tests: Update server and user certificates (2017)
The previous versions expired, so need to re-sign these to fix number of the EAP test cases. In addition, add a shell script (update.sh) and the needed CA files to automate this full update process. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
ee522d27cf
commit
0ba13e8613
27 changed files with 478 additions and 92 deletions
|
@ -4,5 +4,5 @@ V 140102000000Z D8D3E3A6CBE3CCCA unknown /C=FI/O=w1.fi/CN=server4.w1.fi
|
|||
V 150215083008Z D8D3E3A6CBE3CCCB unknown /C=FI/O=w1.fi/CN=server5.w1.fi
|
||||
V 150228224144Z D8D3E3A6CBE3CCCC unknown /C=FI/O=w1.fi/CN=server6.w1.fi
|
||||
V 160111185024Z D8D3E3A6CBE3CCCD unknown /C=FI/O=w1.fi/CN=ocsp.w1.fi
|
||||
V 170930181357Z D8D3E3A6CBE3CCE9 unknown /C=FI/O=w1.fi/CN=server.w1.fi
|
||||
V 150929211300Z D8D3E3A6CBE3CCD1 unknown /C=FI/O=w1.fi/CN=Test User
|
||||
V 181001154204Z D8D3E3A6CBE3CD12 unknown /C=FI/O=w1.fi/CN=server.w1.fi
|
||||
|
|
Binary file not shown.
Binary file not shown.
146
tests/hwsim/auth_serv/openssl2.cnf
Normal file
146
tests/hwsim/auth_serv/openssl2.cnf
Normal file
|
@ -0,0 +1,146 @@
|
|||
HOME = .
|
||||
RANDFILE = $ENV::HOME/.rnd
|
||||
oid_section = new_oids
|
||||
|
||||
[ new_oids ]
|
||||
|
||||
[ ca ]
|
||||
default_ca = CA_default
|
||||
|
||||
[ CA_default ]
|
||||
|
||||
dir = ./test-ca
|
||||
certs = $dir/certs
|
||||
crl_dir = $dir/crl
|
||||
database = $dir/index.txt
|
||||
unique_subject = no
|
||||
new_certs_dir = $dir/newcerts
|
||||
certificate = $dir/cacert.pem
|
||||
serial = $dir/serial
|
||||
crlnumber = $dir/crlnumber
|
||||
crl = $dir/crl.pem
|
||||
private_key = $dir/private/cakey.pem
|
||||
RANDFILE = $dir/private/.rand
|
||||
|
||||
x509_extensions = usr_cert
|
||||
|
||||
name_opt = ca_default
|
||||
cert_opt = ca_default
|
||||
|
||||
default_days = 365
|
||||
default_crl_days= 30
|
||||
default_md = default
|
||||
preserve = no
|
||||
|
||||
policy = policy_match
|
||||
|
||||
[ policy_match ]
|
||||
countryName = match
|
||||
stateOrProvinceName = optional
|
||||
organizationName = match
|
||||
organizationalUnitName = optional
|
||||
commonName = supplied
|
||||
emailAddress = optional
|
||||
|
||||
[ policy_anything ]
|
||||
countryName = optional
|
||||
stateOrProvinceName = optional
|
||||
localityName = optional
|
||||
organizationName = optional
|
||||
organizationalUnitName = optional
|
||||
commonName = supplied
|
||||
emailAddress = optional
|
||||
|
||||
[ req ]
|
||||
default_bits = 1024
|
||||
default_keyfile = privkey.pem
|
||||
distinguished_name = req_distinguished_name
|
||||
attributes = req_attributes
|
||||
x509_extensions = v3_ca
|
||||
|
||||
string_mask = utf8only
|
||||
|
||||
[ req_distinguished_name ]
|
||||
countryName = Country Name (2 letter code)
|
||||
countryName_default = FI
|
||||
countryName_min = 2
|
||||
countryName_max = 2
|
||||
|
||||
localityName = Locality Name (eg, city)
|
||||
localityName_default = Tuusula
|
||||
|
||||
0.organizationName = Organization Name (eg, company)
|
||||
0.organizationName_default = w1.fi
|
||||
|
||||
commonName = Common Name (e.g. server FQDN or YOUR name)
|
||||
#@CN@
|
||||
commonName_max = 64
|
||||
|
||||
emailAddress = Email Address
|
||||
emailAddress_max = 64
|
||||
|
||||
##0.subjectAltName = dNSName:server.w1.fi
|
||||
|
||||
[ req_attributes ]
|
||||
|
||||
[ usr_cert ]
|
||||
|
||||
basicConstraints=CA:FALSE
|
||||
|
||||
subjectKeyIdentifier=hash
|
||||
authorityKeyIdentifier=keyid,issuer
|
||||
|
||||
authorityInfoAccess = OCSP;URI:http://server.w1.fi:8888/
|
||||
|
||||
[ v3_req ]
|
||||
|
||||
basicConstraints = CA:FALSE
|
||||
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
|
||||
subjectAltName=DNS:example.com,DNS:another.example.com
|
||||
|
||||
[ v3_ca ]
|
||||
|
||||
subjectKeyIdentifier=hash
|
||||
|
||||
authorityKeyIdentifier=keyid:always,issuer
|
||||
|
||||
basicConstraints = CA:true
|
||||
|
||||
[ crl_ext ]
|
||||
|
||||
authorityKeyIdentifier=keyid:always
|
||||
|
||||
[ v3_OCSP ]
|
||||
basicConstraints = CA:FALSE
|
||||
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
|
||||
extendedKeyUsage = OCSPSigning
|
||||
|
||||
[ ext_client ]
|
||||
|
||||
basicConstraints=CA:FALSE
|
||||
subjectKeyIdentifier=hash
|
||||
authorityKeyIdentifier=keyid,issuer
|
||||
authorityInfoAccess = OCSP;URI:http://server.w1.fi:8888/
|
||||
