aboutsummaryrefslogtreecommitdiff
path: root/openssl/test
diff options
context:
space:
mode:
authormarha <marha@users.sourceforge.net>2012-04-10 11:54:31 +0200
committermarha <marha@users.sourceforge.net>2012-04-10 11:54:31 +0200
commit5564e91e3cf4ba5cb2fbebbc2d63d18f588016b8 (patch)
treec800a66664ea3af61eb13928db45a26275930b0b /openssl/test
parentd79e641dea89c0d5d651b11971c4c9e14df34629 (diff)
parent67326634496ef21b4acbf4cef2f05040d34aef9b (diff)
downloadvcxsrv-5564e91e3cf4ba5cb2fbebbc2d63d18f588016b8.tar.gz
vcxsrv-5564e91e3cf4ba5cb2fbebbc2d63d18f588016b8.tar.bz2
vcxsrv-5564e91e3cf4ba5cb2fbebbc2d63d18f588016b8.zip
Merge remote-tracking branch 'origin/released'
Conflicts: openssl/Configure openssl/Makefile openssl/crypto/opensslconf.h openssl/util/mk1mf.pl openssl/util/pl/VC-32.pl
Diffstat (limited to 'openssl/test')
-rw-r--r--openssl/test/CAss.cnf2
-rw-r--r--openssl/test/Makefile43
-rw-r--r--openssl/test/P1ss.cnf2
-rw-r--r--openssl/test/P2ss.cnf2
-rw-r--r--openssl/test/Uss.cnf4
-rw-r--r--openssl/test/evptests.txt13
-rw-r--r--openssl/test/maketests.com4
-rw-r--r--openssl/test/pkits-test.pl9
-rw-r--r--openssl/test/srptest.c1
-rw-r--r--openssl/test/test.cnf2
-rw-r--r--openssl/test/testfipsssl113
-rw-r--r--openssl/test/tests.com11
-rw-r--r--openssl/test/testssl10
13 files changed, 202 insertions, 14 deletions
diff --git a/openssl/test/CAss.cnf b/openssl/test/CAss.cnf
index 20f8f05e3..109bc8c10 100644
--- a/openssl/test/CAss.cnf
+++ b/openssl/test/CAss.cnf
@@ -7,7 +7,7 @@ RANDFILE = ./.rnd
####################################################################
[ req ]
-default_bits = 512
+default_bits = 2048
default_keyfile = keySS.pem
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
diff --git a/openssl/test/Makefile b/openssl/test/Makefile
index 3912f8242..09e684876 100644
--- a/openssl/test/Makefile
+++ b/openssl/test/Makefile
@@ -61,6 +61,7 @@ ENGINETEST= enginetest
EVPTEST= evp_test
IGETEST= igetest
JPAKETEST= jpaketest
+SRPTEST= srptest
ASN1TEST= asn1test
TESTS= alltests
@@ -72,7 +73,7 @@ EXE= $(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT) $(ECDSATEST)$(EXE_EXT) $(ECDHTEST)
$(MDC2TEST)$(EXE_EXT) $(RMDTEST)$(EXE_EXT) \
$(RANDTEST)$(EXE_EXT) $(DHTEST)$(EXE_EXT) $(ENGINETEST)$(EXE_EXT) \
$(BFTEST)$(EXE_EXT) $(CASTTEST)$(EXE_EXT) $(SSLTEST)$(EXE_EXT) $(EXPTEST)$(EXE_EXT) $(DSATEST)$(EXE_EXT) $(RSATEST)$(EXE_EXT) \
- $(EVPTEST)$(EXE_EXT) $(IGETEST)$(EXE_EXT) $(JPAKETEST)$(EXE_EXT) \
+ $(EVPTEST)$(EXE_EXT) $(IGETEST)$(EXE_EXT) $(JPAKETEST)$(EXE_EXT) $(SRPTEST)$(EXE_EXT) \
$(ASN1TEST)$(EXE_EXT)
# $(METHTEST)$(EXE_EXT)
@@ -93,7 +94,7 @@ SRC= $(BNTEST).c $(ECTEST).c $(ECDSATEST).c $(ECDHTEST).c $(IDEATEST).c \
$(DESTEST).c $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
$(RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \
$(BFTEST).c $(SSLTEST).c $(DSATEST).c $(EXPTEST).c $(RSATEST).c \
- $(EVPTEST).c $(IGETEST).c $(JPAKETEST).c $(ASN1TEST).c
+ $(EVPTEST).c $(IGETEST).c $(JPAKETEST).c $(SRPTEST).c $(ASN1TEST).c
EXHEADER=
HEADER= $(EXHEADER)
@@ -136,7 +137,7 @@ alltests: \
test_enc test_x509 test_rsa test_crl test_sid \
test_gen test_req test_pkcs7 test_verify test_dh test_dsa \
test_ss test_ca test_engine test_evp test_ssl test_tsa test_ige \
- test_jpake test_cms
+ test_jpake test_srp test_cms
test_evp:
../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt
@@ -274,6 +275,9 @@ test_engine:
test_ssl: keyU.ss certU.ss certCA.ss certP1.ss keyP1.ss certP2.ss keyP2.ss \
intP1.ss intP2.ss
@echo "test SSL protocol"
+ @if [ -n "$(FIPSCANLIB)" ]; then \
+ sh ./testfipsssl keyU.ss certU.ss certCA.ss; \
+ fi
../util/shlib_wrap.sh ./$(SSLTEST) -test_cipherlist
@sh ./testssl keyU.ss certU.ss certCA.ss
@sh ./testsslproxy keyP1.ss certP1.ss intP1.ss
