -$ -$ backup/compare f.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$! backup/compare f.p ff.p2 -$! if $severity .ne. 1 then exit 3 -$ backup/compare f.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ delete f.*;*,ff.*;*,fff.*;* diff --git a/test/Attic/testca b/test/Attic/testca deleted file mode 100644 index 452558b..0000000 --- a/test/Attic/testca +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/sh - -set -e - -PERL="$1" - -if test "$OSTYPE" = msdosdjgpp; then - PATH="../apps\;$PATH" -else - PATH="../apps:$PATH" -fi -export PATH - -export SSLEAY_CONFIG OPENSSL - -/bin/rm -fr demoCA - -SSLEAY_CONFIG="-config CAss.cnf" -OPENSSL="`pwd`/../util/opensslwrap.sh" - -$PERL ../apps/CA.pl -newca </dev/null - -SSLEAY_CONFIG="-config Uss.cnf" -$PERL ../apps/CA.pl -newreq - -SSLEAY_CONFIG="-config ../apps/openssl.cnf" -yes | $PERL ../apps/CA.pl -sign - -$PERL ../apps/CA.pl -verify newcert.pem - -/bin/rm -fr demoCA newcert.pem newreq.pem diff --git a/test/Attic/testca.com b/test/Attic/testca.com deleted file mode 100644 index 78cda9e..0000000 --- a/test/Attic/testca.com +++ /dev/null @@ -1,52 +0,0 @@ -$! TESTCA.COM -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p1 .eqs. "64") then __arch = __arch+ "_64" -$ -$ openssl = "mcr ''exe_dir'openssl" -$ -$ SSLEAY_CONFIG="-config ""CAss.cnf""" -$ -$ set noon -$ if f$search("demoCA.dir") .nes. "" -$ then -$ @[-.util]deltree [.demoCA]*.* -$ set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) demoCA.dir;* -$ delete demoCA.dir;* -$ endif -$ set on -$ open/read sys$ca_input VMSca-response.1 -$ @[-.apps]CA.com -input sys$ca_input -newca -$ close sys$ca_input -$ if $severity .ne. 1 then exit 3 -$ -$ -$ SSLEAY_CONFIG="-config ""Uss.cnf""" -$ @[-.apps]CA.com -newreq -$ if $severity .ne. 1 then exit 3 -$ -$ -$ SSLEAY_CONFIG="-config [-.apps]openssl-vms.cnf" -$ open/read sys$ca_input VMSca-response.2 -$ @[-.apps]CA.com -input sys$ca_input -sign -$ close sys$ca_input -$ if $severity .ne. 1 then exit 3 -$ -$ -$ @[-.apps]CA.com -verify newcert.pem -$ if $severity .ne. 1 then exit 3 -$ -$ set noon -$ @[-.util]deltree [.demoCA]*.* -$ set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) demoCA.dir;* -$ delete demoCA.dir;* -$ if f$search("newcert.pem") .nes. "" then delete newcert.pem;* -$ if f$search("newcert.pem") .nes. "" then delete newreq.pem;* -$ set on -$! #usage: CA -newcert|-newreq|-newca|-sign|-verify -$ -$ exit diff --git a/test/Attic/testenc b/test/Attic/testenc deleted file mode 100644 index 941a302..0000000 --- a/test/Attic/testenc +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/sh - -testsrc=testenc -test=./p - -cmd="../util/shlib_wrap.sh ../apps/openssl" - -cat $testsrc >$test; - -echo cat -$cmd enc < $test > $test.cipher -$cmd enc < $test.cipher >$test.clear -cmp $test $test.clear || exit 1 -/bin/rm $test.cipher $test.clear - -echo base64 -$cmd enc -a -e < $test > $test.cipher -$cmd enc -a -d < $test.cipher >$test.clear -cmp $test $test.clear || exit 1 -/bin/rm $test.cipher $test.clear - -for i in `$cmd list -cipher-commands` -do - echo $i - $cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher - $cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear - cmp $test $test.$i.clear || exit 1 - /bin/rm $test.$i.cipher $test.$i.clear - - echo $i base64 - $cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher - $cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear - cmp $test $test.$i.clear || exit 1 - /bin/rm $test.$i.cipher $test.$i.clear -done -rm -f $test diff --git a/test/Attic/testenc.com b/test/Attic/testenc.com deleted file mode 100644 index fcd6639..0000000 --- a/test/Attic/testenc.com +++ /dev/null @@ -1,66 +0,0 @@ -$! TESTENC.COM -- Test encoding and decoding -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p1 .eqs. 64) then __arch = __arch+ "_64" -$ -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ testsrc = "makefile." -$ test = "p.txt" -$ cmd = "mcr ''exe_dir'openssl" -$ -$ if f$search(test) .nes. "" then delete 'test';* -$ convert/fdl=sys$input: 'testsrc' 'test' -RECORD - FORMAT STREAM_LF -$ -$ if f$search(test+"-cipher") .nes. "" then delete 'test'-cipher;* -$ if f$search(test+"-clear") .nes. "" then delete 'test'-clear;* -$ -$ write sys$output "cat" -$ 'cmd' enc -in 'test' -out 'test'-cipher -$ 'cmd' enc -in 'test'-cipher -out 'test'-clear -$ backup/compare 'test' 'test'-clear -$ if $severity .ne. 1 then exit 3 -$ delete 'test'-cipher;*,'test'-clear;* -$ -$ write sys$output "base64" -$ 'cmd' enc -a -e -in 'test' -out 'test'-cipher -$ 'cmd' enc -a -d -in 'test'-cipher -out 'test'-clear -$ backup/compare 'test' 'test'-clear -$ if $severity .ne. 1 then exit 3 -$ delete 'test'-cipher;*,'test'-clear;* -$ -$ define/user sys$output 'test'-cipher-commands -$ 'cmd' list -cipher-commands -$ open/read f 'test'-cipher-commands -$ loop_cipher_commands: -$ read/end=loop_cipher_commands_end f i -$ write sys$output i -$ -$ if f$search(test+"-"+i+"-cipher") .nes. "" then - - delete 'test'-'i'-cipher;* -$ if f$search(test+"-"+i+"-clear") .nes. "" then - - delete 'test'-'i'-clear;* -$ -$ 'cmd' 'i' -bufsize 113 -e -k test -in 'test' -out 'test'-'i'-cipher -$ 'cmd' 'i' -bufsize 157 -d -k test -in 'test'-'i'-cipher -out 'test'-'i'-clear -$ backup/compare 'test' 'test'-'i'-clear -$ if $severity .ne. 1 then exit 3 -$ delete 'test'-'i'-cipher;*,'test'-'i'-clear;* -$ -$ write sys$output i," base64" -$ 'cmd' 'i' -bufsize 113 -a -e -k test -in 'test' -out 'test'-'i'-cipher -$ 'cmd' 'i' -bufsize 157 -a -d -k test -in 'test'-'i'-cipher -out 'test'-'i'-clear -$ backup/compare 'test' 'test'-'i'-clear -$ if $severity .ne. 1 then exit 3 -$ delete 'test'-'i'-cipher;*,'test'-'i'-clear;* -$ -$ goto loop_cipher_commands -$ loop_cipher_commands_end: -$ close f -$ delete 'test'-cipher-commands;* -$ delete 'test';* diff --git a/test/Attic/testgen b/test/Attic/testgen deleted file mode 100644 index 1140f8a..0000000 --- a/test/Attic/testgen +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/sh - -T=testcert -KEY=512 -CA=../certs/testca.pem - -/bin/rm -f $T.1 $T.2 $T.key - -if test "$OSTYPE" = msdosdjgpp; then - PATH=../apps\;$PATH; -else - PATH=../apps:$PATH; -fi -export PATH - -echo "generating certificate request" - -echo "string to make the random number generator think it has entropy" >> ./.rnd - -if ../util/shlib_wrap.sh ../apps/openssl no-rsa >/dev/null; then - req_new='-newkey dsa:../apps/dsa512.pem' -else - req_new='-new' - echo "There should be a 2 sequences of .'s and some +'s." - echo "There should not be more that at most 80 per line" -fi - -rm -f testkey.pem testreq.pem - -echo Generating request -../util/shlib_wrap.sh ../apps/openssl req -config test.cnf $req_new -out testreq.pem || exit 1 - -echo Verifying signature on request -../util/shlib_wrap.sh ../apps/openssl req -config test.cnf -verify -in testreq.pem -noout || exit 1 - -exit 0 diff --git a/test/Attic/testgen.com b/test/Attic/testgen.com deleted file mode 100644 index e076da2..0000000 --- a/test/Attic/testgen.com +++ /dev/null @@ -1,58 +0,0 @@ -$! TESTGEN.COM -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$ if (p1 .eqs. 64) then __arch = __arch+ "_64" -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ -$ T = "testcert" -$ KEY = 512 -$ CA = "[-.certs]testca.pem" -$ -$ set noon -$ if f$search(T+".1;*") .nes. "" then delete 'T'.1;* -$ if f$search(T+".2;*") .nes. "" then delete 'T'.2;* -$ if f$search(T+".key;*") .nes. "" then delete 'T'.key;* -$ set on -$ -$ write sys$output "generating certificate request" -$ -$ append/new nl: .rnd -$ open/append random_file .rnd -$ write random_file - - "string to make the random number generator think it has entropy" -$ close random_file -$ -$ set noon -$ define/user sys$output nla0: -$ mcr 'exe_dir'openssl no-rsa -$ save_severity=$SEVERITY -$ set on -$ if save_severity -$ then -$ req_new="-newkey dsa:[-.apps]dsa512.pem" -$ else -$ req_new="-new" -$ write sys$output - - "There should be a 2 sequences of .'s and some +'s." -$ write sys$output - - "There should not be more that at most 80 per line" -$ endif -$ -$ write sys$output "This could take some time." -$ -$ mcr 'exe_dir'openssl req -config test.cnf 'req_new' -out testreq.pem -$ if $severity .ne. 1 -$ then -$ write sys$output "problems creating request" -$ exit 3 -$ endif -$ -$ mcr 'exe_dir'openssl req -config test.cnf -verify -in testreq.pem -noout -$ if $severity .ne. 1 -$ then -$ write sys$output "signature on req is wrong" -$ exit 3 -$ endif diff --git a/test/Attic/testss b/test/Attic/testss deleted file mode 100644 index 45aedc8..0000000 --- a/test/Attic/testss +++ /dev/null @@ -1,143 +0,0 @@ -#!