TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 18035635727e165a978e8fd5506fb4e48c7821ac / . / tests / data_files / Makefile
blob: 78de76db5bc32129c678a83ad9205bd486c847cd [file] [log] [blame]
Gilles Peskinefd14bca2017-05-11 17:57:22 +0200[diff] [blame]1## This file contains a record of how some of the test data was
2## generated. The final build products are committed to the repository
3## as well to make sure that the test data is identical. You do not
4## need to use this makefile unless you're extending mbed TLS's tests.
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]5
Gilles Peskinefd14bca2017-05-11 17:57:22 +0200[diff] [blame]6## Many data files were generated prior to the existence of this
7## makefile, so the method of their generation was not recorded.
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]8
Gilles Peskinefd14bca2017-05-11 17:57:22 +0200[diff] [blame]9## Note that in addition to depending on the version of the data
10## generation tool, many of the build outputs are randomized, so
11## running this makefile twice would not produce the same results.
12
13## Tools
14OPENSSL ?= openssl
Manuel Pégourié-Gonnard29d60fb2017-06-05 10:20:32 +0200[diff] [blame]15FAKETIME ?= faketime
Gilles Peskined1ff7572020-08-21 19:47:22 +0200[diff] [blame]16
Gilles Peskine18035632020-09-24 16:36:04 +0200[diff] [blame^]17TOP_DIR = ../..
Gilles Peskined1ff7572020-08-21 19:47:22 +0200[diff] [blame]18MBEDTLS_CERT_WRITE ?= $(TOP_DIR)/programs/x509/cert_write
19MBEDTLS_CERT_REQ ?= $(TOP_DIR)/programs/x509/cert_req
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]20
Gilles Peskinefd14bca2017-05-11 17:57:22 +0200[diff] [blame]21
22## Build the generated test data. Note that since the final outputs
23## are committed to the repository, this target should do nothing on a
24## fresh checkout. Furthermore, since the generation is randomized,
25## re-running the same targets may result in differing files. The goal
26## of this makefile is primarily to serve as a record of how the
27## targets were generated in the first place.
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]28default: all_final
29
30all_intermediate := # temporary files
31all_final := # files used by tests
32
Gilles Peskinefd14bca2017-05-11 17:57:22 +0200[diff] [blame]33
34
35################################################################
36#### Generate certificates from existing keys
37################################################################
38
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]39test_ca_crt = test-ca.crt
Gilles Peskinefd14bca2017-05-11 17:57:22 +0200[diff] [blame]40test_ca_key_file_rsa = test-ca.key
41test_ca_pwd_rsa = PolarSSLTest
42test_ca_config_file = test-ca.opensslconf
43
Hanno Beckerb8377752018-10-31 15:29:19 +0000[diff] [blame]44test-ca.req.sha256: $(test_ca_key_file_rsa)
45 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$(test_ca_key_file_rsa) password=$(test_ca_pwd_rsa) subject_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" md=SHA256
46all_intermediate += test-ca.req.sha256
47
48test-ca.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
Ron Eldor9eeb8612019-02-12 15:03:42 +0200[diff] [blame]49 $(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA1 version=3 output_file=$@
Hanno Beckere21387e2019-03-12 16:49:26 +0000[diff] [blame]50all_final += test-ca.crt
51
52test-ca.crt.der: test-ca.crt
Hanno Becker462c3e52019-01-31 10:55:42 +0000[diff] [blame]53 $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
Hanno Beckere21387e2019-03-12 16:49:26 +0000[diff] [blame]54all_final += test-ca.crt.der
55
56test-ca.key.der: $(test_ca_key_file_rsa)
57 $(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER -passin "pass:$(test_ca_pwd_rsa)"
58all_final += test-ca.key.der
Hanno Beckerb8377752018-10-31 15:29:19 +0000[diff] [blame]59
60test-ca-sha1.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
Ron Eldor9eeb8612019-02-12 15:03:42 +0200[diff] [blame]61 $(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA1 version=3 output_file=$@
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]62all_final += test-ca-sha1.crt
Hanno Beckerb8377752018-10-31 15:29:19 +0000[diff] [blame]63
Hanno Beckere21387e2019-03-12 16:49:26 +0000[diff] [blame]64test-ca-sha1.crt.der: test-ca-sha1.crt
65 $(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER
66all_final += test-ca-sha1.crt.der
67
Hanno Beckerb8377752018-10-31 15:29:19 +0000[diff] [blame]68test-ca-sha256.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
Ron Eldor9eeb8612019-02-12 15:03:42 +0200[diff] [blame]69 $(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA256 version=3 output_file=$@
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]70all_final += test-ca-sha256.crt
71
Hanno Beckere21387e2019-03-12 16:49:26 +0000[diff] [blame]72test-ca-sha256.crt.der: test-ca-sha256.crt
73 $(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER
74all_final += test-ca-sha256.crt.der
75
Ron Eldor9eeb8612019-02-12 15:03:42 +0200[diff] [blame]76test-ca_utf8.crt: $(test_ca_key_file_rsa)
77 $(OPENSSL) req -x509 -new -nodes -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 3 -config $(test_ca_config_file) -sha1 -days 3653 -utf8 -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test CA" -out $@
78all_final += test-ca_utf8.crt
79
80test-ca_printable.crt: $(test_ca_key_file_rsa)
81 $(OPENSSL) req -x509 -new -nodes -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 3 -config $(test_ca_config_file) -sha1 -days 3653 -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test CA" -out $@
82all_final += test-ca_printable.crt
83
84test-ca_uppercase.crt: $(test_ca_key_file_rsa)
85 $(OPENSSL) req -x509 -new -nodes -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 3 -config $(test_ca_config_file) -sha1 -days 3653 -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test CA" -out $@
86all_final += test-ca_uppercase.crt
87
Manuel Pégourié-Gonnard2d825d42017-07-03 18:06:38 +0200[diff] [blame]88test_ca_key_file_rsa_alt = test-ca-alt.key
89
Ron Eldor9eeb8612019-02-12 15:03:42 +0200[diff] [blame]90cert_example_multi.csr: rsa_pkcs1_1024_clear.pem
91 $(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=www.example.com" -set_serial 17 -config $(test_ca_config_file) -extensions dns_alt_names -days 3650 -key rsa_pkcs1_1024_clear.pem -out $@
92
93cert_example_multi.crt: cert_example_multi.csr
94 $(OPENSSL) x509 -req -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) -extfile $(test_ca_config_file) -extensions dns_alt_names -passin "pass:$(test_ca_pwd_rsa)" -set_serial 17 -days 3653 -sha256 -in $< > $@
95
96$(test_ca_key_file_rsa_alt):test-ca.opensslconf
Manuel Pégourié-Gonnard2d825d42017-07-03 18:06:38 +0200[diff] [blame]97 $(OPENSSL) genrsa -out $@ 2048
98test-ca-alt.csr: $(test_ca_key_file_rsa_alt) $(test_ca_config_file)
99 $(OPENSSL) req -new -config $(test_ca_config_file) -key $(test_ca_key_file_rsa_alt) -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test CA" -out $@
100all_intermediate += test-ca-alt.csr
101test-ca-alt.crt: $(test_ca_key_file_rsa_alt) $(test_ca_config_file) test-ca-alt.csr
102 $(OPENSSL) req -x509 -config $(test_ca_config_file) -key $(test_ca_key_file_rsa_alt) -set_serial 0 -days 3653 -sha256 -in test-ca-alt.csr -out $@
103all_final += test-ca-alt.crt
104test-ca-alt-good.crt: test-ca-alt.crt test-ca-sha256.crt
105 cat test-ca-alt.crt test-ca-sha256.crt > $@
