dist/Netware/do_tests.pl

# perl script to run OpenSSL tests


my $base_path      = "\\openssl";

my $output_path    = "$base_path\\test_out";
my $cert_path      = "$base_path\\certs";
my $test_path      = "$base_path\\test";
my $app_path       = "$base_path\\apps";

my $tmp_cert       = "$output_path\\cert.tmp";
my $OpenSSL_config = "$app_path\\openssl.cnf";
my $log_file       = "$output_path\\tests.log";

my $pause = 0;


#  process the command line args to see if they wanted us to pause
#  between executing each command
foreach $i (@ARGV)
{
   if ($i =~ /^-p$/)
   { $pause=1; }
}


main();


############################################################################
sub main()
{
   # delete all the output files in the output directory
   unlink <$output_path\\*.*>;

   # open the main log file
   open(OUT, ">$log_file") || die "unable to open $log_file\n";

   print( OUT "========================================================\n");
   my $outFile = "$output_path\\version.out";
   system("openssl2 version (CLIB_OPT)/>$outFile");
   log_output("CHECKING FOR OPENSSL VERSION:", $outFile);

   algorithm_tests();
   encryption_tests();
   evp_tests();
   pem_tests();
   verify_tests();
   ca_tests();
   ssl_tests();

   close(OUT);

   print("\nCompleted running tests.\n\n");
   print("Check log file for errors: $log_file\n");
}

############################################################################
sub algorithm_tests
{
   my $i;
   my $outFile;
   my @tests = ( rsa_test, destest, ideatest, bftest, bntest, shatest, sha1test,
                 sha256t, sha512t, dsatest, md2test, md4test, md5test, mdc2test,
                 rc2test, rc4test, rc5test, randtest, rmdtest, dhtest, ecdhtest,
                 ecdsatest, ectest, exptest, casttest, hmactest );

   print( "\nRUNNING CRYPTO ALGORITHM TESTS:\n\n");

   print( OUT "\n========================================================\n");
   print( OUT "CRYPTO ALGORITHM TESTS:\n\n");

   foreach $i (@tests)
   {
      if (-e "$base_path\\$i.nlm")
      {
         $outFile = "$output_path\\$i.out";
         system("$i (CLIB_OPT)/>$outFile");
         log_desc("Test: $i\.nlm:");
         log_output("", $outFile );
      }
      else
      {
         log_desc("Test: $i\.nlm: file not found");
      }
   }
}

############################################################################
sub encryption_tests
{
   my $i;
   my $outFile;
   my @enc_tests = ( "enc", "rc4", "des-cfb", "des-ede-cfb", "des-ede3-cfb",
                     "des-ofb", "des-ede-ofb", "des-ede3-ofb",
                     "des-ecb", "des-ede", "des-ede3", "des-cbc",
                     "des-ede-cbc", "des-ede3-cbc", "idea-ecb", "idea-cfb",
                     "idea-ofb", "idea-cbc", "rc2-ecb", "rc2-cfb",
                     "rc2-ofb", "rc2-cbc", "bf-ecb", "bf-cfb",
                     "bf-ofb", "bf-cbc" );

   my $input = "$base_path\\do_tests.pl";
   my $cipher = "$output_path\\cipher.out";
   my $clear = "$output_path\\clear.out";

   print( "\nRUNNING ENCRYPTION & DECRYPTION TESTS:\n\n");

   print( OUT "\n========================================================\n");
   print( OUT "FILE ENCRYPTION & DECRYPTION TESTS:\n\n");

   foreach $i (@enc_tests)
   {
      log_desc("Testing: $i");

      # do encryption
      $outFile = "$output_path\\enc.out";
      system("openssl2 $i -e -bufsize 113 -k test -in $input -out $cipher (CLIB_OPT)/>$outFile" );
      log_output("Encrypting: $input --> $cipher", $outFile);

      # do decryption
      $outFile = "$output_path\\dec.out";
      system("openssl2 $i -d -bufsize 157 -k test -in $cipher -out $clear (CLIB_OPT)/>$outFile");
      log_output("Decrypting: $cipher --> $clear", $outFile);

      # compare files
      $x = compare_files( $input, $clear, 1);
      if ( $x == 0 )
      {
         print( "\rSUCCESS - files match: $input, $clear\n");
         print( OUT "SUCCESS - files match: $input, $clear\n");
      }
      else
      {
         print( "\rERROR: files don't match\n");
         print( OUT "ERROR: files don't match\n");
      }

      do_wait();

      # Now do the same encryption but use Base64

      # do encryption B64
      $outFile = "$output_path\\B64enc.out";
      system("openssl2 $i -a -e -bufsize 113 -k test -in $input -out $cipher (CLIB_OPT)/>$outFile");
      log_output("Encrypting(B64): $cipher --> $clear", $outFile);

      # do decryption B64
      $outFile = "$output_path\\B64dec.out";
      system("openssl2 $i -a -d -bufsize 157 -k test -in $cipher -out $clear (CLIB_OPT)/>$outFile");
      log_output("Decrypting(B64): $cipher --> $clear", $outFile);

      # compare files
      $x = compare_files( $input, $clear, 1);
      if ( $x == 0 )
      {
         print( "\rSUCCESS - files match: $input, $clear\n");
         print( OUT "SUCCESS - files match: $input, $clear\n");
      }
      else
      {
         print( "\rERROR: files don't match\n");
         print( OUT "ERROR: files don't match\n");
      }

      do_wait();

