openbsd/src
1
0
Fork 0
mirror of https://github.com/openbsd/src.git synced 2026-04-29 16:47:15 +00:00
Code Issues Projects Releases Wiki Activity

Remove lib/libssl/test.

Browse Source 
This is all unhelpful historical cruft.

Discussed with tb@
This commit is contained in:
jsing
2026-04-03 14:16:38 +00:00
parent a0d451d3eb
commit a9ecf4b7f2
53 changed files with 0 additions and 4409 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
lib/libssl/test/CAss.cnf
View File

@@ -1,76 +0,0 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
RANDFILE = ./.rnd
####################################################################
[ req ]
default_bits = 2048
default_keyfile = keySS.pem
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
default_md = sha1
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = AU
countryName_value = AU
organizationName = Organization Name (eg, company)
organizationName_value = Dodgy Brothers
commonName = Common Name (eg, YOUR name)
commonName_value = Dodgy CA
####################################################################
[ ca ]
default_ca = CA_default # The default ca section
####################################################################
[ CA_default ]
dir = ./demoCA # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file.
#unique_subject = no # Set to 'no' to allow creation of
# several certificates with same subject.
new_certs_dir = $dir/newcerts # default place for new certs.
certificate = $dir/cacert.pem # The CA certificate
serial = $dir/serial # The current serial number
crl = $dir/crl.pem # The current CRL
private_key = $dir/private/cakey.pem# The private key
RANDFILE = $dir/private/.rand # private random number file
x509_extensions = v3_ca # The extensions to add to the cert
name_opt = ca_default # Subject Name options
cert_opt = ca_default # Certificate field options
default_days = 365 # how long to certify for
default_crl_days= 30 # how long before next CRL
default_md = md5 # which md to use.
preserve = no # keep passed DN ordering
policy = policy_anything
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
[ v3_ca ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
basicConstraints = CA:true,pathlen:1
keyUsage = cRLSign, keyCertSign
issuerAltName=issuer:copy

24
lib/libssl/test/CAssdh.cnf
View File

@@ -1,24 +0,0 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
# hacked by iang to do DH certs - CA
RANDFILE = ./.rnd
####################################################################
[ req ]
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = CU
countryName_value = CU
organizationName = Organization Name (eg, company)
organizationName_value = La Junta de la Revolucion
commonName = Common Name (eg, YOUR name)
commonName_value = Junta

23
lib/libssl/test/CAssdsa.cnf
View File

@@ -1,23 +0,0 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
# hacked by iang to do DSA certs - CA
RANDFILE = ./.rnd
####################################################################
[ req ]
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = ES
countryName_value = ES
organizationName = Organization Name (eg, company)
organizationName_value = Hermanos Locos
commonName = Common Name (eg, YOUR name)
commonName_value = Hermanos Locos CA

24
lib/libssl/test/CAssrsa.cnf
View File

@@ -1,24 +0,0 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
# create RSA certs - CA
RANDFILE = ./.rnd
####################################################################
[ req ]
distinguished_name = req_distinguished_name
encrypt_key = no
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = ES
countryName_value = ES
organizationName = Organization Name (eg, company)
organizationName_value = Hermanos Locos
commonName = Common Name (eg, YOUR name)
commonName_value = Hermanos Locos CA

163
lib/libssl/test/CAtsa.cnf
View File

@@ -1,163 +0,0 @@
#
# This config is used by the Time Stamp Authority tests.
#
RANDFILE = ./.rnd
# Extra OBJECT IDENTIFIER info:
oid_section = new_oids
TSDNSECT = ts_cert_dn
INDEX = 1
[ new_oids ]
# Policies used by the TSA tests.
tsa_policy1 = 1.2.3.4.1
tsa_policy2 = 1.2.3.4.5.6
tsa_policy3 = 1.2.3.4.5.7
#----------------------------------------------------------------------
[ ca ]
default_ca = CA_default # The default ca section
[ CA_default ]
dir = ./demoCA
certs = $dir/certs # Where the issued certs are kept
database = $dir/index.txt # database index file.
new_certs_dir = $dir/newcerts # default place for new certs.
certificate = $dir/cacert.pem # The CA certificate
serial = $dir/serial # The current serial number
private_key = $dir/private/cakey.pem# The private key
RANDFILE = $dir/private/.rand # private random number file
default_days = 365 # how long to certify for
default_md = sha1 # which md to use.
preserve = no # keep passed DN ordering
policy = policy_match
# For the CA policy
[ policy_match ]
countryName = supplied
stateOrProvinceName = supplied
organizationName = supplied
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
#----------------------------------------------------------------------
[ req ]
default_bits = 1024
default_md = sha1
distinguished_name = $ENV::TSDNSECT
encrypt_rsa_key = no
prompt = no
# attributes = req_attributes
x509_extensions = v3_ca # The extensions to add to the self signed cert
string_mask = nombstr
[ ts_ca_dn ]
countryName = HU
stateOrProvinceName = Budapest
localityName = Budapest
organizationName = Gov-CA Ltd.
commonName = ca1
[ ts_cert_dn ]
countryName = HU
stateOrProvinceName = Budapest
localityName = Buda
organizationName = Hun-TSA Ltd.
commonName = tsa$ENV::INDEX
[ tsa_cert ]
# TSA server cert is not a CA cert.
basicConstraints=CA:FALSE
# The following key usage flags are needed for TSA server certificates.
keyUsage = nonRepudiation, digitalSignature
extendedKeyUsage = critical,timeStamping
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
[ non_tsa_cert ]
# This is not a CA cert and not a TSA cert, either (timeStamping usage missing)
basicConstraints=CA:FALSE
# The following key usage flags are needed for TSA server certificates.
keyUsage = nonRepudiation, digitalSignature
# timeStamping is not supported by this certificate
# extendedKeyUsage = critical,timeStamping
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
[ v3_req ]
# Extensions to add to a certificate request
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature
[ v3_ca ]
# Extensions for a typical CA
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
basicConstraints = critical,CA:true
keyUsage = cRLSign, keyCertSign
#----------------------------------------------------------------------
[ tsa ]
default_tsa = tsa_config1 # the default TSA section
[ tsa_config1 ]
# These are used by the TSA reply generation only.
dir = . # TSA root directory
serial = $dir/tsa_serial # The current serial number (mandatory)
signer_cert = $dir/tsa_cert1.pem # The TSA signing certificate
# (optional)
certs = $dir/tsaca.pem # Certificate chain to include in reply
# (optional)
signer_key = $dir/tsa_key1.pem # The TSA private key (optional)
default_policy = tsa_policy1 # Policy if request did not specify it
# (optional)
other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional)
digests = md5, sha1 # Acceptable message digests (mandatory)
accuracy = secs:1, millisecs:500, microsecs:100 # (optional)
ordering = yes # Is ordering defined for timestamps?
# (optional, default: no)
tsa_name = yes # Must the TSA name be included in the reply?
# (optional, default: no)
ess_cert_id_chain = yes # Must the ESS cert id chain be included?
# (optional, default: no)
[ tsa_config2 ]
# This configuration uses a certificate which doesn't have timeStamping usage.
# These are used by the TSA reply generation only.
dir = . # TSA root directory
serial = $dir/tsa_serial # The current serial number (mandatory)
signer_cert = $dir/tsa_cert2.pem # The TSA signing certificate
# (optional)
certs = $dir/demoCA/cacert.pem# Certificate chain to include in reply
# (optional)
signer_key = $dir/tsa_key2.pem # The TSA private key (optional)
default_policy = tsa_policy1 # Policy if request did not specify it
# (optional)
other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional)
digests = md5, sha1 # Acceptable message digests (mandatory)

37
lib/libssl/test/P1ss.cnf
View File

@@ -1,37 +0,0 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
RANDFILE = ./.rnd
####################################################################
[ req ]
default_bits = 1024
default_keyfile = keySS.pem
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
default_md = md2
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = AU
countryName_value = AU
organizationName = Organization Name (eg, company)
organizationName_value = Dodgy Brothers
0.commonName = Common Name (eg, YOUR name)
0.commonName_value = Brother 1
1.commonName = Common Name (eg, YOUR name)
1.commonName_value = Brother 2
2.commonName = Common Name (eg, YOUR name)
2.commonName_value = Proxy 1
[ v3_proxy ]
basicConstraints=CA:FALSE
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:1,policy:text:AB

45
lib/libssl/test/P2ss.cnf
View File

@@ -1,45 +0,0 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
RANDFILE = ./.rnd
####################################################################
[ req ]
default_bits = 1024
default_keyfile = keySS.pem
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
default_md = md2
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = AU
countryName_value = AU
organizationName = Organization Name (eg, company)
organizationName_value = Dodgy Brothers
0.commonName = Common Name (eg, YOUR name)
0.commonName_value = Brother 1
1.commonName = Common Name (eg, YOUR name)
1.commonName_value = Brother 2
2.commonName = Common Name (eg, YOUR name)
2.commonName_value = Proxy 1
3.commonName = Common Name (eg, YOUR name)
3.commonName_value = Proxy 2
[ v3_proxy ]
basicConstraints=CA:FALSE
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
proxyCertInfo=critical,@proxy_ext
[ proxy_ext ]
language=id-ppl-anyLanguage
pathlen=0
policy=text:BC

27
lib/libssl/test/Sssdsa.cnf
View File

@@ -1,27 +0,0 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
# hacked by iang to do DSA certs - Server
RANDFILE = ./.rnd
####################################################################
[ req ]
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = ES
countryName_value = ES
organizationName = Organization Name (eg, company)
organizationName_value = Tortilleras S.A.
0.commonName = Common Name (eg, YOUR name)
0.commonName_value = Torti
1.commonName = Common Name (eg, YOUR name)
1.commonName_value = Gordita

26
lib/libssl/test/Sssrsa.cnf
View File

@@ -1,26 +0,0 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
# create RSA certs - Server
RANDFILE = ./.rnd
####################################################################
[ req ]
distinguished_name = req_distinguished_name
encrypt_key = no
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = ES
countryName_value = ES
organizationName = Organization Name (eg, company)
organizationName_value = Tortilleras S.A.
0.commonName = Common Name (eg, YOUR name)
0.commonName_value = Torti
1.commonName = Common Name (eg, YOUR name)
1.commonName_value = Gordita

36
lib/libssl/test/Uss.cnf
View File

@@ -1,36 +0,0 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
RANDFILE = ./.rnd
####################################################################
[ req ]
default_bits = 2048
default_keyfile = keySS.pem
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
default_md = sha256
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = AU
countryName_value = AU
organizationName = Organization Name (eg, company)
organizationName_value = Dodgy Brothers
0.commonName = Common Name (eg, YOUR name)
0.commonName_value = Brother 1
1.commonName = Common Name (eg, YOUR name)
1.commonName_value = Brother 2
[ v3_ee ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
basicConstraints = CA:false
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
issuerAltName=issuer:copy

1
lib/libssl/test/VMSca-response.1
View File

@@ -1 +0,0 @@

2
lib/libssl/test/VMSca-response.2
View File

@@ -1,2 +0,0 @@
y
y

111
lib/libssl/test/bctest
View File

@@ -1,111 +0,0 @@
#!/bin/sh
# This script is used by test/Makefile.ssl to check whether a sane 'bc'
# is installed.
# ('make test_bn' should not try to run 'bc' if it does not exist or if
# it is a broken 'bc' version that is known to cause trouble.)
#
# If 'bc' works, we also test if it knows the 'print' command.
#
# In any case, output an appropriate command line for running (or not
# running) bc.
IFS=:
try_without_dir=true
# First we try "bc", then "$dir/bc" for each item in $PATH.
for dir in dummy:$PATH; do
if [ "$try_without_dir" = true ]; then
# first iteration
bc=bc
try_without_dir=false
else
# second and later iterations
bc="$dir/bc"
if [ ! -f "$bc" ]; then # '-x' is not available on Ultrix
bc=''
fi
fi
if [ ! "$bc" = '' ]; then
failure=none
# Test for SunOS 5.[78] bc bug
"$bc" >tmp.bctest <<\EOF
obase=16
ibase=16
a=AD88C418F31B3FC712D0425001D522B3AE9134FF3A98C13C1FCC1682211195406C1A6C66C6A\
CEEC1A0EC16950233F77F1C2F2363D56DD71A36C57E0B2511FC4BA8F22D261FE2E9356D99AF57\
10F3817C0E05BF79C423C3F66FDF321BE8D3F18F625D91B670931C1EF25F28E489BDA1C5422D1\
C3F6F7A1AD21585746ECC4F10A14A778AF56F08898E965E9909E965E0CB6F85B514150C644759\
3BE731877B16EA07B552088FF2EA728AC5E0FF3A23EB939304519AB8B60F2C33D6BA0945B66F0\
4FC3CADF855448B24A9D7640BCF473E
b=DCE91E7D120B983EA9A104B5A96D634DD644C37657B1C7860B45E6838999B3DCE5A555583C6\
9209E41F413422954175A06E67FFEF6746DD652F0F48AEFECC3D8CAC13523BDAAD3F5AF4212BD\
8B3CD64126E1A82E190228020C05B91C8B141F1110086FC2A4C6ED631EBA129D04BB9A19FC53D\
3ED0E2017D60A68775B75481449
(a/b)*b + (a%b) - a
EOF
if [ 0 != "`cat tmp.bctest`" ]; then
failure=SunOStest
fi
if [ "$failure" = none ]; then
# Test for SCO bc bug.
"$bc" >tmp.bctest <<\EOF
obase=16
ibase=16
-FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4AEC6F15AC177F176F2274D2\
9DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7F5ADFACEE54573F5D256A06\
11B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99FB9812A0E4A5773D8B254117\
1239157EC6E3D8D50199 * -FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4\
AEC6F15AC177F176F2274D29DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7\
F5ADFACEE54573F5D256A0611B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99F\
B9812A0E4A5773D8B2541171239157EC6E3D8D50199 - FFBACC221682DA464B6D7F123482522\
02EDAEDCA38C3B69E9B7BBCD6165A9CD8716C4903417F23C09A85B851961F92C217258CEEB866\
85EFCC5DD131853A02C07A873B8E2AF2E40C6D5ED598CD0E8F35AD49F3C3A17FDB7653E4E2DC4\
A8D23CC34686EE4AD01F7407A7CD74429AC6D36DBF0CB6A3E302D0E5BDFCD048A3B90C1BE5AA8\
E16C3D5884F9136B43FF7BB443764153D4AEC176C681B078F4CC53D6EB6AB76285537DDEE7C18\
8C72441B52EDBDDBC77E02D34E513F2AABF92F44109CAFE8242BD0ECBAC5604A94B02EA44D43C\
04E9476E6FBC48043916BFA1485C6093603600273C9C33F13114D78064AE42F3DC466C7DA543D\
89C8D71
AD534AFBED2FA39EE9F40E20FCF9E2C861024DB98DDCBA1CD118C49CA55EEBC20D6BA51B2271C\
928B693D6A73F67FEB1B4571448588B46194617D25D910C6A9A130CC963155CF34079CB218A44\
8A1F57E276D92A33386DDCA3D241DB78C8974ABD71DD05B0FA555709C9910D745185E6FE108E3\
37F1907D0C56F8BFBF52B9704 % -E557905B56B13441574CAFCE2BD257A750B1A8B2C88D0E36\
E18EF7C38DAC80D3948E17ED63AFF3B3467866E3B89D09A81B3D16B52F6A3C7134D3C6F5123E9\
F617E3145BBFBE9AFD0D6E437EA4FF6F04BC67C4F1458B4F0F47B64 - 1C2BBBB19B74E86FD32\
9E8DB6A8C3B1B9986D57ED5419C2E855F7D5469E35E76334BB42F4C43E3F3A31B9697C171DAC4\
D97935A7E1A14AD209D6CF811F55C6DB83AA9E6DFECFCD6669DED7171EE22A40C6181615CAF3F\
5296964
EOF
if [ "0
0" != "`cat tmp.bctest`" ]; then
failure=SCOtest
fi
fi
if [ "$failure" = none ]; then
# bc works; now check if it knows the 'print' command.
if [ "OK" = "`echo 'print \"OK\"' | $bc 2>/dev/null`" ]
then
echo "$bc"
else
echo "sed 's/print.*//' | $bc"
fi
exit 0
fi
echo "$bc does not work properly ('$failure' failed). Looking for another bc ..." >&2
fi
done
echo "No working bc found. Consider installing GNU bc." >&2
if [ "$1" = ignore ]; then
echo "cat >/dev/null"
exit 0
fi
exit 1