#@ALTNAME@
|
||||
|
||||
extendedKeyUsage = clientAuth
|
||||
|
||||
[ ext_server ]
|
||||
|
||||
basicConstraints=CA:FALSE
|
||||
subjectKeyIdentifier=hash
|
||||
authorityKeyIdentifier=keyid,issuer
|
||||
authorityInfoAccess = OCSP;URI:http://server.w1.fi:8888/
|
||||
#@ALTNAME@
|
||||
|
||||
extendedKeyUsage = serverAuth
|
||||
|
||||
[ ext_client_server ]
|
||||
|
||||
basicConstraints=CA:FALSE
|
||||
subjectKeyIdentifier=hash
|
||||
authorityKeyIdentifier=keyid,issuer
|
||||
authorityInfoAccess = OCSP;URI:http://server.w1.fi:8888/
|
||||
#@ALTNAME@
|
||||
|
||||
extendedKeyUsage = clientAuth, serverAuth
|
11
tests/hwsim/auth_serv/server-eku-client-server.csr
Normal file
11
tests/hwsim/auth_serv/server-eku-client-server.csr
Normal file
|
@ -0,0 +1,11 @@
|
|||
-----BEGIN CERTIFICATE REQUEST-----
|
||||
MIIBhjCB8AIBADBHMQswCQYDVQQGEwJGSTEQMA4GA1UEBwwHVHV1c3VsYTEOMAwG
|
||||
A1UECgwFdzEuZmkxFjAUBgNVBAMMDXNlcnZlcjYudzEuZmkwgZ8wDQYJKoZIhvcN
|
||||
AQEBBQADgY0AMIGJAoGBAMowHv0TagIoUZoOqR5yfudayMsMfoqZgY0FswmwqYbn
|
||||
rkT64Mfu8xi0MWXjBW9mTuPkhYGbR39ftRYrsFmRnMVV09PKLIHO8CeoVN4OT9jw
|
||||
Eb0LEFY4Jt+pOpUVk6YW7dIetLXAqGGOrhAE/eYmykoNkEu5rMmU8rFrl2tgJOq9
|
||||
AgMBAAGgADANBgkqhkiG9w0BAQUFAAOBgQA9gLu0fMZobrP6pkMTQFB/e8iDxeEl
|
||||
LlTqNoZ1hMJ5CQHHB/CLK5D0D+oGrheb/7WA9kT9aMnk1KVFHFmNb0rGMHMLHIWb
|
||||
PBb7d1xEFskl/iB1VshJX0DhYhkgwxuQzPF3fQCJV+pUf7hOI0tzY4yXgLykO5Us
|
||||
qzQNeSKKXD3XbQ==
|
||||
-----END CERTIFICATE REQUEST-----
|
|
@ -1,12 +1,12 @@
|
|||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number: 15624081837803162862 (0xd8d3e3a6cbe3ccee)
|
||||
Serial Number: 15624081837803162901 (0xd8d3e3a6cbe3cd15)
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
Issuer: C=FI, O=w1.fi, CN=Root CA
|
||||
Validity
|
||||
Not Before: Feb 18 19:37:20 2017 GMT
|
||||
Not After : Feb 18 19:37:20 2018 GMT
|
||||
Not Before: Oct 1 15:42:04 2017 GMT
|
||||
Not After : Oct 1 15:42:04 2018 GMT
|
||||
Subject: C=FI, O=w1.fi, CN=server6.w1.fi
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
|
@ -36,18 +36,18 @@ Certificate:
|
|||
X509v3 Extended Key Usage:
|
||||
TLS Web Client Authentication, TLS Web Server Authentication
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
23:d4:9e:22:e4:d2:74:de:e6:39:ce:f9:67:e4:55:2d:75:51:
|
||||
29:14:de:f4:b6:67:4b:df:c1:10:20:87:3b:ed:39:58:7c:a8:
|
||||
73:b3:8e:6e:59:54:88:ca:88:b9:9d:e5:e9:4d:fd:cd:ad:84:
|
||||
8d:30:d6:a8:8d:0d:b7:23:73:bc:83:36:bd:ff:9a:6a:b4:29:
|
||||
30:47:a6:7e:85:1c:76:f2:a9:34:c2:f8:a4:82:f8:7f:f7:d1:
|
||||
e1:62:b0:6f:b1:0d:67:d3:34:0c:a1:97:23:13:cf:78:67:64:
|
||||
f1:8c:30:b2:6a:08:61:59:79:7b:4e:9e:57:10:83:4d:d5:bc:
|
||||
4d:15
|
||||
83:42:07:58:30:ac:24:5a:9f:cf:7e:87:a6:9b:b1:e7:27:e8:
|
||||
17:ff:43:bf:b9:82:0a:8c:97:59:a9:96:4e:fa:5c:dc:05:1f:
|
||||
8d:6c:89:a6:b1:df:e4:ab:09:89:c5:c1:bd:99:22:41:79:0f:
|
||||
88:ef:4c:48:51:a0:bd:0a:28:f3:91:d0:fe:c1:bb:3e:3b:5f:
|
||||
36:bb:3b:5f:1b:06:ce:3c:98:c9:3c:6a:9d:5c:4a:bf:75:45:
|
||||
94:df:45:d6:3b:1c:68:68:e2:ed:ca:0a:e9:f4:fa:15:e3:04:
|
||||
c1:e1:8a:8c:ca:b7:0a:96:74:83:c7:fd:38:22:5f:c7:b1:df:
|
||||
4c:1e
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIChzCCAfCgAwIBAgIJANjT46bL48zuMA0GCSqGSIb3DQEBCwUAMC8xCzAJBgNV
|
||||
BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xNzAy
|
||||
MTgxOTM3MjBaFw0xODAyMTgxOTM3MjBaMDUxCzAJBgNVBAYTAkZJMQ4wDAYDVQQK
|
||||
MIIChzCCAfCgAwIBAgIJANjT46bL480VMA0GCSqGSIb3DQEBCwUAMC8xCzAJBgNV
|
||||
BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xNzEw
|
||||
MDExNTQyMDRaFw0xODEwMDExNTQyMDRaMDUxCzAJBgNVBAYTAkZJMQ4wDAYDVQQK
|
||||
DAV3MS5maTEWMBQGA1UEAwwNc2VydmVyNi53MS5maTCBnzANBgkqhkiG9w0BAQEF
|
||||
AAOBjQAwgYkCgYEAyjAe/RNqAihRmg6pHnJ+51rIywx+ipmBjQWzCbCphueuRPrg
|
||||
x+7zGLQxZeMFb2ZO4+SFgZtHf1+1FiuwWZGcxVXT08osgc7wJ6hU3g5P2PARvQsQ
|
||||
|
@ -55,8 +55,8 @@ Vjgm36k6lRWTphbt0h60tcCoYY6uEAT95ibKSg2QS7msyZTysWuXa2Ak6r0CAwEA
|
|||
AaOBpDCBoTAJBgNVHRMEAjAAMB0GA1UdDgQWBBTHxu/1YdKgCIFqa0Qs9XL32t5b
|
||||
uTAfBgNVHSMEGDAWgBS4kt79ihizMMOfVfMzXbTIKYpBFDA1BggrBgEFBQcBAQQp
|
||||
MCcwJQYIKwYBBQUHMAGGGWh0dHA6Ly9zZXJ2ZXIudzEuZmk6ODg4OC8wHQYDVR0l
|
||||
BBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4GBACPUniLk
|
||||
0nTe5jnO+WfkVS11USkU3vS2Z0vfwRAghzvtOVh8qHOzjm5ZVIjKiLmd5elN/c2t
|
||||
hI0w1qiNDbcjc7yDNr3/mmq0KTBHpn6FHHbyqTTC+KSC+H/30eFisG+xDWfTNAyh
|
||||
lyMTz3hnZPGMMLJqCGFZeXtOnlcQg03VvE0V
|
||||
BBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4GBAINCB1gw
|
||||
rCRan89+h6absecn6Bf/Q7+5ggqMl1mplk76XNwFH41siaax3+SrCYnFwb2ZIkF5
|
||||
D4jvTEhRoL0KKPOR0P7Buz47Xza7O18bBs48mMk8ap1cSr91RZTfRdY7HGho4u3K
|
||||
Cun0+hXjBMHhiozKtwqWdIPH/TgiX8ex30we
|
||||
-----END CERTIFICATE-----
|
||||
|
|
11
tests/hwsim/auth_serv/server-eku-client.csr
Normal file
11
tests/hwsim/auth_serv/server-eku-client.csr
Normal file
|
@ -0,0 +1,11 @@
|
|||
-----BEGIN CERTIFICATE REQUEST-----
|
||||
MIIBhjCB8AIBADBHMQswCQYDVQQGEwJGSTEQMA4GA1UEBwwHVHV1c3VsYTEOMAwG
|
||||
A1UECgwFdzEuZmkxFjAUBgNVBAMMDXNlcnZlcjUudzEuZmkwgZ8wDQYJKoZIhvcN
|
||||
AQEBBQADgY0AMIGJAoGBAKOZ6eLhF2A7cDQadFxG47i9u6rJ8+77EjCgacN0OIA6
|
||||
uiNSx8Fqz7rdQePSaTWkpmBsMR+FvVZsewljzadRa4RAkHd+l2h7OLXEFTt0NzQo
|
||||
unri14RTeHZNFre43wly54cmdCwEysXOKfW0ztso60VHQo/tiFqjI0mbe7w54QFT
|
||||
AgMBAAGgADANBgkqhkiG9w0BAQUFAAOBgQBtsWMoDQr3miJluL8rnbsu7t7HhGn8
|
||||
BBJ393C6P8UHYJTlfMPfg+H2zfyrP68EV76lym5jmNOltZUv14joZjpYX9VOT+5r
|
||||
e4wq697O7BDG7aBt2BR2BgYCMQiiAXisL0bOs6crYxapqCh3tyzkhxwOyqdqRO7R
|
||||
+1BujmtweBGlBQ==
|
||||
-----END CERTIFICATE REQUEST-----
|
|
@ -1,12 +1,12 @@
|
|||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number: 15624081837803162861 (0xd8d3e3a6cbe3cced)
|
||||
Serial Number: 15624081837803162900 (0xd8d3e3a6cbe3cd14)
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
Issuer: C=FI, O=w1.fi, CN=Root CA
|
||||
Validity
|
||||
Not Before: Feb 18 19:36:36 2017 GMT
|
||||
Not After : Feb 18 19:36:36 2018 GMT
|
||||
Not Before: Oct 1 15:42:04 2017 GMT
|
||||
Not After : Oct 1 15:42:04 2018 GMT
|
||||
Subject: C=FI, O=w1.fi, CN=server5.w1.fi
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
|
@ -36,18 +36,18 @@ Certificate:
|
|||
X509v3 Extended Key Usage:
|
||||
TLS Web Client Authentication
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
8a:68:22:48:71:eb:9f:c2:30:17:9d:27:3c:18:2b:8d:0d:70:
|
||||
a1:80:b7:64:ff:3a:b9:6c:64:51:d8:57:a8:49:aa:e6:fa:1f:
|
||||
e7:41:a1:2d:27:95:ba:83:6c:8b:9a:78:4c:b1:51:96:ba:a1:
|
||||
5e:63:23:bf:aa:57:26:28:33:54:01:38:a3:44:dd:96:bd:5b:
|
||||
92:e9:36:67:1a:66:11:4f:0a:0b:52:6d:bf:20:a0:79:78:61:
|
||||
8d:d9:6b:38:a0:a4:c7:a0:99:66:cd:57:e4:99:cd:e7:f3:00:
|
||||
e8:29:74:99:d1:83:a7:9d:6e:5f:70:7c:e2:a2:3c:3c:6d:d3:
|
||||
a2:1d
|
||||
1d:31:a8:51:d5:36:37:2c:e8:9f:00:62:c4:ad:2d:9d:79:9d:
|
||||
85:3f:3e:3e:18:d3:d2:47:85:dd:b2:e0:e7:ae:bd:33:b6:1f:
|
||||
02:7c:2a:cd:af:d4:24:66:5d:58:35:aa:14:19:a6:d3:bd:6a:
|
||||
51:f8:a9:ba:ef:0d:7e:83:6a:8e:d1:82:4f:ac:ab:e7:b7:dd:
|
||||
23:22:2b:3a:72:c8:2f:cb:11:4c:49:b1:44:cc:e9:3d:52:28:
|
||||
82:12:75:c3:ef:1d:08:a4:bf:01:84:24:78:9f:2a:c3:1a:5c:
|
||||
e5:c9:89:c2:1e:25:04:5a:50:2b:ef:b2:2e:59:2b:19:8a:f7:
|
||||
dc:8d
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIICfTCCAeagAwIBAgIJANjT46bL48ztMA0GCSqGSIb3DQEBCwUAMC8xCzAJBgNV
|
||||
BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xNzAy
|
||||
MTgxOTM2MzZaFw0xODAyMTgxOTM2MzZaMDUxCzAJBgNVBAYTAkZJMQ4wDAYDVQQK
|
||||
MIICfTCCAeagAwIBAgIJANjT46bL480UMA0GCSqGSIb3DQEBCwUAMC8xCzAJBgNV
|
||||
BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xNzEw
|
||||
MDExNTQyMDRaFw0xODEwMDExNTQyMDRaMDUxCzAJBgNVBAYTAkZJMQ4wDAYDVQQK
|
||||
DAV3MS5maTEWMBQGA1UEAwwNc2VydmVyNS53MS5maTCBnzANBgkqhkiG9w0BAQEF
|
||||
AAOBjQAwgYkCgYEAo5np4uEXYDtwNBp0XEbjuL27qsnz7vsSMKBpw3Q4gDq6I1LH
|
||||
wWrPut1B49JpNaSmYGwxH4W9Vmx7CWPNp1FrhECQd36XaHs4tcQVO3Q3NCi6euLX
|
||||
|
@ -55,8 +55,8 @@ hFN4dk0Wt7jfCXLnhyZ0LATKxc4p9bTO2yjrRUdCj+2IWqMjSZt7vDnhAVMCAwEA
|
|||
AaOBmjCBlzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQzFp07FxWCKzRuOOjMIr9Jp14q
|
||||
KzAfBgNVHSMEGDAWgBS4kt79ihizMMOfVfMzXbTIKYpBFDA1BggrBgEFBQcBAQQp
|
||||
MCcwJQYIKwYBBQUHMAGGGWh0dHA6Ly9zZXJ2ZXIudzEuZmk6ODg4OC8wEwYDVR0l
|
||||
BAwwCgYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADgYEAimgiSHHrn8IwF50nPBgr
|
||||
jQ1woYC3ZP86uWxkUdhXqEmq5vof50GhLSeVuoNsi5p4TLFRlrqhXmMjv6pXJigz
|
||||
VAE4o0Tdlr1bkuk2ZxpmEU8KC1JtvyCgeXhhjdlrOKCkx6CZZs1X5JnN5/MA6Cl0
|
||||
mdGDp51uX3B84qI8PG3Toh0=
|
||||
BAwwCgYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADgYEAHTGoUdU2NyzonwBixK0t
|
||||
nXmdhT8+PhjT0keF3bLg5669M7YfAnwqza/UJGZdWDWqFBmm071qUfipuu8NfoNq
|
||||
jtGCT6yr57fdIyIrOnLIL8sRTEmxRMzpPVIoghJ1w+8dCKS/AYQkeJ8qwxpc5cmJ
|
||||
wh4lBFpQK++yLlkrGYr33I0=
|
||||
-----END CERTIFICATE-----
|
||||
|
|
Binary file not shown.
