diff options
Diffstat (limited to 'openssl-1.1.0h/test/recipes')
153 files changed, 10779 insertions, 0 deletions
diff --git a/openssl-1.1.0h/test/recipes/01-test_abort.t b/openssl-1.1.0h/test/recipes/01-test_abort.t new file mode 100644 index 0000000..2f121e2 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/01-test_abort.t @@ -0,0 +1,16 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test; + +setup("test_abort"); + +plan tests => 1; + +is(run(test(["aborttest"])), 0, "Testing that abort is caught correctly"); diff --git a/openssl-1.1.0h/test/recipes/01-test_sanity.t b/openssl-1.1.0h/test/recipes/01-test_sanity.t new file mode 100644 index 0000000..f01466d --- /dev/null +++ b/openssl-1.1.0h/test/recipes/01-test_sanity.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_sanity", "sanitytest"); diff --git a/openssl-1.1.0h/test/recipes/01-test_symbol_presence.t b/openssl-1.1.0h/test/recipes/01-test_symbol_presence.t new file mode 100644 index 0000000..7f2a2d7 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/01-test_symbol_presence.t @@ -0,0 +1,116 @@ +#! /usr/bin/env perl +# -*- mode: Perl -*- +# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use File::Spec::Functions qw(devnull); +use OpenSSL::Test qw(:DEFAULT srctop_file bldtop_dir bldtop_file); +use OpenSSL::Test::Utils; + +setup("test_symbol_presence"); + +plan skip_all => "Only useful when building shared libraries" + if disabled("shared"); + +my @libnames = ("crypto", "ssl"); +my $testcount = scalar @libnames; + +plan tests => $testcount * 2; + +note + "NOTE: developer test! It's possible that it won't run on your\n", + "platform, and that's perfectly fine. This is mainly for developers\n", + "on Unix to check that our shared libraries are consistent with the\n", + "ordinals (util/*.num in the source tree), something that should be\n", + "good enough a check for the other platforms as well.\n"; + +foreach my $libname (@libnames) { + SKIP: + { + my $shlibpath = bldtop_file("lib" . $libname . ".so"); + *OSTDERR = *STDERR; + *OSTDOUT = *STDOUT; + open STDERR, ">", devnull(); + open STDOUT, ">", devnull(); + my @nm_lines = map { s|\R$||; $_ } `nm -Pg $shlibpath 2> /dev/null`; + close STDERR; + close STDOUT; + *STDERR = *OSTDERR; + *STDOUT = *OSTDOUT; + skip "Can't run 'nm -Pg $shlibpath' => $?... ignoring", 2 + unless $? == 0; + + my $bldtop = bldtop_dir(); + my @def_lines; + indir $bldtop => sub { + my $mkdefpath = srctop_file("util", "mkdef.pl"); + @def_lines = map { s|\R$||; $_ } `$^X $mkdefpath $libname linux 2> /dev/null`; + ok($? == 0, "running 'cd $bldtop; $^X $mkdefpath $libname linux' => $?"); + }, create => 0, cleanup => 0; + + note "Number of lines in \@nm_lines before massaging: ", scalar @nm_lines; + note "Number of lines in \@def_lines before massaging: ", scalar @def_lines; + + # Massage the nm output to only contain defined symbols + @nm_lines = sort map { s| .*||; $_ } grep(m|.* [BCDST] .*|, @nm_lines); + + # Massage the mkdef.pl output to only contain global symbols + # The output we got is in Unix .map format, which has a global + # and a local section. We're only interested in the global + # section. + my $in_global = 0; + @def_lines = + sort + map { s|;||; s|\s+||g; $_ } + grep { $in_global = 1 if m|global:|; + $in_global = 0 if m|local:|; + $in_global = 0 if m|\}|; + $in_global && m|;|; } @def_lines; + + note "Number of lines in \@nm_lines after massaging: ", scalar @nm_lines; + note "Number of lines in \@def_lines after massaging: ", scalar @def_lines; + + # Maintain lists of symbols that are missing in the shared library, + # or that are extra. + my @missing = (); + my @extra = (); + + while (scalar @nm_lines || scalar @def_lines) { + my $nm_first = $nm_lines[0]; + my $def_first = $def_lines[0]; + + if (!defined($nm_first)) { + push @missing, shift @def_lines; + } elsif (!defined($def_first)) { + push @extra, shift @nm_lines; + } elsif ($nm_first gt $def_first) { + push @missing, shift @def_lines; + } elsif ($nm_first lt $def_first) { + push @extra, shift @nm_lines; + } else { + shift @def_lines; + shift @nm_lines; + } + } + + if (scalar @missing) { + note "The following symbols are missing in lib$libname.so:"; + foreach (@missing) { + note " $_"; + } + } + if (scalar @extra) { + note "The following symbols are extra in lib$libname.so:"; + foreach (@extra) { + note " $_"; + } + } + ok(scalar @missing == 0, + "check that there are no missing symbols in lib$libname.so"); + } +} diff --git a/openssl-1.1.0h/test/recipes/02-test_ordinals.t b/openssl-1.1.0h/test/recipes/02-test_ordinals.t new file mode 100644 index 0000000..473d05b --- /dev/null +++ b/openssl-1.1.0h/test/recipes/02-test_ordinals.t @@ -0,0 +1,58 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_ordinals"); + +plan tests => 2; + +ok(testordinals(srctop_file("util", "libcrypto.num")), "Test libcrypto.num"); +ok(testordinals(srctop_file("util", "libssl.num")), "Test libssl.num"); + +sub testordinals +{ + my $filename = shift; + my $cnt = 0; + my $ret = 1; + my $qualifier = ""; + my $newqual; + my $lastfunc = ""; + + open(my $fh, '<', $filename); + while (my $line = <$fh>) { + my @tokens = split(/(?:\s+|\s*:\s*)/, $line); + #Check the line looks sane + if ($#tokens < 5 || $#tokens > 6) { + print STDERR "Invalid line:\n$line\n"; + $ret = 0; + last; + } + if ($tokens[3] eq "NOEXIST") { + #Ignore this line + next; + } + #Some ordinals can be repeated, e.g. if one is VMS and another is !VMS + $newqual = $tokens[4]; + $newqual =~ s/!//g; + if ($cnt > $tokens[1] + || ($cnt == $tokens[1] && ($qualifier ne $newqual + || $qualifier eq ""))) { + print STDERR "Invalid ordinal detected: ".$tokens[1]."\n"; + $ret = 0; + last; + } + $cnt = $tokens[1]; + $qualifier = $newqual; + $lastfunc = $tokens[0]; + } + close($fh); + + return $ret; +} diff --git a/openssl-1.1.0h/test/recipes/03-test_exdata.t b/openssl-1.1.0h/test/recipes/03-test_exdata.t new file mode 100644 index 0000000..da66f95 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/03-test_exdata.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_exdata", "exdatatest"); diff --git a/openssl-1.1.0h/test/recipes/03-test_ui.t b/openssl-1.1.0h/test/recipes/03-test_ui.t new file mode 100644 index 0000000..b1065d1 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/03-test_ui.t @@ -0,0 +1,30 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use warnings; +use OpenSSL::Test; + +setup("test_ui"); + +plan tests => 1; + +note <<"EOF"; +The best way to test the UI interface is currently by using an openssl +command that uses password_callback. The only one that does this is +'genrsa'. +Since password_callback uses a UI method derived from UI_OpenSSL(), it +ensures that one gets tested well enough as well. +EOF + +my $outfile = "rsa_$$.pem"; +ok(run(app(["openssl", "genrsa", "-passout", "pass:password", "-aes128", + "-out", $outfile])), + "Checking that genrsa with a password works properly"); + +unlink $outfile; diff --git a/openssl-1.1.0h/test/recipes/04-test_pem.t b/openssl-1.1.0h/test/recipes/04-test_pem.t new file mode 100644 index 0000000..48f62ff --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem.t @@ -0,0 +1,106 @@ +#! /usr/bin/env perl +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html +# +# ====================================================================== + + +use strict; +use warnings; + +use File::Compare qw/compare_text/; +use File::Basename; +use OpenSSL::Test qw/:DEFAULT srctop_file data_file/; +use OpenSSL::Test::Utils; + +setup("test_pem_reading"); + +my $testsrc = srctop_file("test", "recipes", basename($0)); + +my $cmd = "openssl"; + +# map input PEM file to 1 if it should be accepted; 0 when should be rejected +my %cert_expected = ( + "cert-1023line.pem" => 1, + "cert-1024line.pem" => 1, + "cert-1025line.pem" => 1, + "cert-255line.pem" => 1, + "cert-256line.pem" => 1, + "cert-257line.pem" => 1, + "cert-blankline.pem" => 0, + "cert-comment.pem" => 0, + "cert-earlypad.pem" => 0, + "cert-extrapad.pem" => 0, + "cert-infixwhitespace.pem" => 1, + "cert-junk.pem" => 0, + "cert-leadingwhitespace.pem" => 1, + "cert-longline.pem" => 1, + "cert-misalignedpad.pem" => 0, + "cert-onecolumn.pem" => 1, + "cert-oneline.pem" => 1, + "cert-shortandlongline.pem" => 1, + "cert-shortline.pem" => 1, + "cert-threecolumn.pem" => 1, + "cert-trailingwhitespace.pem" => 1, + "cert.pem" => 1 +); +my %dsa_expected = ( + "dsa-1023line.pem" => 0, + "dsa-1024line.pem" => 0, + "dsa-1025line.pem" => 0, + "dsa-255line.pem" => 0, + "dsa-256line.pem" => 0, + "dsa-257line.pem" => 0, + "dsa-blankline.pem" => 0, + "dsa-comment.pem" => 0, + "dsa-corruptedheader.pem" => 0, + "dsa-corruptiv.pem" => 0, + "dsa-earlypad.pem" => 0, + "dsa-extrapad.pem" => 0, + "dsa-infixwhitespace.pem" => 0, + "dsa-junk.pem" => 0, + "dsa-leadingwhitespace.pem" => 0, + "dsa-longline.pem" => 0, + "dsa-misalignedpad.pem" => 0, + "dsa-onecolumn.pem" => 0, + "dsa-oneline.pem" => 0, + "dsa-onelineheader.pem" => 0, + "dsa-shortandlongline.pem" => 0, + "dsa-shortline.pem" => 0, + "dsa-threecolumn.pem" => 0, + "dsa-trailingwhitespace.pem" => 1, + "dsa.pem" => 1 +); + +plan tests => scalar keys(%cert_expected) + scalar keys(%dsa_expected) + 1; + +foreach my $input (keys %cert_expected) { + my @common = ($cmd, "x509", "-text", "-noout", "-inform", "PEM", "-in"); + my @data = run(app([@common, data_file($input)], stderr => undef), capture => 1); + my @match = grep /The Great State of Long-Winded Certificate Field Names Whereby to Increase the Output Size/, @data; + is((scalar @match > 0 ? 1 : 0), $cert_expected{$input}); +} +SKIP: { + skip "DSA support disabled, skipping...", (scalar keys %dsa_expected) unless !disabled("dsa"); + foreach my $input (keys %dsa_expected) { + my @common = ($cmd, "pkey", "-inform", "PEM", "-passin", "file:" . data_file("wellknown"), "-noout", "-text", "-in"); + my @data; + { + local $ENV{MSYS2_ARG_CONV_EXCL} = "file:"; + @data = run(app([@common, data_file($input)], stderr => undef), capture => 1); + } + my @match = grep /68:42:02:16:63:54:16:eb:06:5c:ab:06:72:3b:78:/, @data; + is((scalar @match > 0 ? 1 : 0), $dsa_expected{$input}); + } +} +SKIP: { + skip "RSA support disabled, skipping...", 1 unless !disabled("rsa"); + my @common = ($cmd, "pkey", "-inform", "PEM", "-noout", "-text", "-in"); + my @data = run(app([@common, data_file("beermug.pem")], stderr => undef), capture => 1); + my @match = grep /00:a0:3a:21:14:5d:cd:b6:d5:a0:3e:49:23:c1:3a:/, @data; + ok(scalar @match > 0 ? 1 : 0); +} diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/NOTES b/openssl-1.1.0h/test/recipes/04-test_pem_data/NOTES new file mode 100644 index 0000000..baafd15 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/NOTES @@ -0,0 +1,3 @@ +The cert-*.pem and dsa-*.pem files are generated as manipulation of the +ASCII text of cert.pem and dsa.pem, respectively -- they should decode to the +same data. diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/beermug.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/beermug.pem new file mode 100644 index 0000000..98b04b7 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/beermug.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQC+qeXl4ZUfQZFmcGAPwdt7Mza4NQ6mJHehc4V/hVYc6eepvL/5 +uyyflzuhVy5ufctdi92FlXcIct5nNPdqK0PPdWH5Uzw0t/OjI5y/SJh8ur20krqw +j/N1IOs63AcGLIVSkwx89iQbxj+2tV+YxFpGunUYyR/bJJWczuDMA/CujQIDAQAB +AoGBAKA6IRRdzbbVoD5JI8E6NZtEP7DwDZ57uPk6Hq86u1JTEzcmguJ4dJitPBRr +Mn7yQgwcNQ5EvCKifdqXvXBAaZuiiPFuCS/gfUw04jVHXWvG8ZvBQC3dutUYnFW7 +hdun8QU/Z6a1BethvESi1J1vgY2+XC4cBIvbutTc9HhMhbQ1AkEA8YTKGsVEYoKE +d7sSx4qjeN4bgzeVgIwRt01wJ1EJN62LhwO+pYSXvTt14aHxiascejJqUhtuWvzR +nuwydqiDpwJBAMoYgUoWdgW4O/C5ZXjiSia54jzrt7upxSq88njTRo/MCQfuJVbc +3GUD+15V0zNhx9D7lcI+1uxhfcD7jWbJEqsCQBrE/SG6e7nvfX9H3O0BEN10wNfq +cUeuPshybNvuv3bMZYqxf5AZAjiXPpmjuYHo1V8191Lid3jeTN2wkGdWhkECQQCI +Rj3oV3z+Hl1M1bc27GBT/MQxkEE0qiXpy780+kJ6dHsifdNv3z4+X5EA656e5zB2 +Gy/A697BRnwlxXpz9OJBAkAUe7Ap0yU8aO6g5g+gsH+18bF0MftWh81VLOo09rRp +SOHxNGGJLE5As5XkCGUZVIass1r8Q4N22Wip0QzeSWDi +- +- . * .. . * * +- * * @()Ooc()* o . +- (Q@*0CG*O() ___ +- |\_________/|/ _ \ +- | | | | | / | | +- | | | | | | | | +- | | | | | | | | +- | | | | | | | | +- | | | | | | | | +- | | | | | \_| | +- | | | | |\___/ +- |\_|__|__|_/| +- \_________/ +- +-----END RSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-1023line.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-1023line.pem new file mode 100644 index 0000000..7ad3103 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-1023line.pem @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIIEzDCCA7QCCQCgxkRox+YljjANBgkqhkiG9w0BAQsFADCCASYxYzBhBgNVBAgM +WlRoZSBHcmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1lcyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwWVG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQgU29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlwaHJhc2lzMT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZW50aWFyeSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwHhcNMTcwMjIzMjAyNTM2WhcNMTcwMzI1MjAyNTM2WjCCASYxYzBhBgNVBAgMWlRoZSBHcmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1lcyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwWVG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQgU29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlwaHJhc2lzMT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZW50aWFyeSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7MOIrqH+ZIJiZdroKMrelKMSvvRKg2MEgj/sx9TaHHqrKys4AiL4Rq/ybQEigFC6G8mpZWbBrU+vN2SLr1ZsPftCHIY12LF560WLYTYNqDgF5BdCZCrjJ2hhN+XwML2tgYdWioV/Eey8SJSqUskf03MpcwnLbVfS +phwmowqNfiEFFqPBCf7E8IVarGWctbMpvlMbAM5owhMev/Ccmqqt81NFkb1WVejv +N5v/JKv243/Xedf4I7ZJv7zKeswoP9piFzWHXCd9SIVzWqF77u/crHufIhoEa7Nk +ZhSC2aosQF619iKnfk0nqWaLDJ182CCXkHERoQC7q9X2IGLDLoA0XAgMBAAEwDQY +JKoZIhvcNAQELBQADggEBAKbtLx+YlCGRCBmYn3dfYF+BIvK/b/e0DKNhDKhb4s9 +JywlJ4qnAB48tgPx0q+ZB+EdMYRqCwyvXJxEdZ7PsCdUeU6xI2ybkhSdUUfQbYem +3aYRG+yukGzazySQJs8lGqxBlRMFl/FGCg+oSQ/I32eGf8micDskj2zkAJtCkUPH +X30YrWMfOwW1r2xYr2mBNXbNWXJhW/sIg5u8aa9fcALeuQcMXkbsbVoPmC5aLdiV +ZrvUFoJ8DPg0aYYwj64RwU0B5HW/7jKhQ25FgKVAzLGrgYx1DivkM7UQGdWYnU8I +AA8S89gRjGk2hnkeagWas3dxqTTpgJDhprgWzyKa9hII= +-----END CERTIFICATE----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-1024line.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-1024line.pem new file mode 100644 index 0000000..fd501c2 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-1024line.pem @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIIEzDCCA7QCCQCgxkRox+YljjANBgkqhkiG9w0BAQsFADCCASYxYzBhBgNVBAgM +WlRoZSBHcmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1lcyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwWVG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQgU29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlwaHJhc2lzMT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZW50aWFyeSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwHhcNMTcwMjIzMjAyNTM2WhcNMTcwMzI1MjAyNTM2WjCCASYxYzBhBgNVBAgMWlRoZSBHcmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1lcyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwWVG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQgU29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlwaHJhc2lzMT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZW50aWFyeSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7MOIrqH+ZIJiZdroKMrelKMSvvRKg2MEgj/sx9TaHHqrKys4AiL4Rq/ybQEigFC6G8mpZWbBrU+vN2SLr1ZsPftCHIY12LF560WLYTYNqDgF5BdCZCrjJ2hhN+XwML2tgYdWioV/Eey8SJSqUskf03MpcwnLbVfSp +hwmowqNfiEFFqPBCf7E8IVarGWctbMpvlMbAM5owhMev/Ccmqqt81NFkb1WVejvN +5v/JKv243/Xedf4I7ZJv7zKeswoP9piFzWHXCd9SIVzWqF77u/crHufIhoEa7NkZ +hSC2aosQF619iKnfk0nqWaLDJ182CCXkHERoQC7q9X2IGLDLoA0XAgMBAAEwDQYJ +KoZIhvcNAQELBQADggEBAKbtLx+YlCGRCBmYn3dfYF+BIvK/b/e0DKNhDKhb4s9J +ywlJ4qnAB48tgPx0q+ZB+EdMYRqCwyvXJxEdZ7PsCdUeU6xI2ybkhSdUUfQbYem3 +aYRG+yukGzazySQJs8lGqxBlRMFl/FGCg+oSQ/I32eGf8micDskj2zkAJtCkUPHX +30YrWMfOwW1r2xYr2mBNXbNWXJhW/sIg5u8aa9fcALeuQcMXkbsbVoPmC5aLdiVZ +rvUFoJ8DPg0aYYwj64RwU0B5HW/7jKhQ25FgKVAzLGrgYx1DivkM7UQGdWYnU8IA +A8S89gRjGk2hnkeagWas3dxqTTpgJDhprgWzyKa9hII= +-----END CERTIFICATE----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-1025line.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-1025line.pem new file mode 100644 index 0000000..2369229 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-1025line.pem @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIIEzDCCA7QCCQCgxkRox+YljjANBgkqhkiG9w0BAQsFADCCASYxYzBhBgNVBAgM +WlRoZSBHcmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVs +ZCBOYW1lcyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwWVG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQgU29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlwaHJhc2lzMT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZW50aWFyeSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwHhcNMTcwMjIzMjAyNTM2WhcNMTcwMzI1MjAyNTM2WjCCASYxYzBhBgNVBAgMWlRoZSBHcmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1lcyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwWVG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQgU29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlwaHJhc2lzMT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZW50aWFyeSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7MOIrqH+ZIJiZdroKMrelKMSvvRKg2MEgj/sx9TaHHqrKys4AiL4Rq/ybQEigFC6G8mpZWbBrU+vN2SLr1ZsPftCHIY12LF560WLYTYNqDgF5BdCZCrjJ2hhN+XwML2tgYdWioV/Eey8SJSqUskf03MpcwnLbVfSphwmowqNfiEFFqPBCf7E8IVarGWctbMpvlMbAM5owhMev/Ccmqqt81NFkb1WVejvN5 +v/JKv243/Xedf4I7ZJv7zKeswoP9piFzWHXCd9SIVzWqF77u/crHufIhoEa7NkZh +SC2aosQF619iKnfk0nqWaLDJ182CCXkHERoQC7q9X2IGLDLoA0XAgMBAAEwDQYJK +oZIhvcNAQELBQADggEBAKbtLx+YlCGRCBmYn3dfYF+BIvK/b/e0DKNhDKhb4s9Jy +wlJ4qnAB48tgPx0q+ZB+EdMYRqCwyvXJxEdZ7PsCdUeU6xI2ybkhSdUUfQbYem3a +YRG+yukGzazySQJs8lGqxBlRMFl/FGCg+oSQ/I32eGf8micDskj2zkAJtCkUPHX3 +0YrWMfOwW1r2xYr2mBNXbNWXJhW/sIg5u8aa9fcALeuQcMXkbsbVoPmC5aLdiVZr +vUFoJ8DPg0aYYwj64RwU0B5HW/7jKhQ25FgKVAzLGrgYx1DivkM7UQGdWYnU8IAA +8S89gRjGk2hnkeagWas3dxqTTpgJDhprgWzyKa9hII= +-----END CERTIFICATE----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-255line.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-255line.pem new file mode 100644 index 0000000..d7fd1f1 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-255line.pem @@ -0,0 +1,25 @@ +-----BEGIN CERTIFICATE----- +MIIEzDCCA7QCCQCgxkRox+YljjANBgkqhkiG9w0BAQsFADCCASYxYzBhBgNVBAgM +WlRoZSBHcmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1lcyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwWVG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQgU29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcml +waHJhc2lzMT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdml +kZW50aWFyeSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwHhc +NMTcwMjIzMjAyNTM2WhcNMTcwMzI1MjAyNTM2WjCCASYxYzBhBgNVBAgMWlRoZSB +HcmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1 +lcyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBww +WVG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQ +gU29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlwaHJhc2l +zMT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZW50aWF +yeSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwggEiMA0GCSq +GSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7MOIrqH+ZIJiZdroKMrelKMSvvRKg2ME +gj/sx9TaHHqrKys4AiL4Rq/ybQEigFC6G8mpZWbBrU+vN2SLr1ZsPftCHIY12LF5 +60WLYTYNqDgF5BdCZCrjJ2hhN+XwML2tgYdWioV/Eey8SJSqUskf03MpcwnLbVfS +phwmowqNfiEFFqPBCf7E8IVarGWctbMpvlMbAM5owhMev/Ccmqqt81NFkb1WVejv +N5v/JKv243/Xedf4I7ZJv7zKeswoP9piFzWHXCd9SIVzWqF77u/crHufIhoEa7Nk +ZhSC2aosQF619iKnfk0nqWaLDJ182CCXkHERoQC7q9X2IGLDLoA0XAgMBAAEwDQY +JKoZIhvcNAQELBQADggEBAKbtLx+YlCGRCBmYn3dfYF+BIvK/b/e0DKNhDKhb4s9 +JywlJ4qnAB48tgPx0q+ZB+EdMYRqCwyvXJxEdZ7PsCdUeU6xI2ybkhSdUUfQbYem +3aYRG+yukGzazySQJs8lGqxBlRMFl/FGCg+oSQ/I32eGf8micDskj2zkAJtCkUPH +X30YrWMfOwW1r2xYr2mBNXbNWXJhW/sIg5u8aa9fcALeuQcMXkbsbVoPmC5aLdiV +ZrvUFoJ8DPg0aYYwj64RwU0B5HW/7jKhQ25FgKVAzLGrgYx1DivkM7UQGdWYnU8I +AA8S89gRjGk2hnkeagWas3dxqTTpgJDhprgWzyKa9hII= +-----END CERTIFICATE----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-256line.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-256line.pem new file mode 100644 index 0000000..225bdb6 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-256line.pem @@ -0,0 +1,25 @@ +-----BEGIN CERTIFICATE----- +MIIEzDCCA7QCCQCgxkRox+YljjANBgkqhkiG9w0BAQsFADCCASYxYzBhBgNVBAgM +WlRoZSBHcmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1lcyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwWVG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQgU29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlw +aHJhc2lzMT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlk +ZW50aWFyeSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwHhcN +MTcwMjIzMjAyNTM2WhcNMTcwMzI1MjAyNTM2WjCCASYxYzBhBgNVBAgMWlRoZSBH +cmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1l +cyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwW +VG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQg +U29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlwaHJhc2lz +MT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZW50aWFy +eSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7MOIrqH+ZIJiZdroKMrelKMSvvRKg2MEg +j/sx9TaHHqrKys4AiL4Rq/ybQEigFC6G8mpZWbBrU+vN2SLr1ZsPftCHIY12LF56 +0WLYTYNqDgF5BdCZCrjJ2hhN+XwML2tgYdWioV/Eey8SJSqUskf03MpcwnLbVfSp +hwmowqNfiEFFqPBCf7E8IVarGWctbMpvlMbAM5owhMev/Ccmqqt81NFkb1WVejvN +5v/JKv243/Xedf4I7ZJv7zKeswoP9piFzWHXCd9SIVzWqF77u/crHufIhoEa7NkZ +hSC2aosQF619iKnfk0nqWaLDJ182CCXkHERoQC7q9X2IGLDLoA0XAgMBAAEwDQYJ +KoZIhvcNAQELBQADggEBAKbtLx+YlCGRCBmYn3dfYF+BIvK/b/e0DKNhDKhb4s9J +ywlJ4qnAB48tgPx0q+ZB+EdMYRqCwyvXJxEdZ7PsCdUeU6xI2ybkhSdUUfQbYem3 +aYRG+yukGzazySQJs8lGqxBlRMFl/FGCg+oSQ/I32eGf8micDskj2zkAJtCkUPHX +30YrWMfOwW1r2xYr2mBNXbNWXJhW/sIg5u8aa9fcALeuQcMXkbsbVoPmC5aLdiVZ +rvUFoJ8DPg0aYYwj64RwU0B5HW/7jKhQ25FgKVAzLGrgYx1DivkM7UQGdWYnU8IA +A8S89gRjGk2hnkeagWas3dxqTTpgJDhprgWzyKa9hII= +-----END CERTIFICATE----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-257line.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-257line.pem new file mode 100644 index 0000000..414b036 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-257line.pem @@ -0,0 +1,25 @@ +-----BEGIN CERTIFICATE----- +MIIEzDCCA7QCCQCgxkRox+YljjANBgkqhkiG9w0BAQsFADCCASYxYzBhBgNVBAgM +WlRoZSBHcmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1lcyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwWVG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQgU29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlwa +HJhc2lzMT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZ +W50aWFyeSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwHhcNM +TcwMjIzMjAyNTM2WhcNMTcwMzI1MjAyNTM2WjCCASYxYzBhBgNVBAgMWlRoZSBHc +mVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1lc +yBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwWV +G9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQgU +29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlwaHJhc2lzM +T0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZW50aWFye +SBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwggEiMA0GCSqGS +Ib3DQEBAQUAA4IBDwAwggEKAoIBAQC7MOIrqH+ZIJiZdroKMrelKMSvvRKg2MEgj +/sx9TaHHqrKys4AiL4Rq/ybQEigFC6G8mpZWbBrU+vN2SLr1ZsPftCHIY12LF560 +WLYTYNqDgF5BdCZCrjJ2hhN+XwML2tgYdWioV/Eey8SJSqUskf03MpcwnLbVfSph +wmowqNfiEFFqPBCf7E8IVarGWctbMpvlMbAM5owhMev/Ccmqqt81NFkb1WVejvN5 +v/JKv243/Xedf4I7ZJv7zKeswoP9piFzWHXCd9SIVzWqF77u/crHufIhoEa7NkZh +SC2aosQF619iKnfk0nqWaLDJ182CCXkHERoQC7q9X2IGLDLoA0XAgMBAAEwDQYJK +oZIhvcNAQELBQADggEBAKbtLx+YlCGRCBmYn3dfYF+BIvK/b/e0DKNhDKhb4s9Jy +wlJ4qnAB48tgPx0q+ZB+EdMYRqCwyvXJxEdZ7PsCdUeU6xI2ybkhSdUUfQbYem3a +YRG+yukGzazySQJs8lGqxBlRMFl/FGCg+oSQ/I32eGf8micDskj2zkAJtCkUPHX3 +0YrWMfOwW1r2xYr2mBNXbNWXJhW/sIg5u8aa9fcALeuQcMXkbsbVoPmC5aLdiVZr +vUFoJ8DPg0aYYwj64RwU0B5HW/7jKhQ25FgKVAzLGrgYx1DivkM7UQGdWYnU8IAA +8S89gRjGk2hnkeagWas3dxqTTpgJDhprgWzyKa9hII= +-----END CERTIFICATE----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-blankline.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-blankline.pem new file mode 100644 index 0000000..3f25288 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-blankline.pem @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIEzDCCA7QCCQCgxkRox+YljjANBgkqhkiG9w0BAQsFADCCASYxYzBhBgNVBAgM +WlRoZSBHcmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVs +ZCBOYW1lcyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0G +A1UEBwwWVG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2 +b2xlbnQgU29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlw +aHJhc2lzMT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlk +ZW50aWFyeSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwHhcN +MTcwMjIzMjAyNTM2WhcNMTcwMzI1MjAyNTM2WjCCASYxYzBhBgNVBAgMWlRoZSBH +cmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1l +cyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwW +VG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQg + +U29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlwaHJhc2lz +MT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZW50aWFy +eSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7MOIrqH+ZIJiZdroKMrelKMSvvRKg2MEg +j/sx9TaHHqrKys4AiL4Rq/ybQEigFC6G8mpZWbBrU+vN2SLr1ZsPftCHIY12LF56 +0WLYTYNqDgF5BdCZCrjJ2hhN+XwML2tgYdWioV/Eey8SJSqUskf03MpcwnLbVfSp +hwmowqNfiEFFqPBCf7E8IVarGWctbMpvlMbAM5owhMev/Ccmqqt81NFkb1WVejvN +5v/JKv243/Xedf4I7ZJv7zKeswoP9piFzWHXCd9SIVzWqF77u/crHufIhoEa7NkZ +hSC2aosQF619iKnfk0nqWaLDJ182CCXkHERoQC7q9X2IGLDLoA0XAgMBAAEwDQYJ +KoZIhvcNAQELBQADggEBAKbtLx+YlCGRCBmYn3dfYF+BIvK/b/e0DKNhDKhb4s9J +ywlJ4qnAB48tgPx0q+ZB+EdMYRqCwyvXJxEdZ7PsCdUeU6xI2ybkhSdUUfQbYem3 +aYRG+yukGzazySQJs8lGqxBlRMFl/FGCg+oSQ/I32eGf8micDskj2zkAJtCkUPHX +30YrWMfOwW1r2xYr2mBNXbNWXJhW/sIg5u8aa9fcALeuQcMXkbsbVoPmC5aLdiVZ +rvUFoJ8DPg0aYYwj64RwU0B5HW/7jKhQ25FgKVAzLGrgYx1DivkM7UQGdWYnU8IA +A8S89gRjGk2hnkeagWas3dxqTTpgJDhprgWzyKa9hII= +-----END CERTIFICATE----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-comment.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-comment.pem new file mode 100644 index 0000000..a1a493e --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-comment.pem @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIEzDCCA7QCCQCgxkRox+YljjANBgkqhkiG9w0BAQsFADCCASYxYzBhBgNVBAgM +WlRoZSBHcmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVs +ZCBOYW1lcyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0G +A1UEBwwWVG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2 +b2xlbnQgU29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlw +aHJhc2lzMT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlk +ZW50aWFyeSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwHhcN +MTcwMjIzMjAyNTM2WhcNMTcwMzI1MjAyNTM2WjCCASYxYzBhBgNVBAgMWlRoZSBH +cmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1l +cyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwW +VG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQg +U29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlwaHJhc2lz +MT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZW50aWFy +-MT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZW50aWFy +eSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7MOIrqH+ZIJiZdroKMrelKMSvvRKg2MEg +j/sx9TaHHqrKys4AiL4Rq/ybQEigFC6G8mpZWbBrU+vN2SLr1ZsPftCHIY12LF56 +0WLYTYNqDgF5BdCZCrjJ2hhN+XwML2tgYdWioV/Eey8SJSqUskf03MpcwnLbVfSp +hwmowqNfiEFFqPBCf7E8IVarGWctbMpvlMbAM5owhMev/Ccmqqt81NFkb1WVejvN +5v/JKv243/Xedf4I7ZJv7zKeswoP9piFzWHXCd9SIVzWqF77u/crHufIhoEa7NkZ +hSC2aosQF619iKnfk0nqWaLDJ182CCXkHERoQC7q9X2IGLDLoA0XAgMBAAEwDQYJ +KoZIhvcNAQELBQADggEBAKbtLx+YlCGRCBmYn3dfYF+BIvK/b/e0DKNhDKhb4s9J +ywlJ4qnAB48tgPx0q+ZB+EdMYRqCwyvXJxEdZ7PsCdUeU6xI2ybkhSdUUfQbYem3 +aYRG+yukGzazySQJs8lGqxBlRMFl/FGCg+oSQ/I32eGf8micDskj2zkAJtCkUPHX +30YrWMfOwW1r2xYr2mBNXbNWXJhW/sIg5u8aa9fcALeuQcMXkbsbVoPmC5aLdiVZ +rvUFoJ8DPg0aYYwj64RwU0B5HW/7jKhQ25FgKVAzLGrgYx1DivkM7UQGdWYnU8IA +A8S89gRjGk2hnkeagWas3dxqTTpgJDhprgWzyKa9hII= +-----END CERTIFICATE----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-earlypad.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-earlypad.pem new file mode 100644 index 0000000..adb445e --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-earlypad.pem @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIEzDCCA7QCCQCgxkRox+YljjANBgkqhkiG9w0BAQsFADCCASYxYzBhBgNVBAgM +WlRoZSBHcmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVs +====ZCBOYW1lcyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0G +A1UEBwwWVG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2 +b2xlbnQgU29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlw +aHJhc2lzMT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlk +ZW50aWFyeSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwHhcN +MTcwMjIzMjAyNTM2WhcNMTcwMzI1MjAyNTM2WjCCASYxYzBhBgNVBAgMWlRoZSBH +cmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1l +cyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwW +VG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQg +U29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlwaHJhc2lz +MT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZW50aWFy +eSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7MOIrqH+ZIJiZdroKMrelKMSvvRKg2MEg +j/sx9TaHHqrKys4AiL4Rq/ybQEigFC6G8mpZWbBrU+vN2SLr1ZsPftCHIY12LF56 +0WLYTYNqDgF5BdCZCrjJ2hhN+XwML2tgYdWioV/Eey8SJSqUskf03MpcwnLbVfSp +hwmowqNfiEFFqPBCf7E8IVarGWctbMpvlMbAM5owhMev/Ccmqqt81NFkb1WVejvN +5v/JKv243/Xedf4I7ZJv7zKeswoP9piFzWHXCd9SIVzWqF77u/crHufIhoEa7NkZ +hSC2aosQF619iKnfk0nqWaLDJ182CCXkHERoQC7q9X2IGLDLoA0XAgMBAAEwDQYJ +KoZIhvcNAQELBQADggEBAKbtLx+YlCGRCBmYn3dfYF+BIvK/b/e0DKNhDKhb4s9J +ywlJ4qnAB48tgPx0q+ZB+EdMYRqCwyvXJxEdZ7PsCdUeU6xI2ybkhSdUUfQbYem3 +aYRG+yukGzazySQJs8lGqxBlRMFl/FGCg+oSQ/I32eGf8micDskj2zkAJtCkUPHX +30YrWMfOwW1r2xYr2mBNXbNWXJhW/sIg5u8aa9fcALeuQcMXkbsbVoPmC5aLdiVZ +rvUFoJ8DPg0aYYwj64RwU0B5HW/7jKhQ25FgKVAzLGrgYx1DivkM7UQGdWYnU8IA +A8S89gRjGk2hnkeagWas3dxqTTpgJDhprgWzyKa9hII= +-----END CERTIFICATE----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-extrapad.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-extrapad.pem new file mode 100644 index 0000000..0b89aa2 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-extrapad.pem @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIEzDCCA7QCCQCgxkRox+YljjANBgkqhkiG9w0BAQsFADCCASYxYzBhBgNVBAgM +WlRoZSBHcmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVs +ZCBOYW1lcyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0G +A1UEBwwWVG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2 +b2xlbnQgU29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlw +aHJhc2lzMT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlk +ZW50aWFyeSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwHhcN +MTcwMjIzMjAyNTM2WhcNMTcwMzI1MjAyNTM2WjCCASYxYzBhBgNVBAgMWlRoZSBH +cmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1l +cyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwW +VG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQg +U29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlwaHJhc2lz +MT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZW50aWFy +eSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7MOIrqH+ZIJiZdroKMrelKMSvvRKg2MEg +j/sx9TaHHqrKys4AiL4Rq/ybQEigFC6G8mpZWbBrU+vN2SLr1ZsPftCHIY12LF56 +0WLYTYNqDgF5BdCZCrjJ2hhN+XwML2tgYdWioV/Eey8SJSqUskf03MpcwnLbVfSp +hwmowqNfiEFFqPBCf7E8IVarGWctbMpvlMbAM5owhMev/Ccmqqt81NFkb1WVejvN +5v/JKv243/Xedf4I7ZJv7zKeswoP9piFzWHXCd9SIVzWqF77u/crHufIhoEa7NkZ +hSC2aosQF619iKnfk0nqWaLDJ182CCXkHERoQC7q9X2IGLDLoA0XAgMBAAEwDQYJ +KoZIhvcNAQELBQADggEBAKbtLx+YlCGRCBmYn3dfYF+BIvK/b/e0DKNhDKhb4s9J +ywlJ4qnAB48tgPx0q+ZB+EdMYRqCwyvXJxEdZ7PsCdUeU6xI2ybkhSdUUfQbYem3 +aYRG+yukGzazySQJs8lGqxBlRMFl/FGCg+oSQ/I32eGf8micDskj2zkAJtCkUPHX +30YrWMfOwW1r2xYr2mBNXbNWXJhW/sIg5u8aa9fcALeuQcMXkbsbVoPmC5aLdiVZ +rvUFoJ8DPg0aYYwj64RwU0B5HW/7jKhQ25FgKVAzLGrgYx1DivkM7UQGdWYnU8IA +A8S89gRjGk2hnkeagWas3dxqTTpgJDhprgWzyKa9hII===== +-----END CERTIFICATE----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-infixwhitespace.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-infixwhitespace.pem new file mode 100644 index 0000000..f7e912a --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-infixwhitespace.pem @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIEzDCCA7QCCQCgxkRox+YljjANBgkqhkiG9w0BAQsFADCCASYxYzBhBgNVBAgM +WlRoZSBHcmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVs +ZCBOYW1lcyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0G +A1UEBwwWVG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2 +b2xlbnQgU29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlw +aHJhc2lzMT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlk +ZW50aWFyeSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwHhcN +MTcwMjIzMjAyNTM2WhcNMTcwMzI1MjAyNTM2WjCCASYxYzBhBgNVBAgMWlRoZSBH +cmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1l +cyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwW +VG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQg +U29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlwaHJhc2lz +MT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZW50aWFy +eSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7MOIrqH+ZIJiZdroKMrelKMSvvRKg2MEg +j/sx9TaHHqrKys4AiL4R q/ybQEigFC6G8mpZWbBrU+vN2SLr1ZsPftCHIY12LF56 +0WLYTYNqDgF5BdCZCrjJ2hhN+XwML2tgYdWioV/Eey8SJSqUskf03MpcwnLbVfSp +hwmowqNfiEFFqPBCf7E8IVarGWctbMpvlMbAM5owhMev/Ccmqqt81NFkb1WVejvN +5v/JKv243/Xedf4I7ZJv7zKeswoP9piFzWHXCd9SIVzWqF77u/crHufIhoEa7NkZ +hSC2aosQF619iKnfk0nqWaLDJ182C CXkHERoQC7q9X2IGLDLoA0XAgMBAAEwDQYJ +KoZIhvcNAQELBQADggEBAKbtLx+YlCGRCBmYn3dfYF+BIvK/b/e0DKNhDKhb4s9J +ywlJ4qnAB48tgPx0q+ZB+EdMYRqCwyvXJxEdZ7PsCdUeU6xI2ybkhSdUUfQbYem3 +aYRG+yukGzazySQJs8lGqxBlRMFl/FGCg+oSQ/I32eGf8micDskj2zkAJtCkUPHX +30YrWMfOwW1r2xYr2mBNXbNWXJhW/sIg5u8aa9fcALeuQcMXkbsbVoPmC5aLdiVZ +rvUFoJ8DPg0aYYwj64RwU0B5HW/7jKhQ25FgKVAzLGrgYx1DivkM7UQGdWYnU8IA +A8S89gRjGk2hnkeagWas3dxqTTpgJDhprgWzyKa9hII= +-----END CERTIFICATE----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-junk.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-junk.pem new file mode 100644 index 0000000..5377e26 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-junk.pem @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIEzDCCA7QCCQCgxkRox+YljjANBgkqhkiG9w0BAQsFADCCASYxYzBhBgNVBAgM +WlRoZSBHcmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVs +ZCBOYW1lcyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0G +A1UEBwwWVG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2 +b2xlbnQgU29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlw +aHJhc2lzMT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlk +ZW50aWFyeSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwHhcN +MTcwMjIzMjAyNTM2WhcNMTcwMzI1MjAyNTM2WjCCASYxYzBhBgNVBAgMWlRoZSBH +cmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1l +cyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwW +VG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQg +U29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlwaHJhc2lz +!"