TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / d60e3780163174677150a89dcc4516ce90708dcf / . / tests / data_files / Makefile
blob: 2ed32e689003e0665eb33fae5262bbe66bded774 [file] [log] [blame]
Gilles Peskinefd14bca2017-05-11 17:57:22 +0200[diff] [blame]1## This file contains a record of how some of the test data was
2## generated. The final build products are committed to the repository
3## as well to make sure that the test data is identical. You do not
4## need to use this makefile unless you're extending mbed TLS's tests.
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]5
Gilles Peskinefd14bca2017-05-11 17:57:22 +0200[diff] [blame]6## Many data files were generated prior to the existence of this
7## makefile, so the method of their generation was not recorded.
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]8
Gilles Peskinefd14bca2017-05-11 17:57:22 +0200[diff] [blame]9## Note that in addition to depending on the version of the data
10## generation tool, many of the build outputs are randomized, so
11## running this makefile twice would not produce the same results.
12
13## Tools
14OPENSSL ?= openssl
Manuel Pégourié-Gonnard29d60fb2017-06-05 10:20:32 +0200[diff] [blame]15FAKETIME ?= faketime
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]16MBEDTLS_CERT_WRITE ?= $(PWD)/../../programs/x509/cert_write
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]17MBEDTLS_CERT_REQ ?= $(PWD)/../../programs/x509/cert_req
18
Gilles Peskinefd14bca2017-05-11 17:57:22 +0200[diff] [blame]19
20## Build the generated test data. Note that since the final outputs
21## are committed to the repository, this target should do nothing on a
22## fresh checkout. Furthermore, since the generation is randomized,
23## re-running the same targets may result in differing files. The goal
24## of this makefile is primarily to serve as a record of how the
25## targets were generated in the first place.
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]26default: all_final
27
28all_intermediate := # temporary files
29all_final := # files used by tests
30
Gilles Peskinefd14bca2017-05-11 17:57:22 +0200[diff] [blame]31
32
33################################################################
34#### Generate certificates from existing keys
35################################################################
36
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]37test_ca_crt = test-ca.crt
Gilles Peskinefd14bca2017-05-11 17:57:22 +0200[diff] [blame]38test_ca_key_file_rsa = test-ca.key
39test_ca_pwd_rsa = PolarSSLTest
40test_ca_config_file = test-ca.opensslconf
41
Hanno Beckerb8377752018-10-31 15:29:19 +0000[diff] [blame]42test-ca.req.sha256: $(test_ca_key_file_rsa)
43 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$(test_ca_key_file_rsa) password=$(test_ca_pwd_rsa) subject_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" md=SHA256
44all_intermediate += test-ca.req.sha256
45
46test-ca.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
47 $(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144400 not_after=20210212144400 md=SHA1 version=3 output_file=$@
48all_final += test-ca.crt
49
50test-ca-sha1.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
51 $(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144400 not_after=20210212144400 md=SHA1 version=3 output_file=$@
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]52all_final += test-ca-sha1.crt
Hanno Beckerb8377752018-10-31 15:29:19 +0000[diff] [blame]53
54test-ca-sha256.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
55 $(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144400 not_after=20210212144400 md=SHA256 version=3 output_file=$@
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]56all_final += test-ca-sha256.crt
57
Manuel Pégourié-Gonnard2d825d42017-07-03 18:06:38 +0200[diff] [blame]58test_ca_key_file_rsa_alt = test-ca-alt.key
59
60$(test_ca_key_file_rsa_alt):
61 $(OPENSSL) genrsa -out $@ 2048
62test-ca-alt.csr: $(test_ca_key_file_rsa_alt) $(test_ca_config_file)
63 $(OPENSSL) req -new -config $(test_ca_config_file) -key $(test_ca_key_file_rsa_alt) -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test CA" -out $@
64all_intermediate += test-ca-alt.csr
65test-ca-alt.crt: $(test_ca_key_file_rsa_alt) $(test_ca_config_file) test-ca-alt.csr
66 $(OPENSSL) req -x509 -config $(test_ca_config_file) -key $(test_ca_key_file_rsa_alt) -set_serial 0 -days 3653 -sha256 -in test-ca-alt.csr -out $@
67all_final += test-ca-alt.crt
68test-ca-alt-good.crt: test-ca-alt.crt test-ca-sha256.crt
69 cat test-ca-alt.crt test-ca-sha256.crt > $@
70all_final += test-ca-alt-good.crt
71test-ca-good-alt.crt: test-ca-alt.crt test-ca-sha256.crt
72 cat test-ca-sha256.crt test-ca-alt.crt > $@
73all_final += test-ca-good-alt.crt
74
Manuel Pégourié-Gonnardbc313012017-06-27 12:51:52 +0200[diff] [blame]75test_ca_crt_file_ec = test-ca2.crt
76test_ca_key_file_ec = test-ca2.key
77
Hanno Beckerb9630812018-10-31 16:28:05 +0000[diff] [blame]78test_ca_crt_cat12 = test-ca_cat12.crt
79$(test_ca_crt_cat12): $(test_ca_crt) $(test_ca_crt_file_ec)
80 cat $(test_ca_crt) $(test_ca_crt_file_ec) > $@
81all_final += $(test_ca_crt_cat12)
82
83test_ca_crt_cat21 = test-ca_cat21.crt
84$(test_ca_crt_cat21): $(test_ca_crt) $(test_ca_crt_file_ec)
85 cat $(test_ca_crt_file_ec) $(test_ca_crt) > $@
86all_final += $(test_ca_crt_cat21)
87
Manuel Pégourié-Gonnardbc313012017-06-27 12:51:52 +0200[diff] [blame]88test-int-ca.csr: test-int-ca.key $(test_ca_config_file)
89 $(OPENSSL) req -new -config $(test_ca_config_file) -key test-int-ca.key -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test Intermediate CA" -out $@
90all_intermediate += test-int-ca.csr
Manuel Pégourié-Gonnard7ff243a2017-08-08 18:54:13 +0200[diff] [blame]91test-int-ca-exp.crt: $(test_ca_crt_file_ec) $(test_ca_key_file_ec) $(test_ca_config_file) test-int-ca.csr
Manuel Pégourié-Gonnardbc313012017-06-27 12:51:52 +0200[diff] [blame]92 $(FAKETIME) -f -3653d $(OPENSSL) x509 -req -extfile $(test_ca_config_file) -extensions v3_ca -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) -set_serial 14 -days 3653 -sha256 -in test-int-ca.csr -out $@
93all_final += test-int-ca-exp.crt
94
