diff options
Diffstat (limited to 'openssl/test')
-rw-r--r-- | openssl/test/CAss.cnf | 2 | ||||
-rw-r--r-- | openssl/test/Makefile | 43 | ||||
-rw-r--r-- | openssl/test/P1ss.cnf | 2 | ||||
-rw-r--r-- | openssl/test/P2ss.cnf | 2 | ||||
-rw-r--r-- | openssl/test/Uss.cnf | 4 | ||||
-rw-r--r-- | openssl/test/evptests.txt | 13 | ||||
-rw-r--r-- | openssl/test/maketests.com | 4 | ||||
-rw-r--r-- | openssl/test/pkits-test.pl | 9 | ||||
-rw-r--r-- | openssl/test/srptest.c | 1 | ||||
-rw-r--r-- | openssl/test/test.cnf | 2 | ||||
-rw-r--r-- | openssl/test/testfipsssl | 113 | ||||
-rw-r--r-- | openssl/test/tests.com | 11 | ||||
-rw-r--r-- | openssl/test/testssl | 10 |
13 files changed, 202 insertions, 14 deletions
diff --git a/openssl/test/CAss.cnf b/openssl/test/CAss.cnf index 20f8f05e3..109bc8c10 100644 --- a/openssl/test/CAss.cnf +++ b/openssl/test/CAss.cnf @@ -7,7 +7,7 @@ RANDFILE = ./.rnd #################################################################### [ req ] -default_bits = 512 +default_bits = 2048 default_keyfile = keySS.pem distinguished_name = req_distinguished_name encrypt_rsa_key = no diff --git a/openssl/test/Makefile b/openssl/test/Makefile index 3912f8242..09e684876 100644 --- a/openssl/test/Makefile +++ b/openssl/test/Makefile @@ -61,6 +61,7 @@ ENGINETEST= enginetest EVPTEST= evp_test IGETEST= igetest JPAKETEST= jpaketest +SRPTEST= srptest ASN1TEST= asn1test TESTS= alltests @@ -72,7 +73,7 @@ EXE= $(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT) $(ECDSATEST)$(EXE_EXT) $(ECDHTEST) $(MDC2TEST)$(EXE_EXT) $(RMDTEST)$(EXE_EXT) \ $(RANDTEST)$(EXE_EXT) $(DHTEST)$(EXE_EXT) $(ENGINETEST)$(EXE_EXT) \ $(BFTEST)$(EXE_EXT) $(CASTTEST)$(EXE_EXT) $(SSLTEST)$(EXE_EXT) $(EXPTEST)$(EXE_EXT) $(DSATEST)$(EXE_EXT) $(RSATEST)$(EXE_EXT) \ - $(EVPTEST)$(EXE_EXT) $(IGETEST)$(EXE_EXT) $(JPAKETEST)$(EXE_EXT) \ + $(EVPTEST)$(EXE_EXT) $(IGETEST)$(EXE_EXT) $(JPAKETEST)$(EXE_EXT) $(SRPTEST)$(EXE_EXT) \ $(ASN1TEST)$(EXE_EXT) # $(METHTEST)$(EXE_EXT) @@ -93,7 +94,7 @@ SRC= $(BNTEST).c $(ECTEST).c $(ECDSATEST).c $(ECDHTEST).c $(IDEATEST).c \ $(DESTEST).c $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \ $(RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \ $(BFTEST).c $(SSLTEST).c $(DSATEST).c $(EXPTEST).c $(RSATEST).c \ - $(EVPTEST).c $(IGETEST).c $(JPAKETEST).c $(ASN1TEST).c + $(EVPTEST).c $(IGETEST).c $(JPAKETEST).c $(SRPTEST).c $(ASN1TEST).c EXHEADER= HEADER= $(EXHEADER) @@ -136,7 +137,7 @@ alltests: \ test_enc test_x509 test_rsa test_crl test_sid \ test_gen test_req test_pkcs7 test_verify test_dh test_dsa \ test_ss test_ca test_engine test_evp test_ssl test_tsa test_ige \ - test_jpake test_cms + test_jpake test_srp test_cms test_evp: ../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt @@ -274,6 +275,9 @@ test_engine: test_ssl: keyU.ss certU.ss certCA.ss certP1.ss keyP1.ss certP2.ss keyP2.ss \ intP1.ss intP2.ss @echo "test SSL protocol" + @if [ -n "$(FIPSCANLIB)" ]; then \ + sh ./testfipsssl keyU.ss certU.ss certCA.ss; \ + fi ../util/shlib_wrap.sh ./$(SSLTEST) -test_cipherlist @sh ./testssl keyU.ss certU.ss certCA.ss @sh ./testsslproxy keyP1.ss certP1.ss intP1.ss @@ -310,6 +314,10 @@ test_cms: @echo "CMS consistency test" $(PERL) cms-test.pl +test_srp: $(SRPTEST)$(EXE_EXT) + @echo "Test SRP" + ../util/shlib_wrap.sh ./srptest + lint: lint -DLINT $(INCLUDES) $(SRC)>fluff @@ -340,7 +348,19 @@ BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \ fi; \ LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \ $(MAKE) -f $(TOP)/Makefile.shared -e \ - APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \ + CC="$${CC}" APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \ + LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \ + link_app.