tests: Update server and user certificates (2015)

The previous versions expired, so need to re-sign these to fix number of
the EAP test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests/hwsim/auth_serv/index.txt

@@ -4,5 +4,5 @@ V	140102000000Z		D8D3E3A6CBE3CCCA	unknown	/C=FI/O=w1.fi/CN=server4.w1.fi
 V	150215083008Z		D8D3E3A6CBE3CCCB	unknown	/C=FI/O=w1.fi/CN=server5.w1.fi
 V	150228224144Z		D8D3E3A6CBE3CCCC	unknown	/C=FI/O=w1.fi/CN=server6.w1.fi
 V	160111185024Z		D8D3E3A6CBE3CCCD	unknown	/C=FI/O=w1.fi/CN=ocsp.w1.fi
-V	160929212846Z		D8D3E3A6CBE3CCE2	unknown	/C=FI/O=w1.fi/CN=server.w1.fi
+V	170930181357Z		D8D3E3A6CBE3CCE9	unknown	/C=FI/O=w1.fi/CN=server.w1.fi
 V	150929211300Z		D8D3E3A6CBE3CCD1	unknown	/C=FI/O=w1.fi/CN=Test User

tests/hwsim/auth_serv/server.pem

@@ -1,12 +1,12 @@
 Certificate:
     Data:
         Version: 3 (0x2)
-        Serial Number: 15624081837803162850 (0xd8d3e3a6cbe3cce2)
+        Serial Number: 15624081837803162857 (0xd8d3e3a6cbe3cce9)
     Signature Algorithm: sha256WithRSAEncryption
         Issuer: C=FI, O=w1.fi, CN=Root CA
         Validity
-            Not Before: Sep 30 21:28:46 2015 GMT
+            Not Before: Sep 30 18:13:57 2016 GMT
-            Not After : Sep 29 21:28:46 2016 GMT
+            Not After : Sep 30 18:13:57 2017 GMT
         Subject: C=FI, O=w1.fi, CN=server.w1.fi
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -38,18 +38,18 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication
     Signature Algorithm: sha256WithRSAEncryption
-         48:4d:b8:be:72:ad:1c:4c:e8:9c:d9:0c:2c:77:ac:b2:60:20:
+         24:da:48:be:a8:ae:6e:25:ed:12:bd:f5:a3:32:1f:40:4c:ab:
-         96:15:51:9d:0e:41:8c:79:8d:43:e8:01:af:9f:4b:c8:26:89:
+         50:87:23:b1:46:45:b0:e5:9b:02:ad:c9:d3:fb:c0:52:78:b5:
-         f9:17:38:90:d0:b9:d1:14:13:57:ba:ce:ce:3b:55:b0:90:20:
+         91:2a:d4:8f:f8:c8:a4:48:b4:66:f7:2e:f1:cf:8c:3a:7a:54:
-         f8:1e:d2:f0:32:98:6b:fc:55:f4:36:c1:55:9b:1b:55:26:26:
+         fc:e2:41:a7:af:e3:d1:66:d6:02:d8:93:de:52:b2:c2:6e:d9:
-         dd:5f:0f:38:73:76:64:7d:61:36:ad:c8:86:e6:2f:3f:12:fe:
+         7a:bd:8c:ce:e5:dc:3b:0b:7a:f6:fc:a0:4e:9c:64:84:14:3f:
-         d2:4c:cd:6e:57:4f:ab:3a:22:a1:0b:c9:5b:46:4e:43:71:dd:
+         9b:24:fc:d0:8f:9c:78:c8:57:0f:32:dd:ed:97:f1:c1:a2:b3:
-         1c:b3:38:af:5c:69:a1:6b:90:59:c0:1e:f8:3e:9d:f4:23:b8:
+         0a:14:9e:c8:35:68:30:1a:10:22:14:66:4a:6b:a4:47:b4:c6:
-         d4:a9
+         4f:3b
 -----BEGIN CERTIFICATE-----
-MIIClTCCAf6gAwIBAgIJANjT46bL48ziMA0GCSqGSIb3DQEBCwUAMC8xCzAJBgNV
+MIIClTCCAf6gAwIBAgIJANjT46bL48zpMA0GCSqGSIb3DQEBCwUAMC8xCzAJBgNV
-BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xNTA5
+BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xNjA5
-MzAyMTI4NDZaFw0xNjA5MjkyMTI4NDZaMDQxCzAJBgNVBAYTAkZJMQ4wDAYDVQQK
+MzAxODEzNTdaFw0xNzA5MzAxODEzNTdaMDQxCzAJBgNVBAYTAkZJMQ4wDAYDVQQK
 DAV3MS5maTEVMBMGA1UEAwwMc2VydmVyLncxLmZpMIGfMA0GCSqGSIb3DQEBAQUA
 A4GNADCBiQKBgQC6oHdVIhSFVWWbZCyt7ZvdZTHJ2mBQzjjWNNzovBueMOcS41Ns
 ye1IA3mBaZjOirh3RzZFz8bg8XsecYlU9wHMIq2gQrGoNZ5gqjqYUdD/H+6+jQpj
@@ -58,7 +58,7 @@ o4GzMIGwMAkGA1UdEwQCMAAwHQYDVR0OBBYEFDFPEFxnn75OiNbcxaueEoiGaQJP
 MB8GA1UdIwQYMBaAFLiS3v2KGLMww59V8zNdtMgpikEUMDUGCCsGAQUFBwEBBCkw
 JzAlBggrBgEFBQcwAYYZaHR0cDovL3NlcnZlci53MS5maTo4ODg4LzAXBgNVHREE
 EDAOggxzZXJ2ZXIudzEuZmkwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcN
-AQELBQADgYEASE24vnKtHEzonNkMLHessmAglhVRnQ5BjHmNQ+gBr59LyCaJ+Rc4
+AQELBQADgYEAJNpIvqiubiXtEr31ozIfQEyrUIcjsUZFsOWbAq3J0/vAUni1kSrU
-kNC50RQTV7rOzjtVsJAg+B7S8DKYa/xV9DbBVZsbVSYm3V8POHN2ZH1hNq3IhuYv
+j/jIpEi0Zvcu8c+MOnpU/OJBp6/j0WbWAtiT3lKywm7Zer2MzuXcOwt69vygTpxk
-PxL+0kzNbldPqzoioQvJW0ZOQ3HdHLM4r1xpoWuQWcAe+D6d9CO41Kk=
+hBQ/myT80I+ceMhXDzLd7ZfxwaKzChSeyDVoMBoQIhRmSmukR7TGTzs=
 -----END CERTIFICATE-----