Manuel Pégourié-Gonnardfd3e4fb2018-03-13 11:53:30 +0100[diff] [blame]95crl-idp.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file)
96 $(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_config_file) -name test_ca -md sha256 -crldays 3653 -crlexts crl_ext_idp -out $@
Manuel Pégourié-Gonnarda63305d2018-03-14 12:23:56 +0100[diff] [blame]97all_final += crl-idp.pem
98crl-idpnc.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file)
99 $(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_config_file) -name test_ca -md sha256 -crldays 3653 -crlexts crl_ext_idp_nc -out $@
100all_final += crl-idpnc.pem
Manuel Pégourié-Gonnardfd3e4fb2018-03-13 11:53:30 +0100[diff] [blame]101
Gilles Peskinefd14bca2017-05-11 17:57:22 +0200[diff] [blame]102cli_crt_key_file_rsa = cli-rsa.key
103cli_crt_extensions_file = cli.opensslconf
104
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]105cli-rsa.csr: $(cli_crt_key_file_rsa)
Hanno Becker386f99c2018-11-01 17:20:22 +0000[diff] [blame]106 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Client 2" md=SHA1
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]107all_intermediate += cli-rsa.csr
Hanno Becker386f99c2018-11-01 17:20:22 +0000[diff] [blame]108
109cli-rsa-sha1.crt: cli-rsa.csr
110 $(MBEDTLS_CERT_WRITE) request_file=$< serial=4 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144406 not_after=20210212144406 md=SHA1 version=3 output_file=$@
111
112cli-rsa-sha256.crt: cli-rsa.csr
113 $(MBEDTLS_CERT_WRITE) request_file=$< serial=4 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144406 not_after=20210212144406 md=SHA256 version=3 output_file=$@
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]114all_final += cli-rsa-sha256.crt
115
Manuel Pégourié-Gonnard29d60fb2017-06-05 10:20:32 +0200[diff] [blame]116test_ca_int_rsa1 = test-int-ca.crt
117
118server7.csr: server7.key
119 $(OPENSSL) req -new -key server7.key -subj "/C=NL/O=PolarSSL/CN=localhost" -out $@
120all_intermediate += server7.csr
121server7-expired.crt: server7.csr $(test_ca_int_rsa1)
122 $(FAKETIME) -f -3653d $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa -CA $(test_ca_int_rsa1) -CAkey test-int-ca.key -set_serial 16 -days 3653 -sha256 -in server7.csr | cat - $(test_ca_int_rsa1) > $@
123all_final += server7-expired.crt
124server7-future.crt: server7.csr $(test_ca_int_rsa1)
125 $(FAKETIME) -f +3653d $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa -CA $(test_ca_int_rsa1) -CAkey test-int-ca.key -set_serial 16 -days 3653 -sha256 -in server7.csr | cat - $(test_ca_int_rsa1) > $@
126all_final += server7-future.crt
Manuel Pégourié-Gonnard4dfc04a2017-06-05 11:12:13 +0200[diff] [blame]127server7-badsign.crt: server7.crt $(test_ca_int_rsa1)
Manuel Pégourié-Gonnardd19a41d2017-07-14 11:05:59 +0200[diff] [blame]128 { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; cat $(test_ca_int_rsa1); } > $@
Manuel Pégourié-Gonnard4dfc04a2017-06-05 11:12:13 +0200[diff] [blame]129all_final += server7-badsign.crt
Manuel Pégourié-Gonnardbc313012017-06-27 12:51:52 +0200[diff] [blame]130server7_int-ca-exp.crt: server7.crt test-int-ca-exp.crt
131 cat server7.crt test-int-ca-exp.crt > $@
132all_final += server7_int-ca-exp.crt
133
134server5-ss-expired.crt: server5.key
135 $(FAKETIME) -f -3653d $(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/OU=testsuite/CN=localhost" -days 3653 -sha256 -key $< -out $@
136all_final += server5-ss-expired.crt
137
Manuel Pégourié-Gonnardc10afdb2017-06-29 09:48:08 +0200[diff] [blame]138# try to forge a copy of test-int-ca3 with different key
139server5-ss-forgeca.crt: server5.key
140 $(FAKETIME) '2015-09-01 14:08:43' $(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/CN=mbed TLS Test intermediate CA 3" -set_serial 77 -config $(test_ca_config_file) -extensions noext_ca -days 3650 -sha256 -key $< -out $@
141all_final += server5-ss-forgeca.crt
142
Manuel Pégourié-Gonnardd19a41d2017-07-14 11:05:59 +0200[diff] [blame]143server10-badsign.crt: server10.crt
144 { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@
145all_final += server10-badsign.crt
146server10-bs_int3.pem: server10-badsign.crt test-int-ca3.crt
147 cat server10-badsign.crt test-int-ca3.crt > $@
148all_final += server10-bs_int3.pem
149test-int-ca3-badsign.crt: test-int-ca3.crt
150 { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@
151all_final += test-int-ca3-badsign.crt
152server10_int3-bs.pem: server10.crt test-int-ca3-badsign.crt
153 cat server10.crt test-int-ca3-badsign.crt > $@
154all_final += server10-bs_int3-bs.pem
Manuel Pégourié-Gonnardc10afdb2017-06-29 09:48:08 +0200[diff] [blame]155
Ron Eldorb0065182017-10-16 12:40:27 +0300[diff] [blame]156rsa_pkcs1_2048_public.pem: server8.key
Ron Eldor3f2da842017-10-17 15:50:30 +0300[diff] [blame]157 $(OPENSSL) rsa -in $< -outform PEM -RSAPublicKey_out -out $@
158all_final += rsa_pkcs1_2048_public.pem
Gilles Peskineea8d6972017-11-28 17:30:52 +0100[diff] [blame]159
Ron Eldorb0065182017-10-16 12:40:27 +0300[diff] [blame]160rsa_pkcs1_2048_public.der: rsa_pkcs1_2048_public.pem
Ron Eldor3f2da842017-10-17 15:50:30 +0300[diff] [blame]161 $(OPENSSL) rsa -RSAPublicKey_in -in $< -outform DER -RSAPublicKey_out -out $@
162all_final += rsa_pkcs1_2048_public.der
163
164rsa_pkcs8_2048_public.pem: server8.key
165 $(OPENSSL) rsa -in $< -outform PEM -pubout -out $@
166all_final += rsa_pkcs8_2048_public.pem
167
168rsa_pkcs8_2048_public.der: rsa_pkcs8_2048_public.pem
169 $(OPENSSL) rsa -pubin -in $< -outform DER -pubout -out $@
Ron Eldorb0065182017-10-16 12:40:27 +0300[diff] [blame]170all_final += rsa_pkcs8_2048_public.der
Gilles Peskineea8d6972017-11-28 17:30:52 +0100[diff] [blame]171
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]172################################################################
173#### Generate various RSA keys
174################################################################
Gilles Peskinebc70a182017-05-09 15:59:24 +0200[diff] [blame]175
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]176### Password used for PKCS1-encoded encrypted RSA keys
177keys_rsa_basic_pwd = testkey
178
179### Password used for PKCS8-encoded encrypted RSA keys
180keys_rsa_pkcs8_pwd = PolarSSLTest
181
182### Basic 1024-, 2048- and 4096-bit unencrypted RSA keys from which
183### all other encrypted RSA keys are derived.