#$%&() +MT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZW50aWFy +eSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7MOIrqH+ZIJiZdroKMrelKMSvvRKg2MEg +j/sx9TaHHqrKys4AiL4Rq/ybQEigFC6G8mpZWbBrU+vN2SLr1ZsPftCHIY12LF56 +0WLYTYNqDgF5BdCZCrjJ2hhN+XwML2tgYdWioV/Eey8SJSqUskf03MpcwnLbVfSp +hwmowqNfiEFFqPBCf7E8IVarGWctbMpvlMbAM5owhMev/Ccmqqt81NFkb1WVejvN +5v/JKv243/Xedf4I7ZJv7zKeswoP9piFzWHXCd9SIVzWqF77u/crHufIhoEa7NkZ +hSC2aosQF619iKnfk0nqWaLDJ182CCXkHERoQC7q9X2IGLDLoA0XAgMBAAEwDQYJ +KoZIhvcNAQELBQADggEBAKbtLx+YlCGRCBmYn3dfYF+BIvK/b/e0DKNhDKhb4s9J +ywlJ4qnAB48tgPx0q+ZB+EdMYRqCwyvXJxEdZ7PsCdUeU6xI2ybkhSdUUfQbYem3 +aYRG+yukGzazySQJs8lGqxBlRMFl/FGCg+oSQ/I32eGf8micDskj2zkAJtCkUPHX +30YrWMfOwW1r2xYr2mBNXbNWXJhW/sIg5u8aa9fcALeuQcMXkbsbVoPmC5aLdiVZ +rvUFoJ8DPg0aYYwj64RwU0B5HW/7jKhQ25FgKVAzLGrgYx1DivkM7UQGdWYnU8IA +A8S89gRjGk2hnkeagWas3dxqTTpgJDhprgWzyKa9hII= +-----END CERTIFICATE----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-leadingwhitespace.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-leadingwhitespace.pem new file mode 100644 index 0000000..6de4d48 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-leadingwhitespace.pem @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- + MIIEzDCCA7QCCQCgxkRox+YljjANBgkqhkiG9w0BAQsFADCCASYxYzBhBgNVBAgM + WlRoZSBHcmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVs + ZCBOYW1lcyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0G + A1UEBwwWVG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2 + b2xlbnQgU29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlw + aHJhc2lzMT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlk + ZW50aWFyeSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwHhcN + MTcwMjIzMjAyNTM2WhcNMTcwMzI1MjAyNTM2WjCCASYxYzBhBgNVBAgMWlRoZSBH + cmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1l + cyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwW + VG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQg + U29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlwaHJhc2lz + MT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZW50aWFy + eSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwggEiMA0GCSqG + SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7MOIrqH+ZIJiZdroKMrelKMSvvRKg2MEg + j/sx9TaHHqrKys4AiL4Rq/ybQEigFC6G8mpZWbBrU+vN2SLr1ZsPftCHIY12LF56 + 0WLYTYNqDgF5BdCZCrjJ2hhN+XwML2tgYdWioV/Eey8SJSqUskf03MpcwnLbVfSp + hwmowqNfiEFFqPBCf7E8IVarGWctbMpvlMbAM5owhMev/Ccmqqt81NFkb1WVejvN + 5v/JKv243/Xedf4I7ZJv7zKeswoP9piFzWHXCd9SIVzWqF77u/crHufIhoEa7NkZ + hSC2aosQF619iKnfk0nqWaLDJ182CCXkHERoQC7q9X2IGLDLoA0XAgMBAAEwDQYJ + KoZIhvcNAQELBQADggEBAKbtLx+YlCGRCBmYn3dfYF+BIvK/b/e0DKNhDKhb4s9J + ywlJ4qnAB48tgPx0q+ZB+EdMYRqCwyvXJxEdZ7PsCdUeU6xI2ybkhSdUUfQbYem3 + aYRG+yukGzazySQJs8lGqxBlRMFl/FGCg+oSQ/I32eGf8micDskj2zkAJtCkUPHX + 30YrWMfOwW1r2xYr2mBNXbNWXJhW/sIg5u8aa9fcALeuQcMXkbsbVoPmC5aLdiVZ + rvUFoJ8DPg0aYYwj64RwU0B5HW/7jKhQ25FgKVAzLGrgYx1DivkM7UQGdWYnU8IA + A8S89gRjGk2hnkeagWas3dxqTTpgJDhprgWzyKa9hII= +-----END CERTIFICATE----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-longline.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-longline.pem new file mode 100644 index 0000000..7304481 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-longline.pem @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIEzDCCA7QCCQCgxkRox+YljjANBgkqhkiG9w0BAQsFADCCASYxYzBhBgNVBAgM +WlRoZSBHcmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVs +ZCBOYW1lcyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0G +A1UEBwwWVG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2 +b2xlbnQgU29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlw +aHJhc2lzMT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlk +ZW50aWFyeSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwHhcN +MTcwMjIzMjAyNTM2WhcNMTcwMzI1MjAyNTM2WjCCASYxYzBhBgNVBAgMWlRoZSBH +cmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1l +cyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwW +VG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQg +U29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlwaHJhc2lz +MT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZW50aWFy +eSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7MOIrqH+ZIJiZdroKMrelKMSvvRKg2MEg +j/sx9TaHHqrKys4AiL4Rq/ybQEigFC6G8mpZWbBrU+vN2SLr1ZsPftCHIY12LF56 +0WLYTYNqDgF5BdCZCrjJ2hhN+XwML2tgYdWioV/Eey8SJSqUskf03MpcwnLbVfSp +hwmowqNfiEFFqPBCf7E8IVarGWctbMpvlMbAM5owhMev/Ccmqqt81NFkb1WVejvN +5v/JKv243/Xedf4I7ZJv7zKeswoP9piFzWHXCd9SIVzWqF77u/crHufIhoEa7NkZ +hSC2aosQF619iKnfk0nqWaLDJ182CCXkHERoQC7q9X2IGLDLoA0XAgMBAAEwDQYJ +KoZIhvcNAQELBQADggEBAKbtLx+YlCGRCBmYn3dfYF+BIvK/b/e0DKNhDKhb4s9J +ywlJ4qnAB48tgPx0q+ZB+EdMYRqCwyvXJxEdZ7PsCdUeU6xI2ybkhSdUUfQbYem3 +aYRG+yukGzazySQJs8lGqxBlRMFl/FGCg+oSQ/I32eGf8micDskj2zkAJtCkUPHX +30YrWMfOwW1r2xYr2mBNXbNWXJhW/sIg5u8aa9fcALeuQcMXkbsbVoPmC5aLdiVZ +rvUFoJ8DPg0aYYwj64RwU0B5HW/7jKhQ25FgKVAzLGrgYx1DivkM7UQGdWYnU8IAA +8S89gRjGk2hnkeagWas3dxqTTpgJDhprgWzyKa9hII= +-----END CERTIFICATE----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-misalignedpad.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-misalignedpad.pem new file mode 100644 index 0000000..caca6e5 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-misalignedpad.pem @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIEzDCCA7QCCQCgxkRox+YljjANBgkqhkiG9w0BAQsFADCCASYxYzBhBgNVBAgM +WlRoZSBHcmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVs +ZCBOYW1lcyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0G +A1UEBwwWVG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2 +b2xlbnQgU29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlw +aHJhc2lzMT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlk +ZW50aWFyeSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwHhcN +MTcwMjIzMjAyNTM2WhcNMTcwMzI1MjAyNTM2WjCCASYxYzBhBgNVBAgMWlRoZSBH +cmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1l +cyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwW +VG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQg +U29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlwaHJhc2lz +MT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZW50aWFy +eSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7MOIrqH+ZIJiZdroKMrelKMSvvRKg2MEg +j/sx9TaHHqrKys4AiL4Rq/ybQEigFC6G8mpZWbBrU+vN2SLr1ZsPftCHIY12LF56 +0WLYTYNqDgF5BdCZCrjJ2hhN+XwML2tgYdWioV/Eey8SJSqUskf03MpcwnLbVfSp +hwmowqNfiEFFqPBCf7E8IVarGWctbMpvlMbAM5owhMev/Ccmqqt81NFkb1WVejvN +5v/JKv243/Xedf4I7ZJv7zKeswoP9piFzWHXCd9SIVzWqF77u/crHufIhoEa7NkZ +hSC2aosQF619iKnfk0nqWaLDJ182CCXkHERoQC7q9X2IGLDLoA0XAgMBAAEwDQYJ +KoZIhvcNAQELBQADggEBAKbtLx+YlCGRCBmYn3dfYF+BIvK/b/e0DKNhDKhb4s9J +ywlJ4qnAB48tgPx0q+ZB+EdMYRqCwyvXJxEdZ7PsCdUeU6xI2ybkhSdUUfQbYem3 +aYRG+yukGzazySQJs8lGqxBlRMFl/FGCg+oSQ/I32eGf8micDskj2zkAJtCkUPHX +30YrWMfOwW1r2xYr2mBNXbNWXJhW/sIg5u8aa9fcALeuQcMXkbsbVoPmC5aLdiVZ +rvUFoJ8DPg0aYYwj64RwU0B5HW/7jKhQ25FgKVAzLGrgYx1DivkM7UQGdWYnU8IA +A8S89gRjGk2hnkeagWas3dxqTTpgJDhprgWzyKa9hII== +-----END CERTIFICATE----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-onecolumn.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-onecolumn.pem new file mode 100644 index 0000000..77eebbf --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-onecolumn.pem @@ -0,0 +1,1646 @@ +-----BEGIN CERTIFICATE----- +M +I +I +E +z +D +C +C +A +7 +Q +C +C +Q +C +g +x +k +R +o +x ++ +Y +l +j +j +A +N +B +g +k +q +h +k +i +G +9 +w +0 +B +A +Q +s +F +A +D +C +C +A +S +Y +x +Y +z +B +h +B +g +N +V +B +A +g +M +W +l +R +o +Z +S +B +H +c +m +V +h +d +C +B +T +d +G +F +0 +Z +S +B +v +Z +i +B +M +b +2 +5 +n +L +V +d +p +b +m +R +l +Z +C +B +D +Z +X +J +0 +a +W +Z +p +Y +2 +F +0 +Z +S +B +G +a +W +V +s +Z +C +B +O +Y +W +1 +l +c +y +B +X +a +G +V +y +Z +W +J +5 +I +H +R +v +I +E +l +u +Y +3 +J +l +Y +X +N +l +I +H +R +o +Z +S +B +P +d +X +R +w +d +X +Q +g +U +2 +l +6 +Z +T +E +f +M +B +0 +G +A +1 +U +E +B +w +w +W +V +G +9 +v +b +W +F +u +e +W +N +o +Y +X +J +h +Y +3 +R +l +c +n +N +2 +a +W +x +s +Z +T +F +I +M +E +Y +G +A +1 +U +E +C +g +w +/ +V +G +h +l +I +E +J +l +b +m +V +2 +b +2 +x +l +b +n +Q +g +U +2 +9 +j +a +W +V +0 +e +S +B +v +Z +i +B +M +b +3 +F +1 +Y +W +N +p +b +3 +V +z +I +G +F +u +Z +C +B +Q +b +G +V +v +b +m +F +z +d +G +l +j +I +F +B +l +c +m +l +w +a +H +J +h +c +2 +l +z +M +T +0 +w +O +w +Y +D +V +Q +Q +L +D +D +R +F +b +m +R +v +c +n +N +l +b +W +V +u +d +C +B +v +Z +i +B +W +b +3 +V +j +a +H +N +h +Z +m +U +n +Z +C +B +F +d +m +l +k +Z +W +5 +0 +a +W +F +y +e +S +B +D +Z +X +J +0 +a +W +Z +p +Y +2 +F +0 +a +W +9 +u +M +R +U +w +E +w +Y +D +V +Q +Q +D +D +A +x +j +Z +X +J +0 +L +m +V +4 +Y +W +1 +w +b +G +U +w +H +h +c +N +M +T +c +w +M +j +I +z +M +j +A +y +N +T +M +2 +W +h +c +N +M +T +c +w +M +z +I +1 +M +j +A +y +N +T +M +2 +W +j +C +C +A +S +Y +x +Y +z +B +h +B +g +N +V +B +A +g +M +W +l +R +o +Z +S +B +H +c +m +V +h +d +C +B +T +d +G +F +0 +Z +S +B +v +Z +i +B +M +b +2 +5 +n +L +V +d +p +b +m +R +l +Z +C +B +D +Z +X +J +0 +a +W +Z +p +Y +2 +F +0 +Z +S +B +G +a +W +V +s +Z +C +B +O +Y +W +1 +l +c +y +B +X +a +G +V +y +Z +W +J +5 +I +H +R +v +I +E +l +u +Y +3 +J +l +Y +X +N +l +I +H +R +o +Z +S +B +P +d +X +R +w +d +X +Q +g +U +2 +l +6 +Z +T +E +f +M +B +0 +G +A +1 +U +E +B +w +w +W +V +G +9 +v +b +W +F +u +e +W +N +o +Y +X +J +h +Y +3 +R +l +c +n +N +2 +a +W +x +s +Z +T +F +I +M +E +Y +G +A +1 +U +E +C +g +w +/ +V +G +h +l +I +E +J +l +b +m +V +2 +b +2 +x +l +b +n +Q +g +U +2 +9 +j +a +W +V +0 +e +S +B +v +Z +i +B +M +b +3 +F +1 +Y +W +N +p +b +3 +V +z +I +G +F +u +Z +C +B +Q +b +G +V +v +b +m +F +z +d +G +l +j +I +F +B +l +c +m +l +w +a +H +J +h +c +2 +l +z +M +T +0 +w +O +w +Y +D +V +Q +Q +L +D +D +R +F +b +m +R +v +c +n +N +l +b +W +V +u +d +C +B +v +Z +i +B +W +b +3 +V +j +a +H +N +h +Z +m +U +n +Z +C +B +F +d +m +l +k +Z +W +5 +0 +a +W +F +y +e +S +B +D +Z +X +J +0 +a +W +Z +p +Y +2 +F +0 +a +W +9 +u +M +R +U +w +E +w +Y +D +V +Q +Q +D +D +A +x +j +Z +X +J +0 +L +m +V +4 +Y +W +1 +w +b +G +U +w +g +g +E +i +M +A +0 +G +C +S +q +G +S +I +b +3 +D +Q +E +B +A +Q +U +A +A +4 +I +B +D +w +A +w +g +g +E +K +A +o +I +B +A +Q +C +7 +M +O +I +r +q +H ++ +Z +I +J +i +Z +d +r +o +K +M +r +e +l +K +M +S +v +v +R +K +g +2 +M +E +g +j +/ +s +x +9 +T +a +H +H +q +r +K +y +s +4 +A +i +L +4 +R +q +/ +y +b +Q +E +i +g +F +C +6 +G +8 +m +p +Z +W +b +B +r +U ++ +v +N +2 +S +L +r +1 +Z +s +P +f +t +C +H +I +Y +1 +2 +L +F +5 +6 +0 +W +L +Y +T +Y +N +q +D +g +F +5 +B +d +C +Z +C +r +j +J +2 +h +h +N ++ +X +w +M +L +2 +t +g +Y +d +W +i +o +V +/ +E +e +y +8 +S +J +S +q +U +s +k +f +0 +3 +M +p +c +w +n +L +b +V +f +S +p +h +w +m +o +w +q +N +f +i +E +F +F +q +P +B +C +f +7 +E +8 +I +V +a +r +G +W +c +t +b +M +p +v +l +M +b +A +M +5 +o +w +h +M +e +v +/ +C +c +m +q +q +t +8 +1 +N +F +k +b +1 +W +V +e +j +v +N +5 +v +/ +J +K +v +2 +4 +3 +/ +X +e +d +f +4 +I +7 +Z +J +v +7 +z +K +e +s +w +o +P +9 +p +i +F +z +W +H +X +C +d +9 +S +I +V +z +W +q +F +7 +7 +u +/ +c +r +H +u +f +I +h +o +E +a +7 +N +k +Z +h +S +C +2 +a +o +s +Q +F +6 +1 +9 +i +K +n +f +k +0 +n +q +W +a +L +D +J +1 +8 +2 +C +C +X +k +H +E +R +o +Q +C +7 +q +9 +X +2 +I +G +L +D +L +o +A +0 +X +A +g +M +B +A +A +E +w +D +Q +Y +J +K +o +Z +I +h +v +c +N +A +Q +E +L +B +Q +A +D +g +g +E +B +A +K +b +t +L +x ++ +Y +l +C +G +R +C +B +m +Y +n +3 +d +f +Y +F ++ +B +I +v +K +/ +b +/ +e +0 +D +K +N +h +D +K +h +b +4 +s +9 +J +y +w +l +J +4 +q +n +A +B +4 +8 +t +g +P +x +0 +q ++ +Z +B ++ +E +d +M +Y +R +q +C +w +y +v +X +J +x +E +d +Z +7 +P +s +C +d +U +e +U +6 +x +I +2 +y +b +k +h +S +d +U +U +f +Q +b +Y +e +m +3 +a +Y +R +G ++ +y +u +k +G +z +a +z +y +S +Q +J +s +8 +l +G +q +x +B +l +R +M +F +l +/ +F +G +C +g ++ +o +S +Q +/ +I +3 +2 +e +G +f +8 +m +i +c +D +s +k +j +2 +z +k +A +J +t +C +k +U +P +H +X +3 +0 +Y +r +W +M +f +O +w +W +1 +r +2 +x +Y +r +2 +m +B +N +X +b +N +W +X +J +h +W +/ +s +I +g +5 +u +8 +a +a +9 +f +c +A +L +e +u +Q +c +M +X +k +b +s +b +V +o +P +m +C +5 +a +L +d +i +V +Z +r +v +U +F +o +J +8 +D +P +g +0 +a +Y +Y +w +j +6 +4 +R +w +U +0 +B +5 +H +W +/ +7 +j +K +h +Q +2 +5 +F +g +K +V +A +z +L +G +r +g +Y +x +1 +D +i +v +k +M +7 +U +Q +G +d +W +Y +n +U +8 +I +A +A +8 +S +8 +9 +g +R +j +G +k +2 +h +n +k +e +a +g +W +a +s +3 +d +x +q +T +T +p +g +J +D +h +p +r +g +W +z +y +K +a +9 +h +I +I += +-----END CERTIFICATE----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-oneline.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-oneline.pem new file mode 100644 index 0000000..70121fb --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-oneline.pem @@ -0,0 +1,3 @@ +-----BEGIN CERTIFICATE----- +MIIEzDCCA7QCCQCgxkRox+YljjANBgkqhkiG9w0BAQsFADCCASYxYzBhBgNVBAgMWlRoZSBHcmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1lcyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwWVG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQgU29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlwaHJhc2lzMT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZW50aWFyeSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwHhcNMTcwMjIzMjAyNTM2WhcNMTcwMzI1MjAyNTM2WjCCASYxYzBhBgNVBAgMWlRoZSBHcmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1lcyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwWVG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQgU29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlwaHJhc2lzMT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZW50aWFyeSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7MOIrqH+ZIJiZdroKMrelKMSvvRKg2MEgj/sx9TaHHqrKys4AiL4Rq/ybQEigFC6G8mpZWbBrU+vN2SLr1ZsPftCHIY12LF560WLYTYNqDgF5BdCZCrjJ2hhN+XwML2tgYdWioV/Eey8SJSqUskf03MpcwnLbVfSphwmowqNfiEFFqPBCf7E8IVarGWctbMpvlMbAM5owhMev/Ccmqqt81NFkb1WVejvN5v/JKv243/Xedf4I7ZJv7zKeswoP9piFzWHXCd9SIVzWqF77u/crHufIhoEa7NkZhSC2aosQF619iKnfk0nqWaLDJ182CCXkHERoQC7q9X2IGLDLoA0XAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAKbtLx+YlCGRCBmYn3dfYF+BIvK/b/e0DKNhDKhb4s9JywlJ4qnAB48tgPx0q+ZB+EdMYRqCwyvXJxEdZ7PsCdUeU6xI2ybkhSdUUfQbYem3aYRG+yukGzazySQJs8lGqxBlRMFl/FGCg+oSQ/I32eGf8micDskj2zkAJtCkUPHX30YrWMfOwW1r2xYr2mBNXbNWXJhW/sIg5u8aa9fcALeuQcMXkbsbVoPmC5aLdiVZrvUFoJ8DPg0aYYwj64RwU0B5HW/7jKhQ25FgKVAzLGrgYx1DivkM7UQGdWYnU8IAA8S89gRjGk2hnkeagWas3dxqTTpgJDhprgWzyKa9hII= +-----END CERTIFICATE----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-shortandlongline.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-shortandlongline.pem new file mode 100644 index 0000000..1681e24 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-shortandlongline.pem @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIEzDCCA7QCCQCgxkRox+YljjANBgkqhkiG9w0BAQsFADCCASYxYzBhBgNVBAgM +WlRoZSBHcmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVs +ZCBOYW1lcyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0G +A1UEBwwWVG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2 +b2xlbnQgU29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlw +aHJhc2lzMT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlk +ZW50aWFyeSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwHhcN +MTcwMjIzMjAyNTM2WhcNMTcwMzI1MjAyNTM2WjCCASYxYzBhBgNVBAgMWlRoZSBH +cmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1l +cyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwW +VG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQg +U29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlwaHJhc2lz +MT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZW50aWFy +eSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7MOIrqH+ZIJiZdroKMrelKMSvvRKg2MEg +j/sx9TaHHqrKys4AiL4Rq/ybQEigFC6G8mpZWbBrU+vN2SLr1ZsPftCHIY12LF56 +0WLYTYNqDgF5BdCZCrjJ2hhN+XwML2tgYdWioV/Eey8SJSqUskf03MpcwnLbVfSp +hwmowqNfiEFFqPBCf7E8IVarGWctbMpvlMbAM5owhMev/Ccmqqt81NFkb1WVejvN +5v/JKv243/Xedf4I7ZJv7zKeswoP9piFzWHXCd9SIVzWqF77u/crHufIhoEa7NkZ +hSC2aosQF619iKnfk0nqWaLDJ182CCXkHERoQC7q9X2IGLDLoA0XAgMBAAEwDQYJ +KoZIhvcNAQELBQADggEBAKbtLx+YlCGRCBmYn3dfYF+BIvK/b/e0DKNhDKhb4s9J +ywlJ4qnAB48tgPx0q+ZB+EdMYRqCwyvXJxEdZ7PsCdUeU6xI2ybkhSdUUfQbYem3 +aYRG+yukGzazySQJs8lGqxBlRMFl/FGCg+oSQ/I32eGf8micDskj2zkAJtCkUPHX +30YrWMfOwW1r2xYr2mBNXbNWXJhW/sIg5u8aa9fcALeuQcMXkbsbVoPmC5aLdiV +ZrvUFoJ8DPg0aYYwj64RwU0B5HW/7jKhQ25FgKVAzLGrgYx1DivkM7UQGdWYnU8IA +A8S89gRjGk2hnkeagWas3dxqTTpgJDhprgWzyKa9hII= +-----END CERTIFICATE----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-shortline.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-shortline.pem new file mode 100644 index 0000000..3c5d2e5 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-shortline.pem @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIEzDCCA7QCCQCgxkRox+YljjANBgkqhkiG9w0BAQsFADCCASYxYzBhBgNVBAgM +WlRoZSBHcmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVs +ZCBOYW1lcyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0G +A1UEBwwWVG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2 +b2xlbnQgU29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlw +aHJhc2lzMT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlk +ZW50aWFyeSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwHhcN +MTcwMjIzMjAyNTM2WhcNMTcwMzI1MjAyNTM2WjCCASYxYzBhBgNVBAgMWlRoZSBH +cmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1l +cyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwW +VG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQg +U29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlwaHJhc2lz +MT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZW50aWFy +eSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7MOIrqH+ZIJiZdroKMrelKMSvvRKg2MEg +j/sx9TaHHqrKys4AiL4Rq/ybQEigFC6G8mpZWbBrU+vN2SLr1ZsPftCHIY12LF56 +0WLYTYNqDgF5BdCZCrjJ2hhN+XwML2tgYdWioV/Eey8SJSqUskf03MpcwnLbVfSp +hwmowqNfiEFFqPBCf7E8IVarGWctbMpvlMbAM5owhMev/Ccmqqt81NFkb1WVejvN +5v/JKv243/Xedf4I7ZJv7zKeswoP9piFzWHXCd9SIVzWqF77u/crHufIhoEa7NkZ +hSC2aosQF619iKnfk0nqWaLDJ182CCXkHERoQC7q9X2IGLDLoA0XAgMBAAEwDQYJ +KoZIhvcNAQELBQADggEBAKbtLx+YlCGRCBmYn3dfYF+BIvK/b/e0DKNhDKhb4s9J +ywlJ4qnAB48tgPx0q+ZB+EdMYRqCwyvXJxEdZ7PsCdUeU6xI2ybkhSdUUfQbYem3 +aYRG+yukGzazySQJs8lGqxBlRMFl/FGCg+oSQ/I32eGf8micDskj2zkAJtCkUPHX +30YrWMfOwW1r2xYr2mBNXbNWXJhW/sIg5u8aa9fcALeuQcMXkbsbVoPmC5aLdiV +ZrvUFoJ8DPg0aYYwj64RwU0B5HW/7jKhQ25FgKVAzLGrgYx1DivkM7UQGdWYnU8I +AA8S89gRjGk2hnkeagWas3dxqTTpgJDhprgWzyKa9hII= +-----END CERTIFICATE----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-threecolumn.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-threecolumn.pem new file mode 100644 index 0000000..eb5503c --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-threecolumn.pem @@ -0,0 +1,550 @@ +-----BEGIN CERTIFICATE----- +MII +EzD +CCA +7QC +CQC +gxk +Rox ++Yl +jjA +NBg +kqh +kiG +9w0 +BAQ +sFA +DCC +ASY +xYz +BhB +gNV +BAg +MWl +RoZ +SBH +cmV +hdC +BTd +GF0 +ZSB +vZi +BMb +25n +LVd +pbm +RlZ +CBD +ZXJ +0aW +ZpY +2F0 +ZSB +GaW +VsZ +CBO +YW1 +lcy +BXa +GVy +ZWJ +5IH +RvI +Elu +Y3J +lYX +NlI +HRo +ZSB +PdX +Rwd +XQg +U2l +6ZT +EfM +B0G +A1U +EBw +wWV +G9v +bWF +ueW +NoY +XJh +Y3R +lcn +N2a +Wxs +ZTF +IME +YGA +1UE +Cgw +/VG +hlI +EJl +bmV +2b2 +xlb +nQg +U29 +jaW +V0e +SBv +ZiB +Mb3 +F1Y +WNp +b3V +zIG +FuZ +CBQ +bGV +vbm +Fzd +Glj +IFB +lcm +lwa +HJh +c2l +zMT +0wO +wYD +VQQ +LDD +RFb +mRv +cnN +lbW +Vud +CBv +ZiB +Wb3 +Vja +HNh +ZmU +nZC +BFd +mlk +ZW5 +0aW +Fye +SBD +ZXJ +0aW +ZpY +2F0 +aW9 +uMR +UwE +wYD +VQQ +DDA +xjZ +XJ0 +LmV +4YW +1wb +GUw +Hhc +NMT +cwM +jIz +MjA +yNT +M2W +hcN +MTc +wMz +I1M +jAy +NTM +2Wj +CCA +SYx +YzB +hBg +NVB +AgM +WlR +oZS +BHc +mVh +dCB +TdG +F0Z +SBv +ZiB +Mb2 +5nL +Vdp +bmR +lZC +BDZ +XJ0 +aWZ +pY2 +F0Z +SBG +aWV +sZC +BOY +W1l +cyB +XaG +VyZ +WJ5 +IHR +vIE +luY +3Jl +YXN +lIH +RoZ +SBP +dXR +wdX +QgU +2l6 +ZTE +fMB +0GA +1UE +Bww +WVG +9vb +WFu +eWN +oYX +JhY +3Rl +cnN +2aW +xsZ +TFI +MEY +GA1 +UEC +gw/ +VGh +lIE +Jlb +mV2 +b2x +lbn +QgU +29j +aWV +0eS +BvZ +iBM +b3F +1YW +Npb +3Vz +IGF +uZC +BQb +GVv +bmF +zdG +ljI +FBl +cml +waH +Jhc +2lz +MT0 +wOw +YDV +QQL +DDR +Fbm +Rvc +nNl +bWV +udC +BvZ +iBW +b3V +jaH +NhZ +mUn +ZCB +Fdm +lkZ +W50 +aWF +yeS +BDZ +XJ0 +aWZ +pY2 +F0a +W9u +MRU +wEw +YDV +QQD +DAx +jZX +J0L +mV4 +YW1 +wbG +Uwg +gEi +MA0 +GCS +qGS +Ib3 +DQE +BAQ +UAA +4IB +DwA +wgg +EKA +oIB +AQC +7MO +Irq +H+Z +IJi +Zdr +oKM +rel +KMS +vvR +Kg2 +MEg +j/s +x9T +aHH +qrK +ys4 +AiL +4Rq +/yb +QEi +gFC +6G8 +mpZ +WbB +rU+ +vN2 +SLr +1Zs +Pft +CHI +Y12 +LF5 +60W +LYT +YNq +DgF +5Bd +CZC +rjJ +2hh +N+X +wML +2tg +YdW +ioV +/Ee +y8S +JSq +Usk +f03 +Mpc +wnL +bVf +Sph +wmo +wqN +fiE +FFq +PBC +f7E +8IV +arG +Wct +bMp +vlM +bAM +5ow +hMe +v/C +cmq +qt8 +1NF +kb1 +WVe +jvN +5v/ +JKv +243 +/Xe +df4 +I7Z +Jv7 +zKe +swo +P9p +iFz +WHX +Cd9 +SIV +zWq +F77 +u/c +rHu +fIh +oEa +7Nk +ZhS +C2a +osQ +F61 +9iK +nfk +0nq +WaL +DJ1 +82C +CXk +HER +oQC +7q9 +X2I +GLD +LoA +0XA +gMB +AAE +wDQ +YJK +oZI +hvc +NAQ +ELB +QAD +ggE +BAK +btL +x+Y +lCG +RCB +mYn +3df +YF+ +BIv +K/b +/e0 +DKN +hDK +hb4 +s9J +ywl +J4q +nAB +48t +gPx +0q+ +ZB+ +EdM +YRq +Cwy +vXJ +xEd +Z7P +sCd +UeU +6xI +2yb +khS +dUU +fQb +Yem +3aY +RG+ +yuk +Gza +zyS +QJs +8lG +qxB +lRM +Fl/ +FGC +g+o +SQ/ +I32 +eGf +8mi +cDs +kj2 +zkA +JtC +kUP +HX3 +0Yr +WMf +OwW +1r2 +xYr +2mB +NXb +NWX +JhW +/sI +g5u +8aa +9fc +ALe +uQc +MXk +bsb +VoP +mC5 +aLd +iVZ +rvU +FoJ +8DP +g0a +YYw +j64 +RwU +0B5 +HW/ +7jK +hQ2 +5Fg +KVA +zLG +rgY +x1D +ivk +M7U +QGd +WYn +U8I +AA8 +S89 +gRj +Gk2 +hnk +eag +Was +3dx +qTT +pgJ +Dhp +rgW +zyK +a9h +II= +-----END CERTIFICATE----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-trailingwhitespace.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-trailingwhitespace.pem new file mode 100644 index 0000000..ab0dfe8 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert-trailingwhitespace.pem @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIEzDCCA7QCCQCgxkRox+YljjANBgkqhkiG9w0BAQsFADCCASYxYzBhBgNVBAgM +WlRoZSBHcmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVs +ZCBOYW1lcyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0G +A1UEBwwWVG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2 +b2xlbnQgU29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlw +aHJhc2lzMT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlk +ZW50aWFyeSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwHhcN +MTcwMjIzMjAyNTM2WhcNMTcwMzI1MjAyNTM2WjCCASYxYzBhBgNVBAgMWlRoZSBH +cmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1l +cyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwW +VG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQg +U29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlwaHJhc2lz +MT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZW50aWFy +eSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7MOIrqH+ZIJiZdroKMrelKMSvvRKg2MEg +j/sx9TaHHqrKys4AiL4Rq/ybQEigFC6G8mpZWbBrU+vN2SLr1ZsPftCHIY12LF56 +0WLYTYNqDgF5BdCZCrjJ2hhN+XwML2tgYdWioV/Eey8SJSqUskf03MpcwnLbVfSp +hwmowqNfiEFFqPBCf7E8IVarGWctbMpvlMbAM5owhMev/Ccmqqt81NFkb1WVejvN +5v/JKv243/Xedf4I7ZJv7zKeswoP9piFzWHXCd9SIVzWqF77u/crHufIhoEa7NkZ +hSC2aosQF619iKnfk0nqWaLDJ182CCXkHERoQC7q9X2IGLDLoA0XAgMBAAEwDQYJ +KoZIhvcNAQELBQADggEBAKbtLx+YlCGRCBmYn3dfYF+BIvK/b/e0DKNhDKhb4s9J +ywlJ4qnAB48tgPx0q+ZB+EdMYRqCwyvXJxEdZ7PsCdUeU6xI2ybkhSdUUfQbYem3 +aYRG+yukGzazySQJs8lGqxBlRMFl/FGCg+oSQ/I32eGf8micDskj2zkAJtCkUPHX +30YrWMfOwW1r2xYr2mBNXbNWXJhW/sIg5u8aa9fcALeuQcMXkbsbVoPmC5aLdiVZ +rvUFoJ8DPg0aYYwj64RwU0B5HW/7jKhQ25FgKVAzLGrgYx1DivkM7UQGdWYnU8IA +A8S89gRjGk2hnkeagWas3dxqTTpgJDhprgWzyKa9hII= +-----END CERTIFICATE----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/cert.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert.pem new file mode 100644 index 0000000..99ddf07 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/cert.pem @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIEzDCCA7QCCQCgxkRox+YljjANBgkqhkiG9w0BAQsFADCCASYxYzBhBgNVBAgM +WlRoZSBHcmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVs +ZCBOYW1lcyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0G +A1UEBwwWVG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2 +b2xlbnQgU29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlw +aHJhc2lzMT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlk +ZW50aWFyeSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwHhcN +MTcwMjIzMjAyNTM2WhcNMTcwMzI1MjAyNTM2WjCCASYxYzBhBgNVBAgMWlRoZSBH +cmVhdCBTdGF0ZSBvZiBMb25nLVdpbmRlZCBDZXJ0aWZpY2F0ZSBGaWVsZCBOYW1l +cyBXaGVyZWJ5IHRvIEluY3JlYXNlIHRoZSBPdXRwdXQgU2l6ZTEfMB0GA1UEBwwW +VG9vbWFueWNoYXJhY3RlcnN2aWxsZTFIMEYGA1UECgw/VGhlIEJlbmV2b2xlbnQg +U29jaWV0eSBvZiBMb3F1YWNpb3VzIGFuZCBQbGVvbmFzdGljIFBlcmlwaHJhc2lz +MT0wOwYDVQQLDDRFbmRvcnNlbWVudCBvZiBWb3VjaHNhZmUnZCBFdmlkZW50aWFy +eSBDZXJ0aWZpY2F0aW9uMRUwEwYDVQQDDAxjZXJ0LmV4YW1wbGUwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7MOIrqH+ZIJiZdroKMrelKMSvvRKg2MEg +j/sx9TaHHqrKys4AiL4Rq/ybQEigFC6G8mpZWbBrU+vN2SLr1ZsPftCHIY12LF56 +0WLYTYNqDgF5BdCZCrjJ2hhN+XwML2tgYdWioV/Eey8SJSqUskf03MpcwnLbVfSp +hwmowqNfiEFFqPBCf7E8IVarGWctbMpvlMbAM5owhMev/Ccmqqt81NFkb1WVejvN +5v/JKv243/Xedf4I7ZJv7zKeswoP9piFzWHXCd9SIVzWqF77u/crHufIhoEa7NkZ +hSC2aosQF619iKnfk0nqWaLDJ182CCXkHERoQC7q9X2IGLDLoA0XAgMBAAEwDQYJ +KoZIhvcNAQELBQADggEBAKbtLx+YlCGRCBmYn3dfYF+BIvK/b/e0DKNhDKhb4s9J +ywlJ4qnAB48tgPx0q+ZB+EdMYRqCwyvXJxEdZ7PsCdUeU6xI2ybkhSdUUfQbYem3 +aYRG+yukGzazySQJs8lGqxBlRMFl/FGCg+oSQ/I32eGf8micDskj2zkAJtCkUPHX +30YrWMfOwW1r2xYr2mBNXbNWXJhW/sIg5u8aa9fcALeuQcMXkbsbVoPmC5aLdiVZ +rvUFoJ8DPg0aYYwj64RwU0B5HW/7jKhQ25FgKVAzLGrgYx1DivkM7UQGdWYnU8IA +A8S89gRjGk2hnkeagWas3dxqTTpgJDhprgWzyKa9hII= +-----END CERTIFICATE----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/csr.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/csr.pem new file mode 100644 index 0000000..02a966d --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/csr.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIDbTCCAlUCAQAwggEmMWMwYQYDVQQIDFpUaGUgR3JlYXQgU3RhdGUgb2YgTG9u +Zy1XaW5kZWQgQ2VydGlmaWNhdGUgRmllbGQgTmFtZXMgV2hlcmVieSB0byBJbmNy +ZWFzZSB0aGUgT3V0cHV0IFNpemUxHzAdBgNVBAcMFlRvb21hbnljaGFyYWN0ZXJz +dmlsbGUxSDBGBgNVBAoMP1RoZSBCZW5ldm9sZW50IFNvY2lldHkgb2YgTG9xdWFj +aW91cyBhbmQgUGxlb25hc3RpYyBQZXJpcGhyYXNpczE9MDsGA1UECww0RW5kb3Jz +ZW1lbnQgb2YgVm91Y2hzYWZlJ2QgRXZpZGVudGlhcnkgQ2VydGlmaWNhdGlvbjEV +MBMGA1UEAwwMY2VydC5leGFtcGxlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB +CgKCAQEAuzDiK6h/mSCYmXa6CjK3pSjEr70SoNjBII/7MfU2hx6qysrOAIi+Eav8 +m0BIoBQuhvJqWVmwa1Przdki69WbD37QhyGNdixeetFi2E2Dag4BeQXQmQq4ydoY +Tfl8DC9rYGHVoqFfxHsvEiUqlLJH9NzKXMJy21X0qYcJqMKjX4hBRajwQn+xPCFW +qxlnLWzKb5TGwDOaMITHr/wnJqqrfNTRZG9VlXo7zeb/ySr9uN/13nX+CO2Sb+8y +nrMKD/aYhc1h1wnfUiFc1qhe+7v3Kx7nyIaBGuzZGYUgtmqLEBetfYip35NJ6lmi +wydfNggl5BxEaEAu6vV9iBiwy6ANFwIDAQABoAAwDQYJKoZIhvcNAQELBQADggEB +ADgIOZ6OL8SDAGcDTkHuE7d9xOIeiidMU2JU1Dxxk7iZh6JAHxjdgwwUew0nDdPR +74u84uGzecotX9MByAhmCflhwN+aTQcntxY1R44uAmeE0WJLrCYWQIKHh27YI/2y +9mMHX9srTtL+Ggrs7s1WLzcFitDpUWB4B+9a+KGJ0fbWPpjNcxDwwjSEiKwzHhpv +3PdTU2eC5/uvu1BoU4ms//JftvbWlTwHqf4J4P/FZeeOwoTay5d0K5qWDs9hEexP +m9wRUnCc8L7xPElYvIC9mpgMFvwJ3xMOpE1qAh7WSeAlTX6wE0WvxgCwhgEExISQ +vRMcwsXoc5VthqU/E8fc9ls= +-----END CERTIFICATE REQUEST----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-1023line.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-1023line.pem new file mode 100644 index 0000000..0e5c01a --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-1023line.pem @@ -0,0 +1,9 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,A2A7FA3E5E454B59C8777564E7AF3CD6 + +EBDWX0Qfarl+QNsHgCUudLyb6DkC4zyaDU/vUqWyHX0m+8W2bbmT5TexlL3hsM5U +gz7KsGqyjeOuK9QT5LOM4VyK6BgmhqpQaJ1MgCWA/gbBPTgBp2jfp3oS0WC5D6GMwcsdqoeIpD/wce3k0H2Gfu6+rINBmbITtn4DTf3PkOcDIwdDceN2qkZanloFVriS3kABUIh1ehYIXQibLRFY5rXdQnhY2CZNrQFIMwl64hK5P5hQbcyJKGDHAYzXV7oupdXy5F9oyEd6eA5ix+n1jKFRB7PmApZmuiQjzfExVKmBPGxRzOGT0qR5vLylQheiSC77nkerawUyjA2QlIa/SmNzXEYkN3goDzHSFKBauB0o5qFc1b1x7dXPCFL0atG5UxoRr/Ep7tiab4DZmYEnOGkL2dVN8jA04F+HQGBeP6nDOSKhXRjbUODUpDpDvj+FJf77Rv0p48l9ip8i/bquwukXlMed3O4d6rnEwkggdySS5itiShwaVLPf+icI/Yd4vcPXDPUHTkj1XmoZ4f1mUF17OtCohsJT7O4oMBBMBwqCkC7enrLaALi9jiKym47g2bZH05xJPpWXS/kSEkwt/jI+a+o4CuDPly3XhIcYRtsaWBJWiam1OT7sGQ+zkjTGAa6NfwbR8ScQC8MzDfVnkJ3VnXjT345bz+F7HTAveQ8a7KGxNntPhE0KVjpl369Kq2TMLyexQARJapabBf/ST9zWP7wxzWfrEbX3OEZCuRDVkwWf18BH/Eh6Lqnqg5QM4GuX708NiFpiwQt9p/DAuQdhBrP67BxL64CbI7CgW4Lv3z3qnKfFV9zY5/mxCERn9mPOig2r8WvvXt7ch6nhzBPfCwq0BoPqLKUFgDpeXsNdJ9sW5IV3yi/3Bh98ZBYXzj8g/7XMo6v998fct+EiHPscuqeYUaoJZ6+Zj7W45nGA9DGsnEmZ0Wux2tTj70mDoH//21TiRAx6ypPP+Iq2YDzqh7VXc/gssOn/vU1Aj19gzL+MRn1Z55SMrA7nO90mOgOyEP+uGrXyahfZGPbmpgIx+MTbtfvRtZBsG3EcXyW9NnHJfk4O8xN3hYPWXaB +Io15qB3jYbx1oktbcQPo0hzaNv+PJ5wtT47JLNcbMeMSnwKM8MB4CXlM43RUtKws +6 +-----END DSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-1024line.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-1024line.pem new file mode 100644 index 0000000..185a029 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-1024line.pem @@ -0,0 +1,8 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,A2A7FA3E5E454B59C8777564E7AF3CD6 + +EBDWX0Qfarl+QNsHgCUudLyb6DkC4zyaDU/vUqWyHX0m+8W2bbmT5TexlL3hsM5U +gz7KsGqyjeOuK9QT5LOM4VyK6BgmhqpQaJ1MgCWA/gbBPTgBp2jfp3oS0WC5D6GMwcsdqoeIpD/wce3k0H2Gfu6+rINBmbITtn4DTf3PkOcDIwdDceN2qkZanloFVriS3kABUIh1ehYIXQibLRFY5rXdQnhY2CZNrQFIMwl64hK5P5hQbcyJKGDHAYzXV7oupdXy5F9oyEd6eA5ix+n1jKFRB7PmApZmuiQjzfExVKmBPGxRzOGT0qR5vLylQheiSC77nkerawUyjA2QlIa/SmNzXEYkN3goDzHSFKBauB0o5qFc1b1x7dXPCFL0atG5UxoRr/Ep7tiab4DZmYEnOGkL2dVN8jA04F+HQGBeP6nDOSKhXRjbUODUpDpDvj+FJf77Rv0p48l9ip8i/bquwukXlMed3O4d6rnEwkggdySS5itiShwaVLPf+icI/Yd4vcPXDPUHTkj1XmoZ4f1mUF17OtCohsJT7O4oMBBMBwqCkC7enrLaALi9jiKym47g2bZH05xJPpWXS/kSEkwt/jI+a+o4CuDPly3XhIcYRtsaWBJWiam1OT7sGQ+zkjTGAa6NfwbR8ScQC8MzDfVnkJ3VnXjT345bz+F7HTAveQ8a7KGxNntPhE0KVjpl369Kq2TMLyexQARJapabBf/ST9zWP7wxzWfrEbX3OEZCuRDVkwWf18BH/Eh6Lqnqg5QM4GuX708NiFpiwQt9p/DAuQdhBrP67BxL64CbI7CgW4Lv3z3qnKfFV9zY5/mxCERn9mPOig2r8WvvXt7ch6nhzBPfCwq0BoPqLKUFgDpeXsNdJ9sW5IV3yi/3Bh98ZBYXzj8g/7XMo6v998fct+EiHPscuqeYUaoJZ6+Zj7W45nGA9DGsnEmZ0Wux2tTj70mDoH//21TiRAx6ypPP+Iq2YDzqh7VXc/gssOn/vU1Aj19gzL+MRn1Z55SMrA7nO90mOgOyEP+uGrXyahfZGPbmpgIx+MTbtfvRtZBsG3EcXyW9NnHJfk4O8xN3hYPWXaBI +o15qB3jYbx1oktbcQPo0hzaNv+PJ5wtT47JLNcbMeMSnwKM8MB4CXlM43RUtKws6 +-----END DSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-1025line.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-1025line.pem new file mode 100644 index 0000000..fa449c9 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-1025line.pem @@ -0,0 +1,8 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,A2A7FA3E5E454B59C8777564E7AF3CD6 + +EBDWX0Qfarl+QNsHgCUudLyb6DkC4zyaDU/vUqWyHX0m+8W2bbmT5TexlL3hsM5U +gz7KsGqyjeOuK9QT5LOM4VyK6BgmhqpQaJ1MgCWA/gbBPTgBp2jfp3oS0WC5D6GMwcsdqoeIpD/wce3k0H2Gfu6+rINBmbITtn4DTf3PkOcDIwdDceN2qkZanloFVriS3kABUIh1ehYIXQibLRFY5rXdQnhY2CZNrQFIMwl64hK5P5hQbcyJKGDHAYzXV7oupdXy5F9oyEd6eA5ix+n1jKFRB7PmApZmuiQjzfExVKmBPGxRzOGT0qR5vLylQheiSC77nkerawUyjA2QlIa/SmNzXEYkN3goDzHSFKBauB0o5qFc1b1x7dXPCFL0atG5UxoRr/Ep7tiab4DZmYEnOGkL2dVN8jA04F+HQGBeP6nDOSKhXRjbUODUpDpDvj+FJf77Rv0p48l9ip8i/bquwukXlMed3O4d6rnEwkggdySS5itiShwaVLPf+icI/Yd4vcPXDPUHTkj1XmoZ4f1mUF17OtCohsJT7O4oMBBMBwqCkC7enrLaALi9jiKym47g2bZH05xJPpWXS/kSEkwt/jI+a+o4CuDPly3XhIcYRtsaWBJWiam1OT7sGQ+zkjTGAa6NfwbR8ScQC8MzDfVnkJ3VnXjT345bz+F7HTAveQ8a7KGxNntPhE0KVjpl369Kq2TMLyexQARJapabBf/ST9zWP7wxzWfrEbX3OEZCuRDVkwWf18BH/Eh6Lqnqg5QM4GuX708NiFpiwQt9p/DAuQdhBrP67BxL64CbI7CgW4Lv3z3qnKfFV9zY5/mxCERn9mPOig2r8WvvXt7ch6nhzBPfCwq0BoPqLKUFgDpeXsNdJ9sW5IV3yi/3Bh98ZBYXzj8g/7XMo6v998fct+EiHPscuqeYUaoJZ6+Zj7W45nGA9DGsnEmZ0Wux2tTj70mDoH//21TiRAx6ypPP+Iq2YDzqh7VXc/gssOn/vU1Aj19gzL+MRn1Z55SMrA7nO90mOgOyEP+uGrXyahfZGPbmpgIx+MTbtfvRtZBsG3EcXyW9NnHJfk4O8xN3hYPWXaBIo +15qB3jYbx1oktbcQPo0hzaNv+PJ5wtT47JLNcbMeMSnwKM8MB4CXlM43RUtKws6 +-----END DSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-255line.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-255line.pem new file mode 100644 index 0000000..36a5b12 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-255line.pem @@ -0,0 +1,21 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,A2A7FA3E5E454B59C8777564E7AF3CD6 + +EBDWX0Qfarl+QNsHgCUudLyb6DkC4zyaDU/vUqWyHX0m+8W2bbmT5TexlL3hsM5U +gz7KsGqyjeOuK9QT5LOM4VyK6BgmhqpQaJ1MgCWA/gbBPTgBp2jfp3oS0WC5D6GM +wcsdqoeIpD/wce3k0H2Gfu6+rINBmbITtn4DTf3PkOcDIwdDceN2qkZanloFVriS +3kABUIh1ehYIXQibLRFY5rXdQnhY2CZNrQFIMwl64hK5P5hQbcyJKGDHAYzXV7ou +pdXy5F9oyEd6eA5ix+n1jKFRB7PmApZmuiQjzfExVKmBPGxRzOGT0qR5vLylQhei +SC77nkerawUyjA2QlIa/SmNzXEYkN3goDzHSFKBauB0o5qFc1b1x7dXPCFL0atG5 +UxoRr/Ep7tiab4DZmYEnOGkL2dVN8jA04F+HQGBeP6nDOSKhXRjbUODUpDpDvj+F +Jf77Rv0p48l9ip8i/bquwukXlMed3O4d6rnEwkggdySS5itiShwaVLPf+icI/Yd4 +vcPXDPUHTkj1XmoZ4f1mUF17OtCohsJT7O4oMBBMBwqCkC7enrLaALi9jiKym47g +2bZH05xJPpWXS/kSEkwt/jI+a+o4CuDPly3XhIcYRtsaWBJWiam1OT7sGQ+zkjTGAa6NfwbR8ScQC8MzDfVnkJ3VnXjT345bz+F7HTAveQ8a7KGxNntPhE0KVjpl369Kq2TMLyexQARJapabBf/ST9zWP7wxzWfrEbX3OEZCuRDVkwWf18BH/Eh6Lqnqg5QM4GuX708NiFpiwQt9p/DAuQdhBrP67BxL64CbI7CgW4Lv3z3qnKfFV9zY5/mxCER +n9mPOig2r8WvvXt7ch6nhzBPfCwq0BoPqLKUFgDpeXsNdJ9sW5IV3yi/3Bh98ZBY +Xzj8g/7XMo6v998fct+EiHPscuqeYUaoJZ6+Zj7W45nGA9DGsnEmZ0Wux2tTj70m +DoH//21TiRAx6ypPP+Iq2YDzqh7VXc/gssOn/vU1Aj19gzL+MRn1Z55SMrA7nO90 +mOgOyEP+uGrXyahfZGPbmpgIx+MTbtfvRtZBsG3EcXyW9NnHJfk4O8xN3hYPWXaB +Io15qB3jYbx1oktbcQPo0hzaNv+PJ5wtT47JLNcbMeMSnwKM8MB4CXlM43RUtKws +6 +-----END DSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-256line.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-256line.pem new file mode 100644 index 0000000..6ba6c39 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-256line.pem @@ -0,0 +1,20 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,A2A7FA3E5E454B59C8777564E7AF3CD6 + +EBDWX0Qfarl+QNsHgCUudLyb6DkC4zyaDU/vUqWyHX0m+8W2bbmT5TexlL3hsM5U +gz7KsGqyjeOuK9QT5LOM4VyK6BgmhqpQaJ1MgCWA/gbBPTgBp2jfp3oS0WC5D6GM +wcsdqoeIpD/wce3k0H2Gfu6+rINBmbITtn4DTf3PkOcDIwdDceN2qkZanloFVriS +3kABUIh1ehYIXQibLRFY5rXdQnhY2CZNrQFIMwl64hK5P5hQbcyJKGDHAYzXV7ou +pdXy5F9oyEd6eA5ix+n1jKFRB7PmApZmuiQjzfExVKmBPGxRzOGT0qR5vLylQhei +SC77nkerawUyjA2QlIa/SmNzXEYkN3goDzHSFKBauB0o5qFc1b1x7dXPCFL0atG5UxoRr/Ep7tiab4DZmYEnOGkL2dVN8jA04F+HQGBeP6nDOSKhXRjbUODUpDpDvj+FJf77Rv0p48l9ip8i/bquwukXlMed3O4d6rnEwkggdySS5itiShwaVLPf+icI/Yd4vcPXDPUHTkj1XmoZ4f1mUF17OtCohsJT7O4oMBBMBwqCkC7enrLaALi9jiKym47g +2bZH05xJPpWXS/kSEkwt/jI+a+o4CuDPly3XhIcYRtsaWBJWiam1OT7sGQ+zkjTG +Aa6NfwbR8ScQC8MzDfVnkJ3VnXjT345bz+F7HTAveQ8a7KGxNntPhE0KVjpl369K +q2TMLyexQARJapabBf/ST9zWP7wxzWfrEbX3OEZCuRDVkwWf18BH/Eh6Lqnqg5QM +4GuX708NiFpiwQt9p/DAuQdhBrP67BxL64CbI7CgW4Lv3z3qnKfFV9zY5/mxCERn +9mPOig2r8WvvXt7ch6nhzBPfCwq0BoPqLKUFgDpeXsNdJ9sW5IV3yi/3Bh98ZBYX +zj8g/7XMo6v998fct+EiHPscuqeYUaoJZ6+Zj7W45nGA9DGsnEmZ0Wux2tTj70mD +oH//21TiRAx6ypPP+Iq2YDzqh7VXc/gssOn/vU1Aj19gzL+MRn1Z55SMrA7nO90m +OgOyEP+uGrXyahfZGPbmpgIx+MTbtfvRtZBsG3EcXyW9NnHJfk4O8xN3hYPWXaBI +o15qB3jYbx1oktbcQPo0hzaNv+PJ5wtT47JLNcbMeMSnwKM8MB4CXlM43RUtKws6 +-----END DSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-257line.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-257line.pem new file mode 100644 index 0000000..a73d700 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-257line.pem @@ -0,0 +1,20 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,A2A7FA3E5E454B59C8777564E7AF3CD6 + +EBDWX0Qfarl+QNsHgCUudLyb6DkC4zyaDU/vUqWyHX0m+8W2bbmT5TexlL3hsM5U +gz7KsGqyjeOuK9QT5LOM4VyK6BgmhqpQaJ1MgCWA/gbBPTgBp2jfp3oS0WC5D6GM +wcsdqoeIpD/wce3k0H2Gfu6+rINBmbITtn4DTf3PkOcDIwdDceN2qkZanloFVriS +3kABUIh1ehYIXQibLRFY5rXdQnhY2CZNrQFIMwl64hK5P5hQbcyJKGDHAYzXV7ou +pdXy5F9oyEd6eA5ix+n1jKFRB7PmApZmuiQjzfExVKmBPGxRzOGT0qR5vLylQhei +SC77nkerawUyjA2QlIa/SmNzXEYkN3goDzHSFKBauB0o5qFc1b1x7dXPCFL0atG5 +UxoRr/Ep7tiab4DZmYEnOGkL2dVN8jA04F+HQGBeP6nDOSKhXRjbUODUpDpDvj+F +Jf77Rv0p48l9ip8i/bquwukXlMed3O4d6rnEwkggdySS5itiShwaVLPf+icI/Yd4 +vcPXDPUHTkj1XmoZ4f1mUF17OtCohsJT7O4oMBBMBwqCkC7enrLaALi9jiKym47g +2bZH05xJPpWXS/kSEkwt/jI+a+o4CuDPly3XhIcYRtsaWBJWiam1OT7sGQ+zkjTG +Aa6NfwbR8ScQC8MzDfVnkJ3VnXjT345bz+F7HTAveQ8a7KGxNntPhE0KVjpl369K +q2TMLyexQARJapabBf/ST9zWP7wxzWfrEbX3OEZCuRDVkwWf18BH/Eh6Lqnqg5QM +4GuX708NiFpiwQt9p/DAuQdhBrP67BxL64CbI7CgW4Lv3z3qnKfFV9zY5/mxCERn +9mPOig2r8WvvXt7ch6nhzBPfCwq0BoPqLKUFgDpeXsNdJ9sW5IV3yi/3Bh98ZBYXzj8g/7XMo6v998fct+EiHPscuqeYUaoJZ6+Zj7W45nGA9DGsnEmZ0Wux2tTj70mDoH//21TiRAx6ypPP+Iq2YDzqh7VXc/gssOn/vU1Aj19gzL+MRn1Z55SMrA7nO90mOgOyEP+uGrXyahfZGPbmpgIx+MTbtfvRtZBsG3EcXyW9NnHJfk4O8xN3hYPWXaBIo +15qB3jYbx1oktbcQPo0hzaNv+PJ5wtT47JLNcbMeMSnwKM8MB4CXlM43RUtKws6 +-----END DSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-blankline.