4 $ if f$getsyi("cpu") .ge. 128 then -
5 __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
6 $ if __arch .eqs. "" then __arch = "UNK"
8 $ if (p4 .eqs. "64") then __arch = __arch+ "_64"
10 $ texe_dir = "sys$disk:[-.''__arch'.exe.test]"
11 $ exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
15 $ key="[-.apps]server.pem"
21 $ cert="[-.apps]server.pem"
25 $ ssltest = "mcr ''texe_dir'ssltest -key ''key'"+ -
26 " -cert ''cert' -c_key ''key' -c_cert ''cert'"
29 $ define/user sys$output testssl-x509-output.
30 $ define/user sys$error nla0:
31 $ mcr 'exe_dir'openssl x509 -in 'cert' -text -noout
32 $ define/user sys$error nla0:
33 $ search/output=nla0: testssl-x509-output. "DSA Public Key"/exact
40 $ delete testssl-x509-output.;*
44 $ copy/concatenate [-.certs]*.pem certs.tmp
45 $ CA = """-CAfile"" certs.tmp"
47 $ CA = """-CAfile"" "+p3
50 $!###########################################################################
52 $ write sys$output "test sslv2"
54 $ if $severity .ne. 1 then goto exit3
56 $ write sys$output "test sslv2 with server authentication"
57 $ 'ssltest' -ssl2 -server_auth 'CA'
58 $ if $severity .ne. 1 then goto exit3
62 $ write sys$output "test sslv2 with client authentication"
63 $ 'ssltest' -ssl2 -client_auth 'CA'
64 $ if $severity .ne. 1 then goto exit3
66 $ write sys$output "test sslv2 with both client and server authentication"
67 $ 'ssltest' -ssl2 -server_auth -client_auth 'CA'
68 $ if $severity .ne. 1 then goto exit3
71 $ write sys$output "test sslv3"
73 $ if $severity .ne. 1 then goto exit3
75 $ write sys$output "test sslv3 with server authentication"
76 $ 'ssltest' -ssl3 -server_auth 'CA'
77 $ if $severity .ne. 1 then goto exit3
79 $ write sys$output "test sslv3 with client authentication"
80 $ 'ssltest' -ssl3 -client_auth 'CA'
81 $ if $severity .ne. 1 then goto exit3
83 $ write sys$output "test sslv3 with both client and server authentication"
84 $ 'ssltest' -ssl3 -server_auth -client_auth 'CA'
85 $ if $severity .ne. 1 then goto exit3
87 $ write sys$output "test sslv2/sslv3"
89 $ if $severity .ne. 1 then goto exit3
91 $ write sys$output "test sslv2/sslv3 with server authentication"
92 $ 'ssltest' -server_auth 'CA'
93 $ if $severity .ne. 1 then goto exit3
95 $ write sys$output "test sslv2/sslv3 with client authentication"
96 $ 'ssltest' -client_auth 'CA'
97 $ if $severity .ne. 1 then goto exit3
99 $ write sys$output "test sslv2/sslv3 with both client and server authentication"
100 $ 'ssltest' -server_auth -client_auth 'CA'
101 $ if $severity .ne. 1 then goto exit3
103 $ write sys$output "test sslv2 via BIO pair"
104 $ 'ssltest' -bio_pair -ssl2
105 $ if $severity .ne. 1 then goto exit3
107 $ write sys$output "test sslv2 with server authentication via BIO pair"
108 $ 'ssltest' -bio_pair -ssl2 -server_auth 'CA'
109 $ if $severity .ne. 1 then goto exit3
113 $ write sys$output "test sslv2 with client authentication via BIO pair"
114 $ 'ssltest' -bio_pair -ssl2 -client_auth 'CA'
115 $ if $severity .ne. 1 then goto exit3
117 $ write sys$output "test sslv2 with both client and server authentication via BIO pair"
118 $ 'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA'
119 $ if $severity .ne. 1 then goto exit3
122 $ write sys$output "test sslv3 via BIO pair"
123 $ 'ssltest' -bio_pair -ssl3
124 $ if $severity .ne. 1 then goto exit3
126 $ write sys$output "test sslv3 with server authentication via BIO pair"
127 $ 'ssltest' -bio_pair -ssl3 -server_auth 'CA'
128 $ if $severity .ne. 1 then goto exit3
130 $ write sys$output "test sslv3 with client authentication via BIO pair"
131 $ 'ssltest' -bio_pair -ssl3 -client_auth 'CA'
132 $ if $severity .ne. 1 then goto exit3
134 $ write sys$output "test sslv3 with both client and server authentication via BIO pair"
135 $ 'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA'
136 $ if $severity .ne. 1 then goto exit3
138 $ write sys$output "test sslv2/sslv3 via BIO pair"
140 $ if $severity .ne. 1 then goto exit3
144 $ write sys$output "test sslv2/sslv3 w/o DHE via BIO pair"
145 $ 'ssltest' -bio_pair -no_dhe
146 $ if $severity .ne. 1 then goto exit3
149 $ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair"
150 $ 'ssltest' -bio_pair -dhe1024dsa -v
151 $ if $severity .ne. 1 then goto exit3
153 $ write sys$output "test sslv2/sslv3 with server authentication"
154 $ 'ssltest' -bio_pair -server_auth 'CA'
155 $ if $severity .ne. 1 then goto exit3
157 $ write sys$output "test sslv2/sslv3 with client authentication via BIO pair"
158 $ 'ssltest' -bio_pair -client_auth 'CA'
159 $ if $severity .ne. 1 then goto exit3
161 $ write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair"
162 $ 'ssltest' -bio_pair -server_auth -client_auth 'CA'
163 $ if $severity .ne. 1 then goto exit3
165 $!###########################################################################
167 $ define/user sys$output nla0:
168 $ mcr 'exe_dir'openssl no-rsa
170 $ define/user sys$output nla0:
171 $ mcr 'exe_dir'openssl no-dh
176 $ write sys$output "skipping anonymous DH tests"
178 $ write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes"
179 $ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time
180 $ if $severity .ne. 1 then goto exit3
185 $ write sys$output "skipping RSA tests"
187 $ write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes"
188 $ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time
189 $ if $severity .ne. 1 then goto exit3
193 $ write sys$output "skipping RSA+DHE tests"
195 $ write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes"
196 $ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time
197 $ if $severity .ne. 1 then goto exit3
206 $ if p3 .eqs. "" then delete certs.tmp;*