Here is the output from "make report":
OpenSSL self-test report:
OpenSSL version: 0.9.8g
Last change: Fix various bugs:...
Options: no-camellia no-gmp no-krb5 no-mdc2 no-rc5 no-rfc3779 no-seed
no-shared no-tlsext no-zlib no-zlib-dynamic
OS (uname): SunOS dshxsun9 5.10 Generic_118833-36 sun4u sparc
SUNW,Sun-Fire
OS (config): sun4u-whatever-solaris2
Target (default): solaris-sparcv9-cc
Target: solaris-sparcv9-cc
Compiler: cc: Sun C 5.8 2005/10/13
Failure!
-----------------------------------------------------------------------------
making all in crypto...
making all in crypto/objects...
making all in crypto/md2...
making all in crypto/md4...
making all in crypto/md5...
making all in crypto/sha...
making all in crypto/hmac...
making all in crypto/ripemd...
making all in crypto/des...
making all in crypto/aes...
making all in crypto/rc2...
making all in crypto/rc4...
making all in crypto/idea...
making all in crypto/bf...
making all in crypto/cast...
making all in crypto/bn...
making all in crypto/ec...
making all in crypto/rsa...
making all in crypto/dsa...
making all in crypto/ecdsa...
making all in crypto/dh...
making all in crypto/ecdh...
making all in crypto/dso...
making all in crypto/engine...
making all in crypto/buffer...
making all in crypto/bio...
making all in crypto/stack...
making all in crypto/lhash...
making all in crypto/rand...
making all in crypto/err...
making all in crypto/evp...
making all in crypto/asn1...
making all in crypto/pem...
making all in crypto/x509...
making all in crypto/x509v3...
making all in crypto/conf...
making all in crypto/txt_db...
making all in crypto/pkcs7...
making all in crypto/pkcs12...
making all in crypto/comp...
making all in crypto/ocsp...
making all in crypto/ui...
making all in crypto/krb5...
making all in crypto/store...
making all in crypto/pqueue...
if [ -n "" ]; then \
(cd ..; make libcrypto.so.0.9.8); \
fi
making all in ssl...
if [ -n "" ]; then \
(cd ..; make libssl.so.0.9.8); \
fi
making all in engines...
making all in apps...
making all in test...
making all in tools...
-----------------------------------------------------------------------------
testing...
making all in apps...
../util/shlib_wrap.sh ./destest
Doing cbcm
Doing ecb
Doing ede ecb
Doing cbc
Doing desx cbc
Doing ede cbc
Doing pcbc
Doing cfb8 cfb16 cfb32 cfb48 cfb64 cfb64() ede_cfb64() done Doing ofb Doing
ofb64 Doing ede_ofb64 Doing cbc_cksum Doing quad_cksum input word alignment
test 0 1 2 3 output word alignment test 0 1 2 3 fast crypt test
../util/shlib_wrap.sh ./ideatest ecb idea ok cbc idea ok
cfb64 idea ok
../util/shlib_wrap.sh ./shatest
test 1 ok
test 2 ok
test 3 ok
../util/shlib_wrap.sh ./sha1test
test 1 ok
test 2 ok
test 3 ok
../util/shlib_wrap.sh ./sha256t
Testing SHA-256 ... passed.
Testing SHA-224 ... passed.
../util/shlib_wrap.sh ./sha512t
Testing SHA-512 ... passed.
Testing SHA-384 ... passed.