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]184rsa_pkcs1_1024_clear.pem:
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]185 $(OPENSSL) genrsa -out $@ 1024
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]186all_final += rsa_pkcs1_1024_clear.pem
187rsa_pkcs1_2048_clear.pem:
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]188 $(OPENSSL) genrsa -out $@ 2048
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]189all_final += rsa_pkcs1_2048_clear.pem
190rsa_pkcs1_4096_clear.pem:
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]191 $(OPENSSL) genrsa -out $@ 4096
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]192all_final += rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]193
194###
195### PKCS1-encoded, encrypted RSA keys
196###
197
198### 1024-bit
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]199rsa_pkcs1_1024_des.pem: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]200 $(OPENSSL) rsa -des -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]201all_final += rsa_pkcs1_1024_des.pem
202rsa_pkcs1_1024_3des.pem: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]203 $(OPENSSL) rsa -des3 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]204all_final += rsa_pkcs1_1024_3des.pem
205rsa_pkcs1_1024_aes128.pem: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]206 $(OPENSSL) rsa -aes128 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]207all_final += rsa_pkcs1_1024_aes128.pem
208rsa_pkcs1_1024_aes192.pem: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]209 $(OPENSSL) rsa -aes192 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]210all_final += rsa_pkcs1_1024_aes192.pem
211rsa_pkcs1_1024_aes256.pem: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]212 $(OPENSSL) rsa -aes256 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]213all_final += rsa_pkcs1_1024_aes256.pem
214keys_rsa_enc_basic_1024: rsa_pkcs1_1024_des.pem rsa_pkcs1_1024_3des.pem rsa_pkcs1_1024_aes128.pem rsa_pkcs1_1024_aes192.pem rsa_pkcs1_1024_aes256.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]215
216# 2048-bit
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]217rsa_pkcs1_2048_des.pem: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]218 $(OPENSSL) rsa -des -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]219all_final += rsa_pkcs1_2048_des.pem
220rsa_pkcs1_2048_3des.pem: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]221 $(OPENSSL) rsa -des3 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]222all_final += rsa_pkcs1_2048_3des.pem
223rsa_pkcs1_2048_aes128.pem: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]224 $(OPENSSL) rsa -aes128 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]225all_final += rsa_pkcs1_2048_aes128.pem
226rsa_pkcs1_2048_aes192.pem: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]227 $(OPENSSL) rsa -aes192 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]228all_final += rsa_pkcs1_2048_aes192.pem
229rsa_pkcs1_2048_aes256.pem: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]230 $(OPENSSL) rsa -aes256 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]231all_final += rsa_pkcs1_2048_aes256.pem
232keys_rsa_enc_basic_2048: rsa_pkcs1_2048_des.pem rsa_pkcs1_2048_3des.pem rsa_pkcs1_2048_aes128.pem rsa_pkcs1_2048_aes192.pem rsa_pkcs1_2048_aes256.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]233
234# 4096-bit
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]235rsa_pkcs1_4096_des.pem: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]236 $(OPENSSL) rsa -des -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]237all_final += rsa_pkcs1_4096_des.pem
238rsa_pkcs1_4096_3des.pem: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]239 $(OPENSSL) rsa -des3 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]240all_final += rsa_pkcs1_4096_3des.pem
241rsa_pkcs1_4096_aes128.pem: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]242 $(OPENSSL) rsa -aes128 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]243all_final += rsa_pkcs1_4096_aes128.pem
244rsa_pkcs1_4096_aes192.pem: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]245 $(OPENSSL) rsa -aes192 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]246all_final += rsa_pkcs1_4096_aes192.pem
247rsa_pkcs1_4096_aes256.pem: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]248 $(OPENSSL) rsa -aes256 -in $< -out $@ -passout "pass:$(keys_rsa_basic_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]249all_final += rsa_pkcs1_4096_aes256.pem
250keys_rsa_enc_basic_4096: rsa_pkcs1_4096_des.pem rsa_pkcs1_4096_3des.pem rsa_pkcs1_4096_aes128.pem rsa_pkcs1_4096_aes192.pem rsa_pkcs1_4096_aes256.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]251
252###
253### PKCS8-v1 encoded, encrypted RSA keys
254###
255
256### 1024-bit
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]257rsa_pkcs8_pbe_sha1_1024_3des.der: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]258 $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]259all_final += rsa_pkcs8_pbe_sha1_1024_3des.der
260rsa_pkcs8_pbe_sha1_1024_3des.pem: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]261 $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]262all_final += rsa_pkcs8_pbe_sha1_1024_3des.pem
263keys_rsa_enc_pkcs8_v1_1024_3des: rsa_pkcs8_pbe_sha1_1024_3des.pem rsa_pkcs8_pbe_sha1_1024_3des.der
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]264
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]265rsa_pkcs8_pbe_sha1_1024_2des.der: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]266 $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]267all_final += rsa_pkcs8_pbe_sha1_1024_2des.der
268rsa_pkcs8_pbe_sha1_1024_2des.pem: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]269 $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]270all_final += rsa_pkcs8_pbe_sha1_1024_2des.pem
271keys_rsa_enc_pkcs8_v1_1024_2des: rsa_pkcs8_pbe_sha1_1024_2des.pem rsa_pkcs8_pbe_sha1_1024_2des.der
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]272
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]273rsa_pkcs8_pbe_sha1_1024_rc4_128.der: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]274 $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]275all_final += rsa_pkcs8_pbe_sha1_1024_rc4_128.der
276rsa_pkcs8_pbe_sha1_1024_rc4_128.pem: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]277 $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]278all_final += rsa_pkcs8_pbe_sha1_1024_rc4_128.pem
279keys_rsa_enc_pkcs8_v1_1024_rc4_128: rsa_pkcs8_pbe_sha1_1024_rc4_128.pem rsa_pkcs8_pbe_sha1_1024_rc4_128.der
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]280
281keys_rsa_enc_pkcs8_v1_1024: keys_rsa_enc_pkcs8_v1_1024_3des keys_rsa_enc_pkcs8_v1_1024_2des keys_rsa_enc_pkcs8_v1_1024_rc4_128
282
283### 2048-bit
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]284rsa_pkcs8_pbe_sha1_2048_3des.der: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]285 $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]286all_final += rsa_pkcs8_pbe_sha1_2048_3des.der
287rsa_pkcs8_pbe_sha1_2048_3des.pem: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]288 $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]289all_final += rsa_pkcs8_pbe_sha1_2048_3des.pem
290keys_rsa_enc_pkcs8_v1_2048_3des: rsa_pkcs8_pbe_sha1_2048_3des.pem rsa_pkcs8_pbe_sha1_2048_3des.der
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]291
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]292rsa_pkcs8_pbe_sha1_2048_2des.der: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]293 $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]294all_final += rsa_pkcs8_pbe_sha1_2048_2des.der
295rsa_pkcs8_pbe_sha1_2048_2des.pem: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]296 $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]297all_final += rsa_pkcs8_pbe_sha1_2048_2des.pem
298keys_rsa_enc_pkcs8_v1_2048_2des: rsa_pkcs8_pbe_sha1_2048_2des.pem rsa_pkcs8_pbe_sha1_2048_2des.der
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]299
