Initial Commit

2017-02-25 23:55:24 +01:00
commit 1fe2e8ab62
4868 changed files with 1487355 additions and 0 deletions
--- a/openssl-1.0.2f/test/cms-examples.pl
+++ b/openssl-1.0.2f/test/cms-examples.pl
@@ -0,0 +1,409 @@
+# test/cms-examples.pl
+# Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+# project.
+#
+# ====================================================================
+# Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in
+#    the documentation and/or other materials provided with the
+#    distribution.
+#
+# 3. All advertising materials mentioning features or use of this
+#    software must display the following acknowledgment:
+#    "This product includes software developed by the OpenSSL Project
+#    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+#
+# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+#    endorse or promote products derived from this software without
+#    prior written permission. For written permission, please contact
+#    licensing@OpenSSL.org.
+#
+# 5. Products derived from this software may not be called "OpenSSL"
+#    nor may "OpenSSL" appear in their names without prior written
+#    permission of the OpenSSL Project.
+#
+# 6. Redistributions of any form whatsoever must retain the following
+#    acknowledgment:
+#    "This product includes software developed by the OpenSSL Project
+#    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+#
+# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+# OF THE POSSIBILITY OF SUCH DAMAGE.
+# ====================================================================
+
+# Perl script to run tests against S/MIME examples in RFC4134
+# Assumes RFC is in current directory and called "rfc4134.txt"
+
+use MIME::Base64;
+
+my $badttest = 0;
+my $verbose  = 1;
+
+my $cmscmd;
+my $exdir  = "./";
+my $exfile = "./rfc4134.txt";
+
+if (-f "../apps/openssl")
+	{
+	$cmscmd = "../util/shlib_wrap.sh ../apps/openssl cms";
+	}
+elsif (-f "..\\out32dll\\openssl.exe")
+	{
+	$cmscmd = "..\\out32dll\\openssl.exe cms";
+	}
+elsif (-f "..\\out32\\openssl.exe")
+	{
+	$cmscmd = "..\\out32\\openssl.exe cms";
+	}
+
+my @test_list = (
+    [ "3.1.bin"  => "dataout" ],
+    [ "3.2.bin"  => "encode, dataout" ],
+    [ "4.1.bin"  => "encode, verifyder, cont, dss" ],
+    [ "4.2.bin"  => "encode, verifyder, cont, rsa" ],
+    [ "4.3.bin"  => "encode, verifyder, cont_extern, dss" ],
+    [ "4.4.bin"  => "encode, verifyder, cont, dss" ],
+    [ "4.5.bin"  => "verifyder, cont, rsa" ],
+    [ "4.6.bin"  => "encode, verifyder, cont, dss" ],
+    [ "4.7.bin"  => "encode, verifyder, cont, dss" ],
+    [ "4.8.eml"  => "verifymime, dss" ],
+    [ "4.9.eml"  => "verifymime, dss" ],
+    [ "4.10.bin" => "encode, verifyder, cont, dss" ],
+    [ "4.11.bin" => "encode, certsout" ],
+    [ "5.1.bin"  => "encode, envelopeder, cont" ],
+    [ "5.2.bin"  => "encode, envelopeder, cont" ],
+    [ "5.3.eml"  => "envelopemime, cont" ],
+    [ "6.0.bin"  => "encode, digest, cont" ],
+    [ "7.1.bin"  => "encode, encrypted, cont" ],
+    [ "7.2.bin"  => "encode, encrypted, cont" ]
+);
+
+# Extract examples from RFC4134 text.
+# Base64 decode all examples, certificates and
+# private keys are converted to PEM format.