@@ -310,6 +314,10 @@ test_cms:
@echo "CMS consistency test"
$(PERL) cms-test.pl
+test_srp: $(SRPTEST)$(EXE_EXT)
+ @echo "Test SRP"
+ ../util/shlib_wrap.sh ./srptest
+
lint:
lint -DLINT $(INCLUDES) $(SRC)>fluff
@@ -340,7 +348,19 @@ BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
fi; \
LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \
$(MAKE) -f $(TOP)/Makefile.shared -e \
- APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
+ CC="$${CC}" APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
+ LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
+ link_app.$${shlib_target}
+
+FIPS_BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
+ shlib_target="$(SHLIB_TARGET)"; \
+ fi; \
+ LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \
+ if [ -z "$(SHARED_LIBS)" -a -n "$(FIPSCANLIB)" ] ; then \
+ FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; export CC FIPSLD_CC; \
+ fi; \
+ $(MAKE) -f $(TOP)/Makefile.shared -e \
+ CC="$${CC}" APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
link_app.$${shlib_target}
@@ -423,7 +443,7 @@ $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO)
@target=$(METHTEST); $(BUILD_CMD)
$(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
- @target=$(SSLTEST); $(BUILD_CMD)
+ @target=$(SSLTEST); $(FIPS_BUILD_CMD)
$(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
@target=$(ENGINETEST); $(BUILD_CMD)
@@ -446,6 +466,9 @@ $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO)
$(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO)
@target=$(ASN1TEST); $(BUILD_CMD)
+$(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO)
+ @target=$(SRPTEST); $(BUILD_CMD)
+
#$(AESTEST).o: $(AESTEST).c
# $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
@@ -669,6 +692,13 @@ shatest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
shatest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
shatest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
shatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h shatest.c
+srptest.o: ../include/openssl/bio.h ../include/openssl/bn.h
+srptest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+srptest.o: ../include/openssl/err.h ../include/openssl/lhash.h
+srptest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+srptest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
+srptest.o: ../include/openssl/safestack.h ../include/openssl/srp.h
+srptest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h srptest.c
ssltest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
ssltest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
ssltest.o: ../include/openssl/comp.h ../include/openssl/conf.h
@@ -685,7 +715,8 @@ ssltest.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
ssltest.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
ssltest.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
ssltest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-ssltest.o: ../include/openssl/sha.h ../include/openssl/ssl.h
+ssltest.o: ../include/openssl/sha.h ../include/openssl/srp.h
+ssltest.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
ssltest.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
ssltest.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
ssltest.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
diff --git a/openssl/test/P1ss.cnf b/openssl/test/P1ss.cnf
index 876a0d35f..326cce2ba 100644
--- a/openssl/test/P1ss.cnf
+++ b/openssl/test/P1ss.cnf
@@ -7,7 +7,7 @@ RANDFILE = ./.rnd
####################################################################
[ req ]
-default_bits = 512
+default_bits = 1024
default_keyfile = keySS.pem
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
