summaryrefslogtreecommitdiff
path: root/testing/tests/swanctl/rw-ed25519-certpol/hosts
diff options
context:
space:
mode:
Diffstat (limited to 'testing/tests/swanctl/rw-ed25519-certpol/hosts')
-rwxr-xr-xtesting/tests/swanctl/rw-ed25519-certpol/hosts/carol/etc/strongswan.conf9
-rw-r--r--testing/tests/swanctl/rw-ed25519-certpol/hosts/carol/etc/swanctl/pkcs8/carolKey.pem3
-rwxr-xr-xtesting/tests/swanctl/rw-ed25519-certpol/hosts/carol/etc/swanctl/swanctl.conf27
-rw-r--r--testing/tests/swanctl/rw-ed25519-certpol/hosts/carol/etc/swanctl/x509/carolCert.pem13
-rw-r--r--testing/tests/swanctl/rw-ed25519-certpol/hosts/carol/etc/swanctl/x509ca/strongswanCert.pem12
-rwxr-xr-xtesting/tests/swanctl/rw-ed25519-certpol/hosts/dave/etc/strongswan.conf9
-rw-r--r--testing/tests/swanctl/rw-ed25519-certpol/hosts/dave/etc/swanctl/pkcs8/daveKey.pem3
-rwxr-xr-xtesting/tests/swanctl/rw-ed25519-certpol/hosts/dave/etc/swanctl/swanctl.conf27
-rw-r--r--testing/tests/swanctl/rw-ed25519-certpol/hosts/dave/etc/swanctl/x509/daveCert.pem13
-rw-r--r--testing/tests/swanctl/rw-ed25519-certpol/hosts/dave/etc/swanctl/x509ca/strongswanCert.pem12
-rwxr-xr-xtesting/tests/swanctl/rw-ed25519-certpol/hosts/moon/etc/strongswan.conf13
-rw-r--r--testing/tests/swanctl/rw-ed25519-certpol/hosts/moon/etc/swanctl/pkcs8/moonKey.pem3
-rwxr-xr-xtesting/tests/swanctl/rw-ed25519-certpol/hosts/moon/etc/swanctl/swanctl.conf26
-rw-r--r--testing/tests/swanctl/rw-ed25519-certpol/hosts/moon/etc/swanctl/x509/moonCert.pem13
-rw-r--r--testing/tests/swanctl/rw-ed25519-certpol/hosts/moon/etc/swanctl/x509ca/strongswanCert.pem12
15 files changed, 195 insertions, 0 deletions
diff --git a/testing/tests/swanctl/rw-ed25519-certpol/hosts/carol/etc/strongswan.conf b/testing/tests/swanctl/rw-ed25519-certpol/hosts/carol/etc/strongswan.conf
new file mode 100755
index 000000000..91a05eabc
--- /dev/null
+++ b/testing/tests/swanctl/rw-ed25519-certpol/hosts/carol/etc/strongswan.conf
@@ -0,0 +1,9 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+swanctl {
+ load = pem pkcs1 pkcs8 curve25519 x509 revocation constraints pubkey openssl random
+}
+
+charon-systemd {
+ load = random nonce sha1 sha2 aes hmac pem pkcs1 pkcs8 x509 revocation constraints pubkey curve25519 gmp curl kernel-netlink socket-default updown vici
+}
diff --git a/testing/tests/swanctl/rw-ed25519-certpol/hosts/carol/etc/swanctl/pkcs8/carolKey.pem b/testing/tests/swanctl/rw-ed25519-certpol/hosts/carol/etc/swanctl/pkcs8/carolKey.pem
new file mode 100644
index 000000000..5c3e2623d
--- /dev/null
+++ b/testing/tests/swanctl/rw-ed25519-certpol/hosts/carol/etc/swanctl/pkcs8/carolKey.pem
@@ -0,0 +1,3 @@
+-----BEGIN PRIVATE KEY-----
+MC4CAQAwBQYDK2VwBCIEIJk9u+XHU+E8YNCuj/bTDVRHbWDk2NzCyrTFqtzWRAv8
+-----END PRIVATE KEY-----