409
lib/libssl/test/cms-examples.pl
View File

@@ -1,409 +0,0 @@
# test/cms-examples.pl
# Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
# project.
#
# ====================================================================
# Copyright (c) 2008 The OpenSSL Project. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
#
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in
# the documentation and/or other materials provided with the
# distribution.
#
# 3. All advertising materials mentioning features or use of this
# software must display the following acknowledgment:
# "This product includes software developed by the OpenSSL Project
# for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
#
# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
# endorse or promote products derived from this software without
# prior written permission. For written permission, please contact
# licensing@OpenSSL.org.
#
# 5. Products derived from this software may not be called "OpenSSL"
# nor may "OpenSSL" appear in their names without prior written
# permission of the OpenSSL Project.
#
# 6. Redistributions of any form whatsoever must retain the following
# acknowledgment:
# "This product includes software developed by the OpenSSL Project
# for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
#
# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
# OF THE POSSIBILITY OF SUCH DAMAGE.
# ====================================================================
# Perl script to run tests against S/MIME examples in RFC4134
# Assumes RFC is in current directory and called "rfc4134.txt"
use MIME::Base64;
my $badttest = 0;
my $verbose = 1;
my $cmscmd;
my $exdir = "./";
my $exfile = "./rfc4134.txt";
if (-f "../apps/openssl")
{
$cmscmd = "../util/shlib_wrap.sh ../apps/openssl cms";
}
elsif (-f "..\\out32dll\\openssl.exe")
{
$cmscmd = "..\\out32dll\\openssl.exe cms";
}
elsif (-f "..\\out32\\openssl.exe")
{
$cmscmd = "..\\out32\\openssl.exe cms";
}
my @test_list = (
[ "3.1.bin" => "dataout" ],
[ "3.2.bin" => "encode, dataout" ],
[ "4.1.bin" => "encode, verifyder, cont, dss" ],
[ "4.2.bin" => "encode, verifyder, cont, rsa" ],
[ "4.3.bin" => "encode, verifyder, cont_extern, dss" ],
[ "4.4.bin" => "encode, verifyder, cont, dss" ],
[ "4.5.bin" => "verifyder, cont, rsa" ],
[ "4.6.bin" => "encode, verifyder, cont, dss" ],
[ "4.7.bin" => "encode, verifyder, cont, dss" ],
[ "4.8.eml" => "verifymime, dss" ],
[ "4.9.eml" => "verifymime, dss" ],
[ "4.10.bin" => "encode, verifyder, cont, dss" ],
[ "4.11.bin" => "encode, certsout" ],
[ "5.1.bin" => "encode, envelopeder, cont" ],
[ "5.2.bin" => "encode, envelopeder, cont" ],
[ "5.3.eml" => "envelopemime, cont" ],
[ "6.0.bin" => "encode, digest, cont" ],
[ "7.1.bin" => "encode, encrypted, cont" ],
[ "7.2.bin" => "encode, encrypted, cont" ]
);
# Extract examples from RFC4134 text.
# Base64 decode all examples, certificates and
# private keys are converted to PEM format.
my ( $filename, $data );
my @cleanup = ( "cms.out", "cms.err", "tmp.der", "tmp.txt" );
$data = "";
open( IN, $exfile ) || die "Can't Open RFC examples file $exfile";
while (<IN>) {
next unless (/^\|/);
s/^\|//;
next if (/^\*/);
if (/^>(.*)$/) {
$filename = $1;
next;
}
if (/^</) {
$filename = "$exdir/$filename";
if ( $filename =~ /\.bin$/ || $filename =~ /\.eml$/ ) {
$data = decode_base64($data);
open OUT, ">$filename";
binmode OUT;
print OUT $data;
close OUT;
push @cleanup, $filename;
}
elsif ( $filename =~ /\.cer$/ ) {
write_pem( $filename, "CERTIFICATE", $data );
}
elsif ( $filename =~ /\.pri$/ ) {
write_pem( $filename, "PRIVATE KEY", $data );
}
$data = "";
$filename = "";
}
else {
$data .= $_;
}
}
my $secretkey =
"73:7c:79:1f:25:ea:d0:e0:46:29:25:43:52:f7:dc:62:91:e5:cb:26:91:7a:da:32";
foreach (@test_list) {
my ( $file, $tlist ) = @$_;
print "Example file $file:\n";
if ( $tlist =~ /encode/ ) {
run_reencode_test( $exdir, $file );
}
if ( $tlist =~ /certsout/ ) {
run_certsout_test( $exdir, $file );
}
if ( $tlist =~ /dataout/ ) {
run_dataout_test( $exdir, $file );
}
if ( $tlist =~ /verify/ ) {
run_verify_test( $exdir, $tlist, $file );
}
if ( $tlist =~ /digest/ ) {
run_digest_test( $exdir, $tlist, $file );
}
if ( $tlist =~ /encrypted/ ) {
run_encrypted_test( $exdir, $tlist, $file, $secretkey );
}
if ( $tlist =~ /envelope/ ) {
run_envelope_test( $exdir, $tlist, $file );
}
}
foreach (@cleanup) {
unlink $_;
}
if ($badtest) {
print "\n$badtest TESTS FAILED!!\n";
}
else {
print "\n***All tests successful***\n";
}
sub write_pem {
my ( $filename, $str, $data ) = @_;
$filename =~ s/\.[^.]*$/.pem/;
push @cleanup, $filename;
open OUT, ">$filename";
print OUT "-----BEGIN $str-----\n";
print OUT $data;
print OUT "-----END $str-----\n";
close OUT;
}
sub run_reencode_test {
my ( $cmsdir, $tfile ) = @_;
unlink "tmp.der";
system( "$cmscmd -cmsout -inform DER -outform DER"
. " -in $cmsdir/$tfile -out tmp.der" );
if ($?) {
print "\tReencode command FAILED!!\n";
$badtest++;
}
elsif ( !cmp_files( "$cmsdir/$tfile", "tmp.der" ) ) {
print "\tReencode FAILED!!\n";
$badtest++;
}
else {
print "\tReencode passed\n" if $verbose;
}
}
sub run_certsout_test {
my ( $cmsdir, $tfile ) = @_;
unlink "tmp.der";
unlink "tmp.pem";
system( "$cmscmd -cmsout -inform DER -certsout tmp.pem"
. " -in $cmsdir/$tfile -out tmp.der" );
if ($?) {
print "\tCertificate output command FAILED!!\n";
$badtest++;
}
else {
print "\tCertificate output passed\n" if $verbose;
}
}
sub run_dataout_test {
my ( $cmsdir, $tfile ) = @_;
unlink "tmp.txt";
system(
"$cmscmd -data_out -inform DER" . " -in $cmsdir/$tfile -out tmp.txt" );
if ($?) {
print "\tDataout command FAILED!!\n";
$badtest++;
}
elsif ( !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) ) {
print "\tDataout compare FAILED!!\n";
$badtest++;
}
else {
print "\tDataout passed\n" if $verbose;
}
}
sub run_verify_test {
my ( $cmsdir, $tlist, $tfile ) = @_;
unlink "tmp.txt";
$form = "DER" if $tlist =~ /verifyder/;
$form = "SMIME" if $tlist =~ /verifymime/;
$cafile = "$cmsdir/CarlDSSSelf.pem" if $tlist =~ /dss/;
$cafile = "$cmsdir/CarlRSASelf.pem" if $tlist =~ /rsa/;
$cmd =
"$cmscmd -verify -inform $form"
. " -CAfile $cafile"
. " -in $cmsdir/$tfile -out tmp.txt";
$cmd .= " -content $cmsdir/ExContent.bin" if $tlist =~ /cont_extern/;
system("$cmd 2>cms.err 1>cms.out");
if ($?) {
print "\tVerify command FAILED!!\n";
$badtest++;
}
elsif ( $tlist =~ /cont/
&& !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
{
print "\tVerify content compare FAILED!!\n";
$badtest++;
}
else {
print "\tVerify passed\n" if $verbose;
}
}
sub run_envelope_test {
my ( $cmsdir, $tlist, $tfile ) = @_;
unlink "tmp.txt";
$form = "DER" if $tlist =~ /envelopeder/;
$form = "SMIME" if $tlist =~ /envelopemime/;
$cmd =
"$cmscmd -decrypt -inform $form"
. " -recip $cmsdir/BobRSASignByCarl.pem"
. " -inkey $cmsdir/BobPrivRSAEncrypt.pem"
. " -in $cmsdir/$tfile -out tmp.txt";
system("$cmd 2>cms.err 1>cms.out");
if ($?) {
print "\tDecrypt command FAILED!!\n";
$badtest++;
}
elsif ( $tlist =~ /cont/
&& !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
{
print "\tDecrypt content compare FAILED!!\n";
$badtest++;
}
else {
print "\tDecrypt passed\n" if $verbose;
}
}
sub run_digest_test {
my ( $cmsdir, $tlist, $tfile ) = @_;
unlink "tmp.txt";
my $cmd =
"$cmscmd -digest_verify -inform DER" . " -in $cmsdir/$tfile -out tmp.txt";
system("$cmd 2>cms.err 1>cms.out");
if ($?) {
print "\tDigest verify command FAILED!!\n";
$badtest++;
}
elsif ( $tlist =~ /cont/
&& !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
{
print "\tDigest verify content compare FAILED!!\n";
$badtest++;
}
else {
print "\tDigest verify passed\n" if $verbose;
}
}
sub run_encrypted_test {
my ( $cmsdir, $tlist, $tfile, $key ) = @_;
unlink "tmp.txt";
system( "$cmscmd -EncryptedData_decrypt -inform DER"
. " -secretkey $key"
. " -in $cmsdir/$tfile -out tmp.txt" );
if ($?) {
print "\tEncrypted Data command FAILED!!\n";
$badtest++;
}
elsif ( $tlist =~ /cont/
&& !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
{
print "\tEncrypted Data content compare FAILED!!\n";
$badtest++;
}
else {
print "\tEncryptedData verify passed\n" if $verbose;
}
}
sub cmp_files {
my ( $f1, $f2 ) = @_;
my ( $fp1, $fp2 );
my ( $rd1, $rd2 );
if ( !open( $fp1, "<$f1" ) ) {
print STDERR "Can't Open file $f1\n";
return 0;
}
if ( !open( $fp2, "<$f2" ) ) {
print STDERR "Can't Open file $f2\n";
return 0;
}
binmode $fp1;
binmode $fp2;
my $ret = 0;
for ( ; ; ) {
$n1 = sysread $fp1, $rd1, 4096;
$n2 = sysread $fp2, $rd2, 4096;
last if ( $n1 != $n2 );
last if ( $rd1 ne $rd2 );
if ( $n1 == 0 ) {
$ret = 1;
last;
}
}
close $fp1;
close $fp2;
return $ret;
}

459
lib/libssl/test/cms-test.pl
View File

@@ -1,459 +0,0 @@
# test/cms-test.pl
# Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
# project.
#
# ====================================================================
# Copyright (c) 2008 The OpenSSL Project. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
#
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in
# the documentation and/or other materials provided with the
# distribution.
#
# 3. All advertising materials mentioning features or use of this
# software must display the following acknowledgment:
# "This product includes software developed by the OpenSSL Project
# for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
#
# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
# endorse or promote products derived from this software without
# prior written permission. For written permission, please contact
# licensing@OpenSSL.org.
#
# 5. Products derived from this software may not be called "OpenSSL"
# nor may "OpenSSL" appear in their names without prior written
# permission of the OpenSSL Project.
#
# 6. Redistributions of any form whatsoever must retain the following
# acknowledgment:
# "This product includes software developed by the OpenSSL Project
# for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
#
# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
# OF THE POSSIBILITY OF SUCH DAMAGE.
# ====================================================================
# CMS, PKCS7 consistency test script. Run extensive tests on
# OpenSSL PKCS#7 and CMS implementations.
my $ossl_path;
my $redir = " 2> cms.err > cms.out";
# Make VMS work
if ( $^O eq "VMS" && -f "OSSLX:openssl.exe" ) {
$ossl_path = "pipe mcr OSSLX:openssl";
}
# Make MSYS work
elsif ( $^O eq "MSWin32" && -f "../apps/openssl.exe" ) {
$ossl_path = "cmd /c ..\\apps\\openssl";
}
elsif ( -f "../apps/openssl$ENV{EXE_EXT}" ) {
$ossl_path = "../util/shlib_wrap.sh ../apps/openssl";
}
elsif ( -f "..\\out32dll\\openssl.exe" ) {
$ossl_path = "..\\out32dll\\openssl.exe";
}
elsif ( -f "..\\out32\\openssl.exe" ) {
$ossl_path = "..\\out32\\openssl.exe";
}
else {
die "Can't find OpenSSL executable";
}
my $pk7cmd = "$ossl_path smime ";
my $cmscmd = "$ossl_path cms ";
my $smdir = "smime-certs";
my $halt_err = 1;
my $badcmd = 0;
my $ossl8 = `$ossl_path version -v` =~ /0\.9\.8/;
my @smime_pkcs7_tests = (
[
"signed content DER format, RSA key",
"-sign -in smcont.txt -outform \"DER\" -nodetach"
. " -certfile $smdir/smroot.pem"
. " -signer $smdir/smrsa1.pem -out test.cms",
"-verify -in test.cms -inform \"DER\" "
. " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"signed detached content DER format, RSA key",
"-sign -in smcont.txt -outform \"DER\""
. " -signer $smdir/smrsa1.pem -out test.cms",
"-verify -in test.cms -inform \"DER\" "
. " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt"
],
[
"signed content test streaming BER format, RSA",
"-sign -in smcont.txt -outform \"DER\" -nodetach"
. " -stream -signer $smdir/smrsa1.pem -out test.cms",
"-verify -in test.cms -inform \"DER\" "
. " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"signed content DER format, DSA key",
"-sign -in smcont.txt -outform \"DER\" -nodetach"
. " -signer $smdir/smdsa1.pem -out test.cms",
"-verify -in test.cms -inform \"DER\" "
. " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"signed detached content DER format, DSA key",
"-sign -in smcont.txt -outform \"DER\""
. " -signer $smdir/smdsa1.pem -out test.cms",
"-verify -in test.cms -inform \"DER\" "
. " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt"
],
[
"signed detached content DER format, add RSA signer",
"-resign -inform \"DER\" -in test.cms -outform \"DER\""
. " -signer $smdir/smrsa1.pem -out test2.cms",
"-verify -in test2.cms -inform \"DER\" "
. " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt"
],
[
"signed content test streaming BER format, DSA key",
"-sign -in smcont.txt -outform \"DER\" -nodetach"
. " -stream -signer $smdir/smdsa1.pem -out test.cms",
"-verify -in test.cms -inform \"DER\" "
. " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"signed content test streaming BER format, 2 DSA and 2 RSA keys",
"-sign -in smcont.txt -outform \"DER\" -nodetach"
. " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
. " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
. " -stream -out test.cms",
"-verify -in test.cms -inform \"DER\" "
. " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes",
"-sign -in smcont.txt -outform \"DER\" -noattr -nodetach"
. " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
. " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
. " -stream -out test.cms",
"-verify -in test.cms -inform \"DER\" "
. " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"signed content test streaming S/MIME format, 2 DSA and 2 RSA keys",
"-sign -in smcont.txt -nodetach"
. " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
. " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
. " -stream -out test.cms",
"-verify -in test.cms " . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"signed content test streaming multipart S/MIME format, 2 DSA and 2 RSA keys",
"-sign -in smcont.txt"
. " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
. " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
. " -stream -out test.cms",
"-verify -in test.cms " . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"enveloped content test streaming S/MIME format, 3 recipients",
"-encrypt -in smcont.txt"
. " -stream -out test.cms"
. " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
"-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt"
],
[
"enveloped content test streaming S/MIME format, 3 recipients, 3rd used",
"-encrypt -in smcont.txt"
. " -stream -out test.cms"
. " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
"-decrypt -recip $smdir/smrsa3.pem -in test.cms -out smtst.txt"
],
[
"enveloped content test streaming S/MIME format, 3 recipients, key only used",
"-encrypt -in smcont.txt"
. " -stream -out test.cms"
. " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
"-decrypt -inkey $smdir/smrsa3.pem -in test.cms -out smtst.txt"
],
[
"enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients",
"-encrypt -in smcont.txt"
. " -aes256 -stream -out test.cms"
. " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
"-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt"
],
);
my @smime_cms_tests = (
[
"signed content test streaming BER format, 2 DSA and 2 RSA keys, keyid",
"-sign -in smcont.txt -outform \"DER\" -nodetach -keyid"
. " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
. " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
. " -stream -out test.cms",
"-verify -in test.cms -inform \"DER\" "
. " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"signed content test streaming PEM format, 2 DSA and 2 RSA keys",
"-sign -in smcont.txt -outform PEM -nodetach"
. " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
. " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
. " -stream -out test.cms",
"-verify -in test.cms -inform PEM "
. " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"signed content MIME format, RSA key, signed receipt request",
"-sign -in smcont.txt -signer $smdir/smrsa1.pem -nodetach"
. " -receipt_request_to test\@openssl.org -receipt_request_all"
. " -out test.cms",
"-verify -in test.cms "
. " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
],
[
"signed receipt MIME format, RSA key",
"-sign_receipt -in test.cms"
. " -signer $smdir/smrsa2.pem"
. " -out test2.cms",
"-verify_receipt test2.cms -in test.cms"
. " \"-CAfile\" $smdir/smroot.pem"
],
[
"enveloped content test streaming S/MIME format, 3 recipients, keyid",
"-encrypt -in smcont.txt"
. " -stream -out test.cms -keyid"
. " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
"-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt"
],
[
"enveloped content test streaming PEM format, KEK",
"-encrypt -in smcont.txt -outform PEM -aes128"
. " -stream -out test.cms "
. " -secretkey 000102030405060708090A0B0C0D0E0F "
. " -secretkeyid C0FEE0",
"-decrypt -in test.cms -out smtst.txt -inform PEM"
. " -secretkey 000102030405060708090A0B0C0D0E0F "
. " -secretkeyid C0FEE0"
],
[
"enveloped content test streaming PEM format, KEK, key only",
"-encrypt -in smcont.txt -outform PEM -aes128"
. " -stream -out test.cms "
. " -secretkey 000102030405060708090A0B0C0D0E0F "
. " -secretkeyid C0FEE0",
"-decrypt -in test.cms -out smtst.txt -inform PEM"
. " -secretkey 000102030405060708090A0B0C0D0E0F "
],
[
"data content test streaming PEM format",
"-data_create -in smcont.txt -outform PEM -nodetach"
. " -stream -out test.cms",
"-data_out -in test.cms -inform PEM -out smtst.txt"
],
[
"encrypted content test streaming PEM format, 128 bit RC2 key",
"\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
. " -rc2 -secretkey 000102030405060708090A0B0C0D0E0F"
. " -stream -out test.cms",
"\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
. " -secretkey 000102030405060708090A0B0C0D0E0F -out smtst.txt"
],
[
"encrypted content test streaming PEM format, 40 bit RC2 key",
"\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
. " -rc2 -secretkey 0001020304"
. " -stream -out test.cms",
"\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
. " -secretkey 0001020304 -out smtst.txt"
],
[
"encrypted content test streaming PEM format, triple DES key",
"\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
. " -des3 -secretkey 000102030405060708090A0B0C0D0E0F1011121314151617"
. " -stream -out test.cms",
"\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
. " -secretkey 000102030405060708090A0B0C0D0E0F1011121314151617"
. " -out smtst.txt"
],
[
"encrypted content test streaming PEM format, 128 bit AES key",
"\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
. " -aes128 -secretkey 000102030405060708090A0B0C0D0E0F"
. " -stream -out test.cms",
"\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
. " -secretkey 000102030405060708090A0B0C0D0E0F -out smtst.txt"
],
);
my @smime_cms_comp_tests = (
[
"compressed content test streaming PEM format",
"-compress -in smcont.txt -outform PEM -nodetach"
. " -stream -out test.cms",
"-uncompress -in test.cms -inform PEM -out smtst.txt"
]
);
print "CMS => PKCS#7 compatibility tests\n";
run_smime_tests( \$badcmd, \@smime_pkcs7_tests, $cmscmd, $pk7cmd );
print "CMS <= PKCS#7 compatibility tests\n";
run_smime_tests( \$badcmd, \@smime_pkcs7_tests, $pk7cmd, $cmscmd );
print "CMS <=> CMS consistency tests\n";
run_smime_tests( \$badcmd, \@smime_pkcs7_tests, $cmscmd, $cmscmd );
run_smime_tests( \$badcmd, \@smime_cms_tests, $cmscmd, $cmscmd );
if ( `$ossl_path version -f` =~ /ZLIB/ ) {
run_smime_tests( \$badcmd, \@smime_cms_comp_tests, $cmscmd, $cmscmd );
}
else {
print "Zlib not supported: compression tests skipped\n";
}
print "Running modified tests for OpenSSL 0.9.8 cms backport\n" if($ossl8);
if ($badcmd) {
print "$badcmd TESTS FAILED!!\n";
}
else {
print "ALL TESTS SUCCESSFUL.\n";
}
unlink "test.cms";
unlink "test2.cms";
unlink "smtst.txt";
unlink "cms.out";
unlink "cms.err";
sub run_smime_tests {
my ( $rv, $aref, $scmd, $vcmd ) = @_;
foreach $smtst (@$aref) {
my ( $tnam, $rscmd, $rvcmd ) = @$smtst;
if ($ossl8)
{
# Skip smime resign: 0.9.8 smime doesn't support -resign
next if ($scmd =~ /smime/ && $rscmd =~ /-resign/);
# Disable streaming: option not supported in 0.9.8
$tnam =~ s/streaming//;
$rscmd =~ s/-stream//;
$rvcmd =~ s/-stream//;
}
system("$scmd$rscmd$redir");
if ($?) {
print "$tnam: generation error\n";
$$rv++;
exit 1 if $halt_err;
next;
}
system("$vcmd$rvcmd$redir");
if ($?) {
print "$tnam: verify error\n";
$$rv++;
exit 1 if $halt_err;
next;
}
if (!cmp_files("smtst.txt", "smcont.txt")) {
print "$tnam: content verify error\n";
$$rv++;
exit 1 if $halt_err;
next;
}
print "$tnam: OK\n";
}
}
sub cmp_files {
use FileHandle;
my ( $f1, $f2 ) = @_;
my $fp1 = FileHandle->new();
my $fp2 = FileHandle->new();
my ( $rd1, $rd2 );
if ( !open( $fp1, "<$f1" ) ) {
print STDERR "Can't Open file $f1\n";
return 0;
}
if ( !open( $fp2, "<$f2" ) ) {
print STDERR "Can't Open file $f2\n";
return 0;
}
binmode $fp1;
binmode $fp2;
my $ret = 0;
for ( ; ; ) {
$n1 = sysread $fp1, $rd1, 4096;
$n2 = sysread $fp2, $rd2, 4096;
last if ( $n1 != $n2 );
last if ( $rd1 ne $rd2 );
if ( $n1 == 0 ) {
$ret = 1;
last;
}
}
close $fp1;
close $fp2;
return $ret;
}

15
lib/libssl/test/pkcs7-1.pem
View File

@@ -1,15 +0,0 @@
-----BEGIN PKCS7-----
MIICUAYJKoZIhvcNAQcCoIICQTCCAj0CAQExDjAMBggqhkiG9w0CAgUAMCgGCSqG
SIb3DQEHAaAbBBlFdmVyeW9uZSBnZXRzIEZyaWRheSBvZmYuoIIBXjCCAVowggEE
AgQUAAApMA0GCSqGSIb3DQEBAgUAMCwxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRF
eGFtcGxlIE9yZ2FuaXphdGlvbjAeFw05MjA5MDkyMjE4MDZaFw05NDA5MDkyMjE4
MDVaMEIxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRFeGFtcGxlIE9yZ2FuaXphdGlv
bjEUMBIGA1UEAxMLVGVzdCBVc2VyIDEwWzANBgkqhkiG9w0BAQEFAANKADBHAkAK
ZnkdxpiBaN56t3QZu3+wwAHGJxAnAHUUKULhmo2MUdBTs+N4Kh3l3Fr06+mUaBcB
FKHf5nzcmpr1XWVWILurAgMBAAEwDQYJKoZIhvcNAQECBQADQQBFGqHhqncgSl/N
9XYGnQL3MsJvNnsNV4puZPOakR9Hld8JlDQFEaDR30ogsmp3TMrvdfxpLlTCoZN8
BxEmnZsWMYGbMIGYAgEBMDQwLDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFEV4YW1w
bGUgT3JnYW5pemF0aW9uAgQUAAApMAwGCCqGSIb3DQICBQAwDQYJKoZIhvcNAQEB
BQAEQAX6aoEvx9+L9PJUJQngPoRuEbnGIL4gCe+0QO+8xmkhaZSsBPNBtX0FIC1C
j7Kie1x339mxW/w9VZNTUDQQweHh
-----END PKCS7-----

