| Gilles Peskine | fd14bca | 2017-05-11 17:57:22 +0200 | [diff] [blame] | 1 | ## This file contains a record of how some of the test data was | 
|  | 2 | ## generated. The final build products are committed to the repository | 
|  | 3 | ## as well to make sure that the test data is identical. You do not | 
|  | 4 | ## need to use this makefile unless you're extending mbed TLS's tests. | 
| Gilles Peskine | f040a17 | 2017-05-05 18:56:12 +0200 | [diff] [blame] | 5 |  | 
| Gilles Peskine | fd14bca | 2017-05-11 17:57:22 +0200 | [diff] [blame] | 6 | ## Many data files were generated prior to the existence of this | 
|  | 7 | ## makefile, so the method of their generation was not recorded. | 
| Gilles Peskine | f040a17 | 2017-05-05 18:56:12 +0200 | [diff] [blame] | 8 |  | 
| Gilles Peskine | fd14bca | 2017-05-11 17:57:22 +0200 | [diff] [blame] | 9 | ## Note that in addition to depending on the version of the data | 
|  | 10 | ## generation tool, many of the build outputs are randomized, so | 
|  | 11 | ## running this makefile twice would not produce the same results. | 
|  | 12 |  | 
|  | 13 | ## Tools | 
|  | 14 | OPENSSL ?= openssl | 
|  | 15 |  | 
|  | 16 | ## Build the generated test data. Note that since the final outputs | 
|  | 17 | ## are committed to the repository, this target should do nothing on a | 
|  | 18 | ## fresh checkout. Furthermore, since the generation is randomized, | 
|  | 19 | ## re-running the same targets may result in differing files. The goal | 
|  | 20 | ## of this makefile is primarily to serve as a record of how the | 
|  | 21 | ## targets were generated in the first place. | 
| Gilles Peskine | f040a17 | 2017-05-05 18:56:12 +0200 | [diff] [blame] | 22 | default: all_final | 
|  | 23 |  | 
|  | 24 | all_intermediate := # temporary files | 
|  | 25 | all_final := # files used by tests | 
|  | 26 |  | 
| Gilles Peskine | fd14bca | 2017-05-11 17:57:22 +0200 | [diff] [blame] | 27 |  | 
|  | 28 |  | 
|  | 29 | ################################################################ | 
|  | 30 | #### Generate certificates from existing keys | 
|  | 31 | ################################################################ | 
|  | 32 |  | 
|  | 33 | test_ca_key_file_rsa = test-ca.key | 
|  | 34 | test_ca_pwd_rsa = PolarSSLTest | 
|  | 35 | test_ca_config_file = test-ca.opensslconf | 
|  | 36 |  | 
| Gilles Peskine | f040a17 | 2017-05-05 18:56:12 +0200 | [diff] [blame] | 37 | test-ca.csr: $(test_ca_key_file_rsa) $(test_ca_config_file) | 
|  | 38 | $(OPENSSL) req -new -config $(test_ca_config_file) -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test CA" -out $@ | 
|  | 39 | all_intermediate += test-ca.csr | 
|  | 40 | test-ca-sha1.crt: $(test_ca_key_file_rsa) $(test_ca_config_file) test-ca.csr | 
|  | 41 | $(OPENSSL) req -x509 -config $(test_ca_config_file) -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 0 -days 3653 -sha1 -in test-ca.csr -out $@ | 
|  | 42 | all_final += test-ca-sha1.crt | 
|  | 43 | test-ca-sha256.crt: $(test_ca_key_file_rsa) $(test_ca_config_file) test-ca.csr | 
