From: Jouni Malinen Date: Fri, 30 Sep 2016 19:03:40 +0000 (+0300) Subject: tests: Update server and user certificates (2015) X-Git-Tag: hostap_2_6~13 X-Git-Url: http://www.project-moonshot.org/gitweb/?p=mech_eap.git;a=commitdiff_plain;h=5b71cb552bc0def1149acf2a89a1847606702f22 tests: Update server and user certificates (2015) The previous versions expired, so need to re-sign these to fix number of the EAP test cases. Signed-off-by: Jouni Malinen --- diff --git a/tests/hwsim/auth_serv/index.txt b/tests/hwsim/auth_serv/index.txt index 16c444b..06a2bf4 100644 --- a/tests/hwsim/auth_serv/index.txt +++ b/tests/hwsim/auth_serv/index.txt @@ -4,5 +4,5 @@ V 140102000000Z D8D3E3A6CBE3CCCA unknown /C=FI/O=w1.fi/CN=server4.w1.fi V 150215083008Z D8D3E3A6CBE3CCCB unknown /C=FI/O=w1.fi/CN=server5.w1.fi V 150228224144Z D8D3E3A6CBE3CCCC unknown /C=FI/O=w1.fi/CN=server6.w1.fi V 160111185024Z D8D3E3A6CBE3CCCD unknown /C=FI/O=w1.fi/CN=ocsp.w1.fi -V 160929212846Z D8D3E3A6CBE3CCE2 unknown /C=FI/O=w1.fi/CN=server.w1.fi +V 170930181357Z D8D3E3A6CBE3CCE9 unknown /C=FI/O=w1.fi/CN=server.w1.fi V 150929211300Z D8D3E3A6CBE3CCD1 unknown /C=FI/O=w1.fi/CN=Test User diff --git a/tests/hwsim/auth_serv/ocsp-req.der b/tests/hwsim/auth_serv/ocsp-req.der index 734930c..974ed1e 100644 Binary files a/tests/hwsim/auth_serv/ocsp-req.der and b/tests/hwsim/auth_serv/ocsp-req.der differ diff --git a/tests/hwsim/auth_serv/ocsp-server-cache.der b/tests/hwsim/auth_serv/ocsp-server-cache.der index 1db8221..4b2fd1f 100644 Binary files a/tests/hwsim/auth_serv/ocsp-server-cache.der and b/tests/hwsim/auth_serv/ocsp-server-cache.der differ diff --git a/tests/hwsim/auth_serv/server-extra.pkcs12 b/tests/hwsim/auth_serv/server-extra.pkcs12 index c172cb3..1ae6ce5 100644 Binary files a/tests/hwsim/auth_serv/server-extra.pkcs12 and b/tests/hwsim/auth_serv/server-extra.pkcs12 differ diff --git a/tests/hwsim/auth_serv/server.pem b/tests/hwsim/auth_serv/server.pem index d0088fa..b0458b9 100644 --- a/tests/hwsim/auth_serv/server.pem +++ b/tests/hwsim/auth_serv/server.pem @@ -1,12 +1,12 @@ Certificate: Data: Version: 3 (0x2) - Serial Number: 15624081837803162850 (0xd8d3e3a6cbe3cce2) + Serial Number: 15624081837803162857 (0xd8d3e3a6cbe3cce9) Signature Algorithm: sha256WithRSAEncryption Issuer: C=FI, O=w1.fi, CN=Root CA Validity - Not Before: Sep 30 21:28:46 2015 GMT - Not After : Sep 29 21:28:46 2016 GMT + Not Before: Sep 30 18:13:57 2016 GMT + Not After : Sep 30 18:13:57 2017 GMT Subject: C=FI, O=w1.fi, CN=server.w1.fi Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -38,18 +38,18 @@ Certificate: X509v3 Extended Key Usage: TLS Web Server Authentication Signature Algorithm: sha256WithRSAEncryption - 48:4d:b8:be:72:ad:1c:4c:e8:9c:d9:0c:2c:77:ac:b2:60:20: - 96:15:51:9d:0e:41:8c:79:8d:43:e8:01:af:9f:4b:c8:26:89: - f9:17:38:90:d0:b9:d1:14:13:57:ba:ce:ce:3b:55:b0:90:20: - f8:1e:d2:f0:32:98:6b:fc:55:f4:36:c1:55:9b:1b:55:26:26: - dd:5f:0f:38:73:76:64:7d:61:36:ad:c8:86:e6:2f:3f:12:fe: - d2:4c:cd:6e:57:4f:ab:3a:22:a1:0b:c9:5b:46:4e:43:71:dd: - 1c:b3:38:af:5c:69:a1:6b:90:59:c0:1e:f8:3e:9d:f4:23:b8: - d4:a9 + 24:da:48:be:a8:ae:6e:25:ed:12:bd:f5:a3:32:1f:40:4c:ab: + 50:87:23:b1:46:45:b0:e5:9b:02:ad:c9:d3:fb:c0:52:78:b5: + 91:2a:d4:8f:f8:c8:a4:48:b4:66:f7:2e:f1:cf:8c:3a:7a:54: + fc:e2:41:a7:af:e3:d1:66:d6:02:d8:93:de:52:b2:c2:6e:d9: + 7a:bd:8c:ce:e5:dc:3b:0b:7a:f6:fc:a0:4e:9c:64:84:14:3f: + 9b:24:fc:d0:8f:9c:78:c8:57:0f:32:dd:ed:97:f1:c1:a2:b3: + 0a:14:9e:c8:35:68:30:1a:10:22:14:66:4a:6b:a4:47:b4:c6: + 4f:3b -----BEGIN CERTIFICATE----- -MIIClTCCAf6gAwIBAgIJANjT46bL48ziMA0GCSqGSIb3DQEBCwUAMC8xCzAJBgNV -BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xNTA5 -MzAyMTI4NDZaFw0xNjA5MjkyMTI4NDZaMDQxCzAJBgNVBAYTAkZJMQ4wDAYDVQQK +MIIClTCCAf6gAwIBAgIJANjT46bL48zpMA0GCSqGSIb3DQEBCwUAMC8xCzAJBgNV +BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xNjA5 +MzAxODEzNTdaFw0xNzA5MzAxODEzNTdaMDQxCzAJBgNVBAYTAkZJMQ4wDAYDVQQK DAV3MS5maTEVMBMGA1UEAwwMc2VydmVyLncxLmZpMIGfMA0GCSqGSIb3DQEBAQUA A4GNADCBiQKBgQC6oHdVIhSFVWWbZCyt7ZvdZTHJ2mBQzjjWNNzovBueMOcS41Ns ye1IA3mBaZjOirh3RzZFz8bg8XsecYlU9wHMIq2gQrGoNZ5gqjqYUdD/H+6+jQpj @@ -58,7 +58,7 @@ o4GzMIGwMAkGA1UdEwQCMAAwHQYDVR0OBBYEFDFPEFxnn75OiNbcxaueEoiGaQJP MB8GA1UdIwQYMBaAFLiS3v2KGLMww59V8zNdtMgpikEUMDUGCCsGAQUFBwEBBCkw JzAlBggrBgEFBQcwAYYZaHR0cDovL3NlcnZlci53MS5maTo4ODg4LzAXBgNVHREE EDAOggxzZXJ2ZXIudzEuZmkwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcN -AQELBQADgYEASE24vnKtHEzonNkMLHessmAglhVRnQ5BjHmNQ+gBr59LyCaJ+Rc4 -kNC50RQTV7rOzjtVsJAg+B7S8DKYa/xV9DbBVZsbVSYm3V8POHN2ZH1hNq3IhuYv -PxL+0kzNbldPqzoioQvJW0ZOQ3HdHLM4r1xpoWuQWcAe+D6d9CO41Kk= +AQELBQADgYEAJNpIvqiubiXtEr31ozIfQEyrUIcjsUZFsOWbAq3J0/vAUni1kSrU +j/jIpEi0Zvcu8c+MOnpU/OJBp6/j0WbWAtiT3lKywm7Zer2MzuXcOwt69vygTpxk +hBQ/myT80I+ceMhXDzLd7ZfxwaKzChSeyDVoMBoQIhRmSmukR7TGTzs= -----END CERTIFICATE----- diff --git a/tests/hwsim/auth_serv/server.pkcs12 b/tests/hwsim/auth_serv/server.pkcs12 index 1596e2a..a2f360a 100644 Binary files a/tests/hwsim/auth_serv/server.pkcs12 