mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-18 02:44:03 -05:00
tests: Suite B with RSA keys
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
1c9663cf6b
commit
78b6be046d
11
tests/hwsim/auth_serv/dh_param_3072.pem
Normal file
11
tests/hwsim/auth_serv/dh_param_3072.pem
Normal file
@ -0,0 +1,11 @@
|
||||
-----BEGIN DH PARAMETERS-----
|
||||
MIIBiAKCAYEA3HLNJq+KXn0kCgo4QNnZNmkzwAVLPyIoK24CCfXC53Ax2jAY7iCu
|
||||
recce4hWsRAXjfFLcdGlcHPQ6saSwKE80ebj2eSpiASnAMO46PaGDxpycLl+Ac92
|
||||
RTaNDFYXveOMSAQboBC6KlNuf4hf7m+ZNxNTEdhKJnx5DmE5UbRKLzndH49OSsNG
|
||||
9ip+gHvO6FmRI4bUr5tosVfcVv2nWA0aRknEWFgUw5qKzi0XIejxHf+SKl+XlHGF
|
||||
/HuFV7zvksy/wVd0aMl40QSRTLvUfK+jwjPyAKFi7pSEa+cJGJNO1AVfiDCQ8xiA
|
||||
wXM4cqU1cUgTuSZZy3itLIlr3+a0O0PQ/zYCgSZlfRBtbWoOK54RhEJ33xTUVcIH
|
||||
bMkS8lmqscVIccPVzC9cv+MASbrfE1wvSJFkW1cHy+LScyQLaXeiqovH0HWp60cN
|
||||
9UhTcBRV49JTZfTk4wcfc50q+oNNMOXiHXX6Cz7YYkWQhVarawZcOOXkL5LwyqWE
|
||||
Fd2a8VjMc7ujAgEC
|
||||
-----END DH PARAMETERS-----
|
40
tests/hwsim/auth_serv/rsa3072-ca.key
Normal file
40
tests/hwsim/auth_serv/rsa3072-ca.key
Normal file
@ -0,0 +1,40 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
MIIG/gIBADANBgkqhkiG9w0BAQEFAASCBugwggbkAgEAAoIBgQDiAu/025dmYcmq
|
||||
o9AhYIhHpHjo9DCIg1tjbybtl0upoTTrO9paSG00hVnZ1hL8iL+Dez9KL+3zbsiQ
|
||||
ilnLWTLvVa1WJlytk8yhXohK2D+frPyqTmH2GjewI/N0+o2lJPzXycFTX9GjWeAg
|
||||
2Mc4GeIOHbY3QZCP8PQBxzyfiH30Pins2ZmtKVegzuaNBN2ZXp5ZZ+ABjpyBkmjv
|
||||
vb8kb89DQBVgzow5Wk77efs6Av2Js128i/PPQfDVkEuHJaaltMF5V3JCj7TR0nji
|
||||
+6l6wzE4oBc5zuKYJ/Ux6H9789Zws5Q3gi+VeeJ+8PzPTmCN3mtAh7NXPKI7MlFj
|
||||
EQiSkJ7nOGtc0UKNTZXq7w0JjNlHurc/cVrYfer6+gPf623EMwCZ/zw+YyjKEjMg
|
||||
MFoaeR4G4nkPklpx4GYM0knBkcoSczBkdcpasHeCEXQoNkS7u+RjzHAsYNoSOad0
|
||||
gWLLym0EyGKj7Ws2U3jXM3r5j8n2xOv9JGAZ8/q8K1QRrxQw5tsCAwEAAQKCAYAY
|
||||
+KwciLqkpD9M7EaNuYW1LLXzPy+xlZneVaSeca35cwdOylEo0oHGYMl5qQ51+oH2
|
||||
fAKVJtCKqf3dAnxDXHqlOPkq4Jgy0Xa1iaVTZ6s38DwGcRyfvWvTuVUn4psN2RVa
|
||||
nj8PADJAcyixWGJCj5GLb7r3RfY8ASpkm+fV1JXeC5RESBKTsFKvQMz2XchCLtMe
|
||||
G70DTwd5xXx0qKla1EO5MXZrOMcDezfozyRz12q98SR1NZ1dk/KRFh1SNFXCT0Mv
|
||||
+yD0clnPJa13kYHvXRABHfzx/3z7NQk9UM9bd5iWsLLQm57HtfbpV089H4XsAobU
|
||||
xabRbuen9JrejsMETudCtP/ftZQNKEjAyY6y0yrOM4c/z1IL4zc75KW3gh/0ruPa
|
||||
XTlHEBvA3h29W1dLhk9oyeiFHiV8BRffjlyS325CX9z89hdoPK1cZwuIDgqdTpVw
|
||||
VL6MqKxu72oyLWZcq4CKT6ZIpLgwRAfPZ/oCsJQZbO46PIg5hRIlNEb1H5vGkDEC
|
||||
gcEA+qE5IS8kt676UXZLEjp3UtsuGHzfj+kC2x9dVepRL8bxf58W65ZsZim9xZ56
|
||||
Ls8gw8NXh7/7SRqHBpaH6Sg7YZZFzfD6RB86O7atZ2CwTMMuBcN5zZc6AwfH418Z
|
||||
wHaQeN1gYAyLdHf80rMMlElz8hjJ3uCuBWG70WinemzynlS14AtG4HB09C1vmjnD
|
||||
Q4L8lCmEQpqy3GeKDQnWTIhzoqenr1+iQF7bdCUw878yMI0x7Di+okiWFC7HnW/y
|
||||
qPiZAoHBAObarPdCbpqiUtymTRbdq1xP69pZXcMOmgL+kLEELhhl9BfJqbXY51xn
|
||||
NCIpIMH3CyhJ5/Og9TCE72gfhA2jzJK9mK6Jmiz04BViCf308yh9y6TaZSdsOEz6
|
||||
M+uVbuP+UcBLV5AV9UvrgWDcWOm46W63v7Mgqh6x7rC1rR+VFi3Lj2HoU4aM4mEM
|
||||
E5OfbgMxWUQNKkyUy58KUs2wu58v+K7N8eu3Fa4Sl63xkRi1YKgqYAxeRKknrNb+
|
||||
IkVq5zC/kwKBwHOB8k5057swDXWVyytvfqbVFP18L5yniwVqAx4hi6E1Uv+6Vlnl
|
||||
TbgX7LozO6RvGW6fjKunsywR6cEDh0fRnuxu0WUEdpMGwVPb8Tb/vMDkA0XsvSof
|
||||
VEEpSNplbfzhp9vMSyp5HZxj4EVK97Uv1RvyiLcLXahlTqZIUUd/BqIp8Fh9WgD+
|
||||
Uyhl+FVf4bovmDDAoZAAtAYYQeuYaQeEq6Z/Fi0hKin4jbONoG315C+0Ixn3XQR1
|
||||
55UNqjnI6lEtoQKBwQCi/VvHi2jJ1reIQAYHkeRN3cOYuyXe9O06Ff+Ua24cHceU
|
||||
D/a5hHX9IISHZeBR8hk3jc6tjUPvyLu7GR1EABUMub4V5OMswIuBrWF+ozYWrZJd
|
||||
RzDJ/7dUagbEWxIa+NFBYjBlc4tn2dPTzl8cTUjKugMn9nUGDPyIWQztUnaBSMpo
|
||||
Bv8J7WhbuooL3TFwIaRzzpPB1ABbvo8t2IzvXJBI4vDeSrqM12WuEvMtrcmbkaeU
|
||||
s+3oPDHk7TLHLi4ile8CgcEAmV1hwY4s78tMYrUbDypyH9r5a2QT9ezyPS64WntC
|
||||
y3I4zVwO0pqtPMXQCgby2Z+PkuBC1WWCFSZZ4Aw5P/0OShIf+ADMewFF//DvReEc
|
||||
p+kh/7vKulnX4mPQGkuSnCmO5zyMDroP8JtTnkX8K4P143vQY4n/oFogUx+4lTG/
|
||||
bedKQgI9v+ubb0JsZkENPirKyIOdiTz64fjD+IKMgq15SYifVundDC/ubG5Cr0rn
|
||||
PId0vxr7ixFQPAT1hwUT1CuI
|
||||
-----END PRIVATE KEY-----
|
27
tests/hwsim/auth_serv/rsa3072-ca.pem
Normal file
27
tests/hwsim/auth_serv/rsa3072-ca.pem
Normal file