/bin/sh - -digest='-sha1' -reqcmd="../util/shlib_wrap.sh ../apps/openssl req" -x509cmd="../util/shlib_wrap.sh ../apps/openssl x509 $digest" -verifycmd="../util/shlib_wrap.sh ../apps/openssl verify" -dummycnf="../apps/openssl.cnf" - -CAkey="keyCA.ss" -CAcert="certCA.ss" -CAserial="certCA.srl" -CAreq="reqCA.ss" -CAconf="CAss.cnf" -CAreq2="req2CA.ss" # temp - -Uconf="Uss.cnf" -Ukey="keyU.ss" -Ureq="reqU.ss" -Ucert="certU.ss" - -Dkey="keyD.ss" -Dreq="reqD.ss" -Dcert="certD.ss" - -Ekey="keyE.ss" -Ereq="reqE.ss" -Ecert="certE.ss" - -P1conf="P1ss.cnf" -P1key="keyP1.ss" -P1req="reqP1.ss" -P1cert="certP1.ss" -P1intermediate="tmp_intP1.ss" - -P2conf="P2ss.cnf" -P2key="keyP2.ss" -P2req="reqP2.ss" -P2cert="certP2.ss" -P2intermediate="tmp_intP2.ss" - - -echo string to make the random number generator think it has entropy >> ./.rnd - -req_dsa='-newkey dsa:../apps/dsa1024.pem' - -if ../util/shlib_wrap.sh ../apps/openssl no-rsa >/dev/null; then - req_new=$req_dsa -else - req_new='-new' -fi - -echo make cert request -$reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new || exit 1 - -echo convert request into self-signed cert -$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey -extfile $CAconf -extensions v3_ca >err.ss || exit 1 - -echo convert cert into a cert request -$x509cmd -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >err.ss || exit 1 - -echo verify request 1 -$reqcmd -config $dummycnf -verify -in $CAreq -noout || exit 1 - -echo verify request 1 -$reqcmd -config $dummycnf -verify -in $CAreq2 -noout || exit 1 - -echo verify signature -$verifycmd -CAfile $CAcert $CAcert || exit 1 - -echo make a user cert request -$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new >err.ss || exit 1 - -echo sign user cert request -$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial -extfile $Uconf -extensions v3_ee >err.ss || exit 1 -$verifycmd -CAfile $CAcert $Ucert || exit 1 - -echo Certificate details -$x509cmd -subject -issuer -startdate -enddate -noout -in $Ucert || exit 1 - -if ../util/shlib_wrap.sh ../apps/openssl no-dsa >/dev/null; then - echo skipping DSA certificate creation -else - echo make a DSA user cert request - CN2="DSA Certificate" $reqcmd -config $Uconf -out $Dreq -keyout $Dkey $req_dsa >err.ss || exit 1 - - echo sign DSA user cert request - $x509cmd -CAcreateserial -in $Dreq -days 30 -req -out $Dcert -CA $CAcert -CAkey $CAkey -CAserial $CAserial -extfile $Uconf -extensions v3_ee_dsa >err.ss || exit 1 - $verifycmd -CAfile $CAcert $Dcert || exit 1 - - echo DSA Certificate details - $x509cmd -subject -issuer -startdate -enddate -noout -in $Dcert || exit 1 - -fi - -if ../util/shlib_wrap.sh ../apps/openssl no-ec >/dev/null; then - echo skipping ECDSA/ECDH certificate creation -else - echo make an ECDSA/ECDH user cert request - ../util/shlib_wrap.sh ../apps/openssl ecparam -name P-256 -out ecp.ss || exit 1 - CN2="ECDSA Certificate" $reqcmd -config $Uconf -out $Ereq -keyout $Ekey -newkey ec:ecp.ss >err.ss || exit 1 - - echo sign ECDSA/ECDH user cert request - $x509cmd -CAcreateserial -in $Ereq -days 30 -req -out $Ecert -CA $CAcert -CAkey $CAkey -CAserial $CAserial -extfile $Uconf -extensions v3_ee_ec >err.ss || exit 1 - $verifycmd -CAfile $CAcert $Ecert || exit 1 - - echo ECDSA Certificate details - $x509cmd -subject -issuer -startdate -enddate -noout -in $Ecert || exit 1 - -fi - -echo make a proxy cert request -$reqcmd -config $P1conf -out $P1req -keyout $P1key $req_new >err.ss || exit 1 - -echo sign proxy with user cert -$x509cmd -CAcreateserial -in $P1req -days 30 -req -out $P1cert -CA $Ucert -CAkey $Ukey -extfile $P1conf -extensions v3_proxy >err.ss || exit 1 - -cat $Ucert > $P1intermediate -$verifycmd -CAfile $CAcert -untrusted $P1intermediate $P1cert -echo Certificate details -$x509cmd -subject -issuer -startdate -enddate -noout -in $P1cert - -echo make another proxy cert request -$reqcmd -config $P2conf -out $P2req -keyout $P2key $req_new >err.ss || exit 1 - -echo sign second proxy cert request with the first proxy cert -$x509cmd -CAcreateserial -in $P2req -days 30 -req -out $P2cert -CA $P1cert -CAkey $P1key -extfile $P2conf -extensions v3_proxy >err.ss || exit 1 - -echo Certificate details -cat $Ucert $P1cert > $P2intermediate -$verifycmd -CAfile $CAcert -untrusted $P2intermediate $P2cert -$x509cmd -subject -issuer -startdate -enddate -noout -in $P2cert - -echo The generated CA certificate is $CAcert -echo The generated CA private key is $CAkey -echo The generated user certificate is $Ucert -echo The generated user private key is $Ukey -echo The first generated proxy certificate is $P1cert -echo The first generated proxy private key is $P1key -echo The second generated proxy certificate is $P2cert -echo The second generated proxy private key is $P2key - -/bin/rm err.ss -exit 0 diff --git a/test/Attic/testss.com b/test/Attic/testss.com deleted file mode 100644 index 32a74d0..0000000 --- a/test/Attic/testss.com +++ /dev/null @@ -1,123 +0,0 @@ -$! TESTSS.COM -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p1 .eqs. "64") then __arch = __arch+ "_64" -$! -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ -$ digest="-md5" -$ reqcmd = "mcr ''exe_dir'openssl req" -$ x509cmd = "mcr ''exe_dir'openssl x509 ''digest'" -$ verifycmd = "mcr ''exe_dir'openssl verify" -$ dummycnf = "sys$disk:[-.apps]openssl-vms.cnf" -$ -$ CAkey="""keyCA.ss""" -$ CAcert="""certCA.ss""" -$ CAreq="""reqCA.ss""" -$ CAconf="""CAss.cnf""" -$ CAreq2="""req2CA.ss""" ! temp -$ -$ Uconf="""Uss.cnf""" -$ Ukey="""keyU.ss""" -$ Ureq="""reqU.ss""" -$ Ucert="""certU.ss""" -$ -$ write sys$output "" -$ write sys$output "make a certificate request using 'req'" -$ -$ set noon -$ define/user sys$output nla0: -$ mcr 'exe_dir'openssl no-rsa -$ save_severity=$SEVERITY -$ set on -$ if save_severity -$ then -$ req_new="-newkey dsa:[-.apps]dsa512.pem" -$ else -$ req_new="-new" -$ endif -$ -$ 'reqcmd' -config 'CAconf' -out 'CAreq' -keyout 'CAkey' 'req_new' ! -out err.ss -$ if $severity .ne. 1 -$ then -$ write sys$output "error using 'req' to generate a certificate request" -$ exit 3 -$ endif -$ write sys$output "" -$ write sys$output "convert the certificate request into a self signed certificate using 'x509'" -$ define /user sys$output err.ss -$ 'x509cmd' "-CAcreateserial" -in 'CAreq' -days 30 -req -out 'CAcert' -signkey 'CAkey' -$ if $severity .ne. 1 -$ then -$ write sys$output "error using 'x509' to self sign a certificate request" -$ exit 3 -$ endif -$ -$ write sys$output "" -$ write sys$output "convert a certificate into a certificate request using 'x509'" -$ define /user sys$output err.ss -$ 'x509cmd' -in 'CAcert' -x509toreq -signkey 'CAkey' -out 'CAreq2' -$ if $severity .ne. 1 -$ then -$ write sys$output "error using 'x509' convert a certificate to a certificate request" -$ exit 3 -$ endif -$ -$ 'reqcmd' -config 'dummycnf' -verify -in 'CAreq' -noout -$ if $severity .ne. 1 -$ then -$ write sys$output "first generated request is invalid" -$ exit 3 -$ endif -$ -$ 'reqcmd' -config 'dummycnf' -verify -in 'CAreq2' -noout -$ if $severity .ne. 1 -$ then -$ write sys$output "second generated request is invalid" -$ exit 3 -$ endif -$ -$ 'verifycmd' "-CAfile" 'CAcert' 'CAcert' -$ if $severity .ne. 1 -$ then -$ write sys$output "first generated cert is invalid" -$ exit 3 -$ endif -$ -$ write sys$output "" -$ write sys$output "make another certificate request using 'req'" -$ define /user sys$output err.ss -$ 'reqcmd' -config 'Uconf' -out 'Ureq' -keyout 'Ukey' 'req_new' -$ if $severity .ne. 1 -$ then -$ write sys$output "error using 'req' to generate a certificate request" -$ exit 3 -$ endif -$ -$ write sys$output "" -$ write sys$output "sign certificate request with the just created CA via 'x509'" -$ define /user sys$output err.ss -$ 'x509cmd' "-CAcreateserial" -in 'Ureq' -days 30 -req -out 'Ucert' "-CA" 'CAcert' "-CAkey" 'CAkey' -$ if $severity .ne. 1 -$ then -$ write sys$output "error using 'x509' to sign a certificate request" -$ exit 3 -$ endif -$ -$ 'verifycmd' "-CAfile" 'CAcert' 'Ucert' -$ write sys$output "" -$ write sys$output "Certificate details" -$ 'x509cmd' -subject -issuer -startdate -enddate -noout -in 'Ucert' -$ -$ write sys$output "" -$ write sys$output "The generated CA certificate is ",CAcert -$ write sys$output "The generated CA private key is ",CAkey -$ -$ write sys$output "The generated user certificate is ",Ucert -$ write sys$output "The generated user private key is ",Ukey -$ -$ if f$search("err.ss;*") .nes. "" then delete err.ss;* diff --git a/test/Attic/testssl b/test/Attic/testssl deleted file mode 100644 index d41a4bd..0000000 --- a/test/Attic/testssl +++ /dev/null @@ -1,266 +0,0 @@ -#!/bin/sh - -if [ "$1" = "" ]; then - key=../apps/server.pem -else - key="$1" -fi -if [ "$2" = "" ]; then - cert=../apps/server.pem -else - cert="$2" -fi -ssltest="../util/shlib_wrap.sh ./ssltest -s_key $key -s_cert $cert -c_key $key -c_cert $cert" - -if ../util/shlib_wrap.sh ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then - dsa_cert=YES -else - dsa_cert=NO -fi - -if [ "$3" = "" ]; then - CA="-CApath ../certs" -else - CA="-CAfile $3" -fi - -if [ "$4" = "" ]; then - extra="" -else - extra="$4" -fi - -serverinfo="./serverinfo.pem" - -############################################################################# - -echo test sslv3 -$ssltest -ssl3 $extra || exit 1 - -echo test sslv3 with server authentication -$ssltest -ssl3 -server_auth $CA $extra || exit 1 - -echo test sslv3 with client authentication -$ssltest -ssl3 -client_auth $CA $extra || exit 1 - -echo test sslv3 with both client and server authentication -$ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1 - -echo test sslv2/sslv3 -$ssltest $extra || exit 1 - -echo test sslv2/sslv3 with server authentication -$ssltest -server_auth $CA $extra || exit 1 - -echo test sslv2/sslv3 with client authentication -$ssltest -client_auth $CA $extra || exit 1 - -echo test sslv2/sslv3 with both client and server authentication -$ssltest -server_auth -client_auth $CA $extra || exit 1 - -echo test sslv3 via BIO pair -$ssltest -bio_pair -ssl3 $extra || exit 1 - -echo test sslv3 with server authentication via BIO pair -$ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1 - -echo test sslv3 with client authentication via BIO pair -$ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1 - -echo test sslv3 with both client and server authentication via BIO pair -$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1 - -echo test sslv2/sslv3 via BIO pair -$ssltest $extra || exit 1 - -echo test dtlsv1 -$ssltest -dtls1 $extra || exit 1 - -echo test dtlsv1 with server authentication -$ssltest -dtls1 -server_auth $CA $extra || exit 1 - -echo test dtlsv1 with client authentication -$ssltest -dtls1 -client_auth $CA $extra || exit 1 - -echo test dtlsv1 with both client and server authentication -$ssltest -dtls1 -server_auth -client_auth $CA $extra || exit 1 - -echo test dtlsv1.2 -$ssltest -dtls12 $extra || exit 1 - -echo test dtlsv1.2 with server authentication -$ssltest -dtls12 -server_auth $CA $extra || exit 1 - -echo test dtlsv1.2 with client authentication -$ssltest -dtls12 -client_auth $CA $extra || exit 1 - -echo test dtlsv1.2 with both client and server authentication -$ssltest -dtls12 -server_auth -client_auth $CA $extra || exit 1 - -if [ $dsa_cert = NO ]; then - echo 'test sslv2/sslv3 w/o (EC)DHE via BIO pair' - $ssltest -bio_pair -no_dhe -no_ecdhe $extra || exit 1 -fi - -echo test sslv2/sslv3 with 1024bit DHE via BIO pair -$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1 - -echo test sslv2/sslv3 with server authentication -$ssltest -bio_pair -server_auth $CA $extra || exit 1 - -echo test sslv2/sslv3 with client authentication via BIO pair -$ssltest -bio_pair -client_auth $CA $extra || exit 1 - -echo test sslv2/sslv3 with both client and server authentication via BIO pair -$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1 - -echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify -$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1 - -test_cipher() { - _cipher=$1 - echo "Testing $_cipher" - prot="" - if [ $2 = "SSLv3" ] ; then - prot="-ssl3" - fi - _exarg=$3 - $ssltest $_exarg -cipher $_cipher $prot - if [ $? -ne 0 ] ; then - echo "Failed $_cipher" - exit 1 - fi -} - -echo "Testing ciphersuites" -exkeys="" -ciphers="-EXP:-PSK:-SRP:-kDH:-kECDHe" -if ../util/shlib_wrap.sh ../apps/openssl no-dhparam >/dev/null; then - echo "skipping DHE tests" - ciphers="$ciphers:-kDHE" -fi -if ../util/shlib_wrap.sh ../apps/openssl no-dsa >/dev/null; then - echo "skipping DSA tests" - ciphers="$ciphers:-aDSA" -else - exkeys="$exkeys -s_cert certD.ss -s_key keyD.ss" -fi - -if ../util/shlib_wrap.sh ../apps/openssl no-ec >/dev/null; then - echo "skipping EC tests" - ciphers="$ciphers:!aECDSA:!kECDH" -else - exkeys="$exkeys -s_cert certE.ss -s_key keyE.ss" -fi - -for protocol in TLSv1.2 SSLv3; do - echo "Testing ciphersuites for $protocol" - for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "$protocol:$ciphers" | tr ':' ' '`; do - test_cipher $cipher $protocol "$exkeys" - done - echo "testing connection with weak DH, expecting failure" - if [ $protocol = "SSLv3" ] ; then - $ssltest -s_cipher "EDH" -c_cipher "EDH:@SECLEVEL=1" -dhe512 -ssl3 - else - $ssltest -s_cipher "EDH" -c_cipher "EDH:@SECLEVEL=1" -dhe512 - fi - if [ $? -eq 0 ]; then - echo "FAIL: connection with weak DH succeeded" - exit 1 - fi -done - -############################################################################# - -if ../util/shlib_wrap.sh ../apps/openssl no-dhparam; then - echo skipping anonymous DH tests -else - echo test tls1 with 1024bit anonymous DH, multiple handshakes - $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1 -fi - -if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then - echo skipping RSA tests -else - echo 'test tls1 with 1024bit RSA, no (EC)DHE, multiple handshakes' - ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -s_cert ../apps/server2.pem -no_dhe -no_ecdhe -num 10 -f -time $extra || exit 1 - - if ../util/shlib_wrap.sh ../apps/openssl no-dhparam; then - echo skipping RSA+DHE tests - else - echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes - ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -s_cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1 - fi -fi - -echo test tls1 with PSK -$ssltest -tls1 -cipher PSK -psk abc123 $extra || exit 1 - -echo test tls1 with PSK via BIO pair -$ssltest -bio_pair -tls1 -cipher PSK -psk abc123 $extra || exit 1 - -############################################################################# -# Next Protocol Negotiation Tests - -$ssltest -bio_pair -tls1 -npn_client || exit 1 -$ssltest -bio_pair -tls1 -npn_server || exit 1 -$ssltest -bio_pair -tls1 -npn_server_reject || exit 1 -$ssltest -bio_pair -tls1 -npn_client -npn_server_reject || exit 1 -$ssltest -bio_pair -tls1 -npn_client -npn_server || exit 1 -$ssltest -bio_pair -tls1 -npn_client -npn_server -num 2 || exit 1 -$ssltest -bio_pair -tls1 -npn_client -npn_server -num 2 -reuse || exit 1 - -############################################################################# -# Custom Extension tests - -echo test tls1 with custom extensions -$ssltest -bio_pair -tls1 -custom_ext || exit 1 - -############################################################################# -# Serverinfo tests - -echo test tls1 with serverinfo -$ssltest -bio_pair -tls1 -serverinfo_file $serverinfo || exit 1 -$ssltest -bio_pair -tls1 -serverinfo_file $serverinfo -serverinfo_sct || exit 1 -$ssltest -bio_pair -tls1 -serverinfo_file $serverinfo -serverinfo_tack || exit 1 -$ssltest -bio_pair -tls1 -serverinfo_file $serverinfo -serverinfo_sct -serverinfo_tack || exit 1 -$ssltest -bio_pair -tls1 -custom_ext -serverinfo_file $serverinfo -serverinfo_sct -serverinfo_tack || exit 1 - - -############################################################################# -# ALPN tests - -$ssltest -bio_pair -tls1 -alpn_client foo -alpn_server bar || exit 1 -$ssltest -bio_pair -tls1 -alpn_client foo -alpn_server foo -alpn_expected foo || exit 1 -$ssltest -bio_pair -tls1 -alpn_client foo,bar -alpn_server foo -alpn_expected foo || exit 1 -$ssltest -bio_pair -tls1 -alpn_client bar,foo -alpn_server foo -alpn_expected foo || exit 1 -$ssltest -bio_pair -tls1 -alpn_client bar,foo -alpn_server foo,bar -alpn_expected foo || exit 1 -$ssltest -bio_pair -tls1 -alpn_client bar,foo -alpn_server bar,foo -alpn_expected bar || exit 1 -$ssltest -bio_pair -tls1 -alpn_client foo,bar -alpn_server bar,foo -alpn_expected bar || exit 1 -$ssltest -bio_pair -tls1 -alpn_client baz -alpn_server bar,foo || exit 1 - -if ../util/shlib_wrap.sh ../apps/openssl no-srp; then - echo skipping SRP tests -else - echo test tls1 with SRP - $ssltest -tls1 -cipher SRP -srpuser test -srppass abc123 || exit 1 - - echo test tls1 with SRP via BIO pair - $ssltest -bio_pair -tls1 -cipher SRP -srpuser test -srppass abc123 || exit 1 - - echo test tls1 with SRP auth - $ssltest -tls1 -cipher aSRP -srpuser test -srppass abc123 || exit 1 - - echo test tls1 with SRP auth via BIO pair - $ssltest -bio_pair -tls1 -cipher aSRP -srpuser test -srppass abc123 || exit 1 -fi - -############################################################################# -# Multi-buffer tests - -if [ -z "$extra" -a `uname -m` = "x86_64" ]; then - $ssltest -cipher AES128-SHA -bytes 8m || exit 1 - $ssltest -cipher AES128-SHA256 -bytes 8m || exit 1 -fi - -exit 0 diff --git a/test/Attic/testssl.com b/test/Attic/testssl.com deleted file mode 100644 index 6f9b233..0000000 --- a/test/Attic/testssl.com +++ /dev/null @@ -1,170 +0,0 @@ -$! TESTSSL.COM -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p4 .eqs. "64") then __arch = __arch+ "_64" -$! -$ texe_dir = "sys$disk:[-.''__arch'.exe.test]" -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ -$ if p1 .eqs. "" -$ then -$ key="[-.apps]server.pem" -$ else -$ key=p1 -$ endif -$ if p2 .eqs. "" -$ then -$ cert="[-.apps]server.pem" -$ else -$ cert=p2 -$ endif -$ ssltest = "mcr ''texe_dir'ssltest -key ''key'"+ - - " -cert ''cert' -c_key ''key' -c_cert ''cert'" -$! -$ set noon -$ define/user sys$output testssl-x509-output. -$ define/user sys$error nla0: -$ mcr 'exe_dir'openssl x509 -in 'cert' -text -noout -$ define/user sys$error nla0: -$ search/output=nla0: testssl-x509-output. "DSA Public Key"/exact -$ if $severity .eq. 1 -$ then -$ dsa_cert = "YES" -$ else -$ dsa_cert = "NO" -$ endif -$ delete testssl-x509-output.;* -$ -$ if p3 .eqs. "" -$ then -$ copy/concatenate [-.certs]*.pem certs.tmp -$ CA = """-CAfile"" certs.tmp" -$ else -$ CA = """-CAfile"" "+p3 -$ endif -$ -$!########################################################################### -$ -$ write sys$output "test sslv3" -$ 'ssltest' -ssl3 -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv3 with server authentication" -$ 'ssltest' -ssl3 -server_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv3 with client authentication" -$ 'ssltest' -ssl3 -client_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv3 with both client and server authentication" -$ 'ssltest' -ssl3 -server_auth -client_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv2/sslv3" -$ 'ssltest' -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv2/sslv3 with server authentication" -$ 'ssltest' -server_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv2/sslv3 with client authentication" -$ 'ssltest' -client_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv2/sslv3 with both client and server authentication" -$ 'ssltest' -server_auth -client_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv3 via BIO pair" -$ 'ssltest' -bio_pair -ssl3 -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv3 with server authentication via BIO pair" -$ 'ssltest' -bio_pair -ssl3 -server_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv3 with client authentication via BIO pair" -$ 'ssltest' -bio_pair -ssl3 -client_auth 'CA' -$ if $severity .ne. 1 then goto exit3 - -$ write sys$output "test sslv3 with both client and server authentication via BIO pair" -$ 'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv2/sslv3 via BIO pair" -$ 'ssltest' -$ if $severity .ne. 1 then goto exit3 -$ -$ if .not. dsa_cert -$ then -$ write sys$output "test sslv2/sslv3 w/o DHE via BIO pair" -$ 'ssltest' -bio_pair -no_dhe -$ if $severity .ne. 1 then goto exit3 -$ endif -$ -$ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair" -$ 'ssltest' -bio_pair -dhe1024dsa -v -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv2/sslv3 with server authentication" -$ 'ssltest' -bio_pair -server_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv2/sslv3 with client authentication via BIO pair" -$ 'ssltest' -bio_pair -client_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$ write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair" -$ 'ssltest' -bio_pair -server_auth -client_auth 'CA' -$ if $severity .ne. 1 then goto exit3 -$ -$!