|  | 44 | $(OPENSSL) req -x509 -config $(test_ca_config_file) -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 0 -days 3653 -sha256 -in test-ca.csr -out $@ | 
|  | 45 | all_final += test-ca-sha256.crt | 
|  | 46 |  | 
| Gilles Peskine | fd14bca | 2017-05-11 17:57:22 +0200 | [diff] [blame] | 47 | cli_crt_key_file_rsa = cli-rsa.key | 
|  | 48 | cli_crt_extensions_file = cli.opensslconf | 
|  | 49 |  | 
| Gilles Peskine | f040a17 | 2017-05-05 18:56:12 +0200 | [diff] [blame] | 50 | cli-rsa.csr: $(cli_crt_key_file_rsa) | 
|  | 51 | $(OPENSSL) req -new -key $(cli_crt_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -subj "/C=NL/O=PolarSSL/CN=PolarSSL Client 2" -out $@ | 
|  | 52 | all_intermediate += cli-rsa.csr | 
|  | 53 | cli-rsa-sha1.crt: $(cli_crt_key_file_rsa) test-ca-sha1.crt cli-rsa.csr | 
|  | 54 | $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa -CA test-ca-sha1.crt -CAkey $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 4 -days 3653 -sha1 -in cli-rsa.csr -out $@ | 
|  | 55 | all_final += cli-rsa-sha1.crt | 
|  | 56 | cli-rsa-sha256.crt: $(cli_crt_key_file_rsa) test-ca-sha256.crt cli-rsa.csr | 
|  | 57 | $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa -CA test-ca-sha256.crt -CAkey $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 4 -days 3653 -sha256 -in cli-rsa.csr -out $@ | 
|  | 58 | all_final += cli-rsa-sha256.crt | 
|  | 59 |  | 
| Gilles Peskine | bc70a18 | 2017-05-09 15:59:24 +0200 | [diff] [blame] | 60 | server2-rsa.csr: server2.key | 
|  | 61 | $(OPENSSL) req -new -key server2.key -passin "pass:$(test_ca_pwd_rsa)" -subj "/C=NL/O=PolarSSL/CN=localhost" -out $@ | 
|  | 62 | all_intermediate += server2-rsa.csr | 
|  | 63 | server2-sha256.crt: server2-rsa.csr | 
|  | 64 | $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa -CA test-ca-sha256.crt -CAkey $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 4 -days 3653 -sha256 -in server2-rsa.csr -out $@ | 
|  | 65 | all_final += server2-sha256.crt | 
|  | 66 |  | 
| Hanno Becker | d16f612 | 2017-09-05 09:23:50 +0100 | [diff] [blame] | 67 | ################################################################ | 
|  | 68 | #### Generate various RSA keys | 
|  | 69 | ################################################################ | 
| Gilles Peskine | bc70a18 | 2017-05-09 15:59:24 +0200 | [diff] [blame] | 70 |  | 
| Hanno Becker | d16f612 | 2017-09-05 09:23:50 +0100 | [diff] [blame] | 71 | ### Password used for PKCS1-encoded encrypted RSA keys | 
|  | 72 | keys_rsa_basic_pwd = testkey | 
|  | 73 |  | 
|  | 74 | ### Password used for PKCS8-encoded encrypted RSA keys | 
|  | 75 | keys_rsa_pkcs8_pwd = PolarSSLTest | 
|  | 76 |  | 
|  | 77 | ### Basic 1024-, 2048- and 4096-bit unencrypted RSA keys from which | 
|  | 78 | ### all other encrypted RSA keys are derived. | 
|  | 79 | keyfile: | 
|  | 80 | $(OPENSSL) genrsa -out $@ 1024 | 
|  | 81 | keyfile_2048: | 
|  | 82 | $(OPENSSL) genrsa -out $@ 2048 | 
|  | 83 | keyfile_4096: | 
|  | 84 | $(OPENSSL) genrsa -out $@ 4096 | 
|  | 85 |  | 
|  | 86 | ### | 
|  | 87 | ### PKCS1-encoded, encrypted RSA keys | 
|  | 88 | ### | 
|  | 89 |  | 
|  | 90 | ### 1024-bit | 
