From: jsing <jsing@openbsd.org>
Date: Sat, 24 May 2014 13:32:46 +0000 (+0000)
Subject: Move the regress tests that are in lib/libssl to usr.sbin/openssl,
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=3b6de629ce8948fc91b06c070bbe994248fb6b4c;p=openbsd

Move the regress tests that are in lib/libssl to usr.sbin/openssl,
since they are really testing openssl(1) (although this also tests
libcrypto and libssl), rather than actual parts of the libssl library.

Discussed with miod@
---

diff --git a/regress/lib/libssl/Makefile b/regress/lib/libssl/Makefile
deleted file mode 100644
index 20d2b9979db..00000000000
--- a/regress/lib/libssl/Makefile
+++ /dev/null
@@ -1,58 +0,0 @@
-#	$OpenBSD: Makefile,v 1.16 2014/04/17 08:06:59 jsg Exp $
-
-CLEANFILES+= testdsa.key testdsa.pem rsakey.pem rsacert.pem dsa512.pem
-
-REGRESS_TARGETS=ssl-enc ssl-dsa ssl-rsa 
-
-OPENSSL=/usr/sbin/openssl
-CLEAR1=p
-CIPHER=cipher
-CLEAR2=clear
-LIBCRYPTO=-lcrypto
-
-${CLEAR1}: openssl.cnf
-	cat ${.CURDIR}/openssl.cnf > ${CLEAR1}
-
-CLEANFILES+=${CLEAR1}
-
-ENCTARGETS=aes-128-cbc aes-128-cfb aes-128-cfb1 aes-128-cfb8
-ENCTARGETS+=aes-128-ecb aes-128-ofb aes-192-cbc aes-192-cfb
-ENCTARGETS+=aes-192-cfb1 aes-192-cfb8 aes-192-ecb aes-192-ofb
-ENCTARGETS+=aes-256-cbc aes-256-cfb aes-256-cfb1 aes-256-cfb8
-ENCTARGETS+=aes-256-ecb aes-256-ofb
-ENCTARGETS+=bf-cbc bf-cfb bf-ecb bf-ofb
-ENCTARGETS+=cast-cbc cast5-cbc cast5-cfb cast5-ecb cast5-ofb
-ENCTARGETS+=des-cbc des-cfb des-cfb8 des-ecb des-ede
-ENCTARGETS+=des-ede-cbc des-ede-cfb des-ede-ofb des-ede3
-ENCTARGETS+=des-ede3-cbc des-ede3-cfb des-ede3-ofb des-ofb desx-cbc
-ENCTARGETS+=rc2-40-cbc rc2-64-cbc rc2-cbc rc2-cfb rc2-ecb rc2-ofb
-ENCTARGETS+=rc4 rc4-40
-
-.for ENC in ${ENCTARGETS}
-${CIPHER}.${ENC}: ${CLEAR1}
-	${OPENSSL} enc -${ENC} -bufsize 113 -e -k test < ${CLEAR1} > ${CIPHER}.${ENC}
-${CIPHER}.${ENC}.b64: ${CLEAR1}
-	${OPENSSL} enc -${ENC} -bufsize 113 -a -e -k test < ${CLEAR1} > ${CIPHER}.${ENC}.b64
-
-${CLEAR2}.${ENC}: ${CIPHER}.${ENC}
-	${OPENSSL} enc -${ENC} -bufsize 157 -d -k test < ${CIPHER}.${ENC} > ${CLEAR2}.${ENC}
-${CLEAR2}.${ENC}.b64: ${CIPHER}.${ENC}.b64
-	${OPENSSL} enc -${ENC} -bufsize 157 -a -d -k test < ${CIPHER}.${ENC}.b64 > ${CLEAR2}.${ENC}.b64
-
-ssl-enc-${ENC}: ${CLEAR1} ${CLEAR2}.${ENC}
-	cmp ${CLEAR1} ${CLEAR2}.${ENC}
-ssl-enc-${ENC}.b64: ${CLEAR1} ${CLEAR2}.${ENC}.b64
-	cmp ${CLEAR1} ${CLEAR2}.${ENC}.b64
-
-REGRESS_TARGETS+=ssl-enc-${ENC} ssl-enc-${ENC}.b64
-CLEANFILES+=${CIPHER}.${ENC} ${CIPHER}.${ENC}.b64 ${CLEAR2}.${ENC} ${CLEAR2}.${ENC}.b64 .rnd
-.endfor
-
-ssl-enc:
-	sh ${.CURDIR}/testenc.sh ${.OBJDIR} ${.CURDIR}
-ssl-dsa:
-	sh ${.CURDIR}/testdsa.sh ${.OBJDIR} ${.CURDIR}
-ssl-rsa:
-	sh ${.CURDIR}/testrsa.sh ${.OBJDIR} ${.CURDIR}
-
-.include <bsd.regress.mk>
diff --git a/regress/lib/libssl/README b/regress/lib/libssl/README
deleted file mode 100644
index 878feca400d..00000000000
--- a/regress/lib/libssl/README
+++ /dev/null
@@ -1,6 +0,0 @@
-testenc.sh tests encryption routines
-testdsa.sh tests DSA certificate generation
-test_server.sh starts a tls1 server using the above generated certificate
-test_client.sh starts a client to talk to the server.
