search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Allow IPv6 address entry in tools>ping - Loosens valid character check
[tomato/davidwu.git] / release / src / router / openssl / Netware / do_tests.pl
blobac482dbe2b8daa234177a17d8d8c0693e931dbb8
1 # perl script to run OpenSSL tests
2
3
4 my $base_path = "\\openssl";
5
6 my $output_path = "$base_path\\test_out";
7 my $cert_path = "$base_path\\certs";
8 my $test_path = "$base_path\\test";
9 my $app_path = "$base_path\\apps";
10
11 my $tmp_cert = "$output_path\\cert.tmp";
12 my $OpenSSL_config = "$app_path\\openssl.cnf";
13 my $log_file = "$output_path\\tests.log";
14
15 my $pause = 0;
16
17
18 # process the command line args to see if they wanted us to pause
19 # between executing each command
20 foreach $i (@ARGV)
21 {
22 if ($i =~ /^-p$/)
23 { $pause=1; }
24 }
25
26
27
28 main();
29
30
31 ############################################################################
32 sub main()
33 {
34 # delete all the output files in the output directory
35 unlink <$output_path\\*.*>;
36
37 # open the main log file
38 open(OUT, ">$log_file") || die "unable to open $log_file\n";
39
40 print( OUT "========================================================\n");
41 my $outFile = "$output_path\\version.out";
42 system("openssl2 version (CLIB_OPT)/>$outFile");
43 log_output("CHECKING FOR OPENSSL VERSION:", $outFile);
44
45 algorithm_tests();
46 encryption_tests();
47 evp_tests();
48 pem_tests();
49 verify_tests();
50 ca_tests();
51 ssl_tests();
52
53 close(OUT);
54
55 print("\nCompleted running tests.\n\n");
56 print("Check log file for errors: $log_file\n");
57 }
58
59 ############################################################################
60 sub algorithm_tests
61 {
62 my $i;
63 my $outFile;
64 my @tests = ( rsa_test, destest, ideatest, bftest, bntest, shatest, sha1test,
65 sha256t, sha512t, dsatest, md2test, md4test, md5test, mdc2test,
66 rc2test, rc4test, rc5test, randtest, rmdtest, dhtest, ecdhtest,
67 ecdsatest, ectest, exptest, casttest, hmactest );
68
69 print( "\nRUNNING CRYPTO ALGORITHM TESTS:\n\n");
70
71 print( OUT "\n========================================================\n");
72 print( OUT "CRYPTO ALGORITHM TESTS:\n\n");
73
74 foreach $i (@tests)
75 {
76 if (-e "$base_path\\$i.nlm")
77 {
78 $outFile = "$output_path\\$i.out";
79 system("$i (CLIB_OPT)/>$outFile");
80 log_desc("Test: $i\.nlm:");
81 log_output("", $outFile );
82 }
83 else
84 {
85 log_desc("Test: $i\.nlm: file not found");
86 }
87 }
88 }
89
90 ############################################################################
91 sub encryption_tests
92 {
93 my $i;
94 my $outFile;
95 my @enc_tests = ( "enc", "rc4", "des-cfb", "des-ede-cfb", "des-ede3-cfb",
96 "des-ofb", "des-ede-ofb", "des-ede3-ofb",
97 "des-ecb", "des-ede", "des-ede3", "des-cbc",
98 "des-ede-cbc", "des-ede3-cbc", "idea-ecb", "idea-cfb",
99 "idea-ofb", "idea-cbc", "rc2-ecb", "rc2-cfb",
100 "rc2-ofb", "rc2-cbc", "bf-ecb", "bf-cfb",
101 "bf-ofb", "bf-cbc" );
102
103 my $input = "$base_path\\do_tests.pl";
104 my $cipher = "$output_path\\cipher.out";
105 my $clear = "$output_path\\clear.out";
106
107 print( "\nRUNNING ENCRYPTION & DECRYPTION TESTS:\n\n");
108
109 print( OUT "\n========================================================\n");
110 print( OUT "FILE ENCRYPTION & DECRYPTION TESTS:\n\n");
111
