Enable tests on Visual Studio
- add patch for aeadtest.c to undef IN - add patch for ocsp_test.c to call BIO_sock_init() before getaddrinfo() - define STDERR_FILENO in unistd.h to build pkcs7test.c - add option ENABLE_VSTEST(default OFF) to enable test on Visual Studio - modify to pass test data file as an argument (aeadtest, evptest) - add Windows scripts (ocsptest, pq_test, ssltest, testdsa, testenc, testrsa) - do not build pidwraptest on MSVC - fix some indentations
This commit is contained in:
kinichiro
157
tests/testssl.bat
Normal file
157
tests/testssl.bat
Normal file
@@ -0,0 +1,157 @@
|
||||
@echo off
|
||||
setlocal enabledelayedexpansion
|
||||
REM testssl.bat
|
||||
|
||||
set key=%1
|
||||
set cert=%2
|
||||
set CA=-CAfile %3
|
||||
set ssltest=%4 -key %key% -cert %cert% -c_key %key% -c_cert %cert%
|
||||
set openssl=%5
|
||||
set extra=%6
|
||||
|
||||
%openssl% version & if !errorlevel! neq 0 exit /b 1
|
||||
|
||||
for /f "usebackq" %%s in (`%openssl% x509 -in %cert% -text -noout ^| find /c "DSA Public Key"`) do set lines=%%s
|
||||
if %lines% gtr 0 (
|
||||
set dsa_cert=YES
|
||||
) else (
|
||||
set dsa_cert=NO
|
||||
)
|
||||
|
||||
REM #########################################################################
|
||||
|
||||
echo test sslv2/sslv3
|
||||
%ssltest% %extra% & if !errorlevel! neq 0 exit /b 1
|
||||
|
||||
echo test sslv2/sslv3 with server authentication
|
||||
%ssltest% -server_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1
|
||||
|
||||
echo test sslv2/sslv3 with client authentication
|
||||
%ssltest% -client_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1
|
||||
|
||||
echo test sslv2/sslv3 with both client and server authentication
|
||||
%ssltest% -server_auth -client_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1
|
||||
|
||||
echo test sslv2/sslv3 via BIO pair
|
||||
%ssltest% %extra% & if !errorlevel! neq 0 exit /b 1
|
||||
|
||||
if %dsa_cert%==NO (
|
||||
echo "test sslv2/sslv3 w/o (EC)DHE via BIO pair"
|
||||
%ssltest% -bio_pair -no_dhe -no_ecdhe %extra% & if !errorlevel! neq 0 exit /b 1
|
||||
)
|
||||
|
||||
echo test sslv2/sslv3 with 1024bit DHE via BIO pair
|
||||
%ssltest% -bio_pair -dhe1024dsa -v %extra% & if !errorlevel! neq 0 exit /b 1
|
||||
|
||||
echo test sslv2/sslv3 with server authentication
|
||||
%ssltest% -bio_pair -server_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1
|
||||
|
||||
echo test sslv2/sslv3 with client authentication via BIO pair
|
||||
%ssltest% -bio_pair -client_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1
|
||||
|
||||
echo test sslv2/sslv3 with both client and server authentication via BIO pair
|
||||
%ssltest% -bio_pair -server_auth -client_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1
|
||||
|
||||
echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
|
||||
%ssltest% -bio_pair -server_auth -client_auth -app_verify %CA% %extra% & if !errorlevel! neq 0 exit /b 1
|
||||
|
||||
echo "Testing ciphersuites"
|
||||
for %%p in ( TLSv1.2 ) do (
|
||||
echo "Testing ciphersuites for %%p"
|
||||
for /f "usebackq" %%c in (`%openssl% ciphers -v "%%p+aRSA"`) do (
|
||||
echo "Testing %%c"
|
||||
%ssltest% -cipher %%c
|
||||
if !errorlevel! neq 0 (
|
||||
echo "Failed %%c"
|
||||
exit /b 1
|
||||
)
|
||||
)
|
||||
)
|
||||
|
||||
REM ##########################################################################
|
||||
|
||||
for /f "usebackq" %%s in (`%openssl% no-dh`) do set nodh=%%s
|
||||
if %nodh%==no-dh (
|
||||
echo skipping anonymous DH tests
|
||||
) else (
|
||||
echo test tls1 with 1024bit anonymous DH, multiple handshakes
|
||||
%ssltest% -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time %extra% & if !errorlevel! neq 0 exit /b 1
