Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / lk / a8fa74c31fe72f9568888db9a8fbc91da0cfb7fa / . / lib / openssl / android.testssl / testssl
blob: 3f24b1d0a7295c7809d6a5c87b9b6ce21315dbef [file] [log] [blame]
Kinson Chika8fa74c2011-07-29 11:33:41 -0700[diff] [blame^]1#!/bin/sh
2
3if [ "$1" = "" ]; then
4 key=../apps/server.pem
5else
6 key="$1"
7fi
8if [ "$2" = "" ]; then
9 cert=../apps/server.pem
10else
11 cert="$2"
12fi
13ssltest="adb shell /system/bin/ssltest -key $key -cert $cert -c_key $key -c_cert $cert"
14
15if adb shell /system/bin/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
16 dsa_cert=YES
17else
18 dsa_cert=NO
19fi
20
21if [ "$3" = "" ]; then
22 CA="-CApath ../certs"
23else
24 CA="-CAfile $3"
25fi
26
27if [ "$4" = "" ]; then
28 extra=""
29else
30 extra="$4"
31fi
32
33#############################################################################
34
35echo test sslv2
36$ssltest -ssl2 $extra || exit 1
37
38echo test sslv2 with server authentication
39$ssltest -ssl2 -server_auth $CA $extra || exit 1
40
41if [ $dsa_cert = NO ]; then
42 echo test sslv2 with client authentication
43 $ssltest -ssl2 -client_auth $CA $extra || exit 1
44
45 echo test sslv2 with both client and server authentication
46 $ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1
47fi
48
49echo test sslv3
50$ssltest -ssl3 $extra || exit 1
51
52echo test sslv3 with server authentication
53$ssltest -ssl3 -server_auth $CA $extra || exit 1
54
55echo test sslv3 with client authentication
56$ssltest -ssl3 -client_auth $CA $extra || exit 1
57
58echo test sslv3 with both client and server authentication
59$ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1
60
61echo test sslv2/sslv3
62$ssltest $extra || exit 1
63
64echo test sslv2/sslv3 with server authentication
65$ssltest -server_auth $CA $extra || exit 1
66
67echo test sslv2/sslv3 with client authentication
68$ssltest -client_auth $CA $extra || exit 1
69
70echo test sslv2/sslv3 with both client and server authentication
71$ssltest -server_auth -client_auth $CA $extra || exit 1
72
73echo test sslv2/sslv3 with both client and server authentication and small client buffers
74$ssltest -server_auth -client_auth -c_small_records $CA $extra || exit 1
75
76echo test sslv2/sslv3 with both client and server authentication and small server buffers
77$ssltest -server_auth -client_auth -s_small_records $CA $extra || exit 1
78
79echo test sslv2/sslv3 with both client and server authentication and small client and server buffers
80$ssltest -server_auth -client_auth -c_small_records -s_small_records $CA $extra || exit 1
81
82echo test sslv2/sslv3 with both client and server authentication and handshake cutthrough
83$ssltest -server_auth -client_auth -cutthrough $CA $extra || exit 1
84
85echo test sslv2 via BIO pair
86$ssltest -bio_pair -ssl2 $extra || exit 1
87
88echo test sslv2 with server authentication via BIO pair
89$ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1
90
91if [ $dsa_cert = NO ]; then
92 echo test sslv2 with client authentication via BIO pair
93 $ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1
94
95 echo test sslv2 with both client and server authentication via BIO pair
96 $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1
97fi
98
99echo test sslv3 via BIO pair
100$ssltest -bio_pair -ssl3 $extra || exit 1
101
102echo test sslv3 with server authentication via BIO pair
103$ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1
104
105echo test sslv3 with client authentication via BIO pair
106$ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1
107
108echo test sslv3 with both client and server authentication via BIO pair
109$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1
110
111echo test sslv2/sslv3 via BIO pair
112$ssltest $extra || exit 1
113
114if [ $dsa_cert = NO ]; then
115 echo test sslv2/sslv3 w/o DHE via BIO pair
116 $ssltest -bio_pair -no_dhe $extra || exit 1
117fi
118
119echo test sslv2/sslv3 with 1024bit DHE via BIO pair
120$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
121
122echo test sslv2/sslv3 with server authentication
123$ssltest -bio_pair -server_auth $CA $extra || exit 1
124
125echo test sslv2/sslv3 with client authentication via BIO pair
126$ssltest -bio_pair -client_auth $CA $extra || exit 1
127
128echo test sslv2/sslv3 with both client and server authentication via BIO pair
129$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
130
131echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
132$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
133
134#############################################################################
135
136if [ `adb shell /system/bin/openssl no-dh` = no-dh ]; then
137 echo skipping anonymous DH tests
138else
139 echo test tls1 with 1024bit anonymous DH, multiple handshakes
140 $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
141fi
142
143if [ `adb shell /system/bin/openssl no-rsa` = no-dh ]; then
144 echo skipping RSA tests
145else
146 echo test tls1 with 1024bit RSA, no DHE, multiple handshakes
147 adb shell /system/bin/ssltest -v -bio_pair -tls1 -cert /sdcard/android.testssl/server2.pem -no_dhe -num 10 -f -time $extra || exit 1
148
149 if [ `adb shell /system/bin/openssl no-dh` = no-dh ]; then
150 echo skipping RSA+DHE tests
151 else
152 echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
153 adb shell /system/bin/ssltest -v -bio_pair -tls1 -cert /sdcard/android.testssl/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
154 fi
155fi
156
157echo test tls1 with PSK
158$ssltest -tls1 -cipher PSK -psk abc123 $extra || exit 1
159
160echo test tls1 with PSK via BIO pair
161$ssltest -bio_pair -tls1 -cipher PSK -psk abc123 $extra || exit 1
162
163exit 0