../util/shlib_wrap.sh ./md4test
test 1 ok
test 2 ok
test 3 ok
test 4 ok
test 5 ok
test 6 ok
test 7 ok
../util/shlib_wrap.sh ./md5test
test 1 ok
test 2 ok
test 3 ok
test 4 ok
test 5 ok
test 6 ok
test 7 ok
../util/shlib_wrap.sh ./hmactest
test 0 ok
test 1 ok
test 2 ok
test 3 ok
../util/shlib_wrap.sh ./md2test
test 1 ok
test 2 ok
test 3 ok
test 4 ok
test 5 ok
test 6 ok
test 7 ok
../util/shlib_wrap.sh ./mdc2test
No MDC2 support
../util/shlib_wrap.sh ./rmdtest
test 1 ok
test 2 ok
test 3 ok
test 4 ok
test 5 ok
test 6 ok
test 7 ok
test 8 ok
../util/shlib_wrap.sh ./rc2test
ecb RC2 ok
../util/shlib_wrap.sh ./rc4test
test 0 ok
test 1 ok
test 2 ok
test 3 ok
test 4 ok
test 5 ok
test end processing ....................done test multi-call
....................done bulk test ok ../util/shlib_wrap.sh ./rc5test No RC5
support ../util/shlib_wrap.sh ./bftest testing blowfish in raw ecb mode testing
blowfish in ecb mode testing blowfish set_key testing blowfish in cbc mode
testing blowfish in cfb64 mode testing blowfish in ofb64 ../util/shlib_wrap.sh
./casttest ecb cast5 ok This test will take some time....123456789ABCDEF ok
../util/shlib_wrap.sh ./randtest test 1 done test 2 done test 3 done test 4
done starting big number library test, could take a while...
test BN_add
test BN_sub
test BN_lshift1
test BN_lshift (fixed)
test BN_lshift
test BN_rshift1
test BN_rshift
test BN_sqr
test BN_mul
test BN_div
test BN_div_word
test BN_div_recp
test BN_mod
test BN_mod_mul
test BN_mont
test BN_mod_exp
test BN_mod_exp_mont_consttime
test BN_exp
test BN_kronecker
.......++++++
....................................................................................................
test BN_mod_sqrt
.....
.....
.....
.....
.....
.....
.....
.....
.........++++++++++++
.....
......++++++++++++
.....
....++++++++++++
.....
...........++++++++++++
.....
..................++++++++++++
.....
.............++++++++++++
.....
.........++++++++++++
.....
........++++++++++++
.....
test BN_GF2m_add
test BN_GF2m_mod
test BN_GF2m_mod_mul
test BN_GF2m_mod_sqr
test BN_GF2m_mod_inv
test BN_GF2m_mod_div
test BN_GF2m_mod_exp
test BN_GF2m_mod_sqrt
test BN_GF2m_mod_solve_quad
running bc
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................!
............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................!
..............................................................!
........
.............................................................................................................................................................................
2220 tests passed
test a^b%c implementations
../util/shlib_wrap.sh ./exptest
........................................................................................................................................................................................................
done test elliptic curves ../util/shlib_wrap.sh ./ectest Curve defined by
Weierstrass equation
y^2 = x^3 + a*x + b (mod 0x17)
a = 0x1
b = 0x1
A cyclic subgroup:
point at infinity
x = 0xD, y = 0x7
x = 0x5, y = 0x4
x = 0x11, y = 0x3
x = 0x11, y = 0x14
x = 0x5, y = 0x13
x = 0xD, y = 0x10
Generator as octect string, compressed form:
030D
Generator as octect string, uncompressed form:
040D07
Generator as octect string, hybrid form:
070D07
A representation of the inverse of that generator in Jacobian projective
coordinates:
X = 0xC, Y = 0xF, Z = 0xA
SEC2 curve secp160r1 -- Generator:
x = 0x4A96B5688EF573284664698968C38BB913CBFC82
y = 0x23A628553168947D59DCC912042351377AC5FB32
verify degree ... ok
verify group order .... ok
NIST curve P-192 -- Generator:
x = 0x188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012
y = 0x7192B95FFC8DA78631011ED6B24CDD573F977A11E794811
verify degree ... ok
verify group order .... ok
NIST curve P-224 -- Generator:
x = 0xB70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21
y = 0xBD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34
verify degree ... ok
verify group order .... ok
NIST curve P-256 -- Generator:
x = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296
y = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5
verify degree ... ok
verify group order .... ok
NIST curve P-384 -- Generator:
x =
0xAA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7
y =
0x3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F
verify degree ... ok
verify group order .... ok
NIST curve P-521 -- Generator:
x =
0xC6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66
y =
0x11839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650
verify degree ... ok
verify group order .... ok
combined multiplication ..... ok
Curve defined by Weierstrass equation
y^2 + x*y = x^3 + a*x^2 + b (mod 0x13)
a = 0x3
b = 0x1
(0x... means binary polynomial)
A cyclic subgroup:
point at infinity
x = 0x6, y = 0x8
x = 0x1, y = 0xD
x = 0x7, y = 0x2
x = 0x0, y = 0x1
x = 0x7, y = 0x5
x = 0x1, y = 0xC
x = 0x6, y = 0xE
Generator as octet string, uncompressed form:
040608
NIST curve K-163 -- Generator:
x = 0x2FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8
y = 0x289070FB05D38FF58321F2E800536D538CCDAA3D9
verify degree ... ok
verify group order .... ok
NIST curve B-163 -- Generator:
x = 0x3F0EBA16286A2D57EA0991168D4994637E8343E36
y = 0xD51FBC6C71A0094FA2CDD545B11C5C0C797324F1
verify degree ... ok
verify group order .... ok
NIST curve K-233 -- Generator:
x = 0x17232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126
y = 0x1DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3
verify degree ... ok
verify group order .... ok
NIST curve B-233 -- Generator:
x = 0xFAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B
y = 0x1006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052
verify degree ... ok
verify group order .... ok
NIST curve K-283 -- Generator:
x =
0x503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836
y =
0x1CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259
verify degree ... ok
verify group order .... ok
NIST curve B-283 -- Generator:
x =
0x5F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053
y =
0x3676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4
verify degree ... ok
verify group order .... ok
NIST curve K-409 -- Generator:
x =
0x60F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746
y =
0x1E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B
verify degree ... ok
verify group order .... ok
NIST curve B-409 -- Generator:
x =
0x15D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7
y =
0x61B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706
verify degree ... ok
verify group order .... ok
NIST curve K-571 -- Generator:
x =
0x26EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972
y =
0x349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3
verify degree ... ok
verify group order .... ok
NIST curve B-571 -- Generator:
x =
0x303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19
y =
0x37BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B
verify degree ... ok
verify group order .... ok
combined multiplication ..... ok
testing internal curves:
................................................................... ok test
ecdsa ../util/shlib_wrap.sh ./ecdsatest some tests from X9.62:
testing prime192v1: .... ok
testing prime239v1: .... ok
testing c2tnb191v1: .... ok
testing c2tnb239v1: .... ok
testing ECDSA_sign() and ECDSA_verify() with some internal curves:
secp160k1: ....... ok
secp160r1: ....... ok
secp160r2: ....... ok
secp192k1: ....... ok
secp224k1: ....... ok
secp224r1: ....... ok
secp256k1: ....... ok
secp384r1: ....... ok
secp521r1: ....... ok
prime192v1: ....... ok
prime192v2: ....... ok
prime192v3: ....... ok
prime239v1: ....... ok
prime239v2: ....... ok
prime239v3: ....... ok
prime256v1: ....... ok
sect163k1: ....... ok
sect163r1: ....... ok
sect163r2: ....... ok
sect193r1: ....... ok
sect193r2: ....... ok
sect233k1: ....... ok
sect233r1: ....... ok
sect239k1: ....... ok
sect283k1: ....... ok
sect283r1: ....... ok
sect409k1: ....... ok
sect409r1: ....... ok
sect571k1: ....... ok
sect571r1: ....... ok
c2pnb163v1: ....... ok
c2pnb163v2: ....... ok
c2pnb163v3: ....... ok
