OpenSSL self-test report:

OpenSSL version: 0.9.8a
Last change: Remove the functionality of
SSL_OP_MSIE_SSLV2_RSA_PADDI...
Options: --prefix=/usr/local no-asm no-gmp no-krb5 no-mdc2 no-
rc5 no-shared no-zlib no-zlib-dynamic
OS (uname): SunOS caliban 5.9 Generic_118558-21 sun4u sparc
SUNW,Sun-Fire-V890
OS (config): sun4u-whatever-solaris2
Target (default): solaris-sparcv9-cc
Target: solaris-sparcv9-cc
Compiler: cc: Sun C 5.8 2005/10/13

Failure!
------------------------------------------------------------------------
-----
making all in crypto...
making all in crypto/objects...
making all in crypto/md2...
making all in crypto/md4...
making all in crypto/md5...
making all in crypto/sha...
making all in crypto/hmac...
making all in crypto/ripemd...
making all in crypto/des...
making all in crypto/aes...
making all in crypto/rc2...
making all in crypto/rc4...
making all in crypto/idea...
making all in crypto/bf...
making all in crypto/cast...
making all in crypto/bn...
making all in crypto/ec...
making all in crypto/rsa...
making all in crypto/dsa...
making all in crypto/ecdsa...
making all in crypto/dh...
making all in crypto/ecdh...
making all in crypto/dso...
making all in crypto/engine...
making all in crypto/buffer...
making all in crypto/bio...
making all in crypto/stack...
making all in crypto/lhash...
making all in crypto/rand...
making all in crypto/err...
making all in crypto/evp...
making all in crypto/asn1...
making all in crypto/pem...
making all in crypto/x509...
making all in crypto/x509v3...
making all in crypto/conf...
making all in crypto/txt_db...
making all in crypto/pkcs7...
making all in crypto/pkcs12...
making all in crypto/comp...
making all in crypto/ocsp...
making all in crypto/ui...
making all in crypto/krb5...
making all in crypto/store...
making all in crypto/pqueue...
if [ -n "" ]; then \
(cd ..; make libcrypto.so.0.9.8); \
fi
making all in ssl...
if [ -n "" ]; then \
(cd ..; make libssl.so.0.9.8); \
fi
making all in engines...
making all in apps...
making all in test...
making all in tools...
------------------------------------------------------------------------
-----
testing...
making all in crypto...
making all in crypto/objects...
making all in crypto/md2...
making all in crypto/md4...
making all in crypto/md5...
making all in crypto/sha...
making all in crypto/hmac...
making all in crypto/ripemd...
making all in crypto/des...
making all in crypto/aes...
making all in crypto/rc2...
making all in crypto/rc4...
making all in crypto/idea...
making all in crypto/bf...
making all in crypto/cast...
making all in crypto/bn...
making all in crypto/ec...
making all in crypto/rsa...
making all in crypto/dsa...
making all in crypto/ecdsa...
making all in crypto/dh...
making all in crypto/ecdh...
making all in crypto/dso...
making all in crypto/engine...
making all in crypto/buffer...
making all in crypto/bio...
making all in crypto/stack...
making all in crypto/lhash...
making all in crypto/rand...
making all in crypto/err...
making all in crypto/evp...
making all in crypto/asn1...
making all in crypto/pem...
making all in crypto/x509...
making all in crypto/x509v3...
making all in crypto/conf...
making all in crypto/txt_db...
making all in crypto/pkcs7...
making all in crypto/pkcs12...
making all in crypto/comp...
making all in crypto/ocsp...
making all in crypto/ui...
making all in crypto/krb5...
making all in crypto/store...
making all in crypto/pqueue...
if [ -n "" ]; then \
(cd ..; make libcrypto.so.0.9.8); \
fi
making all in ssl...
if [ -n "" ]; then \
(cd ..; make libssl.so.0.9.8); \
fi
making all in engines...
making all in apps...
making all in test...
making all in tools...
.../util/shlib_wrap.sh ./destest
Doing cbcm
Doing ecb
Doing ede ecb
Doing cbc
Doing desx cbc
Doing ede cbc
Doing pcbc
Doing cfb8 cfb16 cfb32 cfb48 cfb64 cfb64() ede_cfb64() done
Doing ofb
Doing ofb64
Doing ede_ofb64
Doing cbc_cksum
Doing quad_cksum
input word alignment test 0 1 2 3
output word alignment test 0 1 2 3
fast crypt test
.../util/shlib_wrap.sh ./ideatest
ecb idea ok
cbc idea ok
cfb64 idea ok
.../util/shlib_wrap.sh ./shatest
test 1 ok
test 2 ok
test 3 ok
.../util/shlib_wrap.sh ./sha1test
test 1 ok
test 2 ok
test 3 ok
.../util/shlib_wrap.sh ./sha256t
Testing SHA-256 ... passed.
Testing SHA-224 ... passed.
.../util/shlib_wrap.sh ./sha512t
Testing SHA-512 ... passed.
Testing SHA-384 ... passed.
.../util/shlib_wrap.sh ./md4test
test 1 ok
test 2 ok
test 3 ok
test 4 ok
test 5 ok
test 6 ok
test 7 ok
.../util/shlib_wrap.sh ./md5test
test 1 ok
test 2 ok
test 3 ok
test 4 ok
test 5 ok
test 6 ok
test 7 ok
.../util/shlib_wrap.sh ./hmactest
test 0 ok
test 1 ok
test 2 ok
test 3 ok
.../util/shlib_wrap.sh ./md2test
test 1 ok
test 2 ok
test 3 ok
test 4 ok
test 5 ok
test 6 ok
test 7 ok
.../util/shlib_wrap.sh ./mdc2test
No MDC2 support
.../util/shlib_wrap.sh ./rmdtest
test 1 ok
test 2 ok
test 3 ok
test 4 ok
test 5 ok
test 6 ok
test 7 ok
test 8 ok
.../util/shlib_wrap.sh ./rc2test
ecb RC2 ok
.../util/shlib_wrap.sh ./rc4test
test 0 ok
test 1 ok
test 2 ok
test 3 ok
test 4 ok
test 5 ok
test end processing ....................done
test multi-call ....................done
bulk test ok
.../util/shlib_wrap.sh ./rc5test
No RC5 support
.../util/shlib_wrap.sh ./bftest
testing blowfish in raw ecb mode
testing blowfish in ecb mode
testing blowfish set_key
testing blowfish in cbc mode
testing blowfish in cfb64 mode
testing blowfish in ofb64
.../util/shlib_wrap.sh ./casttest
ecb cast5 ok
This test will take some time....123456789ABCDEF ok
.../util/shlib_wrap.sh ./randtest
test 1 done
test 2 done
test 3 done
test 4 done
starting big number library test, could take a while...
test BN_add
test BN_sub
test BN_lshift1
test BN_lshift (fixed)
test BN_lshift
test BN_rshift1
test BN_rshift
test BN_sqr
test BN_mul
test BN_div
test BN_div_word
test BN_div_recp
test BN_mod
test BN_mod_mul
test BN_mont
test BN_mod_exp
test BN_mod_exp_mont_consttime
test BN_exp
test BN_kronecker
......................................++++++
.................................................. .......................
.............................
test BN_mod_sqrt
......
......
......
......
......
......
......
......
.....++++++++++++
......
...................++++++++++++
......
..++++++++++++
......
...............++++++++++++
......
...........++++++++++++
......
..++++++++++++
......
........++++++++++++
......
....++++++++++++
......
test BN_GF2m_add
test BN_GF2m_mod
test BN_GF2m_mod_mul
test BN_GF2m_mod_sqr
test BN_GF2m_mod_inv
test BN_GF2m_mod_div
test BN_GF2m_mod_exp
test BN_GF2m_mod_sqrt
test BN_GF2m_mod_solve_quad
running bc
bc does not work properly ('SunOStest' failed). Looking for another
bc ...
/bin/bc does not work properly ('SunOStest' failed). Looking for
another bc ...
/usr/bin/bc does not work properly ('SunOStest' failed). Looking for
another bc ...
No working bc found. Consider installing GNU bc.

