1$! TESTSSL.COM 2$ 3$ __arch := VAX 4$ if f$getsyi("cpu") .ge. 128 then - 5 __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") 6$ if __arch .eqs. "" then __arch := UNK 7$ texe_dir := sys$disk:[-.'__arch'.exe.test] 8$ exe_dir := sys$disk:[-.'__arch'.exe.apps] 9$ 10$ if p1 .eqs. "" 11$ then 12$ key="[-.apps]server.pem" 13$ else 14$ key=p1 15$ endif 16$ if p2 .eqs. "" 17$ then 18$ cert="[-.apps]server.pem" 19$ else 20$ cert=p2 21$ endif 22$ ssltest := mcr 'texe_dir'ssltest -key 'key' -cert 'cert' -c_key 'key' -c_cert 'cert' 23$ 24$ define/user sys$output testssl-x509-output. 25$ define/user sys$error nla0: 26$ mcr 'exe_dir'openssl x509 -in 'cert' -text -noout 27$ set noon 28$ define/user sys$error nla0: 29$ search/output=nla0: testssl-x509-output. "DSA Public Key"/exact 30$ if $severity .eq. 1 31$ then 32$ dsa_cert := YES 33$ else 34$ dsa_cert := NO 35$ endif 36$ set on 37$ delete testssl-x509-output.;* 38$ 39$ if p3 .eqs. "" 40$ then 41$ copy/concatenate [-.certs]*.pem certs.tmp 42$ CA = """-CAfile"" certs.tmp" 43$ else 44$ CA = """-CAfile"" "+p3 45$ endif 46$ 47$!########################################################################### 48$ 49$ write sys$output "test sslv2" 50$ 'ssltest' -ssl2 51$ if $severity .ne. 1 then goto exit3 52$ 53$ write sys$output "test sslv2 with server authentication" 54$ 'ssltest' -ssl2 -server_auth 'CA' 55$ if $severity .ne. 1 then goto exit3 56$ 57$ if .not. dsa_cert 58$ then 59$ write sys$output "test sslv2 with client authentication" 60$ 'ssltest' -ssl2 -client_auth 'CA' 61$ if $severity .ne. 1 then goto exit3 62$ 63$ write sys$output "test sslv2 with both client and server authentication" 64$ 'ssltest' -ssl2 -server_auth -client_auth 'CA' 65$ if $severity .ne. 1 then goto exit3 66$ endif 67$ 68$ write sys$output "test sslv3" 69$ 'ssltest' -ssl3 70$ if $severity .ne. 1 then goto exit3 71$ 72$ write sys$output "test sslv3 with server authentication" 73$ 'ssltest' -ssl3 -server_auth 'CA' 74$ if $severity .ne. 1 then goto exit3 75$ 76$ write sys$output "test sslv3 with client authentication" 77$ 'ssltest' -ssl3 -client_auth 'CA' 78$ if $severity .ne. 1 then goto exit3 79$ 80$ write sys$output "test sslv3 with both client and server authentication" 81$ 'ssltest' -ssl3 -server_auth -client_auth 'CA' 82$ if $severity .ne. 1 then goto exit3 83$ 84$ write sys$output "test sslv2/sslv3" 85$ 'ssltest' 86$ if $severity .ne. 1 then goto exit3 87$ 88$ write sys$output "test sslv2/sslv3 with server authentication" 89$ 'ssltest' -server_auth 'CA' 90$ if $severity .ne. 1 then goto exit3 91$ 92$ write sys$output "test sslv2/sslv3 with client authentication" 93$ 'ssltest' -client_auth 'CA' 94$ if $severity .ne. 1 then goto exit3 95$ 96$ write sys$output "test sslv2/sslv3 with both client and server authentication" 97$ 'ssltest' -server_auth -client_auth 'CA' 98$ if $severity .ne. 1 then goto exit3 99$ 100$ write sys$output "test sslv2 via BIO pair" 101$ 'ssltest' -bio_pair -ssl2 102$ if $severity .ne. 1 then goto exit3 103$ 104$ write sys$output "test sslv2 with server authentication via BIO pair" 105$ 'ssltest' -bio_pair -ssl2 -server_auth 'CA' 106$ if $severity .ne. 1 then goto exit3 107$ 108$ if .not. dsa_cert 109$ then 110$ write sys$output "test sslv2 with client authentication via BIO pair" 111$ 'ssltest' -bio_pair -ssl2 -client_auth 'CA' 112$ if $severity .ne. 1 then goto exit3 113$ 114$ write sys$output "test sslv2 with both client and server authentication via BIO pair" 115$ 'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA' 116$ if $severity .ne. 1 then goto exit3 117$ endif 118$ 119$ write sys$output "test sslv3 via BIO pair" 120$ 'ssltest' -bio_pair -ssl3 121$ if $severity .ne. 1 then goto exit3 122$ 123$ write sys$output "test sslv3 with server authentication via BIO pair" 124$ 'ssltest' -bio_pair -ssl3 -server_auth 'CA' 125$ if $severity .ne. 1 then goto exit3 126$ 127$ write sys$output "test sslv3 with client authentication via BIO pair" 128$ 'ssltest' -bio_pair -ssl3 -client_auth 'CA' 129$ if $severity .ne. 1 then goto exit3 130 131$ write sys$output "test sslv3 with both client and server authentication via BIO pair" 132$ 'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA' 133$ if $severity .ne. 1 then goto exit3 134$ 135$ write sys$output "test sslv2/sslv3 via BIO pair" 136$ 'ssltest' 137$ if $severity .ne. 1 then goto exit3 138$ 139$ if .not. dsa_cert 140$ then 141$ write sys$output "test sslv2/sslv3 w/o DHE via BIO pair" 142$ 'ssltest' -bio_pair -no_dhe 143$ if $severity .ne. 1 then goto exit3 144$ endif 145$ 146$ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair" 147$ 'ssltest' -bio_pair -dhe1024dsa -v 148$ if $severity .ne. 1 then goto exit3 149$ 150$ write sys$output "test sslv2/sslv3 with server authentication" 151$ 'ssltest' -bio_pair -server_auth 'CA' 152$ if $severity .ne. 1 then goto exit3 153$ 154$ write sys$output "test sslv2/sslv3 with client authentication via BIO pair" 155$ 'ssltest' -bio_pair -client_auth 'CA' 156$ if $severity .ne. 1 then goto exit3 157$ 158$ write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair" 159$ 'ssltest' -bio_pair -server_auth -client_auth 'CA' 160$ if $severity .ne. 1 then goto exit3 161$ 162$!########################################################################### 163$ 164$ set noon 165$ define/user sys$output nla0: 166$ mcr 'exe_dir'openssl no-rsa 167$ no_rsa=$SEVERITY 168$ define/user sys$output nla0: 169$ mcr 'exe_dir'openssl no-dh 170$ no_dh=$SEVERITY 171$ set on 172$ 173$ if no_dh 174$ then 175$ write sys$output "skipping anonymous DH tests" 176$ else 177$ write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes" 178$ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time 179$ if $severity .ne. 1 then goto exit3 180$ endif 181$ 182$ if no_rsa 183$ then 184$ write sys$output "skipping RSA tests" 185$ else 186$ write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes" 187$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time 188$ if $severity .ne. 1 then goto exit3 189$ 190$ if no_dh 191$ then 192$ write sys$output "skipping RSA+DHE tests" 193$ else 194$ write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes" 195$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time 196$ if $severity .ne. 1 then goto exit3 197$ endif 198$ endif 199$ 200$ RET = 1 201$ goto exit 202$ exit3: 203$ RET = 3 204$ exit: 205$ if p3 .eqs. "" then delete certs.tmp;* 206$ exit 'RET' 207