Головна сторінка Огляд Довідка
Увійти
OWEALs
/
openssl
дзеркало git://git.openssl.org/openssl.git
2
0
Відгалуження 0
Файли Проблеми 1 Wiki
Дерево: 9ab6fc5936
Гілки Теги
openssl
/
test
/
Attic
/
testssl.com

testssl.com 4.9 KB
Історія Запис

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170 
  1. $! TESTSSL.COM
    2. 

  2. $
    3. 

  3. $	__arch = "VAX"
    4. 

  4. $	if f$getsyi("cpu") .ge. 128 then -
    5. 

  5. 	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
    6. 

  6. $	if __arch .eqs. "" then __arch = "UNK"
    7. 

  7. $!
    8. 

  8. $	if (p4 .eqs. "64") then __arch = __arch+ "_64"
    9. 

  9. $!
    10. 

  10. $	texe_dir = "sys$disk:[-.''__arch'.exe.test]"
    11. 

  11. $	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
    12. 

  12. $
    13. 

  13. $	if p1 .eqs. ""
    14. 

  14. $	then
    15. 

  15. $	    key="[-.apps]server.pem"
    16. 

  16. $	else
    17. 

  17. $	    key=p1
    18. 

  18. $	endif
    19. 

  19. $	if p2 .eqs. ""
    20. 

  20. $	then
    21. 

  21. $	    cert="[-.apps]server.pem"
    22. 

  22. $	else
    23. 

  23. $	    cert=p2
    24. 

  24. $	endif
    25. 

  25. $	ssltest = "mcr ''texe_dir'ssltest -key ''key'"+ -
    26. 

  26. 	 " -cert ''cert' -c_key ''key' -c_cert ''cert'"
    27. 

  27. $!
    28. 

  28. $	set noon
    29. 

  29. $	define/user sys$output testssl-x509-output.
    30. 

  30. $	define/user sys$error nla0:
    31. 

  31. $	mcr 'exe_dir'openssl x509 -in 'cert' -text -noout
    32. 

  32. $	define/user sys$error nla0:
    33. 

  33. $	search/output=nla0: testssl-x509-output. "DSA Public Key"/exact
    34. 

  34. $	if $severity .eq. 1
    35. 

  35. $	then
    36. 

  36. $	    dsa_cert = "YES"
    37. 

  37. $	else
    38. 

  38. $	    dsa_cert = "NO"
    39. 

  39. $	endif
    40. 

  40. $	delete testssl-x509-output.;*
    41. 

  41. $
    42. 

  42. $	if p3 .eqs. ""
    43. 

  43. $	then
    44. 

  44. $	    copy/concatenate [-.certs]*.pem certs.tmp
    45. 

  45. $	    CA = """-CAfile"" certs.tmp"
    46. 

  46. $	else
    47. 

  47. $	    CA = """-CAfile"" "+p3
    48. 

  48. $	endif
    49. 

  49. $
    50. 

  50. $!###########################################################################
    51. 

  51. $
    52. 

  52. $	write sys$output "test sslv3"
    53. 

  53. $	'ssltest' -ssl3
    54. 

  54. $	if $severity .ne. 1 then goto exit3
    55. 

  55. $
    56. 

  56. $	write sys$output "test sslv3 with server authentication"
    57. 

  57. $	'ssltest' -ssl3 -server_auth 'CA'
    58. 

  58. $	if $severity .ne. 1 then goto exit3
    59. 

  59. $
    60. 

  60. $	write sys$output "test sslv3 with client authentication"
    61. 

  61. $	'ssltest' -ssl3 -client_auth 'CA'
    62. 

  62. $	if $severity .ne. 1 then goto exit3
    63. 

  63. $
    64. 

  64. $	write sys$output "test sslv3 with both client and server authentication"
    65. 

  65. $	'ssltest' -ssl3 -server_auth -client_auth 'CA'
    66. 

  66. $	if $severity .ne. 1 then goto exit3
    67. 

  67. $
    68. 

  68. $	write sys$output "test sslv2/sslv3"
    69. 

  69. $	'ssltest'
    70. 

  70. $	if $severity .ne. 1 then goto exit3
    71. 

  71. $
    72. 

  72. $	write sys$output "test sslv2/sslv3 with server authentication"
    73. 

  73. $	'ssltest' -server_auth 'CA'
    74. 

  74. $	if $severity .ne. 1 then goto exit3
    75. 

  75. $
    76. 

  76. $	write sys$output "test sslv2/sslv3 with client authentication"
    77. 

  77. $	'ssltest' -client_auth 'CA'
    78. 

  78. $	if $severity .ne. 1 then goto exit3
    79. 

  79. $
    80. 

  80. $	write sys$output "test sslv2/sslv3 with both client and server authentication"
    81. 