diff --git a/openssl/test/P2ss.cnf b/openssl/test/P2ss.cnf
index 373a87e7c..8b502321b 100644
--- a/openssl/test/P2ss.cnf
+++ b/openssl/test/P2ss.cnf
@@ -7,7 +7,7 @@ RANDFILE = ./.rnd
####################################################################
[ req ]
-default_bits = 512
+default_bits = 1024
default_keyfile = keySS.pem
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
diff --git a/openssl/test/Uss.cnf b/openssl/test/Uss.cnf
index 0c0ebb5f6..58ac0ca54 100644
--- a/openssl/test/Uss.cnf
+++ b/openssl/test/Uss.cnf
@@ -7,11 +7,11 @@ RANDFILE = ./.rnd
####################################################################
[ req ]
-default_bits = 512
+default_bits = 2048
default_keyfile = keySS.pem
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
-default_md = md2
+default_md = sha256
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
diff --git a/openssl/test/evptests.txt b/openssl/test/evptests.txt
index beb12144b..c273707c1 100644
--- a/openssl/test/evptests.txt
+++ b/openssl/test/evptests.txt
@@ -158,6 +158,19 @@ AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7B
AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:71AB47A086E86EEDF39D1C5BBA97C408:0
AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0126141D67F37BE8538F5A8BE740E484:0
+# AES Counter test vectors from RFC3686
+aes-128-ctr:AE6852F8121067CC4BF7A5765577F39E:00000030000000000000000000000001:53696E676C6520626C6F636B206D7367:E4095D4FB7A7B3792D6175A3261311B8:1
+aes-128-ctr:7E24067817FAE0D743D6CE1F32539163:006CB6DBC0543B59DA48D90B00000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:5104A106168A72D9790D41EE8EDAD388EB2E1EFC46DA57C8FCE630DF9141BE28:1
+aes-128-ctr:7691BE035E5020A8AC6E618529F9A0DC:00E0017B27777F3F4A1786F000000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:C1CF48A89F2FFDD9CF4652E9EFDB72D74540A42BDE6D7836D59A5CEAAEF3105325B2072F:1
+
+aes-192-ctr:16AF5B145FC9F579C175F93E3BFB0EED863D06CCFDB78515:0000004836733C147D6D93CB00000001:53696E676C6520626C6F636B206D7367:4B55384FE259C9C84E7935A003CBE928:1
+aes-192-ctr:7C5CB2401B3DC33C19E7340819E0F69C678C3DB8E6F6A91A:0096B03B020C6EADC2CB500D00000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:453243FC609B23327EDFAAFA7131CD9F8490701C5AD4A79CFC1FE0FF42F4FB00:1
+aes-192-ctr:02BF391EE8ECB159B959617B0965279BF59B60A786D3E0FE:0007BDFD5CBD60278DCC091200000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:96893FC55E5C722F540B7DD1DDF7E758D288BC95C69165884536C811662F2188ABEE0935:1
+
+aes-256-ctr:776BEFF2851DB06F4C8A0542C8696F6C6A81AF1EEC96B4D37FC1D689E6C1C104:00000060DB5672C97AA8F0B200000001:53696E676C6520626C6F636B206D7367:145AD01DBF824EC7560863DC71E3E0C0:1
+aes-256-ctr:F6D66D6BD52D59BB0796365879EFF886C66DD51A5B6A99744B50590C87A23884:00FAAC24C1585EF15A43D87500000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:F05E231B3894612C49EE000B804EB2A9B8306B508F839D6A5530831D9344AF1C:1
+aes-256-ctr:FF7A617CE69148E4F1726E2F43581DE2AA62D9F805532EDFF1EED687FB54153D:001CC5B751A51D70A1C1114800000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:EB6C52821D0BBBF7CE7594462ACA4FAAB407DF866569FD07F48CC0B583D6071F1EC0E6B8:1
+
# DES ECB tests (from destest)
DES-ECB:0000000000000000::0000000000000000:8CA64DE9C1B123A7
diff --git a/openssl/test/maketests.com b/openssl/test/maketests.com
index 386e5cf3c..9b64cba23 100644
--- a/openssl/test/maketests.com
+++ b/openssl/test/maketests.com
@@ -146,7 +146,8 @@ $ TEST_FILES = "BNTEST,ECTEST,ECDSATEST,ECDHTEST,IDEATEST,"+ -
"MDC2TEST,RMDTEST,"+ -
"RANDTEST,DHTEST,ENGINETEST,"+ -
"BFTEST,CASTTEST,SSLTEST,EXPTEST,DSATEST,RSA_TEST,"+ -
- "EVP_TEST,IGETEST,JPAKETEST,ASN1TEST"
+ "EVP_TEST,IGETEST,JPAKETEST,SRPTEST,"+ -
+ "ASN1TEST"
$! Should we add MTTEST,PQ_TEST,LH_TEST,DIVTEST,TABTEST as well?
