From d505658038438f77dbd66a2a60fdc58edfac99c9 Mon Sep 17 00:00:00 2001
From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Thu, 22 Sep 2016 14:28:36 +0200
Subject: [PATCH] testing: Added swanctl/net2net-sha3-rsa-cert and
 swanctl/rw-eap-tls-sha3-rsa scenarios

---
 .../hosts/winnetou/etc/openssl/generate-crl   |  3 ++
 .../etc/openssl/sha3-rsa/carolCert.pem        | 28 +++++++++++++
 .../etc/openssl/sha3-rsa/carolKey.pem         | 39 +++++++++++++++++++
 .../etc/openssl/sha3-rsa/daveCert.pem         | 28 +++++++++++++
 .../winnetou/etc/openssl/sha3-rsa/daveKey.pem | 39 +++++++++++++++++++
 .../etc/openssl/sha3-rsa/moonCert.pem         | 28 +++++++++++++
 .../winnetou/etc/openssl/sha3-rsa/moonKey.pem | 39 +++++++++++++++++++
 .../etc/openssl/sha3-rsa/strongswanCert.pem   | 26 +++++++++++++
 .../etc/openssl/sha3-rsa/strongswanKey.pem    | 39 +++++++++++++++++++
 .../winnetou/etc/openssl/sha3-rsa/sunCert.pem | 28 +++++++++++++
 .../winnetou/etc/openssl/sha3-rsa/sunKey.pem  | 39 +++++++++++++++++++
 .../net2net-sha3-rsa-cert/description.txt     |  8 ++++
 .../net2net-sha3-rsa-cert/evaltest.dat        |  5 +++
 .../hosts/moon/etc/strongswan.conf            | 14 +++++++
 .../hosts/moon/etc/swanctl/rsa/moonKey.pem    | 39 +++++++++++++++++++
 .../hosts/moon/etc/swanctl/swanctl.conf       | 33 ++++++++++++++++
 .../hosts/moon/etc/swanctl/x509/moonCert.pem  | 28 +++++++++++++
 .../etc/swanctl/x509ca/strongswanCert.pem     | 26 +++++++++++++
 .../hosts/sun/etc/strongswan.conf             | 14 +++++++
 .../hosts/sun/etc/swanctl/rsa/sunKey.pem      | 39 +++++++++++++++++++
 .../hosts/sun/etc/swanctl/swanctl.conf        | 33 ++++++++++++++++
 .../hosts/sun/etc/swanctl/x509/sunCert.pem    | 28 +++++++++++++
 .../sun/etc/swanctl/x509ca/strongswanCert.pem | 26 +++++++++++++
 .../net2net-sha3-rsa-cert/posttest.dat        |  5 +++
 .../swanctl/net2net-sha3-rsa-cert/pretest.dat |  7 ++++
 .../swanctl/net2net-sha3-rsa-cert/test.conf   | 25 ++++++++++++
 .../rw-eap-tls-sha3-rsa/description.txt       |  8 ++++
 .../swanctl/rw-eap-tls-sha3-rsa/evaltest.dat  | 10 +++++
 .../hosts/carol/etc/strongswan.conf           | 18 +++++++++
 .../hosts/carol/etc/swanctl/rsa/carolKey.pem  | 39 +++++++++++++++++++
 .../hosts/carol/etc/swanctl/swanctl.conf      | 28 +++++++++++++
 .../carol/etc/swanctl/x509/carolCert.pem      | 28 +++++++++++++
 .../etc/swanctl/x509ca/strongswanCert.pem     | 26 +++++++++++++
 .../hosts/dave/etc/strongswan.conf            | 18 +++++++++
 .../hosts/dave/etc/swanctl/rsa/daveKey.pem    | 39 +++++++++++++++++++
 .../hosts/dave/etc/swanctl/swanctl.conf       | 28 +++++++++++++
 .../hosts/dave/etc/swanctl/x509/daveCert.pem  | 28 +++++++++++++
 .../etc/swanctl/x509ca/strongswanCert.pem     | 26 +++++++++++++
 .../hosts/moon/etc/strongswan.conf            | 14 +++++++
 .../hosts/moon/etc/swanctl/rsa/moonKey.pem    | 39 +++++++++++++++++++
 .../hosts/moon/etc/swanctl/swanctl.conf       | 26 +++++++++++++
 .../hosts/moon/etc/swanctl/x509/moonCert.pem  | 28 +++++++++++++
 .../etc/swanctl/x509ca/strongswanCert.pem     | 26 +++++++++++++
 .../swanctl/rw-eap-tls-sha3-rsa/posttest.dat  |  8 ++++
 .../swanctl/rw-eap-tls-sha3-rsa/pretest.dat   | 11 ++++++
 .../swanctl/rw-eap-tls-sha3-rsa/test.conf     | 25 ++++++++++++
 46 files changed, 1139 insertions(+)
 create mode 100644 testing/hosts/winnetou/etc/openssl/sha3-rsa/carolCert.pem
 create mode 100644 testing/hosts/winnetou/etc/openssl/sha3-rsa/carolKey.pem
 create mode 100644 testing/hosts/winnetou/etc/openssl/sha3-rsa/daveCert.pem
 create mode 100644 testing/hosts/winnetou/etc/openssl/sha3-rsa/daveKey.pem
 create mode 100644 testing/hosts/winnetou/etc/openssl/sha3-rsa/moonCert.pem
 create mode 100644 testing/hosts/winnetou/etc/openssl/sha3-rsa/moonKey.pem
 create mode 100644 testing/hosts/winnetou/etc/openssl/sha3-rsa/strongswanCert.pem
 create mode 100644 testing/hosts/winnetou/etc/openssl/sha3-rsa/strongswanKey.pem
 create mode 100644 testing/hosts/winnetou/etc/openssl/sha3-rsa/sunCert.pem
 create mode 100644 testing/hosts/winnetou/etc/openssl/sha3-rsa/sunKey.pem
 create mode 100755 testing/tests/swanctl/net2net-sha3-rsa-cert/description.txt
 create mode 100755 testing/tests/swanctl/net2net-sha3-rsa-cert/evaltest.dat
 create mode 100755 testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/moon/etc/strongswan.conf
 create mode 100644 testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/moon/etc/swanctl/rsa/moonKey.pem
 create mode 100755 testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/moon/etc/swanctl/swanctl.conf
 create mode 100644 testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/moon/etc/swanctl/x509/moonCert.pem
 create mode 100644 testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/moon/etc/swanctl/x509ca/strongswanCert.pem
 create mode 100755 testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/sun/etc/strongswan.conf
 create mode 100644 testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/sun/etc/swanctl/rsa/sunKey.pem
 create mode 100755 testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/sun/etc/swanctl/swanctl.conf
 create mode 100644 testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/sun/etc/swanctl/x509/sunCert.pem
 create mode 100644 testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/sun/etc/swanctl/x509ca/strongswanCert.pem
 create mode 100755 testing/tests/swanctl/net2net-sha3-rsa-cert/posttest.dat
 create mode 100755 testing/tests/swanctl/net2net-sha3-rsa-cert/pretest.dat
 create mode 100755 testing/tests/swanctl/net2net-sha3-rsa-cert/test.conf
 create mode 100755 testing/tests/swanctl/rw-eap-tls-sha3-rsa/description.txt
 create mode 100755 testing/tests/swanctl/rw-eap-tls-sha3-rsa/evaltest.dat
 create mode 100755 testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/carol/etc/strongswan.conf
 create mode 100644 testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/carol/etc/swanctl/rsa/carolKey.pem
 create mode 100755 testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/carol/etc/swanctl/swanctl.conf
 create mode 100644 testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/carol/etc/swanctl/x509/carolCert.pem
 create mode 100644 testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/carol/etc/swanctl/x509ca/strongswanCert.pem
 create mode 100755 testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/dave/etc/strongswan.conf
 create mode 100644 testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/dave/etc/swanctl/rsa/daveKey.pem
 create mode 100755 testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/dave/etc/swanctl/swanctl.conf
 create mode 100644 testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/dave/etc/swanctl/x509/daveCert.pem
 create mode 100644 testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/dave/etc/swanctl/x509ca/strongswanCert.pem
 create mode 100755 testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/moon/etc/strongswan.conf
 create mode 100644 testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/moon/etc/swanctl/rsa/moonKey.pem
 create mode 100755 testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/moon/etc/swanctl/swanctl.conf
 create mode 100644 testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/moon/etc/swanctl/x509/moonCert.pem
 create mode 100644 testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/moon/etc/swanctl/x509ca/strongswanCert.pem
 create mode 100755 testing/tests/swanctl/rw-eap-tls-sha3-rsa/posttest.dat
 create mode 100755 testing/tests/swanctl/rw-eap-tls-sha3-rsa/pretest.dat
 create mode 100755 testing/tests/swanctl/rw-eap-tls-sha3-rsa/test.conf

diff --git a/testing/hosts/winnetou/etc/openssl/generate-crl b/testing/hosts/winnetou/etc/openssl/generate-crl
index fd75ed0f3..89534e422 100755
--- a/testing/hosts/winnetou/etc/openssl/generate-crl
+++ b/testing/hosts/winnetou/etc/openssl/generate-crl
@@ -54,3 +54,6 @@ cp strongswan_rfc3779.crl ${ROOT}
 cd /etc/openssl/bliss
 pki --signcrl --cacert strongswan_blissCert.der --cakey strongswan_blissKey.der --lifetime 30 --digest sha3_512 > strongswan_bliss.crl
 cp strongswan_bliss.crl ${ROOT}
+cd /etc/openssl/sha3-rsa
+pki --signcrl --cacert strongswanCert.pem --cakey strongswanKey.pem --lifetime 30 --digest sha3_256 > strongswan-sha3-rsa.crl
+cp strongswan-sha3-rsa.crl ${ROOT}
diff --git a/testing/hosts/winnetou/etc/openssl/sha3-rsa/carolCert.pem b/testing/hosts/winnetou/etc/openssl/sha3-rsa/carolCert.pem
new file mode 100644
index 000000000..94f2c0a19
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/sha3-rsa/carolCert.pem
@@ -0,0 +1,28 @@
+-----BEGIN CERTIFICATE-----
+MIIEtTCCAx2gAwIBAgIBAzANBglghkgBZQMEAw4FADBXMQswCQYDVQQGEwJDSDEb
+MBkGA1UEChMSc3Ryb25nU3dhbiBQcm9qZWN0MQ4wDAYDVQQLEwVTSEEtMzEbMBkG
+A1UEAxMSc3Ryb25nU3dhbiBSb290IENBMB4XDTE2MDkyMjEwMzYwMloXDTI2MDky
+MjEwMzYwMlowWTELMAkGA1UEBhMCQ0gxGzAZBgNVBAoTEnN0cm9uZ1N3YW4gUHJv
+amVjdDEOMAwGA1UECxMFU0hBLTMxHTAbBgNVBAMMFGNhcm9sQHN0cm9uZ3N3YW4u
+b3JnMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAw7ArNq1Cs5RMc1Mu
+HO5BZAIAc9v04THLSpCs+zNQlyJCXaijsiTQUbATyhgB5O11HKh69J8PRITx+dqI
+W/are3KGAKbvo8G5AgVOPhO+X3n7iOwTPqtaAlAa4/qpVyD/RSfOiQPXj+SFtBz9
+Js36gZegcm/w3d0QVOPUIEMWpSMIHCAmv6Ji/QHyOEVyOuiW0PTKVxqY8iFgnT8d
+jDo0xWU40RNcIC7qyMkmGD8xR+kIbBcH8akPB6NgNvFVUZPK4EQfr19JNAQp7KbP
+A6tlzRxR6z0eL57zRUU47g3cf9Ie1zNj4FrIfv/+nA9ZVpR/DsGe3qmJvTVDfuba
+GkFE4AKxUEGcm0N4gHXo1PBj7hayJJSUIuAfoIfmkorqrPTp3bRoH2NWmMveBU6W
+4c8Vocv4ceWmCsrodcNdzqcnU4QGFc9xKPeiD232KeBZdpK4vs1ewkzftWmOVYUB
+G0X5oNNYoT54Qr8YXTWTI/3Rp7TbVGh7Z6iqH7hQ9gNGOe+NAgMBAAGjgYkwgYYw
+HwYDVR0jBBgwFoAU5MnNjPKIbR2nLtdeeTGlZlU1zgIwHwYDVR0RBBgwFoEUY2Fy
+b2xAc3Ryb25nc3dhbi5vcmcwQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybC5z
+dHJvbmdzd2FuLm9yZy9zdHJvbmdzd2FuLXNoYTMtcnNhLmNybDANBglghkgBZQME
+Aw4FAAOCAYEAHxkcN7plS2BvO/yXxE5WJ+2k9IP/IupuE6ChuFHDq5SrGNMsStsG
+sGpV6/yxvLSHchNGnGMIOyLTMzKgWy5dnDy4YX2FqZkI8ZBa0FJ9iO2IxILCsmyw
+ouShOv47YkNuAzJWIZjRz3+7mNhfX3TsdEr26cNKf1JqawTyFCDq0t/UYS6K/8O+
++6Q1kmy2mRgR19XkxA0ts3xno+eeB0NelnVEjJwqZPFgmVYK/2T4fUKraJyQzwhp
+xghLtlmwNuN6jetB4Z9k3hQQaPlUy2wxrqdsNfV9Ysgy+3LcI2ynoFMYShrS4avW
+FI2z0hb8sDkvS4Knif4UCv14Gycb/8nSgiingEMU+UmPOxwUl79/99e4LvIaslp4
+S0AiLwe0Tz2NqQ6uhvVppw3lYptIt+EK042cYpm/CPTMlMhT+Pi8l/POWIdquNLp
+85NuiVBbt3wMff+qTu+/ppyQsytTfDMD6XLggorLni/Owf9PoBakcdGuPW9MAUTf
+6Idv0tl5T0qX
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/sha3-rsa/carolKey.pem b/testing/hosts/winnetou/etc/openssl/sha3-rsa/carolKey.pem
new file mode 100644
index 000000000..db6c98d89
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/sha3-rsa/carolKey.pem
@@ -0,0 +1,39 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIG4gIBAAKCAYEAw7ArNq1Cs5RMc1MuHO5BZAIAc9v04THLSpCs+zNQlyJCXaij
+siTQUbATyhgB5O11HKh69J8PRITx+dqIW/are3KGAKbvo8G5AgVOPhO+X3n7iOwT
+PqtaAlAa4/qpVyD/RSfOiQPXj+SFtBz9Js36gZegcm/w3d0QVOPUIEMWpSMIHCAm