   } # end foreach

   # delete the temporary files
   unlink($cipher);
   unlink($clear);
}


############################################################################
sub pem_tests
{
   my $i;
   my $tmp_out;
   my $outFile = "$output_path\\pem.out";

   my %pem_tests = (
         "crl"      => "testcrl.pem",
          "pkcs7"   => "testp7.pem",
          "req"     => "testreq2.pem",
          "rsa"     => "testrsa.pem",
          "x509"    => "testx509.pem",
          "x509"    => "v3-cert1.pem",
          "sess_id" => "testsid.pem"  );


   print( "\nRUNNING PEM TESTS:\n\n");

   print( OUT "\n========================================================\n");
   print( OUT "PEM TESTS:\n\n");

   foreach $i (keys(%pem_tests))
   {
      log_desc( "Testing: $i");

      my $input = "$test_path\\$pem_tests{$i}";

      $tmp_out = "$output_path\\$pem_tests{$i}";

      if ($i ne "req" )
      {
         system("openssl2 $i -in $input -out $tmp_out (CLIB_OPT)/>$outFile");
         log_output( "openssl2 $i -in $input -out $tmp_out", $outFile);
      }
      else
      {
         system("openssl2 $i -in $input -out $tmp_out -config $OpenSSL_config (CLIB_OPT)/>$outFile");
         log_output( "openssl2 $i -in $input -out $tmp_out -config $OpenSSL_config", $outFile );
      }

      $x = compare_files( $input, $tmp_out);
      if ( $x == 0 )
      {
         print( "\rSUCCESS - files match: $input, $tmp_out\n");
         print( OUT "SUCCESS - files match: $input, $tmp_out\n");
      }
      else
      {
         print( "\rERROR: files don't match\n");
         print( OUT "ERROR: files don't match\n");
      }
      do_wait();

   } # end foreach
}


############################################################################
sub verify_tests
{
   my $i;
   my $outFile = "$output_path\\verify.out";

   $cert_path =~ s/\\/\//g;
   my @cert_files = <$cert_path/*.pem>;

   print( "\nRUNNING VERIFY TESTS:\n\n");

   print( OUT "\n========================================================\n");
   print( OUT "VERIFY TESTS:\n\n");

   make_tmp_cert_file();

   foreach $i (@cert_files)
   {
      system("openssl2 verify -CAfile $tmp_cert $i (CLIB_OPT)/>$outFile");
      log_desc("Verifying cert: $i");
      log_output("openssl2 verify -CAfile $tmp_cert $i", $outFile);
   }
}


############################################################################
sub ssl_tests
{
   my $outFile = "$output_path\\ssl_tst.out";
   my($CAcert) = "$output_path\\certCA.ss";
   my($Ukey)   = "$output_path\\keyU.ss";
   my($Ucert)  = "$output_path\\certU.ss";
   my($ssltest)= "ssltest -key $Ukey -cert $Ucert -c_key $Ukey -c_cert $Ucert -CAfile $CAcert";

   print( "\nRUNNING SSL TESTS:\n\n");

   print( OUT "\n========================================================\n");
   print( OUT "SSL TESTS:\n\n");

   system("ssltest -ssl2 (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv2:");
   log_output("ssltest -ssl2", $outFile);

   system("$ssltest -ssl2 -server_auth (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv2 with server authentication:");
   log_output("$ssltest -ssl2 -server_auth", $outFile);

   system("$ssltest -ssl2 -client_auth (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv2 with client authentication:");
   log_output("$ssltest -ssl2 -client_auth", $outFile);

   system("$ssltest -ssl2 -server_auth -client_auth (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv2 with both client and server authentication:");
   log_output("$ssltest -ssl2 -server_auth -client_auth", $outFile);

   system("ssltest -ssl3 (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv3:");
   log_output("ssltest -ssl3", $outFile);

   system("$ssltest -ssl3 -server_auth (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv3 with server authentication:");
   log_output("$ssltest -ssl3 -server_auth", $outFile);

   system("$ssltest -ssl3 -client_auth (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv3 with client authentication:");
   log_output("$ssltest -ssl3 -client_auth", $outFile);

   system("$ssltest -ssl3 -server_auth -client_auth (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv3 with both client and server authentication:");
   log_output("$ssltest -ssl3 -server_auth -client_auth", $outFile);

   system("ssltest (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv2/sslv3:");
   log_output("ssltest", $outFile);

   system("$ssltest -server_auth (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv2/sslv3 with server authentication:");
   log_output("$ssltest -server_auth", $outFile);

   system("$ssltest -client_auth (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv2/sslv3 with client authentication:");
   log_output("$ssltest -client_auth ", $outFile);

   system("$ssltest -server_auth -client_auth (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv2/sslv3 with both client and server authentication:");
   log_output("$ssltest -server_auth -client_auth", $outFile);

   system("ssltest -bio_pair -ssl2 (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv2 via BIO pair:");
   log_output("ssltest -bio_pair -ssl2", $outFile);

   system("ssltest -bio_pair -dhe1024dsa -v (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv2/sslv3 with 1024 bit DHE via BIO pair:");
   log_output("ssltest -bio_pair -dhe1024dsa -v", $outFile);

   system("$ssltest -bio_pair -ssl2 -server_auth (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv2 with server authentication via BIO pair:");
   log_output("$ssltest -bio_pair -ssl2 -server_auth", $outFile);

   system("$ssltest -bio_pair -ssl2 -client_auth (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv2 with client authentication via BIO pair:");
   log_output("$ssltest -bio_pair -ssl2 -client_auth", $outFile);