$${shlib_target} + +FIPS_BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \ + shlib_target="$(SHLIB_TARGET)"; \ + fi; \ + LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \ + if [ -z "$(SHARED_LIBS)" -a -n "$(FIPSCANLIB)" ] ; then \ + FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; export CC FIPSLD_CC; \ + fi; \ + $(MAKE) -f $(TOP)/Makefile.shared -e \ + CC="$${CC}" APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \ LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \ link_app.$${shlib_target} @@ -423,7 +443,7 @@ $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO) @target=$(METHTEST); $(BUILD_CMD) $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) - @target=$(SSLTEST); $(BUILD_CMD) + @target=$(SSLTEST); $(FIPS_BUILD_CMD) $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO) @target=$(ENGINETEST); $(BUILD_CMD) @@ -446,6 +466,9 @@ $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO) $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO) @target=$(ASN1TEST); $(BUILD_CMD) +$(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO) + @target=$(SRPTEST); $(BUILD_CMD) + #$(AESTEST).o: $(AESTEST).c # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c @@ -669,6 +692,13 @@ shatest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h shatest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h shatest.o: ../include/openssl/safestack.h ../include/openssl/sha.h shatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h shatest.c +srptest.o: ../include/openssl/bio.h ../include/openssl/bn.h +srptest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +srptest.o: ../include/openssl/err.h ../include/openssl/lhash.h +srptest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +srptest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h +srptest.o: ../include/openssl/safestack.h ../include/openssl/srp.h +srptest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h srptest.c ssltest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ssltest.o: ../include/openssl/bn.h ../include/openssl/buffer.h ssltest.o: ../include/openssl/comp.h ../include/openssl/conf.h @@ -685,7 +715,8 @@ ssltest.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h ssltest.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h ssltest.o: ../include/openssl/pqueue.h ../include/openssl/rand.h ssltest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -ssltest.o: ../include/openssl/sha.h ../include/openssl/ssl.h +ssltest.o: ../include/openssl/sha.h ../include/openssl/srp.h +ssltest.o: ../include/openssl/srtp.h ../include/openssl/ssl.h ssltest.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h ssltest.o: ../include/openssl/ssl3.h ../include/openssl/stack.h ssltest.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h diff --git a/openssl/test/P1ss.cnf b/openssl/test/P1ss.cnf index 876a0d35f..326cce2ba 100644 --- a/openssl/test/P1ss.cnf +++ b/openssl/test/P1ss.cnf @@ -7,7 +7,7 @@ RANDFILE = ./.rnd #################################################################### [ req ] -default_bits = 512 +default_bits = 1024 default_keyfile = keySS.pem distinguished_name = req_distinguished_name encrypt_rsa_key = no diff --git a/openssl/test/P2ss.cnf b/openssl/test/P2ss.cnf index 373a87e7c..8b502321b 100644 --- a/openssl/test/P2ss.cnf +++ b/openssl/test/P2ss.cnf @@ -7,7 +7,7 @@ RANDFILE = ./.rnd #################################################################### [ req ] -default_bits = 512 +default_bits = 1024 default_keyfile = keySS.pem distinguished_name = req_distinguished_name encrypt_rsa_key = no diff --git a/openssl/test/Uss.cnf b/openssl/test/Uss.cnf index 0c0ebb5f6..58ac0ca54 100644 --- a/openssl/test/Uss.cnf +++ b/openssl/test/Uss.cnf @@ -7,11 +7,11 @@ RANDFILE = ./.rnd #################################################################### [ req ] -default_bits = 512 +default_bits = 2048 default_keyfile = keySS.pem distinguished_name = req_distinguished_name encrypt_rsa_key = no -default_md = md2 +default_md = sha256 [ req_distinguished_name ] countryName = Country Name (2 letter code) diff --git a/openssl/test/evptests.txt b/openssl/test/evptests.txt index beb12144b..c273707c1 100644 --- a/openssl/test/evptests.txt +++ b/openssl/test/evptests.txt @@ -158,6 +158,19 @@ AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7B AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:71AB47A086E86EEDF39D1C5BBA97C408:0 AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0126141D67F37BE8538F5A8BE740E484:0 +# AES Counter test vectors from RFC3686 +aes-128-ctr:AE6852F8121067CC4BF7A5765577F39E:00000030000000000000000000000001:53696E676C6520626C6F636B206D7367:E4095D4FB7A7B3792D6175A3261311B8:1 +aes-128-ctr:7E24067817FAE0D743D6CE1F32539163:006CB6DBC0543B59DA48D90B00000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:5104A106168A72D9790D41EE8EDAD388EB2E1EFC46DA57C8FCE630DF9141BE28:1 +aes-128-ctr:7691BE035E5020A8AC6E618529F9A0DC:00E0017B27777F3F4A1786F000000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:C1CF48A89F2FFDD9CF4652E9EFDB72D74540A42BDE6D7836D59A5CEAAEF3105325B2072F:1 + +aes-192-ctr:16AF5B145FC9F579C175F93E3BFB0EED863D06CCFDB78515:0000004836733C147D6D93CB00000001:53696E676C6520626C6F636B206D7367:4B55384FE259C9C84E7935A003CBE928:1 +aes-192-ctr:7C5CB2401B3DC33C19E7340819E0F69C678C3DB8E6F6A91A:0096B03B020C6EADC2CB500D00000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:453243FC609B23327EDFAAFA7131CD9F8490701C5AD4A79CFC1FE0FF42F4FB00:1 +aes-192-ctr:02BF391EE8ECB159B959617B0965279BF59B60A786D3E0FE:0007BDFD5CBD60278DCC091200000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:96893FC55E5C722F540B7DD1DDF7E758D288BC95C69165884536C811662F2188ABEE0935:1 + +aes-256-ctr:776BEFF2851DB06F4C8A0542C8696F6C6A81AF1EEC96B4D37FC1D689E6C1C104:00000060DB5672C97AA8F0B200000001:53696E676C6520626C6F636B206D7367:145AD01DBF824EC7560863DC71E3E0C0:1 +aes-256-ctr:F6D66D6BD52D59BB0796365879EFF886C66DD51A5B6A99744B50590C87A23884:00FAAC24C1585EF15A43D87500000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:F05E231B3894612C49EE000B804EB2A9B8306B508F839D6A5530831D9344AF1C:1 +aes-256-ctr:FF7A617CE69148E4F1726E2F43581DE2AA62D9F805532EDFF1EED687FB54153D:001CC5B751A51D70A1C1114800000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:EB6C52821D0BBBF7CE7594462ACA4FAAB407DF866569FD07F48CC0B583D6071F1EC0E6B8:1 + # DES ECB tests (from destest) DES-ECB:0000000000000000::0000000000000000:8CA64DE9C1B123A7 diff --git a/openssl/test/maketests.com b/openssl/test/maketests.com index 386e5cf3c..9b64cba23 100644 --- a/openssl/test/maketests.com +++ b/openssl/test/maketests.com @@ -146,7 +146,8 @@ $ TEST_FILES = "BNTEST,ECTEST,ECDSATEST,ECDHTEST,IDEATEST,"+ - "MDC2TEST,RMDTEST,"+ - "RANDTEST,DHTEST,ENGINETEST,"+ - "BFTEST,CASTTEST,SSLTEST,EXPTEST,DSATEST,RSA_TEST,"+ - - "EVP_TEST,IGETEST,JPAKETEST,ASN1TEST" + "EVP_TEST,IGETEST,JPAKETEST,SRPTEST,"+ - + "ASN1TEST" $! Should