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]300rsa_pkcs8_pbe_sha1_2048_rc4_128.der: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]301 $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]302all_final += rsa_pkcs8_pbe_sha1_2048_rc4_128.der
303rsa_pkcs8_pbe_sha1_2048_rc4_128.pem: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]304 $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]305all_final += rsa_pkcs8_pbe_sha1_2048_rc4_128.pem
306keys_rsa_enc_pkcs8_v1_2048_rc4_128: rsa_pkcs8_pbe_sha1_2048_rc4_128.pem rsa_pkcs8_pbe_sha1_2048_rc4_128.der
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]307
308keys_rsa_enc_pkcs8_v1_2048: keys_rsa_enc_pkcs8_v1_2048_3des keys_rsa_enc_pkcs8_v1_2048_2des keys_rsa_enc_pkcs8_v1_2048_rc4_128
309
310### 4096-bit
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]311rsa_pkcs8_pbe_sha1_4096_3des.der: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]312 $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]313all_final += rsa_pkcs8_pbe_sha1_4096_3des.der
314rsa_pkcs8_pbe_sha1_4096_3des.pem: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]315 $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-3DES
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]316all_final += rsa_pkcs8_pbe_sha1_4096_3des.pem
317keys_rsa_enc_pkcs8_v1_4096_3des: rsa_pkcs8_pbe_sha1_4096_3des.pem rsa_pkcs8_pbe_sha1_4096_3des.der
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]318
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]319rsa_pkcs8_pbe_sha1_4096_2des.der: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]320 $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]321all_final += rsa_pkcs8_pbe_sha1_4096_2des.der
322rsa_pkcs8_pbe_sha1_4096_2des.pem: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]323 $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-2DES
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]324all_final += rsa_pkcs8_pbe_sha1_4096_2des.pem
325keys_rsa_enc_pkcs8_v1_4096_2des: rsa_pkcs8_pbe_sha1_4096_2des.pem rsa_pkcs8_pbe_sha1_4096_2des.der
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]326
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]327rsa_pkcs8_pbe_sha1_4096_rc4_128.der: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]328 $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]329all_final += rsa_pkcs8_pbe_sha1_4096_rc4_128.der
330rsa_pkcs8_pbe_sha1_4096_rc4_128.pem: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]331 $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]332all_final += rsa_pkcs8_pbe_sha1_4096_rc4_128.pem
333keys_rsa_enc_pkcs8_v1_4096_rc4_128: rsa_pkcs8_pbe_sha1_4096_rc4_128.pem rsa_pkcs8_pbe_sha1_4096_rc4_128.der
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]334
335keys_rsa_enc_pkcs8_v1_4096: keys_rsa_enc_pkcs8_v1_4096_3des keys_rsa_enc_pkcs8_v1_4096_2des keys_rsa_enc_pkcs8_v1_4096_rc4_128
336
337###
Antonio Quartullif476b9d2018-02-01 13:54:13 +0800[diff] [blame]338### PKCS8-v2 encoded, encrypted RSA keys, no PRF specified (default for OpenSSL1.0: hmacWithSHA1)
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]339###
340
341### 1024-bit
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]342rsa_pkcs8_pbes2_pbkdf2_1024_3des.der: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]343 $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]344all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des.der
345rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]346 $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]347all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem
348keys_rsa_enc_pkcs8_v2_1024_3des: rsa_pkcs8_pbes2_pbkdf2_1024_3des.der rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]349
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]350rsa_pkcs8_pbes2_pbkdf2_1024_des.der: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]351 $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]352all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des.der
353rsa_pkcs8_pbes2_pbkdf2_1024_des.pem: rsa_pkcs1_1024_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]354 $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]355all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des.pem
356keys_rsa_enc_pkcs8_v2_1024_des: rsa_pkcs8_pbes2_pbkdf2_1024_des.der rsa_pkcs8_pbes2_pbkdf2_1024_des.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]357
358keys_rsa_enc_pkcs8_v2_1024: keys_rsa_enc_pkcs8_v2_1024_3des keys_rsa_enc_pkcs8_v2_1024_des
359
360### 2048-bit
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]361rsa_pkcs8_pbes2_pbkdf2_2048_3des.der: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]362 $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]363all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des.der
364rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]365 $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]366all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem
367keys_rsa_enc_pkcs8_v2_2048_3des: rsa_pkcs8_pbes2_pbkdf2_2048_3des.der rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]368
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]369rsa_pkcs8_pbes2_pbkdf2_2048_des.der: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]370 $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]371all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des.der
372rsa_pkcs8_pbes2_pbkdf2_2048_des.pem: rsa_pkcs1_2048_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]373 $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]374all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des.pem
375keys_rsa_enc_pkcs8_v2_2048_des: rsa_pkcs8_pbes2_pbkdf2_2048_des.der rsa_pkcs8_pbes2_pbkdf2_2048_des.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]376
377keys_rsa_enc_pkcs8_v2_2048: keys_rsa_enc_pkcs8_v2_2048_3des keys_rsa_enc_pkcs8_v2_2048_des
378
379### 4096-bit
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]380rsa_pkcs8_pbes2_pbkdf2_4096_3des.der: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]381 $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]382all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des.der
383rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]384 $(OPENSSL) pkcs8 -topk8 -v2 des3 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]385all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem
386keys_rsa_enc_pkcs8_v2_4096_3des: rsa_pkcs8_pbes2_pbkdf2_4096_3des.der rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]387
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]388rsa_pkcs8_pbes2_pbkdf2_4096_des.der: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]389 $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]390all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des.der
391rsa_pkcs8_pbes2_pbkdf2_4096_des.pem: rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]392 $(OPENSSL) pkcs8 -topk8 -v2 des -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]393all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des.pem
394keys_rsa_enc_pkcs8_v2_4096_des: rsa_pkcs8_pbes2_pbkdf2_4096_des.der rsa_pkcs8_pbes2_pbkdf2_4096_des.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]395
396keys_rsa_enc_pkcs8_v2_4096: keys_rsa_enc_pkcs8_v2_4096_3des keys_rsa_enc_pkcs8_v2_4096_des
397
398###
Antonio Quartullif476b9d2018-02-01 13:54:13 +0800[diff] [blame]399### PKCS8-v2 encoded, encrypted RSA keys, PRF hmacWithSHA224
400###
401
402### 1024-bit
403rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der: rsa_pkcs1_1024_clear.pem
404 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
405all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der
406rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem: rsa_pkcs1_1024_clear.pem
407 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
408all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem
409keys_rsa_enc_pkcs8_v2_1024_3des_sha224: rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem
410
411rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der: rsa_pkcs1_1024_clear.pem
412 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
413all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der
414rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem: rsa_pkcs1_1024_clear.pem
415 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
416all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem
417keys_rsa_enc_pkcs8_v2_1024_des_sha224: rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem
418
419keys_rsa_enc_pkcs8_v2_1024_sha224: keys_rsa_enc_pkcs8_v2_1024_3des_sha224 keys_rsa_enc_pkcs8_v2_1024_des_sha224
420
421### 2048-bit
422rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der: rsa_pkcs1_2048_clear.pem
423 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
424all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der
425rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem: rsa_pkcs1_2048_clear.pem
426 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
427all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem
428keys_rsa_enc_pkcs8_v2_2048_3des_sha224: rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem
429
430rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der: rsa_pkcs1_2048_clear.pem
431 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
432all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der
433rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem: rsa_pkcs1_2048_clear.pem
434 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
435all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem
436keys_rsa_enc_pkcs8_v2_2048_des_sha224: rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem
437
438keys_rsa_enc_pkcs8_v2_2048_sha224: keys_rsa_enc_pkcs8_v2_2048_3des_sha224 keys_rsa_enc_pkcs8_v2_2048_des_sha224
439
440### 4096-bit
441rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der: rsa_pkcs1_4096_clear.pem
442 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
443all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der
444rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem: rsa_pkcs1_4096_clear.pem
445 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
446all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem
447keys_rsa_enc_pkcs8_v2_4096_3des_sha224: rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem
448
449rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der: rsa_pkcs1_4096_clear.pem
450 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
451all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der
452rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem: rsa_pkcs1_4096_clear.pem
453 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA224 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
454all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem
455keys_rsa_enc_pkcs8_v2_4096_des_sha224: rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem
456
457keys_rsa_enc_pkcs8_v2_4096_sha224: keys_rsa_enc_pkcs8_v2_4096_3des_sha224 keys_rsa_enc_pkcs8_v2_4096_des_sha224
458
459###
460### PKCS8-v2 encoded, encrypted RSA keys, PRF hmacWithSHA256
461###
462
463### 1024-bit
464rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der: rsa_pkcs1_1024_clear.pem
465 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
466all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der
467rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem: rsa_pkcs1_1024_clear.pem
468 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
469all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem
470keys_rsa_enc_pkcs8_v2_1024_3des_sha256: rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem
471
472rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der: rsa_pkcs1_1024_clear.pem
473 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
474all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der
475rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem: rsa_pkcs1_1024_clear.pem
476 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
477all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem
478keys_rsa_enc_pkcs8_v2_1024_des_sha256: rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem
479
480keys_rsa_enc_pkcs8_v2_1024_sha256: keys_rsa_enc_pkcs8_v2_1024_3des_sha256 keys_rsa_enc_pkcs8_v2_1024_des_sha256
481
482### 2048-bit
483rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der: rsa_pkcs1_2048_clear.pem
484 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
485all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der
486rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem: rsa_pkcs1_2048_clear.pem
487 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
488all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem
489keys_rsa_enc_pkcs8_v2_2048_3des_sha256: rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem
490
491rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der: rsa_pkcs1_2048_clear.pem
492 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
493all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der
494rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem: rsa_pkcs1_2048_clear.pem
495 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
496all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem
497keys_rsa_enc_pkcs8_v2_2048_des_sha256: rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem
498
499keys_rsa_enc_pkcs8_v2_2048_sha256: keys_rsa_enc_pkcs8_v2_2048_3des_sha256 keys_rsa_enc_pkcs8_v2_2048_des_sha256
500
501### 4096-bit
502rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der: rsa_pkcs1_4096_clear.pem
503 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
504all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der
505rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem: rsa_pkcs1_4096_clear.pem
506 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
507all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem
508keys_rsa_enc_pkcs8_v2_4096_3des_sha256: rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem
509
510rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der: rsa_pkcs1_4096_clear.pem
511 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
512all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der
513rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem: rsa_pkcs1_4096_clear.pem
514 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA256 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
515all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem
516keys_rsa_enc_pkcs8_v2_4096_des_sha256: rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem
517
518keys_rsa_enc_pkcs8_v2_4096_sha256: keys_rsa_enc_pkcs8_v2_4096_3des_sha256 keys_rsa_enc_pkcs8_v2_4096_des_sha256
519
520###
521### PKCS8-v2 encoded, encrypted RSA keys, PRF hmacWithSHA384
522###
523
524### 1024-bit
525rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der: rsa_pkcs1_1024_clear.pem
526 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
527all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der
528rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem: rsa_pkcs1_1024_clear.pem
529 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
530all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem
531keys_rsa_enc_pkcs8_v2_1024_3des_sha384: rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem
532
533rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der: rsa_pkcs1_1024_clear.pem
534 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
535all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der
536rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem: rsa_pkcs1_1024_clear.pem
537 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
538all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem
539keys_rsa_enc_pkcs8_v2_1024_des_sha384: rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem
540
541keys_rsa_enc_pkcs8_v2_1024_sha384: keys_rsa_enc_pkcs8_v2_1024_3des_sha384 keys_rsa_enc_pkcs8_v2_1024_des_sha384
542
543### 2048-bit
544rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der: rsa_pkcs1_2048_clear.pem
545 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
546all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der
547rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem: rsa_pkcs1_2048_clear.pem