112 foreach $i (@enc_tests)
113 {
114 log_desc("Testing: $i");
115
116 # do encryption
117 $outFile = "$output_path\\enc.out";
118 system("openssl2 $i -e -bufsize 113 -k test -in $input -out $cipher (CLIB_OPT)/>$outFile" );
119 log_output("Encrypting: $input --> $cipher", $outFile);
120
121 # do decryption
122 $outFile = "$output_path\\dec.out";
123 system("openssl2 $i -d -bufsize 157 -k test -in $cipher -out $clear (CLIB_OPT)/>$outFile");
124 log_output("Decrypting: $cipher --> $clear", $outFile);
125
126 # compare files
127 $x = compare_files( $input, $clear, 1);
128 if ( $x == 0 )
129 {
130 print( "\rSUCCESS - files match: $input, $clear\n");
131 print( OUT "SUCCESS - files match: $input, $clear\n");
132 }
133 else
134 {
135 print( "\rERROR: files don't match\n");
136 print( OUT "ERROR: files don't match\n");
137 }
138
139 do_wait();
140
141 # Now do the same encryption but use Base64
142
143 # do encryption B64
144 $outFile = "$output_path\\B64enc.out";
145 system("openssl2 $i -a -e -bufsize 113 -k test -in $input -out $cipher (CLIB_OPT)/>$outFile");
146 log_output("Encrypting(B64): $cipher --> $clear", $outFile);
147
148 # do decryption B64
149 $outFile = "$output_path\\B64dec.out";
150 system("openssl2 $i -a -d -bufsize 157 -k test -in $cipher -out $clear (CLIB_OPT)/>$outFile");
151 log_output("Decrypting(B64): $cipher --> $clear", $outFile);
152
153 # compare files
154 $x = compare_files( $input, $clear, 1);
155 if ( $x == 0 )
156 {
157 print( "\rSUCCESS - files match: $input, $clear\n");
158 print( OUT "SUCCESS - files match: $input, $clear\n");
159 }
160 else
161 {
162 print( "\rERROR: files don't match\n");
163 print( OUT "ERROR: files don't match\n");
164 }
165
166 do_wait();
167
168 } # end foreach
169
170 # delete the temporary files
171 unlink($cipher);
172 unlink($clear);
173 }
174
175
176 ############################################################################
177 sub pem_tests
178 {
179 my $i;
180 my $tmp_out;
181 my $outFile = "$output_path\\pem.out";
182
183 my %pem_tests = (
184 "crl" => "testcrl.pem",
185 "pkcs7" => "testp7.pem",
186 "req" => "testreq2.pem",
187 "rsa" => "testrsa.pem",
188 "x509" => "testx509.pem",
189 "x509" => "v3-cert1.pem",
190 "sess_id" => "testsid.pem" );
191
192
193 print( "\nRUNNING PEM TESTS:\n\n");
194
195 print( OUT "\n========================================================\n");
196 print( OUT "PEM TESTS:\n\n");
197
198 foreach $i (keys(%pem_tests))
199 {
200 log_desc( "Testing: $i");
201
202 my $input = "$test_path\\$pem_tests{$i}";
203
204 $tmp_out = "$output_path\\$pem_tests{$i}";
205
206 if ($i ne "req" )
207 {
208 system("openssl2 $i -in $input -out $tmp_out (CLIB_OPT)/>$outFile");
209 log_output( "openssl2 $i -in $input -out $tmp_out", $outFile);
210 }
211 else
212 {
213 system("openssl2 $i -in $input -out $tmp_out -config $OpenSSL_config (CLIB_OPT)/>$outFile");
214 log_output( "openssl2 $i -in $input -out $tmp_out -config $OpenSSL_config", $outFile );
215 }
216
217 $x = compare_files( $input, $tmp_out);
218 if ( $x == 0 )
219 {
220 print( "\rSUCCESS - files match: $input, $tmp_out\n");
221 print( OUT "SUCCESS - files match: $input, $tmp_out\n");
222 }
223 else
224 {
225 print( "\rERROR: files don't match\n");
226 print( OUT "ERROR: files don't match\n");
227 }
228 do_wait();
229
230 } # end foreach
231 }
232
233