@ -0,0 +1,27 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIEizCCAvOgAwIBAgIJAIAj56DfmvbYMA0GCSqGSIb3DQEBDAUAMFExCzAJBgNV
|
||||
BAYTAkZJMREwDwYDVQQHDAhIZWxzaW5raTEOMAwGA1UECgwFdzEuZmkxHzAdBgNV
|
||||
BAMMFlN1aXRlIEIgUlNBIDNrIFJvb3QgQ0EwHhcNMTcwOTE3MTgxNjQwWhcNMjcw
|
||||
OTE1MTgxNjQwWjBRMQswCQYDVQQGEwJGSTERMA8GA1UEBwwISGVsc2lua2kxDjAM
|
||||
BgNVBAoMBXcxLmZpMR8wHQYDVQQDDBZTdWl0ZSBCIFJTQSAzayBSb290IENBMIIB
|
||||
ojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA4gLv9NuXZmHJqqPQIWCIR6R4
|
||||
6PQwiINbY28m7ZdLqaE06zvaWkhtNIVZ2dYS/Ii/g3s/Si/t827IkIpZy1ky71Wt
|
||||
ViZcrZPMoV6IStg/n6z8qk5h9ho3sCPzdPqNpST818nBU1/Ro1ngINjHOBniDh22
|
||||
N0GQj/D0Acc8n4h99D4p7NmZrSlXoM7mjQTdmV6eWWfgAY6cgZJo772/JG/PQ0AV
|
||||
YM6MOVpO+3n7OgL9ibNdvIvzz0Hw1ZBLhyWmpbTBeVdyQo+00dJ44vupesMxOKAX
|
||||
Oc7imCf1Meh/e/PWcLOUN4IvlXnifvD8z05gjd5rQIezVzyiOzJRYxEIkpCe5zhr
|
||||
XNFCjU2V6u8NCYzZR7q3P3Fa2H3q+voD3+ttxDMAmf88PmMoyhIzIDBaGnkeBuJ5
|
||||
D5JaceBmDNJJwZHKEnMwZHXKWrB3ghF0KDZEu7vkY8xwLGDaEjmndIFiy8ptBMhi
|
||||
o+1rNlN41zN6+Y/J9sTr/SRgGfP6vCtUEa8UMObbAgMBAAGjZjBkMB0GA1UdDgQW
|
||||
BBQh9+/awzQ67c3VUMCzugnuP4DXcDAfBgNVHSMEGDAWgBQh9+/awzQ67c3VUMCz
|
||||
ugnuP4DXcDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjANBgkq
|
||||
hkiG9w0BAQwFAAOCAYEAHmNoYP+c4TRPSogjCswhbzSVEpZhnjEg0Yd8XkGxKeBw
|
||||
o0hsPRFWjj/vO3uVeqoAyj2zkpiulPjBqlhLbwX31Q0T6vknWfNOsXgv2lB1yEZN
|
||||
HqxyEYsMN5RpEVqRRio66dhmALYuacX6gIphueTetaR9zeq1yy8GD0/omB7Ryig6
|
||||
5dMoTt4c9g8YFZE7AENkkbzMPqTdGKnY4uUQKgDBPH3TIlckx5zNq8GXTcAy4zyc
|
||||
4gj7NGPDdU5nk6BNRmlhFlsTaLHNc8C+5tI5fEx057AEa/7kggskvHxc7zespVMj
|
||||
RjTR9qkNC15IJHClMhBMiIDyURZF6Z3nyD0tMBJuIt2GU3gTqZLnrChp7PLXRCN/
|
||||
uByPuhJ528FzhQ1hnz93qBQ7OAamHfo44Zyk5wFnIUy+sd9QsM9zm+33/j0Vd5ar
|
||||
fzSfGRHJTb8xF7vH7TBH92CifdO17WNqH6+7KkFkEK44Dn87gjsgC8mXAOsE6HFw
|
||||
lKzThlrFLvCBIsQ4V9qH
|
||||
-----END CERTIFICATE-----
|
63
tests/hwsim/auth_serv/rsa3072-generate.sh
Executable file
63
tests/hwsim/auth_serv/rsa3072-generate.sh
Executable file
@ -0,0 +1,63 @@
|
||||
#!/bin/sh
|
||||
|
||||
OPENSSL=openssl
|
||||
|
||||
echo
|
||||
echo "---[ DH parameters ]----------------------------------------------------"
|
||||
echo
|
||||
|
||||
if [ -r dh_param_3072.pem ]; then
|
||||
echo "Use already generated dh_param_3072.pem"
|
||||
else
|
||||
openssl dhparam -out dh_param_3072.pem 3072
|
||||
fi
|
||||
|
||||
echo
|
||||
echo "---[ Root CA ]----------------------------------------------------------"
|
||||
echo
|
||||
|
||||
if [ -r rsa3072-ca.key ]; then
|
||||
echo "Use already generated Root CA"
|
||||
else
|
||||
cat ec-ca-openssl.cnf |
|
||||
sed "s/#@CN@/commonName_default = Suite B RSA 3k Root CA/" |
|
||||
sed s%\./ec-ca$%./rsa3072-ca% \
|
||||
> rsa3072-ca-openssl.cnf.tmp
|
||||
$OPENSSL req -config rsa3072-ca-openssl.cnf.tmp -batch -x509 -new -newkey rsa:3072 -nodes -keyout rsa3072-ca.key -out rsa3072-ca.pem -outform PEM -days 3650 -sha384
|
||||
mkdir -p rsa3072-ca/certs rsa3072-ca/crl rsa3072-ca/newcerts rsa3072-ca/private
|
||||
touch rsa3072-ca/index.txt
|
||||
rm rsa3072-ca-openssl.cnf.tmp
|
||||
fi
|
||||
|
||||
echo
|
||||
echo "---[ Server ]-----------------------------------------------------------"
|
||||
echo
|
||||
|
||||
cat ec-ca-openssl.cnf |
|
||||
sed "s/#@CN@/commonName_default = rsa3072.server.w1.fi/" |
|
||||
sed "s/#@ALTNAME@/subjectAltName=critical,DNS:rsa3072.server.w1.fi/" |
|
||||
sed s%\./ec-ca$%./rsa3072-ca% \
|
||||
> rsa3072-ca-openssl.cnf.tmp
|
||||
$OPENSSL req -config rsa3072-ca-openssl.cnf.tmp -batch -new -newkey rsa:3072 -nodes -keyout rsa3072-server.key -out rsa3072-server.req -outform PEM -sha384
|
||||
$OPENSSL ca -config rsa3072-ca-openssl.cnf.tmp -batch -keyfile rsa3072-ca.key -cert rsa3072-ca.pem -create_serial -in rsa3072-server.req -out rsa3072-server.pem -extensions ext_server -days 730 -md sha384
|
||||
rm rsa3072-ca-openssl.cnf.tmp
|
||||
|
||||
echo
|
||||
echo "---[ User SHA-384 ]-----------------------------------------------------"
|
||||
echo
|
||||
|
||||
cat ec-ca-openssl.cnf |
|
