1 #!/bin/sh 2 3 if [ "$1" = "" ]; then 4 key=../apps/server.pem 5 else 6 key="$1" 7 fi 8 if [ "$2" = "" ]; then 9 cert=../apps/server.pem 10 else 11 cert="$2" 12 fi 13 ssltest="adb shell /system/bin/ssltest -key $key -cert $cert -c_key $key -c_cert $cert" 14 15 if adb shell /system/bin/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then 16 dsa_cert=YES 17 else 18 dsa_cert=NO 19 fi 20 21 if [ "$3" = "" ]; then 22 CA="-CApath ../certs" 23 else 24 CA="-CAfile $3" 25 fi 26 27 if [ "$4" = "" ]; then 28 extra="" 29 else 30 extra="$4" 31 fi 32 33 ############################################################################# 34 35 echo test sslv2 36 $ssltest -ssl2 $extra || exit 1 37 38 echo test sslv2 with server authentication 39 $ssltest -ssl2 -server_auth $CA $extra || exit 1 40 41 if [ $dsa_cert = NO ]; then 42 echo test sslv2 with client authentication 43 $ssltest -ssl2 -client_auth $CA $extra || exit 1 44 45 echo test sslv2 with both client and server authentication 46 $ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1 47 fi 48 49 echo test sslv3 50 $ssltest -ssl3 $extra || exit 1 51 52 echo test sslv3 with server authentication 53 $ssltest -ssl3 -server_auth $CA $extra || exit 1 54 55 echo test sslv3 with client authentication 56 $ssltest -ssl3 -client_auth $CA $extra || exit 1 57 58 echo test sslv3 with both client and server authentication 59 $ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1 60 61 echo test sslv2/sslv3 62 $ssltest $extra || exit 1 63 64 echo test sslv2/sslv3 with server authentication 65 $ssltest -server_auth $CA $extra || exit 1 66 67 echo test sslv2/sslv3 with client authentication 68 $ssltest -client_auth $CA $extra || exit 1 69 70 echo test sslv2/sslv3 with both client and server authentication 71 $ssltest -server_auth -client_auth $CA $extra || exit 1 72 73 echo test sslv2/sslv3 with both client and server authentication and small client buffers 74 $ssltest -server_auth -client_auth -c_small_records $CA $extra || exit 1 75 76 echo test sslv2/sslv3 with both client and server authentication and small server buffers 77 $ssltest -server_auth -client_auth -s_small_records $CA $extra || exit 1 78 79 echo test sslv2/sslv3 with both client and server authentication and small client and server buffers 80 $ssltest -server_auth -client_auth -c_small_records -s_small_records $CA $extra || exit 1 81 82 echo test sslv2/sslv3 with both client and server authentication and handshake cutthrough 83 $ssltest -server_auth -client_auth -cutthrough $CA $extra || exit 1 84 85 echo test sslv2 via BIO pair 86 $ssltest -bio_pair -ssl2 $extra || exit 1 87 88 echo test sslv2 with server authentication via BIO pair 89 $ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1 90 91 if [ $dsa_cert = NO ]; then 92 echo test sslv2 with client authentication via BIO pair 93 $ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1 94 95 echo test sslv2 with both client and server authentication via BIO pair 96 $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1 97 fi 98 99 echo test sslv3 via BIO pair 100 $ssltest -bio_pair -ssl3 $extra || exit 1 101 102 echo test sslv3 with server authentication via BIO pair 103 $ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1 104 105 echo test sslv3 with client authentication via BIO pair 106 $ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1 107 108 echo test sslv3 with both client and server authentication via BIO pair 109 $ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1 110 111 echo test sslv2/sslv3 via BIO pair 112 $ssltest $extra || exit 1 113 114 if [ $dsa_cert = NO ]; then 115 echo 'test sslv2/sslv3 w/o (EC)DHE via BIO pair' 116 $ssltest -bio_pair -no_dhe -no_ecdhe $extra || exit 1 117 fi 118 119 echo test sslv2/sslv3 with 1024bit DHE via BIO pair 120 $ssltest -bio_pair -dhe1024dsa -v $extra || exit 1 121 122 echo test sslv2/sslv3 with server authentication 123 $ssltest -bio_pair -server_auth $CA $extra || exit 1 124 125 echo test sslv2/sslv3 with client authentication via BIO pair 126 $ssltest -bio_pair -client_auth $CA $extra || exit 1 127 128 echo test sslv2/sslv3 with both client and server authentication via BIO pair 129 $ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1 130 131 echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify 132 $ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1 133 134 ############################################################################# 135 136 if [ `adb shell /system/bin/openssl no-dh` = no-dh ]; then 137 echo skipping anonymous DH tests 138 else 139 echo test tls1 with 1024bit anonymous DH, multiple handshakes 140 $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1 141 fi 142 143 if [ `adb shell /system/bin/openssl no-rsa` = no-dh ]; then 144 echo skipping RSA tests 145 else 146 echo 'test tls1 with 1024bit RSA, no (EC)DHE, multiple handshakes' 147 adb shell /system/bin/ssltest -v -bio_pair -tls1 -cert /sdcard/android.testssl/server2.pem -no_dhe -no_ecdhe -num 10 -f -time $extra || exit 1 148 149 if [ `adb shell /system/bin/openssl no-dh` = no-dh ]; then 150 echo skipping RSA+DHE tests 151 else 152 echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes 153 adb shell /system/bin/ssltest -v -bio_pair -tls1 -cert /sdcard/android.testssl/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1 154 fi 155 fi 156 157 echo test tls1 with PSK 158 $ssltest -tls1 -cipher PSK -psk abc123 $extra || exit 1 159 160 echo test tls1 with PSK via BIO pair 161 $ssltest -bio_pair -tls1 -cipher PSK -psk abc123 $extra || exit 1 162 163 if adb shell /system/bin/openssl no-srp; then 164 echo skipping SRP tests 165 else 166 echo test tls1 with SRP 167 $ssltest -tls1 -cipher SRP -srpuser test -srppass abc123 168 169 echo test tls1 with SRP via BIO pair 170 $ssltest -bio_pair -tls1 -cipher SRP -srpuser test -srppass abc123 171 fi 172 173 exit 0 174