234 ############################################################################
235 sub verify_tests
236 {
237 my $i;
238 my $outFile = "$output_path\\verify.out";
239
240 $cert_path =~ s/\\/\//g;
241 my @cert_files = <$cert_path/*.pem>;
242
243 print( "\nRUNNING VERIFY TESTS:\n\n");
244
245 print( OUT "\n========================================================\n");
246 print( OUT "VERIFY TESTS:\n\n");
247
248 make_tmp_cert_file();
249
250 foreach $i (@cert_files)
251 {
252 system("openssl2 verify -CAfile $tmp_cert $i (CLIB_OPT)/>$outFile");
253 log_desc("Verifying cert: $i");
254 log_output("openssl2 verify -CAfile $tmp_cert $i", $outFile);
255 }
256 }
257
258
259 ############################################################################
260 sub ssl_tests
261 {
262 my $outFile = "$output_path\\ssl_tst.out";
263 my($CAcert) = "$output_path\\certCA.ss";
264 my($Ukey) = "$output_path\\keyU.ss";
265 my($Ucert) = "$output_path\\certU.ss";
266 my($ssltest)= "ssltest -key $Ukey -cert $Ucert -c_key $Ukey -c_cert $Ucert -CAfile $CAcert";
267
268 print( "\nRUNNING SSL TESTS:\n\n");
269
270 print( OUT "\n========================================================\n");
271 print( OUT "SSL TESTS:\n\n");
272
273 system("ssltest -ssl2 (CLIB_OPT)/>$outFile");
274 log_desc("Testing sslv2:");
275 log_output("ssltest -ssl2", $outFile);
276
277 system("$ssltest -ssl2 -server_auth (CLIB_OPT)/>$outFile");
278 log_desc("Testing sslv2 with server authentication:");
279 log_output("$ssltest -ssl2 -server_auth", $outFile);
280
281 system("$ssltest -ssl2 -client_auth (CLIB_OPT)/>$outFile");
282 log_desc("Testing sslv2 with client authentication:");
283 log_output("$ssltest -ssl2 -client_auth", $outFile);
284
285 system("$ssltest -ssl2 -server_auth -client_auth (CLIB_OPT)/>$outFile");
286 log_desc("Testing sslv2 with both client and server authentication:");
287 log_output("$ssltest -ssl2 -server_auth -client_auth", $outFile);
288
289 system("ssltest -ssl3 (CLIB_OPT)/>$outFile");
290 log_desc("Testing sslv3:");
291 log_output("ssltest -ssl3", $outFile);
292
293 system("$ssltest -ssl3 -server_auth (CLIB_OPT)/>$outFile");
294 log_desc("Testing sslv3 with server authentication:");
295 log_output("$ssltest -ssl3 -server_auth", $outFile);
296
297 system("$ssltest -ssl3 -client_auth (CLIB_OPT)/>$outFile");
298 log_desc("Testing sslv3 with client authentication:");
299 log_output("$ssltest -ssl3 -client_auth", $outFile);
300
301 system("$ssltest -ssl3 -server_auth -client_auth (CLIB_OPT)/>$outFile");
302 log_desc("Testing sslv3 with both client and server authentication:");
303 log_output("$ssltest -ssl3 -server_auth -client_auth", $outFile);
304
305 system("ssltest (CLIB_OPT)/>$outFile");
306 log_desc("Testing sslv2/sslv3:");
307 log_output("ssltest", $outFile);
308
309 system("$ssltest -server_auth (CLIB_OPT)/>$outFile");
310 log_desc("Testing sslv2/sslv3 with server authentication:");
311 log_output("$ssltest -server_auth", $outFile);
312
313 system("$ssltest -client_auth (CLIB_OPT)/>$outFile");
314 log_desc("Testing sslv2/sslv3 with client authentication:");
315 log_output("$ssltest -client_auth ", $outFile);
316
317 system("$ssltest -server_auth -client_auth (CLIB_OPT)/>$outFile");
318 log_desc("Testing sslv2/sslv3 with both client and server authentication:");
319 log_output("$ssltest -server_auth -client_auth", $outFile);