-testrsa.sh tests RSA certificate generation
-
diff --git a/regress/lib/libssl/openssl.cnf b/regress/lib/libssl/openssl.cnf
deleted file mode 100644
index 9b6cf400c63..00000000000
--- a/regress/lib/libssl/openssl.cnf
+++ /dev/null
@@ -1,29 +0,0 @@
-#	$OpenBSD: openssl.cnf,v 1.2 2001/01/29 02:05:46 niklas Exp $
-
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-# hacked by iang to do DSA certs - Server
-
-RANDFILE              = ./.rnd
-
-####################################################################
-[ req ]
-distinguished_name    = req_distinguished_name
-encrypt_rsa_key               = no
-
-[ req_distinguished_name ]
-countryName                   = Country Name (2 letter code)
-countryName_default           = CA
-countryName_value             = CA
-
-organizationName                = Organization Name (eg, company)
-organizationName_value          = Shake it Vera 
-
-0.commonName                  = Common Name (eg, YOUR name)
-0.commonName_value            = Wastelandus
-
-1.commonName                  = Common Name (eg, YOUR name)
-1.commonName_value            = Maximus
-
diff --git a/regress/lib/libssl/test_client.sh b/regress/lib/libssl/test_client.sh
deleted file mode 100644
index 4f17fad80e6..00000000000
--- a/regress/lib/libssl/test_client.sh
+++ /dev/null
@@ -1,13 +0,0 @@
-#!/bin/sh
-#	$OpenBSD: test_client.sh,v 1.3 2001/01/29 02:05:48 niklas Exp $
-
-
-echo
-echo This starts a tls1 mode client to talk to the server run by 
-echo ./testserver.sh. You should start the server first. 
-echo
-echo type in this window after ssl negotiation and your output should
-echo be echoed by the server. 