0 tests passed
test a^b%c implementations
.../util/shlib_wrap.sh ./exptest
.................................................. .......................
.................................................. .......................
.................................................. ....... done
test elliptic curves
.../util/shlib_wrap.sh ./ectest
Curve defined by Weierstrass equation
y^2 = x^3 + a*x + b (mod 0x17)
a = 0x1
b = 0x1
A cyclic subgroup:
point at infinity
x = 0xD, y = 0x7
x = 0x5, y = 0x4
x = 0x11, y = 0x3
x = 0x11, y = 0x14
x = 0x5, y = 0x13
x = 0xD, y = 0x10
Generator as octect string, compressed form:
030D
Generator as octect string, uncompressed form:
040D07
Generator as octect string, hybrid form:
070D07
A representation of the inverse of that generator in
Jacobian projective coordinates:
X = 0xC, Y = 0xF, Z = 0xA

SEC2 curve secp160r1 -- Generator:
x = 0x4A96B5688EF573284664698968C38BB913CBFC82
y = 0x23A628553168947D59DCC912042351377AC5FB32
verify degree ... ok
verify group order .... ok

NIST curve P-192 -- Generator:
x = 0x188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012
y = 0x7192B95FFC8DA78631011ED6B24CDD573F977A11E794811
verify degree ... ok
verify group order .... ok

NIST curve P-224 -- Generator:
x = 0xB70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6 115C1D21
y = 0xBD376388B5F723FB4C22DFE6CD4375A05A07476444D58199 85007E34
verify degree ... ok
verify group order .... ok

NIST curve P-256 -- Generator:
x =
0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0 F4A13945D898C296
y =
0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECE CBB6406837BF51F5
verify degree ... ok
verify group order .... ok

NIST curve P-384 -- Generator:
x =
0xAA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B98 59F741E082542A385502F2
5DBF55296C3A545E3872760AB7
y =
0x3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147C E9DA3113B5F0B8C00A60B1
CE1D7E819D7A431D7C90EA0E5F
verify degree ... ok
verify group order .... ok