548 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
549all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem
550keys_rsa_enc_pkcs8_v2_2048_3des_sha384: rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem
551
552rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der: rsa_pkcs1_2048_clear.pem
553 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
554all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der
555rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem: rsa_pkcs1_2048_clear.pem
556 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
557all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem
558keys_rsa_enc_pkcs8_v2_2048_des_sha384: rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem
559
560keys_rsa_enc_pkcs8_v2_2048_sha384: keys_rsa_enc_pkcs8_v2_2048_3des_sha384 keys_rsa_enc_pkcs8_v2_2048_des_sha384
561
562### 4096-bit
563rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der: rsa_pkcs1_4096_clear.pem
564 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
565all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der
566rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem: rsa_pkcs1_4096_clear.pem
567 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
568all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem
569keys_rsa_enc_pkcs8_v2_4096_3des_sha384: rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem
570
571rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der: rsa_pkcs1_4096_clear.pem
572 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
573all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der
574rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem: rsa_pkcs1_4096_clear.pem
575 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA384 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
576all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem
577keys_rsa_enc_pkcs8_v2_4096_des_sha384: rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem
578
579keys_rsa_enc_pkcs8_v2_4096_sha384: keys_rsa_enc_pkcs8_v2_4096_3des_sha384 keys_rsa_enc_pkcs8_v2_4096_des_sha384
580
581###
582### PKCS8-v2 encoded, encrypted RSA keys, PRF hmacWithSHA512
583###
584
585### 1024-bit
586rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der: rsa_pkcs1_1024_clear.pem
587 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
588all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der
589rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem: rsa_pkcs1_1024_clear.pem
590 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
591all_final += rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem
592keys_rsa_enc_pkcs8_v2_1024_3des_sha512: rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem
593
594rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der: rsa_pkcs1_1024_clear.pem
595 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
596all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der
597rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem: rsa_pkcs1_1024_clear.pem
598 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
599all_final += rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem
600keys_rsa_enc_pkcs8_v2_1024_des_sha512: rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem
601
602keys_rsa_enc_pkcs8_v2_1024_sha512: keys_rsa_enc_pkcs8_v2_1024_3des_sha512 keys_rsa_enc_pkcs8_v2_1024_des_sha512
603
604### 2048-bit
605rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der: rsa_pkcs1_2048_clear.pem
606 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
607all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der
608rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem: rsa_pkcs1_2048_clear.pem
609 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
610all_final += rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem
611keys_rsa_enc_pkcs8_v2_2048_3des_sha512: rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem
612
613rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der: rsa_pkcs1_2048_clear.pem
614 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
615all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der
616rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem: rsa_pkcs1_2048_clear.pem
617 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
618all_final += rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem
619keys_rsa_enc_pkcs8_v2_2048_des_sha512: rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem
620
621keys_rsa_enc_pkcs8_v2_2048_sha512: keys_rsa_enc_pkcs8_v2_2048_3des_sha512 keys_rsa_enc_pkcs8_v2_2048_des_sha512
622
623### 4096-bit
624rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der: rsa_pkcs1_4096_clear.pem
625 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
626all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der
627rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem: rsa_pkcs1_4096_clear.pem
628 $(OPENSSL) pkcs8 -topk8 -v2 des3 -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
629all_final += rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem
630keys_rsa_enc_pkcs8_v2_4096_3des_sha512: rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem
631
632rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der: rsa_pkcs1_4096_clear.pem
633 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
634all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der
635rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem: rsa_pkcs1_4096_clear.pem
636 $(OPENSSL) pkcs8 -topk8 -v2 des -v2prf hmacWithSHA512 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)"
637all_final += rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem
638keys_rsa_enc_pkcs8_v2_4096_des_sha512: rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem
639
640keys_rsa_enc_pkcs8_v2_4096_sha512: keys_rsa_enc_pkcs8_v2_4096_3des_sha512 keys_rsa_enc_pkcs8_v2_4096_des_sha512
641
642###
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]643### Rules to generate all RSA keys from a particular class
644###
645
646### Generate basic unencrypted RSA keys
Hanno Becker08a36dd2017-09-29 20:05:23 +0100[diff] [blame]647keys_rsa_unenc: rsa_pkcs1_1024_clear.pem rsa_pkcs1_2048_clear.pem rsa_pkcs1_4096_clear.pem
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]648
649### Generate PKCS1-encoded encrypted RSA keys
650keys_rsa_enc_basic: keys_rsa_enc_basic_1024 keys_rsa_enc_basic_2048 keys_rsa_enc_basic_4096
651
652### Generate PKCS8-v1 encrypted RSA keys
653keys_rsa_enc_pkcs8_v1: keys_rsa_enc_pkcs8_v1_1024 keys_rsa_enc_pkcs8_v1_2048 keys_rsa_enc_pkcs8_v1_4096
654
655### Generate PKCS8-v2 encrypted RSA keys
Antonio Quartullif476b9d2018-02-01 13:54:13 +0800[diff] [blame]656keys_rsa_enc_pkcs8_v2: keys_rsa_enc_pkcs8_v2_1024 keys_rsa_enc_pkcs8_v2_2048 keys_rsa_enc_pkcs8_v2_4096 keys_rsa_enc_pkcs8_v2_1024_sha224 keys_rsa_enc_pkcs8_v2_2048_sha224 keys_rsa_enc_pkcs8_v2_4096_sha224 keys_rsa_enc_pkcs8_v2_1024_sha256 keys_rsa_enc_pkcs8_v2_2048_sha256 keys_rsa_enc_pkcs8_v2_4096_sha256 keys_rsa_enc_pkcs8_v2_1024_sha384 keys_rsa_enc_pkcs8_v2_2048_sha384 keys_rsa_enc_pkcs8_v2_4096_sha384 keys_rsa_enc_pkcs8_v2_1024_sha512 keys_rsa_enc_pkcs8_v2_2048_sha512 keys_rsa_enc_pkcs8_v2_4096_sha512
Hanno Beckerd16f6122017-09-05 09:23:50 +0100[diff] [blame]657
658### Generate all RSA keys
659keys_rsa_all: keys_rsa_unenc keys_rsa_enc_basic keys_rsa_enc_pkcs8_v1 keys_rsa_enc_pkcs8_v2
660
Jethro Beekmand2df9362018-02-16 13:11:04 -0800[diff] [blame]661################################################################
662#### Generate various EC keys
663################################################################
Gilles Peskineea8d6972017-11-28 17:30:52 +0100[diff] [blame]664
Jethro Beekmand2df9362018-02-16 13:11:04 -0800[diff] [blame]665###
666### PKCS8 encoded
667###
668
669ec_prv.pk8.der:
670 $(OPENSSL) genpkey -algorithm EC -pkeyopt ec_paramgen_curve:prime192v1 -pkeyopt ec_param_enc:named_curve -out $@ -outform DER
671all_final += ec_prv.pk8.der
672
673# ### Instructions for creating `ec_prv.pk8nopub.der`,
674# ### `ec_prv.pk8nopubparam.der`, and `ec_prv.pk8param.der` by hand from
675# ### `ec_prv.pk8.der`.