11
tests/hwsim/auth_serv/server-no-dnsname.csr
Normal file
11
tests/hwsim/auth_serv/server-no-dnsname.csr
Normal file
|
@ -0,0 +1,11 @@
|
|||
-----BEGIN CERTIFICATE REQUEST-----
|
||||
MIIBhjCB8AIBADBHMQswCQYDVQQGEwJGSTEQMA4GA1UEBwwHVHV1c3VsYTEOMAwG
|
||||
A1UECgwFdzEuZmkxFjAUBgNVBAMMDXNlcnZlcjMudzEuZmkwgZ8wDQYJKoZIhvcN
|
||||
AQEBBQADgY0AMIGJAoGBANv8D6FIh2iGxJ56+Bgod22jWA/bvmvUQ0PEuhc3m6j/
|
||||
lqJzFBMcrhkPgVQ1EGSU42RlvpsLFtKekph3h+KamfwdVwyKDUwhL65n12Nh65Fb
|
||||
WC+tZ2Zl5IMHymo2peYg9lyZJ9tj5YbYK3wdkESBIiF3CgMFw+tjYbNMMsCHhzpH
|
||||
AgMBAAGgADANBgkqhkiG9w0BAQUFAAOBgQCIMaSR51fy0AWM/sbq3xYrdq682feE
|
||||
rbsL03Cj89+oa0UAhE5A96Xd+wE5S2M6YhRStzOG3dV+JHcK22Toc8forosURcR4
|
||||
iiIHtNxShQ716L2nf3hfb+flO5oiZGxaqFUKRxxPSdPaqwp0OedfhMl/KJhEHPH9
|
||||
wpobDyIzqeqcPw==
|
||||
-----END CERTIFICATE REQUEST-----
|
|
@ -1,12 +1,12 @@
|
|||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number: 15624081837803162860 (0xd8d3e3a6cbe3ccec)
|
||||
Serial Number: 15624081837803162899 (0xd8d3e3a6cbe3cd13)
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
Issuer: C=FI, O=w1.fi, CN=Root CA
|
||||
Validity
|
||||
Not Before: Feb 18 19:35:21 2017 GMT
|
||||
Not After : Feb 18 19:35:21 2018 GMT
|
||||
Not Before: Oct 1 15:42:04 2017 GMT
|
||||
Not After : Oct 1 15:42:04 2018 GMT
|
||||
Subject: C=FI, O=w1.fi, CN=server3.w1.fi
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
|
@ -36,18 +36,18 @@ Certificate:
|
|||
X509v3 Extended Key Usage:
|
||||
TLS Web Server Authentication
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
62:93:83:da:f7:ca:dc:c1:0b:f0:40:e8:59:21:e4:ed:16:fa:
|
||||
c5:fe:4d:8e:29:c0:f7:b7:0c:c5:da:32:6f:dc:0e:95:06:20:
|
||||
48:1c:d0:38:f4:91:1c:c0:91:6e:08:8b:eb:04:ab:7e:21:47:
|
||||
be:15:cf:3b:48:d6:3b:9b:69:bc:c1:8e:23:96:09:b5:1d:b5:
|
||||
58:8d:37:de:12:82:44:c5:f9:ec:c3:c1:9e:12:0c:ae:11:80:
|
||||
d9:2b:67:ab:cc:a6:f3:dc:3e:bf:f6:40:32:e3:ca:93:38:6a:
|
||||
8a:ef:90:b8:10:0b:6e:c8:9e:57:1f:60:50:e3:f6:c5:7c:6f:
|
||||
3c:52
|
||||
1d:c5:10:12:04:f4:7e:56:e0:6d:74:26:bb:95:fc:df:32:af:
|
||||
46:75:65:7c:8d:54:e4:db:ee:c8:8b:2f:1f:65:b4:d3:57:5b:
|
||||
38:b1:70:32:36:bf:2f:79:21:14:9d:c7:c1:bc:ca:c4:29:b5:
|
||||
38:58:32:99:e8:01:c0:fa:f3:d5:ad:31:41:fb:c2:15:b6:93:
|
||||
f9:a9:3c:16:f5:6b:55:40:67:c2:d2:31:02:53:b5:de:6f:bd:
|
||||
30:ca:97:18:16:1c:12:0a:3b:84:a3:29:ef:b7:38:7d:fe:19:
|
||||
d1:15:e4:ec:57:09:c4:27:a5:77:4a:ed:a9:f1:17:83:a6:06:
|
||||
2c:9a
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIICfTCCAeagAwIBAgIJANjT46bL48zsMA0GCSqGSIb3DQEBCwUAMC8xCzAJBgNV
|
||||
BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xNzAy
|
||||
MTgxOTM1MjFaFw0xODAyMTgxOTM1MjFaMDUxCzAJBgNVBAYTAkZJMQ4wDAYDVQQK
|
||||
MIICfTCCAeagAwIBAgIJANjT46bL480TMA0GCSqGSIb3DQEBCwUAMC8xCzAJBgNV
|
||||
BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xNzEw
|
||||
MDExNTQyMDRaFw0xODEwMDExNTQyMDRaMDUxCzAJBgNVBAYTAkZJMQ4wDAYDVQQK
|
||||
DAV3MS5maTEWMBQGA1UEAwwNc2VydmVyMy53MS5maTCBnzANBgkqhkiG9w0BAQEF
|
||||
AAOBjQAwgYkCgYEA2/wPoUiHaIbEnnr4GCh3baNYD9u+a9RDQ8S6FzebqP+WonMU
|
||||
ExyuGQ+BVDUQZJTjZGW+mwsW0p6SmHeH4pqZ/B1XDIoNTCEvrmfXY2HrkVtYL61n
|
||||
|
@ -55,8 +55,8 @@ ZmXkgwfKajal5iD2XJkn22PlhtgrfB2QRIEiIXcKAwXD62Nhs0wywIeHOkcCAwEA
|
|||
AaOBmjCBlzAJBgNVHRMEAjAAMB0GA1UdDgQWBBSOmk9NRq1ZrH9MnL5tW9eZY43H
|
||||
cDAfBgNVHSMEGDAWgBS4kt79ihizMMOfVfMzXbTIKYpBFDA1BggrBgEFBQcBAQQp
|
||||
MCcwJQYIKwYBBQUHMAGGGWh0dHA6Ly9zZXJ2ZXIudzEuZmk6ODg4OC8wEwYDVR0l
|
||||
BAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQELBQADgYEAYpOD2vfK3MEL8EDoWSHk
|
||||
7Rb6xf5NjinA97cMxdoyb9wOlQYgSBzQOPSRHMCRbgiL6wSrfiFHvhXPO0jWO5tp
|
||||
vMGOI5YJtR21WI033hKCRMX57MPBnhIMrhGA2Stnq8ym89w+v/ZAMuPKkzhqiu+Q
|
||||
uBALbsieVx9gUOP2xXxvPFI=
|
||||
BAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQELBQADgYEAHcUQEgT0flbgbXQmu5X8
|
||||
3zKvRnVlfI1U5NvuyIsvH2W001dbOLFwMja/L3khFJ3HwbzKxCm1OFgymegBwPrz
|
||||
1a0xQfvCFbaT+ak8FvVrVUBnwtIxAlO13m+9MMqXGBYcEgo7hKMp77c4ff4Z0RXk
|
||||
7FcJxCeld0rtqfEXg6YGLJo=
|
||||
-----END CERTIFICATE-----
|
||||
|
|
11
tests/hwsim/auth_serv/server.csr
Normal file
11
tests/hwsim/auth_serv/server.csr
Normal file
|
@ -0,0 +1,11 @@
|
|||
-----BEGIN CERTIFICATE REQUEST-----
|
||||
MIIBhTCB7wIBADBGMQswCQYDVQQGEwJGSTEQMA4GA1UEBwwHVHV1c3VsYTEOMAwG
|
||||
A1UECgwFdzEuZmkxFTATBgNVBAMMDHNlcnZlci53MS5maTCBnzANBgkqhkiG9w0B
|
||||
AQEFAAOBjQAwgYkCgYEAuqB3VSIUhVVlm2Qsre2b3WUxydpgUM441jTc6LwbnjDn
|
||||
EuNTbMntSAN5gWmYzoq4d0c2Rc/G4PF7HnGJVPcBzCKtoEKxqDWeYKo6mFHQ/x/u
|
||||
vo0KY/uiORfyZGH2ZQIyeXThn9GJZVWpwyCev2lWs/dPP6lUwtqPPK/ydVT6foEC
|
||||
AwEAAaAAMA0GCSqGSIb3DQEBBQUAA4GBAHa+iMFm3en/hRmhLfMCE7n4l9nczk/P
|
||||
sLlxcBIeu3pnEXQsI8SZjG8T5kehyFva7mmqcbpFfDxddXxNsqckBfKDjwLEhH49
|
||||
gpUg6ggYQ1R82IgMEmTdHKyIeTCIvyzPV2Vz1LrGpdCiRMg713zumghsCsn781mN
|
||||
q7p5YSQL5DdY
|
||||
-----END CERTIFICATE REQUEST-----
|
|
@ -1,12 +1,12 @@