||||
sed "s/#@CN@/commonName_default = user-rsa3072/" |
|
||||
sed "s/#@ALTNAME@/subjectAltName=email:user-rsa3072@w1.fi/" |
|
||||
sed s%\./ec-ca$%./rsa3072-ca% \
|
||||
> rsa3072-ca-openssl.cnf.tmp
|
||||
$OPENSSL req -config rsa3072-ca-openssl.cnf.tmp -batch -new -newkey rsa:3072 -nodes -keyout rsa3072-user.key -out rsa3072-user.req -outform PEM -extensions ext_client -sha384
|
||||
$OPENSSL ca -config rsa3072-ca-openssl.cnf.tmp -batch -keyfile rsa3072-ca.key -cert rsa3072-ca.pem -create_serial -in rsa3072-user.req -out rsa3072-user.pem -extensions ext_client -days 730 -md sha384
|
||||
rm rsa3072-ca-openssl.cnf.tmp
|
||||
|
||||
echo
|
||||
echo "---[ Verify ]-----------------------------------------------------------"
|
||||
echo
|
||||
|
||||
$OPENSSL verify -CAfile rsa3072-ca.pem rsa3072-server.pem
|
||||
$OPENSSL verify -CAfile rsa3072-ca.pem rsa3072-user.pem
|
40
tests/hwsim/auth_serv/rsa3072-server.key
Normal file
40
tests/hwsim/auth_serv/rsa3072-server.key
Normal file
@ -0,0 +1,40 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
MIIG/wIBADANBgkqhkiG9w0BAQEFAASCBukwggblAgEAAoIBgQD+qVxZj6qAy7hK
|
||||
ifk66H0kUbjyBcZC4Gi1pPF+ijGi4AxYxYAgyyDwDsFrTeHX68xFSMmwD4/vgNsb
|
||||
YAKv7+gKKcgE33CS6fHcakc7Wm8Q5hlNk5LQCo6iTTKfE8g0bBpM7KTtiSoD+xgN
|
||||
fw3ePn/YXSel4XtiY3FhRVL5RxAdKMJdc/udA2i/baQSEnTH0LiHQ7Nnh85ue1gf
|
||||
LzLrEB/ndFw62YwYyASVa+M7JUwK25nzWbCOet765NtQFZCiMOKKxqkGMOPXKd0m
|
||||
qJVubvXEQtD3fkBNPf2tL89A3dTAa4CiNH4FL78yRAvUeG0qEgh8hLRNUVrlhG4X
|
||||
JkOMg2sW81/6s5+E0yur8z4sI2W5EXbhhRLOuwM4WYK/THe6O5BRnGd2sB50HkzI
|
||||
sTXWNyncfsOJzIaeCDGccOpabIeSU+uZ+zPSMvGBMXigyX1t2WsH+shKZ1csjKbO
|
||||
5X42lfEJvd+/yFM9IWf9k8uyerVWYZ4vzmn6+lYKa5xpePdOVHMCAwEAAQKCAYAG
|
||||
VHVcMIr/apDpIWbVhQPfTDy5n1UfQm633SK3j33OW51S843Mwt/Nt8AtB6GOeWj5
|
||||
a+a/fpOIU36evpMyhlcRMZqsLFWjATemz+l3WzcZh26nk/x5OVn0RND2TUqTqwA4
|
||||
W0V6NgeaU7p0U20n0gvhd+dNYz5q4qfl0BBQ6+hFoUa7he+CJpyK7ZG/dT/7239K
|
||||
tW8XKrQB4QT+uXCdkSgJ28WTHOczkn0yrZzXUoUCXBUGjHsr/3fdaqTc57xRm79p
|
||||
HDAjOavFnSDENTDsB5R9jmN70BY008xoitAtUzMkCVABbxn9npvjrTjKw/fg3oph
|
||||
1Ml8JaLDjsh3UzhqnmYKIJrZvdyfe7/Q9j7KtECPuxdf170BJ3jPrJPcWTecazfh
|
||||
szpt1beLyv8o4D7ttmgs/n1OXhGL1smcrTeIXdmrBlfIiKjY+3EE9SpxvXN/9DCy
|
||||
+jnuEfy1KkbEhHSPVplGmyHb8xToA5FUfWsX/wWo0CZbH1ouquUHdcq/HsFGLZkC
|
||||
gcEA/2tBin4Hmmn5987Y17Iv3WG0XZFNW5jfvt0THo5R+Phg3DKGyYKFtrnS6bMZ
|
||||
IKl7YvpxZZ6+w0wBkaQWE/y9wN2oeiQE8WMvnYptGXs+sVXCNQJmKbZHxnZuQrwr
|
||||
KGAIwhGxShbx+rAzyXakKM0p2PUyHg9xAPu3Sfmb8zYWc8KZ62Xxf3tFErnGeJUm
|
||||
ZgdqtWvOWXJxMz2nM/Ow6FlnHr0Wo8ZEpli5kWlTwp+S7Trn6969lVJV4cGjPJxD
|
||||
7kGnAoHBAP89qeS0vx6XmMwqfgH+OTrRO6+F2sGOSvrcSWRBS0R4ninIOXASMWxH
|
||||
W/bAgzUwGB7bTUmVjQRGkFXIn0YcBlvMVJlvpQ0DqPftVY9Fa2TSUa2//M8PbIgk
|
||||
NsHa89YWkkKFMOZUH9JzIkn4H+f6mNv83sMOWGrdaymiLP7NxgA8VIeybekQ73j3
|
||||
thnDT2xyMXwO6Y0FbySvV8y6AEFTOq5vgR8A0orEEeP0eUlBzv030J/CNW4hXo0c
|
||||
qVsknTo4VQKBwQDw1s3CLPw2Wd9eDyjgmiAP+2T7JVtwF0JC0mqI0WHyBSIv/2Sg
|
||||
9fXnSmjZ/Aqhha3WspfiXkE6HZ0NG0/GIPc7uMZ4BSa0BfaL8k7VTCTdSiQJn+19
|
||||
P2eGd32YZ526QHOBqvUlC2W4IBV0ze4Umv/ul6VeOukvKCq4Eik+t62MEd7Y3BNP
|
||||
RYjoE0xVvy2p3yx7TOAR75tV2bijgBE7xbE6hsmmO/nXcKnptwtH5PfBwV2WRz00
|
||||
Y6KfcNre9+oF6tkCgcEAifVrgenML53jAd+p0iv2BPuY1it0bRAbKPKuXJkKNM05
|
||||
N/44RYIf4pXDeGDfynzfXLZOVQqXeQsm8qcIp9139mBADdsRjDJBPxiyGUl9XbZs
|
||||
XYya+dQtZnykeC1/hGUY0wmov6YSuS5wByktHbcOrkFEqotzcPeS96LnzSWt8uyp
|
||||
B9uCmuoDdg/2BoDRyh0C8DojNI0OYPbBby/N+YEiA6zTTs2j/0sxHFRExjrixW1I
|
||||
v0E6nfc9YupuA4yLyy8tAoHBAPoDc7AZeCsAIrGU/ojvPEMGYk/DyCnPyalrTeI3
|
||||
DP01lx3/URyhIawu0k9oXQy6IdyJ4BHonMRSHqoMw53W9Lvany0n1CgW9+84JZ1C
|
||||
9H6VyK+uxK/00UYEDwVf5PSZiWFxa4h7uQm/EDzTEF/cim47DbpQR8j8YkJ77+dZ
|
||||
lBleLkVv9CgT2eH4zGAjAiD5KPd0pQEPse5jNXnwI/+qa5rKZBWFcnFRiHbcMqDF
|
||||
b7FtSAoTF3UtdZ9XQUM0V4ZwuA==
|
||||
-----END PRIVATE KEY-----
|
105
tests/hwsim/auth_serv/rsa3072-server.pem
Normal file
105
tests/hwsim/auth_serv/rsa3072-server.pem
Normal file
@ -0,0 +1,105 @@
|
||||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number: 12505381161559820488 (0xad8c09e8fba288c8)
