From d6ba709aa38064b56b2f593a106bf85ed80847c4 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Mon, 30 Nov 2015 00:39:38 +0200 Subject: [PATCH] tests: EAP-TLS with SHA512/SHA384 signature Signed-off-by: Jouni Malinen --- tests/hwsim/auth_serv/ec-ca-openssl.cnf | 2 +- tests/hwsim/auth_serv/sha384-server.key | 40 +++++++++++ tests/hwsim/auth_serv/sha384-server.pem | 115 +++++++++++++++++++++++++++++ tests/hwsim/auth_serv/sha384-user.key | 38 ++++++++++ tests/hwsim/auth_serv/sha384-user.pem | 113 +++++++++++++++++++++++++++++ tests/hwsim/auth_serv/sha512-ca.key | 52 ++++++++++++++ tests/hwsim/auth_serv/sha512-ca.pem | 32 +++++++++ tests/hwsim/auth_serv/sha512-generate.sh | 75 +++++++++++++++++++ tests/hwsim/auth_serv/sha512-server.key | 45 ++++++++++++ tests/hwsim/auth_serv/sha512-server.pem | 120 +++++++++++++++++++++++++++++++ tests/hwsim/auth_serv/sha512-user.key | 44 ++++++++++++ tests/hwsim/auth_serv/sha512-user.pem | 119 ++++++++++++++++++++++++++++++ tests/hwsim/test_ap_eap.py | 42 +++++++++++ 13 files changed, 836 insertions(+), 1 deletion(-) create mode 100644 tests/hwsim/auth_serv/sha384-server.key create mode 100644 tests/hwsim/auth_serv/sha384-server.pem create mode 100644 tests/hwsim/auth_serv/sha384-user.key create mode 100644 tests/hwsim/auth_serv/sha384-user.pem create mode 100644 tests/hwsim/auth_serv/sha512-ca.key create mode 100644 tests/hwsim/auth_serv/sha512-ca.pem create mode 100755 tests/hwsim/auth_serv/sha512-generate.sh create mode 100644 tests/hwsim/auth_serv/sha512-server.key create mode 100644 tests/hwsim/auth_serv/sha512-server.pem create mode 100644 tests/hwsim/auth_serv/sha512-user.key create mode 100644 tests/hwsim/auth_serv/sha512-user.pem diff --git a/tests/hwsim/auth_serv/ec-ca-openssl.cnf b/tests/hwsim/auth_serv/ec-ca-openssl.cnf index c803dd3..23467b6 100644 --- a/tests/hwsim/auth_serv/ec-ca-openssl.cnf +++ b/tests/hwsim/auth_serv/ec-ca-openssl.cnf @@ -31,7 +31,7 @@ cert_opt = ca_default copy_extensions = copy -default_days = 365 +default_days = 3650 default_crl_days= 30 default_md = default preserve = no diff --git a/tests/hwsim/auth_serv/sha384-server.key b/tests/hwsim/auth_serv/sha384-server.key new file mode 100644 index 0000000..10ff145 --- /dev/null +++ b/tests/hwsim/auth_serv/sha384-server.key @@ -0,0 +1,40 @@ +-----BEGIN PRIVATE KEY----- +MIIG/gIBADANBgkqhkiG9w0BAQEFAASCBugwggbkAgEAAoIBgQDm91jBTdZzl79p +4ZPklcK5EoOMvj3++QdZ+7pFKmDFHX8qqfk6HXz4fkFXMYokV2pFvRh+i+wvbAPc +OLI6cxSSSz02yspRkcN1hDlERfjIrMrJq5M5GgoT1F2zQ0Wc+inXDetgIG1QOb+q +oQR3mxMCQLphohv8n2JkW6+Lmdt9zsx9tOQWjFSB3YFdcb4yhGP5sJ4n8EanpNdR +k0NbdKffehDDxXUtb4O1U6i/H1NFA0/l/oN0IuhwXkdkv8ikdpPke+FqCp8H6CZM +vZrC3ItJpIm+k/eXIyAvW4hag/75GfGeV7b4MnVegcylWtacFpaDRsklfAStMXd5 +EOiC4cmANIYupoZwfiSadthk9BbBqzRAcpvFljgFeUeR5N8St4B1noPwatoMuMzh +WG28Iv/hNr8Rj/vzWznO0xp3lPckZPVHzrl08U1QSH9j6SqsmGMY1Y4riRGzNkUf +o7eV9GB8kKp6oWM6TCuyRbMhS0LB/TNH3682oBJMEftK5HBiTf8CAwEAAQKCAYEA +txfjyzGaTH5CZnxFklLKT46GrF7vpJ3jnwi37DahCgHNGpQuF0zjEdZ8k9OY0CBg +BbLWpRLlA97b3IsxdrZd2287sqDl6+3ihdlw0Fer1eFszJxwFDc5P+j88qvkloGW +A35sVgK+xXdSIsCMWwia9BE970Hkb8ol5KruKXupjT0PzKNGoT1TjLN85wfRIBjl +bD3/0mdei21Yp7lXDzwWDEmm2ptAvekF/wu33PLHPxFWGFw/9yPpIZMLg6mpM/8u +0lWjpuTuQZLAVU0yKag5mhRa9rwCqslxDZzNXYA7hUO57hT+diO1U447cdAEYzpF +XUZrPBHUOlaRNd2f2INFAX3W0SraSTp3IX2KBd3daU2aSN6y4DMO4I9wJwJV4vrC +1rnJB+e9DnBNUezhgpiDOE0+vOprrqGtXsdULgFuPd47b2eU4WWvFHeeKuMBgrRg +iRSgaxButfFIryRhCYA88cXFG0qO3qNUPMmDTCRjS1S6rhQeP8dxN6kcJc+o/+Ep +AoHBAP95nPrypMNYJAlQtlgYMbxyMRLz7HXLN/TklEtPMNsjK8LHIIa3v3uv8gbk +1VmXc8oQa4NB8cu9CtX98fSwvbiuwXjhxFe0mMlg4QdkbCQYXj3CeDsE5PNO3aXK +oIF1WzJZYN+KV/NgyCIP/hAgBBmDFcfgovJb3YvMGmC3/2MmP3+1tgsLabPXoJSZ +Uqc7c5m9Tlm7NP8LAi/zRjFOD+b3BDIH8e8ADV02uAYe0fyCcihaf7ZYbiROG2KE +BNlbgwKBwQDncNdXOgz9bb0C+HymH0LwB0KECt2NNN0DV1GXoH8IXEYtK4V2XJdU +P63EtMfaUgk0vyL/pIWQLlyt9bW0Gnr0nDY3NiX2ctRnh6WUzKNrpdQmhquEWXXw +pujDupY2O90lXeJdMhp2WWT+22IFMykwLY2sVBJzhXpY2lUd/EBgFiUpD8NRAt2V +f98eJYd3lC1JEsrEgCQrvEzc+B9y7GHPm8YevJrIcNvYMjUXEMo8rmjd+GZC4SD/ +rZVcCBrYDtUCgcEA7fbkjye26zJNltO0lYgrw8GGDoZgyjP5skW8EA36jxRKrcp3 +dKTxWo+/3EYIqMQXGa+DxaaGSGWVE1DQsEB05/L3ydZZ4ewZqPJxiUY0KMb9+X8M +KMVdUXkzojuEmDGtOc/hGTeuxsdug7Przi9UQkNE5YJLpX6GdbIvG8onu74jxZyH +re/6jIccT24lfBo3iou30IM9URd6+RkcV87DpzqNkOCvrRSaXioa7bCFnjQPi6EI +dtwV9AFBJtmb/q5rAoHAAt/l7NFtw+APDvBjK/ULccvFSbqQ0eYsMJRvEQEPUt1C +ieEWgUfZIVTBJcZRDScjsiIFn0M93XKV+BsrLJd/m3YtPjZP9mWqubZ3mgeIqBeh +MPFPRA+QZXLNRVEV+Ip5zrMB0sKCjaHCnV/AMexWwKBwOAm7SPAJev0LPZoaepcL +0xy9Ak6UzfyOmuNAcX3Hqjavig1FZb2q/rueOGEzPc7jgRI6oe607FSDUEwHFwXb +i5ZAPuho7oQLbN805iYZAoHAReFyMpjLEXOfyJQAOZb1BQHJ4U8AyYyPleXB/Bh1 +EmO+Qv3VhtqorN0g3t7XaupEqcPBRWQHxo8hlrP+6Rj4fVnT8gFYOb1QMmy5EW2b +0sdt74xLv4LI6TLLZim+akYNuFxQbBnLHJgDXgjinM+jZfzve39Uhz7ojrFaySqW +bRcQzciRgbHWrSxkLGq+gJDyjvKkszs4RN9J7LH+C8+BiyRhgxc2ZTja75bq5TQB +Tohu1wDMgHHInYJkhZNxYIGX +-----END PRIVATE KEY----- diff --git a/tests/hwsim/auth_serv/sha384-server.pem b/tests/hwsim/auth_serv/sha384-server.pem new file mode 100644 index 0000000..d51921f --- /dev/null +++ b/tests/hwsim/auth_serv/sha384-server.pem @@ -0,0 +1,115 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 14110776913249282218 (0xc3d38cd72b01a8aa) + Signature Algorithm: sha384WithRSAEncryption + Issuer: C=FI, L=Helsinki, O=w1.fi, CN=SHA384 and SHA512 Root CA + Validity + Not Before: Nov 29 22:33:25 2015 GMT + Not After : Nov 26 22:33:25 2025 GMT + Subject: C=FI, O=w1.fi, CN=sha384.server.w1.fi + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (3072 bit) + Modulus: + 00:e6:f7:58:c1:4d:d6:73:97:bf:69:e1:93:e4:95: + c2:b9:12:83:8c:be:3d:fe:f9:07:59:fb:ba:45:2a: + 60:c5:1d:7f:2a:a9:f9:3a:1d:7c:f8:7e:41:57:31: + 8a:24:57:6a:45:bd:18:7e:8b:ec:2f:6c:03:dc:38: + b2:3a:73:14:92:4b:3d:36:ca:ca:51:91:c3:75:84: + 39:44:45:f8:c8:ac:ca:c9:ab:93:39:1a:0a:13:d4: + 5d:b3:43:45:9c:fa:29:d7:0d:eb:60:20:6d:50:39: + bf:aa:a1:04:77:9b:13:02:40:ba:61:a2:1b:fc:9f: + 62:64:5b:af:8b:99:db:7d:ce:cc:7d:b4:e4:16:8c: + 54:81:dd:81:5d:71:be:32:84:63:f9:b0:9e:27:f0: + 46:a7:a4:d7:51:93:43:5b:74:a7:df:7a:10:c3:c5: + 75:2d:6f:83:b5:53:a8:bf:1f:53:45:03:4f:e5:fe: + 