|  | 91 | keyfile.des: keyfile | 
|  | 92 | $(OPENSSL) rsa -des -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" | 
|  | 93 | keyfile.3des: keyfile | 
|  | 94 | $(OPENSSL) rsa -des3 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" | 
|  | 95 | keyfile.aes128: keyfile | 
|  | 96 | $(OPENSSL) rsa -aes128 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" | 
|  | 97 | keyfile.aes192: keyfile | 
|  | 98 | $(OPENSSL) rsa -aes192 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" | 
|  | 99 | keyfile.aes256: keyfile | 
|  | 100 | $(OPENSSL) rsa -aes256 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" | 
|  | 101 | keys_rsa_enc_basic_1024: keyfile.des keyfile.3des keyfile.aes128 keyfile.aes192 keyfile.aes256 | 
|  | 102 |  | 
|  | 103 | # 2048-bit | 
|  | 104 | keyfile_2048.des: keyfile_2048 | 
|  | 105 | $(OPENSSL) rsa -des -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" | 
|  | 106 | keyfile_2048.3des: keyfile_2048 | 
|  | 107 | $(OPENSSL) rsa -des3 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" | 
|  | 108 | keyfile_2048.aes128: keyfile_2048 | 
|  | 109 | $(OPENSSL) rsa -aes128 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" | 
|  | 110 | keyfile_2048.aes192: keyfile_2048 | 
|  | 111 | $(OPENSSL) rsa -aes192 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" | 
|  | 112 | keyfile_2048.aes256: keyfile_2048 | 
|  | 113 | $(OPENSSL) rsa -aes256 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" | 
|  | 114 | keys_rsa_enc_basic_2048: keyfile_2048.des keyfile_2048.3des keyfile_2048.aes128 keyfile_2048.aes192 keyfile_2048.aes256 | 
|  | 115 |  | 
|  | 116 | # 4096-bit | 
|  | 117 | keyfile_4096.des: keyfile_4096 | 
|  | 118 | $(OPENSSL) rsa -des -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" | 
|  | 119 | keyfile_4096.3des: keyfile_4096 | 
|  | 120 | $(OPENSSL) rsa -des3 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" | 
|  | 121 | keyfile_4096.aes128: keyfile_4096 | 
|  | 122 | $(OPENSSL) rsa -aes128 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" | 
|  | 123 | keyfile_4096.aes192: keyfile_4096 | 
|  | 124 | $(OPENSSL) rsa -aes192 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" | 
|  | 125 | keyfile_4096.aes256: keyfile_4096 | 
|  | 126 | $(OPENSSL) rsa -aes256 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)" | 
|  | 127 | keys_rsa_enc_basic_4096: keyfile_4096.des keyfile_4096.3des keyfile_4096.aes128 keyfile_4096.aes192 keyfile_4096.aes256 | 
|  | 128 |  | 
|  | 129 | ### | 
|  | 130 | ### PKCS8-v1 encoded, encrypted RSA keys | 
|  | 131 | ### | 
|  | 132 |  | 
|  | 133 | ### 1024-bit | 
|  | 134 | pkcs8_pbe_sha1_3des.der: keyfile | 
|  | 135 | $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES | 
|  | 136 | pkcs8_pbe_sha1_3des.key: keyfile | 
|  | 137 | $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES | 
|  | 138 | keys_rsa_enc_pkcs8_v1_1024_3des: pkcs8_pbe_sha1_3des.key pkcs8_pbe_sha1_3des.der | 
|  | 139 |  | 
|  | 140 | pkcs8_pbe_sha1_2des.der: keyfile | 
|  | 141 | $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES | 
|  | 142 | pkcs8_pbe_sha1_2des.key: keyfile | 