|
||||
Signature Algorithm: sha384WithRSAEncryption
|
||||
Issuer: C=FI, L=Helsinki, O=w1.fi, CN=Suite B RSA 3k Root CA
|
||||
Validity
|
||||
Not Before: Sep 17 18:16:40 2017 GMT
|
||||
Not After : Sep 17 18:16:40 2019 GMT
|
||||
Subject: C=FI, O=w1.fi, CN=rsa3072.server.w1.fi
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
Public-Key: (3072 bit)
|
||||
Modulus:
|
||||
00:fe:a9:5c:59:8f:aa:80:cb:b8:4a:89:f9:3a:e8:
|
||||
7d:24:51:b8:f2:05:c6:42:e0:68:b5:a4:f1:7e:8a:
|
||||
31:a2:e0:0c:58:c5:80:20:cb:20:f0:0e:c1:6b:4d:
|
||||
e1:d7:eb:cc:45:48:c9:b0:0f:8f:ef:80:db:1b:60:
|
||||
02:af:ef:e8:0a:29:c8:04:df:70:92:e9:f1:dc:6a:
|
||||
47:3b:5a:6f:10:e6:19:4d:93:92:d0:0a:8e:a2:4d:
|
||||
32:9f:13:c8:34:6c:1a:4c:ec:a4:ed:89:2a:03:fb:
|
||||
18:0d:7f:0d:de:3e:7f:d8:5d:27:a5:e1:7b:62:63:
|
||||
71:61:45:52:f9:47:10:1d:28:c2:5d:73:fb:9d:03:
|
||||
68:bf:6d:a4:12:12:74:c7:d0:b8:87:43:b3:67:87:
|
||||
ce:6e:7b:58:1f:2f:32:eb:10:1f:e7:74:5c:3a:d9:
|
||||
8c:18:c8:04:95:6b:e3:3b:25:4c:0a:db:99:f3:59:
|
||||
b0:8e:7a:de:fa:e4:db:50:15:90:a2:30:e2:8a:c6:
|
||||
a9:06:30:e3:d7:29:dd:26:a8:95:6e:6e:f5:c4:42:
|
||||
d0:f7:7e:40:4d:3d:fd:ad:2f:cf:40:dd:d4:c0:6b:
|
||||
80:a2:34:7e:05:2f:bf:32:44:0b:d4:78:6d:2a:12:
|
||||
08:7c:84:b4:4d:51:5a:e5:84:6e:17:26:43:8c:83:
|
||||
6b:16:f3:5f:fa:b3:9f:84:d3:2b:ab:f3:3e:2c:23:
|
||||
65:b9:11:76:e1:85:12:ce:bb:03:38:59:82:bf:4c:
|
||||
77:ba:3b:90:51:9c:67:76:b0:1e:74:1e:4c:c8:b1:
|
||||
35:d6:37:29:dc:7e:c3:89:cc:86:9e:08:31:9c:70:
|
||||
ea:5a:6c:87:92:53:eb:99:fb:33:d2:32:f1:81:31:
|
||||
78:a0:c9:7d:6d:d9:6b:07:fa:c8:4a:67:57:2c:8c:
|
||||
a6:ce:e5:7e:36:95:f1:09:bd:df:bf:c8:53:3d:21:
|
||||
67:fd:93:cb:b2:7a:b5:56:61:9e:2f:ce:69:fa:fa:
|
||||
56:0a:6b:9c:69:78:f7:4e:54:73
|
||||
Exponent: 65537 (0x10001)
|
||||
X509v3 extensions:
|
||||
X509v3 Basic Constraints: critical
|
||||
CA:FALSE
|
||||
X509v3 Subject Key Identifier:
|
||||
82:D7:75:95:94:9E:35:F7:1F:91:6D:37:9F:26:4F:3D:9D:C1:6E:96
|
||||
X509v3 Authority Key Identifier:
|
||||
keyid:21:F7:EF:DA:C3:34:3A:ED:CD:D5:50:C0:B3:BA:09:EE:3F:80:D7:70
|
||||
|
||||
X509v3 Subject Alternative Name: critical
|
||||
DNS:rsa3072.server.w1.fi
|
||||
X509v3 Extended Key Usage: critical
|
||||
TLS Web Server Authentication
|
||||
X509v3 Key Usage:
|
||||
Digital Signature, Key Encipherment
|
||||
Signature Algorithm: sha384WithRSAEncryption
|
||||
55:60:59:3f:3b:85:7c:d2:95:9b:c0:00:fb:a8:57:c6:02:41:
|
||||
7b:2c:b5:fd:e0:a6:35:1c:18:f8:0f:d6:f7:f4:0c:01:7d:7c:
|
||||
a4:cc:80:11:73:5b:06:03:f0:25:58:46:0b:2c:50:8e:80:5a:
|
||||
f4:49:df:69:ca:8a:de:7c:00:5d:3b:5d:45:f8:c9:19:f8:e1:
|
||||
ab:01:6b:ee:49:1f:c2:e3:3e:f6:a2:fa:4e:5d:b9:6f:93:2b:
|
||||
cc:b8:77:52:ae:8c:22:a1:53:f2:98:d0:df:b1:9b:27:ea:32:
|
||||
76:2d:fb:4c:8a:04:32:4d:aa:07:57:ad:c7:3f:d1:86:c0:71:
|
||||
05:35:c4:6e:e3:b8:a0:63:06:6b:e8:0e:50:4b:8c:60:3a:a6:
|
||||
84:ae:da:ab:b8:7a:7b:20:7a:c5:74:9b:bf:41:a9:b8:d8:34:
|
||||
20:56:35:86:60:d0:43:fa:06:a0:b7:b1:49:f3:02:f1:cf:72:
|
||||
20:8d:9a:48:6b:db:14:30:e3:21:a4:6f:87:08:d8:95:66:e3:
|
||||
b6:7e:15:e8:44:03:f3:92:b8:84:54:ba:af:c6:ce:7d:32:85:
|
||||
1f:a7:54:40:86:4e:93:89:73:e5:18:ea:49:4a:9d:80:78:6d:
|
||||
2e:d3:bf:9c:a9:75:09:3c:b7:33:36:ce:20:81:df:7e:ca:50:
|
||||
0d:c7:b9:91:82:5d:3b:25:d3:0b:ee:bb:a8:84:fc:79:ce:c1:
|
||||
1f:af:d3:df:34:f6:a0:50:3d:4b:1c:b4:91:1b:b1:5a:d2:27:
|
||||
44:4e:0e:20:f1:b3:8c:7f:08:44:27:c8:56:0a:0b:b9:aa:f7:
|
||||
4d:62:5d:35:ef:06:44:a2:2d:35:8a:66:8c:1f:c9:c2:89:cb:
|
||||
7d:38:54:84:5c:c4:96:3d:11:d1:2c:d2:98:9d:b7:4f:1c:4f:
|
||||
e9:37:80:4f:25:6b:3a:29:1c:55:52:56:23:6e:4e:b6:74:d3:
|
||||
cd:0a:1d:b7:24:f2:41:24:8a:05:ad:e0:d3:8f:fc:c5:bd:a7:
|
||||
bc:8e:e5:7f:0b:d7
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIEqzCCAxOgAwIBAgIJAK2MCej7oojIMA0GCSqGSIb3DQEBDAUAMFExCzAJBgNV
|
||||
BAYTAkZJMREwDwYDVQQHDAhIZWxzaW5raTEOMAwGA1UECgwFdzEuZmkxHzAdBgNV
|
||||
BAMMFlN1aXRlIEIgUlNBIDNrIFJvb3QgQ0EwHhcNMTcwOTE3MTgxNjQwWhcNMTkw
|
||||