676#
677# These instructions assume you are familiar with ASN.1 DER encoding and can
678# use a hex editor to manipulate DER.
679#
680# The relevant ASN.1 definitions for a PKCS#8 encoded Elliptic Curve key are:
681#
682# PrivateKeyInfo ::= SEQUENCE {
683# version Version,
684# privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
685# privateKey PrivateKey,
686# attributes [0] IMPLICIT Attributes OPTIONAL
687# }
688#
689# AlgorithmIdentifier ::= SEQUENCE {
690# algorithm OBJECT IDENTIFIER,
691# parameters ANY DEFINED BY algorithm OPTIONAL
692# }
693#
694# ECParameters ::= CHOICE {
695# namedCurve OBJECT IDENTIFIER
696# -- implicitCurve NULL
697# -- specifiedCurve SpecifiedECDomain
698# }
699#
700# ECPrivateKey ::= SEQUENCE {
701# version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
702# privateKey OCTET STRING,
703# parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
704# publicKey [1] BIT STRING OPTIONAL
705# }
706#
707# `ec_prv.pk8.der` as generatde above by OpenSSL should have the following
708# fields:
709#
710# * privateKeyAlgorithm namedCurve
711# * privateKey.parameters NOT PRESENT
712# * privateKey.publicKey PRESENT
713# * attributes NOT PRESENT
714#
715# # ec_prv.pk8nopub.der
716#
717# Take `ec_prv.pk8.der` and remove `privateKey.publicKey`.
718#
719# # ec_prv.pk8nopubparam.der
720#
721# Take `ec_prv.pk8nopub.der` and add `privateKey.parameters`, the same value as
722# `privateKeyAlgorithm.namedCurve`. Don't forget to add the explicit tag.
723#
724# # ec_prv.pk8param.der
725#
726# Take `ec_prv.pk8.der` and add `privateKey.parameters`, the same value as
727# `privateKeyAlgorithm.namedCurve`. Don't forget to add the explicit tag.
728
729ec_prv.pk8.pem: ec_prv.pk8.der
730 $(OPENSSL) pkey -in $< -inform DER -out $@
731all_final += ec_prv.pk8.pem
732ec_prv.pk8nopub.pem: ec_prv.pk8nopub.der
733 $(OPENSSL) pkey -in $< -inform DER -out $@
734all_final += ec_prv.pk8nopub.pem
735ec_prv.pk8nopubparam.pem: ec_prv.pk8nopubparam.der
736 $(OPENSSL) pkey -in $< -inform DER -out $@
737all_final += ec_prv.pk8nopubparam.pem
738ec_prv.pk8param.pem: ec_prv.pk8param.der
739 $(OPENSSL) pkey -in $< -inform DER -out $@
740all_final += ec_prv.pk8param.pem
Gilles Peskineea8d6972017-11-28 17:30:52 +0100[diff] [blame]741
742################################################################
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]743### Generate CSRs for X.509 write test suite
744################################################################
745
746server1.req.sha1: server1.key
747 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
748all_final += server1.req.sha1
749
750server1.req.md4: server1.key
751 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=MD4
752all_final += server1.req.md4
753
754server1.req.md5: server1.key
755 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=MD5
756all_final += server1.req.md5
757
758server1.req.sha224: server1.key
759 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA224
760all_final += server1.req.sha224
761
762server1.req.sha256: server1.key
763 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA256
764all_final += server1.req.sha256
765
766server1.req.sha384: server1.key
767 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA384
768all_final += server1.req.sha384
769
770server1.req.sha512: server1.key
771 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA512
772all_final += server1.req.sha512
773
774server1.req.cert_type: server1.key
775 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< ns_cert_type=ssl_server subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
776all_final += server1.req.cert_type
777
778server1.req.key_usage: server1.key
779 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation,key_encipherment subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
780all_final += server1.req.key_usage
781
782server1.req.ku-ct: server1.key
783 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation,key_encipherment ns_cert_type=ssl_server subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
784all_final += server1.req.ku-ct
785
Hanno Beckerebc1f402018-10-31 16:35:59 +0000[diff] [blame]786# server2*
787
788server2.req.sha256: server2.key
789 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=localhost" md=SHA256
790all_intermediate += server2.req.sha256
791
Hanno Becker0dd11392018-11-02 08:56:15 +0000[diff] [blame]792# server5*
793
794# The use of 'Server 1' in the DN is intentional here, as the DN is hardcoded in the x509_write test suite.'
795server5.req.ku.sha1: server5.key
796 $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
797all_final += server5.req.ku.sha1
798
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]799################################################################
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]800### Generate certificates for CRT write check tests
Gilles Peskineea8d6972017-11-28 17:30:52 +0100[diff] [blame]801################################################################
802
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]803### The test files use the Mbed TLS generated certificates server1*.crt,
804### but for comparison with OpenSSL also rules for OpenSSL-generated
805### certificates server1*.crt.openssl are offered.
806###
807### Known differences:
808### * OpenSSL encodes trailing zero-bits in bit-strings occurring in X.509 extension
809### as unused bits, while Mbed TLS doesn't.