|  | 143 | $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES | 
|  | 144 | keys_rsa_enc_pkcs8_v1_1024_2des: pkcs8_pbe_sha1_2des.key pkcs8_pbe_sha1_2des.der | 
|  | 145 |  | 
|  | 146 | pkcs8_pbe_sha1_rc4_128.der: keyfile | 
|  | 147 | $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128 | 
|  | 148 | pkcs8_pbe_sha1_rc4_128.key: keyfile | 
|  | 149 | $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128 | 
|  | 150 | keys_rsa_enc_pkcs8_v1_1024_rc4_128: pkcs8_pbe_sha1_rc4_128.key pkcs8_pbe_sha1_rc4_128.der | 
|  | 151 |  | 
|  | 152 | keys_rsa_enc_pkcs8_v1_1024: keys_rsa_enc_pkcs8_v1_1024_3des keys_rsa_enc_pkcs8_v1_1024_2des keys_rsa_enc_pkcs8_v1_1024_rc4_128 | 
|  | 153 |  | 
|  | 154 | ### 2048-bit | 
|  | 155 | pkcs8_pbe_sha1_3des_2048.der: keyfile_2048 | 
|  | 156 | $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES | 
|  | 157 | pkcs8_pbe_sha1_3des_2048.key: keyfile_2048 | 
|  | 158 | $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES | 
|  | 159 | keys_rsa_enc_pkcs8_v1_2048_3des: pkcs8_pbe_sha1_3des_2048.key pkcs8_pbe_sha1_3des_2048.der | 
|  | 160 |  | 
|  | 161 | pkcs8_pbe_sha1_2des_2048.der: keyfile_2048 | 
|  | 162 | $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES | 
|  | 163 | pkcs8_pbe_sha1_2des_2048.key: keyfile_2048 | 
|  | 164 | $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES | 
|  | 165 | keys_rsa_enc_pkcs8_v1_2048_2des: pkcs8_pbe_sha1_2des_2048.key pkcs8_pbe_sha1_2des_2048.der | 
|  | 166 |  | 
|  | 167 | pkcs8_pbe_sha1_rc4_128_2048.der: keyfile_2048 | 
|  | 168 | $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128 | 
|  | 169 | pkcs8_pbe_sha1_rc4_128_2048.key: keyfile_2048 | 
|  | 170 | $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128 | 
|  | 171 | keys_rsa_enc_pkcs8_v1_2048_rc4_128: pkcs8_pbe_sha1_rc4_128_2048.key pkcs8_pbe_sha1_rc4_128_2048.der | 
|  | 172 |  | 
|  | 173 | keys_rsa_enc_pkcs8_v1_2048: keys_rsa_enc_pkcs8_v1_2048_3des keys_rsa_enc_pkcs8_v1_2048_2des keys_rsa_enc_pkcs8_v1_2048_rc4_128 | 
|  | 174 |  | 
|  | 175 | ### 4096-bit | 
|  | 176 | pkcs8_pbe_sha1_3des_4096.der: keyfile_4096 | 
|  | 177 | $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES | 
|  | 178 | pkcs8_pbe_sha1_3des_4096.key: keyfile_4096 | 
|  | 179 | $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES | 
|  | 180 | keys_rsa_enc_pkcs8_v1_4096_3des: pkcs8_pbe_sha1_3des_4096.key pkcs8_pbe_sha1_3des_4096.der | 
|  | 181 |  | 
|  | 182 | pkcs8_pbe_sha1_2des_4096.der: keyfile_4096 | 
|  | 183 | $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES | 
|  | 184 | pkcs8_pbe_sha1_2des_4096.key: keyfile_4096 | 
|  | 185 | $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES | 
|  | 186 | keys_rsa_enc_pkcs8_v1_4096_2des: pkcs8_pbe_sha1_2des_4096.key pkcs8_pbe_sha1_2des_4096.der | 
|  | 187 |  | 
|  | 188 | pkcs8_pbe_sha1_rc4_128_4096.der: keyfile_4096 | 
|  | 189 | $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128 | 
|  | 190 | pkcs8_pbe_sha1_rc4_128_4096.key: keyfile_4096 | 
|  | 191 | $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128 | 