we add MTTEST,PQ_TEST,LH_TEST,DIVTEST,TABTEST as well? $! $! Additional directory information. @@ -182,6 +183,7 @@ $ T_D_RSA_TEST := [-.crypto.rsa] $ T_D_EVP_TEST := [-.crypto.evp] $ T_D_IGETEST := [-.test] $ T_D_JPAKETEST := [-.crypto.jpake] +$ T_D_SRPTEST := [-.crypto.srp] $ T_D_ASN1TEST := [-.test] $! $ TCPIP_PROGRAMS = ",," diff --git a/openssl/test/pkits-test.pl b/openssl/test/pkits-test.pl index 69dffa16f..5c6b89fcd 100644 --- a/openssl/test/pkits-test.pl +++ b/openssl/test/pkits-test.pl @@ -784,6 +784,15 @@ my $ossl = "ossl/apps/openssl"; my $ossl_cmd = "$ossl_path cms -verify -verify_retcode "; $ossl_cmd .= "-CAfile pkitsta.pem -crl_check_all -x509_strict "; + +# Check for expiry of trust anchor +system "$ossl_path x509 -inform DER -in $pkitsta -checkend 0"; +if ($? == 256) + { + print STDERR "WARNING: using older expired data\n"; + $ossl_cmd .= "-attime 1291940972 "; + } + $ossl_cmd .= "-policy_check -extended_crl -use_deltas -out /dev/null 2>&1 "; system "$ossl_path x509 -inform DER -in $pkitsta -out pkitsta.pem"; diff --git a/openssl/test/srptest.c b/openssl/test/srptest.c new file mode 100644 index 000000000..953486826 --- /dev/null +++ b/openssl/test/srptest.c @@ -0,0 +1 @@ +../crypto/srp/srptest.c
\ No newline at end of file diff --git a/openssl/test/test.cnf b/openssl/test/test.cnf index faad3914a..10834442a 100644 --- a/openssl/test/test.cnf +++ b/openssl/test/test.cnf @@ -56,7 +56,7 @@ emailAddress = optional #################################################################### [ req ] -default_bits = 512 +default_bits = 1024 default_keyfile = testkey.pem distinguished_name = req_distinguished_name encrypt_rsa_key = no diff --git a/openssl/test/testfipsssl b/openssl/test/testfipsssl new file mode 100644 index 000000000..c4836edc2 --- /dev/null +++ b/openssl/test/testfipsssl @@ -0,0 +1,113 @@ +#!/bin/sh + +if [ "$1" = "" ]; then + key=../apps/server.pem +else + key="$1" +fi +if [ "$2" = "" ]; then + cert=../apps/server.pem +else + cert="$2" +fi + +ciphers="DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:EXP1024-DHE-DSS-DES-CBC-SHA:EXP1024-DES-CBC-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA" + +ssltest="../util/shlib_wrap.sh ./ssltest -F -key $key -cert $cert -c_key $key -c_cert $cert -cipher $ciphers" + +if ../util/shlib_wrap.sh ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then + dsa_cert=YES +else + dsa_cert=NO +fi + +if [ "$3" = "" ]; then + CA="-CApath ../certs" +else + CA="-CAfile $3" +fi + +if [ "$4" = "" ]; then + extra="" +else + extra="$4" +fi + +############################################################################# + +echo test ssl3 is forbidden in FIPS mode +$ssltest -ssl3 $extra && exit 1 + +echo test ssl2 is forbidden in FIPS mode +$ssltest -ssl2 $extra && exit 1 + +echo test tls1 +$ssltest -tls1 $extra || exit 1 + +echo test tls1 with server authentication +$ssltest -tls1 -server_auth $CA $extra || exit 1 + +echo test tls1 with client authentication +$ssltest -tls1 -client_auth $CA $extra || exit 1 + +echo test tls1 with both client and server authentication +$ssltest -tls1 -server_auth -client_auth $CA $extra || exit 1 + +echo test tls1 via BIO pair +$ssltest -bio_pair -tls1 $extra || exit 1 + +echo test tls1 with server authentication via BIO pair +$ssltest -bio_pair -tls1 -server_auth $CA $extra || exit 1 + +echo test tls1 with client authentication via BIO pair +$ssltest -bio_pair -tls1 -client_auth $CA $extra || exit 1 + +echo test tls1 with both client and server authentication via BIO pair +$ssltest -bio_pair -tls1 -server_auth -client_auth $CA $extra || exit 1 + +# note that all the below actually choose TLS... + +if [ $dsa_cert = NO ]; then + echo test sslv2/sslv3 w/o DHE via BIO pair + $ssltest -bio_pair -no_dhe $extra || exit 1 +fi + +echo test sslv2/sslv3 with 1024bit DHE via BIO pair +$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1 + +echo test sslv2/sslv3 with server authentication +$ssltest -bio_pair -server_auth $CA $extra || exit 1 + +echo test sslv2/sslv3 with client authentication via BIO pair +$ssltest -bio_pair -client_auth $CA $extra || exit 1 + +echo test sslv2/sslv3 with both client and server authentication via BIO pair +$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1 + +echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify +$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1 + +############################################################################# + +if ../util/shlib_wrap.sh ../apps/openssl no-dh; then + echo skipping anonymous DH tests +else + echo test tls1 with 1024bit anonymous DH, multiple handshakes + $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1 +fi + +if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then + echo skipping RSA tests +else + echo test tls1 with 1024bit RSA, no DHE, multiple handshakes + ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra || exit 1 + + if ../util/shlib_wrap.sh ../apps/openssl no-dh; then + echo skipping RSA+DHE tests + else + echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes + ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1 + fi +fi + +exit 0 diff --git a/openssl/test/tests.com b/openssl/test/tests.com index 373dd16ea..a840d5078 100644 --- a/openssl/test/tests.com +++ b/openssl/test/tests.com @@ -56,7 +56,7 @@ $ tests := - test_enc,test_x509,test_rsa,test_crl,test_sid,- test_gen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,- test_ss,test_ca,test_engine,test_evp,test_ssl,test_tsa,test_ige,- - test_jpake,test_cms + test_jpake,test_srp,test_cms $ endif $ tests = f$edit(tests,"COLLAPSE") $ @@ -68,6 +68,8 @@ $ EXPTEST := exptest $ IDEATEST := ideatest $ SHATEST := shatest $ SHA1TEST := sha1test +$ SHA256TEST := sha256t +$ SHA512TEST := sha512t $ MDC2TEST := mdc2test $ RMDTEST := rmdtest $ MD2TEST := md2test @@ -91,6 +93,7 @@ $ ENGINETEST := enginetest $ EVPTEST := evp_test $ IGETEST := igetest $ JPAKETEST := jpaketest +$ SRPTEST := srptest $ ASN1TEST := asn1test $! $ tests_i = 0 @@ -114,6 +117,8 @@ $ return $ test_sha: $ mcr 'texe_dir''shatest' $ mcr 'texe_dir''sha1test' +$ mcr 'texe_dir''sha256test' +$ mcr 'texe_dir''sha512test' $ return $ test_mdc2: $ mcr 'texe_dir''mdc2test' @@ -357,6 +362,10 @@ $ ! Define the logical name used to find openssl.exe in the perl script. $ define /user_mode osslx 'exe_dir' $ perl CMS-TEST.PL $ return +$ test_srp: +$ write sys$output "Test SRP" +$ mcr 'texe_dir''srptest' +$ return $ $ $ exit: diff --git a/openssl/test/testssl b/openssl/test/testssl index b55364ae8..5ae4dc872 100644 --- a/openssl/test/testssl +++ b/openssl/test/testssl @@ -148,4 +148,14 @@ $ssltest -tls1 -cipher PSK -psk abc123 $extra || exit 1 echo test tls1 with PSK via BIO pair $ssltest -bio_pair -tls1 -cipher PSK -psk abc123 $extra || exit 1 +if ../util/shlib_wrap.sh ../apps/openssl no-srp; then + echo skipping SRP tests +else + echo test tls1 with SRP + $ssltest -tls1 -cipher SRP -srpuser test -srppass abc123 + + echo test tls1 with SRP via BIO pair + $ssltest -bio_pair -tls1 -cipher SRP -srpuser test -srppass abc123 +fi + exit 0 |