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]810
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]811test_ca_server1_db = test-ca.server1.db
812test_ca_server1_serial = test-ca.server1.serial
813test_ca_server1_config_file = test-ca.server1.opensslconf
814
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]815# server1*
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]816
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]817server1.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
818 $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20110212144406 not_after=20210212144406 md=SHA1 version=3 output_file=$@
819server1.noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
820 $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144406 not_after=20210212144406 md=SHA1 authority_identifier=0 version=3 output_file=$@
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]821server1.der: server1.crt
822 $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
823all_final += server1.crt server1.noauthid.crt server1.der
824
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]825server1.key_usage.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
826 $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20110212144406 not_after=20210212144406 md=SHA1 key_usage=digital_signature,non_repudiation,key_encipherment version=3 output_file=$@
827server1.key_usage_noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
828 $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20110212144406 not_after=20210212144406 md=SHA1 key_usage=digital_signature,non_repudiation,key_encipherment authority_identifier=0 version=3 output_file=$@
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]829server1.key_usage.der: server1.key_usage.crt
830 $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
831all_final += server1.key_usage.crt server1.key_usage_noauthid.crt server1.key_usage.der
832
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]833server1.cert_type.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
834 $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20110212144406 not_after=20210212144406 md=SHA1 ns_cert_type=ssl_server version=3 output_file=$@
835server1.cert_type_noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
836 $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20110212144406 not_after=20210212144406 md=SHA1 ns_cert_type=ssl_server authority_identifier=0 version=3 output_file=$@
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]837server1.cert_type.der: server1.cert_type.crt
838 $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
839all_final += server1.cert_type.crt server1.cert_type_noauthid.crt server1.cert_type.der
840
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]841server1.v1.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
842 $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20110212144406 not_after=20210212144406 md=SHA1 version=1 output_file=$@
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]843server1.v1.der: server1.v1.crt
844 $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
845all_final += server1.v1.crt server1.v1.der
846
847# OpenSSL-generated certificates for comparison
Hanno Becker81535d02017-09-13 15:39:59 +0100[diff] [blame]848# Also provide certificates in DER format to allow
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]849# direct binary comparison using e.g. dumpasn1
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]850server1.crt.openssl server1.key_usage.crt.openssl server1.cert_type.crt.openssl: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_server1_config_file)
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]851 echo "01" > $(test_ca_server1_serial)
852 rm -f $(test_ca_server1_db)
853 touch $(test_ca_server1_db)
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]854 $(OPENSSL) ca -batch -passin "pass:$(test_ca_pwd_rsa)" -config $(test_ca_server1_config_file) -in server1.req.sha256 -extensions v3_ext -extfile $@.v3_ext -out $@
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]855server1.der.openssl: server1.crt.openssl
856 $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
857server1.key_usage.der.openssl: server1.key_usage.crt.openssl
858 $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
859server1.cert_type.der.openssl: server1.cert_type.crt.openssl
860 $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
861
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]862server1.v1.crt.openssl: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_server1_config_file)
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]863 echo "01" > $(test_ca_server1_serial)
864 rm -f $(test_ca_server1_db)
865 touch $(test_ca_server1_db)
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]866 $(OPENSSL) ca -batch -passin "pass:$(test_ca_pwd_rsa)" -config $(test_ca_server1_config_file) -in server1.req.sha256 -out $@
Hanno Becker418a6222017-09-14 07:51:28 +0100[diff] [blame]867server1.v1.der.openssl: server1.v1.crt.openssl
868 $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
869
Hanno Becker50cb93a2018-10-08 17:15:28 +0100[diff] [blame]870server1_all: server1.crt server1.noauthid.crt server1.crt.openssl server1.v1.crt server1.v1.crt.openssl server1.key_usage.crt server1.key_usage_noauthid.crt server1.key_usage.crt.openssl server1.cert_type.crt server1.cert_type_noauthid.crt server1.cert_type.crt.openssl server1.der server1.der.openssl server1.v1.der server1.v1.der.openssl server1.key_usage.der server1.key_usage.der.openssl server1.cert_type.der server1.cert_type.der.openssl
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]871
Hanno Beckerebc1f402018-10-31 16:35:59 +0000[diff] [blame]872# server2*
873
874server2.crt: server2.req.sha256
875 $(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=2 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144406 not_after=20210212144406 md=SHA1 version=3 output_file=$@
876all_final += server2.crt
877
878server2-sha256.crt: server2.req.sha256
879 $(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=2 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144406 not_after=20210212144406 md=SHA256 version=3 output_file=$@
880all_final += server2-sha256.crt
881
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]882
883
Gilles Peskinefd14bca2017-05-11 17:57:22 +0200[diff] [blame]884################################################################
885#### Meta targets
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]886################################################################
887
888all_final: $(all_final)
889all: $(all_intermediate) $(all_final)
890
891.PHONY: default all_final all
Gilles Peskineea8d6972017-11-28 17:30:52 +0100[diff] [blame]892.PHONY: keys_rsa_all
893.PHONY: keys_rsa_unenc keys_rsa_enc_basic
894.PHONY: keys_rsa_enc_pkcs8_v1 keys_rsa_enc_pkcs8_v2
895.PHONY: keys_rsa_enc_basic_1024 keys_rsa_enc_basic_2048 keys_rsa_enc_basic_4096
896.PHONY: keys_rsa_enc_pkcs8_v1_1024 keys_rsa_enc_pkcs8_v2_1024
897.PHONY: keys_rsa_enc_pkcs8_v1_2048 keys_rsa_enc_pkcs8_v2_2048
898.PHONY: keys_rsa_enc_pkcs8_v1_4096 keys_rsa_enc_pkcs8_v2_4096
899.PHONY: server1_all
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]900
901# These files should not be committed to the repository.
902list_intermediate:
903 @printf '%s\n' $(all_intermediate) | sort
904# These files should be committed to the repository so that the test data is
905# available upon checkout without running a randomized process depending on
906# third-party tools.
907list_final:
908 @printf '%s\n' $(all_final) | sort
Gilles Peskinefd14bca2017-05-11 17:57:22 +0200[diff] [blame]909.PHONY: list_intermediate list_final
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]910
Gilles Peskinefd14bca2017-05-11 17:57:22 +0200[diff] [blame]911## Remove intermediate files
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]912clean:
913 rm -f $(all_intermediate)
Gilles Peskinefd14bca2017-05-11 17:57:22 +0200[diff] [blame]914## Remove all build products, even the ones that are committed
Gilles Peskinef040a172017-05-05 18:56:12 +0200[diff] [blame]915neat: clean
916 rm -f $(all_final)
Gilles Peskinefd14bca2017-05-11 17:57:22 +0200[diff] [blame]917.PHONY: clean neat