diff --git a/testing/tests/swanctl/rw-ed25519-certpol/hosts/carol/etc/swanctl/swanctl.conf b/testing/tests/swanctl/rw-ed25519-certpol/hosts/carol/etc/swanctl/swanctl.conf
new file mode 100755
index 000000000..9990cf319
--- /dev/null
+++ b/testing/tests/swanctl/rw-ed25519-certpol/hosts/carol/etc/swanctl/swanctl.conf
@@ -0,0 +1,27 @@
+connections {
+
+ home {
+ local_addrs = 192.168.0.100
+ remote_addrs = 192.168.0.1
+
+ local {
+ auth = pubkey
+ certs = carolCert.pem
+ id = carol@strongswan.org
+ }
+ remote {
+ auth = pubkey
+ id = moon.strongswan.org
+ }
+ children {
+ home {
+ remote_ts = 10.1.0.0/16
+
+ updown = /usr/local/libexec/ipsec/_updown iptables
+ esp_proposals = aes128gcm128-x25519
+ }
+ }
+ version = 2
+ proposals = aes128-sha256-x25519
+ }
+}
diff --git a/testing/tests/swanctl/rw-ed25519-certpol/hosts/carol/etc/swanctl/x509/carolCert.pem b/testing/tests/swanctl/rw-ed25519-certpol/hosts/carol/etc/swanctl/x509/carolCert.pem
new file mode 100644
index 000000000..70d7664af
--- /dev/null
+++ b/testing/tests/swanctl/rw-ed25519-certpol/hosts/carol/etc/swanctl/x509/carolCert.pem
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIIB/DCCAa6gAwIBAgIBBTAFBgMrZXAwTzELMAkGA1UEBhMCQ0gxGzAZBgNVBAoT
+EnN0cm9uZ1N3YW4gUHJvamVjdDEjMCEGA1UEAxMac3Ryb25nU3dhbiBFZDI1NTE5
+IFJvb3QgQ0EwHhcNMTgwNjIxMTQzMDU1WhcNMjMwNjIxMTQzMDU1WjBbMQswCQYD
+VQQGEwJDSDEbMBkGA1UEChMSc3Ryb25nU3dhbiBQcm9qZWN0MRAwDgYDVQQLEwdF
+ZDI1NTE5MR0wGwYDVQQDDBRjYXJvbEBzdHJvbmdzd2FuLm9yZzAqMAUGAytlcAMh
+APtwTFkrXyLYOWm9zlNm+ASZ3LzmpWmB2OwqnWZlFIXVo4GiMIGfMB8GA1UdIwQY
+MBaAFCNOkpAKSIb2BV3+ead2AzqOcNj4MB8GA1UdEQQYMBaBFGNhcm9sQHN0cm9u
+Z3N3YW4ub3JnMEEGA1UdHwQ6MDgwNqA0oDKGMGh0dHA6Ly9jcmwuc3Ryb25nc3dh
+bi5vcmcvc3Ryb25nc3dhbl9lZDI1NTE5LmNybDAYBgNVHSAEETAPMA0GCysGAQQB
+gqAqAQEBMAUGAytlcANBAJAqyQd0TjQUTba+9NzVdboKhq3D6I/go7wjzx9G2O5s
+xn1QimUMNHpY4i8eDD9ISvZIR2sziZgm79zV/sY1bQw=
+-----END CERTIFICATE-----
diff --git a/testing/tests/swanctl/rw-ed25519-certpol/hosts/carol/etc/swanctl/x509ca/strongswanCert.pem b/testing/tests/swanctl/rw-ed25519-certpol/hosts/carol/etc/swanctl/x509ca/strongswanCert.pem
new file mode 100644
index 000000000..ec34ff0b0
--- /dev/null
+++ b/testing/tests/swanctl/rw-ed25519-certpol/hosts/carol/etc/swanctl/x509ca/strongswanCert.pem
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBvzCCAXGgAwIBAgIIVuORAxPNUTQwBQYDK2VwME8xCzAJBgNVBAYTAkNIMRsw
+GQYDVQQKExJzdHJvbmdTd2FuIFByb2plY3QxIzAhBgNVBAMTGnN0cm9uZ1N3YW4g
+RWQyNTUxOSBSb290IENBMB4XDTE2MTIwNDIyMzU1NloXDTI2MTIwNDIyMzU1Nlow
+TzELMAkGA1UEBhMCQ0gxGzAZBgNVBAoTEnN0cm9uZ1N3YW4gUHJvamVjdDEjMCEG
+A1UEAxMac3Ryb25nU3dhbiBFZDI1NTE5IFJvb3QgQ0EwKjAFBgMrZXADIQAKMO0G
+lvjTLC7k8FoSp78rca3x++nvf9xPACSqnBg5UKNrMGkwDwYDVR0TAQH/BAUwAwEB
+/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFCNOkpAKSIb2BV3+ead2AzqOcNj4