54
lib/libssl/test/pkcs7.pem
View File

@@ -1,54 +0,0 @@
MIAGCSqGSIb3DQEHAqCAMIACAQExADCABgkqhkiG9w0BBwEAAKCAMIIE+DCCBGGg
AwIBAgIQaGSF/JpbS1C223+yrc+N1DANBgkqhkiG9w0BAQQFADBiMREwDwYDVQQH
EwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1Zl
cmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIwHhcNOTYw
ODEyMDAwMDAwWhcNOTYwODE3MjM1OTU5WjCCASAxETAPBgNVBAcTCEludGVybmV0
MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjE3MDUGA1UECxMuRGlnaXRh
bCBJRCBDbGFzcyAxIC0gU01JTUUgVmVyaVNpZ24sIEluYy4gVEVTVDFGMEQGA1UE
CxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L0NQUyBJbmNvcnAuIGJ5IFJl
Zi4sTElBQi5MVEQoYyk5NjEZMBcGA1UEAxMQQWxleGFuZHJlIERlYWNvbjEgMB4G
CSqGSIb3DQEJARYRYWxleEB2ZXJpc2lnbi5jb20wWzANBgkqhkiG9w0BAQEFAANK
ADBHAkAOy7xxCAIkOfuIA2LyRpxgKlDORl8htdXYhF5iBGUx1GYaK6KF+bK/CCI0
l4j2OfWGFBUrwGoWqxTNcWgTfMzRAgMBAAGjggIyMIICLjAJBgNVHRMEAjAAMIIC
HwYDVR0DBIICFjCCAhIwggIOMIICCgYLYIZIAYb4RQEHAQEwggH5FoIBp1RoaXMg
Y2VydGlmaWNhdGUgaW5jb3Jwb3JhdGVzIGJ5IHJlZmVyZW5jZSwgYW5kIGl0cyB1
c2UgaXMgc3RyaWN0bHkgc3ViamVjdCB0bywgdGhlIFZlcmlTaWduIENlcnRpZmlj
YXRpb24gUHJhY3RpY2UgU3RhdGVtZW50IChDUFMpLCBhdmFpbGFibGUgYXQ6IGh0
dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9DUFM7IGJ5IEUtbWFpbCBhdCBDUFMtcmVx
dWVzdHNAdmVyaXNpZ24uY29tOyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMu
LCAyNTkzIENvYXN0IEF2ZS4sIE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBU
ZWwuICsxICg0MTUpIDk2MS04ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2ln
biwgSW5jLiAgQWxsIFJpZ2h0cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVT
IERJU0NMQUlNRUQgYW5kIExJQUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcB
AQGhDgYMYIZIAYb4RQEHAQECMCwwKhYoaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
L3JlcG9zaXRvcnkvQ1BTIDANBgkqhkiG9w0BAQQFAAOBgQAimWMGQwwwxk+b3KAL
HlSWXtU7LWHe29CEG8XeVNTvrqs6SBqT7OoENOkGxpfdpVgZ3Qw2SKjxDvbvpfSF
slsqcxWSgB/hWuaVuZCkvTw/dYGGOxkTJGxvDCfl1PZjX4dKbatslsi9Z9HpGWT7
ttItRwKqcBKgmCJvKi1pGWED0zCCAnkwggHioAMCAQICEDURpVKQb+fQKaRAGdQR
/D4wDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlT
aWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRp
ZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2MDYyNzAwMDAwMFoXDTk3MDYyNzIzNTk1
OVowYjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMu
MTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJz
Y3JpYmVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2FKbPTdAFDdjKI9Bv
qrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7jW80GqLd5HUQq7XPy
sVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cariQPJUObwW7s987Lrb
P2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABozMwMTAPBgNVHRMECDAGAQH/AgEBMAsG
A1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADgYEA
KeXHoBmnbxRCgk0jM9e9mDppdxpsipIna/J8DOHEUuD4nONAr4+xOg73SBl026n7
Bk55A2wvAMGo7+kKTZ+rHaFDDcmq4O+rzFri2RIOeGAncj1IcGptAQhvXoIhFMG4
Jlzg1KlHZHqy7D3jex78zcSU7kKOu8f5tAX1jC3+sToAAKGAMIIBJzCBkTANBgkq
hkiG9w0BAQIFADBiMREwDwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNp
Z24sIEluYy4xNDAyBgNVBAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlk
dWFsIFN1YnNjcmliZXIXDTk2MDcwMTE3MzA0MFoXDTk3MDcwMTAwMDAwMFowDQYJ
KoZIhvcNAQECBQADgYEAGLuQ6PX8A7AiqBEtWzYtl6lZNSDI0bR5YUo+D2Jzkw30
dxQnJSbKXEc6XYuzAW5HvrzATXu5c19WWPT4cRDwmjH71i9QcDysWwf/wE0qGTiW
I3tQT0I5VGh7jIJD07nlBw3R4Xl8dH9kr85JsWinqDH5YKpIo9o8knY5n7+qjOow
ggEkMIGOMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5W
ZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMSBQdWJsaWMgUHJpbWFyeSBD
ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eRcNOTYwNzE2MjMxMTI5WhcNOTYwODE1MDAw
MDAwWjANBgkqhkiG9w0BAQIFAAOBgQAXsLE4vnsY6sY67QrmWec7iaU2ehzxanEK
/9wKHZNuhlNzk+qGZZw2evxfUe2OaRbYpl8zuZvhK9BHD3ad14OSe9/zx5hOPgP/
DQXt6R4R8Q/1JheBrolrgbavjvI2wKS8/Psp2prBrkF4T48+AKRmS8Zzh1guxgvP
b+xSu/jH0gAAMYAAAAAAAAAAAA==