########################################################################### -$ -$ define/user sys$output nla0: -$ mcr 'exe_dir'openssl no-rsa -$ no_rsa=$SEVERITY -$ define/user sys$output nla0: -$ mcr 'exe_dir'openssl no-dhparam -$ no_dh=$SEVERITY -$ -$ if no_dh -$ then -$ write sys$output "skipping anonymous DH tests" -$ else -$ write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes" -$ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time -$ if $severity .ne. 1 then goto exit3 -$ endif -$ -$ if no_rsa -$ then -$ write sys$output "skipping RSA tests" -$ else -$ write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes" -$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time -$ if $severity .ne. 1 then goto exit3 -$ -$ if no_dh -$ then -$ write sys$output "skipping RSA+DHE tests" -$ else -$ write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes" -$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time -$ if $severity .ne. 1 then goto exit3 -$ endif -$ endif -$ -$ RET = 1 -$ goto exit -$ exit3: -$ RET = 3 -$ exit: -$ if p3 .eqs. "" then delete certs.tmp;* -$ set on -$ exit 'RET' diff --git a/test/Attic/testsslproxy b/test/Attic/testsslproxy deleted file mode 100644 index 58bbda8..0000000 --- a/test/Attic/testsslproxy +++ /dev/null @@ -1,10 +0,0 @@ -#! /bin/sh - -echo 'Testing a lot of proxy conditions.' -echo 'Some of them may turn out being invalid, which is fine.' -for auth in A B C BC; do - for cond in A B C 'A|B&!C'; do - sh ./testssl $1 $2 $3 "-proxy -proxy_auth $auth -proxy_cond $cond" - if [ $? = 3 ]; then exit 1; fi - done -done diff --git a/test/Attic/testtsa b/test/Attic/testtsa deleted file mode 100644 index fc68ff9..0000000 --- a/test/Attic/testtsa +++ /dev/null @@ -1,147 +0,0 @@ -#!/bin/sh - -# -# A few very basic tests for the 'ts' time stamping authority command. -# - -SH="/bin/sh" -if test "$OSTYPE" = msdosdjgpp; then - PATH="../apps\;$PATH" -else - PATH="../apps:$PATH" -fi -export SH PATH - -OPENSSL_CONF="../CAtsa.cnf" -export OPENSSL_CONF -# Because that's what ../apps/CA.pl really looks at -SSLEAY_CONFIG="-config $OPENSSL_CONF" -export SSLEAY_CONFIG - -OPENSSL="`pwd`/../util/opensslwrap.sh" -export OPENSSL - -RUN () { - ../../util/shlib_wrap.sh ../../apps/openssl ts $* -} - -create_tsa_cert () { - INDEX=$1 - export INDEX - EXT=$2 - TSDNSECT=ts_cert_dn - export TSDNSECT - - ../../util/shlib_wrap.sh ../../apps/openssl req -new \ - -out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem || exit 1 - echo using extension $EXT - ../../util/shlib_wrap.sh ../../apps/openssl x509 -req \ - -in tsa_req${INDEX}.pem -out tsa_cert${INDEX}.pem \ - -CA tsaca.pem -CAkey tsacakey.pem -CAcreateserial \ - -extfile $OPENSSL_CONF -extensions $EXT || exit 1 -} - -create_time_stamp_response () { - RUN -reply -section $3 -queryfile $1 -out $2 || exit 1 -} - -verify_time_stamp_response () { - RUN -verify -queryfile $1 -in $2 -CAfile tsaca.pem \ - -untrusted tsa_cert1.pem || exit 1 - RUN -verify -data $3 -in $2 -CAfile tsaca.pem \ - -untrusted tsa_cert1.pem || exit 1 -} - -verify_time_stamp_response_fail () { - RUN -verify -queryfile $1 -in $2 -CAfile tsaca.pem \ - -untrusted tsa_cert1.pem && exit 1 - echo ok -} - -# main functions - -echo setting up TSA test directory -rm -rf tsa 2>/dev/null -mkdir tsa -cd ./tsa - -echo creating a new CA for the TSA tests -TSDNSECT=ts_ca_dn -export TSDNSECT -../../util/shlib_wrap.sh ../../apps/openssl req -new -x509 -nodes \ - -out tsaca.pem -keyout tsacakey.pem || exit 1 - -echo creating tsa_cert1.pem TSA server cert -create_tsa_cert 1 tsa_cert - -echo creating tsa_cert2.pem non-TSA server cert -create_tsa_cert 2 non_tsa_cert - -echo creating req1.req time stamp request for file testtsa -RUN -query -data ../testtsa -policy tsa_policy1 -cert -out req1.tsq || exit 1 - -echo printing req1.req -RUN -query -in req1.tsq -text - -echo generating valid response for req1.req -create_time_stamp_response req1.tsq resp1.tsr tsa_config1 - -echo printing response -RUN -reply -in resp1.tsr -text || exit 1 - -echo verifying valid response -verify_time_stamp_response req1.tsq resp1.tsr ../testtsa - -echo verifying valid token -RUN -reply -in resp1.tsr -out resp1.tsr.token -token_out || exit 1 -RUN -verify -queryfile req1.tsq -in resp1.tsr.token -token_in \ - -CAfile tsaca.pem -untrusted tsa_cert1.pem || exit 1 -RUN -verify -data ../testtsa -in resp1.tsr.token -token_in \ - -CAfile tsaca.pem -untrusted tsa_cert1.pem || exit 1 - -echo creating req2.req time stamp request for file testtsa -RUN -query -data ../testtsa -policy tsa_policy2 -no_nonce \ - -out req2.tsq || exit 1 - -echo printing req2.req -RUN -query -in req2.tsq -text - -echo generating valid response for req2.req -create_time_stamp_response req2.tsq resp2.tsr tsa_config1 - -echo checking -token_in and -token_out options with -reply -RESPONSE2=resp2.tsr.copy.tsr -TOKEN_DER=resp2.tsr.token.der -RUN -reply -in resp2.tsr -out $TOKEN_DER -token_out || exit 1 -RUN -reply -in $TOKEN_DER -token_in -out $RESPONSE2 || exit 1 -cmp $RESPONSE2 resp2.tsr || exit 1 -RUN -reply -in resp2.tsr -text -token_out || exit 1 -RUN -reply -in $TOKEN_DER -token_in -text -token_out || exit 1 -RUN -reply -queryfile req2.tsq -text -token_out || exit 1 - -echo printing response -RUN -reply -in resp2.tsr -text || exit 1 - -echo verifying valid response -verify_time_stamp_response req2.tsq resp2.tsr ../testtsa - -echo verifying response against wrong request, it should fail -verify_time_stamp_response_fail req1.tsq resp2.tsr - -echo verifying response against wrong request, it should fail -verify_time_stamp_response_fail req2.tsq resp1.tsr - -echo creating req3.req time stamp request for file CAtsa.cnf -RUN -query -data ../CAtsa.cnf -no_nonce -out req3.tsq || exit 1 - -echo printing req3.req -RUN -query -in req3.tsq -text - -echo verifying response against wrong request, it should fail -verify_time_stamp_response_fail req3.tsq resp1.tsr - -echo cleaning up -cd .. -rm -rf tsa - -exit 0 diff --git a/test/Attic/testtsa.com b/test/Attic/testtsa.com deleted file mode 100644 index 8503633..0000000 --- a/test/Attic/testtsa.com +++ /dev/null @@ -1,255 +0,0 @@ -$! -$! A few very basic tests for the 'ts' time stamping authority command. -$! -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p4 .eqs. "64") then __arch = __arch+ "_64" -$! -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ -$ openssl = "mcr ''f$parse(exe_dir+"openssl.exe")'" -$ OPENSSL_CONF = "[-]CAtsa.cnf" -$ ! Because that's what ../apps/CA.pl really looks at -$ SSLEAY_CONFIG = "-config " + OPENSSL_CONF -$ -$ error: -$ subroutine -$ write sys$error "TSA test failed!" -$ exit 3 -$ endsubroutine -$ -$ setup_dir: -$ subroutine -$ -$ if f$search("tsa.dir") .nes "" -$ then -$ @[-.util]deltree [.tsa]*.* -$ set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) tsa.dir;* -$ delete tsa.dir;* -$ endif -$ -$ create/dir [.tsa] -$ set default [.tsa] -$ endsubroutine -$ -$ clean_up_dir: -$ subroutine -$ -$ set default [-] -$ @[-.util]deltree [.tsa]*.* -$ set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) tsa.dir;* -$ delete tsa.dir;* -$ endsubroutine -$ -$ create_ca: -$ subroutine -$ -$ write sys$output "Creating a new CA for the TSA tests..." -$ TSDNSECT = "ts_ca_dn" -$ openssl req -new -x509 -nodes - - -out tsaca.pem -keyout tsacakey.pem -$ if $severity .ne. 1 then call error -$ endsubroutine -$ -$ create_tsa_cert: -$ subroutine -$ -$ INDEX=p1 -$ EXT=p2 -$ TSDNSECT = "ts_cert_dn" -$ -$ openssl req -new - - -out tsa_req'INDEX'.pem -keyout tsa_key'INDEX'.pem -$ if $severity .ne. 1 then call error -$ -$ write sys$output "Using extension ''EXT'" -$ openssl x509 -req - - -in tsa_req'INDEX'.pem -out tsa_cert'INDEX'.pem - - "-CA" tsaca.pem "-CAkey" tsacakey.pem "-CAcreateserial" - - -extfile 'OPENSSL_CONF' -extensions "''EXT'" -$ if $severity .ne. 1 then call error -$ endsubroutine -$ -$ print_request: -$ subroutine -$ -$ openssl ts -query -in 'p1' -text -$ endsubroutine -$ -$ create_time_stamp_request1: subroutine -$ -$ openssl ts -query -data [-]testtsa.com -policy tsa_policy1 - - -cert -out req1.tsq -$ if $severity .ne. 1 then call error -$ endsubroutine -$ -$ create_time_stamp_request2: subroutine -$ -$ openssl ts -query -data [-]testtsa.com -policy tsa_policy2 - - -no_nonce -out req2.tsq -$ if $severity .ne. 1 then call error -$ endsubroutine -$ -$ create_time_stamp_request3: subroutine -$ -$ openssl ts -query -data [-]CAtsa.cnf -no_nonce -out req3.tsq -$ if $severity .ne. 1 then call error -$ endsubroutine -$ -$ print_response: -$ subroutine -$ -$ openssl ts -reply -in 'p1' -text -$ if $severity .ne. 1 then call error -$ endsubroutine -$ -$ create_time_stamp_response: -$ subroutine -$ -$ openssl ts -reply -section 'p3' -queryfile 'p1' -out 'p2' -$ if $severity .ne. 1 then call error -$ endsubroutine -$ -$ time_stamp_response_token_test: -$ subroutine -$ -$ RESPONSE2 = p2+ "-copy_tsr" -$ TOKEN_DER = p2+ "-token_der" -$ openssl ts -reply -in 'p2' -out 'TOKEN_DER' -token_out -$ if $severity .ne. 1 then call error -$ openssl ts -reply -in 'TOKEN_DER' -token_in -out 'RESPONSE2' -$ if $severity .ne. 1 then call error -$ backup/compare 'RESPONSE2' 'p2' -$ if $severity .ne. 1 then call error -$ openssl ts -reply -in 'p2' -text -token_out -$ if $severity .ne. 1 then call error -$ openssl ts -reply -in 'TOKEN_DER' -token_in -text -token_out -$ if $severity .ne. 1 then call error -$ openssl ts -reply -queryfile 'p1' -text -token_out -$ if $severity .ne. 1 then call error -$ endsubroutine -$ -$ verify_time_stamp_response: -$ subroutine -$ -$ openssl ts -verify -queryfile 'p1' -in 'p2' - - "-CAfile" tsaca.pem -untrusted tsa_cert1.pem -$ if $severity .ne. 1 then call error -$ openssl ts -verify -data 'p3' -in 'p2' - - "-CAfile" tsaca.pem -untrusted tsa_cert1.pem -$ if $severity .ne. 1 then call error -$ endsubroutine -$ -$ verify_time_stamp_token: -$ subroutine -$ -$ ! create the token from the response first -$ openssl ts -reply -in "''p2'" -out "''p2'-token" -token_out -$ if $severity .ne. 1 then call error -$ openssl ts -verify -queryfile "''p1'" -in "''p2'-token" - - -token_in "-CAfile" tsaca.pem -untrusted tsa_cert1.pem -$ if $severity .ne. 1 then call error -$ openssl ts -verify -data "''p3'" -in "''p2'-token" - - -token_in "-CAfile" tsaca.pem -untrusted tsa_cert1.pem -$ if $severity .ne. 1 then call error -$ endsubroutine -$ -$ verify_time_stamp_response_fail: -$ subroutine -$ -$ openssl ts -verify -queryfile 'p1' -in 