and b/tests/hwsim/auth_serv/server.pkcs12 differ diff --git a/tests/hwsim/auth_serv/user.pem b/tests/hwsim/auth_serv/user.pem index 68f9dfc..81a0860 100644 --- a/tests/hwsim/auth_serv/user.pem +++ b/tests/hwsim/auth_serv/user.pem @@ -1,12 +1,12 @@ Certificate: Data: Version: 3 (0x2) - Serial Number: 15624081837803162848 (0xd8d3e3a6cbe3cce0) + Serial Number: 15624081837803162859 (0xd8d3e3a6cbe3cceb) Signature Algorithm: sha256WithRSAEncryption Issuer: C=FI, O=w1.fi, CN=Root CA Validity - Not Before: Sep 30 21:07:18 2015 GMT - Not After : Sep 29 21:07:18 2016 GMT + Not Before: Sep 30 18:20:27 2016 GMT + Not After : Sep 30 18:20:27 2017 GMT Subject: C=FI, O=w1.fi, CN=Test User Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -36,18 +36,18 @@ Certificate: X509v3 Extended Key Usage: TLS Web Client Authentication Signature Algorithm: sha256WithRSAEncryption - 27:11:93:4d:7b:a5:ce:2a:16:87:76:ea:c5:42:df:6c:c0:f7: - 77:a9:3e:e9:4f:c7:a2:10:d1:47:53:f0:b1:c4:3f:b8:6a:65: - b9:24:de:6b:ad:46:9d:7c:dc:e5:1e:4f:5b:e3:13:6d:e5:12: - 94:59:33:17:6f:25:c6:b7:56:3a:1a:7c:78:17:bb:4e:e9:82: - 19:cc:00:b0:44:4f:29:0a:ac:bd:9b:b4:db:41:e0:22:a9:36: - d5:02:2d:14:c2:b0:61:aa:b7:3f:f4:26:b5:5c:5c:38:a6:4a: - f7:f2:2a:3f:b2:33:10:a1:fb:68:b1:61:ac:3a:f9:b1:20:f8: - e5:97 + 47:2e:3d:23:86:d0:3e:fb:b5:7f:d6:32:6b:12:fb:7c:76:78: + ec:82:db:ab:fa:5e:0f:1d:97:36:f9:de:b3:cb:fd:08:9e:d5: + cd:3d:97:78:c5:00:ce:78:f1:39:3b:84:c9:d0:e6:17:58:ed: + ac:e2:d2:a8:7a:fd:b9:19:a4:1c:57:08:17:8c:7f:70:88:82: + d5:89:0f:1e:18:22:6d:62:69:4c:12:92:32:bc:cc:1b:a0:05: + bc:af:7f:53:a9:dc:a9:55:48:e0:28:34:3e:60:3f:82:16:ac: + 70:a1:01:e7:75:cf:a0:72:ad:39:ad:52:65:a8:64:fa:7f:11: + f2:f5 -----BEGIN CERTIFICATE----- -MIICeTCCAeKgAwIBAgIJANjT46bL48zgMA0GCSqGSIb3DQEBCwUAMC8xCzAJBgNV -BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xNTA5 -MzAyMTA3MThaFw0xNjA5MjkyMTA3MThaMDExCzAJBgNVBAYTAkZJMQ4wDAYDVQQK +MIICeTCCAeKgAwIBAgIJANjT46bL48zrMA0GCSqGSIb3DQEBCwUAMC8xCzAJBgNV +BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xNjA5 +MzAxODIwMjdaFw0xNzA5MzAxODIwMjdaMDExCzAJBgNVBAYTAkZJMQ4wDAYDVQQK DAV3MS5maTESMBAGA1UEAwwJVGVzdCBVc2VyMIGfMA0GCSqGSIb3DQEBAQUAA4GN ADCBiQKBgQCmli6bIozflL6LiUn2eHaiYH4UlfOW/qsZJQM0ZHQBPqiffPFHYWBM gpIofCugDsuHv1nr1/NhIjsU86sx9lqVH7h6uCw8qWFTeJvoPlDswtZE50PNvD5O @@ -55,8 +55,8 @@ gpIofCugDsuHv1nr1/NhIjsU86sx9lqVH7h6uCw8qWFTeJvoPlDswtZE50PNvD5O MIGXMAkGA1UdEwQCMAAwHQYDVR0OBBYEFIHe3+laABrKZ9YG3WWyTsWaBEN9MB8G A1UdIwQYMBaAFLiS3v2KGLMww59V8zNdtMgpikEUMDUGCCsGAQUFBwEBBCkwJzAl