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-blankline.pem new file mode 100644 index 0000000..6f46e27 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-blankline.pem @@ -0,0 +1,24 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,A2A7FA3E5E454B59C8777564E7AF3CD6 + +EBDWX0Qfarl+QNsHgCUudLyb6DkC4zyaDU/vUqWyHX0m+8W2bbmT5TexlL3hsM5U +gz7KsGqyjeOuK9QT5LOM4VyK6BgmhqpQaJ1MgCWA/gbBPTgBp2jfp3oS0WC5D6GM +wcsdqoeIpD/wce3k0H2Gfu6+rINBmbITtn4DTf3PkOcDIwdDceN2qkZanloFVriS +3kABUIh1ehYIXQibLRFY5rXdQnhY2CZNrQFIMwl64hK5P5hQbcyJKGDHAYzXV7ou +pdXy5F9oyEd6eA5ix+n1jKFRB7PmApZmuiQjzfExVKmBPGxRzOGT0qR5vLylQhei +SC77nkerawUyjA2QlIa/SmNzXEYkN3goDzHSFKBauB0o5qFc1b1x7dXPCFL0atG5 +UxoRr/Ep7tiab4DZmYEnOGkL2dVN8jA04F+HQGBeP6nDOSKhXRjbUODUpDpDvj+F +Jf77Rv0p48l9ip8i/bquwukXlMed3O4d6rnEwkggdySS5itiShwaVLPf+icI/Yd4 +vcPXDPUHTkj1XmoZ4f1mUF17OtCohsJT7O4oMBBMBwqCkC7enrLaALi9jiKym47g +2bZH05xJPpWXS/kSEkwt/jI+a+o4CuDPly3XhIcYRtsaWBJWiam1OT7sGQ+zkjTG +Aa6NfwbR8ScQC8MzDfVnkJ3VnXjT345bz+F7HTAveQ8a7KGxNntPhE0KVjpl369K +q2TMLyexQARJapabBf/ST9zWP7wxzWfrEbX3OEZCuRDVkwWf18BH/Eh6Lqnqg5QM +4GuX708NiFpiwQt9p/DAuQdhBrP67BxL64CbI7CgW4Lv3z3qnKfFV9zY5/mxCERn +9mPOig2r8WvvXt7ch6nhzBPfCwq0BoPqLKUFgDpeXsNdJ9sW5IV3yi/3Bh98ZBYX +zj8g/7XMo6v998fct+EiHPscuqeYUaoJZ6+Zj7W45nGA9DGsnEmZ0Wux2tTj70mD + +oH//21TiRAx6ypPP+Iq2YDzqh7VXc/gssOn/vU1Aj19gzL+MRn1Z55SMrA7nO90m +OgOyEP+uGrXyahfZGPbmpgIx+MTbtfvRtZBsG3EcXyW9NnHJfk4O8xN3hYPWXaBI +o15qB3jYbx1oktbcQPo0hzaNv+PJ5wtT47JLNcbMeMSnwKM8MB4CXlM43RUtKws6 +-----END DSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-comment.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-comment.pem new file mode 100644 index 0000000..bb96ec4 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-comment.pem @@ -0,0 +1,24 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,A2A7FA3E5E454B59C8777564E7AF3CD6 + +EBDWX0Qfarl+QNsHgCUudLyb6DkC4zyaDU/vUqWyHX0m+8W2bbmT5TexlL3hsM5U +gz7KsGqyjeOuK9QT5LOM4VyK6BgmhqpQaJ1MgCWA/gbBPTgBp2jfp3oS0WC5D6GM +wcsdqoeIpD/wce3k0H2Gfu6+rINBmbITtn4DTf3PkOcDIwdDceN2qkZanloFVriS +3kABUIh1ehYIXQibLRFY5rXdQnhY2CZNrQFIMwl64hK5P5hQbcyJKGDHAYzXV7ou +pdXy5F9oyEd6eA5ix+n1jKFRB7PmApZmuiQjzfExVKmBPGxRzOGT0qR5vLylQhei +SC77nkerawUyjA2QlIa/SmNzXEYkN3goDzHSFKBauB0o5qFc1b1x7dXPCFL0atG5 +UxoRr/Ep7tiab4DZmYEnOGkL2dVN8jA04F+HQGBeP6nDOSKhXRjbUODUpDpDvj+F +Jf77Rv0p48l9ip8i/bquwukXlMed3O4d6rnEwkggdySS5itiShwaVLPf+icI/Yd4 +vcPXDPUHTkj1XmoZ4f1mUF17OtCohsJT7O4oMBBMBwqCkC7enrLaALi9jiKym47g +-vcPXDPUHTkj1XmoZ4f1mUF17OtCohsJT7O4oMBBMBwqCkC7enrLaALi9jiKym47g +2bZH05xJPpWXS/kSEkwt/jI+a+o4CuDPly3XhIcYRtsaWBJWiam1OT7sGQ+zkjTG +Aa6NfwbR8ScQC8MzDfVnkJ3VnXjT345bz+F7HTAveQ8a7KGxNntPhE0KVjpl369K +q2TMLyexQARJapabBf/ST9zWP7wxzWfrEbX3OEZCuRDVkwWf18BH/Eh6Lqnqg5QM +4GuX708NiFpiwQt9p/DAuQdhBrP67BxL64CbI7CgW4Lv3z3qnKfFV9zY5/mxCERn +9mPOig2r8WvvXt7ch6nhzBPfCwq0BoPqLKUFgDpeXsNdJ9sW5IV3yi/3Bh98ZBYX +zj8g/7XMo6v998fct+EiHPscuqeYUaoJZ6+Zj7W45nGA9DGsnEmZ0Wux2tTj70mD +oH//21TiRAx6ypPP+Iq2YDzqh7VXc/gssOn/vU1Aj19gzL+MRn1Z55SMrA7nO90m +OgOyEP+uGrXyahfZGPbmpgIx+MTbtfvRtZBsG3EcXyW9NnHJfk4O8xN3hYPWXaBI +o15qB3jYbx1oktbcQPo0hzaNv+PJ5wtT47JLNcbMeMSnwKM8MB4CXlM43RUtKws6 +-----END DSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-corruptedheader.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-corruptedheader.pem new file mode 100644 index 0000000..7ed4261 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-corruptedheader.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCARPTED +DEK-Info: AES-256-CBC,A2A7FA3E5E454B59C8777564E7AF3CD6 + +EBDWX0Qfarl+QNsHgCUudLyb6DkC4zyaDU/vUqWyHX0m+8W2bbmT5TexlL3hsM5U +gz7KsGqyjeOuK9QT5LOM4VyK6BgmhqpQaJ1MgCWA/gbBPTgBp2jfp3oS0WC5D6GM +wcsdqoeIpD/wce3k0H2Gfu6+rINBmbITtn4DTf3PkOcDIwdDceN2qkZanloFVriS +3kABUIh1ehYIXQibLRFY5rXdQnhY2CZNrQFIMwl64hK5P5hQbcyJKGDHAYzXV7ou +pdXy5F9oyEd6eA5ix+n1jKFRB7PmApZmuiQjzfExVKmBPGxRzOGT0qR5vLylQhei +SC77nkerawUyjA2QlIa/SmNzXEYkN3goDzHSFKBauB0o5qFc1b1x7dXPCFL0atG5 +UxoRr/Ep7tiab4DZmYEnOGkL2dVN8jA04F+HQGBeP6nDOSKhXRjbUODUpDpDvj+F +Jf77Rv0p48l9ip8i/bquwukXlMed3O4d6rnEwkggdySS5itiShwaVLPf+icI/Yd4 +vcPXDPUHTkj1XmoZ4f1mUF17OtCohsJT7O4oMBBMBwqCkC7enrLaALi9jiKym47g +2bZH05xJPpWXS/kSEkwt/jI+a+o4CuDPly3XhIcYRtsaWBJWiam1OT7sGQ+zkjTG +Aa6NfwbR8ScQC8MzDfVnkJ3VnXjT345bz+F7HTAveQ8a7KGxNntPhE0KVjpl369K +q2TMLyexQARJapabBf/ST9zWP7wxzWfrEbX3OEZCuRDVkwWf18BH/Eh6Lqnqg5QM +4GuX708NiFpiwQt9p/DAuQdhBrP67BxL64CbI7CgW4Lv3z3qnKfFV9zY5/mxCERn +9mPOig2r8WvvXt7ch6nhzBPfCwq0BoPqLKUFgDpeXsNdJ9sW5IV3yi/3Bh98ZBYX +zj8g/7XMo6v998fct+EiHPscuqeYUaoJZ6+Zj7W45nGA9DGsnEmZ0Wux2tTj70mD +oH//21TiRAx6ypPP+Iq2YDzqh7VXc/gssOn/vU1Aj19gzL+MRn1Z55SMrA7nO90m +OgOyEP+uGrXyahfZGPbmpgIx+MTbtfvRtZBsG3EcXyW9NnHJfk4O8xN3hYPWXaBI +o15qB3jYbx1oktbcQPo0hzaNv+PJ5wtT47JLNcbMeMSnwKM8MB4CXlM43RUtKws6 +-----END DSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-corruptiv.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-corruptiv.pem new file mode 100644 index 0000000..233e201 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-corruptiv.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,A2A7FA3E5E464B59C8777564E7AF3CD6 + +EBDWX0Qfarl+QNsHgCUudLyb6DkC4zyaDU/vUqWyHX0m+8W2bbmT5TexlL3hsM5U +gz7KsGqyjeOuK9QT5LOM4VyK6BgmhqpQaJ1MgCWA/gbBPTgBp2jfp3oS0WC5D6GM +wcsdqoeIpD/wce3k0H2Gfu6+rINBmbITtn4DTf3PkOcDIwdDceN2qkZanloFVriS +3kABUIh1ehYIXQibLRFY5rXdQnhY2CZNrQFIMwl64hK5P5hQbcyJKGDHAYzXV7ou +pdXy5F9oyEd6eA5ix+n1jKFRB7PmApZmuiQjzfExVKmBPGxRzOGT0qR5vLylQhei +SC77nkerawUyjA2QlIa/SmNzXEYkN3goDzHSFKBauB0o5qFc1b1x7dXPCFL0atG5 +UxoRr/Ep7tiab4DZmYEnOGkL2dVN8jA04F+HQGBeP6nDOSKhXRjbUODUpDpDvj+F +Jf77Rv0p48l9ip8i/bquwukXlMed3O4d6rnEwkggdySS5itiShwaVLPf+icI/Yd4 +vcPXDPUHTkj1XmoZ4f1mUF17OtCohsJT7O4oMBBMBwqCkC7enrLaALi9jiKym47g +2bZH05xJPpWXS/kSEkwt/jI+a+o4CuDPly3XhIcYRtsaWBJWiam1OT7sGQ+zkjTG +Aa6NfwbR8ScQC8MzDfVnkJ3VnXjT345bz+F7HTAveQ8a7KGxNntPhE0KVjpl369K +q2TMLyexQARJapabBf/ST9zWP7wxzWfrEbX3OEZCuRDVkwWf18BH/Eh6Lqnqg5QM +4GuX708NiFpiwQt9p/DAuQdhBrP67BxL64CbI7CgW4Lv3z3qnKfFV9zY5/mxCERn +9mPOig2r8WvvXt7ch6nhzBPfCwq0BoPqLKUFgDpeXsNdJ9sW5IV3yi/3Bh98ZBYX +zj8g/7XMo6v998fct+EiHPscuqeYUaoJZ6+Zj7W45nGA9DGsnEmZ0Wux2tTj70mD +oH//21TiRAx6ypPP+Iq2YDzqh7VXc/gssOn/vU1Aj19gzL+MRn1Z55SMrA7nO90m +OgOyEP+uGrXyahfZGPbmpgIx+MTbtfvRtZBsG3EcXyW9NnHJfk4O8xN3hYPWXaBI +o15qB3jYbx1oktbcQPo0hzaNv+PJ5wtT47JLNcbMeMSnwKM8MB4CXlM43RUtKws6 +-----END DSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-earlypad.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-earlypad.pem new file mode 100644 index 0000000..9f14e3b --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-earlypad.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,A2A7FA3E5E454B59C8777564E7AF3CD6 + +EBDWX0Qfarl+QNsHgCUudLyb6DkC4zyaDU/vUqWyHX0m+8W2bbmT5TexlL3hsM5U +====gz7KsGqyjeOuK9QT5LOM4VyK6BgmhqpQaJ1MgCWA/gbBPTgBp2jfp3oS0WC5D6GM +wcsdqoeIpD/wce3k0H2Gfu6+rINBmbITtn4DTf3PkOcDIwdDceN2qkZanloFVriS +3kABUIh1ehYIXQibLRFY5rXdQnhY2CZNrQFIMwl64hK5P5hQbcyJKGDHAYzXV7ou +pdXy5F9oyEd6eA5ix+n1jKFRB7PmApZmuiQjzfExVKmBPGxRzOGT0qR5vLylQhei +SC77nkerawUyjA2QlIa/SmNzXEYkN3goDzHSFKBauB0o5qFc1b1x7dXPCFL0atG5 +UxoRr/Ep7tiab4DZmYEnOGkL2dVN8jA04F+HQGBeP6nDOSKhXRjbUODUpDpDvj+F +Jf77Rv0p48l9ip8i/bquwukXlMed3O4d6rnEwkggdySS5itiShwaVLPf+icI/Yd4 +vcPXDPUHTkj1XmoZ4f1mUF17OtCohsJT7O4oMBBMBwqCkC7enrLaALi9jiKym47g +2bZH05xJPpWXS/kSEkwt/jI+a+o4CuDPly3XhIcYRtsaWBJWiam1OT7sGQ+zkjTG +Aa6NfwbR8ScQC8MzDfVnkJ3VnXjT345bz+F7HTAveQ8a7KGxNntPhE0KVjpl369K +q2TMLyexQARJapabBf/ST9zWP7wxzWfrEbX3OEZCuRDVkwWf18BH/Eh6Lqnqg5QM +4GuX708NiFpiwQt9p/DAuQdhBrP67BxL64CbI7CgW4Lv3z3qnKfFV9zY5/mxCERn +9mPOig2r8WvvXt7ch6nhzBPfCwq0BoPqLKUFgDpeXsNdJ9sW5IV3yi/3Bh98ZBYX +zj8g/7XMo6v998fct+EiHPscuqeYUaoJZ6+Zj7W45nGA9DGsnEmZ0Wux2tTj70mD +oH//21TiRAx6ypPP+Iq2YDzqh7VXc/gssOn/vU1Aj19gzL+MRn1Z55SMrA7nO90m +OgOyEP+uGrXyahfZGPbmpgIx+MTbtfvRtZBsG3EcXyW9NnHJfk4O8xN3hYPWXaBI +o15qB3jYbx1oktbcQPo0hzaNv+PJ5wtT47JLNcbMeMSnwKM8MB4CXlM43RUtKws6 +-----END DSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-extrapad.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-extrapad.pem new file mode 100644 index 0000000..1823973 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-extrapad.pem @@ -0,0 +1,24 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,A2A7FA3E5E454B59C8777564E7AF3CD6 + +EBDWX0Qfarl+QNsHgCUudLyb6DkC4zyaDU/vUqWyHX0m+8W2bbmT5TexlL3hsM5U +gz7KsGqyjeOuK9QT5LOM4VyK6BgmhqpQaJ1MgCWA/gbBPTgBp2jfp3oS0WC5D6GM +wcsdqoeIpD/wce3k0H2Gfu6+rINBmbITtn4DTf3PkOcDIwdDceN2qkZanloFVriS +3kABUIh1ehYIXQibLRFY5rXdQnhY2CZNrQFIMwl64hK5P5hQbcyJKGDHAYzXV7ou +pdXy5F9oyEd6eA5ix+n1jKFRB7PmApZmuiQjzfExVKmBPGxRzOGT0qR5vLylQhei +SC77nkerawUyjA2QlIa/SmNzXEYkN3goDzHSFKBauB0o5qFc1b1x7dXPCFL0atG5 +UxoRr/Ep7tiab4DZmYEnOGkL2dVN8jA04F+HQGBeP6nDOSKhXRjbUODUpDpDvj+F +Jf77Rv0p48l9ip8i/bquwukXlMed3O4d6rnEwkggdySS5itiShwaVLPf+icI/Yd4 +vcPXDPUHTkj1XmoZ4f1mUF17OtCohsJT7O4oMBBMBwqCkC7enrLaALi9jiKym47g +2bZH05xJPpWXS/kSEkwt/jI+a+o4CuDPly3XhIcYRtsaWBJWiam1OT7sGQ+zkjTG +Aa6NfwbR8ScQC8MzDfVnkJ3VnXjT345bz+F7HTAveQ8a7KGxNntPhE0KVjpl369K +q2TMLyexQARJapabBf/ST9zWP7wxzWfrEbX3OEZCuRDVkwWf18BH/Eh6Lqnqg5QM +4GuX708NiFpiwQt9p/DAuQdhBrP67BxL64CbI7CgW4Lv3z3qnKfFV9zY5/mxCERn +9mPOig2r8WvvXt7ch6nhzBPfCwq0BoPqLKUFgDpeXsNdJ9sW5IV3yi/3Bh98ZBYX +zj8g/7XMo6v998fct+EiHPscuqeYUaoJZ6+Zj7W45nGA9DGsnEmZ0Wux2tTj70mD +oH//21TiRAx6ypPP+Iq2YDzqh7VXc/gssOn/vU1Aj19gzL+MRn1Z55SMrA7nO90m +OgOyEP+uGrXyahfZGPbmpgIx+MTbtfvRtZBsG3EcXyW9NnHJfk4O8xN3hYPWXaBI +o15qB3jYbx1oktbcQPo0hzaNv+PJ5wtT47JLNcbMeMSnwKM8MB4CXlM43RUtKws6 +==== +-----END DSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-infixwhitespace.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-infixwhitespace.pem new file mode 100644 index 0000000..5755265 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-infixwhitespace.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,A2A7FA3E5E454B59C8777564E7AF3CD6 + +EBDWX0Qfarl+QNsHgCUudLyb6DkC4zyaDU/vUqWyHX0m+8W2bbmT5TexlL3hsM5U +gz7KsGqyjeOuK9QT5LOM4VyK6BgmhqpQaJ1MgCWA/gbBPTgBp2jfp3oS0WC5D6GM +wcsdqoeIpD/wce3k0H2Gfu6+rINBmbITtn4DTf3PkOcDIwdDceN2qkZanloFVriS +3kABUIh1ehYIXQibLRFY5rXdQnhY2CZNrQFIMwl64hK5P5hQbcyJKGDHAYzXV7ou +pdXy5F9oyEd6eA5ix+n1jKFRB7PmApZmuiQjzfExVKmBPGxRzOGT0qR5vLylQhei +SC77nkerawUyjA2QlIa/SmNzXEYkN3goDzHSFKBauB0o5qFc1b1x7dXPCFL0atG5 +UxoRr/Ep7tiab4DZmYEnOGkL2dVN8jA04F+HQGBeP6nDOSKhXRjbUODUpDpDvj+F +Jf77Rv0p48l9ip8i/bqu wukXlMed3O4d6rnEwkggdySS5itiShwaVLPf+icI/Yd4 +vcPXDPUHTkj1XmoZ4f1mUF17OtCohsJT7O4oMBBMBwqCkC7enrLaALi9jiKym47g +2bZH05xJPpWXS/kSEkwt/jI+a+o4CuDPly3XhIcYRtsaWBJWiam1OT7sGQ+zkjTG +Aa6NfwbR8ScQC8MzDfVnkJ3VnXjT345bz+F7HTAveQ8a7KGxNntPhE0KVjpl369K +q2TMLyexQARJapabBf/ST9zWP7wxz WfrEbX3OEZCuRDVkwWf18BH/Eh6Lqnqg5QM +4GuX708NiFpiwQt9p/DAuQdhBrP67BxL64CbI7CgW4Lv3z3qnKfFV9zY5/mxCERn +9mPOig2r8WvvXt7ch6nhzBPfCwq0BoPqLKUFgDpeXsNdJ9sW5IV3yi/3Bh98ZBYX +zj8g/7XMo6v998fct+EiHPscuqeYUaoJZ6+Zj7W45nGA9DGsnEmZ0Wux2tTj70mD +oH//21TiRAx6ypPP+Iq2YDzqh7VXc/gssOn/vU1Aj19gzL+MRn1Z55SMrA7nO90m +OgOyEP+uGrXyahfZGPbmpgIx+MTbtfvRtZBsG3EcXyW9NnHJfk4O8xN3hYPWXaBI +o15qB3jYbx1oktbcQPo0hzaNv+PJ5wtT47JLNcbMeMSnwKM8MB4CXlM43RUtKws6 +-----END DSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-junk.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-junk.pem new file mode 100644 index 0000000..0836c45 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-junk.pem @@ -0,0 +1,24 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,A2A7FA3E5E454B59C8777564E7AF3CD6 + +EBDWX0Qfarl+QNsHgCUudLyb6DkC4zyaDU/vUqWyHX0m+8W2bbmT5TexlL3hsM5U +gz7KsGqyjeOuK9QT5LOM4VyK6BgmhqpQaJ1MgCWA/gbBPTgBp2jfp3oS0WC5D6GM +wcsdqoeIpD/wce3k0H2Gfu6+rINBmbITtn4DTf3PkOcDIwdDceN2qkZanloFVriS +3kABUIh1ehYIXQibLRFY5rXdQnhY2CZNrQFIMwl64hK5P5hQbcyJKGDHAYzXV7ou +pdXy5F9oyEd6eA5ix+n1jKFRB7PmApZmuiQjzfExVKmBPGxRzOGT0qR5vLylQhei +SC77nkerawUyjA2QlIa/SmNzXEYkN3goDzHSFKBauB0o5qFc1b1x7dXPCFL0atG5 +UxoRr/Ep7tiab4DZmYEnOGkL2dVN8jA04F+HQGBeP6nDOSKhXRjbUODUpDpDvj+F +Jf77Rv0p48l9ip8i/bquwukXlMed3O4d6rnEwkggdySS5itiShwaVLPf+icI/Yd4 +!"#$%&() +vcPXDPUHTkj1XmoZ4f1mUF17OtCohsJT7O4oMBBMBwqCkC7enrLaALi9jiKym47g +2bZH05xJPpWXS/kSEkwt/jI+a+o4CuDPly3XhIcYRtsaWBJWiam1OT7sGQ+zkjTG +Aa6NfwbR8ScQC8MzDfVnkJ3VnXjT345bz+F7HTAveQ8a7KGxNntPhE0KVjpl369K +q2TMLyexQARJapabBf/ST9zWP7wxzWfrEbX3OEZCuRDVkwWf18BH/Eh6Lqnqg5QM +4GuX708NiFpiwQt9p/DAuQdhBrP67BxL64CbI7CgW4Lv3z3qnKfFV9zY5/mxCERn +9mPOig2r8WvvXt7ch6nhzBPfCwq0BoPqLKUFgDpeXsNdJ9sW5IV3yi/3Bh98ZBYX +zj8g/7XMo6v998fct+EiHPscuqeYUaoJZ6+Zj7W45nGA9DGsnEmZ0Wux2tTj70mD +oH//21TiRAx6ypPP+Iq2YDzqh7VXc/gssOn/vU1Aj19gzL+MRn1Z55SMrA7nO90m +OgOyEP+uGrXyahfZGPbmpgIx+MTbtfvRtZBsG3EcXyW9NnHJfk4O8xN3hYPWXaBI +o15qB3jYbx1oktbcQPo0hzaNv+PJ5wtT47JLNcbMeMSnwKM8MB4CXlM43RUtKws6 +-----END DSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-leadingwhitespace.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-leadingwhitespace.pem new file mode 100644 index 0000000..8bbf261 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-leadingwhitespace.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,A2A7FA3E5E454B59C8777564E7AF3CD6 + + EBDWX0Qfarl+QNsHgCUudLyb6DkC4zyaDU/vUqWyHX0m+8W2bbmT5TexlL3hsM5U + gz7KsGqyjeOuK9QT5LOM4VyK6BgmhqpQaJ1MgCWA/gbBPTgBp2jfp3oS0WC5D6GM + wcsdqoeIpD/wce3k0H2Gfu6+rINBmbITtn4DTf3PkOcDIwdDceN2qkZanloFVriS + 3kABUIh1ehYIXQibLRFY5rXdQnhY2CZNrQFIMwl64hK5P5hQbcyJKGDHAYzXV7ou + pdXy5F9oyEd6eA5ix+n1jKFRB7PmApZmuiQjzfExVKmBPGxRzOGT0qR5vLylQhei + SC77nkerawUyjA2QlIa/SmNzXEYkN3goDzHSFKBauB0o5qFc1b1x7dXPCFL0atG5 + UxoRr/Ep7tiab4DZmYEnOGkL2dVN8jA04F+HQGBeP6nDOSKhXRjbUODUpDpDvj+F + Jf77Rv0p48l9ip8i/bquwukXlMed3O4d6rnEwkggdySS5itiShwaVLPf+icI/Yd4 + vcPXDPUHTkj1XmoZ4f1mUF17OtCohsJT7O4oMBBMBwqCkC7enrLaALi9jiKym47g + 2bZH05xJPpWXS/kSEkwt/jI+a+o4CuDPly3XhIcYRtsaWBJWiam1OT7sGQ+zkjTG + Aa6NfwbR8ScQC8MzDfVnkJ3VnXjT345bz+F7HTAveQ8a7KGxNntPhE0KVjpl369K + q2TMLyexQARJapabBf/ST9zWP7wxzWfrEbX3OEZCuRDVkwWf18BH/Eh6Lqnqg5QM + 4GuX708NiFpiwQt9p/DAuQdhBrP67BxL64CbI7CgW4Lv3z3qnKfFV9zY5/mxCERn + 9mPOig2r8WvvXt7ch6nhzBPfCwq0BoPqLKUFgDpeXsNdJ9sW5IV3yi/3Bh98ZBYX + zj8g/7XMo6v998fct+EiHPscuqeYUaoJZ6+Zj7W45nGA9DGsnEmZ0Wux2tTj70mD + oH//21TiRAx6ypPP+Iq2YDzqh7VXc/gssOn/vU1Aj19gzL+MRn1Z55SMrA7nO90m + OgOyEP+uGrXyahfZGPbmpgIx+MTbtfvRtZBsG3EcXyW9NnHJfk4O8xN3hYPWXaBI + o15qB3jYbx1oktbcQPo0hzaNv+PJ5wtT47JLNcbMeMSnwKM8MB4CXlM43RUtKws6 +-----END DSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-longline.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-longline.pem new file mode 100644 index 0000000..75973ef --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-longline.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,A2A7FA3E5E454B59C8777564E7AF3CD6 + +EBDWX0Qfarl+QNsHgCUudLyb6DkC4zyaDU/vUqWyHX0m+8W2bbmT5TexlL3hsM5U +gz7KsGqyjeOuK9QT5LOM4VyK6BgmhqpQaJ1MgCWA/gbBPTgBp2jfp3oS0WC5D6GM +wcsdqoeIpD/wce3k0H2Gfu6+rINBmbITtn4DTf3PkOcDIwdDceN2qkZanloFVriS +3kABUIh1ehYIXQibLRFY5rXdQnhY2CZNrQFIMwl64hK5P5hQbcyJKGDHAYzXV7ou +pdXy5F9oyEd6eA5ix+n1jKFRB7PmApZmuiQjzfExVKmBPGxRzOGT0qR5vLylQhei +SC77nkerawUyjA2QlIa/SmNzXEYkN3goDzHSFKBauB0o5qFc1b1x7dXPCFL0atG5 +UxoRr/Ep7tiab4DZmYEnOGkL2dVN8jA04F+HQGBeP6nDOSKhXRjbUODUpDpDvj+F +Jf77Rv0p48l9ip8i/bquwukXlMed3O4d6rnEwkggdySS5itiShwaVLPf+icI/Yd4 +vcPXDPUHTkj1XmoZ4f1mUF17OtCohsJT7O4oMBBMBwqCkC7enrLaALi9jiKym47g +2bZH05xJPpWXS/kSEkwt/jI+a+o4CuDPly3XhIcYRtsaWBJWiam1OT7sGQ+zkjTG +Aa6NfwbR8ScQC8MzDfVnkJ3VnXjT345bz+F7HTAveQ8a7KGxNntPhE0KVjpl369K +q2TMLyexQARJapabBf/ST9zWP7wxzWfrEbX3OEZCuRDVkwWf18BH/Eh6Lqnqg5QM +4GuX708NiFpiwQt9p/DAuQdhBrP67BxL64CbI7CgW4Lv3z3qnKfFV9zY5/mxCERn +9mPOig2r8WvvXt7ch6nhzBPfCwq0BoPqLKUFgDpeXsNdJ9sW5IV3yi/3Bh98ZBYX +zj8g/7XMo6v998fct+EiHPscuqeYUaoJZ6+Zj7W45nGA9DGsnEmZ0Wux2tTj70mD +oH//21TiRAx6ypPP+Iq2YDzqh7VXc/gssOn/vU1Aj19gzL+MRn1Z55SMrA7nO90m +OgOyEP+uGrXyahfZGPbmpgIx+MTbtfvRtZBsG3EcXyW9NnHJfk4O8xN3hYPWXaBIo +15qB3jYbx1oktbcQPo0hzaNv+PJ5wtT47JLNcbMeMSnwKM8MB4CXlM43RUtKws6 +-----END DSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-misalignedpad.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-misalignedpad.pem new file mode 100644 index 0000000..ad8c366 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-misalignedpad.pem @@ -0,0 +1,24 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,A2A7FA3E5E454B59C8777564E7AF3CD6 + +EBDWX0Qfarl+QNsHgCUudLyb6DkC4zyaDU/vUqWyHX0m+8W2bbmT5TexlL3hsM5U +gz7KsGqyjeOuK9QT5LOM4VyK6BgmhqpQaJ1MgCWA/gbBPTgBp2jfp3oS0WC5D6GM +wcsdqoeIpD/wce3k0H2Gfu6+rINBmbITtn4DTf3PkOcDIwdDceN2qkZanloFVriS +3kABUIh1ehYIXQibLRFY5rXdQnhY2CZNrQFIMwl64hK5P5hQbcyJKGDHAYzXV7ou +pdXy5F9oyEd6eA5ix+n1jKFRB7PmApZmuiQjzfExVKmBPGxRzOGT0qR5vLylQhei +SC77nkerawUyjA2QlIa/SmNzXEYkN3goDzHSFKBauB0o5qFc1b1x7dXPCFL0atG5 +UxoRr/Ep7tiab4DZmYEnOGkL2dVN8jA04F+HQGBeP6nDOSKhXRjbUODUpDpDvj+F +Jf77Rv0p48l9ip8i/bquwukXlMed3O4d6rnEwkggdySS5itiShwaVLPf+icI/Yd4 +vcPXDPUHTkj1XmoZ4f1mUF17OtCohsJT7O4oMBBMBwqCkC7enrLaALi9jiKym47g +2bZH05xJPpWXS/kSEkwt/jI+a+o4CuDPly3XhIcYRtsaWBJWiam1OT7sGQ+zkjTG +Aa6NfwbR8ScQC8MzDfVnkJ3VnXjT345bz+F7HTAveQ8a7KGxNntPhE0KVjpl369K +q2TMLyexQARJapabBf/ST9zWP7wxzWfrEbX3OEZCuRDVkwWf18BH/Eh6Lqnqg5QM +4GuX708NiFpiwQt9p/DAuQdhBrP67BxL64CbI7CgW4Lv3z3qnKfFV9zY5/mxCERn +9mPOig2r8WvvXt7ch6nhzBPfCwq0BoPqLKUFgDpeXsNdJ9sW5IV3yi/3Bh98ZBYX +zj8g/7XMo6v998fct+EiHPscuqeYUaoJZ6+Zj7W45nGA9DGsnEmZ0Wux2tTj70mD +oH//21TiRAx6ypPP+Iq2YDzqh7VXc/gssOn/vU1Aj19gzL+MRn1Z55SMrA7nO90m +OgOyEP+uGrXyahfZGPbmpgIx+MTbtfvRtZBsG3EcXyW9NnHJfk4O8xN3hYPWXaBI +o15qB3jYbx1oktbcQPo0hzaNv+PJ5wtT47JLNcbMeMSnwKM8MB4CXlM43RUtKws6 += +-----END DSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-onecolumn.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-onecolumn.pem new file mode 100644 index 0000000..61b8ed5 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-onecolumn.pem @@ -0,0 +1,1157 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,A2A7FA3E5E454B59C8777564E7AF3CD6 + +E +B +D +W +X +0 +Q +f +a +r +l ++ +Q +N +s +H +g +C +U +u +d +L +y +b +6 +D +k +C +4 +z +y +a +D +U +/ +v +U +q +W +y +H +X +0 +m ++ +8 +W +2 +b +b +m +T +5 +T +e +x +l +L +3 +h +s +M +5 +U +g +z +7 +K +s +G +q +y +j +e +O +u +K +9 +Q +T +5 +L +O +M +4 +V +y +K +6 +B +g +m +h +q +p +Q +a +J +1 +M +g +C +W +A +/ +g +b +B +P +T +g +B +p +2 +j +f +p +3 +o +S +0 +W +C +5 +D +6 +G +M +w +c +s +d +q +o +e +I +p +D +/ +w +c +e +3 +k +0 +H +2 +G +f +u +6 ++ +r +I +N +B +m +b +I +T +t +n +4 +D +T +f +3 +P +k +O +c +D +I +w +d +D +c +e +N +2 +q +k +Z +a +n +l +o +F +V +r +i +S +3 +k +A +B +U +I +h +1 +e +h +Y +I +X +Q +i +b +L +R +F +Y +5 +r +X +d +Q +n +h +Y +2 +C +Z +N +r +Q +F +I +M +w +l +6 +4 +h +K +5 +P +5 +h +Q +b +c +y +J +K +G +D +H +A +Y +z +X +V +7 +o +u +p +d +X +y +5 +F +9 +o +y +E +d +6 +e +A +5 +i +x ++ +n +1 +j +K +F +R +B +7 +P +m +A +p +Z +m +u +i +Q +j +z +f +E +x +V +K +m +B +P +G +x +R +z +O +G +T +0 +q +R +5 +v +L +y +l +Q +h +e +i +S +C +7 +7 +n +k +e +r +a +w +U +y +j +A +2 +Q +l +I +a +/ +S +m +N +z +X +E +Y +k +N +3 +g +o +D +z +H +S +F +K +B +a +u +B +0 +o +5 +q +F +c +1 +b +1 +x +7 +d +X +P +C +F +L +0 +a +t +G +5 +U +x +o +R +r +/ +E +p +7 +t +i +a +b +4 +D +Z +m +Y +E +n +O +G +k +L +2 +d +V +N +8 +j +A +0 +4 +F ++ +H +Q +G +B +e +P +6 +n +D +O +S +K +h +X +R +j +b +U +O +D +U +p +D +p +D +v +j ++ +F +J +f +7 +7 +R +v +0 +p +4 +8 +l +9 +i +p +8 +i +/ +b +q +u +w +u +k +X +l +M +e +d +3 +O +4 +d +6 +r +n +E +w +k +g +g +d +y +S +S +5 +i +t +i +S +h +w +a +V +L +P +f ++ +i +c +I +/ +Y +d +4 +v +c +P +X +D +P +U +H +T +k +j +1 +X +m +o +Z +4 +f +1 +m +U +F +1 +7 +O +t +C +o +h +s +J +T +7 +O +4 +o +M +B +B +M +B +w +q +C +k +C +7 +e +n +r +L +a +A +L +i +9 +j +i +K +y +m +4 +7 +g +2 +b +Z +H +0 +5 +x +J +P +p +W +X +S +/ +k +S +E +k +w +t +/ +j +I ++ +a ++ +o +4 +C +u +D +P +l +y +3 +X +h +I +c +Y +R +t +s +a +W +B +J +W +i +a +m +1 +O +T +7 +s +G +Q ++ +z +k +j +T +G +A +a +6 +N +f +w +b +R +8 +S +c +Q +C +8 +M +z +D +f +V +n +k +J +3 +V +n +X +j +T +3 +4 +5 +b +z ++ +F +7 +H +T +A +v +e +Q +8 +a +7 +K +G +x +N +n +t +P +h +E +0 +K +V +j +p +l +3 +6 +9 +K +q +2 +T +M +L +y +e +x +Q +A +R +J +a +p +a +b +B +f +/ +S +T +9 +z +W +P +7 +w +x +z +W +f +r +E +b +X +3 +O +E +Z +C +u +R +D +V +k +w +W +f +1 +8 +B +H +/ +E +h +6 +L +q +n +q +g +5 +Q +M +4 +G +u +X +7 +0 +8 +N +i +F +p +i +w +Q +t +9 +p +/ +D +A +u +Q +d +h +B +r +P +6 +7 +B +x +L +6 +4 +C +b +I +7 +C +g +W +4 +L +v +3 +z +3 +q +n +K +f +F +V +9 +z +Y +5 +/ +m +x +C +E +R +n +9 +m +P +O +i +g +2 +r +8 +W +v +v +X +t +7 +c +h +6 +n +h +z +B +P +f +C +w +q +0 +B +o +P +q +L +K +U +F +g +D +p +e +X +s +N +d +J +9 +s +W +5 +I +V +3 +y +i +/ +3 +B +h +9 +8 +Z +B +Y +X +z +j +8 +g +/ +7 +X +M +o +6 +v +9 +9 +8 +f +c +t ++ +E +i +H +P +s +c +u +q +e +Y +U +a +o +J +Z +6 ++ +Z +j +7 +W +4 +5 +n +G +A +9 +D +G +s +n +E +m +Z +0 +W +u +x +2 +t +T +j +7 +0 +m +D +o +H +/ +/ +2 +1 +T +i +R +A +x +6 +y +p +P +P ++ +I +q +2 +Y +D +z +q +h +7 +V +X +c +/ +g +s +s +O +n +/ +v +U +1 +A +j +1 +9 +g +z +L ++ +M +R +n +1 +Z +5 +5 +S +M +r +A +7 +n +O +9 +0 +m +O +g +O +y +E +P ++ +u +G +r +X +y +a +h +f +Z +G +P +b +m +p +g +I +x ++ +M +T +b +t +f +v +R +t +Z +B +s +G +3 +E +c +X +y +W +9 +N +n +H +J +f +k +4 +O +8 +x +N +3 +h +Y +P +W +X +a +B +I +o +1 +5 +q +B +3 +j +Y +b +x +1 +o +k +t +b +c +Q +P +o +0 +h +z +a +N +v ++ +P +J +5 +w +t +T +4 +7 +J +L +N +c +b +M +e +M +S +n +w +K +M +8 +M +B +4 +C +X +l +M +4 +3 +R +U +t +K +w +s +6 +-----END DSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-oneline.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-oneline.pem new file mode 100644 index 0000000..176f1e8 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-oneline.pem @@ -0,0 +1,6 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,A2A7FA3E5E454B59C8777564E7AF3CD6 + +EBDWX0Qfarl+QNsHgCUudLyb6DkC4zyaDU/vUqWyHX0m+8W2bbmT5TexlL3hsM5Ugz7KsGqyjeOuK9QT5LOM4VyK6BgmhqpQaJ1MgCWA/gbBPTgBp2jfp3oS0WC5D6GMwcsdqoeIpD/wce3k0H2Gfu6+rINBmbITtn4DTf3PkOcDIwdDceN2qkZanloFVriS3kABUIh1ehYIXQibLRFY5rXdQnhY2CZNrQFIMwl64hK5P5hQbcyJKGDHAYzXV7oupdXy5F9oyEd6eA5ix+n1jKFRB7PmApZmuiQjzfExVKmBPGxRzOGT0qR5vLylQheiSC77nkerawUyjA2QlIa/SmNzXEYkN3goDzHSFKBauB0o5qFc1b1x7dXPCFL0atG5UxoRr/Ep7tiab4DZmYEnOGkL2dVN8jA04F+HQGBeP6nDOSKhXRjbUODUpDpDvj+FJf77Rv0p48l9ip8i/bquwukXlMed3O4d6rnEwkggdySS5itiShwaVLPf+icI/Yd4vcPXDPUHTkj1XmoZ4f1mUF17OtCohsJT7O4oMBBMBwqCkC7enrLaALi9jiKym47g2bZH05xJPpWXS/kSEkwt/jI+a+o4CuDPly3XhIcYRtsaWBJWiam1OT7sGQ+zkjTGAa6NfwbR8ScQC8MzDfVnkJ3VnXjT345bz+F7HTAveQ8a7KGxNntPhE0KVjpl369Kq2TMLyexQARJapabBf/ST9zWP7wxzWfrEbX3OEZCuRDVkwWf18BH/Eh6Lqnqg5QM4GuX708NiFpiwQt9p/DAuQdhBrP67BxL64CbI7CgW4Lv3z3qnKfFV9zY5/mxCERn9mPOig2r8WvvXt7ch6nhzBPfCwq0BoPqLKUFgDpeXsNdJ9sW5IV3yi/3Bh98ZBYXzj8g/7XMo6v998fct+EiHPscuqeYUaoJZ6+Zj7W45nGA9DGsnEmZ0Wux2tTj70mDoH//21TiRAx6ypPP+Iq2YDzqh7VXc/gssOn/vU1Aj19gzL+MRn1Z55SMrA7nO90mOgOyEP+uGrXyahfZGPbmpgIx+MTbtfvRtZBsG3EcXyW9NnHJfk4O8xN3hYPWXaBIo15qB3jYbx1oktbcQPo0hzaNv+PJ5wtT47JLNcbMeMSnwKM8MB4CXlM43RUtKws6 +-----END DSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-onelineheader.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-onelineheader.pem new file mode 100644 index 0000000..d07095b --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-onelineheader.pem @@ -0,0 +1,22 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED DEK-Info: AES-256-CBC,A2A7FA3E5E454B59C8777564E7AF3CD6 + +EBDWX0Qfarl+QNsHgCUudLyb6DkC4zyaDU/vUqWyHX0m+8W2bbmT5TexlL3hsM5U +gz7KsGqyjeOuK9QT5LOM4VyK6BgmhqpQaJ1MgCWA/gbBPTgBp2jfp3oS0WC5D6GM +wcsdqoeIpD/wce3k0H2Gfu6+rINBmbITtn4DTf3PkOcDIwdDceN2qkZanloFVriS +3kABUIh1ehYIXQibLRFY5rXdQnhY2CZNrQFIMwl64hK5P5hQbcyJKGDHAYzXV7ou +pdXy5F9oyEd6eA5ix+n1jKFRB7PmApZmuiQjzfExVKmBPGxRzOGT0qR5vLylQhei +SC77nkerawUyjA2QlIa/SmNzXEYkN3goDzHSFKBauB0o5qFc1b1x7dXPCFL0atG5 +UxoRr/Ep7tiab4DZmYEnOGkL2dVN8jA04F+HQGBeP6nDOSKhXRjbUODUpDpDvj+F +Jf77Rv0p48l9ip8i/bquwukXlMed3O4d6rnEwkggdySS5itiShwaVLPf+icI/Yd4 +vcPXDPUHTkj1XmoZ4f1mUF17OtCohsJT7O4oMBBMBwqCkC7enrLaALi9jiKym47g +2bZH05xJPpWXS/kSEkwt/jI+a+o4CuDPly3XhIcYRtsaWBJWiam1OT7sGQ+zkjTG +Aa6NfwbR8ScQC8MzDfVnkJ3VnXjT345bz+F7HTAveQ8a7KGxNntPhE0KVjpl369K +q2TMLyexQARJapabBf/ST9zWP7wxzWfrEbX3OEZCuRDVkwWf18BH/Eh6Lqnqg5QM +4GuX708NiFpiwQt9p/DAuQdhBrP67BxL64CbI7CgW4Lv3z3qnKfFV9zY5/mxCERn +9mPOig2r8WvvXt7ch6nhzBPfCwq0BoPqLKUFgDpeXsNdJ9sW5IV3yi/3Bh98ZBYX +zj8g/7XMo6v998fct+EiHPscuqeYUaoJZ6+Zj7W45nGA9DGsnEmZ0Wux2tTj70mD +oH//21TiRAx6ypPP+Iq2YDzqh7VXc/gssOn/vU1Aj19gzL+MRn1Z55SMrA7nO90m +OgOyEP+uGrXyahfZGPbmpgIx+MTbtfvRtZBsG3EcXyW9NnHJfk4O8xN3hYPWXaBI +o15qB3jYbx1oktbcQPo0hzaNv+PJ5wtT47JLNcbMeMSnwKM8MB4CXlM43RUtKws6 +-----END DSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-shortandlongline.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-shortandlongline.pem new file mode 100644 index 0000000..b9a8333 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-shortandlongline.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,A2A7FA3E5E454B59C8777564E7AF3CD6 + +EBDWX0Qfarl+QNsHgCUudLyb6DkC4zyaDU/vUqWyHX0m+8W2bbmT5TexlL3hsM5U +gz7KsGqyjeOuK9QT5LOM4VyK6BgmhqpQaJ1MgCWA/gbBPTgBp2jfp3oS0WC5D6GM +wcsdqoeIpD/wce3k0H2Gfu6+rINBmbITtn4DTf3PkOcDIwdDceN2qkZanloFVriS +3kABUIh1ehYIXQibLRFY5rXdQnhY2CZNrQFIMwl64hK5P5hQbcyJKGDHAYzXV7ou +pdXy5F9oyEd6eA5ix+n1jKFRB7PmApZmuiQjzfExVKmBPGxRzOGT0qR5vLylQhei +SC77nkerawUyjA2QlIa/SmNzXEYkN3goDzHSFKBauB0o5qFc1b1x7dXPCFL0atG5 +UxoRr/Ep7tiab4DZmYEnOGkL2dVN8jA04F+HQGBeP6nDOSKhXRjbUODUpDpDvj+F +Jf77Rv0p48l9ip8i/bquwukXlMed3O4d6rnEwkggdySS5itiShwaVLPf+icI/Yd4 +vcPXDPUHTkj1XmoZ4f1mUF17OtCohsJT7O4oMBBMBwqCkC7enrLaALi9jiKym47g +2bZH05xJPpWXS/kSEkwt/jI+a+o4CuDPly3XhIcYRtsaWBJWiam1OT7sGQ+zkjTG +Aa6NfwbR8ScQC8MzDfVnkJ3VnXjT345bz+F7HTAveQ8a7KGxNntPhE0KVjpl369K +q2TMLyexQARJapabBf/ST9zWP7wxzWfrEbX3OEZCuRDVkwWf18BH/Eh6Lqnqg5QM +4GuX708NiFpiwQt9p/DAuQdhBrP67BxL64CbI7CgW4Lv3z3qnKfFV9zY5/mxCERn +9mPOig2r8WvvXt7ch6nhzBPfCwq0BoPqLKUFgDpeXsNdJ9sW5IV3yi/3Bh98ZBYX +zj8g/7XMo6v998fct+EiHPscuqeYUaoJZ6+Zj7W45nGA9DGsnEmZ0Wux2tTj70mD +oH//21TiRAx6ypPP+Iq2YDzqh7VXc/gssOn/vU1Aj19gzL+MRn1Z55SMrA7nO90mO +gOyEP+uGrXyahfZGPbmpgIx+MTbtfvRtZBsG3EcXyW9NnHJfk4O8xN3hYPWXaBI +o15qB3jYbx1oktbcQPo0hzaNv+PJ5wtT47JLNcbMeMSnwKM8MB4CXlM43RUtKws6 +-----END DSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-shortline.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-shortline.pem new file mode 100644 index 0000000..6da1ab7 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-shortline.pem @@ -0,0 +1,24 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,A2A7FA3E5E454B59C8777564E7AF3CD6 + +EBDWX0Qfarl+QNsHgCUudLyb6DkC4zyaDU/vUqWyHX0m+8W2bbmT5TexlL3hsM5U +gz7KsGqyjeOuK9QT5LOM4VyK6BgmhqpQaJ1MgCWA/gbBPTgBp2jfp3oS0WC5D6GM +wcsdqoeIpD/wce3k0H2Gfu6+rINBmbITtn4DTf3PkOcDIwdDceN2qkZanloFVriS +3kABUIh1ehYIXQibLRFY5rXdQnhY2CZNrQFIMwl64hK5P5hQbcyJKGDHAYzXV7ou +pdXy5F9oyEd6eA5ix+n1jKFRB7PmApZmuiQjzfExVKmBPGxRzOGT0qR5vLylQhei +SC77nkerawUyjA2QlIa/SmNzXEYkN3goDzHSFKBauB0o5qFc1b1x7dXPCFL0atG5 +UxoRr/Ep7tiab4DZmYEnOGkL2dVN8jA04F+HQGBeP6nDOSKhXRjbUODUpDpDvj+F +Jf77Rv0p48l9ip8i/bquwukXlMed3O4d6rnEwkggdySS5itiShwaVLPf+icI/Yd4 +vcPXDPUHTkj1XmoZ4f1mUF17OtCohsJT7O4oMBBMBwqCkC7enrLaALi9jiKym47g +2bZH05xJPpWXS/kSEkwt/jI+a+o4CuDPly3XhIcYRtsaWBJWiam1OT7sGQ+zkjTG +Aa6NfwbR8ScQC8MzDfVnkJ3VnXjT345bz+F7HTAveQ8a7KGxNntPhE0KVjpl369K +q2TMLyexQARJapabBf/ST9zWP7wxzWfrEbX3OEZCuRDVkwWf18BH/Eh6Lqnqg5QM +4GuX708NiFpiwQt9p/DAuQdhBrP67BxL64CbI7CgW4Lv3z3qnKfFV9zY5/mxCERn +9mPOig2r8WvvXt7ch6nhzBPfCwq0BoPqLKUFgDpeXsNdJ9sW5IV3yi/3Bh98ZBYX +zj8g/7XMo6v998fct+EiHPscuqeYUaoJZ6+Zj7W45nGA9DGsnEmZ0Wux2tTj70mD +oH//21TiRAx6ypPP+Iq2YDzqh7VXc/gssOn/vU1Aj19gzL+MRn1Z55SMrA7nO90m +OgOyEP+uGrXyahfZGPbmpgIx+MTbtfvRtZBsG3EcXyW9NnHJfk4O8xN3hYPWXaB +Io15qB3jYbx1oktbcQPo0hzaNv+PJ5wtT47JLNcbMeMSnwKM8MB4CXlM43RUtKws +6 +-----END DSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-threecolumn.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-threecolumn.pem new file mode 100644 index 0000000..e6fcc53 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-threecolumn.pem @@ -0,0 +1,389 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,A2A7FA3E5E454B59C8777564E7AF3CD6 + +EBD +WX0 +Qfa +rl+ +QNs +HgC +Uud +Lyb +6Dk +C4z +yaD +U/v +UqW +yHX +0m+ +8W2 +bbm +T5T +exl +L3h +sM5 +Ugz +7Ks +Gqy +jeO +uK9 +QT5 +LOM +4Vy +K6B +gmh +qpQ +aJ1 +MgC +WA/ +gbB +PTg +Bp2 +jfp +3oS +0WC +5D6 +GMw +csd +qoe +IpD +/wc +e3k +0H2 +Gfu +6+r +INB +mbI +Ttn +4DT +f3P +kOc +DIw +dDc +eN2 +qkZ +anl +oFV +riS +3kA +BUI +h1e +hYI +XQi +bLR +FY5 +rXd +Qnh +Y2C +ZNr +QFI +Mwl +64h +K5P +5hQ +bcy +JKG +DHA +YzX +V7o +upd +Xy5 +F9o +yEd +6eA +5ix ++n1 +jKF +RB7 +PmA +pZm +uiQ +jzf +ExV +KmB +PGx +RzO +GT0 +qR5 +vLy +lQh +eiS +C77 +nke +raw +Uyj +A2Q +lIa +/Sm +NzX +EYk +N3g +oDz +HSF +KBa +uB0 +o5q +Fc1 +b1x +7dX +PCF +L0a +tG5 +Uxo +Rr/ +Ep7 +tia +b4D +ZmY +EnO +GkL +2dV +N8j +A04 +F+H +QGB +eP6 +nDO +SKh +XRj +bUO +DUp +DpD +vj+ +FJf +77R +v0p +48l +9ip +8i/ +bqu +wuk +XlM +ed3 +O4d +6rn +Ewk +ggd +ySS +5it +iSh +waV +LPf ++ic +I/Y +d4v +cPX +DPU +HTk +j1X +moZ +4f1 +mUF +17O +tCo +hsJ +T7O +4oM +BBM +Bwq +CkC +7en +rLa +ALi +9ji +Kym +47g +2bZ +H05 +xJP +pWX +S/k +SEk +wt/ +jI+ +a+o +4Cu +DPl +y3X +hIc +YRt +saW +BJW +iam +1OT +7sG +Q+z +kjT +GAa +6Nf +wbR +8Sc +QC8 +MzD +fVn +kJ3 +VnX +jT3 +45b +z+F +7HT +Ave +Q8a +7KG +xNn +tPh +E0K +Vjp +l36 +9Kq +2TM +Lye +xQA +RJa +pab +Bf/ +ST9 +zWP +7wx +zWf +rEb +X3O +EZC +uRD +Vkw +Wf1 +8BH +/Eh +6Lq +nqg +5QM +4Gu +X70 +8Ni +Fpi +wQt +9p/ +DAu +Qdh +BrP +67B +xL6 +4Cb +I7C +gW4 +Lv3 +z3q +nKf +FV9 +zY5 +/mx +CER +n9m +POi +g2r +8Wv +vXt +7ch +6nh +zBP +fCw +q0B +oPq +LKU +FgD +peX +sNd +J9s +W5I +V3y +i/3 +Bh9 +8ZB +YXz +j8g +/7X +Mo6 +v99 +8fc +t+E +iHP +scu +qeY +Uao +JZ6 ++Zj +7W4 +5nG +A9D +Gsn +EmZ +0Wu +x2t +Tj7 +0mD +oH/ +/21 +TiR +Ax6 +ypP +P+I +q2Y +Dzq +h7V +Xc/ +gss +On/ +vU1 +Aj1 +9gz +L+M +Rn1 +Z55 +SMr +A7n +O90 +mOg +OyE +P+u +GrX +yah +fZG +Pbm +pgI +x+M +Tbt +fvR +tZB +sG3 +EcX +yW9 +NnH +Jfk +4O8 +xN3 +hYP +WXa +BIo +15q +B3j +Ybx +1ok +tbc +QPo +0hz +aNv ++PJ +5wt +T47 +JLN +cbM +eMS +nwK +M8M +B4C +XlM +43R +UtK +ws6 +-----END DSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-trailingwhitespace.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-trailingwhitespace.pem new file mode 100644 index 0000000..0b5de58 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa-trailingwhitespace.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,A2A7FA3E5E454B59C8777564E7AF3CD6 + +EBDWX0Qfarl+QNsHgCUudLyb6DkC4zyaDU/vUqWyHX0m+8W2bbmT5TexlL3hsM5U +gz7KsGqyjeOuK9QT5LOM4VyK6BgmhqpQaJ1MgCWA/gbBPTgBp2jfp3oS0WC5D6GM +wcsdqoeIpD/wce3k0H2Gfu6+rINBmbITtn4DTf3PkOcDIwdDceN2qkZanloFVriS +3kABUIh1ehYIXQibLRFY5rXdQnhY2CZNrQFIMwl64hK5P5hQbcyJKGDHAYzXV7ou +pdXy5F9oyEd6eA5ix+n1jKFRB7PmApZmuiQjzfExVKmBPGxRzOGT0qR5vLylQhei +SC77nkerawUyjA2QlIa/SmNzXEYkN3goDzHSFKBauB0o5qFc1b1x7dXPCFL0atG5 +UxoRr/Ep7tiab4DZmYEnOGkL2dVN8jA04F+HQGBeP6nDOSKhXRjbUODUpDpDvj+F +Jf77Rv0p48l9ip8i/bquwukXlMed3O4d6rnEwkggdySS5itiShwaVLPf+icI/Yd4 +vcPXDPUHTkj1XmoZ4f1mUF17OtCohsJT7O4oMBBMBwqCkC7enrLaALi9jiKym47g +2bZH05xJPpWXS/kSEkwt/jI+a+o4CuDPly3XhIcYRtsaWBJWiam1OT7sGQ+zkjTG +Aa6NfwbR8ScQC8MzDfVnkJ3VnXjT345bz+F7HTAveQ8a7KGxNntPhE0KVjpl369K +q2TMLyexQARJapabBf/ST9zWP7wxzWfrEbX3OEZCuRDVkwWf18BH/Eh6Lqnqg5QM +4GuX708NiFpiwQt9p/DAuQdhBrP67BxL64CbI7CgW4Lv3z3qnKfFV9zY5/mxCERn +9mPOig2r8WvvXt7ch6nhzBPfCwq0BoPqLKUFgDpeXsNdJ9sW5IV3yi/3Bh98ZBYX +zj8g/7XMo6v998fct+EiHPscuqeYUaoJZ6+Zj7W45nGA9DGsnEmZ0Wux2tTj70mD +oH//21TiRAx6ypPP+Iq2YDzqh7VXc/gssOn/vU1Aj19gzL+MRn1Z55SMrA7nO90m +OgOyEP+uGrXyahfZGPbmpgIx+MTbtfvRtZBsG3EcXyW9NnHJfk4O8xN3hYPWXaBI +o15qB3jYbx1oktbcQPo0hzaNv+PJ5wtT47JLNcbMeMSnwKM8MB4CXlM43RUtKws6 +-----END DSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa.pem new file mode 100644 index 0000000..78ebd1b --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsa.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,A2A7FA3E5E454B59C8777564E7AF3CD6 + +EBDWX0Qfarl+QNsHgCUudLyb6DkC4zyaDU/vUqWyHX0m+8W2bbmT5TexlL3hsM5U +gz7KsGqyjeOuK9QT5LOM4VyK6BgmhqpQaJ1MgCWA/gbBPTgBp2jfp3oS0WC5D6GM +wcsdqoeIpD/wce3k0H2Gfu6+rINBmbITtn4DTf3PkOcDIwdDceN2qkZanloFVriS +3kABUIh1ehYIXQibLRFY5rXdQnhY2CZNrQFIMwl64hK5P5hQbcyJKGDHAYzXV7ou +pdXy5F9oyEd6eA5ix+n1jKFRB7PmApZmuiQjzfExVKmBPGxRzOGT0qR5vLylQhei +SC77nkerawUyjA2QlIa/SmNzXEYkN3goDzHSFKBauB0o5qFc1b1x7dXPCFL0atG5 +UxoRr/Ep7tiab4DZmYEnOGkL2dVN8jA04F+HQGBeP6nDOSKhXRjbUODUpDpDvj+F +Jf77Rv0p48l9ip8i/bquwukXlMed3O4d6rnEwkggdySS5itiShwaVLPf+icI/Yd4 +vcPXDPUHTkj1XmoZ4f1mUF17OtCohsJT7O4oMBBMBwqCkC7enrLaALi9jiKym47g +2bZH05xJPpWXS/kSEkwt/jI+a+o4CuDPly3XhIcYRtsaWBJWiam1OT7sGQ+zkjTG +Aa6NfwbR8ScQC8MzDfVnkJ3VnXjT345bz+F7HTAveQ8a7KGxNntPhE0KVjpl369K +q2TMLyexQARJapabBf/ST9zWP7wxzWfrEbX3OEZCuRDVkwWf18BH/Eh6Lqnqg5QM +4GuX708NiFpiwQt9p/DAuQdhBrP67BxL64CbI7CgW4Lv3z3qnKfFV9zY5/mxCERn +9mPOig2r8WvvXt7ch6nhzBPfCwq0BoPqLKUFgDpeXsNdJ9sW5IV3yi/3Bh98ZBYX +zj8g/7XMo6v998fct+EiHPscuqeYUaoJZ6+Zj7W45nGA9DGsnEmZ0Wux2tTj70mD +oH//21TiRAx6ypPP+Iq2YDzqh7VXc/gssOn/vU1Aj19gzL+MRn1Z55SMrA7nO90m +OgOyEP+uGrXyahfZGPbmpgIx+MTbtfvRtZBsG3EcXyW9NnHJfk4O8xN3hYPWXaBI +o15qB3jYbx1oktbcQPo0hzaNv+PJ5wtT47JLNcbMeMSnwKM8MB4CXlM43RUtKws6 +-----END DSA PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/dsaparam.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsaparam.pem new file mode 100644 index 0000000..60563cb --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/dsaparam.pem @@ -0,0 +1,14 @@ +-----BEGIN DSA PARAMETERS----- +MIICLAKCAQEArjV9Th2W4p8AlmBabk0HjaV8vPmt15/V6e6mM1Hee3LSdapxd/Fj ++7bsWroNcqIaHGS45YkJbclvC3/Szp/vh1q2Zy/v7utZ9V7/qCiEnls3CRGAfAhc +1eFIS9Jo+z+fK2tsDUgbGoDC6xEbN3nWjItyPmelBQ5Bip41ULTSQCdr/eBka1s4 +QpS1Sdrvbng3zTCJw0VQe5yM5xyYcHFdeV/v6JSFUz7voyzOGqt91l4UzVFUiZ13 +5Pgi8DUQdQVxUU+MTFwNLCy+bDTuEoKHAxkGEqiq9A08ScxwWtgy7jJQhXDoGP10 +gFMyV+5Qya7rrrYiMhZrjFna7h0z30yiPQIhAK0tbhew8+vHuO6VePIX9TMBZ7ze +k//uQOh/8ZNtS4cTAoIBAGZv2mOljtJM1UUtdl1fzUq0GkI1hjpvqfonq94DITYK +BynJL21JqPfG9JLXc8HYdg5hpwtulrjIyzg1EiB5pQgoNVy8UhavUroPw7FjEicL +dKRHQ9YwuJwuQBTNmX/ojjewqT9U6WYiYUz4SQNXFDIdNz3ikviOoGpmY/Cwbgcr +Pb/QhGqqHzB3ZeX89exVznPbvqeNOp967U+vooBMMJ4oSWVA8ANFVpmikxucRt69 +qKtfkD+3P9RvjVow4dRjOmp8jyT82RQoCeSEThdDVrjUS6IpRdMT8MJ2mwGggG6T +Y16HJCAq/7ufqJlsp5oAuX3aZsnAcnIiDxrMI9m3Xxs= +-----END DSA PARAMETERS----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/key.pem b/openssl-1.1.0h/test/recipes/04-test_pem_data/key.pem new file mode 100644 index 0000000..8de7e65 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC7MOIrqH+ZIJiZ +droKMrelKMSvvRKg2MEgj/sx9TaHHqrKys4AiL4Rq/ybQEigFC6G8mpZWbBrU+vN +2SLr1ZsPftCHIY12LF560WLYTYNqDgF5BdCZCrjJ2hhN+XwML2tgYdWioV/Eey8S +JSqUskf03MpcwnLbVfSphwmowqNfiEFFqPBCf7E8IVarGWctbMpvlMbAM5owhMev +/Ccmqqt81NFkb1WVejvN5v/JKv243/Xedf4I7ZJv7zKeswoP9piFzWHXCd9SIVzW +qF77u/crHufIhoEa7NkZhSC2aosQF619iKnfk0nqWaLDJ182CCXkHERoQC7q9X2I +GLDLoA0XAgMBAAECggEAcEBMIGoWuji1ybFMtrjbL4tXBxuWhCX3ChPNSpQFctmN +Cba7+c4GTIqaHG9cHcJ8dCgCZjpGdNYKXZKMQmgBaDVfzujr76WDsprFb3hsCbkE +YRJ/mIa5cTH7ySaGoLf+5/lDJxcmWqiT/YmUEz8lr0yHfUCNp8HPyalUvYKafbos +5BiXs8lr4XQ/vxL0CtVQx+5T8pmgU6CmP1jjgBqV4Y9RPewSmPNhxKAqm82JYMND +9evNHNpZmDpwTMygwwL0oJ0DV0nq0uqzuk1ORcp7YIph7IFGcdi4n7Y4Y2U6B8Ok +ITY684qpcXgy+qO1A8AwDEJ34wiIWb8Mi8S84KdTIQKBgQDhHmCdpWKzwLETlHQR +V9wT3ulySmxG0t8kSgNOFRVUZNXQ0ij2v8rOJ7R0QzJ+kCqvdxJ5QHNlUFKkOFMA +SnSy098iEz5skwRhHof7ZNa3U6oRRSauUcZcThWL+z14nhTIC1m99KpACV6fl3jj +MVEYYpG6n7jZ0wKUGMStxT1q9QKBgQDU3pOgNLnFasMIujvXI3ARSK6xIpkBTq89 +n6pmn9XeMWs/H6wQRO5wpUXbg+/3/d4tnezrDG9Lg5aPV8ca/zJ7IP8iNyLnhiUY +c9O6hKAW1fxddt9megzBDvsBgRzhytnv3OSpM+idgtsJ7Tvkevmt4K5j6gitpJpb +1A1erknoWwKBgCM5zKZ+bZ5xBYRp02uvUtmtJNxkduLyNkaIalH6jJbjHG4LpKtP +wZ1Wqy8SIMGbL4K7YCGnCyeMVRIrWhmOjQo6iwza9AarTqEf1OlqkwqmxdLj/jSC +yUZCVa7MxoasPdY7qHRH56gTj0HrwtfSLL1jFyibu6IiGaIw6f3DAmRNAoGAL2sx +iYOVSnPg5GXQBLnBMih1ucHSQadMhDa4F8pNMwThNhuREcK5NuCqMh8u6phj0NeY +Ojf35uN2O5I7KTll/mW4T9/mZ5rLUqoipS78FnoukId1dneDtdHnektPqsCsUbFs +QoDstYG713dAW0JFskUVs+4jZsL/G6ueGtRKZHcCgYEA27sBEJtHGLAgEUGSlwSA +acmaIlKpF3EMImgWhlzRN3JC7+z8HJAhoHTxQUdnWfJt2Xl4Z+WmXvv+E7U9ofH7 +kH8fbLcaxwvylPm4hAMlhtL3EqnRDSL4hfZHBrqqf3C0Kv+C8naNxzeCNG6iHxcp +3c7vY4BXTz0dGBGHml6qu5Y= +-----END PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/04-test_pem_data/wellknown b/openssl-1.1.0h/test/recipes/04-test_pem_data/wellknown new file mode 100644 index 0000000..632e28f --- /dev/null +++ b/openssl-1.1.0h/test/recipes/04-test_pem_data/wellknown @@ -0,0 +1 @@ +wellknown diff --git a/openssl-1.1.0h/test/recipes/05-test_bf.t b/openssl-1.1.0h/test/recipes/05-test_bf.t new file mode 100644 index 0000000..64c9609 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/05-test_bf.