'p2' - - "-CAfile" tsaca.pem -untrusted tsa_cert1.pem -$ ! Checks if the verification failed, as it should have. -$ if $severity .eq. 1 then call error -$ write sys$output "Ok" -$ endsubroutine -$ -$ ! Main body ---------------------------------------------------------- -$ -$ set noon -$ -$ write sys$output "Setting up TSA test directory..." -$ call setup_dir -$ -$ write sys$output "Creating CA for TSA tests..." -$ call create_ca -$ -$ write sys$output "Creating tsa_cert1.pem TSA server cert..." -$ call create_tsa_cert 1 "tsa_cert" -$ -$ write sys$output "Creating tsa_cert2.pem non-TSA server cert..." -$ call create_tsa_cert 2 "non_tsa_cert" -$ -$ write sys$output "Creating req1.req time stamp request for file testtsa..." -$ call create_time_stamp_request1 -$ -$ write sys$output "Printing req1.req..." -$ call print_request "req1.tsq" -$ -$ write sys$output "Generating valid response for req1.req..." -$ call create_time_stamp_response "req1.tsq" "resp1.tsr" "tsa_config1" -$ -$ write sys$output "Printing response..." -$ call print_response "resp1.tsr" -$ -$ write sys$output "Verifying valid response..." -$ call verify_time_stamp_response "req1.tsq" "resp1.tsr" "[-]testtsa.com" -$ -$ write sys$output "Verifying valid token..." -$ call verify_time_stamp_token "req1.tsq" "resp1.tsr" "[-]testtsa.com" -$ -$ ! The tests below are commented out, because invalid signer certificates -$ ! can no longer be specified in the config file. -$ -$ ! write sys$output "Generating _invalid_ response for req1.req..." -$ ! call create_time_stamp_response "req1.tsq" "resp1_bad.tsr" "tsa_config2" -$ -$ ! write sys$output "Printing response..." -$ ! call print_response "resp1_bad.tsr" -$ -$ ! write sys$output "Verifying invalid response, it should fail..." -$ ! call verify_time_stamp_response_fail "req1.tsq" "resp1_bad.tsr" -$ -$ write sys$output "Creating req2.req time stamp request for file testtsa..." -$ call create_time_stamp_request2 -$ -$ write sys$output "Printing req2.req..." -$ call print_request "req2.tsq" -$ -$ write sys$output "Generating valid response for req2.req..." -$ call create_time_stamp_response "req2.tsq" "resp2.tsr" "tsa_config1" -$ -$ write sys$output "Checking '-token_in' and '-token_out' options with '-reply'..." -$ call time_stamp_response_token_test "req2.tsq" "resp2.tsr" -$ -$ write sys$output "Printing response..." -$ call print_response "resp2.tsr" -$ -$ write sys$output "Verifying valid response..." -$ call verify_time_stamp_response "req2.tsq" "resp2.tsr" "[-]testtsa.com" -$ -$ write sys$output "Verifying response against wrong request, it should fail..." -$ call verify_time_stamp_response_fail "req1.tsq" "resp2.tsr" -$ -$ write sys$output "Verifying response against wrong request, it should fail..." -$ call verify_time_stamp_response_fail "req2.tsq" "resp1.tsr" -$ -$ write sys$output "Creating req3.req time stamp request for file CAtsa.cnf..." -$ call create_time_stamp_request3 -$ -$ write sys$output "Printing req3.req..." -$ call print_request "req3.tsq" -$ -$ write sys$output "Verifying response against wrong request, it should fail..." -$ call verify_time_stamp_response_fail "req3.tsq" "resp1.tsr" -$ -$ write sys$output "Cleaning up..." -$ call clean_up_dir -$ -$ set on -$ -$ exit diff --git a/test/Attic/tkey b/test/Attic/tkey deleted file mode 100644 index 47ac1be..0000000 --- a/test/Attic/tkey +++ /dev/null @@ -1,73 +0,0 @@ -#!/bin/sh - -t=$1 -ktype=$2 -ptype=$3 - -if ../util/shlib_wrap.sh ../apps/openssl no-$ktype; then - echo skipping $ktype $ptype conversion test - exit 0 -fi - -if [ $ptype = "public" ]; then - cmd="../util/shlib_wrap.sh ../apps/openssl $ktype -pubin -pubout" -else - cmd="../util/shlib_wrap.sh ../apps/openssl $ktype" -fi - -echo testing $ktype $ptype conversions -cp $t $ktype-fff.p - -echo "p -> d" -$cmd -in $ktype-fff.p -inform p -outform d >$ktype-f.d || exit 1 -echo "p -> p" -$cmd -in $ktype-fff.p -inform p -outform p >$ktype-f.p || exit 1 - -echo "d -> d" -$cmd -in $ktype-f.d -inform d -outform d >$ktype-ff.d1 || exit 1 -echo "p -> d" -$cmd -in $ktype-f.p -inform p -outform d >$ktype-ff.d3 || exit 1 - -echo "d -> p" -$cmd -in $ktype-f.d -inform d -outform p >$ktype-ff.p1 || exit 1 -echo "p -> p" -$cmd -in $ktype-f.p -inform p -outform p >$ktype-ff.p3 || exit 1 - -cmp $ktype-fff.p $ktype-f.p || exit 1 -cmp $ktype-fff.p $ktype-ff.p1 || exit 1 -cmp $ktype-fff.p $ktype-ff.p3 || exit 1 -cmp $ktype-f.p $ktype-ff.p1 || exit 1 -cmp $ktype-f.p $ktype-ff.p3 || exit 1 - -/bin/rm -f $ktype-f.* $ktype-ff.* $ktype-fff.* - -[ $ptype = "public" ] && exit 0 - - -echo testing $ktype PKCS#8 conversions -cmd="../util/shlib_wrap.sh ../apps/openssl pkey" - -$cmd -in $t -out $ktype-fff.p - -echo "p -> d" -$cmd -in $ktype-fff.p -inform p -outform d >$ktype-f.d || exit 1 -echo "p -> p" -$cmd -in $ktype-fff.p -inform p -outform p >$ktype-f.p || exit 1 - -echo "d -> d" -$cmd -in $ktype-f.d -inform d -outform d >$ktype-ff.d1 || exit 1 -echo "p -> d" -$cmd -in $ktype-f.p -inform p -outform d >$ktype-ff.d3 || exit 1 - -echo "d -> p" -$cmd -in $ktype-f.d -inform d -outform p >$ktype-ff.p1 || exit 1 -echo "p -> p" -$cmd -in $ktype-f.p -inform p -outform p >$ktype-ff.p3 || exit 1 - -cmp $ktype-fff.p $ktype-f.p || exit 1 -cmp $ktype-fff.p $ktype-ff.p1 || exit 1 -cmp $ktype-fff.p $ktype-ff.p3 || exit 1 -cmp $ktype-f.p $ktype-ff.p1 || exit 1 -cmp $ktype-f.p $ktype-ff.p3 || exit 1 - -/bin/rm -f $ktype-f.* $ktype-ff.* $ktype-fff.* diff --git a/test/Attic/tocsp b/test/Attic/tocsp deleted file mode 100644 index 5fc291c..0000000 --- a/test/Attic/tocsp +++ /dev/null @@ -1,147 +0,0 @@ -#!/bin/sh - -cmd='../util/shlib_wrap.sh ../apps/openssl' -ocspdir="ocsp-tests" -# 17 December 2012 so we don't get certificate expiry errors. -check_time="-attime 1355875200" - -test_ocsp () { - - $cmd base64 -d -in $ocspdir/$1 | \ - $cmd ocsp -respin - -partial_chain $check_time \ - -CAfile $ocspdir/$2 -verify_other $ocspdir/$2 -CApath /dev/null - [ $? != $3 ] && exit 1 -} - - -echo "=== VALID OCSP RESPONSES ===" -echo "NON-DELEGATED; Intermediate CA -> EE" -test_ocsp ND1.ors ND1_Issuer_ICA.pem 0 -echo "NON-DELEGATED; Root CA -> Intermediate CA" -test_ocsp ND2.ors ND2_Issuer_Root.pem 0 -echo "NON-DELEGATED; Root CA -> EE" -test_ocsp ND3.ors ND3_Issuer_Root.pem 0 -echo "DELEGATED; Intermediate CA -> EE" -test_ocsp D1.ors D1_Issuer_ICA.pem 0 -echo "DELEGATED; Root CA -> Intermediate CA" -test_ocsp D2.ors D2_Issuer_Root.pem 0 -echo "DELEGATED; Root CA -> EE" -test_ocsp D3.ors D3_Issuer_Root.pem 0 - -echo "=== INVALID SIGNATURE on the OCSP RESPONSE ===" -echo "NON-DELEGATED; Intermediate CA -> EE" -test_ocsp ISOP_ND1.ors ND1_Issuer_ICA.pem 1 -echo "NON-DELEGATED; Root CA -> Intermediate CA" -test_ocsp ISOP_ND2.ors ND2_Issuer_Root.pem 1 -echo "NON-DELEGATED; Root CA -> EE" -test_ocsp ISOP_ND3.ors ND3_Issuer_Root.pem 1 -echo "DELEGATED; Intermediate CA -> EE" -test_ocsp ISOP_D1.ors D1_Issuer_ICA.pem 1 -echo "DELEGATED; Root CA -> Intermediate CA" -test_ocsp ISOP_D2.ors D2_Issuer_Root.pem 1 -echo "DELEGATED; Root CA -> EE" -test_ocsp ISOP_D3.ors D3_Issuer_Root.pem 1 - -echo "=== WRONG RESPONDERID in the OCSP RESPONSE ===" -echo "NON-DELEGATED; Intermediate CA -> EE" -test_ocsp WRID_ND1.ors ND1_Issuer_ICA.pem 1 -echo "NON-DELEGATED; Root CA -> Intermediate CA" -test_ocsp WRID_ND2.ors ND2_Issuer_Root.pem 1 -echo "NON-DELEGATED; Root CA -> EE" -test_ocsp WRID_ND3.ors ND3_Issuer_Root.pem 1 -echo "DELEGATED; Intermediate CA -> EE" -test_ocsp WRID_D1.ors D1_Issuer_ICA.pem 1 -echo "DELEGATED; Root CA -> Intermediate CA" -test_ocsp WRID_D2.ors D2_Issuer_Root.pem 1 -echo "DELEGATED; Root CA -> EE" -test_ocsp WRID_D3.ors D3_Issuer_Root.pem 1 - -echo "=== WRONG ISSUERNAMEHASH in the OCSP RESPONSE ===" -echo "NON-DELEGATED; Intermediate CA -> EE" -test_ocsp WINH_ND1.ors ND1_Issuer_ICA.pem 1 -echo "NON-DELEGATED; Root CA -> Intermediate CA" -test_ocsp WINH_ND2.ors ND2_Issuer_Root.pem 1 -echo "NON-DELEGATED; Root CA -> EE" -test_ocsp WINH_ND3.ors ND3_Issuer_Root.pem 1 -echo "DELEGATED; Intermediate CA -> EE" -test_ocsp WINH_D1.ors D1_Issuer_ICA.pem 1 -echo "DELEGATED; Root CA -> Intermediate CA" -test_ocsp WINH_D2.ors D2_Issuer_Root.pem 1 -echo "DELEGATED; Root CA -> EE" -test_ocsp WINH_D3.ors D3_Issuer_Root.pem 1 - -echo "=== WRONG ISSUERKEYHASH in the OCSP RESPONSE ===" -echo "NON-DELEGATED; Intermediate CA -> EE" -test_ocsp WIKH_ND1.ors ND1_Issuer_ICA.pem 1 -echo "NON-DELEGATED; Root CA -> Intermediate CA" -test_ocsp WIKH_ND2.ors ND2_Issuer_Root.pem 1 -echo "NON-DELEGATED; Root CA -> EE" -test_ocsp WIKH_ND3.ors ND3_Issuer_Root.pem 1 -echo "DELEGATED; Intermediate CA -> EE" -test_ocsp WIKH_D1.ors D1_Issuer_ICA.pem 1 -echo "DELEGATED; Root CA -> Intermediate CA" -test_ocsp WIKH_D2.ors D2_Issuer_Root.pem 1 -echo "DELEGATED; Root CA -> EE" -test_ocsp WIKH_D3.ors D3_Issuer_Root.pem 1 - -echo "=== WRONG KEY in the DELEGATED OCSP SIGNING CERTIFICATE ===" -echo "DELEGATED; Intermediate CA -> EE" -test_ocsp WKDOSC_D1.ors D1_Issuer_ICA.pem 1 -echo "DELEGATED; Root CA -> Intermediate CA" -test_ocsp WKDOSC_D2.ors D2_Issuer_Root.pem 1 -echo "DELEGATED; Root CA -> EE" -test_ocsp WKDOSC_D3.ors D3_Issuer_Root.pem 1 - -echo "=== INVALID SIGNATURE on the DELEGATED OCSP SIGNING CERTIFICATE ===" -echo "DELEGATED; Intermediate CA -> EE" -test_ocsp ISDOSC_D1.ors D1_Issuer_ICA.pem 1 -echo "DELEGATED; Root CA -> Intermediate CA" -test_ocsp ISDOSC_D2.ors D2_Issuer_Root.pem 1 -echo "DELEGATED; Root CA -> EE" -test_ocsp ISDOSC_D3.ors D3_Issuer_Root.pem 1 - -echo "=== WRONG SUBJECT NAME in the ISSUER CERTIFICATE ===" -echo "NON-DELEGATED; Intermediate CA -> EE" -test_ocsp ND1.ors WSNIC_ND1_Issuer_ICA.pem 1 -echo "NON-DELEGATED; Root CA -> Intermediate CA" -test_ocsp ND2.ors WSNIC_ND2_Issuer_Root.pem 1 -echo "NON-DELEGATED; Root CA -> EE" -test_ocsp ND3.ors WSNIC_ND3_Issuer_Root.pem 1 -echo "DELEGATED; Intermediate CA -> EE" -test_ocsp D1.ors WSNIC_D1_Issuer_ICA.pem 1 -echo "DELEGATED; Root CA -> Intermediate CA" -test_ocsp D2.ors WSNIC_D2_Issuer_Root.pem 1 -echo "DELEGATED; Root