Merged the hostap_2.6 updates, and the Leap of Faith work, from the hostap_update...

[mech_eap.git] / libeap / tests / hwsim / auth_serv / ec-ca-openssl.cnf
diff --git a/libeap/tests/hwsim/auth_serv/ec-ca-openssl.cnf b/libeap/tests/hwsim/auth_serv/ec-ca-openssl.cnf

new file mode 100644 (file)

index 0000000..23467b6
--- /dev/null
+++ b/libeap/tests/hwsim/auth_serv/ec-ca-openssl.cnf
@@ -0,0 +1,111 @@
+# OpenSSL configuration file for Suite B
+
+HOME                   = .
+RANDFILE               = $ENV::HOME/.rnd
+oid_section            = new_oids
+
+[ new_oids ]
+
+[ ca ]
+default_ca     = CA_default
+
+[ CA_default ]
+
+dir            = ./ec-ca
+certs          = $dir/certs
+crl_dir                = $dir/crl
+database       = $dir/index.txt
+#unique_subject        = no
+new_certs_dir  = $dir/newcerts
+certificate    = $dir/cacert.pem
+serial         = $dir/serial
+crlnumber      = $dir/crlnumber
+crl            = $dir/crl.pem
+private_key    = $dir/private/cakey.pem
+RANDFILE       = $dir/private/.rand
+
+x509_extensions        = ext_client
+
+name_opt       = ca_default
+cert_opt       = ca_default
+
+copy_extensions = copy
+
+default_days   = 3650
+default_crl_days= 30
+default_md     = default
+preserve       = no
+
+policy         = policy_match
+
+[ policy_match ]
+countryName            = match
+stateOrProvinceName    = optional
+organizationName       = match
+organizationalUnitName = optional
+commonName             = supplied
+#emailAddress          = optional
+
+[ policy_anything ]
+countryName            = optional
+stateOrProvinceName    = optional
+localityName           = optional
+organizationName       = optional
+organizationalUnitName = optional
+commonName             = supplied
+#emailAddress          = optional
+
+[ req ]
+distinguished_name     = req_distinguished_name
+attributes             = req_attributes
+x509_extensions        = v3_ca
+
+string_mask = utf8only
+
+[ req_distinguished_name ]
+countryName                    = Country Name (2 letter code)
+countryName_default            = FI
+countryName_min                        = 2
+countryName_max                        = 2
+
+localityName                   = Locality Name (eg, city)
+localityName_default           = Helsinki
+
+0.organizationName             = Organization Name (eg, company)
+0.organizationName_default     = w1.fi
+
+commonName                     = Common Name (e.g. server FQDN or YOUR name)
+#@CN@
+commonName_max                 = 64
+
+[ req_attributes ]
+
+[ v3_ca ]
+
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer
+basicConstraints = critical, CA:true, pathlen:0
+keyUsage = critical, cRLSign, keyCertSign
+
+[ crl_ext ]
+
+# issuerAltName=issuer:copy
+authorityKeyIdentifier=keyid:always
+
+[ ext_client ]
+
+basicConstraints=CA:FALSE
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer
+#@ALTNAME@
+extendedKeyUsage = clientAuth
+keyUsage = digitalSignature, keyEncipherment
+
+[ ext_server ]
+
+basicConstraints=critical, CA:FALSE
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer
+#@ALTNAME@
+extendedKeyUsage = critical, serverAuth
+keyUsage = digitalSignature, keyEncipherment