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_bf", "bftest", "bf"); diff --git a/openssl-1.1.0h/test/recipes/05-test_cast.t b/openssl-1.1.0h/test/recipes/05-test_cast.t new file mode 100644 index 0000000..46c61da --- /dev/null +++ b/openssl-1.1.0h/test/recipes/05-test_cast.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_cast", "casttest", "cast"); diff --git a/openssl-1.1.0h/test/recipes/05-test_des.t b/openssl-1.1.0h/test/recipes/05-test_des.t new file mode 100644 index 0000000..2e6a32b --- /dev/null +++ b/openssl-1.1.0h/test/recipes/05-test_des.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_des", "destest", "des"); diff --git a/openssl-1.1.0h/test/recipes/05-test_hmac.t b/openssl-1.1.0h/test/recipes/05-test_hmac.t new file mode 100644 index 0000000..2059bcc --- /dev/null +++ b/openssl-1.1.0h/test/recipes/05-test_hmac.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_hmac", "hmactest"); diff --git a/openssl-1.1.0h/test/recipes/05-test_idea.t b/openssl-1.1.0h/test/recipes/05-test_idea.t new file mode 100644 index 0000000..ca2b767 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/05-test_idea.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_idea", "ideatest", "idea"); diff --git a/openssl-1.1.0h/test/recipes/05-test_md2.t b/openssl-1.1.0h/test/recipes/05-test_md2.t new file mode 100644 index 0000000..8781af0 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/05-test_md2.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_md2", "md2test", "md2"); diff --git a/openssl-1.1.0h/test/recipes/05-test_md4.t b/openssl-1.1.0h/test/recipes/05-test_md4.t new file mode 100644 index 0000000..59a815b --- /dev/null +++ b/openssl-1.1.0h/test/recipes/05-test_md4.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_md4", "md4test", "md4"); diff --git a/openssl-1.1.0h/test/recipes/05-test_md5.t b/openssl-1.1.0h/test/recipes/05-test_md5.t new file mode 100644 index 0000000..3af4d55 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/05-test_md5.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_md5", "md5test", "md5"); diff --git a/openssl-1.1.0h/test/recipes/05-test_mdc2.t b/openssl-1.1.0h/test/recipes/05-test_mdc2.t new file mode 100644 index 0000000..181c90f --- /dev/null +++ b/openssl-1.1.0h/test/recipes/05-test_mdc2.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_mdc2", "mdc2test", "mdc2"); diff --git a/openssl-1.1.0h/test/recipes/05-test_rand.t b/openssl-1.1.0h/test/recipes/05-test_rand.t new file mode 100644 index 0000000..3b175fa --- /dev/null +++ b/openssl-1.1.0h/test/recipes/05-test_rand.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_rand", "randtest", "rand"); diff --git a/openssl-1.1.0h/test/recipes/05-test_rc2.t b/openssl-1.1.0h/test/recipes/05-test_rc2.t new file mode 100644 index 0000000..77d9382 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/05-test_rc2.t @@ -0,0 +1,11 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use OpenSSL::Test::Simple; + +simple_test("test_rc2", "rc2test", "rc2"); diff --git a/openssl-1.1.0h/test/recipes/05-test_rc4.t b/openssl-1.1.0h/test/recipes/05-test_rc4.t new file mode 100644 index 0000000..a26c9b8 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/05-test_rc4.t @@ -0,0 +1,11 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use OpenSSL::Test::Simple; + +simple_test("test_rc4", "rc4test", "rc4"); diff --git a/openssl-1.1.0h/test/recipes/05-test_rc5.t b/openssl-1.1.0h/test/recipes/05-test_rc5.t new file mode 100644 index 0000000..fda0cd2 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/05-test_rc5.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_rc5", "rc5test", "rc5"); diff --git a/openssl-1.1.0h/test/recipes/05-test_rmd.t b/openssl-1.1.0h/test/recipes/05-test_rmd.t new file mode 100644 index 0000000..b1112e1 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/05-test_rmd.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_rmd", "rmdtest", "rmd"); diff --git a/openssl-1.1.0h/test/recipes/05-test_sha1.t b/openssl-1.1.0h/test/recipes/05-test_sha1.t new file mode 100644 index 0000000..21bb74e --- /dev/null +++ b/openssl-1.1.0h/test/recipes/05-test_sha1.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_sha1", "sha1test", "sha"); diff --git a/openssl-1.1.0h/test/recipes/05-test_sha256.t b/openssl-1.1.0h/test/recipes/05-test_sha256.t new file mode 100644 index 0000000..071a45c --- /dev/null +++ b/openssl-1.1.0h/test/recipes/05-test_sha256.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_sha256", "sha256t", "sha"); diff --git a/openssl-1.1.0h/test/recipes/05-test_sha512.t b/openssl-1.1.0h/test/recipes/05-test_sha512.t new file mode 100644 index 0000000..4ce585c --- /dev/null +++ b/openssl-1.1.0h/test/recipes/05-test_sha512.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_sha512", "sha512t", "sha"); diff --git a/openssl-1.1.0h/test/recipes/05-test_wp.t b/openssl-1.1.0h/test/recipes/05-test_wp.t new file mode 100644 index 0000000..a042898 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/05-test_wp.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_wp", "wp_test", "whirlpool"); diff --git a/openssl-1.1.0h/test/recipes/10-test_bn.t b/openssl-1.1.0h/test/recipes/10-test_bn.t new file mode 100644 index 0000000..13f278e --- /dev/null +++ b/openssl-1.1.0h/test/recipes/10-test_bn.t @@ -0,0 +1,84 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use Math::BigInt; + +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_bn"); + +plan tests => 3; + +require_ok(srctop_file("test","recipes","bc.pl")); + +my $testresults = "tmp.bntest"; +my $init = ok(run(test(["bntest"], stdout => $testresults)), 'initialize'); + + SKIP: { + skip "Initializing failed, skipping", 1 if !$init; + + subtest 'Checking the bn results' => sub { + my @lines = (); + if (open DATA, $testresults) { + @lines = <DATA>; + close DATA; + } + map { s/\R//; } @lines; # chomp(@lines); + + plan tests => scalar grep(/^print /, @lines); + + my $l = ""; + + while (scalar @lines) { + $l = shift @lines; + + last if $l =~ /^print /; + } + + while (1) { + $l =~ s/^print "//; + $l =~ s/\\n"//; + my $t = $l; + my @operations = (); + + $l = undef; + while (scalar @lines) { + $l = shift @lines; + + last if $l =~ /^print /; + push @operations, $l; + $l = undef; + } + + ok(check_operations(@operations), "verify $t"); + + last unless $l; + } + }; + } + +unlink $testresults; + +sub check_operations { + my $failcount = 0; + + foreach my $line (@_) { + my $result = calc(split /\s+/, $line); + + if ($result ne "0" && $result ne "0x0") { + $failcount++; + print STDERR "Failed! $line => $result\n"; + } + } + + return $failcount == 0; +} diff --git a/openssl-1.1.0h/test/recipes/10-test_exp.t b/openssl-1.1.0h/test/recipes/10-test_exp.t new file mode 100644 index 0000000..7e999c4 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/10-test_exp.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_exp", "exptest"); diff --git a/openssl-1.1.0h/test/recipes/15-test_dh.t b/openssl-1.1.0h/test/recipes/15-test_dh.t new file mode 100644 index 0000000..60cb54c --- /dev/null +++ b/openssl-1.1.0h/test/recipes/15-test_dh.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_dh", "dhtest", "dh"); diff --git a/openssl-1.1.0h/test/recipes/15-test_dsa.t b/openssl-1.1.0h/test/recipes/15-test_dsa.t new file mode 100644 index 0000000..2fd236e --- /dev/null +++ b/openssl-1.1.0h/test/recipes/15-test_dsa.t @@ -0,0 +1,40 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use File::Spec; +use OpenSSL::Test qw/:DEFAULT srctop_file/; +use OpenSSL::Test::Utils; + +setup("test_dsa"); + +plan tests => 6; + +require_ok(srctop_file('test','recipes','tconversion.pl')); + +ok(run(test(["dsatest"])), "running dsatest"); +ok(run(test(["dsatest", "-app2_1"])), "running dsatest -app2_1"); + + SKIP: { + skip "Skipping dsa conversion test", 3 + if disabled("dsa"); + + subtest 'dsa conversions -- private key' => sub { + tconversion("dsa", srctop_file("test","testdsa.pem")); + }; + subtest 'dsa conversions -- private key PKCS#8' => sub { + tconversion("dsa", srctop_file("test","testdsa.pem"), "pkey"); + }; + subtest 'dsa conversions -- public key' => sub { + tconversion("msb", srctop_file("test","testdsapub.pem"), "dsa", + "-pubin", "-pubout"); + }; +} diff --git a/openssl-1.1.0h/test/recipes/15-test_ec.t b/openssl-1.1.0h/test/recipes/15-test_ec.t new file mode 100644 index 0000000..a1c704a --- /dev/null +++ b/openssl-1.1.0h/test/recipes/15-test_ec.t @@ -0,0 +1,38 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use File::Spec; +use OpenSSL::Test qw/:DEFAULT srctop_file/; +use OpenSSL::Test::Utils; + +setup("test_ec"); + +plan tests => 5; + +require_ok(srctop_file('test','recipes','tconversion.pl')); + +ok(run(test(["ectest"])), "running ectest"); + + SKIP: { + skip "Skipping ec conversion test", 3 + if disabled("ec"); + + subtest 'ec conversions -- private key' => sub { + tconversion("ec", srctop_file("test","testec-p256.pem")); + }; + subtest 'ec conversions -- private key PKCS#8' => sub { + tconversion("ec", srctop_file("test","testec-p256.pem"), "pkey"); + }; + subtest 'ec conversions -- public key' => sub { + tconversion("ec", srctop_file("test","testecpub-p256.pem"), "ec", "-pubin", "-pubout"); + }; +} diff --git a/openssl-1.1.0h/test/recipes/15-test_ecdsa.t b/openssl-1.1.0h/test/recipes/15-test_ecdsa.t new file mode 100644 index 0000000..82a8559 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/15-test_ecdsa.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_ecdsa", "ecdsatest", "ec"); diff --git a/openssl-1.1.0h/test/recipes/15-test_genrsa.t b/openssl-1.1.0h/test/recipes/15-test_genrsa.t new file mode 100644 index 0000000..cc74e30 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/15-test_genrsa.t @@ -0,0 +1,26 @@ +#! /usr/bin/env perl +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use File::Spec; +use OpenSSL::Test qw/:DEFAULT srctop_file/; +use OpenSSL::Test::Utils; + +setup("test_genrsa"); + +plan tests => 5; + +is(run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem', '8'])), 0, "genrsa -3 8"); +ok(run(app([ 'openssl', 'genrsa', '-3', '-out', 'genrsatest.pem', '16'])), "genrsa -3 16"); +ok(run(app([ 'openssl', 'rsa', '-check', '-in', 'genrsatest.pem', '-noout'])), "rsa -check"); +ok(run(app([ 'openssl', 'genrsa', '-f4', '-out', 'genrsatest.pem', '16'])), "genrsa -f4 16"); +ok(run(app([ 'openssl', 'rsa', '-check', '-in', 'genrsatest.pem', '-noout'])), "rsa -check"); +unlink 'genrsatest.pem'; diff --git a/openssl-1.1.0h/test/recipes/15-test_rsa.t b/openssl-1.1.0h/test/recipes/15-test_rsa.t new file mode 100644 index 0000000..5988821 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/15-test_rsa.t @@ -0,0 +1,47 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use File::Spec; +use OpenSSL::Test qw/:DEFAULT srctop_file/; +use OpenSSL::Test::Utils; + +setup("test_rsa"); + +plan tests => 6; + +require_ok(srctop_file('test','recipes','tconversion.pl')); + +ok(run(test(["rsa_test"])), "running rsatest"); + +ok(run(app([ 'openssl', 'rsa', '-check', '-in', srctop_file('test', 'testrsa.pem'), '-noout'])), "rsa -check"); + + SKIP: { + skip "Skipping rsa conversion test", 3 + if disabled("rsa"); + + subtest 'rsa conversions -- private key' => sub { + tconversion("rsa", srctop_file("test","testrsa.pem")); + }; + subtest 'rsa conversions -- private key PKCS#8' => sub { + tconversion("rsa", srctop_file("test","testrsa.pem"), "pkey"); + }; +} + + SKIP: { + skip "Skipping msblob conversion test", 1 + if disabled("rsa") || disabled("dsa"); + + subtest 'rsa conversions -- public key' => sub { + tconversion("msb", srctop_file("test","testrsapub.pem"), "rsa", + "-pubin", "-pubout"); + }; +} diff --git a/openssl-1.1.0h/test/recipes/15-test_rsapss.t b/openssl-1.1.0h/test/recipes/15-test_rsapss.t new file mode 100644 index 0000000..34accaa --- /dev/null +++ b/openssl-1.1.0h/test/recipes/15-test_rsapss.t @@ -0,0 +1,49 @@ +#! /usr/bin/env perl +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use File::Spec; +use OpenSSL::Test qw/:DEFAULT with srctop_file/; +use OpenSSL::Test::Utils; + +setup("test_rsapss"); + +plan tests => 5; + +#using test/testrsa.pem which happens to be a 512 bit RSA +ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha1', + '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:-2', + '-sigopt', 'rsa_mgf1_md:sha512', '-out', 'testrsapss.sig', + srctop_file('test', 'testrsa.pem')])), + "openssl dgst -sign"); + +with({ exit_checker => sub { return shift == 1; } }, + sub { ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha512', + '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:-2', + '-sigopt', 'rsa_mgf1_md:sha512', srctop_file('test', 'testrsa.pem')])), + "openssl dgst -sign, expect to fail gracefully"); + ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha512', + '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:2147483647', + '-sigopt', 'rsa_mgf1_md:sha1', srctop_file('test', 'testrsa.pem')])), + "openssl dgst -sign, expect to fail gracefully"); + ok(run(app(['openssl', 'dgst', '-prverify', srctop_file('test', 'testrsa.pem'), '-sha512', + '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:-2', + '-sigopt', 'rsa_mgf1_md:sha512', '-signature', 'testrsapss.sig', + srctop_file('test', 'testrsa.pem')])), + "openssl dgst -prverify, expect to fail gracefully"); + }); + +ok(run(app(['openssl', 'dgst', '-prverify', srctop_file('test', 'testrsa.pem'), '-sha1', + '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:-2', + '-sigopt', 'rsa_mgf1_md:sha512', '-signature', 'testrsapss.sig', + srctop_file('test', 'testrsa.pem')])), + "openssl dgst -prverify"); +unlink 'testrsapss.sig'; diff --git a/openssl-1.1.0h/test/recipes/20-test_enc.t b/openssl-1.1.0h/test/recipes/20-test_enc.t new file mode 100644 index 0000000..88a5890 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/20-test_enc.t @@ -0,0 +1,69 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use File::Spec::Functions qw/catfile/; +use File::Copy; +use File::Compare qw/compare_text/; +use File::Basename; +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_enc"); + +# We do it this way, because setup() may have moved us around, +# so the directory portion of $0 might not be correct any more. +# However, the name hasn't changed. +my $testsrc = srctop_file("test","recipes",basename($0)); + +my $test = catfile(".", "p"); + +my $cmd = "openssl"; + +my @ciphers = + map { s/^\s+//; s/\s+$//; split /\s+/ } + run(app([$cmd, "list", "-cipher-commands"]), capture => 1); + +plan tests => 1 + (scalar @ciphers)*2; + +my $init = ok(copy($testsrc,$test)); + +if (!$init) { + diag("Trying to copy $testsrc to $test : $!"); +} + + SKIP: { + skip "Not initialized, skipping...", 11 unless $init; + + foreach my $c (@ciphers) { + my %variant = ("$c" => [], + "$c base64" => [ "-a" ]); + + foreach my $t (sort keys %variant) { + my $cipherfile = "$test.$c.cipher"; + my $clearfile = "$test.$c.clear"; + my @e = ( "$c", "-bufsize", "113", @{$variant{$t}}, "-e", "-k", "test" ); + my @d = ( "$c", "-bufsize", "157", @{$variant{$t}}, "-d", "-k", "test" ); + if ($c eq "cat") { + $cipherfile = "$test.cipher"; + $clearfile = "$test.clear"; + @e = ( "enc", @{$variant{$t}}, "-e" ); + @d = ( "enc", @{$variant{$t}}, "-d" ); + } + + ok(run(app([$cmd, @e, "-in", $test, "-out", $cipherfile])) + && run(app([$cmd, @d, "-in", $cipherfile, "-out", $clearfile])) + && compare_text($test,$clearfile) == 0, $t); + unlink $cipherfile, $clearfile; + } + } +} + +unlink $test; diff --git a/openssl-1.1.0h/test/recipes/20-test_passwd.t b/openssl-1.1.0h/test/recipes/20-test_passwd.t new file mode 100644 index 0000000..cf9c2cc --- /dev/null +++ b/openssl-1.1.0h/test/recipes/20-test_passwd.t @@ -0,0 +1,39 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use OpenSSL::Test; +use OpenSSL::Test::Utils; + +setup("test_passwd"); + +plan tests => disabled("des") ? 4 : 6; + +ok(compare1stline([qw{openssl passwd password}], '^.{13}\R$'), + 'crypt password with random salt') if !disabled("des"); +ok(compare1stline([qw{openssl passwd -1 password}], '^\$1\$.{8}\$.{22}\R$'), + 'BSD style MD5 password with random salt'); +ok(compare1stline([qw{openssl passwd -apr1 password}], '^\$apr1\$.{8}\$.{22}\R$'), + 'Apache style MD5 password with random salt'); +ok(compare1stline([qw{openssl passwd -salt xx password}], '^xxj31ZMTZzkVA\R$'), + 'crypt password with salt xx') if !disabled("des"); +ok(compare1stline([qw{openssl passwd -salt xxxxxxxx -1 password}], '^\$1\$xxxxxxxx\$UYCIxa628\.9qXjpQCjM4a\.\R$'), + 'BSD style MD5 password with salt xxxxxxxx'); +ok(compare1stline([qw{openssl passwd -salt xxxxxxxx -apr1 password}], '^\$apr1\$xxxxxxxx\$dxHfLAsjHkDRmG83UXe8K0\R$'), + 'Apache style MD5 password with salt xxxxxxxx'); + + +sub compare1stline { + my ($cmdarray, $regexp) = @_; + my @lines = run(app($cmdarray), capture => 1); + + return $lines[0] =~ m|$regexp|; +} diff --git a/openssl-1.1.0h/test/recipes/25-test_crl.t b/openssl-1.1.0h/test/recipes/25-test_crl.t new file mode 100644 index 0000000..e8ce5f8 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/25-test_crl.t @@ -0,0 +1,43 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use File::Spec; +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_crl"); + +plan tests => 5; + +require_ok(srctop_file('test','recipes','tconversion.pl')); + +subtest 'crl conversions' => sub { + tconversion("crl", srctop_file("test","testcrl.pem")); +}; + +ok(run(test(['crltest']))); + +ok(compare1stline([qw{openssl crl -noout -fingerprint -in}, + srctop_file('test', 'testcrl.pem')], + 'SHA1 Fingerprint=BA:F4:1B:AD:7A:9B:2F:09:16:BC:60:A7:0E:CE:79:2E:36:00:E7:B2')); +ok(compare1stline([qw{openssl crl -noout -fingerprint -sha256 -in}, + srctop_file('test', 'testcrl.pem')], + 'SHA256 Fingerprint=B3:A9:FD:A7:2E:8C:3D:DF:D0:F1:C3:1A:96:60:B5:FD:B0:99:7C:7F:0E:E4:34:F5:DB:87:62:36:BC:F1:BC:1B')); + +sub compare1stline { + my ($cmdarray, $str) = @_; + my @lines = run(app($cmdarray), capture => 1); + + return 1 if $lines[0] =~ m|^\Q${str}\E\R$|; + note "Got ", $lines[0]; + note "Expected ", $str; + return 0; +} diff --git a/openssl-1.1.0h/test/recipes/25-test_d2i.t b/openssl-1.1.0h/test/recipes/25-test_d2i.t new file mode 100644 index 0000000..688c8ed --- /dev/null +++ b/openssl-1.1.0h/test/recipes/25-test_d2i.t @@ -0,0 +1,93 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use File::Spec; +use OpenSSL::Test qw/:DEFAULT srctop_file/; +use OpenSSL::Test::Utils; + +setup("test_d2i"); + +plan tests => 14; + +ok(run(test(["d2i_test", "X509", "decode", + srctop_file('test','d2i-tests','bad_cert.der')])), + "Running d2i_test bad_cert.der"); + +ok(run(test(["d2i_test", "GENERAL_NAME", "decode", + srctop_file('test','d2i-tests','bad_generalname.der')])), + "Running d2i_test bad_generalname.der"); + +ok(run(test(["d2i_test", "ASN1_ANY", "BIO", + srctop_file('test','d2i-tests','bad_bio.der')])), + "Running d2i_test bad_bio.der"); +# This test checks CVE-2016-2108. The data consists of an tag 258 and +# two zero content octets. This is parsed as an ASN1_ANY type. If the +# type is incorrectly interpreted as an ASN.1 INTEGER the two zero content +# octets will be reject as invalid padding and this test will fail. +# If the type is correctly interpreted it will by treated as an ASN1_STRING +# type and the content octets copied verbatim. +ok(run(test(["d2i_test", "ASN1_ANY", "OK", + srctop_file('test','d2i-tests','high_tag.der')])), + "Running d2i_test high_tag.der"); + +# Above test data but interpreted as ASN.1 INTEGER: this will be rejected +# because the tag is invalid. +ok(run(test(["d2i_test", "ASN1_INTEGER", "decode", + srctop_file('test','d2i-tests','high_tag.der')])), + "Running d2i_test high_tag.der INTEGER"); + +# Parse valid 0, 1 and -1 ASN.1 INTEGER as INTEGER or ANY. + +ok(run(test(["d2i_test", "ASN1_INTEGER", "OK", + srctop_file('test','d2i-tests','int0.der')])), + "Running d2i_test int0.der INTEGER"); + +ok(run(test(["d2i_test", "ASN1_INTEGER", "OK", + srctop_file('test','d2i-tests','int1.der')])), + "Running d2i_test int1.der INTEGER"); + +ok(run(test(["d2i_test", "ASN1_INTEGER", "OK", + srctop_file('test','d2i-tests','intminus1.der')])), + "Running d2i_test intminus1.der INTEGER"); + +ok(run(test(["d2i_test", "ASN1_ANY", "OK", + srctop_file('test','d2i-tests','int0.der')])), + "Running d2i_test int0.der ANY"); + +ok(run(test(["d2i_test", "ASN1_ANY", "OK", + srctop_file('test','d2i-tests','int1.der')])), + "Running d2i_test int1.der ANY"); + +ok(run(test(["d2i_test", "ASN1_ANY", "OK", + srctop_file('test','d2i-tests','intminus1.der')])), + "Running d2i_test intminus1.der ANY"); + +# Integers with illegal additional padding. + +ok(run(test(["d2i_test", "ASN1_INTEGER", "decode", + srctop_file('test','d2i-tests','bad-int-pad0.der')])), + "Running d2i_test bad-int-pad0.der INTEGER"); + +ok(run(test(["d2i_test", "ASN1_INTEGER", "decode", + srctop_file('test','d2i-tests','bad-int-padminus1.der')])), + "Running d2i_test bad-int-padminus1.der INTEGER"); + +SKIP: { + skip "No CMS support in this configuration", 1 if disabled("cms"); + + # Invalid CMS structure with decode error in CHOICE value. + # Test for CVE-2016-7053 + + ok(run(test(["d2i_test", "CMS_ContentInfo", "decode", + srctop_file('test','d2i-tests','bad-cms.der')])), + "Running d2i_test bad-cms.der CMS ContentInfo"); +} diff --git a/openssl-1.1.0h/test/recipes/25-test_pkcs7.t b/openssl-1.1.0h/test/recipes/25-test_pkcs7.t new file mode 100644 index 0000000..724326b --- /dev/null +++ b/openssl-1.1.0h/test/recipes/25-test_pkcs7.t @@ -0,0 +1,27 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use File::Spec; +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_pkcs7"); + +plan tests => 3; + +require_ok(srctop_file('test','recipes','tconversion.pl')); + +subtest 'pkcs7 conversions -- pkcs7' => sub { + tconversion("p7", srctop_file("test", "testp7.pem"), "pkcs7"); +}; +subtest 'pkcs7 conversions -- pkcs7d' => sub { + tconversion("p7d", srctop_file("test", "pkcs7-1.pem"), "pkcs7"); +}; diff --git a/openssl-1.1.0h/test/recipes/25-test_req.t b/openssl-1.1.0h/test/recipes/25-test_req.t new file mode 100644 index 0000000..bcc1025 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/25-test_req.t @@ -0,0 +1,76 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use OpenSSL::Test::Utils; +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_req"); + +plan tests => 4; + +require_ok(srctop_file('test','recipes','tconversion.pl')); + +open RND, ">>", ".rnd"; +print RND "string to make the random number generator think it has entropy"; +close RND; +subtest "generating certificate requests" => sub { + my @req_new; + if (disabled("rsa")) { + @req_new = ("-newkey", "dsa:".srctop_file("apps", "dsa512.pem")); + } else { + @req_new = ("-new"); + note("There should be a 2 sequences of .'s and some +'s."); + note("There should not be more that at most 80 per line"); + } + + plan tests => 2; + + ok(run(app(["openssl", "req", "-config", srctop_file("test", "test.cnf"), + @req_new, "-out", "testreq.pem"])), + "Generating request"); + + ok(run(app(["openssl", "req", "-config", srctop_file("test", "test.cnf"), + "-verify", "-in", "testreq.pem", "-noout"])), + "Verifying signature on request"); +}; + +my @openssl_args = ("req", "-config", srctop_file("apps", "openssl.cnf")); + +run_conversion('req conversions', + "testreq.pem"); +run_conversion('req conversions -- testreq2', + srctop_file("test", "testreq2.pem")); + +unlink "testkey.pem", "testreq.pem"; + +sub run_conversion { + my $title = shift; + my $reqfile = shift; + + subtest $title => sub { + run(app(["openssl", @openssl_args, + "-in", $reqfile, "-inform", "p", + "-noout", "-text"], + stderr => "req-check.err", stdout => undef)); + open DATA, "req-check.err"; + SKIP: { + plan skip_all => "skipping req conversion test for $reqfile" + if grep /Unknown Public Key/, map { s/\R//; } <DATA>; + + tconversion("req", $reqfile, @openssl_args); + } + close DATA; + unlink "req-check.err"; + + done_testing(); + }; +} diff --git a/openssl-1.1.0h/test/recipes/25-test_sid.t b/openssl-1.1.0h/test/recipes/25-test_sid.t new file mode 100644 index 0000000..b13cb5c --- /dev/null +++ b/openssl-1.1.0h/test/recipes/25-test_sid.t @@ -0,0 +1,24 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use File::Spec; +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_sid"); + +plan tests => 2; + +require_ok(srctop_file('test','recipes','tconversion.pl')); + +subtest 'sid conversions' => sub { + tconversion("sid", srctop_file("test","testsid.pem"), "sess_id"); +}; diff --git a/openssl-1.1.0h/test/recipes/25-test_verify.t b/openssl-1.1.0h/test/recipes/25-test_verify.t new file mode 100644 index 0000000..11bd430 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/25-test_verify.t @@ -0,0 +1,380 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use File::Spec::Functions qw/canonpath/; +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_verify"); + +sub verify { + my ($cert, $purpose, $trusted, $untrusted, @opts) = @_; + my @args = qw(openssl verify -auth_level 1 -purpose); + my @path = qw(test certs); + push(@args, "$purpose", @opts); + for (@$trusted) { + push(@args, "-trusted", srctop_file(@path, "$_.pem")) + } + for (@$untrusted) { + push(@args, "-untrusted", srctop_file(@path, "$_.pem")) + } + push(@args, srctop_file(@path, "$cert.pem")); + run(app([@args])); +} + +plan tests => 127; + +# Canonical success +ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"]), + "accept compat trust"); + +# Root CA variants +ok(!verify("ee-cert", "sslserver", [qw(root-nonca)], [qw(ca-cert)]), + "fail trusted non-ca root"); +ok(!verify("ee-cert", "sslserver", [qw(nroot+serverAuth)], [qw(ca-cert)]), + "fail server trust non-ca root"); +ok(!verify("ee-cert", "sslserver", [qw(nroot+anyEKU)], [qw(ca-cert)]), + "fail wildcard trust non-ca root"); +ok(!verify("ee-cert", "sslserver", [qw(root-cert2)], [qw(ca-cert)]), + "fail wrong root key"); +ok(!verify("ee-cert", "sslserver", [qw(root-name2)], [qw(ca-cert)]), + "fail wrong root DN"); + +# Explicit trust/purpose combinations +# +ok(verify("ee-cert", "sslserver", [qw(sroot-cert)], [qw(ca-cert)]), + "accept server purpose"); +ok(!verify("ee-cert", "sslserver", [qw(croot-cert)], [qw(ca-cert)]), + "fail client purpose"); +ok(verify("ee-cert", "sslserver", [qw(root+serverAuth)], [qw(ca-cert)]), + "accept server trust"); +ok(verify("ee-cert", "sslserver", [qw(sroot+serverAuth)], [qw(ca-cert)]), + "accept server trust with server purpose"); +ok(verify("ee-cert", "sslserver", [qw(croot+serverAuth)], [qw(ca-cert)]), + "accept server trust with client purpose"); +# Wildcard trust +ok(verify("ee-cert", "sslserver", [qw(root+anyEKU)], [qw(ca-cert)]), + "accept wildcard trust"); +ok(verify("ee-cert", "sslserver", [qw(sroot+anyEKU)], [qw(ca-cert)]), + "accept wildcard trust with server purpose"); +ok(verify("ee-cert", "sslserver", [qw(croot+anyEKU)], [qw(ca-cert)]), + "accept wildcard trust with client purpose"); +# Inapplicable mistrust +ok(verify("ee-cert", "sslserver", [qw(root-clientAuth)], [qw(ca-cert)]), + "accept client mistrust"); +ok(verify("ee-cert", "sslserver", [qw(sroot-clientAuth)], [qw(ca-cert)]), + "accept client mistrust with server purpose"); +ok(!verify("ee-cert", "sslserver", [qw(croot-clientAuth)], [qw(ca-cert)]), + "fail client mistrust with client purpose"); +# Inapplicable trust +ok(!verify("ee-cert", "sslserver", [qw(root+clientAuth)], [qw(ca-cert)]), + "fail client trust"); +ok(!verify("ee-cert", "sslserver", [qw(sroot+clientAuth)], [qw(ca-cert)]), + "fail client trust with server purpose"); +ok(!verify("ee-cert", "sslserver", [qw(croot+clientAuth)], [qw(ca-cert)]), + "fail client trust with client purpose"); +# Server mistrust +ok(!verify("ee-cert", "sslserver", [qw(root-serverAuth)], [qw(ca-cert)]), + "fail rejected EKU"); +ok(!verify("ee-cert", "sslserver", [qw(sroot-serverAuth)], [qw(ca-cert)]), + "fail server mistrust with server purpose"); +ok(!verify("ee-cert", "sslserver", [qw(croot-serverAuth)], [qw(ca-cert)]), + "fail server mistrust with client purpose"); +# Wildcard mistrust +ok(!verify("ee-cert", "sslserver", [qw(root-anyEKU)], [qw(ca-cert)]), + "fail wildcard mistrust"); +ok(!verify("ee-cert", "sslserver", [qw(sroot-anyEKU)], [qw(ca-cert)]), + "fail wildcard mistrust with server purpose"); +ok(!verify("ee-cert", "sslserver", [qw(croot-anyEKU)], [qw(ca-cert)]), + "fail wildcard mistrust with client purpose"); + +# Check that trusted-first is on by setting up paths to different roots +# depending on whether the intermediate is the trusted or untrusted one. +# +ok(verify("ee-cert", "sslserver", [qw(root-serverAuth root-cert2 ca-root2)], + [qw(ca-cert)]), + "accept trusted-first path"); +ok(verify("ee-cert", "sslserver", [qw(root-cert root2+serverAuth ca-root2)], + [qw(ca-cert)]), + "accept trusted-first path with server trust"); +ok(!verify("ee-cert", "sslserver", [qw(root-cert root2-serverAuth ca-root2)], + [qw(ca-cert)]), + "fail trusted-first path with server mistrust"); +ok(!verify("ee-cert", "sslserver", [qw(root-cert root2+clientAuth ca-root2)], + [qw(ca-cert)]), + "fail trusted-first path with client trust"); + +# CA variants +ok(!verify("ee-cert", "sslserver", [qw(root-cert)], [qw(ca-nonca)]), + "fail non-CA untrusted intermediate"); +ok(!verify("ee-cert", "sslserver", [qw(root-cert)], [qw(ca-nonbc)]), + "fail non-CA untrusted intermediate"); +ok(!verify("ee-cert", "sslserver", [qw(root-cert ca-nonca)], []), + "fail non-CA trust-store intermediate"); +ok(!verify("ee-cert", "sslserver", [qw(root-cert ca-nonbc)], []), + "fail non-CA trust-store intermediate"); +ok(!verify("ee-cert", "sslserver", [qw(root-cert nca+serverAuth)], []), + "fail non-CA server trust intermediate"); +ok(!verify("ee-cert", "sslserver", [qw(root-cert nca+anyEKU)], []), + "fail non-CA wildcard trust intermediate"); +ok(!verify("ee-cert", "sslserver", [qw(root-cert)], [qw(ca-cert2)]), + "fail wrong intermediate CA key"); +ok(!verify("ee-cert", "sslserver", [qw(root-cert)], [qw(ca-name2)]), + "fail wrong intermediate CA DN"); +ok(!verify("ee-cert", "sslserver", [qw(root-cert)], [qw(ca-root2)]), + "fail wrong intermediate CA issuer"); +ok(!verify("ee-cert", "sslserver", [], [qw(ca-cert)], "-partial_chain"), + "fail untrusted partial chain"); +ok(verify("ee-cert", "sslserver", [qw(ca-cert)], [], "-partial_chain"), + "accept trusted partial chain"); +ok(verify("ee-cert", "sslserver", [qw(sca-cert)], [], "-partial_chain"), + "accept partial chain with server purpose"); +ok(!verify("ee-cert", "sslserver", [qw(cca-cert)], [], "-partial_chain"), + "fail partial chain with client purpose"); +ok(verify("ee-cert", "sslserver", [qw(ca+serverAuth)], [], "-partial_chain"), + "accept server trust partial chain"); +ok(verify("ee-cert", "sslserver", [qw(cca+serverAuth)], [], "-partial_chain"), + "accept server trust client purpose partial chain"); +ok(verify("ee-cert", "sslserver", [qw(ca-clientAuth)], [], "-partial_chain"), + "accept client mistrust partial chain"); +ok(verify("ee-cert", "sslserver", [qw(ca+anyEKU)], [], "-partial_chain"), + "accept wildcard trust partial chain"); +ok(!verify("ee-cert", "sslserver", [], [qw(ca+serverAuth)], "-partial_chain"), + "fail untrusted partial issuer with ignored server trust"); +ok(!verify("ee-cert", "sslserver", [qw(ca-serverAuth)], [], "-partial_chain"), + "fail server mistrust partial chain"); +ok(!verify("ee-cert", "sslserver", [qw(ca+clientAuth)], [], "-partial_chain"), + "fail client trust partial chain"); +ok(!verify("ee-cert", "sslserver", [qw(ca-anyEKU)], [], "-partial_chain"), + "fail wildcard mistrust partial chain"); + +# We now test auxiliary trust even for intermediate trusted certs without +# -partial_chain. Note that "-trusted_first" is now always on and cannot +# be disabled. +ok(verify("ee-cert", "sslserver", [qw(root-cert ca+serverAuth)], [qw(ca-cert)]), + "accept server trust"); +ok(verify("ee-cert", "sslserver", [qw(root-cert ca+anyEKU)], [qw(ca-cert)]), + "accept wildcard trust"); +ok(verify("ee-cert", "sslserver", [qw(root-cert sca-cert)], [qw(ca-cert)]), + "accept server purpose"); +ok(verify("ee-cert", "sslserver", [qw(root-cert sca+serverAuth)], + [qw(ca-cert)]), + "accept server trust and purpose"); +ok(verify("ee-cert", "sslserver", [qw(root-cert sca+anyEKU)], [qw(ca-cert)]), + "accept wildcard trust and server purpose"); +ok(verify("ee-cert", "sslserver", [qw(root-cert sca-clientAuth)], + [qw(ca-cert)]), + "accept client mistrust and server purpose"); +ok(verify("ee-cert", "sslserver", [qw(root-cert cca+serverAuth)], + [qw(ca-cert)]), + "accept server trust and client purpose"); +ok(verify("ee-cert", "sslserver", [qw(root-cert cca+anyEKU)], [qw(ca-cert)]), + "accept wildcard trust and client purpose"); +ok(!verify("ee-cert", "sslserver", [qw(root-cert cca-cert)], [qw(ca-cert)]), + "fail client purpose"); +ok(!verify("ee-cert", "sslserver", [qw(root-cert ca-anyEKU)], [qw(ca-cert)]), + "fail wildcard mistrust"); +ok(!verify("ee-cert", "sslserver", [qw(root-cert ca-serverAuth)], + [qw(ca-cert)]), + "fail server mistrust"); +ok(!verify("ee-cert", "sslserver", [qw(root-cert ca+clientAuth)], + [qw(ca-cert)]), + "fail client trust"); +ok(!verify("ee-cert", "sslserver", [qw(root-cert sca+clientAuth)], + [qw(ca-cert)]), + "fail client trust and server purpose"); +ok(!verify("ee-cert", "sslserver", [qw(root-cert cca+clientAuth)], + [qw(ca-cert)]), + "fail client trust and client purpose"); +ok(!verify("ee-cert", "sslserver", [qw(root-cert cca-serverAuth)], + [qw(ca-cert)]), + "fail server mistrust and client purpose"); +ok(!verify("ee-cert", "sslserver", [qw(root-cert cca-clientAuth)], + [qw(ca-cert)]), + "fail client mistrust and client purpose"); +ok(!verify("ee-cert", "sslserver", [qw(root-cert