+v6Ji/QHyOEVyOuiW0PTKVxqY8iFgnT8djDo0xWU40RNcIC7qyMkmGD8xR+kIbBcH
+8akPB6NgNvFVUZPK4EQfr19JNAQp7KbPA6tlzRxR6z0eL57zRUU47g3cf9Ie1zNj
+4FrIfv/+nA9ZVpR/DsGe3qmJvTVDfubaGkFE4AKxUEGcm0N4gHXo1PBj7hayJJSU
+IuAfoIfmkorqrPTp3bRoH2NWmMveBU6W4c8Vocv4ceWmCsrodcNdzqcnU4QGFc9x
+KPeiD232KeBZdpK4vs1ewkzftWmOVYUBG0X5oNNYoT54Qr8YXTWTI/3Rp7TbVGh7
+Z6iqH7hQ9gNGOe+NAgMBAAECggGAKuC3F0vviZm9Bqf7OquZ+GfX4YsYpR9cBAKf
+ZIth5TvEfvEsrSQT4VJLg8Su5ZKCTr07883GcqUOwEh6CGyMNohphEsPxznzZ9Xx
+xvhchl8cFmxj6x9woYEb40hRQp4gUO7f+nW1DfpssYKIlbAca7jlly2gAX0mzvL8
+z/TjSVvbsw34b5UNS5LZmCrfVLkSEscQbvWM/cECgnIJ72fxmC8NvAIZ9ZNSLpyk
+lDuEeNU+2zBQtUrt2CacNm263B0dvHrW9QSTdi1GvIjxhc3ab8OT0ZDNzo/S2eRJ
+InN77gwkYgEu1jeloBsicG4ZAAdbQU5/X4prnJIy2novnA/2C+hrmpYDhxqOT4Uk
+AhoMiyvrJF6rxPZj+R5qzc4RUzZapcXUNzH0lCwtwd19Ogfw38LUkHCtqQQpleme
+AL7FeVDXDu9oe6c5YrZihehT7p8ExKwlwiWy4u2bnoip77wOCuLo+D6eZpt64w4e
+XiHpWtmkADqhfzMgt/WUMpD/+gcBAoHBAPTa6zMClhGP6su624Rv9HSVClacXR7d
+zJNo5stnPierfcIZs8loWthR6AgGx36q9bOqtfIdFRc/PajF7oggnTcxMBZdCoU8
+Oi3vWEH+aIzIX3KICUjRYjj1kpm9xcy7XPGc6bEit+PM1DJ1jXCTiC30uQpavNxr
+klV4+ROIt9MYsb3tQw7CO1mGNR37jAEUqbJ7sK2OnvmjZPJlwJs0AyN1j7ZUihDO
+VT5UhjwB4KUH6BEirXTkoaDxZwsRfR5SaQKBwQDMmFm2M8J9AOxgrYTY80YIRQpy
+vrcX7Xrzn4Lu8M8Xr6RlS5bbXApAH7WtRHGlIj14lItmvZpRSOTzawtn65AzeIUF
+82/EMxLJaGjMBviTyNy+ta9wn8Qdy5c2ZZ5dKgsQ4PprSkAvNOnpd1wG48pbGg7/
+n3tVs9zdD2wa35KVjoyueu9Ls9BbND8v7OYmkmSNqFlA5KuLIeQkuLNxjxQsV5Vg
+S8pyg1jlYs7KmYs9GIFHAVEf5LG6a/3huWfuR4UCgcAGWfdn51VFN1p71mkDUnQg
+4gzWmk/AETjRShNSi2cNWGF2u3vyaYaRve4q5yIdowmkk3UMxrxZUgajbh714QKy
+/8+jhN5U/m7z6hV8AMFthXUUX3r+LJBDsfsPieCrouCSU+Or+J6Uhieq92mn1eve
+ZU63egsUHKY7GVw8qXs7OpTBvHnU1Cz98YFHOdMz4/lS6+p1VhHBn/9qWkFYxUyf
+itkjfaXnMbL8XuzseY/+N+pJJ4EgWx3mMtzdaKK6OqECgcAttOdt1fhgFsG4A2vH
+T+nYVRw1cDfVJ5+tJ3iHytJpFzshyhZEoTZFBxB+SekdnB2hf4X5COiduiwz2Tku
+GSkY5pbJMo5IhaRvzFyFIBWOZnQyQsKT5Y1Znq8EXwVXCNp6BdjL+UWHhkmvd5Pe
+kisV2Sd6ofVauxjfZd+fzUyhDryNCjfFcMFebrijC0iLW28NWou9/Jf6ODMQpRap
+iu5Vzac4YRY0KPXGISHTjyPVHVFcPIYUGvI9lHyeXd5DFEUCgcA9s3ei/H000sC6
+3q5iELW8kxFCpwvu7uKCFfakAqQn8nponHEUgRS7eLjzS1NB0qysIiOMtZPAVMCz
+puETLsi9PxD8de4RyEyZC2yd973j+TqFQmPyiWF3QNW55zM2iELW5sGeEVk/Z15c
+nlItcy7KOJOJU0TAKvUUjr4ug5N7sVSN1aeF4tiaFz0GFIqV3qAkcTMfpaOKfuSc
+huiHBdBaY7m4uNK4/ZOi1JitocO7wpRsX/eRJ4AuNrro8EHHAe0=
+-----END RSA PRIVATE KEY-----
diff --git a/testing/hosts/winnetou/etc/openssl/sha3-rsa/daveCert.pem b/testing/hosts/winnetou/etc/openssl/sha3-rsa/daveCert.pem
new file mode 100644
index 000000000..c5c769cb5
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/sha3-rsa/daveCert.pem
@@ -0,0 +1,28 @@
+-----BEGIN CERTIFICATE-----
+MIIEszCCAxugAwIBAgIBBDANBglghkgBZQMEAw4FADBXMQswCQYDVQQGEwJDSDEb
+MBkGA1UEChMSc3Ryb25nU3dhbiBQcm9qZWN0MQ4wDAYDVQQLEwVTSEEtMzEbMBkG
+A1UEAxMSc3Ryb25nU3dhbiBSb290IENBMB4XDTE2MDkyMjEwMzcwN1oXDTI2MDky
+MjEwMzcwN1owWDELMAkGA1UEBhMCQ0gxGzAZBgNVBAoTEnN0cm9uZ1N3YW4gUHJv
+amVjdDEOMAwGA1UECxMFU0hBLTMxHDAaBgNVBAMME2RhdmVAc3Ryb25nc3dhbi5v
+cmcwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDa0Mg8XicEZYIYmuet
+XWekjDifPbi7WyIOUPV5LajXuxhMGd/NAaRrJb13D+GHLdsY2uwaa7Cv+VMyfWDc
+qD5RDQw0hYY+zdRYt4Hk4GNDiZZOYcqXQCi/ZCcU7k9Prd/nurBk4FcwsnMh06UE
+mS7mTEG7SphP8WxfjQpHRBLOXlq3tAfm0nzV4Ee5VosQmuDmFiSpoOW0a+KxR5Sj
+OjmyKMx828lRvBhC0vtRCsAzIUMAeoeTH9Fo6Q4/nwV2bNOKGpFcs5tVWs4xarql
+MBEKyx0OFwD/LZC1xDN+0JsgP3/6EzHzJHIPQVs9wMLoK+vFXNRPKoE2Nb1mesN8
+jGuqJGdrsWeN+r2ANjFi0NcaO/HU90inVmCKKJDQEtZBXzD66MqAznbDLxgx2cJM
+N1whWat6jTZqa7i3FffB/1gB4a1DmA1CQlKihkSPA6epWGKo0MSPEOCgSywAn9VC
+1LCPftSDUAVn1sHbH5g20Llv8yPRjiiTuY74G60OJPOTDncCAwEAAaOBiDCBhTAf
+BgNVHSMEGDAWgBTkyc2M8ohtHacu1155MaVmVTXOAjAeBgNVHREEFzAVgRNkYXZl
+QHN0cm9uZ3N3YW4ub3JnMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9jcmwuc3Ry
+b25nc3dhbi5vcmcvc3Ryb25nc3dhbi1zaGEzLXJzYS5jcmwwDQYJYIZIAWUDBAMO
+BQADggGBAISXAxemOSUmXqkf7cgTQHpreMH1Y9LPJxZUUq5GVErmPzhLaZDSqZSy
+ZXcu3EWPA0RElaYBd9CSgFx0I89tw41dIYOLDyLnrEDHmcsgcJl74YYBSzebB/TJ
+OGXtV3S9M9OF1vSdugaXI1hDXck7cODUR6nyZAWOp5kBSItAH5bglCRtaQlAuSxM
+wRWYhBErUR5tZvu0loCN+11hVg/ddQ3r+FeHUt35KNenxkd6hWlHljbPv/eTtqgc
+/5VGEC96I2rD6WNcszj/SKK40zA9GuF1mIwNKEdcYnPRxoszlD6C7cdGJZ8VpJLc
+d7sO0QJur5HNtj6oUbM3HuHAaZBjg7uh5GDj+RehhKCybYyJQ1fu4iRaNYKdPwZh
+/F6hBRLytkt1qjJhngmBmQU4Ent8GL0Zn6Q8/HvbTP/xw4VXkY9JHdMIkzH8zokd
+TVjkunPPt+zdzeMq4hOewYR8HfiKcAnNUG7eO6PnUvC2NKsqX8a7/z0OV68XybZs
+gjC1FqvMvg==
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/sha3-rsa/daveKey.pem b/testing/hosts/winnetou/etc/openssl/sha3-rsa/daveKey.pem
new file mode 100644
index 000000000..85ad0d826
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/sha3-rsa/daveKey.pem
@@ -0,0 +1,39 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIG5QIBAAKCAYEA2tDIPF4nBGWCGJrnrV1npIw4nz24u1siDlD1eS2o17sYTBnf
+zQGkayW9dw/hhy3bGNrsGmuwr/lTMn1g3Kg+UQ0MNIWGPs3UWLeB5OBjQ4mWTmHK
+l0Aov2QnFO5PT63f57qwZOBXMLJzIdOlBJku5kxBu0qYT/FsX40KR0QSzl5at7QH
+5tJ81eBHuVaLEJrg5hYkqaDltGvisUeUozo5sijMfNvJUbwYQtL7UQrAMyFDAHqH
+kx/RaOkOP58FdmzTihqRXLObVVrOMWq6pTARCssdDhcA/y2QtcQzftCbID9/+hMx
+8yRyD0FbPcDC6CvrxVzUTyqBNjW9ZnrDfIxrqiRna7Fnjfq9gDYxYtDXGjvx1PdI
+p1ZgiiiQ0BLWQV8w+ujKgM52wy8YMdnCTDdcIVmreo02amu4txX3wf9YAeGtQ5gN
+QkJSooZEjwOnqVhiqNDEjxDgoEssAJ/VQtSwj37Ug1AFZ9bB2x+YNtC5b/Mj0Y4o
+k7mO+ButDiTzkw53AgMBAAECggGACY1lwGTn1SRNSp+wj3vtY1yPuDvsjZlL4k4c
+eT7KCSjsxZ23jG6O6/KI0+LImKsiznH4LqsW2ofK3wBkMx3RIp6sMrrFgoZfx8Oz
+EvfMvY0LF77jJjkxzjEkF6DTq4nOpYIb4zt78u9HYWmo4YuCZaFcmT2Haq4CaiVx
+Fm1dWM77rNtaIPR9aKTS3L9vcLkiKkk7LoCMppSzH8QdNAb9r85iJu09W6kXcgtd
+10rd2x2PnDy9IGoaLTdHXPWnOmVDviFgCp9zxBk4g/SWDR2AdHOgg3D2mvOmFkVK
+SLxr8RKhzzQfbRQuV4F3so9QVfkKyH8xsOpjAqjQwJC1LIWMJipzmc8o/AnUw0Rj
+UvU1sDYV8MHimgoftG000vB72hws8tv/XQHl13Tig8y46lSOYxavBJZuHjPPhkQF
+YlsfyUV5B11EmlyZ+KsNCHj9vXGRL6bw3Hu1UeG5cnXBXNkPq7ssNpgwdJrpqcW3
+8KWtl7w/b68ZLwyMpxKbmUNIyNkJAoHBAP9KBnqa91RA8gg0/Kp91NLiNXT9ibN3
+cQ6Y6HXuCWrKIKVKMmxRkhM9lMzOVfVVw5ydWZ3B5tzMiIfVCnyzs357vxBGsQEk
+TQ9I/kdFuR1gSMZVbXSH1Cbf/Ealg7j/w5/3WpQSaszUN2dmkJ64I3iEWELjT/VV
+RaxEhdNmZiRieOglkpvt+4X2Cr5oKXUofb11QX8bBmPnZklWUTuEfQu2KFc7T2im
+2ZonJKdxRMMFcnHqS3StX8OYqK8qqTC9hQKBwQDbbMIAp2omxd+iiN4hCIgZ1mK3
+HzBBwam6A/ZLqbByB4Ch1TNRK959xtJW6FLibZPYCi12b1ILwjOVO7aQHKnhKItX
+rhwAdhaBd3tJTxu2jDB0Bx1UkKbTDQ3bipnLY+VX/r/rMKbRsWgzejLs/CjafOj7
+OaFSpQOiQfOkpGKpwTab2H0CYqCMxK/4VYBP/NWwM0o0gaL5dJCjZ5i72CnHtmx7
+3D69TCieFY7RiDyf4Pix0tonwD5FfVHfH1SpjssCgcEAxJIcYQW4EhEcDIO4VhMj
+7+msndOn1x/OVx4YSM4sRCU1c/Co2M0KfHQ7gmQSviD2yT5DxfyLJlL7ghPhylmY
+iXkBiqfUHXv1NiLPYNPoER2Vi9o1uLfp/LEVkNRbk/SkjiUpgsCXqfZyXtUT4JML
+BP5q874SUGcDif0NStUbK0MDtEVSGWzq8qCcbzbHTWYLQ/non9WQWxbPpQKo8/o1
+SvJNJ7YMlBl9jnw7dg76kmw8TkjJJyNkjLickpx3wIb9AoHBAIx01s6SW9nL6fZh
+xEbC7lQTrobn2P0OmbWv2ZXfXknv0YBGOB4qhbZfcb8d4gh8+hldknJwmcVbH6fU
+XG1tW7T8Pg33LoeBD7D6KZnooKW+oTl0YGsEWTVZ8tfopb/TBzjHolRLhU1PUZM6
+EqUuWHxbXsuJvWForaXMr8hhTaK6QlmKP6MqPPk+4iGFoagSATtT6Zkorokd+4QN
+yW/c1Am6FUFH34VO3eUriYtIuP3ihW9WuDyfy3yx1pmLtab/9wKBwQDbBXYm9ugE
+wRSIxCywJ+aPNRQKanCKORwQMNJZ80rrXIs7saomY4Os+utJpOhoksTJB7mAn3ij
+kopmXn6NOsXdOlp9Ty55YRylGmOIQpsO7kSfylE1NFioHqksuQndbUwZFbskI0cN
+egyoihqnbfoLyxGu1/M521IseW3AwFIc0gAGdQ7i4ZXVlXOXWvdZFxnpd6PAfFMb
+J9mOicxHQ6Yv5b30RUvSIN+LHnUNGGk9XAxCH/jKtU7886jD6f34ru8=
+-----END RSA PRIVATE KEY-----
diff --git a/testing/hosts/winnetou/etc/openssl/sha3-rsa/moonCert.pem b/testing/hosts/winnetou/etc/openssl/sha3-rsa/moonCert.pem
new file mode 100644
index 000000000..bea7e81f8
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/sha3-rsa/moonCert.pem
@@ -0,0 +1,28 @@
+-----BEGIN CERTIFICATE-----
+MIIEyDCCAzCgAwIBAgIBAjANBglghkgBZQMEAw4FADBXMQswCQYDVQQGEwJDSDEb
+MBkGA1UEChMSc3Ryb25nU3dhbiBQcm9qZWN0MQ4wDAYDVQQLEwVTSEEtMzEbMBkG
+A1UEAxMSc3Ryb25nU3dhbiBSb290IENBMB4XDTE2MDkyMjEwMzU0N1oXDTI2MDky
+MjEwMzU0N1owWDELMAkGA1UEBhMCQ0gxGzAZBgNVBAoTEnN0cm9uZ1N3YW4gUHJv
+amVjdDEOMAwGA1UECxMFU0hBLTMxHDAaBgNVBAMTE21vb24uc3Ryb25nc3dhbi5v
+cmcwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCcPfHpuwuPBQ/0FTT6
+ENKjbxcGfVozz5Q7mfleee5DwIMH4yqkQeA297vUUEPwap/Z2Frmt9HHkeFdvDoF
+kwJN1SzmjEexo6XksbCnxbgbUFLGh9VPvLN+eZb/6U8RHbMmdds6VV9bxSgRuwB9
+ekKv950m8G7XSSTVUeOucwkgMaU1zg1F7ToNxhJv/sCBE3q6Y9Cv65HOfmMVcnJE
+6PHTSAfz0bNkho1yLKJjBoJkUF24HK1SFovxEowD4zFasHUgJCATuEhNle8kmDZS
+4R763eVcxJ8qhkfJTaxMG1y1dqfqt/9eYLQ7cF/tFPCgWYO8mUCmB+kvVAh7yAfW
+GL826RNiySb7NZg+QkDNzALIybKFkVi/SvSnJstYjWFnzF5OvsxJu0iay/GXybHA
+bvBG1ZLkEp3SSR7+CisIQjwBhmPfc0AbnyJfj7PvjnPhQ01MODVueMHZ9PDhzQAP
+tM4hTvpmySEYqPgntkzN5DlhcswVGamqfSn2htKpfCDrZ1cCAwEAAaOBnTCBmjAf
+BgNVHSMEGDAWgBTkyc2M8ohtHacu1155MaVmVTXOAjAeBgNVHREEFzAVghNtb29u
+LnN0cm9uZ3N3YW4ub3JnMBMGA1UdJQQMMAoGCCsGAQUFBwMBMEIGA1UdHwQ7MDkw
+N6A1oDOGMWh0dHA6Ly9jcmwuc3Ryb25nc3dhbi5vcmcvc3Ryb25nc3dhbi1zaGEz
+LXJzYS5jcmwwDQYJYIZIAWUDBAMOBQADggGBAAHZATrdzGmUIq+0+EdA1AbPdcaT
+UDKJvDS30JyOkUnAv5jr63PHyfw+RS92zgE2UyB4+u43BiggBNmTNCjpaEUmViAo
+tdywkzIKm7q3dr0078IZ8LU8Wo+hoeRNkBJOxdgflsSislQYDeTd7syoQ4BW7whs
+jjFK2Lbthd+/33Iw3LMekYuZF7ZUbHY7D3nlBidrmTIQQCvOnsW2lJi/S83FEYzl
+noK+of3eo4Ryg1/428FHts26PxSmnHv+ckj9R4Jf5kH8kd1WhrgDyHQMnihWlUJ2
+pintDBgislbZytqiBOGeYpbpxKl57zHs421wmUs329asu7zgfJFnCynkUgvuRXdc
+gDJ+DAiVaXCJlYnk36P87028SR9/C0JLzHA3O5CcfUdFEUs0BvVe1D3b9kC28rdA
+5V86DFCL+gp6rB+wDtq6YnCddaNk+ZCs/QAPidqOFAytaBBKaagMIFk+wlsFge79
+ZssIfKy33Frluw0HCj0LNs2tjWvG4Ku8xkFO1Q==
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/sha3-rsa/moonKey.pem b/testing/hosts/winnetou/etc/openssl/sha3-rsa/moonKey.pem
new file mode 100644
index 000000000..f24b3ebf3
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/sha3-rsa/moonKey.pem
@@ -0,0 +1,39 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIG4wIBAAKCAYEAnD3x6bsLjwUP9BU0+hDSo28XBn1aM8+UO5n5XnnuQ8CDB+Mq
+pEHgNve71FBD8Gqf2dha5rfRx5HhXbw6BZMCTdUs5oxHsaOl5LGwp8W4G1BSxofV
+T7yzfnmW/+lPER2zJnXbOlVfW8UoEbsAfXpCr/edJvBu10kk1VHjrnMJIDGlNc4N
+Re06DcYSb/7AgRN6umPQr+uRzn5jFXJyROjx00gH89GzZIaNciyiYwaCZFBduByt
+UhaL8RKMA+MxWrB1ICQgE7hITZXvJJg2UuEe+t3lXMSfKoZHyU2sTBtctXan6rf/
+XmC0O3Bf7RTwoFmDvJlApgfpL1QIe8gH1hi/NukTYskm+zWYPkJAzcwCyMmyhZFY
+v0r0pybLWI1hZ8xeTr7MSbtImsvxl8mxwG7wRtWS5BKd0kke/gorCEI8AYZj33NA
+G58iX4+z745z4UNNTDg1bnjB2fTw4c0AD7TOIU76ZskhGKj4J7ZMzeQ5YXLMFRmp
+qn0p9obSqXwg62dXAgMBAAECggGAHb2g3efv5FKHXePniK5JGjkcPe0AjZo20j2V
+/UjidN0hVBAG3ut3PZ9cjqaUuB/ju7j2XLKi6QU4y/n3ZXY9Wwl4GY6cWxEWk/jK
+8rStPe3FQ+s5TItT84A7oQ0NMunfXzPR/kGf/D0ESpO5HSl3pj1RGcdsoehXbY+/
+8kYNd6Zbl2lYl3X3tgV9Hvp0NF2739z+LW5++7qNK9j0LW/WEGzGrr+9ESaXqCMc
+6hKkIWo23MQArf6Ctunb4yWNEIFEDi1r9DzMbZN/lVhDx77Q0KYLH1P31R5rOc1G
+NYXPF4F3CSfUsgd48dB2/1FCTnDJ4PmOU/R1L8jAgnSOroTAYDVzY4DJ7vyKGvIE
+DL7eKlbwOfS5swyANUKgHO6QiHt9WzcNUGpeinTa3wJ4KoAdG+lzDMuiwRFdSRRU
+z7t1ptTf2LuCAtva2daP2SPed+ITg2QB6X4BSQkqR0vPYBQIZAtFjMWH78E2PLrD
+01+LpOj8TBRerd834etDODg4ddiRAoHBAMiYg7hWfChw3SdnmAmkhDAZN80pvsUU
+bzzAiQ5EI59JYMoi/amYyLd6hUK4Z8g4gcdXzBYw9iwJuj8LMpPBZlplAxVnFdId
+23I+GNDmcX2ovOpl6skKy1grNhBigxRUQUGsS9oxrYeuy2VymDzeZPCQmrrhsXk/
+Mac237nncJj2n8I5RtDOoSOFD0+grs7MXs4P+W2HHzWgkN7mBgKeFfUPLI3Kyy3p
+F7tXegtJqIJsXlfZ/fzR40QTy7/VbwAW/wKBwQDHZVDYtYe4YoHKdwtAqs/J08QA
+29fGkM4ZawLNTY4jz9rdtOuBWg0FPAo82x21xlbRQLsaTKzy9O6a3cQ5oaKtKCh/
+XmKCssrnzJsYZYnhkP4f4VXK8nai/9LFo8TWhB8hNy62GGmfXffsqhAIqIqZA02F