-echo
-echo
-/usr/sbin/openssl s_client -tls1
diff --git a/regress/lib/libssl/test_server.sh b/regress/lib/libssl/test_server.sh
deleted file mode 100644
index a9e2c84d4f3..00000000000
--- a/regress/lib/libssl/test_server.sh
+++ /dev/null
@@ -1,11 +0,0 @@
-#!/bin/sh
-#	$OpenBSD: test_server.sh,v 1.3 2001/01/29 02:05:48 niklas Exp $
-
-
-echo This starts a tls1 mode server using the DSA certificate in ./server.pem
-echo Run ./testclient.sh in another window and type at it, you should 
-echo see the results of the ssl negotiation, and stuff you type in the client
-echo should echo in this window
-echo
-echo
-/usr/sbin/openssl s_server -tls1 -key testdsa.key -cert testdsa.pem
diff --git a/regress/lib/libssl/testdsa.sh b/regress/lib/libssl/testdsa.sh
deleted file mode 100644
index 48526eec119..00000000000
--- a/regress/lib/libssl/testdsa.sh
+++ /dev/null
@@ -1,29 +0,0 @@
-#!/bin/sh
-#	$OpenBSD: testdsa.sh,v 1.4 2001/01/29 02:05:48 niklas Exp $
-
-
-#Test DSA certificate generation of openssl
-
-cd $1
-
-# Generate DSA paramter set
-openssl dsaparam 512 -out dsa512.pem
-if [ $? != 0 ]; then
-        exit 1;
-fi
-
-
-# Denerate a DSA certificate
-openssl req -config $2/openssl.cnf -x509 -newkey dsa:dsa512.pem -out testdsa.pem -keyout testdsa.key
-if [ $? != 0 ]; then
-        exit 1;
-fi
-
-
-# Now check the certificate
-openssl x509 -text -in testdsa.pem
-if [ $? != 0 ]; then
-        exit 1;
-fi
-
-exit 0
diff --git a/regress/lib/libssl/testenc.sh b/regress/lib/libssl/testenc.sh
deleted file mode 100644
index 355e9cd923e..00000000000
--- a/regress/lib/libssl/testenc.sh
+++ /dev/null
@@ -1,70 +0,0 @@
-#!/bin/sh
-#	$OpenBSD: testenc.sh,v 1.6 2002/01/15 18:51:39 art Exp $
-
-
-testsrc=$2/openssl.cnf
-test=$1/p
-cmd=/usr/sbin/openssl
-
-cd $1
-
-cat $testsrc >$test;
-
-echo cat
-$cmd enc < $test > $test.cipher
-$cmd enc < $test.cipher >$test.clear
-cmp $test $test.clear
-if [ $? != 0 ]
-then
-	exit 1
-else
-	/bin/rm $test.cipher $test.clear
-fi
-echo base64
-$cmd enc -a -e < $test > $test.cipher
-$cmd enc -a -d < $test.cipher >$test.clear
-cmp $test $test.clear
-if [ $? != 0 ]
-then
-	exit 1
-else
-	/bin/rm $test.cipher $test.clear
-fi
-
-/bin/rm -f $test
-exit 0
-
-# These tests are now done by the makefile.
-
-for i in rc4 \
-	des-cfb des-ede-cfb des-ede3-cfb \
-	des-ofb des-ede-ofb des-ede3-ofb \
-	des-ecb des-ede des-ede3 desx \
-	des-cbc des-ede-cbc des-ede3-cbc \
-	rc2-ecb rc2-cfb rc2-ofb rc2-cbc \
-	bf-ecb bf-cfb bf-ofb bf-cbc rc4 \
-	cast5-ecb cast5-cfb cast5-ofb cast5-cbc
-do
-	echo $i
-	$cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher
-	$cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear
-	cmp $test $test.$i.clear
-	if [ $? != 0 ]
-	then
-		exit 1
-	else
-		/bin/rm $test.$i.cipher $test.$i.clear
-	fi
-
-	echo $i base64
-	$cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher
-	$cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
-	cmp $test $test.$i.clear
-	if [ $? != 0 ]
-	then
-		exit 1
-	else
-		/bin/rm $test.$i.cipher $test.$i.clear
-	fi
-done
-rm -f $test
diff --git a/regress/lib/libssl/testrsa.sh b/regress/lib/libssl/testrsa.sh
deleted file mode 100644
index 17c6abf7ce5..00000000000
--- a/regress/lib/libssl/testrsa.sh
+++ /dev/null
@@ -1,29 +0,0 @@
-#!/bin/sh
-#	$OpenBSD: testrsa.sh,v 1.6 2002/01/02 15:13:18 art Exp $
-
-
-#Test RSA certificate generation of openssl
-
-cd $1
-
-# Generate RSA private key
-openssl genrsa -out rsakey.pem
-if [ $? != 0 ]; then
-        exit 1;
-fi
-
-
-# Generate an RSA certificate
-openssl req -config $2/openssl.cnf -key rsakey.pem -new -x509 -days 365 -out rsacert.pem
-if [ $? != 0 ]; then
-        exit 1;
-fi
-
-
-# Now check the certificate
-openssl x509 -text -in rsacert.pem
-if [ $? != 0 ]; then
-        exit 1;
-fi
-
-exit 0
diff --git a/regress/usr.sbin/Makefile b/regress/usr.sbin/Makefile
index 008810030d6..64d73516039 100644
--- a/regress/usr.sbin/Makefile
+++ b/regress/usr.sbin/Makefile
@@ -1,6 +1,7 @@
-#	$OpenBSD: Makefile,v 1.5 2013/09/04 22:37:49 bluhm Exp $
+#	$OpenBSD: Makefile,v 1.6 2014/05/24 13:32:46 jsing Exp $
 
 SUBDIR += mtree
+SUBDIR += openssl
 SUBDIR += relayd
 
 .if defined(REGRESS_FULL)
diff --git a/regress/usr.sbin/openssl/Makefile b/regress/usr.sbin/openssl/Makefile
new file mode 100644
index 00000000000..4f4e3d13a10
--- /dev/null
+++ b/regress/usr.sbin/openssl/Makefile
@@ -0,0 +1,58 @@
+#	$OpenBSD: Makefile,v 1.1 2014/05/24 13:32:46 jsing Exp $
+
+CLEANFILES+= testdsa.key testdsa.pem rsakey.pem rsacert.pem dsa512.pem
+
+REGRESS_TARGETS=ssl-enc ssl-dsa ssl-rsa 
+
+OPENSSL=/usr/sbin/openssl
+CLEAR1=p
+CIPHER=cipher
+CLEAR2=clear
+LIBCRYPTO=-lcrypto
+
+${CLEAR1}: openssl.cnf
+	cat ${.CURDIR}/openssl.cnf > ${CLEAR1}
+
+CLEANFILES+=${CLEAR1}
+
+ENCTARGETS=aes-128-cbc aes-128-cfb aes-128-cfb1 aes-128-cfb8
+ENCTARGETS+=aes-128-ecb aes-128-ofb aes-192-cbc aes-192-cfb
+ENCTARGETS+=aes-192-cfb1 aes-192-cfb8 aes-192-ecb aes-192-ofb
+ENCTARGETS+=aes-256-cbc aes-256-cfb aes-256-cfb1 aes-256-cfb8
+ENCTARGETS+=aes-256-ecb aes-256-ofb
+ENCTARGETS+=bf-cbc bf-cfb bf-ecb bf-ofb
+ENCTARGETS+=cast-cbc cast5-cbc cast5-cfb cast5-ecb cast5-ofb
+ENCTARGETS+=des-cbc des-cfb des-cfb8 des-ecb des-ede
+ENCTARGETS+=des-ede-cbc des-ede-cfb des-ede-ofb des-ede3
+ENCTARGETS+=des-ede3-cbc des-ede3-cfb des-ede3-ofb des-ofb desx-cbc
+ENCTARGETS+=rc2-40-cbc rc2-64-cbc rc2-cbc rc2-cfb rc2-ecb rc2-ofb
+ENCTARGETS+=rc4 rc4-40
+
+.for ENC in ${ENCTARGETS}
+${CIPHER}.${ENC}: ${CLEAR1}
+	${OPENSSL} enc -${ENC} -bufsize 113 -e -k test < ${CLEAR1} > ${CIPHER}.${ENC}
+${CIPHER}.${ENC}.b64: ${CLEAR1}
+	${OPENSSL} enc -${ENC} -bufsize 113 -a -e -k test < ${CLEAR1} > ${CIPHER}.${ENC}.b64
+
+${CLEAR2}.${ENC}: ${CIPHER}.${ENC}