OTE3MTgxNjQwWjA8MQswCQYDVQQGEwJGSTEOMAwGA1UECgwFdzEuZmkxHTAbBgNV
|
||||
BAMMFHJzYTMwNzIuc2VydmVyLncxLmZpMIIBojANBgkqhkiG9w0BAQEFAAOCAY8A
|
||||
MIIBigKCAYEA/qlcWY+qgMu4Son5Ouh9JFG48gXGQuBotaTxfooxouAMWMWAIMsg
|
||||
8A7Ba03h1+vMRUjJsA+P74DbG2ACr+/oCinIBN9wkunx3GpHO1pvEOYZTZOS0AqO
|
||||
ok0ynxPINGwaTOyk7YkqA/sYDX8N3j5/2F0npeF7YmNxYUVS+UcQHSjCXXP7nQNo
|
||||
v22kEhJ0x9C4h0OzZ4fObntYHy8y6xAf53RcOtmMGMgElWvjOyVMCtuZ81mwjnre
|
||||
+uTbUBWQojDiisapBjDj1yndJqiVbm71xELQ935ATT39rS/PQN3UwGuAojR+BS+/
|
||||
MkQL1HhtKhIIfIS0TVFa5YRuFyZDjINrFvNf+rOfhNMrq/M+LCNluRF24YUSzrsD
|
||||
OFmCv0x3ujuQUZxndrAedB5MyLE11jcp3H7DicyGnggxnHDqWmyHklPrmfsz0jLx
|
||||
gTF4oMl9bdlrB/rISmdXLIymzuV+NpXxCb3fv8hTPSFn/ZPLsnq1VmGeL85p+vpW
|
||||
CmucaXj3TlRzAgMBAAGjgZowgZcwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUgtd1
|
||||
lZSeNfcfkW03nyZPPZ3BbpYwHwYDVR0jBBgwFoAUIffv2sM0Ou3N1VDAs7oJ7j+A
|
||||
13AwIgYDVR0RAQH/BBgwFoIUcnNhMzA3Mi5zZXJ2ZXIudzEuZmkwFgYDVR0lAQH/
|
||||
BAwwCgYIKwYBBQUHAwEwCwYDVR0PBAQDAgWgMA0GCSqGSIb3DQEBDAUAA4IBgQBV
|
||||
YFk/O4V80pWbwAD7qFfGAkF7LLX94KY1HBj4D9b39AwBfXykzIARc1sGA/AlWEYL
|
||||
LFCOgFr0Sd9pyorefABdO11F+MkZ+OGrAWvuSR/C4z72ovpOXblvkyvMuHdSrowi
|
||||
oVPymNDfsZsn6jJ2LftMigQyTaoHV63HP9GGwHEFNcRu47igYwZr6A5QS4xgOqaE
|
||||
rtqruHp7IHrFdJu/Qam42DQgVjWGYNBD+gagt7FJ8wLxz3IgjZpIa9sUMOMhpG+H
|
||||
CNiVZuO2fhXoRAPzkriEVLqvxs59MoUfp1RAhk6TiXPlGOpJSp2AeG0u07+cqXUJ
|
||||
PLczNs4ggd9+ylANx7mRgl07JdML7ruohPx5zsEfr9PfNPagUD1LHLSRG7Fa0idE
|
||||
Tg4g8bOMfwhEJ8hWCgu5qvdNYl017wZEoi01imaMH8nCict9OFSEXMSWPRHRLNKY
|
||||
nbdPHE/pN4BPJWs6KRxVUlYjbk62dNPNCh23JPJBJIoFreDTj/zFvae8juV/C9c=
|
||||
-----END CERTIFICATE-----
|
40
tests/hwsim/auth_serv/rsa3072-user.key
Normal file
40
tests/hwsim/auth_serv/rsa3072-user.key
Normal file
@ -0,0 +1,40 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
MIIG/QIBADANBgkqhkiG9w0BAQEFAASCBucwggbjAgEAAoIBgQCSd2eORDSDqDf5
|
||||
qcRyXHFynTUdPYw0Ilwk+IeB3t6spZN3xTikgpyMBpsUi1IJMkwxxfjpL2SKOQpw
|
||||
nk6KnLylq3gYUkR1/sMAYecfRcAScuQ4niid9nZgcLN7EcqQmCrqJsBcrqkSzFIR
|
||||
pgKs6FlWeqiT7P0G7qzorxdoV085ytRISYq0jT4hUaOW558k5fUQ5zb+jjOyfSJm
|
||||
j0Jlzw9PzKMkD+O6mIk1p1SZ7IFHxC+yOzuyTM6kqFpmEECODX1n2O0a/eVhFtv1
|
||||
THNAOeN9bycmCGgYAt87WgQKCMVTux0AkWz2OCrwqp8rNm6VJKcahNhcavjVP2IP
|
||||
IEu3lsbCG/iBZBMVeptdmO4P2XM31TyfNVKT33KdidSfIPIThRIAfCMnzvnd4reC
|
||||
CaL6JlQix/20+hrTbSmPG2cTL9ji8Fx1nqp5/MG3SF0IEgE3eBP5Uzc6qCE45190
|
||||
+4VTayFrgsmlQSyjOXQUoFwDyBMXVaYVRVI8ubk//tmoFG8gxSECAwEAAQKCAYBq
|
||||
xnOPCngCNwM/lhzphi0KckMDYxgv9ZCZPzmCWxiYYkjkerm1bKZ1imdKDdsrayiS
|
||||
7JFuZad1AOp0eWQmtubsG9n8WRUhtC0yvSzB5paEnI92Gw7fQYrA+chOgwTabqRy
|
||||
ePepWYdWde+qgAzZQrXGTrtQw+ceQ6d4JhT5cxUFu7EQVdSxlXpizeJlo8uoGaCT
|
||||
xwuXfdGAYKtQe0XbdJzj/vo70v2gzYzRuX/6iqkgyYw/8eCuNkI7VaQ5XcXCCWB1
|
||||
nCf578JBXynJEpEBh6FEZj6LzBD7aop2ErYkiTRdWKTvweqVxSQtiiS//FH91tiy
|
||||
hMm61mzgf4kTf1FsFokp+xssSbHKhxTsZO4pXoupdUTfG9B8vAlbQObDiOmLUtdX
|
||||
mpXkDDnZUD//alLGxbiOmncH4K/VGuZuSXnSkbUnjrdkOGVtSy4cwxAbgii1z6D9
|
||||
jeImt4vTvFkt3jiqfPs7/c6M6giEY3OyjbR8P3jksBC4urKTWI+B010AsKUur5UC
|
||||
gcEAwnj7nNSyABEhyimKIfGIjXGiKaRevfstRTs+fRYWGkcVvVZQ2s1xxTAXGiYa
|
||||
kJgFUL3lTfbdvkTHEp5U7PrC4ErXBAV61fjv9DfRGFTIvtOM10YfrS/GeZuJYHXe
|
||||
abrVliB56jiOg2tq6XrKPe6f7vZFDaan2srh0/FN/CEHom2WS7mQL+VjwwCtBZHh
|
||||
aMMkg/bW9qaV0fWwi2dK97vcQzb3udgnnC6M2P6bK7og9Vfa8tW8kVtSBVjyoGu7
|
||||
1aCrAoHBAMDOO+LM8nPhju/jeWH2366YhGbRZM2lpqb6b7c/09AUC4ESK82S9AKe
|
||||
1Ppa8Q5KnaI0PAg7V6CebL1EjGgzUcWZWzC7Q8u+In7ktq09G0uk6vtlfpwjx4OU
|
||||
Q9DiosZdBASKmhQpmYRYawbvjQXhPIexAYSvwb+930g93+gmLOXOtg1C/y2vHtsm
|
||||
JU8bCkXceC2PsCB2D8aOKlUoyutXMW8VX0VmBab0JBuTp9T+woYp5RXj2Id1CuOC
|
||||
BlJZZNjpYwKBwQC9wGJxsi9EVXMM2N9JI21D5d5+lz1CTfTsGlRspMJIPZf+uFwI
|
||||
QnGCH9xKzWcaMtrs330AR6IxZtZ/WjIvULYZN6z45YfnhBBN0LCa9w8w8yX3XxrF
|
||||
V1pnidXPYvLzYzPIWkPav/h+Tq9wxTjUmSNAfNb/7N7XYyJaNJcNLgVO/XKqzJLd
|
||||
yQtAWEZ6qs6v88iLYqx42i5RQVNTkiPZ+Vl/1AB/O2PaxqjziepKDkDeYyzlyJtH
|
||||
kT1Ernd/A9+xICUCgcAszkCAflxBrcNH4DcPGw30RyFNu4+PctV9rGlVzpFso5vg
|
||||
zNY9Gc925G5eF9A5IAHt9fGVgCTnAKoIeeufM33nS7IzavFgYbkmgAQr0i2LsLGi