c2pnb176v1: ....... ok
c2tnb191v1: ....... ok
c2tnb191v2: ....... ok
c2tnb191v3: ....... ok
c2pnb208w1: ....... ok
c2tnb239v1: ....... ok
c2tnb239v2: ....... ok
c2tnb239v3: ....... ok
c2pnb272w1: ....... ok
c2pnb304w1: ....... ok
c2tnb359v1: ....... ok
c2pnb368w1: ....... ok
c2tnb431r1: ....... ok
wap-wsg-idm-ecid-wtls3: ....... ok
wap-wsg-idm-ecid-wtls5: ....... ok
wap-wsg-idm-ecid-wtls7: ....... ok
wap-wsg-idm-ecid-wtls9: ....... ok
wap-wsg-idm-ecid-wtls10: ....... ok
wap-wsg-idm-ecid-wtls11: ....... ok
wap-wsg-idm-ecid-wtls12: ....... ok
ECDSA test passed
test ecdh
../util/shlib_wrap.sh ./ecdhtest
Testing key generation with NIST Prime-Curve P-192 .... ok Testing key
generation with NIST Prime-Curve P-224 .... ok Testing key generation with NIST
Prime-Curve P-256 .... ok Testing key generation with NIST Prime-Curve P-384
.... ok Testing key generation with NIST Prime-Curve P-521 .... ok Testing key
generation with NIST Binary-Curve K-163 .... ok Testing key generation with
NIST Binary-Curve B-163 .... ok Testing key generation with NIST Binary-Curve
K-233 .... ok Testing key generation with NIST Binary-Curve B-233 .... ok
Testing key generation with NIST Binary-Curve K-283 .... ok Testing key
generation with NIST Binary-Curve B-283 .... ok Testing key generation with
NIST Binary-Curve K-409 .... ok Testing key generation with NIST Binary-Curve
B-409 .... ok Testing key generation with NIST Binary-Curve K-571 .... ok
Testing key generation with NIST Binary-Curve B-571 .... ok cat
base64
aes-128-cbc
aes-128-cbc base64
aes-128-ecb
aes-128-ecb base64
aes-192-cbc
aes-192-cbc base64
aes-192-ecb
aes-192-ecb base64
aes-256-cbc
aes-256-cbc base64
aes-256-ecb
aes-256-ecb base64
base64
base64 base64
bf
bf base64
bf-cbc
bf-cbc base64
bf-cfb
bf-cfb base64
bf-ecb
bf-ecb base64
bf-ofb
bf-ofb base64
cast
cast base64
cast-cbc
cast-cbc base64
cast5-cbc
cast5-cbc base64
cast5-cfb
cast5-cfb base64
cast5-ecb
cast5-ecb base64
cast5-ofb
cast5-ofb base64
des
des base64
des-cbc
des-cbc base64
des-cfb
des-cfb base64
des-ecb
des-ecb base64
des-ede
des-ede base64
des-ede-cbc
des-ede-cbc base64
des-ede-cfb
des-ede-cfb base64
des-ede-ofb
des-ede-ofb base64
des-ede3
des-ede3 base64
des-ede3-cbc
des-ede3-cbc base64
des-ede3-cfb
des-ede3-cfb base64
des-ede3-ofb
des-ede3-ofb base64
des-ofb
des-ofb base64
des3
des3 base64
desx
desx base64
idea
idea base64
idea-cbc
idea-cbc base64
idea-cfb
idea-cfb base64
idea-ecb
idea-ecb base64
idea-ofb
idea-ofb base64
rc2
rc2 base64
rc2-40-cbc
rc2-40-cbc base64
rc2-64-cbc
rc2-64-cbc base64
rc2-cbc
rc2-cbc base64
rc2-cfb
rc2-cfb base64
rc2-ecb
rc2-ecb base64
rc2-ofb
rc2-ofb base64
rc4
rc4 base64
rc4-40
rc4-40 base64
echo test normal x509v1 certificate
test normal x509v1 certificate
sh ./tx509 2>/dev/null
testing X509 conversions
p -> d
p -> n
p -> p
d -> d
n -> d
p -> d
d -> n
n -> n
p -> n
d -> p
n -> p
p -> p
echo test first x509v3 certificate
test first x509v3 certificate
sh ./tx509 v3-cert1.pem 2>/dev/null
testing X509 conversions
p -> d
p -> n
p -> p
d -> d
n -> d
p -> d
d -> n
n -> n
p -> n
d -> p
n -> p
p -> p
echo test second x509v3 certificate
test second x509v3 certificate
sh ./tx509 v3-cert2.pem 2>/dev/null
testing X509 conversions
p -> d
p -> n
p -> p
d -> d
n -> d
p -> d
d -> n
n -> n
p -> n
d -> p
n -> p
p -> p
rsa
testing rsa conversions
p -> d
p -> p
d -> d
p -> d
d -> p
p -> p
../util/shlib_wrap.sh ./rsa_test
PKCS #1 v1.5 encryption/decryption ok
OAEP encryption/decryption ok
PKCS #1 v1.5 encryption/decryption ok
OAEP encryption/decryption ok
PKCS #1 v1.5 encryption/decryption ok
OAEP encryption/decryption ok
PKCS #1 v1.5 encryption/decryption ok
OAEP encryption/decryption ok
PKCS #1 v1.5 encryption/decryption ok
OAEP encryption/decryption ok
PKCS #1 v1.5 encryption/decryption ok
OAEP encryption/decryption ok
testing crl conversions
p -> d
p -> p
d -> d
p -> d
d -> p
p -> p
testing session-id conversions
p -> d
p -> p
d -> d
p -> d
d -> p
p -> p
Generate and verify a certificate request generating certificate request rsa
There should be a 2 sequences of .'s and some +'s.