$!
$! Additional directory information.
@@ -182,6 +183,7 @@ $ T_D_RSA_TEST := [-.crypto.rsa]
$ T_D_EVP_TEST := [-.crypto.evp]
$ T_D_IGETEST := [-.test]
$ T_D_JPAKETEST := [-.crypto.jpake]
+$ T_D_SRPTEST := [-.crypto.srp]
$ T_D_ASN1TEST := [-.test]
$!
$ TCPIP_PROGRAMS = ",,"
diff --git a/openssl/test/pkits-test.pl b/openssl/test/pkits-test.pl
index 69dffa16f..5c6b89fcd 100644
--- a/openssl/test/pkits-test.pl
+++ b/openssl/test/pkits-test.pl
@@ -784,6 +784,15 @@ my $ossl = "ossl/apps/openssl";
my $ossl_cmd = "$ossl_path cms -verify -verify_retcode ";
$ossl_cmd .= "-CAfile pkitsta.pem -crl_check_all -x509_strict ";
+
+# Check for expiry of trust anchor
+system "$ossl_path x509 -inform DER -in $pkitsta -checkend 0";
+if ($? == 256)
+ {
+ print STDERR "WARNING: using older expired data\n";
+ $ossl_cmd .= "-attime 1291940972 ";
+ }
+
$ossl_cmd .= "-policy_check -extended_crl -use_deltas -out /dev/null 2>&1 ";
system "$ossl_path x509 -inform DER -in $pkitsta -out pkitsta.pem";
diff --git a/openssl/test/srptest.c b/openssl/test/srptest.c
new file mode 100644
index 000000000..953486826
--- /dev/null
+++ b/openssl/test/srptest.c
@@ -0,0 +1 @@
+../crypto/srp/srptest.c \ No newline at end of file
diff --git a/openssl/test/test.cnf b/openssl/test/test.cnf
index faad3914a..10834442a 100644
--- a/openssl/test/test.cnf
+++ b/openssl/test/test.cnf
@@ -56,7 +56,7 @@ emailAddress = optional
####################################################################
[ req ]
-default_bits = 512
+default_bits = 1024
default_keyfile = testkey.pem
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
diff --git a/openssl/test/testfipsssl b/openssl/test/testfipsssl
new file mode 100644
index 000000000..c4836edc2
--- /dev/null
+++ b/openssl/test/testfipsssl
@@ -0,0 +1,113 @@
+#!/bin/sh
+
+if [ "$1" = "" ]; then
+ key=../apps/server.pem
+else
+ key="$1"
+fi
+if [ "$2" = "" ]; then
+ cert=../apps/server.pem
+else
+ cert="$2"
+fi
+
+ciphers="DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:EXP1024-DHE-DSS-DES-CBC-SHA:EXP1024-DES-CBC-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA"
+
+ssltest="../util/shlib_wrap.sh ./ssltest -F -key $key -cert $cert -c_key $key -c_cert $cert -cipher $ciphers"
+
+if ../util/shlib_wrap.sh ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
+ dsa_cert=YES
+else
+ dsa_cert=NO
+fi
+
+if [ "$3" = "" ]; then
+ CA="-CApath ../certs"
+else
+ CA="-CAfile $3"
+fi
+
+if [ "$4" = "" ]; then
+ extra=""
+else
+ extra="$4"
+fi
+
+#############################################################################
+
+echo test ssl3 is forbidden in FIPS mode
+$ssltest -ssl3 $extra && exit 1
+
+echo test ssl2 is forbidden in FIPS mode
+$ssltest -ssl2 $extra && exit 1
+
+echo test tls1
+$ssltest -tls1 $extra || exit 1
+
+echo test tls1 with server authentication
+$ssltest -tls1 -server_auth $CA $extra || exit 1
+
+echo test tls1 with client authentication
+$ssltest -tls1 -client_auth $CA $extra || exit 1
+
+echo test tls1 with both client and server authentication
+$ssltest -tls1 -server_auth -client_auth $CA $extra || exit 1
+
+echo test tls1 via BIO pair
+$ssltest -bio_pair -tls1 $extra || exit 1
+
+echo test tls1 with server authentication via BIO pair
+$ssltest -bio_pair -tls1 -server_auth $CA $extra || exit 1
+
+echo test tls1 with client authentication via BIO pair
+$ssltest -bio_pair -tls1 -client_auth $CA $extra || exit 1
+
+echo test tls1 with both client and server authentication via BIO pair
+$ssltest -bio_pair -tls1 -server_auth -client_auth $CA $extra || exit 1
+
+# note that all the below actually choose TLS...