+/mOfR6Wrqs7yfzYnJnVsjbR1B2zSiNAYKtk1VtQdGjuagSn/dEyhSCaQRXotXUKX
+SJDzPf/H2mj97Cg+3bCtdE/h//N1/cmV/5QEx6kCgcEAh1ua7oW1bBiUsuVNi5wu
+8sHhjJiRuS0LzsPg9/Z0zyRVorCv2IRXVK/hQl9q8Ilo0VnmRkctphO+UJI+w8Nq
+TK8CwKt55vnsvY83cac+h9uX9tdk8dpN0qX96lp/NvWPv0ADQy3oebkyWLdWESTE
+miwJrPdkqXtCByKZHzoUGbO5o/bAWWBFDdHYvhOgQb1Yb9YJqqXWInrBpxcykQuZ
+p25g0yE3rzgtomXp3boLck6r7r4TjEkZATQWddERAM+DAoHAEW4w6BDOYXbzA6Du
+ceO8sFb7vlt5fFkyOxSYtRu/fi/wYQssvy0BEGEUQAejjD1fX4F6Ga10PPTeWtli
+CuuvTdXB3IiCsgwxIpxHPpW5vOcw39aR6mDRsCQO58oOLfZ0xjGNustdiFntj1m6
+dxdMrl2UjE8VpFneCKiw2I/4SunYv/mPOd/BSpI9Jq+wNzJ07mpZpYL/Cd6/yCWH
+gXshWA/b/1+PlEPqNS1JmlDnn78/b5pIVWhLfxgFZEBoTxapAoHAY/58nLcWpvpY
+3IZC0fBuR7usTACbxr9Z4okHzJUNnoJe+MSE+wQwuE3nP+vc1CrmBSwCjN2wyVLc
+gy3idN77NthU9l0oElrPbGFKdFEaa85IcKtnfnspzmvo9AJn2wveZUAlZAzu2zBN
+vKI8ubXgoS56uHQnNsWOIugTW/P1I8FnlD4jPItaACGJ3yZWolh9g/WOGS29qJvV
+E/6hT4QPPXPZFEnOKO0/3YsMXBwcnEqm2mQ+c4rGMKrTcynk4KaE
+-----END RSA PRIVATE KEY-----
diff --git a/testing/hosts/winnetou/etc/openssl/sha3-rsa/strongswanCert.pem b/testing/hosts/winnetou/etc/openssl/sha3-rsa/strongswanCert.pem
new file mode 100644
index 000000000..29ad5b942
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/sha3-rsa/strongswanCert.pem
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEazCCAtOgAwIBAgIBADANBglghkgBZQMEAw4FADBXMQswCQYDVQQGEwJDSDEb
+MBkGA1UEChMSc3Ryb25nU3dhbiBQcm9qZWN0MQ4wDAYDVQQLEwVTSEEtMzEbMBkG
+A1UEAxMSc3Ryb25nU3dhbiBSb290IENBMB4XDTE2MDkyMjA5NDA1NVoXDTMxMDky
+MjA5NDA1NVowVzELMAkGA1UEBhMCQ0gxGzAZBgNVBAoTEnN0cm9uZ1N3YW4gUHJv
+amVjdDEOMAwGA1UECxMFU0hBLTMxGzAZBgNVBAMTEnN0cm9uZ1N3YW4gUm9vdCBD
+QTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAJpHGoOCJSiZoJhPXHqF
+XWvrY8zyGwlUCiwphOobq4nhqo2EchTuKdPvCckxtXp/pF5IJsXpptbMmNUmgN7K
+VMI/zmI9estFUZg8hn5LSMAbnm102W3xLzM6FRJWMcwe2gajg/NCww02mPsohONC
+R4nNMUgYOZdesPDmtYUKk3sr5ZNdpBL6hESBMzFYmYLBzaoeseuzra7U850tF9JU
+YfpJStBXNDz8iVPCqOkgKf1hFrPNNxtmsBW68V2ARmYNzqnaP3nLs/U43zZQiT6t
+b+zcAE1h6RGgVXjF1b1KG64J153n0YELrC2TpaF2JAGQVvzQgxoZbgiWCKt0m7wx
+Qb7P3euy8MxsMGmqHDMtztrg6AAzRKoJN56qHqdP2qExc32uu/BwfmbFv7MLxKQw
+g0VykfWBSNyx/2HMDHw79idgFpzHr2nj4CDqB6QLWtRMCWtlT8R7rlz5JlcsJY1U
+7Rlwokje9Ctj/5gToXctnLbo+j2506GLtbhxNOaH1s7GswIDAQABo0IwQDAPBgNV
+HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQU5MnNjPKIbR2n
+LtdeeTGlZlU1zgIwDQYJYIZIAWUDBAMOBQADggGBAF+Q4zABKa1ZWohHqsTgru6v
+4ru0Pnfbmg3vhlc5ur93Sd0C+fX+e+78n+0QpUNa0N9Vw54r/aF4ki0ceL4Dl4w0
+aXcDa2ozl/hksSeKwIp14W/NHTAjzP2aNpN5/dqd1DM+vojJhlcArepuVVH+NIKt
+YYUXwvsjJN9OAAKkMCbnda8gOnKMGJkVIUOTz2DOyzqd5iQ3h3zxzluP4KIya5/k
+FZV0wXy8v7phLGgbPJ5DtGuTCjao7+nF6lLkJ+/l3vPC1luB4/UbMGML4GxVwVIM
+riCepPT1I9CNuHy2qKpsEmCv8zb5pxXrxv0uIYn8MZx7VCnLuD61AOqIExTYvxv2
+Z3JbOuOsgHJeMKJbhY8r8HkktNLOeLrOW2KSilNpE915EFN0exGMC3zG4IgzRc9u
+kGGDVV9BsTkAYjQrWBuuWqxy8TCRPNpe6hnVJIQLLjE9M1V/PW3MD5ObndgT8jA3
+sMMwCxo+S11MZIcKCgnCCcGhgTLT7rFpC0hwRa6dkA==
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/sha3-rsa/strongswanKey.pem b/testing/hosts/winnetou/etc/openssl/sha3-rsa/strongswanKey.pem
new file mode 100644
index 000000000..acf3199c7
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/sha3-rsa/strongswanKey.pem
@@ -0,0 +1,39 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIG4wIBAAKCAYEAmkcag4IlKJmgmE9ceoVda+tjzPIbCVQKLCmE6hurieGqjYRy
+FO4p0+8JyTG1en+kXkgmxemm1syY1SaA3spUwj/OYj16y0VRmDyGfktIwBuebXTZ
+bfEvMzoVElYxzB7aBqOD80LDDTaY+yiE40JHic0xSBg5l16w8Oa1hQqTeyvlk12k
+EvqERIEzMViZgsHNqh6x67OtrtTznS0X0lRh+klK0Fc0PPyJU8Ko6SAp/WEWs803
+G2awFbrxXYBGZg3Oqdo/ecuz9TjfNlCJPq1v7NwATWHpEaBVeMXVvUobrgnXnefR
+gQusLZOloXYkAZBW/NCDGhluCJYIq3SbvDFBvs/d67LwzGwwaaocMy3O2uDoADNE
+qgk3nqoep0/aoTFzfa678HB+ZsW/swvEpDCDRXKR9YFI3LH/YcwMfDv2J2AWnMev
+aePgIOoHpAta1EwJa2VPxHuuXPkmVywljVTtGXCiSN70K2P/mBOhdy2ctuj6PbnT
+oYu1uHE05ofWzsazAgMBAAECggGATQJoHDP3K2yAKvcWYPw4VVni79b8IuxlxYSW
+GavlNQbFtS1jKsp1a5p65oifH34ehId8fzcx9i+brG4zTsJti6cA9K3eoR/Ban3v
+3pPixS4kJ1v3+ra1CluYUBZhdhQCXeT6RQ/SwEI8G8auiqg3gHRCAMxC1ynHpgBr
+pHTSiF2xk51e/LA7HNznOl8RBaGK8TuwMUj3zfjzf8YWCYHghGhYZWXaKAUg4YQd
+/3x0KUvw4qBxvQZFqBswRy10NpX2CAe/ha+AFSK5KlcjXBybvllOnrE8wnInfcC2
+Aef0kbGsMvulRuiNDR+HWIava1vHhYHqQ6rFIiOqN8Eq2bREuZFQrvbZJleztSOv
+n23uiRr0E1LpHCC8lnsa4nLOP7T7k+P0q+/vDyef+ZXCEI7enFyLeyaeYWPdgnZX
+1xGVtn079t6OkoU60GuDOmfZaix4Sx7WfDHD70iTImAgW+ysqgI9JHCwC4wEJAE5
+azkUZOiCszv3QEBddAuuRvpHCxsxAoHBAMqAju3lV7VylfC+DPaQp2vgbxYkPeLi
++nLiA4f3KQ4yGrKul6tQGnV/L1i48RPTVFq0nz4dZ/FQ84J3DLhb8QajoReJtpEm
+rzxzvKDgg8gf66BQVUCxJHzfOLDAUylqrHZ8hPbFT+JEg6A8N4cI7TfuqdG2FPZf
+jHzQEcz3ZpV0UM+z6JWQCxGaphvf4OH4GHZbl+cIl7Ifsauv07DrAELZfFX5Y6Au
+3QGgzPDfUyiqHT/Qr1ChmE11gR8tSfvIgwKBwQDDCRMeAIXaN27YcWnMvlGSbeT0
+5bTTeqvBc0bEuBO7pBckU9mmq+AeHL7fiVf1auHnmZrXuyTdjel0ivUChIR1h8hN
+/QkwAgFWGP6JwYukK+yLl5J0sDY6TPKa1hgeVzv3PVqYDGfrxNWYwh4YQKFg4Ba0
+OoA5zYB9HgyWEPsLiKixeft2lVBFeMndwcNLgyUfEVnnYNCg7jasMBjwEzq/ZXd+
+Qj4Im2fB25VHe4qW9cOmoaXnqBDi03X/u3IJ0hECgcAb8R9HvjSbCeOco2zAfPdN
+EFvjrz6G1xD91yfrk/QrTEiYzTSKY/QysEkFMge515g1J+UtOfuEtcnT/79WlQEu
+DFgHGm6BmtflPIcTn8cvTxBBP7Rzx72kKVz2LqOK/HgtpULnlhROwWt0KbrzvAyX
+giwWjsxXrpmBA2jhYmXaS4F3F3kJYiXU2QUApaSvKX+enUbZjzr3Th5C9XD9YX/Y
+uY/JgS75BF5kgh6lQfuEieydSJtYQeP1FDir56DkyCcCgcAVt/L7Ck/dhwK+85I2
+jJME3Vv7sYC7dBOgTTf6PA1mfdVd5EB+gPFKKSVQOzkiSS6y3bYSg/KNAXqX0cmK
+6Drf46j4lk7pm6+OaOYfbQAh3gpPWSej+uNvBpaVi3XQGyLAW4K1H9yKsraedi9n
+v/q4kPu2QjV5Olsuk6QPKgDqveMbMFxCTkpMEjFYknUu+YGuvf3m+C8DXMOV1R1R
+zrJiEeiGlNXXm4aoXc130lgSi3eoHKQe8eY/fBDN04/VbCECgcEAtXL9CAd7L7rD
+yIdFrEt36FhQF8PovFb4pokhZ/sI0uN0kCcwl5OCmeqaiq5ecxHTb9ACVWbe5YIC
+J1cGvNd1k0yJieXk7DUuguCIJ/PpaTEuaLEaZtdtcqrGsljgFgkrKXhIL0SfVMda
+CTgHD+CawFG5ZV7m7RpuQg5Q5Lz0/1tMgvbMSZOWZnolwXLKmLZ2VGEJYoHY+7ua
+DMVScCE8kdgXXxxKodQz0x4fVPArKULS+dt1QSK3SPoI1JpZdgkl
+-----END RSA PRIVATE KEY-----
diff --git a/testing/hosts/winnetou/etc/openssl/sha3-rsa/sunCert.pem b/testing/hosts/winnetou/etc/openssl/sha3-rsa/sunCert.pem
new file mode 100644
index 000000000..f1c086ee9
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/sha3-rsa/sunCert.pem
@@ -0,0 +1,28 @@
+-----BEGIN CERTIFICATE-----
+MIIExjCCAy6gAwIBAgIBATANBglghkgBZQMEAw4FADBXMQswCQYDVQQGEwJDSDEb
+MBkGA1UEChMSc3Ryb25nU3dhbiBQcm9qZWN0MQ4wDAYDVQQLEwVTSEEtMzEbMBkG
+A1UEAxMSc3Ryb25nU3dhbiBSb290IENBMB4XDTE2MDkyMjEwMzUzMFoXDTI2MDky
+MjEwMzUzMFowVzELMAkGA1UEBhMCQ0gxGzAZBgNVBAoTEnN0cm9uZ1N3YW4gUHJv
+amVjdDEOMAwGA1UECxMFU0hBLTMxGzAZBgNVBAMTEnN1bi5zdHJvbmdzd2FuLm9y
+ZzCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALqBhFVeobbsy2Xe6HmR
+2M5zGwS33zs9pfrdF6h01AOOHjOeymWTAwHHNIGb2VlRTQ5jlqV6cW0kKMwPA4G/
+W/QWJDVhyltda8Eh6uZs5owTBN/eKQ783Vd7TJkhq4UtNBMhVly56aq75DU7YiJu
+pzR4na6jOIsW14nmzow4t2dbyCRzrjIlAXvCr2e6fKuDKUQA6RAeeuTVnfuf2MuA
+xAnqQXJkJ/vT5/+hb3WH6HQYp/UMjvu8bIEJZ8elyNR3ojHQehBPK+ADlW2VrHhC
+ZFKP2YbEJObSGCmQdfL6P/J5wB5+q3s/m3pZqOJf94XLUZ/LdPC6e00cZyFMBi/G
+/AcbQJEfU9PXbsBNSkbeIfz7AkcdR1ijfYPyrDovGT6wYs/oaB4SL/qb0OHIhLgt
+WX+gHpRFJyP0YekbiJBI7orDZOsy+hYvSdkVg012ObyXVE25kIaEKW5l98lnSci5
+/by2ivyA4WoLmDrolBymOe41l2cFv2w92ucItPCSwm9GoQIDAQABo4GcMIGZMB8G
+A1UdIwQYMBaAFOTJzYzyiG0dpy7XXnkxpWZVNc4CMB0GA1UdEQQWMBSCEnN1bi5z
+dHJvbmdzd2FuLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATBCBgNVHR8EOzA5MDeg
+NaAzhjFodHRwOi8vY3JsLnN0cm9uZ3N3YW4ub3JnL3N0cm9uZ3N3YW4tc2hhMy1y
+c2EuY3JsMA0GCWCGSAFlAwQDDgUAA4IBgQACXiUqwisoOZUH3CPfi+aGaluK3mO7
+nj/gX5X9oE2JC3haWjbnC9fsKai72U8makp12xCpWjHsuiytVlXiiSCRxBGAaFm0
+cy2AI4Ttj+4+GAaI4BkqYBTApdSSXXUH3X4Lwb4LReX+16TsJ4E+d2U/j70gyGRK
+F/KgkKj/Bi4F//4/uXHPbgp2istKmkQ4wlcUb5EdM0tUiAUwYGMhdUhSryq4+7y8
+1QaPGg0Zv3nvGgoj332BOczflmNzoonXcihZk97iMRc/TvBOoizvuH9COCSbw/AB
+hnVG1lyTQjBAcE2U4MP5yUVuIqBgPnKtbyN3gf30Iq3g/ThVekchrYGO3PWMWAzS
+ecfr2yN11BC6nDca039Yub41AuzQqBQR1gY5sHouXNTx4Bs0g4xk+3rGa8MMgI0+
+jXhDVAorQFYuACDuto6skRtkcmXJ/1psvVEv5dcKAHdZCNKkgtXe2XoVvrjNxnPw
+MTVros8o+8Bz2R4qArLjwrZtvYI+czZx6dk=
+-----END CERTIFICATE-----
diff --git a/testing/hosts/winnetou/etc/openssl/sha3-rsa/sunKey.pem b/testing/hosts/winnetou/etc/openssl/sha3-rsa/sunKey.pem
new file mode 100644
index 000000000..a694bbb8f
--- /dev/null
+++ b/testing/hosts/winnetou/etc/openssl/sha3-rsa/sunKey.pem
@@ -0,0 +1,39 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIG4wIBAAKCAYEAuoGEVV6htuzLZd7oeZHYznMbBLffOz2l+t0XqHTUA44eM57K
+ZZMDAcc0gZvZWVFNDmOWpXpxbSQozA8Dgb9b9BYkNWHKW11rwSHq5mzmjBME394p
+DvzdV3tMmSGrhS00EyFWXLnpqrvkNTtiIm6nNHidrqM4ixbXiebOjDi3Z1vIJHOu
+MiUBe8KvZ7p8q4MpRADpEB565NWd+5/Yy4DECepBcmQn+9Pn/6FvdYfodBin9QyO
++7xsgQlnx6XI1HeiMdB6EE8r4AOVbZWseEJkUo/ZhsQk5tIYKZB18vo/8nnAHn6r
+ez+belmo4l/3hctRn8t08Lp7TRxnIUwGL8b8BxtAkR9T09duwE1KRt4h/PsCRx1H
+WKN9g/KsOi8ZPrBiz+hoHhIv+pvQ4ciEuC1Zf6AelEUnI/Rh6RuIkEjuisNk6zL6
+Fi9J2RWDTXY5vJdUTbmQhoQpbmX3yWdJyLn9vLaK/IDhaguYOuiUHKY57jWXZwW/
+bD3a5wi08JLCb0ahAgMBAAECggGALeWxq1Cee2XKqEcy7rf1otiwzXhydyG0twex
+ysL1aeqPhCSPqm+DTey3/y1bT5+yVtgrOo3nW/SKFa2cL1HoTykjv/9QzSswWVb/
+d7VVByOnD3CcqhOQZPby4rxmeV+mcQ7DMg6OcnXKs07p149jloYYR+HjCFeWs1kZ
+e2h5ufXcSxwswipZMxu2DtDV3V9pyFJxCIZ3t9jaCBJOR8ZoeAguEviS3mZHsaEI
+zOOlUOzAaI2uokS8bwThhUBHLAJEe5hglKtu5N1QGUo5x62wIK1+4McKqX5cphvW
+63N5P7yB30hfc1xM9VP/fi5UzmgccNmHl3ErJX6EbHbVNUv0a/wI6cp+s/DQRZMc
+Injr5BJIIFbzmqYST+UxEwtxUL7uV1s/eTXwsFxfQPJnx8rWbeyvGJHU6VykWJ2n
+vHmOItgaw4Lm0iw5XH2g0QC7nYFW6qC5sk7LIS3xUzN73JWjV2Z1E5nLfKxZ9sXz
+aA8WNrMSHUM/KkFaUri1xoH6gdABAoHBAPfA/gcZaoMemP06BIWKwgb/91GRsvc+
+slrmyZy+nq2bQaJw8oYyUmgWfh9X8pD6eVQN7jJBuA3BMg3L4Vn/R65rcwwYKA20
+pHgZF2MbwRlbBDtFQJe8kmwFu+TkHpGcoo94V6MdpbqoRKwQs66WOcjp4vzRLOL0
+ueynDrAPxpOaNIsr66s7xjd01VwEXYlfOfNBpOF/+3vN+O++k45/rnlEWgLeq6ie
+1xkv9vZp4FuNf6gnBXcNhu8aDJvJEMfxnQKBwQDAtqgE9K7Rhq9ht8w8P+QZUGYL
+c8mL4IGsPgmucuuheeWpmvLuAhsTxWBQhrO8/eEK4je+li6R/x0HYqgytsnOxlQH
+xH8ZsvouPtacUF9pv8x7GLnGlvdxdQzmnjYqR5MzFEX/L8+8skiyY95V/kNiWE/T
+X/Q8JgqyQ7VlykHtaToYchEhgY2m2Zxw6YhrI/ghtlP6NwOJDYsFxe7cfVvBQj9K
+qtwAidr8pKSLyJFaot+dAdSqAYZxiO90aSt/i9UCgcEAjzv7YR1Xj+CjsFrXfGFB
+VYysbnMelYSg1p7w1nb6BAJrir9j5yO2ssi2N+a/rQOyG19GY7XM897K0mEZss88
+oOEsDUT1+x6Bq5FODRVhqQgOxTl/Y3o46MzT2TvtVF/LN8jqWbptMyHPOe8aAoiF
+dduKSIGiQsAbsW7PtggY1QLk98T3pfKT4UHhjCZV8XKlbTZ5XYmBWg01q11xr4Ov
+2hojM9+KPJ1AXCZ3z/RcKnH+6LdOmIqwhRF5UqOG2SGdAoHAEA+pFTCnWUMWXtiI
+pwTUJ9/xgUbXJ1dAt3A8MlPVm5GjOG13jaqTQySSEGQJmti15shPyQyPOQ/ABZuN
+VRyy2Q7idftEdIncG/qUvFZefVvE2QWIhiqS2NvehWHuNbvdYsZvxwLfF2TsdiGo
+qBYW251smbtHibPJ9G18Ms2WjQjWFK99CgPYIG3GggqUmglXZsfhW9s16jg8u/Bx
+JeM0wHia+cgfqdPTcnbuV9ARfTJR3K4IYVrbL58wBc22GF05AoHAQvhfvtieWCJ8
+ATqOBjOcUHJ2WLiOslWsYOoqXy7v2YuVt8XFWAWZmLlzcC+8Tv79lCLpOmpiseQw
+kP9Mihi+8T15AmRUUsPREeGb7wCDNbd/KixPimhnelNGPNAV+6DPonSa4WcF9jZk
+nDa51PBPWCEPB5GHdbg/E5yiWMbr63bcTQNZxlRDaljNSRPp8xprs+JT1AIZI2wq
+hEyK6IMjYIj80jB8JZIM7nNgRhzCKCo7RdR3JMb5tduOgzvEheC3
+-----END RSA PRIVATE KEY-----
diff --git a/testing/tests/swanctl/net2net-sha3-rsa-cert/description.txt b/testing/tests/swanctl/net2net-sha3-rsa-cert/description.txt
new file mode 100755
index 000000000..2db82a941
--- /dev/null
+++ b/testing/tests/swanctl/net2net-sha3-rsa-cert/description.txt
@@ -0,0 +1,8 @@
+A connection between the subnets behind the gateways <b>moon</b> and <b>sun</b> is set up.