There should not be more that at most 80 per line This could take some time.
Generating a 512 bit RSA private key
........++++++++++++
...++++++++++++
writing new private key to 'testkey.pem'
-----
You are about to be asked to enter information that will be incorporated into
your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank For some fields there
will be a default value, If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
State or Province Name (full name) [Queensland]:
Locality Name (eg, city) []:Brisbane
Organization Name (eg, company) []:CryptSoft Pty Ltd Organizational Unit Name
(eg, section) []:.
Common Name (eg, YOUR name) []:Eric Young Email Address []:[EMAIL PROTECTED]
verify OK testing req conversions p -> d p -> p d -> d p -> d d -> p p -> p
testing req conversions p -> d p -> p d -> d p -> d d -> p p -> p testing pkcs7
conversions p -> d p -> p d -> d p -> d d -> p p -> p testing pkcs7 conversions
(2) p -> d p -> p d -> d p -> d d -> p p -> p The following command should have
some OK's and some failures There are definitly a few expired certificates
../util/shlib_wrap.sh ../apps/openssl verify -CApath ../certs ../certs/*.pem
../certs/RegTP-5R.pem: /C=DE/O=Regulierungsbeh\xC8orde f\xC8ur
Telekommunikation und Post/0.2.262.1.10.7.20=1/CN=5R-CA 1:PN error 10 at 0
depth lookup:certificate has expired OK
../certs/RegTP-6R.pem: /C=DE/O=Regulierungsbeh\xC8orde f\xC8ur
Telekommunikation und Post/0.2.262.1.10.7.20=1/CN=6R-Ca 1:PN error 10 at 0
depth lookup:certificate has expired OK
../certs/aol1.pem: OK
../certs/aol2.pem: OK
../certs/aoltw1.pem: OK
../certs/aoltw2.pem: OK
../certs/argena.pem: OK
../certs/argeng.pem: OK
../certs/eng1.pem: OK
../certs/eng2.pem: OK
../certs/eng3.pem: OK
../certs/eng4.pem: OK
../certs/eng5.pem: OK
../certs/thawteCb.pem: OK
../certs/thawteCp.pem: OK
../certs/vsign1.pem: OK
../certs/vsign3.pem: OK
../certs/vsignss.pem: OK
../certs/wellsfgo.pem: OK
Generate a set of DH parameters
../util/shlib_wrap.sh ./dhtest
.......+..........+.......++*++*++*++*++*++*++*++*++*++*++*++*++*++*++*++*++*++*++*++*++*++*++*++*++*++*++*
p =EB1970350A51B8DF
g =5
pri 1=745A46045515D001
pub 1=A0CF346D2DFAD68D
pri 2=72B4A195D1C43162
pub 2=A3C7114F3E73AFD7
key1 =E1414C25CAEFA293
key2 =E1414C25CAEFA293
Generate a set of DSA parameters
../util/shlib_wrap.sh ./dsatest
test generation of DSA parameters
.++++++++++++++++++++++++++++++++++++++++++++++++++*
...+........+..+...+............+.+..+..........................................................................+++++++++++++++++++++++++++++++++++++++++++++++++++*
seed
D5014E4B 60EF2BA8 B6211B40 62BA3224 E0427DD3
counter=105 h=2
P:
00:8d:f2:a4:94:49:22:76:aa:3d:25:75:9b:b0:68:
69:cb:ea:c0:d8:3a:fb:8d:0c:f7:cb:b8:32:4f:0d:
78:82:e5:d0:76:2f:c5:b7:21:0e:af:c2:e9:ad:ac:
32:ab:7a:ac:49:69:3d:fb:f8:37:24:c2:ec:07:36:
ee:31:c8:02:91
Q:
00:c7:73:21:8c:73:7e:c8:ee:99:3b:4f:2d:ed:30:
f4:8e:da:ce:91:5f
G:
62:6d:02:78:39:ea:0a:13:41:31:63:a5:5b:4c:b5:
00:29:9d:55:22:95:6c:ef:cb:3b:ff:10:f3:99:ce:
2c:2e:71:cb:9d:e5:fa:24:ba:bf:58:e5:b7:95:21:
92:5c:9c:c4:2e:9f:6f:46:4b:08:8c:c5:72:af:53:
e6:d7:88:02
../util/shlib_wrap.sh ./dsatest -app2_1
test generation of DSA parameters
.++++++++++++++++++++++++++++++++++++++++++++++++++*
...+........+..+...+............+.+..+..........................................................................+++++++++++++++++++++++++++++++++++++++++++++++++++*
seed
D5014E4B 60EF2BA8 B6211B40 62BA3224 E0427DD3
counter=105 h=2
P:
00:8d:f2:a4:94:49:22:76:aa:3d:25:75:9b:b0:68:
