testssl revision a69b00f3432cbf516436c5cecdd177d14f3c4a5a 
1#!/bin/sh
2
3if [ "$1" = "" ]; then
4  key=../apps/server.pem
5else
6  key="$1"
7fi
8if [ "$2" = "" ]; then
9  cert=../apps/server.pem
10else
11  cert="$2"
12fi
13ssltest="adb shell /system/bin/ssltest -key $key -cert $cert -c_key $key -c_cert $cert"
14
15if adb shell /system/bin/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
16  dsa_cert=YES
17else
18  dsa_cert=NO
19fi
20
21if [ "$3" = "" ]; then
22  CA="-CApath ../certs"
23else
24  CA="-CAfile $3"
25fi
26
27if [ "$4" = "" ]; then
28  extra=""
29else
30  extra="$4"
31fi
32
33#############################################################################
34
35echo test sslv2
36$ssltest -ssl2 $extra || exit 1
37
38echo test sslv2 with server authentication
39$ssltest -ssl2 -server_auth $CA $extra || exit 1
40
41if [ $dsa_cert = NO ]; then
42  echo test sslv2 with client authentication
43  $ssltest -ssl2 -client_auth $CA $extra || exit 1
44
45  echo test sslv2 with both client and server authentication
46  $ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1
47fi
48
49echo test sslv3
50$ssltest -ssl3 $extra || exit 1
51
52echo test sslv3 with server authentication
53$ssltest -ssl3 -server_auth $CA $extra || exit 1
54
55echo test sslv3 with client authentication
56$ssltest -ssl3 -client_auth $CA $extra || exit 1
57
58echo test sslv3 with both client and server authentication
59$ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1
60
61echo test sslv2/sslv3
62$ssltest $extra || exit 1
63
64echo test sslv2/sslv3 with server authentication
65$ssltest -server_auth $CA $extra || exit 1
66
67echo test sslv2/sslv3 with client authentication
68$ssltest -client_auth $CA $extra || exit 1
69
70echo test sslv2/sslv3 with both client and server authentication
71$ssltest -server_auth -client_auth $CA $extra || exit 1
72
73echo test sslv2/sslv3 with both client and server authentication and small client buffers
74$ssltest -server_auth -client_auth -c_small_records $CA $extra || exit 1
75
76echo test sslv2/sslv3 with both client and server authentication and small server buffers
77$ssltest -server_auth -client_auth -s_small_records $CA $extra || exit 1
78
79echo test sslv2/sslv3 with both client and server authentication and small client and server buffers
80$ssltest -server_auth -client_auth -c_small_records -s_small_records $CA $extra || exit 1
81
82
83echo test sslv2 via BIO pair
84$ssltest -bio_pair -ssl2 $extra || exit 1
85
86echo test sslv2 with server authentication via BIO pair
87$ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1
88
89if [ $dsa_cert = NO ]; then
90  echo test sslv2 with client authentication via BIO pair
91  $ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1
92
93  echo test sslv2 with both client and server authentication via BIO pair
94  $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1
95fi
96
97echo test sslv3 via BIO pair
98$ssltest -bio_pair -ssl3 $extra || exit 1
99
100echo test sslv3 with server authentication via BIO pair
101$ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1
102
103echo test sslv3 with client authentication via BIO pair
104$ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1
105
106echo test sslv3 with both client and server authentication via BIO pair
107$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1
108
109echo test sslv2/sslv3 via BIO pair
110$ssltest $extra || exit 1
111
112if [ $dsa_cert = NO ]; then
113  echo test sslv2/sslv3 w/o DHE via BIO pair
114  $ssltest -bio_pair -no_dhe $extra || exit 1
115fi
116
117echo test sslv2/sslv3 with 1024bit DHE via BIO pair
118$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
119
120echo test sslv2/sslv3 with server authentication
121$ssltest -bio_pair -server_auth $CA $extra || exit 1
122
123echo test sslv2/sslv3 with client authentication via BIO pair
124$ssltest -bio_pair -client_auth $CA $extra || exit 1
125
126echo test sslv2/sslv3 with both client and server authentication via BIO pair
127$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
128
129echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
130$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
131
132#############################################################################
133
134if [ `adb shell /system/bin/openssl no-dh` = no-dh ]; then
135  echo skipping anonymous DH tests
136else
137  echo test tls1 with 1024bit anonymous DH, multiple handshakes
138  $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
139fi
140
141if [ `adb shell /system/bin/openssl no-rsa` = no-dh ]; then
142  echo skipping RSA tests
143else
144  echo test tls1 with 1024bit RSA, no DHE, multiple handshakes
145  adb shell /system/bin/ssltest -v -bio_pair -tls1 -cert /mnt/sdcard/android.testssl/server2.pem -no_dhe -num 10 -f -time $extra || exit 1
146
147  if [ `adb shell /system/bin/openssl no-dh` = no-dh ]; then
148    echo skipping RSA+DHE tests
149  else
150    echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
151    adb shell /system/bin/ssltest -v -bio_pair -tls1 -cert /mnt/sdcard/android.testssl/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
152  fi
153fi
154
155exit 0
156