tests: Server certificate with both client and server EKU
Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
1221639d45
commit
14bef66d66
3 changed files with 89 additions and 0 deletions
16
tests/hwsim/auth_serv/server-eku-client-server.key
Normal file
16
tests/hwsim/auth_serv/server-eku-client-server.key
Normal file
|
@ -0,0 +1,16 @@
|
|||
-----BEGIN PRIVATE KEY-----
|
||||
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAMowHv0TagIoUZoO
|
||||
qR5yfudayMsMfoqZgY0FswmwqYbnrkT64Mfu8xi0MWXjBW9mTuPkhYGbR39ftRYr
|
||||
sFmRnMVV09PKLIHO8CeoVN4OT9jwEb0LEFY4Jt+pOpUVk6YW7dIetLXAqGGOrhAE
|
||||
/eYmykoNkEu5rMmU8rFrl2tgJOq9AgMBAAECgYAdONdBvIyVwz4IBhZrUCEHTxe2
|
||||
QRgI8CbJOwmlXOMjnFiTn67dNqvr5h89mpIuh5rfVSf2k3rB7hM+IRJb36/Ik7qg
|
||||
GdktPSEIK/ktUcfofVLaLn+ehG7vXhkkB6juBR7jaXDZRBPvFM+TCtirlaZ5sQ0u
|
||||
TbSw7m9NcFD2APxgAQJBAPIoCxZCJGpMvh+5ta8EJQVQKhJeMWmDlUQvscKTauWb
|
||||
aTz0z+OMBGpZH7DWCTww4+/3fjqZt/TURuPSh0ZcACUCQQDVvyPTO3h3R5fig/zV
|
||||
NV8E0/dCYH6kwsFk0AUIRbMHdaN3sEHWszKG9nTNyPyHhDo8i9jguSjkb9MwdgR7
|
||||
BJC5AkBB6/bAs3bYXVXwqwyzvWwamy0o3O2UrNaIvnck4h7arMkkZ/zkFCzriqGe
|
||||
8VWIRkL3A6ggadJzWwqFYL2kwMzlAkEAhfEdFgUyXCy09PEYwtKLFI9vZlzpf327
|
||||
it0ACksDAS2qnhoJZ+0rQH+4eiv0c0dc5wwLf+cHxP5+LOQHsr8NoQJAcsRe+KyX
|
||||
G0TLKZg/J5E+zJMH6M19BZ4BC32UIMTJWe1xzp+9XrCWflagRJMJ+DOWtHzu/Opo
|
||||
Ty4OiT0uZUxcMw==
|
||||
-----END PRIVATE KEY-----
|
62
tests/hwsim/auth_serv/server-eku-client-server.pem
Normal file
62
tests/hwsim/auth_serv/server-eku-client-server.pem
Normal file
|
@ -0,0 +1,62 @@
|
|||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number: 15624081837803162828 (0xd8d3e3a6cbe3cccc)
|
||||
Signature Algorithm: sha1WithRSAEncryption
|
||||
Issuer: C=FI, O=w1.fi, CN=Root CA
|
||||
Validity
|
||||
Not Before: Feb 28 22:41:44 2014 GMT
|
||||
Not After : Feb 28 22:41:44 2015 GMT
|
||||
Subject: C=FI, O=w1.fi, CN=server6.w1.fi
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
Public-Key: (1024 bit)
|
||||
Modulus:
|
||||
00:ca:30:1e:fd:13:6a:02:28:51:9a:0e:a9:1e:72:
|
||||
7e:e7:5a:c8:cb:0c:7e:8a:99:81:8d:05:b3:09:b0:
|
||||
a9:86:e7:ae:44:fa:e0:c7:ee:f3:18:b4:31:65:e3:
|
||||
05:6f:66:4e:e3:e4:85:81:9b:47:7f:5f:b5:16:2b:
|
||||
b0:59:91:9c:c5:55:d3:d3:ca:2c:81:ce:f0:27:a8:
|
||||
54:de:0e:4f:d8:f0:11:bd:0b:10:56:38:26:df:a9:
|
||||
3a:95:15:93:a6:16:ed:d2:1e:b4:b5:c0:a8:61:8e:
|
||||
ae:10:04:fd:e6:26:ca:4a:0d:90:4b:b9:ac:c9:94:
|
||||
f2:b1:6b:97:6b:60:24:ea:bd
|
||||
Exponent: 65537 (0x10001)
|
||||
X509v3 extensions:
|
||||
X509v3 Basic Constraints:
|
||||
CA:FALSE
|
||||
X509v3 Subject Key Identifier:
|
||||
C7:C6:EF:F5:61:D2:A0:08:81:6A:6B:44:2C:F5:72:F7:DA:DE:5B:B9
|
||||
X509v3 Authority Key Identifier:
|
||||
keyid:B8:92:DE:FD:8A:18:B3:30:C3:9F:55:F3:33:5D:B4:C8:29:8A:41:14