|  | 192 | keys_rsa_enc_pkcs8_v1_4096_rc4_128: pkcs8_pbe_sha1_rc4_128_4096.key pkcs8_pbe_sha1_rc4_128_4096.der | 
|  | 193 |  | 
|  | 194 | keys_rsa_enc_pkcs8_v1_4096: keys_rsa_enc_pkcs8_v1_4096_3des keys_rsa_enc_pkcs8_v1_4096_2des keys_rsa_enc_pkcs8_v1_4096_rc4_128 | 
|  | 195 |  | 
|  | 196 | ### | 
|  | 197 | ### PKCS8-v2 encoded, encrypted RSA keys | 
|  | 198 | ### | 
|  | 199 |  | 
|  | 200 | ### 1024-bit | 
|  | 201 | pkcs8_pbes2_pbkdf2_3des.der: keyfile | 
|  | 202 | $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" | 
|  | 203 | pkcs8_pbes2_pbkdf2_3des.key: keyfile | 
|  | 204 | $(OPENSSL) pkcs8  -topk8 -v2 des3 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" | 
|  | 205 | keys_rsa_enc_pkcs8_v2_1024_3des: pkcs8_pbes2_pbkdf2_3des.der pkcs8_pbes2_pbkdf2_3des.key | 
|  | 206 |  | 
|  | 207 | pkcs8_pbes2_pbkdf2_des.der: keyfile | 
|  | 208 | $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" | 
|  | 209 | pkcs8_pbes2_pbkdf2_des.key: keyfile | 
|  | 210 | $(OPENSSL) pkcs8  -topk8 -v2 des -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" | 
|  | 211 | keys_rsa_enc_pkcs8_v2_1024_des: pkcs8_pbes2_pbkdf2_des.der pkcs8_pbes2_pbkdf2_des.key | 
|  | 212 |  | 
|  | 213 | keys_rsa_enc_pkcs8_v2_1024: keys_rsa_enc_pkcs8_v2_1024_3des keys_rsa_enc_pkcs8_v2_1024_des | 
|  | 214 |  | 
|  | 215 | ### 2048-bit | 
|  | 216 | pkcs8_pbes2_pbkdf2_3des_2048.der: keyfile_2048 | 
|  | 217 | $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" | 
|  | 218 | pkcs8_pbes2_pbkdf2_3des_2048.key: keyfile_2048 | 
|  | 219 | $(OPENSSL) pkcs8  -topk8 -v2 des3 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" | 
|  | 220 | keys_rsa_enc_pkcs8_v2_2048_3des: pkcs8_pbes2_pbkdf2_3des_2048.der pkcs8_pbes2_pbkdf2_3des_2048.key | 
|  | 221 |  | 
|  | 222 | pkcs8_pbes2_pbkdf2_des_2048.der: keyfile_2048 | 
|  | 223 | $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" | 
|  | 224 | pkcs8_pbes2_pbkdf2_des_2048.key: keyfile_2048 | 
|  | 225 | $(OPENSSL) pkcs8  -topk8 -v2 des -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" | 
|  | 226 | keys_rsa_enc_pkcs8_v2_2048_des: pkcs8_pbes2_pbkdf2_des_2048.der pkcs8_pbes2_pbkdf2_des_2048.key | 
|  | 227 |  | 
|  | 228 | keys_rsa_enc_pkcs8_v2_2048: keys_rsa_enc_pkcs8_v2_2048_3des keys_rsa_enc_pkcs8_v2_2048_des | 
|  | 229 |  | 
|  | 230 | ### 4096-bit | 
|  | 231 | pkcs8_pbes2_pbkdf2_3des_4096.der: keyfile_4096 | 
|  | 232 | $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" | 
|  | 233 | pkcs8_pbes2_pbkdf2_3des_4096.key: keyfile_4096 | 
|  | 234 | $(OPENSSL) pkcs8  -topk8 -v2 des3 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" | 
|  | 235 | keys_rsa_enc_pkcs8_v2_4096_3des: pkcs8_pbes2_pbkdf2_3des_4096.der pkcs8_pbes2_pbkdf2_3des_4096.key | 
|  | 236 |  | 
|  | 237 | pkcs8_pbes2_pbkdf2_des_4096.der: keyfile_4096 | 
|  | 238 | $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" | 
|  | 239 | pkcs8_pbes2_pbkdf2_des_4096.key: keyfile_4096 | 
|  | 240 | $(OPENSSL) pkcs8  -topk8 -v2 des -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" | 
|  | 241 | keys_rsa_enc_pkcs8_v2_4096_des: pkcs8_pbes2_pbkdf2_des_4096.der pkcs8_pbes2_pbkdf2_des_4096.key | 