|
||||
5n07z9zHqSbxXhmxu1/5pjQUR26ToPCOVhERsrwcVHgj26xM4NUItshX7Lc2WIla
|
||||
H52pgi7LgtvcvE3w2kFbZS7q/ETCQbt4utgdRNAKHo9bU1Aw8j+J4RB5oRKXlxjT
|
||||
s3VYVUzIfij17ixPdD0CgcA8LTjVgy6jeCeCWIUjoAlPLuMB3A/zU3ZxeWJ7uEUj
|
||||
Xjz/6ToSQBWtbW1xtKBW9RZBzbIZCgiNBqO38DqKzoKY6T/muIJniLUW5lshj5B5
|
||||
XFSanprP/vp+J8lEaTiVAAfsbt2/ZuZq+IAxwDo9oifr5NtKvexaiEJ0apx/e0yg
|
||||
tvwouNj0+z89rF2INCDbWB3750mPcBRafASXyVRCwiopzfdFHZB1boUcSq7cRY2R
|
||||
cTEirRqQCdUI6fmEGFMYR6A=
|
||||
-----END PRIVATE KEY-----
|
105
tests/hwsim/auth_serv/rsa3072-user.pem
Normal file
105
tests/hwsim/auth_serv/rsa3072-user.pem
Normal file
@ -0,0 +1,105 @@
|
||||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number: 12505381161559820489 (0xad8c09e8fba288c9)
|
||||
Signature Algorithm: sha384WithRSAEncryption
|
||||
Issuer: C=FI, L=Helsinki, O=w1.fi, CN=Suite B RSA 3k Root CA
|
||||
Validity
|
||||
Not Before: Sep 17 18:16:40 2017 GMT
|
||||
Not After : Sep 17 18:16:40 2019 GMT
|
||||
Subject: C=FI, O=w1.fi, CN=user-rsa3072
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
Public-Key: (3072 bit)
|
||||
Modulus:
|
||||
00:92:77:67:8e:44:34:83:a8:37:f9:a9:c4:72:5c:
|
||||
71:72:9d:35:1d:3d:8c:34:22:5c:24:f8:87:81:de:
|
||||
de:ac:a5:93:77:c5:38:a4:82:9c:8c:06:9b:14:8b:
|
||||
52:09:32:4c:31:c5:f8:e9:2f:64:8a:39:0a:70:9e:
|
||||
4e:8a:9c:bc:a5:ab:78:18:52:44:75:fe:c3:00:61:
|
||||
e7:1f:45:c0:12:72:e4:38:9e:28:9d:f6:76:60:70:
|
||||
b3:7b:11:ca:90:98:2a:ea:26:c0:5c:ae:a9:12:cc:
|
||||
52:11:a6:02:ac:e8:59:56:7a:a8:93:ec:fd:06:ee:
|
||||
ac:e8:af:17:68:57:4f:39:ca:d4:48:49:8a:b4:8d:
|
||||
3e:21:51:a3:96:e7:9f:24:e5:f5:10:e7:36:fe:8e:
|
||||
33:b2:7d:22:66:8f:42:65:cf:0f:4f:cc:a3:24:0f:
|
||||
e3:ba:98:89:35:a7:54:99:ec:81:47:c4:2f:b2:3b:
|
||||
3b:b2:4c:ce:a4:a8:5a:66:10:40:8e:0d:7d:67:d8:
|
||||
ed:1a:fd:e5:61:16:db:f5:4c:73:40:39:e3:7d:6f:
|
||||
27:26:08:68:18:02:df:3b:5a:04:0a:08:c5:53:bb:
|
||||
1d:00:91:6c:f6:38:2a:f0:aa:9f:2b:36:6e:95:24:
|
||||
a7:1a:84:d8:5c:6a:f8:d5:3f:62:0f:20:4b:b7:96:
|
||||
c6:c2:1b:f8:81:64:13:15:7a:9b:5d:98:ee:0f:d9:
|
||||
73:37:d5:3c:9f:35:52:93:df:72:9d:89:d4:9f:20:
|
||||
f2:13:85:12:00:7c:23:27:ce:f9:dd:e2:b7:82:09:
|
||||
a2:fa:26:54:22:c7:fd:b4:fa:1a:d3:6d:29:8f:1b:
|
||||
67:13:2f:d8:e2:f0:5c:75:9e:aa:79:fc:c1:b7:48:
|
||||
5d:08:12:01:37:78:13:f9:53:37:3a:a8:21:38:e7:
|
||||
5f:74:fb:85:53:6b:21:6b:82:c9:a5:41:2c:a3:39:
|
||||
74:14:a0:5c:03:c8:13:17:55:a6:15:45:52:3c:b9:
|
||||
b9:3f:fe:d9:a8:14:6f:20:c5:21
|
||||
Exponent: 65537 (0x10001)
|
||||
X509v3 extensions:
|
||||
X509v3 Basic Constraints:
|
||||
CA:FALSE
|
||||
X509v3 Subject Key Identifier:
|
||||
B1:4F:36:17:24:40:AD:6B:05:33:87:C4:AD:4F:4A:53:AF:F5:D6:23
|
||||
X509v3 Authority Key Identifier:
|
||||
keyid:21:F7:EF:DA:C3:34:3A:ED:CD:D5:50:C0:B3:BA:09:EE:3F:80:D7:70
|
||||
|
||||
X509v3 Subject Alternative Name:
|
||||
email:user-rsa3072@w1.fi
|
||||
X509v3 Extended Key Usage:
|
||||
TLS Web Client Authentication
|
||||
X509v3 Key Usage:
|
||||
Digital Signature, Key Encipherment
|
||||
Signature Algorithm: sha384WithRSAEncryption
|
||||
82:14:fb:75:bc:ee:a9:e9:9d:fa:bf:af:19:ef:d5:80:2d:c7:
|
||||
47:52:bd:a5:68:f3:38:5b:47:45:a0:54:53:48:14:1a:28:af:
|
||||
10:f7:a5:a8:4e:b6:86:12:15:b0:3f:5e:df:03:c8:d8:ae:f0:
|
||||
eb:67:7e:ad:6f:93:8a:bd:16:a2:5f:70:ba:4c:61:62:d5:23:
|
||||
f5:bc:a6:a6:84:25:05:f9:15:54:54:05:22:c7:28:18:df:76:
|
||||
18:f8:87:fe:50:81:7f:22:9b:4e:2e:34:62:f1:10:8a:df:78:
|
||||
f8:b7:0e:e7:fe:86:46:e7:52:e4:88:85:48:d3:c9:70:7e:77:
|
||||
db:1f:d1:ab:b9:34:d5:54:17:9a:f5:6b:6a:2c:1d:71:e6:ee:
|
||||
17:76:ed:6f:af:1e:47:48:33:38:43:9f:c5:3d:ab:c6:8b:03:
|
||||
ec:bb:30:9f:a3:32:69:38:3f:74:76:bd:4b:39:15:5e:22:c6:
|
||||
f6:e7:fb:2b:8f:f9:8a:60:00:6f:08:04:a8:a9:6f:78:ba:16:
|
||||
a5:5f:82:82:cf:a9:9a:d3:b8:8e:44:71:09:3f:ae:0f:0f:f9:
|
||||
a6:68:20:e9:65:a7:5a:16:b7:4b:12:53:77:77:f8:cf:34:e7:
|
||||
49:cb:1d:e8:ee:82:70:50:3a:30:1a:fe:71:ae:b2:13:95:6e:
|
||||
3c:c2:f9:49:1c:34:15:86:a2:b4:fa:4d:08:4a:92:40:66:bc:
|
||||
