1$! TESTSSL.COM 2$ 3$ __arch = "VAX" 4$ if f$getsyi("cpu") .ge. 128 then - 5 __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE") 6$ if __arch .eqs. "" then __arch = "UNK" 7$! 8$ if (p4 .eqs. "64") then __arch = __arch+ "_64" 9$! 10$ texe_dir = "sys$disk:[-.''__arch'.exe.test]" 11$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]" 12$ 13$ if p1 .eqs. "" 14$ then 15$ key="[-.apps]server.pem" 16$ else 17$ key=p1 18$ endif 19$ if p2 .eqs. "" 20$ then 21$ cert="[-.apps]server.pem" 22$ else 23$ cert=p2 24$ endif 25$ ssltest = "mcr ''texe_dir'ssltest -key ''key'"+ - 26 " -cert ''cert' -c_key ''key' -c_cert ''cert'" 27$! 28$ set noon 29$ define/user sys$output testssl-x509-output. 30$ define/user sys$error nla0: 31$ mcr 'exe_dir'openssl x509 -in 'cert' -text -noout 32$ define/user sys$error nla0: 33$ search/output=nla0: testssl-x509-output. "DSA Public Key"/exact 34$ if $severity .eq. 1 35$ then 36$ dsa_cert = "YES" 37$ else 38$ dsa_cert = "NO" 39$ endif 40$ delete testssl-x509-output.;* 41$ 42$ if p3 .eqs. "" 43$ then 44$ copy/concatenate [-.certs]*.pem certs.tmp 45$ CA = """-CAfile"" certs.tmp" 46$ else 47$ CA = """-CAfile"" "+p3 48$ endif 49$ 50$!########################################################################### 51$ 52$ write sys$output "test sslv2" 53$ 'ssltest' -ssl2 54$ if $severity .ne. 1 then goto exit3 55$ 56$ write sys$output "test sslv2 with server authentication" 57$ 'ssltest' -ssl2 -server_auth 'CA' 58$ if $severity .ne. 1 then goto exit3 59$ 60$ if .not. dsa_cert 61$ then 62$ write sys$output "test sslv2 with client authentication" 63$ 'ssltest' -ssl2 -client_auth 'CA' 64$ if $severity .ne. 1 then goto exit3 65$ 66$ write sys$output "test sslv2 with both client and server authentication" 67$ 'ssltest' -ssl2 -server_auth -client_auth 'CA' 68$ if $severity .ne. 1 then goto exit3 69$ endif 70$ 71$ write sys$output "test sslv3" 72$ 'ssltest' -ssl3 73$ if $severity .ne. 1 then goto exit3 74$ 75$ write sys$output "test sslv3 with server authentication" 76$ 'ssltest' -ssl3 -server_auth 'CA' 77$ if $severity .ne. 1 then goto exit3 78$ 79$ write sys$output "test sslv3 with client authentication" 80$ 'ssltest' -ssl3 -client_auth 'CA' 81$ if $severity .ne. 1 then goto exit3 82$ 83$ write sys$output "test sslv3 with both client and server authentication" 84$ 'ssltest' -ssl3 -server_auth -client_auth 'CA' 85$ if $severity .ne. 1 then goto exit3 86$ 87$ write sys$output "test sslv2/sslv3" 88$ 'ssltest' 89$ if $severity .ne. 1 then goto exit3 90$ 91$ write sys$output "test sslv2/sslv3 with server authentication" 92$ 'ssltest' -server_auth 'CA' 93$ if $severity .ne. 1 then goto exit3 94$ 95$ write sys$output "test sslv2/sslv3 with client authentication" 96$ 'ssltest' -client_auth 'CA' 97$ if $severity .ne. 1 then goto exit3 98$ 99$ write sys$output "test sslv2/sslv3 with both client and server authentication" 100$ 'ssltest' -server_auth -client_auth 'CA' 101$ if $severity .ne. 1 then goto exit3 102$ 103$ write sys$output "test sslv2 via BIO pair" 104$ 'ssltest' -bio_pair -ssl2 105$ if $severity .ne. 1 then goto exit3 106$ 107$ write sys$output "test sslv2 with server authentication via BIO pair" 108$ 'ssltest' -bio_pair -ssl2 -server_auth 'CA' 109$ if $severity .ne. 1 then goto