|
||||
|
||||
Authority Information Access:
|
||||
OCSP - URI:http://server.w1.fi:8888/
|
||||
|
||||
X509v3 Extended Key Usage:
|
||||
TLS Web Client Authentication, TLS Web Server Authentication
|
||||
Signature Algorithm: sha1WithRSAEncryption
|
||||
64:52:09:25:e9:ce:db:1f:fa:81:aa:8a:ed:7e:f7:db:1e:27:
|
||||
de:a7:41:b3:ab:73:e3:bc:b7:24:ed:5f:a6:88:5b:c8:16:1a:
|
||||
f9:60:93:0b:d2:3f:5f:ce:3c:8c:50:53:8e:30:ae:0a:f8:0a:
|
||||
53:74:d7:37:47:55:81:7d:75:c7:a2:e2:ff:82:bd:55:67:3d:
|
||||
dd:e3:ca:d6:ef:33:63:2d:f4:65:4f:a2:8c:d5:f1:ac:af:ce:
|
||||
02:83:91:37:cc:7c:55:7a:81:9c:c9:46:9e:9c:e6:ce:d5:35:
|
||||
6c:f7:2e:08:05:c3:ca:c7:25:8c:e0:ba:4e:4c:fc:d3:a2:5a:
|
||||
57:0e
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIChzCCAfCgAwIBAgIJANjT46bL48zMMA0GCSqGSIb3DQEBBQUAMC8xCzAJBgNV
|
||||
BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xNDAy
|
||||
MjgyMjQxNDRaFw0xNTAyMjgyMjQxNDRaMDUxCzAJBgNVBAYTAkZJMQ4wDAYDVQQK
|
||||
DAV3MS5maTEWMBQGA1UEAwwNc2VydmVyNi53MS5maTCBnzANBgkqhkiG9w0BAQEF
|
||||
AAOBjQAwgYkCgYEAyjAe/RNqAihRmg6pHnJ+51rIywx+ipmBjQWzCbCphueuRPrg
|
||||
x+7zGLQxZeMFb2ZO4+SFgZtHf1+1FiuwWZGcxVXT08osgc7wJ6hU3g5P2PARvQsQ
|
||||
Vjgm36k6lRWTphbt0h60tcCoYY6uEAT95ibKSg2QS7msyZTysWuXa2Ak6r0CAwEA
|
||||
AaOBpDCBoTAJBgNVHRMEAjAAMB0GA1UdDgQWBBTHxu/1YdKgCIFqa0Qs9XL32t5b
|
||||
uTAfBgNVHSMEGDAWgBS4kt79ihizMMOfVfMzXbTIKYpBFDA1BggrBgEFBQcBAQQp
|
||||
MCcwJQYIKwYBBQUHMAGGGWh0dHA6Ly9zZXJ2ZXIudzEuZmk6ODg4OC8wHQYDVR0l
|
||||
BBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMA0GCSqGSIb3DQEBBQUAA4GBAGRSCSXp
|
||||
ztsf+oGqiu1+99seJ96nQbOrc+O8tyTtX6aIW8gWGvlgkwvSP1/OPIxQU44wrgr4
|
||||
ClN01zdHVYF9dcei4v+CvVVnPd3jytbvM2Mt9GVPoozV8ayvzgKDkTfMfFV6gZzJ
|
||||
Rp6c5s7VNWz3LggFw8rHJYzguk5M/NOiWlcO
|
||||
-----END CERTIFICATE-----
|
|
@ -959,6 +959,17 @@ def test_ap_wpa2_eap_ttls_server_cert_eku_client(dev, apdev):
|
|||
if ev is None:
|
||||
raise Exception("Timeout on EAP failure report")
|
||||
|
||||
def test_ap_wpa2_eap_ttls_server_cert_eku_client_server(dev, apdev):
|
||||
"""WPA2-Enterprise using EAP-TTLS and server cert with client and server EKU"""
|
||||
params = int_eap_server_params()
|
||||
params["server_cert"] = "auth_serv/server-eku-client-server.pem"
|
||||
params["private_key"] = "auth_serv/server-eku-client-server.key"
|
||||
hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TTLS",
|
||||
identity="mschap user", password="password",
|
||||
ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAP",
|
||||
scan_freq="2412")
|
||||
|
||||
def test_ap_wpa2_eap_ttls_dh_params(dev, apdev):
|
||||
"""WPA2-Enterprise connection using EAP-TTLS/CHAP and setting DH params"""
|
||||
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
|
||||
|
|
Loading…
Reference in a new issue