106all_final += test-ca-alt-good.crt
107test-ca-good-alt.crt: test-ca-alt.crt test-ca-sha256.crt
108 cat test-ca-sha256.crt test-ca-alt.crt > $@
109all_final += test-ca-good-alt.crt
110
Manuel Pégourié-Gonnardbc313012017-06-27 12:51:52 +0200[diff] [blame]111test_ca_crt_file_ec = test-ca2.crt
112test_ca_key_file_ec = test-ca2.key
113
Ron Eldor9eeb8612019-02-12 15:03:42 +0200[diff] [blame]114test-ca2.req.sha256: $(test_ca_key_file_ec)
115 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$(test_ca_key_file_ec) subject_name="C=NL,O=PolarSSL,CN=Polarssl Test EC CA" md=SHA256
116all_intermediate += test-ca2.req.sha256
117
118test-ca2.crt: $(test_ca_key_file_ec) test-ca2.req.sha256
119 $(MBEDTLS_CERT_WRITE) is_ca=1 serial=13926223505202072808 request_file=test-ca2.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=Polarssl Test EC CA" issuer_key=$(test_ca_key_file_ec) not_before=20190210144400 not_after=20290210144400 md=SHA256 version=3 output_file=$@
120all_final += test-ca.crt
121
Ron Eldor74d9acc2019-03-21 14:00:03 +0200[diff] [blame]122test-ca-any_policy.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
123 $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_ca -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@
124all_final += test-ca-any_policy.crt
125
126test-ca-any_policy_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256
127 $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_ca -key $(test_ca_key_file_ec) -set_serial 0 -days 3653 -sha256 -in test-ca.req_ec.sha256 -out $@
128all_final += test-ca-any_policy_ec.crt
129
130test-ca-any_policy_with_qualifier.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
131 $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_qualifier_ca -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@
132all_final += test-ca-any_policy_with_qualifier.crt
133
134test-ca-any_policy_with_qualifier_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256
135 $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_qualifier_ca -key $(test_ca_key_file_ec) -set_serial 0 -days 3653 -sha256 -in test-ca.req_ec.sha256 -out $@
136all_final += test-ca-any_policy_with_qualifier_ec.crt
137
138test-ca-multi_policy.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
139 $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_multi_policy_ca -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@
140all_final += test-ca-multi_policy.crt
141
142test-ca-multi_policy_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256
143 $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_multi_policy_ca -key $(test_ca_key_file_ec) -set_serial 0 -days 3653 -sha256 -in test-ca.req_ec.sha256 -out $@
144all_final += test-ca-multi_policy_ec.crt
145
146test-ca-unsupported_policy.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
147 $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_unsupported_policy_ca -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@
148all_final += test-ca-unsupported_policy.crt
149
150test-ca-unsupported_policy_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256
151 $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_unsupported_policy_ca -key $(test_ca_key_file_ec) -set_serial 0 -days 3653 -sha256 -in test-ca.req_ec.sha256 -out $@
152all_final += test-ca-unsupported_policy_ec.crt
153
154test-ca.req_ec.sha256: $(test_ca_key_file_ec)
155 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$(test_ca_key_file_ec) subject_name="C=NL, O=PolarSSL, CN=Polarssl Test EC CA" md=SHA256
156all_intermediate += test-ca.req_ec.sha256
157
Hanno Beckere21387e2019-03-12 16:49:26 +0000[diff] [blame]158test-ca2.crt.der: $(test_ca_crt_file_ec)
159 $(OPENSSL) x509 -in $(test_ca_crt_file_ec) -out $@ -inform PEM -outform DER
160all_final += test-ca2.crt.der
161
162test-ca2.key.der: $(test_ca_key_file_ec)
163 $(OPENSSL) pkey -in $(test_ca_key_file_ec) -out $@ -inform PEM -outform DER
164all_final += test-ca2.key.der
165
Hanno Beckerb9630812018-10-31 16:28:05 +0000[diff] [blame]166test_ca_crt_cat12 = test-ca_cat12.crt
167$(test_ca_crt_cat12): $(test_ca_crt) $(test_ca_crt_file_ec)
168 cat $(test_ca_crt) $(test_ca_crt_file_ec) > $@
169all_final += $(test_ca_crt_cat12)
170
171test_ca_crt_cat21 = test-ca_cat21.crt
172$(test_ca_crt_cat21): $(test_ca_crt) $(test_ca_crt_file_ec)
173 cat $(test_ca_crt_file_ec) $(test_ca_crt) > $@
174all_final += $(test_ca_crt_cat21)
175
Manuel Pégourié-Gonnardbc313012017-06-27 12:51:52 +0200[diff] [blame]176test-int-ca.csr: test-int-ca.key $(test_ca_config_file)
177 $(OPENSSL) req -new -config $(test_ca_config_file) -key test-int-ca.key -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test Intermediate CA" -out $@
178all_intermediate += test-int-ca.csr
Manuel Pégourié-Gonnard7ff243a2017-08-08 18:54:13 +0200[diff] [blame]179test-int-ca-exp.crt: $(test_ca_crt_file_ec) $(test_ca_key_file_ec) $(test_ca_config_file) test-int-ca.csr
Manuel Pégourié-Gonnardbc313012017-06-27 12:51:52 +0200[diff] [blame]180 $(FAKETIME) -f -3653d $(OPENSSL) x509 -req -extfile $(test_ca_config_file) -extensions v3_ca -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) -set_serial 14 -days 3653 -sha256 -in test-int-ca.csr -out $@
181all_final += test-int-ca-exp.crt
182
Ron Eldor9eeb8612019-02-12 15:03:42 +0200[diff] [blame]183enco-cert-utf8str.pem: rsa_pkcs1_1024_clear.pem
184 $(MBEDTLS_CERT_WRITE) subject_key=rsa_pkcs1_1024_clear.pem subject_name="CN=dw.yonan.net" issuer_crt=enco-ca-prstr.pem issuer_key=rsa_pkcs1_1024_clear.pem not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
185
Manuel Pégourié-Gonnardfd3e4fb2018-03-13 11:53:30 +0100[diff] [blame]186crl-idp.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file)
187 $(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_config_file) -name test_ca -md sha256 -crldays 3653 -crlexts crl_ext_idp -out $@
Manuel Pégourié-Gonnarda63305d2018-03-14 12:23:56 +0100[diff] [blame]188all_final += crl-idp.pem
189crl-idpnc.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file)
190 $(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_config_file) -name test_ca -md sha256 -crldays 3653 -crlexts crl_ext_idp_nc -out $@
191all_final += crl-idpnc.pem
Manuel Pégourié-Gonnardfd3e4fb2018-03-13 11:53:30 +0100[diff] [blame]192
Gilles Peskinefd14bca2017-05-11 17:57:22 +0200[diff] [blame]193cli_crt_key_file_rsa = cli-rsa.key
194cli_crt_extensions_file = cli.opensslconf
195
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]196cli-rsa.csr: $(cli_crt_key_file_rsa)
Hanno Becker386f99c2018-11-01 17:20:22 +0000[diff] [blame]197 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Client 2" md=SHA1
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]198all_intermediate += cli-rsa.csr
Hanno Becker386f99c2018-11-01 17:20:22 +0000[diff] [blame]199
200cli-rsa-sha1.crt: cli-rsa.csr
Ron Eldor9eeb8612019-02-12 15:03:42 +0200[diff] [blame]201 $(MBEDTLS_CERT_WRITE) request_file=$< serial=4 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
Hanno Becker386f99c2018-11-01 17:20:22 +0000[diff] [blame]202
203cli-rsa-sha256.crt: cli-rsa.csr
Ron Eldor9eeb8612019-02-12 15:03:42 +0200[diff] [blame]204 $(MBEDTLS_CERT_WRITE) request_file=$< serial=4 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]205all_final += cli-rsa-sha256.crt
206
Hanno Beckere21387e2019-03-12 16:49:26 +0000[diff] [blame]207cli-rsa-sha256.crt.der: cli-rsa-sha256.crt
208 $(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER
209all_final += cli-rsa-sha256.crt.der
210
211 cli-rsa.key.der: $(cli_crt_key_file_rsa)
212 $(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER
213all_final += cli-rsa.key.der
214
Manuel Pégourié-Gonnard29d60fb2017-06-05 10:20:32 +0200[diff] [blame]215test_ca_int_rsa1 = test-int-ca.crt
216
217server7.csr: server7.key
218 $(OPENSSL) req -new -key server7.key -subj "/C=NL/O=PolarSSL/CN=localhost" -out $@
219all_intermediate += server7.csr
220server7-expired.crt: server7.csr $(test_ca_int_rsa1)
221 $(FAKETIME) -f -3653d $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa -CA $(test_ca_int_rsa1) -CAkey test-int-ca.key -set_serial 16 -days 3653 -sha256 -in server7.csr | cat - $(test_ca_int_rsa1) > $@
222all_final += server7-expired.crt
223server7-future.crt: server7.csr $(test_ca_int_rsa1)
224 $(FAKETIME) -f +3653d $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa -CA $(test_ca_int_rsa1) -CAkey test-int-ca.key -set_serial 16 -days 3653 -sha256 -in server7.csr | cat - $(test_ca_int_rsa1) > $@
225all_final += server7-future.crt
Manuel Pégourié-Gonnard4dfc04a2017-06-05 11:12:13 +0200[diff] [blame]226server7-badsign.crt: server7.crt $(test_ca_int_rsa1)
Manuel Pégourié-Gonnardd19a41d2017-07-14 11:05:59 +0200[diff] [blame]227 { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; cat $(test_ca_int_rsa1); } > $@
Manuel Pégourié-Gonnard4dfc04a2017-06-05 11:12:13 +0200[diff] [blame]228all_final += server7-badsign.crt
Manuel Pégourié-Gonnardbc313012017-06-27 12:51:52 +0200[diff] [blame]229server7_int-ca-exp.crt: server7.crt test-int-ca-exp.crt
230 cat server7.crt test-int-ca-exp.crt > $@
231all_final += server7_int-ca-exp.crt
232
Ron Eldor9eeb8612019-02-12 15:03:42 +0200[diff] [blame]233cli2.req.sha256: cli2.key
234 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Test Client 2" md=SHA256
235
236all_final += server1.req.sha1
237cli2.crt: cli2.req.sha256
238 $(MBEDTLS_CERT_WRITE) request_file=cli2.req.sha256 serial=13 selfsign=0 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test EC CA" issuer_key=$(test_ca_key_file_ec) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA256 version=3 output_file=$@
239all_final += cli2.crt
240
Hanno Beckere21387e2019-03-12 16:49:26 +0000[diff] [blame]241cli2.crt.der: cli2.crt
242 $(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER
243all_final += cli2.crt.der
244
Hanno Becker4cbea4b2019-05-30 16:08:12 +0100[diff] [blame]245cli2.key.der: cli2.key
Hanno Beckere21387e2019-03-12 16:49:26 +0000[diff] [blame]246 $(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER
247all_final += cli2.key.der
248
Hanno Becker4cbea4b2019-05-30 16:08:12 +0100[diff] [blame]249server5.crt.der: server5.crt
Hanno Beckere21387e2019-03-12 16:49:26 +0000[diff] [blame]250 $(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER
251all_final += server5.crt.der
252
Hanno Becker4cbea4b2019-05-30 16:08:12 +0100[diff] [blame]253server5.key.der: server5.key
Hanno Beckere21387e2019-03-12 16:49:26 +0000[diff] [blame]254 $(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER
255all_final += server5.key.der
256
Manuel Pégourié-Gonnardbc313012017-06-27 12:51:52 +0200[diff] [blame]257server5-ss-expired.crt: server5.key
258 $(FAKETIME) -f -3653d $(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/OU=testsuite/CN=localhost" -days 3653 -sha256 -key $< -out $@
259all_final += server5-ss-expired.crt
260
Manuel Pégourié-Gonnardc10afdb2017-06-29 09:48:08 +0200[diff] [blame]261# try to forge a copy of test-int-ca3 with different key
262server5-ss-forgeca.crt: server5.key
263 $(FAKETIME) '2015-09-01 14:08:43' $(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/CN=mbed TLS Test intermediate CA 3" -set_serial 77 -config $(test_ca_config_file) -extensions noext_ca -days 3650 -sha256 -key $< -out $@
264all_final += server5-ss-forgeca.crt
265
Ron Eldorb2dc3fa2019-03-21 13:40:13 +0200[diff] [blame]266server5-othername.crt: server5.key
267 $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions othername_san -days 3650 -sha256 -key $< -out $@
268
269server5-unsupported_othername.crt: server5.key
270 $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS unsupported othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions unsupoported_othername_san -days 3650 -sha256 -key $< -out $@
271
Ron Eldor3c4734a2019-03-25 14:05:23 +0200[diff] [blame]272server5-fan.crt: server5.key
273 $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS FAN" -set_serial 77 -config $(test_ca_config_file) -extensions fan_cert -days 3650 -sha256 -key server5.key -out $@
274
Manuel Pégourié-Gonnard7d2a4d82020-07-23 12:39:53 +0200[diff] [blame]275server5-tricky-ip-san.crt: server5.key
276 $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS Tricky IP SAN" -set_serial 77 -config $(test_ca_config_file) -extensions tricky_ip_san -days 3650 -sha256 -key server5.key -out $@
277all_final += server5-tricky-ip-san.crt
278
Manuel Pégourié-Gonnardd19a41d2017-07-14 11:05:59 +0200[diff] [blame]279server10-badsign.crt: server10.crt
280 { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@
281all_final += server10-badsign.crt
282server10-bs_int3.pem: server10-badsign.crt test-int-ca3.crt
283 cat server10-badsign.crt test-int-ca3.crt > $@
284all_final += server10-bs_int3.pem
285test-int-ca3-badsign.crt: test-int-ca3.crt
286 { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@
287all_final += test-int-ca3-badsign.crt
288server10_int3-bs.pem: server10.crt test-int-ca3-badsign.crt
289 cat server10.crt test-int-ca3-badsign.crt > $@
Jaeden Amero001626e2019-02-27 11:16:41 +0000[diff] [blame]290all_final += server10_int3-bs.pem
Manuel Pégourié-Gonnardc10afdb2017-06-29 09:48:08 +0200[diff] [blame]291
Ron Eldorb0065182017-10-16 12:40:27 +0300[diff] [blame]292rsa_pkcs1_2048_public.pem: server8.key
Ron Eldor3f2da842017-10-17 15:50:30 +0300[diff] [blame]293 $(OPENSSL) rsa -in $< -outform PEM -RSAPublicKey_out -out $@
294all_final += rsa_pkcs1_2048_public.pem
Gilles Peskineea8d6972017-11-28 17:30:52 +0100[diff] [blame]295
Ron Eldorb0065182017-10-16 12:40:27 +0300[diff] [blame]296rsa_pkcs1_2048_public.der: rsa_pkcs1_2048_public.pem
Ron Eldor3f2da842017-10-17 15:50:30 +0300[diff] [blame]297 $(OPENSSL) rsa -RSAPublicKey_in -in $< -outform DER -RSAPublicKey_out -out $@
298all_final += rsa_pkcs1_2048_public.der
299
300rsa_pkcs8_2048_public.pem: server8.key
301 $(OPENSSL) rsa -in $< -outform PEM -pubout -out $@
302all_final += rsa_pkcs8_2048_public.pem
303
304rsa_pkcs8_2048_public.der: rsa_pkcs8_2048_public.pem
305 $(OPENSSL) rsa -pubin -in $< -outform DER -pubout -out $@
Ron Eldorb0065182017-10-16 12:40:27 +0300[diff] [blame]306all_final += rsa_pkcs8_2048_public.der
Gilles Peskineea8d6972017-11-28 17:30:52 +0100[diff] [blame]307
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]308################################################################
309#### Generate various RSA keys
310################################################################
Gilles Peskinebc70a182017-05-09 15:59:24 +0200[diff] [blame]311
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]312### Password used for PKCS1-encoded encrypted RSA keys
313keys_rsa_basic_pwd = testkey
314
315### Password used for PKCS8-encoded encrypted RSA keys
316keys_rsa_pkcs8_pwd = PolarSSLTest
317
318### Basic 1024-, 2048- and 4096-bit unencrypted RSA keys from which
319### all other encrypted RSA keys are derived.