db:76:84:d2:5e:03:4c:9e:62:78:9d:01:60:db:35:be:e3:3a:
|
||||
29:15:87:64:44:0d:8f:78:c4:ce:cc:c6:68:8d:c3:ea:42:86:
|
||||
14:de:26:26:25:1d:02:fb:e5:b9:be:8d:44:7c:75:a4:fe:13:
|
||||
63:cb:94:8f:5a:8c:86:e5:4c:fd:05:d1:3b:2f:91:9b:bb:03:
|
||||
13:71:f0:d7:b8:7f:a1:ee:4e:5b:a2:1c:22:d4:38:7a:16:62:
|
||||
50:11:5e:ab:23:14:a7:a7:5e:24:4a:0c:20:54:8b:05:56:4f:
|
||||
d0:8c:c0:2d:12:ca
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIEmDCCAwCgAwIBAgIJAK2MCej7oojJMA0GCSqGSIb3DQEBDAUAMFExCzAJBgNV
|
||||
BAYTAkZJMREwDwYDVQQHDAhIZWxzaW5raTEOMAwGA1UECgwFdzEuZmkxHzAdBgNV
|
||||
BAMMFlN1aXRlIEIgUlNBIDNrIFJvb3QgQ0EwHhcNMTcwOTE3MTgxNjQwWhcNMTkw
|
||||
OTE3MTgxNjQwWjA0MQswCQYDVQQGEwJGSTEOMAwGA1UECgwFdzEuZmkxFTATBgNV
|
||||
BAMMDHVzZXItcnNhMzA3MjCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGB
|
||||
AJJ3Z45ENIOoN/mpxHJccXKdNR09jDQiXCT4h4He3qylk3fFOKSCnIwGmxSLUgky
|
||||
TDHF+OkvZIo5CnCeToqcvKWreBhSRHX+wwBh5x9FwBJy5DieKJ32dmBws3sRypCY
|
||||
KuomwFyuqRLMUhGmAqzoWVZ6qJPs/QburOivF2hXTznK1EhJirSNPiFRo5bnnyTl
|
||||
9RDnNv6OM7J9ImaPQmXPD0/MoyQP47qYiTWnVJnsgUfEL7I7O7JMzqSoWmYQQI4N
|
||||
fWfY7Rr95WEW2/VMc0A5431vJyYIaBgC3ztaBAoIxVO7HQCRbPY4KvCqnys2bpUk
|
||||
pxqE2Fxq+NU/Yg8gS7eWxsIb+IFkExV6m12Y7g/ZczfVPJ81UpPfcp2J1J8g8hOF
|
||||
EgB8IyfO+d3it4IJovomVCLH/bT6GtNtKY8bZxMv2OLwXHWeqnn8wbdIXQgSATd4
|
||||
E/lTNzqoITjnX3T7hVNrIWuCyaVBLKM5dBSgXAPIExdVphVFUjy5uT/+2agUbyDF
|
||||
IQIDAQABo4GPMIGMMAkGA1UdEwQCMAAwHQYDVR0OBBYEFLFPNhckQK1rBTOHxK1P
|
||||
SlOv9dYjMB8GA1UdIwQYMBaAFCH379rDNDrtzdVQwLO6Ce4/gNdwMB0GA1UdEQQW
|
||||
MBSBEnVzZXItcnNhMzA3MkB3MS5maTATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNV
|
||||
HQ8EBAMCBaAwDQYJKoZIhvcNAQEMBQADggGBAIIU+3W87qnpnfq/rxnv1YAtx0dS
|
||||
vaVo8zhbR0WgVFNIFBoorxD3pahOtoYSFbA/Xt8DyNiu8Otnfq1vk4q9FqJfcLpM
|
||||
YWLVI/W8pqaEJQX5FVRUBSLHKBjfdhj4h/5QgX8im04uNGLxEIrfePi3Duf+hkbn
|
||||
UuSIhUjTyXB+d9sf0au5NNVUF5r1a2osHXHm7hd27W+vHkdIMzhDn8U9q8aLA+y7
|
||||
MJ+jMmk4P3R2vUs5FV4ixvbn+yuP+YpgAG8IBKipb3i6FqVfgoLPqZrTuI5EcQk/
|
||||
rg8P+aZoIOllp1oWt0sSU3d3+M8050nLHejugnBQOjAa/nGushOVbjzC+UkcNBWG
|
||||
orT6TQhKkkBmvNt2hNJeA0yeYnidAWDbNb7jOikVh2REDY94xM7MxmiNw+pChhTe
|
||||
JiYlHQL75bm+jUR8daT+E2PLlI9ajIblTP0F0TsvkZu7AxNx8Ne4f6HuTluiHCLU
|
||||
OHoWYlARXqsjFKenXiRKDCBUiwVWT9CMwC0Syg==
|
||||
-----END CERTIFICATE-----
|
@ -302,3 +302,130 @@ def test_suite_b_192_mic_failure(dev, apdev):
|
||||
pairwise="GCMP-256", group="GCMP-256", scan_freq="2412",
|
||||
wait_connect=False)
|
||||
dev[0].wait_disconnected()
|
||||
|
||||
def suite_b_192_rsa_ap_params():
|
||||
params = { "ssid": "test-suite-b",
|
||||
"wpa": "2",
|
||||
"wpa_key_mgmt": "WPA-EAP-SUITE-B-192",
|
||||
"rsn_pairwise": "GCMP-256",
|
||||
"group_mgmt_cipher": "BIP-GMAC-256",
|
||||
"ieee80211w": "2",
|
||||
"ieee8021x": "1",
|
||||
"tls_flags": "[SUITEB]",
|
||||
"dh_file": "auth_serv/dh_param_3072.pem",
|
||||
"eap_server": "1",
|
||||
"eap_user_file": "auth_serv/eap_user.conf",
|
||||
"ca_cert": "auth_serv/rsa3072-ca.pem",
|
||||
"server_cert": "auth_serv/rsa3072-server.pem",
|
||||
"private_key": "auth_serv/rsa3072-server.key" }
|
||||
return params
|
||||
|
||||
def test_suite_b_192_rsa(dev, apdev):
|
||||
"""WPA2/GCMP-256 connection at Suite B 192-bit level and RSA"""
|
||||
run_suite_b_192_rsa(dev, apdev)
|
||||
|
||||
def test_suite_b_192_rsa_ecdhe(dev, apdev):
|
||||
"""WPA2/GCMP-256 connection at Suite B 192-bit level and RSA (ECDHE)"""
|
||||
run_suite_b_192_rsa(dev, apdev, no_dhe=True)
|
||||
|
||||
def test_suite_b_192_rsa_dhe(dev, apdev):
|
||||
"""WPA2/GCMP-256 connection at Suite B 192-bit level and RSA (DHE)"""
|
||||
run_suite_b_192_rsa(dev, apdev, no_ecdh=True)
|
||||
|
||||
def run_suite_b_192_rsa(dev, apdev, no_ecdh=False, no_dhe=False):
|
||||
check_suite_b_192_capa(dev)
|
||||
dev[0].flush_scan_cache()
|
||||
params = suite_b_192_rsa_ap_params()
|
||||
if no_ecdh:
|
||||
params["tls_flags"] = "[SUITEB-NO-ECDH]"
|
||||
if no_dhe:
|
||||
del params["dh_file"]
|
||||
hapd = hostapd.add_ap(apdev[0], params)
|
||||
|
||||