|
|||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number: 15624081837803162857 (0xd8d3e3a6cbe3cce9)
|
||||
Serial Number: 15624081837803162898 (0xd8d3e3a6cbe3cd12)
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
Issuer: C=FI, O=w1.fi, CN=Root CA
|
||||
Validity
|
||||
Not Before: Sep 30 18:13:57 2016 GMT
|
||||
Not After : Sep 30 18:13:57 2017 GMT
|
||||
Not Before: Oct 1 15:42:04 2017 GMT
|
||||
Not After : Oct 1 15:42:04 2018 GMT
|
||||
Subject: C=FI, O=w1.fi, CN=server.w1.fi
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
|
@ -38,18 +38,18 @@ Certificate:
|
|||
X509v3 Extended Key Usage:
|
||||
TLS Web Server Authentication
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
24:da:48:be:a8:ae:6e:25:ed:12:bd:f5:a3:32:1f:40:4c:ab:
|
||||
50:87:23:b1:46:45:b0:e5:9b:02:ad:c9:d3:fb:c0:52:78:b5:
|
||||
91:2a:d4:8f:f8:c8:a4:48:b4:66:f7:2e:f1:cf:8c:3a:7a:54:
|
||||
fc:e2:41:a7:af:e3:d1:66:d6:02:d8:93:de:52:b2:c2:6e:d9:
|
||||
7a:bd:8c:ce:e5:dc:3b:0b:7a:f6:fc:a0:4e:9c:64:84:14:3f:
|
||||
9b:24:fc:d0:8f:9c:78:c8:57:0f:32:dd:ed:97:f1:c1:a2:b3:
|
||||
0a:14:9e:c8:35:68:30:1a:10:22:14:66:4a:6b:a4:47:b4:c6:
|
||||
4f:3b
|
||||
49:e5:e2:10:b5:23:63:1e:7f:00:8c:29:21:a4:9e:9b:da:63:
|
||||
d8:f6:54:35:de:c9:fb:b7:94:bd:fa:23:7c:7f:87:cc:d5:72:
|
||||
c0:ad:8f:04:97:cf:da:11:86:6a:a2:1a:a7:6f:bc:a1:8c:e5:
|
||||
27:b8:da:f0:3f:cc:da:8f:d3:12:f3:d2:2d:33:84:e1:be:ee:
|
||||
df:91:4e:9a:d2:f5:a4:6a:f0:ab:85:95:63:ed:a1:c6:9d:eb:
|
||||
ad:09:19:24:2b:f6:4c:b0:c6:e2:9c:66:e6:9f:93:d0:af:ec:
|
||||
da:82:40:ea:c5:80:40:98:a1:87:15:ed:46:6e:ca:49:8c:fb:
|
||||
8b:89
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIClTCCAf6gAwIBAgIJANjT46bL48zpMA0GCSqGSIb3DQEBCwUAMC8xCzAJBgNV
|
||||
BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xNjA5
|
||||
MzAxODEzNTdaFw0xNzA5MzAxODEzNTdaMDQxCzAJBgNVBAYTAkZJMQ4wDAYDVQQK
|
||||
MIIClTCCAf6gAwIBAgIJANjT46bL480SMA0GCSqGSIb3DQEBCwUAMC8xCzAJBgNV
|
||||
BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xNzEw
|
||||
MDExNTQyMDRaFw0xODEwMDExNTQyMDRaMDQxCzAJBgNVBAYTAkZJMQ4wDAYDVQQK
|
||||
DAV3MS5maTEVMBMGA1UEAwwMc2VydmVyLncxLmZpMIGfMA0GCSqGSIb3DQEBAQUA
|
||||
A4GNADCBiQKBgQC6oHdVIhSFVWWbZCyt7ZvdZTHJ2mBQzjjWNNzovBueMOcS41Ns
|
||||
ye1IA3mBaZjOirh3RzZFz8bg8XsecYlU9wHMIq2gQrGoNZ5gqjqYUdD/H+6+jQpj
|
||||
|
@ -58,7 +58,7 @@ o4GzMIGwMAkGA1UdEwQCMAAwHQYDVR0OBBYEFDFPEFxnn75OiNbcxaueEoiGaQJP
|
|||
MB8GA1UdIwQYMBaAFLiS3v2KGLMww59V8zNdtMgpikEUMDUGCCsGAQUFBwEBBCkw
|
||||
JzAlBggrBgEFBQcwAYYZaHR0cDovL3NlcnZlci53MS5maTo4ODg4LzAXBgNVHREE
|
||||
EDAOggxzZXJ2ZXIudzEuZmkwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcN
|
||||
AQELBQADgYEAJNpIvqiubiXtEr31ozIfQEyrUIcjsUZFsOWbAq3J0/vAUni1kSrU
|
||||
j/jIpEi0Zvcu8c+MOnpU/OJBp6/j0WbWAtiT3lKywm7Zer2MzuXcOwt69vygTpxk
|
||||
hBQ/myT80I+ceMhXDzLd7ZfxwaKzChSeyDVoMBoQIhRmSmukR7TGTzs=
|
||||
AQELBQADgYEASeXiELUjYx5/AIwpIaSem9pj2PZUNd7J+7eUvfojfH+HzNVywK2P
|
||||
BJfP2hGGaqIap2+8oYzlJ7ja8D/M2o/TEvPSLTOE4b7u35FOmtL1pGrwq4WVY+2h
|
||||
xp3rrQkZJCv2TLDG4pxm5p+T0K/s2oJA6sWAQJihhxXtRm7KSYz7i4k=
|
||||
-----END CERTIFICATE-----
|
||||
|
|
Binary file not shown.
55
tests/hwsim/auth_serv/test-ca/cacert.pem
Normal file
55
tests/hwsim/auth_serv/test-ca/cacert.pem
Normal file
|
@ -0,0 +1,55 @@
|
|||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number: 15624081837803162817 (0xd8d3e3a6cbe3ccc1)
|
||||
Signature Algorithm: sha1WithRSAEncryption
|
||||
Issuer: C=FI, O=w1.fi, CN=Root CA
|
||||
Validity
|
||||
Not Before: Jun 29 16:41:22 2013 GMT
|
||||
Not After : Jun 27 16:41:22 2023 GMT
|
||||
Subject: C=FI, O=w1.fi, CN=Root CA
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
Public-Key: (1024 bit)
|
||||
Modulus:
|
||||
00:be:1e:86:e4:79:03:c1:d1:94:d5:d4:b3:b1:28:
|
||||
90:76:fb:b8:a6:cd:6d:1c:d1:48:f4:08:9a:67:ff:
|
||||
f9:a6:54:b1:19:29:df:29:1b:cd:f1:6f:66:01:e7:
|
||||
db:79:ce:c0:39:2a:25:13:26:94:0c:2c:7b:5a:2c:
|
||||
81:0f:94:ee:51:d0:75:e6:46:db:17:46:a7:15:8b:
|
||||
0e:57:0f:b0:54:76:63:12:ca:86:18:bc:1a:c3:16:
|
||||
c0:70:09:d6:6b:43:39:b8:98:29:46:ac:cb:6a:ad:
|
||||
38:88:3b:07:dc:81:cd:3a:f6:1d:f6:2f:ef:1d:d7:
|
||||
ae:8a:b6:d1:e7:b3:15:02:b9
|
||||
Exponent: 65537 (0x10001)
|
||||
X509v3 extensions:
|
||||
X509v3 Subject Key Identifier:
|
||||
B8:92:DE:FD:8A:18:B3:30:C3:9F:55:F3:33:5D:B4:C8:29:8A:41:14
|
||||
X509v3 Authority Key Identifier:
|
||||
keyid:B8:92:DE:FD:8A:18:B3:30:C3:9F:55:F3:33:5D:B4:C8:29:8A:41:14
|
||||
|
||||
X509v3 Basic Constraints:
|
||||
CA:TRUE
|
||||
Signature Algorithm: sha1WithRSAEncryption
|
||||
1a:cf:77:60:44:43:c4:55:0e:99:e0:89:aa:b9:d3:7b:32:b7:
|
||||
5c:9c:7c:ca:fe:8c:d4:94:c6:5e:f3:83:19:5f:29:59:68:a4:
|
||||
4f:dc:04:2e:b8:71:c0:6d:3b:ae:01:e4:b9:88:99:cc:ce:82:
|
||||
be:6a:28:c2:ac:6a:94:c6:87:90:ed:85:3c:10:71:c5:ff:3c:
|
||||
70:64:e2:41:62:31:ea:86:7b:11:8c:93:ea:c6:f3:f3:4e:f9:
|
||||