tests/hwsim/auth_serv/user.pem

@@ -1,12 +1,12 @@
 Certificate:
     Data:
         Version: 3 (0x2)
-        Serial Number: 15624081837803162848 (0xd8d3e3a6cbe3cce0)
+        Serial Number: 15624081837803162859 (0xd8d3e3a6cbe3cceb)
     Signature Algorithm: sha256WithRSAEncryption
         Issuer: C=FI, O=w1.fi, CN=Root CA
         Validity
-            Not Before: Sep 30 21:07:18 2015 GMT
+            Not Before: Sep 30 18:20:27 2016 GMT
-            Not After : Sep 29 21:07:18 2016 GMT
+            Not After : Sep 30 18:20:27 2017 GMT
         Subject: C=FI, O=w1.fi, CN=Test User
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -36,18 +36,18 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Client Authentication
     Signature Algorithm: sha256WithRSAEncryption
-         27:11:93:4d:7b:a5:ce:2a:16:87:76:ea:c5:42:df:6c:c0:f7:
+         47:2e:3d:23:86:d0:3e:fb:b5:7f:d6:32:6b:12:fb:7c:76:78:
-         77:a9:3e:e9:4f:c7:a2:10:d1:47:53:f0:b1:c4:3f:b8:6a:65:
+         ec:82:db:ab:fa:5e:0f:1d:97:36:f9:de:b3:cb:fd:08:9e:d5:
-         b9:24:de:6b:ad:46:9d:7c:dc:e5:1e:4f:5b:e3:13:6d:e5:12:
+         cd:3d:97:78:c5:00:ce:78:f1:39:3b:84:c9:d0:e6:17:58:ed:
-         94:59:33:17:6f:25:c6:b7:56:3a:1a:7c:78:17:bb:4e:e9:82:
+         ac:e2:d2:a8:7a:fd:b9:19:a4:1c:57:08:17:8c:7f:70:88:82:
-         19:cc:00:b0:44:4f:29:0a:ac:bd:9b:b4:db:41:e0:22:a9:36:
+         d5:89:0f:1e:18:22:6d:62:69:4c:12:92:32:bc:cc:1b:a0:05:
-         d5:02:2d:14:c2:b0:61:aa:b7:3f:f4:26:b5:5c:5c:38:a6:4a:
+         bc:af:7f:53:a9:dc:a9:55:48:e0:28:34:3e:60:3f:82:16:ac:
-         f7:f2:2a:3f:b2:33:10:a1:fb:68:b1:61:ac:3a:f9:b1:20:f8:
+         70:a1:01:e7:75:cf:a0:72:ad:39:ad:52:65:a8:64:fa:7f:11:
-         e5:97
+         f2:f5
 -----BEGIN CERTIFICATE-----
-MIICeTCCAeKgAwIBAgIJANjT46bL48zgMA0GCSqGSIb3DQEBCwUAMC8xCzAJBgNV
+MIICeTCCAeKgAwIBAgIJANjT46bL48zrMA0GCSqGSIb3DQEBCwUAMC8xCzAJBgNV
-BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xNTA5
+BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xNjA5
-MzAyMTA3MThaFw0xNjA5MjkyMTA3MThaMDExCzAJBgNVBAYTAkZJMQ4wDAYDVQQK