CA -> EE" -test_ocsp D3.ors WSNIC_D3_Issuer_Root.pem 1 - -echo "=== WRONG KEY in the ISSUER CERTIFICATE ===" -echo "NON-DELEGATED; Intermediate CA -> EE" -test_ocsp ND1.ors WKIC_ND1_Issuer_ICA.pem 1 -echo "NON-DELEGATED; Root CA -> Intermediate CA" -test_ocsp ND2.ors WKIC_ND2_Issuer_Root.pem 1 -echo "NON-DELEGATED; Root CA -> EE" -test_ocsp ND3.ors WKIC_ND3_Issuer_Root.pem 1 -echo "DELEGATED; Intermediate CA -> EE" -test_ocsp D1.ors WKIC_D1_Issuer_ICA.pem 1 -echo "DELEGATED; Root CA -> Intermediate CA" -test_ocsp D2.ors WKIC_D2_Issuer_Root.pem 1 -echo "DELEGATED; Root CA -> EE" -test_ocsp D3.ors WKIC_D3_Issuer_Root.pem 1 - -echo "=== INVALID SIGNATURE on the ISSUER CERTIFICATE ===" -# Expect success, because we're explicitly trusting the issuer certificate. -echo "NON-DELEGATED; Intermediate CA -> EE" -test_ocsp ND1.ors ISIC_ND1_Issuer_ICA.pem 0 -echo "NON-DELEGATED; Root CA -> Intermediate CA" -test_ocsp ND2.ors ISIC_ND2_Issuer_Root.pem 0 -echo "NON-DELEGATED; Root CA -> EE" -test_ocsp ND3.ors ISIC_ND3_Issuer_Root.pem 0 -echo "DELEGATED; Intermediate CA -> EE" -test_ocsp D1.ors ISIC_D1_Issuer_ICA.pem 0 -echo "DELEGATED; Root CA -> Intermediate CA" -test_ocsp D2.ors ISIC_D2_Issuer_Root.pem 0 -echo "DELEGATED; Root CA -> EE" -test_ocsp D3.ors ISIC_D3_Issuer_Root.pem 0 - -echo "ALL OCSP TESTS SUCCESSFUL" -exit 0 diff --git a/test/Attic/tocsp.com b/test/Attic/tocsp.com deleted file mode 100644 index 97253fe..0000000 --- a/test/Attic/tocsp.com +++ /dev/null @@ -1,165 +0,0 @@ -$! TOCSP.COM -- Test ocsp -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p2 .eqs. "64") then __arch = __arch+ "_64" -$! -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ -$ cmd = "mcr ''f$parse(exe_dir+"openssl.exe")'" -$ ocspdir = "ocsp-tests" -$ -$! 17 December 2012 so we don't get certificate expiry errors. -$ check_time="-attime 1355875200" -$ -$ test_ocsp: -$ subroutine -$ 'cmd' base64 -d -in [.'ocspdir']'p1' -out ocsp-test.test-bin -$ 'cmd' ocsp -respin ocsp-test.test-bin -partial_chain 'check_time' - - "-CAfile" [.'ocspdir']'p2' -verify_other [.'ocspdir']'p2' "-CApath" NLA0: -$ if $severity .ne. p3+1 -$ then -$ write sys$error "OCSP test failed!" -$ exit 3 -$ endif -$ endsubroutine -$ -$ set noon -$ -$ write sys$output "=== VALID OCSP RESPONSES ===" -$ write sys$output "NON-DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "ND1.ors" "ND1_Issuer_ICA.pem" 0 -$ write sys$output "NON-DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "ND2.ors" "ND2_Issuer_Root.pem" 0 -$ write sys$output "NON-DELEGATED; Root CA -> EE" -$ call test_ocsp "ND3.ors" "ND3_Issuer_Root.pem" 0 -$ write sys$output "DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "D1.ors" "D1_Issuer_ICA.pem" 0 -$ write sys$output "DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "D2.ors" "D2_Issuer_Root.pem" 0 -$ write sys$output "DELEGATED; Root CA -> EE" -$ call test_ocsp "D3.ors" "D3_Issuer_Root.pem" 0 -$ -$ write sys$output "=== INVALID SIGNATURE on the OCSP RESPONSE ===" -$ write sys$output "NON-DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "ISOP_ND1.ors" "ND1_Issuer_ICA.pem" 1 -$ write sys$output "NON-DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "ISOP_ND2.ors" "ND2_Issuer_Root.pem" 1 -$ write sys$output "NON-DELEGATED; Root CA -> EE" -$ call test_ocsp "ISOP_ND3.ors" "ND3_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "ISOP_D1.ors" "D1_Issuer_ICA.pem" 1 -$ write sys$output "DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "ISOP_D2.ors" "D2_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Root CA -> EE" -$ call test_ocsp "ISOP_D3.ors" "D3_Issuer_Root.pem" 1 -$ -$ write sys$output "=== WRONG RESPONDERID in the OCSP RESPONSE ===" -$ write sys$output "NON-DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "WRID_ND1.ors" "ND1_Issuer_ICA.pem" 1 -$ write sys$output "NON-DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "WRID_ND2.ors" "ND2_Issuer_Root.pem" 1 -$ write sys$output "NON-DELEGATED; Root CA -> EE" -$ call test_ocsp "WRID_ND3.ors" "ND3_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "WRID_D1.ors" "D1_Issuer_ICA.pem" 1 -$ write sys$output "DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "WRID_D2.ors" "D2_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Root CA -> EE" -$ call test_ocsp "WRID_D3.ors" "D3_Issuer_Root.pem" 1 -$ -$ write sys$output "=== WRONG ISSUERNAMEHASH in the OCSP RESPONSE ===" -$ write sys$output "NON-DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "WINH_ND1.ors" "ND1_Issuer_ICA.pem" 1 -$ write sys$output "NON-DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "WINH_ND2.ors" "ND2_Issuer_Root.pem" 1 -$ write sys$output "NON-DELEGATED; Root CA -> EE" -$ call test_ocsp "WINH_ND3.ors" "ND3_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "WINH_D1.ors" "D1_Issuer_ICA.pem" 1 -$ write sys$output "DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "WINH_D2.ors" "D2_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Root CA -> EE" -$ call test_ocsp "WINH_D3.ors" "D3_Issuer_Root.pem" 1 -$ -$ write sys$output "=== WRONG ISSUERKEYHASH in the OCSP RESPONSE ===" -$ write sys$output "NON-DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "WIKH_ND1.ors" "ND1_Issuer_ICA.pem" 1 -$ write sys$output "NON-DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "WIKH_ND2.ors" "ND2_Issuer_Root.pem" 1 -$ write sys$output "NON-DELEGATED; Root CA -> EE" -$ call test_ocsp "WIKH_ND3.ors" "ND3_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "WIKH_D1.ors" "D1_Issuer_ICA.pem" 1 -$ write sys$output "DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "WIKH_D2.ors" "D2_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Root CA -> EE" -$ call test_ocsp "WIKH_D3.ors" "D3_Issuer_Root.pem" 1 -$ -$ write sys$output "=== WRONG KEY in the DELEGATED OCSP SIGNING CERTIFICATE ===" -$ write sys$output "DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "WKDOSC_D1.ors" "D1_Issuer_ICA.pem" 1 -$ write sys$output "DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "WKDOSC_D2.ors" "D2_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Root CA -> EE" -$ call test_ocsp "WKDOSC_D3.ors" "D3_Issuer_Root.pem" 1 -$ -$ write sys$output "=== INVALID SIGNATURE on the DELEGATED OCSP SIGNING CERTIFICATE ===" -$ write sys$output "DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "ISDOSC_D1.ors" "D1_Issuer_ICA.pem" 1 -$ write sys$output "DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "ISDOSC_D2.ors" "D2_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Root CA -> EE" -$ call test_ocsp "ISDOSC_D3.ors" "D3_Issuer_Root.pem" 1 -$ -$ write sys$output "=== WRONG SUBJECT NAME in the ISSUER CERTIFICATE ===" -$ write sys$output "NON-DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "ND1.ors" "WSNIC_ND1_Issuer_ICA.pem" 1 -$ write sys$output "NON-DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "ND2.ors" "WSNIC_ND2_Issuer_Root.pem" 1 -$ write sys$output "NON-DELEGATED; Root CA -> EE" -$ call test_ocsp "ND3.ors" "WSNIC_ND3_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "D1.ors" "WSNIC_D1_Issuer_ICA.pem" 1 -$ write sys$output "DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "D2.ors" "WSNIC_D2_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Root CA -> EE" -$ call test_ocsp "D3.ors" "WSNIC_D3_Issuer_Root.pem" 1 -$ -$ write sys$output "=== WRONG KEY in the ISSUER CERTIFICATE ===" -$ write sys$output "NON-DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "ND1.ors" "WKIC_ND1_Issuer_ICA.pem" 1 -$ write sys$output "NON-DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "ND2.ors" "WKIC_ND2_Issuer_Root.pem" 1 -$ write sys$output "NON-DELEGATED; Root CA -> EE" -$ call test_ocsp "ND3.ors" "WKIC_ND3_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "D1.ors" "WKIC_D1_Issuer_ICA.pem" 1 -$ write sys$output "DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "D2.ors" "WKIC_D2_Issuer_Root.pem" 1 -$ write sys$output "DELEGATED; Root CA -> EE" -$ call test_ocsp "D3.ors" "WKIC_D3_Issuer_Root.pem" 1 -$ -$ write sys$output "=== INVALID SIGNATURE on the ISSUER CERTIFICATE ===" -$! Expect success, because we're explicitly trusting the issuer certificate. -$ write sys$output "NON-DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "ND1.ors" "ISIC_ND1_Issuer_ICA.pem" 0 -$ write sys$output "NON-DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "ND2.ors" "ISIC_ND2_Issuer_Root.pem" 0 -$ write sys$output "NON-DELEGATED; Root CA -> EE" -$ call test_ocsp "ND3.ors" "ISIC_ND3_Issuer_Root.pem" 0 -$ write sys$output "DELEGATED; Intermediate CA -> EE" -$ call test_ocsp "D1.ors" "ISIC_D1_Issuer_ICA.pem" 0 -$ write sys$output "DELEGATED; Root CA -> Intermediate CA" -$ call test_ocsp "D2.ors" "ISIC_D2_Issuer_Root.pem" 0 -$ write sys$output "DELEGATED; Root CA -> EE" -$ call test_ocsp "D3.ors" "ISIC_D3_Issuer_Root.pem" 0 -$ -$ write sys$output "ALL OCSP TESTS SUCCESSFUL" -$ -$ set on -$ -$ exit diff --git a/test/Attic/tpkcs7 b/test/Attic/tpkcs7 deleted file mode 100644 index 91e304b..0000000 --- a/test/Attic/tpkcs7 +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/sh - -cmd='../util/shlib_wrap.sh ../apps/openssl pkcs7' - -if [ "$1"x != "x" ]; then - t=$1 -else - t=testp7.pem -fi - -echo testing pkcs7 conversions -cp $t p7-fff.p - -echo "p -> d" -$cmd -in p7-fff.p -inform p -outform d >p7-f.d || exit 1 -echo "p -> p" -$cmd -in p7-fff.p -inform p -outform p >p7-f.p || exit 1 - -echo "d -> d" -$cmd -in p7-f.d -inform d -outform d >p7-ff.d1 || exit 1 -echo "p -> d" -$cmd -in p7-f.p -inform p -outform d >p7-ff.d3 || exit 1 - -echo "d -> p" -$cmd -in p7-f.d -inform d -outform p >p7-ff.p1 || exit 1 -echo "p -> p" -$cmd -in p7-f.p -inform p -outform p >p7-ff.p3 || exit 1 - -cmp p7-fff.p p7-f.p || exit 1 -cmp p7-fff.p p7-ff.p1 || exit 1 -cmp p7-fff.p p7-ff.p3 || exit 1 -cmp p7-f.p p7-ff.p1 || exit 1 -cmp p7-f.p p7-ff.p3 || exit 1 - -/bin/rm -f p7-f.* p7-ff.* p7-fff.