NIST curve P-521 -- Generator:
x =
0xC6858E06B70404E9CD9E3ECB662395B4429C648139053FB5 21F828AF606B4D3DBAA14B
5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E 31C2E5BD66
y =
0x11839296A789A3BC0045C8A5FB42C7D1BD998F54449579B4 46817AFBD17273E662C97E
E72995EF42640C550B9013FAD0761353C7086A272C24088BE9 4769FD16650
verify degree ... ok
verify group order .... ok
combined multiplication ..... ok


Curve defined by Weierstrass equation
y^2 + x*y = x^3 + a*x^2 + b (mod 0x13)
a = 0x3
b = 0x1
(0x... means binary polynomial)
A cyclic subgroup:
point at infinity
x = 0x6, y = 0x8
x = 0x1, y = 0xD
x = 0x7, y = 0x2
x = 0x0, y = 0x1
x = 0x7, y = 0x5
x = 0x1, y = 0xC
x = 0x6, y = 0xE

Generator as octet string, uncompressed form:
040608

NIST curve K-163 -- Generator:
x = 0x2FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8
y = 0x289070FB05D38FF58321F2E800536D538CCDAA3D9
verify degree ... ok
verify group order .... ok

NIST curve B-163 -- Generator:
x = 0x3F0EBA16286A2D57EA0991168D4994637E8343E36
y = 0xD51FBC6C71A0094FA2CDD545B11C5C0C797324F1
verify degree ... ok
verify group order .... ok

NIST curve K-233 -- Generator:
x = 0x17232BA853A7E731AF129F22FF4149563A419C26BF50A4C9 D6EEFAD6126
y = 0x1DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C 11056FAE6A3
verify degree ... ok
verify group order .... ok

NIST curve B-233 -- Generator:
x = 0xFAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB 7371FD558B
y = 0x1006A08A41903350678E58528BEBF8A0BEFF867A7CA36716 F7E01F81052
verify degree ... ok
verify group order .... ok

NIST curve K-283 -- Generator:
x =
0x503213F78CA44883F1A3B8162F188E553CD265F23C1567A1 6876913B0C2AC245849283
6
y =
0x1CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E 45962364E34116177DD225
9
verify degree ... ok
verify group order .... ok

NIST curve B-283 -- Generator:
x =
0x5F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C8 0E2E198F8CDBECD86B1205
3
y =
0x3676854FE24141CB98FE6D4B20D02B4516FF702350EDDB08 26779C813F0DF45BE8112F
4
verify degree ... ok
verify group order .... ok

NIST curve K-409 -- Generator:
x =
0x60F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27 ACCFB8F9F67CC2C460189E
B5AAAA62EE222EB1B35540CFE9023746
y =
0x1E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E 6325165E9EA10E3DA5F6C4
2E9C55215AA9CA27A5863EC48D8E0286B
verify degree ... ok
verify group order .... ok

NIST curve B-409 -- Generator:
x =
0x15D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB 01FFE5B34E59703DC255A8
68A1180515603AEAB60794E54BB7996A7
y =
0x61B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D01 58AA4F5488D08F38514F1F
DF4B4F40D2181B3681C364BA0273C706
verify degree ... ok
verify group order .... ok

NIST curve K-571 -- Generator:
x =
0x26EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46 024804801841CA44370958
493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174 DCA88C7E2945283A01C897
2
y =
0x349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54F FC61EFC006D8A2C9D4979C
0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C85 91984F601CD4C143EF1C7A
3
verify degree ... ok
verify group order .... ok

NIST curve B-571 -- Generator:
x =
0x303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA 5F40FC8DB7B2ABDBDE5395
0F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C 850D927E1E7769C8EEC2D1
9
y =
0x37BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1 980F8533921E8A684423E4
3BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516 E23DD3C1A4827AF1B8AC15
B
verify degree ... ok
verify group order .... ok
combined multiplication ..... ok

testing internal
curves: .................................................. ..............
.... ok
test ecdsa
.../util/shlib_wrap.sh ./ecdsatest
some tests from X9.62:
testing prime192v1: .... ok
testing prime239v1: .... ok
testing c2tnb191v1: .... ok
testing c2tnb239v1: .... ok

testing ECDSA_sign() and ECDSA_verify() with some internal curves:
secp160k1: ....... ok
secp160r1: ....... ok
secp160r2: ....... ok
secp192k1: ....... ok
secp224k1: ....... ok
secp224r1: ....... ok
secp256k1: ....... ok
secp384r1: ....... ok
secp521r1: ....... ok
prime192v1: ....... ok
prime192v2: ....... ok
prime192v3: ....... ok
prime239v1: ....... ok
prime239v2: ....... ok
prime239v3: ....... ok
prime256v1: ....... ok
sect163k1: ....... ok
sect163r1: ....... ok
sect163r2: ....... ok
sect193r1: ....... ok
sect193r2: ....... ok
sect233k1: ....... ok
sect233r1: ....... ok
sect239k1: ....... ok
sect283k1: ....... ok
sect283r1: ....... ok
sect409k1: ....... ok
sect409r1: ....... ok
sect571k1: ....... ok
sect571r1: ....... ok
c2pnb163v1: ....... ok
c2pnb163v2: ....... ok
c2pnb163v3: ....... ok
c2pnb176v1: ....... ok
c2tnb191v1: ....... ok
c2tnb191v2: ....... ok
c2tnb191v3: ....... ok
c2pnb208w1: ....... ok
c2tnb239v1: ....... ok
c2tnb239v2: ....... ok
c2tnb239v3: ....... ok
c2pnb272w1: ....... ok
c2pnb304w1: ....... ok
c2tnb359v1: ....... ok
c2pnb368w1: ....... ok
c2tnb431r1: ....... ok
wap-wsg-idm-ecid-wtls3: ....... ok
wap-wsg-idm-ecid-wtls5: ....... ok
wap-wsg-idm-ecid-wtls7: ....... ok
wap-wsg-idm-ecid-wtls9: ....... ok
wap-wsg-idm-ecid-wtls10: ....... ok
wap-wsg-idm-ecid-wtls11: ....... ok
wap-wsg-idm-ecid-wtls12: ....... ok