+MCcGA1UdIAQgMB4wDQYLKwYBBAGCoCoBAQEwDQYLKwYBBAGCoCoBAQIwBQYDK2Vw
+A0EAmmq2gRBc3uVIa0e+LVHfAdWZ+PQU6aiwAqVMTK2aiaU4BECpNQE2MLYKMxWg
+GjZr7I5qruXG76jCbjDTlGSbBA==
+-----END CERTIFICATE-----
diff --git a/testing/tests/swanctl/rw-ed25519-certpol/hosts/dave/etc/strongswan.conf b/testing/tests/swanctl/rw-ed25519-certpol/hosts/dave/etc/strongswan.conf
new file mode 100755
index 000000000..91a05eabc
--- /dev/null
+++ b/testing/tests/swanctl/rw-ed25519-certpol/hosts/dave/etc/strongswan.conf
@@ -0,0 +1,9 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+swanctl {
+ load = pem pkcs1 pkcs8 curve25519 x509 revocation constraints pubkey openssl random
+}
+
+charon-systemd {
+ load = random nonce sha1 sha2 aes hmac pem pkcs1 pkcs8 x509 revocation constraints pubkey curve25519 gmp curl kernel-netlink socket-default updown vici
+}
diff --git a/testing/tests/swanctl/rw-ed25519-certpol/hosts/dave/etc/swanctl/pkcs8/daveKey.pem b/testing/tests/swanctl/rw-ed25519-certpol/hosts/dave/etc/swanctl/pkcs8/daveKey.pem
new file mode 100644
index 000000000..bf84ef3dd
--- /dev/null
+++ b/testing/tests/swanctl/rw-ed25519-certpol/hosts/dave/etc/swanctl/pkcs8/daveKey.pem
@@ -0,0 +1,3 @@
+-----BEGIN PRIVATE KEY-----
+MC4CAQAwBQYDK2VwBCIEIF17ReOyn64y7tmC11XyYzcALKmu9lkS0VnWSd0l54FX
+-----END PRIVATE KEY-----
diff --git a/testing/tests/swanctl/rw-ed25519-certpol/hosts/dave/etc/swanctl/swanctl.conf b/testing/tests/swanctl/rw-ed25519-certpol/hosts/dave/etc/swanctl/swanctl.conf
new file mode 100755
index 000000000..2c5c8f3ee
--- /dev/null
+++ b/testing/tests/swanctl/rw-ed25519-certpol/hosts/dave/etc/swanctl/swanctl.conf
@@ -0,0 +1,27 @@
+connections {
+
+ home {
+ local_addrs = 192.168.0.200
+ remote_addrs = 192.168.0.1
+
+ local {
+ auth = pubkey
+ certs = daveCert.pem
+ id = dave@strongswan.org
+ }
+ remote {
+ auth = pubkey
+ id = moon.strongswan.org
+ }
+ children {
+ home {
+ remote_ts = 10.1.0.0/16
+
+ updown = /usr/local/libexec/ipsec/_updown iptables
+ esp_proposals = aes128gcm128-x25519
+ }
+ }
+ version = 2
+ proposals = aes128-sha256-x25519
+ }
+}
diff --git a/testing/tests/swanctl/rw-ed25519-certpol/hosts/dave/etc/swanctl/x509/daveCert.pem b/testing/tests/swanctl/rw-ed25519-certpol/hosts/dave/etc/swanctl/x509/daveCert.pem
new file mode 100644
index 000000000..18f0e088c
--- /dev/null
+++ b/testing/tests/swanctl/rw-ed25519-certpol/hosts/dave/etc/swanctl/x509/daveCert.pem
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIIB4DCCAZKgAwIBAgIBBDAFBgMrZXAwTzELMAkGA1UEBhMCQ0gxGzAZBgNVBAoT
+EnN0cm9uZ1N3YW4gUHJvamVjdDEjMCEGA1UEAxMac3Ryb25nU3dhbiBFZDI1NTE5
+IFJvb3QgQ0EwHhcNMTYxMjA0MjIzODQwWhcNMjExMjA0MjIzODQwWjBaMQswCQYD
+VQQGEwJDSDEbMBkGA1UEChMSc3Ryb25nU3dhbiBQcm9qZWN0MRAwDgYDVQQLEwdF
+ZDI1NTE5MRwwGgYDVQQDDBNkYXZlQHN0cm9uZ3N3YW4ub3JnMCowBQYDK2VwAyEA