320
321 system("ssltest -bio_pair -ssl2 (CLIB_OPT)/>$outFile");
322 log_desc("Testing sslv2 via BIO pair:");
323 log_output("ssltest -bio_pair -ssl2", $outFile);
324
325 system("ssltest -bio_pair -dhe1024dsa -v (CLIB_OPT)/>$outFile");
326 log_desc("Testing sslv2/sslv3 with 1024 bit DHE via BIO pair:");
327 log_output("ssltest -bio_pair -dhe1024dsa -v", $outFile);
328
329 system("$ssltest -bio_pair -ssl2 -server_auth (CLIB_OPT)/>$outFile");
330 log_desc("Testing sslv2 with server authentication via BIO pair:");
331 log_output("$ssltest -bio_pair -ssl2 -server_auth", $outFile);
332
333 system("$ssltest -bio_pair -ssl2 -client_auth (CLIB_OPT)/>$outFile");
334 log_desc("Testing sslv2 with client authentication via BIO pair:");
335 log_output("$ssltest -bio_pair -ssl2 -client_auth", $outFile);
336
337 system("$ssltest -bio_pair -ssl2 -server_auth -client_auth (CLIB_OPT)/>$outFile");
338 log_desc("Testing sslv2 with both client and server authentication via BIO pair:");
339 log_output("$ssltest -bio_pair -ssl2 -server_auth -client_auth", $outFile);
340
341 system("ssltest -bio_pair -ssl3 (CLIB_OPT)/>$outFile");
342 log_desc("Testing sslv3 via BIO pair:");
343 log_output("ssltest -bio_pair -ssl3", $outFile);
344
345 system("$ssltest -bio_pair -ssl3 -server_auth (CLIB_OPT)/>$outFile");
346 log_desc("Testing sslv3 with server authentication via BIO pair:");
347 log_output("$ssltest -bio_pair -ssl3 -server_auth", $outFile);
348
349 system("$ssltest -bio_pair -ssl3 -client_auth (CLIB_OPT)/>$outFile");
350 log_desc("Testing sslv3 with client authentication via BIO pair:");
351 log_output("$ssltest -bio_pair -ssl3 -client_auth", $outFile);
352
353 system("$ssltest -bio_pair -ssl3 -server_auth -client_auth (CLIB_OPT)/>$outFile");
354 log_desc("Testing sslv3 with both client and server authentication via BIO pair:");
355 log_output("$ssltest -bio_pair -ssl3 -server_auth -client_auth", $outFile);
356
357 system("ssltest -bio_pair (CLIB_OPT)/>$outFile");
358 log_desc("Testing sslv2/sslv3 via BIO pair:");
359 log_output("ssltest -bio_pair", $outFile);
360
361 system("$ssltest -bio_pair -server_auth (CLIB_OPT)/>$outFile");
362 log_desc("Testing sslv2/sslv3 with server authentication via BIO pair:");
363 log_output("$ssltest -bio_pair -server_auth", $outFile);
364
365 system("$ssltest -bio_pair -client_auth (CLIB_OPT)/>$outFile");
366 log_desc("Testing sslv2/sslv3 with client authentication via BIO pair:");
367 log_output("$ssltest -bio_pair -client_auth", $outFile);
368
369 system("$ssltest -bio_pair -server_auth -client_auth (CLIB_OPT)/>$outFile");
370 log_desc("Testing sslv2/sslv3 with both client and server authentication via BIO pair:");
371 log_output("$ssltest -bio_pair -server_auth -client_auth", $outFile);
372 }
373
374
375 ############################################################################
376 sub ca_tests
377 {
378 my $outFile = "$output_path\\ca_tst.out";
379
380 my($CAkey) = "$output_path\\keyCA.ss";
381 my($CAcert) = "$output_path\\certCA.ss";
382 my($CAserial) = "$output_path\\certCA.srl";
383 my($CAreq) = "$output_path\\reqCA.ss";
384 my($CAreq2) = "$output_path\\req2CA.ss";
385
386 my($CAconf) = "$test_path\\CAss.cnf";
387
388 my($Uconf) = "$test_path\\Uss.cnf";
389
390 my($Ukey) = "$output_path\\keyU.ss";
391 my($Ureq) = "$output_path\\reqU.ss";
392 my($Ucert) = "$output_path\\certU.ss";