ECDSA test passed
test ecdh
.../util/shlib_wrap.sh ./ecdhtest
Testing key generation with NIST Prime-Curve P-192 .... ok
Testing key generation with NIST Prime-Curve P-224 .... ok
Testing key generation with NIST Prime-Curve P-256 .... ok
Testing key generation with NIST Prime-Curve P-384 .... ok
Testing key generation with NIST Prime-Curve P-521 .... ok
Testing key generation with NIST Binary-Curve K-163 .... ok
Testing key generation with NIST Binary-Curve B-163 .... ok
Testing key generation with NIST Binary-Curve K-233 .... ok
Testing key generation with NIST Binary-Curve B-233 .... ok
Testing key generation with NIST Binary-Curve K-283 .... ok
Testing key generation with NIST Binary-Curve B-283 .... ok
Testing key generation with NIST Binary-Curve K-409 .... ok
Testing key generation with NIST Binary-Curve B-409 .... ok
Testing key generation with NIST Binary-Curve K-571 .... ok
Testing key generation with NIST Binary-Curve B-571 .... ok
cat
base64
aes-128-cbc
aes-128-cbc base64
aes-128-ecb
aes-128-ecb base64
aes-192-cbc
aes-192-cbc base64
aes-192-ecb
aes-192-ecb base64
aes-256-cbc
aes-256-cbc base64
aes-256-ecb
aes-256-ecb base64
base64
base64 base64
bf
bf base64
bf-cbc
bf-cbc base64
bf-cfb
bf-cfb base64
bf-ecb
bf-ecb base64
bf-ofb
bf-ofb base64
cast
cast base64
cast-cbc
cast-cbc base64
cast5-cbc
cast5-cbc base64
cast5-cfb
cast5-cfb base64
cast5-ecb
cast5-ecb base64
cast5-ofb
cast5-ofb base64
des
des base64
des-cbc
des-cbc base64
des-cfb
des-cfb base64
des-ecb
des-ecb base64
des-ede
des-ede base64
des-ede-cbc
des-ede-cbc base64
des-ede-cfb
des-ede-cfb base64
des-ede-ofb
des-ede-ofb base64
des-ede3
des-ede3 base64
des-ede3-cbc
des-ede3-cbc base64
des-ede3-cfb
des-ede3-cfb base64
des-ede3-ofb
des-ede3-ofb base64
des-ofb
des-ofb base64
des3
des3 base64
desx
desx base64
idea
idea base64
idea-cbc
idea-cbc base64
idea-cfb
idea-cfb base64
idea-ecb
idea-ecb base64
idea-ofb
idea-ofb base64
rc2
rc2 base64
rc2-40-cbc
rc2-40-cbc base64
rc2-64-cbc
rc2-64-cbc base64
rc2-cbc
rc2-cbc base64
rc2-cfb
rc2-cfb base64
rc2-ecb
rc2-ecb base64
rc2-ofb
rc2-ofb base64
rc4
rc4 base64
rc4-40
rc4-40 base64
echo test normal x509v1 certificate
test normal x509v1 certificate
sh ./tx509 2>/dev/null
testing X509 conversions
p -> d
p -> n
p -> p
d -> d
n -> d
p -> d
d -> n
n -> n
p -> n
d -> p
n -> p
p -> p
echo test first x509v3 certificate
test first x509v3 certificate
sh ./tx509 v3-cert1.pem 2>/dev/null
testing X509 conversions
p -> d
p -> n
p -> p
d -> d
n -> d
p -> d
d -> n
n -> n
p -> n
d -> p
n -> p
p -> p
echo test second x509v3 certificate
test second x509v3 certificate
sh ./tx509 v3-cert2.pem 2>/dev/null
testing X509 conversions
p -> d
p -> n
p -> p
d -> d
n -> d
p -> d
d -> n
n -> n
p -> n
d -> p
n -> p
p -> p
rsa
testing rsa conversions
p -> d
p -> p
d -> d
p -> d
d -> p
p -> p
.../util/shlib_wrap.sh ./rsa_test
PKCS #1 v1.5 encryption/decryption ok
OAEP encryption/decryption ok
PKCS #1 v1.5 encryption/decryption ok
OAEP encryption/decryption ok
PKCS #1 v1.5 encryption/decryption ok
OAEP encryption/decryption ok
PKCS #1 v1.5 encryption/decryption ok
OAEP encryption/decryption ok
PKCS #1 v1.5 encryption/decryption ok
OAEP encryption/decryption ok
PKCS #1 v1.5 encryption/decryption ok
OAEP encryption/decryption ok
testing crl conversions
p -> d
p -> p
d -> d
p -> d
d -> p
p -> p
testing session-id conversions
p -> d
p -> p
d -> d
p -> d
d -> p
p -> p
Generate and verify a certificate request
generating certificate request
rsa
There should be a 2 sequences of .'s and some +'s.
There should not be more that at most 80 per line
This could take some time.
Generating a 512 bit RSA private key
..++++++++++++
.................++++++++++++
writing new private key to 'testkey.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a
DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
State or Province Name (full name) [Queensland]:
Locality Name (eg, city) []:Brisbane
Organization Name (eg, company) []:CryptSoft Pty Ltd
Organizational Unit Name (eg, section) []:.
Common Name (eg, YOUR name) []:Eric Young
Email Address []:eay@mincom.oz.au
verify OK
testing req conversions
p -> d
p -> p
d -> d
p -> d
d -> p
p -> p
testing req conversions
p -> d
p -> p
d -> d
p -> d
d -> p
p -> p
testing pkcs7 conversions
p -> d
p -> p
d -> d
p -> d
d -> p
p -> p
testing pkcs7 conversions (2)
p -> d
p -> p
d -> d
p -> d
d -> p
p -> p
The following command should have some OK's and some failures
There are definitly a few expired certificates
.../util/shlib_wrap.sh ../apps/openssl verify -
CApath ../certs ../certs/*.pem
.../certs/RegTP-5R.pem: /C=DE/O=Regulierungsbeh\xC8orde f\xC8ur
Telekommunikation und Post/0.2.262.1.10.7.20=1/CN=5R-CA 1:PN
error 10 at 0 depth lookup:certificate has expired
OK
.../certs/RegTP-6R.pem: /C=DE/O=Regulierungsbeh\xC8orde f\xC8ur
Telekommunikation und Post/0.2.262.1.10.7.20=1/CN=6R-Ca 1:PN
error 10 at 0 depth lookup:certificate has expired
OK
.../certs/argena.pem: OK
.../certs/argeng.pem: OK
.../certs/eng1.pem: OK
.../certs/eng2.pem: OK
.../certs/eng3.pem: OK
.../certs/eng4.pem: OK
.../certs/eng5.pem: OK
.../certs/thawteCb.pem: OK
.../certs/thawteCp.pem: OK
.../certs/vsign1.pem: OK
.../certs/vsign3.pem: OK
.../certs/vsignss.pem: OK
.../certs/wellsfgo.pem: OK
Generate a set of DH parameters
.../util/shlib_wrap.sh ./dhtest
......+..++*++*++*++*++*++*++*++*++*++*++*++*++*++ *++*++*++*++*++*++*++*+
+*++*++*++*++*++*