|  | 242 |  | 
|  | 243 | keys_rsa_enc_pkcs8_v2_4096: keys_rsa_enc_pkcs8_v2_4096_3des keys_rsa_enc_pkcs8_v2_4096_des | 
|  | 244 |  | 
|  | 245 | ### | 
|  | 246 | ### Rules to generate all RSA keys from a particular class | 
|  | 247 | ### | 
|  | 248 |  | 
|  | 249 | ### Generate basic unencrypted RSA keys | 
|  | 250 | keys_rsa_unenc: keyfile keyfile_2048 keyfile_4096 | 
|  | 251 |  | 
|  | 252 | ### Generate PKCS1-encoded encrypted RSA keys | 
|  | 253 | keys_rsa_enc_basic: keys_rsa_enc_basic_1024 keys_rsa_enc_basic_2048 keys_rsa_enc_basic_4096 | 
|  | 254 |  | 
|  | 255 | ### Generate PKCS8-v1 encrypted RSA keys | 
|  | 256 | keys_rsa_enc_pkcs8_v1: keys_rsa_enc_pkcs8_v1_1024 keys_rsa_enc_pkcs8_v1_2048 keys_rsa_enc_pkcs8_v1_4096 | 
|  | 257 |  | 
|  | 258 | ### Generate PKCS8-v2 encrypted RSA keys | 
|  | 259 | keys_rsa_enc_pkcs8_v2: keys_rsa_enc_pkcs8_v2_1024 keys_rsa_enc_pkcs8_v2_2048 keys_rsa_enc_pkcs8_v2_4096 | 
|  | 260 |  | 
|  | 261 | ### Generate all RSA keys | 
|  | 262 | keys_rsa_all: keys_rsa_unenc keys_rsa_enc_basic keys_rsa_enc_pkcs8_v1 keys_rsa_enc_pkcs8_v2 | 
|  | 263 |  | 
|  | 264 | all_final += keys_rsa_all | 
| Gilles Peskine | fd14bca | 2017-05-11 17:57:22 +0200 | [diff] [blame] | 265 |  | 
|  | 266 | ################################################################ | 
|  | 267 | #### Meta targets | 
|  | 268 | ################################################################ | 
|  | 269 |  | 
| Gilles Peskine | f040a17 | 2017-05-05 18:56:12 +0200 | [diff] [blame] | 270 | all_final: $(all_final) | 
|  | 271 | all: $(all_intermediate) $(all_final) | 
|  | 272 |  | 
| Gilles Peskine | fd14bca | 2017-05-11 17:57:22 +0200 | [diff] [blame] | 273 | .PHONY: default all_final all | 
|  | 274 |  | 
| Gilles Peskine | f040a17 | 2017-05-05 18:56:12 +0200 | [diff] [blame] | 275 | # These files should not be committed to the repository. | 
|  | 276 | list_intermediate: | 
|  | 277 | @printf '%s\n' $(all_intermediate) | sort | 
|  | 278 | # These files should be committed to the repository so that the test data is | 
|  | 279 | # available upon checkout without running a randomized process depending on | 
|  | 280 | # third-party tools. | 
|  | 281 | list_final: | 
|  | 282 | @printf '%s\n' $(all_final) | sort | 
| Gilles Peskine | fd14bca | 2017-05-11 17:57:22 +0200 | [diff] [blame] | 283 | .PHONY: list_intermediate list_final | 
| Gilles Peskine | f040a17 | 2017-05-05 18:56:12 +0200 | [diff] [blame] | 284 |  | 
| Gilles Peskine | fd14bca | 2017-05-11 17:57:22 +0200 | [diff] [blame] | 285 | ## Remove intermediate files | 
| Gilles Peskine | f040a17 | 2017-05-05 18:56:12 +0200 | [diff] [blame] | 286 | clean: | 
|  | 287 | rm -f $(all_intermediate) | 
| Gilles Peskine | fd14bca | 2017-05-11 17:57:22 +0200 | [diff] [blame] | 288 | ## Remove all build products, even the ones that are committed | 
| Gilles Peskine | f040a17 | 2017-05-05 18:56:12 +0200 | [diff] [blame] | 289 | neat: clean | 
|  | 290 | rm -f $(all_final) | 
| Gilles Peskine | fd14bca | 2017-05-11 17:57:22 +0200 | [diff] [blame] | 291 | .PHONY: clean neat |