69:cb:ea:c0:d8:3a:fb:8d:0c:f7:cb:b8:32:4f:0d:
78:82:e5:d0:76:2f:c5:b7:21:0e:af:c2:e9:ad:ac:
32:ab:7a:ac:49:69:3d:fb:f8:37:24:c2:ec:07:36:
ee:31:c8:02:91
Q:
00:c7:73:21:8c:73:7e:c8:ee:99:3b:4f:2d:ed:30:
f4:8e:da:ce:91:5f
G:
62:6d:02:78:39:ea:0a:13:41:31:63:a5:5b:4c:b5:
00:29:9d:55:22:95:6c:ef:cb:3b:ff:10:f3:99:ce:
2c:2e:71:cb:9d:e5:fa:24:ba:bf:58:e5:b7:95:21:
92:5c:9c:c4:2e:9f:6f:46:4b:08:8c:c5:72:af:53:
e6:d7:88:02
Generate and certify a test certificate
make a certificate request using 'req'
rsa
Generating a 512 bit RSA private key
............................++++++++++++
......................++++++++++++
writing new private key to 'keyCA.ss'
-----
You are about to be asked to enter information that will be incorporated into
your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank For some fields there
will be a default value, If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
Organization Name (eg, company) []:Dodgy Brothers Common Name (eg, YOUR name)
[]:Dodgy CA
convert the certificate request into a self signed certificate using 'x509'
Signature ok
subject=/C=AU/O=Dodgy Brothers/CN=Dodgy CA Getting Private key
convert a certificate into a certificate request using 'x509'
Getting request Private Key
Generating certificate request
verify OK
verify OK
certCA.ss: OK
make a user certificate request using 'req'
Generating a 512 bit RSA private key
.........++++++++++++
..++++++++++++
writing new private key to 'keyU.ss'
-----
You are about to be asked to enter information that will be incorporated into
your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank For some fields there
will be a default value, If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
Organization Name (eg, company) []:Dodgy Brothers Common Name (eg, YOUR name)
[]:Brother 1 Common Name (eg, YOUR name) []:Brother 2
sign user certificate request with the just created CA via 'x509'
Signature ok
subject=/C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 Getting CA Private Key
certU.ss: OK
Certificate details
subject= /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 issuer= /C=AU/O=Dodgy
Brothers/CN=Dodgy CA notBefore=Nov 8 23:33:02 2007 GMT notAfter=Dec 8
23:33:02 2007 GMT
make a proxy certificate request using 'req'
Generating a 512 bit RSA private key
....................++++++++++++
.........++++++++++++
writing new private key to 'keyP1.ss'
-----
You are about to be asked to enter information that will be incorporated into
your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank For some fields there
will be a default value, If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
Organization Name (eg, company) []:Dodgy Brothers Common Name (eg, YOUR name)
[]:Brother 1 Common Name (eg, YOUR name) []:Brother 2 Common Name (eg, YOUR
name) []:Proxy 1
sign proxy certificate request with the just created user certificate via 'x509'
Signature ok
subject=/C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1 Getting CA
Private Key
certP1.ss: /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1 error 40
at 0 depth lookup:proxy certificates not allowed, please set the appropriate
flag
Certificate details
subject= /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1 issuer=
/C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2 notBefore=Nov 8 23:33:03 2007
GMT notAfter=Dec 8 23:33:03 2007 GMT
make another proxy certificate request using 'req'
Generating a 512 bit RSA private key
.........................++++++++++++
.............++++++++++++