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]320rsa_pkcs1_1024_clear.pem:
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]321 $(OPENSSL) genrsa -out $@ 1024
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]322all_final += rsa_pkcs1_1024_clear.pem
323rsa_pkcs1_2048_clear.pem:
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]324 $(OPENSSL) genrsa -out $@ 2048
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]325all_final += rsa_pkcs1_2048_clear.pem
326rsa_pkcs1_4096_clear.pem:
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]327 $(OPENSSL) genrsa -out $@ 4096
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]328all_final += rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]329
330###
331### PKCS1-encoded, encrypted RSA keys
332###
333
334### 1024-bit
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]335rsa_pkcs1_1024_des.pem: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]336 $(OPENSSL) rsa -des -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]337all_final += rsa_pkcs1_1024_des.pem
338rsa_pkcs1_1024_3des.pem: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]339 $(OPENSSL) rsa -des3 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]340all_final += rsa_pkcs1_1024_3des.pem
341rsa_pkcs1_1024_aes128.pem: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]342 $(OPENSSL) rsa -aes128 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]343all_final += rsa_pkcs1_1024_aes128.pem
344rsa_pkcs1_1024_aes192.pem: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]345 $(OPENSSL) rsa -aes192 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]346all_final += rsa_pkcs1_1024_aes192.pem
347rsa_pkcs1_1024_aes256.pem: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]348 $(OPENSSL) rsa -aes256 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]349all_final += rsa_pkcs1_1024_aes256.pem
350keys_rsa_enc_basic_1024: rsa_pkcs1_1024_des.pem rsa_pkcs1_1024_3des.pem rsa_pkcs1_1024_aes128.pem rsa_pkcs1_1024_aes192.pem rsa_pkcs1_1024_aes256.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]351
352# 2048-bit
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]353rsa_pkcs1_2048_des.pem: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]354 $(OPENSSL) rsa -des -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]355all_final += rsa_pkcs1_2048_des.pem
356rsa_pkcs1_2048_3des.pem: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]357 $(OPENSSL) rsa -des3 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]358all_final += rsa_pkcs1_2048_3des.pem
359rsa_pkcs1_2048_aes128.pem: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]360 $(OPENSSL) rsa -aes128 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]361all_final += rsa_pkcs1_2048_aes128.pem
362rsa_pkcs1_2048_aes192.pem: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]363 $(OPENSSL) rsa -aes192 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]364all_final += rsa_pkcs1_2048_aes192.pem
365rsa_pkcs1_2048_aes256.pem: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]366 $(OPENSSL) rsa -aes256 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]367all_final += rsa_pkcs1_2048_aes256.pem
368keys_rsa_enc_basic_2048: rsa_pkcs1_2048_des.pem rsa_pkcs1_2048_3des.pem rsa_pkcs1_2048_aes128.pem rsa_pkcs1_2048_aes192.pem rsa_pkcs1_2048_aes256.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]369
370# 4096-bit
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]371rsa_pkcs1_4096_des.pem: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]372 $(OPENSSL) rsa -des -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]373all_final += rsa_pkcs1_4096_des.pem
374rsa_pkcs1_4096_3des.pem: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]375 $(OPENSSL) rsa -des3 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]376all_final += rsa_pkcs1_4096_3des.pem
377rsa_pkcs1_4096_aes128.pem: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]378 $(OPENSSL) rsa -aes128 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]379all_final += rsa_pkcs1_4096_aes128.pem
380rsa_pkcs1_4096_aes192.pem: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]381 $(OPENSSL) rsa -aes192 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]382all_final += rsa_pkcs1_4096_aes192.pem
383rsa_pkcs1_4096_aes256.pem: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]384 $(OPENSSL) rsa -aes256 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]385all_final += rsa_pkcs1_4096_aes256.pem
386keys_rsa_enc_basic_4096: rsa_pkcs1_4096_des.pem rsa_pkcs1_4096_3des.pem rsa_pkcs1_4096_aes128.pem rsa_pkcs1_4096_aes192.pem rsa_pkcs1_4096_aes256.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]387
388###
389### PKCS8-v1 encoded, encrypted RSA keys
390###
391
392### 1024-bit
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]393rsa_pkcs8_pbe_sha1_1024_3des.der: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]394 $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]395all_final += rsa_pkcs8_pbe_sha1_1024_3des.der
396rsa_pkcs8_pbe_sha1_1024_3des.pem: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]397 $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]398all_final += rsa_pkcs8_pbe_sha1_1024_3des.pem
399keys_rsa_enc_pkcs8_v1_1024_3des: rsa_pkcs8_pbe_sha1_1024_3des.pem rsa_pkcs8_pbe_sha1_1024_3des.der
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]400
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]401rsa_pkcs8_pbe_sha1_1024_2des.der: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]402 $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]403all_final += rsa_pkcs8_pbe_sha1_1024_2des.der
404rsa_pkcs8_pbe_sha1_1024_2des.pem: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]405 $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]406all_final += rsa_pkcs8_pbe_sha1_1024_2des.pem
407keys_rsa_enc_pkcs8_v1_1024_2des: rsa_pkcs8_pbe_sha1_1024_2des.pem rsa_pkcs8_pbe_sha1_1024_2des.der
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]408
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]409rsa_pkcs8_pbe_sha1_1024_rc4_128.der: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]410 $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]411all_final += rsa_pkcs8_pbe_sha1_1024_rc4_128.der
412rsa_pkcs8_pbe_sha1_1024_rc4_128.pem: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]413 $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]414all_final += rsa_pkcs8_pbe_sha1_1024_rc4_128.pem
415keys_rsa_enc_pkcs8_v1_1024_rc4_128: rsa_pkcs8_pbe_sha1_1024_rc4_128.pem rsa_pkcs8_pbe_sha1_1024_rc4_128.der
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]416
417keys_rsa_enc_pkcs8_v1_1024: keys_rsa_enc_pkcs8_v1_1024_3des keys_rsa_enc_pkcs8_v1_1024_2des keys_rsa_enc_pkcs8_v1_1024_rc4_128
418
419### 2048-bit
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]420rsa_pkcs8_pbe_sha1_2048_3des.der: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]421 $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]422all_final += rsa_pkcs8_pbe_sha1_2048_3des.der
423rsa_pkcs8_pbe_sha1_2048_3des.pem: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]424 $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]425all_final += rsa_pkcs8_pbe_sha1_2048_3des.pem
426keys_rsa_enc_pkcs8_v1_2048_3des: rsa_pkcs8_pbe_sha1_2048_3des.pem rsa_pkcs8_pbe_sha1_2048_3des.der
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]427
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]428rsa_pkcs8_pbe_sha1_2048_2des.der: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]429 $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]430all_final += rsa_pkcs8_pbe_sha1_2048_2des.der
431rsa_pkcs8_pbe_sha1_2048_2des.pem: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]432 $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]433all_final += rsa_pkcs8_pbe_sha1_2048_2des.pem
434keys_rsa_enc_pkcs8_v1_2048_2des: rsa_pkcs8_pbe_sha1_2048_2des.pem rsa_pkcs8_pbe_sha1_2048_2des.der
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]435
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]436rsa_pkcs8_pbe_sha1_2048_rc4_128.der: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]437 $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]438all_final += rsa_pkcs8_pbe_sha1_2048_rc4_128.der
439rsa_pkcs8_pbe_sha1_2048_rc4_128.pem: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]440 $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]441all_final += rsa_pkcs8_pbe_sha1_2048_rc4_128.pem
442keys_rsa_enc_pkcs8_v1_2048_rc4_128: rsa_pkcs8_pbe_sha1_2048_rc4_128.pem rsa_pkcs8_pbe_sha1_2048_rc4_128.der
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]443
444keys_rsa_enc_pkcs8_v1_2048: keys_rsa_enc_pkcs8_v1_2048_3des keys_rsa_enc_pkcs8_v1_2048_2des keys_rsa_enc_pkcs8_v1_2048_rc4_128
445
446### 4096-bit
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]447rsa_pkcs8_pbe_sha1_4096_3des.der: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]448 $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]449all_final += rsa_pkcs8_pbe_sha1_4096_3des.der
450rsa_pkcs8_pbe_sha1_4096_3des.pem: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]451 $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]452all_final += rsa_pkcs8_pbe_sha1_4096_3des.pem
453keys_rsa_enc_pkcs8_v1_4096_3des: rsa_pkcs8_pbe_sha1_4096_3des.pem rsa_pkcs8_pbe_sha1_4096_3des.der
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]454
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]455rsa_pkcs8_pbe_sha1_4096_2des.der: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]456 $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]457all_final += rsa_pkcs8_pbe_sha1_4096_2des.der
458rsa_pkcs8_pbe_sha1_4096_2des.pem: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]459 $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]460all_final += rsa_pkcs8_pbe_sha1_4096_2des.pem
461keys_rsa_enc_pkcs8_v1_4096_2des: rsa_pkcs8_pbe_sha1_4096_2des.pem rsa_pkcs8_pbe_sha1_4096_2des.der
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]462
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]463rsa_pkcs8_pbe_sha1_4096_rc4_128.der: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]464 $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]465all_final += rsa_pkcs8_pbe_sha1_4096_rc4_128.der
466rsa_pkcs8_pbe_sha1_4096_rc4_128.pem: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]467 $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]468all_final += rsa_pkcs8_pbe_sha1_4096_rc4_128.pem
469keys_rsa_enc_pkcs8_v1_4096_rc4_128: rsa_pkcs8_pbe_sha1_4096_rc4_128.pem rsa_pkcs8_pbe_sha1_4096_rc4_128.der
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]470