+The authentication is based on <b>X.509 certificates</b> with signatures consisting of
+<b>RSA-encrypted SHA-3 hashes</b>.
+<p/>
+Upon the successful establishment of the IPsec tunnel, the updown script automatically
+inserts iptables-based firewall rules that let pass the tunneled traffic.
+In order to test both tunnel and firewall, client <b>alice</b> behind gateway <b>moon</b>
+pings client <b>bob</b> located behind gateway <b>sun</b>.
diff --git a/testing/tests/swanctl/net2net-sha3-rsa-cert/evaltest.dat b/testing/tests/swanctl/net2net-sha3-rsa-cert/evaltest.dat
new file mode 100755
index 000000000..1d9bd6434
--- /dev/null
+++ b/testing/tests/swanctl/net2net-sha3-rsa-cert/evaltest.dat
@@ -0,0 +1,5 @@
+moon::swanctl --list-sas --raw 2> /dev/null::gw-gw.*version=2 state=ESTABLISHED local-host=192.168.0.1 local-port=500 local-id=moon.strongswan.org remote-host=192.168.0.2 remote-port=500 remote-id=sun.strongswan.org initiator=yes.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=MODP_3072.*child-sas.*net-net.*state=INSTALLED mode=TUNNEL.*ESP.*encr-alg=AES_GCM_16 encr-keysize=128.*local-ts=\[10.1.0.0/16] remote-ts=\[10.2.0.0/16]::YES
+sun:: swanctl --list-sas --raw 2> /dev/null::gw-gw.*version=2 state=ESTABLISHED local-host=192.168.0.2 local-port=500 local-id=sun.strongswan.org remote-host=192.168.0.1 remote-port=500 remote-id=moon.strongswan.org.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=MODP_3072.*child-sas.*net-net.*state=INSTALLED mode=TUNNEL.*ESP.*encr-alg=AES_GCM_16 encr-keysize=128.*local-ts=\[10.2.0.0/16] remote-ts=\[10.1.0.0/16]::YES
+alice::ping -c 1 PH_IP_BOB::64 bytes from PH_IP_BOB: icmp_.eq=1::YES
+sun::tcpdump::IP moon.strongswan.org > sun.strongswan.org: ESP::YES
+sun::tcpdump::IP sun.strongswan.org > moon.strongswan.org: ESP::YES
diff --git a/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/moon/etc/strongswan.conf b/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/moon/etc/strongswan.conf
new file mode 100755
index 000000000..5b67bf37e
--- /dev/null
+++ b/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/moon/etc/strongswan.conf
@@ -0,0 +1,14 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+swanctl {
+  load = pem pkcs1 x509 revocation constraints pubkey openssl random 
+}
+
+charon {
+  load = random nonce sha1 sha2 sha3 aes hmac pem pkcs1 x509 revocation constraints pubkey gmp curl kernel-netlink socket-default updown vici 
+
+  start-scripts {
+    creds = /usr/local/sbin/swanctl --load-creds 
+    conns = /usr/local/sbin/swanctl --load-conns
+  } 
+}
diff --git a/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/moon/etc/swanctl/rsa/moonKey.pem b/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/moon/etc/swanctl/rsa/moonKey.pem
new file mode 100644
index 000000000..f24b3ebf3
--- /dev/null
+++ b/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/moon/etc/swanctl/rsa/moonKey.pem
@@ -0,0 +1,39 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIG4wIBAAKCAYEAnD3x6bsLjwUP9BU0+hDSo28XBn1aM8+UO5n5XnnuQ8CDB+Mq
+pEHgNve71FBD8Gqf2dha5rfRx5HhXbw6BZMCTdUs5oxHsaOl5LGwp8W4G1BSxofV
+T7yzfnmW/+lPER2zJnXbOlVfW8UoEbsAfXpCr/edJvBu10kk1VHjrnMJIDGlNc4N
+Re06DcYSb/7AgRN6umPQr+uRzn5jFXJyROjx00gH89GzZIaNciyiYwaCZFBduByt
+UhaL8RKMA+MxWrB1ICQgE7hITZXvJJg2UuEe+t3lXMSfKoZHyU2sTBtctXan6rf/
+XmC0O3Bf7RTwoFmDvJlApgfpL1QIe8gH1hi/NukTYskm+zWYPkJAzcwCyMmyhZFY
+v0r0pybLWI1hZ8xeTr7MSbtImsvxl8mxwG7wRtWS5BKd0kke/gorCEI8AYZj33NA
+G58iX4+z745z4UNNTDg1bnjB2fTw4c0AD7TOIU76ZskhGKj4J7ZMzeQ5YXLMFRmp
+qn0p9obSqXwg62dXAgMBAAECggGAHb2g3efv5FKHXePniK5JGjkcPe0AjZo20j2V
+/UjidN0hVBAG3ut3PZ9cjqaUuB/ju7j2XLKi6QU4y/n3ZXY9Wwl4GY6cWxEWk/jK
+8rStPe3FQ+s5TItT84A7oQ0NMunfXzPR/kGf/D0ESpO5HSl3pj1RGcdsoehXbY+/
+8kYNd6Zbl2lYl3X3tgV9Hvp0NF2739z+LW5++7qNK9j0LW/WEGzGrr+9ESaXqCMc
+6hKkIWo23MQArf6Ctunb4yWNEIFEDi1r9DzMbZN/lVhDx77Q0KYLH1P31R5rOc1G
+NYXPF4F3CSfUsgd48dB2/1FCTnDJ4PmOU/R1L8jAgnSOroTAYDVzY4DJ7vyKGvIE
+DL7eKlbwOfS5swyANUKgHO6QiHt9WzcNUGpeinTa3wJ4KoAdG+lzDMuiwRFdSRRU
+z7t1ptTf2LuCAtva2daP2SPed+ITg2QB6X4BSQkqR0vPYBQIZAtFjMWH78E2PLrD
+01+LpOj8TBRerd834etDODg4ddiRAoHBAMiYg7hWfChw3SdnmAmkhDAZN80pvsUU
+bzzAiQ5EI59JYMoi/amYyLd6hUK4Z8g4gcdXzBYw9iwJuj8LMpPBZlplAxVnFdId
+23I+GNDmcX2ovOpl6skKy1grNhBigxRUQUGsS9oxrYeuy2VymDzeZPCQmrrhsXk/
+Mac237nncJj2n8I5RtDOoSOFD0+grs7MXs4P+W2HHzWgkN7mBgKeFfUPLI3Kyy3p
+F7tXegtJqIJsXlfZ/fzR40QTy7/VbwAW/wKBwQDHZVDYtYe4YoHKdwtAqs/J08QA
+29fGkM4ZawLNTY4jz9rdtOuBWg0FPAo82x21xlbRQLsaTKzy9O6a3cQ5oaKtKCh/
+XmKCssrnzJsYZYnhkP4f4VXK8nai/9LFo8TWhB8hNy62GGmfXffsqhAIqIqZA02F
+/mOfR6Wrqs7yfzYnJnVsjbR1B2zSiNAYKtk1VtQdGjuagSn/dEyhSCaQRXotXUKX
+SJDzPf/H2mj97Cg+3bCtdE/h//N1/cmV/5QEx6kCgcEAh1ua7oW1bBiUsuVNi5wu
+8sHhjJiRuS0LzsPg9/Z0zyRVorCv2IRXVK/hQl9q8Ilo0VnmRkctphO+UJI+w8Nq
+TK8CwKt55vnsvY83cac+h9uX9tdk8dpN0qX96lp/NvWPv0ADQy3oebkyWLdWESTE
+miwJrPdkqXtCByKZHzoUGbO5o/bAWWBFDdHYvhOgQb1Yb9YJqqXWInrBpxcykQuZ
+p25g0yE3rzgtomXp3boLck6r7r4TjEkZATQWddERAM+DAoHAEW4w6BDOYXbzA6Du
+ceO8sFb7vlt5fFkyOxSYtRu/fi/wYQssvy0BEGEUQAejjD1fX4F6Ga10PPTeWtli
+CuuvTdXB3IiCsgwxIpxHPpW5vOcw39aR6mDRsCQO58oOLfZ0xjGNustdiFntj1m6
+dxdMrl2UjE8VpFneCKiw2I/4SunYv/mPOd/BSpI9Jq+wNzJ07mpZpYL/Cd6/yCWH
+gXshWA/b/1+PlEPqNS1JmlDnn78/b5pIVWhLfxgFZEBoTxapAoHAY/58nLcWpvpY
+3IZC0fBuR7usTACbxr9Z4okHzJUNnoJe+MSE+wQwuE3nP+vc1CrmBSwCjN2wyVLc
+gy3idN77NthU9l0oElrPbGFKdFEaa85IcKtnfnspzmvo9AJn2wveZUAlZAzu2zBN
+vKI8ubXgoS56uHQnNsWOIugTW/P1I8FnlD4jPItaACGJ3yZWolh9g/WOGS29qJvV
+E/6hT4QPPXPZFEnOKO0/3YsMXBwcnEqm2mQ+c4rGMKrTcynk4KaE
+-----END RSA PRIVATE KEY-----
diff --git a/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/moon/etc/swanctl/swanctl.conf b/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/moon/etc/swanctl/swanctl.conf
new file mode 100755
index 000000000..9034651e7
--- /dev/null
+++ b/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/moon/etc/swanctl/swanctl.conf
@@ -0,0 +1,33 @@
+connections {
+
+   gw-gw {
+      local_addrs  = 192.168.0.1
+      remote_addrs = 192.168.0.2 
+
+      local {
+         auth = pubkey
+         certs = moonCert.pem
+         id = moon.strongswan.org
+      }
+      remote {
+         auth = pubkey
+         id = sun.strongswan.org 
+      }
+      children {
+         net-net {
+            local_ts  = 10.1.0.0/16 
+            remote_ts = 10.2.0.0/16 
+
+            updown = /usr/local/libexec/ipsec/_updown iptables
+            rekey_time = 5400
+            rekey_bytes = 500000000
+            rekey_packets = 1000000
+            esp_proposals = aes128gcm128-modp3072
+         }
+      }
+      version = 2
+      mobike = no
+      reauth_time = 10800
+      proposals = aes128-sha256-modp3072
+   }
+}
diff --git a/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/moon/etc/swanctl/x509/moonCert.pem b/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/moon/etc/swanctl/x509/moonCert.pem
new file mode 100644
index 000000000..bea7e81f8
--- /dev/null
+++ b/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/moon/etc/swanctl/x509/moonCert.pem
@@ -0,0 +1,28 @@
+-----BEGIN CERTIFICATE-----
+MIIEyDCCAzCgAwIBAgIBAjANBglghkgBZQMEAw4FADBXMQswCQYDVQQGEwJDSDEb
+MBkGA1UEChMSc3Ryb25nU3dhbiBQcm9qZWN0MQ4wDAYDVQQLEwVTSEEtMzEbMBkG
+A1UEAxMSc3Ryb25nU3dhbiBSb290IENBMB4XDTE2MDkyMjEwMzU0N1oXDTI2MDky
+MjEwMzU0N1owWDELMAkGA1UEBhMCQ0gxGzAZBgNVBAoTEnN0cm9uZ1N3YW4gUHJv
+amVjdDEOMAwGA1UECxMFU0hBLTMxHDAaBgNVBAMTE21vb24uc3Ryb25nc3dhbi5v
+cmcwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCcPfHpuwuPBQ/0FTT6
+ENKjbxcGfVozz5Q7mfleee5DwIMH4yqkQeA297vUUEPwap/Z2Frmt9HHkeFdvDoF
+kwJN1SzmjEexo6XksbCnxbgbUFLGh9VPvLN+eZb/6U8RHbMmdds6VV9bxSgRuwB9
+ekKv950m8G7XSSTVUeOucwkgMaU1zg1F7ToNxhJv/sCBE3q6Y9Cv65HOfmMVcnJE
+6PHTSAfz0bNkho1yLKJjBoJkUF24HK1SFovxEowD4zFasHUgJCATuEhNle8kmDZS
+4R763eVcxJ8qhkfJTaxMG1y1dqfqt/9eYLQ7cF/tFPCgWYO8mUCmB+kvVAh7yAfW
+GL826RNiySb7NZg+QkDNzALIybKFkVi/SvSnJstYjWFnzF5OvsxJu0iay/GXybHA
+bvBG1ZLkEp3SSR7+CisIQjwBhmPfc0AbnyJfj7PvjnPhQ01MODVueMHZ9PDhzQAP
+tM4hTvpmySEYqPgntkzN5DlhcswVGamqfSn2htKpfCDrZ1cCAwEAAaOBnTCBmjAf
+BgNVHSMEGDAWgBTkyc2M8ohtHacu1155MaVmVTXOAjAeBgNVHREEFzAVghNtb29u
+LnN0cm9uZ3N3YW4ub3JnMBMGA1UdJQQMMAoGCCsGAQUFBwMBMEIGA1UdHwQ7MDkw
+N6A1oDOGMWh0dHA6Ly9jcmwuc3Ryb25nc3dhbi5vcmcvc3Ryb25nc3dhbi1zaGEz
+LXJzYS5jcmwwDQYJYIZIAWUDBAMOBQADggGBAAHZATrdzGmUIq+0+EdA1AbPdcaT
+UDKJvDS30JyOkUnAv5jr63PHyfw+RS92zgE2UyB4+u43BiggBNmTNCjpaEUmViAo
+tdywkzIKm7q3dr0078IZ8LU8Wo+hoeRNkBJOxdgflsSislQYDeTd7syoQ4BW7whs
+jjFK2Lbthd+/33Iw3LMekYuZF7ZUbHY7D3nlBidrmTIQQCvOnsW2lJi/S83FEYzl
+noK+of3eo4Ryg1/428FHts26PxSmnHv+ckj9R4Jf5kH8kd1WhrgDyHQMnihWlUJ2
+pintDBgislbZytqiBOGeYpbpxKl57zHs421wmUs329asu7zgfJFnCynkUgvuRXdc
+gDJ+DAiVaXCJlYnk36P87028SR9/C0JLzHA3O5CcfUdFEUs0BvVe1D3b9kC28rdA
+5V86DFCL+gp6rB+wDtq6YnCddaNk+ZCs/QAPidqOFAytaBBKaagMIFk+wlsFge79
+ZssIfKy33Frluw0HCj0LNs2tjWvG4Ku8xkFO1Q==
+-----END CERTIFICATE-----
diff --git a/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/moon/etc/swanctl/x509ca/strongswanCert.pem b/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/moon/etc/swanctl/x509ca/strongswanCert.pem
new file mode 100644
index 000000000..29ad5b942
--- /dev/null
+++ b/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/moon/etc/swanctl/x509ca/strongswanCert.pem
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEazCCAtOgAwIBAgIBADANBglghkgBZQMEAw4FADBXMQswCQYDVQQGEwJDSDEb
+MBkGA1UEChMSc3Ryb25nU3dhbiBQcm9qZWN0MQ4wDAYDVQQLEwVTSEEtMzEbMBkG
+A1UEAxMSc3Ryb25nU3dhbiBSb290IENBMB4XDTE2MDkyMjA5NDA1NVoXDTMxMDky
+MjA5NDA1NVowVzELMAkGA1UEBhMCQ0gxGzAZBgNVBAoTEnN0cm9uZ1N3YW4gUHJv
+amVjdDEOMAwGA1UECxMFU0hBLTMxGzAZBgNVBAMTEnN0cm9uZ1N3YW4gUm9vdCBD
+QTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAJpHGoOCJSiZoJhPXHqF
+XWvrY8zyGwlUCiwphOobq4nhqo2EchTuKdPvCckxtXp/pF5IJsXpptbMmNUmgN7K
+VMI/zmI9estFUZg8hn5LSMAbnm102W3xLzM6FRJWMcwe2gajg/NCww02mPsohONC
+R4nNMUgYOZdesPDmtYUKk3sr5ZNdpBL6hESBMzFYmYLBzaoeseuzra7U850tF9JU
+YfpJStBXNDz8iVPCqOkgKf1hFrPNNxtmsBW68V2ARmYNzqnaP3nLs/U43zZQiT6t
+b+zcAE1h6RGgVXjF1b1KG64J153n0YELrC2TpaF2JAGQVvzQgxoZbgiWCKt0m7wx
+Qb7P3euy8MxsMGmqHDMtztrg6AAzRKoJN56qHqdP2qExc32uu/BwfmbFv7MLxKQw
+g0VykfWBSNyx/2HMDHw79idgFpzHr2nj4CDqB6QLWtRMCWtlT8R7rlz5JlcsJY1U
+7Rlwokje9Ctj/5gToXctnLbo+j2506GLtbhxNOaH1s7GswIDAQABo0IwQDAPBgNV
+HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQU5MnNjPKIbR2n
+LtdeeTGlZlU1zgIwDQYJYIZIAWUDBAMOBQADggGBAF+Q4zABKa1ZWohHqsTgru6v
+4ru0Pnfbmg3vhlc5ur93Sd0C+fX+e+78n+0QpUNa0N9Vw54r/aF4ki0ceL4Dl4w0
+aXcDa2ozl/hksSeKwIp14W/NHTAjzP2aNpN5/dqd1DM+vojJhlcArepuVVH+NIKt
+YYUXwvsjJN9OAAKkMCbnda8gOnKMGJkVIUOTz2DOyzqd5iQ3h3zxzluP4KIya5/k
+FZV0wXy8v7phLGgbPJ5DtGuTCjao7+nF6lLkJ+/l3vPC1luB4/UbMGML4GxVwVIM
+riCepPT1I9CNuHy2qKpsEmCv8zb5pxXrxv0uIYn8MZx7VCnLuD61AOqIExTYvxv2
+Z3JbOuOsgHJeMKJbhY8r8HkktNLOeLrOW2KSilNpE915EFN0exGMC3zG4IgzRc9u
+kGGDVV9BsTkAYjQrWBuuWqxy8TCRPNpe6hnVJIQLLjE9M1V/PW3MD5ObndgT8jA3
+sMMwCxo+S11MZIcKCgnCCcGhgTLT7rFpC0hwRa6dkA==
+-----END CERTIFICATE-----
diff --git a/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/sun/etc/strongswan.conf b/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/sun/etc/strongswan.conf
new file mode 100755
index 000000000..5b67bf37e
--- /dev/null
+++ b/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/sun/etc/strongswan.conf