p =ACD823856EB361BF
g =5
pri 1=5D11E343E2F06276
pub 1=521163BEC344C34A
pri 2=7FE3CC17A59EAA59
pub 2=6DCCFE62A3853A4
key1 =67576E9729193189
key2 =67576E9729193189
Generate a set of DSA parameters
.../util/shlib_wrap.sh ./dsatest
test generation of DSA parameters
..++++++++++++++++++++++++++++++++++++++++++++++++ ++*
....+........+..+...+............+.+..+........... .......................
.........................................+++++++++ +++++++++++++++++++++++
+++++++++++++++++++*
seed
D5014E4B 60EF2BA8 B6211B40 62BA3224 E0427DD3
counter=105 h=2
P:
00:8d:f2:a4:94:49:22:76:aa:3d:25:75:9b:b0:68:
69:cb:ea:c0:d8:3a:fb:8d:0c:f7:cb:b8:32:4f:0d:
78:82:e5:d0:76:2f:c5:b7:21:0e:af:c2:e9:ad:ac:
32:ab:7a:ac:49:69:3d:fb:f8:37:24:c2:ec:07:36:
ee:31:c8:02:91
Q:
00:c7:73:21:8c:73:7e:c8:ee:99:3b:4f:2d:ed:30:
f4:8e:da:ce:91:5f
G:
62:6d:02:78:39:ea:0a:13:41:31:63:a5:5b:4c:b5:
00:29:9d:55:22:95:6c:ef:cb:3b:ff:10:f3:99:ce:
2c:2e:71:cb:9d:e5:fa:24:ba:bf:58:e5:b7:95:21:
92:5c:9c:c4:2e:9f:6f:46:4b:08:8c:c5:72:af:53:
e6:d7:88:02
.../util/shlib_wrap.sh ./dsatest -app2_1
test generation of DSA parameters
..++++++++++++++++++++++++++++++++++++++++++++++++ ++*
....+........+..+...+............+.+..+........... .......................
.........................................+++++++++ +++++++++++++++++++++++
+++++++++++++++++++*
seed
D5014E4B 60EF2BA8 B6211B40 62BA3224 E0427DD3
counter=105 h=2
P:
00:8d:f2:a4:94:49:22:76:aa:3d:25:75:9b:b0:68:
69:cb:ea:c0:d8:3a:fb:8d:0c:f7:cb:b8:32:4f:0d:
78:82:e5:d0:76:2f:c5:b7:21:0e:af:c2:e9:ad:ac:
32:ab:7a:ac:49:69:3d:fb:f8:37:24:c2:ec:07:36:
ee:31:c8:02:91
Q:
00:c7:73:21:8c:73:7e:c8:ee:99:3b:4f:2d:ed:30:
f4:8e:da:ce:91:5f
G:
62:6d:02:78:39:ea:0a:13:41:31:63:a5:5b:4c:b5:
00:29:9d:55:22:95:6c:ef:cb:3b:ff:10:f3:99:ce:
2c:2e:71:cb:9d:e5:fa:24:ba:bf:58:e5:b7:95:21:
92:5c:9c:c4:2e:9f:6f:46:4b:08:8c:c5:72:af:53:
e6:d7:88:02
Generate and certify a test certificate