471keys_rsa_enc_pkcs8_v1_4096: keys_rsa_enc_pkcs8_v1_4096_3des keys_rsa_enc_pkcs8_v1_4096_2des keys_rsa_enc_pkcs8_v1_4096_rc4_128
472
473###
Antonio Quartullif476b9d2018-02-01 13:54:13 +0800[diff] [blame]474### PKCS8-v2 encoded, encrypted RSA keys, no PRF specified (default for OpenSSL1.0: hmacWithSHA1)
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]475###
476
477### 1024-bit
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]478rsa_pkcs8_pbes2_pbkdf2_1024_3des.der: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]479 $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]480all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des.der
481rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]482 $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]483all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem
484keys_rsa_enc_pkcs8_v2_1024_3des: rsa_pkcs8_pbes2_pbkdf2_1024_3des.der rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]485
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]486rsa_pkcs8_pbes2_pbkdf2_1024_des.der: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]487 $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]488all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des.der
489rsa_pkcs8_pbes2_pbkdf2_1024_des.pem: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]490 $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]491all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des.pem
492keys_rsa_enc_pkcs8_v2_1024_des: rsa_pkcs8_pbes2_pbkdf2_1024_des.der rsa_pkcs8_pbes2_pbkdf2_1024_des.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]493
494keys_rsa_enc_pkcs8_v2_1024: keys_rsa_enc_pkcs8_v2_1024_3des keys_rsa_enc_pkcs8_v2_1024_des
495
496### 2048-bit
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]497rsa_pkcs8_pbes2_pbkdf2_2048_3des.der: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]498 $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]499all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des.der
500rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]501 $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]502all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem
503keys_rsa_enc_pkcs8_v2_2048_3des: rsa_pkcs8_pbes2_pbkdf2_2048_3des.der rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]504
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]505rsa_pkcs8_pbes2_pbkdf2_2048_des.der: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]506 $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]507all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des.der
508rsa_pkcs8_pbes2_pbkdf2_2048_des.pem: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]509 $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]510all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des.pem
511keys_rsa_enc_pkcs8_v2_2048_des: rsa_pkcs8_pbes2_pbkdf2_2048_des.der rsa_pkcs8_pbes2_pbkdf2_2048_des.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]512
513keys_rsa_enc_pkcs8_v2_2048: keys_rsa_enc_pkcs8_v2_2048_3des keys_rsa_enc_pkcs8_v2_2048_des
514
515### 4096-bit
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]516rsa_pkcs8_pbes2_pbkdf2_4096_3des.der: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]517 $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]518all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des.der
519rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]520 $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]521all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem
522keys_rsa_enc_pkcs8_v2_4096_3des: rsa_pkcs8_pbes2_pbkdf2_4096_3des.der rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]523
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]524rsa_pkcs8_pbes2_pbkdf2_4096_des.der: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]525 $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]526all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des.der
527rsa_pkcs8_pbes2_pbkdf2_4096_des.pem: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]528 $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]529all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des.pem
530keys_rsa_enc_pkcs8_v2_4096_des: rsa_pkcs8_pbes2_pbkdf2_4096_des.der rsa_pkcs8_pbes2_pbkdf2_4096_des.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]531
532keys_rsa_enc_pkcs8_v2_4096: keys_rsa_enc_pkcs8_v2_4096_3des keys_rsa_enc_pkcs8_v2_4096_des
533
534###
Antonio Quartullif476b9d2018-02-01 13:54:13 +0800[diff] [blame]535### PKCS8-v2 encoded, encrypted RSA keys, PRF hmacWithSHA224
536###
537
538### 1024-bit
539rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der: rsa_pkcs1_1024_clear.pem
540 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
541all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der
542rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem: rsa_pkcs1_1024_clear.pem
543 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
544all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem
545keys_rsa_enc_pkcs8_v2_1024_3des_sha224: rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem
546
547rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der: rsa_pkcs1_1024_clear.pem
548 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
549all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der
550rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem: rsa_pkcs1_1024_clear.pem
551 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
552all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem
553keys_rsa_enc_pkcs8_v2_1024_des_sha224: rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem
554
555keys_rsa_enc_pkcs8_v2_1024_sha224: keys_rsa_enc_pkcs8_v2_1024_3des_sha224 keys_rsa_enc_pkcs8_v2_1024_des_sha224
556
557### 2048-bit
558rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der: rsa_pkcs1_2048_clear.pem
559 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
560all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der
561rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem: rsa_pkcs1_2048_clear.pem
562 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
563all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem
564keys_rsa_enc_pkcs8_v2_2048_3des_sha224: rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem
565
566rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der: rsa_pkcs1_2048_clear.pem
567 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
568all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der
569rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem: rsa_pkcs1_2048_clear.pem
570 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
571all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem
572keys_rsa_enc_pkcs8_v2_2048_des_sha224: rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem
573
574keys_rsa_enc_pkcs8_v2_2048_sha224: keys_rsa_enc_pkcs8_v2_2048_3des_sha224 keys_rsa_enc_pkcs8_v2_2048_des_sha224
575
576### 4096-bit
577rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der: rsa_pkcs1_4096_clear.pem
578 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
579all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der
580rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem: rsa_pkcs1_4096_clear.pem
581 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
582all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem
583keys_rsa_enc_pkcs8_v2_4096_3des_sha224: rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem
584
585rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der: rsa_pkcs1_4096_clear.pem
586 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
587all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der
588rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem: rsa_pkcs1_4096_clear.pem
589 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
590all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem
591keys_rsa_enc_pkcs8_v2_4096_des_sha224: rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem
592
593keys_rsa_enc_pkcs8_v2_4096_sha224: keys_rsa_enc_pkcs8_v2_4096_3des_sha224 keys_rsa_enc_pkcs8_v2_4096_des_sha224
594
595###
596### PKCS8-v2 encoded, encrypted RSA keys, PRF hmacWithSHA256
597###
598
599### 1024-bit
600rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der: rsa_pkcs1_1024_clear.pem
601 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
602all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der
603rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem: rsa_pkcs1_1024_clear.pem
604 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
605all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem
606keys_rsa_enc_pkcs8_v2_1024_3des_sha256: rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem
607
608rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der: rsa_pkcs1_1024_clear.pem
609 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
610all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der
611rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem: rsa_pkcs1_1024_clear.pem
612 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
613all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem
614keys_rsa_enc_pkcs8_v2_1024_des_sha256: rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem
615
616keys_rsa_enc_pkcs8_v2_1024_sha256: keys_rsa_enc_pkcs8_v2_1024_3des_sha256 keys_rsa_enc_pkcs8_v2_1024_des_sha256
617
618### 2048-bit
619rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der: rsa_pkcs1_2048_clear.pem
620 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
621all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der
622rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem: rsa_pkcs1_2048_clear.pem
623 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
624all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem
625keys_rsa_enc_pkcs8_v2_2048_3des_sha256: rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem
626
627rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der: rsa_pkcs1_2048_clear.pem
628 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
629all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der
630rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem: rsa_pkcs1_2048_clear.pem
631 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
632all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem
633keys_rsa_enc_pkcs8_v2_2048_des_sha256: rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem
634
635keys_rsa_enc_pkcs8_v2_2048_sha256: keys_rsa_enc_pkcs8_v2_2048_3des_sha256 keys_rsa_enc_pkcs8_v2_2048_des_sha256
636
637### 4096-bit
638rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der: rsa_pkcs1_4096_clear.pem