+	${OPENSSL} enc -${ENC} -bufsize 157 -d -k test < ${CIPHER}.${ENC} > ${CLEAR2}.${ENC}
+${CLEAR2}.${ENC}.b64: ${CIPHER}.${ENC}.b64
+	${OPENSSL} enc -${ENC} -bufsize 157 -a -d -k test < ${CIPHER}.${ENC}.b64 > ${CLEAR2}.${ENC}.b64
+
+ssl-enc-${ENC}: ${CLEAR1} ${CLEAR2}.${ENC}
+	cmp ${CLEAR1} ${CLEAR2}.${ENC}
+ssl-enc-${ENC}.b64: ${CLEAR1} ${CLEAR2}.${ENC}.b64
+	cmp ${CLEAR1} ${CLEAR2}.${ENC}.b64
+
+REGRESS_TARGETS+=ssl-enc-${ENC} ssl-enc-${ENC}.b64
+CLEANFILES+=${CIPHER}.${ENC} ${CIPHER}.${ENC}.b64 ${CLEAR2}.${ENC} ${CLEAR2}.${ENC}.b64 .rnd
+.endfor
+
+ssl-enc:
+	sh ${.CURDIR}/testenc.sh ${.OBJDIR} ${.CURDIR}
+ssl-dsa:
+	sh ${.CURDIR}/testdsa.sh ${.OBJDIR} ${.CURDIR}
+ssl-rsa:
+	sh ${.CURDIR}/testrsa.sh ${.OBJDIR} ${.CURDIR}
+
+.include <bsd.regress.mk>
diff --git a/regress/usr.sbin/openssl/README b/regress/usr.sbin/openssl/README
new file mode 100644
index 00000000000..878feca400d
--- /dev/null
+++ b/regress/usr.sbin/openssl/README
@@ -0,0 +1,6 @@
+testenc.sh tests encryption routines
+testdsa.sh tests DSA certificate generation
+test_server.sh starts a tls1 server using the above generated certificate
+test_client.sh starts a client to talk to the server.
+testrsa.sh tests RSA certificate generation
+
diff --git a/regress/usr.sbin/openssl/openssl.cnf b/regress/usr.sbin/openssl/openssl.cnf
new file mode 100644
index 00000000000..d2e85ad0e2a
--- /dev/null
+++ b/regress/usr.sbin/openssl/openssl.cnf
@@ -0,0 +1,29 @@
+#	$OpenBSD: openssl.cnf,v 1.1 2014/05/24 13:32:46 jsing Exp $
+
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# hacked by iang to do DSA certs - Server
+
+RANDFILE              = ./.rnd
+
+####################################################################
+[ req ]
+distinguished_name    = req_distinguished_name
+encrypt_rsa_key               = no
+
+[ req_distinguished_name ]
+countryName                   = Country Name (2 letter code)
+countryName_default           = CA
+countryName_value             = CA
+
+organizationName                = Organization Name (eg, company)
+organizationName_value          = Shake it Vera 
+
+0.commonName                  = Common Name (eg, YOUR name)
+0.commonName_value            = Wastelandus
+
+1.commonName                  = Common Name (eg, YOUR name)
+1.commonName_value            = Maximus
+
diff --git a/regress/usr.sbin/openssl/test_client.sh b/regress/usr.sbin/openssl/test_client.sh
new file mode 100644
index 00000000000..c51f68debfe
--- /dev/null
+++ b/regress/usr.sbin/openssl/test_client.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+#	$OpenBSD: test_client.sh,v 1.1 2014/05/24 13:32:46 jsing Exp $
+
+
+echo
+echo This starts a tls1 mode client to talk to the server run by 
+echo ./testserver.sh. You should start the server first. 
+echo
+echo type in this window after ssl negotiation and your output should
+echo be echoed by the server. 