949
lib/libssl/test/pkits-test.pl
View File

@@ -1,949 +0,0 @@
# test/pkits-test.pl
# Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
# project.
#
# ====================================================================
# Copyright (c) 2008 The OpenSSL Project. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
#
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in
# the documentation and/or other materials provided with the
# distribution.
#
# 3. All advertising materials mentioning features or use of this
# software must display the following acknowledgment:
# "This product includes software developed by the OpenSSL Project
# for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
#
# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
# endorse or promote products derived from this software without
# prior written permission. For written permission, please contact
# licensing@OpenSSL.org.
#
# 5. Products derived from this software may not be called "OpenSSL"
# nor may "OpenSSL" appear in their names without prior written
# permission of the OpenSSL Project.
#
# 6. Redistributions of any form whatsoever must retain the following
# acknowledgment:
# "This product includes software developed by the OpenSSL Project
# for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
#
# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
# OF THE POSSIBILITY OF SUCH DAMAGE.
# ====================================================================
# Perl utility to run PKITS tests for RFC3280 compliance.
my $ossl_path;
if ( -f "../apps/openssl" ) {
$ossl_path = "../util/shlib_wrap.sh ../apps/openssl";
}
elsif ( -f "..\\out32dll\\openssl.exe" ) {
$ossl_path = "..\\out32dll\\openssl.exe";
}
elsif ( -f "..\\out32\\openssl.exe" ) {
$ossl_path = "..\\out32\\openssl.exe";
}
else {
die "Can't find OpenSSL executable";
}
my $pkitsdir = "pkits/smime";
my $pkitsta = "pkits/certs/TrustAnchorRootCertificate.crt";
die "Can't find PKITS test data" if !-d $pkitsdir;
my $nist1 = "2.16.840.1.101.3.2.1.48.1";
my $nist2 = "2.16.840.1.101.3.2.1.48.2";
my $nist3 = "2.16.840.1.101.3.2.1.48.3";
my $nist4 = "2.16.840.1.101.3.2.1.48.4";
my $nist5 = "2.16.840.1.101.3.2.1.48.5";
my $nist6 = "2.16.840.1.101.3.2.1.48.6";
my $apolicy = "X509v3 Any Policy";
# This table contains the chapter headings of the accompanying PKITS
# document. They provide useful informational output and their names
# can be converted into the filename to test.
my @testlists = (
[ "4.1", "Signature Verification" ],
[ "4.1.1", "Valid Signatures Test1", 0 ],
[ "4.1.2", "Invalid CA Signature Test2", 7 ],
[ "4.1.3", "Invalid EE Signature Test3", 7 ],
[ "4.1.4", "Valid DSA Signatures Test4", 0 ],
[ "4.1.5", "Valid DSA Parameter Inheritance Test5", 0 ],
[ "4.1.6", "Invalid DSA Signature Test6", 7 ],
[ "4.2", "Validity Periods" ],
[ "4.2.1", "Invalid CA notBefore Date Test1", 9 ],
[ "4.2.2", "Invalid EE notBefore Date Test2", 9 ],
[ "4.2.3", "Valid pre2000 UTC notBefore Date Test3", 0 ],
[ "4.2.4", "Valid GeneralizedTime notBefore Date Test4", 0 ],
[ "4.2.5", "Invalid CA notAfter Date Test5", 10 ],
[ "4.2.6", "Invalid EE notAfter Date Test6", 10 ],
[ "4.2.7", "Invalid pre2000 UTC EE notAfter Date Test7", 10 ],
[ "4.2.8", "Valid GeneralizedTime notAfter Date Test8", 0 ],
[ "4.3", "Verifying Name Chaining" ],
[ "4.3.1", "Invalid Name Chaining EE Test1", 20 ],
[ "4.3.2", "Invalid Name Chaining Order Test2", 20 ],
[ "4.3.3", "Valid Name Chaining Whitespace Test3", 0 ],
[ "4.3.4", "Valid Name Chaining Whitespace Test4", 0 ],
[ "4.3.5", "Valid Name Chaining Capitalization Test5", 0 ],
[ "4.3.6", "Valid Name Chaining UIDs Test6", 0 ],
[ "4.3.7", "Valid RFC3280 Mandatory Attribute Types Test7", 0 ],
[ "4.3.8", "Valid RFC3280 Optional Attribute Types Test8", 0 ],
[ "4.3.9", "Valid UTF8String Encoded Names Test9", 0 ],
[ "4.3.10", "Valid Rollover from PrintableString to UTF8String Test10", 0 ],
[ "4.3.11", "Valid UTF8String Case Insensitive Match Test11", 0 ],
[ "4.4", "Basic Certificate Revocation Tests" ],
[ "4.4.1", "Missing CRL Test1", 3 ],
[ "4.4.2", "Invalid Revoked CA Test2", 23 ],
[ "4.4.3", "Invalid Revoked EE Test3", 23 ],
[ "4.4.4", "Invalid Bad CRL Signature Test4", 8 ],
[ "4.4.5", "Invalid Bad CRL Issuer Name Test5", 3 ],
[ "4.4.6", "Invalid Wrong CRL Test6", 3 ],
[ "4.4.7", "Valid Two CRLs Test7", 0 ],
# The test document suggests these should return certificate revoked...
# Subsequent discussion has concluded they should not due to unhandled
# critical CRL extensions.
[ "4.4.8", "Invalid Unknown CRL Entry Extension Test8", 36 ],
[ "4.4.9", "Invalid Unknown CRL Extension Test9", 36 ],
[ "4.4.10", "Invalid Unknown CRL Extension Test10", 36 ],
[ "4.4.11", "Invalid Old CRL nextUpdate Test11", 12 ],
[ "4.4.12", "Invalid pre2000 CRL nextUpdate Test12", 12 ],
[ "4.4.13", "Valid GeneralizedTime CRL nextUpdate Test13", 0 ],
[ "4.4.14", "Valid Negative Serial Number Test14", 0 ],
[ "4.4.15", "Invalid Negative Serial Number Test15", 23 ],
[ "4.4.16", "Valid Long Serial Number Test16", 0 ],
[ "4.4.17", "Valid Long Serial Number Test17", 0 ],
[ "4.4.18", "Invalid Long Serial Number Test18", 23 ],
[ "4.4.19", "Valid Separate Certificate and CRL Keys Test19", 0 ],
[ "4.4.20", "Invalid Separate Certificate and CRL Keys Test20", 23 ],
# CRL path is revoked so get a CRL path validation error
[ "4.4.21", "Invalid Separate Certificate and CRL Keys Test21", 54 ],
[ "4.5", "Verifying Paths with Self-Issued Certificates" ],
[ "4.5.1", "Valid Basic Self-Issued Old With New Test1", 0 ],
[ "4.5.2", "Invalid Basic Self-Issued Old With New Test2", 23 ],
[ "4.5.3", "Valid Basic Self-Issued New With Old Test3", 0 ],
[ "4.5.4", "Valid Basic Self-Issued New With Old Test4", 0 ],
[ "4.5.5", "Invalid Basic Self-Issued New With Old Test5", 23 ],
[ "4.5.6", "Valid Basic Self-Issued CRL Signing Key Test6", 0 ],
[ "4.5.7", "Invalid Basic Self-Issued CRL Signing Key Test7", 23 ],
[ "4.5.8", "Invalid Basic Self-Issued CRL Signing Key Test8", 20 ],
[ "4.6", "Verifying Basic Constraints" ],
[ "4.6.1", "Invalid Missing basicConstraints Test1", 24 ],
[ "4.6.2", "Invalid cA False Test2", 24 ],
[ "4.6.3", "Invalid cA False Test3", 24 ],
[ "4.6.4", "Valid basicConstraints Not Critical Test4", 0 ],
[ "4.6.5", "Invalid pathLenConstraint Test5", 25 ],
[ "4.6.6", "Invalid pathLenConstraint Test6", 25 ],
[ "4.6.7", "Valid pathLenConstraint Test7", 0 ],
[ "4.6.8", "Valid pathLenConstraint Test8", 0 ],
[ "4.6.9", "Invalid pathLenConstraint Test9", 25 ],
[ "4.6.10", "Invalid pathLenConstraint Test10", 25 ],
[ "4.6.11", "Invalid pathLenConstraint Test11", 25 ],
[ "4.6.12", "Invalid pathLenConstraint Test12", 25 ],
[ "4.6.13", "Valid pathLenConstraint Test13", 0 ],
[ "4.6.14", "Valid pathLenConstraint Test14", 0 ],
[ "4.6.15", "Valid Self-Issued pathLenConstraint Test15", 0 ],
[ "4.6.16", "Invalid Self-Issued pathLenConstraint Test16", 25 ],
[ "4.6.17", "Valid Self-Issued pathLenConstraint Test17", 0 ],
[ "4.7", "Key Usage" ],
[ "4.7.1", "Invalid keyUsage Critical keyCertSign False Test1", 20 ],
[ "4.7.2", "Invalid keyUsage Not Critical keyCertSign False Test2", 20 ],
[ "4.7.3", "Valid keyUsage Not Critical Test3", 0 ],
[ "4.7.4", "Invalid keyUsage Critical cRLSign False Test4", 35 ],
[ "4.7.5", "Invalid keyUsage Not Critical cRLSign False Test5", 35 ],
# Certificate policy tests need special handling. They can have several
# sub tests and we need to check the outputs are correct.
[ "4.8", "Certificate Policies" ],
[
"4.8.1.1",
"All Certificates Same Policy Test1",
"-policy anyPolicy -explicit_policy",
"True", $nist1, $nist1, 0
],
[
"4.8.1.2",
"All Certificates Same Policy Test1",
"-policy $nist1 -explicit_policy",
"True", $nist1, $nist1, 0
],
[
"4.8.1.3",
"All Certificates Same Policy Test1",
"-policy $nist2 -explicit_policy",
"True", $nist1, "<empty>", 43
],
[
"4.8.1.4",
"All Certificates Same Policy Test1",
"-policy $nist1 -policy $nist2 -explicit_policy",
"True", $nist1, $nist1, 0
],
[
"4.8.2.1",
"All Certificates No Policies Test2",
"-policy anyPolicy",
"False", "<empty>", "<empty>", 0
],
[
"4.8.2.2",
"All Certificates No Policies Test2",
"-policy anyPolicy -explicit_policy",
"True", "<empty>", "<empty>", 43
],
[
"4.8.3.1",
"Different Policies Test3",
"-policy anyPolicy",
"False", "<empty>", "<empty>", 0
],
[
"4.8.3.2",
"Different Policies Test3",
"-policy anyPolicy -explicit_policy",
"True", "<empty>", "<empty>", 43
],
[
"4.8.3.3",
"Different Policies Test3",
"-policy $nist1 -policy $nist2 -explicit_policy",
"True", "<empty>", "<empty>", 43
],
[
"4.8.4",
"Different Policies Test4",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.8.5",
"Different Policies Test5",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.8.6.1",
"Overlapping Policies Test6",
"-policy anyPolicy",
"True", $nist1, $nist1, 0
],
[
"4.8.6.2",
"Overlapping Policies Test6",
"-policy $nist1",
"True", $nist1, $nist1, 0
],
[
"4.8.6.3",
"Overlapping Policies Test6",
"-policy $nist2",
"True", $nist1, "<empty>", 43
],
[
"4.8.7",
"Different Policies Test7",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.8.8",
"Different Policies Test8",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.8.9",
"Different Policies Test9",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.8.10.1",
"All Certificates Same Policies Test10",
"-policy $nist1",
"True", "$nist1:$nist2", "$nist1", 0
],
[
"4.8.10.2",
"All Certificates Same Policies Test10",
"-policy $nist2",
"True", "$nist1:$nist2", "$nist2", 0
],
[
"4.8.10.3",
"All Certificates Same Policies Test10",
"-policy anyPolicy",
"True", "$nist1:$nist2", "$nist1:$nist2", 0
],
[
"4.8.11.1",
"All Certificates AnyPolicy Test11",
"-policy anyPolicy",
"True", "$apolicy", "$apolicy", 0
],
[
"4.8.11.2",
"All Certificates AnyPolicy Test11",
"-policy $nist1",
"True", "$apolicy", "$nist1", 0
],
[
"4.8.12",
"Different Policies Test12",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.8.13.1",
"All Certificates Same Policies Test13",
"-policy $nist1",
"True", "$nist1:$nist2:$nist3", "$nist1", 0
],
[
"4.8.13.2",
"All Certificates Same Policies Test13",
"-policy $nist2",
"True", "$nist1:$nist2:$nist3", "$nist2", 0
],
[
"4.8.13.3",
"All Certificates Same Policies Test13",
"-policy $nist3",
"True", "$nist1:$nist2:$nist3", "$nist3", 0
],
[
"4.8.14.1", "AnyPolicy Test14",
"-policy $nist1", "True",
"$nist1", "$nist1",
0
],
[
"4.8.14.2", "AnyPolicy Test14",
"-policy $nist2", "True",
"$nist1", "<empty>",
43
],
[
"4.8.15",
"User Notice Qualifier Test15",
"-policy anyPolicy",
"False", "$nist1", "$nist1", 0
],
[
"4.8.16",
"User Notice Qualifier Test16",
"-policy anyPolicy",
"False", "$nist1", "$nist1", 0
],
[
"4.8.17",
"User Notice Qualifier Test17",
"-policy anyPolicy",
"False", "$nist1", "$nist1", 0
],
[
"4.8.18.1",
"User Notice Qualifier Test18",
"-policy $nist1",
"True", "$nist1:$nist2", "$nist1", 0
],
[
"4.8.18.2",
"User Notice Qualifier Test18",
"-policy $nist2",
"True", "$nist1:$nist2", "$nist2", 0
],
[
"4.8.19",
"User Notice Qualifier Test19",
"-policy anyPolicy",
"False", "$nist1", "$nist1", 0
],
[
"4.8.20",
"CPS Pointer Qualifier Test20",
"-policy anyPolicy -explicit_policy",
"True", "$nist1", "$nist1", 0
],
[ "4.9", "Require Explicit Policy" ],
[
"4.9.1",
"Valid RequireExplicitPolicy Test1",
"-policy anyPolicy",
"False", "<empty>", "<empty>", 0
],
[
"4.9.2",
"Valid RequireExplicitPolicy Test2",
"-policy anyPolicy",
"False", "<empty>", "<empty>", 0
],
[
"4.9.3",
"Invalid RequireExplicitPolicy Test3",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.9.4",
"Valid RequireExplicitPolicy Test4",
"-policy anyPolicy",
"True", "$nist1", "$nist1", 0
],
[
"4.9.5",
"Invalid RequireExplicitPolicy Test5",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.9.6",
"Valid Self-Issued requireExplicitPolicy Test6",
"-policy anyPolicy",
"False", "<empty>", "<empty>", 0
],
[
"4.9.7",
"Invalid Self-Issued requireExplicitPolicy Test7",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.9.8",
"Invalid Self-Issued requireExplicitPolicy Test8",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[ "4.10", "Policy Mappings" ],
[
"4.10.1.1",
"Valid Policy Mapping Test1",
"-policy $nist1",
"True", "$nist1", "$nist1", 0
],
[
"4.10.1.2",
"Valid Policy Mapping Test1",
"-policy $nist2",
"True", "$nist1", "<empty>", 43
],
[
"4.10.1.3",
"Valid Policy Mapping Test1",
"-policy anyPolicy -inhibit_map",
"True", "<empty>", "<empty>", 43
],
[
"4.10.2.1",
"Invalid Policy Mapping Test2",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.10.2.2",
"Invalid Policy Mapping Test2",
"-policy anyPolicy -inhibit_map",
"True", "<empty>", "<empty>", 43
],
[
"4.10.3.1",
"Valid Policy Mapping Test3",
"-policy $nist1",
"True", "$nist2", "<empty>", 43
],
[
"4.10.3.2",
"Valid Policy Mapping Test3",
"-policy $nist2",
"True", "$nist2", "$nist2", 0
],
[
"4.10.4",
"Invalid Policy Mapping Test4",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.10.5.1",
"Valid Policy Mapping Test5",
"-policy $nist1",
"True", "$nist1", "$nist1", 0
],
[
"4.10.5.2",
"Valid Policy Mapping Test5",
"-policy $nist6",
"True", "$nist1", "<empty>", 43
],
[
"4.10.6.1",
"Valid Policy Mapping Test6",
"-policy $nist1",
"True", "$nist1", "$nist1", 0
],
[
"4.10.6.2",
"Valid Policy Mapping Test6",
"-policy $nist6",
"True", "$nist1", "<empty>", 43
],
[ "4.10.7", "Invalid Mapping From anyPolicy Test7", 42 ],
[ "4.10.8", "Invalid Mapping To anyPolicy Test8", 42 ],
[
"4.10.9",
"Valid Policy Mapping Test9",
"-policy anyPolicy",
"True", "$nist1", "$nist1", 0
],
[
"4.10.10",
"Invalid Policy Mapping Test10",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.10.11",
"Valid Policy Mapping Test11",
"-policy anyPolicy",
"True", "$nist1", "$nist1", 0
],
# TODO: check notice display
[
"4.10.12.1",
"Valid Policy Mapping Test12",
"-policy $nist1",
"True", "$nist1:$nist2", "$nist1", 0
],
# TODO: check notice display
[
"4.10.12.2",
"Valid Policy Mapping Test12",
"-policy $nist2",
"True", "$nist1:$nist2", "$nist2", 0
],
[
"4.10.13",
"Valid Policy Mapping Test13",
"-policy anyPolicy",
"True", "$nist1", "$nist1", 0
],
# TODO: check notice display
[
"4.10.14",
"Valid Policy Mapping Test14",
"-policy anyPolicy",
"True", "$nist1", "$nist1", 0
],
[ "4.11", "Inhibit Policy Mapping" ],
[
"4.11.1",
"Invalid inhibitPolicyMapping Test1",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.11.2",
"Valid inhibitPolicyMapping Test2",
"-policy anyPolicy",
"True", "$nist1", "$nist1", 0
],
[
"4.11.3",
"Invalid inhibitPolicyMapping Test3",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.11.4",
"Valid inhibitPolicyMapping Test4",
"-policy anyPolicy",
"True", "$nist2", "$nist2", 0
],
[
"4.11.5",
"Invalid inhibitPolicyMapping Test5",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.11.6",
"Invalid inhibitPolicyMapping Test6",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.11.7",
"Valid Self-Issued inhibitPolicyMapping Test7",
"-policy anyPolicy",
"True", "$nist1", "$nist1", 0
],
[
"4.11.8",
"Invalid Self-Issued inhibitPolicyMapping Test8",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.11.9",
"Invalid Self-Issued inhibitPolicyMapping Test9",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.11.10",
"Invalid Self-Issued inhibitPolicyMapping Test10",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.11.11",
"Invalid Self-Issued inhibitPolicyMapping Test11",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[ "4.12", "Inhibit Any Policy" ],
[
"4.12.1",
"Invalid inhibitAnyPolicy Test1",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.12.2",
"Valid inhibitAnyPolicy Test2",
"-policy anyPolicy",
"True", "$nist1", "$nist1", 0
],
[
"4.12.3.1",
"inhibitAnyPolicy Test3",
"-policy anyPolicy",
"True", "$nist1", "$nist1", 0
],
[
"4.12.3.2",
"inhibitAnyPolicy Test3",
"-policy anyPolicy -inhibit_any",
"True", "<empty>", "<empty>", 43
],
[
"4.12.4",
"Invalid inhibitAnyPolicy Test4",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.12.5",
"Invalid inhibitAnyPolicy Test5",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[
"4.12.6",
"Invalid inhibitAnyPolicy Test6",
"-policy anyPolicy",
"True", "<empty>", "<empty>", 43
],
[ "4.12.7", "Valid Self-Issued inhibitAnyPolicy Test7", 0 ],
[ "4.12.8", "Invalid Self-Issued inhibitAnyPolicy Test8", 43 ],
[ "4.12.9", "Valid Self-Issued inhibitAnyPolicy Test9", 0 ],
[ "4.12.10", "Invalid Self-Issued inhibitAnyPolicy Test10", 43 ],
[ "4.13", "Name Constraints" ],
[ "4.13.1", "Valid DN nameConstraints Test1", 0 ],
[ "4.13.2", "Invalid DN nameConstraints Test2", 47 ],
[ "4.13.3", "Invalid DN nameConstraints Test3", 47 ],
[ "4.13.4", "Valid DN nameConstraints Test4", 0 ],
[ "4.13.5", "Valid DN nameConstraints Test5", 0 ],
[ "4.13.6", "Valid DN nameConstraints Test6", 0 ],
[ "4.13.7", "Invalid DN nameConstraints Test7", 48 ],
[ "4.13.8", "Invalid DN nameConstraints Test8", 48 ],
[ "4.13.9", "Invalid DN nameConstraints Test9", 48 ],
[ "4.13.10", "Invalid DN nameConstraints Test10", 48 ],
[ "4.13.11", "Valid DN nameConstraints Test11", 0 ],
[ "4.13.12", "Invalid DN nameConstraints Test12", 47 ],
[ "4.13.13", "Invalid DN nameConstraints Test13", 47 ],
[ "4.13.14", "Valid DN nameConstraints Test14", 0 ],
[ "4.13.15", "Invalid DN nameConstraints Test15", 48 ],
[ "4.13.16", "Invalid DN nameConstraints Test16", 48 ],
[ "4.13.17", "Invalid DN nameConstraints Test17", 48 ],
[ "4.13.18", "Valid DN nameConstraints Test18", 0 ],
[ "4.13.19", "Valid Self-Issued DN nameConstraints Test19", 0 ],
[ "4.13.20", "Invalid Self-Issued DN nameConstraints Test20", 47 ],
[ "4.13.21", "Valid RFC822 nameConstraints Test21", 0 ],
[ "4.13.22", "Invalid RFC822 nameConstraints Test22", 47 ],
[ "4.13.23", "Valid RFC822 nameConstraints Test23", 0 ],
[ "4.13.24", "Invalid RFC822 nameConstraints Test24", 47 ],
[ "4.13.25", "Valid RFC822 nameConstraints Test25", 0 ],
[ "4.13.26", "Invalid RFC822 nameConstraints Test26", 48 ],
[ "4.13.27", "Valid DN and RFC822 nameConstraints Test27", 0 ],
[ "4.13.28", "Invalid DN and RFC822 nameConstraints Test28", 47 ],
[ "4.13.29", "Invalid DN and RFC822 nameConstraints Test29", 47 ],
[ "4.13.30", "Valid DNS nameConstraints Test30", 0 ],
[ "4.13.31", "Invalid DNS nameConstraints Test31", 47 ],
[ "4.13.32", "Valid DNS nameConstraints Test32", 0 ],
[ "4.13.33", "Invalid DNS nameConstraints Test33", 48 ],
[ "4.13.34", "Valid URI nameConstraints Test34", 0 ],
[ "4.13.35", "Invalid URI nameConstraints Test35", 47 ],
[ "4.13.36", "Valid URI nameConstraints Test36", 0 ],
[ "4.13.37", "Invalid URI nameConstraints Test37", 48 ],
[ "4.13.38", "Invalid DNS nameConstraints Test38", 47 ],
[ "4.14", "Distribution Points" ],
[ "4.14.1", "Valid distributionPoint Test1", 0 ],
[ "4.14.2", "Invalid distributionPoint Test2", 23 ],
[ "4.14.3", "Invalid distributionPoint Test3", 44 ],
[ "4.14.4", "Valid distributionPoint Test4", 0 ],
[ "4.14.5", "Valid distributionPoint Test5", 0 ],
[ "4.14.6", "Invalid distributionPoint Test6", 23 ],
[ "4.14.7", "Valid distributionPoint Test7", 0 ],
[ "4.14.8", "Invalid distributionPoint Test8", 44 ],
[ "4.14.9", "Invalid distributionPoint Test9", 44 ],
[ "4.14.10", "Valid No issuingDistributionPoint Test10", 0 ],
[ "4.14.11", "Invalid onlyContainsUserCerts CRL Test11", 44 ],
[ "4.14.12", "Invalid onlyContainsCACerts CRL Test12", 44 ],
[ "4.14.13", "Valid onlyContainsCACerts CRL Test13", 0 ],
[ "4.14.14", "Invalid onlyContainsAttributeCerts Test14", 44 ],
[ "4.14.15", "Invalid onlySomeReasons Test15", 23 ],
[ "4.14.16", "Invalid onlySomeReasons Test16", 23 ],
[ "4.14.17", "Invalid onlySomeReasons Test17", 3 ],
[ "4.14.18", "Valid onlySomeReasons Test18", 0 ],
[ "4.14.19", "Valid onlySomeReasons Test19", 0 ],
[ "4.14.20", "Invalid onlySomeReasons Test20", 23 ],
[ "4.14.21", "Invalid onlySomeReasons Test21", 23 ],
[ "4.14.22", "Valid IDP with indirectCRL Test22", 0 ],
[ "4.14.23", "Invalid IDP with indirectCRL Test23", 23 ],
[ "4.14.24", "Valid IDP with indirectCRL Test24", 0 ],
[ "4.14.25", "Valid IDP with indirectCRL Test25", 0 ],
[ "4.14.26", "Invalid IDP with indirectCRL Test26", 44 ],
[ "4.14.27", "Invalid cRLIssuer Test27", 3 ],
[ "4.14.28", "Valid cRLIssuer Test28", 0 ],
[ "4.14.29", "Valid cRLIssuer Test29", 0 ],
# Although this test is valid it has a circular dependency. As a result
# an attempt is made to recursively check a CRL path and rejected due to
# a CRL path validation error. PKITS notes suggest this test does not
# need to be run due to this issue.
[ "4.14.30", "Valid cRLIssuer Test30", 54 ],
[ "4.14.31", "Invalid cRLIssuer Test31", 23 ],
[ "4.14.32", "Invalid cRLIssuer Test32", 23 ],
[ "4.14.33", "Valid cRLIssuer Test33", 0 ],
[ "4.14.34", "Invalid cRLIssuer Test34", 23 ],
[ "4.14.35", "Invalid cRLIssuer Test35", 44 ],
[ "4.15", "Delta-CRLs" ],
[ "4.15.1", "Invalid deltaCRLIndicator No Base Test1", 3 ],
[ "4.15.2", "Valid delta-CRL Test2", 0 ],
[ "4.15.3", "Invalid delta-CRL Test3", 23 ],
[ "4.15.4", "Invalid delta-CRL Test4", 23 ],
[ "4.15.5", "Valid delta-CRL Test5", 0 ],
[ "4.15.6", "Invalid delta-CRL Test6", 23 ],
[ "4.15.7", "Valid delta-CRL Test7", 0 ],
[ "4.15.8", "Valid delta-CRL Test8", 0 ],
[ "4.15.9", "Invalid delta-CRL Test9", 23 ],
[ "4.15.10", "Invalid delta-CRL Test10", 12 ],
[ "4.16", "Private Certificate Extensions" ],
[ "4.16.1", "Valid Unknown Not Critical Certificate Extension Test1", 0 ],
[ "4.16.2", "Invalid Unknown Critical Certificate Extension Test2", 34 ],
);
my $verbose = 1;
my $numtest = 0;
my $numfail = 0;
my $ossl = "ossl/apps/openssl";
my $ossl_cmd = "$ossl_path cms -verify -verify_retcode ";
$ossl_cmd .= "-CAfile pkitsta.pem -crl_check_all -x509_strict ";
# Check for expiry of trust anchor
system "$ossl_path x509 -inform DER -in $pkitsta -checkend 0";
if ($? == 256)
{
print STDERR "WARNING: using older expired data\n";
$ossl_cmd .= "-attime 1291940972 ";
}
$ossl_cmd .= "-policy_check -extended_crl -use_deltas -out /dev/null 2>&1 ";
system "$ossl_path x509 -inform DER -in $pkitsta -out pkitsta.pem";
die "Can't create trust anchor file" if $?;
print "Running PKITS tests:\n" if $verbose;
foreach (@testlists) {
my $argnum = @$_;
if ( $argnum == 2 ) {
my ( $tnum, $title ) = @$_;
print "$tnum $title\n" if $verbose;
}
elsif ( $argnum == 3 ) {
my ( $tnum, $title, $exp_ret ) = @$_;
my $filename = $title;
$exp_ret += 32 if $exp_ret;
$filename =~ tr/ -//d;
$filename = "Signed${filename}.eml";
if ( !-f "$pkitsdir/$filename" ) {
print "\"$filename\" not found\n";
}
else {
my $ret;
my $test_fail = 0;
my $errmsg = "";
my $cmd = $ossl_cmd;
$cmd .= "-in $pkitsdir/$filename -policy anyPolicy";
my $cmdout = `$cmd`;
$ret = $? >> 8;
if ( $? & 0xff ) {
$errmsg .= "Abnormal OpenSSL termination\n";
$test_fail = 1;
}
if ( $exp_ret != $ret ) {
$errmsg .= "Return code:$ret, ";
$errmsg .= "expected $exp_ret\n";
$test_fail = 1;
}
if ($test_fail) {
print "$tnum $title : Failed!\n";
print "Filename: $pkitsdir/$filename\n";
print $errmsg;
print "Command output:\n$cmdout\n";
$numfail++;
}
$numtest++;
}
}
elsif ( $argnum == 7 ) {
my ( $tnum, $title, $exargs, $exp_epol, $exp_aset, $exp_uset, $exp_ret )
= @$_;
my $filename = $title;
$exp_ret += 32 if $exp_ret;
$filename =~ tr/ -//d;
$filename = "Signed${filename}.eml";
if ( !-f "$pkitsdir/$filename" ) {
print "\"$filename\" not found\n";
}
else {
my $ret;
my $cmdout = "";
my $errmsg = "";
my $epol = "";
my $aset = "";
my $uset = "";
my $pol = -1;
my $test_fail = 0;
my $cmd = $ossl_cmd;
$cmd .= "-in $pkitsdir/$filename $exargs -policy_print";
@oparr = `$cmd`;
$ret = $? >> 8;
if ( $? & 0xff ) {
$errmsg .= "Abnormal OpenSSL termination\n";
$test_fail = 1;
}
foreach (@oparr) {
my $test_failed = 0;
$cmdout .= $_;
if (/^Require explicit Policy: (.*)$/) {
$epol = $1;
}
if (/^Authority Policies/) {
if (/empty/) {
$aset = "<empty>";
}
else {
$pol = 1;
}
}
$test_fail = 1 if (/leak/i);
if (/^User Policies/) {
if (/empty/) {
$uset = "<empty>";
}
else {
$pol = 2;
}
}
if (/\s+Policy: (.*)$/) {
if ( $pol == 1 ) {
$aset .= ":" if $aset ne "";
$aset .= $1;
}
elsif ( $pol == 2 ) {
$uset .= ":" if $uset ne "";
$uset .= $1;
}
}
}
if ( $epol ne $exp_epol ) {
$errmsg .= "Explicit policy:$epol, ";
$errmsg .= "expected $exp_epol\n";
$test_fail = 1;
}
if ( $aset ne $exp_aset ) {
$errmsg .= "Authority policy set :$aset, ";
$errmsg .= "expected $exp_aset\n";
$test_fail = 1;
}
if ( $uset ne $exp_uset ) {
$errmsg .= "User policy set :$uset, ";
$errmsg .= "expected $exp_uset\n";
$test_fail = 1;
}
if ( $exp_ret != $ret ) {
print "Return code:$ret, expected $exp_ret\n";
$test_fail = 1;
}
if ($test_fail) {
print "$tnum $title : Failed!\n";
print "Filename: $pkitsdir/$filename\n";
print "Command output:\n$cmdout\n";
$numfail++;
}
$numtest++;
}
}
}
if ($numfail) {
print "$numfail tests failed out of $numtest\n";
}
else {
print "All Tests Successful.\n";
}
unlink "pkitsta.pem";

1
lib/libssl/test/smcont.txt
View File

@@ -1 +0,0 @@
Some test content for OpenSSL CMS

34
lib/libssl/test/smime-certs/smdsa1.pem
View File

@@ -1,34 +0,0 @@
-----BEGIN DSA PRIVATE KEY-----
MIIBuwIBAAKBgQDFJfsIPOIawMO5biw+AoYUhNVxReBOLQosU3Qv4B8krac0BNr3
OjSGLh1wZxHqhlAE0QmasTaKojuk20nNWeFnczSz6vDl0IVJEhS8VYor5kt9gLqt
GcoAgsf4gRDIutJyQDaNn3IVY89uXUVIoexvQeLQDBCgQPC5O8rJdqBwtwIVAK2J
jt+dqk07eQUE59koYUEKyNorAoGBAI4IEpusf8G14kCHmRtnHXM2tG5EWJDmW6Qt
wjqvWp1GKUx5WFy1tVWR9nl5rL0Di+kNdENo+SkKj7h3uDulGOI6T0mQYbV2h1IK
+FMOGnOqvZ8eNTE2n4PGTo5puZ63LBm+QYrQsrNiUY4vakLFQ2rEK/SLwdsDFK4Z
SJCBQw5zAoGATQlPPF+OeU8nu3rsdXGDiZdJzOkuCce3KQfTABA9C+Dk4CVcvBdd
YRLGpnykumkNTO1sTO+4/Gphsuje1ujK9td4UEhdYqylCe5QjEMrszDlJtelDQF9
C0yhdjKGTP0kxofLhsGckcuQvcKEKffT2pDDKJIy4vWQO0UyJl1vjLcCFG2uiGGx
9fMUZq1v0ePD4Wo0Xkxo
-----END DSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIDpDCCAw2gAwIBAgIJAMtotfHYdEsWMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDlaFw0xNjA1MTAxMzUzMDlaMEUx
CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
ZXN0IFMvTUlNRSBFRSBEU0EgIzEwggG3MIIBLAYHKoZIzjgEATCCAR8CgYEAxSX7
CDziGsDDuW4sPgKGFITVcUXgTi0KLFN0L+AfJK2nNATa9zo0hi4dcGcR6oZQBNEJ
mrE2iqI7pNtJzVnhZ3M0s+rw5dCFSRIUvFWKK+ZLfYC6rRnKAILH+IEQyLrSckA2
jZ9yFWPPbl1FSKHsb0Hi0AwQoEDwuTvKyXagcLcCFQCtiY7fnapNO3kFBOfZKGFB
CsjaKwKBgQCOCBKbrH/BteJAh5kbZx1zNrRuRFiQ5lukLcI6r1qdRilMeVhctbVV
kfZ5eay9A4vpDXRDaPkpCo+4d7g7pRjiOk9JkGG1dodSCvhTDhpzqr2fHjUxNp+D
xk6OabmetywZvkGK0LKzYlGOL2pCxUNqxCv0i8HbAxSuGUiQgUMOcwOBhAACgYBN
CU88X455Tye7eux1cYOJl0nM6S4Jx7cpB9MAED0L4OTgJVy8F11hEsamfKS6aQ1M
7WxM77j8amGy6N7W6Mr213hQSF1irKUJ7lCMQyuzMOUm16UNAX0LTKF2MoZM/STG
h8uGwZyRy5C9woQp99PakMMokjLi9ZA7RTImXW+Mt6OBgzCBgDAdBgNVHQ4EFgQU
4Qfbhpi5yqXaXuCLXj427mR25MkwHwYDVR0jBBgwFoAUE89Lp7uJLrM4Vxd2xput
aFvl7RcwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwIAYDVR0RBBkwF4EV
c21pbWVkc2ExQG9wZW5zc2wub3JnMA0GCSqGSIb3DQEBBQUAA4GBAFrdUzKK1pWO
kd02S423KUBc4GWWyiGlVoEO7WxVhHLJ8sm67X7OtJOwe0UGt+Nc5qLtyJYSirw8
phjiTdNpQCTJ8+Kc56tWkJ6H7NAI4vTJtPL5BM/EmeYrVSU9JI9xhqpyKw9IBD+n
hRJ79W9FaiJRvaAOX+TkyTukJrxAWRyv
-----END CERTIFICATE-----