639 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
640all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der
641rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem: rsa_pkcs1_4096_clear.pem
642 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
643all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem
644keys_rsa_enc_pkcs8_v2_4096_3des_sha256: rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem
645
646rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der: rsa_pkcs1_4096_clear.pem
647 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
648all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der
649rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem: rsa_pkcs1_4096_clear.pem
650 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
651all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem
652keys_rsa_enc_pkcs8_v2_4096_des_sha256: rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem
653
654keys_rsa_enc_pkcs8_v2_4096_sha256: keys_rsa_enc_pkcs8_v2_4096_3des_sha256 keys_rsa_enc_pkcs8_v2_4096_des_sha256
655
656###
657### PKCS8-v2 encoded, encrypted RSA keys, PRF hmacWithSHA384
658###
659
660### 1024-bit
661rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der: rsa_pkcs1_1024_clear.pem
662 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
663all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der
664rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem: rsa_pkcs1_1024_clear.pem
665 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
666all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem
667keys_rsa_enc_pkcs8_v2_1024_3des_sha384: rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem
668
669rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der: rsa_pkcs1_1024_clear.pem
670 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
671all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der
672rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem: rsa_pkcs1_1024_clear.pem
673 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
674all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem
675keys_rsa_enc_pkcs8_v2_1024_des_sha384: rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem
676
677keys_rsa_enc_pkcs8_v2_1024_sha384: keys_rsa_enc_pkcs8_v2_1024_3des_sha384 keys_rsa_enc_pkcs8_v2_1024_des_sha384
678
679### 2048-bit
680rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der: rsa_pkcs1_2048_clear.pem
681 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
682all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der
683rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem: rsa_pkcs1_2048_clear.pem
684 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
685all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem
686keys_rsa_enc_pkcs8_v2_2048_3des_sha384: rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem
687
688rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der: rsa_pkcs1_2048_clear.pem
689 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
690all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der
691rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem: rsa_pkcs1_2048_clear.pem
692 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
693all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem
694keys_rsa_enc_pkcs8_v2_2048_des_sha384: rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem
695
696keys_rsa_enc_pkcs8_v2_2048_sha384: keys_rsa_enc_pkcs8_v2_2048_3des_sha384 keys_rsa_enc_pkcs8_v2_2048_des_sha384
697
698### 4096-bit
699rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der: rsa_pkcs1_4096_clear.pem
700 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
701all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der
702rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem: rsa_pkcs1_4096_clear.pem
703 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
704all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem
705keys_rsa_enc_pkcs8_v2_4096_3des_sha384: rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem
706
707rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der: rsa_pkcs1_4096_clear.pem
708 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
709all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der
710rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem: rsa_pkcs1_4096_clear.pem
711 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
712all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem
713keys_rsa_enc_pkcs8_v2_4096_des_sha384: rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem
714
715keys_rsa_enc_pkcs8_v2_4096_sha384: keys_rsa_enc_pkcs8_v2_4096_3des_sha384 keys_rsa_enc_pkcs8_v2_4096_des_sha384
716
717###
718### PKCS8-v2 encoded, encrypted RSA keys, PRF hmacWithSHA512
719###
720
721### 1024-bit
722rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der: rsa_pkcs1_1024_clear.pem
723 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
724all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der
725rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem: rsa_pkcs1_1024_clear.pem
726 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
727all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem
728keys_rsa_enc_pkcs8_v2_1024_3des_sha512: rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem
729
730rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der: rsa_pkcs1_1024_clear.pem
731 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
732all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der
733rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem: rsa_pkcs1_1024_clear.pem
734 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
735all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem
736keys_rsa_enc_pkcs8_v2_1024_des_sha512: rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem
737
738keys_rsa_enc_pkcs8_v2_1024_sha512: keys_rsa_enc_pkcs8_v2_1024_3des_sha512 keys_rsa_enc_pkcs8_v2_1024_des_sha512
739
740### 2048-bit
741rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der: rsa_pkcs1_2048_clear.pem
742 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
743all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der
744rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem: rsa_pkcs1_2048_clear.pem
745 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
746all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem
747keys_rsa_enc_pkcs8_v2_2048_3des_sha512: rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem
748
749rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der: rsa_pkcs1_2048_clear.pem
750 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
751all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der
752rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem: rsa_pkcs1_2048_clear.pem
753 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
754all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem
755keys_rsa_enc_pkcs8_v2_2048_des_sha512: rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem
756
757keys_rsa_enc_pkcs8_v2_2048_sha512: keys_rsa_enc_pkcs8_v2_2048_3des_sha512 keys_rsa_enc_pkcs8_v2_2048_des_sha512
758
759### 4096-bit
760rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der: rsa_pkcs1_4096_clear.pem
761 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
762all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der
763rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem: rsa_pkcs1_4096_clear.pem
764 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
765all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem
766keys_rsa_enc_pkcs8_v2_4096_3des_sha512: rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem
767
768rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der: rsa_pkcs1_4096_clear.pem
769 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
770all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der
771rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem: rsa_pkcs1_4096_clear.pem
772 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
773all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem
774keys_rsa_enc_pkcs8_v2_4096_des_sha512: rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem
775
776keys_rsa_enc_pkcs8_v2_4096_sha512: keys_rsa_enc_pkcs8_v2_4096_3des_sha512 keys_rsa_enc_pkcs8_v2_4096_des_sha512
777
778###
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]779### Rules to generate all RSA keys from a particular class
780###
781
782### Generate basic unencrypted RSA keys
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]783keys_rsa_unenc: rsa_pkcs1_1024_clear.pem rsa_pkcs1_2048_clear.pem rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]784
785### Generate PKCS1-encoded encrypted RSA keys
786keys_rsa_enc_basic: keys_rsa_enc_basic_1024 keys_rsa_enc_basic_2048 keys_rsa_enc_basic_4096
787
788### Generate PKCS8-v1 encrypted RSA keys
789keys_rsa_enc_pkcs8_v1: keys_rsa_enc_pkcs8_v1_1024 keys_rsa_enc_pkcs8_v1_2048 keys_rsa_enc_pkcs8_v1_4096
790
791### Generate PKCS8-v2 encrypted RSA keys
Antonio Quartullif476b9d2018-02-01 13:54:13 +0800[diff] [blame]792keys_rsa_enc_pkcs8_v2: keys_rsa_enc_pkcs8_v2_1024 keys_rsa_enc_pkcs8_v2_2048 keys_rsa_enc_pkcs8_v2_4096 keys_rsa_enc_pkcs8_v2_1024_sha224 keys_rsa_enc_pkcs8_v2_2048_sha224 keys_rsa_enc_pkcs8_v2_4096_sha224 keys_rsa_enc_pkcs8_v2_1024_sha256 keys_rsa_enc_pkcs8_v2_2048_sha256 keys_rsa_enc_pkcs8_v2_4096_sha256 keys_rsa_enc_pkcs8_v2_1024_sha384 keys_rsa_enc_pkcs8_v2_2048_sha384 keys_rsa_enc_pkcs8_v2_4096_sha384 keys_rsa_enc_pkcs8_v2_1024_sha512 keys_rsa_enc_pkcs8_v2_2048_sha512 keys_rsa_enc_pkcs8_v2_4096_sha512
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]793
794### Generate all RSA keys
795keys_rsa_all: keys_rsa_unenc keys_rsa_enc_basic keys_rsa_enc_pkcs8_v1 keys_rsa_enc_pkcs8_v2
796
Jethro Beekmand2df9362018-02-16 13:11:04 -0800[diff] [blame]797################################################################
798#### Generate various EC keys
799################################################################
Gilles Peskineea8d6972017-11-28 17:30:52 +0100[diff] [blame]800
Jethro Beekmand2df9362018-02-16 13:11:04 -0800[diff] [blame]801###
802### PKCS8 encoded
803###
804
805ec_prv.pk8.der:
806 $(OPENSSL) genpkey -algorithm EC -pkeyopt ec_paramgen_curve:prime192v1 -pkeyopt ec_param_enc:named_curve -out $@ -outform DER
807all_final += ec_prv.pk8.der
808
809# ### Instructions for creating `ec_prv.pk8nopub.der`,
810# ### `ec_prv.pk8nopubparam.der`, and `ec_prv.pk8param.der` by hand from
811# ### `ec_prv.pk8.der`.
812#
813# These instructions assume you are familiar with ASN.1 DER encoding and can
814# use a hex editor to manipulate DER.