|
||||
)
|
||||
|
||||
REM #for /f "usebackq" %%s in (`%openssl% no-rsa`) do set norsa=%%s
|
||||
REM #if %norsa%==no-rsa (
|
||||
REM # echo skipping RSA tests
|
||||
REM #) else (
|
||||
REM # echo "test tls1 with 1024bit RSA, no (EC)DHE, multiple handshakes"
|
||||
REM # %ssltest% -v -bio_pair -tls1 -cert ..\apps\server2.pem -no_dhe -no_ecdhe -num 10 -f -time %extra% & if !errorlevel! neq 0 exit /b 1
|
||||
REM #
|
||||
REM # for /f "usebackq" %%s in (`%openssl% no-dh`) do set nodh=%%s
|
||||
REM # if %nodh%==no-dh (
|
||||
REM # echo skipping RSA+DHE tests
|
||||
REM # ) else (
|
||||
REM # echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
|
||||
REM # %ssltest% -v -bio_pair -tls1 -cert ..\apps\server2.pem -dhe1024dsa -num 10 -f -time %extra% & if !errorlevel! neq 0 exit /b 1
|
||||
REM # )
|
||||
REM #)
|
||||
|
||||
REM #
|
||||
REM # DTLS tests
|
||||
REM #
|
||||
|
||||
echo test dtlsv1
|
||||
%ssltest% -dtls1 %extra% & if !errorlevel! neq 0 exit /b 1
|
||||
|
||||
echo test dtlsv1 with server authentication
|
||||
%ssltest% -dtls1 -server_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1
|
||||
|
||||
echo test dtlsv1 with client authentication
|
||||
%ssltest% -dtls1 -client_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1
|
||||
|
||||
echo test dtlsv1 with both client and server authentication
|
||||
%ssltest% -dtls1 -server_auth -client_auth %CA% %extra% & if !errorlevel! neq 0 exit /b 1
|
||||
|
||||
echo "Testing DTLS ciphersuites"
|
||||
for %%p in ( SSLv3 ) do (
|
||||
echo "Testing ciphersuites for %%p"
|
||||
for /f "usebackq" %%c in (`%openssl% ciphers -v "RSA+%%p:-RC4"`) do (
|
||||
echo "Testing %%c"
|
||||
%ssltest% -cipher %%c -dtls1
|
||||
if !errorlevel! neq 0 (
|
||||
echo "Failed %%c"
|
||||
exit /b 1
|
||||
)
|
||||
)
|
||||
)
|
||||
|
||||
REM #
|
||||
REM # Next Protocol Negotiation tests
|
||||
REM #
|
||||
echo "Testing NPN..."
|
||||
%ssltest% -bio_pair -tls1 -npn_client & if !errorlevel! neq 0 exit /b 1
|
||||
%ssltest% -bio_pair -tls1 -npn_server & if !errorlevel! neq 0 exit /b 1
|
||||
%ssltest% -bio_pair -tls1 -npn_server_reject & if !errorlevel! neq 0 exit /b 1
|
||||
%ssltest% -bio_pair -tls1 -npn_client -npn_server_reject & if !errorlevel! neq 0 exit /b 1
|
||||
%ssltest% -bio_pair -tls1 -npn_client -npn_server & if !errorlevel! neq 0 exit /b 1
|
||||
%ssltest% -bio_pair -tls1 -npn_client -npn_server -num 2 & if !errorlevel! neq 0 exit /b 1
|
||||
%ssltest% -bio_pair -tls1 -npn_client -npn_server -num 2 -reuse & if !errorlevel! neq 0 exit /b 1
|
||||
|
||||
REM #
|
||||
REM # ALPN tests
|
||||
REM #
|
||||
echo "Testing ALPN..."
|
||||
%ssltest% -bio_pair -tls1 -alpn_client foo -alpn_server bar & if !errorlevel! neq 0 exit /b 1
|
||||
%ssltest% -bio_pair -tls1 -alpn_client foo -alpn_server foo ^
|
||||
-alpn_expected foo & if !errorlevel! neq 0 exit /b 1
|
||||
%ssltest% -bio_pair -tls1 -alpn_client foo,bar -alpn_server foo ^
|
||||
-alpn_expected foo & if !errorlevel! neq 0 exit /b 1
|
||||
%ssltest% -bio_pair -tls1 -alpn_client bar,foo -alpn_server foo ^
|
||||
-alpn_expected foo & if !errorlevel! neq 0 exit /b 1
|
||||
%ssltest% -bio_pair -tls1 -alpn_client bar,foo -alpn_server foo,bar ^
|
||||
-alpn_expected foo & if !errorlevel! neq 0 exit /b 1
|
||||
%ssltest% -bio_pair -tls1 -alpn_client bar,foo -alpn_server bar,foo ^
|
||||
-alpn_expected bar & if !errorlevel! neq 0 exit /b 1
|
||||
%ssltest% -bio_pair -tls1 -alpn_client foo,bar -alpn_server bar,foo ^
|
||||
-alpn_expected bar & if !errorlevel! neq 0 exit /b 1
|
||||
%ssltest% -bio_pair -tls1 -alpn_client baz -alpn_server bar,foo & if !errorlevel! neq 0 exit /b 1
|
||||
|
||||
endlocal
|
||||
Reference in New Issue
Block a user