393
394 print( "\nRUNNING CA TESTS:\n\n");
395
396 print( OUT "\n========================================================\n");
397 print( OUT "CA TESTS:\n");
398
399 system("openssl2 req -config $CAconf -out $CAreq -keyout $CAkey -new (CLIB_OPT)/>$outFile");
400 log_desc("Make a certificate request using req:");
401 log_output("openssl2 req -config $CAconf -out $CAreq -keyout $CAkey -new", $outFile);
402
403 system("openssl2 x509 -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey (CLIB_OPT)/>$outFile");
404 log_desc("Convert the certificate request into a self signed certificate using x509:");
405 log_output("openssl2 x509 -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey", $outFile);
406
407 system("openssl2 x509 -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 (CLIB_OPT)/>$outFile");
408 log_desc("Convert a certificate into a certificate request using 'x509':");
409 log_output("openssl2 x509 -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2", $outFile);
410
411 system("openssl2 req -config $OpenSSL_config -verify -in $CAreq -noout (CLIB_OPT)/>$outFile");
412 log_output("openssl2 req -config $OpenSSL_config -verify -in $CAreq -noout", $outFile);
413
414 system("openssl2 req -config $OpenSSL_config -verify -in $CAreq2 -noout (CLIB_OPT)/>$outFile");
415 log_output( "openssl2 req -config $OpenSSL_config -verify -in $CAreq2 -noout", $outFile);
416
417 system("openssl2 verify -CAfile $CAcert $CAcert (CLIB_OPT)/>$outFile");
418 log_output("openssl2 verify -CAfile $CAcert $CAcert", $outFile);
419
420 system("openssl2 req -config $Uconf -out $Ureq -keyout $Ukey -new (CLIB_OPT)/>$outFile");
421 log_desc("Make another certificate request using req:");
422 log_output("openssl2 req -config $Uconf -out $Ureq -keyout $Ukey -new", $outFile);
423
424 system("openssl2 x509 -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial (CLIB_OPT)/>$outFile");
425 log_desc("Sign certificate request with the just created CA via x509:");
426 log_output("openssl2 x509 -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial", $outFile);
427
428 system("openssl2 verify -CAfile $CAcert $Ucert (CLIB_OPT)/>$outFile");
429 log_output("openssl2 verify -CAfile $CAcert $Ucert", $outFile);
430
431 system("openssl2 x509 -subject -issuer -startdate -enddate -noout -in $Ucert (CLIB_OPT)/>$outFile");
432 log_desc("Certificate details");
433 log_output("openssl2 x509 -subject -issuer -startdate -enddate -noout -in $Ucert", $outFile);
434
435 print(OUT "--\n");
436 print(OUT "The generated CA certificate is $CAcert\n");
437 print(OUT "The generated CA private key is $CAkey\n");
438 print(OUT "The current CA signing serial number is in $CAserial\n");
439
440 print(OUT "The generated user certificate is $Ucert\n");
441 print(OUT "The generated user private key is $Ukey\n");
442 print(OUT "--\n");
443 }
444
445 ############################################################################
446 sub evp_tests
447 {
448 my $i = 'evp_test';
449
450 print( "\nRUNNING EVP TESTS:\n\n");
451
452 print( OUT "\n========================================================\n");
453 print( OUT "EVP TESTS:\n\n");
454
455 if (-e "$base_path\\$i.nlm")
456 {
457 my $outFile = "$output_path\\$i.out";
458 system("$i $test_path\\evptests.txt (CLIB_OPT)/>$outFile");
459 log_desc("Test: $i\.nlm:");