815#
816# The relevant ASN.1 definitions for a PKCS#8 encoded Elliptic Curve key are:
817#
818# PrivateKeyInfo ::= SEQUENCE {
819# version Version,
820# privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
821# privateKey PrivateKey,
822# attributes [0] IMPLICIT Attributes OPTIONAL
823# }
824#
825# AlgorithmIdentifier ::= SEQUENCE {
826# algorithm OBJECT IDENTIFIER,
827# parameters ANY DEFINED BY algorithm OPTIONAL
828# }
829#
830# ECParameters ::= CHOICE {
831# namedCurve OBJECT IDENTIFIER
832# -- implicitCurve NULL
833# -- specifiedCurve SpecifiedECDomain
834# }
835#
836# ECPrivateKey ::= SEQUENCE {
837# version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
838# privateKey OCTET STRING,
839# parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
840# publicKey [1] BIT STRING OPTIONAL
841# }
842#
843# `ec_prv.pk8.der` as generatde above by OpenSSL should have the following
844# fields:
845#
846# * privateKeyAlgorithm namedCurve
847# * privateKey.parameters NOT PRESENT
848# * privateKey.publicKey PRESENT
849# * attributes NOT PRESENT
850#
851# # ec_prv.pk8nopub.der
852#
853# Take `ec_prv.pk8.der` and remove `privateKey.publicKey`.
854#
855# # ec_prv.pk8nopubparam.der
856#
857# Take `ec_prv.pk8nopub.der` and add `privateKey.parameters`, the same value as
858# `privateKeyAlgorithm.namedCurve`. Don't forget to add the explicit tag.
859#
860# # ec_prv.pk8param.der
861#
862# Take `ec_prv.pk8.der` and add `privateKey.parameters`, the same value as
863# `privateKeyAlgorithm.namedCurve`. Don't forget to add the explicit tag.
864
865ec_prv.pk8.pem: ec_prv.pk8.der
866 $(OPENSSL) pkey -in $< -inform DER -out $@
867all_final += ec_prv.pk8.pem
868ec_prv.pk8nopub.pem: ec_prv.pk8nopub.der
869 $(OPENSSL) pkey -in $< -inform DER -out $@
870all_final += ec_prv.pk8nopub.pem
871ec_prv.pk8nopubparam.pem: ec_prv.pk8nopubparam.der
872 $(OPENSSL) pkey -in $< -inform DER -out $@
873all_final += ec_prv.pk8nopubparam.pem
874ec_prv.pk8param.pem: ec_prv.pk8param.der
875 $(OPENSSL) pkey -in $< -inform DER -out $@
876all_final += ec_prv.pk8param.pem
Gilles Peskineea8d6972017-11-28 17:30:52 +0100[diff] [blame]877
878################################################################
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]879### Generate CSRs for X.509 write test suite
880################################################################
881
882server1.req.sha1: server1.key
883 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
884all_final += server1.req.sha1
885
886server1.req.md4: server1.key
887 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=MD4
888all_final += server1.req.md4
889
890server1.req.md5: server1.key
891 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=MD5
892all_final += server1.req.md5
893
894server1.req.sha224: server1.key
895 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA224
896all_final += server1.req.sha224
897
898server1.req.sha256: server1.key
899 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA256
900all_final += server1.req.sha256
901
902server1.req.sha384: server1.key
903 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA384
904all_final += server1.req.sha384
905
906server1.req.sha512: server1.key
907 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA512
908all_final += server1.req.sha512
909
910server1.req.cert_type: server1.key
911 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< ns_cert_type=ssl_server subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
912all_final += server1.req.cert_type
913
914server1.req.key_usage: server1.key
915 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation,key_encipherment subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
916all_final += server1.req.key_usage
917
918server1.req.ku-ct: server1.key
919 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation,key_encipherment ns_cert_type=ssl_server subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
920all_final += server1.req.ku-ct
921
Andres Amaya Garcia7067f812018-09-26 10:51:16 +0100[diff] [blame]922server1.req.key_usage_empty: server1.key
923 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 force_key_usage=1
924all_final += server1.req.key_usage_empty
925
926server1.req.cert_type_empty: server1.key
927 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 force_ns_cert_type=1
928all_final += server1.req.cert_type_empty
929
Hanno Beckerebc1f402018-10-31 16:35:59 +0000[diff] [blame]930# server2*
931
932server2.req.sha256: server2.key
933 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=localhost" md=SHA256
934all_intermediate += server2.req.sha256
935
Hanno Beckere21387e2019-03-12 16:49:26 +0000[diff] [blame]936server2.crt.der: server2.crt
937 $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
938all_final += server2.crt.der
939
940server2-sha256.crt.der: server2-sha256.crt
941 $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
942all_final += server2-sha256.crt.der
943
944server2.key.der: server2.key
945 $(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER
946all_final += server2.key.der
947
Hanno Becker0dd11392018-11-02 08:56:15 +0000[diff] [blame]948# server5*
949
950# The use of 'Server 1' in the DN is intentional here, as the DN is hardcoded in the x509_write test suite.'
951server5.req.ku.sha1: server5.key
952 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
953all_final += server5.req.ku.sha1
954
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]955################################################################
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]956### Generate certificates for CRT write check tests
Gilles Peskineea8d6972017-11-28 17:30:52 +0100[diff] [blame]957################################################################
958
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]959### The test files use the Mbed TLS generated certificates server1*.crt,
960### but for comparison with OpenSSL also rules for OpenSSL-generated
961### certificates server1*.crt.openssl are offered.
962###
963### Known differences:
964### * OpenSSL encodes trailing zero-bits in bit-strings occurring in X.509 extension
965### as unused bits, while Mbed TLS doesn't.
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]966
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]967test_ca_server1_db = test-ca.server1.db
968test_ca_server1_serial = test-ca.server1.serial
969test_ca_server1_config_file = test-ca.server1.opensslconf
970
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]971# server1*
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]972
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]973server1.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
Ron Eldor9eeb8612019-02-12 15:03:42 +0200[diff] [blame]974 $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]975server1.noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
Ron Eldor9eeb8612019-02-12 15:03:42 +0200[diff] [blame]976 $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 authority_identifier=0 version=3 output_file=$@
Hanno Becker58fc28c2019-03-14 13:33:20 +0000[diff] [blame]977server1.crt.der: server1.crt
Ron Eldor9eeb8612019-02-12 15:03:42 +0200[diff] [blame]978 $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 authority_identifier=0 version=3 output_file=$@
979server1.der: server1.crt
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]980 $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
Hanno Becker58fc28c2019-03-14 13:33:20 +0000[diff] [blame]981all_final += server1.crt server1.noauthid.crt server1.crt.der
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]982
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]983server1.key_usage.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
Ron Eldor9eeb8612019-02-12 15:03:42 +0200[diff] [blame]984 $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 key_usage=digital_signature,non_repudiation,key_encipherment version=3 output_file=$@
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]985server1.key_usage_noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
Ron Eldor9eeb8612019-02-12 15:03:42 +0200[diff] [blame]986 $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 key_usage=digital_signature,non_repudiation,key_encipherment authority_identifier=0 version=3 output_file=$@
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]987server1.key_usage.der: server1.key_usage.crt
988 $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
989all_final += server1.key_usage.crt server1.key_usage_noauthid.crt server1.key_usage.der
990
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]991server1.cert_type.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
Ron Eldor9eeb8612019-02-12 15:03:42 +0200[diff] [blame]992 $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 ns_cert_type=ssl_server version=3 output_file=$@
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]993server1.cert_type_noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
Ron Eldor9eeb8612019-02-12 15:03:42 +0200[diff] [blame]994 $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 ns_cert_type=ssl_server authority_identifier=0 version=3 output_file=$@
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]995server1.cert_type.der: server1.cert_type.crt
996 $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
997all_final += server1.cert_type.crt server1.cert_type_noauthid.crt server1.cert_type.der
998
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]999server1.v1.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
Ron Eldor9eeb8612019-02-12 15:03:42 +0200[diff] [blame]1000 $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=1 output_file=$@