sca-serverAuth)], + [qw(ca-cert)]), + "fail server mistrust and server purpose"); +ok(!verify("ee-cert", "sslserver", [qw(root-cert sca-anyEKU)], [qw(ca-cert)]), + "fail wildcard mistrust and server purpose"); +ok(!verify("ee-cert", "sslserver", [qw(root-cert cca-anyEKU)], [qw(ca-cert)]), + "fail wildcard mistrust and client purpose"); + +# EE variants +ok(verify("ee-client", "sslclient", [qw(root-cert)], [qw(ca-cert)]), + "accept client chain"); +ok(!verify("ee-client", "sslserver", [qw(root-cert)], [qw(ca-cert)]), + "fail server leaf purpose"); +ok(!verify("ee-cert", "sslclient", [qw(root-cert)], [qw(ca-cert)]), + "fail client leaf purpose"); +ok(!verify("ee-cert2", "sslserver", [qw(root-cert)], [qw(ca-cert)]), + "fail wrong intermediate CA key"); +ok(!verify("ee-name2", "sslserver", [qw(root-cert)], [qw(ca-cert)]), + "fail wrong intermediate CA DN"); +ok(!verify("ee-expired", "sslserver", [qw(root-cert)], [qw(ca-cert)]), + "fail expired leaf"); +ok(verify("ee-cert", "sslserver", [qw(ee-cert)], [], "-partial_chain"), + "accept last-resort direct leaf match"); +ok(verify("ee-client", "sslclient", [qw(ee-client)], [], "-partial_chain"), + "accept last-resort direct leaf match"); +ok(!verify("ee-cert", "sslserver", [qw(ee-client)], [], "-partial_chain"), + "fail last-resort direct leaf non-match"); +ok(verify("ee-cert", "sslserver", [qw(ee+serverAuth)], [], "-partial_chain"), + "accept direct match with server trust"); +ok(!verify("ee-cert", "sslserver", [qw(ee-serverAuth)], [], "-partial_chain"), + "fail direct match with server mistrust"); +ok(verify("ee-client", "sslclient", [qw(ee+clientAuth)], [], "-partial_chain"), + "accept direct match with client trust"); +ok(!verify("ee-client", "sslclient", [qw(ee-clientAuth)], [], "-partial_chain"), + "reject direct match with client mistrust"); + +# Proxy certificates +ok(!verify("pc1-cert", "sslclient", [qw(root-cert)], [qw(ee-client ca-cert)]), + "fail to accept proxy cert without -allow_proxy_certs"); +ok(verify("pc1-cert", "sslclient", [qw(root-cert)], [qw(ee-client ca-cert)], + "-allow_proxy_certs"), + "accept proxy cert 1"); +ok(verify("pc2-cert", "sslclient", [qw(root-cert)], + [qw(pc1-cert ee-client ca-cert)], "-allow_proxy_certs"), + "accept proxy cert 2"); +ok(!verify("bad-pc3-cert", "sslclient", [qw(root-cert)], + [qw(pc1-cert ee-client ca-cert)], "-allow_proxy_certs"), + "fail proxy cert with incorrect subject"); +ok(!verify("bad-pc4-cert", "sslclient", [qw(root-cert)], + [qw(pc1-cert ee-client ca-cert)], "-allow_proxy_certs"), + "fail proxy cert with incorrect pathlen"); +ok(verify("pc5-cert", "sslclient", [qw(root-cert)], + [qw(pc1-cert ee-client ca-cert)], "-allow_proxy_certs"), + "accept proxy cert missing proxy policy"); +ok(!verify("pc6-cert", "sslclient", [qw(root-cert)], + [qw(pc1-cert ee-client ca-cert)], "-allow_proxy_certs"), + "failed proxy cert where last CN was added as a multivalue RDN component"); + +# Security level tests +ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"], + "-auth_level", "2"), + "accept RSA 2048 chain at auth level 2"); +ok(!verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"], + "-auth_level", "3"), + "reject RSA 2048 root at auth level 3"); +ok(verify("ee-cert", "sslserver", ["root-cert-768"], ["ca-cert-768i"], + "-auth_level", "0"), + "accept RSA 768 root at auth level 0"); +ok(!verify("ee-cert", "sslserver", ["root-cert-768"], ["ca-cert-768i"]), + "reject RSA 768 root at auth level 1"); +ok(verify("ee-cert-768i", "sslserver", ["root-cert"], ["ca-cert-768"], + "-auth_level", "0"), + "accept RSA 768 intermediate at auth level 0"); +ok(!verify("ee-cert-768i", "sslserver", ["root-cert"], ["ca-cert-768"]), + "reject RSA 768 intermediate at auth level 1"); +ok(verify("ee-cert-768", "sslserver", ["root-cert"], ["ca-cert"], + "-auth_level", "0"), + "accept RSA 768 leaf at auth level 0"); +ok(!verify("ee-cert-768", "sslserver", ["root-cert"], ["ca-cert"]), + "reject RSA 768 leaf at auth level 1"); +# +ok(verify("ee-cert", "sslserver", ["root-cert-md5"], ["ca-cert"], + "-auth_level", "2"), + "accept md5 self-signed TA at auth level 2"); +ok(verify("ee-cert", "sslserver", ["ca-cert-md5-any"], [], + "-auth_level", "2"), + "accept md5 intermediate TA at auth level 2"); +ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert-md5"], + "-auth_level", "0"), + "accept md5 intermediate at auth level 0"); +ok(!verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert-md5"]), + "reject md5 intermediate at auth level 1"); +ok(verify("ee-cert-md5", "sslserver", ["root-cert"], ["ca-cert"], + "-auth_level", "0"), + "accept md5 leaf at auth level 0"); +ok(!verify("ee-cert-md5", "sslserver", ["root-cert"], ["ca-cert"]), + "reject md5 leaf at auth level 1"); + +# Depth tests, note the depth limit bounds the number of CA certificates +# between the trust-anchor and the leaf, so, for example, with a root->ca->leaf +# chain, depth = 1 is sufficient, but depth == 0 is not. +# +ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"], + "-verify_depth", "2"), + "accept chain with verify_depth 2"); +ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"], + "-verify_depth", "1"), + "accept chain with verify_depth 1"); +ok(!verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"], + "-verify_depth", "0"), + "accept chain with verify_depth 0"); +ok(verify("ee-cert", "sslserver", ["ca-cert-md5-any"], [], + "-verify_depth", "0"), + "accept md5 intermediate TA with verify_depth 0"); + +# Name Constraints tests. + +ok(verify("alt1-cert", "sslserver", ["root-cert"], ["ncca1-cert"], ), + "Name Constraints everything permitted"); + +ok(verify("alt2-cert", "sslserver", ["root-cert"], ["ncca2-cert"], ), + "Name Constraints nothing excluded"); + +ok(verify("alt3-cert", "sslserver", ["root-cert"], ["ncca1-cert", "ncca3-cert"], ), + "Name Constraints nested test all permitted"); + +ok(!verify("badalt1-cert", "sslserver", ["root-cert"], ["ncca1-cert"], ), + "Name Constraints hostname not permitted"); + +ok(!verify("badalt2-cert", "sslserver", ["root-cert"], ["ncca2-cert"], ), + "Name Constraints hostname excluded"); + +ok(!verify("badalt3-cert", "sslserver", ["root-cert"], ["ncca1-cert"], ), + "Name Constraints email address not permitted"); + +ok(!verify("badalt4-cert", "sslserver", ["root-cert"], ["ncca1-cert"], ), + "Name Constraints subject email address not permitted"); + +ok(!verify("badalt5-cert", "sslserver", ["root-cert"], ["ncca1-cert"], ), + "Name Constraints IP address not permitted"); + +ok(!verify("badalt6-cert", "sslserver", ["root-cert"], ["ncca1-cert"], ), + "Name Constraints CN hostname not permitted"); + +ok(!verify("badalt7-cert", "sslserver", ["root-cert"], ["ncca1-cert"], ), + "Name Constraints CN BMPSTRING hostname not permitted"); + +ok(!verify("badalt8-cert", "sslserver", ["root-cert"], + ["ncca1-cert", "ncca3-cert"], ), + "Name constaints nested DNS name not permitted 1"); + +ok(!verify("badalt9-cert", "sslserver", ["root-cert"], + ["ncca1-cert", "ncca3-cert"], ), + "Name constaints nested DNS name not permitted 2"); + +ok(!verify("badalt10-cert", "sslserver", ["root-cert"], + ["ncca1-cert", "ncca3-cert"], ), + "Name constaints nested DNS name excluded"); + +ok(!verify("many-names1", "sslserver", ["many-constraints"], + ["many-constraints"], ), + "Too many names and constraints to check (1)"); +ok(!verify("many-names2", "sslserver", ["many-constraints"], + ["many-constraints"], ), + "Too many names and constraints to check (2)"); +ok(!verify("many-names3", "sslserver", ["many-constraints"], + ["many-constraints"], ), + "Too many names and constraints to check (3)"); + +ok(verify("some-names1", "sslserver", ["many-constraints"], + ["many-constraints"], ), + "Not too many names and constraints to check (1)"); +ok(verify("some-names2", "sslserver", ["many-constraints"], + ["many-constraints"], ), + "Not too many names and constraints to check (2)"); +ok(verify("some-names2", "sslserver", ["many-constraints"], + ["many-constraints"], ), + "Not too many names and constraints to check (3)"); diff --git a/openssl-1.1.0h/test/recipes/25-test_x509.t b/openssl-1.1.0h/test/recipes/25-test_x509.t new file mode 100644 index 0000000..98a8d32 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/25-test_x509.t @@ -0,0 +1,34 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use File::Spec; +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_x509"); + +plan tests => 5; + +require_ok(srctop_file('test','recipes','tconversion.pl')); + +subtest 'x509 -- x.509 v1 certificate' => sub { + tconversion("x509", srctop_file("test","testx509.pem")); +}; +subtest 'x509 -- first x.509 v3 certificate' => sub { + tconversion("x509", srctop_file("test","v3-cert1.pem")); +}; +subtest 'x509 -- second x.509 v3 certificate' => sub { + tconversion("x509", srctop_file("test","v3-cert2.pem")); +}; + +subtest 'x509 -- pathlen' => sub { + ok(run(test(["v3ext", srctop_file("test/certs", "pathlen.pem")]))); +} diff --git a/openssl-1.1.0h/test/recipes/30-test_afalg.t b/openssl-1.1.0h/test/recipes/30-test_afalg.t new file mode 100644 index 0000000..c8cb67b --- /dev/null +++ b/openssl-1.1.0h/test/recipes/30-test_afalg.t @@ -0,0 +1,23 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw/:DEFAULT bldtop_dir/; +use OpenSSL::Test::Utils; + +my $test_name = "test_afalg"; +setup($test_name); + +plan skip_all => "$test_name not supported for this build" + if disabled("afalgeng"); + +plan tests => 1; + +$ENV{OPENSSL_ENGINES} = bldtop_dir("engines/afalg"); + +ok(run(test(["afalgtest"])), "running afalgtest"); diff --git a/openssl-1.1.0h/test/recipes/30-test_engine.t b/openssl-1.1.0h/test/recipes/30-test_engine.t new file mode 100644 index 0000000..03c96cd --- /dev/null +++ b/openssl-1.1.0h/test/recipes/30-test_engine.t @@ -0,0 +1,18 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use OpenSSL::Test; + +setup("test_engine"); + +plan tests => 1; +ok(run(test(["enginetest"])), "running enginetest"); diff --git a/openssl-1.1.0h/test/recipes/30-test_evp.t b/openssl-1.1.0h/test/recipes/30-test_evp.t new file mode 100644 index 0000000..c277fcd --- /dev/null +++ b/openssl-1.1.0h/test/recipes/30-test_evp.t @@ -0,0 +1,19 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_evp"); + +plan tests => 1; +ok(run(test(["evp_test", srctop_file("test", "evptests.txt")])), + "running evp_test evptests.txt"); diff --git a/openssl-1.1.0h/test/recipes/30-test_evp_extra.t b/openssl-1.1.0h/test/recipes/30-test_evp_extra.t new file mode 100644 index 0000000..9a656b0 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/30-test_evp_extra.t @@ -0,0 +1,18 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use OpenSSL::Test; + +setup("test_evp_extra"); + +plan tests => 1; +ok(run(test(["evp_extra_test"])), "running evp_extra_test"); diff --git a/openssl-1.1.0h/test/recipes/30-test_pbelu.t b/openssl-1.1.0h/test/recipes/30-test_pbelu.t new file mode 100644 index 0000000..38b2d48 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/30-test_pbelu.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_pbelu", "pbelutest"); diff --git a/openssl-1.1.0h/test/recipes/40-test_rehash.t b/openssl-1.1.0h/test/recipes/40-test_rehash.t new file mode 100644 index 0000000..191897e --- /dev/null +++ b/openssl-1.1.0h/test/recipes/40-test_rehash.t @@ -0,0 +1,98 @@ +#! /usr/bin/env perl +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use File::Spec::Functions; +use File::Copy; +use File::Basename; +use OpenSSL::Glob; +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_rehash"); + +#If "openssl rehash -help" fails it's most likely because we're on a platform +#that doesn't support the rehash command (e.g. Windows) +plan skip_all => "test_rehash is not available on this platform" + unless run(app(["openssl", "rehash", "-help"])); + +plan tests => 4; + +indir "rehash.$$" => sub { + prepare(); + ok(run(app(["openssl", "rehash", curdir()])), + 'Testing normal rehash operations'); +}, create => 1, cleanup => 1; + +indir "rehash.$$" => sub { + prepare(sub { chmod 400, $_ foreach (@_); }); + ok(run(app(["openssl", "rehash", curdir()])), + 'Testing rehash operations on readonly files'); +}, create => 1, cleanup => 1; + +indir "rehash.$$" => sub { + ok(run(app(["openssl", "rehash", curdir()])), + 'Testing rehash operations on empty directory'); +}, create => 1, cleanup => 1; + +indir "rehash.$$" => sub { + prepare(); + chmod 0500, curdir(); + SKIP: { + if (open(FOO, ">unwritable.txt")) { + close FOO; + skip "It's pointless to run the next test as root", 1; + } + isnt(run(app(["openssl", "rehash", curdir()])), 1, + 'Testing rehash operations on readonly directory'); + } + chmod 0700, curdir(); # make it writable again, so cleanup works +}, create => 1, cleanup => 1; + +sub prepare { + my @pemsourcefiles = sort glob(srctop_file('test', "*.pem")); + my @destfiles = (); + + die "There are no source files\n" if scalar @pemsourcefiles == 0; + + my $cnt = 0; + foreach (@pemsourcefiles) { + my $basename = basename($_, ".pem"); + my $writing = 0; + + open PEM, $_ or die "Can't read $_: $!\n"; + while (my $line = <PEM>) { + if ($line =~ m{^-----BEGIN (?:CERTIFICATE|X509 CRL)-----}) { + die "New start in a PEM blob?\n" if $writing; + $cnt++; + my $destfile = + catfile(curdir(), + $basename . sprintf("-%02d", $cnt) . ".pem"); + push @destfiles, $destfile; + open OUT, '>', $destfile + or die "Can't write $destfile\n"; + $writing = 1; + } + print OUT $line if $writing; + if ($line =~ m|^-----END |) { + close OUT if $writing; + $writing = 0; + } + } + die "No end marker in $basename\n" if $writing; + } + die "No test PEM files produced\n" if $cnt == 0; + + foreach (@_) { + die "Internal error, argument is not CODE" + unless (ref($_) eq 'CODE'); + $_->(@destfiles); + } +} diff --git a/openssl-1.1.0h/test/recipes/60-test_x509_store.t b/openssl-1.1.0h/test/recipes/60-test_x509_store.t new file mode 100644 index 0000000..041aa09 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/60-test_x509_store.t @@ -0,0 +1,53 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use File::Copy; +use File::Spec::Functions qw/:DEFAULT canonpath/; +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_x509_store"); + +#If "openssl rehash -help" fails it's most likely because we're on a platform +#that doesn't support the rehash command (e.g. Windows) +plan skip_all => "test_rehash is not available on this platform" + unless run(app(["openssl", "rehash", "-help"])); + +# We use 'openssl verify' for these tests, as it contains everything +# we need to conduct these tests. The tests here are a subset of the +# ones found in 25-test_verify.t + +sub verify { + my ($cert, $purpose, $trustedpath, $untrusted, @opts) = @_; + my @args = qw(openssl verify -auth_level 1 -purpose); + my @path = qw(test certs); + push(@args, "$purpose", @opts); + push(@args, "-CApath", $trustedpath); + for (@$untrusted) { push(@args, "-untrusted", srctop_file(@path, "$_.pem")) } + push(@args, srctop_file(@path, "$cert.pem")); + run(app([@args])); +} + +plan tests => 3; + +indir "60-test_x509_store" => sub { + for (("root-cert")) { + copy(srctop_file("test", "certs", "$_.pem"), curdir()); + } + ok(run(app([qw(openssl rehash), curdir()])), "Rehashing"); + + # Canonical success + ok(verify("ee-cert", "sslserver", curdir(), ["ca-cert"], "-show_chain"), + "verify ee-cert"); + + # Failure because root cert not present in CApath + ok(!verify("ca-root2", "any", curdir(), [], "-show_chain")); +}, create => 1, cleanup => 1; diff --git a/openssl-1.1.0h/test/recipes/70-test_asyncio.t b/openssl-1.1.0h/test/recipes/70-test_asyncio.t new file mode 100644 index 0000000..3c15c3d --- /dev/null +++ b/openssl-1.1.0h/test/recipes/70-test_asyncio.t @@ -0,0 +1,21 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Utils; +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_asyncio"); + +plan skip_all => "No TLS/SSL protocols are supported by this OpenSSL build" + if alldisabled(grep { $_ ne "ssl3" } available_protocols("tls")); + +plan tests => 1; + +ok(run(test(["asynciotest", srctop_file("apps", "server.pem"), + srctop_file("apps", "server.pem")])), "running asynciotest"); diff --git a/openssl-1.1.0h/test/recipes/70-test_bad_dtls.t b/openssl-1.1.0h/test/recipes/70-test_bad_dtls.t new file mode 100644 index 0000000..a20db77 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/70-test_bad_dtls.t @@ -0,0 +1,20 @@ +#! /usr/bin/env perl +# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test; +use OpenSSL::Test::Utils; + +setup("test_bad_dtls"); + +plan skip_all => "DTLSv1 is not supported by this OpenSSL build" + if disabled("dtls1"); + +plan tests => 1; + +ok(run(test(["bad_dtls_test"])), "running bad_dtls_test"); diff --git a/openssl-1.1.0h/test/recipes/70-test_clienthello.t b/openssl-1.1.0h/test/recipes/70-test_clienthello.t new file mode 100644 index 0000000..ef0868f --- /dev/null +++ b/openssl-1.1.0h/test/recipes/70-test_clienthello.t @@ -0,0 +1,20 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test; +use OpenSSL::Test::Utils; + +setup("test_clienthello"); + +plan skip_all => "No TLS/SSL protocols are supported by this OpenSSL build" + if alldisabled(grep { $_ ne "ssl3" } available_protocols("tls")); + +plan tests => 1; + +ok(run(test(["clienthellotest"])), "running clienthellotest"); diff --git a/openssl-1.1.0h/test/recipes/70-test_packet.t b/openssl-1.1.0h/test/recipes/70-test_packet.t new file mode 100644 index 0000000..9bc6515 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/70-test_packet.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_packet", "packettest"); diff --git a/openssl-1.1.0h/test/recipes/70-test_sslcbcpadding.t b/openssl-1.1.0h/test/recipes/70-test_sslcbcpadding.t new file mode 100644 index 0000000..6d296db --- /dev/null +++ b/openssl-1.1.0h/test/recipes/70-test_sslcbcpadding.t @@ -0,0 +1,110 @@ +#! /usr/bin/env perl +# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/; +use OpenSSL::Test::Utils; +use TLSProxy::Proxy; + +my $test_name = "test_sslcbcpadding"; +setup($test_name); + +plan skip_all => "TLSProxy isn't usable on $^O" + if $^O =~ /^(VMS)$/; + +plan skip_all => "$test_name needs the dynamic engine feature enabled" + if disabled("engine") || disabled("dynamic-engine"); + +plan skip_all => "$test_name needs the sock feature enabled" + if disabled("sock"); + +plan skip_all => "$test_name needs TLSv1.2 enabled" + if disabled("tls1_2"); + +$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; +my $proxy = TLSProxy::Proxy->new( + \&add_maximal_padding_filter, + cmdstr(app(["openssl"]), display => 1), + srctop_file("apps", "server.pem"), + (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) +); + +# TODO: We could test all 256 values, but then the log file gets too large for +# CI. See https://github.com/openssl/openssl/issues/1440. +my @test_offsets = (0, 128, 254, 255); + +# Test that maximally-padded records are accepted. +my $bad_padding_offset = -1; +$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +plan tests => 1 + scalar(@test_offsets); +ok(TLSProxy::Message->success(), "Maximally-padded record test"); + +# Test that invalid padding is rejected. +foreach my $offset (@test_offsets) { + $proxy->clear(); + $bad_padding_offset = $offset; + $proxy->start(); + ok(TLSProxy::Message->fail(), "Invalid padding byte $bad_padding_offset"); +} + +sub add_maximal_padding_filter +{ + my $proxy = shift; + + if ($proxy->flight == 0) { + # Disable Encrypt-then-MAC. + foreach my $message (@{$proxy->message_list}) { + if ($message->mt != TLSProxy::Message::MT_CLIENT_HELLO) { + next; + } + + $message->delete_extension(TLSProxy::Message::EXT_ENCRYPT_THEN_MAC); + $message->process_extensions(); + $message->repack(); + } + } + + if ($proxy->flight == 3) { + # Insert a maximally-padded record. Assume a block size of 16 (AES) and + # a MAC length of 20 (SHA-1). + my $block_size = 16; + my $mac_len = 20; + + # Size the plaintext so that 256 is a valid padding. + my $plaintext_len = $block_size - ($mac_len % $block_size); + my $plaintext = "A" x $plaintext_len; + + my $data = "B" x $block_size; # Explicit IV. + $data .= $plaintext; + $data .= TLSProxy::Proxy::fill_known_data($mac_len); # MAC. + + # Add padding. + for (my $i = 0; $i < 256; $i++) { + if ($i == $bad_padding_offset) { + $data .= "\xfe"; + } else { + $data .= "\xff"; + } + } + + my $record = TLSProxy::Record->new( + $proxy->flight, + TLSProxy::Record::RT_APPLICATION_DATA, + TLSProxy::Record::VERS_TLS_1_2, + length($data), + 0, + length($data), + $plaintext_len, + $data, + $plaintext, + ); + + # Send the record immediately after the server Finished. + push @{$proxy->record_list}, $record; + } +} diff --git a/openssl-1.1.0h/test/recipes/70-test_sslcertstatus.t b/openssl-1.1.0h/test/recipes/70-test_sslcertstatus.t new file mode 100644 index 0000000..104ee9c --- /dev/null +++ b/openssl-1.1.0h/test/recipes/70-test_sslcertstatus.t @@ -0,0 +1,66 @@ +#! /usr/bin/env perl +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/; +use OpenSSL::Test::Utils; +use TLSProxy::Proxy; + +my $test_name = "test_sslcertstatus"; +setup($test_name); + +plan skip_all => "TLSProxy isn't usable on $^O" + if $^O =~ /^(VMS)$/; + +plan skip_all => "$test_name needs the dynamic engine feature enabled" + if disabled("engine") || disabled("dynamic-engine"); + +plan skip_all => "$test_name needs the sock feature enabled" + if disabled("sock"); + +plan skip_all => "$test_name needs the ocsp feature enabled" + if disabled("ocsp"); + +plan skip_all => "$test_name needs TLS enabled" + if alldisabled(available_protocols("tls")); + +$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; +my $proxy = TLSProxy::Proxy->new( + \&certstatus_filter, + cmdstr(app(["openssl"]), display => 1), + srctop_file("apps", "server.pem"), + (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) +); + +#Test 1: Sending a status_request extension in both ClientHello and +#ServerHello but then omitting the CertificateStatus message is valid +$proxy->clientflags("-status"); +$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +plan tests => 1; +ok(TLSProxy::Message->success, "Missing CertificateStatus message"); + +sub certstatus_filter +{ + my $proxy = shift; + + # We're only interested in the initial ServerHello + if ($proxy->flight != 1) { + return; + } + + foreach my $message (@{$proxy->message_list}) { + if ($message->mt == TLSProxy::Message::MT_SERVER_HELLO) { + #Add the status_request to the ServerHello even though we are not + #going to send a CertificateStatus message + $message->set_extension(TLSProxy::Message::EXT_STATUS_REQUEST, + ""); + + $message->repack(); + } + } +} diff --git a/openssl-1.1.0h/test/recipes/70-test_sslextension.t b/openssl-1.1.0h/test/recipes/70-test_sslextension.t new file mode 100644 index 0000000..8d6ccc6 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/70-test_sslextension.t @@ -0,0 +1,112 @@ +#! /usr/bin/env perl +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/; +use OpenSSL::Test::Utils; +use TLSProxy::Proxy; + +my $test_name = "test_sslextension"; +setup($test_name); + +plan skip_all => "TLSProxy isn't usable on $^O" + if $^O =~ /^(VMS)$/; + +plan skip_all => "$test_name needs the dynamic engine feature enabled" + if disabled("engine") || disabled("dynamic-engine"); + +plan skip_all => "$test_name needs the sock feature enabled" + if disabled("sock"); + +plan skip_all => "$test_name needs TLS enabled" + if alldisabled(available_protocols("tls")); + +$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; +my $proxy = TLSProxy::Proxy->new( + \&extension_filter, + cmdstr(app(["openssl"]), display => 1), + srctop_file("apps", "server.pem"), + (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) +); + +# Test 1: Sending a zero length extension block should pass +$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +plan tests => 3; +ok(TLSProxy::Message->success, "Zero extension length test"); + +sub extension_filter +{ + my $proxy = shift; + + # We're only interested in the initial ClientHello + if ($proxy->flight != 0) { + return; + } + + foreach my $message (@{$proxy->message_list}) { + if ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO) { + # Remove all extensions and set the extension len to zero + $message->extension_data({}); + $message->extensions_len(0); + # Extensions have been removed so make sure we don't try to use them + $message->process_extensions(); + + $message->repack(); + } + } +} + +# Test 2-3: Sending a duplicate extension should fail. +sub inject_duplicate_extension +{ + my ($proxy, $message_type) = @_; + + foreach my $message (@{$proxy->message_list}) { + if ($message->mt == $message_type) { + my %extensions = %{$message->extension_data}; + # Add a duplicate (unknown) extension. + $message->set_extension(TLSProxy::Message::EXT_DUPLICATE_EXTENSION, ""); + $message->set_extension(TLSProxy::Message::EXT_DUPLICATE_EXTENSION, ""); + $message->repack(); + } + } +} + +sub inject_duplicate_extension_clienthello +{ + my $proxy = shift; + + # We're only interested in the initial ClientHello + if ($proxy->flight != 0) { + return; + } + + inject_duplicate_extension($proxy, TLSProxy::Message::MT_CLIENT_HELLO); +} + +sub inject_duplicate_extension_serverhello +{ + my $proxy = shift; + + # We're only interested in the initial ServerHello + if ($proxy->flight != 1) { + return; + } + + inject_duplicate_extension($proxy, TLSProxy::Message::MT_SERVER_HELLO); +} + +$proxy->clear(); +$proxy->filter(\&inject_duplicate_extension_clienthello); +$proxy->start(); +ok(TLSProxy::Message->fail(), "Duplicate ClientHello extension"); + +$proxy->clear(); +$proxy->filter(\&inject_duplicate_extension_serverhello); +$proxy->start(); +ok(TLSProxy::Message->fail(), "Duplicate ServerHello extension"); diff --git a/openssl-1.1.0h/test/recipes/70-test_sslmessages.t b/openssl-1.1.0h/test/recipes/70-test_sslmessages.t new file mode 100644 index 0000000..b4631ea --- /dev/null +++ b/openssl-1.1.0h/test/recipes/70-test_sslmessages.t @@ -0,0 +1,147 @@ +#! /usr/bin/env perl +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/; +use OpenSSL::Test::Utils; +use File::Temp qw(tempfile); +use TLSProxy::Proxy; +my $test_name = "test_tls13messages"; +setup($test_name); + +plan skip_all => "TLSProxy isn't usable on $^O" + if $^O =~ /^(VMS)$/; + +plan skip_all => "$test_name needs the dynamic engine feature enabled" + if disabled("engine") || disabled("dynamic-engine"); + +plan skip_all => "$test_name needs the sock feature enabled" + if disabled("sock"); + +plan skip_all => "$test_name needs TLS enabled" + if alldisabled(available_protocols("tls")); + +$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; + +use constant { + DEFAULT_HANDSHAKE => 1, + OCSP_HANDSHAKE => 2, + RESUME_HANDSHAKE => 4, + CLIENT_AUTH_HANDSHAKE => 8, + RENEG_HANDSHAKE => 16, + + ALL_HANDSHAKES => 31 +}; + +my @handmessages = ( + [TLSProxy::Message::MT_CLIENT_HELLO, ALL_HANDSHAKES], + [TLSProxy::Message::MT_SERVER_HELLO, ALL_HANDSHAKES], + [TLSProxy::Message::MT_CERTIFICATE, ALL_HANDSHAKES & ~RESUME_HANDSHAKE], + [TLSProxy::Message::MT_CERTIFICATE_STATUS, OCSP_HANDSHAKE], + #ServerKeyExchange handshakes not currently supported by TLSProxy + [TLSProxy::Message::MT_CERTIFICATE_REQUEST, CLIENT_AUTH_HANDSHAKE], + [TLSProxy::Message::MT_SERVER_HELLO_DONE, ALL_HANDSHAKES & ~RESUME_HANDSHAKE], + [TLSProxy::Message::MT_CERTIFICATE, CLIENT_AUTH_HANDSHAKE], + [TLSProxy::Message::MT_CLIENT_KEY_EXCHANGE, ALL_HANDSHAKES & ~RESUME_HANDSHAKE], + [TLSProxy::Message::MT_CERTIFICATE_VERIFY, CLIENT_AUTH_HANDSHAKE], + [TLSProxy::Message::MT_FINISHED, ALL_HANDSHAKES], + [TLSProxy::Message::MT_NEW_SESSION_TICKET, ALL_HANDSHAKES & ~RESUME_HANDSHAKE], + [TLSProxy::Message::MT_FINISHED, ALL_HANDSHAKES], + [TLSProxy::Message::MT_CLIENT_HELLO, RENEG_HANDSHAKE], + [TLSProxy::Message::MT_SERVER_HELLO, RENEG_HANDSHAKE], + [TLSProxy::Message::MT_CERTIFICATE, RENEG_HANDSHAKE], + [TLSProxy::Message::MT_SERVER_HELLO_DONE, RENEG_HANDSHAKE], + [TLSProxy::Message::MT_CLIENT_KEY_EXCHANGE, RENEG_HANDSHAKE], + [TLSProxy::Message::MT_FINISHED, RENEG_HANDSHAKE], + [TLSProxy::Message::MT_NEW_SESSION_TICKET, RENEG_HANDSHAKE], + [TLSProxy::Message::MT_FINISHED, RENEG_HANDSHAKE], + [0, 0] +); + +my $proxy = TLSProxy::Proxy->new( + undef, + cmdstr(app(["openssl"]), display => 1), + srctop_file("apps", "server.pem"), + (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) +); + +sub checkmessages($$); + +#Test 1: Check we get all the right messages for a default handshake +(undef, my $session) = tempfile(); +$proxy->serverconnects(2); +$proxy->clientflags("-sess_out ".$session); +$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +plan tests => 5; +checkmessages(DEFAULT_HANDSHAKE, "Default handshake test"); + +#Test 2: Resumption handshake +$proxy->clearClient(); +$proxy->clientflags("-sess_in ".$session); +$proxy->clientstart(); +checkmessages(RESUME_HANDSHAKE, "Resumption handshake test"); +unlink $session; + +#Test 3: A client auth handshake +$proxy->clear(); +$proxy->clientflags("-cert ".srctop_file("apps", "server.pem")); +$proxy->serverflags("-Verify 5"); +$proxy->start(); +checkmessages(CLIENT_AUTH_HANDSHAKE, "Client auth handshake test"); + +#Test 4: A handshake with a renegotiation +$proxy->clear(); +$proxy->reneg(1); +$proxy->start(); +checkmessages(RENEG_HANDSHAKE, "Renegotiation handshake test"); + +#Test 5: A handshake with a renegotiation and client auth +$proxy->clear(); +$proxy->clientflags("-cert ".srctop_file("apps", "server.pem")); +$proxy->serverflags("-Verify 5"); +$proxy->reneg(1); +$proxy->start(); +checkmessages(RENEG_HANDSHAKE | CLIENT_AUTH_HANDSHAKE, + "Renogitation and client auth handshake test"); + +sub checkmessages($$) +{ + my ($handtype, $testname) = @_; + + subtest $testname => sub { + my $loop = 0; + my $numtests; + + #First count the number of tests + for ($numtests = 0; $handmessages[$loop][1] != 0; $loop++) { + $numtests++ if (($handmessages[$loop][1] & $handtype) != 0); + } + + plan tests => $numtests; + + my $nextmess = 0; + my $message = undef; + for ($loop = 0; $handmessages[$loop][1] != 0; $loop++) { + next if (($handmessages[$loop][1] & $handtype) == 0); + if (scalar @{$proxy->message_list} > $nextmess) { + $message = ${$proxy->message_list}[$nextmess]; + $nextmess++; + } else { + $message = undef; + } + if (!defined $message) { + fail("Message type check. Got nothing, expected " + .$handmessages[$loop][0]); + } else { + ok($message->mt == $handmessages[$loop][0], + "Message type check. Got ".$message->mt + .", expected ".