  81. $	'ssltest' -server_auth -client_auth 'CA'
    82. 

  82. $	if $severity .ne. 1 then goto exit3
    83. 

  83. $
    84. 

  84. $	write sys$output "test sslv3 via BIO pair"
    85. 

  85. $	'ssltest' -bio_pair -ssl3 
    86. 

  86. $	if $severity .ne. 1 then goto exit3
    87. 

  87. $
    88. 

  88. $	write sys$output "test sslv3 with server authentication via BIO pair"
    89. 

  89. $	'ssltest' -bio_pair -ssl3 -server_auth 'CA' 
    90. 

  90. $	if $severity .ne. 1 then goto exit3
    91. 

  91. $
    92. 

  92. $	write sys$output "test sslv3 with client authentication via BIO pair"
    93. 

  93. $	'ssltest' -bio_pair -ssl3 -client_auth 'CA' 
    94. 

  94. $	if $severity .ne. 1 then goto exit3
    95. 

  95.  
    96. 

  96. $	write sys$output "test sslv3 with both client and server authentication via BIO pair"
    97. 

  97. $	'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA' 
    98. 

  98. $	if $severity .ne. 1 then goto exit3
    99. 

  99. $
    100. 

  100. $	write sys$output "test sslv2/sslv3 via BIO pair"
    101. 

  101. $	'ssltest' 
    102. 

  102. $	if $severity .ne. 1 then goto exit3
    103. 

  103. $
    104. 

  104. $	if .not. dsa_cert
    105. 

  105. $	then
    106. 

  106. $	    write sys$output "test sslv2/sslv3 w/o DHE via BIO pair"
    107. 

  107. $	    'ssltest' -bio_pair -no_dhe
    108. 

  108. $	    if $severity .ne. 1 then goto exit3
    109. 

  109. $	endif
    110. 

  110. $
    111. 

  111. $	write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair"
    112. 

  112. $	'ssltest' -bio_pair -dhe1024dsa -v
    113. 

  113. $	if $severity .ne. 1 then goto exit3
    114. 

  114. $
    115. 

  115. $	write sys$output "test sslv2/sslv3 with server authentication"
    116. 

  116. $	'ssltest' -bio_pair -server_auth 'CA' 
    117. 

  117. $	if $severity .ne. 1 then goto exit3
    118. 

  118. $
    119. 

  119. $	write sys$output "test sslv2/sslv3 with client authentication via BIO pair"
    120. 

  120. $	'ssltest' -bio_pair -client_auth 'CA' 
    121. 

  121. $	if $severity .ne. 1 then goto exit3
    122. 

  122. $
    123. 

  123. $	write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair"
    124. 

  124. $	'ssltest' -bio_pair -server_auth -client_auth 'CA' 
    125. 

  125. $	if $severity .ne. 1 then goto exit3
    126. 

  126. $
    127. 

  127. $!###########################################################################
    128. 

  128. $
    129. 

  129. $	define/user sys$output nla0:
    130. 

  130. $	mcr 'exe_dir'openssl no-rsa
    131. 

  131. $	no_rsa=$SEVERITY
    132. 

  132. $	define/user sys$output nla0:
    133. 

  133. $	mcr 'exe_dir'openssl no-dhparam
    134. 

  134. $	no_dh=$SEVERITY
    135. 

  135. $
    136. 

  136. $	if no_dh
    137. 

  137. $	then
    138. 

  138. $	    write sys$output "skipping anonymous DH tests"
    139. 

  139. $	else
    140. 

  140. $	    write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes"
    141. 

  141. $	    'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time
    142. 

  142. $	    if $severity .ne. 1 then goto exit3
    143. 

  143. $	endif
    144. 

  144. $
    145. 

  145. $	if no_rsa
    146. 

  146. $	then
    147. 

  147. $	    write sys$output "skipping RSA tests"
    148. 

  148. $	else
    149. 

  149. $	    write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes"
    150. 

  150. $	    mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time
    151. 

  151. $	    if $severity .ne. 1 then goto exit3
    152. 

  152. $
    153. 

  153. $	    if no_dh
    154. 

  154. $	    then
    155. 

  155. $		write sys$output "skipping RSA+DHE tests"
    156. 

  156. $	    else
    157. 

  157. $		write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes"
    158. 

  158. $		mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time
    159. 

  159. $		if $severity .ne. 1 then goto exit3
    160. 

  160. $	    endif
    161. 

  161. $	endif
    162. 

  162. $
    163. 

  163. $	RET = 1
    164. 

  164. $	goto exit
    165. 

  165. $ exit3:
    166. 

  166. $	RET = 3
    167. 

  167. $ exit:
    168. 

  168. $	if p3 .eqs. "" then delete certs.tmp;*
    169. 

  169. $	set on
    170. 

  170. $	exit 'RET'
    171.