   system("$ssltest -bio_pair -ssl2 -server_auth -client_auth (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv2 with both client and server authentication via BIO pair:");
   log_output("$ssltest -bio_pair -ssl2 -server_auth -client_auth", $outFile);

   system("ssltest -bio_pair -ssl3 (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv3 via BIO pair:");
   log_output("ssltest -bio_pair -ssl3", $outFile);

   system("$ssltest -bio_pair -ssl3 -server_auth (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv3 with server authentication via BIO pair:");
   log_output("$ssltest -bio_pair -ssl3 -server_auth", $outFile);

   system("$ssltest -bio_pair -ssl3 -client_auth (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv3 with client authentication  via BIO pair:");
   log_output("$ssltest -bio_pair -ssl3 -client_auth", $outFile);

   system("$ssltest -bio_pair -ssl3 -server_auth -client_auth (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv3 with both client and server authentication via BIO pair:");
   log_output("$ssltest -bio_pair -ssl3 -server_auth -client_auth", $outFile);

   system("ssltest -bio_pair (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv2/sslv3 via BIO pair:");
   log_output("ssltest -bio_pair", $outFile);

   system("$ssltest -bio_pair -server_auth (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv2/sslv3 with server authentication via BIO pair:");
   log_output("$ssltest -bio_pair -server_auth", $outFile);

   system("$ssltest -bio_pair -client_auth (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv2/sslv3 with client authentication via BIO pair:");
   log_output("$ssltest -bio_pair -client_auth", $outFile);

   system("$ssltest -bio_pair -server_auth -client_auth (CLIB_OPT)/>$outFile");
   log_desc("Testing sslv2/sslv3 with both client and server authentication via BIO pair:");
   log_output("$ssltest -bio_pair -server_auth -client_auth", $outFile);
}


############################################################################
sub ca_tests
{
   my $outFile = "$output_path\\ca_tst.out";

   my($CAkey)     = "$output_path\\keyCA.ss";
   my($CAcert)    = "$output_path\\certCA.ss";
   my($CAserial)  = "$output_path\\certCA.srl";
   my($CAreq)     = "$output_path\\reqCA.ss";
   my($CAreq2)    = "$output_path\\req2CA.ss";

   my($CAconf)    = "$test_path\\CAss.cnf";

   my($Uconf)     = "$test_path\\Uss.cnf";

   my($Ukey)      = "$output_path\\keyU.ss";
   my($Ureq)      = "$output_path\\reqU.ss";
   my($Ucert)     = "$output_path\\certU.ss";

   print( "\nRUNNING CA TESTS:\n\n");

   print( OUT "\n========================================================\n");
   print( OUT "CA TESTS:\n");

   system("openssl2 req -config $CAconf -out $CAreq -keyout $CAkey -new (CLIB_OPT)/>$outFile");
   log_desc("Make a certificate request using req:");
   log_output("openssl2 req -config $CAconf -out $CAreq -keyout $CAkey -new", $outFile);

   system("openssl2 x509 -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey (CLIB_OPT)/>$outFile");
   log_desc("Convert the certificate request into a self signed certificate using x509:");
   log_output("openssl2 x509 -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey", $outFile);

   system("openssl2 x509 -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 (CLIB_OPT)/>$outFile");
   log_desc("Convert a certificate into a certificate request using 'x509':");
   log_output("openssl2 x509 -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2", $outFile);

   system("openssl2 req -config $OpenSSL_config -verify -in $CAreq -noout (CLIB_OPT)/>$outFile");
   log_output("openssl2 req -config $OpenSSL_config -verify -in $CAreq -noout", $outFile);

   system("openssl2 req -config $OpenSSL_config -verify -in $CAreq2 -noout (CLIB_OPT)/>$outFile");
   log_output( "openssl2 req -config $OpenSSL_config -verify -in $CAreq2 -noout", $outFile);

   system("openssl2 verify -CAfile $CAcert $CAcert (CLIB_OPT)/>$outFile");
   log_output("openssl2 verify -CAfile $CAcert $CAcert", $outFile);

   system("openssl2 req -config $Uconf -out $Ureq -keyout $Ukey -new (CLIB_OPT)/>$outFile");
   log_desc("Make another certificate request using req:");
   log_output("openssl2 req -config $Uconf -out $Ureq -keyout $Ukey -new", $outFile);

   system("openssl2 x509 -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial (CLIB_OPT)/>$outFile");
   log_desc("Sign certificate request with the just created CA via x509:");
   log_output("openssl2 x509 -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial", $outFile);

   system("openssl2 verify -CAfile $CAcert $Ucert (CLIB_OPT)/>$outFile");
   log_output("openssl2 verify -CAfile $CAcert $Ucert", $outFile);

   system("openssl2 x509 -subject -issuer -startdate -enddate -noout -in $Ucert (CLIB_OPT)/>$outFile");
   log_desc("Certificate details");
   log_output("openssl2 x509 -subject -issuer -startdate -enddate -noout -in $Ucert", $outFile);

   print(OUT "--\n");
   print(OUT "The generated CA certificate is $CAcert\n");
   print(OUT "The generated CA private key is $CAkey\n");
   print(OUT "The current CA signing serial number is in $CAserial\n");

   print(OUT "The generated user certificate is $Ucert\n");
   print(OUT "The generated user private key is $Ukey\n");
   print(OUT "--\n");
}