BggrBgEFBQcwAYYZaHR0cDovL3NlcnZlci53MS5maTo4ODg4LzATBgNVHSUEDDAK -BggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOBgQAnEZNNe6XOKhaHdurFQt9swPd3 -qT7pT8eiENFHU/CxxD+4amW5JN5rrUadfNzlHk9b4xNt5RKUWTMXbyXGt1Y6Gnx4 -F7tO6YIZzACwRE8pCqy9m7TbQeAiqTbVAi0UwrBhqrc/9Ca1XFw4pkr38io/sjMQ -oftosWGsOvmxIPjllw== +BggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOBgQBHLj0jhtA++7V/1jJrEvt8dnjs +gtur+l4PHZc2+d6zy/0IntXNPZd4xQDOePE5O4TJ0OYXWO2s4tKoev25GaQcVwgX +jH9wiILViQ8eGCJtYmlMEpIyvMwboAW8r39TqdypVUjgKDQ+YD+CFqxwoQHndc+g +cq05rVJlqGT6fxHy9Q== -----END CERTIFICATE----- diff --git a/tests/hwsim/auth_serv/user.pkcs12 b/tests/hwsim/auth_serv/user.pkcs12 index 4b66ac2..a1d6366 100644 Binary files a/tests/hwsim/auth_serv/user.pkcs12 and b/tests/hwsim/auth_serv/user.pkcs12 differ diff --git a/tests/hwsim/auth_serv/user2.pkcs12 b/tests/hwsim/auth_serv/user2.pkcs12 index 92904f1..67ef81c 100644 Binary files a/tests/hwsim/auth_serv/user2.pkcs12 and b/tests/hwsim/auth_serv/user2.pkcs12 differ diff --git a/tests/hwsim/auth_serv/user3.pkcs12 b/tests/hwsim/auth_serv/user3.pkcs12 index ea121ed..c9ed0b4 100644 Binary files a/tests/hwsim/auth_serv/user3.pkcs12 and b/tests/hwsim/auth_serv/user3.pkcs12 differ diff --git a/tests/hwsim/start.sh b/tests/hwsim/start.sh index a2885e4..1d2d507 100755 --- a/tests/hwsim/start.sh +++ b/tests/hwsim/start.sh @@ -162,7 +162,7 @@ for i in unknown revoked; do done openssl ocsp -reqout $LOGDIR/ocsp-req.der -issuer $DIR/auth_serv/ca.pem \ - -serial 0xD8D3E3A6CBE3CCE2 -no_nonce -sha256 >> $LOGDIR/ocsp.log 2>&1 + -serial 0xD8D3E3A6CBE3CCE9 -no_nonce -sha256 >> $LOGDIR/ocsp.log 2>&1 for i in "" "-unknown" "-revoked"; do openssl ocsp -index $DIR/auth_serv/index$i.txt \ -rsigner $DIR/auth_serv/ca.pem \ diff --git a/tests/hwsim/test_ap_eap.py b/tests/hwsim/test_ap_eap.py index 3f10de2..d851c4e 100644 --- a/tests/hwsim/test_ap_eap.py +++ b/tests/hwsim/test_ap_eap.py @@ -2339,7 +2339,7 @@ def test_ap_wpa2_eap_ttls_server_cert_hash(dev, apdev): """WPA2-Enterprise connection using EAP-TTLS and server certificate hash""" check_cert_probe_support(dev[0]) skip_with_fips(dev[0]) - srv_cert_hash = "e75bd454c7b02d312e5006d75067c28ffa5baea422effeb2bbd572179cd000ca" + srv_cert_hash = "bdb9cb55d3df278e52a071abf58e7f0238fbec3ad8fb2c254742f63562628272" params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap") hapd = hostapd.add_ap(apdev[0], params) dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TTLS",