$handmessages[$loop][0]); + } + } + } +} diff --git a/openssl-1.1.0h/test/recipes/70-test_sslrecords.t b/openssl-1.1.0h/test/recipes/70-test_sslrecords.t new file mode 100644 index 0000000..ef3f509 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/70-test_sslrecords.t @@ -0,0 +1,381 @@ +#! /usr/bin/env perl +# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/; +use OpenSSL::Test::Utils; +use TLSProxy::Proxy; + +my $test_name = "test_sslrecords"; +setup($test_name); + +plan skip_all => "TLSProxy isn't usable on $^O" + if $^O =~ /^(VMS)$/; + +plan skip_all => "$test_name needs the dynamic engine feature enabled" + if disabled("engine") || disabled("dynamic-engine"); + +plan skip_all => "$test_name needs the sock feature enabled" + if disabled("sock"); + +plan skip_all => "$test_name needs TLSv1.2 enabled" + if disabled("tls1_2"); + +$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; +my $proxy = TLSProxy::Proxy->new( + \&add_empty_recs_filter, + cmdstr(app(["openssl"]), display => 1), + srctop_file("apps", "server.pem"), + (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) +); + +#Test 1: Injecting out of context empty records should fail +my $content_type = TLSProxy::Record::RT_APPLICATION_DATA; +my $inject_recs_num = 1; +$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +my $num_tests = 10; +if (!disabled("tls1_1")) { + $num_tests++; +} +plan tests => $num_tests; +ok(TLSProxy::Message->fail(), "Out of context empty records test"); + +#Test 2: Injecting in context empty records should succeed +$proxy->clear(); +$content_type = TLSProxy::Record::RT_HANDSHAKE; +$proxy->start(); +ok(TLSProxy::Message->success(), "In context empty records test"); + +#Test 3: Injecting too many in context empty records should fail +$proxy->clear(); +#We allow 32 consecutive in context empty records +$inject_recs_num = 33; +$proxy->start(); +ok(TLSProxy::Message->fail(), "Too many in context empty records test"); + +#Test 4: Injecting a fragmented fatal alert should fail. We actually expect no +# alerts to be sent from either side because *we* injected the fatal +# alert, i.e. this will look like a disorderly close +$proxy->clear(); +$proxy->filter(\&add_frag_alert_filter); +$proxy->start(); +ok(!TLSProxy::Message->end(), "Fragmented alert records test"); + +#Run some SSLv2 ClientHello tests + +use constant { + TLSV1_2_IN_SSLV2 => 0, + SSLV2_IN_SSLV2 => 1, + FRAGMENTED_IN_TLSV1_2 => 2, + FRAGMENTED_IN_SSLV2 => 3, + ALERT_BEFORE_SSLV2 => 4 +}; +#Test 5: Inject an SSLv2 style record format for a TLSv1.2 ClientHello +my $sslv2testtype = TLSV1_2_IN_SSLV2; +$proxy->clear(); +$proxy->filter(\&add_sslv2_filter); +$proxy->start(); +ok(TLSProxy::Message->success(), "TLSv1.2 in SSLv2 ClientHello test"); + +#Test 6: Inject an SSLv2 style record format for an SSLv2 ClientHello. We don't +# support this so it should fail. We actually treat it as an unknown +# protocol so we don't even send an alert in this case. +$sslv2testtype = SSLV2_IN_SSLV2; +$proxy->clear(); +$proxy->start(); +ok(!TLSProxy::Message->end(), "SSLv2 in SSLv2 ClientHello test"); + +#Test 7: Sanity check ClientHello fragmentation. This isn't really an SSLv2 test +# at all, but it gives us confidence that Test 8 fails for the right +# reasons +$sslv2testtype = FRAGMENTED_IN_TLSV1_2; +$proxy->clear(); +$proxy->start(); +ok(TLSProxy::Message->success(), "Fragmented ClientHello in TLSv1.2 test"); + +#Test 8: Fragment a TLSv1.2 ClientHello across a TLS1.2 record; an SSLv2 +# record; and another TLS1.2 record. This isn't allowed so should fail +$sslv2testtype = FRAGMENTED_IN_SSLV2; +$proxy->clear(); +$proxy->start(); +ok(TLSProxy::Message->fail(), "Fragmented ClientHello in TLSv1.2/SSLv2 test"); + +#Test 9: Send a TLS warning alert before an SSLv2 ClientHello. This should +# fail because an SSLv2 ClientHello must be the first record. +$sslv2testtype = ALERT_BEFORE_SSLV2; +$proxy->clear(); +$proxy->start(); +ok(TLSProxy::Message->fail(), "Alert before SSLv2 ClientHello test"); + +#Unrecognised record type tests + +#Test 10: Sending an unrecognised record type in TLS1.2 should fail +$proxy->clear(); +$proxy->filter(\&add_unknown_record_type); +$proxy->start(); +ok(TLSProxy::Message->fail(), "Unrecognised record type in TLS1.2"); + +#Test 11: Sending an unrecognised record type in TLS1.1 should fail +if (!disabled("tls1_1")) { + $proxy->clear(); + $proxy->clientflags("-tls1_1"); + $proxy->start(); + ok(TLSProxy::Message->fail(), "Unrecognised record type in TLS1.1"); +} + +sub add_empty_recs_filter +{ + my $proxy = shift; + + # We're only interested in the initial ClientHello + if ($proxy->flight != 0) { + return; + } + + for (my $i = 0; $i < $inject_recs_num; $i++) { + my $record = TLSProxy::Record->new( + 0, + $content_type, + TLSProxy::Record::VERS_TLS_1_2, + 0, + 0, + 0, + 0, + "", + "" + ); + + push @{$proxy->record_list}, $record; + } +} + +sub add_frag_alert_filter +{ + my $proxy = shift; + my $byte; + + # We're only interested in the initial ClientHello + if ($proxy->flight != 0) { + return; + } + + # Add a zero length fragment first + #my $record = TLSProxy::Record->new( + # 0, + # TLSProxy::Record::RT_ALERT, + # TLSProxy::Record::VERS_TLS_1_2, + # 0, + # 0, + # 0, + # "", + # "" + #); + #push @{$proxy->record_list}, $record; + + # Now add the alert level (Fatal) as a separate record + $byte = pack('C', TLSProxy::Message::AL_LEVEL_FATAL); + my $record = TLSProxy::Record->new( + 0, + TLSProxy::Record::RT_ALERT, + TLSProxy::Record::VERS_TLS_1_2, + 1, + 0, + 1, + 1, + $byte, + $byte + ); + push @{$proxy->record_list}, $record; + + # And finally the description (Unexpected message) in a third record + $byte = pack('C', TLSProxy::Message::AL_DESC_UNEXPECTED_MESSAGE); + $record = TLSProxy::Record->new( + 0, + TLSProxy::Record::RT_ALERT, + TLSProxy::Record::VERS_TLS_1_2, + 1, + 0, + 1, + 1, + $byte, + $byte + ); + push @{$proxy->record_list}, $record; +} + +sub add_sslv2_filter +{ + my $proxy = shift; + my $clienthello; + my $record; + + # We're only interested in the initial ClientHello + if ($proxy->flight != 0) { + return; + } + + # Ditch the real ClientHello - we're going to replace it with our own + shift @{$proxy->record_list}; + + if ($sslv2testtype == ALERT_BEFORE_SSLV2) { + my $alert = pack('CC', TLSProxy::Message::AL_LEVEL_FATAL, + TLSProxy::Message::AL_DESC_NO_RENEGOTIATION); + my $alertlen = length $alert; + $record = TLSProxy::Record->new( + 0, + TLSProxy::Record::RT_ALERT, + TLSProxy::Record::VERS_TLS_1_2, + $alertlen, + 0, + $alertlen, + $alertlen, + $alert, + $alert + ); + + push @{$proxy->record_list}, $record; + } + + if ($sslv2testtype == ALERT_BEFORE_SSLV2 + || $sslv2testtype == TLSV1_2_IN_SSLV2 + || $sslv2testtype == SSLV2_IN_SSLV2) { + # This is an SSLv2 format ClientHello + $clienthello = + pack "C44", + 0x01, # ClientHello + 0x03, 0x03, #TLSv1.2 + 0x00, 0x03, # Ciphersuites len + 0x00, 0x00, # Session id len + 0x00, 0x20, # Challenge len + 0x00, 0x00, 0x2f, #AES128-SHA + 0x01, 0x18, 0x9F, 0x76, 0xEC, 0x57, 0xCE, 0xE5, 0xB3, 0xAB, 0x79, 0x90, + 0xAD, 0xAC, 0x6E, 0xD1, 0x58, 0x35, 0x03, 0x97, 0x16, 0x10, 0x82, 0x56, + 0xD8, 0x55, 0xFF, 0xE1, 0x8A, 0xA3, 0x2E, 0xF6; # Challenge + + if ($sslv2testtype == SSLV2_IN_SSLV2) { + # Set the version to "real" SSLv2 + vec($clienthello, 1, 8) = 0x00; + vec($clienthello, 2, 8) = 0x02; + } + + my $chlen = length $clienthello; + + $record = TLSProxy::Record->new( + 0, + TLSProxy::Record::RT_HANDSHAKE, + TLSProxy::Record::VERS_TLS_1_2, + $chlen, + 1, #SSLv2 + $chlen, + $chlen, + $clienthello, + $clienthello + ); + + push @{$proxy->record_list}, $record; + } else { + # For this test we're using a real TLS ClientHello + $clienthello = + pack "C49", + 0x01, # ClientHello + 0x00, 0x00, 0x2D, # Message length + 0x03, 0x03, # TLSv1.2 + 0x01, 0x18, 0x9F, 0x76, 0xEC, 0x57, 0xCE, 0xE5, 0xB3, 0xAB, 0x79, 0x90, + 0xAD, 0xAC, 0x6E, 0xD1, 0x58, 0x35, 0x03, 0x97, 0x16, 0x10, 0x82, 0x56, + 0xD8, 0x55, 0xFF, 0xE1, 0x8A, 0xA3, 0x2E, 0xF6, # Random + 0x00, # Session id len + 0x00, 0x04, # Ciphersuites len + 0x00, 0x2f, # AES128-SHA + 0x00, 0xff, # Empty reneg info SCSV + 0x01, # Compression methods len + 0x00, # Null compression + 0x00, 0x00; # Extensions len + + # Split this into 3: A TLS record; a SSLv2 record and a TLS record. + # We deliberately split the second record prior to the Challenge/Random + # and set the first byte of the random to 1. This makes the second SSLv2 + # record look like an SSLv2 ClientHello + my $frag1 = substr $clienthello, 0, 6; + my $frag2 = substr $clienthello, 6, 32; + my $frag3 = substr $clienthello, 38; + + my $fraglen = length $frag1; + $record = TLSProxy::Record->new( + 0, + TLSProxy::Record::RT_HANDSHAKE, + TLSProxy::Record::VERS_TLS_1_2, + $fraglen, + 0, + $fraglen, + $fraglen, + $frag1, + $frag1 + ); + push @{$proxy->record_list}, $record; + + $fraglen = length $frag2; + my $recvers; + if ($sslv2testtype == FRAGMENTED_IN_SSLV2) { + $recvers = 1; + } else { + $recvers = 0; + } + $record = TLSProxy::Record->new( + 0, + TLSProxy::Record::RT_HANDSHAKE, + TLSProxy::Record::VERS_TLS_1_2, + $fraglen, + $recvers, + $fraglen, + $fraglen, + $frag2, + $frag2 + ); + push @{$proxy->record_list}, $record; + + $fraglen = length $frag3; + $record = TLSProxy::Record->new( + 0, + TLSProxy::Record::RT_HANDSHAKE, + TLSProxy::Record::VERS_TLS_1_2, + $fraglen, + 0, + $fraglen, + $fraglen, + $frag3, + $frag3 + ); + push @{$proxy->record_list}, $record; + } + +} + +sub add_unknown_record_type +{ + my $proxy = shift; + + # We'll change a record after the initial version neg has taken place + if ($proxy->flight != 2) { + return; + } + + my $lastrec = ${$proxy->record_list}[-1]; + my $record = TLSProxy::Record->new( + 2, + TLSProxy::Record::RT_UNKNOWN, + $lastrec->version(), + 1, + 0, + 1, + 1, + "X", + "X" + ); + + unshift @{$proxy->record_list}, $record; +} diff --git a/openssl-1.1.0h/test/recipes/70-test_sslsessiontick.t b/openssl-1.1.0h/test/recipes/70-test_sslsessiontick.t new file mode 100644 index 0000000..4a8636e --- /dev/null +++ b/openssl-1.1.0h/test/recipes/70-test_sslsessiontick.t @@ -0,0 +1,268 @@ +#! /usr/bin/env perl +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/; +use OpenSSL::Test::Utils; +use TLSProxy::Proxy; +use File::Temp qw(tempfile); + +my $test_name = "test_sslsessiontick"; +setup($test_name); + +plan skip_all => "TLSProxy isn't usable on $^O" + if $^O =~ /^(VMS)$/; + +plan skip_all => "$test_name needs the dynamic engine feature enabled" + if disabled("engine") || disabled("dynamic-engine"); + +plan skip_all => "$test_name needs the sock feature enabled" + if disabled("sock"); + +plan skip_all => "$test_name needs TLS enabled" + if alldisabled(available_protocols("tls")); + +$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; + +sub checkmessages($$$$$$); +sub clearclient(); +sub clearall(); + +my $chellotickext = 0; +my $shellotickext = 0; +my $fullhand = 0; +my $ticketseen = 0; + +my $proxy = TLSProxy::Proxy->new( + undef, + cmdstr(app(["openssl"]), display => 1), + srctop_file("apps", "server.pem"), + (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) +); + +#Test 1: By default with no existing session we should get a session ticket +#Expected result: ClientHello extension seen; ServerHello extension seen +# NewSessionTicket message seen; Full handshake +$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +plan tests => 10; +checkmessages(1, "Default session ticket test", 1, 1, 1, 1); + +#Test 2: If the server does not accept tickets we should get a normal handshake +#with no session tickets +#Expected result: ClientHello extension seen; ServerHello extension not seen +# NewSessionTicket message not seen; Full handshake +clearall(); +$proxy->serverflags("-no_ticket"); +$proxy->start(); +checkmessages(2, "No server support session ticket test", 1, 0, 0, 1); + +#Test 3: If the client does not accept tickets we should get a normal handshake +#with no session tickets +#Expected result: ClientHello extension not seen; ServerHello extension not seen +# NewSessionTicket message not seen; Full handshake +clearall(); +$proxy->clientflags("-no_ticket"); +$proxy->start(); +checkmessages(3, "No client support session ticket test", 0, 0, 0, 1); + +#Test 4: Test session resumption with session ticket +#Expected result: ClientHello extension seen; ServerHello extension not seen +# NewSessionTicket message not seen; Abbreviated handshake +clearall(); +(undef, my $session) = tempfile(); +$proxy->serverconnects(2); +$proxy->clientflags("-sess_out ".$session); +$proxy->start(); +$proxy->clearClient(); +$proxy->clientflags("-sess_in ".$session); +$proxy->clientstart(); +checkmessages(4, "Session resumption session ticket test", 1, 0, 0, 0); +unlink $session; + +#Test 5: Test session resumption with ticket capable client without a ticket +#Expected result: ClientHello extension seen; ServerHello extension seen +# NewSessionTicket message seen; Abbreviated handshake +clearall(); +(undef, $session) = tempfile(); +$proxy->serverconnects(2); +$proxy->clientflags("-sess_out ".$session." -no_ticket"); +$proxy->start(); +$proxy->clearClient(); +$proxy->clientflags("-sess_in ".$session); +$proxy->clientstart(); +checkmessages(5, "Session resumption with ticket capable client without a " + ."ticket", 1, 1, 1, 0); +unlink $session; + +#Test 6: Client accepts empty ticket. +#Expected result: ClientHello extension seen; ServerHello extension seen; +# NewSessionTicket message seen; Full handshake. +clearall(); +$proxy->filter(\&ticket_filter); +$proxy->start(); +checkmessages(6, "Empty ticket test", 1, 1, 1, 1); + +#Test 7-8: Client keeps existing ticket on empty ticket. +clearall(); +(undef, $session) = tempfile(); +$proxy->serverconnects(3); +$proxy->filter(undef); +$proxy->clientflags("-sess_out ".$session); +$proxy->start(); +$proxy->clearClient(); +$proxy->clientflags("-sess_in ".$session." -sess_out ".$session); +$proxy->filter(\&inject_empty_ticket_filter); +$proxy->clientstart(); +#Expected result: ClientHello extension seen; ServerHello extension seen; +# NewSessionTicket message seen; Abbreviated handshake. +checkmessages(7, "Empty ticket resumption test", 1, 1, 1, 0); +clearclient(); +$proxy->clientflags("-sess_in ".$session); +$proxy->filter(undef); +$proxy->clientstart(); +#Expected result: ClientHello extension seen; ServerHello extension not seen; +# NewSessionTicket message not seen; Abbreviated handshake. +checkmessages(8, "Empty ticket resumption test", 1, 0, 0, 0); +unlink $session; + +#Test 9: Bad server sends the ServerHello extension but does not send a +#NewSessionTicket +#Expected result: Connection failure +clearall(); +$proxy->serverflags("-no_ticket"); +$proxy->filter(\&inject_ticket_extension_filter); +$proxy->start(); +ok(TLSProxy::Message->fail, "Server sends ticket extension but no ticket test"); + +#Test10: Bad server does not send the ServerHello extension but does send a +#NewSessionTicket +#Expected result: Connection failure +clearall(); +$proxy->serverflags("-no_ticket"); +$proxy->filter(\&inject_empty_ticket_filter); +$proxy->start(); +ok(TLSProxy::Message->fail, "No server ticket extension but ticket sent test"); + +sub ticket_filter +{ + my $proxy = shift; + + foreach my $message (@{$proxy->message_list}) { + if ($message->mt == TLSProxy::Message::MT_NEW_SESSION_TICKET) { + $message->ticket(""); + $message->repack(); + } + } +} + +sub inject_empty_ticket_filter { + my $proxy = shift; + + foreach my $message (@{$proxy->message_list}) { + if ($message->mt == TLSProxy::Message::MT_NEW_SESSION_TICKET) { + # Only inject the message first time we're called. + return; + } + } + + my @new_message_list = (); + foreach my $message (@{$proxy->message_list}) { + push @new_message_list, $message; + if ($message->mt == TLSProxy::Message::MT_SERVER_HELLO) { + $message->set_extension(TLSProxy::Message::EXT_SESSION_TICKET, ""); + $message->repack(); + # Tack NewSessionTicket onto the ServerHello record. + # This only works if the ServerHello is exactly one record. + my $record = ${$message->records}[0]; + + my $offset = $message->startoffset + $message->encoded_length; + my $newsessionticket = TLSProxy::NewSessionTicket->new( + 1, "", [$record], $offset, []); + $newsessionticket->repack(); + push @new_message_list, $newsessionticket; + } + } + $proxy->message_list([@new_message_list]); +} + +sub inject_ticket_extension_filter +{ + my $proxy = shift; + + # We're only interested in the initial ServerHello + if ($proxy->flight != 1) { + return; + } + + foreach my $message (@{$proxy->message_list}) { + if ($message->mt == TLSProxy::Message::MT_SERVER_HELLO) { + #Add the session ticket extension to the ServerHello even though + #we are not going to send a NewSessionTicket message + $message->set_extension(TLSProxy::Message::EXT_SESSION_TICKET, ""); + + $message->repack(); + } + } +} + +sub checkmessages($$$$$$) +{ + my ($testno, $testname, $testch, $testsh, $testtickseen, $testhand) = @_; + + subtest $testname => sub { + + foreach my $message (@{$proxy->message_list}) { + if ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO + || $message->mt == TLSProxy::Message::MT_SERVER_HELLO) { + #Get the extensions data + my %extensions = %{$message->extension_data}; + if (defined + $extensions{TLSProxy::Message::EXT_SESSION_TICKET}) { + if ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO) { + $chellotickext = 1; + } else { + $shellotickext = 1; + } + } + } elsif ($message->mt == TLSProxy::Message::MT_CLIENT_KEY_EXCHANGE) { + #Must be doing a full handshake + $fullhand = 1; + } elsif ($message->mt == TLSProxy::Message::MT_NEW_SESSION_TICKET) { + $ticketseen = 1; + } + } + + plan tests => 5; + + ok(TLSProxy::Message->success, "Handshake"); + ok(($testch && $chellotickext) || (!$testch && !$chellotickext), + "ClientHello extension Session Ticket check"); + ok(($testsh && $shellotickext) || (!$testsh && !$shellotickext), + "ServerHello extension Session Ticket check"); + ok(($testtickseen && $ticketseen) || (!$testtickseen && !$ticketseen), + "Session Ticket message presence check"); + ok(($testhand && $fullhand) || (!$testhand && !$fullhand), + "Session Ticket full handshake check"); + } +} + + +sub clearclient() +{ + $chellotickext = 0; + $shellotickext = 0; + $fullhand = 0; + $ticketseen = 0; + $proxy->clearClient(); +} + +sub clearall() +{ + clearclient(); + $proxy->clear(); +} diff --git a/openssl-1.1.0h/test/recipes/70-test_sslskewith0p.t b/openssl-1.1.0h/test/recipes/70-test_sslskewith0p.t new file mode 100644 index 0000000..af87739 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/70-test_sslskewith0p.t @@ -0,0 +1,65 @@ +#! /usr/bin/env perl +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/; +use OpenSSL::Test::Utils; +use TLSProxy::Proxy; + +my $test_name = "test_sslskewith0p"; +setup($test_name); + +plan skip_all => "TLSProxy isn't usable on $^O" + if $^O =~ /^(VMS)$/; + +plan skip_all => "$test_name needs the dynamic engine feature enabled" + if disabled("engine") || disabled("dynamic-engine"); + +plan skip_all => "dh is not supported by this OpenSSL build" + if disabled("dh"); + +plan skip_all => "$test_name needs the sock feature enabled" + if disabled("sock"); + +plan skip_all => "$test_name needs TLS enabled" + if alldisabled(available_protocols("tls")); + +$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; +my $proxy = TLSProxy::Proxy->new( + \&ske_0_p_filter, + cmdstr(app(["openssl"]), display => 1), + srctop_file("apps", "server.pem"), + (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) +); + +#We must use an anon DHE cipher for this test +$proxy->cipherc('ADH-AES128-SHA:@SECLEVEL=0'); +$proxy->ciphers('ADH-AES128-SHA:@SECLEVEL=0'); + +$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +plan tests => 1; +ok(TLSProxy::Message->fail, "ServerKeyExchange with 0 p"); + +sub ske_0_p_filter +{ + my $proxy = shift; + + # We're only interested in the SKE - always in flight 1 + if ($proxy->flight != 1) { + return; + } + + foreach my $message (@{$proxy->message_list}) { + if ($message->mt == TLSProxy::Message::MT_SERVER_KEY_EXCHANGE) { + #Set p to a value of 0 + $message->p(pack('C', 0)); + + $message->repack(); + } + } +} diff --git a/openssl-1.1.0h/test/recipes/70-test_sslvertol.t b/openssl-1.1.0h/test/recipes/70-test_sslvertol.t new file mode 100644 index 0000000..59c2cdd --- /dev/null +++ b/openssl-1.1.0h/test/recipes/70-test_sslvertol.t @@ -0,0 +1,67 @@ +#! /usr/bin/env perl +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/; +use OpenSSL::Test::Utils; +use TLSProxy::Proxy; + +my $test_name = "test_sslextension"; +setup($test_name); + +plan skip_all => "TLSProxy isn't usable on $^O" + if $^O =~ /^(VMS)$/; + +plan skip_all => "$test_name needs the dynamic engine feature enabled" + if disabled("engine") || disabled("dynamic-engine"); + +plan skip_all => "$test_name needs the sock feature enabled" + if disabled("sock"); + +plan skip_all => "$test_name needs TLS enabled" + if alldisabled(available_protocols("tls")); + +$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; +my $proxy = TLSProxy::Proxy->new( + \&vers_tolerance_filter, + cmdstr(app(["openssl"]), display => 1), + srctop_file("apps", "server.pem"), + (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) +); + +#Test 1: Asking for TLS1.3 should pass +my $client_version = TLSProxy::Record::VERS_TLS_1_3; +$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +plan tests => 2; +ok(TLSProxy::Message->success(), "Version tolerance test, TLS 1.3"); + +#Test 2: Testing something below SSLv3 should fail +$client_version = TLSProxy::Record::VERS_SSL_3_0 - 1; +$proxy->clear(); +$proxy->start(); +ok(TLSProxy::Message->fail(), "Version tolerance test, SSL < 3.0"); + +sub vers_tolerance_filter +{ + my $proxy = shift; + + # We're only interested in the initial ClientHello + if ($proxy->flight != 0) { + return; + } + + foreach my $message (@{$proxy->message_list}) { + if ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO) { + #Set the client version + #Anything above the max supported version (TLS1.2) should succeed + #Anything below SSLv3 should fail + $message->client_version($client_version); + $message->repack(); + } + } +} diff --git a/openssl-1.1.0h/test/recipes/70-test_tlsextms.t b/openssl-1.1.0h/test/recipes/70-test_tlsextms.t new file mode 100644 index 0000000..d39acf4 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/70-test_tlsextms.t @@ -0,0 +1,238 @@ +#! /usr/bin/env perl +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/; +use OpenSSL::Test::Utils; +use TLSProxy::Proxy; +use File::Temp qw(tempfile); + +my $test_name = "test_tlsextms"; +setup($test_name); + +plan skip_all => "TLSProxy isn't usable on $^O" + if $^O =~ /^(VMS)$/; + +plan skip_all => "$test_name needs the dynamic engine feature enabled" + if disabled("engine") || disabled("dynamic-engine"); + +plan skip_all => "$test_name needs the sock feature enabled" + if disabled("sock"); + +plan skip_all => "$test_name needs TLS enabled" + if alldisabled(available_protocols("tls")); + +$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; + +sub checkmessages($$$$$); +sub setrmextms($$); +sub clearall(); + +my $crmextms = 0; +my $srmextms = 0; +my $cextms = 0; +my $sextms = 0; +my $fullhand = 0; + +my $proxy = TLSProxy::Proxy->new( + \&extms_filter, + cmdstr(app(["openssl"]), display => 1), + srctop_file("apps", "server.pem"), + (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) +); + +#Test 1: By default server and client should send extended master secret +# extension. +#Expected result: ClientHello extension seen; ServerHello extension seen +# Full handshake + +setrmextms(0, 0); +$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +plan tests => 9; +checkmessages(1, "Default extended master secret test", 1, 1, 1); + +#Test 2: If client omits extended master secret extension, server should too. +#Expected result: ClientHello extension not seen; ServerHello extension not seen +# Full handshake + +clearall(); +setrmextms(1, 0); +$proxy->start(); +checkmessages(2, "No client extension extended master secret test", 0, 0, 1); + +# Test 3: same as 1 but with session tickets disabled. +# Expected result: same as test 1. + +clearall(); +$proxy->clientflags("-no_ticket"); +setrmextms(0, 0); +$proxy->start(); +checkmessages(3, "No ticket extended master secret test", 1, 1, 1); + +# Test 4: same as 2 but with session tickets disabled. +# Expected result: same as test 2. + +clearall(); +$proxy->clientflags("-no_ticket"); +setrmextms(1, 0); +$proxy->start(); +checkmessages(2, "No ticket, no client extension extended master secret test", 0, 0, 1); + +#Test 5: Session resumption extended master secret test +# +#Expected result: ClientHello extension seen; ServerHello extension seen +# Abbreviated handshake + +clearall(); +setrmextms(0, 0); +(undef, my $session) = tempfile(); +$proxy->serverconnects(2); +$proxy->clientflags("-sess_out ".$session); +$proxy->start(); +$proxy->clearClient(); +$proxy->clientflags("-sess_in ".$session); +$proxy->clientstart(); +checkmessages(5, "Session resumption extended master secret test", 1, 1, 0); +unlink $session; + +#Test 6: Session resumption extended master secret test original session +# omits extension. Server must not resume session. +#Expected result: ClientHello extension seen; ServerHello extension seen +# Full handshake + +clearall(); +setrmextms(1, 0); +(undef, $session) = tempfile(); +$proxy->serverconnects(2); +$proxy->clientflags("-sess_out ".$session); +$proxy->start(); +$proxy->clearClient(); +$proxy->clientflags("-sess_in ".$session); +setrmextms(0, 0); +$proxy->clientstart(); +checkmessages(6, "Session resumption extended master secret test", 1, 1, 1); +unlink $session; + +#Test 7: Session resumption extended master secret test resumed session +# omits client extension. Server must abort connection. +#Expected result: aborted connection. + +clearall(); +setrmextms(0, 0); +(undef, $session) = tempfile(); +$proxy->serverconnects(2); +$proxy->clientflags("-sess_out ".$session); +$proxy->start(); +$proxy->clearClient(); +$proxy->clientflags("-sess_in ".$session); +setrmextms(1, 0); +$proxy->clientstart(); +ok(TLSProxy::Message->fail(), "Client inconsistent session resumption"); +unlink $session; + +#Test 8: Session resumption extended master secret test resumed session +# omits server extension. Client must abort connection. +#Expected result: aborted connection. + +clearall(); +setrmextms(0, 0); +(undef, $session) = tempfile(); +$proxy->serverconnects(2); +$proxy->clientflags("-sess_out ".$session); +$proxy->start(); +$proxy->clearClient(); +$proxy->clientflags("-sess_in ".$session); +setrmextms(0, 1); +$proxy->clientstart(); +ok(TLSProxy::Message->fail(), "Server inconsistent session resumption 1"); +unlink $session; + +#Test 9: Session resumption extended master secret test initial session +# omits server extension. Client must abort connection. +#Expected result: aborted connection. + +clearall(); +setrmextms(0, 1); +(undef, $session) = tempfile(); +$proxy->serverconnects(2); +$proxy->clientflags("-sess_out ".$session); +$proxy->start(); +$proxy->clearClient(); +$proxy->clientflags("-sess_in ".$session); +setrmextms(0, 0); +$proxy->clientstart(); +ok(TLSProxy::Message->fail(), "Server inconsistent session resumption 2"); +unlink $session; + +sub extms_filter +{ + my $proxy = shift; + + foreach my $message (@{$proxy->message_list}) { + if ($crmextms && $message->mt == TLSProxy::Message::MT_CLIENT_HELLO) { + $message->delete_extension(TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET); + $message->repack(); + } + if ($srmextms && $message->mt == TLSProxy::Message::MT_SERVER_HELLO) { + $message->delete_extension(TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET); + $message->repack(); + } + } +} + +sub checkmessages($$$$$) +{ + my ($testno, $testname, $testcextms, $testsextms, $testhand) = @_; + + subtest $testname => sub { + + foreach my $message (@{$proxy->message_list}) { + if ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO + || $message->mt == TLSProxy::Message::MT_SERVER_HELLO) { + #Get the extensions data + my %extensions = %{$message->extension_data}; + if (defined + $extensions{TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET}) { + if ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO) { + $cextms = 1; + } else { + $sextms = 1; + } + } + } elsif ($message->mt == TLSProxy::Message::MT_CLIENT_KEY_EXCHANGE) { + #Must be doing a full handshake + $fullhand = 1; + } + } + + plan tests => 4; + + ok(TLSProxy::Message->success, "Handshake"); + + ok($testcextms == $cextms, + "ClientHello extension extended master secret check"); + ok($testsextms == $sextms, + "ServerHello extension extended master secret check"); + ok($testhand == $fullhand, + "Extended master secret full handshake check"); + + } +} + +sub setrmextms($$) +{ + ($crmextms, $srmextms) = @_; +} + +sub clearall() +{ + $cextms = 0; + $sextms = 0; + $fullhand = 0; + $proxy->clear(); +} diff --git a/openssl-1.1.0h/test/recipes/70-test_verify_extra.t b/openssl-1.1.0h/test/recipes/70-test_verify_extra.t new file mode 100644 index 0000000..79a33cd --- /dev/null +++ b/openssl-1.1.0h/test/recipes/70-test_verify_extra.t @@ -0,0 +1,19 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_verify_extra"); + +plan tests => 1; + +ok(run(test(["verify_extra_test", + srctop_file("test", "certs", "roots.pem"), + srctop_file("test", "certs", "untrusted.pem"), + srctop_file("test", "certs", "bad.pem")]))); diff --git a/openssl-1.1.0h/test/recipes/80-test_ca.t b/openssl-1.1.0h/test/recipes/80-test_ca.t new file mode 100644 index 0000000..28a090e --- /dev/null +++ b/openssl-1.1.0h/test/recipes/80-test_ca.t @@ -0,0 +1,59 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use POSIX; +use File::Path 2.00 qw/rmtree/; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file/; + +setup("test_ca"); + +$ENV{OPENSSL} = cmdstr(app(["openssl"]), display => 1); +my $std_openssl_cnf = + srctop_file("apps", $^O eq "VMS" ? "openssl-vms.cnf" : "openssl.cnf"); + +rmtree("demoCA", { safe => 0 }); + +plan tests => 4; + SKIP: { + $ENV{OPENSSL_CONFIG} = '-config "'.srctop_file("test", "CAss.cnf").'"'; + skip "failed creating CA structure", 3 + if !ok(run(perlapp(["CA.pl","-newca"], stdin => undef)), + 'creating CA structure'); + + $ENV{OPENSSL_CONFIG} = '-config "'.srctop_file("test", "Uss.cnf").'"'; + skip "failed creating new certificate request", 2 + if !ok(run(perlapp(["CA.pl","-newreq"])), + 'creating certificate request'); + + $ENV{OPENSSL_CONFIG} = '-config "'.$std_openssl_cnf.'"'; + skip "failed to sign certificate request", 1 + if !is(yes(cmdstr(perlapp(["CA.pl", "-sign"]))), 0, + 'signing certificate request'); + + ok(run(perlapp(["CA.pl", "-verify", "newcert.pem"])), + 'verifying new certificate'); +} + + +rmtree("demoCA", { safe => 0 }); +unlink "newcert.pem", "newreq.pem", "newkey.pem"; + + +sub yes { + my $cntr = 10; + open(PIPE, "|-", join(" ",@_)); + local $SIG{PIPE} = "IGNORE"; + 1 while $cntr-- > 0 && print PIPE "y\n"; + close PIPE; + return 0; +} + diff --git a/openssl-1.1.0h/test/recipes/80-test_cipherlist.t b/openssl-1.1.0h/test/recipes/80-test_cipherlist.t new file mode 100644 index 0000000..98d537e --- /dev/null +++ b/openssl-1.1.0h/test/recipes/80-test_cipherlist.t @@ -0,0 +1,26 @@ +#! /usr/bin/perl +# +# Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use OpenSSL::Test::Simple; +use OpenSSL::Test; +use OpenSSL::Test::Utils qw(alldisabled available_protocols); + +setup("test_cipherlist"); + +my $no_anytls = alldisabled(available_protocols("tls")); + +# If we have no protocols, then we also have no supported ciphers. +plan skip_all => "No SSL/TLS protocol is supported by this OpenSSL build." + if $no_anytls; + +simple_test("test_cipherlist", "cipherlist_test", "cipherlist"); diff --git a/openssl-1.1.0h/test/recipes/80-test_cms.t b/openssl-1.1.0h/test/recipes/80-test_cms.t new file mode 100644 index 0000000..f038bea --- /dev/null +++ b/openssl-1.1.0h/test/recipes/80-test_cms.t @@ -0,0 +1,511 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use POSIX; +use File::Spec::Functions qw/catfile/; +use File::Compare qw/compare_text/; +use OpenSSL::Test qw/:DEFAULT srctop_dir srctop_file/; +use OpenSSL::Test::Utils; + +setup("test_cms"); + +plan skip_all => "CMS is not supported by this OpenSSL build" + if disabled("cms"); + +my $smdir = srctop_dir("test", "smime-certs"); +my $smcont = srctop_file("test", "smcont.txt"); +my ($no_des, $no_dh, $no_dsa, $no_ec, $no_ec2m, $no_rc2, $no_zlib) + = disabled qw/des dh dsa ec ec2m rc2 zlib/; + +plan tests => 4; + +my @smime_pkcs7_tests = ( + + [ "signed content DER format, RSA key", + [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach", + "-certfile", catfile($smdir, "smroot.pem"), + "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ], + [ "-verify", "-in", "test.cms", "-inform", "DER", + "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] + ], + + [ "signed detached content DER format, RSA key", + [ "-sign", "-in", $smcont, "-outform", "DER", + "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ], + [ "-verify", "-in", "test.cms", "-inform", "DER", + "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt", + "-content", $smcont ] + ], + + [ "signed content test streaming BER format, RSA", + [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach", + "-stream", + "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ], + [ "-verify", "-in", "test.cms", "-inform", "DER", + "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] + ], + + [ "signed content DER format, DSA key", + [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach", + "-signer", catfile($smdir, "smdsa1.pem"), "-out", "test.cms" ], + [ "-verify", "-in", "test.cms", "-inform", "DER", + "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] + ], + + [ "signed detached content DER format, DSA key", + [ "-sign", "-in", $smcont, "-outform", "DER", + "-signer", catfile($smdir, "smdsa1.pem"), "-out", "test.cms" ], + [ "-verify", "-in", "test.cms", "-inform", "DER", + "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt", + "-content", $smcont ] + ], + + [ "signed detached content DER format, add RSA signer (with DSA existing)", + [ "-resign", "-inform", "DER", "-in", "test.cms", "-outform", "DER", + "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test2.cms" ], + [ "-verify", "-in", "test2.cms", "-inform", "DER", + "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt", + "-content", $smcont ] + ], + + [ "signed content test streaming BER format, DSA key", + [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach", + "-stream", + "-signer", catfile($smdir, "smdsa1.pem"), "-out", "test.cms" ], + [ "-verify", "-in", "test.cms", "-inform", "DER", + "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] + ], + + [ "signed content test streaming BER format, 2 DSA and 2 RSA keys", + [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach", + "-signer", catfile($smdir, "smrsa1.pem"), + "-signer", catfile($smdir, "smrsa2.pem"), + "-signer", catfile($smdir, "smdsa1.pem"), + "-signer", catfile($smdir, "smdsa2.pem"), + "-stream", "-out", "test.cms" ], + [ "-verify", "-in", "test.cms", "-inform", "DER", + "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] + ], + + [ "signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes", + [ "-sign", "-in", $smcont, "-outform", "DER", "-noattr", "-nodetach", + "-signer", catfile($smdir, "smrsa1.pem"), + "-signer", catfile($smdir, "smrsa2.pem"), + "-signer", catfile($smdir, "smdsa1.pem"), + "-signer", catfile($smdir, "smdsa2.pem"), + "-stream", "-out", "test.cms" ], + [ "-verify", "-in", "test.cms", "-inform", "DER", + "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] + ], + + [ "signed content S/MIME format, RSA key SHA1", + [ "-sign", "-in", $smcont, "-md", "sha1", + "-certfile", catfile($smdir, "smroot.pem"), + "-signer", catfile($smdir, "smrsa1.pem"), "-out", "test.cms" ], + [ "-verify", "-in", "test.cms", + "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] + ], + + [ "signed content test streaming S/MIME format, 2 DSA and 2 RSA keys", + [ "-sign", "-in", $smcont, "-nodetach", + "-signer", catfile($smdir, "smrsa1.pem"), + "-signer", catfile($smdir, "smrsa2.pem"), + "-signer", catfile($smdir, "smdsa1.pem"), + "-signer", catfile($smdir, "smdsa2.pem"), + "-stream", "-out", "test.cms" ], + [ "-verify", "-in", "test.cms", + "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] + ], + + [ "signed content test streaming multipart S/MIME format, 2 DSA and 2 RSA keys", + [ "-sign", "-in", $smcont, + "-signer", catfile($smdir, "smrsa1.pem"), + "-signer", catfile($smdir, "smrsa2.pem"), + "-signer", catfile($smdir, "smdsa1.pem"), + "-signer", catfile($smdir, "smdsa2.pem"), + "-stream", "-out", "test.cms" ], + [ "-verify", "-in", "test.cms", + "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] + ], + + [ "enveloped content test streaming S/MIME format, DES, 3 recipients", + [ "-encrypt", "-in", $smcont, + "-stream", "-out", "test.cms", + catfile($smdir, "smrsa1.pem"), + catfile($smdir, "smrsa2.pem"), + catfile($smdir, "smrsa3.pem") ], + [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"), + "-in", "test.cms", "-out", "smtst.txt" ] + ], + + [ "enveloped content test streaming S/MIME format, DES, 3 recipients, 3rd used", + [ "-encrypt", "-in", $smcont, + "-stream", "-out", "test.cms", + catfile($smdir, "smrsa1.pem"), + catfile($smdir, "smrsa2.pem"), + catfile($smdir, "smrsa3.pem") ], + [ "-decrypt", "-recip", catfile($smdir, "smrsa3.pem"), + "-in", "test.cms", "-out", "smtst.txt" ] + ], + + [ "enveloped content test streaming S/MIME format, DES, 3 recipients, key only used", + [ "-encrypt", "-in", $smcont, + "-stream", "-out", "test.cms", + catfile($smdir, "smrsa1.pem"), + catfile($smdir, "smrsa2.pem"), + catfile($smdir, "smrsa3.pem") ], + [ "-decrypt", "-inkey", catfile($smdir, "smrsa3.pem"), + "-in", "test.cms", "-out", "smtst.txt" ] + ], + + [ "enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients", + [ "-encrypt", "-in", $smcont, + "-aes256", "-stream", "-out", "test.cms", + catfile($smdir, "smrsa1.pem"), + catfile($smdir, "smrsa2.pem"), + catfile($smdir, "smrsa3.pem") ], + [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"), + "-in", "test.cms", "-out", "smtst.txt" ] + ], + +); + +my @smime_cms_tests = ( + + [ "signed content test streaming BER format, 2 DSA and 2 RSA keys, keyid", + [ "-sign", "-in", $smcont, "-outform", "DER", "-nodetach", "-keyid", + "-signer", catfile($smdir, "smrsa1.pem"), + "-signer", catfile($smdir, "smrsa2.pem"), + "-signer", catfile($smdir, "smdsa1.pem"), + "-signer", catfile($smdir, "smdsa2.pem"), + "-stream", "-out", "test.cms" ], + [ "-verify", "-in", "test.cms", "-inform", "DER", + "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] + ], + + [ "signed content test streaming PEM format, 2 DSA and 2 RSA keys", + [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach", + "-signer", catfile($smdir, "smrsa1.pem"), + "-signer", catfile($smdir, "smrsa2.pem"), + "-signer", catfile($smdir, "smdsa1.pem"), + "-signer", catfile($smdir, "smdsa2.pem"), + "-stream", "-out", "test.cms" ], + [ "-verify", "-in", "test.cms", "-inform", "PEM", + "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] + ], + + [ "signed content MIME format, RSA key, signed receipt request", + [ "-sign", "-in", $smcont, "-signer", catfile($smdir, "smrsa1.pem"), "-nodetach", + "-receipt_request_to", "test\@openssl.org", "-receipt_request_all", + "-out", "test.cms" ], + [ "-verify", "-in", "test.cms", + "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] + ], + + [ "signed receipt MIME format, RSA key", + [ "-sign_receipt", "-in", "test.cms", + "-signer", catfile($smdir, "smrsa2.pem"), + "-out", "test2.cms" ], + [ "-verify_receipt", "test2.cms", "-in", "test.cms", + "-CAfile", catfile($smdir, "smroot.pem") ] + ], + + [ "enveloped content test streaming S/MIME format, DES, 3 recipients, keyid", + [ "-encrypt", "-in", $smcont, + "-stream", "-out", "test.cms", "-keyid", + catfile($smdir, "smrsa1.pem"), + catfile($smdir, "smrsa2.pem"), + catfile($smdir, "smrsa3.pem") ], + [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"), + "-in", "test.cms", "-out", "smtst.txt" ] + ], + + [ "enveloped content test streaming PEM format, KEK", + [ "-encrypt", "-in", $smcont, "-outform", "PEM", "-aes128", + "-stream", "-out", "test.cms", + "-secretkey", "000102030405060708090A0B0C0D0E0F", + "-secretkeyid", "C0FEE0" ], + [ "-decrypt", "-in", "test.cms", "-out", "smtst.txt", "-inform", "PEM", + "-secretkey", "000102030405060708090A0B0C0D0E0F", + "-secretkeyid", "C0FEE0" ] + ], + + [ "enveloped content test streaming PEM format, KEK, key only", + [ "-encrypt", "-in", $smcont, "-outform", "PEM", "-aes128", + "-stream", "-out", "test.cms", + "-secretkey", "000102030405060708090A0B0C0D0E0F", + "-secretkeyid", "C0FEE0" ], + [ "-decrypt", "-in", "test.cms", "-out", "smtst.txt", "-inform", "PEM", + "-secretkey", "000102030405060708090A0B0C0D0E0F" ] + ], + + [ "data content test streaming PEM format", + [ "-data_create", "-in", $smcont, "-outform", "PEM", "-nodetach", + "-stream", "-out", "test.cms" ], + [ "-data_out", "-in", "test.cms", "-inform", "PEM", "-out", "smtst.txt" ] + ], + + [ "encrypted content test streaming PEM format, 128 bit RC2 key", + [ "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM", + "-rc2", "-secretkey", "000102030405060708090A0B0C0D0E0F", + "-stream", "-out", "test.cms" ], + [ "-EncryptedData_decrypt", "-in", "test.cms", "-inform", "PEM", + "-secretkey", "000102030405060708090A0B0C0D0E0F", "-out", "smtst.txt" ] + ], + + [ "encrypted content test streaming PEM format, 40 bit RC2 key", + [ "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM", + "-rc2", "-secretkey", "0001020304", + "-stream", "-out", "test.cms" ], + [ "-EncryptedData_decrypt", "-in", "test.cms", "-inform", "PEM", + "-secretkey", "0001020304", "-out", "smtst.txt" ] + ], + + [ "encrypted content test streaming PEM format, triple DES key", + [ "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM", + "-des3", "-secretkey", "000102030405060708090A0B0C0D0E0F1011121314151617", + "-stream", "-out", "test.cms" ], + [ "-EncryptedData_decrypt", "-in", "test.cms", "-inform", "PEM", + "-secretkey", "000102030405060708090A0B0C0D0E0F1011121314151617", + "-out", "smtst.txt" ] + ], + + [ "encrypted content test streaming PEM format, 128 bit AES key", + [ "-EncryptedData_encrypt", "-in", $smcont, "-outform", "PEM", + "-aes128", "-secretkey", "000102030405060708090A0B0C0D0E0F", + "-stream", "-out", "test.cms" ], + [ "-EncryptedData_decrypt", "-in", "test.cms", "-inform", "PEM", + "-secretkey", "000102030405060708090A0B0C0D0E0F", "-out", "smtst.txt" ] + ], + +); + +my @smime_cms_comp_tests = ( + + [ "compressed content test streaming PEM format", + [ "-compress", "-in", $smcont, "-outform", "PEM", "-nodetach", + "-stream", "-out", "test.cms" ], + [ "-uncompress", "-in", "test.cms", "-inform", "PEM", "-out", "smtst.txt" ] + ] + +); + +my @smime_cms_param_tests = ( + [ "signed content test streaming PEM format, RSA keys, PSS signature", + [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach", + "-signer", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:pss", + "-out", "test.cms" ], + [ "-verify", "-in", "test.cms", "-inform", "PEM", + "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] + ], + + [ "signed content test streaming PEM format, RSA keys, PSS signature, no attributes", + [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach", "-noattr", + "-signer", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:pss", + "-out", "test.cms" ], + [ "-verify", "-in", "test.cms", "-inform", "PEM", + "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] + ], + + [ "signed content test streaming PEM format, RSA keys, PSS signature, SHA384 MGF1", + [ "-sign", "-in", $smcont, "-outform", "PEM", "-nodetach", + "-signer", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:pss", + "-keyopt", "rsa_mgf1_md:sha384", "-out", "test.cms" ], + [ "-verify", "-in", "test.cms", "-inform", "PEM", + "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] + ], + + [ "enveloped content test streaming S/MIME format, DES, OAEP default parameters", + [ "-encrypt", "-in", $smcont, + "-stream", "-out", "test.cms", + "-recip", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:oaep" ], + [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"), + "-in", "test.cms", "-out", "smtst.txt" ] + ], + + [ "enveloped content test streaming S/MIME format, DES, OAEP SHA256", + [ "-encrypt", "-in", $smcont, + "-stream", "-out", "test.cms", + "-recip", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:oaep", + "-keyopt", "rsa_oaep_md:sha256" ], + [ "-decrypt", "-recip", catfile($smdir, "smrsa1.pem"), + "-in", "test.cms", "-out", "smtst.txt" ] + ], + + [ "enveloped content test streaming S/MIME format, DES, ECDH", + [ "-encrypt", "-in", $smcont, + "-stream", "-out", "test.cms", + "-recip", catfile($smdir, "smec1.pem") ], + [ "-decrypt", "-recip", catfile($smdir, "smec1.pem"), + "-in", "test.cms", "-out", "smtst.txt" ] + ], + + [ "enveloped content test streaming S/MIME format, DES, ECDH, 2 recipients, key only used", + [ "-encrypt", "-in", $smcont, + "-stream", "-out", "test.cms", + catfile($smdir, "smec1.pem"), + catfile($smdir, "smec3.pem") ], + [ "-decrypt", "-inkey", catfile($smdir, "smec3.pem"), + "-in", "test.cms", "-out", "smtst.txt" ] + ], + + [ "enveloped content test streaming S/MIME format, ECDH, DES, key identifier", + [ "-encrypt", "-keyid", "-in", $smcont, + "-stream", "-out", "test.cms", + "-recip", catfile($smdir, "smec1.pem") ], + [ "-decrypt", "-recip", catfile($smdir, "smec1.pem"), + "-in", "test.cms", "-out", "smtst.txt" ] + ], + + [ "enveloped content test streaming S/MIME format, ECDH, AES128, SHA256 KDF", + [ "-encrypt", "-in", $smcont, + "-stream", "-out", "test.cms", + "-recip", catfile($smdir, "smec1.pem"), "-aes128", "-keyopt", "ecdh_kdf_md:sha256" ], + [ "-decrypt", "-recip", catfile($smdir, "smec1.pem"), + "-in", "test.cms", "-out", "smtst.txt" ] + ], + + [ "enveloped content test streaming S/MIME format, ECDH, K-283, cofactor DH", + [ "-encrypt", "-in", $smcont, + "-stream", "-out", "test.cms", + "-recip", catfile($smdir, "smec2.pem"), "-aes128", + "-keyopt", "ecdh_kdf_md:sha256", "-keyopt", "ecdh_cofactor_mode:1" ], + [ "-decrypt", "-recip", catfile($smdir, "smec2.pem"), + "-in", "test.cms", "-out", "smtst.txt" ] + ], + + [ "enveloped content test streaming S/MIME format, X9.42 DH", + [ "-encrypt", "-in", $smcont, + "-stream", "-out", "test.cms", + "-recip", catfile($smdir, "smdh.pem"), "-aes128" ], + [ "-decrypt", "-recip", catfile($smdir, "smdh.pem"), + "-in", "test.cms", "-out", "smtst.txt" ] + ] + ); + +subtest "CMS => PKCS#7 compatibility tests\n" => sub { + plan tests => scalar @smime_pkcs7_tests; + + foreach (@smime_pkcs7_tests) { + SKIP: { + my $skip_reason = check_availability($$_[0]); + skip $skip_reason, 1 if $skip_reason; + + ok(run(app(["openssl", "cms", @{$$_[1]}])) + && run(app(["openssl", "smime", @{$$_[2]}])) + && compare_text($smcont, "smtst.txt") == 0, + $$_[0]); + } + } +}; +subtest "CMS <= PKCS#7 compatibility tests\n" => sub { + plan tests => scalar @smime_pkcs7_tests; + + foreach (@smime_pkcs7_tests) { + SKIP: { + my $skip_reason = check_availability($$_[0]); + skip $skip_reason, 1 if $skip_reason; + + ok(run(app(["openssl", "smime", @{$$_[1]}])) + && run(app(["openssl", "cms", @{$$_[2]}])) + && compare_text($smcont, "smtst.txt") == 0, + $$_[0]); + } + } +}; + +subtest "CMS <=> CMS consistency tests\n" => sub { + plan tests => (scalar @smime_pkcs7_tests) + (scalar @smime_cms_tests); + + foreach (@smime_pkcs7_tests) { + SKIP: { + my $skip_reason = check_availability($$_[0]); + skip $skip_reason, 1 if $skip_reason; + + ok(run(app(["openssl", "cms", @{$$_[1]}])) + && run(app(["openssl", "cms", @{$$_[2]}])) + && compare_text($smcont, "smtst.txt") == 0, + $$_[0]); + } + } + foreach (@smime_cms_tests) { + SKIP: { + my $skip_reason = check_availability($$_[0]); + skip $skip_reason, 1 if $skip_reason; + + ok(run(app(["openssl", "cms", @{$$_[1]}])) + && run(app(["openssl", "cms", @{$$_[2]}])) + && compare_text($smcont, "smtst.txt") == 0, + $$_[0]); + } + } +}; + +subtest "CMS <=> CMS consistency tests, modified key parameters\n" => sub { + plan tests => + (scalar @smime_cms_param_tests) + (scalar @smime_cms_comp_tests); + + foreach (@smime_cms_param_tests) { + SKIP: { + my $skip_reason = check_availability($$_[0]); + skip $skip_reason, 1 if $skip_reason; + + ok(run(app(["openssl", "cms", @{$$_[1]}])) + && run(app(["openssl", "cms", @{$$_[2]}])) + && compare_text($smcont, "smtst.txt") == 0, + $$_[0]); + } + } + + SKIP: { + skip("Zlib not supported: compression tests skipped", + scalar @smime_cms_comp_tests) + if $no_zlib; + + foreach (@smime_cms_comp_tests) { + SKIP: { + my $skip_reason = check_availability($$_[0]); + skip $skip_reason, 1 if $skip_reason; + + ok(run(app(["openssl", "cms", @{$$_[1]}])) + && run(app(["openssl", "cms", @{$$_[2]}])) + && compare_text($smcont, "smtst.txt") == 0, + $$_[0]); + } + } + } +}; + +unlink "test.cms"; +unlink "test2.cms"; +unlink "smtst.txt"; + +sub check_availability { + my $tnam = shift; + + return "$tnam: skipped, EC disabled\n" + if ($no_ec && $tnam =~ /ECDH/); + return "$tnam: skipped, ECDH disabled\n" + if ($no_ec && $tnam =~ /ECDH/); + return "$tnam: skipped, EC2M disabled\n" + if ($no_ec2m && $tnam =~ /K-283/); + return "$tnam: skipped, DH disabled\n" + if ($no_dh && $tnam =~ /X9\.42/); + return "$tnam: skipped, RC2 disabled\n" + if ($no_rc2 && $tnam =~ /RC2/); + return "$tnam: skipped, DES disabled\n" + if ($no_des && $tnam =~ /DES/); + return "$tnam: skipped, DSA disabled\n" + if ($no_dsa && $tnam =~ / DSA/); + + return ""; +} diff --git a/openssl-1.1.0h/test/recipes/80-test_ct.t b/openssl-1.1.0h/test/recipes/80-test_ct.t new file mode 100644 index 0000000..9c717b2 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/80-test_ct.t @@ -0,0 +1,17 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test qw/:DEFAULT srctop_file srctop_dir/; +use OpenSSL::Test::Simple; + +setup("test_ct"); +$ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf"); +$ENV{CT_DIR} = srctop_dir("test", "ct"); +$ENV{CERTS_DIR} = srctop_dir("test", "certs"); +simple_test("test_ct", "ct_test", "ct", "ec"); diff --git a/openssl-1.1.0h/test/recipes/80-test_dane.t b/openssl-1.1.0h/test/recipes/80-test_dane.t new file mode 100644 index 0000000..527e663 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/80-test_dane.t @@ -0,0 +1,24 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; +use OpenSSL::Test qw/:DEFAULT srctop_file/; +use OpenSSL::Test::Utils; + +setup("test_dane"); + +plan skip_all => "test_dane uses ec which is not supported by this OpenSSL build" + if disabled("ec"); + +plan tests => 1; # The number of tests being performed + +ok(run(test(["danetest", "example.com", + srctop_file("test", "danetest.pem"), + srctop_file("test", "danetest.in")])), "dane tests"); diff --git a/openssl-1.1.0h/test/recipes/80-test_dtls.t b/openssl-1.1.0h/test/recipes/80-test_dtls.t new file mode 100644 index 0000000..f4a2dc0 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/80-test_dtls.t @@ -0,0 +1,20 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use OpenSSL::Test::Utils; +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_dtls"); + +plan skip_all => "No DTLS protocols are supported by this OpenSSL build" + if alldisabled(available_protocols("dtls")); + +plan tests => 1; + +ok(run(test(["dtlstest", srctop_file("apps", "server.pem"), + srctop_file("apps", "server.pem")])), "running dtlstest"); diff --git a/openssl-1.1.0h/test/recipes/80-test_dtlsv1listen.t b/openssl-1.1.0h/test/recipes/80-test_dtlsv1listen.t new file mode 100644 index 0000000..dd1bb35 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/80-test_dtlsv1listen.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_dtlsv1listen", "dtlsv1listentest", "dh"); diff --git a/openssl-1.1.0h/test/recipes/80-test_ocsp.t b/openssl-1.1.0h/test/recipes/80-test_ocsp.t new file mode 100644 index 0000000..e9ed7b4 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/80-test_ocsp.t @@ -0,0 +1,219 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use POSIX; +use File::Spec::Functions qw/devnull catfile/; +use File::Copy; +use OpenSSL::Test qw/:DEFAULT with pipe srctop_dir data_file/; +use OpenSSL::Test::Utils; + +setup("test_ocsp"); + +plan skip_all => "OCSP is not supported by this OpenSSL build" + if disabled("ocsp"); + +my $ocspdir=srctop_dir("test", "ocsp-tests"); +# 17 December 2012 so we don't get certificate expiry errors. +my @check_time=("-attime", "1355875200"); + +sub test_ocsp { + my $title = shift; + my $inputfile = shift; + my $CAfile = shift; + my $untrusted = shift; + if ($untrusted eq "") { + $untrusted = $CAfile; + } + my $expected_exit = shift; + + run(app(["openssl", "base64", "-d", + "-in", catfile($ocspdir,$inputfile), + "-out", "ocsp-resp-fff.dat"])); + with({ exit_checker => sub { return shift == $expected_exit; } }, + sub { ok(run(app(["openssl", "ocsp", "-respin", "ocsp-resp-fff.dat", + "-partial_chain", @check_time, + "-CAfile", catfile($ocspdir, $CAfile), + "-verify_other", catfile($ocspdir, $untrusted), + "-no-CApath"])), + $title); }); + unlink "ocsp-resp-fff.dat"; +} + +plan tests => 11; + +subtest "=== VALID OCSP RESPONSES ===" => sub { + plan tests => 7; + + test_ocsp("NON-DELEGATED; Intermediate CA -> EE", + "ND1.ors", "ND1_Issuer_ICA.pem", "", 0); + test_ocsp("NON-DELEGATED; Root CA -> Intermediate CA", + "ND2.ors", "ND2_Issuer_Root.pem", "", 0); + test_ocsp("NON-DELEGATED; Root CA -> EE", + "ND3.ors", "ND3_Issuer_Root.pem", "", 0); + test_ocsp("NON-DELEGATED; 3-level CA hierarchy", + "ND1.ors", "ND1_Cross_Root.pem", "ND1_Issuer_ICA-Cross.pem", 0); + test_ocsp("DELEGATED; Intermediate CA -> EE", + "D1.ors", "D1_Issuer_ICA.pem", "", 0); + test_ocsp("DELEGATED; Root CA -> Intermediate CA", + "D2.ors", "D2_Issuer_Root.pem", "", 0); + test_ocsp("DELEGATED; Root CA -> EE", + "D3.ors", "D3_Issuer_Root.pem", "", 0); +}; + +subtest "=== INVALID SIGNATURE on the OCSP RESPONSE ===" => sub { + plan tests => 6; + + test_ocsp("NON-DELEGATED; Intermediate CA -> EE", + "ISOP_ND1.ors", "ND1_Issuer_ICA.pem", "", 1); + test_ocsp("NON-DELEGATED; Root CA -> Intermediate CA", + "ISOP_ND2.ors", "ND2_Issuer_Root.pem", "", 1); + test_ocsp("NON-DELEGATED; Root CA -> EE", + "ISOP_ND3.ors", "ND3_Issuer_Root.pem", "", 1); + test_ocsp("DELEGATED; Intermediate CA -> EE", + "ISOP_D1.ors", "D1_Issuer_ICA.pem", "", 1); + test_ocsp("DELEGATED; Root CA -> Intermediate CA", + "ISOP_D2.ors", "D2_Issuer_Root.pem", "", 1); + test_ocsp("DELEGATED; Root CA -> EE", + "ISOP_D3.ors", "D3_Issuer_Root.pem", "", 1); +}; + +subtest "=== WRONG RESPONDERID in the OCSP RESPONSE ===" => sub { + plan tests => 6; + + test_ocsp("NON-DELEGATED; Intermediate CA -> EE", + "WRID_ND1.ors", "ND1_Issuer_ICA.pem", "", 1); + test_ocsp("NON-DELEGATED; Root CA -> Intermediate CA", + "WRID_ND2.ors", "ND2_Issuer_Root.pem", "", 1); + test_ocsp("NON-DELEGATED; Root CA -> EE", + "WRID_ND3.ors", "ND3_Issuer_Root.pem", "", 1); + test_ocsp("DELEGATED; Intermediate CA -> EE", + "WRID_D1.ors", "D1_Issuer_ICA.pem", "", 1); + test_ocsp("DELEGATED; Root CA -> Intermediate CA", + "WRID_D2.ors", "D2_Issuer_Root.pem", "", 1); + test_ocsp("DELEGATED; Root CA -> EE", + "WRID_D3.ors", "D3_Issuer_Root.pem", "", 1); +}; + +subtest "=== WRONG ISSUERNAMEHASH in the OCSP RESPONSE ===" => sub { + plan tests => 6; + + test_ocsp("NON-DELEGATED; Intermediate CA -> EE", + "WINH_ND1.ors", "ND1_Issuer_ICA.pem", "", 1); + test_ocsp("NON-DELEGATED; Root CA -> Intermediate CA", + "WINH_ND2.ors", "ND2_Issuer_Root.pem", "", 1); + test_ocsp("NON-DELEGATED; Root CA -> EE", + "WINH_ND3.ors", "ND3_Issuer_Root.pem", "", 1); + test_ocsp("DELEGATED; Intermediate CA -> EE", + "WINH_D1.ors", "D1_Issuer_ICA.pem", "", 1); + test_ocsp("DELEGATED; Root CA -> Intermediate CA", + "WINH_D2.ors", "D2_Issuer_Root.pem", "", 1); + test_ocsp("DELEGATED; Root CA -> EE", + "WINH_D3.ors", "D3_Issuer_Root.pem", "", 1); +}; + +subtest "=== WRONG ISSUERKEYHASH in the OCSP RESPONSE ===" => sub { + plan tests => 6; + + test_ocsp("NON-DELEGATED; Intermediate CA -> EE", + "WIKH_ND1.ors", "ND1_Issuer_ICA.pem", "", 1); + test_ocsp("NON-DELEGATED; Root CA -> Intermediate CA", + "WIKH_ND2.ors", "ND2_Issuer_Root.pem", "", 1); + test_ocsp("NON-DELEGATED; Root CA -> EE", + "WIKH_ND3.ors", "ND3_Issuer_Root.pem", "", 1); + test_ocsp("DELEGATED; Intermediate CA -> EE", + "WIKH_D1.ors", "D1_Issuer_ICA.pem", "", 1); + test_ocsp("DELEGATED; Root CA -> Intermediate CA", + "WIKH_D2.ors", "D2_Issuer_Root.pem", "", 1); + test_ocsp("DELEGATED; Root CA -> EE", + "WIKH_D3.ors", "D3_Issuer_Root.pem", "", 1); +}; + +subtest "=== WRONG KEY in the DELEGATED OCSP SIGNING CERTIFICATE ===" => sub { + plan tests => 3; + + test_ocsp("DELEGATED; Intermediate CA -> EE", + "WKDOSC_D1.ors", "D1_Issuer_ICA.pem", "", 1); + test_ocsp("DELEGATED; Root CA -> Intermediate CA", + "WKDOSC_D2.ors", "D2_Issuer_Root.pem", "", 1); + test_ocsp("DELEGATED; Root CA -> EE", + "WKDOSC_D3.ors", "D3_Issuer_Root.pem", "", 1); +}; + +subtest "=== INVALID SIGNATURE on the DELEGATED OCSP SIGNING CERTIFICATE ===" => sub { + plan tests => 3; + + test_ocsp("DELEGATED; Intermediate CA -> EE", + "ISDOSC_D1.ors", "D1_Issuer_ICA.pem", "", 1); + test_ocsp("DELEGATED; Root CA -> Intermediate CA", + "ISDOSC_D2.ors", "D2_Issuer_Root.pem", "", 1); + test_ocsp("DELEGATED; Root CA -> EE", + "ISDOSC_D3.ors", "D3_Issuer_Root.pem", "", 1); +}; + +subtest "=== WRONG SUBJECT NAME in the ISSUER CERTIFICATE ===" => sub { + plan tests => 6; + + test_ocsp("NON-DELEGATED; Intermediate CA -> EE", + "ND1.ors", "WSNIC_ND1_Issuer_ICA.pem", "", 1); + test_ocsp("NON-DELEGATED; Root CA -> Intermediate CA", + "ND2.ors", "WSNIC_ND2_Issuer_Root.pem", "", 1); + test_ocsp("NON-DELEGATED; Root CA -> EE", + "ND3.ors", "WSNIC_ND3_Issuer_Root.pem", "", 1); + test_ocsp("DELEGATED; Intermediate CA -> EE", + "D1.ors", "WSNIC_D1_Issuer_ICA.pem", "", 1); + test_ocsp("DELEGATED; Root CA -> Intermediate CA", + "D2.ors", "WSNIC_D2_Issuer_Root.pem", "", 1); + test_ocsp("DELEGATED; Root CA -> EE", + "D3.ors", "WSNIC_D3_Issuer_Root.pem", "", 1); +}; + +subtest "=== WRONG KEY in the ISSUER CERTIFICATE ===" => sub { + plan tests => 6; + + test_ocsp("NON-DELEGATED; Intermediate CA -> EE", + "ND1.ors", "WKIC_ND1_Issuer_ICA.pem", "", 1); + test_ocsp("NON-DELEGATED; Root CA -> Intermediate CA", + "ND2.ors", "WKIC_ND2_Issuer_Root.pem", "", 1); + test_ocsp("NON-DELEGATED; Root CA -> EE", + "ND3.ors", "WKIC_ND3_Issuer_Root.pem", "", 1); + test_ocsp("DELEGATED; Intermediate CA -> EE", + "D1.ors", "WKIC_D1_Issuer_ICA.pem", "", 1); + test_ocsp("DELEGATED; Root CA -> Intermediate CA", + "D2.ors", "WKIC_D2_Issuer_Root.pem", "", 1); + test_ocsp("DELEGATED; Root CA -> EE", + "D3.ors", "WKIC_D3_Issuer_Root.pem", "", 1); +}; + +subtest "=== INVALID SIGNATURE on the ISSUER CERTIFICATE ===" => sub { + plan tests => 6; + + # Expect success, because we're explicitly trusting the issuer certificate. + test_ocsp("NON-DELEGATED; Intermediate CA -> EE", + "ND1.ors", "ISIC_ND1_Issuer_ICA.pem", "", 0); + test_ocsp("NON-DELEGATED; Root CA -> Intermediate CA", + "ND2.ors", "ISIC_ND2_Issuer_Root.pem", "", 0); + test_ocsp("NON-DELEGATED; Root CA -> EE", + "ND3.ors", "ISIC_ND3_Issuer_Root.pem", "", 0); + test_ocsp("DELEGATED; Intermediate CA -> EE", + "D1.ors", "ISIC_D1_Issuer_ICA.pem", "", 0); + test_ocsp("DELEGATED; Root CA -> Intermediate CA", + "D2.ors", "ISIC_D2_Issuer_Root.pem", "", 0); + test_ocsp("DELEGATED; Root CA -> EE", + "D3.ors", "ISIC_D3_Issuer_Root.pem", "", 0); +}; + +subtest "=== OCSP API TESTS===" => sub { + plan tests => 1; + + ok(run(test(["ocspapitest", data_file("cert.pem"), data_file("key.pem")])), + "running ocspapitest"); +} diff --git a/openssl-1.1.0h/test/recipes/80-test_ocsp_data/cert.pem b/openssl-1.1.0h/test/recipes/80-test_ocsp_data/cert.pem new file mode 100644 index 0000000..f70e792 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/80-test_ocsp_data/cert.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDLDCCAhSgAwIBAgICFs8wDQYJKoZIhvcNAQELBQAwSzEQMA4GA1UECgwHT3Bl +blNTTDETMBEGA1UECwwKVGVzdCBTdWl0ZTEiMCAGA1UEAwwZVGVzdCBPQ1NQIHJl +c3BvbnNlIHNpZ25lcjAeFw0xNzEwMjMxNDA4MDlaFw0yNjAxMDkxNDA4MDlaMEsx +EDAOBgNVBAoMB09wZW5TU0wxEzARBgNVBAsMClRlc3QgU3VpdGUxIjAgBgNVBAMM +GVRlc3QgT0NTUCByZXNwb25zZSBzaWduZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IB +DwAwggEKAoIBAQC81prq23FY2YDuwiXetb/NCs/cSm/afVnPsdSseRKi/GHi9d7b +EEgWnQOJmz4zTuU+Bw2duHZ1X2WUR/Pjy4CvWNRq417aJ3IfyQHf8cxEplk9Ifd0 +5VEq6WzWVWAX6ki/CZIJUihzj3AAn/SYfvXw2wd319OQGvwYiQVt3Is5k4E4rAI2 +zXf5BdE9XkayM3jq6Ewc/VZ05EA/LaBLy5ujQljjfAFEy/qopYx3AJ4G8t2a5rvM +dbNOyJCx9NNeryZMv2wRzEaYp6jYao+xxqbm5lgnwfE3jJ4aA9/oC1sUM8FokOGW +9KAK3UEptoxux8JHH9R8X5bTVE7HADHhG5s7AgMBAAGjGjAYMAkGA1UdEwQCMAAw +CwYDVR0PBAQDAgXgMA0GCSqGSIb3DQEBCwUAA4IBAQCPkojVPBFNT9DGpLq9Y/Hl +XhcA+vSdt83EFzPD/nxIMp/QYSnZ9w2SWL21AH4C+HWd4JuKX5Zlsd6qYobYZLcT +TyVfw0OMwwPUI6Mxbz395EAnVLmtddN2RDsEYvThSMMoSfhtUwyANpA0Q6M8RcGt +LwnaC69iXhBh1xcTVVg97yEJ22yIrwQ1GhX4F1PRJIAQ/QmQhnoTGlhl2VAQ3LIk +lNFxkWbx0rqPIcor27QDNa2DPqioyvHMlkjC1h5EPhL9Ynu011r4Dn9A34+vFxeu +Q+emRwl/JjCNZX4l/AripU/Cy/+J2YGKilKzRcB1QMMVSl0VaeLSCwkNDQtdlwWO +-----END CERTIFICATE----- diff --git a/openssl-1.1.0h/test/recipes/80-test_ocsp_data/key.pem b/openssl-1.1.0h/test/recipes/80-test_ocsp_data/key.pem new file mode 100644 index 0000000..cd211dc --- /dev/null +++ b/openssl-1.1.0h/test/recipes/80-test_ocsp_data/key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC81prq23FY2YDu +wiXetb/NCs/cSm/afVnPsdSseRKi/GHi9d7bEEgWnQOJmz4zTuU+Bw2duHZ1X2WU +R/Pjy4CvWNRq417aJ3IfyQHf8cxEplk9Ifd05VEq6WzWVWAX6ki/CZIJUihzj3AA +n/SYfvXw2wd319OQGvwYiQVt3Is5k4E4rAI2zXf5BdE9XkayM3jq6Ewc/VZ05EA/ +LaBLy5ujQljjfAFEy/qopYx3AJ4G8t2a5rvMdbNOyJCx9NNeryZMv2wRzEaYp6jY +ao+xxqbm5lgnwfE3jJ4aA9/oC1sUM8FokOGW9KAK3UEptoxux8JHH9R8X5bTVE7H +ADHhG5s7AgMBAAECggEBAJLp946eeVmhpiCa5XGWPwlbzwlY1BrNCRGADbC9ZRVu +ew1jMiWGTj9hmr31DHhIeis+u4YoW+jG9jVdoU5pJc3Fs0URbdsVc0FtVcsPyFbk +gGsCQQ4t1m8nOaiqtV8Fw+D0piwgQh5dysqBp374z4i6Lt47CHqFs/m2qIWnXp3E +YF3xX2Zz9rIgejERRxrUnp5998NqxSYHPF7Ts4VQ/+UezUqEpA2jBs6cJ2tWVNR9 +uf+3Fklpo7Uau+xG5xkiRYxx4mSIg6EREz5+XMPkSOcXi6tyinoKsafxTNQDil0q +pdurVlHNgZb2QdJjHugVmbalydHIQ5c0CU1RO5CP97kCgYEA7RqrRooniil0iAKR +6scFct0juVBW1Uw05Ejt97RtwQRf/m9SU5mSs0PfFx/l3PeNDSWnpmwunL1igYQb ++tVqDQQ9xR4owyl6/qDJSP2bS84jb+3MCR4UE/b2YR2rCDBllXeyQsDT7KMoW8lX +gliWmYd6HYddRDOKNM/tzccFG1cCgYEAy+M6yv0ublrpTj4o8DcOi6JJrQbPSAWx +R7zKDXSvSq5lLjfXmqX4s/jgZWgQ+kYoYZrIOqIygcZ2U6tBMCP2LAhbf86I6r27 +loMyQg7lhC5GCztpGes4/JmUvnvjTUIFspB6ReaXlBFAstzzJirgI1wmoO6+GiG/ +OUDmvCjFdL0CgYALQGa8VDYIImt7QNP31jX1+3SEiMF2IcWox6UzSgajUDfV9SZs +/S6u/xuJF2RrFfxFkXHhPeUAXyRbjQ9e2d3MfFUKE6JPkJpblvm2UwKZmFCqMRir +nhfJ0sBiX2wMWW+YpjN5Y3krE5sIsAdNEjMjWgB7gj70y5VVaECasUUWxQKBgQDB +aauqSIc1VLSh7sGzLudzet5db2pPLmdAYE1kel6Xf9yn/X1gTTYitGNaj2Abq1Y/ +US/Ev30eMwCo2nqaimLK3pq+IVUtKhO78nVIyQzdWXBE03Uei0+iAKdkE+5Kqejx +vbDggqEka0Fu678VY/MAWDikzhY0f/MBAxpfQGYgGQKBgC0tR1ymvCLkk6J5e4/G +OD1D9m2JJjcK4eWUS4rAiEH61sI5CKQRU2pQ3f3cIGekDZZt3XzHLYwc9W2UnN2J +glMmKXp0qqt2HoE/XKLrIc1dEDXsZxFnMZ6nmWKsl4AHxM/gyXqfDo/AUXyEGcVu +8TbVs3nlISUy7vwjpaW1KOs1 +-----END PRIVATE KEY----- diff --git a/openssl-1.1.0h/test/recipes/80-test_pkcs12.t b/openssl-1.1.0h/test/recipes/80-test_pkcs12.t new file mode 100644 index 0000000..430df67 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/80-test_pkcs12.t @@ -0,0 +1,68 @@ +#! /usr/bin/env perl +# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use warnings; + +use OpenSSL::Test qw/:DEFAULT srctop_file/; +use OpenSSL::Test::Utils; + +use Encode; + +setup("test_pkcs12"); + +plan skip_all => "The PKCS12 command line utility is not supported by this OpenSSL build" + if disabled("des"); + +my $pass = "σύνθημα γνώρισμα"; + +my $savedcp; +if (eval { require Win32::API; 1; }) { + # Trouble is that Win32 perl uses CreateProcessA, which + # makes it problematic to pass non-ASCII arguments, from perl[!] + # that is. This is because CreateProcessA is just a wrapper for + # CreateProcessW and will call MultiByteToWideChar and use + # system default locale. Since we attempt Greek pass-phrase + # conversion can be done only with Greek locale. + + Win32::API->Import("kernel32","UINT GetSystemDefaultLCID()"); + if (GetSystemDefaultLCID() != 0x408) { + plan skip_all => "Non-Greek system locale"; + } else { + # Ensure correct code page so that VERBOSE output is right. + Win32::API->Import("kernel32","UINT GetConsoleOutputCP()"); + Win32::API->Import("kernel32","BOOL SetConsoleOutputCP(UINT cp)"); + $savedcp = GetConsoleOutputCP(); + SetConsoleOutputCP(1253); + $pass = Encode::encode("cp1253",Encode::decode("utf-8",$pass)); + } +} elsif ($^O eq "MSWin32") { + plan skip_all => "Win32::API unavailable"; +} else { + # Running MinGW tests transparently under Wine apparently requires + # UTF-8 locale... + + foreach(`locale -a`) { + s/\R$//; + if ($_ =~ m/^C\.UTF\-?8/i) { + $ENV{LC_ALL} = $_; + last; + } + } +} +$ENV{OPENSSL_WIN32_UTF8}=1; + +plan tests => 1; + +# just see that we can read shibboleth.pfx protected with $pass +ok(run(app(["openssl", "pkcs12", "-noout", + "-password", "pass:$pass", + "-in", srctop_file("test", "shibboleth.pfx")])), + "test_pkcs12"); + +SetConsoleOutputCP($savedcp) if (defined($savedcp)); diff --git a/openssl-1.1.0h/test/recipes/80-test_ssl_new.t b/openssl-1.1.0h/test/recipes/80-test_ssl_new.t new file mode 100644 index 0000000..287defe --- /dev/null +++ b/openssl-1.1.0h/test/recipes/80-test_ssl_new.t @@ -0,0 +1,133 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use File::Basename; +use File::Compare qw/compare_text/; +use OpenSSL::Glob; +use OpenSSL::Test qw/:DEFAULT srctop_dir srctop_file/; +use OpenSSL::Test::Utils qw/disabled alldisabled available_protocols/; + +setup("test_ssl_new"); + +$ENV{TEST_CERTS_DIR} = srctop_dir("test", "certs"); +$ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf"); + +my @conf_srcs = glob(srctop_file("test", "ssl-tests", "*.conf.in")); +map { s/;.*// } @conf_srcs if $^O eq "VMS"; +my @conf_files = map { basename($_, ".in") } @conf_srcs; +map { s/\^// } @conf_files if $^O eq "VMS"; + +# We hard-code the number of tests to double-check that the globbing above +# finds all files as expected. +plan tests => 19; # = scalar @conf_srcs + +# Some test results depend on the configuration of enabled protocols. We only +# verify generated sources in the default configuration. +my $is_default_tls = (disabled("ssl3") && !disabled("tls1") && + !disabled("tls1_1") && !disabled("tls1_2")); + +my $is_default_dtls = (!disabled("dtls1") && !disabled("dtls1_2")); + +my $no_tls = alldisabled(available_protocols("tls")); +my $no_dtls = alldisabled(available_protocols("dtls")); +my $no_npn = disabled("nextprotoneg"); +my $no_ct = disabled("ct"); +my $no_ec = disabled("ec"); +my $no_ec2m = disabled("ec2m"); +my $no_ocsp = disabled("ocsp"); + +# Add your test here if the test conf.in generates test cases and/or +# expectations dynamically based on the OpenSSL compile-time config. +my %conf_dependent_tests = ( + "02-protocol-version.conf" => !$is_default_tls, + "04-client_auth.conf" => !$is_default_tls, + "07-dtls-protocol-version.conf" => !$is_default_dtls, + "10-resumption.conf" => !$is_default_tls, + "11-dtls_resumption.conf" => !$is_default_dtls, + "17-renegotiate.conf" => disabled("tls1_2"), + "18-dtls-renegotiate.conf" => disabled("dtls1_2"), +); + +# Add your test here if it should be skipped for some compile-time +# configurations. Default is $no_tls but some tests have different skip +# conditions. +my %skip = ( + "07-dtls-protocol-version.conf" => $no_dtls, + "08-npn.conf" => $no_tls || $no_npn, + "10-resumption.conf" => disabled("tls1_1") || disabled("tls1_2"), + "11-dtls_resumption.conf" => disabled("dtls1") || disabled("dtls1_2"), + "12-ct.conf" => $no_tls || $no_ct || $no_ec, + # We could run some of these tests without TLS 1.2 if we had a per-test + # disable instruction but that's a bizarre configuration not worth + # special-casing for. + # We should review this once we have TLS 1.3. + "13-fragmentation.conf" => disabled("tls1_2"), + "14-curves.conf" => disabled("tls1_2") || $no_ec || $no_ec2m, + "15-certstatus.conf" => $no_tls || $no_ocsp, + "16-dtls-certstatus.conf" => $no_dtls || $no_ocsp, + "18-dtls-renegotiate.conf" => $no_dtls, + "19-mac-then-encrypt.conf" => disabled("tls1_2"), +); + +foreach my $conf (@conf_files) { + subtest "Test configuration $conf" => sub { + test_conf($conf, + $conf_dependent_tests{$conf} || $^O eq "VMS" ? 0 : 1, + defined($skip{$conf}) ? $skip{$conf} : $no_tls); + } +} + +sub test_conf { + plan tests => 3; + + my ($conf, $check_source, $skip) = @_; + + my $conf_file = srctop_file("test", "ssl-tests", $conf); + my $tmp_file = "${conf}.$$.tmp"; + my $run_test = 1; + + SKIP: { + # "Test" 1. Generate the source. + my $input_file = $conf_file . ".in"; + + skip 'failure', 2 unless + ok(run(perltest(["generate_ssl_tests.pl", $input_file], + interpreter_args => [ "-I", srctop_dir("util", "perl")], + stdout => $tmp_file)), + "Getting output from generate_ssl_tests.pl."); + + SKIP: { + # Test 2. Compare against existing output in test/ssl_tests.conf. + skip "Skipping generated source test for $conf", 1 + if !$check_source; + + $run_test = is(cmp_text($tmp_file, $conf_file), 0, + "Comparing generated sources."); + } + + # Test 3. Run the test. + skip "No tests available; skipping tests", 1 if $skip; + skip "Stale sources; skipping tests", 1 if !