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]1001server1.v1.der: server1.v1.crt
1002 $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
1003all_final += server1.v1.crt server1.v1.der
1004
Ron Eldor9eeb8612019-02-12 15:03:42 +0200[diff] [blame]1005server1_ca.crt: server1.crt $(test_ca_crt)
1006 cat server1.crt $(test_ca_crt) > $@
1007all_final += server1_ca.crt
1008
1009cert_sha1.crt: server1.key
1010 $(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=PolarSSL Cert SHA1" serial=7 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
1011all_final += cert_sha1.crt
1012
1013cert_sha224.crt: server1.key
1014 $(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=PolarSSL Cert SHA224" serial=8 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA224 version=3 output_file=$@
1015all_final += cert_sha224.crt
1016
1017cert_sha256.crt: server1.key
1018 $(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=PolarSSL Cert SHA256" serial=9 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@
1019all_final += cert_sha256.crt
1020
1021cert_sha384.crt: server1.key
1022 $(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=PolarSSL Cert SHA384" serial=10 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA384 version=3 output_file=$@
1023all_final += cert_sha384.crt
1024
1025cert_sha512.crt: server1.key
1026 $(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=PolarSSL Cert SHA512" serial=11 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA512 version=3 output_file=$@
1027all_final += cert_sha512.crt
1028
1029cert_example_wildcard.crt: server1.key
1030 $(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=*.example.com" serial=12 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
1031all_final += cert_example_wildcard.crt
1032
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]1033# OpenSSL-generated certificates for comparison
Hanno Becker81535d02017-09-13 15:39:59 +0100[diff] [blame]1034# Also provide certificates in DER format to allow
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]1035# direct binary comparison using e.g. dumpasn1
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]1036server1.crt.openssl server1.key_usage.crt.openssl server1.cert_type.crt.openssl: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_server1_config_file)
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]1037 echo "01" > $(test_ca_server1_serial)
1038 rm -f $(test_ca_server1_db)
1039 touch $(test_ca_server1_db)
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]1040 $(OPENSSL) ca -batch -passin "pass:$(test_ca_pwd_rsa)" -config $(test_ca_server1_config_file) -in server1.req.sha256 -extensions v3_ext -extfile $@.v3_ext -out $@
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]1041server1.der.openssl: server1.crt.openssl
1042 $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
1043server1.key_usage.der.openssl: server1.key_usage.crt.openssl
1044 $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
1045server1.cert_type.der.openssl: server1.cert_type.crt.openssl
1046 $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
1047
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]1048server1.v1.crt.openssl: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_server1_config_file)
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]1049 echo "01" > $(test_ca_server1_serial)
1050 rm -f $(test_ca_server1_db)
1051 touch $(test_ca_server1_db)
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]1052 $(OPENSSL) ca -batch -passin "pass:$(test_ca_pwd_rsa)" -config $(test_ca_server1_config_file) -in server1.req.sha256 -out $@
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]1053server1.v1.der.openssl: server1.v1.crt.openssl
1054 $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
1055
Ron Eldorb7c96262019-02-06 18:48:37 +0200[diff] [blame]1056# To revoke certificate in the openssl database:
1057#
1058# $(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_server1_config_file) -md sha256 -crldays 365 -revoke server1.crt
1059
1060crl.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file)
1061 $(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_server1_config_file) -md sha1 -crldays 3653 -out $@
1062
1063server1_all: crl.pem server1.crt server1.noauthid.crt server1.crt.openssl server1.v1.crt server1.v1.crt.openssl server1.key_usage.crt server1.key_usage_noauthid.crt server1.key_usage.crt.openssl server1.cert_type.crt server1.cert_type_noauthid.crt server1.cert_type.crt.openssl server1.der server1.der.openssl server1.v1.der server1.v1.der.openssl server1.key_usage.der server1.key_usage.der.openssl server1.cert_type.der server1.cert_type.der.openssl
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]1064
Hanno Beckerebc1f402018-10-31 16:35:59 +0000[diff] [blame]1065# server2*
1066
1067server2.crt: server2.req.sha256
Ron Eldor9eeb8612019-02-12 15:03:42 +0200[diff] [blame]1068 $(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=2 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
Hanno Beckere21387e2019-03-12 16:49:26 +0000[diff] [blame]1069all_final += server2.crt
Hanno Beckerebc1f402018-10-31 16:35:59 +0000[diff] [blame]1070
Ron Eldor9eeb8612019-02-12 15:03:42 +0200[diff] [blame]1071server2.der: server2.crt
1072 $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
1073all_final += server2.crt server2.der
1074
Hanno Beckerebc1f402018-10-31 16:35:59 +0000[diff] [blame]1075server2-sha256.crt: server2.req.sha256
Ron Eldor9eeb8612019-02-12 15:03:42 +0200[diff] [blame]1076 $(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=2 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@
Hanno Beckerebc1f402018-10-31 16:35:59 +0000[diff] [blame]1077all_final += server2-sha256.crt
1078
Hanno Becker2e0f71f2019-06-03 14:14:04 +0100[diff] [blame]1079# MD2, MD4, MD5 test certificates
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]1080
Hanno Becker2e0f71f2019-06-03 14:14:04 +0100[diff] [blame]1081cert_md_test_key = $(cli_crt_key_file_rsa)
1082
1083cert_md2.csr: $(cert_md_test_key)
1084 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Cert MD2" md=MD2
1085all_intermediate += cert_md2.csr
1086
1087cert_md2.crt: cert_md2.csr
Hanno Becker53756b32019-06-03 14:14:38 +0100[diff] [blame]1088 $(MBEDTLS_CERT_WRITE) request_file=$< serial=9 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20000101121212 not_after=20300101121212 md=MD2 version=3 output_file=$@
Hanno Becker2e0f71f2019-06-03 14:14:04 +0100[diff] [blame]1089all_final += cert_md2.crt
1090
1091cert_md4.csr: $(cert_md_test_key)
1092 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Cert MD4" md=MD4
1093all_intermediate += cert_md4.csr
1094
1095cert_md4.crt: cert_md4.csr
Hanno Becker53756b32019-06-03 14:14:38 +0100[diff] [blame]1096 $(MBEDTLS_CERT_WRITE) request_file=$< serial=5 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20000101121212 not_after=20300101121212 md=MD4 version=3 output_file=$@
Hanno Becker2e0f71f2019-06-03 14:14:04 +0100[diff] [blame]1097all_final += cert_md4.crt
1098
1099cert_md5.csr: $(cert_md_test_key)
1100 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Cert MD5" md=MD5
1101all_intermediate += cert_md5.csr
1102
1103cert_md5.crt: cert_md5.csr
Hanno Becker53756b32019-06-03 14:14:38 +0100[diff] [blame]1104 $(MBEDTLS_CERT_WRITE) request_file=$< serial=6 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20000101121212 not_after=20300101121212 md=MD5 version=3 output_file=$@
Hanno Becker2e0f71f2019-06-03 14:14:04 +0100[diff] [blame]1105all_final += cert_md5.crt
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]1106
1107################################################################
1108#### Meta targets
1109################################################################
1110
1111all_final: $(all_final)
1112all: $(all_intermediate) $(all_final)
1113
Gilles Peskinefd14bca2017-05-11 17:57:22 +0200[diff] [blame]1114.PHONY: default all_final all
Gilles Peskineea8d6972017-11-28 17:30:52 +0100[diff] [blame]1115.PHONY: keys_rsa_all
1116.PHONY: keys_rsa_unenc keys_rsa_enc_basic
1117.PHONY: keys_rsa_enc_pkcs8_v1 keys_rsa_enc_pkcs8_v2
1118.PHONY: keys_rsa_enc_basic_1024 keys_rsa_enc_basic_2048 keys_rsa_enc_basic_4096
1119.PHONY: keys_rsa_enc_pkcs8_v1_1024 keys_rsa_enc_pkcs8_v2_1024
1120.PHONY: keys_rsa_enc_pkcs8_v1_2048 keys_rsa_enc_pkcs8_v2_2048
1121.PHONY: keys_rsa_enc_pkcs8_v1_4096 keys_rsa_enc_pkcs8_v2_4096
1122.PHONY: server1_all
Gilles Peskinefd14bca2017-05-11 17:57:22 +0200[diff] [blame]1123
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]1124# These files should not be committed to the repository.
1125list_intermediate:
1126 @printf '%s\n' $(all_intermediate) | sort
1127# These files should be committed to the repository so that the test data is
1128# available upon checkout without running a randomized process depending on
1129# third-party tools.
1130list_final:
1131 @printf '%s\n' $(all_final) | sort
Gilles Peskinefd14bca2017-05-11 17:57:22 +0200[diff] [blame]1132.PHONY: list_intermediate list_final
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]1133
Gilles Peskinefd14bca2017-05-11 17:57:22 +0200[diff] [blame]1134## Remove intermediate files
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]1135clean:
1136 rm -f $(all_intermediate)
Gilles Peskinefd14bca2017-05-11 17:57:22 +0200[diff] [blame]1137## Remove all build products, even the ones that are committed
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]1138neat: clean
1139 rm -f $(all_final)
Gilles Peskinefd14bca2017-05-11 17:57:22 +0200[diff] [blame]1140.PHONY: clean neat