+echo
+echo
+/usr/sbin/openssl s_client -tls1
diff --git a/regress/usr.sbin/openssl/test_server.sh b/regress/usr.sbin/openssl/test_server.sh
new file mode 100644
index 00000000000..cab89455275
--- /dev/null
+++ b/regress/usr.sbin/openssl/test_server.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+#	$OpenBSD: test_server.sh,v 1.1 2014/05/24 13:32:46 jsing Exp $
+
+
+echo This starts a tls1 mode server using the DSA certificate in ./server.pem
+echo Run ./testclient.sh in another window and type at it, you should 
+echo see the results of the ssl negotiation, and stuff you type in the client
+echo should echo in this window
+echo
+echo
+/usr/sbin/openssl s_server -tls1 -key testdsa.key -cert testdsa.pem
diff --git a/regress/usr.sbin/openssl/testdsa.sh b/regress/usr.sbin/openssl/testdsa.sh
new file mode 100644
index 00000000000..b895cb7c728
--- /dev/null
+++ b/regress/usr.sbin/openssl/testdsa.sh
@@ -0,0 +1,29 @@
+#!/bin/sh
+#	$OpenBSD: testdsa.sh,v 1.1 2014/05/24 13:32:46 jsing Exp $
+
+
+#Test DSA certificate generation of openssl
+
+cd $1
+
+# Generate DSA paramter set
+openssl dsaparam 512 -out dsa512.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+
+
+# Denerate a DSA certificate
+openssl req -config $2/openssl.cnf -x509 -newkey dsa:dsa512.pem -out testdsa.pem -keyout testdsa.key
+if [ $? != 0 ]; then
+        exit 1;
+fi
+
+
+# Now check the certificate
+openssl x509 -text -in testdsa.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+
+exit 0
diff --git a/regress/usr.sbin/openssl/testenc.sh b/regress/usr.sbin/openssl/testenc.sh
new file mode 100644
index 00000000000..0f73f8e11fe
--- /dev/null
+++ b/regress/usr.sbin/openssl/testenc.sh
@@ -0,0 +1,70 @@
+#!/bin/sh
+#	$OpenBSD: testenc.sh,v 1.1 2014/05/24 13:32:46 jsing Exp $
+
+
+testsrc=$2/openssl.cnf
+test=$1/p
+cmd=/usr/sbin/openssl
+
+cd $1
+
+cat $testsrc >$test;
+
+echo cat
+$cmd enc < $test > $test.cipher
+$cmd enc < $test.cipher >$test.clear
+cmp $test $test.clear
+if [ $? != 0 ]
+then
+	exit 1
+else
+	/bin/rm $test.cipher $test.clear
+fi
+echo base64
+$cmd enc -a -e < $test > $test.cipher
+$cmd enc -a -d < $test.cipher >$test.clear
+cmp $test $test.clear
+if [ $? != 0 ]
+then
+	exit 1
+else
+	/bin/rm $test.cipher $test.clear
+fi
+
+/bin/rm -f $test
+exit 0
+
+# These tests are now done by the makefile.
+
+for i in rc4 \
+	des-cfb des-ede-cfb des-ede3-cfb \
+	des-ofb des-ede-ofb des-ede3-ofb \
+	des-ecb des-ede des-ede3 desx \
+	des-cbc des-ede-cbc des-ede3-cbc \
+	rc2-ecb rc2-cfb rc2-ofb rc2-cbc \
+	bf-ecb bf-cfb bf-ofb bf-cbc rc4 \
+	cast5-ecb cast5-cfb cast5-ofb cast5-cbc
+do
+	echo $i
+	$cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher
+	$cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear
+	cmp $test $test.$i.clear
+	if [ $? != 0 ]
+	then
+		exit 1
+	else
+		/bin/rm $test.$i.cipher $test.$i.clear
+	fi
+
+	echo $i base64
+	$cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher
+	$cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
+	cmp $test $test.$i.clear
+	if [ $? != 0 ]
+	then
+		exit 1
+	else
+		/bin/rm $test.$i.cipher $test.$i.clear
+	fi
+done
+rm -f $test
diff --git a/regress/usr.sbin/openssl/testrsa.sh b/regress/usr.sbin/openssl/testrsa.sh
new file mode 100644
index 00000000000..4488c311291
--- /dev/null
+++ b/regress/usr.sbin/openssl/testrsa.sh
@@ -0,0 +1,29 @@
+#!/bin/sh
+#	$OpenBSD: testrsa.sh,v 1.1 2014/05/24 13:32:46 jsing Exp $
+
+
+#Test RSA certificate generation of openssl
+
+cd $1
+
+# Generate RSA private key
+openssl genrsa -out rsakey.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+
+
+# Generate an RSA certificate
+openssl req -config $2/openssl.cnf -key rsakey.pem -new -x509 -days 365 -out rsacert.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+
+
+# Now check the certificate
+openssl x509 -text -in rsacert.pem
+if [ $? != 0 ]; then
+        exit 1;
+fi
+
+exit 0