83:74:22:e8:70:5e:47:64:bf:c8:a4:76:93:e4:7b: + e1:6a:0a:9f:07:e8:26:4c:bd:9a:c2:dc:8b:49:a4: + 89:be:93:f7:97:23:20:2f:5b:88:5a:83:fe:f9:19: + f1:9e:57:b6:f8:32:75:5e:81:cc:a5:5a:d6:9c:16: + 96:83:46:c9:25:7c:04:ad:31:77:79:10:e8:82:e1: + c9:80:34:86:2e:a6:86:70:7e:24:9a:76:d8:64:f4: + 16:c1:ab:34:40:72:9b:c5:96:38:05:79:47:91:e4: + df:12:b7:80:75:9e:83:f0:6a:da:0c:b8:cc:e1:58: + 6d:bc:22:ff:e1:36:bf:11:8f:fb:f3:5b:39:ce:d3: + 1a:77:94:f7:24:64:f5:47:ce:b9:74:f1:4d:50:48: + 7f:63:e9:2a:ac:98:63:18:d5:8e:2b:89:11:b3:36: + 45:1f:a3:b7:95:f4:60:7c:90:aa:7a:a1:63:3a:4c: + 2b:b2:45:b3:21:4b:42:c1:fd:33:47:df:af:36:a0: + 12:4c:11:fb:4a:e4:70:62:4d:ff + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:FALSE + X509v3 Subject Key Identifier: + C8:A6:E4:81:75:69:7C:09:1D:A1:E6:14:CE:62:65:4E:56:D8:92:79 + X509v3 Authority Key Identifier: + keyid:0E:74:B5:09:EC:FB:FA:E7:BA:6B:1A:F6:2B:28:7E:A9:70:DA:D7:18 + + X509v3 Subject Alternative Name: critical + DNS:sha384.server.w1.fi + X509v3 Extended Key Usage: critical + TLS Web Server Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + Signature Algorithm: sha384WithRSAEncryption + 04:da:fd:8c:4d:ae:05:1a:bc:39:7d:b4:6e:b1:fa:9e:6c:39: + a1:58:24:49:59:0b:2a:d9:2c:c3:64:93:07:72:b0:37:3e:24: + 9d:b0:b4:6e:d7:4c:75:57:74:1a:4a:f1:34:4f:83:3d:eb:b3: + 77:a0:b3:1a:90:f2:6b:57:7b:46:a2:cb:f4:31:d8:9f:e8:1f: + 5c:3f:b3:ac:ff:2d:c8:d5:f2:1b:dd:7c:9b:b8:7f:61:13:3a: + b1:14:82:4d:52:cf:d0:dc:6f:20:e7:94:06:6b:9f:6d:49:dc: + 41:9b:9e:66:41:d6:45:15:af:92:00:6d:75:5f:95:93:ec:29: + 7d:f9:a8:57:1a:16:a4:f9:9e:ac:e1:86:f2:d3:38:25:16:e3: + a1:f2:9f:3b:7e:a7:9b:b9:e7:24:0f:f3:da:66:c4:de:34:3c: + 75:58:b2:64:e2:d1:2e:6d:ac:f8:03:d9:d2:a9:b6:67:d9:98: + 51:76:b5:1f:a8:a0:5f:73:65:dd:52:04:88:f4:e6:d7:cb:94: + 83:ac:08:29:25:c5:aa:8a:44:6d:73:14:cf:9a:48:24:ab:46: + d1:85:ee:29:81:e6:23:03:82:57:34:2c:f8:e1:5f:03:53:79: + f7:ca:b3:58:2c:60:8f:52:d1:20:6e:f0:5a:f4:7e:52:fa:a8: + fa:4d:6c:a8:67:d6:da:a5:da:9c:54:c6:34:3a:ca:06:32:a8: + 45:3b:41:95:6e:81:07:9b:f4:fb:6a:4b:7c:ee:d5:7f:30:7e: + c2:39:8d:88:b4:c9:62:5f:14:3a:1c:48:9d:b6:06:d8:8e:12: + 1c:99:e0:d6:7a:a6:e4:0a:b4:23:33:98:3a:00:5b:2d:d2:0a: + 05:b8:9c:1f:9d:f0:1e:a0:d4:88:35:0e:47:bc:59:f3:f2:08: + 5e:f6:11:b2:53:b3:b4:80:c9:3b:18:e4:51:45:43:9b:7b:8f: + 7d:23:0b:2e:66:da:29:b9:0c:98:16:7a:2b:b5:a7:37:e1:f6: + 20:cc:06:56:50:7c:36:6b:f3:c8:00:08:7b:bb:df:4d:94:e1: + 04:49:7b:e7:c7:77:66:c1:42:59:f3:40:91:eb:c7:98:14:cc: + 3f:26:0d:7c:8a:c9:9e:ce:2e:82:99:5b:b3:9a:39:a4:56:8d: + 46:13:fa:dc:6e:a0:6d:43:68:05:53:78:c9:d7:dd:45:ca:b1: + 0f:ca:ef:e5:5f:54:8e:52:94:ee:4b:ab:0d:dd:02:81:e5:92: + d9:b8:6a:58:7f:14:f4:a7:9a:18:9c:51:4f:ec:5f:7e:6e:b1: + 4a:46:bf:5d:c7:4f:19:16:f5:df:0c:fc:92:4b:d8:23:e9:7b: + 43:38:82:5e:82:f7:04:e1 +-----BEGIN CERTIFICATE----- +MIIFLDCCAxSgAwIBAgIJAMPTjNcrAaiqMA0GCSqGSIb3DQEBDAUAMFQxCzAJBgNV +BAYTAkZJMREwDwYDVQQHDAhIZWxzaW5raTEOMAwGA1UECgwFdzEuZmkxIjAgBgNV +BAMMGVNIQTM4NCBhbmQgU0hBNTEyIFJvb3QgQ0EwHhcNMTUxMTI5MjIzMzI1WhcN +MjUxMTI2MjIzMzI1WjA7MQswCQYDVQQGEwJGSTEOMAwGA1UECgwFdzEuZmkxHDAa +BgNVBAMME3NoYTM4NC5zZXJ2ZXIudzEuZmkwggGiMA0GCSqGSIb3DQEBAQUAA4IB +jwAwggGKAoIBgQDm91jBTdZzl79p4ZPklcK5EoOMvj3++QdZ+7pFKmDFHX8qqfk6 +HXz4fkFXMYokV2pFvRh+i+wvbAPcOLI6cxSSSz02yspRkcN1hDlERfjIrMrJq5M5 +GgoT1F2zQ0Wc+inXDetgIG1QOb+qoQR3mxMCQLphohv8n2JkW6+Lmdt9zsx9tOQW +jFSB3YFdcb4yhGP5sJ4n8EanpNdRk0NbdKffehDDxXUtb4O1U6i/H1NFA0/l/oN0 +IuhwXkdkv8ikdpPke+FqCp8H6CZMvZrC3ItJpIm+k/eXIyAvW4hag/75GfGeV7b4 +MnVegcylWtacFpaDRsklfAStMXd5EOiC4cmANIYupoZwfiSadthk9BbBqzRAcpvF +ljgFeUeR5N8St4B1noPwatoMuMzhWG28Iv/hNr8Rj/vzWznO0xp3lPckZPVHzrl0 +8U1QSH9j6SqsmGMY1Y4riRGzNkUfo7eV9GB8kKp6oWM6TCuyRbMhS0LB/TNH3682 +oBJMEftK5HBiTf8CAwEAAaOBmTCBljAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTI +puSBdWl8CR2h5hTOYmVOVtiSeTAfBgNVHSMEGDAWgBQOdLUJ7Pv657prGvYrKH6p +cNrXGDAhBgNVHREBAf8EFzAVghNzaGEzODQuc2VydmVyLncxLmZpMBYGA1UdJQEB +/wQMMAoGCCsGAQUFBwMBMAsGA1UdDwQEAwIFoDANBgkqhkiG9w0BAQwFAAOCAgEA +BNr9jE2uBRq8OX20brH6nmw5oVgkSVkLKtksw2STB3KwNz4knbC0btdMdVd0Gkrx +NE+DPeuzd6CzGpDya1d7RqLL9DHYn+gfXD+zrP8tyNXyG918m7h/YRM6sRSCTVLP +0NxvIOeUBmufbUncQZueZkHWRRWvkgBtdV+Vk+wpffmoVxoWpPmerOGG8tM4JRbj +ofKfO36nm7nnJA/z2mbE3jQ8dViyZOLRLm2s+APZ0qm2Z9mYUXa1H6igX3Nl3VIE +iPTm18uUg6wIKSXFqopEbXMUz5pIJKtG0YXuKYHmIwOCVzQs+OFfA1N598qzWCxg +j1LRIG7wWvR+Uvqo+k1sqGfW2qXanFTGNDrKBjKoRTtBlW6BB5v0+2pLfO7VfzB+ +wjmNiLTJYl8UOhxInbYG2I4SHJng1nqm5Aq0IzOYOgBbLdIKBbicH53wHqDUiDUO +R7xZ8/IIXvYRslOztIDJOxjkUUVDm3uPfSMLLmbaKbkMmBZ6K7WnN+H2IMwGVlB8 +NmvzyAAIe7vfTZThBEl758d3ZsFCWfNAkevHmBTMPyYNfIrJns4ugplbs5o5pFaN +RhP63G6gbUNoBVN4ydfdRcqxD8rv5V9UjlKU7kurDd0CgeWS2bhqWH8U9KeaGJxR +T+xffm6xSka/XcdPGRb13wz8kkvYI+l7QziCXoL3BOE= +-----END CERTIFICATE----- diff --git a/tests/hwsim/auth_serv/sha384-user.key b/tests/hwsim/auth_serv/sha384-user.key new file mode 100644 index 0000000..6a15e79 --- /dev/null +++ b/tests/hwsim/auth_serv/sha384-user.key @@ -0,0 +1,38 @@ +-----BEGIN PRIVATE KEY----- +MIIGnAIBADANBgkqhkiG9w0BAQEFAASCBoYwggaCAgEAAoIBaw1HuCl0ydhb9q0E +epVENi+Gp7eksHMq2Rx97T29DDwFe8jpVlVWJ1b0oKq96+o6RSzYtp1UGhgSCXiw +ZPZgrVmZAnJJJU9JceoJDl3PIhkDKfApKxz9LvrmajocRiezZoaTIKj31URKALae +Id/aY/+ACoBBxIeZoH5g8zPDIg4jEPQJ8ul3WMfKY96vFne1SGjri5iwj72RV+9t +Pi/jgNSEwgFvUIp/mxR9bT4EmfdXwFhDUlfb7YRA45fzewcualxQE1P+LX7919i5 +mz4zH+OQFvFRtx6VwHVq9Hea2Ix0k3/0JUl1arSbE8h3J5aO377wDUK9DDfjFc8t +qV4S1rZaJo2Gw++sLni28HBj4iw9qOuLThVRuZA1uDiBvbap9VcJiiDy6RKyyE1X +Y230W6bXOGKbcw4h1QDLoDOMxDJTXsVOzErCE6Be8K9SviwWFIpdF3xL1i+ddKhi +dd/Kp59niREH4qvg68TUrQIDAQABAoIBawv9Rt9uh9gkVpSnaYAfIAhSOlLKhV7E +PVTCv4+wgD4j+ThOqNnMOSIBIphjdHx3dQJi+KMbTZ+TkSd7oPrqFza/s/y32s41 +EXnoCSdaHH+WYqNml3zJe0ObCCZEZnXrOlGevKqvbMQFR5WXOB/gC82crF5Ugfim +EsZmAssljTZUJDceUEbEr8tYBkgBrHgQmznWBaapKGxNrqUC7FTRwPqcjIY9F+qh +/8FE535JKzOp7oYA6XNQDLCUMI5oALmc5lq/a9g+HQpr26LNxQW5fadOKQUwZFiJ +nRtcQo6+JZzXdobH5FZ1oNi2uOHVSiQnnQgqhESJ6jLGWJxVUGXo6kqBWWmICF9D +g07ky+mssXXCPvNwtG9Mc4yh2Mm+LzDJI1rgMgoA08N0j+q5fT8QzmDZEmM/Gzsf +NP/GjsLIXE+KjMcILrxDtvbNRv/hx/ys9yQjK9+VR7+uZWmXYaxH3r7D8g5XHdBz +5/XCpQKBtgPYnHvwMRsZsQZae25/FCUfBT97JmGhr8ifGv0dhSZKRcP4zNtGU4ow +H6J/B/eecH6bVb4/ja/nSUlLIoAUqqJWWurXdkwZII3b3PzbkqkCnZayBy2x3OIi +VE7bVUpCSz0EIyuUjqrwc/d3PqrIARwiuucbgXqC8gqaAEUoXQGRGGKoerZLv/dQ +VyTlyjXDlJYLub7cLBBCo8mpii6AFbc0Js+1qZJfUp0D+12qlfu9qy1W3/efAoG2 +A3PuRMQtWn0q84o36zQaJRbMQlymiMOMQBzFmR8GUiAiXHUqPZgAPsvzs7RllCTL +ItDiKMcpE6/6MN0ArmDHA5bnAnu29SkPRiD7rU/ZGTR2Y9uujj0DIBcNHS/bbDtT +xEwFnshSz6vvpxu6DtJ8uvEf3wJyeZmdMJeDmrBnadqT2juZIseGHneHrjJK3ZyU +iLRI0ulXAbziwxnkKj9QUaHK0XiSzjAAt5NRTLoALix0ittJgDMCgbYBnDEGgatN +GRhO/Jony/N3BuF/jeKnhLS+XD1EMZOIUBeczw+TzIE0nKjhsiR3uVCG8CiZGKoM +NdssX9P1orE8fMJbBhB0EyDZwm1lPdbMAlhOugDfVFKQKKb6zD+McuxkgtLmb666 +SSeDNdx6SniMes2b6pvt2dvSLF5olVk6Sq/WvYmBv3yB4JRa0ggxMcuGdSoxiKK5 +u+wthFhg1yZAKAkHc5mluVoweXZF5CAd321F8dSZKQKBtgEEpWTXqDv/nrOztSuA +8JixMUf8RAseBnQ9R7MQJ+/9k8RJtEv3T1M1FsaN0kot00yP5bB6kc1BXfgcov/I +f8a6L6JW0qtWES/vt+byHaVGCAcIF1/P8+T5hx9tJjmzAM9oT1vz3B9qpr9S+Lk4 +Lhl90pUTBqh+uJBEjUUG8WeQUXrPiidsSEshmfuuzs6sRkxNRRAUSFi11vQK5XHj +u45mtASyli+AjiWTpiyGyFjVOQRdBz5rAoG1ErrUGzeHL9plx9NPsUgw2TMAt//g +yu1a9yDl6oARMkWMXKFytPBwwBY6H0zE74qvVQVcxHEMLGTOiLTHU57meGfVbfW+ +ikWO82ztD30nSrQ2vH3sZjeftU98R7y8L+f9icNftUTo3oA1pU8QuOj+2J/ja2Pa +ksRDoe8fqUCi3OhiG7dhBcuK4wc0p17qjmKS+fA/Ky4yV24LuxWp1ge737rjlrvm +hoCJF/ERHMvfrviGjrs+Rg== +-----END PRIVATE KEY----- diff --git a/tests/hwsim/auth_serv/sha384-user.pem b/tests/hwsim/auth_serv/sha384-user.pem new file mode 100644 index 0000000..6935dd3 --- /dev/null +++ b/tests/hwsim/auth_serv/sha384-user.pem @@ -0,0 +1,113 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 14110776913249282220 (0xc3d38cd72b01a8ac) + Signature Algorithm: sha384WithRSAEncryption + Issuer: C=FI, L=Helsinki, O=w1.fi, CN=SHA384 and SHA512 Root CA + Validity + Not Before: Nov 29 22:33:25 2015 GMT + Not After : Nov 26 22:33:25 2025 GMT + Subject: C=FI, O=w1.fi, CN=user-sha384 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2900 bit) + Modulus: + 0d:47:b8:29:74:c9:d8:5b:f6:ad:04:7a:95:44:36: + 2f:86:a7:b7:a4:b0:73:2a:d9:1c:7d:ed:3d:bd:0c: + 3c:05:7b:c8:e9:56:55:56:27:56:f4:a0:aa:bd:eb: + ea:3a:45:2c:d8:b6:9d:54:1a:18:12:09:78:b0:64: + f6:60:ad:59:99:02:72:49:25:4f:49:71:ea:09:0e: + 5d:cf:22:19:03:29:f0:29:2b:1c:fd:2e:fa:e6:6a: + 3a:1c:46:27:b3:66:86:93:20:a8:f7:d5:44:4a:00: + b6:9e:21:df:da:63:ff:80:0a:80:41:c4:87:99:a0: + 7e:60:f3:33:c3:22:0e:23:10:f4:09:f2:e9:77:58: + c7:ca:63:de:af:16:77:b5:48:68:eb:8b:98:b0:8f: + bd:91:57:ef:6d:3e:2f:e3:80:d4:84:c2:01:6f:50: + 8a:7f:9b:14:7d:6d:3e:04:99:f7:57:c0:58:43:52: + 57:db:ed:84:40:e3:97:f3:7b:07:2e:6a:5c:50:13: + 53:fe:2d:7e:fd:d7:d8:b9:9b:3e:33:1f:e3:90:16: + f1:51:b7:1e:95:c0:75:6a:f4:77:9a:d8:8c:74:93: + 7f:f4:25:49:75:6a:b4:9b:13:c8:77:27:96:8e:df: + be:f0:0d:42:bd:0c:37:e3:15:cf:2d:a9:5e:12:d6: + b6:5a:26:8d:86:c3:ef:ac:2e:78:b6:f0:70:63:e2: + 2c:3d:a8:eb:8b:4e:15:51:b9:90:35:b8:38:81:bd: + b6:a9:f5:57:09:8a:20:f2:e9:12:b2:c8:4d:57:63: + 6d:f4:5b:a6:d7:38:62:9b:73:0e:21:d5:00:cb:a0: + 33:8c:c4:32:53:5e:c5:4e:cc:4a:c2:13:a0:5e:f0: + af:52:be:2c:16:14:8a:5d:17:7c:4b:d6:2f:9d:74: + a8:62:75:df:ca:a7:9f:67:89:11:07:e2:ab:e0:eb: + c4:d4:ad + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 85:5F:26:C0:68:70:33:79:E3:BA:57:A3:5F:52:94:38:F0:6E:53:05 + X509v3 Authority Key Identifier: + keyid:0E:74:B5:09:EC:FB:FA:E7:BA:6B:1A:F6:2B:28:7E:A9:70:DA:D7:18 + + X509v3 Subject Alternative Name: + email:user-sha384@w1.fi + X509v3 Extended Key Usage: + TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + Signature Algorithm: sha384WithRSAEncryption + 81:95:03:32:e7:e5:e3:0e:22:0e:cc:a5:b5:96:3e:15:a8:6c: + f5:e2:1f:32:b9:09:71:b5:fa:f4:84:ae:e1:8c:d4:cb:ef:e3: + b4:58:aa:bd:bc:df:6a:9c:91:9b:5a:d4:e1:b0:1c:dc:dc:e9: + b6:68:71:83:e1:7e:1c:81:fd:a6:3b:14:67:1a:67:64:ed:a8: + 3c:43:2f:cf:e1:63:51:f0:9d:1d:e7:0c:0f:58:bc:bd:bf:af: + ee:55:f8:1f:5a:9e:1f:c2:74:f0:8a:e4:5f:b2:19:e3:e8:c2: + 5c:1c:39:f4:24:51:ae:d2:21:da:b8:12:97:ff:2a:d9:ff:61: + 02:31:1f:87:3b:14:0b:7b:9a:77:11:a8:83:25:38:6a:1d:89: + fc:48:75:8c:2f:38:a7:66:ee:a9:65:2c:d9:f8:bf:e0:12:d6: + b7:11:07:d0:72:a8:76:53:32:94:39:47:be:74:69:f6:6b:13: + 2f:eb:e1:a2:8e:32:43:0a:cc:13:ea:00:29:cc:99:7b:eb:5c: + 06:d5:4d:ef:6e:2a:96:6b:33:a3:6f:53:0c:59:4e:89:9b:56: + f6:a3:94:0d:7b:21:df:0e:af:b7:df:cf:56:98:81:02:9d:e2: + f1:29:90:2e:7f:be:4d:24:6f:46:8d:af:ff:f9:30:7b:40:48: + 1c:1b:68:6e:9f:ec:e2:33:51:7c:ed:ee:12:bb:3a:97:ce:85: + fe:d9:c3:0b:1a:a6:1b:12:bb:db:4f:f3:b1:e5:80:25:b9:62: + 7a:e9:8e:17:44:97:cc:54:bf:8e:c3:aa:37:b2:74:e9:58:9b: + d7:53:00:4d:82:c2:42:ba:c1:c2:7f:00:fa:da:06:dc:98:04: + 68:35:d6:3c:14:4e:dc:4d:e4:d8:b9:b5:e2:17:79:91:3b:d7: + c7:f1:ff:e7:a3:25:68:c4:96:29:c6:b9:45:e3:3d:1c:29:22: + 2f:0b:c7:8c:8e:b6:0a:0a:82:20:0b:50:ca:e6:c6:de:01:38: + f9:3b:31:e0:1c:85:11:bd:a9:9e:bf:8c:f7:f2:64:03:ca:60: + 16:2d:26:94:eb:9f:8a:d0:5e:1c:eb:3c:26:7e:03:84:d2:f0: + 5a:b3:8a:7b:86:86:67:ce:1e:c9:c8:ad:3b:0f:08:7f:3e:54: + fa:ad:e4:5e:3f:c1:cb:50:3a:dd:ba:b1:0e:d2:9b:88:46:17: + bb:67:cf:5c:11:f3:a3:f7:0b:95:ae:25:ce:3c:e9:ca:aa:46: + f8:a9:8c:cf:a9:cb:bc:00:94:a1:c7:02:98:1e:e5:b1:c7:e7: + 51:50:f7:5e:a5:c8:e9:ff:e0:50:17:cc:10:c5:f8:0a:68:ba: + ca:78:f8:1a:6c:ac:f2:10 +-----BEGIN CERTIFICATE----- +MIIFAzCCAuugAwIBAgIJAMPTjNcrAaisMA0GCSqGSIb3DQEBDAUAMFQxCzAJBgNV +BAYTAkZJMREwDwYDVQQHDAhIZWxzaW5raTEOMAwGA1UECgwFdzEuZmkxIjAgBgNV +BAMMGVNIQTM4NCBhbmQgU0hBNTEyIFJvb3QgQ0EwHhcNMTUxMTI5MjIzMzI1WhcN +MjUxMTI2MjIzMzI1WjAzMQswCQYDVQQGEwJGSTEOMAwGA1UECgwFdzEuZmkxFDAS +BgNVBAMMC3VzZXItc2hhMzg0MIIBjDANBgkqhkiG9w0BAQEFAAOCAXkAMIIBdAKC +AWsNR7gpdMnYW/atBHqVRDYvhqe3pLBzKtkcfe09vQw8BXvI6VZVVidW9KCqvevq +OkUs2LadVBoYEgl4sGT2YK1ZmQJySSVPSXHqCQ5dzyIZAynwKSsc/S765mo6HEYn +s2aGkyCo99VESgC2niHf2mP/gAqAQcSHmaB+YPMzwyIOIxD0CfLpd1jHymPerxZ3 +tUho64uYsI+9kVfvbT4v44DUhMIBb1CKf5sUfW0+BJn3V8BYQ1JX2+2EQOOX83sH +LmpcUBNT/i1+/dfYuZs+Mx/jkBbxUbcelcB1avR3mtiMdJN/9CVJdWq0mxPIdyeW +jt++8A1CvQw34xXPLaleEta2WiaNhsPvrC54tvBwY+IsPajri04VUbmQNbg4gb22 +qfVXCYog8ukSsshNV2Nt9Fum1zhim3MOIdUAy6AzjMQyU17FTsxKwhOgXvCvUr4s +FhSKXRd8S9YvnXSoYnXfyqefZ4kRB+Kr4OvE1K0CAwEAAaOBjjCBizAJBgNVHRME +AjAAMB0GA1UdDgQWBBSFXybAaHAzeeO6V6NfUpQ48G5TBTAfBgNVHSMEGDAWgBQO +dLUJ7Pv657prGvYrKH6pcNrXGDAcBgNVHREEFTATgRF1c2VyLXNoYTM4NEB3MS5m +aTATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCBaAwDQYJKoZIhvcNAQEM +BQADggIBAIGVAzLn5eMOIg7MpbWWPhWobPXiHzK5CXG1+vSEruGM1Mvv47RYqr28 +32qckZta1OGwHNzc6bZocYPhfhyB/aY7FGcaZ2TtqDxDL8/hY1HwnR3nDA9YvL2/ +r+5V+B9anh/CdPCK5F+yGePowlwcOfQkUa7SIdq4Epf/Ktn/YQIxH4c7FAt7mncR +qIMlOGodifxIdYwvOKdm7qllLNn4v+AS1rcRB9ByqHZTMpQ5R750afZrEy/r4aKO +MkMKzBPqACnMmXvrXAbVTe9uKpZrM6NvUwxZTombVvajlA17Id8Or7ffz1aYgQKd +4vEpkC5/vk0kb0aNr//5MHtASBwbaG6f7OIzUXzt7hK7OpfOhf7ZwwsaphsSu9tP +87HlgCW5YnrpjhdEl8xUv47DqjeydOlYm9dTAE2CwkK6wcJ/APraBtyYBGg11jwU +TtxN5Ni5teIXeZE718fx/+ejJWjElinGuUXjPRwpIi8Lx4yOtgoKgiALUMrmxt4B +OPk7MeAchRG9qZ6/jPfyZAPKYBYtJpTrn4rQXhzrPCZ+A4TS8FqzinuGhmfOHsnI +rTsPCH8+VPqt5F4/wctQOt26sQ7Sm4hGF7tnz1wR86P3C5WuJc486cqqRvipjM+p +y7wAlKHHApge5bHH51FQ916lyOn/4FAXzBDF+Apousp4+BpsrPIQ +-----END CERTIFICATE----- diff --git a/tests/hwsim/auth_serv/sha512-ca.key b/tests/hwsim/auth_serv/sha512-ca.key new file mode 100644 index 0000000..b4f7eb2 --- /dev/null +++ b/tests/hwsim/auth_serv/sha512-ca.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQCgV1xtgG7ws5e4 +N+F5KfWrEMKzsP5P8PXVMiB6Rv/Wuzi1EHZjNdbUQuVV+hHRI1K2ReqXAeaNyhEE +Jn42hGndcHKHfcAUTQWQWfCscP32Ti2YSViHD60sqZKr4agDoLkMR21BMHXgrU6W +QED070WE0CbELVUtcb17oPh/ndh46Ftb5U6H5rpY8T13148xhNCh8yKAOcFfE9GW +Z3mTMp+VxmcK72KL4Yga7bU3Uk5xHlFZ0rK1W0xItEi+SGfMLELalP6wAYMVtPAA +iqepg3WSq5eNyZgTwq5jAuLP/4Bf1C7WhNveFE9WalJ3rrYEs7Rd+mOYm0QXcH8t +IqC9UTUhfI3wJOpLGEfHieLHCDl8SYijET+hFFTYiU1jj4sQjAeY8VnC7/tmjJpC +j6oNcbr57WwMxO/Xafo0JW3axZiyfDUlPShPbhyBjhq2/3wOKJUbeK/cY9J0CjW1 +5k8DYjSC0vGFwl4CRmhfN/5XeO9kGQR9kQjha59v2/gW4wKFnuqPyWyY4vWgcEmc +8kqJqrkR61fwZ3H7G5ErMw/q/jR9tuqcTuRvQjh1LEtv2UxzNg68L73nhqT4UQRO +uXkXPsUCN13Bgm3OzTul+zmbXtRlH/2oc+16IyzICj5VWpiZgC7D7Ljnlquvo1/3 +EitInFWjEl8kpsPJnBT4id/xrJHoywIDAQABAoICAFFF1ti+R/2D2ryKvqQOy7KJ +DVfNuCpHJiSJgwLX6CgswAKvNIL3MExpGBvrZIqQkAVKDS27zeRC7zseU81IcuzG +aZcZ+3mOzOotXJvbri7h06SkUNYs8Qd5cJnlCKfGGOYLcmqfqLBYyEPKj+JXQfKf +G3dGzyz4wSXgIvV0ydwHUv+SjKrAHealaRXM0o00GBhuyCccn1KVFiBZlLsy5sch +SOu3CUmD6NxVbwx6kL4vsuaHsQPSIimcEF87DjnkmYJ4EVyfd5VSIHD11yRKORc+ +GNTKwWYKwR/4v4TUqnpob9FWiKfZvZk8zU5S5XoeqKcWGtOop+wFnsD/E2DCv93K +vbY0n5B5L5XFjtmBYuvdqXe4RH46ZgyePI3G6DSTCq5L8/+5pZlTeny4Vz77ecm8 +CU/4XOcYMIBZim9Fie4jQLpD4KNjKjhXLjpetNyHp3sIoghb90Qv5UdLZ6dnf4+D +nxbg+tfvwltNfPgCvrOh3OcnSSLUSb5kSim0xpFtaH5QgAQhVaFaDY8GtaOnPyRG +39XPwpAQXpt8EyW4omwtI8QL+/bciQNg0tVLHkxg7qOEPWGoaxvQbxT8EBGufRz9 +7qvl1ajGEAeaDY62HUssBW2+YhFKNLbzWBVO/S4AWPYPLMeAVQfFNVXWyS5www7P +DfQXAt+rwLWwfvpW2C2BAoIBAQDVVXpIykVnUuQoRclLMnm8Z5DMfWOP/Oj3Em2z +nKvnyM+rXEr7sT7XLAJa4aU0Fg27omUXZpNB6UDntWLOHXi+Zh3PgMd1CqdIclVK +z6uGfK9TKHIQpYY7RLGcvBAjfnyv2KKcqBi2IQEXidoHLtZ2gQJJQ1Aoiw8gIQAe +kZjXwcxlEgDdVR4+Zamj5QRfAG7Nd7PVl06gJNyCinS21/UFELz6hB4COgVjOPzr +FvhoPrZE6QUNm76wFVXhYl9Taj/lM+0q5b88ZCJCqhma6aGOuVRaSpaTeRYC63ys +oTYdUR5Cc7Z4h8iFW4S6Qs992MvH3k73R6/ad0o8kaUrZU1BAoIBAQDAaLP8jjc8 +4cDi3lNos0cSiF2OBazsCAsI5IRovkkugSDYK9FKOrQ0P8mFTsA+IapAe8gMIjZY +ivRJ8dQ8beNhub9gULlNpp8VZ0QJV5jn1qp1vqW72ti28KcwPFTSmQZKMevwl6Bw +t/s3RY3SndU3LJ1RdtZuhC9tgAGbH/Os524kvBc8sPjQkwRP8MABF/4XTS1aR7yO +6kka1ZxJ32X7Chz7pO/IagTmAhJmbLkponWPtCvwlHx8SFE0dyC86snhb7CIr8B/ ++1BBueTjUhrhADCm6X106hIgm7C2o9m+x92Y7KHM4yEjHEo8+VVC8WV5TmcXOqMM +nqYCHeNn1tcLAoIBAQC9w2MbDJHf7uP0zt7XfPa8mIM84uyFUDsKS+I5OsvPSdkw +XNB2QpvbWtJddQo24sckeLfjsOKcZpfNhJN3NNAKzVsHEU5a1jcnQkyMV14EKzTp +i7irBhH49onnGYJhkEnpQZKkNwKEP6dxALZoXUl38BnQgYf0CH5T3gb1Kh4DDeh6 +nyEVwHk+l7/mgfj5aLEnI6tb+1N9MEzV8cMQQdk5wEHZtVvcLzBLqo2PsMcWM3J+ +qahNCpT8nH3gFlklIgXkI+R7nBIX7hprolNUcS28fy6Bgoeedr8VqdMk2+H/AgEg +qz1MybucpGPUK0nWb9oU17L2U1YhxqrKZeO+TkYBAoIBAAu7Vp4jncKckUJEBBny +NHcw0WODfRO3OdUE+f3Y/GVVgkcsBMrd4Xb+HK+AKcCgFN1xrrTusRmc/2Ay2poE +qUSgKscYpPPTIQgRD9jx+mTIdgRP55MYuPYOnmMWiqV8pyGHAbfdxu6YiTzJhOg+ +r215zu3UrSZ38NxgXbizrgvw4Ipk3ZXZxJITJMQrDcoDSH7rOcSzcw/TwTldpPXs +JS+1YicF24kAzeOoZK7SGkgrm7dzaOp2Y1DAqBLm4JwkRML2KHFtJfOnwzD+wLIL +o4/sjwreWcPzMb/DPnckbnZvgVd9ti/j+XVGmFA3c7dtOJ645RhJfv+Z/M1MPT1r +oBkCggEAWqkhZDArd1EqwauhCKwAb2Bp8IVd3rAyaBMtQZVebf467rMh0o4FaPZb +a4oTZQEAAvlabbKiNW16kmdhzhXNIpgtsTQ1ZfagjHP3fPp0mz3XQiATudaxQBVH +o7hKafsr2YJLWD03RO+hO2UPr/rLqN9+8/MlT5pityn1QZHpHf9qzliUhw/2zAjq +kgygbM8UCEXl7zb7ptxaiPsxBn+ynwxgzibwLRHiePOfil8fD5hyE/5gRISrQidA +VO5RzhqnD3kDH7Da8BPJt917CsgvZ+VffzDP4D/V+L1a/R1ldyXG+omn7qED1ui6 +V2qOAd4RYJFC9FFgNAWy22r3lSYw+g== +-----END PRIVATE KEY----- diff --git a/tests/hwsim/auth_serv/sha512-ca.pem b/tests/hwsim/auth_serv/sha512-ca.pem new file mode 100644 index 0000000..2ed9314 --- /dev/null +++ b/tests/hwsim/auth_serv/sha512-ca.pem @@ -0,0 +1,32 @@ +-----BEGIN CERTIFICATE----- +MIIFkTCCA3mgAwIBAgIJAPz9Jkl2amj5MA0GCSqGSIb3DQEBDQUAMFQxCzAJBgNV +BAYTAkZJMREwDwYDVQQHDAhIZWxzaW5raTEOMAwGA1UECgwFdzEuZmkxIjAgBgNV +BAMMGVNIQTM4NCBhbmQgU0hBNTEyIFJvb3QgQ0EwHhcNMTUxMTI5MjIzMzI0WhcN +MjUxMTI2MjIzMzI0WjBUMQswCQYDVQQGEwJGSTERMA8GA1UEBwwISGVsc2lua2kx +DjAMBgNVBAoMBXcxLmZpMSIwIAYDVQQDDBlTSEEzODQgYW5kIFNIQTUxMiBSb290 +IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoFdcbYBu8LOXuDfh +eSn1qxDCs7D+T/D11TIgekb/1rs4tRB2YzXW1ELlVfoR0SNStkXqlwHmjcoRBCZ+ +NoRp3XByh33AFE0FkFnwrHD99k4tmElYhw+tLKmSq+GoA6C5DEdtQTB14K1OlkBA +9O9FhNAmxC1VLXG9e6D4f53YeOhbW+VOh+a6WPE9d9ePMYTQofMigDnBXxPRlmd5 +kzKflcZnCu9ii+GIGu21N1JOcR5RWdKytVtMSLRIvkhnzCxC2pT+sAGDFbTwAIqn +qYN1kquXjcmYE8KuYwLiz/+AX9Qu1oTb3hRPVmpSd662BLO0XfpjmJtEF3B/LSKg +vVE1IXyN8CTqSxhHx4nixwg5fEmIoxE/oRRU2IlNY4+LEIwHmPFZwu/7ZoyaQo+q +DXG6+e1sDMTv12n6NCVt2sWYsnw1JT0oT24cgY4atv98DiiVG3iv3GPSdAo1teZP +A2I0gtLxhcJeAkZoXzf+V3jvZBkEfZEI4Wufb9v4FuMChZ7qj8lsmOL1oHBJnPJK +iaq5EetX8Gdx+xuRKzMP6v40fbbqnE7kb0I4dSxLb9lMczYOvC+954ak+FEETrl5 +Fz7FAjddwYJtzs07pfs5m17UZR/9qHPteiMsyAo+VVqYmYAuw+y455arr6Nf9xIr +SJxVoxJfJKbDyZwU+Inf8ayR6MsCAwEAAaNmMGQwHQYDVR0OBBYEFA50tQns+/rn +umsa9isofqlw2tcYMB8GA1UdIwQYMBaAFA50tQns+/rnumsa9isofqlw2tcYMBIG +A1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBDQUA +A4ICAQCSG0Tk6pMvUxSMi9q4Bnq1jjMehEVZH6JHoADSjYDpRYj26Zjzd5k1qRua +rdAlugMaV/Jq0kcebcvIRl1de0BPx7qfRzq39lSVDojtefjj824EsYj+rBssmwUZ +e5XfXzxSmfEtT7Ot1PMLyCUCeg7JPr0dbdo7EVjh6XhYo0IlLsOJcKwfj/z74K14 +SlL1jXknhQgizCzt/gFkrdrFFCg0cCTjG5gKVHnn97GY61PI1CEMYGjkP2x7wv2o +dJE09ElEPjrQOiShqfmfeUOuM6xmYzZFtVWp/M+tEQdL5WsBrN2dujHA+Ftf3xrF +aRlGLFCzqlC+HU1CSsiI4gXXJT4Bp6WrVP/insAuuS/a8KQRkox8JvPBOqnYf/m4 +JvGJbhukEgbhUdUON4UtWwr3pTkt16SKmE3IdG/Umabi+bSkMmSzw3Iy12LOkrhT +5OVbU+EwFolc6WUmp5VnhD/NtNdTvaTIjuujU4MyXkBfHvPj4bR62/cSXdGL4LzL +UjlrFEN3RnFiF4/slrT4z4VRa4FqaYg+aRnMuGwPMHBjUTmyQp1yjF0kp/MYDGF7 +YO46+ep1pwx7zboB1nsKPdLzwEHvO7p6yBO2daEBCiE4RpedSjkpNhYgfHn4WVoX +NPZChYbX8mGds3xnB6BGsfvzXEtCtmOGbDRIJm6aB7qTrfHiYA== +-----END CERTIFICATE----- diff --git a/tests/hwsim/auth_serv/sha512-generate.sh b/tests/hwsim/auth_serv/sha512-generate.sh new file mode 100755 index 0000000..d692465 --- /dev/null +++ b/tests/hwsim/auth_serv/sha512-generate.sh @@ -0,0 +1,75 @@ +#!