src - OpenBSD base system

diff options


context:
space:
mode:

author	Damien Miller <djm@cvs.openbsd.org>	2008-09-06 12:15:54 +0000
committer	Damien Miller <djm@cvs.openbsd.org>	2008-09-06 12:15:54 +0000
commit	ec7710fe8f10fb624fbc33c0bbad2474e0c26979 (patch)
tree	155d7390bb990e78025dac6fc71bbec144e85be3 /lib/libssl/test
parent	f52bb90f3dabf574f7dd7e1da53a52acc8ad371e (diff)

import of OpenSSL 0.9.8h

Diffstat (limited to 'lib/libssl/test')

-rw-r--r--

lib/libssl/test/cms-examples.pl

409

-rw-r--r--

lib/libssl/test/cms-test.pl

453

-rw-r--r--

lib/libssl/test/igetest.c

503

-rw-r--r--

lib/libssl/test/smcont.txt

-rw-r--r--

lib/libssl/test/smime-certs/smdsa1.pem

-rw-r--r--

lib/libssl/test/smime-certs/smdsa2.pem

-rw-r--r--

lib/libssl/test/smime-certs/smdsa3.pem

-rw-r--r--

lib/libssl/test/smime-certs/smdsap.pem

-rw-r--r--

lib/libssl/test/smime-certs/smroot.pem

-rw-r--r--

lib/libssl/test/smime-certs/smrsa1.pem

-rw-r--r--

lib/libssl/test/smime-certs/smrsa2.pem

-rw-r--r--

lib/libssl/test/smime-certs/smrsa3.pem

12 files changed, 1600 insertions, 0 deletions

diff --git a/lib/libssl/test/cms-examples.pl b/lib/libssl/test/cms-examples.pl
new file mode 100644
index 00000000000..2e95b48ba45
--- /dev/null
+++ b/lib/libssl/test/cms-examples.pl

@@ -0,0 +1,409 @@

+# test/cms-examples.pl

+# Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL

+# project.

+# ====================================================================

+# Redistribution and use in source and binary forms, with or without

+# modification, are permitted provided that the following conditions

+# are met:

+# 1. Redistributions of source code must retain the above copyright

+# notice, this list of conditions and the following disclaimer.

+# 2. Redistributions in binary form must reproduce the above copyright

+# notice, this list of conditions and the following disclaimer in

+# the documentation and/or other materials provided with the

+# distribution.

+# 3. All advertising materials mentioning features or use of this

+# software must display the following acknowledgment:

+# "This product includes software developed by the OpenSSL Project

+# for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"

+# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to

+# endorse or promote products derived from this software without

+# prior written permission. For written permission, please contact

+# licensing@OpenSSL.org.

+# 5. Products derived from this software may not be called "OpenSSL"

+# nor may "OpenSSL" appear in their names without prior written

+# permission of the OpenSSL Project.

+# 6. Redistributions of any form whatsoever must retain the following

+# acknowledgment:

+# "This product includes software developed by the OpenSSL Project

+# for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"

+# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY

+# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

+# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR

+# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

+# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

+# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

+# OF THE POSSIBILITY OF SUCH DAMAGE.

+# ====================================================================

+# Perl script to run tests against S/MIME examples in RFC4134

+# Assumes RFC is in current directory and called "rfc4134.txt"

+use MIME::Base64;

+my $badttest = 0;

+my $verbose = 1;

+my $cmscmd;

+my $exdir = "./";

+my $exfile = "./rfc4134.txt";

+if (-f "../apps/openssl")

+ {

+ $cmscmd = "../util/shlib_wrap.sh ../apps/openssl cms";

+ }

+elsif (-f "..\\out32dll\\openssl.exe")

+ {

+ $cmscmd = "..\\out32dll\\openssl.exe cms";

+ }

+elsif (-f "..\\out32\\openssl.exe")

+ {

+ $cmscmd = "..\\out32\\openssl.exe cms";

+ }

+my @test_list = (

+ [ "3.1.bin" => "dataout" ],

+ [ "3.2.bin" => "encode, dataout" ],

+ [ "4.1.bin" => "encode, verifyder, cont, dss" ],

+ [ "4.2.bin" => "encode, verifyder, cont, rsa" ],

+ [ "4.3.bin" => "encode, verifyder, cont_extern, dss" ],

+ [ "4.4.bin" => "encode, verifyder, cont, dss" ],

+ [ "4.5.bin" => "verifyder, cont, rsa" ],

+ [ "4.6.bin" => "encode, verifyder, cont, dss" ],

+ [ "4.7.bin" => "encode, verifyder, cont, dss" ],

+ [ "4.8.eml" => "verifymime, dss" ],

+ [ "4.9.eml" => "verifymime, dss" ],

+ [ "4.10.bin" => "encode, verifyder, cont, dss" ],

+ [ "4.11.bin" => "encode, certsout" ],

+ [ "5.1.bin" => "encode, envelopeder, cont" ],

+ [ "5.2.bin" => "encode, envelopeder, cont" ],

+ [ "5.3.eml" => "envelopemime, cont" ],

+ [ "6.0.bin" => "encode, digest, cont" ],

+ [ "7.1.bin" => "encode, encrypted, cont" ],

+ [ "7.2.bin" => "encode, encrypted, cont" ]

+);

+# Extract examples from RFC4134 text.

