diff options
Diffstat (limited to 'openssl/Netware/do_tests.pl')
-rw-r--r-- | openssl/Netware/do_tests.pl | 624 |
1 files changed, 624 insertions, 0 deletions
diff --git a/openssl/Netware/do_tests.pl b/openssl/Netware/do_tests.pl new file mode 100644 index 000000000..ac482dbe2 --- /dev/null +++ b/openssl/Netware/do_tests.pl @@ -0,0 +1,624 @@ +# perl script to run OpenSSL tests + + +my $base_path = "\\openssl"; + +my $output_path = "$base_path\\test_out"; +my $cert_path = "$base_path\\certs"; +my $test_path = "$base_path\\test"; +my $app_path = "$base_path\\apps"; + +my $tmp_cert = "$output_path\\cert.tmp"; +my $OpenSSL_config = "$app_path\\openssl.cnf"; +my $log_file = "$output_path\\tests.log"; + +my $pause = 0; + + +# process the command line args to see if they wanted us to pause +# between executing each command +foreach $i (@ARGV) +{ + if ($i =~ /^-p$/) + { $pause=1; } +} + + + +main(); + + +############################################################################ +sub main() +{ + # delete all the output files in the output directory + unlink <$output_path\\*.*>; + + # open the main log file + open(OUT, ">$log_file") || die "unable to open $log_file\n"; + + print( OUT "========================================================\n"); + my $outFile = "$output_path\\version.out"; + system("openssl2 version (CLIB_OPT)/>$outFile"); + log_output("CHECKING FOR OPENSSL VERSION:", $outFile); + + algorithm_tests(); + encryption_tests(); + evp_tests(); + pem_tests(); + verify_tests(); + ca_tests(); + ssl_tests(); + + close(OUT); + + print("\nCompleted running tests.\n\n"); + print("Check log file for errors: $log_file\n"); +} + +############################################################################ +sub algorithm_tests +{ + my $i; + my $outFile; + my @tests = ( rsa_test, destest, ideatest, bftest, bntest, shatest, sha1test, + sha256t, sha512t, dsatest, md2test, md4test, md5test, mdc2test, + rc2test, rc4test, rc5test, randtest, rmdtest, dhtest, ecdhtest, + ecdsatest, ectest, exptest, casttest, hmactest ); + + print( "\nRUNNING CRYPTO ALGORITHM TESTS:\n\n"); + + print( OUT "\n========================================================\n"); + print( OUT "CRYPTO ALGORITHM TESTS:\n\n"); + + foreach $i (@tests) + { + if (-e "$base_path\\$i.nlm") + { + $outFile = "$output_path\\$i.out"; + system("$i (CLIB_OPT)/>$outFile"); + log_desc("Test: $i\.nlm:"); + log_output("", $outFile ); + } + else + { + log_desc("Test: $i\.nlm: file not found"); + } + } +} + +############################################################################ +sub encryption_tests +{ + my $i; + my $outFile; + my @enc_tests = ( "enc", "rc4", "des-cfb", "des-ede-cfb", "des-ede3-cfb", + "des-ofb", "des-ede-ofb", "des-ede3-ofb", + "des-ecb", "des-ede", "des-ede3", "des-cbc", + "des-ede-cbc", "des-ede3-cbc", "idea-ecb", "idea-cfb", + "idea-ofb", "idea-cbc", "rc2-ecb", "rc2-cfb", + "rc2-ofb", "rc2-cbc", "bf-ecb", "bf-cfb", + "bf-ofb", "bf-cbc" ); + + my $input = "$base_path\\do_tests.pl"; + my $cipher = "$output_path\\cipher.out"; + my $clear = "$output_path\\clear.out"; + + print( "\nRUNNING ENCRYPTION & DECRYPTION TESTS:\n\n"); + + print( OUT "\n========================================================\n"); + print( OUT "FILE ENCRYPTION & DECRYPTION TESTS:\n\n"); + + foreach $i (@enc_tests) + { + log_desc("Testing: $i"); + + # do encryption + $outFile = "$output_path\\enc.out"; + system("openssl2 $i -e -bufsize 113 -k test -in $input -out $cipher (CLIB_OPT)/>$outFile" ); + log_output("Encrypting: $input --> $cipher", $outFile); + + # do decryption + $outFile = "$output_path\\dec.out"; + system("openssl2 $i -d -bufsize 157 -k test -in $cipher -out $clear (CLIB_OPT)/>$outFile"); + log_output("Decrypting: $cipher --> $clear", $outFile); + + # compare files + $x = compare_files( $input, $clear, 1); + if ( $x == 0 ) + { + print( "\rSUCCESS - files match: $input, $clear\n"); + print( OUT "SUCCESS - files match: $input, $clear\n"); + } + else + { + print( "\rERROR: files don't match\n"); + print( OUT "ERROR: files don't match\n"); + } + + do_wait(); + + # Now do the same encryption but use Base64 + + # do encryption B64 + $outFile = "$output_path\\B64enc.out"; + system("openssl2 $i -a -e -bufsize 113 -k test -in $input -out $cipher (CLIB_OPT)/>$outFile"); + log_output("Encrypting(B64): $cipher --> $clear", $outFile); + + # do decryption B64 + $outFile = "$output_path\\B64dec.out"; + system("openssl2 $i -a -d -bufsize 157 -k test -in $cipher -out $clear (CLIB_OPT)/>$outFile"); + log_output("Decrypting(B64): $cipher --> $clear", $outFile); + + # compare files + $x = compare_files( $input, $clear, 1); + if ( $x == 0 ) + { + print( "\rSUCCESS - files match: $input, $clear\n"); + print( OUT "SUCCESS - files match: $input, $clear\n"); + } + else + { + print( "\rERROR: files don't match\n"); + print( OUT "ERROR: files don't match\n"); + } + + do_wait(); + + } # end foreach + + # delete the temporary files + unlink($cipher); + unlink($clear); +} + + +############################################################################ +sub pem_tests +{ + my $i; + my $tmp_out; + my $outFile = "$output_path\\pem.out"; + + my %pem_tests = ( + "crl" => "testcrl.pem", + "pkcs7" => "testp7.pem", + "req" => "testreq2.pem", + "rsa" => "testrsa.pem", + "x509" => "testx509.pem", + "x509" => "v3-cert1.pem", + "sess_id" => "testsid.pem" ); + + + print( "\nRUNNING PEM TESTS:\n\n"); + + print( OUT "\n========================================================\n"); + print( OUT "PEM TESTS:\n\n"); + + foreach $i (keys(%pem_tests)) + { + log_desc( "Testing: $i"); + + my $input = "$test_path\\$pem_tests{$i}"; + + $tmp_out = "$output_path\\$pem_tests{$i}"; + + if ($i ne "req" ) + { + system("openssl2 $i -in $input -out $tmp_out (CLIB_OPT)/>$outFile"); + log_output( "openssl2 $i -in $input -out $tmp_out", $outFile); + } + else + { + system("openssl2 $i -in $input -out $tmp_out -config $OpenSSL_config (CLIB_OPT)/>$outFile"); + log_output( "openssl2 $i -in $input -out $tmp_out -config $OpenSSL_config", $outFile ); + } + + $x = compare_files( $input, $tmp_out); + if ( $x == 0 ) + { + print( "\rSUCCESS - files match: $input, $tmp_out\n"); + print( OUT "SUCCESS - files match: $input, $tmp_out\n"); + } + else + { + print( "\rERROR: files don't match\n"); + print( OUT "ERROR: files don't match\n"); + } + do_wait(); + + } # end foreach +} + + +############################################################################ +sub verify_tests +{ + my $i; + my $outFile = "$output_path\\verify.out"; + + $cert_path =~ s/\\/\//g; + my @cert_files = <$cert_path/*.pem>; + + print( "\nRUNNING VERIFY TESTS:\n\n"); + + print( OUT "\n========================================================\n"); + print( OUT "VERIFY TESTS:\n\n"); + + make_tmp_cert_file(); + + foreach $i (@cert_files) + { + system("openssl2 verify -CAfile $tmp_cert $i (CLIB_OPT)/>$outFile"); + log_desc("Verifying cert: $i"); + log_output("openssl2 verify -CAfile $tmp_cert $i", $outFile); + } +} + + +############################################################################ +sub ssl_tests +{ + my $outFile = "$output_path\\ssl_tst.out"; + my($CAcert) = "$output_path\\certCA.ss"; + my($Ukey) = "$output_path\\keyU.ss"; + my($Ucert) = "$output_path\\certU.ss"; + my($ssltest)= "ssltest -key $Ukey -cert $Ucert -c_key $Ukey -c_cert $Ucert -CAfile $CAcert"; + + print( "\nRUNNING SSL TESTS:\n\n"); + + print( OUT "\n========================================================\n"); + print( OUT "SSL TESTS:\n\n"); + + system("ssltest -ssl2 (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2:"); + log_output("ssltest -ssl2", $outFile); + + system("$ssltest -ssl2 -server_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2 with server authentication:"); + log_output("$ssltest -ssl2 -server_auth", $outFile); + + system("$ssltest -ssl2 -client_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2 with client authentication:"); + log_output("$ssltest -ssl2 -client_auth", $outFile); + + system("$ssltest -ssl2 -server_auth -client_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2 with both client and server authentication:"); + log_output("$ssltest -ssl2 -server_auth -client_auth", $outFile); + + system("ssltest -ssl3 (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv3:"); + log_output("ssltest -ssl3", $outFile); + + system("$ssltest -ssl3 -server_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv3 with server authentication:"); + log_output("$ssltest -ssl3 -server_auth", $outFile); + + system("$ssltest -ssl3 -client_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv3 with client authentication:"); + log_output("$ssltest -ssl3 -client_auth", $outFile); + + system("$ssltest -ssl3 -server_auth -client_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv3 with both client and server authentication:"); + log_output("$ssltest -ssl3 -server_auth -client_auth", $outFile); + + system("ssltest (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2/sslv3:"); + log_output("ssltest", $outFile); + + system("$ssltest -server_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2/sslv3 with server authentication:"); + log_output("$ssltest -server_auth", $outFile); + + system("$ssltest -client_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2/sslv3 with client authentication:"); + log_output("$ssltest -client_auth ", $outFile); + + system("$ssltest -server_auth -client_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2/sslv3 with both client and server authentication:"); + log_output("$ssltest -server_auth -client_auth", $outFile); + + system("ssltest -bio_pair -ssl2 (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2 via BIO pair:"); + log_output("ssltest -bio_pair -ssl2", $outFile); + + system("ssltest -bio_pair -dhe1024dsa -v (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2/sslv3 with 1024 bit DHE via BIO pair:"); + log_output("ssltest -bio_pair -dhe1024dsa -v", $outFile); + + system("$ssltest -bio_pair -ssl2 -server_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2 with server authentication via BIO pair:"); + log_output("$ssltest -bio_pair -ssl2 -server_auth", $outFile); + + system("$ssltest -bio_pair -ssl2 -client_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2 with client authentication via BIO pair:"); + log_output("$ssltest -bio_pair -ssl2 -client_auth", $outFile); + + system("$ssltest -bio_pair -ssl2 -server_auth -client_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2 with both client and server authentication via BIO pair:"); + log_output("$ssltest -bio_pair -ssl2 -server_auth -client_auth", $outFile); + + system("ssltest -bio_pair -ssl3 (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv3 via BIO pair:"); + log_output("ssltest -bio_pair -ssl3", $outFile); + + system("$ssltest -bio_pair -ssl3 -server_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv3 with server authentication via BIO pair:"); + log_output("$ssltest -bio_pair -ssl3 -server_auth", $outFile); + + system("$ssltest -bio_pair -ssl3 -client_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv3 with client authentication via BIO pair:"); + log_output("$ssltest -bio_pair -ssl3 -client_auth", $outFile); + + system("$ssltest -bio_pair -ssl3 -server_auth -client_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv3 with both client and server authentication via BIO pair:"); + log_output("$ssltest -bio_pair -ssl3 -server_auth -client_auth", $outFile); + + system("ssltest -bio_pair (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2/sslv3 via BIO pair:"); + log_output("ssltest -bio_pair", $outFile); + + system("$ssltest -bio_pair -server_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2/sslv3 with server authentication via BIO pair:"); + log_output("$ssltest -bio_pair -server_auth", $outFile); + + system("$ssltest -bio_pair -client_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2/sslv3 with client authentication via BIO pair:"); + log_output("$ssltest -bio_pair -client_auth", $outFile); + + system("$ssltest -bio_pair -server_auth -client_auth (CLIB_OPT)/>$outFile"); + log_desc("Testing sslv2/sslv3 with both client and server authentication via BIO pair:"); + log_output("$ssltest -bio_pair -server_auth -client_auth", $outFile); +} + + +############################################################################ +sub ca_tests +{ + my $outFile = "$output_path\\ca_tst.out"; + + my($CAkey) = "$output_path\\keyCA.ss"; + my($CAcert) = "$output_path\\certCA.ss"; + my($CAserial) = "$output_path\\certCA.srl"; + my($CAreq) = "$output_path\\reqCA.ss"; + my($CAreq2) = "$output_path\\req2CA.ss"; + + my($CAconf) = "$test_path\\CAss.cnf"; + + my($Uconf) = "$test_path\\Uss.cnf"; + + my($Ukey) = "$output_path\\keyU.ss"; + my($Ureq) = "$output_path\\reqU.ss"; + my($Ucert) = "$output_path\\certU.ss"; + + print( "\nRUNNING CA TESTS:\n\n"); + + print( OUT "\n========================================================\n"); + print( OUT "CA TESTS:\n"); + + system("openssl2 req -config $CAconf -out $CAreq -keyout $CAkey -new (CLIB_OPT)/>$outFile"); + log_desc("Make a certificate request using req:"); + log_output("openssl2 req -config $CAconf -out $CAreq -keyout $CAkey -new", $outFile); + + system("openssl2 x509 -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey (CLIB_OPT)/>$outFile"); + log_desc("Convert the certificate request into a self signed certificate using x509:"); + log_output("openssl2 x509 -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey", $outFile); + + system("openssl2 x509 -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 (CLIB_OPT)/>$outFile"); + log_desc("Convert a certificate into a certificate request using 'x509':"); + log_output("openssl2 x509 -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2", $outFile); + + system("openssl2 req -config $OpenSSL_config -verify -in $CAreq -noout (CLIB_OPT)/>$outFile"); + log_output("openssl2 req -config $OpenSSL_config -verify -in $CAreq -noout", $outFile); + + system("openssl2 req -config $OpenSSL_config -verify -in $CAreq2 -noout (CLIB_OPT)/>$outFile"); + log_output( "openssl2 req -config $OpenSSL_config -verify -in $CAreq2 -noout", $outFile); + + system("openssl2 verify -CAfile $CAcert $CAcert (CLIB_OPT)/>$outFile"); + log_output("openssl2 verify -CAfile $CAcert $CAcert", $outFile); + + system("openssl2 req -config $Uconf -out $Ureq -keyout $Ukey -new (CLIB_OPT)/>$outFile"); + log_desc("Make another certificate request using req:"); + log_output("openssl2 req -config $Uconf -out $Ureq -keyout $Ukey -new", $outFile); + + system("openssl2 x509 -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial (CLIB_OPT)/>$outFile"); + log_desc("Sign certificate request with the just created CA via x509:"); + log_output("openssl2 x509 -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial", $outFile); + + system("openssl2 verify -CAfile $CAcert $Ucert (CLIB_OPT)/>$outFile"); + log_output("openssl2 verify -CAfile $CAcert $Ucert", $outFile); + + system("openssl2 x509 -subject -issuer -startdate -enddate -noout -in $Ucert (CLIB_OPT)/>$outFile"); + log_desc("Certificate details"); + log_output("openssl2 x509 -subject -issuer -startdate -enddate -noout -in $Ucert", $outFile); + + print(OUT "--\n"); + print(OUT "The generated CA certificate is $CAcert\n"); + print(OUT "The generated CA private key is $CAkey\n"); + print(OUT "The current CA signing serial number is in $CAserial\n"); + + print(OUT "The generated user certificate is $Ucert\n"); + print(OUT "The generated user private key is $Ukey\n"); + print(OUT "--\n"); +} + +############################################################################ +sub evp_tests +{ + my $i = 'evp_test'; + + print( "\nRUNNING EVP TESTS:\n\n"); + + print( OUT "\n========================================================\n"); + print( OUT "EVP TESTS:\n\n"); + + if (-e "$base_path\\$i.nlm") + { + my $outFile = "$output_path\\$i.out"; + system("$i $test_path\\evptests.txt (CLIB_OPT)/>$outFile"); + log_desc("Test: $i\.nlm:"); + log_output("", $outFile ); + } + else + { + log_desc("Test: $i\.nlm: file not found"); + } +} + +############################################################################ +sub log_output( $ $ ) +{ + my( $desc, $file ) = @_; + my($error) = 0; + my($key); + my($msg); + + if ($desc) + { + print("\r$desc\n"); + print(OUT "$desc\n"); + } + + # loop waiting for test program to complete + while ( stat($file) == 0) + { print(". "); sleep(1); } + + + # copy test output to log file + open(IN, "<$file"); + while (<IN>) + { + print(OUT $_); + if ( $_ =~ /ERROR/ ) + { + $error = 1; + } + } + # close and delete the temporary test output file + close(IN); + unlink($file); + + if ( $error == 0 ) + { + $msg = "Test Succeeded"; + } + else + { + $msg = "Test Failed"; + } + + print(OUT "$msg\n"); + + if ($pause) + { + print("$msg - press ENTER to continue..."); + $key = getc; + print("\n"); + } + + # Several of the testing scripts run a loop loading the + # same NLM with different options. + # On slow NetWare machines there appears to be some delay in the + # OS actually unloading the test nlms and the OS complains about. + # the NLM already being loaded. This additional pause is to + # to help provide a little more time for unloading before trying to + # load again. + sleep(1); +} + + +############################################################################ +sub log_desc( $ ) +{ + my( $desc ) = @_; + + print("\n"); + print("$desc\n"); + + print(OUT "\n"); + print(OUT "$desc\n"); + print(OUT "======================================\n"); +} + +############################################################################ +sub compare_files( $ $ $ ) +{ + my( $file1, $file2, $binary ) = @_; + my( $n1, $n2, $b1, $b2 ); + my($ret) = 1; + + open(IN0, $file1) || die "\nunable to open $file1\n"; + open(IN1, $file2) || die "\nunable to open $file2\n"; + + if ($binary) + { + binmode IN0; + binmode IN1; + } + + for (;;) + { + $n1 = read(IN0, $b1, 512); + $n2 = read(IN1, $b2, 512); + + if ($n1 != $n2) {last;} + if ($b1 != $b2) {last;} + + if ($n1 == 0) + { + $ret = 0; + last; + } + } + close(IN0); + close(IN1); + return($ret); +} + +############################################################################ +sub do_wait() +{ + my($key); + + if ($pause) + { + print("Press ENTER to continue..."); + $key = getc; + print("\n"); + } +} + + +############################################################################ +sub make_tmp_cert_file() +{ + my @cert_files = <$cert_path/*.pem>; + + # delete the file if it already exists + unlink($tmp_cert); + + open( TMP_CERT, ">$tmp_cert") || die "\nunable to open $tmp_cert\n"; + + print("building temporary cert file\n"); + + # create a temporary cert file that contains all the certs + foreach $i (@cert_files) + { + open( IN_CERT, $i ) || die "\nunable to open $i\n"; + + for(;;) + { + $n = sysread(IN_CERT, $data, 1024); + + if ($n == 0) + { + close(IN_CERT); + last; + }; + + syswrite(TMP_CERT, $data, $n); + } + } + + close( TMP_CERT ); +} |