1#!/bin/sh 2 3if [ "$1" = "" ]; then 4 key=../apps/server.pem 5else 6 key="$1" 7fi 8if [ "$2" = "" ]; then 9 cert=../apps/server.pem 10else 11 cert="$2" 12fi 13ssltest="adb shell /system/bin/ssltest -key $key -cert $cert -c_key $key -c_cert $cert" 14 15if adb shell /system/bin/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then 16 dsa_cert=YES 17else 18 dsa_cert=NO 19fi 20 21if [ "$3" = "" ]; then 22 CA="-CApath ../certs" 23else 24 CA="-CAfile $3" 25fi 26 27if [ "$4" = "" ]; then 28 extra="" 29else 30 extra="$4" 31fi 32 33############################################################################# 34 35echo test sslv2 36$ssltest -ssl2 $extra || exit 1 37 38echo test sslv2 with server authentication 39$ssltest -ssl2 -server_auth $CA $extra || exit 1 40 41if [ $dsa_cert = NO ]; then 42 echo test sslv2 with client authentication 43 $ssltest -ssl2 -client_auth $CA $extra || exit 1 44 45 echo test sslv2 with both client and server authentication 46 $ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1 47fi 48 49echo test sslv3 50$ssltest -ssl3 $extra || exit 1 51 52echo test sslv3 with server authentication 53$ssltest -ssl3 -server_auth $CA $extra || exit 1 54 55echo test sslv3 with client authentication 56$ssltest -ssl3 -client_auth $CA $extra || exit 1 57 58echo test sslv3 with both client and server authentication 59$ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1 60 61echo test sslv2/sslv3 62$ssltest $extra || exit 1 63 64echo test sslv2/sslv3 with server authentication 65$ssltest -server_auth $CA $extra || exit 1 66 67echo test sslv2/sslv3 with client authentication 68$ssltest -client_auth $CA $extra || exit 1 69 70echo test sslv2/sslv3 with both client and server authentication 71$ssltest -server_auth -client_auth $CA $extra || exit 1 72 73echo test sslv2/sslv3 with both client and server authentication and small client buffers 74$ssltest -server_auth -client_auth -c_small_records $CA $extra || exit 1 75 76echo test sslv2/sslv3 with both client and server authentication and small server buffers 77$ssltest -server_auth -client_auth -s_small_records $CA $extra || exit 1 78 79echo test sslv2/sslv3 with both client and server authentication and small client and server buffers 80$ssltest -server_auth -client_auth -c_small_records -s_small_records $CA $extra || exit 1 81 82echo test sslv2/sslv3 with both client and server authentication and handshake cutthrough 83$ssltest -server_auth -client_auth -cutthrough $CA $extra || exit 1 84 85echo test sslv2 via BIO pair 86$ssltest -bio_pair -ssl2 $extra || exit 1 87 88echo test sslv2 with server authentication via BIO pair 89$ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1 90 91if [ $dsa_cert = NO ]; then 92 echo test sslv2 with client authentication via BIO pair 93 $ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1 94 95 echo test sslv2 with both client and server authentication via BIO pair 96 $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1 97fi 98 99echo test sslv3 via BIO pair 100$ssltest -bio_pair -ssl3 $extra || exit 1 101 102echo test sslv3 with server authentication via BIO pair 103$ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1 104 105echo test sslv3 with client authentication via BIO pair 106$ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1 107 108echo test sslv3 with both client and server authentication via BIO pair 109$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1 110 111echo test sslv2/sslv3 via BIO pair 112$ssltest $extra || exit 1 113 114if [ $dsa_cert = NO ]; then 115 echo test sslv2/sslv3 w/o DHE via BIO pair 116 $ssltest -bio_pair -no_dhe $extra || exit 1 117fi 118 119echo test sslv2/sslv3 with 1024bit DHE via BIO pair 120$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1 121 122echo test sslv2/sslv3 with server authentication 123$ssltest -bio_pair -server_auth $CA $extra || exit 1 124 125echo test sslv2/sslv3 with client authentication via BIO pair 126$ssltest -bio_pair -client_auth $CA $extra || exit 1 127 128echo test sslv2/sslv3 with both client and server authentication via BIO pair 129$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1 130 131echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify 132$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1 133 134############################################################################# 135 136if [ `adb shell /system/bin/openssl no-dh` = no-dh ]; then 137 echo skipping anonymous DH tests 138else 139 echo test tls1 with 1024bit anonymous DH, multiple handshakes 140 $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1 141fi 142 143if [ `adb shell /system/bin/openssl no-rsa` = no-dh ]; then 144 echo skipping RSA tests 145else 146 echo test tls1 with 1024bit RSA, no DHE, multiple handshakes 147 adb shell /system/bin/ssltest -v -bio_pair -tls1 -cert /sdcard/android.testssl/server2.pem -no_dhe -num 10 -f -time $extra || exit 1 148 149 if [ `adb shell /system/bin/openssl no-dh` = no-dh ]; then 150 echo skipping RSA+DHE tests 151 else 152 echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes 153 adb shell /system/bin/ssltest -v -bio_pair -tls1 -cert /sdcard/android.testssl/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1 154 fi 155fi 156 157echo test tls1 with PSK 158$ssltest -tls1 -cipher PSK -psk abc123 $extra || exit 1 159 160echo test tls1 with PSK via BIO pair 161$ssltest -bio_pair -tls1 -cipher PSK -psk abc123 $extra || exit 1 162 163exit 0 164