make a certificate request using 'req'
rsa
Generating a 512 bit RSA private key
.....++++++++++++
...++++++++++++
writing new private key to 'keyCA.ss'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a
DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
Organization Name (eg, company) []odgy Brothers
Common Name (eg, YOUR name) []odgy CA

convert the certificate request into a self signed certificate
using 'x509'
Signature ok
subject=/C=AU/O=Dodgy Brothers/CN=Dodgy CA
Getting Private key

convert a certificate into a certificate request using 'x509'
Getting request Private Key
Generating certificate request
verify OK
verify OK
certCA.ss: OK

make a user certificate request using 'req'
Generating a 512 bit RSA private key
.....++++++++++++
.......++++++++++++
writing new private key to 'keyU.ss'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a
DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
Organization Name (eg, company) []odgy Brothers
Common Name (eg, YOUR name) []:Brother 1
Common Name (eg, YOUR name) []:Brother 2

sign user certificate request with the just created CA via 'x509'
Signature ok
subject=/C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
Getting CA Private Key
certU.ss: OK

Certificate details
subject= /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
issuer= /C=AU/O=Dodgy Brothers/CN=Dodgy CA
notBefore=Feb 10 13:41:10 2006 GMT
notAfter=Mar 12 13:41:10 2006 GMT

make a proxy certificate request using 'req'
Generating a 512 bit RSA private key
......++++++++++++
...................++++++++++++
writing new private key to 'keyP1.ss'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a
DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
Organization Name (eg, company) []odgy Brothers
Common Name (eg, YOUR name) []:Brother 1
Common Name (eg, YOUR name) []:Brother 2
Common Name (eg, YOUR name) []:Proxy 1

sign proxy certificate request with the just created user certificate
via 'x509'
Signature ok
subject=/C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Getting CA Private Key
[14:41:10] 3019 file=tasn_new.c, line=191, thread=10797, number=8,
address=0022BF30
[14:41:10] 2337 file=tasn_new.c, line=191, thread=10797, number=8,
address=001FA530
16 bytes leaked in 2 chunks
certP1.ss: /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
error 40 at 0 depth lookuproxy cerificates not allowed, please set
the appropriate flag

Certificate details
subject= /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
issuer= /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
notBefore=Feb 10 13:41:10 2006 GMT
notAfter=Mar 12 13:41:10 2006 GMT

make another proxy certificate request using 'req'
Generating a 512 bit RSA private key
.............++++++++++++
.................++++++++++++
writing new private key to 'keyP2.ss'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a
DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
Organization Name (eg, company) []odgy Brothers
Common Name (eg, YOUR name) []:Brother 1
Common Name (eg, YOUR name) []:Brother 2
Common Name (eg, YOUR name) []:Proxy 1
Common Name (eg, YOUR name) []:Proxy 2

sign second proxy certificate request with the first proxy certificate
via 'x509'
Signature ok
subject=/C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy
1/CN=Proxy 2
Getting CA Private Key
[14:41:10] 3081 file=tasn_new.c, line=191, thread=10818, number=8,
address=001FA610
[14:41:10] 2362 file=tasn_new.c, line=191, thread=10818, number=8,
address=001FA520
16 bytes leaked in 2 chunks
certP2.ss: /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy
1/CN=Proxy 2
error 40 at 0 depth lookuproxy cerificates not allowed, please set
the appropriate flag

Certificate details
subject= /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy
1/CN=Proxy 2
issuer= /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
notBefore=Feb 10 13:41:10 2006 GMT
notAfter=Mar 12 13:41:10 2006 GMT