############################################################################
sub evp_tests
{
   my $i = 'evp_test';

   print( "\nRUNNING EVP TESTS:\n\n");

   print( OUT "\n========================================================\n");
   print( OUT "EVP TESTS:\n\n");

   if (-e "$base_path\\$i.nlm")
   {
       my $outFile = "$output_path\\$i.out";
       system("$i $test_path\\evptests.txt (CLIB_OPT)/>$outFile");
       log_desc("Test: $i\.nlm:");
       log_output("", $outFile );
   }
   else
   {
       log_desc("Test: $i\.nlm: file not found");
   }
}

############################################################################
sub log_output( $ $ )
{
   my( $desc, $file ) = @_;
   my($error) = 0;
   my($key);
   my($msg);

   if ($desc)
   {
      print("\r$desc\n");
      print(OUT "$desc\n");
   }

      # loop waiting for test program to complete
   while ( stat($file) == 0)
      { print(". "); sleep(1); }


      # copy test output to log file
   open(IN, "<$file");
   while (<IN>)
   {
      print(OUT $_);
      if ( $_ =~ /ERROR/ )
      {
         $error = 1;
      }
   }
      # close and delete the temporary test output file
   close(IN);
   unlink($file);

   if ( $error == 0 )
   {
      $msg = "Test Succeeded";
   }
   else
   {
      $msg = "Test Failed";
   }

   print(OUT "$msg\n");

   if ($pause)
   {
      print("$msg - press ENTER to continue...");
      $key = getc;
      print("\n");
   }

      # Several of the testing scripts run a loop loading the
      # same NLM with different options.
      # On slow NetWare machines there appears to be some delay in the
      # OS actually unloading the test nlms and the OS complains about.
      # the NLM already being loaded.  This additional pause is to
      # to help provide a little more time for unloading before trying to
      # load again.
   sleep(1);
}


############################################################################
sub log_desc( $ )
{
   my( $desc ) = @_;

   print("\n");
   print("$desc\n");

   print(OUT "\n");
   print(OUT "$desc\n");
   print(OUT "======================================\n");
}

############################################################################
sub compare_files( $ $ $ )
{
   my( $file1, $file2, $binary ) = @_;
   my( $n1, $n2, $b1, $b2 );
   my($ret) = 1;

   open(IN0, $file1) || die "\nunable to open $file1\n";
   open(IN1, $file2) || die "\nunable to open $file2\n";

  if ($binary)
  {
      binmode IN0;
      binmode IN1;
  }

   for (;;)
   {
      $n1 = read(IN0, $b1, 512);
      $n2 = read(IN1, $b2, 512);

      if ($n1 != $n2) {last;}
      if ($b1 != $b2) {last;}

      if ($n1 == 0)
      {
         $ret = 0;
         last;
      }
   }
   close(IN0);
   close(IN1);
   return($ret);
}

############################################################################
sub do_wait()
{
   my($key);

   if ($pause)
   {
      print("Press ENTER to continue...");
      $key = getc;
      print("\n");
   }
}


############################################################################
sub make_tmp_cert_file()
{
   my @cert_files = <$cert_path/*.pem>;

      # delete the file if it already exists
   unlink($tmp_cert);

   open( TMP_CERT, ">$tmp_cert") || die "\nunable to open $tmp_cert\n";

   print("building temporary cert file\n");

   # create a temporary cert file that contains all the certs
   foreach $i (@cert_files)
   {
      open( IN_CERT, $i ) || die "\nunable to open $i\n";

      for(;;)
      {
         $n = sysread(IN_CERT, $data, 1024);

         if ($n == 0)
         {
            close(IN_CERT);
            last;
         };