+# Base64 decode all examples, certificates and

+# private keys are converted to PEM format.

+my ( $filename, $data );

+my @cleanup = ( "cms.out", "cms.err", "tmp.der", "tmp.txt" );

+$data = "";

+open( IN, $exfile ) || die "Can't Open RFC examples file $exfile";

+while (<IN>) {

+ next unless (/^\|/);

+ s/^\|//;

+ next if (/^\*/);

+ if (/^>(.*)$/) {

+ $filename = $1;

+ next;

+ }

+ if (/^</) {

+ $filename = "$exdir/$filename";

+ if ( $filename =~ /\.bin$/ || $filename =~ /\.eml$/ ) {

+ $data = decode_base64($data);

+ open OUT, ">$filename";

+ binmode OUT;

+ print OUT $data;

+ close OUT;

+ push @cleanup, $filename;

+ }

+ elsif ( $filename =~ /\.cer$/ ) {

+ write_pem( $filename, "CERTIFICATE", $data );

+ }

+ elsif ( $filename =~ /\.pri$/ ) {

+ write_pem( $filename, "PRIVATE KEY", $data );

+ }

+ $data = "";

+ $filename = "";

+ }

+ else {

+ $data .= $_;

+ }

+my $secretkey =

+ "73:7c:79:1f:25:ea:d0:e0:46:29:25:43:52:f7:dc:62:91:e5:cb:26:91:7a:da:32";

+foreach (@test_list) {

+ my ( $file, $tlist ) = @$_;

+ print "Example file $file:\n";

+ if ( $tlist =~ /encode/ ) {

+ run_reencode_test( $exdir, $file );

+ }

+ if ( $tlist =~ /certsout/ ) {

+ run_certsout_test( $exdir, $file );

+ }

+ if ( $tlist =~ /dataout/ ) {

+ run_dataout_test( $exdir, $file );

+ }

+ if ( $tlist =~ /verify/ ) {

+ run_verify_test( $exdir, $tlist, $file );

+ }

+ if ( $tlist =~ /digest/ ) {

+ run_digest_test( $exdir, $tlist, $file );

+ }

+ if ( $tlist =~ /encrypted/ ) {

+ run_encrypted_test( $exdir, $tlist, $file, $secretkey );

+ }

+ if ( $tlist =~ /envelope/ ) {

+ run_envelope_test( $exdir, $tlist, $file );

+ }

+foreach (@cleanup) {

+ unlink $_;

+if ($badtest) {

+ print "\n$badtest TESTS FAILED!!\n";

+else {

+ print "\n***All tests successful***\n";

+sub write_pem {

+ my ( $filename, $str, $data ) = @_;

+ $filename =~ s/\.[^.]*$/.pem/;

+ push @cleanup, $filename;

+ open OUT, ">$filename";

+ print OUT "-----BEGIN $str-----\n";

+ print OUT $data;

+ print OUT "-----END $str-----\n";

+ close OUT;

+sub run_reencode_test {

+ my ( $cmsdir, $tfile ) = @_;

+ unlink "tmp.der";

+ system( "$cmscmd -cmsout -inform DER -outform DER"

+ . " -in $cmsdir/$tfile -out tmp.der" );

+ if ($?) {

+ print "\tReencode command FAILED!!\n";

+ $badtest++;

+ }

+ elsif ( !cmp_files( "$cmsdir/$tfile", "tmp.der" ) ) {

+ print "\tReencode FAILED!!\n";

+ $badtest++;

+ }

+ else {

+ print "\tReencode passed\n" if $verbose;

+ }

+sub run_certsout_test {

+ my ( $cmsdir, $tfile ) = @_;

+ unlink "tmp.der";

+ unlink "tmp.pem";

+ system( "$cmscmd -cmsout -inform DER -certsout tmp.pem"

+ . " -in $cmsdir/$tfile -out tmp.der" );

+ if ($?) {

+ print "\tCertificate output command FAILED!!\n";

+ $badtest++;

+ }

+ else {

+ print "\tCertificate output passed\n" if $verbose;

+ }

+sub run_dataout_test {

+ my ( $cmsdir, $tfile ) = @_;

+ unlink "tmp.txt";

+ system(

+ "$cmscmd -data_out -inform DER" . " -in $cmsdir/$tfile -out tmp.txt" );

+ if ($?) {

+ print "\tDataout command FAILED!!\n";

+ $badtest++;

+ }

+ elsif ( !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) ) {

+ print "\tDataout compare FAILED!!\n";