d4:f2:81:90:d7:f4:fa:a1:91:6e:d4:dd:15:3e:26:3b:ac:1e:
|
||||
c3:c2:1f:ed:bb:34:bf:cb:b2:67:c6:c6:51:e8:51:22:b4:f3:
|
||||
92:e8
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIICLDCCAZWgAwIBAgIJANjT46bL48zBMA0GCSqGSIb3DQEBBQUAMC8xCzAJBgNV
|
||||
BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xMzA2
|
||||
MjkxNjQxMjJaFw0yMzA2MjcxNjQxMjJaMC8xCzAJBgNVBAYTAkZJMQ4wDAYDVQQK
|
||||
DAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
|
||||
gYkCgYEAvh6G5HkDwdGU1dSzsSiQdvu4ps1tHNFI9AiaZ//5plSxGSnfKRvN8W9m
|
||||
Aefbec7AOSolEyaUDCx7WiyBD5TuUdB15kbbF0anFYsOVw+wVHZjEsqGGLwawxbA
|
||||
cAnWa0M5uJgpRqzLaq04iDsH3IHNOvYd9i/vHdeuirbR57MVArkCAwEAAaNQME4w
|
||||
HQYDVR0OBBYEFLiS3v2KGLMww59V8zNdtMgpikEUMB8GA1UdIwQYMBaAFLiS3v2K
|
||||
GLMww59V8zNdtMgpikEUMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEA
|
||||
Gs93YERDxFUOmeCJqrnTezK3XJx8yv6M1JTGXvODGV8pWWikT9wELrhxwG07rgHk
|
||||
uYiZzM6CvmoowqxqlMaHkO2FPBBxxf88cGTiQWIx6oZ7EYyT6sbz80751PKBkNf0
|
||||
+qGRbtTdFT4mO6wew8If7bs0v8uyZ8bGUehRIrTzkug=
|
||||
-----END CERTIFICATE-----
|
39
tests/hwsim/auth_serv/test-ca/index.txt
Normal file
39
tests/hwsim/auth_serv/test-ca/index.txt
Normal file
|
@ -0,0 +1,39 @@
|
|||
V 181001144953Z D8D3E3A6CBE3CCEF unknown /C=FI/O=w1.fi/CN=server.w1.fi
|
||||
V 181001145631Z D8D3E3A6CBE3CCF1 unknown /C=FI/O=w1.fi/CN=server.w1.fi
|
||||
V 181001145633Z D8D3E3A6CBE3CCF2 unknown /C=FI/O=w1.fi/CN=server.w1.fi
|
||||
V 181001145742Z D8D3E3A6CBE3CCF3 unknown /C=FI/O=w1.fi/CN=server.w1.fi
|
||||
V 181001145742Z D8D3E3A6CBE3CCF4 unknown /C=FI/O=w1.fi/CN=Test User
|
||||
V 181001150518Z D8D3E3A6CBE3CCF5 unknown /C=FI/O=w1.fi/CN=server.w1.fi
|
||||
V 181001150546Z D8D3E3A6CBE3CCF6 unknown /C=FI/O=w1.fi/CN=Test User
|
||||
V 181001151024Z D8D3E3A6CBE3CCF7 unknown /C=FI/O=w1.fi/CN=server.w1.fi
|
||||
V 181001151024Z D8D3E3A6CBE3CCF8 unknown /C=FI/O=w1.fi/CN=Test User
|
||||
V 181001151254Z D8D3E3A6CBE3CCF9 unknown /C=FI/O=w1.fi/CN=server.w1.fi
|
||||
V 181001151254Z D8D3E3A6CBE3CCFA unknown /C=FI/O=w1.fi/CN=server3.w1.fi
|
||||
V 181001151254Z D8D3E3A6CBE3CCFB unknown /C=FI/O=w1.fi/CN=server5.w1.fi
|
||||
V 181001151254Z D8D3E3A6CBE3CCFC unknown /C=FI/O=w1.fi/CN=server6.w1.fi
|
||||
V 181001151254Z D8D3E3A6CBE3CCFD unknown /C=FI/O=w1.fi/CN=Test User
|
||||
V 181001152159Z D8D3E3A6CBE3CCFE unknown /C=FI/O=w1.fi/CN=server.w1.fi
|
||||
V 181001152159Z D8D3E3A6CBE3CCFF unknown /C=FI/O=w1.fi/CN=server3.w1.fi
|
||||
V 181001152159Z D8D3E3A6CBE3CD00 unknown /C=FI/O=w1.fi/CN=server5.w1.fi
|
||||
V 181001152159Z D8D3E3A6CBE3CD01 unknown /C=FI/O=w1.fi/CN=server6.w1.fi
|
||||
V 181001152159Z D8D3E3A6CBE3CD02 unknown /C=FI/O=w1.fi/CN=Test User
|
||||
V 181001152221Z D8D3E3A6CBE3CD03 unknown /C=FI/O=w1.fi/CN=server.w1.fi
|
||||
V 181001152221Z D8D3E3A6CBE3CD04 unknown /C=FI/O=w1.fi/CN=server3.w1.fi
|
||||
V 181001152221Z D8D3E3A6CBE3CD05 unknown /C=FI/O=w1.fi/CN=server5.w1.fi
|
||||
V 181001152221Z D8D3E3A6CBE3CD06 unknown /C=FI/O=w1.fi/CN=server6.w1.fi
|
||||
V 181001152221Z D8D3E3A6CBE3CD07 unknown /C=FI/O=w1.fi/CN=Test User
|
||||
V 181001152519Z D8D3E3A6CBE3CD08 unknown /C=FI/O=w1.fi/CN=server.w1.fi
|
||||
V 181001152519Z D8D3E3A6CBE3CD09 unknown /C=FI/O=w1.fi/CN=server3.w1.fi
|
||||
V 181001152519Z D8D3E3A6CBE3CD0A unknown /C=FI/O=w1.fi/CN=server5.w1.fi
|
||||
V 181001152519Z D8D3E3A6CBE3CD0B unknown /C=FI/O=w1.fi/CN=server6.w1.fi
|
||||
V 181001152519Z D8D3E3A6CBE3CD0C unknown /C=FI/O=w1.fi/CN=Test User
|
||||
V 181001152815Z D8D3E3A6CBE3CD0D unknown /C=FI/O=w1.fi/CN=server.w1.fi
|
||||
V 181001152815Z D8D3E3A6CBE3CD0E unknown /C=FI/O=w1.fi/CN=server3.w1.fi
|
||||
V 181001152815Z D8D3E3A6CBE3CD0F unknown /C=FI/O=w1.fi/CN=server5.w1.fi
|
||||
V 181001152815Z D8D3E3A6CBE3CD10 unknown /C=FI/O=w1.fi/CN=server6.w1.fi
|
||||
V 181001152815Z D8D3E3A6CBE3CD11 unknown /C=FI/O=w1.fi/CN=Test User
|
||||
V 181001154204Z D8D3E3A6CBE3CD12 unknown /C=FI/O=w1.fi/CN=server.w1.fi
|
||||
V 181001154204Z D8D3E3A6CBE3CD13 unknown /C=FI/O=w1.fi/CN=server3.w1.fi
|
||||
V 181001154204Z D8D3E3A6CBE3CD14 unknown /C=FI/O=w1.fi/CN=server5.w1.fi
|
||||
V 181001154204Z D8D3E3A6CBE3CD15 unknown /C=FI/O=w1.fi/CN=server6.w1.fi
|
||||
V 181001154204Z D8D3E3A6CBE3CD16 unknown /C=FI/O=w1.fi/CN=Test User
|
1
tests/hwsim/auth_serv/test-ca/index.txt.attr
Normal file
1
tests/hwsim/auth_serv/test-ca/index.txt.attr
Normal file
|
@ -0,0 +1 @@
|
|||
unique_subject = no
|
15
tests/hwsim/auth_serv/test-ca/private/cakey.pem
Normal file
15
tests/hwsim/auth_serv/test-ca/private/cakey.pem
Normal file
|
@ -0,0 +1,15 @@
|
|||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIICXAIBAAKBgQC+HobkeQPB0ZTV1LOxKJB2+7imzW0c0Uj0CJpn//mmVLEZKd8p
|
||||
G83xb2YB59t5zsA5KiUTJpQMLHtaLIEPlO5R0HXmRtsXRqcViw5XD7BUdmMSyoYY
|
||||
vBrDFsBwCdZrQzm4mClGrMtqrTiIOwfcgc069h32L+8d166KttHnsxUCuQIDAQAB
|
||||
AoGAEPKDr8Yh0ZsvG0iUpAwrpI+XzDavrUvypt5FdVPaGzudddLHs9BosUbu3uie