         syswrite(TMP_CERT, $data, $n);
      }
   }

   close( TMP_CERT );
}
Revision:	7102
Committed:	Fri Jul 17 14:04:28 2015 UTC (8 years, 9 months ago) by laffer1
Content type:	text/plain
File size:	19700 byte(s)
Log Message:	OpenSSL 1.0.1o
#	Content
1	# perl script to run OpenSSL tests
2
3
4	my $base_path = "\\openssl";
5
6	my $output_path = "$base_path\\test_out";
7	my $cert_path = "$base_path\\certs";
8	my $test_path = "$base_path\\test";
9	my $app_path = "$base_path\\apps";
10
11	my $tmp_cert = "$output_path\\cert.tmp";
12	my $OpenSSL_config = "$app_path\\openssl.cnf";
13	my $log_file = "$output_path\\tests.log";
14
15	my $pause = 0;
16
17
18	# process the command line args to see if they wanted us to pause
19	# between executing each command
20	foreach $i (@ARGV)
21	{
22	if ($i =~ /^-p$/)
23	{ $pause=1; }
24	}
25
26
27
28	main();
29
30
31	############################################################################
32	sub main()
33	{
34	# delete all the output files in the output directory
35	unlink <$output_path\\.>;
36
37	# open the main log file
38	open(OUT, ">$log_file") \|\| die "unable to open $log_file\n";
39
40	print( OUT "========================================================\n");
41	my $outFile = "$output_path\\version.out";
42	system("openssl2 version (CLIB_OPT)/>$outFile");
43	log_output("CHECKING FOR OPENSSL VERSION:", $outFile);
44
45	algorithm_tests();
46	encryption_tests();
47	evp_tests();
48	pem_tests();
49	verify_tests();
50	ca_tests();
51	ssl_tests();
52
53	close(OUT);
54
55	print("\nCompleted running tests.\n\n");
56	print("Check log file for errors: $log_file\n");
57	}
58
59	############################################################################
60	sub algorithm_tests
61	{
62	my $i;
63	my $outFile;
64	my @tests = ( rsa_test, destest, ideatest, bftest, bntest, shatest, sha1test,
65	sha256t, sha512t, dsatest, md2test, md4test, md5test, mdc2test,
66	rc2test, rc4test, rc5test, randtest, rmdtest, dhtest, ecdhtest,
67	ecdsatest, ectest, exptest, casttest, hmactest );
68
69	print( "\nRUNNING CRYPTO ALGORITHM TESTS:\n\n");
70
71	print( OUT "\n========================================================\n");
72	print( OUT "CRYPTO ALGORITHM TESTS:\n\n");
73
74	foreach $i (@tests)
75	{
76	if (-e "$base_path\\$i.nlm")
77	{
78	$outFile = "$output_path\\$i.out";
79	system("$i (CLIB_OPT)/>$outFile");
80	log_desc("Test: $i\.nlm:");
81	log_output("", $outFile );
82	}
83	else
84	{
85	log_desc("Test: $i\.nlm: file not found");
86	}
87	}
88	}
89
90	############################################################################
91	sub encryption_tests
92	{
93	my $i;
94	my $outFile;
95	my @enc_tests = ( "enc", "rc4", "des-cfb", "des-ede-cfb", "des-ede3-cfb",
96	"des-ofb", "des-ede-ofb", "des-ede3-ofb",
97	"des-ecb", "des-ede", "des-ede3", "des-cbc",
98	"des-ede-cbc", "des-ede3-cbc", "idea-ecb", "idea-cfb",
99	"idea-ofb", "idea-cbc", "rc2-ecb", "rc2-cfb",
100	"rc2-ofb", "rc2-cbc", "bf-ecb", "bf-cfb",
101	"bf-ofb", "bf-cbc" );
102
103	my $input = "$base_path\\do_tests.pl";
104	my $cipher = "$output_path\\cipher.out";
105	my $clear = "$output_path\\clear.out";
106
107	print( "\nRUNNING ENCRYPTION & DECRYPTION TESTS:\n\n");
108
109	print( OUT "\n========================================================\n");
110	print( OUT "FILE ENCRYPTION & DECRYPTION TESTS:\n\n");
111
112	foreach $i (@enc_tests)
113	{
114	log_desc("Testing: $i");
115
116	# do encryption
117	$outFile = "$output_path\\enc.out";
118	system("openssl2 $i -e -bufsize 113 -k test -in $input -out $cipher (CLIB_OPT)/>$outFile" );
119	log_output("Encrypting: $input --> $cipher", $outFile);
120
121	# do decryption
122	$outFile = "$output_path\\dec.out";
123	system("openssl2 $i -d -bufsize 157 -k test -in $cipher -out $clear (CLIB_OPT)/>$outFile");
124	log_output("Decrypting: $cipher --> $clear", $outFile);
125
126	# compare files
127	$x = compare_files( $input, $clear, 1);
128	if ( $x == 0 )
129	{
130	print( "\rSUCCESS - files match: $input, $clear\n");
131	print( OUT "SUCCESS - files match: $input, $clear\n");
132	}
133	else
134	{
135	print( "\rERROR: files don't match\n");
136	print( OUT "ERROR: files don't match\n");
137	}
138
139	do_wait();
140
141	# Now do the same encryption but use Base64
142
143	# do encryption B64
144	$outFile = "$output_path\\B64enc.out";
145	system("openssl2 $i -a -e -bufsize 113 -k test -in $input -out $cipher (CLIB_OPT)/>$outFile");
146	log_output("Encrypting(B64): $cipher --> $clear", $outFile);
147
148	# do decryption B64
149	$outFile = "$output_path\\B64dec.out";
150	system("openssl2 $i -a -d -bufsize 157 -k test -in $cipher -out $clear (CLIB_OPT)/>$outFile");
151	log_output("Decrypting(B64): $cipher --> $clear", $outFile);
152
153	# compare files
154	$x = compare_files( $input, $clear, 1);
155	if ( $x == 0 )
156	{
157	print( "\rSUCCESS - files match: $input, $clear\n");
158	print( OUT "SUCCESS - files match: $input, $clear\n");
159	}
160	else
161	{
162	print( "\rERROR: files don't match\n");
163	print( OUT "ERROR: files don't match\n");