@@ -0,0 +1,14 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+swanctl {
+  load = pem pkcs1 x509 revocation constraints pubkey openssl random 
+}
+
+charon {
+  load = random nonce sha1 sha2 sha3 aes hmac pem pkcs1 x509 revocation constraints pubkey gmp curl kernel-netlink socket-default updown vici 
+
+  start-scripts {
+    creds = /usr/local/sbin/swanctl --load-creds 
+    conns = /usr/local/sbin/swanctl --load-conns
+  } 
+}
diff --git a/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/sun/etc/swanctl/rsa/sunKey.pem b/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/sun/etc/swanctl/rsa/sunKey.pem
new file mode 100644
index 000000000..a694bbb8f
--- /dev/null
+++ b/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/sun/etc/swanctl/rsa/sunKey.pem
@@ -0,0 +1,39 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIG4wIBAAKCAYEAuoGEVV6htuzLZd7oeZHYznMbBLffOz2l+t0XqHTUA44eM57K
+ZZMDAcc0gZvZWVFNDmOWpXpxbSQozA8Dgb9b9BYkNWHKW11rwSHq5mzmjBME394p
+DvzdV3tMmSGrhS00EyFWXLnpqrvkNTtiIm6nNHidrqM4ixbXiebOjDi3Z1vIJHOu
+MiUBe8KvZ7p8q4MpRADpEB565NWd+5/Yy4DECepBcmQn+9Pn/6FvdYfodBin9QyO
++7xsgQlnx6XI1HeiMdB6EE8r4AOVbZWseEJkUo/ZhsQk5tIYKZB18vo/8nnAHn6r
+ez+belmo4l/3hctRn8t08Lp7TRxnIUwGL8b8BxtAkR9T09duwE1KRt4h/PsCRx1H
+WKN9g/KsOi8ZPrBiz+hoHhIv+pvQ4ciEuC1Zf6AelEUnI/Rh6RuIkEjuisNk6zL6
+Fi9J2RWDTXY5vJdUTbmQhoQpbmX3yWdJyLn9vLaK/IDhaguYOuiUHKY57jWXZwW/
+bD3a5wi08JLCb0ahAgMBAAECggGALeWxq1Cee2XKqEcy7rf1otiwzXhydyG0twex
+ysL1aeqPhCSPqm+DTey3/y1bT5+yVtgrOo3nW/SKFa2cL1HoTykjv/9QzSswWVb/
+d7VVByOnD3CcqhOQZPby4rxmeV+mcQ7DMg6OcnXKs07p149jloYYR+HjCFeWs1kZ
+e2h5ufXcSxwswipZMxu2DtDV3V9pyFJxCIZ3t9jaCBJOR8ZoeAguEviS3mZHsaEI
+zOOlUOzAaI2uokS8bwThhUBHLAJEe5hglKtu5N1QGUo5x62wIK1+4McKqX5cphvW
+63N5P7yB30hfc1xM9VP/fi5UzmgccNmHl3ErJX6EbHbVNUv0a/wI6cp+s/DQRZMc
+Injr5BJIIFbzmqYST+UxEwtxUL7uV1s/eTXwsFxfQPJnx8rWbeyvGJHU6VykWJ2n
+vHmOItgaw4Lm0iw5XH2g0QC7nYFW6qC5sk7LIS3xUzN73JWjV2Z1E5nLfKxZ9sXz
+aA8WNrMSHUM/KkFaUri1xoH6gdABAoHBAPfA/gcZaoMemP06BIWKwgb/91GRsvc+
+slrmyZy+nq2bQaJw8oYyUmgWfh9X8pD6eVQN7jJBuA3BMg3L4Vn/R65rcwwYKA20
+pHgZF2MbwRlbBDtFQJe8kmwFu+TkHpGcoo94V6MdpbqoRKwQs66WOcjp4vzRLOL0
+ueynDrAPxpOaNIsr66s7xjd01VwEXYlfOfNBpOF/+3vN+O++k45/rnlEWgLeq6ie
+1xkv9vZp4FuNf6gnBXcNhu8aDJvJEMfxnQKBwQDAtqgE9K7Rhq9ht8w8P+QZUGYL
+c8mL4IGsPgmucuuheeWpmvLuAhsTxWBQhrO8/eEK4je+li6R/x0HYqgytsnOxlQH
+xH8ZsvouPtacUF9pv8x7GLnGlvdxdQzmnjYqR5MzFEX/L8+8skiyY95V/kNiWE/T
+X/Q8JgqyQ7VlykHtaToYchEhgY2m2Zxw6YhrI/ghtlP6NwOJDYsFxe7cfVvBQj9K
+qtwAidr8pKSLyJFaot+dAdSqAYZxiO90aSt/i9UCgcEAjzv7YR1Xj+CjsFrXfGFB
+VYysbnMelYSg1p7w1nb6BAJrir9j5yO2ssi2N+a/rQOyG19GY7XM897K0mEZss88
+oOEsDUT1+x6Bq5FODRVhqQgOxTl/Y3o46MzT2TvtVF/LN8jqWbptMyHPOe8aAoiF
+dduKSIGiQsAbsW7PtggY1QLk98T3pfKT4UHhjCZV8XKlbTZ5XYmBWg01q11xr4Ov
+2hojM9+KPJ1AXCZ3z/RcKnH+6LdOmIqwhRF5UqOG2SGdAoHAEA+pFTCnWUMWXtiI
+pwTUJ9/xgUbXJ1dAt3A8MlPVm5GjOG13jaqTQySSEGQJmti15shPyQyPOQ/ABZuN
+VRyy2Q7idftEdIncG/qUvFZefVvE2QWIhiqS2NvehWHuNbvdYsZvxwLfF2TsdiGo
+qBYW251smbtHibPJ9G18Ms2WjQjWFK99CgPYIG3GggqUmglXZsfhW9s16jg8u/Bx
+JeM0wHia+cgfqdPTcnbuV9ARfTJR3K4IYVrbL58wBc22GF05AoHAQvhfvtieWCJ8
+ATqOBjOcUHJ2WLiOslWsYOoqXy7v2YuVt8XFWAWZmLlzcC+8Tv79lCLpOmpiseQw
+kP9Mihi+8T15AmRUUsPREeGb7wCDNbd/KixPimhnelNGPNAV+6DPonSa4WcF9jZk
+nDa51PBPWCEPB5GHdbg/E5yiWMbr63bcTQNZxlRDaljNSRPp8xprs+JT1AIZI2wq
+hEyK6IMjYIj80jB8JZIM7nNgRhzCKCo7RdR3JMb5tduOgzvEheC3
+-----END RSA PRIVATE KEY-----
diff --git a/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/sun/etc/swanctl/swanctl.conf b/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/sun/etc/swanctl/swanctl.conf
new file mode 100755
index 000000000..2b9ddcf72
--- /dev/null
+++ b/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/sun/etc/swanctl/swanctl.conf
@@ -0,0 +1,33 @@
+connections {
+
+   gw-gw {
+      local_addrs  = 192.168.0.2
+      remote_addrs = 192.168.0.1 
+
+      local {
+         auth = pubkey
+         certs = sunCert.pem
+         id = sun.strongswan.org
+      }
+      remote {
+         auth = pubkey
+         id = moon.strongswan.org 
+      }
+      children {
+         net-net {
+            local_ts  = 10.2.0.0/16 
+            remote_ts = 10.1.0.0/16 
+
+            updown = /usr/local/libexec/ipsec/_updown iptables
+            rekey_time = 5400
+            rekey_bytes = 500000000
+            rekey_packets = 1000000
+            esp_proposals = aes128gcm128-modp3072
+         }
+      }
+      version = 2
+      mobike = no
+      reauth_time = 10800
+      proposals = aes128-sha256-modp3072
+   }
+}
diff --git a/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/sun/etc/swanctl/x509/sunCert.pem b/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/sun/etc/swanctl/x509/sunCert.pem
new file mode 100644
index 000000000..f1c086ee9
--- /dev/null
+++ b/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/sun/etc/swanctl/x509/sunCert.pem
@@ -0,0 +1,28 @@
+-----BEGIN CERTIFICATE-----
+MIIExjCCAy6gAwIBAgIBATANBglghkgBZQMEAw4FADBXMQswCQYDVQQGEwJDSDEb
+MBkGA1UEChMSc3Ryb25nU3dhbiBQcm9qZWN0MQ4wDAYDVQQLEwVTSEEtMzEbMBkG
+A1UEAxMSc3Ryb25nU3dhbiBSb290IENBMB4XDTE2MDkyMjEwMzUzMFoXDTI2MDky
+MjEwMzUzMFowVzELMAkGA1UEBhMCQ0gxGzAZBgNVBAoTEnN0cm9uZ1N3YW4gUHJv
+amVjdDEOMAwGA1UECxMFU0hBLTMxGzAZBgNVBAMTEnN1bi5zdHJvbmdzd2FuLm9y
+ZzCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALqBhFVeobbsy2Xe6HmR
+2M5zGwS33zs9pfrdF6h01AOOHjOeymWTAwHHNIGb2VlRTQ5jlqV6cW0kKMwPA4G/
+W/QWJDVhyltda8Eh6uZs5owTBN/eKQ783Vd7TJkhq4UtNBMhVly56aq75DU7YiJu
+pzR4na6jOIsW14nmzow4t2dbyCRzrjIlAXvCr2e6fKuDKUQA6RAeeuTVnfuf2MuA
+xAnqQXJkJ/vT5/+hb3WH6HQYp/UMjvu8bIEJZ8elyNR3ojHQehBPK+ADlW2VrHhC
+ZFKP2YbEJObSGCmQdfL6P/J5wB5+q3s/m3pZqOJf94XLUZ/LdPC6e00cZyFMBi/G
+/AcbQJEfU9PXbsBNSkbeIfz7AkcdR1ijfYPyrDovGT6wYs/oaB4SL/qb0OHIhLgt
+WX+gHpRFJyP0YekbiJBI7orDZOsy+hYvSdkVg012ObyXVE25kIaEKW5l98lnSci5
+/by2ivyA4WoLmDrolBymOe41l2cFv2w92ucItPCSwm9GoQIDAQABo4GcMIGZMB8G
+A1UdIwQYMBaAFOTJzYzyiG0dpy7XXnkxpWZVNc4CMB0GA1UdEQQWMBSCEnN1bi5z
+dHJvbmdzd2FuLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATBCBgNVHR8EOzA5MDeg
+NaAzhjFodHRwOi8vY3JsLnN0cm9uZ3N3YW4ub3JnL3N0cm9uZ3N3YW4tc2hhMy1y
+c2EuY3JsMA0GCWCGSAFlAwQDDgUAA4IBgQACXiUqwisoOZUH3CPfi+aGaluK3mO7
+nj/gX5X9oE2JC3haWjbnC9fsKai72U8makp12xCpWjHsuiytVlXiiSCRxBGAaFm0
+cy2AI4Ttj+4+GAaI4BkqYBTApdSSXXUH3X4Lwb4LReX+16TsJ4E+d2U/j70gyGRK
+F/KgkKj/Bi4F//4/uXHPbgp2istKmkQ4wlcUb5EdM0tUiAUwYGMhdUhSryq4+7y8
+1QaPGg0Zv3nvGgoj332BOczflmNzoonXcihZk97iMRc/TvBOoizvuH9COCSbw/AB
+hnVG1lyTQjBAcE2U4MP5yUVuIqBgPnKtbyN3gf30Iq3g/ThVekchrYGO3PWMWAzS
+ecfr2yN11BC6nDca039Yub41AuzQqBQR1gY5sHouXNTx4Bs0g4xk+3rGa8MMgI0+
+jXhDVAorQFYuACDuto6skRtkcmXJ/1psvVEv5dcKAHdZCNKkgtXe2XoVvrjNxnPw
+MTVros8o+8Bz2R4qArLjwrZtvYI+czZx6dk=
+-----END CERTIFICATE-----
diff --git a/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/sun/etc/swanctl/x509ca/strongswanCert.pem b/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/sun/etc/swanctl/x509ca/strongswanCert.pem
new file mode 100644
index 000000000..29ad5b942
--- /dev/null
+++ b/testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/sun/etc/swanctl/x509ca/strongswanCert.pem
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEazCCAtOgAwIBAgIBADANBglghkgBZQMEAw4FADBXMQswCQYDVQQGEwJDSDEb
+MBkGA1UEChMSc3Ryb25nU3dhbiBQcm9qZWN0MQ4wDAYDVQQLEwVTSEEtMzEbMBkG
+A1UEAxMSc3Ryb25nU3dhbiBSb290IENBMB4XDTE2MDkyMjA5NDA1NVoXDTMxMDky
+MjA5NDA1NVowVzELMAkGA1UEBhMCQ0gxGzAZBgNVBAoTEnN0cm9uZ1N3YW4gUHJv
+amVjdDEOMAwGA1UECxMFU0hBLTMxGzAZBgNVBAMTEnN0cm9uZ1N3YW4gUm9vdCBD
+QTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAJpHGoOCJSiZoJhPXHqF
+XWvrY8zyGwlUCiwphOobq4nhqo2EchTuKdPvCckxtXp/pF5IJsXpptbMmNUmgN7K
+VMI/zmI9estFUZg8hn5LSMAbnm102W3xLzM6FRJWMcwe2gajg/NCww02mPsohONC
+R4nNMUgYOZdesPDmtYUKk3sr5ZNdpBL6hESBMzFYmYLBzaoeseuzra7U850tF9JU
+YfpJStBXNDz8iVPCqOkgKf1hFrPNNxtmsBW68V2ARmYNzqnaP3nLs/U43zZQiT6t
+b+zcAE1h6RGgVXjF1b1KG64J153n0YELrC2TpaF2JAGQVvzQgxoZbgiWCKt0m7wx
+Qb7P3euy8MxsMGmqHDMtztrg6AAzRKoJN56qHqdP2qExc32uu/BwfmbFv7MLxKQw
+g0VykfWBSNyx/2HMDHw79idgFpzHr2nj4CDqB6QLWtRMCWtlT8R7rlz5JlcsJY1U
+7Rlwokje9Ctj/5gToXctnLbo+j2506GLtbhxNOaH1s7GswIDAQABo0IwQDAPBgNV
+HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQU5MnNjPKIbR2n
+LtdeeTGlZlU1zgIwDQYJYIZIAWUDBAMOBQADggGBAF+Q4zABKa1ZWohHqsTgru6v
+4ru0Pnfbmg3vhlc5ur93Sd0C+fX+e+78n+0QpUNa0N9Vw54r/aF4ki0ceL4Dl4w0
+aXcDa2ozl/hksSeKwIp14W/NHTAjzP2aNpN5/dqd1DM+vojJhlcArepuVVH+NIKt
+YYUXwvsjJN9OAAKkMCbnda8gOnKMGJkVIUOTz2DOyzqd5iQ3h3zxzluP4KIya5/k
+FZV0wXy8v7phLGgbPJ5DtGuTCjao7+nF6lLkJ+/l3vPC1luB4/UbMGML4GxVwVIM
+riCepPT1I9CNuHy2qKpsEmCv8zb5pxXrxv0uIYn8MZx7VCnLuD61AOqIExTYvxv2
+Z3JbOuOsgHJeMKJbhY8r8HkktNLOeLrOW2KSilNpE915EFN0exGMC3zG4IgzRc9u
+kGGDVV9BsTkAYjQrWBuuWqxy8TCRPNpe6hnVJIQLLjE9M1V/PW3MD5ObndgT8jA3
+sMMwCxo+S11MZIcKCgnCCcGhgTLT7rFpC0hwRa6dkA==
+-----END CERTIFICATE-----
diff --git a/testing/tests/swanctl/net2net-sha3-rsa-cert/posttest.dat b/testing/tests/swanctl/net2net-sha3-rsa-cert/posttest.dat
new file mode 100755
index 000000000..30d10b555
--- /dev/null
+++ b/testing/tests/swanctl/net2net-sha3-rsa-cert/posttest.dat
@@ -0,0 +1,5 @@
+moon::swanctl --terminate --ike gw-gw 2> /dev/null
+moon::service charon stop 2> /dev/null
+sun::service charon stop 2> /dev/null
+moon::iptables-restore < /etc/iptables.flush
+sun::iptables-restore < /etc/iptables.flush
diff --git a/testing/tests/swanctl/net2net-sha3-rsa-cert/pretest.dat b/testing/tests/swanctl/net2net-sha3-rsa-cert/pretest.dat
new file mode 100755
index 000000000..b128bef44
--- /dev/null
+++ b/testing/tests/swanctl/net2net-sha3-rsa-cert/pretest.dat
@@ -0,0 +1,7 @@
+moon::iptables-restore < /etc/iptables.rules
+sun::iptables-restore < /etc/iptables.rules
+moon::service charon start 2> /dev/null
+sun::service charon start 2> /dev/null
+moon::expect-connection gw-gw
+sun::expect-connection gw-gw
+moon::swanctl --initiate --child net-net 2> /dev/null
diff --git a/testing/tests/swanctl/net2net-sha3-rsa-cert/test.conf b/testing/tests/swanctl/net2net-sha3-rsa-cert/test.conf
new file mode 100755
index 000000000..07a3b247a
--- /dev/null
+++ b/testing/tests/swanctl/net2net-sha3-rsa-cert/test.conf
@@ -0,0 +1,25 @@
+#!/bin/bash
+#
+# This configuration file provides information on the
+# guest instances used for this test
+
+# All guest instances that are required for this test
+#
+VIRTHOSTS="alice moon winnetou sun bob"
+
+# Corresponding block diagram
+#
+DIAGRAM="a-m-w-s-b.png"
+ 
+# Guest instances on which tcpdump is to be started
+#
+TCPDUMPHOSTS="sun"
+
+# Guest instances on which IPsec is started
+# Used for IPsec logging purposes
+#
+IPSECHOSTS="moon sun"
+
+# charon controlled by swanctl
+#
+SWANCTL=1
diff --git a/testing/tests/swanctl/rw-eap-tls-sha3-rsa/description.txt b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/description.txt
new file mode 100755
index 000000000..e9ea4aca5
--- /dev/null
+++ b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/description.txt
@@ -0,0 +1,8 @@
+The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each 
+to gateway <b>moon</b>. The authentication is based on <b>EAP-TLS</b> only using
+<b>X.509 certificates</b> with signatures consisting of <b>RSA-encrypted SHA-3 hashes</b>. 