exit3 110$ 111$ if .not. dsa_cert 112$ then 113$ write sys$output "test sslv2 with client authentication via BIO pair" 114$ 'ssltest' -bio_pair -ssl2 -client_auth 'CA' 115$ if $severity .ne. 1 then goto exit3 116$ 117$ write sys$output "test sslv2 with both client and server authentication via BIO pair" 118$ 'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA' 119$ if $severity .ne. 1 then goto exit3 120$ endif 121$ 122$ write sys$output "test sslv3 via BIO pair" 123$ 'ssltest' -bio_pair -ssl3 124$ if $severity .ne. 1 then goto exit3 125$ 126$ write sys$output "test sslv3 with server authentication via BIO pair" 127$ 'ssltest' -bio_pair -ssl3 -server_auth 'CA' 128$ if $severity .ne. 1 then goto exit3 129$ 130$ write sys$output "test sslv3 with client authentication via BIO pair" 131$ 'ssltest' -bio_pair -ssl3 -client_auth 'CA' 132$ if $severity .ne. 1 then goto exit3 133 134$ write sys$output "test sslv3 with both client and server authentication via BIO pair" 135$ 'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA' 136$ if $severity .ne. 1 then goto exit3 137$ 138$ write sys$output "test sslv2/sslv3 via BIO pair" 139$ 'ssltest' 140$ if $severity .ne. 1 then goto exit3 141$ 142$ if .not. dsa_cert 143$ then 144$ write sys$output "test sslv2/sslv3 w/o DHE via BIO pair" 145$ 'ssltest' -bio_pair -no_dhe 146$ if $severity .ne. 1 then goto exit3 147$ endif 148$ 149$ write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair" 150$ 'ssltest' -bio_pair -dhe1024dsa -v 151$ if $severity .ne. 1 then goto exit3 152$ 153$ write sys$output "test sslv2/sslv3 with server authentication" 154$ 'ssltest' -bio_pair -server_auth 'CA' 155$ if $severity .ne. 1 then goto exit3 156$ 157$ write sys$output "test sslv2/sslv3 with client authentication via BIO pair" 158$ 'ssltest' -bio_pair -client_auth 'CA' 159$ if $severity .ne. 1 then goto exit3 160$ 161$ write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair" 162$ 'ssltest' -bio_pair -server_auth -client_auth 'CA' 163$ if $severity .ne. 1 then goto exit3 164$ 165$!########################################################################### 166$ 167$ define/user sys$output nla0: 168$ mcr 'exe_dir'openssl no-rsa 169$ no_rsa=$SEVERITY 170$ define/user sys$output nla0: 171$ mcr 'exe_dir'openssl no-dh 172$ no_dh=$SEVERITY 173$ 174$ if no_dh 175$ then 176$ write sys$output "skipping anonymous DH tests" 177$ else 178$ write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes" 179$ 'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time 180$ if $severity .ne. 1 then goto exit3 181$ endif 182$ 183$ if no_rsa 184$ then 185$ write sys$output "skipping RSA tests" 186$ else 187$ write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes" 188$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time 189$ if $severity .ne. 1 then goto exit3 190$ 191$ if no_dh 192$ then 193$ write sys$output "skipping RSA+DHE tests" 194$ else 195$ write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes" 196$ mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time 197$ if $severity .ne. 1 then goto exit3 198$ endif 199$ endif 200$ 201$ RET = 1 202$ goto exit 203$ exit3: 204$ RET = 3 205$ exit: 206$ if p3 .eqs. "" then delete certs.tmp;* 207$ set on 208$ exit 'RET' 209