164	}
165
166	do_wait();
167
168	} # end foreach
169
170	# delete the temporary files
171	unlink($cipher);
172	unlink($clear);
173	}
174
175
176	############################################################################
177	sub pem_tests
178	{
179	my $i;
180	my $tmp_out;
181	my $outFile = "$output_path\\pem.out";
182
183	my %pem_tests = (
184	"crl" => "testcrl.pem",
185	"pkcs7" => "testp7.pem",
186	"req" => "testreq2.pem",
187	"rsa" => "testrsa.pem",
188	"x509" => "testx509.pem",
189	"x509" => "v3-cert1.pem",
190	"sess_id" => "testsid.pem" );
191
192
193	print( "\nRUNNING PEM TESTS:\n\n");
194
195	print( OUT "\n========================================================\n");
196	print( OUT "PEM TESTS:\n\n");
197
198	foreach $i (keys(%pem_tests))
199	{
200	log_desc( "Testing: $i");
201
202	my $input = "$test_path\\$pem_tests{$i}";
203
204	$tmp_out = "$output_path\\$pem_tests{$i}";
205
206	if ($i ne "req" )
207	{
208	system("openssl2 $i -in $input -out $tmp_out (CLIB_OPT)/>$outFile");
209	log_output( "openssl2 $i -in $input -out $tmp_out", $outFile);
210	}
211	else
212	{
213	system("openssl2 $i -in $input -out $tmp_out -config $OpenSSL_config (CLIB_OPT)/>$outFile");
214	log_output( "openssl2 $i -in $input -out $tmp_out -config $OpenSSL_config", $outFile );
215	}
216
217	$x = compare_files( $input, $tmp_out);
218	if ( $x == 0 )
219	{
220	print( "\rSUCCESS - files match: $input, $tmp_out\n");
221	print( OUT "SUCCESS - files match: $input, $tmp_out\n");
222	}
223	else
224	{
225	print( "\rERROR: files don't match\n");
226	print( OUT "ERROR: files don't match\n");
227	}
228	do_wait();
229
230	} # end foreach
231	}
232
233
234	############################################################################
235	sub verify_tests
236	{
237	my $i;
238	my $outFile = "$output_path\\verify.out";
239
240	$cert_path =~ s/\\/\//g;
241	my @cert_files = <$cert_path/*.pem>;
242
243	print( "\nRUNNING VERIFY TESTS:\n\n");
244
245	print( OUT "\n========================================================\n");
246	print( OUT "VERIFY TESTS:\n\n");
247
248	make_tmp_cert_file();
249
250	foreach $i (@cert_files)
251	{
252	system("openssl2 verify -CAfile $tmp_cert $i (CLIB_OPT)/>$outFile");
253	log_desc("Verifying cert: $i");
254	log_output("openssl2 verify -CAfile $tmp_cert $i", $outFile);
255	}
256	}
257
258
259	############################################################################
260	sub ssl_tests
261	{
262	my $outFile = "$output_path\\ssl_tst.out";
263	my($CAcert) = "$output_path\\certCA.ss";
264	my($Ukey) = "$output_path\\keyU.ss";
265	my($Ucert) = "$output_path\\certU.ss";
266	my($ssltest)= "ssltest -key $Ukey -cert $Ucert -c_key $Ukey -c_cert $Ucert -CAfile $CAcert";
267
268	print( "\nRUNNING SSL TESTS:\n\n");
269
270	print( OUT "\n========================================================\n");
271	print( OUT "SSL TESTS:\n\n");
272
273	system("ssltest -ssl2 (CLIB_OPT)/>$outFile");
274	log_desc("Testing sslv2:");
275	log_output("ssltest -ssl2", $outFile);
276
277	system("$ssltest -ssl2 -server_auth (CLIB_OPT)/>$outFile");
278	log_desc("Testing sslv2 with server authentication:");
279	log_output("$ssltest -ssl2 -server_auth", $outFile);
280
281	system("$ssltest -ssl2 -client_auth (CLIB_OPT)/>$outFile");
282	log_desc("Testing sslv2 with client authentication:");
283	log_output("$ssltest -ssl2 -client_auth", $outFile);
284
285	system("$ssltest -ssl2 -server_auth -client_auth (CLIB_OPT)/>$outFile");
286	log_desc("Testing sslv2 with both client and server authentication:");
287	log_output("$ssltest -ssl2 -server_auth -client_auth", $outFile);
288
289	system("ssltest -ssl3 (CLIB_OPT)/>$outFile");
290	log_desc("Testing sslv3:");
291	log_output("ssltest -ssl3", $outFile);
292
293	system("$ssltest -ssl3 -server_auth (CLIB_OPT)/>$outFile");
294	log_desc("Testing sslv3 with server authentication:");
295	log_output("$ssltest -ssl3 -server_auth", $outFile);
296
297	system("$ssltest -ssl3 -client_auth (CLIB_OPT)/>$outFile");
298	log_desc("Testing sslv3 with client authentication:");
299	log_output("$ssltest -ssl3 -client_auth", $outFile);
300
301	system("$ssltest -ssl3 -server_auth -client_auth (CLIB_OPT)/>$outFile");
302	log_desc("Testing sslv3 with both client and server authentication:");
303	log_output("$ssltest -ssl3 -server_auth -client_auth", $outFile);
304
305	system("ssltest (CLIB_OPT)/>$outFile");
306	log_desc("Testing sslv2/sslv3:");
307	log_output("ssltest", $outFile);
308
309	system("$ssltest -server_auth (CLIB_OPT)/>$outFile");
310	log_desc("Testing sslv2/sslv3 with server authentication:");
311	log_output("$ssltest -server_auth", $outFile);
312
313	system("$ssltest -client_auth (CLIB_OPT)/>$outFile");
314	log_desc("Testing sslv2/sslv3 with client authentication:");
315	log_output("$ssltest -client_auth ", $outFile);
316
317	system("$ssltest -server_auth -client_auth (CLIB_OPT)/>$outFile");
318	log_desc("Testing sslv2/sslv3 with both client and server authentication:");
319	log_output("$ssltest -server_auth -client_auth", $outFile);
320