34
lib/libssl/test/smime-certs/smdsa2.pem
View File

@@ -1,34 +0,0 @@
-----BEGIN DSA PRIVATE KEY-----
MIIBvAIBAAKBgQDFJfsIPOIawMO5biw+AoYUhNVxReBOLQosU3Qv4B8krac0BNr3
OjSGLh1wZxHqhlAE0QmasTaKojuk20nNWeFnczSz6vDl0IVJEhS8VYor5kt9gLqt
GcoAgsf4gRDIutJyQDaNn3IVY89uXUVIoexvQeLQDBCgQPC5O8rJdqBwtwIVAK2J
jt+dqk07eQUE59koYUEKyNorAoGBAI4IEpusf8G14kCHmRtnHXM2tG5EWJDmW6Qt
wjqvWp1GKUx5WFy1tVWR9nl5rL0Di+kNdENo+SkKj7h3uDulGOI6T0mQYbV2h1IK
+FMOGnOqvZ8eNTE2n4PGTo5puZ63LBm+QYrQsrNiUY4vakLFQ2rEK/SLwdsDFK4Z
SJCBQw5zAoGBAIPmO8BtJ+Yac58trrPwq9b/6VW3jQTWzTLWSH84/QQdqQa+Pz3v
It/+hHM0daNF5uls8ICsPL1aLXmRx0pHvIyb0aAzYae4T4Jv/COPDMTdKbA1uitJ
VbkGZrm+LIrs7I9lOkb4T0vI6kL/XdOCXY1469zsqCgJ/O2ibn6mq0nWAhR716o2
Nf8SimTZYB0/CKje6M5ufA==
-----END DSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIDpTCCAw6gAwIBAgIJAMtotfHYdEsXMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDlaFw0xNjA1MTAxMzUzMDlaMEUx
CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
ZXN0IFMvTUlNRSBFRSBEU0EgIzIwggG4MIIBLAYHKoZIzjgEATCCAR8CgYEAxSX7
CDziGsDDuW4sPgKGFITVcUXgTi0KLFN0L+AfJK2nNATa9zo0hi4dcGcR6oZQBNEJ
mrE2iqI7pNtJzVnhZ3M0s+rw5dCFSRIUvFWKK+ZLfYC6rRnKAILH+IEQyLrSckA2
jZ9yFWPPbl1FSKHsb0Hi0AwQoEDwuTvKyXagcLcCFQCtiY7fnapNO3kFBOfZKGFB
CsjaKwKBgQCOCBKbrH/BteJAh5kbZx1zNrRuRFiQ5lukLcI6r1qdRilMeVhctbVV
kfZ5eay9A4vpDXRDaPkpCo+4d7g7pRjiOk9JkGG1dodSCvhTDhpzqr2fHjUxNp+D
xk6OabmetywZvkGK0LKzYlGOL2pCxUNqxCv0i8HbAxSuGUiQgUMOcwOBhQACgYEA
g+Y7wG0n5hpzny2us/Cr1v/pVbeNBNbNMtZIfzj9BB2pBr4/Pe8i3/6EczR1o0Xm
6WzwgKw8vVoteZHHSke8jJvRoDNhp7hPgm/8I48MxN0psDW6K0lVuQZmub4siuzs
j2U6RvhPS8jqQv9d04JdjXjr3OyoKAn87aJufqarSdajgYMwgYAwHQYDVR0OBBYE
FHsAGNfVltSYUq4hC+YVYwsYtA+dMB8GA1UdIwQYMBaAFBPPS6e7iS6zOFcXdsab
rWhb5e0XMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgbAMCAGA1UdEQQZMBeB
FXNtaW1lZHNhMkBvcGVuc3NsLm9yZzANBgkqhkiG9w0BAQUFAAOBgQCx9BtCbaYF
FXjLClkuKXbESaDZA1biPgY25i00FsUzARuhCpqD2v+0tu5c33ZzIhL6xlvBRU5l
6Atw/xpZhae+hdBEtxPJoGekLLrHOau7Md3XwDjV4lFgcEJkWZoaSOOIK+4D5jF0
jZWtHjnwEzuLYlo7ScHSsbcQfjH0M1TP5A==
-----END CERTIFICATE-----

34
lib/libssl/test/smime-certs/smdsa3.pem
View File

@@ -1,34 +0,0 @@
-----BEGIN DSA PRIVATE KEY-----
MIIBvAIBAAKBgQDFJfsIPOIawMO5biw+AoYUhNVxReBOLQosU3Qv4B8krac0BNr3
OjSGLh1wZxHqhlAE0QmasTaKojuk20nNWeFnczSz6vDl0IVJEhS8VYor5kt9gLqt
GcoAgsf4gRDIutJyQDaNn3IVY89uXUVIoexvQeLQDBCgQPC5O8rJdqBwtwIVAK2J
jt+dqk07eQUE59koYUEKyNorAoGBAI4IEpusf8G14kCHmRtnHXM2tG5EWJDmW6Qt
wjqvWp1GKUx5WFy1tVWR9nl5rL0Di+kNdENo+SkKj7h3uDulGOI6T0mQYbV2h1IK
+FMOGnOqvZ8eNTE2n4PGTo5puZ63LBm+QYrQsrNiUY4vakLFQ2rEK/SLwdsDFK4Z
SJCBQw5zAoGAYzOpPmh8Je1IDauEXhgaLz14wqYUHHcrj2VWVJ6fRm8GhdQFJSI7
GUk08pgKZSKic2lNqxuzW7/vFxKQ/nvzfytY16b+2i+BR4Q6yvMzCebE1hHVg0Ju
TwfUMwoFEOhYP6ZwHSUiQl9IBMH9TNJCMwYMxfY+VOrURFsjGTRUgpwCFQCIGt5g
Y+XZd0Sv69CatDIRYWvaIA==
-----END DSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIDpDCCAw2gAwIBAgIJAMtotfHYdEsYMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDlaFw0xNjA1MTAxMzUzMDlaMEUx
CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
ZXN0IFMvTUlNRSBFRSBEU0EgIzMwggG3MIIBLAYHKoZIzjgEATCCAR8CgYEAxSX7
CDziGsDDuW4sPgKGFITVcUXgTi0KLFN0L+AfJK2nNATa9zo0hi4dcGcR6oZQBNEJ
mrE2iqI7pNtJzVnhZ3M0s+rw5dCFSRIUvFWKK+ZLfYC6rRnKAILH+IEQyLrSckA2
jZ9yFWPPbl1FSKHsb0Hi0AwQoEDwuTvKyXagcLcCFQCtiY7fnapNO3kFBOfZKGFB
CsjaKwKBgQCOCBKbrH/BteJAh5kbZx1zNrRuRFiQ5lukLcI6r1qdRilMeVhctbVV
kfZ5eay9A4vpDXRDaPkpCo+4d7g7pRjiOk9JkGG1dodSCvhTDhpzqr2fHjUxNp+D
xk6OabmetywZvkGK0LKzYlGOL2pCxUNqxCv0i8HbAxSuGUiQgUMOcwOBhAACgYBj
M6k+aHwl7UgNq4ReGBovPXjCphQcdyuPZVZUnp9GbwaF1AUlIjsZSTTymAplIqJz
aU2rG7Nbv+8XEpD+e/N/K1jXpv7aL4FHhDrK8zMJ5sTWEdWDQm5PB9QzCgUQ6Fg/
pnAdJSJCX0gEwf1M0kIzBgzF9j5U6tREWyMZNFSCnKOBgzCBgDAdBgNVHQ4EFgQU
VhpVXqQ/EzUMdxLvP7o9EhJ8h70wHwYDVR0jBBgwFoAUE89Lp7uJLrM4Vxd2xput
aFvl7RcwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwIAYDVR0RBBkwF4EV
c21pbWVkc2EzQG9wZW5zc2wub3JnMA0GCSqGSIb3DQEBBQUAA4GBACM9e75EQa8m
k/AZkH/tROqf3yeqijULl9x8FjFatqoY+29OM6oMGM425IqSkKd2ipz7OxO0SShu
rE0O3edS7DvYBwvhWPviRaYBMyZ4iFJVup+fOzoYK/j/bASxS3BHQBwb2r4rhe25
OlTyyFEk7DJyW18YFOG97S1P52oQ5f5x
-----END CERTIFICATE-----

9
lib/libssl/test/smime-certs/smdsap.pem
View File

@@ -1,9 +0,0 @@
-----BEGIN DSA PARAMETERS-----
MIIBHwKBgQDFJfsIPOIawMO5biw+AoYUhNVxReBOLQosU3Qv4B8krac0BNr3OjSG
Lh1wZxHqhlAE0QmasTaKojuk20nNWeFnczSz6vDl0IVJEhS8VYor5kt9gLqtGcoA
gsf4gRDIutJyQDaNn3IVY89uXUVIoexvQeLQDBCgQPC5O8rJdqBwtwIVAK2Jjt+d
qk07eQUE59koYUEKyNorAoGBAI4IEpusf8G14kCHmRtnHXM2tG5EWJDmW6Qtwjqv
Wp1GKUx5WFy1tVWR9nl5rL0Di+kNdENo+SkKj7h3uDulGOI6T0mQYbV2h1IK+FMO
GnOqvZ8eNTE2n4PGTo5puZ63LBm+QYrQsrNiUY4vakLFQ2rEK/SLwdsDFK4ZSJCB
Qw5z
-----END DSA PARAMETERS-----

30
lib/libssl/test/smime-certs/smroot.pem
View File

@@ -1,30 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQDBV1Z/Q5gPF7lojc8pKUdyz5+Jf2B3vs4he6egekugWnoJduki
9Lnae/JchB/soIX0co3nLc11NuFFlnAWJNMDJr08l5AHAJLYNHevF5l/f9oDQwvZ
speKh1xpIAJNqCTzVeQ/ZLx6/GccIXV/xDuKIiovqJTPgR5WPkYKaw++lQIDAQAB
AoGALXnUj5SflJU4+B2652ydMKUjWl0KnL/VjkyejgGV/j6py8Ybaixz9q8Gv7oY
JDlRqMC1HfZJCFQDQrHy5VJ+CywA/H9WrqKo/Ch9U4tJAZtkig1Cmay/BAYixVu0
xBeim10aKF6hxHH4Chg9We+OCuzWBWJhqveNjuDedL/i7JUCQQDlejovcwBUCbhJ
U12qKOwlaboolWbl7yF3XdckTJZg7+1UqQHZH5jYZlLZyZxiaC92SNV0SyTLJZnS
Jh5CO+VDAkEA16/pPcuVtMMz/R6SSPpRSIAa1stLs0mFSs3NpR4pdm0n42mu05pO
1tJEt3a1g7zkreQBf53+Dwb+lA841EkjRwJBAIFmt0DifKDnCkBu/jZh9SfzwsH3
3Zpzik+hXxxdA7+ODCrdUul449vDd5zQD5t+XKU61QNLDGhxv5e9XvrCg7kCQH/a
3ldsVF0oDaxxL+QkxoREtCQ5tLEd1u7F2q6Tl56FDE0pe6Ih6bQ8RtG+g9EI60IN
U7oTrOO5kLWx5E0q4ccCQAZVgoenn9MhRU1agKOCuM6LT2DxReTu4XztJzynej+8
0J93n3ebanB1MlRpn1XJwhQ7gAC8ImaQKLJK5jdJzFc=
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIICaTCCAdKgAwIBAgIJAP6VN47boiXRMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDdaFw0xNjA1MTExMzUzMDdaMEQx
CzAJBgNVBAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRU
ZXN0IFMvTUlNRSBSU0EgUm9vdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
wVdWf0OYDxe5aI3PKSlHcs+fiX9gd77OIXunoHpLoFp6CXbpIvS52nvyXIQf7KCF
9HKN5y3NdTbhRZZwFiTTAya9PJeQBwCS2DR3rxeZf3/aA0ML2bKXiodcaSACTagk
81XkP2S8evxnHCF1f8Q7iiIqL6iUz4EeVj5GCmsPvpUCAwEAAaNjMGEwHQYDVR0O
BBYEFBPPS6e7iS6zOFcXdsabrWhb5e0XMB8GA1UdIwQYMBaAFBPPS6e7iS6zOFcX
dsabrWhb5e0XMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMA0GCSqG
SIb3DQEBBQUAA4GBAIECprq5viDvnDbkyOaiSr9ubMUmWqvycfAJMdPZRKcOZczS
l+L9R9lF3JSqbt3knOe9u6bGDBOTY2285PdCCuHRVMk2Af1f6El1fqAlRUwNqipp
r68sWFuRqrcRNtk6QQvXfkOhrqQBuDa7te/OVQLa2lGN9Dr2mQsD8ijctatG
-----END CERTIFICATE-----

31
lib/libssl/test/smime-certs/smrsa1.pem
View File

@@ -1,31 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQC6A978j4pmPgUtUQqF+bjh6vdhwGOGZSD7xXgFTMjm88twfv+E
ixkq2KXSDjD0ZXoQbdOaSbvGRQrIJpG2NGiKAFdYNrP025kCCdh5wF/aEI7KLEm7
JlHwXpQsuj4wkMgmkFjL3Ty4Z55aNH+2pPQIa0k+ENJXm2gDuhqgBmduAwIDAQAB
AoGBAJMuYu51aO2THyeHGwt81uOytcCbqGP7eoib62ZOJhxPRGYjpmuqX+R9/V5i
KiwGavm63JYUx0WO9YP+uIZxm1BUATzkgkS74u5LP6ajhkZh6/Bck1oIYYkbVOXl
JVrdENuH6U7nupznsyYgONByo+ykFPVUGmutgiaC7NMVo/MxAkEA6KLejWXdCIEn
xr7hGph9NlvY9xuRIMexRV/WrddcFfCdjI1PciIupgrIkR65M9yr7atm1iU6/aRf
KOr8rLZsSQJBAMyyXN71NsDNx4BP6rtJ/LJMP0BylznWkA7zWfGCbAYn9VhZVlSY
Eu9Gyr7quD1ix7G3kInKVYOEEOpockBLz+sCQQCedyMmKjcQLfpMVYW8uhbAynvW
h36qV5yXZxszO7nMcCTBsxhk5IfmLv5EbCs3+p9avCDGyoGOeUMg+kC33WORAkAg
oUIarH4o5+SoeJTTfCzTA0KF9H5U0vYt2+73h7HOnWoHxl3zqDZEfEVvf50U8/0f
QELDJETTbScBJtsnkq43AkEA38etvoZ2i4FJvvo7R/9gWBHVEcrGzcsCBYrNnIR1
SZLRwHEGaiOK1wxMsWzqp7PJwL9z/M8A8DyOFBx3GPOniA==
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIICizCCAfSgAwIBAgIJAMtotfHYdEsTMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDhaFw0xNjA1MTAxMzUzMDhaMEUx
CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
ZXN0IFMvTUlNRSBFRSBSU0EgIzEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
ALoD3vyPimY+BS1RCoX5uOHq92HAY4ZlIPvFeAVMyObzy3B+/4SLGSrYpdIOMPRl
ehBt05pJu8ZFCsgmkbY0aIoAV1g2s/TbmQIJ2HnAX9oQjsosSbsmUfBelCy6PjCQ
yCaQWMvdPLhnnlo0f7ak9AhrST4Q0lebaAO6GqAGZ24DAgMBAAGjgYMwgYAwHQYD
VR0OBBYEFE2vMvKz5jrC7Lbdg68XwZ95iL/QMB8GA1UdIwQYMBaAFBPPS6e7iS6z
OFcXdsabrWhb5e0XMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCAGA1Ud
EQQZMBeBFXNtaW1lcnNhMUBvcGVuc3NsLm9yZzANBgkqhkiG9w0BAQUFAAOBgQAi
O3GOkUl646oLnOimc36i9wxZ1tejsqs8vMjJ0Pym6Uq9FE2JoGzJ6OhB1GOsEVmj
9cQ5UNQcRYL3cqOFtl6f4Dpu/lhzfbaqgmLjv29G1mS0uuTZrixhlyCXjwcbOkNC
I/+wvHHENYIK5+T/79M9LaZ2Qk4F9MNE1VMljdz9Qw==
-----END CERTIFICATE-----

31
lib/libssl/test/smime-certs/smrsa2.pem
View File

@@ -1,31 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgQCwBfryW4Vu5U9wNIDKspJO/N9YF4CcTlrCUyzVlKgb+8urHlSe
59i5verR9IOCCXkemjOzZ/3nALTGqYZlnEvHp0Rjk+KdKXnKBIB+SRPpeu3LcXMT
WPgsThPa0UQxedNKG0g6aG+kLhsDlFBCoxd09jJtSpb9jmroJOq0ZYEHLwIDAQAB
AoGAKa/w4677Je1W5+r3SYoLDnvi5TkDs4D3C6ipKJgBTEdQz+DqB4w/DpZE4551
+rkFn1LDxcxuHGRVa+tAMhZW97fwq9YUbjVZEyOz79qrX+BMyl/NbHkf1lIKDo3q
dWalzQvop7nbzeLC+VmmviwZfLQUbA61AQl3jm4dswT4XykCQQDloDadEv/28NTx
bvvywvyGuvJkCkEIycm4JrIInvwsd76h/chZ3oymrqzc7hkEtK6kThqlS5y+WXl6
QzPruTKTAkEAxD2ro/VUoN+scIVaLmn0RBmZ67+9Pdn6pNSfjlK3s0T0EM6/iUWS
M06l6L9wFS3/ceu1tIifsh9BeqOGTa+udQJARIFnybTBaIqw/NZ/lA1YCVn8tpvY
iyaoZ6gjtS65TQrsdKeh/i3HCHNUXxUpoZ3F/H7QtD+6o49ODou+EbVOwQJAVmex
A2gp8wuJKaINqxIL81AybZLnCCzKJ3lXJ5tUNyLNM/lUbGStktm2Q1zHRQwTxV07
jFn7trn8YrtNjzcjYQJAUKIJRt38A8Jw3HoPT+D0WS2IgxjVL0eYGsZX1lyeammG
6rfnQ3u5uP7mEK2EH2o8mDUpAE0gclWBU9UkKxJsGA==
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIICizCCAfSgAwIBAgIJAMtotfHYdEsUMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDhaFw0xNjA1MTAxMzUzMDhaMEUx
CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
ZXN0IFMvTUlNRSBFRSBSU0EgIzIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
ALAF+vJbhW7lT3A0gMqykk7831gXgJxOWsJTLNWUqBv7y6seVJ7n2Lm96tH0g4IJ
eR6aM7Nn/ecAtMaphmWcS8enRGOT4p0pecoEgH5JE+l67ctxcxNY+CxOE9rRRDF5
00obSDpob6QuGwOUUEKjF3T2Mm1Klv2Oaugk6rRlgQcvAgMBAAGjgYMwgYAwHQYD
VR0OBBYEFIL/u+mEvaw7RuKLRuElfVkxSQjYMB8GA1UdIwQYMBaAFBPPS6e7iS6z
OFcXdsabrWhb5e0XMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCAGA1Ud
EQQZMBeBFXNtaW1lcnNhMkBvcGVuc3NsLm9yZzANBgkqhkiG9w0BAQUFAAOBgQC2
rXR5bm/9RtOMQPleNpd3y6uUX3oy+0CafK5Yl3PMnItjjnKJ0l1/DbLbDj2twehe
ewaB8CROcBCA3AMLSmGvPKgUCFMGtWam3328M4fBHzon5ka7qDXzM+imkAly/Yx2
YNdR/aNOug+5sXygHmTSKqiCpQjOIClzXoPVVeEVHw==
-----END CERTIFICATE-----