writing new private key to 'keyP2.ss'
-----
You are about to be asked to enter information that will be incorporated into
your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank For some fields there
will be a default value, If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
Organization Name (eg, company) []:Dodgy Brothers Common Name (eg, YOUR name)
[]:Brother 1 Common Name (eg, YOUR name) []:Brother 2 Common Name (eg, YOUR
name) []:Proxy 1 Common Name (eg, YOUR name) []:Proxy 2
sign second proxy certificate request with the first proxy certificate via
'x509'
Signature ok
subject=/C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Getting CA Private Key
certP2.ss: /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy
2 error 40 at 0 depth lookup:proxy certificates not allowed, please set the
appropriate flag
Certificate details
subject= /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
issuer= /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
notBefore=Nov 8 23:33:03 2007 GMT notAfter=Dec 8 23:33:03 2007 GMT
The generated CA certificate is certCA.ss The generated CA private key is
keyCA.ss The generated user certificate is certU.ss The generated user private
key is keyU.ss The first generated proxy certificate is certP1.ss The first
generated proxy private key is keyP1.ss The second generated proxy certificate
is certP2.ss The second generated proxy private key is keyP2.ss rsa Generate
and certify a test certificate via the 'ca' program CA certificate filename (or
enter to create) Making CA certificate ...
Generating a 512 bit RSA private key
.................................++++++++++++
...............++++++++++++
writing new private key to './demoCA/private/./cakey.pem'
-----
You are about to be asked to enter information that will be incorporated into
your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank For some fields there
will be a default value, If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
Organization Name (eg, company) []:Dodgy Brothers Common Name (eg, YOUR name)
[]:Dodgy CA Using configuration from CAss.cnf Check that the request matches
the signature Signature ok Certificate Details:
Serial Number: 0 (0x0)
Validity
Not Before: Nov 8 23:33:04 2007 GMT
Not After : Nov 7 23:33:04 2010 GMT
Subject:
countryName = AU
organizationName = Dodgy Brothers
commonName = Dodgy CA
X509v3 extensions:
X509v3 Subject Key Identifier:
13:3B:0C:A5:01:19:C6:E3:A0:CE:AA:71:4C:D5:6D:F8:62:F0:A3:29
X509v3 Authority Key Identifier:
keyid:13:3B:0C:A5:01:19:C6:E3:A0:CE:AA:71:4C:D5:6D:F8:62:F0:A3:29
DirName:/C=AU/O=Dodgy Brothers/CN=Dodgy CA
serial:00
X509v3 Basic Constraints:
CA:TRUE, pathlen:1
X509v3 Key Usage:
Certificate Sign, CRL Sign
X509v3 Issuer Alternative Name:
<EMPTY>
Certificate is to be certified until Nov 7 23:33:04 2010 GMT (1095 days)
Write out database with 1 new entries
Data Base Updated
Generating a 512 bit RSA private key
.............++++++++++++
..................++++++++++++
writing new private key to 'newkey.pem'
-----
You are about to be asked to enter information that will be incorporated into
your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank For some fields there
will be a default value, If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
Organization Name (eg, company) []:Dodgy Brothers Common Name (eg, YOUR name)
[]:Brother 1 Common Name (eg, YOUR name) []:Brother 2 Request is in newreq.pem,
private key is in newkey.pem Using configuration from ../apps/openssl.cnf Check