+
+my ( $filename, $data );
+
+my @cleanup = ( "cms.out", "cms.err", "tmp.der", "tmp.txt" );
+
+$data = "";
+
+open( IN, $exfile ) || die "Can't Open RFC examples file $exfile";
+
+while (<IN>) {
+    next unless (/^\|/);
+    s/^\|//;
+    next if (/^\*/);
+    if (/^>(.*)$/) {
+        $filename = $1;
+        next;
+    }
+    if (/^</) {
+        $filename = "$exdir/$filename";
+        if ( $filename =~ /\.bin$/ || $filename =~ /\.eml$/ ) {
+            $data = decode_base64($data);
+            open OUT, ">$filename";
+            binmode OUT;
+            print OUT $data;
+            close OUT;
+            push @cleanup, $filename;
+        }
+        elsif ( $filename =~ /\.cer$/ ) {
+            write_pem( $filename, "CERTIFICATE", $data );
+        }
+        elsif ( $filename =~ /\.pri$/ ) {
+            write_pem( $filename, "PRIVATE KEY", $data );
+        }
+        $data     = "";
+        $filename = "";
+    }
+    else {
+        $data .= $_;
+    }
+
+}
+
+my $secretkey =
+  "73:7c:79:1f:25:ea:d0:e0:46:29:25:43:52:f7:dc:62:91:e5:cb:26:91:7a:da:32";
+
+foreach (@test_list) {
+    my ( $file, $tlist ) = @$_;
+    print "Example file $file:\n";
+    if ( $tlist =~ /encode/ ) {
+        run_reencode_test( $exdir, $file );
+    }
+    if ( $tlist =~ /certsout/ ) {
+        run_certsout_test( $exdir, $file );
+    }
+    if ( $tlist =~ /dataout/ ) {
+        run_dataout_test( $exdir, $file );
+    }
+    if ( $tlist =~ /verify/ ) {
+        run_verify_test( $exdir, $tlist, $file );
+    }
+    if ( $tlist =~ /digest/ ) {
+        run_digest_test( $exdir, $tlist, $file );
+    }
+    if ( $tlist =~ /encrypted/ ) {
+        run_encrypted_test( $exdir, $tlist, $file, $secretkey );
+    }
+    if ( $tlist =~ /envelope/ ) {
+        run_envelope_test( $exdir, $tlist, $file );
+    }
+
+}
+
+foreach (@cleanup) {
+    unlink $_;
+}
+
+if ($badtest) {
+    print "\n$badtest TESTS FAILED!!\n";
+}
+else {
+    print "\n***All tests successful***\n";
+}
+
+sub write_pem {
+    my ( $filename, $str, $data ) = @_;
+
+    $filename =~ s/\.[^.]*$/.pem/;
+
+    push @cleanup, $filename;
+
+    open OUT, ">$filename";
+
+    print OUT "-----BEGIN $str-----\n";
+    print OUT $data;
+    print OUT "-----END $str-----\n";
+
+    close OUT;
+}
+
+sub run_reencode_test {
+    my ( $cmsdir, $tfile ) = @_;
+    unlink "tmp.der";
+
+    system( "$cmscmd -cmsout -inform DER -outform DER"
+          . " -in $cmsdir/$tfile -out tmp.der" );
+
+    if ($?) {
+        print "\tReencode command FAILED!!\n";
+        $badtest++;
+    }
+    elsif ( !cmp_files( "$cmsdir/$tfile", "tmp.der" ) ) {
+        print "\tReencode FAILED!!\n";
+        $badtest++;
+    }
+    else {
+        print "\tReencode passed\n" if $verbose;
+    }
+}
+
+sub run_certsout_test {
+    my ( $cmsdir, $tfile ) = @_;
+    unlink "tmp.der";
+    unlink "tmp.pem";
+
+    system( "$cmscmd -cmsout -inform DER -certsout tmp.pem"
+          . " -in $cmsdir/$tfile -out tmp.der" );
+
+    if ($?) {
+        print "\tCertificate output command FAILED!!\n";
+        $badtest++;
+    }
+    else {
+        print "\tCertificate output passed\n" if $verbose;
+    }
+}
+
+sub run_dataout_test {
+    my ( $cmsdir, $tfile ) = @_;
+    unlink "tmp.txt";
+
+    system(
+        "$cmscmd -data_out -inform DER" . " -in $cmsdir/$tfile -out tmp.txt" );
+
+    if ($?) {
+        print "\tDataout command FAILED!!\n";
+        $badtest++;
+    }
+    elsif ( !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) ) {
+        print "\tDataout compare FAILED!!\n";
+        $badtest++;
+    }
+    else {
+        print "\tDataout passed\n" if $verbose;
+    }