dev[0].connect("test-suite-b", key_mgmt="WPA-EAP-SUITE-B-192",
|
||||
ieee80211w="2",
|
||||
phase1="tls_suiteb=1",
|
||||
eap="TLS", identity="tls user",
|
||||
ca_cert="auth_serv/rsa3072-ca.pem",
|
||||
client_cert="auth_serv/rsa3072-user.pem",
|
||||
private_key="auth_serv/rsa3072-user.key",
|
||||
pairwise="GCMP-256", group="GCMP-256", scan_freq="2412")
|
||||
tls_cipher = dev[0].get_status_field("EAP TLS cipher")
|
||||
if tls_cipher != "ECDHE-RSA-AES256-GCM-SHA384" and tls_cipher != "DHE-RSA-AES256-GCM-SHA384":
|
||||
raise Exception("Unexpected TLS cipher: " + tls_cipher)
|
||||
cipher = dev[0].get_status_field("mgmt_group_cipher")
|
||||
if cipher != "BIP-GMAC-256":
|
||||
raise Exception("Unexpected mgmt_group_cipher: " + cipher)
|
||||
|
||||
bss = dev[0].get_bss(apdev[0]['bssid'])
|
||||
if 'flags' not in bss:
|
||||
raise Exception("Could not get BSS flags from BSS table")
|
||||
if "[WPA2-EAP-SUITE-B-192-GCMP-256]" not in bss['flags']:
|
||||
raise Exception("Unexpected BSS flags: " + bss['flags'])
|
||||
|
||||
dev[0].request("DISCONNECT")
|
||||
dev[0].wait_disconnected(timeout=20)
|
||||
dev[0].dump_monitor()
|
||||
dev[0].request("RECONNECT")
|
||||
ev = dev[0].wait_event(["CTRL-EVENT-EAP-STARTED",
|
||||
"CTRL-EVENT-CONNECTED"], timeout=20)
|
||||
if ev is None:
|
||||
raise Exception("Roaming with the AP timed out")
|
||||
if "CTRL-EVENT-EAP-STARTED" in ev:
|
||||
raise Exception("Unexpected EAP exchange")
|
||||
|
||||
conf = hapd.get_config()
|
||||
if conf['key_mgmt'] != 'WPA-EAP-SUITE-B-192':
|
||||
raise Exception("Unexpected config key_mgmt: " + conf['key_mgmt'])
|
||||
|
||||
def test_suite_b_192_rsa_insufficient_key(dev, apdev):
|
||||
"""WPA2/GCMP-256 connection at Suite B 192-bit level and RSA with insufficient key length"""
|
||||
check_suite_b_192_capa(dev)
|
||||
dev[0].flush_scan_cache()
|
||||
params = suite_b_192_rsa_ap_params()
|
||||
params["ca_cert"] = "auth_serv/ca.pem"
|
||||
params["server_cert"] = "auth_serv/server.pem"
|
||||
params["private_key"] = "auth_serv/server.key"
|
||||
hapd = hostapd.add_ap(apdev[0], params)
|
||||
|
||||
dev[0].connect("test-suite-b", key_mgmt="WPA-EAP-SUITE-B-192",
|
||||
ieee80211w="2",
|
||||
phase1="tls_suiteb=1",
|
||||
eap="TLS", identity="tls user",
|
||||
ca_cert="auth_serv/ca.pem",
|
||||
client_cert="auth_serv/user.pem",
|
||||
private_key="auth_serv/user.key",
|
||||
pairwise="GCMP-256", group="GCMP-256", scan_freq="2412",
|
||||
wait_connect=False)
|
||||
ev = dev[0].wait_event(["CTRL-EVENT-EAP-TLS-CERT-ERROR"], timeout=10)
|
||||
dev[0].request("DISCONNECT")
|
||||
if ev is None:
|
||||
raise Exception("Certificate error not reported")
|
||||
if "reason=11" not in ev or "err='Insufficient RSA modulus size'" not in ev:
|
||||
raise Exception("Unexpected error reason: " + ev)
|
||||
|
||||
def test_suite_b_192_rsa_insufficient_dh(dev, apdev):
|
||||
"""WPA2/GCMP-256 connection at Suite B 192-bit level and RSA with insufficient DH key length"""
|
||||
check_suite_b_192_capa(dev)
|
||||
dev[0].flush_scan_cache()
|
||||
params = suite_b_192_rsa_ap_params()
|
||||
params["tls_flags"] = "[SUITEB-NO-ECDH]"
|
||||
params["dh_file"] = "auth_serv/dh.conf"
|
||||
hapd = hostapd.add_ap(apdev[0], params)
|
||||
|
||||
dev[0].connect("test-suite-b", key_mgmt="WPA-EAP-SUITE-B-192",
|
||||
ieee80211w="2",
|
||||
phase1="tls_suiteb=1",
|
||||
eap="TLS", identity="tls user",
|
||||
ca_cert="auth_serv/rsa3072-ca.pem",
|
||||
client_cert="auth_serv/rsa3072-user.pem",
|
||||
private_key="auth_serv/rsa3072-user.key",
|
||||
pairwise="GCMP-256", group="GCMP-256", scan_freq="2412",
|
||||
wait_connect=False)
|
||||
ev = dev[0].wait_event(["CTRL-EVENT-EAP-STATUS status='local TLS alert'"],
|
||||
timeout=10)
|
||||
dev[0].request("DISCONNECT")
|
||||
if ev is None:
|
||||
raise Exception("DH error not reported")
|
||||
if "insufficient security" not in ev and "internal error" not in ev:
|
||||
raise Exception("Unexpected error reason: " + ev)
|
||||
|
Loading…
Reference in New Issue
Block a user