that the request matches the signature Signature ok Certificate Details:
Serial Number: 1 (0x1)
Validity
Not Before: Nov 8 23:33:04 2007 GMT
Not After : Nov 7 23:33:04 2008 GMT
Subject:
countryName = AU
organizationName = Dodgy Brothers
commonName = Brother 1
commonName = Brother 2
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
B7:C3:E9:35:0C:A7:3D:5D:7B:8B:43:CB:01:0D:3C:D3:18:12:87:DA
X509v3 Authority Key Identifier:
keyid:13:3B:0C:A5:01:19:C6:E3:A0:CE:AA:71:4C:D5:6D:F8:62:F0:A3:29
Certificate is to be certified until Nov 7 23:33:04 2008 GMT (365 days) Sign
the certificate? [y/n]:
1 out of 1 certificate requests certified, commit? [y/n]Write out database with
1 new entries Data Base Updated
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=AU, O=Dodgy Brothers, CN=Dodgy CA
Validity
Not Before: Nov 8 23:33:04 2007 GMT
Not After : Nov 7 23:33:04 2008 GMT
Subject: C=AU, O=Dodgy Brothers, CN=Brother 1, CN=Brother 2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (512 bit)
Modulus (512 bit):
00:ab:20:00:aa:8d:13:88:fc:05:9f:96:38:25:66:
d1:f4:e7:82:e6:fa:48:1b:46:e3:05:40:4f:5f:74:
f6:f5:5e:31:0c:b5:9e:15:02:e7:41:09:93:7b:5b:
78:0e:34:e2:92:70:a2:bb:11:90:86:26:23:0a:c3:
85:9d:a8:e0:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
B7:C3:E9:35:0C:A7:3D:5D:7B:8B:43:CB:01:0D:3C:D3:18:12:87:DA
X509v3 Authority Key Identifier:
keyid:13:3B:0C:A5:01:19:C6:E3:A0:CE:AA:71:4C:D5:6D:F8:62:F0:A3:29
Signature Algorithm: sha1WithRSAEncryption
72:ab:17:4e:b2:d0:c3:8c:f4:14:a4:2e:37:48:24:55:bc:b9:
f3:82:ec:d7:22:34:5f:ef:85:88:7f:cf:c3:39:af:98:5c:ed:
6d:22:3e:71:7a:8d:f5:23:ea:08:20:5c:ba:e8:f1:c5:1d:15:
2f:22:7e:76:c9:08:fc:68:fa:5b
-----BEGIN CERTIFICATE-----
MIIB8zCCAZ2gAwIBAgIBATANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJBVTEX
MBUGA1UEChMORG9kZ3kgQnJvdGhlcnMxETAPBgNVBAMTCERvZGd5IENBMB4XDTA3
MTEwODIzMzMwNFoXDTA4MTEwNzIzMzMwNFowTjELMAkGA1UEBhMCQVUxFzAVBgNV
BAoTDkRvZGd5IEJyb3RoZXJzMRIwEAYDVQQDEwlCcm90aGVyIDExEjAQBgNVBAMT
CUJyb3RoZXIgMjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQCrIACqjROI/AWfljgl
ZtH054Lm+kgbRuMFQE9fdPb1XjEMtZ4VAudBCZN7W3gONOKScKK7EZCGJiMKw4Wd
qOBfAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wg
R2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBS3w+k1DKc9XXuLQ8sBDTzT
GBKH2jAfBgNVHSMEGDAWgBQTOwylARnG46DOqnFM1W34YvCjKTANBgkqhkiG9w0B
AQUFAANBAHKrF06y0MOM9BSkLjdIJFW8ufOC7NciNF/vhYh/z8M5r5hc7W0iPnF6
jfUj6gggXLro8cUdFS8ifnbJCPxo+ls=
-----END CERTIFICATE-----
Signed certificate is in newcert.pem
newcert.pem: OK
Manipulate the ENGINE structures
../util/shlib_wrap.sh ./enginetest
enginetest beginning
listing available engine types
end of list
listing available engine types
engine 0, id = "test_id0", name = "First test item"
end of list
listing available engine types
end of list
listing available engine types
engine 0, id = "test_id2", name = "Third test item"
engine 1, id = "test_id1", name = "Second test item"
end of list
listing available engine types
engine 0, id = "test_id2", name = "Third test item"
end of list
listing available engine types
engine 0, id = "test_id2", name = "Third test item"
engine 1, id = "test_id3", name = "Fourth test item"
end of list
Add that should fail did.
Remove that should fail did.
listing available engine types
engine 0, id = "test_id3", name = "Fourth test item"
end of list
listing available engine types
end of list
listing available engine types
end of list
Successfully added and removed to an empty list!
About to beef up the engine-type list
...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