+MzAxODIwMjdaFw0xNzA5MzAxODIwMjdaMDExCzAJBgNVBAYTAkZJMQ4wDAYDVQQK
 DAV3MS5maTESMBAGA1UEAwwJVGVzdCBVc2VyMIGfMA0GCSqGSIb3DQEBAQUAA4GN
 ADCBiQKBgQCmli6bIozflL6LiUn2eHaiYH4UlfOW/qsZJQM0ZHQBPqiffPFHYWBM
 gpIofCugDsuHv1nr1/NhIjsU86sx9lqVH7h6uCw8qWFTeJvoPlDswtZE50PNvD5O
@@ -55,8 +55,8 @@ gpIofCugDsuHv1nr1/NhIjsU86sx9lqVH7h6uCw8qWFTeJvoPlDswtZE50PNvD5O
 MIGXMAkGA1UdEwQCMAAwHQYDVR0OBBYEFIHe3+laABrKZ9YG3WWyTsWaBEN9MB8G
 A1UdIwQYMBaAFLiS3v2KGLMww59V8zNdtMgpikEUMDUGCCsGAQUFBwEBBCkwJzAl
 BggrBgEFBQcwAYYZaHR0cDovL3NlcnZlci53MS5maTo4ODg4LzATBgNVHSUEDDAK
-BggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOBgQAnEZNNe6XOKhaHdurFQt9swPd3
+BggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOBgQBHLj0jhtA++7V/1jJrEvt8dnjs
-qT7pT8eiENFHU/CxxD+4amW5JN5rrUadfNzlHk9b4xNt5RKUWTMXbyXGt1Y6Gnx4
+gtur+l4PHZc2+d6zy/0IntXNPZd4xQDOePE5O4TJ0OYXWO2s4tKoev25GaQcVwgX
-F7tO6YIZzACwRE8pCqy9m7TbQeAiqTbVAi0UwrBhqrc/9Ca1XFw4pkr38io/sjMQ
+jH9wiILViQ8eGCJtYmlMEpIyvMwboAW8r39TqdypVUjgKDQ+YD+CFqxwoQHndc+g
-oftosWGsOvmxIPjllw==
+cq05rVJlqGT6fxHy9Q==
 -----END CERTIFICATE-----

tests/hwsim/start.sh

@@ -162,7 +162,7 @@ for i in unknown revoked; do
 done
 
 openssl ocsp -reqout $LOGDIR/ocsp-req.der -issuer $DIR/auth_serv/ca.pem \
-    -serial 0xD8D3E3A6CBE3CCE2 -no_nonce -sha256 >> $LOGDIR/ocsp.log 2>&1
+    -serial 0xD8D3E3A6CBE3CCE9 -no_nonce -sha256 >> $LOGDIR/ocsp.log 2>&1
 for i in "" "-unknown" "-revoked"; do
     openssl ocsp -index $DIR/auth_serv/index$i.txt \
 	-rsigner $DIR/auth_serv/ca.pem \

tests/hwsim/test_ap_eap.py

@@ -2339,7 +2339,7 @@ def test_ap_wpa2_eap_ttls_server_cert_hash(dev, apdev):
     """WPA2-Enterprise connection using EAP-TTLS and server certificate hash"""
     check_cert_probe_support(dev[0])
     skip_with_fips(dev[0])
-    srv_cert_hash = "e75bd454c7b02d312e5006d75067c28ffa5baea422effeb2bbd572179cd000ca"
+    srv_cert_hash = "bdb9cb55d3df278e52a071abf58e7f0238fbec3ad8fb2c254742f63562628272"
     params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
     hapd = hostapd.add_ap(apdev[0], params)
     dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TTLS",