+<p/>
+Upon the successful establishment of the IPsec tunnels, the updown script
+automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
+In order to test both tunnel and firewall, both <b>carol</b> and <b>dave</b> ping
+the client <b>alice</b> behind the gateway <b>moon</b>.
diff --git a/testing/tests/swanctl/rw-eap-tls-sha3-rsa/evaltest.dat b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/evaltest.dat
new file mode 100755
index 000000000..51bf8c1ba
--- /dev/null
+++ b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/evaltest.dat
@@ -0,0 +1,10 @@
+carol::swanctl --list-sas --raw 2> /dev/null::home.*version=2 state=ESTABLISHED local-host=192.168.0.100 local-port=4500 local-id=carol@strongswan.org remote-host=192.168.0.1 remote-port=4500 remote-id=moon.strongswan.org initiator=yes.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=MODP_3072.*child-sas.*home.*state=INSTALLED mode=TUNNEL.*ESP.*encr-alg=AES_GCM_16 encr-keysize=128.*local-ts=\[192.168.0.100/32] remote-ts=\[10.1.0.0/16]::YES
+dave:: swanctl --list-sas --raw 2> /dev/null::home.*version=2 state=ESTABLISHED local-host=192.168.0.200 local-port=4500 local-id=dave@strongswan.org remote-host=192.168.0.1 remote-port=4500 remote-id=moon.strongswan.org initiator=yes.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=MODP_3072.*child-sas.*home.*state=INSTALLED mode=TUNNEL.*ESP.*encr-alg=AES_GCM_16 encr-keysize=128.*local-ts=\[192.168.0.200/32] remote-ts=\[10.1.0.0/16]::YES
+moon:: swanctl --list-sas --ike-id 1 --raw 2> /dev/null::rw.*version=2 state=ESTABLISHED local-host=192.168.0.1 local-port=4500 local-id=moon.strongswan.org remote-host=192.168.0.100 remote-port=4500 remote-id=carol@strongswan.org.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=MODP_3072.*child-sas.*net.*reqid=1 state=INSTALLED mode=TUNNEL.*ESP.*encr-alg=AES_GCM_16 encr-keysize=128.*local-ts=\[10.1.0.0/16] remote-ts=\[192.168.0.100/32]::YES
+moon:: swanctl --list-sas --ike-id 2 --raw 2> /dev/null::rw.*version=2 state=ESTABLISHED local-host=192.168.0.1 local-port=4500 local-id=moon.strongswan.org remote-host=192.168.0.200 remote-port=4500 remote-id=dave@strongswan.org.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=MODP_3072.*child-sas.*net.*reqid=2 state=INSTALLED mode=TUNNEL.*ESP.*encr-alg=AES_GCM_16 encr-keysize=128.*local-ts=\[10.1.0.0/16] remote-ts=\[192.168.0.200/32]::YES
+alice::ping -c 1 192.168.0.100::64 bytes from 192.168.0.100: icmp_.eq=1::YES
+alice::ping -c 1 192.168.0.200::64 bytes from 192.168.0.200: icmp_.eq=1::YES
+moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
+moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
+moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES
+moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
diff --git a/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/carol/etc/strongswan.conf b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/carol/etc/strongswan.conf
new file mode 100755
index 000000000..3b492f0d4
--- /dev/null
+++ b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/carol/etc/strongswan.conf
@@ -0,0 +1,18 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+swanctl {
+  load = pem pkcs1 x509 revocation constraints pubkey openssl random 
+}
+
+charon {
+  load = random nonce md5 sha1 sha2 sha3 aes hmac pem pkcs1 x509 revocation constraints pubkey gmp curl eap-tls kernel-netlink socket-default updown vici 
+
+  start-scripts {
+    creds = /usr/local/sbin/swanctl --load-creds 
+    conns = /usr/local/sbin/swanctl --load-conns
+  } 
+}
+
+libtls {
+  suites = TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
+}
diff --git a/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/carol/etc/swanctl/rsa/carolKey.pem b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/carol/etc/swanctl/rsa/carolKey.pem
new file mode 100644
index 000000000..db6c98d89
--- /dev/null
+++ b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/carol/etc/swanctl/rsa/carolKey.pem
@@ -0,0 +1,39 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIG4gIBAAKCAYEAw7ArNq1Cs5RMc1MuHO5BZAIAc9v04THLSpCs+zNQlyJCXaij
+siTQUbATyhgB5O11HKh69J8PRITx+dqIW/are3KGAKbvo8G5AgVOPhO+X3n7iOwT
+PqtaAlAa4/qpVyD/RSfOiQPXj+SFtBz9Js36gZegcm/w3d0QVOPUIEMWpSMIHCAm
+v6Ji/QHyOEVyOuiW0PTKVxqY8iFgnT8djDo0xWU40RNcIC7qyMkmGD8xR+kIbBcH
+8akPB6NgNvFVUZPK4EQfr19JNAQp7KbPA6tlzRxR6z0eL57zRUU47g3cf9Ie1zNj
+4FrIfv/+nA9ZVpR/DsGe3qmJvTVDfubaGkFE4AKxUEGcm0N4gHXo1PBj7hayJJSU
+IuAfoIfmkorqrPTp3bRoH2NWmMveBU6W4c8Vocv4ceWmCsrodcNdzqcnU4QGFc9x
+KPeiD232KeBZdpK4vs1ewkzftWmOVYUBG0X5oNNYoT54Qr8YXTWTI/3Rp7TbVGh7
+Z6iqH7hQ9gNGOe+NAgMBAAECggGAKuC3F0vviZm9Bqf7OquZ+GfX4YsYpR9cBAKf
+ZIth5TvEfvEsrSQT4VJLg8Su5ZKCTr07883GcqUOwEh6CGyMNohphEsPxznzZ9Xx
+xvhchl8cFmxj6x9woYEb40hRQp4gUO7f+nW1DfpssYKIlbAca7jlly2gAX0mzvL8
+z/TjSVvbsw34b5UNS5LZmCrfVLkSEscQbvWM/cECgnIJ72fxmC8NvAIZ9ZNSLpyk
+lDuEeNU+2zBQtUrt2CacNm263B0dvHrW9QSTdi1GvIjxhc3ab8OT0ZDNzo/S2eRJ
+InN77gwkYgEu1jeloBsicG4ZAAdbQU5/X4prnJIy2novnA/2C+hrmpYDhxqOT4Uk
+AhoMiyvrJF6rxPZj+R5qzc4RUzZapcXUNzH0lCwtwd19Ogfw38LUkHCtqQQpleme
+AL7FeVDXDu9oe6c5YrZihehT7p8ExKwlwiWy4u2bnoip77wOCuLo+D6eZpt64w4e
+XiHpWtmkADqhfzMgt/WUMpD/+gcBAoHBAPTa6zMClhGP6su624Rv9HSVClacXR7d
+zJNo5stnPierfcIZs8loWthR6AgGx36q9bOqtfIdFRc/PajF7oggnTcxMBZdCoU8
+Oi3vWEH+aIzIX3KICUjRYjj1kpm9xcy7XPGc6bEit+PM1DJ1jXCTiC30uQpavNxr
+klV4+ROIt9MYsb3tQw7CO1mGNR37jAEUqbJ7sK2OnvmjZPJlwJs0AyN1j7ZUihDO
+VT5UhjwB4KUH6BEirXTkoaDxZwsRfR5SaQKBwQDMmFm2M8J9AOxgrYTY80YIRQpy
+vrcX7Xrzn4Lu8M8Xr6RlS5bbXApAH7WtRHGlIj14lItmvZpRSOTzawtn65AzeIUF
+82/EMxLJaGjMBviTyNy+ta9wn8Qdy5c2ZZ5dKgsQ4PprSkAvNOnpd1wG48pbGg7/
+n3tVs9zdD2wa35KVjoyueu9Ls9BbND8v7OYmkmSNqFlA5KuLIeQkuLNxjxQsV5Vg
+S8pyg1jlYs7KmYs9GIFHAVEf5LG6a/3huWfuR4UCgcAGWfdn51VFN1p71mkDUnQg
+4gzWmk/AETjRShNSi2cNWGF2u3vyaYaRve4q5yIdowmkk3UMxrxZUgajbh714QKy
+/8+jhN5U/m7z6hV8AMFthXUUX3r+LJBDsfsPieCrouCSU+Or+J6Uhieq92mn1eve
+ZU63egsUHKY7GVw8qXs7OpTBvHnU1Cz98YFHOdMz4/lS6+p1VhHBn/9qWkFYxUyf
+itkjfaXnMbL8XuzseY/+N+pJJ4EgWx3mMtzdaKK6OqECgcAttOdt1fhgFsG4A2vH
+T+nYVRw1cDfVJ5+tJ3iHytJpFzshyhZEoTZFBxB+SekdnB2hf4X5COiduiwz2Tku
+GSkY5pbJMo5IhaRvzFyFIBWOZnQyQsKT5Y1Znq8EXwVXCNp6BdjL+UWHhkmvd5Pe
+kisV2Sd6ofVauxjfZd+fzUyhDryNCjfFcMFebrijC0iLW28NWou9/Jf6ODMQpRap
+iu5Vzac4YRY0KPXGISHTjyPVHVFcPIYUGvI9lHyeXd5DFEUCgcA9s3ei/H000sC6
+3q5iELW8kxFCpwvu7uKCFfakAqQn8nponHEUgRS7eLjzS1NB0qysIiOMtZPAVMCz
+puETLsi9PxD8de4RyEyZC2yd973j+TqFQmPyiWF3QNW55zM2iELW5sGeEVk/Z15c
+nlItcy7KOJOJU0TAKvUUjr4ug5N7sVSN1aeF4tiaFz0GFIqV3qAkcTMfpaOKfuSc
+huiHBdBaY7m4uNK4/ZOi1JitocO7wpRsX/eRJ4AuNrro8EHHAe0=
+-----END RSA PRIVATE KEY-----
diff --git a/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/carol/etc/swanctl/swanctl.conf b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/carol/etc/swanctl/swanctl.conf
new file mode 100755
index 000000000..229b6022c
--- /dev/null
+++ b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/carol/etc/swanctl/swanctl.conf
@@ -0,0 +1,28 @@
+connections {
+
+   home {
+      local_addrs  = 192.168.0.100
+      remote_addrs = 192.168.0.1 
+
+      local {
+         auth = eap-tls 
+         certs = carolCert.pem
+         id = carol@strongswan.org
+      }
+      remote {
+         auth = eap-tls 
+         id = moon.strongswan.org 
+      }
+      children {
+         home {
+            remote_ts = 10.1.0.0/16 
+
+            updown = /usr/local/libexec/ipsec/_updown iptables
+            esp_proposals = aes128gcm128-modp3072
+         }
+      }
+      version = 2
+      send_certreq = no
+      proposals = aes128-sha256-modp3072
+   }
+}
diff --git a/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/carol/etc/swanctl/x509/carolCert.pem b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/carol/etc/swanctl/x509/carolCert.pem
new file mode 100644
index 000000000..94f2c0a19
--- /dev/null
+++ b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/carol/etc/swanctl/x509/carolCert.pem
@@ -0,0 +1,28 @@
+-----BEGIN CERTIFICATE-----
+MIIEtTCCAx2gAwIBAgIBAzANBglghkgBZQMEAw4FADBXMQswCQYDVQQGEwJDSDEb
+MBkGA1UEChMSc3Ryb25nU3dhbiBQcm9qZWN0MQ4wDAYDVQQLEwVTSEEtMzEbMBkG
+A1UEAxMSc3Ryb25nU3dhbiBSb290IENBMB4XDTE2MDkyMjEwMzYwMloXDTI2MDky
+MjEwMzYwMlowWTELMAkGA1UEBhMCQ0gxGzAZBgNVBAoTEnN0cm9uZ1N3YW4gUHJv
+amVjdDEOMAwGA1UECxMFU0hBLTMxHTAbBgNVBAMMFGNhcm9sQHN0cm9uZ3N3YW4u
+b3JnMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAw7ArNq1Cs5RMc1Mu
+HO5BZAIAc9v04THLSpCs+zNQlyJCXaijsiTQUbATyhgB5O11HKh69J8PRITx+dqI
+W/are3KGAKbvo8G5AgVOPhO+X3n7iOwTPqtaAlAa4/qpVyD/RSfOiQPXj+SFtBz9
+Js36gZegcm/w3d0QVOPUIEMWpSMIHCAmv6Ji/QHyOEVyOuiW0PTKVxqY8iFgnT8d
+jDo0xWU40RNcIC7qyMkmGD8xR+kIbBcH8akPB6NgNvFVUZPK4EQfr19JNAQp7KbP
+A6tlzRxR6z0eL57zRUU47g3cf9Ie1zNj4FrIfv/+nA9ZVpR/DsGe3qmJvTVDfuba
+GkFE4AKxUEGcm0N4gHXo1PBj7hayJJSUIuAfoIfmkorqrPTp3bRoH2NWmMveBU6W
+4c8Vocv4ceWmCsrodcNdzqcnU4QGFc9xKPeiD232KeBZdpK4vs1ewkzftWmOVYUB
+G0X5oNNYoT54Qr8YXTWTI/3Rp7TbVGh7Z6iqH7hQ9gNGOe+NAgMBAAGjgYkwgYYw
+HwYDVR0jBBgwFoAU5MnNjPKIbR2nLtdeeTGlZlU1zgIwHwYDVR0RBBgwFoEUY2Fy
+b2xAc3Ryb25nc3dhbi5vcmcwQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybC5z
+dHJvbmdzd2FuLm9yZy9zdHJvbmdzd2FuLXNoYTMtcnNhLmNybDANBglghkgBZQME
+Aw4FAAOCAYEAHxkcN7plS2BvO/yXxE5WJ+2k9IP/IupuE6ChuFHDq5SrGNMsStsG
+sGpV6/yxvLSHchNGnGMIOyLTMzKgWy5dnDy4YX2FqZkI8ZBa0FJ9iO2IxILCsmyw
+ouShOv47YkNuAzJWIZjRz3+7mNhfX3TsdEr26cNKf1JqawTyFCDq0t/UYS6K/8O+
++6Q1kmy2mRgR19XkxA0ts3xno+eeB0NelnVEjJwqZPFgmVYK/2T4fUKraJyQzwhp
+xghLtlmwNuN6jetB4Z9k3hQQaPlUy2wxrqdsNfV9Ysgy+3LcI2ynoFMYShrS4avW
+FI2z0hb8sDkvS4Knif4UCv14Gycb/8nSgiingEMU+UmPOxwUl79/99e4LvIaslp4
+S0AiLwe0Tz2NqQ6uhvVppw3lYptIt+EK042cYpm/CPTMlMhT+Pi8l/POWIdquNLp
+85NuiVBbt3wMff+qTu+/ppyQsytTfDMD6XLggorLni/Owf9PoBakcdGuPW9MAUTf
+6Idv0tl5T0qX
+-----END CERTIFICATE-----
diff --git a/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/carol/etc/swanctl/x509ca/strongswanCert.pem b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/carol/etc/swanctl/x509ca/strongswanCert.pem
new file mode 100644
index 000000000..29ad5b942
--- /dev/null
+++ b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/carol/etc/swanctl/x509ca/strongswanCert.pem
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEazCCAtOgAwIBAgIBADANBglghkgBZQMEAw4FADBXMQswCQYDVQQGEwJDSDEb
+MBkGA1UEChMSc3Ryb25nU3dhbiBQcm9qZWN0MQ4wDAYDVQQLEwVTSEEtMzEbMBkG
+A1UEAxMSc3Ryb25nU3dhbiBSb290IENBMB4XDTE2MDkyMjA5NDA1NVoXDTMxMDky
+MjA5NDA1NVowVzELMAkGA1UEBhMCQ0gxGzAZBgNVBAoTEnN0cm9uZ1N3YW4gUHJv
+amVjdDEOMAwGA1UECxMFU0hBLTMxGzAZBgNVBAMTEnN0cm9uZ1N3YW4gUm9vdCBD
+QTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAJpHGoOCJSiZoJhPXHqF
+XWvrY8zyGwlUCiwphOobq4nhqo2EchTuKdPvCckxtXp/pF5IJsXpptbMmNUmgN7K
+VMI/zmI9estFUZg8hn5LSMAbnm102W3xLzM6FRJWMcwe2gajg/NCww02mPsohONC
+R4nNMUgYOZdesPDmtYUKk3sr5ZNdpBL6hESBMzFYmYLBzaoeseuzra7U850tF9JU
+YfpJStBXNDz8iVPCqOkgKf1hFrPNNxtmsBW68V2ARmYNzqnaP3nLs/U43zZQiT6t
+b+zcAE1h6RGgVXjF1b1KG64J153n0YELrC2TpaF2JAGQVvzQgxoZbgiWCKt0m7wx
+Qb7P3euy8MxsMGmqHDMtztrg6AAzRKoJN56qHqdP2qExc32uu/BwfmbFv7MLxKQw
+g0VykfWBSNyx/2HMDHw79idgFpzHr2nj4CDqB6QLWtRMCWtlT8R7rlz5JlcsJY1U
+7Rlwokje9Ctj/5gToXctnLbo+j2506GLtbhxNOaH1s7GswIDAQABo0IwQDAPBgNV
+HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQU5MnNjPKIbR2n
+LtdeeTGlZlU1zgIwDQYJYIZIAWUDBAMOBQADggGBAF+Q4zABKa1ZWohHqsTgru6v
+4ru0Pnfbmg3vhlc5ur93Sd0C+fX+e+78n+0QpUNa0N9Vw54r/aF4ki0ceL4Dl4w0
+aXcDa2ozl/hksSeKwIp14W/NHTAjzP2aNpN5/dqd1DM+vojJhlcArepuVVH+NIKt
+YYUXwvsjJN9OAAKkMCbnda8gOnKMGJkVIUOTz2DOyzqd5iQ3h3zxzluP4KIya5/k
+FZV0wXy8v7phLGgbPJ5DtGuTCjao7+nF6lLkJ+/l3vPC1luB4/UbMGML4GxVwVIM
+riCepPT1I9CNuHy2qKpsEmCv8zb5pxXrxv0uIYn8MZx7VCnLuD61AOqIExTYvxv2
+Z3JbOuOsgHJeMKJbhY8r8HkktNLOeLrOW2KSilNpE915EFN0exGMC3zG4IgzRc9u
+kGGDVV9BsTkAYjQrWBuuWqxy8TCRPNpe6hnVJIQLLjE9M1V/PW3MD5ObndgT8jA3
+sMMwCxo+S11MZIcKCgnCCcGhgTLT7rFpC0hwRa6dkA==
+-----END CERTIFICATE-----
diff --git a/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/dave/etc/strongswan.conf b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/dave/etc/strongswan.conf
new file mode 100755
index 000000000..3b492f0d4
--- /dev/null
+++ b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/dave/etc/strongswan.conf
@@ -0,0 +1,18 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+swanctl {
+  load = pem pkcs1 x509 revocation constraints pubkey openssl random 
+}
+
+charon {
+  load = random nonce md5 sha1 sha2 sha3 aes hmac pem pkcs1 x509 revocation constraints pubkey gmp curl eap-tls kernel-netlink socket-default updown vici 
+
+  start-scripts {
+    creds = /usr/local/sbin/swanctl --load-creds 
+    conns = /usr/local/sbin/swanctl --load-conns
+  } 
+}
+
+libtls {
+  suites = TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
+}
diff --git a/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/dave/etc/swanctl/rsa/daveKey.pem b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/dave/etc/swanctl/rsa/daveKey.pem
new file mode 100644
index 000000000..85ad0d826
--- /dev/null
+++ b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/dave/etc/swanctl/rsa/daveKey.pem
@@ -0,0 +1,39 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIG5QIBAAKCAYEA2tDIPF4nBGWCGJrnrV1npIw4nz24u1siDlD1eS2o17sYTBnf
+zQGkayW9dw/hhy3bGNrsGmuwr/lTMn1g3Kg+UQ0MNIWGPs3UWLeB5OBjQ4mWTmHK
+l0Aov2QnFO5PT63f57qwZOBXMLJzIdOlBJku5kxBu0qYT/FsX40KR0QSzl5at7QH
+5tJ81eBHuVaLEJrg5hYkqaDltGvisUeUozo5sijMfNvJUbwYQtL7UQrAMyFDAHqH
+kx/RaOkOP58FdmzTihqRXLObVVrOMWq6pTARCssdDhcA/y2QtcQzftCbID9/+hMx
+8yRyD0FbPcDC6CvrxVzUTyqBNjW9ZnrDfIxrqiRna7Fnjfq9gDYxYtDXGjvx1PdI
+p1ZgiiiQ0BLWQV8w+ujKgM52wy8YMdnCTDdcIVmreo02amu4txX3wf9YAeGtQ5gN
+QkJSooZEjwOnqVhiqNDEjxDgoEssAJ/VQtSwj37Ug1AFZ9bB2x+YNtC5b/Mj0Y4o
+k7mO+ButDiTzkw53AgMBAAECggGACY1lwGTn1SRNSp+wj3vtY1yPuDvsjZlL4k4c
+eT7KCSjsxZ23jG6O6/KI0+LImKsiznH4LqsW2ofK3wBkMx3RIp6sMrrFgoZfx8Oz
+EvfMvY0LF77jJjkxzjEkF6DTq4nOpYIb4zt78u9HYWmo4YuCZaFcmT2Haq4CaiVx
+Fm1dWM77rNtaIPR9aKTS3L9vcLkiKkk7LoCMppSzH8QdNAb9r85iJu09W6kXcgtd
+10rd2x2PnDy9IGoaLTdHXPWnOmVDviFgCp9zxBk4g/SWDR2AdHOgg3D2mvOmFkVK
+SLxr8RKhzzQfbRQuV4F3so9QVfkKyH8xsOpjAqjQwJC1LIWMJipzmc8o/AnUw0Rj
+UvU1sDYV8MHimgoftG000vB72hws8tv/XQHl13Tig8y46lSOYxavBJZuHjPPhkQF
+YlsfyUV5B11EmlyZ+KsNCHj9vXGRL6bw3Hu1UeG5cnXBXNkPq7ssNpgwdJrpqcW3
+8KWtl7w/b68ZLwyMpxKbmUNIyNkJAoHBAP9KBnqa91RA8gg0/Kp91NLiNXT9ibN3
+cQ6Y6HXuCWrKIKVKMmxRkhM9lMzOVfVVw5ydWZ3B5tzMiIfVCnyzs357vxBGsQEk
+TQ9I/kdFuR1gSMZVbXSH1Cbf/Ealg7j/w5/3WpQSaszUN2dmkJ64I3iEWELjT/VV
+RaxEhdNmZiRieOglkpvt+4X2Cr5oKXUofb11QX8bBmPnZklWUTuEfQu2KFc7T2im
+2ZonJKdxRMMFcnHqS3StX8OYqK8qqTC9hQKBwQDbbMIAp2omxd+iiN4hCIgZ1mK3
+HzBBwam6A/ZLqbByB4Ch1TNRK959xtJW6FLibZPYCi12b1ILwjOVO7aQHKnhKItX
+rhwAdhaBd3tJTxu2jDB0Bx1UkKbTDQ3bipnLY+VX/r/rMKbRsWgzejLs/CjafOj7
+OaFSpQOiQfOkpGKpwTab2H0CYqCMxK/4VYBP/NWwM0o0gaL5dJCjZ5i72CnHtmx7
+3D69TCieFY7RiDyf4Pix0tonwD5FfVHfH1SpjssCgcEAxJIcYQW4EhEcDIO4VhMj
+7+msndOn1x/OVx4YSM4sRCU1c/Co2M0KfHQ7gmQSviD2yT5DxfyLJlL7ghPhylmY
+iXkBiqfUHXv1NiLPYNPoER2Vi9o1uLfp/LEVkNRbk/SkjiUpgsCXqfZyXtUT4JML
+BP5q874SUGcDif0NStUbK0MDtEVSGWzq8qCcbzbHTWYLQ/non9WQWxbPpQKo8/o1
+SvJNJ7YMlBl9jnw7dg76kmw8TkjJJyNkjLickpx3wIb9AoHBAIx01s6SW9nL6fZh
+xEbC7lQTrobn2P0OmbWv2ZXfXknv0YBGOB4qhbZfcb8d4gh8+hldknJwmcVbH6fU
+XG1tW7T8Pg33LoeBD7D6KZnooKW+oTl0YGsEWTVZ8tfopb/TBzjHolRLhU1PUZM6
+EqUuWHxbXsuJvWForaXMr8hhTaK6QlmKP6MqPPk+4iGFoagSATtT6Zkorokd+4QN
+yW/c1Am6FUFH34VO3eUriYtIuP3ihW9WuDyfy3yx1pmLtab/9wKBwQDbBXYm9ugE
+wRSIxCywJ+aPNRQKanCKORwQMNJZ80rrXIs7saomY4Os+utJpOhoksTJB7mAn3ij
+kopmXn6NOsXdOlp9Ty55YRylGmOIQpsO7kSfylE1NFioHqksuQndbUwZFbskI0cN
+egyoihqnbfoLyxGu1/M521IseW3AwFIc0gAGdQ7i4ZXVlXOXWvdZFxnpd6PAfFMb
+J9mOicxHQ6Yv5b30RUvSIN+LHnUNGGk9XAxCH/jKtU7886jD6f34ru8=
+-----END RSA PRIVATE KEY-----
diff --git a/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/dave/etc/swanctl/swanctl.conf b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/dave/etc/swanctl/swanctl.conf
new file mode 100755
index 000000000..adf9326c7
--- /dev/null
+++ b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/dave/etc/swanctl/swanctl.conf
@@ -0,0 +1,28 @@
+connections {
+
+   home {
+      local_addrs  = 192.168.0.200
+      remote_addrs = 192.168.0.1 
+
+      local {
+         auth = eap-tls 
+         certs = daveCert.pem
+         id = dave@strongswan.org
+      }
+      remote {
+         auth = eap-tls 
+         id = moon.strongswan.org 
+      }
+      children {
+         home {
+            remote_ts = 10.1.0.0/16 
+
+            updown = /usr/local/libexec/ipsec/_updown iptables
+            esp_proposals = aes128gcm128-modp3072
+         }
+      }
+      version = 2
+      send_certreq = no
+      proposals = aes128-sha256-modp3072
+   }
+}
diff --git a/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/dave/etc/swanctl/x509/daveCert.pem b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/dave/etc/swanctl/x509/daveCert.pem
new file mode 100644
index 000000000..c5c769cb5
--- /dev/null
+++ b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/dave/etc/swanctl/x509/daveCert.pem
@@ -0,0 +1,28 @@
+-----BEGIN CERTIFICATE-----
+MIIEszCCAxugAwIBAgIBBDANBglghkgBZQMEAw4FADBXMQswCQYDVQQGEwJDSDEb
+MBkGA1UEChMSc3Ryb25nU3dhbiBQcm9qZWN0MQ4wDAYDVQQLEwVTSEEtMzEbMBkG
+A1UEAxMSc3Ryb25nU3dhbiBSb290IENBMB4XDTE2MDkyMjEwMzcwN1oXDTI2MDky
+MjEwMzcwN1owWDELMAkGA1UEBhMCQ0gxGzAZBgNVBAoTEnN0cm9uZ1N3YW4gUHJv
+amVjdDEOMAwGA1UECxMFU0hBLTMxHDAaBgNVBAMME2RhdmVAc3Ryb25nc3dhbi5v
+cmcwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDa0Mg8XicEZYIYmuet
+XWekjDifPbi7WyIOUPV5LajXuxhMGd/NAaRrJb13D+GHLdsY2uwaa7Cv+VMyfWDc
+qD5RDQw0hYY+zdRYt4Hk4GNDiZZOYcqXQCi/ZCcU7k9Prd/nurBk4FcwsnMh06UE
+mS7mTEG7SphP8WxfjQpHRBLOXlq3tAfm0nzV4Ee5VosQmuDmFiSpoOW0a+KxR5Sj
+OjmyKMx828lRvBhC0vtRCsAzIUMAeoeTH9Fo6Q4/nwV2bNOKGpFcs5tVWs4xarql
+MBEKyx0OFwD/LZC1xDN+0JsgP3/6EzHzJHIPQVs9wMLoK+vFXNRPKoE2Nb1mesN8
+jGuqJGdrsWeN+r2ANjFi0NcaO/HU90inVmCKKJDQEtZBXzD66MqAznbDLxgx2cJM
+N1whWat6jTZqa7i3FffB/1gB4a1DmA1CQlKihkSPA6epWGKo0MSPEOCgSywAn9VC
+1LCPftSDUAVn1sHbH5g20Llv8yPRjiiTuY74G60OJPOTDncCAwEAAaOBiDCBhTAf
+BgNVHSMEGDAWgBTkyc2M8ohtHacu1155MaVmVTXOAjAeBgNVHREEFzAVgRNkYXZl
+QHN0cm9uZ3N3YW4ub3JnMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9jcmwuc3Ry
+b25nc3dhbi5vcmcvc3Ryb25nc3dhbi1zaGEzLXJzYS5jcmwwDQYJYIZIAWUDBAMO
+BQADggGBAISXAxemOSUmXqkf7cgTQHpreMH1Y9LPJxZUUq5GVErmPzhLaZDSqZSy
+ZXcu3EWPA0RElaYBd9CSgFx0I89tw41dIYOLDyLnrEDHmcsgcJl74YYBSzebB/TJ
+OGXtV3S9M9OF1vSdugaXI1hDXck7cODUR6nyZAWOp5kBSItAH5bglCRtaQlAuSxM
+wRWYhBErUR5tZvu0loCN+11hVg/ddQ3r+FeHUt35KNenxkd6hWlHljbPv/eTtqgc
+/5VGEC96I2rD6WNcszj/SKK40zA9GuF1mIwNKEdcYnPRxoszlD6C7cdGJZ8VpJLc
+d7sO0QJur5HNtj6oUbM3HuHAaZBjg7uh5GDj+RehhKCybYyJQ1fu4iRaNYKdPwZh
+/F6hBRLytkt1qjJhngmBmQU4Ent8GL0Zn6Q8/HvbTP/xw4VXkY9JHdMIkzH8zokd
+TVjkunPPt+zdzeMq4hOewYR8HfiKcAnNUG7eO6PnUvC2NKsqX8a7/z0OV68XybZs
+gjC1FqvMvg==
+-----END CERTIFICATE-----
diff --git a/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/dave/etc/swanctl/x509ca/strongswanCert.pem b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/dave/etc/swanctl/x509ca/strongswanCert.pem
new file mode 100644
index 000000000..29ad5b942
--- /dev/null
+++ b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/dave/etc/swanctl/x509ca/strongswanCert.pem
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEazCCAtOgAwIBAgIBADANBglghkgBZQMEAw4FADBXMQswCQYDVQQGEwJDSDEb
+MBkGA1UEChMSc3Ryb25nU3dhbiBQcm9qZWN0MQ4wDAYDVQQLEwVTSEEtMzEbMBkG
+A1UEAxMSc3Ryb25nU3dhbiBSb290IENBMB4XDTE2MDkyMjA5NDA1NVoXDTMxMDky
+MjA5NDA1NVowVzELMAkGA1UEBhMCQ0gxGzAZBgNVBAoTEnN0cm9uZ1N3YW4gUHJv
+amVjdDEOMAwGA1UECxMFU0hBLTMxGzAZBgNVBAMTEnN0cm9uZ1N3YW4gUm9vdCBD
+QTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAJpHGoOCJSiZoJhPXHqF
+XWvrY8zyGwlUCiwphOobq4nhqo2EchTuKdPvCckxtXp/pF5IJsXpptbMmNUmgN7K
+VMI/zmI9estFUZg8hn5LSMAbnm102W3xLzM6FRJWMcwe2gajg/NCww02mPsohONC
+R4nNMUgYOZdesPDmtYUKk3sr5ZNdpBL6hESBMzFYmYLBzaoeseuzra7U850tF9JU
+YfpJStBXNDz8iVPCqOkgKf1hFrPNNxtmsBW68V2ARmYNzqnaP3nLs/U43zZQiT6t
+b+zcAE1h6RGgVXjF1b1KG64J153n0YELrC2TpaF2JAGQVvzQgxoZbgiWCKt0m7wx
+Qb7P3euy8MxsMGmqHDMtztrg6AAzRKoJN56qHqdP2qExc32uu/BwfmbFv7MLxKQw
+g0VykfWBSNyx/2HMDHw79idgFpzHr2nj4CDqB6QLWtRMCWtlT8R7rlz5JlcsJY1U
+7Rlwokje9Ctj/5gToXctnLbo+j2506GLtbhxNOaH1s7GswIDAQABo0IwQDAPBgNV
+HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQU5MnNjPKIbR2n
+LtdeeTGlZlU1zgIwDQYJYIZIAWUDBAMOBQADggGBAF+Q4zABKa1ZWohHqsTgru6v
+4ru0Pnfbmg3vhlc5ur93Sd0C+fX+e+78n+0QpUNa0N9Vw54r/aF4ki0ceL4Dl4w0
+aXcDa2ozl/hksSeKwIp14W/NHTAjzP2aNpN5/dqd1DM+vojJhlcArepuVVH+NIKt
+YYUXwvsjJN9OAAKkMCbnda8gOnKMGJkVIUOTz2DOyzqd5iQ3h3zxzluP4KIya5/k
+FZV0wXy8v7phLGgbPJ5DtGuTCjao7+nF6lLkJ+/l3vPC1luB4/UbMGML4GxVwVIM
+riCepPT1I9CNuHy2qKpsEmCv8zb5pxXrxv0uIYn8MZx7VCnLuD61AOqIExTYvxv2
+Z3JbOuOsgHJeMKJbhY8r8HkktNLOeLrOW2KSilNpE915EFN0exGMC3zG4IgzRc9u
+kGGDVV9BsTkAYjQrWBuuWqxy8TCRPNpe6hnVJIQLLjE9M1V/PW3MD5ObndgT8jA3
+sMMwCxo+S11MZIcKCgnCCcGhgTLT7rFpC0hwRa6dkA==
+-----END CERTIFICATE-----
diff --git a/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/moon/etc/strongswan.conf b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/moon/etc/strongswan.conf
new file mode 100755
index 000000000..646ee0e4c
--- /dev/null
+++ b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/moon/etc/strongswan.conf
@@ -0,0 +1,14 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+swanctl {