The generated CA certificate is certCA.ss
The generated CA private key is keyCA.ss
The generated user certificate is certU.ss
The generated user private key is keyU.ss
The first generated proxy certificate is certP1.ss
The first generated proxy private key is keyP1.ss
The second generated proxy certificate is certP2.ss
The second generated proxy private key is keyP2.ss
rsa
Generate and certify a test certificate via the 'ca' program
CA certificate filename (or enter to create)
Making CA certificate ...
Generating a 512 bit RSA private key
....++++++++++++
....++++++++++++
writing new private key to './demoCA/private/./cakey.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a
DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
Organization Name (eg, company) []odgy Brothers
Common Name (eg, YOUR name) []odgy CA
Using configuration from CAss.cnf
Check that the request matches the signature
Signature ok
Certificate Details:
Serial Number: 0 (0x0)
Validity
Not Before: Feb 10 13:41:11 2006 GMT
Not After : Feb 9 13:41:11 2009 GMT
Subject:
countryName = AU
organizationName = Dodgy Brothers
commonName = Dodgy CA
X509v3 extensions:
X509v3 Subject Key Identifier:

39:1C:7B:E8:14:6D:A5:4C:4C:FD:8B:A6:F0:93:70:9F:4E :3D:A2:AE
X509v3 Authority Key Identifier:

keyid:39:1C:7B:E8:14:6D:A5:4C:4C:FD:8B:A6:F0:93:70 :9F:4E:3D:A2:AE
DirName:/C=AU/O=Dodgy Brothers/CN=Dodgy CA
serial:00

X509v3 Basic Constraints:
CA:TRUE, pathlen:1
X509v3 Key Usage:
Certificate Sign, CRL Sign
X509v3 Issuer Alternative Name:


Certificate is to be certified until Feb 9 13:41:11 2009 GMT (1095
days)

Write out database with 1 new entries
Data Base Updated
Generating a 512 bit RSA private key
.................++++++++++++
.......++++++++++++
writing new private key to 'newkey.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a
DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
Organization Name (eg, company) []odgy Brothers
Common Name (eg, YOUR name) []:Brother 1
Common Name (eg, YOUR name) []:Brother 2
Request is in newreq.pem, private key is in newkey.pem
Using configuration from ../apps/openssl.cnf
Check that the request matches the signature
Signature ok
Certificate Details:
Serial Number: 1 (0x1)
Validity
Not Before: Feb 10 13:41:11 2006 GMT
Not After : Feb 10 13:41:11 2007 GMT
Subject:
countryName = AU
organizationName = Dodgy Brothers
commonName = Brother 1
commonName = Brother 2
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:

BC:02:E5:C0:00:81:0A:36:00:65:60:5A:72:FB:F4:FD:28 :68:F9:96
X509v3 Authority Key Identifier:

keyid:39:1C:7B:E8:14:6D:A5:4C:4C:FD:8B:A6:F0:93:70 :9F:4E:3D:A2:AE

Certificate is to be certified until Feb 10 13:41:11 2007 GMT (365 days)
Sign the certificate? [y/n]:

1 out of 1 certificate requests certified, commit? [y/n]Write out
database with 1 new entries
Data Base Updated
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=AU, O=Dodgy Brothers, CN=Dodgy CA
Validity
Not Before: Feb 10 13:41:11 2006 GMT
Not After : Feb 10 13:41:11 2007 GMT
Subject: C=AU, O=Dodgy Brothers, CN=Brother 1, CN=Brother 2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (512 bit)
Modulus (512 bit):
00:c0:f2:46:5d:c6:73:10:91:cc:7b:44:f1:3f:89:
b4:06:31:68:92:ab:da:13:96:2f:ac:73:39:9d:13:
31:7c:89:f9:3b:4e:3f:ba:b7:79:33:af:4a:ec:2b:
b8:53:2d:ea:91:0e:34:63:c3:f6:ea:42:58:d7:22:
2e:86:00:9a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:

BC:02:E5:C0:00:81:0A:36:00:65:60:5A:72:FB:F4:FD:28 :68:F9:96
X509v3 Authority Key Identifier:

keyid:39:1C:7B:E8:14:6D:A5:4C:4C:FD:8B:A6:F0:93:70 :9F:4E:3D:A2:AE

Signature Algorithm: sha1WithRSAEncryption
79:62:97:6f:46:f1:19:25:b1:7e:ed:57:9b:45:47:4c:b0 :77:
6a:b1:ba:1f:e4:ac:f4:3f:95:d9:ab:17:00:68:25:bc:d6 :55:
e2:b7:ec:3f:0f:39:7c:58:d1:3e:fb:47:89:0b:92:80:90 :63:
9f:76:1a:e8:5a:59:75:45:b1:0e
-----BEGIN CERTIFICATE-----
MIIB8zCCAZ2gAwIBAgIBATANBgkqhkiG9w0BAQUFADA5MQswCQ YDVQQGEwJBVTEX
MBUGA1UEChMORG9kZ3kgQnJvdGhlcnMxETAPBgNVBAMTCERvZG d5IENBMB4XDTA2
MDIxMDEzNDExMVoXDTA3MDIxMDEzNDExMVowTjELMAkGA1UEBh MCQVUxFzAVBgNV
BAoTDkRvZGd5IEJyb3RoZXJzMRIwEAYDVQQDEwlCcm90aGVyID ExEjAQBgNVBAMT
CUJyb3RoZXIgMjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDA8k ZdxnMQkcx7RPE/
ibQGMWiSq9oTli+sczmdEzF8ifk7Tj+6t3kzr0rsK7hTLeqRDj Rjw/bqQljXIi6G
AJrdAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB 8WHU9wZW5TU0wg
R2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBS8AuXAAI EKNgBlYFpy+/T9
KGj5ljAfBgNVHSMEGDAWgBQ5HHvoFG2lTEz9i6bwk3CfTj2irj ANBgkqhkiG9w0B
AQUFAANBAHlil29G8RklsX7tV5tFR0ywd2qxuh/krPQ/ldmrFwBoJbzWVeK37D8P
OXxY0T77R4kLkoCQY592GuhaWXVFsQ4=
-----END CERTIFICATE-----
Signed certificate is in newcert.pem
newcert.pem: OK
Manipulate the ENGINE structures
.../util/shlib_wrap.sh ./enginetest