+fYCNzyBpr3lne+kVB27q7O7TvMkERDB9kRnzNSx30hijgYcwgYQwHwYDVR0jBBgw
+FoAUI06SkApIhvYFXf55p3YDOo5w2PgwHgYDVR0RBBcwFYETZGF2ZUBzdHJvbmdz
+d2FuLm9yZzBBBgNVHR8EOjA4MDagNKAyhjBodHRwOi8vY3JsLnN0cm9uZ3N3YW4u
+b3JnL3N0cm9uZ3N3YW5fZWQyNTUxOS5jcmwwBQYDK2VwA0EAEG4SjQX49xhuMiyn
+86uOCxDWy08KUQRBLoqan+cPfYDPgCbblpbmJOoCBtcUyzEYQ+L/gCQzwLAUZSbK
+MEj7Dg==
+-----END CERTIFICATE-----
diff --git a/testing/tests/swanctl/rw-ed25519-certpol/hosts/dave/etc/swanctl/x509ca/strongswanCert.pem b/testing/tests/swanctl/rw-ed25519-certpol/hosts/dave/etc/swanctl/x509ca/strongswanCert.pem
new file mode 100644
index 000000000..ec34ff0b0
--- /dev/null
+++ b/testing/tests/swanctl/rw-ed25519-certpol/hosts/dave/etc/swanctl/x509ca/strongswanCert.pem
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBvzCCAXGgAwIBAgIIVuORAxPNUTQwBQYDK2VwME8xCzAJBgNVBAYTAkNIMRsw
+GQYDVQQKExJzdHJvbmdTd2FuIFByb2plY3QxIzAhBgNVBAMTGnN0cm9uZ1N3YW4g
+RWQyNTUxOSBSb290IENBMB4XDTE2MTIwNDIyMzU1NloXDTI2MTIwNDIyMzU1Nlow
+TzELMAkGA1UEBhMCQ0gxGzAZBgNVBAoTEnN0cm9uZ1N3YW4gUHJvamVjdDEjMCEG
+A1UEAxMac3Ryb25nU3dhbiBFZDI1NTE5IFJvb3QgQ0EwKjAFBgMrZXADIQAKMO0G
+lvjTLC7k8FoSp78rca3x++nvf9xPACSqnBg5UKNrMGkwDwYDVR0TAQH/BAUwAwEB
+/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFCNOkpAKSIb2BV3+ead2AzqOcNj4
+MCcGA1UdIAQgMB4wDQYLKwYBBAGCoCoBAQEwDQYLKwYBBAGCoCoBAQIwBQYDK2Vw
+A0EAmmq2gRBc3uVIa0e+LVHfAdWZ+PQU6aiwAqVMTK2aiaU4BECpNQE2MLYKMxWg
+GjZr7I5qruXG76jCbjDTlGSbBA==
+-----END CERTIFICATE-----
diff --git a/testing/tests/swanctl/rw-ed25519-certpol/hosts/moon/etc/strongswan.conf b/testing/tests/swanctl/rw-ed25519-certpol/hosts/moon/etc/strongswan.conf
new file mode 100755
index 000000000..b81a8a61a
--- /dev/null
+++ b/testing/tests/swanctl/rw-ed25519-certpol/hosts/moon/etc/strongswan.conf
@@ -0,0 +1,13 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+swanctl {
+ load = pem pkcs1 pkcs8 curve25519 x509 revocation constraints pubkey openssl random
+}
+
+charon-systemd {
+ load = random nonce sha1 sha2 aes hmac pem pkcs1 pkcs8 x509 revocation constraints pubkey curve25519 gmp curl kernel-netlink socket-default updown vici
+ syslog {
+ daemon {
+ default = 1 }
+ }
+}
diff --git a/testing/tests/swanctl/rw-ed25519-certpol/hosts/moon/etc/swanctl/pkcs8/moonKey.pem b/testing/tests/swanctl/rw-ed25519-certpol/hosts/moon/etc/swanctl/pkcs8/moonKey.pem
new file mode 100644
index 000000000..491d36430
--- /dev/null
+++ b/testing/tests/swanctl/rw-ed25519-certpol/hosts/moon/etc/swanctl/pkcs8/moonKey.pem
@@ -0,0 +1,3 @@
+-----BEGIN PRIVATE KEY-----
+MC4CAQAwBQYDK2VwBCIEIKF9TGaPwvVmqoqowy6y8anmPMKpSi9bKc310bbXBMtk
+-----END PRIVATE KEY-----
diff --git a/testing/tests/swanctl/rw-ed25519-certpol/hosts/moon/etc/swanctl/swanctl.conf b/testing/tests/swanctl/rw-ed25519-certpol/hosts/moon/etc/swanctl/swanctl.conf