|
||||
JeOKOw5Is8ZSmCs267jf4FW0UKtgpnHGK2H0ba0iramzz07oK48V4y7C7nS3eJr/
|
||||
Oen6H9BW4DNXreFZ5yTRFOiQ4eD1pHqR/M/bBieDfRjakgECQQDfgiYYInio4TmM
|
||||
9q/h1q5T1bGgajz5U4GInd0K2diNqVoGhSTAyRRGauH+68tPQuX7WCM1VE/lZfZL
|
||||
4/dlOaRhAkEA2cHNkrFh4CAlXgtCub+psmT032AIFDEpNNT0K22XIE8savYNqs8w
|
||||
aGPurrwGQflxCB19boiaKEcW5FQDkff9WQJAbUznNiw9V1D05OOKNWXX0HWTLMBn
|
||||
WwIkOVwByZmo1fX4aXHY/FIZESqZpCFJRlSPxS9f4Gd/vs3y+T/dLupWYQJAJDGX
|
||||
RrOfDg6px1jdzVvzC8jF/r7KePi23aYrs3Ayt1cRjfG50dNAO4moqXhtHdglFnE4
|
||||
YP/ph5pRTsA8G635eQJBAKbh0zB4HqFI2PmnKsShFBPNkK5x17nAZlYNJf2Ip4Ii
|
||||
2Gjxyx4H0iBVgFYLsLB6hRBkOPpx6Jl8mJXOtFXb8lE=
|
||||
-----END RSA PRIVATE KEY-----
|
1
tests/hwsim/auth_serv/test-ca/serial
Normal file
1
tests/hwsim/auth_serv/test-ca/serial
Normal file
|
@ -0,0 +1 @@
|
|||
D8D3E3A6CBE3CD17
|
74
tests/hwsim/auth_serv/update.sh
Executable file
74
tests/hwsim/auth_serv/update.sh
Executable file
|
@ -0,0 +1,74 @@
|
|||
#!/bin/sh
|
||||
|
||||
OPENSSL=openssl
|
||||
|
||||
mkdir -p test-ca/newcerts
|
||||
|
||||
echo
|
||||
echo "---[ Update server certificates ]---------------------------------------"
|
||||
echo
|
||||
|
||||
cat openssl2.cnf |
|
||||
sed "s/#@CN@/commonName_default = server.w1.fi/" |
|
||||
sed "s/#@ALTNAME@/subjectAltName=DNS:server.w1.fi/" \
|
||||
> openssl.cnf.tmp
|
||||
$OPENSSL ca -config $PWD/openssl.cnf.tmp -batch -in server.csr -out server.pem -extensions ext_server
|
||||
|
||||
$OPENSSL pkcs12 -export -out server.pkcs12 -in server.pem -inkey server.key -passout pass:
|
||||
$OPENSSL pkcs12 -export -out server-extra.pkcs12 -in server.pem -inkey server.key -descert -certfile user.pem -passout pass:whatever -name server
|
||||
|
||||
cat openssl2.cnf |
|
||||
sed "s/#@CN@/commonName_default = server3.w1.fi/" \
|
||||
> openssl.cnf.tmp
|
||||
$OPENSSL ca -config $PWD/openssl.cnf.tmp -batch -in server-no-dnsname.csr -out server-no-dnsname.pem -extensions ext_server
|
||||
|
||||
cat openssl2.cnf |
|
||||
sed "s/#@CN@/commonName_default = server5.w1.fi/" \
|
||||
> openssl.cnf.tmp
|
||||
$OPENSSL ca -config $PWD/openssl.cnf.tmp -batch -in server-eku-client.csr -out server-eku-client.pem -extensions ext_client
|
||||
|
||||
cat openssl2.cnf |
|
||||
sed "s/#@CN@/commonName_default = server6.w1.fi/" \
|
||||
> openssl.cnf.tmp
|
||||
$OPENSSL ca -config $PWD/openssl.cnf.tmp -batch -in server-eku-client-server.csr -out server-eku-client-server.pem -extensions ext_client_server
|
||||
|
||||
echo
|
||||
echo "---[ Update user certificates ]-----------------------------------------"
|
||||
echo
|
||||
|
||||
cat openssl2.cnf | sed "s/#@CN@/commonName_default = User/" > openssl.cnf.tmp
|
||||
$OPENSSL ca -config $PWD/openssl.cnf.tmp -batch -in user.csr -out user.pem -extensions ext_client
|
||||
rm openssl.cnf.tmp
|
||||
|
||||
$OPENSSL pkcs12 -export -out user.pkcs12 -in user.pem -inkey user.key -descert -passout pass:whatever
|
||||
$OPENSSL pkcs12 -export -out user2.pkcs12 -in user.pem -inkey user.key -descert -name Test -certfile server.pem -passout pass:whatever
|
||||
$OPENSSL pkcs12 -export -out user3.pkcs12 -in user.pem -inkey user.key -descert -name "my certificates" -certfile ca.pem -passout pass:whatever
|
||||
|
||||
echo
|
||||
echo "---[ Update OCSP ]------------------------------------------------------"
|
||||
echo
|
||||
|
||||
$OPENSSL ocsp -CAfile test-ca/cacert.pem -issuer test-ca/cacert.pem -cert server.pem -reqout ocsp-req.der -no_nonce
|
||||
$OPENSSL ocsp -index test-ca/index.txt -rsigner test-ca/cacert.pem -rkey test-ca/private/cakey.pem -CA test-ca/cacert.pem -resp_no_certs -reqin ocsp-req.der -respout ocsp-server-cache.der
|
||||
|
||||
echo
|
||||
echo "---[ Additional steps ]-------------------------------------------------"
|
||||
echo
|
||||
|
||||
echo "test_ap_eap.py: ap_wpa2_eap_ttls_server_cert_hash srv_cert_hash"
|
||||
|
||||
$OPENSSL x509 -in server.pem -out server.der -outform DER
|
||||
HASH=`sha256sum server.der | cut -f1 -d' '`
|
||||
rm server.der
|
||||
sed -i "s/srv_cert_hash =.*/srv_cert_hash = \"$HASH\"/" ../test_ap_eap.py
|
||||
|
||||
echo "index.txt: server time+serial"
|
||||
|
||||
grep -v CN=server.w1.fi index.txt > index.txt.new
|
||||
grep CN=server.w1.fi test-ca/index.txt | tail -1 >> index.txt.new
|
||||
mv index.txt.new index.txt
|
||||
|
||||
echo "start.sh: openssl ocsp -reqout serial"
|
||||
|
||||
SERIAL=`grep CN=server.w1.fi test-ca/index.txt | tail -1 | cut -f4`
|
||||
sed -i "s/serial 0x[^ ]* -no_nonce/serial 0x$SERIAL -no_nonce/" ../start.sh
|
11
tests/hwsim/auth_serv/user.csr
Normal file
11
tests/hwsim/auth_serv/user.csr
Normal file
|
@ -0,0 +1,11 @@
|
|||
-----BEGIN CERTIFICATE REQUEST-----
|
||||
MIIBgjCB7AIBADBDMQswCQYDVQQGEwJGSTEQMA4GA1UEBwwHVHV1c3VsYTEOMAwG
|
||||
A1UECgwFdzEuZmkxEjAQBgNVBAMMCVRlc3QgVXNlcjCBnzANBgkqhkiG9w0BAQEF
