Loading...
Helix SwarmHelix Swarm
Loading...

testssl

  • //
  • guest/
  • robert_cowham/
  • openssl/
  • main/
  • test/
  • testssl #2
  • View
  • Commits
  • Open Download .zip Download (5 KB) 
  1. #!/bin/sh
  2.  
  3. if [ "$1" = "" ]; then
  4.   key=../apps/server.pem
  5. else
  6.   key="$1"
  7. fi
  8. if [ "$2" = "" ]; then
  9.   cert=../apps/server.pem
  10. else
  11.   cert="$2"
  12. fi
  13. ssltest="../util/shlib_wrap.sh ./ssltest -key $key -cert $cert -c_key $key -c_cert $cert"
  14.  
  15. if ../util/shlib_wrap.sh ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
  16.   dsa_cert=YES
  17. else
  18.   dsa_cert=NO
  19. fi
  20.  
  21. if [ "$3" = "" ]; then
  22.   CA="-CApath ../certs"
  23. else
  24.   CA="-CAfile $3"
  25. fi
  26.  
  27. if [ "$4" = "" ]; then
  28.   extra=""
  29. else
  30.   extra="$4"
  31. fi
  32.  
  33. #############################################################################
  34.  
  35. echo test sslv2
  36. $ssltest -ssl2 $extra || exit 1
  37.  
  38. echo test sslv2 with server authentication
  39. $ssltest -ssl2 -server_auth $CA $extra || exit 1
  40.  
  41. if [ $dsa_cert = NO ]; then
  42.   echo test sslv2 with client authentication
  43.   $ssltest -ssl2 -client_auth $CA $extra || exit 1
  44.  
  45.   echo test sslv2 with both client and server authentication
  46.   $ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1
  47. fi
  48.  
  49. echo test sslv3
  50. $ssltest -ssl3 $extra || exit 1
  51.  
  52. echo test sslv3 with server authentication
  53. $ssltest -ssl3 -server_auth $CA $extra || exit 1
  54.  
  55. echo test sslv3 with client authentication
  56. $ssltest -ssl3 -client_auth $CA $extra || exit 1
  57.  
  58. echo test sslv3 with both client and server authentication
  59. $ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1
  60.  
  61. echo test sslv2/sslv3
  62. $ssltest $extra || exit 1
  63.  
  64. echo test sslv2/sslv3 with server authentication
  65. $ssltest -server_auth $CA $extra || exit 1
  66.  
  67. echo test sslv2/sslv3 with client authentication
  68. $ssltest -client_auth $CA $extra || exit 1
  69.  
  70. echo test sslv2/sslv3 with both client and server authentication
  71. $ssltest -server_auth -client_auth $CA $extra || exit 1
  72.  
  73. echo test sslv2 via BIO pair
  74. $ssltest -bio_pair -ssl2 $extra || exit 1
  75.  
  76. echo test sslv2 with server authentication via BIO pair
  77. $ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1
  78.  
  79. if [ $dsa_cert = NO ]; then
  80.   echo test sslv2 with client authentication via BIO pair
  81.   $ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1
  82.  
  83.   echo test sslv2 with both client and server authentication via BIO pair
  84.   $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1
  85. fi
  86.  
  87. echo test sslv3 via BIO pair
  88. $ssltest -bio_pair -ssl3 $extra || exit 1
  89.  
  90. echo test sslv3 with server authentication via BIO pair
  91. $ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1
  92.  
  93. echo test sslv3 with client authentication via BIO pair
  94. $ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1
  95.  
  96. echo test sslv3 with both client and server authentication via BIO pair
  97. $ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1
  98.  
  99. echo test sslv2/sslv3 via BIO pair
  100. $ssltest $extra || exit 1
  101.  
  102. if [ $dsa_cert = NO ]; then
  103.   echo 'test sslv2/sslv3 w/o (EC)DHE via BIO pair'
  104.   $ssltest -bio_pair -no_dhe -no_ecdhe $extra || exit 1
  105. fi
  106.  
  107. echo test sslv2/sslv3 with 1024bit DHE via BIO pair
  108. $ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
  109.  
  110. echo test sslv2/sslv3 with server authentication
  111. $ssltest -bio_pair -server_auth $CA $extra || exit 1
  112.  
  113. echo test sslv2/sslv3 with client authentication via BIO pair
  114. $ssltest -bio_pair -client_auth $CA $extra || exit 1
  115.  
  116. echo test sslv2/sslv3 with both client and server authentication via BIO pair
  117. $ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
  118.  
  119. echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
  120. $ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
  121.  
  122. echo "Testing ciphersuites"
  123. for protocol in TLSv1.2 SSLv3; do
  124.   echo "Testing ciphersuites for $protocol"
  125.   for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do
  126.     echo "Testing $cipher"
  127.     prot=""
  128.     if [ $protocol = "SSLv3" ] ; then
  129.       prot="-ssl3"
  130.     fi
  131.     $ssltest -cipher $cipher $prot
  132.     if [ $? -ne 0 ] ; then
  133. 	  echo "Failed $cipher"
  134. 	  exit 1
  135.     fi
  136.   done
  137. done
  138.  
  139. #############################################################################
  140.  
  141. if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
  142.   echo skipping anonymous DH tests
  143. else
  144.   echo test tls1 with 1024bit anonymous DH, multiple handshakes
  145.   $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
  146. fi
  147.  
  148. if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
  149.   echo skipping RSA tests
  150. else
  151.   echo 'test tls1 with 1024bit RSA, no (EC)DHE, multiple handshakes'
  152.   ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -no_ecdhe -num 10 -f -time $extra || exit 1
  153.  
  154.   if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
  155.     echo skipping RSA+DHE tests
  156.   else
  157.     echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
  158.     ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
  159.   fi
  160. fi
  161.  
  162. echo test tls1 with PSK
  163. $ssltest -tls1 -cipher PSK -psk abc123 $extra || exit 1
  164.  
  165. echo test tls1 with PSK via BIO pair
  166. $ssltest -bio_pair -tls1 -cipher PSK -psk abc123 $extra || exit 1
  167.  
  168. if ../util/shlib_wrap.sh ../apps/openssl no-srp; then
  169.   echo skipping SRP tests
  170. else
  171.   echo test tls1 with SRP
  172.   $ssltest -tls1 -cipher SRP -srpuser test -srppass abc123
  173.  
  174.   echo test tls1 with SRP via BIO pair
  175.   $ssltest -bio_pair -tls1 -cipher SRP -srpuser test -srppass abc123
  176.  
  177.   echo test tls1 with SRP auth
  178.   $ssltest -tls1 -cipher aSRP -srpuser test -srppass abc123
  179.  
  180.   echo test tls1 with SRP auth via BIO pair
  181.   $ssltest -bio_pair -tls1 -cipher aSRP -srpuser test -srppass abc123
  182. fi
  183.  
  184. exit 0
# Change User Description Committed
#2 10712 Robert Cowham OpenSSL 1.0.1j 10 years ago
#1 10711 Robert Cowham OpenSSL 1.0.1i 10 years ago