+ $badtest++;

+ }

+ else {

+ print "\tDataout passed\n" if $verbose;

+ }

+sub run_verify_test {

+ my ( $cmsdir, $tlist, $tfile ) = @_;

+ unlink "tmp.txt";

+ $form = "DER" if $tlist =~ /verifyder/;

+ $form = "SMIME" if $tlist =~ /verifymime/;

+ $cafile = "$cmsdir/CarlDSSSelf.pem" if $tlist =~ /dss/;

+ $cafile = "$cmsdir/CarlRSASelf.pem" if $tlist =~ /rsa/;

+ $cmd =

+ "$cmscmd -verify -inform $form"

+ . " -CAfile $cafile"

+ . " -in $cmsdir/$tfile -out tmp.txt";

+ $cmd .= " -content $cmsdir/ExContent.bin" if $tlist =~ /cont_extern/;

+ system("$cmd 2>cms.err 1>cms.out");

+ if ($?) {

+ print "\tVerify command FAILED!!\n";

+ $badtest++;

+ }

+ elsif ( $tlist =~ /cont/

+ && !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )

+ {

+ print "\tVerify content compare FAILED!!\n";

+ $badtest++;

+ }

+ else {

+ print "\tVerify passed\n" if $verbose;

+ }

+sub run_envelope_test {

+ my ( $cmsdir, $tlist, $tfile ) = @_;

+ unlink "tmp.txt";

+ $form = "DER" if $tlist =~ /envelopeder/;

+ $form = "SMIME" if $tlist =~ /envelopemime/;

+ $cmd =

+ "$cmscmd -decrypt -inform $form"

+ . " -recip $cmsdir/BobRSASignByCarl.pem"

+ . " -inkey $cmsdir/BobPrivRSAEncrypt.pem"

+ . " -in $cmsdir/$tfile -out tmp.txt";

+ system("$cmd 2>cms.err 1>cms.out");

+ if ($?) {

+ print "\tDecrypt command FAILED!!\n";

+ $badtest++;

+ }

+ elsif ( $tlist =~ /cont/

+ && !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )

+ {

+ print "\tDecrypt content compare FAILED!!\n";

+ $badtest++;

+ }

+ else {

+ print "\tDecrypt passed\n" if $verbose;

+ }

+sub run_digest_test {

+ my ( $cmsdir, $tlist, $tfile ) = @_;

+ unlink "tmp.txt";

+ my $cmd =

+ "$cmscmd -digest_verify -inform DER" . " -in $cmsdir/$tfile -out tmp.txt";

+ system("$cmd 2>cms.err 1>cms.out");

+ if ($?) {

+ print "\tDigest verify command FAILED!!\n";

+ $badtest++;

+ }

+ elsif ( $tlist =~ /cont/

+ && !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )

+ {

+ print "\tDigest verify content compare FAILED!!\n";

+ $badtest++;

+ }

+ else {

+ print "\tDigest verify passed\n" if $verbose;

+ }

+sub run_encrypted_test {

+ my ( $cmsdir, $tlist, $tfile, $key ) = @_;

+ unlink "tmp.txt";

+ system( "$cmscmd -EncryptedData_decrypt -inform DER"

+ . " -secretkey $key"

+ . " -in $cmsdir/$tfile -out tmp.txt" );

+ if ($?) {

+ print "\tEncrypted Data command FAILED!!\n";

+ $badtest++;

+ }

+ elsif ( $tlist =~ /cont/

+ && !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )

+ {

+ print "\tEncrypted Data content compare FAILED!!\n";

+ $badtest++;

+ }

+ else {

+ print "\tEncryptedData verify passed\n" if $verbose;

+ }

+sub cmp_files {

+ my ( $f1, $f2 ) = @_;

+ my ( $fp1, $fp2 );

+ my ( $rd1, $rd2 );

+ if ( !open( $fp1, "<$f1" ) ) {

+ print STDERR "Can't Open file $f1\n";

+ return 0;

+ }

+ if ( !open( $fp2, "<$f2" ) ) {

+ print STDERR "Can't Open file $f2\n";

+ return 0;

+ }

+ binmode $fp1;

+ binmode $fp2;

+ my $ret = 0;

+ for ( ; ; ) {

+ $n1 = sysread $fp1, $rd1, 4096;

+ $n2 = sysread $fp2, $rd2, 4096;

+ last if ( $n1 != $n2 );

+ last if ( $rd1 ne $rd2 );

+ if ( $n1 == 0 ) {

+ $ret = 1;

+ last;

+ }

+ close $fp1;

+ close $fp2;

+ return $ret;

diff --git a/lib/libssl/test/cms-test.pl b/lib/libssl/test/cms-test.pl
new file mode 100644
index 00000000000..a84e089ddc4
--- /dev/null
+++ b/lib/libssl/test/cms-test.pl

@@ -0,0 +1,453 @@

+# test/cms-test.pl