321	system("ssltest -bio_pair -ssl2 (CLIB_OPT)/>$outFile");
322	log_desc("Testing sslv2 via BIO pair:");
323	log_output("ssltest -bio_pair -ssl2", $outFile);
324
325	system("ssltest -bio_pair -dhe1024dsa -v (CLIB_OPT)/>$outFile");
326	log_desc("Testing sslv2/sslv3 with 1024 bit DHE via BIO pair:");
327	log_output("ssltest -bio_pair -dhe1024dsa -v", $outFile);
328
329	system("$ssltest -bio_pair -ssl2 -server_auth (CLIB_OPT)/>$outFile");
330	log_desc("Testing sslv2 with server authentication via BIO pair:");
331	log_output("$ssltest -bio_pair -ssl2 -server_auth", $outFile);
332
333	system("$ssltest -bio_pair -ssl2 -client_auth (CLIB_OPT)/>$outFile");
334	log_desc("Testing sslv2 with client authentication via BIO pair:");
335	log_output("$ssltest -bio_pair -ssl2 -client_auth", $outFile);
336
337	system("$ssltest -bio_pair -ssl2 -server_auth -client_auth (CLIB_OPT)/>$outFile");
338	log_desc("Testing sslv2 with both client and server authentication via BIO pair:");
339	log_output("$ssltest -bio_pair -ssl2 -server_auth -client_auth", $outFile);
340
341	system("ssltest -bio_pair -ssl3 (CLIB_OPT)/>$outFile");
342	log_desc("Testing sslv3 via BIO pair:");
343	log_output("ssltest -bio_pair -ssl3", $outFile);
344
345	system("$ssltest -bio_pair -ssl3 -server_auth (CLIB_OPT)/>$outFile");
346	log_desc("Testing sslv3 with server authentication via BIO pair:");
347	log_output("$ssltest -bio_pair -ssl3 -server_auth", $outFile);
348
349	system("$ssltest -bio_pair -ssl3 -client_auth (CLIB_OPT)/>$outFile");
350	log_desc("Testing sslv3 with client authentication via BIO pair:");
351	log_output("$ssltest -bio_pair -ssl3 -client_auth", $outFile);
352
353	system("$ssltest -bio_pair -ssl3 -server_auth -client_auth (CLIB_OPT)/>$outFile");
354	log_desc("Testing sslv3 with both client and server authentication via BIO pair:");
355	log_output("$ssltest -bio_pair -ssl3 -server_auth -client_auth", $outFile);
356
357	system("ssltest -bio_pair (CLIB_OPT)/>$outFile");
358	log_desc("Testing sslv2/sslv3 via BIO pair:");
359	log_output("ssltest -bio_pair", $outFile);
360
361	system("$ssltest -bio_pair -server_auth (CLIB_OPT)/>$outFile");
362	log_desc("Testing sslv2/sslv3 with server authentication via BIO pair:");
363	log_output("$ssltest -bio_pair -server_auth", $outFile);
364
365	system("$ssltest -bio_pair -client_auth (CLIB_OPT)/>$outFile");
366	log_desc("Testing sslv2/sslv3 with client authentication via BIO pair:");
367	log_output("$ssltest -bio_pair -client_auth", $outFile);
368
369	system("$ssltest -bio_pair -server_auth -client_auth (CLIB_OPT)/>$outFile");
370	log_desc("Testing sslv2/sslv3 with both client and server authentication via BIO pair:");
371	log_output("$ssltest -bio_pair -server_auth -client_auth", $outFile);
372	}
373
374
375	############################################################################
376	sub ca_tests
377	{
378	my $outFile = "$output_path\\ca_tst.out";
379
380	my($CAkey) = "$output_path\\keyCA.ss";
381	my($CAcert) = "$output_path\\certCA.ss";
382	my($CAserial) = "$output_path\\certCA.srl";
383	my($CAreq) = "$output_path\\reqCA.ss";
384	my($CAreq2) = "$output_path\\req2CA.ss";
385
386	my($CAconf) = "$test_path\\CAss.cnf";
387
388	my($Uconf) = "$test_path\\Uss.cnf";
389
390	my($Ukey) = "$output_path\\keyU.ss";
391	my($Ureq) = "$output_path\\reqU.ss";
392	my($Ucert) = "$output_path\\certU.ss";
393
394	print( "\nRUNNING CA TESTS:\n\n");
395
396	print( OUT "\n========================================================\n");
397	print( OUT "CA TESTS:\n");
398
399	system("openssl2 req -config $CAconf -out $CAreq -keyout $CAkey -new (CLIB_OPT)/>$outFile");
400	log_desc("Make a certificate request using req:");
401	log_output("openssl2 req -config $CAconf -out $CAreq -keyout $CAkey -new", $outFile);
402
403	system("openssl2 x509 -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey (CLIB_OPT)/>$outFile");
404	log_desc("Convert the certificate request into a self signed certificate using x509:");
405	log_output("openssl2 x509 -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey", $outFile);
406
407	system("openssl2 x509 -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 (CLIB_OPT)/>$outFile");
408	log_desc("Convert a certificate into a certificate request using 'x509':");
409	log_output("openssl2 x509 -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2", $outFile);
410
411	system("openssl2 req -config $OpenSSL_config -verify -in $CAreq -noout (CLIB_OPT)/>$outFile");
412	log_output("openssl2 req -config $OpenSSL_config -verify -in $CAreq -noout", $outFile);
413
414	system("openssl2 req -config $OpenSSL_config -verify -in $CAreq2 -noout (CLIB_OPT)/>$outFile");
415	log_output( "openssl2 req -config $OpenSSL_config -verify -in $CAreq2 -noout", $outFile);
416
417	system("openssl2 verify -CAfile $CAcert $CAcert (CLIB_OPT)/>$outFile");
418	log_output("openssl2 verify -CAfile $CAcert $CAcert", $outFile);
419
420	system("openssl2 req -config $Uconf -out $Ureq -keyout $Ukey -new (CLIB_OPT)/>$outFile");