$run_test; + + ok(run(test(["ssl_test", $tmp_file])), "running ssl_test $conf"); + } + + unlink glob $tmp_file; +} + +sub cmp_text { + return compare_text(@_, sub { + $_[0] =~ s/\R//g; + $_[1] =~ s/\R//g; + return $_[0] ne $_[1]; + }); +} diff --git a/openssl-1.1.0h/test/recipes/80-test_ssl_old.t b/openssl-1.1.0h/test/recipes/80-test_ssl_old.t new file mode 100644 index 0000000..6468bd6 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/80-test_ssl_old.t @@ -0,0 +1,629 @@ +#! /usr/bin/env perl +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use POSIX; +use File::Basename; +use File::Copy; +use OpenSSL::Test qw/:DEFAULT with bldtop_file srctop_file cmdstr/; +use OpenSSL::Test::Utils; + +setup("test_ssl"); + +$ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf"); + +my ($no_rsa, $no_dsa, $no_dh, $no_ec, $no_srp, $no_psk, + $no_ssl3, $no_tls1, $no_tls1_1, $no_tls1_2, + $no_dtls, $no_dtls1, $no_dtls1_2, $no_ct) = + anydisabled qw/rsa dsa dh ec srp psk + ssl3 tls1 tls1_1 tls1_2 + dtls dtls1 dtls1_2 ct/; +my $no_anytls = alldisabled(available_protocols("tls")); +my $no_anydtls = alldisabled(available_protocols("dtls")); + +plan skip_all => "No SSL/TLS/DTLS protocol is support by this OpenSSL build" + if $no_anytls && $no_anydtls; + +my $digest = "-sha1"; +my @reqcmd = ("openssl", "req"); +my @x509cmd = ("openssl", "x509", $digest); +my @verifycmd = ("openssl", "verify"); +my @gendsacmd = ("openssl", "gendsa"); +my $dummycnf = srctop_file("apps", "openssl.cnf"); + +my $CAkey = "keyCA.ss"; +my $CAcert="certCA.ss"; +my $CAserial="certCA.srl"; +my $CAreq="reqCA.ss"; +my $CAconf=srctop_file("test","CAss.cnf"); +my $CAreq2="req2CA.ss"; # temp + +my $Uconf=srctop_file("test","Uss.cnf"); +my $Ukey="keyU.ss"; +my $Ureq="reqU.ss"; +my $Ucert="certU.ss"; + +my $Dkey="keyD.ss"; +my $Dreq="reqD.ss"; +my $Dcert="certD.ss"; + +my $Ekey="keyE.ss"; +my $Ereq="reqE.ss"; +my $Ecert="certE.ss"; + +my $P1conf=srctop_file("test","P1ss.cnf"); +my $P1key="keyP1.ss"; +my $P1req="reqP1.ss"; +my $P1cert="certP1.ss"; +my $P1intermediate="tmp_intP1.ss"; + +my $P2conf=srctop_file("test","P2ss.cnf"); +my $P2key="keyP2.ss"; +my $P2req="reqP2.ss"; +my $P2cert="certP2.ss"; +my $P2intermediate="tmp_intP2.ss"; + +my $server_sess="server.ss"; +my $client_sess="client.ss"; + +# ssltest_old.c is deprecated in favour of the new framework in ssl_test.c +# If you're adding tests here, you probably want to convert them to the +# new format in ssl_test.c and add recipes to 80-test_ssl_new.t instead. +plan tests => + 1 # For testss + +6 # For the first testssl + ; + +subtest 'test_ss' => sub { + if (testss()) { + open OUT, ">", "intP1.ss"; + copy($CAcert, \*OUT); copy($Ucert, \*OUT); + close OUT; + + open OUT, ">", "intP2.ss"; + copy($CAcert, \*OUT); copy($Ucert, \*OUT); copy($P1cert, \*OUT); + close OUT; + } +}; + +note('test_ssl -- key U'); +testssl("keyU.ss", $Ucert, $CAcert); + +# ----------- +# subtest functions +sub testss { + open RND, ">>", ".rnd"; + print RND "string to make the random number generator think it has entropy"; + close RND; + + my @req_dsa = ("-newkey", + "dsa:".srctop_file("apps", "dsa1024.pem")); + my $dsaparams = srctop_file("apps", "dsa1024.pem"); + my @req_new; + if ($no_rsa) { + @req_new = @req_dsa; + } else { + @req_new = ("-new"); + } + + plan tests => 17; + + SKIP: { + skip 'failure', 16 unless + ok(run(app([@reqcmd, "-config", $CAconf, + "-out", $CAreq, "-keyout", $CAkey, + @req_new])), + 'make cert request'); + + skip 'failure', 15 unless + ok(run(app([@x509cmd, "-CAcreateserial", "-in", $CAreq, "-days", "30", + "-req", "-out", $CAcert, "-signkey", $CAkey, + "-extfile", $CAconf, "-extensions", "v3_ca"], + stdout => "err.ss")), + 'convert request into self-signed cert'); + + skip 'failure', 14 unless + ok(run(app([@x509cmd, "-in", $CAcert, + "-x509toreq", "-signkey", $CAkey, "-out", $CAreq2], + stdout => "err.ss")), + 'convert cert into a cert request'); + + skip 'failure', 13 unless + ok(run(app([@reqcmd, "-config", $dummycnf, + "-verify", "-in", $CAreq, "-noout"])), + 'verify request 1'); + + + skip 'failure', 12 unless + ok(run(app([@reqcmd, "-config", $dummycnf, + "-verify", "-in", $CAreq2, "-noout"])), + 'verify request 2'); + + skip 'failure', 11 unless + ok(run(app([@verifycmd, "-CAfile", $CAcert, $CAcert])), + 'verify signature'); + + skip 'failure', 10 unless + ok(run(app([@reqcmd, "-config", $Uconf, + "-out", $Ureq, "-keyout", $Ukey, @req_new], + stdout => "err.ss")), + 'make a user cert request'); + + skip 'failure', 9 unless + ok(run(app([@x509cmd, "-CAcreateserial", "-in", $Ureq, "-days", "30", + "-req", "-out", $Ucert, + "-CA", $CAcert, "-CAkey", $CAkey, "-CAserial", $CAserial, + "-extfile", $Uconf, "-extensions", "v3_ee"], + stdout => "err.ss")) + && run(app([@verifycmd, "-CAfile", $CAcert, $Ucert])), + 'sign user cert request'); + + skip 'failure', 8 unless + ok(run(app([@x509cmd, + "-subject", "-issuer", "-startdate", "-enddate", + "-noout", "-in", $Ucert])), + 'Certificate details'); + + skip 'failure', 7 unless + subtest 'DSA certificate creation' => sub { + plan skip_all => "skipping DSA certificate creation" + if $no_dsa; + + plan tests => 5; + + SKIP: { + $ENV{CN2} = "DSA Certificate"; + skip 'failure', 4 unless + ok(run(app([@gendsacmd, "-out", $Dkey, + $dsaparams], + stdout => "err.ss")), + "make a DSA key"); + skip 'failure', 3 unless + ok(run(app([@reqcmd, "-new", "-config", $Uconf, + "-out", $Dreq, "-key", $Dkey], + stdout => "err.ss")), + "make a DSA user cert request"); + skip 'failure', 2 unless + ok(run(app([@x509cmd, "-CAcreateserial", + "-in", $Dreq, + "-days", "30", + "-req", + "-out", $Dcert, + "-CA", $CAcert, "-CAkey", $CAkey, + "-CAserial", $CAserial, + "-extfile", $Uconf, + "-extensions", "v3_ee_dsa"], + stdout => "err.ss")), + "sign DSA user cert request"); + skip 'failure', 1 unless + ok(run(app([@verifycmd, "-CAfile", $CAcert, $Dcert])), + "verify DSA user cert"); + skip 'failure', 0 unless + ok(run(app([@x509cmd, + "-subject", "-issuer", + "-startdate", "-enddate", "-noout", + "-in", $Dcert])), + "DSA Certificate details"); + } + }; + + skip 'failure', 6 unless + subtest 'ECDSA/ECDH certificate creation' => sub { + plan skip_all => "skipping ECDSA/ECDH certificate creation" + if $no_ec; + + plan tests => 5; + + SKIP: { + $ENV{CN2} = "ECDSA Certificate"; + skip 'failure', 4 unless + ok(run(app(["openssl", "ecparam", "-name", "P-256", + "-out", "ecp.ss"])), + "make EC parameters"); + skip 'failure', 3 unless + ok(run(app([@reqcmd, "-config", $Uconf, + "-out", $Ereq, "-keyout", $Ekey, + "-newkey", "ec:ecp.ss"], + stdout => "err.ss")), + "make a ECDSA/ECDH user cert request"); + skip 'failure', 2 unless + ok(run(app([@x509cmd, "-CAcreateserial", + "-in", $Ereq, + "-days", "30", + "-req", + "-out", $Ecert, + "-CA", $CAcert, "-CAkey", $CAkey, + "-CAserial", $CAserial, + "-extfile", $Uconf, + "-extensions", "v3_ee_ec"], + stdout => "err.ss")), + "sign ECDSA/ECDH user cert request"); + skip 'failure', 1 unless + ok(run(app([@verifycmd, "-CAfile", $CAcert, $Ecert])), + "verify ECDSA/ECDH user cert"); + skip 'failure', 0 unless + ok(run(app([@x509cmd, + "-subject", "-issuer", + "-startdate", "-enddate", "-noout", + "-in", $Ecert])), + "ECDSA Certificate details"); + } + }; + + skip 'failure', 5 unless + ok(run(app([@reqcmd, "-config", $P1conf, + "-out", $P1req, "-keyout", $P1key, @req_new], + stdout => "err.ss")), + 'make a proxy cert request'); + + + skip 'failure', 4 unless + ok(run(app([@x509cmd, "-CAcreateserial", "-in", $P1req, "-days", "30", + "-req", "-out", $P1cert, + "-CA", $Ucert, "-CAkey", $Ukey, + "-extfile", $P1conf, "-extensions", "v3_proxy"], + stdout => "err.ss")), + 'sign proxy with user cert'); + + copy($Ucert, $P1intermediate); + run(app([@verifycmd, "-CAfile", $CAcert, + "-untrusted", $P1intermediate, $P1cert])); + ok(run(app([@x509cmd, + "-subject", "-issuer", "-startdate", "-enddate", + "-noout", "-in", $P1cert])), + 'Certificate details'); + + skip 'failure', 2 unless + ok(run(app([@reqcmd, "-config", $P2conf, + "-out", $P2req, "-keyout", $P2key, + @req_new], + stdout => "err.ss")), + 'make another proxy cert request'); + + + skip 'failure', 1 unless + ok(run(app([@x509cmd, "-CAcreateserial", "-in", $P2req, "-days", "30", + "-req", "-out", $P2cert, + "-CA", $P1cert, "-CAkey", $P1key, + "-extfile", $P2conf, "-extensions", "v3_proxy"], + stdout => "err.ss")), + 'sign second proxy cert request with the first proxy cert'); + + + open OUT, ">", $P2intermediate; + copy($Ucert, \*OUT); copy($P1cert, \*OUT); + close OUT; + run(app([@verifycmd, "-CAfile", $CAcert, + "-untrusted", $P2intermediate, $P2cert])); + ok(run(app([@x509cmd, + "-subject", "-issuer", "-startdate", "-enddate", + "-noout", "-in", $P2cert])), + 'Certificate details'); + } +} + +sub testssl { + my ($key, $cert, $CAtmp) = @_; + my @CA = $CAtmp ? ("-CAfile", $CAtmp) : ("-CApath", bldtop_dir("certs")); + + my @ssltest = ("ssltest_old", + "-s_key", $key, "-s_cert", $cert, + "-c_key", $key, "-c_cert", $cert); + + my $serverinfo = srctop_file("test","serverinfo.pem"); + + my $dsa_cert = 0; + if (grep /DSA Public Key/, run(app(["openssl", "x509", "-in", $cert, + "-text", "-noout"]), capture => 1)) { + $dsa_cert = 1; + } + + + # plan tests => 11; + + subtest 'standard SSL tests' => sub { + ###################################################################### + plan tests => 21; + + SKIP: { + skip "SSLv3 is not supported by this OpenSSL build", 4 + if disabled("ssl3"); + + ok(run(test([@ssltest, "-bio_pair", "-ssl3"])), + 'test sslv3 via BIO pair'); + ok(run(test([@ssltest, "-bio_pair", "-ssl3", "-server_auth", @CA])), + 'test sslv3 with server authentication via BIO pair'); + ok(run(test([@ssltest, "-bio_pair", "-ssl3", "-client_auth", @CA])), + 'test sslv3 with client authentication via BIO pair'); + ok(run(test([@ssltest, "-bio_pair", "-ssl3", "-server_auth", "-client_auth", @CA])), + 'test sslv3 with both server and client authentication via BIO pair'); + } + + SKIP: { + skip "Neither SSLv3 nor any TLS version are supported by this OpenSSL build", 1 + if $no_anytls; + + ok(run(test([@ssltest, "-bio_pair"])), + 'test sslv2/sslv3 via BIO pair'); + } + + SKIP: { + skip "DTLSv1 is not supported by this OpenSSL build", 4 + if disabled("dtls1"); + + ok(run(test([@ssltest, "-dtls1"])), + 'test dtlsv1'); + ok(run(test([@ssltest, "-dtls1", "-server_auth", @CA])), + 'test dtlsv1 with server authentication'); + ok(run(test([@ssltest, "-dtls1", "-client_auth", @CA])), + 'test dtlsv1 with client authentication'); + ok(run(test([@ssltest, "-dtls1", "-server_auth", "-client_auth", @CA])), + 'test dtlsv1 with both server and client authentication'); + } + + SKIP: { + skip "DTLSv1.2 is not supported by this OpenSSL build", 4 + if disabled("dtls1_2"); + + ok(run(test([@ssltest, "-dtls12"])), + 'test dtlsv1.2'); + ok(run(test([@ssltest, "-dtls12", "-server_auth", @CA])), + 'test dtlsv1.2 with server authentication'); + ok(run(test([@ssltest, "-dtls12", "-client_auth", @CA])), + 'test dtlsv1.2 with client authentication'); + ok(run(test([@ssltest, "-dtls12", "-server_auth", "-client_auth", @CA])), + 'test dtlsv1.2 with both server and client authentication'); + } + + SKIP: { + skip "Neither SSLv3 nor any TLS version are supported by this OpenSSL build", 8 + if $no_anytls; + + SKIP: { + skip "skipping test of sslv2/sslv3 w/o (EC)DHE test", 1 if $dsa_cert; + + ok(run(test([@ssltest, "-bio_pair", "-no_dhe", "-no_ecdhe"])), + 'test sslv2/sslv3 w/o (EC)DHE via BIO pair'); + } + + ok(run(test([@ssltest, "-bio_pair", "-dhe1024dsa", "-v"])), + 'test sslv2/sslv3 with 1024bit DHE via BIO pair'); + ok(run(test([@ssltest, "-bio_pair", "-server_auth", @CA])), + 'test sslv2/sslv3 with server authentication'); + ok(run(test([@ssltest, "-bio_pair", "-client_auth", @CA])), + 'test sslv2/sslv3 with client authentication via BIO pair'); + ok(run(test([@ssltest, "-bio_pair", "-server_auth", "-client_auth", @CA])), + 'test sslv2/sslv3 with both client and server authentication via BIO pair'); + ok(run(test([@ssltest, "-bio_pair", "-server_auth", "-client_auth", "-app_verify", @CA])), + 'test sslv2/sslv3 with both client and server authentication via BIO pair and app verify'); + + SKIP: { + skip "No IPv4 available on this machine", 1 + unless !disabled("sock") && have_IPv4(); + ok(run(test([@ssltest, "-ipv4"])), + 'test TLS via IPv4'); + } + + SKIP: { + skip "No IPv6 available on this machine", 1 + unless !disabled("sock") && have_IPv6(); + ok(run(test([@ssltest, "-ipv6"])), + 'test TLS via IPv6'); + } + } + }; + + subtest "Testing ciphersuites" => sub { + + my @exkeys = (); + my $ciphers = "-PSK:-SRP"; + + if ($no_dh) { + note "skipping DHE tests\n"; + $ciphers .= ":-kDHE"; + } + if ($no_dsa) { + note "skipping DSA tests\n"; + $ciphers .= ":-aDSA"; + } else { + push @exkeys, "-s_cert", "certD.ss", "-s_key", "keyD.ss"; + } + + if ($no_ec) { + note "skipping EC tests\n"; + $ciphers .= ":!aECDSA:!kECDH"; + } else { + push @exkeys, "-s_cert", "certE.ss", "-s_key", "keyE.ss"; + } + + my @protocols = (); + # We only use the flags that ssltest_old understands + push @protocols, "-tls1_2" unless $no_tls1_2; + push @protocols, "-tls1" unless $no_tls1; + push @protocols, "-ssl3" unless $no_ssl3; + my $protocolciphersuitecount = 0; + my %ciphersuites = (); + foreach my $protocol (@protocols) { + $ciphersuites{$protocol} = + [ map { s|\R||; split(/:/, $_) } + run(app(["openssl", "ciphers", "-s", $protocol, + "ALL:$ciphers"]), capture => 1) ]; + $protocolciphersuitecount += scalar @{$ciphersuites{$protocol}}; + } + + plan skip_all => "None of the ciphersuites to test are available in this OpenSSL build" + if $protocolciphersuitecount + scalar(keys %ciphersuites) == 0; + + # The count of protocols is because in addition to the ciphersuits + # we got above, we're running a weak DH test for each protocol + plan tests => $protocolciphersuitecount + scalar(keys %ciphersuites); + + foreach my $protocol (sort keys %ciphersuites) { + note "Testing ciphersuites for $protocol"; + # ssltest_old doesn't know -tls1_2, but that's fine, since that's + # the default choice if TLSv1.2 enabled + my $flag = $protocol eq "-tls1_2" ? "" : $protocol; + foreach my $cipher (@{$ciphersuites{$protocol}}) { + if ($protocol eq "-ssl3" && $cipher =~ /ECDH/ ) { + note "*****SKIPPING $protocol $cipher"; + ok(1); + } else { + ok(run(test([@ssltest, @exkeys, "-cipher", $cipher, + $flag || ()])), + "Testing $cipher"); + } + } + is(run(test([@ssltest, + "-s_cipher", "EDH", + "-c_cipher", 'EDH:@SECLEVEL=1', + "-dhe512", + $protocol eq "SSLv3" ? ("-ssl3") : ()])), 0, + "testing connection with weak DH, expecting failure"); + } + }; + + subtest 'RSA/(EC)DHE/PSK tests' => sub { + ###################################################################### + + plan tests => 5; + + SKIP: { + skip "TLSv1.0 is not supported by this OpenSSL build", 5 + if $no_tls1; + + SKIP: { + skip "skipping anonymous DH tests", 1 + if ($no_dh); + + ok(run(test([@ssltest, "-v", "-bio_pair", "-tls1", "-cipher", "ADH", "-dhe1024dsa", "-num", "10", "-f", "-time"])), + 'test tlsv1 with 1024bit anonymous DH, multiple handshakes'); + } + + SKIP: { + skip "skipping RSA tests", 2 + if $no_rsa; + + ok(run(test(["ssltest_old", "-v", "-bio_pair", "-tls1", "-s_cert", srctop_file("apps","server2.pem"), "-no_dhe", "-no_ecdhe", "-num", "10", "-f", "-time"])), + 'test tlsv1 with 1024bit RSA, no (EC)DHE, multiple handshakes'); + + skip "skipping RSA+DHE tests", 1 + if $no_dh; + + ok(run(test(["ssltest_old", "-v", "-bio_pair", "-tls1", "-s_cert", srctop_file("apps","server2.pem"), "-dhe1024dsa", "-num", "10", "-f", "-time"])), + 'test tlsv1 with 1024bit RSA, 1024bit DHE, multiple handshakes'); + } + + SKIP: { + skip "skipping PSK tests", 2 + if ($no_psk); + + ok(run(test([@ssltest, "-tls1", "-cipher", "PSK", "-psk", "abc123"])), + 'test tls1 with PSK'); + + ok(run(test([@ssltest, "-bio_pair", "-tls1", "-cipher", "PSK", "-psk", "abc123"])), + 'test tls1 with PSK via BIO pair'); + } + } + + }; + + subtest 'Custom Extension tests' => sub { + ###################################################################### + + plan tests => 1; + + SKIP: { + skip "TLSv1.0 is not supported by this OpenSSL build", 1 + if $no_tls1; + + ok(run(test([@ssltest, "-bio_pair", "-tls1", "-custom_ext"])), + 'test tls1 with custom extensions'); + } + }; + + subtest 'Serverinfo tests' => sub { + ###################################################################### + + plan tests => 5; + + SKIP: { + skip "TLSv1.0 is not supported by this OpenSSL build", 5 + if $no_tls1; + + note('echo test tls1 with serverinfo'); + ok(run(test([@ssltest, "-bio_pair", "-tls1", "-serverinfo_file", $serverinfo]))); + ok(run(test([@ssltest, "-bio_pair", "-tls1", "-serverinfo_file", $serverinfo, "-serverinfo_sct"]))); + ok(run(test([@ssltest, "-bio_pair", "-tls1", "-serverinfo_file", $serverinfo, "-serverinfo_tack"]))); + ok(run(test([@ssltest, "-bio_pair", "-tls1", "-serverinfo_file", $serverinfo, "-serverinfo_sct", "-serverinfo_tack"]))); + ok(run(test([@ssltest, "-bio_pair", "-tls1", "-custom_ext", "-serverinfo_file", $serverinfo, "-serverinfo_sct", "-serverinfo_tack"]))); + } + }; + + subtest 'SRP tests' => sub { + + plan tests => 4; + + SKIP: { + skip "skipping SRP tests", 4 + if $no_srp || alldisabled(grep !/^ssl3/, available_protocols("tls")); + + ok(run(test([@ssltest, "-tls1", "-cipher", "SRP", "-srpuser", "test", "-srppass", "abc123"])), + 'test tls1 with SRP'); + + ok(run(test([@ssltest, "-bio_pair", "-tls1", "-cipher", "SRP", "-srpuser", "test", "-srppass", "abc123"])), + 'test tls1 with SRP via BIO pair'); + + ok(run(test([@ssltest, "-tls1", "-cipher", "aSRP", "-srpuser", "test", "-srppass", "abc123"])), + 'test tls1 with SRP auth'); + + ok(run(test([@ssltest, "-bio_pair", "-tls1", "-cipher", "aSRP", "-srpuser", "test", "-srppass", "abc123"])), + 'test tls1 with SRP auth via BIO pair'); + } + }; +} + +unlink $CAkey; +unlink $CAcert; +unlink $CAserial; +unlink $CAreq; +unlink $CAreq2; + +unlink $Ukey; +unlink $Ureq; +unlink $Ucert; +unlink basename($Ucert, '.ss').'.srl'; + +unlink $Dkey; +unlink $Dreq; +unlink $Dcert; + +unlink $Ekey; +unlink $Ereq; +unlink $Ecert; + +unlink $P1key; +unlink $P1req; +unlink $P1cert; +unlink basename($P1cert, '.ss').'.srl'; +unlink $P1intermediate; +unlink "intP1.ss"; + +unlink $P2key; +unlink $P2req; +unlink $P2cert; +unlink $P2intermediate; +unlink "intP2.ss"; + +unlink "ecp.ss"; +unlink "err.ss"; + +unlink $server_sess; +unlink $client_sess; diff --git a/openssl-1.1.0h/test/recipes/80-test_ssl_test_ctx.t b/openssl-1.1.0h/test/recipes/80-test_ssl_test_ctx.t new file mode 100644 index 0000000..c593491 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/80-test_ssl_test_ctx.t @@ -0,0 +1,19 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_ssl_test_ctx"); + +plan tests => 1; +ok(run(test(["ssl_test_ctx_test", srctop_file("test", "ssl_test_ctx_test.conf")])), + "running ssl_test_ctx_test ssl_test_ctx_test.conf"); diff --git a/openssl-1.1.0h/test/recipes/80-test_sslcorrupt.t b/openssl-1.1.0h/test/recipes/80-test_sslcorrupt.t new file mode 100644 index 0000000..53f8a82 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/80-test_sslcorrupt.t @@ -0,0 +1,20 @@ +#! /usr/bin/env perl +# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use OpenSSL::Test::Utils; +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_sslcorrupt"); + +plan skip_all => "No TLS protocols are supported by this OpenSSL build" + if alldisabled(available_protocols("tls")); + +plan tests => 1; + +ok(run(test(["sslcorrupttest", srctop_file("apps", "server.pem"), + srctop_file("apps", "server.pem")])), "running sslcorrupttest"); diff --git a/openssl-1.1.0h/test/recipes/80-test_tsa.t b/openssl-1.1.0h/test/recipes/80-test_tsa.t new file mode 100644 index 0000000..3ba14d4 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/80-test_tsa.t @@ -0,0 +1,207 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use POSIX; +use File::Spec::Functions qw/splitdir curdir catfile/; +use File::Compare; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file/; +use OpenSSL::Test::Utils; + +setup("test_tsa"); + +plan skip_all => "TS is not supported by this OpenSSL build" + if disabled("ts"); + +# All these are modified inside indir further down. They need to exist +# here, however, to be available in all subroutines. +my $openssl_conf; +my $testtsa; +my $CAtsa; +my @RUN; + +sub create_tsa_cert { + my $INDEX = shift; + my $EXT = shift; + my $r = 1; + $ENV{TSDNSECT} = "ts_cert_dn"; + + ok(run(app(["openssl", "req", "-config", $openssl_conf, "-new", + "-out", "tsa_req${INDEX}.pem", + "-keyout", "tsa_key${INDEX}.pem"]))); + note "using extension $EXT"; + ok(run(app(["openssl", "x509", "-req", + "-in", "tsa_req${INDEX}.pem", + "-out", "tsa_cert${INDEX}.pem", + "-CA", "tsaca.pem", "-CAkey", "tsacakey.pem", + "-CAcreateserial", + "-extfile", $openssl_conf, "-extensions", $EXT]))); +} + +sub create_time_stamp_response { + my $queryfile = shift; + my $outputfile = shift; + my $datafile = shift; + + ok(run(app([@RUN, "-reply", "-section", "$datafile", + "-queryfile", "$queryfile", "-out", "$outputfile"]))); +} + +sub verify_time_stamp_response { + my $queryfile = shift; + my $inputfile = shift; + my $datafile = shift; + + ok(run(app([@RUN, "-verify", "-queryfile", "$queryfile", + "-in", "$inputfile", "-CAfile", "tsaca.pem", + "-untrusted", "tsa_cert1.pem"]))); + ok(run(app([@RUN, "-verify", "-data", "$datafile", + "-in", "$inputfile", "-CAfile", "tsaca.pem", + "-untrusted", "tsa_cert1.pem"]))); +} + +sub verify_time_stamp_response_fail { + my $queryfile = shift; + my $inputfile = shift; + + ok(!run(app([@RUN, "-verify", "-queryfile", "$queryfile", + "-in", "$inputfile", "-CAfile", "tsaca.pem", + "-untrusted", "tsa_cert1.pem"]))); +} + +# main functions + +plan tests => 20; + +note "setting up TSA test directory"; +indir "tsa" => sub +{ + $openssl_conf = srctop_file("test", "CAtsa.cnf"); + $testtsa = srctop_file("test", "recipes", "80-test_tsa.t"); + $CAtsa = srctop_file("test", "CAtsa.cnf"); + @RUN = ("openssl", "ts", "-config", $openssl_conf); + + # ../apps/CA.pl needs these + $ENV{OPENSSL_CONFIG} = "-config $openssl_conf"; + $ENV{OPENSSL} = cmdstr(app(["openssl"]), display => 1); + + SKIP: { + $ENV{TSDNSECT} = "ts_ca_dn"; + skip "failed", 19 + unless ok(run(app(["openssl", "req", "-config", $openssl_conf, + "-new", "-x509", "-nodes", + "-out", "tsaca.pem", "-keyout", "tsacakey.pem"])), + 'creating a new CA for the TSA tests'); + + skip "failed", 18 + unless subtest 'creating tsa_cert1.pem TSA server cert' => sub { + create_tsa_cert("1", "tsa_cert") + }; + + skip "failed", 17 + unless subtest 'creating tsa_cert2.pem non-TSA server cert' => sub { + create_tsa_cert("2", "non_tsa_cert") + }; + + skip "failed", 16 + unless ok(run(app([@RUN, "-query", "-data", $testtsa, + "-tspolicy", "tsa_policy1", "-cert", + "-out", "req1.tsq"])), + 'creating req1.req time stamp request for file testtsa'); + + ok(run(app([@RUN, "-query", "-in", "req1.tsq", "-text"])), + 'printing req1.req'); + + subtest 'generating valid response for req1.req' => sub { + create_time_stamp_response("req1.tsq", "resp1.tsr", "tsa_config1") + }; + + ok(run(app([@RUN, "-reply", "-in", "resp1.tsr", "-text"])), + 'printing response'); + + subtest 'verifying valid response' => sub { + verify_time_stamp_response("req1.tsq", "resp1.tsr", $testtsa) + }; + + skip "failed", 11 + unless subtest 'verifying valid token' => sub { + ok(run(app([@RUN, "-reply", "-in", "resp1.tsr", + "-out", "resp1.tsr.token", "-token_out"]))); + ok(run(app([@RUN, "-verify", "-queryfile", "req1.tsq", + "-in", "resp1.tsr.token", "-token_in", + "-CAfile", "tsaca.pem", + "-untrusted", "tsa_cert1.pem"]))); + ok(run(app([@RUN, "-verify", "-data", $testtsa, + "-in", "resp1.tsr.token", "-token_in", + "-CAfile", "tsaca.pem", + "-untrusted", "tsa_cert1.pem"]))); + }; + + skip "failed", 10 + unless ok(run(app([@RUN, "-query", "-data", $testtsa, + "-tspolicy", "tsa_policy2", "-no_nonce", + "-out", "req2.tsq"])), + 'creating req2.req time stamp request for file testtsa'); + + ok(run(app([@RUN, "-query", "-in", "req2.tsq", "-text"])), + 'printing req2.req'); + + skip "failed", 8 + unless subtest 'generating valid response for req2.req' => sub { + create_time_stamp_response("req2.tsq", "resp2.tsr", "tsa_config1") + }; + + skip "failed", 7 + unless subtest 'checking -token_in and -token_out options with -reply' => sub { + my $RESPONSE2="resp2.tsr.copy.tsr"; + my $TOKEN_DER="resp2.tsr.token.der"; + + ok(run(app([@RUN, "-reply", "-in", "resp2.tsr", + "-out", "$TOKEN_DER", "-token_out"]))); + ok(run(app([@RUN, "-reply", "-in", "$TOKEN_DER", + "-token_in", "-out", "$RESPONSE2"]))); + is(compare($RESPONSE2, "resp2.tsr"), 0); + ok(run(app([@RUN, "-reply", "-in", "resp2.tsr", + "-text", "-token_out"]))); + ok(run(app([@RUN, "-reply", "-in", "$TOKEN_DER", + "-token_in", "-text", "-token_out"]))); + ok(run(app([@RUN, "-reply", "-queryfile", "req2.tsq", + "-text", "-token_out"]))); + }; + + ok(run(app([@RUN, "-reply", "-in", "resp2.tsr", "-text"])), + 'printing response'); + + subtest 'verifying valid response' => sub { + verify_time_stamp_response("req2.tsq", "resp2.tsr", $testtsa) + }; + + subtest 'verifying response against wrong request, it should fail' => sub { + verify_time_stamp_response_fail("req1.tsq", "resp2.tsr") + }; + + subtest 'verifying response against wrong request, it should fail' => sub { + verify_time_stamp_response_fail("req2.tsq", "resp1.tsr") + }; + + skip "failure", 2 + unless ok(run(app([@RUN, "-query", "-data", $CAtsa, + "-no_nonce", "-out", "req3.tsq"])), + "creating req3.req time stamp request for file CAtsa.cnf"); + + ok(run(app([@RUN, "-query", "-in", "req3.tsq", "-text"])), + 'printing req3.req'); + + subtest 'verifying response against wrong request, it should fail' => sub { + verify_time_stamp_response_fail("req3.tsq", "resp1.tsr") + }; + } +}, create => 1, cleanup => 1 diff --git a/openssl-1.1.0h/test/recipes/80-test_x509aux.t b/openssl-1.1.0h/test/recipes/80-test_x509aux.t new file mode 100644 index 0000000..65ba5fc --- /dev/null +++ b/openssl-1.1.0h/test/recipes/80-test_x509aux.t @@ -0,0 +1,27 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; +use OpenSSL::Test qw/:DEFAULT srctop_file/; +use OpenSSL::Test::Utils; + +setup("test_x509aux"); + +plan skip_all => "test_dane uses ec which is not supported by this OpenSSL build" + if disabled("ec"); + +plan tests => 1; # The number of tests being performed + +ok(run(test(["x509aux", + srctop_file("test", "certs", "roots.pem"), + srctop_file("test", "certs", "root+anyEKU.pem"), + srctop_file("test", "certs", "root-anyEKU.pem"), + srctop_file("test", "certs", "root-cert.pem")] + )), "x509aux tests"); diff --git a/openssl-1.1.0h/test/recipes/90-test_async.t b/openssl-1.1.0h/test/recipes/90-test_async.t new file mode 100644 index 0000000..e0f1870 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/90-test_async.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_async", "asynctest", "async"); diff --git a/openssl-1.1.0h/test/recipes/90-test_bio_enc.t b/openssl-1.1.0h/test/recipes/90-test_bio_enc.t new file mode 100644 index 0000000..aa7e42a --- /dev/null +++ b/openssl-1.1.0h/test/recipes/90-test_bio_enc.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_bio_enc", "bio_enc_test", "bio_enc"); diff --git a/openssl-1.1.0h/test/recipes/90-test_bioprint.t b/openssl-1.1.0h/test/recipes/90-test_bioprint.t new file mode 100644 index 0000000..b86e828 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/90-test_bioprint.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_bioprint", "bioprinttest"); diff --git a/openssl-1.1.0h/test/recipes/90-test_constant_time.t b/openssl-1.1.0h/test/recipes/90-test_constant_time.t new file mode 100644 index 0000000..6fa73bf --- /dev/null +++ b/openssl-1.1.0h/test/recipes/90-test_constant_time.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_constant_time", "constant_time_test"); diff --git a/openssl-1.1.0h/test/recipes/90-test_fatalerr.t b/openssl-1.1.0h/test/recipes/90-test_fatalerr.t new file mode 100644 index 0000000..361bc1f --- /dev/null +++ b/openssl-1.1.0h/test/recipes/90-test_fatalerr.t @@ -0,0 +1,21 @@ +#! /usr/bin/env perl +# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Utils; +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_fatalerr"); + +plan skip_all => "No TLS/SSL protocols are supported by this OpenSSL build" + if alldisabled(grep { $_ ne "ssl3" } available_protocols("tls")); + +plan tests => 1; + +ok(run(test(["fatalerrtest", srctop_file("apps", "server.pem"), + srctop_file("apps", "server.pem")])), "running fatalerrtest"); diff --git a/openssl-1.1.0h/test/recipes/90-test_fuzz.t b/openssl-1.1.0h/test/recipes/90-test_fuzz.t new file mode 100644 index 0000000..d152925 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/90-test_fuzz.t @@ -0,0 +1,40 @@ +#!/usr/bin/env perl +# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use warnings; + +use if $^O ne "VMS", 'File::Glob' => qw/glob/; +use OpenSSL::Test qw/:DEFAULT srctop_file/; +use OpenSSL::Test::Utils; + +setup("test_fuzz"); + +my @fuzzers = ('asn1', 'asn1parse', 'bignum', 'bndiv', 'conf', 'crl', 'server', 'x509'); +if (!disabled("cms")) { + push @fuzzers, 'cms'; +} +if (!disabled("ct")) { + push @fuzzers, 'ct'; +} +plan tests => scalar @fuzzers; + +foreach my $f (@fuzzers) { + subtest "Fuzzing $f" => sub { + my @files = glob(srctop_file('fuzz', 'corpora', $f, '*')); + push @files, glob(srctop_file('fuzz', 'corpora', "$f-*", '*')); + + plan skip_all => "No corpora for $f-test" unless @files; + + plan tests => scalar @files; + + foreach (@files) { + ok(run(fuzz(["$f-test", $_]))); + } + } +} diff --git a/openssl-1.1.0h/test/recipes/90-test_gmdiff.t b/openssl-1.1.0h/test/recipes/90-test_gmdiff.t new file mode 100644 index 0000000..f2cce41 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/90-test_gmdiff.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_gmdiff", "gmdifftest"); diff --git a/openssl-1.1.0h/test/recipes/90-test_heartbeat.t b/openssl-1.1.0h/test/recipes/90-test_heartbeat.t new file mode 100644 index 0000000..90d6a67 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/90-test_heartbeat.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_heartbeat", "heartbeat_test", "heartbeats"); diff --git a/openssl-1.1.0h/test/recipes/90-test_ige.t b/openssl-1.1.0h/test/recipes/90-test_ige.t new file mode 100644 index 0000000..2ab4bd2 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/90-test_ige.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_ige", "igetest"); diff --git a/openssl-1.1.0h/test/recipes/90-test_memleak.t b/openssl-1.1.0h/test/recipes/90-test_memleak.t new file mode 100644 index 0000000..52357c7 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/90-test_memleak.t @@ -0,0 +1,15 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test; + +setup("test_memleak"); +plan tests => 2; +ok(run(test(["memleaktest"])), "running leak test"); +ok(run(test(["memleaktest", "freeit"])), "running no leak test"); diff --git a/openssl-1.1.0h/test/recipes/90-test_p5_crpt2.t b/openssl-1.1.0h/test/recipes/90-test_p5_crpt2.t new file mode 100644 index 0000000..710dc8b --- /dev/null +++ b/openssl-1.1.0h/test/recipes/90-test_p5_crpt2.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_p5_crpt2", "p5_crpt2_test"); diff --git a/openssl-1.1.0h/test/recipes/90-test_secmem.t b/openssl-1.1.0h/test/recipes/90-test_secmem.t new file mode 100644 index 0000000..d197c48 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/90-test_secmem.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_secmem", "secmemtest"); diff --git a/openssl-1.1.0h/test/recipes/90-test_shlibload.t b/openssl-1.1.0h/test/recipes/90-test_shlibload.t new file mode 100644 index 0000000..aa8d98d --- /dev/null +++ b/openssl-1.1.0h/test/recipes/90-test_shlibload.t @@ -0,0 +1,38 @@ +#! /usr/bin/env perl +# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test qw/:DEFAULT bldtop_dir/; +use OpenSSL::Test::Utils; + +#Load configdata.pm + +BEGIN { + setup("test_shlibload"); +} +use lib bldtop_dir('.'); +use configdata; + +plan skip_all => "Test only supported in a shared build" if disabled("shared"); + +plan tests => 3; + +my $libcrypto_idx = $unified_info{rename}->{libcrypto} // "libcrypto"; +my $libssl_idx = $unified_info{rename}->{libssl} // "libssl"; +my $libcrypto = + $unified_info{sharednames}->{$libcrypto_idx}.$target{shared_extension_simple}; +my $libssl = + $unified_info{sharednames}->{$libssl_idx}.$target{shared_extension_simple}; + +ok(run(test(["shlibloadtest", "-crypto_first", $libcrypto, $libssl])), + "running shlibloadtest -crypto_first"); +ok(run(test(["shlibloadtest", "-ssl_first", $libcrypto, $libssl])), + "running shlibloadtest -ssl_first"); +ok(run(test(["shlibloadtest", "-just_crypto", $libcrypto, $libssl])), + "running shlibloadtest -just_crypto"); + diff --git a/openssl-1.1.0h/test/recipes/90-test_srp.t b/openssl-1.1.0h/test/recipes/90-test_srp.t new file mode 100644 index 0000000..7026c35 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/90-test_srp.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_srp", "srptest", "srp"); diff --git a/openssl-1.1.0h/test/recipes/90-test_sslapi.t b/openssl-1.1.0h/test/recipes/90-test_sslapi.t new file mode 100644 index 0000000..efaae3b --- /dev/null +++ b/openssl-1.1.0h/test/recipes/90-test_sslapi.t @@ -0,0 +1,21 @@ +#! /usr/bin/env perl +# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Utils; +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_sslapi"); + +plan skip_all => "No TLS/SSL protocols are supported by this OpenSSL build" + if alldisabled(grep { $_ ne "ssl3" } available_protocols("tls")); + +plan tests => 1; + +ok(run(test(["sslapitest", srctop_file("apps", "server.pem"), + srctop_file("apps", "server.pem")])), "running sslapitest"); diff --git a/openssl-1.1.0h/test/recipes/90-test_threads.t b/openssl-1.1.0h/test/recipes/90-test_threads.t new file mode 100644 index 0000000..56d5338 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/90-test_threads.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_threads", "threadstest"); diff --git a/openssl-1.1.0h/test/recipes/90-test_v3name.t b/openssl-1.1.0h/test/recipes/90-test_v3name.t new file mode 100644 index 0000000..2e144e5 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/90-test_v3name.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_v3name", "v3nametest"); diff --git a/openssl-1.1.0h/test/recipes/bc.pl b/openssl-1.1.0h/test/recipes/bc.pl new file mode 100644 index 0000000..dbb5842 --- /dev/null +++ b/openssl-1.1.0h/test/recipes/bc.pl @@ -0,0 +1,113 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use Math::BigInt; + +sub calc { + @_ = __adder(@_); + if (scalar @_ != 1) { return "NaN"; } + return shift; +} + +sub __canonhex { + my ($sign, $hex) = (shift =~ /^([+\-]?)(.*)$/); + $hex = "0x".$hex if $hex !~ /^0x/; + return $sign.$hex; +} + +sub __adder { + @_ = __multiplier(@_); + while (scalar @_ > 1 && $_[1] =~ /^[\+\-]$/) { + my $operand1 = Math::BigInt->from_hex(__canonhex(shift)); + my $operator = shift; + @_ = __multiplier(@_); + my $operand2 = Math::BigInt->from_hex(__canonhex(shift)); + if ($operator eq "+") { + $operand1->badd($operand2); + } elsif ($operator eq "-") { + $operand1->bsub($operand2); + } else { + die "SOMETHING WENT AWFULLY WRONG"; + } + unshift @_, $operand1->as_hex(); + } + return @_; +} + +sub __multiplier { + @_ = __power(@_); + while (scalar @_ > 1 && $_[1] =~ /^[\*\/%]$/) { + my $operand1 = Math::BigInt->from_hex(__canonhex(shift)); + my $operator = shift; + @_ = __power(@_); + my $operand2 = Math::BigInt->from_hex(__canonhex(shift)); + if ($operator eq "*") { + $operand1->bmul($operand2); + } elsif ($operator eq "/") { + # Math::BigInt->bdiv() is documented to do floored division, + # i.e. 1 / -4 = -1, while bc and OpenSSL BN_div do truncated + # division, i.e. 1 / -4 = 0. We need to make the operation + # work like OpenSSL's BN_div to be able to verify. + my $neg = ($operand1->is_neg() + ? !$operand2->is_neg() : $operand2->is_neg()); + $operand1->babs(); + $operand2->babs(); + $operand1->bdiv($operand2); + if ($neg) { $operand1->bneg(); } + } elsif ($operator eq "%") { + # Here's a bit of a quirk... + # With OpenSSL's BN, as well as bc, the result of -10 % 3 is -1 + # while Math::BigInt, the result is 2. + # The latter is mathematically more correct, but... + my $o1isneg = $operand1->is_neg(); + $operand1->babs(); + # Math::BigInt does something different with a negative modulus, + # while OpenSSL's BN and bc treat it like a positive number... + $operand2->babs(); + $operand1->bmod($operand2); + if ($o1isneg) { $operand1->bneg(); } + } else { + die "SOMETHING WENT AWFULLY WRONG"; + } + unshift @_, $operand1->as_hex(); + } + return @_; +} + +sub __power { + @_ = __paren(@_); + while (scalar @_ > 1 && $_[1] eq "^") { + my $operand1 = Math::BigInt->from_hex(__canonhex(shift)); + shift; + @_ = __paren(@_); + my $operand2 = Math::BigInt->from_hex(__canonhex(shift)); + $operand1->bpow($operand2); + unshift @_, $operand1->as_hex(); + } + return @_; +} + +# returns array ( $result, @remaining ) +sub __paren { + if (scalar @_ > 0 && $_[0] eq "(") { + shift; + my @result = __adder(@_); + if (scalar @_ == 0 || $_[0] ne ")") { + return ("NaN"); + } + shift; + return @result; + } + return @_; +} + +1; diff --git a/openssl-1.1.0h/test/recipes/tconversion.pl b/openssl-1.1.0h/test/recipes/tconversion.pl new file mode 100644 index 0000000..1cf68dc --- /dev/null +++ b/openssl-1.1.0h/test/recipes/tconversion.pl @@ -0,0 +1,105 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use File::Compare qw/compare_text/; +use File::Copy; +use OpenSSL::Test qw/:DEFAULT/; + +my %conversionforms = ( + # Default conversion forms. Other series may be added with + # specific test types as key. + "*" => [ "d", "p" ], + "msb" => [ "d", "p", "msblob" ], + ); +sub tconversion { + my $testtype = shift; + my $t = shift; + my @conversionforms = + defined($conversionforms{$testtype}) ? + @{$conversionforms{$testtype}} : + @{$conversionforms{"*"}}; + my @openssl_args = @_; + if (!@openssl_args) { @openssl_args = ($testtype); } + + my $n = scalar @conversionforms; + my $totaltests = + 1 # for initializing + + $n # initial conversions from p to all forms (A) + + $n*$n # conversion from result of A to all forms (B) + + 1 # comparing original test file to p form of A + + $n*($n-1); # comparing first conversion to each form in A with B + $totaltests-- if ($testtype eq "p7d"); # no comparison of original test file + plan tests => $totaltests; + + my @cmd = ("openssl", @openssl_args); + + my $init; + if (scalar @openssl_args > 0 && $openssl_args[0] eq "pkey") { + $init = ok(run(app([@cmd, "-in", $t, "-out", "$testtype-fff.p"])), + 'initializing'); + } else { + $init = ok(copy($t, "$testtype-fff.p"), 'initializing'); + } + if (!$init) { + diag("Trying to copy $t to $testtype-fff.p : $!"); + } + + SKIP: { + skip "Not initialized, skipping...", 22 unless $init; + + foreach my $to (@conversionforms) { + ok(run(app([@cmd, + "-in", "$testtype-fff.p", + "-inform", "p", + "-out", "$testtype-f.$to", + "-outform", $to])), + "p -> $to"); + } + + foreach my $to (@conversionforms) { + foreach my $from (@conversionforms) { + ok(run(app([@cmd, + "-in", "$testtype-f.$from", + "-inform", $from, + "-out", "$testtype-ff.$from$to", + "-outform", $to])), + "$from -> $to"); + } + } + + if ($testtype ne "p7d") { + is(cmp_text("$testtype-fff.p", "$testtype-f.p"), 0, + 'comparing orig to p'); + } + + foreach my $to (@conversionforms) { + next if $to eq "d"; + foreach my $from (@conversionforms) { + is(cmp_text("$testtype-f.$to", "$testtype-ff.$from$to"), 0, + "comparing $to to $from$to"); + } + } + } + unlink glob "$testtype-f.*"; + unlink glob "$testtype-ff.*"; + unlink glob "$testtype-fff.*"; +} + +sub cmp_text { + return compare_text(@_, sub { + $_[0] =~ s/\R//g; + $_[1] =~ s/\R//g; + return $_[0] ne $_[1]; + }); +} + +1; |