* -exit 0 diff --git a/test/Attic/tpkcs7.com b/test/Attic/tpkcs7.com deleted file mode 100644 index 3fc4982..0000000 --- a/test/Attic/tpkcs7.com +++ /dev/null @@ -1,59 +0,0 @@ -$! TPKCS7.COM -- Tests pkcs7 keys -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p2 .eqs. "64") then __arch = __arch+ "_64" -$! -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ -$ cmd = "mcr ''exe_dir'openssl pkcs7" -$ -$ t = "testp7.pem" -$ if p1 .nes. "" then t = p1 -$ -$ write sys$output "testing PKCS7 conversions" -$ if f$search("fff.*") .nes "" then delete fff.*;* -$ if f$search("ff.*") .nes "" then delete ff.*;* -$ if f$search("f.*") .nes "" then delete f.*;* -$ convert/fdl=sys$input: 't' fff.p -RECORD - FORMAT STREAM_LF -$ -$ write sys$output "p -> d" -$ 'cmd' -in fff.p -inform p -outform d -out f.d -$ if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in fff.p -inform p -outform p -out f.p -$ if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> d" -$ 'cmd' -in f.d -inform d -outform d -out ff.d1 -$ if $severity .ne. 1 then exit 3 -$ write sys$output "p -> d" -$ 'cmd' -in f.p -inform p -outform d -out ff.d3 -$ if $severity .ne. 1 then exit 3 -$ -$ -$ write sys$output "d -> p" -$ 'cmd' -in f.d -inform d -outform p -out ff.p1 -$ if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in f.p -inform p -outform p -out ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ backup/compare fff.p f.p -$ if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ backup/compare f.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$ backup/compare f.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ delete f.*;*,ff.*;*,fff.*;* diff --git a/test/Attic/tpkcs7d b/test/Attic/tpkcs7d deleted file mode 100644 index c5077da..0000000 --- a/test/Attic/tpkcs7d +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/sh - -cmd='../util/shlib_wrap.sh ../apps/openssl pkcs7' - -if [ "$1"x != "x" ]; then - t=$1 -else - t=pkcs7-1.pem -fi - -echo "testing pkcs7 conversions (2)" -cp $t p7d-fff.p - -echo "p -> d" -$cmd -in p7d-fff.p -inform p -outform d >p7d-f.d || exit 1 -echo "p -> p" -$cmd -in p7d-fff.p -inform p -outform p >p7d-f.p || exit 1 - -echo "d -> d" -$cmd -in p7d-f.d -inform d -outform d >p7d-ff.d1 || exit 1 -echo "p -> d" -$cmd -in p7d-f.p -inform p -outform d >p7d-ff.d3 || exit 1 - -echo "d -> p" -$cmd -in p7d-f.d -inform d -outform p >p7d-ff.p1 || exit 1 -echo "p -> p" -$cmd -in p7d-f.p -inform p -outform p >p7d-ff.p3 || exit 1 - -cmp p7d-f.p p7d-ff.p1 || exit 1 -cmp p7d-f.p p7d-ff.p3 || exit 1 - -/bin/rm -f p7d-f.* p7d-ff.* p7d-fff.* -exit 0 diff --git a/test/Attic/tpkcs7d.com b/test/Attic/tpkcs7d.com deleted file mode 100644 index eea8c88..0000000 --- a/test/Attic/tpkcs7d.com +++ /dev/null @@ -1,52 +0,0 @@ -$! TPKCS7.COM -- Tests pkcs7 keys -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p2 .eqs. "64") then __arch = __arch+ "_64" -$! -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ -$ cmd = "mcr ''exe_dir'openssl pkcs7" -$ -$ t = "pkcs7-1.pem" -$ if p1 .nes. "" then t = p1 -$ -$ write sys$output "testing PKCS7 conversions (2)" -$ if f$search("fff.*") .nes "" then delete fff.*;* -$ if f$search("ff.*") .nes "" then delete ff.*;* -$ if f$search("f.*") .nes "" then delete f.*;* -$ convert/fdl=sys$input: 't' fff.p -RECORD - FORMAT STREAM_LF -$ -$ write sys$output "p -> d" -$ 'cmd' -in fff.p -inform p -outform d -out f.d -$ if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in fff.p -inform p -outform p -out f.p -$ if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> d" -$ 'cmd' -in f.d -inform d -outform d -out ff.d1 -$ if $severity .ne. 1 then exit 3 -$ write sys$output "p -> d" -$ 'cmd' -in f.p -inform p -outform d -out ff.d3 -$ if $severity .ne. 1 then exit 3 -$ -$ -$ write sys$output "d -> p" -$ 'cmd' -in f.d -inform d -outform p -out ff.p1 -$ if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in f.p -inform p -outform p -out ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ backup/compare f.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$ backup/compare f.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ delete f.*;*,ff.*;*,fff.*;* diff --git a/test/Attic/treq b/test/Attic/treq deleted file mode 100644 index 2062d76..0000000 --- a/test/Attic/treq +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/sh - -cmd='../util/shlib_wrap.sh ../apps/openssl req -config ../apps/openssl.cnf' - -if [ "$1"x != "x" ]; then - t=$1 -else - t=testreq.pem -fi - -if $cmd -in $t -inform p -noout -text 2>&1 | fgrep -i 'Unknown Public Key'; then - echo "skipping req conversion test for $t" - exit 0 -fi - -echo testing req conversions -cp $t req-fff.p - -echo "p -> d" -$cmd -in req-fff.p -inform p -outform d >req-f.d || exit 1 -echo "p -> p" -$cmd -in req-fff.p -inform p -outform p >req-f.p || exit 1 - -echo "d -> d" -$cmd -verify -in req-f.d -inform d -outform d >req-ff.d1 || exit 1 -echo "p -> d" -$cmd -verify -in req-f.p -inform p -outform d >req-ff.d3 || exit 1 - -echo "d -> p" -$cmd -in req-f.d -inform d -outform p >req-ff.p1 || exit 1 -echo "p -> p" -$cmd -in req-f.p -inform p -outform p >req-ff.p3 || exit 1 - -cmp req-fff.p req-f.p || exit 1 -cmp req-fff.p req-ff.p1 || exit 1 -cmp req-fff.p req-ff.p3 || exit 1 -cmp req-f.p req-ff.p1 || exit 1 -cmp req-f.p req-ff.p3 || exit 1 - -/bin/rm -f req-f.* req-ff.* req-fff.* -exit 0 diff --git a/test/Attic/treq.com b/test/Attic/treq.com deleted file mode 100644 index acf08b7..0000000 --- a/test/Attic/treq.com +++ /dev/null @@ -1,88 +0,0 @@ -$! TREQ.COM -- Tests req keys -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p2 .eqs. "64") then __arch = __arch+ "_64" -$! -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ -$ cmd = "mcr ''exe_dir'openssl req -config [-.apps]openssl-vms.cnf" -$ -$ t = "testreq.pem" -$ if p1 .nes. "" then t = p1 -$ -$ write sys$output "testing req conversions" -$ if f$search("fff.*") .nes "" then delete fff.*;* -$ if f$search("ff.*") .nes "" then delete ff.*;* -$ if f$search("f.*") .nes "" then delete f.*;* -$ convert/fdl=sys$input: 't' fff.p -RECORD - FORMAT STREAM_LF -$ -$ write sys$output "p -> d" -$ 'cmd' -in fff.p -inform p -outform d -out f.d -$ if $severity .ne. 1 then exit 3 -$! write sys$output "p -> t" -$! 'cmd' -in fff.p -inform p -outform t -out f.t -$! if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in fff.p -inform p -outform p -out f.p -$ if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> d" -$ 'cmd' -verify -in f.d -inform d -outform d -out ff.d1 -$ if $severity .ne. 1 then exit 3 -$! write sys$output "t -> d" -$! 'cmd' -verify -in f.t -inform t -outform d -out ff.d2 -$! if $severity .ne. 1 then exit 3 -$ write sys$output "p -> d" -$ 'cmd' -verify -in f.p -inform p -outform d -out ff.d3 -$ if $severity .ne. 1 then exit 3 -$ -$! write sys$output "d -> t" -$! 'cmd' -in f.d -inform d -outform t -out ff.t1 -$! if $severity .ne. 1 then exit 3 -$! write sys$output "t -> t" -$! 'cmd' -in f.t -inform t -outform t -out ff.t2 -$! if $severity .ne. 1 then exit 3 -$! write sys$output "p -> t" -$! 'cmd' -in f.p -inform p -outform t -out ff.t3 -$! if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> p" -$ 'cmd' -in f.d -inform d -outform p -out ff.p1 -$ if $severity .ne. 1 then exit 3 -$! write sys$output "t -> p" -$! 'cmd' -in f.t -inform t -outform p -out ff.p2 -$! if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in f.p -inform p -outform p -out ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ backup/compare fff.p f.p -$ if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$! backup/compare fff.p ff.p2 -$! if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$! backup/compare f.t ff.t1 -$! if $severity .ne. 1 then exit 3 -$! backup/compare f.t ff.t2 -$! if $severity .ne. 1 then exit 3 -$! backup/compare f.t ff.t3 -$! if $severity .ne. 1 then exit 3 -$ -$ backup/compare f.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$! backup/compare f.p ff.p2 -$! if $severity .ne. 1 then exit 3 -$ backup/compare f.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ delete f.*;*,ff.*;*,fff.*;* diff --git a/test/Attic/trsa.com b/test/Attic/trsa.com deleted file mode 100644 index 5418084..0000000 --- a/test/Attic/trsa.com +++ /dev/null @@ -1,99 +0,0 @@ -$! TRSA.COM -- Tests rsa keys -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p2 .eqs. "64") then __arch = __arch+ "_64" -$! -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ -$ set noon -$ define/user sys$output nla0: -$ mcr 'exe_dir'openssl no-rsa -$ save_severity=$SEVERITY -$ set on -$ if save_severity -$ then -$ write sys$output "skipping RSA conversion test" -$ exit -$ endif -$ -$ cmd = "mcr ''exe_dir'openssl rsa" -$ -$ t = "testrsa.pem" -$ if p1 .nes. "" then t = p1 -$ -$ write sys$output "testing RSA conversions" -$ if f$search("fff.*") .nes "" then delete fff.*;* -$ if f$search("ff.*") .nes "" then delete ff.*;* -$ if f$search("f.*") .nes "" then delete f.*;* -$ convert/fdl=sys$input: 't' fff.p -RECORD - FORMAT STREAM_LF -$ -$ write sys$output "p -> d" -$ 'cmd' -in fff.p -inform p -outform d -out f.d -$ if $severity .ne. 1 then exit 3 -$! write sys$output "p -> t" -$! 'cmd' -in fff.p -inform p -outform t -out f.t -$! if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in fff.p -inform p -outform p -out f.p -$ if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> d" -$ 'cmd' -in f.d -inform d -outform d -out ff.d1 -$ if $severity .ne. 1 then exit 3 -$! write sys$output "t -> d" -$! 'cmd' -in f.t -inform t -outform d -out ff.d2 -$! if $severity .ne. 1 then exit 3 -$ write sys$output "p -> d" -$ 'cmd' -in f.p -inform p -outform d -out ff.d3 -$ if $severity .ne. 1 then exit 3 -$ -$! write sys$output "d -> t" -$! 'cmd' -in f.d -inform d -outform t -out ff.t1 -$! if $severity .ne. 1 then exit 3 -$! write sys$output "t -> t" -$! 'cmd' -in f.t -inform t -outform t -out ff.t2 -$! if $severity .ne. 1 then exit 3 -$! write sys$output "p -> t" -$! 'cmd' -in f.p -inform p -outform t -out ff.t3 -$! if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> p" -$ 'cmd' -in f.d -inform d -outform p -out ff.p1 -$ if $severity .ne. 1 then exit 3 -$! write sys$output "t -> p" -$! 