31
lib/libssl/test/smime-certs/smrsa3.pem
View File

@@ -1,31 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQC6syTZtZNe1hRScFc4PUVyVLsr7+C1HDIZnOHmwFoLayX6RHwy
ep/TkdwiPHnemVLuwvpSjLMLZkXy/J764kSHJrNeVl3UvmCVCOm40hAtK1+F39pM
h8phkbPPD7i+hwq4/Vs79o46nzwbVKmzgoZBJhZ+codujUSYM3LjJ4aq+wIDAQAB
AoGAE1Zixrnr3bLGwBMqtYSDIOhtyos59whImCaLr17U9MHQWS+mvYO98if1aQZi
iQ/QazJ+wvYXxWJ+dEB+JvYwqrGeuAU6He/rAb4OShG4FPVU2D19gzRnaButWMeT
/1lgXV08hegGBL7RQNaN7b0viFYMcKnSghleMP0/q+Y/oaECQQDkXEwDYJW13X9p
ijS20ykWdY5lLknjkHRhhOYux0rlhOqsyMZjoUmwI2m0qj9yrIysKhrk4MZaM/uC
hy0xp3hdAkEA0Uv/UY0Kwsgc+W6YxeypECtg1qCE6FBib8n4iFy/6VcWqhvE5xrs
OdhKv9/p6aLjLneGd1sU+F8eS9LGyKIbNwJBAJPgbNzXA7uUZriqZb5qeTXxBDfj
RLfXSHYKAKEULxz3+JvRHB9SR4yHMiFrCdExiZrHXUkPgYLSHLGG5a4824UCQD6T
9XvhquUARkGCAuWy0/3Eqoihp/t6BWSdQ9Upviu7YUhtUxsyXo0REZB7F4pGrJx5
GlhXgFaewgUzuUHFzlMCQCzJMMWslWpoLntnR6sMhBMhBFHSw+Y5CbxBmFrdtSkd
VdtNO1VuDCTxjjW7W3Khj7LX4KZ1ye/5jfAgnnnXisc=
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIICizCCAfSgAwIBAgIJAMtotfHYdEsVMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDlaFw0xNjA1MTAxMzUzMDlaMEUx
CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
ZXN0IFMvTUlNRSBFRSBSU0EgIzMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
ALqzJNm1k17WFFJwVzg9RXJUuyvv4LUcMhmc4ebAWgtrJfpEfDJ6n9OR3CI8ed6Z
Uu7C+lKMswtmRfL8nvriRIcms15WXdS+YJUI6bjSEC0rX4Xf2kyHymGRs88PuL6H
Crj9Wzv2jjqfPBtUqbOChkEmFn5yh26NRJgzcuMnhqr7AgMBAAGjgYMwgYAwHQYD
VR0OBBYEFDsSFjNtYZzd0tTHafNS7tneQQj6MB8GA1UdIwQYMBaAFBPPS6e7iS6z
OFcXdsabrWhb5e0XMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCAGA1Ud
EQQZMBeBFXNtaW1lcnNhM0BvcGVuc3NsLm9yZzANBgkqhkiG9w0BAQUFAAOBgQBE
tUDB+1Dqigu4p1xtdq7JRK6S+gfA7RWmhz0j2scb2zhpS12h37JLHsidGeKAzZYq
jUjOrH/j3xcV5AnuJoqImJaN23nzzxtR4qGGX2mrq6EtObzdEGgCUaizsGM+0slJ
PYxcy8KeY/63B1BpYhj2RjGkL6HrvuAaxVORa3acoA==
-----END CERTIFICATE-----

78
lib/libssl/test/tcrl
View File

@@ -1,78 +0,0 @@
#!/bin/sh
cmd='../util/shlib_wrap.sh ../apps/openssl crl'
if [ "$1"x != "x" ]; then
t=$1
else
t=testcrl.pem
fi
echo testing crl conversions
cp $t fff.p
echo "p -> d"
$cmd -in fff.p -inform p -outform d >f.d
if [ $? != 0 ]; then exit 1; fi
#echo "p -> t"
#$cmd -in fff.p -inform p -outform t >f.t
#if [ $? != 0 ]; then exit 1; fi
echo "p -> p"
$cmd -in fff.p -inform p -outform p >f.p
if [ $? != 0 ]; then exit 1; fi
echo "d -> d"
$cmd -in f.d -inform d -outform d >ff.d1
if [ $? != 0 ]; then exit 1; fi
#echo "t -> d"
#$cmd -in f.t -inform t -outform d >ff.d2
#if [ $? != 0 ]; then exit 1; fi
echo "p -> d"
$cmd -in f.p -inform p -outform d >ff.d3
if [ $? != 0 ]; then exit 1; fi
#echo "d -> t"
#$cmd -in f.d -inform d -outform t >ff.t1
#if [ $? != 0 ]; then exit 1; fi
#echo "t -> t"
#$cmd -in f.t -inform t -outform t >ff.t2
#if [ $? != 0 ]; then exit 1; fi
#echo "p -> t"
#$cmd -in f.p -inform p -outform t >ff.t3
#if [ $? != 0 ]; then exit 1; fi
echo "d -> p"
$cmd -in f.d -inform d -outform p >ff.p1
if [ $? != 0 ]; then exit 1; fi
#echo "t -> p"
#$cmd -in f.t -inform t -outform p >ff.p2
#if [ $? != 0 ]; then exit 1; fi
echo "p -> p"
$cmd -in f.p -inform p -outform p >ff.p3
if [ $? != 0 ]; then exit 1; fi
cmp fff.p f.p
if [ $? != 0 ]; then exit 1; fi
cmp fff.p ff.p1
if [ $? != 0 ]; then exit 1; fi
#cmp fff.p ff.p2
#if [ $? != 0 ]; then exit 1; fi
cmp fff.p ff.p3
if [ $? != 0 ]; then exit 1; fi
#cmp f.t ff.t1
#if [ $? != 0 ]; then exit 1; fi
#cmp f.t ff.t2
#if [ $? != 0 ]; then exit 1; fi
#cmp f.t ff.t3
#if [ $? != 0 ]; then exit 1; fi
cmp f.p ff.p1
if [ $? != 0 ]; then exit 1; fi
#cmp f.p ff.p2
#if [ $? != 0 ]; then exit 1; fi
cmp f.p ff.p3
if [ $? != 0 ]; then exit 1; fi
/bin/rm -f f.* ff.* fff.*
exit 0

88
lib/libssl/test/test.cnf
View File

@@ -1,88 +0,0 @@
#
# SSLeay example configuration file.
# This is mostly being used for generation of certificate requests.
#
RANDFILE = ./.rnd
####################################################################
[ ca ]
default_ca = CA_default # The default ca section
####################################################################
[ CA_default ]
dir = ./demoCA # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file.
new_certs_dir = $dir/new_certs # default place for new certs.
certificate = $dir/CAcert.pem # The CA certificate
serial = $dir/serial # The current serial number
crl = $dir/crl.pem # The current CRL
private_key = $dir/private/CAkey.pem# The private key
RANDFILE = $dir/private/.rand # private random number file
default_days = 365 # how long to certify for
default_crl_days= 30 # how long before next CRL
default_md = md5 # which md to use.
# A few difference way of specifying how similar the request should look
# For type CA, the listed attributes must be the same, and the optional
# and supplied fields are just that :-)
policy = policy_match
# For the CA policy
[ policy_match ]
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
# For the 'anything' policy
# At this point in time, you must list all acceptable 'object'
# types.
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
####################################################################
[ req ]
default_bits = 1024
default_keyfile = testkey.pem
distinguished_name = req_distinguished_name
encrypt_rsa_key = no
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = AU
countryName_value = AU
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = Queensland
stateOrProvinceName_value =
localityName = Locality Name (eg, city)
localityName_value = Brisbane
organizationName = Organization Name (eg, company)
organizationName_default =
organizationName_value = CryptSoft Pty Ltd
organizationalUnitName = Organizational Unit Name (eg, section)
organizationalUnitName_default =
organizationalUnitName_value = .
commonName = Common Name (eg, YOUR name)
commonName_value = Eric Young
emailAddress = Email Address
emailAddress_value = eay@mincom.oz.au

69
lib/libssl/test/test_aesni
View File

@@ -1,69 +0,0 @@
#!/bin/sh
PROG=$1
if [ -x $PROG ]; then
if expr "x`$PROG version`" : "xOpenSSL" > /dev/null; then
:
else
echo "$PROG is not OpenSSL executable"
exit 1
fi
else
echo "$PROG is not executable"
exit 1;
fi
if $PROG engine aesni | grep -v no-aesni; then
HASH=`cat $PROG | $PROG dgst -hex`
AES_ALGS=" aes-128-ecb aes-192-ecb aes-256-ecb \
aes-128-cbc aes-192-cbc aes-256-cbc \
aes-128-cfb aes-192-cfb aes-256-cfb \
aes-128-ofb aes-192-ofb aes-256-ofb"
BUFSIZE="16 32 48 64 80 96 128 144 999"
nerr=0
for alg in $AES_ALGS; do
echo $alg
for bufsize in $BUFSIZE; do
TEST=`( cat $PROG | \
$PROG enc -e -k "$HASH" -$alg -bufsize $bufsize -engine aesni | \
$PROG enc -d -k "$HASH" -$alg | \
$PROG dgst -hex ) 2>/dev/null`
if [ "$TEST" != "$HASH" ]; then
echo "-$alg/$bufsize encrypt test failed"
nerr=`expr $nerr + 1`
fi
done
for bufsize in $BUFSIZE; do
TEST=`( cat $PROG | \
$PROG enc -e -k "$HASH" -$alg | \
$PROG enc -d -k "$HASH" -$alg -bufsize $bufsize -engine aesni | \
$PROG dgst -hex ) 2>/dev/null`
if [ "$TEST" != "$HASH" ]; then
echo "-$alg/$bufsize decrypt test failed"
nerr=`expr $nerr + 1`
fi
done
TEST=`( cat $PROG | \
$PROG enc -e -k "$HASH" -$alg -engine aesni | \
$PROG enc -d -k "$HASH" -$alg -engine aesni | \
$PROG dgst -hex ) 2>/dev/null`
if [ "$TEST" != "$HASH" ]; then
echo "-$alg en/decrypt test failed"
nerr=`expr $nerr + 1`
fi
done
if [ $nerr -gt 0 ]; then
echo "AESNI engine test failed."
exit 1;
fi
else
echo "AESNI engine is not available"
fi
exit 0

64
lib/libssl/test/test_padlock
View File

@@ -1,64 +0,0 @@
#!/bin/sh
PROG=$1
if [ -x $PROG ]; then
if expr "x`$PROG version`" : "xOpenSSL" > /dev/null; then
:
else
echo "$PROG is not OpenSSL executable"
exit 1
fi
else
echo "$PROG is not executable"
exit 1;
fi
if $PROG engine padlock | grep -v no-ACE; then
HASH=`cat $PROG | $PROG dgst -hex`
ACE_ALGS=" aes-128-ecb aes-192-ecb aes-256-ecb \
aes-128-cbc aes-192-cbc aes-256-cbc \
aes-128-cfb aes-192-cfb aes-256-cfb \
aes-128-ofb aes-192-ofb aes-256-ofb"
nerr=0
for alg in $ACE_ALGS; do
echo $alg
TEST=`( cat $PROG | \
$PROG enc -e -k "$HASH" -$alg -bufsize 999 -engine padlock | \
$PROG enc -d -k "$HASH" -$alg | \
$PROG dgst -hex ) 2>/dev/null`
if [ "$TEST" != "$HASH" ]; then
echo "-$alg encrypt test failed"
nerr=`expr $nerr + 1`
fi
TEST=`( cat $PROG | \
$PROG enc -e -k "$HASH" -$alg | \
$PROG enc -d -k "$HASH" -$alg -bufsize 999 -engine padlock | \
$PROG dgst -hex ) 2>/dev/null`
if [ "$TEST" != "$HASH" ]; then
echo "-$alg decrypt test failed"
nerr=`expr $nerr + 1`
fi
TEST=`( cat $PROG | \
$PROG enc -e -k "$HASH" -$alg -engine padlock | \
$PROG enc -d -k "$HASH" -$alg -engine padlock | \
$PROG dgst -hex ) 2>/dev/null`
if [ "$TEST" != "$HASH" ]; then
echo "-$alg en/decrypt test failed"
nerr=`expr $nerr + 1`
fi
done
if [ $nerr -gt 0 ]; then
echo "PadLock ACE test failed."
exit 1;
fi
else
echo "PadLock ACE is not available"
fi
exit 0

51
lib/libssl/test/testca
View File

@@ -1,51 +0,0 @@
#!/bin/sh
SH="/bin/sh"
if test "$OSTYPE" = msdosdjgpp; then
PATH="../apps\;$PATH"
else
PATH="../apps:$PATH"
fi
export SH PATH
SSLEAY_CONFIG="-config CAss.cnf"
export SSLEAY_CONFIG
OPENSSL="`pwd`/../util/opensslwrap.sh"
export OPENSSL
/bin/rm -fr demoCA
$SH ../apps/CA.sh -newca <<EOF
EOF
if [ $? != 0 ]; then
exit 1;
fi
SSLEAY_CONFIG="-config Uss.cnf"
export SSLEAY_CONFIG
$SH ../apps/CA.sh -newreq
if [ $? != 0 ]; then
exit 1;
fi
SSLEAY_CONFIG="-config ../apps/openssl.cnf"
export SSLEAY_CONFIG
$SH ../apps/CA.sh -sign <<EOF
y
y
EOF
if [ $? != 0 ]; then
exit 1;
fi
$SH ../apps/CA.sh -verify newcert.pem
if [ $? != 0 ]; then
exit 1;
fi
/bin/rm -fr demoCA newcert.pem newreq.pem
#usage: CA -newcert|-newreq|-newca|-sign|-verify

16
lib/libssl/test/testcrl.pem
View File

@@ -1,16 +0,0 @@
-----BEGIN X509 CRL-----
MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT
F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy
IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw
MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw
MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw
MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw
MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw
MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw
MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw
NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw
NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF
AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ
wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt
JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v
-----END X509 CRL-----

54
lib/libssl/test/testenc
View File

@@ -1,54 +0,0 @@
#!/bin/sh
testsrc=Makefile
test=./p
cmd="../util/shlib_wrap.sh ../apps/openssl"
cat $testsrc >$test;
echo cat
$cmd enc < $test > $test.cipher
$cmd enc < $test.cipher >$test.clear
cmp $test $test.clear
if [ $? != 0 ]
then
exit 1
else
/bin/rm $test.cipher $test.clear
fi
echo base64
$cmd enc -a -e < $test > $test.cipher
$cmd enc -a -d < $test.cipher >$test.clear
cmp $test $test.clear
if [ $? != 0 ]
then
exit 1
else
/bin/rm $test.cipher $test.clear
fi
for i in `$cmd list-cipher-commands`
do
echo $i
$cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher
$cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear
cmp $test $test.$i.clear
if [ $? != 0 ]
then
exit 1
else
/bin/rm $test.$i.cipher $test.$i.clear
fi
echo $i base64
$cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher
$cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
cmp $test $test.$i.clear
if [ $? != 0 ]
then
exit 1
else
/bin/rm $test.$i.cipher $test.$i.clear
fi
done
rm -f $test

44
lib/libssl/test/testgen
View File

@@ -1,44 +0,0 @@
#!/bin/sh
T=testcert
KEY=512
CA=../certs/testca.pem
/bin/rm -f $T.1 $T.2 $T.key
if test "$OSTYPE" = msdosdjgpp; then
PATH=../apps\;$PATH;
else
PATH=../apps:$PATH;
fi
export PATH
echo "generating certificate request"
echo "string to make the random number generator think it has entropy" >> ./.rnd
if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
req_new='-newkey dsa:../apps/dsa512.pem'
else
req_new='-new'
echo "There should be a 2 sequences of .'s and some +'s."
echo "There should not be more that at most 80 per line"
fi
echo "This could take some time."
rm -f testkey.pem testreq.pem
../util/shlib_wrap.sh ../apps/openssl req -config test.cnf $req_new -out testreq.pem
if [ $? != 0 ]; then
echo problems creating request
exit 1
fi
../util/shlib_wrap.sh ../apps/openssl req -config test.cnf -verify -in testreq.pem -noout
if [ $? != 0 ]; then
echo signature on req is wrong
exit 1
fi
exit 0

46
lib/libssl/test/testp7.pem
View File

@@ -1,46 +0,0 @@
-----BEGIN PKCS7-----
MIIIGAYJKoZIhvcNAQcCoIIICTCCCAUCAQExADALBgkqhkiG9w0BBwGgggY8MIIE
cjCCBBygAwIBAgIQeS+OJfWJUZAx6cX0eAiMjzANBgkqhkiG9w0BAQQFADBiMREw
DwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNV
BAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIw
HhcNOTYwNzE5MDAwMDAwWhcNOTcwMzMwMjM1OTU5WjCB1TERMA8GA1UEBxMISW50
ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2ln
biBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMSgwJgYDVQQLEx9E
aWdpdGFsIElEIENsYXNzIDEgLSBTTUlNRSBUZXN0MUcwRQYDVQQLEz53d3cudmVy
aXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMCBJbmMuIGJ5IFJlZi4sTElBQi5M
VEQoYyk5NjBbMA0GCSqGSIb3DQEBAQUAA0oAMEcCQA7LvHEIAiQ5+4gDYvJGnGAq
UM5GXyG11diEXmIEZTHUZhorooX5sr8IIjSXiPY59YYUFSvAaharFM1xaBN8zNEC
AwEAAaOCAjkwggI1MAkGA1UdEwQCMAAwggImBgNVHQMEggIdMIICGTCCAhUwggIR
BgtghkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0
ZXMgYnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0
IHRvLCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1l
bnQgKENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
L0NQUy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29t
OyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4s
IE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04
ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0
cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJ
QUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQEC
MC8wLRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEu
AzANBgkqhkiG9w0BAQQFAANBAMCYDuSb/eIlYSxY31nZZTaCZkCSfHjlacMofExr
cF+A2yHoEuT+eCQkqM0pMNHXddUeoQ9RjV+VuMBNmm63DUYwggHCMIIBbKADAgEC
AhB8CYTq1bkRFJBYOd67cp9JMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVT
MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBD
QTAeFw05NjA3MTcwMDAwMDBaFw05NzA3MTcyMzU5NTlaMGIxETAPBgNVBAcTCElu
dGVybmV0MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNp
Z24gQ2xhc3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjBcMA0GCSqGSIb3
DQEBAQUAA0sAMEgCQQDsVzrNgnDhbAJZrWeLd9g1vMZJA2W67D33TTbga6yMt+ES
TWEywhS6RNP+fzLGg7utinjH4tL60cXa0G27GDsLAgMBAAGjIjAgMAsGA1UdDwQE
AwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADQQAUp6bRwkaD
2d1MBs/mjUcgTI2fXVmW8tTm/Ud6OzUwpC3vYgybiOOA4f6mOC5dbyUHrLOsrihU
47ZQ0Jo1DUfboYIBrTCBwTBtMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVT
MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBD
QRcNOTYwNzE3MTc0NDA5WhcNOTgwNzE3MDAwMDAwWjANBgkqhkiG9w0BAQIFAANB
AHitA0/xAukCjHzeh1AMT/l2oC68N+yFb+aJPHBBMxc6gG2MaKjBNwb5hcXUllMl
ExONA3ju10f7owIq3s3wx10wgeYwgZEwDQYJKoZIhvcNAQECBQAwYjERMA8GA1UE
BxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytW
ZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyFw05NjA3
MTcxNzU5MjlaFw05NzA3MTgwMDAwMDBaMA0GCSqGSIb3DQEBAgUAA0EAubVWYTsW
sQmste9f+UgMw8BkjDlM25fwQLrCfmmnLxjewey10kSROypUaJLb+r4oRALc0fG9
XfZsaiiIgotQHjEA
-----END PKCS7-----

7
lib/libssl/test/testreq2.pem
View File

@@ -1,7 +0,0 @@
-----BEGIN CERTIFICATE REQUEST-----
MIHaMIGFAgEAMA4xDDAKBgNVBAMTA2NuNDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgC
QQCQsnkyUGDY2R3mYoeTprFJKgWuJ3f1jUjlIuW5+wfAUoeMt35c4vcFZ2mIBpEG
DtzkNQN1kr2O9ldm9zYnYhyhAgMBAAGgEjAQBgorBgEEAYI3AgEOMQIwADANBgkq
hkiG9w0BAQQFAANBAAb2szZgVIxg3vK6kYLjGSBISyuzcXJ6IvuPW6M+yzi1Qgoi
gQhazHTJp91T8ItZEzUJGZSZl2e5iXlnffWB+/U=
-----END CERTIFICATE REQUEST-----

9
lib/libssl/test/testrsa.pem
View File

@@ -1,9 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
MIIBPAIBAAJBAKrbeqkuRk8VcRmWFmtP+LviMB3+6dizWW3DwaffznyHGAFwUJ/I
Tv0XtbsCyl3QoyKGhrOAy3RvPK5M38iuXT0CAwEAAQJAZ3cnzaHXM/bxGaR5CR1R
rD1qFBAVfoQFiOH9uPJgMaoAuoQEisPHVcZDKcOv4wEg6/TInAIXBnEigtqvRzuy
oQIhAPcgZzUq3yVooAaoov8UbXPxqHlwo6GBMqnv20xzkf6ZAiEAsP4BnIaQTM8S
mvcpHZwQJdmdHHkGKAs37Dfxi67HbkUCIQCeZGliHXFa071Fp06ZeWlR2ADonTZz
rJBhdTe0v5pCeQIhAIZfkiGgGBX4cIuuckzEm43g9WMUjxP/0GlK39vIyihxAiEA
mymehFRT0MvqW5xAKAx7Pgkt8HVKwVhc2LwGKHE0DZM=
-----END RSA PRIVATE KEY-----