460 log_output("", $outFile );
461 }
462 else
463 {
464 log_desc("Test: $i\.nlm: file not found");
465 }
466 }
467
468 ############################################################################
469 sub log_output( $ $ )
470 {
471 my( $desc, $file ) = @_;
472 my($error) = 0;
473 my($key);
474 my($msg);
475
476 if ($desc)
477 {
478 print("\r$desc\n");
479 print(OUT "$desc\n");
480 }
481
482 # loop waiting for test program to complete
483 while ( stat($file) == 0)
484 { print(". "); sleep(1); }
485
486
487 # copy test output to log file
488 open(IN, "<$file");
489 while (<IN>)
490 {
491 print(OUT $_);
492 if ( $_ =~ /ERROR/ )
493 {
494 $error = 1;
495 }
496 }
497 # close and delete the temporary test output file
498 close(IN);
499 unlink($file);
500
501 if ( $error == 0 )
502 {
503 $msg = "Test Succeeded";
504 }
505 else
506 {
507 $msg = "Test Failed";
508 }
509
510 print(OUT "$msg\n");
511
512 if ($pause)
513 {
514 print("$msg - press ENTER to continue...");
515 $key = getc;
516 print("\n");
517 }
518
519 # Several of the testing scripts run a loop loading the
520 # same NLM with different options.
521 # On slow NetWare machines there appears to be some delay in the
522 # OS actually unloading the test nlms and the OS complains about.
523 # the NLM already being loaded. This additional pause is to
524 # to help provide a little more time for unloading before trying to
525 # load again.
526 sleep(1);
527 }
528
529
530 ############################################################################
531 sub log_desc( $ )
532 {
533 my( $desc ) = @_;
534
535 print("\n");
536 print("$desc\n");
537
538 print(OUT "\n");
539 print(OUT "$desc\n");
540 print(OUT "======================================\n");
541 }
542
543 ############################################################################
544 sub compare_files( $ $ $ )
545 {
546 my( $file1, $file2, $binary ) = @_;
547 my( $n1, $n2, $b1, $b2 );
548 my($ret) = 1;
549
550 open(IN0, $file1) || die "\nunable to open $file1\n";
551 open(IN1, $file2) || die "\nunable to open $file2\n";
552
553 if ($binary)
554 {
555 binmode IN0;
556 binmode IN1;
557 }
558
559 for (;;)
560 {
561 $n1 = read(IN0, $b1, 512);
562 $n2 = read(IN1, $b2, 512);
563
564 if ($n1 != $n2) {last;}
565 if ($b1 != $b2) {last;}
566
567 if ($n1 == 0)
568 {
569 $ret = 0;
570 last;
571 }
572 }
573 close(IN0);
574 close(IN1);
575 return($ret);
576 }
577
578 ############################################################################
579 sub do_wait()
580 {
581 my($key);
582
583 if ($pause)
584 {
585 print("Press ENTER to continue...");
586 $key = getc;
587 print("\n");
588 }
589 }
590
591
592 ############################################################################
593 sub make_tmp_cert_file()
594 {
595 my @cert_files = <$cert_path/*.pem>;
596
597 # delete the file if it already exists
598 unlink($tmp_cert);
599
600 open( TMP_CERT, ">$tmp_cert") || die "\nunable to open $tmp_cert\n";
601
602 print("building temporary cert file\n");
603
604 # create a temporary cert file that contains all the certs
605 foreach $i (@cert_files)
606 {
607 open( IN_CERT, $i ) || die "\nunable to open $i\n";
608
609 for(;;)
610 {
611 $n = sysread(IN_CERT, $data, 1024);
612
613 if ($n == 0)
614 {
615 close(IN_CERT);
616 last;
617 };
618
619 syswrite(TMP_CERT, $data, $n);
620 }
621 }
622
623 close( TMP_CERT );
624 }