+}
+
+sub run_verify_test {
+    my ( $cmsdir, $tlist, $tfile ) = @_;
+    unlink "tmp.txt";
+
+    $form   = "DER"                     if $tlist =~ /verifyder/;
+    $form   = "SMIME"                   if $tlist =~ /verifymime/;
+    $cafile = "$cmsdir/CarlDSSSelf.pem" if $tlist =~ /dss/;
+    $cafile = "$cmsdir/CarlRSASelf.pem" if $tlist =~ /rsa/;
+
+    $cmd =
+        "$cmscmd -verify -inform $form"
+      . " -CAfile $cafile"
+      . " -in $cmsdir/$tfile -out tmp.txt";
+
+    $cmd .= " -content $cmsdir/ExContent.bin" if $tlist =~ /cont_extern/;
+
+    system("$cmd 2>cms.err 1>cms.out");
+
+    if ($?) {
+        print "\tVerify command FAILED!!\n";
+        $badtest++;
+    }
+    elsif ( $tlist =~ /cont/
+        && !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
+    {
+        print "\tVerify content compare FAILED!!\n";
+        $badtest++;
+    }
+    else {
+        print "\tVerify passed\n" if $verbose;
+    }
+}
+
+sub run_envelope_test {
+    my ( $cmsdir, $tlist, $tfile ) = @_;
+    unlink "tmp.txt";
+
+    $form = "DER"   if $tlist =~ /envelopeder/;
+    $form = "SMIME" if $tlist =~ /envelopemime/;
+
+    $cmd =
+        "$cmscmd -decrypt -inform $form"
+      . " -recip $cmsdir/BobRSASignByCarl.pem"
+      . " -inkey $cmsdir/BobPrivRSAEncrypt.pem"
+      . " -in $cmsdir/$tfile -out tmp.txt";
+
+    system("$cmd 2>cms.err 1>cms.out");
+
+    if ($?) {
+        print "\tDecrypt command FAILED!!\n";
+        $badtest++;
+    }
+    elsif ( $tlist =~ /cont/
+        && !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
+    {
+        print "\tDecrypt content compare FAILED!!\n";
+        $badtest++;
+    }
+    else {
+        print "\tDecrypt passed\n" if $verbose;
+    }
+}
+
+sub run_digest_test {
+    my ( $cmsdir, $tlist, $tfile ) = @_;
+    unlink "tmp.txt";
+
+    my $cmd =
+      "$cmscmd -digest_verify -inform DER" . " -in $cmsdir/$tfile -out tmp.txt";
+
+    system("$cmd 2>cms.err 1>cms.out");
+
+    if ($?) {
+        print "\tDigest verify command FAILED!!\n";
+        $badtest++;
+    }
+    elsif ( $tlist =~ /cont/
+        && !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
+    {
+        print "\tDigest verify content compare FAILED!!\n";
+        $badtest++;
+    }
+    else {
+        print "\tDigest verify passed\n" if $verbose;
+    }
+}
+
+sub run_encrypted_test {
+    my ( $cmsdir, $tlist, $tfile, $key ) = @_;
+    unlink "tmp.txt";
+
+    system( "$cmscmd -EncryptedData_decrypt -inform DER"
+          . " -secretkey $key"
+          . " -in $cmsdir/$tfile -out tmp.txt" );
+
+    if ($?) {
+        print "\tEncrypted Data command FAILED!!\n";
+        $badtest++;
+    }
+    elsif ( $tlist =~ /cont/
+        && !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
+    {
+        print "\tEncrypted Data content compare FAILED!!\n";
+        $badtest++;
+    }
+    else {
+        print "\tEncryptedData verify passed\n" if $verbose;
+    }
+}
+
+sub cmp_files {
+    my ( $f1, $f2 ) = @_;
+    my ( $fp1, $fp2 );
+
+    my ( $rd1, $rd2 );
+
+    if ( !open( $fp1, "<$f1" ) ) {
+        print STDERR "Can't Open file $f1\n";
+        return 0;
+    }
+
+    if ( !open( $fp2, "<$f2" ) ) {
+        print STDERR "Can't Open file $f2\n";
+        return 0;
+    }
+
+    binmode $fp1;
+    binmode $fp2;
+
+    my $ret = 0;
+
+    for ( ; ; ) {
+        $n1 = sysread $fp1, $rd1, 4096;
+        $n2 = sysread $fp2, $rd2, 4096;
+        last if ( $n1 != $n2 );
+        last if ( $rd1 ne $rd2 );
+
+        if ( $n1 == 0 ) {
+            $ret = 1;
+            last;
+        }
+
+    }
+
+    close $fp1;
+    close $fp2;
+
+    return $ret;
+
+}
+