+  load = pem pkcs1 x509 revocation constraints pubkey openssl random 
+}
+
+charon {
+  load = random nonce md5 sha1 sha2 sha3 aes hmac pem pkcs1 x509 revocation constraints pubkey gmp curl eap-tls kernel-netlink socket-default updown vici 
+
+  start-scripts {
+    creds = /usr/local/sbin/swanctl --load-creds 
+    conns = /usr/local/sbin/swanctl --load-conns
+  } 
+}
diff --git a/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/moon/etc/swanctl/rsa/moonKey.pem b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/moon/etc/swanctl/rsa/moonKey.pem
new file mode 100644
index 000000000..f24b3ebf3
--- /dev/null
+++ b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/moon/etc/swanctl/rsa/moonKey.pem
@@ -0,0 +1,39 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIG4wIBAAKCAYEAnD3x6bsLjwUP9BU0+hDSo28XBn1aM8+UO5n5XnnuQ8CDB+Mq
+pEHgNve71FBD8Gqf2dha5rfRx5HhXbw6BZMCTdUs5oxHsaOl5LGwp8W4G1BSxofV
+T7yzfnmW/+lPER2zJnXbOlVfW8UoEbsAfXpCr/edJvBu10kk1VHjrnMJIDGlNc4N
+Re06DcYSb/7AgRN6umPQr+uRzn5jFXJyROjx00gH89GzZIaNciyiYwaCZFBduByt
+UhaL8RKMA+MxWrB1ICQgE7hITZXvJJg2UuEe+t3lXMSfKoZHyU2sTBtctXan6rf/
+XmC0O3Bf7RTwoFmDvJlApgfpL1QIe8gH1hi/NukTYskm+zWYPkJAzcwCyMmyhZFY
+v0r0pybLWI1hZ8xeTr7MSbtImsvxl8mxwG7wRtWS5BKd0kke/gorCEI8AYZj33NA
+G58iX4+z745z4UNNTDg1bnjB2fTw4c0AD7TOIU76ZskhGKj4J7ZMzeQ5YXLMFRmp
+qn0p9obSqXwg62dXAgMBAAECggGAHb2g3efv5FKHXePniK5JGjkcPe0AjZo20j2V
+/UjidN0hVBAG3ut3PZ9cjqaUuB/ju7j2XLKi6QU4y/n3ZXY9Wwl4GY6cWxEWk/jK
+8rStPe3FQ+s5TItT84A7oQ0NMunfXzPR/kGf/D0ESpO5HSl3pj1RGcdsoehXbY+/
+8kYNd6Zbl2lYl3X3tgV9Hvp0NF2739z+LW5++7qNK9j0LW/WEGzGrr+9ESaXqCMc
+6hKkIWo23MQArf6Ctunb4yWNEIFEDi1r9DzMbZN/lVhDx77Q0KYLH1P31R5rOc1G
+NYXPF4F3CSfUsgd48dB2/1FCTnDJ4PmOU/R1L8jAgnSOroTAYDVzY4DJ7vyKGvIE
+DL7eKlbwOfS5swyANUKgHO6QiHt9WzcNUGpeinTa3wJ4KoAdG+lzDMuiwRFdSRRU
+z7t1ptTf2LuCAtva2daP2SPed+ITg2QB6X4BSQkqR0vPYBQIZAtFjMWH78E2PLrD
+01+LpOj8TBRerd834etDODg4ddiRAoHBAMiYg7hWfChw3SdnmAmkhDAZN80pvsUU
+bzzAiQ5EI59JYMoi/amYyLd6hUK4Z8g4gcdXzBYw9iwJuj8LMpPBZlplAxVnFdId
+23I+GNDmcX2ovOpl6skKy1grNhBigxRUQUGsS9oxrYeuy2VymDzeZPCQmrrhsXk/
+Mac237nncJj2n8I5RtDOoSOFD0+grs7MXs4P+W2HHzWgkN7mBgKeFfUPLI3Kyy3p
+F7tXegtJqIJsXlfZ/fzR40QTy7/VbwAW/wKBwQDHZVDYtYe4YoHKdwtAqs/J08QA
+29fGkM4ZawLNTY4jz9rdtOuBWg0FPAo82x21xlbRQLsaTKzy9O6a3cQ5oaKtKCh/
+XmKCssrnzJsYZYnhkP4f4VXK8nai/9LFo8TWhB8hNy62GGmfXffsqhAIqIqZA02F
+/mOfR6Wrqs7yfzYnJnVsjbR1B2zSiNAYKtk1VtQdGjuagSn/dEyhSCaQRXotXUKX
+SJDzPf/H2mj97Cg+3bCtdE/h//N1/cmV/5QEx6kCgcEAh1ua7oW1bBiUsuVNi5wu
+8sHhjJiRuS0LzsPg9/Z0zyRVorCv2IRXVK/hQl9q8Ilo0VnmRkctphO+UJI+w8Nq
+TK8CwKt55vnsvY83cac+h9uX9tdk8dpN0qX96lp/NvWPv0ADQy3oebkyWLdWESTE
+miwJrPdkqXtCByKZHzoUGbO5o/bAWWBFDdHYvhOgQb1Yb9YJqqXWInrBpxcykQuZ
+p25g0yE3rzgtomXp3boLck6r7r4TjEkZATQWddERAM+DAoHAEW4w6BDOYXbzA6Du
+ceO8sFb7vlt5fFkyOxSYtRu/fi/wYQssvy0BEGEUQAejjD1fX4F6Ga10PPTeWtli
+CuuvTdXB3IiCsgwxIpxHPpW5vOcw39aR6mDRsCQO58oOLfZ0xjGNustdiFntj1m6
+dxdMrl2UjE8VpFneCKiw2I/4SunYv/mPOd/BSpI9Jq+wNzJ07mpZpYL/Cd6/yCWH
+gXshWA/b/1+PlEPqNS1JmlDnn78/b5pIVWhLfxgFZEBoTxapAoHAY/58nLcWpvpY
+3IZC0fBuR7usTACbxr9Z4okHzJUNnoJe+MSE+wQwuE3nP+vc1CrmBSwCjN2wyVLc
+gy3idN77NthU9l0oElrPbGFKdFEaa85IcKtnfnspzmvo9AJn2wveZUAlZAzu2zBN
+vKI8ubXgoS56uHQnNsWOIugTW/P1I8FnlD4jPItaACGJ3yZWolh9g/WOGS29qJvV
+E/6hT4QPPXPZFEnOKO0/3YsMXBwcnEqm2mQ+c4rGMKrTcynk4KaE
+-----END RSA PRIVATE KEY-----
diff --git a/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/moon/etc/swanctl/swanctl.conf b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/moon/etc/swanctl/swanctl.conf
new file mode 100755
index 000000000..ec6b06bbc
--- /dev/null
+++ b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/moon/etc/swanctl/swanctl.conf
@@ -0,0 +1,26 @@
+connections {
+
+   rw {
+      local_addrs  = 192.168.0.1
+
+      local {
+         auth = eap-tls 
+         certs = moonCert.pem
+         id = moon.strongswan.org
+      }
+      remote {
+         auth = eap-tls 
+      }
+      children {
+         net {
+            local_ts  = 10.1.0.0/16 
+
+            updown = /usr/local/libexec/ipsec/_updown iptables
+            esp_proposals = aes128gcm128-modp3072
+         }
+      }
+      version = 2
+      send_certreq = no
+      proposals = aes128-sha256-modp3072
+   }
+}
diff --git a/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/moon/etc/swanctl/x509/moonCert.pem b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/moon/etc/swanctl/x509/moonCert.pem
new file mode 100644
index 000000000..bea7e81f8
--- /dev/null
+++ b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/moon/etc/swanctl/x509/moonCert.pem
@@ -0,0 +1,28 @@
+-----BEGIN CERTIFICATE-----
+MIIEyDCCAzCgAwIBAgIBAjANBglghkgBZQMEAw4FADBXMQswCQYDVQQGEwJDSDEb
+MBkGA1UEChMSc3Ryb25nU3dhbiBQcm9qZWN0MQ4wDAYDVQQLEwVTSEEtMzEbMBkG
+A1UEAxMSc3Ryb25nU3dhbiBSb290IENBMB4XDTE2MDkyMjEwMzU0N1oXDTI2MDky
+MjEwMzU0N1owWDELMAkGA1UEBhMCQ0gxGzAZBgNVBAoTEnN0cm9uZ1N3YW4gUHJv
+amVjdDEOMAwGA1UECxMFU0hBLTMxHDAaBgNVBAMTE21vb24uc3Ryb25nc3dhbi5v
+cmcwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCcPfHpuwuPBQ/0FTT6
+ENKjbxcGfVozz5Q7mfleee5DwIMH4yqkQeA297vUUEPwap/Z2Frmt9HHkeFdvDoF
+kwJN1SzmjEexo6XksbCnxbgbUFLGh9VPvLN+eZb/6U8RHbMmdds6VV9bxSgRuwB9
+ekKv950m8G7XSSTVUeOucwkgMaU1zg1F7ToNxhJv/sCBE3q6Y9Cv65HOfmMVcnJE
+6PHTSAfz0bNkho1yLKJjBoJkUF24HK1SFovxEowD4zFasHUgJCATuEhNle8kmDZS
+4R763eVcxJ8qhkfJTaxMG1y1dqfqt/9eYLQ7cF/tFPCgWYO8mUCmB+kvVAh7yAfW
+GL826RNiySb7NZg+QkDNzALIybKFkVi/SvSnJstYjWFnzF5OvsxJu0iay/GXybHA
+bvBG1ZLkEp3SSR7+CisIQjwBhmPfc0AbnyJfj7PvjnPhQ01MODVueMHZ9PDhzQAP
+tM4hTvpmySEYqPgntkzN5DlhcswVGamqfSn2htKpfCDrZ1cCAwEAAaOBnTCBmjAf
+BgNVHSMEGDAWgBTkyc2M8ohtHacu1155MaVmVTXOAjAeBgNVHREEFzAVghNtb29u
+LnN0cm9uZ3N3YW4ub3JnMBMGA1UdJQQMMAoGCCsGAQUFBwMBMEIGA1UdHwQ7MDkw
+N6A1oDOGMWh0dHA6Ly9jcmwuc3Ryb25nc3dhbi5vcmcvc3Ryb25nc3dhbi1zaGEz
+LXJzYS5jcmwwDQYJYIZIAWUDBAMOBQADggGBAAHZATrdzGmUIq+0+EdA1AbPdcaT
+UDKJvDS30JyOkUnAv5jr63PHyfw+RS92zgE2UyB4+u43BiggBNmTNCjpaEUmViAo
+tdywkzIKm7q3dr0078IZ8LU8Wo+hoeRNkBJOxdgflsSislQYDeTd7syoQ4BW7whs
+jjFK2Lbthd+/33Iw3LMekYuZF7ZUbHY7D3nlBidrmTIQQCvOnsW2lJi/S83FEYzl
+noK+of3eo4Ryg1/428FHts26PxSmnHv+ckj9R4Jf5kH8kd1WhrgDyHQMnihWlUJ2
+pintDBgislbZytqiBOGeYpbpxKl57zHs421wmUs329asu7zgfJFnCynkUgvuRXdc
+gDJ+DAiVaXCJlYnk36P87028SR9/C0JLzHA3O5CcfUdFEUs0BvVe1D3b9kC28rdA
+5V86DFCL+gp6rB+wDtq6YnCddaNk+ZCs/QAPidqOFAytaBBKaagMIFk+wlsFge79
+ZssIfKy33Frluw0HCj0LNs2tjWvG4Ku8xkFO1Q==
+-----END CERTIFICATE-----
diff --git a/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/moon/etc/swanctl/x509ca/strongswanCert.pem b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/moon/etc/swanctl/x509ca/strongswanCert.pem
new file mode 100644
index 000000000..29ad5b942
--- /dev/null
+++ b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/moon/etc/swanctl/x509ca/strongswanCert.pem
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEazCCAtOgAwIBAgIBADANBglghkgBZQMEAw4FADBXMQswCQYDVQQGEwJDSDEb
+MBkGA1UEChMSc3Ryb25nU3dhbiBQcm9qZWN0MQ4wDAYDVQQLEwVTSEEtMzEbMBkG
+A1UEAxMSc3Ryb25nU3dhbiBSb290IENBMB4XDTE2MDkyMjA5NDA1NVoXDTMxMDky
+MjA5NDA1NVowVzELMAkGA1UEBhMCQ0gxGzAZBgNVBAoTEnN0cm9uZ1N3YW4gUHJv
+amVjdDEOMAwGA1UECxMFU0hBLTMxGzAZBgNVBAMTEnN0cm9uZ1N3YW4gUm9vdCBD
+QTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAJpHGoOCJSiZoJhPXHqF
+XWvrY8zyGwlUCiwphOobq4nhqo2EchTuKdPvCckxtXp/pF5IJsXpptbMmNUmgN7K
+VMI/zmI9estFUZg8hn5LSMAbnm102W3xLzM6FRJWMcwe2gajg/NCww02mPsohONC
+R4nNMUgYOZdesPDmtYUKk3sr5ZNdpBL6hESBMzFYmYLBzaoeseuzra7U850tF9JU
+YfpJStBXNDz8iVPCqOkgKf1hFrPNNxtmsBW68V2ARmYNzqnaP3nLs/U43zZQiT6t
+b+zcAE1h6RGgVXjF1b1KG64J153n0YELrC2TpaF2JAGQVvzQgxoZbgiWCKt0m7wx
+Qb7P3euy8MxsMGmqHDMtztrg6AAzRKoJN56qHqdP2qExc32uu/BwfmbFv7MLxKQw
+g0VykfWBSNyx/2HMDHw79idgFpzHr2nj4CDqB6QLWtRMCWtlT8R7rlz5JlcsJY1U
+7Rlwokje9Ctj/5gToXctnLbo+j2506GLtbhxNOaH1s7GswIDAQABo0IwQDAPBgNV
+HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQU5MnNjPKIbR2n
+LtdeeTGlZlU1zgIwDQYJYIZIAWUDBAMOBQADggGBAF+Q4zABKa1ZWohHqsTgru6v
+4ru0Pnfbmg3vhlc5ur93Sd0C+fX+e+78n+0QpUNa0N9Vw54r/aF4ki0ceL4Dl4w0
+aXcDa2ozl/hksSeKwIp14W/NHTAjzP2aNpN5/dqd1DM+vojJhlcArepuVVH+NIKt
+YYUXwvsjJN9OAAKkMCbnda8gOnKMGJkVIUOTz2DOyzqd5iQ3h3zxzluP4KIya5/k
+FZV0wXy8v7phLGgbPJ5DtGuTCjao7+nF6lLkJ+/l3vPC1luB4/UbMGML4GxVwVIM
+riCepPT1I9CNuHy2qKpsEmCv8zb5pxXrxv0uIYn8MZx7VCnLuD61AOqIExTYvxv2
+Z3JbOuOsgHJeMKJbhY8r8HkktNLOeLrOW2KSilNpE915EFN0exGMC3zG4IgzRc9u
+kGGDVV9BsTkAYjQrWBuuWqxy8TCRPNpe6hnVJIQLLjE9M1V/PW3MD5ObndgT8jA3
+sMMwCxo+S11MZIcKCgnCCcGhgTLT7rFpC0hwRa6dkA==
+-----END CERTIFICATE-----
diff --git a/testing/tests/swanctl/rw-eap-tls-sha3-rsa/posttest.dat b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/posttest.dat
new file mode 100755
index 000000000..d7107ccc6
--- /dev/null
+++ b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/posttest.dat
@@ -0,0 +1,8 @@
+carol::swanctl --terminate --ike home
+dave::swanctl --terminate --ike home
+carol::service charon stop 2> /dev/null
+dave::service charon stop 2> /dev/null
+moon::service charon stop 2> /dev/null
+moon::iptables-restore < /etc/iptables.flush
+carol::iptables-restore < /etc/iptables.flush
+dave::iptables-restore < /etc/iptables.flush
diff --git a/testing/tests/swanctl/rw-eap-tls-sha3-rsa/pretest.dat b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/pretest.dat
new file mode 100755
index 000000000..762c35418
--- /dev/null
+++ b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/pretest.dat
@@ -0,0 +1,11 @@
+moon::iptables-restore < /etc/iptables.rules
+carol::iptables-restore < /etc/iptables.rules
+dave::iptables-restore < /etc/iptables.rules
+moon::service charon start 2> /dev/null
+carol::service charon start 2> /dev/null
+dave::service charon start 2> /dev/null
+moon::expect-connection rw
+carol::expect-connection home
+carol::swanctl --initiate --child home 2> /dev/null
+dave::expect-connection home
+dave::swanctl --initiate --child home 2> /dev/null
diff --git a/testing/tests/swanctl/rw-eap-tls-sha3-rsa/test.conf b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/test.conf
new file mode 100755
index 000000000..1227b9d1c
--- /dev/null
+++ b/testing/tests/swanctl/rw-eap-tls-sha3-rsa/test.conf
@@ -0,0 +1,25 @@
+#!/bin/bash
+#
+# This configuration file provides information on the
+# guest instances used for this test
+
+# All guest instances that are required for this test
+#
+VIRTHOSTS="alice moon carol winnetou dave"
+
+# Corresponding block diagram
+#
+DIAGRAM="a-m-c-w-d.png"
+
+# Guest instances on which tcpdump is to be started
+#
+TCPDUMPHOSTS="moon"
+
+# Guest instances on which IPsec is started
+# Used for IPsec logging purposes
+#
+IPSECHOSTS="moon carol dave"
+
+# charon controlled by swanctl
+#
+SWANCTL=1