|
||||
AAOBjQAwgYkCgYEAppYumyKM35S+i4lJ9nh2omB+FJXzlv6rGSUDNGR0AT6on3zx
|
||||
R2FgTIKSKHwroA7Lh79Z69fzYSI7FPOrMfZalR+4ergsPKlhU3ib6D5Q7MLWROdD
|
||||
zbw+TudG/pKew5gPKVjIy4kBdUfplVcPdsUvBV7HHg3yPBJjXblUGa9/QGsCAwEA
|
||||
AaAAMA0GCSqGSIb3DQEBCwUAA4GBACZXujbQL1Y5fOWK2pRyckyk92NAwgPXWqo7
|
||||
8d9FF2bIDBfautK2GYd74SDdUOzjNjGLoEO9tIhB3jWQp8qaC/HiWwbDGd6Ugo8g
|
||||
WnuLTf2vfL67IdVzG26IAdflrEF4XX3HjuHJO1NxtXKw/u5hm6qiJAu9tkA+2zEM
|
||||
bbG4Bg/+
|
||||
-----END CERTIFICATE REQUEST-----
|
|
@ -1,12 +1,12 @@
|
|||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number: 15624081837803162859 (0xd8d3e3a6cbe3cceb)
|
||||
Serial Number: 15624081837803162902 (0xd8d3e3a6cbe3cd16)
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
Issuer: C=FI, O=w1.fi, CN=Root CA
|
||||
Validity
|
||||
Not Before: Sep 30 18:20:27 2016 GMT
|
||||
Not After : Sep 30 18:20:27 2017 GMT
|
||||
Not Before: Oct 1 15:42:04 2017 GMT
|
||||
Not After : Oct 1 15:42:04 2018 GMT
|
||||
Subject: C=FI, O=w1.fi, CN=Test User
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
|
@ -36,18 +36,18 @@ Certificate:
|
|||
X509v3 Extended Key Usage:
|
||||
TLS Web Client Authentication
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
47:2e:3d:23:86:d0:3e:fb:b5:7f:d6:32:6b:12:fb:7c:76:78:
|
||||
ec:82:db:ab:fa:5e:0f:1d:97:36:f9:de:b3:cb:fd:08:9e:d5:
|
||||
cd:3d:97:78:c5:00:ce:78:f1:39:3b:84:c9:d0:e6:17:58:ed:
|
||||
ac:e2:d2:a8:7a:fd:b9:19:a4:1c:57:08:17:8c:7f:70:88:82:
|
||||
d5:89:0f:1e:18:22:6d:62:69:4c:12:92:32:bc:cc:1b:a0:05:
|
||||
bc:af:7f:53:a9:dc:a9:55:48:e0:28:34:3e:60:3f:82:16:ac:
|
||||
70:a1:01:e7:75:cf:a0:72:ad:39:ad:52:65:a8:64:fa:7f:11:
|
||||
f2:f5
|
||||
bc:cf:10:42:b7:13:7f:1b:59:89:a7:27:2b:de:71:26:cc:2d:
|
||||
59:bb:c8:12:dd:56:7a:88:14:e1:b5:09:6e:f9:64:72:96:56:
|
||||
ed:2f:f9:00:e7:08:9c:8b:5c:fe:cf:a2:9d:bd:48:80:95:41:
|
||||
e4:3e:ce:75:4a:41:a6:49:77:e1:48:0b:29:dd:ee:d1:f3:68:
|
||||
7c:94:7c:95:2a:7f:d5:a9:a5:a6:a4:b2:9b:8e:70:ec:05:3d:
|
||||
46:62:37:dc:ea:71:ae:32:0e:a5:ed:77:26:d4:e0:b5:0f:bd:
|
||||
d5:8f:6a:99:65:75:58:57:31:02:78:d5:e5:b0:ae:68:af:d5:
|
||||
0d:92
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIICeTCCAeKgAwIBAgIJANjT46bL48zrMA0GCSqGSIb3DQEBCwUAMC8xCzAJBgNV
|
||||
BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xNjA5
|
||||
MzAxODIwMjdaFw0xNzA5MzAxODIwMjdaMDExCzAJBgNVBAYTAkZJMQ4wDAYDVQQK
|
||||
MIICeTCCAeKgAwIBAgIJANjT46bL480WMA0GCSqGSIb3DQEBCwUAMC8xCzAJBgNV
|
||||
BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xNzEw
|
||||
MDExNTQyMDRaFw0xODEwMDExNTQyMDRaMDExCzAJBgNVBAYTAkZJMQ4wDAYDVQQK
|
||||
DAV3MS5maTESMBAGA1UEAwwJVGVzdCBVc2VyMIGfMA0GCSqGSIb3DQEBAQUAA4GN
|
||||
ADCBiQKBgQCmli6bIozflL6LiUn2eHaiYH4UlfOW/qsZJQM0ZHQBPqiffPFHYWBM
|
||||
gpIofCugDsuHv1nr1/NhIjsU86sx9lqVH7h6uCw8qWFTeJvoPlDswtZE50PNvD5O
|
||||
|
@ -55,8 +55,8 @@ gpIofCugDsuHv1nr1/NhIjsU86sx9lqVH7h6uCw8qWFTeJvoPlDswtZE50PNvD5O
|
|||
MIGXMAkGA1UdEwQCMAAwHQYDVR0OBBYEFIHe3+laABrKZ9YG3WWyTsWaBEN9MB8G
|
||||
A1UdIwQYMBaAFLiS3v2KGLMww59V8zNdtMgpikEUMDUGCCsGAQUFBwEBBCkwJzAl
|
||||
BggrBgEFBQcwAYYZaHR0cDovL3NlcnZlci53MS5maTo4ODg4LzATBgNVHSUEDDAK
|
||||
BggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOBgQBHLj0jhtA++7V/1jJrEvt8dnjs
|
||||
gtur+l4PHZc2+d6zy/0IntXNPZd4xQDOePE5O4TJ0OYXWO2s4tKoev25GaQcVwgX
|
||||
jH9wiILViQ8eGCJtYmlMEpIyvMwboAW8r39TqdypVUjgKDQ+YD+CFqxwoQHndc+g
|
||||
cq05rVJlqGT6fxHy9Q==
|
||||
BggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOBgQC8zxBCtxN/G1mJpycr3nEmzC1Z
|
||||
u8gS3VZ6iBThtQlu+WRyllbtL/kA5wici1z+z6KdvUiAlUHkPs51SkGmSXfhSAsp
|
||||
3e7R82h8lHyVKn/VqaWmpLKbjnDsBT1GYjfc6nGuMg6l7Xcm1OC1D73Vj2qZZXVY
|
||||
VzECeNXlsK5or9UNkg==
|
||||
-----END CERTIFICATE-----
|
||||
|
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -165,7 +165,7 @@ for i in unknown revoked; do
|
|||
done
|
||||
|
||||
openssl ocsp -reqout $LOGDIR/ocsp-req.der -issuer $DIR/auth_serv/ca.pem \
|
||||
-serial 0xD8D3E3A6CBE3CCE9 -no_nonce -sha256 >> $LOGDIR/ocsp.log 2>&1
|
||||
-serial 0xD8D3E3A6CBE3CD12 -no_nonce -sha256 >> $LOGDIR/ocsp.log 2>&1
|
||||
for i in "" "-unknown" "-revoked"; do
|
||||
openssl ocsp -index $DIR/auth_serv/index$i.txt \
|
||||
-rsigner $DIR/auth_serv/ca.pem \
|
||||
|
|
|
@ -2507,7 +2507,7 @@ def test_ap_wpa2_eap_ttls_server_cert_hash(dev, apdev):
|
|||
"""WPA2-Enterprise connection using EAP-TTLS and server certificate hash"""
|
||||
check_cert_probe_support(dev[0])
|
||||
skip_with_fips(dev[0])
|
||||
srv_cert_hash = "bdb9cb55d3df278e52a071abf58e7f0238fbec3ad8fb2c254742f63562628272"
|
||||
srv_cert_hash = "53728dde442d4adc27cb10a847234a4315590f0b36786353023c3b0f2e9fdf49"
|
||||
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
|
||||
hapd = hostapd.add_ap(apdev[0], params)
|
||||
dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TTLS",
|
||||
|
|
Loading…
Reference in a new issue