new file mode 100755
index 000000000..1cc6ea429
--- /dev/null
+++ b/testing/tests/swanctl/rw-ed25519-certpol/hosts/moon/etc/swanctl/swanctl.conf
@@ -0,0 +1,26 @@
+connections {
+
+ rw {
+ local_addrs = 192.168.0.1
+
+ local {
+ auth = pubkey
+ certs = moonCert.pem
+ id = moon.strongswan.org
+ }
+ remote {
+ auth = pubkey
+ cert_policy = 1.3.6.1.4.1.36906.1.1.1
+ }
+ children {
+ net {
+ local_ts = 10.1.0.0/16
+
+ updown = /usr/local/libexec/ipsec/_updown iptables
+ esp_proposals = aes128gcm128-x25519
+ }
+ }
+ version = 2
+ proposals = aes128-sha256-x25519
+ }
+}
diff --git a/testing/tests/swanctl/rw-ed25519-certpol/hosts/moon/etc/swanctl/x509/moonCert.pem b/testing/tests/swanctl/rw-ed25519-certpol/hosts/moon/etc/swanctl/x509/moonCert.pem
new file mode 100644
index 000000000..e67b224b6
--- /dev/null
+++ b/testing/tests/swanctl/rw-ed25519-certpol/hosts/moon/etc/swanctl/x509/moonCert.pem
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIIB9TCCAaegAwIBAgIBATAFBgMrZXAwTzELMAkGA1UEBhMCQ0gxGzAZBgNVBAoT
+EnN0cm9uZ1N3YW4gUHJvamVjdDEjMCEGA1UEAxMac3Ryb25nU3dhbiBFZDI1NTE5
+IFJvb3QgQ0EwHhcNMTYxMjA0MjI0MDQyWhcNMjExMjA0MjI0MDQyWjBaMQswCQYD
+VQQGEwJDSDEbMBkGA1UEChMSc3Ryb25nU3dhbiBQcm9qZWN0MRAwDgYDVQQLEwdF
+ZDI1NTE5MRwwGgYDVQQDExNtb29uLnN0cm9uZ3N3YW4ub3JnMCowBQYDK2VwAyEA
+4X/jpRSEXr0/TmIHTOj7FqllkP+3e+ljkAU1FtYnX5ijgZwwgZkwHwYDVR0jBBgw
+FoAUI06SkApIhvYFXf55p3YDOo5w2PgwHgYDVR0RBBcwFYITbW9vbi5zdHJvbmdz
+d2FuLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATBBBgNVHR8EOjA4MDagNKAyhjBo
+dHRwOi8vY3JsLnN0cm9uZ3N3YW4ub3JnL3N0cm9uZ3N3YW5fZWQyNTUxOS5jcmww
+BQYDK2VwA0EAOjD6PXrI3R8Wj55gstR2FtT0Htu4vV2jCRekts8O0++GNVMn65BX
+8ohW9fH7Ie2JTSOb0wzX+TPuMUAkLutUBA==
+-----END CERTIFICATE-----
diff --git a/testing/tests/swanctl/rw-ed25519-certpol/hosts/moon/etc/swanctl/x509ca/strongswanCert.pem b/testing/tests/swanctl/rw-ed25519-certpol/hosts/moon/etc/swanctl/x509ca/strongswanCert.pem
new file mode 100644
index 000000000..ec34ff0b0
--- /dev/null
+++ b/testing/tests/swanctl/rw-ed25519-certpol/hosts/moon/etc/swanctl/x509ca/strongswanCert.pem
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBvzCCAXGgAwIBAgIIVuORAxPNUTQwBQYDK2VwME8xCzAJBgNVBAYTAkNIMRsw
+GQYDVQQKExJzdHJvbmdTd2FuIFByb2plY3QxIzAhBgNVBAMTGnN0cm9uZ1N3YW4g
+RWQyNTUxOSBSb290IENBMB4XDTE2MTIwNDIyMzU1NloXDTI2MTIwNDIyMzU1Nlow
+TzELMAkGA1UEBhMCQ0gxGzAZBgNVBAoTEnN0cm9uZ1N3YW4gUHJvamVjdDEjMCEG
+A1UEAxMac3Ryb25nU3dhbiBFZDI1NTE5IFJvb3QgQ0EwKjAFBgMrZXADIQAKMO0G
+lvjTLC7k8FoSp78rca3x++nvf9xPACSqnBg5UKNrMGkwDwYDVR0TAQH/BAUwAwEB
+/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFCNOkpAKSIb2BV3+ead2AzqOcNj4
+MCcGA1UdIAQgMB4wDQYLKwYBBAGCoCoBAQEwDQYLKwYBBAGCoCoBAQIwBQYDK2Vw
+A0EAmmq2gRBc3uVIa0e+LVHfAdWZ+PQU6aiwAqVMTK2aiaU4BECpNQE2MLYKMxWg
+GjZr7I5qruXG76jCbjDTlGSbBA==
+-----END CERTIFICATE-----