12
lib/libssl/test/testsid.pem
View File

@@ -1,12 +0,0 @@
-----BEGIN SSL SESSION PARAMETERS-----
MIIB1gIBAQIBAgQDAQCABBCi11xa5qkOP8xrr02K/NQCBBBkIYQZM0Bt95W0EHNV
bA58oQYCBDIBr7WiBAICASyjggGGMIIBgjCCASwCAQMwDQYJKoZIhvcNAQEEBQAw
ODELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3Jz
YSB0ZXN0IENBMB4XDTk1MTAwOTIzMzEzNFoXDTk4MDcwNTIzMzEzNFowYDELMAkG
A1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRk
LjELMAkGA1UECxMCQ1MxGzAZBgNVBAMTElNTTGVheSBkZW1vIGNsaWVudDBcMA0G
CSqGSIb3DQEBAQUAA0sAMEgCQQC4pcXEL1lgVA+B5Q3TcuW/O3LZHoA73IYm8oFD
TezgCDhL2RTMn+seKWF36UtJKRIOBU9jZHCVVd0Me5ls6BEjAgMBAAEwDQYJKoZI
hvcNAQEEBQADQQBoIpOcwUY1qlVF7j3ROSGvUsbvByOBFmYWkIBgsCqR+9qo1A7L
CrWF5i8LWt/vLwAHaxWNx2YuBJMFyuK81fTvpA0EC3Rlc3Rjb250ZXh0
-----END SSL SESSION PARAMETERS-----

163
lib/libssl/test/testss
View File

@@ -1,163 +0,0 @@
#!/bin/sh
digest='-sha1'
reqcmd="../util/shlib_wrap.sh ../apps/openssl req"
x509cmd="../util/shlib_wrap.sh ../apps/openssl x509 $digest"
verifycmd="../util/shlib_wrap.sh ../apps/openssl verify"
dummycnf="../apps/openssl.cnf"
CAkey="keyCA.ss"
CAcert="certCA.ss"
CAreq="reqCA.ss"
CAconf="CAss.cnf"
CAreq2="req2CA.ss" # temp
Uconf="Uss.cnf"
Ukey="keyU.ss"
Ureq="reqU.ss"
Ucert="certU.ss"
P1conf="P1ss.cnf"
P1key="keyP1.ss"
P1req="reqP1.ss"
P1cert="certP1.ss"
P1intermediate="tmp_intP1.ss"
P2conf="P2ss.cnf"
P2key="keyP2.ss"
P2req="reqP2.ss"
P2cert="certP2.ss"
P2intermediate="tmp_intP2.ss"
echo
echo "make a certificate request using 'req'"
echo "string to make the random number generator think it has entropy" >> ./.rnd
if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
req_new='-newkey dsa:../apps/dsa512.pem'
else
req_new='-new'
fi
$reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new #>err.ss
if [ $? != 0 ]; then
echo "error using 'req' to generate a certificate request"
exit 1
fi
echo
echo "convert the certificate request into a self signed certificate using 'x509'"
$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey -extfile $CAconf -extensions v3_ca >err.ss
if [ $? != 0 ]; then
echo "error using 'x509' to self sign a certificate request"
exit 1
fi
echo
echo "convert a certificate into a certificate request using 'x509'"
$x509cmd -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >err.ss
if [ $? != 0 ]; then
echo "error using 'x509' convert a certificate to a certificate request"
exit 1
fi
$reqcmd -config $dummycnf -verify -in $CAreq -noout
if [ $? != 0 ]; then
echo first generated request is invalid
exit 1
fi
$reqcmd -config $dummycnf -verify -in $CAreq2 -noout
if [ $? != 0 ]; then
echo second generated request is invalid
exit 1
fi
$verifycmd -CAfile $CAcert $CAcert
if [ $? != 0 ]; then
echo first generated cert is invalid
exit 1
fi
echo
echo "make a user certificate request using 'req'"
$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new >err.ss
if [ $? != 0 ]; then
echo "error using 'req' to generate a user certificate request"
exit 1
fi
echo
echo "sign user certificate request with the just created CA via 'x509'"
$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -extfile $Uconf -extensions v3_ee >err.ss
if [ $? != 0 ]; then
echo "error using 'x509' to sign a user certificate request"
exit 1
fi
$verifycmd -CAfile $CAcert $Ucert
echo
echo "Certificate details"
$x509cmd -subject -issuer -startdate -enddate -noout -in $Ucert
echo
echo "make a proxy certificate request using 'req'"
$reqcmd -config $P1conf -out $P1req -keyout $P1key $req_new >err.ss
if [ $? != 0 ]; then
echo "error using 'req' to generate a proxy certificate request"
exit 1
fi
echo
echo "sign proxy certificate request with the just created user certificate via 'x509'"
$x509cmd -CAcreateserial -in $P1req -days 30 -req -out $P1cert -CA $Ucert -CAkey $Ukey -extfile $P1conf -extensions v3_proxy >err.ss
if [ $? != 0 ]; then
echo "error using 'x509' to sign a proxy certificate request"
exit 1
fi
cat $Ucert > $P1intermediate
$verifycmd -CAfile $CAcert -untrusted $P1intermediate $P1cert
echo
echo "Certificate details"
$x509cmd -subject -issuer -startdate -enddate -noout -in $P1cert
echo
echo "make another proxy certificate request using 'req'"
$reqcmd -config $P2conf -out $P2req -keyout $P2key $req_new >err.ss
if [ $? != 0 ]; then
echo "error using 'req' to generate another proxy certificate request"
exit 1
fi
echo
echo "sign second proxy certificate request with the first proxy certificate via 'x509'"
$x509cmd -CAcreateserial -in $P2req -days 30 -req -out $P2cert -CA $P1cert -CAkey $P1key -extfile $P2conf -extensions v3_proxy >err.ss
if [ $? != 0 ]; then
echo "error using 'x509' to sign a second proxy certificate request"
exit 1
fi
cat $Ucert $P1cert > $P2intermediate
$verifycmd -CAfile $CAcert -untrusted $P2intermediate $P2cert
echo
echo "Certificate details"
$x509cmd -subject -issuer -startdate -enddate -noout -in $P2cert
echo
echo The generated CA certificate is $CAcert
echo The generated CA private key is $CAkey
echo The generated user certificate is $Ucert
echo The generated user private key is $Ukey
echo The first generated proxy certificate is $P1cert
echo The first generated proxy private key is $P1key
echo The second generated proxy certificate is $P2cert
echo The second generated proxy private key is $P2key
/bin/rm err.ss
#/bin/rm $P1intermediate
#/bin/rm $P2intermediate
exit 0

178
lib/libssl/test/testssl
View File

@@ -1,178 +0,0 @@
#!/bin/sh
if [ "$1" = "" ]; then
key=../apps/server.pem
else
key="$1"
fi
if [ "$2" = "" ]; then
cert=../apps/server.pem
else
cert="$2"
fi
ssltest="../util/shlib_wrap.sh ./ssltest -key $key -cert $cert -c_key $key -c_cert $cert"
if ../util/shlib_wrap.sh ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
dsa_cert=YES
else
dsa_cert=NO
fi
if [ "$3" = "" ]; then
CA="-CApath ../certs"
else
CA="-CAfile $3"
fi
if [ "$4" = "" ]; then
extra=""
else
extra="$4"
fi
#############################################################################
echo test sslv2
$ssltest -ssl2 $extra || exit 1
echo test sslv2 with server authentication
$ssltest -ssl2 -server_auth $CA $extra || exit 1
if [ $dsa_cert = NO ]; then
echo test sslv2 with client authentication
$ssltest -ssl2 -client_auth $CA $extra || exit 1
echo test sslv2 with both client and server authentication
$ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1
fi
echo test sslv3
$ssltest -ssl3 $extra || exit 1
echo test sslv3 with server authentication
$ssltest -ssl3 -server_auth $CA $extra || exit 1
echo test sslv3 with client authentication
$ssltest -ssl3 -client_auth $CA $extra || exit 1
echo test sslv3 with both client and server authentication
$ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1
echo test sslv2/sslv3
$ssltest $extra || exit 1
echo test sslv2/sslv3 with server authentication
$ssltest -server_auth $CA $extra || exit 1
echo test sslv2/sslv3 with client authentication
$ssltest -client_auth $CA $extra || exit 1
echo test sslv2/sslv3 with both client and server authentication
$ssltest -server_auth -client_auth $CA $extra || exit 1
echo test sslv2 via BIO pair
$ssltest -bio_pair -ssl2 $extra || exit 1
echo test sslv2 with server authentication via BIO pair
$ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1
if [ $dsa_cert = NO ]; then
echo test sslv2 with client authentication via BIO pair
$ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1
echo test sslv2 with both client and server authentication via BIO pair
$ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1
fi
echo test sslv3 via BIO pair
$ssltest -bio_pair -ssl3 $extra || exit 1
echo test sslv3 with server authentication via BIO pair
$ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1
echo test sslv3 with client authentication via BIO pair
$ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1
echo test sslv3 with both client and server authentication via BIO pair
$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1
echo test sslv2/sslv3 via BIO pair
$ssltest $extra || exit 1
if [ $dsa_cert = NO ]; then
echo 'test sslv2/sslv3 w/o (EC)DHE via BIO pair'
$ssltest -bio_pair -no_dhe -no_ecdhe $extra || exit 1
fi
echo test sslv2/sslv3 with 1024bit DHE via BIO pair
$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
echo test sslv2/sslv3 with server authentication
$ssltest -bio_pair -server_auth $CA $extra || exit 1
echo test sslv2/sslv3 with client authentication via BIO pair
$ssltest -bio_pair -client_auth $CA $extra || exit 1
echo test sslv2/sslv3 with both client and server authentication via BIO pair
$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
echo "Testing ciphersuites"
for protocol in TLSv1.2 SSLv3; do
echo "Testing ciphersuites for $protocol"
for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do
echo "Testing $cipher"
prot=""
if [ $protocol = "SSLv3" ] ; then
prot="-ssl3"
fi
$ssltest -cipher $cipher $prot
if [ $? -ne 0 ] ; then
echo "Failed $cipher"
exit 1
fi
done
done
#############################################################################
if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
echo skipping anonymous DH tests
else
echo test tls1 with 1024bit anonymous DH, multiple handshakes
$ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
fi
if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
echo skipping RSA tests
else
echo 'test tls1 with 1024bit RSA, no (EC)DHE, multiple handshakes'
../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -no_ecdhe -num 10 -f -time $extra || exit 1
if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
echo skipping RSA+DHE tests
else
echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
fi
fi
echo test tls1 with PSK
$ssltest -tls1 -cipher PSK -psk abc123 $extra || exit 1
echo test tls1 with PSK via BIO pair
$ssltest -bio_pair -tls1 -cipher PSK -psk abc123 $extra || exit 1
if ../util/shlib_wrap.sh ../apps/openssl no-srp; then
echo skipping SRP tests
else
echo test tls1 with SRP
$ssltest -tls1 -cipher SRP -srpuser test -srppass abc123
echo test tls1 with SRP via BIO pair
$ssltest -bio_pair -tls1 -cipher SRP -srpuser test -srppass abc123
fi
exit 0

10
lib/libssl/test/testsslproxy
View File

@@ -1,10 +0,0 @@
#! /bin/sh
echo 'Testing a lot of proxy conditions.'
echo 'Some of them may turn out being invalid, which is fine.'
for auth in A B C BC; do
for cond in A B C 'A|B&!C'; do
sh ./testssl $1 $2 $3 "-proxy -proxy_auth $auth -proxy_cond $cond"
if [ $? = 3 ]; then exit 1; fi
done
done

238
lib/libssl/test/testtsa
View File

@@ -1,238 +0,0 @@
#!/bin/sh
#
# A few very basic tests for the 'ts' time stamping authority command.
#
SH="/bin/sh"
if test "$OSTYPE" = msdosdjgpp; then
PATH="../apps\;$PATH"
else
PATH="../apps:$PATH"
fi
export SH PATH
OPENSSL_CONF="../CAtsa.cnf"
export OPENSSL_CONF
# Because that's what ../apps/CA.sh really looks at
SSLEAY_CONFIG="-config $OPENSSL_CONF"
export SSLEAY_CONFIG
OPENSSL="`pwd`/../util/opensslwrap.sh"
export OPENSSL
error () {
echo "TSA test failed!" >&2
exit 1
}
setup_dir () {
rm -rf tsa 2>/dev/null
mkdir tsa
cd ./tsa
}
clean_up_dir () {
cd ..
rm -rf tsa
}
create_ca () {
echo "Creating a new CA for the TSA tests..."
TSDNSECT=ts_ca_dn
export TSDNSECT
../../util/shlib_wrap.sh ../../apps/openssl req -new -x509 -nodes \
-out tsaca.pem -keyout tsacakey.pem
test $? != 0 && error
}
create_tsa_cert () {
INDEX=$1
export INDEX
EXT=$2
TSDNSECT=ts_cert_dn
export TSDNSECT
../../util/shlib_wrap.sh ../../apps/openssl req -new \
-out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem
test $? != 0 && error
echo Using extension $EXT
../../util/shlib_wrap.sh ../../apps/openssl x509 -req \
-in tsa_req${INDEX}.pem -out tsa_cert${INDEX}.pem \
-CA tsaca.pem -CAkey tsacakey.pem -CAcreateserial \
-extfile $OPENSSL_CONF -extensions $EXT
test $? != 0 && error
}
print_request () {
../../util/shlib_wrap.sh ../../apps/openssl ts -query -in $1 -text
}
create_time_stamp_request1 () {
../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy1 -cert -out req1.tsq
test $? != 0 && error
}
create_time_stamp_request2 () {
../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy2 -no_nonce \
-out req2.tsq
test $? != 0 && error
}
create_time_stamp_request3 () {
../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../CAtsa.cnf -no_nonce -out req3.tsq
test $? != 0 && error
}
print_response () {
../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $1 -text
test $? != 0 && error
}
create_time_stamp_response () {
../../util/shlib_wrap.sh ../../apps/openssl ts -reply -section $3 -queryfile $1 -out $2
test $? != 0 && error
}
time_stamp_response_token_test () {
RESPONSE2=$2.copy.tsr
TOKEN_DER=$2.token.der
../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $TOKEN_DER -token_out
test $? != 0 && error
../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -out $RESPONSE2
test $? != 0 && error
cmp $RESPONSE2 $2
test $? != 0 && error
../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -text -token_out
test $? != 0 && error
../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -text -token_out
test $? != 0 && error
../../util/shlib_wrap.sh ../../apps/openssl ts -reply -queryfile $1 -text -token_out
test $? != 0 && error
}
verify_time_stamp_response () {
../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
-untrusted tsa_cert1.pem
test $? != 0 && error
../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2 -CAfile tsaca.pem \
-untrusted tsa_cert1.pem
test $? != 0 && error
}
verify_time_stamp_token () {
# create the token from the response first
../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $2.token -token_out
test $? != 0 && error
../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2.token -token_in \
-CAfile tsaca.pem -untrusted tsa_cert1.pem
test $? != 0 && error
../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2.token -token_in \
-CAfile tsaca.pem -untrusted tsa_cert1.pem
test $? != 0 && error
}
verify_time_stamp_response_fail () {
../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
-untrusted tsa_cert1.pem
# Checks if the verification failed, as it should have.
test $? = 0 && error
echo Ok
}
# main functions
echo "Setting up TSA test directory..."
setup_dir
echo "Creating CA for TSA tests..."
create_ca
echo "Creating tsa_cert1.pem TSA server cert..."
create_tsa_cert 1 tsa_cert
echo "Creating tsa_cert2.pem non-TSA server cert..."
create_tsa_cert 2 non_tsa_cert
echo "Creating req1.req time stamp request for file testtsa..."
create_time_stamp_request1
echo "Printing req1.req..."
print_request req1.tsq
echo "Generating valid response for req1.req..."
create_time_stamp_response req1.tsq resp1.tsr tsa_config1
echo "Printing response..."
print_response resp1.tsr
echo "Verifying valid response..."
verify_time_stamp_response req1.tsq resp1.tsr ../testtsa
echo "Verifying valid token..."
verify_time_stamp_token req1.tsq resp1.tsr ../testtsa
# The tests below are commented out, because invalid signer certificates
# can no longer be specified in the config file.
# echo "Generating _invalid_ response for req1.req..."
# create_time_stamp_response req1.tsq resp1_bad.tsr tsa_config2
# echo "Printing response..."
# print_response resp1_bad.tsr
# echo "Verifying invalid response, it should fail..."
# verify_time_stamp_response_fail req1.tsq resp1_bad.tsr
echo "Creating req2.req time stamp request for file testtsa..."
create_time_stamp_request2
echo "Printing req2.req..."
print_request req2.tsq
echo "Generating valid response for req2.req..."
create_time_stamp_response req2.tsq resp2.tsr tsa_config1
echo "Checking '-token_in' and '-token_out' options with '-reply'..."
time_stamp_response_token_test req2.tsq resp2.tsr
echo "Printing response..."
print_response resp2.tsr
echo "Verifying valid response..."
verify_time_stamp_response req2.tsq resp2.tsr ../testtsa
echo "Verifying response against wrong request, it should fail..."
verify_time_stamp_response_fail req1.tsq resp2.tsr
echo "Verifying response against wrong request, it should fail..."
verify_time_stamp_response_fail req2.tsq resp1.tsr
echo "Creating req3.req time stamp request for file CAtsa.cnf..."
create_time_stamp_request3
echo "Printing req3.req..."
print_request req3.tsq
echo "Verifying response against wrong request, it should fail..."
verify_time_stamp_response_fail req3.tsq resp1.tsr
echo "Cleaning up..."
clean_up_dir
exit 0

10
lib/libssl/test/testx509.pem
View File

@@ -1,10 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz
MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF
AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO
/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE
Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ
zl9HYIMxATFyqSiD9jsx
-----END CERTIFICATE-----

113
lib/libssl/test/times
View File

@@ -1,113 +0,0 @@
More number for the questions about SSL overheads....
The following numbers were generated on a Pentium pro 200, running Linux.
They give an indication of the SSL protocol and encryption overheads.
The program that generated them is an unreleased version of ssl/ssltest.c
which is the SSLeay ssl protocol testing program. It is a single process that
talks both sides of the SSL protocol via a non-blocking memory buffer
interface.
How do I read this? The protocol and cipher are reasonable obvious.
The next number is the number of connections being made. The next is the
number of bytes exchanged between the client and server side of the protocol.
This is the number of bytes that the client sends to the server, and then
the server sends back. Because this is all happening in one process,
the data is being encrypted, decrypted, encrypted and then decrypted again.
It is a round trip of that many bytes. Because the one process performs
both the client and server sides of the protocol and it sends this many bytes
each direction, multiply this number by 4 to generate the number
of bytes encrypted/decrypted/MACed. The first time value is how many seconds
elapsed doing a full SSL handshake, the second is the cost of one
full handshake and the rest being session-id reuse.
SSLv2 RC4-MD5 1000 x 1 12.83s 0.70s
SSLv3 NULL-MD5 1000 x 1 14.35s 1.47s
SSLv3 RC4-MD5 1000 x 1 14.46s 1.56s
SSLv3 RC4-MD5 1000 x 1 51.93s 1.62s 1024bit RSA
SSLv3 RC4-SHA 1000 x 1 14.61s 1.83s
SSLv3 DES-CBC-SHA 1000 x 1 14.70s 1.89s
SSLv3 DES-CBC3-SHA 1000 x 1 15.16s 2.16s
SSLv2 RC4-MD5 1000 x 1024 13.72s 1.27s
SSLv3 NULL-MD5 1000 x 1024 14.79s 1.92s
SSLv3 RC4-MD5 1000 x 1024 52.58s 2.29s 1024bit RSA
SSLv3 RC4-SHA 1000 x 1024 15.39s 2.67s
SSLv3 DES-CBC-SHA 1000 x 1024 16.45s 3.55s
SSLv3 DES-CBC3-SHA 1000 x 1024 18.21s 5.38s
SSLv2 RC4-MD5 1000 x 10240 18.97s 6.52s
SSLv3 NULL-MD5 1000 x 10240 17.79s 5.11s
SSLv3 RC4-MD5 1000 x 10240 20.25s 7.90s
SSLv3 RC4-MD5 1000 x 10240 58.26s 8.08s 1024bit RSA
SSLv3 RC4-SHA 1000 x 10240 22.96s 11.44s
SSLv3 DES-CBC-SHA 1000 x 10240 30.65s 18.41s
SSLv3 DES-CBC3-SHA 1000 x 10240 47.04s 34.53s
SSLv2 RC4-MD5 1000 x 102400 70.22s 57.74s
SSLv3 NULL-MD5 1000 x 102400 43.73s 31.03s
SSLv3 RC4-MD5 1000 x 102400 71.32s 58.83s
SSLv3 RC4-MD5 1000 x 102400 109.66s 59.20s 1024bit RSA
SSLv3 RC4-SHA 1000 x 102400 95.88s 82.21s
SSLv3 DES-CBC-SHA 1000 x 102400 173.22s 160.55s
SSLv3 DES-CBC3-SHA 1000 x 102400 336.61s 323.82s
What does this all mean? Well for a server, with no session-id reuse, with
a transfer size of 10240 bytes, using RC4-MD5 and a 512bit server key,
a Pentium pro 200 running Linux can handle the SSLv3 protocol overheads of
about 49 connections a second. Reality will be quite different :-).
Remember the first number is 1000 full ssl handshakes, the second is
1 full and 999 with session-id reuse. The RSA overheads for each exchange
would be one public and one private operation, but the protocol/MAC/cipher
cost would be quite similar in both the client and server.
eric (adding numbers to speculation)
--- Appendix ---
- The time measured is user time but these number a very rough.
- Remember this is the cost of both client and server sides of the protocol.
- The TCP/kernel overhead of connection establishment is normally the
killer in SSL. Often delays in the TCP protocol will make session-id
reuse look slower that new sessions, but this would not be the case on
a loaded server.
- The TCP round trip latencies, while slowing individual connections,
would have minimal impact on throughput.
- Instead of sending one 102400 byte buffer, one 8k buffer is sent until
- the required number of bytes are processed.
- The SSLv3 connections were actually SSLv2 compatible SSLv3 headers.
- A 512bit server key was being used except where noted.
- No server key verification was being performed on the client side of the
protocol. This would slow things down very little.
- The library being used is SSLeay 0.8.x.
- The normal measuring system was commands of the form
time ./ssltest -num 1000 -bytes 102400 -cipher DES-CBC-SHA -reuse
This modified version of ssltest should be in the next public release of
SSLeay.
The general cipher performance number for this platform are
SSLeay 0.8.2a 04-Sep-1997
built on Fri Sep 5 17:37:05 EST 1997
options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
C flags:gcc -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
The 'numbers' are in 1000s of bytes per second processed.
type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
md2 131.02k 368.41k 500.57k 549.21k 566.09k
mdc2 535.60k 589.10k 595.88k 595.97k 594.54k
md5 1801.53k 9674.77k 17484.03k 21849.43k 23592.96k
sha 1261.63k 5533.25k 9285.63k 11187.88k 11913.90k
sha1 1103.13k 4782.53k 7933.78k 9472.34k 10070.70k
rc4 10722.53k 14443.93k 15215.79k 15299.24k 15219.59k
des cbc 3286.57k 3827.73k 3913.39k 3931.82k 3926.70k
des ede3 1443.50k 1549.08k 1561.17k 1566.38k 1564.67k
idea cbc 2203.64k 2508.16k 2538.33k 2543.62k 2547.71k
rc2 cbc 1430.94k 1511.59k 1524.82k 1527.13k 1523.33k
blowfish cbc 4716.07k 5965.82k 6190.17k 6243.67k 6234.11k
sign verify
rsa 512 bits 0.0100s 0.0011s
rsa 1024 bits 0.0451s 0.0012s
rsa 2048 bits 0.2605s 0.0086s
rsa 4096 bits 1.6883s 0.0302s