enginetest beginning

listing available engine types
end of list
listing available engine types
engine 0, id = "test_id0", name = "First test item"
end of list
listing available engine types
end of list
listing available engine types
engine 0, id = "test_id2", name = "Third test item"
engine 1, id = "test_id1", name = "Second test item"
end of list
listing available engine types
engine 0, id = "test_id2", name = "Third test item"
end of list
listing available engine types
engine 0, id = "test_id2", name = "Third test item"
engine 1, id = "test_id3", name = "Fourth test item"
end of list
Add that should fail did.
Remove that should fail did.
listing available engine types
engine 0, id = "test_id3", name = "Fourth test item"
end of list
listing available engine types
end of list
listing available engine types
end of list
Successfully added and removed to an empty list!
About to beef up the engine-type list
.................................................. .......................
.................................................. .......................
.................................................. .......................
.................................................. .......................
.................................................. .......................
.................................................. .......................
.................................................. .......................
.........
About to empty the engine-type list
.................................................. .......................
.................................................. .......................
.................................................. .......................
.................................................. .......................
.................................................. .......................
.................................................. .......................
.................................................. .......................
.........
Tests completed happily
.../util/shlib_wrap.sh ./evp_test evptests.txt
Ciphertext mismatch
Got
0000 95 fa f4 7a 28 67 23 17 73 b1 28 aa ba e7 ef fc
Expected
0000 69 c4 e0 d8 6a 7b 04 30 d8 cd b7 80 70 b4 c5 5a
Testing digest SHA1
Plaintext
0000 61 62 63
Digest
0000 a9 99 3e 36 47 06 81 6a ba 3e 25 71 78 50 c2 6c
0010 9c d0 d8 9d

Testing digest MD5
Plaintext
Digest
0000 d4 1d 8c d9 8f 00 b2 04 e9 80 09 98 ec f8 42 7e

Testing digest MD5
Plaintext
0000 61
Digest
0000 0c c1 75 b9 c0 f1 b6 a8 31 c3 99 e2 69 77 26 61

Testing digest MD5
Plaintext
0000 61 62 63
Digest
0000 90 01 50 98 3c d2 4f b0 d6 96 3f 7d 28 e1 7f 72

Testing digest MD5
Plaintext
0000 6d 65 73 73 61 67 65 20 64 69 67 65 73 74
Digest
0000 f9 6b 69 7d 7c b7 93 8d 52 5a 2f 31 aa f1 61 d0

Testing digest MD5
Plaintext
0000 61 62 63 64 65 66 67 68 69 6a 6b 6c 6d 6e 6f 70
0010 71 72 73 74 75 76 77 78 79 7a
Digest
0000 c3 fc d3 d7 61 92 e4 00 7d fb 49 6c ca 67 e1 3b

Testing digest MD5
Plaintext
0000 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50
0010 51 52 53 54 55 56 57 58 59 5a 61 62 63 64 65 66
0020 67 68 69 6a 6b 6c 6d 6e 6f 70 71 72 73 74 75 76
0030 77 78 79 7a 30 31 32 33 34 35 36 37 38 39
Digest
0000 d1 74 ab 98 d2 77 d9 f5 a5 61 1c 2c 9f 41 9d 9f

Testing digest MD5
Plaintext
0000 31 32 33 34 35 36 37 38 39 30 31 32 33 34 35 36
0010 37 38 39 30 31 32 33 34 35 36 37 38 39 30 31 32
0020 33 34 35 36 37 38 39 30 31 32 33 34 35 36 37 38
0030 39 30 31 32 33 34 35 36 37 38 39 30 31 32 33 34
0040 35 36 37 38 39 30 31 32 33 34 35 36 37 38 39 30
Digest
0000 57 ed f4 a2 2b e3 c9 55 ac 49 da 2e 21 07 b6 7a

Testing cipher AES-128-ECB(encrypt)
Key
0000 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f
Plaintext
0000 00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff
Ciphertext
0000 69 c4 e0 d8 6a 7b 04 30 d8 cd b7 80 70 b4 c5 5a
*** Error code 9
make: Fatal error: Command failed for target `test_evp'
Current working directory /export/home/sunger/software/build/openssl-
0.9.8a/test
*** Error code 1
make: Fatal error: Command failed for target `tests'
Current working directory /export/home/sunger/software/build/openssl-
0.9.8a
------------------------------------------------------------------------
-----


--
Steffen Unger

__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org