mirror of
https://git.suyu.dev/suyu/mbedtls.git
synced 2026-03-09 12:52:57 +00:00
Add build instructions to generate DER versions of CRTs and keys
This commit is contained in:
Hanno Becker
@@ -46,14 +46,30 @@ test-ca.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
|
||||
$(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144400 not_after=20210212144400 md=SHA1 version=3 output_file=$@
|
||||
all_final += test-ca.crt
|
||||
|
||||
test-ca.crt.der: test-ca.crt
|
||||
$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
|
||||
all_final += test-ca.crt.der
|
||||
|
||||
test-ca.key.der: $(test_ca_key_file_rsa)
|
||||
$(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER -passin "pass:$(test_ca_pwd_rsa)"
|
||||
all_final += test-ca.key.der
|
||||
|
||||
test-ca-sha1.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
|
||||
$(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144400 not_after=20210212144400 md=SHA1 version=3 output_file=$@
|
||||
all_final += test-ca-sha1.crt
|
||||
|
||||
test-ca-sha1.crt.der: test-ca-sha1.crt
|
||||
$(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER
|
||||
all_final += test-ca-sha1.crt.der
|
||||
|
||||
test-ca-sha256.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
|
||||
$(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144400 not_after=20210212144400 md=SHA256 version=3 output_file=$@
|
||||
all_final += test-ca-sha256.crt
|
||||
|
||||
test-ca-sha256.crt.der: test-ca-sha256.crt
|
||||
$(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER
|
||||
all_final += test-ca-sha256.crt.der
|
||||
|
||||
test_ca_key_file_rsa_alt = test-ca-alt.key
|
||||
|
||||
$(test_ca_key_file_rsa_alt):
|
||||
@@ -74,6 +90,14 @@ all_final += test-ca-good-alt.crt
|
||||
test_ca_crt_file_ec = test-ca2.crt
|
||||
test_ca_key_file_ec = test-ca2.key
|
||||
|
||||
test-ca2.crt.der: $(test_ca_crt_file_ec)
|
||||
$(OPENSSL) x509 -in $(test_ca_crt_file_ec) -out $@ -inform PEM -outform DER
|
||||
all_final += test-ca2.crt.der
|
||||
|
||||
test-ca2.key.der: $(test_ca_key_file_ec)
|
||||
$(OPENSSL) pkey -in $(test_ca_key_file_ec) -out $@ -inform PEM -outform DER
|
||||
all_final += test-ca2.key.der
|
||||
|
||||
test_ca_crt_cat12 = test-ca_cat12.crt
|
||||
$(test_ca_crt_cat12): $(test_ca_crt) $(test_ca_crt_file_ec)
|
||||
cat $(test_ca_crt) $(test_ca_crt_file_ec) > $@
|
||||
@@ -112,6 +136,14 @@ cli-rsa-sha256.crt: cli-rsa.csr
|
||||
$(MBEDTLS_CERT_WRITE) request_file=$< serial=4 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20110212144406 not_after=20210212144406 md=SHA256 version=3 output_file=$@
|
||||
all_final += cli-rsa-sha256.crt
|
||||
|
||||
cli-rsa-sha256.crt.der: cli-rsa-sha256.crt
|
||||
$(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER
|
||||
all_final += cli-rsa-sha256.crt.der
|
||||
|
||||
cli-rsa.key.der: $(cli_crt_key_file_rsa)
|
||||
$(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER
|
||||
all_final += cli-rsa.key.der
|
||||
|
||||
test_ca_int_rsa1 = test-int-ca.crt
|
||||
|
||||
server7.csr: server7.key
|
||||
@@ -130,6 +162,22 @@ server7_int-ca-exp.crt: server7.crt test-int-ca-exp.crt
|
||||
cat server7.crt test-int-ca-exp.crt > $@
|
||||
all_final += server7_int-ca-exp.crt
|
||||
|
||||
cli2.crt.der: cli2.crt
|
||||
$(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER
|
||||
all_final += cli2.crt.der
|
||||
|
||||
cli2.key.der: cli2.key
|
||||
$(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER
|
||||
all_final += cli2.key.der
|
||||
|
||||
server5.crt.der: server5.crt
|
||||
$(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER
|
||||
all_final += server5.crt.der
|
||||
|
||||
server5.key.der: server5.key
|
||||
$(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER
|
||||
all_final += server5.key.der
|
||||
|
||||
server5-ss-expired.crt: server5.key
|
||||
$(FAKETIME) -f -3653d $(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/OU=testsuite/CN=localhost" -days 3653 -sha256 -key $< -out $@
|
||||
all_final += server5-ss-expired.crt
|
||||
@@ -819,6 +867,18 @@ server2.req.sha256: server2.key
|
||||
$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=localhost" md=SHA256
|
||||
all_intermediate += server2.req.sha256
|
||||
|
||||
server2.crt.der: server2.crt
|
||||
$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
|
||||
all_final += server2.crt.der
|
||||
|
||||
server2-sha256.crt.der: server2-sha256.crt
|
||||
$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
|
||||
all_final += server2-sha256.crt.der
|
||||
|
||||
server2.key.der: server2.key
|
||||
$(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER
|
||||
all_final += server2.key.der
|
||||
|
||||
# server5*
|
||||
|
||||
# The use of 'Server 1' in the DN is intentional here, as the DN is hardcoded in the x509_write test suite.'
|
||||
|
||||
Reference in New Issue
Block a user