/bin/sh + +OPENSSL=openssl + +DIGEST="-sha512" +DIGEST_CA="-md sha512" + +echo +echo "---[ Root CA ]----------------------------------------------------------" +echo + +cat ec-ca-openssl.cnf | + sed "s/#@CN@/commonName_default = SHA384 and SHA512 Root CA/" \ + > ec-ca-openssl.cnf.tmp +$OPENSSL req -config ec-ca-openssl.cnf.tmp -batch -x509 -new -newkey rsa:4096 -nodes -keyout sha512-ca.key -out sha512-ca.pem -outform PEM -days 3650 $DIGEST +mkdir -p ec-ca/certs ec-ca/crl ec-ca/newcerts ec-ca/private +touch ec-ca/index.txt +rm ec-ca-openssl.cnf.tmp + +echo +echo "---[ Server SHA-512 ]---------------------------------------------------" +echo + +cat ec-ca-openssl.cnf | + sed "s/#@CN@/commonName_default = sha512.server.w1.fi/" | + sed "s/#@ALTNAME@/subjectAltName=critical,DNS:sha512.server.w1.fi/" \ + > ec-ca-openssl.cnf.tmp +$OPENSSL req -config ec-ca-openssl.cnf.tmp -batch -new -newkey rsa:3500 -nodes -keyout sha512-server.key -out sha512-server.req -outform PEM $DIGEST +$OPENSSL ca -config ec-ca-openssl.cnf.tmp -batch -keyfile sha512-ca.key -cert sha512-ca.pem -create_serial -in sha512-server.req -out sha512-server.pem -extensions ext_server $DIGEST_CA +rm ec-ca-openssl.cnf.tmp + +echo +echo "---[ Server SHA-384 ]---------------------------------------------------" +echo + +cat ec-ca-openssl.cnf | + sed "s/#@CN@/commonName_default = sha384.server.w1.fi/" | + sed "s/#@ALTNAME@/subjectAltName=critical,DNS:sha384.server.w1.fi/" \ + > ec-ca-openssl.cnf.tmp +$OPENSSL req -config ec-ca-openssl.cnf.tmp -batch -new -newkey rsa:3072 -nodes -keyout sha384-server.key -out sha384-server.req -outform PEM $DIGEST +$OPENSSL ca -config ec-ca-openssl.cnf.tmp -batch -keyfile sha512-ca.key -cert sha512-ca.pem -create_serial -in sha384-server.req -out sha384-server.pem -extensions ext_server -md sha384 +rm ec-ca-openssl.cnf.tmp + +echo +echo "---[ User SHA-512 ]-----------------------------------------------------" +echo + +cat ec-ca-openssl.cnf | + sed "s/#@CN@/commonName_default = user-sha512/" | + sed "s/#@ALTNAME@/subjectAltName=email:user-sha512@w1.fi/" \ + > ec-ca-openssl.cnf.tmp +$OPENSSL req -config ec-ca-openssl.cnf.tmp -batch -new -newkey rsa:3400 -nodes -keyout sha512-user.key -out sha512-user.req -outform PEM -extensions ext_client $DIGEST +$OPENSSL ca -config ec-ca-openssl.cnf.tmp -batch -keyfile sha512-ca.key -cert sha512-ca.pem -create_serial -in sha512-user.req -out sha512-user.pem -extensions ext_client $DIGEST_CA +rm ec-ca-openssl.cnf.tmp + +echo +echo "---[ User SHA-384 ]-----------------------------------------------------" +echo + +cat ec-ca-openssl.cnf | + sed "s/#@CN@/commonName_default = user-sha384/" | + sed "s/#@ALTNAME@/subjectAltName=email:user-sha384@w1.fi/" \ + > ec-ca-openssl.cnf.tmp +$OPENSSL req -config ec-ca-openssl.cnf.tmp -batch -new -newkey rsa:2900 -nodes -keyout sha384-user.key -out sha384-user.req -outform PEM -extensions ext_client $DIGEST +$OPENSSL ca -config ec-ca-openssl.cnf.tmp -batch -keyfile sha512-ca.key -cert sha512-ca.pem -create_serial -in sha384-user.req -out sha384-user.pem -extensions ext_client -md sha384 +rm ec-ca-openssl.cnf.tmp + +echo +echo "---[ Verify ]-----------------------------------------------------------" +echo + +$OPENSSL verify -CAfile sha512-ca.pem sha512-server.pem +$OPENSSL verify -CAfile sha512-ca.pem sha384-server.pem +$OPENSSL verify -CAfile sha512-ca.pem sha512-user.pem +$OPENSSL verify -CAfile sha512-ca.pem sha384-user.pem diff --git a/tests/hwsim/auth_serv/sha512-server.key b/tests/hwsim/auth_serv/sha512-server.key new file mode 100644 index 0000000..8cc5e80 --- /dev/null +++ b/tests/hwsim/auth_serv/sha512-server.key @@ -0,0 +1,45 @@ +-----BEGIN PRIVATE KEY----- +MIIH7AIBADANBgkqhkiG9w0BAQEFAASCB9YwggfSAgEAAoIBtgyUrc5DYSg0X9fe +xaXrNjYldxn7pZsOu+1u2RAbcNNKFPs+XFCihLMu/QnNxKv5+n7njugzUIoBg0I5 +Oydoi/rmXGCG6NBWWnm8KsqpC/WJ1aMldsFxi4oyKieBizGo+alsYgApzWp8LMwD +NHdfk+fyGoyneJowKdGVO2BridD0abGCfBdztSta76bse8eb4wo8TEGYrbSkBTBV +YFmpDRw5tLTzcPy300fmRD+PPm7QMY6F7i8s9Z2GwYJ3Ec30Fah4KhidtiwfllHW +PLYu9ONl1J9OkuZVGOI+bh7FPV11ISx6r8r+Cz0YlkyG8qf4bbMPDcv3RYa/iCFV +9BzMp++ySRNCzpV0+mSw5P842hTvXBBwCqgwTyL4+Vao9Pcf6TGISn3tESeJSecG +plrTJ9xgey2RWkgRP+Cj0r2Jr8ijhKAntYmY/TxY9KjbgXu6CAvVXzB86hnVd9+F ++sT060f/cGXZ0ZF5EKcbEcqu2N+98fFU2Q2LeBxgzZ5jBAWGYKsZ58/dz+o9Df+B +F4t0W4Wp5JPKdIbkTETUCwaNBtM1TvetKvZ30HZc/DxjLv0/QkE2ctZ4PwIDAQAB +AoIBtglR7/y5T/W/7yz2HUhQmyW71aMLGWFopfI8x1O2cHwnCqoiRbN64oH4En87 +0DJzi46OLwF4WncSrdHWoisMuX7TP6ZG65zEDFzY+H6Qg4qQZRNrArJGUtC7Xx1L +S/orK2HHKEbksQftHCa7TRgOV31ijyaaPq9DdQeN3aINqNiC6PYXK6UYFCQdRyNL +WFvE8Yq4pumFmVIUnL900F877Ll3SpcvLgoaiMxgGzlW/jKLy9rA/3Y1gXQEy8DC +Qw9nftACzXTVCYtgjzTrWKjC2qrH2p92Tz+R1VBuXUPZLMhCGGI9eYWdaaoCFsPy +RRsDhLpExK+WcQyinPrhUinr8p8DsgL2Qn6LJCBRbSS7kYa4cT//e+ohsvelE+sv +9nhUEpyndUW5FNm4fp29wi+mKfhFWlYXsMA5xJ2btcKZPH1iVuV3oPI6ykj2RSRc +/ZfnXyyCKxnYlZ2mQCmB2HpU6gTwp7LJY6X//dODFtuuVXXdDKAQLTfcCIhBWcAW +MRFjs7UeY9D+iiSmMH7NAgaWWLJUIVFKbRj6hItCjfJV/bub6kfy5AXmx9kAqv58 ++muUMiWBHC15iQKB2z1ZBWNWFaa4fPlLUNo0orxDOv1vPUChs1D8SyD/7486XE9K +VHolpWy6d/XmuQTFSbRs2E4XaWQNirXPG5FVpe4D8YnL57E1sITYTdqnYbeifZVb ++Wt+u89d4a1jEECFqHXUKixm0/kcl++UJwkYLm9eol5Ip8pp6OC6upht8p+8HHHr +1lL4Alzwq/8iUkIy79BQQurcIAzAE2CBgzbU4Dc63yiyqRhepeOhqdCZDr35F1E3 +RxgsCsmKDIJQ2bV80Q+yrGVcR4Uz+oeG3MjAzsmQR4IvsU5jGSd2TQKB2zR/rWEJ +WsVgMFiAyFdYI45x+bpG9tOuc6VHNX/7f0DeOlM/eXnvRwpvW9LDBwCXIkJkwOSx +bMtlQge/RI0AwchzvEz3UMYpHYtaJmYCxUXLHc/ziYrNHfsZOVIIw1y6yrrfWGiV +54nFdFRZx2aXZpPqa2oVUqxl3qkKEpPgLzQancS5xDcm14J65pCYbuodNkz02Buv +8RzSakF+UJmLhBulMBHMgN0NGNnTYfomUFCb2/Plu/kK58raokOxiAgusCDgpgsR +ohwdTjBb/GJ8VceGvooqBXVB9FJGuwKB2wn5zN9/YxvuShw7vBUPlBrrD8+gZCR7 +Zu5XaFwgYjM3OUWHf78xGfpZRCKPdyyobDjTrkTcl722WgUAfaofdFEFAST4LF/r +rB2eEuLobwJugN9lymRJgn7Q9F6+iikD0wX+DzGTMwsCNE64F7Tp4rsnd12/kNFg +cYcBtlANKPQCodmAkSSCwdedJ0rgqOGs6MRGGOuaCfgoz73UsaKb8S3p+9nhW4/j +7DPc2QFbskMAG2OQipYKq2JkeW5DeXOCrXhRBKmi3NpzPl0FeCeI+tdaB9bKrJlj +kfaRzQKB2xGoJ44NcWQU9+2sUrVdxYexOca2+2kysV6TVqEW2zPcCk3ZeWfTXFdc +IMwAICjIrBMcg+vm6Kp4Af9NCydJa+OZWWmhfJ9JUNB/n46LvAG/UOWSCV6PolfD +og2/OMXFZU34tGlokZk6ueds0q3kmfGB1GK3jTjCgmLkKl9l9TpXAV0bBa1u+Oi/ +oTBctGE1NgAoEU8um6+P7YDdlQovbF1H76Ts3SJ7tzH78GYL4NNbuFyNle0rB86o +Pg76dMAbw80rAW2TnqxKBvQo2/fbzZXv8cHSZEeNyTiq5QKB2xDSGoN8kLg3VpUf +tqhy60WuLPOlzrOmRPRFAPzT/tOqKSfa59/QXuXcZ1z3tI7DN0TLMGc9weNcytvD +KJrZTtqsyjRrdpTQfMBzn3+sP4dXg9vw9fRmKOHLo323Vr4WPXeWBBkUGGCLr7qM +Lw2iWNO64lwG7qOz53IVAkgQv4hHkpZdc5UKdFBef6OT+pgSG8MOEVkMfnGcqWh8 +dMbbIQ5xvHOhsplzQm/V2x7ucmFMaT/HO6FGSeIYmX/ZsWyBvfA5zJtAc79KGX0k +Jer426hlmX1bSvfG1YJlXg== +-----END PRIVATE KEY----- diff --git a/tests/hwsim/auth_serv/sha512-server.pem b/tests/hwsim/auth_serv/sha512-server.pem new file mode 100644 index 0000000..9e66993 --- /dev/null +++ b/tests/hwsim/auth_serv/sha512-server.pem @@ -0,0 +1,120 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 14110776913249282217 (0xc3d38cd72b01a8a9) + Signature Algorithm: sha512WithRSAEncryption + Issuer: C=FI, L=Helsinki, O=w1.fi, CN=SHA384 and SHA512 Root CA + Validity + Not Before: Nov 29 22:33:25 2015 GMT + Not After : Nov 26 22:33:25 2025 GMT + Subject: C=FI, O=w1.fi, CN=sha512.server.w1.fi + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (3500 bit) + Modulus: + 0c:94:ad:ce:43:61:28:34:5f:d7:de:c5:a5:eb:36: + 36:25:77:19:fb:a5:9b:0e:bb:ed:6e:d9:10:1b:70: + d3:4a:14:fb:3e:5c:50:a2:84:b3:2e:fd:09:cd:c4: + ab:f9:fa:7e:e7:8e:e8:33:50:8a:01:83:42:39:3b: + 27:68:8b:fa:e6:5c:60:86:e8:d0:56:5a:79:bc:2a: + ca:a9:0b:f5:89:d5:a3:25:76:c1:71:8b:8a:32:2a: + 27:81:8b:31:a8:f9:a9:6c:62:00:29:cd:6a:7c:2c: + cc:03:34:77:5f:93:e7:f2:1a:8c:a7:78:9a:30:29: + d1:95:3b:60:6b:89:d0:f4:69:b1:82:7c:17:73:b5: + 2b:5a:ef:a6:ec:7b:c7:9b:e3:0a:3c:4c:41:98:ad: + b4:a4:05:30:55:60:59:a9:0d:1c:39:b4:b4:f3:70: + fc:b7:d3:47:e6:44:3f:8f:3e:6e:d0:31:8e:85:ee: + 2f:2c:f5:9d:86:c1:82:77:11:cd:f4:15:a8:78:2a: + 18:9d:b6:2c:1f:96:51:d6:3c:b6:2e:f4:e3:65:d4: + 9f:4e:92:e6:55:18:e2:3e:6e:1e:c5:3d:5d:75:21: + 2c:7a:af:ca:fe:0b:3d:18:96:4c:86:f2:a7:f8:6d: + b3:0f:0d:cb:f7:45:86:bf:88:21:55:f4:1c:cc:a7: + ef:b2:49:13:42:ce:95:74:fa:64:b0:e4:ff:38:da: + 14:ef:5c:10:70:0a:a8:30:4f:22:f8:f9:56:a8:f4: + f7:1f:e9:31:88:4a:7d:ed:11:27:89:49:e7:06:a6: + 5a:d3:27:dc:60:7b:2d:91:5a:48:11:3f:e0:a3:d2: + bd:89:af:c8:a3:84:a0:27:b5:89:98:fd:3c:58:f4: + a8:db:81:7b:ba:08:0b:d5:5f:30:7c:ea:19:d5:77: + df:85:fa:c4:f4:eb:47:ff:70:65:d9:d1:91:79:10: + a7:1b:11:ca:ae:d8:df:bd:f1:f1:54:d9:0d:8b:78: + 1c:60:cd:9e:63:04:05:86:60:ab:19:e7:cf:dd:cf: + ea:3d:0d:ff:81:17:8b:74:5b:85:a9:e4:93:ca:74: + 86:e4:4c:44:d4:0b:06:8d:06:d3:35:4e:f7:ad:2a: + f6:77:d0:76:5c:fc:3c:63:2e:fd:3f:42:41:36:72: + d6:78:3f + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:FALSE + X509v3 Subject Key Identifier: + 39:3B:83:DB:3C:59:8F:5C:66:D8:86:6A:22:F9:F6:6C:B4:29:37:A3 + X509v3 Authority Key Identifier: + keyid:0E:74:B5:09:EC:FB:FA:E7:BA:6B:1A:F6:2B:28:7E:A9:70:DA:D7:18 + + X509v3 Subject Alternative Name: critical + DNS:sha512.server.w1.fi + X509v3 Extended Key Usage: critical + TLS Web Server Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + Signature Algorithm: sha512WithRSAEncryption + 8f:42:08:a0:bc:c1:eb:50:ef:6a:26:b7:3e:54:a6:7a:ad:b0: + 66:d3:1d:4c:d4:bc:63:9f:f9:b8:58:ec:33:82:9a:7e:60:28: + e8:2b:ee:a6:51:46:7f:bf:c4:39:71:8e:a4:d8:11:88:2e:89: + 60:82:4a:d7:e9:a5:6e:cb:ec:4b:79:d4:48:3f:e3:fd:1f:e2: + 6f:7e:43:bf:63:ff:e3:ec:d3:82:7f:bd:2a:3a:66:45:50:d5: + f7:ea:5b:28:4c:b0:f8:89:8a:03:e3:22:6a:eb:ee:09:46:6a: + 8a:c6:c9:a7:62:41:ae:ea:42:5a:7c:16:0a:b3:33:51:5c:b7: + 26:51:68:cb:ec:7e:6e:7c:cd:1b:24:be:c9:91:53:0f:dc:d2: + e0:d3:df:18:05:ca:f6:98:bf:d2:d6:c2:88:8f:93:91:2d:7b: + 6d:3c:56:c2:0d:90:11:93:29:67:5e:c5:b7:c5:0f:e0:b3:09: + d6:60:ca:b5:d5:8d:ff:fd:57:6b:fb:05:23:62:8f:4e:bf:03: + bc:da:ba:81:a3:7f:53:f4:8f:d1:49:1c:e0:32:47:b6:b9:71: + d4:85:5e:a8:44:63:47:1d:9d:6b:34:eb:c5:da:02:2a:5a:07: + 5b:3f:0c:47:f2:a3:54:5d:e0:3a:0c:eb:77:3b:d5:fd:03:1e: + 01:f6:c5:68:3f:d6:ed:cb:f9:4c:03:06:65:a9:9a:39:6b:20: + d7:11:eb:62:c7:09:0d:b0:51:b4:49:ff:3e:02:7d:e4:a1:6b: + 36:bf:f3:04:33:1f:7e:b2:69:af:7d:bb:a8:ef:7f:7e:0b:d3: + 33:4f:8e:61:09:fa:a3:b9:d5:97:8c:0b:90:17:ce:72:52:2a: + de:b8:96:4d:36:c0:b8:d7:7d:9e:56:e0:38:6b:a7:02:a0:90: + 6f:e8:ee:4f:f2:26:f3:6b:a4:75:80:8f:b0:c4:1b:d4:37:49: + 75:4b:d9:ed:2b:11:3c:ed:a8:dd:4b:8f:01:60:4d:26:f4:2d: + 6b:74:d5:75:79:88:2f:18:5e:76:6c:80:2c:eb:da:e2:cc:46: + a1:67:89:f5:f6:29:35:ae:b2:f6:79:a8:c3:43:f6:6a:a3:39: + d7:64:65:b7:bd:a6:c9:2d:60:70:4b:d9:60:1b:a9:a6:5e:b0: + cd:88:02:ae:28:57:b0:46:44:1a:ad:dc:1f:bb:e3:90:db:3c: + 07:a1:bf:a9:31:1c:0d:97:37:78:80:8a:7f:f8:7a:60:0b:0f: + fe:d1:bc:38:ff:b3:72:72:80:e0:65:1d:86:90:b0:f6:7a:38: + 1b:7b:05:b7:d9:f9:44:3e:4a:1c:2b:d4:3a:cc:db:75:20:eb: + 6d:bf:22:4b:83:1c:4f:39 +-----BEGIN CERTIFICATE----- +MIIFYTCCA0mgAwIBAgIJAMPTjNcrAaipMA0GCSqGSIb3DQEBDQUAMFQxCzAJBgNV +BAYTAkZJMREwDwYDVQQHDAhIZWxzaW5raTEOMAwGA1UECgwFdzEuZmkxIjAgBgNV +BAMMGVNIQTM4NCBhbmQgU0hBNTEyIFJvb3QgQ0EwHhcNMTUxMTI5MjIzMzI1WhcN +MjUxMTI2MjIzMzI1WjA7MQswCQYDVQQGEwJGSTEOMAwGA1UECgwFdzEuZmkxHDAa +BgNVBAMME3NoYTUxMi5zZXJ2ZXIudzEuZmkwggHXMA0GCSqGSIb3DQEBAQUAA4IB +xAAwggG/AoIBtgyUrc5DYSg0X9fexaXrNjYldxn7pZsOu+1u2RAbcNNKFPs+XFCi +hLMu/QnNxKv5+n7njugzUIoBg0I5Oydoi/rmXGCG6NBWWnm8KsqpC/WJ1aMldsFx +i4oyKieBizGo+alsYgApzWp8LMwDNHdfk+fyGoyneJowKdGVO2BridD0abGCfBdz +tSta76bse8eb4wo8TEGYrbSkBTBVYFmpDRw5tLTzcPy300fmRD+PPm7QMY6F7i8s +9Z2GwYJ3Ec30Fah4KhidtiwfllHWPLYu9ONl1J9OkuZVGOI+bh7FPV11ISx6r8r+ +Cz0YlkyG8qf4bbMPDcv3RYa/iCFV9BzMp++ySRNCzpV0+mSw5P842hTvXBBwCqgw +TyL4+Vao9Pcf6TGISn3tESeJSecGplrTJ9xgey2RWkgRP+Cj0r2Jr8ijhKAntYmY +/TxY9KjbgXu6CAvVXzB86hnVd9+F+sT060f/cGXZ0ZF5EKcbEcqu2N+98fFU2Q2L +eBxgzZ5jBAWGYKsZ58/dz+o9Df+BF4t0W4Wp5JPKdIbkTETUCwaNBtM1TvetKvZ3 +0HZc/DxjLv0/QkE2ctZ4PwIDAQABo4GZMIGWMAwGA1UdEwEB/wQCMAAwHQYDVR0O +BBYEFDk7g9s8WY9cZtiGaiL59my0KTejMB8GA1UdIwQYMBaAFA50tQns+/rnumsa +9isofqlw2tcYMCEGA1UdEQEB/wQXMBWCE3NoYTUxMi5zZXJ2ZXIudzEuZmkwFgYD +VR0lAQH/BAwwCgYIKwYBBQUHAwEwCwYDVR0PBAQDAgWgMA0GCSqGSIb3DQEBDQUA +A4ICAQCPQgigvMHrUO9qJrc+VKZ6rbBm0x1M1Lxjn/m4WOwzgpp+YCjoK+6mUUZ/ +v8Q5cY6k2BGILolggkrX6aVuy+xLedRIP+P9H+JvfkO/Y//j7NOCf70qOmZFUNX3 +6lsoTLD4iYoD4yJq6+4JRmqKxsmnYkGu6kJafBYKszNRXLcmUWjL7H5ufM0bJL7J +kVMP3NLg098YBcr2mL/S1sKIj5ORLXttPFbCDZARkylnXsW3xQ/gswnWYMq11Y3/ +/Vdr+wUjYo9OvwO82rqBo39T9I/RSRzgMke2uXHUhV6oRGNHHZ1rNOvF2gIqWgdb +PwxH8qNUXeA6DOt3O9X9Ax4B9sVoP9bty/lMAwZlqZo5ayDXEetixwkNsFG0Sf8+ +An3koWs2v/MEMx9+smmvfbuo739+C9MzT45hCfqjudWXjAuQF85yUireuJZNNsC4 +132eVuA4a6cCoJBv6O5P8ibza6R1gI+wxBvUN0l1S9ntKxE87ajdS48BYE0m9C1r +dNV1eYgvGF52bIAs69rizEahZ4n19ik1rrL2eajDQ/ZqoznXZGW3vabJLWBwS9lg +G6mmXrDNiAKuKFewRkQardwfu+OQ2zwHob+pMRwNlzd4gIp/+HpgCw/+0bw4/7Ny +coDgZR2GkLD2ejgbewW32flEPkocK9Q6zNt1IOttvyJLgxxPOQ== +-----END CERTIFICATE----- diff --git a/tests/hwsim/auth_serv/sha512-user.key b/tests/hwsim/auth_serv/sha512-user.key new file mode 100644 index 0000000..5985ea1 --- /dev/null +++ b/tests/hwsim/auth_serv/sha512-user.key @@ -0,0 +1,44 @@ +-----BEGIN PRIVATE KEY----- +MIIHtQIBADANBgkqhkiG9w0BAQEFAASCB58wggebAgEAAoIBqgDEVq3fqyK8sXHD +9eeLAaxkWFeX9PoC8rLx/kuMBuEz/IuY1/JwkPPeOUUXn/fDNQCvS12aGtoyxBHE +ucBF6j6ojz+tGS88Sfzvp+VTjbIdryyd+oMZondO4GIflxCTnY0GE+ZuUeltD9mX +HkGEFwl1Jf9cB3iUXz6X5mTXSeXlmKHL4g34wDMtc+shaINM5G0gJEWl7qebruCp +FFVpGkkjy+QzMpjnwSYJSaC31Y/w9QTjFERdfy0TwmATJ+7mPbhsQ6Rob5olyZBt +6a4pXdjbJm/7RAW4ov11NV0aChHzAkv1hC62Gmp51PamFu7VrxrZ9TlzNGQnJied +IqpuK0C/eap7zjtlbsgkkOwkKZiHWf7l/opJ8yWX524STzd+ekA5EoUr7YDd0Ig1 +UYkxvIsLIza7+hOyq6ugcNeZuurCOE4OG+GGTLFSpu+FqBfS/DqptZ3xxQINKugI +g9srE1scoP8ZvKyclHgqLZPXJZM0fZnkPEzN9EK84vPH7D387cX2LMBO/6vudL/F +VTDwdLSbvKw9lwsnNP7hiy8LUIqk+3vhClWztNwd4QIDAQABAoIBqX/9zZ1or914 +g6RuksHglmRX3spVzgHL+3GcB93Bwl+ke9Bovkg5hnDQvsTW6KpdzBN6OwuyA5pi +jP7E5J3vRWeW8rjCGTPhO71zoyDj10BYqOpXm81DRympRu43CXxhkcRrhqVWSqhp +U7ya4bTdW7H90klJKYb3zBM0A3sBVphk9ty1gcwuZ25zCc4elrGym5z/aFPyj1sD +FrvCYKeCljl6uknR6zHxjP0y/U26L/qxj70Ewkh9FoKyDPWP68I2bBpPwka+sit+ +CeRNGNcosayzkv6m2BcPm3LZMzLouoWCkAszYhwXhAqSHQzFNqoCv/IW68qYGVgr +XtKbDB/SYGbatP2+SIbPt3oW907yW/Zfv7hDvSZF3BNEVooPC6f6NWHTdGBLHCWJ +1FvBWpSKF2uwy+s6aV2YTdB5S0myE7p9KlY/SZiHSNjWt16puC6mHyOpBc2yEGGi +zCCANSxUEg1C6EKquk8bfJ/6WRnnEt96d5DFRFMKHDFEIxITThQDIcITuh8YLLBM +fPDMc2HxSR5fyfkgR9wj7+hxHSoRmWNnnAnm2kr5SwMBAoHVDpslqXfYhhtcdrCm +NqJpQxHqCYHiWLDCGl52Tjyq21quYQC4IDPk1qb9bIUjw9cYk0OlSY1tT+0z2DfG +iN7lWSjVqlxXZihjQIkh1d2UV2SQHuAqnWnDSRwKjkWmDzLPFM4ZC52x7ZH54Rba +iEnSDOy59Kuw05gE0+ia1AEROSmV5ROgFevEnwp3fX7/T0e9cEr5+z3LyNDY/6I4 +PHgBN9/OXhbBO+rWSFEEezQ8JEu5DfgZ9vAN8y3dNoRZcsYR/mafimygcVhKwySj +hDi/lEoVcxIxAoHVDXE5jfRVrdKSIVMkngFuMM+p8IItpDDX3MHmFzqW8PDZu/BD +VdqKa3Thc9f/rPwdUwOIFUfUxqIZum8n809rkAtBhxcases+E3NcHESulnM4kJNO +gVS0TdfdaANeLXxd6zuXgxsxXU/omdqH2ZqlSFy2VvQncNJov1s6R6m5y22aOKdu +fdgA9suzEh3PAHhqVRXGEGXakbJg/irVX15odZMn0jume5+2ajWyt6skoCR1UI9H +FMHU5KS3mpFba7L1sG39dZS5C4R4sV3Vz4NpTtnTuKqxAoHVBcDn3RHwoSM2ESsU +zoC7pkfwQT6Awx8d1vVO9RLA2xeliWCXJ1hJ1KSDP7RSmlqou5nyCj9DyDBQM+QE +uPXUsoJ7aFhntT5DmrBqO6zFOofKnd7/6nI3Ex2QquqUt3f0SuXEx+aeqE7Qd/Jg +sz8hFyZJOjBHv5IqlK8UDl89QZ84BLzuWrQ9B8k/uJfGSpyf6xQd1PJKzBg44ros +HOXI1RG8YSPlioy/TE1dzoqNBl8tzmrlD3kQhbKTaV5JPgT4IZabUhPoP73f9W8B +WpxgGzHzsRiBAoHVAiizU8dwk3CEo/GUqgQUzKYt50EhT4PAx+YkrIpuf9hPQE5A +omNtZADrzQ1eNUxw8UpZ6wEUfaq/cyAzTHLvFb2ZErd1RCpCWCFpI+ksGWH8Lcxb +CY6vPuly2CfiUm/tLcDuftI5RYF2HG/q7dpWvZ6WcrTYONiyljlyzNvHyZKa+Ip7 +xp6Q2RKyejBrdOniOjQ7EZsqVchOp8P9bUnegTPXa37FKInoZHqnb7R/N3FjnkLE +6eKP7QE/tAWwp0WhDGs+EEqIxf7K28H0e1Xh7hYyWTChAoHVBn76/JDy92nDEWjG +JkEJBeh88mT6ocKvFYbKrSAjBpFrPiTbHJ6Md0duRgvSB2ikGQnJfESz7Q/M5bdo +Ssy0qH9Paugbye4FgVwQCECkfJkB3Ijn9VuR+8cdoCySXPzhWDU6UXh5taSvsHvT +LRLyBjFC/6UTsElVCam28aujJmNI7X+LbXBij4a3J8nXO3BFqK8HIopeG2z1lyBi +fgtLN2fTl6adq8lDYxoMBPmrEmob5lKwCPsOMCLz50WEacNK8CFZ6QUiwx1ZhJeA +HR9JilLQkZRY +-----END PRIVATE KEY----- diff --git a/tests/hwsim/auth_serv/sha512-user.pem b/tests/hwsim/auth_serv/sha512-user.pem new file mode 100644 index 0000000..df2a0bd --- /dev/null +++ b/tests/hwsim/auth_serv/sha512-user.pem @@ -0,0 +1,119 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 14110776913249282219 (0xc3d38cd72b01a8ab) + Signature Algorithm: sha512WithRSAEncryption + Issuer: C=FI, L=Helsinki, O=w1.fi, CN=SHA384 and SHA512 Root CA + Validity + Not Before: Nov 29 22:33:25 2015 GMT + Not After : Nov 26 22:33:25 2025 GMT + Subject: C=FI, O=w1.fi, CN=user-sha512 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (3400 bit) + Modulus: + 00:c4:56:ad:df:ab:22:bc:b1:71:c3:f5:e7:8b:01: + ac:64:58:57:97:f4:fa:02:f2:b2:f1:fe:4b:8c:06: + e1:33:fc:8b:98:d7:f2:70:90:f3:de:39:45:17:9f: + f7:c3:35:00:af:4b:5d:9a:1a:da:32:c4:11:c4:b9: + c0:45:ea:3e:a8:8f:3f:ad:19:2f:3c:49:fc:ef:a7: + e5:53:8d:b2:1d:af:2c:9d:fa:83:19:a2:77:4e:e0: + 62:1f:97:10:93:9d:8d:06:13:e6:6e:51:e9:6d:0f: + d9:97:1e:41:84:17:09:75:25:ff:5c:07:78:94:5f: + 3e:97:e6:64:d7:49:e5:e5:98:a1:cb:e2:0d:f8:c0: + 33:2d:73:eb:21:68:83:4c:e4:6d:20:24:45:a5:ee: + a7:9b:ae:e0:a9:14:55:69:1a:49:23:cb:e4:33:32: + 98:e7:c1:26:09:49:a0:b7:d5:8f:f0:f5:04:e3:14: + 44:5d:7f:2d:13:c2:60:13:27:ee:e6:3d:b8:6c:43: + a4:68:6f:9a:25:c9:90:6d:e9:ae:29:5d:d8:db:26: + 6f:fb:44:05:b8:a2:fd:75:35:5d:1a:0a:11:f3:02: + 4b:f5:84:2e:b6:1a:6a:79:d4:f6:a6:16:ee:d5:af: + 1a:d9:f5:39:73:34:64:27:26:27:9d:22:aa:6e:2b: + 40:bf:79:aa:7b:ce:3b:65:6e:c8:24:90:ec:24:29: + 98:87:59:fe:e5:fe:8a:49:f3:25:97:e7:6e:12:4f: + 37:7e:7a:40:39:12:85:2b:ed:80:dd:d0:88:35:51: + 89:31:bc:8b:0b:23:36:bb:fa:13:b2:ab:ab:a0:70: + d7:99:ba:ea:c2:38:4e:0e:1b:e1:86:4c:b1:52:a6: + ef:85:a8:17:d2:fc:3a:a9:b5:9d:f1:c5:02:0d:2a: + e8:08:83:db:2b:13:5b:1c:a0:ff:19:bc:ac:9c:94: + 78:2a:2d:93:d7:25:93:34:7d:99:e4:3c:4c:cd:f4: + 