48
lib/libssl/test/tpkcs7
View File

@@ -1,48 +0,0 @@
#!/bin/sh
cmd='../util/shlib_wrap.sh ../apps/openssl pkcs7'
if [ "$1"x != "x" ]; then
t=$1
else
t=testp7.pem
fi
echo testing pkcs7 conversions
cp $t fff.p
echo "p -> d"
$cmd -in fff.p -inform p -outform d >f.d
if [ $? != 0 ]; then exit 1; fi
echo "p -> p"
$cmd -in fff.p -inform p -outform p >f.p
if [ $? != 0 ]; then exit 1; fi
echo "d -> d"
$cmd -in f.d -inform d -outform d >ff.d1
if [ $? != 0 ]; then exit 1; fi
echo "p -> d"
$cmd -in f.p -inform p -outform d >ff.d3
if [ $? != 0 ]; then exit 1; fi
echo "d -> p"
$cmd -in f.d -inform d -outform p >ff.p1
if [ $? != 0 ]; then exit 1; fi
echo "p -> p"
$cmd -in f.p -inform p -outform p >ff.p3
if [ $? != 0 ]; then exit 1; fi
cmp fff.p f.p
if [ $? != 0 ]; then exit 1; fi
cmp fff.p ff.p1
if [ $? != 0 ]; then exit 1; fi
cmp fff.p ff.p3
if [ $? != 0 ]; then exit 1; fi
cmp f.p ff.p1
if [ $? != 0 ]; then exit 1; fi
cmp f.p ff.p3
if [ $? != 0 ]; then exit 1; fi
/bin/rm -f f.* ff.* fff.*
exit 0

41
lib/libssl/test/tpkcs7d
View File

@@ -1,41 +0,0 @@
#!/bin/sh
cmd='../util/shlib_wrap.sh ../apps/openssl pkcs7'
if [ "$1"x != "x" ]; then
t=$1
else
t=pkcs7-1.pem
fi
echo "testing pkcs7 conversions (2)"
cp $t fff.p
echo "p -> d"
$cmd -in fff.p -inform p -outform d >f.d
if [ $? != 0 ]; then exit 1; fi
echo "p -> p"
$cmd -in fff.p -inform p -outform p >f.p
if [ $? != 0 ]; then exit 1; fi
echo "d -> d"
$cmd -in f.d -inform d -outform d >ff.d1
if [ $? != 0 ]; then exit 1; fi
echo "p -> d"
$cmd -in f.p -inform p -outform d >ff.d3
if [ $? != 0 ]; then exit 1; fi
echo "d -> p"
$cmd -in f.d -inform d -outform p >ff.p1
if [ $? != 0 ]; then exit 1; fi
echo "p -> p"
$cmd -in f.p -inform p -outform p >ff.p3
if [ $? != 0 ]; then exit 1; fi
cmp f.p ff.p1
if [ $? != 0 ]; then exit 1; fi
cmp f.p ff.p3
if [ $? != 0 ]; then exit 1; fi
/bin/rm -f f.* ff.* fff.*
exit 0

83
lib/libssl/test/treq
View File

@@ -1,83 +0,0 @@
#!/bin/sh
cmd='../util/shlib_wrap.sh ../apps/openssl req -config ../apps/openssl.cnf'
if [ "$1"x != "x" ]; then
t=$1
else
t=testreq.pem
fi
if $cmd -in $t -inform p -noout -text 2>&1 | fgrep -i 'Unknown Public Key'; then
echo "skipping req conversion test for $t"
exit 0
fi
echo testing req conversions
cp $t fff.p
echo "p -> d"
$cmd -in fff.p -inform p -outform d >f.d
if [ $? != 0 ]; then exit 1; fi
#echo "p -> t"
#$cmd -in fff.p -inform p -outform t >f.t
#if [ $? != 0 ]; then exit 1; fi
echo "p -> p"
$cmd -in fff.p -inform p -outform p >f.p
if [ $? != 0 ]; then exit 1; fi
echo "d -> d"
$cmd -verify -in f.d -inform d -outform d >ff.d1
if [ $? != 0 ]; then exit 1; fi
#echo "t -> d"
#$cmd -in f.t -inform t -outform d >ff.d2
#if [ $? != 0 ]; then exit 1; fi
echo "p -> d"
$cmd -verify -in f.p -inform p -outform d >ff.d3
if [ $? != 0 ]; then exit 1; fi
#echo "d -> t"
#$cmd -in f.d -inform d -outform t >ff.t1
#if [ $? != 0 ]; then exit 1; fi
#echo "t -> t"
#$cmd -in f.t -inform t -outform t >ff.t2
#if [ $? != 0 ]; then exit 1; fi
#echo "p -> t"
#$cmd -in f.p -inform p -outform t >ff.t3
#if [ $? != 0 ]; then exit 1; fi
echo "d -> p"
$cmd -in f.d -inform d -outform p >ff.p1
if [ $? != 0 ]; then exit 1; fi
#echo "t -> p"
#$cmd -in f.t -inform t -outform p >ff.p2
#if [ $? != 0 ]; then exit 1; fi
echo "p -> p"
$cmd -in f.p -inform p -outform p >ff.p3
if [ $? != 0 ]; then exit 1; fi
cmp fff.p f.p
if [ $? != 0 ]; then exit 1; fi
cmp fff.p ff.p1
if [ $? != 0 ]; then exit 1; fi
#cmp fff.p ff.p2
#if [ $? != 0 ]; then exit 1; fi
cmp fff.p ff.p3
if [ $? != 0 ]; then exit 1; fi
#cmp f.t ff.t1
#if [ $? != 0 ]; then exit 1; fi
#cmp f.t ff.t2
#if [ $? != 0 ]; then exit 1; fi
#cmp f.t ff.t3
#if [ $? != 0 ]; then exit 1; fi
cmp f.p ff.p1
if [ $? != 0 ]; then exit 1; fi
#cmp f.p ff.p2
#if [ $? != 0 ]; then exit 1; fi
cmp f.p ff.p3
if [ $? != 0 ]; then exit 1; fi
/bin/rm -f f.* ff.* fff.*
exit 0

83
lib/libssl/test/trsa
View File

@@ -1,83 +0,0 @@
#!/bin/sh
if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
echo skipping rsa conversion test
exit 0
fi
cmd='../util/shlib_wrap.sh ../apps/openssl rsa'
if [ "$1"x != "x" ]; then
t=$1
else
t=testrsa.pem
fi
echo testing rsa conversions
cp $t fff.p
echo "p -> d"
$cmd -in fff.p -inform p -outform d >f.d
if [ $? != 0 ]; then exit 1; fi
#echo "p -> t"
#$cmd -in fff.p -inform p -outform t >f.t
#if [ $? != 0 ]; then exit 1; fi
echo "p -> p"
$cmd -in fff.p -inform p -outform p >f.p
if [ $? != 0 ]; then exit 1; fi
echo "d -> d"
$cmd -in f.d -inform d -outform d >ff.d1
if [ $? != 0 ]; then exit 1; fi
#echo "t -> d"
#$cmd -in f.t -inform t -outform d >ff.d2
#if [ $? != 0 ]; then exit 1; fi
echo "p -> d"
$cmd -in f.p -inform p -outform d >ff.d3
if [ $? != 0 ]; then exit 1; fi
#echo "d -> t"
#$cmd -in f.d -inform d -outform t >ff.t1
#if [ $? != 0 ]; then exit 1; fi
#echo "t -> t"
#$cmd -in f.t -inform t -outform t >ff.t2
#if [ $? != 0 ]; then exit 1; fi
#echo "p -> t"
#$cmd -in f.p -inform p -outform t >ff.t3
#if [ $? != 0 ]; then exit 1; fi
echo "d -> p"
$cmd -in f.d -inform d -outform p >ff.p1
if [ $? != 0 ]; then exit 1; fi
#echo "t -> p"
#$cmd -in f.t -inform t -outform p >ff.p2
#if [ $? != 0 ]; then exit 1; fi
echo "p -> p"
$cmd -in f.p -inform p -outform p >ff.p3
if [ $? != 0 ]; then exit 1; fi
cmp fff.p f.p
if [ $? != 0 ]; then exit 1; fi
cmp fff.p ff.p1
if [ $? != 0 ]; then exit 1; fi
#cmp fff.p ff.p2
#if [ $? != 0 ]; then exit 1; fi
cmp fff.p ff.p3
if [ $? != 0 ]; then exit 1; fi
#cmp f.t ff.t1
#if [ $? != 0 ]; then exit 1; fi
#cmp f.t ff.t2
#if [ $? != 0 ]; then exit 1; fi
#cmp f.t ff.t3
#if [ $? != 0 ]; then exit 1; fi
cmp f.p ff.p1
if [ $? != 0 ]; then exit 1; fi
#cmp f.p ff.p2
#if [ $? != 0 ]; then exit 1; fi
cmp f.p ff.p3
if [ $? != 0 ]; then exit 1; fi
/bin/rm -f f.* ff.* fff.*
exit 0

78
lib/libssl/test/tsid
View File

@@ -1,78 +0,0 @@
#!/bin/sh
cmd='../util/shlib_wrap.sh ../apps/openssl sess_id'
if [ "$1"x != "x" ]; then
t=$1
else
t=testsid.pem
fi
echo testing session-id conversions
cp $t fff.p
echo "p -> d"
$cmd -in fff.p -inform p -outform d >f.d
if [ $? != 0 ]; then exit 1; fi
#echo "p -> t"
#$cmd -in fff.p -inform p -outform t >f.t
#if [ $? != 0 ]; then exit 1; fi
echo "p -> p"
$cmd -in fff.p -inform p -outform p >f.p
if [ $? != 0 ]; then exit 1; fi
echo "d -> d"
$cmd -in f.d -inform d -outform d >ff.d1
if [ $? != 0 ]; then exit 1; fi
#echo "t -> d"
#$cmd -in f.t -inform t -outform d >ff.d2
#if [ $? != 0 ]; then exit 1; fi
echo "p -> d"
$cmd -in f.p -inform p -outform d >ff.d3
if [ $? != 0 ]; then exit 1; fi
#echo "d -> t"
#$cmd -in f.d -inform d -outform t >ff.t1
#if [ $? != 0 ]; then exit 1; fi
#echo "t -> t"
#$cmd -in f.t -inform t -outform t >ff.t2
#if [ $? != 0 ]; then exit 1; fi
#echo "p -> t"
#$cmd -in f.p -inform p -outform t >ff.t3
#if [ $? != 0 ]; then exit 1; fi
echo "d -> p"
$cmd -in f.d -inform d -outform p >ff.p1
if [ $? != 0 ]; then exit 1; fi
#echo "t -> p"
#$cmd -in f.t -inform t -outform p >ff.p2
#if [ $? != 0 ]; then exit 1; fi
echo "p -> p"
$cmd -in f.p -inform p -outform p >ff.p3
if [ $? != 0 ]; then exit 1; fi
cmp fff.p f.p
if [ $? != 0 ]; then exit 1; fi
cmp fff.p ff.p1
if [ $? != 0 ]; then exit 1; fi
#cmp fff.p ff.p2
#if [ $? != 0 ]; then exit 1; fi
cmp fff.p ff.p3
if [ $? != 0 ]; then exit 1; fi
#cmp f.t ff.t1
#if [ $? != 0 ]; then exit 1; fi
#cmp f.t ff.t2
#if [ $? != 0 ]; then exit 1; fi
#cmp f.t ff.t3
#if [ $? != 0 ]; then exit 1; fi
cmp f.p ff.p1
if [ $? != 0 ]; then exit 1; fi
#cmp f.p ff.p2
#if [ $? != 0 ]; then exit 1; fi
cmp f.p ff.p3
if [ $? != 0 ]; then exit 1; fi
/bin/rm -f f.* ff.* fff.*
exit 0

78
lib/libssl/test/tx509
View File

@@ -1,78 +0,0 @@
#!/bin/sh
cmd='../util/shlib_wrap.sh ../apps/openssl x509'
if [ "$1"x != "x" ]; then
t=$1
else
t=testx509.pem
fi
echo testing X509 conversions
cp $t fff.p
echo "p -> d"
$cmd -in fff.p -inform p -outform d >f.d
if [ $? != 0 ]; then exit 1; fi
echo "p -> n"
$cmd -in fff.p -inform p -outform n >f.n
if [ $? != 0 ]; then exit 1; fi
echo "p -> p"
$cmd -in fff.p -inform p -outform p >f.p
if [ $? != 0 ]; then exit 1; fi
echo "d -> d"
$cmd -in f.d -inform d -outform d >ff.d1
if [ $? != 0 ]; then exit 1; fi
echo "n -> d"
$cmd -in f.n -inform n -outform d >ff.d2
if [ $? != 0 ]; then exit 1; fi
echo "p -> d"
$cmd -in f.p -inform p -outform d >ff.d3
if [ $? != 0 ]; then exit 1; fi
echo "d -> n"
$cmd -in f.d -inform d -outform n >ff.n1
if [ $? != 0 ]; then exit 1; fi
echo "n -> n"
$cmd -in f.n -inform n -outform n >ff.n2
if [ $? != 0 ]; then exit 1; fi
echo "p -> n"
$cmd -in f.p -inform p -outform n >ff.n3
if [ $? != 0 ]; then exit 1; fi
echo "d -> p"
$cmd -in f.d -inform d -outform p >ff.p1
if [ $? != 0 ]; then exit 1; fi
echo "n -> p"
$cmd -in f.n -inform n -outform p >ff.p2
if [ $? != 0 ]; then exit 1; fi
echo "p -> p"
$cmd -in f.p -inform p -outform p >ff.p3
if [ $? != 0 ]; then exit 1; fi
cmp fff.p f.p
if [ $? != 0 ]; then exit 1; fi
cmp fff.p ff.p1
if [ $? != 0 ]; then exit 1; fi
cmp fff.p ff.p2
if [ $? != 0 ]; then exit 1; fi
cmp fff.p ff.p3
if [ $? != 0 ]; then exit 1; fi
cmp f.n ff.n1
if [ $? != 0 ]; then exit 1; fi
cmp f.n ff.n2
if [ $? != 0 ]; then exit 1; fi
cmp f.n ff.n3
if [ $? != 0 ]; then exit 1; fi
cmp f.p ff.p1
if [ $? != 0 ]; then exit 1; fi
cmp f.p ff.p2
if [ $? != 0 ]; then exit 1; fi
cmp f.p ff.p3
if [ $? != 0 ]; then exit 1; fi
/bin/rm -f f.* ff.* fff.*
exit 0

16
lib/libssl/test/v3-cert1.pem
View File

@@ -1,16 +0,0 @@
-----BEGIN CERTIFICATE-----
MIICjTCCAfigAwIBAgIEMaYgRzALBgkqhkiG9w0BAQQwRTELMAkGA1UEBhMCVVMx
NjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlz
dHJhdGlvbjAmFxE5NjA1MjgxMzQ5MDUrMDgwMBcROTgwNTI4MTM0OTA1KzA4MDAw
ZzELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEgMAkGA1UEBRMCMTYwEwYDVQQDEwxTdGV2
ZSBTY2hvY2gwWDALBgkqhkiG9w0BAQEDSQAwRgJBALrAwyYdgxmzNP/ts0Uyf6Bp
miJYktU/w4NG67ULaN4B5CnEz7k57s9o3YY3LecETgQ5iQHmkwlYDTL2fTgVfw0C
AQOjgaswgagwZAYDVR0ZAQH/BFowWDBWMFQxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
DTALBgNVBAMTBENSTDEwFwYDVR0BAQH/BA0wC4AJODMyOTcwODEwMBgGA1UdAgQR
MA8ECTgzMjk3MDgyM4ACBSAwDQYDVR0KBAYwBAMCBkAwCwYJKoZIhvcNAQEEA4GB
AH2y1VCEw/A4zaXzSYZJTTUi3uawbbFiS2yxHvgf28+8Js0OHXk1H1w2d6qOHH21
X82tZXd/0JtG0g1T9usFFBDvYK8O0ebgz/P5ELJnBL2+atObEuJy1ZZ0pBDWINR3
WkDNLCGiTkCKp0F5EWIrVDwh54NNevkCQRZita+z4IBO
-----END CERTIFICATE-----

16
lib/libssl/test/v3-cert2.pem
View File

@@ -1,16 +0,0 @@
-----BEGIN CERTIFICATE-----
MIICiTCCAfKgAwIBAgIEMeZfHzANBgkqhkiG9w0BAQQFADB9MQswCQYDVQQGEwJD
YTEPMA0GA1UEBxMGTmVwZWFuMR4wHAYDVQQLExVObyBMaWFiaWxpdHkgQWNjZXB0
ZWQxHzAdBgNVBAoTFkZvciBEZW1vIFB1cnBvc2VzIE9ubHkxHDAaBgNVBAMTE0Vu
dHJ1c3QgRGVtbyBXZWIgQ0EwHhcNOTYwNzEyMTQyMDE1WhcNOTYxMDEyMTQyMDE1
WjB0MSQwIgYJKoZIhvcNAQkBExVjb29rZUBpc3NsLmF0bC5ocC5jb20xCzAJBgNV
BAYTAlVTMScwJQYDVQQLEx5IZXdsZXR0IFBhY2thcmQgQ29tcGFueSAoSVNTTCkx
FjAUBgNVBAMTDVBhdWwgQS4gQ29va2UwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA
6ceSq9a9AU6g+zBwaL/yVmW1/9EE8s5you1mgjHnj0wAILuoB3L6rm6jmFRy7QZT
G43IhVZdDua4e+5/n1ZslwIDAQABo2MwYTARBglghkgBhvhCAQEEBAMCB4AwTAYJ
YIZIAYb4QgENBD8WPVRoaXMgY2VydGlmaWNhdGUgaXMgb25seSBpbnRlbmRlZCBm
b3IgZGVtb25zdHJhdGlvbiBwdXJwb3Nlcy4wDQYJKoZIhvcNAQEEBQADgYEAi8qc
F3zfFqy1sV8NhjwLVwOKuSfhR/Z8mbIEUeSTlnH3QbYt3HWZQ+vXI8mvtZoBc2Fz
lexKeIkAZXCesqGbs6z6nCt16P6tmdfbZF3I3AWzLquPcOXjPf4HgstkyvVBn0Ap
jAFN418KF/Cx4qyHB4cjdvLrRjjQLnb2+ibo7QU=
-----END CERTIFICATE-----