+
+if [ $dsa_cert = NO ]; then
+ echo test sslv2/sslv3 w/o DHE via BIO pair
+ $ssltest -bio_pair -no_dhe $extra || exit 1
+fi
+
+echo test sslv2/sslv3 with 1024bit DHE via BIO pair
+$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
+
+echo test sslv2/sslv3 with server authentication
+$ssltest -bio_pair -server_auth $CA $extra || exit 1
+
+echo test sslv2/sslv3 with client authentication via BIO pair
+$ssltest -bio_pair -client_auth $CA $extra || exit 1
+
+echo test sslv2/sslv3 with both client and server authentication via BIO pair
+$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
+
+echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
+$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
+
+#############################################################################
+
+if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
+ echo skipping anonymous DH tests
+else
+ echo test tls1 with 1024bit anonymous DH, multiple handshakes
+ $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
+fi
+
+if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
+ echo skipping RSA tests
+else
+ echo test tls1 with 1024bit RSA, no DHE, multiple handshakes
+ ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra || exit 1
+
+ if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
+ echo skipping RSA+DHE tests
+ else
+ echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
+ ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
+ fi
+fi
+
+exit 0
diff --git a/openssl/test/tests.com b/openssl/test/tests.com
index 373dd16ea..a840d5078 100644
--- a/openssl/test/tests.com
+++ b/openssl/test/tests.com
@@ -56,7 +56,7 @@ $ tests := -
test_enc,test_x509,test_rsa,test_crl,test_sid,-
test_gen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,-
test_ss,test_ca,test_engine,test_evp,test_ssl,test_tsa,test_ige,-
- test_jpake,test_cms
+ test_jpake,test_srp,test_cms
$ endif
$ tests = f$edit(tests,"COLLAPSE")
$
@@ -68,6 +68,8 @@ $ EXPTEST := exptest
$ IDEATEST := ideatest
$ SHATEST := shatest
$ SHA1TEST := sha1test
+$ SHA256TEST := sha256t
+$ SHA512TEST := sha512t
$ MDC2TEST := mdc2test
$ RMDTEST := rmdtest
$ MD2TEST := md2test
@@ -91,6 +93,7 @@ $ ENGINETEST := enginetest
$ EVPTEST := evp_test
$ IGETEST := igetest
$ JPAKETEST := jpaketest
+$ SRPTEST := srptest
$ ASN1TEST := asn1test
$!
$ tests_i = 0
@@ -114,6 +117,8 @@ $ return
$ test_sha:
$ mcr 'texe_dir''shatest'
$ mcr 'texe_dir''sha1test'
+$ mcr 'texe_dir''sha256test'
+$ mcr 'texe_dir''sha512test'
$ return
$ test_mdc2:
$ mcr 'texe_dir''mdc2test'
@@ -357,6 +362,10 @@ $ ! Define the logical name used to find openssl.exe in the perl script.
$ define /user_mode osslx 'exe_dir'
$ perl CMS-TEST.PL
$ return
+$ test_srp:
+$ write sys$output "Test SRP"
+$ mcr 'texe_dir''srptest'
+$ return
$
$
$ exit:
diff --git a/openssl/test/testssl b/openssl/test/testssl
index b55364ae8..5ae4dc872 100644
--- a/openssl/test/testssl
+++ b/openssl/test/testssl
@@ -148,4 +148,14 @@ $ssltest -tls1 -cipher PSK -psk abc123 $extra || exit 1
echo test tls1 with PSK via BIO pair
$ssltest -bio_pair -tls1 -cipher PSK -psk abc123 $extra || exit 1
+if ../util/shlib_wrap.sh ../apps/openssl no-srp; then
+ echo skipping SRP tests
+else
+ echo test tls1 with SRP
+ $ssltest -tls1 -cipher SRP -srpuser test -srppass abc123
+
+ echo test tls1 with SRP via BIO pair
+ $ssltest -bio_pair -tls1 -cipher SRP -srpuser test -srppass abc123
+fi
+
exit 0