42:bc:e2:f3:c7:ec:3d:fc:ed:c5:f6:2c:c0:4e:ff: + ab:ee:74:bf:c5:55:30:f0:74:b4:9b:bc:ac:3d:97: + 0b:27:34:fe:e1:8b:2f:0b:50:8a:a4:fb:7b:e1:0a: + 55:b3:b4:dc:1d:e1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 2F:60:49:97:43:3C:7A:7E:22:C1:44:0B:43:78:D4:9D:7C:DF:A6:12 + X509v3 Authority Key Identifier: + keyid:0E:74:B5:09:EC:FB:FA:E7:BA:6B:1A:F6:2B:28:7E:A9:70:DA:D7:18 + + X509v3 Subject Alternative Name: + email:user-sha512@w1.fi + X509v3 Extended Key Usage: + TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + Signature Algorithm: sha512WithRSAEncryption + 9d:58:98:97:95:49:c5:bc:be:f2:1d:01:65:ff:2b:5c:24:81: + 71:87:05:3e:11:1d:2f:f2:16:12:d3:0e:36:72:af:87:6b:81: + c1:7c:aa:c8:be:be:a7:90:2c:7b:35:7c:0f:8b:67:e2:9c:da: + 26:ad:09:fc:56:28:78:3b:3a:00:91:8d:f9:d1:39:a2:c5:3f: + e4:97:42:70:5c:93:93:23:5f:01:67:37:b7:d9:12:0c:14:dd: + 9d:73:be:9e:46:47:90:21:26:6d:0e:4c:af:0b:80:41:06:94: + 86:ef:49:66:1c:70:83:9c:1b:71:83:16:38:22:f5:a0:47:09: + bd:69:0f:9f:5b:19:1b:d4:44:f5:15:65:d5:6c:2b:d1:8c:c7: + 3a:f4:a7:22:b0:53:e0:27:ff:06:c6:37:a7:cf:a6:25:2a:d4: + 24:90:3e:46:59:6a:9b:dd:57:71:d1:79:3a:e2:6c:b5:22:19: + 0f:dd:e6:d4:04:eb:fc:65:98:da:fd:e3:7c:04:d6:a0:2a:9e: + 19:d8:aa:44:a7:8e:c6:7d:35:00:e5:ac:24:2f:ec:53:0a:7b: + 3d:bc:67:f3:23:95:fd:98:8b:ba:ac:e0:25:90:b2:38:e1:bb: + 62:a3:0c:39:bb:3b:79:40:53:91:20:10:86:88:f3:ae:ba:5a: + 7a:eb:61:72:4d:3b:cc:fc:1c:ff:86:fb:6a:83:b8:ca:9a:34: + dc:66:46:e7:d9:39:59:a1:91:a9:d2:b9:38:c7:84:b9:23:10: + a6:21:e3:de:a1:56:90:bd:63:48:c7:10:d6:2d:2d:e0:90:ba: + 19:3a:57:c4:ea:e4:d8:62:f3:84:c4:dd:a9:e9:fe:07:33:dc: + ed:7e:27:9d:4a:9e:d4:3d:12:35:84:f0:df:cf:d3:8d:7c:f8: + 2d:cd:2b:24:70:92:40:b1:9f:38:b5:b1:34:b5:47:1b:19:6c: + 5a:a2:ce:04:5a:e6:ce:a4:18:11:88:2c:d6:53:80:3d:87:88: + 5b:89:63:47:0e:ed:52:7b:49:7f:0b:31:66:9c:54:5f:08:7d: + d7:e3:6e:6c:d6:12:a0:a8:cf:d9:69:6a:53:10:bf:67:d6:0c: + 2e:8e:6a:9a:35:c6:0a:bd:ee:28:2b:9f:d9:af:89:0f:19:5f: + 23:d2:f8:ce:04:69:78:a8:a3:33:3d:dc:d7:09:77:cb:51:8c: + 80:0e:aa:07:60:34:32:b1:b7:e6:04:1c:5d:8e:53:1f:be:fe: + 49:8a:21:a2:d8:f0:f8:ce:70:a4:b7:6e:90:ec:9d:68:f7:33: + 08:67:59:d7:ff:f6:20:00:f5:51:79:66:e6:35:bd:29:85:62: + d3:e1:3a:1c:b3:8c:ef:8d +-----BEGIN CERTIFICATE----- +MIIFQjCCAyqgAwIBAgIJAMPTjNcrAairMA0GCSqGSIb3DQEBDQUAMFQxCzAJBgNV +BAYTAkZJMREwDwYDVQQHDAhIZWxzaW5raTEOMAwGA1UECgwFdzEuZmkxIjAgBgNV +BAMMGVNIQTM4NCBhbmQgU0hBNTEyIFJvb3QgQ0EwHhcNMTUxMTI5MjIzMzI1WhcN +MjUxMTI2MjIzMzI1WjAzMQswCQYDVQQGEwJGSTEOMAwGA1UECgwFdzEuZmkxFDAS +BgNVBAMMC3VzZXItc2hhNTEyMIIByzANBgkqhkiG9w0BAQEFAAOCAbgAMIIBswKC +AaoAxFat36sivLFxw/XniwGsZFhXl/T6AvKy8f5LjAbhM/yLmNfycJDz3jlFF5/3 +wzUAr0tdmhraMsQRxLnAReo+qI8/rRkvPEn876flU42yHa8snfqDGaJ3TuBiH5cQ +k52NBhPmblHpbQ/Zlx5BhBcJdSX/XAd4lF8+l+Zk10nl5Zihy+IN+MAzLXPrIWiD +TORtICRFpe6nm67gqRRVaRpJI8vkMzKY58EmCUmgt9WP8PUE4xREXX8tE8JgEyfu +5j24bEOkaG+aJcmQbemuKV3Y2yZv+0QFuKL9dTVdGgoR8wJL9YQuthpqedT2phbu +1a8a2fU5czRkJyYnnSKqbitAv3mqe847ZW7IJJDsJCmYh1n+5f6KSfMll+duEk83 +fnpAORKFK+2A3dCINVGJMbyLCyM2u/oTsquroHDXmbrqwjhODhvhhkyxUqbvhagX +0vw6qbWd8cUCDSroCIPbKxNbHKD/GbysnJR4Ki2T1yWTNH2Z5DxMzfRCvOLzx+w9 +/O3F9izATv+r7nS/xVUw8HS0m7ysPZcLJzT+4YsvC1CKpPt74QpVs7TcHeECAwEA +AaOBjjCBizAJBgNVHRMEAjAAMB0GA1UdDgQWBBQvYEmXQzx6fiLBRAtDeNSdfN+m +EjAfBgNVHSMEGDAWgBQOdLUJ7Pv657prGvYrKH6pcNrXGDAcBgNVHREEFTATgRF1 +c2VyLXNoYTUxMkB3MS5maTATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMC +BaAwDQYJKoZIhvcNAQENBQADggIBAJ1YmJeVScW8vvIdAWX/K1wkgXGHBT4RHS/y +FhLTDjZyr4drgcF8qsi+vqeQLHs1fA+LZ+Kc2iatCfxWKHg7OgCRjfnROaLFP+SX +QnBck5MjXwFnN7fZEgwU3Z1zvp5GR5AhJm0OTK8LgEEGlIbvSWYccIOcG3GDFjgi +9aBHCb1pD59bGRvURPUVZdVsK9GMxzr0pyKwU+An/wbGN6fPpiUq1CSQPkZZapvd +V3HReTribLUiGQ/d5tQE6/xlmNr943wE1qAqnhnYqkSnjsZ9NQDlrCQv7FMKez28 +Z/Mjlf2Yi7qs4CWQsjjhu2KjDDm7O3lAU5EgEIaI8666WnrrYXJNO8z8HP+G+2qD +uMqaNNxmRufZOVmhkanSuTjHhLkjEKYh496hVpC9Y0jHENYtLeCQuhk6V8Tq5Nhi +84TE3anp/gcz3O1+J51KntQ9EjWE8N/P0418+C3NKyRwkkCxnzi1sTS1RxsZbFqi +zgRa5s6kGBGILNZTgD2HiFuJY0cO7VJ7SX8LMWacVF8IfdfjbmzWEqCoz9lpalMQ +v2fWDC6Oapo1xgq97igrn9mviQ8ZXyPS+M4EaXioozM93NcJd8tRjIAOqgdgNDKx +t+YEHF2OUx++/kmKIaLY8PjOcKS3bpDsnWj3MwhnWdf/9iAA9VF5ZuY1vSmFYtPh +OhyzjO+N +-----END CERTIFICATE----- diff --git a/tests/hwsim/test_ap_eap.py b/tests/hwsim/test_ap_eap.py index 84f2e62..2f6f51e 100644 --- a/tests/hwsim/test_ap_eap.py +++ b/tests/hwsim/test_ap_eap.py @@ -4230,3 +4230,45 @@ def test_ap_wpa2_eap_sim_db(dev, apdev, params): dev[0].wait_connected() dev[0].request("DISCONNECT") dev[0].wait_disconnected() + +def test_eap_tls_sha512(dev, apdev, params): + """EAP-TLS with SHA512 signature""" + params = int_eap_server_params() + params["ca_cert"] = "auth_serv/sha512-ca.pem" + params["server_cert"] = "auth_serv/sha512-server.pem" + params["private_key"] = "auth_serv/sha512-server.key" + hostapd.add_ap(apdev[0]['ifname'], params) + + dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TLS", + identity="tls user sha512", + ca_cert="auth_serv/sha512-ca.pem", + client_cert="auth_serv/sha512-user.pem", + private_key="auth_serv/sha512-user.key", + scan_freq="2412") + dev[1].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TLS", + identity="tls user sha512", + ca_cert="auth_serv/sha512-ca.pem", + client_cert="auth_serv/sha384-user.pem", + private_key="auth_serv/sha384-user.key", + scan_freq="2412") + +def test_eap_tls_sha384(dev, apdev, params): + """EAP-TLS with SHA384 signature""" + params = int_eap_server_params() + params["ca_cert"] = "auth_serv/sha512-ca.pem" + params["server_cert"] = "auth_serv/sha384-server.pem" + params["private_key"] = "auth_serv/sha384-server.key" + hostapd.add_ap(apdev[0]['ifname'], params) + + dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TLS", + identity="tls user sha512", + ca_cert="auth_serv/sha512-ca.pem", + client_cert="auth_serv/sha512-user.pem", + private_key="auth_serv/sha512-user.key", + scan_freq="2412") + dev[1].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TLS", + identity="tls user sha512", + ca_cert="auth_serv/sha512-ca.pem", + client_cert="auth_serv/sha384-user.pem", + private_key="auth_serv/sha384-user.key", + scan_freq="2412") -- 2.1.4