421	log_desc("Make another certificate request using req:");
422	log_output("openssl2 req -config $Uconf -out $Ureq -keyout $Ukey -new", $outFile);
423
424	system("openssl2 x509 -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial (CLIB_OPT)/>$outFile");
425	log_desc("Sign certificate request with the just created CA via x509:");
426	log_output("openssl2 x509 -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial", $outFile);
427
428	system("openssl2 verify -CAfile $CAcert $Ucert (CLIB_OPT)/>$outFile");
429	log_output("openssl2 verify -CAfile $CAcert $Ucert", $outFile);
430
431	system("openssl2 x509 -subject -issuer -startdate -enddate -noout -in $Ucert (CLIB_OPT)/>$outFile");
432	log_desc("Certificate details");
433	log_output("openssl2 x509 -subject -issuer -startdate -enddate -noout -in $Ucert", $outFile);
434
435	print(OUT "--\n");
436	print(OUT "The generated CA certificate is $CAcert\n");
437	print(OUT "The generated CA private key is $CAkey\n");
438	print(OUT "The current CA signing serial number is in $CAserial\n");
439
440	print(OUT "The generated user certificate is $Ucert\n");
441	print(OUT "The generated user private key is $Ukey\n");
442	print(OUT "--\n");
443	}
444
445	############################################################################
446	sub evp_tests
447	{
448	my $i = 'evp_test';
449
450	print( "\nRUNNING EVP TESTS:\n\n");
451
452	print( OUT "\n========================================================\n");
453	print( OUT "EVP TESTS:\n\n");
454
455	if (-e "$base_path\\$i.nlm")
456	{
457	my $outFile = "$output_path\\$i.out";
458	system("$i $test_path\\evptests.txt (CLIB_OPT)/>$outFile");
459	log_desc("Test: $i\.nlm:");
460	log_output("", $outFile );
461	}
462	else
463	{
464	log_desc("Test: $i\.nlm: file not found");
465	}
466	}
467
468	############################################################################
469	sub log_output( $ $ )
470	{
471	my( $desc, $file ) = @_;
472	my($error) = 0;
473	my($key);
474	my($msg);
475
476	if ($desc)
477	{
478	print("\r$desc\n");
479	print(OUT "$desc\n");
480	}
481
482	# loop waiting for test program to complete
483	while ( stat($file) == 0)
484	{ print(". "); sleep(1); }
485
486
487	# copy test output to log file
488	open(IN, "<$file");
489	while (<IN>)
490	{
491	print(OUT $_);
492	if ( $_ =~ /ERROR/ )
493	{
494	$error = 1;
495	}
496	}
497	# close and delete the temporary test output file
498	close(IN);
499	unlink($file);
500
501	if ( $error == 0 )
502	{
503	$msg = "Test Succeeded";
504	}
505	else
506	{
507	$msg = "Test Failed";
508	}
509
510	print(OUT "$msg\n");
511
512	if ($pause)
513	{
514	print("$msg - press ENTER to continue...");
515	$key = getc;
516	print("\n");
517	}
518
519	# Several of the testing scripts run a loop loading the
520	# same NLM with different options.
521	# On slow NetWare machines there appears to be some delay in the
522	# OS actually unloading the test nlms and the OS complains about.
523	# the NLM already being loaded. This additional pause is to
524	# to help provide a little more time for unloading before trying to
525	# load again.
526	sleep(1);
527	}
528
529
530	############################################################################
531	sub log_desc( $ )
532	{
533	my( $desc ) = @_;
534
535	print("\n");
536	print("$desc\n");
537
538	print(OUT "\n");
539	print(OUT "$desc\n");
540	print(OUT "======================================\n");
541	}
542
543	############################################################################
544	sub compare_files( $ $ $ )
545	{
546	my( $file1, $file2, $binary ) = @_;
547	my( $n1, $n2, $b1, $b2 );
548	my($ret) = 1;
549
550	open(IN0, $file1) \|\| die "\nunable to open $file1\n";
551	open(IN1, $file2) \|\| die "\nunable to open $file2\n";
552
553	if ($binary)
554	{
555	binmode IN0;
556	binmode IN1;
557	}
558
559	for (;;)
560	{
561	$n1 = read(IN0, $b1, 512);
562	$n2 = read(IN1, $b2, 512);
563
564	if ($n1 != $n2) {last;}
565	if ($b1 != $b2) {last;}
566
567	if ($n1 == 0)
568	{
569	$ret = 0;
570	last;
571	}
572	}
573	close(IN0);
574	close(IN1);
575	return($ret);
576	}
577
578	############################################################################
579	sub do_wait()
580	{
581	my($key);
582
583	if ($pause)
584	{
585	print("Press ENTER to continue...");
586	$key = getc;
587	print("\n");
588	}
589	}
590
591
592	############################################################################
593	sub make_tmp_cert_file()
594	{
595	my @cert_files = <$cert_path/*.pem>;
596
597	# delete the file if it already exists
598	unlink($tmp_cert);
599
600	open( TMP_CERT, ">$tmp_cert") \|\| die "\nunable to open $tmp_cert\n";
601
602	print("building temporary cert file\n");
603
604	# create a temporary cert file that contains all the certs
605	foreach $i (@cert_files)
606	{
607	open( IN_CERT, $i ) \|\| die "\nunable to open $i\n";
608
609	for(;;)
610	{
611	$n = sysread(IN_CERT, $data, 1024);
612
613	if ($n == 0)
614	{
615	close(IN_CERT);
616	last;
617	};
618
619	syswrite(TMP_CERT, $data, $n);
620	}
621	}
622
623	close( TMP_CERT );
624	}