From: Tobias Brunner Date: Mon, 12 Aug 2019 16:10:06 +0000 (+0200) Subject: load-tester: Add digitalSignature keyUsage flag to test certificate X-Git-Tag: 5.8.1rc1~7 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a1295ff9cb35f6bf7f7499ed7147bdb7395c8ff7;p=thirdparty%2Fstrongswan.git load-tester: Add digitalSignature keyUsage flag to test certificate This allows using the certificate, which is technically a CA cert, as end-entity certificate again after the RFC4945-related changes added with 5.6.3. Fixes #3139. --- diff --git a/src/libcharon/plugins/load_tester/load_tester_creds.c b/src/libcharon/plugins/load_tester/load_tester_creds.c index 6ae7b7e7c8..0740dd3e6d 100644 --- a/src/libcharon/plugins/load_tester/load_tester_creds.c +++ b/src/libcharon/plugins/load_tester/load_tester_creds.c @@ -136,22 +136,23 @@ static char private[] = { }; /** - * And an associated self-signed certificate ------BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQDQXr7poAPYZLxmTCqR51STGRuk9Hc5SWtTcs6b2RzpnP8EVRLx -JEVxOKE9Mw6n7mD1pNrupCpnpGRdLAV5VznTPhSQ6k7ppJJrxosRYg0pHTZqBUEC -7nQFwAe10g8q0UnM1wa4lJzGxDH78d21cVweJgbkxAeyriS0jhNs7gO5nQIDAQAB -AoGACVACtkxJf7VY2jWTPXwaQoy/uIqYfX3zhwI9i6eTbDlxCE+JDi/xzpKaWjLa -99RmjvP0OPArWQB239ck03x7gAm2obutosGbqbKzJZS5cyIayzyW9djZDHBdt9Ho -quKB39aspWit3xPzkrr+QeIkiggtmBKALTBxTwxAU+P6euECQQD4IPdrzKbCrO79 -LKvoPrQQtTjL6ogag9rI9n2ZuoK3/XVybh2byOXT8tA5G5jSz9Ac8XeVOsnH9gT5 -3WXeaLOFAkEA1vrm/hVSEasp5eATgQ7ig9CF+GGKqhTwXp/uOSl/h3IRmStu5J0C -9AkYyx0bn3j5R8iUEX/C00KSE1kQNh4NOQJAVOsLYlRG2idPH0xThQc4nuM2jes1 -K0Xm8ZISSDNhm1BeCoyPC4rExTW7d1/vfG5svgsRrvvQpOOYrl7MB0Lz9QJBALhg -AWJiyLsskEd90Vx7dpvUaEHo7jMGuEx/X6GYzK5Oj3dNP9NEMfc4IhJ5SWqRJ0KA -bTVA3MexLXT4iqXPSkkCQQDSjLhBwvEnSuW4ElIMzBwLbu7573z2gzU82Mj6trrw -Osoox/vmcepT1Wjy4AvPZHgxp7vEXNSeS+M5L29QNTp8 ------END RSA PRIVATE KEY----- + * And an associated self-signed CA certificate (note that the keyUsage + * extension has the digitalSignature bit set, which is not usually the case for + * CA certificates, so it can be used as end-entity certificate in load tests). +-----BEGIN CERTIFICATE----- +MIICJjCCAY+gAwIBAgIBADANBgkqhkiG9w0BAQsFADA3MQwwCgYDVQQDEwNzcnYx +EjAQBgNVBAsTCWxvYWQtdGVzdDETMBEGA1UEChMKc3Ryb25nU3dhbjAeFw0xOTAy +MDgwODUyMjVaFw0yOTAyMDgwODUyMjVaMDcxDDAKBgNVBAMTA3NydjESMBAGA1UE +CxMJbG9hZC10ZXN0MRMwEQYDVQQKEwpzdHJvbmdTd2FuMIGfMA0GCSqGSIb3DQEB +AQUAA4GNADCBiQKBgQDQXr7poAPYZLxmTCqR51STGRuk9Hc5SWtTcs6b2RzpnP8E +VRLxJEVxOKE9Mw6n7mD1pNrupCpnpGRdLAV5VznTPhSQ6k7ppJJrxosRYg0pHTZq +BUEC7nQFwAe10g8q0UnM1wa4lJzGxDH78d21cVweJgbkxAeyriS0jhNs7gO5nQID +AQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4E +FgQUytOG/alLWTyyO6ElA3cGwIzkofYwDQYJKoZIhvcNAQELBQADgYEAIdCzmJAw +Cj6VaDacc7yOhZK61nGzNJml5NEeLzZkGzYvsIggL/Kb2v42fKYC5OunkZ1Nw3YY +207LR7wrhS7pndHfRMny86RwJ4d6LmiwtgbzTAbm3HL/iENDiyiJfCTknTvzMj9O +kGfz0rGDkJqIxx0inxp84PWWR5lX84A9pNQ= +-----END CERTIFICATE----- */ static char cert[] = { 0x30,0x82,0x02,0x26,0x30,0x82,0x01,0x8f,0xa0,0x03,0x02,0x01,0x02,0x02,0x01,0x00, @@ -177,18 +178,18 @@ static char cert[] = { 0xe4,0xc4,0x07,0xb2,0xae,0x24,0xb4,0x8e,0x13,0x6c,0xee,0x03,0xb9,0x9d,0x02,0x03, 0x01,0x00,0x01,0xa3,0x42,0x30,0x40,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01,0x01, 0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01, - 0x01,0xff,0x04,0x04,0x03,0x02,0x01,0x06,0x30,0x1d,0x06,0x03,0x55,0x1d,0x0e,0x04, + 0x01,0xff,0x04,0x04,0x03,0x02,0x01,0x86,0x30,0x1d,0x06,0x03,0x55,0x1d,0x0e,0x04, 0x16,0x04,0x14,0xca,0xd3,0x86,0xfd,0xa9,0x4b,0x59,0x3c,0xb2,0x3b,0xa1,0x25,0x03, 0x77,0x06,0xc0,0x8c,0xe4,0xa1,0xf6,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7, - 0x0d,0x01,0x01,0x0b,0x05,0x00,0x03,0x81,0x81,0x00,0xce,0x3c,0x30,0xe4,0xad,0x2f, - 0x40,0x9f,0x3a,0xc1,0x80,0x0b,0x0f,0xa1,0x87,0x94,0x98,0x6d,0x8b,0xcf,0x77,0xd1, - 0xf8,0xd8,0x99,0x2b,0x37,0xd9,0xc8,0x6a,0x15,0x18,0xf9,0xc4,0xe0,0xa9,0x4f,0x42, - 0xfc,0xca,0x48,0x76,0xf4,0xe4,0x77,0x75,0x59,0x73,0x74,0x1e,0x6d,0xb4,0x63,0xcf, - 0x60,0xd3,0x3e,0x28,0x27,0x6e,0x65,0xa0,0xd9,0xea,0x5c,0x78,0x6f,0xb5,0xb0,0x2e, - 0x6f,0xcd,0x33,0x1d,0xc2,0x8a,0xde,0x6d,0x7b,0xcc,0x3a,0x6e,0x13,0xa2,0x79,0xcd, - 0x78,0x32,0x6f,0x91,0xce,0xc9,0xcf,0x87,0xbb,0x70,0xbd,0xa7,0xd6,0xda,0xa3,0x68, - 0x41,0xb4,0x22,0x2f,0x31,0xae,0x2e,0xc8,0x84,0xa4,0x0d,0x37,0x06,0x23,0x58,0x60, - 0x49,0x5c,0xf7,0x54,0xea,0x2c,0xc3,0xb8,0x24,0x52 + 0x0d,0x01,0x01,0x0b,0x05,0x00,0x03,0x81,0x81,0x00,0x21,0xd0,0xb3,0x98,0x90,0x30, + 0x0a,0x3e,0x95,0x68,0x36,0x9c,0x73,0xbc,0x8e,0x85,0x92,0xba,0xd6,0x71,0xb3,0x34, + 0x99,0xa5,0xe4,0xd1,0x1e,0x2f,0x36,0x64,0x1b,0x36,0x2f,0xb0,0x88,0x20,0x2f,0xf2, + 0x9b,0xda,0xfe,0x36,0x7c,0xa6,0x02,0xe4,0xeb,0xa7,0x91,0x9d,0x4d,0xc3,0x76,0x18, + 0xdb,0x4e,0xcb,0x47,0xbc,0x2b,0x85,0x2e,0xe9,0x9d,0xd1,0xdf,0x44,0xc9,0xf2,0xf3, + 0xa4,0x70,0x27,0x87,0x7a,0x2e,0x68,0xb0,0xb6,0x06,0xf3,0x4c,0x06,0xe6,0xdc,0x72, + 0xff,0x88,0x43,0x43,0x8b,0x28,0x89,0x7c,0x24,0xe4,0x9d,0x3b,0xf3,0x32,0x3f,0x4e, + 0x90,0x67,0xf3,0xd2,0xb1,0x83,0x90,0x9a,0x88,0xc7,0x1d,0x22,0x9f,0x1a,0x7c,0xe0, + 0xf5,0x96,0x47,0x99,0x57,0xf3,0x80,0x3d,0xa4,0xd4, }; /**