'cmd' -in f.t -inform t -outform p -out ff.p2 -$! if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in f.p -inform p -outform p -out ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ backup/compare fff.p f.p -$ if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$! backup/compare fff.p ff.p2 -$! if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$! backup/compare f.t ff.t1 -$! if $severity .ne. 1 then exit 3 -$! backup/compare f.t ff.t2 -$! if $severity .ne. 1 then exit 3 -$! backup/compare f.t ff.t3 -$! if $severity .ne. 1 then exit 3 -$ -$ backup/compare f.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$! backup/compare f.p ff.p2 -$! if $severity .ne. 1 then exit 3 -$ backup/compare f.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ delete f.*;*,ff.*;*,fff.*;* diff --git a/test/Attic/tsid b/test/Attic/tsid deleted file mode 100644 index 546efb7..0000000 --- a/test/Attic/tsid +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/sh - -cmd='../util/shlib_wrap.sh ../apps/openssl sess_id' - -if [ "$1"x != "x" ]; then - t=$1 -else - t=testsid.pem -fi - -echo testing session-id conversions -cp $t sid-fff.p - -echo "p -> d" -$cmd -in sid-fff.p -inform p -outform d >sid-f.d || exit 1 -echo "p -> p" -$cmd -in sid-fff.p -inform p -outform p >sid-f.p || exit 1 - -echo "d -> d" -$cmd -in sid-f.d -inform d -outform d >sid-ff.d1 || exit 1 -echo "p -> d" -$cmd -in sid-f.p -inform p -outform d >sid-ff.d3 || exit 1 - -echo "d -> p" -$cmd -in sid-f.d -inform d -outform p >sid-ff.p1 || exit 1 -echo "p -> p" -$cmd -in sid-f.p -inform p -outform p >sid-ff.p3 || exit 1 - -cmp sid-fff.p sid-f.p || exit 1 -cmp sid-fff.p sid-ff.p1 || exit 1 -cmp sid-fff.p sid-ff.p3 || exit 1 -cmp sid-f.p sid-ff.p1 || exit 1 -cmp sid-f.p sid-ff.p3 || exit 1 - -/bin/rm -f sid-f.* sid-ff.* sid-fff.* -exit 0 diff --git a/test/Attic/tsid.com b/test/Attic/tsid.com deleted file mode 100644 index b6c4e49..0000000 --- a/test/Attic/tsid.com +++ /dev/null @@ -1,88 +0,0 @@ -$! TSID.COM -- Tests sid keys -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p2 .eqs. "64") then __arch = __arch+ "_64" -$! -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ -$ cmd = "mcr ''exe_dir'openssl sess_id" -$ -$ t = "testsid.pem" -$ if p1 .nes. "" then t = p1 -$ -$ write sys$output "testing session-id conversions" -$ if f$search("fff.*") .nes "" then delete fff.*;* -$ if f$search("ff.*") .nes "" then delete ff.*;* -$ if f$search("f.*") .nes "" then delete f.*;* -$ convert/fdl=sys$input: 't' fff.p -RECORD - FORMAT STREAM_LF -$ -$ write sys$output "p -> d" -$ 'cmd' -in fff.p -inform p -outform d -out f.d -$ if $severity .ne. 1 then exit 3 -$! write sys$output "p -> t" -$! 'cmd' -in fff.p -inform p -outform t -out f.t -$! if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in fff.p -inform p -outform p -out f.p -$ if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> d" -$ 'cmd' -in f.d -inform d -outform d -out ff.d1 -$ if $severity .ne. 1 then exit 3 -$! write sys$output "t -> d" -$! 'cmd' -in f.t -inform t -outform d -out ff.d2 -$! if $severity .ne. 1 then exit 3 -$ write sys$output "p -> d" -$ 'cmd' -in f.p -inform p -outform d -out ff.d3 -$ if $severity .ne. 1 then exit 3 -$ -$! write sys$output "d -> t" -$! 'cmd' -in f.d -inform d -outform t -out ff.t1 -$! if $severity .ne. 1 then exit 3 -$! write sys$output "t -> t" -$! 'cmd' -in f.t -inform t -outform t -out ff.t2 -$! if $severity .ne. 1 then exit 3 -$! write sys$output "p -> t" -$! 'cmd' -in f.p -inform p -outform t -out ff.t3 -$! if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> p" -$ 'cmd' -in f.d -inform d -outform p -out ff.p1 -$ if $severity .ne. 1 then exit 3 -$! write sys$output "t -> p" -$! 'cmd' -in f.t -inform t -outform p -out ff.p2 -$! if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in f.p -inform p -outform p -out ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ backup/compare fff.p f.p -$ if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$! backup/compare fff.p ff.p2 -$! if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$! backup/compare f.t ff.t1 -$! if $severity .ne. 1 then exit 3 -$! backup/compare f.t ff.t2 -$! if $severity .ne. 1 then exit 3 -$! backup/compare f.t ff.t3 -$! if $severity .ne. 1 then exit 3 -$ -$ backup/compare f.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$! backup/compare f.p ff.p2 -$! if $severity .ne. 1 then exit 3 -$ backup/compare f.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ delete f.*;*,ff.*;*,fff.*;* diff --git a/test/Attic/tverify.com b/test/Attic/tverify.com deleted file mode 100644 index d888344..0000000 --- a/test/Attic/tverify.com +++ /dev/null @@ -1,65 +0,0 @@ -$! TVERIFY.COM -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p1 .eqs. "64") then __arch = __arch+ "_64" -$! -$ line_max = 255 ! Could be longer on modern non-VAX. -$ temp_file_name = "certs_"+ f$getjpi( "", "PID")+ ".tmp" -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ cmd = "mcr ''exe_dir'openssl verify ""-CAfile"" ''temp_file_name'" -$ cmd_len = f$length( cmd) -$ pems = "[-.certs...]*.pem" -$! -$! Concatenate all the certificate files. -$! -$ copy /concatenate 'pems' 'temp_file_name' -$! -$! Loop through all the certificate files. -$! -$ args = "" -$ old_f = "" -$ loop_file: -$ f = f$search( pems) -$ if ((f .nes. "") .and. (f .nes. old_f)) -$ then -$ old_f = f -$! -$! If this file name would over-extend the command line, then -$! run the command now. -$! -$ if (cmd_len+ f$length( args)+ 1+ f$length( f) .gt. line_max) -$ then -$ if (args .eqs. "") then goto disaster -$ 'cmd''args' -$ args = "" -$ endif -$! Add the next file to the argument list. -$ args = args+ " "+ f -$ else -$! No more files in the list -$ goto loop_file_end -$ endif -$ goto loop_file -$ loop_file_end: -$! -$! Run the command for any left-over arguments. -$! -$ if (args .nes. "") -$ then -$ 'cmd''args' -$ endif -$! -$! Delete the temporary file. -$! -$ if (f$search( "''temp_file_name';*") .nes. "") then - - delete 'temp_file_name';* -$! -$ exit -$! -$ disaster: -$ write sys$output " Command line too long. Doomed." -$! diff --git a/test/Attic/tx509 b/test/Attic/tx509 deleted file mode 100644 index dc9abc6..0000000 --- a/test/Attic/tx509 +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/sh - -cmd='../util/shlib_wrap.sh ../apps/openssl x509' - -if [ "$1"x != "x" ]; then - t=$1 -else - t=testx509.pem -fi - -echo testing X509 conversions -cp $t x509-fff.p - -echo "p -> d" -$cmd -in x509-fff.p -inform p -outform d >x509-f.d || exit 1 -echo "p -> p" -$cmd -in x509-fff.p -inform p -outform p >x509-f.p || exit 1 - -echo "d -> d" -$cmd -in x509-f.d -inform d -outform d >x509-ff.d1 || exit 1 -echo "p -> d" -$cmd -in x509-f.p -inform p -outform d >x509-ff.d3 || exit 1 - -echo "d -> p" -$cmd -in x509-f.d -inform d -outform p >x509-ff.p1 || exit 1 -echo "p -> p" -$cmd -in x509-f.p -inform p -outform p >x509-ff.p3 || exit 1 - -cmp x509-fff.p x509-f.p || exit 1 -cmp x509-fff.p x509-ff.p1 || exit 1 -cmp x509-fff.p x509-ff.p3 || exit 1 - -cmp x509-f.p x509-ff.p1 || exit 1 -cmp x509-f.p x509-ff.p3 || exit 1 - -/bin/rm -f x509-f.* x509-ff.* x509-fff.* -exit 0 diff --git a/test/Attic/tx509.com b/test/Attic/tx509.com deleted file mode 100644 index 93ce988..0000000 --- a/test/Attic/tx509.com +++ /dev/null @@ -1,88 +0,0 @@ -$! TX509.COM -- Tests x509 certificates -$ -$ __arch = "VAX" -$ if f$getsyi("cpu") .ge. 128 then - - __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") -$ if __arch .eqs. "" then __arch = "UNK" -$! -$ if (p2 .eqs. "64") then __arch = __arch+ "_64" -$! -$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" -$ -$ cmd = "mcr ''exe_dir'openssl x509" -$ -$ t = "testx509.pem" -$ if p1 .nes. "" then t = p1 -$ -$ write sys$output "testing X509 conversions" -$ if f$search("fff.*") .nes "" then delete fff.*;* -$ if f$search("ff.*") .nes "" then delete ff.*;* -$ if f$search("f.*") .nes "" then delete f.*;* -$ convert/fdl=sys$input: 't' fff.p -RECORD - FORMAT STREAM_LF -$ -$ write sys$output "p -> d" -$ 'cmd' -in fff.p -inform p -outform d -out f.d -$ if $severity .ne. 1 then exit 3 -$ write sys$output "p -> n" -$ 'cmd' -in fff.p -inform p -outform n -out f.n -$ if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in fff.p -inform p -outform p -out f.p -$ if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> d" -$ 'cmd' -in f.d -inform d -outform d -out ff.d1 -$ if $severity .ne. 1 then exit 3 -$ write sys$output "n -> d" -$ 'cmd' -in f.n -inform n -outform d -out ff.d2 -$ if $severity .ne. 1 then exit 3 -$ write sys$output "p -> d" -$ 'cmd' -in f.p -inform p -outform d -out ff.d3 -$ if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> n" -$ 'cmd' -in f.d -inform d -outform n -out ff.n1 -$ if $severity .ne. 1 then exit 3 -$ write sys$output "n -> n" -$ 'cmd' -in f.n -inform n -outform n -out ff.n2 -$ if $severity .ne. 1 then exit 3 -$ write sys$output "p -> n" -$ 'cmd' -in f.p -inform p -outform n -out ff.n3 -$ if $severity .ne. 1 then exit 3 -$ -$ write sys$output "d -> p" -$ 'cmd' -in f.d -inform d -outform p -out ff.p1 -$ if $severity .ne. 1 then exit 3 -$ write sys$output "n -> p" -$ 'cmd' -in f.n -inform n -outform p -out ff.p2 -$ if $severity .ne. 1 then exit 3 -$ write sys$output "p -> p" -$ 'cmd' -in f.p -inform p -outform p -out ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ backup/compare fff.p f.p -$ if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p2 -$ if $severity .ne. 1 then exit 3 -$ backup/compare fff.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ backup/compare f.n ff.n1 -$ if $severity .ne. 1 then exit 3 -$ backup/compare f.n ff.n2 -$ if $severity .ne. 1 then exit 3 -$ backup/compare f.n ff.n3 -$ if $severity .ne. 1 then exit 3 -$ -$ backup/compare f.p ff.p1 -$ if $severity .ne. 1 then exit 3 -$ backup/compare f.p ff.p2 -$ if $severity .ne. 1 then exit 3 -$ backup/compare f.p ff.p3 -$ if $severity .ne. 1 then exit 3 -$ -$ delete f.*;*,ff.*;*,fff.*;* |